xref: /freebsd/sys/rpc/clnt_rc.c (revision d198b8774d2cfb6f140893e1c6236af9e97d1497)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
5  * Authors: Doug Rabson <dfr@rabson.org>
6  * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
32 
33 #include <sys/param.h>
34 #include <sys/systm.h>
35 #include <sys/kernel.h>
36 #include <sys/limits.h>
37 #include <sys/lock.h>
38 #include <sys/malloc.h>
39 #include <sys/mbuf.h>
40 #include <sys/mutex.h>
41 #include <sys/pcpu.h>
42 #include <sys/proc.h>
43 #include <sys/socket.h>
44 #include <sys/socketvar.h>
45 #include <sys/time.h>
46 #include <sys/uio.h>
47 
48 #include <rpc/rpc.h>
49 #include <rpc/rpc_com.h>
50 #include <rpc/krpc.h>
51 #include <rpc/rpcsec_tls.h>
52 
53 static enum clnt_stat clnt_reconnect_call(CLIENT *, struct rpc_callextra *,
54     rpcproc_t, struct mbuf *, struct mbuf **, struct timeval);
55 static void clnt_reconnect_geterr(CLIENT *, struct rpc_err *);
56 static bool_t clnt_reconnect_freeres(CLIENT *, xdrproc_t, void *);
57 static void clnt_reconnect_abort(CLIENT *);
58 static bool_t clnt_reconnect_control(CLIENT *, u_int, void *);
59 static void clnt_reconnect_close(CLIENT *);
60 static void clnt_reconnect_destroy(CLIENT *);
61 
62 static const struct clnt_ops clnt_reconnect_ops = {
63 	.cl_call =	clnt_reconnect_call,
64 	.cl_abort =	clnt_reconnect_abort,
65 	.cl_geterr =	clnt_reconnect_geterr,
66 	.cl_freeres =	clnt_reconnect_freeres,
67 	.cl_close =	clnt_reconnect_close,
68 	.cl_destroy =	clnt_reconnect_destroy,
69 	.cl_control =	clnt_reconnect_control
70 };
71 
72 static int	fake_wchan;
73 
74 CLIENT *
75 clnt_reconnect_create(
76 	struct netconfig *nconf,	/* network type */
77 	struct sockaddr *svcaddr,	/* servers address */
78 	rpcprog_t program,		/* program number */
79 	rpcvers_t version,		/* version number */
80 	size_t sendsz,			/* buffer recv size */
81 	size_t recvsz)			/* buffer send size */
82 {
83 	CLIENT *cl = NULL;		/* client handle */
84 	struct rc_data *rc = NULL;	/* private data */
85 
86 	if (svcaddr == NULL) {
87 		rpc_createerr.cf_stat = RPC_UNKNOWNADDR;
88 		return (NULL);
89 	}
90 
91 	cl = mem_alloc(sizeof (CLIENT));
92 	rc = mem_alloc(sizeof (*rc));
93 	mtx_init(&rc->rc_lock, "rc->rc_lock", NULL, MTX_DEF);
94 	(void) memcpy(&rc->rc_addr, svcaddr, (size_t)svcaddr->sa_len);
95 	rc->rc_nconf = nconf;
96 	rc->rc_prog = program;
97 	rc->rc_vers = version;
98 	rc->rc_sendsz = sendsz;
99 	rc->rc_recvsz = recvsz;
100 	rc->rc_timeout.tv_sec = -1;
101 	rc->rc_timeout.tv_usec = -1;
102 	rc->rc_retry.tv_sec = 3;
103 	rc->rc_retry.tv_usec = 0;
104 	rc->rc_retries = INT_MAX;
105 	rc->rc_privport = FALSE;
106 	rc->rc_waitchan = "rpcrecv";
107 	rc->rc_intr = 0;
108 	rc->rc_connecting = FALSE;
109 	rc->rc_closed = FALSE;
110 	rc->rc_ucred = crdup(curthread->td_ucred);
111 	rc->rc_client = NULL;
112 	rc->rc_tls = false;
113 	rc->rc_tlscertname = NULL;
114 	rc->rc_reconcall = NULL;
115 	rc->rc_reconarg = NULL;
116 
117 	cl->cl_refs = 1;
118 	cl->cl_ops = &clnt_reconnect_ops;
119 	cl->cl_private = (caddr_t)(void *)rc;
120 	cl->cl_auth = authnone_create();
121 	cl->cl_tp = NULL;
122 	cl->cl_netid = NULL;
123 	return (cl);
124 }
125 
126 static enum clnt_stat
127 clnt_reconnect_connect(CLIENT *cl)
128 {
129 	struct thread *td = curthread;
130 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
131 	struct socket *so;
132 	enum clnt_stat stat;
133 	int error;
134 	int one = 1;
135 	struct ucred *oldcred;
136 	CLIENT *newclient = NULL;
137 	uint64_t ssl[3];
138 	uint32_t reterr;
139 
140 	mtx_lock(&rc->rc_lock);
141 	while (rc->rc_connecting) {
142 		error = msleep(rc, &rc->rc_lock,
143 		    rc->rc_intr ? PCATCH : 0, "rpcrecon", 0);
144 		if (error) {
145 			mtx_unlock(&rc->rc_lock);
146 			return (RPC_INTR);
147 		}
148 	}
149 	if (rc->rc_closed) {
150 		mtx_unlock(&rc->rc_lock);
151 		return (RPC_CANTSEND);
152 	}
153 	if (rc->rc_client) {
154 		mtx_unlock(&rc->rc_lock);
155 		return (RPC_SUCCESS);
156 	}
157 
158 	/*
159 	 * My turn to attempt a connect. The rc_connecting variable
160 	 * serializes the following code sequence, so it is guaranteed
161 	 * that rc_client will still be NULL after it is re-locked below,
162 	 * since that is the only place it is set non-NULL.
163 	 */
164 	rc->rc_connecting = TRUE;
165 	mtx_unlock(&rc->rc_lock);
166 
167 	oldcred = td->td_ucred;
168 	td->td_ucred = rc->rc_ucred;
169 	so = __rpc_nconf2socket(rc->rc_nconf);
170 	if (!so) {
171 		stat = rpc_createerr.cf_stat = RPC_TLIERROR;
172 		rpc_createerr.cf_error.re_errno = 0;
173 		td->td_ucred = oldcred;
174 		goto out;
175 	}
176 
177 	if (rc->rc_privport)
178 		bindresvport(so, NULL);
179 
180 	if (rc->rc_nconf->nc_semantics == NC_TPI_CLTS)
181 		newclient = clnt_dg_create(so,
182 		    (struct sockaddr *) &rc->rc_addr, rc->rc_prog, rc->rc_vers,
183 		    rc->rc_sendsz, rc->rc_recvsz);
184 	else {
185 		/*
186 		 * I do not believe a timeout of less than 1sec would make
187 		 * sense here since short delays can occur when a server is
188 		 * temporarily overloaded.
189 		 */
190 		if (rc->rc_timeout.tv_sec > 0 && rc->rc_timeout.tv_usec >= 0) {
191 			error = so_setsockopt(so, SOL_SOCKET, SO_SNDTIMEO,
192 			    &rc->rc_timeout, sizeof(struct timeval));
193 			if (error != 0) {
194 				stat = rpc_createerr.cf_stat = RPC_CANTSEND;
195 				rpc_createerr.cf_error.re_errno = error;
196 				td->td_ucred = oldcred;
197 				goto out;
198 			}
199 		}
200 		newclient = clnt_vc_create(so,
201 		    (struct sockaddr *) &rc->rc_addr, rc->rc_prog, rc->rc_vers,
202 		    rc->rc_sendsz, rc->rc_recvsz, rc->rc_intr);
203 		if (rc->rc_tls && newclient != NULL) {
204 			stat = rpctls_connect(newclient, rc->rc_tlscertname, so,
205 			    ssl, &reterr);
206 			if (stat != RPC_SUCCESS || reterr != RPCTLSERR_OK) {
207 				if (stat == RPC_SUCCESS)
208 					stat = RPC_FAILED;
209 				stat = rpc_createerr.cf_stat = stat;
210 				rpc_createerr.cf_error.re_errno = 0;
211 				CLNT_CLOSE(newclient);
212 				CLNT_RELEASE(newclient);
213 				newclient = NULL;
214 				td->td_ucred = oldcred;
215 				goto out;
216 			}
217 		}
218 		if (newclient != NULL && rc->rc_reconcall != NULL)
219 			(*rc->rc_reconcall)(newclient, rc->rc_reconarg,
220 			    rc->rc_ucred);
221 	}
222 	td->td_ucred = oldcred;
223 
224 	if (!newclient) {
225 		soclose(so);
226 		rc->rc_err = rpc_createerr.cf_error;
227 		stat = rpc_createerr.cf_stat;
228 		goto out;
229 	}
230 
231 	CLNT_CONTROL(newclient, CLSET_FD_CLOSE, 0);
232 	CLNT_CONTROL(newclient, CLSET_CONNECT, &one);
233 	CLNT_CONTROL(newclient, CLSET_TIMEOUT, &rc->rc_timeout);
234 	CLNT_CONTROL(newclient, CLSET_RETRY_TIMEOUT, &rc->rc_retry);
235 	CLNT_CONTROL(newclient, CLSET_WAITCHAN, rc->rc_waitchan);
236 	CLNT_CONTROL(newclient, CLSET_INTERRUPTIBLE, &rc->rc_intr);
237 	if (rc->rc_tls)
238 		CLNT_CONTROL(newclient, CLSET_TLS, ssl);
239 	if (rc->rc_backchannel != NULL)
240 		CLNT_CONTROL(newclient, CLSET_BACKCHANNEL, rc->rc_backchannel);
241 	stat = RPC_SUCCESS;
242 
243 out:
244 	mtx_lock(&rc->rc_lock);
245 	KASSERT(rc->rc_client == NULL, ("rc_client not null"));
246 	if (!rc->rc_closed) {
247 		rc->rc_client = newclient;
248 		newclient = NULL;
249 	}
250 	rc->rc_connecting = FALSE;
251 	wakeup(rc);
252 	mtx_unlock(&rc->rc_lock);
253 
254 	if (newclient) {
255 		/*
256 		 * It has been closed, so discard the new client.
257 		 * nb: clnt_[dg|vc]_close()/clnt_[dg|vc]_destroy() cannot
258 		 * be called with the rc_lock mutex held, since they may
259 		 * msleep() while holding a different mutex.
260 		 */
261 		CLNT_CLOSE(newclient);
262 		CLNT_RELEASE(newclient);
263 	}
264 
265 	return (stat);
266 }
267 
268 static enum clnt_stat
269 clnt_reconnect_call(
270 	CLIENT		*cl,		/* client handle */
271 	struct rpc_callextra *ext,	/* call metadata */
272 	rpcproc_t	proc,		/* procedure number */
273 	struct mbuf	*args,		/* pointer to args */
274 	struct mbuf	**resultsp,	/* pointer to results */
275 	struct timeval	utimeout)
276 {
277 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
278 	CLIENT *client;
279 	enum clnt_stat stat;
280 	int tries, error;
281 
282 	tries = 0;
283 	do {
284 		mtx_lock(&rc->rc_lock);
285 		if (rc->rc_closed) {
286 			mtx_unlock(&rc->rc_lock);
287 			return (RPC_CANTSEND);
288 		}
289 
290 		if (!rc->rc_client) {
291 			mtx_unlock(&rc->rc_lock);
292 			stat = clnt_reconnect_connect(cl);
293 			if (stat == RPC_SYSTEMERROR) {
294 				error = tsleep(&fake_wchan,
295 				    rc->rc_intr ? PCATCH : 0, "rpccon", hz);
296 				if (error == EINTR || error == ERESTART)
297 					return (RPC_INTR);
298 				tries++;
299 				if (tries >= rc->rc_retries)
300 					return (stat);
301 				continue;
302 			}
303 			if (stat != RPC_SUCCESS)
304 				return (stat);
305 			mtx_lock(&rc->rc_lock);
306 		}
307 
308 		if (!rc->rc_client) {
309 			mtx_unlock(&rc->rc_lock);
310 			stat = RPC_FAILED;
311 			continue;
312 		}
313 		CLNT_ACQUIRE(rc->rc_client);
314 		client = rc->rc_client;
315 		mtx_unlock(&rc->rc_lock);
316 		stat = CLNT_CALL_MBUF(client, ext, proc, args,
317 		    resultsp, utimeout);
318 
319 		if (stat != RPC_SUCCESS) {
320 			if (!ext)
321 				CLNT_GETERR(client, &rc->rc_err);
322 		}
323 
324 		if (stat == RPC_TIMEDOUT) {
325 			/*
326 			 * Check for async send misfeature for NLM
327 			 * protocol.
328 			 */
329 			if ((rc->rc_timeout.tv_sec == 0
330 				&& rc->rc_timeout.tv_usec == 0)
331 			    || (rc->rc_timeout.tv_sec == -1
332 				&& utimeout.tv_sec == 0
333 				&& utimeout.tv_usec == 0)) {
334 				CLNT_RELEASE(client);
335 				break;
336 			}
337 		}
338 
339 		if (stat == RPC_TIMEDOUT || stat == RPC_CANTSEND
340 		    || stat == RPC_CANTRECV) {
341 			tries++;
342 			if (tries >= rc->rc_retries) {
343 				CLNT_RELEASE(client);
344 				break;
345 			}
346 
347 			if (ext && ext->rc_feedback)
348 				ext->rc_feedback(FEEDBACK_RECONNECT, proc,
349 				    ext->rc_feedback_arg);
350 
351 			mtx_lock(&rc->rc_lock);
352 			/*
353 			 * Make sure that someone else hasn't already
354 			 * reconnected by checking if rc_client has changed.
355 			 * If not, we are done with the client and must
356 			 * do CLNT_RELEASE(client) twice to dispose of it,
357 			 * because there is both an initial refcnt and one
358 			 * acquired by CLNT_ACQUIRE() above.
359 			 */
360 			if (rc->rc_client == client) {
361 				rc->rc_client = NULL;
362 				mtx_unlock(&rc->rc_lock);
363 				CLNT_RELEASE(client);
364 			} else {
365 				mtx_unlock(&rc->rc_lock);
366 			}
367 			CLNT_RELEASE(client);
368 		} else {
369 			CLNT_RELEASE(client);
370 			break;
371 		}
372 	} while (stat != RPC_SUCCESS);
373 
374 	KASSERT(stat != RPC_SUCCESS || *resultsp,
375 	    ("RPC_SUCCESS without reply"));
376 
377 	return (stat);
378 }
379 
380 static void
381 clnt_reconnect_geterr(CLIENT *cl, struct rpc_err *errp)
382 {
383 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
384 
385 	*errp = rc->rc_err;
386 }
387 
388 /*
389  * Since this function requires that rc_client be valid, it can
390  * only be called when that is guaranteed to be the case.
391  */
392 static bool_t
393 clnt_reconnect_freeres(CLIENT *cl, xdrproc_t xdr_res, void *res_ptr)
394 {
395 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
396 
397 	return (CLNT_FREERES(rc->rc_client, xdr_res, res_ptr));
398 }
399 
400 /*ARGSUSED*/
401 static void
402 clnt_reconnect_abort(CLIENT *h)
403 {
404 }
405 
406 /*
407  * CLNT_CONTROL() on the client returned by clnt_reconnect_create() must
408  * always be called before CLNT_CALL_MBUF() by a single thread only.
409  */
410 static bool_t
411 clnt_reconnect_control(CLIENT *cl, u_int request, void *info)
412 {
413 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
414 	SVCXPRT *xprt;
415 	size_t slen;
416 	struct rpc_reconupcall *upcp;
417 
418 	if (info == NULL) {
419 		return (FALSE);
420 	}
421 	switch (request) {
422 	case CLSET_TIMEOUT:
423 		rc->rc_timeout = *(struct timeval *)info;
424 		if (rc->rc_client)
425 			CLNT_CONTROL(rc->rc_client, request, info);
426 		break;
427 
428 	case CLGET_TIMEOUT:
429 		*(struct timeval *)info = rc->rc_timeout;
430 		break;
431 
432 	case CLSET_RETRY_TIMEOUT:
433 		rc->rc_retry = *(struct timeval *)info;
434 		if (rc->rc_client)
435 			CLNT_CONTROL(rc->rc_client, request, info);
436 		break;
437 
438 	case CLGET_RETRY_TIMEOUT:
439 		*(struct timeval *)info = rc->rc_retry;
440 		break;
441 
442 	case CLGET_VERS:
443 		*(uint32_t *)info = rc->rc_vers;
444 		break;
445 
446 	case CLSET_VERS:
447 		rc->rc_vers = *(uint32_t *) info;
448 		if (rc->rc_client)
449 			CLNT_CONTROL(rc->rc_client, CLSET_VERS, info);
450 		break;
451 
452 	case CLGET_PROG:
453 		*(uint32_t *)info = rc->rc_prog;
454 		break;
455 
456 	case CLSET_PROG:
457 		rc->rc_prog = *(uint32_t *) info;
458 		if (rc->rc_client)
459 			CLNT_CONTROL(rc->rc_client, request, info);
460 		break;
461 
462 	case CLSET_WAITCHAN:
463 		rc->rc_waitchan = (char *)info;
464 		if (rc->rc_client)
465 			CLNT_CONTROL(rc->rc_client, request, info);
466 		break;
467 
468 	case CLGET_WAITCHAN:
469 		*(const char **) info = rc->rc_waitchan;
470 		break;
471 
472 	case CLSET_INTERRUPTIBLE:
473 		rc->rc_intr = *(int *) info;
474 		if (rc->rc_client)
475 			CLNT_CONTROL(rc->rc_client, request, info);
476 		break;
477 
478 	case CLGET_INTERRUPTIBLE:
479 		*(int *) info = rc->rc_intr;
480 		break;
481 
482 	case CLSET_RETRIES:
483 		rc->rc_retries = *(int *) info;
484 		break;
485 
486 	case CLGET_RETRIES:
487 		*(int *) info = rc->rc_retries;
488 		break;
489 
490 	case CLSET_PRIVPORT:
491 		rc->rc_privport = *(int *) info;
492 		break;
493 
494 	case CLGET_PRIVPORT:
495 		*(int *) info = rc->rc_privport;
496 		break;
497 
498 	case CLSET_BACKCHANNEL:
499 		xprt = (SVCXPRT *)info;
500 		xprt_register(xprt);
501 		rc->rc_backchannel = info;
502 		break;
503 
504 	case CLSET_TLS:
505 		rc->rc_tls = true;
506 		break;
507 
508 	case CLSET_TLSCERTNAME:
509 		slen = strlen(info) + 1;
510 		/*
511 		 * tlscertname with "key.pem" appended to it forms a file
512 		 * name.  As such, the maximum allowable strlen(info) is
513 		 * NAME_MAX - 7. However, "slen" includes the nul termination
514 		 * byte so it can be up to NAME_MAX - 6.
515 		 */
516 		if (slen <= 1 || slen > NAME_MAX - 6)
517 			return (FALSE);
518 		rc->rc_tlscertname = mem_alloc(slen);
519 		strlcpy(rc->rc_tlscertname, info, slen);
520 		break;
521 
522 	case CLSET_RECONUPCALL:
523 		upcp = (struct rpc_reconupcall *)info;
524 		rc->rc_reconcall = upcp->call;
525 		rc->rc_reconarg = upcp->arg;
526 		break;
527 
528 	default:
529 		return (FALSE);
530 	}
531 
532 	return (TRUE);
533 }
534 
535 static void
536 clnt_reconnect_close(CLIENT *cl)
537 {
538 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
539 	CLIENT *client;
540 
541 	mtx_lock(&rc->rc_lock);
542 
543 	if (rc->rc_closed) {
544 		mtx_unlock(&rc->rc_lock);
545 		return;
546 	}
547 
548 	rc->rc_closed = TRUE;
549 	client = rc->rc_client;
550 	rc->rc_client = NULL;
551 
552 	mtx_unlock(&rc->rc_lock);
553 
554 	if (client) {
555 		CLNT_CLOSE(client);
556 		CLNT_RELEASE(client);
557 	}
558 }
559 
560 static void
561 clnt_reconnect_destroy(CLIENT *cl)
562 {
563 	struct rc_data *rc = (struct rc_data *)cl->cl_private;
564 	SVCXPRT *xprt;
565 
566 	if (rc->rc_client)
567 		CLNT_DESTROY(rc->rc_client);
568 	if (rc->rc_backchannel) {
569 		xprt = (SVCXPRT *)rc->rc_backchannel;
570 		KASSERT(xprt->xp_socket == NULL,
571 		    ("clnt_reconnect_destroy: xp_socket not NULL"));
572 		xprt_unregister(xprt);
573 		SVC_RELEASE(xprt);
574 	}
575 	crfree(rc->rc_ucred);
576 	mtx_destroy(&rc->rc_lock);
577 	mem_free(rc->rc_tlscertname, 0);	/* 0 ok, since arg. ignored. */
578 	mem_free(rc->rc_reconarg, 0);
579 	mem_free(rc, sizeof(*rc));
580 	mem_free(cl, sizeof (CLIENT));
581 }
582