Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ar-accept.c
Go to the documentation of this file.
1 /* incoming call handling
2  *
3  * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells ([email protected])
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version
9  * 2 of the License, or (at your option) any later version.
10  */
11 
12 #include <linux/module.h>
13 #include <linux/net.h>
14 #include <linux/skbuff.h>
15 #include <linux/errqueue.h>
16 #include <linux/udp.h>
17 #include <linux/in.h>
18 #include <linux/in6.h>
19 #include <linux/icmp.h>
20 #include <linux/gfp.h>
21 #include <net/sock.h>
22 #include <net/af_rxrpc.h>
23 #include <net/ip.h>
24 #include "ar-internal.h"
25 
26 /*
27  * generate a connection-level abort
28  */
29 static int rxrpc_busy(struct rxrpc_local *local, struct sockaddr_rxrpc *srx,
30  struct rxrpc_header *hdr)
31 {
32  struct msghdr msg;
33  struct kvec iov[1];
34  size_t len;
35  int ret;
36 
37  _enter("%d,,", local->debug_id);
38 
39  msg.msg_name = &srx->transport.sin;
40  msg.msg_namelen = sizeof(srx->transport.sin);
41  msg.msg_control = NULL;
42  msg.msg_controllen = 0;
43  msg.msg_flags = 0;
44 
45  hdr->seq = 0;
46  hdr->type = RXRPC_PACKET_TYPE_BUSY;
47  hdr->flags = 0;
48  hdr->userStatus = 0;
49  hdr->_rsvd = 0;
50 
51  iov[0].iov_base = hdr;
52  iov[0].iov_len = sizeof(*hdr);
53 
54  len = iov[0].iov_len;
55 
56  hdr->serial = htonl(1);
57  _proto("Tx BUSY %%%u", ntohl(hdr->serial));
58 
59  ret = kernel_sendmsg(local->socket, &msg, iov, 1, len);
60  if (ret < 0) {
61  _leave(" = -EAGAIN [sendmsg failed: %d]", ret);
62  return -EAGAIN;
63  }
64 
65  _leave(" = 0");
66  return 0;
67 }
68 
69 /*
70  * accept an incoming call that needs peer, transport and/or connection setting
71  * up
72  */
73 static int rxrpc_accept_incoming_call(struct rxrpc_local *local,
74  struct rxrpc_sock *rx,
75  struct sk_buff *skb,
76  struct sockaddr_rxrpc *srx)
77 {
78  struct rxrpc_connection *conn;
79  struct rxrpc_transport *trans;
80  struct rxrpc_skb_priv *sp, *nsp;
81  struct rxrpc_peer *peer;
82  struct rxrpc_call *call;
83  struct sk_buff *notification;
84  int ret;
85 
86  _enter("");
87 
88  sp = rxrpc_skb(skb);
89 
90  /* get a notification message to send to the server app */
91  notification = alloc_skb(0, GFP_NOFS);
92  if (!notification) {
93  _debug("no memory");
94  ret = -ENOMEM;
95  goto error_nofree;
96  }
97  rxrpc_new_skb(notification);
98  notification->mark = RXRPC_SKB_MARK_NEW_CALL;
99 
100  peer = rxrpc_get_peer(srx, GFP_NOIO);
101  if (IS_ERR(peer)) {
102  _debug("no peer");
103  ret = -EBUSY;
104  goto error;
105  }
106 
107  trans = rxrpc_get_transport(local, peer, GFP_NOIO);
108  rxrpc_put_peer(peer);
109  if (IS_ERR(trans)) {
110  _debug("no trans");
111  ret = -EBUSY;
112  goto error;
113  }
114 
115  conn = rxrpc_incoming_connection(trans, &sp->hdr, GFP_NOIO);
116  rxrpc_put_transport(trans);
117  if (IS_ERR(conn)) {
118  _debug("no conn");
119  ret = PTR_ERR(conn);
120  goto error;
121  }
122 
123  call = rxrpc_incoming_call(rx, conn, &sp->hdr, GFP_NOIO);
124  rxrpc_put_connection(conn);
125  if (IS_ERR(call)) {
126  _debug("no call");
127  ret = PTR_ERR(call);
128  goto error;
129  }
130 
131  /* attach the call to the socket */
132  read_lock_bh(&local->services_lock);
133  if (rx->sk.sk_state == RXRPC_CLOSE)
134  goto invalid_service;
135 
136  write_lock(&rx->call_lock);
137  if (!test_and_set_bit(RXRPC_CALL_INIT_ACCEPT, &call->flags)) {
138  rxrpc_get_call(call);
139 
140  spin_lock(&call->conn->state_lock);
141  if (sp->hdr.securityIndex > 0 &&
142  call->conn->state == RXRPC_CONN_SERVER_UNSECURED) {
143  _debug("await conn sec");
144  list_add_tail(&call->accept_link, &rx->secureq);
145  call->conn->state = RXRPC_CONN_SERVER_CHALLENGING;
146  atomic_inc(&call->conn->usage);
147  set_bit(RXRPC_CONN_CHALLENGE, &call->conn->events);
148  rxrpc_queue_conn(call->conn);
149  } else {
150  _debug("conn ready");
151  call->state = RXRPC_CALL_SERVER_ACCEPTING;
152  list_add_tail(&call->accept_link, &rx->acceptq);
153  rxrpc_get_call(call);
154  nsp = rxrpc_skb(notification);
155  nsp->call = call;
156 
157  ASSERTCMP(atomic_read(&call->usage), >=, 3);
158 
159  _debug("notify");
160  spin_lock(&call->lock);
161  ret = rxrpc_queue_rcv_skb(call, notification, true,
162  false);
163  spin_unlock(&call->lock);
164  notification = NULL;
165  BUG_ON(ret < 0);
166  }
167  spin_unlock(&call->conn->state_lock);
168 
169  _debug("queued");
170  }
171  write_unlock(&rx->call_lock);
172 
173  _debug("process");
174  rxrpc_fast_process_packet(call, skb);
175 
176  _debug("done");
177  read_unlock_bh(&local->services_lock);
178  rxrpc_free_skb(notification);
179  rxrpc_put_call(call);
180  _leave(" = 0");
181  return 0;
182 
183 invalid_service:
184  _debug("invalid");
185  read_unlock_bh(&local->services_lock);
186 
187  read_lock_bh(&call->state_lock);
188  if (!test_bit(RXRPC_CALL_RELEASE, &call->flags) &&
189  !test_and_set_bit(RXRPC_CALL_RELEASE, &call->events)) {
190  rxrpc_get_call(call);
191  rxrpc_queue_call(call);
192  }
193  read_unlock_bh(&call->state_lock);
194  rxrpc_put_call(call);
195  ret = -ECONNREFUSED;
196 error:
197  rxrpc_free_skb(notification);
198 error_nofree:
199  _leave(" = %d", ret);
200  return ret;
201 }
202 
203 /*
204  * accept incoming calls that need peer, transport and/or connection setting up
205  * - the packets we get are all incoming client DATA packets that have seq == 1
206  */
207 void rxrpc_accept_incoming_calls(struct work_struct *work)
208 {
209  struct rxrpc_local *local =
210  container_of(work, struct rxrpc_local, acceptor);
211  struct rxrpc_skb_priv *sp;
212  struct sockaddr_rxrpc srx;
213  struct rxrpc_sock *rx;
214  struct sk_buff *skb;
215  __be16 service_id;
216  int ret;
217 
218  _enter("%d", local->debug_id);
219 
220  read_lock_bh(&rxrpc_local_lock);
221  if (atomic_read(&local->usage) > 0)
222  rxrpc_get_local(local);
223  else
224  local = NULL;
225  read_unlock_bh(&rxrpc_local_lock);
226  if (!local) {
227  _leave(" [local dead]");
228  return;
229  }
230 
231 process_next_packet:
232  skb = skb_dequeue(&local->accept_queue);
233  if (!skb) {
234  rxrpc_put_local(local);
235  _leave("\n");
236  return;
237  }
238 
239  _net("incoming call skb %p", skb);
240 
241  sp = rxrpc_skb(skb);
242 
243  /* determine the remote address */
244  memset(&srx, 0, sizeof(srx));
245  srx.srx_family = AF_RXRPC;
246  srx.transport.family = local->srx.transport.family;
247  srx.transport_type = local->srx.transport_type;
248  switch (srx.transport.family) {
249  case AF_INET:
250  srx.transport_len = sizeof(struct sockaddr_in);
251  srx.transport.sin.sin_port = udp_hdr(skb)->source;
252  srx.transport.sin.sin_addr.s_addr = ip_hdr(skb)->saddr;
253  break;
254  default:
255  goto busy;
256  }
257 
258  /* get the socket providing the service */
259  service_id = sp->hdr.serviceId;
260  read_lock_bh(&local->services_lock);
261  list_for_each_entry(rx, &local->services, listen_link) {
262  if (rx->service_id == service_id &&
263  rx->sk.sk_state != RXRPC_CLOSE)
264  goto found_service;
265  }
266  read_unlock_bh(&local->services_lock);
267  goto invalid_service;
268 
269 found_service:
270  _debug("found service %hd", ntohs(rx->service_id));
271  if (sk_acceptq_is_full(&rx->sk))
272  goto backlog_full;
273  sk_acceptq_added(&rx->sk);
274  sock_hold(&rx->sk);
275  read_unlock_bh(&local->services_lock);
276 
277  ret = rxrpc_accept_incoming_call(local, rx, skb, &srx);
278  if (ret < 0)
279  sk_acceptq_removed(&rx->sk);
280  sock_put(&rx->sk);
281  switch (ret) {
282  case -ECONNRESET: /* old calls are ignored */
283  case -ECONNABORTED: /* aborted calls are reaborted or ignored */
284  case 0:
285  goto process_next_packet;
286  case -ECONNREFUSED:
287  goto invalid_service;
288  case -EBUSY:
289  goto busy;
290  case -EKEYREJECTED:
291  goto security_mismatch;
292  default:
293  BUG();
294  }
295 
296 backlog_full:
297  read_unlock_bh(&local->services_lock);
298 busy:
299  rxrpc_busy(local, &srx, &sp->hdr);
300  rxrpc_free_skb(skb);
301  goto process_next_packet;
302 
303 invalid_service:
304  skb->priority = RX_INVALID_OPERATION;
305  rxrpc_reject_packet(local, skb);
306  goto process_next_packet;
307 
308  /* can't change connection security type mid-flow */
309 security_mismatch:
310  skb->priority = RX_PROTOCOL_ERROR;
311  rxrpc_reject_packet(local, skb);
312  goto process_next_packet;
313 }
314 
315 /*
316  * handle acceptance of a call by userspace
317  * - assign the user call ID to the call at the front of the queue
318  */
319 struct rxrpc_call *rxrpc_accept_call(struct rxrpc_sock *rx,
320  unsigned long user_call_ID)
321 {
322  struct rxrpc_call *call;
323  struct rb_node *parent, **pp;
324  int ret;
325 
326  _enter(",%lx", user_call_ID);
327 
328  ASSERT(!irqs_disabled());
329 
330  write_lock(&rx->call_lock);
331 
332  ret = -ENODATA;
333  if (list_empty(&rx->acceptq))
334  goto out;
335 
336  /* check the user ID isn't already in use */
337  ret = -EBADSLT;
338  pp = &rx->calls.rb_node;
339  parent = NULL;
340  while (*pp) {
341  parent = *pp;
342  call = rb_entry(parent, struct rxrpc_call, sock_node);
343 
344  if (user_call_ID < call->user_call_ID)
345  pp = &(*pp)->rb_left;
346  else if (user_call_ID > call->user_call_ID)
347  pp = &(*pp)->rb_right;
348  else
349  goto out;
350  }
351 
352  /* dequeue the first call and check it's still valid */
353  call = list_entry(rx->acceptq.next, struct rxrpc_call, accept_link);
354  list_del_init(&call->accept_link);
355  sk_acceptq_removed(&rx->sk);
356 
357  write_lock_bh(&call->state_lock);
358  switch (call->state) {
359  case RXRPC_CALL_SERVER_ACCEPTING:
360  call->state = RXRPC_CALL_SERVER_RECV_REQUEST;
361  break;
362  case RXRPC_CALL_REMOTELY_ABORTED:
363  case RXRPC_CALL_LOCALLY_ABORTED:
364  ret = -ECONNABORTED;
365  goto out_release;
366  case RXRPC_CALL_NETWORK_ERROR:
367  ret = call->conn->error;
368  goto out_release;
369  case RXRPC_CALL_DEAD:
370  ret = -ETIME;
371  goto out_discard;
372  default:
373  BUG();
374  }
375 
376  /* formalise the acceptance */
377  call->user_call_ID = user_call_ID;
378  rb_link_node(&call->sock_node, parent, pp);
379  rb_insert_color(&call->sock_node, &rx->calls);
380  if (test_and_set_bit(RXRPC_CALL_HAS_USERID, &call->flags))
381  BUG();
382  if (test_and_set_bit(RXRPC_CALL_ACCEPTED, &call->events))
383  BUG();
384  rxrpc_queue_call(call);
385 
386  rxrpc_get_call(call);
387  write_unlock_bh(&call->state_lock);
388  write_unlock(&rx->call_lock);
389  _leave(" = %p{%d}", call, call->debug_id);
390  return call;
391 
392  /* if the call is already dying or dead, then we leave the socket's ref
393  * on it to be released by rxrpc_dead_call_expired() as induced by
394  * rxrpc_release_call() */
395 out_release:
396  _debug("release %p", call);
397  if (!test_bit(RXRPC_CALL_RELEASED, &call->flags) &&
398  !test_and_set_bit(RXRPC_CALL_RELEASE, &call->events))
399  rxrpc_queue_call(call);
400 out_discard:
401  write_unlock_bh(&call->state_lock);
402  _debug("discard %p", call);
403 out:
404  write_unlock(&rx->call_lock);
405  _leave(" = %d", ret);
406  return ERR_PTR(ret);
407 }
408 
409 /*
410  * handle rejectance of a call by userspace
411  * - reject the call at the front of the queue
412  */
413 int rxrpc_reject_call(struct rxrpc_sock *rx)
414 {
415  struct rxrpc_call *call;
416  int ret;
417 
418  _enter("");
419 
420  ASSERT(!irqs_disabled());
421 
422  write_lock(&rx->call_lock);
423 
424  ret = -ENODATA;
425  if (list_empty(&rx->acceptq))
426  goto out;
427 
428  /* dequeue the first call and check it's still valid */
429  call = list_entry(rx->acceptq.next, struct rxrpc_call, accept_link);
430  list_del_init(&call->accept_link);
431  sk_acceptq_removed(&rx->sk);
432 
433  write_lock_bh(&call->state_lock);
434  switch (call->state) {
435  case RXRPC_CALL_SERVER_ACCEPTING:
436  call->state = RXRPC_CALL_SERVER_BUSY;
437  if (test_and_set_bit(RXRPC_CALL_REJECT_BUSY, &call->events))
438  rxrpc_queue_call(call);
439  ret = 0;
440  goto out_release;
441  case RXRPC_CALL_REMOTELY_ABORTED:
442  case RXRPC_CALL_LOCALLY_ABORTED:
443  ret = -ECONNABORTED;
444  goto out_release;
445  case RXRPC_CALL_NETWORK_ERROR:
446  ret = call->conn->error;
447  goto out_release;
448  case RXRPC_CALL_DEAD:
449  ret = -ETIME;
450  goto out_discard;
451  default:
452  BUG();
453  }
454 
455  /* if the call is already dying or dead, then we leave the socket's ref
456  * on it to be released by rxrpc_dead_call_expired() as induced by
457  * rxrpc_release_call() */
458 out_release:
459  _debug("release %p", call);
460  if (!test_bit(RXRPC_CALL_RELEASED, &call->flags) &&
461  !test_and_set_bit(RXRPC_CALL_RELEASE, &call->events))
462  rxrpc_queue_call(call);
463 out_discard:
464  write_unlock_bh(&call->state_lock);
465  _debug("discard %p", call);
466 out:
467  write_unlock(&rx->call_lock);
468  _leave(" = %d", ret);
469  return ret;
470 }
471 
480 struct rxrpc_call *rxrpc_kernel_accept_call(struct socket *sock,
481  unsigned long user_call_ID)
482 {
483  struct rxrpc_call *call;
484 
485  _enter(",%lx", user_call_ID);
486  call = rxrpc_accept_call(rxrpc_sk(sock->sk), user_call_ID);
487  _leave(" = %p", call);
488  return call;
489 }
490 
491 EXPORT_SYMBOL(rxrpc_kernel_accept_call);
492 
500 int rxrpc_kernel_reject_call(struct socket *sock)
501 {
502  int ret;
503 
504  _enter("");
505  ret = rxrpc_reject_call(rxrpc_sk(sock->sk));
506  _leave(" = %d", ret);
507  return ret;
508 }
509 
510 EXPORT_SYMBOL(rxrpc_kernel_reject_call);
Generated on Thu Jan 10 2013 15:01:37 for Linux Kernel by   doxygen 1.8.2