xref: /linux/fs/smb/server/transport_tcp.c (revision 6d9b262afe0ec1d6e0ef99321ca9d6b921310471)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *   Copyright (C) 2016 Namjae Jeon <linkinjeon@kernel.org>
4  *   Copyright (C) 2018 Samsung Electronics Co., Ltd.
5  */
6 
7 #include <linux/freezer.h>
8 
9 #include "smb_common.h"
10 #include "server.h"
11 #include "auth.h"
12 #include "connection.h"
13 #include "transport_tcp.h"
14 
15 #define IFACE_STATE_DOWN		BIT(0)
16 #define IFACE_STATE_CONFIGURED		BIT(1)
17 
18 static atomic_t active_num_conn;
19 
20 struct interface {
21 	struct task_struct	*ksmbd_kthread;
22 	struct socket		*ksmbd_socket;
23 	struct list_head	entry;
24 	char			*name;
25 	struct mutex		sock_release_lock;
26 	int			state;
27 };
28 
29 static LIST_HEAD(iface_list);
30 
31 static int bind_additional_ifaces;
32 
33 struct tcp_transport {
34 	struct ksmbd_transport		transport;
35 	struct socket			*sock;
36 	struct kvec			*iov;
37 	unsigned int			nr_iov;
38 };
39 
40 static struct ksmbd_transport_ops ksmbd_tcp_transport_ops;
41 
42 static void tcp_stop_kthread(struct task_struct *kthread);
43 static struct interface *alloc_iface(char *ifname);
44 
45 #define KSMBD_TRANS(t)	(&(t)->transport)
46 #define TCP_TRANS(t)	((struct tcp_transport *)container_of(t, \
47 				struct tcp_transport, transport))
48 
49 static inline void ksmbd_tcp_nodelay(struct socket *sock)
50 {
51 	tcp_sock_set_nodelay(sock->sk);
52 }
53 
54 static inline void ksmbd_tcp_reuseaddr(struct socket *sock)
55 {
56 	sock_set_reuseaddr(sock->sk);
57 }
58 
59 static inline void ksmbd_tcp_rcv_timeout(struct socket *sock, s64 secs)
60 {
61 	lock_sock(sock->sk);
62 	if (secs && secs < MAX_SCHEDULE_TIMEOUT / HZ - 1)
63 		sock->sk->sk_rcvtimeo = secs * HZ;
64 	else
65 		sock->sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
66 	release_sock(sock->sk);
67 }
68 
69 static inline void ksmbd_tcp_snd_timeout(struct socket *sock, s64 secs)
70 {
71 	sock_set_sndtimeo(sock->sk, secs);
72 }
73 
74 static struct tcp_transport *alloc_transport(struct socket *client_sk)
75 {
76 	struct tcp_transport *t;
77 	struct ksmbd_conn *conn;
78 
79 	t = kzalloc(sizeof(*t), GFP_KERNEL);
80 	if (!t)
81 		return NULL;
82 	t->sock = client_sk;
83 
84 	conn = ksmbd_conn_alloc();
85 	if (!conn) {
86 		kfree(t);
87 		return NULL;
88 	}
89 
90 	conn->transport = KSMBD_TRANS(t);
91 	KSMBD_TRANS(t)->conn = conn;
92 	KSMBD_TRANS(t)->ops = &ksmbd_tcp_transport_ops;
93 	return t;
94 }
95 
96 static void free_transport(struct tcp_transport *t)
97 {
98 	kernel_sock_shutdown(t->sock, SHUT_RDWR);
99 	sock_release(t->sock);
100 	t->sock = NULL;
101 
102 	ksmbd_conn_free(KSMBD_TRANS(t)->conn);
103 	kfree(t->iov);
104 	kfree(t);
105 }
106 
107 /**
108  * kvec_array_init() - initialize a IO vector segment
109  * @new:	IO vector to be initialized
110  * @iov:	base IO vector
111  * @nr_segs:	number of segments in base iov
112  * @bytes:	total iovec length so far for read
113  *
114  * Return:	Number of IO segments
115  */
116 static unsigned int kvec_array_init(struct kvec *new, struct kvec *iov,
117 				    unsigned int nr_segs, size_t bytes)
118 {
119 	size_t base = 0;
120 
121 	while (bytes || !iov->iov_len) {
122 		int copy = min(bytes, iov->iov_len);
123 
124 		bytes -= copy;
125 		base += copy;
126 		if (iov->iov_len == base) {
127 			iov++;
128 			nr_segs--;
129 			base = 0;
130 		}
131 	}
132 
133 	memcpy(new, iov, sizeof(*iov) * nr_segs);
134 	new->iov_base += base;
135 	new->iov_len -= base;
136 	return nr_segs;
137 }
138 
139 /**
140  * get_conn_iovec() - get connection iovec for reading from socket
141  * @t:		TCP transport instance
142  * @nr_segs:	number of segments in iov
143  *
144  * Return:	return existing or newly allocate iovec
145  */
146 static struct kvec *get_conn_iovec(struct tcp_transport *t, unsigned int nr_segs)
147 {
148 	struct kvec *new_iov;
149 
150 	if (t->iov && nr_segs <= t->nr_iov)
151 		return t->iov;
152 
153 	/* not big enough -- allocate a new one and release the old */
154 	new_iov = kmalloc_array(nr_segs, sizeof(*new_iov), GFP_KERNEL);
155 	if (new_iov) {
156 		kfree(t->iov);
157 		t->iov = new_iov;
158 		t->nr_iov = nr_segs;
159 	}
160 	return new_iov;
161 }
162 
163 static unsigned short ksmbd_tcp_get_port(const struct sockaddr *sa)
164 {
165 	switch (sa->sa_family) {
166 	case AF_INET:
167 		return ntohs(((struct sockaddr_in *)sa)->sin_port);
168 	case AF_INET6:
169 		return ntohs(((struct sockaddr_in6 *)sa)->sin6_port);
170 	}
171 	return 0;
172 }
173 
174 /**
175  * ksmbd_tcp_new_connection() - create a new tcp session on mount
176  * @client_sk:	socket associated with new connection
177  *
178  * whenever a new connection is requested, create a conn thread
179  * (session thread) to handle new incoming smb requests from the connection
180  *
181  * Return:	0 on success, otherwise error
182  */
183 static int ksmbd_tcp_new_connection(struct socket *client_sk)
184 {
185 	struct sockaddr *csin;
186 	int rc = 0;
187 	struct tcp_transport *t;
188 	struct task_struct *handler;
189 
190 	t = alloc_transport(client_sk);
191 	if (!t) {
192 		sock_release(client_sk);
193 		return -ENOMEM;
194 	}
195 
196 	csin = KSMBD_TCP_PEER_SOCKADDR(KSMBD_TRANS(t)->conn);
197 	if (kernel_getpeername(client_sk, csin) < 0) {
198 		pr_err("client ip resolution failed\n");
199 		rc = -EINVAL;
200 		goto out_error;
201 	}
202 
203 	handler = kthread_run(ksmbd_conn_handler_loop,
204 			      KSMBD_TRANS(t)->conn,
205 			      "ksmbd:%u",
206 			      ksmbd_tcp_get_port(csin));
207 	if (IS_ERR(handler)) {
208 		pr_err("cannot start conn thread\n");
209 		rc = PTR_ERR(handler);
210 		free_transport(t);
211 	}
212 	return rc;
213 
214 out_error:
215 	free_transport(t);
216 	return rc;
217 }
218 
219 /**
220  * ksmbd_kthread_fn() - listen to new SMB connections and callback server
221  * @p:		arguments to forker thread
222  *
223  * Return:	0 on success, error number otherwise
224  */
225 static int ksmbd_kthread_fn(void *p)
226 {
227 	struct socket *client_sk = NULL;
228 	struct interface *iface = (struct interface *)p;
229 	int ret;
230 
231 	while (!kthread_should_stop()) {
232 		mutex_lock(&iface->sock_release_lock);
233 		if (!iface->ksmbd_socket) {
234 			mutex_unlock(&iface->sock_release_lock);
235 			break;
236 		}
237 		ret = kernel_accept(iface->ksmbd_socket, &client_sk,
238 				    SOCK_NONBLOCK);
239 		mutex_unlock(&iface->sock_release_lock);
240 		if (ret) {
241 			if (ret == -EAGAIN)
242 				/* check for new connections every 100 msecs */
243 				schedule_timeout_interruptible(HZ / 10);
244 			continue;
245 		}
246 
247 		if (server_conf.max_connections &&
248 		    atomic_inc_return(&active_num_conn) >= server_conf.max_connections) {
249 			pr_info_ratelimited("Limit the maximum number of connections(%u)\n",
250 					    atomic_read(&active_num_conn));
251 			atomic_dec(&active_num_conn);
252 			sock_release(client_sk);
253 			continue;
254 		}
255 
256 		ksmbd_debug(CONN, "connect success: accepted new connection\n");
257 		client_sk->sk->sk_rcvtimeo = KSMBD_TCP_RECV_TIMEOUT;
258 		client_sk->sk->sk_sndtimeo = KSMBD_TCP_SEND_TIMEOUT;
259 
260 		ksmbd_tcp_new_connection(client_sk);
261 	}
262 
263 	ksmbd_debug(CONN, "releasing socket\n");
264 	return 0;
265 }
266 
267 /**
268  * ksmbd_tcp_run_kthread() - start forker thread
269  * @iface: pointer to struct interface
270  *
271  * start forker thread(ksmbd/0) at module init time to listen
272  * on port 445 for new SMB connection requests. It creates per connection
273  * server threads(ksmbd/x)
274  *
275  * Return:	0 on success or error number
276  */
277 static int ksmbd_tcp_run_kthread(struct interface *iface)
278 {
279 	int rc;
280 	struct task_struct *kthread;
281 
282 	kthread = kthread_run(ksmbd_kthread_fn, (void *)iface, "ksmbd-%s",
283 			      iface->name);
284 	if (IS_ERR(kthread)) {
285 		rc = PTR_ERR(kthread);
286 		return rc;
287 	}
288 	iface->ksmbd_kthread = kthread;
289 
290 	return 0;
291 }
292 
293 /**
294  * ksmbd_tcp_readv() - read data from socket in given iovec
295  * @t:			TCP transport instance
296  * @iov_orig:		base IO vector
297  * @nr_segs:		number of segments in base iov
298  * @to_read:		number of bytes to read from socket
299  * @max_retries:	maximum retry count
300  *
301  * Return:	on success return number of bytes read from socket,
302  *		otherwise return error number
303  */
304 static int ksmbd_tcp_readv(struct tcp_transport *t, struct kvec *iov_orig,
305 			   unsigned int nr_segs, unsigned int to_read,
306 			   int max_retries)
307 {
308 	int length = 0;
309 	int total_read;
310 	unsigned int segs;
311 	struct msghdr ksmbd_msg;
312 	struct kvec *iov;
313 	struct ksmbd_conn *conn = KSMBD_TRANS(t)->conn;
314 
315 	iov = get_conn_iovec(t, nr_segs);
316 	if (!iov)
317 		return -ENOMEM;
318 
319 	ksmbd_msg.msg_control = NULL;
320 	ksmbd_msg.msg_controllen = 0;
321 
322 	for (total_read = 0; to_read; total_read += length, to_read -= length) {
323 		try_to_freeze();
324 
325 		if (!ksmbd_conn_alive(conn)) {
326 			total_read = -ESHUTDOWN;
327 			break;
328 		}
329 		segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
330 
331 		length = kernel_recvmsg(t->sock, &ksmbd_msg,
332 					iov, segs, to_read, 0);
333 
334 		if (length == -EINTR) {
335 			total_read = -ESHUTDOWN;
336 			break;
337 		} else if (ksmbd_conn_need_reconnect(conn)) {
338 			total_read = -EAGAIN;
339 			break;
340 		} else if (length == -ERESTARTSYS || length == -EAGAIN) {
341 			/*
342 			 * If max_retries is negative, Allow unlimited
343 			 * retries to keep connection with inactive sessions.
344 			 */
345 			if (max_retries == 0) {
346 				total_read = length;
347 				break;
348 			} else if (max_retries > 0) {
349 				max_retries--;
350 			}
351 
352 			usleep_range(1000, 2000);
353 			length = 0;
354 			continue;
355 		} else if (length <= 0) {
356 			total_read = length;
357 			break;
358 		}
359 	}
360 	return total_read;
361 }
362 
363 /**
364  * ksmbd_tcp_read() - read data from socket in given buffer
365  * @t:		TCP transport instance
366  * @buf:	buffer to store read data from socket
367  * @to_read:	number of bytes to read from socket
368  * @max_retries: number of retries if reading from socket fails
369  *
370  * Return:	on success return number of bytes read from socket,
371  *		otherwise return error number
372  */
373 static int ksmbd_tcp_read(struct ksmbd_transport *t, char *buf,
374 			  unsigned int to_read, int max_retries)
375 {
376 	struct kvec iov;
377 
378 	iov.iov_base = buf;
379 	iov.iov_len = to_read;
380 
381 	return ksmbd_tcp_readv(TCP_TRANS(t), &iov, 1, to_read, max_retries);
382 }
383 
384 static int ksmbd_tcp_writev(struct ksmbd_transport *t, struct kvec *iov,
385 			    int nvecs, int size, bool need_invalidate,
386 			    unsigned int remote_key)
387 
388 {
389 	struct msghdr smb_msg = {.msg_flags = MSG_NOSIGNAL};
390 
391 	return kernel_sendmsg(TCP_TRANS(t)->sock, &smb_msg, iov, nvecs, size);
392 }
393 
394 static void ksmbd_tcp_disconnect(struct ksmbd_transport *t)
395 {
396 	free_transport(TCP_TRANS(t));
397 	if (server_conf.max_connections)
398 		atomic_dec(&active_num_conn);
399 }
400 
401 static void tcp_destroy_socket(struct socket *ksmbd_socket)
402 {
403 	int ret;
404 
405 	if (!ksmbd_socket)
406 		return;
407 
408 	/* set zero to timeout */
409 	ksmbd_tcp_rcv_timeout(ksmbd_socket, 0);
410 	ksmbd_tcp_snd_timeout(ksmbd_socket, 0);
411 
412 	ret = kernel_sock_shutdown(ksmbd_socket, SHUT_RDWR);
413 	if (ret)
414 		pr_err("Failed to shutdown socket: %d\n", ret);
415 	sock_release(ksmbd_socket);
416 }
417 
418 /**
419  * create_socket - create socket for ksmbd/0
420  * @iface:      interface to bind the created socket to
421  *
422  * Return:	0 on success, error number otherwise
423  */
424 static int create_socket(struct interface *iface)
425 {
426 	int ret;
427 	struct sockaddr_in6 sin6;
428 	struct sockaddr_in sin;
429 	struct socket *ksmbd_socket;
430 	bool ipv4 = false;
431 
432 	ret = sock_create(PF_INET6, SOCK_STREAM, IPPROTO_TCP, &ksmbd_socket);
433 	if (ret) {
434 		if (ret != -EAFNOSUPPORT)
435 			pr_err("Can't create socket for ipv6, fallback to ipv4: %d\n", ret);
436 		ret = sock_create(PF_INET, SOCK_STREAM, IPPROTO_TCP,
437 				  &ksmbd_socket);
438 		if (ret) {
439 			pr_err("Can't create socket for ipv4: %d\n", ret);
440 			goto out_clear;
441 		}
442 
443 		sin.sin_family = PF_INET;
444 		sin.sin_addr.s_addr = htonl(INADDR_ANY);
445 		sin.sin_port = htons(server_conf.tcp_port);
446 		ipv4 = true;
447 	} else {
448 		sin6.sin6_family = PF_INET6;
449 		sin6.sin6_addr = in6addr_any;
450 		sin6.sin6_port = htons(server_conf.tcp_port);
451 	}
452 
453 	ksmbd_tcp_nodelay(ksmbd_socket);
454 	ksmbd_tcp_reuseaddr(ksmbd_socket);
455 
456 	ret = sock_setsockopt(ksmbd_socket,
457 			      SOL_SOCKET,
458 			      SO_BINDTODEVICE,
459 			      KERNEL_SOCKPTR(iface->name),
460 			      strlen(iface->name));
461 	if (ret != -ENODEV && ret < 0) {
462 		pr_err("Failed to set SO_BINDTODEVICE: %d\n", ret);
463 		goto out_error;
464 	}
465 
466 	if (ipv4)
467 		ret = kernel_bind(ksmbd_socket, (struct sockaddr *)&sin,
468 				  sizeof(sin));
469 	else
470 		ret = kernel_bind(ksmbd_socket, (struct sockaddr *)&sin6,
471 				  sizeof(sin6));
472 	if (ret) {
473 		pr_err("Failed to bind socket: %d\n", ret);
474 		goto out_error;
475 	}
476 
477 	ksmbd_socket->sk->sk_rcvtimeo = KSMBD_TCP_RECV_TIMEOUT;
478 	ksmbd_socket->sk->sk_sndtimeo = KSMBD_TCP_SEND_TIMEOUT;
479 
480 	ret = kernel_listen(ksmbd_socket, KSMBD_SOCKET_BACKLOG);
481 	if (ret) {
482 		pr_err("Port listen() error: %d\n", ret);
483 		goto out_error;
484 	}
485 
486 	iface->ksmbd_socket = ksmbd_socket;
487 	ret = ksmbd_tcp_run_kthread(iface);
488 	if (ret) {
489 		pr_err("Can't start ksmbd main kthread: %d\n", ret);
490 		goto out_error;
491 	}
492 	iface->state = IFACE_STATE_CONFIGURED;
493 
494 	return 0;
495 
496 out_error:
497 	tcp_destroy_socket(ksmbd_socket);
498 out_clear:
499 	iface->ksmbd_socket = NULL;
500 	return ret;
501 }
502 
503 static int ksmbd_netdev_event(struct notifier_block *nb, unsigned long event,
504 			      void *ptr)
505 {
506 	struct net_device *netdev = netdev_notifier_info_to_dev(ptr);
507 	struct interface *iface;
508 	int ret, found = 0;
509 
510 	switch (event) {
511 	case NETDEV_UP:
512 		if (netif_is_bridge_port(netdev))
513 			return NOTIFY_OK;
514 
515 		list_for_each_entry(iface, &iface_list, entry) {
516 			if (!strcmp(iface->name, netdev->name)) {
517 				found = 1;
518 				if (iface->state != IFACE_STATE_DOWN)
519 					break;
520 				ret = create_socket(iface);
521 				if (ret)
522 					return NOTIFY_OK;
523 				break;
524 			}
525 		}
526 		if (!found && bind_additional_ifaces) {
527 			iface = alloc_iface(kstrdup(netdev->name, GFP_KERNEL));
528 			if (!iface)
529 				return NOTIFY_OK;
530 			ret = create_socket(iface);
531 			if (ret)
532 				break;
533 		}
534 		break;
535 	case NETDEV_DOWN:
536 		list_for_each_entry(iface, &iface_list, entry) {
537 			if (!strcmp(iface->name, netdev->name) &&
538 			    iface->state == IFACE_STATE_CONFIGURED) {
539 				tcp_stop_kthread(iface->ksmbd_kthread);
540 				iface->ksmbd_kthread = NULL;
541 				mutex_lock(&iface->sock_release_lock);
542 				tcp_destroy_socket(iface->ksmbd_socket);
543 				iface->ksmbd_socket = NULL;
544 				mutex_unlock(&iface->sock_release_lock);
545 
546 				iface->state = IFACE_STATE_DOWN;
547 				break;
548 			}
549 		}
550 		break;
551 	}
552 
553 	return NOTIFY_DONE;
554 }
555 
556 static struct notifier_block ksmbd_netdev_notifier = {
557 	.notifier_call = ksmbd_netdev_event,
558 };
559 
560 int ksmbd_tcp_init(void)
561 {
562 	register_netdevice_notifier(&ksmbd_netdev_notifier);
563 
564 	return 0;
565 }
566 
567 static void tcp_stop_kthread(struct task_struct *kthread)
568 {
569 	int ret;
570 
571 	if (!kthread)
572 		return;
573 
574 	ret = kthread_stop(kthread);
575 	if (ret)
576 		pr_err("failed to stop forker thread\n");
577 }
578 
579 void ksmbd_tcp_destroy(void)
580 {
581 	struct interface *iface, *tmp;
582 
583 	unregister_netdevice_notifier(&ksmbd_netdev_notifier);
584 
585 	list_for_each_entry_safe(iface, tmp, &iface_list, entry) {
586 		list_del(&iface->entry);
587 		kfree(iface->name);
588 		kfree(iface);
589 	}
590 }
591 
592 static struct interface *alloc_iface(char *ifname)
593 {
594 	struct interface *iface;
595 
596 	if (!ifname)
597 		return NULL;
598 
599 	iface = kzalloc(sizeof(struct interface), GFP_KERNEL);
600 	if (!iface) {
601 		kfree(ifname);
602 		return NULL;
603 	}
604 
605 	iface->name = ifname;
606 	iface->state = IFACE_STATE_DOWN;
607 	list_add(&iface->entry, &iface_list);
608 	mutex_init(&iface->sock_release_lock);
609 	return iface;
610 }
611 
612 int ksmbd_tcp_set_interfaces(char *ifc_list, int ifc_list_sz)
613 {
614 	int sz = 0;
615 
616 	if (!ifc_list_sz) {
617 		struct net_device *netdev;
618 
619 		rtnl_lock();
620 		for_each_netdev(&init_net, netdev) {
621 			if (netif_is_bridge_port(netdev))
622 				continue;
623 			if (!alloc_iface(kstrdup(netdev->name, GFP_KERNEL)))
624 				return -ENOMEM;
625 		}
626 		rtnl_unlock();
627 		bind_additional_ifaces = 1;
628 		return 0;
629 	}
630 
631 	while (ifc_list_sz > 0) {
632 		if (!alloc_iface(kstrdup(ifc_list, GFP_KERNEL)))
633 			return -ENOMEM;
634 
635 		sz = strlen(ifc_list);
636 		if (!sz)
637 			break;
638 
639 		ifc_list += sz + 1;
640 		ifc_list_sz -= (sz + 1);
641 	}
642 
643 	bind_additional_ifaces = 0;
644 
645 	return 0;
646 }
647 
648 static struct ksmbd_transport_ops ksmbd_tcp_transport_ops = {
649 	.read		= ksmbd_tcp_read,
650 	.writev		= ksmbd_tcp_writev,
651 	.disconnect	= ksmbd_tcp_disconnect,
652 };
653