PageRenderTime 105ms CodeModel.GetById 3ms app.highlight 90ms RepoModel.GetById 1ms app.codeStats 1ms

/net/tipc/socket.c

https://bitbucket.org/digetx/picasso-kernel
C | 1900 lines | 1171 code | 219 blank | 510 comment | 282 complexity | 8789eb6f9de918a2dd8f70a8b3c8e0f9 MD5 | raw file
   1/*
   2 * net/tipc/socket.c: TIPC socket API
   3 *
   4 * Copyright (c) 2001-2007, 2012 Ericsson AB
   5 * Copyright (c) 2004-2008, 2010-2012, Wind River Systems
   6 * All rights reserved.
   7 *
   8 * Redistribution and use in source and binary forms, with or without
   9 * modification, are permitted provided that the following conditions are met:
  10 *
  11 * 1. Redistributions of source code must retain the above copyright
  12 *    notice, this list of conditions and the following disclaimer.
  13 * 2. Redistributions in binary form must reproduce the above copyright
  14 *    notice, this list of conditions and the following disclaimer in the
  15 *    documentation and/or other materials provided with the distribution.
  16 * 3. Neither the names of the copyright holders nor the names of its
  17 *    contributors may be used to endorse or promote products derived from
  18 *    this software without specific prior written permission.
  19 *
  20 * Alternatively, this software may be distributed under the terms of the
  21 * GNU General Public License ("GPL") version 2 as published by the Free
  22 * Software Foundation.
  23 *
  24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  25 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  27 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
  28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  32 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  33 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  34 * POSSIBILITY OF SUCH DAMAGE.
  35 */
  36
  37#include "core.h"
  38#include "port.h"
  39
  40#include <linux/export.h>
  41#include <net/sock.h>
  42
  43#define SS_LISTENING	-1	/* socket is listening */
  44#define SS_READY	-2	/* socket is connectionless */
  45
  46#define OVERLOAD_LIMIT_BASE	10000
  47#define CONN_TIMEOUT_DEFAULT	8000	/* default connect timeout = 8s */
  48
  49struct tipc_sock {
  50	struct sock sk;
  51	struct tipc_port *p;
  52	struct tipc_portid peer_name;
  53	unsigned int conn_timeout;
  54};
  55
  56#define tipc_sk(sk) ((struct tipc_sock *)(sk))
  57#define tipc_sk_port(sk) (tipc_sk(sk)->p)
  58
  59#define tipc_rx_ready(sock) (!skb_queue_empty(&sock->sk->sk_receive_queue) || \
  60			(sock->state == SS_DISCONNECTING))
  61
  62static int backlog_rcv(struct sock *sk, struct sk_buff *skb);
  63static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf);
  64static void wakeupdispatch(struct tipc_port *tport);
  65static void tipc_data_ready(struct sock *sk, int len);
  66static void tipc_write_space(struct sock *sk);
  67
  68static const struct proto_ops packet_ops;
  69static const struct proto_ops stream_ops;
  70static const struct proto_ops msg_ops;
  71
  72static struct proto tipc_proto;
  73
  74static int sockets_enabled;
  75
  76/*
  77 * Revised TIPC socket locking policy:
  78 *
  79 * Most socket operations take the standard socket lock when they start
  80 * and hold it until they finish (or until they need to sleep).  Acquiring
  81 * this lock grants the owner exclusive access to the fields of the socket
  82 * data structures, with the exception of the backlog queue.  A few socket
  83 * operations can be done without taking the socket lock because they only
  84 * read socket information that never changes during the life of the socket.
  85 *
  86 * Socket operations may acquire the lock for the associated TIPC port if they
  87 * need to perform an operation on the port.  If any routine needs to acquire
  88 * both the socket lock and the port lock it must take the socket lock first
  89 * to avoid the risk of deadlock.
  90 *
  91 * The dispatcher handling incoming messages cannot grab the socket lock in
  92 * the standard fashion, since invoked it runs at the BH level and cannot block.
  93 * Instead, it checks to see if the socket lock is currently owned by someone,
  94 * and either handles the message itself or adds it to the socket's backlog
  95 * queue; in the latter case the queued message is processed once the process
  96 * owning the socket lock releases it.
  97 *
  98 * NOTE: Releasing the socket lock while an operation is sleeping overcomes
  99 * the problem of a blocked socket operation preventing any other operations
 100 * from occurring.  However, applications must be careful if they have
 101 * multiple threads trying to send (or receive) on the same socket, as these
 102 * operations might interfere with each other.  For example, doing a connect
 103 * and a receive at the same time might allow the receive to consume the
 104 * ACK message meant for the connect.  While additional work could be done
 105 * to try and overcome this, it doesn't seem to be worthwhile at the present.
 106 *
 107 * NOTE: Releasing the socket lock while an operation is sleeping also ensures
 108 * that another operation that must be performed in a non-blocking manner is
 109 * not delayed for very long because the lock has already been taken.
 110 *
 111 * NOTE: This code assumes that certain fields of a port/socket pair are
 112 * constant over its lifetime; such fields can be examined without taking
 113 * the socket lock and/or port lock, and do not need to be re-read even
 114 * after resuming processing after waiting.  These fields include:
 115 *   - socket type
 116 *   - pointer to socket sk structure (aka tipc_sock structure)
 117 *   - pointer to port structure
 118 *   - port reference
 119 */
 120
 121/**
 122 * advance_rx_queue - discard first buffer in socket receive queue
 123 *
 124 * Caller must hold socket lock
 125 */
 126static void advance_rx_queue(struct sock *sk)
 127{
 128	kfree_skb(__skb_dequeue(&sk->sk_receive_queue));
 129}
 130
 131/**
 132 * discard_rx_queue - discard all buffers in socket receive queue
 133 *
 134 * Caller must hold socket lock
 135 */
 136static void discard_rx_queue(struct sock *sk)
 137{
 138	struct sk_buff *buf;
 139
 140	while ((buf = __skb_dequeue(&sk->sk_receive_queue)))
 141		kfree_skb(buf);
 142}
 143
 144/**
 145 * reject_rx_queue - reject all buffers in socket receive queue
 146 *
 147 * Caller must hold socket lock
 148 */
 149static void reject_rx_queue(struct sock *sk)
 150{
 151	struct sk_buff *buf;
 152
 153	while ((buf = __skb_dequeue(&sk->sk_receive_queue)))
 154		tipc_reject_msg(buf, TIPC_ERR_NO_PORT);
 155}
 156
 157/**
 158 * tipc_create - create a TIPC socket
 159 * @net: network namespace (must be default network)
 160 * @sock: pre-allocated socket structure
 161 * @protocol: protocol indicator (must be 0)
 162 * @kern: caused by kernel or by userspace?
 163 *
 164 * This routine creates additional data structures used by the TIPC socket,
 165 * initializes them, and links them together.
 166 *
 167 * Returns 0 on success, errno otherwise
 168 */
 169static int tipc_create(struct net *net, struct socket *sock, int protocol,
 170		       int kern)
 171{
 172	const struct proto_ops *ops;
 173	socket_state state;
 174	struct sock *sk;
 175	struct tipc_port *tp_ptr;
 176
 177	/* Validate arguments */
 178	if (unlikely(protocol != 0))
 179		return -EPROTONOSUPPORT;
 180
 181	switch (sock->type) {
 182	case SOCK_STREAM:
 183		ops = &stream_ops;
 184		state = SS_UNCONNECTED;
 185		break;
 186	case SOCK_SEQPACKET:
 187		ops = &packet_ops;
 188		state = SS_UNCONNECTED;
 189		break;
 190	case SOCK_DGRAM:
 191	case SOCK_RDM:
 192		ops = &msg_ops;
 193		state = SS_READY;
 194		break;
 195	default:
 196		return -EPROTOTYPE;
 197	}
 198
 199	/* Allocate socket's protocol area */
 200	sk = sk_alloc(net, AF_TIPC, GFP_KERNEL, &tipc_proto);
 201	if (sk == NULL)
 202		return -ENOMEM;
 203
 204	/* Allocate TIPC port for socket to use */
 205	tp_ptr = tipc_createport_raw(sk, &dispatch, &wakeupdispatch,
 206				     TIPC_LOW_IMPORTANCE);
 207	if (unlikely(!tp_ptr)) {
 208		sk_free(sk);
 209		return -ENOMEM;
 210	}
 211
 212	/* Finish initializing socket data structures */
 213	sock->ops = ops;
 214	sock->state = state;
 215
 216	sock_init_data(sock, sk);
 217	sk->sk_backlog_rcv = backlog_rcv;
 218	sk->sk_rcvbuf = TIPC_FLOW_CONTROL_WIN * 2 * TIPC_MAX_USER_MSG_SIZE * 2;
 219	sk->sk_data_ready = tipc_data_ready;
 220	sk->sk_write_space = tipc_write_space;
 221	tipc_sk(sk)->p = tp_ptr;
 222	tipc_sk(sk)->conn_timeout = CONN_TIMEOUT_DEFAULT;
 223
 224	spin_unlock_bh(tp_ptr->lock);
 225
 226	if (sock->state == SS_READY) {
 227		tipc_set_portunreturnable(tp_ptr->ref, 1);
 228		if (sock->type == SOCK_DGRAM)
 229			tipc_set_portunreliable(tp_ptr->ref, 1);
 230	}
 231
 232	return 0;
 233}
 234
 235/**
 236 * release - destroy a TIPC socket
 237 * @sock: socket to destroy
 238 *
 239 * This routine cleans up any messages that are still queued on the socket.
 240 * For DGRAM and RDM socket types, all queued messages are rejected.
 241 * For SEQPACKET and STREAM socket types, the first message is rejected
 242 * and any others are discarded.  (If the first message on a STREAM socket
 243 * is partially-read, it is discarded and the next one is rejected instead.)
 244 *
 245 * NOTE: Rejected messages are not necessarily returned to the sender!  They
 246 * are returned or discarded according to the "destination droppable" setting
 247 * specified for the message by the sender.
 248 *
 249 * Returns 0 on success, errno otherwise
 250 */
 251static int release(struct socket *sock)
 252{
 253	struct sock *sk = sock->sk;
 254	struct tipc_port *tport;
 255	struct sk_buff *buf;
 256	int res;
 257
 258	/*
 259	 * Exit if socket isn't fully initialized (occurs when a failed accept()
 260	 * releases a pre-allocated child socket that was never used)
 261	 */
 262	if (sk == NULL)
 263		return 0;
 264
 265	tport = tipc_sk_port(sk);
 266	lock_sock(sk);
 267
 268	/*
 269	 * Reject all unreceived messages, except on an active connection
 270	 * (which disconnects locally & sends a 'FIN+' to peer)
 271	 */
 272	while (sock->state != SS_DISCONNECTING) {
 273		buf = __skb_dequeue(&sk->sk_receive_queue);
 274		if (buf == NULL)
 275			break;
 276		if (TIPC_SKB_CB(buf)->handle != 0)
 277			kfree_skb(buf);
 278		else {
 279			if ((sock->state == SS_CONNECTING) ||
 280			    (sock->state == SS_CONNECTED)) {
 281				sock->state = SS_DISCONNECTING;
 282				tipc_disconnect(tport->ref);
 283			}
 284			tipc_reject_msg(buf, TIPC_ERR_NO_PORT);
 285		}
 286	}
 287
 288	/*
 289	 * Delete TIPC port; this ensures no more messages are queued
 290	 * (also disconnects an active connection & sends a 'FIN-' to peer)
 291	 */
 292	res = tipc_deleteport(tport->ref);
 293
 294	/* Discard any remaining (connection-based) messages in receive queue */
 295	discard_rx_queue(sk);
 296
 297	/* Reject any messages that accumulated in backlog queue */
 298	sock->state = SS_DISCONNECTING;
 299	release_sock(sk);
 300
 301	sock_put(sk);
 302	sock->sk = NULL;
 303
 304	return res;
 305}
 306
 307/**
 308 * bind - associate or disassocate TIPC name(s) with a socket
 309 * @sock: socket structure
 310 * @uaddr: socket address describing name(s) and desired operation
 311 * @uaddr_len: size of socket address data structure
 312 *
 313 * Name and name sequence binding is indicated using a positive scope value;
 314 * a negative scope value unbinds the specified name.  Specifying no name
 315 * (i.e. a socket address length of 0) unbinds all names from the socket.
 316 *
 317 * Returns 0 on success, errno otherwise
 318 *
 319 * NOTE: This routine doesn't need to take the socket lock since it doesn't
 320 *       access any non-constant socket information.
 321 */
 322static int bind(struct socket *sock, struct sockaddr *uaddr, int uaddr_len)
 323{
 324	struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
 325	u32 portref = tipc_sk_port(sock->sk)->ref;
 326
 327	if (unlikely(!uaddr_len))
 328		return tipc_withdraw(portref, 0, NULL);
 329
 330	if (uaddr_len < sizeof(struct sockaddr_tipc))
 331		return -EINVAL;
 332	if (addr->family != AF_TIPC)
 333		return -EAFNOSUPPORT;
 334
 335	if (addr->addrtype == TIPC_ADDR_NAME)
 336		addr->addr.nameseq.upper = addr->addr.nameseq.lower;
 337	else if (addr->addrtype != TIPC_ADDR_NAMESEQ)
 338		return -EAFNOSUPPORT;
 339
 340	if (addr->addr.nameseq.type < TIPC_RESERVED_TYPES)
 341		return -EACCES;
 342
 343	return (addr->scope > 0) ?
 344		tipc_publish(portref, addr->scope, &addr->addr.nameseq) :
 345		tipc_withdraw(portref, -addr->scope, &addr->addr.nameseq);
 346}
 347
 348/**
 349 * get_name - get port ID of socket or peer socket
 350 * @sock: socket structure
 351 * @uaddr: area for returned socket address
 352 * @uaddr_len: area for returned length of socket address
 353 * @peer: 0 = own ID, 1 = current peer ID, 2 = current/former peer ID
 354 *
 355 * Returns 0 on success, errno otherwise
 356 *
 357 * NOTE: This routine doesn't need to take the socket lock since it only
 358 *       accesses socket information that is unchanging (or which changes in
 359 *       a completely predictable manner).
 360 */
 361static int get_name(struct socket *sock, struct sockaddr *uaddr,
 362		    int *uaddr_len, int peer)
 363{
 364	struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
 365	struct tipc_sock *tsock = tipc_sk(sock->sk);
 366
 367	memset(addr, 0, sizeof(*addr));
 368	if (peer) {
 369		if ((sock->state != SS_CONNECTED) &&
 370			((peer != 2) || (sock->state != SS_DISCONNECTING)))
 371			return -ENOTCONN;
 372		addr->addr.id.ref = tsock->peer_name.ref;
 373		addr->addr.id.node = tsock->peer_name.node;
 374	} else {
 375		addr->addr.id.ref = tsock->p->ref;
 376		addr->addr.id.node = tipc_own_addr;
 377	}
 378
 379	*uaddr_len = sizeof(*addr);
 380	addr->addrtype = TIPC_ADDR_ID;
 381	addr->family = AF_TIPC;
 382	addr->scope = 0;
 383	addr->addr.name.domain = 0;
 384
 385	return 0;
 386}
 387
 388/**
 389 * poll - read and possibly block on pollmask
 390 * @file: file structure associated with the socket
 391 * @sock: socket for which to calculate the poll bits
 392 * @wait: ???
 393 *
 394 * Returns pollmask value
 395 *
 396 * COMMENTARY:
 397 * It appears that the usual socket locking mechanisms are not useful here
 398 * since the pollmask info is potentially out-of-date the moment this routine
 399 * exits.  TCP and other protocols seem to rely on higher level poll routines
 400 * to handle any preventable race conditions, so TIPC will do the same ...
 401 *
 402 * TIPC sets the returned events as follows:
 403 *
 404 * socket state		flags set
 405 * ------------		---------
 406 * unconnected		no read flags
 407 *			POLLOUT if port is not congested
 408 *
 409 * connecting		POLLIN/POLLRDNORM if ACK/NACK in rx queue
 410 *			no write flags
 411 *
 412 * connected		POLLIN/POLLRDNORM if data in rx queue
 413 *			POLLOUT if port is not congested
 414 *
 415 * disconnecting	POLLIN/POLLRDNORM/POLLHUP
 416 *			no write flags
 417 *
 418 * listening		POLLIN if SYN in rx queue
 419 *			no write flags
 420 *
 421 * ready		POLLIN/POLLRDNORM if data in rx queue
 422 * [connectionless]	POLLOUT (since port cannot be congested)
 423 *
 424 * IMPORTANT: The fact that a read or write operation is indicated does NOT
 425 * imply that the operation will succeed, merely that it should be performed
 426 * and will not block.
 427 */
 428static unsigned int poll(struct file *file, struct socket *sock,
 429			 poll_table *wait)
 430{
 431	struct sock *sk = sock->sk;
 432	u32 mask = 0;
 433
 434	sock_poll_wait(file, sk_sleep(sk), wait);
 435
 436	switch ((int)sock->state) {
 437	case SS_UNCONNECTED:
 438		if (!tipc_sk_port(sk)->congested)
 439			mask |= POLLOUT;
 440		break;
 441	case SS_READY:
 442	case SS_CONNECTED:
 443		if (!tipc_sk_port(sk)->congested)
 444			mask |= POLLOUT;
 445		/* fall thru' */
 446	case SS_CONNECTING:
 447	case SS_LISTENING:
 448		if (!skb_queue_empty(&sk->sk_receive_queue))
 449			mask |= (POLLIN | POLLRDNORM);
 450		break;
 451	case SS_DISCONNECTING:
 452		mask = (POLLIN | POLLRDNORM | POLLHUP);
 453		break;
 454	}
 455
 456	return mask;
 457}
 458
 459/**
 460 * dest_name_check - verify user is permitted to send to specified port name
 461 * @dest: destination address
 462 * @m: descriptor for message to be sent
 463 *
 464 * Prevents restricted configuration commands from being issued by
 465 * unauthorized users.
 466 *
 467 * Returns 0 if permission is granted, otherwise errno
 468 */
 469static int dest_name_check(struct sockaddr_tipc *dest, struct msghdr *m)
 470{
 471	struct tipc_cfg_msg_hdr hdr;
 472
 473	if (likely(dest->addr.name.name.type >= TIPC_RESERVED_TYPES))
 474		return 0;
 475	if (likely(dest->addr.name.name.type == TIPC_TOP_SRV))
 476		return 0;
 477	if (likely(dest->addr.name.name.type != TIPC_CFG_SRV))
 478		return -EACCES;
 479
 480	if (!m->msg_iovlen || (m->msg_iov[0].iov_len < sizeof(hdr)))
 481		return -EMSGSIZE;
 482	if (copy_from_user(&hdr, m->msg_iov[0].iov_base, sizeof(hdr)))
 483		return -EFAULT;
 484	if ((ntohs(hdr.tcm_type) & 0xC000) && (!capable(CAP_NET_ADMIN)))
 485		return -EACCES;
 486
 487	return 0;
 488}
 489
 490/**
 491 * send_msg - send message in connectionless manner
 492 * @iocb: if NULL, indicates that socket lock is already held
 493 * @sock: socket structure
 494 * @m: message to send
 495 * @total_len: length of message
 496 *
 497 * Message must have an destination specified explicitly.
 498 * Used for SOCK_RDM and SOCK_DGRAM messages,
 499 * and for 'SYN' messages on SOCK_SEQPACKET and SOCK_STREAM connections.
 500 * (Note: 'SYN+' is prohibited on SOCK_STREAM.)
 501 *
 502 * Returns the number of bytes sent on success, or errno otherwise
 503 */
 504static int send_msg(struct kiocb *iocb, struct socket *sock,
 505		    struct msghdr *m, size_t total_len)
 506{
 507	struct sock *sk = sock->sk;
 508	struct tipc_port *tport = tipc_sk_port(sk);
 509	struct sockaddr_tipc *dest = (struct sockaddr_tipc *)m->msg_name;
 510	int needs_conn;
 511	long timeout_val;
 512	int res = -EINVAL;
 513
 514	if (unlikely(!dest))
 515		return -EDESTADDRREQ;
 516	if (unlikely((m->msg_namelen < sizeof(*dest)) ||
 517		     (dest->family != AF_TIPC)))
 518		return -EINVAL;
 519	if ((total_len > TIPC_MAX_USER_MSG_SIZE) ||
 520	    (m->msg_iovlen > (unsigned int)INT_MAX))
 521		return -EMSGSIZE;
 522
 523	if (iocb)
 524		lock_sock(sk);
 525
 526	needs_conn = (sock->state != SS_READY);
 527	if (unlikely(needs_conn)) {
 528		if (sock->state == SS_LISTENING) {
 529			res = -EPIPE;
 530			goto exit;
 531		}
 532		if (sock->state != SS_UNCONNECTED) {
 533			res = -EISCONN;
 534			goto exit;
 535		}
 536		if ((tport->published) ||
 537		    ((sock->type == SOCK_STREAM) && (total_len != 0))) {
 538			res = -EOPNOTSUPP;
 539			goto exit;
 540		}
 541		if (dest->addrtype == TIPC_ADDR_NAME) {
 542			tport->conn_type = dest->addr.name.name.type;
 543			tport->conn_instance = dest->addr.name.name.instance;
 544		}
 545
 546		/* Abort any pending connection attempts (very unlikely) */
 547		reject_rx_queue(sk);
 548	}
 549
 550	timeout_val = sock_sndtimeo(sk, m->msg_flags & MSG_DONTWAIT);
 551
 552	do {
 553		if (dest->addrtype == TIPC_ADDR_NAME) {
 554			res = dest_name_check(dest, m);
 555			if (res)
 556				break;
 557			res = tipc_send2name(tport->ref,
 558					     &dest->addr.name.name,
 559					     dest->addr.name.domain,
 560					     m->msg_iovlen,
 561					     m->msg_iov,
 562					     total_len);
 563		} else if (dest->addrtype == TIPC_ADDR_ID) {
 564			res = tipc_send2port(tport->ref,
 565					     &dest->addr.id,
 566					     m->msg_iovlen,
 567					     m->msg_iov,
 568					     total_len);
 569		} else if (dest->addrtype == TIPC_ADDR_MCAST) {
 570			if (needs_conn) {
 571				res = -EOPNOTSUPP;
 572				break;
 573			}
 574			res = dest_name_check(dest, m);
 575			if (res)
 576				break;
 577			res = tipc_multicast(tport->ref,
 578					     &dest->addr.nameseq,
 579					     m->msg_iovlen,
 580					     m->msg_iov,
 581					     total_len);
 582		}
 583		if (likely(res != -ELINKCONG)) {
 584			if (needs_conn && (res >= 0))
 585				sock->state = SS_CONNECTING;
 586			break;
 587		}
 588		if (timeout_val <= 0L) {
 589			res = timeout_val ? timeout_val : -EWOULDBLOCK;
 590			break;
 591		}
 592		release_sock(sk);
 593		timeout_val = wait_event_interruptible_timeout(*sk_sleep(sk),
 594					       !tport->congested, timeout_val);
 595		lock_sock(sk);
 596	} while (1);
 597
 598exit:
 599	if (iocb)
 600		release_sock(sk);
 601	return res;
 602}
 603
 604/**
 605 * send_packet - send a connection-oriented message
 606 * @iocb: if NULL, indicates that socket lock is already held
 607 * @sock: socket structure
 608 * @m: message to send
 609 * @total_len: length of message
 610 *
 611 * Used for SOCK_SEQPACKET messages and SOCK_STREAM data.
 612 *
 613 * Returns the number of bytes sent on success, or errno otherwise
 614 */
 615static int send_packet(struct kiocb *iocb, struct socket *sock,
 616		       struct msghdr *m, size_t total_len)
 617{
 618	struct sock *sk = sock->sk;
 619	struct tipc_port *tport = tipc_sk_port(sk);
 620	struct sockaddr_tipc *dest = (struct sockaddr_tipc *)m->msg_name;
 621	long timeout_val;
 622	int res;
 623
 624	/* Handle implied connection establishment */
 625	if (unlikely(dest))
 626		return send_msg(iocb, sock, m, total_len);
 627
 628	if ((total_len > TIPC_MAX_USER_MSG_SIZE) ||
 629	    (m->msg_iovlen > (unsigned int)INT_MAX))
 630		return -EMSGSIZE;
 631
 632	if (iocb)
 633		lock_sock(sk);
 634
 635	timeout_val = sock_sndtimeo(sk, m->msg_flags & MSG_DONTWAIT);
 636
 637	do {
 638		if (unlikely(sock->state != SS_CONNECTED)) {
 639			if (sock->state == SS_DISCONNECTING)
 640				res = -EPIPE;
 641			else
 642				res = -ENOTCONN;
 643			break;
 644		}
 645
 646		res = tipc_send(tport->ref, m->msg_iovlen, m->msg_iov,
 647				total_len);
 648		if (likely(res != -ELINKCONG))
 649			break;
 650		if (timeout_val <= 0L) {
 651			res = timeout_val ? timeout_val : -EWOULDBLOCK;
 652			break;
 653		}
 654		release_sock(sk);
 655		timeout_val = wait_event_interruptible_timeout(*sk_sleep(sk),
 656			(!tport->congested || !tport->connected), timeout_val);
 657		lock_sock(sk);
 658	} while (1);
 659
 660	if (iocb)
 661		release_sock(sk);
 662	return res;
 663}
 664
 665/**
 666 * send_stream - send stream-oriented data
 667 * @iocb: (unused)
 668 * @sock: socket structure
 669 * @m: data to send
 670 * @total_len: total length of data to be sent
 671 *
 672 * Used for SOCK_STREAM data.
 673 *
 674 * Returns the number of bytes sent on success (or partial success),
 675 * or errno if no data sent
 676 */
 677static int send_stream(struct kiocb *iocb, struct socket *sock,
 678		       struct msghdr *m, size_t total_len)
 679{
 680	struct sock *sk = sock->sk;
 681	struct tipc_port *tport = tipc_sk_port(sk);
 682	struct msghdr my_msg;
 683	struct iovec my_iov;
 684	struct iovec *curr_iov;
 685	int curr_iovlen;
 686	char __user *curr_start;
 687	u32 hdr_size;
 688	int curr_left;
 689	int bytes_to_send;
 690	int bytes_sent;
 691	int res;
 692
 693	lock_sock(sk);
 694
 695	/* Handle special cases where there is no connection */
 696	if (unlikely(sock->state != SS_CONNECTED)) {
 697		if (sock->state == SS_UNCONNECTED) {
 698			res = send_packet(NULL, sock, m, total_len);
 699			goto exit;
 700		} else if (sock->state == SS_DISCONNECTING) {
 701			res = -EPIPE;
 702			goto exit;
 703		} else {
 704			res = -ENOTCONN;
 705			goto exit;
 706		}
 707	}
 708
 709	if (unlikely(m->msg_name)) {
 710		res = -EISCONN;
 711		goto exit;
 712	}
 713
 714	if ((total_len > (unsigned int)INT_MAX) ||
 715	    (m->msg_iovlen > (unsigned int)INT_MAX)) {
 716		res = -EMSGSIZE;
 717		goto exit;
 718	}
 719
 720	/*
 721	 * Send each iovec entry using one or more messages
 722	 *
 723	 * Note: This algorithm is good for the most likely case
 724	 * (i.e. one large iovec entry), but could be improved to pass sets
 725	 * of small iovec entries into send_packet().
 726	 */
 727	curr_iov = m->msg_iov;
 728	curr_iovlen = m->msg_iovlen;
 729	my_msg.msg_iov = &my_iov;
 730	my_msg.msg_iovlen = 1;
 731	my_msg.msg_flags = m->msg_flags;
 732	my_msg.msg_name = NULL;
 733	bytes_sent = 0;
 734
 735	hdr_size = msg_hdr_sz(&tport->phdr);
 736
 737	while (curr_iovlen--) {
 738		curr_start = curr_iov->iov_base;
 739		curr_left = curr_iov->iov_len;
 740
 741		while (curr_left) {
 742			bytes_to_send = tport->max_pkt - hdr_size;
 743			if (bytes_to_send > TIPC_MAX_USER_MSG_SIZE)
 744				bytes_to_send = TIPC_MAX_USER_MSG_SIZE;
 745			if (curr_left < bytes_to_send)
 746				bytes_to_send = curr_left;
 747			my_iov.iov_base = curr_start;
 748			my_iov.iov_len = bytes_to_send;
 749			res = send_packet(NULL, sock, &my_msg, bytes_to_send);
 750			if (res < 0) {
 751				if (bytes_sent)
 752					res = bytes_sent;
 753				goto exit;
 754			}
 755			curr_left -= bytes_to_send;
 756			curr_start += bytes_to_send;
 757			bytes_sent += bytes_to_send;
 758		}
 759
 760		curr_iov++;
 761	}
 762	res = bytes_sent;
 763exit:
 764	release_sock(sk);
 765	return res;
 766}
 767
 768/**
 769 * auto_connect - complete connection setup to a remote port
 770 * @sock: socket structure
 771 * @msg: peer's response message
 772 *
 773 * Returns 0 on success, errno otherwise
 774 */
 775static int auto_connect(struct socket *sock, struct tipc_msg *msg)
 776{
 777	struct tipc_sock *tsock = tipc_sk(sock->sk);
 778	struct tipc_port *p_ptr;
 779
 780	tsock->peer_name.ref = msg_origport(msg);
 781	tsock->peer_name.node = msg_orignode(msg);
 782	p_ptr = tipc_port_deref(tsock->p->ref);
 783	if (!p_ptr)
 784		return -EINVAL;
 785
 786	__tipc_connect(tsock->p->ref, p_ptr, &tsock->peer_name);
 787
 788	if (msg_importance(msg) > TIPC_CRITICAL_IMPORTANCE)
 789		return -EINVAL;
 790	msg_set_importance(&p_ptr->phdr, (u32)msg_importance(msg));
 791	sock->state = SS_CONNECTED;
 792	return 0;
 793}
 794
 795/**
 796 * set_orig_addr - capture sender's address for received message
 797 * @m: descriptor for message info
 798 * @msg: received message header
 799 *
 800 * Note: Address is not captured if not requested by receiver.
 801 */
 802static void set_orig_addr(struct msghdr *m, struct tipc_msg *msg)
 803{
 804	struct sockaddr_tipc *addr = (struct sockaddr_tipc *)m->msg_name;
 805
 806	if (addr) {
 807		addr->family = AF_TIPC;
 808		addr->addrtype = TIPC_ADDR_ID;
 809		memset(&addr->addr, 0, sizeof(addr->addr));
 810		addr->addr.id.ref = msg_origport(msg);
 811		addr->addr.id.node = msg_orignode(msg);
 812		addr->addr.name.domain = 0;	/* could leave uninitialized */
 813		addr->scope = 0;		/* could leave uninitialized */
 814		m->msg_namelen = sizeof(struct sockaddr_tipc);
 815	}
 816}
 817
 818/**
 819 * anc_data_recv - optionally capture ancillary data for received message
 820 * @m: descriptor for message info
 821 * @msg: received message header
 822 * @tport: TIPC port associated with message
 823 *
 824 * Note: Ancillary data is not captured if not requested by receiver.
 825 *
 826 * Returns 0 if successful, otherwise errno
 827 */
 828static int anc_data_recv(struct msghdr *m, struct tipc_msg *msg,
 829				struct tipc_port *tport)
 830{
 831	u32 anc_data[3];
 832	u32 err;
 833	u32 dest_type;
 834	int has_name;
 835	int res;
 836
 837	if (likely(m->msg_controllen == 0))
 838		return 0;
 839
 840	/* Optionally capture errored message object(s) */
 841	err = msg ? msg_errcode(msg) : 0;
 842	if (unlikely(err)) {
 843		anc_data[0] = err;
 844		anc_data[1] = msg_data_sz(msg);
 845		res = put_cmsg(m, SOL_TIPC, TIPC_ERRINFO, 8, anc_data);
 846		if (res)
 847			return res;
 848		if (anc_data[1]) {
 849			res = put_cmsg(m, SOL_TIPC, TIPC_RETDATA, anc_data[1],
 850				       msg_data(msg));
 851			if (res)
 852				return res;
 853		}
 854	}
 855
 856	/* Optionally capture message destination object */
 857	dest_type = msg ? msg_type(msg) : TIPC_DIRECT_MSG;
 858	switch (dest_type) {
 859	case TIPC_NAMED_MSG:
 860		has_name = 1;
 861		anc_data[0] = msg_nametype(msg);
 862		anc_data[1] = msg_namelower(msg);
 863		anc_data[2] = msg_namelower(msg);
 864		break;
 865	case TIPC_MCAST_MSG:
 866		has_name = 1;
 867		anc_data[0] = msg_nametype(msg);
 868		anc_data[1] = msg_namelower(msg);
 869		anc_data[2] = msg_nameupper(msg);
 870		break;
 871	case TIPC_CONN_MSG:
 872		has_name = (tport->conn_type != 0);
 873		anc_data[0] = tport->conn_type;
 874		anc_data[1] = tport->conn_instance;
 875		anc_data[2] = tport->conn_instance;
 876		break;
 877	default:
 878		has_name = 0;
 879	}
 880	if (has_name) {
 881		res = put_cmsg(m, SOL_TIPC, TIPC_DESTNAME, 12, anc_data);
 882		if (res)
 883			return res;
 884	}
 885
 886	return 0;
 887}
 888
 889/**
 890 * recv_msg - receive packet-oriented message
 891 * @iocb: (unused)
 892 * @m: descriptor for message info
 893 * @buf_len: total size of user buffer area
 894 * @flags: receive flags
 895 *
 896 * Used for SOCK_DGRAM, SOCK_RDM, and SOCK_SEQPACKET messages.
 897 * If the complete message doesn't fit in user area, truncate it.
 898 *
 899 * Returns size of returned message data, errno otherwise
 900 */
 901static int recv_msg(struct kiocb *iocb, struct socket *sock,
 902		    struct msghdr *m, size_t buf_len, int flags)
 903{
 904	struct sock *sk = sock->sk;
 905	struct tipc_port *tport = tipc_sk_port(sk);
 906	struct sk_buff *buf;
 907	struct tipc_msg *msg;
 908	long timeout;
 909	unsigned int sz;
 910	u32 err;
 911	int res;
 912
 913	/* Catch invalid receive requests */
 914	if (unlikely(!buf_len))
 915		return -EINVAL;
 916
 917	lock_sock(sk);
 918
 919	if (unlikely(sock->state == SS_UNCONNECTED)) {
 920		res = -ENOTCONN;
 921		goto exit;
 922	}
 923
 924	timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
 925restart:
 926
 927	/* Look for a message in receive queue; wait if necessary */
 928	while (skb_queue_empty(&sk->sk_receive_queue)) {
 929		if (sock->state == SS_DISCONNECTING) {
 930			res = -ENOTCONN;
 931			goto exit;
 932		}
 933		if (timeout <= 0L) {
 934			res = timeout ? timeout : -EWOULDBLOCK;
 935			goto exit;
 936		}
 937		release_sock(sk);
 938		timeout = wait_event_interruptible_timeout(*sk_sleep(sk),
 939							   tipc_rx_ready(sock),
 940							   timeout);
 941		lock_sock(sk);
 942	}
 943
 944	/* Look at first message in receive queue */
 945	buf = skb_peek(&sk->sk_receive_queue);
 946	msg = buf_msg(buf);
 947	sz = msg_data_sz(msg);
 948	err = msg_errcode(msg);
 949
 950	/* Discard an empty non-errored message & try again */
 951	if ((!sz) && (!err)) {
 952		advance_rx_queue(sk);
 953		goto restart;
 954	}
 955
 956	/* Capture sender's address (optional) */
 957	set_orig_addr(m, msg);
 958
 959	/* Capture ancillary data (optional) */
 960	res = anc_data_recv(m, msg, tport);
 961	if (res)
 962		goto exit;
 963
 964	/* Capture message data (if valid) & compute return value (always) */
 965	if (!err) {
 966		if (unlikely(buf_len < sz)) {
 967			sz = buf_len;
 968			m->msg_flags |= MSG_TRUNC;
 969		}
 970		res = skb_copy_datagram_iovec(buf, msg_hdr_sz(msg),
 971					      m->msg_iov, sz);
 972		if (res)
 973			goto exit;
 974		res = sz;
 975	} else {
 976		if ((sock->state == SS_READY) ||
 977		    ((err == TIPC_CONN_SHUTDOWN) || m->msg_control))
 978			res = 0;
 979		else
 980			res = -ECONNRESET;
 981	}
 982
 983	/* Consume received message (optional) */
 984	if (likely(!(flags & MSG_PEEK))) {
 985		if ((sock->state != SS_READY) &&
 986		    (++tport->conn_unacked >= TIPC_FLOW_CONTROL_WIN))
 987			tipc_acknowledge(tport->ref, tport->conn_unacked);
 988		advance_rx_queue(sk);
 989	}
 990exit:
 991	release_sock(sk);
 992	return res;
 993}
 994
 995/**
 996 * recv_stream - receive stream-oriented data
 997 * @iocb: (unused)
 998 * @m: descriptor for message info
 999 * @buf_len: total size of user buffer area
1000 * @flags: receive flags
1001 *
1002 * Used for SOCK_STREAM messages only.  If not enough data is available
1003 * will optionally wait for more; never truncates data.
1004 *
1005 * Returns size of returned message data, errno otherwise
1006 */
1007static int recv_stream(struct kiocb *iocb, struct socket *sock,
1008		       struct msghdr *m, size_t buf_len, int flags)
1009{
1010	struct sock *sk = sock->sk;
1011	struct tipc_port *tport = tipc_sk_port(sk);
1012	struct sk_buff *buf;
1013	struct tipc_msg *msg;
1014	long timeout;
1015	unsigned int sz;
1016	int sz_to_copy, target, needed;
1017	int sz_copied = 0;
1018	u32 err;
1019	int res = 0;
1020
1021	/* Catch invalid receive attempts */
1022	if (unlikely(!buf_len))
1023		return -EINVAL;
1024
1025	lock_sock(sk);
1026
1027	if (unlikely((sock->state == SS_UNCONNECTED) ||
1028		     (sock->state == SS_CONNECTING))) {
1029		res = -ENOTCONN;
1030		goto exit;
1031	}
1032
1033	target = sock_rcvlowat(sk, flags & MSG_WAITALL, buf_len);
1034	timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
1035
1036restart:
1037	/* Look for a message in receive queue; wait if necessary */
1038	while (skb_queue_empty(&sk->sk_receive_queue)) {
1039		if (sock->state == SS_DISCONNECTING) {
1040			res = -ENOTCONN;
1041			goto exit;
1042		}
1043		if (timeout <= 0L) {
1044			res = timeout ? timeout : -EWOULDBLOCK;
1045			goto exit;
1046		}
1047		release_sock(sk);
1048		timeout = wait_event_interruptible_timeout(*sk_sleep(sk),
1049							   tipc_rx_ready(sock),
1050							   timeout);
1051		lock_sock(sk);
1052	}
1053
1054	/* Look at first message in receive queue */
1055	buf = skb_peek(&sk->sk_receive_queue);
1056	msg = buf_msg(buf);
1057	sz = msg_data_sz(msg);
1058	err = msg_errcode(msg);
1059
1060	/* Discard an empty non-errored message & try again */
1061	if ((!sz) && (!err)) {
1062		advance_rx_queue(sk);
1063		goto restart;
1064	}
1065
1066	/* Optionally capture sender's address & ancillary data of first msg */
1067	if (sz_copied == 0) {
1068		set_orig_addr(m, msg);
1069		res = anc_data_recv(m, msg, tport);
1070		if (res)
1071			goto exit;
1072	}
1073
1074	/* Capture message data (if valid) & compute return value (always) */
1075	if (!err) {
1076		u32 offset = (u32)(unsigned long)(TIPC_SKB_CB(buf)->handle);
1077
1078		sz -= offset;
1079		needed = (buf_len - sz_copied);
1080		sz_to_copy = (sz <= needed) ? sz : needed;
1081
1082		res = skb_copy_datagram_iovec(buf, msg_hdr_sz(msg) + offset,
1083					      m->msg_iov, sz_to_copy);
1084		if (res)
1085			goto exit;
1086
1087		sz_copied += sz_to_copy;
1088
1089		if (sz_to_copy < sz) {
1090			if (!(flags & MSG_PEEK))
1091				TIPC_SKB_CB(buf)->handle =
1092				(void *)(unsigned long)(offset + sz_to_copy);
1093			goto exit;
1094		}
1095	} else {
1096		if (sz_copied != 0)
1097			goto exit; /* can't add error msg to valid data */
1098
1099		if ((err == TIPC_CONN_SHUTDOWN) || m->msg_control)
1100			res = 0;
1101		else
1102			res = -ECONNRESET;
1103	}
1104
1105	/* Consume received message (optional) */
1106	if (likely(!(flags & MSG_PEEK))) {
1107		if (unlikely(++tport->conn_unacked >= TIPC_FLOW_CONTROL_WIN))
1108			tipc_acknowledge(tport->ref, tport->conn_unacked);
1109		advance_rx_queue(sk);
1110	}
1111
1112	/* Loop around if more data is required */
1113	if ((sz_copied < buf_len) &&	/* didn't get all requested data */
1114	    (!skb_queue_empty(&sk->sk_receive_queue) ||
1115	    (sz_copied < target)) &&	/* and more is ready or required */
1116	    (!(flags & MSG_PEEK)) &&	/* and aren't just peeking at data */
1117	    (!err))			/* and haven't reached a FIN */
1118		goto restart;
1119
1120exit:
1121	release_sock(sk);
1122	return sz_copied ? sz_copied : res;
1123}
1124
1125/**
1126 * tipc_write_space - wake up thread if port congestion is released
1127 * @sk: socket
1128 */
1129static void tipc_write_space(struct sock *sk)
1130{
1131	struct socket_wq *wq;
1132
1133	rcu_read_lock();
1134	wq = rcu_dereference(sk->sk_wq);
1135	if (wq_has_sleeper(wq))
1136		wake_up_interruptible_sync_poll(&wq->wait, POLLOUT |
1137						POLLWRNORM | POLLWRBAND);
1138	rcu_read_unlock();
1139}
1140
1141/**
1142 * tipc_data_ready - wake up threads to indicate messages have been received
1143 * @sk: socket
1144 * @len: the length of messages
1145 */
1146static void tipc_data_ready(struct sock *sk, int len)
1147{
1148	struct socket_wq *wq;
1149
1150	rcu_read_lock();
1151	wq = rcu_dereference(sk->sk_wq);
1152	if (wq_has_sleeper(wq))
1153		wake_up_interruptible_sync_poll(&wq->wait, POLLIN |
1154						POLLRDNORM | POLLRDBAND);
1155	rcu_read_unlock();
1156}
1157
1158/**
1159 * rx_queue_full - determine if receive queue can accept another message
1160 * @msg: message to be added to queue
1161 * @queue_size: current size of queue
1162 * @base: nominal maximum size of queue
1163 *
1164 * Returns 1 if queue is unable to accept message, 0 otherwise
1165 */
1166static int rx_queue_full(struct tipc_msg *msg, u32 queue_size, u32 base)
1167{
1168	u32 threshold;
1169	u32 imp = msg_importance(msg);
1170
1171	if (imp == TIPC_LOW_IMPORTANCE)
1172		threshold = base;
1173	else if (imp == TIPC_MEDIUM_IMPORTANCE)
1174		threshold = base * 2;
1175	else if (imp == TIPC_HIGH_IMPORTANCE)
1176		threshold = base * 100;
1177	else
1178		return 0;
1179
1180	if (msg_connected(msg))
1181		threshold *= 4;
1182
1183	return queue_size >= threshold;
1184}
1185
1186/**
1187 * filter_connect - Handle all incoming messages for a connection-based socket
1188 * @tsock: TIPC socket
1189 * @msg: message
1190 *
1191 * Returns TIPC error status code and socket error status code
1192 * once it encounters some errors
1193 */
1194static u32 filter_connect(struct tipc_sock *tsock, struct sk_buff **buf)
1195{
1196	struct socket *sock = tsock->sk.sk_socket;
1197	struct tipc_msg *msg = buf_msg(*buf);
1198	struct sock *sk = &tsock->sk;
1199	u32 retval = TIPC_ERR_NO_PORT;
1200	int res;
1201
1202	if (msg_mcast(msg))
1203		return retval;
1204
1205	switch ((int)sock->state) {
1206	case SS_CONNECTED:
1207		/* Accept only connection-based messages sent by peer */
1208		if (msg_connected(msg) && tipc_port_peer_msg(tsock->p, msg)) {
1209			if (unlikely(msg_errcode(msg))) {
1210				sock->state = SS_DISCONNECTING;
1211				__tipc_disconnect(tsock->p);
1212			}
1213			retval = TIPC_OK;
1214		}
1215		break;
1216	case SS_CONNECTING:
1217		/* Accept only ACK or NACK message */
1218		if (unlikely(msg_errcode(msg))) {
1219			sock->state = SS_DISCONNECTING;
1220			sk->sk_err = ECONNREFUSED;
1221			retval = TIPC_OK;
1222			break;
1223		}
1224
1225		if (unlikely(!msg_connected(msg)))
1226			break;
1227
1228		res = auto_connect(sock, msg);
1229		if (res) {
1230			sock->state = SS_DISCONNECTING;
1231			sk->sk_err = -res;
1232			retval = TIPC_OK;
1233			break;
1234		}
1235
1236		/* If an incoming message is an 'ACK-', it should be
1237		 * discarded here because it doesn't contain useful
1238		 * data. In addition, we should try to wake up
1239		 * connect() routine if sleeping.
1240		 */
1241		if (msg_data_sz(msg) == 0) {
1242			kfree_skb(*buf);
1243			*buf = NULL;
1244			if (waitqueue_active(sk_sleep(sk)))
1245				wake_up_interruptible(sk_sleep(sk));
1246		}
1247		retval = TIPC_OK;
1248		break;
1249	case SS_LISTENING:
1250	case SS_UNCONNECTED:
1251		/* Accept only SYN message */
1252		if (!msg_connected(msg) && !(msg_errcode(msg)))
1253			retval = TIPC_OK;
1254		break;
1255	case SS_DISCONNECTING:
1256		break;
1257	default:
1258		pr_err("Unknown socket state %u\n", sock->state);
1259	}
1260	return retval;
1261}
1262
1263/**
1264 * filter_rcv - validate incoming message
1265 * @sk: socket
1266 * @buf: message
1267 *
1268 * Enqueues message on receive queue if acceptable; optionally handles
1269 * disconnect indication for a connected socket.
1270 *
1271 * Called with socket lock already taken; port lock may also be taken.
1272 *
1273 * Returns TIPC error status code (TIPC_OK if message is not to be rejected)
1274 */
1275static u32 filter_rcv(struct sock *sk, struct sk_buff *buf)
1276{
1277	struct socket *sock = sk->sk_socket;
1278	struct tipc_msg *msg = buf_msg(buf);
1279	u32 recv_q_len;
1280	u32 res = TIPC_OK;
1281
1282	/* Reject message if it is wrong sort of message for socket */
1283	if (msg_type(msg) > TIPC_DIRECT_MSG)
1284		return TIPC_ERR_NO_PORT;
1285
1286	if (sock->state == SS_READY) {
1287		if (msg_connected(msg))
1288			return TIPC_ERR_NO_PORT;
1289	} else {
1290		res = filter_connect(tipc_sk(sk), &buf);
1291		if (res != TIPC_OK || buf == NULL)
1292			return res;
1293	}
1294
1295	/* Reject message if there isn't room to queue it */
1296	recv_q_len = skb_queue_len(&sk->sk_receive_queue);
1297	if (unlikely(recv_q_len >= (OVERLOAD_LIMIT_BASE / 2))) {
1298		if (rx_queue_full(msg, recv_q_len, OVERLOAD_LIMIT_BASE / 2))
1299			return TIPC_ERR_OVERLOAD;
1300	}
1301
1302	/* Enqueue message (finally!) */
1303	TIPC_SKB_CB(buf)->handle = 0;
1304	__skb_queue_tail(&sk->sk_receive_queue, buf);
1305
1306	sk->sk_data_ready(sk, 0);
1307	return TIPC_OK;
1308}
1309
1310/**
1311 * backlog_rcv - handle incoming message from backlog queue
1312 * @sk: socket
1313 * @buf: message
1314 *
1315 * Caller must hold socket lock, but not port lock.
1316 *
1317 * Returns 0
1318 */
1319static int backlog_rcv(struct sock *sk, struct sk_buff *buf)
1320{
1321	u32 res;
1322
1323	res = filter_rcv(sk, buf);
1324	if (res)
1325		tipc_reject_msg(buf, res);
1326	return 0;
1327}
1328
1329/**
1330 * dispatch - handle incoming message
1331 * @tport: TIPC port that received message
1332 * @buf: message
1333 *
1334 * Called with port lock already taken.
1335 *
1336 * Returns TIPC error status code (TIPC_OK if message is not to be rejected)
1337 */
1338static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf)
1339{
1340	struct sock *sk = (struct sock *)tport->usr_handle;
1341	u32 res;
1342
1343	/*
1344	 * Process message if socket is unlocked; otherwise add to backlog queue
1345	 *
1346	 * This code is based on sk_receive_skb(), but must be distinct from it
1347	 * since a TIPC-specific filter/reject mechanism is utilized
1348	 */
1349	bh_lock_sock(sk);
1350	if (!sock_owned_by_user(sk)) {
1351		res = filter_rcv(sk, buf);
1352	} else {
1353		if (sk_add_backlog(sk, buf, sk->sk_rcvbuf))
1354			res = TIPC_ERR_OVERLOAD;
1355		else
1356			res = TIPC_OK;
1357	}
1358	bh_unlock_sock(sk);
1359
1360	return res;
1361}
1362
1363/**
1364 * wakeupdispatch - wake up port after congestion
1365 * @tport: port to wakeup
1366 *
1367 * Called with port lock already taken.
1368 */
1369static void wakeupdispatch(struct tipc_port *tport)
1370{
1371	struct sock *sk = (struct sock *)tport->usr_handle;
1372
1373	sk->sk_write_space(sk);
1374}
1375
1376/**
1377 * connect - establish a connection to another TIPC port
1378 * @sock: socket structure
1379 * @dest: socket address for destination port
1380 * @destlen: size of socket address data structure
1381 * @flags: file-related flags associated with socket
1382 *
1383 * Returns 0 on success, errno otherwise
1384 */
1385static int connect(struct socket *sock, struct sockaddr *dest, int destlen,
1386		   int flags)
1387{
1388	struct sock *sk = sock->sk;
1389	struct sockaddr_tipc *dst = (struct sockaddr_tipc *)dest;
1390	struct msghdr m = {NULL,};
1391	unsigned int timeout;
1392	int res;
1393
1394	lock_sock(sk);
1395
1396	/* For now, TIPC does not allow use of connect() with DGRAM/RDM types */
1397	if (sock->state == SS_READY) {
1398		res = -EOPNOTSUPP;
1399		goto exit;
1400	}
1401
1402	/*
1403	 * Reject connection attempt using multicast address
1404	 *
1405	 * Note: send_msg() validates the rest of the address fields,
1406	 *       so there's no need to do it here
1407	 */
1408	if (dst->addrtype == TIPC_ADDR_MCAST) {
1409		res = -EINVAL;
1410		goto exit;
1411	}
1412
1413	timeout = (flags & O_NONBLOCK) ? 0 : tipc_sk(sk)->conn_timeout;
1414
1415	switch (sock->state) {
1416	case SS_UNCONNECTED:
1417		/* Send a 'SYN-' to destination */
1418		m.msg_name = dest;
1419		m.msg_namelen = destlen;
1420
1421		/* If connect is in non-blocking case, set MSG_DONTWAIT to
1422		 * indicate send_msg() is never blocked.
1423		 */
1424		if (!timeout)
1425			m.msg_flags = MSG_DONTWAIT;
1426
1427		res = send_msg(NULL, sock, &m, 0);
1428		if ((res < 0) && (res != -EWOULDBLOCK))
1429			goto exit;
1430
1431		/* Just entered SS_CONNECTING state; the only
1432		 * difference is that return value in non-blocking
1433		 * case is EINPROGRESS, rather than EALREADY.
1434		 */
1435		res = -EINPROGRESS;
1436		break;
1437	case SS_CONNECTING:
1438		res = -EALREADY;
1439		break;
1440	case SS_CONNECTED:
1441		res = -EISCONN;
1442		break;
1443	default:
1444		res = -EINVAL;
1445		goto exit;
1446	}
1447
1448	if (sock->state == SS_CONNECTING) {
1449		if (!timeout)
1450			goto exit;
1451
1452		/* Wait until an 'ACK' or 'RST' arrives, or a timeout occurs */
1453		release_sock(sk);
1454		res = wait_event_interruptible_timeout(*sk_sleep(sk),
1455				sock->state != SS_CONNECTING,
1456				timeout ? (long)msecs_to_jiffies(timeout)
1457					: MAX_SCHEDULE_TIMEOUT);
1458		lock_sock(sk);
1459		if (res <= 0) {
1460			if (res == 0)
1461				res = -ETIMEDOUT;
1462			else
1463				; /* leave "res" unchanged */
1464			goto exit;
1465		}
1466	}
1467
1468	if (unlikely(sock->state == SS_DISCONNECTING))
1469		res = sock_error(sk);
1470	else
1471		res = 0;
1472
1473exit:
1474	release_sock(sk);
1475	return res;
1476}
1477
1478/**
1479 * listen - allow socket to listen for incoming connections
1480 * @sock: socket structure
1481 * @len: (unused)
1482 *
1483 * Returns 0 on success, errno otherwise
1484 */
1485static int listen(struct socket *sock, int len)
1486{
1487	struct sock *sk = sock->sk;
1488	int res;
1489
1490	lock_sock(sk);
1491
1492	if (sock->state != SS_UNCONNECTED)
1493		res = -EINVAL;
1494	else {
1495		sock->state = SS_LISTENING;
1496		res = 0;
1497	}
1498
1499	release_sock(sk);
1500	return res;
1501}
1502
1503/**
1504 * accept - wait for connection request
1505 * @sock: listening socket
1506 * @newsock: new socket that is to be connected
1507 * @flags: file-related flags associated with socket
1508 *
1509 * Returns 0 on success, errno otherwise
1510 */
1511static int accept(struct socket *sock, struct socket *new_sock, int flags)
1512{
1513	struct sock *new_sk, *sk = sock->sk;
1514	struct sk_buff *buf;
1515	struct tipc_sock *new_tsock;
1516	struct tipc_port *new_tport;
1517	struct tipc_msg *msg;
1518	u32 new_ref;
1519
1520	int res;
1521
1522	lock_sock(sk);
1523
1524	if (sock->state != SS_LISTENING) {
1525		res = -EINVAL;
1526		goto exit;
1527	}
1528
1529	while (skb_queue_empty(&sk->sk_receive_queue)) {
1530		if (flags & O_NONBLOCK) {
1531			res = -EWOULDBLOCK;
1532			goto exit;
1533		}
1534		release_sock(sk);
1535		res = wait_event_interruptible(*sk_sleep(sk),
1536				(!skb_queue_empty(&sk->sk_receive_queue)));
1537		lock_sock(sk);
1538		if (res)
1539			goto exit;
1540	}
1541
1542	buf = skb_peek(&sk->sk_receive_queue);
1543
1544	res = tipc_create(sock_net(sock->sk), new_sock, 0, 0);
1545	if (res)
1546		goto exit;
1547
1548	new_sk = new_sock->sk;
1549	new_tsock = tipc_sk(new_sk);
1550	new_tport = new_tsock->p;
1551	new_ref = new_tport->ref;
1552	msg = buf_msg(buf);
1553
1554	/* we lock on new_sk; but lockdep sees the lock on sk */
1555	lock_sock_nested(new_sk, SINGLE_DEPTH_NESTING);
1556
1557	/*
1558	 * Reject any stray messages received by new socket
1559	 * before the socket lock was taken (very, very unlikely)
1560	 */
1561	reject_rx_queue(new_sk);
1562
1563	/* Connect new socket to it's peer */
1564	new_tsock->peer_name.ref = msg_origport(msg);
1565	new_tsock->peer_name.node = msg_orignode(msg);
1566	tipc_connect(new_ref, &new_tsock->peer_name);
1567	new_sock->state = SS_CONNECTED;
1568
1569	tipc_set_portimportance(new_ref, msg_importance(msg));
1570	if (msg_named(msg)) {
1571		new_tport->conn_type = msg_nametype(msg);
1572		new_tport->conn_instance = msg_nameinst(msg);
1573	}
1574
1575	/*
1576	 * Respond to 'SYN-' by discarding it & returning 'ACK'-.
1577	 * Respond to 'SYN+' by queuing it on new socket.
1578	 */
1579	if (!msg_data_sz(msg)) {
1580		struct msghdr m = {NULL,};
1581
1582		advance_rx_queue(sk);
1583		send_packet(NULL, new_sock, &m, 0);
1584	} else {
1585		__skb_dequeue(&sk->sk_receive_queue);
1586		__skb_queue_head(&new_sk->sk_receive_queue, buf);
1587	}
1588	release_sock(new_sk);
1589
1590exit:
1591	release_sock(sk);
1592	return res;
1593}
1594
1595/**
1596 * shutdown - shutdown socket connection
1597 * @sock: socket structure
1598 * @how: direction to close (must be SHUT_RDWR)
1599 *
1600 * Terminates connection (if necessary), then purges socket's receive queue.
1601 *
1602 * Returns 0 on success, errno otherwise
1603 */
1604static int shutdown(struct socket *sock, int how)
1605{
1606	struct sock *sk = sock->sk;
1607	struct tipc_port *tport = tipc_sk_port(sk);
1608	struct sk_buff *buf;
1609	int res;
1610
1611	if (how != SHUT_RDWR)
1612		return -EINVAL;
1613
1614	lock_sock(sk);
1615
1616	switch (sock->state) {
1617	case SS_CONNECTING:
1618	case SS_CONNECTED:
1619
1620restart:
1621		/* Disconnect and send a 'FIN+' or 'FIN-' message to peer */
1622		buf = __skb_dequeue(&sk->sk_receive_queue);
1623		if (buf) {
1624			if (TIPC_SKB_CB(buf)->handle != 0) {
1625				kfree_skb(buf);
1626				goto restart;
1627			}
1628			tipc_disconnect(tport->ref);
1629			tipc_reject_msg(buf, TIPC_CONN_SHUTDOWN);
1630		} else {
1631			tipc_shutdown(tport->ref);
1632		}
1633
1634		sock->state = SS_DISCONNECTING;
1635
1636		/* fall through */
1637
1638	case SS_DISCONNECTING:
1639
1640		/* Discard any unreceived messages */
1641		discard_rx_queue(sk);
1642
1643		/* Wake up anyone sleeping in poll */
1644		sk->sk_state_change(sk);
1645		res = 0;
1646		break;
1647
1648	default:
1649		res = -ENOTCONN;
1650	}
1651
1652	release_sock(sk);
1653	return res;
1654}
1655
1656/**
1657 * setsockopt - set socket option
1658 * @sock: socket structure
1659 * @lvl: option level
1660 * @opt: option identifier
1661 * @ov: pointer to new option value
1662 * @ol: length of option value
1663 *
1664 * For stream sockets only, accepts and ignores all IPPROTO_TCP options
1665 * (to ease compatibility).
1666 *
1667 * Returns 0 on success, errno otherwise
1668 */
1669static int setsockopt(struct socket *sock,
1670		      int lvl, int opt, char __user *ov, unsigned int ol)
1671{
1672	struct sock *sk = sock->sk;
1673	struct tipc_port *tport = tipc_sk_port(sk);
1674	u32 value;
1675	int res;
1676
1677	if ((lvl == IPPROTO_TCP) && (sock->type == SOCK_STREAM))
1678		return 0;
1679	if (lvl != SOL_TIPC)
1680		return -ENOPROTOOPT;
1681	if (ol < sizeof(value))
1682		return -EINVAL;
1683	res = get_user(value, (u32 __user *)ov);
1684	if (res)
1685		return res;
1686
1687	lock_sock(sk);
1688
1689	switch (opt) {
1690	case TIPC_IMPORTANCE:
1691		res = tipc_set_portimportance(tport->ref, value);
1692		break;
1693	case TIPC_SRC_DROPPABLE:
1694		if (sock->type != SOCK_STREAM)
1695			res = tipc_set_portunreliable(tport->ref, value);
1696		else
1697			res = -ENOPROTOOPT;
1698		break;
1699	case TIPC_DEST_DROPPABLE:
1700		res = tipc_set_portunreturnable(tport->ref, value);
1701		break;
1702	case TIPC_CONN_TIMEOUT:
1703		tipc_sk(sk)->conn_timeout = value;
1704		/* no need to set "res", since already 0 at this point */
1705		break;
1706	default:
1707		res = -EINVAL;
1708	}
1709
1710	release_sock(sk);
1711
1712	return res;
1713}
1714
1715/**
1716 * getsockopt - get socket option
1717 * @sock: socket structure
1718 * @lvl: option level
1719 * @opt: option identifier
1720 * @ov: receptacle for option value
1721 * @ol: receptacle for length of option value
1722 *
1723 * For stream sockets only, returns 0 length result for all IPPROTO_TCP options
1724 * (to ease compatibility).
1725 *
1726 * Returns 0 on success, errno otherwise
1727 */
1728static int getsockopt(struct socket *sock,
1729		      int lvl, int opt, char __user *ov, int __user *ol)
1730{
1731	struct sock *sk = sock->sk;
1732	struct tipc_port *tport = tipc_sk_port(sk);
1733	int len;
1734	u32 value;
1735	int res;
1736
1737	if ((lvl == IPPROTO_TCP) && (sock->type == SOCK_STREAM))
1738		return put_user(0, ol);
1739	if (lvl != SOL_TIPC)
1740		return -ENOPROTOOPT;
1741	res = get_user(len, ol);
1742	if (res)
1743		return res;
1744
1745	lock_sock(sk);
1746
1747	switch (opt) {
1748	case TIPC_IMPORTANCE:
1749		res = tipc_portimportance(tport->ref, &value);
1750		break;
1751	case TIPC_SRC_DROPPABLE:
1752		res = tipc_portunreliable(tport->ref, &value);
1753		break;
1754	case TIPC_DEST_DROPPABLE:
1755		res = tipc_portunreturnable(tport->ref, &value);
1756		break;
1757	case TIPC_CONN_TIMEOUT:
1758		value = tipc_sk(sk)->conn_timeout;
1759		/* no need to set "res", since already 0 at this point */
1760		break;
1761	case TIPC_NODE_RECVQ_DEPTH:
1762		value = 0; /* was tipc_queue_size, now obsolete */
1763		break;
1764	case TIPC_SOCK_RECVQ_DEPTH:
1765		value = skb_queue_len(&sk->sk_receive_queue);
1766		break;
1767	default:
1768		res = -EINVAL;
1769	}
1770
1771	release_sock(sk);
1772
1773	if (res)
1774		return res;	/* "get" failed */
1775
1776	if (len < sizeof(value))
1777		return -EINVAL;
1778
1779	if (copy_to_user(ov, &value, sizeof(value)))
1780		return -EFAULT;
1781
1782	return put_user(sizeof(value), ol);
1783}
1784
1785/* Protocol switches for the various types of TIPC sockets */
1786
1787static const struct proto_ops msg_ops = {
1788	.owner		= THIS_MODULE,
1789	.family		= AF_TIPC,
1790	.release	= release,
1791	.bind		= bind,
1792	.connect	= connect,
1793	.socketpair	= sock_no_socketpair,
1794	.accept		= sock_no_accept,
1795	.getname	= get_name,
1796	.poll		= poll,
1797	.ioctl		= sock_no_ioctl,
1798	.listen		= sock_no_listen,
1799	.shutdown	= shutdown,
1800	.setsockopt	= setsockopt,
1801	.getsockopt	= getsockopt,
1802	.sendmsg	= send_msg,
1803	.recvmsg	= recv_msg,
1804	.mmap		= sock_no_mmap,
1805	.sendpage	= sock_no_sendpage
1806};
1807
1808static const struct proto_ops packet_ops = {
1809	.owner		= THIS_MODULE,
1810	.family		= AF_TIPC,
1811	.release	= release,
1812	.bind		= bind,
1813	.connect	= connect,
1814	.socketpair	= sock_no_socketpair,
1815	.accept		= accept,
1816	.getname	= get_name,
1817	.poll		= poll,
1818	.ioctl		= sock_no_ioctl,
1819	.listen		= listen,
1820	.shutdown	= shutdown,
1821	.setsockopt	= setsockopt,
1822	.getsockopt	= getsockopt,
1823	.sendmsg	= send_packet,
1824	.recvmsg	= recv_msg,
1825	.mmap		= sock_no_mmap,
1826	.sendpage	= sock_no_sendpage
1827};
1828
1829static const struct proto_ops stream_ops = {
1830	.owner		= THIS_MODULE,
1831	.family		= AF_TIPC,
1832	.release	= release,
1833	.bind		= bind,
1834	.connect	= connect,
1835	.socketpair	= sock_no_socketpair,
1836	.accept		= accept,
1837	.getname	= get_name,
1838	.poll		= poll,
1839	.ioctl		= sock_no_ioctl,
1840	.listen		= listen,
1841	.shutdown	= shutdown,
1842	.setsockopt	= setsockopt,
1843	.getsockopt	= getsockopt,
1844	.sendmsg	= send_stream,
1845	.recvmsg	= recv_stream,
1846	.mmap		= sock_no_mmap,
1847	.sendpage	= sock_no_sendpage
1848};
1849
1850static const struct net_proto_family tipc_family_ops = {
1851	.owner		= THIS_MODULE,
1852	.family		= AF_TIPC,
1853	.create		= tipc_create
1854};
1855
1856static struct proto tipc_proto = {
1857	.name		= "TIPC",
1858	.owner		= THIS_MODULE,
1859	.obj_size	= sizeof(struct tipc_sock)
1860};
1861
1862/**
1863 * tipc_socket_init - initialize TIPC socket interface
1864 *
1865 * Returns 0 on success, errno otherwise
1866 */
1867int tipc_socket_init(void)
1868{
1869	int res;
1870
1871	res = proto_register(&tipc_proto, 1);
1872	if (res) {
1873		pr_err("Failed to register TIPC protocol type\n");
1874		goto out;
1875	}
1876
1877	res = sock_register(&tipc_family_ops);
1878	if (res) {
1879		pr_err("Failed to register TIPC socket type\n");
1880		proto_unregister(&tipc_proto);
1881		goto out;
1882	}
1883
1884	sockets_enabled = 1;
1885 out:
1886	return res;
1887}
1888
1889/**
1890 * tipc_socket_stop - stop TIPC socket interface
1891 */
1892void tipc_socket_stop(void)
1893{
1894	if (!sockets_enabled)
1895		return;
1896
1897	sockets_enabled = 0;
1898	sock_unregister(tipc_family_ops.family);
1899	proto_unregister(&tipc_proto);
1900}