1 /* RxRPC packet transmission
2 *
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12 #include <linux/net.h>
13 #include <linux/skbuff.h>
14 #include <linux/circ_buf.h>
15 #include <net/sock.h>
16 #include <net/af_rxrpc.h>
17 #include "ar-internal.h"
18
19 int rxrpc_resend_timeout = 4;
20
21 static int rxrpc_send_data(struct kiocb *iocb,
22 struct rxrpc_sock *rx,
23 struct rxrpc_call *call,
24 struct msghdr *msg, size_t len);
25
26 /*
27 * extract control messages from the sendmsg() control buffer
28 */
rxrpc_sendmsg_cmsg(struct rxrpc_sock * rx,struct msghdr * msg,unsigned long * user_call_ID,enum rxrpc_command * command,u32 * abort_code,bool server)29 static int rxrpc_sendmsg_cmsg(struct rxrpc_sock *rx, struct msghdr *msg,
30 unsigned long *user_call_ID,
31 enum rxrpc_command *command,
32 u32 *abort_code,
33 bool server)
34 {
35 struct cmsghdr *cmsg;
36 int len;
37
38 *command = RXRPC_CMD_SEND_DATA;
39
40 if (msg->msg_controllen == 0)
41 return -EINVAL;
42
43 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
44 if (!CMSG_OK(msg, cmsg))
45 return -EINVAL;
46
47 len = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
48 _debug("CMSG %d, %d, %d",
49 cmsg->cmsg_level, cmsg->cmsg_type, len);
50
51 if (cmsg->cmsg_level != SOL_RXRPC)
52 continue;
53
54 switch (cmsg->cmsg_type) {
55 case RXRPC_USER_CALL_ID:
56 if (msg->msg_flags & MSG_CMSG_COMPAT) {
57 if (len != sizeof(u32))
58 return -EINVAL;
59 *user_call_ID = *(u32 *) CMSG_DATA(cmsg);
60 } else {
61 if (len != sizeof(unsigned long))
62 return -EINVAL;
63 *user_call_ID = *(unsigned long *)
64 CMSG_DATA(cmsg);
65 }
66 _debug("User Call ID %lx", *user_call_ID);
67 break;
68
69 case RXRPC_ABORT:
70 if (*command != RXRPC_CMD_SEND_DATA)
71 return -EINVAL;
72 *command = RXRPC_CMD_SEND_ABORT;
73 if (len != sizeof(*abort_code))
74 return -EINVAL;
75 *abort_code = *(unsigned int *) CMSG_DATA(cmsg);
76 _debug("Abort %x", *abort_code);
77 if (*abort_code == 0)
78 return -EINVAL;
79 break;
80
81 case RXRPC_ACCEPT:
82 if (*command != RXRPC_CMD_SEND_DATA)
83 return -EINVAL;
84 *command = RXRPC_CMD_ACCEPT;
85 if (len != 0)
86 return -EINVAL;
87 if (!server)
88 return -EISCONN;
89 break;
90
91 default:
92 return -EINVAL;
93 }
94 }
95
96 _leave(" = 0");
97 return 0;
98 }
99
100 /*
101 * abort a call, sending an ABORT packet to the peer
102 */
rxrpc_send_abort(struct rxrpc_call * call,u32 abort_code)103 static void rxrpc_send_abort(struct rxrpc_call *call, u32 abort_code)
104 {
105 write_lock_bh(&call->state_lock);
106
107 if (call->state <= RXRPC_CALL_COMPLETE) {
108 call->state = RXRPC_CALL_LOCALLY_ABORTED;
109 call->abort_code = abort_code;
110 set_bit(RXRPC_CALL_ABORT, &call->events);
111 del_timer_sync(&call->resend_timer);
112 del_timer_sync(&call->ack_timer);
113 clear_bit(RXRPC_CALL_RESEND_TIMER, &call->events);
114 clear_bit(RXRPC_CALL_ACK, &call->events);
115 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
116 rxrpc_queue_call(call);
117 }
118
119 write_unlock_bh(&call->state_lock);
120 }
121
122 /*
123 * send a message forming part of a client call through an RxRPC socket
124 * - caller holds the socket locked
125 * - the socket may be either a client socket or a server socket
126 */
rxrpc_client_sendmsg(struct kiocb * iocb,struct rxrpc_sock * rx,struct rxrpc_transport * trans,struct msghdr * msg,size_t len)127 int rxrpc_client_sendmsg(struct kiocb *iocb, struct rxrpc_sock *rx,
128 struct rxrpc_transport *trans, struct msghdr *msg,
129 size_t len)
130 {
131 struct rxrpc_conn_bundle *bundle;
132 enum rxrpc_command cmd;
133 struct rxrpc_call *call;
134 unsigned long user_call_ID = 0;
135 struct key *key;
136 __be16 service_id;
137 u32 abort_code = 0;
138 int ret;
139
140 _enter("");
141
142 ASSERT(trans != NULL);
143
144 ret = rxrpc_sendmsg_cmsg(rx, msg, &user_call_ID, &cmd, &abort_code,
145 false);
146 if (ret < 0)
147 return ret;
148
149 bundle = NULL;
150 if (trans) {
151 service_id = rx->service_id;
152 if (msg->msg_name) {
153 struct sockaddr_rxrpc *srx =
154 (struct sockaddr_rxrpc *) msg->msg_name;
155 service_id = htons(srx->srx_service);
156 }
157 key = rx->key;
158 if (key && !rx->key->payload.data)
159 key = NULL;
160 bundle = rxrpc_get_bundle(rx, trans, key, service_id,
161 GFP_KERNEL);
162 if (IS_ERR(bundle))
163 return PTR_ERR(bundle);
164 }
165
166 call = rxrpc_get_client_call(rx, trans, bundle, user_call_ID,
167 abort_code == 0, GFP_KERNEL);
168 if (trans)
169 rxrpc_put_bundle(trans, bundle);
170 if (IS_ERR(call)) {
171 _leave(" = %ld", PTR_ERR(call));
172 return PTR_ERR(call);
173 }
174
175 _debug("CALL %d USR %lx ST %d on CONN %p",
176 call->debug_id, call->user_call_ID, call->state, call->conn);
177
178 if (call->state >= RXRPC_CALL_COMPLETE) {
179 /* it's too late for this call */
180 ret = -ESHUTDOWN;
181 } else if (cmd == RXRPC_CMD_SEND_ABORT) {
182 rxrpc_send_abort(call, abort_code);
183 } else if (cmd != RXRPC_CMD_SEND_DATA) {
184 ret = -EINVAL;
185 } else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST) {
186 /* request phase complete for this client call */
187 ret = -EPROTO;
188 } else {
189 ret = rxrpc_send_data(iocb, rx, call, msg, len);
190 }
191
192 rxrpc_put_call(call);
193 _leave(" = %d", ret);
194 return ret;
195 }
196
197 /**
198 * rxrpc_kernel_send_data - Allow a kernel service to send data on a call
199 * @call: The call to send data through
200 * @msg: The data to send
201 * @len: The amount of data to send
202 *
203 * Allow a kernel service to send data on a call. The call must be in an state
204 * appropriate to sending data. No control data should be supplied in @msg,
205 * nor should an address be supplied. MSG_MORE should be flagged if there's
206 * more data to come, otherwise this data will end the transmission phase.
207 */
rxrpc_kernel_send_data(struct rxrpc_call * call,struct msghdr * msg,size_t len)208 int rxrpc_kernel_send_data(struct rxrpc_call *call, struct msghdr *msg,
209 size_t len)
210 {
211 int ret;
212
213 _enter("{%d,%s},", call->debug_id, rxrpc_call_states[call->state]);
214
215 ASSERTCMP(msg->msg_name, ==, NULL);
216 ASSERTCMP(msg->msg_control, ==, NULL);
217
218 lock_sock(&call->socket->sk);
219
220 _debug("CALL %d USR %lx ST %d on CONN %p",
221 call->debug_id, call->user_call_ID, call->state, call->conn);
222
223 if (call->state >= RXRPC_CALL_COMPLETE) {
224 ret = -ESHUTDOWN; /* it's too late for this call */
225 } else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
226 call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
227 call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
228 ret = -EPROTO; /* request phase complete for this client call */
229 } else {
230 mm_segment_t oldfs = get_fs();
231 set_fs(KERNEL_DS);
232 ret = rxrpc_send_data(NULL, call->socket, call, msg, len);
233 set_fs(oldfs);
234 }
235
236 release_sock(&call->socket->sk);
237 _leave(" = %d", ret);
238 return ret;
239 }
240
241 EXPORT_SYMBOL(rxrpc_kernel_send_data);
242
243 /*
244 * rxrpc_kernel_abort_call - Allow a kernel service to abort a call
245 * @call: The call to be aborted
246 * @abort_code: The abort code to stick into the ABORT packet
247 *
248 * Allow a kernel service to abort a call, if it's still in an abortable state.
249 */
rxrpc_kernel_abort_call(struct rxrpc_call * call,u32 abort_code)250 void rxrpc_kernel_abort_call(struct rxrpc_call *call, u32 abort_code)
251 {
252 _enter("{%d},%d", call->debug_id, abort_code);
253
254 lock_sock(&call->socket->sk);
255
256 _debug("CALL %d USR %lx ST %d on CONN %p",
257 call->debug_id, call->user_call_ID, call->state, call->conn);
258
259 if (call->state < RXRPC_CALL_COMPLETE)
260 rxrpc_send_abort(call, abort_code);
261
262 release_sock(&call->socket->sk);
263 _leave("");
264 }
265
266 EXPORT_SYMBOL(rxrpc_kernel_abort_call);
267
268 /*
269 * send a message through a server socket
270 * - caller holds the socket locked
271 */
rxrpc_server_sendmsg(struct kiocb * iocb,struct rxrpc_sock * rx,struct msghdr * msg,size_t len)272 int rxrpc_server_sendmsg(struct kiocb *iocb, struct rxrpc_sock *rx,
273 struct msghdr *msg, size_t len)
274 {
275 enum rxrpc_command cmd;
276 struct rxrpc_call *call;
277 unsigned long user_call_ID = 0;
278 u32 abort_code = 0;
279 int ret;
280
281 _enter("");
282
283 ret = rxrpc_sendmsg_cmsg(rx, msg, &user_call_ID, &cmd, &abort_code,
284 true);
285 if (ret < 0)
286 return ret;
287
288 if (cmd == RXRPC_CMD_ACCEPT) {
289 call = rxrpc_accept_call(rx, user_call_ID);
290 if (IS_ERR(call))
291 return PTR_ERR(call);
292 rxrpc_put_call(call);
293 return 0;
294 }
295
296 call = rxrpc_find_server_call(rx, user_call_ID);
297 if (!call)
298 return -EBADSLT;
299 if (call->state >= RXRPC_CALL_COMPLETE) {
300 ret = -ESHUTDOWN;
301 goto out;
302 }
303
304 switch (cmd) {
305 case RXRPC_CMD_SEND_DATA:
306 if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
307 call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
308 call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
309 /* Tx phase not yet begun for this call */
310 ret = -EPROTO;
311 break;
312 }
313
314 ret = rxrpc_send_data(iocb, rx, call, msg, len);
315 break;
316
317 case RXRPC_CMD_SEND_ABORT:
318 rxrpc_send_abort(call, abort_code);
319 break;
320 default:
321 BUG();
322 }
323
324 out:
325 rxrpc_put_call(call);
326 _leave(" = %d", ret);
327 return ret;
328 }
329
330 /*
331 * send a packet through the transport endpoint
332 */
rxrpc_send_packet(struct rxrpc_transport * trans,struct sk_buff * skb)333 int rxrpc_send_packet(struct rxrpc_transport *trans, struct sk_buff *skb)
334 {
335 struct kvec iov[1];
336 struct msghdr msg;
337 int ret, opt;
338
339 _enter(",{%d}", skb->len);
340
341 iov[0].iov_base = skb->head;
342 iov[0].iov_len = skb->len;
343
344 msg.msg_name = &trans->peer->srx.transport.sin;
345 msg.msg_namelen = sizeof(trans->peer->srx.transport.sin);
346 msg.msg_control = NULL;
347 msg.msg_controllen = 0;
348 msg.msg_flags = 0;
349
350 /* send the packet with the don't fragment bit set if we currently
351 * think it's small enough */
352 if (skb->len - sizeof(struct rxrpc_header) < trans->peer->maxdata) {
353 down_read(&trans->local->defrag_sem);
354 /* send the packet by UDP
355 * - returns -EMSGSIZE if UDP would have to fragment the packet
356 * to go out of the interface
357 * - in which case, we'll have processed the ICMP error
358 * message and update the peer record
359 */
360 ret = kernel_sendmsg(trans->local->socket, &msg, iov, 1,
361 iov[0].iov_len);
362
363 up_read(&trans->local->defrag_sem);
364 if (ret == -EMSGSIZE)
365 goto send_fragmentable;
366
367 _leave(" = %d [%u]", ret, trans->peer->maxdata);
368 return ret;
369 }
370
371 send_fragmentable:
372 /* attempt to send this message with fragmentation enabled */
373 _debug("send fragment");
374
375 down_write(&trans->local->defrag_sem);
376 opt = IP_PMTUDISC_DONT;
377 ret = kernel_setsockopt(trans->local->socket, SOL_IP, IP_MTU_DISCOVER,
378 (char *) &opt, sizeof(opt));
379 if (ret == 0) {
380 ret = kernel_sendmsg(trans->local->socket, &msg, iov, 1,
381 iov[0].iov_len);
382
383 opt = IP_PMTUDISC_DO;
384 kernel_setsockopt(trans->local->socket, SOL_IP,
385 IP_MTU_DISCOVER, (char *) &opt, sizeof(opt));
386 }
387
388 up_write(&trans->local->defrag_sem);
389 _leave(" = %d [frag %u]", ret, trans->peer->maxdata);
390 return ret;
391 }
392
393 /*
394 * wait for space to appear in the transmit/ACK window
395 * - caller holds the socket locked
396 */
rxrpc_wait_for_tx_window(struct rxrpc_sock * rx,struct rxrpc_call * call,long * timeo)397 static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx,
398 struct rxrpc_call *call,
399 long *timeo)
400 {
401 DECLARE_WAITQUEUE(myself, current);
402 int ret;
403
404 _enter(",{%d},%ld",
405 CIRC_SPACE(call->acks_head, call->acks_tail, call->acks_winsz),
406 *timeo);
407
408 add_wait_queue(&call->tx_waitq, &myself);
409
410 for (;;) {
411 set_current_state(TASK_INTERRUPTIBLE);
412 ret = 0;
413 if (CIRC_SPACE(call->acks_head, call->acks_tail,
414 call->acks_winsz) > 0)
415 break;
416 if (signal_pending(current)) {
417 ret = sock_intr_errno(*timeo);
418 break;
419 }
420
421 release_sock(&rx->sk);
422 *timeo = schedule_timeout(*timeo);
423 lock_sock(&rx->sk);
424 }
425
426 remove_wait_queue(&call->tx_waitq, &myself);
427 set_current_state(TASK_RUNNING);
428 _leave(" = %d", ret);
429 return ret;
430 }
431
432 /*
433 * attempt to schedule an instant Tx resend
434 */
rxrpc_instant_resend(struct rxrpc_call * call)435 static inline void rxrpc_instant_resend(struct rxrpc_call *call)
436 {
437 read_lock_bh(&call->state_lock);
438 if (try_to_del_timer_sync(&call->resend_timer) >= 0) {
439 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
440 if (call->state < RXRPC_CALL_COMPLETE &&
441 !test_and_set_bit(RXRPC_CALL_RESEND_TIMER, &call->events))
442 rxrpc_queue_call(call);
443 }
444 read_unlock_bh(&call->state_lock);
445 }
446
447 /*
448 * queue a packet for transmission, set the resend timer and attempt
449 * to send the packet immediately
450 */
rxrpc_queue_packet(struct rxrpc_call * call,struct sk_buff * skb,bool last)451 static void rxrpc_queue_packet(struct rxrpc_call *call, struct sk_buff *skb,
452 bool last)
453 {
454 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
455 int ret;
456
457 _net("queue skb %p [%d]", skb, call->acks_head);
458
459 ASSERT(call->acks_window != NULL);
460 call->acks_window[call->acks_head] = (unsigned long) skb;
461 smp_wmb();
462 call->acks_head = (call->acks_head + 1) & (call->acks_winsz - 1);
463
464 if (last || call->state == RXRPC_CALL_SERVER_ACK_REQUEST) {
465 _debug("________awaiting reply/ACK__________");
466 write_lock_bh(&call->state_lock);
467 switch (call->state) {
468 case RXRPC_CALL_CLIENT_SEND_REQUEST:
469 call->state = RXRPC_CALL_CLIENT_AWAIT_REPLY;
470 break;
471 case RXRPC_CALL_SERVER_ACK_REQUEST:
472 call->state = RXRPC_CALL_SERVER_SEND_REPLY;
473 if (!last)
474 break;
475 case RXRPC_CALL_SERVER_SEND_REPLY:
476 call->state = RXRPC_CALL_SERVER_AWAIT_ACK;
477 break;
478 default:
479 break;
480 }
481 write_unlock_bh(&call->state_lock);
482 }
483
484 _proto("Tx DATA %%%u { #%u }",
485 ntohl(sp->hdr.serial), ntohl(sp->hdr.seq));
486
487 sp->need_resend = 0;
488 sp->resend_at = jiffies + rxrpc_resend_timeout * HZ;
489 if (!test_and_set_bit(RXRPC_CALL_RUN_RTIMER, &call->flags)) {
490 _debug("run timer");
491 call->resend_timer.expires = sp->resend_at;
492 add_timer(&call->resend_timer);
493 }
494
495 /* attempt to cancel the rx-ACK timer, deferring reply transmission if
496 * we're ACK'ing the request phase of an incoming call */
497 ret = -EAGAIN;
498 if (try_to_del_timer_sync(&call->ack_timer) >= 0) {
499 /* the packet may be freed by rxrpc_process_call() before this
500 * returns */
501 ret = rxrpc_send_packet(call->conn->trans, skb);
502 _net("sent skb %p", skb);
503 } else {
504 _debug("failed to delete ACK timer");
505 }
506
507 if (ret < 0) {
508 _debug("need instant resend %d", ret);
509 sp->need_resend = 1;
510 rxrpc_instant_resend(call);
511 }
512
513 _leave("");
514 }
515
516 /*
517 * send data through a socket
518 * - must be called in process context
519 * - caller holds the socket locked
520 */
rxrpc_send_data(struct kiocb * iocb,struct rxrpc_sock * rx,struct rxrpc_call * call,struct msghdr * msg,size_t len)521 static int rxrpc_send_data(struct kiocb *iocb,
522 struct rxrpc_sock *rx,
523 struct rxrpc_call *call,
524 struct msghdr *msg, size_t len)
525 {
526 struct rxrpc_skb_priv *sp;
527 unsigned char __user *from;
528 struct sk_buff *skb;
529 struct iovec *iov;
530 struct sock *sk = &rx->sk;
531 long timeo;
532 bool more;
533 int ret, ioc, segment, copied;
534
535 _enter(",,,{%zu},%zu", msg->msg_iovlen, len);
536
537 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
538
539 /* this should be in poll */
540 clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
541
542 if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN))
543 return -EPIPE;
544
545 iov = msg->msg_iov;
546 ioc = msg->msg_iovlen - 1;
547 from = iov->iov_base;
548 segment = iov->iov_len;
549 iov++;
550 more = msg->msg_flags & MSG_MORE;
551
552 skb = call->tx_pending;
553 call->tx_pending = NULL;
554
555 copied = 0;
556 do {
557 int copy;
558
559 if (segment > len)
560 segment = len;
561
562 _debug("SEGMENT %d @%p", segment, from);
563
564 if (!skb) {
565 size_t size, chunk, max, space;
566
567 _debug("alloc");
568
569 if (CIRC_SPACE(call->acks_head, call->acks_tail,
570 call->acks_winsz) <= 0) {
571 ret = -EAGAIN;
572 if (msg->msg_flags & MSG_DONTWAIT)
573 goto maybe_error;
574 ret = rxrpc_wait_for_tx_window(rx, call,
575 &timeo);
576 if (ret < 0)
577 goto maybe_error;
578 }
579
580 max = call->conn->trans->peer->maxdata;
581 max -= call->conn->security_size;
582 max &= ~(call->conn->size_align - 1UL);
583
584 chunk = max;
585 if (chunk > len && !more)
586 chunk = len;
587
588 space = chunk + call->conn->size_align;
589 space &= ~(call->conn->size_align - 1UL);
590
591 size = space + call->conn->header_size;
592
593 _debug("SIZE: %zu/%zu/%zu", chunk, space, size);
594
595 /* create a buffer that we can retain until it's ACK'd */
596 skb = sock_alloc_send_skb(
597 sk, size, msg->msg_flags & MSG_DONTWAIT, &ret);
598 if (!skb)
599 goto maybe_error;
600
601 rxrpc_new_skb(skb);
602
603 _debug("ALLOC SEND %p", skb);
604
605 ASSERTCMP(skb->mark, ==, 0);
606
607 _debug("HS: %u", call->conn->header_size);
608 skb_reserve(skb, call->conn->header_size);
609 skb->len += call->conn->header_size;
610
611 sp = rxrpc_skb(skb);
612 sp->remain = chunk;
613 if (sp->remain > skb_tailroom(skb))
614 sp->remain = skb_tailroom(skb);
615
616 _net("skb: hr %d, tr %d, hl %d, rm %d",
617 skb_headroom(skb),
618 skb_tailroom(skb),
619 skb_headlen(skb),
620 sp->remain);
621
622 skb->ip_summed = CHECKSUM_UNNECESSARY;
623 }
624
625 _debug("append");
626 sp = rxrpc_skb(skb);
627
628 /* append next segment of data to the current buffer */
629 copy = skb_tailroom(skb);
630 ASSERTCMP(copy, >, 0);
631 if (copy > segment)
632 copy = segment;
633 if (copy > sp->remain)
634 copy = sp->remain;
635
636 _debug("add");
637 ret = skb_add_data(skb, from, copy);
638 _debug("added");
639 if (ret < 0)
640 goto efault;
641 sp->remain -= copy;
642 skb->mark += copy;
643 copied += copy;
644
645 len -= copy;
646 segment -= copy;
647 from += copy;
648 while (segment == 0 && ioc > 0) {
649 from = iov->iov_base;
650 segment = iov->iov_len;
651 iov++;
652 ioc--;
653 }
654 if (len == 0) {
655 segment = 0;
656 ioc = 0;
657 }
658
659 /* check for the far side aborting the call or a network error
660 * occurring */
661 if (call->state > RXRPC_CALL_COMPLETE)
662 goto call_aborted;
663
664 /* add the packet to the send queue if it's now full */
665 if (sp->remain <= 0 || (segment == 0 && !more)) {
666 struct rxrpc_connection *conn = call->conn;
667 size_t pad;
668
669 /* pad out if we're using security */
670 if (conn->security) {
671 pad = conn->security_size + skb->mark;
672 pad = conn->size_align - pad;
673 pad &= conn->size_align - 1;
674 _debug("pad %zu", pad);
675 if (pad)
676 memset(skb_put(skb, pad), 0, pad);
677 }
678
679 sp->hdr.epoch = conn->epoch;
680 sp->hdr.cid = call->cid;
681 sp->hdr.callNumber = call->call_id;
682 sp->hdr.seq =
683 htonl(atomic_inc_return(&call->sequence));
684 sp->hdr.serial =
685 htonl(atomic_inc_return(&conn->serial));
686 sp->hdr.type = RXRPC_PACKET_TYPE_DATA;
687 sp->hdr.userStatus = 0;
688 sp->hdr.securityIndex = conn->security_ix;
689 sp->hdr._rsvd = 0;
690 sp->hdr.serviceId = conn->service_id;
691
692 sp->hdr.flags = conn->out_clientflag;
693 if (len == 0 && !more)
694 sp->hdr.flags |= RXRPC_LAST_PACKET;
695 else if (CIRC_SPACE(call->acks_head, call->acks_tail,
696 call->acks_winsz) > 1)
697 sp->hdr.flags |= RXRPC_MORE_PACKETS;
698
699 ret = rxrpc_secure_packet(
700 call, skb, skb->mark,
701 skb->head + sizeof(struct rxrpc_header));
702 if (ret < 0)
703 goto out;
704
705 memcpy(skb->head, &sp->hdr,
706 sizeof(struct rxrpc_header));
707 rxrpc_queue_packet(call, skb, segment == 0 && !more);
708 skb = NULL;
709 }
710
711 } while (segment > 0);
712
713 success:
714 ret = copied;
715 out:
716 call->tx_pending = skb;
717 _leave(" = %d", ret);
718 return ret;
719
720 call_aborted:
721 rxrpc_free_skb(skb);
722 if (call->state == RXRPC_CALL_NETWORK_ERROR)
723 ret = call->conn->trans->peer->net_error;
724 else
725 ret = -ECONNABORTED;
726 _leave(" = %d", ret);
727 return ret;
728
729 maybe_error:
730 if (copied)
731 goto success;
732 goto out;
733
734 efault:
735 ret = -EFAULT;
736 goto out;
737 }
738