1 /* $NetBSD: clnt_vc.c,v 1.4 2000/07/14 08:40:42 fvdl Exp $ */ 2 3 /*- 4 * Copyright (c) 2009, Sun Microsystems, Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are met: 9 * - Redistributions of source code must retain the above copyright notice, 10 * this list of conditions and the following disclaimer. 11 * - Redistributions in binary form must reproduce the above copyright notice, 12 * this list of conditions and the following disclaimer in the documentation 13 * and/or other materials provided with the distribution. 14 * - Neither the name of Sun Microsystems, Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived 16 * from this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #include <sys/cdefs.h> 32 /* 33 * clnt_tcp.c, Implements a TCP/IP based, client side RPC. 34 * 35 * Copyright (C) 1984, Sun Microsystems, Inc. 36 * 37 * TCP based RPC supports 'batched calls'. 38 * A sequence of calls may be batched-up in a send buffer. The rpc call 39 * return immediately to the client even though the call was not necessarily 40 * sent. The batching occurs if the results' xdr routine is NULL (0) AND 41 * the rpc timeout value is zero (see clnt.h, rpc). 42 * 43 * Clients should NOT casually batch calls that in fact return results; that is, 44 * the server side should be aware that a call is batched and not produce any 45 * return message. Batched calls that produce many result messages can 46 * deadlock (netlock) the client and the server.... 47 * 48 * Now go hang yourself. 49 */ 50 51 /* 52 * This code handles the special case of a NFSv4.n backchannel for 53 * callback RPCs. It is similar to clnt_vc.c, but uses the TCP 54 * connection provided by the client to the server. 55 */ 56 57 #include "opt_kern_tls.h" 58 59 #include <sys/param.h> 60 #include <sys/systm.h> 61 #include <sys/ktls.h> 62 #include <sys/lock.h> 63 #include <sys/malloc.h> 64 #include <sys/mbuf.h> 65 #include <sys/mutex.h> 66 #include <sys/pcpu.h> 67 #include <sys/proc.h> 68 #include <sys/protosw.h> 69 #include <sys/socket.h> 70 #include <sys/socketvar.h> 71 #include <sys/sx.h> 72 #include <sys/syslog.h> 73 #include <sys/time.h> 74 #include <sys/uio.h> 75 76 #include <net/vnet.h> 77 78 #include <netinet/tcp.h> 79 80 #include <rpc/rpc.h> 81 #include <rpc/rpc_com.h> 82 #include <rpc/krpc.h> 83 #include <rpc/rpcsec_tls.h> 84 85 struct cmessage { 86 struct cmsghdr cmsg; 87 struct cmsgcred cmcred; 88 }; 89 90 static void clnt_bck_geterr(CLIENT *, struct rpc_err *); 91 static bool_t clnt_bck_freeres(CLIENT *, xdrproc_t, void *); 92 static void clnt_bck_abort(CLIENT *); 93 static bool_t clnt_bck_control(CLIENT *, u_int, void *); 94 static void clnt_bck_close(CLIENT *); 95 static void clnt_bck_destroy(CLIENT *); 96 97 static const struct clnt_ops clnt_bck_ops = { 98 .cl_abort = clnt_bck_abort, 99 .cl_geterr = clnt_bck_geterr, 100 .cl_freeres = clnt_bck_freeres, 101 .cl_close = clnt_bck_close, 102 .cl_destroy = clnt_bck_destroy, 103 .cl_control = clnt_bck_control 104 }; 105 106 /* 107 * Create a client handle for a connection. 108 * Default options are set, which the user can change using clnt_control()'s. 109 * This code handles the special case of an NFSv4.1 session backchannel 110 * call, which is sent on a TCP connection created against the server 111 * by a client. 112 */ 113 void * 114 clnt_bck_create( 115 struct socket *so, /* Server transport socket. */ 116 const rpcprog_t prog, /* program number */ 117 const rpcvers_t vers) /* version number */ 118 { 119 CLIENT *cl; /* client handle */ 120 struct ct_data *ct = NULL; /* client handle */ 121 struct timeval now; 122 struct rpc_msg call_msg; 123 static uint32_t disrupt; 124 XDR xdrs; 125 126 if (disrupt == 0) 127 disrupt = (uint32_t)(long)so; 128 129 cl = (CLIENT *)mem_alloc(sizeof (*cl)); 130 ct = (struct ct_data *)mem_alloc(sizeof (*ct)); 131 132 mtx_init(&ct->ct_lock, "ct->ct_lock", NULL, MTX_DEF); 133 ct->ct_threads = 0; 134 ct->ct_closing = FALSE; 135 ct->ct_closed = FALSE; 136 ct->ct_upcallrefs = 0; 137 ct->ct_closeit = FALSE; 138 139 /* 140 * Set up private data struct 141 */ 142 ct->ct_wait.tv_sec = -1; 143 ct->ct_wait.tv_usec = -1; 144 145 /* 146 * Initialize call message 147 */ 148 getmicrotime(&now); 149 ct->ct_xid = ((uint32_t)++disrupt) ^ __RPC_GETXID(&now); 150 call_msg.rm_xid = ct->ct_xid; 151 call_msg.rm_direction = CALL; 152 call_msg.rm_call.cb_rpcvers = RPC_MSG_VERSION; 153 call_msg.rm_call.cb_prog = (uint32_t)prog; 154 call_msg.rm_call.cb_vers = (uint32_t)vers; 155 156 /* 157 * pre-serialize the static part of the call msg and stash it away 158 */ 159 xdrmem_create(&xdrs, ct->ct_mcallc, MCALL_MSG_SIZE, 160 XDR_ENCODE); 161 if (!xdr_callhdr(&xdrs, &call_msg)) 162 goto err; 163 ct->ct_mpos = XDR_GETPOS(&xdrs); 164 XDR_DESTROY(&xdrs); 165 ct->ct_waitchan = "rpcbck"; 166 ct->ct_waitflag = 0; 167 cl->cl_refs = 1; 168 cl->cl_ops = &clnt_bck_ops; 169 cl->cl_private = ct; 170 cl->cl_auth = authnone_create(); 171 TAILQ_INIT(&ct->ct_pending); 172 return (cl); 173 174 err: 175 mtx_destroy(&ct->ct_lock); 176 mem_free(ct, sizeof (struct ct_data)); 177 mem_free(cl, sizeof (CLIENT)); 178 return (NULL); 179 } 180 181 enum clnt_stat 182 clnt_bck_call( 183 CLIENT *cl, /* client handle */ 184 struct rpc_callextra *ext, /* call metadata */ 185 rpcproc_t proc, /* procedure number */ 186 struct mbuf *args, /* pointer to args */ 187 struct mbuf **resultsp, /* pointer to results */ 188 struct timeval utimeout, 189 SVCXPRT *xprt) 190 { 191 struct ct_data *ct = (struct ct_data *) cl->cl_private; 192 AUTH *auth; 193 struct rpc_err *errp; 194 enum clnt_stat stat; 195 XDR xdrs; 196 struct rpc_msg reply_msg; 197 bool_t ok; 198 int nrefreshes = 2; /* number of times to refresh cred */ 199 struct timeval timeout; 200 uint32_t xid; 201 struct mbuf *mreq = NULL, *results; 202 struct ct_request *cr; 203 int error, maxextsiz; 204 #ifdef KERN_TLS 205 u_int maxlen; 206 #endif 207 208 cr = malloc(sizeof(struct ct_request), M_RPC, M_WAITOK); 209 210 mtx_lock(&ct->ct_lock); 211 212 if (ct->ct_closing || ct->ct_closed) { 213 mtx_unlock(&ct->ct_lock); 214 free(cr, M_RPC); 215 return (RPC_CANTSEND); 216 } 217 ct->ct_threads++; 218 219 if (ext) { 220 auth = ext->rc_auth; 221 errp = &ext->rc_err; 222 } else { 223 auth = cl->cl_auth; 224 errp = &ct->ct_error; 225 } 226 227 cr->cr_mrep = NULL; 228 cr->cr_error = 0; 229 230 if (ct->ct_wait.tv_usec == -1) 231 timeout = utimeout; /* use supplied timeout */ 232 else 233 timeout = ct->ct_wait; /* use default timeout */ 234 235 call_again: 236 mtx_assert(&ct->ct_lock, MA_OWNED); 237 238 ct->ct_xid++; 239 xid = ct->ct_xid; 240 241 mtx_unlock(&ct->ct_lock); 242 243 /* 244 * Leave space to pre-pend the record mark. 245 */ 246 mreq = m_gethdr(M_WAITOK, MT_DATA); 247 mreq->m_data += sizeof(uint32_t); 248 KASSERT(ct->ct_mpos + sizeof(uint32_t) <= MHLEN, 249 ("RPC header too big")); 250 bcopy(ct->ct_mcallc, mreq->m_data, ct->ct_mpos); 251 mreq->m_len = ct->ct_mpos; 252 253 /* 254 * The XID is the first thing in the request. 255 */ 256 *mtod(mreq, uint32_t *) = htonl(xid); 257 258 xdrmbuf_create(&xdrs, mreq, XDR_ENCODE); 259 260 errp->re_status = stat = RPC_SUCCESS; 261 262 if ((!XDR_PUTINT32(&xdrs, &proc)) || 263 (!AUTH_MARSHALL(auth, xid, &xdrs, 264 m_copym(args, 0, M_COPYALL, M_WAITOK)))) { 265 errp->re_status = stat = RPC_CANTENCODEARGS; 266 mtx_lock(&ct->ct_lock); 267 goto out; 268 } 269 mreq->m_pkthdr.len = m_length(mreq, NULL); 270 271 /* 272 * Prepend a record marker containing the packet length. 273 */ 274 M_PREPEND(mreq, sizeof(uint32_t), M_WAITOK); 275 *mtod(mreq, uint32_t *) = 276 htonl(0x80000000 | (mreq->m_pkthdr.len - sizeof(uint32_t))); 277 278 cr->cr_xid = xid; 279 mtx_lock(&ct->ct_lock); 280 /* 281 * Check to see if the client end has already started to close down 282 * the connection. The svc code will have set ct_error.re_status 283 * to RPC_CANTRECV if this is the case. 284 * If the client starts to close down the connection after this 285 * point, it will be detected later when cr_error is checked, 286 * since the request is in the ct_pending queue. 287 */ 288 if (ct->ct_error.re_status == RPC_CANTRECV) { 289 if (errp != &ct->ct_error) { 290 errp->re_errno = ct->ct_error.re_errno; 291 errp->re_status = RPC_CANTRECV; 292 } 293 stat = RPC_CANTRECV; 294 goto out; 295 } 296 TAILQ_INSERT_TAIL(&ct->ct_pending, cr, cr_link); 297 mtx_unlock(&ct->ct_lock); 298 299 /* For RPC-over-TLS, copy mrep to a chain of ext_pgs. */ 300 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) { 301 /* 302 * Copy the mbuf chain to a chain of 303 * ext_pgs mbuf(s) as required by KERN_TLS. 304 */ 305 maxextsiz = TLS_MAX_MSG_SIZE_V10_2; 306 #ifdef KERN_TLS 307 if (rpctls_getinfo(&maxlen, false, false)) 308 maxextsiz = min(maxextsiz, maxlen); 309 #endif 310 mreq = _rpc_copym_into_ext_pgs(mreq, maxextsiz); 311 } 312 /* 313 * sosend consumes mreq. 314 */ 315 sx_xlock(&xprt->xp_lock); 316 error = sosend(xprt->xp_socket, NULL, NULL, mreq, NULL, 0, curthread); 317 if (error != 0) printf("sosend=%d\n", error); 318 mreq = NULL; 319 if (error == EMSGSIZE) { 320 printf("emsgsize\n"); 321 SOCK_SENDBUF_LOCK(xprt->xp_socket); 322 sbwait(xprt->xp_socket, SO_SND); 323 SOCK_SENDBUF_UNLOCK(xprt->xp_socket); 324 sx_xunlock(&xprt->xp_lock); 325 AUTH_VALIDATE(auth, xid, NULL, NULL); 326 mtx_lock(&ct->ct_lock); 327 TAILQ_REMOVE(&ct->ct_pending, cr, cr_link); 328 goto call_again; 329 } 330 sx_xunlock(&xprt->xp_lock); 331 332 reply_msg.acpted_rply.ar_verf.oa_flavor = AUTH_NULL; 333 reply_msg.acpted_rply.ar_verf.oa_base = cr->cr_verf; 334 reply_msg.acpted_rply.ar_verf.oa_length = 0; 335 reply_msg.acpted_rply.ar_results.where = NULL; 336 reply_msg.acpted_rply.ar_results.proc = (xdrproc_t)xdr_void; 337 338 mtx_lock(&ct->ct_lock); 339 if (error) { 340 TAILQ_REMOVE(&ct->ct_pending, cr, cr_link); 341 errp->re_errno = error; 342 errp->re_status = stat = RPC_CANTSEND; 343 goto out; 344 } 345 346 /* 347 * Check to see if we got an upcall while waiting for the 348 * lock. In both these cases, the request has been removed 349 * from ct->ct_pending. 350 */ 351 if (cr->cr_error) { 352 TAILQ_REMOVE(&ct->ct_pending, cr, cr_link); 353 errp->re_errno = cr->cr_error; 354 errp->re_status = stat = RPC_CANTRECV; 355 goto out; 356 } 357 if (cr->cr_mrep) { 358 TAILQ_REMOVE(&ct->ct_pending, cr, cr_link); 359 goto got_reply; 360 } 361 362 /* 363 * Hack to provide rpc-based message passing 364 */ 365 if (timeout.tv_sec == 0 && timeout.tv_usec == 0) { 366 TAILQ_REMOVE(&ct->ct_pending, cr, cr_link); 367 errp->re_status = stat = RPC_TIMEDOUT; 368 goto out; 369 } 370 371 error = msleep(cr, &ct->ct_lock, ct->ct_waitflag, ct->ct_waitchan, 372 tvtohz(&timeout)); 373 374 TAILQ_REMOVE(&ct->ct_pending, cr, cr_link); 375 376 if (error) { 377 /* 378 * The sleep returned an error so our request is still 379 * on the list. Turn the error code into an 380 * appropriate client status. 381 */ 382 errp->re_errno = error; 383 switch (error) { 384 case EINTR: 385 stat = RPC_INTR; 386 break; 387 case EWOULDBLOCK: 388 stat = RPC_TIMEDOUT; 389 break; 390 default: 391 stat = RPC_CANTRECV; 392 } 393 errp->re_status = stat; 394 goto out; 395 } else { 396 /* 397 * We were woken up by the svc thread. If the 398 * upcall had a receive error, report that, 399 * otherwise we have a reply. 400 */ 401 if (cr->cr_error) { 402 errp->re_errno = cr->cr_error; 403 errp->re_status = stat = RPC_CANTRECV; 404 goto out; 405 } 406 } 407 408 got_reply: 409 /* 410 * Now decode and validate the response. We need to drop the 411 * lock since xdr_replymsg may end up sleeping in malloc. 412 */ 413 mtx_unlock(&ct->ct_lock); 414 415 if (ext && ext->rc_feedback) 416 ext->rc_feedback(FEEDBACK_OK, proc, ext->rc_feedback_arg); 417 418 xdrmbuf_create(&xdrs, cr->cr_mrep, XDR_DECODE); 419 ok = xdr_replymsg(&xdrs, &reply_msg); 420 cr->cr_mrep = NULL; 421 422 if (ok) { 423 if ((reply_msg.rm_reply.rp_stat == MSG_ACCEPTED) && 424 (reply_msg.acpted_rply.ar_stat == SUCCESS)) 425 errp->re_status = stat = RPC_SUCCESS; 426 else 427 stat = _seterr_reply(&reply_msg, errp); 428 429 if (stat == RPC_SUCCESS) { 430 results = xdrmbuf_getall(&xdrs); 431 if (!AUTH_VALIDATE(auth, xid, 432 &reply_msg.acpted_rply.ar_verf, &results)) { 433 errp->re_status = stat = RPC_AUTHERROR; 434 errp->re_why = AUTH_INVALIDRESP; 435 } else { 436 KASSERT(results, 437 ("auth validated but no result")); 438 *resultsp = results; 439 } 440 } /* end successful completion */ 441 /* 442 * If unsuccessful AND error is an authentication error 443 * then refresh credentials and try again, else break 444 */ 445 else if (stat == RPC_AUTHERROR) 446 /* maybe our credentials need to be refreshed ... */ 447 if (nrefreshes > 0 && AUTH_REFRESH(auth, &reply_msg)) { 448 nrefreshes--; 449 XDR_DESTROY(&xdrs); 450 mtx_lock(&ct->ct_lock); 451 goto call_again; 452 } 453 /* end of unsuccessful completion */ 454 /* end of valid reply message */ 455 } else 456 errp->re_status = stat = RPC_CANTDECODERES; 457 XDR_DESTROY(&xdrs); 458 mtx_lock(&ct->ct_lock); 459 out: 460 mtx_assert(&ct->ct_lock, MA_OWNED); 461 462 KASSERT(stat != RPC_SUCCESS || *resultsp, 463 ("RPC_SUCCESS without reply")); 464 465 if (mreq != NULL) 466 m_freem(mreq); 467 if (cr->cr_mrep != NULL) 468 m_freem(cr->cr_mrep); 469 470 ct->ct_threads--; 471 if (ct->ct_closing) 472 wakeup(ct); 473 474 mtx_unlock(&ct->ct_lock); 475 476 if (auth && stat != RPC_SUCCESS) 477 AUTH_VALIDATE(auth, xid, NULL, NULL); 478 479 free(cr, M_RPC); 480 481 return (stat); 482 } 483 484 static void 485 clnt_bck_geterr(CLIENT *cl, struct rpc_err *errp) 486 { 487 struct ct_data *ct = (struct ct_data *) cl->cl_private; 488 489 *errp = ct->ct_error; 490 } 491 492 static bool_t 493 clnt_bck_freeres(CLIENT *cl, xdrproc_t xdr_res, void *res_ptr) 494 { 495 XDR xdrs; 496 bool_t dummy; 497 498 xdrs.x_op = XDR_FREE; 499 dummy = (*xdr_res)(&xdrs, res_ptr); 500 501 return (dummy); 502 } 503 504 /*ARGSUSED*/ 505 static void 506 clnt_bck_abort(CLIENT *cl) 507 { 508 } 509 510 static bool_t 511 clnt_bck_control(CLIENT *cl, u_int request, void *info) 512 { 513 514 return (TRUE); 515 } 516 517 static void 518 clnt_bck_close(CLIENT *cl) 519 { 520 struct ct_data *ct = (struct ct_data *) cl->cl_private; 521 522 mtx_lock(&ct->ct_lock); 523 524 if (ct->ct_closed) { 525 mtx_unlock(&ct->ct_lock); 526 return; 527 } 528 529 if (ct->ct_closing) { 530 while (ct->ct_closing) 531 msleep(ct, &ct->ct_lock, 0, "rpcclose", 0); 532 KASSERT(ct->ct_closed, ("client should be closed")); 533 mtx_unlock(&ct->ct_lock); 534 return; 535 } 536 537 ct->ct_closing = FALSE; 538 ct->ct_closed = TRUE; 539 mtx_unlock(&ct->ct_lock); 540 wakeup(ct); 541 } 542 543 static void 544 clnt_bck_destroy(CLIENT *cl) 545 { 546 struct ct_data *ct = (struct ct_data *) cl->cl_private; 547 548 clnt_bck_close(cl); 549 550 mtx_destroy(&ct->ct_lock); 551 mem_free(ct, sizeof(struct ct_data)); 552 if (cl->cl_netid && cl->cl_netid[0]) 553 mem_free(cl->cl_netid, strlen(cl->cl_netid) +1); 554 if (cl->cl_tp && cl->cl_tp[0]) 555 mem_free(cl->cl_tp, strlen(cl->cl_tp) +1); 556 mem_free(cl, sizeof(CLIENT)); 557 } 558 559 /* 560 * This call is done by the svc code when a backchannel RPC reply is 561 * received. 562 * For the server end, where callback RPCs to the client are performed, 563 * xp_p2 points to the "CLIENT" and not the associated "struct ct_data" 564 * so that svc_vc_destroy() can CLNT_RELEASE() the reference count on it. 565 */ 566 void 567 clnt_bck_svccall(void *arg, struct mbuf *mrep, uint32_t xid) 568 { 569 CLIENT *cl = (CLIENT *)arg; 570 struct ct_data *ct; 571 struct ct_request *cr; 572 int foundreq; 573 574 ct = (struct ct_data *)cl->cl_private; 575 mtx_lock(&ct->ct_lock); 576 if (ct->ct_closing || ct->ct_closed) { 577 mtx_unlock(&ct->ct_lock); 578 m_freem(mrep); 579 return; 580 } 581 582 ct->ct_upcallrefs++; 583 /* 584 * See if we can match this reply to a request. 585 */ 586 foundreq = 0; 587 TAILQ_FOREACH(cr, &ct->ct_pending, cr_link) { 588 if (cr->cr_xid == xid) { 589 /* 590 * This one matches. We leave the reply mbuf list in 591 * cr->cr_mrep. Set the XID to zero so that we will 592 * ignore any duplicated replies. 593 */ 594 cr->cr_xid = 0; 595 cr->cr_mrep = mrep; 596 cr->cr_error = 0; 597 foundreq = 1; 598 wakeup(cr); 599 break; 600 } 601 } 602 603 ct->ct_upcallrefs--; 604 if (ct->ct_upcallrefs < 0) 605 panic("rpcvc svccall refcnt"); 606 if (ct->ct_upcallrefs == 0) 607 wakeup(&ct->ct_upcallrefs); 608 mtx_unlock(&ct->ct_lock); 609 if (foundreq == 0) 610 m_freem(mrep); 611 } 612 613