diff options
| author | Arnaldo Carvalho de Melo <acme@mandriva.com> | 2005-09-22 06:57:21 -0400 |
|---|---|---|
| committer | Arnaldo Carvalho de Melo <acme@mandriva.com> | 2005-09-22 06:57:21 -0400 |
| commit | d389424e00f9097cd24b3df4ca0ab7221f140eeb (patch) | |
| tree | 9ffa95a4e791b19e5d793a06943e40221858b236 /net/llc/llc_conn.c | |
| parent | 2928c19e1086e2f1e90d05931437ab6f1e4cfdc8 (diff) | |
[LLC]: Fix the accept path
Borrowing the structure of TCP/IP for this. On the receive of new connections I
was bh_lock_socking the _new_ sock, not the listening one, duh, now it survives
the ssh connections storm I've been using to test this specific bug.
Also fixes send side skb sock accounting.
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
Diffstat (limited to 'net/llc/llc_conn.c')
| -rw-r--r-- | net/llc/llc_conn.c | 142 |
1 files changed, 95 insertions, 47 deletions
diff --git a/net/llc/llc_conn.c b/net/llc/llc_conn.c index 76f94e0d840d..e10ce5adb104 100644 --- a/net/llc/llc_conn.c +++ b/net/llc/llc_conn.c | |||
| @@ -58,7 +58,7 @@ int sysctl_llc2_busy_timeout = LLC2_BUSY_TIME * HZ; | |||
| 58 | int llc_conn_state_process(struct sock *sk, struct sk_buff *skb) | 58 | int llc_conn_state_process(struct sock *sk, struct sk_buff *skb) |
| 59 | { | 59 | { |
| 60 | int rc; | 60 | int rc; |
| 61 | struct llc_sock *llc = llc_sk(sk); | 61 | struct llc_sock *llc = llc_sk(skb->sk); |
| 62 | struct llc_conn_state_ev *ev = llc_conn_ev(skb); | 62 | struct llc_conn_state_ev *ev = llc_conn_ev(skb); |
| 63 | 63 | ||
| 64 | /* | 64 | /* |
| @@ -68,7 +68,10 @@ int llc_conn_state_process(struct sock *sk, struct sk_buff *skb) | |||
| 68 | */ | 68 | */ |
| 69 | skb_get(skb); | 69 | skb_get(skb); |
| 70 | ev->ind_prim = ev->cfm_prim = 0; | 70 | ev->ind_prim = ev->cfm_prim = 0; |
| 71 | rc = llc_conn_service(sk, skb); /* sending event to state machine */ | 71 | /* |
| 72 | * Send event to state machine | ||
| 73 | */ | ||
| 74 | rc = llc_conn_service(skb->sk, skb); | ||
| 72 | if (unlikely(rc != 0)) { | 75 | if (unlikely(rc != 0)) { |
| 73 | printk(KERN_ERR "%s: llc_conn_service failed\n", __FUNCTION__); | 76 | printk(KERN_ERR "%s: llc_conn_service failed\n", __FUNCTION__); |
| 74 | goto out_kfree_skb; | 77 | goto out_kfree_skb; |
| @@ -100,18 +103,14 @@ int llc_conn_state_process(struct sock *sk, struct sk_buff *skb) | |||
| 100 | kfree_skb(skb); | 103 | kfree_skb(skb); |
| 101 | } | 104 | } |
| 102 | break; | 105 | break; |
| 103 | case LLC_CONN_PRIM: { | 106 | case LLC_CONN_PRIM: |
| 104 | struct sock *parent = skb->sk; | ||
| 105 | |||
| 106 | skb_orphan(skb); | ||
| 107 | /* | 107 | /* |
| 108 | * Set the skb->sk to the new struct sock, so that at accept | 108 | * Can't be sock_queue_rcv_skb, because we have to leave the |
| 109 | * type the upper layer can get the newly created struct sock. | 109 | * skb->sk pointing to the newly created struct sock in |
| 110 | * llc_conn_handler. -acme | ||
| 110 | */ | 111 | */ |
| 111 | skb->sk = sk; | 112 | skb_queue_tail(&sk->sk_receive_queue, skb); |
| 112 | skb_queue_tail(&parent->sk_receive_queue, skb); | 113 | sk->sk_state_change(sk); |
| 113 | sk->sk_state_change(parent); | ||
| 114 | } | ||
| 115 | break; | 114 | break; |
| 116 | case LLC_DISC_PRIM: | 115 | case LLC_DISC_PRIM: |
| 117 | sock_hold(sk); | 116 | sock_hold(sk); |
| @@ -475,7 +474,7 @@ static int llc_exec_conn_trans_actions(struct sock *sk, | |||
| 475 | } | 474 | } |
| 476 | 475 | ||
| 477 | /** | 476 | /** |
| 478 | * llc_lookup_established - Finds connection for the remote/local sap/mac | 477 | * __llc_lookup_established - Finds connection for the remote/local sap/mac |
| 479 | * @sap: SAP | 478 | * @sap: SAP |
| 480 | * @daddr: address of remote LLC (MAC + SAP) | 479 | * @daddr: address of remote LLC (MAC + SAP) |
| 481 | * @laddr: address of local LLC (MAC + SAP) | 480 | * @laddr: address of local LLC (MAC + SAP) |
| @@ -483,14 +482,16 @@ static int llc_exec_conn_trans_actions(struct sock *sk, | |||
| 483 | * Search connection list of the SAP and finds connection using the remote | 482 | * Search connection list of the SAP and finds connection using the remote |
| 484 | * mac, remote sap, local mac, and local sap. Returns pointer for | 483 | * mac, remote sap, local mac, and local sap. Returns pointer for |
| 485 | * connection found, %NULL otherwise. | 484 | * connection found, %NULL otherwise. |
| 485 | * Caller has to make sure local_bh is disabled. | ||
| 486 | */ | 486 | */ |
| 487 | struct sock *llc_lookup_established(struct llc_sap *sap, struct llc_addr *daddr, | 487 | static struct sock *__llc_lookup_established(struct llc_sap *sap, |
| 488 | struct llc_addr *laddr) | 488 | struct llc_addr *daddr, |
| 489 | struct llc_addr *laddr) | ||
| 489 | { | 490 | { |
| 490 | struct sock *rc; | 491 | struct sock *rc; |
| 491 | struct hlist_node *node; | 492 | struct hlist_node *node; |
| 492 | 493 | ||
| 493 | read_lock_bh(&sap->sk_list.lock); | 494 | read_lock(&sap->sk_list.lock); |
| 494 | sk_for_each(rc, node, &sap->sk_list.list) { | 495 | sk_for_each(rc, node, &sap->sk_list.list) { |
| 495 | struct llc_sock *llc = llc_sk(rc); | 496 | struct llc_sock *llc = llc_sk(rc); |
| 496 | 497 | ||
| @@ -504,10 +505,22 @@ struct sock *llc_lookup_established(struct llc_sap *sap, struct llc_addr *daddr, | |||
| 504 | } | 505 | } |
| 505 | rc = NULL; | 506 | rc = NULL; |
| 506 | found: | 507 | found: |
| 507 | read_unlock_bh(&sap->sk_list.lock); | 508 | read_unlock(&sap->sk_list.lock); |
| 508 | return rc; | 509 | return rc; |
| 509 | } | 510 | } |
| 510 | 511 | ||
| 512 | struct sock *llc_lookup_established(struct llc_sap *sap, | ||
| 513 | struct llc_addr *daddr, | ||
| 514 | struct llc_addr *laddr) | ||
| 515 | { | ||
| 516 | struct sock *sk; | ||
| 517 | |||
| 518 | local_bh_disable(); | ||
| 519 | sk = __llc_lookup_established(sap, daddr, laddr); | ||
| 520 | local_bh_enable(); | ||
| 521 | return sk; | ||
| 522 | } | ||
| 523 | |||
| 511 | /** | 524 | /** |
| 512 | * llc_lookup_listener - Finds listener for local MAC + SAP | 525 | * llc_lookup_listener - Finds listener for local MAC + SAP |
| 513 | * @sap: SAP | 526 | * @sap: SAP |
| @@ -516,6 +529,7 @@ found: | |||
| 516 | * Search connection list of the SAP and finds connection listening on | 529 | * Search connection list of the SAP and finds connection listening on |
| 517 | * local mac, and local sap. Returns pointer for parent socket found, | 530 | * local mac, and local sap. Returns pointer for parent socket found, |
| 518 | * %NULL otherwise. | 531 | * %NULL otherwise. |
| 532 | * Caller has to make sure local_bh is disabled. | ||
| 519 | */ | 533 | */ |
| 520 | static struct sock *llc_lookup_listener(struct llc_sap *sap, | 534 | static struct sock *llc_lookup_listener(struct llc_sap *sap, |
| 521 | struct llc_addr *laddr) | 535 | struct llc_addr *laddr) |
| @@ -523,7 +537,7 @@ static struct sock *llc_lookup_listener(struct llc_sap *sap, | |||
| 523 | struct sock *rc; | 537 | struct sock *rc; |
| 524 | struct hlist_node *node; | 538 | struct hlist_node *node; |
| 525 | 539 | ||
| 526 | read_lock_bh(&sap->sk_list.lock); | 540 | read_lock(&sap->sk_list.lock); |
| 527 | sk_for_each(rc, node, &sap->sk_list.list) { | 541 | sk_for_each(rc, node, &sap->sk_list.list) { |
| 528 | struct llc_sock *llc = llc_sk(rc); | 542 | struct llc_sock *llc = llc_sk(rc); |
| 529 | 543 | ||
| @@ -537,10 +551,19 @@ static struct sock *llc_lookup_listener(struct llc_sap *sap, | |||
| 537 | } | 551 | } |
| 538 | rc = NULL; | 552 | rc = NULL; |
| 539 | found: | 553 | found: |
| 540 | read_unlock_bh(&sap->sk_list.lock); | 554 | read_unlock(&sap->sk_list.lock); |
| 541 | return rc; | 555 | return rc; |
| 542 | } | 556 | } |
| 543 | 557 | ||
| 558 | static struct sock *__llc_lookup(struct llc_sap *sap, | ||
| 559 | struct llc_addr *daddr, | ||
| 560 | struct llc_addr *laddr) | ||
| 561 | { | ||
| 562 | struct sock *sk = __llc_lookup_established(sap, daddr, laddr); | ||
| 563 | |||
| 564 | return sk ? : llc_lookup_listener(sap, laddr); | ||
| 565 | } | ||
| 566 | |||
| 544 | /** | 567 | /** |
| 545 | * llc_data_accept_state - designates if in this state data can be sent. | 568 | * llc_data_accept_state - designates if in this state data can be sent. |
| 546 | * @state: state of connection. | 569 | * @state: state of connection. |
| @@ -666,15 +689,34 @@ void llc_sap_remove_socket(struct llc_sap *sap, struct sock *sk) | |||
| 666 | static int llc_conn_rcv(struct sock* sk, struct sk_buff *skb) | 689 | static int llc_conn_rcv(struct sock* sk, struct sk_buff *skb) |
| 667 | { | 690 | { |
| 668 | struct llc_conn_state_ev *ev = llc_conn_ev(skb); | 691 | struct llc_conn_state_ev *ev = llc_conn_ev(skb); |
| 669 | struct llc_sock *llc = llc_sk(sk); | ||
| 670 | 692 | ||
| 671 | if (!llc->dev) | ||
| 672 | llc->dev = skb->dev; | ||
| 673 | ev->type = LLC_CONN_EV_TYPE_PDU; | 693 | ev->type = LLC_CONN_EV_TYPE_PDU; |
| 674 | ev->reason = 0; | 694 | ev->reason = 0; |
| 675 | return llc_conn_state_process(sk, skb); | 695 | return llc_conn_state_process(sk, skb); |
| 676 | } | 696 | } |
| 677 | 697 | ||
| 698 | static struct sock *llc_create_incoming_sock(struct sock *sk, | ||
| 699 | struct net_device *dev, | ||
| 700 | struct llc_addr *saddr, | ||
| 701 | struct llc_addr *daddr) | ||
| 702 | { | ||
| 703 | struct sock *newsk = llc_sk_alloc(sk->sk_family, GFP_ATOMIC, | ||
| 704 | sk->sk_prot); | ||
| 705 | struct llc_sock *newllc, *llc = llc_sk(sk); | ||
| 706 | |||
| 707 | if (!newsk) | ||
| 708 | goto out; | ||
| 709 | newllc = llc_sk(newsk); | ||
| 710 | memcpy(&newllc->laddr, daddr, sizeof(newllc->laddr)); | ||
| 711 | memcpy(&newllc->daddr, saddr, sizeof(newllc->daddr)); | ||
| 712 | newllc->dev = dev; | ||
| 713 | dev_hold(dev); | ||
| 714 | llc_sap_add_socket(llc->sap, newsk); | ||
| 715 | llc_sap_hold(llc->sap); | ||
| 716 | out: | ||
| 717 | return newsk; | ||
| 718 | } | ||
| 719 | |||
| 678 | void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb) | 720 | void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb) |
| 679 | { | 721 | { |
| 680 | struct llc_addr saddr, daddr; | 722 | struct llc_addr saddr, daddr; |
| @@ -685,34 +727,35 @@ void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb) | |||
| 685 | llc_pdu_decode_da(skb, daddr.mac); | 727 | llc_pdu_decode_da(skb, daddr.mac); |
| 686 | llc_pdu_decode_dsap(skb, &daddr.lsap); | 728 | llc_pdu_decode_dsap(skb, &daddr.lsap); |
| 687 | 729 | ||
| 688 | sk = llc_lookup_established(sap, &saddr, &daddr); | 730 | sk = __llc_lookup(sap, &saddr, &daddr); |
| 689 | if (!sk) { | 731 | if (!sk) |
| 732 | goto drop; | ||
| 733 | |||
| 734 | bh_lock_sock(sk); | ||
| 735 | /* | ||
| 736 | * This has to be done here and not at the upper layer ->accept | ||
| 737 | * method because of the way the PROCOM state machine works: | ||
| 738 | * it needs to set several state variables (see, for instance, | ||
| 739 | * llc_adm_actions_2 in net/llc/llc_c_st.c) and send a packet to | ||
| 740 | * the originator of the new connection, and this state has to be | ||
| 741 | * in the newly created struct sock private area. -acme | ||
| 742 | */ | ||
| 743 | if (unlikely(sk->sk_state == TCP_LISTEN)) { | ||
| 744 | struct sock *newsk = llc_create_incoming_sock(sk, skb->dev, | ||
| 745 | &saddr, &daddr); | ||
| 746 | if (!newsk) | ||
| 747 | goto drop_unlock; | ||
| 748 | skb_set_owner_r(skb, newsk); | ||
| 749 | } else { | ||
| 690 | /* | 750 | /* |
| 691 | * Didn't find an active connection; verify if there | 751 | * Can't be skb_set_owner_r, this will be done at the |
| 692 | * is a listening socket for this llc addr | 752 | * llc_conn_state_process function, later on, when we will use |
| 753 | * skb_queue_rcv_skb to send it to upper layers, this is | ||
| 754 | * another trick required to cope with how the PROCOM state | ||
| 755 | * machine works. -acme | ||
| 693 | */ | 756 | */ |
| 694 | struct llc_sock *llc; | 757 | skb->sk = sk; |
| 695 | struct sock *parent = llc_lookup_listener(sap, &daddr); | ||
| 696 | |||
| 697 | if (!parent) { | ||
| 698 | dprintk("llc_lookup_listener failed!\n"); | ||
| 699 | goto drop; | ||
| 700 | } | ||
| 701 | |||
| 702 | sk = llc_sk_alloc(parent->sk_family, GFP_ATOMIC, parent->sk_prot); | ||
| 703 | if (!sk) { | ||
| 704 | sock_put(parent); | ||
| 705 | goto drop; | ||
| 706 | } | ||
| 707 | llc = llc_sk(sk); | ||
| 708 | memcpy(&llc->laddr, &daddr, sizeof(llc->laddr)); | ||
| 709 | memcpy(&llc->daddr, &saddr, sizeof(llc->daddr)); | ||
| 710 | llc_sap_add_socket(sap, sk); | ||
| 711 | sock_hold(sk); | ||
| 712 | skb_set_owner_r(skb, parent); | ||
| 713 | sock_put(parent); | ||
| 714 | } | 758 | } |
| 715 | bh_lock_sock(sk); | ||
| 716 | if (!sock_owned_by_user(sk)) | 759 | if (!sock_owned_by_user(sk)) |
| 717 | llc_conn_rcv(sk, skb); | 760 | llc_conn_rcv(sk, skb); |
| 718 | else { | 761 | else { |
| @@ -720,11 +763,16 @@ void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb) | |||
| 720 | llc_set_backlog_type(skb, LLC_PACKET); | 763 | llc_set_backlog_type(skb, LLC_PACKET); |
| 721 | sk_add_backlog(sk, skb); | 764 | sk_add_backlog(sk, skb); |
| 722 | } | 765 | } |
| 766 | out: | ||
| 723 | bh_unlock_sock(sk); | 767 | bh_unlock_sock(sk); |
| 724 | sock_put(sk); | 768 | sock_put(sk); |
| 725 | return; | 769 | return; |
| 726 | drop: | 770 | drop: |
| 727 | kfree_skb(skb); | 771 | kfree_skb(skb); |
| 772 | return; | ||
| 773 | drop_unlock: | ||
| 774 | kfree_skb(skb); | ||
| 775 | goto out; | ||
| 728 | } | 776 | } |
| 729 | 777 | ||
| 730 | #undef LLC_REFCNT_DEBUG | 778 | #undef LLC_REFCNT_DEBUG |