|  | /* Local endpoint object management | 
|  | * | 
|  | * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved. | 
|  | * Written by David Howells (dhowells@redhat.com) | 
|  | * | 
|  | * This program is free software; you can redistribute it and/or | 
|  | * modify it under the terms of the GNU General Public Licence | 
|  | * as published by the Free Software Foundation; either version | 
|  | * 2 of the Licence, or (at your option) any later version. | 
|  | */ | 
|  |  | 
|  | #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt | 
|  |  | 
|  | #include <linux/module.h> | 
|  | #include <linux/net.h> | 
|  | #include <linux/skbuff.h> | 
|  | #include <linux/slab.h> | 
|  | #include <linux/udp.h> | 
|  | #include <linux/ip.h> | 
|  | #include <linux/hashtable.h> | 
|  | #include <net/sock.h> | 
|  | #include <net/udp.h> | 
|  | #include <net/af_rxrpc.h> | 
|  | #include "ar-internal.h" | 
|  |  | 
|  | static void rxrpc_local_processor(struct work_struct *); | 
|  | static void rxrpc_local_rcu(struct rcu_head *); | 
|  |  | 
|  | /* | 
|  | * Compare a local to an address.  Return -ve, 0 or +ve to indicate less than, | 
|  | * same or greater than. | 
|  | * | 
|  | * We explicitly don't compare the RxRPC service ID as we want to reject | 
|  | * conflicting uses by differing services.  Further, we don't want to share | 
|  | * addresses with different options (IPv6), so we don't compare those bits | 
|  | * either. | 
|  | */ | 
|  | static long rxrpc_local_cmp_key(const struct rxrpc_local *local, | 
|  | const struct sockaddr_rxrpc *srx) | 
|  | { | 
|  | long diff; | 
|  |  | 
|  | diff = ((local->srx.transport_type - srx->transport_type) ?: | 
|  | (local->srx.transport_len - srx->transport_len) ?: | 
|  | (local->srx.transport.family - srx->transport.family)); | 
|  | if (diff != 0) | 
|  | return diff; | 
|  |  | 
|  | switch (srx->transport.family) { | 
|  | case AF_INET: | 
|  | /* If the choice of UDP port is left up to the transport, then | 
|  | * the endpoint record doesn't match. | 
|  | */ | 
|  | return ((u16 __force)local->srx.transport.sin.sin_port - | 
|  | (u16 __force)srx->transport.sin.sin_port) ?: | 
|  | memcmp(&local->srx.transport.sin.sin_addr, | 
|  | &srx->transport.sin.sin_addr, | 
|  | sizeof(struct in_addr)); | 
|  | #ifdef CONFIG_AF_RXRPC_IPV6 | 
|  | case AF_INET6: | 
|  | /* If the choice of UDP6 port is left up to the transport, then | 
|  | * the endpoint record doesn't match. | 
|  | */ | 
|  | return ((u16 __force)local->srx.transport.sin6.sin6_port - | 
|  | (u16 __force)srx->transport.sin6.sin6_port) ?: | 
|  | memcmp(&local->srx.transport.sin6.sin6_addr, | 
|  | &srx->transport.sin6.sin6_addr, | 
|  | sizeof(struct in6_addr)); | 
|  | #endif | 
|  | default: | 
|  | BUG(); | 
|  | } | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Allocate a new local endpoint. | 
|  | */ | 
|  | static struct rxrpc_local *rxrpc_alloc_local(struct rxrpc_net *rxnet, | 
|  | const struct sockaddr_rxrpc *srx) | 
|  | { | 
|  | struct rxrpc_local *local; | 
|  |  | 
|  | local = kzalloc(sizeof(struct rxrpc_local), GFP_KERNEL); | 
|  | if (local) { | 
|  | atomic_set(&local->usage, 1); | 
|  | atomic_set(&local->active_users, 1); | 
|  | local->rxnet = rxnet; | 
|  | INIT_LIST_HEAD(&local->link); | 
|  | INIT_WORK(&local->processor, rxrpc_local_processor); | 
|  | init_rwsem(&local->defrag_sem); | 
|  | skb_queue_head_init(&local->reject_queue); | 
|  | skb_queue_head_init(&local->event_queue); | 
|  | local->client_conns = RB_ROOT; | 
|  | spin_lock_init(&local->client_conns_lock); | 
|  | spin_lock_init(&local->lock); | 
|  | rwlock_init(&local->services_lock); | 
|  | local->debug_id = atomic_inc_return(&rxrpc_debug_id); | 
|  | memcpy(&local->srx, srx, sizeof(*srx)); | 
|  | local->srx.srx_service = 0; | 
|  | trace_rxrpc_local(local->debug_id, rxrpc_local_new, 1, NULL); | 
|  | } | 
|  |  | 
|  | _leave(" = %p", local); | 
|  | return local; | 
|  | } | 
|  |  | 
|  | /* | 
|  | * create the local socket | 
|  | * - must be called with rxrpc_local_mutex locked | 
|  | */ | 
|  | static int rxrpc_open_socket(struct rxrpc_local *local, struct net *net) | 
|  | { | 
|  | struct sock *usk; | 
|  | int ret, opt; | 
|  |  | 
|  | _enter("%p{%d,%d}", | 
|  | local, local->srx.transport_type, local->srx.transport.family); | 
|  |  | 
|  | /* create a socket to represent the local endpoint */ | 
|  | ret = sock_create_kern(net, local->srx.transport.family, | 
|  | local->srx.transport_type, 0, &local->socket); | 
|  | if (ret < 0) { | 
|  | _leave(" = %d [socket]", ret); | 
|  | return ret; | 
|  | } | 
|  |  | 
|  | /* set the socket up */ | 
|  | usk = local->socket->sk; | 
|  | inet_sk(usk)->mc_loop = 0; | 
|  |  | 
|  | /* Enable CHECKSUM_UNNECESSARY to CHECKSUM_COMPLETE conversion */ | 
|  | inet_inc_convert_csum(usk); | 
|  |  | 
|  | rcu_assign_sk_user_data(usk, local); | 
|  |  | 
|  | udp_sk(usk)->encap_type = UDP_ENCAP_RXRPC; | 
|  | udp_sk(usk)->encap_rcv = rxrpc_input_packet; | 
|  | udp_sk(usk)->encap_destroy = NULL; | 
|  | udp_sk(usk)->gro_receive = NULL; | 
|  | udp_sk(usk)->gro_complete = NULL; | 
|  |  | 
|  | udp_encap_enable(); | 
|  | #if IS_ENABLED(CONFIG_AF_RXRPC_IPV6) | 
|  | if (local->srx.transport.family == AF_INET6) | 
|  | udpv6_encap_enable(); | 
|  | #endif | 
|  | usk->sk_error_report = rxrpc_error_report; | 
|  |  | 
|  | /* if a local address was supplied then bind it */ | 
|  | if (local->srx.transport_len > sizeof(sa_family_t)) { | 
|  | _debug("bind"); | 
|  | ret = kernel_bind(local->socket, | 
|  | (struct sockaddr *)&local->srx.transport, | 
|  | local->srx.transport_len); | 
|  | if (ret < 0) { | 
|  | _debug("bind failed %d", ret); | 
|  | goto error; | 
|  | } | 
|  | } | 
|  |  | 
|  | switch (local->srx.transport.family) { | 
|  | case AF_INET6: | 
|  | /* we want to receive ICMPv6 errors */ | 
|  | opt = 1; | 
|  | ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_RECVERR, | 
|  | (char *) &opt, sizeof(opt)); | 
|  | if (ret < 0) { | 
|  | _debug("setsockopt failed"); | 
|  | goto error; | 
|  | } | 
|  |  | 
|  | /* we want to set the don't fragment bit */ | 
|  | opt = IPV6_PMTUDISC_DO; | 
|  | ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_MTU_DISCOVER, | 
|  | (char *) &opt, sizeof(opt)); | 
|  | if (ret < 0) { | 
|  | _debug("setsockopt failed"); | 
|  | goto error; | 
|  | } | 
|  |  | 
|  | /* Fall through and set IPv4 options too otherwise we don't get | 
|  | * errors from IPv4 packets sent through the IPv6 socket. | 
|  | */ | 
|  |  | 
|  | case AF_INET: | 
|  | /* we want to receive ICMP errors */ | 
|  | opt = 1; | 
|  | ret = kernel_setsockopt(local->socket, SOL_IP, IP_RECVERR, | 
|  | (char *) &opt, sizeof(opt)); | 
|  | if (ret < 0) { | 
|  | _debug("setsockopt failed"); | 
|  | goto error; | 
|  | } | 
|  |  | 
|  | /* we want to set the don't fragment bit */ | 
|  | opt = IP_PMTUDISC_DO; | 
|  | ret = kernel_setsockopt(local->socket, SOL_IP, IP_MTU_DISCOVER, | 
|  | (char *) &opt, sizeof(opt)); | 
|  | if (ret < 0) { | 
|  | _debug("setsockopt failed"); | 
|  | goto error; | 
|  | } | 
|  |  | 
|  | /* We want receive timestamps. */ | 
|  | opt = 1; | 
|  | ret = kernel_setsockopt(local->socket, SOL_SOCKET, SO_TIMESTAMPNS, | 
|  | (char *)&opt, sizeof(opt)); | 
|  | if (ret < 0) { | 
|  | _debug("setsockopt failed"); | 
|  | goto error; | 
|  | } | 
|  | break; | 
|  |  | 
|  | default: | 
|  | BUG(); | 
|  | } | 
|  |  | 
|  | _leave(" = 0"); | 
|  | return 0; | 
|  |  | 
|  | error: | 
|  | kernel_sock_shutdown(local->socket, SHUT_RDWR); | 
|  | local->socket->sk->sk_user_data = NULL; | 
|  | sock_release(local->socket); | 
|  | local->socket = NULL; | 
|  |  | 
|  | _leave(" = %d", ret); | 
|  | return ret; | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Look up or create a new local endpoint using the specified local address. | 
|  | */ | 
|  | struct rxrpc_local *rxrpc_lookup_local(struct net *net, | 
|  | const struct sockaddr_rxrpc *srx) | 
|  | { | 
|  | struct rxrpc_local *local; | 
|  | struct rxrpc_net *rxnet = rxrpc_net(net); | 
|  | struct list_head *cursor; | 
|  | const char *age; | 
|  | long diff; | 
|  | int ret; | 
|  |  | 
|  | _enter("{%d,%d,%pISp}", | 
|  | srx->transport_type, srx->transport.family, &srx->transport); | 
|  |  | 
|  | mutex_lock(&rxnet->local_mutex); | 
|  |  | 
|  | for (cursor = rxnet->local_endpoints.next; | 
|  | cursor != &rxnet->local_endpoints; | 
|  | cursor = cursor->next) { | 
|  | local = list_entry(cursor, struct rxrpc_local, link); | 
|  |  | 
|  | diff = rxrpc_local_cmp_key(local, srx); | 
|  | if (diff < 0) | 
|  | continue; | 
|  | if (diff > 0) | 
|  | break; | 
|  |  | 
|  | /* Services aren't allowed to share transport sockets, so | 
|  | * reject that here.  It is possible that the object is dying - | 
|  | * but it may also still have the local transport address that | 
|  | * we want bound. | 
|  | */ | 
|  | if (srx->srx_service) { | 
|  | local = NULL; | 
|  | goto addr_in_use; | 
|  | } | 
|  |  | 
|  | /* Found a match.  We replace a dying object.  Attempting to | 
|  | * bind the transport socket may still fail if we're attempting | 
|  | * to use a local address that the dying object is still using. | 
|  | */ | 
|  | if (!rxrpc_use_local(local)) | 
|  | break; | 
|  |  | 
|  | age = "old"; | 
|  | goto found; | 
|  | } | 
|  |  | 
|  | local = rxrpc_alloc_local(rxnet, srx); | 
|  | if (!local) | 
|  | goto nomem; | 
|  |  | 
|  | ret = rxrpc_open_socket(local, net); | 
|  | if (ret < 0) | 
|  | goto sock_error; | 
|  |  | 
|  | if (cursor != &rxnet->local_endpoints) | 
|  | list_replace_init(cursor, &local->link); | 
|  | else | 
|  | list_add_tail(&local->link, cursor); | 
|  | age = "new"; | 
|  |  | 
|  | found: | 
|  | mutex_unlock(&rxnet->local_mutex); | 
|  |  | 
|  | _net("LOCAL %s %d {%pISp}", | 
|  | age, local->debug_id, &local->srx.transport); | 
|  |  | 
|  | _leave(" = %p", local); | 
|  | return local; | 
|  |  | 
|  | nomem: | 
|  | ret = -ENOMEM; | 
|  | sock_error: | 
|  | mutex_unlock(&rxnet->local_mutex); | 
|  | if (local) | 
|  | call_rcu(&local->rcu, rxrpc_local_rcu); | 
|  | _leave(" = %d", ret); | 
|  | return ERR_PTR(ret); | 
|  |  | 
|  | addr_in_use: | 
|  | mutex_unlock(&rxnet->local_mutex); | 
|  | _leave(" = -EADDRINUSE"); | 
|  | return ERR_PTR(-EADDRINUSE); | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Get a ref on a local endpoint. | 
|  | */ | 
|  | struct rxrpc_local *rxrpc_get_local(struct rxrpc_local *local) | 
|  | { | 
|  | const void *here = __builtin_return_address(0); | 
|  | int n; | 
|  |  | 
|  | n = atomic_inc_return(&local->usage); | 
|  | trace_rxrpc_local(local->debug_id, rxrpc_local_got, n, here); | 
|  | return local; | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Get a ref on a local endpoint unless its usage has already reached 0. | 
|  | */ | 
|  | struct rxrpc_local *rxrpc_get_local_maybe(struct rxrpc_local *local) | 
|  | { | 
|  | const void *here = __builtin_return_address(0); | 
|  |  | 
|  | if (local) { | 
|  | int n = atomic_fetch_add_unless(&local->usage, 1, 0); | 
|  | if (n > 0) | 
|  | trace_rxrpc_local(local->debug_id, rxrpc_local_got, | 
|  | n + 1, here); | 
|  | else | 
|  | local = NULL; | 
|  | } | 
|  | return local; | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Queue a local endpoint and pass the caller's reference to the work item. | 
|  | */ | 
|  | void rxrpc_queue_local(struct rxrpc_local *local) | 
|  | { | 
|  | const void *here = __builtin_return_address(0); | 
|  | unsigned int debug_id = local->debug_id; | 
|  | int n = atomic_read(&local->usage); | 
|  |  | 
|  | if (rxrpc_queue_work(&local->processor)) | 
|  | trace_rxrpc_local(debug_id, rxrpc_local_queued, n, here); | 
|  | else | 
|  | rxrpc_put_local(local); | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Drop a ref on a local endpoint. | 
|  | */ | 
|  | void rxrpc_put_local(struct rxrpc_local *local) | 
|  | { | 
|  | const void *here = __builtin_return_address(0); | 
|  | int n; | 
|  |  | 
|  | if (local) { | 
|  | n = atomic_dec_return(&local->usage); | 
|  | trace_rxrpc_local(local->debug_id, rxrpc_local_put, n, here); | 
|  |  | 
|  | if (n == 0) | 
|  | call_rcu(&local->rcu, rxrpc_local_rcu); | 
|  | } | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Start using a local endpoint. | 
|  | */ | 
|  | struct rxrpc_local *rxrpc_use_local(struct rxrpc_local *local) | 
|  | { | 
|  | unsigned int au; | 
|  |  | 
|  | local = rxrpc_get_local_maybe(local); | 
|  | if (!local) | 
|  | return NULL; | 
|  |  | 
|  | au = atomic_fetch_add_unless(&local->active_users, 1, 0); | 
|  | if (au == 0) { | 
|  | rxrpc_put_local(local); | 
|  | return NULL; | 
|  | } | 
|  |  | 
|  | return local; | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Cease using a local endpoint.  Once the number of active users reaches 0, we | 
|  | * start the closure of the transport in the work processor. | 
|  | */ | 
|  | void rxrpc_unuse_local(struct rxrpc_local *local) | 
|  | { | 
|  | unsigned int au; | 
|  |  | 
|  | if (local) { | 
|  | au = atomic_dec_return(&local->active_users); | 
|  | if (au == 0) | 
|  | rxrpc_queue_local(local); | 
|  | else | 
|  | rxrpc_put_local(local); | 
|  | } | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Destroy a local endpoint's socket and then hand the record to RCU to dispose | 
|  | * of. | 
|  | * | 
|  | * Closing the socket cannot be done from bottom half context or RCU callback | 
|  | * context because it might sleep. | 
|  | */ | 
|  | static void rxrpc_local_destroyer(struct rxrpc_local *local) | 
|  | { | 
|  | struct socket *socket = local->socket; | 
|  | struct rxrpc_net *rxnet = local->rxnet; | 
|  |  | 
|  | _enter("%d", local->debug_id); | 
|  |  | 
|  | mutex_lock(&rxnet->local_mutex); | 
|  | list_del_init(&local->link); | 
|  | mutex_unlock(&rxnet->local_mutex); | 
|  |  | 
|  | ASSERT(RB_EMPTY_ROOT(&local->client_conns)); | 
|  | ASSERT(!local->service); | 
|  |  | 
|  | if (socket) { | 
|  | local->socket = NULL; | 
|  | kernel_sock_shutdown(socket, SHUT_RDWR); | 
|  | socket->sk->sk_user_data = NULL; | 
|  | sock_release(socket); | 
|  | } | 
|  |  | 
|  | /* At this point, there should be no more packets coming in to the | 
|  | * local endpoint. | 
|  | */ | 
|  | rxrpc_purge_queue(&local->reject_queue); | 
|  | rxrpc_purge_queue(&local->event_queue); | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Process events on an endpoint.  The work item carries a ref which | 
|  | * we must release. | 
|  | */ | 
|  | static void rxrpc_local_processor(struct work_struct *work) | 
|  | { | 
|  | struct rxrpc_local *local = | 
|  | container_of(work, struct rxrpc_local, processor); | 
|  | bool again; | 
|  |  | 
|  | trace_rxrpc_local(local->debug_id, rxrpc_local_processing, | 
|  | atomic_read(&local->usage), NULL); | 
|  |  | 
|  | do { | 
|  | again = false; | 
|  | if (atomic_read(&local->active_users) == 0) { | 
|  | rxrpc_local_destroyer(local); | 
|  | break; | 
|  | } | 
|  |  | 
|  | if (!skb_queue_empty(&local->reject_queue)) { | 
|  | rxrpc_reject_packets(local); | 
|  | again = true; | 
|  | } | 
|  |  | 
|  | if (!skb_queue_empty(&local->event_queue)) { | 
|  | rxrpc_process_local_events(local); | 
|  | again = true; | 
|  | } | 
|  | } while (again); | 
|  |  | 
|  | rxrpc_put_local(local); | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Destroy a local endpoint after the RCU grace period expires. | 
|  | */ | 
|  | static void rxrpc_local_rcu(struct rcu_head *rcu) | 
|  | { | 
|  | struct rxrpc_local *local = container_of(rcu, struct rxrpc_local, rcu); | 
|  |  | 
|  | _enter("%d", local->debug_id); | 
|  |  | 
|  | ASSERT(!work_pending(&local->processor)); | 
|  |  | 
|  | _net("DESTROY LOCAL %d", local->debug_id); | 
|  | kfree(local); | 
|  | _leave(""); | 
|  | } | 
|  |  | 
|  | /* | 
|  | * Verify the local endpoint list is empty by this point. | 
|  | */ | 
|  | void rxrpc_destroy_all_locals(struct rxrpc_net *rxnet) | 
|  | { | 
|  | struct rxrpc_local *local; | 
|  |  | 
|  | _enter(""); | 
|  |  | 
|  | flush_workqueue(rxrpc_workqueue); | 
|  |  | 
|  | if (!list_empty(&rxnet->local_endpoints)) { | 
|  | mutex_lock(&rxnet->local_mutex); | 
|  | list_for_each_entry(local, &rxnet->local_endpoints, link) { | 
|  | pr_err("AF_RXRPC: Leaked local %p {%d}\n", | 
|  | local, atomic_read(&local->usage)); | 
|  | } | 
|  | mutex_unlock(&rxnet->local_mutex); | 
|  | BUG(); | 
|  | } | 
|  | } |