LXR linux/net/rxrpc/local

   1/* Local endpoint object management
   2 *
   3 * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
   4 * Written by David Howells (dhowells@redhat.com)
   5 *
   6 * This program is free software; you can redistribute it and/or
   7 * modify it under the terms of the GNU General Public Licence
   8 * as published by the Free Software Foundation; either version
   9 * 2 of the Licence, or (at your option) any later version.
  10 */
  11
  12#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  13
  14#include <linux/module.h>
  15#include <linux/net.h>
  16#include <linux/skbuff.h>
  17#include <linux/slab.h>
  18#include <linux/udp.h>
  19#include <linux/ip.h>
  20#include <linux/hashtable.h>
  21#include <net/sock.h>
  22#include <net/udp.h>
  23#include <net/af_rxrpc.h>
  24#include "ar-internal.h"
  25
  26static void rxrpc_local_processor(struct work_struct *);
  27static void rxrpc_local_rcu(struct rcu_head *);
  28
  29/*
  30 * Compare a local to an address.  Return -ve, 0 or +ve to indicate less than,
  31 * same or greater than.
  32 *
  33 * We explicitly don't compare the RxRPC service ID as we want to reject
  34 * conflicting uses by differing services.  Further, we don't want to share
  35 * addresses with different options (IPv6), so we don't compare those bits
  36 * either.
  37 */
  38static long rxrpc_local_cmp_key(const struct rxrpc_local *local,
  39                                const struct sockaddr_rxrpc *srx)
  40{
  41        long diff;
  42
  43        diff = ((local->srx.transport_type - srx->transport_type) ?:
  44                (local->srx.transport_len - srx->transport_len) ?:
  45                (local->srx.transport.family - srx->transport.family));
  46        if (diff != 0)
  47                return diff;
  48
  49        switch (srx->transport.family) {
  50        case AF_INET:
  51                /* If the choice of UDP port is left up to the transport, then
  52                 * the endpoint record doesn't match.
  53                 */
  54                return ((u16 __force)local->srx.transport.sin.sin_port -
  55                        (u16 __force)srx->transport.sin.sin_port) ?:
  56                        memcmp(&local->srx.transport.sin.sin_addr,
  57                               &srx->transport.sin.sin_addr,
  58                               sizeof(struct in_addr));
  59#ifdef CONFIG_AF_RXRPC_IPV6
  60        case AF_INET6:
  61                /* If the choice of UDP6 port is left up to the transport, then
  62                 * the endpoint record doesn't match.
  63                 */
  64                return ((u16 __force)local->srx.transport.sin6.sin6_port -
  65                        (u16 __force)srx->transport.sin6.sin6_port) ?:
  66                        memcmp(&local->srx.transport.sin6.sin6_addr,
  67                               &srx->transport.sin6.sin6_addr,
  68                               sizeof(struct in6_addr));
  69#endif
  70        default:
  71                BUG();
  72        }
  73}
  74
  75/*
  76 * Allocate a new local endpoint.
  77 */
  78static struct rxrpc_local *rxrpc_alloc_local(struct rxrpc_net *rxnet,
  79                                             const struct sockaddr_rxrpc *srx)
  80{
  81        struct rxrpc_local *local;
  82
  83        local = kzalloc(sizeof(struct rxrpc_local), GFP_KERNEL);
  84        if (local) {
  85                atomic_set(&local->usage, 1);
  86                local->rxnet = rxnet;
  87                INIT_LIST_HEAD(&local->link);
  88                INIT_WORK(&local->processor, rxrpc_local_processor);
  89                init_rwsem(&local->defrag_sem);
  90                skb_queue_head_init(&local->reject_queue);
  91                skb_queue_head_init(&local->event_queue);
  92                local->client_conns = RB_ROOT;
  93                spin_lock_init(&local->client_conns_lock);
  94                spin_lock_init(&local->lock);
  95                rwlock_init(&local->services_lock);
  96                local->debug_id = atomic_inc_return(&rxrpc_debug_id);
  97                memcpy(&local->srx, srx, sizeof(*srx));
  98                local->srx.srx_service = 0;
  99                trace_rxrpc_local(local, rxrpc_local_new, 1, NULL);
 100        }
 101
 102        _leave(" = %p", local);
 103        return local;
 104}
 105
 106/*
 107 * create the local socket
 108 * - must be called with rxrpc_local_mutex locked
 109 */
 110static int rxrpc_open_socket(struct rxrpc_local *local, struct net *net)
 111{
 112        struct sock *usk;
 113        int ret, opt;
 114
 115        _enter("%p{%d,%d}",
 116               local, local->srx.transport_type, local->srx.transport.family);
 117
 118        /* create a socket to represent the local endpoint */
 119        ret = sock_create_kern(net, local->srx.transport.family,
 120                               local->srx.transport_type, 0, &local->socket);
 121        if (ret < 0) {
 122                _leave(" = %d [socket]", ret);
 123                return ret;
 124        }
 125
 126        /* set the socket up */
 127        usk = local->socket->sk;
 128        inet_sk(usk)->mc_loop = 0;
 129
 130        /* Enable CHECKSUM_UNNECESSARY to CHECKSUM_COMPLETE conversion */
 131        inet_inc_convert_csum(usk);
 132
 133        rcu_assign_sk_user_data(usk, local);
 134
 135        udp_sk(usk)->encap_type = UDP_ENCAP_RXRPC;
 136        udp_sk(usk)->encap_rcv = rxrpc_input_packet;
 137        udp_sk(usk)->encap_destroy = NULL;
 138        udp_sk(usk)->gro_receive = NULL;
 139        udp_sk(usk)->gro_complete = NULL;
 140
 141        udp_encap_enable();
 142#if IS_ENABLED(CONFIG_AF_RXRPC_IPV6)
 143        if (local->srx.transport.family == AF_INET6)
 144                udpv6_encap_enable();
 145#endif
 146        usk->sk_error_report = rxrpc_error_report;
 147
 148        /* if a local address was supplied then bind it */
 149        if (local->srx.transport_len > sizeof(sa_family_t)) {
 150                _debug("bind");
 151                ret = kernel_bind(local->socket,
 152                                  (struct sockaddr *)&local->srx.transport,
 153                                  local->srx.transport_len);
 154                if (ret < 0) {
 155                        _debug("bind failed %d", ret);
 156                        goto error;
 157                }
 158        }
 159
 160        switch (local->srx.transport.family) {
 161        case AF_INET6:
 162                /* we want to receive ICMPv6 errors */
 163                opt = 1;
 164                ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_RECVERR,
 165                                        (char *) &opt, sizeof(opt));
 166                if (ret < 0) {
 167                        _debug("setsockopt failed");
 168                        goto error;
 169                }
 170
 171                /* we want to set the don't fragment bit */
 172                opt = IPV6_PMTUDISC_DO;
 173                ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_MTU_DISCOVER,
 174                                        (char *) &opt, sizeof(opt));
 175                if (ret < 0) {
 176                        _debug("setsockopt failed");
 177                        goto error;
 178                }
 179
 180                /* Fall through and set IPv4 options too otherwise we don't get
 181                 * errors from IPv4 packets sent through the IPv6 socket.
 182                 */
 183
 184        case AF_INET:
 185                /* we want to receive ICMP errors */
 186                opt = 1;
 187                ret = kernel_setsockopt(local->socket, SOL_IP, IP_RECVERR,
 188                                        (char *) &opt, sizeof(opt));
 189                if (ret < 0) {
 190                        _debug("setsockopt failed");
 191                        goto error;
 192                }
 193
 194                /* we want to set the don't fragment bit */
 195                opt = IP_PMTUDISC_DO;
 196                ret = kernel_setsockopt(local->socket, SOL_IP, IP_MTU_DISCOVER,
 197                                        (char *) &opt, sizeof(opt));
 198                if (ret < 0) {
 199                        _debug("setsockopt failed");
 200                        goto error;
 201                }
 202
 203                /* We want receive timestamps. */
 204                opt = 1;
 205                ret = kernel_setsockopt(local->socket, SOL_SOCKET, SO_TIMESTAMPNS_OLD,
 206                                        (char *)&opt, sizeof(opt));
 207                if (ret < 0) {
 208                        _debug("setsockopt failed");
 209                        goto error;
 210                }
 211                break;
 212
 213        default:
 214                BUG();
 215        }
 216
 217        _leave(" = 0");
 218        return 0;
 219
 220error:
 221        kernel_sock_shutdown(local->socket, SHUT_RDWR);
 222        local->socket->sk->sk_user_data = NULL;
 223        sock_release(local->socket);
 224        local->socket = NULL;
 225
 226        _leave(" = %d", ret);
 227        return ret;
 228}
 229
 230/*
 231 * Look up or create a new local endpoint using the specified local address.
 232 */
 233struct rxrpc_local *rxrpc_lookup_local(struct net *net,
 234                                       const struct sockaddr_rxrpc *srx)
 235{
 236        struct rxrpc_local *local;
 237        struct rxrpc_net *rxnet = rxrpc_net(net);
 238        struct list_head *cursor;
 239        const char *age;
 240        long diff;
 241        int ret;
 242
 243        _enter("{%d,%d,%pISp}",
 244               srx->transport_type, srx->transport.family, &srx->transport);
 245
 246        mutex_lock(&rxnet->local_mutex);
 247
 248        for (cursor = rxnet->local_endpoints.next;
 249             cursor != &rxnet->local_endpoints;
 250             cursor = cursor->next) {
 251                local = list_entry(cursor, struct rxrpc_local, link);
 252
 253                diff = rxrpc_local_cmp_key(local, srx);
 254                if (diff < 0)
 255                        continue;
 256                if (diff > 0)
 257                        break;
 258
 259                /* Services aren't allowed to share transport sockets, so
 260                 * reject that here.  It is possible that the object is dying -
 261                 * but it may also still have the local transport address that
 262                 * we want bound.
 263                 */
 264                if (srx->srx_service) {
 265                        local = NULL;
 266                        goto addr_in_use;
 267                }
 268
 269                /* Found a match.  We replace a dying object.  Attempting to
 270                 * bind the transport socket may still fail if we're attempting
 271                 * to use a local address that the dying object is still using.
 272                 */
 273                if (!rxrpc_get_local_maybe(local)) {
 274                        cursor = cursor->next;
 275                        list_del_init(&local->link);
 276                        break;
 277                }
 278
 279                age = "old";
 280                goto found;
 281        }
 282
 283        local = rxrpc_alloc_local(rxnet, srx);
 284        if (!local)
 285                goto nomem;
 286
 287        ret = rxrpc_open_socket(local, net);
 288        if (ret < 0)
 289                goto sock_error;
 290
 291        list_add_tail(&local->link, cursor);
 292        age = "new";
 293
 294found:
 295        mutex_unlock(&rxnet->local_mutex);
 296
 297        _net("LOCAL %s %d {%pISp}",
 298             age, local->debug_id, &local->srx.transport);
 299
 300        _leave(" = %p", local);
 301        return local;
 302
 303nomem:
 304        ret = -ENOMEM;
 305sock_error:
 306        mutex_unlock(&rxnet->local_mutex);
 307        if (local)
 308                call_rcu(&local->rcu, rxrpc_local_rcu);
 309        _leave(" = %d", ret);
 310        return ERR_PTR(ret);
 311
 312addr_in_use:
 313        mutex_unlock(&rxnet->local_mutex);
 314        _leave(" = -EADDRINUSE");
 315        return ERR_PTR(-EADDRINUSE);
 316}
 317
 318/*
 319 * Get a ref on a local endpoint.
 320 */
 321struct rxrpc_local *rxrpc_get_local(struct rxrpc_local *local)
 322{
 323        const void *here = __builtin_return_address(0);
 324        int n;
 325
 326        n = atomic_inc_return(&local->usage);
 327        trace_rxrpc_local(local, rxrpc_local_got, n, here);
 328        return local;
 329}
 330
 331/*
 332 * Get a ref on a local endpoint unless its usage has already reached 0.
 333 */
 334struct rxrpc_local *rxrpc_get_local_maybe(struct rxrpc_local *local)
 335{
 336        const void *here = __builtin_return_address(0);
 337
 338        if (local) {
 339                int n = atomic_fetch_add_unless(&local->usage, 1, 0);
 340                if (n > 0)
 341                        trace_rxrpc_local(local, rxrpc_local_got, n + 1, here);
 342                else
 343                        local = NULL;
 344        }
 345        return local;
 346}
 347
 348/*
 349 * Queue a local endpoint.
 350 */
 351void rxrpc_queue_local(struct rxrpc_local *local)
 352{
 353        const void *here = __builtin_return_address(0);
 354
 355        if (rxrpc_queue_work(&local->processor))
 356                trace_rxrpc_local(local, rxrpc_local_queued,
 357                                  atomic_read(&local->usage), here);
 358}
 359
 360/*
 361 * A local endpoint reached its end of life.
 362 */
 363static void __rxrpc_put_local(struct rxrpc_local *local)
 364{
 365        _enter("%d", local->debug_id);
 366        rxrpc_queue_work(&local->processor);
 367}
 368
 369/*
 370 * Drop a ref on a local endpoint.
 371 */
 372void rxrpc_put_local(struct rxrpc_local *local)
 373{
 374        const void *here = __builtin_return_address(0);
 375        int n;
 376
 377        if (local) {
 378                n = atomic_dec_return(&local->usage);
 379                trace_rxrpc_local(local, rxrpc_local_put, n, here);
 380
 381                if (n == 0)
 382                        __rxrpc_put_local(local);
 383        }
 384}
 385
 386/*
 387 * Destroy a local endpoint's socket and then hand the record to RCU to dispose
 388 * of.
 389 *
 390 * Closing the socket cannot be done from bottom half context or RCU callback
 391 * context because it might sleep.
 392 */
 393static void rxrpc_local_destroyer(struct rxrpc_local *local)
 394{
 395        struct socket *socket = local->socket;
 396        struct rxrpc_net *rxnet = local->rxnet;
 397
 398        _enter("%d", local->debug_id);
 399
 400        /* We can get a race between an incoming call packet queueing the
 401         * processor again and the work processor starting the destruction
 402         * process which will shut down the UDP socket.
 403         */
 404        if (local->dead) {
 405                _leave(" [already dead]");
 406                return;
 407        }
 408        local->dead = true;
 409
 410        mutex_lock(&rxnet->local_mutex);
 411        list_del_init(&local->link);
 412        mutex_unlock(&rxnet->local_mutex);
 413
 414        ASSERT(RB_EMPTY_ROOT(&local->client_conns));
 415        ASSERT(!local->service);
 416
 417        if (socket) {
 418                local->socket = NULL;
 419                kernel_sock_shutdown(socket, SHUT_RDWR);
 420                socket->sk->sk_user_data = NULL;
 421                sock_release(socket);
 422        }
 423
 424        /* At this point, there should be no more packets coming in to the
 425         * local endpoint.
 426         */
 427        rxrpc_purge_queue(&local->reject_queue);
 428        rxrpc_purge_queue(&local->event_queue);
 429
 430        _debug("rcu local %d", local->debug_id);
 431        call_rcu(&local->rcu, rxrpc_local_rcu);
 432}
 433
 434/*
 435 * Process events on an endpoint
 436 */
 437static void rxrpc_local_processor(struct work_struct *work)
 438{
 439        struct rxrpc_local *local =
 440                container_of(work, struct rxrpc_local, processor);
 441        bool again;
 442
 443        trace_rxrpc_local(local, rxrpc_local_processing,
 444                          atomic_read(&local->usage), NULL);
 445
 446        do {
 447                again = false;
 448                if (atomic_read(&local->usage) == 0)
 449                        return rxrpc_local_destroyer(local);
 450
 451                if (!skb_queue_empty(&local->reject_queue)) {
 452                        rxrpc_reject_packets(local);
 453                        again = true;
 454                }
 455
 456                if (!skb_queue_empty(&local->event_queue)) {
 457                        rxrpc_process_local_events(local);
 458                        again = true;
 459                }
 460        } while (again);
 461}
 462
 463/*
 464 * Destroy a local endpoint after the RCU grace period expires.
 465 */
 466static void rxrpc_local_rcu(struct rcu_head *rcu)
 467{
 468        struct rxrpc_local *local = container_of(rcu, struct rxrpc_local, rcu);
 469
 470        _enter("%d", local->debug_id);
 471
 472        ASSERT(!work_pending(&local->processor));
 473
 474        _net("DESTROY LOCAL %d", local->debug_id);
 475        kfree(local);
 476        _leave("");
 477}
 478
 479/*
 480 * Verify the local endpoint list is empty by this point.
 481 */
 482void rxrpc_destroy_all_locals(struct rxrpc_net *rxnet)
 483{
 484        struct rxrpc_local *local;
 485
 486        _enter("");
 487
 488        flush_workqueue(rxrpc_workqueue);
 489
 490        if (!list_empty(&rxnet->local_endpoints)) {
 491                mutex_lock(&rxnet->local_mutex);
 492                list_for_each_entry(local, &rxnet->local_endpoints, link) {
 493                        pr_err("AF_RXRPC: Leaked local %p {%d}\n",
 494                               local, atomic_read(&local->usage));
 495                }
 496                mutex_unlock(&rxnet->local_mutex);
 497                BUG();
 498        }
 499}
 500