1 /* AF_RXRPC sendmsg() implementation. 2 * 3 * Copyright (C) 2007, 2016 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 13 14 #include <linux/net.h> 15 #include <linux/gfp.h> 16 #include <linux/skbuff.h> 17 #include <linux/export.h> 18 #include <net/sock.h> 19 #include <net/af_rxrpc.h> 20 #include "ar-internal.h" 21 22 enum rxrpc_command { 23 RXRPC_CMD_SEND_DATA, /* send data message */ 24 RXRPC_CMD_SEND_ABORT, /* request abort generation */ 25 RXRPC_CMD_ACCEPT, /* [server] accept incoming call */ 26 RXRPC_CMD_REJECT_BUSY, /* [server] reject a call as busy */ 27 }; 28 29 /* 30 * wait for space to appear in the transmit/ACK window 31 * - caller holds the socket locked 32 */ 33 static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx, 34 struct rxrpc_call *call, 35 long *timeo) 36 { 37 DECLARE_WAITQUEUE(myself, current); 38 int ret; 39 40 _enter(",{%u,%u,%u}", 41 call->tx_hard_ack, call->tx_top, call->tx_winsize); 42 43 add_wait_queue(&call->waitq, &myself); 44 45 for (;;) { 46 set_current_state(TASK_INTERRUPTIBLE); 47 ret = 0; 48 if (call->tx_top - call->tx_hard_ack < 49 min_t(unsigned int, call->tx_winsize, 50 call->cong_cwnd + call->cong_extra)) 51 break; 52 if (call->state >= RXRPC_CALL_COMPLETE) { 53 ret = -call->error; 54 break; 55 } 56 if (signal_pending(current)) { 57 ret = sock_intr_errno(*timeo); 58 break; 59 } 60 61 trace_rxrpc_transmit(call, rxrpc_transmit_wait); 62 release_sock(&rx->sk); 63 *timeo = schedule_timeout(*timeo); 64 lock_sock(&rx->sk); 65 } 66 67 remove_wait_queue(&call->waitq, &myself); 68 set_current_state(TASK_RUNNING); 69 _leave(" = %d", ret); 70 return ret; 71 } 72 73 /* 74 * Schedule an instant Tx resend. 75 */ 76 static inline void rxrpc_instant_resend(struct rxrpc_call *call, int ix) 77 { 78 spin_lock_bh(&call->lock); 79 80 if (call->state < RXRPC_CALL_COMPLETE) { 81 call->rxtx_annotations[ix] = RXRPC_TX_ANNO_RETRANS; 82 if (!test_and_set_bit(RXRPC_CALL_EV_RESEND, &call->events)) 83 rxrpc_queue_call(call); 84 } 85 86 spin_unlock_bh(&call->lock); 87 } 88 89 /* 90 * Queue a DATA packet for transmission, set the resend timeout and send the 91 * packet immediately 92 */ 93 static void rxrpc_queue_packet(struct rxrpc_call *call, struct sk_buff *skb, 94 bool last) 95 { 96 struct rxrpc_skb_priv *sp = rxrpc_skb(skb); 97 rxrpc_seq_t seq = sp->hdr.seq; 98 int ret, ix; 99 u8 annotation = RXRPC_TX_ANNO_UNACK; 100 101 _net("queue skb %p [%d]", skb, seq); 102 103 ASSERTCMP(seq, ==, call->tx_top + 1); 104 105 if (last) 106 annotation |= RXRPC_TX_ANNO_LAST; 107 108 /* We have to set the timestamp before queueing as the retransmit 109 * algorithm can see the packet as soon as we queue it. 110 */ 111 skb->tstamp = ktime_get_real(); 112 113 ix = seq & RXRPC_RXTX_BUFF_MASK; 114 rxrpc_get_skb(skb, rxrpc_skb_tx_got); 115 call->rxtx_annotations[ix] = annotation; 116 smp_wmb(); 117 call->rxtx_buffer[ix] = skb; 118 call->tx_top = seq; 119 if (last) 120 trace_rxrpc_transmit(call, rxrpc_transmit_queue_last); 121 else 122 trace_rxrpc_transmit(call, rxrpc_transmit_queue); 123 124 if (last || call->state == RXRPC_CALL_SERVER_ACK_REQUEST) { 125 _debug("________awaiting reply/ACK__________"); 126 write_lock_bh(&call->state_lock); 127 switch (call->state) { 128 case RXRPC_CALL_CLIENT_SEND_REQUEST: 129 call->state = RXRPC_CALL_CLIENT_AWAIT_REPLY; 130 break; 131 case RXRPC_CALL_SERVER_ACK_REQUEST: 132 call->state = RXRPC_CALL_SERVER_SEND_REPLY; 133 if (!last) 134 break; 135 case RXRPC_CALL_SERVER_SEND_REPLY: 136 call->state = RXRPC_CALL_SERVER_AWAIT_ACK; 137 break; 138 default: 139 break; 140 } 141 write_unlock_bh(&call->state_lock); 142 } 143 144 if (seq == 1 && rxrpc_is_client_call(call)) 145 rxrpc_expose_client_call(call); 146 147 ret = rxrpc_send_data_packet(call, skb, false); 148 if (ret < 0) { 149 _debug("need instant resend %d", ret); 150 rxrpc_instant_resend(call, ix); 151 } else { 152 ktime_t now = ktime_get_real(), resend_at; 153 154 resend_at = ktime_add_ms(now, rxrpc_resend_timeout); 155 156 if (ktime_before(resend_at, call->resend_at)) { 157 call->resend_at = resend_at; 158 rxrpc_set_timer(call, rxrpc_timer_set_for_send, now); 159 } 160 } 161 162 rxrpc_free_skb(skb, rxrpc_skb_tx_freed); 163 _leave(""); 164 } 165 166 /* 167 * send data through a socket 168 * - must be called in process context 169 * - caller holds the socket locked 170 */ 171 static int rxrpc_send_data(struct rxrpc_sock *rx, 172 struct rxrpc_call *call, 173 struct msghdr *msg, size_t len) 174 { 175 struct rxrpc_skb_priv *sp; 176 struct sk_buff *skb; 177 struct sock *sk = &rx->sk; 178 long timeo; 179 bool more; 180 int ret, copied; 181 182 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT); 183 184 /* this should be in poll */ 185 sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk); 186 187 if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN)) 188 return -EPIPE; 189 190 more = msg->msg_flags & MSG_MORE; 191 192 skb = call->tx_pending; 193 call->tx_pending = NULL; 194 rxrpc_see_skb(skb, rxrpc_skb_tx_seen); 195 196 copied = 0; 197 do { 198 /* Check to see if there's a ping ACK to reply to. */ 199 if (call->ackr_reason == RXRPC_ACK_PING_RESPONSE) 200 rxrpc_send_call_packet(call, RXRPC_PACKET_TYPE_ACK); 201 202 if (!skb) { 203 size_t size, chunk, max, space; 204 205 _debug("alloc"); 206 207 if (call->tx_top - call->tx_hard_ack >= 208 min_t(unsigned int, call->tx_winsize, 209 call->cong_cwnd + call->cong_extra)) { 210 ret = -EAGAIN; 211 if (msg->msg_flags & MSG_DONTWAIT) 212 goto maybe_error; 213 ret = rxrpc_wait_for_tx_window(rx, call, 214 &timeo); 215 if (ret < 0) 216 goto maybe_error; 217 } 218 219 max = RXRPC_JUMBO_DATALEN; 220 max -= call->conn->security_size; 221 max &= ~(call->conn->size_align - 1UL); 222 223 chunk = max; 224 if (chunk > msg_data_left(msg) && !more) 225 chunk = msg_data_left(msg); 226 227 space = chunk + call->conn->size_align; 228 space &= ~(call->conn->size_align - 1UL); 229 230 size = space + call->conn->security_size; 231 232 _debug("SIZE: %zu/%zu/%zu", chunk, space, size); 233 234 /* create a buffer that we can retain until it's ACK'd */ 235 skb = sock_alloc_send_skb( 236 sk, size, msg->msg_flags & MSG_DONTWAIT, &ret); 237 if (!skb) 238 goto maybe_error; 239 240 rxrpc_new_skb(skb, rxrpc_skb_tx_new); 241 242 _debug("ALLOC SEND %p", skb); 243 244 ASSERTCMP(skb->mark, ==, 0); 245 246 _debug("HS: %u", call->conn->security_size); 247 skb_reserve(skb, call->conn->security_size); 248 skb->len += call->conn->security_size; 249 250 sp = rxrpc_skb(skb); 251 sp->remain = chunk; 252 if (sp->remain > skb_tailroom(skb)) 253 sp->remain = skb_tailroom(skb); 254 255 _net("skb: hr %d, tr %d, hl %d, rm %d", 256 skb_headroom(skb), 257 skb_tailroom(skb), 258 skb_headlen(skb), 259 sp->remain); 260 261 skb->ip_summed = CHECKSUM_UNNECESSARY; 262 } 263 264 _debug("append"); 265 sp = rxrpc_skb(skb); 266 267 /* append next segment of data to the current buffer */ 268 if (msg_data_left(msg) > 0) { 269 int copy = skb_tailroom(skb); 270 ASSERTCMP(copy, >, 0); 271 if (copy > msg_data_left(msg)) 272 copy = msg_data_left(msg); 273 if (copy > sp->remain) 274 copy = sp->remain; 275 276 _debug("add"); 277 ret = skb_add_data(skb, &msg->msg_iter, copy); 278 _debug("added"); 279 if (ret < 0) 280 goto efault; 281 sp->remain -= copy; 282 skb->mark += copy; 283 copied += copy; 284 } 285 286 /* check for the far side aborting the call or a network error 287 * occurring */ 288 if (call->state == RXRPC_CALL_COMPLETE) 289 goto call_terminated; 290 291 /* add the packet to the send queue if it's now full */ 292 if (sp->remain <= 0 || 293 (msg_data_left(msg) == 0 && !more)) { 294 struct rxrpc_connection *conn = call->conn; 295 uint32_t seq; 296 size_t pad; 297 298 /* pad out if we're using security */ 299 if (conn->security_ix) { 300 pad = conn->security_size + skb->mark; 301 pad = conn->size_align - pad; 302 pad &= conn->size_align - 1; 303 _debug("pad %zu", pad); 304 if (pad) 305 memset(skb_put(skb, pad), 0, pad); 306 } 307 308 seq = call->tx_top + 1; 309 310 sp->hdr.seq = seq; 311 sp->hdr._rsvd = 0; 312 sp->hdr.flags = conn->out_clientflag; 313 314 if (msg_data_left(msg) == 0 && !more) 315 sp->hdr.flags |= RXRPC_LAST_PACKET; 316 else if (call->tx_top - call->tx_hard_ack < 317 call->tx_winsize) 318 sp->hdr.flags |= RXRPC_MORE_PACKETS; 319 320 ret = conn->security->secure_packet( 321 call, skb, skb->mark, skb->head); 322 if (ret < 0) 323 goto out; 324 325 rxrpc_queue_packet(call, skb, !msg_data_left(msg) && !more); 326 skb = NULL; 327 } 328 } while (msg_data_left(msg) > 0); 329 330 success: 331 ret = copied; 332 out: 333 call->tx_pending = skb; 334 _leave(" = %d", ret); 335 return ret; 336 337 call_terminated: 338 rxrpc_free_skb(skb, rxrpc_skb_tx_freed); 339 _leave(" = %d", -call->error); 340 return -call->error; 341 342 maybe_error: 343 if (copied) 344 goto success; 345 goto out; 346 347 efault: 348 ret = -EFAULT; 349 goto out; 350 } 351 352 /* 353 * extract control messages from the sendmsg() control buffer 354 */ 355 static int rxrpc_sendmsg_cmsg(struct msghdr *msg, 356 unsigned long *user_call_ID, 357 enum rxrpc_command *command, 358 u32 *abort_code, 359 bool *_exclusive) 360 { 361 struct cmsghdr *cmsg; 362 bool got_user_ID = false; 363 int len; 364 365 *command = RXRPC_CMD_SEND_DATA; 366 367 if (msg->msg_controllen == 0) 368 return -EINVAL; 369 370 for_each_cmsghdr(cmsg, msg) { 371 if (!CMSG_OK(msg, cmsg)) 372 return -EINVAL; 373 374 len = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr)); 375 _debug("CMSG %d, %d, %d", 376 cmsg->cmsg_level, cmsg->cmsg_type, len); 377 378 if (cmsg->cmsg_level != SOL_RXRPC) 379 continue; 380 381 switch (cmsg->cmsg_type) { 382 case RXRPC_USER_CALL_ID: 383 if (msg->msg_flags & MSG_CMSG_COMPAT) { 384 if (len != sizeof(u32)) 385 return -EINVAL; 386 *user_call_ID = *(u32 *) CMSG_DATA(cmsg); 387 } else { 388 if (len != sizeof(unsigned long)) 389 return -EINVAL; 390 *user_call_ID = *(unsigned long *) 391 CMSG_DATA(cmsg); 392 } 393 _debug("User Call ID %lx", *user_call_ID); 394 got_user_ID = true; 395 break; 396 397 case RXRPC_ABORT: 398 if (*command != RXRPC_CMD_SEND_DATA) 399 return -EINVAL; 400 *command = RXRPC_CMD_SEND_ABORT; 401 if (len != sizeof(*abort_code)) 402 return -EINVAL; 403 *abort_code = *(unsigned int *) CMSG_DATA(cmsg); 404 _debug("Abort %x", *abort_code); 405 if (*abort_code == 0) 406 return -EINVAL; 407 break; 408 409 case RXRPC_ACCEPT: 410 if (*command != RXRPC_CMD_SEND_DATA) 411 return -EINVAL; 412 *command = RXRPC_CMD_ACCEPT; 413 if (len != 0) 414 return -EINVAL; 415 break; 416 417 case RXRPC_EXCLUSIVE_CALL: 418 *_exclusive = true; 419 if (len != 0) 420 return -EINVAL; 421 break; 422 default: 423 return -EINVAL; 424 } 425 } 426 427 if (!got_user_ID) 428 return -EINVAL; 429 _leave(" = 0"); 430 return 0; 431 } 432 433 /* 434 * Create a new client call for sendmsg(). 435 */ 436 static struct rxrpc_call * 437 rxrpc_new_client_call_for_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg, 438 unsigned long user_call_ID, bool exclusive) 439 { 440 struct rxrpc_conn_parameters cp; 441 struct rxrpc_call *call; 442 struct key *key; 443 444 DECLARE_SOCKADDR(struct sockaddr_rxrpc *, srx, msg->msg_name); 445 446 _enter(""); 447 448 if (!msg->msg_name) 449 return ERR_PTR(-EDESTADDRREQ); 450 451 key = rx->key; 452 if (key && !rx->key->payload.data[0]) 453 key = NULL; 454 455 memset(&cp, 0, sizeof(cp)); 456 cp.local = rx->local; 457 cp.key = rx->key; 458 cp.security_level = rx->min_sec_level; 459 cp.exclusive = rx->exclusive | exclusive; 460 cp.service_id = srx->srx_service; 461 call = rxrpc_new_client_call(rx, &cp, srx, user_call_ID, GFP_KERNEL); 462 463 _leave(" = %p\n", call); 464 return call; 465 } 466 467 /* 468 * send a message forming part of a client call through an RxRPC socket 469 * - caller holds the socket locked 470 * - the socket may be either a client socket or a server socket 471 */ 472 int rxrpc_do_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg, size_t len) 473 { 474 enum rxrpc_command cmd; 475 struct rxrpc_call *call; 476 unsigned long user_call_ID = 0; 477 bool exclusive = false; 478 u32 abort_code = 0; 479 int ret; 480 481 _enter(""); 482 483 ret = rxrpc_sendmsg_cmsg(msg, &user_call_ID, &cmd, &abort_code, 484 &exclusive); 485 if (ret < 0) 486 return ret; 487 488 if (cmd == RXRPC_CMD_ACCEPT) { 489 if (rx->sk.sk_state != RXRPC_SERVER_LISTENING) 490 return -EINVAL; 491 call = rxrpc_accept_call(rx, user_call_ID, NULL); 492 if (IS_ERR(call)) 493 return PTR_ERR(call); 494 rxrpc_put_call(call, rxrpc_call_put); 495 return 0; 496 } 497 498 call = rxrpc_find_call_by_user_ID(rx, user_call_ID); 499 if (!call) { 500 if (cmd != RXRPC_CMD_SEND_DATA) 501 return -EBADSLT; 502 call = rxrpc_new_client_call_for_sendmsg(rx, msg, user_call_ID, 503 exclusive); 504 if (IS_ERR(call)) 505 return PTR_ERR(call); 506 } 507 508 _debug("CALL %d USR %lx ST %d on CONN %p", 509 call->debug_id, call->user_call_ID, call->state, call->conn); 510 511 if (call->state >= RXRPC_CALL_COMPLETE) { 512 /* it's too late for this call */ 513 ret = -ESHUTDOWN; 514 } else if (cmd == RXRPC_CMD_SEND_ABORT) { 515 ret = 0; 516 if (rxrpc_abort_call("CMD", call, 0, abort_code, ECONNABORTED)) 517 ret = rxrpc_send_call_packet(call, 518 RXRPC_PACKET_TYPE_ABORT); 519 } else if (cmd != RXRPC_CMD_SEND_DATA) { 520 ret = -EINVAL; 521 } else if (rxrpc_is_client_call(call) && 522 call->state != RXRPC_CALL_CLIENT_SEND_REQUEST) { 523 /* request phase complete for this client call */ 524 ret = -EPROTO; 525 } else if (rxrpc_is_service_call(call) && 526 call->state != RXRPC_CALL_SERVER_ACK_REQUEST && 527 call->state != RXRPC_CALL_SERVER_SEND_REPLY) { 528 /* Reply phase not begun or not complete for service call. */ 529 ret = -EPROTO; 530 } else { 531 ret = rxrpc_send_data(rx, call, msg, len); 532 } 533 534 rxrpc_put_call(call, rxrpc_call_put); 535 _leave(" = %d", ret); 536 return ret; 537 } 538 539 /** 540 * rxrpc_kernel_send_data - Allow a kernel service to send data on a call 541 * @sock: The socket the call is on 542 * @call: The call to send data through 543 * @msg: The data to send 544 * @len: The amount of data to send 545 * 546 * Allow a kernel service to send data on a call. The call must be in an state 547 * appropriate to sending data. No control data should be supplied in @msg, 548 * nor should an address be supplied. MSG_MORE should be flagged if there's 549 * more data to come, otherwise this data will end the transmission phase. 550 */ 551 int rxrpc_kernel_send_data(struct socket *sock, struct rxrpc_call *call, 552 struct msghdr *msg, size_t len) 553 { 554 int ret; 555 556 _enter("{%d,%s},", call->debug_id, rxrpc_call_states[call->state]); 557 558 ASSERTCMP(msg->msg_name, ==, NULL); 559 ASSERTCMP(msg->msg_control, ==, NULL); 560 561 lock_sock(sock->sk); 562 563 _debug("CALL %d USR %lx ST %d on CONN %p", 564 call->debug_id, call->user_call_ID, call->state, call->conn); 565 566 if (call->state >= RXRPC_CALL_COMPLETE) { 567 ret = -ESHUTDOWN; /* it's too late for this call */ 568 } else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST && 569 call->state != RXRPC_CALL_SERVER_ACK_REQUEST && 570 call->state != RXRPC_CALL_SERVER_SEND_REPLY) { 571 ret = -EPROTO; /* request phase complete for this client call */ 572 } else { 573 ret = rxrpc_send_data(rxrpc_sk(sock->sk), call, msg, len); 574 } 575 576 release_sock(sock->sk); 577 _leave(" = %d", ret); 578 return ret; 579 } 580 EXPORT_SYMBOL(rxrpc_kernel_send_data); 581 582 /** 583 * rxrpc_kernel_abort_call - Allow a kernel service to abort a call 584 * @sock: The socket the call is on 585 * @call: The call to be aborted 586 * @abort_code: The abort code to stick into the ABORT packet 587 * @error: Local error value 588 * @why: 3-char string indicating why. 589 * 590 * Allow a kernel service to abort a call, if it's still in an abortable state. 591 */ 592 void rxrpc_kernel_abort_call(struct socket *sock, struct rxrpc_call *call, 593 u32 abort_code, int error, const char *why) 594 { 595 _enter("{%d},%d,%d,%s", call->debug_id, abort_code, error, why); 596 597 lock_sock(sock->sk); 598 599 if (rxrpc_abort_call(why, call, 0, abort_code, error)) 600 rxrpc_send_call_packet(call, RXRPC_PACKET_TYPE_ABORT); 601 602 release_sock(sock->sk); 603 _leave(""); 604 } 605 606 EXPORT_SYMBOL(rxrpc_kernel_abort_call); 607