| blob | eda5e9a6e44d9f5c62c869b9e588e3269cd8363a |
1 /* $NetBSD: lock_proc.c,v 1.8 2007/11/04 19:59:54 tron Exp $ */
3 /*
4 * Copyright (c) 1995
5 * A.R. Gordon (andrew.gordon@net-tel.co.uk). All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed for the FreeBSD project
18 * 4. Neither the name of the author nor the names of any co-contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY ANDREW GORDON AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 */
36 #include <sys/cdefs.h>
37 #ifndef lint
39 #endif
41 #include <sys/param.h>
42 #include <sys/socket.h>
44 #include <netinet/in.h>
45 #include <arpa/inet.h>
47 #include <netdb.h>
48 #include <stdio.h>
49 #include <string.h>
50 #include <syslog.h>
51 #include <netconfig.h>
53 #include <rpc/rpc.h>
54 #include <rpcsvc/sm_inter.h>
57 #include <rpcsvc/nlm_prot.h>
68 /* log_from_addr ----------------------------------------------------------- */
69 /*
70 * Purpose: Log name of function called and source address
71 * Returns: Nothing
72 * Notes: Extracts the source address from the transport handle
73 * passed in as part of the called procedure specification
74 */
75 static void
77 {
87 }
89 /* get_client -------------------------------------------------------------- */
90 /*
91 * Purpose: Get a CLIENT* for making RPC calls to lockd on given host
92 * Returns: CLIENT* pointer, from clnt_udp_create, or NULL if error
93 * Notes: Creating a CLIENT* is quite expensive, involving a
94 * conversation with the remote portmapper to get the
95 * port number. Since a given client is quite likely
96 * to make several locking requests in succession, it is
97 * desirable to cache the created CLIENT*.
98 *
99 * Since we are using UDP rather than TCP, there is no cost
100 * to the remote system in keeping these cached indefinitely.
101 * Unfortunately there is a snag: if the remote system
102 * reboots, the cached portmapper results will be invalid,
103 * and we will never detect this since all of the xxx_msg()
104 * calls return no result - we just fire off a udp packet
105 * and hope for the best.
106 *
107 * We solve this by discarding cached values after two
108 * minutes, regardless of whether they have been used
109 * in the meanwhile (since a bad one might have been used
110 * plenty of times, as the host keeps retrying the request
111 * and we keep sending the reply back to the wrong port).
112 *
113 * Given that the entries will always expire in the order
114 * that they were created, there is no point in a LRU
115 * algorithm for when the cache gets full - entries are
116 * always re-used in sequence.
117 */
123 static int
125 {
145 }
148 }
150 CLIENT *
152 {
162 /*
163 * Search for the given client in the cache, zapping any expired
164 * entries that we happen to notice in passing.
165 */
170 /* Cache entry has expired. */
177 }
180 /* Found it! */
184 }
185 }
187 /* Not found in cache. Free the next entry if it is in use. */
191 }
193 /*
194 * Need a host string for clnt_tp_create. Use NI_NUMERICHOST
195 * to avoid DNS lookups.
196 */
201 }
203 #if 1
206 else
208 #else
211 else
213 #endif
219 }
228 }
230 /* Success - update the cache entry */
238 /*
239 * Disable the default timeout, so we can specify our own in calls
240 * to clnt_call(). (Note that the timeout is a different concept
241 * from the retry period set in clnt_udp_create() above.)
242 */
250 }
253 /* transmit_result --------------------------------------------------------- */
254 /*
255 * Purpose: Transmit result for nlm_xxx_msg pseudo-RPCs
256 * Returns: Nothing - we have no idea if the datagram got there
257 * Notes: clnt_call() will always fail (with timeout) as we are
258 * calling it with timeout 0 as a hack to just issue a datagram
259 * without expecting a result
260 */
261 void
263 {
279 }
280 }
281 /* transmit4_result --------------------------------------------------------- */
282 /*
283 * Purpose: Transmit result for nlm4_xxx_msg pseudo-RPCs
284 * Returns: Nothing - we have no idea if the datagram got there
285 * Notes: clnt_call() will always fail (with timeout) as we are
286 * calling it with timeout 0 as a hack to just issue a datagram
287 * without expecting a result
288 */
289 void
291 {
307 }
308 }
310 /*
311 * converts a struct nlm_lock to struct nlm4_lock
312 */
313 static void
315 {
319 }
321 /* ------------------------------------------------------------------------- */
322 /*
323 * Functions for Unix<->Unix locking (ie. monitored locking, with rpc.statd
324 * involved to ensure reclaim of locks after a crash of the "stateless"
325 * server.
326 *
327 * These all come in two flavours - nlm_xxx() and nlm_xxx_msg().
328 * The first are standard RPCs with argument and result.
329 * The nlm_xxx_msg() calls implement exactly the same functions, but
330 * use two pseudo-RPCs (one in each direction). These calls are NOT
331 * standard use of the RPC protocol in that they do not return a result
332 * at all (NB. this is quite different from returning a void result).
333 * The effect of this is to make the nlm_xxx_msg() calls simple unacknowledged
334 * datagrams, requiring higher-level code to perform retries.
335 *
336 * Despite the disadvantages of the nlm_xxx_msg() approach (some of which
337 * are documented in the comments to get_client() above), this is the
338 * interface used by all current commercial NFS implementations
339 * [Solaris, SCO, AIX etc.]. This is presumed to be because these allow
340 * implementations to continue using the standard RPC libraries, while
341 * avoiding the block-until-result nature of the library interface.
342 *
343 * No client implementations have been identified so far that make use
344 * of the true RPC version (early SunOS releases would be a likely candidate
345 * for testing).
346 */
348 /* nlm_test ---------------------------------------------------------------- */
349 /*
350 * Purpose: Test whether a specified lock would be granted if requested
351 * Returns: nlm_granted (or error code)
352 * Notes:
353 */
354 nlm_testres *
356 {
366 /*
367 * Copy the cookie from the argument into the result. Note that this
368 * is slightly hazardous, as the structure contains a pointer to a
369 * malloc()ed buffer that will get freed by the caller. However, the
370 * main function transmits the result before freeing the argument
371 * so it is in fact safe.
372 */
384 }
386 }
390 {
391 nlm_testres result;
418 }
420 /*
421 * nlm_test has different result type to the other operations, so
422 * can't use transmit_result() in this case
423 */
434 }
436 }
438 /* nlm_lock ---------------------------------------------------------------- */
439 /*
440 * Purposes: Establish a lock
441 * Returns: granted, denied or blocked
442 * Notes: *** grace period support missing
443 */
444 nlm_res *
446 {
459 /* copy cookie from arg to result. See comment in nlm_test_1() */
464 }
468 {
488 }
490 /* nlm_cancel -------------------------------------------------------------- */
491 /*
492 * Purpose: Cancel a blocked lock request
493 * Returns: granted or denied
494 * Notes:
495 */
496 nlm_res *
498 {
507 /* copy cookie from arg to result. See comment in nlm_test_1() */
510 /*
511 * Since at present we never return 'nlm_blocked', there can never be
512 * a lock to cancel, so this call always fails.
513 */
516 }
520 {
530 /*
531 * Since at present we never return 'nlm_blocked', there can never be
532 * a lock to cancel, so this call always fails.
533 */
538 }
540 /* nlm_unlock -------------------------------------------------------------- */
541 /*
542 * Purpose: Release an existing lock
543 * Returns: Always granted, unless during grace period
544 * Notes: "no such lock" error condition is ignored, as the
545 * protocol uses unreliable UDP datagrams, and may well
546 * re-try an unlock that has already succeeded.
547 */
548 nlm_res *
550 {
563 }
567 {
582 }
584 /* ------------------------------------------------------------------------- */
585 /*
586 * Client-side pseudo-RPCs for results. Note that for the client there
587 * are only nlm_xxx_msg() versions of each call, since the 'real RPC'
588 * version returns the results in the RPC result, and so the client
589 * does not normally receive incoming RPCs.
590 *
591 * The exception to this is nlm_granted(), which is genuinely an RPC
592 * call from the server to the client - a 'call-back' in normal procedure
593 * call terms.
594 */
596 /* nlm_granted ------------------------------------------------------------- */
597 /*
598 * Purpose: Receive notification that formerly blocked lock now granted
599 * Returns: always success ('granted')
600 * Notes:
601 */
602 nlm_res *
604 {
610 /* copy cookie from arg to result. See comment in nlm_test_1() */
615 }
619 {
630 }
632 /* nlm_test_res ------------------------------------------------------------ */
633 /*
634 * Purpose: Accept result from earlier nlm_test_msg() call
635 * Returns: Nothing
636 */
638 /*ARGSUSED*/
640 {
644 }
646 /* nlm_lock_res ------------------------------------------------------------ */
647 /*
648 * Purpose: Accept result from earlier nlm_lock_msg() call
649 * Returns: Nothing
650 */
652 /*ARGSUSED*/
654 {
659 }
661 /* nlm_cancel_res ---------------------------------------------------------- */
662 /*
663 * Purpose: Accept result from earlier nlm_cancel_msg() call
664 * Returns: Nothing
665 */
667 /*ARGSUSED*/
669 {
673 }
675 /* nlm_unlock_res ---------------------------------------------------------- */
676 /*
677 * Purpose: Accept result from earlier nlm_unlock_msg() call
678 * Returns: Nothing
679 */
681 /*ARGSUSED*/
683 {
687 }
689 /* nlm_granted_res --------------------------------------------------------- */
690 /*
691 * Purpose: Accept result from earlier nlm_granted_msg() call
692 * Returns: Nothing
693 */
695 /*ARGSUSED*/
697 {
701 }
703 /* ------------------------------------------------------------------------- */
704 /*
705 * Calls for PCNFS locking (aka non-monitored locking, no involvement
706 * of rpc.statd).
707 *
708 * These are all genuine RPCs - no nlm_xxx_msg() nonsense here.
709 */
711 /* nlm_share --------------------------------------------------------------- */
712 /*
713 * Purpose: Establish a DOS-style lock
714 * Returns: success or failure
715 * Notes: Blocking locks are not supported - client is expected
716 * to retry if required.
717 */
718 nlm_shareres *
720 {
730 }
732 /* nlm_unshare ------------------------------------------------------------ */
733 /*
734 * Purpose: Release a DOS-style lock
735 * Returns: nlm_granted, unless in grace period
736 * Notes:
737 */
738 nlm_shareres *
740 {
750 }
752 /* nlm_nm_lock ------------------------------------------------------------ */
753 /*
754 * Purpose: non-monitored version of nlm_lock()
755 * Returns: as for nlm_lock()
756 * Notes: These locks are in the same style as the standard nlm_lock,
757 * but the rpc.statd should not be called to establish a
758 * monitor for the client machine, since that machine is
759 * declared not to be running a rpc.statd, and so would not
760 * respond to the statd protocol.
761 */
762 nlm_res *
764 {
770 /* copy cookie from arg to result. See comment in nlm_test_1() */
774 }
776 /* nlm_free_all ------------------------------------------------------------ */
777 /*
778 * Purpose: Release all locks held by a named client
779 * Returns: Nothing
780 * Notes: Potential denial of service security problem here - the
781 * locks to be released are specified by a host name, independent
782 * of the address from which the request has arrived.
783 * Should probably be rejected if the named host has been
784 * using monitored locks.
785 */
787 /*ARGSUSED*/
789 {
795 }
797 /* calls for nlm version 4 (NFSv3) */
798 /* nlm_test ---------------------------------------------------------------- */
799 /*
800 * Purpose: Test whether a specified lock would be granted if requested
801 * Returns: nlm_granted (or error code)
802 * Notes:
803 */
804 nlm4_testres *
806 {
815 /*
816 * Copy the cookie from the argument into the result. Note that this
817 * is slightly hazardous, as the structure contains a pointer to a
818 * malloc()ed buffer that will get freed by the caller. However, the
819 * main function transmits the result before freeing the argument
820 * so it is in fact safe.
821 */
829 }
831 }
835 {
836 nlm4_testres result;
856 }
858 /*
859 * nlm_test has different result type to the other operations, so
860 * can't use transmit4_result() in this case
861 */
872 }
874 }
876 /* nlm_lock ---------------------------------------------------------------- */
877 /*
878 * Purposes: Establish a lock
879 * Returns: granted, denied or blocked
880 * Notes: *** grace period support missing
881 */
882 nlm4_res *
884 {
890 /* copy cookie from arg to result. See comment in nlm_test_4() */
896 }
900 {
913 }
915 /* nlm_cancel -------------------------------------------------------------- */
916 /*
917 * Purpose: Cancel a blocked lock request
918 * Returns: granted or denied
919 * Notes:
920 */
921 nlm4_res *
923 {
929 /* copy cookie from arg to result. See comment in nlm_test_1() */
932 /*
933 * Since at present we never return 'nlm_blocked', there can never be
934 * a lock to cancel, so this call always fails.
935 */
938 }
942 {
949 /*
950 * Since at present we never return 'nlm_blocked', there can never be
951 * a lock to cancel, so this call always fails.
952 */
958 }
960 /* nlm_unlock -------------------------------------------------------------- */
961 /*
962 * Purpose: Release an existing lock
963 * Returns: Always granted, unless during grace period
964 * Notes: "no such lock" error condition is ignored, as the
965 * protocol uses unreliable UDP datagrams, and may well
966 * re-try an unlock that has already succeeded.
967 */
968 nlm4_res *
970 {
980 }
984 {
996 }
998 /* ------------------------------------------------------------------------- */
999 /*
1000 * Client-side pseudo-RPCs for results. Note that for the client there
1001 * are only nlm_xxx_msg() versions of each call, since the 'real RPC'
1002 * version returns the results in the RPC result, and so the client
1003 * does not normally receive incoming RPCs.
1004 *
1005 * The exception to this is nlm_granted(), which is genuinely an RPC
1006 * call from the server to the client - a 'call-back' in normal procedure
1007 * call terms.
1008 */
1010 /* nlm_granted ------------------------------------------------------------- */
1011 /*
1012 * Purpose: Receive notification that formerly blocked lock now granted
1013 * Returns: always success ('granted')
1014 * Notes:
1015 */
1016 nlm4_res *
1018 {
1024 /* copy cookie from arg to result. See comment in nlm_test_1() */
1029 }
1033 {
1044 }
1046 /* nlm_test_res ------------------------------------------------------------ */
1047 /*
1048 * Purpose: Accept result from earlier nlm_test_msg() call
1049 * Returns: Nothing
1050 */
1052 /*ARGSUSED*/
1054 {
1058 }
1060 /* nlm_lock_res ------------------------------------------------------------ */
1061 /*
1062 * Purpose: Accept result from earlier nlm_lock_msg() call
1063 * Returns: Nothing
1064 */
1066 /*ARGSUSED*/
1068 {
1073 }
1075 /* nlm_cancel_res ---------------------------------------------------------- */
1076 /*
1077 * Purpose: Accept result from earlier nlm_cancel_msg() call
1078 * Returns: Nothing
1079 */
1081 /*ARGSUSED*/
1083 {
1087 }
1089 /* nlm_unlock_res ---------------------------------------------------------- */
1090 /*
1091 * Purpose: Accept result from earlier nlm_unlock_msg() call
1092 * Returns: Nothing
1093 */
1095 /*ARGSUSED*/
1097 {
1101 }
1103 /* nlm_granted_res --------------------------------------------------------- */
1104 /*
1105 * Purpose: Accept result from earlier nlm_granted_msg() call
1106 * Returns: Nothing
1107 */
1109 /*ARGSUSED*/
1111 {
1115 }
1117 /* ------------------------------------------------------------------------- */
1118 /*
1119 * Calls for PCNFS locking (aka non-monitored locking, no involvement
1120 * of rpc.statd).
1121 *
1122 * These are all genuine RPCs - no nlm_xxx_msg() nonsense here.
1123 */
1125 /* nlm_share --------------------------------------------------------------- */
1126 /*
1127 * Purpose: Establish a DOS-style lock
1128 * Returns: success or failure
1129 * Notes: Blocking locks are not supported - client is expected
1130 * to retry if required.
1131 */
1132 nlm4_shareres *
1134 {
1144 }
1146 /* nlm4_unshare ------------------------------------------------------------ */
1147 /*
1148 * Purpose: Release a DOS-style lock
1149 * Returns: nlm_granted, unless in grace period
1150 * Notes:
1151 */
1152 nlm4_shareres *
1154 {
1164 }
1166 /* nlm4_nm_lock ------------------------------------------------------------ */
1167 /*
1168 * Purpose: non-monitored version of nlm4_lock()
1169 * Returns: as for nlm4_lock()
1170 * Notes: These locks are in the same style as the standard nlm4_lock,
1171 * but the rpc.statd should not be called to establish a
1172 * monitor for the client machine, since that machine is
1173 * declared not to be running a rpc.statd, and so would not
1174 * respond to the statd protocol.
1175 */
1176 nlm4_res *
1178 {
1184 /* copy cookie from arg to result. See comment in nlm4_test_1() */
1188 }
1190 /* nlm4_free_all ------------------------------------------------------------ */
1191 /*
1192 * Purpose: Release all locks held by a named client
1193 * Returns: Nothing
1194 * Notes: Potential denial of service security problem here - the
1195 * locks to be released are specified by a host name, independent
1196 * of the address from which the request has arrived.
1197 * Should probably be rejected if the named host has been
1198 * using monitored locks.
1199 */
1201 /*ARGSUSED*/
1203 {
1209 }
1211 /* nlm_sm_notify --------------------------------------------------------- */
1212 /*
1213 * Purpose: called by rpc.statd when a monitored host state changes.
1214 * Returns: Nothing
1215 */
1217 /*ARGSUSED*/
1219 {
1223 }