net/rxrpc/sendmsg.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /* AF_RXRPC sendmsg() implementation.
0003  *
0004  * Copyright (C) 2007, 2016 Red Hat, Inc. All Rights Reserved.
0005  * Written by David Howells (dhowells@redhat.com)
0006  */
0007
0008 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
0009
0010 #include <linux/net.h>
0011 #include <linux/gfp.h>
0012 #include <linux/skbuff.h>
0013 #include <linux/export.h>
0014 #include <linux/sched/signal.h>
0015
0016 #include <net/sock.h>
0017 #include <net/af_rxrpc.h>
0018 #include "ar-internal.h"
0019
0020 /*
0021  * Return true if there's sufficient Tx queue space.
0022  */
0023 static bool rxrpc_check_tx_space(struct rxrpc_call *call, rxrpc_seq_t *_tx_win)
0024 {
0025     unsigned int win_size =
0026         min_t(unsigned int, call->tx_winsize,
0027               call->cong_cwnd + call->cong_extra);
0028     rxrpc_seq_t tx_win = READ_ONCE(call->tx_hard_ack);
0029
0030     if (_tx_win)
0031         *_tx_win = tx_win;
0032     return call->tx_top - tx_win < win_size;
0033 }
0034
0035 /*
0036  * Wait for space to appear in the Tx queue or a signal to occur.
0037  */
0038 static int rxrpc_wait_for_tx_window_intr(struct rxrpc_sock *rx,
0039                      struct rxrpc_call *call,
0040                      long *timeo)
0041 {
0042     for (;;) {
0043         set_current_state(TASK_INTERRUPTIBLE);
0044         if (rxrpc_check_tx_space(call, NULL))
0045             return 0;
0046
0047         if (call->state >= RXRPC_CALL_COMPLETE)
0048             return call->error;
0049
0050         if (signal_pending(current))
0051             return sock_intr_errno(*timeo);
0052
0053         trace_rxrpc_transmit(call, rxrpc_transmit_wait);
0054         *timeo = schedule_timeout(*timeo);
0055     }
0056 }
0057
0058 /*
0059  * Wait for space to appear in the Tx queue uninterruptibly, but with
0060  * a timeout of 2*RTT if no progress was made and a signal occurred.
0061  */
0062 static int rxrpc_wait_for_tx_window_waitall(struct rxrpc_sock *rx,
0063                         struct rxrpc_call *call)
0064 {
0065     rxrpc_seq_t tx_start, tx_win;
0066     signed long rtt, timeout;
0067
0068     rtt = READ_ONCE(call->peer->srtt_us) >> 3;
0069     rtt = usecs_to_jiffies(rtt) * 2;
0070     if (rtt < 2)
0071         rtt = 2;
0072
0073     timeout = rtt;
0074     tx_start = READ_ONCE(call->tx_hard_ack);
0075
0076     for (;;) {
0077         set_current_state(TASK_UNINTERRUPTIBLE);
0078
0079         tx_win = READ_ONCE(call->tx_hard_ack);
0080         if (rxrpc_check_tx_space(call, &tx_win))
0081             return 0;
0082
0083         if (call->state >= RXRPC_CALL_COMPLETE)
0084             return call->error;
0085
0086         if (timeout == 0 &&
0087             tx_win == tx_start && signal_pending(current))
0088             return -EINTR;
0089
0090         if (tx_win != tx_start) {
0091             timeout = rtt;
0092             tx_start = tx_win;
0093         }
0094
0095         trace_rxrpc_transmit(call, rxrpc_transmit_wait);
0096         timeout = schedule_timeout(timeout);
0097     }
0098 }
0099
0100 /*
0101  * Wait for space to appear in the Tx queue uninterruptibly.
0102  */
0103 static int rxrpc_wait_for_tx_window_nonintr(struct rxrpc_sock *rx,
0104                         struct rxrpc_call *call,
0105                         long *timeo)
0106 {
0107     for (;;) {
0108         set_current_state(TASK_UNINTERRUPTIBLE);
0109         if (rxrpc_check_tx_space(call, NULL))
0110             return 0;
0111
0112         if (call->state >= RXRPC_CALL_COMPLETE)
0113             return call->error;
0114
0115         trace_rxrpc_transmit(call, rxrpc_transmit_wait);
0116         *timeo = schedule_timeout(*timeo);
0117     }
0118 }
0119
0120 /*
0121  * wait for space to appear in the transmit/ACK window
0122  * - caller holds the socket locked
0123  */
0124 static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx,
0125                     struct rxrpc_call *call,
0126                     long *timeo,
0127                     bool waitall)
0128 {
0129     DECLARE_WAITQUEUE(myself, current);
0130     int ret;
0131
0132     _enter(",{%u,%u,%u}",
0133            call->tx_hard_ack, call->tx_top, call->tx_winsize);
0134
0135     add_wait_queue(&call->waitq, &myself);
0136
0137     switch (call->interruptibility) {
0138     case RXRPC_INTERRUPTIBLE:
0139         if (waitall)
0140             ret = rxrpc_wait_for_tx_window_waitall(rx, call);
0141         else
0142             ret = rxrpc_wait_for_tx_window_intr(rx, call, timeo);
0143         break;
0144     case RXRPC_PREINTERRUPTIBLE:
0145     case RXRPC_UNINTERRUPTIBLE:
0146     default:
0147         ret = rxrpc_wait_for_tx_window_nonintr(rx, call, timeo);
0148         break;
0149     }
0150
0151     remove_wait_queue(&call->waitq, &myself);
0152     set_current_state(TASK_RUNNING);
0153     _leave(" = %d", ret);
0154     return ret;
0155 }
0156
0157 /*
0158  * Schedule an instant Tx resend.
0159  */
0160 static inline void rxrpc_instant_resend(struct rxrpc_call *call, int ix)
0161 {
0162     spin_lock_bh(&call->lock);
0163
0164     if (call->state < RXRPC_CALL_COMPLETE) {
0165         call->rxtx_annotations[ix] =
0166             (call->rxtx_annotations[ix] & RXRPC_TX_ANNO_LAST) |
0167             RXRPC_TX_ANNO_RETRANS;
0168         if (!test_and_set_bit(RXRPC_CALL_EV_RESEND, &call->events))
0169             rxrpc_queue_call(call);
0170     }
0171
0172     spin_unlock_bh(&call->lock);
0173 }
0174
0175 /*
0176  * Notify the owner of the call that the transmit phase is ended and the last
0177  * packet has been queued.
0178  */
0179 static void rxrpc_notify_end_tx(struct rxrpc_sock *rx, struct rxrpc_call *call,
0180                 rxrpc_notify_end_tx_t notify_end_tx)
0181 {
0182     if (notify_end_tx)
0183         notify_end_tx(&rx->sk, call, call->user_call_ID);
0184 }
0185
0186 /*
0187  * Queue a DATA packet for transmission, set the resend timeout and send
0188  * the packet immediately.  Returns the error from rxrpc_send_data_packet()
0189  * in case the caller wants to do something with it.
0190  */
0191 static int rxrpc_queue_packet(struct rxrpc_sock *rx, struct rxrpc_call *call,
0192                   struct sk_buff *skb, bool last,
0193                   rxrpc_notify_end_tx_t notify_end_tx)
0194 {
0195     struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
0196     unsigned long now;
0197     rxrpc_seq_t seq = sp->hdr.seq;
0198     int ret, ix;
0199     u8 annotation = RXRPC_TX_ANNO_UNACK;
0200
0201     _net("queue skb %p [%d]", skb, seq);
0202
0203     ASSERTCMP(seq, ==, call->tx_top + 1);
0204
0205     if (last)
0206         annotation |= RXRPC_TX_ANNO_LAST;
0207
0208     /* We have to set the timestamp before queueing as the retransmit
0209      * algorithm can see the packet as soon as we queue it.
0210      */
0211     skb->tstamp = ktime_get_real();
0212
0213     ix = seq & RXRPC_RXTX_BUFF_MASK;
0214     rxrpc_get_skb(skb, rxrpc_skb_got);
0215     call->rxtx_annotations[ix] = annotation;
0216     smp_wmb();
0217     call->rxtx_buffer[ix] = skb;
0218     call->tx_top = seq;
0219     if (last)
0220         trace_rxrpc_transmit(call, rxrpc_transmit_queue_last);
0221     else
0222         trace_rxrpc_transmit(call, rxrpc_transmit_queue);
0223
0224     if (last || call->state == RXRPC_CALL_SERVER_ACK_REQUEST) {
0225         _debug("________awaiting reply/ACK__________");
0226         write_lock_bh(&call->state_lock);
0227         switch (call->state) {
0228         case RXRPC_CALL_CLIENT_SEND_REQUEST:
0229             call->state = RXRPC_CALL_CLIENT_AWAIT_REPLY;
0230             rxrpc_notify_end_tx(rx, call, notify_end_tx);
0231             break;
0232         case RXRPC_CALL_SERVER_ACK_REQUEST:
0233             call->state = RXRPC_CALL_SERVER_SEND_REPLY;
0234             now = jiffies;
0235             WRITE_ONCE(call->ack_at, now + MAX_JIFFY_OFFSET);
0236             if (call->ackr_reason == RXRPC_ACK_DELAY)
0237                 call->ackr_reason = 0;
0238             trace_rxrpc_timer(call, rxrpc_timer_init_for_send_reply, now);
0239             if (!last)
0240                 break;
0241             fallthrough;
0242         case RXRPC_CALL_SERVER_SEND_REPLY:
0243             call->state = RXRPC_CALL_SERVER_AWAIT_ACK;
0244             rxrpc_notify_end_tx(rx, call, notify_end_tx);
0245             break;
0246         default:
0247             break;
0248         }
0249         write_unlock_bh(&call->state_lock);
0250     }
0251
0252     if (seq == 1 && rxrpc_is_client_call(call))
0253         rxrpc_expose_client_call(call);
0254
0255     ret = rxrpc_send_data_packet(call, skb, false);
0256     if (ret < 0) {
0257         switch (ret) {
0258         case -ENETUNREACH:
0259         case -EHOSTUNREACH:
0260         case -ECONNREFUSED:
0261             rxrpc_set_call_completion(call, RXRPC_CALL_LOCAL_ERROR,
0262                           0, ret);
0263             goto out;
0264         }
0265         _debug("need instant resend %d", ret);
0266         rxrpc_instant_resend(call, ix);
0267     } else {
0268         unsigned long now = jiffies;
0269         unsigned long resend_at = now + call->peer->rto_j;
0270
0271         WRITE_ONCE(call->resend_at, resend_at);
0272         rxrpc_reduce_call_timer(call, resend_at, now,
0273                     rxrpc_timer_set_for_send);
0274     }
0275
0276 out:
0277     rxrpc_free_skb(skb, rxrpc_skb_freed);
0278     _leave(" = %d", ret);
0279     return ret;
0280 }
0281
0282 /*
0283  * send data through a socket
0284  * - must be called in process context
0285  * - The caller holds the call user access mutex, but not the socket lock.
0286  */
0287 static int rxrpc_send_data(struct rxrpc_sock *rx,
0288                struct rxrpc_call *call,
0289                struct msghdr *msg, size_t len,
0290                rxrpc_notify_end_tx_t notify_end_tx,
0291                bool *_dropped_lock)
0292 {
0293     struct rxrpc_skb_priv *sp;
0294     struct sk_buff *skb;
0295     struct sock *sk = &rx->sk;
0296     enum rxrpc_call_state state;
0297     long timeo;
0298     bool more = msg->msg_flags & MSG_MORE;
0299     int ret, copied = 0;
0300
0301     timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
0302
0303     /* this should be in poll */
0304     sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
0305
0306 reload:
0307     ret = -EPIPE;
0308     if (sk->sk_shutdown & SEND_SHUTDOWN)
0309         goto maybe_error;
0310     state = READ_ONCE(call->state);
0311     ret = -ESHUTDOWN;
0312     if (state >= RXRPC_CALL_COMPLETE)
0313         goto maybe_error;
0314     ret = -EPROTO;
0315     if (state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
0316         state != RXRPC_CALL_SERVER_ACK_REQUEST &&
0317         state != RXRPC_CALL_SERVER_SEND_REPLY)
0318         goto maybe_error;
0319
0320     ret = -EMSGSIZE;
0321     if (call->tx_total_len != -1) {
0322         if (len - copied > call->tx_total_len)
0323             goto maybe_error;
0324         if (!more && len - copied != call->tx_total_len)
0325             goto maybe_error;
0326     }
0327
0328     skb = call->tx_pending;
0329     call->tx_pending = NULL;
0330     rxrpc_see_skb(skb, rxrpc_skb_seen);
0331
0332     do {
0333         /* Check to see if there's a ping ACK to reply to. */
0334         if (call->ackr_reason == RXRPC_ACK_PING_RESPONSE)
0335             rxrpc_send_ack_packet(call, false, NULL);
0336
0337         if (!skb) {
0338             size_t remain, bufsize, chunk, offset;
0339
0340             _debug("alloc");
0341
0342             if (!rxrpc_check_tx_space(call, NULL))
0343                 goto wait_for_space;
0344
0345             /* Work out the maximum size of a packet.  Assume that
0346              * the security header is going to be in the padded
0347              * region (enc blocksize), but the trailer is not.
0348              */
0349             remain = more ? INT_MAX : msg_data_left(msg);
0350             ret = call->conn->security->how_much_data(call, remain,
0351                                   &bufsize, &chunk, &offset);
0352             if (ret < 0)
0353                 goto maybe_error;
0354
0355             _debug("SIZE: %zu/%zu @%zu", chunk, bufsize, offset);
0356
0357             /* create a buffer that we can retain until it's ACK'd */
0358             skb = sock_alloc_send_skb(
0359                 sk, bufsize, msg->msg_flags & MSG_DONTWAIT, &ret);
0360             if (!skb)
0361                 goto maybe_error;
0362
0363             sp = rxrpc_skb(skb);
0364             sp->rx_flags |= RXRPC_SKB_TX_BUFFER;
0365             rxrpc_new_skb(skb, rxrpc_skb_new);
0366
0367             _debug("ALLOC SEND %p", skb);
0368
0369             ASSERTCMP(skb->mark, ==, 0);
0370
0371             __skb_put(skb, offset);
0372
0373             sp->remain = chunk;
0374             if (sp->remain > skb_tailroom(skb))
0375                 sp->remain = skb_tailroom(skb);
0376
0377             _net("skb: hr %d, tr %d, hl %d, rm %d",
0378                    skb_headroom(skb),
0379                    skb_tailroom(skb),
0380                    skb_headlen(skb),
0381                    sp->remain);
0382
0383             skb->ip_summed = CHECKSUM_UNNECESSARY;
0384         }
0385
0386         _debug("append");
0387         sp = rxrpc_skb(skb);
0388
0389         /* append next segment of data to the current buffer */
0390         if (msg_data_left(msg) > 0) {
0391             int copy = skb_tailroom(skb);
0392             ASSERTCMP(copy, >, 0);
0393             if (copy > msg_data_left(msg))
0394                 copy = msg_data_left(msg);
0395             if (copy > sp->remain)
0396                 copy = sp->remain;
0397
0398             _debug("add");
0399             ret = skb_add_data(skb, &msg->msg_iter, copy);
0400             _debug("added");
0401             if (ret < 0)
0402                 goto efault;
0403             sp->remain -= copy;
0404             skb->mark += copy;
0405             copied += copy;
0406             if (call->tx_total_len != -1)
0407                 call->tx_total_len -= copy;
0408         }
0409
0410         /* check for the far side aborting the call or a network error
0411          * occurring */
0412         if (call->state == RXRPC_CALL_COMPLETE)
0413             goto call_terminated;
0414
0415         /* add the packet to the send queue if it's now full */
0416         if (sp->remain <= 0 ||
0417             (msg_data_left(msg) == 0 && !more)) {
0418             struct rxrpc_connection *conn = call->conn;
0419             uint32_t seq;
0420
0421             seq = call->tx_top + 1;
0422
0423             sp->hdr.seq = seq;
0424             sp->hdr._rsvd   = 0;
0425             sp->hdr.flags   = conn->out_clientflag;
0426
0427             if (msg_data_left(msg) == 0 && !more)
0428                 sp->hdr.flags |= RXRPC_LAST_PACKET;
0429             else if (call->tx_top - call->tx_hard_ack <
0430                  call->tx_winsize)
0431                 sp->hdr.flags |= RXRPC_MORE_PACKETS;
0432
0433             ret = call->security->secure_packet(call, skb, skb->mark);
0434             if (ret < 0)
0435                 goto out;
0436
0437             ret = rxrpc_queue_packet(rx, call, skb,
0438                          !msg_data_left(msg) && !more,
0439                          notify_end_tx);
0440             /* Should check for failure here */
0441             skb = NULL;
0442         }
0443     } while (msg_data_left(msg) > 0);
0444
0445 success:
0446     ret = copied;
0447     if (READ_ONCE(call->state) == RXRPC_CALL_COMPLETE) {
0448         read_lock_bh(&call->state_lock);
0449         if (call->error < 0)
0450             ret = call->error;
0451         read_unlock_bh(&call->state_lock);
0452     }
0453 out:
0454     call->tx_pending = skb;
0455     _leave(" = %d", ret);
0456     return ret;
0457
0458 call_terminated:
0459     rxrpc_free_skb(skb, rxrpc_skb_freed);
0460     _leave(" = %d", call->error);
0461     return call->error;
0462
0463 maybe_error:
0464     if (copied)
0465         goto success;
0466     goto out;
0467
0468 efault:
0469     ret = -EFAULT;
0470     goto out;
0471
0472 wait_for_space:
0473     ret = -EAGAIN;
0474     if (msg->msg_flags & MSG_DONTWAIT)
0475         goto maybe_error;
0476     mutex_unlock(&call->user_mutex);
0477     *_dropped_lock = true;
0478     ret = rxrpc_wait_for_tx_window(rx, call, &timeo,
0479                        msg->msg_flags & MSG_WAITALL);
0480     if (ret < 0)
0481         goto maybe_error;
0482     if (call->interruptibility == RXRPC_INTERRUPTIBLE) {
0483         if (mutex_lock_interruptible(&call->user_mutex) < 0) {
0484             ret = sock_intr_errno(timeo);
0485             goto maybe_error;
0486         }
0487     } else {
0488         mutex_lock(&call->user_mutex);
0489     }
0490     *_dropped_lock = false;
0491     goto reload;
0492 }
0493
0494 /*
0495  * extract control messages from the sendmsg() control buffer
0496  */
0497 static int rxrpc_sendmsg_cmsg(struct msghdr *msg, struct rxrpc_send_params *p)
0498 {
0499     struct cmsghdr *cmsg;
0500     bool got_user_ID = false;
0501     int len;
0502
0503     if (msg->msg_controllen == 0)
0504         return -EINVAL;
0505
0506     for_each_cmsghdr(cmsg, msg) {
0507         if (!CMSG_OK(msg, cmsg))
0508             return -EINVAL;
0509
0510         len = cmsg->cmsg_len - sizeof(struct cmsghdr);
0511         _debug("CMSG %d, %d, %d",
0512                cmsg->cmsg_level, cmsg->cmsg_type, len);
0513
0514         if (cmsg->cmsg_level != SOL_RXRPC)
0515             continue;
0516
0517         switch (cmsg->cmsg_type) {
0518         case RXRPC_USER_CALL_ID:
0519             if (msg->msg_flags & MSG_CMSG_COMPAT) {
0520                 if (len != sizeof(u32))
0521                     return -EINVAL;
0522                 p->call.user_call_ID = *(u32 *)CMSG_DATA(cmsg);
0523             } else {
0524                 if (len != sizeof(unsigned long))
0525                     return -EINVAL;
0526                 p->call.user_call_ID = *(unsigned long *)
0527                     CMSG_DATA(cmsg);
0528             }
0529             got_user_ID = true;
0530             break;
0531
0532         case RXRPC_ABORT:
0533             if (p->command != RXRPC_CMD_SEND_DATA)
0534                 return -EINVAL;
0535             p->command = RXRPC_CMD_SEND_ABORT;
0536             if (len != sizeof(p->abort_code))
0537                 return -EINVAL;
0538             p->abort_code = *(unsigned int *)CMSG_DATA(cmsg);
0539             if (p->abort_code == 0)
0540                 return -EINVAL;
0541             break;
0542
0543         case RXRPC_CHARGE_ACCEPT:
0544             if (p->command != RXRPC_CMD_SEND_DATA)
0545                 return -EINVAL;
0546             p->command = RXRPC_CMD_CHARGE_ACCEPT;
0547             if (len != 0)
0548                 return -EINVAL;
0549             break;
0550
0551         case RXRPC_EXCLUSIVE_CALL:
0552             p->exclusive = true;
0553             if (len != 0)
0554                 return -EINVAL;
0555             break;
0556
0557         case RXRPC_UPGRADE_SERVICE:
0558             p->upgrade = true;
0559             if (len != 0)
0560                 return -EINVAL;
0561             break;
0562
0563         case RXRPC_TX_LENGTH:
0564             if (p->call.tx_total_len != -1 || len != sizeof(__s64))
0565                 return -EINVAL;
0566             p->call.tx_total_len = *(__s64 *)CMSG_DATA(cmsg);
0567             if (p->call.tx_total_len < 0)
0568                 return -EINVAL;
0569             break;
0570
0571         case RXRPC_SET_CALL_TIMEOUT:
0572             if (len & 3 || len < 4 || len > 12)
0573                 return -EINVAL;
0574             memcpy(&p->call.timeouts, CMSG_DATA(cmsg), len);
0575             p->call.nr_timeouts = len / 4;
0576             if (p->call.timeouts.hard > INT_MAX / HZ)
0577                 return -ERANGE;
0578             if (p->call.nr_timeouts >= 2 && p->call.timeouts.idle > 60 * 60 * 1000)
0579                 return -ERANGE;
0580             if (p->call.nr_timeouts >= 3 && p->call.timeouts.normal > 60 * 60 * 1000)
0581                 return -ERANGE;
0582             break;
0583
0584         default:
0585             return -EINVAL;
0586         }
0587     }
0588
0589     if (!got_user_ID)
0590         return -EINVAL;
0591     if (p->call.tx_total_len != -1 && p->command != RXRPC_CMD_SEND_DATA)
0592         return -EINVAL;
0593     _leave(" = 0");
0594     return 0;
0595 }
0596
0597 /*
0598  * Create a new client call for sendmsg().
0599  * - Called with the socket lock held, which it must release.
0600  * - If it returns a call, the call's lock will need releasing by the caller.
0601  */
0602 static struct rxrpc_call *
0603 rxrpc_new_client_call_for_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg,
0604                   struct rxrpc_send_params *p)
0605     __releases(&rx->sk.sk_lock.slock)
0606     __acquires(&call->user_mutex)
0607 {
0608     struct rxrpc_conn_parameters cp;
0609     struct rxrpc_call *call;
0610     struct key *key;
0611
0612     DECLARE_SOCKADDR(struct sockaddr_rxrpc *, srx, msg->msg_name);
0613
0614     _enter("");
0615
0616     if (!msg->msg_name) {
0617         release_sock(&rx->sk);
0618         return ERR_PTR(-EDESTADDRREQ);
0619     }
0620
0621     key = rx->key;
0622     if (key && !rx->key->payload.data[0])
0623         key = NULL;
0624
0625     memset(&cp, 0, sizeof(cp));
0626     cp.local        = rx->local;
0627     cp.key          = rx->key;
0628     cp.security_level   = rx->min_sec_level;
0629     cp.exclusive        = rx->exclusive | p->exclusive;
0630     cp.upgrade      = p->upgrade;
0631     cp.service_id       = srx->srx_service;
0632     call = rxrpc_new_client_call(rx, &cp, srx, &p->call, GFP_KERNEL,
0633                      atomic_inc_return(&rxrpc_debug_id));
0634     /* The socket is now unlocked */
0635
0636     rxrpc_put_peer(cp.peer);
0637     _leave(" = %p\n", call);
0638     return call;
0639 }
0640
0641 /*
0642  * send a message forming part of a client call through an RxRPC socket
0643  * - caller holds the socket locked
0644  * - the socket may be either a client socket or a server socket
0645  */
0646 int rxrpc_do_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg, size_t len)
0647     __releases(&rx->sk.sk_lock.slock)
0648     __releases(&call->user_mutex)
0649 {
0650     enum rxrpc_call_state state;
0651     struct rxrpc_call *call;
0652     unsigned long now, j;
0653     bool dropped_lock = false;
0654     int ret;
0655
0656     struct rxrpc_send_params p = {
0657         .call.tx_total_len  = -1,
0658         .call.user_call_ID  = 0,
0659         .call.nr_timeouts   = 0,
0660         .call.interruptibility  = RXRPC_INTERRUPTIBLE,
0661         .abort_code     = 0,
0662         .command        = RXRPC_CMD_SEND_DATA,
0663         .exclusive      = false,
0664         .upgrade        = false,
0665     };
0666
0667     _enter("");
0668
0669     ret = rxrpc_sendmsg_cmsg(msg, &p);
0670     if (ret < 0)
0671         goto error_release_sock;
0672
0673     if (p.command == RXRPC_CMD_CHARGE_ACCEPT) {
0674         ret = -EINVAL;
0675         if (rx->sk.sk_state != RXRPC_SERVER_LISTENING)
0676             goto error_release_sock;
0677         ret = rxrpc_user_charge_accept(rx, p.call.user_call_ID);
0678         goto error_release_sock;
0679     }
0680
0681     call = rxrpc_find_call_by_user_ID(rx, p.call.user_call_ID);
0682     if (!call) {
0683         ret = -EBADSLT;
0684         if (p.command != RXRPC_CMD_SEND_DATA)
0685             goto error_release_sock;
0686         call = rxrpc_new_client_call_for_sendmsg(rx, msg, &p);
0687         /* The socket is now unlocked... */
0688         if (IS_ERR(call))
0689             return PTR_ERR(call);
0690         /* ... and we have the call lock. */
0691         ret = 0;
0692         if (READ_ONCE(call->state) == RXRPC_CALL_COMPLETE)
0693             goto out_put_unlock;
0694     } else {
0695         switch (READ_ONCE(call->state)) {
0696         case RXRPC_CALL_UNINITIALISED:
0697         case RXRPC_CALL_CLIENT_AWAIT_CONN:
0698         case RXRPC_CALL_SERVER_PREALLOC:
0699         case RXRPC_CALL_SERVER_SECURING:
0700             rxrpc_put_call(call, rxrpc_call_put);
0701             ret = -EBUSY;
0702             goto error_release_sock;
0703         default:
0704             break;
0705         }
0706
0707         ret = mutex_lock_interruptible(&call->user_mutex);
0708         release_sock(&rx->sk);
0709         if (ret < 0) {
0710             ret = -ERESTARTSYS;
0711             goto error_put;
0712         }
0713
0714         if (p.call.tx_total_len != -1) {
0715             ret = -EINVAL;
0716             if (call->tx_total_len != -1 ||
0717                 call->tx_pending ||
0718                 call->tx_top != 0)
0719                 goto error_put;
0720             call->tx_total_len = p.call.tx_total_len;
0721         }
0722     }
0723
0724     switch (p.call.nr_timeouts) {
0725     case 3:
0726         j = msecs_to_jiffies(p.call.timeouts.normal);
0727         if (p.call.timeouts.normal > 0 && j == 0)
0728             j = 1;
0729         WRITE_ONCE(call->next_rx_timo, j);
0730         fallthrough;
0731     case 2:
0732         j = msecs_to_jiffies(p.call.timeouts.idle);
0733         if (p.call.timeouts.idle > 0 && j == 0)
0734             j = 1;
0735         WRITE_ONCE(call->next_req_timo, j);
0736         fallthrough;
0737     case 1:
0738         if (p.call.timeouts.hard > 0) {
0739             j = msecs_to_jiffies(p.call.timeouts.hard);
0740             now = jiffies;
0741             j += now;
0742             WRITE_ONCE(call->expect_term_by, j);
0743             rxrpc_reduce_call_timer(call, j, now,
0744                         rxrpc_timer_set_for_hard);
0745         }
0746         break;
0747     }
0748
0749     state = READ_ONCE(call->state);
0750     _debug("CALL %d USR %lx ST %d on CONN %p",
0751            call->debug_id, call->user_call_ID, state, call->conn);
0752
0753     if (state >= RXRPC_CALL_COMPLETE) {
0754         /* it's too late for this call */
0755         ret = -ESHUTDOWN;
0756     } else if (p.command == RXRPC_CMD_SEND_ABORT) {
0757         ret = 0;
0758         if (rxrpc_abort_call("CMD", call, 0, p.abort_code, -ECONNABORTED))
0759             ret = rxrpc_send_abort_packet(call);
0760     } else if (p.command != RXRPC_CMD_SEND_DATA) {
0761         ret = -EINVAL;
0762     } else {
0763         ret = rxrpc_send_data(rx, call, msg, len, NULL, &dropped_lock);
0764     }
0765
0766 out_put_unlock:
0767     if (!dropped_lock)
0768         mutex_unlock(&call->user_mutex);
0769 error_put:
0770     rxrpc_put_call(call, rxrpc_call_put);
0771     _leave(" = %d", ret);
0772     return ret;
0773
0774 error_release_sock:
0775     release_sock(&rx->sk);
0776     return ret;
0777 }
0778
0779 /**
0780  * rxrpc_kernel_send_data - Allow a kernel service to send data on a call
0781  * @sock: The socket the call is on
0782  * @call: The call to send data through
0783  * @msg: The data to send
0784  * @len: The amount of data to send
0785  * @notify_end_tx: Notification that the last packet is queued.
0786  *
0787  * Allow a kernel service to send data on a call.  The call must be in an state
0788  * appropriate to sending data.  No control data should be supplied in @msg,
0789  * nor should an address be supplied.  MSG_MORE should be flagged if there's
0790  * more data to come, otherwise this data will end the transmission phase.
0791  */
0792 int rxrpc_kernel_send_data(struct socket *sock, struct rxrpc_call *call,
0793                struct msghdr *msg, size_t len,
0794                rxrpc_notify_end_tx_t notify_end_tx)
0795 {
0796     bool dropped_lock = false;
0797     int ret;
0798
0799     _enter("{%d,%s},", call->debug_id, rxrpc_call_states[call->state]);
0800
0801     ASSERTCMP(msg->msg_name, ==, NULL);
0802     ASSERTCMP(msg->msg_control, ==, NULL);
0803
0804     mutex_lock(&call->user_mutex);
0805
0806     _debug("CALL %d USR %lx ST %d on CONN %p",
0807            call->debug_id, call->user_call_ID, call->state, call->conn);
0808
0809     switch (READ_ONCE(call->state)) {
0810     case RXRPC_CALL_CLIENT_SEND_REQUEST:
0811     case RXRPC_CALL_SERVER_ACK_REQUEST:
0812     case RXRPC_CALL_SERVER_SEND_REPLY:
0813         ret = rxrpc_send_data(rxrpc_sk(sock->sk), call, msg, len,
0814                       notify_end_tx, &dropped_lock);
0815         break;
0816     case RXRPC_CALL_COMPLETE:
0817         read_lock_bh(&call->state_lock);
0818         ret = call->error;
0819         read_unlock_bh(&call->state_lock);
0820         break;
0821     default:
0822         /* Request phase complete for this client call */
0823         trace_rxrpc_rx_eproto(call, 0, tracepoint_string("late_send"));
0824         ret = -EPROTO;
0825         break;
0826     }
0827
0828     if (!dropped_lock)
0829         mutex_unlock(&call->user_mutex);
0830     _leave(" = %d", ret);
0831     return ret;
0832 }
0833 EXPORT_SYMBOL(rxrpc_kernel_send_data);
0834
0835 /**
0836  * rxrpc_kernel_abort_call - Allow a kernel service to abort a call
0837  * @sock: The socket the call is on
0838  * @call: The call to be aborted
0839  * @abort_code: The abort code to stick into the ABORT packet
0840  * @error: Local error value
0841  * @why: 3-char string indicating why.
0842  *
0843  * Allow a kernel service to abort a call, if it's still in an abortable state
0844  * and return true if the call was aborted, false if it was already complete.
0845  */
0846 bool rxrpc_kernel_abort_call(struct socket *sock, struct rxrpc_call *call,
0847                  u32 abort_code, int error, const char *why)
0848 {
0849     bool aborted;
0850
0851     _enter("{%d},%d,%d,%s", call->debug_id, abort_code, error, why);
0852
0853     mutex_lock(&call->user_mutex);
0854
0855     aborted = rxrpc_abort_call(why, call, 0, abort_code, error);
0856     if (aborted)
0857         rxrpc_send_abort_packet(call);
0858
0859     mutex_unlock(&call->user_mutex);
0860     return aborted;
0861 }
0862 EXPORT_SYMBOL(rxrpc_kernel_abort_call);
0863
0864 /**
0865  * rxrpc_kernel_set_tx_length - Set the total Tx length on a call
0866  * @sock: The socket the call is on
0867  * @call: The call to be informed
0868  * @tx_total_len: The amount of data to be transmitted for this call
0869  *
0870  * Allow a kernel service to set the total transmit length on a call.  This
0871  * allows buffer-to-packet encrypt-and-copy to be performed.
0872  *
0873  * This function is primarily for use for setting the reply length since the
0874  * request length can be set when beginning the call.
0875  */
0876 void rxrpc_kernel_set_tx_length(struct socket *sock, struct rxrpc_call *call,
0877                 s64 tx_total_len)
0878 {
0879     WARN_ON(call->tx_total_len != -1);
0880     call->tx_total_len = tx_total_len;
0881 }
0882 EXPORT_SYMBOL(rxrpc_kernel_set_tx_length);