1 /* 2 * connector.c 3 * 4 * 2004-2005 Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru> 5 * All rights reserved. 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 20 */ 21 22 #include <linux/kernel.h> 23 #include <linux/module.h> 24 #include <linux/list.h> 25 #include <linux/skbuff.h> 26 #include <linux/netlink.h> 27 #include <linux/moduleparam.h> 28 #include <linux/connector.h> 29 #include <linux/mutex.h> 30 31 #include <net/sock.h> 32 33 MODULE_LICENSE("GPL"); 34 MODULE_AUTHOR("Evgeniy Polyakov <johnpol@2ka.mipt.ru>"); 35 MODULE_DESCRIPTION("Generic userspace <-> kernelspace connector."); 36 37 static u32 cn_idx = CN_IDX_CONNECTOR; 38 static u32 cn_val = CN_VAL_CONNECTOR; 39 40 module_param(cn_idx, uint, 0); 41 module_param(cn_val, uint, 0); 42 MODULE_PARM_DESC(cn_idx, "Connector's main device idx."); 43 MODULE_PARM_DESC(cn_val, "Connector's main device val."); 44 45 static DEFINE_MUTEX(notify_lock); 46 static LIST_HEAD(notify_list); 47 48 static struct cn_dev cdev; 49 50 int cn_already_initialized = 0; 51 52 /* 53 * msg->seq and msg->ack are used to determine message genealogy. 54 * When someone sends message it puts there locally unique sequence 55 * and random acknowledge numbers. Sequence number may be copied into 56 * nlmsghdr->nlmsg_seq too. 57 * 58 * Sequence number is incremented with each message to be sent. 59 * 60 * If we expect reply to our message then the sequence number in 61 * received message MUST be the same as in original message, and 62 * acknowledge number MUST be the same + 1. 63 * 64 * If we receive a message and its sequence number is not equal to the 65 * one we are expecting then it is a new message. 66 * 67 * If we receive a message and its sequence number is the same as one 68 * we are expecting but it's acknowledgement number is not equal to 69 * the acknowledgement number in the original message + 1, then it is 70 * a new message. 71 * 72 */ 73 int cn_netlink_send(struct cn_msg *msg, u32 __group, gfp_t gfp_mask) 74 { 75 struct cn_callback_entry *__cbq; 76 unsigned int size; 77 struct sk_buff *skb; 78 struct nlmsghdr *nlh; 79 struct cn_msg *data; 80 struct cn_dev *dev = &cdev; 81 u32 group = 0; 82 int found = 0; 83 84 if (!__group) { 85 spin_lock_bh(&dev->cbdev->queue_lock); 86 list_for_each_entry(__cbq, &dev->cbdev->queue_list, 87 callback_entry) { 88 if (cn_cb_equal(&__cbq->id.id, &msg->id)) { 89 found = 1; 90 group = __cbq->group; 91 } 92 } 93 spin_unlock_bh(&dev->cbdev->queue_lock); 94 95 if (!found) 96 return -ENODEV; 97 } else { 98 group = __group; 99 } 100 101 if (!netlink_has_listeners(dev->nls, group)) 102 return -ESRCH; 103 104 size = NLMSG_SPACE(sizeof(*msg) + msg->len); 105 106 skb = alloc_skb(size, gfp_mask); 107 if (!skb) 108 return -ENOMEM; 109 110 nlh = NLMSG_PUT(skb, 0, msg->seq, NLMSG_DONE, size - sizeof(*nlh)); 111 112 data = NLMSG_DATA(nlh); 113 114 memcpy(data, msg, sizeof(*data) + msg->len); 115 116 NETLINK_CB(skb).dst_group = group; 117 118 return netlink_broadcast(dev->nls, skb, 0, group, gfp_mask); 119 120 nlmsg_failure: 121 kfree_skb(skb); 122 return -EINVAL; 123 } 124 EXPORT_SYMBOL_GPL(cn_netlink_send); 125 126 /* 127 * Callback helper - queues work and setup destructor for given data. 128 */ 129 static int cn_call_callback(struct cn_msg *msg, void (*destruct_data)(void *), void *data) 130 { 131 struct cn_callback_entry *__cbq; 132 struct cn_dev *dev = &cdev; 133 int err = -ENODEV; 134 135 spin_lock_bh(&dev->cbdev->queue_lock); 136 list_for_each_entry(__cbq, &dev->cbdev->queue_list, callback_entry) { 137 if (cn_cb_equal(&__cbq->id.id, &msg->id)) { 138 if (likely(!test_bit(0, &__cbq->work.pending) && 139 __cbq->data.ddata == NULL)) { 140 __cbq->data.callback_priv = msg; 141 142 __cbq->data.ddata = data; 143 __cbq->data.destruct_data = destruct_data; 144 145 if (queue_work(dev->cbdev->cn_queue, 146 &__cbq->work)) 147 err = 0; 148 } else { 149 struct work_struct *w; 150 struct cn_callback_data *d; 151 152 w = kzalloc(sizeof(*w) + sizeof(*d), GFP_ATOMIC); 153 if (w) { 154 d = (struct cn_callback_data *)(w+1); 155 156 d->callback_priv = msg; 157 d->callback = __cbq->data.callback; 158 d->ddata = data; 159 d->destruct_data = destruct_data; 160 d->free = w; 161 162 INIT_LIST_HEAD(&w->entry); 163 w->pending = 0; 164 w->func = &cn_queue_wrapper; 165 w->data = d; 166 init_timer(&w->timer); 167 168 if (queue_work(dev->cbdev->cn_queue, w)) 169 err = 0; 170 else { 171 kfree(w); 172 err = -EINVAL; 173 } 174 } else 175 err = -ENOMEM; 176 } 177 break; 178 } 179 } 180 spin_unlock_bh(&dev->cbdev->queue_lock); 181 182 return err; 183 } 184 185 /* 186 * Skb receive helper - checks skb and msg size and calls callback 187 * helper. 188 */ 189 static int __cn_rx_skb(struct sk_buff *skb, struct nlmsghdr *nlh) 190 { 191 u32 pid, uid, seq, group; 192 struct cn_msg *msg; 193 194 pid = NETLINK_CREDS(skb)->pid; 195 uid = NETLINK_CREDS(skb)->uid; 196 seq = nlh->nlmsg_seq; 197 group = NETLINK_CB((skb)).dst_group; 198 msg = NLMSG_DATA(nlh); 199 200 return cn_call_callback(msg, (void (*)(void *))kfree_skb, skb); 201 } 202 203 /* 204 * Main netlink receiving function. 205 * 206 * It checks skb and netlink header sizes and calls the skb receive 207 * helper with a shared skb. 208 */ 209 static void cn_rx_skb(struct sk_buff *__skb) 210 { 211 struct nlmsghdr *nlh; 212 u32 len; 213 int err; 214 struct sk_buff *skb; 215 216 skb = skb_get(__skb); 217 218 if (skb->len >= NLMSG_SPACE(0)) { 219 nlh = (struct nlmsghdr *)skb->data; 220 221 if (nlh->nlmsg_len < sizeof(struct cn_msg) || 222 skb->len < nlh->nlmsg_len || 223 nlh->nlmsg_len > CONNECTOR_MAX_MSG_SIZE) { 224 kfree_skb(skb); 225 goto out; 226 } 227 228 len = NLMSG_ALIGN(nlh->nlmsg_len); 229 if (len > skb->len) 230 len = skb->len; 231 232 err = __cn_rx_skb(skb, nlh); 233 if (err < 0) 234 kfree_skb(skb); 235 } 236 237 out: 238 kfree_skb(__skb); 239 } 240 241 /* 242 * Netlink socket input callback - dequeues the skbs and calls the 243 * main netlink receiving function. 244 */ 245 static void cn_input(struct sock *sk, int len) 246 { 247 struct sk_buff *skb; 248 249 while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) 250 cn_rx_skb(skb); 251 } 252 253 /* 254 * Notification routing. 255 * 256 * Gets id and checks if there are notification request for it's idx 257 * and val. If there are such requests notify the listeners with the 258 * given notify event. 259 * 260 */ 261 static void cn_notify(struct cb_id *id, u32 notify_event) 262 { 263 struct cn_ctl_entry *ent; 264 265 mutex_lock(¬ify_lock); 266 list_for_each_entry(ent, ¬ify_list, notify_entry) { 267 int i; 268 struct cn_notify_req *req; 269 struct cn_ctl_msg *ctl = ent->msg; 270 int idx_found, val_found; 271 272 idx_found = val_found = 0; 273 274 req = (struct cn_notify_req *)ctl->data; 275 for (i = 0; i < ctl->idx_notify_num; ++i, ++req) { 276 if (id->idx >= req->first && 277 id->idx < req->first + req->range) { 278 idx_found = 1; 279 break; 280 } 281 } 282 283 for (i = 0; i < ctl->val_notify_num; ++i, ++req) { 284 if (id->val >= req->first && 285 id->val < req->first + req->range) { 286 val_found = 1; 287 break; 288 } 289 } 290 291 if (idx_found && val_found) { 292 struct cn_msg m = { .ack = notify_event, }; 293 294 memcpy(&m.id, id, sizeof(m.id)); 295 cn_netlink_send(&m, ctl->group, GFP_KERNEL); 296 } 297 } 298 mutex_unlock(¬ify_lock); 299 } 300 301 /* 302 * Callback add routing - adds callback with given ID and name. 303 * If there is registered callback with the same ID it will not be added. 304 * 305 * May sleep. 306 */ 307 int cn_add_callback(struct cb_id *id, char *name, void (*callback)(void *)) 308 { 309 int err; 310 struct cn_dev *dev = &cdev; 311 312 if (!cn_already_initialized) 313 return -EAGAIN; 314 315 err = cn_queue_add_callback(dev->cbdev, name, id, callback); 316 if (err) 317 return err; 318 319 cn_notify(id, 0); 320 321 return 0; 322 } 323 EXPORT_SYMBOL_GPL(cn_add_callback); 324 325 /* 326 * Callback remove routing - removes callback 327 * with given ID. 328 * If there is no registered callback with given 329 * ID nothing happens. 330 * 331 * May sleep while waiting for reference counter to become zero. 332 */ 333 void cn_del_callback(struct cb_id *id) 334 { 335 struct cn_dev *dev = &cdev; 336 337 cn_queue_del_callback(dev->cbdev, id); 338 cn_notify(id, 1); 339 } 340 EXPORT_SYMBOL_GPL(cn_del_callback); 341 342 /* 343 * Checks two connector's control messages to be the same. 344 * Returns 1 if they are the same or if the first one is corrupted. 345 */ 346 static int cn_ctl_msg_equals(struct cn_ctl_msg *m1, struct cn_ctl_msg *m2) 347 { 348 int i; 349 struct cn_notify_req *req1, *req2; 350 351 if (m1->idx_notify_num != m2->idx_notify_num) 352 return 0; 353 354 if (m1->val_notify_num != m2->val_notify_num) 355 return 0; 356 357 if (m1->len != m2->len) 358 return 0; 359 360 if ((m1->idx_notify_num + m1->val_notify_num) * sizeof(*req1) != 361 m1->len) 362 return 1; 363 364 req1 = (struct cn_notify_req *)m1->data; 365 req2 = (struct cn_notify_req *)m2->data; 366 367 for (i = 0; i < m1->idx_notify_num; ++i) { 368 if (req1->first != req2->first || req1->range != req2->range) 369 return 0; 370 req1++; 371 req2++; 372 } 373 374 for (i = 0; i < m1->val_notify_num; ++i) { 375 if (req1->first != req2->first || req1->range != req2->range) 376 return 0; 377 req1++; 378 req2++; 379 } 380 381 return 1; 382 } 383 384 /* 385 * Main connector device's callback. 386 * 387 * Used for notification of a request's processing. 388 */ 389 static void cn_callback(void *data) 390 { 391 struct cn_msg *msg = data; 392 struct cn_ctl_msg *ctl; 393 struct cn_ctl_entry *ent; 394 u32 size; 395 396 if (msg->len < sizeof(*ctl)) 397 return; 398 399 ctl = (struct cn_ctl_msg *)msg->data; 400 401 size = (sizeof(*ctl) + ((ctl->idx_notify_num + 402 ctl->val_notify_num) * 403 sizeof(struct cn_notify_req))); 404 405 if (msg->len != size) 406 return; 407 408 if (ctl->len + sizeof(*ctl) != msg->len) 409 return; 410 411 /* 412 * Remove notification. 413 */ 414 if (ctl->group == 0) { 415 struct cn_ctl_entry *n; 416 417 mutex_lock(¬ify_lock); 418 list_for_each_entry_safe(ent, n, ¬ify_list, notify_entry) { 419 if (cn_ctl_msg_equals(ent->msg, ctl)) { 420 list_del(&ent->notify_entry); 421 kfree(ent); 422 } 423 } 424 mutex_unlock(¬ify_lock); 425 426 return; 427 } 428 429 size += sizeof(*ent); 430 431 ent = kzalloc(size, GFP_KERNEL); 432 if (!ent) 433 return; 434 435 ent->msg = (struct cn_ctl_msg *)(ent + 1); 436 437 memcpy(ent->msg, ctl, size - sizeof(*ent)); 438 439 mutex_lock(¬ify_lock); 440 list_add(&ent->notify_entry, ¬ify_list); 441 mutex_unlock(¬ify_lock); 442 } 443 444 static int __devinit cn_init(void) 445 { 446 struct cn_dev *dev = &cdev; 447 int err; 448 449 dev->input = cn_input; 450 dev->id.idx = cn_idx; 451 dev->id.val = cn_val; 452 453 dev->nls = netlink_kernel_create(NETLINK_CONNECTOR, 454 CN_NETLINK_USERS + 0xf, 455 dev->input, THIS_MODULE); 456 if (!dev->nls) 457 return -EIO; 458 459 dev->cbdev = cn_queue_alloc_dev("cqueue", dev->nls); 460 if (!dev->cbdev) { 461 if (dev->nls->sk_socket) 462 sock_release(dev->nls->sk_socket); 463 return -EINVAL; 464 } 465 466 cn_already_initialized = 1; 467 468 err = cn_add_callback(&dev->id, "connector", &cn_callback); 469 if (err) { 470 cn_already_initialized = 0; 471 cn_queue_free_dev(dev->cbdev); 472 if (dev->nls->sk_socket) 473 sock_release(dev->nls->sk_socket); 474 return -EINVAL; 475 } 476 477 return 0; 478 } 479 480 static void __devexit cn_fini(void) 481 { 482 struct cn_dev *dev = &cdev; 483 484 cn_already_initialized = 0; 485 486 cn_del_callback(&dev->id); 487 cn_queue_free_dev(dev->cbdev); 488 if (dev->nls->sk_socket) 489 sock_release(dev->nls->sk_socket); 490 } 491 492 subsys_initcall(cn_init); 493 module_exit(cn_fini); 494