2 * Copyright (c) 1989, 1991, 1993, 1995
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)nfs_socket.c 8.5 (Berkeley) 3/30/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
39 * Socket operations for use by nfs
42 #include <sys/param.h>
43 #include <sys/systm.h>
44 #include <sys/kernel.h>
46 #include <sys/malloc.h>
48 #include <sys/mount.h>
49 #include <sys/mutex.h>
51 #include <sys/protosw.h>
52 #include <sys/signalvar.h>
53 #include <sys/socket.h>
54 #include <sys/socketvar.h>
55 #include <sys/sysctl.h>
56 #include <sys/syslog.h>
57 #include <sys/vnode.h>
59 #include <netinet/in.h>
60 #include <netinet/tcp.h>
62 #include <nfs/rpcv2.h>
63 #include <nfs/nfsproto.h>
64 #include <nfsserver/nfs.h>
65 #include <nfs/xdr_subs.h>
66 #include <nfsserver/nfsm_subs.h>
71 static int nfs_realign_test;
72 static int nfs_realign_count;
74 SYSCTL_DECL(_vfs_nfsrv);
76 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, realign_test, CTLFLAG_RW, &nfs_realign_test, 0, "");
77 SYSCTL_INT(_vfs_nfsrv, OID_AUTO, realign_count, CTLFLAG_RW, &nfs_realign_count, 0, "");
81 * There is a congestion window for outstanding rpcs maintained per mount
82 * point. The cwnd size is adjusted in roughly the way that:
83 * Van Jacobson, Congestion avoidance and Control, In "Proceedings of
84 * SIGCOMM '88". ACM, August 1988.
85 * describes for TCP. The cwnd size is chopped in half on a retransmit timeout
86 * and incremented by 1/cwnd when each rpc reply is received and a full cwnd
87 * of rpcs is in progress.
88 * (The sent count and cwnd are scaled for integer arith.)
89 * Variants of "slow start" were tried and were found to be too much of a
90 * performance hit (ave. rtt 3 times larger),
91 * I suspect due to the large rtt that nfs rpcs have.
93 #define NFS_CWNDSCALE 256
94 #define NFS_MAXCWND (NFS_CWNDSCALE * 32)
95 struct callout nfsrv_callout;
97 static void nfs_realign(struct mbuf **pm, int hsiz); /* XXX SHARED */
98 static int nfsrv_getstream(struct nfssvc_sock *, int);
100 int32_t (*nfsrv3_procs[NFS_NPROCS])(struct nfsrv_descript *nd,
101 struct nfssvc_sock *slp,
103 struct mbuf **mreqp) = {
131 * Generate the rpc reply header
132 * siz arg. is used to decide if adding a cluster is worthwhile
135 nfs_rephead(int siz, struct nfsrv_descript *nd, int err,
136 struct mbuf **mbp, caddr_t *bposp)
143 /* XXXRW: not 100% clear the lock is needed here. */
146 nd->nd_repstat = err;
147 if (err && (nd->nd_flag & ND_NFSV3) == 0) /* XXX recheck */
150 MGETHDR(mreq, M_TRYWAIT, MT_DATA);
153 * If this is a big reply, use a cluster else
154 * try and leave leading space for the lower level headers.
156 mreq->m_len = 6 * NFSX_UNSIGNED;
158 if ((max_hdr + siz) >= MINCLSIZE) {
159 MCLGET(mreq, M_TRYWAIT);
161 mreq->m_data += min(max_hdr, M_TRAILINGSPACE(mreq));
163 tl = mtod(mreq, u_int32_t *);
164 bpos = ((caddr_t)tl) + mreq->m_len;
165 *tl++ = txdr_unsigned(nd->nd_retxid);
166 *tl++ = nfsrv_rpc_reply;
167 if (err == ERPCMISMATCH || (err & NFSERR_AUTHERR)) {
168 *tl++ = nfsrv_rpc_msgdenied;
169 if (err & NFSERR_AUTHERR) {
170 *tl++ = nfsrv_rpc_autherr;
171 *tl = txdr_unsigned(err & ~NFSERR_AUTHERR);
172 mreq->m_len -= NFSX_UNSIGNED;
173 bpos -= NFSX_UNSIGNED;
175 *tl++ = nfsrv_rpc_mismatch;
176 *tl++ = txdr_unsigned(RPC_VER2);
177 *tl = txdr_unsigned(RPC_VER2);
180 *tl++ = nfsrv_rpc_msgaccepted;
182 * Send a RPCAUTH_NULL verifier - no Kerberos.
188 *tl = txdr_unsigned(RPC_PROGUNAVAIL);
191 *tl = txdr_unsigned(RPC_PROGMISMATCH);
192 tl = nfsm_build(u_int32_t *, 2 * NFSX_UNSIGNED);
193 *tl++ = txdr_unsigned(2);
194 *tl = txdr_unsigned(3);
197 *tl = txdr_unsigned(RPC_PROCUNAVAIL);
200 *tl = txdr_unsigned(RPC_GARBAGE);
204 if (err != NFSERR_RETVOID) {
205 tl = nfsm_build(u_int32_t *, NFSX_UNSIGNED);
207 *tl = txdr_unsigned(nfsrv_errmap(nd, err));
216 if (err != 0 && err != NFSERR_RETVOID)
217 nfsrvstats.srvrpc_errs++;
225 * Check for badly aligned mbuf data and realign by copying the unaligned
226 * portion of the data into a new mbuf chain and freeing the portions
227 * of the old chain that were replaced.
229 * We cannot simply realign the data within the existing mbuf chain
230 * because the underlying buffers may contain other rpc commands and
231 * we cannot afford to overwrite them.
233 * We would prefer to avoid this situation entirely. The situation does
234 * not occur with NFS/UDP and is supposed to only occassionally occur
235 * with TCP. Use vfs.nfs.realign_count and realign_test to check this.
238 nfs_realign(struct mbuf **pm, int hsiz) /* XXX COMMON */
241 struct mbuf *n = NULL;
244 /* XXXRW: may not need lock? */
248 while ((m = *pm) != NULL) {
249 if ((m->m_len & 0x3) || (mtod(m, intptr_t) & 0x3)) {
251 MGET(n, M_TRYWAIT, MT_DATA);
252 if (m->m_len >= MINCLSIZE) {
253 MCLGET(n, M_TRYWAIT);
263 * If n is non-NULL, loop on m copying data, then replace the
264 * portion of the chain that had to be realigned.
269 m_copyback(n, off, m->m_len, mtod(m, caddr_t));
280 * Parse an RPC request
282 * - fill in the cred struct.
285 nfs_getreq(struct nfsrv_descript *nd, struct nfsd *nfsd, int has_header)
290 u_int32_t nfsvers, auth_type;
292 struct mbuf *mrep, *md;
300 tl = nfsm_dissect_nonblock(u_int32_t *, 10 * NFSX_UNSIGNED);
301 nd->nd_retxid = fxdr_unsigned(u_int32_t, *tl++);
302 if (*tl++ != nfsrv_rpc_call) {
307 tl = nfsm_dissect_nonblock(u_int32_t *, 8 * NFSX_UNSIGNED);
310 if (*tl++ != nfsrv_rpc_vers) {
311 nd->nd_repstat = ERPCMISMATCH;
312 nd->nd_procnum = NFSPROC_NOOP;
315 if (*tl != nfsrv_nfs_prog) {
316 nd->nd_repstat = EPROGUNAVAIL;
317 nd->nd_procnum = NFSPROC_NOOP;
321 nfsvers = fxdr_unsigned(u_int32_t, *tl++);
322 if (nfsvers < NFS_VER2 || nfsvers > NFS_VER3) {
323 nd->nd_repstat = EPROGMISMATCH;
324 nd->nd_procnum = NFSPROC_NOOP;
327 nd->nd_procnum = fxdr_unsigned(u_int32_t, *tl++);
328 if (nd->nd_procnum == NFSPROC_NULL)
330 if (nfsvers == NFS_VER3) {
331 nd->nd_flag = ND_NFSV3;
332 if (nd->nd_procnum >= NFS_NPROCS) {
333 nd->nd_repstat = EPROCUNAVAIL;
334 nd->nd_procnum = NFSPROC_NOOP;
338 if (nd->nd_procnum > NFSV2PROC_STATFS) {
339 nd->nd_repstat = EPROCUNAVAIL;
340 nd->nd_procnum = NFSPROC_NOOP;
343 /* Map the v2 procedure numbers into v3 ones */
344 nd->nd_procnum = nfsrv_nfsv3_procid[nd->nd_procnum];
347 len = fxdr_unsigned(int, *tl++);
348 if (len < 0 || len > RPCAUTH_MAXSIZ) {
356 if (auth_type == nfsrv_rpc_auth_unix) {
357 len = fxdr_unsigned(int, *++tl);
358 if (len < 0 || len > NFS_MAXNAMLEN) {
362 nfsm_adv(nfsm_rndup(len));
363 tl = nfsm_dissect_nonblock(u_int32_t *, 3 * NFSX_UNSIGNED);
365 * XXX: This credential should be managed using crget(9)
366 * and related calls. Right now, this tramples on any
367 * extensible data in the ucred, fails to initialize the
368 * mutex, and worse. This must be fixed before FreeBSD
371 bzero((caddr_t)&nd->nd_cr, sizeof (struct ucred));
372 nd->nd_cr.cr_ref = 1;
373 nd->nd_cr.cr_uid = fxdr_unsigned(uid_t, *tl++);
374 nd->nd_cr.cr_gid = fxdr_unsigned(gid_t, *tl++);
375 len = fxdr_unsigned(int, *tl);
376 if (len < 0 || len > RPCAUTH_UNIXGIDS) {
380 tl = nfsm_dissect_nonblock(u_int32_t *, (len + 2) * NFSX_UNSIGNED);
381 for (i = 1; i <= len; i++)
383 nd->nd_cr.cr_groups[i] = fxdr_unsigned(gid_t, *tl++);
386 nd->nd_cr.cr_ngroups = (len >= NGROUPS) ? NGROUPS : (len + 1);
387 if (nd->nd_cr.cr_ngroups > 1)
388 nfsrvw_sort(nd->nd_cr.cr_groups, nd->nd_cr.cr_ngroups);
389 len = fxdr_unsigned(int, *++tl);
390 if (len < 0 || len > RPCAUTH_MAXSIZ) {
395 nfsm_adv(nfsm_rndup(len));
397 nd->nd_repstat = (NFSERR_AUTHERR | AUTH_REJECTCRED);
398 nd->nd_procnum = NFSPROC_NOOP;
410 * Socket upcall routine for the nfsd sockets.
411 * The caddr_t arg is a pointer to the "struct nfssvc_sock".
412 * Essentially do as much as possible non-blocking, else punt and it will
413 * be called with M_TRYWAIT from an nfsd.
416 nfsrv_rcv(struct socket *so, void *arg, int waitflag)
418 struct nfssvc_sock *slp = (struct nfssvc_sock *)arg;
421 struct sockaddr *nam;
426 * XXXRW: For now, assert Giant here since the NFS server upcall
427 * will perform socket operations requiring Giant in a non-mpsafe
431 NFSD_UNLOCK_ASSERT();
433 /* XXXRW: Unlocked read. */
434 if ((slp->ns_flag & SLP_VALID) == 0)
438 * We can't do this in the context of a socket callback
439 * because we're called with locks held.
442 if (waitflag == M_DONTWAIT) {
444 slp->ns_flag |= SLP_NEEDQ;
451 if (so->so_type == SOCK_STREAM) {
453 * If there are already records on the queue, defer soreceive()
454 * to an nfsd so that there is feedback to the TCP layer that
455 * the nfs servers are heavily loaded.
457 if (STAILQ_FIRST(&slp->ns_rec) != NULL &&
458 waitflag == M_DONTWAIT) {
459 slp->ns_flag |= SLP_NEEDQ;
466 auio.uio_resid = 1000000000;
467 flags = MSG_DONTWAIT;
469 error = so->so_proto->pr_usrreqs->pru_soreceive
470 (so, &nam, &auio, &mp, NULL, &flags);
472 if (error || mp == NULL) {
473 if (error == EWOULDBLOCK)
474 slp->ns_flag |= SLP_NEEDQ;
476 slp->ns_flag |= SLP_DISCONN;
480 if (slp->ns_rawend) {
481 slp->ns_rawend->m_next = m;
482 slp->ns_cc += 1000000000 - auio.uio_resid;
485 slp->ns_cc = 1000000000 - auio.uio_resid;
492 * Now try and parse record(s) out of the raw stream data.
494 error = nfsrv_getstream(slp, waitflag);
497 slp->ns_flag |= SLP_DISCONN;
499 slp->ns_flag |= SLP_NEEDQ;
503 auio.uio_resid = 1000000000;
504 flags = MSG_DONTWAIT;
506 error = so->so_proto->pr_usrreqs->pru_soreceive
507 (so, &nam, &auio, &mp, NULL, &flags);
509 struct nfsrv_rec *rec;
510 rec = malloc(sizeof(struct nfsrv_rec),
512 waitflag == M_DONTWAIT ? M_NOWAIT : M_WAITOK);
521 nfs_realign(&mp, 10 * NFSX_UNSIGNED);
522 rec->nr_address = nam;
524 STAILQ_INSERT_TAIL(&slp->ns_rec, rec, nr_link);
528 if ((so->so_proto->pr_flags & PR_CONNREQUIRED)
529 && error != EWOULDBLOCK) {
530 slp->ns_flag |= SLP_DISCONN;
538 * Now try and process the request records, non-blocking.
541 if (waitflag == M_DONTWAIT &&
542 (STAILQ_FIRST(&slp->ns_rec) != NULL ||
543 (slp->ns_flag & (SLP_NEEDQ | SLP_DISCONN))))
549 * Try and extract an RPC request from the mbuf data list received on a
550 * stream socket. The "waitflag" argument indicates whether or not it
554 nfsrv_getstream(struct nfssvc_sock *slp, int waitflag)
556 struct mbuf *m, **mpp;
559 struct mbuf *om, *m2, *recm;
564 if (slp->ns_flag & SLP_GETSTREAM)
565 panic("nfs getstream");
566 slp->ns_flag |= SLP_GETSTREAM;
568 if (slp->ns_reclen == 0) {
569 if (slp->ns_cc < NFSX_UNSIGNED) {
570 slp->ns_flag &= ~SLP_GETSTREAM;
574 if (m->m_len >= NFSX_UNSIGNED) {
575 bcopy(mtod(m, caddr_t), (caddr_t)&recmark, NFSX_UNSIGNED);
576 m->m_data += NFSX_UNSIGNED;
577 m->m_len -= NFSX_UNSIGNED;
579 cp1 = (caddr_t)&recmark;
580 cp2 = mtod(m, caddr_t);
581 while (cp1 < ((caddr_t)&recmark) + NFSX_UNSIGNED) {
582 while (m->m_len == 0) {
584 cp2 = mtod(m, caddr_t);
591 slp->ns_cc -= NFSX_UNSIGNED;
592 recmark = ntohl(recmark);
593 slp->ns_reclen = recmark & ~0x80000000;
594 if (recmark & 0x80000000)
595 slp->ns_flag |= SLP_LASTFRAG;
597 slp->ns_flag &= ~SLP_LASTFRAG;
598 if (slp->ns_reclen > NFS_MAXPACKET) {
599 slp->ns_flag &= ~SLP_GETSTREAM;
605 * Now get the record part.
607 * Note that slp->ns_reclen may be 0. Linux sometimes
608 * generates 0-length RPCs.
611 if (slp->ns_cc == slp->ns_reclen) {
613 slp->ns_raw = slp->ns_rawend = NULL;
614 slp->ns_cc = slp->ns_reclen = 0;
615 } else if (slp->ns_cc > slp->ns_reclen) {
620 while (len < slp->ns_reclen) {
621 if ((len + m->m_len) > slp->ns_reclen) {
623 m2 = m_copym(m, 0, slp->ns_reclen - len,
632 m->m_data += slp->ns_reclen - len;
633 m->m_len -= slp->ns_reclen - len;
634 len = slp->ns_reclen;
636 slp->ns_flag &= ~SLP_GETSTREAM;
637 return (EWOULDBLOCK);
639 } else if ((len + m->m_len) == slp->ns_reclen) {
655 slp->ns_flag &= ~SLP_GETSTREAM;
660 * Accumulate the fragments into a record.
664 mpp = &((*mpp)->m_next);
666 if (slp->ns_flag & SLP_LASTFRAG) {
667 struct nfsrv_rec *rec;
669 rec = malloc(sizeof(struct nfsrv_rec), M_NFSRVDESC,
670 waitflag == M_DONTWAIT ? M_NOWAIT : M_WAITOK);
673 m_freem(slp->ns_frag);
675 nfs_realign(&slp->ns_frag, 10 * NFSX_UNSIGNED);
676 rec->nr_address = NULL;
677 rec->nr_packet = slp->ns_frag;
678 STAILQ_INSERT_TAIL(&slp->ns_rec, rec, nr_link);
686 * Parse an RPC header.
689 nfsrv_dorec(struct nfssvc_sock *slp, struct nfsd *nfsd,
690 struct nfsrv_descript **ndp)
692 struct nfsrv_rec *rec;
694 struct sockaddr *nam;
695 struct nfsrv_descript *nd;
701 if ((slp->ns_flag & SLP_VALID) == 0 ||
702 STAILQ_FIRST(&slp->ns_rec) == NULL)
704 rec = STAILQ_FIRST(&slp->ns_rec);
705 STAILQ_REMOVE_HEAD(&slp->ns_rec, nr_link);
706 nam = rec->nr_address;
708 free(rec, M_NFSRVDESC);
710 MALLOC(nd, struct nfsrv_descript *, sizeof (struct nfsrv_descript),
711 M_NFSRVDESC, M_WAITOK);
713 nd->nd_md = nd->nd_mrep = m;
715 nd->nd_dpos = mtod(m, caddr_t);
716 error = nfs_getreq(nd, nfsd, TRUE);
721 free((caddr_t)nd, M_NFSRVDESC);
730 * Search for a sleeping nfsd and wake it up.
731 * SIDE EFFECT: If none found, set NFSD_CHECKSLP flag, so that one of the
732 * running nfsds will go look for the work in the nfssvc_sock list.
735 nfsrv_wakenfsd(struct nfssvc_sock *slp)
741 if ((slp->ns_flag & SLP_VALID) == 0)
743 TAILQ_FOREACH(nd, &nfsd_head, nfsd_chain) {
744 if (nd->nfsd_flag & NFSD_WAITING) {
745 nd->nfsd_flag &= ~NFSD_WAITING;
747 panic("nfsd wakeup");
754 slp->ns_flag |= SLP_DOREC;
755 nfsd_head_flag |= NFSD_CHECKSLP;
759 * This is the nfs send routine.
760 * For the server side:
761 * - return EINTR or ERESTART if interrupted by a signal
762 * - return EPIPE if a connection is lost for connection based sockets (TCP...)
763 * - do any cleanup required by recoverable socket errors (?)
766 nfsrv_send(struct socket *so, struct sockaddr *nam, struct mbuf *top)
768 struct sockaddr *sendnam;
769 int error, soflags, flags;
772 NFSD_UNLOCK_ASSERT();
774 soflags = so->so_proto->pr_flags;
775 if ((soflags & PR_CONNREQUIRED) || (so->so_state & SS_ISCONNECTED))
779 if (so->so_type == SOCK_SEQPACKET)
784 error = so->so_proto->pr_usrreqs->pru_sosend(so, sendnam, 0, top, 0,
785 flags, curthread/*XXX*/);
786 if (error == ENOBUFS && so->so_type == SOCK_DGRAM)
790 log(LOG_INFO, "nfsd send error %d\n", error);
793 * Handle any recoverable (soft) socket errors here. (?)
795 if (error != EINTR && error != ERESTART &&
796 error != EWOULDBLOCK && error != EPIPE)
803 * NFS server timer routine.
806 nfsrv_timer(void *arg)
808 struct nfssvc_sock *slp;
813 * Scan the write gathering queues for writes that need to be
816 cur_usec = nfs_curusec();
817 TAILQ_FOREACH(slp, &nfssvc_sockhead, ns_chain) {
818 if (LIST_FIRST(&slp->ns_tq) &&
819 LIST_FIRST(&slp->ns_tq)->nd_time <= cur_usec)
823 callout_reset(&nfsrv_callout, nfsrv_ticks, nfsrv_timer, NULL);