]> git.ipfire.org Git - thirdparty/kernel/stable.git/blame - net/rxrpc/output.c
projects / thirdparty / kernel / stable.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
rxrpc: Don't expose skbs to in-kernel users [ver #2]
[thirdparty/kernel/stable.git] / net / rxrpc / output.c
CommitLineData
17926a79
DH		 1/* RxRPC packet transmission
2 *
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
9b6d5398
JP		 12#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13
17926a79 14#include <linux/net.h>
5a0e3ad6 15#include <linux/gfp.h>
17926a79
DH		 16#include <linux/skbuff.h>
17#include <linux/circ_buf.h>
bc3b2d7f 18#include <linux/export.h>
17926a79
DH		 19#include <net/sock.h>
20#include <net/af_rxrpc.h>
21#include "ar-internal.h"
22
5873c083
DH		 23/*
24 * Time till packet resend (in jiffies).
25 */
dad8aff7 26unsigned int rxrpc_resend_timeout = 4 * HZ;
17926a79 27
1b784140 28static int rxrpc_send_data(struct rxrpc_sock *rx,
17926a79
DH		 29 struct rxrpc_call *call,
30 struct msghdr *msg, size_t len);
31
32/*
33 * extract control messages from the sendmsg() control buffer
34 */
2341e077 35static int rxrpc_sendmsg_cmsg(struct msghdr *msg,
17926a79
DH		 36 unsigned long *user_call_ID,
37 enum rxrpc_command *command,
cc8feb8e
DH		 38 u32 *abort_code,
39 bool *_exclusive)
17926a79
DH		 40{
41 struct cmsghdr *cmsg;
2341e077 42 bool got_user_ID = false;
17926a79
DH		 43 int len;
44
45 *command = RXRPC_CMD_SEND_DATA;
46
47 if (msg->msg_controllen == 0)
48 return -EINVAL;
49
f95b414e 50 for_each_cmsghdr(cmsg, msg) {
17926a79
DH		 51 if (!CMSG_OK(msg, cmsg))
52 return -EINVAL;
53
54 len = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
55 _debug("CMSG %d, %d, %d",
56 cmsg->cmsg_level, cmsg->cmsg_type, len);
57
58 if (cmsg->cmsg_level != SOL_RXRPC)
59 continue;
60
61 switch (cmsg->cmsg_type) {
62 case RXRPC_USER_CALL_ID:
63 if (msg->msg_flags & MSG_CMSG_COMPAT) {
64 if (len != sizeof(u32))
65 return -EINVAL;
66 *user_call_ID = *(u32 *) CMSG_DATA(cmsg);
67 } else {
68 if (len != sizeof(unsigned long))
69 return -EINVAL;
70 *user_call_ID = *(unsigned long *)
71 CMSG_DATA(cmsg);
72 }
73 _debug("User Call ID %lx", *user_call_ID);
2341e077 74 got_user_ID = true;
17926a79
DH		 75 break;
76
77 case RXRPC_ABORT:
78 if (*command != RXRPC_CMD_SEND_DATA)
79 return -EINVAL;
80 *command = RXRPC_CMD_SEND_ABORT;
81 if (len != sizeof(*abort_code))
82 return -EINVAL;
83 *abort_code = *(unsigned int *) CMSG_DATA(cmsg);
84 _debug("Abort %x", *abort_code);
85 if (*abort_code == 0)
86 return -EINVAL;
87 break;
88
89 case RXRPC_ACCEPT:
90 if (*command != RXRPC_CMD_SEND_DATA)
91 return -EINVAL;
92 *command = RXRPC_CMD_ACCEPT;
93 if (len != 0)
94 return -EINVAL;
17926a79
DH		 95 break;
96
cc8feb8e
DH		 97 case RXRPC_EXCLUSIVE_CALL:
98 *_exclusive = true;
99 if (len != 0)
100 return -EINVAL;
101 break;
17926a79
DH		 102 default:
103 return -EINVAL;
104 }
105 }
106
2341e077
DH		 107 if (!got_user_ID)
108 return -EINVAL;
17926a79
DH		 109 _leave(" = 0");
110 return 0;
111}
112
113/*
114 * abort a call, sending an ABORT packet to the peer
115 */
116static void rxrpc_send_abort(struct rxrpc_call *call, u32 abort_code)
117{
f5c17aae
DH		 118 if (call->state >= RXRPC_CALL_COMPLETE)
119 return;
120
17926a79
DH		 121 write_lock_bh(&call->state_lock);
122
f5c17aae 123 if (__rxrpc_abort_call(call, abort_code, ECONNABORTED)) {
17926a79
DH		 124 del_timer_sync(&call->resend_timer);
125 del_timer_sync(&call->ack_timer);
4c198ad1
DH		 126 clear_bit(RXRPC_CALL_EV_RESEND_TIMER, &call->events);
127 clear_bit(RXRPC_CALL_EV_ACK, &call->events);
17926a79 128 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
651350d1 129 rxrpc_queue_call(call);
17926a79
DH		 130 }
131
132 write_unlock_bh(&call->state_lock);
133}
134
2341e077
DH		 135/*
136 * Create a new client call for sendmsg().
137 */
138static struct rxrpc_call *
139rxrpc_new_client_call_for_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg,
cc8feb8e 140 unsigned long user_call_ID, bool exclusive)
2341e077 141{
19ffa01c 142 struct rxrpc_conn_parameters cp;
2341e077
DH		 143 struct rxrpc_call *call;
144 struct key *key;
2341e077
DH		 145
146 DECLARE_SOCKADDR(struct sockaddr_rxrpc *, srx, msg->msg_name);
147
148 _enter("");
149
150 if (!msg->msg_name)
151 return ERR_PTR(-EDESTADDRREQ);
152
19ffa01c
DH		 153 key = rx->key;
154 if (key && !rx->key->payload.data[0])
155 key = NULL;
156
157 memset(&cp, 0, sizeof(cp));
158 cp.local = rx->local;
159 cp.key = rx->key;
160 cp.security_level = rx->min_sec_level;
cc8feb8e 161 cp.exclusive = rx->exclusive | exclusive;
19ffa01c 162 cp.service_id = srx->srx_service;
aa390bbe 163 call = rxrpc_new_client_call(rx, &cp, srx, user_call_ID, GFP_KERNEL);
2341e077
DH		 164
165 _leave(" = %p\n", call);
166 return call;
2341e077
DH		 167}
168
17926a79
DH		 169/*
170 * send a message forming part of a client call through an RxRPC socket
171 * - caller holds the socket locked
172 * - the socket may be either a client socket or a server socket
173 */
2341e077 174int rxrpc_do_sendmsg(struct rxrpc_sock *rx, struct msghdr *msg, size_t len)
17926a79 175{
17926a79
DH		 176 enum rxrpc_command cmd;
177 struct rxrpc_call *call;
178 unsigned long user_call_ID = 0;
cc8feb8e 179 bool exclusive = false;
17926a79
DH		 180 u32 abort_code = 0;
181 int ret;
182
183 _enter("");
184
cc8feb8e
DH		 185 ret = rxrpc_sendmsg_cmsg(msg, &user_call_ID, &cmd, &abort_code,
186 &exclusive);
17926a79
DH		 187 if (ret < 0)
188 return ret;
189
2341e077
DH		 190 if (cmd == RXRPC_CMD_ACCEPT) {
191 if (rx->sk.sk_state != RXRPC_SERVER_LISTENING)
192 return -EINVAL;
d001648e 193 call = rxrpc_accept_call(rx, user_call_ID, NULL);
2341e077
DH		 194 if (IS_ERR(call))
195 return PTR_ERR(call);
196 rxrpc_put_call(call);
197 return 0;
17926a79
DH		 198 }
199
2341e077
DH		 200 call = rxrpc_find_call_by_user_ID(rx, user_call_ID);
201 if (!call) {
202 if (cmd != RXRPC_CMD_SEND_DATA)
203 return -EBADSLT;
cc8feb8e
DH		 204 call = rxrpc_new_client_call_for_sendmsg(rx, msg, user_call_ID,
205 exclusive);
2341e077
DH		 206 if (IS_ERR(call))
207 return PTR_ERR(call);
17926a79
DH		 208 }
209
e34d4234 210 rxrpc_see_call(call);
17926a79
DH		 211 _debug("CALL %d USR %lx ST %d on CONN %p",
212 call->debug_id, call->user_call_ID, call->state, call->conn);
213
214 if (call->state >= RXRPC_CALL_COMPLETE) {
215 /* it's too late for this call */
f5c17aae 216 ret = -ESHUTDOWN;
17926a79
DH		 217 } else if (cmd == RXRPC_CMD_SEND_ABORT) {
218 rxrpc_send_abort(call, abort_code);
2341e077 219 ret = 0;
17926a79
DH		 220 } else if (cmd != RXRPC_CMD_SEND_DATA) {
221 ret = -EINVAL;
dabe5a79 222 } else if (rxrpc_is_client_call(call) &&
2341e077 223 call->state != RXRPC_CALL_CLIENT_SEND_REQUEST) {
17926a79
DH		 224 /* request phase complete for this client call */
225 ret = -EPROTO;
dabe5a79 226 } else if (rxrpc_is_service_call(call) &&
2341e077
DH		 227 call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
228 call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
229 /* Reply phase not begun or not complete for service call. */
230 ret = -EPROTO;
17926a79 231 } else {
1b784140 232 ret = rxrpc_send_data(rx, call, msg, len);
17926a79
DH		 233 }
234
235 rxrpc_put_call(call);
236 _leave(" = %d", ret);
237 return ret;
238}
239
651350d1
DH		 240/**
241 * rxrpc_kernel_send_data - Allow a kernel service to send data on a call
4de48af6 242 * @sock: The socket the call is on
651350d1
DH		 243 * @call: The call to send data through
244 * @msg: The data to send
245 * @len: The amount of data to send
246 *
247 * Allow a kernel service to send data on a call. The call must be in an state
248 * appropriate to sending data. No control data should be supplied in @msg,
249 * nor should an address be supplied. MSG_MORE should be flagged if there's
250 * more data to come, otherwise this data will end the transmission phase.
251 */
4de48af6
DH		 252int rxrpc_kernel_send_data(struct socket *sock, struct rxrpc_call *call,
253 struct msghdr *msg, size_t len)
651350d1
DH		 254{
255 int ret;
256
257 _enter("{%d,%s},", call->debug_id, rxrpc_call_states[call->state]);
258
259 ASSERTCMP(msg->msg_name, ==, NULL);
260 ASSERTCMP(msg->msg_control, ==, NULL);
261
4de48af6 262 lock_sock(sock->sk);
651350d1
DH		 263
264 _debug("CALL %d USR %lx ST %d on CONN %p",
265 call->debug_id, call->user_call_ID, call->state, call->conn);
266
267 if (call->state >= RXRPC_CALL_COMPLETE) {
268 ret = -ESHUTDOWN; /* it's too late for this call */
269 } else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
270 call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
271 call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
272 ret = -EPROTO; /* request phase complete for this client call */
273 } else {
4de48af6 274 ret = rxrpc_send_data(rxrpc_sk(sock->sk), call, msg, len);
651350d1
DH		 275 }
276
4de48af6 277 release_sock(sock->sk);
651350d1
DH		 278 _leave(" = %d", ret);
279 return ret;
280}
651350d1
DH		 281EXPORT_SYMBOL(rxrpc_kernel_send_data);
282
2c53040f 283/**
651350d1 284 * rxrpc_kernel_abort_call - Allow a kernel service to abort a call
4de48af6 285 * @sock: The socket the call is on
651350d1
DH		 286 * @call: The call to be aborted
287 * @abort_code: The abort code to stick into the ABORT packet
288 *
289 * Allow a kernel service to abort a call, if it's still in an abortable state.
290 */
4de48af6
DH		 291void rxrpc_kernel_abort_call(struct socket *sock, struct rxrpc_call *call,
292 u32 abort_code)
651350d1
DH		 293{
294 _enter("{%d},%d", call->debug_id, abort_code);
295
4de48af6 296 lock_sock(sock->sk);
651350d1
DH		 297
298 _debug("CALL %d USR %lx ST %d on CONN %p",
299 call->debug_id, call->user_call_ID, call->state, call->conn);
300
f5c17aae 301 rxrpc_send_abort(call, abort_code);
651350d1 302
4de48af6 303 release_sock(sock->sk);
651350d1
DH		 304 _leave("");
305}
306
307EXPORT_SYMBOL(rxrpc_kernel_abort_call);
308
17926a79
DH		 309/*
310 * send a packet through the transport endpoint
311 */
985a5c82 312int rxrpc_send_data_packet(struct rxrpc_connection *conn, struct sk_buff *skb)
17926a79
DH		 313{
314 struct kvec iov[1];
315 struct msghdr msg;
316 int ret, opt;
317
318 _enter(",{%d}", skb->len);
319
320 iov[0].iov_base = skb->head;
321 iov[0].iov_len = skb->len;
322
985a5c82
DH		 323 msg.msg_name = &conn->params.peer->srx.transport;
324 msg.msg_namelen = conn->params.peer->srx.transport_len;
17926a79
DH		 325 msg.msg_control = NULL;
326 msg.msg_controllen = 0;
327 msg.msg_flags = 0;
328
329 /* send the packet with the don't fragment bit set if we currently
330 * think it's small enough */
985a5c82
DH		 331 if (skb->len - sizeof(struct rxrpc_wire_header) < conn->params.peer->maxdata) {
332 down_read(&conn->params.local->defrag_sem);
17926a79
DH		 333 /* send the packet by UDP
334 * - returns -EMSGSIZE if UDP would have to fragment the packet
335 * to go out of the interface
336 * - in which case, we'll have processed the ICMP error
337 * message and update the peer record
338 */
985a5c82 339 ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, 1,
17926a79
DH		 340 iov[0].iov_len);
341
985a5c82 342 up_read(&conn->params.local->defrag_sem);
17926a79
DH		 343 if (ret == -EMSGSIZE)
344 goto send_fragmentable;
345
985a5c82 346 _leave(" = %d [%u]", ret, conn->params.peer->maxdata);
17926a79
DH		 347 return ret;
348 }
349
350send_fragmentable:
351 /* attempt to send this message with fragmentation enabled */
352 _debug("send fragment");
353
985a5c82
DH		 354 down_write(&conn->params.local->defrag_sem);
355
356 switch (conn->params.local->srx.transport.family) {
357 case AF_INET:
358 opt = IP_PMTUDISC_DONT;
359 ret = kernel_setsockopt(conn->params.local->socket,
360 SOL_IP, IP_MTU_DISCOVER,
361 (char *)&opt, sizeof(opt));
362 if (ret == 0) {
363 ret = kernel_sendmsg(conn->params.local->socket, &msg, iov, 1,
364 iov[0].iov_len);
365
366 opt = IP_PMTUDISC_DO;
367 kernel_setsockopt(conn->params.local->socket, SOL_IP,
368 IP_MTU_DISCOVER,
369 (char *)&opt, sizeof(opt));
370 }
371 break;
17926a79
DH		 372 }
373
985a5c82
DH		 374 up_write(&conn->params.local->defrag_sem);
375 _leave(" = %d [frag %u]", ret, conn->params.peer->maxdata);
17926a79
DH		 376 return ret;
377}
378
379/*
380 * wait for space to appear in the transmit/ACK window
381 * - caller holds the socket locked
382 */
383static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx,
384 struct rxrpc_call *call,
385 long *timeo)
386{
387 DECLARE_WAITQUEUE(myself, current);
388 int ret;
389
390 _enter(",{%d},%ld",
ee72b9fd
DH		 391 CIRC_SPACE(call->acks_head, ACCESS_ONCE(call->acks_tail),
392 call->acks_winsz),
17926a79
DH		 393 *timeo);
394
45025bce 395 add_wait_queue(&call->waitq, &myself);
17926a79
DH		 396
397 for (;;) {
398 set_current_state(TASK_INTERRUPTIBLE);
399 ret = 0;
ee72b9fd 400 if (CIRC_SPACE(call->acks_head, ACCESS_ONCE(call->acks_tail),
17926a79
DH		 401 call->acks_winsz) > 0)
402 break;
403 if (signal_pending(current)) {
404 ret = sock_intr_errno(*timeo);
405 break;
406 }
407
408 release_sock(&rx->sk);
409 *timeo = schedule_timeout(*timeo);
410 lock_sock(&rx->sk);
411 }
412
45025bce 413 remove_wait_queue(&call->waitq, &myself);
17926a79
DH		 414 set_current_state(TASK_RUNNING);
415 _leave(" = %d", ret);
416 return ret;
417}
418
419/*
420 * attempt to schedule an instant Tx resend
421 */
422static inline void rxrpc_instant_resend(struct rxrpc_call *call)
423{
424 read_lock_bh(&call->state_lock);
425 if (try_to_del_timer_sync(&call->resend_timer) >= 0) {
426 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
427 if (call->state < RXRPC_CALL_COMPLETE &&
4c198ad1 428 !test_and_set_bit(RXRPC_CALL_EV_RESEND_TIMER, &call->events))
651350d1 429 rxrpc_queue_call(call);
17926a79
DH		 430 }
431 read_unlock_bh(&call->state_lock);
432}
433
434/*
435 * queue a packet for transmission, set the resend timer and attempt
436 * to send the packet immediately
437 */
438static void rxrpc_queue_packet(struct rxrpc_call *call, struct sk_buff *skb,
439 bool last)
440{
441 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
442 int ret;
443
444 _net("queue skb %p [%d]", skb, call->acks_head);
445
446 ASSERT(call->acks_window != NULL);
447 call->acks_window[call->acks_head] = (unsigned long) skb;
448 smp_wmb();
449 call->acks_head = (call->acks_head + 1) & (call->acks_winsz - 1);
450
451 if (last || call->state == RXRPC_CALL_SERVER_ACK_REQUEST) {
452 _debug("________awaiting reply/ACK__________");
453 write_lock_bh(&call->state_lock);
454 switch (call->state) {
455 case RXRPC_CALL_CLIENT_SEND_REQUEST:
456 call->state = RXRPC_CALL_CLIENT_AWAIT_REPLY;
457 break;
458 case RXRPC_CALL_SERVER_ACK_REQUEST:
459 call->state = RXRPC_CALL_SERVER_SEND_REPLY;
460 if (!last)
461 break;
462 case RXRPC_CALL_SERVER_SEND_REPLY:
463 call->state = RXRPC_CALL_SERVER_AWAIT_ACK;
464 break;
465 default:
466 break;
467 }
468 write_unlock_bh(&call->state_lock);
469 }
470
0d12f8a4 471 _proto("Tx DATA %%%u { #%u }", sp->hdr.serial, sp->hdr.seq);
17926a79 472
3db1cd5c 473 sp->need_resend = false;
5873c083 474 sp->resend_at = jiffies + rxrpc_resend_timeout;
17926a79
DH		 475 if (!test_and_set_bit(RXRPC_CALL_RUN_RTIMER, &call->flags)) {
476 _debug("run timer");
477 call->resend_timer.expires = sp->resend_at;
478 add_timer(&call->resend_timer);
479 }
480
481 /* attempt to cancel the rx-ACK timer, deferring reply transmission if
482 * we're ACK'ing the request phase of an incoming call */
483 ret = -EAGAIN;
484 if (try_to_del_timer_sync(&call->ack_timer) >= 0) {
485 /* the packet may be freed by rxrpc_process_call() before this
486 * returns */
45025bce
DH		 487 if (rxrpc_is_client_call(call))
488 rxrpc_expose_client_call(call);
985a5c82 489 ret = rxrpc_send_data_packet(call->conn, skb);
17926a79
DH		 490 _net("sent skb %p", skb);
491 } else {
492 _debug("failed to delete ACK timer");
493 }
494
495 if (ret < 0) {
496 _debug("need instant resend %d", ret);
3db1cd5c 497 sp->need_resend = true;
17926a79
DH		 498 rxrpc_instant_resend(call);
499 }
500
501 _leave("");
502}
503
0d12f8a4
DH		 504/*
505 * Convert a host-endian header into a network-endian header.
506 */
507static void rxrpc_insert_header(struct sk_buff *skb)
508{
509 struct rxrpc_wire_header whdr;
510 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
511
512 whdr.epoch = htonl(sp->hdr.epoch);
513 whdr.cid = htonl(sp->hdr.cid);
514 whdr.callNumber = htonl(sp->hdr.callNumber);
515 whdr.seq = htonl(sp->hdr.seq);
516 whdr.serial = htonl(sp->hdr.serial);
517 whdr.type = sp->hdr.type;
518 whdr.flags = sp->hdr.flags;
519 whdr.userStatus = sp->hdr.userStatus;
520 whdr.securityIndex = sp->hdr.securityIndex;
521 whdr._rsvd = htons(sp->hdr._rsvd);
522 whdr.serviceId = htons(sp->hdr.serviceId);
523
524 memcpy(skb->head, &whdr, sizeof(whdr));
525}
526
17926a79
DH		 527/*
528 * send data through a socket
529 * - must be called in process context
530 * - caller holds the socket locked
531 */
1b784140 532static int rxrpc_send_data(struct rxrpc_sock *rx,
17926a79
DH		 533 struct rxrpc_call *call,
534 struct msghdr *msg, size_t len)
535{
536 struct rxrpc_skb_priv *sp;
17926a79 537 struct sk_buff *skb;
17926a79
DH		 538 struct sock *sk = &rx->sk;
539 long timeo;
540 bool more;
af2b040e 541 int ret, copied;
17926a79 542
17926a79
DH		 543 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
544
545 /* this should be in poll */
9cd3e072 546 sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
17926a79
DH		 547
548 if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN))
549 return -EPIPE;
550
17926a79
DH		 551 more = msg->msg_flags & MSG_MORE;
552
553 skb = call->tx_pending;
554 call->tx_pending = NULL;
df844fd4 555 rxrpc_see_skb(skb);
17926a79
DH		 556
557 copied = 0;
3af6878e 558 do {
17926a79
DH		 559 if (!skb) {
560 size_t size, chunk, max, space;
561
562 _debug("alloc");
563
ee72b9fd
DH		 564 if (CIRC_SPACE(call->acks_head,
565 ACCESS_ONCE(call->acks_tail),
17926a79
DH		 566 call->acks_winsz) <= 0) {
567 ret = -EAGAIN;
568 if (msg->msg_flags & MSG_DONTWAIT)
569 goto maybe_error;
570 ret = rxrpc_wait_for_tx_window(rx, call,
571 &timeo);
572 if (ret < 0)
573 goto maybe_error;
574 }
575
85f32278 576 max = call->conn->params.peer->maxdata;
17926a79
DH		 577 max -= call->conn->security_size;
578 max &= ~(call->conn->size_align - 1UL);
579
580 chunk = max;
01e97e65
AV		 581 if (chunk > msg_data_left(msg) && !more)
582 chunk = msg_data_left(msg);
17926a79
DH		 583
584 space = chunk + call->conn->size_align;
585 space &= ~(call->conn->size_align - 1UL);
586
587 size = space + call->conn->header_size;
588
589 _debug("SIZE: %zu/%zu/%zu", chunk, space, size);
590
591 /* create a buffer that we can retain until it's ACK'd */
592 skb = sock_alloc_send_skb(
593 sk, size, msg->msg_flags & MSG_DONTWAIT, &ret);
594 if (!skb)
595 goto maybe_error;
596
597 rxrpc_new_skb(skb);
598
599 _debug("ALLOC SEND %p", skb);
600
601 ASSERTCMP(skb->mark, ==, 0);
602
603 _debug("HS: %u", call->conn->header_size);
604 skb_reserve(skb, call->conn->header_size);
605 skb->len += call->conn->header_size;
606
607 sp = rxrpc_skb(skb);
608 sp->remain = chunk;
609 if (sp->remain > skb_tailroom(skb))
610 sp->remain = skb_tailroom(skb);
611
612 _net("skb: hr %d, tr %d, hl %d, rm %d",
613 skb_headroom(skb),
614 skb_tailroom(skb),
615 skb_headlen(skb),
616 sp->remain);
617
618 skb->ip_summed = CHECKSUM_UNNECESSARY;
619 }
620
621 _debug("append");
622 sp = rxrpc_skb(skb);
623
624 /* append next segment of data to the current buffer */
01e97e65 625 if (msg_data_left(msg) > 0) {
aab94830
DH		 626 int copy = skb_tailroom(skb);
627 ASSERTCMP(copy, >, 0);
01e97e65
AV		 628 if (copy > msg_data_left(msg))
629 copy = msg_data_left(msg);
aab94830
DH		 630 if (copy > sp->remain)
631 copy = sp->remain;
632
633 _debug("add");
634 ret = skb_add_data(skb, &msg->msg_iter, copy);
635 _debug("added");
636 if (ret < 0)
637 goto efault;
638 sp->remain -= copy;
639 skb->mark += copy;
640 copied += copy;
aab94830 641 }
17926a79
DH		 642
643 /* check for the far side aborting the call or a network error
644 * occurring */
f5c17aae
DH		 645 if (call->state == RXRPC_CALL_COMPLETE)
646 goto call_terminated;
17926a79
DH		 647
648 /* add the packet to the send queue if it's now full */
382d7974 649 if (sp->remain <= 0 ||
01e97e65 650 (msg_data_left(msg) == 0 && !more)) {
17926a79 651 struct rxrpc_connection *conn = call->conn;
e8388eb1 652 uint32_t seq;
17926a79
DH		 653 size_t pad;
654
655 /* pad out if we're using security */
e0e4d82f 656 if (conn->security_ix) {
17926a79
DH		 657 pad = conn->security_size + skb->mark;
658 pad = conn->size_align - pad;
659 pad &= conn->size_align - 1;
660 _debug("pad %zu", pad);
661 if (pad)
662 memset(skb_put(skb, pad), 0, pad);
663 }
664
e8388eb1
DH		 665 seq = atomic_inc_return(&call->sequence);
666
19ffa01c 667 sp->hdr.epoch = conn->proto.epoch;
0d12f8a4 668 sp->hdr.cid = call->cid;
17926a79 669 sp->hdr.callNumber = call->call_id;
0d12f8a4
DH		 670 sp->hdr.seq = seq;
671 sp->hdr.serial = atomic_inc_return(&conn->serial);
672 sp->hdr.type = RXRPC_PACKET_TYPE_DATA;
17926a79
DH		 673 sp->hdr.userStatus = 0;
674 sp->hdr.securityIndex = conn->security_ix;
0d12f8a4
DH		 675 sp->hdr._rsvd = 0;
676 sp->hdr.serviceId = call->service_id;
17926a79
DH		 677
678 sp->hdr.flags = conn->out_clientflag;
01e97e65 679 if (msg_data_left(msg) == 0 && !more)
17926a79 680 sp->hdr.flags |= RXRPC_LAST_PACKET;
ee72b9fd
DH		 681 else if (CIRC_SPACE(call->acks_head,
682 ACCESS_ONCE(call->acks_tail),
17926a79
DH		 683 call->acks_winsz) > 1)
684 sp->hdr.flags |= RXRPC_MORE_PACKETS;
e8388eb1
DH		 685 if (more && seq & 1)
686 sp->hdr.flags |= RXRPC_REQUEST_ACK;
17926a79 687
e0e4d82f 688 ret = conn->security->secure_packet(
17926a79 689 call, skb, skb->mark,
0d12f8a4 690 skb->head + sizeof(struct rxrpc_wire_header));
17926a79
DH		 691 if (ret < 0)
692 goto out;
693
0d12f8a4 694 rxrpc_insert_header(skb);
01e97e65 695 rxrpc_queue_packet(call, skb, !msg_data_left(msg) && !more);
17926a79
DH		 696 skb = NULL;
697 }
01e97e65 698 } while (msg_data_left(msg) > 0);
17926a79 699
19e6454c
DH		 700success:
701 ret = copied;
17926a79
DH		 702out:
703 call->tx_pending = skb;
704 _leave(" = %d", ret);
705 return ret;
706
f5c17aae 707call_terminated:
17926a79 708 rxrpc_free_skb(skb);
f5c17aae 709 _leave(" = %d", -call->error);
17926a79
DH		 710 return ret;
711
712maybe_error:
713 if (copied)
19e6454c 714 goto success;
17926a79
DH		 715 goto out;
716
717efault:
718 ret = -EFAULT;
719 goto out;
720}
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git