static struct rx_packet
*rxi_ReceiveDataPacket(struct rx_call *call, struct rx_packet *np,
int istack, osi_socket socket,
- afs_uint32 host, u_short port, int *tnop,
- struct rx_call **newcallp);
+ int *tnop, struct rx_call **newcallp);
static struct rx_packet
*rxi_ReceiveAckPacket(struct rx_call *call, struct rx_packet *np,
- int istack);
+ int istack, int *a_invalid);
static struct rx_packet
*rxi_ReceiveResponsePacket(struct rx_connection *conn,
struct rx_packet *np, int istack);
rx_InitHost(u_int host, u_int port)
{
#ifdef KERNEL
- osi_timeval_t tv;
+ osi_timeval32_t tv;
#else /* KERNEL */
struct timeval tv;
#endif /* KERNEL */
MUTEX_ENTER(&rx_quota_mutex);
rxi_dataQuota += rx_extraQuota; /* + extra pkts caller asked to rsrv */
MUTEX_EXIT(&rx_quota_mutex);
- /* *Slightly* random start time for the cid. This is just to help
- * out with the hashing function at the peer */
- rx_nextCid = ((tv.tv_sec ^ tv.tv_usec) << RX_CIDSHIFT);
rx_connHashTable = (struct rx_connection **)htable;
rx_peerHashTable = (struct rx_peer **)ptable;
rxi_WakeUpTransmitQueue(struct rx_call *call)
{
if (call->tqWaiters || (call->flags & RX_CALL_TQ_WAIT)) {
- dpf(("call %"AFS_PTR_FMT" has %d waiters and flags %d\n",
+ dpf(("call %p has %d waiters and flags %d\n",
call, call->tqWaiters, call->flags));
#ifdef RX_ENABLE_LOCKS
MUTEX_ASSERT(&call->lock);
SPLVAR;
clock_NewTime();
- dpf(("rx_NewCall(conn %"AFS_PTR_FMT")\n", conn));
+ dpf(("rx_NewCall(conn %p)\n", conn));
NETPRI;
clock_GetTime(&queueTime);
MUTEX_EXIT(&call->lock);
USERPRI;
- dpf(("rx_NewCall(call %"AFS_PTR_FMT")\n", call));
+ dpf(("rx_NewCall(call %p)\n", call));
return call;
}
}
MUTEX_ENTER(&rx_pthread_mutex);
if (tno == rxi_fcfs_thread_num
- || opr_queue_IsEnd(&rx_incomingCallQueue, cursor)) {
+ || opr_queue_IsLast(&rx_incomingCallQueue, cursor)) {
MUTEX_EXIT(&rx_pthread_mutex);
/* If we're the fcfs thread , then we'll just use
* this call. If we haven't been able to find an optimal
opr_queue_Remove(&call->entry);
MUTEX_EXIT(&rx_serverPool_lock);
MUTEX_ENTER(&call->lock);
+ CLEAR_CALL_QUEUE_LOCK(call);
if (call->flags & RX_CALL_WAIT_PROC) {
call->flags &= ~RX_CALL_WAIT_PROC;
|| opr_queue_First(&call->rq, struct rx_packet, entry)->header.seq != 1)
rxi_SendAck(call, 0, 0, RX_ACK_DELAY, 0);
- CLEAR_CALL_QUEUE_LOCK(call);
break;
} else {
/* If there are no eligible incoming calls, add this process
#endif
rxi_calltrace(RX_CALL_START, call);
- dpf(("rx_GetCall(port=%d, service=%d) ==> call %"AFS_PTR_FMT"\n",
+ dpf(("rx_GetCall(port=%d, service=%d) ==> call %p\n",
call->conn->service->servicePort, call->conn->service->serviceId,
call));
service = tcall->conn->service;
if (QuotaOK(service)) {
MUTEX_ENTER(&rx_pthread_mutex);
- /* XXX - If tcall->entry.next is NULL, then we're no longer
- * on a queue at all. This shouldn't happen. */
- if (tno == rxi_fcfs_thread_num || !tcall->entry.next) {
+ if (tno == rxi_fcfs_thread_num
+ || opr_queue_IsLast(&rx_incomingCallQueue, cursor)) {
MUTEX_EXIT(&rx_pthread_mutex);
/* If we're the fcfs thread, then we'll just use
* this call. If we haven't been able to find an optimal
if (call) {
opr_queue_Remove(&call->entry);
+ CLEAR_CALL_QUEUE_LOCK(call);
/* we can't schedule a call if there's no data!!! */
/* send an ack if there's no data, if we're missing the
* first packet, or we're missing something between first
afs_int32 error;
SPLVAR;
- dpf(("rx_EndCall(call %"AFS_PTR_FMT" rc %d error %d abortCode %d)\n",
+ dpf(("rx_EndCall(call %p rc %d error %d abortCode %d)\n",
call, rc, call->error, call->abortCode));
NETPRI;
struct opr_queue *cursor;
#endif
- dpf(("rxi_NewCall(conn %"AFS_PTR_FMT", channel %d)\n", conn, channel));
+ dpf(("rxi_NewCall(conn %p, channel %d)\n", conn, channel));
/* Grab an existing call structure, or allocate a new one.
* Existing call structures are assumed to have been left reset by
}
p = (char *)
-#if defined(KERNEL) && !defined(UKERNEL) && defined(AFS_FBSD80_ENV)
+#if defined(KERNEL) && !defined(UKERNEL) && defined(AFS_FBSD_ENV)
afs_osi_Alloc_NoSleep(size);
#else
osi_Alloc(size);
return pp;
}
+static_inline int
+rxi_ConnectionMatch(struct rx_connection *conn,
+ afs_uint32 host, u_short port, afs_uint32 cid,
+ afs_uint32 epoch, int type, u_int securityIndex,
+ int *a_badSecurityIndex)
+{
+ struct rx_peer *pp;
+ if (conn->type != type) {
+ return 0;
+ }
+ if (conn->cid != (cid & RX_CIDMASK)) {
+ return 0;
+ }
+ if (conn->epoch != epoch) {
+ return 0;
+ }
+ if (conn->securityIndex != securityIndex) {
+ if (a_badSecurityIndex) {
+ *a_badSecurityIndex = 1;
+ }
+ return 0;
+ }
+ pp = conn->peer;
+ if (pp->host == host && pp->port == port) {
+ return 1;
+ }
+ if (type == RX_CLIENT_CONNECTION && pp->port == port) {
+ /* For client conns, we allow packets from any host to be associated
+ * with the conn. */
+ return 1;
+ }
+ if ((conn->epoch & 0x80000000)) {
+ /* If the epoch high bit is set, we ignore the host/port of any packets
+ * coming in for the conn. */
+ return 1;
+ }
+ return 0;
+}
/* Find the connection at (host, port) started at epoch, and with the
* given connection id. Creates the server connection if necessary.
rx_connHashTable[hashindex],
flag = 1);
for (; conn;) {
- if ((conn->type == type) && ((cid & RX_CIDMASK) == conn->cid)
- && (epoch == conn->epoch)) {
- struct rx_peer *pp = conn->peer;
- if (securityIndex != conn->securityIndex) {
- /* this isn't supposed to happen, but someone could forge a packet
- * like this, and there seems to be some CM bug that makes this
- * happen from time to time -- in which case, the fileserver
- * asserts. */
- MUTEX_EXIT(&rx_connHashTable_lock);
- return (struct rx_connection *)0;
- }
- if (pp->host == host && pp->port == port)
- break;
- if (type == RX_CLIENT_CONNECTION && pp->port == port)
- break;
- /* So what happens when it's a callback connection? */
- if ( /*type == RX_CLIENT_CONNECTION && */
- (conn->epoch & 0x80000000))
- break;
+ int bad_sec = 0;
+ if (rxi_ConnectionMatch(conn, host, port, cid, epoch, type,
+ securityIndex, &bad_sec)) {
+ break;
+ }
+ if (bad_sec) {
+ /*
+ * This isn't supposed to happen, but someone could forge a packet
+ * like this, and bugs causing such packets are not unheard of.
+ */
+ MUTEX_EXIT(&rx_connHashTable_lock);
+ return NULL;
}
if (!flag) {
/* the connection rxLastConn that was used the last time is not the
call = conn->call[channel];
if (!call) {
+ if (np->header.type != RX_PACKET_TYPE_DATA) {
+ /*
+ * Clients must send DATA packets at some point to create a new
+ * call. If the first packet we saw for this call channel is
+ * something else, then either the DATA packets got lost/delayed,
+ * or we were restarted and this is an existing call from before we
+ * were restarted. In the latter case, some clients get confused if
+ * we respond to such requests, so just drop the packet to make
+ * things easier for them.
+ */
+ MUTEX_EXIT(&conn->conn_call_lock);
+ if (rx_stats_active)
+ rx_atomic_inc(&rx_stats.spuriousPacketsRead);
+ return NULL;
+ }
+
+ if (np->header.seq > rx_maxReceiveWindow) {
+ /*
+ * This is a DATA packet for further along in the call than is
+ * possible for a new call. This is probably from an existing call
+ * that was in the middle of running when we were restarted; ignore
+ * it to avoid confusing clients. (See above comment about non-DATA
+ * packets.)
+ */
+ MUTEX_EXIT(&conn->conn_call_lock);
+ if (rx_stats_active)
+ rx_atomic_inc(&rx_stats.spuriousPacketsRead);
+ return NULL;
+ }
+
if (rxi_AbortIfServerBusy(socket, conn, np)) {
MUTEX_EXIT(&conn->conn_call_lock);
return NULL;
struct rx_connection *conn;
int type;
int unknownService = 0;
+ int invalid = 0;
#ifdef RXDEBUG
char *packetType;
#endif
* this is the first time the packet has been seen */
packetType = (np->header.type > 0 && np->header.type < RX_N_PACKET_TYPES)
? rx_packetTypes[np->header.type - 1] : "*UNKNOWN*";
- dpf(("R %d %s: %x.%d.%d.%d.%d.%d.%d flags %d, packet %"AFS_PTR_FMT"\n",
+ dpf(("R %d %s: %x.%d.%d.%d.%d.%d.%d flags %d, packet %p\n",
np->header.serial, packetType, ntohl(host), ntohs(port), np->header.serviceId,
np->header.epoch, np->header.cid, np->header.callNumber,
np->header.seq, np->header.flags, np));
if (type == RX_CLIENT_CONNECTION && !opr_queue_IsEmpty(&call->tq))
rxi_AckAllInTransmitQueue(call);
- np = rxi_ReceiveDataPacket(call, np, 1, socket, host, port, tnop,
- newcallp);
+ np = rxi_ReceiveDataPacket(call, np, 1, socket, tnop, newcallp);
break;
case RX_PACKET_TYPE_ACK:
/* Respond immediately to ack packets requesting acknowledgement
(void)rxi_SendAck(call, 0, np->header.serial,
RX_ACK_PING_RESPONSE, 1);
}
- np = rxi_ReceiveAckPacket(call, np, 1);
+ np = rxi_ReceiveAckPacket(call, np, 1, &invalid);
break;
case RX_PACKET_TYPE_ABORT: {
/* An abort packet: reset the call, passing the error up to the user. */
np = rxi_SendCallAbort(call, np, 1, 0);
break;
};
- /* Note when this last legitimate packet was received, for keep-alive
- * processing. Note, we delay getting the time until now in the hope that
- * the packet will be delivered to the user before any get time is required
- * (if not, then the time won't actually be re-evaluated here). */
- call->lastReceiveTime = clock_Sec();
+ if (invalid) {
+ if (rx_stats_active)
+ rx_atomic_inc(&rx_stats.spuriousPacketsRead);
+ } else {
+ /*
+ * Note when this last legitimate packet was received, for keep-alive
+ * processing.
+ */
+ call->lastReceiveTime = clock_Sec();
+ }
MUTEX_EXIT(&call->lock);
putConnection(conn);
return np;
static struct rx_packet *
rxi_ReceiveDataPacket(struct rx_call *call,
struct rx_packet *np, int istack,
- osi_socket socket, afs_uint32 host, u_short port,
- int *tnop, struct rx_call **newcallp)
+ osi_socket socket, int *tnop, struct rx_call **newcallp)
{
int ackNeeded = 0; /* 0 means no, otherwise ack_reason */
int newPackets = 0;
if (rx_stats_active)
rx_atomic_inc(&rx_stats.noPacketBuffersOnRead);
rxi_calltrace(RX_TRACE_DROP, call);
- dpf(("packet %"AFS_PTR_FMT" dropped on receipt - quota problems\n", np));
+ dpf(("packet %p dropped on receipt - quota problems\n", np));
/* We used to clear the receive queue here, in an attempt to free
* packets. However this is unsafe if the queue has received a
* soft ACK for the final packet */
/* The RX_JUMBO_PACKET is set in all but the last packet in each
* AFS 3.5 jumbogram. */
if (flags & RX_JUMBO_PACKET) {
- tnp = rxi_SplitJumboPacket(np, host, port, isFirst);
+ tnp = rxi_SplitJumboPacket(np);
} else {
tnp = NULL;
}
&& opr_queue_First(&call->rq, struct rx_packet, entry)->header.seq == seq) {
if (rx_stats_active)
rx_atomic_inc(&rx_stats.dupPacketsRead);
- dpf(("packet %"AFS_PTR_FMT" dropped on receipt - duplicate\n", np));
+ dpf(("packet %p dropped on receipt - duplicate\n", np));
rxi_CancelDelayedAckEvent(call);
np = rxi_SendAck(call, np, serial, RX_ACK_DUPLICATE, istack);
ackNeeded = 0;
}
#endif
+static_inline int
+ack_is_valid(struct rx_call *call, afs_uint32 first, afs_uint32 prev)
+{
+ if (first < call->tfirst) {
+ /*
+ * The peer indicated that the window went backwards. That's not
+ * allowed; the window can only move forwards.
+ */
+ return 0;
+ }
+
+ if (first == call->tfirst && prev < call->tprev) {
+ /*
+ * The peer said the last DATA packet it received was seq X, but it
+ * already told us before that it had received data after X. This is
+ * probably just an out-of-order ACK, and so we can ignore it.
+ */
+ if (prev >= call->tfirst + call->twind) {
+ /*
+ * Some peers (OpenAFS libafs before 1.6.23) mistakenly set the
+ * previousPacket field to a serial number, not a sequence number.
+ * The sequence number the peer told us about is further than our
+ * transmit window, so it cannot possibly be correct; it's probably
+ * actually a serial number. Don't ignore packets based on this;
+ * the previousPacket information is not accurate.
+ */
+ return 1;
+ }
+
+ return 0;
+ }
+
+ /* Otherwise, the ack looks valid. */
+ return 1;
+}
/* The real smarts of the whole thing. */
static struct rx_packet *
rxi_ReceiveAckPacket(struct rx_call *call, struct rx_packet *np,
- int istack)
+ int istack, int *a_invalid)
{
struct rx_ackPacket *ap;
int nAcks;
int pktsize = 0; /* Set if we need to update the peer mtu */
int conn_data_locked = 0;
+ *a_invalid = 1;
+
if (rx_stats_active)
rx_atomic_inc(&rx_stats.ackPacketsRead);
ap = (struct rx_ackPacket *)rx_DataOf(np);
prev = ntohl(ap->previousPacket);
serial = ntohl(ap->serial);
- /*
- * Ignore ack packets received out of order while protecting
- * against peers that set the previousPacket field to a packet
- * serial number instead of a sequence number.
- */
- if (first < call->tfirst ||
- (first == call->tfirst && prev < call->tprev && prev < call->tfirst
- + call->twind)) {
+ if (!ack_is_valid(call, first, prev)) {
return np;
}
call->tprev = prev;
+ *a_invalid = 0;
+
if (np->header.flags & RX_SLOW_START_OK) {
call->flags |= RX_CALL_SLOW_START_OK;
}
#ifdef RX_ENABLE_LOCKS
/* XXX Hack. Because we have to release the global call lock when sending
- * packets (osi_NetSend) we drop all acks while we're traversing the tq
+ * packets (rxi_NetSend) we drop all acks while we're traversing the tq
* in rxi_Start sending packets out because packets may move to the
* freePacketQueue as result of being here! So we drop these packets until
* we're safely out of the traversing. Really ugly!
if (opr_queue_IsOnQueue(&call->entry)) {
opr_queue_Remove(&call->entry);
}
+ CLEAR_CALL_QUEUE_LOCK(call);
}
call->state = RX_STATE_ACTIVE;
call->app.mode = RX_MODE_RECEIVING;
#ifdef RXDEBUG_PACKET
call->rqc -= count;
if ( call->rqc != 0 )
- dpf(("rxi_ClearReceiveQueue call %"AFS_PTR_FMT" rqc %u != 0\n", call, call->rqc));
+ dpf(("rxi_ClearReceiveQueue call %p rqc %u != 0\n", call, call->rqc));
#endif
call->flags &= ~(RX_CALL_RECEIVE_DONE | RX_CALL_HAVE_LAST);
}
if (error) {
int i;
- dpf(("rxi_ConnectionError conn %"AFS_PTR_FMT" error %d\n", conn, error));
+ dpf(("rxi_ConnectionError conn %p error %d\n", conn, error));
MUTEX_ENTER(&conn->conn_data_lock);
if (rxevent_Cancel(&conn->challengeEvent))
rxi_CallError(struct rx_call *call, afs_int32 error)
{
MUTEX_ASSERT(&call->lock);
- dpf(("rxi_CallError call %"AFS_PTR_FMT" error %d call->error %d\n", call, error, call->error));
+ dpf(("rxi_CallError call %p error %d call->error %d\n", call, error, call->error));
if (call->error)
error = call->error;
struct rx_packet *packet;
MUTEX_ASSERT(&call->lock);
- dpf(("rxi_ResetCall(call %"AFS_PTR_FMT", newcall %d)\n", call, newcall));
+ dpf(("rxi_ResetCall(call %p, newcall %d)\n", call, newcall));
/* Notify anyone who is waiting for asynchronous packet arrival */
if (call->arrivalProc) {
rxi_ClearTransmitQueue(call, 1);
if (call->tqWaiters || (flags & RX_CALL_TQ_WAIT)) {
- dpf(("rcall %"AFS_PTR_FMT" has %d waiters and flags %d\n", call, call->tqWaiters, call->flags));
+ dpf(("rcall %p has %d waiters and flags %d\n", call, call->tqWaiters, call->flags));
}
call->flags = 0;
nXmitPackets, istack);
goto restart;
}
- dpf(("call %d xmit packet %"AFS_PTR_FMT"\n",
+ dpf(("call %d xmit packet %p\n",
*(call->callNumber), p));
call->xmitList[nXmitPackets++] = p;
}
tmpiov[0].iov_base = tbuffer;
tmpiov[0].iov_len = 1 + sizeof(struct rx_header);
- osi_NetSend(socket, &taddr, tmpiov, 1, 1 + sizeof(struct rx_header), 1);
+ rxi_NetSend(socket, &taddr, tmpiov, 1, 1 + sizeof(struct rx_header), 1);
MUTEX_ENTER(&conn->conn_data_lock);
/* We ran, so the handle is no longer needed to try to cancel ourselves. */
{
/* Overflow is technically undefined behavior; avoid it. */
if (rx_nextCid > MAX_AFS_INT32 - (1 << RX_CIDSHIFT))
- rx_nextCid = -1 * ((MAX_AFS_INT32 / RX_CIDSHIFT) * RX_CIDSHIFT);
- else
- rx_nextCid += 1 << RX_CIDSHIFT;
+ rx_nextCid = 0;
+ rx_nextCid += 1 << RX_CIDSHIFT;
}
static void
return; /* somebody set the clock back, don't count this time. */
clock_Sub(&thisRtt, sentp);
- dpf(("rxi_ComputeRoundTripTime(call=%d packet=%"AFS_PTR_FMT" rttp=%d.%06d sec)\n",
+ dpf(("rxi_ComputeRoundTripTime(call=%d packet=%p rttp=%d.%06d sec)\n",
p->header.callNumber, p, thisRtt.sec, thisRtt.usec));
if (clock_IsZero(&thisRtt)) {
peer->rtt_dev = call->rtt_dev;
peer->rtt = call->rtt;
- dpf(("rxi_ComputeRoundTripTime(call=%d packet=%"AFS_PTR_FMT" rtt=%d ms, srtt=%d ms, rtt_dev=%d ms, timeout=%d.%06d sec)\n",
- p->header.callNumber, p, MSEC(&thisRtt), call->rtt >> 3, call->rtt_dev >> 2, (call->rto.sec), (call->rto.usec)));
+ dpf(("rxi_ComputeRoundTripTime(call=%d packet=%p rtt=%d ms, srtt=%d ms, "
+ "rtt_dev=%d ms, timeout=%d.%06d sec)\n",
+ p->header.callNumber, p, MSEC(&thisRtt), call->rtt >> 3,
+ call->rtt_dev >> 2, (call->rto.sec), (call->rto.usec)));
}
return 0;
}
#endif
+
+#ifdef AFS_RXERRQ_ENV
+void
+rxi_HandleSocketErrors(osi_socket sock)
+{
+ size_t cmsgbuf_len = 256;
+ void *cmsgbuf;
+# ifndef KERNEL
+ int errno_save = errno;
+# endif
+
+ cmsgbuf = rxi_Alloc(cmsgbuf_len);
+ if (cmsgbuf == NULL) {
+ goto done;
+ }
+
+ while (osi_HandleSocketError(sock, cmsgbuf, cmsgbuf_len))
+ ;
+
+ rxi_Free(cmsgbuf, cmsgbuf_len);
+
+ done:
+# ifndef KERNEL
+ errno = errno_save;
+# endif
+ return;
+}
+
+static int
+NetSend_retry(osi_socket sock, void *addr, struct iovec *dvec, int nvecs,
+ int length, int istack)
+{
+ int code;
+ int safety;
+ /*
+ * If an ICMP error comes in for any peer, sendmsg() can return -1 with an
+ * errno of EHOSTUNREACH, ENETUNREACH, etc. There may be no problem with
+ * sending this packet (an error is returned just to indicate we need to
+ * read in pending errors), but the packet wasn't actually sent.
+ *
+ * It's difficult to determine in general whether sendmsg() is returning an
+ * error due to a received ICMP error, or we're getting an actual error for
+ * this specific sendmsg() call, since there may be other threads running
+ * sendmsg/recvmsg/rxi_HandleSocketErrors at the same time. So, just retry
+ * the sendmsg a few times; make sure not to retry forever, in case we are
+ * getting an actual error from this sendmsg() call.
+ *
+ * Also note that if we accidentally drop a packet here that we didn't need
+ * to, it's not the end of the world. Packets get dropped, and we should be
+ * able to recover.
+ */
+ for (safety = 0; safety < RXI_SENDMSG_RETRY; safety++) {
+ code = osi_NetSend(sock, addr, dvec, nvecs, length, istack);
+ if (code == 0) {
+ return 0;
+ }
+ rxi_HandleSocketErrors(sock);
+ }
+ return code;
+
+}
+#endif
+
+int
+rxi_NetSend(osi_socket socket, void *addr, struct iovec *dvec,
+ int nvecs, int length, int istack)
+{
+ if (rxi_IsRunning()) {
+#ifdef AFS_RXERRQ_ENV
+ return NetSend_retry(socket, addr, dvec, nvecs, length, istack);
+#else
+ return osi_NetSend(socket, addr, dvec, nvecs, length, istack);
+#endif
+ }
+#ifdef AFS_NT40_ENV
+ return WSAESHUTDOWN;
+#else
+ return ESHUTDOWN;
+#endif
+}
git://git.openafs.org / openafs.git / blobdiff