xref: /linux/net/rxrpc/sendmsg.c (revision 9ee0034b8f49aaaa7e7c2da8db1038915db99c19) 
1 /* AF_RXRPC sendmsg() implementation.
2  *
3  * Copyright (C) 2007, 2016 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public Licence
8  * as published by the Free Software Foundation; either version
9  * 2 of the Licence, or (at your option) any later version.
10  */
11 
12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13 
14 #include <linux/net.h>
15 #include <linux/gfp.h>
16 #include <linux/skbuff.h>
17 #include <linux/export.h>
18 #include <net/sock.h>
19 #include <net/af_rxrpc.h>
20 #include "ar-internal.h"
21 
22 enum rxrpc_command {
23 	RXRPC_CMD_SEND_DATA,		/* send data message */
24 	RXRPC_CMD_SEND_ABORT,		/* request abort generation */
25 	RXRPC_CMD_ACCEPT,		/* [server] accept incoming call */
26 	RXRPC_CMD_REJECT_BUSY,		/* [server] reject a call as busy */
27 };
28 
29 /*
30  * wait for space to appear in the transmit/ACK window
31  * - caller holds the socket locked
32  */
33 static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx,
34 				    struct rxrpc_call *call,
35 				    long *timeo)
36 {
37 	DECLARE_WAITQUEUE(myself, current);
38 	int ret;
39 
40 	_enter(",{%u,%u,%u}",
41 	       call->tx_hard_ack, call->tx_top, call->tx_winsize);
42 
43 	add_wait_queue(&call->waitq, &myself);
44 
45 	for (;;) {
46 		set_current_state(TASK_INTERRUPTIBLE);
47 		ret = 0;
48 		if (call->tx_top - call->tx_hard_ack < call->tx_winsize)
49 			break;
50 		if (call->state >= RXRPC_CALL_COMPLETE) {
51 			ret = -call->error;
52 			break;
53 		}
54 		if (signal_pending(current)) {
55 			ret = sock_intr_errno(*timeo);
56 			break;
57 		}
58 
59 		release_sock(&rx->sk);
60 		*timeo = schedule_timeout(*timeo);
61 		lock_sock(&rx->sk);
62 	}
63 
64 	remove_wait_queue(&call->waitq, &myself);
65 	set_current_state(TASK_RUNNING);
66 	_leave(" = %d", ret);
67 	return ret;
68 }
69 
70 /*
71  * Schedule an instant Tx resend.
72  */
73 static inline void rxrpc_instant_resend(struct rxrpc_call *call, int ix)
74 {
75 	spin_lock_bh(&call->lock);
76 
77 	if (call->state < RXRPC_CALL_COMPLETE) {
78 		call->rxtx_annotations[ix] = RXRPC_TX_ANNO_RETRANS;
79 		if (!test_and_set_bit(RXRPC_CALL_EV_RESEND, &call->events))
80 			rxrpc_queue_call(call);
81 	}
82 
83 	spin_unlock_bh(&call->lock);
84 }
85 
86 /*
87  * Queue a DATA packet for transmission, set the resend timeout and send the
88  * packet immediately
89  */
90 static void rxrpc_queue_packet(struct rxrpc_call *call, struct sk_buff *skb,
91 			       bool last)
92 {
93 	struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
94 	rxrpc_seq_t seq = sp->hdr.seq;
95 	int ret, ix;
96 
97 	_net("queue skb %p [%d]", skb, seq);
98 
99 	ASSERTCMP(seq, ==, call->tx_top + 1);
100 
101 	ix = seq & RXRPC_RXTX_BUFF_MASK;
102 	rxrpc_get_skb(skb);
103 	call->rxtx_annotations[ix] = RXRPC_TX_ANNO_UNACK;
104 	smp_wmb();
105 	call->rxtx_buffer[ix] = skb;
106 	call->tx_top = seq;
107 	if (last)
108 		set_bit(RXRPC_CALL_TX_LAST, &call->flags);
109 
110 	if (last || call->state == RXRPC_CALL_SERVER_ACK_REQUEST) {
111 		_debug("________awaiting reply/ACK__________");
112 		write_lock_bh(&call->state_lock);
113 		switch (call->state) {
114 		case RXRPC_CALL_CLIENT_SEND_REQUEST:
115 			call->state = RXRPC_CALL_CLIENT_AWAIT_REPLY;
116 			break;
117 		case RXRPC_CALL_SERVER_ACK_REQUEST:
118 			call->state = RXRPC_CALL_SERVER_SEND_REPLY;
119 			if (!last)
120 				break;
121 		case RXRPC_CALL_SERVER_SEND_REPLY:
122 			call->state = RXRPC_CALL_SERVER_AWAIT_ACK;
123 			break;
124 		default:
125 			break;
126 		}
127 		write_unlock_bh(&call->state_lock);
128 	}
129 
130 	_proto("Tx DATA %%%u { #%u }", sp->hdr.serial, sp->hdr.seq);
131 
132 	if (seq == 1 && rxrpc_is_client_call(call))
133 		rxrpc_expose_client_call(call);
134 
135 	sp->resend_at = jiffies + rxrpc_resend_timeout;
136 	ret = rxrpc_send_data_packet(call->conn, skb);
137 	if (ret < 0) {
138 		_debug("need instant resend %d", ret);
139 		rxrpc_instant_resend(call, ix);
140 	}
141 
142 	rxrpc_free_skb(skb);
143 	_leave("");
144 }
145 
146 /*
147  * Convert a host-endian header into a network-endian header.
148  */
149 static void rxrpc_insert_header(struct sk_buff *skb)
150 {
151 	struct rxrpc_wire_header whdr;
152 	struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
153 
154 	whdr.epoch	= htonl(sp->hdr.epoch);
155 	whdr.cid	= htonl(sp->hdr.cid);
156 	whdr.callNumber	= htonl(sp->hdr.callNumber);
157 	whdr.seq	= htonl(sp->hdr.seq);
158 	whdr.serial	= htonl(sp->hdr.serial);
159 	whdr.type	= sp->hdr.type;
160 	whdr.flags	= sp->hdr.flags;
161 	whdr.userStatus	= sp->hdr.userStatus;
162 	whdr.securityIndex = sp->hdr.securityIndex;
163 	whdr._rsvd	= htons(sp->hdr._rsvd);
164 	whdr.serviceId	= htons(sp->hdr.serviceId);
165 
166 	memcpy(skb->head, &whdr, sizeof(whdr));
167 }
168 
169 /*
170  * send data through a socket
171  * - must be called in process context
172  * - caller holds the socket locked
173  */
174 static int rxrpc_send_data(struct rxrpc_sock *rx,
175 			   struct rxrpc_call *call,
176 			   struct msghdr *msg, size_t len)
177 {
178 	struct rxrpc_skb_priv *sp;
179 	struct sk_buff *skb;
180 	struct sock *sk = &rx->sk;
181 	long timeo;
182 	bool more;
183 	int ret, copied;
184 
185 	timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
186 
187 	/* this should be in poll */
188 	sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
189 
190 	if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN))
191 		return -EPIPE;
192 
193 	more = msg->msg_flags & MSG_MORE;
194 
195 	skb = call->tx_pending;
196 	call->tx_pending = NULL;
197 	rxrpc_see_skb(skb);
198 
199 	copied = 0;
200 	do {
201 		if (!skb) {
202 			size_t size, chunk, max, space;
203 
204 			_debug("alloc");
205 
206 			if (call->tx_top - call->tx_hard_ack >=
207 			    call->tx_winsize) {
208 				ret = -EAGAIN;
209 				if (msg->msg_flags & MSG_DONTWAIT)
210 					goto maybe_error;
211 				ret = rxrpc_wait_for_tx_window(rx, call,
212 							       &timeo);
213 				if (ret < 0)
214 					goto maybe_error;
215 			}
216 
217 			max = call->conn->params.peer->maxdata;
218 			max -= call->conn->security_size;
219 			max &= ~(call->conn->size_align - 1UL);
220 
221 			chunk = max;
222 			if (chunk > msg_data_left(msg) && !more)
223 				chunk = msg_data_left(msg);
224 
225 			space = chunk + call->conn->size_align;
226 			space &= ~(call->conn->size_align - 1UL);
227 
228 			size = space + call->conn->header_size;
229 
230 			_debug("SIZE: %zu/%zu/%zu", chunk, space, size);
231 
232 			/* create a buffer that we can retain until it's ACK'd */
233 			skb = sock_alloc_send_skb(
234 				sk, size, msg->msg_flags & MSG_DONTWAIT, &ret);
235 			if (!skb)
236 				goto maybe_error;
237 
238 			rxrpc_new_skb(skb);
239 
240 			_debug("ALLOC SEND %p", skb);
241 
242 			ASSERTCMP(skb->mark, ==, 0);
243 
244 			_debug("HS: %u", call->conn->header_size);
245 			skb_reserve(skb, call->conn->header_size);
246 			skb->len += call->conn->header_size;
247 
248 			sp = rxrpc_skb(skb);
249 			sp->remain = chunk;
250 			if (sp->remain > skb_tailroom(skb))
251 				sp->remain = skb_tailroom(skb);
252 
253 			_net("skb: hr %d, tr %d, hl %d, rm %d",
254 			       skb_headroom(skb),
255 			       skb_tailroom(skb),
256 			       skb_headlen(skb),
257 			       sp->remain);
258 
259 			skb->ip_summed = CHECKSUM_UNNECESSARY;
260 		}
261 
262 		_debug("append");
263 		sp = rxrpc_skb(skb);
264 
265 		/* append next segment of data to the current buffer */
266 		if (msg_data_left(msg) > 0) {
267 			int copy = skb_tailroom(skb);
268 			ASSERTCMP(copy, >, 0);
269 			if (copy > msg_data_left(msg))
270 				copy = msg_data_left(msg);
271 			if (copy > sp->remain)
272 				copy = sp->remain;
273 
274 			_debug("add");
275 			ret = skb_add_data(skb, &msg->msg_iter, copy);
276 			_debug("added");
277 			if (ret < 0)
278 				goto efault;
279 			sp->remain -= copy;
280 			skb->mark += copy;
281 			copied += copy;
282 		}
283 
284 		/* check for the far side aborting the call or a network error
285 		 * occurring */
286 		if (call->state == RXRPC_CALL_COMPLETE)
287 			goto call_terminated;
288 
289 		/* add the packet to the send queue if it's now full */
290 		if (sp->remain <= 0 ||
291 		    (msg_data_left(msg) == 0 && !more)) {
292 			struct rxrpc_connection *conn = call->conn;
293 			uint32_t seq;
294 			size_t pad;
295 
296 			/* pad out if we're using security */
297 			if (conn->security_ix) {
298 				pad = conn->security_size + skb->mark;
299 				pad = conn->size_align - pad;
300 				pad &= conn->size_align - 1;
301 				_debug("pad %zu", pad);
302 				if (pad)
303 					memset(skb_put(skb, pad), 0, pad);
304 			}
305 
306 			seq = call->tx_top + 1;
307 
308 			sp->hdr.epoch	= conn->proto.epoch;
309 			sp->hdr.cid	= call->cid;
310 			sp->hdr.callNumber = call->call_id;
311 			sp->hdr.seq	= seq;
312 			sp->hdr.serial	= atomic_inc_return(&conn->serial);
313 			sp->hdr.type	= RXRPC_PACKET_TYPE_DATA;
314 			sp->hdr.userStatus = 0;
315 			sp->hdr.securityIndex = call->security_ix;
316 			sp->hdr._rsvd	= 0;
317 			sp->hdr.serviceId = call->service_id;
318 
319 			sp->hdr.flags = conn->out_clientflag;
320 			if (msg_data_left(msg) == 0 && !more)
321 				sp->hdr.flags |= RXRPC_LAST_PACKET;
322 			else if (call->tx_top - call->tx_hard_ack <
323 				 call->tx_winsize)
324 				sp->hdr.flags |= RXRPC_MORE_PACKETS;
325 			if (more && seq & 1)
326 				sp->hdr.flags |= RXRPC_REQUEST_ACK;
327 
328 			ret = conn->security->secure_packet(
329 				call, skb, skb->mark,
330 				skb->head + sizeof(struct rxrpc_wire_header));
331 			if (ret < 0)
332 				goto out;
333 
334 			rxrpc_insert_header(skb);
335 			rxrpc_queue_packet(call, skb, !msg_data_left(msg) && !more);
336 			skb = NULL;
337 		}
338 	} while (msg_data_left(msg) > 0);
339 
340 success:
341 	ret = copied;
342 out:
343 	call->tx_pending = skb;
344 	_leave(" = %d", ret);
345 	return ret;
346 
347 call_terminated:
348 	rxrpc_free_skb(skb);
349 	_leave(" = %d", -call->error);
350 	return -call->error;
351 
352 maybe_error:
353 	if (copied)
354 		goto success;
355 	goto out;
356 
357 efault:
358 	ret = -EFAULT;
359 	goto out;
360 }
361 
362 /*
363  * extract control messages from the sendmsg() control buffer
364  */
365 static int rxrpc_sendmsg_cmsg(struct msghdr *msg,
366 			      unsigned long *user_call_ID,
367 			      enum rxrpc_command *command,
368 			      u32 *abort_code,
369 			      bool *_exclusive)
370 {
371 	struct cmsghdr *cmsg;
372 	bool got_user_ID = false;
373 	int len;
374 
375 	*command = RXRPC_CMD_SEND_DATA;
376 
377 	if (msg->msg_controllen == 0)
378 		return -EINVAL;
379 
380 	for_each_cmsghdr(cmsg, msg) {
381 		if (!CMSG_OK(msg, cmsg))
382 			return -EINVAL;
383 
384 		len = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
385 		_debug("CMSG %d, %d, %d",
386 		       cmsg->cmsg_level, cmsg->cmsg_type, len);
387 
388 		if (cmsg->cmsg_level != SOL_RXRPC)
389 			continue;
390 
391 		switch (cmsg->cmsg_type) {
392 		case RXRPC_USER_CALL_ID:
393 			if (msg->msg_flags & MSG_CMSG_COMPAT) {
394 				if (len != sizeof(u32))
395 					return -EINVAL;
396 				*user_call_ID = *(u32 *) CMSG_DATA(cmsg);
397 			} else {
398 				if (len != sizeof(unsigned long))
399 					return -EINVAL;
400 				*user_call_ID = *(unsigned long *)
401 					CMSG_DATA(cmsg);
402 			}
403 			_debug("User Call ID %lx", *user_call_ID);
404 			got_user_ID = true;
405 			break;
406 
407 		case RXRPC_ABORT:
408 			if (*command != RXRPC_CMD_SEND_DATA)
409 				return -EINVAL;
410 			*command = RXRPC_CMD_SEND_ABORT;
411 			if (len != sizeof(*abort_code))
412 				return -EINVAL;
413 			*abort_code = *(unsigned int *) CMSG_DATA(cmsg);
414 			_debug("Abort %x", *abort_code);
415 			if (*abort_code == 0)
416 				return -EINVAL;
417 			break;
418 
419 		case RXRPC_ACCEPT:
420 			if (*command != RXRPC_CMD_SEND_DATA)
421 				return -EINVAL;
422 			*command = RXRPC_CMD_ACCEPT;
423 			if (len != 0)
424 				return -EINVAL;
425 			break;
426 
427 		case RXRPC_EXCLUSIVE_CALL:
428 			*_exclusive = true;
429 			if (len != 0)
430 				return -EINVAL;
431 			break;
432 		default:
433 			return -EINVAL;
434 		}
435 	}
436 
437 	if (!got_user_ID)
438 		return -EINVAL;
439 	_leave(" = 0");
440 	return 0;
441 }
442 
443 /*
444  * Create a new client call for sendmsg().
445  */
446 static struct rxrpc_call *
447 rxrpc_new_client_call_for_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg,
448 				  unsigned long user_call_ID, bool exclusive)
449 {
450 	struct rxrpc_conn_parameters cp;
451 	struct rxrpc_call *call;
452 	struct key *key;
453 
454 	DECLARE_SOCKADDR(struct sockaddr_rxrpc *, srx, msg->msg_name);
455 
456 	_enter("");
457 
458 	if (!msg->msg_name)
459 		return ERR_PTR(-EDESTADDRREQ);
460 
461 	key = rx->key;
462 	if (key && !rx->key->payload.data[0])
463 		key = NULL;
464 
465 	memset(&cp, 0, sizeof(cp));
466 	cp.local		= rx->local;
467 	cp.key			= rx->key;
468 	cp.security_level	= rx->min_sec_level;
469 	cp.exclusive		= rx->exclusive | exclusive;
470 	cp.service_id		= srx->srx_service;
471 	call = rxrpc_new_client_call(rx, &cp, srx, user_call_ID, GFP_KERNEL);
472 
473 	_leave(" = %p\n", call);
474 	return call;
475 }
476 
477 /*
478  * send a message forming part of a client call through an RxRPC socket
479  * - caller holds the socket locked
480  * - the socket may be either a client socket or a server socket
481  */
482 int rxrpc_do_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg, size_t len)
483 {
484 	enum rxrpc_command cmd;
485 	struct rxrpc_call *call;
486 	unsigned long user_call_ID = 0;
487 	bool exclusive = false;
488 	u32 abort_code = 0;
489 	int ret;
490 
491 	_enter("");
492 
493 	ret = rxrpc_sendmsg_cmsg(msg, &user_call_ID, &cmd, &abort_code,
494 				 &exclusive);
495 	if (ret < 0)
496 		return ret;
497 
498 	if (cmd == RXRPC_CMD_ACCEPT) {
499 		if (rx->sk.sk_state != RXRPC_SERVER_LISTENING)
500 			return -EINVAL;
501 		call = rxrpc_accept_call(rx, user_call_ID, NULL);
502 		if (IS_ERR(call))
503 			return PTR_ERR(call);
504 		rxrpc_put_call(call, rxrpc_call_put);
505 		return 0;
506 	}
507 
508 	call = rxrpc_find_call_by_user_ID(rx, user_call_ID);
509 	if (!call) {
510 		if (cmd != RXRPC_CMD_SEND_DATA)
511 			return -EBADSLT;
512 		call = rxrpc_new_client_call_for_sendmsg(rx, msg, user_call_ID,
513 							 exclusive);
514 		if (IS_ERR(call))
515 			return PTR_ERR(call);
516 	}
517 
518 	_debug("CALL %d USR %lx ST %d on CONN %p",
519 	       call->debug_id, call->user_call_ID, call->state, call->conn);
520 
521 	if (call->state >= RXRPC_CALL_COMPLETE) {
522 		/* it's too late for this call */
523 		ret = -ESHUTDOWN;
524 	} else if (cmd == RXRPC_CMD_SEND_ABORT) {
525 		ret = 0;
526 		if (rxrpc_abort_call("CMD", call, 0, abort_code, ECONNABORTED))
527 			ret = rxrpc_send_call_packet(call,
528 						     RXRPC_PACKET_TYPE_ABORT);
529 	} else if (cmd != RXRPC_CMD_SEND_DATA) {
530 		ret = -EINVAL;
531 	} else if (rxrpc_is_client_call(call) &&
532 		   call->state != RXRPC_CALL_CLIENT_SEND_REQUEST) {
533 		/* request phase complete for this client call */
534 		ret = -EPROTO;
535 	} else if (rxrpc_is_service_call(call) &&
536 		   call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
537 		   call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
538 		/* Reply phase not begun or not complete for service call. */
539 		ret = -EPROTO;
540 	} else {
541 		ret = rxrpc_send_data(rx, call, msg, len);
542 	}
543 
544 	rxrpc_put_call(call, rxrpc_call_put);
545 	_leave(" = %d", ret);
546 	return ret;
547 }
548 
549 /**
550  * rxrpc_kernel_send_data - Allow a kernel service to send data on a call
551  * @sock: The socket the call is on
552  * @call: The call to send data through
553  * @msg: The data to send
554  * @len: The amount of data to send
555  *
556  * Allow a kernel service to send data on a call.  The call must be in an state
557  * appropriate to sending data.  No control data should be supplied in @msg,
558  * nor should an address be supplied.  MSG_MORE should be flagged if there's
559  * more data to come, otherwise this data will end the transmission phase.
560  */
561 int rxrpc_kernel_send_data(struct socket *sock, struct rxrpc_call *call,
562 			   struct msghdr *msg, size_t len)
563 {
564 	int ret;
565 
566 	_enter("{%d,%s},", call->debug_id, rxrpc_call_states[call->state]);
567 
568 	ASSERTCMP(msg->msg_name, ==, NULL);
569 	ASSERTCMP(msg->msg_control, ==, NULL);
570 
571 	lock_sock(sock->sk);
572 
573 	_debug("CALL %d USR %lx ST %d on CONN %p",
574 	       call->debug_id, call->user_call_ID, call->state, call->conn);
575 
576 	if (call->state >= RXRPC_CALL_COMPLETE) {
577 		ret = -ESHUTDOWN; /* it's too late for this call */
578 	} else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
579 		   call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
580 		   call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
581 		ret = -EPROTO; /* request phase complete for this client call */
582 	} else {
583 		ret = rxrpc_send_data(rxrpc_sk(sock->sk), call, msg, len);
584 	}
585 
586 	release_sock(sock->sk);
587 	_leave(" = %d", ret);
588 	return ret;
589 }
590 EXPORT_SYMBOL(rxrpc_kernel_send_data);
591 
592 /**
593  * rxrpc_kernel_abort_call - Allow a kernel service to abort a call
594  * @sock: The socket the call is on
595  * @call: The call to be aborted
596  * @abort_code: The abort code to stick into the ABORT packet
597  * @error: Local error value
598  * @why: 3-char string indicating why.
599  *
600  * Allow a kernel service to abort a call, if it's still in an abortable state.
601  */
602 void rxrpc_kernel_abort_call(struct socket *sock, struct rxrpc_call *call,
603 			     u32 abort_code, int error, const char *why)
604 {
605 	_enter("{%d},%d,%d,%s", call->debug_id, abort_code, error, why);
606 
607 	lock_sock(sock->sk);
608 
609 	if (rxrpc_abort_call(why, call, 0, abort_code, error))
610 		rxrpc_send_call_packet(call, RXRPC_PACKET_TYPE_ABORT);
611 
612 	release_sock(sock->sk);
613 	_leave("");
614 }
615 
616 EXPORT_SYMBOL(rxrpc_kernel_abort_call);
617