rxrpc: Separate the connection's protocol service ID from the lookup ID
[platform/kernel/linux-exynos.git] / net / rxrpc / conn_event.c
1 /* connection-level event handling
2  *
3  * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version
9  * 2 of the License, or (at your option) any later version.
10  */
11
12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13
14 #include <linux/module.h>
15 #include <linux/net.h>
16 #include <linux/skbuff.h>
17 #include <linux/errqueue.h>
18 #include <net/sock.h>
19 #include <net/af_rxrpc.h>
20 #include <net/ip.h>
21 #include "ar-internal.h"
22
23 /*
24  * Retransmit terminal ACK or ABORT of the previous call.
25  */
26 static void rxrpc_conn_retransmit_call(struct rxrpc_connection *conn,
27                                        struct sk_buff *skb)
28 {
29         struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
30         struct rxrpc_channel *chan;
31         struct msghdr msg;
32         struct kvec iov;
33         struct {
34                 struct rxrpc_wire_header whdr;
35                 union {
36                         struct {
37                                 __be32 code;
38                         } abort;
39                         struct {
40                                 struct rxrpc_ackpacket ack;
41                                 u8 padding[3];
42                                 struct rxrpc_ackinfo info;
43                         };
44                 };
45         } __attribute__((packed)) pkt;
46         size_t len;
47         u32 serial, mtu, call_id;
48
49         _enter("%d", conn->debug_id);
50
51         chan = &conn->channels[sp->hdr.cid & RXRPC_CHANNELMASK];
52
53         /* If the last call got moved on whilst we were waiting to run, just
54          * ignore this packet.
55          */
56         call_id = READ_ONCE(chan->last_call);
57         /* Sync with __rxrpc_disconnect_call() */
58         smp_rmb();
59         if (call_id != sp->hdr.callNumber)
60                 return;
61
62         msg.msg_name    = &conn->params.peer->srx.transport;
63         msg.msg_namelen = conn->params.peer->srx.transport_len;
64         msg.msg_control = NULL;
65         msg.msg_controllen = 0;
66         msg.msg_flags   = 0;
67
68         pkt.whdr.epoch          = htonl(sp->hdr.epoch);
69         pkt.whdr.cid            = htonl(sp->hdr.cid);
70         pkt.whdr.callNumber     = htonl(sp->hdr.callNumber);
71         pkt.whdr.seq            = 0;
72         pkt.whdr.type           = chan->last_type;
73         pkt.whdr.flags          = conn->out_clientflag;
74         pkt.whdr.userStatus     = 0;
75         pkt.whdr.securityIndex  = conn->security_ix;
76         pkt.whdr._rsvd          = 0;
77         pkt.whdr.serviceId      = htons(conn->service_id);
78
79         len = sizeof(pkt.whdr);
80         switch (chan->last_type) {
81         case RXRPC_PACKET_TYPE_ABORT:
82                 pkt.abort.code  = htonl(chan->last_abort);
83                 len += sizeof(pkt.abort);
84                 break;
85
86         case RXRPC_PACKET_TYPE_ACK:
87                 mtu = conn->params.peer->if_mtu;
88                 mtu -= conn->params.peer->hdrsize;
89                 pkt.ack.bufferSpace     = 0;
90                 pkt.ack.maxSkew         = htons(skb->priority);
91                 pkt.ack.firstPacket     = htonl(chan->last_seq);
92                 pkt.ack.previousPacket  = htonl(chan->last_seq - 1);
93                 pkt.ack.serial          = htonl(sp->hdr.serial);
94                 pkt.ack.reason          = RXRPC_ACK_DUPLICATE;
95                 pkt.ack.nAcks           = 0;
96                 pkt.info.rxMTU          = htonl(rxrpc_rx_mtu);
97                 pkt.info.maxMTU         = htonl(mtu);
98                 pkt.info.rwind          = htonl(rxrpc_rx_window_size);
99                 pkt.info.jumbo_max      = htonl(rxrpc_rx_jumbo_max);
100                 pkt.whdr.flags          |= RXRPC_SLOW_START_OK;
101                 len += sizeof(pkt.ack) + sizeof(pkt.info);
102                 break;
103         }
104
105         /* Resync with __rxrpc_disconnect_call() and check that the last call
106          * didn't get advanced whilst we were filling out the packets.
107          */
108         smp_rmb();
109         if (READ_ONCE(chan->last_call) != call_id)
110                 return;
111
112         iov.iov_base    = &pkt;
113         iov.iov_len     = len;
114
115         serial = atomic_inc_return(&conn->serial);
116         pkt.whdr.serial = htonl(serial);
117
118         switch (chan->last_type) {
119         case RXRPC_PACKET_TYPE_ABORT:
120                 _proto("Tx ABORT %%%u { %d } [re]", serial, conn->local_abort);
121                 break;
122         case RXRPC_PACKET_TYPE_ACK:
123                 trace_rxrpc_tx_ack(NULL, serial, chan->last_seq, 0,
124                                    RXRPC_ACK_DUPLICATE, 0);
125                 _proto("Tx ACK %%%u [re]", serial);
126                 break;
127         }
128
129         kernel_sendmsg(conn->params.local->socket, &msg, &iov, 1, len);
130         _leave("");
131         return;
132 }
133
134 /*
135  * pass a connection-level abort onto all calls on that connection
136  */
137 static void rxrpc_abort_calls(struct rxrpc_connection *conn,
138                               enum rxrpc_call_completion compl,
139                               u32 abort_code, int error)
140 {
141         struct rxrpc_call *call;
142         int i;
143
144         _enter("{%d},%x", conn->debug_id, abort_code);
145
146         spin_lock(&conn->channel_lock);
147
148         for (i = 0; i < RXRPC_MAXCALLS; i++) {
149                 call = rcu_dereference_protected(
150                         conn->channels[i].call,
151                         lockdep_is_held(&conn->channel_lock));
152                 if (call) {
153                         if (compl == RXRPC_CALL_LOCALLY_ABORTED)
154                                 trace_rxrpc_abort("CON", call->cid,
155                                                   call->call_id, 0,
156                                                   abort_code, error);
157                         if (rxrpc_set_call_completion(call, compl,
158                                                       abort_code, error))
159                                 rxrpc_notify_socket(call);
160                 }
161         }
162
163         spin_unlock(&conn->channel_lock);
164         _leave("");
165 }
166
167 /*
168  * generate a connection-level abort
169  */
170 static int rxrpc_abort_connection(struct rxrpc_connection *conn,
171                                   int error, u32 abort_code)
172 {
173         struct rxrpc_wire_header whdr;
174         struct msghdr msg;
175         struct kvec iov[2];
176         __be32 word;
177         size_t len;
178         u32 serial;
179         int ret;
180
181         _enter("%d,,%u,%u", conn->debug_id, error, abort_code);
182
183         /* generate a connection-level abort */
184         spin_lock_bh(&conn->state_lock);
185         if (conn->state >= RXRPC_CONN_REMOTELY_ABORTED) {
186                 spin_unlock_bh(&conn->state_lock);
187                 _leave(" = 0 [already dead]");
188                 return 0;
189         }
190
191         conn->state = RXRPC_CONN_LOCALLY_ABORTED;
192         spin_unlock_bh(&conn->state_lock);
193
194         rxrpc_abort_calls(conn, RXRPC_CALL_LOCALLY_ABORTED, abort_code, error);
195
196         msg.msg_name    = &conn->params.peer->srx.transport;
197         msg.msg_namelen = conn->params.peer->srx.transport_len;
198         msg.msg_control = NULL;
199         msg.msg_controllen = 0;
200         msg.msg_flags   = 0;
201
202         whdr.epoch      = htonl(conn->proto.epoch);
203         whdr.cid        = htonl(conn->proto.cid);
204         whdr.callNumber = 0;
205         whdr.seq        = 0;
206         whdr.type       = RXRPC_PACKET_TYPE_ABORT;
207         whdr.flags      = conn->out_clientflag;
208         whdr.userStatus = 0;
209         whdr.securityIndex = conn->security_ix;
210         whdr._rsvd      = 0;
211         whdr.serviceId  = htons(conn->service_id);
212
213         word            = htonl(conn->local_abort);
214
215         iov[0].iov_base = &whdr;
216         iov[0].iov_len  = sizeof(whdr);
217         iov[1].iov_base = &word;
218         iov[1].iov_len  = sizeof(word);
219
220         len = iov[0].iov_len + iov[1].iov_len;
221
222         serial = atomic_inc_return(&conn->serial);
223         whdr.serial = htonl(serial);
224         _proto("Tx CONN ABORT %%%u { %d }", serial, conn->local_abort);
225
226         ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, 2, len);
227         if (ret < 0) {
228                 _debug("sendmsg failed: %d", ret);
229                 return -EAGAIN;
230         }
231
232         _leave(" = 0");
233         return 0;
234 }
235
236 /*
237  * mark a call as being on a now-secured channel
238  * - must be called with BH's disabled.
239  */
240 static void rxrpc_call_is_secure(struct rxrpc_call *call)
241 {
242         _enter("%p", call);
243         if (call) {
244                 write_lock_bh(&call->state_lock);
245                 if (call->state == RXRPC_CALL_SERVER_SECURING) {
246                         call->state = RXRPC_CALL_SERVER_ACCEPTING;
247                         rxrpc_notify_socket(call);
248                 }
249                 write_unlock_bh(&call->state_lock);
250         }
251 }
252
253 /*
254  * connection-level Rx packet processor
255  */
256 static int rxrpc_process_event(struct rxrpc_connection *conn,
257                                struct sk_buff *skb,
258                                u32 *_abort_code)
259 {
260         struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
261         __be32 wtmp;
262         u32 abort_code;
263         int loop, ret;
264
265         if (conn->state >= RXRPC_CONN_REMOTELY_ABORTED) {
266                 _leave(" = -ECONNABORTED [%u]", conn->state);
267                 return -ECONNABORTED;
268         }
269
270         _enter("{%d},{%u,%%%u},", conn->debug_id, sp->hdr.type, sp->hdr.serial);
271
272         switch (sp->hdr.type) {
273         case RXRPC_PACKET_TYPE_DATA:
274         case RXRPC_PACKET_TYPE_ACK:
275                 rxrpc_conn_retransmit_call(conn, skb);
276                 return 0;
277
278         case RXRPC_PACKET_TYPE_BUSY:
279                 /* Just ignore BUSY packets for now. */
280                 return 0;
281
282         case RXRPC_PACKET_TYPE_ABORT:
283                 if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header),
284                                   &wtmp, sizeof(wtmp)) < 0) {
285                         trace_rxrpc_rx_eproto(NULL, sp->hdr.serial,
286                                               tracepoint_string("bad_abort"));
287                         return -EPROTO;
288                 }
289                 abort_code = ntohl(wtmp);
290                 _proto("Rx ABORT %%%u { ac=%d }", sp->hdr.serial, abort_code);
291
292                 conn->state = RXRPC_CONN_REMOTELY_ABORTED;
293                 rxrpc_abort_calls(conn, RXRPC_CALL_REMOTELY_ABORTED,
294                                   abort_code, -ECONNABORTED);
295                 return -ECONNABORTED;
296
297         case RXRPC_PACKET_TYPE_CHALLENGE:
298                 return conn->security->respond_to_challenge(conn, skb,
299                                                             _abort_code);
300
301         case RXRPC_PACKET_TYPE_RESPONSE:
302                 ret = conn->security->verify_response(conn, skb, _abort_code);
303                 if (ret < 0)
304                         return ret;
305
306                 ret = conn->security->init_connection_security(conn);
307                 if (ret < 0)
308                         return ret;
309
310                 ret = conn->security->prime_packet_security(conn);
311                 if (ret < 0)
312                         return ret;
313
314                 spin_lock(&conn->channel_lock);
315                 spin_lock(&conn->state_lock);
316
317                 if (conn->state == RXRPC_CONN_SERVICE_CHALLENGING) {
318                         conn->state = RXRPC_CONN_SERVICE;
319                         spin_unlock(&conn->state_lock);
320                         for (loop = 0; loop < RXRPC_MAXCALLS; loop++)
321                                 rxrpc_call_is_secure(
322                                         rcu_dereference_protected(
323                                                 conn->channels[loop].call,
324                                                 lockdep_is_held(&conn->channel_lock)));
325                 } else {
326                         spin_unlock(&conn->state_lock);
327                 }
328
329                 spin_unlock(&conn->channel_lock);
330                 return 0;
331
332         default:
333                 trace_rxrpc_rx_eproto(NULL, sp->hdr.serial,
334                                       tracepoint_string("bad_conn_pkt"));
335                 return -EPROTO;
336         }
337 }
338
339 /*
340  * set up security and issue a challenge
341  */
342 static void rxrpc_secure_connection(struct rxrpc_connection *conn)
343 {
344         u32 abort_code;
345         int ret;
346
347         _enter("{%d}", conn->debug_id);
348
349         ASSERT(conn->security_ix != 0);
350
351         if (!conn->params.key) {
352                 _debug("set up security");
353                 ret = rxrpc_init_server_conn_security(conn);
354                 switch (ret) {
355                 case 0:
356                         break;
357                 case -ENOENT:
358                         abort_code = RX_CALL_DEAD;
359                         goto abort;
360                 default:
361                         abort_code = RXKADNOAUTH;
362                         goto abort;
363                 }
364         }
365
366         if (conn->security->issue_challenge(conn) < 0) {
367                 abort_code = RX_CALL_DEAD;
368                 ret = -ENOMEM;
369                 goto abort;
370         }
371
372         _leave("");
373         return;
374
375 abort:
376         _debug("abort %d, %d", ret, abort_code);
377         rxrpc_abort_connection(conn, ret, abort_code);
378         _leave(" [aborted]");
379 }
380
381 /*
382  * connection-level event processor
383  */
384 void rxrpc_process_connection(struct work_struct *work)
385 {
386         struct rxrpc_connection *conn =
387                 container_of(work, struct rxrpc_connection, processor);
388         struct sk_buff *skb;
389         u32 abort_code = RX_PROTOCOL_ERROR;
390         int ret;
391
392         rxrpc_see_connection(conn);
393
394         if (test_and_clear_bit(RXRPC_CONN_EV_CHALLENGE, &conn->events))
395                 rxrpc_secure_connection(conn);
396
397         /* go through the conn-level event packets, releasing the ref on this
398          * connection that each one has when we've finished with it */
399         while ((skb = skb_dequeue(&conn->rx_queue))) {
400                 rxrpc_see_skb(skb, rxrpc_skb_rx_seen);
401                 ret = rxrpc_process_event(conn, skb, &abort_code);
402                 switch (ret) {
403                 case -EPROTO:
404                 case -EKEYEXPIRED:
405                 case -EKEYREJECTED:
406                         goto protocol_error;
407                 case -EAGAIN:
408                         goto requeue_and_leave;
409                 case -ECONNABORTED:
410                 default:
411                         rxrpc_free_skb(skb, rxrpc_skb_rx_freed);
412                         break;
413                 }
414         }
415
416 out:
417         rxrpc_put_connection(conn);
418         _leave("");
419         return;
420
421 requeue_and_leave:
422         skb_queue_head(&conn->rx_queue, skb);
423         goto out;
424
425 protocol_error:
426         if (rxrpc_abort_connection(conn, ret, abort_code) < 0)
427                 goto requeue_and_leave;
428         rxrpc_free_skb(skb, rxrpc_skb_rx_freed);
429         goto out;
430 }