1 /*
2 * File: pep.c
3 *
4 * Phonet pipe protocol end point socket
5 *
6 * Copyright (C) 2008 Nokia Corporation.
7 *
8 * Author: RĂ©mi Denis-Courmont <remi.denis-courmont@nokia.com>
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * version 2 as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
22 * 02110-1301 USA
23 */
24
25 #include <linux/kernel.h>
26 #include <linux/socket.h>
27 #include <net/sock.h>
28 #include <net/tcp_states.h>
29 #include <asm/ioctls.h>
30
31 #include <linux/phonet.h>
32 #include <net/phonet/phonet.h>
33 #include <net/phonet/pep.h>
34 #include <net/phonet/gprs.h>
35
36 /* sk_state values:
37 * TCP_CLOSE sock not in use yet
38 * TCP_CLOSE_WAIT disconnected pipe
39 * TCP_LISTEN listening pipe endpoint
40 * TCP_SYN_RECV connected pipe in disabled state
41 * TCP_ESTABLISHED connected pipe in enabled state
42 *
43 * pep_sock locking:
44 * - sk_state, ackq, hlist: sock lock needed
45 * - listener: read only
46 * - pipe_handle: read only
47 */
48
49 #define CREDITS_MAX 10
50 #define CREDITS_THR 7
51
52 static const struct sockaddr_pn pipe_srv = {
53 .spn_family = AF_PHONET,
54 .spn_resource = 0xD9, /* pipe service */
55 };
56
57 #define pep_sb_size(s) (((s) + 5) & ~3) /* 2-bytes head, 32-bits aligned */
58
59 /* Get the next TLV sub-block. */
60 static unsigned char *pep_get_sb(struct sk_buff *skb, u8 *ptype, u8 *plen,
61 void *buf)
62 {
63 void *data = NULL;
64 struct {
65 u8 sb_type;
66 u8 sb_len;
67 } *ph, h;
68 int buflen = *plen;
69
70 ph = skb_header_pointer(skb, 0, 2, &h);
71 if (ph == NULL || ph->sb_len < 2 || !pskb_may_pull(skb, ph->sb_len))
72 return NULL;
73 ph->sb_len -= 2;
74 *ptype = ph->sb_type;
75 *plen = ph->sb_len;
76
77 if (buflen > ph->sb_len)
78 buflen = ph->sb_len;
79 data = skb_header_pointer(skb, 2, buflen, buf);
80 __skb_pull(skb, 2 + ph->sb_len);
81 return data;
82 }
83
84 static int pep_reply(struct sock *sk, struct sk_buff *oskb,
85 u8 code, const void *data, int len, gfp_t priority)
86 {
87 const struct pnpipehdr *oph = pnp_hdr(oskb);
88 struct pnpipehdr *ph;
89 struct sk_buff *skb;
90
91 skb = alloc_skb(MAX_PNPIPE_HEADER + len, priority);
92 if (!skb)
93 return -ENOMEM;
94 skb_set_owner_w(skb, sk);
95
96 skb_reserve(skb, MAX_PNPIPE_HEADER);
97 __skb_put(skb, len);
98 skb_copy_to_linear_data(skb, data, len);
99 __skb_push(skb, sizeof(*ph));
100 skb_reset_transport_header(skb);
101 ph = pnp_hdr(skb);
102 ph->utid = oph->utid;
103 ph->message_id = oph->message_id + 1; /* REQ -> RESP */
104 ph->pipe_handle = oph->pipe_handle;
105 ph->error_code = code;
106
107 return pn_skb_send(sk, skb, &pipe_srv);
108 }
109
110 #define PAD 0x00
111 static int pep_accept_conn(struct sock *sk, struct sk_buff *skb)
112 {
113 static const u8 data[20] = {
114 PAD, PAD, PAD, 2 /* sub-blocks */,
115 PN_PIPE_SB_REQUIRED_FC_TX, pep_sb_size(5), 3, PAD,
116 PN_MULTI_CREDIT_FLOW_CONTROL,
117 PN_ONE_CREDIT_FLOW_CONTROL,
118 PN_LEGACY_FLOW_CONTROL,
119 PAD,
120 PN_PIPE_SB_PREFERRED_FC_RX, pep_sb_size(5), 3, PAD,
121 PN_MULTI_CREDIT_FLOW_CONTROL,
122 PN_ONE_CREDIT_FLOW_CONTROL,
123 PN_LEGACY_FLOW_CONTROL,
124 PAD,
125 };
126
127 might_sleep();
128 return pep_reply(sk, skb, PN_PIPE_NO_ERROR, data, sizeof(data),
129 GFP_KERNEL);
130 }
131
132 static int pep_reject_conn(struct sock *sk, struct sk_buff *skb, u8 code)
133 {
134 static const u8 data[4] = { PAD, PAD, PAD, 0 /* sub-blocks */ };
135 WARN_ON(code == PN_PIPE_NO_ERROR);
136 return pep_reply(sk, skb, code, data, sizeof(data), GFP_ATOMIC);
137 }
138
139 /* Control requests are not sent by the pipe service and have a specific
140 * message format. */
141 static int pep_ctrlreq_error(struct sock *sk, struct sk_buff *oskb, u8 code,
142 gfp_t priority)
143 {
144 const struct pnpipehdr *oph = pnp_hdr(oskb);
145 struct sk_buff *skb;
146 struct pnpipehdr *ph;
147 struct sockaddr_pn dst;
148
149 skb = alloc_skb(MAX_PNPIPE_HEADER + 4, priority);
150 if (!skb)
151 return -ENOMEM;
152 skb_set_owner_w(skb, sk);
153
154 skb_reserve(skb, MAX_PHONET_HEADER);
155 ph = (struct pnpipehdr *)skb_put(skb, sizeof(*ph) + 4);
156
157 ph->utid = oph->utid;
158 ph->message_id = PNS_PEP_CTRL_RESP;
159 ph->pipe_handle = oph->pipe_handle;
160 ph->data[0] = oph->data[1]; /* CTRL id */
161 ph->data[1] = oph->data[0]; /* PEP type */
162 ph->data[2] = code; /* error code, at an usual offset */
163 ph->data[3] = PAD;
164 ph->data[4] = PAD;
165
166 pn_skb_get_src_sockaddr(oskb, &dst);
167 return pn_skb_send(sk, skb, &dst);
168 }
169
170 static int pipe_snd_status(struct sock *sk, u8 type, u8 status, gfp_t priority)
171 {
172 struct pep_sock *pn = pep_sk(sk);
173 struct pnpipehdr *ph;
174 struct sk_buff *skb;
175
176 skb = alloc_skb(MAX_PNPIPE_HEADER + 4, priority);
177 if (!skb)
178 return -ENOMEM;
179 skb_set_owner_w(skb, sk);
180
181 skb_reserve(skb, MAX_PNPIPE_HEADER + 4);
182 __skb_push(skb, sizeof(*ph) + 4);
183 skb_reset_transport_header(skb);
184 ph = pnp_hdr(skb);
185 ph->utid = 0;
186 ph->message_id = PNS_PEP_STATUS_IND;
187 ph->pipe_handle = pn->pipe_handle;
188 ph->pep_type = PN_PEP_TYPE_COMMON;
189 ph->data[1] = type;
190 ph->data[2] = PAD;
191 ph->data[3] = PAD;
192 ph->data[4] = status;
193
194 return pn_skb_send(sk, skb, &pipe_srv);
195 }
196
197 /* Send our RX flow control information to the sender.
198 * Socket must be locked. */
199 static void pipe_grant_credits(struct sock *sk)
200 {
201 struct pep_sock *pn = pep_sk(sk);
202
203 BUG_ON(sk->sk_state != TCP_ESTABLISHED);
204
205 switch (pn->rx_fc) {
206 case PN_LEGACY_FLOW_CONTROL: /* TODO */
207 break;
208 case PN_ONE_CREDIT_FLOW_CONTROL:
209 pipe_snd_status(sk, PN_PEP_IND_FLOW_CONTROL,
210 PEP_IND_READY, GFP_ATOMIC);
211 pn->rx_credits = 1;
212 break;
213 case PN_MULTI_CREDIT_FLOW_CONTROL:
214 if ((pn->rx_credits + CREDITS_THR) > CREDITS_MAX)
215 break;
216 if (pipe_snd_status(sk, PN_PEP_IND_ID_MCFC_GRANT_CREDITS,
217 CREDITS_MAX - pn->rx_credits,
218 GFP_ATOMIC) == 0)
219 pn->rx_credits = CREDITS_MAX;
220 break;
221 }
222 }
223
224 static int pipe_rcv_status(struct sock *sk, struct sk_buff *skb)
225 {
226 struct pep_sock *pn = pep_sk(sk);
227 struct pnpipehdr *hdr;
228 int wake = 0;
229
230 if (!pskb_may_pull(skb, sizeof(*hdr) + 4))
231 return -EINVAL;
232
233 hdr = pnp_hdr(skb);
234 if (hdr->data[0] != PN_PEP_TYPE_COMMON) {
235 LIMIT_NETDEBUG(KERN_DEBUG"Phonet unknown PEP type: %u\n",
236 (unsigned)hdr->data[0]);
237 return -EOPNOTSUPP;
238 }
239
240 switch (hdr->data[1]) {
241 case PN_PEP_IND_FLOW_CONTROL:
242 switch (pn->tx_fc) {
243 case PN_LEGACY_FLOW_CONTROL:
244 switch (hdr->data[4]) {
245 case PEP_IND_BUSY:
246 atomic_set(&pn->tx_credits, 0);
247 break;
248 case PEP_IND_READY:
249 atomic_set(&pn->tx_credits, wake = 1);
250 break;
251 }
252 break;
253 case PN_ONE_CREDIT_FLOW_CONTROL:
254 if (hdr->data[4] == PEP_IND_READY)
255 atomic_set(&pn->tx_credits, wake = 1);
256 break;
257 }
258 break;
259
260 case PN_PEP_IND_ID_MCFC_GRANT_CREDITS:
261 if (pn->tx_fc != PN_MULTI_CREDIT_FLOW_CONTROL)
262 break;
263 atomic_add(wake = hdr->data[4], &pn->tx_credits);
264 break;
265
266 default:
267 LIMIT_NETDEBUG(KERN_DEBUG"Phonet unknown PEP indication: %u\n",
268 (unsigned)hdr->data[1]);
269 return -EOPNOTSUPP;
270 }
271 if (wake)
272 sk->sk_write_space(sk);
273 return 0;
274 }
275
276 static int pipe_rcv_created(struct sock *sk, struct sk_buff *skb)
277 {
278 struct pep_sock *pn = pep_sk(sk);
279 struct pnpipehdr *hdr = pnp_hdr(skb);
280 u8 n_sb = hdr->data[0];
281
282 pn->rx_fc = pn->tx_fc = PN_LEGACY_FLOW_CONTROL;
283 __skb_pull(skb, sizeof(*hdr));
284 while (n_sb > 0) {
285 u8 type, buf[2], len = sizeof(buf);
286 u8 *data = pep_get_sb(skb, &type, &len, buf);
287
288 if (data == NULL)
289 return -EINVAL;
290 switch (type) {
291 case PN_PIPE_SB_NEGOTIATED_FC:
292 if (len < 2 || (data[0] | data[1]) > 3)
293 break;
294 pn->tx_fc = data[0] & 3;
295 pn->rx_fc = data[1] & 3;
296 break;
297 }
298 n_sb--;
299 }
300 return 0;
301 }
302
303 /* Queue an skb to a connected sock.
304 * Socket lock must be held. */
305 static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb)
306 {
307 struct pep_sock *pn = pep_sk(sk);
308 struct pnpipehdr *hdr = pnp_hdr(skb);
309 struct sk_buff_head *queue;
310 int err = 0;
311
312 BUG_ON(sk->sk_state == TCP_CLOSE_WAIT);
313
314 switch (hdr->message_id) {
315 case PNS_PEP_CONNECT_REQ:
316 pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE);
317 break;
318
319 case PNS_PEP_DISCONNECT_REQ:
320 pep_reply(sk, skb, PN_PIPE_NO_ERROR, NULL, 0, GFP_ATOMIC);
321 sk->sk_state = TCP_CLOSE_WAIT;
322 if (!sock_flag(sk, SOCK_DEAD))
323 sk->sk_state_change(sk);
324 break;
325
326 case PNS_PEP_ENABLE_REQ:
327 /* Wait for PNS_PIPE_(ENABLED|REDIRECTED)_IND */
328 pep_reply(sk, skb, PN_PIPE_NO_ERROR, NULL, 0, GFP_ATOMIC);
329 break;
330
331 case PNS_PEP_RESET_REQ:
332 switch (hdr->state_after_reset) {
333 case PN_PIPE_DISABLE:
334 pn->init_enable = 0;
335 break;
336 case PN_PIPE_ENABLE:
337 pn->init_enable = 1;
338 break;
339 default: /* not allowed to send an error here!? */
340 err = -EINVAL;
341 goto out;
342 }
343 /* fall through */
344 case PNS_PEP_DISABLE_REQ:
345 atomic_set(&pn->tx_credits, 0);
346 pep_reply(sk, skb, PN_PIPE_NO_ERROR, NULL, 0, GFP_ATOMIC);
347 break;
348
349 case PNS_PEP_CTRL_REQ:
350 if (skb_queue_len(&pn->ctrlreq_queue) >= PNPIPE_CTRLREQ_MAX) {
351 atomic_inc(&sk->sk_drops);
352 break;
353 }
354 __skb_pull(skb, 4);
355 queue = &pn->ctrlreq_queue;
356 goto queue;
357
358 case PNS_PIPE_DATA:
359 __skb_pull(skb, 3); /* Pipe data header */
360 if (!pn_flow_safe(pn->rx_fc)) {
361 err = sock_queue_rcv_skb(sk, skb);
362 if (!err)
363 return 0;
364 if (err == -ENOMEM)
365 atomic_inc(&sk->sk_drops);
366 break;
367 }
368
369 if (pn->rx_credits == 0) {
370 atomic_inc(&sk->sk_drops);
371 err = -ENOBUFS;
372 break;
373 }
374 pn->rx_credits--;
375 queue = &sk->sk_receive_queue;
376 goto queue;
377
378 case PNS_PEP_STATUS_IND:
379 pipe_rcv_status(sk, skb);
380 break;
381
382 case PNS_PIPE_REDIRECTED_IND:
383 err = pipe_rcv_created(sk, skb);
384 break;
385
386 case PNS_PIPE_CREATED_IND:
387 err = pipe_rcv_created(sk, skb);
388 if (err)
389 break;
390 /* fall through */
391 case PNS_PIPE_RESET_IND:
392 if (!pn->init_enable)
393 break;
394 /* fall through */
395 case PNS_PIPE_ENABLED_IND:
396 if (!pn_flow_safe(pn->tx_fc)) {
397 atomic_set(&pn->tx_credits, 1);
398 sk->sk_write_space(sk);
399 }
400 if (sk->sk_state == TCP_ESTABLISHED)
401 break; /* Nothing to do */
402 sk->sk_state = TCP_ESTABLISHED;
403 pipe_grant_credits(sk);
404 break;
405
406 case PNS_PIPE_DISABLED_IND:
407 sk->sk_state = TCP_SYN_RECV;
408 pn->rx_credits = 0;
409 break;
410
411 default:
412 LIMIT_NETDEBUG(KERN_DEBUG"Phonet unknown PEP message: %u\n",
413 hdr->message_id);
414 err = -EINVAL;
415 }
416 out:
417 kfree_skb(skb);
418 return err;
419
420 queue:
421 skb->dev = NULL;
422 skb_set_owner_r(skb, sk);
423 err = skb->len;
424 skb_queue_tail(queue, skb);
425 if (!sock_flag(sk, SOCK_DEAD))
426 sk->sk_data_ready(sk, err);
427 return 0;
428 }
429
430 /* Destroy connected sock. */
431 static void pipe_destruct(struct sock *sk)
432 {
433 struct pep_sock *pn = pep_sk(sk);
434
435 skb_queue_purge(&sk->sk_receive_queue);
436 skb_queue_purge(&pn->ctrlreq_queue);
437 }
438
439 static int pep_connreq_rcv(struct sock *sk, struct sk_buff *skb)
440 {
441 struct sock *newsk;
442 struct pep_sock *newpn, *pn = pep_sk(sk);
443 struct pnpipehdr *hdr;
444 struct sockaddr_pn dst;
445 u16 peer_type;
446 u8 pipe_handle, enabled, n_sb;
447
448 if (!pskb_pull(skb, sizeof(*hdr) + 4))
449 return -EINVAL;
450
451 hdr = pnp_hdr(skb);
452 pipe_handle = hdr->pipe_handle;
453 switch (hdr->state_after_connect) {
454 case PN_PIPE_DISABLE:
455 enabled = 0;
456 break;
457 case PN_PIPE_ENABLE:
458 enabled = 1;
459 break;
460 default:
461 pep_reject_conn(sk, skb, PN_PIPE_ERR_INVALID_PARAM);
462 return -EINVAL;
463 }
464 peer_type = hdr->other_pep_type << 8;
465
466 if (unlikely(sk->sk_state != TCP_LISTEN) || sk_acceptq_is_full(sk)) {
467 pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE);
468 return -ENOBUFS;
469 }
470
471 /* Parse sub-blocks (options) */
472 n_sb = hdr->data[4];
473 while (n_sb > 0) {
474 u8 type, buf[1], len = sizeof(buf);
475 const u8 *data = pep_get_sb(skb, &type, &len, buf);
476
477 if (data == NULL)
478 return -EINVAL;
479 switch (type) {
480 case PN_PIPE_SB_CONNECT_REQ_PEP_SUB_TYPE:
481 if (len < 1)
482 return -EINVAL;
483 peer_type = (peer_type & 0xff00) | data[0];
484 break;
485 }
486 n_sb--;
487 }
488
489 skb = skb_clone(skb, GFP_ATOMIC);
490 if (!skb)
491 return -ENOMEM;
492
493 /* Create a new to-be-accepted sock */
494 newsk = sk_alloc(sock_net(sk), PF_PHONET, GFP_ATOMIC, sk->sk_prot);
495 if (!newsk) {
496 kfree_skb(skb);
497 return -ENOMEM;
498 }
499 sock_init_data(NULL, newsk);
500 newsk->sk_state = TCP_SYN_RECV;
501 newsk->sk_backlog_rcv = pipe_do_rcv;
502 newsk->sk_protocol = sk->sk_protocol;
503 newsk->sk_destruct = pipe_destruct;
504
505 newpn = pep_sk(newsk);
506 pn_skb_get_dst_sockaddr(skb, &dst);
507 newpn->pn_sk.sobject = pn_sockaddr_get_object(&dst);
508 newpn->pn_sk.resource = pn->pn_sk.resource;
509 skb_queue_head_init(&newpn->ctrlreq_queue);
510 newpn->pipe_handle = pipe_handle;
511 atomic_set(&newpn->tx_credits, 0);
512 newpn->peer_type = peer_type;
513 newpn->rx_credits = 0;
514 newpn->rx_fc = newpn->tx_fc = PN_LEGACY_FLOW_CONTROL;
515 newpn->init_enable = enabled;
516
517 BUG_ON(!skb_queue_empty(&newsk->sk_receive_queue));
518 skb_queue_head(&newsk->sk_receive_queue, skb);
519 if (!sock_flag(sk, SOCK_DEAD))
520 sk->sk_data_ready(sk, 0);
521
522 sk_acceptq_added(sk);
523 sk_add_node(newsk, &pn->ackq);
524 return 0;
525 }
526
527 /* Listening sock must be locked */
528 static struct sock *pep_find_pipe(const struct hlist_head *hlist,
529 const struct sockaddr_pn *dst,
530 u8 pipe_handle)
531 {
532 struct hlist_node *node;
533 struct sock *sknode;
534 u16 dobj = pn_sockaddr_get_object(dst);
535
536 sk_for_each(sknode, node, hlist) {
537 struct pep_sock *pnnode = pep_sk(sknode);
538
539 /* Ports match, but addresses might not: */
540 if (pnnode->pn_sk.sobject != dobj)
541 continue;
542 if (pnnode->pipe_handle != pipe_handle)
543 continue;
544 if (sknode->sk_state == TCP_CLOSE_WAIT)
545 continue;
546
547 sock_hold(sknode);
548 return sknode;
549 }
550 return NULL;
551 }
552
553 /*
554 * Deliver an skb to a listening sock.
555 * Socket lock must be held.
556 * We then queue the skb to the right connected sock (if any).
557 */
558 static int pep_do_rcv(struct sock *sk, struct sk_buff *skb)
559 {
560 struct pep_sock *pn = pep_sk(sk);
561 struct sock *sknode;
562 struct pnpipehdr *hdr;
563 struct sockaddr_pn dst;
564 int err = NET_RX_SUCCESS;
565 u8 pipe_handle;
566
567 if (!pskb_may_pull(skb, sizeof(*hdr)))
568 goto drop;
569
570 hdr = pnp_hdr(skb);
571 pipe_handle = hdr->pipe_handle;
572 if (pipe_handle == PN_PIPE_INVALID_HANDLE)
573 goto drop;
574
575 pn_skb_get_dst_sockaddr(skb, &dst);
576
577 /* Look for an existing pipe handle */
578 sknode = pep_find_pipe(&pn->hlist, &dst, pipe_handle);
579 if (sknode)
580 return sk_receive_skb(sknode, skb, 1);
581
582 /* Look for a pipe handle pending accept */
583 sknode = pep_find_pipe(&pn->ackq, &dst, pipe_handle);
584 if (sknode) {
585 sock_put(sknode);
586 if (net_ratelimit())
587 printk(KERN_WARNING"Phonet unconnected PEP ignored");
588 err = NET_RX_DROP;
589 goto drop;
590 }
591
592 switch (hdr->message_id) {
593 case PNS_PEP_CONNECT_REQ:
594 err = pep_connreq_rcv(sk, skb);
595 break;
596
597 case PNS_PEP_DISCONNECT_REQ:
598 pep_reply(sk, skb, PN_PIPE_NO_ERROR, NULL, 0, GFP_ATOMIC);
599 break;
600
601 case PNS_PEP_CTRL_REQ:
602 pep_ctrlreq_error(sk, skb, PN_PIPE_INVALID_HANDLE, GFP_ATOMIC);
603 break;
604
605 case PNS_PEP_RESET_REQ:
606 case PNS_PEP_ENABLE_REQ:
607 case PNS_PEP_DISABLE_REQ:
608 /* invalid handle is not even allowed here! */
609 default:
610 err = NET_RX_DROP;
611 }
612 drop:
613 kfree_skb(skb);
614 return err;
615 }
616
617 /* associated socket ceases to exist */
618 static void pep_sock_close(struct sock *sk, long timeout)
619 {
620 struct pep_sock *pn = pep_sk(sk);
621 int ifindex = 0;
622
623 sk_common_release(sk);
624
625 lock_sock(sk);
626 if (sk->sk_state == TCP_LISTEN) {
627 /* Destroy the listen queue */
628 struct sock *sknode;
629 struct hlist_node *p, *n;
630
631 sk_for_each_safe(sknode, p, n, &pn->ackq)
632 sk_del_node_init(sknode);
633 sk->sk_state = TCP_CLOSE;
634 }
635 ifindex = pn->ifindex;
636 pn->ifindex = 0;
637 release_sock(sk);
638
639 if (ifindex)
640 gprs_detach(sk);
641 }
642
643 static int pep_wait_connreq(struct sock *sk, int noblock)
644 {
645 struct task_struct *tsk = current;
646 struct pep_sock *pn = pep_sk(sk);
647 long timeo = sock_rcvtimeo(sk, noblock);
648
649 for (;;) {
650 DEFINE_WAIT(wait);
651
652 if (sk->sk_state != TCP_LISTEN)
653 return -EINVAL;
654 if (!hlist_empty(&pn->ackq))
655 break;
656 if (!timeo)
657 return -EWOULDBLOCK;
658 if (signal_pending(tsk))
659 return sock_intr_errno(timeo);
660
661 prepare_to_wait_exclusive(&sk->sk_socket->wait, &wait,
662 TASK_INTERRUPTIBLE);
663 release_sock(sk);
664 timeo = schedule_timeout(timeo);
665 lock_sock(sk);
666 finish_wait(&sk->sk_socket->wait, &wait);
667 }
668
669 return 0;
670 }
671
672 static struct sock *pep_sock_accept(struct sock *sk, int flags, int *errp)
673 {
674 struct pep_sock *pn = pep_sk(sk);
675 struct sock *newsk = NULL;
676 struct sk_buff *oskb;
677 int err;
678
679 lock_sock(sk);
680 err = pep_wait_connreq(sk, flags & O_NONBLOCK);
681 if (err)
682 goto out;
683
684 newsk = __sk_head(&pn->ackq);
685
686 oskb = skb_dequeue(&newsk->sk_receive_queue);
687 err = pep_accept_conn(newsk, oskb);
688 if (err) {
689 skb_queue_head(&newsk->sk_receive_queue, oskb);
690 newsk = NULL;
691 goto out;
692 }
693
694 sock_hold(sk);
695 pep_sk(newsk)->listener = sk;
696
697 sock_hold(newsk);
698 sk_del_node_init(newsk);
699 sk_acceptq_removed(sk);
700 sk_add_node(newsk, &pn->hlist);
701 __sock_put(newsk);
702
703 out:
704 release_sock(sk);
705 *errp = err;
706 return newsk;
707 }
708
709 static int pep_ioctl(struct sock *sk, int cmd, unsigned long arg)
710 {
711 struct pep_sock *pn = pep_sk(sk);
712 int answ;
713
714 switch (cmd) {
715 case SIOCINQ:
716 if (sk->sk_state == TCP_LISTEN)
717 return -EINVAL;
718
719 lock_sock(sk);
720 if (sock_flag(sk, SOCK_URGINLINE)
721 && !skb_queue_empty(&pn->ctrlreq_queue))
722 answ = skb_peek(&pn->ctrlreq_queue)->len;
723 else if (!skb_queue_empty(&sk->sk_receive_queue))
724 answ = skb_peek(&sk->sk_receive_queue)->len;
725 else
726 answ = 0;
727 release_sock(sk);
728 return put_user(answ, (int __user *)arg);
729 }
730
731 return -ENOIOCTLCMD;
732 }
733
734 static int pep_init(struct sock *sk)
735 {
736 struct pep_sock *pn = pep_sk(sk);
737
738 INIT_HLIST_HEAD(&pn->ackq);
739 INIT_HLIST_HEAD(&pn->hlist);
740 skb_queue_head_init(&pn->ctrlreq_queue);
741 pn->pipe_handle = PN_PIPE_INVALID_HANDLE;
742 return 0;
743 }
744
745 static int pep_setsockopt(struct sock *sk, int level, int optname,
746 char __user *optval, unsigned int optlen)
747 {
748 struct pep_sock *pn = pep_sk(sk);
749 int val = 0, err = 0;
750
751 if (level != SOL_PNPIPE)
752 return -ENOPROTOOPT;
753 if (optlen >= sizeof(int)) {
754 if (get_user(val, (int __user *) optval))
755 return -EFAULT;
756 }
757
758 lock_sock(sk);
759 switch (optname) {
760 case PNPIPE_ENCAP:
761 if (val && val != PNPIPE_ENCAP_IP) {
762 err = -EINVAL;
763 break;
764 }
765 if (!pn->ifindex == !val)
766 break; /* Nothing to do! */
767 if (!capable(CAP_NET_ADMIN)) {
768 err = -EPERM;
769 break;
770 }
771 if (val) {
772 release_sock(sk);
773 err = gprs_attach(sk);
774 if (err > 0) {
775 pn->ifindex = err;
776 err = 0;
777 }
778 } else {
779 pn->ifindex = 0;
780 release_sock(sk);
781 gprs_detach(sk);
782 err = 0;
783 }
784 goto out_norel;
785 default:
786 err = -ENOPROTOOPT;
787 }
788 release_sock(sk);
789
790 out_norel:
791 return err;
792 }
793
794 static int pep_getsockopt(struct sock *sk, int level, int optname,
795 char __user *optval, int __user *optlen)
796 {
797 struct pep_sock *pn = pep_sk(sk);
798 int len, val;
799
800 if (level != SOL_PNPIPE)
801 return -ENOPROTOOPT;
802 if (get_user(len, optlen))
803 return -EFAULT;
804
805 switch (optname) {
806 case PNPIPE_ENCAP:
807 val = pn->ifindex ? PNPIPE_ENCAP_IP : PNPIPE_ENCAP_NONE;
808 break;
809 case PNPIPE_IFINDEX:
810 val = pn->ifindex;
811 break;
812 default:
813 return -ENOPROTOOPT;
814 }
815
816 len = min_t(unsigned int, sizeof(int), len);
817 if (put_user(len, optlen))
818 return -EFAULT;
819 if (put_user(val, (int __user *) optval))
820 return -EFAULT;
821 return 0;
822 }
823
824 static int pipe_skb_send(struct sock *sk, struct sk_buff *skb)
825 {
826 struct pep_sock *pn = pep_sk(sk);
827 struct pnpipehdr *ph;
828
829 if (pn_flow_safe(pn->tx_fc) &&
830 !atomic_add_unless(&pn->tx_credits, -1, 0)) {
831 kfree_skb(skb);
832 return -ENOBUFS;
833 }
834
835 skb_push(skb, 3);
836 skb_reset_transport_header(skb);
837 ph = pnp_hdr(skb);
838 ph->utid = 0;
839 ph->message_id = PNS_PIPE_DATA;
840 ph->pipe_handle = pn->pipe_handle;
841
842 return pn_skb_send(sk, skb, &pipe_srv);
843 }
844
845 static int pep_sendmsg(struct kiocb *iocb, struct sock *sk,
846 struct msghdr *msg, size_t len)
847 {
848 struct pep_sock *pn = pep_sk(sk);
849 struct sk_buff *skb = NULL;
850 long timeo;
851 int flags = msg->msg_flags;
852 int err, done;
853
854 if (len > 65535)
855 return -EMSGSIZE;
856
857 if (msg->msg_flags & MSG_OOB || !(msg->msg_flags & MSG_EOR))
858 return -EOPNOTSUPP;
859
860 lock_sock(sk);
861 timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT);
862 if ((1 << sk->sk_state) & (TCPF_LISTEN|TCPF_CLOSE)) {
863 err = -ENOTCONN;
864 goto out;
865 }
866 if (sk->sk_state != TCP_ESTABLISHED) {
867 /* Wait until the pipe gets to enabled state */
868 disabled:
869 err = sk_stream_wait_connect(sk, &timeo);
870 if (err)
871 goto out;
872
873 if (sk->sk_state == TCP_CLOSE_WAIT) {
874 err = -ECONNRESET;
875 goto out;
876 }
877 }
878 BUG_ON(sk->sk_state != TCP_ESTABLISHED);
879
880 /* Wait until flow control allows TX */
881 done = atomic_read(&pn->tx_credits);
882 while (!done) {
883 DEFINE_WAIT(wait);
884
885 if (!timeo) {
886 err = -EAGAIN;
887 goto out;
888 }
889 if (signal_pending(current)) {
890 err = sock_intr_errno(timeo);
891 goto out;
892 }
893
894 prepare_to_wait(&sk->sk_socket->wait, &wait,
895 TASK_INTERRUPTIBLE);
896 done = sk_wait_event(sk, &timeo, atomic_read(&pn->tx_credits));
897 finish_wait(&sk->sk_socket->wait, &wait);
898
899 if (sk->sk_state != TCP_ESTABLISHED)
900 goto disabled;
901 }
902
903 if (!skb) {
904 skb = sock_alloc_send_skb(sk, MAX_PNPIPE_HEADER + len,
905 flags & MSG_DONTWAIT, &err);
906 if (skb == NULL)
907 goto out;
908 skb_reserve(skb, MAX_PHONET_HEADER + 3);
909
910 if (sk->sk_state != TCP_ESTABLISHED ||
911 !atomic_read(&pn->tx_credits))
912 goto disabled; /* sock_alloc_send_skb might sleep */
913 }
914
915 err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
916 if (err < 0)
917 goto out;
918
919 err = pipe_skb_send(sk, skb);
920 if (err >= 0)
921 err = len; /* success! */
922 skb = NULL;
923 out:
924 release_sock(sk);
925 kfree_skb(skb);
926 return err;
927 }
928
929 int pep_writeable(struct sock *sk)
930 {
931 struct pep_sock *pn = pep_sk(sk);
932
933 return atomic_read(&pn->tx_credits);
934 }
935
936 int pep_write(struct sock *sk, struct sk_buff *skb)
937 {
938 struct sk_buff *rskb, *fs;
939 int flen = 0;
940
941 rskb = alloc_skb(MAX_PNPIPE_HEADER, GFP_ATOMIC);
942 if (!rskb) {
943 kfree_skb(skb);
944 return -ENOMEM;
945 }
946 skb_shinfo(rskb)->frag_list = skb;
947 rskb->len += skb->len;
948 rskb->data_len += rskb->len;
949 rskb->truesize += rskb->len;
950
951 /* Avoid nested fragments */
952 skb_walk_frags(skb, fs)
953 flen += fs->len;
954 skb->next = skb_shinfo(skb)->frag_list;
955 skb_frag_list_init(skb);
956 skb->len -= flen;
957 skb->data_len -= flen;
958 skb->truesize -= flen;
959
960 skb_reserve(rskb, MAX_PHONET_HEADER + 3);
961 return pipe_skb_send(sk, rskb);
962 }
963
964 struct sk_buff *pep_read(struct sock *sk)
965 {
966 struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue);
967
968 if (sk->sk_state == TCP_ESTABLISHED)
969 pipe_grant_credits(sk);
970 return skb;
971 }
972
973 static int pep_recvmsg(struct kiocb *iocb, struct sock *sk,
974 struct msghdr *msg, size_t len, int noblock,
975 int flags, int *addr_len)
976 {
977 struct sk_buff *skb;
978 int err;
979
980 if (unlikely(1 << sk->sk_state & (TCPF_LISTEN | TCPF_CLOSE)))
981 return -ENOTCONN;
982
983 if ((flags & MSG_OOB) || sock_flag(sk, SOCK_URGINLINE)) {
984 /* Dequeue and acknowledge control request */
985 struct pep_sock *pn = pep_sk(sk);
986
987 skb = skb_dequeue(&pn->ctrlreq_queue);
988 if (skb) {
989 pep_ctrlreq_error(sk, skb, PN_PIPE_NO_ERROR,
990 GFP_KERNEL);
991 msg->msg_flags |= MSG_OOB;
992 goto copy;
993 }
994 if (flags & MSG_OOB)
995 return -EINVAL;
996 }
997
998 skb = skb_recv_datagram(sk, flags, noblock, &err);
999 lock_sock(sk);
1000 if (skb == NULL) {
1001 if (err == -ENOTCONN && sk->sk_state == TCP_CLOSE_WAIT)
1002 err = -ECONNRESET;
1003 release_sock(sk);
1004 return err;
1005 }
1006
1007 if (sk->sk_state == TCP_ESTABLISHED)
1008 pipe_grant_credits(sk);
1009 release_sock(sk);
1010 copy:
1011 msg->msg_flags |= MSG_EOR;
1012 if (skb->len > len)
1013 msg->msg_flags |= MSG_TRUNC;
1014 else
1015 len = skb->len;
1016
1017 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, len);
1018 if (!err)
1019 err = (flags & MSG_TRUNC) ? skb->len : len;
1020
1021 skb_free_datagram(sk, skb);
1022 return err;
1023 }
1024
1025 static void pep_sock_unhash(struct sock *sk)
1026 {
1027 struct pep_sock *pn = pep_sk(sk);
1028 struct sock *skparent = NULL;
1029
1030 lock_sock(sk);
1031 if ((1 << sk->sk_state) & ~(TCPF_CLOSE|TCPF_LISTEN)) {
1032 skparent = pn->listener;
1033 sk_del_node_init(sk);
1034 release_sock(sk);
1035
1036 sk = skparent;
1037 pn = pep_sk(skparent);
1038 lock_sock(sk);
1039 }
1040 /* Unhash a listening sock only when it is closed
1041 * and all of its active connected pipes are closed. */
1042 if (hlist_empty(&pn->hlist))
1043 pn_sock_unhash(&pn->pn_sk.sk);
1044 release_sock(sk);
1045
1046 if (skparent)
1047 sock_put(skparent);
1048 }
1049
1050 static struct proto pep_proto = {
1051 .close = pep_sock_close,
1052 .accept = pep_sock_accept,
1053 .ioctl = pep_ioctl,
1054 .init = pep_init,
1055 .setsockopt = pep_setsockopt,
1056 .getsockopt = pep_getsockopt,
1057 .sendmsg = pep_sendmsg,
1058 .recvmsg = pep_recvmsg,
1059 .backlog_rcv = pep_do_rcv,
1060 .hash = pn_sock_hash,
1061 .unhash = pep_sock_unhash,
1062 .get_port = pn_sock_get_port,
1063 .obj_size = sizeof(struct pep_sock),
1064 .owner = THIS_MODULE,
1065 .name = "PNPIPE",
1066 };
1067
1068 static struct phonet_protocol pep_pn_proto = {
1069 .ops = &phonet_stream_ops,
1070 .prot = &pep_proto,
1071 .sock_type = SOCK_SEQPACKET,
1072 };
1073
1074 static int __init pep_register(void)
1075 {
1076 return phonet_proto_register(PN_PROTO_PIPE, &pep_pn_proto);
1077 }
1078
1079 static void __exit pep_unregister(void)
1080 {
1081 phonet_proto_unregister(PN_PROTO_PIPE, &pep_pn_proto);
1082 }
1083
1084 module_init(pep_register);
1085 module_exit(pep_unregister);
1086 MODULE_AUTHOR("Remi Denis-Courmont, Nokia");
1087 MODULE_DESCRIPTION("Phonet pipe protocol");
1088 MODULE_LICENSE("GPL");
1089 MODULE_ALIAS_NET_PF_PROTO(PF_PHONET, PN_PROTO_PIPE);
1090
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.