• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* AF_RXRPC sendmsg() implementation.
2  *
3  * Copyright (C) 2007, 2016 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public Licence
8  * as published by the Free Software Foundation; either version
9  * 2 of the Licence, or (at your option) any later version.
10  */
11 
12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13 
14 #include <linux/net.h>
15 #include <linux/gfp.h>
16 #include <linux/skbuff.h>
17 #include <linux/export.h>
18 #include <net/sock.h>
19 #include <net/af_rxrpc.h>
20 #include "ar-internal.h"
21 
22 enum rxrpc_command {
23 	RXRPC_CMD_SEND_DATA,		/* send data message */
24 	RXRPC_CMD_SEND_ABORT,		/* request abort generation */
25 	RXRPC_CMD_ACCEPT,		/* [server] accept incoming call */
26 	RXRPC_CMD_REJECT_BUSY,		/* [server] reject a call as busy */
27 };
28 
29 /*
30  * wait for space to appear in the transmit/ACK window
31  * - caller holds the socket locked
32  */
rxrpc_wait_for_tx_window(struct rxrpc_sock * rx,struct rxrpc_call * call,long * timeo)33 static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx,
34 				    struct rxrpc_call *call,
35 				    long *timeo)
36 {
37 	DECLARE_WAITQUEUE(myself, current);
38 	int ret;
39 
40 	_enter(",{%u,%u,%u}",
41 	       call->tx_hard_ack, call->tx_top, call->tx_winsize);
42 
43 	add_wait_queue(&call->waitq, &myself);
44 
45 	for (;;) {
46 		set_current_state(TASK_INTERRUPTIBLE);
47 		ret = 0;
48 		if (call->tx_top - call->tx_hard_ack <
49 		    min_t(unsigned int, call->tx_winsize,
50 			  call->cong_cwnd + call->cong_extra))
51 			break;
52 		if (call->state >= RXRPC_CALL_COMPLETE) {
53 			ret = -call->error;
54 			break;
55 		}
56 		if (signal_pending(current)) {
57 			ret = sock_intr_errno(*timeo);
58 			break;
59 		}
60 
61 		trace_rxrpc_transmit(call, rxrpc_transmit_wait);
62 		release_sock(&rx->sk);
63 		*timeo = schedule_timeout(*timeo);
64 		lock_sock(&rx->sk);
65 	}
66 
67 	remove_wait_queue(&call->waitq, &myself);
68 	set_current_state(TASK_RUNNING);
69 	_leave(" = %d", ret);
70 	return ret;
71 }
72 
73 /*
74  * Schedule an instant Tx resend.
75  */
rxrpc_instant_resend(struct rxrpc_call * call,int ix)76 static inline void rxrpc_instant_resend(struct rxrpc_call *call, int ix)
77 {
78 	spin_lock_bh(&call->lock);
79 
80 	if (call->state < RXRPC_CALL_COMPLETE) {
81 		call->rxtx_annotations[ix] = RXRPC_TX_ANNO_RETRANS;
82 		if (!test_and_set_bit(RXRPC_CALL_EV_RESEND, &call->events))
83 			rxrpc_queue_call(call);
84 	}
85 
86 	spin_unlock_bh(&call->lock);
87 }
88 
89 /*
90  * Queue a DATA packet for transmission, set the resend timeout and send the
91  * packet immediately
92  */
rxrpc_queue_packet(struct rxrpc_call * call,struct sk_buff * skb,bool last)93 static void rxrpc_queue_packet(struct rxrpc_call *call, struct sk_buff *skb,
94 			       bool last)
95 {
96 	struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
97 	rxrpc_seq_t seq = sp->hdr.seq;
98 	int ret, ix;
99 	u8 annotation = RXRPC_TX_ANNO_UNACK;
100 
101 	_net("queue skb %p [%d]", skb, seq);
102 
103 	ASSERTCMP(seq, ==, call->tx_top + 1);
104 
105 	if (last)
106 		annotation |= RXRPC_TX_ANNO_LAST;
107 
108 	/* We have to set the timestamp before queueing as the retransmit
109 	 * algorithm can see the packet as soon as we queue it.
110 	 */
111 	skb->tstamp = ktime_get_real();
112 
113 	ix = seq & RXRPC_RXTX_BUFF_MASK;
114 	rxrpc_get_skb(skb, rxrpc_skb_tx_got);
115 	call->rxtx_annotations[ix] = annotation;
116 	smp_wmb();
117 	call->rxtx_buffer[ix] = skb;
118 	call->tx_top = seq;
119 	if (last)
120 		trace_rxrpc_transmit(call, rxrpc_transmit_queue_last);
121 	else
122 		trace_rxrpc_transmit(call, rxrpc_transmit_queue);
123 
124 	if (last || call->state == RXRPC_CALL_SERVER_ACK_REQUEST) {
125 		_debug("________awaiting reply/ACK__________");
126 		write_lock_bh(&call->state_lock);
127 		switch (call->state) {
128 		case RXRPC_CALL_CLIENT_SEND_REQUEST:
129 			call->state = RXRPC_CALL_CLIENT_AWAIT_REPLY;
130 			break;
131 		case RXRPC_CALL_SERVER_ACK_REQUEST:
132 			call->state = RXRPC_CALL_SERVER_SEND_REPLY;
133 			call->ack_at = call->expire_at;
134 			if (call->ackr_reason == RXRPC_ACK_DELAY)
135 				call->ackr_reason = 0;
136 			__rxrpc_set_timer(call, rxrpc_timer_init_for_send_reply,
137 					  ktime_get_real());
138 			if (!last)
139 				break;
140 		case RXRPC_CALL_SERVER_SEND_REPLY:
141 			call->state = RXRPC_CALL_SERVER_AWAIT_ACK;
142 			break;
143 		default:
144 			break;
145 		}
146 		write_unlock_bh(&call->state_lock);
147 	}
148 
149 	if (seq == 1 && rxrpc_is_client_call(call))
150 		rxrpc_expose_client_call(call);
151 
152 	ret = rxrpc_send_data_packet(call, skb, false);
153 	if (ret < 0) {
154 		_debug("need instant resend %d", ret);
155 		rxrpc_instant_resend(call, ix);
156 	} else {
157 		ktime_t now = ktime_get_real(), resend_at;
158 
159 		resend_at = ktime_add_ms(now, rxrpc_resend_timeout);
160 
161 		if (ktime_before(resend_at, call->resend_at)) {
162 			call->resend_at = resend_at;
163 			rxrpc_set_timer(call, rxrpc_timer_set_for_send, now);
164 		}
165 	}
166 
167 	rxrpc_free_skb(skb, rxrpc_skb_tx_freed);
168 	_leave("");
169 }
170 
171 /*
172  * send data through a socket
173  * - must be called in process context
174  * - caller holds the socket locked
175  */
rxrpc_send_data(struct rxrpc_sock * rx,struct rxrpc_call * call,struct msghdr * msg,size_t len)176 static int rxrpc_send_data(struct rxrpc_sock *rx,
177 			   struct rxrpc_call *call,
178 			   struct msghdr *msg, size_t len)
179 {
180 	struct rxrpc_skb_priv *sp;
181 	struct sk_buff *skb;
182 	struct sock *sk = &rx->sk;
183 	long timeo;
184 	bool more;
185 	int ret, copied;
186 
187 	timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
188 
189 	/* this should be in poll */
190 	sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
191 
192 	if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN))
193 		return -EPIPE;
194 
195 	more = msg->msg_flags & MSG_MORE;
196 
197 	skb = call->tx_pending;
198 	call->tx_pending = NULL;
199 	rxrpc_see_skb(skb, rxrpc_skb_tx_seen);
200 
201 	copied = 0;
202 	do {
203 		/* Check to see if there's a ping ACK to reply to. */
204 		if (call->ackr_reason == RXRPC_ACK_PING_RESPONSE)
205 			rxrpc_send_ack_packet(call, false);
206 
207 		if (!skb) {
208 			size_t size, chunk, max, space;
209 
210 			_debug("alloc");
211 
212 			if (call->tx_top - call->tx_hard_ack >=
213 			    min_t(unsigned int, call->tx_winsize,
214 				  call->cong_cwnd + call->cong_extra)) {
215 				ret = -EAGAIN;
216 				if (msg->msg_flags & MSG_DONTWAIT)
217 					goto maybe_error;
218 				ret = rxrpc_wait_for_tx_window(rx, call,
219 							       &timeo);
220 				if (ret < 0)
221 					goto maybe_error;
222 			}
223 
224 			max = RXRPC_JUMBO_DATALEN;
225 			max -= call->conn->security_size;
226 			max &= ~(call->conn->size_align - 1UL);
227 
228 			chunk = max;
229 			if (chunk > msg_data_left(msg) && !more)
230 				chunk = msg_data_left(msg);
231 
232 			space = chunk + call->conn->size_align;
233 			space &= ~(call->conn->size_align - 1UL);
234 
235 			size = space + call->conn->security_size;
236 
237 			_debug("SIZE: %zu/%zu/%zu", chunk, space, size);
238 
239 			/* create a buffer that we can retain until it's ACK'd */
240 			skb = sock_alloc_send_skb(
241 				sk, size, msg->msg_flags & MSG_DONTWAIT, &ret);
242 			if (!skb)
243 				goto maybe_error;
244 
245 			rxrpc_new_skb(skb, rxrpc_skb_tx_new);
246 
247 			_debug("ALLOC SEND %p", skb);
248 
249 			ASSERTCMP(skb->mark, ==, 0);
250 
251 			_debug("HS: %u", call->conn->security_size);
252 			skb_reserve(skb, call->conn->security_size);
253 			skb->len += call->conn->security_size;
254 
255 			sp = rxrpc_skb(skb);
256 			sp->remain = chunk;
257 			if (sp->remain > skb_tailroom(skb))
258 				sp->remain = skb_tailroom(skb);
259 
260 			_net("skb: hr %d, tr %d, hl %d, rm %d",
261 			       skb_headroom(skb),
262 			       skb_tailroom(skb),
263 			       skb_headlen(skb),
264 			       sp->remain);
265 
266 			skb->ip_summed = CHECKSUM_UNNECESSARY;
267 		}
268 
269 		_debug("append");
270 		sp = rxrpc_skb(skb);
271 
272 		/* append next segment of data to the current buffer */
273 		if (msg_data_left(msg) > 0) {
274 			int copy = skb_tailroom(skb);
275 			ASSERTCMP(copy, >, 0);
276 			if (copy > msg_data_left(msg))
277 				copy = msg_data_left(msg);
278 			if (copy > sp->remain)
279 				copy = sp->remain;
280 
281 			_debug("add");
282 			ret = skb_add_data(skb, &msg->msg_iter, copy);
283 			_debug("added");
284 			if (ret < 0)
285 				goto efault;
286 			sp->remain -= copy;
287 			skb->mark += copy;
288 			copied += copy;
289 		}
290 
291 		/* check for the far side aborting the call or a network error
292 		 * occurring */
293 		if (call->state == RXRPC_CALL_COMPLETE)
294 			goto call_terminated;
295 
296 		/* add the packet to the send queue if it's now full */
297 		if (sp->remain <= 0 ||
298 		    (msg_data_left(msg) == 0 && !more)) {
299 			struct rxrpc_connection *conn = call->conn;
300 			uint32_t seq;
301 			size_t pad;
302 
303 			/* pad out if we're using security */
304 			if (conn->security_ix) {
305 				pad = conn->security_size + skb->mark;
306 				pad = conn->size_align - pad;
307 				pad &= conn->size_align - 1;
308 				_debug("pad %zu", pad);
309 				if (pad)
310 					memset(skb_put(skb, pad), 0, pad);
311 			}
312 
313 			seq = call->tx_top + 1;
314 
315 			sp->hdr.seq	= seq;
316 			sp->hdr._rsvd	= 0;
317 			sp->hdr.flags	= conn->out_clientflag;
318 
319 			if (msg_data_left(msg) == 0 && !more)
320 				sp->hdr.flags |= RXRPC_LAST_PACKET;
321 			else if (call->tx_top - call->tx_hard_ack <
322 				 call->tx_winsize)
323 				sp->hdr.flags |= RXRPC_MORE_PACKETS;
324 
325 			ret = conn->security->secure_packet(
326 				call, skb, skb->mark, skb->head);
327 			if (ret < 0)
328 				goto out;
329 
330 			rxrpc_queue_packet(call, skb, !msg_data_left(msg) && !more);
331 			skb = NULL;
332 		}
333 	} while (msg_data_left(msg) > 0);
334 
335 success:
336 	ret = copied;
337 out:
338 	call->tx_pending = skb;
339 	_leave(" = %d", ret);
340 	return ret;
341 
342 call_terminated:
343 	rxrpc_free_skb(skb, rxrpc_skb_tx_freed);
344 	_leave(" = %d", -call->error);
345 	return -call->error;
346 
347 maybe_error:
348 	if (copied)
349 		goto success;
350 	goto out;
351 
352 efault:
353 	ret = -EFAULT;
354 	goto out;
355 }
356 
357 /*
358  * extract control messages from the sendmsg() control buffer
359  */
rxrpc_sendmsg_cmsg(struct msghdr * msg,unsigned long * user_call_ID,enum rxrpc_command * command,u32 * abort_code,bool * _exclusive)360 static int rxrpc_sendmsg_cmsg(struct msghdr *msg,
361 			      unsigned long *user_call_ID,
362 			      enum rxrpc_command *command,
363 			      u32 *abort_code,
364 			      bool *_exclusive)
365 {
366 	struct cmsghdr *cmsg;
367 	bool got_user_ID = false;
368 	int len;
369 
370 	*command = RXRPC_CMD_SEND_DATA;
371 
372 	if (msg->msg_controllen == 0)
373 		return -EINVAL;
374 
375 	for_each_cmsghdr(cmsg, msg) {
376 		if (!CMSG_OK(msg, cmsg))
377 			return -EINVAL;
378 
379 		len = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
380 		_debug("CMSG %d, %d, %d",
381 		       cmsg->cmsg_level, cmsg->cmsg_type, len);
382 
383 		if (cmsg->cmsg_level != SOL_RXRPC)
384 			continue;
385 
386 		switch (cmsg->cmsg_type) {
387 		case RXRPC_USER_CALL_ID:
388 			if (msg->msg_flags & MSG_CMSG_COMPAT) {
389 				if (len != sizeof(u32))
390 					return -EINVAL;
391 				*user_call_ID = *(u32 *) CMSG_DATA(cmsg);
392 			} else {
393 				if (len != sizeof(unsigned long))
394 					return -EINVAL;
395 				*user_call_ID = *(unsigned long *)
396 					CMSG_DATA(cmsg);
397 			}
398 			_debug("User Call ID %lx", *user_call_ID);
399 			got_user_ID = true;
400 			break;
401 
402 		case RXRPC_ABORT:
403 			if (*command != RXRPC_CMD_SEND_DATA)
404 				return -EINVAL;
405 			*command = RXRPC_CMD_SEND_ABORT;
406 			if (len != sizeof(*abort_code))
407 				return -EINVAL;
408 			*abort_code = *(unsigned int *) CMSG_DATA(cmsg);
409 			_debug("Abort %x", *abort_code);
410 			if (*abort_code == 0)
411 				return -EINVAL;
412 			break;
413 
414 		case RXRPC_ACCEPT:
415 			if (*command != RXRPC_CMD_SEND_DATA)
416 				return -EINVAL;
417 			*command = RXRPC_CMD_ACCEPT;
418 			if (len != 0)
419 				return -EINVAL;
420 			break;
421 
422 		case RXRPC_EXCLUSIVE_CALL:
423 			*_exclusive = true;
424 			if (len != 0)
425 				return -EINVAL;
426 			break;
427 		default:
428 			return -EINVAL;
429 		}
430 	}
431 
432 	if (!got_user_ID)
433 		return -EINVAL;
434 	_leave(" = 0");
435 	return 0;
436 }
437 
438 /*
439  * Create a new client call for sendmsg().
440  */
441 static struct rxrpc_call *
rxrpc_new_client_call_for_sendmsg(struct rxrpc_sock * rx,struct msghdr * msg,unsigned long user_call_ID,bool exclusive)442 rxrpc_new_client_call_for_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg,
443 				  unsigned long user_call_ID, bool exclusive)
444 {
445 	struct rxrpc_conn_parameters cp;
446 	struct rxrpc_call *call;
447 	struct key *key;
448 
449 	DECLARE_SOCKADDR(struct sockaddr_rxrpc *, srx, msg->msg_name);
450 
451 	_enter("");
452 
453 	if (!msg->msg_name)
454 		return ERR_PTR(-EDESTADDRREQ);
455 
456 	key = rx->key;
457 	if (key && !rx->key->payload.data[0])
458 		key = NULL;
459 
460 	memset(&cp, 0, sizeof(cp));
461 	cp.local		= rx->local;
462 	cp.key			= rx->key;
463 	cp.security_level	= rx->min_sec_level;
464 	cp.exclusive		= rx->exclusive | exclusive;
465 	cp.service_id		= srx->srx_service;
466 	call = rxrpc_new_client_call(rx, &cp, srx, user_call_ID, GFP_KERNEL);
467 
468 	_leave(" = %p\n", call);
469 	return call;
470 }
471 
472 /*
473  * send a message forming part of a client call through an RxRPC socket
474  * - caller holds the socket locked
475  * - the socket may be either a client socket or a server socket
476  */
rxrpc_do_sendmsg(struct rxrpc_sock * rx,struct msghdr * msg,size_t len)477 int rxrpc_do_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg, size_t len)
478 {
479 	enum rxrpc_command cmd;
480 	struct rxrpc_call *call;
481 	unsigned long user_call_ID = 0;
482 	bool exclusive = false;
483 	u32 abort_code = 0;
484 	int ret;
485 
486 	_enter("");
487 
488 	ret = rxrpc_sendmsg_cmsg(msg, &user_call_ID, &cmd, &abort_code,
489 				 &exclusive);
490 	if (ret < 0)
491 		return ret;
492 
493 	if (cmd == RXRPC_CMD_ACCEPT) {
494 		if (rx->sk.sk_state != RXRPC_SERVER_LISTENING)
495 			return -EINVAL;
496 		call = rxrpc_accept_call(rx, user_call_ID, NULL);
497 		if (IS_ERR(call))
498 			return PTR_ERR(call);
499 		rxrpc_put_call(call, rxrpc_call_put);
500 		return 0;
501 	}
502 
503 	call = rxrpc_find_call_by_user_ID(rx, user_call_ID);
504 	if (!call) {
505 		if (cmd != RXRPC_CMD_SEND_DATA)
506 			return -EBADSLT;
507 		call = rxrpc_new_client_call_for_sendmsg(rx, msg, user_call_ID,
508 							 exclusive);
509 		if (IS_ERR(call))
510 			return PTR_ERR(call);
511 	}
512 
513 	_debug("CALL %d USR %lx ST %d on CONN %p",
514 	       call->debug_id, call->user_call_ID, call->state, call->conn);
515 
516 	if (call->state >= RXRPC_CALL_COMPLETE) {
517 		/* it's too late for this call */
518 		ret = -ESHUTDOWN;
519 	} else if (cmd == RXRPC_CMD_SEND_ABORT) {
520 		ret = 0;
521 		if (rxrpc_abort_call("CMD", call, 0, abort_code, ECONNABORTED))
522 			ret = rxrpc_send_abort_packet(call);
523 	} else if (cmd != RXRPC_CMD_SEND_DATA) {
524 		ret = -EINVAL;
525 	} else if (rxrpc_is_client_call(call) &&
526 		   call->state != RXRPC_CALL_CLIENT_SEND_REQUEST) {
527 		/* request phase complete for this client call */
528 		ret = -EPROTO;
529 	} else if (rxrpc_is_service_call(call) &&
530 		   call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
531 		   call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
532 		/* Reply phase not begun or not complete for service call. */
533 		ret = -EPROTO;
534 	} else {
535 		ret = rxrpc_send_data(rx, call, msg, len);
536 	}
537 
538 	rxrpc_put_call(call, rxrpc_call_put);
539 	_leave(" = %d", ret);
540 	return ret;
541 }
542 
543 /**
544  * rxrpc_kernel_send_data - Allow a kernel service to send data on a call
545  * @sock: The socket the call is on
546  * @call: The call to send data through
547  * @msg: The data to send
548  * @len: The amount of data to send
549  *
550  * Allow a kernel service to send data on a call.  The call must be in an state
551  * appropriate to sending data.  No control data should be supplied in @msg,
552  * nor should an address be supplied.  MSG_MORE should be flagged if there's
553  * more data to come, otherwise this data will end the transmission phase.
554  */
rxrpc_kernel_send_data(struct socket * sock,struct rxrpc_call * call,struct msghdr * msg,size_t len)555 int rxrpc_kernel_send_data(struct socket *sock, struct rxrpc_call *call,
556 			   struct msghdr *msg, size_t len)
557 {
558 	int ret;
559 
560 	_enter("{%d,%s},", call->debug_id, rxrpc_call_states[call->state]);
561 
562 	ASSERTCMP(msg->msg_name, ==, NULL);
563 	ASSERTCMP(msg->msg_control, ==, NULL);
564 
565 	lock_sock(sock->sk);
566 
567 	_debug("CALL %d USR %lx ST %d on CONN %p",
568 	       call->debug_id, call->user_call_ID, call->state, call->conn);
569 
570 	if (call->state >= RXRPC_CALL_COMPLETE) {
571 		ret = -ESHUTDOWN; /* it's too late for this call */
572 	} else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
573 		   call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
574 		   call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
575 		ret = -EPROTO; /* request phase complete for this client call */
576 	} else {
577 		ret = rxrpc_send_data(rxrpc_sk(sock->sk), call, msg, len);
578 	}
579 
580 	release_sock(sock->sk);
581 	_leave(" = %d", ret);
582 	return ret;
583 }
584 EXPORT_SYMBOL(rxrpc_kernel_send_data);
585 
586 /**
587  * rxrpc_kernel_abort_call - Allow a kernel service to abort a call
588  * @sock: The socket the call is on
589  * @call: The call to be aborted
590  * @abort_code: The abort code to stick into the ABORT packet
591  * @error: Local error value
592  * @why: 3-char string indicating why.
593  *
594  * Allow a kernel service to abort a call, if it's still in an abortable state.
595  */
rxrpc_kernel_abort_call(struct socket * sock,struct rxrpc_call * call,u32 abort_code,int error,const char * why)596 void rxrpc_kernel_abort_call(struct socket *sock, struct rxrpc_call *call,
597 			     u32 abort_code, int error, const char *why)
598 {
599 	_enter("{%d},%d,%d,%s", call->debug_id, abort_code, error, why);
600 
601 	lock_sock(sock->sk);
602 
603 	if (rxrpc_abort_call(why, call, 0, abort_code, error))
604 		rxrpc_send_abort_packet(call);
605 
606 	release_sock(sock->sk);
607 	_leave("");
608 }
609 
610 EXPORT_SYMBOL(rxrpc_kernel_abort_call);
611