1 /* $NetBSD: svc_vc.c,v 1.7 2000/08/03 00:01:53 fvdl Exp $ */ 2 3 /*- 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 * Copyright (c) 2009, Sun Microsystems, Inc. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions are met: 11 * - Redistributions of source code must retain the above copyright notice, 12 * this list of conditions and the following disclaimer. 13 * - Redistributions in binary form must reproduce the above copyright notice, 14 * this list of conditions and the following disclaimer in the documentation 15 * and/or other materials provided with the distribution. 16 * - Neither the name of Sun Microsystems, Inc. nor the names of its 17 * contributors may be used to endorse or promote products derived 18 * from this software without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 24 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #include <sys/cdefs.h> 34 /* 35 * svc_vc.c, Server side for Connection Oriented based RPC. 36 * 37 * Actually implements two flavors of transporter - 38 * a tcp rendezvouser (a listener and connection establisher) 39 * and a record/tcp stream. 40 */ 41 42 #include "opt_kern_tls.h" 43 44 #include <sys/param.h> 45 #include <sys/limits.h> 46 #include <sys/lock.h> 47 #include <sys/kernel.h> 48 #include <sys/ktls.h> 49 #include <sys/malloc.h> 50 #include <sys/mbuf.h> 51 #include <sys/mutex.h> 52 #include <sys/proc.h> 53 #include <sys/protosw.h> 54 #include <sys/queue.h> 55 #include <sys/socket.h> 56 #include <sys/socketvar.h> 57 #include <sys/sx.h> 58 #include <sys/systm.h> 59 #include <sys/uio.h> 60 61 #include <net/vnet.h> 62 63 #include <netinet/tcp.h> 64 65 #include <rpc/rpc.h> 66 #include <rpc/rpcsec_tls.h> 67 68 #include <rpc/krpc.h> 69 #include <rpc/rpc_com.h> 70 71 #include <security/mac/mac_framework.h> 72 73 SYSCTL_NODE(_kern, OID_AUTO, rpc, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 74 "RPC"); 75 SYSCTL_NODE(_kern_rpc, OID_AUTO, tls, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 76 "TLS"); 77 SYSCTL_NODE(_kern_rpc, OID_AUTO, unenc, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 78 "unencrypted"); 79 80 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_rx_msgbytes) = 0; 81 SYSCTL_U64(_kern_rpc_unenc, OID_AUTO, rx_msgbytes, CTLFLAG_KRPC_VNET | CTLFLAG_RW, 82 &KRPC_VNET_NAME(svc_vc_rx_msgbytes), 0, "Count of non-TLS rx bytes"); 83 84 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_rx_msgcnt) = 0; 85 SYSCTL_U64(_kern_rpc_unenc, OID_AUTO, rx_msgcnt, CTLFLAG_KRPC_VNET | CTLFLAG_RW, 86 &KRPC_VNET_NAME(svc_vc_rx_msgcnt), 0, "Count of non-TLS rx messages"); 87 88 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tx_msgbytes) = 0; 89 SYSCTL_U64(_kern_rpc_unenc, OID_AUTO, tx_msgbytes, CTLFLAG_KRPC_VNET | CTLFLAG_RW, 90 &KRPC_VNET_NAME(svc_vc_tx_msgbytes), 0, "Count of non-TLS tx bytes"); 91 92 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tx_msgcnt) = 0; 93 SYSCTL_U64(_kern_rpc_unenc, OID_AUTO, tx_msgcnt, CTLFLAG_KRPC_VNET | CTLFLAG_RW, 94 &KRPC_VNET_NAME(svc_vc_tx_msgcnt), 0, "Count of non-TLS tx messages"); 95 96 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_alerts) = 0; 97 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, alerts, 98 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_alerts), 0, 99 "Count of TLS alert messages"); 100 101 KRPC_VNET_DEFINE(uint64_t, svc_vc_tls_handshake_failed) = 0; 102 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, handshake_failed, 103 CTLFLAG_KRPC_VNET | CTLFLAG_RW, 104 &KRPC_VNET_NAME(svc_vc_tls_handshake_failed), 0, 105 "Count of TLS failed handshakes"); 106 107 KRPC_VNET_DEFINE(uint64_t, svc_vc_tls_handshake_success) = 0; 108 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, handshake_success, 109 CTLFLAG_KRPC_VNET | CTLFLAG_RW, 110 &KRPC_VNET_NAME(svc_vc_tls_handshake_success), 0, 111 "Count of TLS successful handshakes"); 112 113 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_rx_msgbytes) = 0; 114 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, rx_msgbytes, 115 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_rx_msgbytes), 0, 116 "Count of TLS rx bytes"); 117 118 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_rx_msgcnt) = 0; 119 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, rx_msgcnt, 120 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_rx_msgcnt), 0, 121 "Count of TLS rx messages"); 122 123 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_tx_msgbytes) = 0; 124 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, tx_msgbytes, 125 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_tx_msgbytes), 0, 126 "Count of TLS tx bytes"); 127 128 KRPC_VNET_DEFINE_STATIC(uint64_t, svc_vc_tls_tx_msgcnt) = 0; 129 SYSCTL_U64(_kern_rpc_tls, OID_AUTO, tx_msgcnt, 130 CTLFLAG_KRPC_VNET | CTLFLAG_RW, &KRPC_VNET_NAME(svc_vc_tls_tx_msgcnt), 0, 131 "Count of TLS tx messages"); 132 133 static bool_t svc_vc_rendezvous_recv(SVCXPRT *, struct rpc_msg *, 134 struct sockaddr **, struct mbuf **); 135 static enum xprt_stat svc_vc_rendezvous_stat(SVCXPRT *); 136 static void svc_vc_rendezvous_destroy(SVCXPRT *); 137 static bool_t svc_vc_null(void); 138 static void svc_vc_destroy(SVCXPRT *); 139 static enum xprt_stat svc_vc_stat(SVCXPRT *); 140 static bool_t svc_vc_ack(SVCXPRT *, uint32_t *); 141 static bool_t svc_vc_recv(SVCXPRT *, struct rpc_msg *, 142 struct sockaddr **, struct mbuf **); 143 static bool_t svc_vc_reply(SVCXPRT *, struct rpc_msg *, 144 struct sockaddr *, struct mbuf *, uint32_t *seq); 145 static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in); 146 static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq, 147 void *in); 148 static void svc_vc_backchannel_destroy(SVCXPRT *); 149 static enum xprt_stat svc_vc_backchannel_stat(SVCXPRT *); 150 static bool_t svc_vc_backchannel_recv(SVCXPRT *, struct rpc_msg *, 151 struct sockaddr **, struct mbuf **); 152 static bool_t svc_vc_backchannel_reply(SVCXPRT *, struct rpc_msg *, 153 struct sockaddr *, struct mbuf *, uint32_t *); 154 static bool_t svc_vc_backchannel_control(SVCXPRT *xprt, const u_int rq, 155 void *in); 156 static SVCXPRT *svc_vc_create_conn(SVCPOOL *pool, struct socket *so, 157 struct sockaddr *raddr); 158 static int svc_vc_accept(struct socket *head, struct socket **sop); 159 static int svc_vc_soupcall(struct socket *so, void *arg, int waitflag); 160 static int svc_vc_rendezvous_soupcall(struct socket *, void *, int); 161 162 static const struct xp_ops svc_vc_rendezvous_ops = { 163 .xp_recv = svc_vc_rendezvous_recv, 164 .xp_stat = svc_vc_rendezvous_stat, 165 .xp_reply = (bool_t (*)(SVCXPRT *, struct rpc_msg *, 166 struct sockaddr *, struct mbuf *, uint32_t *))svc_vc_null, 167 .xp_destroy = svc_vc_rendezvous_destroy, 168 .xp_control = svc_vc_rendezvous_control 169 }; 170 171 static const struct xp_ops svc_vc_ops = { 172 .xp_recv = svc_vc_recv, 173 .xp_stat = svc_vc_stat, 174 .xp_ack = svc_vc_ack, 175 .xp_reply = svc_vc_reply, 176 .xp_destroy = svc_vc_destroy, 177 .xp_control = svc_vc_control 178 }; 179 180 static const struct xp_ops svc_vc_backchannel_ops = { 181 .xp_recv = svc_vc_backchannel_recv, 182 .xp_stat = svc_vc_backchannel_stat, 183 .xp_reply = svc_vc_backchannel_reply, 184 .xp_destroy = svc_vc_backchannel_destroy, 185 .xp_control = svc_vc_backchannel_control 186 }; 187 188 /* 189 * Usage: 190 * xprt = svc_vc_create(sock, send_buf_size, recv_buf_size); 191 * 192 * Creates, registers, and returns a (rpc) tcp based transporter. 193 * Once *xprt is initialized, it is registered as a transporter 194 * see (svc.h, xprt_register). This routine returns 195 * a NULL if a problem occurred. 196 * 197 * The filedescriptor passed in is expected to refer to a bound, but 198 * not yet connected socket. 199 * 200 * Since streams do buffered io similar to stdio, the caller can specify 201 * how big the send and receive buffers are via the second and third parms; 202 * 0 => use the system default. 203 */ 204 SVCXPRT * 205 svc_vc_create(SVCPOOL *pool, struct socket *so, size_t sendsize, 206 size_t recvsize) 207 { 208 SVCXPRT *xprt; 209 int error; 210 211 SOCK_LOCK(so); 212 if (so->so_state & (SS_ISCONNECTED|SS_ISDISCONNECTED)) { 213 struct sockaddr_storage ss = { .ss_len = sizeof(ss) }; 214 215 SOCK_UNLOCK(so); 216 error = sopeeraddr(so, (struct sockaddr *)&ss); 217 if (error) 218 return (NULL); 219 xprt = svc_vc_create_conn(pool, so, (struct sockaddr *)&ss); 220 return (xprt); 221 } 222 SOCK_UNLOCK(so); 223 224 xprt = svc_xprt_alloc(); 225 sx_init(&xprt->xp_lock, "xprt->xp_lock"); 226 xprt->xp_pool = pool; 227 xprt->xp_socket = so; 228 xprt->xp_p1 = NULL; 229 xprt->xp_p2 = NULL; 230 xprt->xp_ops = &svc_vc_rendezvous_ops; 231 232 xprt->xp_ltaddr.ss_len = sizeof(xprt->xp_ltaddr); 233 error = sosockaddr(so, (struct sockaddr *)&xprt->xp_ltaddr); 234 if (error) { 235 goto cleanup_svc_vc_create; 236 } 237 238 xprt_register(xprt); 239 240 solisten(so, -1, curthread); 241 242 SOLISTEN_LOCK(so); 243 xprt->xp_upcallset = 1; 244 solisten_upcall_set(so, svc_vc_rendezvous_soupcall, xprt); 245 SOLISTEN_UNLOCK(so); 246 247 return (xprt); 248 249 cleanup_svc_vc_create: 250 sx_destroy(&xprt->xp_lock); 251 svc_xprt_free(xprt); 252 253 return (NULL); 254 } 255 256 /* 257 * Create a new transport for a socket optained via soaccept(). 258 */ 259 SVCXPRT * 260 svc_vc_create_conn(SVCPOOL *pool, struct socket *so, struct sockaddr *raddr) 261 { 262 SVCXPRT *xprt; 263 struct cf_conn *cd; 264 struct sockopt opt; 265 int one = 1; 266 int error; 267 268 bzero(&opt, sizeof(struct sockopt)); 269 opt.sopt_dir = SOPT_SET; 270 opt.sopt_level = SOL_SOCKET; 271 opt.sopt_name = SO_KEEPALIVE; 272 opt.sopt_val = &one; 273 opt.sopt_valsize = sizeof(one); 274 error = sosetopt(so, &opt); 275 if (error) { 276 return (NULL); 277 } 278 279 if (so->so_proto->pr_protocol == IPPROTO_TCP) { 280 bzero(&opt, sizeof(struct sockopt)); 281 opt.sopt_dir = SOPT_SET; 282 opt.sopt_level = IPPROTO_TCP; 283 opt.sopt_name = TCP_NODELAY; 284 opt.sopt_val = &one; 285 opt.sopt_valsize = sizeof(one); 286 error = sosetopt(so, &opt); 287 if (error) { 288 return (NULL); 289 } 290 } 291 292 cd = mem_alloc(sizeof(*cd)); 293 cd->strm_stat = XPRT_IDLE; 294 295 xprt = svc_xprt_alloc(); 296 sx_init(&xprt->xp_lock, "xprt->xp_lock"); 297 xprt->xp_pool = pool; 298 xprt->xp_socket = so; 299 xprt->xp_p1 = cd; 300 xprt->xp_p2 = NULL; 301 xprt->xp_ops = &svc_vc_ops; 302 303 /* 304 * See http://www.connectathon.org/talks96/nfstcp.pdf - client 305 * has a 5 minute timer, server has a 6 minute timer. 306 */ 307 xprt->xp_idletimeout = 6 * 60; 308 309 memcpy(&xprt->xp_rtaddr, raddr, raddr->sa_len); 310 311 xprt->xp_ltaddr.ss_len = sizeof(xprt->xp_ltaddr); 312 error = sosockaddr(so, (struct sockaddr *)&xprt->xp_ltaddr); 313 if (error) 314 goto cleanup_svc_vc_create; 315 316 xprt_register(xprt); 317 318 SOCK_RECVBUF_LOCK(so); 319 xprt->xp_upcallset = 1; 320 soupcall_set(so, SO_RCV, svc_vc_soupcall, xprt); 321 SOCK_RECVBUF_UNLOCK(so); 322 323 /* 324 * Throw the transport into the active list in case it already 325 * has some data buffered. 326 */ 327 sx_xlock(&xprt->xp_lock); 328 xprt_active(xprt); 329 sx_xunlock(&xprt->xp_lock); 330 331 return (xprt); 332 cleanup_svc_vc_create: 333 sx_destroy(&xprt->xp_lock); 334 svc_xprt_free(xprt); 335 mem_free(cd, sizeof(*cd)); 336 337 return (NULL); 338 } 339 340 /* 341 * Create a new transport for a backchannel on a clnt_vc socket. 342 */ 343 SVCXPRT * 344 svc_vc_create_backchannel(SVCPOOL *pool) 345 { 346 SVCXPRT *xprt = NULL; 347 struct cf_conn *cd = NULL; 348 349 cd = mem_alloc(sizeof(*cd)); 350 cd->strm_stat = XPRT_IDLE; 351 352 xprt = svc_xprt_alloc(); 353 sx_init(&xprt->xp_lock, "xprt->xp_lock"); 354 xprt->xp_pool = pool; 355 xprt->xp_socket = NULL; 356 xprt->xp_p1 = cd; 357 xprt->xp_p2 = NULL; 358 xprt->xp_ops = &svc_vc_backchannel_ops; 359 return (xprt); 360 } 361 362 /* 363 * This does all of the accept except the final call to soaccept. The 364 * caller will call soaccept after dropping its locks (soaccept may 365 * call malloc). 366 */ 367 int 368 svc_vc_accept(struct socket *head, struct socket **sop) 369 { 370 struct socket *so; 371 int error = 0; 372 short nbio; 373 374 KASSERT(SOLISTENING(head), 375 ("%s: socket %p is not listening", __func__, head)); 376 377 #ifdef MAC 378 error = mac_socket_check_accept(curthread->td_ucred, head); 379 if (error != 0) 380 goto done; 381 #endif 382 /* 383 * XXXGL: we want non-blocking semantics. The socket could be a 384 * socket created by kernel as well as socket shared with userland, 385 * so we can't be sure about presense of SS_NBIO. We also shall not 386 * toggle it on the socket, since that may surprise userland. So we 387 * set SS_NBIO only temporarily. 388 */ 389 SOLISTEN_LOCK(head); 390 nbio = head->so_state & SS_NBIO; 391 head->so_state |= SS_NBIO; 392 error = solisten_dequeue(head, &so, 0); 393 head->so_state &= (nbio & ~SS_NBIO); 394 if (error) 395 goto done; 396 397 so->so_state |= nbio; 398 *sop = so; 399 400 /* connection has been removed from the listen queue */ 401 KNOTE_UNLOCKED(&head->so_rdsel.si_note, 0); 402 done: 403 return (error); 404 } 405 406 /*ARGSUSED*/ 407 static bool_t 408 svc_vc_rendezvous_recv(SVCXPRT *xprt, struct rpc_msg *msg, 409 struct sockaddr **addrp, struct mbuf **mp) 410 { 411 struct socket *so = NULL; 412 struct sockaddr_storage ss = { .ss_len = sizeof(ss) }; 413 int error; 414 SVCXPRT *new_xprt; 415 416 /* 417 * The socket upcall calls xprt_active() which will eventually 418 * cause the server to call us here. We attempt to accept a 419 * connection from the socket and turn it into a new 420 * transport. If the accept fails, we have drained all pending 421 * connections so we call xprt_inactive(). 422 */ 423 sx_xlock(&xprt->xp_lock); 424 425 error = svc_vc_accept(xprt->xp_socket, &so); 426 427 if (error == EWOULDBLOCK) { 428 /* 429 * We must re-test for new connections after taking 430 * the lock to protect us in the case where a new 431 * connection arrives after our call to accept fails 432 * with EWOULDBLOCK. 433 */ 434 SOLISTEN_LOCK(xprt->xp_socket); 435 if (TAILQ_EMPTY(&xprt->xp_socket->sol_comp)) 436 xprt_inactive_self(xprt); 437 SOLISTEN_UNLOCK(xprt->xp_socket); 438 sx_xunlock(&xprt->xp_lock); 439 return (FALSE); 440 } 441 442 if (error) { 443 SOLISTEN_LOCK(xprt->xp_socket); 444 if (xprt->xp_upcallset) { 445 xprt->xp_upcallset = 0; 446 soupcall_clear(xprt->xp_socket, SO_RCV); 447 } 448 SOLISTEN_UNLOCK(xprt->xp_socket); 449 xprt_inactive_self(xprt); 450 sx_xunlock(&xprt->xp_lock); 451 return (FALSE); 452 } 453 454 sx_xunlock(&xprt->xp_lock); 455 456 error = soaccept(so, (struct sockaddr *)&ss); 457 458 if (error) { 459 /* 460 * XXX not sure if I need to call sofree or soclose here. 461 */ 462 return (FALSE); 463 } 464 465 /* 466 * svc_vc_create_conn will call xprt_register - we don't need 467 * to do anything with the new connection except derefence it. 468 */ 469 new_xprt = svc_vc_create_conn(xprt->xp_pool, so, 470 (struct sockaddr *)&ss); 471 if (!new_xprt) { 472 soclose(so); 473 } else { 474 SVC_RELEASE(new_xprt); 475 } 476 477 return (FALSE); /* there is never an rpc msg to be processed */ 478 } 479 480 /*ARGSUSED*/ 481 static enum xprt_stat 482 svc_vc_rendezvous_stat(SVCXPRT *xprt) 483 { 484 485 return (XPRT_IDLE); 486 } 487 488 static void 489 svc_vc_destroy_common(SVCXPRT *xprt) 490 { 491 uint32_t reterr; 492 493 if (xprt->xp_socket) { 494 if ((xprt->xp_tls & (RPCTLS_FLAGS_HANDSHAKE | 495 RPCTLS_FLAGS_HANDSHFAIL)) != 0) { 496 CURVNET_SET(xprt->xp_socket->so_vnet); 497 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) { 498 /* 499 * If the upcall fails, the socket has 500 * probably been closed via the rpctlssd 501 * daemon having crashed or been 502 * restarted, so just ignore returned stat. 503 */ 504 rpctls_srv_disconnect(xprt->xp_socket, &reterr); 505 } 506 /* Must sorele() to get rid of reference. */ 507 sorele(xprt->xp_socket); 508 CURVNET_RESTORE(); 509 } else 510 (void)soclose(xprt->xp_socket); 511 } 512 513 if (xprt->xp_netid) 514 (void) mem_free(xprt->xp_netid, strlen(xprt->xp_netid) + 1); 515 svc_xprt_free(xprt); 516 } 517 518 static void 519 svc_vc_rendezvous_destroy(SVCXPRT *xprt) 520 { 521 522 SOLISTEN_LOCK(xprt->xp_socket); 523 if (xprt->xp_upcallset) { 524 xprt->xp_upcallset = 0; 525 solisten_upcall_set(xprt->xp_socket, NULL, NULL); 526 } 527 SOLISTEN_UNLOCK(xprt->xp_socket); 528 529 svc_vc_destroy_common(xprt); 530 } 531 532 static void 533 svc_vc_destroy(SVCXPRT *xprt) 534 { 535 struct cf_conn *cd = (struct cf_conn *)xprt->xp_p1; 536 CLIENT *cl = (CLIENT *)xprt->xp_p2; 537 538 SOCK_RECVBUF_LOCK(xprt->xp_socket); 539 if (xprt->xp_upcallset) { 540 xprt->xp_upcallset = 0; 541 if (xprt->xp_socket->so_rcv.sb_upcall != NULL) 542 soupcall_clear(xprt->xp_socket, SO_RCV); 543 } 544 SOCK_RECVBUF_UNLOCK(xprt->xp_socket); 545 546 if (cl != NULL) 547 CLNT_RELEASE(cl); 548 549 svc_vc_destroy_common(xprt); 550 551 if (cd->mreq) 552 m_freem(cd->mreq); 553 if (cd->mpending) 554 m_freem(cd->mpending); 555 mem_free(cd, sizeof(*cd)); 556 } 557 558 static void 559 svc_vc_backchannel_destroy(SVCXPRT *xprt) 560 { 561 struct cf_conn *cd = (struct cf_conn *)xprt->xp_p1; 562 struct mbuf *m, *m2; 563 564 svc_xprt_free(xprt); 565 m = cd->mreq; 566 while (m != NULL) { 567 m2 = m; 568 m = m->m_nextpkt; 569 m_freem(m2); 570 } 571 mem_free(cd, sizeof(*cd)); 572 } 573 574 /*ARGSUSED*/ 575 static bool_t 576 svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in) 577 { 578 return (FALSE); 579 } 580 581 static bool_t 582 svc_vc_rendezvous_control(SVCXPRT *xprt, const u_int rq, void *in) 583 { 584 585 return (FALSE); 586 } 587 588 static bool_t 589 svc_vc_backchannel_control(SVCXPRT *xprt, const u_int rq, void *in) 590 { 591 592 return (FALSE); 593 } 594 595 static enum xprt_stat 596 svc_vc_stat(SVCXPRT *xprt) 597 { 598 struct cf_conn *cd; 599 600 cd = (struct cf_conn *)(xprt->xp_p1); 601 602 if (cd->strm_stat == XPRT_DIED) 603 return (XPRT_DIED); 604 605 if (cd->mreq != NULL && cd->resid == 0 && cd->eor) 606 return (XPRT_MOREREQS); 607 608 if (soreadable(xprt->xp_socket)) 609 return (XPRT_MOREREQS); 610 611 return (XPRT_IDLE); 612 } 613 614 static bool_t 615 svc_vc_ack(SVCXPRT *xprt, uint32_t *ack) 616 { 617 618 *ack = atomic_load_acq_32(&xprt->xp_snt_cnt); 619 *ack -= sbused(&xprt->xp_socket->so_snd); 620 return (TRUE); 621 } 622 623 static enum xprt_stat 624 svc_vc_backchannel_stat(SVCXPRT *xprt) 625 { 626 struct cf_conn *cd; 627 628 cd = (struct cf_conn *)(xprt->xp_p1); 629 630 if (cd->mreq != NULL) 631 return (XPRT_MOREREQS); 632 633 return (XPRT_IDLE); 634 } 635 636 /* 637 * If we have an mbuf chain in cd->mpending, try to parse a record from it, 638 * leaving the result in cd->mreq. If we don't have a complete record, leave 639 * the partial result in cd->mreq and try to read more from the socket. 640 */ 641 static int 642 svc_vc_process_pending(SVCXPRT *xprt) 643 { 644 struct cf_conn *cd = (struct cf_conn *) xprt->xp_p1; 645 struct socket *so = xprt->xp_socket; 646 struct mbuf *m; 647 648 /* 649 * If cd->resid is non-zero, we have part of the 650 * record already, otherwise we are expecting a record 651 * marker. 652 */ 653 if (!cd->resid && cd->mpending) { 654 /* 655 * See if there is enough data buffered to 656 * make up a record marker. Make sure we can 657 * handle the case where the record marker is 658 * split across more than one mbuf. 659 */ 660 size_t n = 0; 661 uint32_t header; 662 663 m = cd->mpending; 664 while (n < sizeof(uint32_t) && m) { 665 n += m->m_len; 666 m = m->m_next; 667 } 668 if (n < sizeof(uint32_t)) { 669 so->so_rcv.sb_lowat = sizeof(uint32_t) - n; 670 return (FALSE); 671 } 672 m_copydata(cd->mpending, 0, sizeof(header), 673 (char *)&header); 674 header = ntohl(header); 675 cd->eor = (header & 0x80000000) != 0; 676 cd->resid = header & 0x7fffffff; 677 m_adj(cd->mpending, sizeof(uint32_t)); 678 } 679 680 /* 681 * Start pulling off mbufs from cd->mpending 682 * until we either have a complete record or 683 * we run out of data. We use m_split to pull 684 * data - it will pull as much as possible and 685 * split the last mbuf if necessary. 686 */ 687 while (cd->mpending && cd->resid) { 688 m = cd->mpending; 689 if (cd->mpending->m_next 690 || cd->mpending->m_len > cd->resid) 691 cd->mpending = m_split(cd->mpending, 692 cd->resid, M_WAITOK); 693 else 694 cd->mpending = NULL; 695 if (cd->mreq) 696 m_last(cd->mreq)->m_next = m; 697 else 698 cd->mreq = m; 699 while (m) { 700 cd->resid -= m->m_len; 701 m = m->m_next; 702 } 703 } 704 705 /* 706 * Block receive upcalls if we have more data pending, 707 * otherwise report our need. 708 */ 709 if (cd->mpending) 710 so->so_rcv.sb_lowat = INT_MAX; 711 else 712 so->so_rcv.sb_lowat = 713 imax(1, imin(cd->resid, so->so_rcv.sb_hiwat / 2)); 714 return (TRUE); 715 } 716 717 static bool_t 718 svc_vc_recv(SVCXPRT *xprt, struct rpc_msg *msg, 719 struct sockaddr **addrp, struct mbuf **mp) 720 { 721 struct cf_conn *cd = (struct cf_conn *) xprt->xp_p1; 722 struct uio uio; 723 struct mbuf *m, *ctrl; 724 struct socket* so = xprt->xp_socket; 725 XDR xdrs; 726 int error, rcvflag; 727 uint32_t reterr, xid_plus_direction[2]; 728 struct cmsghdr *cmsg; 729 struct tls_get_record tgr; 730 enum clnt_stat ret; 731 732 /* 733 * Serialise access to the socket and our own record parsing 734 * state. 735 */ 736 sx_xlock(&xprt->xp_lock); 737 738 for (;;) { 739 /* If we have no request ready, check pending queue. */ 740 while (cd->mpending && 741 (cd->mreq == NULL || cd->resid != 0 || !cd->eor)) { 742 if (!svc_vc_process_pending(xprt)) 743 break; 744 } 745 746 /* Process and return complete request in cd->mreq. */ 747 if (cd->mreq != NULL && cd->resid == 0 && cd->eor) { 748 749 /* 750 * Now, check for a backchannel reply. 751 * The XID is in the first uint32_t of the reply 752 * and the message direction is the second one. 753 */ 754 if ((cd->mreq->m_len >= sizeof(xid_plus_direction) || 755 m_length(cd->mreq, NULL) >= 756 sizeof(xid_plus_direction)) && 757 xprt->xp_p2 != NULL) { 758 m_copydata(cd->mreq, 0, 759 sizeof(xid_plus_direction), 760 (char *)xid_plus_direction); 761 xid_plus_direction[0] = 762 ntohl(xid_plus_direction[0]); 763 xid_plus_direction[1] = 764 ntohl(xid_plus_direction[1]); 765 /* Check message direction. */ 766 if (xid_plus_direction[1] == REPLY) { 767 clnt_bck_svccall(xprt->xp_p2, 768 cd->mreq, 769 xid_plus_direction[0]); 770 cd->mreq = NULL; 771 continue; 772 } 773 } 774 775 xdrmbuf_create(&xdrs, cd->mreq, XDR_DECODE); 776 cd->mreq = NULL; 777 778 /* Check for next request in a pending queue. */ 779 svc_vc_process_pending(xprt); 780 if (cd->mreq == NULL || cd->resid != 0) { 781 SOCK_RECVBUF_LOCK(so); 782 if (!soreadable(so)) 783 xprt_inactive_self(xprt); 784 SOCK_RECVBUF_UNLOCK(so); 785 } 786 787 sx_xunlock(&xprt->xp_lock); 788 789 if (! xdr_callmsg(&xdrs, msg)) { 790 XDR_DESTROY(&xdrs); 791 return (FALSE); 792 } 793 794 *addrp = NULL; 795 *mp = xdrmbuf_getall(&xdrs); 796 XDR_DESTROY(&xdrs); 797 798 return (TRUE); 799 } 800 801 /* 802 * If receiving is disabled so that a TLS handshake can be 803 * done by the rpctlssd daemon, return FALSE here. 804 */ 805 rcvflag = MSG_DONTWAIT; 806 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) 807 rcvflag |= MSG_TLSAPPDATA; 808 tryagain: 809 if (xprt->xp_dontrcv) { 810 sx_xunlock(&xprt->xp_lock); 811 return (FALSE); 812 } 813 814 /* 815 * The socket upcall calls xprt_active() which will eventually 816 * cause the server to call us here. We attempt to 817 * read as much as possible from the socket and put 818 * the result in cd->mpending. If the read fails, 819 * we have drained both cd->mpending and the socket so 820 * we can call xprt_inactive(). 821 */ 822 uio.uio_resid = 1000000000; 823 uio.uio_td = curthread; 824 ctrl = m = NULL; 825 error = soreceive(so, NULL, &uio, &m, &ctrl, &rcvflag); 826 827 if (error == EWOULDBLOCK) { 828 /* 829 * We must re-test for readability after 830 * taking the lock to protect us in the case 831 * where a new packet arrives on the socket 832 * after our call to soreceive fails with 833 * EWOULDBLOCK. 834 */ 835 SOCK_RECVBUF_LOCK(so); 836 if (!soreadable(so)) 837 xprt_inactive_self(xprt); 838 SOCK_RECVBUF_UNLOCK(so); 839 sx_xunlock(&xprt->xp_lock); 840 return (FALSE); 841 } 842 843 /* 844 * A return of ENXIO indicates that there is an 845 * alert record at the head of the 846 * socket's receive queue, for TLS connections. 847 * This record needs to be handled in userland 848 * via an SSL_read() call, so do an upcall to the daemon. 849 */ 850 KRPC_CURVNET_SET(so->so_vnet); 851 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0 && 852 error == ENXIO) { 853 KRPC_VNET(svc_vc_tls_alerts)++; 854 /* Disable reception. */ 855 xprt->xp_dontrcv = TRUE; 856 sx_xunlock(&xprt->xp_lock); 857 ret = rpctls_srv_handlerecord(so, &reterr); 858 KRPC_CURVNET_RESTORE(); 859 sx_xlock(&xprt->xp_lock); 860 xprt->xp_dontrcv = FALSE; 861 if (ret != RPC_SUCCESS || reterr != RPCTLSERR_OK) { 862 /* 863 * All we can do is soreceive() it and 864 * then toss it. 865 */ 866 rcvflag = MSG_DONTWAIT; 867 goto tryagain; 868 } 869 sx_xunlock(&xprt->xp_lock); 870 xprt_active(xprt); /* Harmless if already active. */ 871 return (FALSE); 872 } 873 874 if (error) { 875 KRPC_CURVNET_RESTORE(); 876 SOCK_RECVBUF_LOCK(so); 877 if (xprt->xp_upcallset) { 878 xprt->xp_upcallset = 0; 879 soupcall_clear(so, SO_RCV); 880 } 881 SOCK_RECVBUF_UNLOCK(so); 882 xprt_inactive_self(xprt); 883 cd->strm_stat = XPRT_DIED; 884 sx_xunlock(&xprt->xp_lock); 885 return (FALSE); 886 } 887 888 if (!m) { 889 KRPC_CURVNET_RESTORE(); 890 /* 891 * EOF - the other end has closed the socket. 892 */ 893 xprt_inactive_self(xprt); 894 cd->strm_stat = XPRT_DIED; 895 sx_xunlock(&xprt->xp_lock); 896 return (FALSE); 897 } 898 899 /* Process any record header(s). */ 900 if (ctrl != NULL) { 901 cmsg = mtod(ctrl, struct cmsghdr *); 902 if (cmsg->cmsg_type == TLS_GET_RECORD && 903 cmsg->cmsg_len == CMSG_LEN(sizeof(tgr))) { 904 memcpy(&tgr, CMSG_DATA(cmsg), sizeof(tgr)); 905 /* 906 * TLS_RLTYPE_ALERT records should be handled 907 * since soreceive() would have returned 908 * ENXIO. Just throw any other 909 * non-TLS_RLTYPE_APP records away. 910 */ 911 if (tgr.tls_type != TLS_RLTYPE_APP) { 912 m_freem(m); 913 m_free(ctrl); 914 rcvflag = MSG_DONTWAIT | MSG_TLSAPPDATA; 915 KRPC_CURVNET_RESTORE(); 916 goto tryagain; 917 } 918 KRPC_VNET(svc_vc_tls_rx_msgcnt)++; 919 KRPC_VNET(svc_vc_tls_rx_msgbytes) += 920 1000000000 - uio.uio_resid; 921 } 922 m_free(ctrl); 923 } else { 924 KRPC_VNET(svc_vc_rx_msgcnt)++; 925 KRPC_VNET(svc_vc_rx_msgbytes) += 1000000000 - 926 uio.uio_resid; 927 } 928 KRPC_CURVNET_RESTORE(); 929 930 if (cd->mpending) 931 m_last(cd->mpending)->m_next = m; 932 else 933 cd->mpending = m; 934 } 935 } 936 937 static bool_t 938 svc_vc_backchannel_recv(SVCXPRT *xprt, struct rpc_msg *msg, 939 struct sockaddr **addrp, struct mbuf **mp) 940 { 941 struct cf_conn *cd = (struct cf_conn *) xprt->xp_p1; 942 struct ct_data *ct; 943 struct mbuf *m; 944 XDR xdrs; 945 946 sx_xlock(&xprt->xp_lock); 947 ct = (struct ct_data *)xprt->xp_p2; 948 if (ct == NULL) { 949 sx_xunlock(&xprt->xp_lock); 950 return (FALSE); 951 } 952 mtx_lock(&ct->ct_lock); 953 m = cd->mreq; 954 if (m == NULL) { 955 xprt_inactive_self(xprt); 956 mtx_unlock(&ct->ct_lock); 957 sx_xunlock(&xprt->xp_lock); 958 return (FALSE); 959 } 960 cd->mreq = m->m_nextpkt; 961 mtx_unlock(&ct->ct_lock); 962 sx_xunlock(&xprt->xp_lock); 963 964 xdrmbuf_create(&xdrs, m, XDR_DECODE); 965 if (! xdr_callmsg(&xdrs, msg)) { 966 XDR_DESTROY(&xdrs); 967 return (FALSE); 968 } 969 *addrp = NULL; 970 *mp = xdrmbuf_getall(&xdrs); 971 XDR_DESTROY(&xdrs); 972 return (TRUE); 973 } 974 975 static bool_t 976 svc_vc_reply(SVCXPRT *xprt, struct rpc_msg *msg, 977 struct sockaddr *addr, struct mbuf *m, uint32_t *seq) 978 { 979 XDR xdrs; 980 struct mbuf *mrep; 981 bool_t stat = TRUE; 982 int error, len, maxextsiz; 983 #ifdef KERN_TLS 984 u_int maxlen; 985 #endif 986 987 /* 988 * Leave space for record mark. 989 */ 990 mrep = m_gethdr(M_WAITOK, MT_DATA); 991 mrep->m_data += sizeof(uint32_t); 992 993 xdrmbuf_create(&xdrs, mrep, XDR_ENCODE); 994 995 if (msg->rm_reply.rp_stat == MSG_ACCEPTED && 996 msg->rm_reply.rp_acpt.ar_stat == SUCCESS) { 997 if (!xdr_replymsg(&xdrs, msg)) 998 stat = FALSE; 999 else 1000 (void)xdr_putmbuf(&xdrs, m); 1001 } else { 1002 stat = xdr_replymsg(&xdrs, msg); 1003 } 1004 1005 if (stat) { 1006 m_fixhdr(mrep); 1007 1008 /* 1009 * Prepend a record marker containing the reply length. 1010 */ 1011 M_PREPEND(mrep, sizeof(uint32_t), M_WAITOK); 1012 len = mrep->m_pkthdr.len; 1013 *mtod(mrep, uint32_t *) = 1014 htonl(0x80000000 | (len - sizeof(uint32_t))); 1015 1016 /* For RPC-over-TLS, copy mrep to a chain of ext_pgs. */ 1017 KRPC_CURVNET_SET(xprt->xp_socket->so_vnet); 1018 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) { 1019 /* 1020 * Copy the mbuf chain to a chain of 1021 * ext_pgs mbuf(s) as required by KERN_TLS. 1022 */ 1023 maxextsiz = TLS_MAX_MSG_SIZE_V10_2; 1024 #ifdef KERN_TLS 1025 if (rpctls_getinfo(&maxlen, false, false)) 1026 maxextsiz = min(maxextsiz, maxlen); 1027 #endif 1028 mrep = _rpc_copym_into_ext_pgs(mrep, maxextsiz); 1029 KRPC_VNET(svc_vc_tls_tx_msgcnt)++; 1030 KRPC_VNET(svc_vc_tls_tx_msgbytes) += len; 1031 } else { 1032 KRPC_VNET(svc_vc_tx_msgcnt)++; 1033 KRPC_VNET(svc_vc_tx_msgbytes) += len; 1034 } 1035 KRPC_CURVNET_RESTORE(); 1036 atomic_add_32(&xprt->xp_snd_cnt, len); 1037 /* 1038 * sosend consumes mreq. 1039 */ 1040 error = sosend(xprt->xp_socket, NULL, NULL, mrep, NULL, 1041 0, curthread); 1042 if (!error) { 1043 atomic_add_rel_32(&xprt->xp_snt_cnt, len); 1044 if (seq) 1045 *seq = xprt->xp_snd_cnt; 1046 stat = TRUE; 1047 } else 1048 atomic_subtract_32(&xprt->xp_snd_cnt, len); 1049 } else { 1050 m_freem(mrep); 1051 } 1052 1053 XDR_DESTROY(&xdrs); 1054 1055 return (stat); 1056 } 1057 1058 static bool_t 1059 svc_vc_backchannel_reply(SVCXPRT *xprt, struct rpc_msg *msg, 1060 struct sockaddr *addr, struct mbuf *m, uint32_t *seq) 1061 { 1062 struct ct_data *ct; 1063 XDR xdrs; 1064 struct mbuf *mrep; 1065 bool_t stat = TRUE; 1066 int error, maxextsiz; 1067 #ifdef KERN_TLS 1068 u_int maxlen; 1069 #endif 1070 1071 /* 1072 * Leave space for record mark. 1073 */ 1074 mrep = m_gethdr(M_WAITOK, MT_DATA); 1075 mrep->m_data += sizeof(uint32_t); 1076 1077 xdrmbuf_create(&xdrs, mrep, XDR_ENCODE); 1078 1079 if (msg->rm_reply.rp_stat == MSG_ACCEPTED && 1080 msg->rm_reply.rp_acpt.ar_stat == SUCCESS) { 1081 if (!xdr_replymsg(&xdrs, msg)) 1082 stat = FALSE; 1083 else 1084 (void)xdr_putmbuf(&xdrs, m); 1085 } else { 1086 stat = xdr_replymsg(&xdrs, msg); 1087 } 1088 1089 if (stat) { 1090 m_fixhdr(mrep); 1091 1092 /* 1093 * Prepend a record marker containing the reply length. 1094 */ 1095 M_PREPEND(mrep, sizeof(uint32_t), M_WAITOK); 1096 *mtod(mrep, uint32_t *) = 1097 htonl(0x80000000 | (mrep->m_pkthdr.len 1098 - sizeof(uint32_t))); 1099 1100 /* For RPC-over-TLS, copy mrep to a chain of ext_pgs. */ 1101 if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) { 1102 /* 1103 * Copy the mbuf chain to a chain of 1104 * ext_pgs mbuf(s) as required by KERN_TLS. 1105 */ 1106 maxextsiz = TLS_MAX_MSG_SIZE_V10_2; 1107 #ifdef KERN_TLS 1108 if (rpctls_getinfo(&maxlen, false, false)) 1109 maxextsiz = min(maxextsiz, maxlen); 1110 #endif 1111 mrep = _rpc_copym_into_ext_pgs(mrep, maxextsiz); 1112 } 1113 sx_xlock(&xprt->xp_lock); 1114 ct = (struct ct_data *)xprt->xp_p2; 1115 if (ct != NULL) 1116 error = sosend(ct->ct_socket, NULL, NULL, mrep, NULL, 1117 0, curthread); 1118 else 1119 error = EPIPE; 1120 sx_xunlock(&xprt->xp_lock); 1121 if (!error) { 1122 stat = TRUE; 1123 } 1124 } else { 1125 m_freem(mrep); 1126 } 1127 1128 XDR_DESTROY(&xdrs); 1129 1130 return (stat); 1131 } 1132 1133 static bool_t 1134 svc_vc_null(void) 1135 { 1136 1137 return (FALSE); 1138 } 1139 1140 static int 1141 svc_vc_soupcall(struct socket *so, void *arg, int waitflag) 1142 { 1143 SVCXPRT *xprt = (SVCXPRT *) arg; 1144 1145 if (soreadable(xprt->xp_socket)) 1146 xprt_active(xprt); 1147 return (SU_OK); 1148 } 1149 1150 static int 1151 svc_vc_rendezvous_soupcall(struct socket *head, void *arg, int waitflag) 1152 { 1153 SVCXPRT *xprt = (SVCXPRT *) arg; 1154 1155 if (!TAILQ_EMPTY(&head->sol_comp)) 1156 xprt_active(xprt); 1157 return (SU_OK); 1158 } 1159 1160 #if 0 1161 /* 1162 * Get the effective UID of the sending process. Used by rpcbind, keyserv 1163 * and rpc.yppasswdd on AF_LOCAL. 1164 */ 1165 int 1166 __rpc_get_local_uid(SVCXPRT *transp, uid_t *uid) { 1167 int sock, ret; 1168 gid_t egid; 1169 uid_t euid; 1170 struct sockaddr *sa; 1171 1172 sock = transp->xp_fd; 1173 sa = (struct sockaddr *)transp->xp_rtaddr; 1174 if (sa->sa_family == AF_LOCAL) { 1175 ret = getpeereid(sock, &euid, &egid); 1176 if (ret == 0) 1177 *uid = euid; 1178 return (ret); 1179 } else 1180 return (-1); 1181 } 1182 #endif 1183