2 * Copyright (c) 1989, 1991, 1993, 1995
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)nfs_socket.c 8.5 (Berkeley) 3/30/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
39 * Socket operations for use by nfs
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/kernel.h>
48 #include <sys/malloc.h>
50 #include <sys/mount.h>
51 #include <sys/mutex.h>
53 #include <sys/protosw.h>
54 #include <sys/refcount.h>
55 #include <sys/signalvar.h>
56 #include <sys/socket.h>
57 #include <sys/socketvar.h>
58 #include <sys/sysctl.h>
59 #include <sys/syslog.h>
60 #include <sys/vnode.h>
62 #include <netinet/in.h>
63 #include <netinet/tcp.h>
65 #include <nfs/rpcv2.h>
66 #include <nfs/nfsproto.h>
67 #include <nfsserver/nfs.h>
68 #include <nfs/xdr_subs.h>
69 #include <nfsserver/nfsm_subs.h>
71 #include <security/mac/mac_framework.h>
76 static int nfs_realign_test;
77 static int nfs_realign_count;
79 SYSCTL_DECL(_vfs_nfsrv);
81 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, realign_test, CTLFLAG_RW, &nfs_realign_test, 0, "");
82 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, realign_count, CTLFLAG_RW, &nfs_realign_count, 0, "");
86 * There is a congestion window for outstanding rpcs maintained per mount
87 * point. The cwnd size is adjusted in roughly the way that:
88 * Van Jacobson, Congestion avoidance and Control, In "Proceedings of
89 * SIGCOMM '88". ACM, August 1988.
90 * describes for TCP. The cwnd size is chopped in half on a retransmit timeout
91 * and incremented by 1/cwnd when each rpc reply is received and a full cwnd
92 * of rpcs is in progress.
93 * (The sent count and cwnd are scaled for integer arith.)
94 * Variants of "slow start" were tried and were found to be too much of a
95 * performance hit (ave. rtt 3 times larger),
96 * I suspect due to the large rtt that nfs rpcs have.
98 #define NFS_CWNDSCALE 256
99 #define NFS_MAXCWND (NFS_CWNDSCALE * 32)
100 struct callout nfsrv_callout;
102 static void nfs_realign(struct mbuf **pm, int hsiz); /* XXX SHARED */
103 static int nfsrv_getstream(struct nfssvc_sock *, int);
105 int32_t (*nfsrv3_procs[NFS_NPROCS])(struct nfsrv_descript *nd,
106 struct nfssvc_sock *slp,
107 struct mbuf **mreqp) = {
135 * Generate the rpc reply header
136 * siz arg. is used to decide if adding a cluster is worthwhile
139 nfs_rephead(int siz, struct nfsrv_descript *nd, int err,
140 struct mbuf **mbp, caddr_t *bposp)
147 nd->nd_repstat = err;
148 if (err && (nd->nd_flag & ND_NFSV3) == 0) /* XXX recheck */
150 MGETHDR(mreq, M_WAIT, MT_DATA);
153 * If this is a big reply, use a cluster else
154 * try and leave leading space for the lower level headers.
156 mreq->m_len = 6 * NFSX_UNSIGNED;
158 if ((max_hdr + siz) >= MINCLSIZE) {
159 MCLGET(mreq, M_WAIT);
161 mreq->m_data += min(max_hdr, M_TRAILINGSPACE(mreq));
162 tl = mtod(mreq, u_int32_t *);
163 bpos = ((caddr_t)tl) + mreq->m_len;
164 *tl++ = txdr_unsigned(nd->nd_retxid);
165 *tl++ = nfsrv_rpc_reply;
166 if (err == ERPCMISMATCH || (err & NFSERR_AUTHERR)) {
167 *tl++ = nfsrv_rpc_msgdenied;
168 if (err & NFSERR_AUTHERR) {
169 *tl++ = nfsrv_rpc_autherr;
170 *tl = txdr_unsigned(err & ~NFSERR_AUTHERR);
171 mreq->m_len -= NFSX_UNSIGNED;
172 bpos -= NFSX_UNSIGNED;
174 *tl++ = nfsrv_rpc_mismatch;
175 *tl++ = txdr_unsigned(RPC_VER2);
176 *tl = txdr_unsigned(RPC_VER2);
179 *tl++ = nfsrv_rpc_msgaccepted;
181 * Send a RPCAUTH_NULL verifier - no Kerberos.
187 *tl = txdr_unsigned(RPC_PROGUNAVAIL);
190 *tl = txdr_unsigned(RPC_PROGMISMATCH);
191 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
192 *tl++ = txdr_unsigned(2);
193 *tl = txdr_unsigned(3);
196 *tl = txdr_unsigned(RPC_PROCUNAVAIL);
199 *tl = txdr_unsigned(RPC_GARBAGE);
203 if (err != NFSERR_RETVOID) {
204 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
206 *tl = txdr_unsigned(nfsrv_errmap(nd, err));
215 if (err != 0 && err != NFSERR_RETVOID)
216 nfsrvstats.srvrpc_errs++;
224 * Check for badly aligned mbuf data and realign by copying the unaligned
225 * portion of the data into a new mbuf chain and freeing the portions
226 * of the old chain that were replaced.
228 * We cannot simply realign the data within the existing mbuf chain
229 * because the underlying buffers may contain other rpc commands and
230 * we cannot afford to overwrite them.
232 * We would prefer to avoid this situation entirely. The situation does
233 * not occur with NFS/UDP and is supposed to only occassionally occur
234 * with TCP. Use vfs.nfs.realign_count and realign_test to check this.
237 nfs_realign(struct mbuf **pm, int hsiz) /* XXX COMMON */
240 struct mbuf *n = NULL;
244 while ((m = *pm) != NULL) {
245 if ((m->m_len & 0x3) || (mtod(m, intptr_t) & 0x3)) {
246 MGET(n, M_WAIT, MT_DATA);
247 if (m->m_len >= MINCLSIZE) {
257 * If n is non-NULL, loop on m copying data, then replace the
258 * portion of the chain that had to be realigned.
263 m_copyback(n, off, m->m_len, mtod(m, caddr_t));
274 * Parse an RPC request
276 * - fill in the cred struct.
279 nfs_getreq(struct nfsrv_descript *nd, struct nfsd *nfsd, int has_header)
284 u_int32_t nfsvers, auth_type;
286 struct mbuf *mrep, *md;
294 tl = nfsm_dissect_nonblock(u_int32_t *, 10 * NFSX_UNSIGNED);
295 nd->nd_retxid = fxdr_unsigned(u_int32_t, *tl++);
296 if (*tl++ != nfsrv_rpc_call) {
301 tl = nfsm_dissect_nonblock(u_int32_t *, 8 * NFSX_UNSIGNED);
304 if (*tl++ != nfsrv_rpc_vers) {
305 nd->nd_repstat = ERPCMISMATCH;
306 nd->nd_procnum = NFSPROC_NOOP;
309 if (*tl != nfsrv_nfs_prog) {
310 nd->nd_repstat = EPROGUNAVAIL;
311 nd->nd_procnum = NFSPROC_NOOP;
315 nfsvers = fxdr_unsigned(u_int32_t, *tl++);
316 if (nfsvers < NFS_VER2 || nfsvers > NFS_VER3) {
317 nd->nd_repstat = EPROGMISMATCH;
318 nd->nd_procnum = NFSPROC_NOOP;
321 nd->nd_procnum = fxdr_unsigned(u_int32_t, *tl++);
322 if (nd->nd_procnum == NFSPROC_NULL)
324 if (nfsvers == NFS_VER3) {
325 nd->nd_flag = ND_NFSV3;
326 if (nd->nd_procnum >= NFS_NPROCS) {
327 nd->nd_repstat = EPROCUNAVAIL;
328 nd->nd_procnum = NFSPROC_NOOP;
332 if (nd->nd_procnum > NFSV2PROC_STATFS) {
333 nd->nd_repstat = EPROCUNAVAIL;
334 nd->nd_procnum = NFSPROC_NOOP;
337 /* Map the v2 procedure numbers into v3 ones */
338 nd->nd_procnum = nfsrv_nfsv3_procid[nd->nd_procnum];
341 len = fxdr_unsigned(int, *tl++);
342 if (len < 0 || len > RPCAUTH_MAXSIZ) {
350 if (auth_type == nfsrv_rpc_auth_unix) {
351 len = fxdr_unsigned(int, *++tl);
352 if (len < 0 || len > NFS_MAXNAMLEN) {
356 nfsm_adv(nfsm_rndup(len));
357 tl = nfsm_dissect_nonblock(u_int32_t *, 3 * NFSX_UNSIGNED);
358 nd->nd_cr->cr_uid = nd->nd_cr->cr_ruid =
359 nd->nd_cr->cr_svuid = fxdr_unsigned(uid_t, *tl++);
360 nd->nd_cr->cr_groups[0] = nd->nd_cr->cr_rgid =
361 nd->nd_cr->cr_svgid = fxdr_unsigned(gid_t, *tl++);
363 mac_proc_associate_nfsd(nd->nd_cr);
365 len = fxdr_unsigned(int, *tl);
366 if (len < 0 || len > RPCAUTH_UNIXGIDS) {
370 tl = nfsm_dissect_nonblock(u_int32_t *, (len + 2) * NFSX_UNSIGNED);
371 for (i = 1; i <= len; i++)
373 nd->nd_cr->cr_groups[i] = fxdr_unsigned(gid_t, *tl++);
376 nd->nd_cr->cr_ngroups = (len >= NGROUPS) ? NGROUPS : (len + 1);
377 if (nd->nd_cr->cr_ngroups > 1)
378 nfsrvw_sort(nd->nd_cr->cr_groups, nd->nd_cr->cr_ngroups);
379 len = fxdr_unsigned(int, *++tl);
380 if (len < 0 || len > RPCAUTH_MAXSIZ) {
385 nfsm_adv(nfsm_rndup(len));
387 nd->nd_repstat = (NFSERR_AUTHERR | AUTH_REJECTCRED);
388 nd->nd_procnum = NFSPROC_NOOP;
400 * Socket upcall routine for the nfsd sockets.
401 * The caddr_t arg is a pointer to the "struct nfssvc_sock".
402 * Essentially do as much as possible non-blocking, else punt and it will
403 * be called with M_WAIT from an nfsd.
406 nfsrv_rcv(struct socket *so, void *arg, int waitflag)
408 struct nfssvc_sock *slp = (struct nfssvc_sock *)arg;
411 struct sockaddr *nam;
415 NFSD_UNLOCK_ASSERT();
417 /* XXXRW: Unlocked read. */
418 if ((slp->ns_flag & SLP_VALID) == 0)
422 * We can't do this in the context of a socket callback
423 * because we're called with locks held.
426 if (waitflag == M_DONTWAIT) {
428 slp->ns_flag |= SLP_NEEDQ;
435 if (so->so_type == SOCK_STREAM) {
437 * If there are already records on the queue, defer soreceive()
438 * to an nfsd so that there is feedback to the TCP layer that
439 * the nfs servers are heavily loaded.
441 if (STAILQ_FIRST(&slp->ns_rec) != NULL &&
442 waitflag == M_DONTWAIT) {
443 slp->ns_flag |= SLP_NEEDQ;
450 auio.uio_resid = 1000000000;
451 flags = MSG_DONTWAIT;
453 error = soreceive(so, &nam, &auio, &mp, NULL, &flags);
455 if (error || mp == NULL) {
456 if (error == EWOULDBLOCK)
457 slp->ns_flag |= SLP_NEEDQ;
459 slp->ns_flag |= SLP_DISCONN;
463 if (slp->ns_rawend) {
464 slp->ns_rawend->m_next = m;
465 slp->ns_cc += 1000000000 - auio.uio_resid;
468 slp->ns_cc = 1000000000 - auio.uio_resid;
475 * Now try and parse record(s) out of the raw stream data.
477 error = nfsrv_getstream(slp, waitflag);
480 slp->ns_flag |= SLP_DISCONN;
482 slp->ns_flag |= SLP_NEEDQ;
486 auio.uio_resid = 1000000000;
487 flags = MSG_DONTWAIT;
489 error = soreceive(so, &nam, &auio, &mp, NULL, &flags);
491 struct nfsrv_rec *rec;
492 rec = malloc(sizeof(struct nfsrv_rec),
494 waitflag == M_DONTWAIT ? M_NOWAIT : M_WAITOK);
502 nfs_realign(&mp, 10 * NFSX_UNSIGNED);
504 rec->nr_address = nam;
506 STAILQ_INSERT_TAIL(&slp->ns_rec, rec, nr_link);
510 if ((so->so_proto->pr_flags & PR_CONNREQUIRED)
511 && error != EWOULDBLOCK) {
512 slp->ns_flag |= SLP_DISCONN;
520 * Now try and process the request records, non-blocking.
523 if (waitflag == M_DONTWAIT &&
524 (STAILQ_FIRST(&slp->ns_rec) != NULL ||
525 (slp->ns_flag & (SLP_NEEDQ | SLP_DISCONN))))
531 * Try and extract an RPC request from the mbuf data list received on a
532 * stream socket. The "waitflag" argument indicates whether or not it
536 nfsrv_getstream(struct nfssvc_sock *slp, int waitflag)
538 struct mbuf *m, **mpp;
541 struct mbuf *om, *m2, *recm;
546 if (slp->ns_flag & SLP_GETSTREAM)
547 panic("nfs getstream");
548 slp->ns_flag |= SLP_GETSTREAM;
550 if (slp->ns_reclen == 0) {
551 if (slp->ns_cc < NFSX_UNSIGNED) {
552 slp->ns_flag &= ~SLP_GETSTREAM;
556 if (m->m_len >= NFSX_UNSIGNED) {
557 bcopy(mtod(m, caddr_t), (caddr_t)&recmark, NFSX_UNSIGNED);
558 m->m_data += NFSX_UNSIGNED;
559 m->m_len -= NFSX_UNSIGNED;
561 cp1 = (caddr_t)&recmark;
562 cp2 = mtod(m, caddr_t);
563 while (cp1 < ((caddr_t)&recmark) + NFSX_UNSIGNED) {
564 while (m->m_len == 0) {
566 cp2 = mtod(m, caddr_t);
573 slp->ns_cc -= NFSX_UNSIGNED;
574 recmark = ntohl(recmark);
575 slp->ns_reclen = recmark & ~0x80000000;
576 if (recmark & 0x80000000)
577 slp->ns_flag |= SLP_LASTFRAG;
579 slp->ns_flag &= ~SLP_LASTFRAG;
580 if (slp->ns_reclen > NFS_MAXPACKET || slp->ns_reclen <= 0) {
581 slp->ns_flag &= ~SLP_GETSTREAM;
587 * Now get the record part.
589 * Note that slp->ns_reclen may be 0. Linux sometimes
590 * generates 0-length RPCs.
593 if (slp->ns_cc == slp->ns_reclen) {
595 slp->ns_raw = slp->ns_rawend = NULL;
596 slp->ns_cc = slp->ns_reclen = 0;
597 } else if (slp->ns_cc > slp->ns_reclen) {
602 while (len < slp->ns_reclen) {
603 if ((len + m->m_len) > slp->ns_reclen) {
605 m2 = m_copym(m, 0, slp->ns_reclen - len,
614 m->m_data += slp->ns_reclen - len;
615 m->m_len -= slp->ns_reclen - len;
616 len = slp->ns_reclen;
618 slp->ns_flag &= ~SLP_GETSTREAM;
619 return (EWOULDBLOCK);
621 } else if ((len + m->m_len) == slp->ns_reclen) {
637 slp->ns_flag &= ~SLP_GETSTREAM;
642 * Accumulate the fragments into a record.
646 mpp = &((*mpp)->m_next);
648 if (slp->ns_flag & SLP_LASTFRAG) {
649 struct nfsrv_rec *rec;
651 rec = malloc(sizeof(struct nfsrv_rec), M_NFSRVDESC,
652 waitflag == M_DONTWAIT ? M_NOWAIT : M_WAITOK);
654 nfs_realign(&slp->ns_frag, 10 * NFSX_UNSIGNED);
655 rec->nr_address = NULL;
656 rec->nr_packet = slp->ns_frag;
658 STAILQ_INSERT_TAIL(&slp->ns_rec, rec, nr_link);
663 m_freem(slp->ns_frag);
671 * Parse an RPC header.
674 nfsrv_dorec(struct nfssvc_sock *slp, struct nfsd *nfsd,
675 struct nfsrv_descript **ndp)
677 struct nfsrv_rec *rec;
679 struct sockaddr *nam;
680 struct nfsrv_descript *nd;
686 if ((slp->ns_flag & SLP_VALID) == 0 ||
687 STAILQ_FIRST(&slp->ns_rec) == NULL)
689 rec = STAILQ_FIRST(&slp->ns_rec);
690 KASSERT(rec->nr_packet != NULL, ("nfsrv_dorec: missing mbuf"));
691 STAILQ_REMOVE_HEAD(&slp->ns_rec, nr_link);
692 nam = rec->nr_address;
694 free(rec, M_NFSRVDESC);
696 MALLOC(nd, struct nfsrv_descript *, sizeof (struct nfsrv_descript),
697 M_NFSRVDESC, M_WAITOK);
700 nd->nd_md = nd->nd_mrep = m;
702 nd->nd_dpos = mtod(m, caddr_t);
703 error = nfs_getreq(nd, nfsd, TRUE);
708 if (nd->nd_cr != NULL)
710 free((caddr_t)nd, M_NFSRVDESC);
719 * Search for a sleeping nfsd and wake it up.
720 * SIDE EFFECT: If none found, set NFSD_CHECKSLP flag, so that one of the
721 * running nfsds will go look for the work in the nfssvc_sock list.
724 nfsrv_wakenfsd(struct nfssvc_sock *slp)
730 if ((slp->ns_flag & SLP_VALID) == 0)
732 TAILQ_FOREACH(nd, &nfsd_head, nfsd_chain) {
733 if (nd->nfsd_flag & NFSD_WAITING) {
734 nd->nfsd_flag &= ~NFSD_WAITING;
736 panic("nfsd wakeup");
743 slp->ns_flag |= SLP_DOREC;
744 nfsd_head_flag |= NFSD_CHECKSLP;
748 * This is the nfs send routine.
749 * For the server side:
750 * - return EINTR or ERESTART if interrupted by a signal
751 * - return EPIPE if a connection is lost for connection based sockets (TCP...)
752 * - do any cleanup required by recoverable socket errors (?)
755 nfsrv_send(struct socket *so, struct sockaddr *nam, struct mbuf *top)
757 struct sockaddr *sendnam;
758 int error, soflags, flags;
760 NFSD_UNLOCK_ASSERT();
762 soflags = so->so_proto->pr_flags;
763 if ((soflags & PR_CONNREQUIRED) || (so->so_state & SS_ISCONNECTED))
767 if (so->so_type == SOCK_SEQPACKET)
772 error = sosend(so, sendnam, 0, top, 0, flags, curthread/*XXX*/);
773 if (error == ENOBUFS && so->so_type == SOCK_DGRAM)
777 log(LOG_INFO, "nfsd send error %d\n", error);
780 * Handle any recoverable (soft) socket errors here. (?)
782 if (error != EINTR && error != ERESTART &&
783 error != EWOULDBLOCK && error != EPIPE)
790 * NFS server timer routine.
793 nfsrv_timer(void *arg)
795 struct nfssvc_sock *slp;
800 * Scan the write gathering queues for writes that need to be
803 cur_usec = nfs_curusec();
804 TAILQ_FOREACH(slp, &nfssvc_sockhead, ns_chain) {
805 if (LIST_FIRST(&slp->ns_tq) &&
806 LIST_FIRST(&slp->ns_tq)->nd_time <= cur_usec)
810 callout_reset(&nfsrv_callout, nfsrv_ticks, nfsrv_timer, NULL);