clnt_cots.c revision 45916cd2fec6e79bca5dee0421bd39e3c2910d1e
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T
* All Rights Reserved
*/
/*
* Portions of this source code were derived from Berkeley 4.3 BSD
* under license from the Regents of the University of California.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* Implements a kernel based, client side RPC over Connection Oriented
* Transports (COTS).
*/
/*
* Much of this file has been re-written to let NFS work better over slow
* transports. A description follows.
*
* create more than one connection between a client and server. This
* happens because when a connection is made, the end-points entry in the
* linked list of connections (headed by cm_hd), is removed so that other
* threads don't mess with it. Went ahead and bit the bullet by keeping
* the endpoint on the connection list and introducing state bits,
* condition variables etc. to the connection entry data structure (struct
* cm_xprt).
*
* Here is a summary of the changes to cm-xprt:
*
* x_ctime is the timestamp of when the endpoint was last
* connected or disconnected. If an end-point is ever disconnected
* or re-connected, then any outstanding RPC request is presumed
* lost, telling clnt_cots_kcallit that it needs to re-send the
* request, not just wait for the original request's reply to
* arrive.
*
* x_thread flag which tells us if a thread is doing a connection attempt.
*
* x_waitdis flag which tells us we are waiting a disconnect ACK.
*
* x_needdis flag which tells us we need to send a T_DISCONN_REQ
* to kill the connection.
*
* x_needrel flag which tells us we need to send a T_ORDREL_REQ to
* gracefully close the connection.
*
* #defined bitmasks for the all the b_* bits so that more
* efficient (and at times less clumsy) masks can be used to
* manipulated state in cases where multiple bits have to
*
* x_conn_cv and x_dis-_cv are new condition variables to let
* threads knows when the connection attempt is done, and to let
* the connecting thread know when the disconnect handshake is
* done.
*
* Added the CONN_HOLD() macro so that all reference holds have the same
* look and feel.
*
* In the private (cku_private) portion of the client handle,
*
* cku_flags replaces the cku_sent a boolean. cku_flags keeps
* track of whether a request as been sent, and whether the
* client's handles call record is on the dispatch list (so that
* the reply can be matched by XID to the right client handle).
* The idea of CKU_ONQUEUE is that we can exit clnt_cots_kcallit()
* and still have the response find the right client handle so
* that the retry of CLNT_CALL() gets the result. Testing, found
* situations where if the timeout was increased, performance
* degraded. This was due to us hitting a window where the thread
* was back in rfscall() (probably printing server not responding)
* while the response came back but no place to put it.
*
* cku_ctime is just a cache of x_ctime. If they match,
* clnt_cots_kcallit() won't to send a retry (unless the maximum
* receive count limit as been reached). If the don't match, then
* we assume the request has been lost, and a retry of the request
* is needed.
*
* cku_recv_attempts counts the number of receive count attempts
* after one try is sent on the wire.
*
* Added the clnt_delay() routine so that interruptible and
* noninterruptible delays are possible.
*
* CLNT_MIN_TIMEOUT has been bumped to 10 seconds from 3. This is used to
* control how long the client delays before returned after getting
* ECONNREFUSED. At 3 seconds, 8 client threads per mount really does bash
* a server that may be booting and not yet started nfsd.
*
* CLNT_MAXRECV_WITHOUT_RETRY is a new macro (value of 3) (with a tunable)
* Why don't we just wait forever (receive an infinite # of times)?
* Because the server may have rebooted. More insidious is that some
* but it is a reality.
*
* The case of a server doing orderly release really messes up the
* client's recovery, especially if the server's TCP implementation is
* TPI rules, such as not waiting for the acknowledgement of a
* T_DISCON_REQ (hence the added case statements T_ERROR_ACK, T_OK_ACK and
* T_DISCON_REQ in clnt_dispatch_notifyall()).
*
* One of things that we've seen is that a kRPC TCP endpoint goes into
* TIMEWAIT and a thus a reconnect takes a long time to satisfy because
* that the TIMEWAIT state takes a while to finish. If a server sends a
* T_ORDREL_IND, there is little point in an RPC client doing a
* T_ORDREL_REQ, because the RPC request isn't going to make it (the
* server is saying that it won't accept any more data). So kRPC was
* changed to send a T_DISCON_REQ when we get a T_ORDREL_IND. So now the
* connection skips the TIMEWAIT state and goes straight to a bound state
* that kRPC can quickly switch to connected.
*
* Code that issues TPI request must use waitforack() to wait for the
* corresponding ack (assuming there is one) in any future modifications.
* This works around problems that may be introduced by breaking TPI rules
* (by submitting new calls before earlier requests have been acked) in the
* case of a signal or other early return. waitforack() depends on
* clnt_dispatch_notifyconn() to issue the wakeup when the ack
* arrives, so adding new TPI calls may require corresponding changes
* to clnt_dispatch_notifyconn(). Presently, the timeout period is based on
* CLNT_MIN_TIMEOUT which is 10 seconds. If you modify this value, be sure
* not to set it too low or TPI ACKS will be lost.
*/
#include <sys/sysmacros.h>
#include <sys/isa_defs.h>
#define COTS_DEFAULT_ALLOCSIZE 2048
static void clnt_cots_kabort(CLIENT *);
static void clnt_cots_kdestroy(CLIENT *);
/* List of transports managed by the connection manager. */
struct cm_xprt {
int x_tidu_size; /* TIDU size of this transport */
union {
struct {
unsigned int
#ifdef _BIT_FIELDS_HTOL
/* disconnect during connect */
b_pad: 22;
#endif
#ifdef _BIT_FIELDS_LTOH
b_pad: 22,
/* disconnect during connect */
#endif
#define X_CLOSING 0x80000000
#define X_DEAD 0x40000000
#define X_DOOMED 0x20000000
#define X_CONNECTED 0x10000000
#define X_ORDREL 0x08000000
#define X_THREAD 0x04000000
#define X_WAITDIS 0x02000000
#define X_NEEDDIS 0x01000000
#define X_NEEDREL 0x00800000
#define X_EARLYDISC 0x00400000
} x_state;
int x_ref; /* number of users of this xprt */
int x_family; /* address family of transport */
/* is complete */
/* is complete */
};
typedef struct cm_kstat_xprt {
static cm_kstat_xprt_t cm_kstat_template = {
{ "write_queue", KSTAT_DATA_UINT32 },
{ "server", KSTAT_DATA_STRING },
{ "addr_family", KSTAT_DATA_UINT32 },
{ "device", KSTAT_DATA_UINT32 },
{ "time_stamp", KSTAT_DATA_UINT32 },
{ "status", KSTAT_DATA_UINT32 },
{ "ref_count", KSTAT_DATA_INT32 },
{ "port", KSTAT_DATA_UINT32 },
};
/*
* The inverse of this is connmgr_release().
*/
}
/*
* Private data per rpc handle. This structure is allocated by
* clnt_cots_kcreate, and freed by clnt_cots_kdestroy.
*/
typedef struct cku_private_s {
int cku_addrfmly; /* for binding port */
#define CKU_ONQUEUE 0x1
#define CKU_SENT 0x2
/* connection was created */
/* pre-serialized rpc header */
/* for CLSET_NODELAYONERR */
int cku_useresvport; /* Use reserved port */
static void connmgr_sndrel(struct cm_xprt *);
static void connmgr_snddis(struct cm_xprt *);
static void connmgr_close(struct cm_xprt *);
static void connmgr_release(struct cm_xprt *);
cku_private_t *);
bool_t, int);
static void connmgr_cancelconn(struct cm_xprt *);
bool_t);
static void connmgr_dis_and_wait(struct cm_xprt *);
uint_t);
/*
*/
clnt_cots_kcallit, /* do rpc call */
clnt_cots_kabort, /* abort call */
clnt_cots_kerror, /* return error status */
clnt_cots_kfreeres, /* free results */
clnt_cots_kdestroy, /* destroy rpc handle */
clnt_cots_kcontrol, /* the ioctl() of rpc */
clnt_cots_ksettimers, /* set retry timers */
};
static int rpc_kstat_instance = 0; /* keeps the current instance */
/* number for the next kstat_create */
extern kmutex_t clnt_max_msg_lock;
extern kmutex_t clnt_pending_lock;
static int clnt_cots_hash_size = DEFAULT_HASH_SIZE;
static call_table_t *cots_call_ht;
static const struct rpc_cots_client {
} cots_rcstat_tmpl = {
{ "calls", KSTAT_DATA_UINT64 },
{ "badcalls", KSTAT_DATA_UINT64 },
{ "badxids", KSTAT_DATA_UINT64 },
{ "timeouts", KSTAT_DATA_UINT64 },
{ "newcreds", KSTAT_DATA_UINT64 },
{ "badverfs", KSTAT_DATA_UINT64 },
{ "timers", KSTAT_DATA_UINT64 },
{ "cantconn", KSTAT_DATA_UINT64 },
{ "nomem", KSTAT_DATA_UINT64 },
{ "interrupts", KSTAT_DATA_UINT64 }
};
#define COTSRCSTAT_INCR(p, x) \
static int clnt_max_conns = CLNT_MAX_CONNS;
/* connection reset */
static int clnt_cots_min_tout = CLNT_MIN_TIMEOUT;
static int clnt_cots_min_conntout = CLNT_MIN_CONNTIMEOUT;
/*
* Limit the number of times we will attempt to receive a reply without
* re-sending a response.
*/
#define CLNT_MAXRECV_WITHOUT_RETRY 3
#define ptoh(p) (&((p)->cku_client))
/*
* Times to retry
*/
/*
* The following is used to determine the global default behavior for
* COTS when binding to a local port.
*
* If the value is set to 1 the default will be to select a reserved
* (aka privileged) port, if the value is zero the default will be to
* use non-reserved ports. Users of kRPC may override this by using
* CLNT_CONTROL() and CLSET_BINDRESVPORT.
*/
static int clnt_cots_do_bindresvport = 1;
static zone_key_t zone_cots_key;
/*
* We need to do this after all kernel threads in the zone have exited.
*/
/* ARGSUSED */
static void
{
} else {
}
}
}
}
int
{
CLIENT *h;
cku_private_t *p;
/* Allocate and intialize the client handle. */
p = kmem_zalloc(sizeof (*p), KM_SLEEP);
h = ptoh(p);
h->cl_private = (caddr_t)p;
h->cl_auth = authkern_create();
/*
* If the current sanity check size in rpcmod is smaller
* than the size needed, then increase the sanity check.
*/
if (max_msgsize > *clnt_max_msg_sizep)
}
/* Preserialize the call message header */
"error\n");
auth_destroy(h->cl_auth);
kmem_free(p, sizeof (cku_private_t));
return (EINVAL); /* XXX */
}
/*
* The zalloc initialized the fields below.
* p->cku_xid = 0;
* p->cku_flags = 0;
* p->cku_srcaddr.len = 0;
* p->cku_srcaddr.maxlen = 0;
*/
p->cku_device = dev;
p->cku_addrfmly = family;
*ncl = h;
return (0);
}
/*ARGSUSED*/
static void
{
}
/*
* Return error info on this handle.
*/
static void
{
/* LINTED pointer alignment */
cku_private_t *p = htop(h);
}
static bool_t
{
/* LINTED pointer alignment */
cku_private_t *p = htop(h);
xdrs = &(p->cku_outxdr);
}
static bool_t
{
cku_private_t *p = htop(h);
switch (cmd) {
case CLSET_PROGRESS:
p->cku_progress = TRUE;
return (TRUE);
case CLSET_XID:
return (FALSE);
return (TRUE);
case CLGET_XID:
return (FALSE);
return (TRUE);
case CLSET_NODELAYONERR:
return (FALSE);
p->cku_nodelayonerr = TRUE;
return (TRUE);
}
p->cku_nodelayonerr = FALSE;
return (TRUE);
}
return (FALSE);
case CLGET_NODELAYONERR:
return (FALSE);
return (TRUE);
case CLSET_BINDRESVPORT:
return (FALSE);
return (FALSE);
p->cku_useresvport = *(int *)arg;
return (TRUE);
case CLGET_BINDRESVPORT:
return (FALSE);
*(int *)arg = p->cku_useresvport;
return (TRUE);
default:
return (FALSE);
}
}
/*
* Destroy rpc handle. Frees the space used for output buffer,
* private data, and handle structure.
*/
static void
{
/* LINTED pointer alignment */
cku_private_t *p = htop(h);
if (p->cku_flags & CKU_ONQUEUE) {
"from dispatch list\n", p->cku_xid);
}
if (call->call_reply)
kmem_free(p, sizeof (*p));
}
static int clnt_cots_pulls;
/*
* Call remote procedure.
*/
static enum clnt_stat
{
/* LINTED pointer alignment */
cku_private_t *p = htop(h);
#ifdef RPCDEBUG
#endif
int len;
int mpsize;
int interrupted;
int tidu_size;
/*
* Bug ID 1240234:
* Look out for zero length timeouts. We don't want to
* wait zero seconds for a connection to be established.
*/
} else {
}
if (cm_entry) {
}
/*
* If the call is not a retry, allocate a new xid and cache it
* for future retries.
* Bug ID 1246045:
* Treat call as a retry for purposes of binding the source
* port only if we actually attempted to send anything on
* the previous call.
*/
if (p->cku_xid == 0) {
/*
* We need to ASSERT here that our xid != 0 because this
* determines whether or not our call record gets placed on
* the hash table or the linked list. By design, we mandate
* that RPC calls over cots must have xid's != 0, so we can
* ensure proper management of the hash table.
*/
if (p->cku_flags & CKU_ONQUEUE) {
" one (%p)\n", (void *)call);
p->cku_flags &= ~CKU_ONQUEUE;
"dispatch list because xid was zero (now 0x%x)\n",
p->cku_xid);
}
}
retryaddr = &p->cku_srcaddr;
} else {
/*
* Bug ID 1246045: Nothing was sent, so set retryaddr to
* NULL and let connmgr_get() bind to any source port it
* can get.
*/
}
/*
* The reasons why we fail to create a connection are
* varied. In most cases we don't want the caller to
* immediately retry. This could have one or more
* bad effects. This includes flooding the net with
* connect requests to ports with no listener; a hard
* kernel loop due to all the "reserved" TCP ports being
* in use.
*/
delay_first = TRUE;
/*
* Even if we end up returning EINTR, we still count a
* a "can't connect", because the connection manager
* might have been committed to waiting for or timing out on
* a connection.
*/
case RPC_INTR:
/*
* No need to delay because a UNIX signal(2)
* interrupted us. The caller likely won't
* retry the CLNT_CALL() and even if it does,
* we assume the caller knows what it is doing.
*/
delay_first = FALSE;
break;
case RPC_TIMEDOUT:
/*
* No need to delay because timed out already
* on the connection request and assume that the
* transport time out is longer than our minimum
* timeout, or least not too much smaller.
*/
delay_first = FALSE;
break;
case RPC_SYSTEMERROR:
case RPC_TLIERROR:
/*
* We want to delay here because a transient
* system error has a better chance of going away
* if we delay a bit. If it's not transient, then
* we don't want end up in a hard kernel loop
* due to retries.
*/
break;
case RPC_CANTCONNECT:
/*
* RPC_CANTCONNECT is set on T_ERROR_ACK which
* implies some error down in the TCP layer or
* below. If cku_nodelayonerror is set then we
* assume the caller knows not to try too hard.
*/
if (p->cku_nodelayonerr == TRUE)
delay_first = FALSE;
break;
case RPC_XPRTFAILED:
/*
* We want to delay here because we likely
* got a refused connection.
*/
break;
/* fall thru */
default:
/*
* We delay here because it is better to err
* on the side of caution. If we got here then
* status could have been RPC_SUCCESS, but we
* know that we did not get a connection, so
* force the rpc status to RPC_CANTCONNECT.
*/
break;
}
if (delay_first == TRUE)
goto cots_done;
}
/*
* If we've never sent any request on this connection (send count
* is zero, or the connection has been reset), cache the
* the connection's create time and send a request (possibly a retry)
*/
p->cku_recv_attempts < clnt_cots_maxrecv)) {
/*
* If we've sent a request and our call is on the dispatch
* queue and we haven't made too many receive attempts, then
* don't re-send, just receive.
*/
p->cku_recv_attempts++;
goto read_again;
}
/*
* Now we create the RPC request in a STREAMS message. We have to do
* this after the call to connmgr_get so that we have the correct
* TIDU size for the transport.
*/
goto cots_done;
}
}
xdrs = &p->cku_outxdr;
/*
* If the size of mblk is not appreciably larger than what we
* asked, then resize the mblk to exactly len bytes. The reason for
* this: suppose len is 1600 bytes, the tidu is 1460 bytes
* (from TCP over ethernet), and the arguments to the RPC require
* 2800 bytes. Ideally we want the protocol to render two
* ~1400 byte segments over the wire. However if allocb() gives us a 2k
* mblk, and we allocate a second mblk for the remainder, the protocol
* module may generate 3 segments over the wire:
* 1460 bytes for the first, 448 (2048 - 1600) for the second, and
* 892 for the third. If we "waste" 448 bytes in the first mblk,
* the XDR encoding will generate two ~1400 byte mblks, and the
* protocol module is more likely to produce properly sized segments.
*/
/*
* Adjust b_rptr to reserve space for the non-data protocol headers
* any downstream modules might like to add, and for the
* record marking header.
*/
/* Copy in the preserialized RPC header information. */
/* Use XDR_SETPOS() to set the b_wptr to past the RPC header. */
/* Serialize the procedure number and the arguments. */
goto cots_done;
}
} else {
/* Use XDR_SETPOS() to set the b_wptr. */
/* Serialize the procedure number and the arguments. */
goto cots_done;
}
}
(p->cku_flags & CKU_ONQUEUE));
p->cku_recv_attempts = 1;
#ifdef RPCDEBUG
#endif
/*
* Wait for a reply or a timeout. If there is no error or timeout,
* (both indicated by call_status), call->call_reply will contain
* the RPC reply message.
*/
interrupted = 0;
/*
* Indicate that the lwp is not to be stopped while waiting
* for this network traffic. This is to avoid deadlock while
* debugging a process via /proc and also to avoid recursive
* mutex_enter()s due to NFS page faults while stopping
* (NFS holds locks when it calls here).
*/
lwp->lwp_nostop++;
/*
* Iterate until the call_status is changed to something
* other that RPC_TIMEDOUT, or if cv_timedwait_sig() returns
* something <=0 zero. The latter means that we timed
* out.
*/
if (h->cl_nosignal)
else
while ((cv_wait_ret = cv_timedwait_sig(
switch (cv_wait_ret) {
case 0:
/*
* If we got out of the above loop with
* cv_timedwait_sig() returning 0, then we were
* interrupted regardless what call_status is.
*/
interrupted = 1;
break;
case -1:
/* cv_timedwait_sig() timed out */
break;
default:
/*
* We were cv_signaled(). If we didn't
* get a successful call_status and returned
* before time expired, delay up to clnt_cots_min_tout
* seconds so that the caller doesn't immediately
* try to call us again and thus force the
* same condition that got us here (such
* as a RPC_XPRTFAILED due to the server not
* listening on the end-point.
*/
curlbolt = ddi_get_lbolt();
drv_usectohz(1000000);
delay_first = TRUE;
if (diff > 0)
}
}
break;
}
lwp->lwp_nostop--;
}
/*
* Get the reply message, if any. This will be freed at the end
* whether or not an error occurred.
*/
/*
* call_err is the error info when the call is on dispatch queue.
* cku_err is the error info returned to the caller.
* Sync cku_err with call_err for local message processing.
*/
if (status != RPC_SUCCESS) {
switch (status) {
case RPC_TIMEDOUT:
if (interrupted) {
p->cku_xid);
} else {
lbolt);
}
break;
case RPC_XPRTFAILED:
break;
case RPC_SYSTEMERROR:
break;
default:
break;
}
if (p->cku_flags & CKU_ONQUEUE) {
p->cku_flags &= ~CKU_ONQUEUE;
}
"taken off dispatch list\n", p->cku_xid);
if (call->call_reply) {
}
/*
* We've sent the request over TCP and so we have
* every reason to believe it will get
* delivered. In which case returning a timeout is not
* appropriate.
*/
if (p->cku_progress == TRUE &&
p->cku_recv_attempts < clnt_cots_maxrecv) {
}
}
goto cots_done;
}
/*
* xdr_results will be done in AUTH_UNWRAP.
*/
if (re_status == RPC_SUCCESS) {
/*
* Reply is good, check auth.
*/
if (!AUTH_VALIDATE(h->cl_auth,
"failure\n");
goto read_again;
xdr_results, resultsp)) {
"failure (unwrap)\n");
}
} else {
/* set errno in case we can't recover */
if (re_status != RPC_VERSMISMATCH &&
re_status != RPC_AUTHERROR &&
if (re_status == RPC_AUTHERROR) {
/*
* Maybe our credential need to be refreshed
*/
if (cm_entry) {
/*
* There is the potential that the
* so drop the connection altogether,
* force REFRESH to establish new
* connection.
*/
}
if ((refreshes > 0) &&
p->cku_cred)) {
refreshes--;
(void) xdr_rpc_free_verifier(xdrs,
&reply_msg);
if (p->cku_flags & CKU_ONQUEUE) {
p->cku_flags &= ~CKU_ONQUEUE;
}
RPCLOG(64,
"clnt_cots_kcallit: AUTH_ERROR, xid"
" 0x%x removed off dispatch list\n",
p->cku_xid);
if (call->call_reply) {
}
goto call_again;
}
/*
* We have used the client handle to
* do an AUTH_REFRESH and the RPC status may
* be set to RPC_SUCCESS; Let's make sure to
* set it to RPC_AUTHERROR.
*/
/*
* Map recoverable and unrecoverable
* authentication errors to appropriate errno
*/
case AUTH_TOOWEAK:
/*
* This could be a failure where the
* server requires use of a reserved
* port, check and optionally set the
* client handle useresvport trying
* one more time. Next go round we
* fall out with the tooweak error.
*/
if (p->cku_useresvport != 1) {
p->cku_useresvport = 1;
p->cku_xid = 0;
(void) xdr_rpc_free_verifier
goto call_again;
}
/* FALLTHRU */
case AUTH_BADCRED:
case AUTH_BADVERF:
case AUTH_INVALIDRESP:
case AUTH_FAILED:
case RPCSEC_GSS_NOCRED:
case RPCSEC_GSS_FAILED:
break;
case AUTH_REJECTEDCRED:
case AUTH_REJECTEDVERF:
break;
}
" failed with RPC_AUTHERROR of type %d\n",
}
}
} else {
/* reply didn't decode properly. */
}
if (p->cku_flags & CKU_ONQUEUE) {
p->cku_flags &= ~CKU_ONQUEUE;
}
p->cku_xid);
if (cm_entry)
}
}
/*
* No point in delaying if the zone is going away.
*/
if (delay_first == TRUE &&
}
}
}
/*
* Kinit routine for cots. This sets up the correct operations in
* the client handle, as the handle may have previously been a clts
* handle, and clears the xid field so there is no way a new call
* could be mistaken for a retry. It also sets in the handle the
* call time, as cots creates the transport at call time - device,
* address of the server, protocol family.
*/
void
{
/* LINTED pointer alignment */
cku_private_t *p = htop(h);
if (p->cku_flags & CKU_ONQUEUE) {
p->cku_flags &= ~CKU_ONQUEUE;
" dispatch list\n", p->cku_xid);
}
}
/*
* We don't clear cku_flags here, because clnt_cots_kcallit()
* takes care of handling the cku_flags reset.
*/
p->cku_xid = 0;
p->cku_device = dev;
p->cku_addrfmly = family;
}
/*
* If the current sanity check size in rpcmod is smaller
* than the size needed, then increase the sanity check.
*/
if (max_msgsize > *clnt_max_msg_sizep)
}
}
/*
* ksettimers is a no-op for cots, with the exception of setting the xid.
*/
/* ARGSUSED */
static int
{
/* LINTED pointer alignment */
cku_private_t *p = htop(h);
if (xid)
return (0);
}
extern void rpc_poptimod(struct vnode *);
int
{
struct cm_kstat_xprt *cm_ksp_data;
uchar_t *b;
char *fbuf;
if (rw == KSTAT_WRITE)
return (EACCES);
return (EIO);
sizeof (struct sockaddr_in)) {
struct sockaddr_in *sa;
sa = (struct sockaddr_in *)
"%03d.%03d.%03d.%03d", b[0] & 0xFF, b[1] & 0xFF,
b[2] & 0xFF, b[3] & 0xFF);
sizeof (struct sockaddr_in6)) {
/* extract server IP address & port */
struct sockaddr_in6 *sin6;
} else {
struct sockaddr_in *sa;
"%03d.%03d.%03d.%03d", b[0] & 0xFF, b[1] & 0xFF,
b[2] & 0xFF, b[3] & 0xFF);
}
}
return (0);
}
/*
* We want a version of delay which is interruptible by a UNIX signal
* Return EINTR if an interrupt occured.
*/
static int
{
return (0);
}
}
/*
* Wait for a connection until a timeout, or until we are
* signalled that there has been a connection state change.
*/
static enum clnt_stat
{
unsigned int old_state;
/*
* We wait for the transport connection to be made, or an
* indication that it could not be made.
*/
interrupted = FALSE;
/*
* Now loop until cv_timedwait{_sig} returns because of
* a signal(0) or timeout(-1) or cv_signal(>0). But it may be
* cv_signalled for various other reasons too. So loop
* until there is a state change on the connection.
*/
if (nosignal) {
&connmgr_lock, timout)) > 0 &&
;
} else {
&connmgr_lock, timout)) > 0 &&
;
if (cv_stat == 0) /* got intr signal? */
interrupted = TRUE;
}
X_CONNECTED) {
} else {
if (interrupted == TRUE)
}
return (clstat);
}
/*
* Primary interface for how RPC grabs a connection.
*/
static struct cm_xprt *
cku_private_t *p)
{
/*
* Re-map the call status to RPC_INTR if the err code is
* EINTR. This can happen if calls status is RPC_TLIERROR.
* However, don't re-map if signalling has been turned off.
* XXX Really need to create a separate thread whenever
* there isn't an existing connection.
*/
else
}
}
return (cm_entry);
}
/*
* Obtains a transport to the server specified in addr. If a suitable transport
* does not already exist in the list of cached transports, a new connection
* is created, connected, and added to the list. The connection is for sending
* only - the reply message may come back on another transport connection.
*/
static struct cm_xprt *
int addrfmly,
int useresvport)
{
int i;
int retval;
int tidu_size;
/*
* If the call is not a retry, look for a transport entry that
* goes to the server of interest.
*/
i = 0;
/*
* Garbage collect conections that are marked
* for needs disconnect.
*/
/*
* connmgr_lock could have been
* dropped for the disconnect
* processing so start over.
*/
goto use_new_conn;
}
/*
* Garbage collect the dead connections that have
* no threads working on them.
*/
X_DEAD) {
goto use_new_conn;
}
/*
* If the matching entry isn't connected,
* attempt to reconnect it.
*/
/*
* We don't go through trying
* to find the least recently
* used connected because
* connmgr_reconnect() briefly
* dropped the connmgr_lock,
* allowing a window for our
* accounting to be messed up.
* In any case, a re-connected
* connection is as good as
* a LRU connection.
*/
return (connmgr_wrapconnect(cm_entry,
}
i++;
}
}
}
if (i > clnt_max_conns) {
goto use_new_conn;
}
/*
* If we are at the maximum number of connections to
* the server, hand back the least recently used one.
*/
if (i == clnt_max_conns) {
/*
* Copy into the handle the source address of
* the connection, which we will use in case of
* a later retry.
*/
}
(void *)lru_entry);
return (lru_entry);
}
} else {
/*
* This is the retry case (retryaddr != NULL). Retries must
* be sent on the same source port as the original call.
*/
/*
* Walk the list looking for a connection with a source address
* that matches the retry address.
*/
continue;
}
/*
* Sanity check: if the connection with our source
* port is going to some other server, something went
* wrong, as we never delete connections (i.e. release
* ports) unless they have been idle. In this case,
* it is probably better to send the call out using
* a new source address than to fail it altogether,
* since that port may never be released.
*/
" is going to a different server"
" with the port that belongs"
goto use_new_conn;
}
/*
* If the connection of interest is not connected and we
* can't reconnect it, then the server is probably
* still down. Return NULL to the caller and let it
* retry later if it wants to. We have a delay so the
* machine doesn't go into a tight retry loop. If the
* entry was already connected, or the reconnected was
* successful, return this entry.
*/
return (connmgr_wrapconnect(cm_entry,
} else {
"transport %p for retry\n",
(void *)cm_entry);
return (cm_entry);
}
}
/*
* We cannot find an entry in the list for this retry.
* Either the entry has been removed temporarily to be
* reconnected by another thread, or the original call
* got a port but never got connected,
* and hence the transport never got put in the
* list. Fall through to the "create new connection" code -
* the former case will fail there trying to rebind the port,
* and the later case (and any other pathological cases) will
* rebind and reconnect and not hang the client machine.
*/
}
/*
* Set up a transport entry in the connection manager's list.
*/
/*
* Note that we add this partially initialized entry to the
* connection list. This is so that we don't have connections to
* the same server.
*
* Note that x_src is not initialized at this point. This is because
* retryaddr might be NULL in which case x_src is whatever
* t_kbind/bindresvport gives us. If another thread wants a
* connection to the same server, seemingly we have an issue, but we
* don't. If the other thread comes in with retryaddr == NULL, then it
* will never look at x_src, and it will end up waiting in
* connmgr_cwait() for the first thread to finish the connection
* attempt. If the other thread comes in with retryaddr != NULL, then
* that means there was a request sent on a connection, in which case
* the the connection should already exist. Thus the first thread
* never gets here ... it finds the connection it its server in the
* connection list.
*
* But even if theory is wrong, in the retryaddr != NULL case, the 2nd
* thread will skip us because x_src.len == 0.
*/
/*
* Either we didn't find an entry to the server of interest, or we
* don't have the maximum number of connections to that server -
* create a new connection.
*/
if (i) {
return (NULL);
}
return (NULL);
}
"module, %d\n", i);
return (NULL);
}
return (NULL);
}
/*
* If the caller has not specified reserved port usage then
* take the system default.
*/
if (useresvport == -1)
}
"%p\n", (void *)retryaddr);
/*
* 1225408: If we allocated a source address, then it
* is either garbage or all zeroes. In that case
* we need to clear srcaddr.
*/
}
return (NULL);
}
} else {
return (NULL);
}
}
{
/*
* Keep the kernel stack lean. Don't move this call
* declaration to the top of this function because a
* call is declared in connmgr_wrapconnect()
*/
/*
* This is a bound end-point so don't close it's stream.
*/
nosignal);
}
/*
* Set up a transport entry in the connection manager's list.
*/
else
if (cm_entry->x_early_disc)
else
/*
* There could be a discrepancy here such that
* x_early_disc is TRUE yet connected is TRUE as well
* and the connection is actually connected. In that case
* lets be conservative and declare the connection as not
* connected.
*/
/*
* Notify any threads waiting that the connection attempt is done.
*/
return (NULL);
}
return (cm_entry);
}
/*
* Keep the cm_xprt entry on the connecton list when making a connection. This
* is to prevent multiple connections to a slow server from appearing.
* We use the bit field x_thread to tell if a thread is doing a connection
* which keeps other interested threads from messing with connection.
* Those other threads just wait if x_thread is set.
*
* If x_thread is not set, then we do the actual work of connecting via
* connmgr_connect().
*
* mutex convention: called with connmgr_lock held, returns with it released.
*/
static struct cm_xprt *
int addrfmly,
{
/*
* Hold this entry as we are about to drop connmgr_lock.
*/
/*
* If there is a thread already making a connection for us, then
* wait for it to complete the connection.
*/
return (NULL);
}
} else {
}
/*
* If we need to send a T_DISCON_REQ, send one.
*/
if (cm_entry->x_early_disc)
else
/*
* There could be a discrepancy here such that
* x_early_disc is TRUE yet connected is TRUE as well
* and the connection is actually connected. In that case
* lets be conservative and declare the connection as not
* connected.
*/
/*
* connmgr_connect() may have given up before the connection
* actually timed out. So ensure that before the next
* connection attempt we do a disconnect.
*/
return (NULL);
}
}
/*
* Copy into the handle the
* source address of the
* connection, which we will use
* in case of a later retry.
*/
KM_SLEEP);
}
}
return (cm_entry);
}
/*
* If we need to send a T_DISCON_REQ, send one.
*/
static void
{
for (;;) {
"T_DISCON_REQ for connection 0x%p\n",
(void *)cm_entry);
}
"T_DISCON_REQ's ACK for connection %p\n",
(void *)cm_entry);
curlbolt = ddi_get_lbolt();
/*
* The TPI spec says that the T_DISCON_REQ
* will get acknowledged, but in practice
* the ACK may never get sent. So don't
* block forever.
*/
&connmgr_lock, timout);
}
/*
* If we got the ACK, break. If we didn't,
* then send another T_DISCON_REQ.
*/
break;
} else {
"not get T_DISCON_REQ's ACK for "
"connection %p\n", (void *)cm_entry);
}
}
}
static void
{
/*
* Mark the connection table entry as dead; the next thread that
* goes through connmgr_release() will notice this and deal with it.
*/
/*
* Notify any threads waiting for the connection that it isn't
* going to happen.
*/
}
static void
{
/*
* Must be a noninterruptible wait.
*/
}
/*
* Must free the buffer we allocated for the
* server address in the update function
*/
}
}
/*
* Called by KRPC after sending the call message to release the connection
* it was using.
*/
static void
{
}
/*
* Given an open stream, connect to the remote. Returns true if connected,
* false otherwise.
*/
static bool_t
int addrfmly,
calllist_t *e,
int *tidu_ptr,
{
struct T_conn_req *tcr;
struct T_info_ack *tinfo;
int interrupted, error;
int tidu_size, kstat_instance;
/* if it's a reconnect, flush any lingering data messages */
if (reconnect)
/*
* This is unfortunate, but we need to look up the stats for
* this zone to increment the "memory allocation failed"
* counter. curproc->p_zone is safe since we're initiating a
* connection and not in some strange streams context.
*/
"sending conn request\n");
e->call_status = RPC_SYSTEMERROR;
e->call_reason = ENOSR;
return (FALSE);
}
"%p", (void *)wq);
/*
* We use the entry in the handle that is normally used for
* waiting for RPC replies to wait for the connection accept.
*/
/*
* We wait for the transport connection to be made, or an
* indication that it could not be made.
*/
interrupted = 0;
/*
* waitforack should have been called with T_OK_ACK, but the
* present implementation needs to be passed T_INFO_ACK to
* work correctly.
*/
interrupted = 1;
/*
* No time to lose; we essentially have been signaled to
* quit.
*/
interrupted = 1;
}
#ifdef RPCDEBUG
"on connection attempt; "
"clnt_dispatch notifyconn "
"diagnostic 'no one waiting for "
"connection' should not be "
"unexpected\n");
#endif
if (e->call_prev)
else
clnt_pending = e->call_next;
if (e->call_next)
if (interrupted)
e->call_status = RPC_INTR;
e->call_status = RPC_TIMEDOUT;
e->call_status = RPC_SYSTEMERROR;
if (e->call_reply) {
freemsg(e->call_reply);
e->call_reply = NULL;
}
return (FALSE);
}
/*
* The result of the "connection accept" is a T_info_ack
* in the call_reply field.
*/
mp = e->call_reply;
e->call_reply = NULL;
/*
* Set up the pertinent options. NODELAY is so the transport doesn't
* buffer up RPC messages on either end. This may not be valid for
* all transports. Failure to set this option is not cause to
* bail out so we return success anyway. Note that lack of NODELAY
* or some other way to flush the message on both ends will cause
* lots of retries and terrible performance.
*/
if (e->call_status == RPC_XPRTFAILED)
return (FALSE);
}
/*
* Since we have a connection, we now need to figure out if
* we need to create a kstat. If x_ksp is not NULL then we
* are reusing a connection and so we do not need to create
* another kstat -- lets just return.
*/
return (TRUE);
/*
* We need to increment rpc_kstat_instance atomically to prevent
* two kstats being created with the same instance.
*/
return (TRUE);
}
+ sizeof (cm_kstat_template));
KM_SLEEP);
return (TRUE);
}
/*
* Called by connmgr_connect to set an option on the new stream.
*/
static bool_t
{
struct T_optmgmt_req *tor;
int error;
sizeof (int), BPRI_LO);
"request\n");
return (FALSE);
}
sizeof (int);
/*
* We will use this connection regardless
* of whether or not the option is settable.
*/
if (e->call_prev)
else
clnt_pending = e->call_next;
if (e->call_next)
if (e->call_reply != NULL) {
freemsg(e->call_reply);
e->call_reply = NULL;
}
return (FALSE);
}
return (TRUE);
}
#ifdef DEBUG
/*
* This is a knob to let us force code coverage in allocation failure
* case.
*/
static int connmgr_failsnd;
#else
#endif
/*
* Sends an orderly release on the specified queue.
* Entered with connmgr_lock. Exited without connmgr_lock
*/
static void
{
struct T_ordrel_req *torr;
"to queue %p\n", (void *)q);
return;
}
}
/*
* Sends an disconnect on the specified queue.
* Entered with connmgr_lock. Exited without connmgr_lock
*/
static void
{
struct T_discon_req *tdis;
"to queue %p\n", (void *)q);
return;
}
}
/*
* Sets up the entry for receiving replies, and calls rpcmod's write put proc
* (through put) to send the call.
*/
static void
{
e->call_reason = 0;
e->call_wq = q;
e->call_notified = FALSE;
/*
* If queue_flag is set then the calllist_t is already on the hash
* queue. In this case just send the message and return.
*/
if (queue_flag) {
return;
}
/*
* Set up calls for RPC requests (with XID != 0) on the hash
* queue for fast lookups and place other calls (i.e.
* connection management) on the linked list.
*/
if (xid != 0) {
"dispatch list\n", xid);
call_table_enter(e);
} else {
if (clnt_pending)
clnt_pending->call_prev = e;
e->call_next = clnt_pending;
clnt_pending = e;
}
}
/*
* Called by rpcmod to notify a client with a clnt_pending call that its reply
* has arrived. If we can't find a client waiting for this reply, we log
* the error and return.
*/
{
calllist_t *e = NULL;
else {
int i = 0;
unsigned char *p = (unsigned char *)&xid;
unsigned char *rptr;
/*
* Copy the xid, byte-by-byte into xid.
*/
while (tmp) {
*p++ = *rptr++;
if (++i >= sizeof (xid))
goto done_xid_copy;
}
}
/*
* If we got here, we ran out of mblk space before the
* xid could be copied.
*/
RPCLOG0(1,
"clnt_dispatch_notify: message less than size of xid\n");
return (FALSE);
}
/* call_table_find returns with the hash bucket locked */
if (e != NULL) {
/*
* Found thread waiting for this reply
*/
mutex_enter(&e->call_lock);
if (e->call_reply)
/*
* This can happen under the following scenario:
* clnt_cots_kcallit() times out on the response,
* rfscall() repeats the CLNT_CALL() with
* the same xid, clnt_cots_kcallit() sends the retry,
* thereby putting the clnt handle on the pending list,
* the first response arrives, signalling the thread
* in clnt_cots_kcallit(). Before that thread is
* dispatched, the second response arrives as well,
* and clnt_dispatch_notify still finds the handle on
* the pending list, with call_reply set. So free the
* old reply now.
*
* It is also possible for a response intended for
* an RPC call with a different xid to reside here.
* This can happen if the thread that owned this
* client handle prior to the current owner bailed
* out and left its call record on the dispatch
* queue. A window exists where the response can
* arrive before the current owner dispatches its
* RPC call.
*
* In any case, this is the very last point where we
* can safely check the call_reply field before
* placing the new response there.
*/
freemsg(e->call_reply);
e->call_reply = mp;
e->call_status = RPC_SUCCESS;
e->call_notified = TRUE;
mutex_exit(&e->call_lock);
return (TRUE);
} else {
xid);
/*
* This is unfortunate, but we need to lookup the zone so we
* can increment its "rcbadxids" counter.
*/
/*
* The zone went away...
*/
return (FALSE);
}
/*
* Not interested
*/
return (FALSE);
}
}
return (FALSE);
}
/*
* Called by rpcmod when a non-data indication arrives. The ones in which we
* are interested are connection indications and options acks. We dispatch
* based on the queue the indication came in on. If we are not interested in
* what came in, we return false to rpcmod, who will then pass it upstream.
*/
{
calllist_t *e;
int type;
if (e == NULL) {
"for connection on queue 0x%p\n", (void *)q);
return (FALSE);
}
if (e->call_wq == q)
break;
}
switch (type) {
case T_CONN_CON:
/*
* The transport is now connected, send a T_INFO_REQ to get
* the tidu size.
*/
sizeof (struct T_info_req));
return (TRUE);
case T_INFO_ACK:
case T_OPTMGMT_ACK:
e->call_status = RPC_SUCCESS;
e->call_reply = mp;
e->call_notified = TRUE;
break;
case T_ERROR_ACK:
e->call_status = RPC_CANTCONNECT;
e->call_reply = mp;
e->call_notified = TRUE;
break;
case T_OK_ACK:
/*
* Great, but we are really waiting for a T_CONN_CON
*/
break;
default:
return (FALSE);
}
return (TRUE);
}
/*
* Called by rpcmod when the transport is (or should be) going away. Informs
* all callers waiting for replies and marks the entry in the connection
* manager's list as unconnected, and either closing (close handshake in
* progress) or dead.
*/
void
{
calllist_t *e;
int have_connmgr_lock;
int i;
/*
* Find the transport entry in the connection manager's list, close
* the transport and delete the entry. In the case where rpcmod's
* idle timer goes off, it sends us a T_ORDREL_REQ, indicating we
* should gracefully close the connection.
*/
have_connmgr_lock = 1;
switch (msg_type) {
case T_ORDREL_REQ:
"connection: %p\n",
(void *)cm_entry);
if (clnt_stop_idle != NULL)
(*clnt_stop_idle)(q);
break;
}
/*
* Only mark the connection as dead if it is
* connected and idle.
* An unconnected connection has probably
* gone idle because the server is down,
* and when it comes back up there will be
* retries that need to use that connection.
*/
if (cm_entry->x_connected ||
/*
* The connection is obviously
* wedged due to a bug or problem
* with the transport. Mark it
* as dead. Otherwise we can leak
* connections.
*/
have_connmgr_lock = 0;
if (clnt_stop_idle != NULL)
(*clnt_stop_idle)(q);
break;
}
have_connmgr_lock = 0;
} else {
have_connmgr_lock = 0;
if (clnt_stop_idle != NULL)
(*clnt_stop_idle)(q);
}
} else {
/*
* We don't mark the connection
* as dead, but we turn off the
* idle timer.
*/
have_connmgr_lock = 0;
if (clnt_stop_idle != NULL)
(*clnt_stop_idle)(q);
" ignoring timeout from rpcmod"
" (q %p) because we are not "
" connected\n", (void *)q);
}
break;
case T_ORDREL_IND:
/*
* If this entry is marked closing, then we are
* completing a close handshake, and the
* connection is dead. Otherwise, the server is
* trying to close. Since the server will not
* be sending any more RPC replies, we abort
* the connection, including flushing
* any RPC requests that are in-transit.
*/
have_connmgr_lock = 0;
if (clnt_stop_idle != NULL)
(*clnt_stop_idle)(q);
} else {
/*
* if we're getting a disconnect
* before we've finished our
* connect attempt, mark it for
* later processing
*/
else
have_connmgr_lock = 0;
}
break;
case T_ERROR_ACK:
case T_OK_ACK:
return;
case T_DISCON_REQ:
else
have_connmgr_lock = 0;
break;
case T_DISCON_IND:
default:
/*
* if we're getting a disconnect before
* we've finished our connect attempt,
* mark it for later processing
*/
have_connmgr_lock = 0;
if (clnt_stop_idle != NULL)
(*clnt_stop_idle)(q);
} else {
} else {
}
}
break;
}
break;
}
}
if (have_connmgr_lock)
"connmgr entry for discon ack\n", (void *)q);
return;
}
/*
* Then kick all the clnt_pending calls out of their wait. There
* should be no clnt_pending calls in the case of rpcmod's idle
* timer firing.
*/
for (i = 0; i < clnt_cots_hash_size; i++) {
ctp = &cots_call_ht[i];
for (e = ctp->ct_call_next;
e != (calllist_t *)ctp;
e = e->call_next) {
RPCLOG(1,
"clnt_dispatch_notifyall for queue %p ",
(void *)q);
(void *)e);
if (msg_type == T_DISCON_IND)
e->call_reason = reason;
e->call_notified = TRUE;
e->call_status = RPC_XPRTFAILED;
}
}
}
for (e = clnt_pending; e; e = e->call_next) {
/*
* Only signal those RPC handles that haven't been
* signalled yet. Otherwise we can get a bogus call_reason.
* This can happen if thread A is making a call over a
* connection. If the server is killed, it will cause
* reset, and reason will default to EIO as a result of
* a T_ORDREL_IND. Thread B then attempts to recreate
* the connection but gets a T_DISCON_IND. If we set the
* call_reason code for all threads, then if thread A
* hasn't been dispatched yet, it will get the wrong
* reason. The bogus call_reason can make it harder to
* discriminate between calls that fail because the
* connection attempt failed versus those where the call
* may have been executed on the server.
*/
(void *)q);
(void *)e);
if (msg_type == T_DISCON_IND)
e->call_reason = reason;
e->call_notified = TRUE;
/*
* Let the caller timeout, else he will retry
* immediately.
*/
e->call_status = RPC_XPRTFAILED;
/*
* We used to just signal those threads
* waiting for a connection, (call_xid = 0).
* That meant that threads waiting for a response
* waited till their timeout expired. This
* could be a long time if they've specified a
* maximum timeout. (2^31 - 1). So we
* Signal all threads now.
*/
}
}
}
/*ARGSUSED*/
/*
* after resuming a system that's been suspended for longer than the
* NFS server's idle timeout (svc_idle_timeout for Solaris 2), rfscall()
* generates "NFS server X not responding" and "NFS server X ok" messages;
* here we reset inet connections to cause a re-connect and avoid those
* NFS messages. see 4045054
*/
{
if (code == CB_CODE_CPR_CHKPT)
return (B_TRUE);
if (mutex_tryenter(&connmgr_lock) == 0)
return (B_FALSE);
else
}
}
return (B_TRUE);
}
void
{
sizeof (cots_rcstat_tmpl));
}
void
{
}
void
clnt_cots_init(void)
{
}
void
clnt_cots_fini(void)
{
(void) zone_key_delete(zone_cots_key);
}
/*
* Wait for TPI ack, returns success only if expected ack is received
* within timeout period.
*/
static int
{
union T_primitives *tpr;
int cv_stat = 1;
while (e->call_reply == NULL) {
if (nosignal)
else
} else {
if (nosignal)
else
}
if (cv_stat == -1)
return (ETIME);
if (cv_stat == 0)
return (EINTR);
}
return (0); /* Success */
else
}
return (EPROTO); /* unknown or unexpected primitive */
}