xref: /linux/net/sunrpc/svcsock.c (revision bd4af432cc71b5fbfe4833510359a6ad3ada250d)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * linux/net/sunrpc/svcsock.c
4  *
5  * These are the RPC server socket internals.
6  *
7  * The server scheduling algorithm does not always distribute the load
8  * evenly when servicing a single client. May need to modify the
9  * svc_xprt_enqueue procedure...
10  *
11  * TCP support is largely untested and may be a little slow. The problem
12  * is that we currently do two separate recvfrom's, one for the 4-byte
13  * record length, and the second for the actual record. This could possibly
14  * be improved by always reading a minimum size of around 100 bytes and
15  * tucking any superfluous bytes away in a temporary store. Still, that
16  * leaves write requests out in the rain. An alternative may be to peek at
17  * the first skb in the queue, and if it matches the next TCP sequence
18  * number, to extract the record marker. Yuck.
19  *
20  * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
21  */
22 
23 #include <linux/kernel.h>
24 #include <linux/sched.h>
25 #include <linux/module.h>
26 #include <linux/errno.h>
27 #include <linux/fcntl.h>
28 #include <linux/net.h>
29 #include <linux/in.h>
30 #include <linux/inet.h>
31 #include <linux/udp.h>
32 #include <linux/tcp.h>
33 #include <linux/unistd.h>
34 #include <linux/slab.h>
35 #include <linux/netdevice.h>
36 #include <linux/skbuff.h>
37 #include <linux/file.h>
38 #include <linux/freezer.h>
39 #include <net/sock.h>
40 #include <net/checksum.h>
41 #include <net/ip.h>
42 #include <net/ipv6.h>
43 #include <net/udp.h>
44 #include <net/tcp.h>
45 #include <net/tcp_states.h>
46 #include <linux/uaccess.h>
47 #include <asm/ioctls.h>
48 #include <trace/events/skb.h>
49 
50 #include <linux/sunrpc/types.h>
51 #include <linux/sunrpc/clnt.h>
52 #include <linux/sunrpc/xdr.h>
53 #include <linux/sunrpc/msg_prot.h>
54 #include <linux/sunrpc/svcsock.h>
55 #include <linux/sunrpc/stats.h>
56 #include <linux/sunrpc/xprt.h>
57 
58 #include "socklib.h"
59 #include "sunrpc.h"
60 
61 #define RPCDBG_FACILITY	RPCDBG_SVCXPRT
62 
63 
64 static struct svc_sock *svc_setup_socket(struct svc_serv *, struct socket *,
65 					 int flags);
66 static int		svc_udp_recvfrom(struct svc_rqst *);
67 static int		svc_udp_sendto(struct svc_rqst *);
68 static void		svc_sock_detach(struct svc_xprt *);
69 static void		svc_tcp_sock_detach(struct svc_xprt *);
70 static void		svc_sock_free(struct svc_xprt *);
71 
72 static struct svc_xprt *svc_create_socket(struct svc_serv *, int,
73 					  struct net *, struct sockaddr *,
74 					  int, int);
75 #ifdef CONFIG_DEBUG_LOCK_ALLOC
76 static struct lock_class_key svc_key[2];
77 static struct lock_class_key svc_slock_key[2];
78 
79 static void svc_reclassify_socket(struct socket *sock)
80 {
81 	struct sock *sk = sock->sk;
82 
83 	if (WARN_ON_ONCE(!sock_allow_reclassification(sk)))
84 		return;
85 
86 	switch (sk->sk_family) {
87 	case AF_INET:
88 		sock_lock_init_class_and_name(sk, "slock-AF_INET-NFSD",
89 					      &svc_slock_key[0],
90 					      "sk_xprt.xpt_lock-AF_INET-NFSD",
91 					      &svc_key[0]);
92 		break;
93 
94 	case AF_INET6:
95 		sock_lock_init_class_and_name(sk, "slock-AF_INET6-NFSD",
96 					      &svc_slock_key[1],
97 					      "sk_xprt.xpt_lock-AF_INET6-NFSD",
98 					      &svc_key[1]);
99 		break;
100 
101 	default:
102 		BUG();
103 	}
104 }
105 #else
106 static void svc_reclassify_socket(struct socket *sock)
107 {
108 }
109 #endif
110 
111 /*
112  * Release an skbuff after use
113  */
114 static void svc_release_skb(struct svc_rqst *rqstp)
115 {
116 	struct sk_buff *skb = rqstp->rq_xprt_ctxt;
117 
118 	if (skb) {
119 		struct svc_sock *svsk =
120 			container_of(rqstp->rq_xprt, struct svc_sock, sk_xprt);
121 		rqstp->rq_xprt_ctxt = NULL;
122 
123 		dprintk("svc: service %p, releasing skb %p\n", rqstp, skb);
124 		skb_free_datagram_locked(svsk->sk_sk, skb);
125 	}
126 }
127 
128 static void svc_release_udp_skb(struct svc_rqst *rqstp)
129 {
130 	struct sk_buff *skb = rqstp->rq_xprt_ctxt;
131 
132 	if (skb) {
133 		rqstp->rq_xprt_ctxt = NULL;
134 
135 		dprintk("svc: service %p, releasing skb %p\n", rqstp, skb);
136 		consume_skb(skb);
137 	}
138 }
139 
140 union svc_pktinfo_u {
141 	struct in_pktinfo pkti;
142 	struct in6_pktinfo pkti6;
143 };
144 #define SVC_PKTINFO_SPACE \
145 	CMSG_SPACE(sizeof(union svc_pktinfo_u))
146 
147 static void svc_set_cmsg_data(struct svc_rqst *rqstp, struct cmsghdr *cmh)
148 {
149 	struct svc_sock *svsk =
150 		container_of(rqstp->rq_xprt, struct svc_sock, sk_xprt);
151 	switch (svsk->sk_sk->sk_family) {
152 	case AF_INET: {
153 			struct in_pktinfo *pki = CMSG_DATA(cmh);
154 
155 			cmh->cmsg_level = SOL_IP;
156 			cmh->cmsg_type = IP_PKTINFO;
157 			pki->ipi_ifindex = 0;
158 			pki->ipi_spec_dst.s_addr =
159 				 svc_daddr_in(rqstp)->sin_addr.s_addr;
160 			cmh->cmsg_len = CMSG_LEN(sizeof(*pki));
161 		}
162 		break;
163 
164 	case AF_INET6: {
165 			struct in6_pktinfo *pki = CMSG_DATA(cmh);
166 			struct sockaddr_in6 *daddr = svc_daddr_in6(rqstp);
167 
168 			cmh->cmsg_level = SOL_IPV6;
169 			cmh->cmsg_type = IPV6_PKTINFO;
170 			pki->ipi6_ifindex = daddr->sin6_scope_id;
171 			pki->ipi6_addr = daddr->sin6_addr;
172 			cmh->cmsg_len = CMSG_LEN(sizeof(*pki));
173 		}
174 		break;
175 	}
176 }
177 
178 static int svc_sock_read_payload(struct svc_rqst *rqstp, unsigned int offset,
179 				 unsigned int length)
180 {
181 	return 0;
182 }
183 
184 /*
185  * Report socket names for nfsdfs
186  */
187 static int svc_one_sock_name(struct svc_sock *svsk, char *buf, int remaining)
188 {
189 	const struct sock *sk = svsk->sk_sk;
190 	const char *proto_name = sk->sk_protocol == IPPROTO_UDP ?
191 							"udp" : "tcp";
192 	int len;
193 
194 	switch (sk->sk_family) {
195 	case PF_INET:
196 		len = snprintf(buf, remaining, "ipv4 %s %pI4 %d\n",
197 				proto_name,
198 				&inet_sk(sk)->inet_rcv_saddr,
199 				inet_sk(sk)->inet_num);
200 		break;
201 #if IS_ENABLED(CONFIG_IPV6)
202 	case PF_INET6:
203 		len = snprintf(buf, remaining, "ipv6 %s %pI6 %d\n",
204 				proto_name,
205 				&sk->sk_v6_rcv_saddr,
206 				inet_sk(sk)->inet_num);
207 		break;
208 #endif
209 	default:
210 		len = snprintf(buf, remaining, "*unknown-%d*\n",
211 				sk->sk_family);
212 	}
213 
214 	if (len >= remaining) {
215 		*buf = '\0';
216 		return -ENAMETOOLONG;
217 	}
218 	return len;
219 }
220 
221 /*
222  * Generic recvfrom routine.
223  */
224 static ssize_t svc_recvfrom(struct svc_rqst *rqstp, struct kvec *iov,
225 			    unsigned int nr, size_t buflen, unsigned int base)
226 {
227 	struct svc_sock *svsk =
228 		container_of(rqstp->rq_xprt, struct svc_sock, sk_xprt);
229 	struct msghdr msg = { NULL };
230 	ssize_t len;
231 
232 	rqstp->rq_xprt_hlen = 0;
233 
234 	clear_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags);
235 	iov_iter_kvec(&msg.msg_iter, READ, iov, nr, buflen);
236 	if (base != 0) {
237 		iov_iter_advance(&msg.msg_iter, base);
238 		buflen -= base;
239 	}
240 	len = sock_recvmsg(svsk->sk_sock, &msg, MSG_DONTWAIT);
241 	/* If we read a full record, then assume there may be more
242 	 * data to read (stream based sockets only!)
243 	 */
244 	if (len == buflen)
245 		set_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags);
246 
247 	dprintk("svc: socket %p recvfrom(%p, %zu) = %zd\n",
248 		svsk, iov[0].iov_base, iov[0].iov_len, len);
249 	return len;
250 }
251 
252 /*
253  * Set socket snd and rcv buffer lengths
254  */
255 static void svc_sock_setbufsize(struct svc_sock *svsk, unsigned int nreqs)
256 {
257 	unsigned int max_mesg = svsk->sk_xprt.xpt_server->sv_max_mesg;
258 	struct socket *sock = svsk->sk_sock;
259 
260 	nreqs = min(nreqs, INT_MAX / 2 / max_mesg);
261 
262 	lock_sock(sock->sk);
263 	sock->sk->sk_sndbuf = nreqs * max_mesg * 2;
264 	sock->sk->sk_rcvbuf = nreqs * max_mesg * 2;
265 	sock->sk->sk_write_space(sock->sk);
266 	release_sock(sock->sk);
267 }
268 
269 static void svc_sock_secure_port(struct svc_rqst *rqstp)
270 {
271 	if (svc_port_is_privileged(svc_addr(rqstp)))
272 		set_bit(RQ_SECURE, &rqstp->rq_flags);
273 	else
274 		clear_bit(RQ_SECURE, &rqstp->rq_flags);
275 }
276 
277 /*
278  * INET callback when data has been received on the socket.
279  */
280 static void svc_data_ready(struct sock *sk)
281 {
282 	struct svc_sock	*svsk = (struct svc_sock *)sk->sk_user_data;
283 
284 	if (svsk) {
285 		dprintk("svc: socket %p(inet %p), busy=%d\n",
286 			svsk, sk,
287 			test_bit(XPT_BUSY, &svsk->sk_xprt.xpt_flags));
288 
289 		/* Refer to svc_setup_socket() for details. */
290 		rmb();
291 		svsk->sk_odata(sk);
292 		if (!test_and_set_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags))
293 			svc_xprt_enqueue(&svsk->sk_xprt);
294 	}
295 }
296 
297 /*
298  * INET callback when space is newly available on the socket.
299  */
300 static void svc_write_space(struct sock *sk)
301 {
302 	struct svc_sock	*svsk = (struct svc_sock *)(sk->sk_user_data);
303 
304 	if (svsk) {
305 		dprintk("svc: socket %p(inet %p), write_space busy=%d\n",
306 			svsk, sk, test_bit(XPT_BUSY, &svsk->sk_xprt.xpt_flags));
307 
308 		/* Refer to svc_setup_socket() for details. */
309 		rmb();
310 		svsk->sk_owspace(sk);
311 		svc_xprt_enqueue(&svsk->sk_xprt);
312 	}
313 }
314 
315 static int svc_tcp_has_wspace(struct svc_xprt *xprt)
316 {
317 	struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt);
318 
319 	if (test_bit(XPT_LISTENER, &xprt->xpt_flags))
320 		return 1;
321 	return !test_bit(SOCK_NOSPACE, &svsk->sk_sock->flags);
322 }
323 
324 static void svc_tcp_kill_temp_xprt(struct svc_xprt *xprt)
325 {
326 	struct svc_sock *svsk;
327 	struct socket *sock;
328 	struct linger no_linger = {
329 		.l_onoff = 1,
330 		.l_linger = 0,
331 	};
332 
333 	svsk = container_of(xprt, struct svc_sock, sk_xprt);
334 	sock = svsk->sk_sock;
335 	kernel_setsockopt(sock, SOL_SOCKET, SO_LINGER,
336 			  (char *)&no_linger, sizeof(no_linger));
337 }
338 
339 /*
340  * See net/ipv6/ip_sockglue.c : ip_cmsg_recv_pktinfo
341  */
342 static int svc_udp_get_dest_address4(struct svc_rqst *rqstp,
343 				     struct cmsghdr *cmh)
344 {
345 	struct in_pktinfo *pki = CMSG_DATA(cmh);
346 	struct sockaddr_in *daddr = svc_daddr_in(rqstp);
347 
348 	if (cmh->cmsg_type != IP_PKTINFO)
349 		return 0;
350 
351 	daddr->sin_family = AF_INET;
352 	daddr->sin_addr.s_addr = pki->ipi_spec_dst.s_addr;
353 	return 1;
354 }
355 
356 /*
357  * See net/ipv6/datagram.c : ip6_datagram_recv_ctl
358  */
359 static int svc_udp_get_dest_address6(struct svc_rqst *rqstp,
360 				     struct cmsghdr *cmh)
361 {
362 	struct in6_pktinfo *pki = CMSG_DATA(cmh);
363 	struct sockaddr_in6 *daddr = svc_daddr_in6(rqstp);
364 
365 	if (cmh->cmsg_type != IPV6_PKTINFO)
366 		return 0;
367 
368 	daddr->sin6_family = AF_INET6;
369 	daddr->sin6_addr = pki->ipi6_addr;
370 	daddr->sin6_scope_id = pki->ipi6_ifindex;
371 	return 1;
372 }
373 
374 /*
375  * Copy the UDP datagram's destination address to the rqstp structure.
376  * The 'destination' address in this case is the address to which the
377  * peer sent the datagram, i.e. our local address. For multihomed
378  * hosts, this can change from msg to msg. Note that only the IP
379  * address changes, the port number should remain the same.
380  */
381 static int svc_udp_get_dest_address(struct svc_rqst *rqstp,
382 				    struct cmsghdr *cmh)
383 {
384 	switch (cmh->cmsg_level) {
385 	case SOL_IP:
386 		return svc_udp_get_dest_address4(rqstp, cmh);
387 	case SOL_IPV6:
388 		return svc_udp_get_dest_address6(rqstp, cmh);
389 	}
390 
391 	return 0;
392 }
393 
394 /*
395  * Receive a datagram from a UDP socket.
396  */
397 static int svc_udp_recvfrom(struct svc_rqst *rqstp)
398 {
399 	struct svc_sock	*svsk =
400 		container_of(rqstp->rq_xprt, struct svc_sock, sk_xprt);
401 	struct svc_serv	*serv = svsk->sk_xprt.xpt_server;
402 	struct sk_buff	*skb;
403 	union {
404 		struct cmsghdr	hdr;
405 		long		all[SVC_PKTINFO_SPACE / sizeof(long)];
406 	} buffer;
407 	struct cmsghdr *cmh = &buffer.hdr;
408 	struct msghdr msg = {
409 		.msg_name = svc_addr(rqstp),
410 		.msg_control = cmh,
411 		.msg_controllen = sizeof(buffer),
412 		.msg_flags = MSG_DONTWAIT,
413 	};
414 	size_t len;
415 	int err;
416 
417 	if (test_and_clear_bit(XPT_CHNGBUF, &svsk->sk_xprt.xpt_flags))
418 	    /* udp sockets need large rcvbuf as all pending
419 	     * requests are still in that buffer.  sndbuf must
420 	     * also be large enough that there is enough space
421 	     * for one reply per thread.  We count all threads
422 	     * rather than threads in a particular pool, which
423 	     * provides an upper bound on the number of threads
424 	     * which will access the socket.
425 	     */
426 	    svc_sock_setbufsize(svsk, serv->sv_nrthreads + 3);
427 
428 	clear_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags);
429 	skb = NULL;
430 	err = kernel_recvmsg(svsk->sk_sock, &msg, NULL,
431 			     0, 0, MSG_PEEK | MSG_DONTWAIT);
432 	if (err >= 0)
433 		skb = skb_recv_udp(svsk->sk_sk, 0, 1, &err);
434 
435 	if (skb == NULL) {
436 		if (err != -EAGAIN) {
437 			/* possibly an icmp error */
438 			dprintk("svc: recvfrom returned error %d\n", -err);
439 			set_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags);
440 		}
441 		return 0;
442 	}
443 	len = svc_addr_len(svc_addr(rqstp));
444 	rqstp->rq_addrlen = len;
445 	if (skb->tstamp == 0) {
446 		skb->tstamp = ktime_get_real();
447 		/* Don't enable netstamp, sunrpc doesn't
448 		   need that much accuracy */
449 	}
450 	sock_write_timestamp(svsk->sk_sk, skb->tstamp);
451 	set_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags); /* there may be more data... */
452 
453 	len  = skb->len;
454 	rqstp->rq_arg.len = len;
455 
456 	rqstp->rq_prot = IPPROTO_UDP;
457 
458 	if (!svc_udp_get_dest_address(rqstp, cmh)) {
459 		net_warn_ratelimited("svc: received unknown control message %d/%d; dropping RPC reply datagram\n",
460 				     cmh->cmsg_level, cmh->cmsg_type);
461 		goto out_free;
462 	}
463 	rqstp->rq_daddrlen = svc_addr_len(svc_daddr(rqstp));
464 
465 	if (skb_is_nonlinear(skb)) {
466 		/* we have to copy */
467 		local_bh_disable();
468 		if (csum_partial_copy_to_xdr(&rqstp->rq_arg, skb)) {
469 			local_bh_enable();
470 			/* checksum error */
471 			goto out_free;
472 		}
473 		local_bh_enable();
474 		consume_skb(skb);
475 	} else {
476 		/* we can use it in-place */
477 		rqstp->rq_arg.head[0].iov_base = skb->data;
478 		rqstp->rq_arg.head[0].iov_len = len;
479 		if (skb_checksum_complete(skb))
480 			goto out_free;
481 		rqstp->rq_xprt_ctxt = skb;
482 	}
483 
484 	rqstp->rq_arg.page_base = 0;
485 	if (len <= rqstp->rq_arg.head[0].iov_len) {
486 		rqstp->rq_arg.head[0].iov_len = len;
487 		rqstp->rq_arg.page_len = 0;
488 		rqstp->rq_respages = rqstp->rq_pages+1;
489 	} else {
490 		rqstp->rq_arg.page_len = len - rqstp->rq_arg.head[0].iov_len;
491 		rqstp->rq_respages = rqstp->rq_pages + 1 +
492 			DIV_ROUND_UP(rqstp->rq_arg.page_len, PAGE_SIZE);
493 	}
494 	rqstp->rq_next_page = rqstp->rq_respages+1;
495 
496 	if (serv->sv_stats)
497 		serv->sv_stats->netudpcnt++;
498 
499 	return len;
500 out_free:
501 	kfree_skb(skb);
502 	return 0;
503 }
504 
505 /**
506  * svc_udp_sendto - Send out a reply on a UDP socket
507  * @rqstp: completed svc_rqst
508  *
509  * Returns the number of bytes sent, or a negative errno.
510  */
511 static int svc_udp_sendto(struct svc_rqst *rqstp)
512 {
513 	struct svc_xprt *xprt = rqstp->rq_xprt;
514 	struct svc_sock	*svsk = container_of(xprt, struct svc_sock, sk_xprt);
515 	struct xdr_buf *xdr = &rqstp->rq_res;
516 	union {
517 		struct cmsghdr	hdr;
518 		long		all[SVC_PKTINFO_SPACE / sizeof(long)];
519 	} buffer;
520 	struct cmsghdr *cmh = &buffer.hdr;
521 	struct msghdr msg = {
522 		.msg_name	= &rqstp->rq_addr,
523 		.msg_namelen	= rqstp->rq_addrlen,
524 		.msg_control	= cmh,
525 		.msg_controllen	= sizeof(buffer),
526 	};
527 	unsigned int uninitialized_var(sent);
528 	int err;
529 
530 	svc_release_udp_skb(rqstp);
531 
532 	svc_set_cmsg_data(rqstp, cmh);
533 
534 	err = xprt_sock_sendmsg(svsk->sk_sock, &msg, xdr, 0, 0, &sent);
535 	xdr_free_bvec(xdr);
536 	if (err == -ECONNREFUSED) {
537 		/* ICMP error on earlier request. */
538 		err = xprt_sock_sendmsg(svsk->sk_sock, &msg, xdr, 0, 0, &sent);
539 		xdr_free_bvec(xdr);
540 	}
541 	if (err < 0)
542 		return err;
543 	return sent;
544 }
545 
546 static int svc_udp_has_wspace(struct svc_xprt *xprt)
547 {
548 	struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt);
549 	struct svc_serv	*serv = xprt->xpt_server;
550 	unsigned long required;
551 
552 	/*
553 	 * Set the SOCK_NOSPACE flag before checking the available
554 	 * sock space.
555 	 */
556 	set_bit(SOCK_NOSPACE, &svsk->sk_sock->flags);
557 	required = atomic_read(&svsk->sk_xprt.xpt_reserved) + serv->sv_max_mesg;
558 	if (required*2 > sock_wspace(svsk->sk_sk))
559 		return 0;
560 	clear_bit(SOCK_NOSPACE, &svsk->sk_sock->flags);
561 	return 1;
562 }
563 
564 static struct svc_xprt *svc_udp_accept(struct svc_xprt *xprt)
565 {
566 	BUG();
567 	return NULL;
568 }
569 
570 static void svc_udp_kill_temp_xprt(struct svc_xprt *xprt)
571 {
572 }
573 
574 static struct svc_xprt *svc_udp_create(struct svc_serv *serv,
575 				       struct net *net,
576 				       struct sockaddr *sa, int salen,
577 				       int flags)
578 {
579 	return svc_create_socket(serv, IPPROTO_UDP, net, sa, salen, flags);
580 }
581 
582 static const struct svc_xprt_ops svc_udp_ops = {
583 	.xpo_create = svc_udp_create,
584 	.xpo_recvfrom = svc_udp_recvfrom,
585 	.xpo_sendto = svc_udp_sendto,
586 	.xpo_read_payload = svc_sock_read_payload,
587 	.xpo_release_rqst = svc_release_udp_skb,
588 	.xpo_detach = svc_sock_detach,
589 	.xpo_free = svc_sock_free,
590 	.xpo_has_wspace = svc_udp_has_wspace,
591 	.xpo_accept = svc_udp_accept,
592 	.xpo_secure_port = svc_sock_secure_port,
593 	.xpo_kill_temp_xprt = svc_udp_kill_temp_xprt,
594 };
595 
596 static struct svc_xprt_class svc_udp_class = {
597 	.xcl_name = "udp",
598 	.xcl_owner = THIS_MODULE,
599 	.xcl_ops = &svc_udp_ops,
600 	.xcl_max_payload = RPCSVC_MAXPAYLOAD_UDP,
601 	.xcl_ident = XPRT_TRANSPORT_UDP,
602 };
603 
604 static void svc_udp_init(struct svc_sock *svsk, struct svc_serv *serv)
605 {
606 	int err, level, optname, one = 1;
607 
608 	svc_xprt_init(sock_net(svsk->sk_sock->sk), &svc_udp_class,
609 		      &svsk->sk_xprt, serv);
610 	clear_bit(XPT_CACHE_AUTH, &svsk->sk_xprt.xpt_flags);
611 	svsk->sk_sk->sk_data_ready = svc_data_ready;
612 	svsk->sk_sk->sk_write_space = svc_write_space;
613 
614 	/* initialise setting must have enough space to
615 	 * receive and respond to one request.
616 	 * svc_udp_recvfrom will re-adjust if necessary
617 	 */
618 	svc_sock_setbufsize(svsk, 3);
619 
620 	/* data might have come in before data_ready set up */
621 	set_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags);
622 	set_bit(XPT_CHNGBUF, &svsk->sk_xprt.xpt_flags);
623 
624 	/* make sure we get destination address info */
625 	switch (svsk->sk_sk->sk_family) {
626 	case AF_INET:
627 		level = SOL_IP;
628 		optname = IP_PKTINFO;
629 		break;
630 	case AF_INET6:
631 		level = SOL_IPV6;
632 		optname = IPV6_RECVPKTINFO;
633 		break;
634 	default:
635 		BUG();
636 	}
637 	err = kernel_setsockopt(svsk->sk_sock, level, optname,
638 					(char *)&one, sizeof(one));
639 	dprintk("svc: kernel_setsockopt returned %d\n", err);
640 }
641 
642 /*
643  * A data_ready event on a listening socket means there's a connection
644  * pending. Do not use state_change as a substitute for it.
645  */
646 static void svc_tcp_listen_data_ready(struct sock *sk)
647 {
648 	struct svc_sock	*svsk = (struct svc_sock *)sk->sk_user_data;
649 
650 	dprintk("svc: socket %p TCP (listen) state change %d\n",
651 		sk, sk->sk_state);
652 
653 	if (svsk) {
654 		/* Refer to svc_setup_socket() for details. */
655 		rmb();
656 		svsk->sk_odata(sk);
657 	}
658 
659 	/*
660 	 * This callback may called twice when a new connection
661 	 * is established as a child socket inherits everything
662 	 * from a parent LISTEN socket.
663 	 * 1) data_ready method of the parent socket will be called
664 	 *    when one of child sockets become ESTABLISHED.
665 	 * 2) data_ready method of the child socket may be called
666 	 *    when it receives data before the socket is accepted.
667 	 * In case of 2, we should ignore it silently.
668 	 */
669 	if (sk->sk_state == TCP_LISTEN) {
670 		if (svsk) {
671 			set_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags);
672 			svc_xprt_enqueue(&svsk->sk_xprt);
673 		} else
674 			printk("svc: socket %p: no user data\n", sk);
675 	}
676 }
677 
678 /*
679  * A state change on a connected socket means it's dying or dead.
680  */
681 static void svc_tcp_state_change(struct sock *sk)
682 {
683 	struct svc_sock	*svsk = (struct svc_sock *)sk->sk_user_data;
684 
685 	dprintk("svc: socket %p TCP (connected) state change %d (svsk %p)\n",
686 		sk, sk->sk_state, sk->sk_user_data);
687 
688 	if (!svsk)
689 		printk("svc: socket %p: no user data\n", sk);
690 	else {
691 		/* Refer to svc_setup_socket() for details. */
692 		rmb();
693 		svsk->sk_ostate(sk);
694 		if (sk->sk_state != TCP_ESTABLISHED) {
695 			set_bit(XPT_CLOSE, &svsk->sk_xprt.xpt_flags);
696 			svc_xprt_enqueue(&svsk->sk_xprt);
697 		}
698 	}
699 }
700 
701 /*
702  * Accept a TCP connection
703  */
704 static struct svc_xprt *svc_tcp_accept(struct svc_xprt *xprt)
705 {
706 	struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt);
707 	struct sockaddr_storage addr;
708 	struct sockaddr	*sin = (struct sockaddr *) &addr;
709 	struct svc_serv	*serv = svsk->sk_xprt.xpt_server;
710 	struct socket	*sock = svsk->sk_sock;
711 	struct socket	*newsock;
712 	struct svc_sock	*newsvsk;
713 	int		err, slen;
714 	RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]);
715 
716 	dprintk("svc: tcp_accept %p sock %p\n", svsk, sock);
717 	if (!sock)
718 		return NULL;
719 
720 	clear_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags);
721 	err = kernel_accept(sock, &newsock, O_NONBLOCK);
722 	if (err < 0) {
723 		if (err == -ENOMEM)
724 			printk(KERN_WARNING "%s: no more sockets!\n",
725 			       serv->sv_name);
726 		else if (err != -EAGAIN)
727 			net_warn_ratelimited("%s: accept failed (err %d)!\n",
728 					     serv->sv_name, -err);
729 		return NULL;
730 	}
731 	set_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags);
732 
733 	err = kernel_getpeername(newsock, sin);
734 	if (err < 0) {
735 		net_warn_ratelimited("%s: peername failed (err %d)!\n",
736 				     serv->sv_name, -err);
737 		goto failed;		/* aborted connection or whatever */
738 	}
739 	slen = err;
740 
741 	/* Ideally, we would want to reject connections from unauthorized
742 	 * hosts here, but when we get encryption, the IP of the host won't
743 	 * tell us anything.  For now just warn about unpriv connections.
744 	 */
745 	if (!svc_port_is_privileged(sin)) {
746 		dprintk("%s: connect from unprivileged port: %s\n",
747 			serv->sv_name,
748 			__svc_print_addr(sin, buf, sizeof(buf)));
749 	}
750 	dprintk("%s: connect from %s\n", serv->sv_name,
751 		__svc_print_addr(sin, buf, sizeof(buf)));
752 
753 	/* Reset the inherited callbacks before calling svc_setup_socket */
754 	newsock->sk->sk_state_change = svsk->sk_ostate;
755 	newsock->sk->sk_data_ready = svsk->sk_odata;
756 	newsock->sk->sk_write_space = svsk->sk_owspace;
757 
758 	/* make sure that a write doesn't block forever when
759 	 * low on memory
760 	 */
761 	newsock->sk->sk_sndtimeo = HZ*30;
762 
763 	newsvsk = svc_setup_socket(serv, newsock,
764 				 (SVC_SOCK_ANONYMOUS | SVC_SOCK_TEMPORARY));
765 	if (IS_ERR(newsvsk))
766 		goto failed;
767 	svc_xprt_set_remote(&newsvsk->sk_xprt, sin, slen);
768 	err = kernel_getsockname(newsock, sin);
769 	slen = err;
770 	if (unlikely(err < 0)) {
771 		dprintk("svc_tcp_accept: kernel_getsockname error %d\n", -err);
772 		slen = offsetof(struct sockaddr, sa_data);
773 	}
774 	svc_xprt_set_local(&newsvsk->sk_xprt, sin, slen);
775 
776 	if (sock_is_loopback(newsock->sk))
777 		set_bit(XPT_LOCAL, &newsvsk->sk_xprt.xpt_flags);
778 	else
779 		clear_bit(XPT_LOCAL, &newsvsk->sk_xprt.xpt_flags);
780 	if (serv->sv_stats)
781 		serv->sv_stats->nettcpconn++;
782 
783 	return &newsvsk->sk_xprt;
784 
785 failed:
786 	sock_release(newsock);
787 	return NULL;
788 }
789 
790 static unsigned int svc_tcp_restore_pages(struct svc_sock *svsk, struct svc_rqst *rqstp)
791 {
792 	unsigned int i, len, npages;
793 
794 	if (svsk->sk_datalen == 0)
795 		return 0;
796 	len = svsk->sk_datalen;
797 	npages = (len + PAGE_SIZE - 1) >> PAGE_SHIFT;
798 	for (i = 0; i < npages; i++) {
799 		if (rqstp->rq_pages[i] != NULL)
800 			put_page(rqstp->rq_pages[i]);
801 		BUG_ON(svsk->sk_pages[i] == NULL);
802 		rqstp->rq_pages[i] = svsk->sk_pages[i];
803 		svsk->sk_pages[i] = NULL;
804 	}
805 	rqstp->rq_arg.head[0].iov_base = page_address(rqstp->rq_pages[0]);
806 	return len;
807 }
808 
809 static void svc_tcp_save_pages(struct svc_sock *svsk, struct svc_rqst *rqstp)
810 {
811 	unsigned int i, len, npages;
812 
813 	if (svsk->sk_datalen == 0)
814 		return;
815 	len = svsk->sk_datalen;
816 	npages = (len + PAGE_SIZE - 1) >> PAGE_SHIFT;
817 	for (i = 0; i < npages; i++) {
818 		svsk->sk_pages[i] = rqstp->rq_pages[i];
819 		rqstp->rq_pages[i] = NULL;
820 	}
821 }
822 
823 static void svc_tcp_clear_pages(struct svc_sock *svsk)
824 {
825 	unsigned int i, len, npages;
826 
827 	if (svsk->sk_datalen == 0)
828 		goto out;
829 	len = svsk->sk_datalen;
830 	npages = (len + PAGE_SIZE - 1) >> PAGE_SHIFT;
831 	for (i = 0; i < npages; i++) {
832 		if (svsk->sk_pages[i] == NULL) {
833 			WARN_ON_ONCE(1);
834 			continue;
835 		}
836 		put_page(svsk->sk_pages[i]);
837 		svsk->sk_pages[i] = NULL;
838 	}
839 out:
840 	svsk->sk_tcplen = 0;
841 	svsk->sk_datalen = 0;
842 }
843 
844 /*
845  * Receive fragment record header.
846  * If we haven't gotten the record length yet, get the next four bytes.
847  */
848 static int svc_tcp_recv_record(struct svc_sock *svsk, struct svc_rqst *rqstp)
849 {
850 	struct svc_serv	*serv = svsk->sk_xprt.xpt_server;
851 	unsigned int want;
852 	int len;
853 
854 	if (svsk->sk_tcplen < sizeof(rpc_fraghdr)) {
855 		struct kvec	iov;
856 
857 		want = sizeof(rpc_fraghdr) - svsk->sk_tcplen;
858 		iov.iov_base = ((char *) &svsk->sk_reclen) + svsk->sk_tcplen;
859 		iov.iov_len  = want;
860 		len = svc_recvfrom(rqstp, &iov, 1, want, 0);
861 		if (len < 0)
862 			goto error;
863 		svsk->sk_tcplen += len;
864 
865 		if (len < want) {
866 			dprintk("svc: short recvfrom while reading record "
867 				"length (%d of %d)\n", len, want);
868 			return -EAGAIN;
869 		}
870 
871 		dprintk("svc: TCP record, %d bytes\n", svc_sock_reclen(svsk));
872 		if (svc_sock_reclen(svsk) + svsk->sk_datalen >
873 							serv->sv_max_mesg) {
874 			net_notice_ratelimited("RPC: fragment too large: %d\n",
875 					svc_sock_reclen(svsk));
876 			goto err_delete;
877 		}
878 	}
879 
880 	return svc_sock_reclen(svsk);
881 error:
882 	dprintk("RPC: TCP recv_record got %d\n", len);
883 	return len;
884 err_delete:
885 	set_bit(XPT_CLOSE, &svsk->sk_xprt.xpt_flags);
886 	return -EAGAIN;
887 }
888 
889 static int receive_cb_reply(struct svc_sock *svsk, struct svc_rqst *rqstp)
890 {
891 	struct rpc_xprt *bc_xprt = svsk->sk_xprt.xpt_bc_xprt;
892 	struct rpc_rqst *req = NULL;
893 	struct kvec *src, *dst;
894 	__be32 *p = (__be32 *)rqstp->rq_arg.head[0].iov_base;
895 	__be32 xid;
896 	__be32 calldir;
897 
898 	xid = *p++;
899 	calldir = *p;
900 
901 	if (!bc_xprt)
902 		return -EAGAIN;
903 	spin_lock(&bc_xprt->queue_lock);
904 	req = xprt_lookup_rqst(bc_xprt, xid);
905 	if (!req)
906 		goto unlock_notfound;
907 
908 	memcpy(&req->rq_private_buf, &req->rq_rcv_buf, sizeof(struct xdr_buf));
909 	/*
910 	 * XXX!: cheating for now!  Only copying HEAD.
911 	 * But we know this is good enough for now (in fact, for any
912 	 * callback reply in the forseeable future).
913 	 */
914 	dst = &req->rq_private_buf.head[0];
915 	src = &rqstp->rq_arg.head[0];
916 	if (dst->iov_len < src->iov_len)
917 		goto unlock_eagain; /* whatever; just giving up. */
918 	memcpy(dst->iov_base, src->iov_base, src->iov_len);
919 	xprt_complete_rqst(req->rq_task, rqstp->rq_arg.len);
920 	rqstp->rq_arg.len = 0;
921 	spin_unlock(&bc_xprt->queue_lock);
922 	return 0;
923 unlock_notfound:
924 	printk(KERN_NOTICE
925 		"%s: Got unrecognized reply: "
926 		"calldir 0x%x xpt_bc_xprt %p xid %08x\n",
927 		__func__, ntohl(calldir),
928 		bc_xprt, ntohl(xid));
929 unlock_eagain:
930 	spin_unlock(&bc_xprt->queue_lock);
931 	return -EAGAIN;
932 }
933 
934 static int copy_pages_to_kvecs(struct kvec *vec, struct page **pages, int len)
935 {
936 	int i = 0;
937 	int t = 0;
938 
939 	while (t < len) {
940 		vec[i].iov_base = page_address(pages[i]);
941 		vec[i].iov_len = PAGE_SIZE;
942 		i++;
943 		t += PAGE_SIZE;
944 	}
945 	return i;
946 }
947 
948 static void svc_tcp_fragment_received(struct svc_sock *svsk)
949 {
950 	/* If we have more data, signal svc_xprt_enqueue() to try again */
951 	dprintk("svc: TCP %s record (%d bytes)\n",
952 		svc_sock_final_rec(svsk) ? "final" : "nonfinal",
953 		svc_sock_reclen(svsk));
954 	svsk->sk_tcplen = 0;
955 	svsk->sk_reclen = 0;
956 }
957 
958 /*
959  * Receive data from a TCP socket.
960  */
961 static int svc_tcp_recvfrom(struct svc_rqst *rqstp)
962 {
963 	struct svc_sock	*svsk =
964 		container_of(rqstp->rq_xprt, struct svc_sock, sk_xprt);
965 	struct svc_serv	*serv = svsk->sk_xprt.xpt_server;
966 	int		len;
967 	struct kvec *vec;
968 	unsigned int want, base;
969 	__be32 *p;
970 	__be32 calldir;
971 	int pnum;
972 
973 	dprintk("svc: tcp_recv %p data %d conn %d close %d\n",
974 		svsk, test_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags),
975 		test_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags),
976 		test_bit(XPT_CLOSE, &svsk->sk_xprt.xpt_flags));
977 
978 	len = svc_tcp_recv_record(svsk, rqstp);
979 	if (len < 0)
980 		goto error;
981 
982 	base = svc_tcp_restore_pages(svsk, rqstp);
983 	want = svc_sock_reclen(svsk) - (svsk->sk_tcplen - sizeof(rpc_fraghdr));
984 
985 	vec = rqstp->rq_vec;
986 
987 	pnum = copy_pages_to_kvecs(&vec[0], &rqstp->rq_pages[0], base + want);
988 
989 	rqstp->rq_respages = &rqstp->rq_pages[pnum];
990 	rqstp->rq_next_page = rqstp->rq_respages + 1;
991 
992 	/* Now receive data */
993 	len = svc_recvfrom(rqstp, vec, pnum, base + want, base);
994 	if (len >= 0) {
995 		svsk->sk_tcplen += len;
996 		svsk->sk_datalen += len;
997 	}
998 	if (len != want || !svc_sock_final_rec(svsk)) {
999 		svc_tcp_save_pages(svsk, rqstp);
1000 		if (len < 0 && len != -EAGAIN)
1001 			goto err_delete;
1002 		if (len == want)
1003 			svc_tcp_fragment_received(svsk);
1004 		else
1005 			dprintk("svc: incomplete TCP record (%d of %d)\n",
1006 				(int)(svsk->sk_tcplen - sizeof(rpc_fraghdr)),
1007 				svc_sock_reclen(svsk));
1008 		goto err_noclose;
1009 	}
1010 
1011 	if (svsk->sk_datalen < 8) {
1012 		svsk->sk_datalen = 0;
1013 		goto err_delete; /* client is nuts. */
1014 	}
1015 
1016 	rqstp->rq_arg.len = svsk->sk_datalen;
1017 	rqstp->rq_arg.page_base = 0;
1018 	if (rqstp->rq_arg.len <= rqstp->rq_arg.head[0].iov_len) {
1019 		rqstp->rq_arg.head[0].iov_len = rqstp->rq_arg.len;
1020 		rqstp->rq_arg.page_len = 0;
1021 	} else
1022 		rqstp->rq_arg.page_len = rqstp->rq_arg.len - rqstp->rq_arg.head[0].iov_len;
1023 
1024 	rqstp->rq_xprt_ctxt   = NULL;
1025 	rqstp->rq_prot	      = IPPROTO_TCP;
1026 	if (test_bit(XPT_LOCAL, &svsk->sk_xprt.xpt_flags))
1027 		set_bit(RQ_LOCAL, &rqstp->rq_flags);
1028 	else
1029 		clear_bit(RQ_LOCAL, &rqstp->rq_flags);
1030 
1031 	p = (__be32 *)rqstp->rq_arg.head[0].iov_base;
1032 	calldir = p[1];
1033 	if (calldir)
1034 		len = receive_cb_reply(svsk, rqstp);
1035 
1036 	/* Reset TCP read info */
1037 	svsk->sk_datalen = 0;
1038 	svc_tcp_fragment_received(svsk);
1039 
1040 	if (len < 0)
1041 		goto error;
1042 
1043 	svc_xprt_copy_addrs(rqstp, &svsk->sk_xprt);
1044 	if (serv->sv_stats)
1045 		serv->sv_stats->nettcpcnt++;
1046 
1047 	return rqstp->rq_arg.len;
1048 
1049 error:
1050 	if (len != -EAGAIN)
1051 		goto err_delete;
1052 	dprintk("RPC: TCP recvfrom got EAGAIN\n");
1053 	return 0;
1054 err_delete:
1055 	printk(KERN_NOTICE "%s: recvfrom returned errno %d\n",
1056 	       svsk->sk_xprt.xpt_server->sv_name, -len);
1057 	set_bit(XPT_CLOSE, &svsk->sk_xprt.xpt_flags);
1058 err_noclose:
1059 	return 0;	/* record not complete */
1060 }
1061 
1062 /**
1063  * svc_tcp_sendto - Send out a reply on a TCP socket
1064  * @rqstp: completed svc_rqst
1065  *
1066  * Returns the number of bytes sent, or a negative errno.
1067  */
1068 static int svc_tcp_sendto(struct svc_rqst *rqstp)
1069 {
1070 	struct svc_xprt *xprt = rqstp->rq_xprt;
1071 	struct svc_sock	*svsk = container_of(xprt, struct svc_sock, sk_xprt);
1072 	struct xdr_buf *xdr = &rqstp->rq_res;
1073 	rpc_fraghdr marker = cpu_to_be32(RPC_LAST_STREAM_FRAGMENT |
1074 					 (u32)xdr->len);
1075 	struct msghdr msg = {
1076 		.msg_flags	= 0,
1077 	};
1078 	unsigned int uninitialized_var(sent);
1079 	int err;
1080 
1081 	svc_release_skb(rqstp);
1082 
1083 	err = xprt_sock_sendmsg(svsk->sk_sock, &msg, xdr, 0, marker, &sent);
1084 	xdr_free_bvec(xdr);
1085 	if (err < 0 || sent != (xdr->len + sizeof(marker)))
1086 		goto out_close;
1087 	return sent;
1088 
1089 out_close:
1090 	pr_notice("rpc-srv/tcp: %s: %s %d when sending %d bytes - shutting down socket\n",
1091 		  xprt->xpt_server->sv_name,
1092 		  (err < 0) ? "got error" : "sent",
1093 		  (err < 0) ? err : sent, xdr->len);
1094 	set_bit(XPT_CLOSE, &xprt->xpt_flags);
1095 	svc_xprt_enqueue(xprt);
1096 	return -EAGAIN;
1097 }
1098 
1099 static struct svc_xprt *svc_tcp_create(struct svc_serv *serv,
1100 				       struct net *net,
1101 				       struct sockaddr *sa, int salen,
1102 				       int flags)
1103 {
1104 	return svc_create_socket(serv, IPPROTO_TCP, net, sa, salen, flags);
1105 }
1106 
1107 static const struct svc_xprt_ops svc_tcp_ops = {
1108 	.xpo_create = svc_tcp_create,
1109 	.xpo_recvfrom = svc_tcp_recvfrom,
1110 	.xpo_sendto = svc_tcp_sendto,
1111 	.xpo_read_payload = svc_sock_read_payload,
1112 	.xpo_release_rqst = svc_release_skb,
1113 	.xpo_detach = svc_tcp_sock_detach,
1114 	.xpo_free = svc_sock_free,
1115 	.xpo_has_wspace = svc_tcp_has_wspace,
1116 	.xpo_accept = svc_tcp_accept,
1117 	.xpo_secure_port = svc_sock_secure_port,
1118 	.xpo_kill_temp_xprt = svc_tcp_kill_temp_xprt,
1119 };
1120 
1121 static struct svc_xprt_class svc_tcp_class = {
1122 	.xcl_name = "tcp",
1123 	.xcl_owner = THIS_MODULE,
1124 	.xcl_ops = &svc_tcp_ops,
1125 	.xcl_max_payload = RPCSVC_MAXPAYLOAD_TCP,
1126 	.xcl_ident = XPRT_TRANSPORT_TCP,
1127 };
1128 
1129 void svc_init_xprt_sock(void)
1130 {
1131 	svc_reg_xprt_class(&svc_tcp_class);
1132 	svc_reg_xprt_class(&svc_udp_class);
1133 }
1134 
1135 void svc_cleanup_xprt_sock(void)
1136 {
1137 	svc_unreg_xprt_class(&svc_tcp_class);
1138 	svc_unreg_xprt_class(&svc_udp_class);
1139 }
1140 
1141 static void svc_tcp_init(struct svc_sock *svsk, struct svc_serv *serv)
1142 {
1143 	struct sock	*sk = svsk->sk_sk;
1144 
1145 	svc_xprt_init(sock_net(svsk->sk_sock->sk), &svc_tcp_class,
1146 		      &svsk->sk_xprt, serv);
1147 	set_bit(XPT_CACHE_AUTH, &svsk->sk_xprt.xpt_flags);
1148 	set_bit(XPT_CONG_CTRL, &svsk->sk_xprt.xpt_flags);
1149 	if (sk->sk_state == TCP_LISTEN) {
1150 		dprintk("setting up TCP socket for listening\n");
1151 		strcpy(svsk->sk_xprt.xpt_remotebuf, "listener");
1152 		set_bit(XPT_LISTENER, &svsk->sk_xprt.xpt_flags);
1153 		sk->sk_data_ready = svc_tcp_listen_data_ready;
1154 		set_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags);
1155 	} else {
1156 		dprintk("setting up TCP socket for reading\n");
1157 		sk->sk_state_change = svc_tcp_state_change;
1158 		sk->sk_data_ready = svc_data_ready;
1159 		sk->sk_write_space = svc_write_space;
1160 
1161 		svsk->sk_reclen = 0;
1162 		svsk->sk_tcplen = 0;
1163 		svsk->sk_datalen = 0;
1164 		memset(&svsk->sk_pages[0], 0, sizeof(svsk->sk_pages));
1165 
1166 		tcp_sk(sk)->nonagle |= TCP_NAGLE_OFF;
1167 
1168 		set_bit(XPT_DATA, &svsk->sk_xprt.xpt_flags);
1169 		switch (sk->sk_state) {
1170 		case TCP_SYN_RECV:
1171 		case TCP_ESTABLISHED:
1172 			break;
1173 		default:
1174 			set_bit(XPT_CLOSE, &svsk->sk_xprt.xpt_flags);
1175 		}
1176 	}
1177 }
1178 
1179 void svc_sock_update_bufs(struct svc_serv *serv)
1180 {
1181 	/*
1182 	 * The number of server threads has changed. Update
1183 	 * rcvbuf and sndbuf accordingly on all sockets
1184 	 */
1185 	struct svc_sock *svsk;
1186 
1187 	spin_lock_bh(&serv->sv_lock);
1188 	list_for_each_entry(svsk, &serv->sv_permsocks, sk_xprt.xpt_list)
1189 		set_bit(XPT_CHNGBUF, &svsk->sk_xprt.xpt_flags);
1190 	spin_unlock_bh(&serv->sv_lock);
1191 }
1192 EXPORT_SYMBOL_GPL(svc_sock_update_bufs);
1193 
1194 /*
1195  * Initialize socket for RPC use and create svc_sock struct
1196  */
1197 static struct svc_sock *svc_setup_socket(struct svc_serv *serv,
1198 						struct socket *sock,
1199 						int flags)
1200 {
1201 	struct svc_sock	*svsk;
1202 	struct sock	*inet;
1203 	int		pmap_register = !(flags & SVC_SOCK_ANONYMOUS);
1204 	int		err = 0;
1205 
1206 	dprintk("svc: svc_setup_socket %p\n", sock);
1207 	svsk = kzalloc(sizeof(*svsk), GFP_KERNEL);
1208 	if (!svsk)
1209 		return ERR_PTR(-ENOMEM);
1210 
1211 	inet = sock->sk;
1212 
1213 	/* Register socket with portmapper */
1214 	if (pmap_register)
1215 		err = svc_register(serv, sock_net(sock->sk), inet->sk_family,
1216 				     inet->sk_protocol,
1217 				     ntohs(inet_sk(inet)->inet_sport));
1218 
1219 	if (err < 0) {
1220 		kfree(svsk);
1221 		return ERR_PTR(err);
1222 	}
1223 
1224 	svsk->sk_sock = sock;
1225 	svsk->sk_sk = inet;
1226 	svsk->sk_ostate = inet->sk_state_change;
1227 	svsk->sk_odata = inet->sk_data_ready;
1228 	svsk->sk_owspace = inet->sk_write_space;
1229 	/*
1230 	 * This barrier is necessary in order to prevent race condition
1231 	 * with svc_data_ready(), svc_listen_data_ready() and others
1232 	 * when calling callbacks above.
1233 	 */
1234 	wmb();
1235 	inet->sk_user_data = svsk;
1236 
1237 	/* Initialize the socket */
1238 	if (sock->type == SOCK_DGRAM)
1239 		svc_udp_init(svsk, serv);
1240 	else
1241 		svc_tcp_init(svsk, serv);
1242 
1243 	dprintk("svc: svc_setup_socket created %p (inet %p), "
1244 			"listen %d close %d\n",
1245 			svsk, svsk->sk_sk,
1246 			test_bit(XPT_LISTENER, &svsk->sk_xprt.xpt_flags),
1247 			test_bit(XPT_CLOSE, &svsk->sk_xprt.xpt_flags));
1248 
1249 	return svsk;
1250 }
1251 
1252 bool svc_alien_sock(struct net *net, int fd)
1253 {
1254 	int err;
1255 	struct socket *sock = sockfd_lookup(fd, &err);
1256 	bool ret = false;
1257 
1258 	if (!sock)
1259 		goto out;
1260 	if (sock_net(sock->sk) != net)
1261 		ret = true;
1262 	sockfd_put(sock);
1263 out:
1264 	return ret;
1265 }
1266 EXPORT_SYMBOL_GPL(svc_alien_sock);
1267 
1268 /**
1269  * svc_addsock - add a listener socket to an RPC service
1270  * @serv: pointer to RPC service to which to add a new listener
1271  * @fd: file descriptor of the new listener
1272  * @name_return: pointer to buffer to fill in with name of listener
1273  * @len: size of the buffer
1274  * @cred: credential
1275  *
1276  * Fills in socket name and returns positive length of name if successful.
1277  * Name is terminated with '\n'.  On error, returns a negative errno
1278  * value.
1279  */
1280 int svc_addsock(struct svc_serv *serv, const int fd, char *name_return,
1281 		const size_t len, const struct cred *cred)
1282 {
1283 	int err = 0;
1284 	struct socket *so = sockfd_lookup(fd, &err);
1285 	struct svc_sock *svsk = NULL;
1286 	struct sockaddr_storage addr;
1287 	struct sockaddr *sin = (struct sockaddr *)&addr;
1288 	int salen;
1289 
1290 	if (!so)
1291 		return err;
1292 	err = -EAFNOSUPPORT;
1293 	if ((so->sk->sk_family != PF_INET) && (so->sk->sk_family != PF_INET6))
1294 		goto out;
1295 	err =  -EPROTONOSUPPORT;
1296 	if (so->sk->sk_protocol != IPPROTO_TCP &&
1297 	    so->sk->sk_protocol != IPPROTO_UDP)
1298 		goto out;
1299 	err = -EISCONN;
1300 	if (so->state > SS_UNCONNECTED)
1301 		goto out;
1302 	err = -ENOENT;
1303 	if (!try_module_get(THIS_MODULE))
1304 		goto out;
1305 	svsk = svc_setup_socket(serv, so, SVC_SOCK_DEFAULTS);
1306 	if (IS_ERR(svsk)) {
1307 		module_put(THIS_MODULE);
1308 		err = PTR_ERR(svsk);
1309 		goto out;
1310 	}
1311 	salen = kernel_getsockname(svsk->sk_sock, sin);
1312 	if (salen >= 0)
1313 		svc_xprt_set_local(&svsk->sk_xprt, sin, salen);
1314 	svsk->sk_xprt.xpt_cred = get_cred(cred);
1315 	svc_add_new_perm_xprt(serv, &svsk->sk_xprt);
1316 	return svc_one_sock_name(svsk, name_return, len);
1317 out:
1318 	sockfd_put(so);
1319 	return err;
1320 }
1321 EXPORT_SYMBOL_GPL(svc_addsock);
1322 
1323 /*
1324  * Create socket for RPC service.
1325  */
1326 static struct svc_xprt *svc_create_socket(struct svc_serv *serv,
1327 					  int protocol,
1328 					  struct net *net,
1329 					  struct sockaddr *sin, int len,
1330 					  int flags)
1331 {
1332 	struct svc_sock	*svsk;
1333 	struct socket	*sock;
1334 	int		error;
1335 	int		type;
1336 	struct sockaddr_storage addr;
1337 	struct sockaddr *newsin = (struct sockaddr *)&addr;
1338 	int		newlen;
1339 	int		family;
1340 	int		val;
1341 	RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]);
1342 
1343 	dprintk("svc: svc_create_socket(%s, %d, %s)\n",
1344 			serv->sv_program->pg_name, protocol,
1345 			__svc_print_addr(sin, buf, sizeof(buf)));
1346 
1347 	if (protocol != IPPROTO_UDP && protocol != IPPROTO_TCP) {
1348 		printk(KERN_WARNING "svc: only UDP and TCP "
1349 				"sockets supported\n");
1350 		return ERR_PTR(-EINVAL);
1351 	}
1352 
1353 	type = (protocol == IPPROTO_UDP)? SOCK_DGRAM : SOCK_STREAM;
1354 	switch (sin->sa_family) {
1355 	case AF_INET6:
1356 		family = PF_INET6;
1357 		break;
1358 	case AF_INET:
1359 		family = PF_INET;
1360 		break;
1361 	default:
1362 		return ERR_PTR(-EINVAL);
1363 	}
1364 
1365 	error = __sock_create(net, family, type, protocol, &sock, 1);
1366 	if (error < 0)
1367 		return ERR_PTR(error);
1368 
1369 	svc_reclassify_socket(sock);
1370 
1371 	/*
1372 	 * If this is an PF_INET6 listener, we want to avoid
1373 	 * getting requests from IPv4 remotes.  Those should
1374 	 * be shunted to a PF_INET listener via rpcbind.
1375 	 */
1376 	val = 1;
1377 	if (family == PF_INET6)
1378 		kernel_setsockopt(sock, SOL_IPV6, IPV6_V6ONLY,
1379 					(char *)&val, sizeof(val));
1380 
1381 	if (type == SOCK_STREAM)
1382 		sock->sk->sk_reuse = SK_CAN_REUSE; /* allow address reuse */
1383 	error = kernel_bind(sock, sin, len);
1384 	if (error < 0)
1385 		goto bummer;
1386 
1387 	error = kernel_getsockname(sock, newsin);
1388 	if (error < 0)
1389 		goto bummer;
1390 	newlen = error;
1391 
1392 	if (protocol == IPPROTO_TCP) {
1393 		if ((error = kernel_listen(sock, 64)) < 0)
1394 			goto bummer;
1395 	}
1396 
1397 	svsk = svc_setup_socket(serv, sock, flags);
1398 	if (IS_ERR(svsk)) {
1399 		error = PTR_ERR(svsk);
1400 		goto bummer;
1401 	}
1402 	svc_xprt_set_local(&svsk->sk_xprt, newsin, newlen);
1403 	return (struct svc_xprt *)svsk;
1404 bummer:
1405 	dprintk("svc: svc_create_socket error = %d\n", -error);
1406 	sock_release(sock);
1407 	return ERR_PTR(error);
1408 }
1409 
1410 /*
1411  * Detach the svc_sock from the socket so that no
1412  * more callbacks occur.
1413  */
1414 static void svc_sock_detach(struct svc_xprt *xprt)
1415 {
1416 	struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt);
1417 	struct sock *sk = svsk->sk_sk;
1418 
1419 	dprintk("svc: svc_sock_detach(%p)\n", svsk);
1420 
1421 	/* put back the old socket callbacks */
1422 	lock_sock(sk);
1423 	sk->sk_state_change = svsk->sk_ostate;
1424 	sk->sk_data_ready = svsk->sk_odata;
1425 	sk->sk_write_space = svsk->sk_owspace;
1426 	sk->sk_user_data = NULL;
1427 	release_sock(sk);
1428 }
1429 
1430 /*
1431  * Disconnect the socket, and reset the callbacks
1432  */
1433 static void svc_tcp_sock_detach(struct svc_xprt *xprt)
1434 {
1435 	struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt);
1436 
1437 	dprintk("svc: svc_tcp_sock_detach(%p)\n", svsk);
1438 
1439 	svc_sock_detach(xprt);
1440 
1441 	if (!test_bit(XPT_LISTENER, &xprt->xpt_flags)) {
1442 		svc_tcp_clear_pages(svsk);
1443 		kernel_sock_shutdown(svsk->sk_sock, SHUT_RDWR);
1444 	}
1445 }
1446 
1447 /*
1448  * Free the svc_sock's socket resources and the svc_sock itself.
1449  */
1450 static void svc_sock_free(struct svc_xprt *xprt)
1451 {
1452 	struct svc_sock *svsk = container_of(xprt, struct svc_sock, sk_xprt);
1453 	dprintk("svc: svc_sock_free(%p)\n", svsk);
1454 
1455 	if (svsk->sk_sock->file)
1456 		sockfd_put(svsk->sk_sock);
1457 	else
1458 		sock_release(svsk->sk_sock);
1459 	kfree(svsk);
1460 }
1461