1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* Peer event handling, typically ICMP messages.
3 *
4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
6 */
7
8 #include <linux/module.h>
9 #include <linux/net.h>
10 #include <linux/skbuff.h>
11 #include <linux/errqueue.h>
12 #include <linux/udp.h>
13 #include <linux/in.h>
14 #include <linux/in6.h>
15 #include <linux/icmp.h>
16 #include <net/sock.h>
17 #include <net/af_rxrpc.h>
18 #include <net/ip.h>
19 #include "ar-internal.h"
20
21 static void rxrpc_store_error(struct rxrpc_peer *, struct sk_buff *);
22 static void rxrpc_distribute_error(struct rxrpc_peer *, struct sk_buff *,
23 enum rxrpc_call_completion, int);
24
25 /*
26 * Find the peer associated with a local error.
27 */
rxrpc_lookup_peer_local_rcu(struct rxrpc_local * local,const struct sk_buff * skb,struct sockaddr_rxrpc * srx)28 static struct rxrpc_peer *rxrpc_lookup_peer_local_rcu(struct rxrpc_local *local,
29 const struct sk_buff *skb,
30 struct sockaddr_rxrpc *srx)
31 {
32 struct sock_exterr_skb *serr = SKB_EXT_ERR(skb);
33
34 _enter("");
35
36 memset(srx, 0, sizeof(*srx));
37 srx->transport_type = local->srx.transport_type;
38 srx->transport_len = local->srx.transport_len;
39 srx->transport.family = local->srx.transport.family;
40
41 /* Can we see an ICMP4 packet on an ICMP6 listening socket? and vice
42 * versa?
43 */
44 switch (srx->transport.family) {
45 case AF_INET:
46 srx->transport_len = sizeof(srx->transport.sin);
47 srx->transport.family = AF_INET;
48 srx->transport.sin.sin_port = serr->port;
49 switch (serr->ee.ee_origin) {
50 case SO_EE_ORIGIN_ICMP:
51 memcpy(&srx->transport.sin.sin_addr,
52 skb_network_header(skb) + serr->addr_offset,
53 sizeof(struct in_addr));
54 break;
55 case SO_EE_ORIGIN_ICMP6:
56 memcpy(&srx->transport.sin.sin_addr,
57 skb_network_header(skb) + serr->addr_offset + 12,
58 sizeof(struct in_addr));
59 break;
60 default:
61 memcpy(&srx->transport.sin.sin_addr, &ip_hdr(skb)->saddr,
62 sizeof(struct in_addr));
63 break;
64 }
65 break;
66
67 #ifdef CONFIG_AF_RXRPC_IPV6
68 case AF_INET6:
69 switch (serr->ee.ee_origin) {
70 case SO_EE_ORIGIN_ICMP6:
71 srx->transport.sin6.sin6_port = serr->port;
72 memcpy(&srx->transport.sin6.sin6_addr,
73 skb_network_header(skb) + serr->addr_offset,
74 sizeof(struct in6_addr));
75 break;
76 case SO_EE_ORIGIN_ICMP:
77 srx->transport_len = sizeof(srx->transport.sin);
78 srx->transport.family = AF_INET;
79 srx->transport.sin.sin_port = serr->port;
80 memcpy(&srx->transport.sin.sin_addr,
81 skb_network_header(skb) + serr->addr_offset,
82 sizeof(struct in_addr));
83 break;
84 default:
85 memcpy(&srx->transport.sin6.sin6_addr,
86 &ipv6_hdr(skb)->saddr,
87 sizeof(struct in6_addr));
88 break;
89 }
90 break;
91 #endif
92
93 default:
94 BUG();
95 }
96
97 return rxrpc_lookup_peer_rcu(local, srx);
98 }
99
100 /*
101 * Handle an MTU/fragmentation problem.
102 */
rxrpc_adjust_mtu(struct rxrpc_peer * peer,unsigned int mtu)103 static void rxrpc_adjust_mtu(struct rxrpc_peer *peer, unsigned int mtu)
104 {
105 unsigned int max_data;
106
107 /* wind down the local interface MTU */
108 if (mtu > 0 && peer->if_mtu == 65535 && mtu < peer->if_mtu)
109 peer->if_mtu = mtu;
110
111 if (mtu == 0) {
112 /* they didn't give us a size, estimate one */
113 mtu = peer->if_mtu;
114 if (mtu > 1500) {
115 mtu >>= 1;
116 if (mtu < 1500)
117 mtu = 1500;
118 } else {
119 mtu -= 100;
120 if (mtu < peer->hdrsize)
121 mtu = peer->hdrsize + 4;
122 }
123 }
124
125 max_data = max_t(int, mtu - peer->hdrsize, 500);
126 if (max_data < peer->max_data) {
127 if (peer->pmtud_good > max_data)
128 peer->pmtud_good = max_data;
129 if (peer->pmtud_bad > max_data + 1)
130 peer->pmtud_bad = max_data + 1;
131
132 trace_rxrpc_pmtud_reduce(peer, 0, max_data, rxrpc_pmtud_reduce_icmp);
133 peer->max_data = max_data;
134 }
135 }
136
137 /*
138 * Handle an error received on the local endpoint.
139 */
rxrpc_input_error(struct rxrpc_local * local,struct sk_buff * skb)140 void rxrpc_input_error(struct rxrpc_local *local, struct sk_buff *skb)
141 {
142 struct sock_exterr_skb *serr = SKB_EXT_ERR(skb);
143 struct sockaddr_rxrpc srx;
144 struct rxrpc_peer *peer = NULL;
145
146 _enter("L=%x", local->debug_id);
147
148 if (!skb->len && serr->ee.ee_origin == SO_EE_ORIGIN_TIMESTAMPING) {
149 _leave("UDP empty message");
150 return;
151 }
152
153 rcu_read_lock();
154 peer = rxrpc_lookup_peer_local_rcu(local, skb, &srx);
155 if (peer && !rxrpc_get_peer_maybe(peer, rxrpc_peer_get_input_error))
156 peer = NULL;
157 rcu_read_unlock();
158 if (!peer)
159 return;
160
161 trace_rxrpc_rx_icmp(peer, &serr->ee, &srx);
162
163 if ((serr->ee.ee_origin == SO_EE_ORIGIN_ICMP &&
164 serr->ee.ee_type == ICMP_DEST_UNREACH &&
165 serr->ee.ee_code == ICMP_FRAG_NEEDED)) {
166 rxrpc_adjust_mtu(peer, serr->ee.ee_info);
167 goto out;
168 }
169
170 if ((serr->ee.ee_origin == SO_EE_ORIGIN_ICMP6 &&
171 serr->ee.ee_type == ICMPV6_PKT_TOOBIG &&
172 serr->ee.ee_code == 0)) {
173 rxrpc_adjust_mtu(peer, serr->ee.ee_info);
174 goto out;
175 }
176
177 rxrpc_store_error(peer, skb);
178 out:
179 rxrpc_put_peer(peer, rxrpc_peer_put_input_error);
180 }
181
182 /*
183 * Map an error report to error codes on the peer record.
184 */
rxrpc_store_error(struct rxrpc_peer * peer,struct sk_buff * skb)185 static void rxrpc_store_error(struct rxrpc_peer *peer, struct sk_buff *skb)
186 {
187 enum rxrpc_call_completion compl = RXRPC_CALL_NETWORK_ERROR;
188 struct sock_exterr_skb *serr = SKB_EXT_ERR(skb);
189 struct sock_extended_err *ee = &serr->ee;
190 int err = ee->ee_errno;
191
192 _enter("");
193
194 switch (ee->ee_origin) {
195 case SO_EE_ORIGIN_NONE:
196 case SO_EE_ORIGIN_LOCAL:
197 compl = RXRPC_CALL_LOCAL_ERROR;
198 break;
199
200 case SO_EE_ORIGIN_ICMP6:
201 if (err == EACCES)
202 err = EHOSTUNREACH;
203 fallthrough;
204 case SO_EE_ORIGIN_ICMP:
205 default:
206 break;
207 }
208
209 rxrpc_distribute_error(peer, skb, compl, err);
210 }
211
212 /*
213 * Distribute an error that occurred on a peer.
214 */
rxrpc_distribute_error(struct rxrpc_peer * peer,struct sk_buff * skb,enum rxrpc_call_completion compl,int err)215 static void rxrpc_distribute_error(struct rxrpc_peer *peer, struct sk_buff *skb,
216 enum rxrpc_call_completion compl, int err)
217 {
218 struct rxrpc_call *call;
219 HLIST_HEAD(error_targets);
220
221 spin_lock_irq(&peer->lock);
222 hlist_move_list(&peer->error_targets, &error_targets);
223
224 while (!hlist_empty(&error_targets)) {
225 call = hlist_entry(error_targets.first,
226 struct rxrpc_call, error_link);
227 hlist_del_init(&call->error_link);
228 spin_unlock_irq(&peer->lock);
229
230 rxrpc_see_call(call, rxrpc_call_see_distribute_error);
231 rxrpc_set_call_completion(call, compl, 0, -err);
232 rxrpc_input_call_event(call);
233
234 spin_lock_irq(&peer->lock);
235 }
236
237 spin_unlock_irq(&peer->lock);
238 }
239
240 /*
241 * Reconstruct the last transmission time. The difference calculated should be
242 * valid provided no more than ~68 years elapsed since the last transmission.
243 */
rxrpc_peer_get_tx_mark(const struct rxrpc_peer * peer,time64_t base)244 static time64_t rxrpc_peer_get_tx_mark(const struct rxrpc_peer *peer, time64_t base)
245 {
246 s32 last_tx_at = READ_ONCE(peer->last_tx_at);
247 s32 base_lsw = base;
248 s32 diff = last_tx_at - base_lsw;
249
250 diff = clamp(diff, -RXRPC_KEEPALIVE_TIME, RXRPC_KEEPALIVE_TIME);
251
252 return diff + base;
253 }
254
255 /*
256 * Perform keep-alive pings.
257 */
rxrpc_peer_keepalive_dispatch(struct rxrpc_net * rxnet,struct list_head * collector,time64_t base,u8 cursor)258 static void rxrpc_peer_keepalive_dispatch(struct rxrpc_net *rxnet,
259 struct list_head *collector,
260 time64_t base,
261 u8 cursor)
262 {
263 struct rxrpc_peer *peer;
264 const u8 mask = ARRAY_SIZE(rxnet->peer_keepalive) - 1;
265 time64_t keepalive_at;
266 bool use;
267 int slot;
268
269 spin_lock_bh(&rxnet->peer_hash_lock);
270
271 while (!list_empty(collector)) {
272 peer = list_entry(collector->next,
273 struct rxrpc_peer, keepalive_link);
274
275 list_del_init(&peer->keepalive_link);
276 if (!rxrpc_get_peer_maybe(peer, rxrpc_peer_get_keepalive))
277 continue;
278
279 use = __rxrpc_use_local(peer->local, rxrpc_local_use_peer_keepalive);
280 spin_unlock_bh(&rxnet->peer_hash_lock);
281
282 if (use) {
283 keepalive_at = rxrpc_peer_get_tx_mark(peer, base) + RXRPC_KEEPALIVE_TIME;
284 slot = keepalive_at - base;
285 _debug("%02x peer %u t=%d {%pISp}",
286 cursor, peer->debug_id, slot, &peer->srx.transport);
287
288 if (keepalive_at <= base ||
289 keepalive_at > base + RXRPC_KEEPALIVE_TIME) {
290 rxrpc_send_keepalive(peer);
291 slot = RXRPC_KEEPALIVE_TIME;
292 }
293
294 /* A transmission to this peer occurred since last we
295 * examined it so put it into the appropriate future
296 * bucket.
297 */
298 slot += cursor;
299 slot &= mask;
300 spin_lock_bh(&rxnet->peer_hash_lock);
301 list_add_tail(&peer->keepalive_link,
302 &rxnet->peer_keepalive[slot & mask]);
303 spin_unlock_bh(&rxnet->peer_hash_lock);
304 rxrpc_unuse_local(peer->local, rxrpc_local_unuse_peer_keepalive);
305 }
306 rxrpc_put_peer(peer, rxrpc_peer_put_keepalive);
307 spin_lock_bh(&rxnet->peer_hash_lock);
308 }
309
310 spin_unlock_bh(&rxnet->peer_hash_lock);
311 }
312
313 /*
314 * Perform keep-alive pings with VERSION packets to keep any NAT alive.
315 */
rxrpc_peer_keepalive_worker(struct work_struct * work)316 void rxrpc_peer_keepalive_worker(struct work_struct *work)
317 {
318 struct rxrpc_net *rxnet =
319 container_of(work, struct rxrpc_net, peer_keepalive_work);
320 const u8 mask = ARRAY_SIZE(rxnet->peer_keepalive) - 1;
321 time64_t base, now, delay;
322 u8 cursor, stop;
323 LIST_HEAD(collector);
324
325 now = ktime_get_seconds();
326 base = rxnet->peer_keepalive_base;
327 cursor = rxnet->peer_keepalive_cursor;
328 _enter("%lld,%u", base - now, cursor);
329
330 if (!rxnet->live)
331 return;
332
333 /* Remove to a temporary list all the peers that are currently lodged
334 * in expired buckets plus all new peers.
335 *
336 * Everything in the bucket at the cursor is processed this
337 * second; the bucket at cursor + 1 goes at now + 1s and so
338 * on...
339 */
340 spin_lock_bh(&rxnet->peer_hash_lock);
341 list_splice_init(&rxnet->peer_keepalive_new, &collector);
342
343 stop = cursor + ARRAY_SIZE(rxnet->peer_keepalive);
344 while (base <= now && (s8)(cursor - stop) < 0) {
345 list_splice_tail_init(&rxnet->peer_keepalive[cursor & mask],
346 &collector);
347 base++;
348 cursor++;
349 }
350
351 base = now;
352 spin_unlock_bh(&rxnet->peer_hash_lock);
353
354 rxnet->peer_keepalive_base = base;
355 rxnet->peer_keepalive_cursor = cursor;
356 rxrpc_peer_keepalive_dispatch(rxnet, &collector, base, cursor);
357 ASSERT(list_empty(&collector));
358
359 /* Schedule the timer for the next occupied timeslot. */
360 cursor = rxnet->peer_keepalive_cursor;
361 stop = cursor + RXRPC_KEEPALIVE_TIME - 1;
362 for (; (s8)(cursor - stop) < 0; cursor++) {
363 if (!list_empty(&rxnet->peer_keepalive[cursor & mask]))
364 break;
365 base++;
366 }
367
368 now = ktime_get_seconds();
369 delay = base - now;
370 if (delay < 1)
371 delay = 1;
372 delay *= HZ;
373 if (rxnet->live)
374 timer_reduce(&rxnet->peer_keepalive_timer, jiffies + delay);
375
376 _leave("");
377 }
378
379 /*
380 * Do path MTU probing.
381 */
rxrpc_input_probe_for_pmtud(struct rxrpc_connection * conn,rxrpc_serial_t acked_serial,bool sendmsg_fail)382 void rxrpc_input_probe_for_pmtud(struct rxrpc_connection *conn, rxrpc_serial_t acked_serial,
383 bool sendmsg_fail)
384 {
385 struct rxrpc_peer *peer = conn->peer;
386 unsigned int max_data = peer->max_data;
387 int good, trial, bad, jumbo;
388
389 good = peer->pmtud_good;
390 trial = peer->pmtud_trial;
391 bad = peer->pmtud_bad;
392 if (good >= bad - 1) {
393 conn->pmtud_probe = 0;
394 peer->pmtud_lost = false;
395 return;
396 }
397
398 if (!peer->pmtud_probing)
399 goto send_probe;
400
401 if (sendmsg_fail || after(acked_serial, conn->pmtud_probe)) {
402 /* Retry a lost probe. */
403 if (!peer->pmtud_lost) {
404 trace_rxrpc_pmtud_lost(conn, acked_serial);
405 conn->pmtud_probe = 0;
406 peer->pmtud_lost = true;
407 goto send_probe;
408 }
409
410 /* The probed size didn't seem to get through. */
411 bad = trial;
412 peer->pmtud_bad = bad;
413 if (bad <= max_data)
414 max_data = bad - 1;
415 } else {
416 /* It did get through. */
417 good = trial;
418 peer->pmtud_good = good;
419 if (good > max_data)
420 max_data = good;
421 }
422
423 max_data = umin(max_data, peer->ackr_max_data);
424 if (max_data != peer->max_data)
425 peer->max_data = max_data;
426
427 jumbo = max_data + sizeof(struct rxrpc_jumbo_header);
428 jumbo /= RXRPC_JUMBO_SUBPKTLEN;
429 peer->pmtud_jumbo = jumbo;
430
431 trace_rxrpc_pmtud_rx(conn, acked_serial);
432 conn->pmtud_probe = 0;
433 peer->pmtud_lost = false;
434
435 if (good < RXRPC_JUMBO(2) && bad > RXRPC_JUMBO(2))
436 trial = RXRPC_JUMBO(2);
437 else if (good < RXRPC_JUMBO(4) && bad > RXRPC_JUMBO(4))
438 trial = RXRPC_JUMBO(4);
439 else if (good < RXRPC_JUMBO(3) && bad > RXRPC_JUMBO(3))
440 trial = RXRPC_JUMBO(3);
441 else if (good < RXRPC_JUMBO(6) && bad > RXRPC_JUMBO(6))
442 trial = RXRPC_JUMBO(6);
443 else if (good < RXRPC_JUMBO(5) && bad > RXRPC_JUMBO(5))
444 trial = RXRPC_JUMBO(5);
445 else if (good < RXRPC_JUMBO(8) && bad > RXRPC_JUMBO(8))
446 trial = RXRPC_JUMBO(8);
447 else if (good < RXRPC_JUMBO(7) && bad > RXRPC_JUMBO(7))
448 trial = RXRPC_JUMBO(7);
449 else
450 trial = (good + bad) / 2;
451 peer->pmtud_trial = trial;
452
453 if (good >= bad)
454 return;
455
456 send_probe:
457 peer->pmtud_pending = true;
458 }
459