1 /* Management of Tx window, Tx resend, ACKs and out-of-sequence reception
2 *
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12 #include <linux/module.h>
13 #include <linux/circ_buf.h>
14 #include <linux/net.h>
15 #include <linux/skbuff.h>
16 #include <linux/slab.h>
17 #include <linux/udp.h>
18 #include <net/sock.h>
19 #include <net/af_rxrpc.h>
20 #include "ar-internal.h"
21
22 /*
23 * How long to wait before scheduling ACK generation after seeing a
24 * packet with RXRPC_REQUEST_ACK set (in jiffies).
25 */
26 unsigned rxrpc_requested_ack_delay = 1;
27
28 /*
29 * How long to wait before scheduling an ACK with subtype DELAY (in jiffies).
30 *
31 * We use this when we've received new data packets. If those packets aren't
32 * all consumed within this time we will send a DELAY ACK if an ACK was not
33 * requested to let the sender know it doesn't need to resend.
34 */
35 unsigned rxrpc_soft_ack_delay = 1 * HZ;
36
37 /*
38 * How long to wait before scheduling an ACK with subtype IDLE (in jiffies).
39 *
40 * We use this when we've consumed some previously soft-ACK'd packets when
41 * further packets aren't immediately received to decide when to send an IDLE
42 * ACK let the other end know that it can free up its Tx buffer space.
43 */
44 unsigned rxrpc_idle_ack_delay = 0.5 * HZ;
45
46 /*
47 * Receive window size in packets. This indicates the maximum number of
48 * unconsumed received packets we're willing to retain in memory. Once this
49 * limit is hit, we should generate an EXCEEDS_WINDOW ACK and discard further
50 * packets.
51 */
52 unsigned rxrpc_rx_window_size = 32;
53
54 /*
55 * Maximum Rx MTU size. This indicates to the sender the size of jumbo packet
56 * made by gluing normal packets together that we're willing to handle.
57 */
58 unsigned rxrpc_rx_mtu = 5692;
59
60 /*
61 * The maximum number of fragments in a received jumbo packet that we tell the
62 * sender that we're willing to handle.
63 */
64 unsigned rxrpc_rx_jumbo_max = 4;
65
rxrpc_acks(u8 reason)66 static const char *rxrpc_acks(u8 reason)
67 {
68 static const char *const str[] = {
69 "---", "REQ", "DUP", "OOS", "WIN", "MEM", "PNG", "PNR", "DLY",
70 "IDL", "-?-"
71 };
72
73 if (reason >= ARRAY_SIZE(str))
74 reason = ARRAY_SIZE(str) - 1;
75 return str[reason];
76 }
77
78 static const s8 rxrpc_ack_priority[] = {
79 [0] = 0,
80 [RXRPC_ACK_DELAY] = 1,
81 [RXRPC_ACK_REQUESTED] = 2,
82 [RXRPC_ACK_IDLE] = 3,
83 [RXRPC_ACK_PING_RESPONSE] = 4,
84 [RXRPC_ACK_DUPLICATE] = 5,
85 [RXRPC_ACK_OUT_OF_SEQUENCE] = 6,
86 [RXRPC_ACK_EXCEEDS_WINDOW] = 7,
87 [RXRPC_ACK_NOSPACE] = 8,
88 };
89
90 /*
91 * propose an ACK be sent
92 */
__rxrpc_propose_ACK(struct rxrpc_call * call,u8 ack_reason,__be32 serial,bool immediate)93 void __rxrpc_propose_ACK(struct rxrpc_call *call, u8 ack_reason,
94 __be32 serial, bool immediate)
95 {
96 unsigned long expiry;
97 s8 prior = rxrpc_ack_priority[ack_reason];
98
99 ASSERTCMP(prior, >, 0);
100
101 _enter("{%d},%s,%%%x,%u",
102 call->debug_id, rxrpc_acks(ack_reason), ntohl(serial),
103 immediate);
104
105 if (prior < rxrpc_ack_priority[call->ackr_reason]) {
106 if (immediate)
107 goto cancel_timer;
108 return;
109 }
110
111 /* update DELAY, IDLE, REQUESTED and PING_RESPONSE ACK serial
112 * numbers */
113 if (prior == rxrpc_ack_priority[call->ackr_reason]) {
114 if (prior <= 4)
115 call->ackr_serial = serial;
116 if (immediate)
117 goto cancel_timer;
118 return;
119 }
120
121 call->ackr_reason = ack_reason;
122 call->ackr_serial = serial;
123
124 switch (ack_reason) {
125 case RXRPC_ACK_DELAY:
126 _debug("run delay timer");
127 expiry = rxrpc_soft_ack_delay;
128 goto run_timer;
129
130 case RXRPC_ACK_IDLE:
131 if (!immediate) {
132 _debug("run defer timer");
133 expiry = rxrpc_idle_ack_delay;
134 goto run_timer;
135 }
136 goto cancel_timer;
137
138 case RXRPC_ACK_REQUESTED:
139 expiry = rxrpc_requested_ack_delay;
140 if (!expiry)
141 goto cancel_timer;
142 if (!immediate || serial == cpu_to_be32(1)) {
143 _debug("run defer timer");
144 goto run_timer;
145 }
146
147 default:
148 _debug("immediate ACK");
149 goto cancel_timer;
150 }
151
152 run_timer:
153 expiry += jiffies;
154 if (!timer_pending(&call->ack_timer) ||
155 time_after(call->ack_timer.expires, expiry))
156 mod_timer(&call->ack_timer, expiry);
157 return;
158
159 cancel_timer:
160 _debug("cancel timer %%%u", ntohl(serial));
161 try_to_del_timer_sync(&call->ack_timer);
162 read_lock_bh(&call->state_lock);
163 if (call->state <= RXRPC_CALL_COMPLETE &&
164 !test_and_set_bit(RXRPC_CALL_ACK, &call->events))
165 rxrpc_queue_call(call);
166 read_unlock_bh(&call->state_lock);
167 }
168
169 /*
170 * propose an ACK be sent, locking the call structure
171 */
rxrpc_propose_ACK(struct rxrpc_call * call,u8 ack_reason,__be32 serial,bool immediate)172 void rxrpc_propose_ACK(struct rxrpc_call *call, u8 ack_reason,
173 __be32 serial, bool immediate)
174 {
175 s8 prior = rxrpc_ack_priority[ack_reason];
176
177 if (prior > rxrpc_ack_priority[call->ackr_reason]) {
178 spin_lock_bh(&call->lock);
179 __rxrpc_propose_ACK(call, ack_reason, serial, immediate);
180 spin_unlock_bh(&call->lock);
181 }
182 }
183
184 /*
185 * set the resend timer
186 */
rxrpc_set_resend(struct rxrpc_call * call,u8 resend,unsigned long resend_at)187 static void rxrpc_set_resend(struct rxrpc_call *call, u8 resend,
188 unsigned long resend_at)
189 {
190 read_lock_bh(&call->state_lock);
191 if (call->state >= RXRPC_CALL_COMPLETE)
192 resend = 0;
193
194 if (resend & 1) {
195 _debug("SET RESEND");
196 set_bit(RXRPC_CALL_RESEND, &call->events);
197 }
198
199 if (resend & 2) {
200 _debug("MODIFY RESEND TIMER");
201 set_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
202 mod_timer(&call->resend_timer, resend_at);
203 } else {
204 _debug("KILL RESEND TIMER");
205 del_timer_sync(&call->resend_timer);
206 clear_bit(RXRPC_CALL_RESEND_TIMER, &call->events);
207 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
208 }
209 read_unlock_bh(&call->state_lock);
210 }
211
212 /*
213 * resend packets
214 */
rxrpc_resend(struct rxrpc_call * call)215 static void rxrpc_resend(struct rxrpc_call *call)
216 {
217 struct rxrpc_skb_priv *sp;
218 struct rxrpc_header *hdr;
219 struct sk_buff *txb;
220 unsigned long *p_txb, resend_at;
221 bool stop;
222 int loop;
223 u8 resend;
224
225 _enter("{%d,%d,%d,%d},",
226 call->acks_hard, call->acks_unacked,
227 atomic_read(&call->sequence),
228 CIRC_CNT(call->acks_head, call->acks_tail, call->acks_winsz));
229
230 stop = false;
231 resend = 0;
232 resend_at = 0;
233
234 for (loop = call->acks_tail;
235 loop != call->acks_head || stop;
236 loop = (loop + 1) & (call->acks_winsz - 1)
237 ) {
238 p_txb = call->acks_window + loop;
239 smp_read_barrier_depends();
240 if (*p_txb & 1)
241 continue;
242
243 txb = (struct sk_buff *) *p_txb;
244 sp = rxrpc_skb(txb);
245
246 if (sp->need_resend) {
247 sp->need_resend = false;
248
249 /* each Tx packet has a new serial number */
250 sp->hdr.serial =
251 htonl(atomic_inc_return(&call->conn->serial));
252
253 hdr = (struct rxrpc_header *) txb->head;
254 hdr->serial = sp->hdr.serial;
255
256 _proto("Tx DATA %%%u { #%d }",
257 ntohl(sp->hdr.serial), ntohl(sp->hdr.seq));
258 if (rxrpc_send_packet(call->conn->trans, txb) < 0) {
259 stop = true;
260 sp->resend_at = jiffies + 3;
261 } else {
262 sp->resend_at =
263 jiffies + rxrpc_resend_timeout;
264 }
265 }
266
267 if (time_after_eq(jiffies + 1, sp->resend_at)) {
268 sp->need_resend = true;
269 resend |= 1;
270 } else if (resend & 2) {
271 if (time_before(sp->resend_at, resend_at))
272 resend_at = sp->resend_at;
273 } else {
274 resend_at = sp->resend_at;
275 resend |= 2;
276 }
277 }
278
279 rxrpc_set_resend(call, resend, resend_at);
280 _leave("");
281 }
282
283 /*
284 * handle resend timer expiry
285 */
rxrpc_resend_timer(struct rxrpc_call * call)286 static void rxrpc_resend_timer(struct rxrpc_call *call)
287 {
288 struct rxrpc_skb_priv *sp;
289 struct sk_buff *txb;
290 unsigned long *p_txb, resend_at;
291 int loop;
292 u8 resend;
293
294 _enter("%d,%d,%d",
295 call->acks_tail, call->acks_unacked, call->acks_head);
296
297 if (call->state >= RXRPC_CALL_COMPLETE)
298 return;
299
300 resend = 0;
301 resend_at = 0;
302
303 for (loop = call->acks_unacked;
304 loop != call->acks_head;
305 loop = (loop + 1) & (call->acks_winsz - 1)
306 ) {
307 p_txb = call->acks_window + loop;
308 smp_read_barrier_depends();
309 txb = (struct sk_buff *) (*p_txb & ~1);
310 sp = rxrpc_skb(txb);
311
312 ASSERT(!(*p_txb & 1));
313
314 if (sp->need_resend) {
315 ;
316 } else if (time_after_eq(jiffies + 1, sp->resend_at)) {
317 sp->need_resend = true;
318 resend |= 1;
319 } else if (resend & 2) {
320 if (time_before(sp->resend_at, resend_at))
321 resend_at = sp->resend_at;
322 } else {
323 resend_at = sp->resend_at;
324 resend |= 2;
325 }
326 }
327
328 rxrpc_set_resend(call, resend, resend_at);
329 _leave("");
330 }
331
332 /*
333 * process soft ACKs of our transmitted packets
334 * - these indicate packets the peer has or has not received, but hasn't yet
335 * given to the consumer, and so can still be discarded and re-requested
336 */
rxrpc_process_soft_ACKs(struct rxrpc_call * call,struct rxrpc_ackpacket * ack,struct sk_buff * skb)337 static int rxrpc_process_soft_ACKs(struct rxrpc_call *call,
338 struct rxrpc_ackpacket *ack,
339 struct sk_buff *skb)
340 {
341 struct rxrpc_skb_priv *sp;
342 struct sk_buff *txb;
343 unsigned long *p_txb, resend_at;
344 int loop;
345 u8 sacks[RXRPC_MAXACKS], resend;
346
347 _enter("{%d,%d},{%d},",
348 call->acks_hard,
349 CIRC_CNT(call->acks_head, call->acks_tail, call->acks_winsz),
350 ack->nAcks);
351
352 if (skb_copy_bits(skb, 0, sacks, ack->nAcks) < 0)
353 goto protocol_error;
354
355 resend = 0;
356 resend_at = 0;
357 for (loop = 0; loop < ack->nAcks; loop++) {
358 p_txb = call->acks_window;
359 p_txb += (call->acks_tail + loop) & (call->acks_winsz - 1);
360 smp_read_barrier_depends();
361 txb = (struct sk_buff *) (*p_txb & ~1);
362 sp = rxrpc_skb(txb);
363
364 switch (sacks[loop]) {
365 case RXRPC_ACK_TYPE_ACK:
366 sp->need_resend = false;
367 *p_txb |= 1;
368 break;
369 case RXRPC_ACK_TYPE_NACK:
370 sp->need_resend = true;
371 *p_txb &= ~1;
372 resend = 1;
373 break;
374 default:
375 _debug("Unsupported ACK type %d", sacks[loop]);
376 goto protocol_error;
377 }
378 }
379
380 smp_mb();
381 call->acks_unacked = (call->acks_tail + loop) & (call->acks_winsz - 1);
382
383 /* anything not explicitly ACK'd is implicitly NACK'd, but may just not
384 * have been received or processed yet by the far end */
385 for (loop = call->acks_unacked;
386 loop != call->acks_head;
387 loop = (loop + 1) & (call->acks_winsz - 1)
388 ) {
389 p_txb = call->acks_window + loop;
390 smp_read_barrier_depends();
391 txb = (struct sk_buff *) (*p_txb & ~1);
392 sp = rxrpc_skb(txb);
393
394 if (*p_txb & 1) {
395 /* packet must have been discarded */
396 sp->need_resend = true;
397 *p_txb &= ~1;
398 resend |= 1;
399 } else if (sp->need_resend) {
400 ;
401 } else if (time_after_eq(jiffies + 1, sp->resend_at)) {
402 sp->need_resend = true;
403 resend |= 1;
404 } else if (resend & 2) {
405 if (time_before(sp->resend_at, resend_at))
406 resend_at = sp->resend_at;
407 } else {
408 resend_at = sp->resend_at;
409 resend |= 2;
410 }
411 }
412
413 rxrpc_set_resend(call, resend, resend_at);
414 _leave(" = 0");
415 return 0;
416
417 protocol_error:
418 _leave(" = -EPROTO");
419 return -EPROTO;
420 }
421
422 /*
423 * discard hard-ACK'd packets from the Tx window
424 */
rxrpc_rotate_tx_window(struct rxrpc_call * call,u32 hard)425 static void rxrpc_rotate_tx_window(struct rxrpc_call *call, u32 hard)
426 {
427 unsigned long _skb;
428 int tail = call->acks_tail, old_tail;
429 int win = CIRC_CNT(call->acks_head, tail, call->acks_winsz);
430
431 _enter("{%u,%u},%u", call->acks_hard, win, hard);
432
433 ASSERTCMP(hard - call->acks_hard, <=, win);
434
435 while (call->acks_hard < hard) {
436 smp_read_barrier_depends();
437 _skb = call->acks_window[tail] & ~1;
438 rxrpc_free_skb((struct sk_buff *) _skb);
439 old_tail = tail;
440 tail = (tail + 1) & (call->acks_winsz - 1);
441 call->acks_tail = tail;
442 if (call->acks_unacked == old_tail)
443 call->acks_unacked = tail;
444 call->acks_hard++;
445 }
446
447 wake_up(&call->tx_waitq);
448 }
449
450 /*
451 * clear the Tx window in the event of a failure
452 */
rxrpc_clear_tx_window(struct rxrpc_call * call)453 static void rxrpc_clear_tx_window(struct rxrpc_call *call)
454 {
455 rxrpc_rotate_tx_window(call, atomic_read(&call->sequence));
456 }
457
458 /*
459 * drain the out of sequence received packet queue into the packet Rx queue
460 */
rxrpc_drain_rx_oos_queue(struct rxrpc_call * call)461 static int rxrpc_drain_rx_oos_queue(struct rxrpc_call *call)
462 {
463 struct rxrpc_skb_priv *sp;
464 struct sk_buff *skb;
465 bool terminal;
466 int ret;
467
468 _enter("{%d,%d}", call->rx_data_post, call->rx_first_oos);
469
470 spin_lock_bh(&call->lock);
471
472 ret = -ECONNRESET;
473 if (test_bit(RXRPC_CALL_RELEASED, &call->flags))
474 goto socket_unavailable;
475
476 skb = skb_dequeue(&call->rx_oos_queue);
477 if (skb) {
478 sp = rxrpc_skb(skb);
479
480 _debug("drain OOS packet %d [%d]",
481 ntohl(sp->hdr.seq), call->rx_first_oos);
482
483 if (ntohl(sp->hdr.seq) != call->rx_first_oos) {
484 skb_queue_head(&call->rx_oos_queue, skb);
485 call->rx_first_oos = ntohl(rxrpc_skb(skb)->hdr.seq);
486 _debug("requeue %p {%u}", skb, call->rx_first_oos);
487 } else {
488 skb->mark = RXRPC_SKB_MARK_DATA;
489 terminal = ((sp->hdr.flags & RXRPC_LAST_PACKET) &&
490 !(sp->hdr.flags & RXRPC_CLIENT_INITIATED));
491 ret = rxrpc_queue_rcv_skb(call, skb, true, terminal);
492 BUG_ON(ret < 0);
493 _debug("drain #%u", call->rx_data_post);
494 call->rx_data_post++;
495
496 /* find out what the next packet is */
497 skb = skb_peek(&call->rx_oos_queue);
498 if (skb)
499 call->rx_first_oos =
500 ntohl(rxrpc_skb(skb)->hdr.seq);
501 else
502 call->rx_first_oos = 0;
503 _debug("peek %p {%u}", skb, call->rx_first_oos);
504 }
505 }
506
507 ret = 0;
508 socket_unavailable:
509 spin_unlock_bh(&call->lock);
510 _leave(" = %d", ret);
511 return ret;
512 }
513
514 /*
515 * insert an out of sequence packet into the buffer
516 */
rxrpc_insert_oos_packet(struct rxrpc_call * call,struct sk_buff * skb)517 static void rxrpc_insert_oos_packet(struct rxrpc_call *call,
518 struct sk_buff *skb)
519 {
520 struct rxrpc_skb_priv *sp, *psp;
521 struct sk_buff *p;
522 u32 seq;
523
524 sp = rxrpc_skb(skb);
525 seq = ntohl(sp->hdr.seq);
526 _enter(",,{%u}", seq);
527
528 skb->destructor = rxrpc_packet_destructor;
529 ASSERTCMP(sp->call, ==, NULL);
530 sp->call = call;
531 rxrpc_get_call(call);
532
533 /* insert into the buffer in sequence order */
534 spin_lock_bh(&call->lock);
535
536 skb_queue_walk(&call->rx_oos_queue, p) {
537 psp = rxrpc_skb(p);
538 if (ntohl(psp->hdr.seq) > seq) {
539 _debug("insert oos #%u before #%u",
540 seq, ntohl(psp->hdr.seq));
541 skb_insert(p, skb, &call->rx_oos_queue);
542 goto inserted;
543 }
544 }
545
546 _debug("append oos #%u", seq);
547 skb_queue_tail(&call->rx_oos_queue, skb);
548 inserted:
549
550 /* we might now have a new front to the queue */
551 if (call->rx_first_oos == 0 || seq < call->rx_first_oos)
552 call->rx_first_oos = seq;
553
554 read_lock(&call->state_lock);
555 if (call->state < RXRPC_CALL_COMPLETE &&
556 call->rx_data_post == call->rx_first_oos) {
557 _debug("drain rx oos now");
558 set_bit(RXRPC_CALL_DRAIN_RX_OOS, &call->events);
559 }
560 read_unlock(&call->state_lock);
561
562 spin_unlock_bh(&call->lock);
563 _leave(" [stored #%u]", call->rx_first_oos);
564 }
565
566 /*
567 * clear the Tx window on final ACK reception
568 */
rxrpc_zap_tx_window(struct rxrpc_call * call)569 static void rxrpc_zap_tx_window(struct rxrpc_call *call)
570 {
571 struct rxrpc_skb_priv *sp;
572 struct sk_buff *skb;
573 unsigned long _skb, *acks_window;
574 u8 winsz = call->acks_winsz;
575 int tail;
576
577 acks_window = call->acks_window;
578 call->acks_window = NULL;
579
580 while (CIRC_CNT(call->acks_head, call->acks_tail, winsz) > 0) {
581 tail = call->acks_tail;
582 smp_read_barrier_depends();
583 _skb = acks_window[tail] & ~1;
584 smp_mb();
585 call->acks_tail = (call->acks_tail + 1) & (winsz - 1);
586
587 skb = (struct sk_buff *) _skb;
588 sp = rxrpc_skb(skb);
589 _debug("+++ clear Tx %u", ntohl(sp->hdr.seq));
590 rxrpc_free_skb(skb);
591 }
592
593 kfree(acks_window);
594 }
595
596 /*
597 * process the extra information that may be appended to an ACK packet
598 */
rxrpc_extract_ackinfo(struct rxrpc_call * call,struct sk_buff * skb,unsigned int latest,int nAcks)599 static void rxrpc_extract_ackinfo(struct rxrpc_call *call, struct sk_buff *skb,
600 unsigned int latest, int nAcks)
601 {
602 struct rxrpc_ackinfo ackinfo;
603 struct rxrpc_peer *peer;
604 unsigned int mtu;
605
606 if (skb_copy_bits(skb, nAcks + 3, &ackinfo, sizeof(ackinfo)) < 0) {
607 _leave(" [no ackinfo]");
608 return;
609 }
610
611 _proto("Rx ACK %%%u Info { rx=%u max=%u rwin=%u jm=%u }",
612 latest,
613 ntohl(ackinfo.rxMTU), ntohl(ackinfo.maxMTU),
614 ntohl(ackinfo.rwind), ntohl(ackinfo.jumbo_max));
615
616 mtu = min(ntohl(ackinfo.rxMTU), ntohl(ackinfo.maxMTU));
617
618 peer = call->conn->trans->peer;
619 if (mtu < peer->maxdata) {
620 spin_lock_bh(&peer->lock);
621 peer->maxdata = mtu;
622 peer->mtu = mtu + peer->hdrsize;
623 spin_unlock_bh(&peer->lock);
624 _net("Net MTU %u (maxdata %u)", peer->mtu, peer->maxdata);
625 }
626 }
627
628 /*
629 * process packets in the reception queue
630 */
rxrpc_process_rx_queue(struct rxrpc_call * call,u32 * _abort_code)631 static int rxrpc_process_rx_queue(struct rxrpc_call *call,
632 u32 *_abort_code)
633 {
634 struct rxrpc_ackpacket ack;
635 struct rxrpc_skb_priv *sp;
636 struct sk_buff *skb;
637 bool post_ACK;
638 int latest;
639 u32 hard, tx;
640
641 _enter("");
642
643 process_further:
644 skb = skb_dequeue(&call->rx_queue);
645 if (!skb)
646 return -EAGAIN;
647
648 _net("deferred skb %p", skb);
649
650 sp = rxrpc_skb(skb);
651
652 _debug("process %s [st %d]", rxrpc_pkts[sp->hdr.type], call->state);
653
654 post_ACK = false;
655
656 switch (sp->hdr.type) {
657 /* data packets that wind up here have been received out of
658 * order, need security processing or are jumbo packets */
659 case RXRPC_PACKET_TYPE_DATA:
660 _proto("OOSQ DATA %%%u { #%u }",
661 ntohl(sp->hdr.serial), ntohl(sp->hdr.seq));
662
663 /* secured packets must be verified and possibly decrypted */
664 if (rxrpc_verify_packet(call, skb, _abort_code) < 0)
665 goto protocol_error;
666
667 rxrpc_insert_oos_packet(call, skb);
668 goto process_further;
669
670 /* partial ACK to process */
671 case RXRPC_PACKET_TYPE_ACK:
672 if (skb_copy_bits(skb, 0, &ack, sizeof(ack)) < 0) {
673 _debug("extraction failure");
674 goto protocol_error;
675 }
676 if (!skb_pull(skb, sizeof(ack)))
677 BUG();
678
679 latest = ntohl(sp->hdr.serial);
680 hard = ntohl(ack.firstPacket);
681 tx = atomic_read(&call->sequence);
682
683 _proto("Rx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }",
684 latest,
685 ntohs(ack.maxSkew),
686 hard,
687 ntohl(ack.previousPacket),
688 ntohl(ack.serial),
689 rxrpc_acks(ack.reason),
690 ack.nAcks);
691
692 rxrpc_extract_ackinfo(call, skb, latest, ack.nAcks);
693
694 if (ack.reason == RXRPC_ACK_PING) {
695 _proto("Rx ACK %%%u PING Request", latest);
696 rxrpc_propose_ACK(call, RXRPC_ACK_PING_RESPONSE,
697 sp->hdr.serial, true);
698 }
699
700 /* discard any out-of-order or duplicate ACKs */
701 if (latest - call->acks_latest <= 0) {
702 _debug("discard ACK %d <= %d",
703 latest, call->acks_latest);
704 goto discard;
705 }
706 call->acks_latest = latest;
707
708 if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
709 call->state != RXRPC_CALL_CLIENT_AWAIT_REPLY &&
710 call->state != RXRPC_CALL_SERVER_SEND_REPLY &&
711 call->state != RXRPC_CALL_SERVER_AWAIT_ACK)
712 goto discard;
713
714 _debug("Tx=%d H=%u S=%d", tx, call->acks_hard, call->state);
715
716 if (hard > 0) {
717 if (hard - 1 > tx) {
718 _debug("hard-ACK'd packet %d not transmitted"
719 " (%d top)",
720 hard - 1, tx);
721 goto protocol_error;
722 }
723
724 if ((call->state == RXRPC_CALL_CLIENT_AWAIT_REPLY ||
725 call->state == RXRPC_CALL_SERVER_AWAIT_ACK) &&
726 hard > tx) {
727 call->acks_hard = tx;
728 goto all_acked;
729 }
730
731 smp_rmb();
732 rxrpc_rotate_tx_window(call, hard - 1);
733 }
734
735 if (ack.nAcks > 0) {
736 if (hard - 1 + ack.nAcks > tx) {
737 _debug("soft-ACK'd packet %d+%d not"
738 " transmitted (%d top)",
739 hard - 1, ack.nAcks, tx);
740 goto protocol_error;
741 }
742
743 if (rxrpc_process_soft_ACKs(call, &ack, skb) < 0)
744 goto protocol_error;
745 }
746 goto discard;
747
748 /* complete ACK to process */
749 case RXRPC_PACKET_TYPE_ACKALL:
750 goto all_acked;
751
752 /* abort and busy are handled elsewhere */
753 case RXRPC_PACKET_TYPE_BUSY:
754 case RXRPC_PACKET_TYPE_ABORT:
755 BUG();
756
757 /* connection level events - also handled elsewhere */
758 case RXRPC_PACKET_TYPE_CHALLENGE:
759 case RXRPC_PACKET_TYPE_RESPONSE:
760 case RXRPC_PACKET_TYPE_DEBUG:
761 BUG();
762 }
763
764 /* if we've had a hard ACK that covers all the packets we've sent, then
765 * that ends that phase of the operation */
766 all_acked:
767 write_lock_bh(&call->state_lock);
768 _debug("ack all %d", call->state);
769
770 switch (call->state) {
771 case RXRPC_CALL_CLIENT_AWAIT_REPLY:
772 call->state = RXRPC_CALL_CLIENT_RECV_REPLY;
773 break;
774 case RXRPC_CALL_SERVER_AWAIT_ACK:
775 _debug("srv complete");
776 call->state = RXRPC_CALL_COMPLETE;
777 post_ACK = true;
778 break;
779 case RXRPC_CALL_CLIENT_SEND_REQUEST:
780 case RXRPC_CALL_SERVER_RECV_REQUEST:
781 goto protocol_error_unlock; /* can't occur yet */
782 default:
783 write_unlock_bh(&call->state_lock);
784 goto discard; /* assume packet left over from earlier phase */
785 }
786
787 write_unlock_bh(&call->state_lock);
788
789 /* if all the packets we sent are hard-ACK'd, then we can discard
790 * whatever we've got left */
791 _debug("clear Tx %d",
792 CIRC_CNT(call->acks_head, call->acks_tail, call->acks_winsz));
793
794 del_timer_sync(&call->resend_timer);
795 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
796 clear_bit(RXRPC_CALL_RESEND_TIMER, &call->events);
797
798 if (call->acks_window)
799 rxrpc_zap_tx_window(call);
800
801 if (post_ACK) {
802 /* post the final ACK message for userspace to pick up */
803 _debug("post ACK");
804 skb->mark = RXRPC_SKB_MARK_FINAL_ACK;
805 sp->call = call;
806 rxrpc_get_call(call);
807 spin_lock_bh(&call->lock);
808 if (rxrpc_queue_rcv_skb(call, skb, true, true) < 0)
809 BUG();
810 spin_unlock_bh(&call->lock);
811 goto process_further;
812 }
813
814 discard:
815 rxrpc_free_skb(skb);
816 goto process_further;
817
818 protocol_error_unlock:
819 write_unlock_bh(&call->state_lock);
820 protocol_error:
821 rxrpc_free_skb(skb);
822 _leave(" = -EPROTO");
823 return -EPROTO;
824 }
825
826 /*
827 * post a message to the socket Rx queue for recvmsg() to pick up
828 */
rxrpc_post_message(struct rxrpc_call * call,u32 mark,u32 error,bool fatal)829 static int rxrpc_post_message(struct rxrpc_call *call, u32 mark, u32 error,
830 bool fatal)
831 {
832 struct rxrpc_skb_priv *sp;
833 struct sk_buff *skb;
834 int ret;
835
836 _enter("{%d,%lx},%u,%u,%d",
837 call->debug_id, call->flags, mark, error, fatal);
838
839 /* remove timers and things for fatal messages */
840 if (fatal) {
841 del_timer_sync(&call->resend_timer);
842 del_timer_sync(&call->ack_timer);
843 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
844 }
845
846 if (mark != RXRPC_SKB_MARK_NEW_CALL &&
847 !test_bit(RXRPC_CALL_HAS_USERID, &call->flags)) {
848 _leave("[no userid]");
849 return 0;
850 }
851
852 if (!test_bit(RXRPC_CALL_TERMINAL_MSG, &call->flags)) {
853 skb = alloc_skb(0, GFP_NOFS);
854 if (!skb)
855 return -ENOMEM;
856
857 rxrpc_new_skb(skb);
858
859 skb->mark = mark;
860
861 sp = rxrpc_skb(skb);
862 memset(sp, 0, sizeof(*sp));
863 sp->error = error;
864 sp->call = call;
865 rxrpc_get_call(call);
866
867 spin_lock_bh(&call->lock);
868 ret = rxrpc_queue_rcv_skb(call, skb, true, fatal);
869 spin_unlock_bh(&call->lock);
870 BUG_ON(ret < 0);
871 }
872
873 return 0;
874 }
875
876 /*
877 * handle background processing of incoming call packets and ACK / abort
878 * generation
879 */
rxrpc_process_call(struct work_struct * work)880 void rxrpc_process_call(struct work_struct *work)
881 {
882 struct rxrpc_call *call =
883 container_of(work, struct rxrpc_call, processor);
884 struct rxrpc_ackpacket ack;
885 struct rxrpc_ackinfo ackinfo;
886 struct rxrpc_header hdr;
887 struct msghdr msg;
888 struct kvec iov[5];
889 unsigned long bits;
890 __be32 data, pad;
891 size_t len;
892 int genbit, loop, nbit, ioc, ret, mtu;
893 u32 abort_code = RX_PROTOCOL_ERROR;
894 u8 *acks = NULL;
895
896 //printk("\n--------------------\n");
897 _enter("{%d,%s,%lx} [%lu]",
898 call->debug_id, rxrpc_call_states[call->state], call->events,
899 (jiffies - call->creation_jif) / (HZ / 10));
900
901 if (test_and_set_bit(RXRPC_CALL_PROC_BUSY, &call->flags)) {
902 _debug("XXXXXXXXXXXXX RUNNING ON MULTIPLE CPUS XXXXXXXXXXXXX");
903 return;
904 }
905
906 /* there's a good chance we're going to have to send a message, so set
907 * one up in advance */
908 msg.msg_name = &call->conn->trans->peer->srx.transport.sin;
909 msg.msg_namelen = sizeof(call->conn->trans->peer->srx.transport.sin);
910 msg.msg_control = NULL;
911 msg.msg_controllen = 0;
912 msg.msg_flags = 0;
913
914 hdr.epoch = call->conn->epoch;
915 hdr.cid = call->cid;
916 hdr.callNumber = call->call_id;
917 hdr.seq = 0;
918 hdr.type = RXRPC_PACKET_TYPE_ACK;
919 hdr.flags = call->conn->out_clientflag;
920 hdr.userStatus = 0;
921 hdr.securityIndex = call->conn->security_ix;
922 hdr._rsvd = 0;
923 hdr.serviceId = call->conn->service_id;
924
925 memset(iov, 0, sizeof(iov));
926 iov[0].iov_base = &hdr;
927 iov[0].iov_len = sizeof(hdr);
928
929 /* deal with events of a final nature */
930 if (test_bit(RXRPC_CALL_RELEASE, &call->events)) {
931 rxrpc_release_call(call);
932 clear_bit(RXRPC_CALL_RELEASE, &call->events);
933 }
934
935 if (test_bit(RXRPC_CALL_RCVD_ERROR, &call->events)) {
936 int error;
937
938 clear_bit(RXRPC_CALL_CONN_ABORT, &call->events);
939 clear_bit(RXRPC_CALL_REJECT_BUSY, &call->events);
940 clear_bit(RXRPC_CALL_ABORT, &call->events);
941
942 error = call->conn->trans->peer->net_error;
943 _debug("post net error %d", error);
944
945 if (rxrpc_post_message(call, RXRPC_SKB_MARK_NET_ERROR,
946 error, true) < 0)
947 goto no_mem;
948 clear_bit(RXRPC_CALL_RCVD_ERROR, &call->events);
949 goto kill_ACKs;
950 }
951
952 if (test_bit(RXRPC_CALL_CONN_ABORT, &call->events)) {
953 ASSERTCMP(call->state, >, RXRPC_CALL_COMPLETE);
954
955 clear_bit(RXRPC_CALL_REJECT_BUSY, &call->events);
956 clear_bit(RXRPC_CALL_ABORT, &call->events);
957
958 _debug("post conn abort");
959
960 if (rxrpc_post_message(call, RXRPC_SKB_MARK_LOCAL_ERROR,
961 call->conn->error, true) < 0)
962 goto no_mem;
963 clear_bit(RXRPC_CALL_CONN_ABORT, &call->events);
964 goto kill_ACKs;
965 }
966
967 if (test_bit(RXRPC_CALL_REJECT_BUSY, &call->events)) {
968 hdr.type = RXRPC_PACKET_TYPE_BUSY;
969 genbit = RXRPC_CALL_REJECT_BUSY;
970 goto send_message;
971 }
972
973 if (test_bit(RXRPC_CALL_ABORT, &call->events)) {
974 ASSERTCMP(call->state, >, RXRPC_CALL_COMPLETE);
975
976 if (rxrpc_post_message(call, RXRPC_SKB_MARK_LOCAL_ERROR,
977 ECONNABORTED, true) < 0)
978 goto no_mem;
979 hdr.type = RXRPC_PACKET_TYPE_ABORT;
980 data = htonl(call->abort_code);
981 iov[1].iov_base = &data;
982 iov[1].iov_len = sizeof(data);
983 genbit = RXRPC_CALL_ABORT;
984 goto send_message;
985 }
986
987 if (test_bit(RXRPC_CALL_ACK_FINAL, &call->events)) {
988 genbit = RXRPC_CALL_ACK_FINAL;
989
990 ack.bufferSpace = htons(8);
991 ack.maxSkew = 0;
992 ack.serial = 0;
993 ack.reason = RXRPC_ACK_IDLE;
994 ack.nAcks = 0;
995 call->ackr_reason = 0;
996
997 spin_lock_bh(&call->lock);
998 ack.serial = call->ackr_serial;
999 ack.previousPacket = call->ackr_prev_seq;
1000 ack.firstPacket = htonl(call->rx_data_eaten + 1);
1001 spin_unlock_bh(&call->lock);
1002
1003 pad = 0;
1004
1005 iov[1].iov_base = &ack;
1006 iov[1].iov_len = sizeof(ack);
1007 iov[2].iov_base = &pad;
1008 iov[2].iov_len = 3;
1009 iov[3].iov_base = &ackinfo;
1010 iov[3].iov_len = sizeof(ackinfo);
1011 goto send_ACK;
1012 }
1013
1014 if (call->events & ((1 << RXRPC_CALL_RCVD_BUSY) |
1015 (1 << RXRPC_CALL_RCVD_ABORT))
1016 ) {
1017 u32 mark;
1018
1019 if (test_bit(RXRPC_CALL_RCVD_ABORT, &call->events))
1020 mark = RXRPC_SKB_MARK_REMOTE_ABORT;
1021 else
1022 mark = RXRPC_SKB_MARK_BUSY;
1023
1024 _debug("post abort/busy");
1025 rxrpc_clear_tx_window(call);
1026 if (rxrpc_post_message(call, mark, ECONNABORTED, true) < 0)
1027 goto no_mem;
1028
1029 clear_bit(RXRPC_CALL_RCVD_BUSY, &call->events);
1030 clear_bit(RXRPC_CALL_RCVD_ABORT, &call->events);
1031 goto kill_ACKs;
1032 }
1033
1034 if (test_and_clear_bit(RXRPC_CALL_RCVD_ACKALL, &call->events)) {
1035 _debug("do implicit ackall");
1036 rxrpc_clear_tx_window(call);
1037 }
1038
1039 if (test_bit(RXRPC_CALL_LIFE_TIMER, &call->events)) {
1040 write_lock_bh(&call->state_lock);
1041 if (call->state <= RXRPC_CALL_COMPLETE) {
1042 call->state = RXRPC_CALL_LOCALLY_ABORTED;
1043 call->abort_code = RX_CALL_TIMEOUT;
1044 set_bit(RXRPC_CALL_ABORT, &call->events);
1045 }
1046 write_unlock_bh(&call->state_lock);
1047
1048 _debug("post timeout");
1049 if (rxrpc_post_message(call, RXRPC_SKB_MARK_LOCAL_ERROR,
1050 ETIME, true) < 0)
1051 goto no_mem;
1052
1053 clear_bit(RXRPC_CALL_LIFE_TIMER, &call->events);
1054 goto kill_ACKs;
1055 }
1056
1057 /* deal with assorted inbound messages */
1058 if (!skb_queue_empty(&call->rx_queue)) {
1059 switch (rxrpc_process_rx_queue(call, &abort_code)) {
1060 case 0:
1061 case -EAGAIN:
1062 break;
1063 case -ENOMEM:
1064 goto no_mem;
1065 case -EKEYEXPIRED:
1066 case -EKEYREJECTED:
1067 case -EPROTO:
1068 rxrpc_abort_call(call, abort_code);
1069 goto kill_ACKs;
1070 }
1071 }
1072
1073 /* handle resending */
1074 if (test_and_clear_bit(RXRPC_CALL_RESEND_TIMER, &call->events))
1075 rxrpc_resend_timer(call);
1076 if (test_and_clear_bit(RXRPC_CALL_RESEND, &call->events))
1077 rxrpc_resend(call);
1078
1079 /* consider sending an ordinary ACK */
1080 if (test_bit(RXRPC_CALL_ACK, &call->events)) {
1081 _debug("send ACK: window: %d - %d { %lx }",
1082 call->rx_data_eaten, call->ackr_win_top,
1083 call->ackr_window[0]);
1084
1085 if (call->state > RXRPC_CALL_SERVER_ACK_REQUEST &&
1086 call->ackr_reason != RXRPC_ACK_PING_RESPONSE) {
1087 /* ACK by sending reply DATA packet in this state */
1088 clear_bit(RXRPC_CALL_ACK, &call->events);
1089 goto maybe_reschedule;
1090 }
1091
1092 genbit = RXRPC_CALL_ACK;
1093
1094 acks = kzalloc(call->ackr_win_top - call->rx_data_eaten,
1095 GFP_NOFS);
1096 if (!acks)
1097 goto no_mem;
1098
1099 //hdr.flags = RXRPC_SLOW_START_OK;
1100 ack.bufferSpace = htons(8);
1101 ack.maxSkew = 0;
1102 ack.serial = 0;
1103 ack.reason = 0;
1104
1105 spin_lock_bh(&call->lock);
1106 ack.reason = call->ackr_reason;
1107 ack.serial = call->ackr_serial;
1108 ack.previousPacket = call->ackr_prev_seq;
1109 ack.firstPacket = htonl(call->rx_data_eaten + 1);
1110
1111 ack.nAcks = 0;
1112 for (loop = 0; loop < RXRPC_ACKR_WINDOW_ASZ; loop++) {
1113 nbit = loop * BITS_PER_LONG;
1114 for (bits = call->ackr_window[loop]; bits; bits >>= 1
1115 ) {
1116 _debug("- l=%d n=%d b=%lx", loop, nbit, bits);
1117 if (bits & 1) {
1118 acks[nbit] = RXRPC_ACK_TYPE_ACK;
1119 ack.nAcks = nbit + 1;
1120 }
1121 nbit++;
1122 }
1123 }
1124 call->ackr_reason = 0;
1125 spin_unlock_bh(&call->lock);
1126
1127 pad = 0;
1128
1129 iov[1].iov_base = &ack;
1130 iov[1].iov_len = sizeof(ack);
1131 iov[2].iov_base = acks;
1132 iov[2].iov_len = ack.nAcks;
1133 iov[3].iov_base = &pad;
1134 iov[3].iov_len = 3;
1135 iov[4].iov_base = &ackinfo;
1136 iov[4].iov_len = sizeof(ackinfo);
1137
1138 switch (ack.reason) {
1139 case RXRPC_ACK_REQUESTED:
1140 case RXRPC_ACK_DUPLICATE:
1141 case RXRPC_ACK_OUT_OF_SEQUENCE:
1142 case RXRPC_ACK_EXCEEDS_WINDOW:
1143 case RXRPC_ACK_NOSPACE:
1144 case RXRPC_ACK_PING:
1145 case RXRPC_ACK_PING_RESPONSE:
1146 goto send_ACK_with_skew;
1147 case RXRPC_ACK_DELAY:
1148 case RXRPC_ACK_IDLE:
1149 goto send_ACK;
1150 }
1151 }
1152
1153 /* handle completion of security negotiations on an incoming
1154 * connection */
1155 if (test_and_clear_bit(RXRPC_CALL_SECURED, &call->events)) {
1156 _debug("secured");
1157 spin_lock_bh(&call->lock);
1158
1159 if (call->state == RXRPC_CALL_SERVER_SECURING) {
1160 _debug("securing");
1161 write_lock(&call->conn->lock);
1162 if (!test_bit(RXRPC_CALL_RELEASED, &call->flags) &&
1163 !test_bit(RXRPC_CALL_RELEASE, &call->events)) {
1164 _debug("not released");
1165 call->state = RXRPC_CALL_SERVER_ACCEPTING;
1166 list_move_tail(&call->accept_link,
1167 &call->socket->acceptq);
1168 }
1169 write_unlock(&call->conn->lock);
1170 read_lock(&call->state_lock);
1171 if (call->state < RXRPC_CALL_COMPLETE)
1172 set_bit(RXRPC_CALL_POST_ACCEPT, &call->events);
1173 read_unlock(&call->state_lock);
1174 }
1175
1176 spin_unlock_bh(&call->lock);
1177 if (!test_bit(RXRPC_CALL_POST_ACCEPT, &call->events))
1178 goto maybe_reschedule;
1179 }
1180
1181 /* post a notification of an acceptable connection to the app */
1182 if (test_bit(RXRPC_CALL_POST_ACCEPT, &call->events)) {
1183 _debug("post accept");
1184 if (rxrpc_post_message(call, RXRPC_SKB_MARK_NEW_CALL,
1185 0, false) < 0)
1186 goto no_mem;
1187 clear_bit(RXRPC_CALL_POST_ACCEPT, &call->events);
1188 goto maybe_reschedule;
1189 }
1190
1191 /* handle incoming call acceptance */
1192 if (test_and_clear_bit(RXRPC_CALL_ACCEPTED, &call->events)) {
1193 _debug("accepted");
1194 ASSERTCMP(call->rx_data_post, ==, 0);
1195 call->rx_data_post = 1;
1196 read_lock_bh(&call->state_lock);
1197 if (call->state < RXRPC_CALL_COMPLETE)
1198 set_bit(RXRPC_CALL_DRAIN_RX_OOS, &call->events);
1199 read_unlock_bh(&call->state_lock);
1200 }
1201
1202 /* drain the out of sequence received packet queue into the packet Rx
1203 * queue */
1204 if (test_and_clear_bit(RXRPC_CALL_DRAIN_RX_OOS, &call->events)) {
1205 while (call->rx_data_post == call->rx_first_oos)
1206 if (rxrpc_drain_rx_oos_queue(call) < 0)
1207 break;
1208 goto maybe_reschedule;
1209 }
1210
1211 /* other events may have been raised since we started checking */
1212 goto maybe_reschedule;
1213
1214 send_ACK_with_skew:
1215 ack.maxSkew = htons(atomic_read(&call->conn->hi_serial) -
1216 ntohl(ack.serial));
1217 send_ACK:
1218 mtu = call->conn->trans->peer->if_mtu;
1219 mtu -= call->conn->trans->peer->hdrsize;
1220 ackinfo.maxMTU = htonl(mtu);
1221 ackinfo.rwind = htonl(rxrpc_rx_window_size);
1222
1223 /* permit the peer to send us jumbo packets if it wants to */
1224 ackinfo.rxMTU = htonl(rxrpc_rx_mtu);
1225 ackinfo.jumbo_max = htonl(rxrpc_rx_jumbo_max);
1226
1227 hdr.serial = htonl(atomic_inc_return(&call->conn->serial));
1228 _proto("Tx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }",
1229 ntohl(hdr.serial),
1230 ntohs(ack.maxSkew),
1231 ntohl(ack.firstPacket),
1232 ntohl(ack.previousPacket),
1233 ntohl(ack.serial),
1234 rxrpc_acks(ack.reason),
1235 ack.nAcks);
1236
1237 del_timer_sync(&call->ack_timer);
1238 if (ack.nAcks > 0)
1239 set_bit(RXRPC_CALL_TX_SOFT_ACK, &call->flags);
1240 goto send_message_2;
1241
1242 send_message:
1243 _debug("send message");
1244
1245 hdr.serial = htonl(atomic_inc_return(&call->conn->serial));
1246 _proto("Tx %s %%%u", rxrpc_pkts[hdr.type], ntohl(hdr.serial));
1247 send_message_2:
1248
1249 len = iov[0].iov_len;
1250 ioc = 1;
1251 if (iov[4].iov_len) {
1252 ioc = 5;
1253 len += iov[4].iov_len;
1254 len += iov[3].iov_len;
1255 len += iov[2].iov_len;
1256 len += iov[1].iov_len;
1257 } else if (iov[3].iov_len) {
1258 ioc = 4;
1259 len += iov[3].iov_len;
1260 len += iov[2].iov_len;
1261 len += iov[1].iov_len;
1262 } else if (iov[2].iov_len) {
1263 ioc = 3;
1264 len += iov[2].iov_len;
1265 len += iov[1].iov_len;
1266 } else if (iov[1].iov_len) {
1267 ioc = 2;
1268 len += iov[1].iov_len;
1269 }
1270
1271 ret = kernel_sendmsg(call->conn->trans->local->socket,
1272 &msg, iov, ioc, len);
1273 if (ret < 0) {
1274 _debug("sendmsg failed: %d", ret);
1275 read_lock_bh(&call->state_lock);
1276 if (call->state < RXRPC_CALL_DEAD)
1277 rxrpc_queue_call(call);
1278 read_unlock_bh(&call->state_lock);
1279 goto error;
1280 }
1281
1282 switch (genbit) {
1283 case RXRPC_CALL_ABORT:
1284 clear_bit(genbit, &call->events);
1285 clear_bit(RXRPC_CALL_RCVD_ABORT, &call->events);
1286 goto kill_ACKs;
1287
1288 case RXRPC_CALL_ACK_FINAL:
1289 write_lock_bh(&call->state_lock);
1290 if (call->state == RXRPC_CALL_CLIENT_FINAL_ACK)
1291 call->state = RXRPC_CALL_COMPLETE;
1292 write_unlock_bh(&call->state_lock);
1293 goto kill_ACKs;
1294
1295 default:
1296 clear_bit(genbit, &call->events);
1297 switch (call->state) {
1298 case RXRPC_CALL_CLIENT_AWAIT_REPLY:
1299 case RXRPC_CALL_CLIENT_RECV_REPLY:
1300 case RXRPC_CALL_SERVER_RECV_REQUEST:
1301 case RXRPC_CALL_SERVER_ACK_REQUEST:
1302 _debug("start ACK timer");
1303 rxrpc_propose_ACK(call, RXRPC_ACK_DELAY,
1304 call->ackr_serial, false);
1305 default:
1306 break;
1307 }
1308 goto maybe_reschedule;
1309 }
1310
1311 kill_ACKs:
1312 del_timer_sync(&call->ack_timer);
1313 if (test_and_clear_bit(RXRPC_CALL_ACK_FINAL, &call->events))
1314 rxrpc_put_call(call);
1315 clear_bit(RXRPC_CALL_ACK, &call->events);
1316
1317 maybe_reschedule:
1318 if (call->events || !skb_queue_empty(&call->rx_queue)) {
1319 read_lock_bh(&call->state_lock);
1320 if (call->state < RXRPC_CALL_DEAD)
1321 rxrpc_queue_call(call);
1322 read_unlock_bh(&call->state_lock);
1323 }
1324
1325 /* don't leave aborted connections on the accept queue */
1326 if (call->state >= RXRPC_CALL_COMPLETE &&
1327 !list_empty(&call->accept_link)) {
1328 _debug("X unlinking once-pending call %p { e=%lx f=%lx c=%x }",
1329 call, call->events, call->flags,
1330 ntohl(call->conn->cid));
1331
1332 read_lock_bh(&call->state_lock);
1333 if (!test_bit(RXRPC_CALL_RELEASED, &call->flags) &&
1334 !test_and_set_bit(RXRPC_CALL_RELEASE, &call->events))
1335 rxrpc_queue_call(call);
1336 read_unlock_bh(&call->state_lock);
1337 }
1338
1339 error:
1340 clear_bit(RXRPC_CALL_PROC_BUSY, &call->flags);
1341 kfree(acks);
1342
1343 /* because we don't want two CPUs both processing the work item for one
1344 * call at the same time, we use a flag to note when it's busy; however
1345 * this means there's a race between clearing the flag and setting the
1346 * work pending bit and the work item being processed again */
1347 if (call->events && !work_pending(&call->processor)) {
1348 _debug("jumpstart %x", ntohl(call->conn->cid));
1349 rxrpc_queue_call(call);
1350 }
1351
1352 _leave("");
1353 return;
1354
1355 no_mem:
1356 _debug("out of memory");
1357 goto maybe_reschedule;
1358 }
1359