xref: /linux/net/rxrpc/peer_event.c (revision 27dfc44e1ba30d2d49675e21918bf4b3b3b59fa6)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* Peer event handling, typically ICMP messages.
3  *
4  * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
5  * Written by David Howells (dhowells@redhat.com)
6  */
7 
8 #include <linux/module.h>
9 #include <linux/net.h>
10 #include <linux/skbuff.h>
11 #include <linux/errqueue.h>
12 #include <linux/udp.h>
13 #include <linux/in.h>
14 #include <linux/in6.h>
15 #include <linux/icmp.h>
16 #include <net/sock.h>
17 #include <net/af_rxrpc.h>
18 #include <net/ip.h>
19 #include <net/icmp.h>
20 #include "ar-internal.h"
21 
22 static void rxrpc_adjust_mtu(struct rxrpc_peer *, unsigned int);
23 static void rxrpc_store_error(struct rxrpc_peer *, struct sock_exterr_skb *);
24 static void rxrpc_distribute_error(struct rxrpc_peer *, int,
25 				   enum rxrpc_call_completion);
26 
27 /*
28  * Find the peer associated with an ICMPv4 packet.
29  */
30 static struct rxrpc_peer *rxrpc_lookup_peer_icmp_rcu(struct rxrpc_local *local,
31 						     struct sk_buff *skb,
32 						     unsigned int udp_offset,
33 						     unsigned int *info,
34 						     struct sockaddr_rxrpc *srx)
35 {
36 	struct iphdr *ip, *ip0 = ip_hdr(skb);
37 	struct icmphdr *icmp = icmp_hdr(skb);
38 	struct udphdr *udp = (struct udphdr *)(skb->data + udp_offset);
39 
40 	_enter("%u,%u,%u", ip0->protocol, icmp->type, icmp->code);
41 
42 	switch (icmp->type) {
43 	case ICMP_DEST_UNREACH:
44 		*info = ntohs(icmp->un.frag.mtu);
45 		fallthrough;
46 	case ICMP_TIME_EXCEEDED:
47 	case ICMP_PARAMETERPROB:
48 		ip = (struct iphdr *)((void *)icmp + 8);
49 		break;
50 	default:
51 		return NULL;
52 	}
53 
54 	memset(srx, 0, sizeof(*srx));
55 	srx->transport_type = local->srx.transport_type;
56 	srx->transport_len = local->srx.transport_len;
57 	srx->transport.family = local->srx.transport.family;
58 
59 	/* Can we see an ICMP4 packet on an ICMP6 listening socket?  and vice
60 	 * versa?
61 	 */
62 	switch (srx->transport.family) {
63 	case AF_INET:
64 		srx->transport_len = sizeof(srx->transport.sin);
65 		srx->transport.family = AF_INET;
66 		srx->transport.sin.sin_port = udp->dest;
67 		memcpy(&srx->transport.sin.sin_addr, &ip->daddr,
68 		       sizeof(struct in_addr));
69 		break;
70 
71 #ifdef CONFIG_AF_RXRPC_IPV6
72 	case AF_INET6:
73 		srx->transport_len = sizeof(srx->transport.sin);
74 		srx->transport.family = AF_INET;
75 		srx->transport.sin.sin_port = udp->dest;
76 		memcpy(&srx->transport.sin.sin_addr, &ip->daddr,
77 		       sizeof(struct in_addr));
78 		break;
79 #endif
80 
81 	default:
82 		WARN_ON_ONCE(1);
83 		return NULL;
84 	}
85 
86 	_net("ICMP {%pISp}", &srx->transport);
87 	return rxrpc_lookup_peer_rcu(local, srx);
88 }
89 
90 #ifdef CONFIG_AF_RXRPC_IPV6
91 /*
92  * Find the peer associated with an ICMPv6 packet.
93  */
94 static struct rxrpc_peer *rxrpc_lookup_peer_icmp6_rcu(struct rxrpc_local *local,
95 						      struct sk_buff *skb,
96 						      unsigned int udp_offset,
97 						      unsigned int *info,
98 						      struct sockaddr_rxrpc *srx)
99 {
100 	struct icmp6hdr *icmp = icmp6_hdr(skb);
101 	struct ipv6hdr *ip, *ip0 = ipv6_hdr(skb);
102 	struct udphdr *udp = (struct udphdr *)(skb->data + udp_offset);
103 
104 	_enter("%u,%u,%u", ip0->nexthdr, icmp->icmp6_type, icmp->icmp6_code);
105 
106 	switch (icmp->icmp6_type) {
107 	case ICMPV6_DEST_UNREACH:
108 		*info = ntohl(icmp->icmp6_mtu);
109 		fallthrough;
110 	case ICMPV6_PKT_TOOBIG:
111 	case ICMPV6_TIME_EXCEED:
112 	case ICMPV6_PARAMPROB:
113 		ip = (struct ipv6hdr *)((void *)icmp + 8);
114 		break;
115 	default:
116 		return NULL;
117 	}
118 
119 	memset(srx, 0, sizeof(*srx));
120 	srx->transport_type = local->srx.transport_type;
121 	srx->transport_len = local->srx.transport_len;
122 	srx->transport.family = local->srx.transport.family;
123 
124 	/* Can we see an ICMP4 packet on an ICMP6 listening socket?  and vice
125 	 * versa?
126 	 */
127 	switch (srx->transport.family) {
128 	case AF_INET:
129 		_net("Rx ICMP6 on v4 sock");
130 		srx->transport_len = sizeof(srx->transport.sin);
131 		srx->transport.family = AF_INET;
132 		srx->transport.sin.sin_port = udp->dest;
133 		memcpy(&srx->transport.sin.sin_addr,
134 		       &ip->daddr.s6_addr32[3], sizeof(struct in_addr));
135 		break;
136 	case AF_INET6:
137 		_net("Rx ICMP6");
138 		srx->transport.sin.sin_port = udp->dest;
139 		memcpy(&srx->transport.sin6.sin6_addr, &ip->daddr,
140 		       sizeof(struct in6_addr));
141 		break;
142 	default:
143 		WARN_ON_ONCE(1);
144 		return NULL;
145 	}
146 
147 	_net("ICMP {%pISp}", &srx->transport);
148 	return rxrpc_lookup_peer_rcu(local, srx);
149 }
150 #endif /* CONFIG_AF_RXRPC_IPV6 */
151 
152 /*
153  * Handle an error received on the local endpoint as a tunnel.
154  */
155 void rxrpc_encap_err_rcv(struct sock *sk, struct sk_buff *skb,
156 			 unsigned int udp_offset)
157 {
158 	struct sock_extended_err ee;
159 	struct sockaddr_rxrpc srx;
160 	struct rxrpc_local *local;
161 	struct rxrpc_peer *peer;
162 	unsigned int info = 0;
163 	int err;
164 	u8 version = ip_hdr(skb)->version;
165 	u8 type = icmp_hdr(skb)->type;
166 	u8 code = icmp_hdr(skb)->code;
167 
168 	rcu_read_lock();
169 	local = rcu_dereference_sk_user_data(sk);
170 	if (unlikely(!local)) {
171 		rcu_read_unlock();
172 		return;
173 	}
174 
175 	rxrpc_new_skb(skb, rxrpc_skb_received);
176 
177 	switch (ip_hdr(skb)->version) {
178 	case IPVERSION:
179 		peer = rxrpc_lookup_peer_icmp_rcu(local, skb, udp_offset,
180 						  &info, &srx);
181 		break;
182 #ifdef CONFIG_AF_RXRPC_IPV6
183 	case 6:
184 		peer = rxrpc_lookup_peer_icmp6_rcu(local, skb, udp_offset,
185 						   &info, &srx);
186 		break;
187 #endif
188 	default:
189 		rcu_read_unlock();
190 		return;
191 	}
192 
193 	if (peer && !rxrpc_get_peer_maybe(peer))
194 		peer = NULL;
195 	if (!peer) {
196 		rcu_read_unlock();
197 		return;
198 	}
199 
200 	memset(&ee, 0, sizeof(ee));
201 
202 	switch (version) {
203 	case IPVERSION:
204 		switch (type) {
205 		case ICMP_DEST_UNREACH:
206 			switch (code) {
207 			case ICMP_FRAG_NEEDED:
208 				rxrpc_adjust_mtu(peer, info);
209 				rcu_read_unlock();
210 				rxrpc_put_peer(peer);
211 				return;
212 			default:
213 				break;
214 			}
215 
216 			err = EHOSTUNREACH;
217 			if (code <= NR_ICMP_UNREACH) {
218 				/* Might want to do something different with
219 				 * non-fatal errors
220 				 */
221 				//harderr = icmp_err_convert[code].fatal;
222 				err = icmp_err_convert[code].errno;
223 			}
224 			break;
225 
226 		case ICMP_TIME_EXCEEDED:
227 			err = EHOSTUNREACH;
228 			break;
229 		default:
230 			err = EPROTO;
231 			break;
232 		}
233 
234 		ee.ee_origin = SO_EE_ORIGIN_ICMP;
235 		ee.ee_type = type;
236 		ee.ee_code = code;
237 		ee.ee_errno = err;
238 		break;
239 
240 #ifdef CONFIG_AF_RXRPC_IPV6
241 	case 6:
242 		switch (type) {
243 		case ICMPV6_PKT_TOOBIG:
244 			rxrpc_adjust_mtu(peer, info);
245 			rcu_read_unlock();
246 			rxrpc_put_peer(peer);
247 			return;
248 		}
249 
250 		icmpv6_err_convert(type, code, &err);
251 
252 		if (err == EACCES)
253 			err = EHOSTUNREACH;
254 
255 		ee.ee_origin = SO_EE_ORIGIN_ICMP6;
256 		ee.ee_type = type;
257 		ee.ee_code = code;
258 		ee.ee_errno = err;
259 		break;
260 #endif
261 	}
262 
263 	trace_rxrpc_rx_icmp(peer, &ee, &srx);
264 
265 	rxrpc_distribute_error(peer, err, RXRPC_CALL_NETWORK_ERROR);
266 	rcu_read_unlock();
267 	rxrpc_put_peer(peer);
268 }
269 
270 /*
271  * Find the peer associated with a local error.
272  */
273 static struct rxrpc_peer *rxrpc_lookup_peer_local_rcu(struct rxrpc_local *local,
274 						      const struct sk_buff *skb,
275 						      struct sockaddr_rxrpc *srx)
276 {
277 	struct sock_exterr_skb *serr = SKB_EXT_ERR(skb);
278 
279 	_enter("");
280 
281 	memset(srx, 0, sizeof(*srx));
282 	srx->transport_type = local->srx.transport_type;
283 	srx->transport_len = local->srx.transport_len;
284 	srx->transport.family = local->srx.transport.family;
285 
286 	switch (srx->transport.family) {
287 	case AF_INET:
288 		srx->transport_len = sizeof(srx->transport.sin);
289 		srx->transport.family = AF_INET;
290 		srx->transport.sin.sin_port = serr->port;
291 		switch (serr->ee.ee_origin) {
292 		case SO_EE_ORIGIN_ICMP:
293 			_net("Rx ICMP");
294 			memcpy(&srx->transport.sin.sin_addr,
295 			       skb_network_header(skb) + serr->addr_offset,
296 			       sizeof(struct in_addr));
297 			break;
298 		case SO_EE_ORIGIN_ICMP6:
299 			_net("Rx ICMP6 on v4 sock");
300 			memcpy(&srx->transport.sin.sin_addr,
301 			       skb_network_header(skb) + serr->addr_offset + 12,
302 			       sizeof(struct in_addr));
303 			break;
304 		default:
305 			memcpy(&srx->transport.sin.sin_addr, &ip_hdr(skb)->saddr,
306 			       sizeof(struct in_addr));
307 			break;
308 		}
309 		break;
310 
311 #ifdef CONFIG_AF_RXRPC_IPV6
312 	case AF_INET6:
313 		switch (serr->ee.ee_origin) {
314 		case SO_EE_ORIGIN_ICMP6:
315 			_net("Rx ICMP6");
316 			srx->transport.sin6.sin6_port = serr->port;
317 			memcpy(&srx->transport.sin6.sin6_addr,
318 			       skb_network_header(skb) + serr->addr_offset,
319 			       sizeof(struct in6_addr));
320 			break;
321 		case SO_EE_ORIGIN_ICMP:
322 			_net("Rx ICMP on v6 sock");
323 			srx->transport_len = sizeof(srx->transport.sin);
324 			srx->transport.family = AF_INET;
325 			srx->transport.sin.sin_port = serr->port;
326 			memcpy(&srx->transport.sin.sin_addr,
327 			       skb_network_header(skb) + serr->addr_offset,
328 			       sizeof(struct in_addr));
329 			break;
330 		default:
331 			memcpy(&srx->transport.sin6.sin6_addr,
332 			       &ipv6_hdr(skb)->saddr,
333 			       sizeof(struct in6_addr));
334 			break;
335 		}
336 		break;
337 #endif
338 
339 	default:
340 		BUG();
341 	}
342 
343 	return rxrpc_lookup_peer_rcu(local, srx);
344 }
345 
346 /*
347  * Handle an MTU/fragmentation problem.
348  */
349 static void rxrpc_adjust_mtu(struct rxrpc_peer *peer, unsigned int mtu)
350 {
351 	_net("Rx ICMP Fragmentation Needed (%d)", mtu);
352 
353 	/* wind down the local interface MTU */
354 	if (mtu > 0 && peer->if_mtu == 65535 && mtu < peer->if_mtu) {
355 		peer->if_mtu = mtu;
356 		_net("I/F MTU %u", mtu);
357 	}
358 
359 	if (mtu == 0) {
360 		/* they didn't give us a size, estimate one */
361 		mtu = peer->if_mtu;
362 		if (mtu > 1500) {
363 			mtu >>= 1;
364 			if (mtu < 1500)
365 				mtu = 1500;
366 		} else {
367 			mtu -= 100;
368 			if (mtu < peer->hdrsize)
369 				mtu = peer->hdrsize + 4;
370 		}
371 	}
372 
373 	if (mtu < peer->mtu) {
374 		spin_lock_bh(&peer->lock);
375 		peer->mtu = mtu;
376 		peer->maxdata = peer->mtu - peer->hdrsize;
377 		spin_unlock_bh(&peer->lock);
378 		_net("Net MTU %u (maxdata %u)",
379 		     peer->mtu, peer->maxdata);
380 	}
381 }
382 
383 /*
384  * Handle an error received on the local endpoint.
385  */
386 void rxrpc_error_report(struct sock *sk)
387 {
388 	struct sock_exterr_skb *serr;
389 	struct sockaddr_rxrpc srx;
390 	struct rxrpc_local *local;
391 	struct rxrpc_peer *peer = NULL;
392 	struct sk_buff *skb;
393 
394 	rcu_read_lock();
395 	local = rcu_dereference_sk_user_data(sk);
396 	if (unlikely(!local)) {
397 		rcu_read_unlock();
398 		return;
399 	}
400 	_enter("%p{%d}", sk, local->debug_id);
401 
402 	/* Clear the outstanding error value on the socket so that it doesn't
403 	 * cause kernel_sendmsg() to return it later.
404 	 */
405 	sock_error(sk);
406 
407 	skb = sock_dequeue_err_skb(sk);
408 	if (!skb) {
409 		rcu_read_unlock();
410 		_leave("UDP socket errqueue empty");
411 		return;
412 	}
413 	rxrpc_new_skb(skb, rxrpc_skb_received);
414 	serr = SKB_EXT_ERR(skb);
415 
416 	if (serr->ee.ee_origin == SO_EE_ORIGIN_LOCAL) {
417 		peer = rxrpc_lookup_peer_local_rcu(local, skb, &srx);
418 		if (peer && !rxrpc_get_peer_maybe(peer))
419 			peer = NULL;
420 		if (peer) {
421 			trace_rxrpc_rx_icmp(peer, &serr->ee, &srx);
422 			rxrpc_store_error(peer, serr);
423 		}
424 	}
425 
426 	rcu_read_unlock();
427 	rxrpc_free_skb(skb, rxrpc_skb_freed);
428 	rxrpc_put_peer(peer);
429 	_leave("");
430 }
431 
432 /*
433  * Map an error report to error codes on the peer record.
434  */
435 static void rxrpc_store_error(struct rxrpc_peer *peer,
436 			      struct sock_exterr_skb *serr)
437 {
438 	enum rxrpc_call_completion compl = RXRPC_CALL_NETWORK_ERROR;
439 	struct sock_extended_err *ee;
440 	int err;
441 
442 	_enter("");
443 
444 	ee = &serr->ee;
445 
446 	err = ee->ee_errno;
447 
448 	switch (ee->ee_origin) {
449 	case SO_EE_ORIGIN_ICMP:
450 		switch (ee->ee_type) {
451 		case ICMP_DEST_UNREACH:
452 			switch (ee->ee_code) {
453 			case ICMP_NET_UNREACH:
454 				_net("Rx Received ICMP Network Unreachable");
455 				break;
456 			case ICMP_HOST_UNREACH:
457 				_net("Rx Received ICMP Host Unreachable");
458 				break;
459 			case ICMP_PORT_UNREACH:
460 				_net("Rx Received ICMP Port Unreachable");
461 				break;
462 			case ICMP_NET_UNKNOWN:
463 				_net("Rx Received ICMP Unknown Network");
464 				break;
465 			case ICMP_HOST_UNKNOWN:
466 				_net("Rx Received ICMP Unknown Host");
467 				break;
468 			default:
469 				_net("Rx Received ICMP DestUnreach code=%u",
470 				     ee->ee_code);
471 				break;
472 			}
473 			break;
474 
475 		case ICMP_TIME_EXCEEDED:
476 			_net("Rx Received ICMP TTL Exceeded");
477 			break;
478 
479 		default:
480 			_proto("Rx Received ICMP error { type=%u code=%u }",
481 			       ee->ee_type, ee->ee_code);
482 			break;
483 		}
484 		break;
485 
486 	case SO_EE_ORIGIN_NONE:
487 	case SO_EE_ORIGIN_LOCAL:
488 		_proto("Rx Received local error { error=%d }", err);
489 		compl = RXRPC_CALL_LOCAL_ERROR;
490 		break;
491 
492 	case SO_EE_ORIGIN_ICMP6:
493 		if (err == EACCES)
494 			err = EHOSTUNREACH;
495 		fallthrough;
496 	default:
497 		_proto("Rx Received error report { orig=%u }", ee->ee_origin);
498 		break;
499 	}
500 
501 	rxrpc_distribute_error(peer, err, compl);
502 }
503 
504 /*
505  * Distribute an error that occurred on a peer.
506  */
507 static void rxrpc_distribute_error(struct rxrpc_peer *peer, int error,
508 				   enum rxrpc_call_completion compl)
509 {
510 	struct rxrpc_call *call;
511 
512 	hlist_for_each_entry_rcu(call, &peer->error_targets, error_link) {
513 		rxrpc_see_call(call);
514 		rxrpc_set_call_completion(call, compl, 0, -error);
515 	}
516 }
517 
518 /*
519  * Perform keep-alive pings.
520  */
521 static void rxrpc_peer_keepalive_dispatch(struct rxrpc_net *rxnet,
522 					  struct list_head *collector,
523 					  time64_t base,
524 					  u8 cursor)
525 {
526 	struct rxrpc_peer *peer;
527 	const u8 mask = ARRAY_SIZE(rxnet->peer_keepalive) - 1;
528 	time64_t keepalive_at;
529 	int slot;
530 
531 	spin_lock_bh(&rxnet->peer_hash_lock);
532 
533 	while (!list_empty(collector)) {
534 		peer = list_entry(collector->next,
535 				  struct rxrpc_peer, keepalive_link);
536 
537 		list_del_init(&peer->keepalive_link);
538 		if (!rxrpc_get_peer_maybe(peer))
539 			continue;
540 
541 		if (__rxrpc_use_local(peer->local)) {
542 			spin_unlock_bh(&rxnet->peer_hash_lock);
543 
544 			keepalive_at = peer->last_tx_at + RXRPC_KEEPALIVE_TIME;
545 			slot = keepalive_at - base;
546 			_debug("%02x peer %u t=%d {%pISp}",
547 			       cursor, peer->debug_id, slot, &peer->srx.transport);
548 
549 			if (keepalive_at <= base ||
550 			    keepalive_at > base + RXRPC_KEEPALIVE_TIME) {
551 				rxrpc_send_keepalive(peer);
552 				slot = RXRPC_KEEPALIVE_TIME;
553 			}
554 
555 			/* A transmission to this peer occurred since last we
556 			 * examined it so put it into the appropriate future
557 			 * bucket.
558 			 */
559 			slot += cursor;
560 			slot &= mask;
561 			spin_lock_bh(&rxnet->peer_hash_lock);
562 			list_add_tail(&peer->keepalive_link,
563 				      &rxnet->peer_keepalive[slot & mask]);
564 			rxrpc_unuse_local(peer->local);
565 		}
566 		rxrpc_put_peer_locked(peer);
567 	}
568 
569 	spin_unlock_bh(&rxnet->peer_hash_lock);
570 }
571 
572 /*
573  * Perform keep-alive pings with VERSION packets to keep any NAT alive.
574  */
575 void rxrpc_peer_keepalive_worker(struct work_struct *work)
576 {
577 	struct rxrpc_net *rxnet =
578 		container_of(work, struct rxrpc_net, peer_keepalive_work);
579 	const u8 mask = ARRAY_SIZE(rxnet->peer_keepalive) - 1;
580 	time64_t base, now, delay;
581 	u8 cursor, stop;
582 	LIST_HEAD(collector);
583 
584 	now = ktime_get_seconds();
585 	base = rxnet->peer_keepalive_base;
586 	cursor = rxnet->peer_keepalive_cursor;
587 	_enter("%lld,%u", base - now, cursor);
588 
589 	if (!rxnet->live)
590 		return;
591 
592 	/* Remove to a temporary list all the peers that are currently lodged
593 	 * in expired buckets plus all new peers.
594 	 *
595 	 * Everything in the bucket at the cursor is processed this
596 	 * second; the bucket at cursor + 1 goes at now + 1s and so
597 	 * on...
598 	 */
599 	spin_lock_bh(&rxnet->peer_hash_lock);
600 	list_splice_init(&rxnet->peer_keepalive_new, &collector);
601 
602 	stop = cursor + ARRAY_SIZE(rxnet->peer_keepalive);
603 	while (base <= now && (s8)(cursor - stop) < 0) {
604 		list_splice_tail_init(&rxnet->peer_keepalive[cursor & mask],
605 				      &collector);
606 		base++;
607 		cursor++;
608 	}
609 
610 	base = now;
611 	spin_unlock_bh(&rxnet->peer_hash_lock);
612 
613 	rxnet->peer_keepalive_base = base;
614 	rxnet->peer_keepalive_cursor = cursor;
615 	rxrpc_peer_keepalive_dispatch(rxnet, &collector, base, cursor);
616 	ASSERT(list_empty(&collector));
617 
618 	/* Schedule the timer for the next occupied timeslot. */
619 	cursor = rxnet->peer_keepalive_cursor;
620 	stop = cursor + RXRPC_KEEPALIVE_TIME - 1;
621 	for (; (s8)(cursor - stop) < 0; cursor++) {
622 		if (!list_empty(&rxnet->peer_keepalive[cursor & mask]))
623 			break;
624 		base++;
625 	}
626 
627 	now = ktime_get_seconds();
628 	delay = base - now;
629 	if (delay < 1)
630 		delay = 1;
631 	delay *= HZ;
632 	if (rxnet->live)
633 		timer_reduce(&rxnet->peer_keepalive_timer, jiffies + delay);
634 
635 	_leave("");
636 }
637