aboutsummaryrefslogtreecommitdiffstats
path: root/net/rxrpc/ar-accept.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2007-04-26 18:48:28 -0400
committerDavid S. Miller <davem@davemloft.net>2007-04-26 18:48:28 -0400
commit17926a79320afa9b95df6b977b40cca6d8713cea (patch)
tree5cedff43b69520ad17b86783d3752053686ec99c /net/rxrpc/ar-accept.c
parente19dff1fdd99a25819af74cf0710e147fff4fd3a (diff)
[AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both
Provide AF_RXRPC sockets that can be used to talk to AFS servers, or serve answers to AFS clients. KerberosIV security is fully supported. The patches and some example test programs can be found in: http://people.redhat.com/~dhowells/rxrpc/ This will eventually replace the old implementation of kernel-only RxRPC currently resident in net/rxrpc/. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/rxrpc/ar-accept.c')
-rw-r--r--net/rxrpc/ar-accept.c399
1 files changed, 399 insertions, 0 deletions
diff --git a/net/rxrpc/ar-accept.c b/net/rxrpc/ar-accept.c
new file mode 100644
index 000000000000..e7af780cd6f9
--- /dev/null
+++ b/net/rxrpc/ar-accept.c
@@ -0,0 +1,399 @@
1/* incoming call handling
2 *
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12#include <linux/module.h>
13#include <linux/net.h>
14#include <linux/skbuff.h>
15#include <linux/errqueue.h>
16#include <linux/udp.h>
17#include <linux/in.h>
18#include <linux/in6.h>
19#include <linux/icmp.h>
20#include <net/sock.h>
21#include <net/af_rxrpc.h>
22#include <net/ip.h>
23#include "ar-internal.h"
24
25/*
26 * generate a connection-level abort
27 */
28static int rxrpc_busy(struct rxrpc_local *local, struct sockaddr_rxrpc *srx,
29 struct rxrpc_header *hdr)
30{
31 struct msghdr msg;
32 struct kvec iov[1];
33 size_t len;
34 int ret;
35
36 _enter("%d,,", local->debug_id);
37
38 msg.msg_name = &srx->transport.sin;
39 msg.msg_namelen = sizeof(srx->transport.sin);
40 msg.msg_control = NULL;
41 msg.msg_controllen = 0;
42 msg.msg_flags = 0;
43
44 hdr->seq = 0;
45 hdr->type = RXRPC_PACKET_TYPE_BUSY;
46 hdr->flags = 0;
47 hdr->userStatus = 0;
48 hdr->_rsvd = 0;
49
50 iov[0].iov_base = hdr;
51 iov[0].iov_len = sizeof(*hdr);
52
53 len = iov[0].iov_len;
54
55 hdr->serial = htonl(1);
56 _proto("Tx BUSY %%%u", ntohl(hdr->serial));
57
58 ret = kernel_sendmsg(local->socket, &msg, iov, 1, len);
59 if (ret < 0) {
60 _leave(" = -EAGAIN [sendmsg failed: %d]", ret);
61 return -EAGAIN;
62 }
63
64 _leave(" = 0");
65 return 0;
66}
67
68/*
69 * accept an incoming call that needs peer, transport and/or connection setting
70 * up
71 */
72static int rxrpc_accept_incoming_call(struct rxrpc_local *local,
73 struct rxrpc_sock *rx,
74 struct sk_buff *skb,
75 struct sockaddr_rxrpc *srx)
76{
77 struct rxrpc_connection *conn;
78 struct rxrpc_transport *trans;
79 struct rxrpc_skb_priv *sp, *nsp;
80 struct rxrpc_peer *peer;
81 struct rxrpc_call *call;
82 struct sk_buff *notification;
83 int ret;
84
85 _enter("");
86
87 sp = rxrpc_skb(skb);
88
89 /* get a notification message to send to the server app */
90 notification = alloc_skb(0, GFP_NOFS);
91 rxrpc_new_skb(notification);
92 notification->mark = RXRPC_SKB_MARK_NEW_CALL;
93
94 peer = rxrpc_get_peer(srx, GFP_NOIO);
95 if (IS_ERR(peer)) {
96 _debug("no peer");
97 ret = -EBUSY;
98 goto error;
99 }
100
101 trans = rxrpc_get_transport(local, peer, GFP_NOIO);
102 rxrpc_put_peer(peer);
103 if (!trans) {
104 _debug("no trans");
105 ret = -EBUSY;
106 goto error;
107 }
108
109 conn = rxrpc_incoming_connection(trans, &sp->hdr, GFP_NOIO);
110 rxrpc_put_transport(trans);
111 if (IS_ERR(conn)) {
112 _debug("no conn");
113 ret = PTR_ERR(conn);
114 goto error;
115 }
116
117 call = rxrpc_incoming_call(rx, conn, &sp->hdr, GFP_NOIO);
118 rxrpc_put_connection(conn);
119 if (IS_ERR(call)) {
120 _debug("no call");
121 ret = PTR_ERR(call);
122 goto error;
123 }
124
125 /* attach the call to the socket */
126 read_lock_bh(&local->services_lock);
127 if (rx->sk.sk_state == RXRPC_CLOSE)
128 goto invalid_service;
129
130 write_lock(&rx->call_lock);
131 if (!test_and_set_bit(RXRPC_CALL_INIT_ACCEPT, &call->flags)) {
132 rxrpc_get_call(call);
133
134 spin_lock(&call->conn->state_lock);
135 if (sp->hdr.securityIndex > 0 &&
136 call->conn->state == RXRPC_CONN_SERVER_UNSECURED) {
137 _debug("await conn sec");
138 list_add_tail(&call->accept_link, &rx->secureq);
139 call->conn->state = RXRPC_CONN_SERVER_CHALLENGING;
140 atomic_inc(&call->conn->usage);
141 set_bit(RXRPC_CONN_CHALLENGE, &call->conn->events);
142 schedule_work(&call->conn->processor);
143 } else {
144 _debug("conn ready");
145 call->state = RXRPC_CALL_SERVER_ACCEPTING;
146 list_add_tail(&call->accept_link, &rx->acceptq);
147 rxrpc_get_call(call);
148 nsp = rxrpc_skb(notification);
149 nsp->call = call;
150
151 ASSERTCMP(atomic_read(&call->usage), >=, 3);
152
153 _debug("notify");
154 spin_lock(&call->lock);
155 ret = rxrpc_queue_rcv_skb(call, notification, true,
156 false);
157 spin_unlock(&call->lock);
158 notification = NULL;
159 if (ret < 0)
160 BUG();
161 }
162 spin_unlock(&call->conn->state_lock);
163
164 _debug("queued");
165 }
166 write_unlock(&rx->call_lock);
167
168 _debug("process");
169 rxrpc_fast_process_packet(call, skb);
170
171 _debug("done");
172 read_unlock_bh(&local->services_lock);
173 rxrpc_free_skb(notification);
174 rxrpc_put_call(call);
175 _leave(" = 0");
176 return 0;
177
178invalid_service:
179 _debug("invalid");
180 read_unlock_bh(&local->services_lock);
181
182 read_lock_bh(&call->state_lock);
183 if (!test_bit(RXRPC_CALL_RELEASE, &call->flags) &&
184 !test_and_set_bit(RXRPC_CALL_RELEASE, &call->events)) {
185 rxrpc_get_call(call);
186 schedule_work(&call->processor);
187 }
188 read_unlock_bh(&call->state_lock);
189 rxrpc_put_call(call);
190 ret = -ECONNREFUSED;
191error:
192 rxrpc_free_skb(notification);
193 _leave(" = %d", ret);
194 return ret;
195}
196
197/*
198 * accept incoming calls that need peer, transport and/or connection setting up
199 * - the packets we get are all incoming client DATA packets that have seq == 1
200 */
201void rxrpc_accept_incoming_calls(struct work_struct *work)
202{
203 struct rxrpc_local *local =
204 container_of(work, struct rxrpc_local, acceptor);
205 struct rxrpc_skb_priv *sp;
206 struct sockaddr_rxrpc srx;
207 struct rxrpc_sock *rx;
208 struct sk_buff *skb;
209 __be16 service_id;
210 int ret;
211
212 _enter("%d", local->debug_id);
213
214 read_lock_bh(&rxrpc_local_lock);
215 if (atomic_read(&local->usage) > 0)
216 rxrpc_get_local(local);
217 else
218 local = NULL;
219 read_unlock_bh(&rxrpc_local_lock);
220 if (!local) {
221 _leave(" [local dead]");
222 return;
223 }
224
225process_next_packet:
226 skb = skb_dequeue(&local->accept_queue);
227 if (!skb) {
228 rxrpc_put_local(local);
229 _leave("\n");
230 return;
231 }
232
233 _net("incoming call skb %p", skb);
234
235 sp = rxrpc_skb(skb);
236
237 /* determine the remote address */
238 memset(&srx, 0, sizeof(srx));
239 srx.srx_family = AF_RXRPC;
240 srx.transport.family = local->srx.transport.family;
241 srx.transport_type = local->srx.transport_type;
242 switch (srx.transport.family) {
243 case AF_INET:
244 srx.transport_len = sizeof(struct sockaddr_in);
245 srx.transport.sin.sin_port = udp_hdr(skb)->source;
246 srx.transport.sin.sin_addr.s_addr = ip_hdr(skb)->saddr;
247 break;
248 default:
249 goto busy;
250 }
251
252 /* get the socket providing the service */
253 service_id = sp->hdr.serviceId;
254 read_lock_bh(&local->services_lock);
255 list_for_each_entry(rx, &local->services, listen_link) {
256 if (rx->service_id == service_id &&
257 rx->sk.sk_state != RXRPC_CLOSE)
258 goto found_service;
259 }
260 read_unlock_bh(&local->services_lock);
261 goto invalid_service;
262
263found_service:
264 _debug("found service %hd", ntohs(rx->service_id));
265 if (sk_acceptq_is_full(&rx->sk))
266 goto backlog_full;
267 sk_acceptq_added(&rx->sk);
268 sock_hold(&rx->sk);
269 read_unlock_bh(&local->services_lock);
270
271 ret = rxrpc_accept_incoming_call(local, rx, skb, &srx);
272 if (ret < 0)
273 sk_acceptq_removed(&rx->sk);
274 sock_put(&rx->sk);
275 switch (ret) {
276 case -ECONNRESET: /* old calls are ignored */
277 case -ECONNABORTED: /* aborted calls are reaborted or ignored */
278 case 0:
279 goto process_next_packet;
280 case -ECONNREFUSED:
281 goto invalid_service;
282 case -EBUSY:
283 goto busy;
284 case -EKEYREJECTED:
285 goto security_mismatch;
286 default:
287 BUG();
288 }
289
290backlog_full:
291 read_unlock_bh(&local->services_lock);
292busy:
293 rxrpc_busy(local, &srx, &sp->hdr);
294 rxrpc_free_skb(skb);
295 goto process_next_packet;
296
297invalid_service:
298 skb->priority = RX_INVALID_OPERATION;
299 rxrpc_reject_packet(local, skb);
300 goto process_next_packet;
301
302 /* can't change connection security type mid-flow */
303security_mismatch:
304 skb->priority = RX_PROTOCOL_ERROR;
305 rxrpc_reject_packet(local, skb);
306 goto process_next_packet;
307}
308
309/*
310 * handle acceptance of a call by userspace
311 * - assign the user call ID to the call at the front of the queue
312 */
313int rxrpc_accept_call(struct rxrpc_sock *rx, unsigned long user_call_ID)
314{
315 struct rxrpc_call *call;
316 struct rb_node *parent, **pp;
317 int ret;
318
319 _enter(",%lx", user_call_ID);
320
321 ASSERT(!irqs_disabled());
322
323 write_lock(&rx->call_lock);
324
325 ret = -ENODATA;
326 if (list_empty(&rx->acceptq))
327 goto out;
328
329 /* check the user ID isn't already in use */
330 ret = -EBADSLT;
331 pp = &rx->calls.rb_node;
332 parent = NULL;
333 while (*pp) {
334 parent = *pp;
335 call = rb_entry(parent, struct rxrpc_call, sock_node);
336
337 if (user_call_ID < call->user_call_ID)
338 pp = &(*pp)->rb_left;
339 else if (user_call_ID > call->user_call_ID)
340 pp = &(*pp)->rb_right;
341 else
342 goto out;
343 }
344
345 /* dequeue the first call and check it's still valid */
346 call = list_entry(rx->acceptq.next, struct rxrpc_call, accept_link);
347 list_del_init(&call->accept_link);
348 sk_acceptq_removed(&rx->sk);
349
350 write_lock_bh(&call->state_lock);
351 switch (call->state) {
352 case RXRPC_CALL_SERVER_ACCEPTING:
353 call->state = RXRPC_CALL_SERVER_RECV_REQUEST;
354 break;
355 case RXRPC_CALL_REMOTELY_ABORTED:
356 case RXRPC_CALL_LOCALLY_ABORTED:
357 ret = -ECONNABORTED;
358 goto out_release;
359 case RXRPC_CALL_NETWORK_ERROR:
360 ret = call->conn->error;
361 goto out_release;
362 case RXRPC_CALL_DEAD:
363 ret = -ETIME;
364 goto out_discard;
365 default:
366 BUG();
367 }
368
369 /* formalise the acceptance */
370 call->user_call_ID = user_call_ID;
371 rb_link_node(&call->sock_node, parent, pp);
372 rb_insert_color(&call->sock_node, &rx->calls);
373 if (test_and_set_bit(RXRPC_CALL_HAS_USERID, &call->flags))
374 BUG();
375 if (test_and_set_bit(RXRPC_CALL_ACCEPTED, &call->events))
376 BUG();
377 schedule_work(&call->processor);
378
379 write_unlock_bh(&call->state_lock);
380 write_unlock(&rx->call_lock);
381 _leave(" = 0");
382 return 0;
383
384 /* if the call is already dying or dead, then we leave the socket's ref
385 * on it to be released by rxrpc_dead_call_expired() as induced by
386 * rxrpc_release_call() */
387out_release:
388 _debug("release %p", call);
389 if (!test_bit(RXRPC_CALL_RELEASED, &call->flags) &&
390 !test_and_set_bit(RXRPC_CALL_RELEASE, &call->events))
391 schedule_work(&call->processor);
392out_discard:
393 write_unlock_bh(&call->state_lock);
394 _debug("discard %p", call);
395out:
396 write_unlock(&rx->call_lock);
397 _leave(" = %d", ret);
398 return ret;
399}
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-19 21:43:00 -0500