1 /* krxsecd.c: Rx security daemon
3 * Copyright (C) 2002 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
11 * This daemon deals with:
12 * - consulting the application as to whether inbound peers and calls should be authorised
13 * - generating security challenges for inbound connections
14 * - responding to security challenges on outbound connections
17 #include <linux/module.h>
18 #include <linux/sched.h>
19 #include <linux/completion.h>
20 #include <linux/spinlock.h>
21 #include <linux/init.h>
22 #include <rxrpc/krxsecd.h>
23 #include <rxrpc/transport.h>
24 #include <rxrpc/connection.h>
25 #include <rxrpc/message.h>
26 #include <rxrpc/peer.h>
27 #include <rxrpc/call.h>
28 #include <linux/udp.h>
33 static DECLARE_WAIT_QUEUE_HEAD(rxrpc_krxsecd_sleepq);
34 static DECLARE_COMPLETION(rxrpc_krxsecd_dead);
35 static volatile int rxrpc_krxsecd_die;
37 static atomic_t rxrpc_krxsecd_qcount;
39 /* queue of unprocessed inbound messages with seqno #1 and
40 * RXRPC_CLIENT_INITIATED flag set */
41 static LIST_HEAD(rxrpc_krxsecd_initmsgq);
42 static spinlock_t rxrpc_krxsecd_initmsgq_lock = SPIN_LOCK_UNLOCKED;
44 static void rxrpc_krxsecd_process_incoming_call(struct rxrpc_message *msg);
46 /*****************************************************************************/
50 static int rxrpc_krxsecd(void *arg)
52 DECLARE_WAITQUEUE(krxsecd, current);
56 printk("Started krxsecd %d\n", current->pid);
60 /* loop around waiting for work to do */
62 /* wait for work or to be told to exit */
63 _debug("### Begin Wait");
64 if (!atomic_read(&rxrpc_krxsecd_qcount)) {
65 set_current_state(TASK_INTERRUPTIBLE);
67 add_wait_queue(&rxrpc_krxsecd_sleepq, &krxsecd);
70 set_current_state(TASK_INTERRUPTIBLE);
71 if (atomic_read(&rxrpc_krxsecd_qcount) ||
73 signal_pending(current))
79 remove_wait_queue(&rxrpc_krxsecd_sleepq, &krxsecd);
80 set_current_state(TASK_RUNNING);
82 die = rxrpc_krxsecd_die;
83 _debug("### End Wait");
85 /* see if there're incoming calls in need of authenticating */
86 _debug("### Begin Inbound Calls");
88 if (!list_empty(&rxrpc_krxsecd_initmsgq)) {
89 struct rxrpc_message *msg = NULL;
91 spin_lock(&rxrpc_krxsecd_initmsgq_lock);
93 if (!list_empty(&rxrpc_krxsecd_initmsgq)) {
94 msg = list_entry(rxrpc_krxsecd_initmsgq.next,
95 struct rxrpc_message, link);
96 list_del_init(&msg->link);
97 atomic_dec(&rxrpc_krxsecd_qcount);
100 spin_unlock(&rxrpc_krxsecd_initmsgq_lock);
103 rxrpc_krxsecd_process_incoming_call(msg);
104 rxrpc_put_message(msg);
108 _debug("### End Inbound Calls");
110 /* discard pending signals */
111 rxrpc_discard_my_signals();
116 complete_and_exit(&rxrpc_krxsecd_dead, 0);
118 } /* end rxrpc_krxsecd() */
120 /*****************************************************************************/
122 * start up a krxsecd daemon
124 int __init rxrpc_krxsecd_init(void)
126 return kernel_thread(rxrpc_krxsecd, NULL, 0);
128 } /* end rxrpc_krxsecd_init() */
130 /*****************************************************************************/
132 * kill the krxsecd daemon and wait for it to complete
134 void rxrpc_krxsecd_kill(void)
136 rxrpc_krxsecd_die = 1;
137 wake_up_all(&rxrpc_krxsecd_sleepq);
138 wait_for_completion(&rxrpc_krxsecd_dead);
140 } /* end rxrpc_krxsecd_kill() */
142 /*****************************************************************************/
144 * clear all pending incoming calls for the specified transport
146 void rxrpc_krxsecd_clear_transport(struct rxrpc_transport *trans)
150 struct rxrpc_message *msg;
151 struct list_head *_p, *_n;
155 /* move all the messages for this transport onto a temp list */
156 spin_lock(&rxrpc_krxsecd_initmsgq_lock);
158 list_for_each_safe(_p, _n, &rxrpc_krxsecd_initmsgq) {
159 msg = list_entry(_p, struct rxrpc_message, link);
160 if (msg->trans == trans) {
161 list_del(&msg->link);
162 list_add_tail(&msg->link, &tmp);
163 atomic_dec(&rxrpc_krxsecd_qcount);
167 spin_unlock(&rxrpc_krxsecd_initmsgq_lock);
169 /* zap all messages on the temp list */
170 while (!list_empty(&tmp)) {
171 msg = list_entry(tmp.next, struct rxrpc_message, link);
172 list_del_init(&msg->link);
173 rxrpc_put_message(msg);
177 } /* end rxrpc_krxsecd_clear_transport() */
179 /*****************************************************************************/
181 * queue a message on the incoming calls list
183 void rxrpc_krxsecd_queue_incoming_call(struct rxrpc_message *msg)
187 /* queue for processing by krxsecd */
188 spin_lock(&rxrpc_krxsecd_initmsgq_lock);
190 if (!rxrpc_krxsecd_die) {
191 rxrpc_get_message(msg);
192 list_add_tail(&msg->link, &rxrpc_krxsecd_initmsgq);
193 atomic_inc(&rxrpc_krxsecd_qcount);
196 spin_unlock(&rxrpc_krxsecd_initmsgq_lock);
198 wake_up(&rxrpc_krxsecd_sleepq);
201 } /* end rxrpc_krxsecd_queue_incoming_call() */
203 /*****************************************************************************/
205 * process the initial message of an incoming call
207 void rxrpc_krxsecd_process_incoming_call(struct rxrpc_message *msg)
209 struct rxrpc_transport *trans = msg->trans;
210 struct rxrpc_service *srv;
211 struct rxrpc_call *call;
212 struct list_head *_p;
216 _enter("%p{tr=%p}", msg, trans);
218 ret = rxrpc_incoming_call(msg->conn, msg, &call);
222 /* find the matching service on the transport */
223 sid = ntohs(msg->hdr.serviceId);
226 spin_lock(&trans->lock);
227 list_for_each(_p, &trans->services) {
228 srv = list_entry(_p, struct rxrpc_service, link);
229 if (srv->service_id == sid && try_module_get(srv->owner)) {
230 /* found a match (made sure it won't vanish) */
231 _debug("found service '%s'", srv->name);
232 call->owner = srv->owner;
236 spin_unlock(&trans->lock);
238 /* report the new connection
239 * - the func must inc the call's usage count to keep it
242 if (_p != &trans->services) {
243 /* attempt to accept the call */
244 call->conn->service = srv;
245 call->app_attn_func = srv->attn_func;
246 call->app_error_func = srv->error_func;
247 call->app_aemap_func = srv->aemap_func;
249 ret = srv->new_call(call);
251 /* send an abort if an error occurred */
253 rxrpc_call_abort(call, ret);
256 /* formally receive and ACK the new packet */
257 ret = rxrpc_conn_receive_call_packet(call->conn,
262 rxrpc_put_call(call);
265 rxrpc_trans_immediate_abort(trans, msg, ret);
267 _leave(" (%d)", ret);
268 } /* end rxrpc_krxsecd_process_incoming_call() */