conn_event.c (12728B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* connection-level event handling 3 * 4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 9 10#include <linux/module.h> 11#include <linux/net.h> 12#include <linux/skbuff.h> 13#include <linux/errqueue.h> 14#include <net/sock.h> 15#include <net/af_rxrpc.h> 16#include <net/ip.h> 17#include "ar-internal.h" 18 19/* 20 * Retransmit terminal ACK or ABORT of the previous call. 21 */ 22static void rxrpc_conn_retransmit_call(struct rxrpc_connection *conn, 23 struct sk_buff *skb, 24 unsigned int channel) 25{ 26 struct rxrpc_skb_priv *sp = skb ? rxrpc_skb(skb) : NULL; 27 struct rxrpc_channel *chan; 28 struct msghdr msg; 29 struct kvec iov[3]; 30 struct { 31 struct rxrpc_wire_header whdr; 32 union { 33 __be32 abort_code; 34 struct rxrpc_ackpacket ack; 35 }; 36 } __attribute__((packed)) pkt; 37 struct rxrpc_ackinfo ack_info; 38 size_t len; 39 int ret, ioc; 40 u32 serial, mtu, call_id, padding; 41 42 _enter("%d", conn->debug_id); 43 44 chan = &conn->channels[channel]; 45 46 /* If the last call got moved on whilst we were waiting to run, just 47 * ignore this packet. 48 */ 49 call_id = READ_ONCE(chan->last_call); 50 /* Sync with __rxrpc_disconnect_call() */ 51 smp_rmb(); 52 if (skb && call_id != sp->hdr.callNumber) 53 return; 54 55 msg.msg_name = &conn->params.peer->srx.transport; 56 msg.msg_namelen = conn->params.peer->srx.transport_len; 57 msg.msg_control = NULL; 58 msg.msg_controllen = 0; 59 msg.msg_flags = 0; 60 61 iov[0].iov_base = &pkt; 62 iov[0].iov_len = sizeof(pkt.whdr); 63 iov[1].iov_base = &padding; 64 iov[1].iov_len = 3; 65 iov[2].iov_base = &ack_info; 66 iov[2].iov_len = sizeof(ack_info); 67 68 pkt.whdr.epoch = htonl(conn->proto.epoch); 69 pkt.whdr.cid = htonl(conn->proto.cid | channel); 70 pkt.whdr.callNumber = htonl(call_id); 71 pkt.whdr.seq = 0; 72 pkt.whdr.type = chan->last_type; 73 pkt.whdr.flags = conn->out_clientflag; 74 pkt.whdr.userStatus = 0; 75 pkt.whdr.securityIndex = conn->security_ix; 76 pkt.whdr._rsvd = 0; 77 pkt.whdr.serviceId = htons(conn->service_id); 78 79 len = sizeof(pkt.whdr); 80 switch (chan->last_type) { 81 case RXRPC_PACKET_TYPE_ABORT: 82 pkt.abort_code = htonl(chan->last_abort); 83 iov[0].iov_len += sizeof(pkt.abort_code); 84 len += sizeof(pkt.abort_code); 85 ioc = 1; 86 break; 87 88 case RXRPC_PACKET_TYPE_ACK: 89 mtu = conn->params.peer->if_mtu; 90 mtu -= conn->params.peer->hdrsize; 91 pkt.ack.bufferSpace = 0; 92 pkt.ack.maxSkew = htons(skb ? skb->priority : 0); 93 pkt.ack.firstPacket = htonl(chan->last_seq + 1); 94 pkt.ack.previousPacket = htonl(chan->last_seq); 95 pkt.ack.serial = htonl(skb ? sp->hdr.serial : 0); 96 pkt.ack.reason = skb ? RXRPC_ACK_DUPLICATE : RXRPC_ACK_IDLE; 97 pkt.ack.nAcks = 0; 98 ack_info.rxMTU = htonl(rxrpc_rx_mtu); 99 ack_info.maxMTU = htonl(mtu); 100 ack_info.rwind = htonl(rxrpc_rx_window_size); 101 ack_info.jumbo_max = htonl(rxrpc_rx_jumbo_max); 102 pkt.whdr.flags |= RXRPC_SLOW_START_OK; 103 padding = 0; 104 iov[0].iov_len += sizeof(pkt.ack); 105 len += sizeof(pkt.ack) + 3 + sizeof(ack_info); 106 ioc = 3; 107 break; 108 109 default: 110 return; 111 } 112 113 /* Resync with __rxrpc_disconnect_call() and check that the last call 114 * didn't get advanced whilst we were filling out the packets. 115 */ 116 smp_rmb(); 117 if (READ_ONCE(chan->last_call) != call_id) 118 return; 119 120 serial = atomic_inc_return(&conn->serial); 121 pkt.whdr.serial = htonl(serial); 122 123 switch (chan->last_type) { 124 case RXRPC_PACKET_TYPE_ABORT: 125 _proto("Tx ABORT %%%u { %d } [re]", serial, conn->abort_code); 126 break; 127 case RXRPC_PACKET_TYPE_ACK: 128 trace_rxrpc_tx_ack(chan->call_debug_id, serial, 129 ntohl(pkt.ack.firstPacket), 130 ntohl(pkt.ack.serial), 131 pkt.ack.reason, 0); 132 _proto("Tx ACK %%%u [re]", serial); 133 break; 134 } 135 136 ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, ioc, len); 137 conn->params.peer->last_tx_at = ktime_get_seconds(); 138 if (ret < 0) 139 trace_rxrpc_tx_fail(chan->call_debug_id, serial, ret, 140 rxrpc_tx_point_call_final_resend); 141 else 142 trace_rxrpc_tx_packet(chan->call_debug_id, &pkt.whdr, 143 rxrpc_tx_point_call_final_resend); 144 145 _leave(""); 146} 147 148/* 149 * pass a connection-level abort onto all calls on that connection 150 */ 151static void rxrpc_abort_calls(struct rxrpc_connection *conn, 152 enum rxrpc_call_completion compl, 153 rxrpc_serial_t serial) 154{ 155 struct rxrpc_call *call; 156 int i; 157 158 _enter("{%d},%x", conn->debug_id, conn->abort_code); 159 160 spin_lock(&conn->bundle->channel_lock); 161 162 for (i = 0; i < RXRPC_MAXCALLS; i++) { 163 call = rcu_dereference_protected( 164 conn->channels[i].call, 165 lockdep_is_held(&conn->bundle->channel_lock)); 166 if (call) { 167 if (compl == RXRPC_CALL_LOCALLY_ABORTED) 168 trace_rxrpc_abort(call->debug_id, 169 "CON", call->cid, 170 call->call_id, 0, 171 conn->abort_code, 172 conn->error); 173 else 174 trace_rxrpc_rx_abort(call, serial, 175 conn->abort_code); 176 rxrpc_set_call_completion(call, compl, 177 conn->abort_code, 178 conn->error); 179 } 180 } 181 182 spin_unlock(&conn->bundle->channel_lock); 183 _leave(""); 184} 185 186/* 187 * generate a connection-level abort 188 */ 189static int rxrpc_abort_connection(struct rxrpc_connection *conn, 190 int error, u32 abort_code) 191{ 192 struct rxrpc_wire_header whdr; 193 struct msghdr msg; 194 struct kvec iov[2]; 195 __be32 word; 196 size_t len; 197 u32 serial; 198 int ret; 199 200 _enter("%d,,%u,%u", conn->debug_id, error, abort_code); 201 202 /* generate a connection-level abort */ 203 spin_lock_bh(&conn->state_lock); 204 if (conn->state >= RXRPC_CONN_REMOTELY_ABORTED) { 205 spin_unlock_bh(&conn->state_lock); 206 _leave(" = 0 [already dead]"); 207 return 0; 208 } 209 210 conn->error = error; 211 conn->abort_code = abort_code; 212 conn->state = RXRPC_CONN_LOCALLY_ABORTED; 213 set_bit(RXRPC_CONN_DONT_REUSE, &conn->flags); 214 spin_unlock_bh(&conn->state_lock); 215 216 msg.msg_name = &conn->params.peer->srx.transport; 217 msg.msg_namelen = conn->params.peer->srx.transport_len; 218 msg.msg_control = NULL; 219 msg.msg_controllen = 0; 220 msg.msg_flags = 0; 221 222 whdr.epoch = htonl(conn->proto.epoch); 223 whdr.cid = htonl(conn->proto.cid); 224 whdr.callNumber = 0; 225 whdr.seq = 0; 226 whdr.type = RXRPC_PACKET_TYPE_ABORT; 227 whdr.flags = conn->out_clientflag; 228 whdr.userStatus = 0; 229 whdr.securityIndex = conn->security_ix; 230 whdr._rsvd = 0; 231 whdr.serviceId = htons(conn->service_id); 232 233 word = htonl(conn->abort_code); 234 235 iov[0].iov_base = &whdr; 236 iov[0].iov_len = sizeof(whdr); 237 iov[1].iov_base = &word; 238 iov[1].iov_len = sizeof(word); 239 240 len = iov[0].iov_len + iov[1].iov_len; 241 242 serial = atomic_inc_return(&conn->serial); 243 rxrpc_abort_calls(conn, RXRPC_CALL_LOCALLY_ABORTED, serial); 244 whdr.serial = htonl(serial); 245 _proto("Tx CONN ABORT %%%u { %d }", serial, conn->abort_code); 246 247 ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, 2, len); 248 if (ret < 0) { 249 trace_rxrpc_tx_fail(conn->debug_id, serial, ret, 250 rxrpc_tx_point_conn_abort); 251 _debug("sendmsg failed: %d", ret); 252 return -EAGAIN; 253 } 254 255 trace_rxrpc_tx_packet(conn->debug_id, &whdr, rxrpc_tx_point_conn_abort); 256 257 conn->params.peer->last_tx_at = ktime_get_seconds(); 258 259 _leave(" = 0"); 260 return 0; 261} 262 263/* 264 * mark a call as being on a now-secured channel 265 * - must be called with BH's disabled. 266 */ 267static void rxrpc_call_is_secure(struct rxrpc_call *call) 268{ 269 _enter("%p", call); 270 if (call) { 271 write_lock_bh(&call->state_lock); 272 if (call->state == RXRPC_CALL_SERVER_SECURING) { 273 call->state = RXRPC_CALL_SERVER_RECV_REQUEST; 274 rxrpc_notify_socket(call); 275 } 276 write_unlock_bh(&call->state_lock); 277 } 278} 279 280/* 281 * connection-level Rx packet processor 282 */ 283static int rxrpc_process_event(struct rxrpc_connection *conn, 284 struct sk_buff *skb, 285 u32 *_abort_code) 286{ 287 struct rxrpc_skb_priv *sp = rxrpc_skb(skb); 288 __be32 wtmp; 289 u32 abort_code; 290 int loop, ret; 291 292 if (conn->state >= RXRPC_CONN_REMOTELY_ABORTED) { 293 _leave(" = -ECONNABORTED [%u]", conn->state); 294 return -ECONNABORTED; 295 } 296 297 _enter("{%d},{%u,%%%u},", conn->debug_id, sp->hdr.type, sp->hdr.serial); 298 299 switch (sp->hdr.type) { 300 case RXRPC_PACKET_TYPE_DATA: 301 case RXRPC_PACKET_TYPE_ACK: 302 rxrpc_conn_retransmit_call(conn, skb, 303 sp->hdr.cid & RXRPC_CHANNELMASK); 304 return 0; 305 306 case RXRPC_PACKET_TYPE_BUSY: 307 /* Just ignore BUSY packets for now. */ 308 return 0; 309 310 case RXRPC_PACKET_TYPE_ABORT: 311 if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header), 312 &wtmp, sizeof(wtmp)) < 0) { 313 trace_rxrpc_rx_eproto(NULL, sp->hdr.serial, 314 tracepoint_string("bad_abort")); 315 return -EPROTO; 316 } 317 abort_code = ntohl(wtmp); 318 _proto("Rx ABORT %%%u { ac=%d }", sp->hdr.serial, abort_code); 319 320 conn->error = -ECONNABORTED; 321 conn->abort_code = abort_code; 322 conn->state = RXRPC_CONN_REMOTELY_ABORTED; 323 set_bit(RXRPC_CONN_DONT_REUSE, &conn->flags); 324 rxrpc_abort_calls(conn, RXRPC_CALL_REMOTELY_ABORTED, sp->hdr.serial); 325 return -ECONNABORTED; 326 327 case RXRPC_PACKET_TYPE_CHALLENGE: 328 return conn->security->respond_to_challenge(conn, skb, 329 _abort_code); 330 331 case RXRPC_PACKET_TYPE_RESPONSE: 332 ret = conn->security->verify_response(conn, skb, _abort_code); 333 if (ret < 0) 334 return ret; 335 336 ret = conn->security->init_connection_security( 337 conn, conn->params.key->payload.data[0]); 338 if (ret < 0) 339 return ret; 340 341 spin_lock(&conn->bundle->channel_lock); 342 spin_lock_bh(&conn->state_lock); 343 344 if (conn->state == RXRPC_CONN_SERVICE_CHALLENGING) { 345 conn->state = RXRPC_CONN_SERVICE; 346 spin_unlock_bh(&conn->state_lock); 347 for (loop = 0; loop < RXRPC_MAXCALLS; loop++) 348 rxrpc_call_is_secure( 349 rcu_dereference_protected( 350 conn->channels[loop].call, 351 lockdep_is_held(&conn->bundle->channel_lock))); 352 } else { 353 spin_unlock_bh(&conn->state_lock); 354 } 355 356 spin_unlock(&conn->bundle->channel_lock); 357 return 0; 358 359 default: 360 trace_rxrpc_rx_eproto(NULL, sp->hdr.serial, 361 tracepoint_string("bad_conn_pkt")); 362 return -EPROTO; 363 } 364} 365 366/* 367 * set up security and issue a challenge 368 */ 369static void rxrpc_secure_connection(struct rxrpc_connection *conn) 370{ 371 u32 abort_code; 372 int ret; 373 374 _enter("{%d}", conn->debug_id); 375 376 ASSERT(conn->security_ix != 0); 377 378 if (conn->security->issue_challenge(conn) < 0) { 379 abort_code = RX_CALL_DEAD; 380 ret = -ENOMEM; 381 goto abort; 382 } 383 384 _leave(""); 385 return; 386 387abort: 388 _debug("abort %d, %d", ret, abort_code); 389 rxrpc_abort_connection(conn, ret, abort_code); 390 _leave(" [aborted]"); 391} 392 393/* 394 * Process delayed final ACKs that we haven't subsumed into a subsequent call. 395 */ 396void rxrpc_process_delayed_final_acks(struct rxrpc_connection *conn, bool force) 397{ 398 unsigned long j = jiffies, next_j; 399 unsigned int channel; 400 bool set; 401 402again: 403 next_j = j + LONG_MAX; 404 set = false; 405 for (channel = 0; channel < RXRPC_MAXCALLS; channel++) { 406 struct rxrpc_channel *chan = &conn->channels[channel]; 407 unsigned long ack_at; 408 409 if (!test_bit(RXRPC_CONN_FINAL_ACK_0 + channel, &conn->flags)) 410 continue; 411 412 smp_rmb(); /* vs rxrpc_disconnect_client_call */ 413 ack_at = READ_ONCE(chan->final_ack_at); 414 415 if (time_before(j, ack_at) && !force) { 416 if (time_before(ack_at, next_j)) { 417 next_j = ack_at; 418 set = true; 419 } 420 continue; 421 } 422 423 if (test_and_clear_bit(RXRPC_CONN_FINAL_ACK_0 + channel, 424 &conn->flags)) 425 rxrpc_conn_retransmit_call(conn, NULL, channel); 426 } 427 428 j = jiffies; 429 if (time_before_eq(next_j, j)) 430 goto again; 431 if (set) 432 rxrpc_reduce_conn_timer(conn, next_j); 433} 434 435/* 436 * connection-level event processor 437 */ 438static void rxrpc_do_process_connection(struct rxrpc_connection *conn) 439{ 440 struct sk_buff *skb; 441 u32 abort_code = RX_PROTOCOL_ERROR; 442 int ret; 443 444 if (test_and_clear_bit(RXRPC_CONN_EV_CHALLENGE, &conn->events)) 445 rxrpc_secure_connection(conn); 446 447 /* Process delayed ACKs whose time has come. */ 448 if (conn->flags & RXRPC_CONN_FINAL_ACK_MASK) 449 rxrpc_process_delayed_final_acks(conn, false); 450 451 /* go through the conn-level event packets, releasing the ref on this 452 * connection that each one has when we've finished with it */ 453 while ((skb = skb_dequeue(&conn->rx_queue))) { 454 rxrpc_see_skb(skb, rxrpc_skb_seen); 455 ret = rxrpc_process_event(conn, skb, &abort_code); 456 switch (ret) { 457 case -EPROTO: 458 case -EKEYEXPIRED: 459 case -EKEYREJECTED: 460 goto protocol_error; 461 case -ENOMEM: 462 case -EAGAIN: 463 goto requeue_and_leave; 464 case -ECONNABORTED: 465 default: 466 rxrpc_free_skb(skb, rxrpc_skb_freed); 467 break; 468 } 469 } 470 471 return; 472 473requeue_and_leave: 474 skb_queue_head(&conn->rx_queue, skb); 475 return; 476 477protocol_error: 478 if (rxrpc_abort_connection(conn, ret, abort_code) < 0) 479 goto requeue_and_leave; 480 rxrpc_free_skb(skb, rxrpc_skb_freed); 481 return; 482} 483 484void rxrpc_process_connection(struct work_struct *work) 485{ 486 struct rxrpc_connection *conn = 487 container_of(work, struct rxrpc_connection, processor); 488 489 rxrpc_see_connection(conn); 490 491 if (__rxrpc_use_local(conn->params.local)) { 492 rxrpc_do_process_connection(conn); 493 rxrpc_unuse_local(conn->params.local); 494 } 495 496 rxrpc_put_connection(conn); 497 _leave(""); 498 return; 499}