From 14ba8faebcc241e4d60a4ef4a7d3fdef1c2e846f Mon Sep 17 00:00:00 2001 From: Rémi Denis-Courmont Date: Thu, 24 Feb 2011 23:14:58 +0000 Subject: Phonet: use socket destination in pipe protocol MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rémi Denis-Courmont Signed-off-by: David S. Miller --- include/net/phonet/pep.h | 1 - 1 file changed, 1 deletion(-) (limited to 'include/net/phonet/pep.h') diff --git a/include/net/phonet/pep.h b/include/net/phonet/pep.h index b60b28c99e8..788ccf35358 100644 --- a/include/net/phonet/pep.h +++ b/include/net/phonet/pep.h @@ -47,7 +47,6 @@ struct pep_sock { u8 aligned; #ifdef CONFIG_PHONET_PIPECTRLR u8 pipe_state; - struct sockaddr_pn remote_pep; #endif }; -- cgit v1.2.3-70-g09d2 From 2feb61816f7f0be57f4bc61137555e9a8cb4f322 Mon Sep 17 00:00:00 2001 From: Rémi Denis-Courmont Date: Thu, 24 Feb 2011 23:14:59 +0000 Subject: Phonet: remove redumdant pep->pipe_state MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit sk->sk_state already contains the pipe state. Signed-off-by: Rémi Denis-Courmont Signed-off-by: David S. Miller --- include/net/phonet/pep.h | 9 --------- net/phonet/pep.c | 25 ++++++------------------- 2 files changed, 6 insertions(+), 28 deletions(-) (limited to 'include/net/phonet/pep.h') diff --git a/include/net/phonet/pep.h b/include/net/phonet/pep.h index 788ccf35358..4c48ed80bc0 100644 --- a/include/net/phonet/pep.h +++ b/include/net/phonet/pep.h @@ -45,9 +45,6 @@ struct pep_sock { u8 tx_fc; /* TX flow control */ u8 init_enable; /* auto-enable at creation */ u8 aligned; -#ifdef CONFIG_PHONET_PIPECTRLR - u8 pipe_state; -#endif }; static inline struct pep_sock *pep_sk(struct sock *sk) @@ -177,12 +174,6 @@ enum { #define PNS_PIPE_DISABLED_IND_UTID 0x11 #define PNS_PEP_DISCONNECT_UTID 0x06 -/* Used for tracking state of a pipe */ -enum { - PIPE_IDLE, - PIPE_DISABLED, - PIPE_ENABLED, -}; #endif /* CONFIG_PHONET_PIPECTRLR */ #endif diff --git a/net/phonet/pep.c b/net/phonet/pep.c index 4fce882d001..15775a74b6f 100644 --- a/net/phonet/pep.c +++ b/net/phonet/pep.c @@ -527,7 +527,6 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) #ifdef CONFIG_PHONET_PIPECTRLR case PNS_PEP_DISCONNECT_RESP: - pn->pipe_state = PIPE_IDLE; sk->sk_state = TCP_CLOSE; break; #endif @@ -539,7 +538,6 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) #ifdef CONFIG_PHONET_PIPECTRLR case PNS_PEP_ENABLE_RESP: - pn->pipe_state = PIPE_ENABLED; pipe_handler_send_ind(sk, PNS_PIPE_ENABLED_IND_UTID, PNS_PIPE_ENABLED_IND); @@ -574,7 +572,6 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) #ifdef CONFIG_PHONET_PIPECTRLR case PNS_PEP_DISABLE_RESP: - pn->pipe_state = PIPE_DISABLED; atomic_set(&pn->tx_credits, 0); pipe_handler_send_ind(sk, PNS_PIPE_DISABLED_IND_UTID, PNS_PIPE_DISABLED_IND); @@ -692,7 +689,6 @@ static int pep_connresp_rcv(struct sock *sk, struct sk_buff *skb) remote_pref_rx_fc, sizeof(host_pref_rx_fc)); - pn->pipe_state = PIPE_DISABLED; sk->sk_state = TCP_SYN_RECV; sk->sk_backlog_rcv = pipe_do_rcv; sk->sk_destruct = pipe_destruct; @@ -941,21 +937,18 @@ static void pep_sock_close(struct sock *sk, long timeout) sk_for_each_safe(sknode, p, n, &pn->ackq) sk_del_node_init(sknode); sk->sk_state = TCP_CLOSE; - } else if ((1 << sk->sk_state) & (TCPF_SYN_RECV|TCPF_ESTABLISHED)) + } else if ((1 << sk->sk_state) & (TCPF_SYN_RECV|TCPF_ESTABLISHED)) { +#ifndef CONFIG_PHONET_PIPECTRLR /* Forcefully remove dangling Phonet pipe */ pipe_do_remove(sk); - -#ifdef CONFIG_PHONET_PIPECTRLR - if (pn->pipe_state != PIPE_IDLE) { +#else /* send pep disconnect request */ pipe_handler_send_req(sk, PNS_PEP_DISCONNECT_UTID, PNS_PEP_DISCONNECT_REQ, GFP_KERNEL); - - pn->pipe_state = PIPE_IDLE; sk->sk_state = TCP_CLOSE; - } #endif + } ifindex = pn->ifindex; pn->ifindex = 0; @@ -1101,10 +1094,6 @@ static int pep_setsockopt(struct sock *sk, int level, int optname, #ifdef CONFIG_PHONET_PIPECTRLR case PNPIPE_PIPE_HANDLE: if (val) { - if (pn->pipe_state > PIPE_IDLE) { - err = -EFAULT; - break; - } pn->pipe_handle = val; break; } @@ -1138,7 +1127,7 @@ static int pep_setsockopt(struct sock *sk, int level, int optname, #ifdef CONFIG_PHONET_PIPECTRLR case PNPIPE_ENABLE: - if (pn->pipe_state <= PIPE_IDLE) { + if ((1 << sk->sk_state) & ~(TCPF_SYN_RECV|TCPF_ESTABLISHED)) { err = -ENOTCONN; break; } @@ -1177,9 +1166,7 @@ static int pep_getsockopt(struct sock *sk, int level, int optname, #ifdef CONFIG_PHONET_PIPECTRLR case PNPIPE_ENABLE: - if (pn->pipe_state <= PIPE_IDLE) - return -ENOTCONN; - val = pn->pipe_state != PIPE_DISABLED; + val = sk->sk_state == TCP_ESTABLISHED; break; #endif -- cgit v1.2.3-70-g09d2 From 0165d69bcb18c5aa220538389c872852243f9725 Mon Sep 17 00:00:00 2001 From: Rémi Denis-Courmont Date: Thu, 24 Feb 2011 23:15:00 +0000 Subject: Phonet: don't bother with transaction IDs (especially for indications) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rémi Denis-Courmont Signed-off-by: David S. Miller --- include/net/phonet/pep.h | 11 ----------- net/phonet/pep.c | 49 ++++++++++++++---------------------------------- 2 files changed, 14 insertions(+), 46 deletions(-) (limited to 'include/net/phonet/pep.h') diff --git a/include/net/phonet/pep.h b/include/net/phonet/pep.h index 4c48ed80bc0..37f23dc05de 100644 --- a/include/net/phonet/pep.h +++ b/include/net/phonet/pep.h @@ -165,15 +165,4 @@ enum { PEP_IND_READY, }; -#ifdef CONFIG_PHONET_PIPECTRLR -#define PNS_PEP_CONNECT_UTID 0x02 -#define PNS_PIPE_CREATED_IND_UTID 0x04 -#define PNS_PIPE_ENABLE_UTID 0x0A -#define PNS_PIPE_ENABLED_IND_UTID 0x0C -#define PNS_PIPE_DISABLE_UTID 0x0F -#define PNS_PIPE_DISABLED_IND_UTID 0x11 -#define PNS_PEP_DISCONNECT_UTID 0x06 - -#endif /* CONFIG_PHONET_PIPECTRLR */ - #endif diff --git a/net/phonet/pep.c b/net/phonet/pep.c index 15775a74b6f..0ecab59963e 100644 --- a/net/phonet/pep.c +++ b/net/phonet/pep.c @@ -172,8 +172,7 @@ static int pipe_get_flow_info(struct sock *sk, struct sk_buff *skb, return 0; } -static int pipe_handler_send_req(struct sock *sk, u8 utid, - u8 msg_id, gfp_t priority) +static int pipe_handler_send_req(struct sock *sk, u8 msg_id, gfp_t priority) { int len; struct pnpipehdr *ph; @@ -212,7 +211,7 @@ static int pipe_handler_send_req(struct sock *sk, u8 utid, __skb_push(skb, sizeof(*ph)); skb_reset_transport_header(skb); ph = pnp_hdr(skb); - ph->utid = utid; + ph->utid = msg_id; /* whatever */ ph->message_id = msg_id; ph->pipe_handle = pn->pipe_handle; ph->error_code = PN_PIPE_NO_ERROR; @@ -220,8 +219,7 @@ static int pipe_handler_send_req(struct sock *sk, u8 utid, return pn_skb_send(sk, skb, NULL); } -static int pipe_handler_send_created_ind(struct sock *sk, - u8 utid, u8 msg_id) +static int pipe_handler_send_created_ind(struct sock *sk, u8 msg_id) { int err_code; struct pnpipehdr *ph; @@ -254,7 +252,7 @@ static int pipe_handler_send_created_ind(struct sock *sk, __skb_push(skb, sizeof(*ph)); skb_reset_transport_header(skb); ph = pnp_hdr(skb); - ph->utid = utid; + ph->utid = 0; ph->message_id = msg_id; ph->pipe_handle = pn->pipe_handle; ph->error_code = err_code; @@ -262,7 +260,7 @@ static int pipe_handler_send_created_ind(struct sock *sk, return pn_skb_send(sk, skb, NULL); } -static int pipe_handler_send_ind(struct sock *sk, u8 utid, u8 msg_id) +static int pipe_handler_send_ind(struct sock *sk, u8 msg_id) { int err_code; struct pnpipehdr *ph; @@ -287,7 +285,7 @@ static int pipe_handler_send_ind(struct sock *sk, u8 utid, u8 msg_id) __skb_push(skb, sizeof(*ph)); skb_reset_transport_header(skb); ph = pnp_hdr(skb); - ph->utid = utid; + ph->utid = 0; ph->message_id = msg_id; ph->pipe_handle = pn->pipe_handle; ph->error_code = err_code; @@ -297,16 +295,9 @@ static int pipe_handler_send_ind(struct sock *sk, u8 utid, u8 msg_id) static int pipe_handler_enable_pipe(struct sock *sk, int enable) { - int utid, req; - - if (enable) { - utid = PNS_PIPE_ENABLE_UTID; - req = PNS_PEP_ENABLE_REQ; - } else { - utid = PNS_PIPE_DISABLE_UTID; - req = PNS_PEP_DISABLE_REQ; - } - return pipe_handler_send_req(sk, utid, req, GFP_ATOMIC); + u8 id = enable ? PNS_PEP_ENABLE_REQ : PNS_PEP_DISABLE_REQ; + + return pipe_handler_send_req(sk, id, GFP_KERNEL); } #endif @@ -538,8 +529,7 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) #ifdef CONFIG_PHONET_PIPECTRLR case PNS_PEP_ENABLE_RESP: - pipe_handler_send_ind(sk, PNS_PIPE_ENABLED_IND_UTID, - PNS_PIPE_ENABLED_IND); + pipe_handler_send_ind(sk, PNS_PIPE_ENABLED_IND); if (!pn_flow_safe(pn->tx_fc)) { atomic_set(&pn->tx_credits, 1); @@ -573,8 +563,7 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) #ifdef CONFIG_PHONET_PIPECTRLR case PNS_PEP_DISABLE_RESP: atomic_set(&pn->tx_credits, 0); - pipe_handler_send_ind(sk, PNS_PIPE_DISABLED_IND_UTID, - PNS_PIPE_DISABLED_IND); + pipe_handler_send_ind(sk, PNS_PIPE_DISABLED_IND); sk->sk_state = TCP_SYN_RECV; pn->rx_credits = 0; break; @@ -678,7 +667,6 @@ static int pep_connresp_rcv(struct sock *sk, struct sk_buff *skb) u8 host_pref_rx_fc[3] = {3, 2, 1}, host_req_tx_fc[3] = {3, 2, 1}; u8 remote_pref_rx_fc[3], remote_req_tx_fc[3]; u8 negotiated_rx_fc, negotiated_tx_fc; - int ret; pipe_get_flow_info(sk, skb, remote_pref_rx_fc, remote_req_tx_fc); @@ -697,12 +685,7 @@ static int pep_connresp_rcv(struct sock *sk, struct sk_buff *skb) pn->tx_fc = negotiated_tx_fc; sk->sk_state_change(sk); - ret = pipe_handler_send_created_ind(sk, - PNS_PIPE_CREATED_IND_UTID, - PNS_PIPE_CREATED_IND - ); - - return ret; + return pipe_handler_send_created_ind(sk, PNS_PIPE_CREATED_IND); } #endif @@ -943,9 +926,7 @@ static void pep_sock_close(struct sock *sk, long timeout) pipe_do_remove(sk); #else /* send pep disconnect request */ - pipe_handler_send_req(sk, - PNS_PEP_DISCONNECT_UTID, PNS_PEP_DISCONNECT_REQ, - GFP_KERNEL); + pipe_handler_send_req(sk, PNS_PEP_DISCONNECT_REQ, GFP_KERNEL); sk->sk_state = TCP_CLOSE; #endif } @@ -1034,9 +1015,7 @@ static int pep_sock_connect(struct sock *sk, struct sockaddr *addr, int len) pn->pn_sk.dobject = pn_sockaddr_get_object(spn); pn->pn_sk.resource = pn_sockaddr_get_resource(spn); - return pipe_handler_send_req(sk, - PNS_PEP_CONNECT_UTID, PNS_PEP_CONNECT_REQ, - GFP_ATOMIC); + return pipe_handler_send_req(sk, PNS_PEP_CONNECT_REQ, GFP_KERNEL); } #endif -- cgit v1.2.3-70-g09d2 From 8f44fcc72a454c5eb7cbc138bd53f0963f23e87f Mon Sep 17 00:00:00 2001 From: Rémi Denis-Courmont Date: Thu, 24 Feb 2011 23:15:01 +0000 Subject: Phonet: fix flawed "SYN/ACK" logic MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Do not fail if the peer supports more or less than 3 algorithms. * Ignore unknown congestion control algorithms instead of failing. * Simplify congestion algorithm negotiation (largest is best). * Do not use a static buffer. * Fix off-by-two read overflow. * Avoid extra memory copy (in addition to skb_copy_bits()). The previous code really made no sense. Signed-off-by: Rémi Denis-Courmont Signed-off-by: David S. Miller --- include/net/phonet/pep.h | 1 + net/phonet/pep.c | 125 ++++++++++++++++++----------------------------- 2 files changed, 48 insertions(+), 78 deletions(-) (limited to 'include/net/phonet/pep.h') diff --git a/include/net/phonet/pep.h b/include/net/phonet/pep.h index 37f23dc05de..38eed1be6ff 100644 --- a/include/net/phonet/pep.h +++ b/include/net/phonet/pep.h @@ -154,6 +154,7 @@ enum { PN_LEGACY_FLOW_CONTROL, PN_ONE_CREDIT_FLOW_CONTROL, PN_MULTI_CREDIT_FLOW_CONTROL, + PN_MAX_FLOW_CONTROL, }; #define pn_flow_safe(fc) ((fc) >> 1) diff --git a/net/phonet/pep.c b/net/phonet/pep.c index 0ecab59963e..b8c31fc928e 100644 --- a/net/phonet/pep.c +++ b/net/phonet/pep.c @@ -108,70 +108,6 @@ static int pep_reply(struct sock *sk, struct sk_buff *oskb, #define PAD 0x00 #ifdef CONFIG_PHONET_PIPECTRLR -static u8 pipe_negotiate_fc(u8 *host_fc, u8 *remote_fc, int len) -{ - int i, j; - u8 base_fc, final_fc; - - for (i = 0; i < len; i++) { - base_fc = host_fc[i]; - for (j = 0; j < len; j++) { - if (remote_fc[j] == base_fc) { - final_fc = base_fc; - goto done; - } - } - } - return -EINVAL; - -done: - return final_fc; - -} - -static int pipe_get_flow_info(struct sock *sk, struct sk_buff *skb, - u8 *pref_rx_fc, u8 *req_tx_fc) -{ - struct pnpipehdr *hdr; - u8 n_sb; - - if (!pskb_may_pull(skb, sizeof(*hdr) + 4)) - return -EINVAL; - - hdr = pnp_hdr(skb); - n_sb = hdr->data[4]; - - __skb_pull(skb, sizeof(*hdr) + 4); - while (n_sb > 0) { - u8 type, buf[3], len = sizeof(buf); - u8 *data = pep_get_sb(skb, &type, &len, buf); - - if (data == NULL) - return -EINVAL; - - switch (type) { - case PN_PIPE_SB_REQUIRED_FC_TX: - if (len < 3 || (data[2] | data[3] | data[4]) > 3) - break; - req_tx_fc[0] = data[2]; - req_tx_fc[1] = data[3]; - req_tx_fc[2] = data[4]; - break; - - case PN_PIPE_SB_PREFERRED_FC_RX: - if (len < 3 || (data[2] | data[3] | data[4]) > 3) - break; - pref_rx_fc[0] = data[2]; - pref_rx_fc[1] = data[3]; - pref_rx_fc[2] = data[4]; - break; - - } - n_sb--; - } - return 0; -} - static int pipe_handler_send_req(struct sock *sk, u8 msg_id, gfp_t priority) { int len; @@ -661,28 +597,61 @@ static void pipe_destruct(struct sock *sk) } #ifdef CONFIG_PHONET_PIPECTRLR +static u8 pipe_negotiate_fc(const u8 *fcs, unsigned n) +{ + unsigned i; + u8 final_fc = PN_NO_FLOW_CONTROL; + + for (i = 0; i < n; i++) { + u8 fc = fcs[i]; + + if (fc > final_fc && fc < PN_MAX_FLOW_CONTROL) + final_fc = fc; + } + return final_fc; +} + static int pep_connresp_rcv(struct sock *sk, struct sk_buff *skb) { struct pep_sock *pn = pep_sk(sk); - u8 host_pref_rx_fc[3] = {3, 2, 1}, host_req_tx_fc[3] = {3, 2, 1}; - u8 remote_pref_rx_fc[3], remote_req_tx_fc[3]; - u8 negotiated_rx_fc, negotiated_tx_fc; - - pipe_get_flow_info(sk, skb, remote_pref_rx_fc, - remote_req_tx_fc); - negotiated_tx_fc = pipe_negotiate_fc(remote_req_tx_fc, - host_pref_rx_fc, - sizeof(host_pref_rx_fc)); - negotiated_rx_fc = pipe_negotiate_fc(host_req_tx_fc, - remote_pref_rx_fc, - sizeof(host_pref_rx_fc)); + struct pnpipehdr *hdr; + u8 n_sb; + + if (!pskb_pull(skb, sizeof(*hdr) + 4)) + return -EINVAL; + + hdr = pnp_hdr(skb); + + /* Parse sub-blocks */ + n_sb = hdr->data[4]; + while (n_sb > 0) { + u8 type, buf[6], len = sizeof(buf); + const u8 *data = pep_get_sb(skb, &type, &len, buf); + + if (data == NULL) + return -EINVAL; + + switch (type) { + case PN_PIPE_SB_REQUIRED_FC_TX: + if (len < 2 || len < data[0]) + break; + pn->tx_fc = pipe_negotiate_fc(data + 2, len - 2); + break; + + case PN_PIPE_SB_PREFERRED_FC_RX: + if (len < 2 || len < data[0]) + break; + pn->rx_fc = pipe_negotiate_fc(data + 2, len - 2); + break; + + } + n_sb--; + } sk->sk_state = TCP_SYN_RECV; sk->sk_backlog_rcv = pipe_do_rcv; sk->sk_destruct = pipe_destruct; pn->rx_credits = 0; - pn->rx_fc = negotiated_rx_fc; - pn->tx_fc = negotiated_tx_fc; sk->sk_state_change(sk); return pipe_handler_send_created_ind(sk, PNS_PIPE_CREATED_IND); -- cgit v1.2.3-70-g09d2 From f7ae8d59f66154df0424fd94035c89981fed3379 Mon Sep 17 00:00:00 2001 From: Rémi Denis-Courmont Date: Tue, 8 Mar 2011 22:44:10 +0000 Subject: Phonet: allocate sock from accept syscall rather than soft IRQ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This moves most of the accept logic to process context like other socket stacks do. Then we can use a few more common socket helpers and simplify a bit. Signed-off-by: Rémi Denis-Courmont Signed-off-by: David S. Miller --- include/net/phonet/pep.h | 1 - net/phonet/pep.c | 284 +++++++++++++++++++---------------------------- net/phonet/socket.c | 10 +- 3 files changed, 121 insertions(+), 174 deletions(-) (limited to 'include/net/phonet/pep.h') diff --git a/include/net/phonet/pep.h b/include/net/phonet/pep.h index 38eed1be6ff..b669fe6dbc3 100644 --- a/include/net/phonet/pep.h +++ b/include/net/phonet/pep.h @@ -28,7 +28,6 @@ struct pep_sock { /* XXX: union-ify listening vs connected stuff ? */ /* Listening socket stuff: */ - struct hlist_head ackq; struct hlist_head hlist; /* Connected socket stuff: */ diff --git a/net/phonet/pep.c b/net/phonet/pep.c index 610794a416e..c0fab4cfcef 100644 --- a/net/phonet/pep.c +++ b/net/phonet/pep.c @@ -42,7 +42,7 @@ * TCP_ESTABLISHED connected pipe in enabled state * * pep_sock locking: - * - sk_state, ackq, hlist: sock lock needed + * - sk_state, hlist: sock lock needed * - listener: read only * - pipe_handle: read only */ @@ -202,11 +202,12 @@ static int pep_accept_conn(struct sock *sk, struct sk_buff *skb) GFP_KERNEL); } -static int pep_reject_conn(struct sock *sk, struct sk_buff *skb, u8 code) +static int pep_reject_conn(struct sock *sk, struct sk_buff *skb, u8 code, + gfp_t priority) { static const u8 data[4] = { PAD, PAD, PAD, 0 /* sub-blocks */ }; WARN_ON(code == PN_PIPE_NO_ERROR); - return pep_reply(sk, skb, code, data, sizeof(data), GFP_ATOMIC); + return pep_reply(sk, skb, code, data, sizeof(data), priority); } /* Control requests are not sent by the pipe service and have a specific @@ -365,7 +366,7 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) switch (hdr->message_id) { case PNS_PEP_CONNECT_REQ: - pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE); + pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE, GFP_ATOMIC); break; case PNS_PEP_DISCONNECT_REQ: @@ -574,7 +575,6 @@ static int pep_connresp_rcv(struct sock *sk, struct sk_buff *skb) sk->sk_state = TCP_SYN_RECV; sk->sk_backlog_rcv = pipe_do_rcv; - sk->sk_destruct = pipe_destruct; pn->rx_credits = 0; sk->sk_state_change(sk); @@ -582,96 +582,6 @@ static int pep_connresp_rcv(struct sock *sk, struct sk_buff *skb) } #endif -static int pep_connreq_rcv(struct sock *sk, struct sk_buff *skb) -{ - struct sock *newsk; - struct pep_sock *newpn, *pn = pep_sk(sk); - struct pnpipehdr *hdr; - struct sockaddr_pn dst, src; - u16 peer_type; - u8 pipe_handle, enabled, n_sb; - u8 aligned = 0; - - if (!pskb_pull(skb, sizeof(*hdr) + 4)) - return -EINVAL; - - hdr = pnp_hdr(skb); - pipe_handle = hdr->pipe_handle; - switch (hdr->state_after_connect) { - case PN_PIPE_DISABLE: - enabled = 0; - break; - case PN_PIPE_ENABLE: - enabled = 1; - break; - default: - pep_reject_conn(sk, skb, PN_PIPE_ERR_INVALID_PARAM); - return -EINVAL; - } - peer_type = hdr->other_pep_type << 8; - - /* Parse sub-blocks (options) */ - n_sb = hdr->data[4]; - while (n_sb > 0) { - u8 type, buf[1], len = sizeof(buf); - const u8 *data = pep_get_sb(skb, &type, &len, buf); - - if (data == NULL) - return -EINVAL; - switch (type) { - case PN_PIPE_SB_CONNECT_REQ_PEP_SUB_TYPE: - if (len < 1) - return -EINVAL; - peer_type = (peer_type & 0xff00) | data[0]; - break; - case PN_PIPE_SB_ALIGNED_DATA: - aligned = data[0] != 0; - break; - } - n_sb--; - } - - skb = skb_clone(skb, GFP_ATOMIC); - if (!skb) - return -ENOMEM; - - /* Create a new to-be-accepted sock */ - newsk = sk_alloc(sock_net(sk), PF_PHONET, GFP_ATOMIC, sk->sk_prot); - if (!newsk) { - kfree_skb(skb); - return -ENOMEM; - } - sock_init_data(NULL, newsk); - newsk->sk_state = TCP_SYN_RECV; - newsk->sk_backlog_rcv = pipe_do_rcv; - newsk->sk_protocol = sk->sk_protocol; - newsk->sk_destruct = pipe_destruct; - - newpn = pep_sk(newsk); - pn_skb_get_dst_sockaddr(skb, &dst); - pn_skb_get_src_sockaddr(skb, &src); - newpn->pn_sk.sobject = pn_sockaddr_get_object(&dst); - newpn->pn_sk.dobject = pn_sockaddr_get_object(&src); - newpn->pn_sk.resource = pn_sockaddr_get_resource(&dst); - skb_queue_head_init(&newpn->ctrlreq_queue); - newpn->pipe_handle = pipe_handle; - atomic_set(&newpn->tx_credits, 0); - newpn->peer_type = peer_type; - newpn->rx_credits = 0; - newpn->rx_fc = newpn->tx_fc = PN_LEGACY_FLOW_CONTROL; - newpn->init_enable = enabled; - newpn->aligned = aligned; - - BUG_ON(!skb_queue_empty(&newsk->sk_receive_queue)); - skb_queue_head(&newsk->sk_receive_queue, skb); - if (!sock_flag(sk, SOCK_DEAD)) - sk->sk_data_ready(sk, 0); - - sk_acceptq_added(sk); - sk_add_node(newsk, &pn->ackq); - return 0; -} - /* Listening sock must be locked */ static struct sock *pep_find_pipe(const struct hlist_head *hlist, const struct sockaddr_pn *dst, @@ -726,22 +636,18 @@ static int pep_do_rcv(struct sock *sk, struct sk_buff *skb) if (sknode) return sk_receive_skb(sknode, skb, 1); - /* Look for a pipe handle pending accept */ - sknode = pep_find_pipe(&pn->ackq, &dst, pipe_handle); - if (sknode) { - sock_put(sknode); - if (net_ratelimit()) - printk(KERN_WARNING"Phonet unconnected PEP ignored"); - goto drop; - } - switch (hdr->message_id) { case PNS_PEP_CONNECT_REQ: - if (sk->sk_state == TCP_LISTEN && !sk_acceptq_is_full(sk)) - pep_connreq_rcv(sk, skb); - else - pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE); - break; + if (sk->sk_state != TCP_LISTEN || sk_acceptq_is_full(sk)) { + pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE, + GFP_ATOMIC); + break; + } + skb_queue_head(&sk->sk_receive_queue, skb); + sk_acceptq_added(sk); + if (!sock_flag(sk, SOCK_DEAD)) + sk->sk_data_ready(sk, 0); + return NET_RX_SUCCESS; #ifdef CONFIG_PHONET_PIPECTRLR case PNS_PEP_CONNECT_RESP: @@ -799,24 +705,16 @@ static void pep_sock_close(struct sock *sk, long timeout) sk_common_release(sk); lock_sock(sk); - if (sk->sk_state == TCP_LISTEN) { - /* Destroy the listen queue */ - struct sock *sknode; - struct hlist_node *p, *n; - - sk_for_each_safe(sknode, p, n, &pn->ackq) - sk_del_node_init(sknode); - sk->sk_state = TCP_CLOSE; - } else if ((1 << sk->sk_state) & (TCPF_SYN_RECV|TCPF_ESTABLISHED)) { + if ((1 << sk->sk_state) & (TCPF_SYN_RECV|TCPF_ESTABLISHED)) { #ifndef CONFIG_PHONET_PIPECTRLR /* Forcefully remove dangling Phonet pipe */ pipe_do_remove(sk); #else /* send pep disconnect request */ pipe_handler_request(sk, PNS_PEP_DISCONNECT_REQ, PAD, NULL, 0); - sk->sk_state = TCP_CLOSE; #endif } + sk->sk_state = TCP_CLOSE; ifindex = pn->ifindex; pn->ifindex = 0; @@ -827,69 +725,121 @@ static void pep_sock_close(struct sock *sk, long timeout) sock_put(sk); } -static int pep_wait_connreq(struct sock *sk, int noblock) +static struct sock *pep_sock_accept(struct sock *sk, int flags, int *errp) { - struct task_struct *tsk = current; - struct pep_sock *pn = pep_sk(sk); - long timeo = sock_rcvtimeo(sk, noblock); - - for (;;) { - DEFINE_WAIT(wait); + struct pep_sock *pn = pep_sk(sk), *newpn; + struct sock *newsk = NULL; + struct sk_buff *skb; + struct pnpipehdr *hdr; + struct sockaddr_pn dst, src; + int err; + u16 peer_type; + u8 pipe_handle, enabled, n_sb; + u8 aligned = 0; - if (sk->sk_state != TCP_LISTEN) - return -EINVAL; - if (!hlist_empty(&pn->ackq)) - break; - if (!timeo) - return -EWOULDBLOCK; - if (signal_pending(tsk)) - return sock_intr_errno(timeo); + skb = skb_recv_datagram(sk, 0, flags & O_NONBLOCK, errp); + if (!skb) + return NULL; - prepare_to_wait_exclusive(sk_sleep(sk), &wait, - TASK_INTERRUPTIBLE); - release_sock(sk); - timeo = schedule_timeout(timeo); - lock_sock(sk); - finish_wait(sk_sleep(sk), &wait); + lock_sock(sk); + if (sk->sk_state != TCP_LISTEN) { + err = -EINVAL; + goto drop; } + sk_acceptq_removed(sk); - return 0; -} + err = -EPROTO; + if (!pskb_may_pull(skb, sizeof(*hdr) + 4)) + goto drop; -static struct sock *pep_sock_accept(struct sock *sk, int flags, int *errp) -{ - struct pep_sock *pn = pep_sk(sk); - struct sock *newsk = NULL; - struct sk_buff *oskb; - int err; + hdr = pnp_hdr(skb); + pipe_handle = hdr->pipe_handle; + switch (hdr->state_after_connect) { + case PN_PIPE_DISABLE: + enabled = 0; + break; + case PN_PIPE_ENABLE: + enabled = 1; + break; + default: + pep_reject_conn(sk, skb, PN_PIPE_ERR_INVALID_PARAM, + GFP_KERNEL); + goto drop; + } + peer_type = hdr->other_pep_type << 8; - lock_sock(sk); - err = pep_wait_connreq(sk, flags & O_NONBLOCK); - if (err) - goto out; + /* Parse sub-blocks (options) */ + n_sb = hdr->data[4]; + while (n_sb > 0) { + u8 type, buf[1], len = sizeof(buf); + const u8 *data = pep_get_sb(skb, &type, &len, buf); - newsk = __sk_head(&pn->ackq); + if (data == NULL) + goto drop; + switch (type) { + case PN_PIPE_SB_CONNECT_REQ_PEP_SUB_TYPE: + if (len < 1) + goto drop; + peer_type = (peer_type & 0xff00) | data[0]; + break; + case PN_PIPE_SB_ALIGNED_DATA: + aligned = data[0] != 0; + break; + } + n_sb--; + } - oskb = skb_dequeue(&newsk->sk_receive_queue); - err = pep_accept_conn(newsk, oskb); - if (err) { - skb_queue_head(&newsk->sk_receive_queue, oskb); + /* Check for duplicate pipe handle */ + newsk = pep_find_pipe(&pn->hlist, &dst, pipe_handle); + if (unlikely(newsk)) { + __sock_put(newsk); newsk = NULL; - goto out; + pep_reject_conn(sk, skb, PN_PIPE_ERR_PEP_IN_USE, GFP_KERNEL); + goto drop; + } + + /* Create a new to-be-accepted sock */ + newsk = sk_alloc(sock_net(sk), PF_PHONET, GFP_KERNEL, sk->sk_prot); + if (!newsk) { + pep_reject_conn(sk, skb, PN_PIPE_ERR_OVERLOAD, GFP_KERNEL); + err = -ENOBUFS; + goto drop; } - kfree_skb(oskb); + sock_init_data(NULL, newsk); + newsk->sk_state = TCP_SYN_RECV; + newsk->sk_backlog_rcv = pipe_do_rcv; + newsk->sk_protocol = sk->sk_protocol; + newsk->sk_destruct = pipe_destruct; + + newpn = pep_sk(newsk); + pn_skb_get_dst_sockaddr(skb, &dst); + pn_skb_get_src_sockaddr(skb, &src); + newpn->pn_sk.sobject = pn_sockaddr_get_object(&dst); + newpn->pn_sk.dobject = pn_sockaddr_get_object(&src); + newpn->pn_sk.resource = pn_sockaddr_get_resource(&dst); sock_hold(sk); - pep_sk(newsk)->listener = sk; + newpn->listener = sk; + skb_queue_head_init(&newpn->ctrlreq_queue); + newpn->pipe_handle = pipe_handle; + atomic_set(&newpn->tx_credits, 0); + newpn->ifindex = 0; + newpn->peer_type = peer_type; + newpn->rx_credits = 0; + newpn->rx_fc = newpn->tx_fc = PN_LEGACY_FLOW_CONTROL; + newpn->init_enable = enabled; + newpn->aligned = aligned; - sock_hold(newsk); - sk_del_node_init(newsk); - sk_acceptq_removed(sk); + err = pep_accept_conn(newsk, skb); + if (err) { + sock_put(newsk); + newsk = NULL; + goto drop; + } sk_add_node(newsk, &pn->hlist); - __sock_put(newsk); - -out: +drop: release_sock(sk); + kfree_skb(skb); *errp = err; return newsk; } @@ -937,7 +887,7 @@ static int pep_init(struct sock *sk) { struct pep_sock *pn = pep_sk(sk); - INIT_HLIST_HEAD(&pn->ackq); + sk->sk_destruct = pipe_destruct; INIT_HLIST_HEAD(&pn->hlist); skb_queue_head_init(&pn->ctrlreq_queue); pn->pipe_handle = PN_PIPE_INVALID_HANDLE; diff --git a/net/phonet/socket.c b/net/phonet/socket.c index 65a03338769..1eccfc35bcc 100644 --- a/net/phonet/socket.c +++ b/net/phonet/socket.c @@ -327,6 +327,9 @@ static int pn_socket_accept(struct socket *sock, struct socket *newsock, struct sock *newsk; int err; + if (unlikely(sk->sk_state != TCP_LISTEN)) + return -EINVAL; + newsk = sk->sk_prot->accept(sk, flags, &err); if (!newsk) return err; @@ -363,13 +366,8 @@ static unsigned int pn_socket_poll(struct file *file, struct socket *sock, poll_wait(file, sk_sleep(sk), wait); - switch (sk->sk_state) { - case TCP_LISTEN: - return hlist_empty(&pn->ackq) ? 0 : POLLIN; - case TCP_CLOSE: + if (sk->sk_state == TCP_CLOSE) return POLLERR; - } - if (!skb_queue_empty(&sk->sk_receive_queue)) mask |= POLLIN | POLLRDNORM; if (!skb_queue_empty(&pn->ctrlreq_queue)) -- cgit v1.2.3-70-g09d2