ndr_ops.c revision 12508:edb7861a1533 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
23 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
24 */
25
26/*
27 * Server-side NDR stream (PDU) operations. Stream operations should
28 * return TRUE (non-zero) on success or FALSE (zero or a null pointer)
29 * on failure. When an operation returns FALSE, including ndo_malloc()
30 * returning NULL, it should set the nds->error to indicate what went
31 * wrong.
32 *
33 * When available, the relevant ndr reference is passed to the
34 * operation but keep in mind that it may be a null pointer.
35 *
36 * Functions ndo_get_pdu(), ndo_put_pdu(), and ndo_pad_pdu()
37 * must never grow the PDU data. A request for out-of-bounds data is
38 * an error. The swap_bytes flag is 1 if NDR knows that the byte-
39 * order in the PDU is different from the local system.
40 */
41
42#include <sys/types.h>
43#include <stdarg.h>
44#include <ctype.h>
45#include <stdio.h>
46#include <stdlib.h>
47#include <strings.h>
48#include <string.h>
49#include <assert.h>
50
51#include <smbsrv/libsmb.h>
52#include <smbsrv/libmlrpc.h>
53
54#define	NDOBUFSZ		128
55
56#define	NDR_PDU_BLOCK_SIZE	(4*1024)
57#define	NDR_PDU_BLOCK_MASK	(NDR_PDU_BLOCK_SIZE - 1)
58#define	NDR_PDU_ALIGN(N) \
59	(((N) + NDR_PDU_BLOCK_SIZE) & ~NDR_PDU_BLOCK_MASK)
60#define	NDR_PDU_MAX_SIZE		(64*1024*1024)
61
62static char *ndo_malloc(ndr_stream_t *, unsigned, ndr_ref_t *);
63static int ndo_free(ndr_stream_t *, char *, ndr_ref_t *);
64static int ndo_grow_pdu(ndr_stream_t *, unsigned long, ndr_ref_t *);
65static int ndo_pad_pdu(ndr_stream_t *, unsigned long, unsigned long,
66    ndr_ref_t *);
67static int ndo_get_pdu(ndr_stream_t *, unsigned long, unsigned long,
68    char *, int, ndr_ref_t *);
69static int ndo_put_pdu(ndr_stream_t *, unsigned long, unsigned long,
70    char *, int, ndr_ref_t *);
71static void ndo_tattle(ndr_stream_t *, char *, ndr_ref_t *);
72static void ndo_tattle_error(ndr_stream_t *, ndr_ref_t *);
73static int ndo_reset(ndr_stream_t *);
74static void ndo_destruct(ndr_stream_t *);
75static void ndo_hexfmt(uint8_t *, int, int, char *, int);
76
77/*
78 * The ndr stream operations table.
79 */
80static ndr_stream_ops_t nds_ops = {
81    ndo_malloc,
82    ndo_free,
83    ndo_grow_pdu,
84    ndo_pad_pdu,
85    ndo_get_pdu,
86    ndo_put_pdu,
87    ndo_tattle,
88    ndo_tattle_error,
89    ndo_reset,
90    ndo_destruct
91};
92
93/*
94 * nds_bswap
95 *
96 * Copies len bytes from src to dst such that dst contains the bytes
97 * from src in reverse order.
98 *
99 * We expect to be dealing with bytes, words, dwords etc. So the
100 * length must be non-zero and a power of 2.
101 */
102void
103nds_bswap(void *srcbuf, void *dstbuf, size_t len)
104{
105	uint8_t *src = (uint8_t *)srcbuf;
106	uint8_t *dst = (uint8_t *)dstbuf;
107
108	if ((len != 0) && ((len & (len - 1)) == 0)) {
109		src += len;
110
111		while (len--)
112			*dst++ = *(--src);
113	}
114}
115
116/*
117 * nds_initialize
118 *
119 * Initialize a stream. Sets up the PDU parameters and assigns the stream
120 * operations and the reference to the heap. An external heap is provided
121 * to the stream, rather than each stream creating its own heap.
122 */
123int
124nds_initialize(ndr_stream_t *nds, unsigned pdu_size_hint,
125    int composite_op, ndr_heap_t *heap)
126{
127	unsigned size;
128
129	assert(nds);
130	assert(heap);
131
132	bzero(nds, sizeof (*nds));
133	nds->ndo = &nds_ops;
134	nds->heap = (struct ndr_heap *)heap;
135
136	if (pdu_size_hint > NDR_PDU_MAX_SIZE) {
137		nds->error = NDR_ERR_BOUNDS_CHECK;
138		nds->error_ref = __LINE__;
139		NDS_TATTLE_ERROR(nds, NULL, NULL);
140		return (NDR_DRC_FAULT_RESOURCE_1);
141	}
142
143	size = (pdu_size_hint == 0) ? NDR_PDU_BLOCK_SIZE : pdu_size_hint;
144
145	if ((nds->pdu_base_addr = malloc(size)) == NULL) {
146		nds->error = NDR_ERR_MALLOC_FAILED;
147		nds->error_ref = __LINE__;
148		NDS_TATTLE_ERROR(nds, NULL, NULL);
149		return (NDR_DRC_FAULT_OUT_OF_MEMORY);
150	}
151
152	nds->pdu_max_size = size;
153	nds->pdu_size = 0;
154	nds->pdu_base_offset = (unsigned long)nds->pdu_base_addr;
155
156	nds->m_op = NDR_MODE_TO_M_OP(composite_op);
157	nds->dir  = NDR_MODE_TO_DIR(composite_op);
158
159	nds->outer_queue_tailp = &nds->outer_queue_head;
160	return (0);
161}
162
163void
164nds_finalize(ndr_stream_t *nds, ndr_fraglist_t *frags)
165{
166	iovec_t *iov;
167	ndr_frag_t *frag;
168	uint32_t size = 0;
169
170	bzero(frags, sizeof (ndr_fraglist_t));
171
172	for (frag = nds->frags.head; frag; frag = frag->next)
173		size += frag->len;
174
175	if (size == 0 || size >= NDR_PDU_MAX_SIZE)
176		return;
177
178	frags->iov = malloc(nds->frags.nfrag * sizeof (iovec_t));
179	if (frags->iov == NULL)
180		return;
181
182	frags->head = nds->frags.head;
183	frags->tail = nds->frags.tail;
184	frags->nfrag = nds->frags.nfrag;
185	bzero(&nds->frags, sizeof (ndr_fraglist_t));
186
187	frags->uio.uio_iov = frags->iov;
188	frags->uio.uio_iovcnt = frags->nfrag;
189	frags->uio.uio_offset = 0;
190	frags->uio.uio_segflg = UIO_USERSPACE;
191	frags->uio.uio_resid = size;
192
193	iov = frags->uio.uio_iov;
194	for (frag = frags->head; frag; frag = frag->next) {
195		iov->iov_base = (caddr_t)frag->buf;
196		iov->iov_len = frag->len;
197		++iov;
198	}
199}
200
201/*
202 * nds_destruct
203 *
204 * Destroy a stream. This is an external interface to provide access to
205 * the stream's destruct operation.
206 */
207void
208nds_destruct(ndr_stream_t *nds)
209{
210	if ((nds == NULL) || (nds->ndo == NULL))
211		return;
212
213	NDS_DESTRUCT(nds);
214}
215
216/*
217 * Print NDR stream state.
218 */
219void
220nds_show_state(ndr_stream_t *nds)
221{
222	if (nds == NULL) {
223		ndo_printf(NULL, NULL, "nds: <null");
224		return;
225	}
226
227	ndo_printf(NULL, NULL, "nds: base=0x%x, size=%d, max=%d, scan=%d",
228	    nds->pdu_base_offset, nds->pdu_size, nds->pdu_max_size,
229	    nds->pdu_scan_offset);
230}
231
232/*
233 * ndo_malloc
234 *
235 * Allocate memory from the stream heap.
236 */
237/*ARGSUSED*/
238static char *
239ndo_malloc(ndr_stream_t *nds, unsigned len, ndr_ref_t *ref)
240{
241	return (ndr_heap_malloc((ndr_heap_t *)nds->heap, len));
242}
243
244/*
245 * ndo_free
246 *
247 * Always succeeds: cannot free individual stream allocations.
248 */
249/*ARGSUSED*/
250static int
251ndo_free(ndr_stream_t *nds, char *p, ndr_ref_t *ref)
252{
253	return (1);
254}
255
256/*
257 * ndo_grow_pdu
258 *
259 * This is the only place that should change the size of the PDU. If the
260 * desired offset is beyond the current PDU size, we realloc the PDU
261 * buffer to accommodate the request. For efficiency, the PDU is always
262 * extended to a NDR_PDU_BLOCK_SIZE boundary. Requests to grow the PDU
263 * beyond NDR_PDU_MAX_SIZE are rejected.
264 *
265 * Returns 1 to indicate success. Otherwise 0 to indicate failure.
266 */
267static int
268ndo_grow_pdu(ndr_stream_t *nds, unsigned long want_end_offset, ndr_ref_t *ref)
269{
270	unsigned char *pdu_addr;
271	unsigned pdu_max_size;
272
273	ndo_printf(nds, ref, "grow %d", want_end_offset);
274
275	pdu_max_size = nds->pdu_max_size;
276
277	if (want_end_offset > pdu_max_size) {
278		pdu_max_size = NDR_PDU_ALIGN(want_end_offset);
279
280		if (pdu_max_size >= NDR_PDU_MAX_SIZE)
281			return (0);
282
283		pdu_addr = realloc(nds->pdu_base_addr, pdu_max_size);
284		if (pdu_addr == 0)
285			return (0);
286
287		nds->pdu_max_size = pdu_max_size;
288		nds->pdu_base_addr = pdu_addr;
289		nds->pdu_base_offset = (unsigned long)pdu_addr;
290	}
291
292	nds->pdu_size = want_end_offset;
293	return (1);
294}
295
296static int
297ndo_pad_pdu(ndr_stream_t *nds, unsigned long pdu_offset,
298    unsigned long n_bytes, ndr_ref_t *ref)
299{
300	unsigned char *data;
301
302	data = (unsigned char *)nds->pdu_base_offset;
303	data += pdu_offset;
304
305	ndo_printf(nds, ref, "pad %d@%-3d", n_bytes, pdu_offset);
306
307	bzero(data, n_bytes);
308	return (1);
309}
310
311/*
312 * ndo_get_pdu
313 *
314 * The swap flag is 1 if NDR knows that the byte-order in the PDU
315 * is different from the local system.
316 *
317 * Returns 1 on success or 0 to indicate failure.
318 */
319static int
320ndo_get_pdu(ndr_stream_t *nds, unsigned long pdu_offset,
321    unsigned long n_bytes, char *buf, int swap_bytes, ndr_ref_t *ref)
322{
323	unsigned char *data;
324	char hexbuf[NDOBUFSZ];
325
326	data = (unsigned char *)nds->pdu_base_offset;
327	data += pdu_offset;
328
329	ndo_hexfmt(data, n_bytes, swap_bytes, hexbuf, NDOBUFSZ);
330
331	ndo_printf(nds, ref, "get %d@%-3d = %s",
332	    n_bytes, pdu_offset, hexbuf);
333
334	if (!swap_bytes)
335		bcopy(data, buf, n_bytes);
336	else
337		nds_bswap(data, (unsigned char *)buf, n_bytes);
338
339	return (1);
340}
341
342/*
343 * ndo_put_pdu
344 *
345 * This is a receiver makes right protocol. So we do not need
346 * to be concerned about the byte-order of an outgoing PDU.
347 */
348/*ARGSUSED*/
349static int
350ndo_put_pdu(ndr_stream_t *nds, unsigned long pdu_offset,
351    unsigned long n_bytes, char *buf, int swap_bytes, ndr_ref_t *ref)
352{
353	unsigned char *data;
354	char hexbuf[NDOBUFSZ];
355
356	data = (unsigned char *)nds->pdu_base_offset;
357	data += pdu_offset;
358
359	ndo_hexfmt((uint8_t *)buf, n_bytes, 0, hexbuf, NDOBUFSZ);
360
361	ndo_printf(nds, ref, "put %d@%-3d = %s",
362	    n_bytes, pdu_offset, hexbuf);
363
364	bcopy(buf, data, n_bytes);
365	return (1);
366}
367
368static void
369ndo_tattle(ndr_stream_t *nds, char *what, ndr_ref_t *ref)
370{
371	ndo_printf(nds, ref, what);
372}
373
374static void
375ndo_tattle_error(ndr_stream_t *nds, ndr_ref_t *ref)
376{
377	unsigned char *data;
378	char hexbuf[NDOBUFSZ];
379
380	if (nds->pdu_base_addr != NULL) {
381		data = (unsigned char *)nds->pdu_base_offset;
382		if (ref)
383			data += ref->pdu_offset;
384		else
385			data += nds->pdu_scan_offset;
386
387		ndo_hexfmt(data, 16, 0, hexbuf, NDOBUFSZ);
388	} else {
389		bzero(hexbuf, NDOBUFSZ);
390	}
391
392	ndo_printf(nds, ref, "ERROR=%d REF=%d OFFSET=%d SIZE=%d/%d",
393	    nds->error, nds->error_ref, nds->pdu_scan_offset,
394	    nds->pdu_size, nds->pdu_max_size);
395	ndo_printf(nds, ref, "      %s", hexbuf);
396}
397
398/*
399 * ndo_reset
400 *
401 * Reset a stream: zap the outer_queue. We don't need to tamper
402 * with the stream heap: it's handled externally to the stream.
403 */
404static int
405ndo_reset(ndr_stream_t *nds)
406{
407	ndo_printf(nds, 0, "reset");
408
409	nds->pdu_size = 0;
410	nds->pdu_scan_offset = 0;
411	nds->outer_queue_head = 0;
412	nds->outer_current = 0;
413	nds->outer_queue_tailp = &nds->outer_queue_head;
414
415	return (1);
416}
417
418/*
419 * ndo_destruct
420 *
421 * Destruct a stream: zap the outer_queue.
422 * Note: heap management (creation/destruction) is external to the stream.
423 */
424static void
425ndo_destruct(ndr_stream_t *nds)
426{
427	ndr_frag_t *frag;
428
429	ndo_printf(nds, 0, "destruct");
430
431	if (nds == NULL)
432		return;
433
434	if (nds->pdu_base_addr != NULL) {
435		free(nds->pdu_base_addr);
436		nds->pdu_base_addr = NULL;
437		nds->pdu_base_offset = 0;
438	}
439
440	while ((frag = nds->frags.head) != NULL) {
441		nds->frags.head = frag->next;
442		free(frag);
443	}
444
445	bzero(&nds->frags, sizeof (ndr_fraglist_t));
446
447	nds->outer_queue_head = 0;
448	nds->outer_current = 0;
449	nds->outer_queue_tailp = &nds->outer_queue_head;
450}
451
452/*
453 * Printf style formatting for NDR operations.
454 */
455void
456ndo_printf(ndr_stream_t *nds, ndr_ref_t *ref, const char *fmt, ...)
457{
458	va_list ap;
459	char buf[NDOBUFSZ];
460
461	va_start(ap, fmt);
462	(void) vsnprintf(buf, NDOBUFSZ, fmt, ap);
463	va_end(ap);
464
465	if (nds)
466		ndo_fmt(nds, ref, buf);
467	else
468		ndo_trace(buf);
469}
470
471/*
472 * Main output formatter for NDR operations.
473 *
474 *	UI 03 ... rpc_vers           get 1@0   =    5 {05}
475 *	UI 03 ... rpc_vers_minor     get 1@1   =    0 {00}
476 *
477 *	U       Marshalling flag (M=marshal, U=unmarshal)
478 *	I       Direction flag (I=in, O=out)
479 *	...     Field name
480 *	get     PDU operation (get or put)
481 *	1@0	Bytes @ offset (i.e. 1 byte at offset 0)
482 *	{05}    Value
483 */
484void
485ndo_fmt(ndr_stream_t *nds, ndr_ref_t *ref, char *note)
486{
487	ndr_ref_t	*p;
488	int		indent;
489	char		ref_name[NDOBUFSZ];
490	char		buf[NDOBUFSZ];
491	int		m_op_c = '?', dir_c = '?';
492
493	switch (nds->m_op) {
494	case 0:				m_op_c = '-';	break;
495	case NDR_M_OP_MARSHALL:		m_op_c = 'M';	break;
496	case NDR_M_OP_UNMARSHALL:	m_op_c = 'U';	break;
497	default:			m_op_c = '?';	break;
498	}
499
500	switch (nds->dir) {
501	case 0:				dir_c = '-';	break;
502	case NDR_DIR_IN:		dir_c = 'I';	break;
503	case NDR_DIR_OUT:		dir_c = 'O';	break;
504	default:			dir_c = '?';	break;
505	}
506
507	for (indent = 0, p = ref; p; p = p->enclosing)
508		indent++;
509
510	if (ref && ref->name) {
511		if (*ref->name == '[' && ref->enclosing) {
512			indent--;
513			(void) snprintf(ref_name, NDOBUFSZ, "%s%s",
514			    ref->enclosing->name, ref->name);
515		} else {
516			(void) strlcpy(ref_name, ref->name, NDOBUFSZ);
517		}
518	} else {
519		(void) strlcpy(ref_name, "----", NDOBUFSZ);
520	}
521
522	(void) snprintf(buf, NDOBUFSZ, "%c%c %-.*s %-*s  %s",
523	    m_op_c, dir_c, indent,
524	    "....+....+....+....+....+....",
525	    20 - indent, ref_name, note);
526
527	ndo_trace(buf);
528}
529
530/*ARGSUSED*/
531void
532ndo_trace(const char *s)
533{
534	/*
535	 * Temporary fbt for dtrace until user space sdt enabled.
536	 */
537}
538
539/*
540 * Format data as hex bytes (limit is 10 bytes):
541 *
542 *	1188689424 {10 f6 d9 46}
543 *
544 * If the input data is greater than 10 bytes, an ellipsis will
545 * be inserted before the closing brace.
546 */
547static void
548ndo_hexfmt(uint8_t *data, int size, int swap_bytes, char *buf, int len)
549{
550	char *p = buf;
551	int interp = 1;
552	uint32_t c;
553	int n;
554	int i;
555
556	n = (size > 10) ? 10 : size;
557	if (n > len-1)
558		n = len-1;
559
560	switch (size) {
561	case 1:
562		c = *(uint8_t *)data;
563		break;
564	case 2:
565		if (swap_bytes == 0) /*LINTED E_BAD_PTR_CAST_ALIGN*/
566			c = *(uint16_t *)data;
567		else
568			c = (data[0] << 8) | data[1];
569		break;
570	case 4:
571		if (swap_bytes == 0) { /*LINTED E_BAD_PTR_CAST_ALIGN*/
572			c = *(uint32_t *)data;
573		} else {
574			c = (data[0] << 24) | (data[1] << 16)
575			    | (data[2] << 8) | data[3];
576		}
577		break;
578	default:
579		c = 0;
580		interp = 0;
581		break;
582	}
583
584	if (interp)
585		p += sprintf(p, "%4u {", c);
586	else
587		p += sprintf(p, " {");
588
589	p += sprintf(p, "%02x", data[0]);
590	for (i = 1; i < n; i++)
591		p += sprintf(p, " %02x", data[i]);
592	if (size > 10)
593		p += sprintf(p, " ...}");
594	else
595		p += sprintf(p, "}");
596
597	/*
598	 * Show c if it's a printable character or wide-char.
599	 */
600	if (size < 4 && isprint((uint8_t)c))
601		(void) sprintf(p, " %c", (uint8_t)c);
602}
603