Avoid reading past buffer when calling GETACL
[zen-stable.git] / net / atm / svc.c
blob1281049c135f269f9ab0553eb51a681cd97b2079
1 /* net/atm/svc.c - ATM SVC sockets */
3 /* Written 1995-2000 by Werner Almesberger, EPFL LRC/ICA */
5 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
7 #include <linux/string.h>
8 #include <linux/net.h> /* struct socket, struct proto_ops */
9 #include <linux/errno.h> /* error codes */
10 #include <linux/kernel.h> /* printk */
11 #include <linux/skbuff.h>
12 #include <linux/wait.h>
13 #include <linux/sched.h> /* jiffies and HZ */
14 #include <linux/fcntl.h> /* O_NONBLOCK */
15 #include <linux/init.h>
16 #include <linux/atm.h> /* ATM stuff */
17 #include <linux/atmsap.h>
18 #include <linux/atmsvc.h>
19 #include <linux/atmdev.h>
20 #include <linux/bitops.h>
21 #include <net/sock.h> /* for sock_no_* */
22 #include <linux/uaccess.h>
23 #include <linux/export.h>
25 #include "resources.h"
26 #include "common.h" /* common for PVCs and SVCs */
27 #include "signaling.h"
28 #include "addr.h"
30 static int svc_create(struct net *net, struct socket *sock, int protocol,
31 int kern);
34 * Note: since all this is still nicely synchronized with the signaling demon,
35 * there's no need to protect sleep loops with clis. If signaling is
36 * moved into the kernel, that would change.
40 static int svc_shutdown(struct socket *sock, int how)
42 return 0;
45 static void svc_disconnect(struct atm_vcc *vcc)
47 DEFINE_WAIT(wait);
48 struct sk_buff *skb;
49 struct sock *sk = sk_atm(vcc);
51 pr_debug("%p\n", vcc);
52 if (test_bit(ATM_VF_REGIS, &vcc->flags)) {
53 prepare_to_wait(sk_sleep(sk), &wait, TASK_UNINTERRUPTIBLE);
54 sigd_enq(vcc, as_close, NULL, NULL, NULL);
55 while (!test_bit(ATM_VF_RELEASED, &vcc->flags) && sigd) {
56 schedule();
57 prepare_to_wait(sk_sleep(sk), &wait,
58 TASK_UNINTERRUPTIBLE);
60 finish_wait(sk_sleep(sk), &wait);
62 /* beware - socket is still in use by atmsigd until the last
63 as_indicate has been answered */
64 while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) {
65 atm_return(vcc, skb->truesize);
66 pr_debug("LISTEN REL\n");
67 sigd_enq2(NULL, as_reject, vcc, NULL, NULL, &vcc->qos, 0);
68 dev_kfree_skb(skb);
70 clear_bit(ATM_VF_REGIS, &vcc->flags);
71 /* ... may retry later */
74 static int svc_release(struct socket *sock)
76 struct sock *sk = sock->sk;
77 struct atm_vcc *vcc;
79 if (sk) {
80 vcc = ATM_SD(sock);
81 pr_debug("%p\n", vcc);
82 clear_bit(ATM_VF_READY, &vcc->flags);
84 * VCC pointer is used as a reference,
85 * so we must not free it (thereby subjecting it to re-use)
86 * before all pending connections are closed
88 svc_disconnect(vcc);
89 vcc_release(sock);
91 return 0;
94 static int svc_bind(struct socket *sock, struct sockaddr *sockaddr,
95 int sockaddr_len)
97 DEFINE_WAIT(wait);
98 struct sock *sk = sock->sk;
99 struct sockaddr_atmsvc *addr;
100 struct atm_vcc *vcc;
101 int error;
103 if (sockaddr_len != sizeof(struct sockaddr_atmsvc))
104 return -EINVAL;
105 lock_sock(sk);
106 if (sock->state == SS_CONNECTED) {
107 error = -EISCONN;
108 goto out;
110 if (sock->state != SS_UNCONNECTED) {
111 error = -EINVAL;
112 goto out;
114 vcc = ATM_SD(sock);
115 addr = (struct sockaddr_atmsvc *) sockaddr;
116 if (addr->sas_family != AF_ATMSVC) {
117 error = -EAFNOSUPPORT;
118 goto out;
120 clear_bit(ATM_VF_BOUND, &vcc->flags);
121 /* failing rebind will kill old binding */
122 /* @@@ check memory (de)allocation on rebind */
123 if (!test_bit(ATM_VF_HASQOS, &vcc->flags)) {
124 error = -EBADFD;
125 goto out;
127 vcc->local = *addr;
128 set_bit(ATM_VF_WAITING, &vcc->flags);
129 prepare_to_wait(sk_sleep(sk), &wait, TASK_UNINTERRUPTIBLE);
130 sigd_enq(vcc, as_bind, NULL, NULL, &vcc->local);
131 while (test_bit(ATM_VF_WAITING, &vcc->flags) && sigd) {
132 schedule();
133 prepare_to_wait(sk_sleep(sk), &wait, TASK_UNINTERRUPTIBLE);
135 finish_wait(sk_sleep(sk), &wait);
136 clear_bit(ATM_VF_REGIS, &vcc->flags); /* doesn't count */
137 if (!sigd) {
138 error = -EUNATCH;
139 goto out;
141 if (!sk->sk_err)
142 set_bit(ATM_VF_BOUND, &vcc->flags);
143 error = -sk->sk_err;
144 out:
145 release_sock(sk);
146 return error;
149 static int svc_connect(struct socket *sock, struct sockaddr *sockaddr,
150 int sockaddr_len, int flags)
152 DEFINE_WAIT(wait);
153 struct sock *sk = sock->sk;
154 struct sockaddr_atmsvc *addr;
155 struct atm_vcc *vcc = ATM_SD(sock);
156 int error;
158 pr_debug("%p\n", vcc);
159 lock_sock(sk);
160 if (sockaddr_len != sizeof(struct sockaddr_atmsvc)) {
161 error = -EINVAL;
162 goto out;
165 switch (sock->state) {
166 default:
167 error = -EINVAL;
168 goto out;
169 case SS_CONNECTED:
170 error = -EISCONN;
171 goto out;
172 case SS_CONNECTING:
173 if (test_bit(ATM_VF_WAITING, &vcc->flags)) {
174 error = -EALREADY;
175 goto out;
177 sock->state = SS_UNCONNECTED;
178 if (sk->sk_err) {
179 error = -sk->sk_err;
180 goto out;
182 break;
183 case SS_UNCONNECTED:
184 addr = (struct sockaddr_atmsvc *) sockaddr;
185 if (addr->sas_family != AF_ATMSVC) {
186 error = -EAFNOSUPPORT;
187 goto out;
189 if (!test_bit(ATM_VF_HASQOS, &vcc->flags)) {
190 error = -EBADFD;
191 goto out;
193 if (vcc->qos.txtp.traffic_class == ATM_ANYCLASS ||
194 vcc->qos.rxtp.traffic_class == ATM_ANYCLASS) {
195 error = -EINVAL;
196 goto out;
198 if (!vcc->qos.txtp.traffic_class &&
199 !vcc->qos.rxtp.traffic_class) {
200 error = -EINVAL;
201 goto out;
203 vcc->remote = *addr;
204 set_bit(ATM_VF_WAITING, &vcc->flags);
205 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
206 sigd_enq(vcc, as_connect, NULL, NULL, &vcc->remote);
207 if (flags & O_NONBLOCK) {
208 finish_wait(sk_sleep(sk), &wait);
209 sock->state = SS_CONNECTING;
210 error = -EINPROGRESS;
211 goto out;
213 error = 0;
214 while (test_bit(ATM_VF_WAITING, &vcc->flags) && sigd) {
215 schedule();
216 if (!signal_pending(current)) {
217 prepare_to_wait(sk_sleep(sk), &wait,
218 TASK_INTERRUPTIBLE);
219 continue;
221 pr_debug("*ABORT*\n");
223 * This is tricky:
224 * Kernel ---close--> Demon
225 * Kernel <--close--- Demon
226 * or
227 * Kernel ---close--> Demon
228 * Kernel <--error--- Demon
229 * or
230 * Kernel ---close--> Demon
231 * Kernel <--okay---- Demon
232 * Kernel <--close--- Demon
234 sigd_enq(vcc, as_close, NULL, NULL, NULL);
235 while (test_bit(ATM_VF_WAITING, &vcc->flags) && sigd) {
236 prepare_to_wait(sk_sleep(sk), &wait,
237 TASK_INTERRUPTIBLE);
238 schedule();
240 if (!sk->sk_err)
241 while (!test_bit(ATM_VF_RELEASED, &vcc->flags) &&
242 sigd) {
243 prepare_to_wait(sk_sleep(sk), &wait,
244 TASK_INTERRUPTIBLE);
245 schedule();
247 clear_bit(ATM_VF_REGIS, &vcc->flags);
248 clear_bit(ATM_VF_RELEASED, &vcc->flags);
249 clear_bit(ATM_VF_CLOSE, &vcc->flags);
250 /* we're gone now but may connect later */
251 error = -EINTR;
252 break;
254 finish_wait(sk_sleep(sk), &wait);
255 if (error)
256 goto out;
257 if (!sigd) {
258 error = -EUNATCH;
259 goto out;
261 if (sk->sk_err) {
262 error = -sk->sk_err;
263 goto out;
267 * Not supported yet
269 * #ifndef CONFIG_SINGLE_SIGITF
271 vcc->qos.txtp.max_pcr = SELECT_TOP_PCR(vcc->qos.txtp);
272 vcc->qos.txtp.pcr = 0;
273 vcc->qos.txtp.min_pcr = 0;
275 * #endif
277 error = vcc_connect(sock, vcc->itf, vcc->vpi, vcc->vci);
278 if (!error)
279 sock->state = SS_CONNECTED;
280 else
281 (void)svc_disconnect(vcc);
282 out:
283 release_sock(sk);
284 return error;
287 static int svc_listen(struct socket *sock, int backlog)
289 DEFINE_WAIT(wait);
290 struct sock *sk = sock->sk;
291 struct atm_vcc *vcc = ATM_SD(sock);
292 int error;
294 pr_debug("%p\n", vcc);
295 lock_sock(sk);
296 /* let server handle listen on unbound sockets */
297 if (test_bit(ATM_VF_SESSION, &vcc->flags)) {
298 error = -EINVAL;
299 goto out;
301 if (test_bit(ATM_VF_LISTEN, &vcc->flags)) {
302 error = -EADDRINUSE;
303 goto out;
305 set_bit(ATM_VF_WAITING, &vcc->flags);
306 prepare_to_wait(sk_sleep(sk), &wait, TASK_UNINTERRUPTIBLE);
307 sigd_enq(vcc, as_listen, NULL, NULL, &vcc->local);
308 while (test_bit(ATM_VF_WAITING, &vcc->flags) && sigd) {
309 schedule();
310 prepare_to_wait(sk_sleep(sk), &wait, TASK_UNINTERRUPTIBLE);
312 finish_wait(sk_sleep(sk), &wait);
313 if (!sigd) {
314 error = -EUNATCH;
315 goto out;
317 set_bit(ATM_VF_LISTEN, &vcc->flags);
318 vcc_insert_socket(sk);
319 sk->sk_max_ack_backlog = backlog > 0 ? backlog : ATM_BACKLOG_DEFAULT;
320 error = -sk->sk_err;
321 out:
322 release_sock(sk);
323 return error;
326 static int svc_accept(struct socket *sock, struct socket *newsock, int flags)
328 struct sock *sk = sock->sk;
329 struct sk_buff *skb;
330 struct atmsvc_msg *msg;
331 struct atm_vcc *old_vcc = ATM_SD(sock);
332 struct atm_vcc *new_vcc;
333 int error;
335 lock_sock(sk);
337 error = svc_create(sock_net(sk), newsock, 0, 0);
338 if (error)
339 goto out;
341 new_vcc = ATM_SD(newsock);
343 pr_debug("%p -> %p\n", old_vcc, new_vcc);
344 while (1) {
345 DEFINE_WAIT(wait);
347 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
348 while (!(skb = skb_dequeue(&sk->sk_receive_queue)) &&
349 sigd) {
350 if (test_bit(ATM_VF_RELEASED, &old_vcc->flags))
351 break;
352 if (test_bit(ATM_VF_CLOSE, &old_vcc->flags)) {
353 error = -sk->sk_err;
354 break;
356 if (flags & O_NONBLOCK) {
357 error = -EAGAIN;
358 break;
360 release_sock(sk);
361 schedule();
362 lock_sock(sk);
363 if (signal_pending(current)) {
364 error = -ERESTARTSYS;
365 break;
367 prepare_to_wait(sk_sleep(sk), &wait,
368 TASK_INTERRUPTIBLE);
370 finish_wait(sk_sleep(sk), &wait);
371 if (error)
372 goto out;
373 if (!skb) {
374 error = -EUNATCH;
375 goto out;
377 msg = (struct atmsvc_msg *)skb->data;
378 new_vcc->qos = msg->qos;
379 set_bit(ATM_VF_HASQOS, &new_vcc->flags);
380 new_vcc->remote = msg->svc;
381 new_vcc->local = msg->local;
382 new_vcc->sap = msg->sap;
383 error = vcc_connect(newsock, msg->pvc.sap_addr.itf,
384 msg->pvc.sap_addr.vpi,
385 msg->pvc.sap_addr.vci);
386 dev_kfree_skb(skb);
387 sk->sk_ack_backlog--;
388 if (error) {
389 sigd_enq2(NULL, as_reject, old_vcc, NULL, NULL,
390 &old_vcc->qos, error);
391 error = error == -EAGAIN ? -EBUSY : error;
392 goto out;
394 /* wait should be short, so we ignore the non-blocking flag */
395 set_bit(ATM_VF_WAITING, &new_vcc->flags);
396 prepare_to_wait(sk_sleep(sk_atm(new_vcc)), &wait,
397 TASK_UNINTERRUPTIBLE);
398 sigd_enq(new_vcc, as_accept, old_vcc, NULL, NULL);
399 while (test_bit(ATM_VF_WAITING, &new_vcc->flags) && sigd) {
400 release_sock(sk);
401 schedule();
402 lock_sock(sk);
403 prepare_to_wait(sk_sleep(sk_atm(new_vcc)), &wait,
404 TASK_UNINTERRUPTIBLE);
406 finish_wait(sk_sleep(sk_atm(new_vcc)), &wait);
407 if (!sigd) {
408 error = -EUNATCH;
409 goto out;
411 if (!sk_atm(new_vcc)->sk_err)
412 break;
413 if (sk_atm(new_vcc)->sk_err != ERESTARTSYS) {
414 error = -sk_atm(new_vcc)->sk_err;
415 goto out;
418 newsock->state = SS_CONNECTED;
419 out:
420 release_sock(sk);
421 return error;
424 static int svc_getname(struct socket *sock, struct sockaddr *sockaddr,
425 int *sockaddr_len, int peer)
427 struct sockaddr_atmsvc *addr;
429 *sockaddr_len = sizeof(struct sockaddr_atmsvc);
430 addr = (struct sockaddr_atmsvc *) sockaddr;
431 memcpy(addr, peer ? &ATM_SD(sock)->remote : &ATM_SD(sock)->local,
432 sizeof(struct sockaddr_atmsvc));
433 return 0;
436 int svc_change_qos(struct atm_vcc *vcc, struct atm_qos *qos)
438 struct sock *sk = sk_atm(vcc);
439 DEFINE_WAIT(wait);
441 set_bit(ATM_VF_WAITING, &vcc->flags);
442 prepare_to_wait(sk_sleep(sk), &wait, TASK_UNINTERRUPTIBLE);
443 sigd_enq2(vcc, as_modify, NULL, NULL, &vcc->local, qos, 0);
444 while (test_bit(ATM_VF_WAITING, &vcc->flags) &&
445 !test_bit(ATM_VF_RELEASED, &vcc->flags) && sigd) {
446 schedule();
447 prepare_to_wait(sk_sleep(sk), &wait, TASK_UNINTERRUPTIBLE);
449 finish_wait(sk_sleep(sk), &wait);
450 if (!sigd)
451 return -EUNATCH;
452 return -sk->sk_err;
455 static int svc_setsockopt(struct socket *sock, int level, int optname,
456 char __user *optval, unsigned int optlen)
458 struct sock *sk = sock->sk;
459 struct atm_vcc *vcc = ATM_SD(sock);
460 int value, error = 0;
462 lock_sock(sk);
463 switch (optname) {
464 case SO_ATMSAP:
465 if (level != SOL_ATM || optlen != sizeof(struct atm_sap)) {
466 error = -EINVAL;
467 goto out;
469 if (copy_from_user(&vcc->sap, optval, optlen)) {
470 error = -EFAULT;
471 goto out;
473 set_bit(ATM_VF_HASSAP, &vcc->flags);
474 break;
475 case SO_MULTIPOINT:
476 if (level != SOL_ATM || optlen != sizeof(int)) {
477 error = -EINVAL;
478 goto out;
480 if (get_user(value, (int __user *)optval)) {
481 error = -EFAULT;
482 goto out;
484 if (value == 1)
485 set_bit(ATM_VF_SESSION, &vcc->flags);
486 else if (value == 0)
487 clear_bit(ATM_VF_SESSION, &vcc->flags);
488 else
489 error = -EINVAL;
490 break;
491 default:
492 error = vcc_setsockopt(sock, level, optname, optval, optlen);
495 out:
496 release_sock(sk);
497 return error;
500 static int svc_getsockopt(struct socket *sock, int level, int optname,
501 char __user *optval, int __user *optlen)
503 struct sock *sk = sock->sk;
504 int error = 0, len;
506 lock_sock(sk);
507 if (!__SO_LEVEL_MATCH(optname, level) || optname != SO_ATMSAP) {
508 error = vcc_getsockopt(sock, level, optname, optval, optlen);
509 goto out;
511 if (get_user(len, optlen)) {
512 error = -EFAULT;
513 goto out;
515 if (len != sizeof(struct atm_sap)) {
516 error = -EINVAL;
517 goto out;
519 if (copy_to_user(optval, &ATM_SD(sock)->sap, sizeof(struct atm_sap))) {
520 error = -EFAULT;
521 goto out;
523 out:
524 release_sock(sk);
525 return error;
528 static int svc_addparty(struct socket *sock, struct sockaddr *sockaddr,
529 int sockaddr_len, int flags)
531 DEFINE_WAIT(wait);
532 struct sock *sk = sock->sk;
533 struct atm_vcc *vcc = ATM_SD(sock);
534 int error;
536 lock_sock(sk);
537 set_bit(ATM_VF_WAITING, &vcc->flags);
538 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
539 sigd_enq(vcc, as_addparty, NULL, NULL,
540 (struct sockaddr_atmsvc *) sockaddr);
541 if (flags & O_NONBLOCK) {
542 finish_wait(sk_sleep(sk), &wait);
543 error = -EINPROGRESS;
544 goto out;
546 pr_debug("added wait queue\n");
547 while (test_bit(ATM_VF_WAITING, &vcc->flags) && sigd) {
548 schedule();
549 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
551 finish_wait(sk_sleep(sk), &wait);
552 error = xchg(&sk->sk_err_soft, 0);
553 out:
554 release_sock(sk);
555 return error;
558 static int svc_dropparty(struct socket *sock, int ep_ref)
560 DEFINE_WAIT(wait);
561 struct sock *sk = sock->sk;
562 struct atm_vcc *vcc = ATM_SD(sock);
563 int error;
565 lock_sock(sk);
566 set_bit(ATM_VF_WAITING, &vcc->flags);
567 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
568 sigd_enq2(vcc, as_dropparty, NULL, NULL, NULL, NULL, ep_ref);
569 while (test_bit(ATM_VF_WAITING, &vcc->flags) && sigd) {
570 schedule();
571 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
573 finish_wait(sk_sleep(sk), &wait);
574 if (!sigd) {
575 error = -EUNATCH;
576 goto out;
578 error = xchg(&sk->sk_err_soft, 0);
579 out:
580 release_sock(sk);
581 return error;
584 static int svc_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
586 int error, ep_ref;
587 struct sockaddr_atmsvc sa;
588 struct atm_vcc *vcc = ATM_SD(sock);
590 switch (cmd) {
591 case ATM_ADDPARTY:
592 if (!test_bit(ATM_VF_SESSION, &vcc->flags))
593 return -EINVAL;
594 if (copy_from_user(&sa, (void __user *) arg, sizeof(sa)))
595 return -EFAULT;
596 error = svc_addparty(sock, (struct sockaddr *)&sa, sizeof(sa),
598 break;
599 case ATM_DROPPARTY:
600 if (!test_bit(ATM_VF_SESSION, &vcc->flags))
601 return -EINVAL;
602 if (copy_from_user(&ep_ref, (void __user *) arg, sizeof(int)))
603 return -EFAULT;
604 error = svc_dropparty(sock, ep_ref);
605 break;
606 default:
607 error = vcc_ioctl(sock, cmd, arg);
610 return error;
613 #ifdef CONFIG_COMPAT
614 static int svc_compat_ioctl(struct socket *sock, unsigned int cmd,
615 unsigned long arg)
617 /* The definition of ATM_ADDPARTY uses the size of struct atm_iobuf.
618 But actually it takes a struct sockaddr_atmsvc, which doesn't need
619 compat handling. So all we have to do is fix up cmd... */
620 if (cmd == COMPAT_ATM_ADDPARTY)
621 cmd = ATM_ADDPARTY;
623 if (cmd == ATM_ADDPARTY || cmd == ATM_DROPPARTY)
624 return svc_ioctl(sock, cmd, arg);
625 else
626 return vcc_compat_ioctl(sock, cmd, arg);
628 #endif /* CONFIG_COMPAT */
630 static const struct proto_ops svc_proto_ops = {
631 .family = PF_ATMSVC,
632 .owner = THIS_MODULE,
634 .release = svc_release,
635 .bind = svc_bind,
636 .connect = svc_connect,
637 .socketpair = sock_no_socketpair,
638 .accept = svc_accept,
639 .getname = svc_getname,
640 .poll = vcc_poll,
641 .ioctl = svc_ioctl,
642 #ifdef CONFIG_COMPAT
643 .compat_ioctl = svc_compat_ioctl,
644 #endif
645 .listen = svc_listen,
646 .shutdown = svc_shutdown,
647 .setsockopt = svc_setsockopt,
648 .getsockopt = svc_getsockopt,
649 .sendmsg = vcc_sendmsg,
650 .recvmsg = vcc_recvmsg,
651 .mmap = sock_no_mmap,
652 .sendpage = sock_no_sendpage,
656 static int svc_create(struct net *net, struct socket *sock, int protocol,
657 int kern)
659 int error;
661 if (!net_eq(net, &init_net))
662 return -EAFNOSUPPORT;
664 sock->ops = &svc_proto_ops;
665 error = vcc_create(net, sock, protocol, AF_ATMSVC);
666 if (error)
667 return error;
668 ATM_SD(sock)->local.sas_family = AF_ATMSVC;
669 ATM_SD(sock)->remote.sas_family = AF_ATMSVC;
670 return 0;
673 static const struct net_proto_family svc_family_ops = {
674 .family = PF_ATMSVC,
675 .create = svc_create,
676 .owner = THIS_MODULE,
681 * Initialize the ATM SVC protocol family
684 int __init atmsvc_init(void)
686 return sock_register(&svc_family_ops);
689 void atmsvc_exit(void)
691 sock_unregister(PF_ATMSVC);