1
2
3
4
5
6
7
8
9
10
11
12#include <linux/net.h>
13#include <linux/gfp.h>
14#include <linux/skbuff.h>
15#include <linux/circ_buf.h>
16#include <linux/export.h>
17#include <net/sock.h>
18#include <net/af_rxrpc.h>
19#include "ar-internal.h"
20
21
22
23
24unsigned rxrpc_resend_timeout = 4 * HZ;
25
26static int rxrpc_send_data(struct kiocb *iocb,
27 struct rxrpc_sock *rx,
28 struct rxrpc_call *call,
29 struct msghdr *msg, size_t len);
30
31
32
33
34static int rxrpc_sendmsg_cmsg(struct rxrpc_sock *rx, struct msghdr *msg,
35 unsigned long *user_call_ID,
36 enum rxrpc_command *command,
37 u32 *abort_code,
38 bool server)
39{
40 struct cmsghdr *cmsg;
41 int len;
42
43 *command = RXRPC_CMD_SEND_DATA;
44
45 if (msg->msg_controllen == 0)
46 return -EINVAL;
47
48 for_each_cmsghdr(cmsg, msg) {
49 if (!CMSG_OK(msg, cmsg))
50 return -EINVAL;
51
52 len = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
53 _debug("CMSG %d, %d, %d",
54 cmsg->cmsg_level, cmsg->cmsg_type, len);
55
56 if (cmsg->cmsg_level != SOL_RXRPC)
57 continue;
58
59 switch (cmsg->cmsg_type) {
60 case RXRPC_USER_CALL_ID:
61 if (msg->msg_flags & MSG_CMSG_COMPAT) {
62 if (len != sizeof(u32))
63 return -EINVAL;
64 *user_call_ID = *(u32 *) CMSG_DATA(cmsg);
65 } else {
66 if (len != sizeof(unsigned long))
67 return -EINVAL;
68 *user_call_ID = *(unsigned long *)
69 CMSG_DATA(cmsg);
70 }
71 _debug("User Call ID %lx", *user_call_ID);
72 break;
73
74 case RXRPC_ABORT:
75 if (*command != RXRPC_CMD_SEND_DATA)
76 return -EINVAL;
77 *command = RXRPC_CMD_SEND_ABORT;
78 if (len != sizeof(*abort_code))
79 return -EINVAL;
80 *abort_code = *(unsigned int *) CMSG_DATA(cmsg);
81 _debug("Abort %x", *abort_code);
82 if (*abort_code == 0)
83 return -EINVAL;
84 break;
85
86 case RXRPC_ACCEPT:
87 if (*command != RXRPC_CMD_SEND_DATA)
88 return -EINVAL;
89 *command = RXRPC_CMD_ACCEPT;
90 if (len != 0)
91 return -EINVAL;
92 if (!server)
93 return -EISCONN;
94 break;
95
96 default:
97 return -EINVAL;
98 }
99 }
100
101 _leave(" = 0");
102 return 0;
103}
104
105
106
107
108static void rxrpc_send_abort(struct rxrpc_call *call, u32 abort_code)
109{
110 write_lock_bh(&call->state_lock);
111
112 if (call->state <= RXRPC_CALL_COMPLETE) {
113 call->state = RXRPC_CALL_LOCALLY_ABORTED;
114 call->abort_code = abort_code;
115 set_bit(RXRPC_CALL_ABORT, &call->events);
116 del_timer_sync(&call->resend_timer);
117 del_timer_sync(&call->ack_timer);
118 clear_bit(RXRPC_CALL_RESEND_TIMER, &call->events);
119 clear_bit(RXRPC_CALL_ACK, &call->events);
120 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
121 rxrpc_queue_call(call);
122 }
123
124 write_unlock_bh(&call->state_lock);
125}
126
127
128
129
130
131
132int rxrpc_client_sendmsg(struct kiocb *iocb, struct rxrpc_sock *rx,
133 struct rxrpc_transport *trans, struct msghdr *msg,
134 size_t len)
135{
136 struct rxrpc_conn_bundle *bundle;
137 enum rxrpc_command cmd;
138 struct rxrpc_call *call;
139 unsigned long user_call_ID = 0;
140 struct key *key;
141 __be16 service_id;
142 u32 abort_code = 0;
143 int ret;
144
145 _enter("");
146
147 ASSERT(trans != NULL);
148
149 ret = rxrpc_sendmsg_cmsg(rx, msg, &user_call_ID, &cmd, &abort_code,
150 false);
151 if (ret < 0)
152 return ret;
153
154 bundle = NULL;
155 if (trans) {
156 service_id = rx->service_id;
157 if (msg->msg_name) {
158 DECLARE_SOCKADDR(struct sockaddr_rxrpc *, srx,
159 msg->msg_name);
160 service_id = htons(srx->srx_service);
161 }
162 key = rx->key;
163 if (key && !rx->key->payload.data)
164 key = NULL;
165 bundle = rxrpc_get_bundle(rx, trans, key, service_id,
166 GFP_KERNEL);
167 if (IS_ERR(bundle))
168 return PTR_ERR(bundle);
169 }
170
171 call = rxrpc_get_client_call(rx, trans, bundle, user_call_ID,
172 abort_code == 0, GFP_KERNEL);
173 if (trans)
174 rxrpc_put_bundle(trans, bundle);
175 if (IS_ERR(call)) {
176 _leave(" = %ld", PTR_ERR(call));
177 return PTR_ERR(call);
178 }
179
180 _debug("CALL %d USR %lx ST %d on CONN %p",
181 call->debug_id, call->user_call_ID, call->state, call->conn);
182
183 if (call->state >= RXRPC_CALL_COMPLETE) {
184
185 ret = -ESHUTDOWN;
186 } else if (cmd == RXRPC_CMD_SEND_ABORT) {
187 rxrpc_send_abort(call, abort_code);
188 } else if (cmd != RXRPC_CMD_SEND_DATA) {
189 ret = -EINVAL;
190 } else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST) {
191
192 ret = -EPROTO;
193 } else {
194 ret = rxrpc_send_data(iocb, rx, call, msg, len);
195 }
196
197 rxrpc_put_call(call);
198 _leave(" = %d", ret);
199 return ret;
200}
201
202
203
204
205
206
207
208
209
210
211
212
213int rxrpc_kernel_send_data(struct rxrpc_call *call, struct msghdr *msg,
214 size_t len)
215{
216 int ret;
217
218 _enter("{%d,%s},", call->debug_id, rxrpc_call_states[call->state]);
219
220 ASSERTCMP(msg->msg_name, ==, NULL);
221 ASSERTCMP(msg->msg_control, ==, NULL);
222
223 lock_sock(&call->socket->sk);
224
225 _debug("CALL %d USR %lx ST %d on CONN %p",
226 call->debug_id, call->user_call_ID, call->state, call->conn);
227
228 if (call->state >= RXRPC_CALL_COMPLETE) {
229 ret = -ESHUTDOWN;
230 } else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
231 call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
232 call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
233 ret = -EPROTO;
234 } else {
235 ret = rxrpc_send_data(NULL, call->socket, call, msg, len);
236 }
237
238 release_sock(&call->socket->sk);
239 _leave(" = %d", ret);
240 return ret;
241}
242
243EXPORT_SYMBOL(rxrpc_kernel_send_data);
244
245
246
247
248
249
250
251
252void rxrpc_kernel_abort_call(struct rxrpc_call *call, u32 abort_code)
253{
254 _enter("{%d},%d", call->debug_id, abort_code);
255
256 lock_sock(&call->socket->sk);
257
258 _debug("CALL %d USR %lx ST %d on CONN %p",
259 call->debug_id, call->user_call_ID, call->state, call->conn);
260
261 if (call->state < RXRPC_CALL_COMPLETE)
262 rxrpc_send_abort(call, abort_code);
263
264 release_sock(&call->socket->sk);
265 _leave("");
266}
267
268EXPORT_SYMBOL(rxrpc_kernel_abort_call);
269
270
271
272
273
274int rxrpc_server_sendmsg(struct kiocb *iocb, struct rxrpc_sock *rx,
275 struct msghdr *msg, size_t len)
276{
277 enum rxrpc_command cmd;
278 struct rxrpc_call *call;
279 unsigned long user_call_ID = 0;
280 u32 abort_code = 0;
281 int ret;
282
283 _enter("");
284
285 ret = rxrpc_sendmsg_cmsg(rx, msg, &user_call_ID, &cmd, &abort_code,
286 true);
287 if (ret < 0)
288 return ret;
289
290 if (cmd == RXRPC_CMD_ACCEPT) {
291 call = rxrpc_accept_call(rx, user_call_ID);
292 if (IS_ERR(call))
293 return PTR_ERR(call);
294 rxrpc_put_call(call);
295 return 0;
296 }
297
298 call = rxrpc_find_server_call(rx, user_call_ID);
299 if (!call)
300 return -EBADSLT;
301 if (call->state >= RXRPC_CALL_COMPLETE) {
302 ret = -ESHUTDOWN;
303 goto out;
304 }
305
306 switch (cmd) {
307 case RXRPC_CMD_SEND_DATA:
308 if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
309 call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
310 call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
311
312 ret = -EPROTO;
313 break;
314 }
315
316 ret = rxrpc_send_data(iocb, rx, call, msg, len);
317 break;
318
319 case RXRPC_CMD_SEND_ABORT:
320 rxrpc_send_abort(call, abort_code);
321 break;
322 default:
323 BUG();
324 }
325
326 out:
327 rxrpc_put_call(call);
328 _leave(" = %d", ret);
329 return ret;
330}
331
332
333
334
335int rxrpc_send_packet(struct rxrpc_transport *trans, struct sk_buff *skb)
336{
337 struct kvec iov[1];
338 struct msghdr msg;
339 int ret, opt;
340
341 _enter(",{%d}", skb->len);
342
343 iov[0].iov_base = skb->head;
344 iov[0].iov_len = skb->len;
345
346 msg.msg_name = &trans->peer->srx.transport.sin;
347 msg.msg_namelen = sizeof(trans->peer->srx.transport.sin);
348 msg.msg_control = NULL;
349 msg.msg_controllen = 0;
350 msg.msg_flags = 0;
351
352
353
354 if (skb->len - sizeof(struct rxrpc_header) < trans->peer->maxdata) {
355 down_read(&trans->local->defrag_sem);
356
357
358
359
360
361
362 ret = kernel_sendmsg(trans->local->socket, &msg, iov, 1,
363 iov[0].iov_len);
364
365 up_read(&trans->local->defrag_sem);
366 if (ret == -EMSGSIZE)
367 goto send_fragmentable;
368
369 _leave(" = %d [%u]", ret, trans->peer->maxdata);
370 return ret;
371 }
372
373send_fragmentable:
374
375 _debug("send fragment");
376
377 down_write(&trans->local->defrag_sem);
378 opt = IP_PMTUDISC_DONT;
379 ret = kernel_setsockopt(trans->local->socket, SOL_IP, IP_MTU_DISCOVER,
380 (char *) &opt, sizeof(opt));
381 if (ret == 0) {
382 ret = kernel_sendmsg(trans->local->socket, &msg, iov, 1,
383 iov[0].iov_len);
384
385 opt = IP_PMTUDISC_DO;
386 kernel_setsockopt(trans->local->socket, SOL_IP,
387 IP_MTU_DISCOVER, (char *) &opt, sizeof(opt));
388 }
389
390 up_write(&trans->local->defrag_sem);
391 _leave(" = %d [frag %u]", ret, trans->peer->maxdata);
392 return ret;
393}
394
395
396
397
398
399static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx,
400 struct rxrpc_call *call,
401 long *timeo)
402{
403 DECLARE_WAITQUEUE(myself, current);
404 int ret;
405
406 _enter(",{%d},%ld",
407 CIRC_SPACE(call->acks_head, call->acks_tail, call->acks_winsz),
408 *timeo);
409
410 add_wait_queue(&call->tx_waitq, &myself);
411
412 for (;;) {
413 set_current_state(TASK_INTERRUPTIBLE);
414 ret = 0;
415 if (CIRC_SPACE(call->acks_head, call->acks_tail,
416 call->acks_winsz) > 0)
417 break;
418 if (signal_pending(current)) {
419 ret = sock_intr_errno(*timeo);
420 break;
421 }
422
423 release_sock(&rx->sk);
424 *timeo = schedule_timeout(*timeo);
425 lock_sock(&rx->sk);
426 }
427
428 remove_wait_queue(&call->tx_waitq, &myself);
429 set_current_state(TASK_RUNNING);
430 _leave(" = %d", ret);
431 return ret;
432}
433
434
435
436
437static inline void rxrpc_instant_resend(struct rxrpc_call *call)
438{
439 read_lock_bh(&call->state_lock);
440 if (try_to_del_timer_sync(&call->resend_timer) >= 0) {
441 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
442 if (call->state < RXRPC_CALL_COMPLETE &&
443 !test_and_set_bit(RXRPC_CALL_RESEND_TIMER, &call->events))
444 rxrpc_queue_call(call);
445 }
446 read_unlock_bh(&call->state_lock);
447}
448
449
450
451
452
453static void rxrpc_queue_packet(struct rxrpc_call *call, struct sk_buff *skb,
454 bool last)
455{
456 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
457 int ret;
458
459 _net("queue skb %p [%d]", skb, call->acks_head);
460
461 ASSERT(call->acks_window != NULL);
462 call->acks_window[call->acks_head] = (unsigned long) skb;
463 smp_wmb();
464 call->acks_head = (call->acks_head + 1) & (call->acks_winsz - 1);
465
466 if (last || call->state == RXRPC_CALL_SERVER_ACK_REQUEST) {
467 _debug("________awaiting reply/ACK__________");
468 write_lock_bh(&call->state_lock);
469 switch (call->state) {
470 case RXRPC_CALL_CLIENT_SEND_REQUEST:
471 call->state = RXRPC_CALL_CLIENT_AWAIT_REPLY;
472 break;
473 case RXRPC_CALL_SERVER_ACK_REQUEST:
474 call->state = RXRPC_CALL_SERVER_SEND_REPLY;
475 if (!last)
476 break;
477 case RXRPC_CALL_SERVER_SEND_REPLY:
478 call->state = RXRPC_CALL_SERVER_AWAIT_ACK;
479 break;
480 default:
481 break;
482 }
483 write_unlock_bh(&call->state_lock);
484 }
485
486 _proto("Tx DATA %%%u { #%u }",
487 ntohl(sp->hdr.serial), ntohl(sp->hdr.seq));
488
489 sp->need_resend = false;
490 sp->resend_at = jiffies + rxrpc_resend_timeout;
491 if (!test_and_set_bit(RXRPC_CALL_RUN_RTIMER, &call->flags)) {
492 _debug("run timer");
493 call->resend_timer.expires = sp->resend_at;
494 add_timer(&call->resend_timer);
495 }
496
497
498
499 ret = -EAGAIN;
500 if (try_to_del_timer_sync(&call->ack_timer) >= 0) {
501
502
503 ret = rxrpc_send_packet(call->conn->trans, skb);
504 _net("sent skb %p", skb);
505 } else {
506 _debug("failed to delete ACK timer");
507 }
508
509 if (ret < 0) {
510 _debug("need instant resend %d", ret);
511 sp->need_resend = true;
512 rxrpc_instant_resend(call);
513 }
514
515 _leave("");
516}
517
518
519
520
521
522
523static int rxrpc_send_data(struct kiocb *iocb,
524 struct rxrpc_sock *rx,
525 struct rxrpc_call *call,
526 struct msghdr *msg, size_t len)
527{
528 struct rxrpc_skb_priv *sp;
529 struct sk_buff *skb;
530 struct sock *sk = &rx->sk;
531 long timeo;
532 bool more;
533 int ret, copied;
534
535 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
536
537
538 clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
539
540 if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN))
541 return -EPIPE;
542
543 more = msg->msg_flags & MSG_MORE;
544
545 skb = call->tx_pending;
546 call->tx_pending = NULL;
547
548 copied = 0;
549 if (len > iov_iter_count(&msg->msg_iter))
550 len = iov_iter_count(&msg->msg_iter);
551 while (len) {
552 int copy;
553
554 if (!skb) {
555 size_t size, chunk, max, space;
556
557 _debug("alloc");
558
559 if (CIRC_SPACE(call->acks_head, call->acks_tail,
560 call->acks_winsz) <= 0) {
561 ret = -EAGAIN;
562 if (msg->msg_flags & MSG_DONTWAIT)
563 goto maybe_error;
564 ret = rxrpc_wait_for_tx_window(rx, call,
565 &timeo);
566 if (ret < 0)
567 goto maybe_error;
568 }
569
570 max = call->conn->trans->peer->maxdata;
571 max -= call->conn->security_size;
572 max &= ~(call->conn->size_align - 1UL);
573
574 chunk = max;
575 if (chunk > len && !more)
576 chunk = len;
577
578 space = chunk + call->conn->size_align;
579 space &= ~(call->conn->size_align - 1UL);
580
581 size = space + call->conn->header_size;
582
583 _debug("SIZE: %zu/%zu/%zu", chunk, space, size);
584
585
586 skb = sock_alloc_send_skb(
587 sk, size, msg->msg_flags & MSG_DONTWAIT, &ret);
588 if (!skb)
589 goto maybe_error;
590
591 rxrpc_new_skb(skb);
592
593 _debug("ALLOC SEND %p", skb);
594
595 ASSERTCMP(skb->mark, ==, 0);
596
597 _debug("HS: %u", call->conn->header_size);
598 skb_reserve(skb, call->conn->header_size);
599 skb->len += call->conn->header_size;
600
601 sp = rxrpc_skb(skb);
602 sp->remain = chunk;
603 if (sp->remain > skb_tailroom(skb))
604 sp->remain = skb_tailroom(skb);
605
606 _net("skb: hr %d, tr %d, hl %d, rm %d",
607 skb_headroom(skb),
608 skb_tailroom(skb),
609 skb_headlen(skb),
610 sp->remain);
611
612 skb->ip_summed = CHECKSUM_UNNECESSARY;
613 }
614
615 _debug("append");
616 sp = rxrpc_skb(skb);
617
618
619 copy = skb_tailroom(skb);
620 ASSERTCMP(copy, >, 0);
621 if (copy > len)
622 copy = len;
623 if (copy > sp->remain)
624 copy = sp->remain;
625
626 _debug("add");
627 ret = skb_add_data(skb, &msg->msg_iter, copy);
628 _debug("added");
629 if (ret < 0)
630 goto efault;
631 sp->remain -= copy;
632 skb->mark += copy;
633 copied += copy;
634
635 len -= copy;
636
637
638
639 if (call->state > RXRPC_CALL_COMPLETE)
640 goto call_aborted;
641
642
643 if (sp->remain <= 0 || (!len && !more)) {
644 struct rxrpc_connection *conn = call->conn;
645 uint32_t seq;
646 size_t pad;
647
648
649 if (conn->security) {
650 pad = conn->security_size + skb->mark;
651 pad = conn->size_align - pad;
652 pad &= conn->size_align - 1;
653 _debug("pad %zu", pad);
654 if (pad)
655 memset(skb_put(skb, pad), 0, pad);
656 }
657
658 seq = atomic_inc_return(&call->sequence);
659
660 sp->hdr.epoch = conn->epoch;
661 sp->hdr.cid = call->cid;
662 sp->hdr.callNumber = call->call_id;
663 sp->hdr.seq = htonl(seq);
664 sp->hdr.serial =
665 htonl(atomic_inc_return(&conn->serial));
666 sp->hdr.type = RXRPC_PACKET_TYPE_DATA;
667 sp->hdr.userStatus = 0;
668 sp->hdr.securityIndex = conn->security_ix;
669 sp->hdr._rsvd = 0;
670 sp->hdr.serviceId = conn->service_id;
671
672 sp->hdr.flags = conn->out_clientflag;
673 if (len == 0 && !more)
674 sp->hdr.flags |= RXRPC_LAST_PACKET;
675 else if (CIRC_SPACE(call->acks_head, call->acks_tail,
676 call->acks_winsz) > 1)
677 sp->hdr.flags |= RXRPC_MORE_PACKETS;
678 if (more && seq & 1)
679 sp->hdr.flags |= RXRPC_REQUEST_ACK;
680
681 ret = rxrpc_secure_packet(
682 call, skb, skb->mark,
683 skb->head + sizeof(struct rxrpc_header));
684 if (ret < 0)
685 goto out;
686
687 memcpy(skb->head, &sp->hdr,
688 sizeof(struct rxrpc_header));
689 rxrpc_queue_packet(call, skb, !iov_iter_count(&msg->msg_iter) && !more);
690 skb = NULL;
691 }
692 }
693
694success:
695 ret = copied;
696out:
697 call->tx_pending = skb;
698 _leave(" = %d", ret);
699 return ret;
700
701call_aborted:
702 rxrpc_free_skb(skb);
703 if (call->state == RXRPC_CALL_NETWORK_ERROR)
704 ret = call->conn->trans->peer->net_error;
705 else
706 ret = -ECONNABORTED;
707 _leave(" = %d", ret);
708 return ret;
709
710maybe_error:
711 if (copied)
712 goto success;
713 goto out;
714
715efault:
716 ret = -EFAULT;
717 goto out;
718}
719
