/* lib9p/srv.c - 9P server * * Copyright (C) 2024-2025 Luke T. Shumaker * SPDX-License-Identifier: AGPL-3.0-or-later */ #include #include /* for PRI* */ #include /* for SSIZE_MAX, not set by newlib */ #include /* for size_t */ #include /* for malloc() */ #include /* for memcpy() */ #ifndef SSIZE_MAX #define SSIZE_MAX (SIZE_MAX >> 1) #endif #include #include #include #include #include #include #include #define LOG_NAME 9P_SRV #include #define IMPLEMENTATION_FOR_LIB9P_SRV_H YES #include /* config *********************************************************************/ #include "config.h" #ifndef CONFIG_9P_SRV_MAX_FIDS #error config.h must define CONFIG_9P_SRV_MAX_FIDS #endif #ifndef CONFIG_9P_SRV_MAX_REQS #error config.h must define CONFIG_9P_SRV_MAX_REQS #endif #ifndef CONFIG_9P_SRV_MAX_DEPTH /* 1=just the root dir, 2=just files in the root dir, 3=1 subdir, ... */ #error config.h must define CONFIG_9P_SRV_MAX_DEPTH #endif #ifndef CONFIG_9P_SRV_MAX_MSG_SIZE #error config.h must define CONFIG_9P_SRV_MAX_MSG_SIZE #endif #ifndef CONFIG_9P_SRV_MAX_HOSTMSG_SIZE #error config.h must define CONFIG_9P_SRV_MAX_HOSTMSG_SIZE #endif static_assert(CONFIG_9P_SRV_MAX_MSG_SIZE <= CONFIG_9P_SRV_MAX_HOSTMSG_SIZE); static_assert(CONFIG_9P_SRV_MAX_HOSTMSG_SIZE <= SSIZE_MAX); /* context ********************************************************************/ bool lib9p_srv_flush_requested(struct lib9p_srv_ctx *ctx) { assert(ctx); return _lib9p_srv_flushch_can_send(&ctx->flushch); } void lib9p_srv_acknowledge_flush(struct lib9p_srv_ctx *ctx) { assert(ctx); assert(_lib9p_srv_flushch_can_send(&ctx->flushch)); lib9p_error(&ctx->basectx, LINUX_ECANCELED, "request canceled by flush"); _lib9p_srv_flushch_send(&ctx->flushch, true); } /* structs ********************************************************************/ enum srv_filetype { SRV_FILETYPE_FILE, SRV_FILETYPE_DIR, SRV_FILETYPE_AUTH, }; /* path *****************************************/ typedef typeof( ((struct lib9p_qid){}).path ) srv_path_t; struct srv_pathinfo { lo_interface lib9p_srv_file file; enum srv_filetype type; srv_path_t parent_dir; /* References from other srv_pathinfos (via .parent_dir) or * from FIDs. */ unsigned int gc_refcount; /* References from fids with FIDFLAG_OPEN_R/FIDFLAG_OPEN_W. */ unsigned int io_refcount; }; /* fid ******************************************/ #define FIDFLAG_OPEN_R (1<<0) #define FIDFLAG_OPEN_W (1<<1) #define FIDFLAG_RCLOSE (1<<2) #define FIDFLAG_OPEN (FIDFLAG_OPEN_R|FIDFLAG_OPEN_W) struct srv_fidinfo { srv_path_t path; uint8_t flags; enum srv_filetype type; union { struct { lo_interface lib9p_srv_fio io; } file; struct { lo_interface lib9p_srv_dio io; size_t idx; uint64_t off; } dir; }; }; /* contexts ************************************** * * The hierarchy of contexts is: * * server -> connection -> session -> request * */ /* struct lib9p_srv {} is defined in */ struct srv_conn { /* immutable */ struct lib9p_srv *parent_srv; lo_interface net_stream_conn fd; cid_t reader; /* the lib9p_srv_read_cr() coroutine */ /* mutable */ cr_mutex_t writelock; }; #define srv_sess _lib9p_srv_sess MAP_DECLARE(srv_pathmap, srv_path_t, struct srv_pathinfo); MAP_DECLARE(srv_fidmap, lib9p_fid_t, struct srv_fidinfo); MAP_DECLARE(srv_reqmap, lib9p_tag_t, struct lib9p_srv_ctx *); struct srv_sess { /* immutable */ struct srv_conn *parent_conn; enum lib9p_version version; uint32_t max_msg_size; /* mutable */ bool initialized; bool closing; struct srv_pathmap paths; /* srv_path_t => `lib9p_srv_file` + metadata */ struct srv_fidmap fids; /* lib9p_fid_t => `lib9p_srv_{fio,dio}` + metadata */ struct srv_reqmap reqs; /* lib9p_tag_t => `struct srv_req *` */ }; #define srv_req lib9p_srv_ctx /* struct lib9p_srv_ctx {} is defined in */ /* utilities for the above types **********************************************/ static inline enum srv_filetype srv_qid_filetype(struct lib9p_qid qid) { if (qid.type & LIB9P_QT_AUTH) return SRV_FILETYPE_AUTH; if (qid.type & LIB9P_QT_DIR) return SRV_FILETYPE_DIR; return SRV_FILETYPE_FILE; } static inline bool srv_check_perm(struct srv_req *ctx, struct lib9p_stat *stat, uint8_t action) { assert(ctx); assert(stat); assert(action); /* TODO actually check user and group instead of just assuming "other". */ uint8_t mode = (uint8_t)(stat->file_mode & 07); return mode & action; } /** * Ensures that `file` is saved into the pathmap, and increments the * gc_refcount by 1 (for presumptive insertion into the fidmap). * parent_path's gc_refcount is also incremented as appropriate. * * Returns a pointer to the stored pathinfo. */ static inline struct srv_pathinfo *srv_path_save(struct srv_req *ctx, lo_interface lib9p_srv_file file, srv_path_t parent_path) { assert(ctx); assert(!LO_IS_NULL(file)); struct lib9p_qid qid = LO_CALL(file, qid); struct srv_pathinfo *pathinfo = map_load(&ctx->parent_sess->paths, qid.path); if (pathinfo) assert(LO_EQ(pathinfo->file, file)); else { pathinfo = map_store(&ctx->parent_sess->paths, qid.path, (struct srv_pathinfo){ .file = file, .type = srv_qid_filetype(qid), .parent_dir = parent_path, .gc_refcount = 0, .io_refcount = 0, }); assert(pathinfo); if (parent_path != qid.path) { struct srv_pathinfo *parent = map_load(&ctx->parent_sess->paths, parent_path); assert(parent); parent->gc_refcount++; } } pathinfo->gc_refcount++; return pathinfo; } /** * Decrement the path's gc_refcount, and trigger garbage collection as * appropriate. */ static inline void srv_path_decref(struct srv_req *ctx, srv_path_t path) { assert(ctx); struct srv_pathinfo *pathinfo = map_load(&ctx->parent_sess->paths, path); assert(pathinfo); pathinfo->gc_refcount--; if (pathinfo->gc_refcount == 0) { if (pathinfo->parent_dir != path) srv_path_decref(ctx, pathinfo->parent_dir); LO_CALL(pathinfo->file, free); map_del(&ctx->parent_sess->paths, path); } } static inline void srv_fid_del(struct srv_req *ctx, lib9p_fid_t fid, bool remove) { struct srv_fidinfo *fidinfo = map_load(&ctx->parent_sess->fids, fid); if (!fidinfo) { lib9p_errorf(&ctx->basectx, LINUX_EBADF, "bad file number %"PRIu32, fid); return; } if (fidinfo->flags & FIDFLAG_RCLOSE) remove = true; struct srv_pathinfo *pathinfo = map_load(&ctx->parent_sess->paths, fidinfo->path); assert(pathinfo); if (remove) { if (pathinfo->parent_dir == fidinfo->path) { lib9p_errorf(&ctx->basectx, LINUX_EBUSY, "cannot remove root"); goto clunk; } struct srv_pathinfo *parent = map_load(&ctx->parent_sess->paths, pathinfo->parent_dir); assert(parent); struct lib9p_stat parent_stat = LO_CALL(parent->file, stat, ctx); if (!srv_check_perm(ctx, &parent_stat, 0b010)) { lib9p_error(&ctx->basectx, LINUX_EACCES, "remove: you do not have write permission on the parent directory"); goto clunk; } LO_CALL(pathinfo->file, remove, ctx); } clunk: if (fidinfo->flags & FIDFLAG_OPEN) { switch (fidinfo->type) { case SRV_FILETYPE_DIR: LO_CALL(fidinfo->dir.io, iofree); break; case SRV_FILETYPE_FILE: LO_CALL(fidinfo->file.io, iofree); break; case SRV_FILETYPE_AUTH: assert_notreached("TODO: auth not yet implemented"); break; } pathinfo->io_refcount--; } srv_path_decref(ctx, LO_CALL(pathinfo->file, qid).path); map_del(&ctx->parent_sess->fids, fid); } /** * Store fid as pointing to pathinfo. Assumes that * pathinfo->gc_refcount has already been incremented; does *not* * decrement it on failure. */ static struct srv_fidinfo *srv_fid_store(struct srv_req *ctx, lib9p_fid_t fid, struct srv_pathinfo *pathinfo, bool overwrite) { assert(ctx); assert(fid != LIB9P_FID_NOFID); assert(pathinfo); struct lib9p_qid qid = LO_CALL(pathinfo->file, qid); if (map_load(&ctx->parent_sess->fids, fid)) { if (overwrite) { srv_fid_del(ctx, fid, false); } else { lib9p_error(&ctx->basectx, LINUX_EBADF, "FID already in use"); return NULL; } } struct srv_fidinfo *fidinfo = map_store(&ctx->parent_sess->fids, fid, (struct srv_fidinfo){ .path = qid.path, .type = srv_qid_filetype(qid), }); assert(fidinfo); return fidinfo; } /* base utilities *************************************************************/ static void srv_msglog(struct srv_req *req, enum lib9p_msg_type typ, void *hostmsg) { struct lib9p_srv *srv = req->parent_sess->parent_conn->parent_srv; if (srv->msglog) { srv->msglog(req, typ, hostmsg); return; } /* It sucks that %v trips -Wformat and -Wformat-extra-args * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=47781 */ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wformat" #pragma GCC diagnostic ignored "-Wformat-extra-args" infof("%c %v", typ % 2 ? '<' : '>', lo_box_lib9p_msg_as_fmt_formatter(&req->basectx, typ, hostmsg)); #pragma GCC diagnostic pop } static ssize_t srv_write_Rmsg(struct srv_req *req, struct lib9p_Rmsg_send_buf *resp) { ssize_t r; cr_mutex_lock(&req->parent_sess->parent_conn->writelock); r = io_writev(req->parent_sess->parent_conn->fd, resp->iov, resp->iov_cnt); cr_mutex_unlock(&req->parent_sess->parent_conn->writelock); return r; } #define srv_nonrespond_errorf errorf static void srv_respond_error(struct srv_req *req) { #if CONFIG_9P_ENABLE_9P2000_u assert(req->basectx.err_num); #endif assert(req->basectx.err_msg[0]); ssize_t r; struct lib9p_msg_Rerror host = { .tag = req->tag, .errstr = lib9p_strn(req->basectx.err_msg, CONFIG_9P_MAX_ERR_SIZE), #if CONFIG_9P_ENABLE_9P2000_u .errnum = req->basectx.err_num, #endif }; struct srv_sess *sess = req->parent_sess; /* XXX: This assumes that a version's min_msg_size is the * Rerror overhead. That's true for the current * implementation of protogen, but is a sneaky assumption. */ uint32_t overhead = lib9p_version_min_msg_size(sess->version); /* Truncate the error-string if necessary to avoid needing to * return LINUX_ERANGE. */ if (((uint32_t)host.errstr.len) + overhead > sess->max_msg_size) host.errstr.len = sess->max_msg_size - overhead; struct lib9p_Rmsg_send_buf net; lib9p_Rmsg_marshal(&req->basectx, LIB9P_TYP_Rerror, &host, &net); srv_msglog(req, LIB9P_TYP_Rerror, &host); r = srv_write_Rmsg(req, &net); if (r < 0) srv_nonrespond_errorf("write: %s", net_strerror(-r)); } /* read coroutine *************************************************************/ static inline bool srv_read_exactly(lo_interface net_stream_conn fd, uint8_t *buf, size_t goal, size_t *done) { assert(buf); assert(goal); assert(done); while (*done < goal) { ssize_t r = io_read(fd, &buf[*done], goal - *done); if (r < 0) { srv_nonrespond_errorf("read: %s", net_strerror(-r)); return true; } else if (r == 0) { if (*done != 0) srv_nonrespond_errorf("read: unexpected EOF"); return true; } *done += r; } return false; } void lib9p_srv_accept_and_read_loop(struct lib9p_srv *srv, lo_interface net_stream_listener listener) { assert(srv); assert(srv->rootdir); assert(!LO_IS_NULL(listener)); srv->readers++; for (;;) { lo_interface net_stream_conn conn = LO_CALL(listener, accept); if (LO_IS_NULL(conn)) { srv_nonrespond_errorf("accept: error"); srv->readers--; if (srv->readers == 0) while (srv->writers > 0) _lib9p_srv_reqch_send_req(&srv->_reqch, NULL); return; } lib9p_srv_read(srv, conn); } } static void handle_message(struct srv_req *ctx); void lib9p_srv_read(struct lib9p_srv *srv, lo_interface net_stream_conn _conn) { assert(srv); assert(srv->rootdir); assert(!LO_IS_NULL(_conn)); struct srv_conn conn = { .parent_srv = srv, .fd = _conn, .reader = cr_getcid(), }; struct srv_sess sess = { .parent_conn = &conn, .version = LIB9P_VER_unknown, .max_msg_size = CONFIG_9P_SRV_MAX_MSG_SIZE, .initialized = false, }; for (;;) { /* Read the message. */ size_t done = 0; uint8_t buf[7]; if (srv_read_exactly(conn.fd, buf, 4, &done)) break; size_t goal = uint32le_decode(buf); if (goal < 7) { srv_nonrespond_errorf("T-message is impossibly small"); break; } if (srv_read_exactly(conn.fd, buf, 7, &done)) break; struct lib9p_srv_authinfo authinfo = {}; struct srv_req req = { .basectx = { .version = sess.version, .max_msg_size = sess.max_msg_size, }, .authinfo = &authinfo, .parent_sess = &sess, .tag = uint16le_decode(&buf[5]), .net_bytes = buf, }; if (goal > sess.max_msg_size) { lib9p_errorf(&req.basectx, LINUX_EMSGSIZE, "T-message larger than %s limit (%zu > %"PRIu32")", sess.initialized ? "negotiated" : "server", goal, sess.max_msg_size); srv_respond_error(&req); continue; } req.net_bytes = malloc(goal); assert(req.net_bytes); memcpy(req.net_bytes, buf, done); if (srv_read_exactly(conn.fd, req.net_bytes, goal, &done)) { free(req.net_bytes); break; } /* Handle the message... */ if (req.net_bytes[4] == LIB9P_TYP_Tversion) /* ...in this coroutine for Tversion, */ handle_message(&req); else /* ...but usually in another coroutine. */ _lib9p_srv_reqch_send_req(&srv->_reqch, &req); } if (map_len(&sess.reqs) == 0) io_close(conn.fd); else { io_close_read(conn.fd); sess.closing = true; cr_pause_and_yield(); assert(map_len(&sess.reqs) == 0); io_close_write(conn.fd); } assert(map_len(&sess.reqs) == 0); map_free(&sess.reqs); MAP_FOREACH(&sess.fids, fid, fidinfo) { struct srv_req req = { .basectx = { .version = sess.version, .max_msg_size = sess.max_msg_size, }, .parent_sess = &sess, }; srv_fid_del(&req, fid, false); if (lib9p_ctx_has_error(&req.basectx)) errorf("clunk: %.*s", CONFIG_9P_MAX_ERR_SIZE, req.basectx.err_msg); } map_free(&sess.fids); assert(map_len(&sess.paths) == 0); map_free(&sess.paths); } /* write coroutine ************************************************************/ void lib9p_srv_worker_loop(struct lib9p_srv *srv) { struct srv_req req; _lib9p_srv_reqch_req_t rpc_handle; assert(srv); assert(srv->rootdir); srv->writers++; for (;;) { /* Receive the request from the reader coroutine. ************/ rpc_handle = _lib9p_srv_reqch_recv_req(&srv->_reqch); if (!rpc_handle.req) { srv->writers--; _lib9p_srv_reqch_send_resp(rpc_handle, 0); return; } /* Copy the request from the reader coroutine's * stack to our stack. */ req = *rpc_handle.req; /* Record that we have it. */ struct srv_req **reqpp = map_store(&req.parent_sess->reqs, req.tag, &req); assert(reqpp && *reqpp == &req); /* Notify the reader coroutine that we're done with * its data. */ _lib9p_srv_reqch_send_resp(rpc_handle, 0); /* Process the request. **************************************/ handle_message(&req); /* Release resources. ****************************************/ while (_lib9p_srv_flushch_can_send(&req.flushch)) _lib9p_srv_flushch_send(&req.flushch, false); map_del(&req.parent_sess->reqs, req.tag); if (req.parent_sess->closing && !map_len(&req.parent_sess->reqs)) cr_unpause(req.parent_sess->parent_conn->reader); } } #define _HANDLER_PROTO(typ) \ static void handle_T##typ(struct srv_req *, \ struct lib9p_msg_T##typ *, \ struct lib9p_msg_R##typ *) _HANDLER_PROTO(version); _HANDLER_PROTO(auth); _HANDLER_PROTO(attach); _HANDLER_PROTO(flush); _HANDLER_PROTO(walk); _HANDLER_PROTO(open); _HANDLER_PROTO(create); _HANDLER_PROTO(read); _HANDLER_PROTO(write); _HANDLER_PROTO(clunk); _HANDLER_PROTO(remove); _HANDLER_PROTO(stat); _HANDLER_PROTO(wstat); #if CONFIG_9P_ENABLE_9P2000_e _HANDLER_PROTO(session); _HANDLER_PROTO(sread); _HANDLER_PROTO(swrite); #endif typedef void (*tmessage_handler)(struct srv_req *, void *, void *); static tmessage_handler tmessage_handlers[0x100] = { [LIB9P_TYP_Tversion] = (tmessage_handler)handle_Tversion, [LIB9P_TYP_Tauth] = (tmessage_handler)handle_Tauth, [LIB9P_TYP_Tattach] = (tmessage_handler)handle_Tattach, [LIB9P_TYP_Tflush] = (tmessage_handler)handle_Tflush, [LIB9P_TYP_Twalk] = (tmessage_handler)handle_Twalk, [LIB9P_TYP_Topen] = (tmessage_handler)handle_Topen, [LIB9P_TYP_Tcreate] = (tmessage_handler)handle_Tcreate, [LIB9P_TYP_Tread] = (tmessage_handler)handle_Tread, [LIB9P_TYP_Twrite] = (tmessage_handler)handle_Twrite, [LIB9P_TYP_Tclunk] = (tmessage_handler)handle_Tclunk, [LIB9P_TYP_Tremove] = (tmessage_handler)handle_Tremove, [LIB9P_TYP_Tstat] = (tmessage_handler)handle_Tstat, [LIB9P_TYP_Twstat] = (tmessage_handler)handle_Twstat, #if CONFIG_9P_ENABLE_9P2000_e [LIB9P_TYP_Tsession] = (tmessage_handler)handle_Tsession, [LIB9P_TYP_Tsread] = (tmessage_handler)handle_Tsread, [LIB9P_TYP_Tswrite] = (tmessage_handler)handle_Tswrite, #endif }; static void handle_message(struct srv_req *ctx) { uint8_t *host_req = NULL; uint8_t host_resp[CONFIG_9P_SRV_MAX_HOSTMSG_SIZE]; /* Unmarshal it. */ ssize_t host_size = lib9p_Tmsg_validate(&ctx->basectx, ctx->net_bytes); if (host_size < 0) goto write; host_req = calloc(1, host_size); assert(host_req); enum lib9p_msg_type typ; lib9p_Tmsg_unmarshal(&ctx->basectx, ctx->net_bytes, &typ, host_req); srv_msglog(ctx, typ, host_req); /* Handle it. */ tmessage_handlers[typ](ctx, (void *)host_req, (void *)host_resp); write: if (lib9p_ctx_has_error(&ctx->basectx)) srv_respond_error(ctx); else { struct lib9p_Rmsg_send_buf net_resp; if (lib9p_Rmsg_marshal(&ctx->basectx, typ+1, host_resp, &net_resp)) goto write; srv_msglog(ctx, typ+1, &host_resp); srv_write_Rmsg(ctx, &net_resp); } if (host_req) free(host_req); free(ctx->net_bytes); } /* handle_T* ******************************************************************/ #define srv_handler_common(ctx, req, resp) do { \ assert(ctx); \ assert(req); \ assert(resp); \ resp->tag = req->tag; \ } while (0) static void handle_Tversion(struct srv_req *ctx, struct lib9p_msg_Tversion *req, struct lib9p_msg_Rversion *resp) { srv_handler_common(ctx, req, resp); enum lib9p_version version = LIB9P_VER_unknown; if (req->version.len >= 6 && req->version.utf8[0] == '9' && req->version.utf8[1] == 'P' && '0' <= req->version.utf8[2] && req->version.utf8[2] <= '9' && '0' <= req->version.utf8[3] && req->version.utf8[3] <= '9' && '0' <= req->version.utf8[4] && req->version.utf8[4] <= '9' && '0' <= req->version.utf8[5] && req->version.utf8[5] <= '9' && (req->version.len == 6 || req->version.utf8[6] == '.')) { version = LIB9P_VER_9P2000; #if CONFIG_9P_ENABLE_9P2000_u if (lib9p_str_eq(lib9p_str_sliceleft(req->version, 6), lib9p_str(".u"))) version = LIB9P_VER_9P2000_u; #endif #if CONFIG_9P_ENABLE_9P2000_e if (lib9p_str_eq(lib9p_str_sliceleft(req->version, 6), lib9p_str(".e"))) version = LIB9P_VER_9P2000_e; #endif } uint32_t min_msg_size = lib9p_version_min_msg_size(version); if (req->max_msg_size < min_msg_size) { lib9p_errorf(&ctx->basectx, LINUX_EDOM, "requested max_msg_size is less than minimum for %s (%"PRIu32" < %"PRIu32")", lib9p_version_str(version), req->max_msg_size, min_msg_size); return; } resp->version = lib9p_str((char *)lib9p_version_str(version)); /* cast to discard "const" qualifier */ resp->max_msg_size = (CONFIG_9P_SRV_MAX_MSG_SIZE < req->max_msg_size) ? CONFIG_9P_SRV_MAX_MSG_SIZE : req->max_msg_size; /* Close the old session. */ if (map_len(&ctx->parent_sess->reqs)) { /* Flush all in-progress requests, and wait for them * to finish. */ struct cr_select_arg *list = alloca(sizeof(struct cr_select_arg) * map_len(&ctx->parent_sess->reqs)); while (map_len(&ctx->parent_sess->reqs)) { size_t i = 0; bool flushed; MAP_FOREACH(&ctx->parent_sess->reqs, tag, reqpp) { list[i] = CR_SELECT_RECV(&((*reqpp)->flushch), &flushed); } assert(i == map_len(&ctx->parent_sess->reqs)); cr_select_v(i, list); } } if (map_len(&ctx->parent_sess->fids)) { /* Close all FIDs. */ MAP_FOREACH(&ctx->parent_sess->fids, fid, fidinfo) { handle_Tclunk(ctx, &(struct lib9p_msg_Tclunk){.fid = fid}, &(struct lib9p_msg_Rclunk){}); } } /* Replace the old session with the new session. */ ctx->parent_sess->version = version; ctx->parent_sess->max_msg_size = resp->max_msg_size; } static void handle_Tauth(struct srv_req *ctx, struct lib9p_msg_Tauth *req, struct lib9p_msg_Rauth *resp) { srv_handler_common(ctx, req, resp); ctx->authinfo->uid = req->n_uid; ctx->authinfo->uname = req->uname; struct lib9p_srv *srv = ctx->parent_sess->parent_conn->parent_srv; if (!srv->auth) { lib9p_error(&ctx->basectx, LINUX_EOPNOTSUPP, "authentication not required"); return; } srv->auth(ctx, req->aname); lib9p_error(&ctx->basectx, LINUX_EOPNOTSUPP, "TODO: auth not implemented"); } static void handle_Tattach(struct srv_req *ctx, struct lib9p_msg_Tattach *req, struct lib9p_msg_Rattach *resp) { srv_handler_common(ctx, req, resp); ctx->authinfo->uid = req->n_uid; ctx->authinfo->uname = req->uname; struct lib9p_srv *srv = ctx->parent_sess->parent_conn->parent_srv; if (srv->auth) { /* struct lib9p_srv_filehandle *fh = map_get(req->afid); if (!fh) lib9p_error(&ctx->basectx, LINUX_EACCES, "FID provided as auth-file is not a valid FID"); else if (fh->type != FH_AUTH) lib9p_error(&ctx->basectx, LINUX_EACCES, "FID provided as auth-file is not an auth-file"); else if (!lib9p_str_eq(fh->data.auth.uname, req->uname)) lib9p_errorf(&ctx->basectx, LINUX_EACCES, "FID provided as auth-file is for user=\"%.*s\" and cannot be used for user=\"%.*s\"", fh->data.auth.uname.len, fh->data.auth.uname.utf8, req->uname.len, req->uname.utf8); else if (!lib9p_str_eq(fh->data.auth.aname, req->aname)) lib9p_errorf(&ctx->basectx, LINUX_EACCES, "FID provided as auth-file is for tree=\"%.*s\" and cannot be used for tree=\"%.*s\"", fh->data.auth.aname.len, fh->data.auth.aname.utf8, req->aname.len, req->aname.utf8); else if (!fh->data.auth.authenticated) lib9p_error(&ctx->basectx, LINUX_EACCES, "FID provided as auth-file has not completed authentication"); fh->refcount--; if (lib9p_ctx_has_error(&ctx->ctx)) return; */ lib9p_error(&ctx->basectx, LINUX_EOPNOTSUPP, "TODO: auth not (yet?) implemented"); return; } else { if (req->afid != LIB9P_FID_NOFID) { lib9p_error(&ctx->basectx, LINUX_EACCES, "FID provided as auth-file, but no auth-file is required"); return; } } if (req->fid == LIB9P_FID_NOFID) { lib9p_error(&ctx->basectx, LINUX_EBADF, "cannot assign to NOFID"); return; } /* 1. File object */ lo_interface lib9p_srv_file root_file = srv->rootdir(ctx, req->aname); assert(LO_IS_NULL(root_file) == lib9p_ctx_has_error(&ctx->basectx)); if (lib9p_ctx_has_error(&ctx->basectx)) return; struct lib9p_qid root_qid = LO_CALL(root_file, qid); assert(srv_qid_filetype(root_qid) == SRV_FILETYPE_DIR); /* 2. pathinfo */ struct srv_pathinfo *root_pathinfo = srv_path_save(ctx, root_file, root_qid.path); /* 3. fidinfo */ if (!srv_fid_store(ctx, req->fid, root_pathinfo, false)) { srv_path_decref(ctx, root_qid.path); return; } resp->qid = root_qid; return; } static void handle_Tflush(struct srv_req *ctx, struct lib9p_msg_Tflush *req, struct lib9p_msg_Rflush *resp) { srv_handler_common(ctx, req, resp); struct srv_req **oldreqp = map_load(&ctx->parent_sess->reqs, req->oldtag); if (oldreqp) _lib9p_srv_flushch_recv(&((*oldreqp)->flushch)); } static void handle_Twalk(struct srv_req *ctx, struct lib9p_msg_Twalk *req, struct lib9p_msg_Rwalk *resp) { srv_handler_common(ctx, req, resp); if (req->newfid == LIB9P_FID_NOFID) { lib9p_error(&ctx->basectx, LINUX_EBADF, "cannot assign to NOFID"); return; } struct srv_fidinfo *fidinfo = map_load(&ctx->parent_sess->fids, req->fid); if (!fidinfo) { lib9p_errorf(&ctx->basectx, LINUX_EBADF, "bad file number %"PRIu32, req->fid); return; } struct srv_pathinfo *pathinfo = map_load(&ctx->parent_sess->paths, fidinfo->path); assert(pathinfo); pathinfo->gc_refcount++; resp->wqid = (struct lib9p_qid *)(&resp[1]); for (resp->nwqid = 0; resp->nwqid < req->nwname; resp->nwqid++) { struct srv_pathinfo *new_pathinfo; if (lib9p_str_eq(req->wname[resp->nwqid], lib9p_str(".."))) { new_pathinfo = map_load(&ctx->parent_sess->paths, pathinfo->parent_dir); assert(new_pathinfo); new_pathinfo->gc_refcount++; } else { if (pathinfo->type != SRV_FILETYPE_DIR) { lib9p_error(&ctx->basectx, LINUX_ENOTDIR, "not a directory"); break; } lo_interface lib9p_srv_file member_file = LO_CALL(pathinfo->file, dwalk, ctx, req->wname[resp->nwqid]); assert(LO_IS_NULL(member_file) == lib9p_ctx_has_error(&ctx->basectx)); if (lib9p_ctx_has_error(&ctx->basectx)) break; new_pathinfo = srv_path_save(ctx, member_file, LO_CALL(pathinfo->file, qid).path); } if (new_pathinfo->type == SRV_FILETYPE_DIR) { struct lib9p_stat stat = LO_CALL(new_pathinfo->file, stat, ctx); if (lib9p_ctx_has_error(&ctx->basectx)) break; lib9p_stat_assert(stat); if (!srv_check_perm(ctx, &stat, 0b001)) { lib9p_error(&ctx->basectx, LINUX_EACCES, "you do not have execute permission on that directory"); srv_path_decref(ctx, LO_CALL(new_pathinfo->file, qid).path); break; } } resp->wqid[resp->nwqid] = LO_CALL(new_pathinfo->file, qid); srv_path_decref(ctx, LO_CALL(pathinfo->file, qid).path); pathinfo = new_pathinfo; } if (resp->nwqid == req->nwname) { if (!srv_fid_store(ctx, req->newfid, pathinfo, req->newfid == req->fid)) srv_path_decref(ctx, LO_CALL(pathinfo->file, qid).path); } else { assert(lib9p_ctx_has_error(&ctx->basectx)); srv_path_decref(ctx, LO_CALL(pathinfo->file, qid).path); if (resp->nwqid > 0) lib9p_ctx_clear_error(&ctx->basectx); } } static void handle_Topen(struct srv_req *ctx, struct lib9p_msg_Topen *req, struct lib9p_msg_Ropen *resp) { srv_handler_common(ctx, req, resp); /* Check that the FID is valid for this. */ struct srv_fidinfo *fidinfo = map_load(&ctx->parent_sess->fids, req->fid); if (!fidinfo) { lib9p_errorf(&ctx->basectx, LINUX_EBADF, "bad file number %"PRIu32, req->fid); return; } if (fidinfo->flags & FIDFLAG_OPEN) { lib9p_error(&ctx->basectx, LINUX_EALREADY, "FID is already open"); return; } if (fidinfo->type == SRV_FILETYPE_DIR) { if ( ((req->mode & LIB9P_O_MODE_MASK) != LIB9P_O_MODE_READ) || (req->mode & LIB9P_O_TRUNC) || (req->mode & LIB9P_O_RCLOSE) ) { lib9p_error(&ctx->basectx, LINUX_EISDIR, "directories cannot be written, executed, truncated, or removed-on-close"); return; } } /* Variables. */ lib9p_o_t reqmode = req->mode; uint8_t fidflags = fidinfo->flags; struct srv_pathinfo *pathinfo = map_load(&ctx->parent_sess->paths, fidinfo->path); assert(pathinfo); /* Check permissions. */ if (reqmode & LIB9P_O_RCLOSE) { struct srv_pathinfo *parent = map_load(&ctx->parent_sess->paths, pathinfo->parent_dir); assert(parent); struct lib9p_stat parent_stat = LO_CALL(parent->file, stat, ctx); if (lib9p_ctx_has_error(&ctx->basectx)) return; lib9p_stat_assert(parent_stat); if (!srv_check_perm(ctx, &parent_stat, 0b010)) { lib9p_error(&ctx->basectx, LINUX_EACCES, "permission denied to remove-on-close"); return; } fidflags |= FIDFLAG_RCLOSE; } struct lib9p_stat stat = LO_CALL(pathinfo->file, stat, ctx); if (lib9p_ctx_has_error(&ctx->basectx)) return; lib9p_stat_assert(stat); if ((stat.file_mode & LIB9P_DM_EXCL) && pathinfo->io_refcount) { lib9p_error(&ctx->basectx, LINUX_EEXIST, "exclusive file is already opened"); return; } if (stat.file_mode & LIB9P_DM_APPEND) reqmode = reqmode & ~LIB9P_O_TRUNC; uint8_t perm_bits = 0; bool rd = false, wr = false; switch (reqmode & LIB9P_O_MODE_MASK) { case LIB9P_O_MODE_READ: perm_bits = 0b100; rd = true; break; case LIB9P_O_MODE_WRITE: perm_bits = 0b010; wr = true; break; case LIB9P_O_MODE_RDWR: perm_bits = 0b110; rd = wr = true; break; case LIB9P_O_MODE_EXEC: perm_bits = 0b001; rd = true; break; } if (!srv_check_perm(ctx, &stat, perm_bits)) { lib9p_error(&ctx->basectx, LINUX_EACCES, "permission denied"); return; } /* Actually make the call. */ uint32_t iounit; struct lib9p_qid qid; switch (pathinfo->type) { case SRV_FILETYPE_DIR: fidinfo->dir.io = LO_CALL(pathinfo->file, dopen, ctx); assert(LO_IS_NULL(fidinfo->dir.io) == lib9p_ctx_has_error(&ctx->basectx)); if (lib9p_ctx_has_error(&ctx->basectx)) return; fidinfo->dir.idx = 0; fidinfo->dir.off = 0; qid = LO_CALL(fidinfo->dir.io, qid); iounit = 0; break; case SRV_FILETYPE_FILE: fidinfo->file.io = LO_CALL(pathinfo->file, fopen, ctx, rd, wr, reqmode & LIB9P_O_TRUNC); assert(LO_IS_NULL(fidinfo->file.io) == lib9p_ctx_has_error(&ctx->basectx)); if (lib9p_ctx_has_error(&ctx->basectx)) return; qid = LO_CALL(fidinfo->file.io, qid); iounit = LO_CALL(fidinfo->file.io, iounit); break; case SRV_FILETYPE_AUTH: assert_notreached("TODO: auth not yet implemented"); break; default: assert_notreached("invalid srv_filetype"); break; } /* Success. */ if (rd) fidflags |= FIDFLAG_OPEN_R; if (wr) fidflags |= FIDFLAG_OPEN_W; pathinfo->io_refcount++; fidinfo->flags = fidflags; resp->qid = qid; resp->iounit = iounit; } static void handle_Tcreate(struct srv_req *ctx, struct lib9p_msg_Tcreate *req, struct lib9p_msg_Rcreate *resp) { srv_handler_common(ctx, req, resp); lib9p_error(&ctx->basectx, LINUX_EOPNOTSUPP, "create not (yet?) implemented"); } static void handle_Tread(struct srv_req *ctx, struct lib9p_msg_Tread *req, struct lib9p_msg_Rread *resp) { srv_handler_common(ctx, req, resp); /* TODO: serialize simultaneous reads to the same FID */ /* Check that the FID is valid for this. */ struct srv_fidinfo *fidinfo = map_load(&ctx->parent_sess->fids, req->fid); if (!fidinfo) { lib9p_errorf(&ctx->basectx, LINUX_EBADF, "bad file number %"PRIu32, req->fid); return; } if (!(fidinfo->flags & FIDFLAG_OPEN_R)) { lib9p_error(&ctx->basectx, LINUX_EINVAL, "FID not open for reading"); return; } /* Do it. */ switch (fidinfo->type) { case SRV_FILETYPE_DIR: /* Translate byte-offset to object-index. */ size_t idx; if (req->offset == 0) idx = 0; else if (req->offset == fidinfo->dir.off) idx = fidinfo->dir.idx; else { lib9p_errorf(&ctx->basectx, LINUX_EINVAL, "invalid offset (must be 0 or %"PRIu64"): %"PRIu64, fidinfo->dir.off, req->offset); return; } /* Do it. */ resp->data = (char *)(&resp[1]); size_t num = LO_CALL(fidinfo->dir.io, dread, ctx, (uint8_t *)resp->data, req->count, idx); /* Translate object-count back to byte-count. */ uint32_t len = 0; for (size_t i = 0; i < num; i++) { uint32_t i_len; lib9p_stat_validate(&ctx->basectx, req->count, &((uint8_t *)resp->data)[len], &i_len, NULL); len += i_len; } resp->count = len; /* Remember. */ fidinfo->dir.idx = idx+num; fidinfo->dir.off = req->offset + len; break; case SRV_FILETYPE_FILE: struct iovec iov; LO_CALL(fidinfo->file.io, pread, ctx, req->count, req->offset, &iov); if (!lib9p_ctx_has_error(&ctx->basectx)) { resp->count = iov.iov_len; resp->data = iov.iov_base; if (resp->count > req->count) resp->count = req->count; } break; case SRV_FILETYPE_AUTH: assert_notreached("TODO: auth not yet implemented"); break; } } static void handle_Twrite(struct srv_req *ctx, struct lib9p_msg_Twrite *req, struct lib9p_msg_Rwrite *resp) { srv_handler_common(ctx, req, resp); /* TODO: serialize simultaneous writes to the same FID */ /* Check that the FID is valid for this. */ struct srv_fidinfo *fidinfo = map_load(&ctx->parent_sess->fids, req->fid); if (!fidinfo) { lib9p_errorf(&ctx->basectx, LINUX_EBADF, "bad file number %"PRIu32, req->fid); return; } if (!(fidinfo->flags & FIDFLAG_OPEN_W)) { lib9p_error(&ctx->basectx, LINUX_EINVAL, "FID not open for writing"); return; } /* Do it. */ resp->count = LO_CALL(fidinfo->file.io, pwrite, ctx, req->data, req->count, req->offset); } static void handle_Tclunk(struct srv_req *ctx, struct lib9p_msg_Tclunk *req, struct lib9p_msg_Rclunk *resp) { srv_handler_common(ctx, req, resp); srv_fid_del(ctx, req->fid, false); } static void handle_Tremove(struct srv_req *ctx, struct lib9p_msg_Tremove *req, struct lib9p_msg_Rremove *resp) { srv_handler_common(ctx, req, resp); srv_fid_del(ctx, req->fid, true); } static void handle_Tstat(struct srv_req *ctx, struct lib9p_msg_Tstat *req, struct lib9p_msg_Rstat *resp) { srv_handler_common(ctx, req, resp); struct srv_fidinfo *fidinfo = map_load(&ctx->parent_sess->fids, req->fid); if (!fidinfo) { lib9p_errorf(&ctx->basectx, LINUX_EBADF, "bad file number %"PRIu32, req->fid); return; } struct srv_pathinfo *pathinfo = map_load(&ctx->parent_sess->paths, fidinfo->path); assert(pathinfo); resp->stat = LO_CALL(pathinfo->file, stat, ctx); if (!lib9p_ctx_has_error(&ctx->basectx)) lib9p_stat_assert(resp->stat); } static void handle_Twstat(struct srv_req *ctx, struct lib9p_msg_Twstat *req, struct lib9p_msg_Rwstat *resp) { srv_handler_common(ctx, req, resp); lib9p_error(&ctx->basectx, LINUX_EOPNOTSUPP, "wstat not (yet?) implemented"); } #if CONFIG_9P_ENABLE_9P2000_e static void handle_Tsession(struct srv_req *ctx, struct lib9p_msg_Tsession *req, struct lib9p_msg_Rsession *resp) { srv_handler_common(ctx, req, resp); lib9p_error(&ctx->basectx, LINUX_EOPNOTSUPP, "session not (yet?) implemented"); } static void handle_Tsread(struct srv_req *ctx, struct lib9p_msg_Tsread *req, struct lib9p_msg_Rsread *resp) { srv_handler_common(ctx, req, resp); lib9p_error(&ctx->basectx, LINUX_EOPNOTSUPP, "sread not (yet?) implemented"); } static void handle_Tswrite(struct srv_req *ctx, struct lib9p_msg_Tswrite *req, struct lib9p_msg_Rswrite *resp) { srv_handler_common(ctx, req, resp); lib9p_error(&ctx->basectx, LINUX_EOPNOTSUPP, "swrite not (yet?) implemented"); } #endif