linux/net/tipc/socket.c
<<
>>
Prefs
   1/*
   2 * net/tipc/socket.c: TIPC socket API
   3 *
   4 * Copyright (c) 2001-2007, Ericsson AB
   5 * Copyright (c) 2004-2008, 2010-2011, Wind River Systems
   6 * All rights reserved.
   7 *
   8 * Redistribution and use in source and binary forms, with or without
   9 * modification, are permitted provided that the following conditions are met:
  10 *
  11 * 1. Redistributions of source code must retain the above copyright
  12 *    notice, this list of conditions and the following disclaimer.
  13 * 2. Redistributions in binary form must reproduce the above copyright
  14 *    notice, this list of conditions and the following disclaimer in the
  15 *    documentation and/or other materials provided with the distribution.
  16 * 3. Neither the names of the copyright holders nor the names of its
  17 *    contributors may be used to endorse or promote products derived from
  18 *    this software without specific prior written permission.
  19 *
  20 * Alternatively, this software may be distributed under the terms of the
  21 * GNU General Public License ("GPL") version 2 as published by the Free
  22 * Software Foundation.
  23 *
  24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  25 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  27 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
  28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  32 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  33 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  34 * POSSIBILITY OF SUCH DAMAGE.
  35 */
  36
  37#include <linux/export.h>
  38#include <net/sock.h>
  39
  40#include "core.h"
  41#include "port.h"
  42
  43#define SS_LISTENING    -1      /* socket is listening */
  44#define SS_READY        -2      /* socket is connectionless */
  45
  46#define OVERLOAD_LIMIT_BASE     5000
  47#define CONN_TIMEOUT_DEFAULT    8000    /* default connect timeout = 8s */
  48
  49struct tipc_sock {
  50        struct sock sk;
  51        struct tipc_port *p;
  52        struct tipc_portid peer_name;
  53        unsigned int conn_timeout;
  54};
  55
  56#define tipc_sk(sk) ((struct tipc_sock *)(sk))
  57#define tipc_sk_port(sk) ((struct tipc_port *)(tipc_sk(sk)->p))
  58
  59#define tipc_rx_ready(sock) (!skb_queue_empty(&sock->sk->sk_receive_queue) || \
  60                        (sock->state == SS_DISCONNECTING))
  61
  62static int backlog_rcv(struct sock *sk, struct sk_buff *skb);
  63static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf);
  64static void wakeupdispatch(struct tipc_port *tport);
  65
  66static const struct proto_ops packet_ops;
  67static const struct proto_ops stream_ops;
  68static const struct proto_ops msg_ops;
  69
  70static struct proto tipc_proto;
  71
  72static int sockets_enabled;
  73
  74static atomic_t tipc_queue_size = ATOMIC_INIT(0);
  75
  76/*
  77 * Revised TIPC socket locking policy:
  78 *
  79 * Most socket operations take the standard socket lock when they start
  80 * and hold it until they finish (or until they need to sleep).  Acquiring
  81 * this lock grants the owner exclusive access to the fields of the socket
  82 * data structures, with the exception of the backlog queue.  A few socket
  83 * operations can be done without taking the socket lock because they only
  84 * read socket information that never changes during the life of the socket.
  85 *
  86 * Socket operations may acquire the lock for the associated TIPC port if they
  87 * need to perform an operation on the port.  If any routine needs to acquire
  88 * both the socket lock and the port lock it must take the socket lock first
  89 * to avoid the risk of deadlock.
  90 *
  91 * The dispatcher handling incoming messages cannot grab the socket lock in
  92 * the standard fashion, since invoked it runs at the BH level and cannot block.
  93 * Instead, it checks to see if the socket lock is currently owned by someone,
  94 * and either handles the message itself or adds it to the socket's backlog
  95 * queue; in the latter case the queued message is processed once the process
  96 * owning the socket lock releases it.
  97 *
  98 * NOTE: Releasing the socket lock while an operation is sleeping overcomes
  99 * the problem of a blocked socket operation preventing any other operations
 100 * from occurring.  However, applications must be careful if they have
 101 * multiple threads trying to send (or receive) on the same socket, as these
 102 * operations might interfere with each other.  For example, doing a connect
 103 * and a receive at the same time might allow the receive to consume the
 104 * ACK message meant for the connect.  While additional work could be done
 105 * to try and overcome this, it doesn't seem to be worthwhile at the present.
 106 *
 107 * NOTE: Releasing the socket lock while an operation is sleeping also ensures
 108 * that another operation that must be performed in a non-blocking manner is
 109 * not delayed for very long because the lock has already been taken.
 110 *
 111 * NOTE: This code assumes that certain fields of a port/socket pair are
 112 * constant over its lifetime; such fields can be examined without taking
 113 * the socket lock and/or port lock, and do not need to be re-read even
 114 * after resuming processing after waiting.  These fields include:
 115 *   - socket type
 116 *   - pointer to socket sk structure (aka tipc_sock structure)
 117 *   - pointer to port structure
 118 *   - port reference
 119 */
 120
 121/**
 122 * advance_rx_queue - discard first buffer in socket receive queue
 123 *
 124 * Caller must hold socket lock
 125 */
 126
 127static void advance_rx_queue(struct sock *sk)
 128{
 129        buf_discard(__skb_dequeue(&sk->sk_receive_queue));
 130        atomic_dec(&tipc_queue_size);
 131}
 132
 133/**
 134 * discard_rx_queue - discard all buffers in socket receive queue
 135 *
 136 * Caller must hold socket lock
 137 */
 138
 139static void discard_rx_queue(struct sock *sk)
 140{
 141        struct sk_buff *buf;
 142
 143        while ((buf = __skb_dequeue(&sk->sk_receive_queue))) {
 144                atomic_dec(&tipc_queue_size);
 145                buf_discard(buf);
 146        }
 147}
 148
 149/**
 150 * reject_rx_queue - reject all buffers in socket receive queue
 151 *
 152 * Caller must hold socket lock
 153 */
 154
 155static void reject_rx_queue(struct sock *sk)
 156{
 157        struct sk_buff *buf;
 158
 159        while ((buf = __skb_dequeue(&sk->sk_receive_queue))) {
 160                tipc_reject_msg(buf, TIPC_ERR_NO_PORT);
 161                atomic_dec(&tipc_queue_size);
 162        }
 163}
 164
 165/**
 166 * tipc_create - create a TIPC socket
 167 * @net: network namespace (must be default network)
 168 * @sock: pre-allocated socket structure
 169 * @protocol: protocol indicator (must be 0)
 170 * @kern: caused by kernel or by userspace?
 171 *
 172 * This routine creates additional data structures used by the TIPC socket,
 173 * initializes them, and links them together.
 174 *
 175 * Returns 0 on success, errno otherwise
 176 */
 177
 178static int tipc_create(struct net *net, struct socket *sock, int protocol,
 179                       int kern)
 180{
 181        const struct proto_ops *ops;
 182        socket_state state;
 183        struct sock *sk;
 184        struct tipc_port *tp_ptr;
 185
 186        /* Validate arguments */
 187
 188        if (unlikely(protocol != 0))
 189                return -EPROTONOSUPPORT;
 190
 191        switch (sock->type) {
 192        case SOCK_STREAM:
 193                ops = &stream_ops;
 194                state = SS_UNCONNECTED;
 195                break;
 196        case SOCK_SEQPACKET:
 197                ops = &packet_ops;
 198                state = SS_UNCONNECTED;
 199                break;
 200        case SOCK_DGRAM:
 201        case SOCK_RDM:
 202                ops = &msg_ops;
 203                state = SS_READY;
 204                break;
 205        default:
 206                return -EPROTOTYPE;
 207        }
 208
 209        /* Allocate socket's protocol area */
 210
 211        sk = sk_alloc(net, AF_TIPC, GFP_KERNEL, &tipc_proto);
 212        if (sk == NULL)
 213                return -ENOMEM;
 214
 215        /* Allocate TIPC port for socket to use */
 216
 217        tp_ptr = tipc_createport_raw(sk, &dispatch, &wakeupdispatch,
 218                                     TIPC_LOW_IMPORTANCE);
 219        if (unlikely(!tp_ptr)) {
 220                sk_free(sk);
 221                return -ENOMEM;
 222        }
 223
 224        /* Finish initializing socket data structures */
 225
 226        sock->ops = ops;
 227        sock->state = state;
 228
 229        sock_init_data(sock, sk);
 230        sk->sk_backlog_rcv = backlog_rcv;
 231        tipc_sk(sk)->p = tp_ptr;
 232        tipc_sk(sk)->conn_timeout = CONN_TIMEOUT_DEFAULT;
 233
 234        spin_unlock_bh(tp_ptr->lock);
 235
 236        if (sock->state == SS_READY) {
 237                tipc_set_portunreturnable(tp_ptr->ref, 1);
 238                if (sock->type == SOCK_DGRAM)
 239                        tipc_set_portunreliable(tp_ptr->ref, 1);
 240        }
 241
 242        return 0;
 243}
 244
 245/**
 246 * release - destroy a TIPC socket
 247 * @sock: socket to destroy
 248 *
 249 * This routine cleans up any messages that are still queued on the socket.
 250 * For DGRAM and RDM socket types, all queued messages are rejected.
 251 * For SEQPACKET and STREAM socket types, the first message is rejected
 252 * and any others are discarded.  (If the first message on a STREAM socket
 253 * is partially-read, it is discarded and the next one is rejected instead.)
 254 *
 255 * NOTE: Rejected messages are not necessarily returned to the sender!  They
 256 * are returned or discarded according to the "destination droppable" setting
 257 * specified for the message by the sender.
 258 *
 259 * Returns 0 on success, errno otherwise
 260 */
 261
 262static int release(struct socket *sock)
 263{
 264        struct sock *sk = sock->sk;
 265        struct tipc_port *tport;
 266        struct sk_buff *buf;
 267        int res;
 268
 269        /*
 270         * Exit if socket isn't fully initialized (occurs when a failed accept()
 271         * releases a pre-allocated child socket that was never used)
 272         */
 273
 274        if (sk == NULL)
 275                return 0;
 276
 277        tport = tipc_sk_port(sk);
 278        lock_sock(sk);
 279
 280        /*
 281         * Reject all unreceived messages, except on an active connection
 282         * (which disconnects locally & sends a 'FIN+' to peer)
 283         */
 284
 285        while (sock->state != SS_DISCONNECTING) {
 286                buf = __skb_dequeue(&sk->sk_receive_queue);
 287                if (buf == NULL)
 288                        break;
 289                atomic_dec(&tipc_queue_size);
 290                if (TIPC_SKB_CB(buf)->handle != 0)
 291                        buf_discard(buf);
 292                else {
 293                        if ((sock->state == SS_CONNECTING) ||
 294                            (sock->state == SS_CONNECTED)) {
 295                                sock->state = SS_DISCONNECTING;
 296                                tipc_disconnect(tport->ref);
 297                        }
 298                        tipc_reject_msg(buf, TIPC_ERR_NO_PORT);
 299                }
 300        }
 301
 302        /*
 303         * Delete TIPC port; this ensures no more messages are queued
 304         * (also disconnects an active connection & sends a 'FIN-' to peer)
 305         */
 306
 307        res = tipc_deleteport(tport->ref);
 308
 309        /* Discard any remaining (connection-based) messages in receive queue */
 310
 311        discard_rx_queue(sk);
 312
 313        /* Reject any messages that accumulated in backlog queue */
 314
 315        sock->state = SS_DISCONNECTING;
 316        release_sock(sk);
 317
 318        sock_put(sk);
 319        sock->sk = NULL;
 320
 321        return res;
 322}
 323
 324/**
 325 * bind - associate or disassocate TIPC name(s) with a socket
 326 * @sock: socket structure
 327 * @uaddr: socket address describing name(s) and desired operation
 328 * @uaddr_len: size of socket address data structure
 329 *
 330 * Name and name sequence binding is indicated using a positive scope value;
 331 * a negative scope value unbinds the specified name.  Specifying no name
 332 * (i.e. a socket address length of 0) unbinds all names from the socket.
 333 *
 334 * Returns 0 on success, errno otherwise
 335 *
 336 * NOTE: This routine doesn't need to take the socket lock since it doesn't
 337 *       access any non-constant socket information.
 338 */
 339
 340static int bind(struct socket *sock, struct sockaddr *uaddr, int uaddr_len)
 341{
 342        struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
 343        u32 portref = tipc_sk_port(sock->sk)->ref;
 344
 345        if (unlikely(!uaddr_len))
 346                return tipc_withdraw(portref, 0, NULL);
 347
 348        if (uaddr_len < sizeof(struct sockaddr_tipc))
 349                return -EINVAL;
 350        if (addr->family != AF_TIPC)
 351                return -EAFNOSUPPORT;
 352
 353        if (addr->addrtype == TIPC_ADDR_NAME)
 354                addr->addr.nameseq.upper = addr->addr.nameseq.lower;
 355        else if (addr->addrtype != TIPC_ADDR_NAMESEQ)
 356                return -EAFNOSUPPORT;
 357
 358        return (addr->scope > 0) ?
 359                tipc_publish(portref, addr->scope, &addr->addr.nameseq) :
 360                tipc_withdraw(portref, -addr->scope, &addr->addr.nameseq);
 361}
 362
 363/**
 364 * get_name - get port ID of socket or peer socket
 365 * @sock: socket structure
 366 * @uaddr: area for returned socket address
 367 * @uaddr_len: area for returned length of socket address
 368 * @peer: 0 = own ID, 1 = current peer ID, 2 = current/former peer ID
 369 *
 370 * Returns 0 on success, errno otherwise
 371 *
 372 * NOTE: This routine doesn't need to take the socket lock since it only
 373 *       accesses socket information that is unchanging (or which changes in
 374 *       a completely predictable manner).
 375 */
 376
 377static int get_name(struct socket *sock, struct sockaddr *uaddr,
 378                    int *uaddr_len, int peer)
 379{
 380        struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
 381        struct tipc_sock *tsock = tipc_sk(sock->sk);
 382
 383        memset(addr, 0, sizeof(*addr));
 384        if (peer) {
 385                if ((sock->state != SS_CONNECTED) &&
 386                        ((peer != 2) || (sock->state != SS_DISCONNECTING)))
 387                        return -ENOTCONN;
 388                addr->addr.id.ref = tsock->peer_name.ref;
 389                addr->addr.id.node = tsock->peer_name.node;
 390        } else {
 391                addr->addr.id.ref = tsock->p->ref;
 392                addr->addr.id.node = tipc_own_addr;
 393        }
 394
 395        *uaddr_len = sizeof(*addr);
 396        addr->addrtype = TIPC_ADDR_ID;
 397        addr->family = AF_TIPC;
 398        addr->scope = 0;
 399        addr->addr.name.domain = 0;
 400
 401        return 0;
 402}
 403
 404/**
 405 * poll - read and possibly block on pollmask
 406 * @file: file structure associated with the socket
 407 * @sock: socket for which to calculate the poll bits
 408 * @wait: ???
 409 *
 410 * Returns pollmask value
 411 *
 412 * COMMENTARY:
 413 * It appears that the usual socket locking mechanisms are not useful here
 414 * since the pollmask info is potentially out-of-date the moment this routine
 415 * exits.  TCP and other protocols seem to rely on higher level poll routines
 416 * to handle any preventable race conditions, so TIPC will do the same ...
 417 *
 418 * TIPC sets the returned events as follows:
 419 *
 420 * socket state         flags set
 421 * ------------         ---------
 422 * unconnected          no read flags
 423 *                      no write flags
 424 *
 425 * connecting           POLLIN/POLLRDNORM if ACK/NACK in rx queue
 426 *                      no write flags
 427 *
 428 * connected            POLLIN/POLLRDNORM if data in rx queue
 429 *                      POLLOUT if port is not congested
 430 *
 431 * disconnecting        POLLIN/POLLRDNORM/POLLHUP
 432 *                      no write flags
 433 *
 434 * listening            POLLIN if SYN in rx queue
 435 *                      no write flags
 436 *
 437 * ready                POLLIN/POLLRDNORM if data in rx queue
 438 * [connectionless]     POLLOUT (since port cannot be congested)
 439 *
 440 * IMPORTANT: The fact that a read or write operation is indicated does NOT
 441 * imply that the operation will succeed, merely that it should be performed
 442 * and will not block.
 443 */
 444
 445static unsigned int poll(struct file *file, struct socket *sock,
 446                         poll_table *wait)
 447{
 448        struct sock *sk = sock->sk;
 449        u32 mask = 0;
 450
 451        poll_wait(file, sk_sleep(sk), wait);
 452
 453        switch ((int)sock->state) {
 454        case SS_READY:
 455        case SS_CONNECTED:
 456                if (!tipc_sk_port(sk)->congested)
 457                        mask |= POLLOUT;
 458                /* fall thru' */
 459        case SS_CONNECTING:
 460        case SS_LISTENING:
 461                if (!skb_queue_empty(&sk->sk_receive_queue))
 462                        mask |= (POLLIN | POLLRDNORM);
 463                break;
 464        case SS_DISCONNECTING:
 465                mask = (POLLIN | POLLRDNORM | POLLHUP);
 466                break;
 467        }
 468
 469        return mask;
 470}
 471
 472/**
 473 * dest_name_check - verify user is permitted to send to specified port name
 474 * @dest: destination address
 475 * @m: descriptor for message to be sent
 476 *
 477 * Prevents restricted configuration commands from being issued by
 478 * unauthorized users.
 479 *
 480 * Returns 0 if permission is granted, otherwise errno
 481 */
 482
 483static int dest_name_check(struct sockaddr_tipc *dest, struct msghdr *m)
 484{
 485        struct tipc_cfg_msg_hdr hdr;
 486
 487        if (likely(dest->addr.name.name.type >= TIPC_RESERVED_TYPES))
 488                return 0;
 489        if (likely(dest->addr.name.name.type == TIPC_TOP_SRV))
 490                return 0;
 491        if (likely(dest->addr.name.name.type != TIPC_CFG_SRV))
 492                return -EACCES;
 493
 494        if (!m->msg_iovlen || (m->msg_iov[0].iov_len < sizeof(hdr)))
 495                return -EMSGSIZE;
 496        if (copy_from_user(&hdr, m->msg_iov[0].iov_base, sizeof(hdr)))
 497                return -EFAULT;
 498        if ((ntohs(hdr.tcm_type) & 0xC000) && (!capable(CAP_NET_ADMIN)))
 499                return -EACCES;
 500
 501        return 0;
 502}
 503
 504/**
 505 * send_msg - send message in connectionless manner
 506 * @iocb: if NULL, indicates that socket lock is already held
 507 * @sock: socket structure
 508 * @m: message to send
 509 * @total_len: length of message
 510 *
 511 * Message must have an destination specified explicitly.
 512 * Used for SOCK_RDM and SOCK_DGRAM messages,
 513 * and for 'SYN' messages on SOCK_SEQPACKET and SOCK_STREAM connections.
 514 * (Note: 'SYN+' is prohibited on SOCK_STREAM.)
 515 *
 516 * Returns the number of bytes sent on success, or errno otherwise
 517 */
 518
 519static int send_msg(struct kiocb *iocb, struct socket *sock,
 520                    struct msghdr *m, size_t total_len)
 521{
 522        struct sock *sk = sock->sk;
 523        struct tipc_port *tport = tipc_sk_port(sk);
 524        struct sockaddr_tipc *dest = (struct sockaddr_tipc *)m->msg_name;
 525        int needs_conn;
 526        long timeout_val;
 527        int res = -EINVAL;
 528
 529        if (unlikely(!dest))
 530                return -EDESTADDRREQ;
 531        if (unlikely((m->msg_namelen < sizeof(*dest)) ||
 532                     (dest->family != AF_TIPC)))
 533                return -EINVAL;
 534        if ((total_len > TIPC_MAX_USER_MSG_SIZE) ||
 535            (m->msg_iovlen > (unsigned)INT_MAX))
 536                return -EMSGSIZE;
 537
 538        if (iocb)
 539                lock_sock(sk);
 540
 541        needs_conn = (sock->state != SS_READY);
 542        if (unlikely(needs_conn)) {
 543                if (sock->state == SS_LISTENING) {
 544                        res = -EPIPE;
 545                        goto exit;
 546                }
 547                if (sock->state != SS_UNCONNECTED) {
 548                        res = -EISCONN;
 549                        goto exit;
 550                }
 551                if ((tport->published) ||
 552                    ((sock->type == SOCK_STREAM) && (total_len != 0))) {
 553                        res = -EOPNOTSUPP;
 554                        goto exit;
 555                }
 556                if (dest->addrtype == TIPC_ADDR_NAME) {
 557                        tport->conn_type = dest->addr.name.name.type;
 558                        tport->conn_instance = dest->addr.name.name.instance;
 559                }
 560
 561                /* Abort any pending connection attempts (very unlikely) */
 562
 563                reject_rx_queue(sk);
 564        }
 565
 566        timeout_val = sock_sndtimeo(sk, m->msg_flags & MSG_DONTWAIT);
 567
 568        do {
 569                if (dest->addrtype == TIPC_ADDR_NAME) {
 570                        res = dest_name_check(dest, m);
 571                        if (res)
 572                                break;
 573                        res = tipc_send2name(tport->ref,
 574                                             &dest->addr.name.name,
 575                                             dest->addr.name.domain,
 576                                             m->msg_iovlen,
 577                                             m->msg_iov,
 578                                             total_len);
 579                } else if (dest->addrtype == TIPC_ADDR_ID) {
 580                        res = tipc_send2port(tport->ref,
 581                                             &dest->addr.id,
 582                                             m->msg_iovlen,
 583                                             m->msg_iov,
 584                                             total_len);
 585                } else if (dest->addrtype == TIPC_ADDR_MCAST) {
 586                        if (needs_conn) {
 587                                res = -EOPNOTSUPP;
 588                                break;
 589                        }
 590                        res = dest_name_check(dest, m);
 591                        if (res)
 592                                break;
 593                        res = tipc_multicast(tport->ref,
 594                                             &dest->addr.nameseq,
 595                                             m->msg_iovlen,
 596                                             m->msg_iov,
 597                                             total_len);
 598                }
 599                if (likely(res != -ELINKCONG)) {
 600                        if (needs_conn && (res >= 0))
 601                                sock->state = SS_CONNECTING;
 602                        break;
 603                }
 604                if (timeout_val <= 0L) {
 605                        res = timeout_val ? timeout_val : -EWOULDBLOCK;
 606                        break;
 607                }
 608                release_sock(sk);
 609                timeout_val = wait_event_interruptible_timeout(*sk_sleep(sk),
 610                                               !tport->congested, timeout_val);
 611                lock_sock(sk);
 612        } while (1);
 613
 614exit:
 615        if (iocb)
 616                release_sock(sk);
 617        return res;
 618}
 619
 620/**
 621 * send_packet - send a connection-oriented message
 622 * @iocb: if NULL, indicates that socket lock is already held
 623 * @sock: socket structure
 624 * @m: message to send
 625 * @total_len: length of message
 626 *
 627 * Used for SOCK_SEQPACKET messages and SOCK_STREAM data.
 628 *
 629 * Returns the number of bytes sent on success, or errno otherwise
 630 */
 631
 632static int send_packet(struct kiocb *iocb, struct socket *sock,
 633                       struct msghdr *m, size_t total_len)
 634{
 635        struct sock *sk = sock->sk;
 636        struct tipc_port *tport = tipc_sk_port(sk);
 637        struct sockaddr_tipc *dest = (struct sockaddr_tipc *)m->msg_name;
 638        long timeout_val;
 639        int res;
 640
 641        /* Handle implied connection establishment */
 642
 643        if (unlikely(dest))
 644                return send_msg(iocb, sock, m, total_len);
 645
 646        if ((total_len > TIPC_MAX_USER_MSG_SIZE) ||
 647            (m->msg_iovlen > (unsigned)INT_MAX))
 648                return -EMSGSIZE;
 649
 650        if (iocb)
 651                lock_sock(sk);
 652
 653        timeout_val = sock_sndtimeo(sk, m->msg_flags & MSG_DONTWAIT);
 654
 655        do {
 656                if (unlikely(sock->state != SS_CONNECTED)) {
 657                        if (sock->state == SS_DISCONNECTING)
 658                                res = -EPIPE;
 659                        else
 660                                res = -ENOTCONN;
 661                        break;
 662                }
 663
 664                res = tipc_send(tport->ref, m->msg_iovlen, m->msg_iov,
 665                                total_len);
 666                if (likely(res != -ELINKCONG))
 667                        break;
 668                if (timeout_val <= 0L) {
 669                        res = timeout_val ? timeout_val : -EWOULDBLOCK;
 670                        break;
 671                }
 672                release_sock(sk);
 673                timeout_val = wait_event_interruptible_timeout(*sk_sleep(sk),
 674                        (!tport->congested || !tport->connected), timeout_val);
 675                lock_sock(sk);
 676        } while (1);
 677
 678        if (iocb)
 679                release_sock(sk);
 680        return res;
 681}
 682
 683/**
 684 * send_stream - send stream-oriented data
 685 * @iocb: (unused)
 686 * @sock: socket structure
 687 * @m: data to send
 688 * @total_len: total length of data to be sent
 689 *
 690 * Used for SOCK_STREAM data.
 691 *
 692 * Returns the number of bytes sent on success (or partial success),
 693 * or errno if no data sent
 694 */
 695
 696static int send_stream(struct kiocb *iocb, struct socket *sock,
 697                       struct msghdr *m, size_t total_len)
 698{
 699        struct sock *sk = sock->sk;
 700        struct tipc_port *tport = tipc_sk_port(sk);
 701        struct msghdr my_msg;
 702        struct iovec my_iov;
 703        struct iovec *curr_iov;
 704        int curr_iovlen;
 705        char __user *curr_start;
 706        u32 hdr_size;
 707        int curr_left;
 708        int bytes_to_send;
 709        int bytes_sent;
 710        int res;
 711
 712        lock_sock(sk);
 713
 714        /* Handle special cases where there is no connection */
 715
 716        if (unlikely(sock->state != SS_CONNECTED)) {
 717                if (sock->state == SS_UNCONNECTED) {
 718                        res = send_packet(NULL, sock, m, total_len);
 719                        goto exit;
 720                } else if (sock->state == SS_DISCONNECTING) {
 721                        res = -EPIPE;
 722                        goto exit;
 723                } else {
 724                        res = -ENOTCONN;
 725                        goto exit;
 726                }
 727        }
 728
 729        if (unlikely(m->msg_name)) {
 730                res = -EISCONN;
 731                goto exit;
 732        }
 733
 734        if ((total_len > (unsigned)INT_MAX) ||
 735            (m->msg_iovlen > (unsigned)INT_MAX)) {
 736                res = -EMSGSIZE;
 737                goto exit;
 738        }
 739
 740        /*
 741         * Send each iovec entry using one or more messages
 742         *
 743         * Note: This algorithm is good for the most likely case
 744         * (i.e. one large iovec entry), but could be improved to pass sets
 745         * of small iovec entries into send_packet().
 746         */
 747
 748        curr_iov = m->msg_iov;
 749        curr_iovlen = m->msg_iovlen;
 750        my_msg.msg_iov = &my_iov;
 751        my_msg.msg_iovlen = 1;
 752        my_msg.msg_flags = m->msg_flags;
 753        my_msg.msg_name = NULL;
 754        bytes_sent = 0;
 755
 756        hdr_size = msg_hdr_sz(&tport->phdr);
 757
 758        while (curr_iovlen--) {
 759                curr_start = curr_iov->iov_base;
 760                curr_left = curr_iov->iov_len;
 761
 762                while (curr_left) {
 763                        bytes_to_send = tport->max_pkt - hdr_size;
 764                        if (bytes_to_send > TIPC_MAX_USER_MSG_SIZE)
 765                                bytes_to_send = TIPC_MAX_USER_MSG_SIZE;
 766                        if (curr_left < bytes_to_send)
 767                                bytes_to_send = curr_left;
 768                        my_iov.iov_base = curr_start;
 769                        my_iov.iov_len = bytes_to_send;
 770                        res = send_packet(NULL, sock, &my_msg, bytes_to_send);
 771                        if (res < 0) {
 772                                if (bytes_sent)
 773                                        res = bytes_sent;
 774                                goto exit;
 775                        }
 776                        curr_left -= bytes_to_send;
 777                        curr_start += bytes_to_send;
 778                        bytes_sent += bytes_to_send;
 779                }
 780
 781                curr_iov++;
 782        }
 783        res = bytes_sent;
 784exit:
 785        release_sock(sk);
 786        return res;
 787}
 788
 789/**
 790 * auto_connect - complete connection setup to a remote port
 791 * @sock: socket structure
 792 * @msg: peer's response message
 793 *
 794 * Returns 0 on success, errno otherwise
 795 */
 796
 797static int auto_connect(struct socket *sock, struct tipc_msg *msg)
 798{
 799        struct tipc_sock *tsock = tipc_sk(sock->sk);
 800
 801        if (msg_errcode(msg)) {
 802                sock->state = SS_DISCONNECTING;
 803                return -ECONNREFUSED;
 804        }
 805
 806        tsock->peer_name.ref = msg_origport(msg);
 807        tsock->peer_name.node = msg_orignode(msg);
 808        tipc_connect2port(tsock->p->ref, &tsock->peer_name);
 809        tipc_set_portimportance(tsock->p->ref, msg_importance(msg));
 810        sock->state = SS_CONNECTED;
 811        return 0;
 812}
 813
 814/**
 815 * set_orig_addr - capture sender's address for received message
 816 * @m: descriptor for message info
 817 * @msg: received message header
 818 *
 819 * Note: Address is not captured if not requested by receiver.
 820 */
 821
 822static void set_orig_addr(struct msghdr *m, struct tipc_msg *msg)
 823{
 824        struct sockaddr_tipc *addr = (struct sockaddr_tipc *)m->msg_name;
 825
 826        if (addr) {
 827                addr->family = AF_TIPC;
 828                addr->addrtype = TIPC_ADDR_ID;
 829                addr->addr.id.ref = msg_origport(msg);
 830                addr->addr.id.node = msg_orignode(msg);
 831                addr->addr.name.domain = 0;     /* could leave uninitialized */
 832                addr->scope = 0;                /* could leave uninitialized */
 833                m->msg_namelen = sizeof(struct sockaddr_tipc);
 834        }
 835}
 836
 837/**
 838 * anc_data_recv - optionally capture ancillary data for received message
 839 * @m: descriptor for message info
 840 * @msg: received message header
 841 * @tport: TIPC port associated with message
 842 *
 843 * Note: Ancillary data is not captured if not requested by receiver.
 844 *
 845 * Returns 0 if successful, otherwise errno
 846 */
 847
 848static int anc_data_recv(struct msghdr *m, struct tipc_msg *msg,
 849                                struct tipc_port *tport)
 850{
 851        u32 anc_data[3];
 852        u32 err;
 853        u32 dest_type;
 854        int has_name;
 855        int res;
 856
 857        if (likely(m->msg_controllen == 0))
 858                return 0;
 859
 860        /* Optionally capture errored message object(s) */
 861
 862        err = msg ? msg_errcode(msg) : 0;
 863        if (unlikely(err)) {
 864                anc_data[0] = err;
 865                anc_data[1] = msg_data_sz(msg);
 866                res = put_cmsg(m, SOL_TIPC, TIPC_ERRINFO, 8, anc_data);
 867                if (res)
 868                        return res;
 869                if (anc_data[1]) {
 870                        res = put_cmsg(m, SOL_TIPC, TIPC_RETDATA, anc_data[1],
 871                                       msg_data(msg));
 872                        if (res)
 873                                return res;
 874                }
 875        }
 876
 877        /* Optionally capture message destination object */
 878
 879        dest_type = msg ? msg_type(msg) : TIPC_DIRECT_MSG;
 880        switch (dest_type) {
 881        case TIPC_NAMED_MSG:
 882                has_name = 1;
 883                anc_data[0] = msg_nametype(msg);
 884                anc_data[1] = msg_namelower(msg);
 885                anc_data[2] = msg_namelower(msg);
 886                break;
 887        case TIPC_MCAST_MSG:
 888                has_name = 1;
 889                anc_data[0] = msg_nametype(msg);
 890                anc_data[1] = msg_namelower(msg);
 891                anc_data[2] = msg_nameupper(msg);
 892                break;
 893        case TIPC_CONN_MSG:
 894                has_name = (tport->conn_type != 0);
 895                anc_data[0] = tport->conn_type;
 896                anc_data[1] = tport->conn_instance;
 897                anc_data[2] = tport->conn_instance;
 898                break;
 899        default:
 900                has_name = 0;
 901        }
 902        if (has_name) {
 903                res = put_cmsg(m, SOL_TIPC, TIPC_DESTNAME, 12, anc_data);
 904                if (res)
 905                        return res;
 906        }
 907
 908        return 0;
 909}
 910
 911/**
 912 * recv_msg - receive packet-oriented message
 913 * @iocb: (unused)
 914 * @m: descriptor for message info
 915 * @buf_len: total size of user buffer area
 916 * @flags: receive flags
 917 *
 918 * Used for SOCK_DGRAM, SOCK_RDM, and SOCK_SEQPACKET messages.
 919 * If the complete message doesn't fit in user area, truncate it.
 920 *
 921 * Returns size of returned message data, errno otherwise
 922 */
 923
 924static int recv_msg(struct kiocb *iocb, struct socket *sock,
 925                    struct msghdr *m, size_t buf_len, int flags)
 926{
 927        struct sock *sk = sock->sk;
 928        struct tipc_port *tport = tipc_sk_port(sk);
 929        struct sk_buff *buf;
 930        struct tipc_msg *msg;
 931        long timeout;
 932        unsigned int sz;
 933        u32 err;
 934        int res;
 935
 936        /* Catch invalid receive requests */
 937
 938        if (unlikely(!buf_len))
 939                return -EINVAL;
 940
 941        lock_sock(sk);
 942
 943        if (unlikely(sock->state == SS_UNCONNECTED)) {
 944                res = -ENOTCONN;
 945                goto exit;
 946        }
 947
 948        timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
 949restart:
 950
 951        /* Look for a message in receive queue; wait if necessary */
 952
 953        while (skb_queue_empty(&sk->sk_receive_queue)) {
 954                if (sock->state == SS_DISCONNECTING) {
 955                        res = -ENOTCONN;
 956                        goto exit;
 957                }
 958                if (timeout <= 0L) {
 959                        res = timeout ? timeout : -EWOULDBLOCK;
 960                        goto exit;
 961                }
 962                release_sock(sk);
 963                timeout = wait_event_interruptible_timeout(*sk_sleep(sk),
 964                                                           tipc_rx_ready(sock),
 965                                                           timeout);
 966                lock_sock(sk);
 967        }
 968
 969        /* Look at first message in receive queue */
 970
 971        buf = skb_peek(&sk->sk_receive_queue);
 972        msg = buf_msg(buf);
 973        sz = msg_data_sz(msg);
 974        err = msg_errcode(msg);
 975
 976        /* Complete connection setup for an implied connect */
 977
 978        if (unlikely(sock->state == SS_CONNECTING)) {
 979                res = auto_connect(sock, msg);
 980                if (res)
 981                        goto exit;
 982        }
 983
 984        /* Discard an empty non-errored message & try again */
 985
 986        if ((!sz) && (!err)) {
 987                advance_rx_queue(sk);
 988                goto restart;
 989        }
 990
 991        /* Capture sender's address (optional) */
 992
 993        set_orig_addr(m, msg);
 994
 995        /* Capture ancillary data (optional) */
 996
 997        res = anc_data_recv(m, msg, tport);
 998        if (res)
 999                goto exit;
1000
1001        /* Capture message data (if valid) & compute return value (always) */
1002
1003        if (!err) {
1004                if (unlikely(buf_len < sz)) {
1005                        sz = buf_len;
1006                        m->msg_flags |= MSG_TRUNC;
1007                }
1008                res = skb_copy_datagram_iovec(buf, msg_hdr_sz(msg),
1009                                              m->msg_iov, sz);
1010                if (res)
1011                        goto exit;
1012                res = sz;
1013        } else {
1014                if ((sock->state == SS_READY) ||
1015                    ((err == TIPC_CONN_SHUTDOWN) || m->msg_control))
1016                        res = 0;
1017                else
1018                        res = -ECONNRESET;
1019        }
1020
1021        /* Consume received message (optional) */
1022
1023        if (likely(!(flags & MSG_PEEK))) {
1024                if ((sock->state != SS_READY) &&
1025                    (++tport->conn_unacked >= TIPC_FLOW_CONTROL_WIN))
1026                        tipc_acknowledge(tport->ref, tport->conn_unacked);
1027                advance_rx_queue(sk);
1028        }
1029exit:
1030        release_sock(sk);
1031        return res;
1032}
1033
1034/**
1035 * recv_stream - receive stream-oriented data
1036 * @iocb: (unused)
1037 * @m: descriptor for message info
1038 * @buf_len: total size of user buffer area
1039 * @flags: receive flags
1040 *
1041 * Used for SOCK_STREAM messages only.  If not enough data is available
1042 * will optionally wait for more; never truncates data.
1043 *
1044 * Returns size of returned message data, errno otherwise
1045 */
1046
1047static int recv_stream(struct kiocb *iocb, struct socket *sock,
1048                       struct msghdr *m, size_t buf_len, int flags)
1049{
1050        struct sock *sk = sock->sk;
1051        struct tipc_port *tport = tipc_sk_port(sk);
1052        struct sk_buff *buf;
1053        struct tipc_msg *msg;
1054        long timeout;
1055        unsigned int sz;
1056        int sz_to_copy, target, needed;
1057        int sz_copied = 0;
1058        u32 err;
1059        int res = 0;
1060
1061        /* Catch invalid receive attempts */
1062
1063        if (unlikely(!buf_len))
1064                return -EINVAL;
1065
1066        lock_sock(sk);
1067
1068        if (unlikely((sock->state == SS_UNCONNECTED) ||
1069                     (sock->state == SS_CONNECTING))) {
1070                res = -ENOTCONN;
1071                goto exit;
1072        }
1073
1074        target = sock_rcvlowat(sk, flags & MSG_WAITALL, buf_len);
1075        timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
1076restart:
1077
1078        /* Look for a message in receive queue; wait if necessary */
1079
1080        while (skb_queue_empty(&sk->sk_receive_queue)) {
1081                if (sock->state == SS_DISCONNECTING) {
1082                        res = -ENOTCONN;
1083                        goto exit;
1084                }
1085                if (timeout <= 0L) {
1086                        res = timeout ? timeout : -EWOULDBLOCK;
1087                        goto exit;
1088                }
1089                release_sock(sk);
1090                timeout = wait_event_interruptible_timeout(*sk_sleep(sk),
1091                                                           tipc_rx_ready(sock),
1092                                                           timeout);
1093                lock_sock(sk);
1094        }
1095
1096        /* Look at first message in receive queue */
1097
1098        buf = skb_peek(&sk->sk_receive_queue);
1099        msg = buf_msg(buf);
1100        sz = msg_data_sz(msg);
1101        err = msg_errcode(msg);
1102
1103        /* Discard an empty non-errored message & try again */
1104
1105        if ((!sz) && (!err)) {
1106                advance_rx_queue(sk);
1107                goto restart;
1108        }
1109
1110        /* Optionally capture sender's address & ancillary data of first msg */
1111
1112        if (sz_copied == 0) {
1113                set_orig_addr(m, msg);
1114                res = anc_data_recv(m, msg, tport);
1115                if (res)
1116                        goto exit;
1117        }
1118
1119        /* Capture message data (if valid) & compute return value (always) */
1120
1121        if (!err) {
1122                u32 offset = (u32)(unsigned long)(TIPC_SKB_CB(buf)->handle);
1123
1124                sz -= offset;
1125                needed = (buf_len - sz_copied);
1126                sz_to_copy = (sz <= needed) ? sz : needed;
1127
1128                res = skb_copy_datagram_iovec(buf, msg_hdr_sz(msg) + offset,
1129                                              m->msg_iov, sz_to_copy);
1130                if (res)
1131                        goto exit;
1132
1133                sz_copied += sz_to_copy;
1134
1135                if (sz_to_copy < sz) {
1136                        if (!(flags & MSG_PEEK))
1137                                TIPC_SKB_CB(buf)->handle =
1138                                (void *)(unsigned long)(offset + sz_to_copy);
1139                        goto exit;
1140                }
1141        } else {
1142                if (sz_copied != 0)
1143                        goto exit; /* can't add error msg to valid data */
1144
1145                if ((err == TIPC_CONN_SHUTDOWN) || m->msg_control)
1146                        res = 0;
1147                else
1148                        res = -ECONNRESET;
1149        }
1150
1151        /* Consume received message (optional) */
1152
1153        if (likely(!(flags & MSG_PEEK))) {
1154                if (unlikely(++tport->conn_unacked >= TIPC_FLOW_CONTROL_WIN))
1155                        tipc_acknowledge(tport->ref, tport->conn_unacked);
1156                advance_rx_queue(sk);
1157        }
1158
1159        /* Loop around if more data is required */
1160
1161        if ((sz_copied < buf_len) &&    /* didn't get all requested data */
1162            (!skb_queue_empty(&sk->sk_receive_queue) ||
1163            (sz_copied < target)) &&    /* and more is ready or required */
1164            (!(flags & MSG_PEEK)) &&    /* and aren't just peeking at data */
1165            (!err))                     /* and haven't reached a FIN */
1166                goto restart;
1167
1168exit:
1169        release_sock(sk);
1170        return sz_copied ? sz_copied : res;
1171}
1172
1173/**
1174 * rx_queue_full - determine if receive queue can accept another message
1175 * @msg: message to be added to queue
1176 * @queue_size: current size of queue
1177 * @base: nominal maximum size of queue
1178 *
1179 * Returns 1 if queue is unable to accept message, 0 otherwise
1180 */
1181
1182static int rx_queue_full(struct tipc_msg *msg, u32 queue_size, u32 base)
1183{
1184        u32 threshold;
1185        u32 imp = msg_importance(msg);
1186
1187        if (imp == TIPC_LOW_IMPORTANCE)
1188                threshold = base;
1189        else if (imp == TIPC_MEDIUM_IMPORTANCE)
1190                threshold = base * 2;
1191        else if (imp == TIPC_HIGH_IMPORTANCE)
1192                threshold = base * 100;
1193        else
1194                return 0;
1195
1196        if (msg_connected(msg))
1197                threshold *= 4;
1198
1199        return queue_size >= threshold;
1200}
1201
1202/**
1203 * filter_rcv - validate incoming message
1204 * @sk: socket
1205 * @buf: message
1206 *
1207 * Enqueues message on receive queue if acceptable; optionally handles
1208 * disconnect indication for a connected socket.
1209 *
1210 * Called with socket lock already taken; port lock may also be taken.
1211 *
1212 * Returns TIPC error status code (TIPC_OK if message is not to be rejected)
1213 */
1214
1215static u32 filter_rcv(struct sock *sk, struct sk_buff *buf)
1216{
1217        struct socket *sock = sk->sk_socket;
1218        struct tipc_msg *msg = buf_msg(buf);
1219        u32 recv_q_len;
1220
1221        /* Reject message if it is wrong sort of message for socket */
1222
1223        /*
1224         * WOULD IT BE BETTER TO JUST DISCARD THESE MESSAGES INSTEAD?
1225         * "NO PORT" ISN'T REALLY THE RIGHT ERROR CODE, AND THERE MAY
1226         * BE SECURITY IMPLICATIONS INHERENT IN REJECTING INVALID TRAFFIC
1227         */
1228
1229        if (sock->state == SS_READY) {
1230                if (msg_connected(msg))
1231                        return TIPC_ERR_NO_PORT;
1232        } else {
1233                if (msg_mcast(msg))
1234                        return TIPC_ERR_NO_PORT;
1235                if (sock->state == SS_CONNECTED) {
1236                        if (!msg_connected(msg))
1237                                return TIPC_ERR_NO_PORT;
1238                } else if (sock->state == SS_CONNECTING) {
1239                        if (!msg_connected(msg) && (msg_errcode(msg) == 0))
1240                                return TIPC_ERR_NO_PORT;
1241                } else if (sock->state == SS_LISTENING) {
1242                        if (msg_connected(msg) || msg_errcode(msg))
1243                                return TIPC_ERR_NO_PORT;
1244                } else if (sock->state == SS_DISCONNECTING) {
1245                        return TIPC_ERR_NO_PORT;
1246                } else /* (sock->state == SS_UNCONNECTED) */ {
1247                        if (msg_connected(msg) || msg_errcode(msg))
1248                                return TIPC_ERR_NO_PORT;
1249                }
1250        }
1251
1252        /* Reject message if there isn't room to queue it */
1253
1254        recv_q_len = (u32)atomic_read(&tipc_queue_size);
1255        if (unlikely(recv_q_len >= OVERLOAD_LIMIT_BASE)) {
1256                if (rx_queue_full(msg, recv_q_len, OVERLOAD_LIMIT_BASE))
1257                        return TIPC_ERR_OVERLOAD;
1258        }
1259        recv_q_len = skb_queue_len(&sk->sk_receive_queue);
1260        if (unlikely(recv_q_len >= (OVERLOAD_LIMIT_BASE / 2))) {
1261                if (rx_queue_full(msg, recv_q_len, OVERLOAD_LIMIT_BASE / 2))
1262                        return TIPC_ERR_OVERLOAD;
1263        }
1264
1265        /* Enqueue message (finally!) */
1266
1267        TIPC_SKB_CB(buf)->handle = 0;
1268        atomic_inc(&tipc_queue_size);
1269        __skb_queue_tail(&sk->sk_receive_queue, buf);
1270
1271        /* Initiate connection termination for an incoming 'FIN' */
1272
1273        if (unlikely(msg_errcode(msg) && (sock->state == SS_CONNECTED))) {
1274                sock->state = SS_DISCONNECTING;
1275                tipc_disconnect_port(tipc_sk_port(sk));
1276        }
1277
1278        if (waitqueue_active(sk_sleep(sk)))
1279                wake_up_interruptible(sk_sleep(sk));
1280        return TIPC_OK;
1281}
1282
1283/**
1284 * backlog_rcv - handle incoming message from backlog queue
1285 * @sk: socket
1286 * @buf: message
1287 *
1288 * Caller must hold socket lock, but not port lock.
1289 *
1290 * Returns 0
1291 */
1292
1293static int backlog_rcv(struct sock *sk, struct sk_buff *buf)
1294{
1295        u32 res;
1296
1297        res = filter_rcv(sk, buf);
1298        if (res)
1299                tipc_reject_msg(buf, res);
1300        return 0;
1301}
1302
1303/**
1304 * dispatch - handle incoming message
1305 * @tport: TIPC port that received message
1306 * @buf: message
1307 *
1308 * Called with port lock already taken.
1309 *
1310 * Returns TIPC error status code (TIPC_OK if message is not to be rejected)
1311 */
1312
1313static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf)
1314{
1315        struct sock *sk = (struct sock *)tport->usr_handle;
1316        u32 res;
1317
1318        /*
1319         * Process message if socket is unlocked; otherwise add to backlog queue
1320         *
1321         * This code is based on sk_receive_skb(), but must be distinct from it
1322         * since a TIPC-specific filter/reject mechanism is utilized
1323         */
1324
1325        bh_lock_sock(sk);
1326        if (!sock_owned_by_user(sk)) {
1327                res = filter_rcv(sk, buf);
1328        } else {
1329                if (sk_add_backlog(sk, buf))
1330                        res = TIPC_ERR_OVERLOAD;
1331                else
1332                        res = TIPC_OK;
1333        }
1334        bh_unlock_sock(sk);
1335
1336        return res;
1337}
1338
1339/**
1340 * wakeupdispatch - wake up port after congestion
1341 * @tport: port to wakeup
1342 *
1343 * Called with port lock already taken.
1344 */
1345
1346static void wakeupdispatch(struct tipc_port *tport)
1347{
1348        struct sock *sk = (struct sock *)tport->usr_handle;
1349
1350        if (waitqueue_active(sk_sleep(sk)))
1351                wake_up_interruptible(sk_sleep(sk));
1352}
1353
1354/**
1355 * connect - establish a connection to another TIPC port
1356 * @sock: socket structure
1357 * @dest: socket address for destination port
1358 * @destlen: size of socket address data structure
1359 * @flags: file-related flags associated with socket
1360 *
1361 * Returns 0 on success, errno otherwise
1362 */
1363
1364static int connect(struct socket *sock, struct sockaddr *dest, int destlen,
1365                   int flags)
1366{
1367        struct sock *sk = sock->sk;
1368        struct sockaddr_tipc *dst = (struct sockaddr_tipc *)dest;
1369        struct msghdr m = {NULL,};
1370        struct sk_buff *buf;
1371        struct tipc_msg *msg;
1372        unsigned int timeout;
1373        int res;
1374
1375        lock_sock(sk);
1376
1377        /* For now, TIPC does not allow use of connect() with DGRAM/RDM types */
1378
1379        if (sock->state == SS_READY) {
1380                res = -EOPNOTSUPP;
1381                goto exit;
1382        }
1383
1384        /* For now, TIPC does not support the non-blocking form of connect() */
1385
1386        if (flags & O_NONBLOCK) {
1387                res = -EOPNOTSUPP;
1388                goto exit;
1389        }
1390
1391        /* Issue Posix-compliant error code if socket is in the wrong state */
1392
1393        if (sock->state == SS_LISTENING) {
1394                res = -EOPNOTSUPP;
1395                goto exit;
1396        }
1397        if (sock->state == SS_CONNECTING) {
1398                res = -EALREADY;
1399                goto exit;
1400        }
1401        if (sock->state != SS_UNCONNECTED) {
1402                res = -EISCONN;
1403                goto exit;
1404        }
1405
1406        /*
1407         * Reject connection attempt using multicast address
1408         *
1409         * Note: send_msg() validates the rest of the address fields,
1410         *       so there's no need to do it here
1411         */
1412
1413        if (dst->addrtype == TIPC_ADDR_MCAST) {
1414                res = -EINVAL;
1415                goto exit;
1416        }
1417
1418        /* Reject any messages already in receive queue (very unlikely) */
1419
1420        reject_rx_queue(sk);
1421
1422        /* Send a 'SYN-' to destination */
1423
1424        m.msg_name = dest;
1425        m.msg_namelen = destlen;
1426        res = send_msg(NULL, sock, &m, 0);
1427        if (res < 0)
1428                goto exit;
1429
1430        /* Wait until an 'ACK' or 'RST' arrives, or a timeout occurs */
1431
1432        timeout = tipc_sk(sk)->conn_timeout;
1433        release_sock(sk);
1434        res = wait_event_interruptible_timeout(*sk_sleep(sk),
1435                        (!skb_queue_empty(&sk->sk_receive_queue) ||
1436                        (sock->state != SS_CONNECTING)),
1437                        timeout ? (long)msecs_to_jiffies(timeout)
1438                                : MAX_SCHEDULE_TIMEOUT);
1439        lock_sock(sk);
1440
1441        if (res > 0) {
1442                buf = skb_peek(&sk->sk_receive_queue);
1443                if (buf != NULL) {
1444                        msg = buf_msg(buf);
1445                        res = auto_connect(sock, msg);
1446                        if (!res) {
1447                                if (!msg_data_sz(msg))
1448                                        advance_rx_queue(sk);
1449                        }
1450                } else {
1451                        if (sock->state == SS_CONNECTED)
1452                                res = -EISCONN;
1453                        else
1454                                res = -ECONNREFUSED;
1455                }
1456        } else {
1457                if (res == 0)
1458                        res = -ETIMEDOUT;
1459                else
1460                        ; /* leave "res" unchanged */
1461                sock->state = SS_DISCONNECTING;
1462        }
1463
1464exit:
1465        release_sock(sk);
1466        return res;
1467}
1468
1469/**
1470 * listen - allow socket to listen for incoming connections
1471 * @sock: socket structure
1472 * @len: (unused)
1473 *
1474 * Returns 0 on success, errno otherwise
1475 */
1476
1477static int listen(struct socket *sock, int len)
1478{
1479        struct sock *sk = sock->sk;
1480        int res;
1481
1482        lock_sock(sk);
1483
1484        if (sock->state != SS_UNCONNECTED)
1485                res = -EINVAL;
1486        else {
1487                sock->state = SS_LISTENING;
1488                res = 0;
1489        }
1490
1491        release_sock(sk);
1492        return res;
1493}
1494
1495/**
1496 * accept - wait for connection request
1497 * @sock: listening socket
1498 * @newsock: new socket that is to be connected
1499 * @flags: file-related flags associated with socket
1500 *
1501 * Returns 0 on success, errno otherwise
1502 */
1503
1504static int accept(struct socket *sock, struct socket *new_sock, int flags)
1505{
1506        struct sock *sk = sock->sk;
1507        struct sk_buff *buf;
1508        int res;
1509
1510        lock_sock(sk);
1511
1512        if (sock->state != SS_LISTENING) {
1513                res = -EINVAL;
1514                goto exit;
1515        }
1516
1517        while (skb_queue_empty(&sk->sk_receive_queue)) {
1518                if (flags & O_NONBLOCK) {
1519                        res = -EWOULDBLOCK;
1520                        goto exit;
1521                }
1522                release_sock(sk);
1523                res = wait_event_interruptible(*sk_sleep(sk),
1524                                (!skb_queue_empty(&sk->sk_receive_queue)));
1525                lock_sock(sk);
1526                if (res)
1527                        goto exit;
1528        }
1529
1530        buf = skb_peek(&sk->sk_receive_queue);
1531
1532        res = tipc_create(sock_net(sock->sk), new_sock, 0, 0);
1533        if (!res) {
1534                struct sock *new_sk = new_sock->sk;
1535                struct tipc_sock *new_tsock = tipc_sk(new_sk);
1536                struct tipc_port *new_tport = new_tsock->p;
1537                u32 new_ref = new_tport->ref;
1538                struct tipc_msg *msg = buf_msg(buf);
1539
1540                lock_sock(new_sk);
1541
1542                /*
1543                 * Reject any stray messages received by new socket
1544                 * before the socket lock was taken (very, very unlikely)
1545                 */
1546
1547                reject_rx_queue(new_sk);
1548
1549                /* Connect new socket to it's peer */
1550
1551                new_tsock->peer_name.ref = msg_origport(msg);
1552                new_tsock->peer_name.node = msg_orignode(msg);
1553                tipc_connect2port(new_ref, &new_tsock->peer_name);
1554                new_sock->state = SS_CONNECTED;
1555
1556                tipc_set_portimportance(new_ref, msg_importance(msg));
1557                if (msg_named(msg)) {
1558                        new_tport->conn_type = msg_nametype(msg);
1559                        new_tport->conn_instance = msg_nameinst(msg);
1560                }
1561
1562                /*
1563                 * Respond to 'SYN-' by discarding it & returning 'ACK'-.
1564                 * Respond to 'SYN+' by queuing it on new socket.
1565                 */
1566
1567                if (!msg_data_sz(msg)) {
1568                        struct msghdr m = {NULL,};
1569
1570                        advance_rx_queue(sk);
1571                        send_packet(NULL, new_sock, &m, 0);
1572                } else {
1573                        __skb_dequeue(&sk->sk_receive_queue);
1574                        __skb_queue_head(&new_sk->sk_receive_queue, buf);
1575                }
1576                release_sock(new_sk);
1577        }
1578exit:
1579        release_sock(sk);
1580        return res;
1581}
1582
1583/**
1584 * shutdown - shutdown socket connection
1585 * @sock: socket structure
1586 * @how: direction to close (must be SHUT_RDWR)
1587 *
1588 * Terminates connection (if necessary), then purges socket's receive queue.
1589 *
1590 * Returns 0 on success, errno otherwise
1591 */
1592
1593static int shutdown(struct socket *sock, int how)
1594{
1595        struct sock *sk = sock->sk;
1596        struct tipc_port *tport = tipc_sk_port(sk);
1597        struct sk_buff *buf;
1598        int res;
1599
1600        if (how != SHUT_RDWR)
1601                return -EINVAL;
1602
1603        lock_sock(sk);
1604
1605        switch (sock->state) {
1606        case SS_CONNECTING:
1607        case SS_CONNECTED:
1608
1609                /* Disconnect and send a 'FIN+' or 'FIN-' message to peer */
1610restart:
1611                buf = __skb_dequeue(&sk->sk_receive_queue);
1612                if (buf) {
1613                        atomic_dec(&tipc_queue_size);
1614                        if (TIPC_SKB_CB(buf)->handle != 0) {
1615                                buf_discard(buf);
1616                                goto restart;
1617                        }
1618                        tipc_disconnect(tport->ref);
1619                        tipc_reject_msg(buf, TIPC_CONN_SHUTDOWN);
1620                } else {
1621                        tipc_shutdown(tport->ref);
1622                }
1623
1624                sock->state = SS_DISCONNECTING;
1625
1626                /* fall through */
1627
1628        case SS_DISCONNECTING:
1629
1630                /* Discard any unreceived messages; wake up sleeping tasks */
1631
1632                discard_rx_queue(sk);
1633                if (waitqueue_active(sk_sleep(sk)))
1634                        wake_up_interruptible(sk_sleep(sk));
1635                res = 0;
1636                break;
1637
1638        default:
1639                res = -ENOTCONN;
1640        }
1641
1642        release_sock(sk);
1643        return res;
1644}
1645
1646/**
1647 * setsockopt - set socket option
1648 * @sock: socket structure
1649 * @lvl: option level
1650 * @opt: option identifier
1651 * @ov: pointer to new option value
1652 * @ol: length of option value
1653 *
1654 * For stream sockets only, accepts and ignores all IPPROTO_TCP options
1655 * (to ease compatibility).
1656 *
1657 * Returns 0 on success, errno otherwise
1658 */
1659
1660static int setsockopt(struct socket *sock,
1661                      int lvl, int opt, char __user *ov, unsigned int ol)
1662{
1663        struct sock *sk = sock->sk;
1664        struct tipc_port *tport = tipc_sk_port(sk);
1665        u32 value;
1666        int res;
1667
1668        if ((lvl == IPPROTO_TCP) && (sock->type == SOCK_STREAM))
1669                return 0;
1670        if (lvl != SOL_TIPC)
1671                return -ENOPROTOOPT;
1672        if (ol < sizeof(value))
1673                return -EINVAL;
1674        res = get_user(value, (u32 __user *)ov);
1675        if (res)
1676                return res;
1677
1678        lock_sock(sk);
1679
1680        switch (opt) {
1681        case TIPC_IMPORTANCE:
1682                res = tipc_set_portimportance(tport->ref, value);
1683                break;
1684        case TIPC_SRC_DROPPABLE:
1685                if (sock->type != SOCK_STREAM)
1686                        res = tipc_set_portunreliable(tport->ref, value);
1687                else
1688                        res = -ENOPROTOOPT;
1689                break;
1690        case TIPC_DEST_DROPPABLE:
1691                res = tipc_set_portunreturnable(tport->ref, value);
1692                break;
1693        case TIPC_CONN_TIMEOUT:
1694                tipc_sk(sk)->conn_timeout = value;
1695                /* no need to set "res", since already 0 at this point */
1696                break;
1697        default:
1698                res = -EINVAL;
1699        }
1700
1701        release_sock(sk);
1702
1703        return res;
1704}
1705
1706/**
1707 * getsockopt - get socket option
1708 * @sock: socket structure
1709 * @lvl: option level
1710 * @opt: option identifier
1711 * @ov: receptacle for option value
1712 * @ol: receptacle for length of option value
1713 *
1714 * For stream sockets only, returns 0 length result for all IPPROTO_TCP options
1715 * (to ease compatibility).
1716 *
1717 * Returns 0 on success, errno otherwise
1718 */
1719
1720static int getsockopt(struct socket *sock,
1721                      int lvl, int opt, char __user *ov, int __user *ol)
1722{
1723        struct sock *sk = sock->sk;
1724        struct tipc_port *tport = tipc_sk_port(sk);
1725        int len;
1726        u32 value;
1727        int res;
1728
1729        if ((lvl == IPPROTO_TCP) && (sock->type == SOCK_STREAM))
1730                return put_user(0, ol);
1731        if (lvl != SOL_TIPC)
1732                return -ENOPROTOOPT;
1733        res = get_user(len, ol);
1734        if (res)
1735                return res;
1736
1737        lock_sock(sk);
1738
1739        switch (opt) {
1740        case TIPC_IMPORTANCE:
1741                res = tipc_portimportance(tport->ref, &value);
1742                break;
1743        case TIPC_SRC_DROPPABLE:
1744                res = tipc_portunreliable(tport->ref, &value);
1745                break;
1746        case TIPC_DEST_DROPPABLE:
1747                res = tipc_portunreturnable(tport->ref, &value);
1748                break;
1749        case TIPC_CONN_TIMEOUT:
1750                value = tipc_sk(sk)->conn_timeout;
1751                /* no need to set "res", since already 0 at this point */
1752                break;
1753        case TIPC_NODE_RECVQ_DEPTH:
1754                value = (u32)atomic_read(&tipc_queue_size);
1755                break;
1756        case TIPC_SOCK_RECVQ_DEPTH:
1757                value = skb_queue_len(&sk->sk_receive_queue);
1758                break;
1759        default:
1760                res = -EINVAL;
1761        }
1762
1763        release_sock(sk);
1764
1765        if (res)
1766                return res;     /* "get" failed */
1767
1768        if (len < sizeof(value))
1769                return -EINVAL;
1770
1771        if (copy_to_user(ov, &value, sizeof(value)))
1772                return -EFAULT;
1773
1774        return put_user(sizeof(value), ol);
1775}
1776
1777/**
1778 * Protocol switches for the various types of TIPC sockets
1779 */
1780
1781static const struct proto_ops msg_ops = {
1782        .owner          = THIS_MODULE,
1783        .family         = AF_TIPC,
1784        .release        = release,
1785        .bind           = bind,
1786        .connect        = connect,
1787        .socketpair     = sock_no_socketpair,
1788        .accept         = sock_no_accept,
1789        .getname        = get_name,
1790        .poll           = poll,
1791        .ioctl          = sock_no_ioctl,
1792        .listen         = sock_no_listen,
1793        .shutdown       = shutdown,
1794        .setsockopt     = setsockopt,
1795        .getsockopt     = getsockopt,
1796        .sendmsg        = send_msg,
1797        .recvmsg        = recv_msg,
1798        .mmap           = sock_no_mmap,
1799        .sendpage       = sock_no_sendpage
1800};
1801
1802static const struct proto_ops packet_ops = {
1803        .owner          = THIS_MODULE,
1804        .family         = AF_TIPC,
1805        .release        = release,
1806        .bind           = bind,
1807        .connect        = connect,
1808        .socketpair     = sock_no_socketpair,
1809        .accept         = accept,
1810        .getname        = get_name,
1811        .poll           = poll,
1812        .ioctl          = sock_no_ioctl,
1813        .listen         = listen,
1814        .shutdown       = shutdown,
1815        .setsockopt     = setsockopt,
1816        .getsockopt     = getsockopt,
1817        .sendmsg        = send_packet,
1818        .recvmsg        = recv_msg,
1819        .mmap           = sock_no_mmap,
1820        .sendpage       = sock_no_sendpage
1821};
1822
1823static const struct proto_ops stream_ops = {
1824        .owner          = THIS_MODULE,
1825        .family         = AF_TIPC,
1826        .release        = release,
1827        .bind           = bind,
1828        .connect        = connect,
1829        .socketpair     = sock_no_socketpair,
1830        .accept         = accept,
1831        .getname        = get_name,
1832        .poll           = poll,
1833        .ioctl          = sock_no_ioctl,
1834        .listen         = listen,
1835        .shutdown       = shutdown,
1836        .setsockopt     = setsockopt,
1837        .getsockopt     = getsockopt,
1838        .sendmsg        = send_stream,
1839        .recvmsg        = recv_stream,
1840        .mmap           = sock_no_mmap,
1841        .sendpage       = sock_no_sendpage
1842};
1843
1844static const struct net_proto_family tipc_family_ops = {
1845        .owner          = THIS_MODULE,
1846        .family         = AF_TIPC,
1847        .create         = tipc_create
1848};
1849
1850static struct proto tipc_proto = {
1851        .name           = "TIPC",
1852        .owner          = THIS_MODULE,
1853        .obj_size       = sizeof(struct tipc_sock)
1854};
1855
1856/**
1857 * tipc_socket_init - initialize TIPC socket interface
1858 *
1859 * Returns 0 on success, errno otherwise
1860 */
1861int tipc_socket_init(void)
1862{
1863        int res;
1864
1865        res = proto_register(&tipc_proto, 1);
1866        if (res) {
1867                err("Failed to register TIPC protocol type\n");
1868                goto out;
1869        }
1870
1871        res = sock_register(&tipc_family_ops);
1872        if (res) {
1873                err("Failed to register TIPC socket type\n");
1874                proto_unregister(&tipc_proto);
1875                goto out;
1876        }
1877
1878        sockets_enabled = 1;
1879 out:
1880        return res;
1881}
1882
1883/**
1884 * tipc_socket_stop - stop TIPC socket interface
1885 */
1886
1887void tipc_socket_stop(void)
1888{
1889        if (!sockets_enabled)
1890                return;
1891
1892        sockets_enabled = 0;
1893        sock_unregister(tipc_family_ops.family);
1894        proto_unregister(&tipc_proto);
1895}
1896
1897