LXR linux/net/rxrpc/ar-input.c

   1/* RxRPC packet reception
   2 *
   3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
   4 * Written by David Howells (dhowells@redhat.com)
   5 *
   6 * This program is free software; you can redistribute it and/or
   7 * modify it under the terms of the GNU General Public License
   8 * as published by the Free Software Foundation; either version
   9 * 2 of the License, or (at your option) any later version.
  10 */
  11
  12#include <linux/module.h>
  13#include <linux/net.h>
  14#include <linux/skbuff.h>
  15#include <linux/errqueue.h>
  16#include <linux/udp.h>
  17#include <linux/in.h>
  18#include <linux/in6.h>
  19#include <linux/icmp.h>
  20#include <linux/gfp.h>
  21#include <net/sock.h>
  22#include <net/af_rxrpc.h>
  23#include <net/ip.h>
  24#include <net/udp.h>
  25#include <net/net_namespace.h>
  26#include "ar-internal.h"
  27
  28const char *rxrpc_pkts[] = {
  29        "?00",
  30        "DATA", "ACK", "BUSY", "ABORT", "ACKALL", "CHALL", "RESP", "DEBUG",
  31        "?09", "?10", "?11", "?12", "VERSION", "?14", "?15"
  32};
  33
  34/*
  35 * queue a packet for recvmsg to pass to userspace
  36 * - the caller must hold a lock on call->lock
  37 * - must not be called with interrupts disabled (sk_filter() disables BH's)
  38 * - eats the packet whether successful or not
  39 * - there must be just one reference to the packet, which the caller passes to
  40 *   this function
  41 */
  42int rxrpc_queue_rcv_skb(struct rxrpc_call *call, struct sk_buff *skb,
  43                        bool force, bool terminal)
  44{
  45        struct rxrpc_skb_priv *sp;
  46        struct rxrpc_sock *rx = call->socket;
  47        struct sock *sk;
  48        int ret;
  49
  50        _enter(",,%d,%d", force, terminal);
  51
  52        ASSERT(!irqs_disabled());
  53
  54        sp = rxrpc_skb(skb);
  55        ASSERTCMP(sp->call, ==, call);
  56
  57        /* if we've already posted the terminal message for a call, then we
  58         * don't post any more */
  59        if (test_bit(RXRPC_CALL_TERMINAL_MSG, &call->flags)) {
  60                _debug("already terminated");
  61                ASSERTCMP(call->state, >=, RXRPC_CALL_COMPLETE);
  62                skb->destructor = NULL;
  63                sp->call = NULL;
  64                rxrpc_put_call(call);
  65                rxrpc_free_skb(skb);
  66                return 0;
  67        }
  68
  69        sk = &rx->sk;
  70
  71        if (!force) {
  72                /* cast skb->rcvbuf to unsigned...  It's pointless, but
  73                 * reduces number of warnings when compiling with -W
  74                 * --ANK */
  75//              ret = -ENOBUFS;
  76//              if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
  77//                  (unsigned int) sk->sk_rcvbuf)
  78//                      goto out;
  79
  80                ret = sk_filter(sk, skb);
  81                if (ret < 0)
  82                        goto out;
  83        }
  84
  85        spin_lock_bh(&sk->sk_receive_queue.lock);
  86        if (!test_bit(RXRPC_CALL_TERMINAL_MSG, &call->flags) &&
  87            !test_bit(RXRPC_CALL_RELEASED, &call->flags) &&
  88            call->socket->sk.sk_state != RXRPC_CLOSE) {
  89                skb->destructor = rxrpc_packet_destructor;
  90                skb->dev = NULL;
  91                skb->sk = sk;
  92                atomic_add(skb->truesize, &sk->sk_rmem_alloc);
  93
  94                if (terminal) {
  95                        _debug("<<<< TERMINAL MESSAGE >>>>");
  96                        set_bit(RXRPC_CALL_TERMINAL_MSG, &call->flags);
  97                }
  98
  99                /* allow interception by a kernel service */
 100                if (rx->interceptor) {
 101                        rx->interceptor(sk, call->user_call_ID, skb);
 102                        spin_unlock_bh(&sk->sk_receive_queue.lock);
 103                } else {
 104                        _net("post skb %p", skb);
 105                        __skb_queue_tail(&sk->sk_receive_queue, skb);
 106                        spin_unlock_bh(&sk->sk_receive_queue.lock);
 107
 108                        if (!sock_flag(sk, SOCK_DEAD))
 109                                sk->sk_data_ready(sk);
 110                }
 111                skb = NULL;
 112        } else {
 113                spin_unlock_bh(&sk->sk_receive_queue.lock);
 114        }
 115        ret = 0;
 116
 117out:
 118        /* release the socket buffer */
 119        if (skb) {
 120                skb->destructor = NULL;
 121                sp->call = NULL;
 122                rxrpc_put_call(call);
 123                rxrpc_free_skb(skb);
 124        }
 125
 126        _leave(" = %d", ret);
 127        return ret;
 128}
 129
 130/*
 131 * process a DATA packet, posting the packet to the appropriate queue
 132 * - eats the packet if successful
 133 */
 134static int rxrpc_fast_process_data(struct rxrpc_call *call,
 135                                   struct sk_buff *skb, u32 seq)
 136{
 137        struct rxrpc_skb_priv *sp;
 138        bool terminal;
 139        int ret, ackbit, ack;
 140
 141        _enter("{%u,%u},,{%u}", call->rx_data_post, call->rx_first_oos, seq);
 142
 143        sp = rxrpc_skb(skb);
 144        ASSERTCMP(sp->call, ==, NULL);
 145
 146        spin_lock(&call->lock);
 147
 148        if (call->state > RXRPC_CALL_COMPLETE)
 149                goto discard;
 150
 151        ASSERTCMP(call->rx_data_expect, >=, call->rx_data_post);
 152        ASSERTCMP(call->rx_data_post, >=, call->rx_data_recv);
 153        ASSERTCMP(call->rx_data_recv, >=, call->rx_data_eaten);
 154
 155        if (seq < call->rx_data_post) {
 156                _debug("dup #%u [-%u]", seq, call->rx_data_post);
 157                ack = RXRPC_ACK_DUPLICATE;
 158                ret = -ENOBUFS;
 159                goto discard_and_ack;
 160        }
 161
 162        /* we may already have the packet in the out of sequence queue */
 163        ackbit = seq - (call->rx_data_eaten + 1);
 164        ASSERTCMP(ackbit, >=, 0);
 165        if (__test_and_set_bit(ackbit, call->ackr_window)) {
 166                _debug("dup oos #%u [%u,%u]",
 167                       seq, call->rx_data_eaten, call->rx_data_post);
 168                ack = RXRPC_ACK_DUPLICATE;
 169                goto discard_and_ack;
 170        }
 171
 172        if (seq >= call->ackr_win_top) {
 173                _debug("exceed #%u [%u]", seq, call->ackr_win_top);
 174                __clear_bit(ackbit, call->ackr_window);
 175                ack = RXRPC_ACK_EXCEEDS_WINDOW;
 176                goto discard_and_ack;
 177        }
 178
 179        if (seq == call->rx_data_expect) {
 180                clear_bit(RXRPC_CALL_EXPECT_OOS, &call->flags);
 181                call->rx_data_expect++;
 182        } else if (seq > call->rx_data_expect) {
 183                _debug("oos #%u [%u]", seq, call->rx_data_expect);
 184                call->rx_data_expect = seq + 1;
 185                if (test_and_set_bit(RXRPC_CALL_EXPECT_OOS, &call->flags)) {
 186                        ack = RXRPC_ACK_OUT_OF_SEQUENCE;
 187                        goto enqueue_and_ack;
 188                }
 189                goto enqueue_packet;
 190        }
 191
 192        if (seq != call->rx_data_post) {
 193                _debug("ahead #%u [%u]", seq, call->rx_data_post);
 194                goto enqueue_packet;
 195        }
 196
 197        if (test_bit(RXRPC_CALL_RCVD_LAST, &call->flags))
 198                goto protocol_error;
 199
 200        /* if the packet need security things doing to it, then it goes down
 201         * the slow path */
 202        if (call->conn->security)
 203                goto enqueue_packet;
 204
 205        sp->call = call;
 206        rxrpc_get_call(call);
 207        terminal = ((sp->hdr.flags & RXRPC_LAST_PACKET) &&
 208                    !(sp->hdr.flags & RXRPC_CLIENT_INITIATED));
 209        ret = rxrpc_queue_rcv_skb(call, skb, false, terminal);
 210        if (ret < 0) {
 211                if (ret == -ENOMEM || ret == -ENOBUFS) {
 212                        __clear_bit(ackbit, call->ackr_window);
 213                        ack = RXRPC_ACK_NOSPACE;
 214                        goto discard_and_ack;
 215                }
 216                goto out;
 217        }
 218
 219        skb = NULL;
 220
 221        _debug("post #%u", seq);
 222        ASSERTCMP(call->rx_data_post, ==, seq);
 223        call->rx_data_post++;
 224
 225        if (sp->hdr.flags & RXRPC_LAST_PACKET)
 226                set_bit(RXRPC_CALL_RCVD_LAST, &call->flags);
 227
 228        /* if we've reached an out of sequence packet then we need to drain
 229         * that queue into the socket Rx queue now */
 230        if (call->rx_data_post == call->rx_first_oos) {
 231                _debug("drain rx oos now");
 232                read_lock(&call->state_lock);
 233                if (call->state < RXRPC_CALL_COMPLETE &&
 234                    !test_and_set_bit(RXRPC_CALL_DRAIN_RX_OOS, &call->events))
 235                        rxrpc_queue_call(call);
 236                read_unlock(&call->state_lock);
 237        }
 238
 239        spin_unlock(&call->lock);
 240        atomic_inc(&call->ackr_not_idle);
 241        rxrpc_propose_ACK(call, RXRPC_ACK_DELAY, sp->hdr.serial, false);
 242        _leave(" = 0 [posted]");
 243        return 0;
 244
 245protocol_error:
 246        ret = -EBADMSG;
 247out:
 248        spin_unlock(&call->lock);
 249        _leave(" = %d", ret);
 250        return ret;
 251
 252discard_and_ack:
 253        _debug("discard and ACK packet %p", skb);
 254        __rxrpc_propose_ACK(call, ack, sp->hdr.serial, true);
 255discard:
 256        spin_unlock(&call->lock);
 257        rxrpc_free_skb(skb);
 258        _leave(" = 0 [discarded]");
 259        return 0;
 260
 261enqueue_and_ack:
 262        __rxrpc_propose_ACK(call, ack, sp->hdr.serial, true);
 263enqueue_packet:
 264        _net("defer skb %p", skb);
 265        spin_unlock(&call->lock);
 266        skb_queue_tail(&call->rx_queue, skb);
 267        atomic_inc(&call->ackr_not_idle);
 268        read_lock(&call->state_lock);
 269        if (call->state < RXRPC_CALL_DEAD)
 270                rxrpc_queue_call(call);
 271        read_unlock(&call->state_lock);
 272        _leave(" = 0 [queued]");
 273        return 0;
 274}
 275
 276/*
 277 * assume an implicit ACKALL of the transmission phase of a client socket upon
 278 * reception of the first reply packet
 279 */
 280static void rxrpc_assume_implicit_ackall(struct rxrpc_call *call, u32 serial)
 281{
 282        write_lock_bh(&call->state_lock);
 283
 284        switch (call->state) {
 285        case RXRPC_CALL_CLIENT_AWAIT_REPLY:
 286                call->state = RXRPC_CALL_CLIENT_RECV_REPLY;
 287                call->acks_latest = serial;
 288
 289                _debug("implicit ACKALL %%%u", call->acks_latest);
 290                set_bit(RXRPC_CALL_RCVD_ACKALL, &call->events);
 291                write_unlock_bh(&call->state_lock);
 292
 293                if (try_to_del_timer_sync(&call->resend_timer) >= 0) {
 294                        clear_bit(RXRPC_CALL_RESEND_TIMER, &call->events);
 295                        clear_bit(RXRPC_CALL_RESEND, &call->events);
 296                        clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
 297                }
 298                break;
 299
 300        default:
 301                write_unlock_bh(&call->state_lock);
 302                break;
 303        }
 304}
 305
 306/*
 307 * post an incoming packet to the nominated call to deal with
 308 * - must get rid of the sk_buff, either by freeing it or by queuing it
 309 */
 310void rxrpc_fast_process_packet(struct rxrpc_call *call, struct sk_buff *skb)
 311{
 312        struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
 313        __be32 _abort_code;
 314        u32 serial, hi_serial, seq, abort_code;
 315
 316        _enter("%p,%p", call, skb);
 317
 318        ASSERT(!irqs_disabled());
 319
 320#if 0 // INJECT RX ERROR
 321        if (sp->hdr.type == RXRPC_PACKET_TYPE_DATA) {
 322                static int skip = 0;
 323                if (++skip == 3) {
 324                        printk("DROPPED 3RD PACKET!!!!!!!!!!!!!\n");
 325                        skip = 0;
 326                        goto free_packet;
 327                }
 328        }
 329#endif
 330
 331        /* track the latest serial number on this connection for ACK packet
 332         * information */
 333        serial = ntohl(sp->hdr.serial);
 334        hi_serial = atomic_read(&call->conn->hi_serial);
 335        while (serial > hi_serial)
 336                hi_serial = atomic_cmpxchg(&call->conn->hi_serial, hi_serial,
 337                                           serial);
 338
 339        /* request ACK generation for any ACK or DATA packet that requests
 340         * it */
 341        if (sp->hdr.flags & RXRPC_REQUEST_ACK) {
 342                _proto("ACK Requested on %%%u", serial);
 343                rxrpc_propose_ACK(call, RXRPC_ACK_REQUESTED, sp->hdr.serial, false);
 344        }
 345
 346        switch (sp->hdr.type) {
 347        case RXRPC_PACKET_TYPE_ABORT:
 348                _debug("abort");
 349
 350                if (skb_copy_bits(skb, 0, &_abort_code,
 351                                  sizeof(_abort_code)) < 0)
 352                        goto protocol_error;
 353
 354                abort_code = ntohl(_abort_code);
 355                _proto("Rx ABORT %%%u { %x }", serial, abort_code);
 356
 357                write_lock_bh(&call->state_lock);
 358                if (call->state < RXRPC_CALL_COMPLETE) {
 359                        call->state = RXRPC_CALL_REMOTELY_ABORTED;
 360                        call->abort_code = abort_code;
 361                        set_bit(RXRPC_CALL_RCVD_ABORT, &call->events);
 362                        rxrpc_queue_call(call);
 363                }
 364                goto free_packet_unlock;
 365
 366        case RXRPC_PACKET_TYPE_BUSY:
 367                _proto("Rx BUSY %%%u", serial);
 368
 369                if (call->conn->out_clientflag)
 370                        goto protocol_error;
 371
 372                write_lock_bh(&call->state_lock);
 373                switch (call->state) {
 374                case RXRPC_CALL_CLIENT_SEND_REQUEST:
 375                        call->state = RXRPC_CALL_SERVER_BUSY;
 376                        set_bit(RXRPC_CALL_RCVD_BUSY, &call->events);
 377                        rxrpc_queue_call(call);
 378                case RXRPC_CALL_SERVER_BUSY:
 379                        goto free_packet_unlock;
 380                default:
 381                        goto protocol_error_locked;
 382                }
 383
 384        default:
 385                _proto("Rx %s %%%u", rxrpc_pkts[sp->hdr.type], serial);
 386                goto protocol_error;
 387
 388        case RXRPC_PACKET_TYPE_DATA:
 389                seq = ntohl(sp->hdr.seq);
 390
 391                _proto("Rx DATA %%%u { #%u }", serial, seq);
 392
 393                if (seq == 0)
 394                        goto protocol_error;
 395
 396                call->ackr_prev_seq = sp->hdr.seq;
 397
 398                /* received data implicitly ACKs all of the request packets we
 399                 * sent when we're acting as a client */
 400                if (call->state == RXRPC_CALL_CLIENT_AWAIT_REPLY)
 401                        rxrpc_assume_implicit_ackall(call, serial);
 402
 403                switch (rxrpc_fast_process_data(call, skb, seq)) {
 404                case 0:
 405                        skb = NULL;
 406                        goto done;
 407
 408                default:
 409                        BUG();
 410
 411                        /* data packet received beyond the last packet */
 412                case -EBADMSG:
 413                        goto protocol_error;
 414                }
 415
 416        case RXRPC_PACKET_TYPE_ACKALL:
 417        case RXRPC_PACKET_TYPE_ACK:
 418                /* ACK processing is done in process context */
 419                read_lock_bh(&call->state_lock);
 420                if (call->state < RXRPC_CALL_DEAD) {
 421                        skb_queue_tail(&call->rx_queue, skb);
 422                        rxrpc_queue_call(call);
 423                        skb = NULL;
 424                }
 425                read_unlock_bh(&call->state_lock);
 426                goto free_packet;
 427        }
 428
 429protocol_error:
 430        _debug("protocol error");
 431        write_lock_bh(&call->state_lock);
 432protocol_error_locked:
 433        if (call->state <= RXRPC_CALL_COMPLETE) {
 434                call->state = RXRPC_CALL_LOCALLY_ABORTED;
 435                call->abort_code = RX_PROTOCOL_ERROR;
 436                set_bit(RXRPC_CALL_ABORT, &call->events);
 437                rxrpc_queue_call(call);
 438        }
 439free_packet_unlock:
 440        write_unlock_bh(&call->state_lock);
 441free_packet:
 442        rxrpc_free_skb(skb);
 443done:
 444        _leave("");
 445}
 446
 447/*
 448 * split up a jumbo data packet
 449 */
 450static void rxrpc_process_jumbo_packet(struct rxrpc_call *call,
 451                                       struct sk_buff *jumbo)
 452{
 453        struct rxrpc_jumbo_header jhdr;
 454        struct rxrpc_skb_priv *sp;
 455        struct sk_buff *part;
 456
 457        _enter(",{%u,%u}", jumbo->data_len, jumbo->len);
 458
 459        sp = rxrpc_skb(jumbo);
 460
 461        do {
 462                sp->hdr.flags &= ~RXRPC_JUMBO_PACKET;
 463
 464                /* make a clone to represent the first subpacket in what's left
 465                 * of the jumbo packet */
 466                part = skb_clone(jumbo, GFP_ATOMIC);
 467                if (!part) {
 468                        /* simply ditch the tail in the event of ENOMEM */
 469                        pskb_trim(jumbo, RXRPC_JUMBO_DATALEN);
 470                        break;
 471                }
 472                rxrpc_new_skb(part);
 473
 474                pskb_trim(part, RXRPC_JUMBO_DATALEN);
 475
 476                if (!pskb_pull(jumbo, RXRPC_JUMBO_DATALEN))
 477                        goto protocol_error;
 478
 479                if (skb_copy_bits(jumbo, 0, &jhdr, sizeof(jhdr)) < 0)
 480                        goto protocol_error;
 481                if (!pskb_pull(jumbo, sizeof(jhdr)))
 482                        BUG();
 483
 484                sp->hdr.seq     = htonl(ntohl(sp->hdr.seq) + 1);
 485                sp->hdr.serial  = htonl(ntohl(sp->hdr.serial) + 1);
 486                sp->hdr.flags   = jhdr.flags;
 487                sp->hdr._rsvd   = jhdr._rsvd;
 488
 489                _proto("Rx DATA Jumbo %%%u", ntohl(sp->hdr.serial) - 1);
 490
 491                rxrpc_fast_process_packet(call, part);
 492                part = NULL;
 493
 494        } while (sp->hdr.flags & RXRPC_JUMBO_PACKET);
 495
 496        rxrpc_fast_process_packet(call, jumbo);
 497        _leave("");
 498        return;
 499
 500protocol_error:
 501        _debug("protocol error");
 502        rxrpc_free_skb(part);
 503        rxrpc_free_skb(jumbo);
 504        write_lock_bh(&call->state_lock);
 505        if (call->state <= RXRPC_CALL_COMPLETE) {
 506                call->state = RXRPC_CALL_LOCALLY_ABORTED;
 507                call->abort_code = RX_PROTOCOL_ERROR;
 508                set_bit(RXRPC_CALL_ABORT, &call->events);
 509                rxrpc_queue_call(call);
 510        }
 511        write_unlock_bh(&call->state_lock);
 512        _leave("");
 513}
 514
 515/*
 516 * post an incoming packet to the appropriate call/socket to deal with
 517 * - must get rid of the sk_buff, either by freeing it or by queuing it
 518 */
 519static void rxrpc_post_packet_to_call(struct rxrpc_call *call,
 520                                      struct sk_buff *skb)
 521{
 522        struct rxrpc_skb_priv *sp;
 523
 524        _enter("%p,%p", call, skb);
 525
 526        sp = rxrpc_skb(skb);
 527
 528        _debug("extant call [%d]", call->state);
 529
 530        read_lock(&call->state_lock);
 531        switch (call->state) {
 532        case RXRPC_CALL_LOCALLY_ABORTED:
 533                if (!test_and_set_bit(RXRPC_CALL_ABORT, &call->events)) {
 534                        rxrpc_queue_call(call);
 535                        goto free_unlock;
 536                }
 537        case RXRPC_CALL_REMOTELY_ABORTED:
 538        case RXRPC_CALL_NETWORK_ERROR:
 539        case RXRPC_CALL_DEAD:
 540                goto dead_call;
 541        case RXRPC_CALL_COMPLETE:
 542        case RXRPC_CALL_CLIENT_FINAL_ACK:
 543                /* complete server call */
 544                if (call->conn->in_clientflag)
 545                        goto dead_call;
 546                /* resend last packet of a completed call */
 547                _debug("final ack again");
 548                rxrpc_get_call(call);
 549                set_bit(RXRPC_CALL_ACK_FINAL, &call->events);
 550                rxrpc_queue_call(call);
 551                goto free_unlock;
 552        default:
 553                break;
 554        }
 555
 556        read_unlock(&call->state_lock);
 557        rxrpc_get_call(call);
 558
 559        if (sp->hdr.type == RXRPC_PACKET_TYPE_DATA &&
 560            sp->hdr.flags & RXRPC_JUMBO_PACKET)
 561                rxrpc_process_jumbo_packet(call, skb);
 562        else
 563                rxrpc_fast_process_packet(call, skb);
 564
 565        rxrpc_put_call(call);
 566        goto done;
 567
 568dead_call:
 569        if (sp->hdr.type != RXRPC_PACKET_TYPE_ABORT) {
 570                skb->priority = RX_CALL_DEAD;
 571                rxrpc_reject_packet(call->conn->trans->local, skb);
 572                goto unlock;
 573        }
 574free_unlock:
 575        rxrpc_free_skb(skb);
 576unlock:
 577        read_unlock(&call->state_lock);
 578done:
 579        _leave("");
 580}
 581
 582/*
 583 * post connection-level events to the connection
 584 * - this includes challenges, responses and some aborts
 585 */
 586static void rxrpc_post_packet_to_conn(struct rxrpc_connection *conn,
 587                                      struct sk_buff *skb)
 588{
 589        _enter("%p,%p", conn, skb);
 590
 591        atomic_inc(&conn->usage);
 592        skb_queue_tail(&conn->rx_queue, skb);
 593        rxrpc_queue_conn(conn);
 594}
 595
 596/*
 597 * post endpoint-level events to the local endpoint
 598 * - this includes debug and version messages
 599 */
 600static void rxrpc_post_packet_to_local(struct rxrpc_local *local,
 601                                       struct sk_buff *skb)
 602{
 603        _enter("%p,%p", local, skb);
 604
 605        atomic_inc(&local->usage);
 606        skb_queue_tail(&local->event_queue, skb);
 607        rxrpc_queue_work(&local->event_processor);
 608}
 609
 610static struct rxrpc_connection *rxrpc_conn_from_local(struct rxrpc_local *local,
 611                                               struct sk_buff *skb,
 612                                               struct rxrpc_skb_priv *sp)
 613{
 614        struct rxrpc_peer *peer;
 615        struct rxrpc_transport *trans;
 616        struct rxrpc_connection *conn;
 617
 618        peer = rxrpc_find_peer(local, ip_hdr(skb)->saddr,
 619                                udp_hdr(skb)->source);
 620        if (IS_ERR(peer))
 621                goto cant_find_conn;
 622
 623        trans = rxrpc_find_transport(local, peer);
 624        rxrpc_put_peer(peer);
 625        if (!trans)
 626                goto cant_find_conn;
 627
 628        conn = rxrpc_find_connection(trans, &sp->hdr);
 629        rxrpc_put_transport(trans);
 630        if (!conn)
 631                goto cant_find_conn;
 632
 633        return conn;
 634cant_find_conn:
 635        return NULL;
 636}
 637
 638/*
 639 * handle data received on the local endpoint
 640 * - may be called in interrupt context
 641 */
 642void rxrpc_data_ready(struct sock *sk)
 643{
 644        struct rxrpc_skb_priv *sp;
 645        struct rxrpc_local *local;
 646        struct sk_buff *skb;
 647        int ret;
 648
 649        _enter("%p", sk);
 650
 651        ASSERT(!irqs_disabled());
 652
 653        read_lock_bh(&rxrpc_local_lock);
 654        local = sk->sk_user_data;
 655        if (local && atomic_read(&local->usage) > 0)
 656                rxrpc_get_local(local);
 657        else
 658                local = NULL;
 659        read_unlock_bh(&rxrpc_local_lock);
 660        if (!local) {
 661                _leave(" [local dead]");
 662                return;
 663        }
 664
 665        skb = skb_recv_datagram(sk, 0, 1, &ret);
 666        if (!skb) {
 667                rxrpc_put_local(local);
 668                if (ret == -EAGAIN)
 669                        return;
 670                _debug("UDP socket error %d", ret);
 671                return;
 672        }
 673
 674        rxrpc_new_skb(skb);
 675
 676        _net("recv skb %p", skb);
 677
 678        /* we'll probably need to checksum it (didn't call sock_recvmsg) */
 679        if (skb_checksum_complete(skb)) {
 680                rxrpc_free_skb(skb);
 681                rxrpc_put_local(local);
 682                UDP_INC_STATS_BH(&init_net, UDP_MIB_INERRORS, 0);
 683                _leave(" [CSUM failed]");
 684                return;
 685        }
 686
 687        UDP_INC_STATS_BH(&init_net, UDP_MIB_INDATAGRAMS, 0);
 688
 689        /* the socket buffer we have is owned by UDP, with UDP's data all over
 690         * it, but we really want our own */
 691        skb_orphan(skb);
 692        sp = rxrpc_skb(skb);
 693        memset(sp, 0, sizeof(*sp));
 694
 695        _net("Rx UDP packet from %08x:%04hu",
 696             ntohl(ip_hdr(skb)->saddr), ntohs(udp_hdr(skb)->source));
 697
 698        /* dig out the RxRPC connection details */
 699        if (skb_copy_bits(skb, sizeof(struct udphdr), &sp->hdr,
 700                          sizeof(sp->hdr)) < 0)
 701                goto bad_message;
 702        if (!pskb_pull(skb, sizeof(struct udphdr) + sizeof(sp->hdr)))
 703                BUG();
 704
 705        _net("Rx RxRPC %s ep=%x call=%x:%x",
 706             sp->hdr.flags & RXRPC_CLIENT_INITIATED ? "ToServer" : "ToClient",
 707             ntohl(sp->hdr.epoch),
 708             ntohl(sp->hdr.cid),
 709             ntohl(sp->hdr.callNumber));
 710
 711        if (sp->hdr.type == 0 || sp->hdr.type >= RXRPC_N_PACKET_TYPES) {
 712                _proto("Rx Bad Packet Type %u", sp->hdr.type);
 713                goto bad_message;
 714        }
 715
 716        if (sp->hdr.type == RXRPC_PACKET_TYPE_VERSION) {
 717                rxrpc_post_packet_to_local(local, skb);
 718                goto out;
 719        }
 720        
 721        if (sp->hdr.type == RXRPC_PACKET_TYPE_DATA &&
 722            (sp->hdr.callNumber == 0 || sp->hdr.seq == 0))
 723                goto bad_message;
 724
 725        if (sp->hdr.callNumber == 0) {
 726                /* This is a connection-level packet. These should be
 727                 * fairly rare, so the extra overhead of looking them up the
 728                 * old-fashioned way doesn't really hurt */
 729                struct rxrpc_connection *conn;
 730
 731                conn = rxrpc_conn_from_local(local, skb, sp);
 732                if (!conn)
 733                        goto cant_route_call;
 734
 735                _debug("CONN %p {%d}", conn, conn->debug_id);
 736                rxrpc_post_packet_to_conn(conn, skb);
 737                rxrpc_put_connection(conn);
 738        } else {
 739                struct rxrpc_call *call;
 740                u8 in_clientflag = 0;
 741
 742                if (sp->hdr.flags & RXRPC_CLIENT_INITIATED)
 743                        in_clientflag = RXRPC_CLIENT_INITIATED;
 744                call = rxrpc_find_call_hash(in_clientflag, sp->hdr.cid,
 745                                            sp->hdr.callNumber, sp->hdr.epoch,
 746                                            sp->hdr.serviceId, local, AF_INET,
 747                                            (u8 *)&ip_hdr(skb)->saddr);
 748                if (call)
 749                        rxrpc_post_packet_to_call(call, skb);
 750                else
 751                        goto cant_route_call;
 752        }
 753
 754out:
 755        rxrpc_put_local(local);
 756        return;
 757
 758cant_route_call:
 759        _debug("can't route call");
 760        if (sp->hdr.flags & RXRPC_CLIENT_INITIATED &&
 761            sp->hdr.type == RXRPC_PACKET_TYPE_DATA) {
 762                if (sp->hdr.seq == cpu_to_be32(1)) {
 763                        _debug("first packet");
 764                        skb_queue_tail(&local->accept_queue, skb);
 765                        rxrpc_queue_work(&local->acceptor);
 766                        rxrpc_put_local(local);
 767                        _leave(" [incoming]");
 768                        return;
 769                }
 770                skb->priority = RX_INVALID_OPERATION;
 771        } else {
 772                skb->priority = RX_CALL_DEAD;
 773        }
 774
 775        if (sp->hdr.type != RXRPC_PACKET_TYPE_ABORT) {
 776                _debug("reject type %d",sp->hdr.type);
 777                rxrpc_reject_packet(local, skb);
 778        }
 779        rxrpc_put_local(local);
 780        _leave(" [no call]");
 781        return;
 782
 783bad_message:
 784        skb->priority = RX_PROTOCOL_ERROR;
 785        rxrpc_reject_packet(local, skb);
 786        rxrpc_put_local(local);
 787        _leave(" [badmsg]");
 788}
 789