socket.c 51.9 KB
Newer Older
P
Per Liden 已提交
1
/*
2
 * net/tipc/socket.c: TIPC socket API
3
 *
4
 * Copyright (c) 2001-2007, 2012-2014, Ericsson AB
5
 * Copyright (c) 2004-2008, 2010-2013, Wind River Systems
P
Per Liden 已提交
6 7
 * All rights reserved.
 *
P
Per Liden 已提交
8
 * Redistribution and use in source and binary forms, with or without
P
Per Liden 已提交
9 10
 * modification, are permitted provided that the following conditions are met:
 *
P
Per Liden 已提交
11 12 13 14 15 16 17 18
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the names of the copyright holders nor the names of its
 *    contributors may be used to endorse or promote products derived from
 *    this software without specific prior written permission.
P
Per Liden 已提交
19
 *
P
Per Liden 已提交
20 21 22 23 24 25 26 27 28 29 30 31 32 33
 * Alternatively, this software may be distributed under the terms of the
 * GNU General Public License ("GPL") version 2 as published by the Free
 * Software Foundation.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
P
Per Liden 已提交
34 35 36 37
 * POSSIBILITY OF SUCH DAMAGE.
 */

#include "core.h"
38
#include "port.h"
E
Erik Hugne 已提交
39
#include "node.h"
P
Per Liden 已提交
40

41
#include <linux/export.h>
42
#include "link.h"
43

P
Per Liden 已提交
44 45 46
#define SS_LISTENING	-1	/* socket is listening */
#define SS_READY	-2	/* socket is connectionless */

47
#define CONN_TIMEOUT_DEFAULT	8000	/* default connect timeout = 8s */
P
Per Liden 已提交
48

49
static int tipc_backlog_rcv(struct sock *sk, struct sk_buff *skb);
50
static void tipc_data_ready(struct sock *sk);
51
static void tipc_write_space(struct sock *sk);
52 53
static int tipc_release(struct socket *sock);
static int tipc_accept(struct socket *sock, struct socket *new_sock, int flags);
P
Per Liden 已提交
54

55 56 57
static const struct proto_ops packet_ops;
static const struct proto_ops stream_ops;
static const struct proto_ops msg_ops;
P
Per Liden 已提交
58 59

static struct proto tipc_proto;
60
static struct proto tipc_proto_kern;
P
Per Liden 已提交
61

62
/*
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
 * Revised TIPC socket locking policy:
 *
 * Most socket operations take the standard socket lock when they start
 * and hold it until they finish (or until they need to sleep).  Acquiring
 * this lock grants the owner exclusive access to the fields of the socket
 * data structures, with the exception of the backlog queue.  A few socket
 * operations can be done without taking the socket lock because they only
 * read socket information that never changes during the life of the socket.
 *
 * Socket operations may acquire the lock for the associated TIPC port if they
 * need to perform an operation on the port.  If any routine needs to acquire
 * both the socket lock and the port lock it must take the socket lock first
 * to avoid the risk of deadlock.
 *
 * The dispatcher handling incoming messages cannot grab the socket lock in
 * the standard fashion, since invoked it runs at the BH level and cannot block.
 * Instead, it checks to see if the socket lock is currently owned by someone,
 * and either handles the message itself or adds it to the socket's backlog
 * queue; in the latter case the queued message is processed once the process
 * owning the socket lock releases it.
 *
 * NOTE: Releasing the socket lock while an operation is sleeping overcomes
 * the problem of a blocked socket operation preventing any other operations
 * from occurring.  However, applications must be careful if they have
 * multiple threads trying to send (or receive) on the same socket, as these
 * operations might interfere with each other.  For example, doing a connect
 * and a receive at the same time might allow the receive to consume the
 * ACK message meant for the connect.  While additional work could be done
 * to try and overcome this, it doesn't seem to be worthwhile at the present.
 *
 * NOTE: Releasing the socket lock while an operation is sleeping also ensures
 * that another operation that must be performed in a non-blocking manner is
 * not delayed for very long because the lock has already been taken.
 *
 * NOTE: This code assumes that certain fields of a port/socket pair are
 * constant over its lifetime; such fields can be examined without taking
 * the socket lock and/or port lock, and do not need to be re-read even
 * after resuming processing after waiting.  These fields include:
 *   - socket type
 *   - pointer to socket sk structure (aka tipc_sock structure)
 *   - pointer to port structure
 *   - port reference
 */

107 108
#include "socket.h"

109 110 111 112
/**
 * advance_rx_queue - discard first buffer in socket receive queue
 *
 * Caller must hold socket lock
P
Per Liden 已提交
113
 */
114
static void advance_rx_queue(struct sock *sk)
P
Per Liden 已提交
115
{
116
	kfree_skb(__skb_dequeue(&sk->sk_receive_queue));
P
Per Liden 已提交
117 118 119
}

/**
120 121 122
 * reject_rx_queue - reject all buffers in socket receive queue
 *
 * Caller must hold socket lock
P
Per Liden 已提交
123
 */
124
static void reject_rx_queue(struct sock *sk)
P
Per Liden 已提交
125
{
126
	struct sk_buff *buf;
127
	u32 dnode;
128

129 130 131 132
	while ((buf = __skb_dequeue(&sk->sk_receive_queue))) {
		if (tipc_msg_reverse(buf, &dnode, TIPC_ERR_NO_PORT))
			tipc_link_xmit2(buf, dnode, 0);
	}
P
Per Liden 已提交
133 134 135
}

/**
136
 * tipc_sk_create - create a TIPC socket
137
 * @net: network namespace (must be default network)
P
Per Liden 已提交
138 139
 * @sock: pre-allocated socket structure
 * @protocol: protocol indicator (must be 0)
140
 * @kern: caused by kernel or by userspace?
141
 *
142 143
 * This routine creates additional data structures used by the TIPC socket,
 * initializes them, and links them together.
P
Per Liden 已提交
144 145 146
 *
 * Returns 0 on success, errno otherwise
 */
147 148
static int tipc_sk_create(struct net *net, struct socket *sock,
			  int protocol, int kern)
P
Per Liden 已提交
149
{
150 151
	const struct proto_ops *ops;
	socket_state state;
P
Per Liden 已提交
152
	struct sock *sk;
153 154 155
	struct tipc_sock *tsk;
	struct tipc_port *port;
	u32 ref;
156 157

	/* Validate arguments */
P
Per Liden 已提交
158 159 160 161 162
	if (unlikely(protocol != 0))
		return -EPROTONOSUPPORT;

	switch (sock->type) {
	case SOCK_STREAM:
163 164
		ops = &stream_ops;
		state = SS_UNCONNECTED;
P
Per Liden 已提交
165 166
		break;
	case SOCK_SEQPACKET:
167 168
		ops = &packet_ops;
		state = SS_UNCONNECTED;
P
Per Liden 已提交
169 170 171
		break;
	case SOCK_DGRAM:
	case SOCK_RDM:
172 173
		ops = &msg_ops;
		state = SS_READY;
P
Per Liden 已提交
174
		break;
175 176
	default:
		return -EPROTOTYPE;
P
Per Liden 已提交
177 178
	}

179
	/* Allocate socket's protocol area */
180 181 182 183 184
	if (!kern)
		sk = sk_alloc(net, AF_TIPC, GFP_KERNEL, &tipc_proto);
	else
		sk = sk_alloc(net, AF_TIPC, GFP_KERNEL, &tipc_proto_kern);

185
	if (sk == NULL)
P
Per Liden 已提交
186 187
		return -ENOMEM;

188 189 190 191 192 193
	tsk = tipc_sk(sk);
	port = &tsk->port;

	ref = tipc_port_init(port, TIPC_LOW_IMPORTANCE);
	if (!ref) {
		pr_warn("Socket registration failed, ref. table exhausted\n");
194 195 196
		sk_free(sk);
		return -ENOMEM;
	}
P
Per Liden 已提交
197

198 199 200
	/* Finish initializing socket data structures */
	sock->ops = ops;
	sock->state = state;
P
Per Liden 已提交
201

202
	sock_init_data(sock, sk);
203
	sk->sk_backlog_rcv = tipc_backlog_rcv;
204
	sk->sk_rcvbuf = sysctl_tipc_rmem[1];
205 206
	sk->sk_data_ready = tipc_data_ready;
	sk->sk_write_space = tipc_write_space;
207 208
	tsk->conn_timeout = CONN_TIMEOUT_DEFAULT;
	atomic_set(&tsk->dupl_rcvcnt, 0);
209
	tipc_port_unlock(port);
210

211
	if (sock->state == SS_READY) {
212
		tipc_port_set_unreturnable(port, true);
213
		if (sock->type == SOCK_DGRAM)
214
			tipc_port_set_unreliable(port, true);
215
	}
P
Per Liden 已提交
216 217 218
	return 0;
}

219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252
/**
 * tipc_sock_create_local - create TIPC socket from inside TIPC module
 * @type: socket type - SOCK_RDM or SOCK_SEQPACKET
 *
 * We cannot use sock_creat_kern here because it bumps module user count.
 * Since socket owner and creator is the same module we must make sure
 * that module count remains zero for module local sockets, otherwise
 * we cannot do rmmod.
 *
 * Returns 0 on success, errno otherwise
 */
int tipc_sock_create_local(int type, struct socket **res)
{
	int rc;

	rc = sock_create_lite(AF_TIPC, type, 0, res);
	if (rc < 0) {
		pr_err("Failed to create kernel socket\n");
		return rc;
	}
	tipc_sk_create(&init_net, *res, 0, 1);

	return 0;
}

/**
 * tipc_sock_release_local - release socket created by tipc_sock_create_local
 * @sock: the socket to be released.
 *
 * Module reference count is not incremented when such sockets are created,
 * so we must keep it from being decremented when they are released.
 */
void tipc_sock_release_local(struct socket *sock)
{
253
	tipc_release(sock);
254 255 256 257 258 259 260 261 262 263 264 265 266 267 268
	sock->ops = NULL;
	sock_release(sock);
}

/**
 * tipc_sock_accept_local - accept a connection on a socket created
 * with tipc_sock_create_local. Use this function to avoid that
 * module reference count is inadvertently incremented.
 *
 * @sock:    the accepting socket
 * @newsock: reference to the new socket to be created
 * @flags:   socket flags
 */

int tipc_sock_accept_local(struct socket *sock, struct socket **newsock,
269
			   int flags)
270 271 272 273 274 275 276 277 278
{
	struct sock *sk = sock->sk;
	int ret;

	ret = sock_create_lite(sk->sk_family, sk->sk_type,
			       sk->sk_protocol, newsock);
	if (ret < 0)
		return ret;

279
	ret = tipc_accept(sock, *newsock, flags);
280 281 282 283 284 285 286 287
	if (ret < 0) {
		sock_release(*newsock);
		return ret;
	}
	(*newsock)->ops = sock->ops;
	return ret;
}

P
Per Liden 已提交
288
/**
289
 * tipc_release - destroy a TIPC socket
P
Per Liden 已提交
290 291 292 293 294 295 296
 * @sock: socket to destroy
 *
 * This routine cleans up any messages that are still queued on the socket.
 * For DGRAM and RDM socket types, all queued messages are rejected.
 * For SEQPACKET and STREAM socket types, the first message is rejected
 * and any others are discarded.  (If the first message on a STREAM socket
 * is partially-read, it is discarded and the next one is rejected instead.)
297
 *
P
Per Liden 已提交
298 299 300 301 302 303
 * NOTE: Rejected messages are not necessarily returned to the sender!  They
 * are returned or discarded according to the "destination droppable" setting
 * specified for the message by the sender.
 *
 * Returns 0 on success, errno otherwise
 */
304
static int tipc_release(struct socket *sock)
P
Per Liden 已提交
305 306
{
	struct sock *sk = sock->sk;
307 308
	struct tipc_sock *tsk;
	struct tipc_port *port;
P
Per Liden 已提交
309
	struct sk_buff *buf;
310
	u32 dnode;
P
Per Liden 已提交
311

312 313 314 315 316
	/*
	 * Exit if socket isn't fully initialized (occurs when a failed accept()
	 * releases a pre-allocated child socket that was never used)
	 */
	if (sk == NULL)
P
Per Liden 已提交
317
		return 0;
318

319 320
	tsk = tipc_sk(sk);
	port = &tsk->port;
321 322 323 324 325 326
	lock_sock(sk);

	/*
	 * Reject all unreceived messages, except on an active connection
	 * (which disconnects locally & sends a 'FIN+' to peer)
	 */
P
Per Liden 已提交
327
	while (sock->state != SS_DISCONNECTING) {
328 329
		buf = __skb_dequeue(&sk->sk_receive_queue);
		if (buf == NULL)
P
Per Liden 已提交
330
			break;
Y
Ying Xue 已提交
331
		if (TIPC_SKB_CB(buf)->handle != NULL)
332
			kfree_skb(buf);
333 334 335 336
		else {
			if ((sock->state == SS_CONNECTING) ||
			    (sock->state == SS_CONNECTED)) {
				sock->state = SS_DISCONNECTING;
337
				tipc_port_disconnect(port->ref);
338
			}
339 340
			if (tipc_msg_reverse(buf, &dnode, TIPC_ERR_NO_PORT))
				tipc_link_xmit2(buf, dnode, 0);
341
		}
P
Per Liden 已提交
342 343
	}

344 345
	/* Destroy TIPC port; also disconnects an active connection and
	 * sends a 'FIN-' to peer.
346
	 */
347
	tipc_port_destroy(port);
P
Per Liden 已提交
348

349
	/* Discard any remaining (connection-based) messages in receive queue */
350
	__skb_queue_purge(&sk->sk_receive_queue);
P
Per Liden 已提交
351

352 353 354
	/* Reject any messages that accumulated in backlog queue */
	sock->state = SS_DISCONNECTING;
	release_sock(sk);
P
Per Liden 已提交
355 356

	sock_put(sk);
357
	sock->sk = NULL;
P
Per Liden 已提交
358

359
	return 0;
P
Per Liden 已提交
360 361 362
}

/**
363
 * tipc_bind - associate or disassocate TIPC name(s) with a socket
P
Per Liden 已提交
364 365 366
 * @sock: socket structure
 * @uaddr: socket address describing name(s) and desired operation
 * @uaddr_len: size of socket address data structure
367
 *
P
Per Liden 已提交
368 369 370
 * Name and name sequence binding is indicated using a positive scope value;
 * a negative scope value unbinds the specified name.  Specifying no name
 * (i.e. a socket address length of 0) unbinds all names from the socket.
371
 *
P
Per Liden 已提交
372
 * Returns 0 on success, errno otherwise
373 374 375
 *
 * NOTE: This routine doesn't need to take the socket lock since it doesn't
 *       access any non-constant socket information.
P
Per Liden 已提交
376
 */
377 378
static int tipc_bind(struct socket *sock, struct sockaddr *uaddr,
		     int uaddr_len)
P
Per Liden 已提交
379
{
380
	struct sock *sk = sock->sk;
P
Per Liden 已提交
381
	struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
382
	struct tipc_sock *tsk = tipc_sk(sk);
383
	int res = -EINVAL;
P
Per Liden 已提交
384

385 386
	lock_sock(sk);
	if (unlikely(!uaddr_len)) {
387
		res = tipc_withdraw(&tsk->port, 0, NULL);
388 389
		goto exit;
	}
390

391 392 393 394 395 396 397 398
	if (uaddr_len < sizeof(struct sockaddr_tipc)) {
		res = -EINVAL;
		goto exit;
	}
	if (addr->family != AF_TIPC) {
		res = -EAFNOSUPPORT;
		goto exit;
	}
P
Per Liden 已提交
399 400 401

	if (addr->addrtype == TIPC_ADDR_NAME)
		addr->addr.nameseq.upper = addr->addr.nameseq.lower;
402 403 404 405
	else if (addr->addrtype != TIPC_ADDR_NAMESEQ) {
		res = -EAFNOSUPPORT;
		goto exit;
	}
406

407
	if ((addr->addr.nameseq.type < TIPC_RESERVED_TYPES) &&
408
	    (addr->addr.nameseq.type != TIPC_TOP_SRV) &&
409 410 411 412
	    (addr->addr.nameseq.type != TIPC_CFG_SRV)) {
		res = -EACCES;
		goto exit;
	}
413

414
	res = (addr->scope > 0) ?
415 416
		tipc_publish(&tsk->port, addr->scope, &addr->addr.nameseq) :
		tipc_withdraw(&tsk->port, -addr->scope, &addr->addr.nameseq);
417 418 419
exit:
	release_sock(sk);
	return res;
P
Per Liden 已提交
420 421
}

422
/**
423
 * tipc_getname - get port ID of socket or peer socket
P
Per Liden 已提交
424 425 426
 * @sock: socket structure
 * @uaddr: area for returned socket address
 * @uaddr_len: area for returned length of socket address
427
 * @peer: 0 = own ID, 1 = current peer ID, 2 = current/former peer ID
428
 *
P
Per Liden 已提交
429
 * Returns 0 on success, errno otherwise
430
 *
431 432
 * NOTE: This routine doesn't need to take the socket lock since it only
 *       accesses socket information that is unchanging (or which changes in
433
 *       a completely predictable manner).
P
Per Liden 已提交
434
 */
435 436
static int tipc_getname(struct socket *sock, struct sockaddr *uaddr,
			int *uaddr_len, int peer)
P
Per Liden 已提交
437 438
{
	struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
439
	struct tipc_sock *tsk = tipc_sk(sock->sk);
P
Per Liden 已提交
440

441
	memset(addr, 0, sizeof(*addr));
442
	if (peer) {
443 444 445
		if ((sock->state != SS_CONNECTED) &&
			((peer != 2) || (sock->state != SS_DISCONNECTING)))
			return -ENOTCONN;
446 447
		addr->addr.id.ref = tipc_port_peerport(&tsk->port);
		addr->addr.id.node = tipc_port_peernode(&tsk->port);
448
	} else {
449
		addr->addr.id.ref = tsk->port.ref;
A
Allan Stephens 已提交
450
		addr->addr.id.node = tipc_own_addr;
451
	}
P
Per Liden 已提交
452 453 454 455 456 457 458

	*uaddr_len = sizeof(*addr);
	addr->addrtype = TIPC_ADDR_ID;
	addr->family = AF_TIPC;
	addr->scope = 0;
	addr->addr.name.domain = 0;

459
	return 0;
P
Per Liden 已提交
460 461 462
}

/**
463
 * tipc_poll - read and possibly block on pollmask
P
Per Liden 已提交
464 465 466 467
 * @file: file structure associated with the socket
 * @sock: socket for which to calculate the poll bits
 * @wait: ???
 *
468 469 470 471 472 473 474 475 476
 * Returns pollmask value
 *
 * COMMENTARY:
 * It appears that the usual socket locking mechanisms are not useful here
 * since the pollmask info is potentially out-of-date the moment this routine
 * exits.  TCP and other protocols seem to rely on higher level poll routines
 * to handle any preventable race conditions, so TIPC will do the same ...
 *
 * TIPC sets the returned events as follows:
477 478 479 480
 *
 * socket state		flags set
 * ------------		---------
 * unconnected		no read flags
481
 *			POLLOUT if port is not congested
482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500
 *
 * connecting		POLLIN/POLLRDNORM if ACK/NACK in rx queue
 *			no write flags
 *
 * connected		POLLIN/POLLRDNORM if data in rx queue
 *			POLLOUT if port is not congested
 *
 * disconnecting	POLLIN/POLLRDNORM/POLLHUP
 *			no write flags
 *
 * listening		POLLIN if SYN in rx queue
 *			no write flags
 *
 * ready		POLLIN/POLLRDNORM if data in rx queue
 * [connectionless]	POLLOUT (since port cannot be congested)
 *
 * IMPORTANT: The fact that a read or write operation is indicated does NOT
 * imply that the operation will succeed, merely that it should be performed
 * and will not block.
P
Per Liden 已提交
501
 */
502 503
static unsigned int tipc_poll(struct file *file, struct socket *sock,
			      poll_table *wait)
P
Per Liden 已提交
504
{
505
	struct sock *sk = sock->sk;
506
	struct tipc_sock *tsk = tipc_sk(sk);
507
	u32 mask = 0;
508

509
	sock_poll_wait(file, sk_sleep(sk), wait);
510

511
	switch ((int)sock->state) {
512
	case SS_UNCONNECTED:
513
		if (!tsk->port.congested)
514 515
			mask |= POLLOUT;
		break;
516 517
	case SS_READY:
	case SS_CONNECTED:
518
		if (!tsk->port.congested)
519 520 521 522 523 524 525 526 527 528 529
			mask |= POLLOUT;
		/* fall thru' */
	case SS_CONNECTING:
	case SS_LISTENING:
		if (!skb_queue_empty(&sk->sk_receive_queue))
			mask |= (POLLIN | POLLRDNORM);
		break;
	case SS_DISCONNECTING:
		mask = (POLLIN | POLLRDNORM | POLLHUP);
		break;
	}
530 531

	return mask;
P
Per Liden 已提交
532 533
}

534
/**
P
Per Liden 已提交
535 536 537
 * dest_name_check - verify user is permitted to send to specified port name
 * @dest: destination address
 * @m: descriptor for message to be sent
538
 *
P
Per Liden 已提交
539 540
 * Prevents restricted configuration commands from being issued by
 * unauthorized users.
541
 *
P
Per Liden 已提交
542 543
 * Returns 0 if permission is granted, otherwise errno
 */
S
Sam Ravnborg 已提交
544
static int dest_name_check(struct sockaddr_tipc *dest, struct msghdr *m)
P
Per Liden 已提交
545 546 547
{
	struct tipc_cfg_msg_hdr hdr;

548 549 550 551 552 553
	if (likely(dest->addr.name.name.type >= TIPC_RESERVED_TYPES))
		return 0;
	if (likely(dest->addr.name.name.type == TIPC_TOP_SRV))
		return 0;
	if (likely(dest->addr.name.name.type != TIPC_CFG_SRV))
		return -EACCES;
P
Per Liden 已提交
554

555 556
	if (!m->msg_iovlen || (m->msg_iov[0].iov_len < sizeof(hdr)))
		return -EMSGSIZE;
557
	if (copy_from_user(&hdr, m->msg_iov[0].iov_base, sizeof(hdr)))
P
Per Liden 已提交
558
		return -EFAULT;
559
	if ((ntohs(hdr.tcm_type) & 0xC000) && (!capable(CAP_NET_ADMIN)))
P
Per Liden 已提交
560
		return -EACCES;
561

P
Per Liden 已提交
562 563 564
	return 0;
}

565 566 567
static int tipc_wait_for_sndmsg(struct socket *sock, long *timeo_p)
{
	struct sock *sk = sock->sk;
568
	struct tipc_sock *tsk = tipc_sk(sk);
569 570 571 572 573 574 575 576 577 578 579 580 581 582 583
	DEFINE_WAIT(wait);
	int done;

	do {
		int err = sock_error(sk);
		if (err)
			return err;
		if (sock->state == SS_DISCONNECTING)
			return -EPIPE;
		if (!*timeo_p)
			return -EAGAIN;
		if (signal_pending(current))
			return sock_intr_errno(*timeo_p);

		prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
584
		done = sk_wait_event(sk, timeo_p, !tsk->port.congested);
585 586 587 588 589
		finish_wait(sk_sleep(sk), &wait);
	} while (!done);
	return 0;
}

590

P
Per Liden 已提交
591
/**
592
 * tipc_sendmsg - send message in connectionless manner
593
 * @iocb: if NULL, indicates that socket lock is already held
P
Per Liden 已提交
594 595
 * @sock: socket structure
 * @m: message to send
596
 * @total_len: length of message
597
 *
P
Per Liden 已提交
598
 * Message must have an destination specified explicitly.
599
 * Used for SOCK_RDM and SOCK_DGRAM messages,
P
Per Liden 已提交
600 601
 * and for 'SYN' messages on SOCK_SEQPACKET and SOCK_STREAM connections.
 * (Note: 'SYN+' is prohibited on SOCK_STREAM.)
602
 *
P
Per Liden 已提交
603 604
 * Returns the number of bytes sent on success, or errno otherwise
 */
605 606
static int tipc_sendmsg(struct kiocb *iocb, struct socket *sock,
			struct msghdr *m, size_t total_len)
P
Per Liden 已提交
607
{
608
	struct sock *sk = sock->sk;
609
	struct tipc_sock *tsk = tipc_sk(sk);
610
	struct tipc_port *port = &tsk->port;
611
	DECLARE_SOCKADDR(struct sockaddr_tipc *, dest, m->msg_name);
P
Per Liden 已提交
612
	int needs_conn;
613
	long timeo;
P
Per Liden 已提交
614 615 616 617
	int res = -EINVAL;

	if (unlikely(!dest))
		return -EDESTADDRREQ;
618 619
	if (unlikely((m->msg_namelen < sizeof(*dest)) ||
		     (dest->family != AF_TIPC)))
P
Per Liden 已提交
620
		return -EINVAL;
621
	if (total_len > TIPC_MAX_USER_MSG_SIZE)
622
		return -EMSGSIZE;
P
Per Liden 已提交
623

624 625 626
	if (iocb)
		lock_sock(sk);

P
Per Liden 已提交
627 628
	needs_conn = (sock->state != SS_READY);
	if (unlikely(needs_conn)) {
629 630 631 632 633 634 635 636
		if (sock->state == SS_LISTENING) {
			res = -EPIPE;
			goto exit;
		}
		if (sock->state != SS_UNCONNECTED) {
			res = -EISCONN;
			goto exit;
		}
637
		if (tsk->port.published) {
638 639 640
			res = -EOPNOTSUPP;
			goto exit;
		}
641
		if (dest->addrtype == TIPC_ADDR_NAME) {
642 643
			tsk->port.conn_type = dest->addr.name.name.type;
			tsk->port.conn_instance = dest->addr.name.name.instance;
644
		}
P
Per Liden 已提交
645 646

		/* Abort any pending connection attempts (very unlikely) */
647
		reject_rx_queue(sk);
P
Per Liden 已提交
648 649
	}

650
	timeo = sock_sndtimeo(sk, m->msg_flags & MSG_DONTWAIT);
651 652
	do {
		if (dest->addrtype == TIPC_ADDR_NAME) {
653 654
			res = dest_name_check(dest, m);
			if (res)
655
				break;
656
			res = tipc_send2name(port,
657 658
					     &dest->addr.name.name,
					     dest->addr.name.domain,
659 660
					     m->msg_iov,
					     total_len);
661
		} else if (dest->addrtype == TIPC_ADDR_ID) {
662
			res = tipc_send2port(port,
663
					     &dest->addr.id,
664 665
					     m->msg_iov,
					     total_len);
666
		} else if (dest->addrtype == TIPC_ADDR_MCAST) {
P
Per Liden 已提交
667 668
			if (needs_conn) {
				res = -EOPNOTSUPP;
669
				break;
P
Per Liden 已提交
670
			}
671 672
			res = dest_name_check(dest, m);
			if (res)
673
				break;
674
			res = tipc_port_mcast_xmit(port,
675 676 677
						   &dest->addr.nameseq,
						   m->msg_iov,
						   total_len);
678 679
		}
		if (likely(res != -ELINKCONG)) {
680
			if (needs_conn && (res >= 0))
681 682
				sock->state = SS_CONNECTING;
			break;
683
		}
684 685
		res = tipc_wait_for_sndmsg(sock, &timeo);
		if (res)
686
			break;
687
	} while (1);
688 689 690 691 692

exit:
	if (iocb)
		release_sock(sk);
	return res;
P
Per Liden 已提交
693 694
}

695 696 697
static int tipc_wait_for_sndpkt(struct socket *sock, long *timeo_p)
{
	struct sock *sk = sock->sk;
698 699
	struct tipc_sock *tsk = tipc_sk(sk);
	struct tipc_port *port = &tsk->port;
700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717
	DEFINE_WAIT(wait);
	int done;

	do {
		int err = sock_error(sk);
		if (err)
			return err;
		if (sock->state == SS_DISCONNECTING)
			return -EPIPE;
		else if (sock->state != SS_CONNECTED)
			return -ENOTCONN;
		if (!*timeo_p)
			return -EAGAIN;
		if (signal_pending(current))
			return sock_intr_errno(*timeo_p);

		prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
		done = sk_wait_event(sk, timeo_p,
718
				     (!port->congested || !port->connected));
719 720 721 722 723
		finish_wait(sk_sleep(sk), &wait);
	} while (!done);
	return 0;
}

724
/**
725
 * tipc_send_packet - send a connection-oriented message
726
 * @iocb: if NULL, indicates that socket lock is already held
P
Per Liden 已提交
727 728
 * @sock: socket structure
 * @m: message to send
729
 * @total_len: length of message
730
 *
P
Per Liden 已提交
731
 * Used for SOCK_SEQPACKET messages and SOCK_STREAM data.
732
 *
P
Per Liden 已提交
733 734
 * Returns the number of bytes sent on success, or errno otherwise
 */
735 736
static int tipc_send_packet(struct kiocb *iocb, struct socket *sock,
			    struct msghdr *m, size_t total_len)
P
Per Liden 已提交
737
{
738
	struct sock *sk = sock->sk;
739
	struct tipc_sock *tsk = tipc_sk(sk);
740
	DECLARE_SOCKADDR(struct sockaddr_tipc *, dest, m->msg_name);
741 742
	int res = -EINVAL;
	long timeo;
P
Per Liden 已提交
743 744 745

	/* Handle implied connection establishment */
	if (unlikely(dest))
746
		return tipc_sendmsg(iocb, sock, m, total_len);
P
Per Liden 已提交
747

748
	if (total_len > TIPC_MAX_USER_MSG_SIZE)
749 750
		return -EMSGSIZE;

751 752
	if (iocb)
		lock_sock(sk);
P
Per Liden 已提交
753

754 755 756 757 758 759 760
	if (unlikely(sock->state != SS_CONNECTED)) {
		if (sock->state == SS_DISCONNECTING)
			res = -EPIPE;
		else
			res = -ENOTCONN;
		goto exit;
	}
761

762
	timeo = sock_sndtimeo(sk, m->msg_flags & MSG_DONTWAIT);
763
	do {
764
		res = tipc_send(&tsk->port, m->msg_iov, total_len);
765
		if (likely(res != -ELINKCONG))
766
			break;
767 768
		res = tipc_wait_for_sndpkt(sock, &timeo);
		if (res)
769
			break;
770
	} while (1);
771
exit:
772 773 774
	if (iocb)
		release_sock(sk);
	return res;
P
Per Liden 已提交
775 776
}

777
/**
778
 * tipc_send_stream - send stream-oriented data
P
Per Liden 已提交
779 780 781 782
 * @iocb: (unused)
 * @sock: socket structure
 * @m: data to send
 * @total_len: total length of data to be sent
783
 *
P
Per Liden 已提交
784
 * Used for SOCK_STREAM data.
785 786
 *
 * Returns the number of bytes sent on success (or partial success),
787
 * or errno if no data sent
P
Per Liden 已提交
788
 */
789 790
static int tipc_send_stream(struct kiocb *iocb, struct socket *sock,
			    struct msghdr *m, size_t total_len)
P
Per Liden 已提交
791
{
792
	struct sock *sk = sock->sk;
793
	struct tipc_sock *tsk = tipc_sk(sk);
P
Per Liden 已提交
794 795 796 797 798
	struct msghdr my_msg;
	struct iovec my_iov;
	struct iovec *curr_iov;
	int curr_iovlen;
	char __user *curr_start;
799
	u32 hdr_size;
P
Per Liden 已提交
800 801
	int curr_left;
	int bytes_to_send;
802
	int bytes_sent;
P
Per Liden 已提交
803
	int res;
804

805 806
	lock_sock(sk);

807
	/* Handle special cases where there is no connection */
808
	if (unlikely(sock->state != SS_CONNECTED)) {
W
wangweidong 已提交
809
		if (sock->state == SS_UNCONNECTED)
810
			res = tipc_send_packet(NULL, sock, m, total_len);
811 812
		else
			res = sock->state == SS_DISCONNECTING ? -EPIPE : -ENOTCONN;
W
wangweidong 已提交
813
		goto exit;
814
	}
P
Per Liden 已提交
815

816 817 818 819
	if (unlikely(m->msg_name)) {
		res = -EISCONN;
		goto exit;
	}
820

821
	if (total_len > (unsigned int)INT_MAX) {
822 823 824 825
		res = -EMSGSIZE;
		goto exit;
	}

826
	/*
P
Per Liden 已提交
827 828
	 * Send each iovec entry using one or more messages
	 *
829
	 * Note: This algorithm is good for the most likely case
P
Per Liden 已提交
830 831 832
	 * (i.e. one large iovec entry), but could be improved to pass sets
	 * of small iovec entries into send_packet().
	 */
833 834
	curr_iov = m->msg_iov;
	curr_iovlen = m->msg_iovlen;
P
Per Liden 已提交
835 836
	my_msg.msg_iov = &my_iov;
	my_msg.msg_iovlen = 1;
837 838
	my_msg.msg_flags = m->msg_flags;
	my_msg.msg_name = NULL;
839
	bytes_sent = 0;
P
Per Liden 已提交
840

841
	hdr_size = msg_hdr_sz(&tsk->port.phdr);
842

P
Per Liden 已提交
843 844 845 846 847
	while (curr_iovlen--) {
		curr_start = curr_iov->iov_base;
		curr_left = curr_iov->iov_len;

		while (curr_left) {
848
			bytes_to_send = tsk->port.max_pkt - hdr_size;
849 850 851 852
			if (bytes_to_send > TIPC_MAX_USER_MSG_SIZE)
				bytes_to_send = TIPC_MAX_USER_MSG_SIZE;
			if (curr_left < bytes_to_send)
				bytes_to_send = curr_left;
P
Per Liden 已提交
853 854
			my_iov.iov_base = curr_start;
			my_iov.iov_len = bytes_to_send;
855 856
			res = tipc_send_packet(NULL, sock, &my_msg,
					       bytes_to_send);
857
			if (res < 0) {
858
				if (bytes_sent)
859
					res = bytes_sent;
860
				goto exit;
861
			}
P
Per Liden 已提交
862 863
			curr_left -= bytes_to_send;
			curr_start += bytes_to_send;
864
			bytes_sent += bytes_to_send;
P
Per Liden 已提交
865 866 867 868
		}

		curr_iov++;
	}
869 870 871 872
	res = bytes_sent;
exit:
	release_sock(sk);
	return res;
P
Per Liden 已提交
873 874 875 876
}

/**
 * auto_connect - complete connection setup to a remote port
877
 * @tsk: tipc socket structure
P
Per Liden 已提交
878
 * @msg: peer's response message
879
 *
P
Per Liden 已提交
880 881
 * Returns 0 on success, errno otherwise
 */
882
static int auto_connect(struct tipc_sock *tsk, struct tipc_msg *msg)
P
Per Liden 已提交
883
{
884 885
	struct tipc_port *port = &tsk->port;
	struct socket *sock = tsk->sk.sk_socket;
886 887 888 889
	struct tipc_portid peer;

	peer.ref = msg_origport(msg);
	peer.node = msg_orignode(msg);
P
Per Liden 已提交
890

891
	__tipc_port_connect(port->ref, port, &peer);
892 893 894

	if (msg_importance(msg) > TIPC_CRITICAL_IMPORTANCE)
		return -EINVAL;
895
	msg_set_importance(&port->phdr, (u32)msg_importance(msg));
P
Per Liden 已提交
896 897 898 899 900 901 902 903
	sock->state = SS_CONNECTED;
	return 0;
}

/**
 * set_orig_addr - capture sender's address for received message
 * @m: descriptor for message info
 * @msg: received message header
904
 *
P
Per Liden 已提交
905 906
 * Note: Address is not captured if not requested by receiver.
 */
S
Sam Ravnborg 已提交
907
static void set_orig_addr(struct msghdr *m, struct tipc_msg *msg)
P
Per Liden 已提交
908
{
909
	DECLARE_SOCKADDR(struct sockaddr_tipc *, addr, m->msg_name);
P
Per Liden 已提交
910

911
	if (addr) {
P
Per Liden 已提交
912 913
		addr->family = AF_TIPC;
		addr->addrtype = TIPC_ADDR_ID;
914
		memset(&addr->addr, 0, sizeof(addr->addr));
P
Per Liden 已提交
915 916
		addr->addr.id.ref = msg_origport(msg);
		addr->addr.id.node = msg_orignode(msg);
917 918
		addr->addr.name.domain = 0;	/* could leave uninitialized */
		addr->scope = 0;		/* could leave uninitialized */
P
Per Liden 已提交
919 920 921 922 923
		m->msg_namelen = sizeof(struct sockaddr_tipc);
	}
}

/**
924
 * anc_data_recv - optionally capture ancillary data for received message
P
Per Liden 已提交
925 926 927
 * @m: descriptor for message info
 * @msg: received message header
 * @tport: TIPC port associated with message
928
 *
P
Per Liden 已提交
929
 * Note: Ancillary data is not captured if not requested by receiver.
930
 *
P
Per Liden 已提交
931 932
 * Returns 0 if successful, otherwise errno
 */
S
Sam Ravnborg 已提交
933
static int anc_data_recv(struct msghdr *m, struct tipc_msg *msg,
934
			 struct tipc_port *tport)
P
Per Liden 已提交
935 936 937 938
{
	u32 anc_data[3];
	u32 err;
	u32 dest_type;
939
	int has_name;
P
Per Liden 已提交
940 941 942 943 944 945 946 947 948 949
	int res;

	if (likely(m->msg_controllen == 0))
		return 0;

	/* Optionally capture errored message object(s) */
	err = msg ? msg_errcode(msg) : 0;
	if (unlikely(err)) {
		anc_data[0] = err;
		anc_data[1] = msg_data_sz(msg);
950 951
		res = put_cmsg(m, SOL_TIPC, TIPC_ERRINFO, 8, anc_data);
		if (res)
P
Per Liden 已提交
952
			return res;
953 954 955 956 957 958
		if (anc_data[1]) {
			res = put_cmsg(m, SOL_TIPC, TIPC_RETDATA, anc_data[1],
				       msg_data(msg));
			if (res)
				return res;
		}
P
Per Liden 已提交
959 960 961 962 963 964
	}

	/* Optionally capture message destination object */
	dest_type = msg ? msg_type(msg) : TIPC_DIRECT_MSG;
	switch (dest_type) {
	case TIPC_NAMED_MSG:
965
		has_name = 1;
P
Per Liden 已提交
966 967 968 969 970
		anc_data[0] = msg_nametype(msg);
		anc_data[1] = msg_namelower(msg);
		anc_data[2] = msg_namelower(msg);
		break;
	case TIPC_MCAST_MSG:
971
		has_name = 1;
P
Per Liden 已提交
972 973 974 975 976
		anc_data[0] = msg_nametype(msg);
		anc_data[1] = msg_namelower(msg);
		anc_data[2] = msg_nameupper(msg);
		break;
	case TIPC_CONN_MSG:
977
		has_name = (tport->conn_type != 0);
P
Per Liden 已提交
978 979 980 981 982
		anc_data[0] = tport->conn_type;
		anc_data[1] = tport->conn_instance;
		anc_data[2] = tport->conn_instance;
		break;
	default:
983
		has_name = 0;
P
Per Liden 已提交
984
	}
985 986 987 988 989
	if (has_name) {
		res = put_cmsg(m, SOL_TIPC, TIPC_DESTNAME, 12, anc_data);
		if (res)
			return res;
	}
P
Per Liden 已提交
990 991 992 993

	return 0;
}

994
static int tipc_wait_for_rcvmsg(struct socket *sock, long *timeop)
Y
Ying Xue 已提交
995 996 997
{
	struct sock *sk = sock->sk;
	DEFINE_WAIT(wait);
998
	long timeo = *timeop;
Y
Ying Xue 已提交
999 1000 1001 1002
	int err;

	for (;;) {
		prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1003
		if (timeo && skb_queue_empty(&sk->sk_receive_queue)) {
Y
Ying Xue 已提交
1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022
			if (sock->state == SS_DISCONNECTING) {
				err = -ENOTCONN;
				break;
			}
			release_sock(sk);
			timeo = schedule_timeout(timeo);
			lock_sock(sk);
		}
		err = 0;
		if (!skb_queue_empty(&sk->sk_receive_queue))
			break;
		err = sock_intr_errno(timeo);
		if (signal_pending(current))
			break;
		err = -EAGAIN;
		if (!timeo)
			break;
	}
	finish_wait(sk_sleep(sk), &wait);
1023
	*timeop = timeo;
Y
Ying Xue 已提交
1024 1025 1026
	return err;
}

1027
/**
1028
 * tipc_recvmsg - receive packet-oriented message
P
Per Liden 已提交
1029 1030 1031 1032
 * @iocb: (unused)
 * @m: descriptor for message info
 * @buf_len: total size of user buffer area
 * @flags: receive flags
1033
 *
P
Per Liden 已提交
1034 1035 1036 1037 1038
 * Used for SOCK_DGRAM, SOCK_RDM, and SOCK_SEQPACKET messages.
 * If the complete message doesn't fit in user area, truncate it.
 *
 * Returns size of returned message data, errno otherwise
 */
1039 1040
static int tipc_recvmsg(struct kiocb *iocb, struct socket *sock,
			struct msghdr *m, size_t buf_len, int flags)
P
Per Liden 已提交
1041
{
1042
	struct sock *sk = sock->sk;
1043 1044
	struct tipc_sock *tsk = tipc_sk(sk);
	struct tipc_port *port = &tsk->port;
P
Per Liden 已提交
1045 1046
	struct sk_buff *buf;
	struct tipc_msg *msg;
Y
Ying Xue 已提交
1047
	long timeo;
P
Per Liden 已提交
1048 1049 1050 1051
	unsigned int sz;
	u32 err;
	int res;

1052
	/* Catch invalid receive requests */
P
Per Liden 已提交
1053 1054 1055
	if (unlikely(!buf_len))
		return -EINVAL;

1056
	lock_sock(sk);
P
Per Liden 已提交
1057

1058 1059
	if (unlikely(sock->state == SS_UNCONNECTED)) {
		res = -ENOTCONN;
P
Per Liden 已提交
1060 1061 1062
		goto exit;
	}

Y
Ying Xue 已提交
1063
	timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
1064
restart:
P
Per Liden 已提交
1065

1066
	/* Look for a message in receive queue; wait if necessary */
1067
	res = tipc_wait_for_rcvmsg(sock, &timeo);
Y
Ying Xue 已提交
1068 1069
	if (res)
		goto exit;
P
Per Liden 已提交
1070

1071 1072
	/* Look at first message in receive queue */
	buf = skb_peek(&sk->sk_receive_queue);
P
Per Liden 已提交
1073 1074 1075 1076 1077 1078
	msg = buf_msg(buf);
	sz = msg_data_sz(msg);
	err = msg_errcode(msg);

	/* Discard an empty non-errored message & try again */
	if ((!sz) && (!err)) {
1079
		advance_rx_queue(sk);
P
Per Liden 已提交
1080 1081 1082 1083 1084 1085 1086
		goto restart;
	}

	/* Capture sender's address (optional) */
	set_orig_addr(m, msg);

	/* Capture ancillary data (optional) */
1087
	res = anc_data_recv(m, msg, port);
1088
	if (res)
P
Per Liden 已提交
1089 1090 1091 1092 1093 1094 1095 1096
		goto exit;

	/* Capture message data (if valid) & compute return value (always) */
	if (!err) {
		if (unlikely(buf_len < sz)) {
			sz = buf_len;
			m->msg_flags |= MSG_TRUNC;
		}
1097 1098 1099
		res = skb_copy_datagram_iovec(buf, msg_hdr_sz(msg),
					      m->msg_iov, sz);
		if (res)
P
Per Liden 已提交
1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111
			goto exit;
		res = sz;
	} else {
		if ((sock->state == SS_READY) ||
		    ((err == TIPC_CONN_SHUTDOWN) || m->msg_control))
			res = 0;
		else
			res = -ECONNRESET;
	}

	/* Consume received message (optional) */
	if (likely(!(flags & MSG_PEEK))) {
1112
		if ((sock->state != SS_READY) &&
1113
		    (++port->conn_unacked >= TIPC_CONNACK_INTV))
1114
			tipc_acknowledge(port->ref, port->conn_unacked);
1115
		advance_rx_queue(sk);
1116
	}
P
Per Liden 已提交
1117
exit:
1118
	release_sock(sk);
P
Per Liden 已提交
1119 1120 1121
	return res;
}

1122
/**
1123
 * tipc_recv_stream - receive stream-oriented data
P
Per Liden 已提交
1124 1125 1126 1127
 * @iocb: (unused)
 * @m: descriptor for message info
 * @buf_len: total size of user buffer area
 * @flags: receive flags
1128 1129
 *
 * Used for SOCK_STREAM messages only.  If not enough data is available
P
Per Liden 已提交
1130 1131 1132 1133
 * will optionally wait for more; never truncates data.
 *
 * Returns size of returned message data, errno otherwise
 */
1134 1135
static int tipc_recv_stream(struct kiocb *iocb, struct socket *sock,
			    struct msghdr *m, size_t buf_len, int flags)
P
Per Liden 已提交
1136
{
1137
	struct sock *sk = sock->sk;
1138 1139
	struct tipc_sock *tsk = tipc_sk(sk);
	struct tipc_port *port = &tsk->port;
P
Per Liden 已提交
1140 1141
	struct sk_buff *buf;
	struct tipc_msg *msg;
Y
Ying Xue 已提交
1142
	long timeo;
P
Per Liden 已提交
1143
	unsigned int sz;
1144
	int sz_to_copy, target, needed;
P
Per Liden 已提交
1145 1146
	int sz_copied = 0;
	u32 err;
1147
	int res = 0;
P
Per Liden 已提交
1148

1149
	/* Catch invalid receive attempts */
P
Per Liden 已提交
1150 1151 1152
	if (unlikely(!buf_len))
		return -EINVAL;

1153
	lock_sock(sk);
P
Per Liden 已提交
1154

Y
Ying Xue 已提交
1155
	if (unlikely(sock->state == SS_UNCONNECTED)) {
1156
		res = -ENOTCONN;
P
Per Liden 已提交
1157 1158 1159
		goto exit;
	}

1160
	target = sock_rcvlowat(sk, flags & MSG_WAITALL, buf_len);
Y
Ying Xue 已提交
1161
	timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
P
Per Liden 已提交
1162

1163
restart:
1164
	/* Look for a message in receive queue; wait if necessary */
1165
	res = tipc_wait_for_rcvmsg(sock, &timeo);
Y
Ying Xue 已提交
1166 1167
	if (res)
		goto exit;
P
Per Liden 已提交
1168

1169 1170
	/* Look at first message in receive queue */
	buf = skb_peek(&sk->sk_receive_queue);
P
Per Liden 已提交
1171 1172 1173 1174 1175 1176
	msg = buf_msg(buf);
	sz = msg_data_sz(msg);
	err = msg_errcode(msg);

	/* Discard an empty non-errored message & try again */
	if ((!sz) && (!err)) {
1177
		advance_rx_queue(sk);
P
Per Liden 已提交
1178 1179 1180 1181 1182 1183
		goto restart;
	}

	/* Optionally capture sender's address & ancillary data of first msg */
	if (sz_copied == 0) {
		set_orig_addr(m, msg);
1184
		res = anc_data_recv(m, msg, port);
1185
		if (res)
P
Per Liden 已提交
1186 1187 1188 1189 1190
			goto exit;
	}

	/* Capture message data (if valid) & compute return value (always) */
	if (!err) {
1191
		u32 offset = (u32)(unsigned long)(TIPC_SKB_CB(buf)->handle);
P
Per Liden 已提交
1192

1193
		sz -= offset;
P
Per Liden 已提交
1194 1195
		needed = (buf_len - sz_copied);
		sz_to_copy = (sz <= needed) ? sz : needed;
1196 1197 1198 1199

		res = skb_copy_datagram_iovec(buf, msg_hdr_sz(msg) + offset,
					      m->msg_iov, sz_to_copy);
		if (res)
P
Per Liden 已提交
1200
			goto exit;
1201

P
Per Liden 已提交
1202 1203 1204 1205
		sz_copied += sz_to_copy;

		if (sz_to_copy < sz) {
			if (!(flags & MSG_PEEK))
1206 1207
				TIPC_SKB_CB(buf)->handle =
				(void *)(unsigned long)(offset + sz_to_copy);
P
Per Liden 已提交
1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221
			goto exit;
		}
	} else {
		if (sz_copied != 0)
			goto exit; /* can't add error msg to valid data */

		if ((err == TIPC_CONN_SHUTDOWN) || m->msg_control)
			res = 0;
		else
			res = -ECONNRESET;
	}

	/* Consume received message (optional) */
	if (likely(!(flags & MSG_PEEK))) {
1222
		if (unlikely(++port->conn_unacked >= TIPC_CONNACK_INTV))
1223
			tipc_acknowledge(port->ref, port->conn_unacked);
1224
		advance_rx_queue(sk);
1225
	}
P
Per Liden 已提交
1226 1227

	/* Loop around if more data is required */
1228 1229
	if ((sz_copied < buf_len) &&	/* didn't get all requested data */
	    (!skb_queue_empty(&sk->sk_receive_queue) ||
1230
	    (sz_copied < target)) &&	/* and more is ready or required */
1231 1232
	    (!(flags & MSG_PEEK)) &&	/* and aren't just peeking at data */
	    (!err))			/* and haven't reached a FIN */
P
Per Liden 已提交
1233 1234 1235
		goto restart;

exit:
1236
	release_sock(sk);
1237
	return sz_copied ? sz_copied : res;
P
Per Liden 已提交
1238 1239
}

1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260
/**
 * tipc_write_space - wake up thread if port congestion is released
 * @sk: socket
 */
static void tipc_write_space(struct sock *sk)
{
	struct socket_wq *wq;

	rcu_read_lock();
	wq = rcu_dereference(sk->sk_wq);
	if (wq_has_sleeper(wq))
		wake_up_interruptible_sync_poll(&wq->wait, POLLOUT |
						POLLWRNORM | POLLWRBAND);
	rcu_read_unlock();
}

/**
 * tipc_data_ready - wake up threads to indicate messages have been received
 * @sk: socket
 * @len: the length of messages
 */
1261
static void tipc_data_ready(struct sock *sk)
1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272
{
	struct socket_wq *wq;

	rcu_read_lock();
	wq = rcu_dereference(sk->sk_wq);
	if (wq_has_sleeper(wq))
		wake_up_interruptible_sync_poll(&wq->wait, POLLIN |
						POLLRDNORM | POLLRDBAND);
	rcu_read_unlock();
}

1273 1274
/**
 * filter_connect - Handle all incoming messages for a connection-based socket
1275
 * @tsk: TIPC socket
1276 1277
 * @msg: message
 *
1278
 * Returns 0 (TIPC_OK) if everyting ok, -TIPC_ERR_NO_PORT otherwise
1279
 */
1280
static int filter_connect(struct tipc_sock *tsk, struct sk_buff **buf)
1281
{
1282 1283
	struct sock *sk = &tsk->sk;
	struct tipc_port *port = &tsk->port;
1284
	struct socket *sock = sk->sk_socket;
1285
	struct tipc_msg *msg = buf_msg(*buf);
1286

1287
	int retval = -TIPC_ERR_NO_PORT;
1288
	int res;
1289 1290 1291 1292 1293 1294 1295

	if (msg_mcast(msg))
		return retval;

	switch ((int)sock->state) {
	case SS_CONNECTED:
		/* Accept only connection-based messages sent by peer */
1296
		if (msg_connected(msg) && tipc_port_peer_msg(port, msg)) {
1297 1298
			if (unlikely(msg_errcode(msg))) {
				sock->state = SS_DISCONNECTING;
1299
				__tipc_port_disconnect(port);
1300 1301 1302 1303 1304 1305
			}
			retval = TIPC_OK;
		}
		break;
	case SS_CONNECTING:
		/* Accept only ACK or NACK message */
1306 1307
		if (unlikely(msg_errcode(msg))) {
			sock->state = SS_DISCONNECTING;
1308
			sk->sk_err = ECONNREFUSED;
1309 1310 1311 1312 1313 1314 1315
			retval = TIPC_OK;
			break;
		}

		if (unlikely(!msg_connected(msg)))
			break;

1316
		res = auto_connect(tsk, msg);
1317 1318
		if (res) {
			sock->state = SS_DISCONNECTING;
1319
			sk->sk_err = -res;
1320
			retval = TIPC_OK;
1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335
			break;
		}

		/* If an incoming message is an 'ACK-', it should be
		 * discarded here because it doesn't contain useful
		 * data. In addition, we should try to wake up
		 * connect() routine if sleeping.
		 */
		if (msg_data_sz(msg) == 0) {
			kfree_skb(*buf);
			*buf = NULL;
			if (waitqueue_active(sk_sleep(sk)))
				wake_up_interruptible(sk_sleep(sk));
		}
		retval = TIPC_OK;
1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350
		break;
	case SS_LISTENING:
	case SS_UNCONNECTED:
		/* Accept only SYN message */
		if (!msg_connected(msg) && !(msg_errcode(msg)))
			retval = TIPC_OK;
		break;
	case SS_DISCONNECTING:
		break;
	default:
		pr_err("Unknown socket state %u\n", sock->state);
	}
	return retval;
}

1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361
/**
 * rcvbuf_limit - get proper overload limit of socket receive queue
 * @sk: socket
 * @buf: message
 *
 * For all connection oriented messages, irrespective of importance,
 * the default overload value (i.e. 67MB) is set as limit.
 *
 * For all connectionless messages, by default new queue limits are
 * as belows:
 *
1362 1363 1364 1365
 * TIPC_LOW_IMPORTANCE       (4 MB)
 * TIPC_MEDIUM_IMPORTANCE    (8 MB)
 * TIPC_HIGH_IMPORTANCE      (16 MB)
 * TIPC_CRITICAL_IMPORTANCE  (32 MB)
1366 1367 1368 1369 1370 1371 1372 1373
 *
 * Returns overload limit according to corresponding message importance
 */
static unsigned int rcvbuf_limit(struct sock *sk, struct sk_buff *buf)
{
	struct tipc_msg *msg = buf_msg(buf);

	if (msg_connected(msg))
1374 1375 1376 1377
		return sysctl_tipc_rmem[2];

	return sk->sk_rcvbuf >> TIPC_CRITICAL_IMPORTANCE <<
		msg_importance(msg);
1378 1379
}

1380
/**
1381 1382
 * filter_rcv - validate incoming message
 * @sk: socket
P
Per Liden 已提交
1383
 * @buf: message
1384
 *
1385 1386 1387 1388
 * Enqueues message on receive queue if acceptable; optionally handles
 * disconnect indication for a connected socket.
 *
 * Called with socket lock already taken; port lock may also be taken.
1389
 *
1390 1391
 * Returns 0 (TIPC_OK) if message was consumed, -TIPC error code if message
 * to be rejected.
P
Per Liden 已提交
1392
 */
1393
static int filter_rcv(struct sock *sk, struct sk_buff *buf)
P
Per Liden 已提交
1394
{
1395
	struct socket *sock = sk->sk_socket;
1396
	struct tipc_sock *tsk = tipc_sk(sk);
P
Per Liden 已提交
1397
	struct tipc_msg *msg = buf_msg(buf);
1398
	unsigned int limit = rcvbuf_limit(sk, buf);
1399
	int rc = TIPC_OK;
P
Per Liden 已提交
1400 1401

	/* Reject message if it is wrong sort of message for socket */
1402
	if (msg_type(msg) > TIPC_DIRECT_MSG)
1403
		return -TIPC_ERR_NO_PORT;
1404

P
Per Liden 已提交
1405
	if (sock->state == SS_READY) {
1406
		if (msg_connected(msg))
1407
			return -TIPC_ERR_NO_PORT;
P
Per Liden 已提交
1408
	} else {
1409 1410 1411
		rc = filter_connect(tsk, &buf);
		if (rc != TIPC_OK || buf == NULL)
			return rc;
P
Per Liden 已提交
1412 1413 1414
	}

	/* Reject message if there isn't room to queue it */
1415
	if (sk_rmem_alloc_get(sk) + buf->truesize >= limit)
1416
		return -TIPC_ERR_OVERLOAD;
P
Per Liden 已提交
1417

1418
	/* Enqueue message */
Y
Ying Xue 已提交
1419
	TIPC_SKB_CB(buf)->handle = NULL;
1420
	__skb_queue_tail(&sk->sk_receive_queue, buf);
1421
	skb_set_owner_r(buf, sk);
1422

1423
	sk->sk_data_ready(sk);
1424 1425
	return TIPC_OK;
}
P
Per Liden 已提交
1426

1427
/**
1428
 * tipc_backlog_rcv - handle incoming message from backlog queue
1429 1430 1431 1432 1433 1434 1435
 * @sk: socket
 * @buf: message
 *
 * Caller must hold socket lock, but not port lock.
 *
 * Returns 0
 */
1436
static int tipc_backlog_rcv(struct sock *sk, struct sk_buff *buf)
1437
{
1438
	int rc;
1439
	u32 onode;
1440
	struct tipc_sock *tsk = tipc_sk(sk);
1441
	uint truesize = buf->truesize;
1442

1443
	rc = filter_rcv(sk, buf);
1444

1445 1446 1447
	if (unlikely(rc && tipc_msg_reverse(buf, &onode, -rc)))
		tipc_link_xmit2(buf, onode, 0);
	else if (atomic_read(&tsk->dupl_rcvcnt) < TIPC_CONN_OVERLOAD_LIMIT)
1448
		atomic_add(truesize, &tsk->dupl_rcvcnt);
1449

1450 1451 1452 1453
	return 0;
}

/**
1454
 * tipc_sk_rcv - handle incoming message
1455 1456 1457
 * @buf: buffer containing arriving message
 * Consumes buffer
 * Returns 0 if success, or errno: -EHOSTUNREACH
1458
 */
1459
int tipc_sk_rcv(struct sk_buff *buf)
1460
{
1461 1462 1463 1464
	struct tipc_sock *tsk;
	struct tipc_port *port;
	struct sock *sk;
	u32 dport = msg_destport(buf_msg(buf));
1465
	int rc = TIPC_OK;
1466
	uint limit;
1467
	u32 dnode;
1468 1469 1470 1471 1472 1473 1474 1475 1476 1477

	/* Forward unresolved named message */
	if (unlikely(!dport)) {
		tipc_net_route_msg(buf);
		return 0;
	}

	/* Validate destination */
	port = tipc_port_lock(dport);
	if (unlikely(!port)) {
1478
		rc = -TIPC_ERR_NO_PORT;
1479 1480 1481 1482 1483 1484 1485
		goto exit;
	}

	tsk = tipc_port_to_sock(port);
	sk = &tsk->sk;

	/* Queue message */
1486
	bh_lock_sock(sk);
1487

1488
	if (!sock_owned_by_user(sk)) {
1489
		rc = filter_rcv(sk, buf);
1490
	} else {
1491 1492 1493 1494
		if (sk->sk_backlog.len == 0)
			atomic_set(&tsk->dupl_rcvcnt, 0);
		limit = rcvbuf_limit(sk, buf) + atomic_read(&tsk->dupl_rcvcnt);
		if (sk_add_backlog(sk, buf, limit))
1495
			rc = -TIPC_ERR_OVERLOAD;
1496
	}
1497

1498
	bh_unlock_sock(sk);
1499
	tipc_port_unlock(port);
1500

1501
	if (likely(!rc))
1502 1503
		return 0;
exit:
1504 1505 1506
	if (!tipc_msg_reverse(buf, &dnode, -rc))
		return -EHOSTUNREACH;
	tipc_link_xmit2(buf, dnode, 0);
1507
	return -EHOSTUNREACH;
P
Per Liden 已提交
1508 1509
}

Y
Ying Xue 已提交
1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531
static int tipc_wait_for_connect(struct socket *sock, long *timeo_p)
{
	struct sock *sk = sock->sk;
	DEFINE_WAIT(wait);
	int done;

	do {
		int err = sock_error(sk);
		if (err)
			return err;
		if (!*timeo_p)
			return -ETIMEDOUT;
		if (signal_pending(current))
			return sock_intr_errno(*timeo_p);

		prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
		done = sk_wait_event(sk, timeo_p, sock->state != SS_CONNECTING);
		finish_wait(sk_sleep(sk), &wait);
	} while (!done);
	return 0;
}

P
Per Liden 已提交
1532
/**
1533
 * tipc_connect - establish a connection to another TIPC port
P
Per Liden 已提交
1534 1535 1536
 * @sock: socket structure
 * @dest: socket address for destination port
 * @destlen: size of socket address data structure
1537
 * @flags: file-related flags associated with socket
P
Per Liden 已提交
1538 1539 1540
 *
 * Returns 0 on success, errno otherwise
 */
1541 1542
static int tipc_connect(struct socket *sock, struct sockaddr *dest,
			int destlen, int flags)
P
Per Liden 已提交
1543
{
1544
	struct sock *sk = sock->sk;
1545 1546
	struct sockaddr_tipc *dst = (struct sockaddr_tipc *)dest;
	struct msghdr m = {NULL,};
Y
Ying Xue 已提交
1547 1548
	long timeout = (flags & O_NONBLOCK) ? 0 : tipc_sk(sk)->conn_timeout;
	socket_state previous;
1549 1550
	int res;

1551 1552
	lock_sock(sk);

1553
	/* For now, TIPC does not allow use of connect() with DGRAM/RDM types */
1554 1555 1556 1557
	if (sock->state == SS_READY) {
		res = -EOPNOTSUPP;
		goto exit;
	}
1558 1559 1560 1561 1562 1563 1564

	/*
	 * Reject connection attempt using multicast address
	 *
	 * Note: send_msg() validates the rest of the address fields,
	 *       so there's no need to do it here
	 */
1565 1566 1567 1568 1569
	if (dst->addrtype == TIPC_ADDR_MCAST) {
		res = -EINVAL;
		goto exit;
	}

Y
Ying Xue 已提交
1570
	previous = sock->state;
1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582
	switch (sock->state) {
	case SS_UNCONNECTED:
		/* Send a 'SYN-' to destination */
		m.msg_name = dest;
		m.msg_namelen = destlen;

		/* If connect is in non-blocking case, set MSG_DONTWAIT to
		 * indicate send_msg() is never blocked.
		 */
		if (!timeout)
			m.msg_flags = MSG_DONTWAIT;

1583
		res = tipc_sendmsg(NULL, sock, &m, 0);
1584 1585 1586 1587 1588 1589 1590 1591 1592
		if ((res < 0) && (res != -EWOULDBLOCK))
			goto exit;

		/* Just entered SS_CONNECTING state; the only
		 * difference is that return value in non-blocking
		 * case is EINPROGRESS, rather than EALREADY.
		 */
		res = -EINPROGRESS;
	case SS_CONNECTING:
Y
Ying Xue 已提交
1593 1594 1595 1596 1597 1598 1599
		if (previous == SS_CONNECTING)
			res = -EALREADY;
		if (!timeout)
			goto exit;
		timeout = msecs_to_jiffies(timeout);
		/* Wait until an 'ACK' or 'RST' arrives, or a timeout occurs */
		res = tipc_wait_for_connect(sock, &timeout);
1600 1601 1602 1603 1604 1605
		break;
	case SS_CONNECTED:
		res = -EISCONN;
		break;
	default:
		res = -EINVAL;
Y
Ying Xue 已提交
1606
		break;
1607
	}
1608 1609
exit:
	release_sock(sk);
1610
	return res;
P
Per Liden 已提交
1611 1612
}

1613
/**
1614
 * tipc_listen - allow socket to listen for incoming connections
P
Per Liden 已提交
1615 1616
 * @sock: socket structure
 * @len: (unused)
1617
 *
P
Per Liden 已提交
1618 1619
 * Returns 0 on success, errno otherwise
 */
1620
static int tipc_listen(struct socket *sock, int len)
P
Per Liden 已提交
1621
{
1622 1623 1624 1625
	struct sock *sk = sock->sk;
	int res;

	lock_sock(sk);
P
Per Liden 已提交
1626

1627
	if (sock->state != SS_UNCONNECTED)
1628 1629 1630 1631 1632 1633 1634 1635
		res = -EINVAL;
	else {
		sock->state = SS_LISTENING;
		res = 0;
	}

	release_sock(sk);
	return res;
P
Per Liden 已提交
1636 1637
}

Y
Ying Xue 已提交
1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651
static int tipc_wait_for_accept(struct socket *sock, long timeo)
{
	struct sock *sk = sock->sk;
	DEFINE_WAIT(wait);
	int err;

	/* True wake-one mechanism for incoming connections: only
	 * one process gets woken up, not the 'whole herd'.
	 * Since we do not 'race & poll' for established sockets
	 * anymore, the common case will execute the loop only once.
	*/
	for (;;) {
		prepare_to_wait_exclusive(sk_sleep(sk), &wait,
					  TASK_INTERRUPTIBLE);
1652
		if (timeo && skb_queue_empty(&sk->sk_receive_queue)) {
Y
Ying Xue 已提交
1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673
			release_sock(sk);
			timeo = schedule_timeout(timeo);
			lock_sock(sk);
		}
		err = 0;
		if (!skb_queue_empty(&sk->sk_receive_queue))
			break;
		err = -EINVAL;
		if (sock->state != SS_LISTENING)
			break;
		err = sock_intr_errno(timeo);
		if (signal_pending(current))
			break;
		err = -EAGAIN;
		if (!timeo)
			break;
	}
	finish_wait(sk_sleep(sk), &wait);
	return err;
}

1674
/**
1675
 * tipc_accept - wait for connection request
P
Per Liden 已提交
1676 1677 1678
 * @sock: listening socket
 * @newsock: new socket that is to be connected
 * @flags: file-related flags associated with socket
1679
 *
P
Per Liden 已提交
1680 1681
 * Returns 0 on success, errno otherwise
 */
1682
static int tipc_accept(struct socket *sock, struct socket *new_sock, int flags)
P
Per Liden 已提交
1683
{
1684
	struct sock *new_sk, *sk = sock->sk;
P
Per Liden 已提交
1685
	struct sk_buff *buf;
1686
	struct tipc_port *new_port;
1687
	struct tipc_msg *msg;
1688
	struct tipc_portid peer;
1689
	u32 new_ref;
Y
Ying Xue 已提交
1690
	long timeo;
1691
	int res;
P
Per Liden 已提交
1692

1693
	lock_sock(sk);
P
Per Liden 已提交
1694

1695 1696
	if (sock->state != SS_LISTENING) {
		res = -EINVAL;
P
Per Liden 已提交
1697 1698
		goto exit;
	}
Y
Ying Xue 已提交
1699 1700 1701 1702
	timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
	res = tipc_wait_for_accept(sock, timeo);
	if (res)
		goto exit;
1703 1704 1705

	buf = skb_peek(&sk->sk_receive_queue);

1706
	res = tipc_sk_create(sock_net(sock->sk), new_sock, 0, 1);
1707 1708
	if (res)
		goto exit;
P
Per Liden 已提交
1709

1710
	new_sk = new_sock->sk;
1711
	new_port = &tipc_sk(new_sk)->port;
1712
	new_ref = new_port->ref;
1713
	msg = buf_msg(buf);
P
Per Liden 已提交
1714

1715 1716 1717 1718 1719 1720 1721 1722 1723 1724
	/* we lock on new_sk; but lockdep sees the lock on sk */
	lock_sock_nested(new_sk, SINGLE_DEPTH_NESTING);

	/*
	 * Reject any stray messages received by new socket
	 * before the socket lock was taken (very, very unlikely)
	 */
	reject_rx_queue(new_sk);

	/* Connect new socket to it's peer */
1725 1726 1727
	peer.ref = msg_origport(msg);
	peer.node = msg_orignode(msg);
	tipc_port_connect(new_ref, &peer);
1728 1729
	new_sock->state = SS_CONNECTED;

1730
	tipc_port_set_importance(new_port, msg_importance(msg));
1731
	if (msg_named(msg)) {
1732 1733
		new_port->conn_type = msg_nametype(msg);
		new_port->conn_instance = msg_nameinst(msg);
P
Per Liden 已提交
1734
	}
1735 1736 1737 1738 1739 1740 1741 1742 1743

	/*
	 * Respond to 'SYN-' by discarding it & returning 'ACK'-.
	 * Respond to 'SYN+' by queuing it on new socket.
	 */
	if (!msg_data_sz(msg)) {
		struct msghdr m = {NULL,};

		advance_rx_queue(sk);
1744
		tipc_send_packet(NULL, new_sock, &m, 0);
1745 1746 1747
	} else {
		__skb_dequeue(&sk->sk_receive_queue);
		__skb_queue_head(&new_sk->sk_receive_queue, buf);
1748
		skb_set_owner_r(buf, new_sk);
1749 1750
	}
	release_sock(new_sk);
P
Per Liden 已提交
1751
exit:
1752
	release_sock(sk);
P
Per Liden 已提交
1753 1754 1755 1756
	return res;
}

/**
1757
 * tipc_shutdown - shutdown socket connection
P
Per Liden 已提交
1758
 * @sock: socket structure
1759
 * @how: direction to close (must be SHUT_RDWR)
P
Per Liden 已提交
1760 1761
 *
 * Terminates connection (if necessary), then purges socket's receive queue.
1762
 *
P
Per Liden 已提交
1763 1764
 * Returns 0 on success, errno otherwise
 */
1765
static int tipc_shutdown(struct socket *sock, int how)
P
Per Liden 已提交
1766
{
1767
	struct sock *sk = sock->sk;
1768 1769
	struct tipc_sock *tsk = tipc_sk(sk);
	struct tipc_port *port = &tsk->port;
P
Per Liden 已提交
1770
	struct sk_buff *buf;
1771
	u32 peer;
P
Per Liden 已提交
1772 1773
	int res;

1774 1775
	if (how != SHUT_RDWR)
		return -EINVAL;
P
Per Liden 已提交
1776

1777
	lock_sock(sk);
P
Per Liden 已提交
1778 1779

	switch (sock->state) {
1780
	case SS_CONNECTING:
P
Per Liden 已提交
1781 1782 1783
	case SS_CONNECTED:

restart:
1784
		/* Disconnect and send a 'FIN+' or 'FIN-' message to peer */
1785 1786
		buf = __skb_dequeue(&sk->sk_receive_queue);
		if (buf) {
Y
Ying Xue 已提交
1787
			if (TIPC_SKB_CB(buf)->handle != NULL) {
1788
				kfree_skb(buf);
P
Per Liden 已提交
1789 1790
				goto restart;
			}
1791
			tipc_port_disconnect(port->ref);
1792 1793
			if (tipc_msg_reverse(buf, &peer, TIPC_CONN_SHUTDOWN))
				tipc_link_xmit2(buf, peer, 0);
1794
		} else {
1795
			tipc_port_shutdown(port->ref);
P
Per Liden 已提交
1796
		}
1797 1798

		sock->state = SS_DISCONNECTING;
P
Per Liden 已提交
1799 1800 1801 1802 1803

		/* fall through */

	case SS_DISCONNECTING:

1804
		/* Discard any unreceived messages */
1805
		__skb_queue_purge(&sk->sk_receive_queue);
1806 1807 1808

		/* Wake up anyone sleeping in poll */
		sk->sk_state_change(sk);
P
Per Liden 已提交
1809 1810 1811 1812 1813 1814 1815
		res = 0;
		break;

	default:
		res = -ENOTCONN;
	}

1816
	release_sock(sk);
P
Per Liden 已提交
1817 1818 1819 1820
	return res;
}

/**
1821
 * tipc_setsockopt - set socket option
P
Per Liden 已提交
1822 1823 1824 1825 1826
 * @sock: socket structure
 * @lvl: option level
 * @opt: option identifier
 * @ov: pointer to new option value
 * @ol: length of option value
1827 1828
 *
 * For stream sockets only, accepts and ignores all IPPROTO_TCP options
P
Per Liden 已提交
1829
 * (to ease compatibility).
1830
 *
P
Per Liden 已提交
1831 1832
 * Returns 0 on success, errno otherwise
 */
1833 1834
static int tipc_setsockopt(struct socket *sock, int lvl, int opt,
			   char __user *ov, unsigned int ol)
P
Per Liden 已提交
1835
{
1836
	struct sock *sk = sock->sk;
1837 1838
	struct tipc_sock *tsk = tipc_sk(sk);
	struct tipc_port *port = &tsk->port;
P
Per Liden 已提交
1839 1840 1841
	u32 value;
	int res;

1842 1843
	if ((lvl == IPPROTO_TCP) && (sock->type == SOCK_STREAM))
		return 0;
P
Per Liden 已提交
1844 1845 1846 1847
	if (lvl != SOL_TIPC)
		return -ENOPROTOOPT;
	if (ol < sizeof(value))
		return -EINVAL;
1848 1849
	res = get_user(value, (u32 __user *)ov);
	if (res)
P
Per Liden 已提交
1850 1851
		return res;

1852
	lock_sock(sk);
1853

P
Per Liden 已提交
1854 1855
	switch (opt) {
	case TIPC_IMPORTANCE:
1856
		tipc_port_set_importance(port, value);
P
Per Liden 已提交
1857 1858 1859
		break;
	case TIPC_SRC_DROPPABLE:
		if (sock->type != SOCK_STREAM)
1860
			tipc_port_set_unreliable(port, value);
1861
		else
P
Per Liden 已提交
1862 1863 1864
			res = -ENOPROTOOPT;
		break;
	case TIPC_DEST_DROPPABLE:
1865
		tipc_port_set_unreturnable(port, value);
P
Per Liden 已提交
1866 1867
		break;
	case TIPC_CONN_TIMEOUT:
1868
		tipc_sk(sk)->conn_timeout = value;
1869
		/* no need to set "res", since already 0 at this point */
P
Per Liden 已提交
1870 1871 1872 1873 1874
		break;
	default:
		res = -EINVAL;
	}

1875 1876
	release_sock(sk);

P
Per Liden 已提交
1877 1878 1879 1880
	return res;
}

/**
1881
 * tipc_getsockopt - get socket option
P
Per Liden 已提交
1882 1883 1884 1885 1886
 * @sock: socket structure
 * @lvl: option level
 * @opt: option identifier
 * @ov: receptacle for option value
 * @ol: receptacle for length of option value
1887 1888
 *
 * For stream sockets only, returns 0 length result for all IPPROTO_TCP options
P
Per Liden 已提交
1889
 * (to ease compatibility).
1890
 *
P
Per Liden 已提交
1891 1892
 * Returns 0 on success, errno otherwise
 */
1893 1894
static int tipc_getsockopt(struct socket *sock, int lvl, int opt,
			   char __user *ov, int __user *ol)
P
Per Liden 已提交
1895
{
1896
	struct sock *sk = sock->sk;
1897 1898
	struct tipc_sock *tsk = tipc_sk(sk);
	struct tipc_port *port = &tsk->port;
1899
	int len;
P
Per Liden 已提交
1900
	u32 value;
1901
	int res;
P
Per Liden 已提交
1902

1903 1904
	if ((lvl == IPPROTO_TCP) && (sock->type == SOCK_STREAM))
		return put_user(0, ol);
P
Per Liden 已提交
1905 1906
	if (lvl != SOL_TIPC)
		return -ENOPROTOOPT;
1907 1908
	res = get_user(len, ol);
	if (res)
1909
		return res;
P
Per Liden 已提交
1910

1911
	lock_sock(sk);
P
Per Liden 已提交
1912 1913 1914

	switch (opt) {
	case TIPC_IMPORTANCE:
1915
		value = tipc_port_importance(port);
P
Per Liden 已提交
1916 1917
		break;
	case TIPC_SRC_DROPPABLE:
1918
		value = tipc_port_unreliable(port);
P
Per Liden 已提交
1919 1920
		break;
	case TIPC_DEST_DROPPABLE:
1921
		value = tipc_port_unreturnable(port);
P
Per Liden 已提交
1922 1923
		break;
	case TIPC_CONN_TIMEOUT:
1924
		value = tipc_sk(sk)->conn_timeout;
1925
		/* no need to set "res", since already 0 at this point */
P
Per Liden 已提交
1926
		break;
1927
	case TIPC_NODE_RECVQ_DEPTH:
1928
		value = 0; /* was tipc_queue_size, now obsolete */
1929
		break;
1930
	case TIPC_SOCK_RECVQ_DEPTH:
1931 1932
		value = skb_queue_len(&sk->sk_receive_queue);
		break;
P
Per Liden 已提交
1933 1934 1935 1936
	default:
		res = -EINVAL;
	}

1937 1938
	release_sock(sk);

1939 1940
	if (res)
		return res;	/* "get" failed */
P
Per Liden 已提交
1941

1942 1943 1944 1945 1946 1947 1948
	if (len < sizeof(value))
		return -EINVAL;

	if (copy_to_user(ov, &value, sizeof(value)))
		return -EFAULT;

	return put_user(sizeof(value), ol);
P
Per Liden 已提交
1949 1950
}

E
Erik Hugne 已提交
1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972
int tipc_ioctl(struct socket *sk, unsigned int cmd, unsigned long arg)
{
	struct tipc_sioc_ln_req lnr;
	void __user *argp = (void __user *)arg;

	switch (cmd) {
	case SIOCGETLINKNAME:
		if (copy_from_user(&lnr, argp, sizeof(lnr)))
			return -EFAULT;
		if (!tipc_node_get_linkname(lnr.bearer_id, lnr.peer,
					    lnr.linkname, TIPC_MAX_LINK_NAME)) {
			if (copy_to_user(argp, &lnr, sizeof(lnr)))
				return -EFAULT;
			return 0;
		}
		return -EADDRNOTAVAIL;
		break;
	default:
		return -ENOIOCTLCMD;
	}
}

1973 1974
/* Protocol switches for the various types of TIPC sockets */

1975
static const struct proto_ops msg_ops = {
1976
	.owner		= THIS_MODULE,
P
Per Liden 已提交
1977
	.family		= AF_TIPC,
1978 1979 1980
	.release	= tipc_release,
	.bind		= tipc_bind,
	.connect	= tipc_connect,
1981
	.socketpair	= sock_no_socketpair,
1982
	.accept		= sock_no_accept,
1983 1984
	.getname	= tipc_getname,
	.poll		= tipc_poll,
E
Erik Hugne 已提交
1985
	.ioctl		= tipc_ioctl,
1986
	.listen		= sock_no_listen,
1987 1988 1989 1990 1991
	.shutdown	= tipc_shutdown,
	.setsockopt	= tipc_setsockopt,
	.getsockopt	= tipc_getsockopt,
	.sendmsg	= tipc_sendmsg,
	.recvmsg	= tipc_recvmsg,
1992 1993
	.mmap		= sock_no_mmap,
	.sendpage	= sock_no_sendpage
P
Per Liden 已提交
1994 1995
};

1996
static const struct proto_ops packet_ops = {
1997
	.owner		= THIS_MODULE,
P
Per Liden 已提交
1998
	.family		= AF_TIPC,
1999 2000 2001
	.release	= tipc_release,
	.bind		= tipc_bind,
	.connect	= tipc_connect,
2002
	.socketpair	= sock_no_socketpair,
2003 2004 2005
	.accept		= tipc_accept,
	.getname	= tipc_getname,
	.poll		= tipc_poll,
E
Erik Hugne 已提交
2006
	.ioctl		= tipc_ioctl,
2007 2008 2009 2010 2011 2012
	.listen		= tipc_listen,
	.shutdown	= tipc_shutdown,
	.setsockopt	= tipc_setsockopt,
	.getsockopt	= tipc_getsockopt,
	.sendmsg	= tipc_send_packet,
	.recvmsg	= tipc_recvmsg,
2013 2014
	.mmap		= sock_no_mmap,
	.sendpage	= sock_no_sendpage
P
Per Liden 已提交
2015 2016
};

2017
static const struct proto_ops stream_ops = {
2018
	.owner		= THIS_MODULE,
P
Per Liden 已提交
2019
	.family		= AF_TIPC,
2020 2021 2022
	.release	= tipc_release,
	.bind		= tipc_bind,
	.connect	= tipc_connect,
2023
	.socketpair	= sock_no_socketpair,
2024 2025 2026
	.accept		= tipc_accept,
	.getname	= tipc_getname,
	.poll		= tipc_poll,
E
Erik Hugne 已提交
2027
	.ioctl		= tipc_ioctl,
2028 2029 2030 2031 2032 2033
	.listen		= tipc_listen,
	.shutdown	= tipc_shutdown,
	.setsockopt	= tipc_setsockopt,
	.getsockopt	= tipc_getsockopt,
	.sendmsg	= tipc_send_stream,
	.recvmsg	= tipc_recv_stream,
2034 2035
	.mmap		= sock_no_mmap,
	.sendpage	= sock_no_sendpage
P
Per Liden 已提交
2036 2037
};

2038
static const struct net_proto_family tipc_family_ops = {
2039
	.owner		= THIS_MODULE,
P
Per Liden 已提交
2040
	.family		= AF_TIPC,
2041
	.create		= tipc_sk_create
P
Per Liden 已提交
2042 2043 2044 2045 2046
};

static struct proto tipc_proto = {
	.name		= "TIPC",
	.owner		= THIS_MODULE,
2047 2048
	.obj_size	= sizeof(struct tipc_sock),
	.sysctl_rmem	= sysctl_tipc_rmem
P
Per Liden 已提交
2049 2050
};

2051 2052 2053 2054 2055 2056
static struct proto tipc_proto_kern = {
	.name		= "TIPC",
	.obj_size	= sizeof(struct tipc_sock),
	.sysctl_rmem	= sysctl_tipc_rmem
};

P
Per Liden 已提交
2057
/**
2058
 * tipc_socket_init - initialize TIPC socket interface
2059
 *
P
Per Liden 已提交
2060 2061
 * Returns 0 on success, errno otherwise
 */
2062
int tipc_socket_init(void)
P
Per Liden 已提交
2063 2064 2065
{
	int res;

2066
	res = proto_register(&tipc_proto, 1);
P
Per Liden 已提交
2067
	if (res) {
2068
		pr_err("Failed to register TIPC protocol type\n");
P
Per Liden 已提交
2069 2070 2071 2072 2073
		goto out;
	}

	res = sock_register(&tipc_family_ops);
	if (res) {
2074
		pr_err("Failed to register TIPC socket type\n");
P
Per Liden 已提交
2075 2076 2077 2078 2079 2080 2081 2082
		proto_unregister(&tipc_proto);
		goto out;
	}
 out:
	return res;
}

/**
2083
 * tipc_socket_stop - stop TIPC socket interface
P
Per Liden 已提交
2084
 */
2085
void tipc_socket_stop(void)
P
Per Liden 已提交
2086 2087 2088 2089
{
	sock_unregister(tipc_family_ops.family);
	proto_unregister(&tipc_proto);
}