The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/nfs/nfs_socket.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*      $NetBSD: nfs_socket.c,v 1.200 2018/09/03 16:29:36 riastradh Exp $       */
    2 
    3 /*
    4  * Copyright (c) 1989, 1991, 1993, 1995
    5  *      The Regents of the University of California.  All rights reserved.
    6  *
    7  * This code is derived from software contributed to Berkeley by
    8  * Rick Macklem at The University of Guelph.
    9  *
   10  * Redistribution and use in source and binary forms, with or without
   11  * modification, are permitted provided that the following conditions
   12  * are met:
   13  * 1. Redistributions of source code must retain the above copyright
   14  *    notice, this list of conditions and the following disclaimer.
   15  * 2. Redistributions in binary form must reproduce the above copyright
   16  *    notice, this list of conditions and the following disclaimer in the
   17  *    documentation and/or other materials provided with the distribution.
   18  * 3. Neither the name of the University nor the names of its contributors
   19  *    may be used to endorse or promote products derived from this software
   20  *    without specific prior written permission.
   21  *
   22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
   23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   32  * SUCH DAMAGE.
   33  *
   34  *      @(#)nfs_socket.c        8.5 (Berkeley) 3/30/95
   35  */
   36 
   37 /*
   38  * Socket operations for use by nfs
   39  */
   40 
   41 #include <sys/cdefs.h>
   42 __KERNEL_RCSID(0, "$NetBSD: nfs_socket.c,v 1.200 2018/09/03 16:29:36 riastradh Exp $");
   43 
   44 #ifdef _KERNEL_OPT
   45 #include "opt_nfs.h"
   46 #include "opt_mbuftrace.h"
   47 #endif
   48 
   49 #include <sys/param.h>
   50 #include <sys/systm.h>
   51 #include <sys/evcnt.h>
   52 #include <sys/callout.h>
   53 #include <sys/proc.h>
   54 #include <sys/mount.h>
   55 #include <sys/kernel.h>
   56 #include <sys/kmem.h>
   57 #include <sys/mbuf.h>
   58 #include <sys/vnode.h>
   59 #include <sys/domain.h>
   60 #include <sys/protosw.h>
   61 #include <sys/socket.h>
   62 #include <sys/socketvar.h>
   63 #include <sys/syslog.h>
   64 #include <sys/tprintf.h>
   65 #include <sys/namei.h>
   66 #include <sys/signal.h>
   67 #include <sys/signalvar.h>
   68 #include <sys/kauth.h>
   69 #include <sys/time.h>
   70 
   71 #include <netinet/in.h>
   72 #include <netinet/tcp.h>
   73 
   74 #include <nfs/rpcv2.h>
   75 #include <nfs/nfsproto.h>
   76 #include <nfs/nfs.h>
   77 #include <nfs/xdr_subs.h>
   78 #include <nfs/nfsm_subs.h>
   79 #include <nfs/nfsmount.h>
   80 #include <nfs/nfsnode.h>
   81 #include <nfs/nfsrtt.h>
   82 #include <nfs/nfs_var.h>
   83 
   84 #ifdef MBUFTRACE
   85 struct mowner nfs_mowner = MOWNER_INIT("nfs","");
   86 #endif
   87 
   88 /*
   89  * Estimate rto for an nfs rpc sent via. an unreliable datagram.
   90  * Use the mean and mean deviation of rtt for the appropriate type of rpc
   91  * for the frequent rpcs and a default for the others.
   92  * The justification for doing "other" this way is that these rpcs
   93  * happen so infrequently that timer est. would probably be stale.
   94  * Also, since many of these rpcs are
   95  * non-idempotent, a conservative timeout is desired.
   96  * getattr, lookup - A+2D
   97  * read, write     - A+4D
   98  * other           - nm_timeo
   99  */
  100 #define NFS_RTO(n, t) \
  101         ((t) == 0 ? (n)->nm_timeo : \
  102          ((t) < 3 ? \
  103           (((((n)->nm_srtt[t-1] + 3) >> 2) + (n)->nm_sdrtt[t-1] + 1) >> 1) : \
  104           ((((n)->nm_srtt[t-1] + 7) >> 3) + (n)->nm_sdrtt[t-1] + 1)))
  105 #define NFS_SRTT(r)     (r)->r_nmp->nm_srtt[nfs_proct[(r)->r_procnum] - 1]
  106 #define NFS_SDRTT(r)    (r)->r_nmp->nm_sdrtt[nfs_proct[(r)->r_procnum] - 1]
  107 
  108 /*
  109  * Defines which timer to use for the procnum.
  110  * 0 - default
  111  * 1 - getattr
  112  * 2 - lookup
  113  * 3 - read
  114  * 4 - write
  115  */
  116 const int nfs_proct[NFS_NPROCS] = {
  117         [NFSPROC_NULL] = 0,
  118         [NFSPROC_GETATTR] = 1,
  119         [NFSPROC_SETATTR] = 0,
  120         [NFSPROC_LOOKUP] = 2,
  121         [NFSPROC_ACCESS] = 1,
  122         [NFSPROC_READLINK] = 3,
  123         [NFSPROC_READ] = 3,
  124         [NFSPROC_WRITE] = 4,
  125         [NFSPROC_CREATE] = 0,
  126         [NFSPROC_MKDIR] = 0,
  127         [NFSPROC_SYMLINK] = 0,
  128         [NFSPROC_MKNOD] = 0,
  129         [NFSPROC_REMOVE] = 0,
  130         [NFSPROC_RMDIR] = 0,
  131         [NFSPROC_RENAME] = 0,
  132         [NFSPROC_LINK] = 0,
  133         [NFSPROC_READDIR] = 3,
  134         [NFSPROC_READDIRPLUS] = 3,
  135         [NFSPROC_FSSTAT] = 0,
  136         [NFSPROC_FSINFO] = 0,
  137         [NFSPROC_PATHCONF] = 0,
  138         [NFSPROC_COMMIT] = 0,
  139         [NFSPROC_NOOP] = 0,
  140 };
  141 
  142 #ifdef DEBUG
  143 /*
  144  * Avoid spamming the console with debugging messages.  We only print
  145  * the nfs timer and reply error debugs every 10 seconds.
  146  */
  147 const struct timeval nfs_err_interval = { 10, 0 };
  148 struct timeval nfs_reply_last_err_time;
  149 struct timeval nfs_timer_last_err_time;
  150 #endif
  151 
  152 /*
  153  * There is a congestion window for outstanding rpcs maintained per mount
  154  * point. The cwnd size is adjusted in roughly the way that:
  155  * Van Jacobson, Congestion avoidance and Control, In "Proceedings of
  156  * SIGCOMM '88". ACM, August 1988.
  157  * describes for TCP. The cwnd size is chopped in half on a retransmit timeout
  158  * and incremented by 1/cwnd when each rpc reply is received and a full cwnd
  159  * of rpcs is in progress.
  160  * (The sent count and cwnd are scaled for integer arith.)
  161  * Variants of "slow start" were tried and were found to be too much of a
  162  * performance hit (ave. rtt 3 times larger),
  163  * I suspect due to the large rtt that nfs rpcs have.
  164  */
  165 int nfsrtton = 0;  
  166 struct nfsrtt nfsrtt;
  167 static const int nfs_backoff[8] = { 2, 4, 8, 16, 32, 64, 128, 256, };
  168 struct nfsreqhead nfs_reqq;
  169 kmutex_t nfs_reqq_lock;
  170 static callout_t nfs_timer_ch;
  171 static struct evcnt nfs_timer_ev;
  172 static struct evcnt nfs_timer_start_ev;
  173 static struct evcnt nfs_timer_stop_ev;
  174 static kmutex_t nfs_timer_lock;
  175 static bool (*nfs_timer_srvvec)(void);
  176 
  177 /*
  178  * Initialize sockets and congestion for a new NFS connection.
  179  * We do not free the sockaddr if error.
  180  */
  181 int
  182 nfs_connect(struct nfsmount *nmp, struct nfsreq *rep, struct lwp *l)
  183 {
  184         struct socket *so;
  185         int error, rcvreserve, sndreserve;
  186         struct sockaddr *saddr;
  187         struct sockaddr_in sin;
  188         struct sockaddr_in6 sin6;
  189         int val;
  190 
  191         nmp->nm_so = NULL;
  192         saddr = mtod(nmp->nm_nam, struct sockaddr *);
  193         error = socreate(saddr->sa_family, &nmp->nm_so,
  194                 nmp->nm_sotype, nmp->nm_soproto, l, NULL);
  195         if (error)
  196                 goto bad;
  197         so = nmp->nm_so;
  198 #ifdef MBUFTRACE
  199         so->so_mowner = &nfs_mowner;
  200         so->so_rcv.sb_mowner = &nfs_mowner;
  201         so->so_snd.sb_mowner = &nfs_mowner;
  202 #endif
  203         nmp->nm_soflags = so->so_proto->pr_flags;
  204 
  205         /*
  206          * Some servers require that the client port be a reserved port number.
  207          */
  208         if (saddr->sa_family == AF_INET && (nmp->nm_flag & NFSMNT_RESVPORT)) {
  209                 val = IP_PORTRANGE_LOW;
  210 
  211                 if ((error = so_setsockopt(NULL, so, IPPROTO_IP, IP_PORTRANGE,
  212                     &val, sizeof(val))))
  213                         goto bad;
  214                 sin.sin_len = sizeof(struct sockaddr_in);
  215                 sin.sin_family = AF_INET;
  216                 sin.sin_addr.s_addr = INADDR_ANY;
  217                 sin.sin_port = 0;
  218                 error = sobind(so, (struct sockaddr *)&sin, &lwp0);
  219                 if (error)
  220                         goto bad;
  221         }
  222         if (saddr->sa_family == AF_INET6 && (nmp->nm_flag & NFSMNT_RESVPORT)) {
  223                 val = IPV6_PORTRANGE_LOW;
  224 
  225                 if ((error = so_setsockopt(NULL, so, IPPROTO_IPV6,
  226                     IPV6_PORTRANGE, &val, sizeof(val))))
  227                         goto bad;
  228                 memset(&sin6, 0, sizeof(sin6));
  229                 sin6.sin6_len = sizeof(struct sockaddr_in6);
  230                 sin6.sin6_family = AF_INET6;
  231                 error = sobind(so, (struct sockaddr *)&sin6, &lwp0);
  232                 if (error)
  233                         goto bad;
  234         }
  235 
  236         /*
  237          * Protocols that do not require connections may be optionally left
  238          * unconnected for servers that reply from a port other than NFS_PORT.
  239          */
  240         solock(so);
  241         if (nmp->nm_flag & NFSMNT_NOCONN) {
  242                 if (nmp->nm_soflags & PR_CONNREQUIRED) {
  243                         sounlock(so);
  244                         error = ENOTCONN;
  245                         goto bad;
  246                 }
  247         } else {
  248                 error = soconnect(so, mtod(nmp->nm_nam, struct sockaddr *), l);
  249                 if (error) {
  250                         sounlock(so);
  251                         goto bad;
  252                 }
  253 
  254                 /*
  255                  * Wait for the connection to complete. Cribbed from the
  256                  * connect system call but with the wait timing out so
  257                  * that interruptible mounts don't hang here for a long time.
  258                  */
  259                 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
  260                         (void)sowait(so, false, 2 * hz);
  261                         if ((so->so_state & SS_ISCONNECTING) &&
  262                             so->so_error == 0 && rep &&
  263                             (error = nfs_sigintr(nmp, rep, rep->r_lwp)) != 0){
  264                                 so->so_state &= ~SS_ISCONNECTING;
  265                                 sounlock(so);
  266                                 goto bad;
  267                         }
  268                 }
  269                 if (so->so_error) {
  270                         error = so->so_error;
  271                         so->so_error = 0;
  272                         sounlock(so);
  273                         goto bad;
  274                 }
  275         }
  276         if (nmp->nm_flag & (NFSMNT_SOFT | NFSMNT_INT)) {
  277                 so->so_rcv.sb_timeo = (5 * hz);
  278                 so->so_snd.sb_timeo = (5 * hz);
  279         } else {
  280                 /*
  281                  * enable receive timeout to detect server crash and reconnect.
  282                  * otherwise, we can be stuck in soreceive forever.
  283                  */
  284                 so->so_rcv.sb_timeo = (5 * hz);
  285                 so->so_snd.sb_timeo = 0;
  286         }
  287         if (nmp->nm_sotype == SOCK_DGRAM) {
  288                 sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 3;
  289                 rcvreserve = (uimax(nmp->nm_rsize, nmp->nm_readdirsize) +
  290                     NFS_MAXPKTHDR) * 2;
  291         } else if (nmp->nm_sotype == SOCK_SEQPACKET) {
  292                 sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 3;
  293                 rcvreserve = (uimax(nmp->nm_rsize, nmp->nm_readdirsize) +
  294                     NFS_MAXPKTHDR) * 3;
  295         } else {
  296                 sounlock(so);
  297                 if (nmp->nm_sotype != SOCK_STREAM)
  298                         panic("nfscon sotype");
  299                 if (so->so_proto->pr_flags & PR_CONNREQUIRED) {
  300                         val = 1;
  301                         so_setsockopt(NULL, so, SOL_SOCKET, SO_KEEPALIVE, &val,
  302                             sizeof(val));
  303                 }
  304                 if (so->so_proto->pr_protocol == IPPROTO_TCP) {
  305                         val = 1;
  306                         so_setsockopt(NULL, so, IPPROTO_TCP, TCP_NODELAY, &val,
  307                             sizeof(val));
  308                 }
  309                 sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR +
  310                     sizeof (u_int32_t)) * 3;
  311                 rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR +
  312                     sizeof (u_int32_t)) * 3;
  313                 solock(so);
  314         }
  315         error = soreserve(so, sndreserve, rcvreserve);
  316         if (error) {
  317                 sounlock(so);
  318                 goto bad;
  319         }
  320         so->so_rcv.sb_flags |= SB_NOINTR;
  321         so->so_snd.sb_flags |= SB_NOINTR;
  322         sounlock(so);
  323 
  324         /* Initialize other non-zero congestion variables */
  325         nmp->nm_srtt[0] = nmp->nm_srtt[1] = nmp->nm_srtt[2] = nmp->nm_srtt[3] =
  326                 NFS_TIMEO << 3;
  327         nmp->nm_sdrtt[0] = nmp->nm_sdrtt[1] = nmp->nm_sdrtt[2] =
  328                 nmp->nm_sdrtt[3] = 0;
  329         nmp->nm_cwnd = NFS_MAXCWND / 2;     /* Initial send window */
  330         nmp->nm_sent = 0;
  331         nmp->nm_timeouts = 0;
  332         return (0);
  333 
  334 bad:
  335         nfs_disconnect(nmp);
  336         return (error);
  337 }
  338 
  339 /*
  340  * Reconnect routine:
  341  * Called when a connection is broken on a reliable protocol.
  342  * - clean up the old socket
  343  * - nfs_connect() again
  344  * - set R_MUSTRESEND for all outstanding requests on mount point
  345  * If this fails the mount point is DEAD!
  346  * nb: Must be called with the nfs_sndlock() set on the mount point.
  347  */
  348 int
  349 nfs_reconnect(struct nfsreq *rep)
  350 {
  351         struct nfsreq *rp;
  352         struct nfsmount *nmp = rep->r_nmp;
  353         int error, s;
  354         time_t before_ts;
  355 
  356         nfs_disconnect(nmp);
  357 
  358         /*
  359          * Force unmount: do not try to reconnect
  360          */
  361         if (nmp->nm_iflag & NFSMNT_DISMNTFORCE)
  362                 return EIO;
  363 
  364         before_ts = time_uptime;
  365         while ((error = nfs_connect(nmp, rep, &lwp0)) != 0) {
  366                 if (error == EINTR || error == ERESTART)
  367                         return (EINTR);
  368 
  369                 if (rep->r_flags & R_SOFTTERM)
  370                         return (EIO);
  371 
  372                 /*
  373                  * Soft mount can fail here, but not too fast: 
  374                  * we want to make sure we at least honoured 
  375                  * NFS timeout.
  376                  */
  377                 if ((nmp->nm_flag & NFSMNT_SOFT) &&
  378                     (time_uptime - before_ts > nmp->nm_timeo / NFS_HZ))
  379                         return (EIO);
  380 
  381                 kpause("nfscn2", false, hz, NULL);
  382         }
  383 
  384         /*
  385          * Loop through outstanding request list and fix up all requests
  386          * on old socket.
  387          */
  388         s = splsoftnet();
  389         mutex_enter(&nfs_reqq_lock);
  390         TAILQ_FOREACH(rp, &nfs_reqq, r_chain) {
  391                 if (rp->r_nmp == nmp) {
  392                         if ((rp->r_flags & R_MUSTRESEND) == 0)
  393                                 rp->r_flags |= R_MUSTRESEND | R_REXMITTED;
  394                         rp->r_rexmit = 0;
  395                 }
  396         }
  397         mutex_exit(&nfs_reqq_lock);
  398         splx(s);
  399         return (0);
  400 }
  401 
  402 /*
  403  * NFS disconnect. Clean up and unlink.
  404  */
  405 void
  406 nfs_disconnect(struct nfsmount *nmp)
  407 {
  408         struct socket *so;
  409         int drain = 0;
  410 
  411         if (nmp->nm_so) {
  412                 so = nmp->nm_so;
  413                 nmp->nm_so = NULL;
  414                 solock(so);
  415                 soshutdown(so, SHUT_RDWR);
  416                 sounlock(so);
  417                 drain = (nmp->nm_iflag & NFSMNT_DISMNT) != 0;
  418                 if (drain) {
  419                         /*
  420                          * soshutdown() above should wake up the current
  421                          * listener.
  422                          * Now wake up those waiting for the receive lock, and
  423                          * wait for them to go away unhappy, to prevent *nmp
  424                          * from evaporating while they're sleeping.
  425                          */
  426                         mutex_enter(&nmp->nm_lock);
  427                         while (nmp->nm_waiters > 0) {
  428                                 cv_broadcast(&nmp->nm_rcvcv);
  429                                 cv_broadcast(&nmp->nm_sndcv);
  430                                 cv_wait(&nmp->nm_disconcv, &nmp->nm_lock);
  431                         }
  432                         mutex_exit(&nmp->nm_lock);
  433                 }
  434                 soclose(so);
  435         }
  436 #ifdef DIAGNOSTIC
  437         if (drain && (nmp->nm_waiters > 0))
  438                 panic("nfs_disconnect: waiters left after drain?");
  439 #endif
  440 }
  441 
  442 void
  443 nfs_safedisconnect(struct nfsmount *nmp)
  444 {
  445         struct nfsreq dummyreq;
  446 
  447         memset(&dummyreq, 0, sizeof(dummyreq));
  448         dummyreq.r_nmp = nmp;
  449         nfs_rcvlock(nmp, &dummyreq); /* XXX ignored error return */
  450         nfs_disconnect(nmp);
  451         nfs_rcvunlock(nmp);
  452 }
  453 
  454 /*
  455  * This is the nfs send routine. For connection based socket types, it
  456  * must be called with an nfs_sndlock() on the socket.
  457  * "rep == NULL" indicates that it has been called from a server.
  458  * For the client side:
  459  * - return EINTR if the RPC is terminated, 0 otherwise
  460  * - set R_MUSTRESEND if the send fails for any reason
  461  * - do any cleanup required by recoverable socket errors (? ? ?)
  462  * For the server side:
  463  * - return EINTR or ERESTART if interrupted by a signal
  464  * - return EPIPE if a connection is lost for connection based sockets (TCP...)
  465  * - do any cleanup required by recoverable socket errors (? ? ?)
  466  */
  467 int
  468 nfs_send(struct socket *so, struct mbuf *nam, struct mbuf *top, struct nfsreq *rep, struct lwp *l)
  469 {
  470         struct sockaddr *sendnam;
  471         int error, soflags, flags;
  472 
  473         /* XXX nfs_doio()/nfs_request() calls with  rep->r_lwp == NULL */
  474         if (l == NULL && rep->r_lwp == NULL)
  475                 l = curlwp;
  476 
  477         if (rep) {
  478                 if (rep->r_flags & R_SOFTTERM) {
  479                         m_freem(top);
  480                         return (EINTR);
  481                 }
  482                 if ((so = rep->r_nmp->nm_so) == NULL) {
  483                         rep->r_flags |= R_MUSTRESEND;
  484                         m_freem(top);
  485                         return (0);
  486                 }
  487                 rep->r_flags &= ~R_MUSTRESEND;
  488                 soflags = rep->r_nmp->nm_soflags;
  489         } else
  490                 soflags = so->so_proto->pr_flags;
  491         if ((soflags & PR_CONNREQUIRED) || (so->so_state & SS_ISCONNECTED))
  492                 sendnam = NULL;
  493         else
  494                 sendnam = mtod(nam, struct sockaddr *);
  495         if (so->so_type == SOCK_SEQPACKET)
  496                 flags = MSG_EOR;
  497         else
  498                 flags = 0;
  499 
  500         error = (*so->so_send)(so, sendnam, NULL, top, NULL, flags,  l);
  501         if (error) {
  502                 if (rep) {
  503                         if (error == ENOBUFS && so->so_type == SOCK_DGRAM) {
  504                                 /*
  505                                  * We're too fast for the network/driver,
  506                                  * and UDP isn't flowcontrolled.
  507                                  * We need to resend. This is not fatal,
  508                                  * just try again.
  509                                  *
  510                                  * Could be smarter here by doing some sort
  511                                  * of a backoff, but this is rare.
  512                                  */
  513                                 rep->r_flags |= R_MUSTRESEND;
  514                         } else {
  515                                 if (error != EPIPE)
  516                                         log(LOG_INFO,
  517                                             "nfs send error %d for %s\n",
  518                                             error,
  519                                             rep->r_nmp->nm_mountp->
  520                                                     mnt_stat.f_mntfromname);
  521                                 /*
  522                                  * Deal with errors for the client side.
  523                                  */
  524                                 if (rep->r_flags & R_SOFTTERM)
  525                                         error = EINTR;
  526                                 else if (error != EMSGSIZE)
  527                                         rep->r_flags |= R_MUSTRESEND;
  528                         }
  529                 } else {
  530                         /*
  531                          * See above. This error can happen under normal
  532                          * circumstances and the log is too noisy.
  533                          * The error will still show up in nfsstat.
  534                          */
  535                         if (error != ENOBUFS || so->so_type != SOCK_DGRAM)
  536                                 log(LOG_INFO, "nfsd send error %d\n", error);
  537                 }
  538 
  539                 /*
  540                  * Handle any recoverable (soft) socket errors here. (? ? ?)
  541                  */
  542                 if (error != EINTR && error != ERESTART &&
  543                     error != EWOULDBLOCK && error != EPIPE &&
  544                     error != EMSGSIZE)
  545                         error = 0;
  546         }
  547         return (error);
  548 }
  549 
  550 /*
  551  * Generate the rpc reply header
  552  * siz arg. is used to decide if adding a cluster is worthwhile
  553  */
  554 int
  555 nfs_rephead(int siz, struct nfsrv_descript *nd, struct nfssvc_sock *slp, int err, int cache, u_quad_t *frev, struct mbuf **mrq, struct mbuf **mbp, char **bposp)
  556 {
  557         u_int32_t *tl;
  558         struct mbuf *mreq;
  559         char *bpos;
  560         struct mbuf *mb;
  561 
  562         mreq = m_gethdr(M_WAIT, MT_DATA);
  563         MCLAIM(mreq, &nfs_mowner);
  564         mb = mreq;
  565         /*
  566          * If this is a big reply, use a cluster else
  567          * try and leave leading space for the lower level headers.
  568          */
  569         siz += RPC_REPLYSIZ;
  570         if (siz >= max_datalen) {
  571                 m_clget(mreq, M_WAIT);
  572         } else
  573                 mreq->m_data += max_hdr;
  574         tl = mtod(mreq, u_int32_t *);
  575         mreq->m_len = 6 * NFSX_UNSIGNED;
  576         bpos = ((char *)tl) + mreq->m_len;
  577         *tl++ = txdr_unsigned(nd->nd_retxid);
  578         *tl++ = rpc_reply;
  579         if (err == ERPCMISMATCH || (err & NFSERR_AUTHERR)) {
  580                 *tl++ = rpc_msgdenied;
  581                 if (err & NFSERR_AUTHERR) {
  582                         *tl++ = rpc_autherr;
  583                         *tl = txdr_unsigned(err & ~NFSERR_AUTHERR);
  584                         mreq->m_len -= NFSX_UNSIGNED;
  585                         bpos -= NFSX_UNSIGNED;
  586                 } else {
  587                         *tl++ = rpc_mismatch;
  588                         *tl++ = txdr_unsigned(RPC_VER2);
  589                         *tl = txdr_unsigned(RPC_VER2);
  590                 }
  591         } else {
  592                 *tl++ = rpc_msgaccepted;
  593 
  594                 /*
  595                  * For Kerberos authentication, we must send the nickname
  596                  * verifier back, otherwise just RPCAUTH_NULL.
  597                  */
  598                 if (nd->nd_flag & ND_KERBFULL) {
  599                         struct nfsuid *nuidp;
  600                         struct timeval ktvin, ktvout;
  601 
  602                         memset(&ktvout, 0, sizeof ktvout);      /* XXX gcc */
  603 
  604                         LIST_FOREACH(nuidp,
  605                             NUIDHASH(slp, kauth_cred_geteuid(nd->nd_cr)),
  606                             nu_hash) {
  607                                 if (kauth_cred_geteuid(nuidp->nu_cr) ==
  608                                 kauth_cred_geteuid(nd->nd_cr) &&
  609                                     (!nd->nd_nam2 || netaddr_match(
  610                                     NU_NETFAM(nuidp), &nuidp->nu_haddr,
  611                                     nd->nd_nam2)))
  612                                         break;
  613                         }
  614                         if (nuidp) {
  615                                 ktvin.tv_sec =
  616                                     txdr_unsigned(nuidp->nu_timestamp.tv_sec
  617                                         - 1);
  618                                 ktvin.tv_usec =
  619                                     txdr_unsigned(nuidp->nu_timestamp.tv_usec);
  620 
  621                                 /*
  622                                  * Encrypt the timestamp in ecb mode using the
  623                                  * session key.
  624                                  */
  625 #ifdef NFSKERB
  626                                 XXX
  627 #else
  628                                 (void)ktvin.tv_sec;
  629 #endif
  630 
  631                                 *tl++ = rpc_auth_kerb;
  632                                 *tl++ = txdr_unsigned(3 * NFSX_UNSIGNED);
  633                                 *tl = ktvout.tv_sec;
  634                                 nfsm_build(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
  635                                 *tl++ = ktvout.tv_usec;
  636                                 *tl++ = txdr_unsigned(
  637                                     kauth_cred_geteuid(nuidp->nu_cr));
  638                         } else {
  639                                 *tl++ = 0;
  640                                 *tl++ = 0;
  641                         }
  642                 } else {
  643                         *tl++ = 0;
  644                         *tl++ = 0;
  645                 }
  646                 switch (err) {
  647                 case EPROGUNAVAIL:
  648                         *tl = txdr_unsigned(RPC_PROGUNAVAIL);
  649                         break;
  650                 case EPROGMISMATCH:
  651                         *tl = txdr_unsigned(RPC_PROGMISMATCH);
  652                         nfsm_build(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
  653                         *tl++ = txdr_unsigned(2);
  654                         *tl = txdr_unsigned(3);
  655                         break;
  656                 case EPROCUNAVAIL:
  657                         *tl = txdr_unsigned(RPC_PROCUNAVAIL);
  658                         break;
  659                 case EBADRPC:
  660                         *tl = txdr_unsigned(RPC_GARBAGE);
  661                         break;
  662                 default:
  663                         *tl = 0;
  664                         if (err != NFSERR_RETVOID) {
  665                                 nfsm_build(tl, u_int32_t *, NFSX_UNSIGNED);
  666                                 if (err)
  667                                     *tl = txdr_unsigned(nfsrv_errmap(nd, err));
  668                                 else
  669                                     *tl = 0;
  670                         }
  671                         break;
  672                 };
  673         }
  674 
  675         if (mrq != NULL)
  676                 *mrq = mreq;
  677         *mbp = mb;
  678         *bposp = bpos;
  679         if (err != 0 && err != NFSERR_RETVOID)
  680                 nfsstats.srvrpc_errs++;
  681         return (0);
  682 }
  683 
  684 static void
  685 nfs_timer_schedule(void)
  686 {
  687 
  688         callout_schedule(&nfs_timer_ch, nfs_ticks);
  689 }
  690 
  691 void
  692 nfs_timer_start(void)
  693 {
  694 
  695         if (callout_pending(&nfs_timer_ch))
  696                 return;
  697 
  698         nfs_timer_start_ev.ev_count++;
  699         nfs_timer_schedule();
  700 }
  701 
  702 void
  703 nfs_timer_init(void)
  704 {
  705 
  706         mutex_init(&nfs_timer_lock, MUTEX_DEFAULT, IPL_NONE);
  707         callout_init(&nfs_timer_ch, 0);
  708         callout_setfunc(&nfs_timer_ch, nfs_timer, NULL);
  709         evcnt_attach_dynamic(&nfs_timer_ev, EVCNT_TYPE_MISC, NULL,
  710             "nfs", "timer");
  711         evcnt_attach_dynamic(&nfs_timer_start_ev, EVCNT_TYPE_MISC, NULL,
  712             "nfs", "timer start");
  713         evcnt_attach_dynamic(&nfs_timer_stop_ev, EVCNT_TYPE_MISC, NULL,
  714             "nfs", "timer stop");
  715 }
  716 
  717 void
  718 nfs_timer_fini(void)
  719 {
  720 
  721         callout_halt(&nfs_timer_ch, NULL);
  722         callout_destroy(&nfs_timer_ch);
  723         mutex_destroy(&nfs_timer_lock);
  724         evcnt_detach(&nfs_timer_ev);
  725         evcnt_detach(&nfs_timer_start_ev);
  726         evcnt_detach(&nfs_timer_stop_ev);
  727 }
  728 
  729 void
  730 nfs_timer_srvinit(bool (*func)(void))
  731 {
  732 
  733         nfs_timer_srvvec = func;
  734 }
  735 
  736 void
  737 nfs_timer_srvfini(void)
  738 {
  739 
  740         mutex_enter(&nfs_timer_lock);
  741         nfs_timer_srvvec = NULL;
  742         mutex_exit(&nfs_timer_lock);
  743 }
  744 
  745 
  746 /*
  747  * Nfs timer routine
  748  * Scan the nfsreq list and retranmit any requests that have timed out
  749  * To avoid retransmission attempts on STREAM sockets (in the future) make
  750  * sure to set the r_retry field to 0 (implies nm_retry == 0).
  751  */
  752 void
  753 nfs_timer(void *arg)
  754 {
  755         struct nfsreq *rep;
  756         struct mbuf *m;
  757         struct socket *so;
  758         struct nfsmount *nmp;
  759         int timeo;
  760         int error;
  761         bool more = false;
  762 
  763         nfs_timer_ev.ev_count++;
  764 
  765         mutex_enter(&nfs_reqq_lock);
  766         TAILQ_FOREACH(rep, &nfs_reqq, r_chain) {
  767                 more = true;
  768                 nmp = rep->r_nmp;
  769                 if (rep->r_mrep || (rep->r_flags & R_SOFTTERM))
  770                         continue;
  771                 if (nfs_sigintr(nmp, rep, rep->r_lwp)) {
  772                         rep->r_flags |= R_SOFTTERM;
  773                         continue;
  774                 }
  775                 if (rep->r_rtt >= 0) {
  776                         rep->r_rtt++;
  777                         if (nmp->nm_flag & NFSMNT_DUMBTIMR)
  778                                 timeo = nmp->nm_timeo;
  779                         else
  780                                 timeo = NFS_RTO(nmp, nfs_proct[rep->r_procnum]);
  781                         if (nmp->nm_timeouts > 0)
  782                                 timeo *= nfs_backoff[nmp->nm_timeouts - 1];
  783                         if (timeo > NFS_MAXTIMEO)
  784                                 timeo = NFS_MAXTIMEO;
  785                         if (rep->r_rtt <= timeo)
  786                                 continue;
  787                         if (nmp->nm_timeouts <
  788                             (sizeof(nfs_backoff) / sizeof(nfs_backoff[0])))
  789                                 nmp->nm_timeouts++;
  790                 }
  791                 /*
  792                  * Check for server not responding
  793                  */
  794                 if ((rep->r_flags & R_TPRINTFMSG) == 0 &&
  795                      rep->r_rexmit > nmp->nm_deadthresh) {
  796                         nfs_msg(rep->r_lwp,
  797                             nmp->nm_mountp->mnt_stat.f_mntfromname,
  798                             "not responding");
  799                         rep->r_flags |= R_TPRINTFMSG;
  800                 }
  801                 if (rep->r_rexmit >= rep->r_retry) {    /* too many */
  802                         nfsstats.rpctimeouts++;
  803                         rep->r_flags |= R_SOFTTERM;
  804                         continue;
  805                 }
  806                 if (nmp->nm_sotype != SOCK_DGRAM) {
  807                         if (++rep->r_rexmit > NFS_MAXREXMIT)
  808                                 rep->r_rexmit = NFS_MAXREXMIT;
  809                         continue;
  810                 }
  811                 if ((so = nmp->nm_so) == NULL)
  812                         continue;
  813 
  814                 /*
  815                  * If there is enough space and the window allows..
  816                  *      Resend it
  817                  * Set r_rtt to -1 in case we fail to send it now.
  818                  */
  819                 solock(so);
  820                 rep->r_rtt = -1;
  821                 if (sbspace(&so->so_snd) >= rep->r_mreq->m_pkthdr.len &&
  822                    ((nmp->nm_flag & NFSMNT_DUMBTIMR) ||
  823                     (rep->r_flags & R_SENT) ||
  824                     nmp->nm_sent < nmp->nm_cwnd) &&
  825                    (m = m_copym(rep->r_mreq, 0, M_COPYALL, M_DONTWAIT))){
  826                         if (so->so_state & SS_ISCONNECTED)
  827                             error = (*so->so_proto->pr_usrreqs->pr_send)(so,
  828                             m, NULL, NULL, NULL);
  829                         else
  830                             error = (*so->so_proto->pr_usrreqs->pr_send)(so,
  831                                 m, mtod(nmp->nm_nam, struct sockaddr *),
  832                                 NULL, NULL);
  833                         if (error) {
  834                                 if (NFSIGNORE_SOERROR(nmp->nm_soflags, error)) {
  835 #ifdef DEBUG
  836                                         if (ratecheck(&nfs_timer_last_err_time,
  837                                             &nfs_err_interval))
  838                                                 printf("%s: ignoring error "
  839                                                        "%d\n", __func__, error);
  840 #endif
  841                                         so->so_error = 0;
  842                                 }
  843                         } else {
  844                                 /*
  845                                  * Iff first send, start timing
  846                                  * else turn timing off, backoff timer
  847                                  * and divide congestion window by 2.
  848                                  */
  849                                 if (rep->r_flags & R_SENT) {
  850                                         rep->r_flags &= ~R_TIMING;
  851                                         if (++rep->r_rexmit > NFS_MAXREXMIT)
  852                                                 rep->r_rexmit = NFS_MAXREXMIT;
  853                                         nmp->nm_cwnd >>= 1;
  854                                         if (nmp->nm_cwnd < NFS_CWNDSCALE)
  855                                                 nmp->nm_cwnd = NFS_CWNDSCALE;
  856                                         nfsstats.rpcretries++;
  857                                 } else {
  858                                         rep->r_flags |= R_SENT;
  859                                         nmp->nm_sent += NFS_CWNDSCALE;
  860                                 }
  861                                 rep->r_rtt = 0;
  862                         }
  863                 }
  864                 sounlock(so);
  865         }
  866         mutex_exit(&nfs_reqq_lock);
  867 
  868         mutex_enter(&nfs_timer_lock);
  869         if (nfs_timer_srvvec != NULL) {
  870                 more |= (*nfs_timer_srvvec)();
  871         }
  872         mutex_exit(&nfs_timer_lock);
  873 
  874         if (more) {
  875                 nfs_timer_schedule();
  876         } else {
  877                 nfs_timer_stop_ev.ev_count++;
  878         }
  879 }
  880 
  881 /*
  882  * Test for a termination condition pending on the process.
  883  * This is used for NFSMNT_INT mounts.
  884  */
  885 int
  886 nfs_sigintr(struct nfsmount *nmp, struct nfsreq *rep, struct lwp *l)
  887 {
  888         sigset_t ss;
  889 
  890         if (rep && (rep->r_flags & R_SOFTTERM))
  891                 return (EINTR);
  892         if (!(nmp->nm_flag & NFSMNT_INT))
  893                 return (0);
  894         if (l) {
  895                 sigpending1(l, &ss);
  896 #if 0
  897                 sigminusset(&l->l_proc->p_sigctx.ps_sigignore, &ss);
  898 #endif
  899                 if (sigismember(&ss, SIGINT) || sigismember(&ss, SIGTERM) ||
  900                     sigismember(&ss, SIGKILL) || sigismember(&ss, SIGHUP) ||
  901                     sigismember(&ss, SIGQUIT))
  902                         return (EINTR);
  903         }
  904         return (0);
  905 }
  906 
  907 int
  908 nfs_rcvlock(struct nfsmount *nmp, struct nfsreq *rep)
  909 {
  910         int *flagp = &nmp->nm_iflag;
  911         int slptimeo = 0;
  912         bool catch_p;
  913         int error = 0;
  914 
  915         KASSERT(nmp == rep->r_nmp);
  916 
  917         if (nmp->nm_flag & NFSMNT_SOFT)
  918                 slptimeo = nmp->nm_retry * nmp->nm_timeo;
  919 
  920         if (nmp->nm_iflag & NFSMNT_DISMNTFORCE)
  921                 slptimeo = hz;
  922 
  923         catch_p = (nmp->nm_flag & NFSMNT_INT) != 0;
  924         mutex_enter(&nmp->nm_lock);
  925         while (/* CONSTCOND */ true) {
  926                 if (*flagp & NFSMNT_DISMNT) {
  927                         cv_signal(&nmp->nm_disconcv);
  928                         error = EIO;
  929                         break;
  930                 }
  931                 /* If our reply was received while we were sleeping,
  932                  * then just return without taking the lock to avoid a
  933                  * situation where a single iod could 'capture' the
  934                  * receive lock.
  935                  */
  936                 if (rep->r_mrep != NULL) {
  937                         cv_signal(&nmp->nm_rcvcv);
  938                         error = EALREADY;
  939                         break;
  940                 }
  941                 if (nfs_sigintr(rep->r_nmp, rep, rep->r_lwp)) {
  942                         cv_signal(&nmp->nm_rcvcv);
  943                         error = EINTR;
  944                         break;
  945                 }
  946                 if ((*flagp & NFSMNT_RCVLOCK) == 0) {
  947                         *flagp |= NFSMNT_RCVLOCK;
  948                         break;
  949                 }
  950                 if (catch_p) {
  951                         error = cv_timedwait_sig(&nmp->nm_rcvcv, &nmp->nm_lock,
  952                             slptimeo);
  953                 } else {
  954                         error = cv_timedwait(&nmp->nm_rcvcv, &nmp->nm_lock,
  955                             slptimeo);
  956                 }
  957                 if (error) {
  958                         if ((error == EWOULDBLOCK) &&
  959                             (nmp->nm_flag & NFSMNT_SOFT)) {
  960                                 error = EIO;
  961                                 break;
  962                         }
  963                         error = 0;
  964                 }
  965                 if (catch_p) {
  966                         catch_p = false;
  967                         slptimeo = 2 * hz;
  968                 }
  969         }
  970         mutex_exit(&nmp->nm_lock);
  971         return error;
  972 }
  973 
  974 /*
  975  * Unlock the stream socket for others.
  976  */
  977 void
  978 nfs_rcvunlock(struct nfsmount *nmp)
  979 {
  980 
  981         mutex_enter(&nmp->nm_lock);
  982         if ((nmp->nm_iflag & NFSMNT_RCVLOCK) == 0)
  983                 panic("nfs rcvunlock");
  984         nmp->nm_iflag &= ~NFSMNT_RCVLOCK;
  985         cv_signal(&nmp->nm_rcvcv);
  986         mutex_exit(&nmp->nm_lock);
  987 }
  988 
  989 /*
  990  * Parse an RPC request
  991  * - verify it
  992  * - allocate and fill in the cred.
  993  */
  994 int
  995 nfs_getreq(struct nfsrv_descript *nd, struct nfsd *nfsd, int has_header)
  996 {
  997         int len, i;
  998         u_int32_t *tl;
  999         int32_t t1;
 1000         struct uio uio;
 1001         struct iovec iov;
 1002         char *dpos, *cp2, *cp;
 1003         u_int32_t nfsvers, auth_type;
 1004         uid_t nickuid;
 1005         int error = 0, ticklen;
 1006         struct mbuf *mrep, *md;
 1007         struct nfsuid *nuidp;
 1008         struct timeval tvin, tvout;
 1009 
 1010         memset(&tvout, 0, sizeof tvout);        /* XXX gcc */
 1011 
 1012         KASSERT(nd->nd_cr == NULL);
 1013         mrep = nd->nd_mrep;
 1014         md = nd->nd_md;
 1015         dpos = nd->nd_dpos;
 1016         if (has_header) {
 1017                 nfsm_dissect(tl, u_int32_t *, 10 * NFSX_UNSIGNED);
 1018                 nd->nd_retxid = fxdr_unsigned(u_int32_t, *tl++);
 1019                 if (*tl++ != rpc_call) {
 1020                         m_freem(mrep);
 1021                         return (EBADRPC);
 1022                 }
 1023         } else
 1024                 nfsm_dissect(tl, u_int32_t *, 8 * NFSX_UNSIGNED);
 1025         nd->nd_repstat = 0;
 1026         nd->nd_flag = 0;
 1027         if (*tl++ != rpc_vers) {
 1028                 nd->nd_repstat = ERPCMISMATCH;
 1029                 nd->nd_procnum = NFSPROC_NOOP;
 1030                 return (0);
 1031         }
 1032         if (*tl != nfs_prog) {
 1033                 nd->nd_repstat = EPROGUNAVAIL;
 1034                 nd->nd_procnum = NFSPROC_NOOP;
 1035                 return (0);
 1036         }
 1037         tl++;
 1038         nfsvers = fxdr_unsigned(u_int32_t, *tl++);
 1039         if (nfsvers < NFS_VER2 || nfsvers > NFS_VER3) {
 1040                 nd->nd_repstat = EPROGMISMATCH;
 1041                 nd->nd_procnum = NFSPROC_NOOP;
 1042                 return (0);
 1043         }
 1044         if (nfsvers == NFS_VER3)
 1045                 nd->nd_flag = ND_NFSV3;
 1046         nd->nd_procnum = fxdr_unsigned(u_int32_t, *tl++);
 1047         if (nd->nd_procnum == NFSPROC_NULL)
 1048                 return (0);
 1049         if (nd->nd_procnum > NFSPROC_COMMIT ||
 1050             (!nd->nd_flag && nd->nd_procnum > NFSV2PROC_STATFS)) {
 1051                 nd->nd_repstat = EPROCUNAVAIL;
 1052                 nd->nd_procnum = NFSPROC_NOOP;
 1053                 return (0);
 1054         }
 1055         if ((nd->nd_flag & ND_NFSV3) == 0)
 1056                 nd->nd_procnum = nfsv3_procid[nd->nd_procnum];
 1057         auth_type = *tl++;
 1058         len = fxdr_unsigned(int, *tl++);
 1059         if (len < 0 || len > RPCAUTH_MAXSIZ) {
 1060                 m_freem(mrep);
 1061                 return (EBADRPC);
 1062         }
 1063 
 1064         nd->nd_flag &= ~ND_KERBAUTH;
 1065         /*
 1066          * Handle auth_unix or auth_kerb.
 1067          */
 1068         if (auth_type == rpc_auth_unix) {
 1069                 uid_t uid;
 1070                 gid_t gid;
 1071 
 1072                 nd->nd_cr = kauth_cred_alloc();
 1073                 len = fxdr_unsigned(int, *++tl);
 1074                 if (len < 0 || len > NFS_MAXNAMLEN) {
 1075                         m_freem(mrep);
 1076                         error = EBADRPC;
 1077                         goto errout;
 1078                 }
 1079                 nfsm_adv(nfsm_rndup(len));
 1080                 nfsm_dissect(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
 1081 
 1082                 uid = fxdr_unsigned(uid_t, *tl++);
 1083                 gid = fxdr_unsigned(gid_t, *tl++);
 1084                 kauth_cred_setuid(nd->nd_cr, uid);
 1085                 kauth_cred_seteuid(nd->nd_cr, uid);
 1086                 kauth_cred_setsvuid(nd->nd_cr, uid);
 1087                 kauth_cred_setgid(nd->nd_cr, gid);
 1088                 kauth_cred_setegid(nd->nd_cr, gid);
 1089                 kauth_cred_setsvgid(nd->nd_cr, gid);
 1090 
 1091                 len = fxdr_unsigned(int, *tl);
 1092                 if (len < 0 || len > RPCAUTH_UNIXGIDS) {
 1093                         m_freem(mrep);
 1094                         error = EBADRPC;
 1095                         goto errout;
 1096                 }
 1097                 nfsm_dissect(tl, u_int32_t *, (len + 2) * NFSX_UNSIGNED);
 1098 
 1099                 if (len > 0) {
 1100                         size_t grbuf_size = uimin(len, NGROUPS) * sizeof(gid_t);
 1101                         gid_t *grbuf = kmem_alloc(grbuf_size, KM_SLEEP);
 1102 
 1103                         for (i = 0; i < len; i++) {
 1104                                 if (i < NGROUPS) /* XXX elad */
 1105                                         grbuf[i] = fxdr_unsigned(gid_t, *tl++);
 1106                                 else
 1107                                         tl++;
 1108                         }
 1109                         kauth_cred_setgroups(nd->nd_cr, grbuf,
 1110                             uimin(len, NGROUPS), -1, UIO_SYSSPACE);
 1111                         kmem_free(grbuf, grbuf_size);
 1112                 }
 1113 
 1114                 len = fxdr_unsigned(int, *++tl);
 1115                 if (len < 0 || len > RPCAUTH_MAXSIZ) {
 1116                         m_freem(mrep);
 1117                         error = EBADRPC;
 1118                         goto errout;
 1119                 }
 1120                 if (len > 0)
 1121                         nfsm_adv(nfsm_rndup(len));
 1122         } else if (auth_type == rpc_auth_kerb) {
 1123                 switch (fxdr_unsigned(int, *tl++)) {
 1124                 case RPCAKN_FULLNAME:
 1125                         ticklen = fxdr_unsigned(int, *tl);
 1126                         *((u_int32_t *)nfsd->nfsd_authstr) = *tl;
 1127                         uio.uio_resid = nfsm_rndup(ticklen) + NFSX_UNSIGNED;
 1128                         nfsd->nfsd_authlen = uio.uio_resid + NFSX_UNSIGNED;
 1129                         if (uio.uio_resid > (len - 2 * NFSX_UNSIGNED)) {
 1130                                 m_freem(mrep);
 1131                                 error = EBADRPC;
 1132                                 goto errout;
 1133                         }
 1134                         uio.uio_offset = 0;
 1135                         uio.uio_iov = &iov;
 1136                         uio.uio_iovcnt = 1;
 1137                         UIO_SETUP_SYSSPACE(&uio);
 1138                         iov.iov_base = (void *)&nfsd->nfsd_authstr[4];
 1139                         iov.iov_len = RPCAUTH_MAXSIZ - 4;
 1140                         nfsm_mtouio(&uio, uio.uio_resid);
 1141                         nfsm_dissect(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
 1142                         if (*tl++ != rpc_auth_kerb ||
 1143                                 fxdr_unsigned(int, *tl) != 4 * NFSX_UNSIGNED) {
 1144                                 printf("Bad kerb verifier\n");
 1145                                 nd->nd_repstat = (NFSERR_AUTHERR|AUTH_BADVERF);
 1146                                 nd->nd_procnum = NFSPROC_NOOP;
 1147                                 return (0);
 1148                         }
 1149                         nfsm_dissect(cp, void *, 4 * NFSX_UNSIGNED);
 1150                         tl = (u_int32_t *)cp;
 1151                         if (fxdr_unsigned(int, *tl) != RPCAKN_FULLNAME) {
 1152                                 printf("Not fullname kerb verifier\n");
 1153                                 nd->nd_repstat = (NFSERR_AUTHERR|AUTH_BADVERF);
 1154                                 nd->nd_procnum = NFSPROC_NOOP;
 1155                                 return (0);
 1156                         }
 1157                         cp += NFSX_UNSIGNED;
 1158                         memcpy(nfsd->nfsd_verfstr, cp, 3 * NFSX_UNSIGNED);
 1159                         nfsd->nfsd_verflen = 3 * NFSX_UNSIGNED;
 1160                         nd->nd_flag |= ND_KERBFULL;
 1161                         nfsd->nfsd_flag |= NFSD_NEEDAUTH;
 1162                         break;
 1163                 case RPCAKN_NICKNAME:
 1164                         if (len != 2 * NFSX_UNSIGNED) {
 1165                                 printf("Kerb nickname short\n");
 1166                                 nd->nd_repstat = (NFSERR_AUTHERR|AUTH_BADCRED);
 1167                                 nd->nd_procnum = NFSPROC_NOOP;
 1168                                 return (0);
 1169                         }
 1170                         nickuid = fxdr_unsigned(uid_t, *tl);
 1171                         nfsm_dissect(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
 1172                         if (*tl++ != rpc_auth_kerb ||
 1173                                 fxdr_unsigned(int, *tl) != 3 * NFSX_UNSIGNED) {
 1174                                 printf("Kerb nick verifier bad\n");
 1175                                 nd->nd_repstat = (NFSERR_AUTHERR|AUTH_BADVERF);
 1176                                 nd->nd_procnum = NFSPROC_NOOP;
 1177                                 return (0);
 1178                         }
 1179                         nfsm_dissect(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
 1180                         tvin.tv_sec = *tl++;
 1181                         tvin.tv_usec = *tl;
 1182 
 1183                         LIST_FOREACH(nuidp, NUIDHASH(nfsd->nfsd_slp, nickuid),
 1184                             nu_hash) {
 1185                                 if (kauth_cred_geteuid(nuidp->nu_cr) == nickuid &&
 1186                                     (!nd->nd_nam2 ||
 1187                                      netaddr_match(NU_NETFAM(nuidp),
 1188                                       &nuidp->nu_haddr, nd->nd_nam2)))
 1189                                         break;
 1190                         }
 1191                         if (!nuidp) {
 1192                                 nd->nd_repstat =
 1193                                         (NFSERR_AUTHERR|AUTH_REJECTCRED);
 1194                                 nd->nd_procnum = NFSPROC_NOOP;
 1195                                 return (0);
 1196                         }
 1197 
 1198                         /*
 1199                          * Now, decrypt the timestamp using the session key
 1200                          * and validate it.
 1201                          */
 1202 #ifdef NFSKERB
 1203                         XXX
 1204 #else
 1205                         (void)tvin.tv_sec;
 1206 #endif
 1207 
 1208                         tvout.tv_sec = fxdr_unsigned(long, tvout.tv_sec);
 1209                         tvout.tv_usec = fxdr_unsigned(long, tvout.tv_usec);
 1210                         if (nuidp->nu_expire < time_second ||
 1211                             nuidp->nu_timestamp.tv_sec > tvout.tv_sec ||
 1212                             (nuidp->nu_timestamp.tv_sec == tvout.tv_sec &&
 1213                              nuidp->nu_timestamp.tv_usec > tvout.tv_usec)) {
 1214                                 nuidp->nu_expire = 0;
 1215                                 nd->nd_repstat =
 1216                                     (NFSERR_AUTHERR|AUTH_REJECTVERF);
 1217                                 nd->nd_procnum = NFSPROC_NOOP;
 1218                                 return (0);
 1219                         }
 1220                         kauth_cred_hold(nuidp->nu_cr);
 1221                         nd->nd_cr = nuidp->nu_cr;
 1222                         nd->nd_flag |= ND_KERBNICK;
 1223                 }
 1224         } else {
 1225                 nd->nd_repstat = (NFSERR_AUTHERR | AUTH_REJECTCRED);
 1226                 nd->nd_procnum = NFSPROC_NOOP;
 1227                 return (0);
 1228         }
 1229 
 1230         nd->nd_md = md;
 1231         nd->nd_dpos = dpos;
 1232         KASSERT((nd->nd_cr == NULL && (nfsd->nfsd_flag & NFSD_NEEDAUTH) != 0)
 1233              || (nd->nd_cr != NULL && (nfsd->nfsd_flag & NFSD_NEEDAUTH) == 0));
 1234         return (0);
 1235 nfsmout:
 1236 errout:
 1237         KASSERT(error != 0);
 1238         if (nd->nd_cr != NULL) {
 1239                 kauth_cred_free(nd->nd_cr);
 1240                 nd->nd_cr = NULL;
 1241         }
 1242         return (error);
 1243 }
 1244 
 1245 int
 1246 nfs_msg(struct lwp *l, const char *server, const char *msg)
 1247 {
 1248         tpr_t tpr;
 1249 
 1250 #if 0 /* XXX nfs_timer can't block on proc_lock */
 1251         if (l)
 1252                 tpr = tprintf_open(l->l_proc);
 1253         else
 1254 #endif
 1255                 tpr = NULL;
 1256         tprintf(tpr, "nfs server %s: %s\n", server, msg);
 1257         tprintf_close(tpr);
 1258         return (0);
 1259 }
 1260 
 1261 static struct pool nfs_srvdesc_pool;
 1262 
 1263 void
 1264 nfsdreq_init(void)
 1265 {
 1266 
 1267         pool_init(&nfs_srvdesc_pool, sizeof(struct nfsrv_descript),
 1268             0, 0, 0, "nfsrvdescpl", &pool_allocator_nointr, IPL_NONE);
 1269 }
 1270 
 1271 void
 1272 nfsdreq_fini(void)
 1273 {
 1274 
 1275         pool_destroy(&nfs_srvdesc_pool);
 1276 }
 1277 
 1278 struct nfsrv_descript *
 1279 nfsdreq_alloc(void)
 1280 {
 1281         struct nfsrv_descript *nd;
 1282 
 1283         nd = pool_get(&nfs_srvdesc_pool, PR_WAITOK);
 1284         nd->nd_cr = NULL;
 1285         return nd;
 1286 }
 1287 
 1288 void
 1289 nfsdreq_free(struct nfsrv_descript *nd)
 1290 {
 1291         kauth_cred_t cr;
 1292 
 1293         cr = nd->nd_cr;
 1294         if (cr != NULL) {
 1295                 kauth_cred_free(cr);
 1296         }
 1297         pool_put(&nfs_srvdesc_pool, nd);
 1298 }

Cache object: af09cea7fbb98fbe18cb493b81952d09


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.