From owner-svn-src-user@FreeBSD.ORG Tue Nov 4 11:54:27 2008 Return-Path: Delivered-To: svn-src-user@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 24C281065677; Tue, 4 Nov 2008 11:54:27 +0000 (UTC) (envelope-from dfr@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 0F1848FC22; Tue, 4 Nov 2008 11:54:27 +0000 (UTC) (envelope-from dfr@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id mA4BsRLw095692; Tue, 4 Nov 2008 11:54:27 GMT (envelope-from dfr@svn.freebsd.org) Received: (from dfr@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id mA4BsQ2E095680; Tue, 4 Nov 2008 11:54:26 GMT (envelope-from dfr@svn.freebsd.org) Message-Id: <200811041154.mA4BsQ2E095680@svn.freebsd.org> From: Doug Rabson Date: Tue, 4 Nov 2008 11:54:26 +0000 (UTC) To: src-committers@freebsd.org, svn-src-user@freebsd.org X-SVN-Group: user MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r184626 - in user/dfr/gssapi/7/sys: . compat/freebsd32 conf fs/unionfs kern kgssapi modules/kgssapi modules/kgssapi_krb5 modules/nfsclient modules/nfsserver nfsclient nfsserver nlm rpc ... X-BeenThere: svn-src-user@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the experimental " user" src tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Nov 2008 11:54:27 -0000 Author: dfr Date: Tue Nov 4 11:54:26 2008 New Revision: 184626 URL: http://svn.freebsd.org/changeset/base/184626 Log: Merged /head/sys:r183005,184588 Added: user/dfr/gssapi/7/sys/kgssapi/ - copied from r184588, head/sys/kgssapi/ user/dfr/gssapi/7/sys/modules/kgssapi/ - copied from r184588, head/sys/modules/kgssapi/ user/dfr/gssapi/7/sys/modules/kgssapi_krb5/ - copied from r184588, head/sys/modules/kgssapi_krb5/ user/dfr/gssapi/7/sys/nfsclient/nfs_krpc.c - copied unchanged from r184588, head/sys/nfsclient/nfs_krpc.c user/dfr/gssapi/7/sys/nfsserver/nfs_fha.c - copied unchanged from r184588, head/sys/nfsserver/nfs_fha.c user/dfr/gssapi/7/sys/nfsserver/nfs_fha.h - copied unchanged from r184588, head/sys/nfsserver/nfs_fha.h user/dfr/gssapi/7/sys/nfsserver/nfs_srvkrpc.c - copied unchanged from r184588, head/sys/nfsserver/nfs_srvkrpc.c user/dfr/gssapi/7/sys/rpc/replay.c - copied unchanged from r184588, head/sys/rpc/replay.c user/dfr/gssapi/7/sys/rpc/replay.h - copied unchanged from r184588, head/sys/rpc/replay.h user/dfr/gssapi/7/sys/rpc/rpcsec_gss/ - copied from r184588, head/sys/rpc/rpcsec_gss/ user/dfr/gssapi/7/sys/rpc/rpcsec_gss.h - copied unchanged from r184588, head/sys/rpc/rpcsec_gss.h Modified: user/dfr/gssapi/7/sys/ (props changed) user/dfr/gssapi/7/sys/compat/freebsd32/syscalls.master user/dfr/gssapi/7/sys/conf/files user/dfr/gssapi/7/sys/conf/options user/dfr/gssapi/7/sys/fs/unionfs/union_vfsops.c user/dfr/gssapi/7/sys/kern/syscalls.master user/dfr/gssapi/7/sys/kern/vfs_export.c user/dfr/gssapi/7/sys/kern/vfs_mount.c user/dfr/gssapi/7/sys/modules/nfsclient/Makefile user/dfr/gssapi/7/sys/modules/nfsserver/Makefile user/dfr/gssapi/7/sys/nfsclient/nfs.h user/dfr/gssapi/7/sys/nfsclient/nfs_socket.c user/dfr/gssapi/7/sys/nfsclient/nfs_subs.c user/dfr/gssapi/7/sys/nfsclient/nfs_vfsops.c user/dfr/gssapi/7/sys/nfsclient/nfsmount.h user/dfr/gssapi/7/sys/nfsserver/nfs.h user/dfr/gssapi/7/sys/nfsserver/nfs_serv.c user/dfr/gssapi/7/sys/nfsserver/nfs_srvcache.c user/dfr/gssapi/7/sys/nfsserver/nfs_srvsock.c user/dfr/gssapi/7/sys/nfsserver/nfs_srvsubs.c user/dfr/gssapi/7/sys/nfsserver/nfs_syscalls.c user/dfr/gssapi/7/sys/nfsserver/nfsm_subs.h user/dfr/gssapi/7/sys/nfsserver/nfsrvcache.h user/dfr/gssapi/7/sys/nlm/nlm.h user/dfr/gssapi/7/sys/nlm/nlm_advlock.c user/dfr/gssapi/7/sys/nlm/nlm_prot_impl.c user/dfr/gssapi/7/sys/nlm/nlm_prot_svc.c user/dfr/gssapi/7/sys/rpc/auth.h user/dfr/gssapi/7/sys/rpc/auth_none.c user/dfr/gssapi/7/sys/rpc/auth_unix.c user/dfr/gssapi/7/sys/rpc/clnt.h user/dfr/gssapi/7/sys/rpc/clnt_dg.c user/dfr/gssapi/7/sys/rpc/clnt_rc.c user/dfr/gssapi/7/sys/rpc/clnt_vc.c user/dfr/gssapi/7/sys/rpc/rpc_com.h user/dfr/gssapi/7/sys/rpc/rpc_generic.c user/dfr/gssapi/7/sys/rpc/rpc_msg.h user/dfr/gssapi/7/sys/rpc/rpc_prot.c user/dfr/gssapi/7/sys/rpc/svc.c user/dfr/gssapi/7/sys/rpc/svc.h user/dfr/gssapi/7/sys/rpc/svc_auth.c user/dfr/gssapi/7/sys/rpc/svc_auth.h user/dfr/gssapi/7/sys/rpc/svc_auth_unix.c user/dfr/gssapi/7/sys/rpc/svc_dg.c user/dfr/gssapi/7/sys/rpc/svc_generic.c user/dfr/gssapi/7/sys/rpc/svc_vc.c user/dfr/gssapi/7/sys/rpc/xdr.h user/dfr/gssapi/7/sys/sys/mount.h user/dfr/gssapi/7/sys/xdr/xdr_mbuf.c Modified: user/dfr/gssapi/7/sys/compat/freebsd32/syscalls.master ============================================================================== --- user/dfr/gssapi/7/sys/compat/freebsd32/syscalls.master Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/compat/freebsd32/syscalls.master Tue Nov 4 11:54:26 2008 (r184626) @@ -824,3 +824,4 @@ uint32_t idlo, uint32_t idhi, \ size_t cpusetsize, \ const cpuset_t *mask); } +505 AUE_NULL UNIMPL gssd_syscall Modified: user/dfr/gssapi/7/sys/conf/files ============================================================================== --- user/dfr/gssapi/7/sys/conf/files Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/conf/files Tue Nov 4 11:54:26 2008 (r184626) @@ -339,7 +339,7 @@ crypto/camellia/camellia.c optional cryp crypto/camellia/camellia-api.c optional crypto | ipsec crypto/des/des_ecb.c optional crypto | ipsec | netsmb crypto/des/des_setkey.c optional crypto | ipsec | netsmb -crypto/rc4/rc4.c optional netgraph_mppc_encryption +crypto/rc4/rc4.c optional netgraph_mppc_encryption | kgssapi crypto/rijndael/rijndael-alg-fst.c optional crypto | geom_bde | \ ipsec | random | wlan_ccmp crypto/rijndael/rijndael-api-fst.c optional geom_bde | random @@ -1565,6 +1565,56 @@ kern/vfs_subr.c standard kern/vfs_syscalls.c standard kern/vfs_vnops.c standard # +# Kernel GSS-API +# +gssd.h optional kgssapi \ + dependency "$S/kgssapi/gssd.x" \ + compile-with "rpcgen -hM $S/kgssapi/gssd.x | grep -v pthread.h > gssd.h" \ + no-obj no-implicit-rule before-depend local \ + clean "gssd.h" +gssd_xdr.c optional kgssapi \ + dependency "$S/kgssapi/gssd.x gssd.h" \ + compile-with "rpcgen -c $S/kgssapi/gssd.x -o gssd_xdr.c" \ + no-implicit-rule before-depend local \ + clean "gssd_xdr.c" +gssd_clnt.c optional kgssapi \ + dependency "$S/kgssapi/gssd.x gssd.h" \ + compile-with "rpcgen -lM $S/kgssapi/gssd.x | grep -v string.h > gssd_clnt.c" \ + no-implicit-rule before-depend local \ + clean "gssd_clnt.c" +kgssapi/gss_accept_sec_context.c optional kgssapi +kgssapi/gss_add_oid_set_member.c optional kgssapi +kgssapi/gss_acquire_cred.c optional kgssapi +kgssapi/gss_canonicalize_name.c optional kgssapi +kgssapi/gss_create_empty_oid_set.c optional kgssapi +kgssapi/gss_delete_sec_context.c optional kgssapi +kgssapi/gss_display_status.c optional kgssapi +kgssapi/gss_export_name.c optional kgssapi +kgssapi/gss_get_mic.c optional kgssapi +kgssapi/gss_init_sec_context.c optional kgssapi +kgssapi/gss_impl.c optional kgssapi +kgssapi/gss_import_name.c optional kgssapi +kgssapi/gss_names.c optional kgssapi +kgssapi/gss_pname_to_uid.c optional kgssapi +kgssapi/gss_release_buffer.c optional kgssapi +kgssapi/gss_release_cred.c optional kgssapi +kgssapi/gss_release_name.c optional kgssapi +kgssapi/gss_release_oid_set.c optional kgssapi +kgssapi/gss_set_cred_option.c optional kgssapi +kgssapi/gss_test_oid_set_member.c optional kgssapi +kgssapi/gss_unwrap.c optional kgssapi +kgssapi/gss_verify_mic.c optional kgssapi +kgssapi/gss_wrap.c optional kgssapi +kgssapi/gss_wrap_size_limit.c optional kgssapi +kgssapi/gssd_prot.c optional kgssapi +kgssapi/krb5/krb5_mech.c optional kgssapi +kgssapi/krb5/kcrypto.c optional kgssapi +kgssapi/krb5/kcrypto_aes.c optional kgssapi +kgssapi/krb5/kcrypto_arcfour.c optional kgssapi +kgssapi/krb5/kcrypto_des.c optional kgssapi +kgssapi/krb5/kcrypto_des3.c optional kgssapi +kgssapi/kgss_if.m optional kgssapi +kgssapi/gsstest.c optional kgssapi_debug # These files in libkern/ are those needed by all architectures. Some # of the files in libkern/ are only needed on some architectures, e.g., # libkern/divdi3.c is needed by i386 but not alpha. Also, some of these @@ -1910,18 +1960,21 @@ nfsclient/krpc_subr.c optional bootp nf nfsclient/nfs_bio.c optional nfsclient nfsclient/nfs_diskless.c optional nfsclient nfs_root nfsclient/nfs_node.c optional nfsclient -nfsclient/nfs_socket.c optional nfsclient +nfsclient/nfs_socket.c optional nfsclient nfs_legacyrpc +nfsclient/nfs_krpc.c optional nfsclient nfsclient/nfs_subs.c optional nfsclient nfsclient/nfs_nfsiod.c optional nfsclient nfsclient/nfs_vfsops.c optional nfsclient nfsclient/nfs_vnops.c optional nfsclient nfsclient/nfs_lock.c optional nfsclient +nfsserver/nfs_fha.c optional nfsserver nfsserver/nfs_serv.c optional nfsserver -nfsserver/nfs_srvsock.c optional nfsserver -nfsserver/nfs_srvcache.c optional nfsserver +nfsserver/nfs_srvkrpc.c optional nfsserver +nfsserver/nfs_srvsock.c optional nfsserver nfs_legacyrpc +nfsserver/nfs_srvcache.c optional nfsserver nfs_legacyrpc nfsserver/nfs_srvsubs.c optional nfsserver -nfsserver/nfs_syscalls.c optional nfsserver -nlm/nlm_advlock.c optional nfslockd +nfsserver/nfs_syscalls.c optional nfsserver nfs_legacyrpc +nlm/nlm_advlock.c optional nfslockd nfsclient nlm/nlm_prot_clnt.c optional nfslockd nlm/nlm_prot_impl.c optional nfslockd nlm/nlm_prot_server.c optional nfslockd @@ -1957,27 +2010,33 @@ pci/ncr.c optional ncr pci pci/nfsmb.c optional nfsmb pci pci/viapm.c optional viapm pci pci/xrpu.c optional xrpu pci -rpc/auth_none.c optional krpc | nfslockd -rpc/auth_unix.c optional krpc | nfslockd -rpc/authunix_prot.c optional krpc | nfslockd -rpc/clnt_dg.c optional krpc | nfslockd -rpc/clnt_rc.c optional krpc | nfslockd -rpc/clnt_vc.c optional krpc | nfslockd -rpc/getnetconfig.c optional krpc | nfslockd -rpc/inet_ntop.c optional krpc | nfslockd -rpc/inet_pton.c optional krpc | nfslockd -rpc/rpc_callmsg.c optional krpc | nfslockd -rpc/rpc_generic.c optional krpc | nfslockd -rpc/rpc_prot.c optional krpc | nfslockd -rpc/rpcb_clnt.c optional krpc | nfslockd -rpc/rpcb_prot.c optional krpc | nfslockd +rpc/auth_none.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/auth_unix.c optional krpc | nfslockd | nfsclient +rpc/authunix_prot.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/clnt_dg.c optional krpc | nfslockd | nfsclient +rpc/clnt_rc.c optional krpc | nfslockd | nfsclient +rpc/clnt_vc.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/getnetconfig.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/inet_ntop.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/inet_pton.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/replay.c optional krpc | nfslockd | nfsserver +rpc/rpc_callmsg.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/rpc_generic.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/rpc_prot.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/rpcb_clnt.c optional krpc | nfslockd | nfsclient | nfsserver +rpc/rpcb_prot.c optional krpc | nfslockd | nfsclient | nfsserver rpc/rpcclnt.c optional nfsclient -rpc/svc.c optional krpc | nfslockd -rpc/svc_auth.c optional krpc | nfslockd -rpc/svc_auth_unix.c optional krpc | nfslockd -rpc/svc_dg.c optional krpc | nfslockd -rpc/svc_generic.c optional krpc | nfslockd -rpc/svc_vc.c optional krpc | nfslockd +rpc/svc.c optional krpc | nfslockd | nfsserver +rpc/svc_auth.c optional krpc | nfslockd | nfsserver +rpc/svc_auth_unix.c optional krpc | nfslockd | nfsserver +rpc/svc_dg.c optional krpc | nfslockd | nfsserver +rpc/svc_generic.c optional krpc | nfslockd | nfsserver +rpc/svc_vc.c optional krpc | nfslockd | nfsserver +rpc/rpcsec_gss/rpcsec_gss.c optional krpc kgssapi | nfslockd kgssapi +rpc/rpcsec_gss/rpcsec_gss_conf.c optional krpc kgssapi | nfslockd kgssapi +rpc/rpcsec_gss/rpcsec_gss_misc.c optional krpc kgssapi | nfslockd kgssapi +rpc/rpcsec_gss/rpcsec_gss_prot.c optional krpc kgssapi | nfslockd kgssapi +rpc/rpcsec_gss/svc_rpcsec_gss.c optional krpc kgssapi | nfslockd kgssapi security/audit/audit.c optional audit security/audit/audit_arg.c optional audit security/audit/audit_bsm.c optional audit @@ -2059,12 +2118,12 @@ vm/vm_phys.c standard vm/vm_unix.c standard vm/vm_zeroidle.c standard vm/vnode_pager.c standard -xdr/xdr.c optional krpc | nfslockd -xdr/xdr_array.c optional krpc | nfslockd -xdr/xdr_mbuf.c optional krpc | nfslockd -xdr/xdr_mem.c optional krpc | nfslockd -xdr/xdr_reference.c optional krpc | nfslockd -xdr/xdr_sizeof.c optional krpc | nfslockd +xdr/xdr.c optional krpc | nfslockd | nfsclient | nfsserver +xdr/xdr_array.c optional krpc | nfslockd | nfsclient | nfsserver +xdr/xdr_mbuf.c optional krpc | nfslockd | nfsclient | nfsserver +xdr/xdr_mem.c optional krpc | nfslockd | nfsclient | nfsserver +xdr/xdr_reference.c optional krpc | nfslockd | nfsclient | nfsserver +xdr/xdr_sizeof.c optional krpc | nfslockd | nfsclient | nfsserver # gnu/fs/xfs/xfs_alloc.c optional xfs \ compile-with "${NORMAL_C} -I$S/gnu/fs/xfs/FreeBSD -I$S/gnu/fs/xfs/FreeBSD/support -I$S/gnu/fs/xfs" \ Modified: user/dfr/gssapi/7/sys/conf/options ============================================================================== --- user/dfr/gssapi/7/sys/conf/options Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/conf/options Tue Nov 4 11:54:26 2008 (r184626) @@ -215,6 +215,10 @@ PSEUDOFS_TRACE opt_pseudofs.h # Broken - ffs_snapshot() dependency from ufs_lookup() :-( FFS opt_ffs_broken_fixme.h +# In-kernel GSS-API +KGSSAPI opt_kgssapi.h +KGSSAPI_DEBUG opt_kgssapi.h + # These static filesystems have one slightly bogus static dependency in # sys/i386/i386/autoconf.c. If any of these filesystems are # statically compiled into the kernel, code for mounting them as root @@ -223,6 +227,11 @@ NFSCLIENT opt_nfs.h NFSSERVER opt_nfs.h NFS4CLIENT opt_nfs.h +# Use this option to compile both NFS client and server using the +# legacy RPC implementation instead of the newer KRPC system (which +# supports modern features such as RPCSEC_GSS +NFS_LEGACYRPC opt_nfs.h + # filesystems and libiconv bridge CD9660_ICONV opt_dontuse.h MSDOSFS_ICONV opt_dontuse.h Modified: user/dfr/gssapi/7/sys/fs/unionfs/union_vfsops.c ============================================================================== --- user/dfr/gssapi/7/sys/fs/unionfs/union_vfsops.c Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/fs/unionfs/union_vfsops.c Tue Nov 4 11:54:26 2008 (r184626) @@ -520,7 +520,7 @@ unionfs_fhtovp(struct mount *mp, struct static int unionfs_checkexp(struct mount *mp, struct sockaddr *nam, int *extflagsp, - struct ucred **credanonp) + struct ucred **credanonp, int *numsecflavors, int **secflavors) { return (EOPNOTSUPP); } Modified: user/dfr/gssapi/7/sys/kern/syscalls.master ============================================================================== --- user/dfr/gssapi/7/sys/kern/syscalls.master Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/kern/syscalls.master Tue Nov 4 11:54:26 2008 (r184626) @@ -871,5 +871,7 @@ cpuwhich_t which, id_t id, size_t cpusetsize, \ const cpuset_t *mask); } +; 505 is initialised by the kgssapi code, if present. +505 AUE_NULL NOSTD { int gssd_syscall(char *path); } ; Please copy any additions and changes to the following compatability tables: ; sys/compat/freebsd32/syscalls.master Modified: user/dfr/gssapi/7/sys/kern/vfs_export.c ============================================================================== --- user/dfr/gssapi/7/sys/kern/vfs_export.c Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/kern/vfs_export.c Tue Nov 4 11:54:26 2008 (r184626) @@ -68,6 +68,8 @@ struct netcred { struct radix_node netc_rnodes[2]; int netc_exflags; struct ucred netc_anon; + int netc_numsecflavors; + int netc_secflavors[MAXSECFLAVORS]; }; /* @@ -120,6 +122,9 @@ vfs_hang_addrlist(struct mount *mp, stru np->netc_anon.cr_ngroups = argp->ex_anon.cr_ngroups; bcopy(argp->ex_anon.cr_groups, np->netc_anon.cr_groups, sizeof(np->netc_anon.cr_groups)); + np->netc_numsecflavors = argp->ex_numsecflavors; + bcopy(argp->ex_secflavors, np->netc_secflavors, + sizeof(np->netc_secflavors)); refcount_init(&np->netc_anon.cr_ref, 1); MNT_ILOCK(mp); mp->mnt_flag |= MNT_DEFEXPORTED; @@ -203,6 +208,9 @@ vfs_hang_addrlist(struct mount *mp, stru np->netc_anon.cr_ngroups = argp->ex_anon.cr_ngroups; bcopy(argp->ex_anon.cr_groups, np->netc_anon.cr_groups, sizeof(np->netc_anon.cr_groups)); + np->netc_numsecflavors = argp->ex_numsecflavors; + bcopy(argp->ex_secflavors, np->netc_secflavors, + sizeof(np->netc_secflavors)); refcount_init(&np->netc_anon.cr_ref, 1); return (0); out: @@ -253,6 +261,10 @@ vfs_export(struct mount *mp, struct expo struct netexport *nep; int error; + if (argp->ex_numsecflavors < 0 + || argp->ex_numsecflavors >= MAXSECFLAVORS) + return (EINVAL); + nep = mp->mnt_export; error = 0; lockmgr(&mp->mnt_explock, LK_EXCLUSIVE, NULL, curthread); @@ -441,7 +453,7 @@ vfs_export_lookup(struct mount *mp, stru int vfs_stdcheckexp(struct mount *mp, struct sockaddr *nam, int *extflagsp, - struct ucred **credanonp) + struct ucred **credanonp, int *numsecflavors, int **secflavors) { struct netcred *np; @@ -452,6 +464,10 @@ vfs_stdcheckexp(struct mount *mp, struct return (EACCES); *extflagsp = np->netc_exflags; *credanonp = &np->netc_anon; + if (numsecflavors) + *numsecflavors = np->netc_numsecflavors; + if (secflavors) + *secflavors = np->netc_secflavors; return (0); } Modified: user/dfr/gssapi/7/sys/kern/vfs_mount.c ============================================================================== --- user/dfr/gssapi/7/sys/kern/vfs_mount.c Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/kern/vfs_mount.c Tue Nov 4 11:54:26 2008 (r184626) @@ -838,6 +838,7 @@ vfs_domount( struct vnode *vp; struct mount *mp; struct vfsconf *vfsp; + struct oexport_args oexport; struct export_args export; int error, flag = 0; struct vattr va; @@ -1021,6 +1022,19 @@ vfs_domount( if (vfs_copyopt(mp->mnt_optnew, "export", &export, sizeof(export)) == 0) error = vfs_export(mp, &export); + else if (vfs_copyopt(mp->mnt_optnew, "export", &oexport, + sizeof(oexport)) == 0) { + export.ex_flags = oexport.ex_flags; + export.ex_root = oexport.ex_root; + export.ex_anon = oexport.ex_anon; + export.ex_addr = oexport.ex_addr; + export.ex_addrlen = oexport.ex_addrlen; + export.ex_mask = oexport.ex_mask; + export.ex_masklen = oexport.ex_masklen; + export.ex_indexfile = oexport.ex_indexfile; + export.ex_numsecflavors = 0; + error = vfs_export(mp, &export); + } } if (!error) { Modified: user/dfr/gssapi/7/sys/modules/nfsclient/Makefile ============================================================================== --- user/dfr/gssapi/7/sys/modules/nfsclient/Makefile Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/modules/nfsclient/Makefile Tue Nov 4 11:54:26 2008 (r184626) @@ -6,11 +6,11 @@ KMOD= nfsclient SRCS= vnode_if.h \ nfs_bio.c nfs_lock.c nfs_node.c nfs_socket.c nfs_subs.c nfs_nfsiod.c \ - nfs_vfsops.c nfs_vnops.c nfs_common.c \ + nfs_vfsops.c nfs_vnops.c nfs_common.c nfs_krpc.c \ opt_inet.h opt_nfs.h opt_bootp.h opt_nfsroot.h SRCS+= nfs4_dev.c nfs4_idmap.c nfs4_socket.c nfs4_subs.c \ nfs4_vfs_subs.c nfs4_vfsops.c nfs4_vn_subs.c nfs4_vnops.c -SRCS+= opt_inet6.h +SRCS+= opt_inet6.h opt_kgssapi.h # USE THE RPCCLNT: CFLAGS+= -DRPCCLNT_DEBUG Modified: user/dfr/gssapi/7/sys/modules/nfsserver/Makefile ============================================================================== --- user/dfr/gssapi/7/sys/modules/nfsserver/Makefile Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/modules/nfsserver/Makefile Tue Nov 4 11:54:26 2008 (r184626) @@ -3,8 +3,8 @@ .PATH: ${.CURDIR}/../../nfsserver ${.CURDIR}/../../nfs KMOD= nfsserver SRCS= vnode_if.h \ - nfs_serv.c nfs_srvsock.c nfs_srvcache.c nfs_srvsubs.c nfs_syscalls.c \ - nfs_common.c \ + nfs_serv.c nfs_srvkrpc.c nfs_srvsock.c nfs_srvcache.c nfs_srvsubs.c \ + nfs_syscalls.c nfs_common.c \ opt_mac.h \ opt_nfs.h SRCS+= opt_inet6.h Modified: user/dfr/gssapi/7/sys/nfsclient/nfs.h ============================================================================== --- user/dfr/gssapi/7/sys/nfsclient/nfs.h Tue Nov 4 11:52:50 2008 (r184625) +++ user/dfr/gssapi/7/sys/nfsclient/nfs.h Tue Nov 4 11:54:26 2008 (r184626) @@ -132,7 +132,9 @@ MALLOC_DECLARE(M_NFSDIRECTIO); extern struct uma_zone *nfsmount_zone; +#ifdef NFS_LEGACYRPC extern struct callout nfs_callout; +#endif extern struct nfsstats nfsstats; extern struct mtx nfs_iod_mtx; @@ -157,6 +159,8 @@ extern int nfsv3_procid[NFS_NPROCS]; (e) != ERESTART && (e) != EWOULDBLOCK && \ ((s) & PR_CONNREQUIRED) == 0) +#ifdef NFS_LEGACYRPC + /* * Nfs outstanding request list element */ @@ -196,6 +200,17 @@ extern TAILQ_HEAD(nfs_reqq, nfsreq) nfs_ #define R_GETONEREP 0x80 /* Probe for one reply only */ #define R_PIN_REQ 0x100 /* Pin request down (rexmit in prog or other) */ +#else + +/* + * This is only needed to keep things working while we support + * compiling for both RPC implementations. + */ +struct nfsreq; +struct nfsmount; + +#endif + struct buf; struct socket; struct uio; @@ -291,12 +306,18 @@ vfs_init_t nfs_init; vfs_uninit_t nfs_uninit; int nfs_mountroot(struct mount *mp, struct thread *td); +#ifdef NFS_LEGACYRPC #ifndef NFS4_USE_RPCCLNT int nfs_send(struct socket *, struct sockaddr *, struct mbuf *, struct nfsreq *); int nfs_connect_lock(struct nfsreq *); void nfs_connect_unlock(struct nfsreq *); +void nfs_up(struct nfsreq *, struct nfsmount *, struct thread *, + const char *, int); +void nfs_down(struct nfsreq *, struct nfsmount *, struct thread *, + const char *, int, int); #endif /* ! NFS4_USE_RPCCLNT */ +#endif int nfs_vinvalbuf(struct vnode *, int, struct thread *, int); int nfs_readrpc(struct vnode *, struct uio *, struct ucred *); @@ -309,10 +330,6 @@ int nfs_nfsiodnew(void); int nfs_asyncio(struct nfsmount *, struct buf *, struct ucred *, struct thread *); int nfs_doio(struct vnode *, struct buf *, struct ucred *, struct thread *); void nfs_doio_directwrite (struct buf *); -void nfs_up(struct nfsreq *, struct nfsmount *, struct thread *, - const char *, int); -void nfs_down(struct nfsreq *, struct nfsmount *, struct thread *, - const char *, int, int); int nfs_readlinkrpc(struct vnode *, struct uio *, struct ucred *); int nfs_sigintr(struct nfsmount *, struct nfsreq *, struct thread *); int nfs_readdirplusrpc(struct vnode *, struct uio *, struct ucred *); Copied: user/dfr/gssapi/7/sys/nfsclient/nfs_krpc.c (from r184588, head/sys/nfsclient/nfs_krpc.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/dfr/gssapi/7/sys/nfsclient/nfs_krpc.c Tue Nov 4 11:54:26 2008 (r184626, copy of r184588, head/sys/nfsclient/nfs_krpc.c) @@ -0,0 +1,769 @@ +/*- + * Copyright (c) 1989, 1991, 1993, 1995 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Rick Macklem at The University of Guelph. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)nfs_socket.c 8.5 (Berkeley) 3/30/95 + */ + +#include +__FBSDID("$FreeBSD$"); + +/* + * Socket operations for use by nfs + */ + +#include "opt_inet6.h" +#include "opt_kgssapi.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include + +#ifndef NFS_LEGACYRPC + +static int nfs_realign_test; +static int nfs_realign_count; +static int nfs_bufpackets = 4; +static int nfs_reconnects; +static int nfs3_jukebox_delay = 10; +static int nfs_skip_wcc_data_onerr = 1; +static int fake_wchan; + +SYSCTL_DECL(_vfs_nfs); + +SYSCTL_INT(_vfs_nfs, OID_AUTO, realign_test, CTLFLAG_RW, &nfs_realign_test, 0, + "Number of realign tests done"); +SYSCTL_INT(_vfs_nfs, OID_AUTO, realign_count, CTLFLAG_RW, &nfs_realign_count, 0, + "Number of mbuf realignments done"); +SYSCTL_INT(_vfs_nfs, OID_AUTO, bufpackets, CTLFLAG_RW, &nfs_bufpackets, 0, + "Buffer reservation size 2 < x < 64"); +SYSCTL_INT(_vfs_nfs, OID_AUTO, reconnects, CTLFLAG_RD, &nfs_reconnects, 0, + "Number of times the nfs client has had to reconnect"); +SYSCTL_INT(_vfs_nfs, OID_AUTO, nfs3_jukebox_delay, CTLFLAG_RW, &nfs3_jukebox_delay, 0, + "Number of seconds to delay a retry after receiving EJUKEBOX"); +SYSCTL_INT(_vfs_nfs, OID_AUTO, skip_wcc_data_onerr, CTLFLAG_RW, &nfs_skip_wcc_data_onerr, 0, + "Disable weak cache consistency checking when server returns an error"); + +static void nfs_down(struct nfsmount *, struct thread *, const char *, + int, int); +static void nfs_up(struct nfsmount *, struct thread *, const char *, + int, int); +static int nfs_msg(struct thread *, const char *, const char *, int); + +extern int nfsv2_procid[]; + +struct nfs_cached_auth { + int ca_refs; /* refcount, including 1 from the cache */ + uid_t ca_uid; /* uid that corresponds to this auth */ + AUTH *ca_auth; /* RPC auth handle */ +}; + +/* + * RTT estimator + */ + +static enum nfs_rto_timer_t nfs_proct[NFS_NPROCS] = { + NFS_DEFAULT_TIMER, /* NULL */ + NFS_GETATTR_TIMER, /* GETATTR */ + NFS_DEFAULT_TIMER, /* SETATTR */ + NFS_LOOKUP_TIMER, /* LOOKUP */ + NFS_GETATTR_TIMER, /* ACCESS */ + NFS_READ_TIMER, /* READLINK */ + NFS_READ_TIMER, /* READ */ + NFS_WRITE_TIMER, /* WRITE */ + NFS_DEFAULT_TIMER, /* CREATE */ + NFS_DEFAULT_TIMER, /* MKDIR */ + NFS_DEFAULT_TIMER, /* SYMLINK */ + NFS_DEFAULT_TIMER, /* MKNOD */ + NFS_DEFAULT_TIMER, /* REMOVE */ + NFS_DEFAULT_TIMER, /* RMDIR */ + NFS_DEFAULT_TIMER, /* RENAME */ + NFS_DEFAULT_TIMER, /* LINK */ + NFS_READ_TIMER, /* READDIR */ + NFS_READ_TIMER, /* READDIRPLUS */ + NFS_DEFAULT_TIMER, /* FSSTAT */ + NFS_DEFAULT_TIMER, /* FSINFO */ + NFS_DEFAULT_TIMER, /* PATHCONF */ + NFS_DEFAULT_TIMER, /* COMMIT */ + NFS_DEFAULT_TIMER, /* NOOP */ +}; + +/* + * Choose the correct RTT timer for this NFS procedure. + */ +static inline enum nfs_rto_timer_t +nfs_rto_timer(u_int32_t procnum) +{ + return nfs_proct[procnum]; +} + +/* + * Initialize the RTT estimator state for a new mount point. + */ +static void +nfs_init_rtt(struct nfsmount *nmp) +{ + int i; + + for (i = 0; i < NFS_MAX_TIMER; i++) { + nmp->nm_timers[i].rt_srtt = hz; + nmp->nm_timers[i].rt_deviate = 0; + nmp->nm_timers[i].rt_rtxcur = hz; + } +} + +/* + * Initialize sockets and congestion for a new NFS connection. + * We do not free the sockaddr if error. + */ +int +nfs_connect(struct nfsmount *nmp, struct nfsreq *rep) +{ + int rcvreserve, sndreserve; + int pktscale; + struct sockaddr *saddr; + struct ucred *origcred; + struct thread *td = curthread; + CLIENT *client; + struct netconfig *nconf; + rpcvers_t vers; + int one = 1, retries; + + /* + * We need to establish the socket using the credentials of + * the mountpoint. Some parts of this process (such as + * sobind() and soconnect()) will use the curent thread's + * credential instead of the socket credential. To work + * around this, temporarily change the current thread's + * credential to that of the mountpoint. + * + * XXX: It would be better to explicitly pass the correct + * credential to sobind() and soconnect(). + */ + origcred = td->td_ucred; + td->td_ucred = nmp->nm_mountp->mnt_cred; + saddr = nmp->nm_nam; + + vers = NFS_VER2; + if (nmp->nm_flag & NFSMNT_NFSV3) + vers = NFS_VER3; + else if (nmp->nm_flag & NFSMNT_NFSV4) + vers = NFS_VER4; + if (saddr->sa_family == AF_INET) + if (nmp->nm_sotype == SOCK_DGRAM) + nconf = getnetconfigent("udp"); + else + nconf = getnetconfigent("tcp"); + else + if (nmp->nm_sotype == SOCK_DGRAM) + nconf = getnetconfigent("udp6"); + else + nconf = getnetconfigent("tcp6"); + + /* + * Get buffer reservation size from sysctl, but impose reasonable + * limits. + */ + pktscale = nfs_bufpackets; + if (pktscale < 2) + pktscale = 2; + if (pktscale > 64) + pktscale = 64; + mtx_lock(&nmp->nm_mtx); + if (nmp->nm_sotype == SOCK_DGRAM) { + sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * pktscale; + rcvreserve = (max(nmp->nm_rsize, nmp->nm_readdirsize) + + NFS_MAXPKTHDR) * pktscale; + } else if (nmp->nm_sotype == SOCK_SEQPACKET) { + sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * pktscale; + rcvreserve = (max(nmp->nm_rsize, nmp->nm_readdirsize) + + NFS_MAXPKTHDR) * pktscale; + } else { + if (nmp->nm_sotype != SOCK_STREAM) + panic("nfscon sotype"); + sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR + + sizeof (u_int32_t)) * pktscale; + rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR + + sizeof (u_int32_t)) * pktscale; + } + mtx_unlock(&nmp->nm_mtx); + + client = clnt_reconnect_create(nconf, saddr, NFS_PROG, vers, + sndreserve, rcvreserve); + CLNT_CONTROL(client, CLSET_WAITCHAN, "nfsreq"); + if (nmp->nm_flag & NFSMNT_INT) + CLNT_CONTROL(client, CLSET_INTERRUPTIBLE, &one); + if (nmp->nm_flag & NFSMNT_RESVPORT) + CLNT_CONTROL(client, CLSET_PRIVPORT, &one); + if (nmp->nm_flag & NFSMNT_SOFT) + retries = nmp->nm_retry; + else + retries = INT_MAX; + CLNT_CONTROL(client, CLSET_RETRIES, &retries); + + mtx_lock(&nmp->nm_mtx); + if (nmp->nm_client) { + /* + * Someone else already connected. + */ + CLNT_RELEASE(client); + } else { + nmp->nm_client = client; + } + + /* + * Protocols that do not require connections may be optionally left + * unconnected for servers that reply from a port other than NFS_PORT. + */ + if (!(nmp->nm_flag & NFSMNT_NOCONN)) { + mtx_unlock(&nmp->nm_mtx); + CLNT_CONTROL(client, CLSET_CONNECT, &one); + } else { + mtx_unlock(&nmp->nm_mtx); + } + + /* Restore current thread's credentials. */ + td->td_ucred = origcred; + + mtx_lock(&nmp->nm_mtx); + /* Initialize other non-zero congestion variables */ + nfs_init_rtt(nmp); + mtx_unlock(&nmp->nm_mtx); + return (0); +} + +/* + * NFS disconnect. Clean up and unlink. + */ +void +nfs_disconnect(struct nfsmount *nmp) +{ + CLIENT *client; + + mtx_lock(&nmp->nm_mtx); + if (nmp->nm_client) { + client = nmp->nm_client; + nmp->nm_client = NULL; + mtx_unlock(&nmp->nm_mtx); +#ifdef KGSSAPI + rpc_gss_secpurge(client); +#endif + CLNT_CLOSE(client); + CLNT_RELEASE(client); + } else { + mtx_unlock(&nmp->nm_mtx); + } +} + +void +nfs_safedisconnect(struct nfsmount *nmp) +{ + + nfs_disconnect(nmp); +} + +static AUTH * +nfs_getauth(struct nfsmount *nmp, struct ucred *cred) +{ +#ifdef KGSSAPI + rpc_gss_service_t svc; + AUTH *auth; +#endif + + switch (nmp->nm_secflavor) { +#ifdef KGSSAPI + case RPCSEC_GSS_KRB5: + case RPCSEC_GSS_KRB5I: + case RPCSEC_GSS_KRB5P: + if (!nmp->nm_mech_oid) { + if (!rpc_gss_mech_to_oid("kerberosv5", + &nmp->nm_mech_oid)) + return (NULL); + } + if (nmp->nm_secflavor == RPCSEC_GSS_KRB5) + svc = rpc_gss_svc_none; + else if (nmp->nm_secflavor == RPCSEC_GSS_KRB5I) + svc = rpc_gss_svc_integrity; + else + svc = rpc_gss_svc_privacy; + auth = rpc_gss_secfind(nmp->nm_client, cred, + nmp->nm_principal, nmp->nm_mech_oid, svc); + if (auth) + return (auth); + /* fallthrough */ +#endif + case AUTH_SYS: + default: + return (authunix_create(cred)); + + } +} + +/* + * Callback from the RPC code to generate up/down notifications. + */ + +struct nfs_feedback_arg { + struct nfsmount *nf_mount; + int nf_lastmsg; /* last tprintf */ + int nf_tprintfmsg; + struct thread *nf_td; +}; + +static void +nfs_feedback(int type, int proc, void *arg) +{ + struct nfs_feedback_arg *nf = (struct nfs_feedback_arg *) arg; + struct nfsmount *nmp = nf->nf_mount; + struct timeval now; + + getmicrouptime(&now); + + switch (type) { + case FEEDBACK_REXMIT2: + case FEEDBACK_RECONNECT: + if (nf->nf_lastmsg + nmp->nm_tprintf_delay < now.tv_sec) { + nfs_down(nmp, nf->nf_td, + "not responding", 0, NFSSTA_TIMEO); + nf->nf_tprintfmsg = TRUE; + nf->nf_lastmsg = now.tv_sec; + } + break; + + case FEEDBACK_OK: + nfs_up(nf->nf_mount, nf->nf_td, + "is alive again", NFSSTA_TIMEO, nf->nf_tprintfmsg); + break; + } +} + +/* + * nfs_request - goes something like this + * - fill in request struct + * - links it into list + * - calls nfs_send() for first transmit + * - calls nfs_receive() to get reply + * - break down rpc header and return with nfs reply pointed to + * by mrep or error + * nb: always frees up mreq mbuf list + */ +int +nfs_request(struct vnode *vp, struct mbuf *mreq, int procnum, + struct thread *td, struct ucred *cred, struct mbuf **mrp, + struct mbuf **mdp, caddr_t *dposp) +{ + struct mbuf *mrep; + u_int32_t *tl; + struct nfsmount *nmp; + struct mbuf *md; + time_t waituntil; + caddr_t dpos; + int error = 0; + struct timeval now; + AUTH *auth = NULL; + enum nfs_rto_timer_t timer; + struct nfs_feedback_arg nf; + struct rpc_callextra ext; + enum clnt_stat stat; + struct timeval timo; + + /* Reject requests while attempting a forced unmount. */ + if (vp->v_mount->mnt_kern_flag & MNTK_UNMOUNTF) { + m_freem(mreq); + return (ESTALE); + } + nmp = VFSTONFS(vp->v_mount); + if ((nmp->nm_flag & NFSMNT_NFSV4) != 0) + return nfs4_request(vp, mreq, procnum, td, cred, mrp, mdp, dposp); + bzero(&nf, sizeof(struct nfs_feedback_arg)); + nf.nf_mount = nmp; + nf.nf_td = td; + getmicrouptime(&now); + nf.nf_lastmsg = now.tv_sec - + ((nmp->nm_tprintf_delay) - (nmp->nm_tprintf_initial_delay)); + + /* + * XXX if not already connected call nfs_connect now. Longer + * term, change nfs_mount to call nfs_connect unconditionally + * and let clnt_reconnect_create handle reconnects. + */ + if (!nmp->nm_client) + nfs_connect(nmp, NULL); + + auth = nfs_getauth(nmp, cred); + if (!auth) { + m_freem(mreq); + return (EACCES); + } + bzero(&ext, sizeof(ext)); + ext.rc_auth = auth; + + ext.rc_feedback = nfs_feedback; + ext.rc_feedback_arg = &nf; + + /* + * Use a conservative timeout for RPCs other than getattr, + * lookup, read or write. The justification for doing "other" + * this way is that these RPCs happen so infrequently that + * timer est. would probably be stale. Also, since many of + * these RPCs are non-idempotent, a conservative timeout is + * desired. + */ + timer = nfs_rto_timer(procnum); + if (timer != NFS_DEFAULT_TIMER) { + ext.rc_timers = &nmp->nm_timers[timer - 1]; + } else { + ext.rc_timers = NULL; + } + + nfsstats.rpcrequests++; +tryagain: + timo.tv_sec = nmp->nm_timeo / NFS_HZ; + timo.tv_usec = (nmp->nm_timeo * 1000000) / NFS_HZ; + mrep = NULL; + stat = CLNT_CALL_MBUF(nmp->nm_client, &ext, + (nmp->nm_flag & NFSMNT_NFSV3) ? procnum : nfsv2_procid[procnum], + mreq, &mrep, timo); + + /* + * If there was a successful reply and a tprintf msg. + * tprintf a response. + */ + if (stat == RPC_SUCCESS) { + error = 0; + } else if (stat == RPC_TIMEDOUT) { + error = ETIMEDOUT; + } else if (stat == RPC_VERSMISMATCH) { + error = EOPNOTSUPP; + } else if (stat == RPC_PROGVERSMISMATCH) { + error = EPROTONOSUPPORT; + } else { + error = EACCES; + } + md = mrep; + if (error) { + m_freem(mreq); + AUTH_DESTROY(auth); + return (error); + } + + KASSERT(mrep != NULL, ("mrep shouldn't be NULL if no error\n")); + + dpos = mtod(mrep, caddr_t); + tl = nfsm_dissect(u_int32_t *, NFSX_UNSIGNED); + if (*tl != 0) { + error = fxdr_unsigned(int, *tl); + if ((nmp->nm_flag & NFSMNT_NFSV3) && + error == NFSERR_TRYLATER) { + m_freem(mrep); + error = 0; + waituntil = time_second + nfs3_jukebox_delay; + while (time_second < waituntil) { + (void) tsleep(&fake_wchan, PSOCK, "nqnfstry", hz); + } + goto tryagain; + } + + /* + * If the File Handle was stale, invalidate the lookup + * cache, just in case. + */ + if (error == ESTALE) + cache_purge(vp); + /* + * Skip wcc data on NFS errors for now. NetApp filers + * return corrupt postop attrs in the wcc data for NFS + * err EROFS. Not sure if they could return corrupt + * postop attrs for others errors. + */ + if ((nmp->nm_flag & NFSMNT_NFSV3) && !nfs_skip_wcc_data_onerr) { + *mrp = mrep; + *mdp = md; + *dposp = dpos; + error |= NFSERR_RETERR; + } else + m_freem(mrep); + m_freem(mreq); + AUTH_DESTROY(auth); + return (error); + } + + m_freem(mreq); + *mrp = mrep; + *mdp = md; + *dposp = dpos; + AUTH_DESTROY(auth); + return (0); + +nfsmout: + m_freem(mreq); + if (auth) + AUTH_DESTROY(auth); + return (error); +} + +/* + * Mark all of an nfs mount's outstanding requests with R_SOFTTERM and + * wait for all requests to complete. This is used by forced unmounts + * to terminate any outstanding RPCs. + */ +int +nfs_nmcancelreqs(struct nfsmount *nmp) +{ + + if (nmp->nm_client) + CLNT_CLOSE(nmp->nm_client); + return (0); +} + +/* + * Any signal that can interrupt an NFS operation in an intr mount + * should be added to this set. SIGSTOP and SIGKILL cannot be masked. + */ +int nfs_sig_set[] = { + SIGINT, + SIGTERM, + SIGHUP, + SIGKILL, + SIGSTOP, + SIGQUIT +}; + +/* + * Check to see if one of the signals in our subset is pending on + * the process (in an intr mount). *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***