]> git.saurik.com Git - apple/xnu.git/blob - bsd/nfs/nfs_socket.c
projects / apple / xnu.git / blob
? search:


1c61f9d7a1c63535b9e583fa037717ab56507e21
[apple/xnu.git] / bsd / nfs / nfs_socket.c
1 /*
2 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
11 *
12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
18 * under the License.
19 *
20 * @APPLE_LICENSE_HEADER_END@
21 */
22 /* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
23 /*
24 * Copyright (c) 1989, 1991, 1993, 1995
25 * The Regents of the University of California. All rights reserved.
26 *
27 * This code is derived from software contributed to Berkeley by
28 * Rick Macklem at The University of Guelph.
29 *
30 * Redistribution and use in source and binary forms, with or without
31 * modification, are permitted provided that the following conditions
32 * are met:
33 * 1. Redistributions of source code must retain the above copyright
34 * notice, this list of conditions and the following disclaimer.
35 * 2. Redistributions in binary form must reproduce the above copyright
36 * notice, this list of conditions and the following disclaimer in the
37 * documentation and/or other materials provided with the distribution.
38 * 3. All advertising materials mentioning features or use of this software
39 * must display the following acknowledgement:
40 * This product includes software developed by the University of
41 * California, Berkeley and its contributors.
42 * 4. Neither the name of the University nor the names of its contributors
43 * may be used to endorse or promote products derived from this software
44 * without specific prior written permission.
45 *
46 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56 * SUCH DAMAGE.
57 *
58 * @(#)nfs_socket.c 8.5 (Berkeley) 3/30/95
59 * FreeBSD-Id: nfs_socket.c,v 1.30 1997/10/28 15:59:07 bde Exp $
60 */
61
62 /*
63 * Socket operations for use by nfs
64 */
65
66 #include <sys/param.h>
67 #include <sys/systm.h>
68 #include <sys/proc.h>
69 #include <sys/mount.h>
70 #include <sys/kernel.h>
71 #include <sys/mbuf.h>
72 #include <sys/malloc.h>
73 #include <sys/vnode.h>
74 #include <sys/domain.h>
75 #include <sys/protosw.h>
76 #include <sys/socket.h>
77 #include <sys/socketvar.h>
78 #include <sys/syslog.h>
79 #include <sys/tprintf.h>
80 #include <machine/spl.h>
81
82 #include <sys/time.h>
83 #include <kern/clock.h>
84 #include <sys/user.h>
85
86 #include <netinet/in.h>
87 #include <netinet/tcp.h>
88
89 #include <nfs/rpcv2.h>
90 #include <nfs/nfsproto.h>
91 #include <nfs/nfs.h>
92 #include <nfs/xdr_subs.h>
93 #include <nfs/nfsm_subs.h>
94 #include <nfs/nfsmount.h>
95 #include <nfs/nfsnode.h>
96 #include <nfs/nfsrtt.h>
97 #include <nfs/nqnfs.h>
98
99 #include <sys/kdebug.h>
100
101 #define FSDBG(A, B, C, D, E) \
102 KERNEL_DEBUG((FSDBG_CODE(DBG_FSRW, (A))) | DBG_FUNC_NONE, \
103 (int)(B), (int)(C), (int)(D), (int)(E), 0)
104 #define FSDBG_TOP(A, B, C, D, E) \
105 KERNEL_DEBUG((FSDBG_CODE(DBG_FSRW, (A))) | DBG_FUNC_START, \
106 (int)(B), (int)(C), (int)(D), (int)(E), 0)
107 #define FSDBG_BOT(A, B, C, D, E) \
108 KERNEL_DEBUG((FSDBG_CODE(DBG_FSRW, (A))) | DBG_FUNC_END, \
109 (int)(B), (int)(C), (int)(D), (int)(E), 0)
110
111 #define TRUE 1
112 #define FALSE 0
113
114 /*
115 * Estimate rto for an nfs rpc sent via. an unreliable datagram.
116 * Use the mean and mean deviation of rtt for the appropriate type of rpc
117 * for the frequent rpcs and a default for the others.
118 * The justification for doing "other" this way is that these rpcs
119 * happen so infrequently that timer est. would probably be stale.
120 * Also, since many of these rpcs are
121 * non-idempotent, a conservative timeout is desired.
122 * getattr, lookup - A+2D
123 * read, write - A+4D
124 * other - nm_timeo
125 */
126 #define NFS_RTO(n, t) \
127 ((t) == 0 ? (n)->nm_timeo : \
128 ((t) < 3 ? \
129 (((((n)->nm_srtt[t-1] + 3) >> 2) + (n)->nm_sdrtt[t-1] + 1) >> 1) : \
130 ((((n)->nm_srtt[t-1] + 7) >> 3) + (n)->nm_sdrtt[t-1] + 1)))
131 #define NFS_SRTT(r) (r)->r_nmp->nm_srtt[proct[(r)->r_procnum] - 1]
132 #define NFS_SDRTT(r) (r)->r_nmp->nm_sdrtt[proct[(r)->r_procnum] - 1]
133 /*
134 * External data, mostly RPC constants in XDR form
135 */
136 extern u_long rpc_reply, rpc_msgdenied, rpc_mismatch, rpc_vers, rpc_auth_unix,
137 rpc_msgaccepted, rpc_call, rpc_autherr,
138 rpc_auth_kerb;
139 extern u_long nfs_prog, nqnfs_prog;
140 extern time_t nqnfsstarttime;
141 extern struct nfsstats nfsstats;
142 extern int nfsv3_procid[NFS_NPROCS];
143 extern int nfs_ticks;
144 extern u_long nfs_xidwrap;
145
146 /*
147 * Defines which timer to use for the procnum.
148 * 0 - default
149 * 1 - getattr
150 * 2 - lookup
151 * 3 - read
152 * 4 - write
153 */
154 static int proct[NFS_NPROCS] = {
155 0, 1, 0, 2, 1, 3, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 3, 3, 0, 0, 0, 0, 0,
156 0, 0, 0,
157 };
158
159 /*
160 * There is a congestion window for outstanding rpcs maintained per mount
161 * point. The cwnd size is adjusted in roughly the way that:
162 * Van Jacobson, Congestion avoidance and Control, In "Proceedings of
163 * SIGCOMM '88". ACM, August 1988.
164 * describes for TCP. The cwnd size is chopped in half on a retransmit timeout
165 * and incremented by 1/cwnd when each rpc reply is received and a full cwnd
166 * of rpcs is in progress.
167 * (The sent count and cwnd are scaled for integer arith.)
168 * Variants of "slow start" were tried and were found to be too much of a
169 * performance hit (ave. rtt 3 times larger),
170 * I suspect due to the large rtt that nfs rpcs have.
171 */
172 #define NFS_CWNDSCALE 256
173 #define NFS_MAXCWND (NFS_CWNDSCALE * 32)
174 static int nfs_backoff[8] = { 2, 4, 8, 16, 32, 64, 128, 256, };
175 int nfsrtton = 0;
176 struct nfsrtt nfsrtt;
177
178 static int nfs_msg __P((struct proc *,char *,char *));
179 static int nfs_rcvlock __P((struct nfsreq *));
180 static void nfs_rcvunlock __P((int *flagp));
181 static int nfs_receive __P((struct nfsreq *rep, struct mbuf **aname,
182 struct mbuf **mp));
183 static int nfs_reconnect __P((struct nfsreq *rep));
184 #ifndef NFS_NOSERVER
185 static int nfsrv_getstream __P((struct nfssvc_sock *,int));
186
187 int (*nfsrv3_procs[NFS_NPROCS]) __P((struct nfsrv_descript *nd,
188 struct nfssvc_sock *slp,
189 struct proc *procp,
190 struct mbuf **mreqp)) = {
191 nfsrv_null,
192 nfsrv_getattr,
193 nfsrv_setattr,
194 nfsrv_lookup,
195 nfsrv3_access,
196 nfsrv_readlink,
197 nfsrv_read,
198 nfsrv_write,
199 nfsrv_create,
200 nfsrv_mkdir,
201 nfsrv_symlink,
202 nfsrv_mknod,
203 nfsrv_remove,
204 nfsrv_rmdir,
205 nfsrv_rename,
206 nfsrv_link,
207 nfsrv_readdir,
208 nfsrv_readdirplus,
209 nfsrv_statfs,
210 nfsrv_fsinfo,
211 nfsrv_pathconf,
212 nfsrv_commit,
213 nqnfsrv_getlease,
214 nqnfsrv_vacated,
215 nfsrv_noop,
216 nfsrv_noop
217 };
218 #endif /* NFS_NOSERVER */
219
220 /*
221 * NFSTRACE points were changed to FSDBG (KERNEL_DEBUG)
222 * But some of this code may prove useful someday...
223 */
224 #undef NFSDIAG
225 #if NFSDIAG
226 int nfstraceindx = 0;
227 struct nfstracerec nfstracebuf[NFSTBUFSIZ] = {{0,0,0,0}};
228
229 #define NFSTRACESUSPENDERS
230 #ifdef NFSTRACESUSPENDERS
231 uint nfstracemask = 0xfff00200;
232 int nfstracexid = -1;
233 uint onfstracemask = 0;
234 int nfstracesuspend = -1;
235 #define NFSTRACE_SUSPEND \
236 { \
237 if (nfstracemask) { \
238 onfstracemask = nfstracemask; \
239 nfstracemask = 0; \
240 } \
241 }
242 #define NFSTRACE_RESUME \
243 { \
244 nfstracesuspend = -1; \
245 if (!nfstracemask) \
246 nfstracemask = onfstracemask; \
247 }
248 #define NFSTRACE_STARTSUSPENDCOUNTDOWN \
249 { \
250 nfstracesuspend = (nfstraceindx+100) % NFSTBUFSIZ; \
251 }
252 #define NFSTRACE_SUSPENDING (nfstracesuspend != -1)
253 #define NFSTRACE_SUSPENSEOVER \
254 (nfstracesuspend > 100 ? \
255 (nfstraceindx >= nfstracesuspend || \
256 nfstraceindx < nfstracesuspend - 100) : \
257 (nfstraceindx >= nfstracesuspend && \
258 nfstraceindx < nfstracesuspend + 8192 - 100))
259 #else
260 uint nfstracemask = 0;
261 #endif /* NFSTRACESUSPENDERS */
262
263 int nfsprnttimo = 1;
264
265 int nfsodata[1024];
266 int nfsoprocnum, nfsolen;
267 int nfsbt[32], nfsbtlen;
268
269 #if defined(__ppc__)
270 int
271 backtrace(int *where, int size)
272 {
273 int register sp, *fp, numsaved;
274
275 __asm__ volatile("mr %0,r1" : "=r" (sp));
276
277 fp = (int *)*((int *)sp);
278 size /= sizeof(int);
279 for (numsaved = 0; numsaved < size; numsaved++) {
280 *where++ = fp[2];
281 if ((int)fp <= 0)
282 break;
283 fp = (int *)*fp;
284 }
285 return (numsaved);
286 }
287 #elif defined(__i386__)
288 int
289 backtrace()
290 {
291 return (0); /* Till someone implements a real routine */
292 }
293 #else
294 #error architecture not implemented.
295 #endif
296
297 void
298 nfsdup(struct nfsreq *rep)
299 {
300 int *ip, i, first = 1, end;
301 char *s, b[240];
302 struct mbuf *mb;
303
304 if ((nfs_debug & NFS_DEBUG_DUP) == 0)
305 return;
306 /* last mbuf in chain will be nfs content */
307 for (mb = rep->r_mreq; mb->m_next; mb = mb->m_next)
308 ;
309 if (rep->r_procnum == nfsoprocnum && mb->m_len == nfsolen &&
310 !bcmp((caddr_t)nfsodata, mb->m_data, nfsolen)) {
311 s = b + sprintf(b, "nfsdup x=%x p=%d h=", rep->r_xid,
312 rep->r_procnum);
313 end = (int)(VTONFS(rep->r_vp)->n_fhp);
314 ip = (int *)(end & ~3);
315 end += VTONFS(rep->r_vp)->n_fhsize;
316 while ((int)ip < end) {
317 i = *ip++;
318 if (first) { /* avoid leading zeroes */
319 if (i == 0)
320 continue;
321 first = 0;
322 s += sprintf(s, "%x", i);
323 } else
324 s += sprintf(s, "%08x", i);
325 }
326 if (first)
327 sprintf(s, "%x", 0);
328 else /* eliminate trailing zeroes */
329 while (*--s == '0')
330 *s = 0;
331 /*
332 * set a breakpoint here and you can view the
333 * current backtrace and the one saved in nfsbt
334 */
335 kprintf("%s\n", b);
336 }
337 nfsoprocnum = rep->r_procnum;
338 nfsolen = mb->m_len;
339 bcopy(mb->m_data, (caddr_t)nfsodata, mb->m_len);
340 nfsbtlen = backtrace(&nfsbt, sizeof(nfsbt));
341 }
342 #endif /* NFSDIAG */
343
344 /*
345 * Initialize sockets and congestion for a new NFS connection.
346 * We do not free the sockaddr if error.
347 */
348 int
349 nfs_connect(nmp, rep)
350 register struct nfsmount *nmp;
351 struct nfsreq *rep;
352 {
353 register struct socket *so;
354 int s, error, rcvreserve, sndreserve;
355 struct sockaddr *saddr;
356 struct sockaddr_in sin;
357 u_short tport;
358
359 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
360 nmp->nm_so = (struct socket *)0;
361 saddr = mtod(nmp->nm_nam, struct sockaddr *);
362 error = socreate(saddr->sa_family, &nmp->nm_so, nmp->nm_sotype,
363 nmp->nm_soproto);
364 if (error) {
365 goto bad;
366 }
367 so = nmp->nm_so;
368 nmp->nm_soflags = so->so_proto->pr_flags;
369
370 /*
371 * Some servers require that the client port be a reserved port number.
372 */
373 if (saddr->sa_family == AF_INET && (nmp->nm_flag & NFSMNT_RESVPORT)) {
374 sin.sin_len = sizeof (struct sockaddr_in);
375 sin.sin_family = AF_INET;
376 sin.sin_addr.s_addr = INADDR_ANY;
377 tport = IPPORT_RESERVED - 1;
378 sin.sin_port = htons(tport);
379
380 while ((error = sobind(so, (struct sockaddr *) &sin) == EADDRINUSE) &&
381 (--tport > IPPORT_RESERVED / 2))
382 sin.sin_port = htons(tport);
383 if (error) {
384 goto bad;
385 }
386 }
387
388 /*
389 * Protocols that do not require connections may be optionally left
390 * unconnected for servers that reply from a port other than NFS_PORT.
391 */
392 if (nmp->nm_flag & NFSMNT_NOCONN) {
393 if (nmp->nm_soflags & PR_CONNREQUIRED) {
394 error = ENOTCONN;
395 goto bad;
396 }
397 } else {
398 error = soconnect(so, mtod(nmp->nm_nam, struct sockaddr *));
399 if (error) {
400 goto bad;
401 }
402
403 /*
404 * Wait for the connection to complete. Cribbed from the
405 * connect system call but with the wait timing out so
406 * that interruptible mounts don't hang here for a long time.
407 */
408 s = splnet();
409 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
410 (void) tsleep((caddr_t)&so->so_timeo, PSOCK,
411 "nfscon", 2 * hz);
412 if ((so->so_state & SS_ISCONNECTING) &&
413 so->so_error == 0 && rep &&
414 (error = nfs_sigintr(nmp, rep, rep->r_procp))) {
415 so->so_state &= ~SS_ISCONNECTING;
416 splx(s);
417 goto bad;
418 }
419 }
420 if (so->so_error) {
421 error = so->so_error;
422 so->so_error = 0;
423 splx(s);
424 goto bad;
425 }
426 splx(s);
427 }
428 if (nmp->nm_flag & (NFSMNT_SOFT | NFSMNT_INT)) {
429 so->so_rcv.sb_timeo = (5 * hz);
430 so->so_snd.sb_timeo = (5 * hz);
431 } else {
432 so->so_rcv.sb_timeo = 0;
433 so->so_snd.sb_timeo = 0;
434 }
435 if (nmp->nm_sotype == SOCK_DGRAM) {
436 sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 2;
437 rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR) * 2;
438 } else if (nmp->nm_sotype == SOCK_SEQPACKET) {
439 sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 2;
440 rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR) * 2;
441 } else {
442 if (nmp->nm_sotype != SOCK_STREAM)
443 panic("nfscon sotype");
444
445 if (so->so_proto->pr_flags & PR_CONNREQUIRED) {
446 struct sockopt sopt;
447 int val;
448
449 bzero(&sopt, sizeof sopt);
450 sopt.sopt_level = SOL_SOCKET;
451 sopt.sopt_name = SO_KEEPALIVE;
452 sopt.sopt_val = &val;
453 sopt.sopt_valsize = sizeof val;
454 val = 1;
455 sosetopt(so, &sopt);
456 }
457 if (so->so_proto->pr_protocol == IPPROTO_TCP) {
458 struct sockopt sopt;
459 int val;
460
461 bzero(&sopt, sizeof sopt);
462 sopt.sopt_level = IPPROTO_TCP;
463 sopt.sopt_name = TCP_NODELAY;
464 sopt.sopt_val = &val;
465 sopt.sopt_valsize = sizeof val;
466 val = 1;
467 sosetopt(so, &sopt);
468 }
469
470 sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR + sizeof (u_long))
471 * 2;
472 rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR + sizeof (u_long))
473 * 2;
474 }
475
476 error = soreserve(so, sndreserve, rcvreserve);
477 if (error) {
478 goto bad;
479 }
480 so->so_rcv.sb_flags |= SB_NOINTR;
481 so->so_snd.sb_flags |= SB_NOINTR;
482
483 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
484
485 /* Initialize other non-zero congestion variables */
486 nmp->nm_srtt[0] = nmp->nm_srtt[1] = nmp->nm_srtt[2] =
487 nmp->nm_srtt[3] = (NFS_TIMEO << 3);
488 nmp->nm_sdrtt[0] = nmp->nm_sdrtt[1] = nmp->nm_sdrtt[2] =
489 nmp->nm_sdrtt[3] = 0;
490 nmp->nm_cwnd = NFS_MAXCWND / 2; /* Initial send window */
491 nmp->nm_sent = 0;
492 FSDBG(529, nmp, nmp->nm_flag, nmp->nm_soflags, nmp->nm_cwnd);
493 nmp->nm_timeouts = 0;
494 return (0);
495
496 bad:
497 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
498 nfs_disconnect(nmp);
499 return (error);
500 }
501
502 /*
503 * Reconnect routine:
504 * Called when a connection is broken on a reliable protocol.
505 * - clean up the old socket
506 * - nfs_connect() again
507 * - set R_MUSTRESEND for all outstanding requests on mount point
508 * If this fails the mount point is DEAD!
509 * nb: Must be called with the nfs_sndlock() set on the mount point.
510 */
511 static int
512 nfs_reconnect(rep)
513 register struct nfsreq *rep;
514 {
515 register struct nfsreq *rp;
516 register struct nfsmount *nmp = rep->r_nmp;
517 int error;
518
519 nfs_disconnect(nmp);
520 while ((error = nfs_connect(nmp, rep))) {
521 if (error == EINTR || error == ERESTART)
522 return (EINTR);
523 (void) tsleep((caddr_t)&lbolt, PSOCK, "nfscon", 0);
524 }
525
526 NFS_DPF(DUP, ("nfs_reconnect RESEND\n"));
527 /*
528 * Loop through outstanding request list and fix up all requests
529 * on old socket.
530 */
531 for (rp = nfs_reqq.tqh_first; rp != 0; rp = rp->r_chain.tqe_next) {
532 if (rp->r_nmp == nmp)
533 rp->r_flags |= R_MUSTRESEND;
534 }
535 return (0);
536 }
537
538 /*
539 * NFS disconnect. Clean up and unlink.
540 */
541 void
542 nfs_disconnect(nmp)
543 register struct nfsmount *nmp;
544 {
545 register struct socket *so;
546
547 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
548 if (nmp->nm_so) {
549 so = nmp->nm_so;
550 nmp->nm_so = (struct socket *)0;
551 soshutdown(so, 2);
552 soclose(so);
553 }
554 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
555 }
556
557 /*
558 * This is the nfs send routine. For connection based socket types, it
559 * must be called with an nfs_sndlock() on the socket.
560 * "rep == NULL" indicates that it has been called from a server.
561 * For the client side:
562 * - return EINTR if the RPC is terminated, 0 otherwise
563 * - set R_MUSTRESEND if the send fails for any reason
564 * - do any cleanup required by recoverable socket errors (???)
565 * For the server side:
566 * - return EINTR or ERESTART if interrupted by a signal
567 * - return EPIPE if a connection is lost for connection based sockets (TCP...)
568 * - do any cleanup required by recoverable socket errors (???)
569 */
570 int
571 nfs_send(so, nam, top, rep)
572 register struct socket *so;
573 struct mbuf *nam;
574 register struct mbuf *top;
575 struct nfsreq *rep;
576 {
577 struct sockaddr *sendnam;
578 int error, soflags, flags;
579 int xidqueued = 0;
580 struct nfsreq *rp;
581 char savenametolog[MNAMELEN];
582
583 if (rep) {
584 if (rep->r_flags & R_SOFTTERM) {
585 m_freem(top);
586 return (EINTR);
587 }
588 if ((so = rep->r_nmp->nm_so) == NULL) {
589 rep->r_flags |= R_MUSTRESEND;
590 m_freem(top);
591 return (0);
592 }
593 rep->r_flags &= ~R_MUSTRESEND;
594 soflags = rep->r_nmp->nm_soflags;
595 for (rp = nfs_reqq.tqh_first; rp; rp = rp->r_chain.tqe_next)
596 if (rp == rep)
597 break;
598 if (rp)
599 xidqueued = rp->r_xid;
600 } else
601 soflags = so->so_proto->pr_flags;
602 if ((soflags & PR_CONNREQUIRED) || (so->so_state & SS_ISCONNECTED) ||
603 (nam == 0))
604 sendnam = (struct sockaddr *)0;
605 else
606 sendnam = mtod(nam, struct sockaddr *);
607
608 if (so->so_type == SOCK_SEQPACKET)
609 flags = MSG_EOR;
610 else
611 flags = 0;
612
613 #if NFSDIAG
614 if (rep)
615 nfsdup(rep);
616 #endif
617 /*
618 * Save the name here in case mount point goes away when we switch
619 * funnels. The name is using local stack and is large, but don't
620 * want to block if we malloc.
621 */
622 if (rep)
623 strncpy(savenametolog,
624 rep->r_nmp->nm_mountp->mnt_stat.f_mntfromname,
625 MNAMELEN);
626 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
627 error = sosend(so, sendnam, (struct uio *)0, top,
628 (struct mbuf *)0, flags);
629 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
630
631 if (error) {
632 if (rep) {
633 if (xidqueued) {
634 for (rp = nfs_reqq.tqh_first; rp;
635 rp = rp->r_chain.tqe_next)
636 if (rp == rep && rp->r_xid == xidqueued)
637 break;
638 if (!rp)
639 panic("nfs_send: error %d xid %x gone",
640 error, xidqueued);
641 }
642 log(LOG_INFO, "nfs send error %d for server %s\n",
643 error, savenametolog);
644 /*
645 * Deal with errors for the client side.
646 */
647 if (rep->r_flags & R_SOFTTERM)
648 error = EINTR;
649 else {
650 rep->r_flags |= R_MUSTRESEND;
651 NFS_DPF(DUP,
652 ("nfs_send RESEND error=%d\n", error));
653 }
654 } else
655 log(LOG_INFO, "nfsd send error %d\n", error);
656
657 /*
658 * Handle any recoverable (soft) socket errors here. (???)
659 */
660 if (error != EINTR && error != ERESTART &&
661 error != EWOULDBLOCK && error != EPIPE)
662 error = 0;
663 }
664 return (error);
665 }
666
667 /*
668 * Receive a Sun RPC Request/Reply. For SOCK_DGRAM, the work is all
669 * done by soreceive(), but for SOCK_STREAM we must deal with the Record
670 * Mark and consolidate the data into a new mbuf list.
671 * nb: Sometimes TCP passes the data up to soreceive() in long lists of
672 * small mbufs.
673 * For SOCK_STREAM we must be very careful to read an entire record once
674 * we have read any of it, even if the system call has been interrupted.
675 */
676 static int
677 nfs_receive(rep, aname, mp)
678 register struct nfsreq *rep;
679 struct mbuf **aname;
680 struct mbuf **mp;
681 {
682 register struct socket *so;
683 struct uio auio;
684 struct iovec aio;
685 register struct mbuf *m;
686 struct mbuf *control;
687 u_long len;
688 struct sockaddr **getnam;
689 struct sockaddr *tmp_nam;
690 struct mbuf *mhck;
691 struct sockaddr_in *sin;
692 int error, sotype, rcvflg;
693 struct proc *p = current_proc(); /* XXX */
694
695 /*
696 * Set up arguments for soreceive()
697 */
698 *mp = (struct mbuf *)0;
699 *aname = (struct mbuf *)0;
700 sotype = rep->r_nmp->nm_sotype;
701
702 /*
703 * For reliable protocols, lock against other senders/receivers
704 * in case a reconnect is necessary.
705 * For SOCK_STREAM, first get the Record Mark to find out how much
706 * more there is to get.
707 * We must lock the socket against other receivers
708 * until we have an entire rpc request/reply.
709 */
710 if (sotype != SOCK_DGRAM) {
711 error = nfs_sndlock(&rep->r_nmp->nm_flag, rep);
712 if (error)
713 return (error);
714 tryagain:
715 /*
716 * Check for fatal errors and resending request.
717 */
718 /*
719 * Ugh: If a reconnect attempt just happened, nm_so
720 * would have changed. NULL indicates a failed
721 * attempt that has essentially shut down this
722 * mount point.
723 */
724 if (rep->r_mrep || (rep->r_flags & R_SOFTTERM)) {
725 nfs_sndunlock(&rep->r_nmp->nm_flag);
726 return (EINTR);
727 }
728 so = rep->r_nmp->nm_so;
729 if (!so) {
730 error = nfs_reconnect(rep);
731 if (error) {
732 nfs_sndunlock(&rep->r_nmp->nm_flag);
733 return (error);
734 }
735 goto tryagain;
736 }
737 while (rep->r_flags & R_MUSTRESEND) {
738 m = m_copym(rep->r_mreq, 0, M_COPYALL, M_WAIT);
739 nfsstats.rpcretries++;
740 NFS_DPF(DUP,
741 ("nfs_receive RESEND %s\n",
742 rep->r_nmp->nm_mountp->mnt_stat.f_mntfromname));
743 error = nfs_send(so, rep->r_nmp->nm_nam, m, rep);
744 /*
745 * we also hold rcv lock so rep is still
746 * legit this point
747 */
748 if (error) {
749 if (error == EINTR || error == ERESTART ||
750 (error = nfs_reconnect(rep))) {
751 nfs_sndunlock(&rep->r_nmp->nm_flag);
752 return (error);
753 }
754 goto tryagain;
755 }
756 }
757 nfs_sndunlock(&rep->r_nmp->nm_flag);
758 if (sotype == SOCK_STREAM) {
759 aio.iov_base = (caddr_t) &len;
760 aio.iov_len = sizeof(u_long);
761 auio.uio_iov = &aio;
762 auio.uio_iovcnt = 1;
763 auio.uio_segflg = UIO_SYSSPACE;
764 auio.uio_rw = UIO_READ;
765 auio.uio_offset = 0;
766 auio.uio_resid = sizeof(u_long);
767 auio.uio_procp = p;
768 do {
769 rcvflg = MSG_WAITALL;
770 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
771 error = soreceive(so, (struct sockaddr **)0, &auio,
772 (struct mbuf **)0, (struct mbuf **)0, &rcvflg);
773 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
774 if (!rep->r_nmp) /* if unmounted then bailout */
775 goto shutout;
776 if (error == EWOULDBLOCK && rep) {
777 if (rep->r_flags & R_SOFTTERM)
778 return (EINTR);
779 }
780 } while (error == EWOULDBLOCK);
781 if (!error && auio.uio_resid > 0) {
782 log(LOG_INFO,
783 "short receive (%d/%d) from nfs server %s\n",
784 sizeof(u_long) - auio.uio_resid,
785 sizeof(u_long),
786 rep->r_nmp->nm_mountp->mnt_stat.f_mntfromname);
787 error = EPIPE;
788 }
789 if (error)
790 goto errout;
791 len = ntohl(len) & ~0x80000000;
792 /*
793 * This is SERIOUS! We are out of sync with the sender
794 * and forcing a disconnect/reconnect is all I can do.
795 */
796 if (len > NFS_MAXPACKET) {
797 log(LOG_ERR, "%s (%d) from nfs server %s\n",
798 "impossible packet length",
799 len,
800 rep->r_nmp->nm_mountp->mnt_stat.f_mntfromname);
801 error = EFBIG;
802 goto errout;
803 }
804 auio.uio_resid = len;
805
806 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
807 do {
808 rcvflg = MSG_WAITALL;
809 error = soreceive(so, (struct sockaddr **)0,
810 &auio, mp, (struct mbuf **)0, &rcvflg);
811 if (!rep->r_nmp) /* if unmounted then bailout */ {
812 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
813 goto shutout;
814 }
815 } while (error == EWOULDBLOCK || error == EINTR ||
816 error == ERESTART);
817
818 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
819
820 if (!error && auio.uio_resid > 0) {
821 log(LOG_INFO,
822 "short receive (%d/%d) from nfs server %s\n",
823 len - auio.uio_resid, len,
824 rep->r_nmp->nm_mountp->mnt_stat.f_mntfromname);
825 error = EPIPE;
826 }
827 } else {
828 /*
829 * NB: Since uio_resid is big, MSG_WAITALL is ignored
830 * and soreceive() will return when it has either a
831 * control msg or a data msg.
832 * We have no use for control msg., but must grab them
833 * and then throw them away so we know what is going
834 * on.
835 */
836 auio.uio_resid = len = 100000000; /* Anything Big */
837 auio.uio_procp = p;
838
839 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
840 do {
841 rcvflg = 0;
842 error = soreceive(so, (struct sockaddr **)0,
843 &auio, mp, &control, &rcvflg);
844 if (!rep->r_nmp) /* if unmounted then bailout */ {
845 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
846 goto shutout;
847 }
848 if (control)
849 m_freem(control);
850 if (error == EWOULDBLOCK && rep) {
851 if (rep->r_flags & R_SOFTTERM) {
852 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
853 return (EINTR);
854 }
855 }
856 } while (error == EWOULDBLOCK ||
857 (!error && *mp == NULL && control));
858
859 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
860
861 if ((rcvflg & MSG_EOR) == 0)
862 printf("Egad!!\n");
863 if (!error && *mp == NULL)
864 error = EPIPE;
865 len -= auio.uio_resid;
866 }
867 errout:
868 if (error && error != EINTR && error != ERESTART) {
869 m_freem(*mp);
870 *mp = (struct mbuf *)0;
871 if (error != EPIPE)
872 log(LOG_INFO,
873 "receive error %d from nfs server %s\n",
874 error,
875 rep->r_nmp->nm_mountp->mnt_stat.f_mntfromname);
876 error = nfs_sndlock(&rep->r_nmp->nm_flag, rep);
877 if (!error)
878 error = nfs_reconnect(rep);
879 if (!error)
880 goto tryagain;
881 }
882 } else {
883 if ((so = rep->r_nmp->nm_so) == NULL)
884 return (EACCES);
885 if (so->so_state & SS_ISCONNECTED)
886 getnam = (struct sockaddr **)0;
887 else
888 getnam = &tmp_nam;;
889 auio.uio_resid = len = 1000000;
890 auio.uio_procp = p;
891
892 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
893 do {
894 rcvflg = 0;
895 error = soreceive(so, getnam, &auio, mp,
896 (struct mbuf **)0, &rcvflg);
897
898 if ((getnam) && (*getnam)) {
899 MGET(mhck, M_WAIT, MT_SONAME);
900 mhck->m_len = (*getnam)->sa_len;
901 sin = mtod(mhck, struct sockaddr_in *);
902 bcopy(*getnam, sin, sizeof(struct sockaddr_in));
903 mhck->m_hdr.mh_len = sizeof(struct sockaddr_in);
904 FREE(*getnam, M_SONAME);
905 *aname = mhck;
906 }
907 if (!rep->r_nmp) /* if unmounted then bailout */ {
908 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
909 goto shutout;
910 }
911
912 if (error == EWOULDBLOCK &&
913 (rep->r_flags & R_SOFTTERM)) {
914 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
915 return (EINTR);
916 }
917 } while (error == EWOULDBLOCK);
918
919 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
920 len -= auio.uio_resid;
921 }
922 shutout:
923 if (error) {
924 m_freem(*mp);
925 *mp = (struct mbuf *)0;
926 }
927 return (error);
928 }
929
930 /*
931 * Implement receipt of reply on a socket.
932 * We must search through the list of received datagrams matching them
933 * with outstanding requests using the xid, until ours is found.
934 */
935 /* ARGSUSED */
936 int
937 nfs_reply(myrep)
938 struct nfsreq *myrep;
939 {
940 register struct nfsreq *rep;
941 register struct nfsmount *nmp = myrep->r_nmp;
942 register long t1;
943 struct mbuf *mrep, *md;
944 struct mbuf *nam;
945 u_long rxid, *tl;
946 caddr_t dpos, cp2;
947 int error;
948
949 /*
950 * Loop around until we get our own reply
951 */
952 for (;;) {
953 /*
954 * Lock against other receivers so that I don't get stuck in
955 * sbwait() after someone else has received my reply for me.
956 * Also necessary for connection based protocols to avoid
957 * race conditions during a reconnect.
958 * If nfs_rcvlock() returns EALREADY, that means that
959 * the reply has already been recieved by another
960 * process and we can return immediately. In this
961 * case, the lock is not taken to avoid races with
962 * other processes.
963 */
964 error = nfs_rcvlock(myrep);
965 if (error == EALREADY)
966 return (0);
967 if (error)
968 return (error);
969
970 /*
971 * If we slept after putting bits otw, then reply may have
972 * arrived. In which case returning is required, or we
973 * would hang trying to nfs_receive an already received reply.
974 */
975 if (myrep->r_mrep != NULL) {
976 nfs_rcvunlock(&nmp->nm_flag);
977 FSDBG(530, myrep->r_xid, myrep, myrep->r_nmp, -1);
978 return (0);
979 }
980 /*
981 * Get the next Rpc reply off the socket. Assume myrep->r_nmp
982 * is still intact by checks done in nfs_rcvlock.
983 */
984 error = nfs_receive(myrep, &nam, &mrep);
985 /*
986 * Bailout asap if nfsmount struct gone (unmounted).
987 */
988 if (!myrep->r_nmp || !nmp->nm_so) {
989 FSDBG(530, myrep->r_xid, myrep, nmp, -2);
990 return (ECONNABORTED);
991 }
992 if (error) {
993 FSDBG(530, myrep->r_xid, myrep, nmp, error);
994 nfs_rcvunlock(&nmp->nm_flag);
995
996 /* Bailout asap if nfsmount struct gone (unmounted). */
997 if (!myrep->r_nmp || !nmp->nm_so)
998 return (ECONNABORTED);
999
1000 /*
1001 * Ignore routing errors on connectionless protocols??
1002 */
1003 if (NFSIGNORE_SOERROR(nmp->nm_soflags, error)) {
1004 nmp->nm_so->so_error = 0;
1005 if (myrep->r_flags & R_GETONEREP)
1006 return (0);
1007 continue;
1008 }
1009 return (error);
1010 }
1011 if (nam)
1012 m_freem(nam);
1013
1014 /*
1015 * We assume all is fine, but if we did not have an error
1016 * and mrep is 0, better not dereference it. nfs_receieve
1017 * calls soreceive which carefully sets error=0 when it got
1018 * errors on sbwait (tsleep). In most cases, I assume that's
1019 * so we could go back again. In tcp case, EPIPE is returned.
1020 * In udp, case nfs_receive gets back here with no error and no
1021 * mrep. Is the right fix to have soreceive check for process
1022 * aborted after sbwait and return something non-zero? Should
1023 * nfs_receive give an EPIPE? Too risky to play with those
1024 * two this late in game for a shutdown problem. Instead,
1025 * just check here and get out. (ekn)
1026 */
1027 if (!mrep) {
1028 FSDBG(530, myrep->r_xid, myrep, nmp, -3);
1029 return (ECONNABORTED); /* sounds good */
1030 }
1031
1032 /*
1033 * Get the xid and check that it is an rpc reply
1034 */
1035 md = mrep;
1036 dpos = mtod(md, caddr_t);
1037 nfsm_dissect(tl, u_long *, 2*NFSX_UNSIGNED);
1038 rxid = *tl++;
1039 if (*tl != rpc_reply) {
1040 #ifndef NFS_NOSERVER
1041 if (nmp->nm_flag & NFSMNT_NQNFS) {
1042 if (nqnfs_callback(nmp, mrep, md, dpos))
1043 nfsstats.rpcinvalid++;
1044 } else {
1045 nfsstats.rpcinvalid++;
1046 m_freem(mrep);
1047 }
1048 #else
1049 nfsstats.rpcinvalid++;
1050 m_freem(mrep);
1051 #endif
1052 nfsmout:
1053 if (nmp->nm_flag & NFSMNT_RCVLOCK)
1054 nfs_rcvunlock(&nmp->nm_flag);
1055 if (myrep->r_flags & R_GETONEREP)
1056 return (0); /* this path used by NQNFS */
1057 continue;
1058 }
1059
1060 /*
1061 * Loop through the request list to match up the reply
1062 * Iff no match, just drop the datagram
1063 */
1064 for (rep = nfs_reqq.tqh_first; rep != 0;
1065 rep = rep->r_chain.tqe_next) {
1066 if (rep->r_mrep == NULL && rxid == rep->r_xid) {
1067 /* Found it.. */
1068 rep->r_mrep = mrep;
1069 rep->r_md = md;
1070 rep->r_dpos = dpos;
1071 if (nfsrtton) {
1072 struct rttl *rt;
1073
1074 rt = &nfsrtt.rttl[nfsrtt.pos];
1075 rt->proc = rep->r_procnum;
1076 rt->rto = NFS_RTO(nmp, proct[rep->r_procnum]);
1077 rt->sent = nmp->nm_sent;
1078 rt->cwnd = nmp->nm_cwnd;
1079 if (proct[rep->r_procnum] == 0)
1080 panic("nfs_reply: proct[%d] is zero", rep->r_procnum);
1081 rt->srtt = nmp->nm_srtt[proct[rep->r_procnum] - 1];
1082 rt->sdrtt = nmp->nm_sdrtt[proct[rep->r_procnum] - 1];
1083 rt->fsid = nmp->nm_mountp->mnt_stat.f_fsid;
1084 rt->tstamp = time;
1085 if (rep->r_flags & R_TIMING)
1086 rt->rtt = rep->r_rtt;
1087 else
1088 rt->rtt = 1000000;
1089 nfsrtt.pos = (nfsrtt.pos + 1) % NFSRTTLOGSIZ;
1090 }
1091 /*
1092 * Update congestion window.
1093 * Do the additive increase of
1094 * one rpc/rtt.
1095 */
1096 FSDBG(530, rep->r_xid, rep, nmp->nm_sent,
1097 nmp->nm_cwnd);
1098 if (nmp->nm_cwnd <= nmp->nm_sent) {
1099 nmp->nm_cwnd +=
1100 (NFS_CWNDSCALE * NFS_CWNDSCALE +
1101 (nmp->nm_cwnd >> 1)) / nmp->nm_cwnd;
1102 if (nmp->nm_cwnd > NFS_MAXCWND)
1103 nmp->nm_cwnd = NFS_MAXCWND;
1104 }
1105 if (!(rep->r_flags & R_SENT))
1106 printf("nfs_reply: unsent xid=%x",
1107 rep->r_xid);
1108 rep->r_flags &= ~R_SENT;
1109 nmp->nm_sent -= NFS_CWNDSCALE;
1110 /*
1111 * Update rtt using a gain of 0.125 on the mean
1112 * and a gain of 0.25 on the deviation.
1113 */
1114 if (rep->r_flags & R_TIMING) {
1115 /*
1116 * Since the timer resolution of
1117 * NFS_HZ is so course, it can often
1118 * result in r_rtt == 0. Since
1119 * r_rtt == N means that the actual
1120 * rtt is between N+dt and N+2-dt ticks,
1121 * add 1.
1122 */
1123 if (proct[rep->r_procnum] == 0)
1124 panic("nfs_reply: proct[%d] is zero", rep->r_procnum);
1125 t1 = rep->r_rtt + 1;
1126 t1 -= (NFS_SRTT(rep) >> 3);
1127 NFS_SRTT(rep) += t1;
1128 if (t1 < 0)
1129 t1 = -t1;
1130 t1 -= (NFS_SDRTT(rep) >> 2);
1131 NFS_SDRTT(rep) += t1;
1132 }
1133 nmp->nm_timeouts = 0;
1134 break;
1135 }
1136 }
1137 nfs_rcvunlock(&nmp->nm_flag);
1138 /*
1139 * If not matched to a request, drop it.
1140 * If it's mine, get out.
1141 */
1142 if (rep == 0) {
1143 nfsstats.rpcunexpected++;
1144 m_freem(mrep);
1145 } else if (rep == myrep) {
1146 if (rep->r_mrep == NULL)
1147 panic("nfs_reply: nil r_mrep");
1148 return (0);
1149 }
1150 FSDBG(530, myrep->r_xid, myrep, rep,
1151 rep ? rep->r_xid : myrep->r_flags);
1152 if (myrep->r_flags & R_GETONEREP)
1153 return (0); /* this path used by NQNFS */
1154 }
1155 }
1156
1157 /*
1158 * nfs_request - goes something like this
1159 * - fill in request struct
1160 * - links it into list
1161 * - calls nfs_send() for first transmit
1162 * - calls nfs_receive() to get reply
1163 * - break down rpc header and return with nfs reply pointed to
1164 * by mrep or error
1165 * nb: always frees up mreq mbuf list
1166 */
1167 int
1168 nfs_request(vp, mrest, procnum, procp, cred, mrp, mdp, dposp, xidp)
1169 struct vnode *vp;
1170 struct mbuf *mrest;
1171 int procnum;
1172 struct proc *procp;
1173 struct ucred *cred;
1174 struct mbuf **mrp;
1175 struct mbuf **mdp;
1176 caddr_t *dposp;
1177 u_int64_t *xidp;
1178 {
1179 register struct mbuf *m, *mrep;
1180 register struct nfsreq *rep, *rp;
1181 register u_long *tl;
1182 register int i;
1183 struct nfsmount *nmp;
1184 struct mbuf *md, *mheadend;
1185 struct nfsnode *np;
1186 char nickv[RPCX_NICKVERF];
1187 time_t reqtime, waituntil;
1188 caddr_t dpos, cp2;
1189 int t1, nqlflag, cachable, s, error = 0, mrest_len, auth_len, auth_type;
1190 int trylater_delay = NQ_TRYLATERDEL, trylater_cnt = 0, failed_auth = 0;
1191 int verf_len, verf_type;
1192 u_long xid;
1193 u_quad_t frev;
1194 char *auth_str, *verf_str;
1195 NFSKERBKEY_T key; /* save session key */
1196
1197 if (xidp)
1198 *xidp = 0;
1199 nmp = VFSTONFS(vp->v_mount);
1200 MALLOC_ZONE(rep, struct nfsreq *,
1201 sizeof(struct nfsreq), M_NFSREQ, M_WAITOK);
1202 FSDBG_TOP(531, vp, procnum, nmp, rep);
1203
1204 /*
1205 * make sure if we blocked above, that the file system didn't get
1206 * unmounted leaving nmp bogus value to trip on later and crash.
1207 * Note nfs_unmount will set rep->r_nmp if unmounted volume, but we
1208 * aren't that far yet. SO this is best we can do. I wanted to check
1209 * for vp->v_mount = 0 also below, but that caused reboot crash.
1210 * Something must think it's okay for vp-v_mount=0 during booting.
1211 * Thus the best I can do here is see if we still have a vnode.
1212 */
1213
1214 if (vp->v_type == VBAD) {
1215 FSDBG_BOT(531, 1, vp, nmp, rep);
1216 _FREE_ZONE((caddr_t)rep, sizeof (struct nfsreq), M_NFSREQ);
1217 return (EINVAL);
1218 }
1219 rep->r_nmp = nmp;
1220 rep->r_vp = vp;
1221 rep->r_procp = procp;
1222 rep->r_procnum = procnum;
1223 i = 0;
1224 m = mrest;
1225 while (m) {
1226 i += m->m_len;
1227 m = m->m_next;
1228 }
1229 mrest_len = i;
1230
1231 /*
1232 * Get the RPC header with authorization.
1233 */
1234 kerbauth:
1235 verf_str = auth_str = (char *)0;
1236 if (nmp->nm_flag & NFSMNT_KERB) {
1237 verf_str = nickv;
1238 verf_len = sizeof (nickv);
1239 auth_type = RPCAUTH_KERB4;
1240 bzero((caddr_t)key, sizeof (key));
1241 if (failed_auth || nfs_getnickauth(nmp, cred, &auth_str,
1242 &auth_len, verf_str, verf_len)) {
1243 error = nfs_getauth(nmp, rep, cred, &auth_str,
1244 &auth_len, verf_str, &verf_len, key);
1245 if (error) {
1246 FSDBG_BOT(531, 2, vp, error, rep);
1247 _FREE_ZONE((caddr_t)rep,
1248 sizeof (struct nfsreq), M_NFSREQ);
1249 m_freem(mrest);
1250 return (error);
1251 }
1252 }
1253 } else {
1254 auth_type = RPCAUTH_UNIX;
1255 if (cred->cr_ngroups < 1)
1256 panic("nfsreq nogrps");
1257 auth_len = ((((cred->cr_ngroups - 1) > nmp->nm_numgrps) ?
1258 nmp->nm_numgrps : (cred->cr_ngroups - 1)) << 2) +
1259 5 * NFSX_UNSIGNED;
1260 }
1261 m = nfsm_rpchead(cred, nmp->nm_flag, procnum, auth_type, auth_len,
1262 auth_str, verf_len, verf_str, mrest, mrest_len, &mheadend, &xid);
1263 if (xidp)
1264 *xidp = ntohl(xid) + ((u_int64_t)nfs_xidwrap << 32);
1265 if (auth_str)
1266 _FREE(auth_str, M_TEMP);
1267
1268 /*
1269 * For stream protocols, insert a Sun RPC Record Mark.
1270 */
1271 if (nmp->nm_sotype == SOCK_STREAM) {
1272 M_PREPEND(m, NFSX_UNSIGNED, M_WAIT);
1273 *mtod(m, u_long *) = htonl(0x80000000 |
1274 (m->m_pkthdr.len - NFSX_UNSIGNED));
1275 }
1276 rep->r_mreq = m;
1277 rep->r_xid = xid;
1278 tryagain:
1279 if (nmp->nm_flag & NFSMNT_SOFT)
1280 rep->r_retry = nmp->nm_retry;
1281 else
1282 rep->r_retry = NFS_MAXREXMIT + 1; /* past clip limit */
1283 rep->r_rtt = rep->r_rexmit = 0;
1284 if (proct[procnum] > 0)
1285 rep->r_flags = R_TIMING;
1286 else
1287 rep->r_flags = 0;
1288 rep->r_mrep = NULL;
1289
1290 /*
1291 * Do the client side RPC.
1292 */
1293 nfsstats.rpcrequests++;
1294 /*
1295 * Chain request into list of outstanding requests. Be sure
1296 * to put it LAST so timer finds oldest requests first.
1297 */
1298 s = splsoftclock();
1299 TAILQ_INSERT_TAIL(&nfs_reqq, rep, r_chain);
1300
1301 /* Get send time for nqnfs */
1302 reqtime = time.tv_sec;
1303
1304 /*
1305 * If backing off another request or avoiding congestion, don't
1306 * send this one now but let timer do it. If not timing a request,
1307 * do it now.
1308 */
1309 if (nmp->nm_so && (nmp->nm_sotype != SOCK_DGRAM ||
1310 (nmp->nm_flag & NFSMNT_DUMBTIMR) ||
1311 nmp->nm_sent < nmp->nm_cwnd)) {
1312 splx(s);
1313 if (nmp->nm_soflags & PR_CONNREQUIRED)
1314 error = nfs_sndlock(&nmp->nm_flag, rep);
1315
1316 /*
1317 * Set the R_SENT before doing the send in case another thread
1318 * processes the reply before the nfs_send returns here
1319 */
1320 if (!error) {
1321 if ((rep->r_flags & R_MUSTRESEND) == 0) {
1322 FSDBG(531, rep->r_xid, rep, nmp->nm_sent,
1323 nmp->nm_cwnd);
1324 nmp->nm_sent += NFS_CWNDSCALE;
1325 rep->r_flags |= R_SENT;
1326 }
1327
1328 m = m_copym(m, 0, M_COPYALL, M_WAIT);
1329 error = nfs_send(nmp->nm_so, nmp->nm_nam, m, rep);
1330 if (nmp->nm_soflags & PR_CONNREQUIRED)
1331 nfs_sndunlock(&nmp->nm_flag);
1332 }
1333 if (error) {
1334 nmp->nm_sent -= NFS_CWNDSCALE;
1335 rep->r_flags &= ~R_SENT;
1336 }
1337 } else {
1338 splx(s);
1339 rep->r_rtt = -1;
1340 }
1341
1342 /*
1343 * Wait for the reply from our send or the timer's.
1344 */
1345 if (!error || error == EPIPE)
1346 error = nfs_reply(rep);
1347
1348 /*
1349 * RPC done, unlink the request.
1350 */
1351 s = splsoftclock();
1352 for (rp = nfs_reqq.tqh_first; rp;
1353 rp = rp->r_chain.tqe_next)
1354 if (rp == rep && rp->r_xid == xid)
1355 break;
1356 if (!rp)
1357 panic("nfs_request race, rep %x xid %x", rep, xid);
1358 TAILQ_REMOVE(&nfs_reqq, rep, r_chain);
1359 splx(s);
1360
1361 /*
1362 * Decrement the outstanding request count.
1363 */
1364 if (rep->r_flags & R_SENT) {
1365 FSDBG(531, rep->r_xid, rep, nmp->nm_sent, nmp->nm_cwnd);
1366 rep->r_flags &= ~R_SENT; /* paranoia */
1367 nmp->nm_sent -= NFS_CWNDSCALE;
1368 }
1369
1370 /*
1371 * If there was a successful reply and a tprintf msg.
1372 * tprintf a response.
1373 */
1374 if (!error && (rep->r_flags & R_TPRINTFMSG))
1375 nfs_msg(rep->r_procp, nmp->nm_mountp->mnt_stat.f_mntfromname,
1376 "is alive again");
1377 mrep = rep->r_mrep;
1378 md = rep->r_md;
1379 dpos = rep->r_dpos;
1380 if (error) {
1381 m_freem(rep->r_mreq);
1382 FSDBG_BOT(531, error, rep->r_xid, nmp, rep);
1383 _FREE_ZONE((caddr_t)rep, sizeof (struct nfsreq), M_NFSREQ);
1384 return (error);
1385 }
1386
1387 /*
1388 * break down the rpc header and check if ok
1389 */
1390 nfsm_dissect(tl, u_long *, 3 * NFSX_UNSIGNED);
1391 if (*tl++ == rpc_msgdenied) {
1392 if (*tl == rpc_mismatch)
1393 error = EOPNOTSUPP;
1394 else if ((nmp->nm_flag & NFSMNT_KERB) && *tl++ == rpc_autherr) {
1395 if (!failed_auth) {
1396 failed_auth++;
1397 mheadend->m_next = (struct mbuf *)0;
1398 m_freem(mrep);
1399 m_freem(rep->r_mreq);
1400 goto kerbauth;
1401 } else
1402 error = EAUTH;
1403 } else
1404 error = EACCES;
1405 m_freem(mrep);
1406 m_freem(rep->r_mreq);
1407 FSDBG_BOT(531, error, rep->r_xid, nmp, rep);
1408 _FREE_ZONE((caddr_t)rep, sizeof (struct nfsreq), M_NFSREQ);
1409 return (error);
1410 }
1411
1412 /*
1413 * Grab any Kerberos verifier, otherwise just throw it away.
1414 */
1415 verf_type = fxdr_unsigned(int, *tl++);
1416 i = fxdr_unsigned(int, *tl);
1417 if ((nmp->nm_flag & NFSMNT_KERB) && verf_type == RPCAUTH_KERB4) {
1418 error = nfs_savenickauth(nmp, cred, i, key, &md, &dpos, mrep);
1419 if (error)
1420 goto nfsmout;
1421 } else if (i > 0)
1422 nfsm_adv(nfsm_rndup(i));
1423 nfsm_dissect(tl, u_long *, NFSX_UNSIGNED);
1424 /* 0 == ok */
1425 if (*tl == 0) {
1426 nfsm_dissect(tl, u_long *, NFSX_UNSIGNED);
1427 if (*tl != 0) {
1428 error = fxdr_unsigned(int, *tl);
1429 if ((nmp->nm_flag & NFSMNT_NFSV3) &&
1430 error == NFSERR_TRYLATER) {
1431 m_freem(mrep);
1432 error = 0;
1433 waituntil = time.tv_sec + trylater_delay;
1434 NFS_DPF(DUP,
1435 ("nfs_request %s flag=%x trylater_cnt=%x waituntil=%lx trylater_delay=%x\n",
1436 nmp->nm_mountp->mnt_stat.f_mntfromname,
1437 nmp->nm_flag, trylater_cnt, waituntil,
1438 trylater_delay));
1439 while (time.tv_sec < waituntil)
1440 (void)tsleep((caddr_t)&lbolt,
1441 PSOCK, "nqnfstry", 0);
1442 trylater_delay *= nfs_backoff[trylater_cnt];
1443 if (trylater_cnt < 7)
1444 trylater_cnt++;
1445 goto tryagain;
1446 }
1447
1448 /*
1449 * If the File Handle was stale, invalidate the
1450 * lookup cache, just in case.
1451 */
1452 if (error == ESTALE)
1453 cache_purge(vp);
1454 if (nmp->nm_flag & NFSMNT_NFSV3) {
1455 *mrp = mrep;
1456 *mdp = md;
1457 *dposp = dpos;
1458 error |= NFSERR_RETERR;
1459 } else
1460 m_freem(mrep);
1461 m_freem(rep->r_mreq);
1462 FSDBG_BOT(531, error, rep->r_xid, nmp, rep);
1463 _FREE_ZONE((caddr_t)rep,
1464 sizeof (struct nfsreq), M_NFSREQ);
1465 return (error);
1466 }
1467
1468 /*
1469 * For nqnfs, get any lease in reply
1470 */
1471 if (nmp->nm_flag & NFSMNT_NQNFS) {
1472 nfsm_dissect(tl, u_long *, NFSX_UNSIGNED);
1473 if (*tl) {
1474 np = VTONFS(vp);
1475 nqlflag = fxdr_unsigned(int, *tl);
1476 nfsm_dissect(tl, u_long *, 4*NFSX_UNSIGNED);
1477 cachable = fxdr_unsigned(int, *tl++);
1478 reqtime += fxdr_unsigned(int, *tl++);
1479 if (reqtime > time.tv_sec) {
1480 fxdr_hyper(tl, &frev);
1481 nqnfs_clientlease(nmp, np, nqlflag,
1482 cachable, reqtime, frev);
1483 }
1484 }
1485 }
1486 *mrp = mrep;
1487 *mdp = md;
1488 *dposp = dpos;
1489 m_freem(rep->r_mreq);
1490 FSDBG_BOT(531, 0xf0f0f0f0, rep->r_xid, nmp, rep);
1491 FREE_ZONE((caddr_t)rep, sizeof (struct nfsreq), M_NFSREQ);
1492 return (0);
1493 }
1494 m_freem(mrep);
1495 error = EPROTONOSUPPORT;
1496 nfsmout:
1497 m_freem(rep->r_mreq);
1498 FSDBG_BOT(531, error, rep->r_xid, nmp, rep);
1499 _FREE_ZONE((caddr_t)rep, sizeof (struct nfsreq), M_NFSREQ);
1500 return (error);
1501 }
1502
1503 #ifndef NFS_NOSERVER
1504 /*
1505 * Generate the rpc reply header
1506 * siz arg. is used to decide if adding a cluster is worthwhile
1507 */
1508 int
1509 nfs_rephead(siz, nd, slp, err, cache, frev, mrq, mbp, bposp)
1510 int siz;
1511 struct nfsrv_descript *nd;
1512 struct nfssvc_sock *slp;
1513 int err;
1514 int cache;
1515 u_quad_t *frev;
1516 struct mbuf **mrq;
1517 struct mbuf **mbp;
1518 caddr_t *bposp;
1519 {
1520 register u_long *tl;
1521 register struct mbuf *mreq;
1522 caddr_t bpos;
1523 struct mbuf *mb, *mb2;
1524
1525 MGETHDR(mreq, M_WAIT, MT_DATA);
1526 mb = mreq;
1527 /*
1528 * If this is a big reply, use a cluster else
1529 * try and leave leading space for the lower level headers.
1530 */
1531 siz += RPC_REPLYSIZ;
1532 if (siz >= MINCLSIZE) {
1533 MCLGET(mreq, M_WAIT);
1534 } else
1535 mreq->m_data += max_hdr;
1536 tl = mtod(mreq, u_long *);
1537 mreq->m_len = 6 * NFSX_UNSIGNED;
1538 bpos = ((caddr_t)tl) + mreq->m_len;
1539 *tl++ = txdr_unsigned(nd->nd_retxid);
1540 *tl++ = rpc_reply;
1541 if (err == ERPCMISMATCH || (err & NFSERR_AUTHERR)) {
1542 *tl++ = rpc_msgdenied;
1543 if (err & NFSERR_AUTHERR) {
1544 *tl++ = rpc_autherr;
1545 *tl = txdr_unsigned(err & ~NFSERR_AUTHERR);
1546 mreq->m_len -= NFSX_UNSIGNED;
1547 bpos -= NFSX_UNSIGNED;
1548 } else {
1549 *tl++ = rpc_mismatch;
1550 *tl++ = txdr_unsigned(RPC_VER2);
1551 *tl = txdr_unsigned(RPC_VER2);
1552 }
1553 } else {
1554 *tl++ = rpc_msgaccepted;
1555
1556 /*
1557 * For Kerberos authentication, we must send the nickname
1558 * verifier back, otherwise just RPCAUTH_NULL.
1559 */
1560 if (nd->nd_flag & ND_KERBFULL) {
1561 register struct nfsuid *nuidp;
1562 struct timeval ktvin, ktvout;
1563
1564 for (nuidp = NUIDHASH(slp, nd->nd_cr.cr_uid)->lh_first;
1565 nuidp != 0; nuidp = nuidp->nu_hash.le_next) {
1566 if (nuidp->nu_cr.cr_uid == nd->nd_cr.cr_uid &&
1567 (!nd->nd_nam2 || netaddr_match(NU_NETFAM(nuidp),
1568 &nuidp->nu_haddr, nd->nd_nam2)))
1569 break;
1570 }
1571 if (nuidp) {
1572 ktvin.tv_sec =
1573 txdr_unsigned(nuidp->nu_timestamp.tv_sec - 1);
1574 ktvin.tv_usec =
1575 txdr_unsigned(nuidp->nu_timestamp.tv_usec);
1576
1577 /*
1578 * Encrypt the timestamp in ecb mode using the
1579 * session key.
1580 */
1581 #if NFSKERB
1582 XXX
1583 #endif
1584
1585 *tl++ = rpc_auth_kerb;
1586 *tl++ = txdr_unsigned(3 * NFSX_UNSIGNED);
1587 *tl = ktvout.tv_sec;
1588 nfsm_build(tl, u_long *, 3 * NFSX_UNSIGNED);
1589 *tl++ = ktvout.tv_usec;
1590 *tl++ = txdr_unsigned(nuidp->nu_cr.cr_uid);
1591 } else {
1592 *tl++ = 0;
1593 *tl++ = 0;
1594 }
1595 } else {
1596 *tl++ = 0;
1597 *tl++ = 0;
1598 }
1599 switch (err) {
1600 case EPROGUNAVAIL:
1601 *tl = txdr_unsigned(RPC_PROGUNAVAIL);
1602 break;
1603 case EPROGMISMATCH:
1604 *tl = txdr_unsigned(RPC_PROGMISMATCH);
1605 nfsm_build(tl, u_long *, 2 * NFSX_UNSIGNED);
1606 if (nd->nd_flag & ND_NQNFS) {
1607 *tl++ = txdr_unsigned(3);
1608 *tl = txdr_unsigned(3);
1609 } else {
1610 *tl++ = txdr_unsigned(2);
1611 *tl = txdr_unsigned(3);
1612 }
1613 break;
1614 case EPROCUNAVAIL:
1615 *tl = txdr_unsigned(RPC_PROCUNAVAIL);
1616 break;
1617 case EBADRPC:
1618 *tl = txdr_unsigned(RPC_GARBAGE);
1619 break;
1620 default:
1621 *tl = 0;
1622 if (err != NFSERR_RETVOID) {
1623 nfsm_build(tl, u_long *, NFSX_UNSIGNED);
1624 if (err)
1625 *tl = txdr_unsigned(nfsrv_errmap(nd, err));
1626 else
1627 *tl = 0;
1628 }
1629 break;
1630 };
1631 }
1632
1633 /*
1634 * For nqnfs, piggyback lease as requested.
1635 */
1636 if ((nd->nd_flag & ND_NQNFS) && err == 0) {
1637 if (nd->nd_flag & ND_LEASE) {
1638 nfsm_build(tl, u_long *, 5 * NFSX_UNSIGNED);
1639 *tl++ = txdr_unsigned(nd->nd_flag & ND_LEASE);
1640 *tl++ = txdr_unsigned(cache);
1641 *tl++ = txdr_unsigned(nd->nd_duration);
1642 txdr_hyper(frev, tl);
1643 } else {
1644 nfsm_build(tl, u_long *, NFSX_UNSIGNED);
1645 *tl = 0;
1646 }
1647 }
1648 if (mrq != NULL)
1649 *mrq = mreq;
1650 *mbp = mb;
1651 *bposp = bpos;
1652 if (err != 0 && err != NFSERR_RETVOID)
1653 nfsstats.srvrpc_errs++;
1654 return (0);
1655 }
1656
1657
1658 #endif /* NFS_NOSERVER */
1659
1660
1661 /*
1662 * From FreeBSD 1.58, a Matt Dillon fix...
1663 * Flag a request as being about to terminate.
1664 * The nm_sent count is decremented now to avoid deadlocks when the process
1665 * in soreceive() hasn't yet managed to send its own request.
1666 */
1667 static void
1668 nfs_softterm(struct nfsreq *rep)
1669 {
1670 rep->r_flags |= R_SOFTTERM;
1671 if (rep->r_flags & R_SENT) {
1672 FSDBG(532, rep->r_xid, rep, rep->r_nmp->nm_sent,
1673 rep->r_nmp->nm_cwnd);
1674 rep->r_nmp->nm_sent -= NFS_CWNDSCALE;
1675 rep->r_flags &= ~R_SENT;
1676 }
1677 }
1678
1679 void
1680 nfs_timer_funnel(arg)
1681 void * arg;
1682 {
1683 (void) thread_funnel_set(kernel_flock, TRUE);
1684 nfs_timer(arg);
1685 (void) thread_funnel_set(kernel_flock, FALSE);
1686
1687 }
1688
1689 /*
1690 * Nfs timer routine
1691 * Scan the nfsreq list and retranmit any requests that have timed out
1692 * To avoid retransmission attempts on STREAM sockets (in the future) make
1693 * sure to set the r_retry field to 0 (implies nm_retry == 0).
1694 */
1695 void
1696 nfs_timer(arg)
1697 void *arg; /* never used */
1698 {
1699 register struct nfsreq *rep, *rp;
1700 register struct mbuf *m;
1701 register struct socket *so;
1702 register struct nfsmount *nmp;
1703 register int timeo;
1704 int s, error;
1705 #ifndef NFS_NOSERVER
1706 static long lasttime = 0;
1707 register struct nfssvc_sock *slp;
1708 u_quad_t cur_usec;
1709 #endif /* NFS_NOSERVER */
1710 #if NFSDIAG
1711 int rttdiag;
1712 #endif
1713 int flags, rexmit, cwnd, sent;
1714 u_long xid;
1715
1716 s = splnet();
1717 /*
1718 * XXX If preemptable threads are implemented the spls used for the
1719 * outstanding request queue must be replaced with mutexes.
1720 */
1721 rescan:
1722 #ifdef NFSTRACESUSPENDERS
1723 if (NFSTRACE_SUSPENDING) {
1724 for (rep = nfs_reqq.tqh_first; rep != 0;
1725 rep = rep->r_chain.tqe_next)
1726 if (rep->r_xid == nfstracexid)
1727 break;
1728 if (!rep) {
1729 NFSTRACE_RESUME;
1730 } else if (NFSTRACE_SUSPENSEOVER) {
1731 NFSTRACE_SUSPEND;
1732 }
1733 }
1734 #endif
1735 for (rep = nfs_reqq.tqh_first; rep != 0; rep = rep->r_chain.tqe_next) {
1736 #ifdef NFSTRACESUSPENDERS
1737 if (rep->r_mrep && !NFSTRACE_SUSPENDING) {
1738 nfstracexid = rep->r_xid;
1739 NFSTRACE_STARTSUSPENDCOUNTDOWN;
1740 }
1741 #endif
1742 nmp = rep->r_nmp;
1743 if (!nmp) /* unmounted */
1744 continue;
1745 if (rep->r_mrep || (rep->r_flags & R_SOFTTERM))
1746 continue;
1747 if (nfs_sigintr(nmp, rep, rep->r_procp)) {
1748 nfs_softterm(rep);
1749 continue;
1750 }
1751 if (rep->r_rtt >= 0) {
1752 rep->r_rtt++;
1753 if (nmp->nm_flag & NFSMNT_DUMBTIMR)
1754 timeo = nmp->nm_timeo;
1755 else
1756 timeo = NFS_RTO(nmp, proct[rep->r_procnum]);
1757 /* ensure 62.5 ms floor */
1758 while (16 * timeo < hz)
1759 timeo *= 2;
1760 if (nmp->nm_timeouts > 0)
1761 timeo *= nfs_backoff[nmp->nm_timeouts - 1];
1762 if (rep->r_rtt <= timeo)
1763 continue;
1764 if (nmp->nm_timeouts < 8)
1765 nmp->nm_timeouts++;
1766 }
1767 /*
1768 * Check for server not responding
1769 */
1770 if ((rep->r_flags & R_TPRINTFMSG) == 0 &&
1771 rep->r_rexmit > nmp->nm_deadthresh) {
1772 nfs_msg(rep->r_procp,
1773 nmp->nm_mountp->mnt_stat.f_mntfromname,
1774 "not responding");
1775 rep->r_flags |= R_TPRINTFMSG;
1776 }
1777 if (rep->r_rexmit >= rep->r_retry) { /* too many */
1778 nfsstats.rpctimeouts++;
1779 nfs_softterm(rep);
1780 continue;
1781 }
1782 if (nmp->nm_sotype != SOCK_DGRAM) {
1783 if (++rep->r_rexmit > NFS_MAXREXMIT)
1784 rep->r_rexmit = NFS_MAXREXMIT;
1785 continue;
1786 }
1787 if ((so = nmp->nm_so) == NULL)
1788 continue;
1789
1790 /*
1791 * If there is enough space and the window allows..
1792 * Resend it
1793 * Set r_rtt to -1 in case we fail to send it now.
1794 */
1795 #if NFSDIAG
1796 rttdiag = rep->r_rtt;
1797 #endif
1798 rep->r_rtt = -1;
1799 if (sbspace(&so->so_snd) >= rep->r_mreq->m_pkthdr.len &&
1800 ((nmp->nm_flag & NFSMNT_DUMBTIMR) ||
1801 (rep->r_flags & R_SENT) ||
1802 nmp->nm_sent < nmp->nm_cwnd) &&
1803 (m = m_copym(rep->r_mreq, 0, M_COPYALL, M_DONTWAIT))){
1804
1805 struct proc *p = current_proc();
1806
1807 #if NFSDIAG
1808 if (rep->r_flags & R_SENT && nfsprnttimo &&
1809 nmp->nm_timeouts >= nfsprnttimo) {
1810 int t = proct[rep->r_procnum];
1811 if (t)
1812 NFS_DPF(DUP, ("nfs_timer %s nmtm=%d tms=%d rtt=%d tm=%d p=%d A=%d D=%d\n", nmp->nm_mountp->mnt_stat.f_mntfromname, nmp->nm_timeo, nmp->nm_timeouts, rttdiag, timeo, rep->r_procnum, nmp->nm_srtt[t-1], nmp->nm_sdrtt[t-1]));
1813 else
1814 NFS_DPF(DUP, ("nfs_timer %s nmtm=%d tms=%d rtt=%d tm=%d p=%d\n", nmp->nm_mountp->mnt_stat.f_mntfromname, nmp->nm_timeo, nmp->nm_timeouts, rttdiag, timeo, rep->r_procnum));
1815 }
1816 nfsdup(rep);
1817 #endif /* NFSDIAG */
1818 /*
1819 * Iff first send, start timing
1820 * else turn timing off, backoff timer
1821 * and divide congestion window by 2.
1822 * We update these *before* the send to avoid
1823 * racing against receiving the reply.
1824 * We save them so we can restore them on send error.
1825 */
1826 flags = rep->r_flags;
1827 rexmit = rep->r_rexmit;
1828 cwnd = nmp->nm_cwnd;
1829 sent = nmp->nm_sent;
1830 xid = rep->r_xid;
1831 if (rep->r_flags & R_SENT) {
1832 rep->r_flags &= ~R_TIMING;
1833 if (++rep->r_rexmit > NFS_MAXREXMIT)
1834 rep->r_rexmit = NFS_MAXREXMIT;
1835 nmp->nm_cwnd >>= 1;
1836 if (nmp->nm_cwnd < NFS_CWNDSCALE)
1837 nmp->nm_cwnd = NFS_CWNDSCALE;
1838 nfsstats.rpcretries++;
1839 } else {
1840 rep->r_flags |= R_SENT;
1841 nmp->nm_sent += NFS_CWNDSCALE;
1842 }
1843 FSDBG(535, xid, rep, nmp->nm_sent, nmp->nm_cwnd);
1844
1845 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
1846
1847 if ((nmp->nm_flag & NFSMNT_NOCONN) == 0)
1848 error = (*so->so_proto->pr_usrreqs->pru_send)
1849 (so, 0, m, 0, 0, p);
1850 else
1851 error = (*so->so_proto->pr_usrreqs->pru_send)
1852 (so, 0, m, mtod(nmp->nm_nam, struct sockaddr *), 0, p);
1853
1854 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
1855
1856 FSDBG(535, xid, error, sent, cwnd);
1857 /*
1858 * This is to fix "nfs_sigintr" DSI panics.
1859 * We may have slept during the send so the current
1860 * place in the request queue may have been released.
1861 * Due to zone_gc it may even be part of an
1862 * unrelated newly allocated data structure.
1863 * Restart the list scan from the top if needed...
1864 */
1865 for (rp = nfs_reqq.tqh_first; rp;
1866 rp = rp->r_chain.tqe_next)
1867 if (rp == rep && rp->r_xid == xid)
1868 break;
1869 if (!rp) {
1870 if (!error)
1871 goto rescan;
1872 panic("nfs_timer: race error %d xid 0x%x\n",
1873 error, xid);
1874 }
1875
1876 if (error) {
1877 if (NFSIGNORE_SOERROR(nmp->nm_soflags, error))
1878 so->so_error = 0;
1879 rep->r_flags = flags;
1880 rep->r_rexmit = rexmit;
1881 nmp->nm_cwnd = cwnd;
1882 nmp->nm_sent = sent;
1883 if (flags & R_SENT)
1884 nfsstats.rpcretries--;
1885 } else
1886 rep->r_rtt = 0;
1887 }
1888 }
1889 #ifndef NFS_NOSERVER
1890 /*
1891 * Call the nqnfs server timer once a second to handle leases.
1892 */
1893 if (lasttime != time.tv_sec) {
1894 lasttime = time.tv_sec;
1895 nqnfs_serverd();
1896 }
1897
1898 /*
1899 * Scan the write gathering queues for writes that need to be
1900 * completed now.
1901 */
1902 cur_usec = (u_quad_t)time.tv_sec * 1000000 + (u_quad_t)time.tv_usec;
1903 for (slp = nfssvc_sockhead.tqh_first; slp != 0;
1904 slp = slp->ns_chain.tqe_next) {
1905 if (slp->ns_tq.lh_first && slp->ns_tq.lh_first->nd_time<=cur_usec)
1906 nfsrv_wakenfsd(slp);
1907 }
1908 #endif /* NFS_NOSERVER */
1909 splx(s);
1910 timeout(nfs_timer_funnel, (void *)0, nfs_ticks);
1911
1912 }
1913
1914
1915 /*
1916 * Test for a termination condition pending on the process.
1917 * This is used for NFSMNT_INT mounts.
1918 */
1919 int
1920 nfs_sigintr(nmp, rep, p)
1921 struct nfsmount *nmp;
1922 struct nfsreq *rep;
1923 register struct proc *p;
1924 {
1925
1926 struct uthread *ut;
1927
1928 ut = (struct uthread *)get_bsdthread_info(current_act());
1929
1930 if (rep && (rep->r_flags & R_SOFTTERM))
1931 return (EINTR);
1932 if (!(nmp->nm_flag & NFSMNT_INT))
1933 return (0);
1934 if (p && ut && ut->uu_siglist &&
1935 (((ut->uu_siglist & ~ut->uu_sigmask) & ~p->p_sigignore) &
1936 NFSINT_SIGMASK))
1937 return (EINTR);
1938 return (0);
1939 }
1940
1941 /*
1942 * Lock a socket against others.
1943 * Necessary for STREAM sockets to ensure you get an entire rpc request/reply
1944 * and also to avoid race conditions between the processes with nfs requests
1945 * in progress when a reconnect is necessary.
1946 */
1947 int
1948 nfs_sndlock(flagp, rep)
1949 register int *flagp;
1950 struct nfsreq *rep;
1951 {
1952 struct proc *p;
1953 int slpflag = 0, slptimeo = 0;
1954
1955 if (rep) {
1956 p = rep->r_procp;
1957 if (rep->r_nmp->nm_flag & NFSMNT_INT)
1958 slpflag = PCATCH;
1959 } else
1960 p = (struct proc *)0;
1961 while (*flagp & NFSMNT_SNDLOCK) {
1962 if (nfs_sigintr(rep->r_nmp, rep, p))
1963 return (EINTR);
1964 *flagp |= NFSMNT_WANTSND;
1965 (void) tsleep((caddr_t)flagp, slpflag | (PZERO - 1), "nfsndlck",
1966 slptimeo);
1967 if (slpflag == PCATCH) {
1968 slpflag = 0;
1969 slptimeo = 2 * hz;
1970 }
1971 /*
1972 * Make sure while we slept that the mountpoint didn't go away.
1973 * nfs_sigintr and callers expect it in tact.
1974 */
1975 if (!rep->r_nmp)
1976 return (ECONNABORTED); /* don't have lock until out of loop */
1977 }
1978 *flagp |= NFSMNT_SNDLOCK;
1979 return (0);
1980 }
1981
1982 /*
1983 * Unlock the stream socket for others.
1984 */
1985 void
1986 nfs_sndunlock(flagp)
1987 register int *flagp;
1988 {
1989
1990 if ((*flagp & NFSMNT_SNDLOCK) == 0)
1991 panic("nfs sndunlock");
1992 *flagp &= ~NFSMNT_SNDLOCK;
1993 if (*flagp & NFSMNT_WANTSND) {
1994 *flagp &= ~NFSMNT_WANTSND;
1995 wakeup((caddr_t)flagp);
1996 }
1997 }
1998
1999 static int
2000 nfs_rcvlock(rep)
2001 register struct nfsreq *rep;
2002 {
2003 register int *flagp;
2004 int slpflag, slptimeo = 0;
2005
2006 /* make sure we still have our mountpoint */
2007 if (!rep->r_nmp) {
2008 if (rep->r_mrep != NULL)
2009 return (EALREADY);
2010 return (ECONNABORTED);
2011 }
2012
2013 flagp = &rep->r_nmp->nm_flag;
2014 FSDBG_TOP(534, rep->r_xid, rep, rep->r_nmp, *flagp);
2015 if (*flagp & NFSMNT_INT)
2016 slpflag = PCATCH;
2017 else
2018 slpflag = 0;
2019 while (*flagp & NFSMNT_RCVLOCK) {
2020 if (nfs_sigintr(rep->r_nmp, rep, rep->r_procp)) {
2021 FSDBG_BOT(534, rep->r_xid, rep, rep->r_nmp, 0x100);
2022 return (EINTR);
2023 } else if (rep->r_mrep != NULL) {
2024 /*
2025 * Don't bother sleeping if reply already arrived
2026 */
2027 FSDBG_BOT(534, rep->r_xid, rep, rep->r_nmp, 0x101);
2028 return (EALREADY);
2029 }
2030 FSDBG(534, rep->r_xid, rep, rep->r_nmp, 0x102);
2031 *flagp |= NFSMNT_WANTRCV;
2032 (void) tsleep((caddr_t)flagp, slpflag | (PZERO - 1), "nfsrcvlk",
2033 slptimeo);
2034 if (slpflag == PCATCH) {
2035 slpflag = 0;
2036 slptimeo = 2 * hz;
2037 }
2038 /*
2039 * Make sure while we slept that the mountpoint didn't go away.
2040 * nfs_sigintr and caller nfs_reply expect it intact.
2041 */
2042 if (!rep->r_nmp) {
2043 FSDBG_BOT(534, rep->r_xid, rep, rep->r_nmp, 0x103);
2044 return (ECONNABORTED); /* don't have lock until out of loop */
2045 }
2046 }
2047 /*
2048 * nfs_reply will handle it if reply already arrived.
2049 * (We may have slept or been preempted while on network funnel).
2050 */
2051 FSDBG_BOT(534, rep->r_xid, rep, rep->r_nmp, *flagp);
2052 *flagp |= NFSMNT_RCVLOCK;
2053 return (0);
2054 }
2055
2056 /*
2057 * Unlock the stream socket for others.
2058 */
2059 static void
2060 nfs_rcvunlock(flagp)
2061 register int *flagp;
2062 {
2063
2064 FSDBG(533, flagp, *flagp, 0, 0);
2065 if ((*flagp & NFSMNT_RCVLOCK) == 0)
2066 panic("nfs rcvunlock");
2067 *flagp &= ~NFSMNT_RCVLOCK;
2068 if (*flagp & NFSMNT_WANTRCV) {
2069 *flagp &= ~NFSMNT_WANTRCV;
2070 wakeup((caddr_t)flagp);
2071 }
2072 }
2073
2074
2075 #ifndef NFS_NOSERVER
2076 /*
2077 * Socket upcall routine for the nfsd sockets.
2078 * The caddr_t arg is a pointer to the "struct nfssvc_sock".
2079 * Essentially do as much as possible non-blocking, else punt and it will
2080 * be called with M_WAIT from an nfsd.
2081 */
2082 /*
2083 * Needs to eun under network funnel
2084 */
2085 void
2086 nfsrv_rcv(so, arg, waitflag)
2087 struct socket *so;
2088 caddr_t arg;
2089 int waitflag;
2090 {
2091 register struct nfssvc_sock *slp = (struct nfssvc_sock *)arg;
2092 register struct mbuf *m;
2093 struct mbuf *mp, *mhck;
2094 struct sockaddr *nam=0;
2095 struct uio auio;
2096 int flags, error;
2097 struct sockaddr_in *sin;
2098
2099 if ((slp->ns_flag & SLP_VALID) == 0)
2100 return;
2101 #ifdef notdef
2102 /*
2103 * Define this to test for nfsds handling this under heavy load.
2104 */
2105 if (waitflag == M_DONTWAIT) {
2106 slp->ns_flag |= SLP_NEEDQ; goto dorecs;
2107 }
2108 #endif
2109 auio.uio_procp = NULL;
2110 if (so->so_type == SOCK_STREAM) {
2111 /*
2112 * If there are already records on the queue, defer soreceive()
2113 * to an nfsd so that there is feedback to the TCP layer that
2114 * the nfs servers are heavily loaded.
2115 */
2116 if (slp->ns_rec && waitflag == M_DONTWAIT) {
2117 slp->ns_flag |= SLP_NEEDQ;
2118 goto dorecs;
2119 }
2120
2121 /*
2122 * Do soreceive().
2123 */
2124 auio.uio_resid = 1000000000;
2125 flags = MSG_DONTWAIT;
2126 error = soreceive(so, (struct sockaddr **) 0, &auio, &mp, (struct mbuf **)0, &flags);
2127 if (error || mp == (struct mbuf *)0) {
2128 if (error == EWOULDBLOCK)
2129 slp->ns_flag |= SLP_NEEDQ;
2130 else
2131 slp->ns_flag |= SLP_DISCONN;
2132 goto dorecs;
2133 }
2134 m = mp;
2135 if (slp->ns_rawend) {
2136 slp->ns_rawend->m_next = m;
2137 slp->ns_cc += 1000000000 - auio.uio_resid;
2138 } else {
2139 slp->ns_raw = m;
2140 slp->ns_cc = 1000000000 - auio.uio_resid;
2141 }
2142 while (m->m_next)
2143 m = m->m_next;
2144 slp->ns_rawend = m;
2145
2146 /*
2147 * Now try and parse record(s) out of the raw stream data.
2148 */
2149 error = nfsrv_getstream(slp, waitflag);
2150 if (error) {
2151 if (error == EPERM)
2152 slp->ns_flag |= SLP_DISCONN;
2153 else
2154 slp->ns_flag |= SLP_NEEDQ;
2155 }
2156 } else {
2157 do {
2158 auio.uio_resid = 1000000000;
2159 flags = MSG_DONTWAIT;
2160 nam = 0;
2161 error = soreceive(so, &nam, &auio, &mp,
2162 (struct mbuf **)0, &flags);
2163
2164 if (mp) {
2165 if (nam) {
2166 MGET(mhck, M_WAIT, MT_SONAME);
2167 mhck->m_len = nam->sa_len;
2168 sin = mtod(mhck, struct sockaddr_in *);
2169 bcopy(nam, sin, sizeof(struct sockaddr_in));
2170 mhck->m_hdr.mh_len = sizeof(struct sockaddr_in);
2171 FREE(nam, M_SONAME);
2172
2173 m = mhck;
2174 m->m_next = mp;
2175 } else
2176 m = mp;
2177 if (slp->ns_recend)
2178 slp->ns_recend->m_nextpkt = m;
2179 else
2180 slp->ns_rec = m;
2181 slp->ns_recend = m;
2182 m->m_nextpkt = (struct mbuf *)0;
2183 }
2184 if (error) {
2185 if ((so->so_proto->pr_flags & PR_CONNREQUIRED)
2186 && error != EWOULDBLOCK) {
2187 slp->ns_flag |= SLP_DISCONN;
2188 goto dorecs;
2189 }
2190 }
2191 } while (mp);
2192 }
2193
2194 /*
2195 * Now try and process the request records, non-blocking.
2196 */
2197 dorecs:
2198 if (waitflag == M_DONTWAIT &&
2199 (slp->ns_rec || (slp->ns_flag & (SLP_NEEDQ | SLP_DISCONN)))) {
2200 thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
2201 nfsrv_wakenfsd(slp);
2202 thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
2203 }
2204 }
2205
2206 /*
2207 * Try and extract an RPC request from the mbuf data list received on a
2208 * stream socket. The "waitflag" argument indicates whether or not it
2209 * can sleep.
2210 */
2211 static int
2212 nfsrv_getstream(slp, waitflag)
2213 register struct nfssvc_sock *slp;
2214 int waitflag;
2215 {
2216 register struct mbuf *m, **mpp;
2217 register char *cp1, *cp2;
2218 register int len;
2219 struct mbuf *om, *m2, *recm;
2220 u_long recmark;
2221
2222 if (slp->ns_flag & SLP_GETSTREAM)
2223 panic("nfs getstream");
2224 slp->ns_flag |= SLP_GETSTREAM;
2225 for (;;) {
2226 if (slp->ns_reclen == 0) {
2227 if (slp->ns_cc < NFSX_UNSIGNED) {
2228 slp->ns_flag &= ~SLP_GETSTREAM;
2229 return (0);
2230 }
2231 m = slp->ns_raw;
2232 if (m->m_len >= NFSX_UNSIGNED) {
2233 bcopy(mtod(m, caddr_t), (caddr_t)&recmark, NFSX_UNSIGNED);
2234 m->m_data += NFSX_UNSIGNED;
2235 m->m_len -= NFSX_UNSIGNED;
2236 } else {
2237 cp1 = (caddr_t)&recmark;
2238 cp2 = mtod(m, caddr_t);
2239 while (cp1 < ((caddr_t)&recmark) + NFSX_UNSIGNED) {
2240 while (m->m_len == 0) {
2241 m = m->m_next;
2242 cp2 = mtod(m, caddr_t);
2243 }
2244 *cp1++ = *cp2++;
2245 m->m_data++;
2246 m->m_len--;
2247 }
2248 }
2249 slp->ns_cc -= NFSX_UNSIGNED;
2250 recmark = ntohl(recmark);
2251 slp->ns_reclen = recmark & ~0x80000000;
2252 if (recmark & 0x80000000)
2253 slp->ns_flag |= SLP_LASTFRAG;
2254 else
2255 slp->ns_flag &= ~SLP_LASTFRAG;
2256 if (slp->ns_reclen < NFS_MINPACKET || slp->ns_reclen > NFS_MAXPACKET) {
2257 slp->ns_flag &= ~SLP_GETSTREAM;
2258 return (EPERM);
2259 }
2260 }
2261
2262 /*
2263 * Now get the record part.
2264 *
2265 * Note that slp->ns_reclen may be 0. Linux sometimes
2266 * generates 0-length RPCs
2267 */
2268 recm = NULL;
2269 if (slp->ns_cc == slp->ns_reclen) {
2270 recm = slp->ns_raw;
2271 slp->ns_raw = slp->ns_rawend = (struct mbuf *)0;
2272 slp->ns_cc = slp->ns_reclen = 0;
2273 } else if (slp->ns_cc > slp->ns_reclen) {
2274 len = 0;
2275 m = slp->ns_raw;
2276 om = (struct mbuf *)0;
2277 while (len < slp->ns_reclen) {
2278 if ((len + m->m_len) > slp->ns_reclen) {
2279 m2 = m_copym(m, 0, slp->ns_reclen - len,
2280 waitflag);
2281 if (m2) {
2282 if (om) {
2283 om->m_next = m2;
2284 recm = slp->ns_raw;
2285 } else
2286 recm = m2;
2287 m->m_data += slp->ns_reclen - len;
2288 m->m_len -= slp->ns_reclen - len;
2289 len = slp->ns_reclen;
2290 } else {
2291 slp->ns_flag &= ~SLP_GETSTREAM;
2292 return (EWOULDBLOCK);
2293 }
2294 } else if ((len + m->m_len) == slp->ns_reclen) {
2295 om = m;
2296 len += m->m_len;
2297 m = m->m_next;
2298 recm = slp->ns_raw;
2299 om->m_next = (struct mbuf *)0;
2300 } else {
2301 om = m;
2302 len += m->m_len;
2303 m = m->m_next;
2304 }
2305 }
2306 slp->ns_raw = m;
2307 slp->ns_cc -= len;
2308 slp->ns_reclen = 0;
2309 } else {
2310 slp->ns_flag &= ~SLP_GETSTREAM;
2311 return (0);
2312 }
2313
2314 /*
2315 * Accumulate the fragments into a record.
2316 */
2317 mpp = &slp->ns_frag;
2318 while (*mpp)
2319 mpp = &((*mpp)->m_next);
2320 *mpp = recm;
2321 if (slp->ns_flag & SLP_LASTFRAG) {
2322 if (slp->ns_recend)
2323 slp->ns_recend->m_nextpkt = slp->ns_frag;
2324 else
2325 slp->ns_rec = slp->ns_frag;
2326 slp->ns_recend = slp->ns_frag;
2327 slp->ns_frag = (struct mbuf *)0;
2328 }
2329 }
2330 }
2331
2332 /*
2333 * Parse an RPC header.
2334 */
2335 int
2336 nfsrv_dorec(slp, nfsd, ndp)
2337 register struct nfssvc_sock *slp;
2338 struct nfsd *nfsd;
2339 struct nfsrv_descript **ndp;
2340 {
2341 register struct mbuf *m;
2342 register struct mbuf *nam;
2343 register struct nfsrv_descript *nd;
2344 int error;
2345
2346 *ndp = NULL;
2347 if ((slp->ns_flag & SLP_VALID) == 0 ||
2348 (m = slp->ns_rec) == (struct mbuf *)0)
2349 return (ENOBUFS);
2350 slp->ns_rec = m->m_nextpkt;
2351 if (slp->ns_rec)
2352 m->m_nextpkt = (struct mbuf *)0;
2353 else
2354 slp->ns_recend = (struct mbuf *)0;
2355 if (m->m_type == MT_SONAME) {
2356 nam = m;
2357 m = m->m_next;
2358 nam->m_next = NULL;
2359 } else
2360 nam = NULL;
2361 MALLOC_ZONE(nd, struct nfsrv_descript *,
2362 sizeof (struct nfsrv_descript), M_NFSRVDESC, M_WAITOK);
2363 nd->nd_md = nd->nd_mrep = m;
2364 nd->nd_nam2 = nam;
2365 nd->nd_dpos = mtod(m, caddr_t);
2366 error = nfs_getreq(nd, nfsd, TRUE);
2367 if (error) {
2368 m_freem(nam);
2369 _FREE_ZONE((caddr_t)nd, sizeof *nd, M_NFSRVDESC);
2370 return (error);
2371 }
2372 *ndp = nd;
2373 nfsd->nfsd_nd = nd;
2374 return (0);
2375 }
2376
2377 /*
2378 * Parse an RPC request
2379 * - verify it
2380 * - fill in the cred struct.
2381 */
2382 int
2383 nfs_getreq(nd, nfsd, has_header)
2384 register struct nfsrv_descript *nd;
2385 struct nfsd *nfsd;
2386 int has_header;
2387 {
2388 register int len, i;
2389 register u_long *tl;
2390 register long t1;
2391 struct uio uio;
2392 struct iovec iov;
2393 caddr_t dpos, cp2, cp;
2394 u_long nfsvers, auth_type;
2395 uid_t nickuid;
2396 int error = 0, nqnfs = 0, ticklen;
2397 struct mbuf *mrep, *md;
2398 register struct nfsuid *nuidp;
2399 struct timeval tvin, tvout;
2400 #if 0 /* until encrypted keys are implemented */
2401 NFSKERBKEYSCHED_T keys; /* stores key schedule */
2402 #endif
2403
2404 mrep = nd->nd_mrep;
2405 md = nd->nd_md;
2406 dpos = nd->nd_dpos;
2407 if (has_header) {
2408 nfsm_dissect(tl, u_long *, 10 * NFSX_UNSIGNED);
2409 nd->nd_retxid = fxdr_unsigned(u_long, *tl++);
2410 if (*tl++ != rpc_call) {
2411 m_freem(mrep);
2412 return (EBADRPC);
2413 }
2414 } else
2415 nfsm_dissect(tl, u_long *, 8 * NFSX_UNSIGNED);
2416 nd->nd_repstat = 0;
2417 nd->nd_flag = 0;
2418 if (*tl++ != rpc_vers) {
2419 nd->nd_repstat = ERPCMISMATCH;
2420 nd->nd_procnum = NFSPROC_NOOP;
2421 return (0);
2422 }
2423 if (*tl != nfs_prog) {
2424 if (*tl == nqnfs_prog)
2425 nqnfs++;
2426 else {
2427 nd->nd_repstat = EPROGUNAVAIL;
2428 nd->nd_procnum = NFSPROC_NOOP;
2429 return (0);
2430 }
2431 }
2432 tl++;
2433 nfsvers = fxdr_unsigned(u_long, *tl++);
2434 if (((nfsvers < NFS_VER2 || nfsvers > NFS_VER3) && !nqnfs) ||
2435 (nfsvers != NQNFS_VER3 && nqnfs)) {
2436 nd->nd_repstat = EPROGMISMATCH;
2437 nd->nd_procnum = NFSPROC_NOOP;
2438 return (0);
2439 }
2440 if (nqnfs)
2441 nd->nd_flag = (ND_NFSV3 | ND_NQNFS);
2442 else if (nfsvers == NFS_VER3)
2443 nd->nd_flag = ND_NFSV3;
2444 nd->nd_procnum = fxdr_unsigned(u_long, *tl++);
2445 if (nd->nd_procnum == NFSPROC_NULL)
2446 return (0);
2447 if (nd->nd_procnum >= NFS_NPROCS ||
2448 (!nqnfs && nd->nd_procnum >= NQNFSPROC_GETLEASE) ||
2449 (!nd->nd_flag && nd->nd_procnum > NFSV2PROC_STATFS)) {
2450 nd->nd_repstat = EPROCUNAVAIL;
2451 nd->nd_procnum = NFSPROC_NOOP;
2452 return (0);
2453 }
2454 if ((nd->nd_flag & ND_NFSV3) == 0)
2455 nd->nd_procnum = nfsv3_procid[nd->nd_procnum];
2456 auth_type = *tl++;
2457 len = fxdr_unsigned(int, *tl++);
2458 if (len < 0 || len > RPCAUTH_MAXSIZ) {
2459 m_freem(mrep);
2460 return (EBADRPC);
2461 }
2462
2463 nd->nd_flag &= ~ND_KERBAUTH;
2464 /*
2465 * Handle auth_unix or auth_kerb.
2466 */
2467 if (auth_type == rpc_auth_unix) {
2468 len = fxdr_unsigned(int, *++tl);
2469 if (len < 0 || len > NFS_MAXNAMLEN) {
2470 m_freem(mrep);
2471 return (EBADRPC);
2472 }
2473 nfsm_adv(nfsm_rndup(len));
2474 nfsm_dissect(tl, u_long *, 3 * NFSX_UNSIGNED);
2475 bzero((caddr_t)&nd->nd_cr, sizeof (struct ucred));
2476 nd->nd_cr.cr_ref = 1;
2477 nd->nd_cr.cr_uid = fxdr_unsigned(uid_t, *tl++);
2478 nd->nd_cr.cr_gid = fxdr_unsigned(gid_t, *tl++);
2479 len = fxdr_unsigned(int, *tl);
2480 if (len < 0 || len > RPCAUTH_UNIXGIDS) {
2481 m_freem(mrep);
2482 return (EBADRPC);
2483 }
2484 nfsm_dissect(tl, u_long *, (len + 2) * NFSX_UNSIGNED);
2485 for (i = 1; i <= len; i++)
2486 if (i < NGROUPS)
2487 nd->nd_cr.cr_groups[i] = fxdr_unsigned(gid_t, *tl++);
2488 else
2489 tl++;
2490 nd->nd_cr.cr_ngroups = (len >= NGROUPS) ? NGROUPS : (len + 1);
2491 if (nd->nd_cr.cr_ngroups > 1)
2492 nfsrvw_sort(nd->nd_cr.cr_groups, nd->nd_cr.cr_ngroups);
2493 len = fxdr_unsigned(int, *++tl);
2494 if (len < 0 || len > RPCAUTH_MAXSIZ) {
2495 m_freem(mrep);
2496 return (EBADRPC);
2497 }
2498 if (len > 0)
2499 nfsm_adv(nfsm_rndup(len));
2500 } else if (auth_type == rpc_auth_kerb) {
2501 switch (fxdr_unsigned(int, *tl++)) {
2502 case RPCAKN_FULLNAME:
2503 ticklen = fxdr_unsigned(int, *tl);
2504 *((u_long *)nfsd->nfsd_authstr) = *tl;
2505 uio.uio_resid = nfsm_rndup(ticklen) + NFSX_UNSIGNED;
2506 nfsd->nfsd_authlen = uio.uio_resid + NFSX_UNSIGNED;
2507 if (uio.uio_resid > (len - 2 * NFSX_UNSIGNED)) {
2508 m_freem(mrep);
2509 return (EBADRPC);
2510 }
2511 uio.uio_offset = 0;
2512 uio.uio_iov = &iov;
2513 uio.uio_iovcnt = 1;
2514 uio.uio_segflg = UIO_SYSSPACE;
2515 iov.iov_base = (caddr_t)&nfsd->nfsd_authstr[4];
2516 iov.iov_len = RPCAUTH_MAXSIZ - 4;
2517 nfsm_mtouio(&uio, uio.uio_resid);
2518 nfsm_dissect(tl, u_long *, 2 * NFSX_UNSIGNED);
2519 if (*tl++ != rpc_auth_kerb ||
2520 fxdr_unsigned(int, *tl) != 4 * NFSX_UNSIGNED) {
2521 printf("Bad kerb verifier\n");
2522 nd->nd_repstat = (NFSERR_AUTHERR|AUTH_BADVERF);
2523 nd->nd_procnum = NFSPROC_NOOP;
2524 return (0);
2525 }
2526 nfsm_dissect(cp, caddr_t, 4 * NFSX_UNSIGNED);
2527 tl = (u_long *)cp;
2528 if (fxdr_unsigned(int, *tl) != RPCAKN_FULLNAME) {
2529 printf("Not fullname kerb verifier\n");
2530 nd->nd_repstat = (NFSERR_AUTHERR|AUTH_BADVERF);
2531 nd->nd_procnum = NFSPROC_NOOP;
2532 return (0);
2533 }
2534 cp += NFSX_UNSIGNED;
2535 bcopy(cp, nfsd->nfsd_verfstr, 3 * NFSX_UNSIGNED);
2536 nfsd->nfsd_verflen = 3 * NFSX_UNSIGNED;
2537 nd->nd_flag |= ND_KERBFULL;
2538 nfsd->nfsd_flag |= NFSD_NEEDAUTH;
2539 break;
2540 case RPCAKN_NICKNAME:
2541 if (len != 2 * NFSX_UNSIGNED) {
2542 printf("Kerb nickname short\n");
2543 nd->nd_repstat = (NFSERR_AUTHERR|AUTH_BADCRED);
2544 nd->nd_procnum = NFSPROC_NOOP;
2545 return (0);
2546 }
2547 nickuid = fxdr_unsigned(uid_t, *tl);
2548 nfsm_dissect(tl, u_long *, 2 * NFSX_UNSIGNED);
2549 if (*tl++ != rpc_auth_kerb ||
2550 fxdr_unsigned(int, *tl) != 3 * NFSX_UNSIGNED) {
2551 printf("Kerb nick verifier bad\n");
2552 nd->nd_repstat = (NFSERR_AUTHERR|AUTH_BADVERF);
2553 nd->nd_procnum = NFSPROC_NOOP;
2554 return (0);
2555 }
2556 nfsm_dissect(tl, u_long *, 3 * NFSX_UNSIGNED);
2557 tvin.tv_sec = *tl++;
2558 tvin.tv_usec = *tl;
2559
2560 for (nuidp = NUIDHASH(nfsd->nfsd_slp,nickuid)->lh_first;
2561 nuidp != 0; nuidp = nuidp->nu_hash.le_next) {
2562 if (nuidp->nu_cr.cr_uid == nickuid &&
2563 (!nd->nd_nam2 ||
2564 netaddr_match(NU_NETFAM(nuidp),
2565 &nuidp->nu_haddr, nd->nd_nam2)))
2566 break;
2567 }
2568 if (!nuidp) {
2569 nd->nd_repstat =
2570 (NFSERR_AUTHERR|AUTH_REJECTCRED);
2571 nd->nd_procnum = NFSPROC_NOOP;
2572 return (0);
2573 }
2574
2575 /*
2576 * Now, decrypt the timestamp using the session key
2577 * and validate it.
2578 */
2579 #if NFSKERB
2580 XXX
2581 #endif
2582
2583 tvout.tv_sec = fxdr_unsigned(long, tvout.tv_sec);
2584 tvout.tv_usec = fxdr_unsigned(long, tvout.tv_usec);
2585 if (nuidp->nu_expire < time.tv_sec ||
2586 nuidp->nu_timestamp.tv_sec > tvout.tv_sec ||
2587 (nuidp->nu_timestamp.tv_sec == tvout.tv_sec &&
2588 nuidp->nu_timestamp.tv_usec > tvout.tv_usec)) {
2589 nuidp->nu_expire = 0;
2590 nd->nd_repstat =
2591 (NFSERR_AUTHERR|AUTH_REJECTVERF);
2592 nd->nd_procnum = NFSPROC_NOOP;
2593 return (0);
2594 }
2595 nfsrv_setcred(&nuidp->nu_cr, &nd->nd_cr);
2596 nd->nd_flag |= ND_KERBNICK;
2597 };
2598 } else {
2599 nd->nd_repstat = (NFSERR_AUTHERR | AUTH_REJECTCRED);
2600 nd->nd_procnum = NFSPROC_NOOP;
2601 return (0);
2602 }
2603
2604 /*
2605 * For nqnfs, get piggybacked lease request.
2606 */
2607 if (nqnfs && nd->nd_procnum != NQNFSPROC_EVICTED) {
2608 nfsm_dissect(tl, u_long *, NFSX_UNSIGNED);
2609 nd->nd_flag |= fxdr_unsigned(int, *tl);
2610 if (nd->nd_flag & ND_LEASE) {
2611 nfsm_dissect(tl, u_long *, NFSX_UNSIGNED);
2612 nd->nd_duration = fxdr_unsigned(int, *tl);
2613 } else
2614 nd->nd_duration = NQ_MINLEASE;
2615 } else
2616 nd->nd_duration = NQ_MINLEASE;
2617 nd->nd_md = md;
2618 nd->nd_dpos = dpos;
2619 return (0);
2620 nfsmout:
2621 return (error);
2622 }
2623
2624 /*
2625 * Search for a sleeping nfsd and wake it up.
2626 * SIDE EFFECT: If none found, set NFSD_CHECKSLP flag, so that one of the
2627 * running nfsds will go look for the work in the nfssvc_sock list.
2628 */
2629 void
2630 nfsrv_wakenfsd(slp)
2631 struct nfssvc_sock *slp;
2632 {
2633 register struct nfsd *nd;
2634
2635 if ((slp->ns_flag & SLP_VALID) == 0)
2636 return;
2637 for (nd = nfsd_head.tqh_first; nd != 0; nd = nd->nfsd_chain.tqe_next) {
2638 if (nd->nfsd_flag & NFSD_WAITING) {
2639 nd->nfsd_flag &= ~NFSD_WAITING;
2640 if (nd->nfsd_slp)
2641 panic("nfsd wakeup");
2642 slp->ns_sref++;
2643 nd->nfsd_slp = slp;
2644 wakeup((caddr_t)nd);
2645 return;
2646 }
2647 }
2648 slp->ns_flag |= SLP_DOREC;
2649 nfsd_head_flag |= NFSD_CHECKSLP;
2650 }
2651 #endif /* NFS_NOSERVER */
2652
2653 static int
2654 nfs_msg(p, server, msg)
2655 struct proc *p;
2656 char *server, *msg;
2657 {
2658 tpr_t tpr;
2659
2660 if (p)
2661 tpr = tprintf_open(p);
2662 else
2663 tpr = NULL;
2664 tprintf(tpr, "nfs server %s: %s\n", server, msg);
2665 tprintf_close(tpr);
2666 return (0);
2667 }
mirror of XNU