1 /*
2 * net/tipc/socket.c: TIPC socket API
3 *
4 * Copyright (c) 2001-2007, Ericsson AB
5 * Copyright (c) 2004-2008, 2010-2011, Wind River Systems
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the names of the copyright holders nor the names of its
17 * contributors may be used to endorse or promote products derived from
18 * this software without specific prior written permission.
19 *
20 * Alternatively, this software may be distributed under the terms of the
21 * GNU General Public License ("GPL") version 2 as published by the Free
22 * Software Foundation.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
25 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
32 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
33 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
34 * POSSIBILITY OF SUCH DAMAGE.
35 */
36
37 #include <net/sock.h>
38
39 #include <linux/tipc.h>
40 #include <linux/tipc_config.h>
41
42 #include "core.h"
43 #include "port.h"
44
45 #define SS_LISTENING -1 /* socket is listening */
46 #define SS_READY -2 /* socket is connectionless */
47
48 #define OVERLOAD_LIMIT_BASE 5000
49 #define CONN_TIMEOUT_DEFAULT 8000 /* default connect timeout = 8s */
50
51 struct tipc_sock {
52 struct sock sk;
53 struct tipc_port *p;
54 struct tipc_portid peer_name;
55 long conn_timeout;
56 };
57
58 #define tipc_sk(sk) ((struct tipc_sock *)(sk))
59 #define tipc_sk_port(sk) ((struct tipc_port *)(tipc_sk(sk)->p))
60
61 #define tipc_rx_ready(sock) (!skb_queue_empty(&sock->sk->sk_receive_queue) || \
62 (sock->state == SS_DISCONNECTING))
63
64 static int backlog_rcv(struct sock *sk, struct sk_buff *skb);
65 static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf);
66 static void wakeupdispatch(struct tipc_port *tport);
67
68 static const struct proto_ops packet_ops;
69 static const struct proto_ops stream_ops;
70 static const struct proto_ops msg_ops;
71
72 static struct proto tipc_proto;
73
74 static int sockets_enabled;
75
76 static atomic_t tipc_queue_size = ATOMIC_INIT(0);
77
78 /*
79 * Revised TIPC socket locking policy:
80 *
81 * Most socket operations take the standard socket lock when they start
82 * and hold it until they finish (or until they need to sleep). Acquiring
83 * this lock grants the owner exclusive access to the fields of the socket
84 * data structures, with the exception of the backlog queue. A few socket
85 * operations can be done without taking the socket lock because they only
86 * read socket information that never changes during the life of the socket.
87 *
88 * Socket operations may acquire the lock for the associated TIPC port if they
89 * need to perform an operation on the port. If any routine needs to acquire
90 * both the socket lock and the port lock it must take the socket lock first
91 * to avoid the risk of deadlock.
92 *
93 * The dispatcher handling incoming messages cannot grab the socket lock in
94 * the standard fashion, since invoked it runs at the BH level and cannot block.
95 * Instead, it checks to see if the socket lock is currently owned by someone,
96 * and either handles the message itself or adds it to the socket's backlog
97 * queue; in the latter case the queued message is processed once the process
98 * owning the socket lock releases it.
99 *
100 * NOTE: Releasing the socket lock while an operation is sleeping overcomes
101 * the problem of a blocked socket operation preventing any other operations
102 * from occurring. However, applications must be careful if they have
103 * multiple threads trying to send (or receive) on the same socket, as these
104 * operations might interfere with each other. For example, doing a connect
105 * and a receive at the same time might allow the receive to consume the
106 * ACK message meant for the connect. While additional work could be done
107 * to try and overcome this, it doesn't seem to be worthwhile at the present.
108 *
109 * NOTE: Releasing the socket lock while an operation is sleeping also ensures
110 * that another operation that must be performed in a non-blocking manner is
111 * not delayed for very long because the lock has already been taken.
112 *
113 * NOTE: This code assumes that certain fields of a port/socket pair are
114 * constant over its lifetime; such fields can be examined without taking
115 * the socket lock and/or port lock, and do not need to be re-read even
116 * after resuming processing after waiting. These fields include:
117 * - socket type
118 * - pointer to socket sk structure (aka tipc_sock structure)
119 * - pointer to port structure
120 * - port reference
121 */
122
123 /**
124 * advance_rx_queue - discard first buffer in socket receive queue
125 *
126 * Caller must hold socket lock
127 */
128
advance_rx_queue(struct sock * sk)129 static void advance_rx_queue(struct sock *sk)
130 {
131 buf_discard(__skb_dequeue(&sk->sk_receive_queue));
132 atomic_dec(&tipc_queue_size);
133 }
134
135 /**
136 * discard_rx_queue - discard all buffers in socket receive queue
137 *
138 * Caller must hold socket lock
139 */
140
discard_rx_queue(struct sock * sk)141 static void discard_rx_queue(struct sock *sk)
142 {
143 struct sk_buff *buf;
144
145 while ((buf = __skb_dequeue(&sk->sk_receive_queue))) {
146 atomic_dec(&tipc_queue_size);
147 buf_discard(buf);
148 }
149 }
150
151 /**
152 * reject_rx_queue - reject all buffers in socket receive queue
153 *
154 * Caller must hold socket lock
155 */
156
reject_rx_queue(struct sock * sk)157 static void reject_rx_queue(struct sock *sk)
158 {
159 struct sk_buff *buf;
160
161 while ((buf = __skb_dequeue(&sk->sk_receive_queue))) {
162 tipc_reject_msg(buf, TIPC_ERR_NO_PORT);
163 atomic_dec(&tipc_queue_size);
164 }
165 }
166
167 /**
168 * tipc_create - create a TIPC socket
169 * @net: network namespace (must be default network)
170 * @sock: pre-allocated socket structure
171 * @protocol: protocol indicator (must be 0)
172 * @kern: caused by kernel or by userspace?
173 *
174 * This routine creates additional data structures used by the TIPC socket,
175 * initializes them, and links them together.
176 *
177 * Returns 0 on success, errno otherwise
178 */
179
tipc_create(struct net * net,struct socket * sock,int protocol,int kern)180 static int tipc_create(struct net *net, struct socket *sock, int protocol,
181 int kern)
182 {
183 const struct proto_ops *ops;
184 socket_state state;
185 struct sock *sk;
186 struct tipc_port *tp_ptr;
187
188 /* Validate arguments */
189
190 if (!net_eq(net, &init_net))
191 return -EAFNOSUPPORT;
192
193 if (unlikely(protocol != 0))
194 return -EPROTONOSUPPORT;
195
196 switch (sock->type) {
197 case SOCK_STREAM:
198 ops = &stream_ops;
199 state = SS_UNCONNECTED;
200 break;
201 case SOCK_SEQPACKET:
202 ops = &packet_ops;
203 state = SS_UNCONNECTED;
204 break;
205 case SOCK_DGRAM:
206 case SOCK_RDM:
207 ops = &msg_ops;
208 state = SS_READY;
209 break;
210 default:
211 return -EPROTOTYPE;
212 }
213
214 /* Allocate socket's protocol area */
215
216 sk = sk_alloc(net, AF_TIPC, GFP_KERNEL, &tipc_proto);
217 if (sk == NULL)
218 return -ENOMEM;
219
220 /* Allocate TIPC port for socket to use */
221
222 tp_ptr = tipc_createport_raw(sk, &dispatch, &wakeupdispatch,
223 TIPC_LOW_IMPORTANCE);
224 if (unlikely(!tp_ptr)) {
225 sk_free(sk);
226 return -ENOMEM;
227 }
228
229 /* Finish initializing socket data structures */
230
231 sock->ops = ops;
232 sock->state = state;
233
234 sock_init_data(sock, sk);
235 sk->sk_backlog_rcv = backlog_rcv;
236 tipc_sk(sk)->p = tp_ptr;
237 tipc_sk(sk)->conn_timeout = msecs_to_jiffies(CONN_TIMEOUT_DEFAULT);
238
239 spin_unlock_bh(tp_ptr->lock);
240
241 if (sock->state == SS_READY) {
242 tipc_set_portunreturnable(tp_ptr->ref, 1);
243 if (sock->type == SOCK_DGRAM)
244 tipc_set_portunreliable(tp_ptr->ref, 1);
245 }
246
247 return 0;
248 }
249
250 /**
251 * release - destroy a TIPC socket
252 * @sock: socket to destroy
253 *
254 * This routine cleans up any messages that are still queued on the socket.
255 * For DGRAM and RDM socket types, all queued messages are rejected.
256 * For SEQPACKET and STREAM socket types, the first message is rejected
257 * and any others are discarded. (If the first message on a STREAM socket
258 * is partially-read, it is discarded and the next one is rejected instead.)
259 *
260 * NOTE: Rejected messages are not necessarily returned to the sender! They
261 * are returned or discarded according to the "destination droppable" setting
262 * specified for the message by the sender.
263 *
264 * Returns 0 on success, errno otherwise
265 */
266
release(struct socket * sock)267 static int release(struct socket *sock)
268 {
269 struct sock *sk = sock->sk;
270 struct tipc_port *tport;
271 struct sk_buff *buf;
272 int res;
273
274 /*
275 * Exit if socket isn't fully initialized (occurs when a failed accept()
276 * releases a pre-allocated child socket that was never used)
277 */
278
279 if (sk == NULL)
280 return 0;
281
282 tport = tipc_sk_port(sk);
283 lock_sock(sk);
284
285 /*
286 * Reject all unreceived messages, except on an active connection
287 * (which disconnects locally & sends a 'FIN+' to peer)
288 */
289
290 while (sock->state != SS_DISCONNECTING) {
291 buf = __skb_dequeue(&sk->sk_receive_queue);
292 if (buf == NULL)
293 break;
294 atomic_dec(&tipc_queue_size);
295 if (TIPC_SKB_CB(buf)->handle != 0)
296 buf_discard(buf);
297 else {
298 if ((sock->state == SS_CONNECTING) ||
299 (sock->state == SS_CONNECTED)) {
300 sock->state = SS_DISCONNECTING;
301 tipc_disconnect(tport->ref);
302 }
303 tipc_reject_msg(buf, TIPC_ERR_NO_PORT);
304 }
305 }
306
307 /*
308 * Delete TIPC port; this ensures no more messages are queued
309 * (also disconnects an active connection & sends a 'FIN-' to peer)
310 */
311
312 res = tipc_deleteport(tport->ref);
313
314 /* Discard any remaining (connection-based) messages in receive queue */
315
316 discard_rx_queue(sk);
317
318 /* Reject any messages that accumulated in backlog queue */
319
320 sock->state = SS_DISCONNECTING;
321 release_sock(sk);
322
323 sock_put(sk);
324 sock->sk = NULL;
325
326 return res;
327 }
328
329 /**
330 * bind - associate or disassocate TIPC name(s) with a socket
331 * @sock: socket structure
332 * @uaddr: socket address describing name(s) and desired operation
333 * @uaddr_len: size of socket address data structure
334 *
335 * Name and name sequence binding is indicated using a positive scope value;
336 * a negative scope value unbinds the specified name. Specifying no name
337 * (i.e. a socket address length of 0) unbinds all names from the socket.
338 *
339 * Returns 0 on success, errno otherwise
340 *
341 * NOTE: This routine doesn't need to take the socket lock since it doesn't
342 * access any non-constant socket information.
343 */
344
bind(struct socket * sock,struct sockaddr * uaddr,int uaddr_len)345 static int bind(struct socket *sock, struct sockaddr *uaddr, int uaddr_len)
346 {
347 struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
348 u32 portref = tipc_sk_port(sock->sk)->ref;
349
350 if (unlikely(!uaddr_len))
351 return tipc_withdraw(portref, 0, NULL);
352
353 if (uaddr_len < sizeof(struct sockaddr_tipc))
354 return -EINVAL;
355 if (addr->family != AF_TIPC)
356 return -EAFNOSUPPORT;
357
358 if (addr->addrtype == TIPC_ADDR_NAME)
359 addr->addr.nameseq.upper = addr->addr.nameseq.lower;
360 else if (addr->addrtype != TIPC_ADDR_NAMESEQ)
361 return -EAFNOSUPPORT;
362
363 return (addr->scope > 0) ?
364 tipc_publish(portref, addr->scope, &addr->addr.nameseq) :
365 tipc_withdraw(portref, -addr->scope, &addr->addr.nameseq);
366 }
367
368 /**
369 * get_name - get port ID of socket or peer socket
370 * @sock: socket structure
371 * @uaddr: area for returned socket address
372 * @uaddr_len: area for returned length of socket address
373 * @peer: 0 = own ID, 1 = current peer ID, 2 = current/former peer ID
374 *
375 * Returns 0 on success, errno otherwise
376 *
377 * NOTE: This routine doesn't need to take the socket lock since it only
378 * accesses socket information that is unchanging (or which changes in
379 * a completely predictable manner).
380 */
381
get_name(struct socket * sock,struct sockaddr * uaddr,int * uaddr_len,int peer)382 static int get_name(struct socket *sock, struct sockaddr *uaddr,
383 int *uaddr_len, int peer)
384 {
385 struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
386 struct tipc_sock *tsock = tipc_sk(sock->sk);
387
388 memset(addr, 0, sizeof(*addr));
389 if (peer) {
390 if ((sock->state != SS_CONNECTED) &&
391 ((peer != 2) || (sock->state != SS_DISCONNECTING)))
392 return -ENOTCONN;
393 addr->addr.id.ref = tsock->peer_name.ref;
394 addr->addr.id.node = tsock->peer_name.node;
395 } else {
396 addr->addr.id.ref = tsock->p->ref;
397 addr->addr.id.node = tipc_own_addr;
398 }
399
400 *uaddr_len = sizeof(*addr);
401 addr->addrtype = TIPC_ADDR_ID;
402 addr->family = AF_TIPC;
403 addr->scope = 0;
404 addr->addr.name.domain = 0;
405
406 return 0;
407 }
408
409 /**
410 * poll - read and possibly block on pollmask
411 * @file: file structure associated with the socket
412 * @sock: socket for which to calculate the poll bits
413 * @wait: ???
414 *
415 * Returns pollmask value
416 *
417 * COMMENTARY:
418 * It appears that the usual socket locking mechanisms are not useful here
419 * since the pollmask info is potentially out-of-date the moment this routine
420 * exits. TCP and other protocols seem to rely on higher level poll routines
421 * to handle any preventable race conditions, so TIPC will do the same ...
422 *
423 * TIPC sets the returned events as follows:
424 *
425 * socket state flags set
426 * ------------ ---------
427 * unconnected no read flags
428 * no write flags
429 *
430 * connecting POLLIN/POLLRDNORM if ACK/NACK in rx queue
431 * no write flags
432 *
433 * connected POLLIN/POLLRDNORM if data in rx queue
434 * POLLOUT if port is not congested
435 *
436 * disconnecting POLLIN/POLLRDNORM/POLLHUP
437 * no write flags
438 *
439 * listening POLLIN if SYN in rx queue
440 * no write flags
441 *
442 * ready POLLIN/POLLRDNORM if data in rx queue
443 * [connectionless] POLLOUT (since port cannot be congested)
444 *
445 * IMPORTANT: The fact that a read or write operation is indicated does NOT
446 * imply that the operation will succeed, merely that it should be performed
447 * and will not block.
448 */
449
poll(struct file * file,struct socket * sock,poll_table * wait)450 static unsigned int poll(struct file *file, struct socket *sock,
451 poll_table *wait)
452 {
453 struct sock *sk = sock->sk;
454 u32 mask = 0;
455
456 poll_wait(file, sk_sleep(sk), wait);
457
458 switch ((int)sock->state) {
459 case SS_READY:
460 case SS_CONNECTED:
461 if (!tipc_sk_port(sk)->congested)
462 mask |= POLLOUT;
463 /* fall thru' */
464 case SS_CONNECTING:
465 case SS_LISTENING:
466 if (!skb_queue_empty(&sk->sk_receive_queue))
467 mask |= (POLLIN | POLLRDNORM);
468 break;
469 case SS_DISCONNECTING:
470 mask = (POLLIN | POLLRDNORM | POLLHUP);
471 break;
472 }
473
474 return mask;
475 }
476
477 /**
478 * dest_name_check - verify user is permitted to send to specified port name
479 * @dest: destination address
480 * @m: descriptor for message to be sent
481 *
482 * Prevents restricted configuration commands from being issued by
483 * unauthorized users.
484 *
485 * Returns 0 if permission is granted, otherwise errno
486 */
487
dest_name_check(struct sockaddr_tipc * dest,struct msghdr * m)488 static int dest_name_check(struct sockaddr_tipc *dest, struct msghdr *m)
489 {
490 struct tipc_cfg_msg_hdr hdr;
491
492 if (likely(dest->addr.name.name.type >= TIPC_RESERVED_TYPES))
493 return 0;
494 if (likely(dest->addr.name.name.type == TIPC_TOP_SRV))
495 return 0;
496 if (likely(dest->addr.name.name.type != TIPC_CFG_SRV))
497 return -EACCES;
498
499 if (!m->msg_iovlen || (m->msg_iov[0].iov_len < sizeof(hdr)))
500 return -EMSGSIZE;
501 if (copy_from_user(&hdr, m->msg_iov[0].iov_base, sizeof(hdr)))
502 return -EFAULT;
503 if ((ntohs(hdr.tcm_type) & 0xC000) && (!capable(CAP_NET_ADMIN)))
504 return -EACCES;
505
506 return 0;
507 }
508
509 /**
510 * send_msg - send message in connectionless manner
511 * @iocb: if NULL, indicates that socket lock is already held
512 * @sock: socket structure
513 * @m: message to send
514 * @total_len: length of message
515 *
516 * Message must have an destination specified explicitly.
517 * Used for SOCK_RDM and SOCK_DGRAM messages,
518 * and for 'SYN' messages on SOCK_SEQPACKET and SOCK_STREAM connections.
519 * (Note: 'SYN+' is prohibited on SOCK_STREAM.)
520 *
521 * Returns the number of bytes sent on success, or errno otherwise
522 */
523
send_msg(struct kiocb * iocb,struct socket * sock,struct msghdr * m,size_t total_len)524 static int send_msg(struct kiocb *iocb, struct socket *sock,
525 struct msghdr *m, size_t total_len)
526 {
527 struct sock *sk = sock->sk;
528 struct tipc_port *tport = tipc_sk_port(sk);
529 struct sockaddr_tipc *dest = (struct sockaddr_tipc *)m->msg_name;
530 int needs_conn;
531 int res = -EINVAL;
532
533 if (unlikely(!dest))
534 return -EDESTADDRREQ;
535 if (unlikely((m->msg_namelen < sizeof(*dest)) ||
536 (dest->family != AF_TIPC)))
537 return -EINVAL;
538
539 if (iocb)
540 lock_sock(sk);
541
542 needs_conn = (sock->state != SS_READY);
543 if (unlikely(needs_conn)) {
544 if (sock->state == SS_LISTENING) {
545 res = -EPIPE;
546 goto exit;
547 }
548 if (sock->state != SS_UNCONNECTED) {
549 res = -EISCONN;
550 goto exit;
551 }
552 if ((tport->published) ||
553 ((sock->type == SOCK_STREAM) && (total_len != 0))) {
554 res = -EOPNOTSUPP;
555 goto exit;
556 }
557 if (dest->addrtype == TIPC_ADDR_NAME) {
558 tport->conn_type = dest->addr.name.name.type;
559 tport->conn_instance = dest->addr.name.name.instance;
560 }
561
562 /* Abort any pending connection attempts (very unlikely) */
563
564 reject_rx_queue(sk);
565 }
566
567 do {
568 if (dest->addrtype == TIPC_ADDR_NAME) {
569 res = dest_name_check(dest, m);
570 if (res)
571 break;
572 res = tipc_send2name(tport->ref,
573 &dest->addr.name.name,
574 dest->addr.name.domain,
575 m->msg_iovlen,
576 m->msg_iov);
577 } else if (dest->addrtype == TIPC_ADDR_ID) {
578 res = tipc_send2port(tport->ref,
579 &dest->addr.id,
580 m->msg_iovlen,
581 m->msg_iov);
582 } else if (dest->addrtype == TIPC_ADDR_MCAST) {
583 if (needs_conn) {
584 res = -EOPNOTSUPP;
585 break;
586 }
587 res = dest_name_check(dest, m);
588 if (res)
589 break;
590 res = tipc_multicast(tport->ref,
591 &dest->addr.nameseq,
592 m->msg_iovlen,
593 m->msg_iov);
594 }
595 if (likely(res != -ELINKCONG)) {
596 if (needs_conn && (res >= 0))
597 sock->state = SS_CONNECTING;
598 break;
599 }
600 if (m->msg_flags & MSG_DONTWAIT) {
601 res = -EWOULDBLOCK;
602 break;
603 }
604 release_sock(sk);
605 res = wait_event_interruptible(*sk_sleep(sk),
606 !tport->congested);
607 lock_sock(sk);
608 if (res)
609 break;
610 } while (1);
611
612 exit:
613 if (iocb)
614 release_sock(sk);
615 return res;
616 }
617
618 /**
619 * send_packet - send a connection-oriented message
620 * @iocb: if NULL, indicates that socket lock is already held
621 * @sock: socket structure
622 * @m: message to send
623 * @total_len: length of message
624 *
625 * Used for SOCK_SEQPACKET messages and SOCK_STREAM data.
626 *
627 * Returns the number of bytes sent on success, or errno otherwise
628 */
629
send_packet(struct kiocb * iocb,struct socket * sock,struct msghdr * m,size_t total_len)630 static int send_packet(struct kiocb *iocb, struct socket *sock,
631 struct msghdr *m, size_t total_len)
632 {
633 struct sock *sk = sock->sk;
634 struct tipc_port *tport = tipc_sk_port(sk);
635 struct sockaddr_tipc *dest = (struct sockaddr_tipc *)m->msg_name;
636 int res;
637
638 /* Handle implied connection establishment */
639
640 if (unlikely(dest))
641 return send_msg(iocb, sock, m, total_len);
642
643 if (iocb)
644 lock_sock(sk);
645
646 do {
647 if (unlikely(sock->state != SS_CONNECTED)) {
648 if (sock->state == SS_DISCONNECTING)
649 res = -EPIPE;
650 else
651 res = -ENOTCONN;
652 break;
653 }
654
655 res = tipc_send(tport->ref, m->msg_iovlen, m->msg_iov);
656 if (likely(res != -ELINKCONG))
657 break;
658 if (m->msg_flags & MSG_DONTWAIT) {
659 res = -EWOULDBLOCK;
660 break;
661 }
662 release_sock(sk);
663 res = wait_event_interruptible(*sk_sleep(sk),
664 (!tport->congested || !tport->connected));
665 lock_sock(sk);
666 if (res)
667 break;
668 } while (1);
669
670 if (iocb)
671 release_sock(sk);
672 return res;
673 }
674
675 /**
676 * send_stream - send stream-oriented data
677 * @iocb: (unused)
678 * @sock: socket structure
679 * @m: data to send
680 * @total_len: total length of data to be sent
681 *
682 * Used for SOCK_STREAM data.
683 *
684 * Returns the number of bytes sent on success (or partial success),
685 * or errno if no data sent
686 */
687
send_stream(struct kiocb * iocb,struct socket * sock,struct msghdr * m,size_t total_len)688 static int send_stream(struct kiocb *iocb, struct socket *sock,
689 struct msghdr *m, size_t total_len)
690 {
691 struct sock *sk = sock->sk;
692 struct tipc_port *tport = tipc_sk_port(sk);
693 struct msghdr my_msg;
694 struct iovec my_iov;
695 struct iovec *curr_iov;
696 int curr_iovlen;
697 char __user *curr_start;
698 u32 hdr_size;
699 int curr_left;
700 int bytes_to_send;
701 int bytes_sent;
702 int res;
703
704 lock_sock(sk);
705
706 /* Handle special cases where there is no connection */
707
708 if (unlikely(sock->state != SS_CONNECTED)) {
709 if (sock->state == SS_UNCONNECTED) {
710 res = send_packet(NULL, sock, m, total_len);
711 goto exit;
712 } else if (sock->state == SS_DISCONNECTING) {
713 res = -EPIPE;
714 goto exit;
715 } else {
716 res = -ENOTCONN;
717 goto exit;
718 }
719 }
720
721 if (unlikely(m->msg_name)) {
722 res = -EISCONN;
723 goto exit;
724 }
725
726 /*
727 * Send each iovec entry using one or more messages
728 *
729 * Note: This algorithm is good for the most likely case
730 * (i.e. one large iovec entry), but could be improved to pass sets
731 * of small iovec entries into send_packet().
732 */
733
734 curr_iov = m->msg_iov;
735 curr_iovlen = m->msg_iovlen;
736 my_msg.msg_iov = &my_iov;
737 my_msg.msg_iovlen = 1;
738 my_msg.msg_flags = m->msg_flags;
739 my_msg.msg_name = NULL;
740 bytes_sent = 0;
741
742 hdr_size = msg_hdr_sz(&tport->phdr);
743
744 while (curr_iovlen--) {
745 curr_start = curr_iov->iov_base;
746 curr_left = curr_iov->iov_len;
747
748 while (curr_left) {
749 bytes_to_send = tport->max_pkt - hdr_size;
750 if (bytes_to_send > TIPC_MAX_USER_MSG_SIZE)
751 bytes_to_send = TIPC_MAX_USER_MSG_SIZE;
752 if (curr_left < bytes_to_send)
753 bytes_to_send = curr_left;
754 my_iov.iov_base = curr_start;
755 my_iov.iov_len = bytes_to_send;
756 res = send_packet(NULL, sock, &my_msg, 0);
757 if (res < 0) {
758 if (bytes_sent)
759 res = bytes_sent;
760 goto exit;
761 }
762 curr_left -= bytes_to_send;
763 curr_start += bytes_to_send;
764 bytes_sent += bytes_to_send;
765 }
766
767 curr_iov++;
768 }
769 res = bytes_sent;
770 exit:
771 release_sock(sk);
772 return res;
773 }
774
775 /**
776 * auto_connect - complete connection setup to a remote port
777 * @sock: socket structure
778 * @msg: peer's response message
779 *
780 * Returns 0 on success, errno otherwise
781 */
782
auto_connect(struct socket * sock,struct tipc_msg * msg)783 static int auto_connect(struct socket *sock, struct tipc_msg *msg)
784 {
785 struct tipc_sock *tsock = tipc_sk(sock->sk);
786
787 if (msg_errcode(msg)) {
788 sock->state = SS_DISCONNECTING;
789 return -ECONNREFUSED;
790 }
791
792 tsock->peer_name.ref = msg_origport(msg);
793 tsock->peer_name.node = msg_orignode(msg);
794 tipc_connect2port(tsock->p->ref, &tsock->peer_name);
795 tipc_set_portimportance(tsock->p->ref, msg_importance(msg));
796 sock->state = SS_CONNECTED;
797 return 0;
798 }
799
800 /**
801 * set_orig_addr - capture sender's address for received message
802 * @m: descriptor for message info
803 * @msg: received message header
804 *
805 * Note: Address is not captured if not requested by receiver.
806 */
807
set_orig_addr(struct msghdr * m,struct tipc_msg * msg)808 static void set_orig_addr(struct msghdr *m, struct tipc_msg *msg)
809 {
810 struct sockaddr_tipc *addr = (struct sockaddr_tipc *)m->msg_name;
811
812 if (addr) {
813 addr->family = AF_TIPC;
814 addr->addrtype = TIPC_ADDR_ID;
815 addr->addr.id.ref = msg_origport(msg);
816 addr->addr.id.node = msg_orignode(msg);
817 addr->addr.name.domain = 0; /* could leave uninitialized */
818 addr->scope = 0; /* could leave uninitialized */
819 m->msg_namelen = sizeof(struct sockaddr_tipc);
820 }
821 }
822
823 /**
824 * anc_data_recv - optionally capture ancillary data for received message
825 * @m: descriptor for message info
826 * @msg: received message header
827 * @tport: TIPC port associated with message
828 *
829 * Note: Ancillary data is not captured if not requested by receiver.
830 *
831 * Returns 0 if successful, otherwise errno
832 */
833
anc_data_recv(struct msghdr * m,struct tipc_msg * msg,struct tipc_port * tport)834 static int anc_data_recv(struct msghdr *m, struct tipc_msg *msg,
835 struct tipc_port *tport)
836 {
837 u32 anc_data[3];
838 u32 err;
839 u32 dest_type;
840 int has_name;
841 int res;
842
843 if (likely(m->msg_controllen == 0))
844 return 0;
845
846 /* Optionally capture errored message object(s) */
847
848 err = msg ? msg_errcode(msg) : 0;
849 if (unlikely(err)) {
850 anc_data[0] = err;
851 anc_data[1] = msg_data_sz(msg);
852 res = put_cmsg(m, SOL_TIPC, TIPC_ERRINFO, 8, anc_data);
853 if (res)
854 return res;
855 if (anc_data[1]) {
856 res = put_cmsg(m, SOL_TIPC, TIPC_RETDATA, anc_data[1],
857 msg_data(msg));
858 if (res)
859 return res;
860 }
861 }
862
863 /* Optionally capture message destination object */
864
865 dest_type = msg ? msg_type(msg) : TIPC_DIRECT_MSG;
866 switch (dest_type) {
867 case TIPC_NAMED_MSG:
868 has_name = 1;
869 anc_data[0] = msg_nametype(msg);
870 anc_data[1] = msg_namelower(msg);
871 anc_data[2] = msg_namelower(msg);
872 break;
873 case TIPC_MCAST_MSG:
874 has_name = 1;
875 anc_data[0] = msg_nametype(msg);
876 anc_data[1] = msg_namelower(msg);
877 anc_data[2] = msg_nameupper(msg);
878 break;
879 case TIPC_CONN_MSG:
880 has_name = (tport->conn_type != 0);
881 anc_data[0] = tport->conn_type;
882 anc_data[1] = tport->conn_instance;
883 anc_data[2] = tport->conn_instance;
884 break;
885 default:
886 has_name = 0;
887 }
888 if (has_name) {
889 res = put_cmsg(m, SOL_TIPC, TIPC_DESTNAME, 12, anc_data);
890 if (res)
891 return res;
892 }
893
894 return 0;
895 }
896
897 /**
898 * recv_msg - receive packet-oriented message
899 * @iocb: (unused)
900 * @m: descriptor for message info
901 * @buf_len: total size of user buffer area
902 * @flags: receive flags
903 *
904 * Used for SOCK_DGRAM, SOCK_RDM, and SOCK_SEQPACKET messages.
905 * If the complete message doesn't fit in user area, truncate it.
906 *
907 * Returns size of returned message data, errno otherwise
908 */
909
recv_msg(struct kiocb * iocb,struct socket * sock,struct msghdr * m,size_t buf_len,int flags)910 static int recv_msg(struct kiocb *iocb, struct socket *sock,
911 struct msghdr *m, size_t buf_len, int flags)
912 {
913 struct sock *sk = sock->sk;
914 struct tipc_port *tport = tipc_sk_port(sk);
915 struct sk_buff *buf;
916 struct tipc_msg *msg;
917 long timeout;
918 unsigned int sz;
919 u32 err;
920 int res;
921
922 /* Catch invalid receive requests */
923
924 if (unlikely(!buf_len))
925 return -EINVAL;
926
927 lock_sock(sk);
928
929 if (unlikely(sock->state == SS_UNCONNECTED)) {
930 res = -ENOTCONN;
931 goto exit;
932 }
933
934 timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
935 restart:
936
937 /* Look for a message in receive queue; wait if necessary */
938
939 while (skb_queue_empty(&sk->sk_receive_queue)) {
940 if (sock->state == SS_DISCONNECTING) {
941 res = -ENOTCONN;
942 goto exit;
943 }
944 if (timeout <= 0L) {
945 res = timeout ? timeout : -EWOULDBLOCK;
946 goto exit;
947 }
948 release_sock(sk);
949 timeout = wait_event_interruptible_timeout(*sk_sleep(sk),
950 tipc_rx_ready(sock),
951 timeout);
952 lock_sock(sk);
953 }
954
955 /* Look at first message in receive queue */
956
957 buf = skb_peek(&sk->sk_receive_queue);
958 msg = buf_msg(buf);
959 sz = msg_data_sz(msg);
960 err = msg_errcode(msg);
961
962 /* Complete connection setup for an implied connect */
963
964 if (unlikely(sock->state == SS_CONNECTING)) {
965 res = auto_connect(sock, msg);
966 if (res)
967 goto exit;
968 }
969
970 /* Discard an empty non-errored message & try again */
971
972 if ((!sz) && (!err)) {
973 advance_rx_queue(sk);
974 goto restart;
975 }
976
977 /* Capture sender's address (optional) */
978
979 set_orig_addr(m, msg);
980
981 /* Capture ancillary data (optional) */
982
983 res = anc_data_recv(m, msg, tport);
984 if (res)
985 goto exit;
986
987 /* Capture message data (if valid) & compute return value (always) */
988
989 if (!err) {
990 if (unlikely(buf_len < sz)) {
991 sz = buf_len;
992 m->msg_flags |= MSG_TRUNC;
993 }
994 res = skb_copy_datagram_iovec(buf, msg_hdr_sz(msg),
995 m->msg_iov, sz);
996 if (res)
997 goto exit;
998 res = sz;
999 } else {
1000 if ((sock->state == SS_READY) ||
1001 ((err == TIPC_CONN_SHUTDOWN) || m->msg_control))
1002 res = 0;
1003 else
1004 res = -ECONNRESET;
1005 }
1006
1007 /* Consume received message (optional) */
1008
1009 if (likely(!(flags & MSG_PEEK))) {
1010 if ((sock->state != SS_READY) &&
1011 (++tport->conn_unacked >= TIPC_FLOW_CONTROL_WIN))
1012 tipc_acknowledge(tport->ref, tport->conn_unacked);
1013 advance_rx_queue(sk);
1014 }
1015 exit:
1016 release_sock(sk);
1017 return res;
1018 }
1019
1020 /**
1021 * recv_stream - receive stream-oriented data
1022 * @iocb: (unused)
1023 * @m: descriptor for message info
1024 * @buf_len: total size of user buffer area
1025 * @flags: receive flags
1026 *
1027 * Used for SOCK_STREAM messages only. If not enough data is available
1028 * will optionally wait for more; never truncates data.
1029 *
1030 * Returns size of returned message data, errno otherwise
1031 */
1032
recv_stream(struct kiocb * iocb,struct socket * sock,struct msghdr * m,size_t buf_len,int flags)1033 static int recv_stream(struct kiocb *iocb, struct socket *sock,
1034 struct msghdr *m, size_t buf_len, int flags)
1035 {
1036 struct sock *sk = sock->sk;
1037 struct tipc_port *tport = tipc_sk_port(sk);
1038 struct sk_buff *buf;
1039 struct tipc_msg *msg;
1040 long timeout;
1041 unsigned int sz;
1042 int sz_to_copy, target, needed;
1043 int sz_copied = 0;
1044 u32 err;
1045 int res = 0;
1046
1047 /* Catch invalid receive attempts */
1048
1049 if (unlikely(!buf_len))
1050 return -EINVAL;
1051
1052 lock_sock(sk);
1053
1054 if (unlikely((sock->state == SS_UNCONNECTED) ||
1055 (sock->state == SS_CONNECTING))) {
1056 res = -ENOTCONN;
1057 goto exit;
1058 }
1059
1060 target = sock_rcvlowat(sk, flags & MSG_WAITALL, buf_len);
1061 timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
1062 restart:
1063
1064 /* Look for a message in receive queue; wait if necessary */
1065
1066 while (skb_queue_empty(&sk->sk_receive_queue)) {
1067 if (sock->state == SS_DISCONNECTING) {
1068 res = -ENOTCONN;
1069 goto exit;
1070 }
1071 if (timeout <= 0L) {
1072 res = timeout ? timeout : -EWOULDBLOCK;
1073 goto exit;
1074 }
1075 release_sock(sk);
1076 timeout = wait_event_interruptible_timeout(*sk_sleep(sk),
1077 tipc_rx_ready(sock),
1078 timeout);
1079 lock_sock(sk);
1080 }
1081
1082 /* Look at first message in receive queue */
1083
1084 buf = skb_peek(&sk->sk_receive_queue);
1085 msg = buf_msg(buf);
1086 sz = msg_data_sz(msg);
1087 err = msg_errcode(msg);
1088
1089 /* Discard an empty non-errored message & try again */
1090
1091 if ((!sz) && (!err)) {
1092 advance_rx_queue(sk);
1093 goto restart;
1094 }
1095
1096 /* Optionally capture sender's address & ancillary data of first msg */
1097
1098 if (sz_copied == 0) {
1099 set_orig_addr(m, msg);
1100 res = anc_data_recv(m, msg, tport);
1101 if (res)
1102 goto exit;
1103 }
1104
1105 /* Capture message data (if valid) & compute return value (always) */
1106
1107 if (!err) {
1108 u32 offset = (u32)(unsigned long)(TIPC_SKB_CB(buf)->handle);
1109
1110 sz -= offset;
1111 needed = (buf_len - sz_copied);
1112 sz_to_copy = (sz <= needed) ? sz : needed;
1113
1114 res = skb_copy_datagram_iovec(buf, msg_hdr_sz(msg) + offset,
1115 m->msg_iov, sz_to_copy);
1116 if (res)
1117 goto exit;
1118
1119 sz_copied += sz_to_copy;
1120
1121 if (sz_to_copy < sz) {
1122 if (!(flags & MSG_PEEK))
1123 TIPC_SKB_CB(buf)->handle =
1124 (void *)(unsigned long)(offset + sz_to_copy);
1125 goto exit;
1126 }
1127 } else {
1128 if (sz_copied != 0)
1129 goto exit; /* can't add error msg to valid data */
1130
1131 if ((err == TIPC_CONN_SHUTDOWN) || m->msg_control)
1132 res = 0;
1133 else
1134 res = -ECONNRESET;
1135 }
1136
1137 /* Consume received message (optional) */
1138
1139 if (likely(!(flags & MSG_PEEK))) {
1140 if (unlikely(++tport->conn_unacked >= TIPC_FLOW_CONTROL_WIN))
1141 tipc_acknowledge(tport->ref, tport->conn_unacked);
1142 advance_rx_queue(sk);
1143 }
1144
1145 /* Loop around if more data is required */
1146
1147 if ((sz_copied < buf_len) && /* didn't get all requested data */
1148 (!skb_queue_empty(&sk->sk_receive_queue) ||
1149 (sz_copied < target)) && /* and more is ready or required */
1150 (!(flags & MSG_PEEK)) && /* and aren't just peeking at data */
1151 (!err)) /* and haven't reached a FIN */
1152 goto restart;
1153
1154 exit:
1155 release_sock(sk);
1156 return sz_copied ? sz_copied : res;
1157 }
1158
1159 /**
1160 * rx_queue_full - determine if receive queue can accept another message
1161 * @msg: message to be added to queue
1162 * @queue_size: current size of queue
1163 * @base: nominal maximum size of queue
1164 *
1165 * Returns 1 if queue is unable to accept message, 0 otherwise
1166 */
1167
rx_queue_full(struct tipc_msg * msg,u32 queue_size,u32 base)1168 static int rx_queue_full(struct tipc_msg *msg, u32 queue_size, u32 base)
1169 {
1170 u32 threshold;
1171 u32 imp = msg_importance(msg);
1172
1173 if (imp == TIPC_LOW_IMPORTANCE)
1174 threshold = base;
1175 else if (imp == TIPC_MEDIUM_IMPORTANCE)
1176 threshold = base * 2;
1177 else if (imp == TIPC_HIGH_IMPORTANCE)
1178 threshold = base * 100;
1179 else
1180 return 0;
1181
1182 if (msg_connected(msg))
1183 threshold *= 4;
1184
1185 return queue_size >= threshold;
1186 }
1187
1188 /**
1189 * filter_rcv - validate incoming message
1190 * @sk: socket
1191 * @buf: message
1192 *
1193 * Enqueues message on receive queue if acceptable; optionally handles
1194 * disconnect indication for a connected socket.
1195 *
1196 * Called with socket lock already taken; port lock may also be taken.
1197 *
1198 * Returns TIPC error status code (TIPC_OK if message is not to be rejected)
1199 */
1200
filter_rcv(struct sock * sk,struct sk_buff * buf)1201 static u32 filter_rcv(struct sock *sk, struct sk_buff *buf)
1202 {
1203 struct socket *sock = sk->sk_socket;
1204 struct tipc_msg *msg = buf_msg(buf);
1205 u32 recv_q_len;
1206
1207 /* Reject message if it is wrong sort of message for socket */
1208
1209 /*
1210 * WOULD IT BE BETTER TO JUST DISCARD THESE MESSAGES INSTEAD?
1211 * "NO PORT" ISN'T REALLY THE RIGHT ERROR CODE, AND THERE MAY
1212 * BE SECURITY IMPLICATIONS INHERENT IN REJECTING INVALID TRAFFIC
1213 */
1214
1215 if (sock->state == SS_READY) {
1216 if (msg_connected(msg))
1217 return TIPC_ERR_NO_PORT;
1218 } else {
1219 if (msg_mcast(msg))
1220 return TIPC_ERR_NO_PORT;
1221 if (sock->state == SS_CONNECTED) {
1222 if (!msg_connected(msg))
1223 return TIPC_ERR_NO_PORT;
1224 } else if (sock->state == SS_CONNECTING) {
1225 if (!msg_connected(msg) && (msg_errcode(msg) == 0))
1226 return TIPC_ERR_NO_PORT;
1227 } else if (sock->state == SS_LISTENING) {
1228 if (msg_connected(msg) || msg_errcode(msg))
1229 return TIPC_ERR_NO_PORT;
1230 } else if (sock->state == SS_DISCONNECTING) {
1231 return TIPC_ERR_NO_PORT;
1232 } else /* (sock->state == SS_UNCONNECTED) */ {
1233 if (msg_connected(msg) || msg_errcode(msg))
1234 return TIPC_ERR_NO_PORT;
1235 }
1236 }
1237
1238 /* Reject message if there isn't room to queue it */
1239
1240 recv_q_len = (u32)atomic_read(&tipc_queue_size);
1241 if (unlikely(recv_q_len >= OVERLOAD_LIMIT_BASE)) {
1242 if (rx_queue_full(msg, recv_q_len, OVERLOAD_LIMIT_BASE))
1243 return TIPC_ERR_OVERLOAD;
1244 }
1245 recv_q_len = skb_queue_len(&sk->sk_receive_queue);
1246 if (unlikely(recv_q_len >= (OVERLOAD_LIMIT_BASE / 2))) {
1247 if (rx_queue_full(msg, recv_q_len, OVERLOAD_LIMIT_BASE / 2))
1248 return TIPC_ERR_OVERLOAD;
1249 }
1250
1251 /* Enqueue message (finally!) */
1252
1253 TIPC_SKB_CB(buf)->handle = 0;
1254 atomic_inc(&tipc_queue_size);
1255 __skb_queue_tail(&sk->sk_receive_queue, buf);
1256
1257 /* Initiate connection termination for an incoming 'FIN' */
1258
1259 if (unlikely(msg_errcode(msg) && (sock->state == SS_CONNECTED))) {
1260 sock->state = SS_DISCONNECTING;
1261 tipc_disconnect_port(tipc_sk_port(sk));
1262 }
1263
1264 if (waitqueue_active(sk_sleep(sk)))
1265 wake_up_interruptible(sk_sleep(sk));
1266 return TIPC_OK;
1267 }
1268
1269 /**
1270 * backlog_rcv - handle incoming message from backlog queue
1271 * @sk: socket
1272 * @buf: message
1273 *
1274 * Caller must hold socket lock, but not port lock.
1275 *
1276 * Returns 0
1277 */
1278
backlog_rcv(struct sock * sk,struct sk_buff * buf)1279 static int backlog_rcv(struct sock *sk, struct sk_buff *buf)
1280 {
1281 u32 res;
1282
1283 res = filter_rcv(sk, buf);
1284 if (res)
1285 tipc_reject_msg(buf, res);
1286 return 0;
1287 }
1288
1289 /**
1290 * dispatch - handle incoming message
1291 * @tport: TIPC port that received message
1292 * @buf: message
1293 *
1294 * Called with port lock already taken.
1295 *
1296 * Returns TIPC error status code (TIPC_OK if message is not to be rejected)
1297 */
1298
dispatch(struct tipc_port * tport,struct sk_buff * buf)1299 static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf)
1300 {
1301 struct sock *sk = (struct sock *)tport->usr_handle;
1302 u32 res;
1303
1304 /*
1305 * Process message if socket is unlocked; otherwise add to backlog queue
1306 *
1307 * This code is based on sk_receive_skb(), but must be distinct from it
1308 * since a TIPC-specific filter/reject mechanism is utilized
1309 */
1310
1311 bh_lock_sock(sk);
1312 if (!sock_owned_by_user(sk)) {
1313 res = filter_rcv(sk, buf);
1314 } else {
1315 if (sk_add_backlog(sk, buf))
1316 res = TIPC_ERR_OVERLOAD;
1317 else
1318 res = TIPC_OK;
1319 }
1320 bh_unlock_sock(sk);
1321
1322 return res;
1323 }
1324
1325 /**
1326 * wakeupdispatch - wake up port after congestion
1327 * @tport: port to wakeup
1328 *
1329 * Called with port lock already taken.
1330 */
1331
wakeupdispatch(struct tipc_port * tport)1332 static void wakeupdispatch(struct tipc_port *tport)
1333 {
1334 struct sock *sk = (struct sock *)tport->usr_handle;
1335
1336 if (waitqueue_active(sk_sleep(sk)))
1337 wake_up_interruptible(sk_sleep(sk));
1338 }
1339
1340 /**
1341 * connect - establish a connection to another TIPC port
1342 * @sock: socket structure
1343 * @dest: socket address for destination port
1344 * @destlen: size of socket address data structure
1345 * @flags: file-related flags associated with socket
1346 *
1347 * Returns 0 on success, errno otherwise
1348 */
1349
connect(struct socket * sock,struct sockaddr * dest,int destlen,int flags)1350 static int connect(struct socket *sock, struct sockaddr *dest, int destlen,
1351 int flags)
1352 {
1353 struct sock *sk = sock->sk;
1354 struct sockaddr_tipc *dst = (struct sockaddr_tipc *)dest;
1355 struct msghdr m = {NULL,};
1356 struct sk_buff *buf;
1357 struct tipc_msg *msg;
1358 long timeout;
1359 int res;
1360
1361 lock_sock(sk);
1362
1363 /* For now, TIPC does not allow use of connect() with DGRAM/RDM types */
1364
1365 if (sock->state == SS_READY) {
1366 res = -EOPNOTSUPP;
1367 goto exit;
1368 }
1369
1370 /* For now, TIPC does not support the non-blocking form of connect() */
1371
1372 if (flags & O_NONBLOCK) {
1373 res = -EOPNOTSUPP;
1374 goto exit;
1375 }
1376
1377 /* Issue Posix-compliant error code if socket is in the wrong state */
1378
1379 if (sock->state == SS_LISTENING) {
1380 res = -EOPNOTSUPP;
1381 goto exit;
1382 }
1383 if (sock->state == SS_CONNECTING) {
1384 res = -EALREADY;
1385 goto exit;
1386 }
1387 if (sock->state != SS_UNCONNECTED) {
1388 res = -EISCONN;
1389 goto exit;
1390 }
1391
1392 /*
1393 * Reject connection attempt using multicast address
1394 *
1395 * Note: send_msg() validates the rest of the address fields,
1396 * so there's no need to do it here
1397 */
1398
1399 if (dst->addrtype == TIPC_ADDR_MCAST) {
1400 res = -EINVAL;
1401 goto exit;
1402 }
1403
1404 /* Reject any messages already in receive queue (very unlikely) */
1405
1406 reject_rx_queue(sk);
1407
1408 /* Send a 'SYN-' to destination */
1409
1410 m.msg_name = dest;
1411 m.msg_namelen = destlen;
1412 res = send_msg(NULL, sock, &m, 0);
1413 if (res < 0)
1414 goto exit;
1415
1416 /* Wait until an 'ACK' or 'RST' arrives, or a timeout occurs */
1417
1418 timeout = tipc_sk(sk)->conn_timeout;
1419 release_sock(sk);
1420 res = wait_event_interruptible_timeout(*sk_sleep(sk),
1421 (!skb_queue_empty(&sk->sk_receive_queue) ||
1422 (sock->state != SS_CONNECTING)),
1423 timeout ? timeout : MAX_SCHEDULE_TIMEOUT);
1424 lock_sock(sk);
1425
1426 if (res > 0) {
1427 buf = skb_peek(&sk->sk_receive_queue);
1428 if (buf != NULL) {
1429 msg = buf_msg(buf);
1430 res = auto_connect(sock, msg);
1431 if (!res) {
1432 if (!msg_data_sz(msg))
1433 advance_rx_queue(sk);
1434 }
1435 } else {
1436 if (sock->state == SS_CONNECTED)
1437 res = -EISCONN;
1438 else
1439 res = -ECONNREFUSED;
1440 }
1441 } else {
1442 if (res == 0)
1443 res = -ETIMEDOUT;
1444 else
1445 ; /* leave "res" unchanged */
1446 sock->state = SS_DISCONNECTING;
1447 }
1448
1449 exit:
1450 release_sock(sk);
1451 return res;
1452 }
1453
1454 /**
1455 * listen - allow socket to listen for incoming connections
1456 * @sock: socket structure
1457 * @len: (unused)
1458 *
1459 * Returns 0 on success, errno otherwise
1460 */
1461
listen(struct socket * sock,int len)1462 static int listen(struct socket *sock, int len)
1463 {
1464 struct sock *sk = sock->sk;
1465 int res;
1466
1467 lock_sock(sk);
1468
1469 if (sock->state == SS_READY)
1470 res = -EOPNOTSUPP;
1471 else if (sock->state != SS_UNCONNECTED)
1472 res = -EINVAL;
1473 else {
1474 sock->state = SS_LISTENING;
1475 res = 0;
1476 }
1477
1478 release_sock(sk);
1479 return res;
1480 }
1481
1482 /**
1483 * accept - wait for connection request
1484 * @sock: listening socket
1485 * @newsock: new socket that is to be connected
1486 * @flags: file-related flags associated with socket
1487 *
1488 * Returns 0 on success, errno otherwise
1489 */
1490
accept(struct socket * sock,struct socket * new_sock,int flags)1491 static int accept(struct socket *sock, struct socket *new_sock, int flags)
1492 {
1493 struct sock *sk = sock->sk;
1494 struct sk_buff *buf;
1495 int res;
1496
1497 lock_sock(sk);
1498
1499 if (sock->state == SS_READY) {
1500 res = -EOPNOTSUPP;
1501 goto exit;
1502 }
1503 if (sock->state != SS_LISTENING) {
1504 res = -EINVAL;
1505 goto exit;
1506 }
1507
1508 while (skb_queue_empty(&sk->sk_receive_queue)) {
1509 if (flags & O_NONBLOCK) {
1510 res = -EWOULDBLOCK;
1511 goto exit;
1512 }
1513 release_sock(sk);
1514 res = wait_event_interruptible(*sk_sleep(sk),
1515 (!skb_queue_empty(&sk->sk_receive_queue)));
1516 lock_sock(sk);
1517 if (res)
1518 goto exit;
1519 }
1520
1521 buf = skb_peek(&sk->sk_receive_queue);
1522
1523 res = tipc_create(sock_net(sock->sk), new_sock, 0, 0);
1524 if (!res) {
1525 struct sock *new_sk = new_sock->sk;
1526 struct tipc_sock *new_tsock = tipc_sk(new_sk);
1527 struct tipc_port *new_tport = new_tsock->p;
1528 u32 new_ref = new_tport->ref;
1529 struct tipc_msg *msg = buf_msg(buf);
1530
1531 lock_sock(new_sk);
1532
1533 /*
1534 * Reject any stray messages received by new socket
1535 * before the socket lock was taken (very, very unlikely)
1536 */
1537
1538 reject_rx_queue(new_sk);
1539
1540 /* Connect new socket to it's peer */
1541
1542 new_tsock->peer_name.ref = msg_origport(msg);
1543 new_tsock->peer_name.node = msg_orignode(msg);
1544 tipc_connect2port(new_ref, &new_tsock->peer_name);
1545 new_sock->state = SS_CONNECTED;
1546
1547 tipc_set_portimportance(new_ref, msg_importance(msg));
1548 if (msg_named(msg)) {
1549 new_tport->conn_type = msg_nametype(msg);
1550 new_tport->conn_instance = msg_nameinst(msg);
1551 }
1552
1553 /*
1554 * Respond to 'SYN-' by discarding it & returning 'ACK'-.
1555 * Respond to 'SYN+' by queuing it on new socket.
1556 */
1557
1558 if (!msg_data_sz(msg)) {
1559 struct msghdr m = {NULL,};
1560
1561 advance_rx_queue(sk);
1562 send_packet(NULL, new_sock, &m, 0);
1563 } else {
1564 __skb_dequeue(&sk->sk_receive_queue);
1565 __skb_queue_head(&new_sk->sk_receive_queue, buf);
1566 }
1567 release_sock(new_sk);
1568 }
1569 exit:
1570 release_sock(sk);
1571 return res;
1572 }
1573
1574 /**
1575 * shutdown - shutdown socket connection
1576 * @sock: socket structure
1577 * @how: direction to close (must be SHUT_RDWR)
1578 *
1579 * Terminates connection (if necessary), then purges socket's receive queue.
1580 *
1581 * Returns 0 on success, errno otherwise
1582 */
1583
shutdown(struct socket * sock,int how)1584 static int shutdown(struct socket *sock, int how)
1585 {
1586 struct sock *sk = sock->sk;
1587 struct tipc_port *tport = tipc_sk_port(sk);
1588 struct sk_buff *buf;
1589 int res;
1590
1591 if (how != SHUT_RDWR)
1592 return -EINVAL;
1593
1594 lock_sock(sk);
1595
1596 switch (sock->state) {
1597 case SS_CONNECTING:
1598 case SS_CONNECTED:
1599
1600 /* Disconnect and send a 'FIN+' or 'FIN-' message to peer */
1601 restart:
1602 buf = __skb_dequeue(&sk->sk_receive_queue);
1603 if (buf) {
1604 atomic_dec(&tipc_queue_size);
1605 if (TIPC_SKB_CB(buf)->handle != 0) {
1606 buf_discard(buf);
1607 goto restart;
1608 }
1609 tipc_disconnect(tport->ref);
1610 tipc_reject_msg(buf, TIPC_CONN_SHUTDOWN);
1611 } else {
1612 tipc_shutdown(tport->ref);
1613 }
1614
1615 sock->state = SS_DISCONNECTING;
1616
1617 /* fall through */
1618
1619 case SS_DISCONNECTING:
1620
1621 /* Discard any unreceived messages; wake up sleeping tasks */
1622
1623 discard_rx_queue(sk);
1624 if (waitqueue_active(sk_sleep(sk)))
1625 wake_up_interruptible(sk_sleep(sk));
1626 res = 0;
1627 break;
1628
1629 default:
1630 res = -ENOTCONN;
1631 }
1632
1633 release_sock(sk);
1634 return res;
1635 }
1636
1637 /**
1638 * setsockopt - set socket option
1639 * @sock: socket structure
1640 * @lvl: option level
1641 * @opt: option identifier
1642 * @ov: pointer to new option value
1643 * @ol: length of option value
1644 *
1645 * For stream sockets only, accepts and ignores all IPPROTO_TCP options
1646 * (to ease compatibility).
1647 *
1648 * Returns 0 on success, errno otherwise
1649 */
1650
setsockopt(struct socket * sock,int lvl,int opt,char __user * ov,unsigned int ol)1651 static int setsockopt(struct socket *sock,
1652 int lvl, int opt, char __user *ov, unsigned int ol)
1653 {
1654 struct sock *sk = sock->sk;
1655 struct tipc_port *tport = tipc_sk_port(sk);
1656 u32 value;
1657 int res;
1658
1659 if ((lvl == IPPROTO_TCP) && (sock->type == SOCK_STREAM))
1660 return 0;
1661 if (lvl != SOL_TIPC)
1662 return -ENOPROTOOPT;
1663 if (ol < sizeof(value))
1664 return -EINVAL;
1665 res = get_user(value, (u32 __user *)ov);
1666 if (res)
1667 return res;
1668
1669 lock_sock(sk);
1670
1671 switch (opt) {
1672 case TIPC_IMPORTANCE:
1673 res = tipc_set_portimportance(tport->ref, value);
1674 break;
1675 case TIPC_SRC_DROPPABLE:
1676 if (sock->type != SOCK_STREAM)
1677 res = tipc_set_portunreliable(tport->ref, value);
1678 else
1679 res = -ENOPROTOOPT;
1680 break;
1681 case TIPC_DEST_DROPPABLE:
1682 res = tipc_set_portunreturnable(tport->ref, value);
1683 break;
1684 case TIPC_CONN_TIMEOUT:
1685 tipc_sk(sk)->conn_timeout = msecs_to_jiffies(value);
1686 /* no need to set "res", since already 0 at this point */
1687 break;
1688 default:
1689 res = -EINVAL;
1690 }
1691
1692 release_sock(sk);
1693
1694 return res;
1695 }
1696
1697 /**
1698 * getsockopt - get socket option
1699 * @sock: socket structure
1700 * @lvl: option level
1701 * @opt: option identifier
1702 * @ov: receptacle for option value
1703 * @ol: receptacle for length of option value
1704 *
1705 * For stream sockets only, returns 0 length result for all IPPROTO_TCP options
1706 * (to ease compatibility).
1707 *
1708 * Returns 0 on success, errno otherwise
1709 */
1710
getsockopt(struct socket * sock,int lvl,int opt,char __user * ov,int __user * ol)1711 static int getsockopt(struct socket *sock,
1712 int lvl, int opt, char __user *ov, int __user *ol)
1713 {
1714 struct sock *sk = sock->sk;
1715 struct tipc_port *tport = tipc_sk_port(sk);
1716 int len;
1717 u32 value;
1718 int res;
1719
1720 if ((lvl == IPPROTO_TCP) && (sock->type == SOCK_STREAM))
1721 return put_user(0, ol);
1722 if (lvl != SOL_TIPC)
1723 return -ENOPROTOOPT;
1724 res = get_user(len, ol);
1725 if (res)
1726 return res;
1727
1728 lock_sock(sk);
1729
1730 switch (opt) {
1731 case TIPC_IMPORTANCE:
1732 res = tipc_portimportance(tport->ref, &value);
1733 break;
1734 case TIPC_SRC_DROPPABLE:
1735 res = tipc_portunreliable(tport->ref, &value);
1736 break;
1737 case TIPC_DEST_DROPPABLE:
1738 res = tipc_portunreturnable(tport->ref, &value);
1739 break;
1740 case TIPC_CONN_TIMEOUT:
1741 value = jiffies_to_msecs(tipc_sk(sk)->conn_timeout);
1742 /* no need to set "res", since already 0 at this point */
1743 break;
1744 case TIPC_NODE_RECVQ_DEPTH:
1745 value = (u32)atomic_read(&tipc_queue_size);
1746 break;
1747 case TIPC_SOCK_RECVQ_DEPTH:
1748 value = skb_queue_len(&sk->sk_receive_queue);
1749 break;
1750 default:
1751 res = -EINVAL;
1752 }
1753
1754 release_sock(sk);
1755
1756 if (res)
1757 return res; /* "get" failed */
1758
1759 if (len < sizeof(value))
1760 return -EINVAL;
1761
1762 if (copy_to_user(ov, &value, sizeof(value)))
1763 return -EFAULT;
1764
1765 return put_user(sizeof(value), ol);
1766 }
1767
1768 /**
1769 * Protocol switches for the various types of TIPC sockets
1770 */
1771
1772 static const struct proto_ops msg_ops = {
1773 .owner = THIS_MODULE,
1774 .family = AF_TIPC,
1775 .release = release,
1776 .bind = bind,
1777 .connect = connect,
1778 .socketpair = sock_no_socketpair,
1779 .accept = accept,
1780 .getname = get_name,
1781 .poll = poll,
1782 .ioctl = sock_no_ioctl,
1783 .listen = listen,
1784 .shutdown = shutdown,
1785 .setsockopt = setsockopt,
1786 .getsockopt = getsockopt,
1787 .sendmsg = send_msg,
1788 .recvmsg = recv_msg,
1789 .mmap = sock_no_mmap,
1790 .sendpage = sock_no_sendpage
1791 };
1792
1793 static const struct proto_ops packet_ops = {
1794 .owner = THIS_MODULE,
1795 .family = AF_TIPC,
1796 .release = release,
1797 .bind = bind,
1798 .connect = connect,
1799 .socketpair = sock_no_socketpair,
1800 .accept = accept,
1801 .getname = get_name,
1802 .poll = poll,
1803 .ioctl = sock_no_ioctl,
1804 .listen = listen,
1805 .shutdown = shutdown,
1806 .setsockopt = setsockopt,
1807 .getsockopt = getsockopt,
1808 .sendmsg = send_packet,
1809 .recvmsg = recv_msg,
1810 .mmap = sock_no_mmap,
1811 .sendpage = sock_no_sendpage
1812 };
1813
1814 static const struct proto_ops stream_ops = {
1815 .owner = THIS_MODULE,
1816 .family = AF_TIPC,
1817 .release = release,
1818 .bind = bind,
1819 .connect = connect,
1820 .socketpair = sock_no_socketpair,
1821 .accept = accept,
1822 .getname = get_name,
1823 .poll = poll,
1824 .ioctl = sock_no_ioctl,
1825 .listen = listen,
1826 .shutdown = shutdown,
1827 .setsockopt = setsockopt,
1828 .getsockopt = getsockopt,
1829 .sendmsg = send_stream,
1830 .recvmsg = recv_stream,
1831 .mmap = sock_no_mmap,
1832 .sendpage = sock_no_sendpage
1833 };
1834
1835 static const struct net_proto_family tipc_family_ops = {
1836 .owner = THIS_MODULE,
1837 .family = AF_TIPC,
1838 .create = tipc_create
1839 };
1840
1841 static struct proto tipc_proto = {
1842 .name = "TIPC",
1843 .owner = THIS_MODULE,
1844 .obj_size = sizeof(struct tipc_sock)
1845 };
1846
1847 /**
1848 * tipc_socket_init - initialize TIPC socket interface
1849 *
1850 * Returns 0 on success, errno otherwise
1851 */
tipc_socket_init(void)1852 int tipc_socket_init(void)
1853 {
1854 int res;
1855
1856 res = proto_register(&tipc_proto, 1);
1857 if (res) {
1858 err("Failed to register TIPC protocol type\n");
1859 goto out;
1860 }
1861
1862 res = sock_register(&tipc_family_ops);
1863 if (res) {
1864 err("Failed to register TIPC socket type\n");
1865 proto_unregister(&tipc_proto);
1866 goto out;
1867 }
1868
1869 sockets_enabled = 1;
1870 out:
1871 return res;
1872 }
1873
1874 /**
1875 * tipc_socket_stop - stop TIPC socket interface
1876 */
1877
tipc_socket_stop(void)1878 void tipc_socket_stop(void)
1879 {
1880 if (!sockets_enabled)
1881 return;
1882
1883 sockets_enabled = 0;
1884 sock_unregister(tipc_family_ops.family);
1885 proto_unregister(&tipc_proto);
1886 }
1887
1888