LXR linux/fs/afs/rxrpc.c

   1// SPDX-License-Identifier: GPL-2.0-or-later
   2/* Maintain an RxRPC server socket to do AFS communications through
   3 *
   4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
   5 * Written by David Howells (dhowells@redhat.com)
   6 */
   7
   8#include <linux/slab.h>
   9#include <linux/sched/signal.h>
  10
  11#include <net/sock.h>
  12#include <net/af_rxrpc.h>
  13#include "internal.h"
  14#include "afs_cm.h"
  15#include "protocol_yfs.h"
  16
  17struct workqueue_struct *afs_async_calls;
  18
  19static void afs_wake_up_call_waiter(struct sock *, struct rxrpc_call *, unsigned long);
  20static void afs_wake_up_async_call(struct sock *, struct rxrpc_call *, unsigned long);
  21static void afs_process_async_call(struct work_struct *);
  22static void afs_rx_new_call(struct sock *, struct rxrpc_call *, unsigned long);
  23static void afs_rx_discard_new_call(struct rxrpc_call *, unsigned long);
  24static int afs_deliver_cm_op_id(struct afs_call *);
  25
  26/* asynchronous incoming call initial processing */
  27static const struct afs_call_type afs_RXCMxxxx = {
  28        .name           = "CB.xxxx",
  29        .deliver        = afs_deliver_cm_op_id,
  30};
  31
  32/*
  33 * open an RxRPC socket and bind it to be a server for callback notifications
  34 * - the socket is left in blocking mode and non-blocking ops use MSG_DONTWAIT
  35 */
  36int afs_open_socket(struct afs_net *net)
  37{
  38        struct sockaddr_rxrpc srx;
  39        struct socket *socket;
  40        int ret;
  41
  42        _enter("");
  43
  44        ret = sock_create_kern(net->net, AF_RXRPC, SOCK_DGRAM, PF_INET6, &socket);
  45        if (ret < 0)
  46                goto error_1;
  47
  48        socket->sk->sk_allocation = GFP_NOFS;
  49
  50        /* bind the callback manager's address to make this a server socket */
  51        memset(&srx, 0, sizeof(srx));
  52        srx.srx_family                  = AF_RXRPC;
  53        srx.srx_service                 = CM_SERVICE;
  54        srx.transport_type              = SOCK_DGRAM;
  55        srx.transport_len               = sizeof(srx.transport.sin6);
  56        srx.transport.sin6.sin6_family  = AF_INET6;
  57        srx.transport.sin6.sin6_port    = htons(AFS_CM_PORT);
  58
  59        ret = rxrpc_sock_set_min_security_level(socket->sk,
  60                                                RXRPC_SECURITY_ENCRYPT);
  61        if (ret < 0)
  62                goto error_2;
  63
  64        ret = kernel_bind(socket, (struct sockaddr *) &srx, sizeof(srx));
  65        if (ret == -EADDRINUSE) {
  66                srx.transport.sin6.sin6_port = 0;
  67                ret = kernel_bind(socket, (struct sockaddr *) &srx, sizeof(srx));
  68        }
  69        if (ret < 0)
  70                goto error_2;
  71
  72        srx.srx_service = YFS_CM_SERVICE;
  73        ret = kernel_bind(socket, (struct sockaddr *) &srx, sizeof(srx));
  74        if (ret < 0)
  75                goto error_2;
  76
  77        /* Ideally, we'd turn on service upgrade here, but we can't because
  78         * OpenAFS is buggy and leaks the userStatus field from packet to
  79         * packet and between FS packets and CB packets - so if we try to do an
  80         * upgrade on an FS packet, OpenAFS will leak that into the CB packet
  81         * it sends back to us.
  82         */
  83
  84        rxrpc_kernel_new_call_notification(socket, afs_rx_new_call,
  85                                           afs_rx_discard_new_call);
  86
  87        ret = kernel_listen(socket, INT_MAX);
  88        if (ret < 0)
  89                goto error_2;
  90
  91        net->socket = socket;
  92        afs_charge_preallocation(&net->charge_preallocation_work);
  93        _leave(" = 0");
  94        return 0;
  95
  96error_2:
  97        sock_release(socket);
  98error_1:
  99        _leave(" = %d", ret);
 100        return ret;
 101}
 102
 103/*
 104 * close the RxRPC socket AFS was using
 105 */
 106void afs_close_socket(struct afs_net *net)
 107{
 108        _enter("");
 109
 110        kernel_listen(net->socket, 0);
 111        flush_workqueue(afs_async_calls);
 112
 113        if (net->spare_incoming_call) {
 114                afs_put_call(net->spare_incoming_call);
 115                net->spare_incoming_call = NULL;
 116        }
 117
 118        _debug("outstanding %u", atomic_read(&net->nr_outstanding_calls));
 119        wait_var_event(&net->nr_outstanding_calls,
 120                       !atomic_read(&net->nr_outstanding_calls));
 121        _debug("no outstanding calls");
 122
 123        kernel_sock_shutdown(net->socket, SHUT_RDWR);
 124        flush_workqueue(afs_async_calls);
 125        sock_release(net->socket);
 126
 127        _debug("dework");
 128        _leave("");
 129}
 130
 131/*
 132 * Allocate a call.
 133 */
 134static struct afs_call *afs_alloc_call(struct afs_net *net,
 135                                       const struct afs_call_type *type,
 136                                       gfp_t gfp)
 137{
 138        struct afs_call *call;
 139        int o;
 140
 141        call = kzalloc(sizeof(*call), gfp);
 142        if (!call)
 143                return NULL;
 144
 145        call->type = type;
 146        call->net = net;
 147        call->debug_id = atomic_inc_return(&rxrpc_debug_id);
 148        atomic_set(&call->usage, 1);
 149        INIT_WORK(&call->async_work, afs_process_async_call);
 150        init_waitqueue_head(&call->waitq);
 151        spin_lock_init(&call->state_lock);
 152        call->iter = &call->def_iter;
 153
 154        o = atomic_inc_return(&net->nr_outstanding_calls);
 155        trace_afs_call(call, afs_call_trace_alloc, 1, o,
 156                       __builtin_return_address(0));
 157        return call;
 158}
 159
 160/*
 161 * Dispose of a reference on a call.
 162 */
 163void afs_put_call(struct afs_call *call)
 164{
 165        struct afs_net *net = call->net;
 166        int n = atomic_dec_return(&call->usage);
 167        int o = atomic_read(&net->nr_outstanding_calls);
 168
 169        trace_afs_call(call, afs_call_trace_put, n, o,
 170                       __builtin_return_address(0));
 171
 172        ASSERTCMP(n, >=, 0);
 173        if (n == 0) {
 174                ASSERT(!work_pending(&call->async_work));
 175                ASSERT(call->type->name != NULL);
 176
 177                if (call->rxcall) {
 178                        rxrpc_kernel_end_call(net->socket, call->rxcall);
 179                        call->rxcall = NULL;
 180                }
 181                if (call->type->destructor)
 182                        call->type->destructor(call);
 183
 184                afs_unuse_server_notime(call->net, call->server, afs_server_trace_put_call);
 185                afs_put_addrlist(call->alist);
 186                kfree(call->request);
 187
 188                trace_afs_call(call, afs_call_trace_free, 0, o,
 189                               __builtin_return_address(0));
 190                kfree(call);
 191
 192                o = atomic_dec_return(&net->nr_outstanding_calls);
 193                if (o == 0)
 194                        wake_up_var(&net->nr_outstanding_calls);
 195        }
 196}
 197
 198static struct afs_call *afs_get_call(struct afs_call *call,
 199                                     enum afs_call_trace why)
 200{
 201        int u = atomic_inc_return(&call->usage);
 202
 203        trace_afs_call(call, why, u,
 204                       atomic_read(&call->net->nr_outstanding_calls),
 205                       __builtin_return_address(0));
 206        return call;
 207}
 208
 209/*
 210 * Queue the call for actual work.
 211 */
 212static void afs_queue_call_work(struct afs_call *call)
 213{
 214        if (call->type->work) {
 215                INIT_WORK(&call->work, call->type->work);
 216
 217                afs_get_call(call, afs_call_trace_work);
 218                if (!queue_work(afs_wq, &call->work))
 219                        afs_put_call(call);
 220        }
 221}
 222
 223/*
 224 * allocate a call with flat request and reply buffers
 225 */
 226struct afs_call *afs_alloc_flat_call(struct afs_net *net,
 227                                     const struct afs_call_type *type,
 228                                     size_t request_size, size_t reply_max)
 229{
 230        struct afs_call *call;
 231
 232        call = afs_alloc_call(net, type, GFP_NOFS);
 233        if (!call)
 234                goto nomem_call;
 235
 236        if (request_size) {
 237                call->request_size = request_size;
 238                call->request = kmalloc(request_size, GFP_NOFS);
 239                if (!call->request)
 240                        goto nomem_free;
 241        }
 242
 243        if (reply_max) {
 244                call->reply_max = reply_max;
 245                call->buffer = kmalloc(reply_max, GFP_NOFS);
 246                if (!call->buffer)
 247                        goto nomem_free;
 248        }
 249
 250        afs_extract_to_buf(call, call->reply_max);
 251        call->operation_ID = type->op;
 252        init_waitqueue_head(&call->waitq);
 253        return call;
 254
 255nomem_free:
 256        afs_put_call(call);
 257nomem_call:
 258        return NULL;
 259}
 260
 261/*
 262 * clean up a call with flat buffer
 263 */
 264void afs_flat_call_destructor(struct afs_call *call)
 265{
 266        _enter("");
 267
 268        kfree(call->request);
 269        call->request = NULL;
 270        kfree(call->buffer);
 271        call->buffer = NULL;
 272}
 273
 274/*
 275 * Advance the AFS call state when the RxRPC call ends the transmit phase.
 276 */
 277static void afs_notify_end_request_tx(struct sock *sock,
 278                                      struct rxrpc_call *rxcall,
 279                                      unsigned long call_user_ID)
 280{
 281        struct afs_call *call = (struct afs_call *)call_user_ID;
 282
 283        afs_set_call_state(call, AFS_CALL_CL_REQUESTING, AFS_CALL_CL_AWAIT_REPLY);
 284}
 285
 286/*
 287 * Initiate a call and synchronously queue up the parameters for dispatch.  Any
 288 * error is stored into the call struct, which the caller must check for.
 289 */
 290void afs_make_call(struct afs_addr_cursor *ac, struct afs_call *call, gfp_t gfp)
 291{
 292        struct sockaddr_rxrpc *srx = &ac->alist->addrs[ac->index];
 293        struct rxrpc_call *rxcall;
 294        struct msghdr msg;
 295        struct kvec iov[1];
 296        size_t len;
 297        s64 tx_total_len;
 298        int ret;
 299
 300        _enter(",{%pISp},", &srx->transport);
 301
 302        ASSERT(call->type != NULL);
 303        ASSERT(call->type->name != NULL);
 304
 305        _debug("____MAKE %p{%s,%x} [%d]____",
 306               call, call->type->name, key_serial(call->key),
 307               atomic_read(&call->net->nr_outstanding_calls));
 308
 309        call->addr_ix = ac->index;
 310        call->alist = afs_get_addrlist(ac->alist);
 311
 312        /* Work out the length we're going to transmit.  This is awkward for
 313         * calls such as FS.StoreData where there's an extra injection of data
 314         * after the initial fixed part.
 315         */
 316        tx_total_len = call->request_size;
 317        if (call->write_iter)
 318                tx_total_len += iov_iter_count(call->write_iter);
 319
 320        /* If the call is going to be asynchronous, we need an extra ref for
 321         * the call to hold itself so the caller need not hang on to its ref.
 322         */
 323        if (call->async) {
 324                afs_get_call(call, afs_call_trace_get);
 325                call->drop_ref = true;
 326        }
 327
 328        /* create a call */
 329        rxcall = rxrpc_kernel_begin_call(call->net->socket, srx, call->key,
 330                                         (unsigned long)call,
 331                                         tx_total_len, gfp,
 332                                         (call->async ?
 333                                          afs_wake_up_async_call :
 334                                          afs_wake_up_call_waiter),
 335                                         call->upgrade,
 336                                         (call->intr ? RXRPC_PREINTERRUPTIBLE :
 337                                          RXRPC_UNINTERRUPTIBLE),
 338                                         call->debug_id);
 339        if (IS_ERR(rxcall)) {
 340                ret = PTR_ERR(rxcall);
 341                call->error = ret;
 342                goto error_kill_call;
 343        }
 344
 345        call->rxcall = rxcall;
 346
 347        if (call->max_lifespan)
 348                rxrpc_kernel_set_max_life(call->net->socket, rxcall,
 349                                          call->max_lifespan);
 350
 351        /* send the request */
 352        iov[0].iov_base = call->request;
 353        iov[0].iov_len  = call->request_size;
 354
 355        msg.msg_name            = NULL;
 356        msg.msg_namelen         = 0;
 357        iov_iter_kvec(&msg.msg_iter, WRITE, iov, 1, call->request_size);
 358        msg.msg_control         = NULL;
 359        msg.msg_controllen      = 0;
 360        msg.msg_flags           = MSG_WAITALL | (call->write_iter ? MSG_MORE : 0);
 361
 362        ret = rxrpc_kernel_send_data(call->net->socket, rxcall,
 363                                     &msg, call->request_size,
 364                                     afs_notify_end_request_tx);
 365        if (ret < 0)
 366                goto error_do_abort;
 367
 368        if (call->write_iter) {
 369                msg.msg_iter = *call->write_iter;
 370                msg.msg_flags &= ~MSG_MORE;
 371                trace_afs_send_data(call, &msg);
 372
 373                ret = rxrpc_kernel_send_data(call->net->socket,
 374                                             call->rxcall, &msg,
 375                                             iov_iter_count(&msg.msg_iter),
 376                                             afs_notify_end_request_tx);
 377                *call->write_iter = msg.msg_iter;
 378
 379                trace_afs_sent_data(call, &msg, ret);
 380                if (ret < 0)
 381                        goto error_do_abort;
 382        }
 383
 384        /* Note that at this point, we may have received the reply or an abort
 385         * - and an asynchronous call may already have completed.
 386         *
 387         * afs_wait_for_call_to_complete(call, ac)
 388         * must be called to synchronously clean up.
 389         */
 390        return;
 391
 392error_do_abort:
 393        if (ret != -ECONNABORTED) {
 394                rxrpc_kernel_abort_call(call->net->socket, rxcall,
 395                                        RX_USER_ABORT, ret, "KSD");
 396        } else {
 397                len = 0;
 398                iov_iter_kvec(&msg.msg_iter, READ, NULL, 0, 0);
 399                rxrpc_kernel_recv_data(call->net->socket, rxcall,
 400                                       &msg.msg_iter, &len, false,
 401                                       &call->abort_code, &call->service_id);
 402                ac->abort_code = call->abort_code;
 403                ac->responded = true;
 404        }
 405        call->error = ret;
 406        trace_afs_call_done(call);
 407error_kill_call:
 408        if (call->type->done)
 409                call->type->done(call);
 410
 411        /* We need to dispose of the extra ref we grabbed for an async call.
 412         * The call, however, might be queued on afs_async_calls and we need to
 413         * make sure we don't get any more notifications that might requeue it.
 414         */
 415        if (call->rxcall) {
 416                rxrpc_kernel_end_call(call->net->socket, call->rxcall);
 417                call->rxcall = NULL;
 418        }
 419        if (call->async) {
 420                if (cancel_work_sync(&call->async_work))
 421                        afs_put_call(call);
 422                afs_put_call(call);
 423        }
 424
 425        ac->error = ret;
 426        call->state = AFS_CALL_COMPLETE;
 427        _leave(" = %d", ret);
 428}
 429
 430/*
 431 * Log remote abort codes that indicate that we have a protocol disagreement
 432 * with the server.
 433 */
 434static void afs_log_error(struct afs_call *call, s32 remote_abort)
 435{
 436        static int max = 0;
 437        const char *msg;
 438        int m;
 439
 440        switch (remote_abort) {
 441        case RX_EOF:             msg = "unexpected EOF";        break;
 442        case RXGEN_CC_MARSHAL:   msg = "client marshalling";    break;
 443        case RXGEN_CC_UNMARSHAL: msg = "client unmarshalling";  break;
 444        case RXGEN_SS_MARSHAL:   msg = "server marshalling";    break;
 445        case RXGEN_SS_UNMARSHAL: msg = "server unmarshalling";  break;
 446        case RXGEN_DECODE:       msg = "opcode decode";         break;
 447        case RXGEN_SS_XDRFREE:   msg = "server XDR cleanup";    break;
 448        case RXGEN_CC_XDRFREE:   msg = "client XDR cleanup";    break;
 449        case -32:                msg = "insufficient data";     break;
 450        default:
 451                return;
 452        }
 453
 454        m = max;
 455        if (m < 3) {
 456                max = m + 1;
 457                pr_notice("kAFS: Peer reported %s failure on %s [%pISp]\n",
 458                          msg, call->type->name,
 459                          &call->alist->addrs[call->addr_ix].transport);
 460        }
 461}
 462
 463/*
 464 * deliver messages to a call
 465 */
 466static void afs_deliver_to_call(struct afs_call *call)
 467{
 468        enum afs_call_state state;
 469        size_t len;
 470        u32 abort_code, remote_abort = 0;
 471        int ret;
 472
 473        _enter("%s", call->type->name);
 474
 475        while (state = READ_ONCE(call->state),
 476               state == AFS_CALL_CL_AWAIT_REPLY ||
 477               state == AFS_CALL_SV_AWAIT_OP_ID ||
 478               state == AFS_CALL_SV_AWAIT_REQUEST ||
 479               state == AFS_CALL_SV_AWAIT_ACK
 480               ) {
 481                if (state == AFS_CALL_SV_AWAIT_ACK) {
 482                        len = 0;
 483                        iov_iter_kvec(&call->def_iter, READ, NULL, 0, 0);
 484                        ret = rxrpc_kernel_recv_data(call->net->socket,
 485                                                     call->rxcall, &call->def_iter,
 486                                                     &len, false, &remote_abort,
 487                                                     &call->service_id);
 488                        trace_afs_receive_data(call, &call->def_iter, false, ret);
 489
 490                        if (ret == -EINPROGRESS || ret == -EAGAIN)
 491                                return;
 492                        if (ret < 0 || ret == 1) {
 493                                if (ret == 1)
 494                                        ret = 0;
 495                                goto call_complete;
 496                        }
 497                        return;
 498                }
 499
 500                if (!call->have_reply_time &&
 501                    rxrpc_kernel_get_reply_time(call->net->socket,
 502                                                call->rxcall,
 503                                                &call->reply_time))
 504                        call->have_reply_time = true;
 505
 506                ret = call->type->deliver(call);
 507                state = READ_ONCE(call->state);
 508                if (ret == 0 && call->unmarshalling_error)
 509                        ret = -EBADMSG;
 510                switch (ret) {
 511                case 0:
 512                        afs_queue_call_work(call);
 513                        if (state == AFS_CALL_CL_PROC_REPLY) {
 514                                if (call->op)
 515                                        set_bit(AFS_SERVER_FL_MAY_HAVE_CB,
 516                                                &call->op->server->flags);
 517                                goto call_complete;
 518                        }
 519                        ASSERTCMP(state, >, AFS_CALL_CL_PROC_REPLY);
 520                        goto done;
 521                case -EINPROGRESS:
 522                case -EAGAIN:
 523                        goto out;
 524                case -ECONNABORTED:
 525                        ASSERTCMP(state, ==, AFS_CALL_COMPLETE);
 526                        afs_log_error(call, call->abort_code);
 527                        goto done;
 528                case -ENOTSUPP:
 529                        abort_code = RXGEN_OPCODE;
 530                        rxrpc_kernel_abort_call(call->net->socket, call->rxcall,
 531                                                abort_code, ret, "KIV");
 532                        goto local_abort;
 533                case -EIO:
 534                        pr_err("kAFS: Call %u in bad state %u\n",
 535                               call->debug_id, state);
 536                        fallthrough;
 537                case -ENODATA:
 538                case -EBADMSG:
 539                case -EMSGSIZE:
 540                case -ENOMEM:
 541                case -EFAULT:
 542                        abort_code = RXGEN_CC_UNMARSHAL;
 543                        if (state != AFS_CALL_CL_AWAIT_REPLY)
 544                                abort_code = RXGEN_SS_UNMARSHAL;
 545                        rxrpc_kernel_abort_call(call->net->socket, call->rxcall,
 546                                                abort_code, ret, "KUM");
 547                        goto local_abort;
 548                default:
 549                        abort_code = RX_CALL_DEAD;
 550                        rxrpc_kernel_abort_call(call->net->socket, call->rxcall,
 551                                                abort_code, ret, "KER");
 552                        goto local_abort;
 553                }
 554        }
 555
 556done:
 557        if (call->type->done)
 558                call->type->done(call);
 559out:
 560        _leave("");
 561        return;
 562
 563local_abort:
 564        abort_code = 0;
 565call_complete:
 566        afs_set_call_complete(call, ret, remote_abort);
 567        state = AFS_CALL_COMPLETE;
 568        goto done;
 569}
 570
 571/*
 572 * Wait synchronously for a call to complete and clean up the call struct.
 573 */
 574long afs_wait_for_call_to_complete(struct afs_call *call,
 575                                   struct afs_addr_cursor *ac)
 576{
 577        long ret;
 578        bool rxrpc_complete = false;
 579
 580        DECLARE_WAITQUEUE(myself, current);
 581
 582        _enter("");
 583
 584        ret = call->error;
 585        if (ret < 0)
 586                goto out;
 587
 588        add_wait_queue(&call->waitq, &myself);
 589        for (;;) {
 590                set_current_state(TASK_UNINTERRUPTIBLE);
 591
 592                /* deliver any messages that are in the queue */
 593                if (!afs_check_call_state(call, AFS_CALL_COMPLETE) &&
 594                    call->need_attention) {
 595                        call->need_attention = false;
 596                        __set_current_state(TASK_RUNNING);
 597                        afs_deliver_to_call(call);
 598                        continue;
 599                }
 600
 601                if (afs_check_call_state(call, AFS_CALL_COMPLETE))
 602                        break;
 603
 604                if (!rxrpc_kernel_check_life(call->net->socket, call->rxcall)) {
 605                        /* rxrpc terminated the call. */
 606                        rxrpc_complete = true;
 607                        break;
 608                }
 609
 610                schedule();
 611        }
 612
 613        remove_wait_queue(&call->waitq, &myself);
 614        __set_current_state(TASK_RUNNING);
 615
 616        if (!afs_check_call_state(call, AFS_CALL_COMPLETE)) {
 617                if (rxrpc_complete) {
 618                        afs_set_call_complete(call, call->error, call->abort_code);
 619                } else {
 620                        /* Kill off the call if it's still live. */
 621                        _debug("call interrupted");
 622                        if (rxrpc_kernel_abort_call(call->net->socket, call->rxcall,
 623                                                    RX_USER_ABORT, -EINTR, "KWI"))
 624                                afs_set_call_complete(call, -EINTR, 0);
 625                }
 626        }
 627
 628        spin_lock_bh(&call->state_lock);
 629        ac->abort_code = call->abort_code;
 630        ac->error = call->error;
 631        spin_unlock_bh(&call->state_lock);
 632
 633        ret = ac->error;
 634        switch (ret) {
 635        case 0:
 636                ret = call->ret0;
 637                call->ret0 = 0;
 638
 639                fallthrough;
 640        case -ECONNABORTED:
 641                ac->responded = true;
 642                break;
 643        }
 644
 645out:
 646        _debug("call complete");
 647        afs_put_call(call);
 648        _leave(" = %p", (void *)ret);
 649        return ret;
 650}
 651
 652/*
 653 * wake up a waiting call
 654 */
 655static void afs_wake_up_call_waiter(struct sock *sk, struct rxrpc_call *rxcall,
 656                                    unsigned long call_user_ID)
 657{
 658        struct afs_call *call = (struct afs_call *)call_user_ID;
 659
 660        call->need_attention = true;
 661        wake_up(&call->waitq);
 662}
 663
 664/*
 665 * wake up an asynchronous call
 666 */
 667static void afs_wake_up_async_call(struct sock *sk, struct rxrpc_call *rxcall,
 668                                   unsigned long call_user_ID)
 669{
 670        struct afs_call *call = (struct afs_call *)call_user_ID;
 671        int u;
 672
 673        trace_afs_notify_call(rxcall, call);
 674        call->need_attention = true;
 675
 676        u = atomic_fetch_add_unless(&call->usage, 1, 0);
 677        if (u != 0) {
 678                trace_afs_call(call, afs_call_trace_wake, u + 1,
 679                               atomic_read(&call->net->nr_outstanding_calls),
 680                               __builtin_return_address(0));
 681
 682                if (!queue_work(afs_async_calls, &call->async_work))
 683                        afs_put_call(call);
 684        }
 685}
 686
 687/*
 688 * Perform I/O processing on an asynchronous call.  The work item carries a ref
 689 * to the call struct that we either need to release or to pass on.
 690 */
 691static void afs_process_async_call(struct work_struct *work)
 692{
 693        struct afs_call *call = container_of(work, struct afs_call, async_work);
 694
 695        _enter("");
 696
 697        if (call->state < AFS_CALL_COMPLETE && call->need_attention) {
 698                call->need_attention = false;
 699                afs_deliver_to_call(call);
 700        }
 701
 702        afs_put_call(call);
 703        _leave("");
 704}
 705
 706static void afs_rx_attach(struct rxrpc_call *rxcall, unsigned long user_call_ID)
 707{
 708        struct afs_call *call = (struct afs_call *)user_call_ID;
 709
 710        call->rxcall = rxcall;
 711}
 712
 713/*
 714 * Charge the incoming call preallocation.
 715 */
 716void afs_charge_preallocation(struct work_struct *work)
 717{
 718        struct afs_net *net =
 719                container_of(work, struct afs_net, charge_preallocation_work);
 720        struct afs_call *call = net->spare_incoming_call;
 721
 722        for (;;) {
 723                if (!call) {
 724                        call = afs_alloc_call(net, &afs_RXCMxxxx, GFP_KERNEL);
 725                        if (!call)
 726                                break;
 727
 728                        call->drop_ref = true;
 729                        call->async = true;
 730                        call->state = AFS_CALL_SV_AWAIT_OP_ID;
 731                        init_waitqueue_head(&call->waitq);
 732                        afs_extract_to_tmp(call);
 733                }
 734
 735                if (rxrpc_kernel_charge_accept(net->socket,
 736                                               afs_wake_up_async_call,
 737                                               afs_rx_attach,
 738                                               (unsigned long)call,
 739                                               GFP_KERNEL,
 740                                               call->debug_id) < 0)
 741                        break;
 742                call = NULL;
 743        }
 744        net->spare_incoming_call = call;
 745}
 746
 747/*
 748 * Discard a preallocated call when a socket is shut down.
 749 */
 750static void afs_rx_discard_new_call(struct rxrpc_call *rxcall,
 751                                    unsigned long user_call_ID)
 752{
 753        struct afs_call *call = (struct afs_call *)user_call_ID;
 754
 755        call->rxcall = NULL;
 756        afs_put_call(call);
 757}
 758
 759/*
 760 * Notification of an incoming call.
 761 */
 762static void afs_rx_new_call(struct sock *sk, struct rxrpc_call *rxcall,
 763                            unsigned long user_call_ID)
 764{
 765        struct afs_net *net = afs_sock2net(sk);
 766
 767        queue_work(afs_wq, &net->charge_preallocation_work);
 768}
 769
 770/*
 771 * Grab the operation ID from an incoming cache manager call.  The socket
 772 * buffer is discarded on error or if we don't yet have sufficient data.
 773 */
 774static int afs_deliver_cm_op_id(struct afs_call *call)
 775{
 776        int ret;
 777
 778        _enter("{%zu}", iov_iter_count(call->iter));
 779
 780        /* the operation ID forms the first four bytes of the request data */
 781        ret = afs_extract_data(call, true);
 782        if (ret < 0)
 783                return ret;
 784
 785        call->operation_ID = ntohl(call->tmp);
 786        afs_set_call_state(call, AFS_CALL_SV_AWAIT_OP_ID, AFS_CALL_SV_AWAIT_REQUEST);
 787
 788        /* ask the cache manager to route the call (it'll change the call type
 789         * if successful) */
 790        if (!afs_cm_incoming_call(call))
 791                return -ENOTSUPP;
 792
 793        trace_afs_cb_call(call);
 794
 795        /* pass responsibility for the remainer of this message off to the
 796         * cache manager op */
 797        return call->type->deliver(call);
 798}
 799
 800/*
 801 * Advance the AFS call state when an RxRPC service call ends the transmit
 802 * phase.
 803 */
 804static void afs_notify_end_reply_tx(struct sock *sock,
 805                                    struct rxrpc_call *rxcall,
 806                                    unsigned long call_user_ID)
 807{
 808        struct afs_call *call = (struct afs_call *)call_user_ID;
 809
 810        afs_set_call_state(call, AFS_CALL_SV_REPLYING, AFS_CALL_SV_AWAIT_ACK);
 811}
 812
 813/*
 814 * send an empty reply
 815 */
 816void afs_send_empty_reply(struct afs_call *call)
 817{
 818        struct afs_net *net = call->net;
 819        struct msghdr msg;
 820
 821        _enter("");
 822
 823        rxrpc_kernel_set_tx_length(net->socket, call->rxcall, 0);
 824
 825        msg.msg_name            = NULL;
 826        msg.msg_namelen         = 0;
 827        iov_iter_kvec(&msg.msg_iter, WRITE, NULL, 0, 0);
 828        msg.msg_control         = NULL;
 829        msg.msg_controllen      = 0;
 830        msg.msg_flags           = 0;
 831
 832        switch (rxrpc_kernel_send_data(net->socket, call->rxcall, &msg, 0,
 833                                       afs_notify_end_reply_tx)) {
 834        case 0:
 835                _leave(" [replied]");
 836                return;
 837
 838        case -ENOMEM:
 839                _debug("oom");
 840                rxrpc_kernel_abort_call(net->socket, call->rxcall,
 841                                        RXGEN_SS_MARSHAL, -ENOMEM, "KOO");
 842                fallthrough;
 843        default:
 844                _leave(" [error]");
 845                return;
 846        }
 847}
 848
 849/*
 850 * send a simple reply
 851 */
 852void afs_send_simple_reply(struct afs_call *call, const void *buf, size_t len)
 853{
 854        struct afs_net *net = call->net;
 855        struct msghdr msg;
 856        struct kvec iov[1];
 857        int n;
 858
 859        _enter("");
 860
 861        rxrpc_kernel_set_tx_length(net->socket, call->rxcall, len);
 862
 863        iov[0].iov_base         = (void *) buf;
 864        iov[0].iov_len          = len;
 865        msg.msg_name            = NULL;
 866        msg.msg_namelen         = 0;
 867        iov_iter_kvec(&msg.msg_iter, WRITE, iov, 1, len);
 868        msg.msg_control         = NULL;
 869        msg.msg_controllen      = 0;
 870        msg.msg_flags           = 0;
 871
 872        n = rxrpc_kernel_send_data(net->socket, call->rxcall, &msg, len,
 873                                   afs_notify_end_reply_tx);
 874        if (n >= 0) {
 875                /* Success */
 876                _leave(" [replied]");
 877                return;
 878        }
 879
 880        if (n == -ENOMEM) {
 881                _debug("oom");
 882                rxrpc_kernel_abort_call(net->socket, call->rxcall,
 883                                        RXGEN_SS_MARSHAL, -ENOMEM, "KOO");
 884        }
 885        _leave(" [error]");
 886}
 887
 888/*
 889 * Extract a piece of data from the received data socket buffers.
 890 */
 891int afs_extract_data(struct afs_call *call, bool want_more)
 892{
 893        struct afs_net *net = call->net;
 894        struct iov_iter *iter = call->iter;
 895        enum afs_call_state state;
 896        u32 remote_abort = 0;
 897        int ret;
 898
 899        _enter("{%s,%zu,%zu},%d",
 900               call->type->name, call->iov_len, iov_iter_count(iter), want_more);
 901
 902        ret = rxrpc_kernel_recv_data(net->socket, call->rxcall, iter,
 903                                     &call->iov_len, want_more, &remote_abort,
 904                                     &call->service_id);
 905        if (ret == 0 || ret == -EAGAIN)
 906                return ret;
 907
 908        state = READ_ONCE(call->state);
 909        if (ret == 1) {
 910                switch (state) {
 911                case AFS_CALL_CL_AWAIT_REPLY:
 912                        afs_set_call_state(call, state, AFS_CALL_CL_PROC_REPLY);
 913                        break;
 914                case AFS_CALL_SV_AWAIT_REQUEST:
 915                        afs_set_call_state(call, state, AFS_CALL_SV_REPLYING);
 916                        break;
 917                case AFS_CALL_COMPLETE:
 918                        kdebug("prem complete %d", call->error);
 919                        return afs_io_error(call, afs_io_error_extract);
 920                default:
 921                        break;
 922                }
 923                return 0;
 924        }
 925
 926        afs_set_call_complete(call, ret, remote_abort);
 927        return ret;
 928}
 929
 930/*
 931 * Log protocol error production.
 932 */
 933noinline int afs_protocol_error(struct afs_call *call,
 934                                enum afs_eproto_cause cause)
 935{
 936        trace_afs_protocol_error(call, cause);
 937        if (call)
 938                call->unmarshalling_error = true;
 939        return -EBADMSG;
 940}
 941