1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* Client connection-specific management code.
3  *
4  * Copyright (C) 2016, 2020 Red Hat, Inc. All Rights Reserved.
5  * Written by David Howells (dhowells@redhat.com)
6  *
7  * Client connections need to be cached for a little while after they've made a
8  * call so as to handle retransmitted DATA packets in case the server didn't
9  * receive the final ACK or terminating ABORT we sent it.
10  *
11  * There are flags of relevance to the cache:
12  *
13  *  (2) DONT_REUSE - The connection should be discarded as soon as possible and
14  *      should not be reused.  This is set when an exclusive connection is used
15  *      or a call ID counter overflows.
16  *
17  * The caching state may only be changed if the cache lock is held.
18  *
19  * There are two idle client connection expiry durations.  If the total number
20  * of connections is below the reap threshold, we use the normal duration; if
21  * it's above, we use the fast duration.
22  */
23 
24 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
25 
26 #include <linux/slab.h>
27 #include <linux/idr.h>
28 #include <linux/timer.h>
29 #include <linux/sched/signal.h>
30 
31 #include "ar-internal.h"
32 
33 __read_mostly unsigned int rxrpc_reap_client_connections = 900;
34 __read_mostly unsigned long rxrpc_conn_idle_client_expiry = 2 * 60 * HZ;
35 __read_mostly unsigned long rxrpc_conn_idle_client_fast_expiry = 2 * HZ;
36 
rxrpc_activate_bundle(struct rxrpc_bundle * bundle)37 static void rxrpc_activate_bundle(struct rxrpc_bundle *bundle)
38 {
39 	atomic_inc(&bundle->active);
40 }
41 
42 /*
43  * Release a connection ID for a client connection.
44  */
rxrpc_put_client_connection_id(struct rxrpc_local * local,struct rxrpc_connection * conn)45 static void rxrpc_put_client_connection_id(struct rxrpc_local *local,
46 					   struct rxrpc_connection *conn)
47 {
48 	idr_remove(&local->conn_ids, conn->proto.cid >> RXRPC_CIDSHIFT);
49 }
50 
51 /*
52  * Destroy the client connection ID tree.
53  */
rxrpc_destroy_client_conn_ids(struct rxrpc_local * local)54 static void rxrpc_destroy_client_conn_ids(struct rxrpc_local *local)
55 {
56 	struct rxrpc_connection *conn;
57 	int id;
58 
59 	if (!idr_is_empty(&local->conn_ids)) {
60 		idr_for_each_entry(&local->conn_ids, conn, id) {
61 			pr_err("AF_RXRPC: Leaked client conn %p {%d}\n",
62 			       conn, refcount_read(&conn->ref));
63 		}
64 		BUG();
65 	}
66 
67 	idr_destroy(&local->conn_ids);
68 }
69 
70 /*
71  * Allocate a connection bundle.
72  */
rxrpc_alloc_bundle(struct rxrpc_call * call,gfp_t gfp)73 static struct rxrpc_bundle *rxrpc_alloc_bundle(struct rxrpc_call *call,
74 					       gfp_t gfp)
75 {
76 	static atomic_t rxrpc_bundle_id;
77 	struct rxrpc_bundle *bundle;
78 
79 	bundle = kzalloc(sizeof(*bundle), gfp);
80 	if (bundle) {
81 		bundle->local		= call->local;
82 		bundle->peer		= rxrpc_get_peer(call->peer, rxrpc_peer_get_bundle);
83 		bundle->key		= key_get(call->key);
84 		bundle->security	= call->security;
85 		bundle->exclusive	= test_bit(RXRPC_CALL_EXCLUSIVE, &call->flags);
86 		bundle->upgrade		= test_bit(RXRPC_CALL_UPGRADE, &call->flags);
87 		bundle->service_id	= call->dest_srx.srx_service;
88 		bundle->security_level	= call->security_level;
89 		bundle->debug_id	= atomic_inc_return(&rxrpc_bundle_id);
90 		refcount_set(&bundle->ref, 1);
91 		atomic_set(&bundle->active, 1);
92 		INIT_LIST_HEAD(&bundle->waiting_calls);
93 		trace_rxrpc_bundle(bundle->debug_id, 1, rxrpc_bundle_new);
94 	}
95 	return bundle;
96 }
97 
rxrpc_get_bundle(struct rxrpc_bundle * bundle,enum rxrpc_bundle_trace why)98 struct rxrpc_bundle *rxrpc_get_bundle(struct rxrpc_bundle *bundle,
99 				      enum rxrpc_bundle_trace why)
100 {
101 	int r;
102 
103 	__refcount_inc(&bundle->ref, &r);
104 	trace_rxrpc_bundle(bundle->debug_id, r + 1, why);
105 	return bundle;
106 }
107 
rxrpc_free_bundle(struct rxrpc_bundle * bundle)108 static void rxrpc_free_bundle(struct rxrpc_bundle *bundle)
109 {
110 	trace_rxrpc_bundle(bundle->debug_id, refcount_read(&bundle->ref),
111 			   rxrpc_bundle_free);
112 	rxrpc_put_peer(bundle->peer, rxrpc_peer_put_bundle);
113 	key_put(bundle->key);
114 	kfree(bundle);
115 }
116 
rxrpc_put_bundle(struct rxrpc_bundle * bundle,enum rxrpc_bundle_trace why)117 void rxrpc_put_bundle(struct rxrpc_bundle *bundle, enum rxrpc_bundle_trace why)
118 {
119 	unsigned int id;
120 	bool dead;
121 	int r;
122 
123 	if (bundle) {
124 		id = bundle->debug_id;
125 		dead = __refcount_dec_and_test(&bundle->ref, &r);
126 		trace_rxrpc_bundle(id, r - 1, why);
127 		if (dead)
128 			rxrpc_free_bundle(bundle);
129 	}
130 }
131 
132 /*
133  * Get rid of outstanding client connection preallocations when a local
134  * endpoint is destroyed.
135  */
rxrpc_purge_client_connections(struct rxrpc_local * local)136 void rxrpc_purge_client_connections(struct rxrpc_local *local)
137 {
138 	rxrpc_destroy_client_conn_ids(local);
139 }
140 
141 /*
142  * Allocate a client connection.
143  */
144 static struct rxrpc_connection *
rxrpc_alloc_client_connection(struct rxrpc_bundle * bundle)145 rxrpc_alloc_client_connection(struct rxrpc_bundle *bundle)
146 {
147 	struct rxrpc_connection *conn;
148 	struct rxrpc_local *local = bundle->local;
149 	struct rxrpc_net *rxnet = local->rxnet;
150 	int id;
151 
152 	_enter("");
153 
154 	conn = rxrpc_alloc_connection(rxnet, GFP_ATOMIC | __GFP_NOWARN);
155 	if (!conn)
156 		return ERR_PTR(-ENOMEM);
157 
158 	id = idr_alloc_cyclic(&local->conn_ids, conn, 1, 0x40000000,
159 			      GFP_ATOMIC | __GFP_NOWARN);
160 	if (id < 0) {
161 		kfree(conn);
162 		return ERR_PTR(id);
163 	}
164 
165 	refcount_set(&conn->ref, 1);
166 	conn->proto.cid		= id << RXRPC_CIDSHIFT;
167 	conn->proto.epoch	= local->rxnet->epoch;
168 	conn->out_clientflag	= RXRPC_CLIENT_INITIATED;
169 	conn->bundle		= rxrpc_get_bundle(bundle, rxrpc_bundle_get_client_conn);
170 	conn->local		= rxrpc_get_local(bundle->local, rxrpc_local_get_client_conn);
171 	conn->peer		= rxrpc_get_peer(bundle->peer, rxrpc_peer_get_client_conn);
172 	conn->key		= key_get(bundle->key);
173 	conn->security		= bundle->security;
174 	conn->exclusive		= bundle->exclusive;
175 	conn->upgrade		= bundle->upgrade;
176 	conn->orig_service_id	= bundle->service_id;
177 	conn->security_level	= bundle->security_level;
178 	conn->state		= RXRPC_CONN_CLIENT_UNSECURED;
179 	conn->service_id	= conn->orig_service_id;
180 
181 	if (conn->security == &rxrpc_no_security)
182 		conn->state	= RXRPC_CONN_CLIENT;
183 
184 	atomic_inc(&rxnet->nr_conns);
185 	write_lock(&rxnet->conn_lock);
186 	list_add_tail(&conn->proc_link, &rxnet->conn_proc_list);
187 	write_unlock(&rxnet->conn_lock);
188 
189 	rxrpc_see_connection(conn, rxrpc_conn_new_client);
190 
191 	atomic_inc(&rxnet->nr_client_conns);
192 	trace_rxrpc_client(conn, -1, rxrpc_client_alloc);
193 	return conn;
194 }
195 
196 /*
197  * Determine if a connection may be reused.
198  */
rxrpc_may_reuse_conn(struct rxrpc_connection * conn)199 static bool rxrpc_may_reuse_conn(struct rxrpc_connection *conn)
200 {
201 	struct rxrpc_net *rxnet;
202 	int id_cursor, id, distance, limit;
203 
204 	if (!conn)
205 		goto dont_reuse;
206 
207 	rxnet = conn->rxnet;
208 	if (test_bit(RXRPC_CONN_DONT_REUSE, &conn->flags))
209 		goto dont_reuse;
210 
211 	if ((conn->state != RXRPC_CONN_CLIENT_UNSECURED &&
212 	     conn->state != RXRPC_CONN_CLIENT) ||
213 	    conn->proto.epoch != rxnet->epoch)
214 		goto mark_dont_reuse;
215 
216 	/* The IDR tree gets very expensive on memory if the connection IDs are
217 	 * widely scattered throughout the number space, so we shall want to
218 	 * kill off connections that, say, have an ID more than about four
219 	 * times the maximum number of client conns away from the current
220 	 * allocation point to try and keep the IDs concentrated.
221 	 */
222 	id_cursor = idr_get_cursor(&conn->local->conn_ids);
223 	id = conn->proto.cid >> RXRPC_CIDSHIFT;
224 	distance = id - id_cursor;
225 	if (distance < 0)
226 		distance = -distance;
227 	limit = max_t(unsigned long, atomic_read(&rxnet->nr_conns) * 4, 1024);
228 	if (distance > limit)
229 		goto mark_dont_reuse;
230 
231 	return true;
232 
233 mark_dont_reuse:
234 	set_bit(RXRPC_CONN_DONT_REUSE, &conn->flags);
235 dont_reuse:
236 	return false;
237 }
238 
239 /*
240  * Look up the conn bundle that matches the connection parameters, adding it if
241  * it doesn't yet exist.
242  */
rxrpc_look_up_bundle(struct rxrpc_call * call,gfp_t gfp)243 int rxrpc_look_up_bundle(struct rxrpc_call *call, gfp_t gfp)
244 {
245 	struct rxrpc_bundle *bundle, *candidate;
246 	struct rxrpc_local *local = call->local;
247 	struct rb_node *p, **pp, *parent;
248 	long diff;
249 	bool upgrade = test_bit(RXRPC_CALL_UPGRADE, &call->flags);
250 
251 	_enter("{%px,%x,%u,%u}",
252 	       call->peer, key_serial(call->key), call->security_level,
253 	       upgrade);
254 
255 	if (test_bit(RXRPC_CALL_EXCLUSIVE, &call->flags)) {
256 		call->bundle = rxrpc_alloc_bundle(call, gfp);
257 		return call->bundle ? 0 : -ENOMEM;
258 	}
259 
260 	/* First, see if the bundle is already there. */
261 	_debug("search 1");
262 	spin_lock(&local->client_bundles_lock);
263 	p = local->client_bundles.rb_node;
264 	while (p) {
265 		bundle = rb_entry(p, struct rxrpc_bundle, local_node);
266 
267 #define cmp(X, Y) ((long)(X) - (long)(Y))
268 		diff = (cmp(bundle->peer, call->peer) ?:
269 			cmp(bundle->key, call->key) ?:
270 			cmp(bundle->security_level, call->security_level) ?:
271 			cmp(bundle->upgrade, upgrade));
272 #undef cmp
273 		if (diff < 0)
274 			p = p->rb_left;
275 		else if (diff > 0)
276 			p = p->rb_right;
277 		else
278 			goto found_bundle;
279 	}
280 	spin_unlock(&local->client_bundles_lock);
281 	_debug("not found");
282 
283 	/* It wasn't.  We need to add one. */
284 	candidate = rxrpc_alloc_bundle(call, gfp);
285 	if (!candidate)
286 		return -ENOMEM;
287 
288 	_debug("search 2");
289 	spin_lock(&local->client_bundles_lock);
290 	pp = &local->client_bundles.rb_node;
291 	parent = NULL;
292 	while (*pp) {
293 		parent = *pp;
294 		bundle = rb_entry(parent, struct rxrpc_bundle, local_node);
295 
296 #define cmp(X, Y) ((long)(X) - (long)(Y))
297 		diff = (cmp(bundle->peer, call->peer) ?:
298 			cmp(bundle->key, call->key) ?:
299 			cmp(bundle->security_level, call->security_level) ?:
300 			cmp(bundle->upgrade, upgrade));
301 #undef cmp
302 		if (diff < 0)
303 			pp = &(*pp)->rb_left;
304 		else if (diff > 0)
305 			pp = &(*pp)->rb_right;
306 		else
307 			goto found_bundle_free;
308 	}
309 
310 	_debug("new bundle");
311 	rb_link_node(&candidate->local_node, parent, pp);
312 	rb_insert_color(&candidate->local_node, &local->client_bundles);
313 	call->bundle = rxrpc_get_bundle(candidate, rxrpc_bundle_get_client_call);
314 	spin_unlock(&local->client_bundles_lock);
315 	_leave(" = B=%u [new]", call->bundle->debug_id);
316 	return 0;
317 
318 found_bundle_free:
319 	rxrpc_free_bundle(candidate);
320 found_bundle:
321 	call->bundle = rxrpc_get_bundle(bundle, rxrpc_bundle_get_client_call);
322 	rxrpc_activate_bundle(bundle);
323 	spin_unlock(&local->client_bundles_lock);
324 	_leave(" = B=%u [found]", call->bundle->debug_id);
325 	return 0;
326 }
327 
328 /*
329  * Allocate a new connection and add it into a bundle.
330  */
rxrpc_add_conn_to_bundle(struct rxrpc_bundle * bundle,unsigned int slot)331 static bool rxrpc_add_conn_to_bundle(struct rxrpc_bundle *bundle,
332 				     unsigned int slot)
333 {
334 	struct rxrpc_connection *conn, *old;
335 	unsigned int shift = slot * RXRPC_MAXCALLS;
336 	unsigned int i;
337 
338 	old = bundle->conns[slot];
339 	if (old) {
340 		bundle->conns[slot] = NULL;
341 		trace_rxrpc_client(old, -1, rxrpc_client_replace);
342 		rxrpc_put_connection(old, rxrpc_conn_put_noreuse);
343 	}
344 
345 	conn = rxrpc_alloc_client_connection(bundle);
346 	if (IS_ERR(conn)) {
347 		bundle->alloc_error = PTR_ERR(conn);
348 		return false;
349 	}
350 
351 	rxrpc_activate_bundle(bundle);
352 	conn->bundle_shift = shift;
353 	bundle->conns[slot] = conn;
354 	for (i = 0; i < RXRPC_MAXCALLS; i++)
355 		set_bit(shift + i, &bundle->avail_chans);
356 	return true;
357 }
358 
359 /*
360  * Add a connection to a bundle if there are no usable connections or we have
361  * connections waiting for extra capacity.
362  */
rxrpc_bundle_has_space(struct rxrpc_bundle * bundle)363 static bool rxrpc_bundle_has_space(struct rxrpc_bundle *bundle)
364 {
365 	int slot = -1, i, usable;
366 
367 	_enter("");
368 
369 	bundle->alloc_error = 0;
370 
371 	/* See if there are any usable connections. */
372 	usable = 0;
373 	for (i = 0; i < ARRAY_SIZE(bundle->conns); i++) {
374 		if (rxrpc_may_reuse_conn(bundle->conns[i]))
375 			usable++;
376 		else if (slot == -1)
377 			slot = i;
378 	}
379 
380 	if (!usable && bundle->upgrade)
381 		bundle->try_upgrade = true;
382 
383 	if (!usable)
384 		goto alloc_conn;
385 
386 	if (!bundle->avail_chans &&
387 	    !bundle->try_upgrade &&
388 	    usable < ARRAY_SIZE(bundle->conns))
389 		goto alloc_conn;
390 
391 	_leave("");
392 	return usable;
393 
394 alloc_conn:
395 	return slot >= 0 ? rxrpc_add_conn_to_bundle(bundle, slot) : false;
396 }
397 
398 /*
399  * Assign a channel to the call at the front of the queue and wake the call up.
400  * We don't increment the callNumber counter until this number has been exposed
401  * to the world.
402  */
rxrpc_activate_one_channel(struct rxrpc_connection * conn,unsigned int channel)403 static void rxrpc_activate_one_channel(struct rxrpc_connection *conn,
404 				       unsigned int channel)
405 {
406 	struct rxrpc_channel *chan = &conn->channels[channel];
407 	struct rxrpc_bundle *bundle = conn->bundle;
408 	struct rxrpc_call *call = list_entry(bundle->waiting_calls.next,
409 					     struct rxrpc_call, wait_link);
410 	u32 call_id = chan->call_counter + 1;
411 
412 	_enter("C=%x,%u", conn->debug_id, channel);
413 
414 	list_del_init(&call->wait_link);
415 
416 	trace_rxrpc_client(conn, channel, rxrpc_client_chan_activate);
417 
418 	/* Cancel the final ACK on the previous call if it hasn't been sent yet
419 	 * as the DATA packet will implicitly ACK it.
420 	 */
421 	clear_bit(RXRPC_CONN_FINAL_ACK_0 + channel, &conn->flags);
422 	clear_bit(conn->bundle_shift + channel, &bundle->avail_chans);
423 
424 	rxrpc_see_call(call, rxrpc_call_see_activate_client);
425 	call->conn	= rxrpc_get_connection(conn, rxrpc_conn_get_activate_call);
426 	call->cid	= conn->proto.cid | channel;
427 	call->call_id	= call_id;
428 	call->dest_srx.srx_service = conn->service_id;
429 	call->cong_ssthresh = call->peer->cong_ssthresh;
430 	if (call->cong_cwnd >= call->cong_ssthresh)
431 		call->cong_mode = RXRPC_CALL_CONGEST_AVOIDANCE;
432 	else
433 		call->cong_mode = RXRPC_CALL_SLOW_START;
434 
435 	chan->call_id		= call_id;
436 	chan->call_debug_id	= call->debug_id;
437 	chan->call		= call;
438 
439 	rxrpc_see_call(call, rxrpc_call_see_connected);
440 	trace_rxrpc_connect_call(call);
441 	call->tx_last_sent = ktime_get_real();
442 	rxrpc_start_call_timer(call);
443 	rxrpc_set_call_state(call, RXRPC_CALL_CLIENT_SEND_REQUEST);
444 	wake_up(&call->waitq);
445 }
446 
447 /*
448  * Remove a connection from the idle list if it's on it.
449  */
rxrpc_unidle_conn(struct rxrpc_connection * conn)450 static void rxrpc_unidle_conn(struct rxrpc_connection *conn)
451 {
452 	if (!list_empty(&conn->cache_link)) {
453 		list_del_init(&conn->cache_link);
454 		rxrpc_put_connection(conn, rxrpc_conn_put_unidle);
455 	}
456 }
457 
458 /*
459  * Assign channels and callNumbers to waiting calls.
460  */
rxrpc_activate_channels(struct rxrpc_bundle * bundle)461 static void rxrpc_activate_channels(struct rxrpc_bundle *bundle)
462 {
463 	struct rxrpc_connection *conn;
464 	unsigned long avail, mask;
465 	unsigned int channel, slot;
466 
467 	trace_rxrpc_client(NULL, -1, rxrpc_client_activate_chans);
468 
469 	if (bundle->try_upgrade)
470 		mask = 1;
471 	else
472 		mask = ULONG_MAX;
473 
474 	while (!list_empty(&bundle->waiting_calls)) {
475 		avail = bundle->avail_chans & mask;
476 		if (!avail)
477 			break;
478 		channel = __ffs(avail);
479 		clear_bit(channel, &bundle->avail_chans);
480 
481 		slot = channel / RXRPC_MAXCALLS;
482 		conn = bundle->conns[slot];
483 		if (!conn)
484 			break;
485 
486 		if (bundle->try_upgrade)
487 			set_bit(RXRPC_CONN_PROBING_FOR_UPGRADE, &conn->flags);
488 		rxrpc_unidle_conn(conn);
489 
490 		channel &= (RXRPC_MAXCALLS - 1);
491 		conn->act_chans	|= 1 << channel;
492 		rxrpc_activate_one_channel(conn, channel);
493 	}
494 }
495 
496 /*
497  * Connect waiting channels (called from the I/O thread).
498  */
rxrpc_connect_client_calls(struct rxrpc_local * local)499 void rxrpc_connect_client_calls(struct rxrpc_local *local)
500 {
501 	struct rxrpc_call *call;
502 
503 	while ((call = list_first_entry_or_null(&local->new_client_calls,
504 						struct rxrpc_call, wait_link))
505 	       ) {
506 		struct rxrpc_bundle *bundle = call->bundle;
507 
508 		spin_lock(&local->client_call_lock);
509 		list_move_tail(&call->wait_link, &bundle->waiting_calls);
510 		spin_unlock(&local->client_call_lock);
511 
512 		if (rxrpc_bundle_has_space(bundle))
513 			rxrpc_activate_channels(bundle);
514 	}
515 }
516 
517 /*
518  * Note that a call, and thus a connection, is about to be exposed to the
519  * world.
520  */
rxrpc_expose_client_call(struct rxrpc_call * call)521 void rxrpc_expose_client_call(struct rxrpc_call *call)
522 {
523 	unsigned int channel = call->cid & RXRPC_CHANNELMASK;
524 	struct rxrpc_connection *conn = call->conn;
525 	struct rxrpc_channel *chan = &conn->channels[channel];
526 
527 	if (!test_and_set_bit(RXRPC_CALL_EXPOSED, &call->flags)) {
528 		/* Mark the call ID as being used.  If the callNumber counter
529 		 * exceeds ~2 billion, we kill the connection after its
530 		 * outstanding calls have finished so that the counter doesn't
531 		 * wrap.
532 		 */
533 		chan->call_counter++;
534 		if (chan->call_counter >= INT_MAX)
535 			set_bit(RXRPC_CONN_DONT_REUSE, &conn->flags);
536 		trace_rxrpc_client(conn, channel, rxrpc_client_exposed);
537 
538 		spin_lock(&call->peer->lock);
539 		hlist_add_head(&call->error_link, &call->peer->error_targets);
540 		spin_unlock(&call->peer->lock);
541 	}
542 }
543 
544 /*
545  * Set the reap timer.
546  */
rxrpc_set_client_reap_timer(struct rxrpc_local * local)547 static void rxrpc_set_client_reap_timer(struct rxrpc_local *local)
548 {
549 	if (!local->kill_all_client_conns) {
550 		unsigned long now = jiffies;
551 		unsigned long reap_at = now + rxrpc_conn_idle_client_expiry;
552 
553 		if (local->rxnet->live)
554 			timer_reduce(&local->client_conn_reap_timer, reap_at);
555 	}
556 }
557 
558 /*
559  * Disconnect a client call.
560  */
rxrpc_disconnect_client_call(struct rxrpc_bundle * bundle,struct rxrpc_call * call)561 void rxrpc_disconnect_client_call(struct rxrpc_bundle *bundle, struct rxrpc_call *call)
562 {
563 	struct rxrpc_connection *conn;
564 	struct rxrpc_channel *chan = NULL;
565 	struct rxrpc_local *local = bundle->local;
566 	unsigned int channel;
567 	bool may_reuse;
568 	u32 cid;
569 
570 	_enter("c=%x", call->debug_id);
571 
572 	/* Calls that have never actually been assigned a channel can simply be
573 	 * discarded.
574 	 */
575 	conn = call->conn;
576 	if (!conn) {
577 		_debug("call is waiting");
578 		ASSERTCMP(call->call_id, ==, 0);
579 		ASSERT(!test_bit(RXRPC_CALL_EXPOSED, &call->flags));
580 		list_del_init(&call->wait_link);
581 		return;
582 	}
583 
584 	cid = call->cid;
585 	channel = cid & RXRPC_CHANNELMASK;
586 	chan = &conn->channels[channel];
587 	trace_rxrpc_client(conn, channel, rxrpc_client_chan_disconnect);
588 
589 	if (WARN_ON(chan->call != call))
590 		return;
591 
592 	may_reuse = rxrpc_may_reuse_conn(conn);
593 
594 	/* If a client call was exposed to the world, we save the result for
595 	 * retransmission.
596 	 *
597 	 * We use a barrier here so that the call number and abort code can be
598 	 * read without needing to take a lock.
599 	 *
600 	 * TODO: Make the incoming packet handler check this and handle
601 	 * terminal retransmission without requiring access to the call.
602 	 */
603 	if (test_bit(RXRPC_CALL_EXPOSED, &call->flags)) {
604 		_debug("exposed %u,%u", call->call_id, call->abort_code);
605 		__rxrpc_disconnect_call(conn, call);
606 
607 		if (test_and_clear_bit(RXRPC_CONN_PROBING_FOR_UPGRADE, &conn->flags)) {
608 			trace_rxrpc_client(conn, channel, rxrpc_client_to_active);
609 			bundle->try_upgrade = false;
610 			if (may_reuse)
611 				rxrpc_activate_channels(bundle);
612 		}
613 	}
614 
615 	/* See if we can pass the channel directly to another call. */
616 	if (may_reuse && !list_empty(&bundle->waiting_calls)) {
617 		trace_rxrpc_client(conn, channel, rxrpc_client_chan_pass);
618 		rxrpc_activate_one_channel(conn, channel);
619 		return;
620 	}
621 
622 	/* Schedule the final ACK to be transmitted in a short while so that it
623 	 * can be skipped if we find a follow-on call.  The first DATA packet
624 	 * of the follow on call will implicitly ACK this call.
625 	 */
626 	if (call->completion == RXRPC_CALL_SUCCEEDED &&
627 	    test_bit(RXRPC_CALL_EXPOSED, &call->flags)) {
628 		unsigned long final_ack_at = jiffies + 2;
629 
630 		WRITE_ONCE(chan->final_ack_at, final_ack_at);
631 		smp_wmb(); /* vs rxrpc_process_delayed_final_acks() */
632 		set_bit(RXRPC_CONN_FINAL_ACK_0 + channel, &conn->flags);
633 		rxrpc_reduce_conn_timer(conn, final_ack_at);
634 	}
635 
636 	/* Deactivate the channel. */
637 	chan->call = NULL;
638 	set_bit(conn->bundle_shift + channel, &conn->bundle->avail_chans);
639 	conn->act_chans	&= ~(1 << channel);
640 
641 	/* If no channels remain active, then put the connection on the idle
642 	 * list for a short while.  Give it a ref to stop it going away if it
643 	 * becomes unbundled.
644 	 */
645 	if (!conn->act_chans) {
646 		trace_rxrpc_client(conn, channel, rxrpc_client_to_idle);
647 		conn->idle_timestamp = jiffies;
648 
649 		rxrpc_get_connection(conn, rxrpc_conn_get_idle);
650 		list_move_tail(&conn->cache_link, &local->idle_client_conns);
651 
652 		rxrpc_set_client_reap_timer(local);
653 	}
654 }
655 
656 /*
657  * Remove a connection from a bundle.
658  */
rxrpc_unbundle_conn(struct rxrpc_connection * conn)659 static void rxrpc_unbundle_conn(struct rxrpc_connection *conn)
660 {
661 	struct rxrpc_bundle *bundle = conn->bundle;
662 	unsigned int bindex;
663 	int i;
664 
665 	_enter("C=%x", conn->debug_id);
666 
667 	if (conn->flags & RXRPC_CONN_FINAL_ACK_MASK)
668 		rxrpc_process_delayed_final_acks(conn, true);
669 
670 	bindex = conn->bundle_shift / RXRPC_MAXCALLS;
671 	if (bundle->conns[bindex] == conn) {
672 		_debug("clear slot %u", bindex);
673 		bundle->conns[bindex] = NULL;
674 		for (i = 0; i < RXRPC_MAXCALLS; i++)
675 			clear_bit(conn->bundle_shift + i, &bundle->avail_chans);
676 		rxrpc_put_client_connection_id(bundle->local, conn);
677 		rxrpc_deactivate_bundle(bundle);
678 		rxrpc_put_connection(conn, rxrpc_conn_put_unbundle);
679 	}
680 }
681 
682 /*
683  * Drop the active count on a bundle.
684  */
rxrpc_deactivate_bundle(struct rxrpc_bundle * bundle)685 void rxrpc_deactivate_bundle(struct rxrpc_bundle *bundle)
686 {
687 	struct rxrpc_local *local;
688 	bool need_put = false;
689 
690 	if (!bundle)
691 		return;
692 
693 	local = bundle->local;
694 	if (atomic_dec_and_lock(&bundle->active, &local->client_bundles_lock)) {
695 		if (!bundle->exclusive) {
696 			_debug("erase bundle");
697 			rb_erase(&bundle->local_node, &local->client_bundles);
698 			need_put = true;
699 		}
700 
701 		spin_unlock(&local->client_bundles_lock);
702 		if (need_put)
703 			rxrpc_put_bundle(bundle, rxrpc_bundle_put_discard);
704 	}
705 }
706 
707 /*
708  * Clean up a dead client connection.
709  */
rxrpc_kill_client_conn(struct rxrpc_connection * conn)710 void rxrpc_kill_client_conn(struct rxrpc_connection *conn)
711 {
712 	struct rxrpc_local *local = conn->local;
713 	struct rxrpc_net *rxnet = local->rxnet;
714 
715 	_enter("C=%x", conn->debug_id);
716 
717 	trace_rxrpc_client(conn, -1, rxrpc_client_cleanup);
718 	atomic_dec(&rxnet->nr_client_conns);
719 
720 	rxrpc_put_client_connection_id(local, conn);
721 }
722 
723 /*
724  * Discard expired client connections from the idle list.  Each conn in the
725  * idle list has been exposed and holds an extra ref because of that.
726  *
727  * This may be called from conn setup or from a work item so cannot be
728  * considered non-reentrant.
729  */
rxrpc_discard_expired_client_conns(struct rxrpc_local * local)730 void rxrpc_discard_expired_client_conns(struct rxrpc_local *local)
731 {
732 	struct rxrpc_connection *conn;
733 	unsigned long expiry, conn_expires_at, now;
734 	unsigned int nr_conns;
735 
736 	_enter("");
737 
738 	/* We keep an estimate of what the number of conns ought to be after
739 	 * we've discarded some so that we don't overdo the discarding.
740 	 */
741 	nr_conns = atomic_read(&local->rxnet->nr_client_conns);
742 
743 next:
744 	conn = list_first_entry_or_null(&local->idle_client_conns,
745 					struct rxrpc_connection, cache_link);
746 	if (!conn)
747 		return;
748 
749 	if (!local->kill_all_client_conns) {
750 		/* If the number of connections is over the reap limit, we
751 		 * expedite discard by reducing the expiry timeout.  We must,
752 		 * however, have at least a short grace period to be able to do
753 		 * final-ACK or ABORT retransmission.
754 		 */
755 		expiry = rxrpc_conn_idle_client_expiry;
756 		if (nr_conns > rxrpc_reap_client_connections)
757 			expiry = rxrpc_conn_idle_client_fast_expiry;
758 		if (conn->local->service_closed)
759 			expiry = rxrpc_closed_conn_expiry * HZ;
760 
761 		conn_expires_at = conn->idle_timestamp + expiry;
762 
763 		now = READ_ONCE(jiffies);
764 		if (time_after(conn_expires_at, now))
765 			goto not_yet_expired;
766 	}
767 
768 	atomic_dec(&conn->active);
769 	trace_rxrpc_client(conn, -1, rxrpc_client_discard);
770 	list_del_init(&conn->cache_link);
771 
772 	rxrpc_unbundle_conn(conn);
773 	/* Drop the ->cache_link ref */
774 	rxrpc_put_connection(conn, rxrpc_conn_put_discard_idle);
775 
776 	nr_conns--;
777 	goto next;
778 
779 not_yet_expired:
780 	/* The connection at the front of the queue hasn't yet expired, so
781 	 * schedule the work item for that point if we discarded something.
782 	 *
783 	 * We don't worry if the work item is already scheduled - it can look
784 	 * after rescheduling itself at a later time.  We could cancel it, but
785 	 * then things get messier.
786 	 */
787 	_debug("not yet");
788 	if (!local->kill_all_client_conns)
789 		timer_reduce(&local->client_conn_reap_timer, conn_expires_at);
790 
791 	_leave("");
792 }
793 
794 /*
795  * Clean up the client connections on a local endpoint.
796  */
rxrpc_clean_up_local_conns(struct rxrpc_local * local)797 void rxrpc_clean_up_local_conns(struct rxrpc_local *local)
798 {
799 	struct rxrpc_connection *conn;
800 
801 	_enter("");
802 
803 	local->kill_all_client_conns = true;
804 
805 	del_timer_sync(&local->client_conn_reap_timer);
806 
807 	while ((conn = list_first_entry_or_null(&local->idle_client_conns,
808 						struct rxrpc_connection, cache_link))) {
809 		list_del_init(&conn->cache_link);
810 		atomic_dec(&conn->active);
811 		trace_rxrpc_client(conn, -1, rxrpc_client_discard);
812 		rxrpc_unbundle_conn(conn);
813 		rxrpc_put_connection(conn, rxrpc_conn_put_local_dead);
814 	}
815 
816 	_leave(" [culled]");
817 }
818