1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * IUCV protocol stack for Linux on zSeries
4 *
5 * Copyright IBM Corp. 2006, 2009
6 *
7 * Author(s): Jennifer Hunt <jenhunt@us.ibm.com>
8 * Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
9 * PM functions:
10 * Ursula Braun <ursula.braun@de.ibm.com>
11 */
12
13 #define pr_fmt(fmt) "af_iucv: " fmt
14
15 #include <linux/filter.h>
16 #include <linux/module.h>
17 #include <linux/netdevice.h>
18 #include <linux/types.h>
19 #include <linux/limits.h>
20 #include <linux/list.h>
21 #include <linux/errno.h>
22 #include <linux/kernel.h>
23 #include <linux/sched/signal.h>
24 #include <linux/slab.h>
25 #include <linux/skbuff.h>
26 #include <linux/init.h>
27 #include <linux/poll.h>
28 #include <linux/security.h>
29 #include <net/sock.h>
30 #include <asm/machine.h>
31 #include <asm/ebcdic.h>
32 #include <asm/cpcmd.h>
33 #include <linux/kmod.h>
34
35 #include <net/iucv/af_iucv.h>
36
37 #define VERSION "1.2"
38
39 static char iucv_userid[80];
40
41 static struct proto iucv_proto = {
42 .name = "AF_IUCV",
43 .owner = THIS_MODULE,
44 .obj_size = sizeof(struct iucv_sock),
45 };
46
47 static struct iucv_interface *pr_iucv;
48 static struct iucv_handler af_iucv_handler;
49
50 /* special AF_IUCV IPRM messages */
51 static const u8 iprm_shutdown[8] =
52 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
53
54 #define TRGCLS_SIZE sizeof_field(struct iucv_message, class)
55
56 #define __iucv_sock_wait(sk, condition, timeo, ret) \
57 do { \
58 DEFINE_WAIT(__wait); \
59 long __timeo = timeo; \
60 ret = 0; \
61 prepare_to_wait(sk_sleep(sk), &__wait, TASK_INTERRUPTIBLE); \
62 while (!(condition)) { \
63 if (!__timeo) { \
64 ret = -EAGAIN; \
65 break; \
66 } \
67 if (signal_pending(current)) { \
68 ret = sock_intr_errno(__timeo); \
69 break; \
70 } \
71 release_sock(sk); \
72 __timeo = schedule_timeout(__timeo); \
73 lock_sock(sk); \
74 ret = sock_error(sk); \
75 if (ret) \
76 break; \
77 } \
78 finish_wait(sk_sleep(sk), &__wait); \
79 } while (0)
80
81 #define iucv_sock_wait(sk, condition, timeo) \
82 ({ \
83 int __ret = 0; \
84 if (!(condition)) \
85 __iucv_sock_wait(sk, condition, timeo, __ret); \
86 __ret; \
87 })
88
89 static struct sock *iucv_accept_dequeue(struct sock *parent,
90 struct socket *newsock);
91 static void iucv_sock_kill(struct sock *sk);
92 static void iucv_sock_close(struct sock *sk);
93
94 static void afiucv_hs_callback_txnotify(struct sock *sk, enum iucv_tx_notify);
95
96 static struct iucv_sock_list iucv_sk_list = {
97 .lock = __RW_LOCK_UNLOCKED(iucv_sk_list.lock),
98 .autobind_name = ATOMIC_INIT(0)
99 };
100
high_nmcpy(unsigned char * dst,char * src)101 static inline void high_nmcpy(unsigned char *dst, char *src)
102 {
103 memcpy(dst, src, 8);
104 }
105
low_nmcpy(unsigned char * dst,char * src)106 static inline void low_nmcpy(unsigned char *dst, char *src)
107 {
108 memcpy(&dst[8], src, 8);
109 }
110
111 /**
112 * iucv_msg_length() - Returns the length of an iucv message.
113 * @msg: Pointer to struct iucv_message, MUST NOT be NULL
114 *
115 * The function returns the length of the specified iucv message @msg of data
116 * stored in a buffer and of data stored in the parameter list (PRMDATA).
117 *
118 * For IUCV_IPRMDATA, AF_IUCV uses the following convention to transport socket
119 * data:
120 * PRMDATA[0..6] socket data (max 7 bytes);
121 * PRMDATA[7] socket data length value (len is 0xff - PRMDATA[7])
122 *
123 * The socket data length is computed by subtracting the socket data length
124 * value from 0xFF.
125 * If the socket data len is greater 7, then PRMDATA can be used for special
126 * notifications (see iucv_sock_shutdown); and further,
127 * if the socket data len is > 7, the function returns 8.
128 *
129 * Use this function to allocate socket buffers to store iucv message data.
130 *
131 * Returns: Length of the IUCV message.
132 */
iucv_msg_length(struct iucv_message * msg)133 static inline size_t iucv_msg_length(struct iucv_message *msg)
134 {
135 size_t datalen;
136
137 if (msg->flags & IUCV_IPRMDATA) {
138 datalen = 0xff - msg->rmmsg[7];
139 return (datalen < 8) ? datalen : 8;
140 }
141 return msg->length;
142 }
143
144 /**
145 * iucv_sock_in_state() - check for specific states
146 * @sk: sock structure
147 * @state: first iucv sk state
148 * @state2: second iucv sk state
149 *
150 * Returns: true if the socket is either in the first or second state.
151 */
iucv_sock_in_state(struct sock * sk,int state,int state2)152 static int iucv_sock_in_state(struct sock *sk, int state, int state2)
153 {
154 return (sk->sk_state == state || sk->sk_state == state2);
155 }
156
157 /**
158 * iucv_below_msglim() - function to check if messages can be sent
159 * @sk: sock structure
160 *
161 * Returns: true, if either the socket is not connected (no iucv path for
162 * checking the message limit) or if the send queue length is lower
163 * than the message limit.
164 */
iucv_below_msglim(struct sock * sk)165 static inline int iucv_below_msglim(struct sock *sk)
166 {
167 struct iucv_sock *iucv = iucv_sk(sk);
168
169 if (sk->sk_state != IUCV_CONNECTED)
170 return 1;
171 if (iucv->transport == AF_IUCV_TRANS_IUCV)
172 return (atomic_read(&iucv->skbs_in_xmit) < iucv->path->msglim);
173 else
174 return ((atomic_read(&iucv->msg_sent) < iucv->msglimit_peer) &&
175 (atomic_read(&iucv->pendings) <= 0));
176 }
177
178 /*
179 * iucv_sock_wake_msglim() - Wake up thread waiting on msg limit
180 */
iucv_sock_wake_msglim(struct sock * sk)181 static void iucv_sock_wake_msglim(struct sock *sk)
182 {
183 struct socket_wq *wq;
184
185 rcu_read_lock();
186 wq = rcu_dereference(sk->sk_wq);
187 if (skwq_has_sleeper(wq))
188 wake_up_interruptible_all(&wq->wait);
189 sk_wake_async_rcu(sk, SOCK_WAKE_SPACE, POLL_OUT);
190 rcu_read_unlock();
191 }
192
193 /*
194 * afiucv_hs_send() - send a message through HiperSockets transport
195 */
afiucv_hs_send(struct iucv_message * imsg,struct sock * sock,struct sk_buff * skb,u8 flags)196 static int afiucv_hs_send(struct iucv_message *imsg, struct sock *sock,
197 struct sk_buff *skb, u8 flags)
198 {
199 struct iucv_sock *iucv = iucv_sk(sock);
200 struct af_iucv_trans_hdr *phs_hdr;
201 int err, confirm_recv = 0;
202
203 phs_hdr = skb_push(skb, sizeof(*phs_hdr));
204 memset(phs_hdr, 0, sizeof(*phs_hdr));
205 skb_reset_network_header(skb);
206
207 phs_hdr->magic = ETH_P_AF_IUCV;
208 phs_hdr->version = 1;
209 phs_hdr->flags = flags;
210 if (flags == AF_IUCV_FLAG_SYN)
211 phs_hdr->window = iucv->msglimit;
212 else if ((flags == AF_IUCV_FLAG_WIN) || !flags) {
213 confirm_recv = atomic_read(&iucv->msg_recv);
214 phs_hdr->window = confirm_recv;
215 if (confirm_recv)
216 phs_hdr->flags = phs_hdr->flags | AF_IUCV_FLAG_WIN;
217 }
218 memcpy(phs_hdr->destUserID, iucv->dst_user_id, 8);
219 memcpy(phs_hdr->destAppName, iucv->dst_name, 8);
220 memcpy(phs_hdr->srcUserID, iucv->src_user_id, 8);
221 memcpy(phs_hdr->srcAppName, iucv->src_name, 8);
222 ASCEBC(phs_hdr->destUserID, sizeof(phs_hdr->destUserID));
223 ASCEBC(phs_hdr->destAppName, sizeof(phs_hdr->destAppName));
224 ASCEBC(phs_hdr->srcUserID, sizeof(phs_hdr->srcUserID));
225 ASCEBC(phs_hdr->srcAppName, sizeof(phs_hdr->srcAppName));
226 if (imsg)
227 memcpy(&phs_hdr->iucv_hdr, imsg, sizeof(struct iucv_message));
228
229 skb->dev = iucv->hs_dev;
230 if (!skb->dev) {
231 err = -ENODEV;
232 goto err_free;
233 }
234
235 dev_hard_header(skb, skb->dev, ETH_P_AF_IUCV, NULL, NULL, skb->len);
236
237 if (!(skb->dev->flags & IFF_UP) || !netif_carrier_ok(skb->dev)) {
238 err = -ENETDOWN;
239 goto err_free;
240 }
241 if (skb->len > skb->dev->mtu) {
242 if (sock->sk_type == SOCK_SEQPACKET) {
243 err = -EMSGSIZE;
244 goto err_free;
245 }
246 err = pskb_trim(skb, skb->dev->mtu);
247 if (err)
248 goto err_free;
249 }
250 skb->protocol = cpu_to_be16(ETH_P_AF_IUCV);
251
252 atomic_inc(&iucv->skbs_in_xmit);
253 err = dev_queue_xmit(skb);
254 if (net_xmit_eval(err)) {
255 atomic_dec(&iucv->skbs_in_xmit);
256 } else {
257 atomic_sub(confirm_recv, &iucv->msg_recv);
258 WARN_ON(atomic_read(&iucv->msg_recv) < 0);
259 }
260 return net_xmit_eval(err);
261
262 err_free:
263 kfree_skb(skb);
264 return err;
265 }
266
__iucv_get_sock_by_name(char * nm)267 static struct sock *__iucv_get_sock_by_name(char *nm)
268 {
269 struct sock *sk;
270
271 sk_for_each(sk, &iucv_sk_list.head)
272 if (!memcmp(&iucv_sk(sk)->src_name, nm, 8))
273 return sk;
274
275 return NULL;
276 }
277
iucv_sock_destruct(struct sock * sk)278 static void iucv_sock_destruct(struct sock *sk)
279 {
280 skb_queue_purge(&sk->sk_receive_queue);
281 skb_queue_purge(&sk->sk_error_queue);
282
283 if (!sock_flag(sk, SOCK_DEAD)) {
284 pr_err("Attempt to release alive iucv socket %p\n", sk);
285 return;
286 }
287
288 WARN_ON(atomic_read(&sk->sk_rmem_alloc));
289 WARN_ON(refcount_read(&sk->sk_wmem_alloc));
290 WARN_ON(sk->sk_wmem_queued);
291 WARN_ON(sk->sk_forward_alloc);
292 }
293
294 /* Cleanup Listen */
iucv_sock_cleanup_listen(struct sock * parent)295 static void iucv_sock_cleanup_listen(struct sock *parent)
296 {
297 struct sock *sk;
298
299 /* Close non-accepted connections */
300 while ((sk = iucv_accept_dequeue(parent, NULL))) {
301 iucv_sock_close(sk);
302 iucv_sock_kill(sk);
303 }
304
305 parent->sk_state = IUCV_CLOSED;
306 }
307
iucv_sock_link(struct iucv_sock_list * l,struct sock * sk)308 static void iucv_sock_link(struct iucv_sock_list *l, struct sock *sk)
309 {
310 write_lock_bh(&l->lock);
311 sk_add_node(sk, &l->head);
312 write_unlock_bh(&l->lock);
313 }
314
iucv_sock_unlink(struct iucv_sock_list * l,struct sock * sk)315 static void iucv_sock_unlink(struct iucv_sock_list *l, struct sock *sk)
316 {
317 write_lock_bh(&l->lock);
318 sk_del_node_init(sk);
319 write_unlock_bh(&l->lock);
320 }
321
322 /* Kill socket (only if zapped and orphaned) */
iucv_sock_kill(struct sock * sk)323 static void iucv_sock_kill(struct sock *sk)
324 {
325 if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
326 return;
327
328 iucv_sock_unlink(&iucv_sk_list, sk);
329 sock_set_flag(sk, SOCK_DEAD);
330 sock_put(sk);
331 }
332
333 /* Terminate an IUCV path */
iucv_sever_path(struct sock * sk,int with_user_data)334 static void iucv_sever_path(struct sock *sk, int with_user_data)
335 {
336 unsigned char user_data[16];
337 struct iucv_sock *iucv = iucv_sk(sk);
338 struct iucv_path *path = iucv->path;
339
340 /* Whoever resets the path pointer, must sever and free it. */
341 if (xchg(&iucv->path, NULL)) {
342 if (with_user_data) {
343 low_nmcpy(user_data, iucv->src_name);
344 high_nmcpy(user_data, iucv->dst_name);
345 ASCEBC(user_data, sizeof(user_data));
346 pr_iucv->path_sever(path, user_data);
347 } else
348 pr_iucv->path_sever(path, NULL);
349 iucv_path_free(path);
350 }
351 }
352
353 /* Send controlling flags through an IUCV socket for HIPER transport */
iucv_send_ctrl(struct sock * sk,u8 flags)354 static int iucv_send_ctrl(struct sock *sk, u8 flags)
355 {
356 struct iucv_sock *iucv = iucv_sk(sk);
357 int err = 0;
358 int blen;
359 struct sk_buff *skb;
360 u8 shutdown = 0;
361
362 blen = sizeof(struct af_iucv_trans_hdr) +
363 LL_RESERVED_SPACE(iucv->hs_dev);
364 if (sk->sk_shutdown & SEND_SHUTDOWN) {
365 /* controlling flags should be sent anyway */
366 shutdown = sk->sk_shutdown;
367 sk->sk_shutdown &= RCV_SHUTDOWN;
368 }
369 skb = sock_alloc_send_skb(sk, blen, 1, &err);
370 if (skb) {
371 skb_reserve(skb, blen);
372 err = afiucv_hs_send(NULL, sk, skb, flags);
373 }
374 if (shutdown)
375 sk->sk_shutdown = shutdown;
376 return err;
377 }
378
379 /* Close an IUCV socket */
iucv_sock_close(struct sock * sk)380 static void iucv_sock_close(struct sock *sk)
381 {
382 struct iucv_sock *iucv = iucv_sk(sk);
383 unsigned long timeo;
384 int err = 0;
385
386 lock_sock(sk);
387
388 switch (sk->sk_state) {
389 case IUCV_LISTEN:
390 iucv_sock_cleanup_listen(sk);
391 break;
392
393 case IUCV_CONNECTED:
394 if (iucv->transport == AF_IUCV_TRANS_HIPER) {
395 err = iucv_send_ctrl(sk, AF_IUCV_FLAG_FIN);
396 sk->sk_state = IUCV_DISCONN;
397 sk->sk_state_change(sk);
398 }
399 fallthrough;
400
401 case IUCV_DISCONN:
402 sk->sk_state = IUCV_CLOSING;
403 sk->sk_state_change(sk);
404
405 if (!err && atomic_read(&iucv->skbs_in_xmit) > 0) {
406 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
407 timeo = sk->sk_lingertime;
408 else
409 timeo = IUCV_DISCONN_TIMEOUT;
410 iucv_sock_wait(sk,
411 iucv_sock_in_state(sk, IUCV_CLOSED, 0),
412 timeo);
413 }
414 fallthrough;
415
416 case IUCV_CLOSING:
417 sk->sk_state = IUCV_CLOSED;
418 sk->sk_state_change(sk);
419
420 sk->sk_err = ECONNRESET;
421 sk->sk_state_change(sk);
422
423 skb_queue_purge(&iucv->send_skb_q);
424 skb_queue_purge(&iucv->backlog_skb_q);
425 fallthrough;
426
427 default:
428 iucv_sever_path(sk, 1);
429 }
430
431 if (iucv->hs_dev) {
432 dev_put(iucv->hs_dev);
433 iucv->hs_dev = NULL;
434 sk->sk_bound_dev_if = 0;
435 }
436
437 /* mark socket for deletion by iucv_sock_kill() */
438 sock_set_flag(sk, SOCK_ZAPPED);
439
440 release_sock(sk);
441 }
442
iucv_sock_init(struct sock * sk,struct sock * parent)443 static void iucv_sock_init(struct sock *sk, struct sock *parent)
444 {
445 if (parent) {
446 sk->sk_type = parent->sk_type;
447 security_sk_clone(parent, sk);
448 }
449 }
450
iucv_sock_alloc(struct socket * sock,int proto,gfp_t prio,int kern)451 static struct sock *iucv_sock_alloc(struct socket *sock, int proto, gfp_t prio, int kern)
452 {
453 struct sock *sk;
454 struct iucv_sock *iucv;
455
456 sk = sk_alloc(&init_net, PF_IUCV, prio, &iucv_proto, kern);
457 if (!sk)
458 return NULL;
459 iucv = iucv_sk(sk);
460
461 sock_init_data(sock, sk);
462 INIT_LIST_HEAD(&iucv->accept_q);
463 spin_lock_init(&iucv->accept_q_lock);
464 skb_queue_head_init(&iucv->send_skb_q);
465 INIT_LIST_HEAD(&iucv->message_q.list);
466 spin_lock_init(&iucv->message_q.lock);
467 skb_queue_head_init(&iucv->backlog_skb_q);
468 iucv->send_tag = 0;
469 atomic_set(&iucv->pendings, 0);
470 iucv->flags = 0;
471 iucv->msglimit = 0;
472 atomic_set(&iucv->skbs_in_xmit, 0);
473 atomic_set(&iucv->msg_sent, 0);
474 atomic_set(&iucv->msg_recv, 0);
475 iucv->path = NULL;
476 iucv->sk_txnotify = afiucv_hs_callback_txnotify;
477 memset(&iucv->init, 0, sizeof(iucv->init));
478 if (pr_iucv)
479 iucv->transport = AF_IUCV_TRANS_IUCV;
480 else
481 iucv->transport = AF_IUCV_TRANS_HIPER;
482
483 sk->sk_destruct = iucv_sock_destruct;
484 sk->sk_sndtimeo = IUCV_CONN_TIMEOUT;
485
486 sock_reset_flag(sk, SOCK_ZAPPED);
487
488 sk->sk_protocol = proto;
489 sk->sk_state = IUCV_OPEN;
490
491 iucv_sock_link(&iucv_sk_list, sk);
492 return sk;
493 }
494
iucv_accept_enqueue(struct sock * parent,struct sock * sk)495 static void iucv_accept_enqueue(struct sock *parent, struct sock *sk)
496 {
497 unsigned long flags;
498 struct iucv_sock *par = iucv_sk(parent);
499
500 sock_hold(sk);
501 spin_lock_irqsave(&par->accept_q_lock, flags);
502 list_add_tail(&iucv_sk(sk)->accept_q, &par->accept_q);
503 spin_unlock_irqrestore(&par->accept_q_lock, flags);
504 iucv_sk(sk)->parent = parent;
505 sk_acceptq_added(parent);
506 }
507
iucv_accept_unlink(struct sock * sk)508 static void iucv_accept_unlink(struct sock *sk)
509 {
510 unsigned long flags;
511 struct iucv_sock *par = iucv_sk(iucv_sk(sk)->parent);
512
513 spin_lock_irqsave(&par->accept_q_lock, flags);
514 list_del_init(&iucv_sk(sk)->accept_q);
515 spin_unlock_irqrestore(&par->accept_q_lock, flags);
516 sk_acceptq_removed(iucv_sk(sk)->parent);
517 iucv_sk(sk)->parent = NULL;
518 sock_put(sk);
519 }
520
iucv_accept_dequeue(struct sock * parent,struct socket * newsock)521 static struct sock *iucv_accept_dequeue(struct sock *parent,
522 struct socket *newsock)
523 {
524 struct iucv_sock *isk, *n;
525 struct sock *sk;
526
527 list_for_each_entry_safe(isk, n, &iucv_sk(parent)->accept_q, accept_q) {
528 sk = (struct sock *) isk;
529 lock_sock(sk);
530
531 if (sk->sk_state == IUCV_CLOSED) {
532 iucv_accept_unlink(sk);
533 release_sock(sk);
534 continue;
535 }
536
537 if (sk->sk_state == IUCV_CONNECTED ||
538 sk->sk_state == IUCV_DISCONN ||
539 !newsock) {
540 iucv_accept_unlink(sk);
541 if (newsock)
542 sock_graft(sk, newsock);
543
544 release_sock(sk);
545 return sk;
546 }
547
548 release_sock(sk);
549 }
550 return NULL;
551 }
552
__iucv_auto_name(struct iucv_sock * iucv)553 static void __iucv_auto_name(struct iucv_sock *iucv)
554 {
555 char name[12];
556
557 scnprintf(name, sizeof(name),
558 "%08x", atomic_inc_return(&iucv_sk_list.autobind_name));
559 while (__iucv_get_sock_by_name(name)) {
560 scnprintf(name, sizeof(name), "%08x",
561 atomic_inc_return(&iucv_sk_list.autobind_name));
562 }
563 memcpy(iucv->src_name, name, 8);
564 }
565
566 /* Bind an unbound socket */
iucv_sock_bind(struct socket * sock,struct sockaddr_unsized * addr,int addr_len)567 static int iucv_sock_bind(struct socket *sock, struct sockaddr_unsized *addr,
568 int addr_len)
569 {
570 DECLARE_SOCKADDR(struct sockaddr_iucv *, sa, addr);
571 char uid[sizeof(sa->siucv_user_id)];
572 struct sock *sk = sock->sk;
573 struct iucv_sock *iucv;
574 int err = 0;
575 struct net_device *dev;
576
577 /* Verify the input sockaddr */
578 if (addr_len < sizeof(struct sockaddr_iucv) ||
579 addr->sa_family != AF_IUCV)
580 return -EINVAL;
581
582 lock_sock(sk);
583 if (sk->sk_state != IUCV_OPEN) {
584 err = -EBADFD;
585 goto done;
586 }
587
588 write_lock_bh(&iucv_sk_list.lock);
589
590 iucv = iucv_sk(sk);
591 if (__iucv_get_sock_by_name(sa->siucv_name)) {
592 err = -EADDRINUSE;
593 goto done_unlock;
594 }
595 if (iucv->path)
596 goto done_unlock;
597
598 /* Bind the socket */
599 if (pr_iucv)
600 if (!memcmp(sa->siucv_user_id, iucv_userid, 8))
601 goto vm_bind; /* VM IUCV transport */
602
603 /* try hiper transport */
604 memcpy(uid, sa->siucv_user_id, sizeof(uid));
605 ASCEBC(uid, 8);
606 rcu_read_lock();
607 for_each_netdev_rcu(&init_net, dev) {
608 if (!memcmp(dev->perm_addr, uid, 8)) {
609 memcpy(iucv->src_user_id, sa->siucv_user_id, 8);
610 /* Check for uninitialized siucv_name */
611 if (strncmp(sa->siucv_name, " ", 8) == 0)
612 __iucv_auto_name(iucv);
613 else
614 memcpy(iucv->src_name, sa->siucv_name, 8);
615 sk->sk_bound_dev_if = dev->ifindex;
616 iucv->hs_dev = dev;
617 dev_hold(dev);
618 sk->sk_state = IUCV_BOUND;
619 iucv->transport = AF_IUCV_TRANS_HIPER;
620 if (!iucv->msglimit)
621 iucv->msglimit = IUCV_HIPER_MSGLIM_DEFAULT;
622 rcu_read_unlock();
623 goto done_unlock;
624 }
625 }
626 rcu_read_unlock();
627 vm_bind:
628 if (pr_iucv) {
629 /* use local userid for backward compat */
630 memcpy(iucv->src_name, sa->siucv_name, 8);
631 memcpy(iucv->src_user_id, iucv_userid, 8);
632 sk->sk_state = IUCV_BOUND;
633 iucv->transport = AF_IUCV_TRANS_IUCV;
634 sk->sk_allocation |= GFP_DMA;
635 if (!iucv->msglimit)
636 iucv->msglimit = IUCV_QUEUELEN_DEFAULT;
637 goto done_unlock;
638 }
639 /* found no dev to bind */
640 err = -ENODEV;
641 done_unlock:
642 /* Release the socket list lock */
643 write_unlock_bh(&iucv_sk_list.lock);
644 done:
645 release_sock(sk);
646 return err;
647 }
648
649 /* Automatically bind an unbound socket */
iucv_sock_autobind(struct sock * sk)650 static int iucv_sock_autobind(struct sock *sk)
651 {
652 struct iucv_sock *iucv = iucv_sk(sk);
653 int err = 0;
654
655 if (unlikely(!pr_iucv))
656 return -EPROTO;
657
658 memcpy(iucv->src_user_id, iucv_userid, 8);
659 iucv->transport = AF_IUCV_TRANS_IUCV;
660 sk->sk_allocation |= GFP_DMA;
661
662 write_lock_bh(&iucv_sk_list.lock);
663 __iucv_auto_name(iucv);
664 write_unlock_bh(&iucv_sk_list.lock);
665
666 if (!iucv->msglimit)
667 iucv->msglimit = IUCV_QUEUELEN_DEFAULT;
668
669 return err;
670 }
671
afiucv_path_connect(struct socket * sock,struct sockaddr_unsized * addr)672 static int afiucv_path_connect(struct socket *sock, struct sockaddr_unsized *addr)
673 {
674 DECLARE_SOCKADDR(struct sockaddr_iucv *, sa, addr);
675 struct sock *sk = sock->sk;
676 struct iucv_sock *iucv = iucv_sk(sk);
677 unsigned char user_data[16];
678 int err;
679
680 high_nmcpy(user_data, sa->siucv_name);
681 low_nmcpy(user_data, iucv->src_name);
682 ASCEBC(user_data, sizeof(user_data));
683
684 /* Create path. */
685 iucv->path = iucv_path_alloc(iucv->msglimit,
686 IUCV_IPRMDATA, GFP_KERNEL);
687 if (!iucv->path) {
688 err = -ENOMEM;
689 goto done;
690 }
691 err = pr_iucv->path_connect(iucv->path, &af_iucv_handler,
692 sa->siucv_user_id, NULL, user_data,
693 sk);
694 if (err) {
695 iucv_path_free(iucv->path);
696 iucv->path = NULL;
697 switch (err) {
698 case 0x0b: /* Target communicator is not logged on */
699 err = -ENETUNREACH;
700 break;
701 case 0x0d: /* Max connections for this guest exceeded */
702 case 0x0e: /* Max connections for target guest exceeded */
703 err = -EAGAIN;
704 break;
705 case 0x0f: /* Missing IUCV authorization */
706 err = -EACCES;
707 break;
708 default:
709 err = -ECONNREFUSED;
710 break;
711 }
712 }
713 done:
714 return err;
715 }
716
717 /* Connect an unconnected socket */
iucv_sock_connect(struct socket * sock,struct sockaddr_unsized * addr,int alen,int flags)718 static int iucv_sock_connect(struct socket *sock, struct sockaddr_unsized *addr,
719 int alen, int flags)
720 {
721 DECLARE_SOCKADDR(struct sockaddr_iucv *, sa, addr);
722 struct sock *sk = sock->sk;
723 struct iucv_sock *iucv = iucv_sk(sk);
724 int err;
725
726 if (alen < sizeof(struct sockaddr_iucv) || addr->sa_family != AF_IUCV)
727 return -EINVAL;
728
729 if (sk->sk_state != IUCV_OPEN && sk->sk_state != IUCV_BOUND)
730 return -EBADFD;
731
732 if (sk->sk_state == IUCV_OPEN &&
733 iucv->transport == AF_IUCV_TRANS_HIPER)
734 return -EBADFD; /* explicit bind required */
735
736 if (sk->sk_type != SOCK_STREAM && sk->sk_type != SOCK_SEQPACKET)
737 return -EINVAL;
738
739 if (sk->sk_state == IUCV_OPEN) {
740 err = iucv_sock_autobind(sk);
741 if (unlikely(err))
742 return err;
743 }
744
745 lock_sock(sk);
746
747 /* Set the destination information */
748 memcpy(iucv->dst_user_id, sa->siucv_user_id, 8);
749 memcpy(iucv->dst_name, sa->siucv_name, 8);
750
751 if (iucv->transport == AF_IUCV_TRANS_HIPER)
752 err = iucv_send_ctrl(sock->sk, AF_IUCV_FLAG_SYN);
753 else
754 err = afiucv_path_connect(sock, addr);
755 if (err)
756 goto done;
757
758 if (sk->sk_state != IUCV_CONNECTED)
759 err = iucv_sock_wait(sk, iucv_sock_in_state(sk, IUCV_CONNECTED,
760 IUCV_DISCONN),
761 sock_sndtimeo(sk, flags & O_NONBLOCK));
762
763 if (sk->sk_state == IUCV_DISCONN || sk->sk_state == IUCV_CLOSED)
764 err = -ECONNREFUSED;
765
766 if (err && iucv->transport == AF_IUCV_TRANS_IUCV)
767 iucv_sever_path(sk, 0);
768
769 done:
770 release_sock(sk);
771 return err;
772 }
773
774 /* Move a socket into listening state. */
iucv_sock_listen(struct socket * sock,int backlog)775 static int iucv_sock_listen(struct socket *sock, int backlog)
776 {
777 struct sock *sk = sock->sk;
778 int err;
779
780 lock_sock(sk);
781
782 err = -EINVAL;
783 if (sk->sk_state != IUCV_BOUND)
784 goto done;
785
786 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
787 goto done;
788
789 sk->sk_max_ack_backlog = backlog;
790 sk->sk_ack_backlog = 0;
791 sk->sk_state = IUCV_LISTEN;
792 err = 0;
793
794 done:
795 release_sock(sk);
796 return err;
797 }
798
799 /* Accept a pending connection */
iucv_sock_accept(struct socket * sock,struct socket * newsock,struct proto_accept_arg * arg)800 static int iucv_sock_accept(struct socket *sock, struct socket *newsock,
801 struct proto_accept_arg *arg)
802 {
803 DECLARE_WAITQUEUE(wait, current);
804 struct sock *sk = sock->sk, *nsk;
805 long timeo;
806 int err = 0;
807
808 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
809
810 if (sk->sk_state != IUCV_LISTEN) {
811 err = -EBADFD;
812 goto done;
813 }
814
815 timeo = sock_rcvtimeo(sk, arg->flags & O_NONBLOCK);
816
817 /* Wait for an incoming connection */
818 add_wait_queue_exclusive(sk_sleep(sk), &wait);
819 while (!(nsk = iucv_accept_dequeue(sk, newsock))) {
820 set_current_state(TASK_INTERRUPTIBLE);
821 if (!timeo) {
822 err = -EAGAIN;
823 break;
824 }
825
826 release_sock(sk);
827 timeo = schedule_timeout(timeo);
828 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
829
830 if (sk->sk_state != IUCV_LISTEN) {
831 err = -EBADFD;
832 break;
833 }
834
835 if (signal_pending(current)) {
836 err = sock_intr_errno(timeo);
837 break;
838 }
839 }
840
841 set_current_state(TASK_RUNNING);
842 remove_wait_queue(sk_sleep(sk), &wait);
843
844 if (err)
845 goto done;
846
847 newsock->state = SS_CONNECTED;
848
849 done:
850 release_sock(sk);
851 return err;
852 }
853
iucv_sock_getname(struct socket * sock,struct sockaddr * addr,int peer)854 static int iucv_sock_getname(struct socket *sock, struct sockaddr *addr,
855 int peer)
856 {
857 DECLARE_SOCKADDR(struct sockaddr_iucv *, siucv, addr);
858 struct sock *sk = sock->sk;
859 struct iucv_sock *iucv = iucv_sk(sk);
860
861 addr->sa_family = AF_IUCV;
862
863 if (peer) {
864 memcpy(siucv->siucv_user_id, iucv->dst_user_id, 8);
865 memcpy(siucv->siucv_name, iucv->dst_name, 8);
866 } else {
867 memcpy(siucv->siucv_user_id, iucv->src_user_id, 8);
868 memcpy(siucv->siucv_name, iucv->src_name, 8);
869 }
870 memset(&siucv->siucv_port, 0, sizeof(siucv->siucv_port));
871 memset(&siucv->siucv_addr, 0, sizeof(siucv->siucv_addr));
872 memset(&siucv->siucv_nodeid, 0, sizeof(siucv->siucv_nodeid));
873
874 return sizeof(struct sockaddr_iucv);
875 }
876
877 /**
878 * iucv_send_iprm() - Send socket data in parameter list of an iucv message.
879 * @path: IUCV path
880 * @msg: Pointer to a struct iucv_message
881 * @skb: The socket data to send, skb->len MUST BE <= 7
882 *
883 * Send the socket data in the parameter list in the iucv message
884 * (IUCV_IPRMDATA). The socket data is stored at index 0 to 6 in the parameter
885 * list and the socket data len at index 7 (last byte).
886 * See also iucv_msg_length().
887 *
888 * Returns: the return code from the iucv_message_send() call.
889 */
iucv_send_iprm(struct iucv_path * path,struct iucv_message * msg,struct sk_buff * skb)890 static int iucv_send_iprm(struct iucv_path *path, struct iucv_message *msg,
891 struct sk_buff *skb)
892 {
893 u8 prmdata[8];
894
895 memcpy(prmdata, (void *) skb->data, skb->len);
896 prmdata[7] = 0xff - (u8) skb->len;
897 return pr_iucv->message_send(path, msg, IUCV_IPRMDATA, 0,
898 (void *) prmdata, 8);
899 }
900
iucv_sock_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)901 static int iucv_sock_sendmsg(struct socket *sock, struct msghdr *msg,
902 size_t len)
903 {
904 struct sock *sk = sock->sk;
905 struct iucv_sock *iucv = iucv_sk(sk);
906 size_t headroom = 0;
907 size_t linear;
908 struct sk_buff *skb;
909 struct iucv_message txmsg = {0};
910 struct cmsghdr *cmsg;
911 int cmsg_done;
912 long timeo;
913 char user_id[9];
914 char appl_id[9];
915 int err;
916 int noblock = msg->msg_flags & MSG_DONTWAIT;
917
918 err = sock_error(sk);
919 if (err)
920 return err;
921
922 if (msg->msg_flags & MSG_OOB)
923 return -EOPNOTSUPP;
924
925 /* SOCK_SEQPACKET: we do not support segmented records */
926 if (sk->sk_type == SOCK_SEQPACKET && !(msg->msg_flags & MSG_EOR))
927 return -EOPNOTSUPP;
928
929 lock_sock(sk);
930
931 if (sk->sk_shutdown & SEND_SHUTDOWN) {
932 err = -EPIPE;
933 goto out;
934 }
935
936 /* Return if the socket is not in connected state */
937 if (sk->sk_state != IUCV_CONNECTED) {
938 err = -ENOTCONN;
939 goto out;
940 }
941
942 /* initialize defaults */
943 cmsg_done = 0; /* check for duplicate headers */
944
945 /* iterate over control messages */
946 for_each_cmsghdr(cmsg, msg) {
947 if (!CMSG_OK(msg, cmsg)) {
948 err = -EINVAL;
949 goto out;
950 }
951
952 if (cmsg->cmsg_level != SOL_IUCV)
953 continue;
954
955 if (cmsg->cmsg_type & cmsg_done) {
956 err = -EINVAL;
957 goto out;
958 }
959 cmsg_done |= cmsg->cmsg_type;
960
961 switch (cmsg->cmsg_type) {
962 case SCM_IUCV_TRGCLS:
963 if (cmsg->cmsg_len != CMSG_LEN(TRGCLS_SIZE)) {
964 err = -EINVAL;
965 goto out;
966 }
967
968 /* set iucv message target class */
969 memcpy(&txmsg.class,
970 (void *) CMSG_DATA(cmsg), TRGCLS_SIZE);
971
972 break;
973
974 default:
975 err = -EINVAL;
976 goto out;
977 }
978 }
979
980 /* allocate one skb for each iucv message:
981 * this is fine for SOCK_SEQPACKET (unless we want to support
982 * segmented records using the MSG_EOR flag), but
983 * for SOCK_STREAM we might want to improve it in future */
984 if (iucv->transport == AF_IUCV_TRANS_HIPER) {
985 headroom = sizeof(struct af_iucv_trans_hdr) +
986 LL_RESERVED_SPACE(iucv->hs_dev);
987 linear = min(len, PAGE_SIZE - headroom);
988 } else {
989 if (len < PAGE_SIZE) {
990 linear = len;
991 } else {
992 /* In nonlinear "classic" iucv skb,
993 * reserve space for iucv_array
994 */
995 headroom = sizeof(struct iucv_array) *
996 (MAX_SKB_FRAGS + 1);
997 linear = PAGE_SIZE - headroom;
998 }
999 }
1000 skb = sock_alloc_send_pskb(sk, headroom + linear, len - linear,
1001 noblock, &err, 0);
1002 if (!skb)
1003 goto out;
1004 if (headroom)
1005 skb_reserve(skb, headroom);
1006 skb_put(skb, linear);
1007 skb->len = len;
1008 skb->data_len = len - linear;
1009 err = skb_copy_datagram_from_iter(skb, 0, &msg->msg_iter, len);
1010 if (err)
1011 goto fail;
1012
1013 /* wait if outstanding messages for iucv path has reached */
1014 timeo = sock_sndtimeo(sk, noblock);
1015 err = iucv_sock_wait(sk, iucv_below_msglim(sk), timeo);
1016 if (err)
1017 goto fail;
1018
1019 /* return -ECONNRESET if the socket is no longer connected */
1020 if (sk->sk_state != IUCV_CONNECTED) {
1021 err = -ECONNRESET;
1022 goto fail;
1023 }
1024
1025 /* increment and save iucv message tag for msg_completion cbk */
1026 txmsg.tag = iucv->send_tag++;
1027 IUCV_SKB_CB(skb)->tag = txmsg.tag;
1028
1029 if (iucv->transport == AF_IUCV_TRANS_HIPER) {
1030 atomic_inc(&iucv->msg_sent);
1031 err = afiucv_hs_send(&txmsg, sk, skb, 0);
1032 if (err) {
1033 atomic_dec(&iucv->msg_sent);
1034 goto out;
1035 }
1036 } else { /* Classic VM IUCV transport */
1037 skb_queue_tail(&iucv->send_skb_q, skb);
1038 atomic_inc(&iucv->skbs_in_xmit);
1039
1040 if (((iucv->path->flags & IUCV_IPRMDATA) & iucv->flags) &&
1041 skb->len <= 7) {
1042 err = iucv_send_iprm(iucv->path, &txmsg, skb);
1043
1044 /* on success: there is no message_complete callback */
1045 /* for an IPRMDATA msg; remove skb from send queue */
1046 if (err == 0) {
1047 atomic_dec(&iucv->skbs_in_xmit);
1048 skb_unlink(skb, &iucv->send_skb_q);
1049 consume_skb(skb);
1050 }
1051
1052 /* this error should never happen since the */
1053 /* IUCV_IPRMDATA path flag is set... sever path */
1054 if (err == 0x15) {
1055 pr_iucv->path_sever(iucv->path, NULL);
1056 atomic_dec(&iucv->skbs_in_xmit);
1057 skb_unlink(skb, &iucv->send_skb_q);
1058 err = -EPIPE;
1059 goto fail;
1060 }
1061 } else if (skb_is_nonlinear(skb)) {
1062 struct iucv_array *iba = (struct iucv_array *)skb->head;
1063 int i;
1064
1065 /* skip iucv_array lying in the headroom */
1066 iba[0].address = virt_to_dma32(skb->data);
1067 iba[0].length = (u32)skb_headlen(skb);
1068 for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) {
1069 skb_frag_t *frag = &skb_shinfo(skb)->frags[i];
1070
1071 iba[i + 1].address = virt_to_dma32(skb_frag_address(frag));
1072 iba[i + 1].length = (u32)skb_frag_size(frag);
1073 }
1074 err = pr_iucv->message_send(iucv->path, &txmsg,
1075 IUCV_IPBUFLST, 0,
1076 (void *)iba, skb->len);
1077 } else { /* non-IPRM Linear skb */
1078 err = pr_iucv->message_send(iucv->path, &txmsg,
1079 0, 0, (void *)skb->data, skb->len);
1080 }
1081 if (err) {
1082 if (err == 3) {
1083 user_id[8] = 0;
1084 memcpy(user_id, iucv->dst_user_id, 8);
1085 appl_id[8] = 0;
1086 memcpy(appl_id, iucv->dst_name, 8);
1087 pr_err(
1088 "Application %s on z/VM guest %s exceeds message limit\n",
1089 appl_id, user_id);
1090 err = -EAGAIN;
1091 } else {
1092 err = -EPIPE;
1093 }
1094
1095 atomic_dec(&iucv->skbs_in_xmit);
1096 skb_unlink(skb, &iucv->send_skb_q);
1097 goto fail;
1098 }
1099 }
1100
1101 release_sock(sk);
1102 return len;
1103
1104 fail:
1105 kfree_skb(skb);
1106 out:
1107 release_sock(sk);
1108 return err;
1109 }
1110
alloc_iucv_recv_skb(unsigned long len)1111 static struct sk_buff *alloc_iucv_recv_skb(unsigned long len)
1112 {
1113 size_t headroom, linear;
1114 struct sk_buff *skb;
1115 int err;
1116
1117 if (len < PAGE_SIZE) {
1118 headroom = 0;
1119 linear = len;
1120 } else {
1121 headroom = sizeof(struct iucv_array) * (MAX_SKB_FRAGS + 1);
1122 linear = PAGE_SIZE - headroom;
1123 }
1124 skb = alloc_skb_with_frags(headroom + linear, len - linear,
1125 0, &err, GFP_ATOMIC | GFP_DMA);
1126 WARN_ONCE(!skb,
1127 "alloc of recv iucv skb len=%lu failed with errcode=%d\n",
1128 len, err);
1129 if (skb) {
1130 if (headroom)
1131 skb_reserve(skb, headroom);
1132 skb_put(skb, linear);
1133 skb->len = len;
1134 skb->data_len = len - linear;
1135 }
1136 return skb;
1137 }
1138
1139 /* iucv_process_message() - Receive a single outstanding IUCV message
1140 *
1141 * Locking: must be called with message_q.lock held
1142 */
iucv_process_message(struct sock * sk,struct sk_buff * skb,struct iucv_path * path,struct iucv_message * msg)1143 static void iucv_process_message(struct sock *sk, struct sk_buff *skb,
1144 struct iucv_path *path,
1145 struct iucv_message *msg)
1146 {
1147 int rc;
1148 unsigned int len;
1149
1150 len = iucv_msg_length(msg);
1151
1152 /* store msg target class in the second 4 bytes of skb ctrl buffer */
1153 /* Note: the first 4 bytes are reserved for msg tag */
1154 IUCV_SKB_CB(skb)->class = msg->class;
1155
1156 /* check for special IPRM messages (e.g. iucv_sock_shutdown) */
1157 if ((msg->flags & IUCV_IPRMDATA) && len > 7) {
1158 if (memcmp(msg->rmmsg, iprm_shutdown, 8) == 0) {
1159 skb->data = NULL;
1160 skb->len = 0;
1161 }
1162 } else {
1163 if (skb_is_nonlinear(skb)) {
1164 struct iucv_array *iba = (struct iucv_array *)skb->head;
1165 int i;
1166
1167 iba[0].address = virt_to_dma32(skb->data);
1168 iba[0].length = (u32)skb_headlen(skb);
1169 for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) {
1170 skb_frag_t *frag = &skb_shinfo(skb)->frags[i];
1171
1172 iba[i + 1].address = virt_to_dma32(skb_frag_address(frag));
1173 iba[i + 1].length = (u32)skb_frag_size(frag);
1174 }
1175 rc = pr_iucv->message_receive(path, msg,
1176 IUCV_IPBUFLST,
1177 (void *)iba, len, NULL);
1178 } else {
1179 rc = pr_iucv->message_receive(path, msg,
1180 msg->flags & IUCV_IPRMDATA,
1181 skb->data, len, NULL);
1182 }
1183 if (rc) {
1184 kfree_skb(skb);
1185 return;
1186 }
1187 WARN_ON_ONCE(skb->len != len);
1188 }
1189
1190 IUCV_SKB_CB(skb)->offset = 0;
1191 if (sk_filter(sk, skb)) {
1192 sk_drops_inc(sk); /* skb rejected by filter */
1193 kfree_skb(skb);
1194 return;
1195 }
1196 if (__sock_queue_rcv_skb(sk, skb)) /* handle rcv queue full */
1197 skb_queue_tail(&iucv_sk(sk)->backlog_skb_q, skb);
1198 }
1199
1200 /* iucv_process_message_q() - Process outstanding IUCV messages
1201 *
1202 * Locking: must be called with message_q.lock held
1203 */
iucv_process_message_q(struct sock * sk)1204 static void iucv_process_message_q(struct sock *sk)
1205 {
1206 struct iucv_sock *iucv = iucv_sk(sk);
1207 struct sk_buff *skb;
1208 struct sock_msg_q *p, *n;
1209
1210 list_for_each_entry_safe(p, n, &iucv->message_q.list, list) {
1211 skb = alloc_iucv_recv_skb(iucv_msg_length(&p->msg));
1212 if (!skb)
1213 break;
1214 iucv_process_message(sk, skb, p->path, &p->msg);
1215 list_del(&p->list);
1216 kfree(p);
1217 if (!skb_queue_empty(&iucv->backlog_skb_q))
1218 break;
1219 }
1220 }
1221
iucv_sock_recvmsg(struct socket * sock,struct msghdr * msg,size_t len,int flags)1222 static int iucv_sock_recvmsg(struct socket *sock, struct msghdr *msg,
1223 size_t len, int flags)
1224 {
1225 struct sock *sk = sock->sk;
1226 struct iucv_sock *iucv = iucv_sk(sk);
1227 unsigned int copied, rlen;
1228 struct sk_buff *skb, *rskb, *cskb;
1229 int err = 0;
1230 u32 offset;
1231
1232 if ((sk->sk_state == IUCV_DISCONN) &&
1233 skb_queue_empty(&iucv->backlog_skb_q) &&
1234 skb_queue_empty(&sk->sk_receive_queue) &&
1235 list_empty(&iucv->message_q.list))
1236 return 0;
1237
1238 if (flags & (MSG_OOB))
1239 return -EOPNOTSUPP;
1240
1241 /* receive/dequeue next skb:
1242 * the function understands MSG_PEEK and, thus, does not dequeue skb
1243 * only refcount is increased.
1244 */
1245 skb = skb_recv_datagram(sk, flags, &err);
1246 if (!skb) {
1247 if (sk->sk_shutdown & RCV_SHUTDOWN)
1248 return 0;
1249 return err;
1250 }
1251
1252 offset = IUCV_SKB_CB(skb)->offset;
1253 rlen = skb->len - offset; /* real length of skb */
1254 copied = min_t(unsigned int, rlen, len);
1255 if (!rlen)
1256 sk->sk_shutdown = sk->sk_shutdown | RCV_SHUTDOWN;
1257
1258 cskb = skb;
1259 if (skb_copy_datagram_msg(cskb, offset, msg, copied)) {
1260 err = -EFAULT;
1261 goto err_out;
1262 }
1263
1264 /* SOCK_SEQPACKET: set MSG_TRUNC if recv buf size is too small */
1265 if (sk->sk_type == SOCK_SEQPACKET) {
1266 if (copied < rlen)
1267 msg->msg_flags |= MSG_TRUNC;
1268 /* each iucv message contains a complete record */
1269 msg->msg_flags |= MSG_EOR;
1270 }
1271
1272 /* create control message to store iucv msg target class:
1273 * get the trgcls from the control buffer of the skb due to
1274 * fragmentation of original iucv message. */
1275 err = put_cmsg(msg, SOL_IUCV, SCM_IUCV_TRGCLS,
1276 sizeof(IUCV_SKB_CB(skb)->class),
1277 (void *)&IUCV_SKB_CB(skb)->class);
1278 if (err)
1279 goto err_out;
1280
1281 /* Mark read part of skb as used */
1282 if (!(flags & MSG_PEEK)) {
1283
1284 /* SOCK_STREAM: re-queue skb if it contains unreceived data */
1285 if (sk->sk_type == SOCK_STREAM) {
1286 if (copied < rlen) {
1287 IUCV_SKB_CB(skb)->offset = offset + copied;
1288 skb_queue_head(&sk->sk_receive_queue, skb);
1289 goto done;
1290 }
1291 }
1292
1293 consume_skb(skb);
1294 if (iucv->transport == AF_IUCV_TRANS_HIPER) {
1295 atomic_inc(&iucv->msg_recv);
1296 if (atomic_read(&iucv->msg_recv) > iucv->msglimit) {
1297 WARN_ON(1);
1298 iucv_sock_close(sk);
1299 return -EFAULT;
1300 }
1301 }
1302
1303 /* Queue backlog skbs */
1304 spin_lock_bh(&iucv->message_q.lock);
1305 rskb = skb_dequeue(&iucv->backlog_skb_q);
1306 while (rskb) {
1307 IUCV_SKB_CB(rskb)->offset = 0;
1308 if (__sock_queue_rcv_skb(sk, rskb)) {
1309 /* handle rcv queue full */
1310 skb_queue_head(&iucv->backlog_skb_q,
1311 rskb);
1312 break;
1313 }
1314 rskb = skb_dequeue(&iucv->backlog_skb_q);
1315 }
1316 if (skb_queue_empty(&iucv->backlog_skb_q)) {
1317 if (!list_empty(&iucv->message_q.list))
1318 iucv_process_message_q(sk);
1319 if (atomic_read(&iucv->msg_recv) >=
1320 iucv->msglimit / 2) {
1321 err = iucv_send_ctrl(sk, AF_IUCV_FLAG_WIN);
1322 if (err) {
1323 sk->sk_state = IUCV_DISCONN;
1324 sk->sk_state_change(sk);
1325 }
1326 }
1327 }
1328 spin_unlock_bh(&iucv->message_q.lock);
1329 }
1330
1331 done:
1332 /* SOCK_SEQPACKET: return real length if MSG_TRUNC is set */
1333 if (sk->sk_type == SOCK_SEQPACKET && (flags & MSG_TRUNC))
1334 copied = rlen;
1335 if (flags & MSG_PEEK)
1336 skb_unref(skb);
1337
1338 return copied;
1339
1340 err_out:
1341 if (!(flags & MSG_PEEK))
1342 skb_queue_head(&sk->sk_receive_queue, skb);
1343 else
1344 skb_unref(skb);
1345
1346 return err;
1347 }
1348
iucv_accept_poll(struct sock * parent)1349 static inline __poll_t iucv_accept_poll(struct sock *parent)
1350 {
1351 struct iucv_sock *isk, *n;
1352 struct sock *sk;
1353
1354 list_for_each_entry_safe(isk, n, &iucv_sk(parent)->accept_q, accept_q) {
1355 sk = (struct sock *) isk;
1356
1357 if (sk->sk_state == IUCV_CONNECTED)
1358 return EPOLLIN | EPOLLRDNORM;
1359 }
1360
1361 return 0;
1362 }
1363
iucv_sock_poll(struct file * file,struct socket * sock,poll_table * wait)1364 static __poll_t iucv_sock_poll(struct file *file, struct socket *sock,
1365 poll_table *wait)
1366 {
1367 struct sock *sk = sock->sk;
1368 __poll_t mask = 0;
1369
1370 sock_poll_wait(file, sock, wait);
1371
1372 if (sk->sk_state == IUCV_LISTEN)
1373 return iucv_accept_poll(sk);
1374
1375 if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue))
1376 mask |= EPOLLERR |
1377 (sock_flag(sk, SOCK_SELECT_ERR_QUEUE) ? EPOLLPRI : 0);
1378
1379 if (sk->sk_shutdown & RCV_SHUTDOWN)
1380 mask |= EPOLLRDHUP;
1381
1382 if (sk->sk_shutdown == SHUTDOWN_MASK)
1383 mask |= EPOLLHUP;
1384
1385 if (!skb_queue_empty(&sk->sk_receive_queue) ||
1386 (sk->sk_shutdown & RCV_SHUTDOWN))
1387 mask |= EPOLLIN | EPOLLRDNORM;
1388
1389 if (sk->sk_state == IUCV_CLOSED)
1390 mask |= EPOLLHUP;
1391
1392 if (sk->sk_state == IUCV_DISCONN)
1393 mask |= EPOLLIN;
1394
1395 if (sock_writeable(sk) && iucv_below_msglim(sk))
1396 mask |= EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND;
1397 else
1398 sk_set_bit(SOCKWQ_ASYNC_NOSPACE, sk);
1399
1400 return mask;
1401 }
1402
iucv_sock_shutdown(struct socket * sock,int how)1403 static int iucv_sock_shutdown(struct socket *sock, int how)
1404 {
1405 struct sock *sk = sock->sk;
1406 struct iucv_sock *iucv = iucv_sk(sk);
1407 struct iucv_message txmsg;
1408 int err = 0;
1409
1410 how++;
1411
1412 if ((how & ~SHUTDOWN_MASK) || !how)
1413 return -EINVAL;
1414
1415 lock_sock(sk);
1416 switch (sk->sk_state) {
1417 case IUCV_LISTEN:
1418 case IUCV_DISCONN:
1419 case IUCV_CLOSING:
1420 case IUCV_CLOSED:
1421 err = -ENOTCONN;
1422 goto fail;
1423 default:
1424 break;
1425 }
1426
1427 if ((how == SEND_SHUTDOWN || how == SHUTDOWN_MASK) &&
1428 sk->sk_state == IUCV_CONNECTED) {
1429 if (iucv->transport == AF_IUCV_TRANS_IUCV) {
1430 txmsg.class = 0;
1431 txmsg.tag = 0;
1432 err = pr_iucv->message_send(iucv->path, &txmsg,
1433 IUCV_IPRMDATA, 0, (void *) iprm_shutdown, 8);
1434 if (err) {
1435 switch (err) {
1436 case 1:
1437 err = -ENOTCONN;
1438 break;
1439 case 2:
1440 err = -ECONNRESET;
1441 break;
1442 default:
1443 err = -ENOTCONN;
1444 break;
1445 }
1446 }
1447 } else
1448 iucv_send_ctrl(sk, AF_IUCV_FLAG_SHT);
1449 }
1450
1451 sk->sk_shutdown |= how;
1452 if (how == RCV_SHUTDOWN || how == SHUTDOWN_MASK) {
1453 if ((iucv->transport == AF_IUCV_TRANS_IUCV) &&
1454 iucv->path) {
1455 err = pr_iucv->path_quiesce(iucv->path, NULL);
1456 if (err)
1457 err = -ENOTCONN;
1458 /* skb_queue_purge(&sk->sk_receive_queue); */
1459 }
1460 skb_queue_purge(&sk->sk_receive_queue);
1461 }
1462
1463 /* Wake up anyone sleeping in poll */
1464 sk->sk_state_change(sk);
1465
1466 fail:
1467 release_sock(sk);
1468 return err;
1469 }
1470
iucv_sock_release(struct socket * sock)1471 static int iucv_sock_release(struct socket *sock)
1472 {
1473 struct sock *sk = sock->sk;
1474 int err = 0;
1475
1476 if (!sk)
1477 return 0;
1478
1479 iucv_sock_close(sk);
1480
1481 sock_orphan(sk);
1482 iucv_sock_kill(sk);
1483 return err;
1484 }
1485
1486 /* getsockopt and setsockopt */
iucv_sock_setsockopt(struct socket * sock,int level,int optname,sockptr_t optval,unsigned int optlen)1487 static int iucv_sock_setsockopt(struct socket *sock, int level, int optname,
1488 sockptr_t optval, unsigned int optlen)
1489 {
1490 struct sock *sk = sock->sk;
1491 struct iucv_sock *iucv = iucv_sk(sk);
1492 int val;
1493 int rc;
1494
1495 if (level != SOL_IUCV)
1496 return -ENOPROTOOPT;
1497
1498 if (optlen < sizeof(int))
1499 return -EINVAL;
1500
1501 if (copy_from_sockptr(&val, optval, sizeof(int)))
1502 return -EFAULT;
1503
1504 rc = 0;
1505
1506 lock_sock(sk);
1507 switch (optname) {
1508 case SO_IPRMDATA_MSG:
1509 if (val)
1510 iucv->flags |= IUCV_IPRMDATA;
1511 else
1512 iucv->flags &= ~IUCV_IPRMDATA;
1513 break;
1514 case SO_MSGLIMIT:
1515 switch (sk->sk_state) {
1516 case IUCV_OPEN:
1517 case IUCV_BOUND:
1518 if (val < 1 || val > U16_MAX)
1519 rc = -EINVAL;
1520 else
1521 iucv->msglimit = val;
1522 break;
1523 default:
1524 rc = -EINVAL;
1525 break;
1526 }
1527 break;
1528 default:
1529 rc = -ENOPROTOOPT;
1530 break;
1531 }
1532 release_sock(sk);
1533
1534 return rc;
1535 }
1536
iucv_sock_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)1537 static int iucv_sock_getsockopt(struct socket *sock, int level, int optname,
1538 char __user *optval, int __user *optlen)
1539 {
1540 struct sock *sk = sock->sk;
1541 struct iucv_sock *iucv = iucv_sk(sk);
1542 unsigned int val;
1543 int len, rc;
1544
1545 if (level != SOL_IUCV)
1546 return -ENOPROTOOPT;
1547
1548 if (get_user(len, optlen))
1549 return -EFAULT;
1550
1551 if (len < 0)
1552 return -EINVAL;
1553
1554 len = min_t(unsigned int, len, sizeof(int));
1555
1556 rc = 0;
1557
1558 lock_sock(sk);
1559 switch (optname) {
1560 case SO_IPRMDATA_MSG:
1561 val = (iucv->flags & IUCV_IPRMDATA) ? 1 : 0;
1562 break;
1563 case SO_MSGLIMIT:
1564 val = (iucv->path != NULL) ? iucv->path->msglim /* connected */
1565 : iucv->msglimit; /* default */
1566 break;
1567 case SO_MSGSIZE:
1568 if (sk->sk_state == IUCV_OPEN) {
1569 rc = -EBADFD;
1570 break;
1571 }
1572 val = (iucv->hs_dev) ? iucv->hs_dev->mtu -
1573 sizeof(struct af_iucv_trans_hdr) - ETH_HLEN :
1574 0x7fffffff;
1575 break;
1576 default:
1577 rc = -ENOPROTOOPT;
1578 break;
1579 }
1580 release_sock(sk);
1581
1582 if (rc)
1583 return rc;
1584
1585 if (put_user(len, optlen))
1586 return -EFAULT;
1587 if (copy_to_user(optval, &val, len))
1588 return -EFAULT;
1589
1590 return 0;
1591 }
1592
1593
1594 /* Callback wrappers - called from iucv base support */
iucv_callback_connreq(struct iucv_path * path,u8 ipvmid[8],u8 ipuser[16])1595 static int iucv_callback_connreq(struct iucv_path *path,
1596 u8 ipvmid[8], u8 ipuser[16])
1597 {
1598 unsigned char user_data[16];
1599 unsigned char nuser_data[16];
1600 unsigned char src_name[8];
1601 struct sock *sk, *nsk;
1602 struct iucv_sock *iucv, *niucv;
1603 int err;
1604
1605 memcpy(src_name, ipuser, 8);
1606 EBCASC(src_name, 8);
1607 /* Find out if this path belongs to af_iucv. */
1608 read_lock(&iucv_sk_list.lock);
1609 iucv = NULL;
1610 sk = NULL;
1611 sk_for_each(sk, &iucv_sk_list.head)
1612 if (sk->sk_state == IUCV_LISTEN &&
1613 !memcmp(&iucv_sk(sk)->src_name, src_name, 8)) {
1614 /*
1615 * Found a listening socket with
1616 * src_name == ipuser[0-7].
1617 */
1618 iucv = iucv_sk(sk);
1619 break;
1620 }
1621 read_unlock(&iucv_sk_list.lock);
1622 if (!iucv)
1623 /* No socket found, not one of our paths. */
1624 return -EINVAL;
1625
1626 bh_lock_sock(sk);
1627
1628 /* Check if parent socket is listening */
1629 low_nmcpy(user_data, iucv->src_name);
1630 high_nmcpy(user_data, iucv->dst_name);
1631 ASCEBC(user_data, sizeof(user_data));
1632 if (sk->sk_state != IUCV_LISTEN) {
1633 err = pr_iucv->path_sever(path, user_data);
1634 iucv_path_free(path);
1635 goto fail;
1636 }
1637
1638 /* Check for backlog size */
1639 if (sk_acceptq_is_full(sk)) {
1640 err = pr_iucv->path_sever(path, user_data);
1641 iucv_path_free(path);
1642 goto fail;
1643 }
1644
1645 /* Create the new socket */
1646 nsk = iucv_sock_alloc(NULL, sk->sk_protocol, GFP_ATOMIC, 0);
1647 if (!nsk) {
1648 err = pr_iucv->path_sever(path, user_data);
1649 iucv_path_free(path);
1650 goto fail;
1651 }
1652
1653 niucv = iucv_sk(nsk);
1654 iucv_sock_init(nsk, sk);
1655 niucv->transport = AF_IUCV_TRANS_IUCV;
1656 nsk->sk_allocation |= GFP_DMA;
1657
1658 /* Set the new iucv_sock */
1659 memcpy(niucv->dst_name, ipuser + 8, 8);
1660 EBCASC(niucv->dst_name, 8);
1661 memcpy(niucv->dst_user_id, ipvmid, 8);
1662 memcpy(niucv->src_name, iucv->src_name, 8);
1663 memcpy(niucv->src_user_id, iucv->src_user_id, 8);
1664 niucv->path = path;
1665
1666 /* Call iucv_accept */
1667 high_nmcpy(nuser_data, ipuser + 8);
1668 memcpy(nuser_data + 8, niucv->src_name, 8);
1669 ASCEBC(nuser_data + 8, 8);
1670
1671 /* set message limit for path based on msglimit of accepting socket */
1672 niucv->msglimit = iucv->msglimit;
1673 path->msglim = iucv->msglimit;
1674 err = pr_iucv->path_accept(path, &af_iucv_handler, nuser_data, nsk);
1675 if (err) {
1676 iucv_sever_path(nsk, 1);
1677 iucv_sock_kill(nsk);
1678 goto fail;
1679 }
1680
1681 iucv_accept_enqueue(sk, nsk);
1682
1683 /* Wake up accept */
1684 nsk->sk_state = IUCV_CONNECTED;
1685 sk->sk_data_ready(sk);
1686 err = 0;
1687 fail:
1688 bh_unlock_sock(sk);
1689 return 0;
1690 }
1691
iucv_callback_connack(struct iucv_path * path,u8 ipuser[16])1692 static void iucv_callback_connack(struct iucv_path *path, u8 ipuser[16])
1693 {
1694 struct sock *sk = path->private;
1695
1696 sk->sk_state = IUCV_CONNECTED;
1697 sk->sk_state_change(sk);
1698 }
1699
iucv_callback_rx(struct iucv_path * path,struct iucv_message * msg)1700 static void iucv_callback_rx(struct iucv_path *path, struct iucv_message *msg)
1701 {
1702 struct sock *sk = path->private;
1703 struct iucv_sock *iucv = iucv_sk(sk);
1704 struct sk_buff *skb;
1705 struct sock_msg_q *save_msg;
1706 int len;
1707
1708 if (sk->sk_shutdown & RCV_SHUTDOWN) {
1709 pr_iucv->message_reject(path, msg);
1710 return;
1711 }
1712
1713 spin_lock(&iucv->message_q.lock);
1714
1715 if (!list_empty(&iucv->message_q.list) ||
1716 !skb_queue_empty(&iucv->backlog_skb_q))
1717 goto save_message;
1718
1719 len = atomic_read(&sk->sk_rmem_alloc);
1720 len += SKB_TRUESIZE(iucv_msg_length(msg));
1721 if (len > sk->sk_rcvbuf)
1722 goto save_message;
1723
1724 skb = alloc_iucv_recv_skb(iucv_msg_length(msg));
1725 if (!skb)
1726 goto save_message;
1727
1728 iucv_process_message(sk, skb, path, msg);
1729 goto out_unlock;
1730
1731 save_message:
1732 save_msg = kzalloc_obj(struct sock_msg_q, GFP_ATOMIC | GFP_DMA);
1733 if (!save_msg)
1734 goto out_unlock;
1735 save_msg->path = path;
1736 save_msg->msg = *msg;
1737
1738 list_add_tail(&save_msg->list, &iucv->message_q.list);
1739
1740 out_unlock:
1741 spin_unlock(&iucv->message_q.lock);
1742 }
1743
iucv_callback_txdone(struct iucv_path * path,struct iucv_message * msg)1744 static void iucv_callback_txdone(struct iucv_path *path,
1745 struct iucv_message *msg)
1746 {
1747 struct sock *sk = path->private;
1748 struct sk_buff *this = NULL;
1749 struct sk_buff_head *list;
1750 struct sk_buff *list_skb;
1751 struct iucv_sock *iucv;
1752 unsigned long flags;
1753
1754 iucv = iucv_sk(sk);
1755 list = &iucv->send_skb_q;
1756
1757 bh_lock_sock(sk);
1758
1759 spin_lock_irqsave(&list->lock, flags);
1760 skb_queue_walk(list, list_skb) {
1761 if (msg->tag == IUCV_SKB_CB(list_skb)->tag) {
1762 this = list_skb;
1763 break;
1764 }
1765 }
1766 if (this) {
1767 atomic_dec(&iucv->skbs_in_xmit);
1768 __skb_unlink(this, list);
1769 }
1770
1771 spin_unlock_irqrestore(&list->lock, flags);
1772
1773 if (this) {
1774 consume_skb(this);
1775 /* wake up any process waiting for sending */
1776 iucv_sock_wake_msglim(sk);
1777 }
1778
1779 if (sk->sk_state == IUCV_CLOSING) {
1780 if (atomic_read(&iucv->skbs_in_xmit) == 0) {
1781 sk->sk_state = IUCV_CLOSED;
1782 sk->sk_state_change(sk);
1783 }
1784 }
1785 bh_unlock_sock(sk);
1786
1787 }
1788
iucv_callback_connrej(struct iucv_path * path,u8 ipuser[16])1789 static void iucv_callback_connrej(struct iucv_path *path, u8 ipuser[16])
1790 {
1791 struct sock *sk = path->private;
1792
1793 if (sk->sk_state == IUCV_CLOSED)
1794 return;
1795
1796 bh_lock_sock(sk);
1797 iucv_sever_path(sk, 1);
1798 sk->sk_state = IUCV_DISCONN;
1799
1800 sk->sk_state_change(sk);
1801 bh_unlock_sock(sk);
1802 }
1803
1804 /* called if the other communication side shuts down its RECV direction;
1805 * in turn, the callback sets SEND_SHUTDOWN to disable sending of data.
1806 */
iucv_callback_shutdown(struct iucv_path * path,u8 ipuser[16])1807 static void iucv_callback_shutdown(struct iucv_path *path, u8 ipuser[16])
1808 {
1809 struct sock *sk = path->private;
1810
1811 bh_lock_sock(sk);
1812 if (sk->sk_state != IUCV_CLOSED) {
1813 sk->sk_shutdown |= SEND_SHUTDOWN;
1814 sk->sk_state_change(sk);
1815 }
1816 bh_unlock_sock(sk);
1817 }
1818
1819 static struct iucv_handler af_iucv_handler = {
1820 .path_pending = iucv_callback_connreq,
1821 .path_complete = iucv_callback_connack,
1822 .path_severed = iucv_callback_connrej,
1823 .message_pending = iucv_callback_rx,
1824 .message_complete = iucv_callback_txdone,
1825 .path_quiesced = iucv_callback_shutdown,
1826 };
1827
1828 /***************** HiperSockets transport callbacks ********************/
afiucv_swap_src_dest(struct sk_buff * skb)1829 static void afiucv_swap_src_dest(struct sk_buff *skb)
1830 {
1831 struct af_iucv_trans_hdr *trans_hdr = iucv_trans_hdr(skb);
1832 char tmpID[8];
1833 char tmpName[8];
1834
1835 ASCEBC(trans_hdr->destUserID, sizeof(trans_hdr->destUserID));
1836 ASCEBC(trans_hdr->destAppName, sizeof(trans_hdr->destAppName));
1837 ASCEBC(trans_hdr->srcUserID, sizeof(trans_hdr->srcUserID));
1838 ASCEBC(trans_hdr->srcAppName, sizeof(trans_hdr->srcAppName));
1839 memcpy(tmpID, trans_hdr->srcUserID, 8);
1840 memcpy(tmpName, trans_hdr->srcAppName, 8);
1841 memcpy(trans_hdr->srcUserID, trans_hdr->destUserID, 8);
1842 memcpy(trans_hdr->srcAppName, trans_hdr->destAppName, 8);
1843 memcpy(trans_hdr->destUserID, tmpID, 8);
1844 memcpy(trans_hdr->destAppName, tmpName, 8);
1845 skb_push(skb, ETH_HLEN);
1846 memset(skb->data, 0, ETH_HLEN);
1847 }
1848
1849 /*
1850 * afiucv_hs_callback_syn - react on received SYN
1851 */
afiucv_hs_callback_syn(struct sock * sk,struct sk_buff * skb)1852 static int afiucv_hs_callback_syn(struct sock *sk, struct sk_buff *skb)
1853 {
1854 struct af_iucv_trans_hdr *trans_hdr = iucv_trans_hdr(skb);
1855 struct sock *nsk;
1856 struct iucv_sock *iucv, *niucv;
1857 int err;
1858
1859 iucv = iucv_sk(sk);
1860 if (!iucv) {
1861 /* no sock - connection refused */
1862 afiucv_swap_src_dest(skb);
1863 trans_hdr->flags = AF_IUCV_FLAG_SYN | AF_IUCV_FLAG_FIN;
1864 err = dev_queue_xmit(skb);
1865 goto out;
1866 }
1867
1868 nsk = iucv_sock_alloc(NULL, sk->sk_protocol, GFP_ATOMIC, 0);
1869 bh_lock_sock(sk);
1870 if ((sk->sk_state != IUCV_LISTEN) ||
1871 sk_acceptq_is_full(sk) ||
1872 !nsk) {
1873 /* error on server socket - connection refused */
1874 afiucv_swap_src_dest(skb);
1875 trans_hdr->flags = AF_IUCV_FLAG_SYN | AF_IUCV_FLAG_FIN;
1876 err = dev_queue_xmit(skb);
1877 iucv_sock_kill(nsk);
1878 bh_unlock_sock(sk);
1879 goto out;
1880 }
1881
1882 niucv = iucv_sk(nsk);
1883 iucv_sock_init(nsk, sk);
1884 niucv->transport = AF_IUCV_TRANS_HIPER;
1885 niucv->msglimit = iucv->msglimit;
1886 if (!trans_hdr->window)
1887 niucv->msglimit_peer = IUCV_HIPER_MSGLIM_DEFAULT;
1888 else
1889 niucv->msglimit_peer = trans_hdr->window;
1890 memcpy(niucv->dst_name, trans_hdr->srcAppName, 8);
1891 memcpy(niucv->dst_user_id, trans_hdr->srcUserID, 8);
1892 memcpy(niucv->src_name, iucv->src_name, 8);
1893 memcpy(niucv->src_user_id, iucv->src_user_id, 8);
1894 nsk->sk_bound_dev_if = sk->sk_bound_dev_if;
1895 niucv->hs_dev = iucv->hs_dev;
1896 dev_hold(niucv->hs_dev);
1897 afiucv_swap_src_dest(skb);
1898 trans_hdr->flags = AF_IUCV_FLAG_SYN | AF_IUCV_FLAG_ACK;
1899 trans_hdr->window = niucv->msglimit;
1900 /* if receiver acks the xmit connection is established */
1901 err = dev_queue_xmit(skb);
1902 if (!err) {
1903 iucv_accept_enqueue(sk, nsk);
1904 nsk->sk_state = IUCV_CONNECTED;
1905 sk->sk_data_ready(sk);
1906 } else
1907 iucv_sock_kill(nsk);
1908 bh_unlock_sock(sk);
1909
1910 out:
1911 return NET_RX_SUCCESS;
1912 }
1913
1914 /*
1915 * afiucv_hs_callback_synack() - react on received SYN-ACK
1916 */
afiucv_hs_callback_synack(struct sock * sk,struct sk_buff * skb)1917 static int afiucv_hs_callback_synack(struct sock *sk, struct sk_buff *skb)
1918 {
1919 struct iucv_sock *iucv = iucv_sk(sk);
1920
1921 if (!iucv || sk->sk_state != IUCV_BOUND) {
1922 kfree_skb(skb);
1923 return NET_RX_SUCCESS;
1924 }
1925
1926 bh_lock_sock(sk);
1927 iucv->msglimit_peer = iucv_trans_hdr(skb)->window;
1928 sk->sk_state = IUCV_CONNECTED;
1929 sk->sk_state_change(sk);
1930 bh_unlock_sock(sk);
1931 consume_skb(skb);
1932 return NET_RX_SUCCESS;
1933 }
1934
1935 /*
1936 * afiucv_hs_callback_synfin() - react on received SYN_FIN
1937 */
afiucv_hs_callback_synfin(struct sock * sk,struct sk_buff * skb)1938 static int afiucv_hs_callback_synfin(struct sock *sk, struct sk_buff *skb)
1939 {
1940 struct iucv_sock *iucv = iucv_sk(sk);
1941
1942 if (!iucv || sk->sk_state != IUCV_BOUND) {
1943 kfree_skb(skb);
1944 return NET_RX_SUCCESS;
1945 }
1946
1947 bh_lock_sock(sk);
1948 sk->sk_state = IUCV_DISCONN;
1949 sk->sk_state_change(sk);
1950 bh_unlock_sock(sk);
1951 consume_skb(skb);
1952 return NET_RX_SUCCESS;
1953 }
1954
1955 /*
1956 * afiucv_hs_callback_fin() - react on received FIN
1957 */
afiucv_hs_callback_fin(struct sock * sk,struct sk_buff * skb)1958 static int afiucv_hs_callback_fin(struct sock *sk, struct sk_buff *skb)
1959 {
1960 struct iucv_sock *iucv = iucv_sk(sk);
1961
1962 /* other end of connection closed */
1963 if (!iucv) {
1964 kfree_skb(skb);
1965 return NET_RX_SUCCESS;
1966 }
1967
1968 bh_lock_sock(sk);
1969 if (sk->sk_state == IUCV_CONNECTED) {
1970 sk->sk_state = IUCV_DISCONN;
1971 sk->sk_state_change(sk);
1972 }
1973 bh_unlock_sock(sk);
1974 consume_skb(skb);
1975 return NET_RX_SUCCESS;
1976 }
1977
1978 /*
1979 * afiucv_hs_callback_win() - react on received WIN
1980 */
afiucv_hs_callback_win(struct sock * sk,struct sk_buff * skb)1981 static int afiucv_hs_callback_win(struct sock *sk, struct sk_buff *skb)
1982 {
1983 struct iucv_sock *iucv = iucv_sk(sk);
1984
1985 if (!iucv)
1986 return NET_RX_SUCCESS;
1987
1988 if (sk->sk_state != IUCV_CONNECTED)
1989 return NET_RX_SUCCESS;
1990
1991 atomic_sub(iucv_trans_hdr(skb)->window, &iucv->msg_sent);
1992 iucv_sock_wake_msglim(sk);
1993 return NET_RX_SUCCESS;
1994 }
1995
1996 /*
1997 * afiucv_hs_callback_rx() - react on received data
1998 */
afiucv_hs_callback_rx(struct sock * sk,struct sk_buff * skb)1999 static int afiucv_hs_callback_rx(struct sock *sk, struct sk_buff *skb)
2000 {
2001 struct iucv_sock *iucv = iucv_sk(sk);
2002
2003 if (!iucv) {
2004 kfree_skb(skb);
2005 return NET_RX_SUCCESS;
2006 }
2007
2008 if (sk->sk_state != IUCV_CONNECTED) {
2009 kfree_skb(skb);
2010 return NET_RX_SUCCESS;
2011 }
2012
2013 if (sk->sk_shutdown & RCV_SHUTDOWN) {
2014 kfree_skb(skb);
2015 return NET_RX_SUCCESS;
2016 }
2017
2018 /* write stuff from iucv_msg to skb cb */
2019 skb_pull(skb, sizeof(struct af_iucv_trans_hdr));
2020 skb_reset_transport_header(skb);
2021 skb_reset_network_header(skb);
2022 IUCV_SKB_CB(skb)->offset = 0;
2023 if (sk_filter(sk, skb)) {
2024 sk_drops_inc(sk); /* skb rejected by filter */
2025 kfree_skb(skb);
2026 return NET_RX_SUCCESS;
2027 }
2028
2029 spin_lock(&iucv->message_q.lock);
2030 if (skb_queue_empty(&iucv->backlog_skb_q)) {
2031 if (__sock_queue_rcv_skb(sk, skb))
2032 /* handle rcv queue full */
2033 skb_queue_tail(&iucv->backlog_skb_q, skb);
2034 } else
2035 skb_queue_tail(&iucv_sk(sk)->backlog_skb_q, skb);
2036 spin_unlock(&iucv->message_q.lock);
2037 return NET_RX_SUCCESS;
2038 }
2039
2040 /*
2041 * afiucv_hs_rcv() - base function for arriving data through HiperSockets
2042 * transport
2043 * called from netif RX softirq
2044 */
afiucv_hs_rcv(struct sk_buff * skb,struct net_device * dev,struct packet_type * pt,struct net_device * orig_dev)2045 static int afiucv_hs_rcv(struct sk_buff *skb, struct net_device *dev,
2046 struct packet_type *pt, struct net_device *orig_dev)
2047 {
2048 struct sock *sk;
2049 struct iucv_sock *iucv;
2050 struct af_iucv_trans_hdr *trans_hdr;
2051 int err = NET_RX_SUCCESS;
2052 char nullstring[8];
2053
2054 if (!pskb_may_pull(skb, sizeof(*trans_hdr))) {
2055 kfree_skb(skb);
2056 return NET_RX_SUCCESS;
2057 }
2058
2059 trans_hdr = iucv_trans_hdr(skb);
2060 EBCASC(trans_hdr->destAppName, sizeof(trans_hdr->destAppName));
2061 EBCASC(trans_hdr->destUserID, sizeof(trans_hdr->destUserID));
2062 EBCASC(trans_hdr->srcAppName, sizeof(trans_hdr->srcAppName));
2063 EBCASC(trans_hdr->srcUserID, sizeof(trans_hdr->srcUserID));
2064 memset(nullstring, 0, sizeof(nullstring));
2065 iucv = NULL;
2066 sk = NULL;
2067 read_lock(&iucv_sk_list.lock);
2068 sk_for_each(sk, &iucv_sk_list.head) {
2069 if (trans_hdr->flags == AF_IUCV_FLAG_SYN) {
2070 if ((!memcmp(&iucv_sk(sk)->src_name,
2071 trans_hdr->destAppName, 8)) &&
2072 (!memcmp(&iucv_sk(sk)->src_user_id,
2073 trans_hdr->destUserID, 8)) &&
2074 (!memcmp(&iucv_sk(sk)->dst_name, nullstring, 8)) &&
2075 (!memcmp(&iucv_sk(sk)->dst_user_id,
2076 nullstring, 8))) {
2077 iucv = iucv_sk(sk);
2078 break;
2079 }
2080 } else {
2081 if ((!memcmp(&iucv_sk(sk)->src_name,
2082 trans_hdr->destAppName, 8)) &&
2083 (!memcmp(&iucv_sk(sk)->src_user_id,
2084 trans_hdr->destUserID, 8)) &&
2085 (!memcmp(&iucv_sk(sk)->dst_name,
2086 trans_hdr->srcAppName, 8)) &&
2087 (!memcmp(&iucv_sk(sk)->dst_user_id,
2088 trans_hdr->srcUserID, 8))) {
2089 iucv = iucv_sk(sk);
2090 break;
2091 }
2092 }
2093 }
2094 read_unlock(&iucv_sk_list.lock);
2095 if (!iucv)
2096 sk = NULL;
2097
2098 /* no sock
2099 how should we send with no sock
2100 1) send without sock no send rc checking?
2101 2) introduce default sock to handle this cases
2102
2103 SYN -> send SYN|ACK in good case, send SYN|FIN in bad case
2104 data -> send FIN
2105 SYN|ACK, SYN|FIN, FIN -> no action? */
2106
2107 switch (trans_hdr->flags) {
2108 case AF_IUCV_FLAG_SYN:
2109 /* connect request */
2110 err = afiucv_hs_callback_syn(sk, skb);
2111 break;
2112 case (AF_IUCV_FLAG_SYN | AF_IUCV_FLAG_ACK):
2113 /* connect request confirmed */
2114 err = afiucv_hs_callback_synack(sk, skb);
2115 break;
2116 case (AF_IUCV_FLAG_SYN | AF_IUCV_FLAG_FIN):
2117 /* connect request refused */
2118 err = afiucv_hs_callback_synfin(sk, skb);
2119 break;
2120 case (AF_IUCV_FLAG_FIN):
2121 /* close request */
2122 err = afiucv_hs_callback_fin(sk, skb);
2123 break;
2124 case (AF_IUCV_FLAG_WIN):
2125 err = afiucv_hs_callback_win(sk, skb);
2126 if (skb->len == sizeof(struct af_iucv_trans_hdr)) {
2127 consume_skb(skb);
2128 break;
2129 }
2130 fallthrough; /* and receive non-zero length data */
2131 case (AF_IUCV_FLAG_SHT):
2132 /* shutdown request */
2133 fallthrough; /* and receive zero length data */
2134 case 0:
2135 /* plain data frame */
2136 IUCV_SKB_CB(skb)->class = trans_hdr->iucv_hdr.class;
2137 err = afiucv_hs_callback_rx(sk, skb);
2138 break;
2139 default:
2140 kfree_skb(skb);
2141 }
2142
2143 return err;
2144 }
2145
2146 /*
2147 * afiucv_hs_callback_txnotify() - handle send notifications from HiperSockets
2148 * transport
2149 */
afiucv_hs_callback_txnotify(struct sock * sk,enum iucv_tx_notify n)2150 static void afiucv_hs_callback_txnotify(struct sock *sk, enum iucv_tx_notify n)
2151 {
2152 struct iucv_sock *iucv = iucv_sk(sk);
2153
2154 if (sock_flag(sk, SOCK_ZAPPED))
2155 return;
2156
2157 switch (n) {
2158 case TX_NOTIFY_OK:
2159 atomic_dec(&iucv->skbs_in_xmit);
2160 iucv_sock_wake_msglim(sk);
2161 break;
2162 case TX_NOTIFY_PENDING:
2163 atomic_inc(&iucv->pendings);
2164 break;
2165 case TX_NOTIFY_DELAYED_OK:
2166 atomic_dec(&iucv->skbs_in_xmit);
2167 if (atomic_dec_return(&iucv->pendings) <= 0)
2168 iucv_sock_wake_msglim(sk);
2169 break;
2170 default:
2171 atomic_dec(&iucv->skbs_in_xmit);
2172 if (sk->sk_state == IUCV_CONNECTED) {
2173 sk->sk_state = IUCV_DISCONN;
2174 sk->sk_state_change(sk);
2175 }
2176 }
2177
2178 if (sk->sk_state == IUCV_CLOSING) {
2179 if (atomic_read(&iucv->skbs_in_xmit) == 0) {
2180 sk->sk_state = IUCV_CLOSED;
2181 sk->sk_state_change(sk);
2182 }
2183 }
2184 }
2185
2186 /*
2187 * afiucv_netdev_event: handle netdev notifier chain events
2188 */
afiucv_netdev_event(struct notifier_block * this,unsigned long event,void * ptr)2189 static int afiucv_netdev_event(struct notifier_block *this,
2190 unsigned long event, void *ptr)
2191 {
2192 struct net_device *event_dev = netdev_notifier_info_to_dev(ptr);
2193 struct sock *sk;
2194 struct iucv_sock *iucv;
2195
2196 switch (event) {
2197 case NETDEV_REBOOT:
2198 case NETDEV_GOING_DOWN:
2199 sk_for_each(sk, &iucv_sk_list.head) {
2200 iucv = iucv_sk(sk);
2201 if ((iucv->hs_dev == event_dev) &&
2202 (sk->sk_state == IUCV_CONNECTED)) {
2203 if (event == NETDEV_GOING_DOWN)
2204 iucv_send_ctrl(sk, AF_IUCV_FLAG_FIN);
2205 sk->sk_state = IUCV_DISCONN;
2206 sk->sk_state_change(sk);
2207 }
2208 }
2209 break;
2210 case NETDEV_DOWN:
2211 case NETDEV_UNREGISTER:
2212 default:
2213 break;
2214 }
2215 return NOTIFY_DONE;
2216 }
2217
2218 static struct notifier_block afiucv_netdev_notifier = {
2219 .notifier_call = afiucv_netdev_event,
2220 };
2221
2222 static const struct proto_ops iucv_sock_ops = {
2223 .family = PF_IUCV,
2224 .owner = THIS_MODULE,
2225 .release = iucv_sock_release,
2226 .bind = iucv_sock_bind,
2227 .connect = iucv_sock_connect,
2228 .listen = iucv_sock_listen,
2229 .accept = iucv_sock_accept,
2230 .getname = iucv_sock_getname,
2231 .sendmsg = iucv_sock_sendmsg,
2232 .recvmsg = iucv_sock_recvmsg,
2233 .poll = iucv_sock_poll,
2234 .ioctl = sock_no_ioctl,
2235 .mmap = sock_no_mmap,
2236 .socketpair = sock_no_socketpair,
2237 .shutdown = iucv_sock_shutdown,
2238 .setsockopt = iucv_sock_setsockopt,
2239 .getsockopt = iucv_sock_getsockopt,
2240 };
2241
iucv_sock_create(struct net * net,struct socket * sock,int protocol,int kern)2242 static int iucv_sock_create(struct net *net, struct socket *sock, int protocol,
2243 int kern)
2244 {
2245 struct sock *sk;
2246
2247 if (protocol && protocol != PF_IUCV)
2248 return -EPROTONOSUPPORT;
2249
2250 sock->state = SS_UNCONNECTED;
2251
2252 switch (sock->type) {
2253 case SOCK_STREAM:
2254 case SOCK_SEQPACKET:
2255 /* currently, proto ops can handle both sk types */
2256 sock->ops = &iucv_sock_ops;
2257 break;
2258 default:
2259 return -ESOCKTNOSUPPORT;
2260 }
2261
2262 sk = iucv_sock_alloc(sock, protocol, GFP_KERNEL, kern);
2263 if (!sk)
2264 return -ENOMEM;
2265
2266 iucv_sock_init(sk, NULL);
2267
2268 return 0;
2269 }
2270
2271 static const struct net_proto_family iucv_sock_family_ops = {
2272 .family = AF_IUCV,
2273 .owner = THIS_MODULE,
2274 .create = iucv_sock_create,
2275 };
2276
2277 static struct packet_type iucv_packet_type = {
2278 .type = cpu_to_be16(ETH_P_AF_IUCV),
2279 .func = afiucv_hs_rcv,
2280 };
2281
afiucv_init(void)2282 static int __init afiucv_init(void)
2283 {
2284 int err;
2285
2286 if (machine_is_vm() && IS_ENABLED(CONFIG_IUCV)) {
2287 cpcmd("QUERY USERID", iucv_userid, sizeof(iucv_userid), &err);
2288 if (unlikely(err)) {
2289 WARN_ON(err);
2290 err = -EPROTONOSUPPORT;
2291 goto out;
2292 }
2293
2294 pr_iucv = &iucv_if;
2295 } else {
2296 memset(&iucv_userid, 0, sizeof(iucv_userid));
2297 pr_iucv = NULL;
2298 }
2299
2300 err = proto_register(&iucv_proto, 0);
2301 if (err)
2302 goto out;
2303 err = sock_register(&iucv_sock_family_ops);
2304 if (err)
2305 goto out_proto;
2306
2307 if (pr_iucv) {
2308 err = pr_iucv->iucv_register(&af_iucv_handler, 0);
2309 if (err)
2310 goto out_sock;
2311 }
2312
2313 err = register_netdevice_notifier(&afiucv_netdev_notifier);
2314 if (err)
2315 goto out_notifier;
2316
2317 dev_add_pack(&iucv_packet_type);
2318 return 0;
2319
2320 out_notifier:
2321 if (pr_iucv)
2322 pr_iucv->iucv_unregister(&af_iucv_handler, 0);
2323 out_sock:
2324 sock_unregister(PF_IUCV);
2325 out_proto:
2326 proto_unregister(&iucv_proto);
2327 out:
2328 return err;
2329 }
2330
afiucv_exit(void)2331 static void __exit afiucv_exit(void)
2332 {
2333 if (pr_iucv)
2334 pr_iucv->iucv_unregister(&af_iucv_handler, 0);
2335
2336 unregister_netdevice_notifier(&afiucv_netdev_notifier);
2337 dev_remove_pack(&iucv_packet_type);
2338 sock_unregister(PF_IUCV);
2339 proto_unregister(&iucv_proto);
2340 }
2341
2342 module_init(afiucv_init);
2343 module_exit(afiucv_exit);
2344
2345 MODULE_AUTHOR("Jennifer Hunt <jenhunt@us.ibm.com>");
2346 MODULE_DESCRIPTION("IUCV Sockets ver " VERSION);
2347 MODULE_VERSION(VERSION);
2348 MODULE_LICENSE("GPL");
2349 MODULE_ALIAS_NETPROTO(PF_IUCV);
2350