1 /* Management of Tx window, Tx resend, ACKs and out-of-sequence reception 2 * 3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 */ 11 12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 13 14 #include <linux/module.h> 15 #include <linux/circ_buf.h> 16 #include <linux/net.h> 17 #include <linux/skbuff.h> 18 #include <linux/slab.h> 19 #include <linux/udp.h> 20 #include <net/sock.h> 21 #include <net/af_rxrpc.h> 22 #include "ar-internal.h" 23 24 /* 25 * propose an ACK be sent 26 */ 27 void __rxrpc_propose_ACK(struct rxrpc_call *call, u8 ack_reason, 28 u32 serial, bool immediate) 29 { 30 unsigned long expiry; 31 s8 prior = rxrpc_ack_priority[ack_reason]; 32 33 ASSERTCMP(prior, >, 0); 34 35 _enter("{%d},%s,%%%x,%u", 36 call->debug_id, rxrpc_acks(ack_reason), serial, immediate); 37 38 if (prior < rxrpc_ack_priority[call->ackr_reason]) { 39 if (immediate) 40 goto cancel_timer; 41 return; 42 } 43 44 /* update DELAY, IDLE, REQUESTED and PING_RESPONSE ACK serial 45 * numbers */ 46 if (prior == rxrpc_ack_priority[call->ackr_reason]) { 47 if (prior <= 4) 48 call->ackr_serial = serial; 49 if (immediate) 50 goto cancel_timer; 51 return; 52 } 53 54 call->ackr_reason = ack_reason; 55 call->ackr_serial = serial; 56 57 switch (ack_reason) { 58 case RXRPC_ACK_DELAY: 59 _debug("run delay timer"); 60 expiry = rxrpc_soft_ack_delay; 61 goto run_timer; 62 63 case RXRPC_ACK_IDLE: 64 if (!immediate) { 65 _debug("run defer timer"); 66 expiry = rxrpc_idle_ack_delay; 67 goto run_timer; 68 } 69 goto cancel_timer; 70 71 case RXRPC_ACK_REQUESTED: 72 expiry = rxrpc_requested_ack_delay; 73 if (!expiry) 74 goto cancel_timer; 75 if (!immediate || serial == 1) { 76 _debug("run defer timer"); 77 goto run_timer; 78 } 79 80 default: 81 _debug("immediate ACK"); 82 goto cancel_timer; 83 } 84 85 run_timer: 86 expiry += jiffies; 87 if (!timer_pending(&call->ack_timer) || 88 time_after(call->ack_timer.expires, expiry)) 89 mod_timer(&call->ack_timer, expiry); 90 return; 91 92 cancel_timer: 93 _debug("cancel timer %%%u", serial); 94 try_to_del_timer_sync(&call->ack_timer); 95 read_lock_bh(&call->state_lock); 96 if (call->state <= RXRPC_CALL_COMPLETE && 97 !test_and_set_bit(RXRPC_CALL_EV_ACK, &call->events)) 98 rxrpc_queue_call(call); 99 read_unlock_bh(&call->state_lock); 100 } 101 102 /* 103 * propose an ACK be sent, locking the call structure 104 */ 105 void rxrpc_propose_ACK(struct rxrpc_call *call, u8 ack_reason, 106 u32 serial, bool immediate) 107 { 108 s8 prior = rxrpc_ack_priority[ack_reason]; 109 110 if (prior > rxrpc_ack_priority[call->ackr_reason]) { 111 spin_lock_bh(&call->lock); 112 __rxrpc_propose_ACK(call, ack_reason, serial, immediate); 113 spin_unlock_bh(&call->lock); 114 } 115 } 116 117 /* 118 * set the resend timer 119 */ 120 static void rxrpc_set_resend(struct rxrpc_call *call, u8 resend, 121 unsigned long resend_at) 122 { 123 read_lock_bh(&call->state_lock); 124 if (call->state >= RXRPC_CALL_COMPLETE) 125 resend = 0; 126 127 if (resend & 1) { 128 _debug("SET RESEND"); 129 set_bit(RXRPC_CALL_EV_RESEND, &call->events); 130 } 131 132 if (resend & 2) { 133 _debug("MODIFY RESEND TIMER"); 134 set_bit(RXRPC_CALL_RUN_RTIMER, &call->flags); 135 mod_timer(&call->resend_timer, resend_at); 136 } else { 137 _debug("KILL RESEND TIMER"); 138 del_timer_sync(&call->resend_timer); 139 clear_bit(RXRPC_CALL_EV_RESEND_TIMER, &call->events); 140 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags); 141 } 142 read_unlock_bh(&call->state_lock); 143 } 144 145 /* 146 * resend packets 147 */ 148 static void rxrpc_resend(struct rxrpc_call *call) 149 { 150 struct rxrpc_wire_header *whdr; 151 struct rxrpc_skb_priv *sp; 152 struct sk_buff *txb; 153 unsigned long *p_txb, resend_at; 154 bool stop; 155 int loop; 156 u8 resend; 157 158 _enter("{%d,%d,%d,%d},", 159 call->acks_hard, call->acks_unacked, 160 atomic_read(&call->sequence), 161 CIRC_CNT(call->acks_head, call->acks_tail, call->acks_winsz)); 162 163 stop = false; 164 resend = 0; 165 resend_at = 0; 166 167 for (loop = call->acks_tail; 168 loop != call->acks_head || stop; 169 loop = (loop + 1) & (call->acks_winsz - 1) 170 ) { 171 p_txb = call->acks_window + loop; 172 smp_read_barrier_depends(); 173 if (*p_txb & 1) 174 continue; 175 176 txb = (struct sk_buff *) *p_txb; 177 sp = rxrpc_skb(txb); 178 179 if (sp->need_resend) { 180 sp->need_resend = false; 181 182 /* each Tx packet has a new serial number */ 183 sp->hdr.serial = atomic_inc_return(&call->conn->serial); 184 185 whdr = (struct rxrpc_wire_header *)txb->head; 186 whdr->serial = htonl(sp->hdr.serial); 187 188 _proto("Tx DATA %%%u { #%d }", 189 sp->hdr.serial, sp->hdr.seq); 190 if (rxrpc_send_data_packet(call->conn, txb) < 0) { 191 stop = true; 192 sp->resend_at = jiffies + 3; 193 } else { 194 sp->resend_at = 195 jiffies + rxrpc_resend_timeout; 196 } 197 } 198 199 if (time_after_eq(jiffies + 1, sp->resend_at)) { 200 sp->need_resend = true; 201 resend |= 1; 202 } else if (resend & 2) { 203 if (time_before(sp->resend_at, resend_at)) 204 resend_at = sp->resend_at; 205 } else { 206 resend_at = sp->resend_at; 207 resend |= 2; 208 } 209 } 210 211 rxrpc_set_resend(call, resend, resend_at); 212 _leave(""); 213 } 214 215 /* 216 * handle resend timer expiry 217 */ 218 static void rxrpc_resend_timer(struct rxrpc_call *call) 219 { 220 struct rxrpc_skb_priv *sp; 221 struct sk_buff *txb; 222 unsigned long *p_txb, resend_at; 223 int loop; 224 u8 resend; 225 226 _enter("%d,%d,%d", 227 call->acks_tail, call->acks_unacked, call->acks_head); 228 229 if (call->state >= RXRPC_CALL_COMPLETE) 230 return; 231 232 resend = 0; 233 resend_at = 0; 234 235 for (loop = call->acks_unacked; 236 loop != call->acks_head; 237 loop = (loop + 1) & (call->acks_winsz - 1) 238 ) { 239 p_txb = call->acks_window + loop; 240 smp_read_barrier_depends(); 241 txb = (struct sk_buff *) (*p_txb & ~1); 242 sp = rxrpc_skb(txb); 243 244 ASSERT(!(*p_txb & 1)); 245 246 if (sp->need_resend) { 247 ; 248 } else if (time_after_eq(jiffies + 1, sp->resend_at)) { 249 sp->need_resend = true; 250 resend |= 1; 251 } else if (resend & 2) { 252 if (time_before(sp->resend_at, resend_at)) 253 resend_at = sp->resend_at; 254 } else { 255 resend_at = sp->resend_at; 256 resend |= 2; 257 } 258 } 259 260 rxrpc_set_resend(call, resend, resend_at); 261 _leave(""); 262 } 263 264 /* 265 * process soft ACKs of our transmitted packets 266 * - these indicate packets the peer has or has not received, but hasn't yet 267 * given to the consumer, and so can still be discarded and re-requested 268 */ 269 static int rxrpc_process_soft_ACKs(struct rxrpc_call *call, 270 struct rxrpc_ackpacket *ack, 271 struct sk_buff *skb) 272 { 273 struct rxrpc_skb_priv *sp; 274 struct sk_buff *txb; 275 unsigned long *p_txb, resend_at; 276 int loop; 277 u8 sacks[RXRPC_MAXACKS], resend; 278 279 _enter("{%d,%d},{%d},", 280 call->acks_hard, 281 CIRC_CNT(call->acks_head, call->acks_tail, call->acks_winsz), 282 ack->nAcks); 283 284 if (skb_copy_bits(skb, 0, sacks, ack->nAcks) < 0) 285 goto protocol_error; 286 287 resend = 0; 288 resend_at = 0; 289 for (loop = 0; loop < ack->nAcks; loop++) { 290 p_txb = call->acks_window; 291 p_txb += (call->acks_tail + loop) & (call->acks_winsz - 1); 292 smp_read_barrier_depends(); 293 txb = (struct sk_buff *) (*p_txb & ~1); 294 sp = rxrpc_skb(txb); 295 296 switch (sacks[loop]) { 297 case RXRPC_ACK_TYPE_ACK: 298 sp->need_resend = false; 299 *p_txb |= 1; 300 break; 301 case RXRPC_ACK_TYPE_NACK: 302 sp->need_resend = true; 303 *p_txb &= ~1; 304 resend = 1; 305 break; 306 default: 307 _debug("Unsupported ACK type %d", sacks[loop]); 308 goto protocol_error; 309 } 310 } 311 312 smp_mb(); 313 call->acks_unacked = (call->acks_tail + loop) & (call->acks_winsz - 1); 314 315 /* anything not explicitly ACK'd is implicitly NACK'd, but may just not 316 * have been received or processed yet by the far end */ 317 for (loop = call->acks_unacked; 318 loop != call->acks_head; 319 loop = (loop + 1) & (call->acks_winsz - 1) 320 ) { 321 p_txb = call->acks_window + loop; 322 smp_read_barrier_depends(); 323 txb = (struct sk_buff *) (*p_txb & ~1); 324 sp = rxrpc_skb(txb); 325 326 if (*p_txb & 1) { 327 /* packet must have been discarded */ 328 sp->need_resend = true; 329 *p_txb &= ~1; 330 resend |= 1; 331 } else if (sp->need_resend) { 332 ; 333 } else if (time_after_eq(jiffies + 1, sp->resend_at)) { 334 sp->need_resend = true; 335 resend |= 1; 336 } else if (resend & 2) { 337 if (time_before(sp->resend_at, resend_at)) 338 resend_at = sp->resend_at; 339 } else { 340 resend_at = sp->resend_at; 341 resend |= 2; 342 } 343 } 344 345 rxrpc_set_resend(call, resend, resend_at); 346 _leave(" = 0"); 347 return 0; 348 349 protocol_error: 350 _leave(" = -EPROTO"); 351 return -EPROTO; 352 } 353 354 /* 355 * discard hard-ACK'd packets from the Tx window 356 */ 357 static void rxrpc_rotate_tx_window(struct rxrpc_call *call, u32 hard) 358 { 359 unsigned long _skb; 360 int tail = call->acks_tail, old_tail; 361 int win = CIRC_CNT(call->acks_head, tail, call->acks_winsz); 362 363 _enter("{%u,%u},%u", call->acks_hard, win, hard); 364 365 ASSERTCMP(hard - call->acks_hard, <=, win); 366 367 while (call->acks_hard < hard) { 368 smp_read_barrier_depends(); 369 _skb = call->acks_window[tail] & ~1; 370 rxrpc_free_skb((struct sk_buff *) _skb); 371 old_tail = tail; 372 tail = (tail + 1) & (call->acks_winsz - 1); 373 call->acks_tail = tail; 374 if (call->acks_unacked == old_tail) 375 call->acks_unacked = tail; 376 call->acks_hard++; 377 } 378 379 wake_up(&call->tx_waitq); 380 } 381 382 /* 383 * clear the Tx window in the event of a failure 384 */ 385 static void rxrpc_clear_tx_window(struct rxrpc_call *call) 386 { 387 rxrpc_rotate_tx_window(call, atomic_read(&call->sequence)); 388 } 389 390 /* 391 * drain the out of sequence received packet queue into the packet Rx queue 392 */ 393 static int rxrpc_drain_rx_oos_queue(struct rxrpc_call *call) 394 { 395 struct rxrpc_skb_priv *sp; 396 struct sk_buff *skb; 397 bool terminal; 398 int ret; 399 400 _enter("{%d,%d}", call->rx_data_post, call->rx_first_oos); 401 402 spin_lock_bh(&call->lock); 403 404 ret = -ECONNRESET; 405 if (test_bit(RXRPC_CALL_RELEASED, &call->flags)) 406 goto socket_unavailable; 407 408 skb = skb_dequeue(&call->rx_oos_queue); 409 if (skb) { 410 sp = rxrpc_skb(skb); 411 412 _debug("drain OOS packet %d [%d]", 413 sp->hdr.seq, call->rx_first_oos); 414 415 if (sp->hdr.seq != call->rx_first_oos) { 416 skb_queue_head(&call->rx_oos_queue, skb); 417 call->rx_first_oos = rxrpc_skb(skb)->hdr.seq; 418 _debug("requeue %p {%u}", skb, call->rx_first_oos); 419 } else { 420 skb->mark = RXRPC_SKB_MARK_DATA; 421 terminal = ((sp->hdr.flags & RXRPC_LAST_PACKET) && 422 !(sp->hdr.flags & RXRPC_CLIENT_INITIATED)); 423 ret = rxrpc_queue_rcv_skb(call, skb, true, terminal); 424 BUG_ON(ret < 0); 425 _debug("drain #%u", call->rx_data_post); 426 call->rx_data_post++; 427 428 /* find out what the next packet is */ 429 skb = skb_peek(&call->rx_oos_queue); 430 if (skb) 431 call->rx_first_oos = rxrpc_skb(skb)->hdr.seq; 432 else 433 call->rx_first_oos = 0; 434 _debug("peek %p {%u}", skb, call->rx_first_oos); 435 } 436 } 437 438 ret = 0; 439 socket_unavailable: 440 spin_unlock_bh(&call->lock); 441 _leave(" = %d", ret); 442 return ret; 443 } 444 445 /* 446 * insert an out of sequence packet into the buffer 447 */ 448 static void rxrpc_insert_oos_packet(struct rxrpc_call *call, 449 struct sk_buff *skb) 450 { 451 struct rxrpc_skb_priv *sp, *psp; 452 struct sk_buff *p; 453 u32 seq; 454 455 sp = rxrpc_skb(skb); 456 seq = sp->hdr.seq; 457 _enter(",,{%u}", seq); 458 459 skb->destructor = rxrpc_packet_destructor; 460 ASSERTCMP(sp->call, ==, NULL); 461 sp->call = call; 462 rxrpc_get_call(call); 463 atomic_inc(&call->skb_count); 464 465 /* insert into the buffer in sequence order */ 466 spin_lock_bh(&call->lock); 467 468 skb_queue_walk(&call->rx_oos_queue, p) { 469 psp = rxrpc_skb(p); 470 if (psp->hdr.seq > seq) { 471 _debug("insert oos #%u before #%u", seq, psp->hdr.seq); 472 skb_insert(p, skb, &call->rx_oos_queue); 473 goto inserted; 474 } 475 } 476 477 _debug("append oos #%u", seq); 478 skb_queue_tail(&call->rx_oos_queue, skb); 479 inserted: 480 481 /* we might now have a new front to the queue */ 482 if (call->rx_first_oos == 0 || seq < call->rx_first_oos) 483 call->rx_first_oos = seq; 484 485 read_lock(&call->state_lock); 486 if (call->state < RXRPC_CALL_COMPLETE && 487 call->rx_data_post == call->rx_first_oos) { 488 _debug("drain rx oos now"); 489 set_bit(RXRPC_CALL_EV_DRAIN_RX_OOS, &call->events); 490 } 491 read_unlock(&call->state_lock); 492 493 spin_unlock_bh(&call->lock); 494 _leave(" [stored #%u]", call->rx_first_oos); 495 } 496 497 /* 498 * clear the Tx window on final ACK reception 499 */ 500 static void rxrpc_zap_tx_window(struct rxrpc_call *call) 501 { 502 struct rxrpc_skb_priv *sp; 503 struct sk_buff *skb; 504 unsigned long _skb, *acks_window; 505 u8 winsz = call->acks_winsz; 506 int tail; 507 508 acks_window = call->acks_window; 509 call->acks_window = NULL; 510 511 while (CIRC_CNT(call->acks_head, call->acks_tail, winsz) > 0) { 512 tail = call->acks_tail; 513 smp_read_barrier_depends(); 514 _skb = acks_window[tail] & ~1; 515 smp_mb(); 516 call->acks_tail = (call->acks_tail + 1) & (winsz - 1); 517 518 skb = (struct sk_buff *) _skb; 519 sp = rxrpc_skb(skb); 520 _debug("+++ clear Tx %u", sp->hdr.seq); 521 rxrpc_free_skb(skb); 522 } 523 524 kfree(acks_window); 525 } 526 527 /* 528 * process the extra information that may be appended to an ACK packet 529 */ 530 static void rxrpc_extract_ackinfo(struct rxrpc_call *call, struct sk_buff *skb, 531 unsigned int latest, int nAcks) 532 { 533 struct rxrpc_ackinfo ackinfo; 534 struct rxrpc_peer *peer; 535 unsigned int mtu; 536 537 if (skb_copy_bits(skb, nAcks + 3, &ackinfo, sizeof(ackinfo)) < 0) { 538 _leave(" [no ackinfo]"); 539 return; 540 } 541 542 _proto("Rx ACK %%%u Info { rx=%u max=%u rwin=%u jm=%u }", 543 latest, 544 ntohl(ackinfo.rxMTU), ntohl(ackinfo.maxMTU), 545 ntohl(ackinfo.rwind), ntohl(ackinfo.jumbo_max)); 546 547 mtu = min(ntohl(ackinfo.rxMTU), ntohl(ackinfo.maxMTU)); 548 549 peer = call->conn->params.peer; 550 if (mtu < peer->maxdata) { 551 spin_lock_bh(&peer->lock); 552 peer->maxdata = mtu; 553 peer->mtu = mtu + peer->hdrsize; 554 spin_unlock_bh(&peer->lock); 555 _net("Net MTU %u (maxdata %u)", peer->mtu, peer->maxdata); 556 } 557 } 558 559 /* 560 * process packets in the reception queue 561 */ 562 static int rxrpc_process_rx_queue(struct rxrpc_call *call, 563 u32 *_abort_code) 564 { 565 struct rxrpc_ackpacket ack; 566 struct rxrpc_skb_priv *sp; 567 struct sk_buff *skb; 568 bool post_ACK; 569 int latest; 570 u32 hard, tx; 571 572 _enter(""); 573 574 process_further: 575 skb = skb_dequeue(&call->rx_queue); 576 if (!skb) 577 return -EAGAIN; 578 579 _net("deferred skb %p", skb); 580 581 sp = rxrpc_skb(skb); 582 583 _debug("process %s [st %d]", rxrpc_pkts[sp->hdr.type], call->state); 584 585 post_ACK = false; 586 587 switch (sp->hdr.type) { 588 /* data packets that wind up here have been received out of 589 * order, need security processing or are jumbo packets */ 590 case RXRPC_PACKET_TYPE_DATA: 591 _proto("OOSQ DATA %%%u { #%u }", sp->hdr.serial, sp->hdr.seq); 592 593 /* secured packets must be verified and possibly decrypted */ 594 if (call->conn->security->verify_packet(call, skb, 595 _abort_code) < 0) 596 goto protocol_error; 597 598 rxrpc_insert_oos_packet(call, skb); 599 goto process_further; 600 601 /* partial ACK to process */ 602 case RXRPC_PACKET_TYPE_ACK: 603 if (skb_copy_bits(skb, 0, &ack, sizeof(ack)) < 0) { 604 _debug("extraction failure"); 605 goto protocol_error; 606 } 607 if (!skb_pull(skb, sizeof(ack))) 608 BUG(); 609 610 latest = sp->hdr.serial; 611 hard = ntohl(ack.firstPacket); 612 tx = atomic_read(&call->sequence); 613 614 _proto("Rx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }", 615 latest, 616 ntohs(ack.maxSkew), 617 hard, 618 ntohl(ack.previousPacket), 619 ntohl(ack.serial), 620 rxrpc_acks(ack.reason), 621 ack.nAcks); 622 623 rxrpc_extract_ackinfo(call, skb, latest, ack.nAcks); 624 625 if (ack.reason == RXRPC_ACK_PING) { 626 _proto("Rx ACK %%%u PING Request", latest); 627 rxrpc_propose_ACK(call, RXRPC_ACK_PING_RESPONSE, 628 sp->hdr.serial, true); 629 } 630 631 /* discard any out-of-order or duplicate ACKs */ 632 if (latest - call->acks_latest <= 0) { 633 _debug("discard ACK %d <= %d", 634 latest, call->acks_latest); 635 goto discard; 636 } 637 call->acks_latest = latest; 638 639 if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST && 640 call->state != RXRPC_CALL_CLIENT_AWAIT_REPLY && 641 call->state != RXRPC_CALL_SERVER_SEND_REPLY && 642 call->state != RXRPC_CALL_SERVER_AWAIT_ACK) 643 goto discard; 644 645 _debug("Tx=%d H=%u S=%d", tx, call->acks_hard, call->state); 646 647 if (hard > 0) { 648 if (hard - 1 > tx) { 649 _debug("hard-ACK'd packet %d not transmitted" 650 " (%d top)", 651 hard - 1, tx); 652 goto protocol_error; 653 } 654 655 if ((call->state == RXRPC_CALL_CLIENT_AWAIT_REPLY || 656 call->state == RXRPC_CALL_SERVER_AWAIT_ACK) && 657 hard > tx) { 658 call->acks_hard = tx; 659 goto all_acked; 660 } 661 662 smp_rmb(); 663 rxrpc_rotate_tx_window(call, hard - 1); 664 } 665 666 if (ack.nAcks > 0) { 667 if (hard - 1 + ack.nAcks > tx) { 668 _debug("soft-ACK'd packet %d+%d not" 669 " transmitted (%d top)", 670 hard - 1, ack.nAcks, tx); 671 goto protocol_error; 672 } 673 674 if (rxrpc_process_soft_ACKs(call, &ack, skb) < 0) 675 goto protocol_error; 676 } 677 goto discard; 678 679 /* complete ACK to process */ 680 case RXRPC_PACKET_TYPE_ACKALL: 681 goto all_acked; 682 683 /* abort and busy are handled elsewhere */ 684 case RXRPC_PACKET_TYPE_BUSY: 685 case RXRPC_PACKET_TYPE_ABORT: 686 BUG(); 687 688 /* connection level events - also handled elsewhere */ 689 case RXRPC_PACKET_TYPE_CHALLENGE: 690 case RXRPC_PACKET_TYPE_RESPONSE: 691 case RXRPC_PACKET_TYPE_DEBUG: 692 BUG(); 693 } 694 695 /* if we've had a hard ACK that covers all the packets we've sent, then 696 * that ends that phase of the operation */ 697 all_acked: 698 write_lock_bh(&call->state_lock); 699 _debug("ack all %d", call->state); 700 701 switch (call->state) { 702 case RXRPC_CALL_CLIENT_AWAIT_REPLY: 703 call->state = RXRPC_CALL_CLIENT_RECV_REPLY; 704 break; 705 case RXRPC_CALL_SERVER_AWAIT_ACK: 706 _debug("srv complete"); 707 call->state = RXRPC_CALL_COMPLETE; 708 post_ACK = true; 709 break; 710 case RXRPC_CALL_CLIENT_SEND_REQUEST: 711 case RXRPC_CALL_SERVER_RECV_REQUEST: 712 goto protocol_error_unlock; /* can't occur yet */ 713 default: 714 write_unlock_bh(&call->state_lock); 715 goto discard; /* assume packet left over from earlier phase */ 716 } 717 718 write_unlock_bh(&call->state_lock); 719 720 /* if all the packets we sent are hard-ACK'd, then we can discard 721 * whatever we've got left */ 722 _debug("clear Tx %d", 723 CIRC_CNT(call->acks_head, call->acks_tail, call->acks_winsz)); 724 725 del_timer_sync(&call->resend_timer); 726 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags); 727 clear_bit(RXRPC_CALL_EV_RESEND_TIMER, &call->events); 728 729 if (call->acks_window) 730 rxrpc_zap_tx_window(call); 731 732 if (post_ACK) { 733 /* post the final ACK message for userspace to pick up */ 734 _debug("post ACK"); 735 skb->mark = RXRPC_SKB_MARK_FINAL_ACK; 736 sp->call = call; 737 rxrpc_get_call(call); 738 atomic_inc(&call->skb_count); 739 spin_lock_bh(&call->lock); 740 if (rxrpc_queue_rcv_skb(call, skb, true, true) < 0) 741 BUG(); 742 spin_unlock_bh(&call->lock); 743 goto process_further; 744 } 745 746 discard: 747 rxrpc_free_skb(skb); 748 goto process_further; 749 750 protocol_error_unlock: 751 write_unlock_bh(&call->state_lock); 752 protocol_error: 753 rxrpc_free_skb(skb); 754 _leave(" = -EPROTO"); 755 return -EPROTO; 756 } 757 758 /* 759 * post a message to the socket Rx queue for recvmsg() to pick up 760 */ 761 static int rxrpc_post_message(struct rxrpc_call *call, u32 mark, u32 error, 762 bool fatal) 763 { 764 struct rxrpc_skb_priv *sp; 765 struct sk_buff *skb; 766 int ret; 767 768 _enter("{%d,%lx},%u,%u,%d", 769 call->debug_id, call->flags, mark, error, fatal); 770 771 /* remove timers and things for fatal messages */ 772 if (fatal) { 773 del_timer_sync(&call->resend_timer); 774 del_timer_sync(&call->ack_timer); 775 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags); 776 } 777 778 if (mark != RXRPC_SKB_MARK_NEW_CALL && 779 !test_bit(RXRPC_CALL_HAS_USERID, &call->flags)) { 780 _leave("[no userid]"); 781 return 0; 782 } 783 784 if (!test_bit(RXRPC_CALL_TERMINAL_MSG, &call->flags)) { 785 skb = alloc_skb(0, GFP_NOFS); 786 if (!skb) 787 return -ENOMEM; 788 789 rxrpc_new_skb(skb); 790 791 skb->mark = mark; 792 793 sp = rxrpc_skb(skb); 794 memset(sp, 0, sizeof(*sp)); 795 sp->error = error; 796 sp->call = call; 797 rxrpc_get_call(call); 798 atomic_inc(&call->skb_count); 799 800 spin_lock_bh(&call->lock); 801 ret = rxrpc_queue_rcv_skb(call, skb, true, fatal); 802 spin_unlock_bh(&call->lock); 803 BUG_ON(ret < 0); 804 } 805 806 return 0; 807 } 808 809 /* 810 * handle background processing of incoming call packets and ACK / abort 811 * generation 812 */ 813 void rxrpc_process_call(struct work_struct *work) 814 { 815 struct rxrpc_call *call = 816 container_of(work, struct rxrpc_call, processor); 817 struct rxrpc_wire_header whdr; 818 struct rxrpc_ackpacket ack; 819 struct rxrpc_ackinfo ackinfo; 820 struct msghdr msg; 821 struct kvec iov[5]; 822 enum rxrpc_call_event genbit; 823 unsigned long bits; 824 __be32 data, pad; 825 size_t len; 826 int loop, nbit, ioc, ret, mtu; 827 u32 serial, abort_code = RX_PROTOCOL_ERROR; 828 u8 *acks = NULL; 829 830 //printk("\n--------------------\n"); 831 _enter("{%d,%s,%lx} [%lu]", 832 call->debug_id, rxrpc_call_states[call->state], call->events, 833 (jiffies - call->creation_jif) / (HZ / 10)); 834 835 if (test_and_set_bit(RXRPC_CALL_PROC_BUSY, &call->flags)) { 836 _debug("XXXXXXXXXXXXX RUNNING ON MULTIPLE CPUS XXXXXXXXXXXXX"); 837 return; 838 } 839 840 if (!call->conn) 841 goto skip_msg_init; 842 843 /* there's a good chance we're going to have to send a message, so set 844 * one up in advance */ 845 msg.msg_name = &call->conn->params.peer->srx.transport; 846 msg.msg_namelen = call->conn->params.peer->srx.transport_len; 847 msg.msg_control = NULL; 848 msg.msg_controllen = 0; 849 msg.msg_flags = 0; 850 851 whdr.epoch = htonl(call->conn->proto.epoch); 852 whdr.cid = htonl(call->cid); 853 whdr.callNumber = htonl(call->call_id); 854 whdr.seq = 0; 855 whdr.type = RXRPC_PACKET_TYPE_ACK; 856 whdr.flags = call->conn->out_clientflag; 857 whdr.userStatus = 0; 858 whdr.securityIndex = call->conn->security_ix; 859 whdr._rsvd = 0; 860 whdr.serviceId = htons(call->service_id); 861 862 memset(iov, 0, sizeof(iov)); 863 iov[0].iov_base = &whdr; 864 iov[0].iov_len = sizeof(whdr); 865 skip_msg_init: 866 867 /* deal with events of a final nature */ 868 if (test_bit(RXRPC_CALL_EV_RCVD_ERROR, &call->events)) { 869 enum rxrpc_skb_mark mark; 870 int error; 871 872 clear_bit(RXRPC_CALL_EV_CONN_ABORT, &call->events); 873 clear_bit(RXRPC_CALL_EV_REJECT_BUSY, &call->events); 874 clear_bit(RXRPC_CALL_EV_ABORT, &call->events); 875 876 error = call->error_report; 877 if (error < RXRPC_LOCAL_ERROR_OFFSET) { 878 mark = RXRPC_SKB_MARK_NET_ERROR; 879 _debug("post net error %d", error); 880 } else { 881 mark = RXRPC_SKB_MARK_LOCAL_ERROR; 882 error -= RXRPC_LOCAL_ERROR_OFFSET; 883 _debug("post net local error %d", error); 884 } 885 886 if (rxrpc_post_message(call, mark, error, true) < 0) 887 goto no_mem; 888 clear_bit(RXRPC_CALL_EV_RCVD_ERROR, &call->events); 889 goto kill_ACKs; 890 } 891 892 if (test_bit(RXRPC_CALL_EV_CONN_ABORT, &call->events)) { 893 ASSERTCMP(call->state, >, RXRPC_CALL_COMPLETE); 894 895 clear_bit(RXRPC_CALL_EV_REJECT_BUSY, &call->events); 896 clear_bit(RXRPC_CALL_EV_ABORT, &call->events); 897 898 _debug("post conn abort"); 899 900 if (rxrpc_post_message(call, RXRPC_SKB_MARK_LOCAL_ERROR, 901 call->conn->error, true) < 0) 902 goto no_mem; 903 clear_bit(RXRPC_CALL_EV_CONN_ABORT, &call->events); 904 goto kill_ACKs; 905 } 906 907 if (test_bit(RXRPC_CALL_EV_REJECT_BUSY, &call->events)) { 908 whdr.type = RXRPC_PACKET_TYPE_BUSY; 909 genbit = RXRPC_CALL_EV_REJECT_BUSY; 910 goto send_message; 911 } 912 913 if (test_bit(RXRPC_CALL_EV_ABORT, &call->events)) { 914 ASSERTCMP(call->state, >, RXRPC_CALL_COMPLETE); 915 916 if (rxrpc_post_message(call, RXRPC_SKB_MARK_LOCAL_ERROR, 917 ECONNABORTED, true) < 0) 918 goto no_mem; 919 whdr.type = RXRPC_PACKET_TYPE_ABORT; 920 data = htonl(call->local_abort); 921 iov[1].iov_base = &data; 922 iov[1].iov_len = sizeof(data); 923 genbit = RXRPC_CALL_EV_ABORT; 924 goto send_message; 925 } 926 927 if (test_bit(RXRPC_CALL_EV_ACK_FINAL, &call->events)) { 928 genbit = RXRPC_CALL_EV_ACK_FINAL; 929 930 ack.bufferSpace = htons(8); 931 ack.maxSkew = 0; 932 ack.serial = 0; 933 ack.reason = RXRPC_ACK_IDLE; 934 ack.nAcks = 0; 935 call->ackr_reason = 0; 936 937 spin_lock_bh(&call->lock); 938 ack.serial = htonl(call->ackr_serial); 939 ack.previousPacket = htonl(call->ackr_prev_seq); 940 ack.firstPacket = htonl(call->rx_data_eaten + 1); 941 spin_unlock_bh(&call->lock); 942 943 pad = 0; 944 945 iov[1].iov_base = &ack; 946 iov[1].iov_len = sizeof(ack); 947 iov[2].iov_base = &pad; 948 iov[2].iov_len = 3; 949 iov[3].iov_base = &ackinfo; 950 iov[3].iov_len = sizeof(ackinfo); 951 goto send_ACK; 952 } 953 954 if (call->events & ((1 << RXRPC_CALL_EV_RCVD_BUSY) | 955 (1 << RXRPC_CALL_EV_RCVD_ABORT)) 956 ) { 957 u32 mark; 958 959 if (test_bit(RXRPC_CALL_EV_RCVD_ABORT, &call->events)) 960 mark = RXRPC_SKB_MARK_REMOTE_ABORT; 961 else 962 mark = RXRPC_SKB_MARK_BUSY; 963 964 _debug("post abort/busy"); 965 rxrpc_clear_tx_window(call); 966 if (rxrpc_post_message(call, mark, ECONNABORTED, true) < 0) 967 goto no_mem; 968 969 clear_bit(RXRPC_CALL_EV_RCVD_BUSY, &call->events); 970 clear_bit(RXRPC_CALL_EV_RCVD_ABORT, &call->events); 971 goto kill_ACKs; 972 } 973 974 if (test_and_clear_bit(RXRPC_CALL_EV_RCVD_ACKALL, &call->events)) { 975 _debug("do implicit ackall"); 976 rxrpc_clear_tx_window(call); 977 } 978 979 if (test_bit(RXRPC_CALL_EV_LIFE_TIMER, &call->events)) { 980 write_lock_bh(&call->state_lock); 981 if (call->state <= RXRPC_CALL_COMPLETE) { 982 call->state = RXRPC_CALL_LOCALLY_ABORTED; 983 call->local_abort = RX_CALL_TIMEOUT; 984 set_bit(RXRPC_CALL_EV_ABORT, &call->events); 985 } 986 write_unlock_bh(&call->state_lock); 987 988 _debug("post timeout"); 989 if (rxrpc_post_message(call, RXRPC_SKB_MARK_LOCAL_ERROR, 990 ETIME, true) < 0) 991 goto no_mem; 992 993 clear_bit(RXRPC_CALL_EV_LIFE_TIMER, &call->events); 994 goto kill_ACKs; 995 } 996 997 /* deal with assorted inbound messages */ 998 if (!skb_queue_empty(&call->rx_queue)) { 999 switch (rxrpc_process_rx_queue(call, &abort_code)) { 1000 case 0: 1001 case -EAGAIN: 1002 break; 1003 case -ENOMEM: 1004 goto no_mem; 1005 case -EKEYEXPIRED: 1006 case -EKEYREJECTED: 1007 case -EPROTO: 1008 rxrpc_abort_call(call, abort_code); 1009 goto kill_ACKs; 1010 } 1011 } 1012 1013 /* handle resending */ 1014 if (test_and_clear_bit(RXRPC_CALL_EV_RESEND_TIMER, &call->events)) 1015 rxrpc_resend_timer(call); 1016 if (test_and_clear_bit(RXRPC_CALL_EV_RESEND, &call->events)) 1017 rxrpc_resend(call); 1018 1019 /* consider sending an ordinary ACK */ 1020 if (test_bit(RXRPC_CALL_EV_ACK, &call->events)) { 1021 _debug("send ACK: window: %d - %d { %lx }", 1022 call->rx_data_eaten, call->ackr_win_top, 1023 call->ackr_window[0]); 1024 1025 if (call->state > RXRPC_CALL_SERVER_ACK_REQUEST && 1026 call->ackr_reason != RXRPC_ACK_PING_RESPONSE) { 1027 /* ACK by sending reply DATA packet in this state */ 1028 clear_bit(RXRPC_CALL_EV_ACK, &call->events); 1029 goto maybe_reschedule; 1030 } 1031 1032 genbit = RXRPC_CALL_EV_ACK; 1033 1034 acks = kzalloc(call->ackr_win_top - call->rx_data_eaten, 1035 GFP_NOFS); 1036 if (!acks) 1037 goto no_mem; 1038 1039 //hdr.flags = RXRPC_SLOW_START_OK; 1040 ack.bufferSpace = htons(8); 1041 ack.maxSkew = 0; 1042 1043 spin_lock_bh(&call->lock); 1044 ack.reason = call->ackr_reason; 1045 ack.serial = htonl(call->ackr_serial); 1046 ack.previousPacket = htonl(call->ackr_prev_seq); 1047 ack.firstPacket = htonl(call->rx_data_eaten + 1); 1048 1049 ack.nAcks = 0; 1050 for (loop = 0; loop < RXRPC_ACKR_WINDOW_ASZ; loop++) { 1051 nbit = loop * BITS_PER_LONG; 1052 for (bits = call->ackr_window[loop]; bits; bits >>= 1 1053 ) { 1054 _debug("- l=%d n=%d b=%lx", loop, nbit, bits); 1055 if (bits & 1) { 1056 acks[nbit] = RXRPC_ACK_TYPE_ACK; 1057 ack.nAcks = nbit + 1; 1058 } 1059 nbit++; 1060 } 1061 } 1062 call->ackr_reason = 0; 1063 spin_unlock_bh(&call->lock); 1064 1065 pad = 0; 1066 1067 iov[1].iov_base = &ack; 1068 iov[1].iov_len = sizeof(ack); 1069 iov[2].iov_base = acks; 1070 iov[2].iov_len = ack.nAcks; 1071 iov[3].iov_base = &pad; 1072 iov[3].iov_len = 3; 1073 iov[4].iov_base = &ackinfo; 1074 iov[4].iov_len = sizeof(ackinfo); 1075 1076 switch (ack.reason) { 1077 case RXRPC_ACK_REQUESTED: 1078 case RXRPC_ACK_DUPLICATE: 1079 case RXRPC_ACK_OUT_OF_SEQUENCE: 1080 case RXRPC_ACK_EXCEEDS_WINDOW: 1081 case RXRPC_ACK_NOSPACE: 1082 case RXRPC_ACK_PING: 1083 case RXRPC_ACK_PING_RESPONSE: 1084 goto send_ACK_with_skew; 1085 case RXRPC_ACK_DELAY: 1086 case RXRPC_ACK_IDLE: 1087 goto send_ACK; 1088 } 1089 } 1090 1091 /* handle completion of security negotiations on an incoming 1092 * connection */ 1093 if (test_and_clear_bit(RXRPC_CALL_EV_SECURED, &call->events)) { 1094 _debug("secured"); 1095 spin_lock_bh(&call->lock); 1096 1097 if (call->state == RXRPC_CALL_SERVER_SECURING) { 1098 _debug("securing"); 1099 write_lock(&call->socket->call_lock); 1100 if (!test_bit(RXRPC_CALL_RELEASED, &call->flags) && 1101 !test_bit(RXRPC_CALL_EV_RELEASE, &call->events)) { 1102 _debug("not released"); 1103 call->state = RXRPC_CALL_SERVER_ACCEPTING; 1104 list_move_tail(&call->accept_link, 1105 &call->socket->acceptq); 1106 } 1107 write_unlock(&call->socket->call_lock); 1108 read_lock(&call->state_lock); 1109 if (call->state < RXRPC_CALL_COMPLETE) 1110 set_bit(RXRPC_CALL_EV_POST_ACCEPT, &call->events); 1111 read_unlock(&call->state_lock); 1112 } 1113 1114 spin_unlock_bh(&call->lock); 1115 if (!test_bit(RXRPC_CALL_EV_POST_ACCEPT, &call->events)) 1116 goto maybe_reschedule; 1117 } 1118 1119 /* post a notification of an acceptable connection to the app */ 1120 if (test_bit(RXRPC_CALL_EV_POST_ACCEPT, &call->events)) { 1121 _debug("post accept"); 1122 if (rxrpc_post_message(call, RXRPC_SKB_MARK_NEW_CALL, 1123 0, false) < 0) 1124 goto no_mem; 1125 clear_bit(RXRPC_CALL_EV_POST_ACCEPT, &call->events); 1126 goto maybe_reschedule; 1127 } 1128 1129 /* handle incoming call acceptance */ 1130 if (test_and_clear_bit(RXRPC_CALL_EV_ACCEPTED, &call->events)) { 1131 _debug("accepted"); 1132 ASSERTCMP(call->rx_data_post, ==, 0); 1133 call->rx_data_post = 1; 1134 read_lock_bh(&call->state_lock); 1135 if (call->state < RXRPC_CALL_COMPLETE) 1136 set_bit(RXRPC_CALL_EV_DRAIN_RX_OOS, &call->events); 1137 read_unlock_bh(&call->state_lock); 1138 } 1139 1140 /* drain the out of sequence received packet queue into the packet Rx 1141 * queue */ 1142 if (test_and_clear_bit(RXRPC_CALL_EV_DRAIN_RX_OOS, &call->events)) { 1143 while (call->rx_data_post == call->rx_first_oos) 1144 if (rxrpc_drain_rx_oos_queue(call) < 0) 1145 break; 1146 goto maybe_reschedule; 1147 } 1148 1149 if (test_bit(RXRPC_CALL_EV_RELEASE, &call->events)) { 1150 rxrpc_release_call(call); 1151 clear_bit(RXRPC_CALL_EV_RELEASE, &call->events); 1152 } 1153 1154 /* other events may have been raised since we started checking */ 1155 goto maybe_reschedule; 1156 1157 send_ACK_with_skew: 1158 ack.maxSkew = htons(atomic_read(&call->conn->hi_serial) - 1159 ntohl(ack.serial)); 1160 send_ACK: 1161 mtu = call->conn->params.peer->if_mtu; 1162 mtu -= call->conn->params.peer->hdrsize; 1163 ackinfo.maxMTU = htonl(mtu); 1164 ackinfo.rwind = htonl(rxrpc_rx_window_size); 1165 1166 /* permit the peer to send us jumbo packets if it wants to */ 1167 ackinfo.rxMTU = htonl(rxrpc_rx_mtu); 1168 ackinfo.jumbo_max = htonl(rxrpc_rx_jumbo_max); 1169 1170 serial = atomic_inc_return(&call->conn->serial); 1171 whdr.serial = htonl(serial); 1172 _proto("Tx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }", 1173 serial, 1174 ntohs(ack.maxSkew), 1175 ntohl(ack.firstPacket), 1176 ntohl(ack.previousPacket), 1177 ntohl(ack.serial), 1178 rxrpc_acks(ack.reason), 1179 ack.nAcks); 1180 1181 del_timer_sync(&call->ack_timer); 1182 if (ack.nAcks > 0) 1183 set_bit(RXRPC_CALL_TX_SOFT_ACK, &call->flags); 1184 goto send_message_2; 1185 1186 send_message: 1187 _debug("send message"); 1188 1189 serial = atomic_inc_return(&call->conn->serial); 1190 whdr.serial = htonl(serial); 1191 _proto("Tx %s %%%u", rxrpc_pkts[whdr.type], serial); 1192 send_message_2: 1193 1194 len = iov[0].iov_len; 1195 ioc = 1; 1196 if (iov[4].iov_len) { 1197 ioc = 5; 1198 len += iov[4].iov_len; 1199 len += iov[3].iov_len; 1200 len += iov[2].iov_len; 1201 len += iov[1].iov_len; 1202 } else if (iov[3].iov_len) { 1203 ioc = 4; 1204 len += iov[3].iov_len; 1205 len += iov[2].iov_len; 1206 len += iov[1].iov_len; 1207 } else if (iov[2].iov_len) { 1208 ioc = 3; 1209 len += iov[2].iov_len; 1210 len += iov[1].iov_len; 1211 } else if (iov[1].iov_len) { 1212 ioc = 2; 1213 len += iov[1].iov_len; 1214 } 1215 1216 ret = kernel_sendmsg(call->conn->params.local->socket, 1217 &msg, iov, ioc, len); 1218 if (ret < 0) { 1219 _debug("sendmsg failed: %d", ret); 1220 read_lock_bh(&call->state_lock); 1221 if (call->state < RXRPC_CALL_DEAD) 1222 rxrpc_queue_call(call); 1223 read_unlock_bh(&call->state_lock); 1224 goto error; 1225 } 1226 1227 switch (genbit) { 1228 case RXRPC_CALL_EV_ABORT: 1229 clear_bit(genbit, &call->events); 1230 clear_bit(RXRPC_CALL_EV_RCVD_ABORT, &call->events); 1231 goto kill_ACKs; 1232 1233 case RXRPC_CALL_EV_ACK_FINAL: 1234 write_lock_bh(&call->state_lock); 1235 if (call->state == RXRPC_CALL_CLIENT_FINAL_ACK) 1236 call->state = RXRPC_CALL_COMPLETE; 1237 write_unlock_bh(&call->state_lock); 1238 goto kill_ACKs; 1239 1240 default: 1241 clear_bit(genbit, &call->events); 1242 switch (call->state) { 1243 case RXRPC_CALL_CLIENT_AWAIT_REPLY: 1244 case RXRPC_CALL_CLIENT_RECV_REPLY: 1245 case RXRPC_CALL_SERVER_RECV_REQUEST: 1246 case RXRPC_CALL_SERVER_ACK_REQUEST: 1247 _debug("start ACK timer"); 1248 rxrpc_propose_ACK(call, RXRPC_ACK_DELAY, 1249 call->ackr_serial, false); 1250 default: 1251 break; 1252 } 1253 goto maybe_reschedule; 1254 } 1255 1256 kill_ACKs: 1257 del_timer_sync(&call->ack_timer); 1258 if (test_and_clear_bit(RXRPC_CALL_EV_ACK_FINAL, &call->events)) 1259 rxrpc_put_call(call); 1260 clear_bit(RXRPC_CALL_EV_ACK, &call->events); 1261 1262 maybe_reschedule: 1263 if (call->events || !skb_queue_empty(&call->rx_queue)) { 1264 read_lock_bh(&call->state_lock); 1265 if (call->state < RXRPC_CALL_DEAD) 1266 rxrpc_queue_call(call); 1267 read_unlock_bh(&call->state_lock); 1268 } 1269 1270 /* don't leave aborted connections on the accept queue */ 1271 if (call->state >= RXRPC_CALL_COMPLETE && 1272 !list_empty(&call->accept_link)) { 1273 _debug("X unlinking once-pending call %p { e=%lx f=%lx c=%x }", 1274 call, call->events, call->flags, call->conn->proto.cid); 1275 1276 read_lock_bh(&call->state_lock); 1277 if (!test_bit(RXRPC_CALL_RELEASED, &call->flags) && 1278 !test_and_set_bit(RXRPC_CALL_EV_RELEASE, &call->events)) 1279 rxrpc_queue_call(call); 1280 read_unlock_bh(&call->state_lock); 1281 } 1282 1283 error: 1284 clear_bit(RXRPC_CALL_PROC_BUSY, &call->flags); 1285 kfree(acks); 1286 1287 /* because we don't want two CPUs both processing the work item for one 1288 * call at the same time, we use a flag to note when it's busy; however 1289 * this means there's a race between clearing the flag and setting the 1290 * work pending bit and the work item being processed again */ 1291 if (call->events && !work_pending(&call->processor)) { 1292 _debug("jumpstart %x", call->conn->proto.cid); 1293 rxrpc_queue_call(call); 1294 } 1295 1296 _leave(""); 1297 return; 1298 1299 no_mem: 1300 _debug("out of memory"); 1301 goto maybe_reschedule; 1302 } 1303