1 /* AF_RXRPC implementation 2 * 3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 */ 11 12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 13 14 #include <linux/module.h> 15 #include <linux/kernel.h> 16 #include <linux/net.h> 17 #include <linux/slab.h> 18 #include <linux/skbuff.h> 19 #include <linux/random.h> 20 #include <linux/poll.h> 21 #include <linux/proc_fs.h> 22 #include <linux/key-type.h> 23 #include <net/net_namespace.h> 24 #include <net/sock.h> 25 #include <net/af_rxrpc.h> 26 #define CREATE_TRACE_POINTS 27 #include "ar-internal.h" 28 29 MODULE_DESCRIPTION("RxRPC network protocol"); 30 MODULE_AUTHOR("Red Hat, Inc."); 31 MODULE_LICENSE("GPL"); 32 MODULE_ALIAS_NETPROTO(PF_RXRPC); 33 34 unsigned int rxrpc_debug; // = RXRPC_DEBUG_KPROTO; 35 module_param_named(debug, rxrpc_debug, uint, 0644); 36 MODULE_PARM_DESC(debug, "RxRPC debugging mask"); 37 38 static struct proto rxrpc_proto; 39 static const struct proto_ops rxrpc_rpc_ops; 40 41 /* current debugging ID */ 42 atomic_t rxrpc_debug_id; 43 EXPORT_SYMBOL(rxrpc_debug_id); 44 45 /* count of skbs currently in use */ 46 atomic_t rxrpc_n_tx_skbs, rxrpc_n_rx_skbs; 47 48 struct workqueue_struct *rxrpc_workqueue; 49 50 static void rxrpc_sock_destructor(struct sock *); 51 52 /* 53 * see if an RxRPC socket is currently writable 54 */ 55 static inline int rxrpc_writable(struct sock *sk) 56 { 57 return refcount_read(&sk->sk_wmem_alloc) < (size_t) sk->sk_sndbuf; 58 } 59 60 /* 61 * wait for write bufferage to become available 62 */ 63 static void rxrpc_write_space(struct sock *sk) 64 { 65 _enter("%p", sk); 66 rcu_read_lock(); 67 if (rxrpc_writable(sk)) { 68 struct socket_wq *wq = rcu_dereference(sk->sk_wq); 69 70 if (skwq_has_sleeper(wq)) 71 wake_up_interruptible(&wq->wait); 72 sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT); 73 } 74 rcu_read_unlock(); 75 } 76 77 /* 78 * validate an RxRPC address 79 */ 80 static int rxrpc_validate_address(struct rxrpc_sock *rx, 81 struct sockaddr_rxrpc *srx, 82 int len) 83 { 84 unsigned int tail; 85 86 if (len < sizeof(struct sockaddr_rxrpc)) 87 return -EINVAL; 88 89 if (srx->srx_family != AF_RXRPC) 90 return -EAFNOSUPPORT; 91 92 if (srx->transport_type != SOCK_DGRAM) 93 return -ESOCKTNOSUPPORT; 94 95 len -= offsetof(struct sockaddr_rxrpc, transport); 96 if (srx->transport_len < sizeof(sa_family_t) || 97 srx->transport_len > len) 98 return -EINVAL; 99 100 if (srx->transport.family != rx->family && 101 srx->transport.family == AF_INET && rx->family != AF_INET6) 102 return -EAFNOSUPPORT; 103 104 switch (srx->transport.family) { 105 case AF_INET: 106 if (srx->transport_len < sizeof(struct sockaddr_in)) 107 return -EINVAL; 108 tail = offsetof(struct sockaddr_rxrpc, transport.sin.__pad); 109 break; 110 111 #ifdef CONFIG_AF_RXRPC_IPV6 112 case AF_INET6: 113 if (srx->transport_len < sizeof(struct sockaddr_in6)) 114 return -EINVAL; 115 tail = offsetof(struct sockaddr_rxrpc, transport) + 116 sizeof(struct sockaddr_in6); 117 break; 118 #endif 119 120 default: 121 return -EAFNOSUPPORT; 122 } 123 124 if (tail < len) 125 memset((void *)srx + tail, 0, len - tail); 126 _debug("INET: %pISp", &srx->transport); 127 return 0; 128 } 129 130 /* 131 * bind a local address to an RxRPC socket 132 */ 133 static int rxrpc_bind(struct socket *sock, struct sockaddr *saddr, int len) 134 { 135 struct sockaddr_rxrpc *srx = (struct sockaddr_rxrpc *)saddr; 136 struct rxrpc_local *local; 137 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 138 u16 service_id = srx->srx_service; 139 int ret; 140 141 _enter("%p,%p,%d", rx, saddr, len); 142 143 ret = rxrpc_validate_address(rx, srx, len); 144 if (ret < 0) 145 goto error; 146 147 lock_sock(&rx->sk); 148 149 switch (rx->sk.sk_state) { 150 case RXRPC_UNBOUND: 151 rx->srx = *srx; 152 local = rxrpc_lookup_local(sock_net(&rx->sk), &rx->srx); 153 if (IS_ERR(local)) { 154 ret = PTR_ERR(local); 155 goto error_unlock; 156 } 157 158 if (service_id) { 159 write_lock(&local->services_lock); 160 if (rcu_access_pointer(local->service)) 161 goto service_in_use; 162 rx->local = local; 163 rcu_assign_pointer(local->service, rx); 164 write_unlock(&local->services_lock); 165 166 rx->sk.sk_state = RXRPC_SERVER_BOUND; 167 } else { 168 rx->local = local; 169 rx->sk.sk_state = RXRPC_CLIENT_BOUND; 170 } 171 break; 172 173 case RXRPC_SERVER_BOUND: 174 ret = -EINVAL; 175 if (service_id == 0) 176 goto error_unlock; 177 ret = -EADDRINUSE; 178 if (service_id == rx->srx.srx_service) 179 goto error_unlock; 180 ret = -EINVAL; 181 srx->srx_service = rx->srx.srx_service; 182 if (memcmp(srx, &rx->srx, sizeof(*srx)) != 0) 183 goto error_unlock; 184 rx->second_service = service_id; 185 rx->sk.sk_state = RXRPC_SERVER_BOUND2; 186 break; 187 188 default: 189 ret = -EINVAL; 190 goto error_unlock; 191 } 192 193 release_sock(&rx->sk); 194 _leave(" = 0"); 195 return 0; 196 197 service_in_use: 198 write_unlock(&local->services_lock); 199 rxrpc_put_local(local); 200 ret = -EADDRINUSE; 201 error_unlock: 202 release_sock(&rx->sk); 203 error: 204 _leave(" = %d", ret); 205 return ret; 206 } 207 208 /* 209 * set the number of pending calls permitted on a listening socket 210 */ 211 static int rxrpc_listen(struct socket *sock, int backlog) 212 { 213 struct sock *sk = sock->sk; 214 struct rxrpc_sock *rx = rxrpc_sk(sk); 215 unsigned int max, old; 216 int ret; 217 218 _enter("%p,%d", rx, backlog); 219 220 lock_sock(&rx->sk); 221 222 switch (rx->sk.sk_state) { 223 case RXRPC_UNBOUND: 224 ret = -EADDRNOTAVAIL; 225 break; 226 case RXRPC_SERVER_BOUND: 227 case RXRPC_SERVER_BOUND2: 228 ASSERT(rx->local != NULL); 229 max = READ_ONCE(rxrpc_max_backlog); 230 ret = -EINVAL; 231 if (backlog == INT_MAX) 232 backlog = max; 233 else if (backlog < 0 || backlog > max) 234 break; 235 old = sk->sk_max_ack_backlog; 236 sk->sk_max_ack_backlog = backlog; 237 ret = rxrpc_service_prealloc(rx, GFP_KERNEL); 238 if (ret == 0) 239 rx->sk.sk_state = RXRPC_SERVER_LISTENING; 240 else 241 sk->sk_max_ack_backlog = old; 242 break; 243 case RXRPC_SERVER_LISTENING: 244 if (backlog == 0) { 245 rx->sk.sk_state = RXRPC_SERVER_LISTEN_DISABLED; 246 sk->sk_max_ack_backlog = 0; 247 rxrpc_discard_prealloc(rx); 248 ret = 0; 249 break; 250 } 251 /* Fall through */ 252 default: 253 ret = -EBUSY; 254 break; 255 } 256 257 release_sock(&rx->sk); 258 _leave(" = %d", ret); 259 return ret; 260 } 261 262 /** 263 * rxrpc_kernel_begin_call - Allow a kernel service to begin a call 264 * @sock: The socket on which to make the call 265 * @srx: The address of the peer to contact 266 * @key: The security context to use (defaults to socket setting) 267 * @user_call_ID: The ID to use 268 * @tx_total_len: Total length of data to transmit during the call (or -1) 269 * @gfp: The allocation constraints 270 * @notify_rx: Where to send notifications instead of socket queue 271 * @upgrade: Request service upgrade for call 272 * @debug_id: The debug ID for tracing to be assigned to the call 273 * 274 * Allow a kernel service to begin a call on the nominated socket. This just 275 * sets up all the internal tracking structures and allocates connection and 276 * call IDs as appropriate. The call to be used is returned. 277 * 278 * The default socket destination address and security may be overridden by 279 * supplying @srx and @key. 280 */ 281 struct rxrpc_call *rxrpc_kernel_begin_call(struct socket *sock, 282 struct sockaddr_rxrpc *srx, 283 struct key *key, 284 unsigned long user_call_ID, 285 s64 tx_total_len, 286 gfp_t gfp, 287 rxrpc_notify_rx_t notify_rx, 288 bool upgrade, 289 unsigned int debug_id) 290 { 291 struct rxrpc_conn_parameters cp; 292 struct rxrpc_call_params p; 293 struct rxrpc_call *call; 294 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 295 int ret; 296 297 _enter(",,%x,%lx", key_serial(key), user_call_ID); 298 299 ret = rxrpc_validate_address(rx, srx, sizeof(*srx)); 300 if (ret < 0) 301 return ERR_PTR(ret); 302 303 lock_sock(&rx->sk); 304 305 if (!key) 306 key = rx->key; 307 if (key && !key->payload.data[0]) 308 key = NULL; /* a no-security key */ 309 310 memset(&p, 0, sizeof(p)); 311 p.user_call_ID = user_call_ID; 312 p.tx_total_len = tx_total_len; 313 314 memset(&cp, 0, sizeof(cp)); 315 cp.local = rx->local; 316 cp.key = key; 317 cp.security_level = rx->min_sec_level; 318 cp.exclusive = false; 319 cp.upgrade = upgrade; 320 cp.service_id = srx->srx_service; 321 call = rxrpc_new_client_call(rx, &cp, srx, &p, gfp, debug_id); 322 /* The socket has been unlocked. */ 323 if (!IS_ERR(call)) { 324 call->notify_rx = notify_rx; 325 mutex_unlock(&call->user_mutex); 326 } 327 328 rxrpc_put_peer(cp.peer); 329 _leave(" = %p", call); 330 return call; 331 } 332 EXPORT_SYMBOL(rxrpc_kernel_begin_call); 333 334 /* 335 * Dummy function used to stop the notifier talking to recvmsg(). 336 */ 337 static void rxrpc_dummy_notify_rx(struct sock *sk, struct rxrpc_call *rxcall, 338 unsigned long call_user_ID) 339 { 340 } 341 342 /** 343 * rxrpc_kernel_end_call - Allow a kernel service to end a call it was using 344 * @sock: The socket the call is on 345 * @call: The call to end 346 * 347 * Allow a kernel service to end a call it was using. The call must be 348 * complete before this is called (the call should be aborted if necessary). 349 */ 350 void rxrpc_kernel_end_call(struct socket *sock, struct rxrpc_call *call) 351 { 352 _enter("%d{%d}", call->debug_id, atomic_read(&call->usage)); 353 354 mutex_lock(&call->user_mutex); 355 rxrpc_release_call(rxrpc_sk(sock->sk), call); 356 357 /* Make sure we're not going to call back into a kernel service */ 358 if (call->notify_rx) { 359 spin_lock_bh(&call->notify_lock); 360 call->notify_rx = rxrpc_dummy_notify_rx; 361 spin_unlock_bh(&call->notify_lock); 362 } 363 364 mutex_unlock(&call->user_mutex); 365 rxrpc_put_call(call, rxrpc_call_put_kernel); 366 } 367 EXPORT_SYMBOL(rxrpc_kernel_end_call); 368 369 /** 370 * rxrpc_kernel_check_life - Check to see whether a call is still alive 371 * @sock: The socket the call is on 372 * @call: The call to check 373 * 374 * Allow a kernel service to find out whether a call is still alive - ie. we're 375 * getting ACKs from the server. Returns a number representing the life state 376 * which can be compared to that returned by a previous call. 377 * 378 * If the life state stalls, rxrpc_kernel_probe_life() should be called and 379 * then 2RTT waited. 380 */ 381 u32 rxrpc_kernel_check_life(const struct socket *sock, 382 const struct rxrpc_call *call) 383 { 384 return call->acks_latest; 385 } 386 EXPORT_SYMBOL(rxrpc_kernel_check_life); 387 388 /** 389 * rxrpc_kernel_probe_life - Poke the peer to see if it's still alive 390 * @sock: The socket the call is on 391 * @call: The call to check 392 * 393 * In conjunction with rxrpc_kernel_check_life(), allow a kernel service to 394 * find out whether a call is still alive by pinging it. This should cause the 395 * life state to be bumped in about 2*RTT. 396 * 397 * The must be called in TASK_RUNNING state on pain of might_sleep() objecting. 398 */ 399 void rxrpc_kernel_probe_life(struct socket *sock, struct rxrpc_call *call) 400 { 401 rxrpc_propose_ACK(call, RXRPC_ACK_PING, 0, 0, true, false, 402 rxrpc_propose_ack_ping_for_check_life); 403 rxrpc_send_ack_packet(call, true, NULL); 404 } 405 EXPORT_SYMBOL(rxrpc_kernel_probe_life); 406 407 /** 408 * rxrpc_kernel_get_epoch - Retrieve the epoch value from a call. 409 * @sock: The socket the call is on 410 * @call: The call to query 411 * 412 * Allow a kernel service to retrieve the epoch value from a service call to 413 * see if the client at the other end rebooted. 414 */ 415 u32 rxrpc_kernel_get_epoch(struct socket *sock, struct rxrpc_call *call) 416 { 417 return call->conn->proto.epoch; 418 } 419 EXPORT_SYMBOL(rxrpc_kernel_get_epoch); 420 421 /** 422 * rxrpc_kernel_new_call_notification - Get notifications of new calls 423 * @sock: The socket to intercept received messages on 424 * @notify_new_call: Function to be called when new calls appear 425 * @discard_new_call: Function to discard preallocated calls 426 * 427 * Allow a kernel service to be given notifications about new calls. 428 */ 429 void rxrpc_kernel_new_call_notification( 430 struct socket *sock, 431 rxrpc_notify_new_call_t notify_new_call, 432 rxrpc_discard_new_call_t discard_new_call) 433 { 434 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 435 436 rx->notify_new_call = notify_new_call; 437 rx->discard_new_call = discard_new_call; 438 } 439 EXPORT_SYMBOL(rxrpc_kernel_new_call_notification); 440 441 /* 442 * connect an RxRPC socket 443 * - this just targets it at a specific destination; no actual connection 444 * negotiation takes place 445 */ 446 static int rxrpc_connect(struct socket *sock, struct sockaddr *addr, 447 int addr_len, int flags) 448 { 449 struct sockaddr_rxrpc *srx = (struct sockaddr_rxrpc *)addr; 450 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 451 int ret; 452 453 _enter("%p,%p,%d,%d", rx, addr, addr_len, flags); 454 455 ret = rxrpc_validate_address(rx, srx, addr_len); 456 if (ret < 0) { 457 _leave(" = %d [bad addr]", ret); 458 return ret; 459 } 460 461 lock_sock(&rx->sk); 462 463 ret = -EISCONN; 464 if (test_bit(RXRPC_SOCK_CONNECTED, &rx->flags)) 465 goto error; 466 467 switch (rx->sk.sk_state) { 468 case RXRPC_UNBOUND: 469 rx->sk.sk_state = RXRPC_CLIENT_UNBOUND; 470 case RXRPC_CLIENT_UNBOUND: 471 case RXRPC_CLIENT_BOUND: 472 break; 473 default: 474 ret = -EBUSY; 475 goto error; 476 } 477 478 rx->connect_srx = *srx; 479 set_bit(RXRPC_SOCK_CONNECTED, &rx->flags); 480 ret = 0; 481 482 error: 483 release_sock(&rx->sk); 484 return ret; 485 } 486 487 /* 488 * send a message through an RxRPC socket 489 * - in a client this does a number of things: 490 * - finds/sets up a connection for the security specified (if any) 491 * - initiates a call (ID in control data) 492 * - ends the request phase of a call (if MSG_MORE is not set) 493 * - sends a call data packet 494 * - may send an abort (abort code in control data) 495 */ 496 static int rxrpc_sendmsg(struct socket *sock, struct msghdr *m, size_t len) 497 { 498 struct rxrpc_local *local; 499 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 500 int ret; 501 502 _enter(",{%d},,%zu", rx->sk.sk_state, len); 503 504 if (m->msg_flags & MSG_OOB) 505 return -EOPNOTSUPP; 506 507 if (m->msg_name) { 508 ret = rxrpc_validate_address(rx, m->msg_name, m->msg_namelen); 509 if (ret < 0) { 510 _leave(" = %d [bad addr]", ret); 511 return ret; 512 } 513 } 514 515 lock_sock(&rx->sk); 516 517 switch (rx->sk.sk_state) { 518 case RXRPC_UNBOUND: 519 rx->srx.srx_family = AF_RXRPC; 520 rx->srx.srx_service = 0; 521 rx->srx.transport_type = SOCK_DGRAM; 522 rx->srx.transport.family = rx->family; 523 switch (rx->family) { 524 case AF_INET: 525 rx->srx.transport_len = sizeof(struct sockaddr_in); 526 break; 527 #ifdef CONFIG_AF_RXRPC_IPV6 528 case AF_INET6: 529 rx->srx.transport_len = sizeof(struct sockaddr_in6); 530 break; 531 #endif 532 default: 533 ret = -EAFNOSUPPORT; 534 goto error_unlock; 535 } 536 local = rxrpc_lookup_local(sock_net(sock->sk), &rx->srx); 537 if (IS_ERR(local)) { 538 ret = PTR_ERR(local); 539 goto error_unlock; 540 } 541 542 rx->local = local; 543 rx->sk.sk_state = RXRPC_CLIENT_UNBOUND; 544 /* Fall through */ 545 546 case RXRPC_CLIENT_UNBOUND: 547 case RXRPC_CLIENT_BOUND: 548 if (!m->msg_name && 549 test_bit(RXRPC_SOCK_CONNECTED, &rx->flags)) { 550 m->msg_name = &rx->connect_srx; 551 m->msg_namelen = sizeof(rx->connect_srx); 552 } 553 /* Fall through */ 554 case RXRPC_SERVER_BOUND: 555 case RXRPC_SERVER_LISTENING: 556 ret = rxrpc_do_sendmsg(rx, m, len); 557 /* The socket has been unlocked */ 558 goto out; 559 default: 560 ret = -EINVAL; 561 goto error_unlock; 562 } 563 564 error_unlock: 565 release_sock(&rx->sk); 566 out: 567 _leave(" = %d", ret); 568 return ret; 569 } 570 571 /* 572 * set RxRPC socket options 573 */ 574 static int rxrpc_setsockopt(struct socket *sock, int level, int optname, 575 char __user *optval, unsigned int optlen) 576 { 577 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 578 unsigned int min_sec_level; 579 u16 service_upgrade[2]; 580 int ret; 581 582 _enter(",%d,%d,,%d", level, optname, optlen); 583 584 lock_sock(&rx->sk); 585 ret = -EOPNOTSUPP; 586 587 if (level == SOL_RXRPC) { 588 switch (optname) { 589 case RXRPC_EXCLUSIVE_CONNECTION: 590 ret = -EINVAL; 591 if (optlen != 0) 592 goto error; 593 ret = -EISCONN; 594 if (rx->sk.sk_state != RXRPC_UNBOUND) 595 goto error; 596 rx->exclusive = true; 597 goto success; 598 599 case RXRPC_SECURITY_KEY: 600 ret = -EINVAL; 601 if (rx->key) 602 goto error; 603 ret = -EISCONN; 604 if (rx->sk.sk_state != RXRPC_UNBOUND) 605 goto error; 606 ret = rxrpc_request_key(rx, optval, optlen); 607 goto error; 608 609 case RXRPC_SECURITY_KEYRING: 610 ret = -EINVAL; 611 if (rx->key) 612 goto error; 613 ret = -EISCONN; 614 if (rx->sk.sk_state != RXRPC_UNBOUND) 615 goto error; 616 ret = rxrpc_server_keyring(rx, optval, optlen); 617 goto error; 618 619 case RXRPC_MIN_SECURITY_LEVEL: 620 ret = -EINVAL; 621 if (optlen != sizeof(unsigned int)) 622 goto error; 623 ret = -EISCONN; 624 if (rx->sk.sk_state != RXRPC_UNBOUND) 625 goto error; 626 ret = get_user(min_sec_level, 627 (unsigned int __user *) optval); 628 if (ret < 0) 629 goto error; 630 ret = -EINVAL; 631 if (min_sec_level > RXRPC_SECURITY_MAX) 632 goto error; 633 rx->min_sec_level = min_sec_level; 634 goto success; 635 636 case RXRPC_UPGRADEABLE_SERVICE: 637 ret = -EINVAL; 638 if (optlen != sizeof(service_upgrade) || 639 rx->service_upgrade.from != 0) 640 goto error; 641 ret = -EISCONN; 642 if (rx->sk.sk_state != RXRPC_SERVER_BOUND2) 643 goto error; 644 ret = -EFAULT; 645 if (copy_from_user(service_upgrade, optval, 646 sizeof(service_upgrade)) != 0) 647 goto error; 648 ret = -EINVAL; 649 if ((service_upgrade[0] != rx->srx.srx_service || 650 service_upgrade[1] != rx->second_service) && 651 (service_upgrade[0] != rx->second_service || 652 service_upgrade[1] != rx->srx.srx_service)) 653 goto error; 654 rx->service_upgrade.from = service_upgrade[0]; 655 rx->service_upgrade.to = service_upgrade[1]; 656 goto success; 657 658 default: 659 break; 660 } 661 } 662 663 success: 664 ret = 0; 665 error: 666 release_sock(&rx->sk); 667 return ret; 668 } 669 670 /* 671 * Get socket options. 672 */ 673 static int rxrpc_getsockopt(struct socket *sock, int level, int optname, 674 char __user *optval, int __user *_optlen) 675 { 676 int optlen; 677 678 if (level != SOL_RXRPC) 679 return -EOPNOTSUPP; 680 681 if (get_user(optlen, _optlen)) 682 return -EFAULT; 683 684 switch (optname) { 685 case RXRPC_SUPPORTED_CMSG: 686 if (optlen < sizeof(int)) 687 return -ETOOSMALL; 688 if (put_user(RXRPC__SUPPORTED - 1, (int __user *)optval) || 689 put_user(sizeof(int), _optlen)) 690 return -EFAULT; 691 return 0; 692 693 default: 694 return -EOPNOTSUPP; 695 } 696 } 697 698 /* 699 * permit an RxRPC socket to be polled 700 */ 701 static __poll_t rxrpc_poll(struct file *file, struct socket *sock, 702 poll_table *wait) 703 { 704 struct sock *sk = sock->sk; 705 struct rxrpc_sock *rx = rxrpc_sk(sk); 706 __poll_t mask; 707 708 sock_poll_wait(file, sock, wait); 709 mask = 0; 710 711 /* the socket is readable if there are any messages waiting on the Rx 712 * queue */ 713 if (!list_empty(&rx->recvmsg_q)) 714 mask |= EPOLLIN | EPOLLRDNORM; 715 716 /* the socket is writable if there is space to add new data to the 717 * socket; there is no guarantee that any particular call in progress 718 * on the socket may have space in the Tx ACK window */ 719 if (rxrpc_writable(sk)) 720 mask |= EPOLLOUT | EPOLLWRNORM; 721 722 return mask; 723 } 724 725 /* 726 * create an RxRPC socket 727 */ 728 static int rxrpc_create(struct net *net, struct socket *sock, int protocol, 729 int kern) 730 { 731 struct rxrpc_net *rxnet; 732 struct rxrpc_sock *rx; 733 struct sock *sk; 734 735 _enter("%p,%d", sock, protocol); 736 737 /* we support transport protocol UDP/UDP6 only */ 738 if (protocol != PF_INET && 739 IS_ENABLED(CONFIG_AF_RXRPC_IPV6) && protocol != PF_INET6) 740 return -EPROTONOSUPPORT; 741 742 if (sock->type != SOCK_DGRAM) 743 return -ESOCKTNOSUPPORT; 744 745 sock->ops = &rxrpc_rpc_ops; 746 sock->state = SS_UNCONNECTED; 747 748 sk = sk_alloc(net, PF_RXRPC, GFP_KERNEL, &rxrpc_proto, kern); 749 if (!sk) 750 return -ENOMEM; 751 752 sock_init_data(sock, sk); 753 sock_set_flag(sk, SOCK_RCU_FREE); 754 sk->sk_state = RXRPC_UNBOUND; 755 sk->sk_write_space = rxrpc_write_space; 756 sk->sk_max_ack_backlog = 0; 757 sk->sk_destruct = rxrpc_sock_destructor; 758 759 rx = rxrpc_sk(sk); 760 rx->family = protocol; 761 rx->calls = RB_ROOT; 762 763 spin_lock_init(&rx->incoming_lock); 764 INIT_LIST_HEAD(&rx->sock_calls); 765 INIT_LIST_HEAD(&rx->to_be_accepted); 766 INIT_LIST_HEAD(&rx->recvmsg_q); 767 rwlock_init(&rx->recvmsg_lock); 768 rwlock_init(&rx->call_lock); 769 memset(&rx->srx, 0, sizeof(rx->srx)); 770 771 rxnet = rxrpc_net(sock_net(&rx->sk)); 772 timer_reduce(&rxnet->peer_keepalive_timer, jiffies + 1); 773 774 _leave(" = 0 [%p]", rx); 775 return 0; 776 } 777 778 /* 779 * Kill all the calls on a socket and shut it down. 780 */ 781 static int rxrpc_shutdown(struct socket *sock, int flags) 782 { 783 struct sock *sk = sock->sk; 784 struct rxrpc_sock *rx = rxrpc_sk(sk); 785 int ret = 0; 786 787 _enter("%p,%d", sk, flags); 788 789 if (flags != SHUT_RDWR) 790 return -EOPNOTSUPP; 791 if (sk->sk_state == RXRPC_CLOSE) 792 return -ESHUTDOWN; 793 794 lock_sock(sk); 795 796 spin_lock_bh(&sk->sk_receive_queue.lock); 797 if (sk->sk_state < RXRPC_CLOSE) { 798 sk->sk_state = RXRPC_CLOSE; 799 sk->sk_shutdown = SHUTDOWN_MASK; 800 } else { 801 ret = -ESHUTDOWN; 802 } 803 spin_unlock_bh(&sk->sk_receive_queue.lock); 804 805 rxrpc_discard_prealloc(rx); 806 807 release_sock(sk); 808 return ret; 809 } 810 811 /* 812 * RxRPC socket destructor 813 */ 814 static void rxrpc_sock_destructor(struct sock *sk) 815 { 816 _enter("%p", sk); 817 818 rxrpc_purge_queue(&sk->sk_receive_queue); 819 820 WARN_ON(refcount_read(&sk->sk_wmem_alloc)); 821 WARN_ON(!sk_unhashed(sk)); 822 WARN_ON(sk->sk_socket); 823 824 if (!sock_flag(sk, SOCK_DEAD)) { 825 printk("Attempt to release alive rxrpc socket: %p\n", sk); 826 return; 827 } 828 } 829 830 /* 831 * release an RxRPC socket 832 */ 833 static int rxrpc_release_sock(struct sock *sk) 834 { 835 struct rxrpc_sock *rx = rxrpc_sk(sk); 836 struct rxrpc_net *rxnet = rxrpc_net(sock_net(&rx->sk)); 837 838 _enter("%p{%d,%d}", sk, sk->sk_state, refcount_read(&sk->sk_refcnt)); 839 840 /* declare the socket closed for business */ 841 sock_orphan(sk); 842 sk->sk_shutdown = SHUTDOWN_MASK; 843 844 /* We want to kill off all connections from a service socket 845 * as fast as possible because we can't share these; client 846 * sockets, on the other hand, can share an endpoint. 847 */ 848 switch (sk->sk_state) { 849 case RXRPC_SERVER_BOUND: 850 case RXRPC_SERVER_BOUND2: 851 case RXRPC_SERVER_LISTENING: 852 case RXRPC_SERVER_LISTEN_DISABLED: 853 rx->local->service_closed = true; 854 break; 855 } 856 857 spin_lock_bh(&sk->sk_receive_queue.lock); 858 sk->sk_state = RXRPC_CLOSE; 859 spin_unlock_bh(&sk->sk_receive_queue.lock); 860 861 if (rx->local && rcu_access_pointer(rx->local->service) == rx) { 862 write_lock(&rx->local->services_lock); 863 rcu_assign_pointer(rx->local->service, NULL); 864 write_unlock(&rx->local->services_lock); 865 } 866 867 /* try to flush out this socket */ 868 rxrpc_discard_prealloc(rx); 869 rxrpc_release_calls_on_socket(rx); 870 flush_workqueue(rxrpc_workqueue); 871 rxrpc_purge_queue(&sk->sk_receive_queue); 872 rxrpc_queue_work(&rxnet->service_conn_reaper); 873 rxrpc_queue_work(&rxnet->client_conn_reaper); 874 875 rxrpc_put_local(rx->local); 876 rx->local = NULL; 877 key_put(rx->key); 878 rx->key = NULL; 879 key_put(rx->securities); 880 rx->securities = NULL; 881 sock_put(sk); 882 883 _leave(" = 0"); 884 return 0; 885 } 886 887 /* 888 * release an RxRPC BSD socket on close() or equivalent 889 */ 890 static int rxrpc_release(struct socket *sock) 891 { 892 struct sock *sk = sock->sk; 893 894 _enter("%p{%p}", sock, sk); 895 896 if (!sk) 897 return 0; 898 899 sock->sk = NULL; 900 901 return rxrpc_release_sock(sk); 902 } 903 904 /* 905 * RxRPC network protocol 906 */ 907 static const struct proto_ops rxrpc_rpc_ops = { 908 .family = PF_RXRPC, 909 .owner = THIS_MODULE, 910 .release = rxrpc_release, 911 .bind = rxrpc_bind, 912 .connect = rxrpc_connect, 913 .socketpair = sock_no_socketpair, 914 .accept = sock_no_accept, 915 .getname = sock_no_getname, 916 .poll = rxrpc_poll, 917 .ioctl = sock_no_ioctl, 918 .listen = rxrpc_listen, 919 .shutdown = rxrpc_shutdown, 920 .setsockopt = rxrpc_setsockopt, 921 .getsockopt = rxrpc_getsockopt, 922 .sendmsg = rxrpc_sendmsg, 923 .recvmsg = rxrpc_recvmsg, 924 .mmap = sock_no_mmap, 925 .sendpage = sock_no_sendpage, 926 }; 927 928 static struct proto rxrpc_proto = { 929 .name = "RXRPC", 930 .owner = THIS_MODULE, 931 .obj_size = sizeof(struct rxrpc_sock), 932 .max_header = sizeof(struct rxrpc_wire_header), 933 }; 934 935 static const struct net_proto_family rxrpc_family_ops = { 936 .family = PF_RXRPC, 937 .create = rxrpc_create, 938 .owner = THIS_MODULE, 939 }; 940 941 /* 942 * initialise and register the RxRPC protocol 943 */ 944 static int __init af_rxrpc_init(void) 945 { 946 int ret = -1; 947 unsigned int tmp; 948 949 BUILD_BUG_ON(sizeof(struct rxrpc_skb_priv) > FIELD_SIZEOF(struct sk_buff, cb)); 950 951 get_random_bytes(&tmp, sizeof(tmp)); 952 tmp &= 0x3fffffff; 953 if (tmp == 0) 954 tmp = 1; 955 idr_set_cursor(&rxrpc_client_conn_ids, tmp); 956 957 ret = -ENOMEM; 958 rxrpc_call_jar = kmem_cache_create( 959 "rxrpc_call_jar", sizeof(struct rxrpc_call), 0, 960 SLAB_HWCACHE_ALIGN, NULL); 961 if (!rxrpc_call_jar) { 962 pr_notice("Failed to allocate call jar\n"); 963 goto error_call_jar; 964 } 965 966 rxrpc_workqueue = alloc_workqueue("krxrpcd", 0, 1); 967 if (!rxrpc_workqueue) { 968 pr_notice("Failed to allocate work queue\n"); 969 goto error_work_queue; 970 } 971 972 ret = rxrpc_init_security(); 973 if (ret < 0) { 974 pr_crit("Cannot initialise security\n"); 975 goto error_security; 976 } 977 978 ret = register_pernet_subsys(&rxrpc_net_ops); 979 if (ret) 980 goto error_pernet; 981 982 ret = proto_register(&rxrpc_proto, 1); 983 if (ret < 0) { 984 pr_crit("Cannot register protocol\n"); 985 goto error_proto; 986 } 987 988 ret = sock_register(&rxrpc_family_ops); 989 if (ret < 0) { 990 pr_crit("Cannot register socket family\n"); 991 goto error_sock; 992 } 993 994 ret = register_key_type(&key_type_rxrpc); 995 if (ret < 0) { 996 pr_crit("Cannot register client key type\n"); 997 goto error_key_type; 998 } 999 1000 ret = register_key_type(&key_type_rxrpc_s); 1001 if (ret < 0) { 1002 pr_crit("Cannot register server key type\n"); 1003 goto error_key_type_s; 1004 } 1005 1006 ret = rxrpc_sysctl_init(); 1007 if (ret < 0) { 1008 pr_crit("Cannot register sysctls\n"); 1009 goto error_sysctls; 1010 } 1011 1012 return 0; 1013 1014 error_sysctls: 1015 unregister_key_type(&key_type_rxrpc_s); 1016 error_key_type_s: 1017 unregister_key_type(&key_type_rxrpc); 1018 error_key_type: 1019 sock_unregister(PF_RXRPC); 1020 error_sock: 1021 proto_unregister(&rxrpc_proto); 1022 error_proto: 1023 unregister_pernet_subsys(&rxrpc_net_ops); 1024 error_pernet: 1025 rxrpc_exit_security(); 1026 error_security: 1027 destroy_workqueue(rxrpc_workqueue); 1028 error_work_queue: 1029 kmem_cache_destroy(rxrpc_call_jar); 1030 error_call_jar: 1031 return ret; 1032 } 1033 1034 /* 1035 * unregister the RxRPC protocol 1036 */ 1037 static void __exit af_rxrpc_exit(void) 1038 { 1039 _enter(""); 1040 rxrpc_sysctl_exit(); 1041 unregister_key_type(&key_type_rxrpc_s); 1042 unregister_key_type(&key_type_rxrpc); 1043 sock_unregister(PF_RXRPC); 1044 proto_unregister(&rxrpc_proto); 1045 unregister_pernet_subsys(&rxrpc_net_ops); 1046 ASSERTCMP(atomic_read(&rxrpc_n_tx_skbs), ==, 0); 1047 ASSERTCMP(atomic_read(&rxrpc_n_rx_skbs), ==, 0); 1048 1049 /* Make sure the local and peer records pinned by any dying connections 1050 * are released. 1051 */ 1052 rcu_barrier(); 1053 rxrpc_destroy_client_conn_ids(); 1054 1055 destroy_workqueue(rxrpc_workqueue); 1056 rxrpc_exit_security(); 1057 kmem_cache_destroy(rxrpc_call_jar); 1058 _leave(""); 1059 } 1060 1061 module_init(af_rxrpc_init); 1062 module_exit(af_rxrpc_exit); 1063