1/* 2 * net/tipc/server.c: TIPC server infrastructure 3 * 4 * Copyright (c) 2012-2013, Wind River Systems 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the names of the copyright holders nor the names of its 16 * contributors may be used to endorse or promote products derived from 17 * this software without specific prior written permission. 18 * 19 * Alternatively, this software may be distributed under the terms of the 20 * GNU General Public License ("GPL") version 2 as published by the Free 21 * Software Foundation. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 24 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 33 * POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36#include "server.h" 37#include "core.h" 38#include "socket.h" 39#include <net/sock.h> 40#include <linux/module.h> 41 42/* Number of messages to send before rescheduling */ 43#define MAX_SEND_MSG_COUNT 25 44#define MAX_RECV_MSG_COUNT 25 45#define CF_CONNECTED 1 46#define CF_SERVER 2 47 48#define sock2con(x) ((struct tipc_conn *)(x)->sk_user_data) 49 50/** 51 * struct tipc_conn - TIPC connection structure 52 * @kref: reference counter to connection object 53 * @conid: connection identifier 54 * @sock: socket handler associated with connection 55 * @flags: indicates connection state 56 * @server: pointer to connected server 57 * @rwork: receive work item 58 * @usr_data: user-specified field 59 * @rx_action: what to do when connection socket is active 60 * @outqueue: pointer to first outbound message in queue 61 * @outqueue_lock: control access to the outqueue 62 * @outqueue: list of connection objects for its server 63 * @swork: send work item 64 */ 65struct tipc_conn { 66 struct kref kref; 67 int conid; 68 struct socket *sock; 69 unsigned long flags; 70 struct tipc_server *server; 71 struct work_struct rwork; 72 int (*rx_action) (struct tipc_conn *con); 73 void *usr_data; 74 struct list_head outqueue; 75 spinlock_t outqueue_lock; 76 struct work_struct swork; 77}; 78 79/* An entry waiting to be sent */ 80struct outqueue_entry { 81 struct list_head list; 82 struct kvec iov; 83 struct sockaddr_tipc dest; 84}; 85 86static void tipc_recv_work(struct work_struct *work); 87static void tipc_send_work(struct work_struct *work); 88static void tipc_clean_outqueues(struct tipc_conn *con); 89 90static void tipc_conn_kref_release(struct kref *kref) 91{ 92 struct tipc_conn *con = container_of(kref, struct tipc_conn, kref); 93 struct sockaddr_tipc *saddr = con->server->saddr; 94 struct socket *sock = con->sock; 95 struct sock *sk; 96 97 if (sock) { 98 sk = sock->sk; 99 if (test_bit(CF_SERVER, &con->flags)) { 100 __module_get(sock->ops->owner); 101 __module_get(sk->sk_prot_creator->owner); 102 } 103 saddr->scope = -TIPC_NODE_SCOPE; 104 kernel_bind(sock, (struct sockaddr *)saddr, sizeof(*saddr)); 105 sock_release(sock); 106 con->sock = NULL; 107 } 108 109 tipc_clean_outqueues(con); 110 kfree(con); 111} 112 113static void conn_put(struct tipc_conn *con) 114{ 115 kref_put(&con->kref, tipc_conn_kref_release); 116} 117 118static void conn_get(struct tipc_conn *con) 119{ 120 kref_get(&con->kref); 121} 122 123static struct tipc_conn *tipc_conn_lookup(struct tipc_server *s, int conid) 124{ 125 struct tipc_conn *con; 126 127 spin_lock_bh(&s->idr_lock); 128 con = idr_find(&s->conn_idr, conid); 129 if (con) 130 conn_get(con); 131 spin_unlock_bh(&s->idr_lock); 132 return con; 133} 134 135static void sock_data_ready(struct sock *sk) 136{ 137 struct tipc_conn *con; 138 139 read_lock(&sk->sk_callback_lock); 140 con = sock2con(sk); 141 if (con && test_bit(CF_CONNECTED, &con->flags)) { 142 conn_get(con); 143 if (!queue_work(con->server->rcv_wq, &con->rwork)) 144 conn_put(con); 145 } 146 read_unlock(&sk->sk_callback_lock); 147} 148 149static void sock_write_space(struct sock *sk) 150{ 151 struct tipc_conn *con; 152 153 read_lock(&sk->sk_callback_lock); 154 con = sock2con(sk); 155 if (con && test_bit(CF_CONNECTED, &con->flags)) { 156 conn_get(con); 157 if (!queue_work(con->server->send_wq, &con->swork)) 158 conn_put(con); 159 } 160 read_unlock(&sk->sk_callback_lock); 161} 162 163static void tipc_register_callbacks(struct socket *sock, struct tipc_conn *con) 164{ 165 struct sock *sk = sock->sk; 166 167 write_lock_bh(&sk->sk_callback_lock); 168 169 sk->sk_data_ready = sock_data_ready; 170 sk->sk_write_space = sock_write_space; 171 sk->sk_user_data = con; 172 173 con->sock = sock; 174 175 write_unlock_bh(&sk->sk_callback_lock); 176} 177 178static void tipc_unregister_callbacks(struct tipc_conn *con) 179{ 180 struct sock *sk = con->sock->sk; 181 182 write_lock_bh(&sk->sk_callback_lock); 183 sk->sk_user_data = NULL; 184 write_unlock_bh(&sk->sk_callback_lock); 185} 186 187static void tipc_close_conn(struct tipc_conn *con) 188{ 189 struct tipc_server *s = con->server; 190 191 if (test_and_clear_bit(CF_CONNECTED, &con->flags)) { 192 if (con->conid) 193 s->tipc_conn_shutdown(con->conid, con->usr_data); 194 195 spin_lock_bh(&s->idr_lock); 196 idr_remove(&s->conn_idr, con->conid); 197 s->idr_in_use--; 198 spin_unlock_bh(&s->idr_lock); 199 200 tipc_unregister_callbacks(con); 201 202 /* We shouldn't flush pending works as we may be in the 203 * thread. In fact the races with pending rx/tx work structs 204 * are harmless for us here as we have already deleted this 205 * connection from server connection list and set 206 * sk->sk_user_data to 0 before releasing connection object. 207 */ 208 kernel_sock_shutdown(con->sock, SHUT_RDWR); 209 210 conn_put(con); 211 } 212} 213 214static struct tipc_conn *tipc_alloc_conn(struct tipc_server *s) 215{ 216 struct tipc_conn *con; 217 int ret; 218 219 con = kzalloc(sizeof(struct tipc_conn), GFP_ATOMIC); 220 if (!con) 221 return ERR_PTR(-ENOMEM); 222 223 kref_init(&con->kref); 224 INIT_LIST_HEAD(&con->outqueue); 225 spin_lock_init(&con->outqueue_lock); 226 INIT_WORK(&con->swork, tipc_send_work); 227 INIT_WORK(&con->rwork, tipc_recv_work); 228 229 spin_lock_bh(&s->idr_lock); 230 ret = idr_alloc(&s->conn_idr, con, 0, 0, GFP_ATOMIC); 231 if (ret < 0) { 232 kfree(con); 233 spin_unlock_bh(&s->idr_lock); 234 return ERR_PTR(-ENOMEM); 235 } 236 con->conid = ret; 237 s->idr_in_use++; 238 spin_unlock_bh(&s->idr_lock); 239 240 set_bit(CF_CONNECTED, &con->flags); 241 con->server = s; 242 243 return con; 244} 245 246static int tipc_receive_from_sock(struct tipc_conn *con) 247{ 248 struct msghdr msg = {}; 249 struct tipc_server *s = con->server; 250 struct sockaddr_tipc addr; 251 struct kvec iov; 252 void *buf; 253 int ret; 254 255 buf = kmem_cache_alloc(s->rcvbuf_cache, GFP_ATOMIC); 256 if (!buf) { 257 ret = -ENOMEM; 258 goto out_close; 259 } 260 261 iov.iov_base = buf; 262 iov.iov_len = s->max_rcvbuf_size; 263 msg.msg_name = &addr; 264 ret = kernel_recvmsg(con->sock, &msg, &iov, 1, iov.iov_len, 265 MSG_DONTWAIT); 266 if (ret <= 0) { 267 kmem_cache_free(s->rcvbuf_cache, buf); 268 goto out_close; 269 } 270 271 s->tipc_conn_recvmsg(sock_net(con->sock->sk), con->conid, &addr, 272 con->usr_data, buf, ret); 273 274 kmem_cache_free(s->rcvbuf_cache, buf); 275 276 return 0; 277 278out_close: 279 if (ret != -EWOULDBLOCK) 280 tipc_close_conn(con); 281 else if (ret == 0) 282 /* Don't return success if we really got EOF */ 283 ret = -EAGAIN; 284 285 return ret; 286} 287 288static int tipc_accept_from_sock(struct tipc_conn *con) 289{ 290 struct tipc_server *s = con->server; 291 struct socket *sock = con->sock; 292 struct socket *newsock; 293 struct tipc_conn *newcon; 294 int ret; 295 296 ret = kernel_accept(sock, &newsock, O_NONBLOCK); 297 if (ret < 0) 298 return ret; 299 300 newcon = tipc_alloc_conn(con->server); 301 if (IS_ERR(newcon)) { 302 ret = PTR_ERR(newcon); 303 sock_release(newsock); 304 return ret; 305 } 306 307 newcon->rx_action = tipc_receive_from_sock; 308 tipc_register_callbacks(newsock, newcon); 309 310 /* Notify that new connection is incoming */ 311 newcon->usr_data = s->tipc_conn_new(newcon->conid); 312 313 /* Wake up receive process in case of 'SYN+' message */ 314 newsock->sk->sk_data_ready(newsock->sk); 315 return ret; 316} 317 318static struct socket *tipc_create_listen_sock(struct tipc_conn *con) 319{ 320 struct tipc_server *s = con->server; 321 struct socket *sock = NULL; 322 int ret; 323 324 ret = __sock_create(s->net, AF_TIPC, SOCK_SEQPACKET, 0, &sock, 1); 325 if (ret < 0) 326 return NULL; 327 ret = kernel_setsockopt(sock, SOL_TIPC, TIPC_IMPORTANCE, 328 (char *)&s->imp, sizeof(s->imp)); 329 if (ret < 0) 330 goto create_err; 331 ret = kernel_bind(sock, (struct sockaddr *)s->saddr, sizeof(*s->saddr)); 332 if (ret < 0) 333 goto create_err; 334 335 switch (s->type) { 336 case SOCK_STREAM: 337 case SOCK_SEQPACKET: 338 con->rx_action = tipc_accept_from_sock; 339 340 ret = kernel_listen(sock, 0); 341 if (ret < 0) 342 goto create_err; 343 break; 344 case SOCK_DGRAM: 345 case SOCK_RDM: 346 con->rx_action = tipc_receive_from_sock; 347 break; 348 default: 349 pr_err("Unknown socket type %d\n", s->type); 350 goto create_err; 351 } 352 353 /* As server's listening socket owner and creator is the same module, 354 * we have to decrease TIPC module reference count to guarantee that 355 * it remains zero after the server socket is created, otherwise, 356 * executing "rmmod" command is unable to make TIPC module deleted 357 * after TIPC module is inserted successfully. 358 * 359 * However, the reference count is ever increased twice in 360 * sock_create_kern(): one is to increase the reference count of owner 361 * of TIPC socket's proto_ops struct; another is to increment the 362 * reference count of owner of TIPC proto struct. Therefore, we must 363 * decrement the module reference count twice to ensure that it keeps 364 * zero after server's listening socket is created. Of course, we 365 * must bump the module reference count twice as well before the socket 366 * is closed. 367 */ 368 module_put(sock->ops->owner); 369 module_put(sock->sk->sk_prot_creator->owner); 370 set_bit(CF_SERVER, &con->flags); 371 372 return sock; 373 374create_err: 375 kernel_sock_shutdown(sock, SHUT_RDWR); 376 sock_release(sock); 377 return NULL; 378} 379 380static int tipc_open_listening_sock(struct tipc_server *s) 381{ 382 struct socket *sock; 383 struct tipc_conn *con; 384 385 con = tipc_alloc_conn(s); 386 if (IS_ERR(con)) 387 return PTR_ERR(con); 388 389 sock = tipc_create_listen_sock(con); 390 if (!sock) { 391 idr_remove(&s->conn_idr, con->conid); 392 s->idr_in_use--; 393 kfree(con); 394 return -EINVAL; 395 } 396 397 tipc_register_callbacks(sock, con); 398 return 0; 399} 400 401static struct outqueue_entry *tipc_alloc_entry(void *data, int len) 402{ 403 struct outqueue_entry *entry; 404 void *buf; 405 406 entry = kmalloc(sizeof(struct outqueue_entry), GFP_ATOMIC); 407 if (!entry) 408 return NULL; 409 410 buf = kmalloc(len, GFP_ATOMIC); 411 if (!buf) { 412 kfree(entry); 413 return NULL; 414 } 415 416 memcpy(buf, data, len); 417 entry->iov.iov_base = buf; 418 entry->iov.iov_len = len; 419 420 return entry; 421} 422 423static void tipc_free_entry(struct outqueue_entry *e) 424{ 425 kfree(e->iov.iov_base); 426 kfree(e); 427} 428 429static void tipc_clean_outqueues(struct tipc_conn *con) 430{ 431 struct outqueue_entry *e, *safe; 432 433 spin_lock_bh(&con->outqueue_lock); 434 list_for_each_entry_safe(e, safe, &con->outqueue, list) { 435 list_del(&e->list); 436 tipc_free_entry(e); 437 } 438 spin_unlock_bh(&con->outqueue_lock); 439} 440 441int tipc_conn_sendmsg(struct tipc_server *s, int conid, 442 struct sockaddr_tipc *addr, void *data, size_t len) 443{ 444 struct outqueue_entry *e; 445 struct tipc_conn *con; 446 447 con = tipc_conn_lookup(s, conid); 448 if (!con) 449 return -EINVAL; 450 451 e = tipc_alloc_entry(data, len); 452 if (!e) { 453 conn_put(con); 454 return -ENOMEM; 455 } 456 457 if (addr) 458 memcpy(&e->dest, addr, sizeof(struct sockaddr_tipc)); 459 460 spin_lock_bh(&con->outqueue_lock); 461 list_add_tail(&e->list, &con->outqueue); 462 spin_unlock_bh(&con->outqueue_lock); 463 464 if (test_bit(CF_CONNECTED, &con->flags)) { 465 if (!queue_work(s->send_wq, &con->swork)) 466 conn_put(con); 467 } else { 468 conn_put(con); 469 } 470 return 0; 471} 472 473void tipc_conn_terminate(struct tipc_server *s, int conid) 474{ 475 struct tipc_conn *con; 476 477 con = tipc_conn_lookup(s, conid); 478 if (con) { 479 tipc_close_conn(con); 480 conn_put(con); 481 } 482} 483 484static void tipc_send_to_sock(struct tipc_conn *con) 485{ 486 int count = 0; 487 struct tipc_server *s = con->server; 488 struct outqueue_entry *e; 489 struct msghdr msg; 490 int ret; 491 492 spin_lock_bh(&con->outqueue_lock); 493 while (1) { 494 e = list_entry(con->outqueue.next, struct outqueue_entry, 495 list); 496 if ((struct list_head *) e == &con->outqueue) 497 break; 498 spin_unlock_bh(&con->outqueue_lock); 499 500 memset(&msg, 0, sizeof(msg)); 501 msg.msg_flags = MSG_DONTWAIT; 502 503 if (s->type == SOCK_DGRAM || s->type == SOCK_RDM) { 504 msg.msg_name = &e->dest; 505 msg.msg_namelen = sizeof(struct sockaddr_tipc); 506 } 507 ret = kernel_sendmsg(con->sock, &msg, &e->iov, 1, 508 e->iov.iov_len); 509 if (ret == -EWOULDBLOCK || ret == 0) { 510 cond_resched(); 511 goto out; 512 } else if (ret < 0) { 513 goto send_err; 514 } 515 516 /* Don't starve users filling buffers */ 517 if (++count >= MAX_SEND_MSG_COUNT) { 518 cond_resched(); 519 count = 0; 520 } 521 522 spin_lock_bh(&con->outqueue_lock); 523 list_del(&e->list); 524 tipc_free_entry(e); 525 } 526 spin_unlock_bh(&con->outqueue_lock); 527out: 528 return; 529 530send_err: 531 tipc_close_conn(con); 532} 533 534static void tipc_recv_work(struct work_struct *work) 535{ 536 struct tipc_conn *con = container_of(work, struct tipc_conn, rwork); 537 int count = 0; 538 539 while (test_bit(CF_CONNECTED, &con->flags)) { 540 if (con->rx_action(con)) 541 break; 542 543 /* Don't flood Rx machine */ 544 if (++count >= MAX_RECV_MSG_COUNT) { 545 cond_resched(); 546 count = 0; 547 } 548 } 549 conn_put(con); 550} 551 552static void tipc_send_work(struct work_struct *work) 553{ 554 struct tipc_conn *con = container_of(work, struct tipc_conn, swork); 555 556 if (test_bit(CF_CONNECTED, &con->flags)) 557 tipc_send_to_sock(con); 558 559 conn_put(con); 560} 561 562static void tipc_work_stop(struct tipc_server *s) 563{ 564 destroy_workqueue(s->rcv_wq); 565 destroy_workqueue(s->send_wq); 566} 567 568static int tipc_work_start(struct tipc_server *s) 569{ 570 s->rcv_wq = alloc_workqueue("tipc_rcv", WQ_UNBOUND, 1); 571 if (!s->rcv_wq) { 572 pr_err("can't start tipc receive workqueue\n"); 573 return -ENOMEM; 574 } 575 576 s->send_wq = alloc_workqueue("tipc_send", WQ_UNBOUND, 1); 577 if (!s->send_wq) { 578 pr_err("can't start tipc send workqueue\n"); 579 destroy_workqueue(s->rcv_wq); 580 return -ENOMEM; 581 } 582 583 return 0; 584} 585 586int tipc_server_start(struct tipc_server *s) 587{ 588 int ret; 589 590 spin_lock_init(&s->idr_lock); 591 idr_init(&s->conn_idr); 592 s->idr_in_use = 0; 593 594 s->rcvbuf_cache = kmem_cache_create(s->name, s->max_rcvbuf_size, 595 0, SLAB_HWCACHE_ALIGN, NULL); 596 if (!s->rcvbuf_cache) 597 return -ENOMEM; 598 599 ret = tipc_work_start(s); 600 if (ret < 0) { 601 kmem_cache_destroy(s->rcvbuf_cache); 602 return ret; 603 } 604 ret = tipc_open_listening_sock(s); 605 if (ret < 0) { 606 tipc_work_stop(s); 607 kmem_cache_destroy(s->rcvbuf_cache); 608 return ret; 609 } 610 return ret; 611} 612 613void tipc_server_stop(struct tipc_server *s) 614{ 615 struct tipc_conn *con; 616 int total = 0; 617 int id; 618 619 spin_lock_bh(&s->idr_lock); 620 for (id = 0; total < s->idr_in_use; id++) { 621 con = idr_find(&s->conn_idr, id); 622 if (con) { 623 total++; 624 spin_unlock_bh(&s->idr_lock); 625 tipc_close_conn(con); 626 spin_lock_bh(&s->idr_lock); 627 } 628 } 629 spin_unlock_bh(&s->idr_lock); 630 631 tipc_work_stop(s); 632 kmem_cache_destroy(s->rcvbuf_cache); 633 idr_destroy(&s->conn_idr); 634} 635