1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /*
28 * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
29 */
30
31 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
32 /* All Rights Reserved */
33
34 /*
35 * Portions of this source code were derived from Berkeley 4.3 BSD
36 * under license from the Regents of the University of California.
37 */
38
39 /*
40 * Server-side remote procedure call interface.
41 *
42 * Master transport handle (SVCMASTERXPRT).
43 * The master transport handle structure is shared among service
44 * threads processing events on the transport. Some fields in the
45 * master structure are protected by locks
46 * - xp_req_lock protects the request queue:
47 * xp_req_head, xp_req_tail
48 * - xp_thread_lock protects the thread (clone) counts
49 * xp_threads, xp_detached_threads, xp_wq
50 * Each master transport is registered to exactly one thread pool.
51 *
52 * Clone transport handle (SVCXPRT)
53 * The clone transport handle structure is a per-service-thread handle
54 * to the transport. The structure carries all the fields/buffers used
55 * for request processing. A service thread or, in other words, a clone
56 * structure, can be linked to an arbitrary master structure to process
57 * requests on this transport. The master handle keeps track of reference
58 * counts of threads (clones) linked to it. A service thread can switch
59 * to another transport by unlinking its clone handle from the current
60 * transport and linking to a new one. Switching is relatively inexpensive
61 * but it involves locking (master's xprt->xp_thread_lock).
62 *
63 * Pools.
64 * A pool represents a kernel RPC service (NFS, Lock Manager, etc.).
65 * Transports related to the service are registered to the service pool.
66 * Service threads can switch between different transports in the pool.
67 * Thus, each service has its own pool of service threads. The maximum
68 * number of threads in a pool is pool->p_maxthreads. This limit allows
69 * to restrict resource usage by the service. Some fields are protected
70 * by locks:
71 * - p_req_lock protects several counts and flags:
72 * p_reqs, p_walkers, p_asleep, p_drowsy, p_req_cv
73 * - p_thread_lock governs other thread counts:
74 * p_threads, p_detached_threads, p_reserved_threads, p_closing
75 *
76 * In addition, each pool contains a doubly-linked list of transports,
77 * an `xprt-ready' queue and a creator thread (see below). Threads in
78 * the pool share some other parameters such as stack size and
79 * polling timeout.
80 *
81 * Pools are initialized through the svc_pool_create() function called from
82 * the nfssys() system call. However, thread creation must be done by
83 * the userland agent. This is done by using SVCPOOL_WAIT and
84 * SVCPOOL_RUN arguments to nfssys(), which call svc_wait() and
85 * svc_do_run(), respectively. Once the pool has been initialized,
86 * the userland process must set up a 'creator' thread. This thread
87 * should park itself in the kernel by calling svc_wait(). If
88 * svc_wait() returns successfully, it should fork off a new worker
89 * thread, which then calls svc_do_run() in order to get work. When
90 * that thread is complete, svc_do_run() will return, and the user
91 * program should call thr_exit().
92 *
93 * When we try to register a new pool and there is an old pool with
94 * the same id in the doubly linked pool list (this happens when we kill
95 * and restart nfsd or lockd), then we unlink the old pool from the list
96 * and mark its state as `closing'. After that the transports can still
97 * process requests but new transports won't be registered. When all the
98 * transports and service threads associated with the pool are gone the
99 * creator thread (see below) will clean up the pool structure and exit.
100 *
101 * svc_queuereq() and svc_run().
102 * The kernel RPC server is interrupt driven. The svc_queuereq() interrupt
103 * routine is called to deliver an RPC request. The service threads
104 * loop in svc_run(). The interrupt function queues a request on the
105 * transport's queue and it makes sure that the request is serviced.
106 * It may either wake up one of sleeping threads, or ask for a new thread
107 * to be created, or, if the previous request is just being picked up, do
108 * nothing. In the last case the service thread that is picking up the
109 * previous request will wake up or create the next thread. After a service
110 * thread processes a request and sends a reply it returns to svc_run()
111 * and svc_run() calls svc_poll() to find new input.
112 *
113 * There is no longer an "inconsistent" but "safe" optimization in the
114 * svc_queuereq() code. This "inconsistent" state was leading to
115 * inconsistencies between the actual number of requests and the value
116 * of p_reqs (the total number of requests). Because of this, hangs were
117 * occurring in svc_poll() where p_reqs was greater than one and no
118 * requests were found on the request queues.
119 *
120 * svc_poll().
121 * In order to avoid unnecessary locking, which causes performance
122 * problems, we always look for a pending request on the current transport.
123 * If there is none we take a hint from the pool's `xprt-ready' queue.
124 * If the queue had an overflow we switch to the `drain' mode checking
125 * each transport in the pool's transport list. Once we find a
126 * master transport handle with a pending request we latch the request
127 * lock on this transport and return to svc_run(). If the request
128 * belongs to a transport different than the one the service thread is
129 * linked to we need to unlink and link again.
130 *
131 * A service thread goes asleep when there are no pending
132 * requests on the transports registered on the pool's transports.
133 * All the pool's threads sleep on the same condition variable.
134 * If a thread has been sleeping for too long period of time
135 * (by default 5 seconds) it wakes up and exits. Also when a transport
136 * is closing sleeping threads wake up to unlink from this transport.
137 *
138 * The `xprt-ready' queue.
139 * If a service thread finds no request on a transport it is currently linked
140 * to it will find another transport with a pending request. To make
141 * this search more efficient each pool has an `xprt-ready' queue.
142 * The queue is a FIFO. When the interrupt routine queues a request it also
143 * inserts a pointer to the transport into the `xprt-ready' queue. A
144 * thread looking for a transport with a pending request can pop up a
145 * transport and check for a request. The request can be already gone
146 * since it could be taken by a thread linked to that transport. In such a
147 * case we try the next hint. The `xprt-ready' queue has fixed size (by
148 * default 256 nodes). If it overflows svc_poll() has to switch to the
149 * less efficient but safe `drain' mode and walk through the pool's
150 * transport list.
151 *
152 * Both the svc_poll() loop and the `xprt-ready' queue are optimized
153 * for the peak load case that is for the situation when the queue is not
154 * empty, there are all the time few pending requests, and a service
155 * thread which has just processed a request does not go asleep but picks
156 * up immediately the next request.
157 *
158 * Thread creator.
159 * Each pool has a thread creator associated with it. The creator thread
160 * sleeps on a condition variable and waits for a signal to create a
161 * service thread. The actual thread creation is done in userland by
162 * the method described in "Pools" above.
163 *
164 * Signaling threads should turn on the `creator signaled' flag, and
165 * can avoid sending signals when the flag is on. The flag is cleared
166 * when the thread is created.
167 *
168 * When the pool is in closing state (ie it has been already unregistered
169 * from the pool list) the last thread on the last transport in the pool
170 * should turn the p_creator_exit flag on. The creator thread will
171 * clean up the pool structure and exit.
172 *
173 * Thread reservation; Detaching service threads.
174 * A service thread can detach itself to block for an extended amount
175 * of time. However, to keep the service active we need to guarantee
176 * at least pool->p_redline non-detached threads that can process incoming
177 * requests. This, the maximum number of detached and reserved threads is
178 * p->p_maxthreads - p->p_redline. A service thread should first acquire
179 * a reservation, and if the reservation was granted it can detach itself.
180 * If a reservation was granted but the thread does not detach itself
181 * it should cancel the reservation before it returns to svc_run().
182 */
183
184 #include <sys/param.h>
185 #include <sys/types.h>
186 #include <rpc/types.h>
187 #include <sys/socket.h>
188 #include <sys/time.h>
189 #include <sys/tiuser.h>
190 #include <sys/t_kuser.h>
191 #include <netinet/in.h>
192 #include <rpc/xdr.h>
193 #include <rpc/auth.h>
194 #include <rpc/clnt.h>
195 #include <rpc/rpc_msg.h>
196 #include <rpc/svc.h>
197 #include <sys/proc.h>
198 #include <sys/user.h>
199 #include <sys/stream.h>
200 #include <sys/strsubr.h>
201 #include <sys/tihdr.h>
202 #include <sys/debug.h>
203 #include <sys/cmn_err.h>
204 #include <sys/file.h>
205 #include <sys/systm.h>
206 #include <sys/callb.h>
207 #include <sys/vtrace.h>
208 #include <sys/zone.h>
209 #include <nfs/nfs.h>
210 #include <sys/tsol/label_macro.h>
211
212 #define RQCRED_SIZE 400 /* this size is excessive */
213
214 /*
215 * Defines for svc_poll()
216 */
217 #define SVC_EXPRTGONE ((SVCMASTERXPRT *)1) /* Transport is closing */
218 #define SVC_ETIMEDOUT ((SVCMASTERXPRT *)2) /* Timeout */
219 #define SVC_EINTR ((SVCMASTERXPRT *)3) /* Interrupted by signal */
220
221 /*
222 * Default stack size for service threads.
223 */
224 #define DEFAULT_SVC_RUN_STKSIZE (0) /* default kernel stack */
225
226 int svc_default_stksize = DEFAULT_SVC_RUN_STKSIZE;
227
228 /*
229 * Default polling timeout for service threads.
230 * Multiplied by hz when used.
231 */
232 #define DEFAULT_SVC_POLL_TIMEOUT (5) /* seconds */
233
234 clock_t svc_default_timeout = DEFAULT_SVC_POLL_TIMEOUT;
235
236 /*
237 * Size of the `xprt-ready' queue.
238 */
239 #define DEFAULT_SVC_QSIZE (256) /* qnodes */
240
241 size_t svc_default_qsize = DEFAULT_SVC_QSIZE;
242
243 /*
244 * Default limit for the number of service threads.
245 */
246 #define DEFAULT_SVC_MAXTHREADS (INT16_MAX)
247
248 int svc_default_maxthreads = DEFAULT_SVC_MAXTHREADS;
249
250 /*
251 * Maximum number of requests from the same transport (in `drain' mode).
252 */
253 #define DEFAULT_SVC_MAX_SAME_XPRT (8)
254
255 int svc_default_max_same_xprt = DEFAULT_SVC_MAX_SAME_XPRT;
256
257
258 /*
259 * Default `Redline' of non-detached threads.
260 * Total number of detached and reserved threads in an RPC server
261 * thread pool is limited to pool->p_maxthreads - svc_redline.
262 */
263 #define DEFAULT_SVC_REDLINE (1)
264
265 int svc_default_redline = DEFAULT_SVC_REDLINE;
266
267 /*
268 * A node for the `xprt-ready' queue.
269 * See below.
270 */
271 struct __svcxprt_qnode {
272 __SVCXPRT_QNODE *q_next;
273 SVCMASTERXPRT *q_xprt;
274 };
275
276 /*
277 * Global SVC variables (private).
278 */
279 struct svc_globals {
280 SVCPOOL *svc_pools;
281 kmutex_t svc_plock;
282 };
283
284 /*
285 * Debug variable to check for rdma based
286 * transport startup and cleanup. Contorlled
287 * through /etc/system. Off by default.
288 */
289 int rdma_check = 0;
290
291 /*
292 * Authentication parameters list.
293 */
294 static caddr_t rqcred_head;
295 static kmutex_t rqcred_lock;
296
297 /*
298 * Pointers to transport specific `rele' routines in rpcmod (set from rpcmod).
299 */
300 void (*rpc_rele)(queue_t *, mblk_t *) = NULL;
301 void (*mir_rele)(queue_t *, mblk_t *) = NULL;
302
303 /* ARGSUSED */
304 void
rpc_rdma_rele(queue_t * q,mblk_t * mp)305 rpc_rdma_rele(queue_t *q, mblk_t *mp)
306 {
307 }
308 void (*rdma_rele)(queue_t *, mblk_t *) = rpc_rdma_rele;
309
310
311 /*
312 * This macro picks which `rele' routine to use, based on the transport type.
313 */
314 #define RELE_PROC(xprt) \
315 ((xprt)->xp_type == T_RDMA ? rdma_rele : \
316 (((xprt)->xp_type == T_CLTS) ? rpc_rele : mir_rele))
317
318 /*
319 * If true, then keep quiet about version mismatch.
320 * This macro is for broadcast RPC only. We have no broadcast RPC in
321 * kernel now but one may define a flag in the transport structure
322 * and redefine this macro.
323 */
324 #define version_keepquiet(xprt) (FALSE)
325
326 /*
327 * ZSD key used to retrieve zone-specific svc globals
328 */
329 static zone_key_t svc_zone_key;
330
331 static void svc_callout_free(SVCMASTERXPRT *);
332 static void svc_xprt_qinit(SVCPOOL *, size_t);
333 static void svc_xprt_qdestroy(SVCPOOL *);
334 static void svc_thread_creator(SVCPOOL *);
335 static void svc_creator_signal(SVCPOOL *);
336 static void svc_creator_signalexit(SVCPOOL *);
337 static void svc_pool_unregister(struct svc_globals *, SVCPOOL *);
338 static int svc_run(SVCPOOL *);
339
340 /* ARGSUSED */
341 static void *
svc_zoneinit(zoneid_t zoneid)342 svc_zoneinit(zoneid_t zoneid)
343 {
344 struct svc_globals *svc;
345
346 svc = kmem_alloc(sizeof (*svc), KM_SLEEP);
347 mutex_init(&svc->svc_plock, NULL, MUTEX_DEFAULT, NULL);
348 svc->svc_pools = NULL;
349 return (svc);
350 }
351
352 /* ARGSUSED */
353 static void
svc_zoneshutdown(zoneid_t zoneid,void * arg)354 svc_zoneshutdown(zoneid_t zoneid, void *arg)
355 {
356 struct svc_globals *svc = arg;
357 SVCPOOL *pool;
358
359 mutex_enter(&svc->svc_plock);
360 while ((pool = svc->svc_pools) != NULL) {
361 svc_pool_unregister(svc, pool);
362 }
363 mutex_exit(&svc->svc_plock);
364 }
365
366 /* ARGSUSED */
367 static void
svc_zonefini(zoneid_t zoneid,void * arg)368 svc_zonefini(zoneid_t zoneid, void *arg)
369 {
370 struct svc_globals *svc = arg;
371
372 ASSERT(svc->svc_pools == NULL);
373 mutex_destroy(&svc->svc_plock);
374 kmem_free(svc, sizeof (*svc));
375 }
376
377 /*
378 * Global SVC init routine.
379 * Initialize global generic and transport type specific structures
380 * used by the kernel RPC server side. This routine is called only
381 * once when the module is being loaded.
382 */
383 void
svc_init()384 svc_init()
385 {
386 zone_key_create(&svc_zone_key, svc_zoneinit, svc_zoneshutdown,
387 svc_zonefini);
388 svc_cots_init();
389 svc_clts_init();
390 }
391
392 /*
393 * Destroy the SVCPOOL structure.
394 */
395 static void
svc_pool_cleanup(SVCPOOL * pool)396 svc_pool_cleanup(SVCPOOL *pool)
397 {
398 ASSERT(pool->p_threads + pool->p_detached_threads == 0);
399 ASSERT(pool->p_lcount == 0);
400 ASSERT(pool->p_closing);
401
402 /*
403 * Call the user supplied shutdown function. This is done
404 * here so the user of the pool will be able to cleanup
405 * service related resources.
406 */
407 if (pool->p_shutdown != NULL)
408 (pool->p_shutdown)();
409
410 /* Destroy `xprt-ready' queue */
411 svc_xprt_qdestroy(pool);
412
413 /* Destroy transport list */
414 rw_destroy(&pool->p_lrwlock);
415
416 /* Destroy locks and condition variables */
417 mutex_destroy(&pool->p_thread_lock);
418 mutex_destroy(&pool->p_req_lock);
419 cv_destroy(&pool->p_req_cv);
420
421 /* Destroy creator's locks and condition variables */
422 mutex_destroy(&pool->p_creator_lock);
423 cv_destroy(&pool->p_creator_cv);
424 mutex_destroy(&pool->p_user_lock);
425 cv_destroy(&pool->p_user_cv);
426
427 /* Free pool structure */
428 kmem_free(pool, sizeof (SVCPOOL));
429 }
430
431 /*
432 * If all the transports and service threads are already gone
433 * signal the creator thread to clean up and exit.
434 */
435 static bool_t
svc_pool_tryexit(SVCPOOL * pool)436 svc_pool_tryexit(SVCPOOL *pool)
437 {
438 ASSERT(MUTEX_HELD(&pool->p_thread_lock));
439 ASSERT(pool->p_closing);
440
441 if (pool->p_threads + pool->p_detached_threads == 0) {
442 rw_enter(&pool->p_lrwlock, RW_READER);
443 if (pool->p_lcount == 0) {
444 /*
445 * Release the locks before sending a signal.
446 */
447 rw_exit(&pool->p_lrwlock);
448 mutex_exit(&pool->p_thread_lock);
449
450 /*
451 * Notify the creator thread to clean up and exit
452 *
453 * NOTICE: No references to the pool beyond this point!
454 * The pool is being destroyed.
455 */
456 ASSERT(!MUTEX_HELD(&pool->p_thread_lock));
457 svc_creator_signalexit(pool);
458
459 return (TRUE);
460 }
461 rw_exit(&pool->p_lrwlock);
462 }
463
464 ASSERT(MUTEX_HELD(&pool->p_thread_lock));
465 return (FALSE);
466 }
467
468 /*
469 * Find a pool with a given id.
470 */
471 static SVCPOOL *
svc_pool_find(struct svc_globals * svc,int id)472 svc_pool_find(struct svc_globals *svc, int id)
473 {
474 SVCPOOL *pool;
475
476 ASSERT(MUTEX_HELD(&svc->svc_plock));
477
478 /*
479 * Search the list for a pool with a matching id
480 * and register the transport handle with that pool.
481 */
482 for (pool = svc->svc_pools; pool; pool = pool->p_next)
483 if (pool->p_id == id)
484 return (pool);
485
486 return (NULL);
487 }
488
489 /*
490 * PSARC 2003/523 Contract Private Interface
491 * svc_do_run
492 * Changes must be reviewed by Solaris File Sharing
493 * Changes must be communicated to contract-2003-523@sun.com
494 */
495 int
svc_do_run(int id)496 svc_do_run(int id)
497 {
498 SVCPOOL *pool;
499 int err = 0;
500 struct svc_globals *svc;
501
502 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
503 mutex_enter(&svc->svc_plock);
504
505 pool = svc_pool_find(svc, id);
506
507 mutex_exit(&svc->svc_plock);
508
509 if (pool == NULL)
510 return (ENOENT);
511
512 /*
513 * Increment counter of pool threads now
514 * that a thread has been created.
515 */
516 mutex_enter(&pool->p_thread_lock);
517 pool->p_threads++;
518 mutex_exit(&pool->p_thread_lock);
519
520 /* Give work to the new thread. */
521 err = svc_run(pool);
522
523 return (err);
524 }
525
526 /*
527 * Unregister a pool from the pool list.
528 * Set the closing state. If all the transports and service threads
529 * are already gone signal the creator thread to clean up and exit.
530 */
531 static void
svc_pool_unregister(struct svc_globals * svc,SVCPOOL * pool)532 svc_pool_unregister(struct svc_globals *svc, SVCPOOL *pool)
533 {
534 SVCPOOL *next = pool->p_next;
535 SVCPOOL *prev = pool->p_prev;
536
537 ASSERT(MUTEX_HELD(&svc->svc_plock));
538
539 /* Remove from the list */
540 if (pool == svc->svc_pools)
541 svc->svc_pools = next;
542 if (next)
543 next->p_prev = prev;
544 if (prev)
545 prev->p_next = next;
546 pool->p_next = pool->p_prev = NULL;
547
548 /*
549 * Offline the pool. Mark the pool as closing.
550 * If there are no transports in this pool notify
551 * the creator thread to clean it up and exit.
552 */
553 mutex_enter(&pool->p_thread_lock);
554 if (pool->p_offline != NULL)
555 (pool->p_offline)();
556 pool->p_closing = TRUE;
557 if (svc_pool_tryexit(pool))
558 return;
559 mutex_exit(&pool->p_thread_lock);
560 }
561
562 /*
563 * Register a pool with a given id in the global doubly linked pool list.
564 * - if there is a pool with the same id in the list then unregister it
565 * - insert the new pool into the list.
566 */
567 static void
svc_pool_register(struct svc_globals * svc,SVCPOOL * pool,int id)568 svc_pool_register(struct svc_globals *svc, SVCPOOL *pool, int id)
569 {
570 SVCPOOL *old_pool;
571
572 /*
573 * If there is a pool with the same id then remove it from
574 * the list and mark the pool as closing.
575 */
576 mutex_enter(&svc->svc_plock);
577
578 if (old_pool = svc_pool_find(svc, id))
579 svc_pool_unregister(svc, old_pool);
580
581 /* Insert into the doubly linked list */
582 pool->p_id = id;
583 pool->p_next = svc->svc_pools;
584 pool->p_prev = NULL;
585 if (svc->svc_pools)
586 svc->svc_pools->p_prev = pool;
587 svc->svc_pools = pool;
588
589 mutex_exit(&svc->svc_plock);
590 }
591
592 /*
593 * Initialize a newly created pool structure
594 */
595 static int
svc_pool_init(SVCPOOL * pool,uint_t maxthreads,uint_t redline,uint_t qsize,uint_t timeout,uint_t stksize,uint_t max_same_xprt)596 svc_pool_init(SVCPOOL *pool, uint_t maxthreads, uint_t redline,
597 uint_t qsize, uint_t timeout, uint_t stksize, uint_t max_same_xprt)
598 {
599 klwp_t *lwp = ttolwp(curthread);
600
601 ASSERT(pool);
602
603 if (maxthreads == 0)
604 maxthreads = svc_default_maxthreads;
605 if (redline == 0)
606 redline = svc_default_redline;
607 if (qsize == 0)
608 qsize = svc_default_qsize;
609 if (timeout == 0)
610 timeout = svc_default_timeout;
611 if (stksize == 0)
612 stksize = svc_default_stksize;
613 if (max_same_xprt == 0)
614 max_same_xprt = svc_default_max_same_xprt;
615
616 if (maxthreads < redline)
617 return (EINVAL);
618
619 /* Allocate and initialize the `xprt-ready' queue */
620 svc_xprt_qinit(pool, qsize);
621
622 /* Initialize doubly-linked xprt list */
623 rw_init(&pool->p_lrwlock, NULL, RW_DEFAULT, NULL);
624
625 /*
626 * Setting lwp_childstksz on the current lwp so that
627 * descendants of this lwp get the modified stacksize, if
628 * it is defined. It is important that either this lwp or
629 * one of its descendants do the actual servicepool thread
630 * creation to maintain the stacksize inheritance.
631 */
632 if (lwp != NULL)
633 lwp->lwp_childstksz = stksize;
634
635 /* Initialize thread limits, locks and condition variables */
636 pool->p_maxthreads = maxthreads;
637 pool->p_redline = redline;
638 pool->p_timeout = timeout * hz;
639 pool->p_stksize = stksize;
640 pool->p_max_same_xprt = max_same_xprt;
641 mutex_init(&pool->p_thread_lock, NULL, MUTEX_DEFAULT, NULL);
642 mutex_init(&pool->p_req_lock, NULL, MUTEX_DEFAULT, NULL);
643 cv_init(&pool->p_req_cv, NULL, CV_DEFAULT, NULL);
644
645 /* Initialize userland creator */
646 pool->p_user_exit = FALSE;
647 pool->p_signal_create_thread = FALSE;
648 pool->p_user_waiting = FALSE;
649 mutex_init(&pool->p_user_lock, NULL, MUTEX_DEFAULT, NULL);
650 cv_init(&pool->p_user_cv, NULL, CV_DEFAULT, NULL);
651
652 /* Initialize the creator and start the creator thread */
653 pool->p_creator_exit = FALSE;
654 mutex_init(&pool->p_creator_lock, NULL, MUTEX_DEFAULT, NULL);
655 cv_init(&pool->p_creator_cv, NULL, CV_DEFAULT, NULL);
656
657 (void) zthread_create(NULL, pool->p_stksize, svc_thread_creator,
658 pool, 0, minclsyspri);
659
660 return (0);
661 }
662
663 /*
664 * PSARC 2003/523 Contract Private Interface
665 * svc_pool_create
666 * Changes must be reviewed by Solaris File Sharing
667 * Changes must be communicated to contract-2003-523@sun.com
668 *
669 * Create an kernel RPC server-side thread/transport pool.
670 *
671 * This is public interface for creation of a server RPC thread pool
672 * for a given service provider. Transports registered with the pool's id
673 * will be served by a pool's threads. This function is called from the
674 * nfssys() system call.
675 */
676 int
svc_pool_create(struct svcpool_args * args)677 svc_pool_create(struct svcpool_args *args)
678 {
679 SVCPOOL *pool;
680 int error;
681 struct svc_globals *svc;
682
683 /*
684 * Caller should check credentials in a way appropriate
685 * in the context of the call.
686 */
687
688 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
689 /* Allocate a new pool */
690 pool = kmem_zalloc(sizeof (SVCPOOL), KM_SLEEP);
691
692 /*
693 * Initialize the pool structure and create a creator thread.
694 */
695 error = svc_pool_init(pool, args->maxthreads, args->redline,
696 args->qsize, args->timeout, args->stksize, args->max_same_xprt);
697
698 if (error) {
699 kmem_free(pool, sizeof (SVCPOOL));
700 return (error);
701 }
702
703 /* Register the pool with the global pool list */
704 svc_pool_register(svc, pool, args->id);
705
706 return (0);
707 }
708
709 int
svc_pool_control(int id,int cmd,void * arg)710 svc_pool_control(int id, int cmd, void *arg)
711 {
712 SVCPOOL *pool;
713 struct svc_globals *svc;
714
715 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
716
717 switch (cmd) {
718 case SVCPSET_SHUTDOWN_PROC:
719 /*
720 * Search the list for a pool with a matching id
721 * and register the transport handle with that pool.
722 */
723 mutex_enter(&svc->svc_plock);
724
725 if ((pool = svc_pool_find(svc, id)) == NULL) {
726 mutex_exit(&svc->svc_plock);
727 return (ENOENT);
728 }
729 /*
730 * Grab the transport list lock before releasing the
731 * pool list lock
732 */
733 rw_enter(&pool->p_lrwlock, RW_WRITER);
734 mutex_exit(&svc->svc_plock);
735
736 pool->p_shutdown = *((void (*)())arg);
737
738 rw_exit(&pool->p_lrwlock);
739
740 return (0);
741 case SVCPSET_UNREGISTER_PROC:
742 /*
743 * Search the list for a pool with a matching id
744 * and register the unregister callback handle with that pool.
745 */
746 mutex_enter(&svc->svc_plock);
747
748 if ((pool = svc_pool_find(svc, id)) == NULL) {
749 mutex_exit(&svc->svc_plock);
750 return (ENOENT);
751 }
752 /*
753 * Grab the transport list lock before releasing the
754 * pool list lock
755 */
756 rw_enter(&pool->p_lrwlock, RW_WRITER);
757 mutex_exit(&svc->svc_plock);
758
759 pool->p_offline = *((void (*)())arg);
760
761 rw_exit(&pool->p_lrwlock);
762
763 return (0);
764 default:
765 return (EINVAL);
766 }
767 }
768
769 /*
770 * Pool's transport list manipulation routines.
771 * - svc_xprt_register()
772 * - svc_xprt_unregister()
773 *
774 * svc_xprt_register() is called from svc_tli_kcreate() to
775 * insert a new master transport handle into the doubly linked
776 * list of server transport handles (one list per pool).
777 *
778 * The list is used by svc_poll(), when it operates in `drain'
779 * mode, to search for a next transport with a pending request.
780 */
781
782 int
svc_xprt_register(SVCMASTERXPRT * xprt,int id)783 svc_xprt_register(SVCMASTERXPRT *xprt, int id)
784 {
785 SVCMASTERXPRT *prev, *next;
786 SVCPOOL *pool;
787 struct svc_globals *svc;
788
789 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
790 /*
791 * Search the list for a pool with a matching id
792 * and register the transport handle with that pool.
793 */
794 mutex_enter(&svc->svc_plock);
795
796 if ((pool = svc_pool_find(svc, id)) == NULL) {
797 mutex_exit(&svc->svc_plock);
798 return (ENOENT);
799 }
800
801 /* Grab the transport list lock before releasing the pool list lock */
802 rw_enter(&pool->p_lrwlock, RW_WRITER);
803 mutex_exit(&svc->svc_plock);
804
805 /* Don't register new transports when the pool is in closing state */
806 if (pool->p_closing) {
807 rw_exit(&pool->p_lrwlock);
808 return (EBUSY);
809 }
810
811 /*
812 * Initialize xp_pool to point to the pool.
813 * We don't want to go through the pool list every time.
814 */
815 xprt->xp_pool = pool;
816
817 /*
818 * Insert a transport handle into the list.
819 * The list head points to the most recently inserted transport.
820 */
821 if (pool->p_lhead == NULL)
822 pool->p_lhead = xprt->xp_prev = xprt->xp_next = xprt;
823 else {
824 next = pool->p_lhead;
825 prev = pool->p_lhead->xp_prev;
826
827 xprt->xp_next = next;
828 xprt->xp_prev = prev;
829
830 pool->p_lhead = prev->xp_next = next->xp_prev = xprt;
831 }
832
833 /* Increment the transports count */
834 pool->p_lcount++;
835
836 rw_exit(&pool->p_lrwlock);
837 return (0);
838 }
839
840 /*
841 * Called from svc_xprt_cleanup() to remove a master transport handle
842 * from the pool's list of server transports (when a transport is
843 * being destroyed).
844 */
845 void
svc_xprt_unregister(SVCMASTERXPRT * xprt)846 svc_xprt_unregister(SVCMASTERXPRT *xprt)
847 {
848 SVCPOOL *pool = xprt->xp_pool;
849
850 /*
851 * Unlink xprt from the list.
852 * If the list head points to this xprt then move it
853 * to the next xprt or reset to NULL if this is the last
854 * xprt in the list.
855 */
856 rw_enter(&pool->p_lrwlock, RW_WRITER);
857
858 if (xprt == xprt->xp_next)
859 pool->p_lhead = NULL;
860 else {
861 SVCMASTERXPRT *next = xprt->xp_next;
862 SVCMASTERXPRT *prev = xprt->xp_prev;
863
864 next->xp_prev = prev;
865 prev->xp_next = next;
866
867 if (pool->p_lhead == xprt)
868 pool->p_lhead = next;
869 }
870
871 xprt->xp_next = xprt->xp_prev = NULL;
872
873 /* Decrement list count */
874 pool->p_lcount--;
875
876 rw_exit(&pool->p_lrwlock);
877 }
878
879 static void
svc_xprt_qdestroy(SVCPOOL * pool)880 svc_xprt_qdestroy(SVCPOOL *pool)
881 {
882 mutex_destroy(&pool->p_qend_lock);
883 kmem_free(pool->p_qbody, pool->p_qsize * sizeof (__SVCXPRT_QNODE));
884 }
885
886 /*
887 * Initialize an `xprt-ready' queue for a given pool.
888 */
889 static void
svc_xprt_qinit(SVCPOOL * pool,size_t qsize)890 svc_xprt_qinit(SVCPOOL *pool, size_t qsize)
891 {
892 int i;
893
894 pool->p_qsize = qsize;
895 pool->p_qbody = kmem_zalloc(pool->p_qsize * sizeof (__SVCXPRT_QNODE),
896 KM_SLEEP);
897
898 for (i = 0; i < pool->p_qsize - 1; i++)
899 pool->p_qbody[i].q_next = &(pool->p_qbody[i+1]);
900
901 pool->p_qbody[pool->p_qsize-1].q_next = &(pool->p_qbody[0]);
902 pool->p_qtop = &(pool->p_qbody[0]);
903 pool->p_qend = &(pool->p_qbody[0]);
904
905 mutex_init(&pool->p_qend_lock, NULL, MUTEX_DEFAULT, NULL);
906 }
907
908 /*
909 * Called from the svc_queuereq() interrupt routine to queue
910 * a hint for svc_poll() which transport has a pending request.
911 * - insert a pointer to xprt into the xprt-ready queue (FIFO)
912 * - if the xprt-ready queue is full turn the overflow flag on.
913 *
914 * NOTICE: pool->p_qtop is protected by the the pool's request lock
915 * and the caller (svc_queuereq()) must hold the lock.
916 */
917 static void
svc_xprt_qput(SVCPOOL * pool,SVCMASTERXPRT * xprt)918 svc_xprt_qput(SVCPOOL *pool, SVCMASTERXPRT *xprt)
919 {
920 ASSERT(MUTEX_HELD(&pool->p_req_lock));
921
922 /* If the overflow flag is there is nothing we can do */
923 if (pool->p_qoverflow)
924 return;
925
926 /* If the queue is full turn the overflow flag on and exit */
927 if (pool->p_qtop->q_next == pool->p_qend) {
928 mutex_enter(&pool->p_qend_lock);
929 if (pool->p_qtop->q_next == pool->p_qend) {
930 pool->p_qoverflow = TRUE;
931 mutex_exit(&pool->p_qend_lock);
932 return;
933 }
934 mutex_exit(&pool->p_qend_lock);
935 }
936
937 /* Insert a hint and move pool->p_qtop */
938 pool->p_qtop->q_xprt = xprt;
939 pool->p_qtop = pool->p_qtop->q_next;
940 }
941
942 /*
943 * Called from svc_poll() to get a hint which transport has a
944 * pending request. Returns a pointer to a transport or NULL if the
945 * `xprt-ready' queue is empty.
946 *
947 * Since we do not acquire the pool's request lock while checking if
948 * the queue is empty we may miss a request that is just being delivered.
949 * However this is ok since svc_poll() will retry again until the
950 * count indicates that there are pending requests for this pool.
951 */
952 static SVCMASTERXPRT *
svc_xprt_qget(SVCPOOL * pool)953 svc_xprt_qget(SVCPOOL *pool)
954 {
955 SVCMASTERXPRT *xprt;
956
957 mutex_enter(&pool->p_qend_lock);
958 do {
959 /*
960 * If the queue is empty return NULL.
961 * Since we do not acquire the pool's request lock which
962 * protects pool->p_qtop this is not exact check. However,
963 * this is safe - if we miss a request here svc_poll()
964 * will retry again.
965 */
966 if (pool->p_qend == pool->p_qtop) {
967 mutex_exit(&pool->p_qend_lock);
968 return (NULL);
969 }
970
971 /* Get a hint and move pool->p_qend */
972 xprt = pool->p_qend->q_xprt;
973 pool->p_qend = pool->p_qend->q_next;
974
975 /* Skip fields deleted by svc_xprt_qdelete() */
976 } while (xprt == NULL);
977 mutex_exit(&pool->p_qend_lock);
978
979 return (xprt);
980 }
981
982 /*
983 * Delete all the references to a transport handle that
984 * is being destroyed from the xprt-ready queue.
985 * Deleted pointers are replaced with NULLs.
986 */
987 static void
svc_xprt_qdelete(SVCPOOL * pool,SVCMASTERXPRT * xprt)988 svc_xprt_qdelete(SVCPOOL *pool, SVCMASTERXPRT *xprt)
989 {
990 __SVCXPRT_QNODE *q = pool->p_qend;
991 __SVCXPRT_QNODE *qtop = pool->p_qtop;
992
993 /*
994 * Delete all the references to xprt between the current
995 * position of pool->p_qend and current pool->p_qtop.
996 */
997 for (;;) {
998 if (q->q_xprt == xprt)
999 q->q_xprt = NULL;
1000 if (q == qtop)
1001 return;
1002 q = q->q_next;
1003 }
1004 }
1005
1006 /*
1007 * Destructor for a master server transport handle.
1008 * - if there are no more non-detached threads linked to this transport
1009 * then, if requested, call xp_closeproc (we don't wait for detached
1010 * threads linked to this transport to complete).
1011 * - if there are no more threads linked to this
1012 * transport then
1013 * a) remove references to this transport from the xprt-ready queue
1014 * b) remove a reference to this transport from the pool's transport list
1015 * c) call a transport specific `destroy' function
1016 * d) cancel remaining thread reservations.
1017 *
1018 * NOTICE: Caller must hold the transport's thread lock.
1019 */
1020 static void
svc_xprt_cleanup(SVCMASTERXPRT * xprt,bool_t detached)1021 svc_xprt_cleanup(SVCMASTERXPRT *xprt, bool_t detached)
1022 {
1023 ASSERT(MUTEX_HELD(&xprt->xp_thread_lock));
1024 ASSERT(xprt->xp_wq == NULL);
1025
1026 /*
1027 * If called from the last non-detached thread
1028 * it should call the closeproc on this transport.
1029 */
1030 if (!detached && xprt->xp_threads == 0 && xprt->xp_closeproc) {
1031 (*(xprt->xp_closeproc)) (xprt);
1032 }
1033
1034 if (xprt->xp_threads + xprt->xp_detached_threads > 0)
1035 mutex_exit(&xprt->xp_thread_lock);
1036 else {
1037 /* Remove references to xprt from the `xprt-ready' queue */
1038 svc_xprt_qdelete(xprt->xp_pool, xprt);
1039
1040 /* Unregister xprt from the pool's transport list */
1041 svc_xprt_unregister(xprt);
1042 svc_callout_free(xprt);
1043 SVC_DESTROY(xprt);
1044 }
1045 }
1046
1047 /*
1048 * Find a dispatch routine for a given prog/vers pair.
1049 * This function is called from svc_getreq() to search the callout
1050 * table for an entry with a matching RPC program number `prog'
1051 * and a version range that covers `vers'.
1052 * - if it finds a matching entry it returns pointer to the dispatch routine
1053 * - otherwise it returns NULL and, if `minp' or `maxp' are not NULL,
1054 * fills them with, respectively, lowest version and highest version
1055 * supported for the program `prog'
1056 */
1057 static SVC_DISPATCH *
svc_callout_find(SVCXPRT * xprt,rpcprog_t prog,rpcvers_t vers,rpcvers_t * vers_min,rpcvers_t * vers_max)1058 svc_callout_find(SVCXPRT *xprt, rpcprog_t prog, rpcvers_t vers,
1059 rpcvers_t *vers_min, rpcvers_t *vers_max)
1060 {
1061 SVC_CALLOUT_TABLE *sct = xprt->xp_sct;
1062 int i;
1063
1064 *vers_min = ~(rpcvers_t)0;
1065 *vers_max = 0;
1066
1067 for (i = 0; i < sct->sct_size; i++) {
1068 SVC_CALLOUT *sc = &sct->sct_sc[i];
1069
1070 if (prog == sc->sc_prog) {
1071 if (vers >= sc->sc_versmin && vers <= sc->sc_versmax)
1072 return (sc->sc_dispatch);
1073
1074 if (*vers_max < sc->sc_versmax)
1075 *vers_max = sc->sc_versmax;
1076 if (*vers_min > sc->sc_versmin)
1077 *vers_min = sc->sc_versmin;
1078 }
1079 }
1080
1081 return (NULL);
1082 }
1083
1084 /*
1085 * Optionally free callout table allocated for this transport by
1086 * the service provider.
1087 */
1088 static void
svc_callout_free(SVCMASTERXPRT * xprt)1089 svc_callout_free(SVCMASTERXPRT *xprt)
1090 {
1091 SVC_CALLOUT_TABLE *sct = xprt->xp_sct;
1092
1093 if (sct->sct_free) {
1094 kmem_free(sct->sct_sc, sct->sct_size * sizeof (SVC_CALLOUT));
1095 kmem_free(sct, sizeof (SVC_CALLOUT_TABLE));
1096 }
1097 }
1098
1099 /*
1100 * Send a reply to an RPC request
1101 *
1102 * PSARC 2003/523 Contract Private Interface
1103 * svc_sendreply
1104 * Changes must be reviewed by Solaris File Sharing
1105 * Changes must be communicated to contract-2003-523@sun.com
1106 */
1107 bool_t
svc_sendreply(const SVCXPRT * clone_xprt,const xdrproc_t xdr_results,const caddr_t xdr_location)1108 svc_sendreply(const SVCXPRT *clone_xprt, const xdrproc_t xdr_results,
1109 const caddr_t xdr_location)
1110 {
1111 struct rpc_msg rply;
1112
1113 rply.rm_direction = REPLY;
1114 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1115 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1116 rply.acpted_rply.ar_stat = SUCCESS;
1117 rply.acpted_rply.ar_results.where = xdr_location;
1118 rply.acpted_rply.ar_results.proc = xdr_results;
1119
1120 return (SVC_REPLY((SVCXPRT *)clone_xprt, &rply));
1121 }
1122
1123 /*
1124 * No procedure error reply
1125 *
1126 * PSARC 2003/523 Contract Private Interface
1127 * svcerr_noproc
1128 * Changes must be reviewed by Solaris File Sharing
1129 * Changes must be communicated to contract-2003-523@sun.com
1130 */
1131 void
svcerr_noproc(const SVCXPRT * clone_xprt)1132 svcerr_noproc(const SVCXPRT *clone_xprt)
1133 {
1134 struct rpc_msg rply;
1135
1136 rply.rm_direction = REPLY;
1137 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1138 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1139 rply.acpted_rply.ar_stat = PROC_UNAVAIL;
1140 SVC_FREERES((SVCXPRT *)clone_xprt);
1141 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1142 }
1143
1144 /*
1145 * Can't decode arguments error reply
1146 *
1147 * PSARC 2003/523 Contract Private Interface
1148 * svcerr_decode
1149 * Changes must be reviewed by Solaris File Sharing
1150 * Changes must be communicated to contract-2003-523@sun.com
1151 */
1152 void
svcerr_decode(const SVCXPRT * clone_xprt)1153 svcerr_decode(const SVCXPRT *clone_xprt)
1154 {
1155 struct rpc_msg rply;
1156
1157 rply.rm_direction = REPLY;
1158 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1159 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1160 rply.acpted_rply.ar_stat = GARBAGE_ARGS;
1161 SVC_FREERES((SVCXPRT *)clone_xprt);
1162 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1163 }
1164
1165 /*
1166 * Some system error
1167 */
1168 void
svcerr_systemerr(const SVCXPRT * clone_xprt)1169 svcerr_systemerr(const SVCXPRT *clone_xprt)
1170 {
1171 struct rpc_msg rply;
1172
1173 rply.rm_direction = REPLY;
1174 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1175 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1176 rply.acpted_rply.ar_stat = SYSTEM_ERR;
1177 SVC_FREERES((SVCXPRT *)clone_xprt);
1178 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1179 }
1180
1181 /*
1182 * Authentication error reply
1183 */
1184 void
svcerr_auth(const SVCXPRT * clone_xprt,const enum auth_stat why)1185 svcerr_auth(const SVCXPRT *clone_xprt, const enum auth_stat why)
1186 {
1187 struct rpc_msg rply;
1188
1189 rply.rm_direction = REPLY;
1190 rply.rm_reply.rp_stat = MSG_DENIED;
1191 rply.rjcted_rply.rj_stat = AUTH_ERROR;
1192 rply.rjcted_rply.rj_why = why;
1193 SVC_FREERES((SVCXPRT *)clone_xprt);
1194 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1195 }
1196
1197 /*
1198 * Authentication too weak error reply
1199 */
1200 void
svcerr_weakauth(const SVCXPRT * clone_xprt)1201 svcerr_weakauth(const SVCXPRT *clone_xprt)
1202 {
1203 svcerr_auth((SVCXPRT *)clone_xprt, AUTH_TOOWEAK);
1204 }
1205
1206 /*
1207 * Authentication error; bad credentials
1208 */
1209 void
svcerr_badcred(const SVCXPRT * clone_xprt)1210 svcerr_badcred(const SVCXPRT *clone_xprt)
1211 {
1212 struct rpc_msg rply;
1213
1214 rply.rm_direction = REPLY;
1215 rply.rm_reply.rp_stat = MSG_DENIED;
1216 rply.rjcted_rply.rj_stat = AUTH_ERROR;
1217 rply.rjcted_rply.rj_why = AUTH_BADCRED;
1218 SVC_FREERES((SVCXPRT *)clone_xprt);
1219 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1220 }
1221
1222 /*
1223 * Program unavailable error reply
1224 *
1225 * PSARC 2003/523 Contract Private Interface
1226 * svcerr_noprog
1227 * Changes must be reviewed by Solaris File Sharing
1228 * Changes must be communicated to contract-2003-523@sun.com
1229 */
1230 void
svcerr_noprog(const SVCXPRT * clone_xprt)1231 svcerr_noprog(const SVCXPRT *clone_xprt)
1232 {
1233 struct rpc_msg rply;
1234
1235 rply.rm_direction = REPLY;
1236 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1237 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1238 rply.acpted_rply.ar_stat = PROG_UNAVAIL;
1239 SVC_FREERES((SVCXPRT *)clone_xprt);
1240 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1241 }
1242
1243 /*
1244 * Program version mismatch error reply
1245 *
1246 * PSARC 2003/523 Contract Private Interface
1247 * svcerr_progvers
1248 * Changes must be reviewed by Solaris File Sharing
1249 * Changes must be communicated to contract-2003-523@sun.com
1250 */
1251 void
svcerr_progvers(const SVCXPRT * clone_xprt,const rpcvers_t low_vers,const rpcvers_t high_vers)1252 svcerr_progvers(const SVCXPRT *clone_xprt,
1253 const rpcvers_t low_vers, const rpcvers_t high_vers)
1254 {
1255 struct rpc_msg rply;
1256
1257 rply.rm_direction = REPLY;
1258 rply.rm_reply.rp_stat = MSG_ACCEPTED;
1259 rply.acpted_rply.ar_verf = clone_xprt->xp_verf;
1260 rply.acpted_rply.ar_stat = PROG_MISMATCH;
1261 rply.acpted_rply.ar_vers.low = low_vers;
1262 rply.acpted_rply.ar_vers.high = high_vers;
1263 SVC_FREERES((SVCXPRT *)clone_xprt);
1264 SVC_REPLY((SVCXPRT *)clone_xprt, &rply);
1265 }
1266
1267 /*
1268 * Get server side input from some transport.
1269 *
1270 * Statement of authentication parameters management:
1271 * This function owns and manages all authentication parameters, specifically
1272 * the "raw" parameters (msg.rm_call.cb_cred and msg.rm_call.cb_verf) and
1273 * the "cooked" credentials (rqst->rq_clntcred).
1274 * However, this function does not know the structure of the cooked
1275 * credentials, so it make the following assumptions:
1276 * a) the structure is contiguous (no pointers), and
1277 * b) the cred structure size does not exceed RQCRED_SIZE bytes.
1278 * In all events, all three parameters are freed upon exit from this routine.
1279 * The storage is trivially managed on the call stack in user land, but
1280 * is malloced in kernel land.
1281 *
1282 * Note: the xprt's xp_svc_lock is not held while the service's dispatch
1283 * routine is running. If we decide to implement svc_unregister(), we'll
1284 * need to decide whether it's okay for a thread to unregister a service
1285 * while a request is being processed. If we decide that this is a
1286 * problem, we can probably use some sort of reference counting scheme to
1287 * keep the callout entry from going away until the request has completed.
1288 */
1289 static void
svc_getreq(SVCXPRT * clone_xprt,mblk_t * mp)1290 svc_getreq(
1291 SVCXPRT *clone_xprt, /* clone transport handle */
1292 mblk_t *mp)
1293 {
1294 struct rpc_msg msg;
1295 struct svc_req r;
1296 char *cred_area; /* too big to allocate on call stack */
1297
1298 TRACE_0(TR_FAC_KRPC, TR_SVC_GETREQ_START,
1299 "svc_getreq_start:");
1300
1301 ASSERT(clone_xprt->xp_master != NULL);
1302 ASSERT(!is_system_labeled() || msg_getcred(mp, NULL) != NULL ||
1303 mp->b_datap->db_type != M_DATA);
1304
1305 /*
1306 * Firstly, allocate the authentication parameters' storage
1307 */
1308 mutex_enter(&rqcred_lock);
1309 if (rqcred_head) {
1310 cred_area = rqcred_head;
1311
1312 /* LINTED pointer alignment */
1313 rqcred_head = *(caddr_t *)rqcred_head;
1314 mutex_exit(&rqcred_lock);
1315 } else {
1316 mutex_exit(&rqcred_lock);
1317 cred_area = kmem_alloc(2 * MAX_AUTH_BYTES + RQCRED_SIZE,
1318 KM_SLEEP);
1319 }
1320 msg.rm_call.cb_cred.oa_base = cred_area;
1321 msg.rm_call.cb_verf.oa_base = &(cred_area[MAX_AUTH_BYTES]);
1322 r.rq_clntcred = &(cred_area[2 * MAX_AUTH_BYTES]);
1323
1324 /*
1325 * underlying transport recv routine may modify mblk data
1326 * and make it difficult to extract label afterwards. So
1327 * get the label from the raw mblk data now.
1328 */
1329 if (is_system_labeled()) {
1330 cred_t *cr;
1331
1332 r.rq_label = kmem_alloc(sizeof (bslabel_t), KM_SLEEP);
1333 cr = msg_getcred(mp, NULL);
1334 ASSERT(cr != NULL);
1335
1336 bcopy(label2bslabel(crgetlabel(cr)), r.rq_label,
1337 sizeof (bslabel_t));
1338 } else {
1339 r.rq_label = NULL;
1340 }
1341
1342 /*
1343 * Now receive a message from the transport.
1344 */
1345 if (SVC_RECV(clone_xprt, mp, &msg)) {
1346 void (*dispatchroutine) (struct svc_req *, SVCXPRT *);
1347 rpcvers_t vers_min;
1348 rpcvers_t vers_max;
1349 bool_t no_dispatch;
1350 enum auth_stat why;
1351
1352 /*
1353 * Find the registered program and call its
1354 * dispatch routine.
1355 */
1356 r.rq_xprt = clone_xprt;
1357 r.rq_prog = msg.rm_call.cb_prog;
1358 r.rq_vers = msg.rm_call.cb_vers;
1359 r.rq_proc = msg.rm_call.cb_proc;
1360 r.rq_cred = msg.rm_call.cb_cred;
1361
1362 /*
1363 * First authenticate the message.
1364 */
1365 TRACE_0(TR_FAC_KRPC, TR_SVC_GETREQ_AUTH_START,
1366 "svc_getreq_auth_start:");
1367 if ((why = sec_svc_msg(&r, &msg, &no_dispatch)) != AUTH_OK) {
1368 TRACE_1(TR_FAC_KRPC, TR_SVC_GETREQ_AUTH_END,
1369 "svc_getreq_auth_end:(%S)", "failed");
1370 svcerr_auth(clone_xprt, why);
1371 /*
1372 * Free the arguments.
1373 */
1374 (void) SVC_FREEARGS(clone_xprt, NULL, NULL);
1375 } else if (no_dispatch) {
1376 /*
1377 * XXX - when bug id 4053736 is done, remove
1378 * the SVC_FREEARGS() call.
1379 */
1380 (void) SVC_FREEARGS(clone_xprt, NULL, NULL);
1381 } else {
1382 TRACE_1(TR_FAC_KRPC, TR_SVC_GETREQ_AUTH_END,
1383 "svc_getreq_auth_end:(%S)", "good");
1384
1385 dispatchroutine = svc_callout_find(clone_xprt,
1386 r.rq_prog, r.rq_vers, &vers_min, &vers_max);
1387
1388 if (dispatchroutine) {
1389 (*dispatchroutine) (&r, clone_xprt);
1390 } else {
1391 /*
1392 * If we got here, the program or version
1393 * is not served ...
1394 */
1395 if (vers_max == 0 ||
1396 version_keepquiet(clone_xprt))
1397 svcerr_noprog(clone_xprt);
1398 else
1399 svcerr_progvers(clone_xprt, vers_min,
1400 vers_max);
1401
1402 /*
1403 * Free the arguments. For successful calls
1404 * this is done by the dispatch routine.
1405 */
1406 (void) SVC_FREEARGS(clone_xprt, NULL, NULL);
1407 /* Fall through to ... */
1408 }
1409 /*
1410 * Call cleanup procedure for RPCSEC_GSS.
1411 * This is a hack since there is currently no
1412 * op, such as SVC_CLEANAUTH. rpc_gss_cleanup
1413 * should only be called for a non null proc.
1414 * Null procs in RPC GSS are overloaded to
1415 * provide context setup and control. The main
1416 * purpose of rpc_gss_cleanup is to decrement the
1417 * reference count associated with the cached
1418 * GSS security context. We should never get here
1419 * for an RPCSEC_GSS null proc since *no_dispatch
1420 * would have been set to true from sec_svc_msg above.
1421 */
1422 if (r.rq_cred.oa_flavor == RPCSEC_GSS)
1423 rpc_gss_cleanup(clone_xprt);
1424 }
1425 }
1426
1427 if (r.rq_label != NULL)
1428 kmem_free(r.rq_label, sizeof (bslabel_t));
1429
1430 /*
1431 * Free authentication parameters' storage
1432 */
1433 mutex_enter(&rqcred_lock);
1434 /* LINTED pointer alignment */
1435 *(caddr_t *)cred_area = rqcred_head;
1436 rqcred_head = cred_area;
1437 mutex_exit(&rqcred_lock);
1438 }
1439
1440 /*
1441 * Allocate new clone transport handle.
1442 */
1443 SVCXPRT *
svc_clone_init(void)1444 svc_clone_init(void)
1445 {
1446 SVCXPRT *clone_xprt;
1447
1448 clone_xprt = kmem_zalloc(sizeof (SVCXPRT), KM_SLEEP);
1449 clone_xprt->xp_cred = crget();
1450 return (clone_xprt);
1451 }
1452
1453 /*
1454 * Free memory allocated by svc_clone_init.
1455 */
1456 void
svc_clone_free(SVCXPRT * clone_xprt)1457 svc_clone_free(SVCXPRT *clone_xprt)
1458 {
1459 /* Fre credentials from crget() */
1460 if (clone_xprt->xp_cred)
1461 crfree(clone_xprt->xp_cred);
1462 kmem_free(clone_xprt, sizeof (SVCXPRT));
1463 }
1464
1465 /*
1466 * Link a per-thread clone transport handle to a master
1467 * - increment a thread reference count on the master
1468 * - copy some of the master's fields to the clone
1469 * - call a transport specific clone routine.
1470 */
1471 void
svc_clone_link(SVCMASTERXPRT * xprt,SVCXPRT * clone_xprt,SVCXPRT * clone_xprt2)1472 svc_clone_link(SVCMASTERXPRT *xprt, SVCXPRT *clone_xprt, SVCXPRT *clone_xprt2)
1473 {
1474 cred_t *cred = clone_xprt->xp_cred;
1475
1476 ASSERT(cred);
1477
1478 /*
1479 * Bump up master's thread count.
1480 * Linking a per-thread clone transport handle to a master
1481 * associates a service thread with the master.
1482 */
1483 mutex_enter(&xprt->xp_thread_lock);
1484 xprt->xp_threads++;
1485 mutex_exit(&xprt->xp_thread_lock);
1486
1487 /* Clear everything */
1488 bzero(clone_xprt, sizeof (SVCXPRT));
1489
1490 /* Set pointer to the master transport stucture */
1491 clone_xprt->xp_master = xprt;
1492
1493 /* Structure copy of all the common fields */
1494 clone_xprt->xp_xpc = xprt->xp_xpc;
1495
1496 /* Restore per-thread fields (xp_cred) */
1497 clone_xprt->xp_cred = cred;
1498
1499 if (clone_xprt2)
1500 SVC_CLONE_XPRT(clone_xprt2, clone_xprt);
1501 }
1502
1503 /*
1504 * Unlink a non-detached clone transport handle from a master
1505 * - decrement a thread reference count on the master
1506 * - if the transport is closing (xp_wq is NULL) call svc_xprt_cleanup();
1507 * if this is the last non-detached/absolute thread on this transport
1508 * then it will close/destroy the transport
1509 * - call transport specific function to destroy the clone handle
1510 * - clear xp_master to avoid recursion.
1511 */
1512 void
svc_clone_unlink(SVCXPRT * clone_xprt)1513 svc_clone_unlink(SVCXPRT *clone_xprt)
1514 {
1515 SVCMASTERXPRT *xprt = clone_xprt->xp_master;
1516
1517 /* This cannot be a detached thread */
1518 ASSERT(!clone_xprt->xp_detached);
1519 ASSERT(xprt->xp_threads > 0);
1520
1521 /* Decrement a reference count on the transport */
1522 mutex_enter(&xprt->xp_thread_lock);
1523 xprt->xp_threads--;
1524
1525 /* svc_xprt_cleanup() unlocks xp_thread_lock or destroys xprt */
1526 if (xprt->xp_wq)
1527 mutex_exit(&xprt->xp_thread_lock);
1528 else
1529 svc_xprt_cleanup(xprt, FALSE);
1530
1531 /* Call a transport specific clone `destroy' function */
1532 SVC_CLONE_DESTROY(clone_xprt);
1533
1534 /* Clear xp_master */
1535 clone_xprt->xp_master = NULL;
1536 }
1537
1538 /*
1539 * Unlink a detached clone transport handle from a master
1540 * - decrement the thread count on the master
1541 * - if the transport is closing (xp_wq is NULL) call svc_xprt_cleanup();
1542 * if this is the last thread on this transport then it will destroy
1543 * the transport.
1544 * - call a transport specific function to destroy the clone handle
1545 * - clear xp_master to avoid recursion.
1546 */
1547 static void
svc_clone_unlinkdetached(SVCXPRT * clone_xprt)1548 svc_clone_unlinkdetached(SVCXPRT *clone_xprt)
1549 {
1550 SVCMASTERXPRT *xprt = clone_xprt->xp_master;
1551
1552 /* This must be a detached thread */
1553 ASSERT(clone_xprt->xp_detached);
1554 ASSERT(xprt->xp_detached_threads > 0);
1555 ASSERT(xprt->xp_threads + xprt->xp_detached_threads > 0);
1556
1557 /* Grab xprt->xp_thread_lock and decrement link counts */
1558 mutex_enter(&xprt->xp_thread_lock);
1559 xprt->xp_detached_threads--;
1560
1561 /* svc_xprt_cleanup() unlocks xp_thread_lock or destroys xprt */
1562 if (xprt->xp_wq)
1563 mutex_exit(&xprt->xp_thread_lock);
1564 else
1565 svc_xprt_cleanup(xprt, TRUE);
1566
1567 /* Call transport specific clone `destroy' function */
1568 SVC_CLONE_DESTROY(clone_xprt);
1569
1570 /* Clear xp_master */
1571 clone_xprt->xp_master = NULL;
1572 }
1573
1574 /*
1575 * Try to exit a non-detached service thread
1576 * - check if there are enough threads left
1577 * - if this thread (ie its clone transport handle) are linked
1578 * to a master transport then unlink it
1579 * - free the clone structure
1580 * - return to userland for thread exit
1581 *
1582 * If this is the last non-detached or the last thread on this
1583 * transport then the call to svc_clone_unlink() will, respectively,
1584 * close and/or destroy the transport.
1585 */
1586 static void
svc_thread_exit(SVCPOOL * pool,SVCXPRT * clone_xprt)1587 svc_thread_exit(SVCPOOL *pool, SVCXPRT *clone_xprt)
1588 {
1589 if (clone_xprt->xp_master)
1590 svc_clone_unlink(clone_xprt);
1591 svc_clone_free(clone_xprt);
1592
1593 mutex_enter(&pool->p_thread_lock);
1594 pool->p_threads--;
1595 if (pool->p_closing && svc_pool_tryexit(pool))
1596 /* return - thread exit will be handled at user level */
1597 return;
1598 mutex_exit(&pool->p_thread_lock);
1599
1600 /* return - thread exit will be handled at user level */
1601 }
1602
1603 /*
1604 * Exit a detached service thread that returned to svc_run
1605 * - decrement the `detached thread' count for the pool
1606 * - unlink the detached clone transport handle from the master
1607 * - free the clone structure
1608 * - return to userland for thread exit
1609 *
1610 * If this is the last thread on this transport then the call
1611 * to svc_clone_unlinkdetached() will destroy the transport.
1612 */
1613 static void
svc_thread_exitdetached(SVCPOOL * pool,SVCXPRT * clone_xprt)1614 svc_thread_exitdetached(SVCPOOL *pool, SVCXPRT *clone_xprt)
1615 {
1616 /* This must be a detached thread */
1617 ASSERT(clone_xprt->xp_master);
1618 ASSERT(clone_xprt->xp_detached);
1619 ASSERT(!MUTEX_HELD(&pool->p_thread_lock));
1620
1621 svc_clone_unlinkdetached(clone_xprt);
1622 svc_clone_free(clone_xprt);
1623
1624 mutex_enter(&pool->p_thread_lock);
1625
1626 ASSERT(pool->p_reserved_threads >= 0);
1627 ASSERT(pool->p_detached_threads > 0);
1628
1629 pool->p_detached_threads--;
1630 if (pool->p_closing && svc_pool_tryexit(pool))
1631 /* return - thread exit will be handled at user level */
1632 return;
1633 mutex_exit(&pool->p_thread_lock);
1634
1635 /* return - thread exit will be handled at user level */
1636 }
1637
1638 /*
1639 * PSARC 2003/523 Contract Private Interface
1640 * svc_wait
1641 * Changes must be reviewed by Solaris File Sharing
1642 * Changes must be communicated to contract-2003-523@sun.com
1643 */
1644 int
svc_wait(int id)1645 svc_wait(int id)
1646 {
1647 SVCPOOL *pool;
1648 int err = 0;
1649 struct svc_globals *svc;
1650
1651 svc = zone_getspecific(svc_zone_key, curproc->p_zone);
1652 mutex_enter(&svc->svc_plock);
1653 pool = svc_pool_find(svc, id);
1654 mutex_exit(&svc->svc_plock);
1655
1656 if (pool == NULL)
1657 return (ENOENT);
1658
1659 mutex_enter(&pool->p_user_lock);
1660
1661 /* Check if there's already a user thread waiting on this pool */
1662 if (pool->p_user_waiting) {
1663 mutex_exit(&pool->p_user_lock);
1664 return (EBUSY);
1665 }
1666
1667 pool->p_user_waiting = TRUE;
1668
1669 /* Go to sleep, waiting for the signaled flag. */
1670 while (!pool->p_signal_create_thread && !pool->p_user_exit) {
1671 if (cv_wait_sig(&pool->p_user_cv, &pool->p_user_lock) == 0) {
1672 /* Interrupted, return to handle exit or signal */
1673 pool->p_user_waiting = FALSE;
1674 pool->p_signal_create_thread = FALSE;
1675 mutex_exit(&pool->p_user_lock);
1676
1677 /*
1678 * Thread has been interrupted and therefore
1679 * the service daemon is leaving as well so
1680 * let's go ahead and remove the service
1681 * pool at this time.
1682 */
1683 mutex_enter(&svc->svc_plock);
1684 svc_pool_unregister(svc, pool);
1685 mutex_exit(&svc->svc_plock);
1686
1687 return (EINTR);
1688 }
1689 }
1690
1691 pool->p_signal_create_thread = FALSE;
1692 pool->p_user_waiting = FALSE;
1693
1694 /*
1695 * About to exit the service pool. Set return value
1696 * to let the userland code know our intent. Signal
1697 * svc_thread_creator() so that it can clean up the
1698 * pool structure.
1699 */
1700 if (pool->p_user_exit) {
1701 err = ECANCELED;
1702 cv_signal(&pool->p_user_cv);
1703 }
1704
1705 mutex_exit(&pool->p_user_lock);
1706
1707 /* Return to userland with error code, for possible thread creation. */
1708 return (err);
1709 }
1710
1711 /*
1712 * `Service threads' creator thread.
1713 * The creator thread waits for a signal to create new thread.
1714 */
1715 static void
svc_thread_creator(SVCPOOL * pool)1716 svc_thread_creator(SVCPOOL *pool)
1717 {
1718 callb_cpr_t cpr_info; /* CPR info for the creator thread */
1719
1720 CALLB_CPR_INIT(&cpr_info, &pool->p_creator_lock, callb_generic_cpr,
1721 "svc_thread_creator");
1722
1723 for (;;) {
1724 mutex_enter(&pool->p_creator_lock);
1725
1726 /* Check if someone set the exit flag */
1727 if (pool->p_creator_exit)
1728 break;
1729
1730 /* Clear the `signaled' flag and go asleep */
1731 pool->p_creator_signaled = FALSE;
1732
1733 CALLB_CPR_SAFE_BEGIN(&cpr_info);
1734 cv_wait(&pool->p_creator_cv, &pool->p_creator_lock);
1735 CALLB_CPR_SAFE_END(&cpr_info, &pool->p_creator_lock);
1736
1737 /* Check if someone signaled to exit */
1738 if (pool->p_creator_exit)
1739 break;
1740
1741 mutex_exit(&pool->p_creator_lock);
1742
1743 mutex_enter(&pool->p_thread_lock);
1744
1745 /*
1746 * When the pool is in closing state and all the transports
1747 * are gone the creator should not create any new threads.
1748 */
1749 if (pool->p_closing) {
1750 rw_enter(&pool->p_lrwlock, RW_READER);
1751 if (pool->p_lcount == 0) {
1752 rw_exit(&pool->p_lrwlock);
1753 mutex_exit(&pool->p_thread_lock);
1754 continue;
1755 }
1756 rw_exit(&pool->p_lrwlock);
1757 }
1758
1759 /*
1760 * Create a new service thread now.
1761 */
1762 ASSERT(pool->p_reserved_threads >= 0);
1763 ASSERT(pool->p_detached_threads >= 0);
1764
1765 if (pool->p_threads + pool->p_detached_threads <
1766 pool->p_maxthreads) {
1767 /*
1768 * Signal the service pool wait thread
1769 * only if it hasn't already been signaled.
1770 */
1771 mutex_enter(&pool->p_user_lock);
1772 if (pool->p_signal_create_thread == FALSE) {
1773 pool->p_signal_create_thread = TRUE;
1774 cv_signal(&pool->p_user_cv);
1775 }
1776 mutex_exit(&pool->p_user_lock);
1777
1778 }
1779
1780 mutex_exit(&pool->p_thread_lock);
1781 }
1782
1783 /*
1784 * Pool is closed. Cleanup and exit.
1785 */
1786
1787 /* Signal userland creator thread that it can stop now. */
1788 mutex_enter(&pool->p_user_lock);
1789 pool->p_user_exit = TRUE;
1790 cv_broadcast(&pool->p_user_cv);
1791 mutex_exit(&pool->p_user_lock);
1792
1793 /* Wait for svc_wait() to be done with the pool */
1794 mutex_enter(&pool->p_user_lock);
1795 while (pool->p_user_waiting) {
1796 CALLB_CPR_SAFE_BEGIN(&cpr_info);
1797 cv_wait(&pool->p_user_cv, &pool->p_user_lock);
1798 CALLB_CPR_SAFE_END(&cpr_info, &pool->p_creator_lock);
1799 }
1800 mutex_exit(&pool->p_user_lock);
1801
1802 CALLB_CPR_EXIT(&cpr_info);
1803 svc_pool_cleanup(pool);
1804 zthread_exit();
1805 }
1806
1807 /*
1808 * If the creator thread is idle signal it to create
1809 * a new service thread.
1810 */
1811 static void
svc_creator_signal(SVCPOOL * pool)1812 svc_creator_signal(SVCPOOL *pool)
1813 {
1814 mutex_enter(&pool->p_creator_lock);
1815 if (pool->p_creator_signaled == FALSE) {
1816 pool->p_creator_signaled = TRUE;
1817 cv_signal(&pool->p_creator_cv);
1818 }
1819 mutex_exit(&pool->p_creator_lock);
1820 }
1821
1822 /*
1823 * Notify the creator thread to clean up and exit.
1824 */
1825 static void
svc_creator_signalexit(SVCPOOL * pool)1826 svc_creator_signalexit(SVCPOOL *pool)
1827 {
1828 mutex_enter(&pool->p_creator_lock);
1829 pool->p_creator_exit = TRUE;
1830 cv_signal(&pool->p_creator_cv);
1831 mutex_exit(&pool->p_creator_lock);
1832 }
1833
1834 /*
1835 * Polling part of the svc_run().
1836 * - search for a transport with a pending request
1837 * - when one is found then latch the request lock and return to svc_run()
1838 * - if there is no request go asleep and wait for a signal
1839 * - handle two exceptions:
1840 * a) current transport is closing
1841 * b) timeout waiting for a new request
1842 * in both cases return to svc_run()
1843 */
1844 static SVCMASTERXPRT *
svc_poll(SVCPOOL * pool,SVCMASTERXPRT * xprt,SVCXPRT * clone_xprt)1845 svc_poll(SVCPOOL *pool, SVCMASTERXPRT *xprt, SVCXPRT *clone_xprt)
1846 {
1847 /*
1848 * Main loop iterates until
1849 * a) we find a pending request,
1850 * b) detect that the current transport is closing
1851 * c) time out waiting for a new request.
1852 */
1853 for (;;) {
1854 SVCMASTERXPRT *next;
1855 clock_t timeleft;
1856
1857 /*
1858 * Step 1.
1859 * Check if there is a pending request on the current
1860 * transport handle so that we can avoid cloning.
1861 * If so then decrement the `pending-request' count for
1862 * the pool and return to svc_run().
1863 *
1864 * We need to prevent a potential starvation. When
1865 * a selected transport has all pending requests coming in
1866 * all the time then the service threads will never switch to
1867 * another transport. With a limited number of service
1868 * threads some transports may be never serviced.
1869 * To prevent such a scenario we pick up at most
1870 * pool->p_max_same_xprt requests from the same transport
1871 * and then take a hint from the xprt-ready queue or walk
1872 * the transport list.
1873 */
1874 if (xprt && xprt->xp_req_head && (!pool->p_qoverflow ||
1875 clone_xprt->xp_same_xprt++ < pool->p_max_same_xprt)) {
1876 mutex_enter(&xprt->xp_req_lock);
1877 if (xprt->xp_req_head) {
1878 mutex_enter(&pool->p_req_lock);
1879 pool->p_reqs--;
1880 if (pool->p_reqs == 0)
1881 pool->p_qoverflow = FALSE;
1882 mutex_exit(&pool->p_req_lock);
1883
1884 return (xprt);
1885 }
1886 mutex_exit(&xprt->xp_req_lock);
1887 }
1888 clone_xprt->xp_same_xprt = 0;
1889
1890 /*
1891 * Step 2.
1892 * If there is no request on the current transport try to
1893 * find another transport with a pending request.
1894 */
1895 mutex_enter(&pool->p_req_lock);
1896 pool->p_walkers++;
1897 mutex_exit(&pool->p_req_lock);
1898
1899 /*
1900 * Make sure that transports will not be destroyed just
1901 * while we are checking them.
1902 */
1903 rw_enter(&pool->p_lrwlock, RW_READER);
1904
1905 for (;;) {
1906 SVCMASTERXPRT *hint;
1907
1908 /*
1909 * Get the next transport from the xprt-ready queue.
1910 * This is a hint. There is no guarantee that the
1911 * transport still has a pending request since it
1912 * could be picked up by another thread in step 1.
1913 *
1914 * If the transport has a pending request then keep
1915 * it locked. Decrement the `pending-requests' for
1916 * the pool and `walking-threads' counts, and return
1917 * to svc_run().
1918 */
1919 hint = svc_xprt_qget(pool);
1920
1921 if (hint && hint->xp_req_head) {
1922 mutex_enter(&hint->xp_req_lock);
1923 if (hint->xp_req_head) {
1924 rw_exit(&pool->p_lrwlock);
1925
1926 mutex_enter(&pool->p_req_lock);
1927 pool->p_reqs--;
1928 if (pool->p_reqs == 0)
1929 pool->p_qoverflow = FALSE;
1930 pool->p_walkers--;
1931 mutex_exit(&pool->p_req_lock);
1932
1933 return (hint);
1934 }
1935 mutex_exit(&hint->xp_req_lock);
1936 }
1937
1938 /*
1939 * If there was no hint in the xprt-ready queue then
1940 * - if there is less pending requests than polling
1941 * threads go asleep
1942 * - otherwise check if there was an overflow in the
1943 * xprt-ready queue; if so, then we need to break
1944 * the `drain' mode
1945 */
1946 if (hint == NULL) {
1947 if (pool->p_reqs < pool->p_walkers) {
1948 mutex_enter(&pool->p_req_lock);
1949 if (pool->p_reqs < pool->p_walkers)
1950 goto sleep;
1951 mutex_exit(&pool->p_req_lock);
1952 }
1953 if (pool->p_qoverflow) {
1954 break;
1955 }
1956 }
1957 }
1958
1959 /*
1960 * If there was an overflow in the xprt-ready queue then we
1961 * need to switch to the `drain' mode, i.e. walk through the
1962 * pool's transport list and search for a transport with a
1963 * pending request. If we manage to drain all the pending
1964 * requests then we can clear the overflow flag. This will
1965 * switch svc_poll() back to taking hints from the xprt-ready
1966 * queue (which is generally more efficient).
1967 *
1968 * If there are no registered transports simply go asleep.
1969 */
1970 if (xprt == NULL && pool->p_lhead == NULL) {
1971 mutex_enter(&pool->p_req_lock);
1972 goto sleep;
1973 }
1974
1975 /*
1976 * `Walk' through the pool's list of master server
1977 * transport handles. Continue to loop until there are less
1978 * looping threads then pending requests.
1979 */
1980 next = xprt ? xprt->xp_next : pool->p_lhead;
1981
1982 for (;;) {
1983 /*
1984 * Check if there is a request on this transport.
1985 *
1986 * Since blocking on a locked mutex is very expensive
1987 * check for a request without a lock first. If we miss
1988 * a request that is just being delivered but this will
1989 * cost at most one full walk through the list.
1990 */
1991 if (next->xp_req_head) {
1992 /*
1993 * Check again, now with a lock.
1994 */
1995 mutex_enter(&next->xp_req_lock);
1996 if (next->xp_req_head) {
1997 rw_exit(&pool->p_lrwlock);
1998
1999 mutex_enter(&pool->p_req_lock);
2000 pool->p_reqs--;
2001 if (pool->p_reqs == 0)
2002 pool->p_qoverflow = FALSE;
2003 pool->p_walkers--;
2004 mutex_exit(&pool->p_req_lock);
2005
2006 return (next);
2007 }
2008 mutex_exit(&next->xp_req_lock);
2009 }
2010
2011 /*
2012 * Continue to `walk' through the pool's
2013 * transport list until there is less requests
2014 * than walkers. Check this condition without
2015 * a lock first to avoid contention on a mutex.
2016 */
2017 if (pool->p_reqs < pool->p_walkers) {
2018 /* Check again, now with the lock. */
2019 mutex_enter(&pool->p_req_lock);
2020 if (pool->p_reqs < pool->p_walkers)
2021 break; /* goto sleep */
2022 mutex_exit(&pool->p_req_lock);
2023 }
2024
2025 next = next->xp_next;
2026 }
2027
2028 sleep:
2029 /*
2030 * No work to do. Stop the `walk' and go asleep.
2031 * Decrement the `walking-threads' count for the pool.
2032 */
2033 pool->p_walkers--;
2034 rw_exit(&pool->p_lrwlock);
2035
2036 /*
2037 * Count us as asleep, mark this thread as safe
2038 * for suspend and wait for a request.
2039 */
2040 pool->p_asleep++;
2041 timeleft = cv_reltimedwait_sig(&pool->p_req_cv,
2042 &pool->p_req_lock, pool->p_timeout, TR_CLOCK_TICK);
2043
2044 /*
2045 * If the drowsy flag is on this means that
2046 * someone has signaled a wakeup. In such a case
2047 * the `asleep-threads' count has already updated
2048 * so just clear the flag.
2049 *
2050 * If the drowsy flag is off then we need to update
2051 * the `asleep-threads' count.
2052 */
2053 if (pool->p_drowsy) {
2054 pool->p_drowsy = FALSE;
2055 /*
2056 * If the thread is here because it timedout,
2057 * instead of returning SVC_ETIMEDOUT, it is
2058 * time to do some more work.
2059 */
2060 if (timeleft == -1)
2061 timeleft = 1;
2062 } else {
2063 pool->p_asleep--;
2064 }
2065 mutex_exit(&pool->p_req_lock);
2066
2067 /*
2068 * If we received a signal while waiting for a
2069 * request, inform svc_run(), so that we can return
2070 * to user level and exit.
2071 */
2072 if (timeleft == 0)
2073 return (SVC_EINTR);
2074
2075 /*
2076 * If the current transport is gone then notify
2077 * svc_run() to unlink from it.
2078 */
2079 if (xprt && xprt->xp_wq == NULL)
2080 return (SVC_EXPRTGONE);
2081
2082 /*
2083 * If we have timed out waiting for a request inform
2084 * svc_run() that we probably don't need this thread.
2085 */
2086 if (timeleft == -1)
2087 return (SVC_ETIMEDOUT);
2088 }
2089 }
2090
2091 /*
2092 * Main loop of the kernel RPC server
2093 * - wait for input (find a transport with a pending request).
2094 * - dequeue the request
2095 * - call a registered server routine to process the requests
2096 *
2097 * There can many threads running concurrently in this loop
2098 * on the same or on different transports.
2099 */
2100 static int
svc_run(SVCPOOL * pool)2101 svc_run(SVCPOOL *pool)
2102 {
2103 SVCMASTERXPRT *xprt = NULL; /* master transport handle */
2104 SVCXPRT *clone_xprt; /* clone for this thread */
2105 proc_t *p = ttoproc(curthread);
2106
2107 /* Allocate a clone transport handle for this thread */
2108 clone_xprt = svc_clone_init();
2109
2110 /*
2111 * The loop iterates until the thread becomes
2112 * idle too long or the transport is gone.
2113 */
2114 for (;;) {
2115 SVCMASTERXPRT *next;
2116 mblk_t *mp;
2117
2118 TRACE_0(TR_FAC_KRPC, TR_SVC_RUN, "svc_run");
2119
2120 /*
2121 * If the process is exiting/killed, return
2122 * immediately without processing any more
2123 * requests.
2124 */
2125 if (p->p_flag & (SEXITING | SKILLED)) {
2126 svc_thread_exit(pool, clone_xprt);
2127 return (EINTR);
2128 }
2129
2130 /* Find a transport with a pending request */
2131 next = svc_poll(pool, xprt, clone_xprt);
2132
2133 /*
2134 * If svc_poll() finds a transport with a request
2135 * it latches xp_req_lock on it. Therefore we need
2136 * to dequeue the request and release the lock as
2137 * soon as possible.
2138 */
2139 ASSERT(next != NULL &&
2140 (next == SVC_EXPRTGONE ||
2141 next == SVC_ETIMEDOUT ||
2142 next == SVC_EINTR ||
2143 MUTEX_HELD(&next->xp_req_lock)));
2144
2145 /* Ooops! Current transport is closing. Unlink now */
2146 if (next == SVC_EXPRTGONE) {
2147 svc_clone_unlink(clone_xprt);
2148 xprt = NULL;
2149 continue;
2150 }
2151
2152 /* Ooops! Timeout while waiting for a request. Exit */
2153 if (next == SVC_ETIMEDOUT) {
2154 svc_thread_exit(pool, clone_xprt);
2155 return (0);
2156 }
2157
2158 /*
2159 * Interrupted by a signal while waiting for a
2160 * request. Return to userspace and exit.
2161 */
2162 if (next == SVC_EINTR) {
2163 svc_thread_exit(pool, clone_xprt);
2164 return (EINTR);
2165 }
2166
2167 /*
2168 * De-queue the request and release the request lock
2169 * on this transport (latched by svc_poll()).
2170 */
2171 mp = next->xp_req_head;
2172 next->xp_req_head = mp->b_next;
2173 mp->b_next = (mblk_t *)0;
2174
2175 TRACE_2(TR_FAC_KRPC, TR_NFSFP_QUE_REQ_DEQ,
2176 "rpc_que_req_deq:pool %p mp %p", pool, mp);
2177 mutex_exit(&next->xp_req_lock);
2178
2179 /*
2180 * If this is a new request on a current transport then
2181 * the clone structure is already properly initialized.
2182 * Otherwise, if the request is on a different transport,
2183 * unlink from the current master and link to
2184 * the one we got a request on.
2185 */
2186 if (next != xprt) {
2187 if (xprt)
2188 svc_clone_unlink(clone_xprt);
2189 svc_clone_link(next, clone_xprt, NULL);
2190 xprt = next;
2191 }
2192
2193 /*
2194 * If there are more requests and req_cv hasn't
2195 * been signaled yet then wake up one more thread now.
2196 *
2197 * We avoid signaling req_cv until the most recently
2198 * signaled thread wakes up and gets CPU to clear
2199 * the `drowsy' flag.
2200 */
2201 if (!(pool->p_drowsy || pool->p_reqs <= pool->p_walkers ||
2202 pool->p_asleep == 0)) {
2203 mutex_enter(&pool->p_req_lock);
2204
2205 if (pool->p_drowsy || pool->p_reqs <= pool->p_walkers ||
2206 pool->p_asleep == 0)
2207 mutex_exit(&pool->p_req_lock);
2208 else {
2209 pool->p_asleep--;
2210 pool->p_drowsy = TRUE;
2211
2212 cv_signal(&pool->p_req_cv);
2213 mutex_exit(&pool->p_req_lock);
2214 }
2215 }
2216
2217 /*
2218 * If there are no asleep/signaled threads, we are
2219 * still below pool->p_maxthreads limit, and no thread is
2220 * currently being created then signal the creator
2221 * for one more service thread.
2222 *
2223 * The asleep and drowsy checks are not protected
2224 * by a lock since it hurts performance and a wrong
2225 * decision is not essential.
2226 */
2227 if (pool->p_asleep == 0 && !pool->p_drowsy &&
2228 pool->p_threads + pool->p_detached_threads <
2229 pool->p_maxthreads)
2230 svc_creator_signal(pool);
2231
2232 /*
2233 * Process the request.
2234 */
2235 svc_getreq(clone_xprt, mp);
2236
2237 /* If thread had a reservation it should have been canceled */
2238 ASSERT(!clone_xprt->xp_reserved);
2239
2240 /*
2241 * If the clone is marked detached then exit.
2242 * The rpcmod slot has already been released
2243 * when we detached this thread.
2244 */
2245 if (clone_xprt->xp_detached) {
2246 svc_thread_exitdetached(pool, clone_xprt);
2247 return (0);
2248 }
2249
2250 /*
2251 * Release our reference on the rpcmod
2252 * slot attached to xp_wq->q_ptr.
2253 */
2254 (*RELE_PROC(xprt)) (clone_xprt->xp_wq, NULL);
2255 }
2256 /* NOTREACHED */
2257 }
2258
2259 /*
2260 * Flush any pending requests for the queue and
2261 * and free the associated mblks.
2262 */
2263 void
svc_queueclean(queue_t * q)2264 svc_queueclean(queue_t *q)
2265 {
2266 SVCMASTERXPRT *xprt = ((void **) q->q_ptr)[0];
2267 mblk_t *mp;
2268 SVCPOOL *pool;
2269
2270 /*
2271 * clean up the requests
2272 */
2273 mutex_enter(&xprt->xp_req_lock);
2274 pool = xprt->xp_pool;
2275 while ((mp = xprt->xp_req_head) != NULL) {
2276 /* remove the request from the list and decrement p_reqs */
2277 xprt->xp_req_head = mp->b_next;
2278 mutex_enter(&pool->p_req_lock);
2279 mp->b_next = (mblk_t *)0;
2280 pool->p_reqs--;
2281 mutex_exit(&pool->p_req_lock);
2282 (*RELE_PROC(xprt)) (xprt->xp_wq, mp);
2283 }
2284 mutex_exit(&xprt->xp_req_lock);
2285 }
2286
2287 /*
2288 * This routine is called by rpcmod to inform kernel RPC that a
2289 * queue is closing. It is called after all the requests have been
2290 * picked up (that is after all the slots on the queue have
2291 * been released by kernel RPC). It is also guaranteed that no more
2292 * request will be delivered on this transport.
2293 *
2294 * - clear xp_wq to mark the master server transport handle as closing
2295 * - if there are no more threads on this transport close/destroy it
2296 * - otherwise, broadcast threads sleeping in svc_poll(); the last
2297 * thread will close/destroy the transport.
2298 */
2299 void
svc_queueclose(queue_t * q)2300 svc_queueclose(queue_t *q)
2301 {
2302 SVCMASTERXPRT *xprt = ((void **) q->q_ptr)[0];
2303
2304 if (xprt == NULL) {
2305 /*
2306 * If there is no master xprt associated with this stream,
2307 * then there is nothing to do. This happens regularly
2308 * with connection-oriented listening streams created by
2309 * nfsd.
2310 */
2311 return;
2312 }
2313
2314 mutex_enter(&xprt->xp_thread_lock);
2315
2316 ASSERT(xprt->xp_req_head == NULL);
2317 ASSERT(xprt->xp_wq != NULL);
2318
2319 xprt->xp_wq = NULL;
2320
2321 if (xprt->xp_threads == 0) {
2322 SVCPOOL *pool = xprt->xp_pool;
2323
2324 /*
2325 * svc_xprt_cleanup() destroys the transport
2326 * or releases the transport thread lock
2327 */
2328 svc_xprt_cleanup(xprt, FALSE);
2329
2330 mutex_enter(&pool->p_thread_lock);
2331
2332 /*
2333 * If the pool is in closing state and this was
2334 * the last transport in the pool then signal the creator
2335 * thread to clean up and exit.
2336 */
2337 if (pool->p_closing && svc_pool_tryexit(pool)) {
2338 return;
2339 }
2340 mutex_exit(&pool->p_thread_lock);
2341 } else {
2342 /*
2343 * Wakeup threads sleeping in svc_poll() so that they
2344 * unlink from the transport
2345 */
2346 mutex_enter(&xprt->xp_pool->p_req_lock);
2347 cv_broadcast(&xprt->xp_pool->p_req_cv);
2348 mutex_exit(&xprt->xp_pool->p_req_lock);
2349
2350 /*
2351 * NOTICE: No references to the master transport structure
2352 * beyond this point!
2353 */
2354 mutex_exit(&xprt->xp_thread_lock);
2355 }
2356 }
2357
2358 /*
2359 * Interrupt `request delivery' routine called from rpcmod
2360 * - put a request at the tail of the transport request queue
2361 * - insert a hint for svc_poll() into the xprt-ready queue
2362 * - increment the `pending-requests' count for the pool
2363 * - wake up a thread sleeping in svc_poll() if necessary
2364 * - if all the threads are running ask the creator for a new one.
2365 */
2366 void
svc_queuereq(queue_t * q,mblk_t * mp)2367 svc_queuereq(queue_t *q, mblk_t *mp)
2368 {
2369 SVCMASTERXPRT *xprt = ((void **) q->q_ptr)[0];
2370 SVCPOOL *pool = xprt->xp_pool;
2371
2372 TRACE_0(TR_FAC_KRPC, TR_SVC_QUEUEREQ_START, "svc_queuereq_start");
2373
2374 ASSERT(!is_system_labeled() || msg_getcred(mp, NULL) != NULL ||
2375 mp->b_datap->db_type != M_DATA);
2376
2377 /*
2378 * Step 1.
2379 * Grab the transport's request lock and the
2380 * pool's request lock so that when we put
2381 * the request at the tail of the transport's
2382 * request queue, possibly put the request on
2383 * the xprt ready queue and increment the
2384 * pending request count it looks atomic.
2385 */
2386 mutex_enter(&xprt->xp_req_lock);
2387 mutex_enter(&pool->p_req_lock);
2388 if (xprt->xp_req_head == NULL)
2389 xprt->xp_req_head = mp;
2390 else
2391 xprt->xp_req_tail->b_next = mp;
2392 xprt->xp_req_tail = mp;
2393
2394 /*
2395 * Step 2.
2396 * Insert a hint into the xprt-ready queue, increment
2397 * `pending-requests' count for the pool, and wake up
2398 * a thread sleeping in svc_poll() if necessary.
2399 */
2400
2401 /* Insert pointer to this transport into the xprt-ready queue */
2402 svc_xprt_qput(pool, xprt);
2403
2404 /* Increment the `pending-requests' count for the pool */
2405 pool->p_reqs++;
2406
2407 TRACE_2(TR_FAC_KRPC, TR_NFSFP_QUE_REQ_ENQ,
2408 "rpc_que_req_enq:pool %p mp %p", pool, mp);
2409
2410 /*
2411 * If there are more requests and req_cv hasn't
2412 * been signaled yet then wake up one more thread now.
2413 *
2414 * We avoid signaling req_cv until the most recently
2415 * signaled thread wakes up and gets CPU to clear
2416 * the `drowsy' flag.
2417 */
2418 if (pool->p_drowsy || pool->p_reqs <= pool->p_walkers ||
2419 pool->p_asleep == 0) {
2420 mutex_exit(&pool->p_req_lock);
2421 } else {
2422 pool->p_drowsy = TRUE;
2423 pool->p_asleep--;
2424
2425 /*
2426 * Signal wakeup and drop the request lock.
2427 */
2428 cv_signal(&pool->p_req_cv);
2429 mutex_exit(&pool->p_req_lock);
2430 }
2431 mutex_exit(&xprt->xp_req_lock);
2432
2433 /*
2434 * Step 3.
2435 * If there are no asleep/signaled threads, we are
2436 * still below pool->p_maxthreads limit, and no thread is
2437 * currently being created then signal the creator
2438 * for one more service thread.
2439 *
2440 * The asleep and drowsy checks are not not protected
2441 * by a lock since it hurts performance and a wrong
2442 * decision is not essential.
2443 */
2444 if (pool->p_asleep == 0 && !pool->p_drowsy &&
2445 pool->p_threads + pool->p_detached_threads < pool->p_maxthreads)
2446 svc_creator_signal(pool);
2447
2448 TRACE_1(TR_FAC_KRPC, TR_SVC_QUEUEREQ_END,
2449 "svc_queuereq_end:(%S)", "end");
2450 }
2451
2452 /*
2453 * Reserve a service thread so that it can be detached later.
2454 * This reservation is required to make sure that when it tries to
2455 * detach itself the total number of detached threads does not exceed
2456 * pool->p_maxthreads - pool->p_redline (i.e. that we can have
2457 * up to pool->p_redline non-detached threads).
2458 *
2459 * If the thread does not detach itself later, it should cancel the
2460 * reservation before returning to svc_run().
2461 *
2462 * - check if there is room for more reserved/detached threads
2463 * - if so, then increment the `reserved threads' count for the pool
2464 * - mark the thread as reserved (setting the flag in the clone transport
2465 * handle for this thread
2466 * - returns 1 if the reservation succeeded, 0 if it failed.
2467 */
2468 int
svc_reserve_thread(SVCXPRT * clone_xprt)2469 svc_reserve_thread(SVCXPRT *clone_xprt)
2470 {
2471 SVCPOOL *pool = clone_xprt->xp_master->xp_pool;
2472
2473 /* Recursive reservations are not allowed */
2474 ASSERT(!clone_xprt->xp_reserved);
2475 ASSERT(!clone_xprt->xp_detached);
2476
2477 /* Check pool counts if there is room for reservation */
2478 mutex_enter(&pool->p_thread_lock);
2479 if (pool->p_reserved_threads + pool->p_detached_threads >=
2480 pool->p_maxthreads - pool->p_redline) {
2481 mutex_exit(&pool->p_thread_lock);
2482 return (0);
2483 }
2484 pool->p_reserved_threads++;
2485 mutex_exit(&pool->p_thread_lock);
2486
2487 /* Mark the thread (clone handle) as reserved */
2488 clone_xprt->xp_reserved = TRUE;
2489
2490 return (1);
2491 }
2492
2493 /*
2494 * Cancel a reservation for a thread.
2495 * - decrement the `reserved threads' count for the pool
2496 * - clear the flag in the clone transport handle for this thread.
2497 */
2498 void
svc_unreserve_thread(SVCXPRT * clone_xprt)2499 svc_unreserve_thread(SVCXPRT *clone_xprt)
2500 {
2501 SVCPOOL *pool = clone_xprt->xp_master->xp_pool;
2502
2503 /* Thread must have a reservation */
2504 ASSERT(clone_xprt->xp_reserved);
2505 ASSERT(!clone_xprt->xp_detached);
2506
2507 /* Decrement global count */
2508 mutex_enter(&pool->p_thread_lock);
2509 pool->p_reserved_threads--;
2510 mutex_exit(&pool->p_thread_lock);
2511
2512 /* Clear reservation flag */
2513 clone_xprt->xp_reserved = FALSE;
2514 }
2515
2516 /*
2517 * Detach a thread from its transport, so that it can block for an
2518 * extended time. Because the transport can be closed after the thread is
2519 * detached, the thread should have already sent off a reply if it was
2520 * going to send one.
2521 *
2522 * - decrement `non-detached threads' count and increment `detached threads'
2523 * counts for the transport
2524 * - decrement the `non-detached threads' and `reserved threads'
2525 * counts and increment the `detached threads' count for the pool
2526 * - release the rpcmod slot
2527 * - mark the clone (thread) as detached.
2528 *
2529 * No need to return a pointer to the thread's CPR information, since
2530 * the thread has a userland identity.
2531 *
2532 * NOTICE: a thread must not detach itself without making a prior reservation
2533 * through svc_thread_reserve().
2534 */
2535 callb_cpr_t *
svc_detach_thread(SVCXPRT * clone_xprt)2536 svc_detach_thread(SVCXPRT *clone_xprt)
2537 {
2538 SVCMASTERXPRT *xprt = clone_xprt->xp_master;
2539 SVCPOOL *pool = xprt->xp_pool;
2540
2541 /* Thread must have a reservation */
2542 ASSERT(clone_xprt->xp_reserved);
2543 ASSERT(!clone_xprt->xp_detached);
2544
2545 /* Bookkeeping for this transport */
2546 mutex_enter(&xprt->xp_thread_lock);
2547 xprt->xp_threads--;
2548 xprt->xp_detached_threads++;
2549 mutex_exit(&xprt->xp_thread_lock);
2550
2551 /* Bookkeeping for the pool */
2552 mutex_enter(&pool->p_thread_lock);
2553 pool->p_threads--;
2554 pool->p_reserved_threads--;
2555 pool->p_detached_threads++;
2556 mutex_exit(&pool->p_thread_lock);
2557
2558 /* Release an rpcmod slot for this request */
2559 (*RELE_PROC(xprt)) (clone_xprt->xp_wq, NULL);
2560
2561 /* Mark the clone (thread) as detached */
2562 clone_xprt->xp_reserved = FALSE;
2563 clone_xprt->xp_detached = TRUE;
2564
2565 return (NULL);
2566 }
2567
2568 /*
2569 * This routine is responsible for extracting RDMA plugin master XPRT,
2570 * unregister from the SVCPOOL and initiate plugin specific cleanup.
2571 * It is passed a list/group of rdma transports as records which are
2572 * active in a given registered or unregistered kRPC thread pool. Its shuts
2573 * all active rdma transports in that pool. If the thread active on the trasport
2574 * happens to be last thread for that pool, it will signal the creater thread
2575 * to cleanup the pool and destroy the xprt in svc_queueclose()
2576 */
2577 void
rdma_stop(rdma_xprt_group_t * rdma_xprts)2578 rdma_stop(rdma_xprt_group_t *rdma_xprts)
2579 {
2580 SVCMASTERXPRT *xprt;
2581 rdma_xprt_record_t *curr_rec;
2582 queue_t *q;
2583 mblk_t *mp;
2584 int i, rtg_count;
2585 SVCPOOL *pool;
2586
2587 if (rdma_xprts->rtg_count == 0)
2588 return;
2589
2590 rtg_count = rdma_xprts->rtg_count;
2591
2592 for (i = 0; i < rtg_count; i++) {
2593 curr_rec = rdma_xprts->rtg_listhead;
2594 rdma_xprts->rtg_listhead = curr_rec->rtr_next;
2595 rdma_xprts->rtg_count--;
2596 curr_rec->rtr_next = NULL;
2597 xprt = curr_rec->rtr_xprt_ptr;
2598 q = xprt->xp_wq;
2599 svc_rdma_kstop(xprt);
2600
2601 mutex_enter(&xprt->xp_req_lock);
2602 pool = xprt->xp_pool;
2603 while ((mp = xprt->xp_req_head) != NULL) {
2604 /*
2605 * remove the request from the list and
2606 * decrement p_reqs
2607 */
2608 xprt->xp_req_head = mp->b_next;
2609 mutex_enter(&pool->p_req_lock);
2610 mp->b_next = (mblk_t *)0;
2611 pool->p_reqs--;
2612 mutex_exit(&pool->p_req_lock);
2613 if (mp) {
2614 rdma_recv_data_t *rdp = (rdma_recv_data_t *)
2615 mp->b_rptr;
2616 RDMA_BUF_FREE(rdp->conn, &rdp->rpcmsg);
2617 RDMA_REL_CONN(rdp->conn);
2618 freemsg(mp);
2619 }
2620 }
2621 mutex_exit(&xprt->xp_req_lock);
2622 svc_queueclose(q);
2623 #ifdef DEBUG
2624 if (rdma_check)
2625 cmn_err(CE_NOTE, "rdma_stop: Exited svc_queueclose\n");
2626 #endif
2627 /*
2628 * Free the rdma transport record for the expunged rdma
2629 * based master transport handle.
2630 */
2631 kmem_free(curr_rec, sizeof (rdma_xprt_record_t));
2632 if (!rdma_xprts->rtg_listhead)
2633 break;
2634 }
2635 }
2636
2637
2638 /*
2639 * rpc_msg_dup/rpc_msg_free
2640 * Currently only used by svc_rpcsec_gss.c but put in this file as it
2641 * may be useful to others in the future.
2642 * But future consumers should be careful cuz so far
2643 * - only tested/used for call msgs (not reply)
2644 * - only tested/used with call verf oa_length==0
2645 */
2646 struct rpc_msg *
rpc_msg_dup(struct rpc_msg * src)2647 rpc_msg_dup(struct rpc_msg *src)
2648 {
2649 struct rpc_msg *dst;
2650 struct opaque_auth oa_src, oa_dst;
2651
2652 dst = kmem_alloc(sizeof (*dst), KM_SLEEP);
2653
2654 dst->rm_xid = src->rm_xid;
2655 dst->rm_direction = src->rm_direction;
2656
2657 dst->rm_call.cb_rpcvers = src->rm_call.cb_rpcvers;
2658 dst->rm_call.cb_prog = src->rm_call.cb_prog;
2659 dst->rm_call.cb_vers = src->rm_call.cb_vers;
2660 dst->rm_call.cb_proc = src->rm_call.cb_proc;
2661
2662 /* dup opaque auth call body cred */
2663 oa_src = src->rm_call.cb_cred;
2664
2665 oa_dst.oa_flavor = oa_src.oa_flavor;
2666 oa_dst.oa_base = kmem_alloc(oa_src.oa_length, KM_SLEEP);
2667
2668 bcopy(oa_src.oa_base, oa_dst.oa_base, oa_src.oa_length);
2669 oa_dst.oa_length = oa_src.oa_length;
2670
2671 dst->rm_call.cb_cred = oa_dst;
2672
2673 /* dup or just alloc opaque auth call body verifier */
2674 if (src->rm_call.cb_verf.oa_length > 0) {
2675 oa_src = src->rm_call.cb_verf;
2676
2677 oa_dst.oa_flavor = oa_src.oa_flavor;
2678 oa_dst.oa_base = kmem_alloc(oa_src.oa_length, KM_SLEEP);
2679
2680 bcopy(oa_src.oa_base, oa_dst.oa_base, oa_src.oa_length);
2681 oa_dst.oa_length = oa_src.oa_length;
2682
2683 dst->rm_call.cb_verf = oa_dst;
2684 } else {
2685 oa_dst.oa_flavor = -1; /* will be set later */
2686 oa_dst.oa_base = kmem_alloc(MAX_AUTH_BYTES, KM_SLEEP);
2687
2688 oa_dst.oa_length = 0; /* will be set later */
2689
2690 dst->rm_call.cb_verf = oa_dst;
2691 }
2692 return (dst);
2693
2694 error:
2695 kmem_free(dst->rm_call.cb_cred.oa_base, dst->rm_call.cb_cred.oa_length);
2696 kmem_free(dst, sizeof (*dst));
2697 return (NULL);
2698 }
2699
2700 void
rpc_msg_free(struct rpc_msg ** msg,int cb_verf_oa_length)2701 rpc_msg_free(struct rpc_msg **msg, int cb_verf_oa_length)
2702 {
2703 struct rpc_msg *m = *msg;
2704
2705 kmem_free(m->rm_call.cb_cred.oa_base, m->rm_call.cb_cred.oa_length);
2706 m->rm_call.cb_cred.oa_base = NULL;
2707 m->rm_call.cb_cred.oa_length = 0;
2708
2709 kmem_free(m->rm_call.cb_verf.oa_base, cb_verf_oa_length);
2710 m->rm_call.cb_verf.oa_base = NULL;
2711 m->rm_call.cb_verf.oa_length = 0;
2712
2713 kmem_free(m, sizeof (*m));
2714 m = NULL;
2715 }
2716