xref: /freebsd/sys/rpc/clnt_rc.c (revision 22cf89c938886d14f5796fc49f9f020c23ea8eaf)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
5  * Authors: Doug Rabson <dfr@rabson.org>
6  * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 #include <sys/cdefs.h>
31 #include <sys/param.h>
32 #include <sys/systm.h>
33 #include <sys/kernel.h>
34 #include <sys/limits.h>
35 #include <sys/lock.h>
36 #include <sys/malloc.h>
37 #include <sys/mbuf.h>
38 #include <sys/mutex.h>
39 #include <sys/pcpu.h>
40 #include <sys/proc.h>
41 #include <sys/socket.h>
42 #include <sys/socketvar.h>
43 #include <sys/time.h>
44 #include <sys/uio.h>
45 
46 #include <rpc/rpc.h>
47 #include <rpc/rpc_com.h>
48 #include <rpc/krpc.h>
49 #include <rpc/rpcsec_tls.h>
50 
51 static enum clnt_stat clnt_reconnect_call(CLIENT *, struct rpc_callextra *,
52     rpcproc_t, struct mbuf *, struct mbuf **, struct timeval);
53 static void clnt_reconnect_geterr(CLIENT *, struct rpc_err *);
54 static bool_t clnt_reconnect_freeres(CLIENT *, xdrproc_t, void *);
55 static void clnt_reconnect_abort(CLIENT *);
56 static bool_t clnt_reconnect_control(CLIENT *, u_int, void *);
57 static void clnt_reconnect_close(CLIENT *);
58 static void clnt_reconnect_destroy(CLIENT *);
59 
60 static const struct clnt_ops clnt_reconnect_ops = {
61 	.cl_call =	clnt_reconnect_call,
62 	.cl_abort =	clnt_reconnect_abort,
63 	.cl_geterr =	clnt_reconnect_geterr,
64 	.cl_freeres =	clnt_reconnect_freeres,
65 	.cl_close =	clnt_reconnect_close,
66 	.cl_destroy =	clnt_reconnect_destroy,
67 	.cl_control =	clnt_reconnect_control
68 };
69 
70 static int	fake_wchan;
71 
72 CLIENT *
73 clnt_reconnect_create(
74 	struct netconfig *nconf,	/* network type */
75 	struct sockaddr *svcaddr,	/* servers address */
76 	rpcprog_t program,		/* program number */
77 	rpcvers_t version,		/* version number */
78 	size_t sendsz,			/* buffer recv size */
79 	size_t recvsz)			/* buffer send size */
80 {
81 	CLIENT *cl = NULL;		/* client handle */
82 	struct rc_data *rc = NULL;	/* private data */
83 
84 	if (svcaddr == NULL) {
85 		rpc_createerr.cf_stat = RPC_UNKNOWNADDR;
86 		return (NULL);
87 	}
88 
89 	cl = mem_alloc(sizeof (CLIENT));
90 	rc = mem_alloc(sizeof (*rc));
91 	mtx_init(&rc->rc_lock, "rc->rc_lock", NULL, MTX_DEF);
92 	(void) memcpy(&rc->rc_addr, svcaddr, (size_t)svcaddr->sa_len);
93 	rc->rc_nconf = nconf;
94 	rc->rc_prog = program;
95 	rc->rc_vers = version;
96 	rc->rc_sendsz = sendsz;
97 	rc->rc_recvsz = recvsz;
98 	rc->rc_timeout.tv_sec = -1;
99 	rc->rc_timeout.tv_usec = -1;
100 	rc->rc_retry.tv_sec = 3;
101 	rc->rc_retry.tv_usec = 0;
102 	rc->rc_retries = INT_MAX;
103 	rc->rc_privport = FALSE;
104 	rc->rc_waitchan = "rpcrecv";
105 	rc->rc_intr = 0;
106 	rc->rc_connecting = FALSE;
107 	rc->rc_closed = FALSE;
108 	rc->rc_ucred = crdup(curthread->td_ucred);
109 	rc->rc_client = NULL;
110 	rc->rc_tls = false;
111 	rc->rc_tlscertname = NULL;
112 	rc->rc_reconcall = NULL;
113 	rc->rc_reconarg = NULL;
114 
115 	cl->cl_refs = 1;
116 	cl->cl_ops = &clnt_reconnect_ops;
117 	cl->cl_private = (caddr_t)(void *)rc;
118 	cl->cl_auth = authnone_create();
119 	cl->cl_tp = NULL;
120 	cl->cl_netid = NULL;
121 	return (cl);
122 }
123 
124 static enum clnt_stat
125 clnt_reconnect_connect(CLIENT *cl)
126 {
127 	struct thread *td = curthread;
128 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
129 	struct socket *so;
130 	enum clnt_stat stat;
131 	int error;
132 	int one = 1;
133 	struct ucred *oldcred;
134 	CLIENT *newclient = NULL;
135 	uint64_t ssl[3];
136 	uint32_t reterr;
137 
138 	mtx_lock(&rc->rc_lock);
139 	while (rc->rc_connecting) {
140 		error = msleep(rc, &rc->rc_lock,
141 		    rc->rc_intr ? PCATCH : 0, "rpcrecon", 0);
142 		if (error) {
143 			mtx_unlock(&rc->rc_lock);
144 			return (RPC_INTR);
145 		}
146 	}
147 	if (rc->rc_closed) {
148 		mtx_unlock(&rc->rc_lock);
149 		return (RPC_CANTSEND);
150 	}
151 	if (rc->rc_client) {
152 		mtx_unlock(&rc->rc_lock);
153 		return (RPC_SUCCESS);
154 	}
155 
156 	/*
157 	 * My turn to attempt a connect. The rc_connecting variable
158 	 * serializes the following code sequence, so it is guaranteed
159 	 * that rc_client will still be NULL after it is re-locked below,
160 	 * since that is the only place it is set non-NULL.
161 	 */
162 	rc->rc_connecting = TRUE;
163 	mtx_unlock(&rc->rc_lock);
164 
165 	oldcred = td->td_ucred;
166 	td->td_ucred = rc->rc_ucred;
167 	so = __rpc_nconf2socket(rc->rc_nconf);
168 	if (!so) {
169 		stat = rpc_createerr.cf_stat = RPC_TLIERROR;
170 		rpc_createerr.cf_error.re_errno = 0;
171 		td->td_ucred = oldcred;
172 		goto out;
173 	}
174 
175 	if (rc->rc_privport)
176 		bindresvport(so, NULL);
177 
178 	if (rc->rc_nconf->nc_semantics == NC_TPI_CLTS)
179 		newclient = clnt_dg_create(so,
180 		    (struct sockaddr *) &rc->rc_addr, rc->rc_prog, rc->rc_vers,
181 		    rc->rc_sendsz, rc->rc_recvsz);
182 	else {
183 		/*
184 		 * I do not believe a timeout of less than 1sec would make
185 		 * sense here since short delays can occur when a server is
186 		 * temporarily overloaded.
187 		 */
188 		if (rc->rc_timeout.tv_sec > 0 && rc->rc_timeout.tv_usec >= 0) {
189 			error = so_setsockopt(so, SOL_SOCKET, SO_SNDTIMEO,
190 			    &rc->rc_timeout, sizeof(struct timeval));
191 			if (error != 0) {
192 				stat = rpc_createerr.cf_stat = RPC_CANTSEND;
193 				rpc_createerr.cf_error.re_errno = error;
194 				td->td_ucred = oldcred;
195 				goto out;
196 			}
197 		}
198 		newclient = clnt_vc_create(so,
199 		    (struct sockaddr *) &rc->rc_addr, rc->rc_prog, rc->rc_vers,
200 		    rc->rc_sendsz, rc->rc_recvsz, rc->rc_intr);
201 		if (rc->rc_tls && newclient != NULL) {
202 			stat = rpctls_connect(newclient, rc->rc_tlscertname, so,
203 			    ssl, &reterr);
204 			if (stat != RPC_SUCCESS || reterr != RPCTLSERR_OK) {
205 				if (stat == RPC_SUCCESS)
206 					stat = RPC_FAILED;
207 				stat = rpc_createerr.cf_stat = stat;
208 				rpc_createerr.cf_error.re_errno = 0;
209 				CLNT_CLOSE(newclient);
210 				CLNT_RELEASE(newclient);
211 				newclient = NULL;
212 				td->td_ucred = oldcred;
213 				goto out;
214 			}
215 		}
216 		if (newclient != NULL && rc->rc_reconcall != NULL)
217 			(*rc->rc_reconcall)(newclient, rc->rc_reconarg,
218 			    rc->rc_ucred);
219 	}
220 	td->td_ucred = oldcred;
221 
222 	if (!newclient) {
223 		soclose(so);
224 		rc->rc_err = rpc_createerr.cf_error;
225 		stat = rpc_createerr.cf_stat;
226 		goto out;
227 	}
228 
229 	CLNT_CONTROL(newclient, CLSET_FD_CLOSE, 0);
230 	CLNT_CONTROL(newclient, CLSET_CONNECT, &one);
231 	CLNT_CONTROL(newclient, CLSET_TIMEOUT, &rc->rc_timeout);
232 	CLNT_CONTROL(newclient, CLSET_RETRY_TIMEOUT, &rc->rc_retry);
233 	CLNT_CONTROL(newclient, CLSET_WAITCHAN, rc->rc_waitchan);
234 	CLNT_CONTROL(newclient, CLSET_INTERRUPTIBLE, &rc->rc_intr);
235 	if (rc->rc_tls)
236 		CLNT_CONTROL(newclient, CLSET_TLS, ssl);
237 	if (rc->rc_backchannel != NULL)
238 		CLNT_CONTROL(newclient, CLSET_BACKCHANNEL, rc->rc_backchannel);
239 	stat = RPC_SUCCESS;
240 
241 out:
242 	mtx_lock(&rc->rc_lock);
243 	KASSERT(rc->rc_client == NULL, ("rc_client not null"));
244 	if (!rc->rc_closed) {
245 		rc->rc_client = newclient;
246 		newclient = NULL;
247 	}
248 	rc->rc_connecting = FALSE;
249 	wakeup(rc);
250 	mtx_unlock(&rc->rc_lock);
251 
252 	if (newclient) {
253 		/*
254 		 * It has been closed, so discard the new client.
255 		 * nb: clnt_[dg|vc]_close()/clnt_[dg|vc]_destroy() cannot
256 		 * be called with the rc_lock mutex held, since they may
257 		 * msleep() while holding a different mutex.
258 		 */
259 		CLNT_CLOSE(newclient);
260 		CLNT_RELEASE(newclient);
261 	}
262 
263 	return (stat);
264 }
265 
266 static enum clnt_stat
267 clnt_reconnect_call(
268 	CLIENT		*cl,		/* client handle */
269 	struct rpc_callextra *ext,	/* call metadata */
270 	rpcproc_t	proc,		/* procedure number */
271 	struct mbuf	*args,		/* pointer to args */
272 	struct mbuf	**resultsp,	/* pointer to results */
273 	struct timeval	utimeout)
274 {
275 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
276 	CLIENT *client;
277 	enum clnt_stat stat;
278 	int tries, error;
279 
280 	tries = 0;
281 	do {
282 		mtx_lock(&rc->rc_lock);
283 		if (rc->rc_closed) {
284 			mtx_unlock(&rc->rc_lock);
285 			return (RPC_CANTSEND);
286 		}
287 
288 		if (!rc->rc_client) {
289 			mtx_unlock(&rc->rc_lock);
290 			stat = clnt_reconnect_connect(cl);
291 			if (stat == RPC_SYSTEMERROR) {
292 				error = tsleep(&fake_wchan,
293 				    rc->rc_intr ? PCATCH : 0, "rpccon", hz);
294 				if (error == EINTR || error == ERESTART)
295 					return (RPC_INTR);
296 				tries++;
297 				if (tries >= rc->rc_retries)
298 					return (stat);
299 				continue;
300 			}
301 			if (stat != RPC_SUCCESS)
302 				return (stat);
303 			mtx_lock(&rc->rc_lock);
304 		}
305 
306 		if (!rc->rc_client) {
307 			mtx_unlock(&rc->rc_lock);
308 			stat = RPC_FAILED;
309 			continue;
310 		}
311 		CLNT_ACQUIRE(rc->rc_client);
312 		client = rc->rc_client;
313 		mtx_unlock(&rc->rc_lock);
314 		stat = CLNT_CALL_MBUF(client, ext, proc, args,
315 		    resultsp, utimeout);
316 
317 		if (stat != RPC_SUCCESS) {
318 			if (!ext)
319 				CLNT_GETERR(client, &rc->rc_err);
320 		}
321 
322 		if (stat == RPC_TIMEDOUT) {
323 			/*
324 			 * Check for async send misfeature for NLM
325 			 * protocol.
326 			 */
327 			if ((rc->rc_timeout.tv_sec == 0
328 				&& rc->rc_timeout.tv_usec == 0)
329 			    || (rc->rc_timeout.tv_sec == -1
330 				&& utimeout.tv_sec == 0
331 				&& utimeout.tv_usec == 0)) {
332 				CLNT_RELEASE(client);
333 				break;
334 			}
335 		}
336 
337 		if (stat == RPC_TIMEDOUT || stat == RPC_CANTSEND
338 		    || stat == RPC_CANTRECV) {
339 			tries++;
340 			if (tries >= rc->rc_retries) {
341 				CLNT_RELEASE(client);
342 				break;
343 			}
344 
345 			if (ext && ext->rc_feedback)
346 				ext->rc_feedback(FEEDBACK_RECONNECT, proc,
347 				    ext->rc_feedback_arg);
348 
349 			mtx_lock(&rc->rc_lock);
350 			/*
351 			 * Make sure that someone else hasn't already
352 			 * reconnected by checking if rc_client has changed.
353 			 * If not, we are done with the client and must
354 			 * do CLNT_RELEASE(client) twice to dispose of it,
355 			 * because there is both an initial refcnt and one
356 			 * acquired by CLNT_ACQUIRE() above.
357 			 */
358 			if (rc->rc_client == client) {
359 				rc->rc_client = NULL;
360 				mtx_unlock(&rc->rc_lock);
361 				CLNT_RELEASE(client);
362 			} else {
363 				mtx_unlock(&rc->rc_lock);
364 			}
365 			CLNT_RELEASE(client);
366 		} else {
367 			CLNT_RELEASE(client);
368 			break;
369 		}
370 	} while (stat != RPC_SUCCESS);
371 
372 	KASSERT(stat != RPC_SUCCESS || *resultsp,
373 	    ("RPC_SUCCESS without reply"));
374 
375 	return (stat);
376 }
377 
378 static void
379 clnt_reconnect_geterr(CLIENT *cl, struct rpc_err *errp)
380 {
381 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
382 
383 	*errp = rc->rc_err;
384 }
385 
386 /*
387  * Since this function requires that rc_client be valid, it can
388  * only be called when that is guaranteed to be the case.
389  */
390 static bool_t
391 clnt_reconnect_freeres(CLIENT *cl, xdrproc_t xdr_res, void *res_ptr)
392 {
393 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
394 
395 	return (CLNT_FREERES(rc->rc_client, xdr_res, res_ptr));
396 }
397 
398 /*ARGSUSED*/
399 static void
400 clnt_reconnect_abort(CLIENT *h)
401 {
402 }
403 
404 /*
405  * CLNT_CONTROL() on the client returned by clnt_reconnect_create() must
406  * always be called before CLNT_CALL_MBUF() by a single thread only.
407  */
408 static bool_t
409 clnt_reconnect_control(CLIENT *cl, u_int request, void *info)
410 {
411 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
412 	SVCXPRT *xprt;
413 	size_t slen;
414 	struct rpc_reconupcall *upcp;
415 
416 	if (info == NULL) {
417 		return (FALSE);
418 	}
419 	switch (request) {
420 	case CLSET_TIMEOUT:
421 		rc->rc_timeout = *(struct timeval *)info;
422 		if (rc->rc_client)
423 			CLNT_CONTROL(rc->rc_client, request, info);
424 		break;
425 
426 	case CLGET_TIMEOUT:
427 		*(struct timeval *)info = rc->rc_timeout;
428 		break;
429 
430 	case CLSET_RETRY_TIMEOUT:
431 		rc->rc_retry = *(struct timeval *)info;
432 		if (rc->rc_client)
433 			CLNT_CONTROL(rc->rc_client, request, info);
434 		break;
435 
436 	case CLGET_RETRY_TIMEOUT:
437 		*(struct timeval *)info = rc->rc_retry;
438 		break;
439 
440 	case CLGET_VERS:
441 		*(uint32_t *)info = rc->rc_vers;
442 		break;
443 
444 	case CLSET_VERS:
445 		rc->rc_vers = *(uint32_t *) info;
446 		if (rc->rc_client)
447 			CLNT_CONTROL(rc->rc_client, CLSET_VERS, info);
448 		break;
449 
450 	case CLGET_PROG:
451 		*(uint32_t *)info = rc->rc_prog;
452 		break;
453 
454 	case CLSET_PROG:
455 		rc->rc_prog = *(uint32_t *) info;
456 		if (rc->rc_client)
457 			CLNT_CONTROL(rc->rc_client, request, info);
458 		break;
459 
460 	case CLSET_WAITCHAN:
461 		rc->rc_waitchan = (char *)info;
462 		if (rc->rc_client)
463 			CLNT_CONTROL(rc->rc_client, request, info);
464 		break;
465 
466 	case CLGET_WAITCHAN:
467 		*(const char **) info = rc->rc_waitchan;
468 		break;
469 
470 	case CLSET_INTERRUPTIBLE:
471 		rc->rc_intr = *(int *) info;
472 		if (rc->rc_client)
473 			CLNT_CONTROL(rc->rc_client, request, info);
474 		break;
475 
476 	case CLGET_INTERRUPTIBLE:
477 		*(int *) info = rc->rc_intr;
478 		break;
479 
480 	case CLSET_RETRIES:
481 		rc->rc_retries = *(int *) info;
482 		break;
483 
484 	case CLGET_RETRIES:
485 		*(int *) info = rc->rc_retries;
486 		break;
487 
488 	case CLSET_PRIVPORT:
489 		rc->rc_privport = *(int *) info;
490 		break;
491 
492 	case CLGET_PRIVPORT:
493 		*(int *) info = rc->rc_privport;
494 		break;
495 
496 	case CLSET_BACKCHANNEL:
497 		xprt = (SVCXPRT *)info;
498 		xprt_register(xprt);
499 		rc->rc_backchannel = info;
500 		break;
501 
502 	case CLSET_TLS:
503 		rc->rc_tls = true;
504 		break;
505 
506 	case CLSET_TLSCERTNAME:
507 		slen = strlen(info) + 1;
508 		/*
509 		 * tlscertname with "key.pem" appended to it forms a file
510 		 * name.  As such, the maximum allowable strlen(info) is
511 		 * NAME_MAX - 7. However, "slen" includes the nul termination
512 		 * byte so it can be up to NAME_MAX - 6.
513 		 */
514 		if (slen <= 1 || slen > NAME_MAX - 6)
515 			return (FALSE);
516 		rc->rc_tlscertname = mem_alloc(slen);
517 		strlcpy(rc->rc_tlscertname, info, slen);
518 		break;
519 
520 	case CLSET_RECONUPCALL:
521 		upcp = (struct rpc_reconupcall *)info;
522 		rc->rc_reconcall = upcp->call;
523 		rc->rc_reconarg = upcp->arg;
524 		break;
525 
526 	default:
527 		return (FALSE);
528 	}
529 
530 	return (TRUE);
531 }
532 
533 static void
534 clnt_reconnect_close(CLIENT *cl)
535 {
536 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
537 	CLIENT *client;
538 
539 	mtx_lock(&rc->rc_lock);
540 
541 	if (rc->rc_closed) {
542 		mtx_unlock(&rc->rc_lock);
543 		return;
544 	}
545 
546 	rc->rc_closed = TRUE;
547 	client = rc->rc_client;
548 	rc->rc_client = NULL;
549 
550 	mtx_unlock(&rc->rc_lock);
551 
552 	if (client) {
553 		CLNT_CLOSE(client);
554 		CLNT_RELEASE(client);
555 	}
556 }
557 
558 static void
559 clnt_reconnect_destroy(CLIENT *cl)
560 {
561 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
562 	SVCXPRT *xprt;
563 
564 	if (rc->rc_client)
565 		CLNT_DESTROY(rc->rc_client);
566 	if (rc->rc_backchannel) {
567 		xprt = (SVCXPRT *)rc->rc_backchannel;
568 		KASSERT(xprt->xp_socket == NULL,
569 		    ("clnt_reconnect_destroy: xp_socket not NULL"));
570 		xprt_unregister(xprt);
571 		SVC_RELEASE(xprt);
572 	}
573 	crfree(rc->rc_ucred);
574 	mtx_destroy(&rc->rc_lock);
575 	mem_free(rc->rc_tlscertname, 0);	/* 0 ok, since arg. ignored. */
576 	mem_free(rc->rc_reconarg, 0);
577 	mem_free(rc, sizeof(*rc));
578 	mem_free(cl, sizeof (CLIENT));
579 }
580