2019-05-27 13:55:01 +07:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
2005-04-17 05:20:36 +07:00
|
|
|
/* packet.h: Rx packet layout and definitions
|
|
|
|
*
|
2007-04-27 05:55:48 +07:00
|
|
|
* Copyright (C) 2002, 2007 Red Hat, Inc. All Rights Reserved.
|
2005-04-17 05:20:36 +07:00
|
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef _LINUX_RXRPC_PACKET_H
|
|
|
|
#define _LINUX_RXRPC_PACKET_H
|
|
|
|
|
2007-04-27 05:55:48 +07:00
|
|
|
typedef u32 rxrpc_seq_t; /* Rx message sequence number */
|
|
|
|
typedef u32 rxrpc_serial_t; /* Rx message serial number */
|
|
|
|
typedef __be32 rxrpc_seq_net_t; /* on-the-wire Rx message sequence number */
|
|
|
|
typedef __be32 rxrpc_serial_net_t; /* on-the-wire Rx message serial number */
|
2005-04-17 05:20:36 +07:00
|
|
|
|
|
|
|
/*****************************************************************************/
|
|
|
|
/*
|
|
|
|
* on-the-wire Rx packet header
|
|
|
|
* - all multibyte fields should be in network byte order
|
|
|
|
*/
|
2016-03-04 22:53:46 +07:00
|
|
|
struct rxrpc_wire_header {
|
2005-04-17 05:20:36 +07:00
|
|
|
__be32 epoch; /* client boot timestamp */
|
2016-09-03 04:39:45 +07:00
|
|
|
#define RXRPC_RANDOM_EPOCH 0x80000000 /* Random if set, date-based if not */
|
2005-04-17 05:20:36 +07:00
|
|
|
|
|
|
|
__be32 cid; /* connection and channel ID */
|
|
|
|
#define RXRPC_MAXCALLS 4 /* max active calls per conn */
|
|
|
|
#define RXRPC_CHANNELMASK (RXRPC_MAXCALLS-1) /* mask for channel ID */
|
|
|
|
#define RXRPC_CIDMASK (~RXRPC_CHANNELMASK) /* mask for connection ID */
|
2007-04-27 05:48:28 +07:00
|
|
|
#define RXRPC_CIDSHIFT ilog2(RXRPC_MAXCALLS) /* shift for connection ID */
|
|
|
|
#define RXRPC_CID_INC (1 << RXRPC_CIDSHIFT) /* connection ID increment */
|
2005-04-17 05:20:36 +07:00
|
|
|
|
|
|
|
__be32 callNumber; /* call ID (0 for connection-level packets) */
|
|
|
|
__be32 seq; /* sequence number of pkt in call stream */
|
|
|
|
__be32 serial; /* serial number of pkt sent to network */
|
|
|
|
|
|
|
|
uint8_t type; /* packet type */
|
|
|
|
#define RXRPC_PACKET_TYPE_DATA 1 /* data */
|
|
|
|
#define RXRPC_PACKET_TYPE_ACK 2 /* ACK */
|
|
|
|
#define RXRPC_PACKET_TYPE_BUSY 3 /* call reject */
|
|
|
|
#define RXRPC_PACKET_TYPE_ABORT 4 /* call/connection abort */
|
|
|
|
#define RXRPC_PACKET_TYPE_ACKALL 5 /* ACK all outstanding packets on call */
|
|
|
|
#define RXRPC_PACKET_TYPE_CHALLENGE 6 /* connection security challenge (SRVR->CLNT) */
|
|
|
|
#define RXRPC_PACKET_TYPE_RESPONSE 7 /* connection secutity response (CLNT->SRVR) */
|
|
|
|
#define RXRPC_PACKET_TYPE_DEBUG 8 /* debug info request */
|
2018-04-03 05:51:39 +07:00
|
|
|
#define RXRPC_PACKET_TYPE_PARAMS 9 /* Parameter negotiation (unspec'd, ignore) */
|
|
|
|
#define RXRPC_PACKET_TYPE_10 10 /* Ignored */
|
|
|
|
#define RXRPC_PACKET_TYPE_11 11 /* Ignored */
|
2015-04-01 22:31:26 +07:00
|
|
|
#define RXRPC_PACKET_TYPE_VERSION 13 /* version string request */
|
2005-04-17 05:20:36 +07:00
|
|
|
|
|
|
|
uint8_t flags; /* packet flags */
|
|
|
|
#define RXRPC_CLIENT_INITIATED 0x01 /* signifies a packet generated by a client */
|
|
|
|
#define RXRPC_REQUEST_ACK 0x02 /* request an unconditional ACK of this packet */
|
|
|
|
#define RXRPC_LAST_PACKET 0x04 /* the last packet from this side for this call */
|
|
|
|
#define RXRPC_MORE_PACKETS 0x08 /* more packets to come */
|
|
|
|
#define RXRPC_JUMBO_PACKET 0x20 /* [DATA] this is a jumbo packet */
|
|
|
|
#define RXRPC_SLOW_START_OK 0x20 /* [ACK] slow start supported */
|
|
|
|
|
|
|
|
uint8_t userStatus; /* app-layer defined status */
|
rxrpc: Implement service upgrade
Implement AuriStor's service upgrade facility. There are three problems
that this is meant to deal with:
(1) Various of the standard AFS RPC calls have IPv4 addresses in their
requests and/or replies - but there's no room for including IPv6
addresses.
(2) Definition of IPv6-specific RPC operations in the standard operation
sets has not yet been achieved.
(3) One could envision the creation a new service on the same port that as
the original service. The new service could implement improved
operations - and the client could try this first, falling back to the
original service if it's not there.
Unfortunately, certain servers ignore packets addressed to a service
they don't implement and don't respond in any way - not even with an
ABORT. This means that the client must then wait for the call timeout
to occur.
What service upgrade does is to see if the connection is marked as being
'upgradeable' and if so, change the service ID in the server and thus the
request and reply formats. Note that the upgrade isn't mandatory - a
server that supports only the original call set will ignore the upgrade
request.
In the protocol, the procedure is then as follows:
(1) To request an upgrade, the first DATA packet in a new connection must
have the userStatus set to 1 (this is normally 0). The userStatus
value is normally ignored by the server.
(2) If the server doesn't support upgrading, the reply packets will
contain the same service ID as for the first request packet.
(3) If the server does support upgrading, all future reply packets on that
connection will contain the new service ID and the new service ID will
be applied to *all* further calls on that connection as well.
(4) The RPC op used to probe the upgrade must take the same request data
as the shadow call in the upgrade set (but may return a different
reply). GetCapability RPC ops were added to all standard sets for
just this purpose. Ops where the request formats differ cannot be
used for probing.
(5) The client must wait for completion of the probe before sending any
further RPC ops to the same destination. It should then use the
service ID that recvmsg() reported back in all future calls.
(6) The shadow service must have call definitions for all the operation
IDs defined by the original service.
To support service upgrading, a server should:
(1) Call bind() twice on its AF_RXRPC socket before calling listen().
Each bind() should supply a different service ID, but the transport
addresses must be the same. This allows the server to receive
requests with either service ID.
(2) Enable automatic upgrading by calling setsockopt(), specifying
RXRPC_UPGRADEABLE_SERVICE and passing in a two-member array of
unsigned shorts as the argument:
unsigned short optval[2];
This specifies a pair of service IDs. They must be different and must
match the service IDs bound to the socket. Member 0 is the service ID
to upgrade from and member 1 is the service ID to upgrade to.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-06-05 20:30:49 +07:00
|
|
|
#define RXRPC_USERSTATUS_SERVICE_UPGRADE 0x01 /* AuriStor service upgrade request */
|
|
|
|
|
2005-04-17 05:20:36 +07:00
|
|
|
uint8_t securityIndex; /* security protocol ID */
|
2007-04-27 05:48:28 +07:00
|
|
|
union {
|
|
|
|
__be16 _rsvd; /* reserved */
|
|
|
|
__be16 cksum; /* kerberos security checksum */
|
|
|
|
};
|
2005-04-17 05:20:36 +07:00
|
|
|
__be16 serviceId; /* service ID */
|
|
|
|
|
2010-06-03 17:21:52 +07:00
|
|
|
} __packed;
|
2005-04-17 05:20:36 +07:00
|
|
|
|
|
|
|
/*****************************************************************************/
|
|
|
|
/*
|
|
|
|
* jumbo packet secondary header
|
|
|
|
* - can be mapped to read header by:
|
|
|
|
* - new_serial = serial + 1
|
|
|
|
* - new_seq = seq + 1
|
|
|
|
* - new_flags = j_flags
|
|
|
|
* - new__rsvd = j__rsvd
|
|
|
|
* - duplicating all other fields
|
|
|
|
*/
|
2007-04-27 05:55:48 +07:00
|
|
|
struct rxrpc_jumbo_header {
|
2005-04-17 05:20:36 +07:00
|
|
|
uint8_t flags; /* packet flags (as per rxrpc_header) */
|
|
|
|
uint8_t pad;
|
2016-09-08 17:10:11 +07:00
|
|
|
union {
|
|
|
|
__be16 _rsvd; /* reserved */
|
|
|
|
__be16 cksum; /* kerberos security checksum */
|
|
|
|
};
|
2005-04-17 05:20:36 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
#define RXRPC_JUMBO_DATALEN 1412 /* non-terminal jumbo packet data length */
|
2016-09-08 17:10:11 +07:00
|
|
|
#define RXRPC_JUMBO_SUBPKTLEN (RXRPC_JUMBO_DATALEN + sizeof(struct rxrpc_jumbo_header))
|
2005-04-17 05:20:36 +07:00
|
|
|
|
|
|
|
/*****************************************************************************/
|
|
|
|
/*
|
|
|
|
* on-the-wire Rx ACK packet data payload
|
|
|
|
* - all multibyte fields should be in network byte order
|
|
|
|
*/
|
2007-04-27 05:55:48 +07:00
|
|
|
struct rxrpc_ackpacket {
|
2005-04-17 05:20:36 +07:00
|
|
|
__be16 bufferSpace; /* number of packet buffers available */
|
|
|
|
__be16 maxSkew; /* diff between serno being ACK'd and highest serial no
|
|
|
|
* received */
|
|
|
|
__be32 firstPacket; /* sequence no of first ACK'd packet in attached list */
|
|
|
|
__be32 previousPacket; /* sequence no of previous packet received */
|
|
|
|
__be32 serial; /* serial no of packet that prompted this ACK */
|
|
|
|
|
|
|
|
uint8_t reason; /* reason for ACK */
|
|
|
|
#define RXRPC_ACK_REQUESTED 1 /* ACK was requested on packet */
|
|
|
|
#define RXRPC_ACK_DUPLICATE 2 /* duplicate packet received */
|
|
|
|
#define RXRPC_ACK_OUT_OF_SEQUENCE 3 /* out of sequence packet received */
|
|
|
|
#define RXRPC_ACK_EXCEEDS_WINDOW 4 /* packet received beyond end of ACK window */
|
|
|
|
#define RXRPC_ACK_NOSPACE 5 /* packet discarded due to lack of buffer space */
|
|
|
|
#define RXRPC_ACK_PING 6 /* keep alive ACK */
|
|
|
|
#define RXRPC_ACK_PING_RESPONSE 7 /* response to RXRPC_ACK_PING */
|
|
|
|
#define RXRPC_ACK_DELAY 8 /* nothing happened since received packet */
|
|
|
|
#define RXRPC_ACK_IDLE 9 /* ACK due to fully received ACK window */
|
2016-09-23 19:50:40 +07:00
|
|
|
#define RXRPC_ACK__INVALID 10 /* Representation of invalid ACK reason */
|
2005-04-17 05:20:36 +07:00
|
|
|
|
|
|
|
uint8_t nAcks; /* number of ACKs */
|
|
|
|
#define RXRPC_MAXACKS 255
|
|
|
|
|
|
|
|
uint8_t acks[0]; /* list of ACK/NAKs */
|
|
|
|
#define RXRPC_ACK_TYPE_NACK 0
|
|
|
|
#define RXRPC_ACK_TYPE_ACK 1
|
|
|
|
|
2010-06-03 17:21:52 +07:00
|
|
|
} __packed;
|
2005-04-17 05:20:36 +07:00
|
|
|
|
rxrpc: Rewrite the data and ack handling code
Rewrite the data and ack handling code such that:
(1) Parsing of received ACK and ABORT packets and the distribution and the
filing of DATA packets happens entirely within the data_ready context
called from the UDP socket. This allows us to process and discard ACK
and ABORT packets much more quickly (they're no longer stashed on a
queue for a background thread to process).
(2) We avoid calling skb_clone(), pskb_pull() and pskb_trim(). We instead
keep track of the offset and length of the content of each packet in
the sk_buff metadata. This means we don't do any allocation in the
receive path.
(3) Jumbo DATA packet parsing is now done in data_ready context. Rather
than cloning the packet once for each subpacket and pulling/trimming
it, we file the packet multiple times with an annotation for each
indicating which subpacket is there. From that we can directly
calculate the offset and length.
(4) A call's receive queue can be accessed without taking locks (memory
barriers do have to be used, though).
(5) Incoming calls are set up from preallocated resources and immediately
made live. They can than have packets queued upon them and ACKs
generated. If insufficient resources exist, DATA packet #1 is given a
BUSY reply and other DATA packets are discarded).
(6) sk_buffs no longer take a ref on their parent call.
To make this work, the following changes are made:
(1) Each call's receive buffer is now a circular buffer of sk_buff
pointers (rxtx_buffer) rather than a number of sk_buff_heads spread
between the call and the socket. This permits each sk_buff to be in
the buffer multiple times. The receive buffer is reused for the
transmit buffer.
(2) A circular buffer of annotations (rxtx_annotations) is kept parallel
to the data buffer. Transmission phase annotations indicate whether a
buffered packet has been ACK'd or not and whether it needs
retransmission.
Receive phase annotations indicate whether a slot holds a whole packet
or a jumbo subpacket and, if the latter, which subpacket. They also
note whether the packet has been decrypted in place.
(3) DATA packet window tracking is much simplified. Each phase has just
two numbers representing the window (rx_hard_ack/rx_top and
tx_hard_ack/tx_top).
The hard_ack number is the sequence number before base of the window,
representing the last packet the other side says it has consumed.
hard_ack starts from 0 and the first packet is sequence number 1.
The top number is the sequence number of the highest-numbered packet
residing in the buffer. Packets between hard_ack+1 and top are
soft-ACK'd to indicate they've been received, but not yet consumed.
Four macros, before(), before_eq(), after() and after_eq() are added
to compare sequence numbers within the window. This allows for the
top of the window to wrap when the hard-ack sequence number gets close
to the limit.
Two flags, RXRPC_CALL_RX_LAST and RXRPC_CALL_TX_LAST, are added also
to indicate when rx_top and tx_top point at the packets with the
LAST_PACKET bit set, indicating the end of the phase.
(4) Calls are queued on the socket 'receive queue' rather than packets.
This means that we don't need have to invent dummy packets to queue to
indicate abnormal/terminal states and we don't have to keep metadata
packets (such as ABORTs) around
(5) The offset and length of a (sub)packet's content are now passed to
the verify_packet security op. This is currently expected to decrypt
the packet in place and validate it.
However, there's now nowhere to store the revised offset and length of
the actual data within the decrypted blob (there may be a header and
padding to skip) because an sk_buff may represent multiple packets, so
a locate_data security op is added to retrieve these details from the
sk_buff content when needed.
(6) recvmsg() now has to handle jumbo subpackets, where each subpacket is
individually secured and needs to be individually decrypted. The code
to do this is broken out into rxrpc_recvmsg_data() and shared with the
kernel API. It now iterates over the call's receive buffer rather
than walking the socket receive queue.
Additional changes:
(1) The timers are condensed to a single timer that is set for the soonest
of three timeouts (delayed ACK generation, DATA retransmission and
call lifespan).
(2) Transmission of ACK and ABORT packets is effected immediately from
process-context socket ops/kernel API calls that cause them instead of
them being punted off to a background work item. The data_ready
handler still has to defer to the background, though.
(3) A shutdown op is added to the AF_RXRPC socket so that the AFS
filesystem can shut down the socket and flush its own work items
before closing the socket to deal with any in-progress service calls.
Future additional changes that will need to be considered:
(1) Make sure that a call doesn't hog the front of the queue by receiving
data from the network as fast as userspace is consuming it to the
exclusion of other calls.
(2) Transmit delayed ACKs from within recvmsg() when we've consumed
sufficiently more packets to avoid the background work item needing to
run.
Signed-off-by: David Howells <dhowells@redhat.com>
2016-09-08 17:10:12 +07:00
|
|
|
/* Some ACKs refer to specific packets and some are general and can be updated. */
|
|
|
|
#define RXRPC_ACK_UPDATEABLE ((1 << RXRPC_ACK_REQUESTED) | \
|
|
|
|
(1 << RXRPC_ACK_PING_RESPONSE) | \
|
|
|
|
(1 << RXRPC_ACK_DELAY) | \
|
|
|
|
(1 << RXRPC_ACK_IDLE))
|
|
|
|
|
|
|
|
|
2007-04-27 05:48:28 +07:00
|
|
|
/*
|
|
|
|
* ACK packets can have a further piece of information tagged on the end
|
|
|
|
*/
|
|
|
|
struct rxrpc_ackinfo {
|
|
|
|
__be32 rxMTU; /* maximum Rx MTU size (bytes) [AFS 3.3] */
|
|
|
|
__be32 maxMTU; /* maximum interface MTU size (bytes) [AFS 3.3] */
|
|
|
|
__be32 rwind; /* Rx window size (packets) [AFS 3.4] */
|
|
|
|
__be32 jumbo_max; /* max packets to stick into a jumbo packet [AFS 3.5] */
|
|
|
|
};
|
|
|
|
|
|
|
|
/*****************************************************************************/
|
|
|
|
/*
|
|
|
|
* Kerberos security type-2 challenge packet
|
|
|
|
*/
|
|
|
|
struct rxkad_challenge {
|
|
|
|
__be32 version; /* version of this challenge type */
|
|
|
|
__be32 nonce; /* encrypted random number */
|
|
|
|
__be32 min_level; /* minimum security level */
|
|
|
|
__be32 __padding; /* padding to 8-byte boundary */
|
2010-06-03 17:21:52 +07:00
|
|
|
} __packed;
|
2007-04-27 05:48:28 +07:00
|
|
|
|
|
|
|
/*****************************************************************************/
|
|
|
|
/*
|
|
|
|
* Kerberos security type-2 response packet
|
|
|
|
*/
|
|
|
|
struct rxkad_response {
|
2011-03-31 08:57:33 +07:00
|
|
|
__be32 version; /* version of this response type */
|
2007-04-27 05:48:28 +07:00
|
|
|
__be32 __pad;
|
|
|
|
|
|
|
|
/* encrypted bit of the response */
|
|
|
|
struct {
|
|
|
|
__be32 epoch; /* current epoch */
|
|
|
|
__be32 cid; /* parent connection ID */
|
|
|
|
__be32 checksum; /* checksum */
|
|
|
|
__be32 securityIndex; /* security type */
|
|
|
|
__be32 call_id[4]; /* encrypted call IDs */
|
|
|
|
__be32 inc_nonce; /* challenge nonce + 1 */
|
|
|
|
__be32 level; /* desired level */
|
|
|
|
} encrypted;
|
|
|
|
|
|
|
|
__be32 kvno; /* Kerberos key version number */
|
|
|
|
__be32 ticket_len; /* Kerberos ticket length */
|
2010-06-03 17:21:52 +07:00
|
|
|
} __packed;
|
2007-04-27 05:48:28 +07:00
|
|
|
|
2005-04-17 05:20:36 +07:00
|
|
|
#endif /* _LINUX_RXRPC_PACKET_H */
|