xref: /linux/net/rxrpc/local_object.c (revision 2363088eba2ecccfb643725e4864af73c4226a04) 
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* Local endpoint object management
3  *
4  * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
5  * Written by David Howells (dhowells@redhat.com)
6  */
7 
8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9 
10 #include <linux/module.h>
11 #include <linux/net.h>
12 #include <linux/skbuff.h>
13 #include <linux/slab.h>
14 #include <linux/udp.h>
15 #include <linux/ip.h>
16 #include <linux/hashtable.h>
17 #include <net/sock.h>
18 #include <net/udp.h>
19 #include <net/udp_tunnel.h>
20 #include <net/af_rxrpc.h>
21 #include "ar-internal.h"
22 
23 static void rxrpc_local_rcu(struct rcu_head *);
24 
25 /*
26  * Handle an ICMP/ICMP6 error turning up at the tunnel.  Push it through the
27  * usual mechanism so that it gets parsed and presented through the UDP
28  * socket's error_report().
29  */
30 static void rxrpc_encap_err_rcv(struct sock *sk, struct sk_buff *skb, int err,
31 				__be16 port, u32 info, u8 *payload)
32 {
33 	if (ip_hdr(skb)->version == IPVERSION)
34 		return ip_icmp_error(sk, skb, err, port, info, payload);
35 	if (IS_ENABLED(CONFIG_AF_RXRPC_IPV6))
36 		return ipv6_icmp_error(sk, skb, err, port, info, payload);
37 }
38 
39 /*
40  * Compare a local to an address.  Return -ve, 0 or +ve to indicate less than,
41  * same or greater than.
42  *
43  * We explicitly don't compare the RxRPC service ID as we want to reject
44  * conflicting uses by differing services.  Further, we don't want to share
45  * addresses with different options (IPv6), so we don't compare those bits
46  * either.
47  */
48 static long rxrpc_local_cmp_key(const struct rxrpc_local *local,
49 				const struct sockaddr_rxrpc *srx)
50 {
51 	long diff;
52 
53 	diff = ((local->srx.transport_type - srx->transport_type) ?:
54 		(local->srx.transport_len - srx->transport_len) ?:
55 		(local->srx.transport.family - srx->transport.family));
56 	if (diff != 0)
57 		return diff;
58 
59 	switch (srx->transport.family) {
60 	case AF_INET:
61 		/* If the choice of UDP port is left up to the transport, then
62 		 * the endpoint record doesn't match.
63 		 */
64 		return ((u16 __force)local->srx.transport.sin.sin_port -
65 			(u16 __force)srx->transport.sin.sin_port) ?:
66 			memcmp(&local->srx.transport.sin.sin_addr,
67 			       &srx->transport.sin.sin_addr,
68 			       sizeof(struct in_addr));
69 #ifdef CONFIG_AF_RXRPC_IPV6
70 	case AF_INET6:
71 		/* If the choice of UDP6 port is left up to the transport, then
72 		 * the endpoint record doesn't match.
73 		 */
74 		return ((u16 __force)local->srx.transport.sin6.sin6_port -
75 			(u16 __force)srx->transport.sin6.sin6_port) ?:
76 			memcmp(&local->srx.transport.sin6.sin6_addr,
77 			       &srx->transport.sin6.sin6_addr,
78 			       sizeof(struct in6_addr));
79 #endif
80 	default:
81 		BUG();
82 	}
83 }
84 
85 static void rxrpc_client_conn_reap_timeout(struct timer_list *timer)
86 {
87 	struct rxrpc_local *local =
88 		container_of(timer, struct rxrpc_local, client_conn_reap_timer);
89 
90 	if (local->kill_all_client_conns &&
91 	    test_and_set_bit(RXRPC_CLIENT_CONN_REAP_TIMER, &local->client_conn_flags))
92 		rxrpc_wake_up_io_thread(local);
93 }
94 
95 /*
96  * Allocate a new local endpoint.
97  */
98 static struct rxrpc_local *rxrpc_alloc_local(struct net *net,
99 					     const struct sockaddr_rxrpc *srx)
100 {
101 	struct rxrpc_local *local;
102 	u32 tmp;
103 
104 	local = kzalloc(sizeof(struct rxrpc_local), GFP_KERNEL);
105 	if (local) {
106 		refcount_set(&local->ref, 1);
107 		atomic_set(&local->active_users, 1);
108 		local->net = net;
109 		local->rxnet = rxrpc_net(net);
110 		INIT_HLIST_NODE(&local->link);
111 		init_completion(&local->io_thread_ready);
112 #ifdef CONFIG_AF_RXRPC_INJECT_RX_DELAY
113 		skb_queue_head_init(&local->rx_delay_queue);
114 #endif
115 		skb_queue_head_init(&local->rx_queue);
116 		INIT_LIST_HEAD(&local->conn_attend_q);
117 		INIT_LIST_HEAD(&local->call_attend_q);
118 
119 		local->client_bundles = RB_ROOT;
120 		spin_lock_init(&local->client_bundles_lock);
121 		local->kill_all_client_conns = false;
122 		INIT_LIST_HEAD(&local->idle_client_conns);
123 		timer_setup(&local->client_conn_reap_timer,
124 			    rxrpc_client_conn_reap_timeout, 0);
125 
126 		spin_lock_init(&local->lock);
127 		rwlock_init(&local->services_lock);
128 		local->debug_id = atomic_inc_return(&rxrpc_debug_id);
129 		memcpy(&local->srx, srx, sizeof(*srx));
130 		local->srx.srx_service = 0;
131 		idr_init(&local->conn_ids);
132 		get_random_bytes(&tmp, sizeof(tmp));
133 		tmp &= 0x3fffffff;
134 		if (tmp == 0)
135 			tmp = 1;
136 		idr_set_cursor(&local->conn_ids, tmp);
137 		INIT_LIST_HEAD(&local->new_client_calls);
138 		spin_lock_init(&local->client_call_lock);
139 
140 		trace_rxrpc_local(local->debug_id, rxrpc_local_new, 1, 1);
141 	}
142 
143 	_leave(" = %p", local);
144 	return local;
145 }
146 
147 /*
148  * create the local socket
149  * - must be called with rxrpc_local_mutex locked
150  */
151 static int rxrpc_open_socket(struct rxrpc_local *local, struct net *net)
152 {
153 	struct udp_tunnel_sock_cfg tuncfg = {NULL};
154 	struct sockaddr_rxrpc *srx = &local->srx;
155 	struct udp_port_cfg udp_conf = {0};
156 	struct task_struct *io_thread;
157 	struct sock *usk;
158 	int ret;
159 
160 	_enter("%p{%d,%d}",
161 	       local, srx->transport_type, srx->transport.family);
162 
163 	udp_conf.family = srx->transport.family;
164 	udp_conf.use_udp_checksums = true;
165 	if (udp_conf.family == AF_INET) {
166 		udp_conf.local_ip = srx->transport.sin.sin_addr;
167 		udp_conf.local_udp_port = srx->transport.sin.sin_port;
168 #if IS_ENABLED(CONFIG_AF_RXRPC_IPV6)
169 	} else {
170 		udp_conf.local_ip6 = srx->transport.sin6.sin6_addr;
171 		udp_conf.local_udp_port = srx->transport.sin6.sin6_port;
172 		udp_conf.use_udp6_tx_checksums = true;
173 		udp_conf.use_udp6_rx_checksums = true;
174 #endif
175 	}
176 	ret = udp_sock_create(net, &udp_conf, &local->socket);
177 	if (ret < 0) {
178 		_leave(" = %d [socket]", ret);
179 		return ret;
180 	}
181 
182 	tuncfg.encap_type = UDP_ENCAP_RXRPC;
183 	tuncfg.encap_rcv = rxrpc_encap_rcv;
184 	tuncfg.encap_err_rcv = rxrpc_encap_err_rcv;
185 	tuncfg.sk_user_data = local;
186 	setup_udp_tunnel_sock(net, local->socket, &tuncfg);
187 
188 	/* set the socket up */
189 	usk = local->socket->sk;
190 	usk->sk_error_report = rxrpc_error_report;
191 
192 	switch (srx->transport.family) {
193 	case AF_INET6:
194 		/* we want to receive ICMPv6 errors */
195 		ip6_sock_set_recverr(usk);
196 
197 		/* Fall through and set IPv4 options too otherwise we don't get
198 		 * errors from IPv4 packets sent through the IPv6 socket.
199 		 */
200 		fallthrough;
201 	case AF_INET:
202 		/* we want to receive ICMP errors */
203 		ip_sock_set_recverr(usk);
204 
205 		/* we want to set the don't fragment bit */
206 		ip_sock_set_mtu_discover(usk, IP_PMTUDISC_DO);
207 
208 		/* We want receive timestamps. */
209 		sock_enable_timestamps(usk);
210 		break;
211 
212 	default:
213 		BUG();
214 	}
215 
216 	io_thread = kthread_run(rxrpc_io_thread, local,
217 				"krxrpcio/%u", ntohs(udp_conf.local_udp_port));
218 	if (IS_ERR(io_thread)) {
219 		ret = PTR_ERR(io_thread);
220 		goto error_sock;
221 	}
222 
223 	wait_for_completion(&local->io_thread_ready);
224 	local->io_thread = io_thread;
225 	_leave(" = 0");
226 	return 0;
227 
228 error_sock:
229 	kernel_sock_shutdown(local->socket, SHUT_RDWR);
230 	local->socket->sk->sk_user_data = NULL;
231 	sock_release(local->socket);
232 	local->socket = NULL;
233 	return ret;
234 }
235 
236 /*
237  * Look up or create a new local endpoint using the specified local address.
238  */
239 struct rxrpc_local *rxrpc_lookup_local(struct net *net,
240 				       const struct sockaddr_rxrpc *srx)
241 {
242 	struct rxrpc_local *local;
243 	struct rxrpc_net *rxnet = rxrpc_net(net);
244 	struct hlist_node *cursor;
245 	long diff;
246 	int ret;
247 
248 	_enter("{%d,%d,%pISp}",
249 	       srx->transport_type, srx->transport.family, &srx->transport);
250 
251 	mutex_lock(&rxnet->local_mutex);
252 
253 	hlist_for_each(cursor, &rxnet->local_endpoints) {
254 		local = hlist_entry(cursor, struct rxrpc_local, link);
255 
256 		diff = rxrpc_local_cmp_key(local, srx);
257 		if (diff != 0)
258 			continue;
259 
260 		/* Services aren't allowed to share transport sockets, so
261 		 * reject that here.  It is possible that the object is dying -
262 		 * but it may also still have the local transport address that
263 		 * we want bound.
264 		 */
265 		if (srx->srx_service) {
266 			local = NULL;
267 			goto addr_in_use;
268 		}
269 
270 		/* Found a match.  We want to replace a dying object.
271 		 * Attempting to bind the transport socket may still fail if
272 		 * we're attempting to use a local address that the dying
273 		 * object is still using.
274 		 */
275 		if (!rxrpc_use_local(local, rxrpc_local_use_lookup))
276 			break;
277 
278 		goto found;
279 	}
280 
281 	local = rxrpc_alloc_local(net, srx);
282 	if (!local)
283 		goto nomem;
284 
285 	ret = rxrpc_open_socket(local, net);
286 	if (ret < 0)
287 		goto sock_error;
288 
289 	if (cursor) {
290 		hlist_replace_rcu(cursor, &local->link);
291 		cursor->pprev = NULL;
292 	} else {
293 		hlist_add_head_rcu(&local->link, &rxnet->local_endpoints);
294 	}
295 
296 found:
297 	mutex_unlock(&rxnet->local_mutex);
298 	_leave(" = %p", local);
299 	return local;
300 
301 nomem:
302 	ret = -ENOMEM;
303 sock_error:
304 	mutex_unlock(&rxnet->local_mutex);
305 	if (local)
306 		call_rcu(&local->rcu, rxrpc_local_rcu);
307 	_leave(" = %d", ret);
308 	return ERR_PTR(ret);
309 
310 addr_in_use:
311 	mutex_unlock(&rxnet->local_mutex);
312 	_leave(" = -EADDRINUSE");
313 	return ERR_PTR(-EADDRINUSE);
314 }
315 
316 /*
317  * Get a ref on a local endpoint.
318  */
319 struct rxrpc_local *rxrpc_get_local(struct rxrpc_local *local,
320 				    enum rxrpc_local_trace why)
321 {
322 	int r, u;
323 
324 	u = atomic_read(&local->active_users);
325 	__refcount_inc(&local->ref, &r);
326 	trace_rxrpc_local(local->debug_id, why, r + 1, u);
327 	return local;
328 }
329 
330 /*
331  * Get a ref on a local endpoint unless its usage has already reached 0.
332  */
333 struct rxrpc_local *rxrpc_get_local_maybe(struct rxrpc_local *local,
334 					  enum rxrpc_local_trace why)
335 {
336 	int r, u;
337 
338 	if (local && __refcount_inc_not_zero(&local->ref, &r)) {
339 		u = atomic_read(&local->active_users);
340 		trace_rxrpc_local(local->debug_id, why, r + 1, u);
341 		return local;
342 	}
343 
344 	return NULL;
345 }
346 
347 /*
348  * Drop a ref on a local endpoint.
349  */
350 void rxrpc_put_local(struct rxrpc_local *local, enum rxrpc_local_trace why)
351 {
352 	unsigned int debug_id;
353 	bool dead;
354 	int r, u;
355 
356 	if (local) {
357 		debug_id = local->debug_id;
358 
359 		u = atomic_read(&local->active_users);
360 		dead = __refcount_dec_and_test(&local->ref, &r);
361 		trace_rxrpc_local(debug_id, why, r, u);
362 
363 		if (dead)
364 			call_rcu(&local->rcu, rxrpc_local_rcu);
365 	}
366 }
367 
368 /*
369  * Start using a local endpoint.
370  */
371 struct rxrpc_local *rxrpc_use_local(struct rxrpc_local *local,
372 				    enum rxrpc_local_trace why)
373 {
374 	local = rxrpc_get_local_maybe(local, rxrpc_local_get_for_use);
375 	if (!local)
376 		return NULL;
377 
378 	if (!__rxrpc_use_local(local, why)) {
379 		rxrpc_put_local(local, rxrpc_local_put_for_use);
380 		return NULL;
381 	}
382 
383 	return local;
384 }
385 
386 /*
387  * Cease using a local endpoint.  Once the number of active users reaches 0, we
388  * start the closure of the transport in the I/O thread..
389  */
390 void rxrpc_unuse_local(struct rxrpc_local *local, enum rxrpc_local_trace why)
391 {
392 	unsigned int debug_id;
393 	int r, u;
394 
395 	if (local) {
396 		debug_id = local->debug_id;
397 		r = refcount_read(&local->ref);
398 		u = atomic_dec_return(&local->active_users);
399 		trace_rxrpc_local(debug_id, why, r, u);
400 		if (u == 0)
401 			kthread_stop(local->io_thread);
402 	}
403 }
404 
405 /*
406  * Destroy a local endpoint's socket and then hand the record to RCU to dispose
407  * of.
408  *
409  * Closing the socket cannot be done from bottom half context or RCU callback
410  * context because it might sleep.
411  */
412 void rxrpc_destroy_local(struct rxrpc_local *local)
413 {
414 	struct socket *socket = local->socket;
415 	struct rxrpc_net *rxnet = local->rxnet;
416 
417 	_enter("%d", local->debug_id);
418 
419 	local->dead = true;
420 
421 	mutex_lock(&rxnet->local_mutex);
422 	hlist_del_init_rcu(&local->link);
423 	mutex_unlock(&rxnet->local_mutex);
424 
425 	rxrpc_clean_up_local_conns(local);
426 	rxrpc_service_connection_reaper(&rxnet->service_conn_reaper);
427 	ASSERT(!local->service);
428 
429 	if (socket) {
430 		local->socket = NULL;
431 		kernel_sock_shutdown(socket, SHUT_RDWR);
432 		socket->sk->sk_user_data = NULL;
433 		sock_release(socket);
434 	}
435 
436 	/* At this point, there should be no more packets coming in to the
437 	 * local endpoint.
438 	 */
439 #ifdef CONFIG_AF_RXRPC_INJECT_RX_DELAY
440 	rxrpc_purge_queue(&local->rx_delay_queue);
441 #endif
442 	rxrpc_purge_queue(&local->rx_queue);
443 	rxrpc_purge_client_connections(local);
444 }
445 
446 /*
447  * Destroy a local endpoint after the RCU grace period expires.
448  */
449 static void rxrpc_local_rcu(struct rcu_head *rcu)
450 {
451 	struct rxrpc_local *local = container_of(rcu, struct rxrpc_local, rcu);
452 
453 	rxrpc_see_local(local, rxrpc_local_free);
454 	kfree(local);
455 }
456 
457 /*
458  * Verify the local endpoint list is empty by this point.
459  */
460 void rxrpc_destroy_all_locals(struct rxrpc_net *rxnet)
461 {
462 	struct rxrpc_local *local;
463 
464 	_enter("");
465 
466 	flush_workqueue(rxrpc_workqueue);
467 
468 	if (!hlist_empty(&rxnet->local_endpoints)) {
469 		mutex_lock(&rxnet->local_mutex);
470 		hlist_for_each_entry(local, &rxnet->local_endpoints, link) {
471 			pr_err("AF_RXRPC: Leaked local %p {%d}\n",
472 			       local, refcount_read(&local->ref));
473 		}
474 		mutex_unlock(&rxnet->local_mutex);
475 		BUG();
476 	}
477 }
478