1
/*	$NetBSD: clnt_vc.c,v 1.4 2000/07/14 08:40:42 fvdl Exp $	*/
2

3
/*-
4
 * Copyright (c) 2009, Sun Microsystems, Inc.
5
 * All rights reserved.
6
 *
7
 * Redistribution and use in source and binary forms, with or without 
8
 * modification, are permitted provided that the following conditions are met:
9
 * - Redistributions of source code must retain the above copyright notice, 
10
 *   this list of conditions and the following disclaimer.
11
 * - Redistributions in binary form must reproduce the above copyright notice, 
12
 *   this list of conditions and the following disclaimer in the documentation 
13
 *   and/or other materials provided with the distribution.
14
 * - Neither the name of Sun Microsystems, Inc. nor the names of its 
15
 *   contributors may be used to endorse or promote products derived 
16
 *   from this software without specific prior written permission.
17
 * 
18
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
19
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
20
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
21
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 
22
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
23
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
24
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
25
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
26
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
27
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
28
 * POSSIBILITY OF SUCH DAMAGE.
29
 */
30

31
#include <sys/cdefs.h>
32
/*
33
 * clnt_tcp.c, Implements a TCP/IP based, client side RPC.
34
 *
35
 * Copyright (C) 1984, Sun Microsystems, Inc.
36
 *
37
 * TCP based RPC supports 'batched calls'.
38
 * A sequence of calls may be batched-up in a send buffer.  The rpc call
39
 * return immediately to the client even though the call was not necessarily
40
 * sent.  The batching occurs if the results' xdr routine is NULL (0) AND
41
 * the rpc timeout value is zero (see clnt.h, rpc).
42
 *
43
 * Clients should NOT casually batch calls that in fact return results; that is,
44
 * the server side should be aware that a call is batched and not produce any
45
 * return message.  Batched calls that produce many result messages can
46
 * deadlock (netlock) the client and the server....
47
 *
48
 * Now go hang yourself.
49
 */
50

51
/*
52
 * This code handles the special case of a NFSv4.n backchannel for
53
 * callback RPCs. It is similar to clnt_vc.c, but uses the TCP
54
 * connection provided by the client to the server.
55
 */
56

57
#include "opt_kern_tls.h"
58

59
#include <sys/param.h>
60
#include <sys/systm.h>
61
#include <sys/ktls.h>
62
#include <sys/lock.h>
63
#include <sys/malloc.h>
64
#include <sys/mbuf.h>
65
#include <sys/mutex.h>
66
#include <sys/pcpu.h>
67
#include <sys/proc.h>
68
#include <sys/protosw.h>
69
#include <sys/socket.h>
70
#include <sys/socketvar.h>
71
#include <sys/sx.h>
72
#include <sys/syslog.h>
73
#include <sys/time.h>
74
#include <sys/uio.h>
75

76
#include <net/vnet.h>
77

78
#include <netinet/tcp.h>
79

80
#include <rpc/rpc.h>
81
#include <rpc/rpc_com.h>
82
#include <rpc/krpc.h>
83
#include <rpc/rpcsec_tls.h>
84

85
struct cmessage {
86
        struct cmsghdr cmsg;
87
        struct cmsgcred cmcred;
88
};
89

90
static void clnt_bck_geterr(CLIENT *, struct rpc_err *);
91
static bool_t clnt_bck_freeres(CLIENT *, xdrproc_t, void *);
92
static void clnt_bck_abort(CLIENT *);
93
static bool_t clnt_bck_control(CLIENT *, u_int, void *);
94
static void clnt_bck_close(CLIENT *);
95
static void clnt_bck_destroy(CLIENT *);
96

97
static const struct clnt_ops clnt_bck_ops = {
98
	.cl_abort =	clnt_bck_abort,
99
	.cl_geterr =	clnt_bck_geterr,
100
	.cl_freeres =	clnt_bck_freeres,
101
	.cl_close =	clnt_bck_close,
102
	.cl_destroy =	clnt_bck_destroy,
103
	.cl_control =	clnt_bck_control
104
};
105

106
/*
107
 * Create a client handle for a connection.
108
 * Default options are set, which the user can change using clnt_control()'s.
109
 * This code handles the special case of an NFSv4.1 session backchannel
110
 * call, which is sent on a TCP connection created against the server
111
 * by a client.
112
 */
113
void *
114
clnt_bck_create(
115
	struct socket *so,		/* Server transport socket. */
116
	const rpcprog_t prog,		/* program number */
117
	const rpcvers_t vers)		/* version number */
118
{
119
	CLIENT *cl;			/* client handle */
120
	struct ct_data *ct = NULL;	/* client handle */
121
	struct timeval now;
122
	struct rpc_msg call_msg;
123
	static uint32_t disrupt;
124
	XDR xdrs;
125

126
	if (disrupt == 0)
127
		disrupt = (uint32_t)(long)so;
128

129
	cl = (CLIENT *)mem_alloc(sizeof (*cl));
130
	ct = (struct ct_data *)mem_alloc(sizeof (*ct));
131

132
	mtx_init(&ct->ct_lock, "ct->ct_lock", NULL, MTX_DEF);
133
	ct->ct_threads = 0;
134
	ct->ct_closing = FALSE;
135
	ct->ct_closed = FALSE;
136
	ct->ct_upcallrefs = 0;
137
	ct->ct_closeit = FALSE;
138

139
	/*
140
	 * Set up private data struct
141
	 */
142
	ct->ct_wait.tv_sec = -1;
143
	ct->ct_wait.tv_usec = -1;
144

145
	/*
146
	 * Initialize call message
147
	 */
148
	getmicrotime(&now);
149
	ct->ct_xid = ((uint32_t)++disrupt) ^ __RPC_GETXID(&now);
150
	call_msg.rm_xid = ct->ct_xid;
151
	call_msg.rm_direction = CALL;
152
	call_msg.rm_call.cb_rpcvers = RPC_MSG_VERSION;
153
	call_msg.rm_call.cb_prog = (uint32_t)prog;
154
	call_msg.rm_call.cb_vers = (uint32_t)vers;
155

156
	/*
157
	 * pre-serialize the static part of the call msg and stash it away
158
	 */
159
	xdrmem_create(&xdrs, ct->ct_mcallc, MCALL_MSG_SIZE,
160
	    XDR_ENCODE);
161
	if (!xdr_callhdr(&xdrs, &call_msg))
162
		goto err;
163
	ct->ct_mpos = XDR_GETPOS(&xdrs);
164
	XDR_DESTROY(&xdrs);
165
	ct->ct_waitchan = "rpcbck";
166
	ct->ct_waitflag = 0;
167
	cl->cl_refs = 1;
168
	cl->cl_ops = &clnt_bck_ops;
169
	cl->cl_private = ct;
170
	cl->cl_auth = authnone_create();
171
	TAILQ_INIT(&ct->ct_pending);
172
	return (cl);
173

174
err:
175
	mtx_destroy(&ct->ct_lock);
176
	mem_free(ct, sizeof (struct ct_data));
177
	mem_free(cl, sizeof (CLIENT));
178
	return (NULL);
179
}
180

181
enum clnt_stat
182
clnt_bck_call(
183
	CLIENT		*cl,		/* client handle */
184
	struct rpc_callextra *ext,	/* call metadata */
185
	rpcproc_t	proc,		/* procedure number */
186
	struct mbuf	*args,		/* pointer to args */
187
	struct mbuf	**resultsp,	/* pointer to results */
188
	struct timeval	utimeout,
189
	SVCXPRT		*xprt)
190
{
191
	struct ct_data *ct = (struct ct_data *) cl->cl_private;
192
	AUTH *auth;
193
	struct rpc_err *errp;
194
	enum clnt_stat stat;
195
	XDR xdrs;
196
	struct rpc_msg reply_msg;
197
	bool_t ok;
198
	int nrefreshes = 2;		/* number of times to refresh cred */
199
	struct timeval timeout;
200
	uint32_t xid;
201
	struct mbuf *mreq = NULL, *results;
202
	struct ct_request *cr;
203
	int error, maxextsiz;
204
#ifdef KERN_TLS
205
	u_int maxlen;
206
#endif
207

208
	cr = malloc(sizeof(struct ct_request), M_RPC, M_WAITOK);
209

210
	mtx_lock(&ct->ct_lock);
211

212
	if (ct->ct_closing || ct->ct_closed) {
213
		mtx_unlock(&ct->ct_lock);
214
		free(cr, M_RPC);
215
		return (RPC_CANTSEND);
216
	}
217
	ct->ct_threads++;
218

219
	if (ext) {
220
		auth = ext->rc_auth;
221
		errp = &ext->rc_err;
222
	} else {
223
		auth = cl->cl_auth;
224
		errp = &ct->ct_error;
225
	}
226

227
	cr->cr_mrep = NULL;
228
	cr->cr_error = 0;
229

230
	if (ct->ct_wait.tv_usec == -1)
231
		timeout = utimeout;	/* use supplied timeout */
232
	else
233
		timeout = ct->ct_wait;	/* use default timeout */
234

235
call_again:
236
	mtx_assert(&ct->ct_lock, MA_OWNED);
237

238
	ct->ct_xid++;
239
	xid = ct->ct_xid;
240

241
	mtx_unlock(&ct->ct_lock);
242

243
	/*
244
	 * Leave space to pre-pend the record mark.
245
	 */
246
	mreq = m_gethdr(M_WAITOK, MT_DATA);
247
	mreq->m_data += sizeof(uint32_t);
248
	KASSERT(ct->ct_mpos + sizeof(uint32_t) <= MHLEN,
249
	    ("RPC header too big"));
250
	bcopy(ct->ct_mcallc, mreq->m_data, ct->ct_mpos);
251
	mreq->m_len = ct->ct_mpos;
252

253
	/*
254
	 * The XID is the first thing in the request.
255
	 */
256
	*mtod(mreq, uint32_t *) = htonl(xid);
257

258
	xdrmbuf_create(&xdrs, mreq, XDR_ENCODE);
259

260
	errp->re_status = stat = RPC_SUCCESS;
261

262
	if ((!XDR_PUTINT32(&xdrs, &proc)) ||
263
	    (!AUTH_MARSHALL(auth, xid, &xdrs,
264
	     m_copym(args, 0, M_COPYALL, M_WAITOK)))) {
265
		errp->re_status = stat = RPC_CANTENCODEARGS;
266
		mtx_lock(&ct->ct_lock);
267
		goto out;
268
	}
269
	mreq->m_pkthdr.len = m_length(mreq, NULL);
270

271
	/*
272
	 * Prepend a record marker containing the packet length.
273
	 */
274
	M_PREPEND(mreq, sizeof(uint32_t), M_WAITOK);
275
	*mtod(mreq, uint32_t *) =
276
	    htonl(0x80000000 | (mreq->m_pkthdr.len - sizeof(uint32_t)));
277

278
	cr->cr_xid = xid;
279
	mtx_lock(&ct->ct_lock);
280
	/*
281
	 * Check to see if the client end has already started to close down
282
	 * the connection. The svc code will have set ct_error.re_status
283
	 * to RPC_CANTRECV if this is the case.
284
	 * If the client starts to close down the connection after this
285
	 * point, it will be detected later when cr_error is checked,
286
	 * since the request is in the ct_pending queue.
287
	 */
288
	if (ct->ct_error.re_status == RPC_CANTRECV) {
289
		if (errp != &ct->ct_error) {
290
			errp->re_errno = ct->ct_error.re_errno;
291
			errp->re_status = RPC_CANTRECV;
292
		}
293
		stat = RPC_CANTRECV;
294
		goto out;
295
	}
296
	TAILQ_INSERT_TAIL(&ct->ct_pending, cr, cr_link);
297
	mtx_unlock(&ct->ct_lock);
298

299
	/* For RPC-over-TLS, copy mrep to a chain of ext_pgs. */
300
	if ((xprt->xp_tls & RPCTLS_FLAGS_HANDSHAKE) != 0) {
301
		/*
302
		 * Copy the mbuf chain to a chain of
303
		 * ext_pgs mbuf(s) as required by KERN_TLS.
304
		 */
305
		maxextsiz = TLS_MAX_MSG_SIZE_V10_2;
306
#ifdef KERN_TLS
307
		if (rpctls_getinfo(&maxlen, false, false))
308
			maxextsiz = min(maxextsiz, maxlen);
309
#endif
310
		mreq = _rpc_copym_into_ext_pgs(mreq, maxextsiz);
311
	}
312
	/*
313
	 * sosend consumes mreq.
314
	 */
315
	sx_xlock(&xprt->xp_lock);
316
	error = sosend(xprt->xp_socket, NULL, NULL, mreq, NULL, 0, curthread);
317
if (error != 0) printf("sosend=%d\n", error);
318
	mreq = NULL;
319
	if (error == EMSGSIZE) {
320
printf("emsgsize\n");
321
		SOCK_SENDBUF_LOCK(xprt->xp_socket);
322
		sbwait(xprt->xp_socket, SO_SND);
323
		SOCK_SENDBUF_UNLOCK(xprt->xp_socket);
324
		sx_xunlock(&xprt->xp_lock);
325
		AUTH_VALIDATE(auth, xid, NULL, NULL);
326
		mtx_lock(&ct->ct_lock);
327
		TAILQ_REMOVE(&ct->ct_pending, cr, cr_link);
328
		goto call_again;
329
	}
330
	sx_xunlock(&xprt->xp_lock);
331

332
	reply_msg.acpted_rply.ar_verf.oa_flavor = AUTH_NULL;
333
	reply_msg.acpted_rply.ar_verf.oa_base = cr->cr_verf;
334
	reply_msg.acpted_rply.ar_verf.oa_length = 0;
335
	reply_msg.acpted_rply.ar_results.where = NULL;
336
	reply_msg.acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
337

338
	mtx_lock(&ct->ct_lock);
339
	if (error) {
340
		TAILQ_REMOVE(&ct->ct_pending, cr, cr_link);
341
		errp->re_errno = error;
342
		errp->re_status = stat = RPC_CANTSEND;
343
		goto out;
344
	}
345

346
	/*
347
	 * Check to see if we got an upcall while waiting for the
348
	 * lock. In both these cases, the request has been removed
349
	 * from ct->ct_pending.
350
	 */
351
	if (cr->cr_error) {
352
		TAILQ_REMOVE(&ct->ct_pending, cr, cr_link);
353
		errp->re_errno = cr->cr_error;
354
		errp->re_status = stat = RPC_CANTRECV;
355
		goto out;
356
	}
357
	if (cr->cr_mrep) {
358
		TAILQ_REMOVE(&ct->ct_pending, cr, cr_link);
359
		goto got_reply;
360
	}
361

362
	/*
363
	 * Hack to provide rpc-based message passing
364
	 */
365
	if (timeout.tv_sec == 0 && timeout.tv_usec == 0) {
366
		TAILQ_REMOVE(&ct->ct_pending, cr, cr_link);
367
		errp->re_status = stat = RPC_TIMEDOUT;
368
		goto out;
369
	}
370

371
	error = msleep(cr, &ct->ct_lock, ct->ct_waitflag, ct->ct_waitchan,
372
	    tvtohz(&timeout));
373

374
	TAILQ_REMOVE(&ct->ct_pending, cr, cr_link);
375

376
	if (error) {
377
		/*
378
		 * The sleep returned an error so our request is still
379
		 * on the list. Turn the error code into an
380
		 * appropriate client status.
381
		 */
382
		errp->re_errno = error;
383
		switch (error) {
384
		case EINTR:
385
			stat = RPC_INTR;
386
			break;
387
		case EWOULDBLOCK:
388
			stat = RPC_TIMEDOUT;
389
			break;
390
		default:
391
			stat = RPC_CANTRECV;
392
		}
393
		errp->re_status = stat;
394
		goto out;
395
	} else {
396
		/*
397
		 * We were woken up by the svc thread.  If the
398
		 * upcall had a receive error, report that,
399
		 * otherwise we have a reply.
400
		 */
401
		if (cr->cr_error) {
402
			errp->re_errno = cr->cr_error;
403
			errp->re_status = stat = RPC_CANTRECV;
404
			goto out;
405
		}
406
	}
407

408
got_reply:
409
	/*
410
	 * Now decode and validate the response. We need to drop the
411
	 * lock since xdr_replymsg may end up sleeping in malloc.
412
	 */
413
	mtx_unlock(&ct->ct_lock);
414

415
	if (ext && ext->rc_feedback)
416
		ext->rc_feedback(FEEDBACK_OK, proc, ext->rc_feedback_arg);
417

418
	xdrmbuf_create(&xdrs, cr->cr_mrep, XDR_DECODE);
419
	ok = xdr_replymsg(&xdrs, &reply_msg);
420
	cr->cr_mrep = NULL;
421

422
	if (ok) {
423
		if ((reply_msg.rm_reply.rp_stat == MSG_ACCEPTED) &&
424
		    (reply_msg.acpted_rply.ar_stat == SUCCESS))
425
			errp->re_status = stat = RPC_SUCCESS;
426
		else
427
			stat = _seterr_reply(&reply_msg, errp);
428

429
		if (stat == RPC_SUCCESS) {
430
			results = xdrmbuf_getall(&xdrs);
431
			if (!AUTH_VALIDATE(auth, xid,
432
			    &reply_msg.acpted_rply.ar_verf, &results)) {
433
				errp->re_status = stat = RPC_AUTHERROR;
434
				errp->re_why = AUTH_INVALIDRESP;
435
			} else {
436
				KASSERT(results,
437
				    ("auth validated but no result"));
438
				*resultsp = results;
439
			}
440
		}		/* end successful completion */
441
		/*
442
		 * If unsuccessful AND error is an authentication error
443
		 * then refresh credentials and try again, else break
444
		 */
445
		else if (stat == RPC_AUTHERROR)
446
			/* maybe our credentials need to be refreshed ... */
447
			if (nrefreshes > 0 && AUTH_REFRESH(auth, &reply_msg)) {
448
				nrefreshes--;
449
				XDR_DESTROY(&xdrs);
450
				mtx_lock(&ct->ct_lock);
451
				goto call_again;
452
			}
453
			/* end of unsuccessful completion */
454
		/* end of valid reply message */
455
	} else
456
		errp->re_status = stat = RPC_CANTDECODERES;
457
	XDR_DESTROY(&xdrs);
458
	mtx_lock(&ct->ct_lock);
459
out:
460
	mtx_assert(&ct->ct_lock, MA_OWNED);
461

462
	KASSERT(stat != RPC_SUCCESS || *resultsp,
463
	    ("RPC_SUCCESS without reply"));
464

465
	if (mreq != NULL)
466
		m_freem(mreq);
467
	if (cr->cr_mrep != NULL)
468
		m_freem(cr->cr_mrep);
469

470
	ct->ct_threads--;
471
	if (ct->ct_closing)
472
		wakeup(ct);
473
		
474
	mtx_unlock(&ct->ct_lock);
475

476
	if (auth && stat != RPC_SUCCESS)
477
		AUTH_VALIDATE(auth, xid, NULL, NULL);
478

479
	free(cr, M_RPC);
480

481
	return (stat);
482
}
483

484
static void
485
clnt_bck_geterr(CLIENT *cl, struct rpc_err *errp)
486
{
487
	struct ct_data *ct = (struct ct_data *) cl->cl_private;
488

489
	*errp = ct->ct_error;
490
}
491

492
static bool_t
493
clnt_bck_freeres(CLIENT *cl, xdrproc_t xdr_res, void *res_ptr)
494
{
495
	XDR xdrs;
496
	bool_t dummy;
497

498
	xdrs.x_op = XDR_FREE;
499
	dummy = (*xdr_res)(&xdrs, res_ptr);
500

501
	return (dummy);
502
}
503

504
/*ARGSUSED*/
505
static void
506
clnt_bck_abort(CLIENT *cl)
507
{
508
}
509

510
static bool_t
511
clnt_bck_control(CLIENT *cl, u_int request, void *info)
512
{
513

514
	return (TRUE);
515
}
516

517
static void
518
clnt_bck_close(CLIENT *cl)
519
{
520
	struct ct_data *ct = (struct ct_data *) cl->cl_private;
521

522
	mtx_lock(&ct->ct_lock);
523

524
	if (ct->ct_closed) {
525
		mtx_unlock(&ct->ct_lock);
526
		return;
527
	}
528

529
	if (ct->ct_closing) {
530
		while (ct->ct_closing)
531
			msleep(ct, &ct->ct_lock, 0, "rpcclose", 0);
532
		KASSERT(ct->ct_closed, ("client should be closed"));
533
		mtx_unlock(&ct->ct_lock);
534
		return;
535
	}
536

537
	ct->ct_closing = FALSE;
538
	ct->ct_closed = TRUE;
539
	mtx_unlock(&ct->ct_lock);
540
	wakeup(ct);
541
}
542

543
static void
544
clnt_bck_destroy(CLIENT *cl)
545
{
546
	struct ct_data *ct = (struct ct_data *) cl->cl_private;
547

548
	clnt_bck_close(cl);
549

550
	mtx_destroy(&ct->ct_lock);
551
	mem_free(ct, sizeof(struct ct_data));
552
	if (cl->cl_netid && cl->cl_netid[0])
553
		mem_free(cl->cl_netid, strlen(cl->cl_netid) +1);
554
	if (cl->cl_tp && cl->cl_tp[0])
555
		mem_free(cl->cl_tp, strlen(cl->cl_tp) +1);
556
	mem_free(cl, sizeof(CLIENT));
557
}
558

559
/*
560
 * This call is done by the svc code when a backchannel RPC reply is
561
 * received.
562
 * For the server end, where callback RPCs to the client are performed,
563
 * xp_p2 points to the "CLIENT" and not the associated "struct ct_data"
564
 * so that svc_vc_destroy() can CLNT_RELEASE() the reference count on it.
565
 */
566
void
567
clnt_bck_svccall(void *arg, struct mbuf *mrep, uint32_t xid)
568
{
569
	CLIENT *cl = (CLIENT *)arg;
570
	struct ct_data *ct;
571
	struct ct_request *cr;
572
	int foundreq;
573

574
	ct = (struct ct_data *)cl->cl_private;
575
	mtx_lock(&ct->ct_lock);
576
	if (ct->ct_closing || ct->ct_closed) {
577
		mtx_unlock(&ct->ct_lock);
578
		m_freem(mrep);
579
		return;
580
	}
581

582
	ct->ct_upcallrefs++;
583
	/*
584
	 * See if we can match this reply to a request.
585
	 */
586
	foundreq = 0;
587
	TAILQ_FOREACH(cr, &ct->ct_pending, cr_link) {
588
		if (cr->cr_xid == xid) {
589
			/*
590
			 * This one matches. We leave the reply mbuf list in
591
			 * cr->cr_mrep. Set the XID to zero so that we will
592
			 * ignore any duplicated replies.
593
			 */
594
			cr->cr_xid = 0;
595
			cr->cr_mrep = mrep;
596
			cr->cr_error = 0;
597
			foundreq = 1;
598
			wakeup(cr);
599
			break;
600
		}
601
	}
602

603
	ct->ct_upcallrefs--;
604
	if (ct->ct_upcallrefs < 0)
605
		panic("rpcvc svccall refcnt");
606
	if (ct->ct_upcallrefs == 0)
607
		wakeup(&ct->ct_upcallrefs);
608
	mtx_unlock(&ct->ct_lock);
609
	if (foundreq == 0)
610
		m_freem(mrep);
611
}
612

613

614