1// SPDX-License-Identifier: GPL-2.0-or-later
2/* Local endpoint object management
3 *
4 * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
6 */
7
8#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9
10#include <linux/module.h>
11#include <linux/net.h>
12#include <linux/skbuff.h>
13#include <linux/slab.h>
14#include <linux/udp.h>
15#include <linux/ip.h>
16#include <linux/hashtable.h>
17#include <net/sock.h>
18#include <net/udp.h>
19#include <net/udp_tunnel.h>
20#include <net/af_rxrpc.h>
21#include "ar-internal.h"
22
23static void rxrpc_local_rcu(struct rcu_head *);
24
25/*
26 * Handle an ICMP/ICMP6 error turning up at the tunnel. Push it through the
27 * usual mechanism so that it gets parsed and presented through the UDP
28 * socket's error_report().
29 */
30static void rxrpc_encap_err_rcv(struct sock *sk, struct sk_buff *skb, int err,
31 __be16 port, u32 info, u8 *payload)
32{
33 if (ip_hdr(skb)->version == IPVERSION)
34 return ip_icmp_error(sk, skb, err, port, info, payload);
35 if (IS_ENABLED(CONFIG_AF_RXRPC_IPV6))
36 return ipv6_icmp_error(sk, skb, err, port, info, payload);
37}
38
39/*
40 * Compare a local to an address. Return -ve, 0 or +ve to indicate less than,
41 * same or greater than.
42 *
43 * We explicitly don't compare the RxRPC service ID as we want to reject
44 * conflicting uses by differing services. Further, we don't want to share
45 * addresses with different options (IPv6), so we don't compare those bits
46 * either.
47 */
48static long rxrpc_local_cmp_key(const struct rxrpc_local *local,
49 const struct sockaddr_rxrpc *srx)
50{
51 long diff;
52
53 diff = ((local->srx.transport_type - srx->transport_type) ?:
54 (local->srx.transport_len - srx->transport_len) ?:
55 (local->srx.transport.family - srx->transport.family));
56 if (diff != 0)
57 return diff;
58
59 switch (srx->transport.family) {
60 case AF_INET:
61 /* If the choice of UDP port is left up to the transport, then
62 * the endpoint record doesn't match.
63 */
64 return ((u16 __force)local->srx.transport.sin.sin_port -
65 (u16 __force)srx->transport.sin.sin_port) ?:
66 memcmp(p: &local->srx.transport.sin.sin_addr,
67 q: &srx->transport.sin.sin_addr,
68 size: sizeof(struct in_addr));
69#ifdef CONFIG_AF_RXRPC_IPV6
70 case AF_INET6:
71 /* If the choice of UDP6 port is left up to the transport, then
72 * the endpoint record doesn't match.
73 */
74 return ((u16 __force)local->srx.transport.sin6.sin6_port -
75 (u16 __force)srx->transport.sin6.sin6_port) ?:
76 memcmp(p: &local->srx.transport.sin6.sin6_addr,
77 q: &srx->transport.sin6.sin6_addr,
78 size: sizeof(struct in6_addr));
79#endif
80 default:
81 BUG();
82 }
83}
84
85static void rxrpc_client_conn_reap_timeout(struct timer_list *timer)
86{
87 struct rxrpc_local *local =
88 container_of(timer, struct rxrpc_local, client_conn_reap_timer);
89
90 if (local->kill_all_client_conns &&
91 test_and_set_bit(RXRPC_CLIENT_CONN_REAP_TIMER, addr: &local->client_conn_flags))
92 rxrpc_wake_up_io_thread(local);
93}
94
95/*
96 * Allocate a new local endpoint.
97 */
98static struct rxrpc_local *rxrpc_alloc_local(struct net *net,
99 const struct sockaddr_rxrpc *srx)
100{
101 struct rxrpc_local *local;
102 u32 tmp;
103
104 local = kzalloc(size: sizeof(struct rxrpc_local), GFP_KERNEL);
105 if (local) {
106 refcount_set(r: &local->ref, n: 1);
107 atomic_set(v: &local->active_users, i: 1);
108 local->net = net;
109 local->rxnet = rxrpc_net(net);
110 INIT_HLIST_NODE(h: &local->link);
111 init_completion(x: &local->io_thread_ready);
112#ifdef CONFIG_AF_RXRPC_INJECT_RX_DELAY
113 skb_queue_head_init(list: &local->rx_delay_queue);
114#endif
115 skb_queue_head_init(list: &local->rx_queue);
116 INIT_LIST_HEAD(list: &local->conn_attend_q);
117 INIT_LIST_HEAD(list: &local->call_attend_q);
118
119 local->client_bundles = RB_ROOT;
120 spin_lock_init(&local->client_bundles_lock);
121 local->kill_all_client_conns = false;
122 INIT_LIST_HEAD(list: &local->idle_client_conns);
123 timer_setup(&local->client_conn_reap_timer,
124 rxrpc_client_conn_reap_timeout, 0);
125
126 spin_lock_init(&local->lock);
127 rwlock_init(&local->services_lock);
128 local->debug_id = atomic_inc_return(v: &rxrpc_debug_id);
129 memcpy(&local->srx, srx, sizeof(*srx));
130 local->srx.srx_service = 0;
131 idr_init(idr: &local->conn_ids);
132 get_random_bytes(buf: &tmp, len: sizeof(tmp));
133 tmp &= 0x3fffffff;
134 if (tmp == 0)
135 tmp = 1;
136 idr_set_cursor(idr: &local->conn_ids, val: tmp);
137 INIT_LIST_HEAD(list: &local->new_client_calls);
138 spin_lock_init(&local->client_call_lock);
139
140 trace_rxrpc_local(local_debug_id: local->debug_id, op: rxrpc_local_new, ref: 1, usage: 1);
141 }
142
143 _leave(" = %p", local);
144 return local;
145}
146
147/*
148 * create the local socket
149 * - must be called with rxrpc_local_mutex locked
150 */
151static int rxrpc_open_socket(struct rxrpc_local *local, struct net *net)
152{
153 struct udp_tunnel_sock_cfg tuncfg = {NULL};
154 struct sockaddr_rxrpc *srx = &local->srx;
155 struct udp_port_cfg udp_conf = {0};
156 struct task_struct *io_thread;
157 struct sock *usk;
158 int ret;
159
160 _enter("%p{%d,%d}",
161 local, srx->transport_type, srx->transport.family);
162
163 udp_conf.family = srx->transport.family;
164 udp_conf.use_udp_checksums = true;
165 if (udp_conf.family == AF_INET) {
166 udp_conf.local_ip = srx->transport.sin.sin_addr;
167 udp_conf.local_udp_port = srx->transport.sin.sin_port;
168#if IS_ENABLED(CONFIG_AF_RXRPC_IPV6)
169 } else {
170 udp_conf.local_ip6 = srx->transport.sin6.sin6_addr;
171 udp_conf.local_udp_port = srx->transport.sin6.sin6_port;
172 udp_conf.use_udp6_tx_checksums = true;
173 udp_conf.use_udp6_rx_checksums = true;
174#endif
175 }
176 ret = udp_sock_create(net, cfg: &udp_conf, sockp: &local->socket);
177 if (ret < 0) {
178 _leave(" = %d [socket]", ret);
179 return ret;
180 }
181
182 tuncfg.encap_type = UDP_ENCAP_RXRPC;
183 tuncfg.encap_rcv = rxrpc_encap_rcv;
184 tuncfg.encap_err_rcv = rxrpc_encap_err_rcv;
185 tuncfg.sk_user_data = local;
186 setup_udp_tunnel_sock(net, sock: local->socket, sock_cfg: &tuncfg);
187
188 /* set the socket up */
189 usk = local->socket->sk;
190 usk->sk_error_report = rxrpc_error_report;
191
192 switch (srx->transport.family) {
193 case AF_INET6:
194 /* we want to receive ICMPv6 errors */
195 ip6_sock_set_recverr(sk: usk);
196
197 /* Fall through and set IPv4 options too otherwise we don't get
198 * errors from IPv4 packets sent through the IPv6 socket.
199 */
200 fallthrough;
201 case AF_INET:
202 /* we want to receive ICMP errors */
203 ip_sock_set_recverr(sk: usk);
204
205 /* we want to set the don't fragment bit */
206 ip_sock_set_mtu_discover(sk: usk, IP_PMTUDISC_DO);
207
208 /* We want receive timestamps. */
209 sock_enable_timestamps(sk: usk);
210 break;
211
212 default:
213 BUG();
214 }
215
216 io_thread = kthread_run(rxrpc_io_thread, local,
217 "krxrpcio/%u", ntohs(udp_conf.local_udp_port));
218 if (IS_ERR(ptr: io_thread)) {
219 ret = PTR_ERR(ptr: io_thread);
220 goto error_sock;
221 }
222
223 wait_for_completion(&local->io_thread_ready);
224 local->io_thread = io_thread;
225 _leave(" = 0");
226 return 0;
227
228error_sock:
229 kernel_sock_shutdown(sock: local->socket, how: SHUT_RDWR);
230 local->socket->sk->sk_user_data = NULL;
231 sock_release(sock: local->socket);
232 local->socket = NULL;
233 return ret;
234}
235
236/*
237 * Look up or create a new local endpoint using the specified local address.
238 */
239struct rxrpc_local *rxrpc_lookup_local(struct net *net,
240 const struct sockaddr_rxrpc *srx)
241{
242 struct rxrpc_local *local;
243 struct rxrpc_net *rxnet = rxrpc_net(net);
244 struct hlist_node *cursor;
245 long diff;
246 int ret;
247
248 _enter("{%d,%d,%pISp}",
249 srx->transport_type, srx->transport.family, &srx->transport);
250
251 mutex_lock(&rxnet->local_mutex);
252
253 hlist_for_each(cursor, &rxnet->local_endpoints) {
254 local = hlist_entry(cursor, struct rxrpc_local, link);
255
256 diff = rxrpc_local_cmp_key(local, srx);
257 if (diff != 0)
258 continue;
259
260 /* Services aren't allowed to share transport sockets, so
261 * reject that here. It is possible that the object is dying -
262 * but it may also still have the local transport address that
263 * we want bound.
264 */
265 if (srx->srx_service) {
266 local = NULL;
267 goto addr_in_use;
268 }
269
270 /* Found a match. We want to replace a dying object.
271 * Attempting to bind the transport socket may still fail if
272 * we're attempting to use a local address that the dying
273 * object is still using.
274 */
275 if (!rxrpc_use_local(local, rxrpc_local_use_lookup))
276 break;
277
278 goto found;
279 }
280
281 local = rxrpc_alloc_local(net, srx);
282 if (!local)
283 goto nomem;
284
285 ret = rxrpc_open_socket(local, net);
286 if (ret < 0)
287 goto sock_error;
288
289 if (cursor) {
290 hlist_replace_rcu(old: cursor, new: &local->link);
291 cursor->pprev = NULL;
292 } else {
293 hlist_add_head_rcu(n: &local->link, h: &rxnet->local_endpoints);
294 }
295
296found:
297 mutex_unlock(lock: &rxnet->local_mutex);
298 _leave(" = %p", local);
299 return local;
300
301nomem:
302 ret = -ENOMEM;
303sock_error:
304 mutex_unlock(lock: &rxnet->local_mutex);
305 if (local)
306 call_rcu(head: &local->rcu, func: rxrpc_local_rcu);
307 _leave(" = %d", ret);
308 return ERR_PTR(error: ret);
309
310addr_in_use:
311 mutex_unlock(lock: &rxnet->local_mutex);
312 _leave(" = -EADDRINUSE");
313 return ERR_PTR(error: -EADDRINUSE);
314}
315
316/*
317 * Get a ref on a local endpoint.
318 */
319struct rxrpc_local *rxrpc_get_local(struct rxrpc_local *local,
320 enum rxrpc_local_trace why)
321{
322 int r, u;
323
324 u = atomic_read(v: &local->active_users);
325 __refcount_inc(r: &local->ref, oldp: &r);
326 trace_rxrpc_local(local_debug_id: local->debug_id, op: why, ref: r + 1, usage: u);
327 return local;
328}
329
330/*
331 * Get a ref on a local endpoint unless its usage has already reached 0.
332 */
333struct rxrpc_local *rxrpc_get_local_maybe(struct rxrpc_local *local,
334 enum rxrpc_local_trace why)
335{
336 int r, u;
337
338 if (local && __refcount_inc_not_zero(r: &local->ref, oldp: &r)) {
339 u = atomic_read(v: &local->active_users);
340 trace_rxrpc_local(local_debug_id: local->debug_id, op: why, ref: r + 1, usage: u);
341 return local;
342 }
343
344 return NULL;
345}
346
347/*
348 * Drop a ref on a local endpoint.
349 */
350void rxrpc_put_local(struct rxrpc_local *local, enum rxrpc_local_trace why)
351{
352 unsigned int debug_id;
353 bool dead;
354 int r, u;
355
356 if (local) {
357 debug_id = local->debug_id;
358
359 u = atomic_read(v: &local->active_users);
360 dead = __refcount_dec_and_test(r: &local->ref, oldp: &r);
361 trace_rxrpc_local(local_debug_id: debug_id, op: why, ref: r, usage: u);
362
363 if (dead)
364 call_rcu(head: &local->rcu, func: rxrpc_local_rcu);
365 }
366}
367
368/*
369 * Start using a local endpoint.
370 */
371struct rxrpc_local *rxrpc_use_local(struct rxrpc_local *local,
372 enum rxrpc_local_trace why)
373{
374 local = rxrpc_get_local_maybe(local, why: rxrpc_local_get_for_use);
375 if (!local)
376 return NULL;
377
378 if (!__rxrpc_use_local(local, why)) {
379 rxrpc_put_local(local, why: rxrpc_local_put_for_use);
380 return NULL;
381 }
382
383 return local;
384}
385
386/*
387 * Cease using a local endpoint. Once the number of active users reaches 0, we
388 * start the closure of the transport in the I/O thread..
389 */
390void rxrpc_unuse_local(struct rxrpc_local *local, enum rxrpc_local_trace why)
391{
392 unsigned int debug_id;
393 int r, u;
394
395 if (local) {
396 debug_id = local->debug_id;
397 r = refcount_read(r: &local->ref);
398 u = atomic_dec_return(v: &local->active_users);
399 trace_rxrpc_local(local_debug_id: debug_id, op: why, ref: r, usage: u);
400 if (u == 0)
401 kthread_stop(k: local->io_thread);
402 }
403}
404
405/*
406 * Destroy a local endpoint's socket and then hand the record to RCU to dispose
407 * of.
408 *
409 * Closing the socket cannot be done from bottom half context or RCU callback
410 * context because it might sleep.
411 */
412void rxrpc_destroy_local(struct rxrpc_local *local)
413{
414 struct socket *socket = local->socket;
415 struct rxrpc_net *rxnet = local->rxnet;
416
417 _enter("%d", local->debug_id);
418
419 local->dead = true;
420
421 mutex_lock(&rxnet->local_mutex);
422 hlist_del_init_rcu(n: &local->link);
423 mutex_unlock(lock: &rxnet->local_mutex);
424
425 rxrpc_clean_up_local_conns(local);
426 rxrpc_service_connection_reaper(&rxnet->service_conn_reaper);
427 ASSERT(!local->service);
428
429 if (socket) {
430 local->socket = NULL;
431 kernel_sock_shutdown(sock: socket, how: SHUT_RDWR);
432 socket->sk->sk_user_data = NULL;
433 sock_release(sock: socket);
434 }
435
436 /* At this point, there should be no more packets coming in to the
437 * local endpoint.
438 */
439#ifdef CONFIG_AF_RXRPC_INJECT_RX_DELAY
440 rxrpc_purge_queue(&local->rx_delay_queue);
441#endif
442 rxrpc_purge_queue(&local->rx_queue);
443 rxrpc_purge_client_connections(local);
444}
445
446/*
447 * Destroy a local endpoint after the RCU grace period expires.
448 */
449static void rxrpc_local_rcu(struct rcu_head *rcu)
450{
451 struct rxrpc_local *local = container_of(rcu, struct rxrpc_local, rcu);
452
453 rxrpc_see_local(local, why: rxrpc_local_free);
454 kfree(objp: local);
455}
456
457/*
458 * Verify the local endpoint list is empty by this point.
459 */
460void rxrpc_destroy_all_locals(struct rxrpc_net *rxnet)
461{
462 struct rxrpc_local *local;
463
464 _enter("");
465
466 flush_workqueue(rxrpc_workqueue);
467
468 if (!hlist_empty(h: &rxnet->local_endpoints)) {
469 mutex_lock(&rxnet->local_mutex);
470 hlist_for_each_entry(local, &rxnet->local_endpoints, link) {
471 pr_err("AF_RXRPC: Leaked local %p {%d}\n",
472 local, refcount_read(&local->ref));
473 }
474 mutex_unlock(lock: &rxnet->local_mutex);
475 BUG();
476 }
477}
478

source code of linux/net/rxrpc/local_object.c