1 /* $NetBSD: krpc_subr.c,v 1.39 2015/03/27 07:18:11 hikaru Exp $ */ 2 3 /* 4 * Copyright (c) 1995 Gordon Ross, Adam Glass 5 * Copyright (c) 1992 Regents of the University of California. 6 * All rights reserved. 7 * 8 * This software was developed by the Computer Systems Engineering group 9 * at Lawrence Berkeley Laboratory under DARPA contract BG 91-66 and 10 * contributed to Berkeley. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by the University of 23 * California, Lawrence Berkeley Laboratory and its contributors. 24 * 4. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * partially based on: 41 * libnetboot/rpc.c 42 * @(#) Header: rpc.c,v 1.12 93/09/28 08:31:56 leres Exp (LBL) 43 */ 44 45 #include <sys/cdefs.h> 46 __KERNEL_RCSID(0, "$NetBSD: krpc_subr.c,v 1.39 2015/03/27 07:18:11 hikaru Exp $"); 47 48 #include <sys/param.h> 49 #include <sys/systm.h> 50 #include <sys/ioctl.h> 51 #include <sys/proc.h> 52 #include <sys/mount.h> 53 #include <sys/mbuf.h> 54 #include <sys/reboot.h> 55 #include <sys/socket.h> 56 #include <sys/socketvar.h> 57 58 #include <netinet/in.h> 59 60 #include <nfs/rpcv2.h> 61 #include <nfs/krpc.h> 62 #include <nfs/xdr_subs.h> 63 #include <nfs/nfsproto.h> /* XXX NFSX_V3FHMAX for next */ 64 #include <nfs/nfs.h> 65 #include <nfs/nfsmount.h> 66 #include <nfs/nfsdiskless.h> /* XXX decl nfs_boot_sendrecv */ 67 68 /* 69 * Kernel support for Sun RPC 70 * 71 * Used currently for bootstrapping in nfs diskless configurations. 72 */ 73 74 /* 75 * Generic RPC headers 76 */ 77 78 struct auth_info { 79 u_int32_t authtype; /* auth type */ 80 u_int32_t authlen; /* auth length */ 81 }; 82 83 struct auth_unix { 84 int32_t ua_time; 85 int32_t ua_hostname; /* null */ 86 int32_t ua_uid; 87 int32_t ua_gid; 88 int32_t ua_gidlist; /* null */ 89 }; 90 91 struct rpc_call { 92 u_int32_t rp_xid; /* request transaction id */ 93 int32_t rp_direction; /* call direction (0) */ 94 u_int32_t rp_rpcvers; /* rpc version (2) */ 95 u_int32_t rp_prog; /* program */ 96 u_int32_t rp_vers; /* version */ 97 u_int32_t rp_proc; /* procedure */ 98 struct auth_info rpc_auth; 99 struct auth_unix rpc_unix; 100 struct auth_info rpc_verf; 101 }; 102 103 struct rpc_reply { 104 u_int32_t rp_xid; /* request transaction id */ 105 int32_t rp_direction; /* call direction (1) */ 106 int32_t rp_astatus; /* accept status (0: accepted) */ 107 union { 108 /* rejected */ 109 struct { 110 u_int32_t rej_stat; 111 u_int32_t rej_val1; 112 u_int32_t rej_val2; 113 } rpu_rej; 114 /* accepted */ 115 struct { 116 struct auth_info rok_auth; 117 u_int32_t rok_status; 118 } rpu_rok; 119 } rp_u; 120 }; 121 #define rp_rstat rp_u.rpu_rej.rej_stat 122 #define rp_auth rp_u.rpu_rok.rok_auth 123 #define rp_status rp_u.rpu_rok.rok_status 124 125 #define MIN_REPLY_HDR 16 /* xid, dir, astat, errno */ 126 127 static int krpccheck(struct mbuf**, void*); 128 129 /* 130 * Call portmap to lookup a port number for a particular rpc program 131 * Returns non-zero error on failure. 132 */ 133 int 134 krpc_portmap(struct sockaddr_in *sin, u_int prog, u_int vers, u_int proto, u_int16_t *portp, struct lwp *l) 135 /* sin: server address */ 136 /* prog, vers, proto: host order */ 137 /* portp: network order */ 138 { 139 struct sdata { 140 u_int32_t prog; /* call program */ 141 u_int32_t vers; /* call version */ 142 u_int32_t proto; /* call protocol */ 143 u_int32_t port; /* call port (unused) */ 144 } *sdata; 145 struct rdata { 146 u_int16_t pad; 147 u_int16_t port; 148 } *rdata; 149 struct mbuf *m; 150 int error; 151 152 /* The portmapper port is fixed. */ 153 if (prog == PMAPPROG) { 154 *portp = htons(PMAPPORT); 155 return 0; 156 } 157 158 m = m_get(M_WAIT, MT_DATA); 159 sdata = mtod(m, struct sdata *); 160 m->m_len = sizeof(*sdata); 161 162 /* Do the RPC to get it. */ 163 sdata->prog = txdr_unsigned(prog); 164 sdata->vers = txdr_unsigned(vers); 165 sdata->proto = txdr_unsigned(proto); 166 sdata->port = 0; 167 168 sin->sin_port = htons(PMAPPORT); 169 error = krpc_call(sin, PMAPPROG, PMAPVERS, 170 PMAPPROC_GETPORT, &m, NULL, l); 171 if (error) 172 return error; 173 174 if (m->m_len < sizeof(*rdata)) { 175 m = m_pullup(m, sizeof(*rdata)); 176 if (m == NULL) 177 return ENOBUFS; 178 } 179 rdata = mtod(m, struct rdata *); 180 *portp = rdata->port; 181 182 m_freem(m); 183 return 0; 184 } 185 186 static int krpccheck(struct mbuf **mp, void *context) 187 { 188 struct rpc_reply *reply; 189 struct mbuf *m = *mp; 190 191 /* Does the reply contain at least a header? */ 192 if (m->m_pkthdr.len < MIN_REPLY_HDR) 193 return(-1); 194 if (m->m_len < sizeof(struct rpc_reply)) { 195 m = *mp = m_pullup(m, sizeof(struct rpc_reply)); 196 if (m == NULL) 197 return(-1); 198 } 199 reply = mtod(m, struct rpc_reply *); 200 201 /* Is it the right reply? */ 202 if (reply->rp_direction != txdr_unsigned(RPC_REPLY)) 203 return(-1); 204 205 if (reply->rp_xid != txdr_unsigned(*(u_int32_t*)context)) 206 return(-1); 207 208 return(0); 209 } 210 211 /* 212 * Do a remote procedure call (RPC) and wait for its reply. 213 * If from_p is non-null, then we are doing broadcast, and 214 * the address from whence the response came is saved there. 215 */ 216 int 217 krpc_call(struct sockaddr_in *sa, u_int prog, u_int vers, u_int func, struct mbuf **data, struct mbuf **from_p, struct lwp *l) 218 /* data: input/output */ 219 /* from_p: output */ 220 { 221 struct socket *so; 222 struct sockaddr_in *sin; 223 struct mbuf *m, *nam, *mhead, *from; 224 struct rpc_call *call; 225 struct rpc_reply *reply; 226 int error, len; 227 static u_int32_t xid = ~0xFF; 228 u_int16_t tport; 229 230 /* 231 * Validate address family. 232 * Sorry, this is INET specific... 233 */ 234 if (sa->sin_family != AF_INET) 235 return (EAFNOSUPPORT); 236 237 /* Free at end if not null. */ 238 nam = mhead = NULL; 239 from = NULL; 240 241 /* 242 * Create socket and set its receive timeout. 243 */ 244 if ((error = socreate(AF_INET, &so, SOCK_DGRAM, 0, l, NULL))) 245 return error; 246 247 if ((error = nfs_boot_setrecvtimo(so))) 248 goto out; 249 250 /* 251 * Enable broadcast if necessary. 252 */ 253 if (from_p) { 254 if ((error = nfs_boot_enbroadcast(so))) 255 goto out; 256 } 257 258 /* 259 * Bind the local endpoint to a reserved port, 260 * because some NFS servers refuse requests from 261 * non-reserved (non-privileged) ports. 262 */ 263 tport = IPPORT_RESERVED; 264 do { 265 tport--; 266 error = nfs_boot_sobind_ipport(so, tport, l); 267 } while (error == EADDRINUSE && 268 tport > IPPORT_RESERVED / 2); 269 if (error) { 270 printf("bind failed\n"); 271 goto out; 272 } 273 274 /* 275 * Setup socket address for the server. 276 */ 277 nam = m_get(M_WAIT, MT_SONAME); 278 sin = mtod(nam, struct sockaddr_in *); 279 memcpy((void *)sin, (void *)sa, 280 (nam->m_len = sa->sin_len)); 281 282 /* 283 * Prepend RPC message header. 284 */ 285 mhead = m_gethdr(M_WAIT, MT_DATA); 286 mhead->m_next = *data; 287 call = mtod(mhead, struct rpc_call *); 288 mhead->m_len = sizeof(*call); 289 memset((void *)call, 0, sizeof(*call)); 290 /* rpc_call part */ 291 xid++; 292 call->rp_xid = txdr_unsigned(xid); 293 /* call->rp_direction = 0; */ 294 call->rp_rpcvers = txdr_unsigned(2); 295 call->rp_prog = txdr_unsigned(prog); 296 call->rp_vers = txdr_unsigned(vers); 297 call->rp_proc = txdr_unsigned(func); 298 /* rpc_auth part (auth_unix as root) */ 299 call->rpc_auth.authtype = txdr_unsigned(RPCAUTH_UNIX); 300 call->rpc_auth.authlen = txdr_unsigned(sizeof(struct auth_unix)); 301 /* rpc_verf part (auth_null) */ 302 call->rpc_verf.authtype = 0; 303 call->rpc_verf.authlen = 0; 304 305 /* 306 * Setup packet header 307 */ 308 len = 0; 309 m = mhead; 310 while (m) { 311 len += m->m_len; 312 m = m->m_next; 313 } 314 mhead->m_pkthdr.len = len; 315 mhead->m_pkthdr.rcvif = NULL; 316 317 error = nfs_boot_sendrecv(so, nam, 0, mhead, krpccheck, &m, &from, 318 &xid, l); 319 if (error) 320 goto out; 321 322 /* m_pullup() was done in krpccheck() */ 323 reply = mtod(m, struct rpc_reply *); 324 325 /* Was RPC accepted? (authorization OK) */ 326 if (reply->rp_astatus != 0) { 327 /* Note: This is NOT an error code! */ 328 error = fxdr_unsigned(u_int32_t, reply->rp_rstat); 329 switch (error) { 330 case RPC_MISMATCH: 331 /* .re_status = RPC_VERSMISMATCH; */ 332 error = ERPCMISMATCH; 333 break; 334 case RPC_AUTHERR: 335 /* .re_status = RPC_AUTHERROR; */ 336 error = EAUTH; 337 break; 338 default: 339 /* unexpected */ 340 error = EBADRPC; 341 break; 342 } 343 goto out; 344 } 345 346 /* Did the call succeed? */ 347 if (reply->rp_status != 0) { 348 /* Note: This is NOT an error code! */ 349 error = fxdr_unsigned(u_int32_t, reply->rp_status); 350 switch (error) { 351 case RPC_PROGUNAVAIL: 352 error = EPROGUNAVAIL; 353 break; 354 case RPC_PROGMISMATCH: 355 error = EPROGMISMATCH; 356 break; 357 case RPC_PROCUNAVAIL: 358 error = EPROCUNAVAIL; 359 break; 360 case RPC_GARBAGE: 361 default: 362 error = EBADRPC; 363 } 364 goto out; 365 } 366 367 /* 368 * OK, we have received a good reply! 369 * Get its length, then strip it off. 370 */ 371 len = sizeof(*reply); 372 if (reply->rp_auth.authtype != 0) { 373 len += fxdr_unsigned(u_int32_t, reply->rp_auth.authlen); 374 len = (len + 3) & ~3; /* XXX? */ 375 } 376 m_adj(m, len); 377 378 /* result */ 379 *data = m; 380 if (from_p && error == 0) { 381 *from_p = from; 382 from = NULL; 383 } 384 385 out: 386 if (nam) m_freem(nam); 387 if (mhead) m_freem(mhead); 388 if (from) m_freem(from); 389 soclose(so); 390 return error; 391 } 392 393 /* 394 * eXternal Data Representation routines. 395 * (but with non-standard args...) 396 */ 397 398 /* 399 * String representation for RPC. 400 */ 401 struct xdr_string { 402 u_int32_t len; /* length without null or padding */ 403 char data[4]; /* data (longer, of course) */ 404 /* data is padded to a long-word boundary */ 405 }; 406 407 struct mbuf * 408 xdr_string_encode(char *str, int len) 409 { 410 struct mbuf *m; 411 struct xdr_string *xs; 412 int dlen; /* padded string length */ 413 int mlen; /* message length */ 414 415 dlen = (len + 3) & ~3; 416 mlen = dlen + 4; 417 418 if (mlen > MCLBYTES) /* If too big, we just can't do it. */ 419 return (NULL); 420 421 m = m_get(M_WAIT, MT_DATA); 422 if (mlen > MLEN) { 423 m_clget(m, M_WAIT); 424 if ((m->m_flags & M_EXT) == 0) { 425 (void) m_free(m); /* There can be only one. */ 426 return (NULL); 427 } 428 } 429 xs = mtod(m, struct xdr_string *); 430 m->m_len = mlen; 431 xs->len = txdr_unsigned(len); 432 memcpy(xs->data, str, len); 433 return (m); 434 } 435 436 struct mbuf * 437 xdr_string_decode(struct mbuf *m, char *str, int *len_p) 438 /* len_p: bufsize - 1 */ 439 { 440 struct xdr_string *xs; 441 int mlen; /* message length */ 442 int slen; /* string length */ 443 444 if (m->m_len < 4) { 445 m = m_pullup(m, 4); 446 if (m == NULL) 447 return (NULL); 448 } 449 xs = mtod(m, struct xdr_string *); 450 slen = fxdr_unsigned(u_int32_t, xs->len); 451 mlen = 4 + ((slen + 3) & ~3); 452 453 if (slen > *len_p) 454 slen = *len_p; 455 m_copydata(m, 4, slen, str); 456 m_adj(m, mlen); 457 458 str[slen] = '\0'; 459 *len_p = slen; 460 461 return (m); 462 } 463 464 465 /* 466 * Inet address in RPC messages 467 * (Note, really four ints, NOT chars. Blech.) 468 */ 469 struct xdr_inaddr { 470 u_int32_t atype; 471 u_int32_t addr[4]; 472 }; 473 474 struct mbuf * 475 xdr_inaddr_encode(struct in_addr *ia) 476 /* ia: already in network order */ 477 { 478 struct mbuf *m; 479 struct xdr_inaddr *xi; 480 u_int8_t *cp; 481 u_int32_t *ip; 482 483 m = m_get(M_WAIT, MT_DATA); 484 xi = mtod(m, struct xdr_inaddr *); 485 m->m_len = sizeof(*xi); 486 xi->atype = txdr_unsigned(1); 487 ip = xi->addr; 488 cp = (u_int8_t *)&ia->s_addr; 489 *ip++ = txdr_unsigned(*cp++); 490 *ip++ = txdr_unsigned(*cp++); 491 *ip++ = txdr_unsigned(*cp++); 492 *ip++ = txdr_unsigned(*cp++); 493 494 return (m); 495 } 496 497 struct mbuf * 498 xdr_inaddr_decode(struct mbuf *m, struct in_addr *ia) 499 /* ia: already in network order */ 500 { 501 struct xdr_inaddr *xi; 502 u_int8_t *cp; 503 u_int32_t *ip; 504 505 if (m->m_len < sizeof(*xi)) { 506 m = m_pullup(m, sizeof(*xi)); 507 if (m == NULL) 508 return (NULL); 509 } 510 xi = mtod(m, struct xdr_inaddr *); 511 if (xi->atype != txdr_unsigned(1)) { 512 ia->s_addr = INADDR_ANY; 513 goto out; 514 } 515 ip = xi->addr; 516 cp = (u_int8_t *)&ia->s_addr; 517 *cp++ = fxdr_unsigned(u_int8_t, *ip++); 518 *cp++ = fxdr_unsigned(u_int8_t, *ip++); 519 *cp++ = fxdr_unsigned(u_int8_t, *ip++); 520 *cp++ = fxdr_unsigned(u_int8_t, *ip++); 521 522 out: 523 m_adj(m, sizeof(*xi)); 524 return (m); 525 } 526