Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc
[linux-2.6] / net / rxrpc / krxsecd.c
1 /* krxsecd.c: Rx security daemon
2  *
3  * Copyright (C) 2002 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version
9  * 2 of the License, or (at your option) any later version.
10  *
11  * This daemon deals with:
12  * - consulting the application as to whether inbound peers and calls should be authorised
13  * - generating security challenges for inbound connections
14  * - responding to security challenges on outbound connections
15  */
16
17 #include <linux/module.h>
18 #include <linux/sched.h>
19 #include <linux/completion.h>
20 #include <linux/spinlock.h>
21 #include <linux/init.h>
22 #include <rxrpc/krxsecd.h>
23 #include <rxrpc/transport.h>
24 #include <rxrpc/connection.h>
25 #include <rxrpc/message.h>
26 #include <rxrpc/peer.h>
27 #include <rxrpc/call.h>
28 #include <linux/udp.h>
29 #include <linux/ip.h>
30 #include <linux/freezer.h>
31 #include <net/sock.h>
32 #include "internal.h"
33
34 static DECLARE_WAIT_QUEUE_HEAD(rxrpc_krxsecd_sleepq);
35 static DECLARE_COMPLETION(rxrpc_krxsecd_dead);
36 static volatile int rxrpc_krxsecd_die;
37
38 static atomic_t rxrpc_krxsecd_qcount;
39
40 /* queue of unprocessed inbound messages with seqno #1 and
41  * RXRPC_CLIENT_INITIATED flag set */
42 static LIST_HEAD(rxrpc_krxsecd_initmsgq);
43 static DEFINE_SPINLOCK(rxrpc_krxsecd_initmsgq_lock);
44
45 static void rxrpc_krxsecd_process_incoming_call(struct rxrpc_message *msg);
46
47 /*****************************************************************************/
48 /*
49  * Rx security daemon
50  */
51 static int rxrpc_krxsecd(void *arg)
52 {
53         DECLARE_WAITQUEUE(krxsecd, current);
54
55         int die;
56
57         printk("Started krxsecd %d\n", current->pid);
58
59         daemonize("krxsecd");
60
61         /* loop around waiting for work to do */
62         do {
63                 /* wait for work or to be told to exit */
64                 _debug("### Begin Wait");
65                 if (!atomic_read(&rxrpc_krxsecd_qcount)) {
66                         set_current_state(TASK_INTERRUPTIBLE);
67
68                         add_wait_queue(&rxrpc_krxsecd_sleepq, &krxsecd);
69
70                         for (;;) {
71                                 set_current_state(TASK_INTERRUPTIBLE);
72                                 if (atomic_read(&rxrpc_krxsecd_qcount) ||
73                                     rxrpc_krxsecd_die ||
74                                     signal_pending(current))
75                                         break;
76
77                                 schedule();
78                         }
79
80                         remove_wait_queue(&rxrpc_krxsecd_sleepq, &krxsecd);
81                         set_current_state(TASK_RUNNING);
82                 }
83                 die = rxrpc_krxsecd_die;
84                 _debug("### End Wait");
85
86                 /* see if there're incoming calls in need of authenticating */
87                 _debug("### Begin Inbound Calls");
88
89                 if (!list_empty(&rxrpc_krxsecd_initmsgq)) {
90                         struct rxrpc_message *msg = NULL;
91
92                         spin_lock(&rxrpc_krxsecd_initmsgq_lock);
93
94                         if (!list_empty(&rxrpc_krxsecd_initmsgq)) {
95                                 msg = list_entry(rxrpc_krxsecd_initmsgq.next,
96                                                  struct rxrpc_message, link);
97                                 list_del_init(&msg->link);
98                                 atomic_dec(&rxrpc_krxsecd_qcount);
99                         }
100
101                         spin_unlock(&rxrpc_krxsecd_initmsgq_lock);
102
103                         if (msg) {
104                                 rxrpc_krxsecd_process_incoming_call(msg);
105                                 rxrpc_put_message(msg);
106                         }
107                 }
108
109                 _debug("### End Inbound Calls");
110
111                 try_to_freeze();
112
113                 /* discard pending signals */
114                 rxrpc_discard_my_signals();
115
116         } while (!die);
117
118         /* and that's all */
119         complete_and_exit(&rxrpc_krxsecd_dead, 0);
120
121 } /* end rxrpc_krxsecd() */
122
123 /*****************************************************************************/
124 /*
125  * start up a krxsecd daemon
126  */
127 int __init rxrpc_krxsecd_init(void)
128 {
129         return kernel_thread(rxrpc_krxsecd, NULL, 0);
130
131 } /* end rxrpc_krxsecd_init() */
132
133 /*****************************************************************************/
134 /*
135  * kill the krxsecd daemon and wait for it to complete
136  */
137 void rxrpc_krxsecd_kill(void)
138 {
139         rxrpc_krxsecd_die = 1;
140         wake_up_all(&rxrpc_krxsecd_sleepq);
141         wait_for_completion(&rxrpc_krxsecd_dead);
142
143 } /* end rxrpc_krxsecd_kill() */
144
145 /*****************************************************************************/
146 /*
147  * clear all pending incoming calls for the specified transport
148  */
149 void rxrpc_krxsecd_clear_transport(struct rxrpc_transport *trans)
150 {
151         LIST_HEAD(tmp);
152
153         struct rxrpc_message *msg;
154         struct list_head *_p, *_n;
155
156         _enter("%p",trans);
157
158         /* move all the messages for this transport onto a temp list */
159         spin_lock(&rxrpc_krxsecd_initmsgq_lock);
160
161         list_for_each_safe(_p, _n, &rxrpc_krxsecd_initmsgq) {
162                 msg = list_entry(_p, struct rxrpc_message, link);
163                 if (msg->trans == trans) {
164                         list_move_tail(&msg->link, &tmp);
165                         atomic_dec(&rxrpc_krxsecd_qcount);
166                 }
167         }
168
169         spin_unlock(&rxrpc_krxsecd_initmsgq_lock);
170
171         /* zap all messages on the temp list */
172         while (!list_empty(&tmp)) {
173                 msg = list_entry(tmp.next, struct rxrpc_message, link);
174                 list_del_init(&msg->link);
175                 rxrpc_put_message(msg);
176         }
177
178         _leave("");
179 } /* end rxrpc_krxsecd_clear_transport() */
180
181 /*****************************************************************************/
182 /*
183  * queue a message on the incoming calls list
184  */
185 void rxrpc_krxsecd_queue_incoming_call(struct rxrpc_message *msg)
186 {
187         _enter("%p", msg);
188
189         /* queue for processing by krxsecd */
190         spin_lock(&rxrpc_krxsecd_initmsgq_lock);
191
192         if (!rxrpc_krxsecd_die) {
193                 rxrpc_get_message(msg);
194                 list_add_tail(&msg->link, &rxrpc_krxsecd_initmsgq);
195                 atomic_inc(&rxrpc_krxsecd_qcount);
196         }
197
198         spin_unlock(&rxrpc_krxsecd_initmsgq_lock);
199
200         wake_up(&rxrpc_krxsecd_sleepq);
201
202         _leave("");
203 } /* end rxrpc_krxsecd_queue_incoming_call() */
204
205 /*****************************************************************************/
206 /*
207  * process the initial message of an incoming call
208  */
209 void rxrpc_krxsecd_process_incoming_call(struct rxrpc_message *msg)
210 {
211         struct rxrpc_transport *trans = msg->trans;
212         struct rxrpc_service *srv;
213         struct rxrpc_call *call;
214         struct list_head *_p;
215         unsigned short sid;
216         int ret;
217
218         _enter("%p{tr=%p}", msg, trans);
219
220         ret = rxrpc_incoming_call(msg->conn, msg, &call);
221         if (ret < 0)
222                 goto out;
223
224         /* find the matching service on the transport */
225         sid = ntohs(msg->hdr.serviceId);
226         srv = NULL;
227
228         spin_lock(&trans->lock);
229         list_for_each(_p, &trans->services) {
230                 srv = list_entry(_p, struct rxrpc_service, link);
231                 if (srv->service_id == sid && try_module_get(srv->owner)) {
232                         /* found a match (made sure it won't vanish) */
233                         _debug("found service '%s'", srv->name);
234                         call->owner = srv->owner;
235                         break;
236                 }
237         }
238         spin_unlock(&trans->lock);
239
240         /* report the new connection
241          * - the func must inc the call's usage count to keep it
242          */
243         ret = -ENOENT;
244         if (_p != &trans->services) {
245                 /* attempt to accept the call */
246                 call->conn->service = srv;
247                 call->app_attn_func = srv->attn_func;
248                 call->app_error_func = srv->error_func;
249                 call->app_aemap_func = srv->aemap_func;
250
251                 ret = srv->new_call(call);
252
253                 /* send an abort if an error occurred */
254                 if (ret < 0) {
255                         rxrpc_call_abort(call, ret);
256                 }
257                 else {
258                         /* formally receive and ACK the new packet */
259                         ret = rxrpc_conn_receive_call_packet(call->conn,
260                                                              call, msg);
261                 }
262         }
263
264         rxrpc_put_call(call);
265  out:
266         if (ret < 0)
267                 rxrpc_trans_immediate_abort(trans, msg, ret);
268
269         _leave(" (%d)", ret);
270 } /* end rxrpc_krxsecd_process_incoming_call() */