[linux-block.git] / net / rxrpc / conn_event.c

// SPDX-License-Identifier: GPL-2.0-or-later
/* connection-level event handling
 *
 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 */

#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt

#include <linux/module.h>
#include <linux/net.h>
#include <linux/skbuff.h>
#include <linux/errqueue.h>
#include <net/sock.h>
#include <net/af_rxrpc.h>
#include <net/ip.h>
#include "ar-internal.h"

/*
 * Retransmit terminal ACK or ABORT of the previous call.
 */
static void rxrpc_conn_retransmit_call(struct rxrpc_connection *conn,
				       struct sk_buff *skb,
				       unsigned int channel)
{
	struct rxrpc_skb_priv *sp = skb ? rxrpc_skb(skb) : NULL;
	struct rxrpc_channel *chan;
	struct msghdr msg;
	struct kvec iov[3];
	struct {
		struct rxrpc_wire_header whdr;
		union {
			__be32 abort_code;
			struct rxrpc_ackpacket ack;
		};
	} __attribute__((packed)) pkt;
	struct rxrpc_ackinfo ack_info;
	size_t len;
	int ret, ioc;
	u32 serial, mtu, call_id, padding;

	_enter("%d", conn->debug_id);

	chan = &conn->channels[channel];

	/* If the last call got moved on whilst we were waiting to run, just
	 * ignore this packet.
	 */
	call_id = READ_ONCE(chan->last_call);
	/* Sync with __rxrpc_disconnect_call() */
	smp_rmb();
	if (skb && call_id != sp->hdr.callNumber)
		return;

	msg.msg_name	= &conn->params.peer->srx.transport;
	msg.msg_namelen	= conn->params.peer->srx.transport_len;
	msg.msg_control	= NULL;
	msg.msg_controllen = 0;
	msg.msg_flags	= 0;

	iov[0].iov_base	= &pkt;
	iov[0].iov_len	= sizeof(pkt.whdr);
	iov[1].iov_base	= &padding;
	iov[1].iov_len	= 3;
	iov[2].iov_base	= &ack_info;
	iov[2].iov_len	= sizeof(ack_info);

	pkt.whdr.epoch		= htonl(conn->proto.epoch);
	pkt.whdr.cid		= htonl(conn->proto.cid | channel);
	pkt.whdr.callNumber	= htonl(call_id);
	pkt.whdr.seq		= 0;
	pkt.whdr.type		= chan->last_type;
	pkt.whdr.flags		= conn->out_clientflag;
	pkt.whdr.userStatus	= 0;
	pkt.whdr.securityIndex	= conn->security_ix;
	pkt.whdr._rsvd		= 0;
	pkt.whdr.serviceId	= htons(conn->service_id);

	len = sizeof(pkt.whdr);
	switch (chan->last_type) {
	case RXRPC_PACKET_TYPE_ABORT:
		pkt.abort_code	= htonl(chan->last_abort);
		iov[0].iov_len += sizeof(pkt.abort_code);
		len += sizeof(pkt.abort_code);
		ioc = 1;
		break;

	case RXRPC_PACKET_TYPE_ACK:
		mtu = conn->params.peer->if_mtu;
		mtu -= conn->params.peer->hdrsize;
		pkt.ack.bufferSpace	= 0;
		pkt.ack.maxSkew		= htons(skb ? skb->priority : 0);
		pkt.ack.firstPacket	= htonl(chan->last_seq + 1);
		pkt.ack.previousPacket	= htonl(chan->last_seq);
		pkt.ack.serial		= htonl(skb ? sp->hdr.serial : 0);
		pkt.ack.reason		= skb ? RXRPC_ACK_DUPLICATE : RXRPC_ACK_IDLE;
		pkt.ack.nAcks		= 0;
		ack_info.rxMTU		= htonl(rxrpc_rx_mtu);
		ack_info.maxMTU		= htonl(mtu);
		ack_info.rwind		= htonl(rxrpc_rx_window_size);
		ack_info.jumbo_max	= htonl(rxrpc_rx_jumbo_max);
		pkt.whdr.flags		|= RXRPC_SLOW_START_OK;
		padding			= 0;
		iov[0].iov_len += sizeof(pkt.ack);
		len += sizeof(pkt.ack) + 3 + sizeof(ack_info);
		ioc = 3;
		break;

	default:
		return;
	}

	/* Resync with __rxrpc_disconnect_call() and check that the last call
	 * didn't get advanced whilst we were filling out the packets.
	 */
	smp_rmb();
	if (READ_ONCE(chan->last_call) != call_id)
		return;

	serial = atomic_inc_return(&conn->serial);
	pkt.whdr.serial = htonl(serial);

	switch (chan->last_type) {
	case RXRPC_PACKET_TYPE_ABORT:
		_proto("Tx ABORT %%%u { %d } [re]", serial, conn->abort_code);
		break;
	case RXRPC_PACKET_TYPE_ACK:
		trace_rxrpc_tx_ack(chan->call_debug_id, serial,
				   ntohl(pkt.ack.firstPacket),
				   ntohl(pkt.ack.serial),
				   pkt.ack.reason, 0);
		_proto("Tx ACK %%%u [re]", serial);
		break;
	}

	ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, ioc, len);
	conn->params.peer->last_tx_at = ktime_get_seconds();
	if (ret < 0)
		trace_rxrpc_tx_fail(chan->call_debug_id, serial, ret,
				    rxrpc_tx_point_call_final_resend);
	else
		trace_rxrpc_tx_packet(chan->call_debug_id, &pkt.whdr,
				      rxrpc_tx_point_call_final_resend);

	_leave("");
}

/*
 * pass a connection-level abort onto all calls on that connection
 */
static void rxrpc_abort_calls(struct rxrpc_connection *conn,
			      enum rxrpc_call_completion compl,
			      rxrpc_serial_t serial)
{
	struct rxrpc_call *call;
	int i;

	_enter("{%d},%x", conn->debug_id, conn->abort_code);

	spin_lock(&conn->channel_lock);

	for (i = 0; i < RXRPC_MAXCALLS; i++) {
		call = rcu_dereference_protected(
			conn->channels[i].call,
			lockdep_is_held(&conn->channel_lock));
		if (call) {
			if (compl == RXRPC_CALL_LOCALLY_ABORTED)
				trace_rxrpc_abort(call->debug_id,
						  "CON", call->cid,
						  call->call_id, 0,
						  conn->abort_code,
						  conn->error);
			else
				trace_rxrpc_rx_abort(call, serial,
						     conn->abort_code);
			rxrpc_set_call_completion(call, compl,
						  conn->abort_code,
						  conn->error);
		}
	}

	spin_unlock(&conn->channel_lock);
	_leave("");
}

/*
 * generate a connection-level abort
 */
static int rxrpc_abort_connection(struct rxrpc_connection *conn,
				  int error, u32 abort_code)
{
	struct rxrpc_wire_header whdr;
	struct msghdr msg;
	struct kvec iov[2];
	__be32 word;
	size_t len;
	u32 serial;
	int ret;

	_enter("%d,,%u,%u", conn->debug_id, error, abort_code);

	/* generate a connection-level abort */
	spin_lock_bh(&conn->state_lock);
	if (conn->state >= RXRPC_CONN_REMOTELY_ABORTED) {
		spin_unlock_bh(&conn->state_lock);
		_leave(" = 0 [already dead]");
		return 0;
	}

	conn->error = error;
	conn->abort_code = abort_code;
	conn->state = RXRPC_CONN_LOCALLY_ABORTED;
	spin_unlock_bh(&conn->state_lock);

	msg.msg_name	= &conn->params.peer->srx.transport;
	msg.msg_namelen	= conn->params.peer->srx.transport_len;
	msg.msg_control	= NULL;
	msg.msg_controllen = 0;
	msg.msg_flags	= 0;

	whdr.epoch	= htonl(conn->proto.epoch);
	whdr.cid	= htonl(conn->proto.cid);
	whdr.callNumber	= 0;
	whdr.seq	= 0;
	whdr.type	= RXRPC_PACKET_TYPE_ABORT;
	whdr.flags	= conn->out_clientflag;
	whdr.userStatus	= 0;
	whdr.securityIndex = conn->security_ix;
	whdr._rsvd	= 0;
	whdr.serviceId	= htons(conn->service_id);

	word		= htonl(conn->abort_code);

	iov[0].iov_base	= &whdr;
	iov[0].iov_len	= sizeof(whdr);
	iov[1].iov_base	= &word;
	iov[1].iov_len	= sizeof(word);

	len = iov[0].iov_len + iov[1].iov_len;

	serial = atomic_inc_return(&conn->serial);
	rxrpc_abort_calls(conn, RXRPC_CALL_LOCALLY_ABORTED, serial);
	whdr.serial = htonl(serial);
	_proto("Tx CONN ABORT %%%u { %d }", serial, conn->abort_code);

	ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, 2, len);
	if (ret < 0) {
		trace_rxrpc_tx_fail(conn->debug_id, serial, ret,
				    rxrpc_tx_point_conn_abort);
		_debug("sendmsg failed: %d", ret);
		return -EAGAIN;
	}

	trace_rxrpc_tx_packet(conn->debug_id, &whdr, rxrpc_tx_point_conn_abort);

	conn->params.peer->last_tx_at = ktime_get_seconds();

	_leave(" = 0");
	return 0;
}

/*
 * mark a call as being on a now-secured channel
 * - must be called with BH's disabled.
 */
static void rxrpc_call_is_secure(struct rxrpc_call *call)
{
	_enter("%p", call);
	if (call) {
		write_lock_bh(&call->state_lock);
		if (call->state == RXRPC_CALL_SERVER_SECURING) {
			call->state = RXRPC_CALL_SERVER_ACCEPTING;
			rxrpc_notify_socket(call);
		}
		write_unlock_bh(&call->state_lock);
	}
}

/*
 * connection-level Rx packet processor
 */
static int rxrpc_process_event(struct rxrpc_connection *conn,
			       struct sk_buff *skb,
			       u32 *_abort_code)
{
	struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
	__be32 wtmp;
	u32 abort_code;
	int loop, ret;

	if (conn->state >= RXRPC_CONN_REMOTELY_ABORTED) {
		_leave(" = -ECONNABORTED [%u]", conn->state);
		return -ECONNABORTED;
	}

	_enter("{%d},{%u,%%%u},", conn->debug_id, sp->hdr.type, sp->hdr.serial);

	switch (sp->hdr.type) {
	case RXRPC_PACKET_TYPE_DATA:
	case RXRPC_PACKET_TYPE_ACK:
		rxrpc_conn_retransmit_call(conn, skb,
					   sp->hdr.cid & RXRPC_CHANNELMASK);
		return 0;

	case RXRPC_PACKET_TYPE_BUSY:
		/* Just ignore BUSY packets for now. */
		return 0;

	case RXRPC_PACKET_TYPE_ABORT:
		if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header),
				  &wtmp, sizeof(wtmp)) < 0) {
			trace_rxrpc_rx_eproto(NULL, sp->hdr.serial,
					      tracepoint_string("bad_abort"));
			return -EPROTO;
		}
		abort_code = ntohl(wtmp);
		_proto("Rx ABORT %%%u { ac=%d }", sp->hdr.serial, abort_code);

		conn->error = -ECONNABORTED;
		conn->abort_code = abort_code;
		conn->state = RXRPC_CONN_REMOTELY_ABORTED;
		rxrpc_abort_calls(conn, RXRPC_CALL_REMOTELY_ABORTED, sp->hdr.serial);
		return -ECONNABORTED;

	case RXRPC_PACKET_TYPE_CHALLENGE:
		return conn->security->respond_to_challenge(conn, skb,
							    _abort_code);

	case RXRPC_PACKET_TYPE_RESPONSE:
		ret = conn->security->verify_response(conn, skb, _abort_code);
		if (ret < 0)
			return ret;

		ret = conn->security->init_connection_security(conn);
		if (ret < 0)
			return ret;

		ret = conn->security->prime_packet_security(conn);
		if (ret < 0)
			return ret;

		spin_lock(&conn->channel_lock);
		spin_lock(&conn->state_lock);

		if (conn->state == RXRPC_CONN_SERVICE_CHALLENGING) {
			conn->state = RXRPC_CONN_SERVICE;
			spin_unlock(&conn->state_lock);
			for (loop = 0; loop < RXRPC_MAXCALLS; loop++)
				rxrpc_call_is_secure(
					rcu_dereference_protected(
						conn->channels[loop].call,
						lockdep_is_held(&conn->channel_lock)));
		} else {
			spin_unlock(&conn->state_lock);
		}

		spin_unlock(&conn->channel_lock);
		return 0;

	default:
		trace_rxrpc_rx_eproto(NULL, sp->hdr.serial,
				      tracepoint_string("bad_conn_pkt"));
		return -EPROTO;
	}
}

/*
 * set up security and issue a challenge
 */
static void rxrpc_secure_connection(struct rxrpc_connection *conn)
{
	u32 abort_code;
	int ret;

	_enter("{%d}", conn->debug_id);

	ASSERT(conn->security_ix != 0);
	ASSERT(conn->server_key);

	if (conn->security->issue_challenge(conn) < 0) {
		abort_code = RX_CALL_DEAD;
		ret = -ENOMEM;
		goto abort;
	}

	_leave("");
	return;

abort:
	_debug("abort %d, %d", ret, abort_code);
	rxrpc_abort_connection(conn, ret, abort_code);
	_leave(" [aborted]");
}

/*
 * Process delayed final ACKs that we haven't subsumed into a subsequent call.
 */
static void rxrpc_process_delayed_final_acks(struct rxrpc_connection *conn)
{
	unsigned long j = jiffies, next_j;
	unsigned int channel;
	bool set;

again:
	next_j = j + LONG_MAX;
	set = false;
	for (channel = 0; channel < RXRPC_MAXCALLS; channel++) {
		struct rxrpc_channel *chan = &conn->channels[channel];
		unsigned long ack_at;

		if (!test_bit(RXRPC_CONN_FINAL_ACK_0 + channel, &conn->flags))
			continue;

		smp_rmb(); /* vs rxrpc_disconnect_client_call */
		ack_at = READ_ONCE(chan->final_ack_at);

		if (time_before(j, ack_at)) {
			if (time_before(ack_at, next_j)) {
				next_j = ack_at;
				set = true;
			}
			continue;
		}

		if (test_and_clear_bit(RXRPC_CONN_FINAL_ACK_0 + channel,
				       &conn->flags))
			rxrpc_conn_retransmit_call(conn, NULL, channel);
	}

	j = jiffies;
	if (time_before_eq(next_j, j))
		goto again;
	if (set)
		rxrpc_reduce_conn_timer(conn, next_j);
}

/*
 * connection-level event processor
 */
static void rxrpc_do_process_connection(struct rxrpc_connection *conn)
{
	struct sk_buff *skb;
	u32 abort_code = RX_PROTOCOL_ERROR;
	int ret;

	if (test_and_clear_bit(RXRPC_CONN_EV_CHALLENGE, &conn->events))
		rxrpc_secure_connection(conn);

	/* Process delayed ACKs whose time has come. */
	if (conn->flags & RXRPC_CONN_FINAL_ACK_MASK)
		rxrpc_process_delayed_final_acks(conn);

	/* go through the conn-level event packets, releasing the ref on this
	 * connection that each one has when we've finished with it */
	while ((skb = skb_dequeue(&conn->rx_queue))) {
		rxrpc_see_skb(skb, rxrpc_skb_seen);
		ret = rxrpc_process_event(conn, skb, &abort_code);
		switch (ret) {
		case -EPROTO:
		case -EKEYEXPIRED:
		case -EKEYREJECTED:
			goto protocol_error;
		case -ENOMEM:
		case -EAGAIN:
			goto requeue_and_leave;
		case -ECONNABORTED:
		default:
			rxrpc_free_skb(skb, rxrpc_skb_freed);
			break;
		}
	}

	return;

requeue_and_leave:
	skb_queue_head(&conn->rx_queue, skb);
	return;

protocol_error:
	if (rxrpc_abort_connection(conn, ret, abort_code) < 0)
		goto requeue_and_leave;
	rxrpc_free_skb(skb, rxrpc_skb_freed);
	return;
}

void rxrpc_process_connection(struct work_struct *work)
{
	struct rxrpc_connection *conn =
		container_of(work, struct rxrpc_connection, processor);

	rxrpc_see_connection(conn);

	if (__rxrpc_use_local(conn->params.local)) {
		rxrpc_do_process_connection(conn);
		rxrpc_unuse_local(conn->params.local);
	}

	rxrpc_put_connection(conn);
	_leave("");
	return;
}
Commit	Line	Data
2874c5fd	1	// SPDX-License-Identifier: GPL-2.0-or-later
17926a79 DH	2	/* connection-level event handling
	3	*
	4	* Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
	5	* Written by David Howells (dhowells@redhat.com)
17926a79 DH	6	*/
17926a79 DH	7
9b6d5398 JP	8	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9b6d5398 JP	9
17926a79 DH	10	#include <linux/module.h>
	11	#include <linux/net.h>
	12	#include <linux/skbuff.h>
	13	#include <linux/errqueue.h>
17926a79 DH	14	#include <net/sock.h>
	15	#include <net/af_rxrpc.h>
	16	#include <net/ip.h>
	17	#include "ar-internal.h"
	18
18bfeba5 DH	19	/*
	20	* Retransmit terminal ACK or ABORT of the previous call.
	21	*/
f5c17aae	22	static void rxrpc_conn_retransmit_call(struct rxrpc_connection *conn,
3136ef49 DH	23	struct sk_buff *skb,
3136ef49 DH	24	unsigned int channel)
18bfeba5	25	{
3136ef49	26	struct rxrpc_skb_priv *sp = skb ? rxrpc_skb(skb) : NULL;
18bfeba5 DH	27	struct rxrpc_channel *chan;
18bfeba5 DH	28	struct msghdr msg;
5fc62f6a	29	struct kvec iov[3];
18bfeba5 DH	30	struct {
	31	struct rxrpc_wire_header whdr;
	32	union {
5fc62f6a DH	33	__be32 abort_code;
5fc62f6a DH	34	struct rxrpc_ackpacket ack;
18bfeba5 DH	35	};
18bfeba5 DH	36	} __attribute__((packed)) pkt;
5fc62f6a	37	struct rxrpc_ackinfo ack_info;
18bfeba5	38	size_t len;
6b47fe1d	39	int ret, ioc;
5fc62f6a	40	u32 serial, mtu, call_id, padding;
18bfeba5 DH	41
	42	_enter("%d", conn->debug_id);
	43
3136ef49	44	chan = &conn->channels[channel];
18bfeba5 DH	45
	46	/* If the last call got moved on whilst we were waiting to run, just
	47	* ignore this packet.
	48	*/
	49	call_id = READ_ONCE(chan->last_call);
	50	/* Sync with __rxrpc_disconnect_call() */
	51	smp_rmb();
3136ef49	52	if (skb && call_id != sp->hdr.callNumber)
18bfeba5 DH	53	return;
	54
	55	msg.msg_name = &conn->params.peer->srx.transport;
	56	msg.msg_namelen = conn->params.peer->srx.transport_len;
	57	msg.msg_control = NULL;
	58	msg.msg_controllen = 0;
	59	msg.msg_flags = 0;
	60
5fc62f6a DH	61	iov[0].iov_base = &pkt;
	62	iov[0].iov_len = sizeof(pkt.whdr);
	63	iov[1].iov_base = &padding;
	64	iov[1].iov_len = 3;
	65	iov[2].iov_base = &ack_info;
	66	iov[2].iov_len = sizeof(ack_info);
	67
3136ef49	68	pkt.whdr.epoch = htonl(conn->proto.epoch);
fb1967a6	69	pkt.whdr.cid = htonl(conn->proto.cid \| channel);
3136ef49	70	pkt.whdr.callNumber = htonl(call_id);
18bfeba5 DH	71	pkt.whdr.seq = 0;
	72	pkt.whdr.type = chan->last_type;
	73	pkt.whdr.flags = conn->out_clientflag;
	74	pkt.whdr.userStatus = 0;
	75	pkt.whdr.securityIndex = conn->security_ix;
	76	pkt.whdr._rsvd = 0;
68d6d1ae	77	pkt.whdr.serviceId = htons(conn->service_id);
18bfeba5 DH	78
	79	len = sizeof(pkt.whdr);
	80	switch (chan->last_type) {
	81	case RXRPC_PACKET_TYPE_ABORT:
5fc62f6a DH	82	pkt.abort_code = htonl(chan->last_abort);
	83	iov[0].iov_len += sizeof(pkt.abort_code);
	84	len += sizeof(pkt.abort_code);
	85	ioc = 1;
18bfeba5 DH	86	break;
	87
	88	case RXRPC_PACKET_TYPE_ACK:
	89	mtu = conn->params.peer->if_mtu;
	90	mtu -= conn->params.peer->hdrsize;
	91	pkt.ack.bufferSpace = 0;
3136ef49 DH	92	pkt.ack.maxSkew = htons(skb ? skb->priority : 0);
	93	pkt.ack.firstPacket = htonl(chan->last_seq + 1);
	94	pkt.ack.previousPacket = htonl(chan->last_seq);
	95	pkt.ack.serial = htonl(skb ? sp->hdr.serial : 0);
	96	pkt.ack.reason = skb ? RXRPC_ACK_DUPLICATE : RXRPC_ACK_IDLE;
18bfeba5	97	pkt.ack.nAcks = 0;
5fc62f6a DH	98	ack_info.rxMTU = htonl(rxrpc_rx_mtu);
	99	ack_info.maxMTU = htonl(mtu);
	100	ack_info.rwind = htonl(rxrpc_rx_window_size);
	101	ack_info.jumbo_max = htonl(rxrpc_rx_jumbo_max);
57494343	102	pkt.whdr.flags \|= RXRPC_SLOW_START_OK;
5fc62f6a DH	103	padding = 0;
	104	iov[0].iov_len += sizeof(pkt.ack);
	105	len += sizeof(pkt.ack) + 3 + sizeof(ack_info);
	106	ioc = 3;
18bfeba5	107	break;
5fc62f6a DH	108
	109	default:
	110	return;
18bfeba5 DH	111	}
	112
	113	/* Resync with __rxrpc_disconnect_call() and check that the last call
	114	* didn't get advanced whilst we were filling out the packets.
	115	*/
	116	smp_rmb();
	117	if (READ_ONCE(chan->last_call) != call_id)
	118	return;
	119
18bfeba5 DH	120	serial = atomic_inc_return(&conn->serial);
	121	pkt.whdr.serial = htonl(serial);
	122
	123	switch (chan->last_type) {
	124	case RXRPC_PACKET_TYPE_ABORT:
64753092	125	_proto("Tx ABORT %%%u { %d } [re]", serial, conn->abort_code);
18bfeba5 DH	126	break;
18bfeba5 DH	127	case RXRPC_PACKET_TYPE_ACK:
4764c0da	128	trace_rxrpc_tx_ack(chan->call_debug_id, serial,
f3f8337c DH	129	ntohl(pkt.ack.firstPacket),
	130	ntohl(pkt.ack.serial),
	131	pkt.ack.reason, 0);
18bfeba5 DH	132	_proto("Tx ACK %%%u [re]", serial);
	133	break;
	134	}
	135
6b47fe1d	136	ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, ioc, len);
330bdcfa	137	conn->params.peer->last_tx_at = ktime_get_seconds();
6b47fe1d	138	if (ret < 0)
4764c0da DH	139	trace_rxrpc_tx_fail(chan->call_debug_id, serial, ret,
	140	rxrpc_tx_point_call_final_resend);
	141	else
	142	trace_rxrpc_tx_packet(chan->call_debug_id, &pkt.whdr,
	143	rxrpc_tx_point_call_final_resend);
6b47fe1d	144
18bfeba5	145	_leave("");
18bfeba5 DH	146	}
18bfeba5 DH	147
17926a79 DH	148	/*
	149	* pass a connection-level abort onto all calls on that connection
	150	*/
f5c17aae	151	static void rxrpc_abort_calls(struct rxrpc_connection *conn,
39ce6755 DH	152	enum rxrpc_call_completion compl,
39ce6755 DH	153	rxrpc_serial_t serial)
17926a79 DH	154	{
17926a79 DH	155	struct rxrpc_call *call;
248f219c	156	int i;
17926a79	157
64753092	158	_enter("{%d},%x", conn->debug_id, conn->abort_code);
17926a79	159
a1399f8b	160	spin_lock(&conn->channel_lock);
17926a79	161
a1399f8b DH	162	for (i = 0; i < RXRPC_MAXCALLS; i++) {
	163	call = rcu_dereference_protected(
	164	conn->channels[i].call,
	165	lockdep_is_held(&conn->channel_lock));
ccbd3dbe	166	if (call) {
5a42976d	167	if (compl == RXRPC_CALL_LOCALLY_ABORTED)
a25e21f0 DH	168	trace_rxrpc_abort(call->debug_id,
a25e21f0 DH	169	"CON", call->cid,
5a42976d	170	call->call_id, 0,
64753092 DH	171	conn->abort_code,
64753092 DH	172	conn->error);
39ce6755 DH	173	else
	174	trace_rxrpc_rx_abort(call, serial,
	175	conn->abort_code);
5ac0d622 DH	176	rxrpc_set_call_completion(call, compl,
	177	conn->abort_code,
	178	conn->error);
17926a79	179	}
17926a79 DH	180	}
17926a79 DH	181
a1399f8b	182	spin_unlock(&conn->channel_lock);
17926a79 DH	183	_leave("");
	184	}
	185
	186	/*
	187	* generate a connection-level abort
	188	*/
	189	static int rxrpc_abort_connection(struct rxrpc_connection *conn,
3a92789a	190	int error, u32 abort_code)
17926a79	191	{
0d12f8a4	192	struct rxrpc_wire_header whdr;
17926a79 DH	193	struct msghdr msg;
	194	struct kvec iov[2];
	195	__be32 word;
	196	size_t len;
0d12f8a4	197	u32 serial;
17926a79 DH	198	int ret;
	199
	200	_enter("%d,,%u,%u", conn->debug_id, error, abort_code);
	201
	202	/* generate a connection-level abort */
	203	spin_lock_bh(&conn->state_lock);
f5c17aae	204	if (conn->state >= RXRPC_CONN_REMOTELY_ABORTED) {
17926a79 DH	205	spin_unlock_bh(&conn->state_lock);
	206	_leave(" = 0 [already dead]");
	207	return 0;
	208	}
	209
64753092 DH	210	conn->error = error;
64753092 DH	211	conn->abort_code = abort_code;
f5c17aae DH	212	conn->state = RXRPC_CONN_LOCALLY_ABORTED;
	213	spin_unlock_bh(&conn->state_lock);
	214
85f32278 DH	215	msg.msg_name = &conn->params.peer->srx.transport;
85f32278 DH	216	msg.msg_namelen = conn->params.peer->srx.transport_len;
17926a79 DH	217	msg.msg_control = NULL;
	218	msg.msg_controllen = 0;
	219	msg.msg_flags = 0;
	220
19ffa01c DH	221	whdr.epoch = htonl(conn->proto.epoch);
19ffa01c DH	222	whdr.cid = htonl(conn->proto.cid);
0d12f8a4 DH	223	whdr.callNumber = 0;
	224	whdr.seq = 0;
	225	whdr.type = RXRPC_PACKET_TYPE_ABORT;
	226	whdr.flags = conn->out_clientflag;
	227	whdr.userStatus = 0;
	228	whdr.securityIndex = conn->security_ix;
	229	whdr._rsvd = 0;
68d6d1ae	230	whdr.serviceId = htons(conn->service_id);
17926a79	231
64753092	232	word = htonl(conn->abort_code);
17926a79	233
0d12f8a4 DH	234	iov[0].iov_base = &whdr;
0d12f8a4 DH	235	iov[0].iov_len = sizeof(whdr);
17926a79 DH	236	iov[1].iov_base = &word;
	237	iov[1].iov_len = sizeof(word);
	238
	239	len = iov[0].iov_len + iov[1].iov_len;
	240
0d12f8a4	241	serial = atomic_inc_return(&conn->serial);
39ce6755	242	rxrpc_abort_calls(conn, RXRPC_CALL_LOCALLY_ABORTED, serial);
0d12f8a4	243	whdr.serial = htonl(serial);
64753092	244	_proto("Tx CONN ABORT %%%u { %d }", serial, conn->abort_code);
17926a79	245
85f32278	246	ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, 2, len);
17926a79	247	if (ret < 0) {
6b47fe1d	248	trace_rxrpc_tx_fail(conn->debug_id, serial, ret,
4764c0da	249	rxrpc_tx_point_conn_abort);
17926a79 DH	250	_debug("sendmsg failed: %d", ret);
	251	return -EAGAIN;
	252	}
	253
4764c0da DH	254	trace_rxrpc_tx_packet(conn->debug_id, &whdr, rxrpc_tx_point_conn_abort);
4764c0da DH	255
330bdcfa	256	conn->params.peer->last_tx_at = ktime_get_seconds();
ace45bec	257
17926a79 DH	258	_leave(" = 0");
	259	return 0;
	260	}
	261
	262	/*
	263	* mark a call as being on a now-secured channel
248f219c	264	* - must be called with BH's disabled.
17926a79	265	*/
5eaa65b2	266	static void rxrpc_call_is_secure(struct rxrpc_call *call)
17926a79 DH	267	{
	268	_enter("%p", call);
	269	if (call) {
248f219c DH	270	write_lock_bh(&call->state_lock);
	271	if (call->state == RXRPC_CALL_SERVER_SECURING) {
	272	call->state = RXRPC_CALL_SERVER_ACCEPTING;
	273	rxrpc_notify_socket(call);
	274	}
	275	write_unlock_bh(&call->state_lock);
17926a79 DH	276	}
	277	}
	278
	279	/*
	280	* connection-level Rx packet processor
	281	*/
	282	static int rxrpc_process_event(struct rxrpc_connection *conn,
	283	struct sk_buff *skb,
	284	u32 *_abort_code)
	285	{
	286	struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
0d12f8a4 DH	287	__be32 wtmp;
0d12f8a4 DH	288	u32 abort_code;
17926a79 DH	289	int loop, ret;
17926a79 DH	290
519d2567	291	if (conn->state >= RXRPC_CONN_REMOTELY_ABORTED) {
248f219c	292	_leave(" = -ECONNABORTED [%u]", conn->state);
17926a79	293	return -ECONNABORTED;
519d2567	294	}
17926a79	295
0d12f8a4	296	_enter("{%d},{%u,%%%u},", conn->debug_id, sp->hdr.type, sp->hdr.serial);
519d2567	297
17926a79	298	switch (sp->hdr.type) {
18bfeba5 DH	299	case RXRPC_PACKET_TYPE_DATA:
18bfeba5 DH	300	case RXRPC_PACKET_TYPE_ACK:
3136ef49 DH	301	rxrpc_conn_retransmit_call(conn, skb,
3136ef49 DH	302	sp->hdr.cid & RXRPC_CHANNELMASK);
18bfeba5 DH	303	return 0;
18bfeba5 DH	304
4d4a6ac7 DH	305	case RXRPC_PACKET_TYPE_BUSY:
	306	/* Just ignore BUSY packets for now. */
	307	return 0;
	308
17926a79	309	case RXRPC_PACKET_TYPE_ABORT:
775e5b71	310	if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header),
fb46f6ee DH	311	&wtmp, sizeof(wtmp)) < 0) {
	312	trace_rxrpc_rx_eproto(NULL, sp->hdr.serial,
	313	tracepoint_string("bad_abort"));
17926a79	314	return -EPROTO;
fb46f6ee	315	}
0d12f8a4 DH	316	abort_code = ntohl(wtmp);
0d12f8a4 DH	317	_proto("Rx ABORT %%%u { ac=%d }", sp->hdr.serial, abort_code);
17926a79	318
64753092 DH	319	conn->error = -ECONNABORTED;
64753092 DH	320	conn->abort_code = abort_code;
17926a79	321	conn->state = RXRPC_CONN_REMOTELY_ABORTED;
39ce6755	322	rxrpc_abort_calls(conn, RXRPC_CALL_REMOTELY_ABORTED, sp->hdr.serial);
17926a79 DH	323	return -ECONNABORTED;
	324
	325	case RXRPC_PACKET_TYPE_CHALLENGE:
e0e4d82f DH	326	return conn->security->respond_to_challenge(conn, skb,
e0e4d82f DH	327	_abort_code);
17926a79 DH	328
17926a79 DH	329	case RXRPC_PACKET_TYPE_RESPONSE:
17926a79 DH	330	ret = conn->security->verify_response(conn, skb, _abort_code);
	331	if (ret < 0)
	332	return ret;
	333
	334	ret = conn->security->init_connection_security(conn);
	335	if (ret < 0)
	336	return ret;
	337
a263629d HX	338	ret = conn->security->prime_packet_security(conn);
	339	if (ret < 0)
	340	return ret;
	341
a1399f8b	342	spin_lock(&conn->channel_lock);
17926a79 DH	343	spin_lock(&conn->state_lock);
17926a79 DH	344
bba304db DH	345	if (conn->state == RXRPC_CONN_SERVICE_CHALLENGING) {
bba304db DH	346	conn->state = RXRPC_CONN_SERVICE;
248f219c	347	spin_unlock(&conn->state_lock);
17926a79	348	for (loop = 0; loop < RXRPC_MAXCALLS; loop++)
dee46364 DH	349	rxrpc_call_is_secure(
dee46364 DH	350	rcu_dereference_protected(
a1399f8b DH	351	conn->channels[loop].call,
a1399f8b DH	352	lockdep_is_held(&conn->channel_lock)));
248f219c DH	353	} else {
248f219c DH	354	spin_unlock(&conn->state_lock);
17926a79 DH	355	}
17926a79 DH	356
a1399f8b	357	spin_unlock(&conn->channel_lock);
17926a79 DH	358	return 0;
	359
	360	default:
fb46f6ee DH	361	trace_rxrpc_rx_eproto(NULL, sp->hdr.serial,
fb46f6ee DH	362	tracepoint_string("bad_conn_pkt"));
17926a79 DH	363	return -EPROTO;
	364	}
	365	}
	366
	367	/*
	368	* set up security and issue a challenge
	369	*/
	370	static void rxrpc_secure_connection(struct rxrpc_connection *conn)
	371	{
	372	u32 abort_code;
	373	int ret;
	374
	375	_enter("{%d}", conn->debug_id);
	376
	377	ASSERT(conn->security_ix != 0);
063c60d3	378	ASSERT(conn->server_key);
17926a79	379
17926a79 DH	380	if (conn->security->issue_challenge(conn) < 0) {
	381	abort_code = RX_CALL_DEAD;
	382	ret = -ENOMEM;
	383	goto abort;
	384	}
	385
	386	_leave("");
	387	return;
	388
	389	abort:
	390	_debug("abort %d, %d", ret, abort_code);
3a92789a	391	rxrpc_abort_connection(conn, ret, abort_code);
17926a79 DH	392	_leave(" [aborted]");
	393	}
	394
3136ef49 DH	395	/*
	396	* Process delayed final ACKs that we haven't subsumed into a subsequent call.
	397	*/
	398	static void rxrpc_process_delayed_final_acks(struct rxrpc_connection *conn)
	399	{
	400	unsigned long j = jiffies, next_j;
	401	unsigned int channel;
	402	bool set;
	403
	404	again:
	405	next_j = j + LONG_MAX;
	406	set = false;
	407	for (channel = 0; channel < RXRPC_MAXCALLS; channel++) {
	408	struct rxrpc_channel *chan = &conn->channels[channel];
	409	unsigned long ack_at;
	410
	411	if (!test_bit(RXRPC_CONN_FINAL_ACK_0 + channel, &conn->flags))
	412	continue;
	413
	414	smp_rmb(); /* vs rxrpc_disconnect_client_call */
	415	ack_at = READ_ONCE(chan->final_ack_at);
	416
	417	if (time_before(j, ack_at)) {
	418	if (time_before(ack_at, next_j)) {
	419	next_j = ack_at;
	420	set = true;
	421	}
	422	continue;
	423	}
	424
	425	if (test_and_clear_bit(RXRPC_CONN_FINAL_ACK_0 + channel,
	426	&conn->flags))
	427	rxrpc_conn_retransmit_call(conn, NULL, channel);
	428	}
	429
	430	j = jiffies;
	431	if (time_before_eq(next_j, j))
	432	goto again;
	433	if (set)
	434	rxrpc_reduce_conn_timer(conn, next_j);
	435	}
	436
17926a79 DH	437	/*
	438	* connection-level event processor
	439	*/
04d36d74	440	static void rxrpc_do_process_connection(struct rxrpc_connection *conn)
17926a79	441	{
17926a79 DH	442	struct sk_buff *skb;
	443	u32 abort_code = RX_PROTOCOL_ERROR;
	444	int ret;
	445
2c4579e4	446	if (test_and_clear_bit(RXRPC_CONN_EV_CHALLENGE, &conn->events))
17926a79	447	rxrpc_secure_connection(conn);
17926a79	448
3136ef49 DH	449	/* Process delayed ACKs whose time has come. */
	450	if (conn->flags & RXRPC_CONN_FINAL_ACK_MASK)
	451	rxrpc_process_delayed_final_acks(conn);
	452
17926a79 DH	453	/* go through the conn-level event packets, releasing the ref on this
	454	* connection that each one has when we've finished with it */
	455	while ((skb = skb_dequeue(&conn->rx_queue))) {
987db9f7	456	rxrpc_see_skb(skb, rxrpc_skb_seen);
17926a79 DH	457	ret = rxrpc_process_event(conn, skb, &abort_code);
	458	switch (ret) {
	459	case -EPROTO:
	460	case -EKEYEXPIRED:
	461	case -EKEYREJECTED:
	462	goto protocol_error;
8c2f826d	463	case -ENOMEM:
17926a79 DH	464	case -EAGAIN:
	465	goto requeue_and_leave;
	466	case -ECONNABORTED:
	467	default:
987db9f7	468	rxrpc_free_skb(skb, rxrpc_skb_freed);
17926a79 DH	469	break;
	470	}
	471	}
	472
17926a79 DH	473	return;
	474
	475	requeue_and_leave:
	476	skb_queue_head(&conn->rx_queue, skb);
04d36d74	477	return;
17926a79 DH	478
17926a79 DH	479	protocol_error:
3a92789a	480	if (rxrpc_abort_connection(conn, ret, abort_code) < 0)
17926a79	481	goto requeue_and_leave;
987db9f7	482	rxrpc_free_skb(skb, rxrpc_skb_freed);
04d36d74 DH	483	return;
	484	}
	485
	486	void rxrpc_process_connection(struct work_struct *work)
	487	{
	488	struct rxrpc_connection *conn =
	489	container_of(work, struct rxrpc_connection, processor);
	490
	491	rxrpc_see_connection(conn);
	492
	493	if (__rxrpc_use_local(conn->params.local)) {
	494	rxrpc_do_process_connection(conn);
	495	rxrpc_unuse_local(conn->params.local);
	496	}
	497
	498	rxrpc_put_connection(conn);
	499	_leave("");
	500	return;
17926a79	501	}