1/* 2 * File: pep.c 3 * 4 * Phonet pipe protocol end point socket 5 * 6 * Copyright (C) 2008 Nokia Corporation. 7 * 8 * Author: R��mi Denis-Courmont <remi.denis-courmont@nokia.com> 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * version 2 as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, but 15 * WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 17 * General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program; if not, write to the Free Software 21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 22 * 02110-1301 USA 23 */ 24 25#include <linux/kernel.h> 26#include <linux/slab.h> 27#include <linux/socket.h> 28#include <net/sock.h> 29#include <net/tcp_states.h> 30#include <asm/ioctls.h> 31 32#include <linux/phonet.h> 33#include <net/phonet/phonet.h> 34#include <net/phonet/pep.h> 35#include <net/phonet/gprs.h> 36 37/* sk_state values: 38 * TCP_CLOSE sock not in use yet 39 * TCP_CLOSE_WAIT disconnected pipe 40 * TCP_LISTEN listening pipe endpoint 41 * TCP_SYN_RECV connected pipe in disabled state 42 * TCP_ESTABLISHED connected pipe in enabled state 43 * 44 * pep_sock locking: 45 * - sk_state, ackq, hlist: sock lock needed 46 * - listener: read only 47 * - pipe_handle: read only 48 */ 49 50#define CREDITS_MAX 10 51#define CREDITS_THR 7 52 53static const struct sockaddr_pn pipe_srv = { 54 .spn_family = AF_PHONET, 55 .spn_resource = 0xD9, /* pipe service */ 56}; 57 58#define pep_sb_size(s) (((s) + 5) & ~3) /* 2-bytes head, 32-bits aligned */ 59 60/* Get the next TLV sub-block. */ 61static unsigned char *pep_get_sb(struct sk_buff *skb, u8 *ptype, u8 *plen, 62 void *buf) 63{ 64 void *data = NULL; 65 struct { 66 u8 sb_type; 67 u8 sb_len; 68 } *ph, h; 69 int buflen = *plen; 70 71 ph = skb_header_pointer(skb, 0, 2, &h); 72 if (ph == NULL || ph->sb_len < 2 || !pskb_may_pull(skb, ph->sb_len)) 73 return NULL; 74 ph->sb_len -= 2; 75 *ptype = ph->sb_type; 76 *plen = ph->sb_len; 77 78 if (buflen > ph->sb_len) 79 buflen = ph->sb_len; 80 data = skb_header_pointer(skb, 2, buflen, buf); 81 __skb_pull(skb, 2 + ph->sb_len); 82 return data; 83} 84 85static int pep_reply(struct sock *sk, struct sk_buff *oskb, 86 u8 code, const void *data, int len, gfp_t priority) 87{ 88 const struct pnpipehdr *oph = pnp_hdr(oskb); 89 struct pnpipehdr *ph; 90 struct sk_buff *skb; 91 92 skb = alloc_skb(MAX_PNPIPE_HEADER + len, priority); 93 if (!skb) 94 return -ENOMEM; 95 skb_set_owner_w(skb, sk); 96 97 skb_reserve(skb, MAX_PNPIPE_HEADER); 98 __skb_put(skb, len); 99 skb_copy_to_linear_data(skb, data, len); 100 __skb_push(skb, sizeof(*ph)); 101 skb_reset_transport_header(skb); 102 ph = pnp_hdr(skb); 103 ph->utid = oph->utid; 104 ph->message_id = oph->message_id + 1; /* REQ -> RESP */ 105 ph->pipe_handle = oph->pipe_handle; 106 ph->error_code = code; 107 108 return pn_skb_send(sk, skb, &pipe_srv); 109} 110 111#define PAD 0x00 112static int pep_accept_conn(struct sock *sk, struct sk_buff *skb) 113{ 114 static const u8 data[20] = { 115 PAD, PAD, PAD, 2 /* sub-blocks */, 116 PN_PIPE_SB_REQUIRED_FC_TX, pep_sb_size(5), 3, PAD, 117 PN_MULTI_CREDIT_FLOW_CONTROL, 118 PN_ONE_CREDIT_FLOW_CONTROL, 119 PN_LEGACY_FLOW_CONTROL, 120 PAD, 121 PN_PIPE_SB_PREFERRED_FC_RX, pep_sb_size(5), 3, PAD, 122 PN_MULTI_CREDIT_FLOW_CONTROL, 123 PN_ONE_CREDIT_FLOW_CONTROL, 124 PN_LEGACY_FLOW_CONTROL, 125 PAD, 126 }; 127 128 might_sleep(); 129 return pep_reply(sk, skb, PN_PIPE_NO_ERROR, data, sizeof(data), 130 GFP_KERNEL); 131} 132 133static int pep_reject_conn(struct sock *sk, struct sk_buff *skb, u8 code) 134{ 135 static const u8 data[4] = { PAD, PAD, PAD, 0 /* sub-blocks */ }; 136 WARN_ON(code == PN_PIPE_NO_ERROR); 137 return pep_reply(sk, skb, code, data, sizeof(data), GFP_ATOMIC); 138} 139 140/* Control requests are not sent by the pipe service and have a specific 141 * message format. */ 142static int pep_ctrlreq_error(struct sock *sk, struct sk_buff *oskb, u8 code, 143 gfp_t priority) 144{ 145 const struct pnpipehdr *oph = pnp_hdr(oskb); 146 struct sk_buff *skb; 147 struct pnpipehdr *ph; 148 struct sockaddr_pn dst; 149 150 skb = alloc_skb(MAX_PNPIPE_HEADER + 4, priority); 151 if (!skb) 152 return -ENOMEM; 153 skb_set_owner_w(skb, sk); 154 155 skb_reserve(skb, MAX_PHONET_HEADER); 156 ph = (struct pnpipehdr *)skb_put(skb, sizeof(*ph) + 4); 157 158 ph->utid = oph->utid; 159 ph->message_id = PNS_PEP_CTRL_RESP; 160 ph->pipe_handle = oph->pipe_handle; 161 ph->data[0] = oph->data[1]; /* CTRL id */ 162 ph->data[1] = oph->data[0]; /* PEP type */ 163 ph->data[2] = code; /* error code, at an usual offset */ 164 ph->data[3] = PAD; 165 ph->data[4] = PAD; 166 167 pn_skb_get_src_sockaddr(oskb, &dst); 168 return pn_skb_send(sk, skb, &dst); 169} 170 171static int pipe_snd_status(struct sock *sk, u8 type, u8 status, gfp_t priority) 172{ 173 struct pep_sock *pn = pep_sk(sk); 174 struct pnpipehdr *ph; 175 struct sk_buff *skb; 176 177 skb = alloc_skb(MAX_PNPIPE_HEADER + 4, priority); 178 if (!skb) 179 return -ENOMEM; 180 skb_set_owner_w(skb, sk); 181 182 skb_reserve(skb, MAX_PNPIPE_HEADER + 4); 183 __skb_push(skb, sizeof(*ph) + 4); 184 skb_reset_transport_header(skb); 185 ph = pnp_hdr(skb); 186 ph->utid = 0; 187 ph->message_id = PNS_PEP_STATUS_IND; 188 ph->pipe_handle = pn->pipe_handle; 189 ph->pep_type = PN_PEP_TYPE_COMMON; 190 ph->data[1] = type; 191 ph->data[2] = PAD; 192 ph->data[3] = PAD; 193 ph->data[4] = status; 194 195 return pn_skb_send(sk, skb, &pipe_srv); 196} 197 198/* Send our RX flow control information to the sender. 199 * Socket must be locked. */ 200static void pipe_grant_credits(struct sock *sk) 201{ 202 struct pep_sock *pn = pep_sk(sk); 203 204 BUG_ON(sk->sk_state != TCP_ESTABLISHED); 205 206 switch (pn->rx_fc) { 207 case PN_LEGACY_FLOW_CONTROL: /* TODO */ 208 break; 209 case PN_ONE_CREDIT_FLOW_CONTROL: 210 pipe_snd_status(sk, PN_PEP_IND_FLOW_CONTROL, 211 PEP_IND_READY, GFP_ATOMIC); 212 pn->rx_credits = 1; 213 break; 214 case PN_MULTI_CREDIT_FLOW_CONTROL: 215 if ((pn->rx_credits + CREDITS_THR) > CREDITS_MAX) 216 break; 217 if (pipe_snd_status(sk, PN_PEP_IND_ID_MCFC_GRANT_CREDITS, 218 CREDITS_MAX - pn->rx_credits, 219 GFP_ATOMIC) == 0) 220 pn->rx_credits = CREDITS_MAX; 221 break; 222 } 223} 224 225static int pipe_rcv_status(struct sock *sk, struct sk_buff *skb) 226{ 227 struct pep_sock *pn = pep_sk(sk); 228 struct pnpipehdr *hdr; 229 int wake = 0; 230 231 if (!pskb_may_pull(skb, sizeof(*hdr) + 4)) 232 return -EINVAL; 233 234 hdr = pnp_hdr(skb); 235 if (hdr->data[0] != PN_PEP_TYPE_COMMON) { 236 LIMIT_NETDEBUG(KERN_DEBUG"Phonet unknown PEP type: %u\n", 237 (unsigned)hdr->data[0]); 238 return -EOPNOTSUPP; 239 } 240 241 switch (hdr->data[1]) { 242 case PN_PEP_IND_FLOW_CONTROL: 243 switch (pn->tx_fc) { 244 case PN_LEGACY_FLOW_CONTROL: 245 switch (hdr->data[4]) { 246 case PEP_IND_BUSY: 247 atomic_set(&pn->tx_credits, 0); 248 break; 249 case PEP_IND_READY: 250 atomic_set(&pn->tx_credits, wake = 1); 251 break; 252 } 253 break; 254 case PN_ONE_CREDIT_FLOW_CONTROL: 255 if (hdr->data[4] == PEP_IND_READY) 256 atomic_set(&pn->tx_credits, wake = 1); 257 break; 258 } 259 break; 260 261 case PN_PEP_IND_ID_MCFC_GRANT_CREDITS: 262 if (pn->tx_fc != PN_MULTI_CREDIT_FLOW_CONTROL) 263 break; 264 atomic_add(wake = hdr->data[4], &pn->tx_credits); 265 break; 266 267 default: 268 LIMIT_NETDEBUG(KERN_DEBUG"Phonet unknown PEP indication: %u\n", 269 (unsigned)hdr->data[1]); 270 return -EOPNOTSUPP; 271 } 272 if (wake) 273 sk->sk_write_space(sk); 274 return 0; 275} 276 277static int pipe_rcv_created(struct sock *sk, struct sk_buff *skb) 278{ 279 struct pep_sock *pn = pep_sk(sk); 280 struct pnpipehdr *hdr = pnp_hdr(skb); 281 u8 n_sb = hdr->data[0]; 282 283 pn->rx_fc = pn->tx_fc = PN_LEGACY_FLOW_CONTROL; 284 __skb_pull(skb, sizeof(*hdr)); 285 while (n_sb > 0) { 286 u8 type, buf[2], len = sizeof(buf); 287 u8 *data = pep_get_sb(skb, &type, &len, buf); 288 289 if (data == NULL) 290 return -EINVAL; 291 switch (type) { 292 case PN_PIPE_SB_NEGOTIATED_FC: 293 if (len < 2 || (data[0] | data[1]) > 3) 294 break; 295 pn->tx_fc = data[0] & 3; 296 pn->rx_fc = data[1] & 3; 297 break; 298 } 299 n_sb--; 300 } 301 return 0; 302} 303 304/* Queue an skb to a connected sock. 305 * Socket lock must be held. */ 306static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) 307{ 308 struct pep_sock *pn = pep_sk(sk); 309 struct pnpipehdr *hdr = pnp_hdr(skb); 310 struct sk_buff_head *queue; 311 int err = 0; 312 313 BUG_ON(sk->sk_state == TCP_CLOSE_WAIT); 314 315 switch (hdr->message_id) { 316 case PNS_PEP_CONNECT_REQ: 317 pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE); 318 break; 319 320 case PNS_PEP_DISCONNECT_REQ: 321 pep_reply(sk, skb, PN_PIPE_NO_ERROR, NULL, 0, GFP_ATOMIC); 322 sk->sk_state = TCP_CLOSE_WAIT; 323 if (!sock_flag(sk, SOCK_DEAD)) 324 sk->sk_state_change(sk); 325 break; 326 327 case PNS_PEP_ENABLE_REQ: 328 /* Wait for PNS_PIPE_(ENABLED|REDIRECTED)_IND */ 329 pep_reply(sk, skb, PN_PIPE_NO_ERROR, NULL, 0, GFP_ATOMIC); 330 break; 331 332 case PNS_PEP_RESET_REQ: 333 switch (hdr->state_after_reset) { 334 case PN_PIPE_DISABLE: 335 pn->init_enable = 0; 336 break; 337 case PN_PIPE_ENABLE: 338 pn->init_enable = 1; 339 break; 340 default: /* not allowed to send an error here!? */ 341 err = -EINVAL; 342 goto out; 343 } 344 /* fall through */ 345 case PNS_PEP_DISABLE_REQ: 346 atomic_set(&pn->tx_credits, 0); 347 pep_reply(sk, skb, PN_PIPE_NO_ERROR, NULL, 0, GFP_ATOMIC); 348 break; 349 350 case PNS_PEP_CTRL_REQ: 351 if (skb_queue_len(&pn->ctrlreq_queue) >= PNPIPE_CTRLREQ_MAX) { 352 atomic_inc(&sk->sk_drops); 353 break; 354 } 355 __skb_pull(skb, 4); 356 queue = &pn->ctrlreq_queue; 357 goto queue; 358 359 case PNS_PIPE_ALIGNED_DATA: 360 __skb_pull(skb, 1); 361 /* fall through */ 362 case PNS_PIPE_DATA: 363 __skb_pull(skb, 3); /* Pipe data header */ 364 if (!pn_flow_safe(pn->rx_fc)) { 365 err = sock_queue_rcv_skb(sk, skb); 366 if (!err) 367 return 0; 368 break; 369 } 370 371 if (pn->rx_credits == 0) { 372 atomic_inc(&sk->sk_drops); 373 err = -ENOBUFS; 374 break; 375 } 376 pn->rx_credits--; 377 queue = &sk->sk_receive_queue; 378 goto queue; 379 380 case PNS_PEP_STATUS_IND: 381 pipe_rcv_status(sk, skb); 382 break; 383 384 case PNS_PIPE_REDIRECTED_IND: 385 err = pipe_rcv_created(sk, skb); 386 break; 387 388 case PNS_PIPE_CREATED_IND: 389 err = pipe_rcv_created(sk, skb); 390 if (err) 391 break; 392 /* fall through */ 393 case PNS_PIPE_RESET_IND: 394 if (!pn->init_enable) 395 break; 396 /* fall through */ 397 case PNS_PIPE_ENABLED_IND: 398 if (!pn_flow_safe(pn->tx_fc)) { 399 atomic_set(&pn->tx_credits, 1); 400 sk->sk_write_space(sk); 401 } 402 if (sk->sk_state == TCP_ESTABLISHED) 403 break; /* Nothing to do */ 404 sk->sk_state = TCP_ESTABLISHED; 405 pipe_grant_credits(sk); 406 break; 407 408 case PNS_PIPE_DISABLED_IND: 409 sk->sk_state = TCP_SYN_RECV; 410 pn->rx_credits = 0; 411 break; 412 413 default: 414 LIMIT_NETDEBUG(KERN_DEBUG"Phonet unknown PEP message: %u\n", 415 hdr->message_id); 416 err = -EINVAL; 417 } 418out: 419 kfree_skb(skb); 420 return err; 421 422queue: 423 skb->dev = NULL; 424 skb_set_owner_r(skb, sk); 425 err = skb->len; 426 skb_queue_tail(queue, skb); 427 if (!sock_flag(sk, SOCK_DEAD)) 428 sk->sk_data_ready(sk, err); 429 return 0; 430} 431 432/* Destroy connected sock. */ 433static void pipe_destruct(struct sock *sk) 434{ 435 struct pep_sock *pn = pep_sk(sk); 436 437 skb_queue_purge(&sk->sk_receive_queue); 438 skb_queue_purge(&pn->ctrlreq_queue); 439} 440 441static int pep_connreq_rcv(struct sock *sk, struct sk_buff *skb) 442{ 443 struct sock *newsk; 444 struct pep_sock *newpn, *pn = pep_sk(sk); 445 struct pnpipehdr *hdr; 446 struct sockaddr_pn dst; 447 u16 peer_type; 448 u8 pipe_handle, enabled, n_sb; 449 u8 aligned = 0; 450 451 if (!pskb_pull(skb, sizeof(*hdr) + 4)) 452 return -EINVAL; 453 454 hdr = pnp_hdr(skb); 455 pipe_handle = hdr->pipe_handle; 456 switch (hdr->state_after_connect) { 457 case PN_PIPE_DISABLE: 458 enabled = 0; 459 break; 460 case PN_PIPE_ENABLE: 461 enabled = 1; 462 break; 463 default: 464 pep_reject_conn(sk, skb, PN_PIPE_ERR_INVALID_PARAM); 465 return -EINVAL; 466 } 467 peer_type = hdr->other_pep_type << 8; 468 469 if (unlikely(sk->sk_state != TCP_LISTEN) || sk_acceptq_is_full(sk)) { 470 pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE); 471 return -ENOBUFS; 472 } 473 474 /* Parse sub-blocks (options) */ 475 n_sb = hdr->data[4]; 476 while (n_sb > 0) { 477 u8 type, buf[1], len = sizeof(buf); 478 const u8 *data = pep_get_sb(skb, &type, &len, buf); 479 480 if (data == NULL) 481 return -EINVAL; 482 switch (type) { 483 case PN_PIPE_SB_CONNECT_REQ_PEP_SUB_TYPE: 484 if (len < 1) 485 return -EINVAL; 486 peer_type = (peer_type & 0xff00) | data[0]; 487 break; 488 case PN_PIPE_SB_ALIGNED_DATA: 489 aligned = data[0] != 0; 490 break; 491 } 492 n_sb--; 493 } 494 495 skb = skb_clone(skb, GFP_ATOMIC); 496 if (!skb) 497 return -ENOMEM; 498 499 /* Create a new to-be-accepted sock */ 500 newsk = sk_alloc(sock_net(sk), PF_PHONET, GFP_ATOMIC, sk->sk_prot); 501 if (!newsk) { 502 kfree_skb(skb); 503 return -ENOMEM; 504 } 505 sock_init_data(NULL, newsk); 506 newsk->sk_state = TCP_SYN_RECV; 507 newsk->sk_backlog_rcv = pipe_do_rcv; 508 newsk->sk_protocol = sk->sk_protocol; 509 newsk->sk_destruct = pipe_destruct; 510 511 newpn = pep_sk(newsk); 512 pn_skb_get_dst_sockaddr(skb, &dst); 513 newpn->pn_sk.sobject = pn_sockaddr_get_object(&dst); 514 newpn->pn_sk.resource = pn->pn_sk.resource; 515 skb_queue_head_init(&newpn->ctrlreq_queue); 516 newpn->pipe_handle = pipe_handle; 517 atomic_set(&newpn->tx_credits, 0); 518 newpn->peer_type = peer_type; 519 newpn->rx_credits = 0; 520 newpn->rx_fc = newpn->tx_fc = PN_LEGACY_FLOW_CONTROL; 521 newpn->init_enable = enabled; 522 newpn->aligned = aligned; 523 524 BUG_ON(!skb_queue_empty(&newsk->sk_receive_queue)); 525 skb_queue_head(&newsk->sk_receive_queue, skb); 526 if (!sock_flag(sk, SOCK_DEAD)) 527 sk->sk_data_ready(sk, 0); 528 529 sk_acceptq_added(sk); 530 sk_add_node(newsk, &pn->ackq); 531 return 0; 532} 533 534/* Listening sock must be locked */ 535static struct sock *pep_find_pipe(const struct hlist_head *hlist, 536 const struct sockaddr_pn *dst, 537 u8 pipe_handle) 538{ 539 struct hlist_node *node; 540 struct sock *sknode; 541 u16 dobj = pn_sockaddr_get_object(dst); 542 543 sk_for_each(sknode, node, hlist) { 544 struct pep_sock *pnnode = pep_sk(sknode); 545 546 /* Ports match, but addresses might not: */ 547 if (pnnode->pn_sk.sobject != dobj) 548 continue; 549 if (pnnode->pipe_handle != pipe_handle) 550 continue; 551 if (sknode->sk_state == TCP_CLOSE_WAIT) 552 continue; 553 554 sock_hold(sknode); 555 return sknode; 556 } 557 return NULL; 558} 559 560/* 561 * Deliver an skb to a listening sock. 562 * Socket lock must be held. 563 * We then queue the skb to the right connected sock (if any). 564 */ 565static int pep_do_rcv(struct sock *sk, struct sk_buff *skb) 566{ 567 struct pep_sock *pn = pep_sk(sk); 568 struct sock *sknode; 569 struct pnpipehdr *hdr; 570 struct sockaddr_pn dst; 571 int err = NET_RX_SUCCESS; 572 u8 pipe_handle; 573 574 if (!pskb_may_pull(skb, sizeof(*hdr))) 575 goto drop; 576 577 hdr = pnp_hdr(skb); 578 pipe_handle = hdr->pipe_handle; 579 if (pipe_handle == PN_PIPE_INVALID_HANDLE) 580 goto drop; 581 582 pn_skb_get_dst_sockaddr(skb, &dst); 583 584 /* Look for an existing pipe handle */ 585 sknode = pep_find_pipe(&pn->hlist, &dst, pipe_handle); 586 if (sknode) 587 return sk_receive_skb(sknode, skb, 1); 588 589 /* Look for a pipe handle pending accept */ 590 sknode = pep_find_pipe(&pn->ackq, &dst, pipe_handle); 591 if (sknode) { 592 sock_put(sknode); 593 if (net_ratelimit()) 594 printk(KERN_WARNING"Phonet unconnected PEP ignored"); 595 err = NET_RX_DROP; 596 goto drop; 597 } 598 599 switch (hdr->message_id) { 600 case PNS_PEP_CONNECT_REQ: 601 err = pep_connreq_rcv(sk, skb); 602 break; 603 604 case PNS_PEP_DISCONNECT_REQ: 605 pep_reply(sk, skb, PN_PIPE_NO_ERROR, NULL, 0, GFP_ATOMIC); 606 break; 607 608 case PNS_PEP_CTRL_REQ: 609 pep_ctrlreq_error(sk, skb, PN_PIPE_INVALID_HANDLE, GFP_ATOMIC); 610 break; 611 612 case PNS_PEP_RESET_REQ: 613 case PNS_PEP_ENABLE_REQ: 614 case PNS_PEP_DISABLE_REQ: 615 /* invalid handle is not even allowed here! */ 616 default: 617 err = NET_RX_DROP; 618 } 619drop: 620 kfree_skb(skb); 621 return err; 622} 623 624/* associated socket ceases to exist */ 625static void pep_sock_close(struct sock *sk, long timeout) 626{ 627 struct pep_sock *pn = pep_sk(sk); 628 int ifindex = 0; 629 630 sock_hold(sk); /* keep a reference after sk_common_release() */ 631 sk_common_release(sk); 632 633 lock_sock(sk); 634 if (sk->sk_state == TCP_LISTEN) { 635 /* Destroy the listen queue */ 636 struct sock *sknode; 637 struct hlist_node *p, *n; 638 639 sk_for_each_safe(sknode, p, n, &pn->ackq) 640 sk_del_node_init(sknode); 641 sk->sk_state = TCP_CLOSE; 642 } 643 ifindex = pn->ifindex; 644 pn->ifindex = 0; 645 release_sock(sk); 646 647 if (ifindex) 648 gprs_detach(sk); 649 sock_put(sk); 650} 651 652static int pep_wait_connreq(struct sock *sk, int noblock) 653{ 654 struct task_struct *tsk = current; 655 struct pep_sock *pn = pep_sk(sk); 656 long timeo = sock_rcvtimeo(sk, noblock); 657 658 for (;;) { 659 DEFINE_WAIT(wait); 660 661 if (sk->sk_state != TCP_LISTEN) 662 return -EINVAL; 663 if (!hlist_empty(&pn->ackq)) 664 break; 665 if (!timeo) 666 return -EWOULDBLOCK; 667 if (signal_pending(tsk)) 668 return sock_intr_errno(timeo); 669 670 prepare_to_wait_exclusive(sk_sleep(sk), &wait, 671 TASK_INTERRUPTIBLE); 672 release_sock(sk); 673 timeo = schedule_timeout(timeo); 674 lock_sock(sk); 675 finish_wait(sk_sleep(sk), &wait); 676 } 677 678 return 0; 679} 680 681static struct sock *pep_sock_accept(struct sock *sk, int flags, int *errp) 682{ 683 struct pep_sock *pn = pep_sk(sk); 684 struct sock *newsk = NULL; 685 struct sk_buff *oskb; 686 int err; 687 688 lock_sock(sk); 689 err = pep_wait_connreq(sk, flags & O_NONBLOCK); 690 if (err) 691 goto out; 692 693 newsk = __sk_head(&pn->ackq); 694 695 oskb = skb_dequeue(&newsk->sk_receive_queue); 696 err = pep_accept_conn(newsk, oskb); 697 if (err) { 698 skb_queue_head(&newsk->sk_receive_queue, oskb); 699 newsk = NULL; 700 goto out; 701 } 702 kfree_skb(oskb); 703 704 sock_hold(sk); 705 pep_sk(newsk)->listener = sk; 706 707 sock_hold(newsk); 708 sk_del_node_init(newsk); 709 sk_acceptq_removed(sk); 710 sk_add_node(newsk, &pn->hlist); 711 __sock_put(newsk); 712 713out: 714 release_sock(sk); 715 *errp = err; 716 return newsk; 717} 718 719static int pep_ioctl(struct sock *sk, int cmd, unsigned long arg) 720{ 721 struct pep_sock *pn = pep_sk(sk); 722 int answ; 723 724 switch (cmd) { 725 case SIOCINQ: 726 if (sk->sk_state == TCP_LISTEN) 727 return -EINVAL; 728 729 lock_sock(sk); 730 if (sock_flag(sk, SOCK_URGINLINE) && 731 !skb_queue_empty(&pn->ctrlreq_queue)) 732 answ = skb_peek(&pn->ctrlreq_queue)->len; 733 else if (!skb_queue_empty(&sk->sk_receive_queue)) 734 answ = skb_peek(&sk->sk_receive_queue)->len; 735 else 736 answ = 0; 737 release_sock(sk); 738 return put_user(answ, (int __user *)arg); 739 } 740 741 return -ENOIOCTLCMD; 742} 743 744static int pep_init(struct sock *sk) 745{ 746 struct pep_sock *pn = pep_sk(sk); 747 748 INIT_HLIST_HEAD(&pn->ackq); 749 INIT_HLIST_HEAD(&pn->hlist); 750 skb_queue_head_init(&pn->ctrlreq_queue); 751 pn->pipe_handle = PN_PIPE_INVALID_HANDLE; 752 return 0; 753} 754 755static int pep_setsockopt(struct sock *sk, int level, int optname, 756 char __user *optval, unsigned int optlen) 757{ 758 struct pep_sock *pn = pep_sk(sk); 759 int val = 0, err = 0; 760 761 if (level != SOL_PNPIPE) 762 return -ENOPROTOOPT; 763 if (optlen >= sizeof(int)) { 764 if (get_user(val, (int __user *) optval)) 765 return -EFAULT; 766 } 767 768 lock_sock(sk); 769 switch (optname) { 770 case PNPIPE_ENCAP: 771 if (val && val != PNPIPE_ENCAP_IP) { 772 err = -EINVAL; 773 break; 774 } 775 if (!pn->ifindex == !val) 776 break; /* Nothing to do! */ 777 if (!capable(CAP_NET_ADMIN)) { 778 err = -EPERM; 779 break; 780 } 781 if (val) { 782 release_sock(sk); 783 err = gprs_attach(sk); 784 if (err > 0) { 785 pn->ifindex = err; 786 err = 0; 787 } 788 } else { 789 pn->ifindex = 0; 790 release_sock(sk); 791 gprs_detach(sk); 792 err = 0; 793 } 794 goto out_norel; 795 default: 796 err = -ENOPROTOOPT; 797 } 798 release_sock(sk); 799 800out_norel: 801 return err; 802} 803 804static int pep_getsockopt(struct sock *sk, int level, int optname, 805 char __user *optval, int __user *optlen) 806{ 807 struct pep_sock *pn = pep_sk(sk); 808 int len, val; 809 810 if (level != SOL_PNPIPE) 811 return -ENOPROTOOPT; 812 if (get_user(len, optlen)) 813 return -EFAULT; 814 815 switch (optname) { 816 case PNPIPE_ENCAP: 817 val = pn->ifindex ? PNPIPE_ENCAP_IP : PNPIPE_ENCAP_NONE; 818 break; 819 case PNPIPE_IFINDEX: 820 val = pn->ifindex; 821 break; 822 default: 823 return -ENOPROTOOPT; 824 } 825 826 len = min_t(unsigned int, sizeof(int), len); 827 if (put_user(len, optlen)) 828 return -EFAULT; 829 if (put_user(val, (int __user *) optval)) 830 return -EFAULT; 831 return 0; 832} 833 834static int pipe_skb_send(struct sock *sk, struct sk_buff *skb) 835{ 836 struct pep_sock *pn = pep_sk(sk); 837 struct pnpipehdr *ph; 838 839 if (pn_flow_safe(pn->tx_fc) && 840 !atomic_add_unless(&pn->tx_credits, -1, 0)) { 841 kfree_skb(skb); 842 return -ENOBUFS; 843 } 844 845 skb_push(skb, 3 + pn->aligned); 846 skb_reset_transport_header(skb); 847 ph = pnp_hdr(skb); 848 ph->utid = 0; 849 if (pn->aligned) { 850 ph->message_id = PNS_PIPE_ALIGNED_DATA; 851 ph->data[0] = 0; /* padding */ 852 } else 853 ph->message_id = PNS_PIPE_DATA; 854 ph->pipe_handle = pn->pipe_handle; 855 856 return pn_skb_send(sk, skb, &pipe_srv); 857} 858 859static int pep_sendmsg(struct kiocb *iocb, struct sock *sk, 860 struct msghdr *msg, size_t len) 861{ 862 struct pep_sock *pn = pep_sk(sk); 863 struct sk_buff *skb; 864 long timeo; 865 int flags = msg->msg_flags; 866 int err, done; 867 868 if ((msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_NOSIGNAL| 869 MSG_CMSG_COMPAT)) || 870 !(msg->msg_flags & MSG_EOR)) 871 return -EOPNOTSUPP; 872 873 skb = sock_alloc_send_skb(sk, MAX_PNPIPE_HEADER + len, 874 flags & MSG_DONTWAIT, &err); 875 if (!skb) 876 return -ENOBUFS; 877 878 skb_reserve(skb, MAX_PHONET_HEADER + 3); 879 err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len); 880 if (err < 0) 881 goto outfree; 882 883 lock_sock(sk); 884 timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT); 885 if ((1 << sk->sk_state) & (TCPF_LISTEN|TCPF_CLOSE)) { 886 err = -ENOTCONN; 887 goto out; 888 } 889 if (sk->sk_state != TCP_ESTABLISHED) { 890 /* Wait until the pipe gets to enabled state */ 891disabled: 892 err = sk_stream_wait_connect(sk, &timeo); 893 if (err) 894 goto out; 895 896 if (sk->sk_state == TCP_CLOSE_WAIT) { 897 err = -ECONNRESET; 898 goto out; 899 } 900 } 901 BUG_ON(sk->sk_state != TCP_ESTABLISHED); 902 903 /* Wait until flow control allows TX */ 904 done = atomic_read(&pn->tx_credits); 905 while (!done) { 906 DEFINE_WAIT(wait); 907 908 if (!timeo) { 909 err = -EAGAIN; 910 goto out; 911 } 912 if (signal_pending(current)) { 913 err = sock_intr_errno(timeo); 914 goto out; 915 } 916 917 prepare_to_wait(sk_sleep(sk), &wait, 918 TASK_INTERRUPTIBLE); 919 done = sk_wait_event(sk, &timeo, atomic_read(&pn->tx_credits)); 920 finish_wait(sk_sleep(sk), &wait); 921 922 if (sk->sk_state != TCP_ESTABLISHED) 923 goto disabled; 924 } 925 926 err = pipe_skb_send(sk, skb); 927 if (err >= 0) 928 err = len; /* success! */ 929 skb = NULL; 930out: 931 release_sock(sk); 932outfree: 933 kfree_skb(skb); 934 return err; 935} 936 937int pep_writeable(struct sock *sk) 938{ 939 struct pep_sock *pn = pep_sk(sk); 940 941 return atomic_read(&pn->tx_credits); 942} 943 944int pep_write(struct sock *sk, struct sk_buff *skb) 945{ 946 struct sk_buff *rskb, *fs; 947 int flen = 0; 948 949 if (pep_sk(sk)->aligned) 950 return pipe_skb_send(sk, skb); 951 952 rskb = alloc_skb(MAX_PNPIPE_HEADER, GFP_ATOMIC); 953 if (!rskb) { 954 kfree_skb(skb); 955 return -ENOMEM; 956 } 957 skb_shinfo(rskb)->frag_list = skb; 958 rskb->len += skb->len; 959 rskb->data_len += rskb->len; 960 rskb->truesize += rskb->len; 961 962 /* Avoid nested fragments */ 963 skb_walk_frags(skb, fs) 964 flen += fs->len; 965 skb->next = skb_shinfo(skb)->frag_list; 966 skb_frag_list_init(skb); 967 skb->len -= flen; 968 skb->data_len -= flen; 969 skb->truesize -= flen; 970 971 skb_reserve(rskb, MAX_PHONET_HEADER + 3); 972 return pipe_skb_send(sk, rskb); 973} 974 975struct sk_buff *pep_read(struct sock *sk) 976{ 977 struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue); 978 979 if (sk->sk_state == TCP_ESTABLISHED) 980 pipe_grant_credits(sk); 981 return skb; 982} 983 984static int pep_recvmsg(struct kiocb *iocb, struct sock *sk, 985 struct msghdr *msg, size_t len, int noblock, 986 int flags, int *addr_len) 987{ 988 struct sk_buff *skb; 989 int err; 990 991 if (flags & ~(MSG_OOB|MSG_PEEK|MSG_TRUNC|MSG_DONTWAIT|MSG_WAITALL| 992 MSG_NOSIGNAL|MSG_CMSG_COMPAT)) 993 return -EOPNOTSUPP; 994 995 if (unlikely(1 << sk->sk_state & (TCPF_LISTEN | TCPF_CLOSE))) 996 return -ENOTCONN; 997 998 if ((flags & MSG_OOB) || sock_flag(sk, SOCK_URGINLINE)) { 999 /* Dequeue and acknowledge control request */ 1000 struct pep_sock *pn = pep_sk(sk); 1001 1002 if (flags & MSG_PEEK) 1003 return -EOPNOTSUPP; 1004 skb = skb_dequeue(&pn->ctrlreq_queue); 1005 if (skb) { 1006 pep_ctrlreq_error(sk, skb, PN_PIPE_NO_ERROR, 1007 GFP_KERNEL); 1008 msg->msg_flags |= MSG_OOB; 1009 goto copy; 1010 } 1011 if (flags & MSG_OOB) 1012 return -EINVAL; 1013 } 1014 1015 skb = skb_recv_datagram(sk, flags, noblock, &err); 1016 lock_sock(sk); 1017 if (skb == NULL) { 1018 if (err == -ENOTCONN && sk->sk_state == TCP_CLOSE_WAIT) 1019 err = -ECONNRESET; 1020 release_sock(sk); 1021 return err; 1022 } 1023 1024 if (sk->sk_state == TCP_ESTABLISHED) 1025 pipe_grant_credits(sk); 1026 release_sock(sk); 1027copy: 1028 msg->msg_flags |= MSG_EOR; 1029 if (skb->len > len) 1030 msg->msg_flags |= MSG_TRUNC; 1031 else 1032 len = skb->len; 1033 1034 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, len); 1035 if (!err) 1036 err = (flags & MSG_TRUNC) ? skb->len : len; 1037 1038 skb_free_datagram(sk, skb); 1039 return err; 1040} 1041 1042static void pep_sock_unhash(struct sock *sk) 1043{ 1044 struct pep_sock *pn = pep_sk(sk); 1045 struct sock *skparent = NULL; 1046 1047 lock_sock(sk); 1048 if ((1 << sk->sk_state) & ~(TCPF_CLOSE|TCPF_LISTEN)) { 1049 skparent = pn->listener; 1050 release_sock(sk); 1051 1052 pn = pep_sk(skparent); 1053 lock_sock(skparent); 1054 sk_del_node_init(sk); 1055 sk = skparent; 1056 } 1057 /* Unhash a listening sock only when it is closed 1058 * and all of its active connected pipes are closed. */ 1059 if (hlist_empty(&pn->hlist)) 1060 pn_sock_unhash(&pn->pn_sk.sk); 1061 release_sock(sk); 1062 1063 if (skparent) 1064 sock_put(skparent); 1065} 1066 1067static struct proto pep_proto = { 1068 .close = pep_sock_close, 1069 .accept = pep_sock_accept, 1070 .ioctl = pep_ioctl, 1071 .init = pep_init, 1072 .setsockopt = pep_setsockopt, 1073 .getsockopt = pep_getsockopt, 1074 .sendmsg = pep_sendmsg, 1075 .recvmsg = pep_recvmsg, 1076 .backlog_rcv = pep_do_rcv, 1077 .hash = pn_sock_hash, 1078 .unhash = pep_sock_unhash, 1079 .get_port = pn_sock_get_port, 1080 .obj_size = sizeof(struct pep_sock), 1081 .owner = THIS_MODULE, 1082 .name = "PNPIPE", 1083}; 1084 1085static struct phonet_protocol pep_pn_proto = { 1086 .ops = &phonet_stream_ops, 1087 .prot = &pep_proto, 1088 .sock_type = SOCK_SEQPACKET, 1089}; 1090 1091static int __init pep_register(void) 1092{ 1093 return phonet_proto_register(PN_PROTO_PIPE, &pep_pn_proto); 1094} 1095 1096static void __exit pep_unregister(void) 1097{ 1098 phonet_proto_unregister(PN_PROTO_PIPE, &pep_pn_proto); 1099} 1100 1101module_init(pep_register); 1102module_exit(pep_unregister); 1103MODULE_AUTHOR("Remi Denis-Courmont, Nokia"); 1104MODULE_DESCRIPTION("Phonet pipe protocol"); 1105MODULE_LICENSE("GPL"); 1106MODULE_ALIAS_NET_PF_PROTO(PF_PHONET, PN_PROTO_PIPE); 1107