sendmsg.c 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /* AF_RXRPC sendmsg() implementation.
  3. *
  4. * Copyright (C) 2007, 2016 Red Hat, Inc. All Rights Reserved.
  5. * Written by David Howells (dhowells@redhat.com)
  6. */
  7. #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  8. #include <linux/net.h>
  9. #include <linux/gfp.h>
  10. #include <linux/skbuff.h>
  11. #include <linux/export.h>
  12. #include <linux/sched/signal.h>
  13. #include <net/sock.h>
  14. #include <net/af_rxrpc.h>
  15. #include "ar-internal.h"
  16. /*
  17. * Propose an abort to be made in the I/O thread.
  18. */
  19. bool rxrpc_propose_abort(struct rxrpc_call *call, s32 abort_code, int error,
  20. enum rxrpc_abort_reason why)
  21. {
  22. _enter("{%d},%d,%d,%u", call->debug_id, abort_code, error, why);
  23. if (!call->send_abort && !rxrpc_call_is_complete(call)) {
  24. call->send_abort_why = why;
  25. call->send_abort_err = error;
  26. call->send_abort_seq = 0;
  27. trace_rxrpc_abort_call(call, abort_code);
  28. /* Request abort locklessly vs rxrpc_input_call_event(). */
  29. smp_store_release(&call->send_abort, abort_code);
  30. rxrpc_poke_call(call, rxrpc_call_poke_abort);
  31. return true;
  32. }
  33. return false;
  34. }
  35. /*
  36. * Wait for a call to become connected. Interruption here doesn't cause the
  37. * call to be aborted.
  38. */
  39. static int rxrpc_wait_to_be_connected(struct rxrpc_call *call, long *timeo)
  40. {
  41. DECLARE_WAITQUEUE(myself, current);
  42. int ret = 0;
  43. _enter("%d", call->debug_id);
  44. if (rxrpc_call_state(call) != RXRPC_CALL_CLIENT_AWAIT_CONN)
  45. goto no_wait;
  46. add_wait_queue_exclusive(&call->waitq, &myself);
  47. for (;;) {
  48. switch (call->interruptibility) {
  49. case RXRPC_INTERRUPTIBLE:
  50. case RXRPC_PREINTERRUPTIBLE:
  51. set_current_state(TASK_INTERRUPTIBLE);
  52. break;
  53. case RXRPC_UNINTERRUPTIBLE:
  54. default:
  55. set_current_state(TASK_UNINTERRUPTIBLE);
  56. break;
  57. }
  58. if (rxrpc_call_state(call) != RXRPC_CALL_CLIENT_AWAIT_CONN)
  59. break;
  60. if ((call->interruptibility == RXRPC_INTERRUPTIBLE ||
  61. call->interruptibility == RXRPC_PREINTERRUPTIBLE) &&
  62. signal_pending(current)) {
  63. ret = sock_intr_errno(*timeo);
  64. break;
  65. }
  66. *timeo = schedule_timeout(*timeo);
  67. }
  68. remove_wait_queue(&call->waitq, &myself);
  69. __set_current_state(TASK_RUNNING);
  70. no_wait:
  71. if (ret == 0 && rxrpc_call_is_complete(call))
  72. ret = call->error;
  73. _leave(" = %d", ret);
  74. return ret;
  75. }
  76. /*
  77. * Return true if there's sufficient Tx queue space.
  78. */
  79. static bool rxrpc_check_tx_space(struct rxrpc_call *call, rxrpc_seq_t *_tx_win)
  80. {
  81. rxrpc_seq_t tx_bottom = READ_ONCE(call->tx_bottom);
  82. if (_tx_win)
  83. *_tx_win = tx_bottom;
  84. return call->send_top - tx_bottom < 256;
  85. }
  86. /*
  87. * Wait for space to appear in the Tx queue or a signal to occur.
  88. */
  89. static int rxrpc_wait_for_tx_window_intr(struct rxrpc_sock *rx,
  90. struct rxrpc_call *call,
  91. long *timeo)
  92. {
  93. for (;;) {
  94. set_current_state(TASK_INTERRUPTIBLE);
  95. if (rxrpc_check_tx_space(call, NULL))
  96. return 0;
  97. if (rxrpc_call_is_complete(call))
  98. return call->error;
  99. if (signal_pending(current))
  100. return sock_intr_errno(*timeo);
  101. trace_rxrpc_txqueue(call, rxrpc_txqueue_wait);
  102. *timeo = schedule_timeout(*timeo);
  103. }
  104. }
  105. /*
  106. * Wait for space to appear in the Tx queue uninterruptibly, but with
  107. * a timeout of 2*RTT if no progress was made and a signal occurred.
  108. */
  109. static int rxrpc_wait_for_tx_window_waitall(struct rxrpc_sock *rx,
  110. struct rxrpc_call *call)
  111. {
  112. rxrpc_seq_t tx_start, tx_win;
  113. signed long rtt, timeout;
  114. rtt = READ_ONCE(call->srtt_us) >> 3;
  115. rtt = usecs_to_jiffies(rtt) * 2;
  116. if (rtt < 2)
  117. rtt = 2;
  118. timeout = rtt;
  119. tx_start = READ_ONCE(call->tx_bottom);
  120. for (;;) {
  121. set_current_state(TASK_UNINTERRUPTIBLE);
  122. if (rxrpc_check_tx_space(call, &tx_win))
  123. return 0;
  124. if (rxrpc_call_is_complete(call))
  125. return call->error;
  126. if (timeout == 0 &&
  127. tx_win == tx_start && signal_pending(current))
  128. return -EINTR;
  129. if (tx_win != tx_start) {
  130. timeout = rtt;
  131. tx_start = tx_win;
  132. }
  133. trace_rxrpc_txqueue(call, rxrpc_txqueue_wait);
  134. timeout = schedule_timeout(timeout);
  135. }
  136. }
  137. /*
  138. * Wait for space to appear in the Tx queue uninterruptibly.
  139. */
  140. static int rxrpc_wait_for_tx_window_nonintr(struct rxrpc_sock *rx,
  141. struct rxrpc_call *call,
  142. long *timeo)
  143. {
  144. for (;;) {
  145. set_current_state(TASK_UNINTERRUPTIBLE);
  146. if (rxrpc_check_tx_space(call, NULL))
  147. return 0;
  148. if (rxrpc_call_is_complete(call))
  149. return call->error;
  150. trace_rxrpc_txqueue(call, rxrpc_txqueue_wait);
  151. *timeo = schedule_timeout(*timeo);
  152. }
  153. }
  154. /*
  155. * wait for space to appear in the transmit/ACK window
  156. * - caller holds the socket locked
  157. */
  158. static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx,
  159. struct rxrpc_call *call,
  160. long *timeo,
  161. bool waitall)
  162. {
  163. DECLARE_WAITQUEUE(myself, current);
  164. int ret;
  165. _enter(",{%u,%u,%u}",
  166. call->tx_bottom, call->tx_top, call->tx_winsize);
  167. add_wait_queue(&call->waitq, &myself);
  168. switch (call->interruptibility) {
  169. case RXRPC_INTERRUPTIBLE:
  170. if (waitall)
  171. ret = rxrpc_wait_for_tx_window_waitall(rx, call);
  172. else
  173. ret = rxrpc_wait_for_tx_window_intr(rx, call, timeo);
  174. break;
  175. case RXRPC_PREINTERRUPTIBLE:
  176. case RXRPC_UNINTERRUPTIBLE:
  177. default:
  178. ret = rxrpc_wait_for_tx_window_nonintr(rx, call, timeo);
  179. break;
  180. }
  181. remove_wait_queue(&call->waitq, &myself);
  182. set_current_state(TASK_RUNNING);
  183. _leave(" = %d", ret);
  184. return ret;
  185. }
  186. /*
  187. * Notify the owner of the call that the transmit phase is ended and the last
  188. * packet has been queued.
  189. */
  190. static void rxrpc_notify_end_tx(struct rxrpc_sock *rx, struct rxrpc_call *call,
  191. rxrpc_notify_end_tx_t notify_end_tx)
  192. {
  193. if (notify_end_tx)
  194. notify_end_tx(&rx->sk, call, call->user_call_ID);
  195. }
  196. /*
  197. * Queue a DATA packet for transmission, set the resend timeout and send
  198. * the packet immediately. Returns the error from rxrpc_send_data_packet()
  199. * in case the caller wants to do something with it.
  200. */
  201. static void rxrpc_queue_packet(struct rxrpc_sock *rx, struct rxrpc_call *call,
  202. struct rxrpc_txbuf *txb,
  203. rxrpc_notify_end_tx_t notify_end_tx)
  204. {
  205. struct rxrpc_txqueue *sq = call->send_queue;
  206. rxrpc_seq_t seq = txb->seq;
  207. bool poke, last = txb->flags & RXRPC_LAST_PACKET;
  208. int ix = seq & RXRPC_TXQ_MASK;
  209. rxrpc_inc_stat(call->rxnet, stat_tx_data);
  210. ASSERTCMP(txb->seq, ==, call->send_top + 1);
  211. if (last)
  212. trace_rxrpc_txqueue(call, rxrpc_txqueue_queue_last);
  213. else
  214. trace_rxrpc_txqueue(call, rxrpc_txqueue_queue);
  215. if (WARN_ON_ONCE(sq->bufs[ix]))
  216. trace_rxrpc_tq(call, sq, seq, rxrpc_tq_queue_dup);
  217. else
  218. trace_rxrpc_tq(call, sq, seq, rxrpc_tq_queue);
  219. /* Add the packet to the call's output buffer */
  220. poke = (READ_ONCE(call->tx_bottom) == call->send_top);
  221. sq->bufs[ix] = txb;
  222. /* Order send_top after the queue->next pointer and txb content. */
  223. smp_store_release(&call->send_top, seq);
  224. if (last) {
  225. set_bit(RXRPC_CALL_TX_NO_MORE, &call->flags);
  226. rxrpc_notify_end_tx(rx, call, notify_end_tx);
  227. call->send_queue = NULL;
  228. }
  229. if (poke)
  230. rxrpc_poke_call(call, rxrpc_call_poke_start);
  231. }
  232. /*
  233. * Allocate a new txqueue unit and add it to the transmission queue.
  234. */
  235. static int rxrpc_alloc_txqueue(struct sock *sk, struct rxrpc_call *call)
  236. {
  237. struct rxrpc_txqueue *tq;
  238. tq = kzalloc_obj(*tq, sk->sk_allocation);
  239. if (!tq)
  240. return -ENOMEM;
  241. tq->xmit_ts_base = KTIME_MIN;
  242. for (int i = 0; i < RXRPC_NR_TXQUEUE; i++)
  243. tq->segment_xmit_ts[i] = UINT_MAX;
  244. if (call->send_queue) {
  245. tq->qbase = call->send_top + 1;
  246. call->send_queue->next = tq;
  247. call->send_queue = tq;
  248. } else if (WARN_ON(call->tx_queue)) {
  249. kfree(tq);
  250. return -ENOMEM;
  251. } else {
  252. /* We start at seq 1, so pretend seq 0 is hard-acked. */
  253. tq->nr_reported_acks = 1;
  254. tq->segment_acked = 1UL;
  255. tq->qbase = 0;
  256. call->tx_qbase = 0;
  257. call->send_queue = tq;
  258. call->tx_qtail = tq;
  259. call->tx_queue = tq;
  260. }
  261. trace_rxrpc_tq(call, tq, call->send_top, rxrpc_tq_alloc);
  262. return 0;
  263. }
  264. /*
  265. * send data through a socket
  266. * - must be called in process context
  267. * - The caller holds the call user access mutex, but not the socket lock.
  268. */
  269. static int rxrpc_send_data(struct rxrpc_sock *rx,
  270. struct rxrpc_call *call,
  271. struct msghdr *msg, size_t len,
  272. rxrpc_notify_end_tx_t notify_end_tx,
  273. bool *_dropped_lock)
  274. {
  275. struct rxrpc_txbuf *txb;
  276. struct sock *sk = &rx->sk;
  277. enum rxrpc_call_state state;
  278. long timeo;
  279. bool more = msg->msg_flags & MSG_MORE;
  280. int ret, copied = 0;
  281. if (test_bit(RXRPC_CALL_TX_NO_MORE, &call->flags)) {
  282. trace_rxrpc_abort(call->debug_id, rxrpc_sendmsg_late_send,
  283. call->cid, call->call_id, call->rx_consumed,
  284. 0, -EPROTO);
  285. return -EPROTO;
  286. }
  287. timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
  288. ret = rxrpc_wait_to_be_connected(call, &timeo);
  289. if (ret < 0)
  290. return ret;
  291. if (call->conn->state == RXRPC_CONN_CLIENT_UNSECURED) {
  292. ret = rxrpc_init_client_conn_security(call->conn);
  293. if (ret < 0)
  294. return ret;
  295. }
  296. /* this should be in poll */
  297. sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
  298. reload:
  299. txb = call->tx_pending;
  300. call->tx_pending = NULL;
  301. if (txb)
  302. rxrpc_see_txbuf(txb, rxrpc_txbuf_see_send_more);
  303. ret = -EPIPE;
  304. if (sk->sk_shutdown & SEND_SHUTDOWN)
  305. goto maybe_error;
  306. state = rxrpc_call_state(call);
  307. ret = -ESHUTDOWN;
  308. if (state >= RXRPC_CALL_COMPLETE)
  309. goto maybe_error;
  310. ret = -EPROTO;
  311. if (state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
  312. state != RXRPC_CALL_SERVER_ACK_REQUEST &&
  313. state != RXRPC_CALL_SERVER_SEND_REPLY) {
  314. /* Request phase complete for this client call */
  315. trace_rxrpc_abort(call->debug_id, rxrpc_sendmsg_late_send,
  316. call->cid, call->call_id, call->rx_consumed,
  317. 0, -EPROTO);
  318. goto maybe_error;
  319. }
  320. ret = -EMSGSIZE;
  321. if (call->tx_total_len != -1) {
  322. if (len - copied > call->tx_total_len)
  323. goto maybe_error;
  324. if (!more && len - copied != call->tx_total_len)
  325. goto maybe_error;
  326. }
  327. do {
  328. if (!txb) {
  329. size_t remain;
  330. _debug("alloc");
  331. if (!rxrpc_check_tx_space(call, NULL))
  332. goto wait_for_space;
  333. /* See if we need to begin/extend the Tx queue. */
  334. if (!call->send_queue || !((call->send_top + 1) & RXRPC_TXQ_MASK)) {
  335. ret = rxrpc_alloc_txqueue(sk, call);
  336. if (ret < 0)
  337. goto maybe_error;
  338. }
  339. /* Work out the maximum size of a packet. Assume that
  340. * the security header is going to be in the padded
  341. * region (enc blocksize), but the trailer is not.
  342. */
  343. remain = more ? INT_MAX : msg_data_left(msg);
  344. txb = call->conn->security->alloc_txbuf(call, remain, sk->sk_allocation);
  345. if (!txb) {
  346. ret = -ENOMEM;
  347. goto maybe_error;
  348. }
  349. }
  350. _debug("append");
  351. /* append next segment of data to the current buffer */
  352. if (msg_data_left(msg) > 0) {
  353. size_t copy = umin(txb->space, msg_data_left(msg));
  354. _debug("add %zu", copy);
  355. if (!copy_from_iter_full(txb->data + txb->offset,
  356. copy, &msg->msg_iter))
  357. goto efault;
  358. _debug("added");
  359. txb->space -= copy;
  360. txb->len += copy;
  361. txb->offset += copy;
  362. copied += copy;
  363. if (call->tx_total_len != -1)
  364. call->tx_total_len -= copy;
  365. }
  366. /* check for the far side aborting the call or a network error
  367. * occurring */
  368. if (rxrpc_call_is_complete(call))
  369. goto call_terminated;
  370. /* add the packet to the send queue if it's now full */
  371. if (!txb->space ||
  372. (msg_data_left(msg) == 0 && !more)) {
  373. if (msg_data_left(msg) == 0 && !more)
  374. txb->flags |= RXRPC_LAST_PACKET;
  375. ret = call->security->secure_packet(call, txb);
  376. if (ret < 0)
  377. goto out;
  378. rxrpc_queue_packet(rx, call, txb, notify_end_tx);
  379. txb = NULL;
  380. }
  381. } while (msg_data_left(msg) > 0);
  382. success:
  383. ret = copied;
  384. if (rxrpc_call_is_complete(call) &&
  385. call->error < 0)
  386. ret = call->error;
  387. out:
  388. call->tx_pending = txb;
  389. _leave(" = %d", ret);
  390. return ret;
  391. call_terminated:
  392. rxrpc_put_txbuf(txb, rxrpc_txbuf_put_send_aborted);
  393. _leave(" = %d", call->error);
  394. return call->error;
  395. maybe_error:
  396. if (copied)
  397. goto success;
  398. goto out;
  399. efault:
  400. ret = -EFAULT;
  401. goto out;
  402. wait_for_space:
  403. ret = -EAGAIN;
  404. if (msg->msg_flags & MSG_DONTWAIT)
  405. goto maybe_error;
  406. mutex_unlock(&call->user_mutex);
  407. *_dropped_lock = true;
  408. ret = rxrpc_wait_for_tx_window(rx, call, &timeo,
  409. msg->msg_flags & MSG_WAITALL);
  410. if (ret < 0)
  411. goto maybe_error;
  412. if (call->interruptibility == RXRPC_INTERRUPTIBLE) {
  413. if (mutex_lock_interruptible(&call->user_mutex) < 0) {
  414. ret = sock_intr_errno(timeo);
  415. goto maybe_error;
  416. }
  417. } else {
  418. mutex_lock(&call->user_mutex);
  419. }
  420. *_dropped_lock = false;
  421. goto reload;
  422. }
  423. /*
  424. * extract control messages from the sendmsg() control buffer
  425. */
  426. static int rxrpc_sendmsg_cmsg(struct msghdr *msg, struct rxrpc_send_params *p)
  427. {
  428. struct cmsghdr *cmsg;
  429. bool got_user_ID = false;
  430. int len;
  431. if (msg->msg_controllen == 0)
  432. return -EINVAL;
  433. for_each_cmsghdr(cmsg, msg) {
  434. if (!CMSG_OK(msg, cmsg))
  435. return -EINVAL;
  436. len = cmsg->cmsg_len - sizeof(struct cmsghdr);
  437. _debug("CMSG %d, %d, %d",
  438. cmsg->cmsg_level, cmsg->cmsg_type, len);
  439. if (cmsg->cmsg_level != SOL_RXRPC)
  440. continue;
  441. switch (cmsg->cmsg_type) {
  442. case RXRPC_USER_CALL_ID:
  443. if (msg->msg_flags & MSG_CMSG_COMPAT) {
  444. if (len != sizeof(u32))
  445. return -EINVAL;
  446. p->call.user_call_ID = *(u32 *)CMSG_DATA(cmsg);
  447. } else {
  448. if (len != sizeof(unsigned long))
  449. return -EINVAL;
  450. p->call.user_call_ID = *(unsigned long *)
  451. CMSG_DATA(cmsg);
  452. }
  453. got_user_ID = true;
  454. break;
  455. case RXRPC_ABORT:
  456. if (p->command != RXRPC_CMD_SEND_DATA)
  457. return -EINVAL;
  458. p->command = RXRPC_CMD_SEND_ABORT;
  459. if (len != sizeof(p->abort_code))
  460. return -EINVAL;
  461. p->abort_code = *(unsigned int *)CMSG_DATA(cmsg);
  462. if (p->abort_code == 0)
  463. return -EINVAL;
  464. break;
  465. case RXRPC_CHARGE_ACCEPT:
  466. if (p->command != RXRPC_CMD_SEND_DATA)
  467. return -EINVAL;
  468. p->command = RXRPC_CMD_CHARGE_ACCEPT;
  469. if (len != 0)
  470. return -EINVAL;
  471. break;
  472. case RXRPC_EXCLUSIVE_CALL:
  473. p->exclusive = true;
  474. if (len != 0)
  475. return -EINVAL;
  476. break;
  477. case RXRPC_UPGRADE_SERVICE:
  478. p->upgrade = true;
  479. if (len != 0)
  480. return -EINVAL;
  481. break;
  482. case RXRPC_TX_LENGTH:
  483. if (p->call.tx_total_len != -1 || len != sizeof(__s64))
  484. return -EINVAL;
  485. p->call.tx_total_len = *(__s64 *)CMSG_DATA(cmsg);
  486. if (p->call.tx_total_len < 0)
  487. return -EINVAL;
  488. break;
  489. case RXRPC_SET_CALL_TIMEOUT:
  490. if (len & 3 || len < 4 || len > 12)
  491. return -EINVAL;
  492. memcpy(&p->call.timeouts, CMSG_DATA(cmsg), len);
  493. p->call.nr_timeouts = len / 4;
  494. if (p->call.timeouts.hard > INT_MAX / HZ)
  495. return -ERANGE;
  496. if (p->call.nr_timeouts >= 2 && p->call.timeouts.idle > 60 * 60 * 1000)
  497. return -ERANGE;
  498. if (p->call.nr_timeouts >= 3 && p->call.timeouts.normal > 60 * 60 * 1000)
  499. return -ERANGE;
  500. break;
  501. default:
  502. return -EINVAL;
  503. }
  504. }
  505. if (!got_user_ID)
  506. return -EINVAL;
  507. if (p->call.tx_total_len != -1 && p->command != RXRPC_CMD_SEND_DATA)
  508. return -EINVAL;
  509. _leave(" = 0");
  510. return 0;
  511. }
  512. /*
  513. * Create a new client call for sendmsg().
  514. * - Called with the socket lock held, which it must release.
  515. * - If it returns a call, the call's lock will need releasing by the caller.
  516. */
  517. static struct rxrpc_call *
  518. rxrpc_new_client_call_for_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg,
  519. struct rxrpc_send_params *p)
  520. __releases(&rx->sk.sk_lock)
  521. __acquires(&call->user_mutex)
  522. {
  523. struct rxrpc_conn_parameters cp;
  524. struct rxrpc_peer *peer;
  525. struct rxrpc_call *call;
  526. struct key *key;
  527. DECLARE_SOCKADDR(struct sockaddr_rxrpc *, srx, msg->msg_name);
  528. _enter("");
  529. if (!msg->msg_name) {
  530. release_sock(&rx->sk);
  531. return ERR_PTR(-EDESTADDRREQ);
  532. }
  533. peer = rxrpc_lookup_peer(rx->local, srx, GFP_KERNEL);
  534. if (!peer) {
  535. release_sock(&rx->sk);
  536. return ERR_PTR(-ENOMEM);
  537. }
  538. key = rx->key;
  539. if (key && !rx->key->payload.data[0])
  540. key = NULL;
  541. memset(&cp, 0, sizeof(cp));
  542. cp.local = rx->local;
  543. cp.peer = peer;
  544. cp.key = key;
  545. cp.security_level = rx->min_sec_level;
  546. cp.exclusive = rx->exclusive | p->exclusive;
  547. cp.upgrade = p->upgrade;
  548. cp.service_id = srx->srx_service;
  549. call = rxrpc_new_client_call(rx, &cp, &p->call, GFP_KERNEL,
  550. atomic_inc_return(&rxrpc_debug_id));
  551. /* The socket is now unlocked */
  552. rxrpc_put_peer(peer, rxrpc_peer_put_application);
  553. _leave(" = %p\n", call);
  554. return call;
  555. }
  556. /*
  557. * send a message forming part of a client call through an RxRPC socket
  558. * - caller holds the socket locked
  559. * - the socket may be either a client socket or a server socket
  560. */
  561. int rxrpc_do_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg, size_t len)
  562. {
  563. struct rxrpc_call *call;
  564. bool dropped_lock = false;
  565. int ret;
  566. struct rxrpc_send_params p = {
  567. .call.tx_total_len = -1,
  568. .call.user_call_ID = 0,
  569. .call.nr_timeouts = 0,
  570. .call.interruptibility = RXRPC_INTERRUPTIBLE,
  571. .abort_code = 0,
  572. .command = RXRPC_CMD_SEND_DATA,
  573. .exclusive = false,
  574. .upgrade = false,
  575. };
  576. _enter("");
  577. ret = rxrpc_sendmsg_cmsg(msg, &p);
  578. if (ret < 0)
  579. goto error_release_sock;
  580. if (p.command == RXRPC_CMD_CHARGE_ACCEPT) {
  581. ret = -EINVAL;
  582. if (rx->sk.sk_state != RXRPC_SERVER_LISTENING)
  583. goto error_release_sock;
  584. ret = rxrpc_user_charge_accept(rx, p.call.user_call_ID);
  585. goto error_release_sock;
  586. }
  587. call = rxrpc_find_call_by_user_ID(rx, p.call.user_call_ID);
  588. if (!call) {
  589. ret = -EBADSLT;
  590. if (p.command != RXRPC_CMD_SEND_DATA)
  591. goto error_release_sock;
  592. call = rxrpc_new_client_call_for_sendmsg(rx, msg, &p);
  593. /* The socket is now unlocked... */
  594. if (IS_ERR(call))
  595. return PTR_ERR(call);
  596. /* ... and we have the call lock. */
  597. p.call.nr_timeouts = 0;
  598. ret = 0;
  599. if (rxrpc_call_is_complete(call))
  600. goto out_put_unlock;
  601. } else {
  602. switch (rxrpc_call_state(call)) {
  603. case RXRPC_CALL_CLIENT_AWAIT_CONN:
  604. case RXRPC_CALL_SERVER_RECV_REQUEST:
  605. if (p.command == RXRPC_CMD_SEND_ABORT)
  606. break;
  607. fallthrough;
  608. case RXRPC_CALL_UNINITIALISED:
  609. case RXRPC_CALL_SERVER_PREALLOC:
  610. rxrpc_put_call(call, rxrpc_call_put_sendmsg);
  611. ret = -EBUSY;
  612. goto error_release_sock;
  613. default:
  614. break;
  615. }
  616. ret = mutex_lock_interruptible(&call->user_mutex);
  617. release_sock(&rx->sk);
  618. if (ret < 0) {
  619. ret = -ERESTARTSYS;
  620. goto error_put;
  621. }
  622. if (p.call.tx_total_len != -1) {
  623. ret = -EINVAL;
  624. if (call->tx_total_len != -1 ||
  625. call->tx_pending ||
  626. call->tx_top != 0)
  627. goto out_put_unlock;
  628. call->tx_total_len = p.call.tx_total_len;
  629. }
  630. }
  631. switch (p.call.nr_timeouts) {
  632. case 3:
  633. WRITE_ONCE(call->next_rx_timo, p.call.timeouts.normal);
  634. fallthrough;
  635. case 2:
  636. WRITE_ONCE(call->next_req_timo, p.call.timeouts.idle);
  637. fallthrough;
  638. case 1:
  639. if (p.call.timeouts.hard > 0) {
  640. ktime_t delay = ms_to_ktime(p.call.timeouts.hard * MSEC_PER_SEC);
  641. WRITE_ONCE(call->expect_term_by,
  642. ktime_add(p.call.timeouts.hard,
  643. ktime_get_real()));
  644. trace_rxrpc_timer_set(call, delay, rxrpc_timer_trace_hard);
  645. rxrpc_poke_call(call, rxrpc_call_poke_set_timeout);
  646. }
  647. break;
  648. }
  649. if (rxrpc_call_is_complete(call)) {
  650. /* it's too late for this call */
  651. ret = -ESHUTDOWN;
  652. goto out_put_unlock;
  653. }
  654. switch (p.command) {
  655. case RXRPC_CMD_SEND_ABORT:
  656. rxrpc_propose_abort(call, p.abort_code, -ECONNABORTED,
  657. rxrpc_abort_call_sendmsg);
  658. ret = 0;
  659. break;
  660. case RXRPC_CMD_SEND_DATA:
  661. ret = rxrpc_send_data(rx, call, msg, len, NULL, &dropped_lock);
  662. break;
  663. default:
  664. ret = -EINVAL;
  665. break;
  666. }
  667. out_put_unlock:
  668. if (!dropped_lock)
  669. mutex_unlock(&call->user_mutex);
  670. error_put:
  671. rxrpc_put_call(call, rxrpc_call_put_sendmsg);
  672. _leave(" = %d", ret);
  673. return ret;
  674. error_release_sock:
  675. release_sock(&rx->sk);
  676. return ret;
  677. }
  678. /**
  679. * rxrpc_kernel_send_data - Allow a kernel service to send data on a call
  680. * @sock: The socket the call is on
  681. * @call: The call to send data through
  682. * @msg: The data to send
  683. * @len: The amount of data to send
  684. * @notify_end_tx: Notification that the last packet is queued.
  685. *
  686. * Allow a kernel service to send data on a call. The call must be in an state
  687. * appropriate to sending data. No control data should be supplied in @msg,
  688. * nor should an address be supplied. MSG_MORE should be flagged if there's
  689. * more data to come, otherwise this data will end the transmission phase.
  690. *
  691. * Return: %0 if successful and a negative error code otherwise.
  692. */
  693. int rxrpc_kernel_send_data(struct socket *sock, struct rxrpc_call *call,
  694. struct msghdr *msg, size_t len,
  695. rxrpc_notify_end_tx_t notify_end_tx)
  696. {
  697. bool dropped_lock = false;
  698. int ret;
  699. _enter("{%d},", call->debug_id);
  700. ASSERTCMP(msg->msg_name, ==, NULL);
  701. ASSERTCMP(msg->msg_control, ==, NULL);
  702. mutex_lock(&call->user_mutex);
  703. ret = rxrpc_send_data(rxrpc_sk(sock->sk), call, msg, len,
  704. notify_end_tx, &dropped_lock);
  705. if (ret == -ESHUTDOWN)
  706. ret = call->error;
  707. if (!dropped_lock)
  708. mutex_unlock(&call->user_mutex);
  709. _leave(" = %d", ret);
  710. return ret;
  711. }
  712. EXPORT_SYMBOL(rxrpc_kernel_send_data);
  713. /**
  714. * rxrpc_kernel_abort_call - Allow a kernel service to abort a call
  715. * @sock: The socket the call is on
  716. * @call: The call to be aborted
  717. * @abort_code: The abort code to stick into the ABORT packet
  718. * @error: Local error value
  719. * @why: Indication as to why.
  720. *
  721. * Allow a kernel service to abort a call if it's still in an abortable state.
  722. *
  723. * Return: %true if the call was aborted, %false if it was already complete.
  724. */
  725. bool rxrpc_kernel_abort_call(struct socket *sock, struct rxrpc_call *call,
  726. u32 abort_code, int error, enum rxrpc_abort_reason why)
  727. {
  728. bool aborted;
  729. _enter("{%d},%d,%d,%u", call->debug_id, abort_code, error, why);
  730. mutex_lock(&call->user_mutex);
  731. aborted = rxrpc_propose_abort(call, abort_code, error, why);
  732. mutex_unlock(&call->user_mutex);
  733. return aborted;
  734. }
  735. EXPORT_SYMBOL(rxrpc_kernel_abort_call);
  736. /**
  737. * rxrpc_kernel_set_tx_length - Set the total Tx length on a call
  738. * @sock: The socket the call is on
  739. * @call: The call to be informed
  740. * @tx_total_len: The amount of data to be transmitted for this call
  741. *
  742. * Allow a kernel service to set the total transmit length on a call. This
  743. * allows buffer-to-packet encrypt-and-copy to be performed.
  744. *
  745. * This function is primarily for use for setting the reply length since the
  746. * request length can be set when beginning the call.
  747. */
  748. void rxrpc_kernel_set_tx_length(struct socket *sock, struct rxrpc_call *call,
  749. s64 tx_total_len)
  750. {
  751. WARN_ON(call->tx_total_len != -1);
  752. call->tx_total_len = tx_total_len;
  753. }
  754. EXPORT_SYMBOL(rxrpc_kernel_set_tx_length);