]> Git Repo - linux.git/blame - net/rxrpc/input.c
projects / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
rxrpc: Add config to inject packet loss
[linux.git] / net / rxrpc / input.c
CommitLineData
17926a79
DH		 1/* RxRPC packet reception
2 *
248f219c 3 * Copyright (C) 2007, 2016 Red Hat, Inc. All Rights Reserved.
17926a79
DH		 4 * Written by David Howells ([email protected])
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
9b6d5398
JP		 12#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13
17926a79
DH		 14#include <linux/module.h>
15#include <linux/net.h>
16#include <linux/skbuff.h>
17#include <linux/errqueue.h>
18#include <linux/udp.h>
19#include <linux/in.h>
20#include <linux/in6.h>
21#include <linux/icmp.h>
5a0e3ad6 22#include <linux/gfp.h>
17926a79
DH		 23#include <net/sock.h>
24#include <net/af_rxrpc.h>
25#include <net/ip.h>
1781f7f5 26#include <net/udp.h>
0283328e 27#include <net/net_namespace.h>
17926a79
DH		 28#include "ar-internal.h"
29
248f219c
DH		 30static void rxrpc_proto_abort(const char *why,
31 struct rxrpc_call *call, rxrpc_seq_t seq)
32{
33 if (rxrpc_abort_call(why, call, seq, RX_PROTOCOL_ERROR, EBADMSG)) {
34 set_bit(RXRPC_CALL_EV_ABORT, &call->events);
35 rxrpc_queue_call(call);
36 }
37}
38
17926a79 39/*
248f219c 40 * Apply a hard ACK by advancing the Tx window.
17926a79 41 */
248f219c 42static void rxrpc_rotate_tx_window(struct rxrpc_call *call, rxrpc_seq_t to)
17926a79 43{
248f219c
DH		 44 struct sk_buff *skb, *list = NULL;
45 int ix;
17926a79 46
248f219c 47 spin_lock(&call->lock);
17926a79 48
248f219c
DH		 49 while (before(call->tx_hard_ack, to)) {
50 call->tx_hard_ack++;
51 ix = call->tx_hard_ack & RXRPC_RXTX_BUFF_MASK;
52 skb = call->rxtx_buffer[ix];
71f3ca40 53 rxrpc_see_skb(skb, rxrpc_skb_tx_rotated);
248f219c
DH		 54 call->rxtx_buffer[ix] = NULL;
55 call->rxtx_annotations[ix] = 0;
56 skb->next = list;
57 list = skb;
58 }
17926a79 59
248f219c 60 spin_unlock(&call->lock);
17926a79 61
a124fe3e 62 trace_rxrpc_transmit(call, rxrpc_transmit_rotate);
bc4abfcf
DH		 63 wake_up(&call->waitq);
64
248f219c
DH		 65 while (list) {
66 skb = list;
67 list = skb->next;
68 skb->next = NULL;
71f3ca40 69 rxrpc_free_skb(skb, rxrpc_skb_tx_freed);
17926a79 70 }
248f219c 71}
17926a79 72
248f219c
DH		 73/*
74 * End the transmission phase of a call.
75 *
76 * This occurs when we get an ACKALL packet, the first DATA packet of a reply,
77 * or a final ACK packet.
78 */
79static bool rxrpc_end_tx_phase(struct rxrpc_call *call, const char *abort_why)
80{
81 _enter("");
17926a79 82
248f219c
DH		 83 switch (call->state) {
84 case RXRPC_CALL_CLIENT_RECV_REPLY:
85 return true;
86 case RXRPC_CALL_CLIENT_AWAIT_REPLY:
87 case RXRPC_CALL_SERVER_AWAIT_ACK:
88 break;
89 default:
90 rxrpc_proto_abort(abort_why, call, call->tx_top);
91 return false;
17926a79
DH		 92 }
93
248f219c 94 rxrpc_rotate_tx_window(call, call->tx_top);
17926a79 95
248f219c 96 write_lock(&call->state_lock);
651350d1 97
248f219c
DH		 98 switch (call->state) {
99 default:
100 break;
101 case RXRPC_CALL_CLIENT_AWAIT_REPLY:
71f3ca40 102 call->tx_phase = false;
248f219c
DH		 103 call->state = RXRPC_CALL_CLIENT_RECV_REPLY;
104 break;
105 case RXRPC_CALL_SERVER_AWAIT_ACK:
106 __rxrpc_call_completed(call);
107 rxrpc_notify_socket(call);
108 break;
17926a79 109 }
17926a79 110
248f219c 111 write_unlock(&call->state_lock);
a124fe3e 112 trace_rxrpc_transmit(call, rxrpc_transmit_end);
248f219c
DH		 113 _leave(" = ok");
114 return true;
115}
116
117/*
118 * Scan a jumbo packet to validate its structure and to work out how many
119 * subpackets it contains.
120 *
121 * A jumbo packet is a collection of consecutive packets glued together with
122 * little headers between that indicate how to change the initial header for
123 * each subpacket.
124 *
125 * RXRPC_JUMBO_PACKET must be set on all but the last subpacket - and all but
126 * the last are RXRPC_JUMBO_DATALEN in size. The last subpacket may be of any
127 * size.
128 */
129static bool rxrpc_validate_jumbo(struct sk_buff *skb)
130{
131 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
132 unsigned int offset = sp->offset;
89a80ed4 133 unsigned int len = skb->len;
248f219c
DH		 134 int nr_jumbo = 1;
135 u8 flags = sp->hdr.flags;
136
137 do {
138 nr_jumbo++;
139 if (len - offset < RXRPC_JUMBO_SUBPKTLEN)
140 goto protocol_error;
141 if (flags & RXRPC_LAST_PACKET)
142 goto protocol_error;
143 offset += RXRPC_JUMBO_DATALEN;
144 if (skb_copy_bits(skb, offset, &flags, 1) < 0)
145 goto protocol_error;
146 offset += sizeof(struct rxrpc_jumbo_header);
147 } while (flags & RXRPC_JUMBO_PACKET);
148
149 sp->nr_jumbo = nr_jumbo;
150 return true;
17926a79 151
248f219c
DH		 152protocol_error:
153 return false;
17926a79
DH		 154}
155
156/*
248f219c
DH		 157 * Handle reception of a duplicate packet.
158 *
159 * We have to take care to avoid an attack here whereby we're given a series of
160 * jumbograms, each with a sequence number one before the preceding one and
161 * filled up to maximum UDP size. If they never send us the first packet in
162 * the sequence, they can cause us to have to hold on to around 2MiB of kernel
163 * space until the call times out.
164 *
165 * We limit the space usage by only accepting three duplicate jumbo packets per
166 * call. After that, we tell the other side we're no longer accepting jumbos
167 * (that information is encoded in the ACK packet).
17926a79 168 */
248f219c 169static void rxrpc_input_dup_data(struct rxrpc_call *call, rxrpc_seq_t seq,
75e42126 170 u8 annotation, bool *_jumbo_bad)
17926a79 171{
248f219c
DH		 172 /* Discard normal packets that are duplicates. */
173 if (annotation == 0)
174 return;
17926a79 175
248f219c
DH		 176 /* Skip jumbo subpackets that are duplicates. When we've had three or
177 * more partially duplicate jumbo packets, we refuse to take any more
178 * jumbos for this call.
179 */
75e42126
DH		 180 if (!*_jumbo_bad) {
181 call->nr_jumbo_bad++;
182 *_jumbo_bad = true;
248f219c
DH		 183 }
184}
17926a79 185
248f219c
DH		 186/*
187 * Process a DATA packet, adding the packet to the Rx ring.
188 */
189static void rxrpc_input_data(struct rxrpc_call *call, struct sk_buff *skb,
190 u16 skew)
191{
192 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
193 unsigned int offset = sp->offset;
194 unsigned int ix;
195 rxrpc_serial_t serial = sp->hdr.serial, ack_serial = 0;
196 rxrpc_seq_t seq = sp->hdr.seq, hard_ack;
75e42126 197 bool immediate_ack = false, jumbo_bad = false, queued;
248f219c
DH		 198 u16 len;
199 u8 ack = 0, flags, annotation = 0;
17926a79 200
248f219c 201 _enter("{%u,%u},{%u,%u}",
89a80ed4 202 call->rx_hard_ack, call->rx_top, skb->len, seq);
17926a79 203
248f219c
DH		 204 _proto("Rx DATA %%%u { #%u f=%02x }",
205 sp->hdr.serial, seq, sp->hdr.flags);
17926a79 206
248f219c
DH		 207 if (call->state >= RXRPC_CALL_COMPLETE)
208 return;
17926a79 209
248f219c
DH		 210 /* Received data implicitly ACKs all of the request packets we sent
211 * when we're acting as a client.
212 */
213 if (call->state == RXRPC_CALL_CLIENT_AWAIT_REPLY &&
214 !rxrpc_end_tx_phase(call, "ETD"))
215 return;
17926a79 216
248f219c 217 call->ackr_prev_seq = seq;
17926a79 218
248f219c
DH		 219 hard_ack = READ_ONCE(call->rx_hard_ack);
220 if (after(seq, hard_ack + call->rx_winsize)) {
17926a79 221 ack = RXRPC_ACK_EXCEEDS_WINDOW;
248f219c
DH		 222 ack_serial = serial;
223 goto ack;
17926a79
DH		 224 }
225
248f219c
DH		 226 flags = sp->hdr.flags;
227 if (flags & RXRPC_JUMBO_PACKET) {
75e42126 228 if (call->nr_jumbo_bad > 3) {
248f219c
DH		 229 ack = RXRPC_ACK_NOSPACE;
230 ack_serial = serial;
231 goto ack;
17926a79 232 }
248f219c 233 annotation = 1;
17926a79
DH		 234 }
235
248f219c
DH		 236next_subpacket:
237 queued = false;
238 ix = seq & RXRPC_RXTX_BUFF_MASK;
89a80ed4 239 len = skb->len;
248f219c
DH		 240 if (flags & RXRPC_JUMBO_PACKET)
241 len = RXRPC_JUMBO_DATALEN;
242
243 if (flags & RXRPC_LAST_PACKET) {
816c9fce 244 if (test_bit(RXRPC_CALL_RX_LAST, &call->flags) &&
248f219c
DH		 245 seq != call->rx_top)
246 return rxrpc_proto_abort("LSN", call, seq);
247 } else {
248 if (test_bit(RXRPC_CALL_RX_LAST, &call->flags) &&
249 after_eq(seq, call->rx_top))
250 return rxrpc_proto_abort("LSA", call, seq);
17926a79
DH		 251 }
252
248f219c
DH		 253 if (before_eq(seq, hard_ack)) {
254 ack = RXRPC_ACK_DUPLICATE;
255 ack_serial = serial;
256 goto skip;
257 }
258
259 if (flags & RXRPC_REQUEST_ACK && !ack) {
260 ack = RXRPC_ACK_REQUESTED;
261 ack_serial = serial;
262 }
263
264 if (call->rxtx_buffer[ix]) {
75e42126 265 rxrpc_input_dup_data(call, seq, annotation, &jumbo_bad);
248f219c
DH		 266 if (ack != RXRPC_ACK_DUPLICATE) {
267 ack = RXRPC_ACK_DUPLICATE;
268 ack_serial = serial;
17926a79 269 }
248f219c
DH		 270 immediate_ack = true;
271 goto skip;
17926a79
DH		 272 }
273
248f219c
DH		 274 /* Queue the packet. We use a couple of memory barriers here as need
275 * to make sure that rx_top is perceived to be set after the buffer
276 * pointer and that the buffer pointer is set after the annotation and
277 * the skb data.
278 *
279 * Barriers against rxrpc_recvmsg_data() and rxrpc_rotate_rx_window()
280 * and also rxrpc_fill_out_ack().
281 */
71f3ca40 282 rxrpc_get_skb(skb, rxrpc_skb_rx_got);
248f219c
DH		 283 call->rxtx_annotations[ix] = annotation;
284 smp_wmb();
285 call->rxtx_buffer[ix] = skb;
286 if (after(seq, call->rx_top))
287 smp_store_release(&call->rx_top, seq);
58dc63c9 288 if (flags & RXRPC_LAST_PACKET) {
816c9fce 289 set_bit(RXRPC_CALL_RX_LAST, &call->flags);
58dc63c9
DH		 290 trace_rxrpc_receive(call, rxrpc_receive_queue_last, serial, seq);
291 } else {
292 trace_rxrpc_receive(call, rxrpc_receive_queue, serial, seq);
293 }
248f219c
DH		 294 queued = true;
295
296 if (after_eq(seq, call->rx_expect_next)) {
297 if (after(seq, call->rx_expect_next)) {
298 _net("OOS %u > %u", seq, call->rx_expect_next);
299 ack = RXRPC_ACK_OUT_OF_SEQUENCE;
300 ack_serial = serial;
301 }
302 call->rx_expect_next = seq + 1;
17926a79
DH		 303 }
304
248f219c
DH		 305skip:
306 offset += len;
307 if (flags & RXRPC_JUMBO_PACKET) {
308 if (skb_copy_bits(skb, offset, &flags, 1) < 0)
309 return rxrpc_proto_abort("XJF", call, seq);
310 offset += sizeof(struct rxrpc_jumbo_header);
311 seq++;
312 serial++;
313 annotation++;
314 if (flags & RXRPC_JUMBO_PACKET)
315 annotation |= RXRPC_RX_ANNO_JLAST;
75e42126
DH		 316 if (after(seq, hard_ack + call->rx_winsize)) {
317 ack = RXRPC_ACK_EXCEEDS_WINDOW;
318 ack_serial = serial;
319 if (!jumbo_bad) {
320 call->nr_jumbo_bad++;
321 jumbo_bad = true;
322 }
323 goto ack;
324 }
248f219c
DH		 325
326 _proto("Rx DATA Jumbo %%%u", serial);
327 goto next_subpacket;
328 }
17926a79 329
248f219c
DH		 330 if (queued && flags & RXRPC_LAST_PACKET && !ack) {
331 ack = RXRPC_ACK_DELAY;
332 ack_serial = serial;
333 }
17926a79 334
248f219c
DH		 335ack:
336 if (ack)
337 rxrpc_propose_ACK(call, ack, skew, ack_serial,
338 immediate_ack, true);
17926a79 339
248f219c
DH		 340 if (sp->hdr.seq == READ_ONCE(call->rx_hard_ack) + 1)
341 rxrpc_notify_socket(call);
342 _leave(" [queued]");
17926a79
DH		 343}
344
345/*
248f219c 346 * Process the extra information that may be appended to an ACK packet
17926a79 347 */
248f219c
DH		 348static void rxrpc_input_ackinfo(struct rxrpc_call *call, struct sk_buff *skb,
349 struct rxrpc_ackinfo *ackinfo)
17926a79 350{
248f219c
DH		 351 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
352 struct rxrpc_peer *peer;
353 unsigned int mtu;
01fd0742 354 u32 rwind = ntohl(ackinfo->rwind);
248f219c
DH		 355
356 _proto("Rx ACK %%%u Info { rx=%u max=%u rwin=%u jm=%u }",
357 sp->hdr.serial,
358 ntohl(ackinfo->rxMTU), ntohl(ackinfo->maxMTU),
01fd0742 359 rwind, ntohl(ackinfo->jumbo_max));
248f219c 360
01fd0742
DH		 361 if (rwind > RXRPC_RXTX_BUFF_SIZE - 1)
362 rwind = RXRPC_RXTX_BUFF_SIZE - 1;
363 call->tx_winsize = rwind;
248f219c
DH		 364
365 mtu = min(ntohl(ackinfo->rxMTU), ntohl(ackinfo->maxMTU));
366
367 peer = call->peer;
368 if (mtu < peer->maxdata) {
369 spin_lock_bh(&peer->lock);
370 peer->maxdata = mtu;
371 peer->mtu = mtu + peer->hdrsize;
372 spin_unlock_bh(&peer->lock);
373 _net("Net MTU %u (maxdata %u)", peer->mtu, peer->maxdata);
374 }
375}
17926a79 376
248f219c
DH		 377/*
378 * Process individual soft ACKs.
379 *
380 * Each ACK in the array corresponds to one packet and can be either an ACK or
381 * a NAK. If we get find an explicitly NAK'd packet we resend immediately;
382 * packets that lie beyond the end of the ACK list are scheduled for resend by
383 * the timer on the basis that the peer might just not have processed them at
384 * the time the ACK was sent.
385 */
386static void rxrpc_input_soft_acks(struct rxrpc_call *call, u8 *acks,
387 rxrpc_seq_t seq, int nr_acks)
388{
389 bool resend = false;
390 int ix;
391
392 for (; nr_acks > 0; nr_acks--, seq++) {
393 ix = seq & RXRPC_RXTX_BUFF_MASK;
d01dc4c3 394 switch (*acks++) {
248f219c
DH		 395 case RXRPC_ACK_TYPE_ACK:
396 call->rxtx_annotations[ix] = RXRPC_TX_ANNO_ACK;
397 break;
398 case RXRPC_ACK_TYPE_NACK:
399 if (call->rxtx_annotations[ix] == RXRPC_TX_ANNO_NAK)
400 continue;
401 call->rxtx_annotations[ix] = RXRPC_TX_ANNO_NAK;
402 resend = true;
403 break;
404 default:
405 return rxrpc_proto_abort("SFT", call, 0);
17926a79 406 }
17926a79 407 }
248f219c
DH		 408
409 if (resend &&
410 !test_and_set_bit(RXRPC_CALL_EV_RESEND, &call->events))
411 rxrpc_queue_call(call);
17926a79
DH		 412}
413
414/*
248f219c
DH		 415 * Process an ACK packet.
416 *
417 * ack.firstPacket is the sequence number of the first soft-ACK'd/NAK'd packet
418 * in the ACK array. Anything before that is hard-ACK'd and may be discarded.
419 *
420 * A hard-ACK means that a packet has been processed and may be discarded; a
421 * soft-ACK means that the packet may be discarded and retransmission
422 * requested. A phase is complete when all packets are hard-ACK'd.
17926a79 423 */
248f219c
DH		 424static void rxrpc_input_ack(struct rxrpc_call *call, struct sk_buff *skb,
425 u16 skew)
17926a79
DH		 426{
427 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
248f219c
DH		 428 union {
429 struct rxrpc_ackpacket ack;
430 struct rxrpc_ackinfo info;
431 u8 acks[RXRPC_MAXACKS];
432 } buf;
433 rxrpc_seq_t first_soft_ack, hard_ack;
434 int nr_acks, offset;
435
436 _enter("");
437
438 if (skb_copy_bits(skb, sp->offset, &buf.ack, sizeof(buf.ack)) < 0) {
439 _debug("extraction failure");
440 return rxrpc_proto_abort("XAK", call, 0);
17926a79 441 }
248f219c
DH		 442 sp->offset += sizeof(buf.ack);
443
444 first_soft_ack = ntohl(buf.ack.firstPacket);
445 hard_ack = first_soft_ack - 1;
446 nr_acks = buf.ack.nAcks;
447
ec71eb9a
DH		 448 trace_rxrpc_rx_ack(call, first_soft_ack, buf.ack.reason, nr_acks);
449
248f219c
DH		 450 _proto("Rx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }",
451 sp->hdr.serial,
452 ntohs(buf.ack.maxSkew),
453 first_soft_ack,
454 ntohl(buf.ack.previousPacket),
455 ntohl(buf.ack.serial),
456 rxrpc_acks(buf.ack.reason),
457 buf.ack.nAcks);
458
459 if (buf.ack.reason == RXRPC_ACK_PING) {
460 _proto("Rx ACK %%%u PING Request", sp->hdr.serial);
461 rxrpc_propose_ACK(call, RXRPC_ACK_PING_RESPONSE,
462 skew, sp->hdr.serial, true, true);
463 } else if (sp->hdr.flags & RXRPC_REQUEST_ACK) {
563ea7d5 464 rxrpc_propose_ACK(call, RXRPC_ACK_REQUESTED,
248f219c 465 skew, sp->hdr.serial, true, true);
17926a79
DH		 466 }
467
248f219c 468 offset = sp->offset + nr_acks + 3;
89a80ed4 469 if (skb->len >= offset + sizeof(buf.info)) {
248f219c
DH		 470 if (skb_copy_bits(skb, offset, &buf.info, sizeof(buf.info)) < 0)
471 return rxrpc_proto_abort("XAI", call, 0);
472 rxrpc_input_ackinfo(call, skb, &buf.info);
473 }
17926a79 474
248f219c
DH		 475 if (first_soft_ack == 0)
476 return rxrpc_proto_abort("AK0", call, 0);
17926a79 477
248f219c
DH		 478 /* Ignore ACKs unless we are or have just been transmitting. */
479 switch (call->state) {
480 case RXRPC_CALL_CLIENT_SEND_REQUEST:
481 case RXRPC_CALL_CLIENT_AWAIT_REPLY:
482 case RXRPC_CALL_SERVER_SEND_REPLY:
483 case RXRPC_CALL_SERVER_AWAIT_ACK:
484 break;
17926a79 485 default:
248f219c
DH		 486 return;
487 }
17926a79 488
248f219c
DH		 489 /* Discard any out-of-order or duplicate ACKs. */
490 if ((int)sp->hdr.serial - (int)call->acks_latest <= 0) {
491 _debug("discard ACK %d <= %d",
492 sp->hdr.serial, call->acks_latest);
493 return;
494 }
495 call->acks_latest = sp->hdr.serial;
17926a79 496
248f219c
DH		 497 if (test_bit(RXRPC_CALL_TX_LAST, &call->flags) &&
498 hard_ack == call->tx_top) {
499 rxrpc_end_tx_phase(call, "ETA");
500 return;
501 }
17926a79 502
248f219c
DH		 503 if (before(hard_ack, call->tx_hard_ack) ||
504 after(hard_ack, call->tx_top))
505 return rxrpc_proto_abort("AKW", call, 0);
17926a79 506
248f219c
DH		 507 if (after(hard_ack, call->tx_hard_ack))
508 rxrpc_rotate_tx_window(call, hard_ack);
17926a79 509
248f219c
DH		 510 if (after(first_soft_ack, call->tx_top))
511 return;
17926a79 512
248f219c
DH		 513 if (nr_acks > call->tx_top - first_soft_ack + 1)
514 nr_acks = first_soft_ack - call->tx_top + 1;
515 if (skb_copy_bits(skb, sp->offset, buf.acks, nr_acks) < 0)
516 return rxrpc_proto_abort("XSA", call, 0);
517 rxrpc_input_soft_acks(call, buf.acks, first_soft_ack, nr_acks);
17926a79
DH		 518}
519
520/*
248f219c 521 * Process an ACKALL packet.
17926a79 522 */
248f219c 523static void rxrpc_input_ackall(struct rxrpc_call *call, struct sk_buff *skb)
17926a79 524{
248f219c 525 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
17926a79 526
248f219c 527 _proto("Rx ACKALL %%%u", sp->hdr.serial);
17926a79 528
248f219c
DH		 529 rxrpc_end_tx_phase(call, "ETL");
530}
17926a79 531
248f219c
DH		 532/*
533 * Process an ABORT packet.
534 */
535static void rxrpc_input_abort(struct rxrpc_call *call, struct sk_buff *skb)
536{
537 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
538 __be32 wtmp;
539 u32 abort_code = RX_CALL_DEAD;
17926a79 540
248f219c 541 _enter("");
17926a79 542
248f219c
DH		 543 if (skb->len >= 4 &&
544 skb_copy_bits(skb, sp->offset, &wtmp, sizeof(wtmp)) >= 0)
545 abort_code = ntohl(wtmp);
17926a79 546
248f219c 547 _proto("Rx ABORT %%%u { %x }", sp->hdr.serial, abort_code);
17926a79 548
248f219c
DH		 549 if (rxrpc_set_call_completion(call, RXRPC_CALL_REMOTELY_ABORTED,
550 abort_code, ECONNABORTED))
551 rxrpc_notify_socket(call);
17926a79
DH		 552}
553
554/*
248f219c 555 * Process an incoming call packet.
17926a79 556 */
248f219c
DH		 557static void rxrpc_input_call_packet(struct rxrpc_call *call,
558 struct sk_buff *skb, u16 skew)
17926a79 559{
248f219c 560 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
17926a79 561
7727640c 562 _enter("%p,%p", call, skb);
17926a79 563
248f219c
DH		 564 switch (sp->hdr.type) {
565 case RXRPC_PACKET_TYPE_DATA:
566 rxrpc_input_data(call, skb, skew);
567 break;
f5c17aae 568
248f219c
DH		 569 case RXRPC_PACKET_TYPE_ACK:
570 rxrpc_input_ack(call, skb, skew);
17926a79 571 break;
17926a79 572
248f219c
DH		 573 case RXRPC_PACKET_TYPE_BUSY:
574 _proto("Rx BUSY %%%u", sp->hdr.serial);
17926a79 575
248f219c
DH		 576 /* Just ignore BUSY packets from the server; the retry and
577 * lifespan timers will take care of business. BUSY packets
578 * from the client don't make sense.
579 */
580 break;
17926a79 581
248f219c
DH		 582 case RXRPC_PACKET_TYPE_ABORT:
583 rxrpc_input_abort(call, skb);
584 break;
17926a79 585
248f219c
DH		 586 case RXRPC_PACKET_TYPE_ACKALL:
587 rxrpc_input_ackall(call, skb);
588 break;
f5c17aae 589
248f219c
DH		 590 default:
591 _proto("Rx %s %%%u", rxrpc_pkts[sp->hdr.type], sp->hdr.serial);
592 break;
17926a79 593 }
248f219c 594
17926a79
DH		 595 _leave("");
596}
597
598/*
599 * post connection-level events to the connection
18bfeba5
DH		 600 * - this includes challenges, responses, some aborts and call terminal packet
601 * retransmission.
17926a79 602 */
2e7e9758 603static void rxrpc_post_packet_to_conn(struct rxrpc_connection *conn,
17926a79
DH		 604 struct sk_buff *skb)
605{
606 _enter("%p,%p", conn, skb);
607
17926a79 608 skb_queue_tail(&conn->rx_queue, skb);
2e7e9758 609 rxrpc_queue_conn(conn);
17926a79
DH		 610}
611
44ba0698
DH		 612/*
613 * post endpoint-level events to the local endpoint
614 * - this includes debug and version messages
615 */
616static void rxrpc_post_packet_to_local(struct rxrpc_local *local,
617 struct sk_buff *skb)
618{
619 _enter("%p,%p", local, skb);
620
44ba0698 621 skb_queue_tail(&local->event_queue, skb);
5acbee46 622 rxrpc_queue_local(local);
44ba0698
DH		 623}
624
248f219c
DH		 625/*
626 * put a packet up for transport-level abort
627 */
628static void rxrpc_reject_packet(struct rxrpc_local *local, struct sk_buff *skb)
629{
630 CHECK_SLAB_OKAY(&local->usage);
631
632 skb_queue_tail(&local->reject_queue, skb);
633 rxrpc_queue_local(local);
634}
635
0d12f8a4
DH		 636/*
637 * Extract the wire header from a packet and translate the byte order.
638 */
639static noinline
640int rxrpc_extract_header(struct rxrpc_skb_priv *sp, struct sk_buff *skb)
641{
642 struct rxrpc_wire_header whdr;
643
644 /* dig out the RxRPC connection details */
4d0fc73e 645 if (skb_copy_bits(skb, 0, &whdr, sizeof(whdr)) < 0)
0d12f8a4 646 return -EBADMSG;
0d12f8a4
DH		 647
648 memset(sp, 0, sizeof(*sp));
649 sp->hdr.epoch = ntohl(whdr.epoch);
650 sp->hdr.cid = ntohl(whdr.cid);
651 sp->hdr.callNumber = ntohl(whdr.callNumber);
652 sp->hdr.seq = ntohl(whdr.seq);
653 sp->hdr.serial = ntohl(whdr.serial);
654 sp->hdr.flags = whdr.flags;
655 sp->hdr.type = whdr.type;
656 sp->hdr.userStatus = whdr.userStatus;
657 sp->hdr.securityIndex = whdr.securityIndex;
658 sp->hdr._rsvd = ntohs(whdr._rsvd);
659 sp->hdr.serviceId = ntohs(whdr.serviceId);
248f219c 660 sp->offset = sizeof(whdr);
0d12f8a4
DH		 661 return 0;
662}
663
17926a79
DH		 664/*
665 * handle data received on the local endpoint
666 * - may be called in interrupt context
4f95dd78
DH		 667 *
668 * The socket is locked by the caller and this prevents the socket from being
669 * shut down and the local endpoint from going away, thus sk_user_data will not
670 * be cleared until this function returns.
17926a79 671 */
248f219c 672void rxrpc_data_ready(struct sock *udp_sk)
17926a79 673{
8496af50 674 struct rxrpc_connection *conn;
248f219c
DH		 675 struct rxrpc_channel *chan;
676 struct rxrpc_call *call;
17926a79 677 struct rxrpc_skb_priv *sp;
248f219c 678 struct rxrpc_local *local = udp_sk->sk_user_data;
17926a79 679 struct sk_buff *skb;
248f219c 680 unsigned int channel;
563ea7d5 681 int ret, skew;
17926a79 682
248f219c 683 _enter("%p", udp_sk);
17926a79
DH		 684
685 ASSERT(!irqs_disabled());
686
248f219c 687 skb = skb_recv_datagram(udp_sk, 0, 1, &ret);
17926a79 688 if (!skb) {
17926a79
DH		 689 if (ret == -EAGAIN)
690 return;
691 _debug("UDP socket error %d", ret);
692 return;
693 }
694
71f3ca40 695 rxrpc_new_skb(skb, rxrpc_skb_rx_received);
17926a79
DH		 696
697 _net("recv skb %p", skb);
698
699 /* we'll probably need to checksum it (didn't call sock_recvmsg) */
700 if (skb_checksum_complete(skb)) {
71f3ca40 701 rxrpc_free_skb(skb, rxrpc_skb_rx_freed);
02c22347 702 __UDP_INC_STATS(&init_net, UDP_MIB_INERRORS, 0);
17926a79
DH		 703 _leave(" [CSUM failed]");
704 return;
705 }
706
02c22347 707 __UDP_INC_STATS(&init_net, UDP_MIB_INDATAGRAMS, 0);
1781f7f5 708
0d12f8a4
DH		 709 /* The socket buffer we have is owned by UDP, with UDP's data all over
710 * it, but we really want our own data there.
711 */
17926a79
DH		 712 skb_orphan(skb);
713 sp = rxrpc_skb(skb);
17926a79 714
8a681c36
DH		 715 if (IS_ENABLED(CONFIG_AF_RXRPC_INJECT_LOSS)) {
716 static int lose;
717 if ((lose++ & 7) == 7) {
718 rxrpc_lose_skb(skb, rxrpc_skb_rx_lost);
719 return;
720 }
721 }
722
17926a79
DH		 723 _net("Rx UDP packet from %08x:%04hu",
724 ntohl(ip_hdr(skb)->saddr), ntohs(udp_hdr(skb)->source));
725
726 /* dig out the RxRPC connection details */
0d12f8a4 727 if (rxrpc_extract_header(sp, skb) < 0)
17926a79 728 goto bad_message;
49e19ec7 729 trace_rxrpc_rx_packet(sp);
17926a79
DH		 730
731 _net("Rx RxRPC %s ep=%x call=%x:%x",
732 sp->hdr.flags & RXRPC_CLIENT_INITIATED ? "ToServer" : "ToClient",
0d12f8a4 733 sp->hdr.epoch, sp->hdr.cid, sp->hdr.callNumber);
17926a79 734
351c1e64
DH		 735 if (sp->hdr.type >= RXRPC_N_PACKET_TYPES ||
736 !((RXRPC_SUPPORTED_PACKET_TYPES >> sp->hdr.type) & 1)) {
17926a79
DH		 737 _proto("Rx Bad Packet Type %u", sp->hdr.type);
738 goto bad_message;
739 }
740
248f219c
DH		 741 switch (sp->hdr.type) {
742 case RXRPC_PACKET_TYPE_VERSION:
44ba0698
DH		 743 rxrpc_post_packet_to_local(local, skb);
744 goto out;
bc6e1ea3 745
248f219c
DH		 746 case RXRPC_PACKET_TYPE_BUSY:
747 if (sp->hdr.flags & RXRPC_CLIENT_INITIATED)
748 goto discard;
749
750 case RXRPC_PACKET_TYPE_DATA:
751 if (sp->hdr.callNumber == 0)
752 goto bad_message;
753 if (sp->hdr.flags & RXRPC_JUMBO_PACKET &&
754 !rxrpc_validate_jumbo(skb))
755 goto bad_message;
756 break;
757 }
17926a79 758
8496af50
DH		 759 rcu_read_lock();
760
8496af50 761 conn = rxrpc_find_connection_rcu(local, skb);
248f219c
DH		 762 if (conn) {
763 if (sp->hdr.securityIndex != conn->security_ix)
764 goto wrong_security;
563ea7d5 765
248f219c
DH		 766 if (sp->hdr.callNumber == 0) {
767 /* Connection-level packet */
768 _debug("CONN %p {%d}", conn, conn->debug_id);
769 rxrpc_post_packet_to_conn(conn, skb);
770 goto out_unlock;
771 }
772
773 /* Note the serial number skew here */
774 skew = (int)sp->hdr.serial - (int)conn->hi_serial;
775 if (skew >= 0) {
776 if (skew > 0)
777 conn->hi_serial = sp->hdr.serial;
778 } else {
779 skew = -skew;
780 skew = min(skew, 65535);
781 }
17926a79 782
8496af50 783 /* Call-bound packets are routed by connection channel. */
248f219c
DH		 784 channel = sp->hdr.cid & RXRPC_CHANNELMASK;
785 chan = &conn->channels[channel];
18bfeba5
DH		 786
787 /* Ignore really old calls */
788 if (sp->hdr.callNumber < chan->last_call)
789 goto discard_unlock;
790
791 if (sp->hdr.callNumber == chan->last_call) {
248f219c
DH		 792 /* For the previous service call, if completed successfully, we
793 * discard all further packets.
18bfeba5 794 */
2266ffde 795 if (rxrpc_conn_is_service(conn) &&
18bfeba5
DH		 796 (chan->last_type == RXRPC_PACKET_TYPE_ACK ||
797 sp->hdr.type == RXRPC_PACKET_TYPE_ABORT))
798 goto discard_unlock;
799
248f219c
DH		 800 /* But otherwise we need to retransmit the final packet from
801 * data cached in the connection record.
18bfeba5
DH		 802 */
803 rxrpc_post_packet_to_conn(conn, skb);
804 goto out_unlock;
805 }
0d12f8a4 806
18bfeba5 807 call = rcu_dereference(chan->call);
248f219c
DH		 808 } else {
809 skew = 0;
810 call = NULL;
811 }
8496af50 812
248f219c
DH		 813 if (!call || atomic_read(&call->usage) == 0) {
814 if (!(sp->hdr.type & RXRPC_CLIENT_INITIATED) ||
815 sp->hdr.callNumber == 0 ||
816 sp->hdr.type != RXRPC_PACKET_TYPE_DATA)
817 goto bad_message_unlock;
818 if (sp->hdr.seq != 1)
819 goto discard_unlock;
820 call = rxrpc_new_incoming_call(local, conn, skb);
821 if (!call) {
822 rcu_read_unlock();
823 goto reject_packet;
824 }
7727640c 825 }
44ba0698 826
248f219c
DH		 827 rxrpc_input_call_packet(call, skb, skew);
828 goto discard_unlock;
829
18bfeba5 830discard_unlock:
8496af50 831 rcu_read_unlock();
248f219c 832discard:
71f3ca40 833 rxrpc_free_skb(skb, rxrpc_skb_rx_freed);
44ba0698 834out:
49e19ec7 835 trace_rxrpc_rx_done(0, 0);
17926a79
DH		 836 return;
837
248f219c 838out_unlock:
8496af50 839 rcu_read_unlock();
248f219c 840 goto out;
8496af50 841
248f219c
DH		 842wrong_security:
843 rcu_read_unlock();
844 trace_rxrpc_abort("SEC", sp->hdr.cid, sp->hdr.callNumber, sp->hdr.seq,
845 RXKADINCONSISTENCY, EBADMSG);
846 skb->priority = RXKADINCONSISTENCY;
847 goto post_abort;
17926a79 848
248f219c
DH		 849bad_message_unlock:
850 rcu_read_unlock();
17926a79 851bad_message:
248f219c
DH		 852 trace_rxrpc_abort("BAD", sp->hdr.cid, sp->hdr.callNumber, sp->hdr.seq,
853 RX_PROTOCOL_ERROR, EBADMSG);
17926a79 854 skb->priority = RX_PROTOCOL_ERROR;
248f219c
DH		 855post_abort:
856 skb->mark = RXRPC_SKB_MARK_LOCAL_ABORT;
49e19ec7
DH		 857reject_packet:
858 trace_rxrpc_rx_done(skb->mark, skb->priority);
17926a79 859 rxrpc_reject_packet(local, skb);
17926a79
DH		 860 _leave(" [badmsg]");
861}
Empty description
This page took 0.76359 seconds and 4 git commands to generate.