xref: /openbmc/linux/net/rxrpc/local_object.c (revision ae40e94f)
1 /* Local endpoint object management
2  *
3  * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public Licence
8  * as published by the Free Software Foundation; either version
9  * 2 of the Licence, or (at your option) any later version.
10  */
11 
12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13 
14 #include <linux/module.h>
15 #include <linux/net.h>
16 #include <linux/skbuff.h>
17 #include <linux/slab.h>
18 #include <linux/udp.h>
19 #include <linux/ip.h>
20 #include <linux/hashtable.h>
21 #include <net/sock.h>
22 #include <net/udp.h>
23 #include <net/af_rxrpc.h>
24 #include "ar-internal.h"
25 
26 static void rxrpc_local_processor(struct work_struct *);
27 static void rxrpc_local_rcu(struct rcu_head *);
28 
29 /*
30  * Compare a local to an address.  Return -ve, 0 or +ve to indicate less than,
31  * same or greater than.
32  *
33  * We explicitly don't compare the RxRPC service ID as we want to reject
34  * conflicting uses by differing services.  Further, we don't want to share
35  * addresses with different options (IPv6), so we don't compare those bits
36  * either.
37  */
38 static long rxrpc_local_cmp_key(const struct rxrpc_local *local,
39 				const struct sockaddr_rxrpc *srx)
40 {
41 	long diff;
42 
43 	diff = ((local->srx.transport_type - srx->transport_type) ?:
44 		(local->srx.transport_len - srx->transport_len) ?:
45 		(local->srx.transport.family - srx->transport.family));
46 	if (diff != 0)
47 		return diff;
48 
49 	switch (srx->transport.family) {
50 	case AF_INET:
51 		/* If the choice of UDP port is left up to the transport, then
52 		 * the endpoint record doesn't match.
53 		 */
54 		return ((u16 __force)local->srx.transport.sin.sin_port -
55 			(u16 __force)srx->transport.sin.sin_port) ?:
56 			memcmp(&local->srx.transport.sin.sin_addr,
57 			       &srx->transport.sin.sin_addr,
58 			       sizeof(struct in_addr));
59 #ifdef CONFIG_AF_RXRPC_IPV6
60 	case AF_INET6:
61 		/* If the choice of UDP6 port is left up to the transport, then
62 		 * the endpoint record doesn't match.
63 		 */
64 		return ((u16 __force)local->srx.transport.sin6.sin6_port -
65 			(u16 __force)srx->transport.sin6.sin6_port) ?:
66 			memcmp(&local->srx.transport.sin6.sin6_addr,
67 			       &srx->transport.sin6.sin6_addr,
68 			       sizeof(struct in6_addr));
69 #endif
70 	default:
71 		BUG();
72 	}
73 }
74 
75 /*
76  * Allocate a new local endpoint.
77  */
78 static struct rxrpc_local *rxrpc_alloc_local(struct rxrpc_net *rxnet,
79 					     const struct sockaddr_rxrpc *srx)
80 {
81 	struct rxrpc_local *local;
82 
83 	local = kzalloc(sizeof(struct rxrpc_local), GFP_KERNEL);
84 	if (local) {
85 		atomic_set(&local->usage, 1);
86 		local->rxnet = rxnet;
87 		INIT_LIST_HEAD(&local->link);
88 		INIT_WORK(&local->processor, rxrpc_local_processor);
89 		init_rwsem(&local->defrag_sem);
90 		skb_queue_head_init(&local->reject_queue);
91 		skb_queue_head_init(&local->event_queue);
92 		local->client_conns = RB_ROOT;
93 		spin_lock_init(&local->client_conns_lock);
94 		spin_lock_init(&local->lock);
95 		rwlock_init(&local->services_lock);
96 		local->debug_id = atomic_inc_return(&rxrpc_debug_id);
97 		memcpy(&local->srx, srx, sizeof(*srx));
98 		local->srx.srx_service = 0;
99 		trace_rxrpc_local(local, rxrpc_local_new, 1, NULL);
100 	}
101 
102 	_leave(" = %p", local);
103 	return local;
104 }
105 
106 /*
107  * create the local socket
108  * - must be called with rxrpc_local_mutex locked
109  */
110 static int rxrpc_open_socket(struct rxrpc_local *local, struct net *net)
111 {
112 	struct sock *usk;
113 	int ret, opt;
114 
115 	_enter("%p{%d,%d}",
116 	       local, local->srx.transport_type, local->srx.transport.family);
117 
118 	/* create a socket to represent the local endpoint */
119 	ret = sock_create_kern(net, local->srx.transport.family,
120 			       local->srx.transport_type, 0, &local->socket);
121 	if (ret < 0) {
122 		_leave(" = %d [socket]", ret);
123 		return ret;
124 	}
125 
126 	/* set the socket up */
127 	usk = local->socket->sk;
128 	inet_sk(usk)->mc_loop = 0;
129 
130 	/* Enable CHECKSUM_UNNECESSARY to CHECKSUM_COMPLETE conversion */
131 	inet_inc_convert_csum(usk);
132 
133 	rcu_assign_sk_user_data(usk, local);
134 
135 	udp_sk(usk)->encap_type = UDP_ENCAP_RXRPC;
136 	udp_sk(usk)->encap_rcv = rxrpc_input_packet;
137 	udp_sk(usk)->encap_destroy = NULL;
138 	udp_sk(usk)->gro_receive = NULL;
139 	udp_sk(usk)->gro_complete = NULL;
140 
141 	udp_encap_enable();
142 #if IS_ENABLED(CONFIG_AF_RXRPC_IPV6)
143 	if (local->srx.transport.family == AF_INET6)
144 		udpv6_encap_enable();
145 #endif
146 	usk->sk_error_report = rxrpc_error_report;
147 
148 	/* if a local address was supplied then bind it */
149 	if (local->srx.transport_len > sizeof(sa_family_t)) {
150 		_debug("bind");
151 		ret = kernel_bind(local->socket,
152 				  (struct sockaddr *)&local->srx.transport,
153 				  local->srx.transport_len);
154 		if (ret < 0) {
155 			_debug("bind failed %d", ret);
156 			goto error;
157 		}
158 	}
159 
160 	switch (local->srx.transport.family) {
161 	case AF_INET6:
162 		/* we want to receive ICMPv6 errors */
163 		opt = 1;
164 		ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_RECVERR,
165 					(char *) &opt, sizeof(opt));
166 		if (ret < 0) {
167 			_debug("setsockopt failed");
168 			goto error;
169 		}
170 
171 		/* we want to set the don't fragment bit */
172 		opt = IPV6_PMTUDISC_DO;
173 		ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_MTU_DISCOVER,
174 					(char *) &opt, sizeof(opt));
175 		if (ret < 0) {
176 			_debug("setsockopt failed");
177 			goto error;
178 		}
179 
180 		/* Fall through and set IPv4 options too otherwise we don't get
181 		 * errors from IPv4 packets sent through the IPv6 socket.
182 		 */
183 
184 	case AF_INET:
185 		/* we want to receive ICMP errors */
186 		opt = 1;
187 		ret = kernel_setsockopt(local->socket, SOL_IP, IP_RECVERR,
188 					(char *) &opt, sizeof(opt));
189 		if (ret < 0) {
190 			_debug("setsockopt failed");
191 			goto error;
192 		}
193 
194 		/* we want to set the don't fragment bit */
195 		opt = IP_PMTUDISC_DO;
196 		ret = kernel_setsockopt(local->socket, SOL_IP, IP_MTU_DISCOVER,
197 					(char *) &opt, sizeof(opt));
198 		if (ret < 0) {
199 			_debug("setsockopt failed");
200 			goto error;
201 		}
202 
203 		/* We want receive timestamps. */
204 		opt = 1;
205 		ret = kernel_setsockopt(local->socket, SOL_SOCKET, SO_TIMESTAMPNS_OLD,
206 					(char *)&opt, sizeof(opt));
207 		if (ret < 0) {
208 			_debug("setsockopt failed");
209 			goto error;
210 		}
211 		break;
212 
213 	default:
214 		BUG();
215 	}
216 
217 	_leave(" = 0");
218 	return 0;
219 
220 error:
221 	kernel_sock_shutdown(local->socket, SHUT_RDWR);
222 	local->socket->sk->sk_user_data = NULL;
223 	sock_release(local->socket);
224 	local->socket = NULL;
225 
226 	_leave(" = %d", ret);
227 	return ret;
228 }
229 
230 /*
231  * Look up or create a new local endpoint using the specified local address.
232  */
233 struct rxrpc_local *rxrpc_lookup_local(struct net *net,
234 				       const struct sockaddr_rxrpc *srx)
235 {
236 	struct rxrpc_local *local;
237 	struct rxrpc_net *rxnet = rxrpc_net(net);
238 	struct list_head *cursor;
239 	const char *age;
240 	long diff;
241 	int ret;
242 
243 	_enter("{%d,%d,%pISp}",
244 	       srx->transport_type, srx->transport.family, &srx->transport);
245 
246 	mutex_lock(&rxnet->local_mutex);
247 
248 	for (cursor = rxnet->local_endpoints.next;
249 	     cursor != &rxnet->local_endpoints;
250 	     cursor = cursor->next) {
251 		local = list_entry(cursor, struct rxrpc_local, link);
252 
253 		diff = rxrpc_local_cmp_key(local, srx);
254 		if (diff < 0)
255 			continue;
256 		if (diff > 0)
257 			break;
258 
259 		/* Services aren't allowed to share transport sockets, so
260 		 * reject that here.  It is possible that the object is dying -
261 		 * but it may also still have the local transport address that
262 		 * we want bound.
263 		 */
264 		if (srx->srx_service) {
265 			local = NULL;
266 			goto addr_in_use;
267 		}
268 
269 		/* Found a match.  We replace a dying object.  Attempting to
270 		 * bind the transport socket may still fail if we're attempting
271 		 * to use a local address that the dying object is still using.
272 		 */
273 		if (!rxrpc_get_local_maybe(local)) {
274 			cursor = cursor->next;
275 			list_del_init(&local->link);
276 			break;
277 		}
278 
279 		age = "old";
280 		goto found;
281 	}
282 
283 	local = rxrpc_alloc_local(rxnet, srx);
284 	if (!local)
285 		goto nomem;
286 
287 	ret = rxrpc_open_socket(local, net);
288 	if (ret < 0)
289 		goto sock_error;
290 
291 	list_add_tail(&local->link, cursor);
292 	age = "new";
293 
294 found:
295 	mutex_unlock(&rxnet->local_mutex);
296 
297 	_net("LOCAL %s %d {%pISp}",
298 	     age, local->debug_id, &local->srx.transport);
299 
300 	_leave(" = %p", local);
301 	return local;
302 
303 nomem:
304 	ret = -ENOMEM;
305 sock_error:
306 	mutex_unlock(&rxnet->local_mutex);
307 	kfree(local);
308 	_leave(" = %d", ret);
309 	return ERR_PTR(ret);
310 
311 addr_in_use:
312 	mutex_unlock(&rxnet->local_mutex);
313 	_leave(" = -EADDRINUSE");
314 	return ERR_PTR(-EADDRINUSE);
315 }
316 
317 /*
318  * Get a ref on a local endpoint.
319  */
320 struct rxrpc_local *rxrpc_get_local(struct rxrpc_local *local)
321 {
322 	const void *here = __builtin_return_address(0);
323 	int n;
324 
325 	n = atomic_inc_return(&local->usage);
326 	trace_rxrpc_local(local, rxrpc_local_got, n, here);
327 	return local;
328 }
329 
330 /*
331  * Get a ref on a local endpoint unless its usage has already reached 0.
332  */
333 struct rxrpc_local *rxrpc_get_local_maybe(struct rxrpc_local *local)
334 {
335 	const void *here = __builtin_return_address(0);
336 
337 	if (local) {
338 		int n = atomic_fetch_add_unless(&local->usage, 1, 0);
339 		if (n > 0)
340 			trace_rxrpc_local(local, rxrpc_local_got, n + 1, here);
341 		else
342 			local = NULL;
343 	}
344 	return local;
345 }
346 
347 /*
348  * Queue a local endpoint.
349  */
350 void rxrpc_queue_local(struct rxrpc_local *local)
351 {
352 	const void *here = __builtin_return_address(0);
353 
354 	if (rxrpc_queue_work(&local->processor))
355 		trace_rxrpc_local(local, rxrpc_local_queued,
356 				  atomic_read(&local->usage), here);
357 }
358 
359 /*
360  * A local endpoint reached its end of life.
361  */
362 static void __rxrpc_put_local(struct rxrpc_local *local)
363 {
364 	_enter("%d", local->debug_id);
365 	rxrpc_queue_work(&local->processor);
366 }
367 
368 /*
369  * Drop a ref on a local endpoint.
370  */
371 void rxrpc_put_local(struct rxrpc_local *local)
372 {
373 	const void *here = __builtin_return_address(0);
374 	int n;
375 
376 	if (local) {
377 		n = atomic_dec_return(&local->usage);
378 		trace_rxrpc_local(local, rxrpc_local_put, n, here);
379 
380 		if (n == 0)
381 			__rxrpc_put_local(local);
382 	}
383 }
384 
385 /*
386  * Destroy a local endpoint's socket and then hand the record to RCU to dispose
387  * of.
388  *
389  * Closing the socket cannot be done from bottom half context or RCU callback
390  * context because it might sleep.
391  */
392 static void rxrpc_local_destroyer(struct rxrpc_local *local)
393 {
394 	struct socket *socket = local->socket;
395 	struct rxrpc_net *rxnet = local->rxnet;
396 
397 	_enter("%d", local->debug_id);
398 
399 	/* We can get a race between an incoming call packet queueing the
400 	 * processor again and the work processor starting the destruction
401 	 * process which will shut down the UDP socket.
402 	 */
403 	if (local->dead) {
404 		_leave(" [already dead]");
405 		return;
406 	}
407 	local->dead = true;
408 
409 	mutex_lock(&rxnet->local_mutex);
410 	list_del_init(&local->link);
411 	mutex_unlock(&rxnet->local_mutex);
412 
413 	ASSERT(RB_EMPTY_ROOT(&local->client_conns));
414 	ASSERT(!local->service);
415 
416 	if (socket) {
417 		local->socket = NULL;
418 		kernel_sock_shutdown(socket, SHUT_RDWR);
419 		socket->sk->sk_user_data = NULL;
420 		sock_release(socket);
421 	}
422 
423 	/* At this point, there should be no more packets coming in to the
424 	 * local endpoint.
425 	 */
426 	rxrpc_purge_queue(&local->reject_queue);
427 	rxrpc_purge_queue(&local->event_queue);
428 
429 	_debug("rcu local %d", local->debug_id);
430 	call_rcu(&local->rcu, rxrpc_local_rcu);
431 }
432 
433 /*
434  * Process events on an endpoint
435  */
436 static void rxrpc_local_processor(struct work_struct *work)
437 {
438 	struct rxrpc_local *local =
439 		container_of(work, struct rxrpc_local, processor);
440 	bool again;
441 
442 	trace_rxrpc_local(local, rxrpc_local_processing,
443 			  atomic_read(&local->usage), NULL);
444 
445 	do {
446 		again = false;
447 		if (atomic_read(&local->usage) == 0)
448 			return rxrpc_local_destroyer(local);
449 
450 		if (!skb_queue_empty(&local->reject_queue)) {
451 			rxrpc_reject_packets(local);
452 			again = true;
453 		}
454 
455 		if (!skb_queue_empty(&local->event_queue)) {
456 			rxrpc_process_local_events(local);
457 			again = true;
458 		}
459 	} while (again);
460 }
461 
462 /*
463  * Destroy a local endpoint after the RCU grace period expires.
464  */
465 static void rxrpc_local_rcu(struct rcu_head *rcu)
466 {
467 	struct rxrpc_local *local = container_of(rcu, struct rxrpc_local, rcu);
468 
469 	_enter("%d", local->debug_id);
470 
471 	ASSERT(!work_pending(&local->processor));
472 
473 	_net("DESTROY LOCAL %d", local->debug_id);
474 	kfree(local);
475 	_leave("");
476 }
477 
478 /*
479  * Verify the local endpoint list is empty by this point.
480  */
481 void rxrpc_destroy_all_locals(struct rxrpc_net *rxnet)
482 {
483 	struct rxrpc_local *local;
484 
485 	_enter("");
486 
487 	flush_workqueue(rxrpc_workqueue);
488 
489 	if (!list_empty(&rxnet->local_endpoints)) {
490 		mutex_lock(&rxnet->local_mutex);
491 		list_for_each_entry(local, &rxnet->local_endpoints, link) {
492 			pr_err("AF_RXRPC: Leaked local %p {%d}\n",
493 			       local, atomic_read(&local->usage));
494 		}
495 		mutex_unlock(&rxnet->local_mutex);
496 		BUG();
497 	}
498 }
499