1 /* RxRPC packet reception
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14 #include <linux/module.h>
15 #include <linux/net.h>
16 #include <linux/skbuff.h>
17 #include <linux/errqueue.h>
18 #include <linux/udp.h>
20 #include <linux/in6.h>
21 #include <linux/icmp.h>
22 #include <linux/gfp.h>
24 #include <net/af_rxrpc.h>
27 #include <net/net_namespace.h>
28 #include "ar-internal.h"
31 * queue a packet for recvmsg to pass to userspace
32 * - the caller must hold a lock on call->lock
33 * - must not be called with interrupts disabled (sk_filter() disables BH's)
34 * - eats the packet whether successful or not
35 * - there must be just one reference to the packet, which the caller passes to
38 int rxrpc_queue_rcv_skb(struct rxrpc_call *call, struct sk_buff *skb,
39 bool force, bool terminal)
41 struct rxrpc_skb_priv *sp;
42 struct rxrpc_sock *rx = call->socket;
46 _enter(",,%d,%d", force, terminal);
48 ASSERT(!irqs_disabled());
51 ASSERTCMP(sp->call, ==, call);
53 /* if we've already posted the terminal message for a call, then we
54 * don't post any more */
55 if (test_bit(RXRPC_CALL_TERMINAL_MSG, &call->flags)) {
56 _debug("already terminated");
57 ASSERTCMP(call->state, >=, RXRPC_CALL_COMPLETE);
58 skb->destructor = NULL;
68 /* cast skb->rcvbuf to unsigned... It's pointless, but
69 * reduces number of warnings when compiling with -W
72 // if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
73 // (unsigned int) sk->sk_rcvbuf)
76 ret = sk_filter(sk, skb);
81 spin_lock_bh(&sk->sk_receive_queue.lock);
82 if (!test_bit(RXRPC_CALL_TERMINAL_MSG, &call->flags) &&
83 !test_bit(RXRPC_CALL_RELEASED, &call->flags) &&
84 call->socket->sk.sk_state != RXRPC_CLOSE) {
85 skb->destructor = rxrpc_packet_destructor;
88 atomic_add(skb->truesize, &sk->sk_rmem_alloc);
91 _debug("<<<< TERMINAL MESSAGE >>>>");
92 set_bit(RXRPC_CALL_TERMINAL_MSG, &call->flags);
95 /* allow interception by a kernel service */
96 if (rx->interceptor) {
97 rx->interceptor(sk, call->user_call_ID, skb);
98 spin_unlock_bh(&sk->sk_receive_queue.lock);
100 _net("post skb %p", skb);
101 __skb_queue_tail(&sk->sk_receive_queue, skb);
102 spin_unlock_bh(&sk->sk_receive_queue.lock);
104 if (!sock_flag(sk, SOCK_DEAD))
105 sk->sk_data_ready(sk);
109 spin_unlock_bh(&sk->sk_receive_queue.lock);
114 /* release the socket buffer */
116 skb->destructor = NULL;
118 rxrpc_put_call(call);
122 _leave(" = %d", ret);
127 * process a DATA packet, posting the packet to the appropriate queue
128 * - eats the packet if successful
130 static int rxrpc_fast_process_data(struct rxrpc_call *call,
131 struct sk_buff *skb, u32 seq)
133 struct rxrpc_skb_priv *sp;
135 int ret, ackbit, ack;
137 _enter("{%u,%u},,{%u}", call->rx_data_post, call->rx_first_oos, seq);
140 ASSERTCMP(sp->call, ==, NULL);
142 spin_lock(&call->lock);
144 if (call->state > RXRPC_CALL_COMPLETE)
147 ASSERTCMP(call->rx_data_expect, >=, call->rx_data_post);
148 ASSERTCMP(call->rx_data_post, >=, call->rx_data_recv);
149 ASSERTCMP(call->rx_data_recv, >=, call->rx_data_eaten);
151 if (seq < call->rx_data_post) {
152 _debug("dup #%u [-%u]", seq, call->rx_data_post);
153 ack = RXRPC_ACK_DUPLICATE;
155 goto discard_and_ack;
158 /* we may already have the packet in the out of sequence queue */
159 ackbit = seq - (call->rx_data_eaten + 1);
160 ASSERTCMP(ackbit, >=, 0);
161 if (__test_and_set_bit(ackbit, call->ackr_window)) {
162 _debug("dup oos #%u [%u,%u]",
163 seq, call->rx_data_eaten, call->rx_data_post);
164 ack = RXRPC_ACK_DUPLICATE;
165 goto discard_and_ack;
168 if (seq >= call->ackr_win_top) {
169 _debug("exceed #%u [%u]", seq, call->ackr_win_top);
170 __clear_bit(ackbit, call->ackr_window);
171 ack = RXRPC_ACK_EXCEEDS_WINDOW;
172 goto discard_and_ack;
175 if (seq == call->rx_data_expect) {
176 clear_bit(RXRPC_CALL_EXPECT_OOS, &call->flags);
177 call->rx_data_expect++;
178 } else if (seq > call->rx_data_expect) {
179 _debug("oos #%u [%u]", seq, call->rx_data_expect);
180 call->rx_data_expect = seq + 1;
181 if (test_and_set_bit(RXRPC_CALL_EXPECT_OOS, &call->flags)) {
182 ack = RXRPC_ACK_OUT_OF_SEQUENCE;
183 goto enqueue_and_ack;
188 if (seq != call->rx_data_post) {
189 _debug("ahead #%u [%u]", seq, call->rx_data_post);
193 if (test_bit(RXRPC_CALL_RCVD_LAST, &call->flags))
196 /* if the packet need security things doing to it, then it goes down
198 if (call->conn->security_ix)
202 rxrpc_get_call(call);
203 terminal = ((sp->hdr.flags & RXRPC_LAST_PACKET) &&
204 !(sp->hdr.flags & RXRPC_CLIENT_INITIATED));
205 ret = rxrpc_queue_rcv_skb(call, skb, false, terminal);
207 if (ret == -ENOMEM || ret == -ENOBUFS) {
208 __clear_bit(ackbit, call->ackr_window);
209 ack = RXRPC_ACK_NOSPACE;
210 goto discard_and_ack;
217 _debug("post #%u", seq);
218 ASSERTCMP(call->rx_data_post, ==, seq);
219 call->rx_data_post++;
221 if (sp->hdr.flags & RXRPC_LAST_PACKET)
222 set_bit(RXRPC_CALL_RCVD_LAST, &call->flags);
224 /* if we've reached an out of sequence packet then we need to drain
225 * that queue into the socket Rx queue now */
226 if (call->rx_data_post == call->rx_first_oos) {
227 _debug("drain rx oos now");
228 read_lock(&call->state_lock);
229 if (call->state < RXRPC_CALL_COMPLETE &&
230 !test_and_set_bit(RXRPC_CALL_EV_DRAIN_RX_OOS, &call->events))
231 rxrpc_queue_call(call);
232 read_unlock(&call->state_lock);
235 spin_unlock(&call->lock);
236 atomic_inc(&call->ackr_not_idle);
237 rxrpc_propose_ACK(call, RXRPC_ACK_DELAY, sp->hdr.serial, false);
238 _leave(" = 0 [posted]");
244 spin_unlock(&call->lock);
245 _leave(" = %d", ret);
249 _debug("discard and ACK packet %p", skb);
250 __rxrpc_propose_ACK(call, ack, sp->hdr.serial, true);
252 spin_unlock(&call->lock);
254 _leave(" = 0 [discarded]");
258 __rxrpc_propose_ACK(call, ack, sp->hdr.serial, true);
260 _net("defer skb %p", skb);
261 spin_unlock(&call->lock);
262 skb_queue_tail(&call->rx_queue, skb);
263 atomic_inc(&call->ackr_not_idle);
264 read_lock(&call->state_lock);
265 if (call->state < RXRPC_CALL_DEAD)
266 rxrpc_queue_call(call);
267 read_unlock(&call->state_lock);
268 _leave(" = 0 [queued]");
273 * assume an implicit ACKALL of the transmission phase of a client socket upon
274 * reception of the first reply packet
276 static void rxrpc_assume_implicit_ackall(struct rxrpc_call *call, u32 serial)
278 write_lock_bh(&call->state_lock);
280 switch (call->state) {
281 case RXRPC_CALL_CLIENT_AWAIT_REPLY:
282 call->state = RXRPC_CALL_CLIENT_RECV_REPLY;
283 call->acks_latest = serial;
285 _debug("implicit ACKALL %%%u", call->acks_latest);
286 set_bit(RXRPC_CALL_EV_RCVD_ACKALL, &call->events);
287 write_unlock_bh(&call->state_lock);
289 if (try_to_del_timer_sync(&call->resend_timer) >= 0) {
290 clear_bit(RXRPC_CALL_EV_RESEND_TIMER, &call->events);
291 clear_bit(RXRPC_CALL_EV_RESEND, &call->events);
292 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
297 write_unlock_bh(&call->state_lock);
303 * post an incoming packet to the nominated call to deal with
304 * - must get rid of the sk_buff, either by freeing it or by queuing it
306 void rxrpc_fast_process_packet(struct rxrpc_call *call, struct sk_buff *skb)
308 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
310 u32 hi_serial, abort_code;
312 _enter("%p,%p", call, skb);
314 ASSERT(!irqs_disabled());
316 #if 0 // INJECT RX ERROR
317 if (sp->hdr.type == RXRPC_PACKET_TYPE_DATA) {
320 printk("DROPPED 3RD PACKET!!!!!!!!!!!!!\n");
327 /* track the latest serial number on this connection for ACK packet
329 hi_serial = atomic_read(&call->conn->hi_serial);
330 while (sp->hdr.serial > hi_serial)
331 hi_serial = atomic_cmpxchg(&call->conn->hi_serial, hi_serial,
334 /* request ACK generation for any ACK or DATA packet that requests
336 if (sp->hdr.flags & RXRPC_REQUEST_ACK) {
337 _proto("ACK Requested on %%%u", sp->hdr.serial);
338 rxrpc_propose_ACK(call, RXRPC_ACK_REQUESTED, sp->hdr.serial, false);
341 switch (sp->hdr.type) {
342 case RXRPC_PACKET_TYPE_ABORT:
345 if (skb_copy_bits(skb, 0, &wtmp, sizeof(wtmp)) < 0)
348 abort_code = ntohl(wtmp);
349 _proto("Rx ABORT %%%u { %x }", sp->hdr.serial, abort_code);
351 write_lock_bh(&call->state_lock);
352 if (call->state < RXRPC_CALL_COMPLETE) {
353 call->state = RXRPC_CALL_REMOTELY_ABORTED;
354 call->remote_abort = abort_code;
355 set_bit(RXRPC_CALL_EV_RCVD_ABORT, &call->events);
356 rxrpc_queue_call(call);
358 goto free_packet_unlock;
360 case RXRPC_PACKET_TYPE_BUSY:
361 _proto("Rx BUSY %%%u", sp->hdr.serial);
363 if (call->conn->out_clientflag)
366 write_lock_bh(&call->state_lock);
367 switch (call->state) {
368 case RXRPC_CALL_CLIENT_SEND_REQUEST:
369 call->state = RXRPC_CALL_SERVER_BUSY;
370 set_bit(RXRPC_CALL_EV_RCVD_BUSY, &call->events);
371 rxrpc_queue_call(call);
372 case RXRPC_CALL_SERVER_BUSY:
373 goto free_packet_unlock;
375 goto protocol_error_locked;
379 _proto("Rx %s %%%u", rxrpc_pkts[sp->hdr.type], sp->hdr.serial);
382 case RXRPC_PACKET_TYPE_DATA:
383 _proto("Rx DATA %%%u { #%u }", sp->hdr.serial, sp->hdr.seq);
385 if (sp->hdr.seq == 0)
388 call->ackr_prev_seq = sp->hdr.seq;
390 /* received data implicitly ACKs all of the request packets we
391 * sent when we're acting as a client */
392 if (call->state == RXRPC_CALL_CLIENT_AWAIT_REPLY)
393 rxrpc_assume_implicit_ackall(call, sp->hdr.serial);
395 switch (rxrpc_fast_process_data(call, skb, sp->hdr.seq)) {
403 /* data packet received beyond the last packet */
408 case RXRPC_PACKET_TYPE_ACKALL:
409 case RXRPC_PACKET_TYPE_ACK:
410 /* ACK processing is done in process context */
411 read_lock_bh(&call->state_lock);
412 if (call->state < RXRPC_CALL_DEAD) {
413 skb_queue_tail(&call->rx_queue, skb);
414 rxrpc_queue_call(call);
417 read_unlock_bh(&call->state_lock);
422 _debug("protocol error");
423 write_lock_bh(&call->state_lock);
424 protocol_error_locked:
425 if (call->state <= RXRPC_CALL_COMPLETE) {
426 call->state = RXRPC_CALL_LOCALLY_ABORTED;
427 call->local_abort = RX_PROTOCOL_ERROR;
428 set_bit(RXRPC_CALL_EV_ABORT, &call->events);
429 rxrpc_queue_call(call);
432 write_unlock_bh(&call->state_lock);
440 * split up a jumbo data packet
442 static void rxrpc_process_jumbo_packet(struct rxrpc_call *call,
443 struct sk_buff *jumbo)
445 struct rxrpc_jumbo_header jhdr;
446 struct rxrpc_skb_priv *sp;
447 struct sk_buff *part;
449 _enter(",{%u,%u}", jumbo->data_len, jumbo->len);
451 sp = rxrpc_skb(jumbo);
454 sp->hdr.flags &= ~RXRPC_JUMBO_PACKET;
456 /* make a clone to represent the first subpacket in what's left
457 * of the jumbo packet */
458 part = skb_clone(jumbo, GFP_ATOMIC);
460 /* simply ditch the tail in the event of ENOMEM */
461 pskb_trim(jumbo, RXRPC_JUMBO_DATALEN);
466 pskb_trim(part, RXRPC_JUMBO_DATALEN);
468 if (!pskb_pull(jumbo, RXRPC_JUMBO_DATALEN))
471 if (skb_copy_bits(jumbo, 0, &jhdr, sizeof(jhdr)) < 0)
473 if (!pskb_pull(jumbo, sizeof(jhdr)))
478 sp->hdr.flags = jhdr.flags;
479 sp->hdr._rsvd = jhdr._rsvd;
481 _proto("Rx DATA Jumbo %%%u", sp->hdr.serial - 1);
483 rxrpc_fast_process_packet(call, part);
486 } while (sp->hdr.flags & RXRPC_JUMBO_PACKET);
488 rxrpc_fast_process_packet(call, jumbo);
493 _debug("protocol error");
494 rxrpc_free_skb(part);
495 rxrpc_free_skb(jumbo);
496 write_lock_bh(&call->state_lock);
497 if (call->state <= RXRPC_CALL_COMPLETE) {
498 call->state = RXRPC_CALL_LOCALLY_ABORTED;
499 call->local_abort = RX_PROTOCOL_ERROR;
500 set_bit(RXRPC_CALL_EV_ABORT, &call->events);
501 rxrpc_queue_call(call);
503 write_unlock_bh(&call->state_lock);
508 * post an incoming packet to the appropriate call/socket to deal with
509 * - must get rid of the sk_buff, either by freeing it or by queuing it
511 static void rxrpc_post_packet_to_call(struct rxrpc_call *call,
514 struct rxrpc_skb_priv *sp;
516 _enter("%p,%p", call, skb);
520 _debug("extant call [%d]", call->state);
522 read_lock(&call->state_lock);
523 switch (call->state) {
524 case RXRPC_CALL_LOCALLY_ABORTED:
525 if (!test_and_set_bit(RXRPC_CALL_EV_ABORT, &call->events)) {
526 rxrpc_queue_call(call);
529 case RXRPC_CALL_REMOTELY_ABORTED:
530 case RXRPC_CALL_NETWORK_ERROR:
531 case RXRPC_CALL_DEAD:
533 case RXRPC_CALL_COMPLETE:
534 case RXRPC_CALL_CLIENT_FINAL_ACK:
535 /* complete server call */
536 if (call->conn->in_clientflag)
538 /* resend last packet of a completed call */
539 _debug("final ack again");
540 rxrpc_get_call(call);
541 set_bit(RXRPC_CALL_EV_ACK_FINAL, &call->events);
542 rxrpc_queue_call(call);
548 read_unlock(&call->state_lock);
549 rxrpc_get_call(call);
551 if (sp->hdr.type == RXRPC_PACKET_TYPE_DATA &&
552 sp->hdr.flags & RXRPC_JUMBO_PACKET)
553 rxrpc_process_jumbo_packet(call, skb);
555 rxrpc_fast_process_packet(call, skb);
557 rxrpc_put_call(call);
561 if (sp->hdr.type != RXRPC_PACKET_TYPE_ABORT) {
562 skb->priority = RX_CALL_DEAD;
563 rxrpc_reject_packet(call->conn->trans->local, skb);
569 read_unlock(&call->state_lock);
575 * post connection-level events to the connection
576 * - this includes challenges, responses and some aborts
578 static void rxrpc_post_packet_to_conn(struct rxrpc_connection *conn,
581 _enter("%p,%p", conn, skb);
583 atomic_inc(&conn->usage);
584 skb_queue_tail(&conn->rx_queue, skb);
585 rxrpc_queue_conn(conn);
589 * post endpoint-level events to the local endpoint
590 * - this includes debug and version messages
592 static void rxrpc_post_packet_to_local(struct rxrpc_local *local,
595 _enter("%p,%p", local, skb);
597 skb_queue_tail(&local->event_queue, skb);
598 rxrpc_queue_work(&local->processor);
602 * Extract the wire header from a packet and translate the byte order.
605 int rxrpc_extract_header(struct rxrpc_skb_priv *sp, struct sk_buff *skb)
607 struct rxrpc_wire_header whdr;
609 /* dig out the RxRPC connection details */
610 if (skb_copy_bits(skb, 0, &whdr, sizeof(whdr)) < 0)
612 if (!pskb_pull(skb, sizeof(whdr)))
615 memset(sp, 0, sizeof(*sp));
616 sp->hdr.epoch = ntohl(whdr.epoch);
617 sp->hdr.cid = ntohl(whdr.cid);
618 sp->hdr.callNumber = ntohl(whdr.callNumber);
619 sp->hdr.seq = ntohl(whdr.seq);
620 sp->hdr.serial = ntohl(whdr.serial);
621 sp->hdr.flags = whdr.flags;
622 sp->hdr.type = whdr.type;
623 sp->hdr.userStatus = whdr.userStatus;
624 sp->hdr.securityIndex = whdr.securityIndex;
625 sp->hdr._rsvd = ntohs(whdr._rsvd);
626 sp->hdr.serviceId = ntohs(whdr.serviceId);
630 static struct rxrpc_connection *rxrpc_conn_from_local(struct rxrpc_local *local,
632 struct rxrpc_skb_priv *sp)
634 struct rxrpc_peer *peer;
635 struct rxrpc_transport *trans;
636 struct rxrpc_connection *conn;
637 struct sockaddr_rxrpc srx;
639 rxrpc_get_addr_from_skb(local, skb, &srx);
641 peer = rxrpc_lookup_peer_rcu(local, &srx);
645 trans = rxrpc_find_transport(local, peer);
650 conn = rxrpc_find_connection(trans, &sp->hdr);
651 rxrpc_put_transport(trans);
664 * handle data received on the local endpoint
665 * - may be called in interrupt context
667 * The socket is locked by the caller and this prevents the socket from being
668 * shut down and the local endpoint from going away, thus sk_user_data will not
669 * be cleared until this function returns.
671 void rxrpc_data_ready(struct sock *sk)
673 struct rxrpc_skb_priv *sp;
674 struct rxrpc_local *local = sk->sk_user_data;
680 ASSERT(!irqs_disabled());
682 skb = skb_recv_datagram(sk, 0, 1, &ret);
686 _debug("UDP socket error %d", ret);
692 _net("recv skb %p", skb);
694 /* we'll probably need to checksum it (didn't call sock_recvmsg) */
695 if (skb_checksum_complete(skb)) {
697 __UDP_INC_STATS(&init_net, UDP_MIB_INERRORS, 0);
698 _leave(" [CSUM failed]");
702 __UDP_INC_STATS(&init_net, UDP_MIB_INDATAGRAMS, 0);
704 /* The socket buffer we have is owned by UDP, with UDP's data all over
705 * it, but we really want our own data there.
710 _net("Rx UDP packet from %08x:%04hu",
711 ntohl(ip_hdr(skb)->saddr), ntohs(udp_hdr(skb)->source));
713 /* dig out the RxRPC connection details */
714 if (rxrpc_extract_header(sp, skb) < 0)
717 _net("Rx RxRPC %s ep=%x call=%x:%x",
718 sp->hdr.flags & RXRPC_CLIENT_INITIATED ? "ToServer" : "ToClient",
719 sp->hdr.epoch, sp->hdr.cid, sp->hdr.callNumber);
721 if (sp->hdr.type >= RXRPC_N_PACKET_TYPES ||
722 !((RXRPC_SUPPORTED_PACKET_TYPES >> sp->hdr.type) & 1)) {
723 _proto("Rx Bad Packet Type %u", sp->hdr.type);
727 if (sp->hdr.type == RXRPC_PACKET_TYPE_VERSION) {
728 rxrpc_post_packet_to_local(local, skb);
732 if (sp->hdr.type == RXRPC_PACKET_TYPE_DATA &&
733 (sp->hdr.callNumber == 0 || sp->hdr.seq == 0))
736 if (sp->hdr.callNumber == 0) {
737 /* This is a connection-level packet. These should be
738 * fairly rare, so the extra overhead of looking them up the
739 * old-fashioned way doesn't really hurt */
740 struct rxrpc_connection *conn;
742 conn = rxrpc_conn_from_local(local, skb, sp);
744 goto cant_route_call;
746 _debug("CONN %p {%d}", conn, conn->debug_id);
747 rxrpc_post_packet_to_conn(conn, skb);
748 rxrpc_put_connection(conn);
750 struct rxrpc_call *call;
752 call = rxrpc_find_call_hash(&sp->hdr, local,
753 AF_INET, &ip_hdr(skb)->saddr);
755 rxrpc_post_packet_to_call(call, skb);
757 goto cant_route_call;
764 _debug("can't route call");
765 if (sp->hdr.flags & RXRPC_CLIENT_INITIATED &&
766 sp->hdr.type == RXRPC_PACKET_TYPE_DATA) {
767 if (sp->hdr.seq == 1) {
768 _debug("first packet");
769 skb_queue_tail(&local->accept_queue, skb);
770 rxrpc_queue_work(&local->processor);
771 _leave(" [incoming]");
774 skb->priority = RX_INVALID_OPERATION;
776 skb->priority = RX_CALL_DEAD;
779 if (sp->hdr.type != RXRPC_PACKET_TYPE_ABORT) {
780 _debug("reject type %d",sp->hdr.type);
781 rxrpc_reject_packet(local, skb);
783 _leave(" [no call]");
787 skb->priority = RX_PROTOCOL_ERROR;
788 rxrpc_reject_packet(local, skb);
projects / cascardo / linux.git / blob