net/rxrpc/conn_object.c

   1 /* RxRPC virtual connection handler, common bits.
   2  *
   3  * Copyright (C) 2007, 2016 Red Hat, Inc. All Rights Reserved.
   4  * Written by David Howells (dhowells@redhat.com)
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU General Public License
   8  * as published by the Free Software Foundation; either version
   9  * 2 of the License, or (at your option) any later version.
  10  */
  11
  12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  13
  14 #include <linux/module.h>
  15 #include <linux/slab.h>
  16 #include <linux/net.h>
  17 #include <linux/skbuff.h>
  18 #include "ar-internal.h"
  19
  20 /*
  21  * Time till a connection expires after last use (in seconds).
  22  */
  23 unsigned int rxrpc_connection_expiry = 10 * 60;
  24
  25 static void rxrpc_destroy_connection(struct rcu_head *);
  26
  27 /*
  28  * allocate a new connection
  29  */
  30 struct rxrpc_connection *rxrpc_alloc_connection(gfp_t gfp)
  31 {
  32         struct rxrpc_connection *conn;
  33
  34         _enter("");
  35
  36         conn = kzalloc(sizeof(struct rxrpc_connection), gfp);
  37         if (conn) {
  38                 INIT_LIST_HEAD(&conn->cache_link);
  39                 spin_lock_init(&conn->channel_lock);
  40                 INIT_LIST_HEAD(&conn->waiting_calls);
  41                 INIT_WORK(&conn->processor, &rxrpc_process_connection);
  42                 INIT_LIST_HEAD(&conn->proc_link);
  43                 INIT_LIST_HEAD(&conn->link);
  44                 skb_queue_head_init(&conn->rx_queue);
  45                 conn->security = &rxrpc_no_security;
  46                 spin_lock_init(&conn->state_lock);
  47                 conn->debug_id = atomic_inc_return(&rxrpc_debug_id);
  48                 conn->size_align = 4;
  49                 conn->idle_timestamp = jiffies;
  50         }
  51
  52         _leave(" = %p{%d}", conn, conn ? conn->debug_id : 0);
  53         return conn;
  54 }
  55
  56 /*
  57  * Look up a connection in the cache by protocol parameters.
  58  *
  59  * If successful, a pointer to the connection is returned, but no ref is taken.
  60  * NULL is returned if there is no match.
  61  *
  62  * The caller must be holding the RCU read lock.
  63  */
  64 struct rxrpc_connection *rxrpc_find_connection_rcu(struct rxrpc_local *local,
  65                                                    struct sk_buff *skb)
  66 {
  67         struct rxrpc_connection *conn;
  68         struct rxrpc_conn_proto k;
  69         struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
  70         struct sockaddr_rxrpc srx;
  71         struct rxrpc_peer *peer;
  72
  73         _enter(",%x", sp->hdr.cid & RXRPC_CIDMASK);
  74
  75         if (rxrpc_extract_addr_from_skb(&srx, skb) < 0)
  76                 goto not_found;
  77
  78         k.epoch = sp->hdr.epoch;
  79         k.cid   = sp->hdr.cid & RXRPC_CIDMASK;
  80
  81         /* We may have to handle mixing IPv4 and IPv6 */
  82         if (srx.transport.family != local->srx.transport.family) {
  83                 pr_warn_ratelimited("AF_RXRPC: Protocol mismatch %u not %u\n",
  84                                     srx.transport.family,
  85                                     local->srx.transport.family);
  86                 goto not_found;
  87         }
  88
  89         k.epoch = sp->hdr.epoch;
  90         k.cid   = sp->hdr.cid & RXRPC_CIDMASK;
  91
  92         if (sp->hdr.flags & RXRPC_CLIENT_INITIATED) {
  93                 /* We need to look up service connections by the full protocol
  94                  * parameter set.  We look up the peer first as an intermediate
  95                  * step and then the connection from the peer's tree.
  96                  */
  97                 peer = rxrpc_lookup_peer_rcu(local, &srx);
  98                 if (!peer)
  99                         goto not_found;
 100                 conn = rxrpc_find_service_conn_rcu(peer, skb);
 101                 if (!conn || atomic_read(&conn->usage) == 0)
 102                         goto not_found;
 103                 _leave(" = %p", conn);
 104                 return conn;
 105         } else {
 106                 /* Look up client connections by connection ID alone as their
 107                  * IDs are unique for this machine.
 108                  */
 109                 conn = idr_find(&rxrpc_client_conn_ids,
 110                                 sp->hdr.cid >> RXRPC_CIDSHIFT);
 111                 if (!conn || atomic_read(&conn->usage) == 0) {
 112                         _debug("no conn");
 113                         goto not_found;
 114                 }
 115
 116                 if (conn->proto.epoch != k.epoch ||
 117                     conn->params.local != local)
 118                         goto not_found;
 119
 120                 peer = conn->params.peer;
 121                 switch (srx.transport.family) {
 122                 case AF_INET:
 123                         if (peer->srx.transport.sin.sin_port !=
 124                             srx.transport.sin.sin_port ||
 125                             peer->srx.transport.sin.sin_addr.s_addr !=
 126                             srx.transport.sin.sin_addr.s_addr)
 127                                 goto not_found;
 128                         break;
 129 #ifdef CONFIG_AF_RXRPC_IPV6
 130                 case AF_INET6:
 131                         if (peer->srx.transport.sin6.sin6_port !=
 132                             srx.transport.sin6.sin6_port ||
 133                             memcmp(&peer->srx.transport.sin6.sin6_addr,
 134                                    &srx.transport.sin6.sin6_addr,
 135                                    sizeof(struct in6_addr)) != 0)
 136                                 goto not_found;
 137                         break;
 138 #endif
 139                 default:
 140                         BUG();
 141                 }
 142
 143                 _leave(" = %p", conn);
 144                 return conn;
 145         }
 146
 147 not_found:
 148         _leave(" = NULL");
 149         return NULL;
 150 }
 151
 152 /*
 153  * Disconnect a call and clear any channel it occupies when that call
 154  * terminates.  The caller must hold the channel_lock and must release the
 155  * call's ref on the connection.
 156  */
 157 void __rxrpc_disconnect_call(struct rxrpc_connection *conn,
 158                              struct rxrpc_call *call)
 159 {
 160         struct rxrpc_channel *chan =
 161                 &conn->channels[call->cid & RXRPC_CHANNELMASK];
 162
 163         _enter("%d,%x", conn->debug_id, call->cid);
 164
 165         if (rcu_access_pointer(chan->call) == call) {
 166                 /* Save the result of the call so that we can repeat it if necessary
 167                  * through the channel, whilst disposing of the actual call record.
 168                  */
 169                 trace_rxrpc_disconnect_call(call);
 170                 if (call->abort_code) {
 171                         chan->last_abort = call->abort_code;
 172                         chan->last_type = RXRPC_PACKET_TYPE_ABORT;
 173                 } else {
 174                         chan->last_seq = call->rx_hard_ack;
 175                         chan->last_type = RXRPC_PACKET_TYPE_ACK;
 176                 }
 177                 /* Sync with rxrpc_conn_retransmit(). */
 178                 smp_wmb();
 179                 chan->last_call = chan->call_id;
 180                 chan->call_id = chan->call_counter;
 181
 182                 rcu_assign_pointer(chan->call, NULL);
 183         }
 184
 185         _leave("");
 186 }
 187
 188 /*
 189  * Disconnect a call and clear any channel it occupies when that call
 190  * terminates.
 191  */
 192 void rxrpc_disconnect_call(struct rxrpc_call *call)
 193 {
 194         struct rxrpc_connection *conn = call->conn;
 195
 196         spin_lock_bh(&conn->params.peer->lock);
 197         hlist_del_init(&call->error_link);
 198         spin_unlock_bh(&conn->params.peer->lock);
 199
 200         if (rxrpc_is_client_call(call))
 201                 return rxrpc_disconnect_client_call(call);
 202
 203         spin_lock(&conn->channel_lock);
 204         __rxrpc_disconnect_call(conn, call);
 205         spin_unlock(&conn->channel_lock);
 206
 207         call->conn = NULL;
 208         conn->idle_timestamp = jiffies;
 209         rxrpc_put_connection(conn);
 210 }
 211
 212 /*
 213  * Kill off a connection.
 214  */
 215 void rxrpc_kill_connection(struct rxrpc_connection *conn)
 216 {
 217         struct rxrpc_net *rxnet = conn->params.local->rxnet;
 218
 219         ASSERT(!rcu_access_pointer(conn->channels[0].call) &&
 220                !rcu_access_pointer(conn->channels[1].call) &&
 221                !rcu_access_pointer(conn->channels[2].call) &&
 222                !rcu_access_pointer(conn->channels[3].call));
 223         ASSERT(list_empty(&conn->cache_link));
 224
 225         write_lock(&rxnet->conn_lock);
 226         list_del_init(&conn->proc_link);
 227         write_unlock(&rxnet->conn_lock);
 228
 229         /* Drain the Rx queue.  Note that even though we've unpublished, an
 230          * incoming packet could still be being added to our Rx queue, so we
 231          * will need to drain it again in the RCU cleanup handler.
 232          */
 233         rxrpc_purge_queue(&conn->rx_queue);
 234
 235         /* Leave final destruction to RCU.  The connection processor work item
 236          * must carry a ref on the connection to prevent us getting here whilst
 237          * it is queued or running.
 238          */
 239         call_rcu(&conn->rcu, rxrpc_destroy_connection);
 240 }
 241
 242 /*
 243  * Queue a connection's work processor, getting a ref to pass to the work
 244  * queue.
 245  */
 246 bool rxrpc_queue_conn(struct rxrpc_connection *conn)
 247 {
 248         const void *here = __builtin_return_address(0);
 249         int n = __atomic_add_unless(&conn->usage, 1, 0);
 250         if (n == 0)
 251                 return false;
 252         if (rxrpc_queue_work(&conn->processor))
 253                 trace_rxrpc_conn(conn, rxrpc_conn_queued, n + 1, here);
 254         else
 255                 rxrpc_put_connection(conn);
 256         return true;
 257 }
 258
 259 /*
 260  * Note the re-emergence of a connection.
 261  */
 262 void rxrpc_see_connection(struct rxrpc_connection *conn)
 263 {
 264         const void *here = __builtin_return_address(0);
 265         if (conn) {
 266                 int n = atomic_read(&conn->usage);
 267
 268                 trace_rxrpc_conn(conn, rxrpc_conn_seen, n, here);
 269         }
 270 }
 271
 272 /*
 273  * Get a ref on a connection.
 274  */
 275 void rxrpc_get_connection(struct rxrpc_connection *conn)
 276 {
 277         const void *here = __builtin_return_address(0);
 278         int n = atomic_inc_return(&conn->usage);
 279
 280         trace_rxrpc_conn(conn, rxrpc_conn_got, n, here);
 281 }
 282
 283 /*
 284  * Try to get a ref on a connection.
 285  */
 286 struct rxrpc_connection *
 287 rxrpc_get_connection_maybe(struct rxrpc_connection *conn)
 288 {
 289         const void *here = __builtin_return_address(0);
 290
 291         if (conn) {
 292                 int n = __atomic_add_unless(&conn->usage, 1, 0);
 293                 if (n > 0)
 294                         trace_rxrpc_conn(conn, rxrpc_conn_got, n + 1, here);
 295                 else
 296                         conn = NULL;
 297         }
 298         return conn;
 299 }
 300
 301 /*
 302  * Release a service connection
 303  */
 304 void rxrpc_put_service_conn(struct rxrpc_connection *conn)
 305 {
 306         struct rxrpc_net *rxnet;
 307         const void *here = __builtin_return_address(0);
 308         int n;
 309
 310         n = atomic_dec_return(&conn->usage);
 311         trace_rxrpc_conn(conn, rxrpc_conn_put_service, n, here);
 312         ASSERTCMP(n, >=, 0);
 313         if (n == 0) {
 314                 rxnet = conn->params.local->rxnet;
 315                 rxrpc_queue_delayed_work(&rxnet->service_conn_reaper, 0);
 316         }
 317 }
 318
 319 /*
 320  * destroy a virtual connection
 321  */
 322 static void rxrpc_destroy_connection(struct rcu_head *rcu)
 323 {
 324         struct rxrpc_connection *conn =
 325                 container_of(rcu, struct rxrpc_connection, rcu);
 326
 327         _enter("{%d,u=%d}", conn->debug_id, atomic_read(&conn->usage));
 328
 329         ASSERTCMP(atomic_read(&conn->usage), ==, 0);
 330
 331         _net("DESTROY CONN %d", conn->debug_id);
 332
 333         rxrpc_purge_queue(&conn->rx_queue);
 334
 335         conn->security->clear(conn);
 336         key_put(conn->params.key);
 337         key_put(conn->server_key);
 338         rxrpc_put_peer(conn->params.peer);
 339         rxrpc_put_local(conn->params.local);
 340
 341         kfree(conn);
 342         _leave("");
 343 }
 344
 345 /*
 346  * reap dead service connections
 347  */
 348 void rxrpc_service_connection_reaper(struct work_struct *work)
 349 {
 350         struct rxrpc_connection *conn, *_p;
 351         struct rxrpc_net *rxnet =
 352                 container_of(to_delayed_work(work),
 353                              struct rxrpc_net, service_conn_reaper);
 354         unsigned long reap_older_than, earliest, idle_timestamp, now;
 355
 356         LIST_HEAD(graveyard);
 357
 358         _enter("");
 359
 360         now = jiffies;
 361         reap_older_than = now - rxrpc_connection_expiry * HZ;
 362         earliest = ULONG_MAX;
 363
 364         write_lock(&rxnet->conn_lock);
 365         list_for_each_entry_safe(conn, _p, &rxnet->service_conns, link) {
 366                 ASSERTCMP(atomic_read(&conn->usage), >, 0);
 367                 if (likely(atomic_read(&conn->usage) > 1))
 368                         continue;
 369                 if (conn->state == RXRPC_CONN_SERVICE_PREALLOC)
 370                         continue;
 371
 372                 idle_timestamp = READ_ONCE(conn->idle_timestamp);
 373                 _debug("reap CONN %d { u=%d,t=%ld }",
 374                        conn->debug_id, atomic_read(&conn->usage),
 375                        (long)reap_older_than - (long)idle_timestamp);
 376
 377                 if (time_after(idle_timestamp, reap_older_than)) {
 378                         if (time_before(idle_timestamp, earliest))
 379                                 earliest = idle_timestamp;
 380                         continue;
 381                 }
 382
 383                 /* The usage count sits at 1 whilst the object is unused on the
 384                  * list; we reduce that to 0 to make the object unavailable.
 385                  */
 386                 if (atomic_cmpxchg(&conn->usage, 1, 0) != 1)
 387                         continue;
 388
 389                 if (rxrpc_conn_is_client(conn))
 390                         BUG();
 391                 else
 392                         rxrpc_unpublish_service_conn(conn);
 393
 394                 list_move_tail(&conn->link, &graveyard);
 395         }
 396         write_unlock(&rxnet->conn_lock);
 397
 398         if (earliest != ULONG_MAX) {
 399                 _debug("reschedule reaper %ld", (long) earliest - now);
 400                 ASSERT(time_after(earliest, now));
 401                 rxrpc_queue_delayed_work(&rxnet->client_conn_reaper,
 402                                          earliest - now);
 403         }
 404
 405         while (!list_empty(&graveyard)) {
 406                 conn = list_entry(graveyard.next, struct rxrpc_connection,
 407                                   link);
 408                 list_del_init(&conn->link);
 409
 410                 ASSERTCMP(atomic_read(&conn->usage), ==, 0);
 411                 rxrpc_kill_connection(conn);
 412         }
 413
 414         _leave("");
 415 }
 416
 417 /*
 418  * preemptively destroy all the service connection records rather than
 419  * waiting for them to time out
 420  */
 421 void rxrpc_destroy_all_connections(struct rxrpc_net *rxnet)
 422 {
 423         struct rxrpc_connection *conn, *_p;
 424         bool leak = false;
 425
 426         _enter("");
 427
 428         rxrpc_destroy_all_client_connections(rxnet);
 429
 430         rxrpc_connection_expiry = 0;
 431         cancel_delayed_work(&rxnet->client_conn_reaper);
 432         rxrpc_queue_delayed_work(&rxnet->client_conn_reaper, 0);
 433         flush_workqueue(rxrpc_workqueue);
 434
 435         write_lock(&rxnet->conn_lock);
 436         list_for_each_entry_safe(conn, _p, &rxnet->service_conns, link) {
 437                 pr_err("AF_RXRPC: Leaked conn %p {%d}\n",
 438                        conn, atomic_read(&conn->usage));
 439                 leak = true;
 440         }
 441         write_unlock(&rxnet->conn_lock);
 442         BUG_ON(leak);
 443
 444         ASSERT(list_empty(&rxnet->conn_proc_list));
 445
 446         _leave("");
 447 }