[mirror_ubuntu-bionic-kernel.git] / net / rxrpc / local_object.c

/* Local endpoint object management
 *
 * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public Licence
 * as published by the Free Software Foundation; either version
 * 2 of the Licence, or (at your option) any later version.
 */

#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt

#include <linux/module.h>
#include <linux/net.h>
#include <linux/skbuff.h>
#include <linux/slab.h>
#include <linux/udp.h>
#include <linux/ip.h>
#include <linux/hashtable.h>
#include <net/sock.h>
#include <net/af_rxrpc.h>
#include "ar-internal.h"

static void rxrpc_local_processor(struct work_struct *);
static void rxrpc_local_rcu(struct rcu_head *);

/*
 * Compare a local to an address.  Return -ve, 0 or +ve to indicate less than,
 * same or greater than.
 *
 * We explicitly don't compare the RxRPC service ID as we want to reject
 * conflicting uses by differing services.  Further, we don't want to share
 * addresses with different options (IPv6), so we don't compare those bits
 * either.
 */
static long rxrpc_local_cmp_key(const struct rxrpc_local *local,
				const struct sockaddr_rxrpc *srx)
{
	long diff;

	diff = ((local->srx.transport_type - srx->transport_type) ?:
		(local->srx.transport_len - srx->transport_len) ?:
		(local->srx.transport.family - srx->transport.family));
	if (diff != 0)
		return diff;

	switch (srx->transport.family) {
	case AF_INET:
		/* If the choice of UDP port is left up to the transport, then
		 * the endpoint record doesn't match.
		 */
		return ((u16 __force)local->srx.transport.sin.sin_port -
			(u16 __force)srx->transport.sin.sin_port) ?:
			memcmp(&local->srx.transport.sin.sin_addr,
			       &srx->transport.sin.sin_addr,
			       sizeof(struct in_addr));
#ifdef CONFIG_AF_RXRPC_IPV6
	case AF_INET6:
		/* If the choice of UDP6 port is left up to the transport, then
		 * the endpoint record doesn't match.
		 */
		return ((u16 __force)local->srx.transport.sin6.sin6_port -
			(u16 __force)srx->transport.sin6.sin6_port) ?:
			memcmp(&local->srx.transport.sin6.sin6_addr,
			       &srx->transport.sin6.sin6_addr,
			       sizeof(struct in6_addr));
#endif
	default:
		BUG();
	}
}

/*
 * Allocate a new local endpoint.
 */
static struct rxrpc_local *rxrpc_alloc_local(struct rxrpc_net *rxnet,
					     const struct sockaddr_rxrpc *srx)
{
	struct rxrpc_local *local;

	local = kzalloc(sizeof(struct rxrpc_local), GFP_KERNEL);
	if (local) {
		atomic_set(&local->usage, 1);
		local->rxnet = rxnet;
		INIT_LIST_HEAD(&local->link);
		INIT_WORK(&local->processor, rxrpc_local_processor);
		init_rwsem(&local->defrag_sem);
		skb_queue_head_init(&local->reject_queue);
		skb_queue_head_init(&local->event_queue);
		local->client_conns = RB_ROOT;
		spin_lock_init(&local->client_conns_lock);
		spin_lock_init(&local->lock);
		rwlock_init(&local->services_lock);
		local->debug_id = atomic_inc_return(&rxrpc_debug_id);
		memcpy(&local->srx, srx, sizeof(*srx));
		local->srx.srx_service = 0;
	}

	_leave(" = %p", local);
	return local;
}

/*
 * create the local socket
 * - must be called with rxrpc_local_mutex locked
 */
static int rxrpc_open_socket(struct rxrpc_local *local, struct net *net)
{
	struct sock *sock;
	int ret, opt;

	_enter("%p{%d,%d}",
	       local, local->srx.transport_type, local->srx.transport.family);

	/* create a socket to represent the local endpoint */
	ret = sock_create_kern(net, local->srx.transport.family,
			       local->srx.transport_type, 0, &local->socket);
	if (ret < 0) {
		_leave(" = %d [socket]", ret);
		return ret;
	}

	/* if a local address was supplied then bind it */
	if (local->srx.transport_len > sizeof(sa_family_t)) {
		_debug("bind");
		ret = kernel_bind(local->socket,
				  (struct sockaddr *)&local->srx.transport,
				  local->srx.transport_len);
		if (ret < 0) {
			_debug("bind failed %d", ret);
			goto error;
		}
	}

	switch (local->srx.transport.family) {
	case AF_INET6:
		/* we want to receive ICMPv6 errors */
		opt = 1;
		ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_RECVERR,
					(char *) &opt, sizeof(opt));
		if (ret < 0) {
			_debug("setsockopt failed");
			goto error;
		}

		/* we want to set the don't fragment bit */
		opt = IPV6_PMTUDISC_DO;
		ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_MTU_DISCOVER,
					(char *) &opt, sizeof(opt));
		if (ret < 0) {
			_debug("setsockopt failed");
			goto error;
		}

		/* Fall through and set IPv4 options too otherwise we don't get
		 * errors from IPv4 packets sent through the IPv6 socket.
		 */

	case AF_INET:
		/* we want to receive ICMP errors */
		opt = 1;
		ret = kernel_setsockopt(local->socket, SOL_IP, IP_RECVERR,
					(char *) &opt, sizeof(opt));
		if (ret < 0) {
			_debug("setsockopt failed");
			goto error;
		}

		/* we want to set the don't fragment bit */
		opt = IP_PMTUDISC_DO;
		ret = kernel_setsockopt(local->socket, SOL_IP, IP_MTU_DISCOVER,
					(char *) &opt, sizeof(opt));
		if (ret < 0) {
			_debug("setsockopt failed");
			goto error;
		}
		break;

	default:
		BUG();
	}

	/* set the socket up */
	sock = local->socket->sk;
	sock->sk_user_data	= local;
	sock->sk_data_ready	= rxrpc_data_ready;
	sock->sk_error_report	= rxrpc_error_report;
	_leave(" = 0");
	return 0;

error:
	kernel_sock_shutdown(local->socket, SHUT_RDWR);
	local->socket->sk->sk_user_data = NULL;
	sock_release(local->socket);
	local->socket = NULL;

	_leave(" = %d", ret);
	return ret;
}

/*
 * Look up or create a new local endpoint using the specified local address.
 */
struct rxrpc_local *rxrpc_lookup_local(struct net *net,
				       const struct sockaddr_rxrpc *srx)
{
	struct rxrpc_local *local;
	struct rxrpc_net *rxnet = rxrpc_net(net);
	struct list_head *cursor;
	const char *age;
	long diff;
	int ret;

	_enter("{%d,%d,%pISp}",
	       srx->transport_type, srx->transport.family, &srx->transport);

	mutex_lock(&rxnet->local_mutex);

	for (cursor = rxnet->local_endpoints.next;
	     cursor != &rxnet->local_endpoints;
	     cursor = cursor->next) {
		local = list_entry(cursor, struct rxrpc_local, link);

		diff = rxrpc_local_cmp_key(local, srx);
		if (diff < 0)
			continue;
		if (diff > 0)
			break;

		/* Services aren't allowed to share transport sockets, so
		 * reject that here.  It is possible that the object is dying -
		 * but it may also still have the local transport address that
		 * we want bound.
		 */
		if (srx->srx_service) {
			local = NULL;
			goto addr_in_use;
		}

		/* Found a match.  We replace a dying object.  Attempting to
		 * bind the transport socket may still fail if we're attempting
		 * to use a local address that the dying object is still using.
		 */
		if (!rxrpc_get_local_maybe(local)) {
			cursor = cursor->next;
			list_del_init(&local->link);
			break;
		}

		age = "old";
		goto found;
	}

	local = rxrpc_alloc_local(rxnet, srx);
	if (!local)
		goto nomem;

	ret = rxrpc_open_socket(local, net);
	if (ret < 0)
		goto sock_error;

	list_add_tail(&local->link, cursor);
	age = "new";

found:
	mutex_unlock(&rxnet->local_mutex);

	_net("LOCAL %s %d {%pISp}",
	     age, local->debug_id, &local->srx.transport);

	_leave(" = %p", local);
	return local;

nomem:
	ret = -ENOMEM;
sock_error:
	mutex_unlock(&rxnet->local_mutex);
	kfree(local);
	_leave(" = %d", ret);
	return ERR_PTR(ret);

addr_in_use:
	mutex_unlock(&rxnet->local_mutex);
	_leave(" = -EADDRINUSE");
	return ERR_PTR(-EADDRINUSE);
}

/*
 * A local endpoint reached its end of life.
 */
void __rxrpc_put_local(struct rxrpc_local *local)
{
	_enter("%d", local->debug_id);
	rxrpc_queue_work(&local->processor);
}

/*
 * Destroy a local endpoint's socket and then hand the record to RCU to dispose
 * of.
 *
 * Closing the socket cannot be done from bottom half context or RCU callback
 * context because it might sleep.
 */
static void rxrpc_local_destroyer(struct rxrpc_local *local)
{
	struct socket *socket = local->socket;
	struct rxrpc_net *rxnet = local->rxnet;

	_enter("%d", local->debug_id);

	/* We can get a race between an incoming call packet queueing the
	 * processor again and the work processor starting the destruction
	 * process which will shut down the UDP socket.
	 */
	if (local->dead) {
		_leave(" [already dead]");
		return;
	}
	local->dead = true;

	mutex_lock(&rxnet->local_mutex);
	list_del_init(&local->link);
	mutex_unlock(&rxnet->local_mutex);

	ASSERT(RB_EMPTY_ROOT(&local->client_conns));
	ASSERT(!local->service);

	if (socket) {
		local->socket = NULL;
		kernel_sock_shutdown(socket, SHUT_RDWR);
		socket->sk->sk_user_data = NULL;
		sock_release(socket);
	}

	/* At this point, there should be no more packets coming in to the
	 * local endpoint.
	 */
	rxrpc_purge_queue(&local->reject_queue);
	rxrpc_purge_queue(&local->event_queue);

	_debug("rcu local %d", local->debug_id);
	call_rcu(&local->rcu, rxrpc_local_rcu);
}

/*
 * Process events on an endpoint
 */
static void rxrpc_local_processor(struct work_struct *work)
{
	struct rxrpc_local *local =
		container_of(work, struct rxrpc_local, processor);
	bool again;

	_enter("%d", local->debug_id);

	do {
		again = false;
		if (atomic_read(&local->usage) == 0)
			return rxrpc_local_destroyer(local);

		if (!skb_queue_empty(&local->reject_queue)) {
			rxrpc_reject_packets(local);
			again = true;
		}

		if (!skb_queue_empty(&local->event_queue)) {
			rxrpc_process_local_events(local);
			again = true;
		}
	} while (again);
}

/*
 * Destroy a local endpoint after the RCU grace period expires.
 */
static void rxrpc_local_rcu(struct rcu_head *rcu)
{
	struct rxrpc_local *local = container_of(rcu, struct rxrpc_local, rcu);

	_enter("%d", local->debug_id);

	ASSERT(!work_pending(&local->processor));

	_net("DESTROY LOCAL %d", local->debug_id);
	kfree(local);
	_leave("");
}

/*
 * Verify the local endpoint list is empty by this point.
 */
void rxrpc_destroy_all_locals(struct rxrpc_net *rxnet)
{
	struct rxrpc_local *local;

	_enter("");

	flush_workqueue(rxrpc_workqueue);

	if (!list_empty(&rxnet->local_endpoints)) {
		mutex_lock(&rxnet->local_mutex);
		list_for_each_entry(local, &rxnet->local_endpoints, link) {
			pr_err("AF_RXRPC: Leaked local %p {%d}\n",
			       local, atomic_read(&local->usage));
		}
		mutex_unlock(&rxnet->local_mutex);
		BUG();
	}
}
Commit	Line	Data
87563616	1	/* Local endpoint object management
17926a79	2	*
4f95dd78	3	* Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
17926a79 DH	4	* Written by David Howells (dhowells@redhat.com)
	5	*
	6	* This program is free software; you can redistribute it and/or
87563616	7	* modify it under the terms of the GNU General Public Licence
17926a79	8	* as published by the Free Software Foundation; either version
87563616	9	* 2 of the Licence, or (at your option) any later version.
17926a79 DH	10	*/
17926a79 DH	11
9b6d5398 JP	12	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9b6d5398 JP	13
17926a79 DH	14	#include <linux/module.h>
	15	#include <linux/net.h>
	16	#include <linux/skbuff.h>
5a0e3ad6	17	#include <linux/slab.h>
44ba0698 DH	18	#include <linux/udp.h>
44ba0698 DH	19	#include <linux/ip.h>
4f95dd78	20	#include <linux/hashtable.h>
17926a79 DH	21	#include <net/sock.h>
	22	#include <net/af_rxrpc.h>
	23	#include "ar-internal.h"
	24
4f95dd78 DH	25	static void rxrpc_local_processor(struct work_struct *);
4f95dd78 DH	26	static void rxrpc_local_rcu(struct rcu_head *);
17926a79	27
17926a79	28	/*
4f95dd78 DH	29	* Compare a local to an address. Return -ve, 0 or +ve to indicate less than,
	30	* same or greater than.
	31	*
	32	* We explicitly don't compare the RxRPC service ID as we want to reject
	33	* conflicting uses by differing services. Further, we don't want to share
	34	* addresses with different options (IPv6), so we don't compare those bits
	35	* either.
17926a79	36	*/
4f95dd78 DH	37	static long rxrpc_local_cmp_key(const struct rxrpc_local *local,
	38	const struct sockaddr_rxrpc *srx)
	39	{
	40	long diff;
	41
	42	diff = ((local->srx.transport_type - srx->transport_type) ?:
	43	(local->srx.transport_len - srx->transport_len) ?:
	44	(local->srx.transport.family - srx->transport.family));
	45	if (diff != 0)
	46	return diff;
	47
	48	switch (srx->transport.family) {
	49	case AF_INET:
	50	/* If the choice of UDP port is left up to the transport, then
	51	* the endpoint record doesn't match.
	52	*/
	53	return ((u16 __force)local->srx.transport.sin.sin_port -
	54	(u16 __force)srx->transport.sin.sin_port) ?:
	55	memcmp(&local->srx.transport.sin.sin_addr,
	56	&srx->transport.sin.sin_addr,
	57	sizeof(struct in_addr));
d1912747	58	#ifdef CONFIG_AF_RXRPC_IPV6
75b54cb5 DH	59	case AF_INET6:
	60	/* If the choice of UDP6 port is left up to the transport, then
	61	* the endpoint record doesn't match.
	62	*/
	63	return ((u16 __force)local->srx.transport.sin6.sin6_port -
	64	(u16 __force)srx->transport.sin6.sin6_port) ?:
	65	memcmp(&local->srx.transport.sin6.sin6_addr,
	66	&srx->transport.sin6.sin6_addr,
	67	sizeof(struct in6_addr));
d1912747	68	#endif
4f95dd78 DH	69	default:
	70	BUG();
	71	}
	72	}
	73
	74	/*
	75	* Allocate a new local endpoint.
	76	*/
2baec2c3 DH	77	static struct rxrpc_local rxrpc_alloc_local(struct rxrpc_net rxnet,
2baec2c3 DH	78	const struct sockaddr_rxrpc *srx)
17926a79 DH	79	{
	80	struct rxrpc_local *local;
	81
	82	local = kzalloc(sizeof(struct rxrpc_local), GFP_KERNEL);
	83	if (local) {
4f95dd78	84	atomic_set(&local->usage, 1);
2baec2c3	85	local->rxnet = rxnet;
17926a79	86	INIT_LIST_HEAD(&local->link);
4f95dd78	87	INIT_WORK(&local->processor, rxrpc_local_processor);
17926a79	88	init_rwsem(&local->defrag_sem);
17926a79	89	skb_queue_head_init(&local->reject_queue);
44ba0698	90	skb_queue_head_init(&local->event_queue);
999b69f8 DH	91	local->client_conns = RB_ROOT;
999b69f8 DH	92	spin_lock_init(&local->client_conns_lock);
17926a79 DH	93	spin_lock_init(&local->lock);
17926a79 DH	94	rwlock_init(&local->services_lock);
17926a79 DH	95	local->debug_id = atomic_inc_return(&rxrpc_debug_id);
17926a79 DH	96	memcpy(&local->srx, srx, sizeof(*srx));
28036f44	97	local->srx.srx_service = 0;
17926a79 DH	98	}
	99
	100	_leave(" = %p", local);
	101	return local;
	102	}
	103
	104	/*
	105	* create the local socket
4f95dd78	106	* - must be called with rxrpc_local_mutex locked
17926a79	107	*/
2baec2c3	108	static int rxrpc_open_socket(struct rxrpc_local local, struct net net)
17926a79 DH	109	{
	110	struct sock *sock;
	111	int ret, opt;
	112
75b54cb5 DH	113	_enter("%p{%d,%d}",
75b54cb5 DH	114	local, local->srx.transport_type, local->srx.transport.family);
17926a79 DH	115
17926a79 DH	116	/* create a socket to represent the local endpoint */
2baec2c3	117	ret = sock_create_kern(net, local->srx.transport.family,
aaa31cbc	118	local->srx.transport_type, 0, &local->socket);
17926a79 DH	119	if (ret < 0) {
	120	_leave(" = %d [socket]", ret);
	121	return ret;
	122	}
	123
	124	/* if a local address was supplied then bind it */
	125	if (local->srx.transport_len > sizeof(sa_family_t)) {
	126	_debug("bind");
	127	ret = kernel_bind(local->socket,
4f95dd78	128	(struct sockaddr *)&local->srx.transport,
17926a79 DH	129	local->srx.transport_len);
17926a79 DH	130	if (ret < 0) {
4f95dd78	131	_debug("bind failed %d", ret);
17926a79 DH	132	goto error;
	133	}
	134	}
	135
c7dc828f	136	switch (local->srx.transport.family) {
9fff0211 DH	137	case AF_INET6:
9fff0211 DH	138	/* we want to receive ICMPv6 errors */
c7dc828f	139	opt = 1;
9fff0211	140	ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_RECVERR,
c7dc828f DH	141	(char *) &opt, sizeof(opt));
	142	if (ret < 0) {
	143	_debug("setsockopt failed");
	144	goto error;
	145	}
17926a79	146
c7dc828f	147	/* we want to set the don't fragment bit */
9fff0211 DH	148	opt = IPV6_PMTUDISC_DO;
9fff0211 DH	149	ret = kernel_setsockopt(local->socket, SOL_IPV6, IPV6_MTU_DISCOVER,
c7dc828f DH	150	(char *) &opt, sizeof(opt));
	151	if (ret < 0) {
	152	_debug("setsockopt failed");
	153	goto error;
	154	}
c7dc828f	155
9fff0211 DH	156	/* Fall through and set IPv4 options too otherwise we don't get
	157	* errors from IPv4 packets sent through the IPv6 socket.
	158	*/
	159
	160	case AF_INET:
c7dc828f DH	161	/* we want to receive ICMP errors */
c7dc828f DH	162	opt = 1;
9fff0211	163	ret = kernel_setsockopt(local->socket, SOL_IP, IP_RECVERR,
c7dc828f DH	164	(char *) &opt, sizeof(opt));
	165	if (ret < 0) {
	166	_debug("setsockopt failed");
	167	goto error;
	168	}
	169
	170	/* we want to set the don't fragment bit */
9fff0211 DH	171	opt = IP_PMTUDISC_DO;
9fff0211 DH	172	ret = kernel_setsockopt(local->socket, SOL_IP, IP_MTU_DISCOVER,
c7dc828f DH	173	(char *) &opt, sizeof(opt));
	174	if (ret < 0) {
	175	_debug("setsockopt failed");
	176	goto error;
	177	}
	178	break;
	179
	180	default:
	181	BUG();
17926a79 DH	182	}
17926a79 DH	183
17926a79 DH	184	/* set the socket up */
	185	sock = local->socket->sk;
	186	sock->sk_user_data = local;
	187	sock->sk_data_ready = rxrpc_data_ready;
abe89ef0	188	sock->sk_error_report = rxrpc_error_report;
17926a79 DH	189	_leave(" = 0");
	190	return 0;
	191
	192	error:
91cf45f0	193	kernel_sock_shutdown(local->socket, SHUT_RDWR);
17926a79 DH	194	local->socket->sk->sk_user_data = NULL;
	195	sock_release(local->socket);
	196	local->socket = NULL;
	197
	198	_leave(" = %d", ret);
	199	return ret;
	200	}
	201
	202	/*
4f95dd78	203	* Look up or create a new local endpoint using the specified local address.
17926a79	204	*/
2baec2c3 DH	205	struct rxrpc_local rxrpc_lookup_local(struct net net,
2baec2c3 DH	206	const struct sockaddr_rxrpc *srx)
17926a79 DH	207	{
17926a79 DH	208	struct rxrpc_local *local;
2baec2c3	209	struct rxrpc_net *rxnet = rxrpc_net(net);
4f95dd78 DH	210	struct list_head *cursor;
	211	const char *age;
	212	long diff;
17926a79 DH	213	int ret;
17926a79 DH	214
75b54cb5 DH	215	_enter("{%d,%d,%pISp}",
75b54cb5 DH	216	srx->transport_type, srx->transport.family, &srx->transport);
17926a79	217
2baec2c3	218	mutex_lock(&rxnet->local_mutex);
17926a79	219
2baec2c3 DH	220	for (cursor = rxnet->local_endpoints.next;
2baec2c3 DH	221	cursor != &rxnet->local_endpoints;
4f95dd78 DH	222	cursor = cursor->next) {
4f95dd78 DH	223	local = list_entry(cursor, struct rxrpc_local, link);
17926a79	224
4f95dd78 DH	225	diff = rxrpc_local_cmp_key(local, srx);
4f95dd78 DH	226	if (diff < 0)
17926a79	227	continue;
4f95dd78 DH	228	if (diff > 0)
	229	break;
	230
	231	/* Services aren't allowed to share transport sockets, so
	232	* reject that here. It is possible that the object is dying -
	233	* but it may also still have the local transport address that
	234	* we want bound.
	235	*/
	236	if (srx->srx_service) {
	237	local = NULL;
	238	goto addr_in_use;
	239	}
17926a79	240
4f95dd78 DH	241	/* Found a match. We replace a dying object. Attempting to
	242	* bind the transport socket may still fail if we're attempting
	243	* to use a local address that the dying object is still using.
	244	*/
5627cc8b	245	if (!rxrpc_get_local_maybe(local)) {
4f95dd78 DH	246	cursor = cursor->next;
	247	list_del_init(&local->link);
	248	break;
17926a79	249	}
17926a79	250
4f95dd78 DH	251	age = "old";
	252	goto found;
	253	}
17926a79	254
2baec2c3	255	local = rxrpc_alloc_local(rxnet, srx);
4f95dd78 DH	256	if (!local)
4f95dd78 DH	257	goto nomem;
17926a79	258
2baec2c3	259	ret = rxrpc_open_socket(local, net);
4f95dd78 DH	260	if (ret < 0)
	261	goto sock_error;
	262
	263	list_add_tail(&local->link, cursor);
	264	age = "new";
17926a79	265
4f95dd78	266	found:
2baec2c3	267	mutex_unlock(&rxnet->local_mutex);
17926a79	268
75b54cb5 DH	269	_net("LOCAL %s %d {%pISp}",
75b54cb5 DH	270	age, local->debug_id, &local->srx.transport);
17926a79	271
4f95dd78	272	_leave(" = %p", local);
17926a79 DH	273	return local;
17926a79 DH	274
4f95dd78 DH	275	nomem:
	276	ret = -ENOMEM;
	277	sock_error:
2baec2c3	278	mutex_unlock(&rxnet->local_mutex);
4f95dd78 DH	279	kfree(local);
	280	_leave(" = %d", ret);
	281	return ERR_PTR(ret);
17926a79	282
4f95dd78	283	addr_in_use:
2baec2c3	284	mutex_unlock(&rxnet->local_mutex);
4f95dd78 DH	285	_leave(" = -EADDRINUSE");
	286	return ERR_PTR(-EADDRINUSE);
	287	}
17926a79	288
4f95dd78 DH	289	/*
	290	* A local endpoint reached its end of life.
	291	*/
	292	void __rxrpc_put_local(struct rxrpc_local *local)
	293	{
	294	_enter("%d", local->debug_id);
	295	rxrpc_queue_work(&local->processor);
17926a79 DH	296	}
	297
	298	/*
4f95dd78 DH	299	* Destroy a local endpoint's socket and then hand the record to RCU to dispose
	300	* of.
	301	*
	302	* Closing the socket cannot be done from bottom half context or RCU callback
	303	* context because it might sleep.
17926a79	304	*/
4f95dd78	305	static void rxrpc_local_destroyer(struct rxrpc_local *local)
17926a79	306	{
4f95dd78	307	struct socket *socket = local->socket;
2baec2c3	308	struct rxrpc_net *rxnet = local->rxnet;
17926a79	309
4f95dd78	310	_enter("%d", local->debug_id);
17926a79	311
4f95dd78 DH	312	/* We can get a race between an incoming call packet queueing the
	313	* processor again and the work processor starting the destruction
	314	* process which will shut down the UDP socket.
	315	*/
	316	if (local->dead) {
	317	_leave(" [already dead]");
	318	return;
17926a79	319	}
4f95dd78 DH	320	local->dead = true;
4f95dd78 DH	321
2baec2c3	322	mutex_lock(&rxnet->local_mutex);
4f95dd78	323	list_del_init(&local->link);
2baec2c3	324	mutex_unlock(&rxnet->local_mutex);
4f95dd78	325
999b69f8	326	ASSERT(RB_EMPTY_ROOT(&local->client_conns));
1e9e5c95	327	ASSERT(!local->service);
4f95dd78 DH	328
	329	if (socket) {
	330	local->socket = NULL;
	331	kernel_sock_shutdown(socket, SHUT_RDWR);
	332	socket->sk->sk_user_data = NULL;
	333	sock_release(socket);
	334	}
	335
	336	/* At this point, there should be no more packets coming in to the
	337	* local endpoint.
	338	*/
4f95dd78 DH	339	rxrpc_purge_queue(&local->reject_queue);
	340	rxrpc_purge_queue(&local->event_queue);
	341
	342	_debug("rcu local %d", local->debug_id);
	343	call_rcu(&local->rcu, rxrpc_local_rcu);
17926a79 DH	344	}
	345
	346	/*
4f95dd78	347	* Process events on an endpoint
17926a79	348	*/
4f95dd78	349	static void rxrpc_local_processor(struct work_struct *work)
17926a79 DH	350	{
17926a79 DH	351	struct rxrpc_local *local =
4f95dd78 DH	352	container_of(work, struct rxrpc_local, processor);
4f95dd78 DH	353	bool again;
17926a79	354
4f95dd78	355	_enter("%d", local->debug_id);
17926a79	356
4f95dd78 DH	357	do {
	358	again = false;
	359	if (atomic_read(&local->usage) == 0)
	360	return rxrpc_local_destroyer(local);
17926a79	361
4f95dd78 DH	362	if (!skb_queue_empty(&local->reject_queue)) {
	363	rxrpc_reject_packets(local);
	364	again = true;
	365	}
17926a79	366
4f95dd78 DH	367	if (!skb_queue_empty(&local->event_queue)) {
	368	rxrpc_process_local_events(local);
	369	again = true;
	370	}
	371	} while (again);
	372	}
17926a79	373
4f95dd78 DH	374	/*
	375	* Destroy a local endpoint after the RCU grace period expires.
	376	*/
	377	static void rxrpc_local_rcu(struct rcu_head *rcu)
	378	{
	379	struct rxrpc_local *local = container_of(rcu, struct rxrpc_local, rcu);
17926a79	380
4f95dd78	381	_enter("%d", local->debug_id);
17926a79	382
4f95dd78	383	ASSERT(!work_pending(&local->processor));
17926a79 DH	384
	385	_net("DESTROY LOCAL %d", local->debug_id);
	386	kfree(local);
17926a79 DH	387	_leave("");
	388	}
	389
	390	/*
4f95dd78	391	* Verify the local endpoint list is empty by this point.
17926a79	392	*/
2baec2c3	393	void rxrpc_destroy_all_locals(struct rxrpc_net *rxnet)
17926a79	394	{
4f95dd78	395	struct rxrpc_local *local;
17926a79 DH	396
	397	_enter("");
	398
dee46364	399	flush_workqueue(rxrpc_workqueue);
17926a79	400
2baec2c3 DH	401	if (!list_empty(&rxnet->local_endpoints)) {
	402	mutex_lock(&rxnet->local_mutex);
	403	list_for_each_entry(local, &rxnet->local_endpoints, link) {
dee46364 DH	404	pr_err("AF_RXRPC: Leaked local %p {%d}\n",
	405	local, atomic_read(&local->usage));
	406	}
2baec2c3	407	mutex_unlock(&rxnet->local_mutex);
dee46364	408	BUG();
17926a79	409	}
17926a79	410	}