1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* RxRPC recvmsg() implementation 3 * 4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 9 10 #include <linux/net.h> 11 #include <linux/skbuff.h> 12 #include <linux/export.h> 13 #include <linux/sched/signal.h> 14 15 #include <net/sock.h> 16 #include <net/af_rxrpc.h> 17 #include "ar-internal.h" 18 19 /* 20 * Post a call for attention by the socket or kernel service. Further 21 * notifications are suppressed by putting recvmsg_link on a dummy queue. 22 */ 23 void rxrpc_notify_socket(struct rxrpc_call *call) 24 { 25 struct rxrpc_sock *rx; 26 struct sock *sk; 27 28 _enter("%d", call->debug_id); 29 30 if (!list_empty(&call->recvmsg_link)) 31 return; 32 33 rcu_read_lock(); 34 35 rx = rcu_dereference(call->socket); 36 sk = &rx->sk; 37 if (rx && sk->sk_state < RXRPC_CLOSE) { 38 if (call->notify_rx) { 39 spin_lock_bh(&call->notify_lock); 40 call->notify_rx(sk, call, call->user_call_ID); 41 spin_unlock_bh(&call->notify_lock); 42 } else { 43 write_lock_bh(&rx->recvmsg_lock); 44 if (list_empty(&call->recvmsg_link)) { 45 rxrpc_get_call(call, rxrpc_call_got); 46 list_add_tail(&call->recvmsg_link, &rx->recvmsg_q); 47 } 48 write_unlock_bh(&rx->recvmsg_lock); 49 50 if (!sock_flag(sk, SOCK_DEAD)) { 51 _debug("call %ps", sk->sk_data_ready); 52 sk->sk_data_ready(sk); 53 } 54 } 55 } 56 57 rcu_read_unlock(); 58 _leave(""); 59 } 60 61 /* 62 * Transition a call to the complete state. 63 */ 64 bool __rxrpc_set_call_completion(struct rxrpc_call *call, 65 enum rxrpc_call_completion compl, 66 u32 abort_code, 67 int error) 68 { 69 if (call->state < RXRPC_CALL_COMPLETE) { 70 call->abort_code = abort_code; 71 call->error = error; 72 call->completion = compl; 73 call->state = RXRPC_CALL_COMPLETE; 74 trace_rxrpc_call_complete(call); 75 wake_up(&call->waitq); 76 rxrpc_notify_socket(call); 77 return true; 78 } 79 return false; 80 } 81 82 bool rxrpc_set_call_completion(struct rxrpc_call *call, 83 enum rxrpc_call_completion compl, 84 u32 abort_code, 85 int error) 86 { 87 bool ret = false; 88 89 if (call->state < RXRPC_CALL_COMPLETE) { 90 write_lock_bh(&call->state_lock); 91 ret = __rxrpc_set_call_completion(call, compl, abort_code, error); 92 write_unlock_bh(&call->state_lock); 93 } 94 return ret; 95 } 96 97 /* 98 * Record that a call successfully completed. 99 */ 100 bool __rxrpc_call_completed(struct rxrpc_call *call) 101 { 102 return __rxrpc_set_call_completion(call, RXRPC_CALL_SUCCEEDED, 0, 0); 103 } 104 105 bool rxrpc_call_completed(struct rxrpc_call *call) 106 { 107 bool ret = false; 108 109 if (call->state < RXRPC_CALL_COMPLETE) { 110 write_lock_bh(&call->state_lock); 111 ret = __rxrpc_call_completed(call); 112 write_unlock_bh(&call->state_lock); 113 } 114 return ret; 115 } 116 117 /* 118 * Record that a call is locally aborted. 119 */ 120 bool __rxrpc_abort_call(const char *why, struct rxrpc_call *call, 121 rxrpc_seq_t seq, u32 abort_code, int error) 122 { 123 trace_rxrpc_abort(call->debug_id, why, call->cid, call->call_id, seq, 124 abort_code, error); 125 return __rxrpc_set_call_completion(call, RXRPC_CALL_LOCALLY_ABORTED, 126 abort_code, error); 127 } 128 129 bool rxrpc_abort_call(const char *why, struct rxrpc_call *call, 130 rxrpc_seq_t seq, u32 abort_code, int error) 131 { 132 bool ret; 133 134 write_lock_bh(&call->state_lock); 135 ret = __rxrpc_abort_call(why, call, seq, abort_code, error); 136 write_unlock_bh(&call->state_lock); 137 return ret; 138 } 139 140 /* 141 * Pass a call terminating message to userspace. 142 */ 143 static int rxrpc_recvmsg_term(struct rxrpc_call *call, struct msghdr *msg) 144 { 145 u32 tmp = 0; 146 int ret; 147 148 switch (call->completion) { 149 case RXRPC_CALL_SUCCEEDED: 150 ret = 0; 151 if (rxrpc_is_service_call(call)) 152 ret = put_cmsg(msg, SOL_RXRPC, RXRPC_ACK, 0, &tmp); 153 break; 154 case RXRPC_CALL_REMOTELY_ABORTED: 155 tmp = call->abort_code; 156 ret = put_cmsg(msg, SOL_RXRPC, RXRPC_ABORT, 4, &tmp); 157 break; 158 case RXRPC_CALL_LOCALLY_ABORTED: 159 tmp = call->abort_code; 160 ret = put_cmsg(msg, SOL_RXRPC, RXRPC_ABORT, 4, &tmp); 161 break; 162 case RXRPC_CALL_NETWORK_ERROR: 163 tmp = -call->error; 164 ret = put_cmsg(msg, SOL_RXRPC, RXRPC_NET_ERROR, 4, &tmp); 165 break; 166 case RXRPC_CALL_LOCAL_ERROR: 167 tmp = -call->error; 168 ret = put_cmsg(msg, SOL_RXRPC, RXRPC_LOCAL_ERROR, 4, &tmp); 169 break; 170 default: 171 pr_err("Invalid terminal call state %u\n", call->state); 172 BUG(); 173 break; 174 } 175 176 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_terminal, call->rx_hard_ack, 177 call->rx_pkt_offset, call->rx_pkt_len, ret); 178 return ret; 179 } 180 181 /* 182 * End the packet reception phase. 183 */ 184 static void rxrpc_end_rx_phase(struct rxrpc_call *call, rxrpc_serial_t serial) 185 { 186 _enter("%d,%s", call->debug_id, rxrpc_call_states[call->state]); 187 188 trace_rxrpc_receive(call, rxrpc_receive_end, 0, call->rx_top); 189 ASSERTCMP(call->rx_hard_ack, ==, call->rx_top); 190 191 if (call->state == RXRPC_CALL_CLIENT_RECV_REPLY) { 192 rxrpc_propose_ACK(call, RXRPC_ACK_IDLE, serial, false, true, 193 rxrpc_propose_ack_terminal_ack); 194 //rxrpc_send_ack_packet(call, false, NULL); 195 } 196 197 write_lock_bh(&call->state_lock); 198 199 switch (call->state) { 200 case RXRPC_CALL_CLIENT_RECV_REPLY: 201 __rxrpc_call_completed(call); 202 write_unlock_bh(&call->state_lock); 203 break; 204 205 case RXRPC_CALL_SERVER_RECV_REQUEST: 206 call->tx_phase = true; 207 call->state = RXRPC_CALL_SERVER_ACK_REQUEST; 208 call->expect_req_by = jiffies + MAX_JIFFY_OFFSET; 209 write_unlock_bh(&call->state_lock); 210 rxrpc_propose_ACK(call, RXRPC_ACK_DELAY, serial, false, true, 211 rxrpc_propose_ack_processing_op); 212 break; 213 default: 214 write_unlock_bh(&call->state_lock); 215 break; 216 } 217 } 218 219 /* 220 * Discard a packet we've used up and advance the Rx window by one. 221 */ 222 static void rxrpc_rotate_rx_window(struct rxrpc_call *call) 223 { 224 struct rxrpc_skb_priv *sp; 225 struct sk_buff *skb; 226 rxrpc_serial_t serial; 227 rxrpc_seq_t hard_ack, top; 228 bool last = false; 229 u8 subpacket; 230 int ix; 231 232 _enter("%d", call->debug_id); 233 234 hard_ack = call->rx_hard_ack; 235 top = smp_load_acquire(&call->rx_top); 236 ASSERT(before(hard_ack, top)); 237 238 hard_ack++; 239 ix = hard_ack & RXRPC_RXTX_BUFF_MASK; 240 skb = call->rxtx_buffer[ix]; 241 rxrpc_see_skb(skb, rxrpc_skb_rotated); 242 sp = rxrpc_skb(skb); 243 244 subpacket = call->rxtx_annotations[ix] & RXRPC_RX_ANNO_SUBPACKET; 245 serial = sp->hdr.serial + subpacket; 246 247 if (subpacket == sp->nr_subpackets - 1 && 248 sp->rx_flags & RXRPC_SKB_INCL_LAST) 249 last = true; 250 251 call->rxtx_buffer[ix] = NULL; 252 call->rxtx_annotations[ix] = 0; 253 /* Barrier against rxrpc_input_data(). */ 254 smp_store_release(&call->rx_hard_ack, hard_ack); 255 256 rxrpc_free_skb(skb, rxrpc_skb_freed); 257 258 trace_rxrpc_receive(call, rxrpc_receive_rotate, serial, hard_ack); 259 if (last) { 260 rxrpc_end_rx_phase(call, serial); 261 } else { 262 /* Check to see if there's an ACK that needs sending. */ 263 if (atomic_inc_return(&call->ackr_nr_consumed) > 2) 264 rxrpc_propose_ACK(call, RXRPC_ACK_IDLE, serial, 265 true, false, 266 rxrpc_propose_ack_rotate_rx); 267 if (call->ackr_reason && call->ackr_reason != RXRPC_ACK_DELAY) 268 rxrpc_send_ack_packet(call, false, NULL); 269 } 270 } 271 272 /* 273 * Decrypt and verify a (sub)packet. The packet's length may be changed due to 274 * padding, but if this is the case, the packet length will be resident in the 275 * socket buffer. Note that we can't modify the master skb info as the skb may 276 * be the home to multiple subpackets. 277 */ 278 static int rxrpc_verify_packet(struct rxrpc_call *call, struct sk_buff *skb, 279 u8 annotation, 280 unsigned int offset, unsigned int len) 281 { 282 struct rxrpc_skb_priv *sp = rxrpc_skb(skb); 283 rxrpc_seq_t seq = sp->hdr.seq; 284 u16 cksum = sp->hdr.cksum; 285 u8 subpacket = annotation & RXRPC_RX_ANNO_SUBPACKET; 286 287 _enter(""); 288 289 /* For all but the head jumbo subpacket, the security checksum is in a 290 * jumbo header immediately prior to the data. 291 */ 292 if (subpacket > 0) { 293 __be16 tmp; 294 if (skb_copy_bits(skb, offset - 2, &tmp, 2) < 0) 295 BUG(); 296 cksum = ntohs(tmp); 297 seq += subpacket; 298 } 299 300 return call->security->verify_packet(call, skb, offset, len, 301 seq, cksum); 302 } 303 304 /* 305 * Locate the data within a packet. This is complicated by: 306 * 307 * (1) An skb may contain a jumbo packet - so we have to find the appropriate 308 * subpacket. 309 * 310 * (2) The (sub)packets may be encrypted and, if so, the encrypted portion 311 * contains an extra header which includes the true length of the data, 312 * excluding any encrypted padding. 313 */ 314 static int rxrpc_locate_data(struct rxrpc_call *call, struct sk_buff *skb, 315 u8 *_annotation, 316 unsigned int *_offset, unsigned int *_len, 317 bool *_last) 318 { 319 struct rxrpc_skb_priv *sp = rxrpc_skb(skb); 320 unsigned int offset = sizeof(struct rxrpc_wire_header); 321 unsigned int len; 322 bool last = false; 323 int ret; 324 u8 annotation = *_annotation; 325 u8 subpacket = annotation & RXRPC_RX_ANNO_SUBPACKET; 326 327 /* Locate the subpacket */ 328 offset += subpacket * RXRPC_JUMBO_SUBPKTLEN; 329 len = skb->len - offset; 330 if (subpacket < sp->nr_subpackets - 1) 331 len = RXRPC_JUMBO_DATALEN; 332 else if (sp->rx_flags & RXRPC_SKB_INCL_LAST) 333 last = true; 334 335 if (!(annotation & RXRPC_RX_ANNO_VERIFIED)) { 336 ret = rxrpc_verify_packet(call, skb, annotation, offset, len); 337 if (ret < 0) 338 return ret; 339 *_annotation |= RXRPC_RX_ANNO_VERIFIED; 340 } 341 342 *_offset = offset; 343 *_len = len; 344 *_last = last; 345 call->security->locate_data(call, skb, _offset, _len); 346 return 0; 347 } 348 349 /* 350 * Deliver messages to a call. This keeps processing packets until the buffer 351 * is filled and we find either more DATA (returns 0) or the end of the DATA 352 * (returns 1). If more packets are required, it returns -EAGAIN. 353 */ 354 static int rxrpc_recvmsg_data(struct socket *sock, struct rxrpc_call *call, 355 struct msghdr *msg, struct iov_iter *iter, 356 size_t len, int flags, size_t *_offset) 357 { 358 struct rxrpc_skb_priv *sp; 359 struct sk_buff *skb; 360 rxrpc_serial_t serial; 361 rxrpc_seq_t hard_ack, top, seq; 362 size_t remain; 363 bool rx_pkt_last; 364 unsigned int rx_pkt_offset, rx_pkt_len; 365 int ix, copy, ret = -EAGAIN, ret2; 366 367 if (test_and_clear_bit(RXRPC_CALL_RX_UNDERRUN, &call->flags) && 368 call->ackr_reason) 369 rxrpc_send_ack_packet(call, false, NULL); 370 371 rx_pkt_offset = call->rx_pkt_offset; 372 rx_pkt_len = call->rx_pkt_len; 373 rx_pkt_last = call->rx_pkt_last; 374 375 if (call->state >= RXRPC_CALL_SERVER_ACK_REQUEST) { 376 seq = call->rx_hard_ack; 377 ret = 1; 378 goto done; 379 } 380 381 /* Barriers against rxrpc_input_data(). */ 382 hard_ack = call->rx_hard_ack; 383 seq = hard_ack + 1; 384 385 while (top = smp_load_acquire(&call->rx_top), 386 before_eq(seq, top) 387 ) { 388 ix = seq & RXRPC_RXTX_BUFF_MASK; 389 skb = call->rxtx_buffer[ix]; 390 if (!skb) { 391 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_hole, seq, 392 rx_pkt_offset, rx_pkt_len, 0); 393 break; 394 } 395 smp_rmb(); 396 rxrpc_see_skb(skb, rxrpc_skb_seen); 397 sp = rxrpc_skb(skb); 398 399 if (!(flags & MSG_PEEK)) { 400 serial = sp->hdr.serial; 401 serial += call->rxtx_annotations[ix] & RXRPC_RX_ANNO_SUBPACKET; 402 trace_rxrpc_receive(call, rxrpc_receive_front, 403 serial, seq); 404 } 405 406 if (msg) 407 sock_recv_timestamp(msg, sock->sk, skb); 408 409 if (rx_pkt_offset == 0) { 410 ret2 = rxrpc_locate_data(call, skb, 411 &call->rxtx_annotations[ix], 412 &rx_pkt_offset, &rx_pkt_len, 413 &rx_pkt_last); 414 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_next, seq, 415 rx_pkt_offset, rx_pkt_len, ret2); 416 if (ret2 < 0) { 417 ret = ret2; 418 goto out; 419 } 420 } else { 421 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_cont, seq, 422 rx_pkt_offset, rx_pkt_len, 0); 423 } 424 425 /* We have to handle short, empty and used-up DATA packets. */ 426 remain = len - *_offset; 427 copy = rx_pkt_len; 428 if (copy > remain) 429 copy = remain; 430 if (copy > 0) { 431 ret2 = skb_copy_datagram_iter(skb, rx_pkt_offset, iter, 432 copy); 433 if (ret2 < 0) { 434 ret = ret2; 435 goto out; 436 } 437 438 /* handle piecemeal consumption of data packets */ 439 rx_pkt_offset += copy; 440 rx_pkt_len -= copy; 441 *_offset += copy; 442 } 443 444 if (rx_pkt_len > 0) { 445 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_full, seq, 446 rx_pkt_offset, rx_pkt_len, 0); 447 ASSERTCMP(*_offset, ==, len); 448 ret = 0; 449 break; 450 } 451 452 /* The whole packet has been transferred. */ 453 if (!(flags & MSG_PEEK)) 454 rxrpc_rotate_rx_window(call); 455 rx_pkt_offset = 0; 456 rx_pkt_len = 0; 457 458 if (rx_pkt_last) { 459 ASSERTCMP(seq, ==, READ_ONCE(call->rx_top)); 460 ret = 1; 461 goto out; 462 } 463 464 seq++; 465 } 466 467 out: 468 if (!(flags & MSG_PEEK)) { 469 call->rx_pkt_offset = rx_pkt_offset; 470 call->rx_pkt_len = rx_pkt_len; 471 call->rx_pkt_last = rx_pkt_last; 472 } 473 done: 474 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_data_return, seq, 475 rx_pkt_offset, rx_pkt_len, ret); 476 if (ret == -EAGAIN) 477 set_bit(RXRPC_CALL_RX_UNDERRUN, &call->flags); 478 return ret; 479 } 480 481 /* 482 * Receive a message from an RxRPC socket 483 * - we need to be careful about two or more threads calling recvmsg 484 * simultaneously 485 */ 486 int rxrpc_recvmsg(struct socket *sock, struct msghdr *msg, size_t len, 487 int flags) 488 { 489 struct rxrpc_call *call; 490 struct rxrpc_sock *rx = rxrpc_sk(sock->sk); 491 struct list_head *l; 492 size_t copied = 0; 493 long timeo; 494 int ret; 495 496 DEFINE_WAIT(wait); 497 498 trace_rxrpc_recvmsg(NULL, rxrpc_recvmsg_enter, 0, 0, 0, 0); 499 500 if (flags & (MSG_OOB | MSG_TRUNC)) 501 return -EOPNOTSUPP; 502 503 timeo = sock_rcvtimeo(&rx->sk, flags & MSG_DONTWAIT); 504 505 try_again: 506 lock_sock(&rx->sk); 507 508 /* Return immediately if a client socket has no outstanding calls */ 509 if (RB_EMPTY_ROOT(&rx->calls) && 510 list_empty(&rx->recvmsg_q) && 511 rx->sk.sk_state != RXRPC_SERVER_LISTENING) { 512 release_sock(&rx->sk); 513 return -EAGAIN; 514 } 515 516 if (list_empty(&rx->recvmsg_q)) { 517 ret = -EWOULDBLOCK; 518 if (timeo == 0) { 519 call = NULL; 520 goto error_no_call; 521 } 522 523 release_sock(&rx->sk); 524 525 /* Wait for something to happen */ 526 prepare_to_wait_exclusive(sk_sleep(&rx->sk), &wait, 527 TASK_INTERRUPTIBLE); 528 ret = sock_error(&rx->sk); 529 if (ret) 530 goto wait_error; 531 532 if (list_empty(&rx->recvmsg_q)) { 533 if (signal_pending(current)) 534 goto wait_interrupted; 535 trace_rxrpc_recvmsg(NULL, rxrpc_recvmsg_wait, 536 0, 0, 0, 0); 537 timeo = schedule_timeout(timeo); 538 } 539 finish_wait(sk_sleep(&rx->sk), &wait); 540 goto try_again; 541 } 542 543 /* Find the next call and dequeue it if we're not just peeking. If we 544 * do dequeue it, that comes with a ref that we will need to release. 545 */ 546 write_lock_bh(&rx->recvmsg_lock); 547 l = rx->recvmsg_q.next; 548 call = list_entry(l, struct rxrpc_call, recvmsg_link); 549 if (!(flags & MSG_PEEK)) 550 list_del_init(&call->recvmsg_link); 551 else 552 rxrpc_get_call(call, rxrpc_call_got); 553 write_unlock_bh(&rx->recvmsg_lock); 554 555 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_dequeue, 0, 0, 0, 0); 556 557 /* We're going to drop the socket lock, so we need to lock the call 558 * against interference by sendmsg. 559 */ 560 if (!mutex_trylock(&call->user_mutex)) { 561 ret = -EWOULDBLOCK; 562 if (flags & MSG_DONTWAIT) 563 goto error_requeue_call; 564 ret = -ERESTARTSYS; 565 if (mutex_lock_interruptible(&call->user_mutex) < 0) 566 goto error_requeue_call; 567 } 568 569 release_sock(&rx->sk); 570 571 if (test_bit(RXRPC_CALL_RELEASED, &call->flags)) 572 BUG(); 573 574 if (test_bit(RXRPC_CALL_HAS_USERID, &call->flags)) { 575 if (flags & MSG_CMSG_COMPAT) { 576 unsigned int id32 = call->user_call_ID; 577 578 ret = put_cmsg(msg, SOL_RXRPC, RXRPC_USER_CALL_ID, 579 sizeof(unsigned int), &id32); 580 } else { 581 unsigned long idl = call->user_call_ID; 582 583 ret = put_cmsg(msg, SOL_RXRPC, RXRPC_USER_CALL_ID, 584 sizeof(unsigned long), &idl); 585 } 586 if (ret < 0) 587 goto error_unlock_call; 588 } 589 590 if (msg->msg_name && call->peer) { 591 struct sockaddr_rxrpc *srx = msg->msg_name; 592 size_t len = sizeof(call->peer->srx); 593 594 memcpy(msg->msg_name, &call->peer->srx, len); 595 srx->srx_service = call->service_id; 596 msg->msg_namelen = len; 597 } 598 599 switch (READ_ONCE(call->state)) { 600 case RXRPC_CALL_CLIENT_RECV_REPLY: 601 case RXRPC_CALL_SERVER_RECV_REQUEST: 602 case RXRPC_CALL_SERVER_ACK_REQUEST: 603 ret = rxrpc_recvmsg_data(sock, call, msg, &msg->msg_iter, len, 604 flags, &copied); 605 if (ret == -EAGAIN) 606 ret = 0; 607 608 if (after(call->rx_top, call->rx_hard_ack) && 609 call->rxtx_buffer[(call->rx_hard_ack + 1) & RXRPC_RXTX_BUFF_MASK]) 610 rxrpc_notify_socket(call); 611 break; 612 default: 613 ret = 0; 614 break; 615 } 616 617 if (ret < 0) 618 goto error_unlock_call; 619 620 if (call->state == RXRPC_CALL_COMPLETE) { 621 ret = rxrpc_recvmsg_term(call, msg); 622 if (ret < 0) 623 goto error_unlock_call; 624 if (!(flags & MSG_PEEK)) 625 rxrpc_release_call(rx, call); 626 msg->msg_flags |= MSG_EOR; 627 ret = 1; 628 } 629 630 if (ret == 0) 631 msg->msg_flags |= MSG_MORE; 632 else 633 msg->msg_flags &= ~MSG_MORE; 634 ret = copied; 635 636 error_unlock_call: 637 mutex_unlock(&call->user_mutex); 638 rxrpc_put_call(call, rxrpc_call_put); 639 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_return, 0, 0, 0, ret); 640 return ret; 641 642 error_requeue_call: 643 if (!(flags & MSG_PEEK)) { 644 write_lock_bh(&rx->recvmsg_lock); 645 list_add(&call->recvmsg_link, &rx->recvmsg_q); 646 write_unlock_bh(&rx->recvmsg_lock); 647 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_requeue, 0, 0, 0, 0); 648 } else { 649 rxrpc_put_call(call, rxrpc_call_put); 650 } 651 error_no_call: 652 release_sock(&rx->sk); 653 error_trace: 654 trace_rxrpc_recvmsg(call, rxrpc_recvmsg_return, 0, 0, 0, ret); 655 return ret; 656 657 wait_interrupted: 658 ret = sock_intr_errno(timeo); 659 wait_error: 660 finish_wait(sk_sleep(&rx->sk), &wait); 661 call = NULL; 662 goto error_trace; 663 } 664 665 /** 666 * rxrpc_kernel_recv_data - Allow a kernel service to receive data/info 667 * @sock: The socket that the call exists on 668 * @call: The call to send data through 669 * @iter: The buffer to receive into 670 * @_len: The amount of data we want to receive (decreased on return) 671 * @want_more: True if more data is expected to be read 672 * @_abort: Where the abort code is stored if -ECONNABORTED is returned 673 * @_service: Where to store the actual service ID (may be upgraded) 674 * 675 * Allow a kernel service to receive data and pick up information about the 676 * state of a call. Returns 0 if got what was asked for and there's more 677 * available, 1 if we got what was asked for and we're at the end of the data 678 * and -EAGAIN if we need more data. 679 * 680 * Note that we may return -EAGAIN to drain empty packets at the end of the 681 * data, even if we've already copied over the requested data. 682 * 683 * *_abort should also be initialised to 0. 684 */ 685 int rxrpc_kernel_recv_data(struct socket *sock, struct rxrpc_call *call, 686 struct iov_iter *iter, size_t *_len, 687 bool want_more, u32 *_abort, u16 *_service) 688 { 689 size_t offset = 0; 690 int ret; 691 692 _enter("{%d,%s},%zu,%d", 693 call->debug_id, rxrpc_call_states[call->state], 694 *_len, want_more); 695 696 ASSERTCMP(call->state, !=, RXRPC_CALL_SERVER_SECURING); 697 698 mutex_lock(&call->user_mutex); 699 700 switch (READ_ONCE(call->state)) { 701 case RXRPC_CALL_CLIENT_RECV_REPLY: 702 case RXRPC_CALL_SERVER_RECV_REQUEST: 703 case RXRPC_CALL_SERVER_ACK_REQUEST: 704 ret = rxrpc_recvmsg_data(sock, call, NULL, iter, 705 *_len, 0, &offset); 706 *_len -= offset; 707 if (ret < 0) 708 goto out; 709 710 /* We can only reach here with a partially full buffer if we 711 * have reached the end of the data. We must otherwise have a 712 * full buffer or have been given -EAGAIN. 713 */ 714 if (ret == 1) { 715 if (iov_iter_count(iter) > 0) 716 goto short_data; 717 if (!want_more) 718 goto read_phase_complete; 719 ret = 0; 720 goto out; 721 } 722 723 if (!want_more) 724 goto excess_data; 725 goto out; 726 727 case RXRPC_CALL_COMPLETE: 728 goto call_complete; 729 730 default: 731 ret = -EINPROGRESS; 732 goto out; 733 } 734 735 read_phase_complete: 736 ret = 1; 737 out: 738 switch (call->ackr_reason) { 739 case RXRPC_ACK_IDLE: 740 break; 741 case RXRPC_ACK_DELAY: 742 if (ret != -EAGAIN) 743 break; 744 fallthrough; 745 default: 746 rxrpc_send_ack_packet(call, false, NULL); 747 } 748 749 if (_service) 750 *_service = call->service_id; 751 mutex_unlock(&call->user_mutex); 752 _leave(" = %d [%zu,%d]", ret, iov_iter_count(iter), *_abort); 753 return ret; 754 755 short_data: 756 trace_rxrpc_rx_eproto(call, 0, tracepoint_string("short_data")); 757 ret = -EBADMSG; 758 goto out; 759 excess_data: 760 trace_rxrpc_rx_eproto(call, 0, tracepoint_string("excess_data")); 761 ret = -EMSGSIZE; 762 goto out; 763 call_complete: 764 *_abort = call->abort_code; 765 ret = call->error; 766 if (call->completion == RXRPC_CALL_SUCCEEDED) { 767 ret = 1; 768 if (iov_iter_count(iter) > 0) 769 ret = -ECONNRESET; 770 } 771 goto out; 772 } 773 EXPORT_SYMBOL(rxrpc_kernel_recv_data); 774