1 /* AF_RXRPC implementation 2 * 3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 */ 11 12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 13 14 #include <linux/module.h> 15 #include <linux/kernel.h> 16 #include <linux/net.h> 17 #include <linux/slab.h> 18 #include <linux/skbuff.h> 19 #include <linux/random.h> 20 #include <linux/poll.h> 21 #include <linux/proc_fs.h> 22 #include <linux/key-type.h> 23 #include <net/net_namespace.h> 24 #include <net/sock.h> 25 #include <net/af_rxrpc.h> 26 #define CREATE_TRACE_POINTS 27 #include "ar-internal.h" 28 29 MODULE_DESCRIPTION("RxRPC network protocol"); 30 MODULE_AUTHOR("Red Hat, Inc."); 31 MODULE_LICENSE("GPL"); 32 MODULE_ALIAS_NETPROTO(PF_RXRPC); 33 34 unsigned int rxrpc_debug; // = RXRPC_DEBUG_KPROTO; 35 module_param_named(debug, rxrpc_debug, uint, 0644); 36 MODULE_PARM_DESC(debug, "RxRPC debugging mask"); 37 38 static struct proto rxrpc_proto; 39 static const struct proto_ops rxrpc_rpc_ops; 40 41 /* current debugging ID */ 42 atomic_t rxrpc_debug_id; 43 EXPORT_SYMBOL(rxrpc_debug_id); 44 45 /* count of skbs currently in use */ 46 atomic_t rxrpc_n_tx_skbs, rxrpc_n_rx_skbs; 47 48 struct workqueue_struct *rxrpc_workqueue; 49 50 static void rxrpc_sock_destructor(struct sock *); 51 52 /* 53 * see if an RxRPC socket is currently writable 54 */ 55 static inline int rxrpc_writable(struct sock *sk) 56 { 57 return refcount_read(&sk->sk_wmem_alloc) < (size_t) sk->sk_sndbuf; 58 } 59 60 /* 61 * wait for write bufferage to become available 62 */ 63 static void rxrpc_write_space(struct sock *sk) 64 { 65 _enter("%p", sk); 66 rcu_read_lock(); 67 if (rxrpc_writable(sk)) { 68 struct socket_wq *wq = rcu_dereference(sk->sk_wq); 69 70 if (skwq_has_sleeper(wq)) 71 wake_up_interruptible(&wq->wait); 72 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT); 73 } 74 rcu_read_unlock(); 75 } 76 77 /* 78 * validate an RxRPC address 79 */ 80 static int rxrpc_validate_address(struct rxrpc_sock *rx, 81 struct sockaddr_rxrpc *srx, 82 int len) 83 { 84 unsigned int tail; 85 86 if (len < sizeof(struct sockaddr_rxrpc)) 87 return -EINVAL; 88 89 if (srx->srx_family != AF_RXRPC) 90 return -EAFNOSUPPORT; 91 92 if (srx->transport_type != SOCK_DGRAM) 93 return -ESOCKTNOSUPPORT; 94 95 len -= offsetof(struct sockaddr_rxrpc, transport); 96 if (srx->transport_len < sizeof(sa_family_t) || 97 srx->transport_len > len) 98 return -EINVAL; 99 100 if (srx->transport.family != rx->family && 101 srx->transport.family == AF_INET && rx->family != AF_INET6) 102 return -EAFNOSUPPORT; 103 104 switch (srx->transport.family) { 105 case AF_INET: 106 if (srx->transport_len < sizeof(struct sockaddr_in)) 107 return -EINVAL; 108 tail = offsetof(struct sockaddr_rxrpc, transport.sin.__pad); 109 break; 110 111 #ifdef CONFIG_AF_RXRPC_IPV6 112 case AF_INET6: 113 if (srx->transport_len < sizeof(struct sockaddr_in6)) 114 return -EINVAL; 115 tail = offsetof(struct sockaddr_rxrpc, transport) + 116 sizeof(struct sockaddr_in6); 117 break; 118 #endif 119 120 default: 121 return -EAFNOSUPPORT; 122 } 123 124 if (tail < len) 125 memset((void *)srx + tail, 0, len - tail); 126 _debug("INET: %pISp", &srx->transport); 127 return 0; 128 } 129 130 /* 131 * bind a local address to an RxRPC socket 132 */ 133 static int rxrpc_bind(struct socket *sock, struct sockaddr *saddr, int len) 134 { 135 struct sockaddr_rxrpc *srx = (struct sockaddr_rxrpc *)saddr; 136 struct rxrpc_local *local; 137 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 138 u16 service_id; 139 int ret; 140 141 _enter("%p,%p,%d", rx, saddr, len); 142 143 ret = rxrpc_validate_address(rx, srx, len); 144 if (ret < 0) 145 goto error; 146 service_id = srx->srx_service; 147 148 lock_sock(&rx->sk); 149 150 switch (rx->sk.sk_state) { 151 case RXRPC_UNBOUND: 152 rx->srx = *srx; 153 local = rxrpc_lookup_local(sock_net(&rx->sk), &rx->srx); 154 if (IS_ERR(local)) { 155 ret = PTR_ERR(local); 156 goto error_unlock; 157 } 158 159 if (service_id) { 160 write_lock(&local->services_lock); 161 if (rcu_access_pointer(local->service)) 162 goto service_in_use; 163 rx->local = local; 164 rcu_assign_pointer(local->service, rx); 165 write_unlock(&local->services_lock); 166 167 rx->sk.sk_state = RXRPC_SERVER_BOUND; 168 } else { 169 rx->local = local; 170 rx->sk.sk_state = RXRPC_CLIENT_BOUND; 171 } 172 break; 173 174 case RXRPC_SERVER_BOUND: 175 ret = -EINVAL; 176 if (service_id == 0) 177 goto error_unlock; 178 ret = -EADDRINUSE; 179 if (service_id == rx->srx.srx_service) 180 goto error_unlock; 181 ret = -EINVAL; 182 srx->srx_service = rx->srx.srx_service; 183 if (memcmp(srx, &rx->srx, sizeof(*srx)) != 0) 184 goto error_unlock; 185 rx->second_service = service_id; 186 rx->sk.sk_state = RXRPC_SERVER_BOUND2; 187 break; 188 189 default: 190 ret = -EINVAL; 191 goto error_unlock; 192 } 193 194 release_sock(&rx->sk); 195 _leave(" = 0"); 196 return 0; 197 198 service_in_use: 199 write_unlock(&local->services_lock); 200 rxrpc_put_local(local); 201 ret = -EADDRINUSE; 202 error_unlock: 203 release_sock(&rx->sk); 204 error: 205 _leave(" = %d", ret); 206 return ret; 207 } 208 209 /* 210 * set the number of pending calls permitted on a listening socket 211 */ 212 static int rxrpc_listen(struct socket *sock, int backlog) 213 { 214 struct sock *sk = sock->sk; 215 struct rxrpc_sock *rx = rxrpc_sk(sk); 216 unsigned int max, old; 217 int ret; 218 219 _enter("%p,%d", rx, backlog); 220 221 lock_sock(&rx->sk); 222 223 switch (rx->sk.sk_state) { 224 case RXRPC_UNBOUND: 225 ret = -EADDRNOTAVAIL; 226 break; 227 case RXRPC_SERVER_BOUND: 228 case RXRPC_SERVER_BOUND2: 229 ASSERT(rx->local != NULL); 230 max = READ_ONCE(rxrpc_max_backlog); 231 ret = -EINVAL; 232 if (backlog == INT_MAX) 233 backlog = max; 234 else if (backlog < 0 || backlog > max) 235 break; 236 old = sk->sk_max_ack_backlog; 237 sk->sk_max_ack_backlog = backlog; 238 ret = rxrpc_service_prealloc(rx, GFP_KERNEL); 239 if (ret == 0) 240 rx->sk.sk_state = RXRPC_SERVER_LISTENING; 241 else 242 sk->sk_max_ack_backlog = old; 243 break; 244 case RXRPC_SERVER_LISTENING: 245 if (backlog == 0) { 246 rx->sk.sk_state = RXRPC_SERVER_LISTEN_DISABLED; 247 sk->sk_max_ack_backlog = 0; 248 rxrpc_discard_prealloc(rx); 249 ret = 0; 250 break; 251 } 252 /* Fall through */ 253 default: 254 ret = -EBUSY; 255 break; 256 } 257 258 release_sock(&rx->sk); 259 _leave(" = %d", ret); 260 return ret; 261 } 262 263 /** 264 * rxrpc_kernel_begin_call - Allow a kernel service to begin a call 265 * @sock: The socket on which to make the call 266 * @srx: The address of the peer to contact 267 * @key: The security context to use (defaults to socket setting) 268 * @user_call_ID: The ID to use 269 * @tx_total_len: Total length of data to transmit during the call (or -1) 270 * @gfp: The allocation constraints 271 * @notify_rx: Where to send notifications instead of socket queue 272 * @upgrade: Request service upgrade for call 273 * @debug_id: The debug ID for tracing to be assigned to the call 274 * 275 * Allow a kernel service to begin a call on the nominated socket. This just 276 * sets up all the internal tracking structures and allocates connection and 277 * call IDs as appropriate. The call to be used is returned. 278 * 279 * The default socket destination address and security may be overridden by 280 * supplying @srx and @key. 281 */ 282 struct rxrpc_call *rxrpc_kernel_begin_call(struct socket *sock, 283 struct sockaddr_rxrpc *srx, 284 struct key *key, 285 unsigned long user_call_ID, 286 s64 tx_total_len, 287 gfp_t gfp, 288 rxrpc_notify_rx_t notify_rx, 289 bool upgrade, 290 unsigned int debug_id) 291 { 292 struct rxrpc_conn_parameters cp; 293 struct rxrpc_call_params p; 294 struct rxrpc_call *call; 295 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 296 int ret; 297 298 _enter(",,%x,%lx", key_serial(key), user_call_ID); 299 300 ret = rxrpc_validate_address(rx, srx, sizeof(*srx)); 301 if (ret < 0) 302 return ERR_PTR(ret); 303 304 lock_sock(&rx->sk); 305 306 if (!key) 307 key = rx->key; 308 if (key && !key->payload.data[0]) 309 key = NULL; /* a no-security key */ 310 311 memset(&p, 0, sizeof(p)); 312 p.user_call_ID = user_call_ID; 313 p.tx_total_len = tx_total_len; 314 315 memset(&cp, 0, sizeof(cp)); 316 cp.local = rx->local; 317 cp.key = key; 318 cp.security_level = rx->min_sec_level; 319 cp.exclusive = false; 320 cp.upgrade = upgrade; 321 cp.service_id = srx->srx_service; 322 call = rxrpc_new_client_call(rx, &cp, srx, &p, gfp, debug_id); 323 /* The socket has been unlocked. */ 324 if (!IS_ERR(call)) { 325 call->notify_rx = notify_rx; 326 mutex_unlock(&call->user_mutex); 327 } 328 329 rxrpc_put_peer(cp.peer); 330 _leave(" = %p", call); 331 return call; 332 } 333 EXPORT_SYMBOL(rxrpc_kernel_begin_call); 334 335 /* 336 * Dummy function used to stop the notifier talking to recvmsg(). 337 */ 338 static void rxrpc_dummy_notify_rx(struct sock *sk, struct rxrpc_call *rxcall, 339 unsigned long call_user_ID) 340 { 341 } 342 343 /** 344 * rxrpc_kernel_end_call - Allow a kernel service to end a call it was using 345 * @sock: The socket the call is on 346 * @call: The call to end 347 * 348 * Allow a kernel service to end a call it was using. The call must be 349 * complete before this is called (the call should be aborted if necessary). 350 */ 351 void rxrpc_kernel_end_call(struct socket *sock, struct rxrpc_call *call) 352 { 353 _enter("%d{%d}", call->debug_id, atomic_read(&call->usage)); 354 355 mutex_lock(&call->user_mutex); 356 rxrpc_release_call(rxrpc_sk(sock->sk), call); 357 358 /* Make sure we're not going to call back into a kernel service */ 359 if (call->notify_rx) { 360 spin_lock_bh(&call->notify_lock); 361 call->notify_rx = rxrpc_dummy_notify_rx; 362 spin_unlock_bh(&call->notify_lock); 363 } 364 365 mutex_unlock(&call->user_mutex); 366 rxrpc_put_call(call, rxrpc_call_put_kernel); 367 } 368 EXPORT_SYMBOL(rxrpc_kernel_end_call); 369 370 /** 371 * rxrpc_kernel_check_life - Check to see whether a call is still alive 372 * @sock: The socket the call is on 373 * @call: The call to check 374 * @_life: Where to store the life value 375 * 376 * Allow a kernel service to find out whether a call is still alive - ie. we're 377 * getting ACKs from the server. Passes back in *_life a number representing 378 * the life state which can be compared to that returned by a previous call and 379 * return true if the call is still alive. 380 * 381 * If the life state stalls, rxrpc_kernel_probe_life() should be called and 382 * then 2RTT waited. 383 */ 384 bool rxrpc_kernel_check_life(const struct socket *sock, 385 const struct rxrpc_call *call, 386 u32 *_life) 387 { 388 *_life = call->acks_latest; 389 return call->state != RXRPC_CALL_COMPLETE; 390 } 391 EXPORT_SYMBOL(rxrpc_kernel_check_life); 392 393 /** 394 * rxrpc_kernel_probe_life - Poke the peer to see if it's still alive 395 * @sock: The socket the call is on 396 * @call: The call to check 397 * 398 * In conjunction with rxrpc_kernel_check_life(), allow a kernel service to 399 * find out whether a call is still alive by pinging it. This should cause the 400 * life state to be bumped in about 2*RTT. 401 * 402 * The must be called in TASK_RUNNING state on pain of might_sleep() objecting. 403 */ 404 void rxrpc_kernel_probe_life(struct socket *sock, struct rxrpc_call *call) 405 { 406 rxrpc_propose_ACK(call, RXRPC_ACK_PING, 0, 0, true, false, 407 rxrpc_propose_ack_ping_for_check_life); 408 rxrpc_send_ack_packet(call, true, NULL); 409 } 410 EXPORT_SYMBOL(rxrpc_kernel_probe_life); 411 412 /** 413 * rxrpc_kernel_get_epoch - Retrieve the epoch value from a call. 414 * @sock: The socket the call is on 415 * @call: The call to query 416 * 417 * Allow a kernel service to retrieve the epoch value from a service call to 418 * see if the client at the other end rebooted. 419 */ 420 u32 rxrpc_kernel_get_epoch(struct socket *sock, struct rxrpc_call *call) 421 { 422 return call->conn->proto.epoch; 423 } 424 EXPORT_SYMBOL(rxrpc_kernel_get_epoch); 425 426 /** 427 * rxrpc_kernel_new_call_notification - Get notifications of new calls 428 * @sock: The socket to intercept received messages on 429 * @notify_new_call: Function to be called when new calls appear 430 * @discard_new_call: Function to discard preallocated calls 431 * 432 * Allow a kernel service to be given notifications about new calls. 433 */ 434 void rxrpc_kernel_new_call_notification( 435 struct socket *sock, 436 rxrpc_notify_new_call_t notify_new_call, 437 rxrpc_discard_new_call_t discard_new_call) 438 { 439 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 440 441 rx->notify_new_call = notify_new_call; 442 rx->discard_new_call = discard_new_call; 443 } 444 EXPORT_SYMBOL(rxrpc_kernel_new_call_notification); 445 446 /* 447 * connect an RxRPC socket 448 * - this just targets it at a specific destination; no actual connection 449 * negotiation takes place 450 */ 451 static int rxrpc_connect(struct socket *sock, struct sockaddr *addr, 452 int addr_len, int flags) 453 { 454 struct sockaddr_rxrpc *srx = (struct sockaddr_rxrpc *)addr; 455 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 456 int ret; 457 458 _enter("%p,%p,%d,%d", rx, addr, addr_len, flags); 459 460 ret = rxrpc_validate_address(rx, srx, addr_len); 461 if (ret < 0) { 462 _leave(" = %d [bad addr]", ret); 463 return ret; 464 } 465 466 lock_sock(&rx->sk); 467 468 ret = -EISCONN; 469 if (test_bit(RXRPC_SOCK_CONNECTED, &rx->flags)) 470 goto error; 471 472 switch (rx->sk.sk_state) { 473 case RXRPC_UNBOUND: 474 rx->sk.sk_state = RXRPC_CLIENT_UNBOUND; 475 case RXRPC_CLIENT_UNBOUND: 476 case RXRPC_CLIENT_BOUND: 477 break; 478 default: 479 ret = -EBUSY; 480 goto error; 481 } 482 483 rx->connect_srx = *srx; 484 set_bit(RXRPC_SOCK_CONNECTED, &rx->flags); 485 ret = 0; 486 487 error: 488 release_sock(&rx->sk); 489 return ret; 490 } 491 492 /* 493 * send a message through an RxRPC socket 494 * - in a client this does a number of things: 495 * - finds/sets up a connection for the security specified (if any) 496 * - initiates a call (ID in control data) 497 * - ends the request phase of a call (if MSG_MORE is not set) 498 * - sends a call data packet 499 * - may send an abort (abort code in control data) 500 */ 501 static int rxrpc_sendmsg(struct socket *sock, struct msghdr *m, size_t len) 502 { 503 struct rxrpc_local *local; 504 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 505 int ret; 506 507 _enter(",{%d},,%zu", rx->sk.sk_state, len); 508 509 if (m->msg_flags & MSG_OOB) 510 return -EOPNOTSUPP; 511 512 if (m->msg_name) { 513 ret = rxrpc_validate_address(rx, m->msg_name, m->msg_namelen); 514 if (ret < 0) { 515 _leave(" = %d [bad addr]", ret); 516 return ret; 517 } 518 } 519 520 lock_sock(&rx->sk); 521 522 switch (rx->sk.sk_state) { 523 case RXRPC_UNBOUND: 524 rx->srx.srx_family = AF_RXRPC; 525 rx->srx.srx_service = 0; 526 rx->srx.transport_type = SOCK_DGRAM; 527 rx->srx.transport.family = rx->family; 528 switch (rx->family) { 529 case AF_INET: 530 rx->srx.transport_len = sizeof(struct sockaddr_in); 531 break; 532 #ifdef CONFIG_AF_RXRPC_IPV6 533 case AF_INET6: 534 rx->srx.transport_len = sizeof(struct sockaddr_in6); 535 break; 536 #endif 537 default: 538 ret = -EAFNOSUPPORT; 539 goto error_unlock; 540 } 541 local = rxrpc_lookup_local(sock_net(sock->sk), &rx->srx); 542 if (IS_ERR(local)) { 543 ret = PTR_ERR(local); 544 goto error_unlock; 545 } 546 547 rx->local = local; 548 rx->sk.sk_state = RXRPC_CLIENT_UNBOUND; 549 /* Fall through */ 550 551 case RXRPC_CLIENT_UNBOUND: 552 case RXRPC_CLIENT_BOUND: 553 if (!m->msg_name && 554 test_bit(RXRPC_SOCK_CONNECTED, &rx->flags)) { 555 m->msg_name = &rx->connect_srx; 556 m->msg_namelen = sizeof(rx->connect_srx); 557 } 558 /* Fall through */ 559 case RXRPC_SERVER_BOUND: 560 case RXRPC_SERVER_LISTENING: 561 ret = rxrpc_do_sendmsg(rx, m, len); 562 /* The socket has been unlocked */ 563 goto out; 564 default: 565 ret = -EINVAL; 566 goto error_unlock; 567 } 568 569 error_unlock: 570 release_sock(&rx->sk); 571 out: 572 _leave(" = %d", ret); 573 return ret; 574 } 575 576 /* 577 * set RxRPC socket options 578 */ 579 static int rxrpc_setsockopt(struct socket *sock, int level, int optname, 580 char __user *optval, unsigned int optlen) 581 { 582 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 583 unsigned int min_sec_level; 584 u16 service_upgrade[2]; 585 int ret; 586 587 _enter(",%d,%d,,%d", level, optname, optlen); 588 589 lock_sock(&rx->sk); 590 ret = -EOPNOTSUPP; 591 592 if (level == SOL_RXRPC) { 593 switch (optname) { 594 case RXRPC_EXCLUSIVE_CONNECTION: 595 ret = -EINVAL; 596 if (optlen != 0) 597 goto error; 598 ret = -EISCONN; 599 if (rx->sk.sk_state != RXRPC_UNBOUND) 600 goto error; 601 rx->exclusive = true; 602 goto success; 603 604 case RXRPC_SECURITY_KEY: 605 ret = -EINVAL; 606 if (rx->key) 607 goto error; 608 ret = -EISCONN; 609 if (rx->sk.sk_state != RXRPC_UNBOUND) 610 goto error; 611 ret = rxrpc_request_key(rx, optval, optlen); 612 goto error; 613 614 case RXRPC_SECURITY_KEYRING: 615 ret = -EINVAL; 616 if (rx->key) 617 goto error; 618 ret = -EISCONN; 619 if (rx->sk.sk_state != RXRPC_UNBOUND) 620 goto error; 621 ret = rxrpc_server_keyring(rx, optval, optlen); 622 goto error; 623 624 case RXRPC_MIN_SECURITY_LEVEL: 625 ret = -EINVAL; 626 if (optlen != sizeof(unsigned int)) 627 goto error; 628 ret = -EISCONN; 629 if (rx->sk.sk_state != RXRPC_UNBOUND) 630 goto error; 631 ret = get_user(min_sec_level, 632 (unsigned int __user *) optval); 633 if (ret < 0) 634 goto error; 635 ret = -EINVAL; 636 if (min_sec_level > RXRPC_SECURITY_MAX) 637 goto error; 638 rx->min_sec_level = min_sec_level; 639 goto success; 640 641 case RXRPC_UPGRADEABLE_SERVICE: 642 ret = -EINVAL; 643 if (optlen != sizeof(service_upgrade) || 644 rx->service_upgrade.from != 0) 645 goto error; 646 ret = -EISCONN; 647 if (rx->sk.sk_state != RXRPC_SERVER_BOUND2) 648 goto error; 649 ret = -EFAULT; 650 if (copy_from_user(service_upgrade, optval, 651 sizeof(service_upgrade)) != 0) 652 goto error; 653 ret = -EINVAL; 654 if ((service_upgrade[0] != rx->srx.srx_service || 655 service_upgrade[1] != rx->second_service) && 656 (service_upgrade[0] != rx->second_service || 657 service_upgrade[1] != rx->srx.srx_service)) 658 goto error; 659 rx->service_upgrade.from = service_upgrade[0]; 660 rx->service_upgrade.to = service_upgrade[1]; 661 goto success; 662 663 default: 664 break; 665 } 666 } 667 668 success: 669 ret = 0; 670 error: 671 release_sock(&rx->sk); 672 return ret; 673 } 674 675 /* 676 * Get socket options. 677 */ 678 static int rxrpc_getsockopt(struct socket *sock, int level, int optname, 679 char __user *optval, int __user *_optlen) 680 { 681 int optlen; 682 683 if (level != SOL_RXRPC) 684 return -EOPNOTSUPP; 685 686 if (get_user(optlen, _optlen)) 687 return -EFAULT; 688 689 switch (optname) { 690 case RXRPC_SUPPORTED_CMSG: 691 if (optlen < sizeof(int)) 692 return -ETOOSMALL; 693 if (put_user(RXRPC__SUPPORTED - 1, (int __user *)optval) || 694 put_user(sizeof(int), _optlen)) 695 return -EFAULT; 696 return 0; 697 698 default: 699 return -EOPNOTSUPP; 700 } 701 } 702 703 /* 704 * permit an RxRPC socket to be polled 705 */ 706 static __poll_t rxrpc_poll(struct file *file, struct socket *sock, 707 poll_table *wait) 708 { 709 struct sock *sk = sock->sk; 710 struct rxrpc_sock *rx = rxrpc_sk(sk); 711 __poll_t mask; 712 713 sock_poll_wait(file, sock, wait); 714 mask = 0; 715 716 /* the socket is readable if there are any messages waiting on the Rx 717 * queue */ 718 if (!list_empty(&rx->recvmsg_q)) 719 mask |= EPOLLIN | EPOLLRDNORM; 720 721 /* the socket is writable if there is space to add new data to the 722 * socket; there is no guarantee that any particular call in progress 723 * on the socket may have space in the Tx ACK window */ 724 if (rxrpc_writable(sk)) 725 mask |= EPOLLOUT | EPOLLWRNORM; 726 727 return mask; 728 } 729 730 /* 731 * create an RxRPC socket 732 */ 733 static int rxrpc_create(struct net *net, struct socket *sock, int protocol, 734 int kern) 735 { 736 struct rxrpc_net *rxnet; 737 struct rxrpc_sock *rx; 738 struct sock *sk; 739 740 _enter("%p,%d", sock, protocol); 741 742 /* we support transport protocol UDP/UDP6 only */ 743 if (protocol != PF_INET && 744 IS_ENABLED(CONFIG_AF_RXRPC_IPV6) && protocol != PF_INET6) 745 return -EPROTONOSUPPORT; 746 747 if (sock->type != SOCK_DGRAM) 748 return -ESOCKTNOSUPPORT; 749 750 sock->ops = &rxrpc_rpc_ops; 751 sock->state = SS_UNCONNECTED; 752 753 sk = sk_alloc(net, PF_RXRPC, GFP_KERNEL, &rxrpc_proto, kern); 754 if (!sk) 755 return -ENOMEM; 756 757 sock_init_data(sock, sk); 758 sock_set_flag(sk, SOCK_RCU_FREE); 759 sk->sk_state = RXRPC_UNBOUND; 760 sk->sk_write_space = rxrpc_write_space; 761 sk->sk_max_ack_backlog = 0; 762 sk->sk_destruct = rxrpc_sock_destructor; 763 764 rx = rxrpc_sk(sk); 765 rx->family = protocol; 766 rx->calls = RB_ROOT; 767 768 spin_lock_init(&rx->incoming_lock); 769 INIT_LIST_HEAD(&rx->sock_calls); 770 INIT_LIST_HEAD(&rx->to_be_accepted); 771 INIT_LIST_HEAD(&rx->recvmsg_q); 772 rwlock_init(&rx->recvmsg_lock); 773 rwlock_init(&rx->call_lock); 774 memset(&rx->srx, 0, sizeof(rx->srx)); 775 776 rxnet = rxrpc_net(sock_net(&rx->sk)); 777 timer_reduce(&rxnet->peer_keepalive_timer, jiffies + 1); 778 779 _leave(" = 0 [%p]", rx); 780 return 0; 781 } 782 783 /* 784 * Kill all the calls on a socket and shut it down. 785 */ 786 static int rxrpc_shutdown(struct socket *sock, int flags) 787 { 788 struct sock *sk = sock->sk; 789 struct rxrpc_sock *rx = rxrpc_sk(sk); 790 int ret = 0; 791 792 _enter("%p,%d", sk, flags); 793 794 if (flags != SHUT_RDWR) 795 return -EOPNOTSUPP; 796 if (sk->sk_state == RXRPC_CLOSE) 797 return -ESHUTDOWN; 798 799 lock_sock(sk); 800 801 spin_lock_bh(&sk->sk_receive_queue.lock); 802 if (sk->sk_state < RXRPC_CLOSE) { 803 sk->sk_state = RXRPC_CLOSE; 804 sk->sk_shutdown = SHUTDOWN_MASK; 805 } else { 806 ret = -ESHUTDOWN; 807 } 808 spin_unlock_bh(&sk->sk_receive_queue.lock); 809 810 rxrpc_discard_prealloc(rx); 811 812 release_sock(sk); 813 return ret; 814 } 815 816 /* 817 * RxRPC socket destructor 818 */ 819 static void rxrpc_sock_destructor(struct sock *sk) 820 { 821 _enter("%p", sk); 822 823 rxrpc_purge_queue(&sk->sk_receive_queue); 824 825 WARN_ON(refcount_read(&sk->sk_wmem_alloc)); 826 WARN_ON(!sk_unhashed(sk)); 827 WARN_ON(sk->sk_socket); 828 829 if (!sock_flag(sk, SOCK_DEAD)) { 830 printk("Attempt to release alive rxrpc socket: %p\n", sk); 831 return; 832 } 833 } 834 835 /* 836 * release an RxRPC socket 837 */ 838 static int rxrpc_release_sock(struct sock *sk) 839 { 840 struct rxrpc_sock *rx = rxrpc_sk(sk); 841 struct rxrpc_net *rxnet = rxrpc_net(sock_net(&rx->sk)); 842 843 _enter("%p{%d,%d}", sk, sk->sk_state, refcount_read(&sk->sk_refcnt)); 844 845 /* declare the socket closed for business */ 846 sock_orphan(sk); 847 sk->sk_shutdown = SHUTDOWN_MASK; 848 849 /* We want to kill off all connections from a service socket 850 * as fast as possible because we can't share these; client 851 * sockets, on the other hand, can share an endpoint. 852 */ 853 switch (sk->sk_state) { 854 case RXRPC_SERVER_BOUND: 855 case RXRPC_SERVER_BOUND2: 856 case RXRPC_SERVER_LISTENING: 857 case RXRPC_SERVER_LISTEN_DISABLED: 858 rx->local->service_closed = true; 859 break; 860 } 861 862 spin_lock_bh(&sk->sk_receive_queue.lock); 863 sk->sk_state = RXRPC_CLOSE; 864 spin_unlock_bh(&sk->sk_receive_queue.lock); 865 866 if (rx->local && rcu_access_pointer(rx->local->service) == rx) { 867 write_lock(&rx->local->services_lock); 868 rcu_assign_pointer(rx->local->service, NULL); 869 write_unlock(&rx->local->services_lock); 870 } 871 872 /* try to flush out this socket */ 873 rxrpc_discard_prealloc(rx); 874 rxrpc_release_calls_on_socket(rx); 875 flush_workqueue(rxrpc_workqueue); 876 rxrpc_purge_queue(&sk->sk_receive_queue); 877 rxrpc_queue_work(&rxnet->service_conn_reaper); 878 rxrpc_queue_work(&rxnet->client_conn_reaper); 879 880 rxrpc_put_local(rx->local); 881 rx->local = NULL; 882 key_put(rx->key); 883 rx->key = NULL; 884 key_put(rx->securities); 885 rx->securities = NULL; 886 sock_put(sk); 887 888 _leave(" = 0"); 889 return 0; 890 } 891 892 /* 893 * release an RxRPC BSD socket on close() or equivalent 894 */ 895 static int rxrpc_release(struct socket *sock) 896 { 897 struct sock *sk = sock->sk; 898 899 _enter("%p{%p}", sock, sk); 900 901 if (!sk) 902 return 0; 903 904 sock->sk = NULL; 905 906 return rxrpc_release_sock(sk); 907 } 908 909 /* 910 * RxRPC network protocol 911 */ 912 static const struct proto_ops rxrpc_rpc_ops = { 913 .family = PF_RXRPC, 914 .owner = THIS_MODULE, 915 .release = rxrpc_release, 916 .bind = rxrpc_bind, 917 .connect = rxrpc_connect, 918 .socketpair = sock_no_socketpair, 919 .accept = sock_no_accept, 920 .getname = sock_no_getname, 921 .poll = rxrpc_poll, 922 .ioctl = sock_no_ioctl, 923 .listen = rxrpc_listen, 924 .shutdown = rxrpc_shutdown, 925 .setsockopt = rxrpc_setsockopt, 926 .getsockopt = rxrpc_getsockopt, 927 .sendmsg = rxrpc_sendmsg, 928 .recvmsg = rxrpc_recvmsg, 929 .mmap = sock_no_mmap, 930 .sendpage = sock_no_sendpage, 931 }; 932 933 static struct proto rxrpc_proto = { 934 .name = "RXRPC", 935 .owner = THIS_MODULE, 936 .obj_size = sizeof(struct rxrpc_sock), 937 .max_header = sizeof(struct rxrpc_wire_header), 938 }; 939 940 static const struct net_proto_family rxrpc_family_ops = { 941 .family = PF_RXRPC, 942 .create = rxrpc_create, 943 .owner = THIS_MODULE, 944 }; 945 946 /* 947 * initialise and register the RxRPC protocol 948 */ 949 static int __init af_rxrpc_init(void) 950 { 951 int ret = -1; 952 unsigned int tmp; 953 954 BUILD_BUG_ON(sizeof(struct rxrpc_skb_priv) > FIELD_SIZEOF(struct sk_buff, cb)); 955 956 get_random_bytes(&tmp, sizeof(tmp)); 957 tmp &= 0x3fffffff; 958 if (tmp == 0) 959 tmp = 1; 960 idr_set_cursor(&rxrpc_client_conn_ids, tmp); 961 962 ret = -ENOMEM; 963 rxrpc_call_jar = kmem_cache_create( 964 "rxrpc_call_jar", sizeof(struct rxrpc_call), 0, 965 SLAB_HWCACHE_ALIGN, NULL); 966 if (!rxrpc_call_jar) { 967 pr_notice("Failed to allocate call jar\n"); 968 goto error_call_jar; 969 } 970 971 rxrpc_workqueue = alloc_workqueue("krxrpcd", 0, 1); 972 if (!rxrpc_workqueue) { 973 pr_notice("Failed to allocate work queue\n"); 974 goto error_work_queue; 975 } 976 977 ret = rxrpc_init_security(); 978 if (ret < 0) { 979 pr_crit("Cannot initialise security\n"); 980 goto error_security; 981 } 982 983 ret = register_pernet_subsys(&rxrpc_net_ops); 984 if (ret) 985 goto error_pernet; 986 987 ret = proto_register(&rxrpc_proto, 1); 988 if (ret < 0) { 989 pr_crit("Cannot register protocol\n"); 990 goto error_proto; 991 } 992 993 ret = sock_register(&rxrpc_family_ops); 994 if (ret < 0) { 995 pr_crit("Cannot register socket family\n"); 996 goto error_sock; 997 } 998 999 ret = register_key_type(&key_type_rxrpc); 1000 if (ret < 0) { 1001 pr_crit("Cannot register client key type\n"); 1002 goto error_key_type; 1003 } 1004 1005 ret = register_key_type(&key_type_rxrpc_s); 1006 if (ret < 0) { 1007 pr_crit("Cannot register server key type\n"); 1008 goto error_key_type_s; 1009 } 1010 1011 ret = rxrpc_sysctl_init(); 1012 if (ret < 0) { 1013 pr_crit("Cannot register sysctls\n"); 1014 goto error_sysctls; 1015 } 1016 1017 return 0; 1018 1019 error_sysctls: 1020 unregister_key_type(&key_type_rxrpc_s); 1021 error_key_type_s: 1022 unregister_key_type(&key_type_rxrpc); 1023 error_key_type: 1024 sock_unregister(PF_RXRPC); 1025 error_sock: 1026 proto_unregister(&rxrpc_proto); 1027 error_proto: 1028 unregister_pernet_subsys(&rxrpc_net_ops); 1029 error_pernet: 1030 rxrpc_exit_security(); 1031 error_security: 1032 destroy_workqueue(rxrpc_workqueue); 1033 error_work_queue: 1034 kmem_cache_destroy(rxrpc_call_jar); 1035 error_call_jar: 1036 return ret; 1037 } 1038 1039 /* 1040 * unregister the RxRPC protocol 1041 */ 1042 static void __exit af_rxrpc_exit(void) 1043 { 1044 _enter(""); 1045 rxrpc_sysctl_exit(); 1046 unregister_key_type(&key_type_rxrpc_s); 1047 unregister_key_type(&key_type_rxrpc); 1048 sock_unregister(PF_RXRPC); 1049 proto_unregister(&rxrpc_proto); 1050 unregister_pernet_subsys(&rxrpc_net_ops); 1051 ASSERTCMP(atomic_read(&rxrpc_n_tx_skbs), ==, 0); 1052 ASSERTCMP(atomic_read(&rxrpc_n_rx_skbs), ==, 0); 1053 1054 /* Make sure the local and peer records pinned by any dying connections 1055 * are released. 1056 */ 1057 rcu_barrier(); 1058 rxrpc_destroy_client_conn_ids(); 1059 1060 destroy_workqueue(rxrpc_workqueue); 1061 rxrpc_exit_security(); 1062 kmem_cache_destroy(rxrpc_call_jar); 1063 _leave(""); 1064 } 1065 1066 module_init(af_rxrpc_init); 1067 module_exit(af_rxrpc_exit); 1068