1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2012 Marcel Telka <marcel@telka.sk>
24 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
25 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association.
26 * Copyright 2021 Racktop Systems, Inc.
27 */
28
29 /*
30 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
31 * Use is subject to license terms.
32 */
33
34 /*
35 * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
36 */
37
38 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
39 /* All Rights Reserved */
40
41 /*
42 * Portions of this source code were derived from Berkeley 4.3 BSD
43 * under license from the Regents of the University of California.
44 */
45
46 /*
47 * Server-side remote procedure call interface.
48 *
49 * Master transport handle (SVCMASTERXPRT).
50 * The master transport handle structure is shared among service
51 * threads processing events on the transport. Some fields in the
52 * master structure are protected by locks
53 * - xp_req_lock protects the request queue:
54 * xp_req_head, xp_req_tail, xp_reqs, xp_size, xp_full, xp_enable
55 * - xp_thread_lock protects the thread (clone) counts
56 * xp_threads, xp_detached_threads, xp_wq
57 * Each master transport is registered to exactly one thread pool.
58 *
59 * Clone transport handle (SVCXPRT)
60 * The clone transport handle structure is a per-service-thread handle
61 * to the transport. The structure carries all the fields/buffers used
62 * for request processing. A service thread or, in other words, a clone
63 * structure, can be linked to an arbitrary master structure to process
64 * requests on this transport. The master handle keeps track of reference
65 * counts of threads (clones) linked to it. A service thread can switch
66 * to another transport by unlinking its clone handle from the current
67 * transport and linking to a new one. Switching is relatively inexpensive
68 * but it involves locking (master's xprt->xp_thread_lock).
69 *
70 * Pools.
71 * A pool represents a kernel RPC service (NFS, Lock Manager, etc.).
72 * Transports related to the service are registered to the service pool.
73 * Service threads can switch between different transports in the pool.
74 * Thus, each service has its own pool of service threads. The maximum
75 * number of threads in a pool is pool->p_maxthreads. This limit allows
76 * to restrict resource usage by the service. Some fields are protected
77 * by locks:
78 * - p_req_lock protects several counts and flags:
79 * p_reqs, p_size, p_walkers, p_asleep, p_drowsy, p_req_cv
80 * - p_thread_lock governs other thread counts:
81 * p_threads, p_detached_threads, p_reserved_threads, p_closing
82 *
83 * In addition, each pool contains a doubly-linked list of transports,
84 * an `xprt-ready' queue and a creator thread (see below). Threads in
85 * the pool share some other parameters such as stack size and
86 * polling timeout.
87 *
88 * Pools are initialized through the svc_pool_create() function called from
89 * the nfssys() system call. However, thread creation must be done by
90 * the userland agent. This is done by using SVCPOOL_WAIT and
91 * SVCPOOL_RUN arguments to nfssys(), which call svc_wait() and
92 * svc_do_run(), respectively. Once the pool has been initialized,
93 * the userland process must set up a 'creator' thread. This thread
94 * should park itself in the kernel by calling svc_wait(). If
95 * svc_wait() returns successfully, it should fork off a new worker
96 * thread, which then calls svc_do_run() in order to get work. When
97 * that thread is complete, svc_do_run() will return, and the user
98 * program should call thr_exit().
99 *
100 * When we try to register a new pool and there is an old pool with
101 * the same id in the doubly linked pool list (this happens when we kill
102 * and restart nfsd or lockd), then we unlink the old pool from the list
103 * and mark its state as `closing'. After that the transports can still
104 * process requests but new transports won't be registered. When all the
105 * transports and service threads associated with the pool are gone the
106 * creator thread (see below) will clean up the pool structure and exit.
107 *
108 * svc_queuereq() and svc_run().
109 * The kernel RPC server is interrupt driven. The svc_queuereq() interrupt
110 * routine is called to deliver an RPC request. The service threads
111 * loop in svc_run(). The interrupt function queues a request on the
112 * transport's queue and it makes sure that the request is serviced.
113 * It may either wake up one of sleeping threads, or ask for a new thread
114 * to be created, or, if the previous request is just being picked up, do
115 * nothing. In the last case the service thread that is picking up the
116 * previous request will wake up or create the next thread. After a service
117 * thread processes a request and sends a reply it returns to svc_run()
118 * and svc_run() calls svc_poll() to find new input.
119 *
120 * svc_poll().
121 * In order to avoid unnecessary locking, which causes performance
122 * problems, we always look for a pending request on the current transport.
123 * If there is none we take a hint from the pool's `xprt-ready' queue.
124 * If the queue had an overflow we switch to the `drain' mode checking
125 * each transport in the pool's transport list. Once we find a
126 * master transport handle with a pending request we latch the request
127 * lock on this transport and return to svc_run(). If the request
128 * belongs to a transport different than the one the service thread is
129 * linked to we need to unlink and link again.
130 *
131 * A service thread goes asleep when there are no pending
132 * requests on the transports registered on the pool's transports.
133 * All the pool's threads sleep on the same condition variable.
134 * If a thread has been sleeping for too long period of time
135 * (by default 5 seconds) it wakes up and exits. Also when a transport
136 * is closing sleeping threads wake up to unlink from this transport.
137 *
138 * The `xprt-ready' queue.
139 * If a service thread finds no request on a transport it is currently linked
140 * to it will find another transport with a pending request. To make
141 * this search more efficient each pool has an `xprt-ready' queue.
142 * The queue is a FIFO. When the interrupt routine queues a request it also
143 * inserts a pointer to the transport into the `xprt-ready' queue. A
144 * thread looking for a transport with a pending request can pop up a
145 * transport and check for a request. The request can be already gone
146 * since it could be taken by a thread linked to that transport. In such a
147 * case we try the next hint. The `xprt-ready' queue has fixed size (by
148 * default 256 nodes). If it overflows svc_poll() has to switch to the
149 * less efficient but safe `drain' mode and walk through the pool's
150 * transport list.
151 *
152 * Both the svc_poll() loop and the `xprt-ready' queue are optimized
153 * for the peak load case that is for the situation when the queue is not
154 * empty, there are all the time few pending requests, and a service
155 * thread which has just processed a request does not go asleep but picks
156 * up immediately the next request.
157 *
158 * Thread creator.
159 * Each pool has a thread creator associated with it. The creator thread
160 * sleeps on a condition variable and waits for a signal to create a
161 * service thread. The actual thread creation is done in userland by
162 * the method described in "Pools" above.
163 *
164 * Signaling threads should turn on the `creator signaled' flag, and
165 * can avoid sending signals when the flag is on. The flag is cleared
166 * when the thread is created.
167 *
168 * When the pool is in closing state (ie it has been already unregistered
169 * from the pool list) the last thread on the last transport in the pool
170 * should turn the p_creator_exit flag on. The creator thread will
171 * clean up the pool structure and exit.
172 *
173 * Thread reservation; Detaching service threads.
174 * A service thread can detach itself to block for an extended amount
175 * of time. However, to keep the service active we need to guarantee
176 * at least pool->p_redline non-detached threads that can process incoming
177 * requests. This, the maximum number of detached and reserved threads is
178 * p->p_maxthreads - p->p_redline. A service thread should first acquire
179 * a reservation, and if the reservation was granted it can detach itself.
180 * If a reservation was granted but the thread does not detach itself
181 * it should cancel the reservation before it returns to svc_run().
182 */
183
184 #include <sys/param.h>
185 #include <sys/types.h>
186 #include <rpc/types.h>
187 #include <sys/socket.h>
188 #include <sys/time.h>
189 #include <sys/tiuser.h>
190 #include <sys/t_kuser.h>
191 #include <netinet/in.h>
192 #include <rpc/xdr.h>
193 #include <rpc/auth.h>
194 #include <rpc/clnt.h>
195 #include <rpc/rpc_msg.h>
196 #include <rpc/svc.h>
197 #include <sys/proc.h>
198 #include <sys/user.h>
199 #include <sys/stream.h>
200 #include <sys/strsubr.h>
201 #include <sys/strsun.h>
202 #include <sys/tihdr.h>
203 #include <sys/debug.h>
204 #include <sys/cmn_err.h>
205 #include <sys/file.h>
206 #include <sys/systm.h>
207 #include <sys/callb.h>
208 #include <sys/vtrace.h>
209 #include <sys/zone.h>
210 #include <nfs/nfs.h>
211 #include <sys/tsol/label_macro.h>
212
213 /*
214 * Defines for svc_poll()
215 */
216 #define SVC_EXPRTGONE ((SVCMASTERXPRT *)1) /* Transport is closing */
217 #define SVC_ETIMEDOUT ((SVCMASTERXPRT *)2) /* Timeout */
218 #define SVC_EINTR ((SVCMASTERXPRT *)3) /* Interrupted by signal */
219
220 /*
221 * Default stack size for service threads.
222 */
223 #define DEFAULT_SVC_RUN_STKSIZE (0) /* default kernel stack */
224
225 int svc_default_stksize = DEFAULT_SVC_RUN_STKSIZE;
226
227 /*
228 * Default polling timeout for service threads.
229 * Multiplied by hz when used.
230 */
231 #define DEFAULT_SVC_POLL_TIMEOUT (5) /* seconds */
232
233 clock_t svc_default_timeout = DEFAULT_SVC_POLL_TIMEOUT;
234
235 /*
236 * Size of the `xprt-ready' queue.
237 */
238 #define DEFAULT_SVC_QSIZE (256) /* qnodes */
239
240 size_t svc_default_qsize = DEFAULT_SVC_QSIZE;
241
242 /*
243 * Default limit for the number of service threads.
244 */
245 #define DEFAULT_SVC_MAXTHREADS (INT16_MAX)
246
247 int svc_default_maxthreads = DEFAULT_SVC_MAXTHREADS;
248
249 /*
250 * Maximum number of requests from the same transport (in `drain' mode).
251 */
252 #define DEFAULT_SVC_MAX_SAME_XPRT (8)
253
254 int svc_default_max_same_xprt = DEFAULT_SVC_MAX_SAME_XPRT;
255
256
257 /*
258 * Default `Redline' of non-detached threads.
259 * Total number of detached and reserved threads in an RPC server
260 * thread pool is limited to pool->p_maxthreads - svc_redline.
261 */
262 #define DEFAULT_SVC_REDLINE (1)
263
264 int svc_default_redline = DEFAULT_SVC_REDLINE;
265
266 /*
267 * A node for the `xprt-ready' queue.
268 * See below.
269 */
270 struct __svcxprt_qnode {
271 __SVCXPRT_QNODE *q_next;
272 SVCMASTERXPRT *q_xprt;
273 };
274
275 /*
276 * Global SVC variables (private).
277 */
278 struct svc_globals {
279 SVCPOOL *svc_pools;
280 kmutex_t svc_plock;
281 };
282
283 /*
284 * Debug variable to check for rdma based
285 * transport startup and cleanup. Contorlled
286 * through /etc/system. Off by default.
287 */
288 int rdma_check = 0;
289
290 /*
291 * This allows disabling flow control in svc_queuereq().
292 */
293 volatile int svc_flowcontrol_disable = 0;
294
295 /*
296 * Authentication parameters list.
297 */
298 static caddr_t rqcred_head;
299 static kmutex_t rqcred_lock;
300
301 /*
302 * If true, then keep quiet about version mismatch.
303 * This macro is for broadcast RPC only. We have no broadcast RPC in
304 * kernel now but one may define a flag in the transport structure
305 * and redefine this macro.
306 */
307 #define version_keepquiet(xprt) (FALSE)
308
309 /*
310 * ZSD key used to retrieve zone-specific svc globals
311 */
312 static zone_key_t svc_zone_key;
313
314 static void svc_callout_free(SVCMASTERXPRT *);
315 static void svc_xprt_qinit(SVCPOOL *, size_t);
316 static void svc_xprt_qdestroy(SVCPOOL *);
317 static void svc_thread_creator(SVCPOOL *);
318 static void svc_creator_signal(SVCPOOL *);
319 static void svc_creator_signalexit(SVCPOOL *);
320 static void svc_pool_unregister(struct svc_globals *, SVCPOOL *);
321 static int svc_run(SVCPOOL *);
322
323 /* ARGSUSED */
324 static void *
svc_zoneinit(zoneid_t zoneid)325 svc_zoneinit(zoneid_t zoneid)
326 {
327 struct svc_globals *svc;
328
329 svc = kmem_alloc(sizeof (*svc), KM_SLEEP);
330 mutex_init(&svc->svc_plock, NULL, MUTEX_DEFAULT, NULL);
331 svc->svc_pools = NULL;
332 return (svc);
333 }
334
335 /* ARGSUSED */
336 static void
svc_zoneshutdown(zoneid_t zoneid,void * arg)337 svc_zoneshutdown(zoneid_t zoneid, void *arg)
338 {
339 struct svc_globals *svc = arg;
340 SVCPOOL *pool;
341
342 mutex_enter(&svc->svc_plock);
343 while ((pool = svc->svc_pools) != NULL) {
344 svc_pool_unregister(svc, pool);
345 }
346 mutex_exit(&svc->svc_plock);
347 }
348
349 /* ARGSUSED */
350 static void
svc_zonefini(zoneid_t zoneid,void * arg)351 svc_zonefini(zoneid_t zoneid, void *arg)
352 {
353 struct svc_globals *svc = arg;
354
355 ASSERT(svc->svc_pools == NULL);
356 mutex_destroy(&svc->svc_plock);
357 kmem_free(svc, sizeof (*svc));
358 }
359
360 /*
361 * Global SVC init routine.
362 * Initialize global generic and transport type specific structures
363 * used by the kernel RPC server side. This routine is called only
364 * once when the module is being loaded.
365 */
366 void
svc_init()367 svc_init()
368 {
369 zone_key_create(&svc_zone_key, svc_zoneinit, svc_zoneshutdown,
370 svc_zonefini);
371 svc_cots_init();
372 svc_clts_init();
373 }
374
375 /*
376 * Destroy the SVCPOOL structure.
377 */
378 static void
svc_pool_cleanup(SVCPOOL * pool)379 svc_pool_cleanup(SVCPOOL *pool)
380 {
381 ASSERT(pool->p_threads + pool->p_detached_threads == 0);
382 ASSERT(pool->p_lcount == 0);
383 ASSERT(pool->p_closing);
384
385 /*
386 * Call the user supplied shutdown function. This is done
387 * here so the user of the pool will be able to cleanup
388 * service related resources.
389 */
390 if (pool->p_shutdown != NULL)
391 (pool->p_shutdown)();
392
393 /* Destroy `xprt-ready' queue */
394 svc_xprt_qdestroy(pool);
395
396 /* Destroy transport list */
397 rw_destroy(&pool->p_lrwlock);
398
399 /* Destroy locks and condition variables */
400 mutex_destroy(&pool->p_thread_lock);
401 mutex_destroy(&pool->p_req_lock);
402 cv_destroy(&pool->p_req_cv);
403
404 /* Destroy creator's locks and condition variables */
405 mutex_destroy(&pool->p_creator_lock);
406 cv_destroy(&pool->p_creator_cv);
407 mutex_destroy(&pool->p_user_lock);
408 cv_destroy(&pool->p_user_cv);
409
410 /* Free pool structure */
411 kmem_free(pool, sizeof (SVCPOOL));
412 }
413
414 /*
415 * If all the transports and service threads are already gone
416 * signal the creator thread to clean up and exit.
417 */
418 static bool_t
svc_pool_tryexit(SVCPOOL * pool)419 svc_pool_tryexit(SVCPOOL *pool)
420 {
421 ASSERT(MUTEX_HELD(&pool->p_thread_lock));
422 ASSERT(pool->p_closing);
423
424 if (pool->p_threads + pool->p_detached_threads == 0) {
425 rw_enter(&pool->p_lrwlock, RW_READER);
426 if (pool->p_lcount == 0) {
427 /*
428 * Release the locks before sending a signal.
429 */
430 rw_exit(&pool->p_lrwlock);
431 mutex_exit(&pool->p_thread_lock);
432
433 /*
434 * Notify the creator thread to clean up and exit
435 *
436 * NOTICE: No references to the pool beyond this point!
437 * The pool is being destroyed.
438 */
439 ASSERT(!MUTEX_HELD(&pool->p_thread_lock));
440 svc_creator_signalexit(pool);
441
442 return (TRUE);
443 }
444 rw_exit(&pool->p_lrwlock);
445 }
446
447 ASSERT(MUTEX_HELD(&pool->p_thread_lock));
448 return (FALSE);
449 }
450
451 /*
452 * Find a pool with a given id.
453 */
454 static SVCPOOL *
svc_pool_find(struct svc_globals * svc,int id)455 svc_pool_find(struct svc_globals *svc, int id)
456 {
457 SVCPOOL *pool;
458
459 ASSERT(MUTEX_HELD(&svc->svc_plock));
460
461 /*
462 * Search the list for a pool with a matching id
463 * and register the transport handle with that pool.
464 */
465 for (pool = svc->svc_pools; pool; pool = pool->p_next)
466 if (pool->p_id == id)
467 return (pool);
468
469 return (NULL);
470 }
471
472 /*
473 * PSARC 2003/523 Contract Private Interface
474 * svc_do_run
475 * Changes must be reviewed by Solaris File Sharing
476 * Changes must be communicated to contract-2003-523@sun.com
477 */
478 int
svc_do_run(int id)479 svc_do_run(int id)
480 {
481 SVCPOOL *pool;
482 int err = 0;
483 struct svc_globals *svc;
484
485 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
486 mutex_enter(&svc->svc_plock);
487
488 pool = svc_pool_find(svc, id);
489
490 mutex_exit(&svc->svc_plock);
491
492 if (pool == NULL)
493 return (ENOENT);
494
495 /*
496 * Increment counter of pool threads now
497 * that a thread has been created.
498 */
499 mutex_enter(&pool->p_thread_lock);
500 pool->p_threads++;
501 mutex_exit(&pool->p_thread_lock);
502
503 /* Give work to the new thread. */
504 err = svc_run(pool);
505
506 return (err);
507 }
508
509 /*
510 * Unregister a pool from the pool list.
511 * Set the closing state. If all the transports and service threads
512 * are already gone signal the creator thread to clean up and exit.
513 */
514 static void
svc_pool_unregister(struct svc_globals * svc,SVCPOOL * pool)515 svc_pool_unregister(struct svc_globals *svc, SVCPOOL *pool)
516 {
517 SVCPOOL *next = pool->p_next;
518 SVCPOOL *prev = pool->p_prev;
519
520 ASSERT(MUTEX_HELD(&svc->svc_plock));
521
522 /* Remove from the list */
523 if (pool == svc->svc_pools)
524 svc->svc_pools = next;
525 if (next)
526 next->p_prev = prev;
527 if (prev)
528 prev->p_next = next;
529 pool->p_next = pool->p_prev = NULL;
530
531 /*
532 * Offline the pool. Mark the pool as closing.
533 * If there are no transports in this pool notify
534 * the creator thread to clean it up and exit.
535 */
536 mutex_enter(&pool->p_thread_lock);
537 if (pool->p_offline != NULL)
538 (pool->p_offline)();
539 pool->p_closing = TRUE;
540 if (svc_pool_tryexit(pool))
541 return;
542 mutex_exit(&pool->p_thread_lock);
543 }
544
545 /*
546 * Register a pool with a given id in the global doubly linked pool list.
547 * - if there is a pool with the same id in the list then unregister it
548 * - insert the new pool into the list.
549 */
550 static void
svc_pool_register(struct svc_globals * svc,SVCPOOL * pool,int id)551 svc_pool_register(struct svc_globals *svc, SVCPOOL *pool, int id)
552 {
553 SVCPOOL *old_pool;
554
555 /*
556 * If there is a pool with the same id then remove it from
557 * the list and mark the pool as closing.
558 */
559 mutex_enter(&svc->svc_plock);
560
561 if (old_pool = svc_pool_find(svc, id))
562 svc_pool_unregister(svc, old_pool);
563
564 /* Insert into the doubly linked list */
565 pool->p_id = id;
566 pool->p_next = svc->svc_pools;
567 pool->p_prev = NULL;
568 if (svc->svc_pools)
569 svc->svc_pools->p_prev = pool;
570 svc->svc_pools = pool;
571
572 mutex_exit(&svc->svc_plock);
573 }
574
575 /*
576 * Initialize a newly created pool structure
577 */
578 static int
svc_pool_init(SVCPOOL * pool,uint_t maxthreads,uint_t redline,uint_t qsize,uint_t timeout,uint_t stksize,uint_t max_same_xprt)579 svc_pool_init(SVCPOOL *pool, uint_t maxthreads, uint_t redline,
580 uint_t qsize, uint_t timeout, uint_t stksize, uint_t max_same_xprt)
581 {
582 klwp_t *lwp = ttolwp(curthread);
583
584 ASSERT(pool);
585
586 if (maxthreads == 0)
587 maxthreads = svc_default_maxthreads;
588 if (redline == 0)
589 redline = svc_default_redline;
590 if (qsize == 0)
591 qsize = svc_default_qsize;
592 if (timeout == 0)
593 timeout = svc_default_timeout;
594 if (stksize == 0)
595 stksize = svc_default_stksize;
596 if (max_same_xprt == 0)
597 max_same_xprt = svc_default_max_same_xprt;
598
599 if (maxthreads < redline)
600 return (EINVAL);
601
602 /* Allocate and initialize the `xprt-ready' queue */
603 svc_xprt_qinit(pool, qsize);
604
605 /* Initialize doubly-linked xprt list */
606 rw_init(&pool->p_lrwlock, NULL, RW_DEFAULT, NULL);
607
608 /*
609 * Setting lwp_childstksz on the current lwp so that
610 * descendants of this lwp get the modified stacksize, if
611 * it is defined. It is important that either this lwp or
612 * one of its descendants do the actual servicepool thread
613 * creation to maintain the stacksize inheritance.
614 */
615 if (lwp != NULL)
616 lwp->lwp_childstksz = stksize;
617
618 /* Initialize thread limits, locks and condition variables */
619 pool->p_maxthreads = maxthreads;
620 pool->p_redline = redline;
621 pool->p_timeout = timeout * hz;
622 pool->p_stksize = stksize;
623 pool->p_max_same_xprt = max_same_xprt;
624 mutex_init(&pool->p_thread_lock, NULL, MUTEX_DEFAULT, NULL);
625 mutex_init(&pool->p_req_lock, NULL, MUTEX_DEFAULT, NULL);
626 cv_init(&pool->p_req_cv, NULL, CV_DEFAULT, NULL);
627
628 /* Initialize userland creator */
629 pool->p_user_exit = FALSE;
630 pool->p_signal_create_thread = FALSE;
631 pool->p_user_waiting = FALSE;
632 mutex_init(&pool->p_user_lock, NULL, MUTEX_DEFAULT, NULL);
633 cv_init(&pool->p_user_cv, NULL, CV_DEFAULT, NULL);
634
635 /* Initialize the creator and start the creator thread */
636 pool->p_creator_exit = FALSE;
637 mutex_init(&pool->p_creator_lock, NULL, MUTEX_DEFAULT, NULL);
638 cv_init(&pool->p_creator_cv, NULL, CV_DEFAULT, NULL);
639
640 (void) zthread_create(NULL, pool->p_stksize, svc_thread_creator,
641 pool, 0, minclsyspri);
642
643 return (0);
644 }
645
646 /*
647 * PSARC 2003/523 Contract Private Interface
648 * svc_pool_create
649 * Changes must be reviewed by Solaris File Sharing
650 * Changes must be communicated to contract-2003-523@sun.com
651 *
652 * Create an kernel RPC server-side thread/transport pool.
653 *
654 * This is public interface for creation of a server RPC thread pool
655 * for a given service provider. Transports registered with the pool's id
656 * will be served by a pool's threads. This function is called from the
657 * nfssys() system call.
658 */
659 int
svc_pool_create(struct svcpool_args * args)660 svc_pool_create(struct svcpool_args *args)
661 {
662 SVCPOOL *pool;
663 int error;
664 struct svc_globals *svc;
665
666 /*
667 * Caller should check credentials in a way appropriate
668 * in the context of the call.
669 */
670
671 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
672 /* Allocate a new pool */
673 pool = kmem_zalloc(sizeof (SVCPOOL), KM_SLEEP);
674
675 /*
676 * Initialize the pool structure and create a creator thread.
677 */
678 error = svc_pool_init(pool, args->maxthreads, args->redline,
679 args->qsize, args->timeout, args->stksize, args->max_same_xprt);
680
681 if (error) {
682 kmem_free(pool, sizeof (SVCPOOL));
683 return (error);
684 }
685
686 /* Register the pool with the global pool list */
687 svc_pool_register(svc, pool, args->id);
688
689 return (0);
690 }
691
692 int
svc_pool_control(int id,int cmd,void * arg)693 svc_pool_control(int id, int cmd, void *arg)
694 {
695 SVCPOOL *pool;
696 struct svc_globals *svc;
697
698 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
699
700 switch (cmd) {
701 case SVCPSET_SHUTDOWN_PROC:
702 /*
703 * Search the list for a pool with a matching id
704 * and register the transport handle with that pool.
705 */
706 mutex_enter(&svc->svc_plock);
707
708 if ((pool = svc_pool_find(svc, id)) == NULL) {
709 mutex_exit(&svc->svc_plock);
710 return (ENOENT);
711 }
712 /*
713 * Grab the transport list lock before releasing the
714 * pool list lock
715 */
716 rw_enter(&pool->p_lrwlock, RW_WRITER);
717 mutex_exit(&svc->svc_plock);
718
719 pool->p_shutdown = *((void (*)())arg);
720
721 rw_exit(&pool->p_lrwlock);
722
723 return (0);
724 case SVCPSET_UNREGISTER_PROC:
725 /*
726 * Search the list for a pool with a matching id
727 * and register the unregister callback handle with that pool.
728 */
729 mutex_enter(&svc->svc_plock);
730
731 if ((pool = svc_pool_find(svc, id)) == NULL) {
732 mutex_exit(&svc->svc_plock);
733 return (ENOENT);
734 }
735 /*
736 * Grab the transport list lock before releasing the
737 * pool list lock
738 */
739 rw_enter(&pool->p_lrwlock, RW_WRITER);
740 mutex_exit(&svc->svc_plock);
741
742 pool->p_offline = *((void (*)())arg);
743
744 rw_exit(&pool->p_lrwlock);
745
746 return (0);
747 default:
748 return (EINVAL);
749 }
750 }
751
752 /*
753 * Pool's transport list manipulation routines.
754 * - svc_xprt_register()
755 * - svc_xprt_unregister()
756 *
757 * svc_xprt_register() is called from svc_tli_kcreate() to
758 * insert a new master transport handle into the doubly linked
759 * list of server transport handles (one list per pool).
760 *
761 * The list is used by svc_poll(), when it operates in `drain'
762 * mode, to search for a next transport with a pending request.
763 */
764
765 int
svc_xprt_register(SVCMASTERXPRT * xprt,int id)766 svc_xprt_register(SVCMASTERXPRT *xprt, int id)
767 {
768 SVCMASTERXPRT *prev, *next;
769 SVCPOOL *pool;
770 struct svc_globals *svc;
771
772 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
773 /*
774 * Search the list for a pool with a matching id
775 * and register the transport handle with that pool.
776 */
777 mutex_enter(&svc->svc_plock);
778
779 if ((pool = svc_pool_find(svc, id)) == NULL) {
780 mutex_exit(&svc->svc_plock);
781 return (ENOENT);
782 }
783
784 /* Grab the transport list lock before releasing the pool list lock */
785 rw_enter(&pool->p_lrwlock, RW_WRITER);
786 mutex_exit(&svc->svc_plock);
787
788 /* Don't register new transports when the pool is in closing state */
789 if (pool->p_closing) {
790 rw_exit(&pool->p_lrwlock);
791 return (EBUSY);
792 }
793
794 /*
795 * Initialize xp_pool to point to the pool.
796 * We don't want to go through the pool list every time.
797 */
798 xprt->xp_pool = pool;
799
800 /*
801 * Insert a transport handle into the list.
802 * The list head points to the most recently inserted transport.
803 */
804 if (pool->p_lhead == NULL)
805 pool->p_lhead = xprt->xp_prev = xprt->xp_next = xprt;
806 else {
807 next = pool->p_lhead;
808 prev = pool->p_lhead->xp_prev;
809
810 xprt->xp_next = next;
811 xprt->xp_prev = prev;
812
813 pool->p_lhead = prev->xp_next = next->xp_prev = xprt;
814 }
815
816 /* Increment the transports count */
817 pool->p_lcount++;
818
819 rw_exit(&pool->p_lrwlock);
820 return (0);
821 }
822
823 /*
824 * Called from svc_xprt_cleanup() to remove a master transport handle
825 * from the pool's list of server transports (when a transport is
826 * being destroyed).
827 */
828 void
svc_xprt_unregister(SVCMASTERXPRT * xprt)829 svc_xprt_unregister(SVCMASTERXPRT *xprt)
830 {
831 SVCPOOL *pool = xprt->xp_pool;
832
833 /*
834 * Unlink xprt from the list.
835 * If the list head points to this xprt then move it
836 * to the next xprt or reset to NULL if this is the last
837 * xprt in the list.
838 */
839 rw_enter(&pool->p_lrwlock, RW_WRITER);
840
841 if (xprt == xprt->xp_next)
842 pool->p_lhead = NULL;
843 else {
844 SVCMASTERXPRT *next = xprt->xp_next;
845 SVCMASTERXPRT *prev = xprt->xp_prev;
846
847 next->xp_prev = prev;
848 prev->xp_next = next;
849
850 if (pool->p_lhead == xprt)
851 pool->p_lhead = next;
852 }
853
854 xprt->xp_next = xprt->xp_prev = NULL;
855
856 /* Decrement list count */
857 pool->p_lcount--;
858
859 rw_exit(&pool->p_lrwlock);
860 }
861
862 static void
svc_xprt_qdestroy(SVCPOOL * pool)863 svc_xprt_qdestroy(SVCPOOL *pool)
864 {
865 mutex_destroy(&pool->p_qend_lock);
866 kmem_free(pool->p_qbody, pool->p_qsize * sizeof (__SVCXPRT_QNODE));
867 }
868
869 /*
870 * Initialize an `xprt-ready' queue for a given pool.
871 */
872 static void
svc_xprt_qinit(SVCPOOL * pool,size_t qsize)873 svc_xprt_qinit(SVCPOOL *pool, size_t qsize)
874 {
875 int i;
876
877 pool->p_qsize = qsize;
878 pool->p_qbody = kmem_zalloc(pool->p_qsize * sizeof (__SVCXPRT_QNODE),
879 KM_SLEEP);
880
881 for (i = 0; i < pool->p_qsize - 1; i++)
882 pool->p_qbody[i].q_next = &(pool->p_qbody[i+1]);
883
884 pool->p_qbody[pool->p_qsize-1].q_next = &(pool->p_qbody[0]);
885 pool->p_qtop = &(pool->p_qbody[0]);
886 pool->p_qend = &(pool->p_qbody[0]);
887
888 mutex_init(&pool->p_qend_lock, NULL, MUTEX_DEFAULT, NULL);
889 }
890
891 /*
892 * Called from the svc_queuereq() interrupt routine to queue
893 * a hint for svc_poll() which transport has a pending request.
894 * - insert a pointer to xprt into the xprt-ready queue (FIFO)
895 * - if the xprt-ready queue is full turn the overflow flag on.
896 *
897 * NOTICE: pool->p_qtop is protected by the pool's request lock
898 * and the caller (svc_queuereq()) must hold the lock.
899 */
900 static void
svc_xprt_qput(SVCPOOL * pool,SVCMASTERXPRT * xprt)901 svc_xprt_qput(SVCPOOL *pool, SVCMASTERXPRT *xprt)
902 {
903 ASSERT(MUTEX_HELD(&pool->p_req_lock));
904
905 /* If the overflow flag is on there is nothing we can do */
906 if (pool->p_qoverflow)
907 return;
908
909 /* If the queue is full turn the overflow flag on and exit */
910 if (pool->p_qtop->q_next == pool->p_qend) {
911 mutex_enter(&pool->p_qend_lock);
912 if (pool->p_qtop->q_next == pool->p_qend) {
913 pool->p_qoverflow = TRUE;
914 mutex_exit(&pool->p_qend_lock);
915 return;
916 }
917 mutex_exit(&pool->p_qend_lock);
918 }
919
920 /* Insert a hint and move pool->p_qtop */
921 pool->p_qtop->q_xprt = xprt;
922 pool->p_qtop = pool->p_qtop->q_next;
923 }
924
925 /*
926 * Called from svc_poll() to get a hint which transport has a
927 * pending request. Returns a pointer to a transport or NULL if the
928 * `xprt-ready' queue is empty.
929 *
930 * Since we do not acquire the pool's request lock while checking if
931 * the queue is empty we may miss a request that is just being delivered.
932 * However this is ok since svc_poll() will retry again until the
933 * count indicates that there are pending requests for this pool.
934 */
935 static SVCMASTERXPRT *
svc_xprt_qget(SVCPOOL * pool)936 svc_xprt_qget(SVCPOOL *pool)
937 {
938 SVCMASTERXPRT *xprt;
939
940 mutex_enter(&pool->p_qend_lock);
941 do {
942 /*
943 * If the queue is empty return NULL.
944 * Since we do not acquire the pool's request lock which
945 * protects pool->p_qtop this is not exact check. However,
946 * this is safe - if we miss a request here svc_poll()
947 * will retry again.
948 */
949 if (pool->p_qend == pool->p_qtop) {
950 mutex_exit(&pool->p_qend_lock);
951 return (NULL);
952 }
953
954 /* Get a hint and move pool->p_qend */
955 xprt = pool->p_qend->q_xprt;
956 pool->p_qend = pool->p_qend->q_next;
957
958 /* Skip fields deleted by svc_xprt_qdelete() */
959 } while (xprt == NULL);
960 mutex_exit(&pool->p_qend_lock);
961
962 return (xprt);
963 }
964
965 /*
966 * Delete all the references to a transport handle that
967 * is being destroyed from the xprt-ready queue.
968 * Deleted pointers are replaced with NULLs.
969 */
970 static void
svc_xprt_qdelete(SVCPOOL * pool,SVCMASTERXPRT * xprt)971 svc_xprt_qdelete(SVCPOOL *pool, SVCMASTERXPRT *xprt)
972 {
973 __SVCXPRT_QNODE *q;
974
975 mutex_enter(&pool->p_req_lock);
976 for (q = pool->p_qend; q != pool->p_qtop; q = q->q_next) {
977 if (q->q_xprt == xprt)
978 q->q_xprt = NULL;
979 }
980 mutex_exit(&pool->p_req_lock);
981 }
982
983 /*
984 * Destructor for a master server transport handle.
985 * - if there are no more non-detached threads linked to this transport
986 * then, if requested, call xp_closeproc (we don't wait for detached
987 * threads linked to this transport to complete).
988 * - if there are no more threads linked to this
989 * transport then
990 * a) remove references to this transport from the xprt-ready queue
991 * b) remove a reference to this transport from the pool's transport list
992 * c) call a transport specific `destroy' function
993 * d) cancel remaining thread reservations.
994 *
995 * NOTICE: Caller must hold the transport's thread lock.
996 */
997 static void
svc_xprt_cleanup(SVCMASTERXPRT * xprt,bool_t detached)998 svc_xprt_cleanup(SVCMASTERXPRT *xprt, bool_t detached)
999 {
1000 ASSERT(MUTEX_HELD(&xprt->xp_thread_lock));
1001 ASSERT(xprt->xp_wq == NULL);
1002
1003 /*
1004 * If called from the last non-detached thread
1005 * it should call the closeproc on this transport.
1006 */
1007 if (!detached && xprt->xp_threads == 0 && xprt->xp_closeproc) {
1008 (*(xprt->xp_closeproc)) (xprt);
1009 }
1010
1011 if (xprt->xp_threads + xprt->xp_detached_threads > 0)
1012 mutex_exit(&xprt->xp_thread_lock);
1013 else {
1014 /* Remove references to xprt from the `xprt-ready' queue */
1015 svc_xprt_qdelete(xprt->xp_pool, xprt);
1016
1017 /* Unregister xprt from the pool's transport list */
1018 svc_xprt_unregister(xprt);
1019 svc_callout_free(xprt);
1020 SVC_DESTROY(xprt);
1021 }
1022 }
1023
1024 /*
1025 * Find a dispatch routine for a given prog/vers pair.
1026 * This function is called from svc_getreq() to search the callout
1027 * table for an entry with a matching RPC program number `prog'
1028 * and a version range that covers `vers'.
1029 * - if it finds a matching entry it returns pointer to the dispatch routine
1030 * - otherwise it returns NULL and fills both vers_min and vers_max
1031 * with, respectively, lowest version and highest version
1032 * supported for the program `prog'
1033 */
1034 static SVC_DISPATCH *
svc_callout_find(SVCXPRT * xprt,rpcprog_t prog,rpcvers_t vers,rpcvers_t * vers_min,rpcvers_t * vers_max)1035 svc_callout_find(SVCXPRT *xprt, rpcprog_t prog, rpcvers_t vers,
1036 rpcvers_t *vers_min, rpcvers_t *vers_max)
1037 {
1038 SVC_CALLOUT_TABLE *sct = xprt->xp_sct;
1039 int i;
1040
1041 *vers_min = ~(rpcvers_t)0;
1042 *vers_max = 0;
1043
1044 for (i = 0; i < sct->sct_size; i++) {
1045 SVC_CALLOUT *sc = &sct->sct_sc[i];
1046
1047 if (prog == sc->sc_prog) {
1048 if (vers >= sc->sc_versmin && vers <= sc->sc_versmax)
1049 return (sc->sc_dispatch);
1050
1051 if (*vers_max < sc->sc_versmax)
1052 *vers_max = sc->sc_versmax;
1053 if (*vers_min > sc->sc_versmin)
1054 *vers_min = sc->sc_versmin;
1055 }
1056 }
1057
1058 return (NULL);
1059 }
1060
1061 /*
1062 * Optionally free callout table allocated for this transport by
1063 * the service provider.
1064 */
1065 static void
svc_callout_free(SVCMASTERXPRT * xprt)1066 svc_callout_free(SVCMASTERXPRT *xprt)
1067 {
1068 SVC_CALLOUT_TABLE *sct = xprt->xp_sct;
1069
1070 if (sct->sct_free) {
1071 kmem_free(sct->sct_sc, sct->sct_size * sizeof (SVC_CALLOUT));
1072 kmem_free(sct, sizeof (SVC_CALLOUT_TABLE));
1073 }
1074 }
1075
1076 /*
1077 * Send a reply to an RPC request
1078 *
1079 * PSARC 2003/523 Contract Private Interface
1080 * svc_sendreply
1081 * Changes must be reviewed by Solaris File Sharing
1082 * Changes must be communicated to contract-2003-523@sun.com
1083 */
1084 bool_t
svc_sendreply(const SVCXPRT * clone_xprt,const xdrproc_t xdr_results,const caddr_t xdr_location)1085 svc_sendreply(const SVCXPRT *clone_xprt, const xdrproc_t xdr_results,
1086 const caddr_t xdr_location)
1087 {
1088 struct rpc_msg rply;
1089
1090 rply.rm_direction = REPLY;
1091 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1092 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1093 rply.acpted_rply.ar_stat = SUCCESS;
1094 rply.acpted_rply.ar_results.where = xdr_location;
1095 rply.acpted_rply.ar_results.proc = xdr_results;
1096
1097 return (SVC_REPLY((SVCXPRT *)clone_xprt, &rply));
1098 }
1099
1100 /*
1101 * No procedure error reply
1102 *
1103 * PSARC 2003/523 Contract Private Interface
1104 * svcerr_noproc
1105 * Changes must be reviewed by Solaris File Sharing
1106 * Changes must be communicated to contract-2003-523@sun.com
1107 */
1108 void
svcerr_noproc(const SVCXPRT * clone_xprt)1109 svcerr_noproc(const SVCXPRT *clone_xprt)
1110 {
1111 struct rpc_msg rply;
1112
1113 rply.rm_direction = REPLY;
1114 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1115 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1116 rply.acpted_rply.ar_stat = PROC_UNAVAIL;
1117 SVC_FREERES((SVCXPRT *)clone_xprt);
1118 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1119 }
1120
1121 /*
1122 * Can't decode arguments error reply
1123 *
1124 * PSARC 2003/523 Contract Private Interface
1125 * svcerr_decode
1126 * Changes must be reviewed by Solaris File Sharing
1127 * Changes must be communicated to contract-2003-523@sun.com
1128 */
1129 void
svcerr_decode(const SVCXPRT * clone_xprt)1130 svcerr_decode(const SVCXPRT *clone_xprt)
1131 {
1132 struct rpc_msg rply;
1133
1134 rply.rm_direction = REPLY;
1135 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1136 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1137 rply.acpted_rply.ar_stat = GARBAGE_ARGS;
1138 SVC_FREERES((SVCXPRT *)clone_xprt);
1139 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1140 }
1141
1142 /*
1143 * Some system error
1144 */
1145 void
svcerr_systemerr(const SVCXPRT * clone_xprt)1146 svcerr_systemerr(const SVCXPRT *clone_xprt)
1147 {
1148 struct rpc_msg rply;
1149
1150 rply.rm_direction = REPLY;
1151 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1152 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1153 rply.acpted_rply.ar_stat = SYSTEM_ERR;
1154 SVC_FREERES((SVCXPRT *)clone_xprt);
1155 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1156 }
1157
1158 /*
1159 * Authentication error reply
1160 */
1161 void
svcerr_auth(const SVCXPRT * clone_xprt,const enum auth_stat why)1162 svcerr_auth(const SVCXPRT *clone_xprt, const enum auth_stat why)
1163 {
1164 struct rpc_msg rply;
1165
1166 rply.rm_direction = REPLY;
1167 rply.rm_reply.rp_stat = MSG_DENIED;
1168 rply.rjcted_rply.rj_stat = AUTH_ERROR;
1169 rply.rjcted_rply.rj_why = why;
1170 SVC_FREERES((SVCXPRT *)clone_xprt);
1171 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1172 }
1173
1174 /*
1175 * Authentication too weak error reply
1176 */
1177 void
svcerr_weakauth(const SVCXPRT * clone_xprt)1178 svcerr_weakauth(const SVCXPRT *clone_xprt)
1179 {
1180 svcerr_auth((SVCXPRT *)clone_xprt, AUTH_TOOWEAK);
1181 }
1182
1183 /*
1184 * Authentication error; bad credentials
1185 */
1186 void
svcerr_badcred(const SVCXPRT * clone_xprt)1187 svcerr_badcred(const SVCXPRT *clone_xprt)
1188 {
1189 struct rpc_msg rply;
1190
1191 rply.rm_direction = REPLY;
1192 rply.rm_reply.rp_stat = MSG_DENIED;
1193 rply.rjcted_rply.rj_stat = AUTH_ERROR;
1194 rply.rjcted_rply.rj_why = AUTH_BADCRED;
1195 SVC_FREERES((SVCXPRT *)clone_xprt);
1196 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1197 }
1198
1199 /*
1200 * Program unavailable error reply
1201 *
1202 * PSARC 2003/523 Contract Private Interface
1203 * svcerr_noprog
1204 * Changes must be reviewed by Solaris File Sharing
1205 * Changes must be communicated to contract-2003-523@sun.com
1206 */
1207 void
svcerr_noprog(const SVCXPRT * clone_xprt)1208 svcerr_noprog(const SVCXPRT *clone_xprt)
1209 {
1210 struct rpc_msg rply;
1211
1212 rply.rm_direction = REPLY;
1213 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1214 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1215 rply.acpted_rply.ar_stat = PROG_UNAVAIL;
1216 SVC_FREERES((SVCXPRT *)clone_xprt);
1217 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1218 }
1219
1220 /*
1221 * Program version mismatch error reply
1222 *
1223 * PSARC 2003/523 Contract Private Interface
1224 * svcerr_progvers
1225 * Changes must be reviewed by Solaris File Sharing
1226 * Changes must be communicated to contract-2003-523@sun.com
1227 */
1228 void
svcerr_progvers(const SVCXPRT * clone_xprt,const rpcvers_t low_vers,const rpcvers_t high_vers)1229 svcerr_progvers(const SVCXPRT *clone_xprt,
1230 const rpcvers_t low_vers, const rpcvers_t high_vers)
1231 {
1232 struct rpc_msg rply;
1233
1234 rply.rm_direction = REPLY;
1235 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1236 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1237 rply.acpted_rply.ar_stat = PROG_MISMATCH;
1238 rply.acpted_rply.ar_vers.low = low_vers;
1239 rply.acpted_rply.ar_vers.high = high_vers;
1240 SVC_FREERES((SVCXPRT *)clone_xprt);
1241 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1242 }
1243
1244 /*
1245 * Get server side input from some transport.
1246 *
1247 * Statement of authentication parameters management:
1248 * This function owns and manages all authentication parameters, specifically
1249 * the "raw" parameters (msg.rm_call.cb_cred and msg.rm_call.cb_verf) and
1250 * the "cooked" credentials (rqst->rq_clntcred).
1251 * However, this function does not know the structure of the cooked
1252 * credentials, so it make the following assumptions:
1253 * a) the structure is contiguous (no pointers), and
1254 * b) the cred structure size does not exceed RQCRED_SIZE bytes.
1255 * In all events, all three parameters are freed upon exit from this routine.
1256 * The storage is trivially managed on the call stack in user land, but
1257 * is malloced in kernel land.
1258 *
1259 * Note: the xprt's xp_svc_lock is not held while the service's dispatch
1260 * routine is running. If we decide to implement svc_unregister(), we'll
1261 * need to decide whether it's okay for a thread to unregister a service
1262 * while a request is being processed. If we decide that this is a
1263 * problem, we can probably use some sort of reference counting scheme to
1264 * keep the callout entry from going away until the request has completed.
1265 */
1266 static void
svc_getreq(SVCXPRT * clone_xprt,mblk_t * mp)1267 svc_getreq(
1268 SVCXPRT *clone_xprt, /* clone transport handle */
1269 mblk_t *mp)
1270 {
1271 struct rpc_msg msg;
1272 struct svc_req r;
1273 char *cred_area; /* too big to allocate on call stack */
1274
1275 TRACE_0(TR_FAC_KRPC, TR_SVC_GETREQ_START,
1276 "svc_getreq_start:");
1277
1278 ASSERT(clone_xprt->xp_master != NULL);
1279 ASSERT(!is_system_labeled() || msg_getcred(mp, NULL) != NULL ||
1280 mp->b_datap->db_type != M_DATA);
1281
1282 /*
1283 * Firstly, allocate the authentication parameters' storage
1284 */
1285 mutex_enter(&rqcred_lock);
1286 if (rqcred_head) {
1287 cred_area = rqcred_head;
1288
1289 /* LINTED pointer alignment */
1290 rqcred_head = *(caddr_t *)rqcred_head;
1291 mutex_exit(&rqcred_lock);
1292 } else {
1293 mutex_exit(&rqcred_lock);
1294 cred_area = kmem_alloc(2 * MAX_AUTH_BYTES + RQCRED_SIZE,
1295 KM_SLEEP);
1296 }
1297 msg.rm_call.cb_cred.oa_base = cred_area;
1298 msg.rm_call.cb_verf.oa_base = &(cred_area[MAX_AUTH_BYTES]);
1299 r.rq_clntcred = &(cred_area[2 * MAX_AUTH_BYTES]);
1300
1301 /*
1302 * underlying transport recv routine may modify mblk data
1303 * and make it difficult to extract label afterwards. So
1304 * get the label from the raw mblk data now.
1305 */
1306 if (is_system_labeled()) {
1307 cred_t *cr;
1308
1309 r.rq_label = kmem_alloc(sizeof (bslabel_t), KM_SLEEP);
1310 cr = msg_getcred(mp, NULL);
1311 ASSERT(cr != NULL);
1312
1313 bcopy(label2bslabel(crgetlabel(cr)), r.rq_label,
1314 sizeof (bslabel_t));
1315 } else {
1316 r.rq_label = NULL;
1317 }
1318
1319 /*
1320 * Now receive a message from the transport.
1321 */
1322 if (SVC_RECV(clone_xprt, mp, &msg)) {
1323 void (*dispatchroutine) (struct svc_req *, SVCXPRT *);
1324 rpcvers_t vers_min;
1325 rpcvers_t vers_max;
1326 bool_t no_dispatch;
1327 enum auth_stat why;
1328
1329 /*
1330 * Find the registered program and call its
1331 * dispatch routine.
1332 */
1333 r.rq_xprt = clone_xprt;
1334 r.rq_prog = msg.rm_call.cb_prog;
1335 r.rq_vers = msg.rm_call.cb_vers;
1336 r.rq_proc = msg.rm_call.cb_proc;
1337 r.rq_cred = msg.rm_call.cb_cred;
1338
1339 /*
1340 * First authenticate the message.
1341 */
1342 TRACE_0(TR_FAC_KRPC, TR_SVC_GETREQ_AUTH_START,
1343 "svc_getreq_auth_start:");
1344 if ((why = sec_svc_msg(&r, &msg, &no_dispatch)) != AUTH_OK) {
1345 TRACE_1(TR_FAC_KRPC, TR_SVC_GETREQ_AUTH_END,
1346 "svc_getreq_auth_end:(%S)", "failed");
1347 svcerr_auth(clone_xprt, why);
1348 /*
1349 * Free the arguments.
1350 */
1351 (void) SVC_FREEARGS(clone_xprt, NULL, NULL);
1352 } else if (no_dispatch) {
1353 /*
1354 * XXX - when bug id 4053736 is done, remove
1355 * the SVC_FREEARGS() call.
1356 */
1357 (void) SVC_FREEARGS(clone_xprt, NULL, NULL);
1358 } else {
1359 TRACE_1(TR_FAC_KRPC, TR_SVC_GETREQ_AUTH_END,
1360 "svc_getreq_auth_end:(%S)", "good");
1361
1362 dispatchroutine = svc_callout_find(clone_xprt,
1363 r.rq_prog, r.rq_vers, &vers_min, &vers_max);
1364
1365 if (dispatchroutine) {
1366 (*dispatchroutine) (&r, clone_xprt);
1367 } else {
1368 /*
1369 * If we got here, the program or version
1370 * is not served ...
1371 */
1372 if (vers_max == 0 ||
1373 version_keepquiet(clone_xprt))
1374 svcerr_noprog(clone_xprt);
1375 else
1376 svcerr_progvers(clone_xprt, vers_min,
1377 vers_max);
1378
1379 /*
1380 * Free the arguments. For successful calls
1381 * this is done by the dispatch routine.
1382 */
1383 (void) SVC_FREEARGS(clone_xprt, NULL, NULL);
1384 /* Fall through to ... */
1385 }
1386 /*
1387 * Call cleanup procedure for RPCSEC_GSS.
1388 * This is a hack since there is currently no
1389 * op, such as SVC_CLEANAUTH. rpc_gss_cleanup
1390 * should only be called for a non null proc.
1391 * Null procs in RPC GSS are overloaded to
1392 * provide context setup and control. The main
1393 * purpose of rpc_gss_cleanup is to decrement the
1394 * reference count associated with the cached
1395 * GSS security context. We should never get here
1396 * for an RPCSEC_GSS null proc since *no_dispatch
1397 * would have been set to true from sec_svc_msg above.
1398 */
1399 if (r.rq_cred.oa_flavor == RPCSEC_GSS)
1400 rpc_gss_cleanup(clone_xprt);
1401 }
1402 }
1403
1404 if (r.rq_label != NULL)
1405 kmem_free(r.rq_label, sizeof (bslabel_t));
1406
1407 /*
1408 * Free authentication parameters' storage
1409 */
1410 mutex_enter(&rqcred_lock);
1411 /* LINTED pointer alignment */
1412 *(caddr_t *)cred_area = rqcred_head;
1413 rqcred_head = cred_area;
1414 mutex_exit(&rqcred_lock);
1415 }
1416
1417 /*
1418 * Allocate new clone transport handle.
1419 */
1420 SVCXPRT *
svc_clone_init(void)1421 svc_clone_init(void)
1422 {
1423 SVCXPRT *clone_xprt;
1424
1425 clone_xprt = kmem_zalloc(sizeof (SVCXPRT), KM_SLEEP);
1426 clone_xprt->xp_cred = crget();
1427 return (clone_xprt);
1428 }
1429
1430 void
svc_init_clone_xprt(SVCXPRT * clone_xprt,queue_t * wq)1431 svc_init_clone_xprt(SVCXPRT *clone_xprt, queue_t *wq)
1432 {
1433 extern struct svc_ops svc_cots_op;
1434 clone_xprt->xp_ops = &svc_cots_op;
1435 clone_xprt->xp_wq = wq;
1436 }
1437
1438 /*
1439 * Free memory allocated by svc_clone_init.
1440 */
1441 void
svc_clone_free(SVCXPRT * clone_xprt)1442 svc_clone_free(SVCXPRT *clone_xprt)
1443 {
1444 /* Fre credentials from crget() */
1445 if (clone_xprt->xp_cred)
1446 crfree(clone_xprt->xp_cred);
1447 kmem_free(clone_xprt, sizeof (SVCXPRT));
1448 }
1449
1450 /*
1451 * Link a per-thread clone transport handle to a master
1452 * - increment a thread reference count on the master
1453 * - copy some of the master's fields to the clone
1454 * - call a transport specific clone routine.
1455 */
1456 void
svc_clone_link(SVCMASTERXPRT * xprt,SVCXPRT * clone_xprt,SVCXPRT * clone_xprt2)1457 svc_clone_link(SVCMASTERXPRT *xprt, SVCXPRT *clone_xprt, SVCXPRT *clone_xprt2)
1458 {
1459 cred_t *cred = clone_xprt->xp_cred;
1460
1461 ASSERT(cred);
1462
1463 /*
1464 * Bump up master's thread count.
1465 * Linking a per-thread clone transport handle to a master
1466 * associates a service thread with the master.
1467 */
1468 mutex_enter(&xprt->xp_thread_lock);
1469 xprt->xp_threads++;
1470 mutex_exit(&xprt->xp_thread_lock);
1471
1472 /* Clear everything */
1473 bzero(clone_xprt, sizeof (SVCXPRT));
1474
1475 /* Set pointer to the master transport stucture */
1476 clone_xprt->xp_master = xprt;
1477
1478 /* Structure copy of all the common fields */
1479 clone_xprt->xp_xpc = xprt->xp_xpc;
1480
1481 /* Restore per-thread fields (xp_cred) */
1482 clone_xprt->xp_cred = cred;
1483
1484 if (clone_xprt2)
1485 SVC_CLONE_XPRT(clone_xprt2, clone_xprt);
1486 }
1487
1488 /*
1489 * Unlink a non-detached clone transport handle from a master
1490 * - decrement a thread reference count on the master
1491 * - if the transport is closing (xp_wq is NULL) call svc_xprt_cleanup();
1492 * if this is the last non-detached/absolute thread on this transport
1493 * then it will close/destroy the transport
1494 * - call transport specific function to destroy the clone handle
1495 * - clear xp_master to avoid recursion.
1496 */
1497 void
svc_clone_unlink(SVCXPRT * clone_xprt)1498 svc_clone_unlink(SVCXPRT *clone_xprt)
1499 {
1500 SVCMASTERXPRT *xprt = clone_xprt->xp_master;
1501
1502 /* This cannot be a detached thread */
1503 ASSERT(!clone_xprt->xp_detached);
1504 ASSERT(xprt->xp_threads > 0);
1505
1506 /* Decrement a reference count on the transport */
1507 mutex_enter(&xprt->xp_thread_lock);
1508 xprt->xp_threads--;
1509
1510 /* svc_xprt_cleanup() unlocks xp_thread_lock or destroys xprt */
1511 if (xprt->xp_wq)
1512 mutex_exit(&xprt->xp_thread_lock);
1513 else
1514 svc_xprt_cleanup(xprt, FALSE);
1515
1516 /* Call a transport specific clone `destroy' function */
1517 SVC_CLONE_DESTROY(clone_xprt);
1518
1519 /* Clear xp_master */
1520 clone_xprt->xp_master = NULL;
1521 }
1522
1523 /*
1524 * Unlink a detached clone transport handle from a master
1525 * - decrement the thread count on the master
1526 * - if the transport is closing (xp_wq is NULL) call svc_xprt_cleanup();
1527 * if this is the last thread on this transport then it will destroy
1528 * the transport.
1529 * - call a transport specific function to destroy the clone handle
1530 * - clear xp_master to avoid recursion.
1531 */
1532 static void
svc_clone_unlinkdetached(SVCXPRT * clone_xprt)1533 svc_clone_unlinkdetached(SVCXPRT *clone_xprt)
1534 {
1535 SVCMASTERXPRT *xprt = clone_xprt->xp_master;
1536
1537 /* This must be a detached thread */
1538 ASSERT(clone_xprt->xp_detached);
1539 ASSERT(xprt->xp_detached_threads > 0);
1540 ASSERT(xprt->xp_threads + xprt->xp_detached_threads > 0);
1541
1542 /* Grab xprt->xp_thread_lock and decrement link counts */
1543 mutex_enter(&xprt->xp_thread_lock);
1544 xprt->xp_detached_threads--;
1545
1546 /* svc_xprt_cleanup() unlocks xp_thread_lock or destroys xprt */
1547 if (xprt->xp_wq)
1548 mutex_exit(&xprt->xp_thread_lock);
1549 else
1550 svc_xprt_cleanup(xprt, TRUE);
1551
1552 /* Call transport specific clone `destroy' function */
1553 SVC_CLONE_DESTROY(clone_xprt);
1554
1555 /* Clear xp_master */
1556 clone_xprt->xp_master = NULL;
1557 }
1558
1559 /*
1560 * Try to exit a non-detached service thread
1561 * - check if there are enough threads left
1562 * - if this thread (ie its clone transport handle) are linked
1563 * to a master transport then unlink it
1564 * - free the clone structure
1565 * - return to userland for thread exit
1566 *
1567 * If this is the last non-detached or the last thread on this
1568 * transport then the call to svc_clone_unlink() will, respectively,
1569 * close and/or destroy the transport.
1570 */
1571 static void
svc_thread_exit(SVCPOOL * pool,SVCXPRT * clone_xprt)1572 svc_thread_exit(SVCPOOL *pool, SVCXPRT *clone_xprt)
1573 {
1574 if (clone_xprt->xp_master)
1575 svc_clone_unlink(clone_xprt);
1576 svc_clone_free(clone_xprt);
1577
1578 mutex_enter(&pool->p_thread_lock);
1579 pool->p_threads--;
1580 if (pool->p_closing && svc_pool_tryexit(pool))
1581 /* return - thread exit will be handled at user level */
1582 return;
1583 mutex_exit(&pool->p_thread_lock);
1584
1585 /* return - thread exit will be handled at user level */
1586 }
1587
1588 /*
1589 * Exit a detached service thread that returned to svc_run
1590 * - decrement the `detached thread' count for the pool
1591 * - unlink the detached clone transport handle from the master
1592 * - free the clone structure
1593 * - return to userland for thread exit
1594 *
1595 * If this is the last thread on this transport then the call
1596 * to svc_clone_unlinkdetached() will destroy the transport.
1597 */
1598 static void
svc_thread_exitdetached(SVCPOOL * pool,SVCXPRT * clone_xprt)1599 svc_thread_exitdetached(SVCPOOL *pool, SVCXPRT *clone_xprt)
1600 {
1601 /* This must be a detached thread */
1602 ASSERT(clone_xprt->xp_master);
1603 ASSERT(clone_xprt->xp_detached);
1604 ASSERT(!MUTEX_HELD(&pool->p_thread_lock));
1605
1606 svc_clone_unlinkdetached(clone_xprt);
1607 svc_clone_free(clone_xprt);
1608
1609 mutex_enter(&pool->p_thread_lock);
1610
1611 ASSERT(pool->p_reserved_threads >= 0);
1612 ASSERT(pool->p_detached_threads > 0);
1613
1614 pool->p_detached_threads--;
1615 if (pool->p_closing && svc_pool_tryexit(pool))
1616 /* return - thread exit will be handled at user level */
1617 return;
1618 mutex_exit(&pool->p_thread_lock);
1619
1620 /* return - thread exit will be handled at user level */
1621 }
1622
1623 /*
1624 * PSARC 2003/523 Contract Private Interface
1625 * svc_wait
1626 * Changes must be reviewed by Solaris File Sharing
1627 * Changes must be communicated to contract-2003-523@sun.com
1628 */
1629 int
svc_wait(int id)1630 svc_wait(int id)
1631 {
1632 SVCPOOL *pool;
1633 int err = 0;
1634 struct svc_globals *svc;
1635
1636 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
1637 mutex_enter(&svc->svc_plock);
1638 pool = svc_pool_find(svc, id);
1639 mutex_exit(&svc->svc_plock);
1640
1641 if (pool == NULL)
1642 return (ENOENT);
1643
1644 mutex_enter(&pool->p_user_lock);
1645
1646 /* Check if there's already a user thread waiting on this pool */
1647 if (pool->p_user_waiting) {
1648 mutex_exit(&pool->p_user_lock);
1649 return (EBUSY);
1650 }
1651
1652 pool->p_user_waiting = TRUE;
1653
1654 /* Go to sleep, waiting for the signaled flag. */
1655 while (!pool->p_signal_create_thread && !pool->p_user_exit) {
1656 if (cv_wait_sig(&pool->p_user_cv, &pool->p_user_lock) == 0) {
1657 /* Interrupted, return to handle exit or signal */
1658 pool->p_user_waiting = FALSE;
1659 pool->p_signal_create_thread = FALSE;
1660 mutex_exit(&pool->p_user_lock);
1661
1662 /*
1663 * Thread has been interrupted and therefore
1664 * the service daemon is leaving as well so
1665 * let's go ahead and remove the service
1666 * pool at this time.
1667 */
1668 mutex_enter(&svc->svc_plock);
1669 svc_pool_unregister(svc, pool);
1670 mutex_exit(&svc->svc_plock);
1671
1672 return (EINTR);
1673 }
1674 }
1675
1676 pool->p_signal_create_thread = FALSE;
1677 pool->p_user_waiting = FALSE;
1678
1679 /*
1680 * About to exit the service pool. Set return value
1681 * to let the userland code know our intent. Signal
1682 * svc_thread_creator() so that it can clean up the
1683 * pool structure.
1684 */
1685 if (pool->p_user_exit) {
1686 err = ECANCELED;
1687 cv_signal(&pool->p_user_cv);
1688 }
1689
1690 mutex_exit(&pool->p_user_lock);
1691
1692 /* Return to userland with error code, for possible thread creation. */
1693 return (err);
1694 }
1695
1696 /*
1697 * `Service threads' creator thread.
1698 * The creator thread waits for a signal to create new thread.
1699 */
1700 static void
svc_thread_creator(SVCPOOL * pool)1701 svc_thread_creator(SVCPOOL *pool)
1702 {
1703 callb_cpr_t cpr_info; /* CPR info for the creator thread */
1704
1705 CALLB_CPR_INIT(&cpr_info, &pool->p_creator_lock, callb_generic_cpr,
1706 "svc_thread_creator");
1707
1708 for (;;) {
1709 mutex_enter(&pool->p_creator_lock);
1710
1711 /* Check if someone set the exit flag */
1712 if (pool->p_creator_exit)
1713 break;
1714
1715 /* Clear the `signaled' flag and go asleep */
1716 pool->p_creator_signaled = FALSE;
1717
1718 CALLB_CPR_SAFE_BEGIN(&cpr_info);
1719 cv_wait(&pool->p_creator_cv, &pool->p_creator_lock);
1720 CALLB_CPR_SAFE_END(&cpr_info, &pool->p_creator_lock);
1721
1722 /* Check if someone signaled to exit */
1723 if (pool->p_creator_exit)
1724 break;
1725
1726 mutex_exit(&pool->p_creator_lock);
1727
1728 mutex_enter(&pool->p_thread_lock);
1729
1730 /*
1731 * When the pool is in closing state and all the transports
1732 * are gone the creator should not create any new threads.
1733 */
1734 if (pool->p_closing) {
1735 rw_enter(&pool->p_lrwlock, RW_READER);
1736 if (pool->p_lcount == 0) {
1737 rw_exit(&pool->p_lrwlock);
1738 mutex_exit(&pool->p_thread_lock);
1739 continue;
1740 }
1741 rw_exit(&pool->p_lrwlock);
1742 }
1743
1744 /*
1745 * Create a new service thread now.
1746 */
1747 ASSERT(pool->p_reserved_threads >= 0);
1748 ASSERT(pool->p_detached_threads >= 0);
1749
1750 if (pool->p_threads + pool->p_detached_threads <
1751 pool->p_maxthreads) {
1752 /*
1753 * Signal the service pool wait thread
1754 * only if it hasn't already been signaled.
1755 */
1756 mutex_enter(&pool->p_user_lock);
1757 if (pool->p_signal_create_thread == FALSE) {
1758 pool->p_signal_create_thread = TRUE;
1759 cv_signal(&pool->p_user_cv);
1760 }
1761 mutex_exit(&pool->p_user_lock);
1762
1763 }
1764
1765 mutex_exit(&pool->p_thread_lock);
1766 }
1767
1768 /*
1769 * Pool is closed. Cleanup and exit.
1770 */
1771
1772 /* Signal userland creator thread that it can stop now. */
1773 mutex_enter(&pool->p_user_lock);
1774 pool->p_user_exit = TRUE;
1775 cv_broadcast(&pool->p_user_cv);
1776 mutex_exit(&pool->p_user_lock);
1777
1778 /* Wait for svc_wait() to be done with the pool */
1779 mutex_enter(&pool->p_user_lock);
1780 while (pool->p_user_waiting) {
1781 CALLB_CPR_SAFE_BEGIN(&cpr_info);
1782 cv_wait(&pool->p_user_cv, &pool->p_user_lock);
1783 CALLB_CPR_SAFE_END(&cpr_info, &pool->p_creator_lock);
1784 }
1785 mutex_exit(&pool->p_user_lock);
1786
1787 CALLB_CPR_EXIT(&cpr_info);
1788 svc_pool_cleanup(pool);
1789 zthread_exit();
1790 }
1791
1792 /*
1793 * If the creator thread is idle signal it to create
1794 * a new service thread.
1795 */
1796 static void
svc_creator_signal(SVCPOOL * pool)1797 svc_creator_signal(SVCPOOL *pool)
1798 {
1799 mutex_enter(&pool->p_creator_lock);
1800 if (pool->p_creator_signaled == FALSE) {
1801 pool->p_creator_signaled = TRUE;
1802 cv_signal(&pool->p_creator_cv);
1803 }
1804 mutex_exit(&pool->p_creator_lock);
1805 }
1806
1807 /*
1808 * Notify the creator thread to clean up and exit.
1809 */
1810 static void
svc_creator_signalexit(SVCPOOL * pool)1811 svc_creator_signalexit(SVCPOOL *pool)
1812 {
1813 mutex_enter(&pool->p_creator_lock);
1814 pool->p_creator_exit = TRUE;
1815 cv_signal(&pool->p_creator_cv);
1816 mutex_exit(&pool->p_creator_lock);
1817 }
1818
1819 /*
1820 * Polling part of the svc_run().
1821 * - search for a transport with a pending request
1822 * - when one is found then latch the request lock and return to svc_run()
1823 * - if there is no request go asleep and wait for a signal
1824 * - handle two exceptions:
1825 * a) current transport is closing
1826 * b) timeout waiting for a new request
1827 * in both cases return to svc_run()
1828 */
1829 static SVCMASTERXPRT *
svc_poll(SVCPOOL * pool,SVCMASTERXPRT * xprt,SVCXPRT * clone_xprt)1830 svc_poll(SVCPOOL *pool, SVCMASTERXPRT *xprt, SVCXPRT *clone_xprt)
1831 {
1832 /*
1833 * Main loop iterates until
1834 * a) we find a pending request,
1835 * b) detect that the current transport is closing
1836 * c) time out waiting for a new request.
1837 */
1838 for (;;) {
1839 SVCMASTERXPRT *next;
1840 clock_t timeleft;
1841
1842 /*
1843 * Step 1.
1844 * Check if there is a pending request on the current
1845 * transport handle so that we can avoid cloning.
1846 * If so then decrement the `pending-request' count for
1847 * the pool and return to svc_run().
1848 *
1849 * We need to prevent a potential starvation. When
1850 * a selected transport has all pending requests coming in
1851 * all the time then the service threads will never switch to
1852 * another transport. With a limited number of service
1853 * threads some transports may be never serviced.
1854 * To prevent such a scenario we pick up at most
1855 * pool->p_max_same_xprt requests from the same transport
1856 * and then take a hint from the xprt-ready queue or walk
1857 * the transport list.
1858 */
1859 if (xprt && xprt->xp_req_head && (!pool->p_qoverflow ||
1860 clone_xprt->xp_same_xprt++ < pool->p_max_same_xprt)) {
1861 mutex_enter(&xprt->xp_req_lock);
1862 if (xprt->xp_req_head)
1863 return (xprt);
1864 mutex_exit(&xprt->xp_req_lock);
1865 }
1866 clone_xprt->xp_same_xprt = 0;
1867
1868 /*
1869 * Step 2.
1870 * If there is no request on the current transport try to
1871 * find another transport with a pending request.
1872 */
1873 mutex_enter(&pool->p_req_lock);
1874 pool->p_walkers++;
1875 mutex_exit(&pool->p_req_lock);
1876
1877 /*
1878 * Make sure that transports will not be destroyed just
1879 * while we are checking them.
1880 */
1881 rw_enter(&pool->p_lrwlock, RW_READER);
1882
1883 for (;;) {
1884 SVCMASTERXPRT *hint;
1885
1886 /*
1887 * Get the next transport from the xprt-ready queue.
1888 * This is a hint. There is no guarantee that the
1889 * transport still has a pending request since it
1890 * could be picked up by another thread in step 1.
1891 *
1892 * If the transport has a pending request then keep
1893 * it locked. Decrement the `pending-requests' for
1894 * the pool and `walking-threads' counts, and return
1895 * to svc_run().
1896 */
1897 hint = svc_xprt_qget(pool);
1898
1899 if (hint && hint->xp_req_head) {
1900 mutex_enter(&hint->xp_req_lock);
1901 if (hint->xp_req_head) {
1902 rw_exit(&pool->p_lrwlock);
1903
1904 mutex_enter(&pool->p_req_lock);
1905 pool->p_walkers--;
1906 mutex_exit(&pool->p_req_lock);
1907
1908 return (hint);
1909 }
1910 mutex_exit(&hint->xp_req_lock);
1911 }
1912
1913 /*
1914 * If there was no hint in the xprt-ready queue then
1915 * - if there is less pending requests than polling
1916 * threads go asleep
1917 * - otherwise check if there was an overflow in the
1918 * xprt-ready queue; if so, then we need to break
1919 * the `drain' mode
1920 */
1921 if (hint == NULL) {
1922 if (pool->p_reqs < pool->p_walkers) {
1923 mutex_enter(&pool->p_req_lock);
1924 if (pool->p_reqs < pool->p_walkers)
1925 goto sleep;
1926 mutex_exit(&pool->p_req_lock);
1927 }
1928 if (pool->p_qoverflow) {
1929 break;
1930 }
1931 }
1932 }
1933
1934 /*
1935 * If there was an overflow in the xprt-ready queue then we
1936 * need to switch to the `drain' mode, i.e. walk through the
1937 * pool's transport list and search for a transport with a
1938 * pending request. If we manage to drain all the pending
1939 * requests then we can clear the overflow flag. This will
1940 * switch svc_poll() back to taking hints from the xprt-ready
1941 * queue (which is generally more efficient).
1942 *
1943 * If there are no registered transports simply go asleep.
1944 */
1945 if (xprt == NULL && pool->p_lhead == NULL) {
1946 mutex_enter(&pool->p_req_lock);
1947 goto sleep;
1948 }
1949
1950 /*
1951 * `Walk' through the pool's list of master server
1952 * transport handles. Continue to loop until there are less
1953 * looping threads then pending requests.
1954 */
1955 next = xprt ? xprt->xp_next : pool->p_lhead;
1956
1957 for (;;) {
1958 /*
1959 * Check if there is a request on this transport.
1960 *
1961 * Since blocking on a locked mutex is very expensive
1962 * check for a request without a lock first. If we miss
1963 * a request that is just being delivered but this will
1964 * cost at most one full walk through the list.
1965 */
1966 if (next->xp_req_head) {
1967 /*
1968 * Check again, now with a lock.
1969 */
1970 mutex_enter(&next->xp_req_lock);
1971 if (next->xp_req_head) {
1972 rw_exit(&pool->p_lrwlock);
1973
1974 mutex_enter(&pool->p_req_lock);
1975 pool->p_walkers--;
1976 mutex_exit(&pool->p_req_lock);
1977
1978 return (next);
1979 }
1980 mutex_exit(&next->xp_req_lock);
1981 }
1982
1983 /*
1984 * Continue to `walk' through the pool's
1985 * transport list until there is less requests
1986 * than walkers. Check this condition without
1987 * a lock first to avoid contention on a mutex.
1988 */
1989 if (pool->p_reqs < pool->p_walkers) {
1990 /* Check again, now with the lock. */
1991 mutex_enter(&pool->p_req_lock);
1992 if (pool->p_reqs < pool->p_walkers)
1993 break; /* goto sleep */
1994 mutex_exit(&pool->p_req_lock);
1995 }
1996
1997 next = next->xp_next;
1998 }
1999
2000 sleep:
2001 /*
2002 * No work to do. Stop the `walk' and go asleep.
2003 * Decrement the `walking-threads' count for the pool.
2004 */
2005 pool->p_walkers--;
2006 rw_exit(&pool->p_lrwlock);
2007
2008 /*
2009 * Count us as asleep, mark this thread as safe
2010 * for suspend and wait for a request.
2011 */
2012 pool->p_asleep++;
2013 timeleft = cv_reltimedwait_sig(&pool->p_req_cv,
2014 &pool->p_req_lock, pool->p_timeout, TR_CLOCK_TICK);
2015
2016 /*
2017 * If the drowsy flag is on this means that
2018 * someone has signaled a wakeup. In such a case
2019 * the `asleep-threads' count has already updated
2020 * so just clear the flag.
2021 *
2022 * If the drowsy flag is off then we need to update
2023 * the `asleep-threads' count.
2024 */
2025 if (pool->p_drowsy) {
2026 pool->p_drowsy = FALSE;
2027 /*
2028 * If the thread is here because it timedout,
2029 * instead of returning SVC_ETIMEDOUT, it is
2030 * time to do some more work.
2031 */
2032 if (timeleft == -1)
2033 timeleft = 1;
2034 } else {
2035 pool->p_asleep--;
2036 }
2037 mutex_exit(&pool->p_req_lock);
2038
2039 /*
2040 * If we received a signal while waiting for a
2041 * request, inform svc_run(), so that we can return
2042 * to user level and exit.
2043 */
2044 if (timeleft == 0)
2045 return (SVC_EINTR);
2046
2047 /*
2048 * If the current transport is gone then notify
2049 * svc_run() to unlink from it.
2050 */
2051 if (xprt && xprt->xp_wq == NULL)
2052 return (SVC_EXPRTGONE);
2053
2054 /*
2055 * If we have timed out waiting for a request inform
2056 * svc_run() that we probably don't need this thread.
2057 */
2058 if (timeleft == -1)
2059 return (SVC_ETIMEDOUT);
2060 }
2061 }
2062
2063 /*
2064 * calculate memory space used by message
2065 */
2066 static size_t
svc_msgsize(mblk_t * mp)2067 svc_msgsize(mblk_t *mp)
2068 {
2069 size_t count = 0;
2070
2071 for (; mp; mp = mp->b_cont)
2072 count += MBLKSIZE(mp);
2073
2074 return (count);
2075 }
2076
2077 /*
2078 * svc_flowcontrol() attempts to turn the flow control on or off for the
2079 * transport.
2080 *
2081 * On input the xprt->xp_full determines whether the flow control is currently
2082 * off (FALSE) or on (TRUE). If it is off we do tests to see whether we should
2083 * turn it on, and vice versa.
2084 *
2085 * There are two conditions considered for the flow control. Both conditions
2086 * have the low and the high watermark. Once the high watermark is reached in
2087 * EITHER condition the flow control is turned on. For turning the flow
2088 * control off BOTH conditions must be below the low watermark.
2089 *
2090 * Condition #1 - Number of requests queued:
2091 *
2092 * The max number of threads working on the pool is roughly pool->p_maxthreads.
2093 * Every thread could handle up to pool->p_max_same_xprt requests from one
2094 * transport before it moves to another transport. See svc_poll() for details.
2095 * In case all threads in the pool are working on a transport they will handle
2096 * no more than enough_reqs (pool->p_maxthreads * pool->p_max_same_xprt)
2097 * requests in one shot from that transport. We are turning the flow control
2098 * on once the high watermark is reached for a transport so that the underlying
2099 * queue knows the rate of incoming requests is higher than we are able to
2100 * handle.
2101 *
2102 * The high watermark: 2 * enough_reqs
2103 * The low watermark: enough_reqs
2104 *
2105 * Condition #2 - Length of the data payload for the queued messages/requests:
2106 *
2107 * We want to prevent a particular pool exhausting the memory, so once the
2108 * total length of queued requests for the whole pool reaches the high
2109 * watermark we start to turn on the flow control for significant memory
2110 * consumers (individual transports). To keep the implementation simple
2111 * enough, this condition is not exact, because we count only the data part of
2112 * the queued requests and we ignore the overhead. For our purposes this
2113 * should be enough. We should also consider that up to pool->p_maxthreads
2114 * threads for the pool might work on large requests (this is not counted for
2115 * this condition). We need to leave some space for rest of the system and for
2116 * other big memory consumers (like ZFS). Also, after the flow control is
2117 * turned on (on cots transports) we can start to accumulate a few megabytes in
2118 * queues for each transport.
2119 *
2120 * Usually, the big memory consumers are NFS WRITE requests, so we do not
2121 * expect to see this condition met for other than NFS pools.
2122 *
2123 * The high watermark: 1/5 of available memory
2124 * The low watermark: 1/6 of available memory
2125 *
2126 * Once the high watermark is reached we turn the flow control on only for
2127 * transports exceeding a per-transport memory limit. The per-transport
2128 * fraction of memory is calculated as:
2129 *
2130 * the high watermark / number of transports
2131 *
2132 * For transports with less than the per-transport fraction of memory consumed,
2133 * the flow control is not turned on, so they are not blocked by a few "hungry"
2134 * transports. Because of this, the total memory consumption for the
2135 * particular pool might grow up to 2 * the high watermark.
2136 *
2137 * The individual transports are unblocked once their consumption is below:
2138 *
2139 * per-transport fraction of memory / 2
2140 *
2141 * or once the total memory consumption for the whole pool falls below the low
2142 * watermark.
2143 *
2144 */
2145 static void
svc_flowcontrol(SVCMASTERXPRT * xprt)2146 svc_flowcontrol(SVCMASTERXPRT *xprt)
2147 {
2148 SVCPOOL *pool = xprt->xp_pool;
2149 size_t totalmem = ptob(physmem);
2150 int enough_reqs = pool->p_maxthreads * pool->p_max_same_xprt;
2151
2152 ASSERT(MUTEX_HELD(&xprt->xp_req_lock));
2153
2154 /* Should we turn the flow control on? */
2155 if (xprt->xp_full == FALSE) {
2156 /* Is flow control disabled? */
2157 if (svc_flowcontrol_disable != 0)
2158 return;
2159
2160 /* Is there enough requests queued? */
2161 if (xprt->xp_reqs >= enough_reqs * 2) {
2162 xprt->xp_full = TRUE;
2163 return;
2164 }
2165
2166 /*
2167 * If this pool uses over 20% of memory and this transport is
2168 * significant memory consumer then we are full
2169 */
2170 if (pool->p_size >= totalmem / 5 &&
2171 xprt->xp_size >= totalmem / 5 / pool->p_lcount)
2172 xprt->xp_full = TRUE;
2173
2174 return;
2175 }
2176
2177 /* We might want to turn the flow control off */
2178
2179 /* Do we still have enough requests? */
2180 if (xprt->xp_reqs > enough_reqs)
2181 return;
2182
2183 /*
2184 * If this pool still uses over 16% of memory and this transport is
2185 * still significant memory consumer then we are still full
2186 */
2187 if (pool->p_size >= totalmem / 6 &&
2188 xprt->xp_size >= totalmem / 5 / pool->p_lcount / 2)
2189 return;
2190
2191 /* Turn the flow control off and make sure rpcmod is notified */
2192 xprt->xp_full = FALSE;
2193 xprt->xp_enable = TRUE;
2194 }
2195
2196 /*
2197 * Main loop of the kernel RPC server
2198 * - wait for input (find a transport with a pending request).
2199 * - dequeue the request
2200 * - call a registered server routine to process the requests
2201 *
2202 * There can many threads running concurrently in this loop
2203 * on the same or on different transports.
2204 */
2205 static int
svc_run(SVCPOOL * pool)2206 svc_run(SVCPOOL *pool)
2207 {
2208 SVCMASTERXPRT *xprt = NULL; /* master transport handle */
2209 SVCXPRT *clone_xprt; /* clone for this thread */
2210 proc_t *p = ttoproc(curthread);
2211
2212 /* Allocate a clone transport handle for this thread */
2213 clone_xprt = svc_clone_init();
2214
2215 /*
2216 * The loop iterates until the thread becomes
2217 * idle too long or the transport is gone.
2218 */
2219 for (;;) {
2220 SVCMASTERXPRT *next;
2221 mblk_t *mp;
2222 bool_t enable;
2223 size_t size;
2224
2225 TRACE_0(TR_FAC_KRPC, TR_SVC_RUN, "svc_run");
2226
2227 /*
2228 * If the process is exiting/killed, return
2229 * immediately without processing any more
2230 * requests.
2231 */
2232 if (p->p_flag & (SEXITING | SKILLED)) {
2233 svc_thread_exit(pool, clone_xprt);
2234 return (EINTR);
2235 }
2236
2237 /* Find a transport with a pending request */
2238 next = svc_poll(pool, xprt, clone_xprt);
2239
2240 /*
2241 * If svc_poll() finds a transport with a request
2242 * it latches xp_req_lock on it. Therefore we need
2243 * to dequeue the request and release the lock as
2244 * soon as possible.
2245 */
2246 ASSERT(next != NULL &&
2247 (next == SVC_EXPRTGONE ||
2248 next == SVC_ETIMEDOUT ||
2249 next == SVC_EINTR ||
2250 MUTEX_HELD(&next->xp_req_lock)));
2251
2252 /* Ooops! Current transport is closing. Unlink now */
2253 if (next == SVC_EXPRTGONE) {
2254 svc_clone_unlink(clone_xprt);
2255 xprt = NULL;
2256 continue;
2257 }
2258
2259 /* Ooops! Timeout while waiting for a request. Exit */
2260 if (next == SVC_ETIMEDOUT) {
2261 svc_thread_exit(pool, clone_xprt);
2262 return (0);
2263 }
2264
2265 /*
2266 * Interrupted by a signal while waiting for a
2267 * request. Return to userspace and exit.
2268 */
2269 if (next == SVC_EINTR) {
2270 svc_thread_exit(pool, clone_xprt);
2271 return (EINTR);
2272 }
2273
2274 /*
2275 * De-queue the request and release the request lock
2276 * on this transport (latched by svc_poll()).
2277 */
2278 mp = next->xp_req_head;
2279 next->xp_req_head = mp->b_next;
2280 mp->b_next = (mblk_t *)0;
2281 size = svc_msgsize(mp);
2282
2283 mutex_enter(&pool->p_req_lock);
2284 pool->p_reqs--;
2285 if (pool->p_reqs == 0)
2286 pool->p_qoverflow = FALSE;
2287 pool->p_size -= size;
2288 mutex_exit(&pool->p_req_lock);
2289
2290 next->xp_reqs--;
2291 next->xp_size -= size;
2292
2293 if (next->xp_full)
2294 svc_flowcontrol(next);
2295
2296 TRACE_2(TR_FAC_KRPC, TR_NFSFP_QUE_REQ_DEQ,
2297 "rpc_que_req_deq:pool %p mp %p", pool, mp);
2298 mutex_exit(&next->xp_req_lock);
2299
2300 /*
2301 * If this is a new request on a current transport then
2302 * the clone structure is already properly initialized.
2303 * Otherwise, if the request is on a different transport,
2304 * unlink from the current master and link to
2305 * the one we got a request on.
2306 */
2307 if (next != xprt) {
2308 if (xprt)
2309 svc_clone_unlink(clone_xprt);
2310 svc_clone_link(next, clone_xprt, NULL);
2311 xprt = next;
2312 }
2313
2314 /*
2315 * If there are more requests and req_cv hasn't
2316 * been signaled yet then wake up one more thread now.
2317 *
2318 * We avoid signaling req_cv until the most recently
2319 * signaled thread wakes up and gets CPU to clear
2320 * the `drowsy' flag.
2321 */
2322 if (!(pool->p_drowsy || pool->p_reqs <= pool->p_walkers ||
2323 pool->p_asleep == 0)) {
2324 mutex_enter(&pool->p_req_lock);
2325
2326 if (pool->p_drowsy || pool->p_reqs <= pool->p_walkers ||
2327 pool->p_asleep == 0)
2328 mutex_exit(&pool->p_req_lock);
2329 else {
2330 pool->p_asleep--;
2331 pool->p_drowsy = TRUE;
2332
2333 cv_signal(&pool->p_req_cv);
2334 mutex_exit(&pool->p_req_lock);
2335 }
2336 }
2337
2338 /*
2339 * If there are no asleep/signaled threads, we are
2340 * still below pool->p_maxthreads limit, and no thread is
2341 * currently being created then signal the creator
2342 * for one more service thread.
2343 *
2344 * The asleep and drowsy checks are not protected
2345 * by a lock since it hurts performance and a wrong
2346 * decision is not essential.
2347 */
2348 if (pool->p_asleep == 0 && !pool->p_drowsy &&
2349 pool->p_threads + pool->p_detached_threads <
2350 pool->p_maxthreads)
2351 svc_creator_signal(pool);
2352
2353 /*
2354 * Process the request.
2355 */
2356 svc_getreq(clone_xprt, mp);
2357
2358 /* If thread had a reservation it should have been canceled */
2359 ASSERT(!clone_xprt->xp_reserved);
2360
2361 /*
2362 * If the clone is marked detached then exit.
2363 * The rpcmod slot has already been released
2364 * when we detached this thread.
2365 */
2366 if (clone_xprt->xp_detached) {
2367 svc_thread_exitdetached(pool, clone_xprt);
2368 return (0);
2369 }
2370
2371 /*
2372 * Release our reference on the rpcmod
2373 * slot attached to xp_wq->q_ptr.
2374 */
2375 mutex_enter(&xprt->xp_req_lock);
2376 enable = xprt->xp_enable;
2377 if (enable)
2378 xprt->xp_enable = FALSE;
2379 mutex_exit(&xprt->xp_req_lock);
2380 SVC_RELE(clone_xprt, NULL, enable);
2381 }
2382 /* NOTREACHED */
2383 }
2384
2385 /*
2386 * Flush any pending requests for the queue and
2387 * free the associated mblks.
2388 */
2389 void
svc_queueclean(queue_t * q)2390 svc_queueclean(queue_t *q)
2391 {
2392 SVCMASTERXPRT *xprt = ((void **) q->q_ptr)[0];
2393 mblk_t *mp;
2394 SVCPOOL *pool;
2395
2396 /*
2397 * clean up the requests
2398 */
2399 mutex_enter(&xprt->xp_req_lock);
2400 pool = xprt->xp_pool;
2401 while ((mp = xprt->xp_req_head) != NULL) {
2402 /* remove the request from the list */
2403 xprt->xp_req_head = mp->b_next;
2404 mp->b_next = (mblk_t *)0;
2405 SVC_RELE(xprt, mp, FALSE);
2406 }
2407
2408 mutex_enter(&pool->p_req_lock);
2409 pool->p_reqs -= xprt->xp_reqs;
2410 pool->p_size -= xprt->xp_size;
2411 mutex_exit(&pool->p_req_lock);
2412
2413 xprt->xp_reqs = 0;
2414 xprt->xp_size = 0;
2415 xprt->xp_full = FALSE;
2416 xprt->xp_enable = FALSE;
2417 mutex_exit(&xprt->xp_req_lock);
2418 }
2419
2420 /*
2421 * This routine is called by rpcmod to inform kernel RPC that a
2422 * queue is closing. It is called after all the requests have been
2423 * picked up (that is after all the slots on the queue have
2424 * been released by kernel RPC). It is also guaranteed that no more
2425 * request will be delivered on this transport.
2426 *
2427 * - clear xp_wq to mark the master server transport handle as closing
2428 * - if there are no more threads on this transport close/destroy it
2429 * - otherwise, leave the linked threads to close/destroy the transport
2430 * later.
2431 */
2432 void
svc_queueclose(queue_t * q)2433 svc_queueclose(queue_t *q)
2434 {
2435 SVCMASTERXPRT *xprt = ((void **) q->q_ptr)[0];
2436
2437 if (xprt == NULL) {
2438 /*
2439 * If there is no master xprt associated with this stream,
2440 * then there is nothing to do. This happens regularly
2441 * with connection-oriented listening streams created by
2442 * nfsd.
2443 */
2444 return;
2445 }
2446
2447 mutex_enter(&xprt->xp_thread_lock);
2448
2449 ASSERT(xprt->xp_req_head == NULL);
2450 ASSERT(xprt->xp_wq != NULL);
2451
2452 xprt->xp_wq = NULL;
2453
2454 if (xprt->xp_threads == 0) {
2455 SVCPOOL *pool = xprt->xp_pool;
2456
2457 /*
2458 * svc_xprt_cleanup() destroys the transport
2459 * or releases the transport thread lock
2460 */
2461 svc_xprt_cleanup(xprt, FALSE);
2462
2463 mutex_enter(&pool->p_thread_lock);
2464
2465 /*
2466 * If the pool is in closing state and this was
2467 * the last transport in the pool then signal the creator
2468 * thread to clean up and exit.
2469 */
2470 if (pool->p_closing && svc_pool_tryexit(pool)) {
2471 return;
2472 }
2473 mutex_exit(&pool->p_thread_lock);
2474 } else {
2475 /*
2476 * There are still some threads linked to the transport. They
2477 * are very likely sleeping in svc_poll(). We could wake up
2478 * them by broadcasting on the p_req_cv condition variable, but
2479 * that might give us a performance penalty if there are too
2480 * many sleeping threads.
2481 *
2482 * Instead, we do nothing here. The linked threads will unlink
2483 * themselves and destroy the transport once they are woken up
2484 * on timeout, or by new request. There is no reason to hurry
2485 * up now with the thread wake up.
2486 */
2487
2488 /*
2489 * NOTICE: No references to the master transport structure
2490 * beyond this point!
2491 */
2492 mutex_exit(&xprt->xp_thread_lock);
2493 }
2494 }
2495
2496 /*
2497 * Interrupt `request delivery' routine called from rpcmod
2498 * - put a request at the tail of the transport request queue
2499 * - insert a hint for svc_poll() into the xprt-ready queue
2500 * - increment the `pending-requests' count for the pool
2501 * - handle flow control
2502 * - wake up a thread sleeping in svc_poll() if necessary
2503 * - if all the threads are running ask the creator for a new one.
2504 */
2505 bool_t
svc_queuereq(queue_t * q,mblk_t * mp,bool_t flowcontrol)2506 svc_queuereq(queue_t *q, mblk_t *mp, bool_t flowcontrol)
2507 {
2508 SVCMASTERXPRT *xprt = ((void **) q->q_ptr)[0];
2509 SVCPOOL *pool = xprt->xp_pool;
2510 size_t size;
2511
2512 TRACE_0(TR_FAC_KRPC, TR_SVC_QUEUEREQ_START, "svc_queuereq_start");
2513
2514 ASSERT(!is_system_labeled() || msg_getcred(mp, NULL) != NULL ||
2515 mp->b_datap->db_type != M_DATA);
2516
2517 /*
2518 * Step 1.
2519 * Grab the transport's request lock and the
2520 * pool's request lock so that when we put
2521 * the request at the tail of the transport's
2522 * request queue, possibly put the request on
2523 * the xprt ready queue and increment the
2524 * pending request count it looks atomic.
2525 */
2526 mutex_enter(&xprt->xp_req_lock);
2527 if (flowcontrol && xprt->xp_full) {
2528 mutex_exit(&xprt->xp_req_lock);
2529
2530 return (FALSE);
2531 }
2532 ASSERT(xprt->xp_full == FALSE);
2533 mutex_enter(&pool->p_req_lock);
2534 if (xprt->xp_req_head == NULL)
2535 xprt->xp_req_head = mp;
2536 else
2537 xprt->xp_req_tail->b_next = mp;
2538 xprt->xp_req_tail = mp;
2539
2540 /*
2541 * Step 2.
2542 * Insert a hint into the xprt-ready queue, increment
2543 * counters, handle flow control, and wake up
2544 * a thread sleeping in svc_poll() if necessary.
2545 */
2546
2547 /* Insert pointer to this transport into the xprt-ready queue */
2548 svc_xprt_qput(pool, xprt);
2549
2550 /* Increment counters */
2551 pool->p_reqs++;
2552 xprt->xp_reqs++;
2553
2554 size = svc_msgsize(mp);
2555 xprt->xp_size += size;
2556 pool->p_size += size;
2557
2558 /* Handle flow control */
2559 if (flowcontrol)
2560 svc_flowcontrol(xprt);
2561
2562 TRACE_2(TR_FAC_KRPC, TR_NFSFP_QUE_REQ_ENQ,
2563 "rpc_que_req_enq:pool %p mp %p", pool, mp);
2564
2565 /*
2566 * If there are more requests and req_cv hasn't
2567 * been signaled yet then wake up one more thread now.
2568 *
2569 * We avoid signaling req_cv until the most recently
2570 * signaled thread wakes up and gets CPU to clear
2571 * the `drowsy' flag.
2572 */
2573 if (pool->p_drowsy || pool->p_reqs <= pool->p_walkers ||
2574 pool->p_asleep == 0) {
2575 mutex_exit(&pool->p_req_lock);
2576 } else {
2577 pool->p_drowsy = TRUE;
2578 pool->p_asleep--;
2579
2580 /*
2581 * Signal wakeup and drop the request lock.
2582 */
2583 cv_signal(&pool->p_req_cv);
2584 mutex_exit(&pool->p_req_lock);
2585 }
2586 mutex_exit(&xprt->xp_req_lock);
2587
2588 /*
2589 * Step 3.
2590 * If there are no asleep/signaled threads, we are
2591 * still below pool->p_maxthreads limit, and no thread is
2592 * currently being created then signal the creator
2593 * for one more service thread.
2594 *
2595 * The asleep and drowsy checks are not not protected
2596 * by a lock since it hurts performance and a wrong
2597 * decision is not essential.
2598 */
2599 if (pool->p_asleep == 0 && !pool->p_drowsy &&
2600 pool->p_threads + pool->p_detached_threads < pool->p_maxthreads)
2601 svc_creator_signal(pool);
2602
2603 TRACE_1(TR_FAC_KRPC, TR_SVC_QUEUEREQ_END,
2604 "svc_queuereq_end:(%S)", "end");
2605
2606 return (TRUE);
2607 }
2608
2609 /*
2610 * Reserve a service thread so that it can be detached later.
2611 * This reservation is required to make sure that when it tries to
2612 * detach itself the total number of detached threads does not exceed
2613 * pool->p_maxthreads - pool->p_redline (i.e. that we can have
2614 * up to pool->p_redline non-detached threads).
2615 *
2616 * If the thread does not detach itself later, it should cancel the
2617 * reservation before returning to svc_run().
2618 *
2619 * - check if there is room for more reserved/detached threads
2620 * - if so, then increment the `reserved threads' count for the pool
2621 * - mark the thread as reserved (setting the flag in the clone transport
2622 * handle for this thread
2623 * - returns 1 if the reservation succeeded, 0 if it failed.
2624 */
2625 int
svc_reserve_thread(SVCXPRT * clone_xprt)2626 svc_reserve_thread(SVCXPRT *clone_xprt)
2627 {
2628 SVCPOOL *pool = clone_xprt->xp_master->xp_pool;
2629
2630 /* Recursive reservations are not allowed */
2631 ASSERT(!clone_xprt->xp_reserved);
2632 ASSERT(!clone_xprt->xp_detached);
2633
2634 /* Check pool counts if there is room for reservation */
2635 mutex_enter(&pool->p_thread_lock);
2636 if (pool->p_reserved_threads + pool->p_detached_threads >=
2637 pool->p_maxthreads - pool->p_redline) {
2638 mutex_exit(&pool->p_thread_lock);
2639 return (0);
2640 }
2641 pool->p_reserved_threads++;
2642 mutex_exit(&pool->p_thread_lock);
2643
2644 /* Mark the thread (clone handle) as reserved */
2645 clone_xprt->xp_reserved = TRUE;
2646
2647 return (1);
2648 }
2649
2650 /*
2651 * Cancel a reservation for a thread.
2652 * - decrement the `reserved threads' count for the pool
2653 * - clear the flag in the clone transport handle for this thread.
2654 */
2655 void
svc_unreserve_thread(SVCXPRT * clone_xprt)2656 svc_unreserve_thread(SVCXPRT *clone_xprt)
2657 {
2658 SVCPOOL *pool = clone_xprt->xp_master->xp_pool;
2659
2660 /* Thread must have a reservation */
2661 ASSERT(clone_xprt->xp_reserved);
2662 ASSERT(!clone_xprt->xp_detached);
2663
2664 /* Decrement global count */
2665 mutex_enter(&pool->p_thread_lock);
2666 pool->p_reserved_threads--;
2667 mutex_exit(&pool->p_thread_lock);
2668
2669 /* Clear reservation flag */
2670 clone_xprt->xp_reserved = FALSE;
2671 }
2672
2673 /*
2674 * Detach a thread from its transport, so that it can block for an
2675 * extended time. Because the transport can be closed after the thread is
2676 * detached, the thread should have already sent off a reply if it was
2677 * going to send one.
2678 *
2679 * - decrement `non-detached threads' count and increment `detached threads'
2680 * counts for the transport
2681 * - decrement the `non-detached threads' and `reserved threads'
2682 * counts and increment the `detached threads' count for the pool
2683 * - release the rpcmod slot
2684 * - mark the clone (thread) as detached.
2685 *
2686 * No need to return a pointer to the thread's CPR information, since
2687 * the thread has a userland identity.
2688 *
2689 * NOTICE: a thread must not detach itself without making a prior reservation
2690 * through svc_thread_reserve().
2691 */
2692 callb_cpr_t *
svc_detach_thread(SVCXPRT * clone_xprt)2693 svc_detach_thread(SVCXPRT *clone_xprt)
2694 {
2695 SVCMASTERXPRT *xprt = clone_xprt->xp_master;
2696 SVCPOOL *pool = xprt->xp_pool;
2697 bool_t enable;
2698
2699 /* Thread must have a reservation */
2700 ASSERT(clone_xprt->xp_reserved);
2701 ASSERT(!clone_xprt->xp_detached);
2702
2703 /* Bookkeeping for this transport */
2704 mutex_enter(&xprt->xp_thread_lock);
2705 xprt->xp_threads--;
2706 xprt->xp_detached_threads++;
2707 mutex_exit(&xprt->xp_thread_lock);
2708
2709 /* Bookkeeping for the pool */
2710 mutex_enter(&pool->p_thread_lock);
2711 pool->p_threads--;
2712 pool->p_reserved_threads--;
2713 pool->p_detached_threads++;
2714 mutex_exit(&pool->p_thread_lock);
2715
2716 /* Release an rpcmod slot for this request */
2717 mutex_enter(&xprt->xp_req_lock);
2718 enable = xprt->xp_enable;
2719 if (enable)
2720 xprt->xp_enable = FALSE;
2721 mutex_exit(&xprt->xp_req_lock);
2722 SVC_RELE(clone_xprt, NULL, enable);
2723
2724 /* Mark the clone (thread) as detached */
2725 clone_xprt->xp_reserved = FALSE;
2726 clone_xprt->xp_detached = TRUE;
2727
2728 return (NULL);
2729 }
2730
2731 /*
2732 * This routine is responsible for extracting RDMA plugin master XPRT,
2733 * unregister from the SVCPOOL and initiate plugin specific cleanup.
2734 * It is passed a list/group of rdma transports as records which are
2735 * active in a given registered or unregistered kRPC thread pool. Its shuts
2736 * all active rdma transports in that pool. If the thread active on the trasport
2737 * happens to be last thread for that pool, it will signal the creater thread
2738 * to cleanup the pool and destroy the xprt in svc_queueclose()
2739 */
2740 void
rdma_stop(rdma_xprt_group_t * rdma_xprts)2741 rdma_stop(rdma_xprt_group_t *rdma_xprts)
2742 {
2743 SVCMASTERXPRT *xprt;
2744 rdma_xprt_record_t *curr_rec;
2745 queue_t *q;
2746 mblk_t *mp;
2747 int i, rtg_count;
2748 SVCPOOL *pool;
2749
2750 if (rdma_xprts->rtg_count == 0)
2751 return;
2752
2753 rtg_count = rdma_xprts->rtg_count;
2754
2755 for (i = 0; i < rtg_count; i++) {
2756 curr_rec = rdma_xprts->rtg_listhead;
2757 rdma_xprts->rtg_listhead = curr_rec->rtr_next;
2758 rdma_xprts->rtg_count--;
2759 curr_rec->rtr_next = NULL;
2760 xprt = curr_rec->rtr_xprt_ptr;
2761 q = xprt->xp_wq;
2762 svc_rdma_kstop(xprt);
2763
2764 mutex_enter(&xprt->xp_req_lock);
2765 pool = xprt->xp_pool;
2766 while ((mp = xprt->xp_req_head) != NULL) {
2767 rdma_recv_data_t *rdp = (rdma_recv_data_t *)mp->b_rptr;
2768
2769 /* remove the request from the list */
2770 xprt->xp_req_head = mp->b_next;
2771 mp->b_next = (mblk_t *)0;
2772
2773 RDMA_BUF_FREE(rdp->conn, &rdp->rpcmsg);
2774 RDMA_REL_CONN(rdp->conn);
2775 freemsg(mp);
2776 }
2777 mutex_enter(&pool->p_req_lock);
2778 pool->p_reqs -= xprt->xp_reqs;
2779 pool->p_size -= xprt->xp_size;
2780 mutex_exit(&pool->p_req_lock);
2781 xprt->xp_reqs = 0;
2782 xprt->xp_size = 0;
2783 xprt->xp_full = FALSE;
2784 xprt->xp_enable = FALSE;
2785 mutex_exit(&xprt->xp_req_lock);
2786 svc_queueclose(q);
2787 #ifdef DEBUG
2788 if (rdma_check)
2789 cmn_err(CE_NOTE, "rdma_stop: Exited svc_queueclose\n");
2790 #endif
2791 /*
2792 * Free the rdma transport record for the expunged rdma
2793 * based master transport handle.
2794 */
2795 kmem_free(curr_rec, sizeof (rdma_xprt_record_t));
2796 if (!rdma_xprts->rtg_listhead)
2797 break;
2798 }
2799 }
2800
2801
2802 /*
2803 * rpc_msg_dup/rpc_msg_free
2804 * Currently only used by svc_rpcsec_gss.c but put in this file as it
2805 * may be useful to others in the future.
2806 * But future consumers should be careful cuz so far
2807 * - only tested/used for call msgs (not reply)
2808 * - only tested/used with call verf oa_length==0
2809 */
2810 struct rpc_msg *
rpc_msg_dup(struct rpc_msg * src)2811 rpc_msg_dup(struct rpc_msg *src)
2812 {
2813 struct rpc_msg *dst;
2814 struct opaque_auth oa_src, oa_dst;
2815
2816 dst = kmem_alloc(sizeof (*dst), KM_SLEEP);
2817
2818 dst->rm_xid = src->rm_xid;
2819 dst->rm_direction = src->rm_direction;
2820
2821 dst->rm_call.cb_rpcvers = src->rm_call.cb_rpcvers;
2822 dst->rm_call.cb_prog = src->rm_call.cb_prog;
2823 dst->rm_call.cb_vers = src->rm_call.cb_vers;
2824 dst->rm_call.cb_proc = src->rm_call.cb_proc;
2825
2826 /* dup opaque auth call body cred */
2827 oa_src = src->rm_call.cb_cred;
2828
2829 oa_dst.oa_flavor = oa_src.oa_flavor;
2830 oa_dst.oa_base = kmem_alloc(oa_src.oa_length, KM_SLEEP);
2831
2832 bcopy(oa_src.oa_base, oa_dst.oa_base, oa_src.oa_length);
2833 oa_dst.oa_length = oa_src.oa_length;
2834
2835 dst->rm_call.cb_cred = oa_dst;
2836
2837 /* dup or just alloc opaque auth call body verifier */
2838 if (src->rm_call.cb_verf.oa_length > 0) {
2839 oa_src = src->rm_call.cb_verf;
2840
2841 oa_dst.oa_flavor = oa_src.oa_flavor;
2842 oa_dst.oa_base = kmem_alloc(oa_src.oa_length, KM_SLEEP);
2843
2844 bcopy(oa_src.oa_base, oa_dst.oa_base, oa_src.oa_length);
2845 oa_dst.oa_length = oa_src.oa_length;
2846
2847 dst->rm_call.cb_verf = oa_dst;
2848 } else {
2849 oa_dst.oa_flavor = -1; /* will be set later */
2850 oa_dst.oa_base = kmem_alloc(MAX_AUTH_BYTES, KM_SLEEP);
2851
2852 oa_dst.oa_length = 0; /* will be set later */
2853
2854 dst->rm_call.cb_verf = oa_dst;
2855 }
2856 return (dst);
2857 }
2858
2859 void
rpc_msg_free(struct rpc_msg ** msg,int cb_verf_oa_length)2860 rpc_msg_free(struct rpc_msg **msg, int cb_verf_oa_length)
2861 {
2862 struct rpc_msg *m = *msg;
2863
2864 kmem_free(m->rm_call.cb_cred.oa_base, m->rm_call.cb_cred.oa_length);
2865 m->rm_call.cb_cred.oa_base = NULL;
2866 m->rm_call.cb_cred.oa_length = 0;
2867
2868 kmem_free(m->rm_call.cb_verf.oa_base, cb_verf_oa_length);
2869 m->rm_call.cb_verf.oa_base = NULL;
2870 m->rm_call.cb_verf.oa_length = 0;
2871
2872 kmem_free(m, sizeof (*m));
2873 m = NULL;
2874 }
2875
2876 /*
2877 * Generally 'cr_ref' should be 1, otherwise reference is kept
2878 * in underlying calls, so reset it.
2879 */
2880 cred_t *
svc_xprt_cred(SVCXPRT * xprt)2881 svc_xprt_cred(SVCXPRT *xprt)
2882 {
2883 cred_t *cr = xprt->xp_cred;
2884
2885 ASSERT(cr != NULL);
2886
2887 if (crgetref(cr) != 1) {
2888 crfree(cr);
2889 cr = crget();
2890 xprt->xp_cred = cr;
2891 }
2892 return (cr);
2893 }
2894