aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArnaldo Carvalho de Melo <acme@mandriva.com>2005-09-22 06:57:21 -0400
committerArnaldo Carvalho de Melo <acme@mandriva.com>2005-09-22 06:57:21 -0400
commitd389424e00f9097cd24b3df4ca0ab7221f140eeb (patch)
tree9ffa95a4e791b19e5d793a06943e40221858b236
parent2928c19e1086e2f1e90d05931437ab6f1e4cfdc8 (diff)
[LLC]: Fix the accept path
Borrowing the structure of TCP/IP for this. On the receive of new connections I was bh_lock_socking the _new_ sock, not the listening one, duh, now it survives the ssh connections storm I've been using to test this specific bug. Also fixes send side skb sock accounting. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
-rw-r--r--include/net/llc_sap.h3
-rw-r--r--net/llc/llc_c_ac.c64
-rw-r--r--net/llc/llc_conn.c142
-rw-r--r--net/llc/llc_if.c2
-rw-r--r--net/llc/llc_s_ac.c4
-rw-r--r--net/llc/llc_sap.c4
-rw-r--r--net/llc/llc_station.c6
7 files changed, 132 insertions, 93 deletions
diff --git a/include/net/llc_sap.h b/include/net/llc_sap.h
index 9dcfcf4a4abb..2c56dbece729 100644
--- a/include/net/llc_sap.h
+++ b/include/net/llc_sap.h
@@ -19,7 +19,8 @@ struct sock;
19extern void llc_sap_rtn_pdu(struct llc_sap *sap, struct sk_buff *skb); 19extern void llc_sap_rtn_pdu(struct llc_sap *sap, struct sk_buff *skb);
20extern void llc_save_primitive(struct sock *sk, struct sk_buff* skb, 20extern void llc_save_primitive(struct sock *sk, struct sk_buff* skb,
21 unsigned char prim); 21 unsigned char prim);
22extern struct sk_buff *llc_alloc_frame(struct net_device *dev); 22extern struct sk_buff *llc_alloc_frame(struct sock *sk,
23 struct net_device *dev);
23 24
24extern void llc_build_and_send_test_pkt(struct llc_sap *sap, 25extern void llc_build_and_send_test_pkt(struct llc_sap *sap,
25 struct sk_buff *skb, 26 struct sk_buff *skb,
diff --git a/net/llc/llc_c_ac.c b/net/llc/llc_c_ac.c
index 8f7b46d20638..b0bcfb1f12dd 100644
--- a/net/llc/llc_c_ac.c
+++ b/net/llc/llc_c_ac.c
@@ -60,24 +60,10 @@ int llc_conn_ac_clear_remote_busy(struct sock *sk, struct sk_buff *skb)
60 60
61int llc_conn_ac_conn_ind(struct sock *sk, struct sk_buff *skb) 61int llc_conn_ac_conn_ind(struct sock *sk, struct sk_buff *skb)
62{ 62{
63 int rc = -ENOTCONN; 63 struct llc_conn_state_ev *ev = llc_conn_ev(skb);
64 u8 dsap;
65 struct llc_sap *sap;
66
67 llc_pdu_decode_dsap(skb, &dsap);
68 sap = llc_sap_find(dsap);
69 if (sap) {
70 struct llc_conn_state_ev *ev = llc_conn_ev(skb);
71 struct llc_sock *llc = llc_sk(sk);
72 64
73 llc_pdu_decode_sa(skb, llc->daddr.mac); 65 ev->ind_prim = LLC_CONN_PRIM;
74 llc_pdu_decode_da(skb, llc->laddr.mac); 66 return 0;
75 llc->dev = skb->dev;
76 ev->ind_prim = LLC_CONN_PRIM;
77 rc = 0;
78 llc_sap_put(sap);
79 }
80 return rc;
81} 67}
82 68
83int llc_conn_ac_conn_confirm(struct sock *sk, struct sk_buff *skb) 69int llc_conn_ac_conn_confirm(struct sock *sk, struct sk_buff *skb)
@@ -213,7 +199,7 @@ int llc_conn_ac_send_disc_cmd_p_set_x(struct sock *sk, struct sk_buff *skb)
213{ 199{
214 int rc = -ENOBUFS; 200 int rc = -ENOBUFS;
215 struct llc_sock *llc = llc_sk(sk); 201 struct llc_sock *llc = llc_sk(sk);
216 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 202 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
217 203
218 if (nskb) { 204 if (nskb) {
219 struct llc_sap *sap = llc->sap; 205 struct llc_sap *sap = llc->sap;
@@ -238,7 +224,7 @@ int llc_conn_ac_send_dm_rsp_f_set_p(struct sock *sk, struct sk_buff *skb)
238{ 224{
239 int rc = -ENOBUFS; 225 int rc = -ENOBUFS;
240 struct llc_sock *llc = llc_sk(sk); 226 struct llc_sock *llc = llc_sk(sk);
241 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 227 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
242 228
243 if (nskb) { 229 if (nskb) {
244 struct llc_sap *sap = llc->sap; 230 struct llc_sap *sap = llc->sap;
@@ -264,7 +250,7 @@ int llc_conn_ac_send_dm_rsp_f_set_1(struct sock *sk, struct sk_buff *skb)
264{ 250{
265 int rc = -ENOBUFS; 251 int rc = -ENOBUFS;
266 struct llc_sock *llc = llc_sk(sk); 252 struct llc_sock *llc = llc_sk(sk);
267 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 253 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
268 254
269 if (nskb) { 255 if (nskb) {
270 struct llc_sap *sap = llc->sap; 256 struct llc_sap *sap = llc->sap;
@@ -297,7 +283,7 @@ int llc_conn_ac_send_frmr_rsp_f_set_x(struct sock *sk, struct sk_buff *skb)
297 llc_pdu_decode_pf_bit(skb, &f_bit); 283 llc_pdu_decode_pf_bit(skb, &f_bit);
298 else 284 else
299 f_bit = 0; 285 f_bit = 0;
300 nskb = llc_alloc_frame(llc->dev); 286 nskb = llc_alloc_frame(sk, llc->dev);
301 if (nskb) { 287 if (nskb) {
302 struct llc_sap *sap = llc->sap; 288 struct llc_sap *sap = llc->sap;
303 289
@@ -321,7 +307,7 @@ int llc_conn_ac_resend_frmr_rsp_f_set_0(struct sock *sk, struct sk_buff *skb)
321{ 307{
322 int rc = -ENOBUFS; 308 int rc = -ENOBUFS;
323 struct llc_sock *llc = llc_sk(sk); 309 struct llc_sock *llc = llc_sk(sk);
324 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 310 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
325 311
326 if (nskb) { 312 if (nskb) {
327 struct llc_sap *sap = llc->sap; 313 struct llc_sap *sap = llc->sap;
@@ -351,7 +337,7 @@ int llc_conn_ac_resend_frmr_rsp_f_set_p(struct sock *sk, struct sk_buff *skb)
351 struct llc_sock *llc = llc_sk(sk); 337 struct llc_sock *llc = llc_sk(sk);
352 338
353 llc_pdu_decode_pf_bit(skb, &f_bit); 339 llc_pdu_decode_pf_bit(skb, &f_bit);
354 nskb = llc_alloc_frame(llc->dev); 340 nskb = llc_alloc_frame(sk, llc->dev);
355 if (nskb) { 341 if (nskb) {
356 struct llc_sap *sap = llc->sap; 342 struct llc_sap *sap = llc->sap;
357 struct llc_pdu_sn *pdu = llc_pdu_sn_hdr(skb); 343 struct llc_pdu_sn *pdu = llc_pdu_sn_hdr(skb);
@@ -439,7 +425,7 @@ int llc_conn_ac_resend_i_xxx_x_set_0_or_send_rr(struct sock *sk,
439 struct llc_pdu_sn *pdu = llc_pdu_sn_hdr(skb); 425 struct llc_pdu_sn *pdu = llc_pdu_sn_hdr(skb);
440 int rc = -ENOBUFS; 426 int rc = -ENOBUFS;
441 struct llc_sock *llc = llc_sk(sk); 427 struct llc_sock *llc = llc_sk(sk);
442 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 428 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
443 429
444 if (nskb) { 430 if (nskb) {
445 struct llc_sap *sap = llc->sap; 431 struct llc_sap *sap = llc->sap;
@@ -474,7 +460,7 @@ int llc_conn_ac_send_rej_cmd_p_set_1(struct sock *sk, struct sk_buff *skb)
474{ 460{
475 int rc = -ENOBUFS; 461 int rc = -ENOBUFS;
476 struct llc_sock *llc = llc_sk(sk); 462 struct llc_sock *llc = llc_sk(sk);
477 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 463 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
478 464
479 if (nskb) { 465 if (nskb) {
480 struct llc_sap *sap = llc->sap; 466 struct llc_sap *sap = llc->sap;
@@ -498,7 +484,7 @@ int llc_conn_ac_send_rej_rsp_f_set_1(struct sock *sk, struct sk_buff *skb)
498{ 484{
499 int rc = -ENOBUFS; 485 int rc = -ENOBUFS;
500 struct llc_sock *llc = llc_sk(sk); 486 struct llc_sock *llc = llc_sk(sk);
501 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 487 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
502 488
503 if (nskb) { 489 if (nskb) {
504 struct llc_sap *sap = llc->sap; 490 struct llc_sap *sap = llc->sap;
@@ -522,7 +508,7 @@ int llc_conn_ac_send_rej_xxx_x_set_0(struct sock *sk, struct sk_buff *skb)
522{ 508{
523 int rc = -ENOBUFS; 509 int rc = -ENOBUFS;
524 struct llc_sock *llc = llc_sk(sk); 510 struct llc_sock *llc = llc_sk(sk);
525 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 511 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
526 512
527 if (nskb) { 513 if (nskb) {
528 struct llc_sap *sap = llc->sap; 514 struct llc_sap *sap = llc->sap;
@@ -546,7 +532,7 @@ int llc_conn_ac_send_rnr_cmd_p_set_1(struct sock *sk, struct sk_buff *skb)
546{ 532{
547 int rc = -ENOBUFS; 533 int rc = -ENOBUFS;
548 struct llc_sock *llc = llc_sk(sk); 534 struct llc_sock *llc = llc_sk(sk);
549 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 535 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
550 536
551 if (nskb) { 537 if (nskb) {
552 struct llc_sap *sap = llc->sap; 538 struct llc_sap *sap = llc->sap;
@@ -570,7 +556,7 @@ int llc_conn_ac_send_rnr_rsp_f_set_1(struct sock *sk, struct sk_buff *skb)
570{ 556{
571 int rc = -ENOBUFS; 557 int rc = -ENOBUFS;
572 struct llc_sock *llc = llc_sk(sk); 558 struct llc_sock *llc = llc_sk(sk);
573 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 559 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
574 560
575 if (nskb) { 561 if (nskb) {
576 struct llc_sap *sap = llc->sap; 562 struct llc_sap *sap = llc->sap;
@@ -594,7 +580,7 @@ int llc_conn_ac_send_rnr_xxx_x_set_0(struct sock *sk, struct sk_buff *skb)
594{ 580{
595 int rc = -ENOBUFS; 581 int rc = -ENOBUFS;
596 struct llc_sock *llc = llc_sk(sk); 582 struct llc_sock *llc = llc_sk(sk);
597 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 583 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
598 584
599 if (nskb) { 585 if (nskb) {
600 struct llc_sap *sap = llc->sap; 586 struct llc_sap *sap = llc->sap;
@@ -630,7 +616,7 @@ int llc_conn_ac_opt_send_rnr_xxx_x_set_0(struct sock *sk, struct sk_buff *skb)
630{ 616{
631 int rc = -ENOBUFS; 617 int rc = -ENOBUFS;
632 struct llc_sock *llc = llc_sk(sk); 618 struct llc_sock *llc = llc_sk(sk);
633 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 619 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
634 620
635 if (nskb) { 621 if (nskb) {
636 struct llc_sap *sap = llc->sap; 622 struct llc_sap *sap = llc->sap;
@@ -654,7 +640,7 @@ int llc_conn_ac_send_rr_cmd_p_set_1(struct sock *sk, struct sk_buff *skb)
654{ 640{
655 int rc = -ENOBUFS; 641 int rc = -ENOBUFS;
656 struct llc_sock *llc = llc_sk(sk); 642 struct llc_sock *llc = llc_sk(sk);
657 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 643 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
658 644
659 if (nskb) { 645 if (nskb) {
660 struct llc_sap *sap = llc->sap; 646 struct llc_sap *sap = llc->sap;
@@ -678,7 +664,7 @@ int llc_conn_ac_send_rr_rsp_f_set_1(struct sock *sk, struct sk_buff *skb)
678{ 664{
679 int rc = -ENOBUFS; 665 int rc = -ENOBUFS;
680 struct llc_sock *llc = llc_sk(sk); 666 struct llc_sock *llc = llc_sk(sk);
681 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 667 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
682 668
683 if (nskb) { 669 if (nskb) {
684 struct llc_sap *sap = llc->sap; 670 struct llc_sap *sap = llc->sap;
@@ -703,7 +689,7 @@ int llc_conn_ac_send_ack_rsp_f_set_1(struct sock *sk, struct sk_buff *skb)
703{ 689{
704 int rc = -ENOBUFS; 690 int rc = -ENOBUFS;
705 struct llc_sock *llc = llc_sk(sk); 691 struct llc_sock *llc = llc_sk(sk);
706 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 692 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
707 693
708 if (nskb) { 694 if (nskb) {
709 struct llc_sap *sap = llc->sap; 695 struct llc_sap *sap = llc->sap;
@@ -727,7 +713,7 @@ int llc_conn_ac_send_rr_xxx_x_set_0(struct sock *sk, struct sk_buff *skb)
727{ 713{
728 int rc = -ENOBUFS; 714 int rc = -ENOBUFS;
729 struct llc_sock *llc = llc_sk(sk); 715 struct llc_sock *llc = llc_sk(sk);
730 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 716 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
731 717
732 if (nskb) { 718 if (nskb) {
733 struct llc_sap *sap = llc->sap; 719 struct llc_sap *sap = llc->sap;
@@ -751,7 +737,7 @@ int llc_conn_ac_send_ack_xxx_x_set_0(struct sock *sk, struct sk_buff *skb)
751{ 737{
752 int rc = -ENOBUFS; 738 int rc = -ENOBUFS;
753 struct llc_sock *llc = llc_sk(sk); 739 struct llc_sock *llc = llc_sk(sk);
754 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 740 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
755 741
756 if (nskb) { 742 if (nskb) {
757 struct llc_sap *sap = llc->sap; 743 struct llc_sap *sap = llc->sap;
@@ -785,7 +771,7 @@ int llc_conn_ac_send_sabme_cmd_p_set_x(struct sock *sk, struct sk_buff *skb)
785{ 771{
786 int rc = -ENOBUFS; 772 int rc = -ENOBUFS;
787 struct llc_sock *llc = llc_sk(sk); 773 struct llc_sock *llc = llc_sk(sk);
788 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 774 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
789 775
790 if (nskb) { 776 if (nskb) {
791 struct llc_sap *sap = llc->sap; 777 struct llc_sap *sap = llc->sap;
@@ -814,7 +800,7 @@ int llc_conn_ac_send_ua_rsp_f_set_p(struct sock *sk, struct sk_buff *skb)
814 u8 f_bit; 800 u8 f_bit;
815 int rc = -ENOBUFS; 801 int rc = -ENOBUFS;
816 struct llc_sock *llc = llc_sk(sk); 802 struct llc_sock *llc = llc_sk(sk);
817 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 803 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
818 804
819 llc_pdu_decode_pf_bit(skb, &f_bit); 805 llc_pdu_decode_pf_bit(skb, &f_bit);
820 if (nskb) { 806 if (nskb) {
@@ -970,7 +956,7 @@ static int llc_conn_ac_send_rr_rsp_f_set_ackpf(struct sock *sk,
970{ 956{
971 int rc = -ENOBUFS; 957 int rc = -ENOBUFS;
972 struct llc_sock *llc = llc_sk(sk); 958 struct llc_sock *llc = llc_sk(sk);
973 struct sk_buff *nskb = llc_alloc_frame(llc->dev); 959 struct sk_buff *nskb = llc_alloc_frame(sk, llc->dev);
974 960
975 if (nskb) { 961 if (nskb) {
976 struct llc_sap *sap = llc->sap; 962 struct llc_sap *sap = llc->sap;
diff --git a/net/llc/llc_conn.c b/net/llc/llc_conn.c
index 76f94e0d840d..e10ce5adb104 100644
--- a/net/llc/llc_conn.c
+++ b/net/llc/llc_conn.c
@@ -58,7 +58,7 @@ int sysctl_llc2_busy_timeout = LLC2_BUSY_TIME * HZ;
58int llc_conn_state_process(struct sock *sk, struct sk_buff *skb) 58int llc_conn_state_process(struct sock *sk, struct sk_buff *skb)
59{ 59{
60 int rc; 60 int rc;
61 struct llc_sock *llc = llc_sk(sk); 61 struct llc_sock *llc = llc_sk(skb->sk);
62 struct llc_conn_state_ev *ev = llc_conn_ev(skb); 62 struct llc_conn_state_ev *ev = llc_conn_ev(skb);
63 63
64 /* 64 /*
@@ -68,7 +68,10 @@ int llc_conn_state_process(struct sock *sk, struct sk_buff *skb)
68 */ 68 */
69 skb_get(skb); 69 skb_get(skb);
70 ev->ind_prim = ev->cfm_prim = 0; 70 ev->ind_prim = ev->cfm_prim = 0;
71 rc = llc_conn_service(sk, skb); /* sending event to state machine */ 71 /*
72 * Send event to state machine
73 */
74 rc = llc_conn_service(skb->sk, skb);
72 if (unlikely(rc != 0)) { 75 if (unlikely(rc != 0)) {
73 printk(KERN_ERR "%s: llc_conn_service failed\n", __FUNCTION__); 76 printk(KERN_ERR "%s: llc_conn_service failed\n", __FUNCTION__);
74 goto out_kfree_skb; 77 goto out_kfree_skb;
@@ -100,18 +103,14 @@ int llc_conn_state_process(struct sock *sk, struct sk_buff *skb)
100 kfree_skb(skb); 103 kfree_skb(skb);
101 } 104 }
102 break; 105 break;
103 case LLC_CONN_PRIM: { 106 case LLC_CONN_PRIM:
104 struct sock *parent = skb->sk;
105
106 skb_orphan(skb);
107 /* 107 /*
108 * Set the skb->sk to the new struct sock, so that at accept 108 * Can't be sock_queue_rcv_skb, because we have to leave the
109 * type the upper layer can get the newly created struct sock. 109 * skb->sk pointing to the newly created struct sock in
110 * llc_conn_handler. -acme
110 */ 111 */
111 skb->sk = sk; 112 skb_queue_tail(&sk->sk_receive_queue, skb);
112 skb_queue_tail(&parent->sk_receive_queue, skb); 113 sk->sk_state_change(sk);
113 sk->sk_state_change(parent);
114 }
115 break; 114 break;
116 case LLC_DISC_PRIM: 115 case LLC_DISC_PRIM:
117 sock_hold(sk); 116 sock_hold(sk);
@@ -475,7 +474,7 @@ static int llc_exec_conn_trans_actions(struct sock *sk,
475} 474}
476 475
477/** 476/**
478 * llc_lookup_established - Finds connection for the remote/local sap/mac 477 * __llc_lookup_established - Finds connection for the remote/local sap/mac
479 * @sap: SAP 478 * @sap: SAP
480 * @daddr: address of remote LLC (MAC + SAP) 479 * @daddr: address of remote LLC (MAC + SAP)
481 * @laddr: address of local LLC (MAC + SAP) 480 * @laddr: address of local LLC (MAC + SAP)
@@ -483,14 +482,16 @@ static int llc_exec_conn_trans_actions(struct sock *sk,
483 * Search connection list of the SAP and finds connection using the remote 482 * Search connection list of the SAP and finds connection using the remote
484 * mac, remote sap, local mac, and local sap. Returns pointer for 483 * mac, remote sap, local mac, and local sap. Returns pointer for
485 * connection found, %NULL otherwise. 484 * connection found, %NULL otherwise.
485 * Caller has to make sure local_bh is disabled.
486 */ 486 */
487struct sock *llc_lookup_established(struct llc_sap *sap, struct llc_addr *daddr, 487static struct sock *__llc_lookup_established(struct llc_sap *sap,
488 struct llc_addr *laddr) 488 struct llc_addr *daddr,
489 struct llc_addr *laddr)
489{ 490{
490 struct sock *rc; 491 struct sock *rc;
491 struct hlist_node *node; 492 struct hlist_node *node;
492 493
493 read_lock_bh(&sap->sk_list.lock); 494 read_lock(&sap->sk_list.lock);
494 sk_for_each(rc, node, &sap->sk_list.list) { 495 sk_for_each(rc, node, &sap->sk_list.list) {
495 struct llc_sock *llc = llc_sk(rc); 496 struct llc_sock *llc = llc_sk(rc);
496 497
@@ -504,10 +505,22 @@ struct sock *llc_lookup_established(struct llc_sap *sap, struct llc_addr *daddr,
504 } 505 }
505 rc = NULL; 506 rc = NULL;
506found: 507found:
507 read_unlock_bh(&sap->sk_list.lock); 508 read_unlock(&sap->sk_list.lock);
508 return rc; 509 return rc;
509} 510}
510 511
512struct sock *llc_lookup_established(struct llc_sap *sap,
513 struct llc_addr *daddr,
514 struct llc_addr *laddr)
515{
516 struct sock *sk;
517
518 local_bh_disable();
519 sk = __llc_lookup_established(sap, daddr, laddr);
520 local_bh_enable();
521 return sk;
522}
523
511/** 524/**
512 * llc_lookup_listener - Finds listener for local MAC + SAP 525 * llc_lookup_listener - Finds listener for local MAC + SAP
513 * @sap: SAP 526 * @sap: SAP
@@ -516,6 +529,7 @@ found:
516 * Search connection list of the SAP and finds connection listening on 529 * Search connection list of the SAP and finds connection listening on
517 * local mac, and local sap. Returns pointer for parent socket found, 530 * local mac, and local sap. Returns pointer for parent socket found,
518 * %NULL otherwise. 531 * %NULL otherwise.
532 * Caller has to make sure local_bh is disabled.
519 */ 533 */
520static struct sock *llc_lookup_listener(struct llc_sap *sap, 534static struct sock *llc_lookup_listener(struct llc_sap *sap,
521 struct llc_addr *laddr) 535 struct llc_addr *laddr)
@@ -523,7 +537,7 @@ static struct sock *llc_lookup_listener(struct llc_sap *sap,
523 struct sock *rc; 537 struct sock *rc;
524 struct hlist_node *node; 538 struct hlist_node *node;
525 539
526 read_lock_bh(&sap->sk_list.lock); 540 read_lock(&sap->sk_list.lock);
527 sk_for_each(rc, node, &sap->sk_list.list) { 541 sk_for_each(rc, node, &sap->sk_list.list) {
528 struct llc_sock *llc = llc_sk(rc); 542 struct llc_sock *llc = llc_sk(rc);
529 543
@@ -537,10 +551,19 @@ static struct sock *llc_lookup_listener(struct llc_sap *sap,
537 } 551 }
538 rc = NULL; 552 rc = NULL;
539found: 553found:
540 read_unlock_bh(&sap->sk_list.lock); 554 read_unlock(&sap->sk_list.lock);
541 return rc; 555 return rc;
542} 556}
543 557
558static struct sock *__llc_lookup(struct llc_sap *sap,
559 struct llc_addr *daddr,
560 struct llc_addr *laddr)
561{
562 struct sock *sk = __llc_lookup_established(sap, daddr, laddr);
563
564 return sk ? : llc_lookup_listener(sap, laddr);
565}
566
544/** 567/**
545 * llc_data_accept_state - designates if in this state data can be sent. 568 * llc_data_accept_state - designates if in this state data can be sent.
546 * @state: state of connection. 569 * @state: state of connection.
@@ -666,15 +689,34 @@ void llc_sap_remove_socket(struct llc_sap *sap, struct sock *sk)
666static int llc_conn_rcv(struct sock* sk, struct sk_buff *skb) 689static int llc_conn_rcv(struct sock* sk, struct sk_buff *skb)
667{ 690{
668 struct llc_conn_state_ev *ev = llc_conn_ev(skb); 691 struct llc_conn_state_ev *ev = llc_conn_ev(skb);
669 struct llc_sock *llc = llc_sk(sk);
670 692
671 if (!llc->dev)
672 llc->dev = skb->dev;
673 ev->type = LLC_CONN_EV_TYPE_PDU; 693 ev->type = LLC_CONN_EV_TYPE_PDU;
674 ev->reason = 0; 694 ev->reason = 0;
675 return llc_conn_state_process(sk, skb); 695 return llc_conn_state_process(sk, skb);
676} 696}
677 697
698static struct sock *llc_create_incoming_sock(struct sock *sk,
699 struct net_device *dev,
700 struct llc_addr *saddr,
701 struct llc_addr *daddr)
702{
703 struct sock *newsk = llc_sk_alloc(sk->sk_family, GFP_ATOMIC,
704 sk->sk_prot);
705 struct llc_sock *newllc, *llc = llc_sk(sk);
706
707 if (!newsk)
708 goto out;
709 newllc = llc_sk(newsk);
710 memcpy(&newllc->laddr, daddr, sizeof(newllc->laddr));
711 memcpy(&newllc->daddr, saddr, sizeof(newllc->daddr));
712 newllc->dev = dev;
713 dev_hold(dev);
714 llc_sap_add_socket(llc->sap, newsk);
715 llc_sap_hold(llc->sap);
716out:
717 return newsk;
718}
719
678void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb) 720void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb)
679{ 721{
680 struct llc_addr saddr, daddr; 722 struct llc_addr saddr, daddr;
@@ -685,34 +727,35 @@ void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb)
685 llc_pdu_decode_da(skb, daddr.mac); 727 llc_pdu_decode_da(skb, daddr.mac);
686 llc_pdu_decode_dsap(skb, &daddr.lsap); 728 llc_pdu_decode_dsap(skb, &daddr.lsap);
687 729
688 sk = llc_lookup_established(sap, &saddr, &daddr); 730 sk = __llc_lookup(sap, &saddr, &daddr);
689 if (!sk) { 731 if (!sk)
732 goto drop;
733
734 bh_lock_sock(sk);
735 /*
736 * This has to be done here and not at the upper layer ->accept
737 * method because of the way the PROCOM state machine works:
738 * it needs to set several state variables (see, for instance,
739 * llc_adm_actions_2 in net/llc/llc_c_st.c) and send a packet to
740 * the originator of the new connection, and this state has to be
741 * in the newly created struct sock private area. -acme
742 */
743 if (unlikely(sk->sk_state == TCP_LISTEN)) {
744 struct sock *newsk = llc_create_incoming_sock(sk, skb->dev,
745 &saddr, &daddr);
746 if (!newsk)
747 goto drop_unlock;
748 skb_set_owner_r(skb, newsk);
749 } else {
690 /* 750 /*
691 * Didn't find an active connection; verify if there 751 * Can't be skb_set_owner_r, this will be done at the
692 * is a listening socket for this llc addr 752 * llc_conn_state_process function, later on, when we will use
753 * skb_queue_rcv_skb to send it to upper layers, this is
754 * another trick required to cope with how the PROCOM state
755 * machine works. -acme
693 */ 756 */
694 struct llc_sock *llc; 757 skb->sk = sk;
695 struct sock *parent = llc_lookup_listener(sap, &daddr);
696
697 if (!parent) {
698 dprintk("llc_lookup_listener failed!\n");
699 goto drop;
700 }
701
702 sk = llc_sk_alloc(parent->sk_family, GFP_ATOMIC, parent->sk_prot);
703 if (!sk) {
704 sock_put(parent);
705 goto drop;
706 }
707 llc = llc_sk(sk);
708 memcpy(&llc->laddr, &daddr, sizeof(llc->laddr));
709 memcpy(&llc->daddr, &saddr, sizeof(llc->daddr));
710 llc_sap_add_socket(sap, sk);
711 sock_hold(sk);
712 skb_set_owner_r(skb, parent);
713 sock_put(parent);
714 } 758 }
715 bh_lock_sock(sk);
716 if (!sock_owned_by_user(sk)) 759 if (!sock_owned_by_user(sk))
717 llc_conn_rcv(sk, skb); 760 llc_conn_rcv(sk, skb);
718 else { 761 else {
@@ -720,11 +763,16 @@ void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb)
720 llc_set_backlog_type(skb, LLC_PACKET); 763 llc_set_backlog_type(skb, LLC_PACKET);
721 sk_add_backlog(sk, skb); 764 sk_add_backlog(sk, skb);
722 } 765 }
766out:
723 bh_unlock_sock(sk); 767 bh_unlock_sock(sk);
724 sock_put(sk); 768 sock_put(sk);
725 return; 769 return;
726drop: 770drop:
727 kfree_skb(skb); 771 kfree_skb(skb);
772 return;
773drop_unlock:
774 kfree_skb(skb);
775 goto out;
728} 776}
729 777
730#undef LLC_REFCNT_DEBUG 778#undef LLC_REFCNT_DEBUG
diff --git a/net/llc/llc_if.c b/net/llc/llc_if.c
index 764dbd704051..ba90f7f0801a 100644
--- a/net/llc/llc_if.c
+++ b/net/llc/llc_if.c
@@ -107,6 +107,7 @@ int llc_establish_connection(struct sock *sk, u8 *lmac, u8 *dmac, u8 dsap)
107 ev->type = LLC_CONN_EV_TYPE_PRIM; 107 ev->type = LLC_CONN_EV_TYPE_PRIM;
108 ev->prim = LLC_CONN_PRIM; 108 ev->prim = LLC_CONN_PRIM;
109 ev->prim_type = LLC_PRIM_TYPE_REQ; 109 ev->prim_type = LLC_PRIM_TYPE_REQ;
110 skb_set_owner_w(skb, sk);
110 rc = llc_conn_state_process(sk, skb); 111 rc = llc_conn_state_process(sk, skb);
111 } 112 }
112out_put: 113out_put:
@@ -141,6 +142,7 @@ int llc_send_disc(struct sock *sk)
141 skb = alloc_skb(0, GFP_ATOMIC); 142 skb = alloc_skb(0, GFP_ATOMIC);
142 if (!skb) 143 if (!skb)
143 goto out; 144 goto out;
145 skb_set_owner_w(skb, sk);
144 sk->sk_state = TCP_CLOSING; 146 sk->sk_state = TCP_CLOSING;
145 ev = llc_conn_ev(skb); 147 ev = llc_conn_ev(skb);
146 ev->type = LLC_CONN_EV_TYPE_PRIM; 148 ev->type = LLC_CONN_EV_TYPE_PRIM;
diff --git a/net/llc/llc_s_ac.c b/net/llc/llc_s_ac.c
index 6acdebf03b2b..bb3580fb8cfe 100644
--- a/net/llc/llc_s_ac.c
+++ b/net/llc/llc_s_ac.c
@@ -103,7 +103,7 @@ int llc_sap_action_send_xid_r(struct llc_sap *sap, struct sk_buff *skb)
103 llc_pdu_decode_sa(skb, mac_da); 103 llc_pdu_decode_sa(skb, mac_da);
104 llc_pdu_decode_da(skb, mac_sa); 104 llc_pdu_decode_da(skb, mac_sa);
105 llc_pdu_decode_ssap(skb, &dsap); 105 llc_pdu_decode_ssap(skb, &dsap);
106 nskb = llc_alloc_frame(skb->dev); 106 nskb = llc_alloc_frame(NULL, skb->dev);
107 if (!nskb) 107 if (!nskb)
108 goto out; 108 goto out;
109 llc_pdu_header_init(nskb, LLC_PDU_TYPE_U, sap->laddr.lsap, dsap, 109 llc_pdu_header_init(nskb, LLC_PDU_TYPE_U, sap->laddr.lsap, dsap,
@@ -148,7 +148,7 @@ int llc_sap_action_send_test_r(struct llc_sap *sap, struct sk_buff *skb)
148 llc_pdu_decode_sa(skb, mac_da); 148 llc_pdu_decode_sa(skb, mac_da);
149 llc_pdu_decode_da(skb, mac_sa); 149 llc_pdu_decode_da(skb, mac_sa);
150 llc_pdu_decode_ssap(skb, &dsap); 150 llc_pdu_decode_ssap(skb, &dsap);
151 nskb = llc_alloc_frame(skb->dev); 151 nskb = llc_alloc_frame(NULL, skb->dev);
152 if (!nskb) 152 if (!nskb)
153 goto out; 153 goto out;
154 llc_pdu_header_init(nskb, LLC_PDU_TYPE_U, sap->laddr.lsap, dsap, 154 llc_pdu_header_init(nskb, LLC_PDU_TYPE_U, sap->laddr.lsap, dsap,
diff --git a/net/llc/llc_sap.c b/net/llc/llc_sap.c
index 9f064b3a4335..e6d538937f93 100644
--- a/net/llc/llc_sap.c
+++ b/net/llc/llc_sap.c
@@ -31,7 +31,7 @@
31 * Allocates an sk_buff for frame and initializes sk_buff fields. 31 * Allocates an sk_buff for frame and initializes sk_buff fields.
32 * Returns allocated skb or %NULL when out of memory. 32 * Returns allocated skb or %NULL when out of memory.
33 */ 33 */
34struct sk_buff *llc_alloc_frame(struct net_device *dev) 34struct sk_buff *llc_alloc_frame(struct sock *sk, struct net_device *dev)
35{ 35{
36 struct sk_buff *skb = alloc_skb(128, GFP_ATOMIC); 36 struct sk_buff *skb = alloc_skb(128, GFP_ATOMIC);
37 37
@@ -41,6 +41,8 @@ struct sk_buff *llc_alloc_frame(struct net_device *dev)
41 skb->protocol = htons(ETH_P_802_2); 41 skb->protocol = htons(ETH_P_802_2);
42 skb->dev = dev; 42 skb->dev = dev;
43 skb->mac.raw = skb->head; 43 skb->mac.raw = skb->head;
44 if (sk != NULL)
45 skb_set_owner_w(skb, sk);
44 } 46 }
45 return skb; 47 return skb;
46} 48}
diff --git a/net/llc/llc_station.c b/net/llc/llc_station.c
index ec4693fe312f..f37dbf8ef126 100644
--- a/net/llc/llc_station.c
+++ b/net/llc/llc_station.c
@@ -254,7 +254,7 @@ static int llc_station_ac_inc_xid_r_cnt_by_1(struct sk_buff *skb)
254static int llc_station_ac_send_null_dsap_xid_c(struct sk_buff *skb) 254static int llc_station_ac_send_null_dsap_xid_c(struct sk_buff *skb)
255{ 255{
256 int rc = 1; 256 int rc = 1;
257 struct sk_buff *nskb = llc_alloc_frame(skb->dev); 257 struct sk_buff *nskb = llc_alloc_frame(NULL, skb->dev);
258 258
259 if (!nskb) 259 if (!nskb)
260 goto out; 260 goto out;
@@ -275,7 +275,7 @@ static int llc_station_ac_send_xid_r(struct sk_buff *skb)
275{ 275{
276 u8 mac_da[ETH_ALEN], dsap; 276 u8 mac_da[ETH_ALEN], dsap;
277 int rc = 1; 277 int rc = 1;
278 struct sk_buff* nskb = llc_alloc_frame(skb->dev); 278 struct sk_buff* nskb = llc_alloc_frame(NULL, skb->dev);
279 279
280 if (!nskb) 280 if (!nskb)
281 goto out; 281 goto out;
@@ -299,7 +299,7 @@ static int llc_station_ac_send_test_r(struct sk_buff *skb)
299{ 299{
300 u8 mac_da[ETH_ALEN], dsap; 300 u8 mac_da[ETH_ALEN], dsap;
301 int rc = 1; 301 int rc = 1;
302 struct sk_buff *nskb = llc_alloc_frame(skb->dev); 302 struct sk_buff *nskb = llc_alloc_frame(NULL, skb->dev);
303 303
304 if (!nskb) 304 if (!nskb)
305 goto out; 305 goto out;