1 /* 2 * connector.c 3 * 4 * 2004-2005 Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru> 5 * All rights reserved. 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 20 */ 21 22 #include <linux/kernel.h> 23 #include <linux/module.h> 24 #include <linux/list.h> 25 #include <linux/skbuff.h> 26 #include <linux/netlink.h> 27 #include <linux/moduleparam.h> 28 #include <linux/connector.h> 29 #include <linux/mutex.h> 30 31 #include <net/sock.h> 32 33 MODULE_LICENSE("GPL"); 34 MODULE_AUTHOR("Evgeniy Polyakov <johnpol@2ka.mipt.ru>"); 35 MODULE_DESCRIPTION("Generic userspace <-> kernelspace connector."); 36 37 static u32 cn_idx = CN_IDX_CONNECTOR; 38 static u32 cn_val = CN_VAL_CONNECTOR; 39 40 module_param(cn_idx, uint, 0); 41 module_param(cn_val, uint, 0); 42 MODULE_PARM_DESC(cn_idx, "Connector's main device idx."); 43 MODULE_PARM_DESC(cn_val, "Connector's main device val."); 44 45 static DEFINE_MUTEX(notify_lock); 46 static LIST_HEAD(notify_list); 47 48 static struct cn_dev cdev; 49 50 int cn_already_initialized = 0; 51 52 /* 53 * msg->seq and msg->ack are used to determine message genealogy. 54 * When someone sends message it puts there locally unique sequence 55 * and random acknowledge numbers. Sequence number may be copied into 56 * nlmsghdr->nlmsg_seq too. 57 * 58 * Sequence number is incremented with each message to be sent. 59 * 60 * If we expect reply to our message then the sequence number in 61 * received message MUST be the same as in original message, and 62 * acknowledge number MUST be the same + 1. 63 * 64 * If we receive a message and its sequence number is not equal to the 65 * one we are expecting then it is a new message. 66 * 67 * If we receive a message and its sequence number is the same as one 68 * we are expecting but it's acknowledgement number is not equal to 69 * the acknowledgement number in the original message + 1, then it is 70 * a new message. 71 * 72 */ 73 int cn_netlink_send(struct cn_msg *msg, u32 __group, gfp_t gfp_mask) 74 { 75 struct cn_callback_entry *__cbq; 76 unsigned int size; 77 struct sk_buff *skb; 78 struct nlmsghdr *nlh; 79 struct cn_msg *data; 80 struct cn_dev *dev = &cdev; 81 u32 group = 0; 82 int found = 0; 83 84 if (!__group) { 85 spin_lock_bh(&dev->cbdev->queue_lock); 86 list_for_each_entry(__cbq, &dev->cbdev->queue_list, 87 callback_entry) { 88 if (cn_cb_equal(&__cbq->id.id, &msg->id)) { 89 found = 1; 90 group = __cbq->group; 91 } 92 } 93 spin_unlock_bh(&dev->cbdev->queue_lock); 94 95 if (!found) 96 return -ENODEV; 97 } else { 98 group = __group; 99 } 100 101 if (!netlink_has_listeners(dev->nls, group)) 102 return -ESRCH; 103 104 size = NLMSG_SPACE(sizeof(*msg) + msg->len); 105 106 skb = alloc_skb(size, gfp_mask); 107 if (!skb) 108 return -ENOMEM; 109 110 nlh = NLMSG_PUT(skb, 0, msg->seq, NLMSG_DONE, size - sizeof(*nlh)); 111 112 data = NLMSG_DATA(nlh); 113 114 memcpy(data, msg, sizeof(*data) + msg->len); 115 116 NETLINK_CB(skb).dst_group = group; 117 118 return netlink_broadcast(dev->nls, skb, 0, group, gfp_mask); 119 120 nlmsg_failure: 121 kfree_skb(skb); 122 return -EINVAL; 123 } 124 125 /* 126 * Callback helper - queues work and setup destructor for given data. 127 */ 128 static int cn_call_callback(struct cn_msg *msg, void (*destruct_data)(void *), void *data) 129 { 130 struct cn_callback_entry *__cbq; 131 struct cn_dev *dev = &cdev; 132 int err = -ENODEV; 133 134 spin_lock_bh(&dev->cbdev->queue_lock); 135 list_for_each_entry(__cbq, &dev->cbdev->queue_list, callback_entry) { 136 if (cn_cb_equal(&__cbq->id.id, &msg->id)) { 137 if (likely(!test_bit(0, &__cbq->work.pending) && 138 __cbq->data.ddata == NULL)) { 139 __cbq->data.callback_priv = msg; 140 141 __cbq->data.ddata = data; 142 __cbq->data.destruct_data = destruct_data; 143 144 if (queue_work(dev->cbdev->cn_queue, 145 &__cbq->work)) 146 err = 0; 147 } else { 148 struct work_struct *w; 149 struct cn_callback_data *d; 150 151 w = kzalloc(sizeof(*w) + sizeof(*d), GFP_ATOMIC); 152 if (w) { 153 d = (struct cn_callback_data *)(w+1); 154 155 d->callback_priv = msg; 156 d->callback = __cbq->data.callback; 157 d->ddata = data; 158 d->destruct_data = destruct_data; 159 d->free = w; 160 161 INIT_LIST_HEAD(&w->entry); 162 w->pending = 0; 163 w->func = &cn_queue_wrapper; 164 w->data = d; 165 init_timer(&w->timer); 166 167 if (queue_work(dev->cbdev->cn_queue, w)) 168 err = 0; 169 else { 170 kfree(w); 171 err = -EINVAL; 172 } 173 } else 174 err = -ENOMEM; 175 } 176 break; 177 } 178 } 179 spin_unlock_bh(&dev->cbdev->queue_lock); 180 181 return err; 182 } 183 184 /* 185 * Skb receive helper - checks skb and msg size and calls callback 186 * helper. 187 */ 188 static int __cn_rx_skb(struct sk_buff *skb, struct nlmsghdr *nlh) 189 { 190 u32 pid, uid, seq, group; 191 struct cn_msg *msg; 192 193 pid = NETLINK_CREDS(skb)->pid; 194 uid = NETLINK_CREDS(skb)->uid; 195 seq = nlh->nlmsg_seq; 196 group = NETLINK_CB((skb)).dst_group; 197 msg = NLMSG_DATA(nlh); 198 199 return cn_call_callback(msg, (void (*)(void *))kfree_skb, skb); 200 } 201 202 /* 203 * Main netlink receiving function. 204 * 205 * It checks skb and netlink header sizes and calls the skb receive 206 * helper with a shared skb. 207 */ 208 static void cn_rx_skb(struct sk_buff *__skb) 209 { 210 struct nlmsghdr *nlh; 211 u32 len; 212 int err; 213 struct sk_buff *skb; 214 215 skb = skb_get(__skb); 216 217 if (skb->len >= NLMSG_SPACE(0)) { 218 nlh = (struct nlmsghdr *)skb->data; 219 220 if (nlh->nlmsg_len < sizeof(struct cn_msg) || 221 skb->len < nlh->nlmsg_len || 222 nlh->nlmsg_len > CONNECTOR_MAX_MSG_SIZE) { 223 kfree_skb(skb); 224 goto out; 225 } 226 227 len = NLMSG_ALIGN(nlh->nlmsg_len); 228 if (len > skb->len) 229 len = skb->len; 230 231 err = __cn_rx_skb(skb, nlh); 232 if (err < 0) 233 kfree_skb(skb); 234 } 235 236 out: 237 kfree_skb(__skb); 238 } 239 240 /* 241 * Netlink socket input callback - dequeues the skbs and calls the 242 * main netlink receiving function. 243 */ 244 static void cn_input(struct sock *sk, int len) 245 { 246 struct sk_buff *skb; 247 248 while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) 249 cn_rx_skb(skb); 250 } 251 252 /* 253 * Notification routing. 254 * 255 * Gets id and checks if there are notification request for it's idx 256 * and val. If there are such requests notify the listeners with the 257 * given notify event. 258 * 259 */ 260 static void cn_notify(struct cb_id *id, u32 notify_event) 261 { 262 struct cn_ctl_entry *ent; 263 264 mutex_lock(¬ify_lock); 265 list_for_each_entry(ent, ¬ify_list, notify_entry) { 266 int i; 267 struct cn_notify_req *req; 268 struct cn_ctl_msg *ctl = ent->msg; 269 int idx_found, val_found; 270 271 idx_found = val_found = 0; 272 273 req = (struct cn_notify_req *)ctl->data; 274 for (i = 0; i < ctl->idx_notify_num; ++i, ++req) { 275 if (id->idx >= req->first && 276 id->idx < req->first + req->range) { 277 idx_found = 1; 278 break; 279 } 280 } 281 282 for (i = 0; i < ctl->val_notify_num; ++i, ++req) { 283 if (id->val >= req->first && 284 id->val < req->first + req->range) { 285 val_found = 1; 286 break; 287 } 288 } 289 290 if (idx_found && val_found) { 291 struct cn_msg m = { .ack = notify_event, }; 292 293 memcpy(&m.id, id, sizeof(m.id)); 294 cn_netlink_send(&m, ctl->group, GFP_KERNEL); 295 } 296 } 297 mutex_unlock(¬ify_lock); 298 } 299 300 /* 301 * Callback add routing - adds callback with given ID and name. 302 * If there is registered callback with the same ID it will not be added. 303 * 304 * May sleep. 305 */ 306 int cn_add_callback(struct cb_id *id, char *name, void (*callback)(void *)) 307 { 308 int err; 309 struct cn_dev *dev = &cdev; 310 311 err = cn_queue_add_callback(dev->cbdev, name, id, callback); 312 if (err) 313 return err; 314 315 cn_notify(id, 0); 316 317 return 0; 318 } 319 320 /* 321 * Callback remove routing - removes callback 322 * with given ID. 323 * If there is no registered callback with given 324 * ID nothing happens. 325 * 326 * May sleep while waiting for reference counter to become zero. 327 */ 328 void cn_del_callback(struct cb_id *id) 329 { 330 struct cn_dev *dev = &cdev; 331 332 cn_queue_del_callback(dev->cbdev, id); 333 cn_notify(id, 1); 334 } 335 336 /* 337 * Checks two connector's control messages to be the same. 338 * Returns 1 if they are the same or if the first one is corrupted. 339 */ 340 static int cn_ctl_msg_equals(struct cn_ctl_msg *m1, struct cn_ctl_msg *m2) 341 { 342 int i; 343 struct cn_notify_req *req1, *req2; 344 345 if (m1->idx_notify_num != m2->idx_notify_num) 346 return 0; 347 348 if (m1->val_notify_num != m2->val_notify_num) 349 return 0; 350 351 if (m1->len != m2->len) 352 return 0; 353 354 if ((m1->idx_notify_num + m1->val_notify_num) * sizeof(*req1) != 355 m1->len) 356 return 1; 357 358 req1 = (struct cn_notify_req *)m1->data; 359 req2 = (struct cn_notify_req *)m2->data; 360 361 for (i = 0; i < m1->idx_notify_num; ++i) { 362 if (req1->first != req2->first || req1->range != req2->range) 363 return 0; 364 req1++; 365 req2++; 366 } 367 368 for (i = 0; i < m1->val_notify_num; ++i) { 369 if (req1->first != req2->first || req1->range != req2->range) 370 return 0; 371 req1++; 372 req2++; 373 } 374 375 return 1; 376 } 377 378 /* 379 * Main connector device's callback. 380 * 381 * Used for notification of a request's processing. 382 */ 383 static void cn_callback(void *data) 384 { 385 struct cn_msg *msg = data; 386 struct cn_ctl_msg *ctl; 387 struct cn_ctl_entry *ent; 388 u32 size; 389 390 if (msg->len < sizeof(*ctl)) 391 return; 392 393 ctl = (struct cn_ctl_msg *)msg->data; 394 395 size = (sizeof(*ctl) + ((ctl->idx_notify_num + 396 ctl->val_notify_num) * 397 sizeof(struct cn_notify_req))); 398 399 if (msg->len != size) 400 return; 401 402 if (ctl->len + sizeof(*ctl) != msg->len) 403 return; 404 405 /* 406 * Remove notification. 407 */ 408 if (ctl->group == 0) { 409 struct cn_ctl_entry *n; 410 411 mutex_lock(¬ify_lock); 412 list_for_each_entry_safe(ent, n, ¬ify_list, notify_entry) { 413 if (cn_ctl_msg_equals(ent->msg, ctl)) { 414 list_del(&ent->notify_entry); 415 kfree(ent); 416 } 417 } 418 mutex_unlock(¬ify_lock); 419 420 return; 421 } 422 423 size += sizeof(*ent); 424 425 ent = kzalloc(size, GFP_KERNEL); 426 if (!ent) 427 return; 428 429 ent->msg = (struct cn_ctl_msg *)(ent + 1); 430 431 memcpy(ent->msg, ctl, size - sizeof(*ent)); 432 433 mutex_lock(¬ify_lock); 434 list_add(&ent->notify_entry, ¬ify_list); 435 mutex_unlock(¬ify_lock); 436 } 437 438 static int __init cn_init(void) 439 { 440 struct cn_dev *dev = &cdev; 441 int err; 442 443 dev->input = cn_input; 444 dev->id.idx = cn_idx; 445 dev->id.val = cn_val; 446 447 dev->nls = netlink_kernel_create(NETLINK_CONNECTOR, 448 CN_NETLINK_USERS + 0xf, 449 dev->input, THIS_MODULE); 450 if (!dev->nls) 451 return -EIO; 452 453 dev->cbdev = cn_queue_alloc_dev("cqueue", dev->nls); 454 if (!dev->cbdev) { 455 if (dev->nls->sk_socket) 456 sock_release(dev->nls->sk_socket); 457 return -EINVAL; 458 } 459 460 err = cn_add_callback(&dev->id, "connector", &cn_callback); 461 if (err) { 462 cn_queue_free_dev(dev->cbdev); 463 if (dev->nls->sk_socket) 464 sock_release(dev->nls->sk_socket); 465 return -EINVAL; 466 } 467 468 cn_already_initialized = 1; 469 470 return 0; 471 } 472 473 static void __exit cn_fini(void) 474 { 475 struct cn_dev *dev = &cdev; 476 477 cn_already_initialized = 0; 478 479 cn_del_callback(&dev->id); 480 cn_queue_free_dev(dev->cbdev); 481 if (dev->nls->sk_socket) 482 sock_release(dev->nls->sk_socket); 483 } 484 485 module_init(cn_init); 486 module_exit(cn_fini); 487 488 EXPORT_SYMBOL_GPL(cn_add_callback); 489 EXPORT_SYMBOL_GPL(cn_del_callback); 490 EXPORT_SYMBOL_GPL(cn_netlink_send); 491