1/* 2 * Copyright (C) ST-Ericsson AB 2010 3 * Author: Sjur Brendeland sjur.brandeland@stericsson.com 4 * License terms: GNU General Public License (GPL) version 2 5 */ 6 7#include <linux/fs.h> 8#include <linux/init.h> 9#include <linux/module.h> 10#include <linux/sched.h> 11#include <linux/spinlock.h> 12#include <linux/mutex.h> 13#include <linux/list.h> 14#include <linux/wait.h> 15#include <linux/poll.h> 16#include <linux/tcp.h> 17#include <linux/uaccess.h> 18#include <linux/mutex.h> 19#include <linux/debugfs.h> 20#include <linux/caif/caif_socket.h> 21#include <asm/atomic.h> 22#include <net/sock.h> 23#include <net/tcp_states.h> 24#include <net/caif/caif_layer.h> 25#include <net/caif/caif_dev.h> 26#include <net/caif/cfpkt.h> 27 28MODULE_LICENSE("GPL"); 29MODULE_ALIAS_NETPROTO(AF_CAIF); 30 31#define CAIF_DEF_SNDBUF (4096*10) 32#define CAIF_DEF_RCVBUF (4096*100) 33 34/* 35 * CAIF state is re-using the TCP socket states. 36 * caif_states stored in sk_state reflect the state as reported by 37 * the CAIF stack, while sk_socket->state is the state of the socket. 38 */ 39enum caif_states { 40 CAIF_CONNECTED = TCP_ESTABLISHED, 41 CAIF_CONNECTING = TCP_SYN_SENT, 42 CAIF_DISCONNECTED = TCP_CLOSE 43}; 44 45#define TX_FLOW_ON_BIT 1 46#define RX_FLOW_ON_BIT 2 47 48static struct dentry *debugfsdir; 49 50#ifdef CONFIG_DEBUG_FS 51struct debug_fs_counter { 52 atomic_t caif_nr_socks; 53 atomic_t num_connect_req; 54 atomic_t num_connect_resp; 55 atomic_t num_connect_fail_resp; 56 atomic_t num_disconnect; 57 atomic_t num_remote_shutdown_ind; 58 atomic_t num_tx_flow_off_ind; 59 atomic_t num_tx_flow_on_ind; 60 atomic_t num_rx_flow_off; 61 atomic_t num_rx_flow_on; 62}; 63static struct debug_fs_counter cnt; 64#define dbfs_atomic_inc(v) atomic_inc(v) 65#define dbfs_atomic_dec(v) atomic_dec(v) 66#else 67#define dbfs_atomic_inc(v) 68#define dbfs_atomic_dec(v) 69#endif 70 71struct caifsock { 72 struct sock sk; /* must be first member */ 73 struct cflayer layer; 74 char name[CAIF_LAYER_NAME_SZ]; /* Used for debugging */ 75 u32 flow_state; 76 struct caif_connect_request conn_req; 77 struct mutex readlock; 78 struct dentry *debugfs_socket_dir; 79 int headroom, tailroom, maxframe; 80}; 81 82static int rx_flow_is_on(struct caifsock *cf_sk) 83{ 84 return test_bit(RX_FLOW_ON_BIT, 85 (void *) &cf_sk->flow_state); 86} 87 88static int tx_flow_is_on(struct caifsock *cf_sk) 89{ 90 return test_bit(TX_FLOW_ON_BIT, 91 (void *) &cf_sk->flow_state); 92} 93 94static void set_rx_flow_off(struct caifsock *cf_sk) 95{ 96 clear_bit(RX_FLOW_ON_BIT, 97 (void *) &cf_sk->flow_state); 98} 99 100static void set_rx_flow_on(struct caifsock *cf_sk) 101{ 102 set_bit(RX_FLOW_ON_BIT, 103 (void *) &cf_sk->flow_state); 104} 105 106static void set_tx_flow_off(struct caifsock *cf_sk) 107{ 108 clear_bit(TX_FLOW_ON_BIT, 109 (void *) &cf_sk->flow_state); 110} 111 112static void set_tx_flow_on(struct caifsock *cf_sk) 113{ 114 set_bit(TX_FLOW_ON_BIT, 115 (void *) &cf_sk->flow_state); 116} 117 118static void caif_read_lock(struct sock *sk) 119{ 120 struct caifsock *cf_sk; 121 cf_sk = container_of(sk, struct caifsock, sk); 122 mutex_lock(&cf_sk->readlock); 123} 124 125static void caif_read_unlock(struct sock *sk) 126{ 127 struct caifsock *cf_sk; 128 cf_sk = container_of(sk, struct caifsock, sk); 129 mutex_unlock(&cf_sk->readlock); 130} 131 132static int sk_rcvbuf_lowwater(struct caifsock *cf_sk) 133{ 134 /* A quarter of full buffer is used a low water mark */ 135 return cf_sk->sk.sk_rcvbuf / 4; 136} 137 138static void caif_flow_ctrl(struct sock *sk, int mode) 139{ 140 struct caifsock *cf_sk; 141 cf_sk = container_of(sk, struct caifsock, sk); 142 if (cf_sk->layer.dn && cf_sk->layer.dn->modemcmd) 143 cf_sk->layer.dn->modemcmd(cf_sk->layer.dn, mode); 144} 145 146/* 147 * Copied from sock.c:sock_queue_rcv_skb(), but changed so packets are 148 * not dropped, but CAIF is sending flow off instead. 149 */ 150static int caif_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) 151{ 152 int err; 153 int skb_len; 154 unsigned long flags; 155 struct sk_buff_head *list = &sk->sk_receive_queue; 156 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 157 158 if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >= 159 (unsigned)sk->sk_rcvbuf && rx_flow_is_on(cf_sk)) { 160 trace_printk("CAIF: %s():" 161 " sending flow OFF (queue len = %d %d)\n", 162 __func__, 163 atomic_read(&cf_sk->sk.sk_rmem_alloc), 164 sk_rcvbuf_lowwater(cf_sk)); 165 set_rx_flow_off(cf_sk); 166 dbfs_atomic_inc(&cnt.num_rx_flow_off); 167 caif_flow_ctrl(sk, CAIF_MODEMCMD_FLOW_OFF_REQ); 168 } 169 170 err = sk_filter(sk, skb); 171 if (err) 172 return err; 173 if (!sk_rmem_schedule(sk, skb->truesize) && rx_flow_is_on(cf_sk)) { 174 set_rx_flow_off(cf_sk); 175 trace_printk("CAIF: %s():" 176 " sending flow OFF due to rmem_schedule\n", 177 __func__); 178 dbfs_atomic_inc(&cnt.num_rx_flow_off); 179 caif_flow_ctrl(sk, CAIF_MODEMCMD_FLOW_OFF_REQ); 180 } 181 skb->dev = NULL; 182 skb_set_owner_r(skb, sk); 183 /* Cache the SKB length before we tack it onto the receive 184 * queue. Once it is added it no longer belongs to us and 185 * may be freed by other threads of control pulling packets 186 * from the queue. 187 */ 188 skb_len = skb->len; 189 spin_lock_irqsave(&list->lock, flags); 190 if (!sock_flag(sk, SOCK_DEAD)) 191 __skb_queue_tail(list, skb); 192 spin_unlock_irqrestore(&list->lock, flags); 193 194 if (!sock_flag(sk, SOCK_DEAD)) 195 sk->sk_data_ready(sk, skb_len); 196 else 197 kfree_skb(skb); 198 return 0; 199} 200 201/* Packet Receive Callback function called from CAIF Stack */ 202static int caif_sktrecv_cb(struct cflayer *layr, struct cfpkt *pkt) 203{ 204 struct caifsock *cf_sk; 205 struct sk_buff *skb; 206 207 cf_sk = container_of(layr, struct caifsock, layer); 208 skb = cfpkt_tonative(pkt); 209 210 if (unlikely(cf_sk->sk.sk_state != CAIF_CONNECTED)) { 211 cfpkt_destroy(pkt); 212 return 0; 213 } 214 caif_queue_rcv_skb(&cf_sk->sk, skb); 215 return 0; 216} 217 218/* Packet Control Callback function called from CAIF */ 219static void caif_ctrl_cb(struct cflayer *layr, 220 enum caif_ctrlcmd flow, 221 int phyid) 222{ 223 struct caifsock *cf_sk = container_of(layr, struct caifsock, layer); 224 switch (flow) { 225 case CAIF_CTRLCMD_FLOW_ON_IND: 226 /* OK from modem to start sending again */ 227 dbfs_atomic_inc(&cnt.num_tx_flow_on_ind); 228 set_tx_flow_on(cf_sk); 229 cf_sk->sk.sk_state_change(&cf_sk->sk); 230 break; 231 232 case CAIF_CTRLCMD_FLOW_OFF_IND: 233 /* Modem asks us to shut up */ 234 dbfs_atomic_inc(&cnt.num_tx_flow_off_ind); 235 set_tx_flow_off(cf_sk); 236 cf_sk->sk.sk_state_change(&cf_sk->sk); 237 break; 238 239 case CAIF_CTRLCMD_INIT_RSP: 240 /* We're now connected */ 241 dbfs_atomic_inc(&cnt.num_connect_resp); 242 cf_sk->sk.sk_state = CAIF_CONNECTED; 243 set_tx_flow_on(cf_sk); 244 cf_sk->sk.sk_state_change(&cf_sk->sk); 245 break; 246 247 case CAIF_CTRLCMD_DEINIT_RSP: 248 /* We're now disconnected */ 249 cf_sk->sk.sk_state = CAIF_DISCONNECTED; 250 cf_sk->sk.sk_state_change(&cf_sk->sk); 251 cfcnfg_release_adap_layer(&cf_sk->layer); 252 break; 253 254 case CAIF_CTRLCMD_INIT_FAIL_RSP: 255 /* Connect request failed */ 256 dbfs_atomic_inc(&cnt.num_connect_fail_resp); 257 cf_sk->sk.sk_err = ECONNREFUSED; 258 cf_sk->sk.sk_state = CAIF_DISCONNECTED; 259 cf_sk->sk.sk_shutdown = SHUTDOWN_MASK; 260 /* 261 * Socket "standards" seems to require POLLOUT to 262 * be set at connect failure. 263 */ 264 set_tx_flow_on(cf_sk); 265 cf_sk->sk.sk_state_change(&cf_sk->sk); 266 break; 267 268 case CAIF_CTRLCMD_REMOTE_SHUTDOWN_IND: 269 /* Modem has closed this connection, or device is down. */ 270 dbfs_atomic_inc(&cnt.num_remote_shutdown_ind); 271 cf_sk->sk.sk_shutdown = SHUTDOWN_MASK; 272 cf_sk->sk.sk_err = ECONNRESET; 273 set_rx_flow_on(cf_sk); 274 cf_sk->sk.sk_error_report(&cf_sk->sk); 275 break; 276 277 default: 278 pr_debug("CAIF: %s(): Unexpected flow command %d\n", 279 __func__, flow); 280 } 281} 282 283static void caif_check_flow_release(struct sock *sk) 284{ 285 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 286 287 if (rx_flow_is_on(cf_sk)) 288 return; 289 290 if (atomic_read(&sk->sk_rmem_alloc) <= sk_rcvbuf_lowwater(cf_sk)) { 291 dbfs_atomic_inc(&cnt.num_rx_flow_on); 292 set_rx_flow_on(cf_sk); 293 caif_flow_ctrl(sk, CAIF_MODEMCMD_FLOW_ON_REQ); 294 } 295} 296 297/* 298 * Copied from unix_dgram_recvmsg, but removed credit checks, 299 * changed locking, address handling and added MSG_TRUNC. 300 */ 301static int caif_seqpkt_recvmsg(struct kiocb *iocb, struct socket *sock, 302 struct msghdr *m, size_t len, int flags) 303 304{ 305 struct sock *sk = sock->sk; 306 struct sk_buff *skb; 307 int ret; 308 int copylen; 309 310 ret = -EOPNOTSUPP; 311 if (m->msg_flags&MSG_OOB) 312 goto read_error; 313 314 skb = skb_recv_datagram(sk, flags, 0 , &ret); 315 if (!skb) 316 goto read_error; 317 copylen = skb->len; 318 if (len < copylen) { 319 m->msg_flags |= MSG_TRUNC; 320 copylen = len; 321 } 322 323 ret = skb_copy_datagram_iovec(skb, 0, m->msg_iov, copylen); 324 if (ret) 325 goto out_free; 326 327 ret = (flags & MSG_TRUNC) ? skb->len : copylen; 328out_free: 329 skb_free_datagram(sk, skb); 330 caif_check_flow_release(sk); 331 return ret; 332 333read_error: 334 return ret; 335} 336 337 338/* Copied from unix_stream_wait_data, identical except for lock call. */ 339static long caif_stream_data_wait(struct sock *sk, long timeo) 340{ 341 DEFINE_WAIT(wait); 342 lock_sock(sk); 343 344 for (;;) { 345 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 346 347 if (!skb_queue_empty(&sk->sk_receive_queue) || 348 sk->sk_err || 349 sk->sk_state != CAIF_CONNECTED || 350 sock_flag(sk, SOCK_DEAD) || 351 (sk->sk_shutdown & RCV_SHUTDOWN) || 352 signal_pending(current) || 353 !timeo) 354 break; 355 356 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); 357 release_sock(sk); 358 timeo = schedule_timeout(timeo); 359 lock_sock(sk); 360 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags); 361 } 362 363 finish_wait(sk_sleep(sk), &wait); 364 release_sock(sk); 365 return timeo; 366} 367 368 369/* 370 * Copied from unix_stream_recvmsg, but removed credit checks, 371 * changed locking calls, changed address handling. 372 */ 373static int caif_stream_recvmsg(struct kiocb *iocb, struct socket *sock, 374 struct msghdr *msg, size_t size, 375 int flags) 376{ 377 struct sock *sk = sock->sk; 378 int copied = 0; 379 int target; 380 int err = 0; 381 long timeo; 382 383 err = -EOPNOTSUPP; 384 if (flags&MSG_OOB) 385 goto out; 386 387 msg->msg_namelen = 0; 388 389 /* 390 * Lock the socket to prevent queue disordering 391 * while sleeps in memcpy_tomsg 392 */ 393 err = -EAGAIN; 394 if (sk->sk_state == CAIF_CONNECTING) 395 goto out; 396 397 caif_read_lock(sk); 398 target = sock_rcvlowat(sk, flags&MSG_WAITALL, size); 399 timeo = sock_rcvtimeo(sk, flags&MSG_DONTWAIT); 400 401 do { 402 int chunk; 403 struct sk_buff *skb; 404 405 lock_sock(sk); 406 skb = skb_dequeue(&sk->sk_receive_queue); 407 caif_check_flow_release(sk); 408 409 if (skb == NULL) { 410 if (copied >= target) 411 goto unlock; 412 /* 413 * POSIX 1003.1g mandates this order. 414 */ 415 err = sock_error(sk); 416 if (err) 417 goto unlock; 418 err = -ECONNRESET; 419 if (sk->sk_shutdown & RCV_SHUTDOWN) 420 goto unlock; 421 422 err = -EPIPE; 423 if (sk->sk_state != CAIF_CONNECTED) 424 goto unlock; 425 if (sock_flag(sk, SOCK_DEAD)) 426 goto unlock; 427 428 release_sock(sk); 429 430 err = -EAGAIN; 431 if (!timeo) 432 break; 433 434 caif_read_unlock(sk); 435 436 timeo = caif_stream_data_wait(sk, timeo); 437 438 if (signal_pending(current)) { 439 err = sock_intr_errno(timeo); 440 goto out; 441 } 442 caif_read_lock(sk); 443 continue; 444unlock: 445 release_sock(sk); 446 break; 447 } 448 release_sock(sk); 449 chunk = min_t(unsigned int, skb->len, size); 450 if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) { 451 skb_queue_head(&sk->sk_receive_queue, skb); 452 if (copied == 0) 453 copied = -EFAULT; 454 break; 455 } 456 copied += chunk; 457 size -= chunk; 458 459 /* Mark read part of skb as used */ 460 if (!(flags & MSG_PEEK)) { 461 skb_pull(skb, chunk); 462 463 /* put the skb back if we didn't use it up. */ 464 if (skb->len) { 465 skb_queue_head(&sk->sk_receive_queue, skb); 466 break; 467 } 468 kfree_skb(skb); 469 470 } else { 471 /* 472 * It is questionable, see note in unix_dgram_recvmsg. 473 */ 474 /* put message back and return */ 475 skb_queue_head(&sk->sk_receive_queue, skb); 476 break; 477 } 478 } while (size); 479 caif_read_unlock(sk); 480 481out: 482 return copied ? : err; 483} 484 485/* 486 * Copied from sock.c:sock_wait_for_wmem, but change to wait for 487 * CAIF flow-on and sock_writable. 488 */ 489static long caif_wait_for_flow_on(struct caifsock *cf_sk, 490 int wait_writeable, long timeo, int *err) 491{ 492 struct sock *sk = &cf_sk->sk; 493 DEFINE_WAIT(wait); 494 for (;;) { 495 *err = 0; 496 if (tx_flow_is_on(cf_sk) && 497 (!wait_writeable || sock_writeable(&cf_sk->sk))) 498 break; 499 *err = -ETIMEDOUT; 500 if (!timeo) 501 break; 502 *err = -ERESTARTSYS; 503 if (signal_pending(current)) 504 break; 505 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 506 *err = -ECONNRESET; 507 if (sk->sk_shutdown & SHUTDOWN_MASK) 508 break; 509 *err = -sk->sk_err; 510 if (sk->sk_err) 511 break; 512 *err = -EPIPE; 513 if (cf_sk->sk.sk_state != CAIF_CONNECTED) 514 break; 515 timeo = schedule_timeout(timeo); 516 } 517 finish_wait(sk_sleep(sk), &wait); 518 return timeo; 519} 520 521/* 522 * Transmit a SKB. The device may temporarily request re-transmission 523 * by returning EAGAIN. 524 */ 525static int transmit_skb(struct sk_buff *skb, struct caifsock *cf_sk, 526 int noblock, long timeo) 527{ 528 struct cfpkt *pkt; 529 int ret, loopcnt = 0; 530 531 pkt = cfpkt_fromnative(CAIF_DIR_OUT, skb); 532 memset(cfpkt_info(pkt), 0, sizeof(struct caif_payload_info)); 533 do { 534 535 ret = -ETIMEDOUT; 536 537 /* Slight paranoia, probably not needed. */ 538 if (unlikely(loopcnt++ > 1000)) { 539 pr_warning("CAIF: %s(): transmit retries failed," 540 " error = %d\n", __func__, ret); 541 break; 542 } 543 544 if (cf_sk->layer.dn != NULL) 545 ret = cf_sk->layer.dn->transmit(cf_sk->layer.dn, pkt); 546 if (likely(ret >= 0)) 547 break; 548 /* if transmit return -EAGAIN, then retry */ 549 if (noblock && ret == -EAGAIN) 550 break; 551 timeo = caif_wait_for_flow_on(cf_sk, 0, timeo, &ret); 552 if (signal_pending(current)) { 553 ret = sock_intr_errno(timeo); 554 break; 555 } 556 if (ret) 557 break; 558 if (cf_sk->sk.sk_state != CAIF_CONNECTED || 559 sock_flag(&cf_sk->sk, SOCK_DEAD) || 560 (cf_sk->sk.sk_shutdown & RCV_SHUTDOWN)) { 561 ret = -EPIPE; 562 cf_sk->sk.sk_err = EPIPE; 563 break; 564 } 565 } while (ret == -EAGAIN); 566 return ret; 567} 568 569/* Copied from af_unix:unix_dgram_sendmsg, and adapted to CAIF */ 570static int caif_seqpkt_sendmsg(struct kiocb *kiocb, struct socket *sock, 571 struct msghdr *msg, size_t len) 572{ 573 struct sock *sk = sock->sk; 574 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 575 int buffer_size; 576 int ret = 0; 577 struct sk_buff *skb = NULL; 578 int noblock; 579 long timeo; 580 caif_assert(cf_sk); 581 ret = sock_error(sk); 582 if (ret) 583 goto err; 584 585 ret = -EOPNOTSUPP; 586 if (msg->msg_flags&MSG_OOB) 587 goto err; 588 589 ret = -EOPNOTSUPP; 590 if (msg->msg_namelen) 591 goto err; 592 593 ret = -EINVAL; 594 if (unlikely(msg->msg_iov->iov_base == NULL)) 595 goto err; 596 noblock = msg->msg_flags & MSG_DONTWAIT; 597 598 timeo = sock_sndtimeo(sk, noblock); 599 timeo = caif_wait_for_flow_on(container_of(sk, struct caifsock, sk), 600 1, timeo, &ret); 601 602 if (ret) 603 goto err; 604 ret = -EPIPE; 605 if (cf_sk->sk.sk_state != CAIF_CONNECTED || 606 sock_flag(sk, SOCK_DEAD) || 607 (sk->sk_shutdown & RCV_SHUTDOWN)) 608 goto err; 609 610 /* Error if trying to write more than maximum frame size. */ 611 ret = -EMSGSIZE; 612 if (len > cf_sk->maxframe && cf_sk->sk.sk_protocol != CAIFPROTO_RFM) 613 goto err; 614 615 buffer_size = len + cf_sk->headroom + cf_sk->tailroom; 616 617 ret = -ENOMEM; 618 skb = sock_alloc_send_skb(sk, buffer_size, noblock, &ret); 619 620 if (!skb || skb_tailroom(skb) < buffer_size) 621 goto err; 622 623 skb_reserve(skb, cf_sk->headroom); 624 625 ret = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len); 626 627 if (ret) 628 goto err; 629 ret = transmit_skb(skb, cf_sk, noblock, timeo); 630 if (ret < 0) 631 goto err; 632 return len; 633err: 634 kfree_skb(skb); 635 return ret; 636} 637 638/* 639 * Copied from unix_stream_sendmsg and adapted to CAIF: 640 * Changed removed permission handling and added waiting for flow on 641 * and other minor adaptations. 642 */ 643static int caif_stream_sendmsg(struct kiocb *kiocb, struct socket *sock, 644 struct msghdr *msg, size_t len) 645{ 646 struct sock *sk = sock->sk; 647 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 648 int err, size; 649 struct sk_buff *skb; 650 int sent = 0; 651 long timeo; 652 653 err = -EOPNOTSUPP; 654 if (unlikely(msg->msg_flags&MSG_OOB)) 655 goto out_err; 656 657 if (unlikely(msg->msg_namelen)) 658 goto out_err; 659 660 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT); 661 timeo = caif_wait_for_flow_on(cf_sk, 1, timeo, &err); 662 663 if (unlikely(sk->sk_shutdown & SEND_SHUTDOWN)) 664 goto pipe_err; 665 666 while (sent < len) { 667 668 size = len-sent; 669 670 if (size > cf_sk->maxframe) 671 size = cf_sk->maxframe; 672 673 /* If size is more than half of sndbuf, chop up message */ 674 if (size > ((sk->sk_sndbuf >> 1) - 64)) 675 size = (sk->sk_sndbuf >> 1) - 64; 676 677 if (size > SKB_MAX_ALLOC) 678 size = SKB_MAX_ALLOC; 679 680 skb = sock_alloc_send_skb(sk, 681 size + cf_sk->headroom + 682 cf_sk->tailroom, 683 msg->msg_flags&MSG_DONTWAIT, 684 &err); 685 if (skb == NULL) 686 goto out_err; 687 688 skb_reserve(skb, cf_sk->headroom); 689 /* 690 * If you pass two values to the sock_alloc_send_skb 691 * it tries to grab the large buffer with GFP_NOFS 692 * (which can fail easily), and if it fails grab the 693 * fallback size buffer which is under a page and will 694 * succeed. [Alan] 695 */ 696 size = min_t(int, size, skb_tailroom(skb)); 697 698 err = memcpy_fromiovec(skb_put(skb, size), msg->msg_iov, size); 699 if (err) { 700 kfree_skb(skb); 701 goto out_err; 702 } 703 err = transmit_skb(skb, cf_sk, 704 msg->msg_flags&MSG_DONTWAIT, timeo); 705 if (err < 0) { 706 kfree_skb(skb); 707 goto pipe_err; 708 } 709 sent += size; 710 } 711 712 return sent; 713 714pipe_err: 715 if (sent == 0 && !(msg->msg_flags&MSG_NOSIGNAL)) 716 send_sig(SIGPIPE, current, 0); 717 err = -EPIPE; 718out_err: 719 return sent ? : err; 720} 721 722static int setsockopt(struct socket *sock, 723 int lvl, int opt, char __user *ov, unsigned int ol) 724{ 725 struct sock *sk = sock->sk; 726 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 727 int prio, linksel; 728 struct ifreq ifreq; 729 730 if (cf_sk->sk.sk_socket->state != SS_UNCONNECTED) 731 return -ENOPROTOOPT; 732 733 switch (opt) { 734 case CAIFSO_LINK_SELECT: 735 if (ol < sizeof(int)) 736 return -EINVAL; 737 if (lvl != SOL_CAIF) 738 goto bad_sol; 739 if (copy_from_user(&linksel, ov, sizeof(int))) 740 return -EINVAL; 741 lock_sock(&(cf_sk->sk)); 742 cf_sk->conn_req.link_selector = linksel; 743 release_sock(&cf_sk->sk); 744 return 0; 745 746 case SO_PRIORITY: 747 if (lvl != SOL_SOCKET) 748 goto bad_sol; 749 if (ol < sizeof(int)) 750 return -EINVAL; 751 if (copy_from_user(&prio, ov, sizeof(int))) 752 return -EINVAL; 753 lock_sock(&(cf_sk->sk)); 754 cf_sk->conn_req.priority = prio; 755 release_sock(&cf_sk->sk); 756 return 0; 757 758 case SO_BINDTODEVICE: 759 if (lvl != SOL_SOCKET) 760 goto bad_sol; 761 if (ol < sizeof(struct ifreq)) 762 return -EINVAL; 763 if (copy_from_user(&ifreq, ov, sizeof(ifreq))) 764 return -EFAULT; 765 lock_sock(&(cf_sk->sk)); 766 strncpy(cf_sk->conn_req.link_name, ifreq.ifr_name, 767 sizeof(cf_sk->conn_req.link_name)); 768 cf_sk->conn_req.link_name 769 [sizeof(cf_sk->conn_req.link_name)-1] = 0; 770 release_sock(&cf_sk->sk); 771 return 0; 772 773 case CAIFSO_REQ_PARAM: 774 if (lvl != SOL_CAIF) 775 goto bad_sol; 776 if (cf_sk->sk.sk_protocol != CAIFPROTO_UTIL) 777 return -ENOPROTOOPT; 778 lock_sock(&(cf_sk->sk)); 779 cf_sk->conn_req.param.size = ol; 780 if (ol > sizeof(cf_sk->conn_req.param.data) || 781 copy_from_user(&cf_sk->conn_req.param.data, ov, ol)) { 782 release_sock(&cf_sk->sk); 783 return -EINVAL; 784 } 785 release_sock(&cf_sk->sk); 786 return 0; 787 788 default: 789 return -ENOPROTOOPT; 790 } 791 792 return 0; 793bad_sol: 794 return -ENOPROTOOPT; 795 796} 797 798/* 799 * caif_connect() - Connect a CAIF Socket 800 * Copied and modified af_irda.c:irda_connect(). 801 * 802 * Note : by consulting "errno", the user space caller may learn the cause 803 * of the failure. Most of them are visible in the function, others may come 804 * from subroutines called and are listed here : 805 * o -EAFNOSUPPORT: bad socket family or type. 806 * o -ESOCKTNOSUPPORT: bad socket type or protocol 807 * o -EINVAL: bad socket address, or CAIF link type 808 * o -ECONNREFUSED: remote end refused the connection. 809 * o -EINPROGRESS: connect request sent but timed out (or non-blocking) 810 * o -EISCONN: already connected. 811 * o -ETIMEDOUT: Connection timed out (send timeout) 812 * o -ENODEV: No link layer to send request 813 * o -ECONNRESET: Received Shutdown indication or lost link layer 814 * o -ENOMEM: Out of memory 815 * 816 * State Strategy: 817 * o sk_state: holds the CAIF_* protocol state, it's updated by 818 * caif_ctrl_cb. 819 * o sock->state: holds the SS_* socket state and is updated by connect and 820 * disconnect. 821 */ 822static int caif_connect(struct socket *sock, struct sockaddr *uaddr, 823 int addr_len, int flags) 824{ 825 struct sock *sk = sock->sk; 826 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 827 long timeo; 828 int err; 829 int ifindex, headroom, tailroom; 830 unsigned int mtu; 831 struct net_device *dev; 832 833 lock_sock(sk); 834 835 err = -EAFNOSUPPORT; 836 if (uaddr->sa_family != AF_CAIF) 837 goto out; 838 839 switch (sock->state) { 840 case SS_UNCONNECTED: 841 /* Normal case, a fresh connect */ 842 caif_assert(sk->sk_state == CAIF_DISCONNECTED); 843 break; 844 case SS_CONNECTING: 845 switch (sk->sk_state) { 846 case CAIF_CONNECTED: 847 sock->state = SS_CONNECTED; 848 err = -EISCONN; 849 goto out; 850 case CAIF_DISCONNECTED: 851 /* Reconnect allowed */ 852 break; 853 case CAIF_CONNECTING: 854 err = -EALREADY; 855 if (flags & O_NONBLOCK) 856 goto out; 857 goto wait_connect; 858 } 859 break; 860 case SS_CONNECTED: 861 caif_assert(sk->sk_state == CAIF_CONNECTED || 862 sk->sk_state == CAIF_DISCONNECTED); 863 if (sk->sk_shutdown & SHUTDOWN_MASK) { 864 /* Allow re-connect after SHUTDOWN_IND */ 865 caif_disconnect_client(&cf_sk->layer); 866 break; 867 } 868 /* No reconnect on a seqpacket socket */ 869 err = -EISCONN; 870 goto out; 871 case SS_DISCONNECTING: 872 case SS_FREE: 873 caif_assert(1); /*Should never happen */ 874 break; 875 } 876 sk->sk_state = CAIF_DISCONNECTED; 877 sock->state = SS_UNCONNECTED; 878 sk_stream_kill_queues(&cf_sk->sk); 879 880 err = -EINVAL; 881 if (addr_len != sizeof(struct sockaddr_caif)) 882 goto out; 883 884 memcpy(&cf_sk->conn_req.sockaddr, uaddr, 885 sizeof(struct sockaddr_caif)); 886 887 /* Move to connecting socket, start sending Connect Requests */ 888 sock->state = SS_CONNECTING; 889 sk->sk_state = CAIF_CONNECTING; 890 891 dbfs_atomic_inc(&cnt.num_connect_req); 892 cf_sk->layer.receive = caif_sktrecv_cb; 893 err = caif_connect_client(&cf_sk->conn_req, 894 &cf_sk->layer, &ifindex, &headroom, &tailroom); 895 if (err < 0) { 896 cf_sk->sk.sk_socket->state = SS_UNCONNECTED; 897 cf_sk->sk.sk_state = CAIF_DISCONNECTED; 898 goto out; 899 } 900 901 err = -ENODEV; 902 rcu_read_lock(); 903 dev = dev_get_by_index_rcu(sock_net(sk), ifindex); 904 if (!dev) { 905 rcu_read_unlock(); 906 goto out; 907 } 908 cf_sk->headroom = LL_RESERVED_SPACE_EXTRA(dev, headroom); 909 mtu = dev->mtu; 910 rcu_read_unlock(); 911 912 cf_sk->tailroom = tailroom; 913 cf_sk->maxframe = mtu - (headroom + tailroom); 914 if (cf_sk->maxframe < 1) { 915 pr_warning("CAIF: %s(): CAIF Interface MTU too small (%u)\n", 916 __func__, mtu); 917 goto out; 918 } 919 920 err = -EINPROGRESS; 921wait_connect: 922 923 if (sk->sk_state != CAIF_CONNECTED && (flags & O_NONBLOCK)) 924 goto out; 925 926 timeo = sock_sndtimeo(sk, flags & O_NONBLOCK); 927 928 release_sock(sk); 929 err = -ERESTARTSYS; 930 timeo = wait_event_interruptible_timeout(*sk_sleep(sk), 931 sk->sk_state != CAIF_CONNECTING, 932 timeo); 933 lock_sock(sk); 934 if (timeo < 0) 935 goto out; /* -ERESTARTSYS */ 936 937 err = -ETIMEDOUT; 938 if (timeo == 0 && sk->sk_state != CAIF_CONNECTED) 939 goto out; 940 if (sk->sk_state != CAIF_CONNECTED) { 941 sock->state = SS_UNCONNECTED; 942 err = sock_error(sk); 943 if (!err) 944 err = -ECONNREFUSED; 945 goto out; 946 } 947 sock->state = SS_CONNECTED; 948 err = 0; 949out: 950 release_sock(sk); 951 return err; 952} 953 954/* 955 * caif_release() - Disconnect a CAIF Socket 956 * Copied and modified af_irda.c:irda_release(). 957 */ 958static int caif_release(struct socket *sock) 959{ 960 struct sock *sk = sock->sk; 961 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 962 int res = 0; 963 964 if (!sk) 965 return 0; 966 967 set_tx_flow_off(cf_sk); 968 969 /* 970 * Ensure that packets are not queued after this point in time. 971 * caif_queue_rcv_skb checks SOCK_DEAD holding the queue lock, 972 * this ensures no packets when sock is dead. 973 */ 974 spin_lock(&sk->sk_receive_queue.lock); 975 sock_set_flag(sk, SOCK_DEAD); 976 spin_unlock(&sk->sk_receive_queue.lock); 977 sock->sk = NULL; 978 979 dbfs_atomic_inc(&cnt.num_disconnect); 980 981 if (cf_sk->debugfs_socket_dir != NULL) 982 debugfs_remove_recursive(cf_sk->debugfs_socket_dir); 983 984 lock_sock(&(cf_sk->sk)); 985 sk->sk_state = CAIF_DISCONNECTED; 986 sk->sk_shutdown = SHUTDOWN_MASK; 987 988 if (cf_sk->sk.sk_socket->state == SS_CONNECTED || 989 cf_sk->sk.sk_socket->state == SS_CONNECTING) 990 res = caif_disconnect_client(&cf_sk->layer); 991 992 cf_sk->sk.sk_socket->state = SS_DISCONNECTING; 993 wake_up_interruptible_poll(sk_sleep(sk), POLLERR|POLLHUP); 994 995 sock_orphan(sk); 996 cf_sk->layer.dn = NULL; 997 sk_stream_kill_queues(&cf_sk->sk); 998 release_sock(sk); 999 sock_put(sk); 1000 return res; 1001} 1002 1003/* Copied from af_unix.c:unix_poll(), added CAIF tx_flow handling */ 1004static unsigned int caif_poll(struct file *file, 1005 struct socket *sock, poll_table *wait) 1006{ 1007 struct sock *sk = sock->sk; 1008 unsigned int mask; 1009 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 1010 1011 sock_poll_wait(file, sk_sleep(sk), wait); 1012 mask = 0; 1013 1014 /* exceptional events? */ 1015 if (sk->sk_err) 1016 mask |= POLLERR; 1017 if (sk->sk_shutdown == SHUTDOWN_MASK) 1018 mask |= POLLHUP; 1019 if (sk->sk_shutdown & RCV_SHUTDOWN) 1020 mask |= POLLRDHUP; 1021 1022 /* readable? */ 1023 if (!skb_queue_empty(&sk->sk_receive_queue) || 1024 (sk->sk_shutdown & RCV_SHUTDOWN)) 1025 mask |= POLLIN | POLLRDNORM; 1026 1027 /* 1028 * we set writable also when the other side has shut down the 1029 * connection. This prevents stuck sockets. 1030 */ 1031 if (sock_writeable(sk) && tx_flow_is_on(cf_sk)) 1032 mask |= POLLOUT | POLLWRNORM | POLLWRBAND; 1033 1034 return mask; 1035} 1036 1037static const struct proto_ops caif_seqpacket_ops = { 1038 .family = PF_CAIF, 1039 .owner = THIS_MODULE, 1040 .release = caif_release, 1041 .bind = sock_no_bind, 1042 .connect = caif_connect, 1043 .socketpair = sock_no_socketpair, 1044 .accept = sock_no_accept, 1045 .getname = sock_no_getname, 1046 .poll = caif_poll, 1047 .ioctl = sock_no_ioctl, 1048 .listen = sock_no_listen, 1049 .shutdown = sock_no_shutdown, 1050 .setsockopt = setsockopt, 1051 .getsockopt = sock_no_getsockopt, 1052 .sendmsg = caif_seqpkt_sendmsg, 1053 .recvmsg = caif_seqpkt_recvmsg, 1054 .mmap = sock_no_mmap, 1055 .sendpage = sock_no_sendpage, 1056}; 1057 1058static const struct proto_ops caif_stream_ops = { 1059 .family = PF_CAIF, 1060 .owner = THIS_MODULE, 1061 .release = caif_release, 1062 .bind = sock_no_bind, 1063 .connect = caif_connect, 1064 .socketpair = sock_no_socketpair, 1065 .accept = sock_no_accept, 1066 .getname = sock_no_getname, 1067 .poll = caif_poll, 1068 .ioctl = sock_no_ioctl, 1069 .listen = sock_no_listen, 1070 .shutdown = sock_no_shutdown, 1071 .setsockopt = setsockopt, 1072 .getsockopt = sock_no_getsockopt, 1073 .sendmsg = caif_stream_sendmsg, 1074 .recvmsg = caif_stream_recvmsg, 1075 .mmap = sock_no_mmap, 1076 .sendpage = sock_no_sendpage, 1077}; 1078 1079/* This function is called when a socket is finally destroyed. */ 1080static void caif_sock_destructor(struct sock *sk) 1081{ 1082 struct caifsock *cf_sk = container_of(sk, struct caifsock, sk); 1083 caif_assert(!atomic_read(&sk->sk_wmem_alloc)); 1084 caif_assert(sk_unhashed(sk)); 1085 caif_assert(!sk->sk_socket); 1086 if (!sock_flag(sk, SOCK_DEAD)) { 1087 pr_info("Attempt to release alive CAIF socket: %p\n", sk); 1088 return; 1089 } 1090 sk_stream_kill_queues(&cf_sk->sk); 1091 dbfs_atomic_dec(&cnt.caif_nr_socks); 1092} 1093 1094static int caif_create(struct net *net, struct socket *sock, int protocol, 1095 int kern) 1096{ 1097 struct sock *sk = NULL; 1098 struct caifsock *cf_sk = NULL; 1099 static struct proto prot = {.name = "PF_CAIF", 1100 .owner = THIS_MODULE, 1101 .obj_size = sizeof(struct caifsock), 1102 }; 1103 1104 if (!capable(CAP_SYS_ADMIN) && !capable(CAP_NET_ADMIN)) 1105 return -EPERM; 1106 /* 1107 * The sock->type specifies the socket type to use. 1108 * The CAIF socket is a packet stream in the sense 1109 * that it is packet based. CAIF trusts the reliability 1110 * of the link, no resending is implemented. 1111 */ 1112 if (sock->type == SOCK_SEQPACKET) 1113 sock->ops = &caif_seqpacket_ops; 1114 else if (sock->type == SOCK_STREAM) 1115 sock->ops = &caif_stream_ops; 1116 else 1117 return -ESOCKTNOSUPPORT; 1118 1119 if (protocol < 0 || protocol >= CAIFPROTO_MAX) 1120 return -EPROTONOSUPPORT; 1121 /* 1122 * Set the socket state to unconnected. The socket state 1123 * is really not used at all in the net/core or socket.c but the 1124 * initialization makes sure that sock->state is not uninitialized. 1125 */ 1126 sk = sk_alloc(net, PF_CAIF, GFP_KERNEL, &prot); 1127 if (!sk) 1128 return -ENOMEM; 1129 1130 cf_sk = container_of(sk, struct caifsock, sk); 1131 1132 /* Store the protocol */ 1133 sk->sk_protocol = (unsigned char) protocol; 1134 1135 /* Sendbuf dictates the amount of outbound packets not yet sent */ 1136 sk->sk_sndbuf = CAIF_DEF_SNDBUF; 1137 sk->sk_rcvbuf = CAIF_DEF_RCVBUF; 1138 1139 /* 1140 * Lock in order to try to stop someone from opening the socket 1141 * too early. 1142 */ 1143 lock_sock(&(cf_sk->sk)); 1144 1145 /* Initialize the nozero default sock structure data. */ 1146 sock_init_data(sock, sk); 1147 sk->sk_destruct = caif_sock_destructor; 1148 1149 mutex_init(&cf_sk->readlock); /* single task reading lock */ 1150 cf_sk->layer.ctrlcmd = caif_ctrl_cb; 1151 cf_sk->sk.sk_socket->state = SS_UNCONNECTED; 1152 cf_sk->sk.sk_state = CAIF_DISCONNECTED; 1153 1154 set_tx_flow_off(cf_sk); 1155 set_rx_flow_on(cf_sk); 1156 1157 /* Set default options on configuration */ 1158 cf_sk->conn_req.priority = CAIF_PRIO_NORMAL; 1159 cf_sk->conn_req.link_selector = CAIF_LINK_LOW_LATENCY; 1160 cf_sk->conn_req.protocol = protocol; 1161 /* Increase the number of sockets created. */ 1162 dbfs_atomic_inc(&cnt.caif_nr_socks); 1163#ifdef CONFIG_DEBUG_FS 1164 if (!IS_ERR(debugfsdir)) { 1165 /* Fill in some information concerning the misc socket. */ 1166 snprintf(cf_sk->name, sizeof(cf_sk->name), "cfsk%d", 1167 atomic_read(&cnt.caif_nr_socks)); 1168 1169 cf_sk->debugfs_socket_dir = 1170 debugfs_create_dir(cf_sk->name, debugfsdir); 1171 debugfs_create_u32("sk_state", S_IRUSR | S_IWUSR, 1172 cf_sk->debugfs_socket_dir, 1173 (u32 *) &cf_sk->sk.sk_state); 1174 debugfs_create_u32("flow_state", S_IRUSR | S_IWUSR, 1175 cf_sk->debugfs_socket_dir, &cf_sk->flow_state); 1176 debugfs_create_u32("sk_rmem_alloc", S_IRUSR | S_IWUSR, 1177 cf_sk->debugfs_socket_dir, 1178 (u32 *) &cf_sk->sk.sk_rmem_alloc); 1179 debugfs_create_u32("sk_wmem_alloc", S_IRUSR | S_IWUSR, 1180 cf_sk->debugfs_socket_dir, 1181 (u32 *) &cf_sk->sk.sk_wmem_alloc); 1182 debugfs_create_u32("identity", S_IRUSR | S_IWUSR, 1183 cf_sk->debugfs_socket_dir, 1184 (u32 *) &cf_sk->layer.id); 1185 } 1186#endif 1187 release_sock(&cf_sk->sk); 1188 return 0; 1189} 1190 1191 1192static struct net_proto_family caif_family_ops = { 1193 .family = PF_CAIF, 1194 .create = caif_create, 1195 .owner = THIS_MODULE, 1196}; 1197 1198static int af_caif_init(void) 1199{ 1200 int err = sock_register(&caif_family_ops); 1201 if (!err) 1202 return err; 1203 return 0; 1204} 1205 1206static int __init caif_sktinit_module(void) 1207{ 1208#ifdef CONFIG_DEBUG_FS 1209 debugfsdir = debugfs_create_dir("caif_sk", NULL); 1210 if (!IS_ERR(debugfsdir)) { 1211 debugfs_create_u32("num_sockets", S_IRUSR | S_IWUSR, 1212 debugfsdir, 1213 (u32 *) &cnt.caif_nr_socks); 1214 debugfs_create_u32("num_connect_req", S_IRUSR | S_IWUSR, 1215 debugfsdir, 1216 (u32 *) &cnt.num_connect_req); 1217 debugfs_create_u32("num_connect_resp", S_IRUSR | S_IWUSR, 1218 debugfsdir, 1219 (u32 *) &cnt.num_connect_resp); 1220 debugfs_create_u32("num_connect_fail_resp", S_IRUSR | S_IWUSR, 1221 debugfsdir, 1222 (u32 *) &cnt.num_connect_fail_resp); 1223 debugfs_create_u32("num_disconnect", S_IRUSR | S_IWUSR, 1224 debugfsdir, 1225 (u32 *) &cnt.num_disconnect); 1226 debugfs_create_u32("num_remote_shutdown_ind", 1227 S_IRUSR | S_IWUSR, debugfsdir, 1228 (u32 *) &cnt.num_remote_shutdown_ind); 1229 debugfs_create_u32("num_tx_flow_off_ind", S_IRUSR | S_IWUSR, 1230 debugfsdir, 1231 (u32 *) &cnt.num_tx_flow_off_ind); 1232 debugfs_create_u32("num_tx_flow_on_ind", S_IRUSR | S_IWUSR, 1233 debugfsdir, 1234 (u32 *) &cnt.num_tx_flow_on_ind); 1235 debugfs_create_u32("num_rx_flow_off", S_IRUSR | S_IWUSR, 1236 debugfsdir, 1237 (u32 *) &cnt.num_rx_flow_off); 1238 debugfs_create_u32("num_rx_flow_on", S_IRUSR | S_IWUSR, 1239 debugfsdir, 1240 (u32 *) &cnt.num_rx_flow_on); 1241 } 1242#endif 1243 return af_caif_init(); 1244} 1245 1246static void __exit caif_sktexit_module(void) 1247{ 1248 sock_unregister(PF_CAIF); 1249 if (debugfsdir != NULL) 1250 debugfs_remove_recursive(debugfsdir); 1251} 1252module_init(caif_sktinit_module); 1253module_exit(caif_sktexit_module); 1254