1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 1989, 2010, Oracle and/or its affiliates. All rights reserved. 24 * Copyright 2014 Nexenta Systems, Inc. All rights reserved. 25 */ 26 27 /* Copyright (c) 1988 AT&T */ 28 /* All Rights Reserved */ 29 30 /* 31 * svc_generic.c, Server side for RPC. 32 * 33 */ 34 35 #include "mt.h" 36 #include <stdlib.h> 37 #include <sys/socket.h> 38 #include <netinet/in.h> 39 #include <netinet/tcp.h> 40 #include <netinet/udp.h> 41 #include <inttypes.h> 42 #include "rpc_mt.h" 43 #include <stdio.h> 44 #include <rpc/rpc.h> 45 #include <sys/types.h> 46 #include <errno.h> 47 #include <syslog.h> 48 #include <rpc/nettype.h> 49 #include <malloc.h> 50 #include <string.h> 51 #include <stropts.h> 52 #include <tsol/label.h> 53 #include <nfs/nfs.h> 54 #include <nfs/nfs_acl.h> 55 #include <rpcsvc/mount.h> 56 #include <rpcsvc/nsm_addr.h> 57 #include <rpcsvc/rquota.h> 58 #include <rpcsvc/sm_inter.h> 59 #include <rpcsvc/nlm_prot.h> 60 61 extern int __svc_vc_setflag(SVCXPRT *, int); 62 63 extern SVCXPRT *svc_dg_create_private(int, uint_t, uint_t); 64 extern SVCXPRT *svc_vc_create_private(int, uint_t, uint_t); 65 extern SVCXPRT *svc_fd_create_private(int, uint_t, uint_t); 66 67 extern bool_t __svc_add_to_xlist(SVCXPRT_LIST **, SVCXPRT *, mutex_t *); 68 extern void __svc_free_xlist(SVCXPRT_LIST **, mutex_t *); 69 70 extern bool_t __rpc_try_doors(const char *, bool_t *); 71 72 /* 73 * The highest level interface for server creation. 74 * It tries for all the nettokens in that particular class of token 75 * and returns the number of handles it can create and/or find. 76 * 77 * It creates a link list of all the handles it could create. 78 * If svc_create() is called multiple times, it uses the handle 79 * created earlier instead of creating a new handle every time. 80 */ 81 82 /* VARIABLES PROTECTED BY xprtlist_lock: xprtlist */ 83 84 SVCXPRT_LIST *_svc_xprtlist = NULL; 85 extern mutex_t xprtlist_lock; 86 87 static SVCXPRT * svc_tli_create_common(int, const struct netconfig *, 88 const struct t_bind *, uint_t, uint_t, boolean_t); 89 90 boolean_t 91 is_multilevel(rpcprog_t prognum) 92 { 93 /* This is a list of identified multilevel service provider */ 94 if ((prognum == MOUNTPROG) || (prognum == NFS_PROGRAM) || 95 (prognum == NFS_ACL_PROGRAM) || (prognum == NLM_PROG) || 96 (prognum == NSM_ADDR_PROGRAM) || (prognum == RQUOTAPROG) || 97 (prognum == SM_PROG)) 98 return (B_TRUE); 99 100 return (B_FALSE); 101 } 102 103 void 104 __svc_free_xprtlist(void) 105 { 106 __svc_free_xlist(&_svc_xprtlist, &xprtlist_lock); 107 } 108 109 int 110 svc_create(void (*dispatch)(), const rpcprog_t prognum, const rpcvers_t versnum, 111 const char *nettype) 112 { 113 SVCXPRT_LIST *l; 114 int num = 0; 115 SVCXPRT *xprt; 116 struct netconfig *nconf; 117 void *handle; 118 bool_t try_others; 119 120 /* 121 * Check if service should register over doors transport. 122 */ 123 if (__rpc_try_doors(nettype, &try_others)) { 124 if (svc_door_create(dispatch, prognum, versnum, 0) == NULL) 125 (void) syslog(LOG_ERR, 126 "svc_create: could not register over doors"); 127 else 128 num++; 129 } 130 if (!try_others) 131 return (num); 132 if ((handle = __rpc_setconf((char *)nettype)) == NULL) { 133 (void) syslog(LOG_ERR, "svc_create: unknown protocol"); 134 return (0); 135 } 136 while (nconf = __rpc_getconf(handle)) { 137 (void) mutex_lock(&xprtlist_lock); 138 for (l = _svc_xprtlist; l; l = l->next) { 139 if (strcmp(l->xprt->xp_netid, nconf->nc_netid) == 0) { 140 /* Found an old one, use it */ 141 (void) rpcb_unset(prognum, versnum, nconf); 142 if (svc_reg(l->xprt, prognum, versnum, 143 dispatch, nconf) == FALSE) 144 (void) syslog(LOG_ERR, "svc_create: " 145 "could not register prog %d vers " 146 "%d on %s", 147 prognum, versnum, nconf->nc_netid); 148 else 149 num++; 150 break; 151 } 152 } 153 (void) mutex_unlock(&xprtlist_lock); 154 if (l == NULL) { 155 /* It was not found. Now create a new one */ 156 xprt = svc_tp_create(dispatch, prognum, versnum, nconf); 157 if (xprt) { 158 if (!__svc_add_to_xlist(&_svc_xprtlist, xprt, 159 &xprtlist_lock)) { 160 (void) syslog(LOG_ERR, 161 "svc_create: no memory"); 162 return (0); 163 } 164 num++; 165 } 166 } 167 } 168 __rpc_endconf(handle); 169 /* 170 * In case of num == 0; the error messages are generated by the 171 * underlying layers; and hence not needed here. 172 */ 173 return (num); 174 } 175 176 /* 177 * The high level interface to svc_tli_create(). 178 * It tries to create a server for "nconf" and registers the service 179 * with the rpcbind. It calls svc_tli_create(); 180 */ 181 SVCXPRT * 182 svc_tp_create(void (*dispatch)(), const rpcprog_t prognum, 183 const rpcvers_t versnum, const struct netconfig *nconf) 184 { 185 SVCXPRT *xprt; 186 boolean_t anon_mlp = B_FALSE; 187 188 if (nconf == NULL) { 189 (void) syslog(LOG_ERR, "svc_tp_create: invalid netconfig " 190 "structure for prog %d vers %d", prognum, versnum); 191 return (NULL); 192 } 193 194 /* Some programs need to allocate MLP for multilevel services */ 195 if (is_system_labeled() && is_multilevel(prognum)) 196 anon_mlp = B_TRUE; 197 xprt = svc_tli_create_common(RPC_ANYFD, nconf, NULL, 0, 0, anon_mlp); 198 if (xprt == NULL) 199 return (NULL); 200 201 (void) rpcb_unset(prognum, versnum, (struct netconfig *)nconf); 202 if (svc_reg(xprt, prognum, versnum, dispatch, nconf) == FALSE) { 203 (void) syslog(LOG_ERR, 204 "svc_tp_create: Could not register prog %d vers %d on %s", 205 prognum, versnum, nconf->nc_netid); 206 SVC_DESTROY(xprt); 207 return (NULL); 208 } 209 return (xprt); 210 } 211 212 SVCXPRT * 213 svc_tli_create(const int fd, const struct netconfig *nconf, 214 const struct t_bind *bindaddr, const uint_t sendsz, const uint_t recvsz) 215 { 216 return (svc_tli_create_common(fd, nconf, bindaddr, sendsz, recvsz, 0)); 217 } 218 219 /* 220 * If fd is RPC_ANYFD, then it opens a fd for the given transport 221 * provider (nconf cannot be NULL then). If the t_state is T_UNBND and 222 * bindaddr is NON-NULL, it performs a t_bind using the bindaddr. For 223 * NULL bindadr and Connection oriented transports, the value of qlen 224 * is set arbitrarily. 225 * 226 * If sendsz or recvsz are zero, their default values are chosen. 227 */ 228 SVCXPRT * 229 svc_tli_create_common(const int ofd, const struct netconfig *nconf, 230 const struct t_bind *bindaddr, const uint_t sendsz, 231 const uint_t recvsz, boolean_t mlp_flag) 232 { 233 SVCXPRT *xprt = NULL; /* service handle */ 234 struct t_info tinfo; /* transport info */ 235 struct t_bind *tres = NULL; /* bind info */ 236 bool_t madefd = FALSE; /* whether fd opened here */ 237 int state; /* state of the transport provider */ 238 int fd = ofd; 239 240 if (fd == RPC_ANYFD) { 241 if (nconf == NULL) { 242 (void) syslog(LOG_ERR, 243 "svc_tli_create: invalid netconfig"); 244 return (NULL); 245 } 246 fd = t_open(nconf->nc_device, O_RDWR, &tinfo); 247 if (fd == -1) { 248 char errorstr[100]; 249 250 __tli_sys_strerror(errorstr, sizeof (errorstr), 251 t_errno, errno); 252 (void) syslog(LOG_ERR, "svc_tli_create: could not open " 253 "connection for %s: %s", nconf->nc_netid, errorstr); 254 return (NULL); 255 } 256 madefd = TRUE; 257 state = T_UNBND; 258 } else { 259 /* 260 * It is an open descriptor. Sync it & get the transport info. 261 */ 262 if ((state = t_sync(fd)) == -1) { 263 char errorstr[100]; 264 265 __tli_sys_strerror(errorstr, sizeof (errorstr), 266 t_errno, errno); 267 (void) syslog(LOG_ERR, 268 "svc_tli_create: could not do t_sync: %s", 269 errorstr); 270 return (NULL); 271 } 272 if (t_getinfo(fd, &tinfo) == -1) { 273 char errorstr[100]; 274 275 __tli_sys_strerror(errorstr, sizeof (errorstr), 276 t_errno, errno); 277 (void) syslog(LOG_ERR, "svc_tli_create: could not get " 278 "transport information: %s", errorstr); 279 return (NULL); 280 } 281 /* Enable options of returning the ip's for udp */ 282 if (nconf) { 283 int ret = 0; 284 if (strcmp(nconf->nc_netid, "udp6") == 0) { 285 ret = __rpc_tli_set_options(fd, IPPROTO_IPV6, 286 IPV6_RECVPKTINFO, 1); 287 if (ret < 0) { 288 char errorstr[100]; 289 290 __tli_sys_strerror(errorstr, 291 sizeof (errorstr), t_errno, errno); 292 (void) syslog(LOG_ERR, 293 "svc_tli_create: " 294 "IPV6_RECVPKTINFO(1): %s", 295 errorstr); 296 return (NULL); 297 } 298 } else if (strcmp(nconf->nc_netid, "udp") == 0) { 299 ret = __rpc_tli_set_options(fd, IPPROTO_IP, 300 IP_RECVDSTADDR, 1); 301 if (ret < 0) { 302 char errorstr[100]; 303 304 __tli_sys_strerror(errorstr, 305 sizeof (errorstr), t_errno, errno); 306 (void) syslog(LOG_ERR, 307 "svc_tli_create: " 308 "IP_RECVDSTADDR(1): %s", errorstr); 309 return (NULL); 310 } 311 } 312 } 313 } 314 315 /* 316 * If the fd is unbound, try to bind it. 317 * In any case, try to get its bound info in tres 318 */ 319 /* LINTED pointer alignment */ 320 tres = (struct t_bind *)t_alloc(fd, T_BIND, T_ADDR); 321 if (tres == NULL) { 322 (void) syslog(LOG_ERR, "svc_tli_create: No memory!"); 323 goto freedata; 324 } 325 326 switch (state) { 327 bool_t tcp, exclbind; 328 case T_UNBND: 329 /* If this is a labeled system, then ask for an MLP */ 330 if (is_system_labeled() && 331 (strcmp(nconf->nc_protofmly, NC_INET) == 0 || 332 strcmp(nconf->nc_protofmly, NC_INET6) == 0)) { 333 (void) __rpc_tli_set_options(fd, SOL_SOCKET, 334 SO_RECVUCRED, 1); 335 if (mlp_flag) 336 (void) __rpc_tli_set_options(fd, SOL_SOCKET, 337 SO_ANON_MLP, 1); 338 } 339 340 /* 341 * SO_EXCLBIND has the following properties 342 * - an fd bound to port P via IPv4 will prevent an IPv6 343 * bind to port P (and vice versa) 344 * - an fd bound to a wildcard IP address for port P will 345 * prevent a more specific IP address bind to port P 346 * (see {tcp,udp}.c for details) 347 * 348 * We use the latter property to prevent hijacking of RPC 349 * services that reside at non-privileged ports. 350 */ 351 tcp = nconf ? (strcmp(nconf->nc_proto, NC_TCP) == 0) : 0; 352 if (nconf && 353 (tcp || (strcmp(nconf->nc_proto, NC_UDP) == 0)) && 354 rpc_control(__RPC_SVC_EXCLBIND_GET, &exclbind)) { 355 if (exclbind) { 356 if (__rpc_tli_set_options(fd, SOL_SOCKET, 357 SO_EXCLBIND, 1) < 0) { 358 syslog(LOG_ERR, 359 "svc_tli_create: can't set EXCLBIND [netid='%s']", 360 nconf->nc_netid); 361 goto freedata; 362 } 363 } 364 } 365 if (bindaddr) { 366 if (t_bind(fd, (struct t_bind *)bindaddr, tres) == -1) { 367 char errorstr[100]; 368 369 __tli_sys_strerror(errorstr, sizeof (errorstr), 370 t_errno, errno); 371 (void) syslog(LOG_ERR, 372 "svc_tli_create: could not bind: %s", 373 errorstr); 374 goto freedata; 375 } 376 /* 377 * Should compare the addresses only if addr.len 378 * was non-zero 379 */ 380 if (bindaddr->addr.len && 381 (memcmp(bindaddr->addr.buf, tres->addr.buf, 382 (int)tres->addr.len) != 0)) { 383 (void) syslog(LOG_ERR, "svc_tli_create: could " 384 "not bind to requested address: address " 385 "mismatch"); 386 goto freedata; 387 } 388 } else { 389 if (rpc_control(__RPC_SVC_LSTNBKLOG_GET, &tres->qlen) 390 == FALSE) { 391 syslog(LOG_ERR, 392 "svc_tli_create: can't get listen backlog"); 393 goto freedata; 394 } 395 tres->addr.len = 0; 396 if (t_bind(fd, tres, tres) == -1) { 397 char errorstr[100]; 398 399 __tli_sys_strerror(errorstr, sizeof (errorstr), 400 t_errno, errno); 401 (void) syslog(LOG_ERR, 402 "svc_tli_create: could not bind: %s", 403 errorstr); 404 goto freedata; 405 } 406 } 407 408 /* Enable options of returning the ip's for udp */ 409 if (nconf) { 410 int ret = 0; 411 if (strcmp(nconf->nc_netid, "udp6") == 0) { 412 ret = __rpc_tli_set_options(fd, IPPROTO_IPV6, 413 IPV6_RECVPKTINFO, 1); 414 if (ret < 0) { 415 char errorstr[100]; 416 417 __tli_sys_strerror(errorstr, 418 sizeof (errorstr), t_errno, errno); 419 (void) syslog(LOG_ERR, 420 "svc_tli_create: " 421 "IPV6_RECVPKTINFO(2): %s", 422 errorstr); 423 goto freedata; 424 } 425 } else if (strcmp(nconf->nc_netid, "udp") == 0) { 426 ret = __rpc_tli_set_options(fd, IPPROTO_IP, 427 IP_RECVDSTADDR, 1); 428 if (ret < 0) { 429 char errorstr[100]; 430 431 __tli_sys_strerror(errorstr, 432 sizeof (errorstr), t_errno, errno); 433 (void) syslog(LOG_ERR, 434 "svc_tli_create: " 435 "IP_RECVDSTADDR(2): %s", errorstr); 436 goto freedata; 437 } 438 } 439 } 440 break; 441 442 case T_IDLE: 443 if (bindaddr) { 444 /* Copy the entire stuff in tres */ 445 if (tres->addr.maxlen < bindaddr->addr.len) { 446 (void) syslog(LOG_ERR, 447 "svc_tli_create: illegal netbuf length"); 448 goto freedata; 449 } 450 tres->addr.len = bindaddr->addr.len; 451 (void) memcpy(tres->addr.buf, bindaddr->addr.buf, 452 (int)tres->addr.len); 453 } else 454 if (t_getname(fd, &(tres->addr), LOCALNAME) == -1) 455 tres->addr.len = 0; 456 break; 457 case T_INREL: 458 (void) t_rcvrel(fd); 459 (void) t_sndrel(fd); 460 (void) syslog(LOG_ERR, "svc_tli_create: other side wants to " 461 "release connection"); 462 goto freedata; 463 464 case T_INCON: 465 /* Do nothing here. Assume this is handled in rendezvous */ 466 break; 467 case T_DATAXFER: 468 /* 469 * This takes care of the case where a fd 470 * is passed on which a connection has already 471 * been accepted. 472 */ 473 if (t_getname(fd, &(tres->addr), LOCALNAME) == -1) 474 tres->addr.len = 0; 475 break; 476 default: 477 (void) syslog(LOG_ERR, 478 "svc_tli_create: connection in a wierd state (%d)", state); 479 goto freedata; 480 } 481 482 /* 483 * call transport specific function. 484 */ 485 switch (tinfo.servtype) { 486 case T_COTS_ORD: 487 case T_COTS: 488 if (state == T_DATAXFER) 489 xprt = svc_fd_create_private(fd, sendsz, 490 recvsz); 491 else 492 xprt = svc_vc_create_private(fd, sendsz, 493 recvsz); 494 if (!nconf || !xprt) 495 break; 496 if ((tinfo.servtype == T_COTS_ORD) && 497 (state != T_DATAXFER) && 498 (strcmp(nconf->nc_protofmly, "inet") == 0)) 499 (void) __svc_vc_setflag(xprt, TRUE); 500 break; 501 case T_CLTS: 502 xprt = svc_dg_create_private(fd, sendsz, recvsz); 503 break; 504 default: 505 (void) syslog(LOG_ERR, 506 "svc_tli_create: bad service type"); 507 goto freedata; 508 } 509 if (xprt == NULL) 510 /* 511 * The error messages here are spitted out by the lower layers: 512 * svc_vc_create(), svc_fd_create() and svc_dg_create(). 513 */ 514 goto freedata; 515 516 /* fill in the other xprt information */ 517 518 /* Assign the local bind address */ 519 xprt->xp_ltaddr = tres->addr; 520 /* Fill in type of service */ 521 xprt->xp_type = tinfo.servtype; 522 tres->addr.buf = NULL; 523 (void) t_free((char *)tres, T_BIND); 524 tres = NULL; 525 526 xprt->xp_rtaddr.len = 0; 527 xprt->xp_rtaddr.maxlen = __rpc_get_a_size(tinfo.addr); 528 529 /* Allocate space for the remote bind info */ 530 if ((xprt->xp_rtaddr.buf = malloc(xprt->xp_rtaddr.maxlen)) == NULL) { 531 (void) syslog(LOG_ERR, "svc_tli_create: No memory!"); 532 goto freedata; 533 } 534 535 if (nconf) { 536 xprt->xp_netid = strdup(nconf->nc_netid); 537 if (xprt->xp_netid == NULL) { 538 if (xprt->xp_rtaddr.buf) 539 free(xprt->xp_rtaddr.buf); 540 syslog(LOG_ERR, "svc_tli_create: strdup failed!"); 541 goto freedata; 542 } 543 xprt->xp_tp = strdup(nconf->nc_device); 544 if (xprt->xp_tp == NULL) { 545 if (xprt->xp_rtaddr.buf) 546 free(xprt->xp_rtaddr.buf); 547 if (xprt->xp_netid) 548 free(xprt->xp_netid); 549 syslog(LOG_ERR, "svc_tli_create: strdup failed!"); 550 goto freedata; 551 } 552 } 553 554 /* 555 * if (madefd && (tinfo.servtype == T_CLTS)) 556 * (void) ioctl(fd, I_POP, NULL); 557 */ 558 xprt_register(xprt); 559 return (xprt); 560 561 freedata: 562 if (madefd) 563 (void) t_close(fd); 564 if (tres) 565 (void) t_free((char *)tres, T_BIND); 566 if (xprt) { 567 if (!madefd) /* so that svc_destroy doesnt close fd */ 568 xprt->xp_fd = RPC_ANYFD; 569 SVC_DESTROY(xprt); 570 } 571 return (NULL); 572 }