1 /* $NetBSD: svc_vc.c,v 1.7 2000/08/03 00:01:53 fvdl Exp $ */ 2 3 /*- 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 * Copyright (c) 2009, Sun Microsystems, Inc. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions are met: 11 * - Redistributions of source code must retain the above copyright notice, 12 * this list of conditions and the following disclaimer. 13 * - Redistributions in binary form must reproduce the above copyright notice, 14 * this list of conditions and the following disclaimer in the documentation 15 * and/or other materials provided with the distribution. 16 * - Neither the name of Sun Microsystems, Inc. nor the names of its 17 * contributors may be used to endorse or promote products derived 18 * from this software without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 24 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #include <sys/cdefs.h> 34 /* 35 * svc_vc.c, Server side for Connection Oriented based RPC. 36 * 37 * Actually implements two flavors of transporter - 38 * a tcp rendezvouser (a listener and connection establisher) 39 * and a record/tcp stream. 40 */ 41 42 #include "opt_kern_tls.h" 43 44 #include <sys/param.h> 45 #include <sys/limits.h> 46 #include <sys/lock.h> 47 #include <sys/kernel.h> 48 #include <sys/ktls.h> 49 #include <sys/malloc.h> 50 #include <sys/mbuf.h> 51 #include <sys/mutex.h> 52 #include <sys/proc.h> 53 #include <sys/protosw.h> 54 #include <sys/queue.h> 55 #include <sys/socket.h> 56 #include <sys/socketvar.h> 57 #include <sys/sx.h> 58 #include <sys/systm.h> 59 #include <sys/uio.h> 60 61 #include <net/vnet.h> 62 63 #include <netinet/tcp.h> 64 65 #include <rpc/rpc.h> 66 #include <rpc/rpcsec_tls.h> 67 68 #include <rpc/krpc.h> 69 #include <rpc/rpc_com.h> 70 71 #include <security/mac/mac_framework.h> 72 73 SYSCTL_NODE(_kern, OID_AUTO, rpc, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 74 "RPC"); 75 SYSCTL_NODE(_kern_rpc, OID_AUTO, tls, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 76 "TLS"); 77 SYSCTL_NODE(_kern_rpc, OID_AUTO, unenc, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 78 "unencrypted"); 79 80 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_rx_msgbytes) = 0; 81 SYSCTL_U64(_kern_rpc_unenc, OID_AUTO, rx_msgbytes, CTLFLAG_KRPC_VNET | CTLFLAG_RW, 82 &KRPC_VNET_NAME(svc_vc_rx_msgbytes), 0, "Count of non-TLS rx bytes"); 83 84 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_rx_msgcnt) = 0; 85 SYSCTL_U64(_kern_rpc_unenc, OID_AUTO, rx_msgcnt, CTLFLAG_KRPC_VNET | CTLFLAG_RW, 86 &KRPC_VNET_NAME(svc_vc_rx_msgcnt), 0, "Count of non-TLS rx messages"); 87 88 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tx_msgbytes) = 0; 89 SYSCTL_U64(_kern_rpc_unenc, OID_AUTO, tx_msgbytes, CTLFLAG_KRPC_VNET | CTLFLAG_RW, 90 &KRPC_VNET_NAME(svc_vc_tx_msgbytes), 0, "Count of non-TLS tx bytes"); 91 92 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tx_msgcnt) = 0; 93 SYSCTL_U64(_kern_rpc_unenc, OID_AUTO, tx_msgcnt, CTLFLAG_KRPC_VNET | CTLFLAG_RW, 94 &KRPC_VNET_NAME(svc_vc_tx_msgcnt), 0, "Count of non-TLS tx messages"); 95 96 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_alerts) = 0; 97 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, alerts, 98 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_alerts), 0, 99 "Count of TLS alert messages"); 100 101 KRPC_VNET_DEFINE(uint64_t, svc_vc_tls_handshake_failed) = 0; 102 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, handshake_failed, 103 CTLFLAG_KRPC_VNET | CTLFLAG_RW, 104 &KRPC_VNET_NAME(svc_vc_tls_handshake_failed), 0, 105 "Count of TLS failed handshakes"); 106 107 KRPC_VNET_DEFINE(uint64_t, svc_vc_tls_handshake_success) = 0; 108 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, handshake_success, 109 CTLFLAG_KRPC_VNET | CTLFLAG_RW, 110 &KRPC_VNET_NAME(svc_vc_tls_handshake_success), 0, 111 "Count of TLS successful handshakes"); 112 113 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_rx_msgbytes) = 0; 114 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, rx_msgbytes, 115 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_rx_msgbytes), 0, 116 "Count of TLS rx bytes"); 117 118 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_rx_msgcnt) = 0; 119 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, rx_msgcnt, 120 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_rx_msgcnt), 0, 121 "Count of TLS rx messages"); 122 123 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_tx_msgbytes) = 0; 124 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, tx_msgbytes, 125 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_tx_msgbytes), 0, 126 "Count of TLS tx bytes"); 127 128 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_tx_msgcnt) = 0; 129 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, tx_msgcnt, 130 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_tx_msgcnt), 0, 131 "Count of TLS tx messages"); 132 133 static bool_t svc_vc_rendezvous_recv(SVCXPRT *, struct rpc_msg *, 134 struct sockaddr **, struct mbuf **); 135 static enum xprt_stat svc_vc_rendezvous_stat(SVCXPRT *); 136 static void svc_vc_rendezvous_destroy(SVCXPRT *); 137 static bool_t svc_vc_null(void); 138 static void svc_vc_destroy(SVCXPRT *); 139 static enum xprt_stat svc_vc_stat(SVCXPRT *); 140 static bool_t svc_vc_ack(SVCXPRT *, uint32_t *); 141 static bool_t svc_vc_recv(SVCXPRT *, struct rpc_msg *, 142 struct sockaddr **, struct mbuf **); 143 static bool_t svc_vc_reply(SVCXPRT *, struct rpc_msg *, 144 struct sockaddr *, struct mbuf *, uint32_t *seq); 145 static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in); 146 static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq, 147 void *in); 148 static void svc_vc_backchannel_destroy(SVCXPRT *); 149 static enum xprt_stat svc_vc_backchannel_stat(SVCXPRT *); 150 static bool_t svc_vc_backchannel_recv(SVCXPRT *, struct rpc_msg *, 151 struct sockaddr **, struct mbuf **); 152 static bool_t svc_vc_backchannel_reply(SVCXPRT *, struct rpc_msg *, 153 struct sockaddr *, struct mbuf *, uint32_t *); 154 static bool_t svc_vc_backchannel_control(SVCXPRT *xprt, const u_int rq, 155 void *in); 156 static SVCXPRT *svc_vc_create_conn(SVCPOOL *pool, struct socket *so, 157 struct sockaddr *raddr); 158 static int svc_vc_accept(struct socket *head, struct socket **sop); 159 static int svc_vc_soupcall(struct socket *so, void *arg, int waitflag); 160 static int svc_vc_rendezvous_soupcall(struct socket *, void *, int); 161 162 static const struct xp_ops svc_vc_rendezvous_ops = { 163 .xp_recv = svc_vc_rendezvous_recv, 164 .xp_stat = svc_vc_rendezvous_stat, 165 .xp_reply = (bool_t (*)(SVCXPRT *, struct rpc_msg *, 166 struct sockaddr *, struct mbuf *, uint32_t *))svc_vc_null, 167 .xp_destroy = svc_vc_rendezvous_destroy, 168 .xp_control = svc_vc_rendezvous_control 169 }; 170 171 static const struct xp_ops svc_vc_ops = { 172 .xp_recv = svc_vc_recv, 173 .xp_stat = svc_vc_stat, 174 .xp_ack = svc_vc_ack, 175 .xp_reply = svc_vc_reply, 176 .xp_destroy = svc_vc_destroy, 177 .xp_control = svc_vc_control 178 }; 179 180 static const struct xp_ops svc_vc_backchannel_ops = { 181 .xp_recv = svc_vc_backchannel_recv, 182 .xp_stat = svc_vc_backchannel_stat, 183 .xp_reply = svc_vc_backchannel_reply, 184 .xp_destroy = svc_vc_backchannel_destroy, 185 .xp_control = svc_vc_backchannel_control 186 }; 187 188 /* 189 * Usage: 190 * xprt = svc_vc_create(sock, send_buf_size, recv_buf_size); 191 * 192 * Creates, registers, and returns a (rpc) tcp based transporter. 193 * Once *xprt is initialized, it is registered as a transporter 194 * see (svc.h, xprt_register). This routine returns 195 * a NULL if a problem occurred. 196 * 197 * The filedescriptor passed in is expected to refer to a bound, but 198 * not yet connected socket. 199 * 200 * Since streams do buffered io similar to stdio, the caller can specify 201 * how big the send and receive buffers are via the second and third parms; 202 * 0 => use the system default. 203 */ 204 SVCXPRT * 205 svc_vc_create(SVCPOOL *pool, struct socket *so, size_t sendsize, 206 size_t recvsize) 207 { 208 SVCXPRT *xprt; 209 int error; 210 211 SOCK_LOCK(so); 212 if (so->so_state & (SS_ISCONNECTED|SS_ISDISCONNECTED)) { 213 struct sockaddr_storage ss = { .ss_len = sizeof(ss) }; 214 215 SOCK_UNLOCK(so); 216 error = sopeeraddr(so, (struct sockaddr *)&ss); 217 if (error) 218 return (NULL); 219 xprt = svc_vc_create_conn(pool, so, (struct sockaddr *)&ss); 220 return (xprt); 221 } 222 SOCK_UNLOCK(so); 223 224 xprt = svc_xprt_alloc(); 225 sx_init(&xprt->xp_lock, "xprt->xp_lock"); 226 xprt->xp_pool = pool; 227 xprt->xp_socket = so; 228 xprt->xp_p1 = NULL; 229 xprt->xp_p2 = NULL; 230 xprt->xp_ops = &svc_vc_rendezvous_ops; 231 232 xprt->xp_ltaddr.ss_len = sizeof(xprt->xp_ltaddr); 233 error = sosockaddr(so, (struct sockaddr *)&xprt->xp_ltaddr); 234 if (error) { 235 goto cleanup_svc_vc_create; 236 } 237 238 xprt_register(xprt); 239 240 solisten(so, -1, curthread); 241 242 SOLISTEN_LOCK(so); 243 xprt->xp_upcallset = 1; 244 solisten_upcall_set(so, svc_vc_rendezvous_soupcall, xprt); 245 SOLISTEN_UNLOCK(so); 246 247 return (xprt); 248 249 cleanup_svc_vc_create: 250 sx_destroy(&xprt->xp_lock); 251 svc_xprt_free(xprt); 252 253 return (NULL); 254 } 255 256 /* 257 * Create a new transport for a socket optained via soaccept(). 258 */ 259 SVCXPRT * 260 svc_vc_create_conn(SVCPOOL *pool, struct socket *so, struct sockaddr *raddr) 261 { 262 SVCXPRT *xprt; 263 struct cf_conn *cd; 264 struct sockopt opt; 265 int one = 1; 266 int error; 267 268 bzero(&opt, sizeof(struct sockopt)); 269 opt.sopt_dir = SOPT_SET; 270 opt.sopt_level = SOL_SOCKET; 271 opt.sopt_name = SO_KEEPALIVE; 272 opt.sopt_val = &one; 273 opt.sopt_valsize = sizeof(one); 274 error = sosetopt(so, &opt); 275 if (error) { 276 return (NULL); 277 } 278 279 if (so->so_proto->pr_protocol == IPPROTO_TCP) { 280 bzero(&opt, sizeof(struct sockopt)); 281 opt.sopt_dir = SOPT_SET; 282 opt.sopt_level = IPPROTO_TCP; 283 opt.sopt_name = TCP_NODELAY; 284 opt.sopt_val = &one; 285 opt.sopt_valsize = sizeof(one); 286 error = sosetopt(so, &opt); 287 if (error) { 288 return (NULL); 289 } 290 } 291 292 cd = mem_alloc(sizeof(*cd)); 293 cd->strm_stat = XPRT_IDLE; 294 295 xprt = svc_xprt_alloc(); 296 sx_init(&xprt->xp_lock, "xprt->xp_lock"); 297 xprt->xp_pool = pool; 298 xprt->xp_socket = so; 299 xprt->xp_p1 = cd; 300 xprt->xp_p2 = NULL; 301 xprt->xp_ops = &svc_vc_ops; 302 303 /* 304 * See http://www.connectathon.org/talks96/nfstcp.pdf - client 305 * has a 5 minute timer, server has a 6 minute timer. 306 */ 307 xprt->xp_idletimeout = 6 * 60; 308 309 memcpy(&xprt->xp_rtaddr, raddr, raddr->sa_len); 310 311 xprt->xp_ltaddr.ss_len = sizeof(xprt->xp_ltaddr); 312 error = sosockaddr(so, (struct sockaddr *)&xprt->xp_ltaddr); 313 if (error) 314 goto cleanup_svc_vc_create; 315 316 xprt_register(xprt); 317 318 SOCK_RECVBUF_LOCK(so); 319 xprt->xp_upcallset = 1; 320 soupcall_set(so, SO_RCV, svc_vc_soupcall, xprt); 321 SOCK_RECVBUF_UNLOCK(so); 322 323 /* 324 * Throw the transport into the active list in case it already 325 * has some data buffered. 326 */ 327 sx_xlock(&xprt->xp_lock); 328 xprt_active(xprt); 329 sx_xunlock(&xprt->xp_lock); 330 331 return (xprt); 332 cleanup_svc_vc_create: 333 sx_destroy(&xprt->xp_lock); 334 svc_xprt_free(xprt); 335 mem_free(cd, sizeof(*cd)); 336 337 return (NULL); 338 } 339 340 /* 341 * Create a new transport for a backchannel on a clnt_vc socket. 342 */ 343 SVCXPRT * 344 svc_vc_create_backchannel(SVCPOOL *pool) 345 { 346 SVCXPRT *xprt = NULL; 347 struct cf_conn *cd = NULL; 348 349 cd = mem_alloc(sizeof(*cd)); 350 cd->strm_stat = XPRT_IDLE; 351 352 xprt = svc_xprt_alloc(); 353 sx_init(&xprt->xp_lock, "xprt->xp_lock"); 354 xprt->xp_pool = pool; 355 xprt->xp_socket = NULL; 356 xprt->xp_p1 = cd; 357 xprt->xp_p2 = NULL; 358 xprt->xp_ops = &svc_vc_backchannel_ops; 359 return (xprt); 360 } 361 362 /* 363 * This does all of the accept except the final call to soaccept. The 364 * caller will call soaccept after dropping its locks (soaccept may 365 * call malloc). 366 */ 367 int 368 svc_vc_accept(struct socket *head, struct socket **sop) 369 { 370 struct socket *so; 371 int error = 0; 372 short nbio; 373 374 KASSERT(SOLISTENING(head), 375 ("%s: socket %p is not listening", __func__, head)); 376 377 #ifdef MAC 378 error = mac_socket_check_accept(curthread->td_ucred, head); 379 if (error != 0) 380 goto done; 381 #endif 382 /* 383 * XXXGL: we want non-blocking semantics. The socket could be a 384 * socket created by kernel as well as socket shared with userland, 385 * so we can't be sure about presense of SS_NBIO. We also shall not 386 * toggle it on the socket, since that may surprise userland. So we 387 * set SS_NBIO only temporarily. 388 */ 389 SOLISTEN_LOCK(head); 390 nbio = head->so_state & SS_NBIO; 391 head->so_state |= SS_NBIO; 392 error = solisten_dequeue(head, &so, nbio ? SOCK_NONBLOCK : 0); 393 if (nbio == 0) { 394 SOLISTEN_LOCK(head); 395 head->so_state &= ~SS_NBIO; 396 SOLISTEN_UNLOCK(head); 397 } 398 if (error) 399 goto done; 400 401 *sop = so; 402 403 /* connection has been removed from the listen queue */ 404 KNOTE_UNLOCKED(&head->so_rdsel.si_note, 0); 405 done: 406 return (error); 407 } 408 409 /*ARGSUSED*/ 410 static bool_t 411 svc_vc_rendezvous_recv(SVCXPRT *xprt, struct rpc_msg *msg, 412 struct sockaddr **addrp, struct mbuf **mp) 413 { 414 struct socket *so = NULL; 415 struct sockaddr_storage ss = { .ss_len = sizeof(ss) }; 416 int error; 417 SVCXPRT *new_xprt; 418 419 /* 420 * The socket upcall calls xprt_active() which will eventually 421 * cause the server to call us here. We attempt to accept a 422 * connection from the socket and turn it into a new 423 * transport. If the accept fails, we have drained all pending 424 * connections so we call xprt_inactive(). 425 */ 426 sx_xlock(&xprt->xp_lock); 427 428 error = svc_vc_accept(xprt->xp_socket, &so); 429 430 if (error == EWOULDBLOCK) { 431 /* 432 * We must re-test for new connections after taking 433 * the lock to protect us in the case where a new 434 * connection arrives after our call to accept fails 435 * with EWOULDBLOCK. 436 */ 437 SOLISTEN_LOCK(xprt->xp_socket); 438 if (TAILQ_EMPTY(&xprt->xp_socket->sol_comp)) 439 xprt_inactive_self(xprt); 440 SOLISTEN_UNLOCK(xprt->xp_socket); 441 sx_xunlock(&xprt->xp_lock); 442 return (FALSE); 443 } 444 445 if (error) { 446 SOLISTEN_LOCK(xprt->xp_socket); 447 if (xprt->xp_upcallset) { 448 xprt->xp_upcallset = 0; 449 soupcall_clear(xprt->xp_socket, SO_RCV); 450 } 451 SOLISTEN_UNLOCK(xprt->xp_socket); 452 xprt_inactive_self(xprt); 453 sx_xunlock(&xprt->xp_lock); 454 return (FALSE); 455 } 456 457 sx_xunlock(&xprt->xp_lock); 458 459 error = soaccept(so, (struct sockaddr *)&ss); 460 461 if (error) { 462 /* 463 * XXX not sure if I need to call sofree or soclose here. 464 */ 465 return (FALSE); 466 } 467 468 /* 469 * svc_vc_create_conn will call xprt_register - we don't need 470 * to do anything with the new connection except derefence it. 471 */ 472 new_xprt = svc_vc_create_conn(xprt->xp_pool, so, 473 (struct sockaddr *)&ss); 474 if (!new_xprt) { 475 soclose(so); 476 } else { 477 SVC_RELEASE(new_xprt); 478 } 479 480 return (FALSE); /* there is never an rpc msg to be processed */ 481 } 482 483 /*ARGSUSED*/ 484 static enum xprt_stat 485 svc_vc_rendezvous_stat(SVCXPRT *xprt) 486 { 487 488 return (XPRT_IDLE); 489 } 490 491 static void 492 svc_vc_destroy_common(SVCXPRT *xprt) 493 { 494 uint32_t reterr; 495 496 if (xprt->xp_socket) { 497 if ((xprt->xp_tls & (RPCTLS_FLAGS_HANDSHAKE | 498 RPCTLS_FLAGS_HANDSHFAIL)) != 0) { 499 CURVNET_SET(xprt->xp_socket->so_vnet); 500 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) { 501 /* 502 * If the upcall fails, the socket has 503 * probably been closed via the rpctlssd 504 * daemon having crashed or been 505 * restarted, so just ignore returned stat. 506 */ 507 rpctls_srv_disconnect(xprt->xp_socket, &reterr); 508 } 509 /* Must sorele() to get rid of reference. */ 510 sorele(xprt->xp_socket); 511 CURVNET_RESTORE(); 512 } else 513 (void)soclose(xprt->xp_socket); 514 } 515 516 if (xprt->xp_netid) 517 (void) mem_free(xprt->xp_netid, strlen(xprt->xp_netid) + 1); 518 svc_xprt_free(xprt); 519 } 520 521 static void 522 svc_vc_rendezvous_destroy(SVCXPRT *xprt) 523 { 524 525 SOLISTEN_LOCK(xprt->xp_socket); 526 if (xprt->xp_upcallset) { 527 xprt->xp_upcallset = 0; 528 solisten_upcall_set(xprt->xp_socket, NULL, NULL); 529 } 530 SOLISTEN_UNLOCK(xprt->xp_socket); 531 532 svc_vc_destroy_common(xprt); 533 } 534 535 static void 536 svc_vc_destroy(SVCXPRT *xprt) 537 { 538 struct cf_conn *cd = (struct cf_conn *)xprt->xp_p1; 539 CLIENT *cl = (CLIENT *)xprt->xp_p2; 540 541 SOCK_RECVBUF_LOCK(xprt->xp_socket); 542 if (xprt->xp_upcallset) { 543 xprt->xp_upcallset = 0; 544 if (xprt->xp_socket->so_rcv.sb_upcall != NULL) 545 soupcall_clear(xprt->xp_socket, SO_RCV); 546 } 547 SOCK_RECVBUF_UNLOCK(xprt->xp_socket); 548 549 if (cl != NULL) 550 CLNT_RELEASE(cl); 551 552 svc_vc_destroy_common(xprt); 553 554 if (cd->mreq) 555 m_freem(cd->mreq); 556 if (cd->mpending) 557 m_freem(cd->mpending); 558 mem_free(cd, sizeof(*cd)); 559 } 560 561 static void 562 svc_vc_backchannel_destroy(SVCXPRT *xprt) 563 { 564 struct cf_conn *cd = (struct cf_conn *)xprt->xp_p1; 565 struct mbuf *m, *m2; 566 567 svc_xprt_free(xprt); 568 m = cd->mreq; 569 while (m != NULL) { 570 m2 = m; 571 m = m->m_nextpkt; 572 m_freem(m2); 573 } 574 mem_free(cd, sizeof(*cd)); 575 } 576 577 /*ARGSUSED*/ 578 static bool_t 579 svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in) 580 { 581 return (FALSE); 582 } 583 584 static bool_t 585 svc_vc_rendezvous_control(SVCXPRT *xprt, const u_int rq, void *in) 586 { 587 588 return (FALSE); 589 } 590 591 static bool_t 592 svc_vc_backchannel_control(SVCXPRT *xprt, const u_int rq, void *in) 593 { 594 595 return (FALSE); 596 } 597 598 static enum xprt_stat 599 svc_vc_stat(SVCXPRT *xprt) 600 { 601 struct cf_conn *cd; 602 603 cd = (struct cf_conn *)(xprt->xp_p1); 604 605 if (cd->strm_stat == XPRT_DIED) 606 return (XPRT_DIED); 607 608 if (cd->mreq != NULL && cd->resid == 0 && cd->eor) 609 return (XPRT_MOREREQS); 610 611 if (soreadable(xprt->xp_socket)) 612 return (XPRT_MOREREQS); 613 614 return (XPRT_IDLE); 615 } 616 617 static bool_t 618 svc_vc_ack(SVCXPRT *xprt, uint32_t *ack) 619 { 620 621 *ack = atomic_load_acq_32(&xprt->xp_snt_cnt); 622 *ack -= sbused(&xprt->xp_socket->so_snd); 623 return (TRUE); 624 } 625 626 static enum xprt_stat 627 svc_vc_backchannel_stat(SVCXPRT *xprt) 628 { 629 struct cf_conn *cd; 630 631 cd = (struct cf_conn *)(xprt->xp_p1); 632 633 if (cd->mreq != NULL) 634 return (XPRT_MOREREQS); 635 636 return (XPRT_IDLE); 637 } 638 639 /* 640 * If we have an mbuf chain in cd->mpending, try to parse a record from it, 641 * leaving the result in cd->mreq. If we don't have a complete record, leave 642 * the partial result in cd->mreq and try to read more from the socket. 643 */ 644 static int 645 svc_vc_process_pending(SVCXPRT *xprt) 646 { 647 struct cf_conn *cd = (struct cf_conn *) xprt->xp_p1; 648 struct socket *so = xprt->xp_socket; 649 struct mbuf *m; 650 651 /* 652 * If cd->resid is non-zero, we have part of the 653 * record already, otherwise we are expecting a record 654 * marker. 655 */ 656 if (!cd->resid && cd->mpending) { 657 /* 658 * See if there is enough data buffered to 659 * make up a record marker. Make sure we can 660 * handle the case where the record marker is 661 * split across more than one mbuf. 662 */ 663 size_t n = 0; 664 uint32_t header; 665 666 m = cd->mpending; 667 while (n < sizeof(uint32_t) && m) { 668 n += m->m_len; 669 m = m->m_next; 670 } 671 if (n < sizeof(uint32_t)) { 672 so->so_rcv.sb_lowat = sizeof(uint32_t) - n; 673 return (FALSE); 674 } 675 m_copydata(cd->mpending, 0, sizeof(header), 676 (char *)&header); 677 header = ntohl(header); 678 cd->eor = (header & 0x80000000) != 0; 679 cd->resid = header & 0x7fffffff; 680 m_adj(cd->mpending, sizeof(uint32_t)); 681 } 682 683 /* 684 * Start pulling off mbufs from cd->mpending 685 * until we either have a complete record or 686 * we run out of data. We use m_split to pull 687 * data - it will pull as much as possible and 688 * split the last mbuf if necessary. 689 */ 690 while (cd->mpending && cd->resid) { 691 m = cd->mpending; 692 if (cd->mpending->m_next 693 || cd->mpending->m_len > cd->resid) 694 cd->mpending = m_split(cd->mpending, 695 cd->resid, M_WAITOK); 696 else 697 cd->mpending = NULL; 698 if (cd->mreq) 699 m_last(cd->mreq)->m_next = m; 700 else 701 cd->mreq = m; 702 while (m) { 703 cd->resid -= m->m_len; 704 m = m->m_next; 705 } 706 } 707 708 /* 709 * Block receive upcalls if we have more data pending, 710 * otherwise report our need. 711 */ 712 if (cd->mpending) 713 so->so_rcv.sb_lowat = INT_MAX; 714 else 715 so->so_rcv.sb_lowat = 716 imax(1, imin(cd->resid, so->so_rcv.sb_hiwat / 2)); 717 return (TRUE); 718 } 719 720 static bool_t 721 svc_vc_recv(SVCXPRT *xprt, struct rpc_msg *msg, 722 struct sockaddr **addrp, struct mbuf **mp) 723 { 724 struct cf_conn *cd = (struct cf_conn *) xprt->xp_p1; 725 struct uio uio; 726 struct mbuf *m, *ctrl; 727 struct socket* so = xprt->xp_socket; 728 XDR xdrs; 729 int error, rcvflag; 730 uint32_t reterr, xid_plus_direction[2]; 731 struct cmsghdr *cmsg; 732 struct tls_get_record tgr; 733 enum clnt_stat ret; 734 735 /* 736 * Serialise access to the socket and our own record parsing 737 * state. 738 */ 739 sx_xlock(&xprt->xp_lock); 740 741 for (;;) { 742 /* If we have no request ready, check pending queue. */ 743 while (cd->mpending && 744 (cd->mreq == NULL || cd->resid != 0 || !cd->eor)) { 745 if (!svc_vc_process_pending(xprt)) 746 break; 747 } 748 749 /* Process and return complete request in cd->mreq. */ 750 if (cd->mreq != NULL && cd->resid == 0 && cd->eor) { 751 752 /* 753 * Now, check for a backchannel reply. 754 * The XID is in the first uint32_t of the reply 755 * and the message direction is the second one. 756 */ 757 if ((cd->mreq->m_len >= sizeof(xid_plus_direction) || 758 m_length(cd->mreq, NULL) >= 759 sizeof(xid_plus_direction)) && 760 xprt->xp_p2 != NULL) { 761 m_copydata(cd->mreq, 0, 762 sizeof(xid_plus_direction), 763 (char *)xid_plus_direction); 764 xid_plus_direction[0] = 765 ntohl(xid_plus_direction[0]); 766 xid_plus_direction[1] = 767 ntohl(xid_plus_direction[1]); 768 /* Check message direction. */ 769 if (xid_plus_direction[1] == REPLY) { 770 clnt_bck_svccall(xprt->xp_p2, 771 cd->mreq, 772 xid_plus_direction[0]); 773 cd->mreq = NULL; 774 continue; 775 } 776 } 777 778 xdrmbuf_create(&xdrs, cd->mreq, XDR_DECODE); 779 cd->mreq = NULL; 780 781 /* Check for next request in a pending queue. */ 782 svc_vc_process_pending(xprt); 783 if (cd->mreq == NULL || cd->resid != 0) { 784 SOCK_RECVBUF_LOCK(so); 785 if (!soreadable(so)) 786 xprt_inactive_self(xprt); 787 SOCK_RECVBUF_UNLOCK(so); 788 } 789 790 sx_xunlock(&xprt->xp_lock); 791 792 if (! xdr_callmsg(&xdrs, msg)) { 793 XDR_DESTROY(&xdrs); 794 return (FALSE); 795 } 796 797 *addrp = NULL; 798 *mp = xdrmbuf_getall(&xdrs); 799 XDR_DESTROY(&xdrs); 800 801 return (TRUE); 802 } 803 804 /* 805 * If receiving is disabled so that a TLS handshake can be 806 * done by the rpctlssd daemon, return FALSE here. 807 */ 808 rcvflag = MSG_DONTWAIT; 809 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) 810 rcvflag |= MSG_TLSAPPDATA; 811 tryagain: 812 if (xprt->xp_dontrcv) { 813 sx_xunlock(&xprt->xp_lock); 814 return (FALSE); 815 } 816 817 /* 818 * The socket upcall calls xprt_active() which will eventually 819 * cause the server to call us here. We attempt to 820 * read as much as possible from the socket and put 821 * the result in cd->mpending. If the read fails, 822 * we have drained both cd->mpending and the socket so 823 * we can call xprt_inactive(). 824 */ 825 uio.uio_resid = 1000000000; 826 uio.uio_td = curthread; 827 ctrl = m = NULL; 828 error = soreceive(so, NULL, &uio, &m, &ctrl, &rcvflag); 829 830 if (error == EWOULDBLOCK) { 831 /* 832 * We must re-test for readability after 833 * taking the lock to protect us in the case 834 * where a new packet arrives on the socket 835 * after our call to soreceive fails with 836 * EWOULDBLOCK. 837 */ 838 SOCK_RECVBUF_LOCK(so); 839 if (!soreadable(so)) 840 xprt_inactive_self(xprt); 841 SOCK_RECVBUF_UNLOCK(so); 842 sx_xunlock(&xprt->xp_lock); 843 return (FALSE); 844 } 845 846 /* 847 * A return of ENXIO indicates that there is an 848 * alert record at the head of the 849 * socket's receive queue, for TLS connections. 850 * This record needs to be handled in userland 851 * via an SSL_read() call, so do an upcall to the daemon. 852 */ 853 KRPC_CURVNET_SET(so->so_vnet); 854 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0 && 855 error == ENXIO) { 856 KRPC_VNET(svc_vc_tls_alerts)++; 857 /* Disable reception. */ 858 xprt->xp_dontrcv = TRUE; 859 sx_xunlock(&xprt->xp_lock); 860 ret = rpctls_srv_handlerecord(so, &reterr); 861 KRPC_CURVNET_RESTORE(); 862 sx_xlock(&xprt->xp_lock); 863 xprt->xp_dontrcv = FALSE; 864 if (ret != RPC_SUCCESS || reterr != RPCTLSERR_OK) { 865 /* 866 * All we can do is soreceive() it and 867 * then toss it. 868 */ 869 rcvflag = MSG_DONTWAIT; 870 goto tryagain; 871 } 872 sx_xunlock(&xprt->xp_lock); 873 xprt_active(xprt); /* Harmless if already active. */ 874 return (FALSE); 875 } 876 877 if (error) { 878 KRPC_CURVNET_RESTORE(); 879 SOCK_RECVBUF_LOCK(so); 880 if (xprt->xp_upcallset) { 881 xprt->xp_upcallset = 0; 882 soupcall_clear(so, SO_RCV); 883 } 884 SOCK_RECVBUF_UNLOCK(so); 885 xprt_inactive_self(xprt); 886 cd->strm_stat = XPRT_DIED; 887 sx_xunlock(&xprt->xp_lock); 888 return (FALSE); 889 } 890 891 if (!m) { 892 KRPC_CURVNET_RESTORE(); 893 /* 894 * EOF - the other end has closed the socket. 895 */ 896 xprt_inactive_self(xprt); 897 cd->strm_stat = XPRT_DIED; 898 sx_xunlock(&xprt->xp_lock); 899 return (FALSE); 900 } 901 902 /* Process any record header(s). */ 903 if (ctrl != NULL) { 904 cmsg = mtod(ctrl, struct cmsghdr *); 905 if (cmsg->cmsg_type == TLS_GET_RECORD && 906 cmsg->cmsg_len == CMSG_LEN(sizeof(tgr))) { 907 memcpy(&tgr, CMSG_DATA(cmsg), sizeof(tgr)); 908 /* 909 * TLS_RLTYPE_ALERT records should be handled 910 * since soreceive() would have returned 911 * ENXIO. Just throw any other 912 * non-TLS_RLTYPE_APP records away. 913 */ 914 if (tgr.tls_type != TLS_RLTYPE_APP) { 915 m_freem(m); 916 m_free(ctrl); 917 rcvflag = MSG_DONTWAIT | MSG_TLSAPPDATA; 918 KRPC_CURVNET_RESTORE(); 919 goto tryagain; 920 } 921 KRPC_VNET(svc_vc_tls_rx_msgcnt)++; 922 KRPC_VNET(svc_vc_tls_rx_msgbytes) += 923 1000000000 - uio.uio_resid; 924 } 925 m_free(ctrl); 926 } else { 927 KRPC_VNET(svc_vc_rx_msgcnt)++; 928 KRPC_VNET(svc_vc_rx_msgbytes) += 1000000000 - 929 uio.uio_resid; 930 } 931 KRPC_CURVNET_RESTORE(); 932 933 if (cd->mpending) 934 m_last(cd->mpending)->m_next = m; 935 else 936 cd->mpending = m; 937 } 938 } 939 940 static bool_t 941 svc_vc_backchannel_recv(SVCXPRT *xprt, struct rpc_msg *msg, 942 struct sockaddr **addrp, struct mbuf **mp) 943 { 944 struct cf_conn *cd = (struct cf_conn *) xprt->xp_p1; 945 struct ct_data *ct; 946 struct mbuf *m; 947 XDR xdrs; 948 949 sx_xlock(&xprt->xp_lock); 950 ct = (struct ct_data *)xprt->xp_p2; 951 if (ct == NULL) { 952 sx_xunlock(&xprt->xp_lock); 953 return (FALSE); 954 } 955 mtx_lock(&ct->ct_lock); 956 m = cd->mreq; 957 if (m == NULL) { 958 xprt_inactive_self(xprt); 959 mtx_unlock(&ct->ct_lock); 960 sx_xunlock(&xprt->xp_lock); 961 return (FALSE); 962 } 963 cd->mreq = m->m_nextpkt; 964 mtx_unlock(&ct->ct_lock); 965 sx_xunlock(&xprt->xp_lock); 966 967 xdrmbuf_create(&xdrs, m, XDR_DECODE); 968 if (! xdr_callmsg(&xdrs, msg)) { 969 XDR_DESTROY(&xdrs); 970 return (FALSE); 971 } 972 *addrp = NULL; 973 *mp = xdrmbuf_getall(&xdrs); 974 XDR_DESTROY(&xdrs); 975 return (TRUE); 976 } 977 978 static bool_t 979 svc_vc_reply(SVCXPRT *xprt, struct rpc_msg *msg, 980 struct sockaddr *addr, struct mbuf *m, uint32_t *seq) 981 { 982 XDR xdrs; 983 struct mbuf *mrep; 984 bool_t stat = TRUE; 985 int error, len, maxextsiz; 986 #ifdef KERN_TLS 987 u_int maxlen; 988 #endif 989 990 /* 991 * Leave space for record mark. 992 */ 993 mrep = m_gethdr(M_WAITOK, MT_DATA); 994 mrep->m_data += sizeof(uint32_t); 995 996 xdrmbuf_create(&xdrs, mrep, XDR_ENCODE); 997 998 if (msg->rm_reply.rp_stat == MSG_ACCEPTED && 999 msg->rm_reply.rp_acpt.ar_stat == SUCCESS) { 1000 if (!xdr_replymsg(&xdrs, msg)) 1001 stat = FALSE; 1002 else 1003 (void)xdr_putmbuf(&xdrs, m); 1004 } else { 1005 stat = xdr_replymsg(&xdrs, msg); 1006 } 1007 1008 if (stat) { 1009 m_fixhdr(mrep); 1010 1011 /* 1012 * Prepend a record marker containing the reply length. 1013 */ 1014 M_PREPEND(mrep, sizeof(uint32_t), M_WAITOK); 1015 len = mrep->m_pkthdr.len; 1016 *mtod(mrep, uint32_t *) = 1017 htonl(0x80000000 | (len - sizeof(uint32_t))); 1018 1019 /* For RPC-over-TLS, copy mrep to a chain of ext_pgs. */ 1020 KRPC_CURVNET_SET(xprt->xp_socket->so_vnet); 1021 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) { 1022 /* 1023 * Copy the mbuf chain to a chain of 1024 * ext_pgs mbuf(s) as required by KERN_TLS. 1025 */ 1026 maxextsiz = TLS_MAX_MSG_SIZE_V10_2; 1027 #ifdef KERN_TLS 1028 if (rpctls_getinfo(&maxlen, false, false)) 1029 maxextsiz = min(maxextsiz, maxlen); 1030 #endif 1031 mrep = _rpc_copym_into_ext_pgs(mrep, maxextsiz); 1032 KRPC_VNET(svc_vc_tls_tx_msgcnt)++; 1033 KRPC_VNET(svc_vc_tls_tx_msgbytes) += len; 1034 } else { 1035 KRPC_VNET(svc_vc_tx_msgcnt)++; 1036 KRPC_VNET(svc_vc_tx_msgbytes) += len; 1037 } 1038 KRPC_CURVNET_RESTORE(); 1039 atomic_add_32(&xprt->xp_snd_cnt, len); 1040 /* 1041 * sosend consumes mreq. 1042 */ 1043 error = sosend(xprt->xp_socket, NULL, NULL, mrep, NULL, 1044 0, curthread); 1045 if (!error) { 1046 atomic_add_rel_32(&xprt->xp_snt_cnt, len); 1047 if (seq) 1048 *seq = xprt->xp_snd_cnt; 1049 stat = TRUE; 1050 } else 1051 atomic_subtract_32(&xprt->xp_snd_cnt, len); 1052 } else { 1053 m_freem(mrep); 1054 } 1055 1056 XDR_DESTROY(&xdrs); 1057 1058 return (stat); 1059 } 1060 1061 static bool_t 1062 svc_vc_backchannel_reply(SVCXPRT *xprt, struct rpc_msg *msg, 1063 struct sockaddr *addr, struct mbuf *m, uint32_t *seq) 1064 { 1065 struct ct_data *ct; 1066 XDR xdrs; 1067 struct mbuf *mrep; 1068 bool_t stat = TRUE; 1069 int error, maxextsiz; 1070 #ifdef KERN_TLS 1071 u_int maxlen; 1072 #endif 1073 1074 /* 1075 * Leave space for record mark. 1076 */ 1077 mrep = m_gethdr(M_WAITOK, MT_DATA); 1078 mrep->m_data += sizeof(uint32_t); 1079 1080 xdrmbuf_create(&xdrs, mrep, XDR_ENCODE); 1081 1082 if (msg->rm_reply.rp_stat == MSG_ACCEPTED && 1083 msg->rm_reply.rp_acpt.ar_stat == SUCCESS) { 1084 if (!xdr_replymsg(&xdrs, msg)) 1085 stat = FALSE; 1086 else 1087 (void)xdr_putmbuf(&xdrs, m); 1088 } else { 1089 stat = xdr_replymsg(&xdrs, msg); 1090 } 1091 1092 if (stat) { 1093 m_fixhdr(mrep); 1094 1095 /* 1096 * Prepend a record marker containing the reply length. 1097 */ 1098 M_PREPEND(mrep, sizeof(uint32_t), M_WAITOK); 1099 *mtod(mrep, uint32_t *) = 1100 htonl(0x80000000 | (mrep->m_pkthdr.len 1101 - sizeof(uint32_t))); 1102 1103 /* For RPC-over-TLS, copy mrep to a chain of ext_pgs. */ 1104 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) { 1105 /* 1106 * Copy the mbuf chain to a chain of 1107 * ext_pgs mbuf(s) as required by KERN_TLS. 1108 */ 1109 maxextsiz = TLS_MAX_MSG_SIZE_V10_2; 1110 #ifdef KERN_TLS 1111 if (rpctls_getinfo(&maxlen, false, false)) 1112 maxextsiz = min(maxextsiz, maxlen); 1113 #endif 1114 mrep = _rpc_copym_into_ext_pgs(mrep, maxextsiz); 1115 } 1116 sx_xlock(&xprt->xp_lock); 1117 ct = (struct ct_data *)xprt->xp_p2; 1118 if (ct != NULL) 1119 error = sosend(ct->ct_socket, NULL, NULL, mrep, NULL, 1120 0, curthread); 1121 else 1122 error = EPIPE; 1123 sx_xunlock(&xprt->xp_lock); 1124 if (!error) { 1125 stat = TRUE; 1126 } 1127 } else { 1128 m_freem(mrep); 1129 } 1130 1131 XDR_DESTROY(&xdrs); 1132 1133 return (stat); 1134 } 1135 1136 static bool_t 1137 svc_vc_null(void) 1138 { 1139 1140 return (FALSE); 1141 } 1142 1143 static int 1144 svc_vc_soupcall(struct socket *so, void *arg, int waitflag) 1145 { 1146 SVCXPRT *xprt = (SVCXPRT *) arg; 1147 1148 if (soreadable(xprt->xp_socket)) 1149 xprt_active(xprt); 1150 return (SU_OK); 1151 } 1152 1153 static int 1154 svc_vc_rendezvous_soupcall(struct socket *head, void *arg, int waitflag) 1155 { 1156 SVCXPRT *xprt = (SVCXPRT *) arg; 1157 1158 if (!TAILQ_EMPTY(&head->sol_comp)) 1159 xprt_active(xprt); 1160 return (SU_OK); 1161 } 1162 1163 #if 0 1164 /* 1165 * Get the effective UID of the sending process. Used by rpcbind, keyserv 1166 * and rpc.yppasswdd on AF_LOCAL. 1167 */ 1168 int 1169 __rpc_get_local_uid(SVCXPRT *transp, uid_t *uid) { 1170 int sock, ret; 1171 gid_t egid; 1172 uid_t euid; 1173 struct sockaddr *sa; 1174 1175 sock = transp->xp_fd; 1176 sa = (struct sockaddr *)transp->xp_rtaddr; 1177 if (sa->sa_family == AF_LOCAL) { 1178 ret = getpeereid(sock, &euid, &egid); 1179 if (ret == 0) 1180 *uid = euid; 1181 return (ret); 1182 } else 1183 return (-1); 1184 } 1185 #endif 1186