1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License, Version 1.0 only
6 * (the "License"). You may not use this file except in compliance
7 * with the License.
8 *
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or http://www.opensolaris.org/os/licensing.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
13 *
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
19 *
20 * CDDL HEADER END
21 */
22
23 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
24 /* All Rights Reserved */
25
26 /*
27 * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
28 * Use is subject to license terms.
29 */
30
31 #pragma ident "%Z%%M% %I% %E% SMI"
32
33 #include "mt.h"
34 #include <stdlib.h>
35 #include <stdio.h>
36 #include <string.h>
37 #include <errno.h>
38 #include <sys/stream.h>
39 #define _SUN_TPI_VERSION 2
40 #include <sys/tihdr.h>
41 #include <sys/timod.h>
42 #include <xti.h>
43 #include <signal.h>
44 #include <syslog.h>
45 #include <stropts.h>
46 #include "tx.h"
47
48 /*
49 * The following is based on XTI standard.
50 */
51 #define ALIGN_XTI_opthdr_size (sizeof (t_uscalar_t))
52
53 #define ROUNDUP_XTI_opthdr(p) (((p) +\
54 (ALIGN_XTI_opthdr_size-1)) & ~(ALIGN_XTI_opthdr_size-1))
55 #define ISALIGNED_XTI_opthdr(p) \
56 (((ulong_t)(p) & (ALIGN_XTI_opthdr_size - 1)) == 0)
57
58 int
_tx_optmgmt(int fd,const struct t_optmgmt * req,struct t_optmgmt * ret,int api_semantics)59 _tx_optmgmt(
60 int fd,
61 const struct t_optmgmt *req,
62 struct t_optmgmt *ret,
63 int api_semantics
64 )
65 {
66 int size, sv_errno;
67 struct strbuf ctlbuf;
68 struct T_optmgmt_req *optreq;
69 struct T_optmgmt_ack *optack;
70 struct _ti_user *tiptr;
71 sigset_t mask;
72 int didalloc, retlen;
73 struct t_opthdr *opt, *next_opt;
74 struct t_opthdr *opt_start, *opt_end;
75 t_uscalar_t first_opt_level;
76 t_scalar_t optlen;
77
78 if ((tiptr = _t_checkfd(fd, 0, api_semantics)) == NULL)
79 return (-1);
80
81 /*
82 * We block all signals during the TI_OPTMGMT operation
83 * as option change being done could potentially be a
84 * non-idempotent operation.
85 * Note that sig_mutex_lock() only defers signals, it does not
86 * block them, so interruptible syscalls could still get EINTR.
87 */
88 (void) thr_sigsetmask(SIG_SETMASK, &fillset, &mask);
89 sig_mutex_lock(&tiptr->ti_lock);
90
91 /*
92 * Acquire buf for use in sending/receiving of the message.
93 * Note: assumes (correctly) that ti_ctlsize is large enough
94 * to hold sizeof (struct T_bind_req)
95 */
96 if (_t_acquire_ctlbuf(tiptr, &ctlbuf, &didalloc) < 0) {
97 sv_errno = errno;
98 sig_mutex_unlock(&tiptr->ti_lock);
99 (void) thr_sigsetmask(SIG_SETMASK, &mask, NULL);
100 errno = sv_errno;
101 return (-1);
102 }
103
104 /*
105 * effective option length in local variable "optlen"
106 * Note: can change for XTI for T_ALLOPT. XTI spec states
107 * that options after the T_ALLOPT option are to be ignored
108 * therefore we trncate the option buffer there and modify
109 * the effective length accordingly later.
110 */
111 optlen = req->opt.len;
112
113 if (_T_IS_XTI(api_semantics) && (optlen > 0)) {
114 /*
115 * Verify integrity of option buffer according to
116 * XTI t_optmgmt() semantics.
117 */
118
119 if (req->opt.buf == NULL ||
120 optlen < (t_scalar_t)sizeof (struct t_opthdr)) {
121 /* option buffer should atleast have an t_opthdr */
122 t_errno = TBADOPT;
123 goto err_out;
124 }
125
126 /* LINTED pointer cast */
127 opt_start = (struct t_opthdr *)req->opt.buf;
128
129 /*
130 * XXX We interpret that an option has to start on an
131 * aligned buffer boundary. This is not very explcit in
132 * XTI spec in text but the picture in Section 6.2 shows
133 * "opt.buf" at start of buffer and in combination with
134 * text can be construed to be restricting it to start
135 * on an aligned boundary. [Whether similar restriction
136 * applies to output buffer "ret->opt.buf" is an "interesting
137 * question" but we ignore it for now as that is the problem
138 * for the application not our implementation which will
139 * does not enforce any alignment requirement.]
140 *
141 * If start of buffer is not aligned, we signal an error.
142 */
143 if (!(ISALIGNED_XTI_opthdr(opt_start))) {
144 t_errno = TBADOPT;
145 goto err_out;
146 }
147
148 /* LINTED pointer cast */
149 opt_end = (struct t_opthdr *)((char *)opt_start +
150 optlen);
151
152 /*
153 * Make sure we have enough in the message to dereference
154 * the option header.
155 */
156 if ((uchar_t *)opt_start + sizeof (struct t_opthdr)
157 > (uchar_t *)opt_end) {
158 t_errno = TBADOPT;
159 goto err_out;
160 }
161 /*
162 * If there are multiple options, they all have to be
163 * the same level (so says XTI semantics).
164 */
165 first_opt_level = opt_start->level;
166
167 for (opt = opt_start; opt < opt_end; opt = next_opt) {
168 /*
169 * Make sure we have enough in the message to
170 * dereference the option header.
171 */
172 if ((uchar_t *)opt_start + sizeof (struct t_opthdr)
173 > (uchar_t *)opt_end) {
174 t_errno = TBADOPT;
175 goto err_out;
176 }
177 /*
178 * We now compute pointer to next option in buffer
179 * 'next_opt' the next_opt computation above below
180 * 'opt->len' initialized by application which cannot
181 * be trusted. The usual value too large will be
182 * captured by the loop termination condition above.
183 * We check for the following which it will miss.
184 * (1)pointer space wraparound arithmetic overflow
185 * (2)last option in buffer with 'opt->len' being
186 * too large
187 * (only reason 'next_opt' should equal or exceed
188 * 'opt_end' for last option is roundup unless
189 * length is too-large/invalid)
190 * (3) we also enforce the XTI restriction that
191 * all options in the buffer have to be the
192 * same level.
193 */
194 /* LINTED pointer cast */
195 next_opt = (struct t_opthdr *)((uchar_t *)opt +
196 ROUNDUP_XTI_opthdr(opt->len));
197
198 if ((uchar_t *)next_opt < (uchar_t *)opt || /* (1) */
199 ((next_opt >= opt_end) &&
200 (((uchar_t *)next_opt - (uchar_t *)opt_end) >=
201 ALIGN_XTI_opthdr_size)) || /* (2) */
202 (opt->level != first_opt_level)) { /* (3) */
203 t_errno = TBADOPT;
204 goto err_out;
205 }
206
207 /*
208 * XTI semantics: options in the buffer after
209 * the T_ALLOPT option can be ignored
210 */
211 if (opt->name == T_ALLOPT) {
212 if (next_opt < opt_end) {
213 /*
214 * there are options following, ignore
215 * them and truncate input
216 */
217 optlen = (t_scalar_t)((uchar_t *)
218 next_opt - (uchar_t *)opt_start);
219 opt_end = next_opt;
220 }
221 }
222 }
223 }
224
225 /* LINTED pointer cast */
226 optreq = (struct T_optmgmt_req *)ctlbuf.buf;
227 if (_T_IS_XTI(api_semantics))
228 optreq->PRIM_type = T_OPTMGMT_REQ;
229 else
230 optreq->PRIM_type = T_SVR4_OPTMGMT_REQ;
231
232 optreq->OPT_length = optlen;
233 optreq->OPT_offset = 0;
234 optreq->MGMT_flags = req->flags;
235 size = (int)sizeof (struct T_optmgmt_req);
236
237 if (optlen) {
238 if (_t_aligned_copy(&ctlbuf, optlen, size,
239 req->opt.buf, &optreq->OPT_offset) < 0) {
240 /*
241 * Aligned copy will overflow buffer allocated
242 * based on maximum transport option size information
243 */
244 t_errno = TBADOPT;
245 goto err_out;
246 }
247 size = optreq->OPT_offset + optreq->OPT_length;
248 }
249
250 if (_t_do_ioctl(fd, ctlbuf.buf, size, TI_OPTMGMT, &retlen) < 0)
251 goto err_out;
252
253 if (retlen < (int)sizeof (struct T_optmgmt_ack)) {
254 t_errno = TSYSERR;
255 errno = EIO;
256 goto err_out;
257 }
258
259 /* LINTED pointer cast */
260 optack = (struct T_optmgmt_ack *)ctlbuf.buf;
261
262 if (_T_IS_TLI(api_semantics) || ret->opt.maxlen > 0) {
263 if (TLEN_GT_NLEN(optack->OPT_length, ret->opt.maxlen)) {
264 t_errno = TBUFOVFLW;
265 goto err_out;
266 }
267 (void) memcpy(ret->opt.buf,
268 (char *)(ctlbuf.buf + optack->OPT_offset),
269 (unsigned int) optack->OPT_length);
270 ret->opt.len = optack->OPT_length;
271 }
272
273 /*
274 * Note: TPI is not clear about what really is carries in the
275 * T_OPTMGMT_ACK MGMT_flags fields. For T_OPTMGMT_ACK in response
276 * to T_SVR4_OPTMGMT_REQ, the Internet protocols in Solaris 2.X return
277 * the result code only (T_SUCCESS). For T_OPTMGMT_ACK in response
278 * to T_OPTMGMT_REQ, currently "worst status" code required for
279 * XTI is carried from the set of options OR'd with request flag.
280 * (This can change in future and "worst status" computation done
281 * with a scan in this routine.
282 *
283 * Note: Even for T_OPTMGMT_ACK is response to T_SVR4_OPTMGMT_REQ,
284 * removing request flag should be OK though it will not be set.
285 */
286 ret->flags = optack->MGMT_flags & ~req->flags;
287
288 /*
289 * NOTE:
290 * There is no real change of state in state table for option
291 * management. The state change macro is used below only for its
292 * debugging and logging capabilities.
293 * The TLI "(mis)feature" (option management only in T_IDLE state)
294 * has been deprecated in XTI and our state table reflect updated for
295 * both TLI and XTI to reflect that.
296 * TLI semantics can be enforced by the transport providers that
297 * desire it at TPI level.
298 * There is no need to enforce this in the library since
299 * sane transport providers that do allow it (e.g TCP and it *needs*
300 * to allow it) should be allowed to work fine.
301 * The only transport providers that return TOUTSTATE for TLI
302 * t_optmgmt() are the drivers used for conformance testing to the
303 * broken TLI standard.
304 * These are /dev/{ticots,ticotsord,ticlts} used by the Sparc ABI test
305 * suite. Others are /dev/{tivc,tidg} used by the SVVS test suite.
306 */
307
308 _T_TX_NEXTSTATE(T_OPTMGMT, tiptr,
309 "t_optmgmt: invalid state event T_OPTMGMT");
310
311 if (didalloc)
312 free(ctlbuf.buf);
313 else
314 tiptr->ti_ctlbuf = ctlbuf.buf;
315 sig_mutex_unlock(&tiptr->ti_lock);
316 (void) thr_sigsetmask(SIG_SETMASK, &mask, NULL);
317 return (0);
318 /* NOTREACHED */
319
320 err_out:
321 sv_errno = errno;
322 if (didalloc)
323 free(ctlbuf.buf);
324 else
325 tiptr->ti_ctlbuf = ctlbuf.buf;
326 sig_mutex_unlock(&tiptr->ti_lock);
327 (void) thr_sigsetmask(SIG_SETMASK, &mask, NULL);
328 errno = sv_errno;
329 return (-1);
330 }
331