This patch adds the code that actually allows KBUS to send
and receive messages.
Signed-off-by: Tony Ibbs <tibs@xxxxxxxxxxxxxx>
---
ipc/kbus_main.c | 2766 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 2743 insertions(+), 23 deletions(-)
diff --git a/ipc/kbus_main.c b/ipc/kbus_main.c
index 87c7506..944b60c 100644
--- a/ipc/kbus_main.c
+++ b/ipc/kbus_main.c
@@ -65,6 +65,10 @@ static int kbus_num_devices = CONFIG_KBUS_DEF_NUM_DEVICES;
static int kbus_major; /* 0 => We'll go for dynamic allocation */
static int kbus_minor; /* 0 => We're happy to start with device 0 */
+/* We can't need more than 8 characters of padding, by definition! */
+static char *static_zero_padding = "\0\0\0\0\0\0\0\0";
+static u32 static_end_guard = KBUS_MSG_END_GUARD;
+
/* Our actual devices, 0 through kbus_num_devices-1 */
static struct kbus_dev **kbus_devices;
@@ -72,9 +76,21 @@ static struct class *kbus_class_p;
/* ========================================================================= */
+/* As few foreshadowings as I can get away with */
+static struct kbus_private_data *kbus_find_open_ksock(struct kbus_dev *dev,
+ u32 id);
+
/* I really want this function where it is in the code, so need to foreshadow */
static int kbus_setup_new_device(int which);
+/* More or less ditto */
+static int kbus_write_to_recipients(struct kbus_private_data *priv,
+ struct kbus_dev *dev,
+ struct kbus_msg *msg);
+
+static int kbus_alloc_ref_data(struct kbus_private_data *priv,
+ u32 data_len,
+ struct kbus_data_ptr **ret_ref_data);
/* ========================================================================= */
/* What's the symbolic name of a replier type? */
@@ -93,6 +109,376 @@ static const char *kbus_replier_type_name(enum kbus_replier_type t)
}
/*
+ * Wrap a set of data pointers and lengths in a reference
+ */
+static struct kbus_data_ptr *kbus_wrap_data_in_ref(int as_pages,
+ unsigned num_parts,
+ unsigned long *parts,
+ unsigned *lengths,
+ unsigned last_page_len)
+{
+ struct kbus_data_ptr *new = NULL;
+
+ new = kmalloc(sizeof(*new), GFP_KERNEL);
+ if (!new)
+ return NULL;
+
+ new->as_pages = as_pages;
+ new->parts = parts;
+ new->lengths = lengths;
+ new->num_parts = num_parts;
+ new->last_page_len = last_page_len;
+
+ kref_init(&new->refcount);
+ return new;
+}
+
+/*
+ * Increment the reference count for our pointer.
+ *
+ * Returns the (same) reference, for convenience.
+ */
+static struct kbus_data_ptr *kbus_raise_data_ref(struct kbus_data_ptr *refdata)
+{
+ if (refdata != NULL)
+ kref_get(&refdata->refcount);
+ return refdata;
+}
+
+/*
+ * Data release callback for data reference pointers. Called when the reference
+ * count says to...
+ */
+static void kbus_release_data_ref(struct kref *ref)
+{
+ struct kbus_data_ptr *refdata = container_of(ref,
+ struct kbus_data_ptr,
+ refcount);
+ if (refdata->parts == NULL) {
+ /* Not that I think this can happen */
+ pr_err("kbus: Removing data reference,"
+ " but data ptr already freed\n");
+ } else {
+ int jj;
+ if (refdata->as_pages)
+ for (jj = 0; jj < refdata->num_parts; jj++)
+ free_page((unsigned long)refdata->parts[jj]);
+ else
+ for (jj = 0; jj < refdata->num_parts; jj++)
+ kfree((void *)refdata->parts[jj]);
+ kfree(refdata->parts);
+ kfree(refdata->lengths);
+ refdata->parts = NULL;
+ refdata->lengths = NULL;
+ }
+ kfree(refdata);
+}
+
+/*
+ * Forget a reference to our pointer, and if no-one cares anymore, free it and
+ * its contents.
+ */
+static void kbus_lower_data_ref(struct kbus_data_ptr *refdata)
+{
+ if (refdata == NULL)
+ return;
+ kref_put(&refdata->refcount, kbus_release_data_ref);
+}
+
+/*
+ * Wrap a string in a reference. Does not take a copy of the string,
+ * but note that the release mechanism (triggered when there are no more
+ * references to the string) *will* free it.
+ */
+static struct kbus_name_ptr *kbus_wrap_name_in_ref(char *str)
+{
+ struct kbus_name_ptr *new = NULL;
+
+ new = kmalloc(sizeof(*new), GFP_KERNEL);
+ if (!new)
+ return NULL;
+
+ new->name = str;
+ kref_init(&new->refcount);
+ return new;
+}
+
+/*
+ * Increment the reference count for a string reference
+ *
+ * Returns the (same) reference, for convenience.
+ */
+static struct kbus_name_ptr *kbus_raise_name_ref(struct kbus_name_ptr *refname)
+{
+ if (refname != NULL)
+ kref_get(&refname->refcount);
+ return refname;
+}
+
+/*
+ * Data release callback for string reference pointers.
+ * Called when the reference count says to...
+ */
+static void kbus_release_name_ref(struct kref *ref)
+{
+ struct kbus_name_ptr *refname = container_of(ref,
+ struct kbus_name_ptr,
+ refcount);
+ if (refname->name == NULL) {
+ /* Not that I think this can happen */
+ pr_err("kbus: Removing name reference,"
+ " but name ptr already freed\n");
+ } else {
+ kfree(refname->name);
+ refname->name = NULL;
+ }
+ kfree(refname);
+}
+
+/*
+ * Forget a reference to our string, and if no-one cares anymore, free it and
+ * its contents.
+ */
+static void kbus_lower_name_ref(struct kbus_name_ptr *refname)
+{
+ if (refname == NULL)
+ return;
+
+ kref_put(&refname->refcount, kbus_release_name_ref);
+}
+
+/*
+ * Return a stab at the next size for an array
+ */
+static u32 kbus_next_size(u32 old_size)
+{
+ if (old_size < 16)
+ /* For very small numbers, just double */
+ return old_size << 1;
+ /* Otherwise, try something like the mechanism used for Python
+ * lists - doubling feels a bit over the top */
+ return old_size + (old_size >> 3);
+}
+
+/* Determine (and return) the next message serial number */
+static u32 kbus_next_serial_num(struct kbus_dev *dev)
+{
+ if (dev->next_msg_serial_num == 0)
+ dev->next_msg_serial_num++;
+ return dev->next_msg_serial_num++;
+}
+
+static int kbus_same_message_id(struct kbus_msg_id *msg_id,
+ u32 network_id, u32 serial_num)
+{
+ return msg_id->network_id == network_id &&
+ msg_id->serial_num == serial_num;
+}
+
+static int kbus_init_msg_id_memory(struct kbus_private_data *priv)
+{
+ struct kbus_msg_id_mem *mem = &priv->outstanding_requests;
+ struct kbus_msg_id *ids;
+
+ ids = kmalloc(sizeof(*ids) * KBUS_INIT_MSG_ID_MEMSIZE, GFP_KERNEL);
+ if (!ids)
+ return -ENOMEM;
+
+ memset(ids, 0, sizeof(*ids) * KBUS_INIT_MSG_ID_MEMSIZE);
+
+ mem->count = 0;
+ mem->max_count = 0;
+ mem->ids = ids;
+ mem->size = KBUS_INIT_MSG_ID_MEMSIZE;
+ return 0;
+}
+
+static void kbus_empty_msg_id_memory(struct kbus_private_data *priv)
+{
+ struct kbus_msg_id_mem *mem = &priv->outstanding_requests;
+
+ if (mem->ids == NULL)
+ return;
+
+ kfree(mem->ids);
+ mem->ids = NULL;
+ mem->size = 0;
+ mem->max_count = 0;
+ mem->count = 0;
+}
+
+/*
+ * Note we don't worry about whether the id is already in there - if
+ * the user cares, that's up to them (I don't think I do)
+ */
+static int kbus_remember_msg_id(struct kbus_private_data *priv,
+ struct kbus_msg_id *id)
+{
+ struct kbus_msg_id_mem *mem = &priv->outstanding_requests;
+ int ii, which;
+
+ kbus_maybe_dbg(priv->dev, " %u Remembering outstanding"
+ " request %u:%u (count->%d)\n",
+ priv->id, id->network_id, id->serial_num, mem->count+1);
+
+ /* First, try for an empty slot we can re-use */
+ for (ii = 0; ii < mem->size; ii++) {
+ if (kbus_same_message_id(&mem->ids[ii], 0, 0)) {
+ which = ii;
+ goto done;
+ }
+
+ }
+ /* Otherwise, give in and use a new one */
+ if (mem->count == mem->size) {
+ u32 old_size = mem->size;
+ u32 new_size = kbus_next_size(old_size);
+
+ kbus_maybe_dbg(priv->dev, " %u XXX outstanding"
+ " request array size %u -> %u\n",
+ priv->id, old_size, new_size);
+
+ mem->ids = krealloc(mem->ids,
+ new_size * sizeof(struct kbus_msg_id),
+ GFP_KERNEL);
+ if (!mem->ids)
+ return -EFAULT;
+ for (ii = old_size; ii < new_size; ii++) {
+ mem->ids[ii].network_id = 0;
+ mem->ids[ii].serial_num = 0;
+ }
+ mem->size = new_size;
+ which = mem->count;
+ }
+ which = mem->count;
+done:
+ mem->ids[which] = *id;
+ mem->count++;
+ if (mem->count > mem->max_count)
+ mem->max_count = mem->count;
+ return 0;
+}
+
+/* Returns 0 if we found it, -1 if we couldn't find it */
+static int kbus_find_msg_id(struct kbus_private_data *priv,
+ struct kbus_msg_id *id)
+{
+ struct kbus_msg_id_mem *mem = &priv->outstanding_requests;
+ int ii;
+ for (ii = 0; ii < mem->size; ii++) {
+ if (!kbus_same_message_id(&mem->ids[ii],
+ id->network_id, id->serial_num))
+ continue;
+ kbus_maybe_dbg(priv->dev, " %u Found outstanding "
+ "request %u:%u (count=%d)\n",
+ priv->id, id->network_id,
+ id->serial_num, mem->count);
+ return 0;
+ }
+ kbus_maybe_dbg(priv->dev,
+ " %u Could not find outstanding "
+ "request %u:%u (count=%d)\n",
+ priv->id, id->network_id,
+ id->serial_num, mem->count);
+ return -1;
+}
+
+/* Returns 0 if we found and forgot it, -1 if we couldn't find it */
+static int kbus_forget_msg_id(struct kbus_private_data *priv,
+ struct kbus_msg_id *id)
+{
+ struct kbus_msg_id_mem *mem = &priv->outstanding_requests;
+ int ii;
+ for (ii = 0; ii < mem->size; ii++) {
+ if (!kbus_same_message_id(&mem->ids[ii],
+ id->network_id, id->serial_num))
+ continue;
+
+ mem->ids[ii].network_id = 0;
+ mem->ids[ii].serial_num = 0;
+ mem->count--;
+ kbus_maybe_dbg(priv->dev,
+ " %u Forgot outstanding "
+ "request %u:%u (count<-%d)\n",
+ priv->id, id->network_id,
+ id->serial_num, mem->count);
+
+ return 0;
+ }
+ kbus_maybe_dbg(priv->dev,
+ " %u Could not forget outstanding "
+ "request %u:%u (count<-%d)\n",
+ priv->id, id->network_id,
+ id->serial_num, mem->count);
+ return -1;
+}
+
+/* A message is a reply iff 'in_reply_to' is non-zero */
+static int kbus_message_is_reply(struct kbus_msg *msg)
+{
+ return !kbus_same_message_id(&msg->in_reply_to, 0, 0);
+}
+
+/*
+ * Build a KBUS synthetic message/exception. We assume no data.
+ *
+ * The message built is a 'pointy' message.
+ *
+ * 'msg_name' is copied.
+ *
+ * Use kbus_free_message() to free this message when it is finished with.
+ */
+static struct kbus_msg
+*kbus_build_kbus_message(struct kbus_dev *dev,
+ char *msg_name,
+ u32 from,
+ u32 to, struct kbus_msg_id in_reply_to)
+{
+ struct kbus_msg *new_msg;
+ struct kbus_name_ptr *name_ref;
+
+ size_t msg_name_len = strlen(msg_name);
+ char *msg_name_copy;
+
+ new_msg = kmalloc(sizeof(*new_msg), GFP_KERNEL);
+ if (!new_msg) {
+ dev_err(dev->dev, "Cannot kmalloc synthetic message\n");
+ return NULL;
+ }
+
+ msg_name_copy = kmalloc(msg_name_len + 1, GFP_KERNEL);
+ if (!msg_name_copy) {
+ dev_err(dev->dev, "Cannot kmalloc synthetic message's name\n");
+ kfree(new_msg);
+ return NULL;
+ }
+
+ strncpy(msg_name_copy, msg_name, msg_name_len);
+ msg_name_copy[msg_name_len] = '\0';
+
+ name_ref = kbus_wrap_name_in_ref(msg_name_copy);
+ if (!name_ref) {
+ dev_err(dev->dev, "Cannot kmalloc synthetic message's string ref\n");
+ kfree(new_msg);
+ kfree(msg_name_copy);
+ return NULL;
+ }
+
+ memset(new_msg, 0, sizeof(*new_msg));
+
+ new_msg->from = from;
+ new_msg->to = to;
+ new_msg->in_reply_to = in_reply_to;
+ new_msg->flags = KBUS_BIT_SYNTHETIC;
+ new_msg->name_ref = name_ref;
+ new_msg->name_len = msg_name_len;
+
+ new_msg->id.serial_num = kbus_next_serial_num(dev);
+
+ return new_msg;
+}
+
+/*
* Given a message name, is it valid?
*
* We have nothing to say on maximum length.
@@ -130,6 +516,682 @@ static int kbus_bad_message_name(char *name, size_t name_len)
}
/*
+ * Is a message name wildcarded?
+ *
+ * We assume it is already checked to be a valid name
+ *
+ * Returns 1 if it is, 0 if not. In other words, returns 1
+ * if the name is not a valid destination.
+ */
+static int kbus_wildcarded_message_name(char *name, size_t name_len)
+{
+ return name[name_len - 1] == '*' || name[name_len - 1] == '%';
+}
+
+/*
+ * Is a message name legitimate for writing/sending?
+ *
+ * This is an omnibus call of the last two checks, with error output.
+ *
+ * Returns 0 if it's OK, 1 if it's naughty
+ */
+static int kbus_invalid_message_name(struct kbus_dev *dev,
+ char *name, size_t name_len)
+{
+ if (kbus_bad_message_name(name, name_len)) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " (send) message name '%.*s' is not allowed\n",
+ current->pid, current->comm, (int)name_len, name);
+ return 1;
+ }
+ if (kbus_wildcarded_message_name(name, name_len)) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " (send) sending to wildcards not allowed, "
+ "message name '%.*s'\n",
+ current->pid, current->comm, (int)name_len, name);
+ return 1;
+ }
+ return 0;
+}
+
+/*
+ * Does this message name match the given binding?
+ *
+ * The binding may be a normal message name, or a wildcard.
+ *
+ * We assume that both names are legitimate.
+ */
+static int kbus_message_name_matches(char *name, size_t name_len, char *other)
+{
+ size_t other_len = strlen(other);
+
+ if (other[other_len - 1] == '*' || other[other_len - 1] == '%') {
+ char *rest = name + other_len - 1;
+ size_t rest_len = name_len - other_len + 1;
+
+ /*
+ * If we have '$.Fred.*', then we need at least '$.Fred.X'
+ * to match
+ */
+ if (name_len < other_len)
+ return false;
+ /*
+ * Does the name match all of the wildcard except the
+ * last character?
+ */
+ if (strncmp(other, name, other_len - 1))
+ return false;
+
+ /* '*' matches anything at all, so we're done */
+ if (other[other_len - 1] == '*')
+ return true;
+
+ /* '%' only matches if we don't have another dot */
+ if (strnchr(rest, rest_len, '.'))
+ return false;
+ else
+ return true;
+ } else {
+ if (name_len != other_len)
+ return false;
+ else
+ return !strncmp(name, other, name_len);
+ }
+}
+
+/*
+ * Check if a message read by kbus_write() is well formed
+ *
+ * Return 0 if a message is well-formed, negative otherwise.
+ */
+static int kbus_check_message_written(struct kbus_dev *dev,
+ struct kbus_write_msg *this)
+{
+ struct kbus_message_header *user_msg =
+ (struct kbus_message_header *)&this->user_msg;
+
+ if (this == NULL) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " Tried to check NULL message\n",
+ current->pid, current->comm);
+ return -EINVAL;
+ }
+
+ if (user_msg->start_guard != KBUS_MSG_START_GUARD) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " message start guard is %08x, not %08x",
+ current->pid, current->comm,
+ user_msg->start_guard, KBUS_MSG_START_GUARD);
+ return -EINVAL;
+ }
+ if (user_msg->end_guard != KBUS_MSG_END_GUARD) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " message end guard is %08x, not %08x\n",
+ current->pid, current->comm,
+ user_msg->end_guard, KBUS_MSG_END_GUARD);
+ return -EINVAL;
+ }
+
+ if (user_msg->name_len == 0) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " Message name length is 0\n",
+ current->pid, current->comm);
+ return -EINVAL;
+ }
+ if (user_msg->name_len > KBUS_MAX_NAME_LEN) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " Message name length is %u, more than %u\n",
+ current->pid, current->comm,
+ user_msg->name_len, KBUS_MAX_NAME_LEN);
+ return -ENAMETOOLONG;
+ }
+
+ if (user_msg->name == NULL) {
+ if (user_msg->data != NULL) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " Message name is inline, data is not\n",
+ current->pid, current->comm);
+ return -EINVAL;
+ }
+ } else {
+ if (user_msg->data == NULL && user_msg->data_len != 0) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " Message data is inline, name is not\n",
+ current->pid, current->comm);
+ return -EINVAL;
+ }
+ }
+
+ if (user_msg->data_len == 0 && user_msg->data != NULL) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " Message data length is 0, but data pointer is set\n",
+ current->pid, current->comm);
+ return -EINVAL;
+ }
+
+ /* It's not legal to set both ALL_OR_WAIT and ALL_OR_FAIL */
+ if ((user_msg->flags & KBUS_BIT_ALL_OR_WAIT) &&
+ (user_msg->flags & KBUS_BIT_ALL_OR_FAIL)) {
+ dev_err(dev->dev, "pid %u [%s]"
+ " Message cannot have both ALL_OR_WAIT and "
+ "ALL_OR_FAIL set\n",
+ current->pid, current->comm);
+ return -EINVAL;
+ }
+ return 0;
+}
+
+/*
+ * Output a description of an in-kernel message
+ */
+static void kbus_maybe_report_message(struct kbus_dev *dev __maybe_unused,
+ struct kbus_msg *msg __maybe_unused)
+{
+ if (msg->data_len) {
+ struct kbus_data_ptr *data_p = msg->data_ref;
+ uint8_t *part0 __maybe_unused = (uint8_t *) data_p->parts[0];
+ kbus_maybe_dbg(dev, "=== %u:%u '%.*s'"
+ " to %u from %u in-reply-to %u:%u orig %u,%u "
+ "final %u:%u flags %04x:%04x"
+ " data/%u<in%u> %02x.%02x.%02x.%02x\n",
+ msg->id.network_id, msg->id.serial_num,
+ msg->name_len, msg->name_ref->name,
+ msg->to, msg->from,
+ msg->in_reply_to.network_id, msg->in_reply_to.serial_num,
+ msg->orig_from.network_id, msg->orig_from.local_id,
+ msg->final_to.network_id, msg->final_to.local_id,
+ (msg->flags & 0xFFFF0000) >> 4,
+ (msg->flags & 0x0000FFFF), msg->data_len,
+ data_p->num_parts, part0[0], part0[1], part0[2],
+ part0[3]);
+ } else {
+ kbus_maybe_dbg(dev, "=== %u:%u '%.*s'"
+ " to %u from %u in-reply-to %u:%u orig %u,%u "
+ "final %u,%u flags %04x:%04x\n",
+ msg->id.network_id, msg->id.serial_num,
+ msg->name_len, msg->name_ref->name,
+ msg->to, msg->from,
+ msg->in_reply_to.network_id, msg->in_reply_to.serial_num,
+ msg->orig_from.network_id, msg->orig_from.local_id,
+ msg->final_to.network_id, msg->final_to.local_id,
+ (msg->flags & 0xFFFF0000) >> 4,
+ (msg->flags & 0x0000FFFF));
+ }
+}
+
+/*
+ * Copy a message, doing whatever is deemed necessary.
+ *
+ * Copies the message header, and also copies the message name and any
+ * data. The message must be a 'pointy' message with reference counted
+ * name and data.
+ */
+static struct kbus_msg *kbus_copy_message(struct kbus_dev *dev,
+ struct kbus_msg *old_msg)
+{
+ struct kbus_msg *new_msg;
+
+ new_msg = kmalloc(sizeof(*new_msg), GFP_KERNEL);
+ if (!new_msg) {
+ dev_err(dev->dev, "Cannot kmalloc copy of message header\n");
+ return NULL;
+ }
+ if (!memcpy(new_msg, old_msg, sizeof(*new_msg))) {
+ dev_err(dev->dev, "Cannot copy message header\n");
+ kfree(new_msg);
+ return NULL;
+ }
+
+ /* In case of error before we're finished... */
+ new_msg->name_ref = NULL;
+ new_msg->data_ref = NULL;
+
+ new_msg->name_ref = kbus_raise_name_ref(old_msg->name_ref);
+
+ if (new_msg->data_len)
+ /* Take a new reference to the data */
+ new_msg->data_ref = kbus_raise_data_ref(old_msg->data_ref);
+ return new_msg;
+}
+
+/*
+ * Free a message.
+ *
+ * Also dereferences the message name and any message data.
+ */
+static void kbus_free_message(struct kbus_msg *msg)
+{
+ if (msg->name_ref)
+ kbus_lower_name_ref(msg->name_ref);
+ msg->name_len = 0;
+ msg->name_ref = NULL;
+
+ if (msg->data_len && msg->data_ref)
+ kbus_lower_data_ref(msg->data_ref);
+
+ msg->data_len = 0;
+ msg->data_ref = NULL;
+ kfree(msg);
+}
+
+static void kbus_empty_read_msg(struct kbus_private_data *priv)
+{
+ struct kbus_read_msg *this = &(priv->read);
+ int ii;
+
+ if (this->msg) {
+ kbus_free_message(this->msg);
+ this->msg = NULL;
+ }
+
+ for (ii = 0; ii < KBUS_NUM_PARTS; ii++) {
+ this->parts[ii] = NULL;
+ this->lengths[ii] = 0;
+ }
+ this->which = 0;
+ this->pos = 0;
+ this->ref_data_index = 0;
+}
+
+static void kbus_empty_write_msg(struct kbus_private_data *priv)
+{
+ struct kbus_write_msg *this = &priv->write;
+ if (this->msg) {
+ kbus_free_message(this->msg);
+ this->msg = NULL;
+ }
+
+ if (this->ref_name) {
+ kbus_lower_name_ref(this->ref_name);
+ this->ref_name = NULL;
+ }
+
+ if (this->ref_data) {
+ kbus_lower_data_ref(this->ref_data);
+ this->ref_data = NULL;
+ }
+
+ this->is_finished = false;
+ this->pos = 0;
+ this->which = 0;
+}
+
+/*
+ * Copy the given message, and add it to the end of the queue.
+ *
+ * This is the *only* way of adding a message to a queue. It shall remain so.
+ *
+ * We assume the message has been checked for sanity.
+ *
+ * 'msg' is the message to add to the queue.
+ *
+ * 'binding' is a pointer to the KBUS message name binding that caused the
+ * message to be added.
+ *
+ * 'for_replier' is true if this particular message is being pushed to the
+ * message's replier's queue. Specifically, it's true if this is a Reply
+ * to this Ksock, or a Request aimed at this Ksock (as Replier).
+ *
+ * Returns 0 if all goes well, or -EFAULT/-ENOMEM if we can't allocate
+ * datastructures.
+ *
+ * May also return negative values if the message is mis-named or malformed,
+ * at least at the moment.
+ */
+static int kbus_push_message(struct kbus_private_data *priv,
+ struct kbus_msg *msg,
+ struct kbus_message_binding *binding,
+ int for_replier)
+{
+ struct list_head *queue = &priv->message_queue;
+ struct kbus_msg *new_msg = NULL;
+ struct kbus_message_queue_item *item;
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Pushing message onto queue (%s)\n",
+ priv->id, for_replier ? "replier" : "listener");
+
+ new_msg = kbus_copy_message(priv->dev, msg);
+ if (!new_msg)
+ return -EFAULT;
+
+ item = kmalloc(sizeof(*item), GFP_KERNEL);
+ if (!item) {
+ dev_err(priv->dev->dev, "Cannot kmalloc new message item\n");
+ kbus_free_message(new_msg);
+ return -ENOMEM;
+ }
+ kbus_maybe_report_message(priv->dev, new_msg);
+
+ if (for_replier && (KBUS_BIT_WANT_A_REPLY & msg->flags)) {
+ /*
+ * This message wants a reply, and is for the message's
+ * replier, so they need to be told that they are to reply to
+ * this message
+ */
+ new_msg->flags |= KBUS_BIT_WANT_YOU_TO_REPLY;
+ kbus_maybe_dbg(priv->dev,
+ " Setting WANT_YOU_TO_REPLY, "
+ "flags %08x\n",
+ new_msg->flags);
+ } else {
+ /*
+ * The recipient is *not* the replier for this message,
+ * so it is not responsible for replying.
+ */
+ new_msg->flags &= ~KBUS_BIT_WANT_YOU_TO_REPLY;
+ }
+
+ /* And join it up... */
+ item->msg = new_msg;
+ item->binding = binding;
+
+ /* By default, we're using the list as a FIFO, so we want to add our
+ * new message to the end (just before the first item). However, if the
+ * URGENT flag is set, then we instead want to add it to the start.
+ */
+ if (msg->flags & KBUS_BIT_URGENT) {
+ kbus_maybe_dbg(priv->dev, " Message is URGENT\n");
+ list_add(&item->list, queue);
+ } else {
+ list_add_tail(&item->list, queue);
+ }
+
+ priv->message_count++;
+
+ if (!kbus_same_message_id(&msg->in_reply_to, 0, 0)) {
+ /*
+ * If it's a reply (and this will include a synthetic reply,
+ * since we're checking the "in_reply_to" field) then the
+ * original sender has now had its request satisfied.
+ */
+ int retval = kbus_forget_msg_id(priv, &msg->in_reply_to);
+
+ if (retval)
+ /* But there's not much we can do about it */
+ dev_err(priv->dev->dev,
+ "%u Error forgetting "
+ "outstanding request %u:%u\n",
+ priv->id, msg->in_reply_to.network_id,
+ msg->in_reply_to.serial_num);
+ }
+
+ /* And indicate that there is something available to read */
+ wake_up_interruptible(&priv->read_wait);
+
+ kbus_maybe_dbg(priv->dev,
+ "%u Leaving %d message%s in queue\n",
+ priv->id, priv->message_count,
+ priv->message_count == 1 ? "" : "s");
+
+ return 0;
+}
+
+/*
+ * Generate a synthetic message, and add it to the recipient's message queue.
+ *
+ * This is to be used when a Reply is not going to be generated
+ * by the intended Replier. Since we don't want KBUS itself to block on
+ * (trying to) SEND a message to someone not expecting it, I don't think
+ * there are any other occasions when it is useful.
+ *
+ * 'from' is the id of the recipient who has gone away, not received the
+ * message, or whatever.
+ *
+ * 'to' is the 'from' for the message we're bouncing (or whatever). This
+ * needs to be local (it cannot be on another network), so we don't specify
+ * the network id.
+ *
+ * 'in_reply_to' should be the message id of that same message.
+ *
+ * Note that the message is essentially a Reply, so it only goes to the
+ * original Sender.
+ *
+ * Doesn't return anything since I can't think of anything useful to do if it
+ * goes wrong.
+ */
+static void kbus_push_synthetic_message(struct kbus_dev *dev,
+ u32 from,
+ u32 to,
+ struct kbus_msg_id in_reply_to,
+ char *name)
+{
+ struct kbus_private_data *priv = NULL;
+ struct kbus_msg *new_msg;
+
+ /* Who *was* the original message to? */
+ priv = kbus_find_open_ksock(dev, to);
+ if (!priv) {
+ dev_err(dev->dev,
+ "pid %u [%s] Cannot send synthetic reply to %u,"
+ " as they are gone\n", current->pid, current->comm, to);
+ return;
+ }
+
+ kbus_maybe_dbg(priv->dev, " Pushing synthetic message '%s'"
+ " onto queue for %u\n", name, to);
+
+ /*
+ * Note that we do not check if the destination queue is full
+ * - we're going to trust that the "keep enough room in the
+ * message queue for a reply to each request" mechanism does
+ * it's job properly.
+ */
+
+ new_msg = kbus_build_kbus_message(dev, name, from, to, in_reply_to);
+ if (!new_msg)
+ return;
+
+ (void)kbus_push_message(priv, new_msg, NULL, false);
+ /* ignore retval; we can't do anything useful if this goes wrong */
+
+ /* kbus_push_message takes a copy of our message */
+ kbus_free_message(new_msg);
+}
+
+/*
+ * Pop the next message off our queue.
+ *
+ * Returns a pointer to the message, or NULL if there is no next message.
+ */
+static struct kbus_msg *kbus_pop_message(struct kbus_private_data *priv)
+{
+ struct list_head *queue = &priv->message_queue;
+ struct kbus_message_queue_item *item;
+ struct kbus_msg *msg = NULL;
+
+ kbus_maybe_dbg(priv->dev, " %u Popping message from queue\n",
+ priv->id);
+
+ if (list_empty(queue))
+ return NULL;
+
+ /* Retrieve the next message */
+ item = list_first_entry(queue, struct kbus_message_queue_item, list);
+
+ /* And straightway remove it from the list */
+ list_del(&item->list);
+
+ priv->message_count--;
+
+ msg = item->msg;
+ kfree(item);
+
+ /* If doing that made us go from no-room to some-room, wake up */
+ if (priv->message_count == (priv->max_messages - 1))
+ wake_up_interruptible(&priv->dev->write_wait);
+
+ kbus_maybe_report_message(priv->dev, msg);
+ kbus_maybe_dbg(priv->dev,
+ " %u Leaving %d message%s in queue\n",
+ priv->id, priv->message_count,
+ priv->message_count == 1 ? "" : "s");
+
+ return msg;
+}
+
+/*
+ * Empty a message queue. Send synthetic messages for any outstanding
+ * request messages that are now not going to be delivered/replied to.
+ */
+static void kbus_empty_message_queue(struct kbus_private_data *priv)
+{
+ struct list_head *queue = &priv->message_queue;
+ struct kbus_message_queue_item *ptr;
+ struct kbus_message_queue_item *next;
+
+ kbus_maybe_dbg(priv->dev, " %u Emptying message queue\n", priv->id);
+
+ list_for_each_entry_safe(ptr, next, queue, list) {
+ struct kbus_msg *msg = ptr->msg;
+ int is_OUR_request = (KBUS_BIT_WANT_YOU_TO_REPLY & msg->flags);
+
+ kbus_maybe_report_message(priv->dev, msg);
+
+ /*
+ * If it wanted a reply (from us). let the sender know it's
+ * going away (but take care not to send a message to
+ * ourselves, by accident!)
+ */
+ if (is_OUR_request && msg->to != priv->id)
+ kbus_push_synthetic_message(priv->dev, priv->id,
+ msg->from, msg->id,
+ KBUS_MSG_NAME_REPLIER_GONEAWAY);
+
+ list_del(&ptr->list);
+ kbus_free_message(ptr->msg);
+
+ priv->message_count--;
+ }
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Leaving %d message%s in queue\n",
+ priv->id, priv->message_count,
+ priv->message_count == 1 ? "" : "s");
+}
+
+/*
+ * Add a message to the list of messages read by the replier, but still needing
+ * a reply.
+ */
+static int kbus_reply_needed(struct kbus_private_data *priv,
+ struct kbus_msg *msg)
+{
+ struct list_head *queue = &priv->replies_unsent;
+ struct kbus_unreplied_item *item;
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Adding message %u:%u to unsent "
+ "replies list\n",
+ priv->id, msg->id.network_id,
+ msg->id.serial_num);
+
+ item = kmalloc(sizeof(*item), GFP_KERNEL);
+ if (!item) {
+ dev_err(priv->dev->dev, "Cannot kmalloc reply-needed item\n");
+ return -ENOMEM;
+ }
+
+ item->id = msg->id;
+ item->from = msg->from;
+ item->name_len = msg->name_len;
+ /*
+ * It seems sensible to use a reference to the name. I believe
+ * we are safe to do this because we have the message "in hand".
+ */
+ item->name_ref = kbus_raise_name_ref(msg->name_ref);
+
+ list_add(&item->list, queue);
+
+ priv->num_replies_unsent++;
+
+ if (priv->num_replies_unsent > priv->max_replies_unsent)
+ priv->max_replies_unsent = priv->num_replies_unsent;
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Leaving %d message%s unreplied-to\n",
+ priv->id, priv->num_replies_unsent,
+ priv->num_replies_unsent == 1 ? "" : "s");
+
+ return 0;
+}
+
+/*
+ * Remove a message from the list of (read) messages needing a reply
+ *
+ * Returns 0 on success, -1 if it could not find the message
+ */
+static int kbus_reply_now_sent(struct kbus_private_data *priv,
+ struct kbus_msg_id *msg_id)
+{
+ struct list_head *queue = &priv->replies_unsent;
+ struct kbus_unreplied_item *ptr;
+ struct kbus_unreplied_item *next;
+
+ list_for_each_entry_safe(ptr, next, queue, list) {
+ if (!kbus_same_message_id(&ptr->id,
+ msg_id->network_id,
+ msg_id->serial_num))
+ continue;
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Reply to %u:%u %.*s now sent\n",
+ priv->id, msg_id->network_id,
+ msg_id->serial_num, ptr->name_len, ptr->name_ref->name);
+
+ list_del(&ptr->list);
+ kbus_lower_name_ref(ptr->name_ref);
+ kfree(ptr);
+
+ priv->num_replies_unsent--;
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Leaving %d message%s unreplied-to\n",
+ priv->id, priv->num_replies_unsent,
+ priv->num_replies_unsent == 1 ? "" : "s");
+
+ return 0;
+ }
+
+ dev_err(priv->dev->dev, "%u Could not find message %u:%u in unsent "
+ "replies list\n",
+ priv->id, msg_id->network_id, msg_id->serial_num);
+ return -1;
+}
+
+/*
+ * Empty our "replies unsent" queue. Send synthetic messages for any
+ * request messages that are now not going to be replied to.
+ */
+static void kbus_empty_replies_unsent(struct kbus_private_data *priv)
+{
+ struct list_head *queue = &priv->replies_unsent;
+ struct kbus_unreplied_item *ptr;
+ struct kbus_unreplied_item *next;
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Emptying unreplied messages list\n", priv->id);
+
+ list_for_each_entry_safe(ptr, next, queue, list) {
+
+ kbus_push_synthetic_message(priv->dev, priv->id,
+ ptr->from, ptr->id,
+ KBUS_MSG_NAME_REPLIER_IGNORED);
+
+ list_del(&ptr->list);
+ kbus_lower_name_ref(ptr->name_ref);
+ kfree(ptr);
+
+ priv->num_replies_unsent--;
+ }
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Leaving %d message%s unreplied-to\n",
+ priv->id, priv->num_replies_unsent,
+ priv->num_replies_unsent == 1 ? "" : "s");
+}
+
+/*
* Find out who, if anyone, is bound as a replier to the given message name.
*
* Returns 1 if we found a replier, 0 if we did not (but all went well), and
@@ -156,12 +1218,139 @@ static int kbus_find_replier(struct kbus_dev *dev,
strncmp(name, ptr->name, name_len))
continue;
- kbus_maybe_dbg(dev, " '%.*s' has replier %u\n",
- ptr->name_len, ptr->name, ptr->bound_to_id);
- *bound_to = ptr->bound_to;
- return 1;
+ kbus_maybe_dbg(dev, " '%.*s' has replier %u\n",
+ ptr->name_len, ptr->name, ptr->bound_to_id);
+ *bound_to = ptr->bound_to;
+ return 1;
+ }
+ return 0;
+}
+
+/*
+ * Find out who, if anyone, is bound as listener/replier to this message name.
+ *
+ * 'listeners' is an array of (pointers to) listener bindings. It may be NULL
+ * (if there are no listeners or if there was an error). It is up to the caller
+ * to free it. It does not include (pointers to) any replier binding.
+ *
+ * If there is also a replier for this message, then 'replier' will be (a
+ * pointer to) its binding, otherwise it will be NULL. The replier will not be
+ * in the 'listeners' array, so the caller must check both.
+ *
+ * Note that a particular listener may be present more than once, if that
+ * particular listener has bound to the message more than once (but no
+ * *binding* will be represented more than once).
+ *
+ * Returns the number of listeners found (i.e., the length of the array), or a
+ * negative value if something went wrong. This is a bit clumsy, because the
+ * caller needs to check the return value *and* the 'replier' value, but there
+ * is only one caller, so...
+ */
+static int kbus_find_listeners(struct kbus_dev *dev,
+ struct kbus_message_binding **listeners[],
+ struct kbus_message_binding **replier,
+ u32 name_len, char *name)
+{
+ int count = 0;
+ int array_size = KBUS_INIT_LISTENER_ARRAY_SIZE;
+ struct kbus_message_binding *ptr;
+ struct kbus_message_binding *next;
+
+ enum kbus_replier_type replier_type = UNSET;
+ enum kbus_replier_type new_replier_type = UNSET;
+
+ kbus_maybe_dbg(dev,
+ " Looking for listeners/repliers for '%.*s'\n",
+ name_len, name);
+
+ *listeners =
+ kmalloc(array_size * sizeof(struct kbus_message_binding *),
+ GFP_KERNEL);
+ if (!(*listeners))
+ return -ENOMEM;
+
+ *replier = NULL;
+
+ list_for_each_entry_safe(ptr, next, &dev->bound_message_list, list) {
+
+ if (!kbus_message_name_matches(name, name_len, ptr->name))
+ continue;
+
+ kbus_maybe_dbg(dev, " Name '%.*s' matches "
+ "'%s' for %s %u\n",
+ name_len, name, ptr->name,
+ ptr->is_replier ? "replier" : "listener",
+ ptr->bound_to_id);
+
+ if (ptr->is_replier) {
+ /* It *may* be the replier for this message */
+ size_t last_char = strlen(ptr->name) - 1;
+ if (ptr->name[last_char] == '*')
+ new_replier_type = WILD_STAR;
+ else if (ptr->name[last_char] == '%')
+ new_replier_type = WILD_PERCENT;
+ else
+ new_replier_type = SPECIFIC;
+
+ kbus_maybe_dbg(dev,
+ " ..previous replier was %u "
+ "(%s), looking at %u (%s)\n",
+ ((*replier) == NULL ? 0 :
+ (*replier)->bound_to_id),
+ kbus_replier_type_name(replier_type),
+ ptr->bound_to_id,
+ kbus_replier_type_name(new_replier_type));
+
+ /*
+ * If this is the first replier, just remember
+ * it. Otherwise, if it's more specific than
+ * our previous replier, remember it instead.
+ */
+ if (*replier == NULL ||
+ new_replier_type > replier_type) {
+
+ if (*replier)
+ kbus_maybe_dbg(dev,
+ " ..new replier %u (%s)\n",
+ ptr->bound_to_id,
+ kbus_replier_type_name(
+ new_replier_type));
+
+ *replier = ptr;
+ replier_type = new_replier_type;
+ } else {
+ if (*replier)
+ kbus_maybe_dbg(dev,
+ " ..keeping replier %u (%s)\n",
+ (*replier)->bound_to_id,
+ kbus_replier_type_name(replier_type));
+ }
+ } else {
+ /* It is a listener */
+ if (count == array_size) {
+ u32 new_size = kbus_next_size(array_size);
+
+ kbus_maybe_dbg(dev, " XXX listener "
+ "array size %d -> %d\n",
+ array_size, new_size);
+
+ array_size = new_size;
+ *listeners = krealloc(*listeners,
+ sizeof(**listeners) * array_size,
+ GFP_KERNEL);
+ if (!(*listeners))
+ return -EFAULT;
+ }
+ (*listeners)[count++] = ptr;
+ }
}
- return 0;
+
+ kbus_maybe_dbg(dev, " Found %d listener%s%s for '%.*s'\n",
+ count, (count == 1 ? "" : "s"),
+ (*replier == NULL ? "" : " and a replier"),
+ name_len, name);
+
+ return count;
}
/*
@@ -248,6 +1437,69 @@ static struct kbus_message_binding
}
/*
+ * Forget any messages (in our queue) that were only in the queue because of
+ * the binding we're removing.
+ *
+ * If the message was a request (needing a reply) generate an appropriate
+ * synthetic message.
+ */
+static void kbus_forget_matching_messages(struct kbus_private_data *priv,
+ struct kbus_message_binding *binding)
+{
+ struct list_head *queue = &priv->message_queue;
+ struct kbus_message_queue_item *ptr;
+ struct kbus_message_queue_item *next;
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Forgetting matching messages\n", priv->id);
+
+ list_for_each_entry_safe(ptr, next, queue, list) {
+ struct kbus_msg *msg = ptr->msg;
+ int is_OUR_request = (KBUS_BIT_WANT_YOU_TO_REPLY & msg->flags);
+
+ /*
+ * If this message was not added to the queue because of this
+ * binding, then we are not interested in it...
+ */
+ if (ptr->binding != binding)
+ continue;
+
+ kbus_maybe_dbg(priv->dev,
+ " Deleting message from queue\n");
+ kbus_maybe_report_message(priv->dev, msg);
+
+ /*
+ * If it wanted a reply (from us). let the sender know it's
+ * going away (but take care not to send a message to
+ * ourselves, by accident!)
+ */
+ if (is_OUR_request && msg->to != priv->id) {
+
+ kbus_maybe_dbg(priv->dev, " >>> is_OUR_request,"
+ " sending fake reply\n");
+ kbus_maybe_report_message(priv->dev, msg);
+ kbus_push_synthetic_message(priv->dev, priv->id,
+ msg->from, msg->id,
+ KBUS_MSG_NAME_REPLIER_UNBOUND);
+ }
+
+ list_del(&ptr->list);
+ kbus_free_message(ptr->msg);
+
+ priv->message_count--;
+
+ /* If that made us go from no-room to some-room, wake up */
+ if (priv->message_count == (priv->max_messages - 1))
+ wake_up_interruptible(&priv->dev->write_wait);
+ }
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Leaving %d message%s in queue\n",
+ priv->id, priv->message_count,
+ priv->message_count == 1 ? "" : "s");
+}
+
+/*
* Remove an existing binding.
*
* Returns 0 if all went well, a negative value if it did not.
@@ -273,9 +1525,15 @@ static int kbus_forget_binding(struct kbus_dev *dev,
(binding->is_replier ? 'R' : 'L'),
binding->name_len, binding->name);
+ /* And forget any messages we now shouldn't receive */
+ kbus_forget_matching_messages(priv, binding);
+
/*
- * If we supported sending messages (yet), we'd need to forget
- * any messages in our queue that match this binding.
+ * We carefully don't try to do anything about requests that
+ * have already been read - the fact that the user has unbound
+ * from receiving new messages with this name doesn't imply
+ * anything about whether they're going to reply to requests
+ * (with that name) which they've already read.
*/
/* And remove the binding once that has been done. */
@@ -358,6 +1616,27 @@ static int kbus_remember_open_ksock(struct kbus_dev *dev,
}
/*
+ * Retrieve the pointer to an open file's data
+ *
+ * Return NULL if we can't find it.
+ */
+static struct kbus_private_data *kbus_find_open_ksock(struct kbus_dev *dev,
+ u32 id)
+{
+ struct kbus_private_data *ptr;
+ struct kbus_private_data *next;
+
+ list_for_each_entry_safe(ptr, next, &dev->open_ksock_list, list) {
+ if (id == ptr->id) {
+ kbus_maybe_dbg(dev, " Found open Ksock %u\n", id);
+ return ptr;
+ }
+ }
+ kbus_maybe_dbg(dev, " Could not find open Ksock %u\n", id);
+ return NULL;
+}
+
+/*
* Remove an open file remembrance.
*
* Returns 0 if all went well, -EINVAL if we couldn't find the open Ksock
@@ -446,38 +1725,820 @@ static int kbus_open(struct inode *inode, struct file *filp)
priv->num_replies_unsent = 0;
priv->max_replies_unsent = 0;
+ if (kbus_init_msg_id_memory(priv)) {
+ kbus_empty_read_msg(priv);
+ kfree(priv);
+ return -EFAULT;
+ }
INIT_LIST_HEAD(&priv->message_queue);
INIT_LIST_HEAD(&priv->replies_unsent);
- (void)kbus_remember_open_ksock(dev, priv);
+ init_waitqueue_head(&priv->read_wait);
+
+ /* Note that we immediately have a space available for a message */
+ wake_up_interruptible(&dev->write_wait);
+
+ (void)kbus_remember_open_ksock(dev, priv);
+
+ filp->private_data = priv;
+
+ mutex_unlock(&dev->mux);
+
+ kbus_maybe_dbg(dev, "%u OPEN\n", priv->id);
+
+ return 0;
+}
+
+static int kbus_release(struct inode *inode __always_unused, struct file *filp)
+{
+ int retval2 = 0;
+ struct kbus_private_data *priv = filp->private_data;
+ struct kbus_dev *dev = priv->dev;
+
+ if (mutex_lock_interruptible(&dev->mux))
+ return -ERESTARTSYS;
+
+ kbus_maybe_dbg(dev, "%u RELEASE\n", priv->id);
+
+ kbus_empty_read_msg(priv);
+ kbus_empty_write_msg(priv);
+
+ kbus_empty_msg_id_memory(priv);
+
+ kbus_empty_message_queue(priv);
+ kbus_forget_my_bindings(priv);
+ kbus_empty_replies_unsent(priv);
+ retval2 = kbus_forget_open_ksock(dev, priv->id);
+ kfree(priv);
+
+ mutex_unlock(&dev->mux);
+
+ return retval2;
+}
+
+/*
+ * Determine the private data for the given listener/replier id.
+ *
+ * Return NULL if we can't find it.
+ */
+static struct kbus_private_data
+*kbus_find_private_data(struct kbus_private_data *our_priv,
+ struct kbus_dev *dev, u32 id)
+{
+ struct kbus_private_data *l_priv;
+ if (id == our_priv->id) {
+ /* Heh, it's us, we know who we are! */
+ kbus_maybe_dbg(dev, " -- Id %u is us\n", id);
+
+ l_priv = our_priv;
+ } else {
+ /* OK, look it up */
+ kbus_maybe_dbg(dev, " -- Looking up id %u\n", id);
+
+ l_priv = kbus_find_open_ksock(dev, id);
+ }
+ return l_priv;
+}
+
+/*
+ * Determine if the specified recipient has room for a message in their queue
+ *
+ * - 'priv' is the recipient
+ * - 'what' is a string describing them (e.g., "sender", "replier"), just
+ * for use in debugging/grumbling
+ * - if 'is_reply' is true, then we're checking for a Reply message,
+ * which we already know is expected by the specified recipient.
+ */
+static int kbus_queue_is_full(struct kbus_private_data *priv,
+ char *what __maybe_unused, int is_reply)
+{
+ /*
+ * When figuring out how "full" the message queue is, we need
+ * to take account of the messages already in the queue (!),
+ * and also the replies that still need to be written to the
+ * queue.
+ *
+ * Of course, if we're checking because we want to send one
+ * of the Replies that we are keeping room for, we need to
+ * remember to account for that!
+ */
+ int already_accounted_for = priv->message_count +
+ priv->outstanding_requests.count;
+
+ if (is_reply)
+ already_accounted_for--;
+
+ kbus_maybe_dbg(priv->dev,
+ " %u Message queue: count %d + "
+ "outstanding %d %s= %d, max %d\n",
+ priv->id, priv->message_count,
+ priv->outstanding_requests.count,
+ (is_reply ? "-1 " : ""), already_accounted_for,
+ priv->max_messages);
+
+ if (already_accounted_for < priv->max_messages) {
+ return false;
+ } else {
+ kbus_maybe_dbg(priv->dev,
+ " Message queue for %s %u is full"
+ " (%u+%u%s > %u messages)\n", what, priv->id,
+ priv->message_count,
+ priv->outstanding_requests.count,
+ (is_reply ? "-1" : ""), priv->max_messages);
+ return true;
+ }
+}
+
+/*
+ * Actually write to anyone interested in this message.
+ *
+ * Remember that the caller is going to free the message data after
+ * calling us, on the assumption that we're taking a copy...
+ *
+ * Returns 0 on success.
+ *
+ * If the message is a Request, and there is no replier for it, then we return
+ * -EADDRNOTAVAIL.
+ *
+ * If the message is a Reply, and the is sender is no longer connected (it has
+ * released its Ksock), then we return -EADDRNOTAVAIL.
+ *
+ * If the message couldn't be sent because some of the targets (those that we
+ * *have* to deliver to) had full queues, then it will return -EAGAIN or
+ * -EBUSY. If -EAGAIN is returned, then the caller should try again later, if
+ * -EBUSY then it should not.
+ *
+ * Otherwise, it returns a negative value for error.
+ */
+static int kbus_write_to_recipients(struct kbus_private_data *priv,
+ struct kbus_dev *dev,
+ struct kbus_msg *msg)
+{
+ struct kbus_message_binding **listeners = NULL;
+ struct kbus_message_binding *replier = NULL;
+ struct kbus_private_data *reply_to = NULL;
+ ssize_t retval = 0;
+ int num_listeners;
+ int ii;
+ int num_sent = 0; /* # successfully "sent" */
+
+ int all_or_fail = msg->flags & KBUS_BIT_ALL_OR_FAIL;
+ int all_or_wait = msg->flags & KBUS_BIT_ALL_OR_WAIT;
+
+ kbus_maybe_dbg(priv->dev, " all_or_fail %d, all_or_wait %d\n",
+ all_or_fail, all_or_wait);
+
+ /*
+ * Remember that
+ * (a) a listener may occur more than once in our array, and
+ * (b) we have 0 or 1 repliers, but
+ * (c) the replier is *not* one of the listeners.
+ */
+ num_listeners = kbus_find_listeners(dev, &listeners, &replier,
+ msg->name_len, msg->name_ref->name);
+ if (num_listeners < 0) {
+ kbus_maybe_dbg(priv->dev,
+ " Error %d finding listeners\n",
+ num_listeners);
+
+ retval = num_listeners;
+ goto done_sending;
+ }
+
+ /*
+ * In general, we don't mind if no-one is listening, but
+ *
+ * a. If we want a reply, we want there to be a replier
+ * b. If we *are* a reply, we want there to be an original sender
+ * c. If we have the "to" field set, and we want a reply, then we
+ * want that specific replier to exist
+ *
+ * We can check the first of those immediately.
+ */
+
+ if (msg->flags & KBUS_BIT_WANT_A_REPLY && replier == NULL) {
+ kbus_maybe_dbg(priv->dev,
+ " Message wants a reply, "
+ "but no replier\n");
+ retval = -EADDRNOTAVAIL;
+ goto done_sending;
+ }
+
+ /* And we need to add it to the queue for each interested party */
+
+ /*
+ * ===================================================================
+ * Check if the proposed recipients *can* receive
+ * ===================================================================
+ */
+
+ /*
+ * Are we replying to a sender's request?
+ * Replies are unusual in that the recipient will not normally have
+ * bound to the appropriate message name.
+ */
+ if (kbus_message_is_reply(msg)) {
+ kbus_maybe_dbg(priv->dev,
+ " Considering sender-of-request %u\n",
+ msg->to);
+
+ reply_to = kbus_find_private_data(priv, dev, msg->to);
+ if (reply_to == NULL) {
+ kbus_maybe_dbg(priv->dev,
+ " Can't find sender-of-request"
+ " %u\n", msg->to);
+
+ /* We can't find the original Sender */
+ retval = -EADDRNOTAVAIL;
+ goto done_sending;
+ }
+
+ /* Are they expecting this reply? */
+ if (kbus_find_msg_id(reply_to, &msg->in_reply_to)) {
+ /* No, so we aren't allowed to send it */
+ retval = -ECONNREFUSED;
+ goto done_sending;
+ }
+
+ if (kbus_queue_is_full(reply_to, "sender-of-request", true)) {
+ if (all_or_wait)
+ retval = -EAGAIN; /* try again later */
+ else
+ retval = -EBUSY;
+ goto done_sending;
+ }
+ }
+
+ /* Repliers only get request messages */
+ if (replier && !(msg->flags & KBUS_BIT_WANT_A_REPLY))
+ replier = NULL;
+
+ /*
+ * And even then, only if they have room in their queue
+ * Note that it is *always* fatal (to this send) if we can't
+ * add a Request to a Replier's queue -- we just need to figure
+ * out what sort of error to return
+ */
+ if (replier) {
+ kbus_maybe_dbg(priv->dev, " Considering replier %u\n",
+ replier->bound_to_id);
+ /*
+ * If the 'to' field was set, then we only want to send it if
+ * it is *that* specific replier (and otherwise we want to fail
+ * with "that's the wrong person for this (stateful) request").
+ */
+ if (msg->to && (replier->bound_to_id != msg->to)) {
+
+ kbus_maybe_dbg(priv->dev, " ..Request to %u,"
+ " but replier is %u\n", msg->to,
+ replier->bound_to_id);
+
+ retval = -EPIPE; /* Well, sort of */
+ goto done_sending;
+ }
+
+ if (kbus_queue_is_full(replier->bound_to, "replier", false)) {
+ if (all_or_wait)
+ retval = -EAGAIN; /* try again later */
+ else
+ retval = -EBUSY;
+ goto done_sending;
+ }
+ }
+
+ for (ii = 0; ii < num_listeners; ii++) {
+
+ kbus_maybe_dbg(priv->dev, " Considering listener %u\n",
+ listeners[ii]->bound_to_id);
+
+ if (kbus_queue_is_full
+ (listeners[ii]->bound_to, "listener", false)) {
+ if (all_or_wait) {
+ retval = -EAGAIN; /* try again later */
+ goto done_sending;
+ } else if (all_or_fail) {
+ retval = -EBUSY;
+ goto done_sending;
+ } else {
+ /* For now, just ignore *this* listener */
+ listeners[ii] = NULL;
+ continue;
+ }
+ }
+ }
+
+ /*
+ * ===================================================================
+ * Actually send the messages
+ * ===================================================================
+ */
+
+ /*
+ * Remember that kbus_push_message takes a copy of the message for us.
+ *
+ * This is inefficient, since otherwise we could keep a single copy of
+ * the message (or at least the message header) and just bump a
+ * reference count for each "use" of the message name/data.
+ *
+ * However, it also allows us to easily set the "needs a reply" flag
+ * (and associated data) when sending a "needs a reply" message to a
+ * replier, and *unset* the same when sending said message to "just"
+ * listeners...
+ *
+ * Be careful if altering this...
+ */
+
+ /*
+ * We know that kbus_push_message() can return 0 or -EFAULT.
+ * It seems sensible to treat that latter as a "local" error, as it
+ * means that our internals have gone wrong. Thus we don't need to
+ * generate a message for it.
+ */
+
+ /* If it's a reply message and we've got someone to reply to, send it */
+ if (reply_to) {
+ retval = kbus_push_message(reply_to, msg, NULL, true);
+ if (retval == 0) {
+ num_sent++;
+ /*
+ * In which case, we *have* sent this reply,
+ * and can forget about needing to do so
+ * (there's not much we can do with an error
+ * in this, so just ignore it)
+ */
+ (void)kbus_reply_now_sent(priv, &msg->in_reply_to);
+ } else {
+ goto done_sending;
+ }
+ }
+
+ /* If it's a request, and we've got a replier for it, send it */
+ if (replier) {
+ retval =
+ kbus_push_message(replier->bound_to, msg, replier, true);
+ if (retval)
+ goto done_sending;
+
+ num_sent++;
+ /* And we'll need a reply for that, thank you */
+ retval = kbus_remember_msg_id(priv, &msg->id);
+ if (retval)
+ /*
+ * Out of memory - what *can* we do?
+ * (basically, nothing, it's all gone horribly
+ * wrong)
+ */
+ goto done_sending;
+ }
+
+ /* For each listener, if they're still interested, send it */
+ for (ii = 0; ii < num_listeners; ii++) {
+ struct kbus_message_binding *listener = listeners[ii];
+ if (listener) {
+ retval = kbus_push_message(listener->bound_to, msg,
+ listener, false);
+ if (retval == 0)
+ num_sent++;
+ else
+ goto done_sending;
+ }
+ }
+
+ retval = 0;
+
+done_sending:
+ kfree(listeners);
+ return retval;
+}
+
+/*
+ * Handle moving over the next chunk of data bytes from the user.
+ */
+static int kbus_write_data_parts(struct kbus_private_data *priv,
+ const char __user *buf,
+ size_t buf_pos, size_t bytes_to_use)
+{
+ struct kbus_write_msg *this = &(priv->write);
+
+ u32 num_parts = this->ref_data->num_parts;
+ size_t local_count = bytes_to_use;
+ size_t local_buf_pos = 0;
+
+ while (local_count) {
+ unsigned ii = this->ref_data_index;
+ unsigned this_part_len;
+ size_t sofar, needed, to_use;
+
+ unsigned *lengths = this->ref_data->lengths;
+ unsigned long *parts = this->ref_data->parts;
+
+ if (ii == num_parts - 1)
+ this_part_len = this->ref_data->last_page_len;
+ else
+ this_part_len = KBUS_PART_LEN;
+
+ sofar = lengths[ii];
+
+ needed = this_part_len - sofar;
+ to_use = min(needed, local_count);
+
+ if (copy_from_user((char *)parts[ii] + sofar,
+ buf + buf_pos + local_buf_pos, to_use)) {
+ dev_err(priv->dev->dev, "copy from data failed"
+ " (part %d: %u of %u to %p + %u)\n",
+ this->ref_data_index,
+ (unsigned)to_use, (unsigned)local_count,
+ (void *)parts[ii], (unsigned)sofar);
+ return -EFAULT;
+ }
+
+ lengths[ii] += to_use;
+ local_count -= to_use;
+ local_buf_pos += to_use;
+
+ if (lengths[ii] == this_part_len) {
+ /* This part is full */
+ this->ref_data_index++;
+ }
+ }
+ return 0;
+}
+
+/*
+ * Handle moving over the next chunk of bytes from the user to our message.
+ *
+ * 'buf' is the buffer of data the user gave us.
+ *
+ * 'buf_pos' is the offset in that buffer from which we are to take bytes.
+ * We alter that by how many bytes we do take.
+ *
+ * 'count' is the number of bytes we're still to take from 'buf'. We also
+ * alter 'count' by how many bytes we do take (downwards).
+ */
+static int kbus_write_parts(struct kbus_private_data *priv,
+ const char __user *buf,
+ size_t *buf_pos, size_t *count)
+{
+ struct kbus_write_msg *this = &(priv->write);
+ ssize_t retval = 0;
+
+ size_t bytes_needed; /* ...to fill the current part */
+ size_t bytes_to_use; /* ...from the user's data */
+
+ struct kbus_msg *msg = this->msg;
+ struct kbus_message_header *user_msg =
+ (struct kbus_message_header *)&this->user_msg;
+
+ if (this->is_finished) {
+ dev_err(priv->dev->dev, "pid %u [%s]"
+ " Attempt to write data after the end guard in a"
+ " message (%u extra byte%s) - did you forget to"
+ " 'send'?\n",
+ current->pid, current->comm,
+ (unsigned)*count, *count == 1 ? "" : "s");
+ return -EMSGSIZE;
+ }
+
+ switch (this->which) {
+
+ case KBUS_PART_HDR:
+ bytes_needed = sizeof(*user_msg) - this->pos;
+ bytes_to_use = min(bytes_needed, *count);
+
+ if (copy_from_user((char *)user_msg + this->pos,
+ buf + *buf_pos, bytes_to_use)) {
+ dev_err(priv->dev->dev,
+ "copy from user failed (msg hdr: "
+ "%u of %u to %p + %u)\n",
+ (unsigned)bytes_to_use, (unsigned)*count, msg,
+ this->pos);
+ return -EFAULT;
+ }
+ if (bytes_needed == bytes_to_use) {
+ /*
+ * At this point, we can check the message header makes
+ * sense
+ */
+ retval = kbus_check_message_written(priv->dev, this);
+ if (retval)
+ return retval;
+
+ msg->id = user_msg->id;
+ msg->in_reply_to = user_msg->in_reply_to;
+ msg->to = user_msg->to;
+ msg->from = user_msg->from;
+ msg->orig_from = user_msg->orig_from;
+ msg->final_to = user_msg->final_to;
+ msg->extra = user_msg->extra;
+ msg->flags = user_msg->flags;
+ msg->name_len = user_msg->name_len;
+ msg->data_len = user_msg->data_len;
+ /* Leaving msg->name|data_ref still unset */
+
+ this->user_name_ptr = user_msg->name;
+ this->user_data_ptr = user_msg->data;
+
+ if (user_msg->name)
+ /*
+ * If we're reading a "pointy" message header,
+ * then that's all we need - we shan't try to
+ * copy the message name and any data until the
+ * user says to SEND.
+ */
+ this->is_finished = true;
+ else
+ this->pointers_are_local = true;
+ }
+ break;
+
+ case KBUS_PART_NAME:
+ if (this->ref_name == NULL) {
+ char *name = kmalloc(msg->name_len + 1, GFP_KERNEL);
+ if (!name) {
+ dev_err(priv->dev->dev,
+ "Cannot kmalloc message name\n");
+ return -ENOMEM;
+ }
+ name[msg->name_len] = 0; /* always */
+ name[0] = 0; /* we don't know the name yet */
+ this->ref_name = kbus_wrap_name_in_ref(name);
+ if (!this->ref_name) {
+ kfree(name);
+ dev_err(priv->dev->dev,
+ "Cannot kmalloc ref to message name\n");
+ return -ENOMEM;
+ }
+ }
+ bytes_needed = msg->name_len - this->pos;
+ bytes_to_use = min(bytes_needed, *count);
+
+ if (copy_from_user(this->ref_name->name + this->pos,
+ buf + *buf_pos, bytes_to_use)) {
+ dev_err(priv->dev->dev, "copy from user failed"
+ " (name: %d of %d to %p + %u)\n",
+ (unsigned)bytes_to_use, (unsigned)*count,
+ this->ref_name->name, this->pos);
+ return -EFAULT;
+ }
+ if (bytes_needed == bytes_to_use) {
+ /*
+ * We can check the name now it is in kernel space - we
+ * want to do this before we sort out the data, since
+ * that can involve a *lot* of copying...
+ */
+ if (kbus_invalid_message_name(priv->dev,
+ this->ref_name->name,
+ msg->name_len))
+ return -EBADMSG;
+
+ this->msg->name_ref = this->ref_name;
+ this->ref_name = NULL;
+ }
+ break;
+
+ case KBUS_PART_NPAD:
+ bytes_needed = KBUS_PADDED_NAME_LEN(msg->name_len) -
+ msg->name_len - this->pos;
+ bytes_to_use = min(bytes_needed, *count);
+ break;
+
+ case KBUS_PART_DATA:
+ if (msg->data_len == 0) {
+ bytes_needed = 0;
+ bytes_to_use = 0;
+ break;
+ }
+ if (this->ref_data == NULL) {
+ if (kbus_alloc_ref_data(priv, msg->data_len,
+ &this->ref_data))
+ return -ENOMEM;
+ this->ref_data_index = 0; /* current part index */
+ }
+ /* Overall, how far are we through the message's data? */
+ bytes_needed = msg->data_len - this->pos;
+ bytes_to_use = min(bytes_needed, *count);
+ /* So let's add 'bytes_to_use' bytes to our message data */
+ retval = kbus_write_data_parts(priv, buf, *buf_pos,
+ bytes_to_use);
+ if (retval) {
+ kbus_lower_data_ref(this->ref_data);
+ this->ref_data = NULL;
+ return retval;
+ }
+ if (bytes_needed == bytes_to_use) {
+ /* Hooray - we've finished our data */
+ this->msg->data_ref = this->ref_data;
+ this->ref_data = NULL;
+ }
+ break;
+
+ case KBUS_PART_DPAD:
+ bytes_needed = KBUS_PADDED_DATA_LEN(msg->data_len) -
+ msg->data_len - this->pos;
+ bytes_to_use = min(bytes_needed, *count);
+ break;
+
+ case KBUS_PART_FINAL_GUARD:
+ bytes_needed = 4 - this->pos;
+ bytes_to_use = min(bytes_needed, *count);
+ if (copy_from_user((char *)(&this->guard) + this->pos,
+ buf + *buf_pos, bytes_to_use)) {
+ dev_err(priv->dev->dev, "copy from user failed"
+ " (final guard: %u of %u to %p + %u)\n",
+ (unsigned)bytes_to_use, (unsigned)*count,
+ &this->guard, this->pos);
+ return -EFAULT;
+ }
+ if (bytes_needed == bytes_to_use) {
+ if (this->guard != KBUS_MSG_END_GUARD) {
+ dev_err(priv->dev->dev, "pid %u [%s]"
+ " (entire) message end guard is "
+ "%08x, not %08x\n",
+ current->pid, current->comm,
+ this->guard, KBUS_MSG_END_GUARD);
+ return -EINVAL;
+ }
+ this->is_finished = true;
+ }
+ break;
+
+ default:
+ dev_err(priv->dev->dev, "Internal error in write: unexpected"
+ " message part %d\n", this->which);
+ return -EFAULT; /* what *should* it be? */
+ }
+
+ *count -= bytes_to_use;
+ *buf_pos += bytes_to_use;
+
+ if (bytes_needed == bytes_to_use) {
+ this->which++;
+ this->pos = 0;
+ } else {
+ this->pos += bytes_to_use;
+ }
+ return 0;
+}
+
+static ssize_t kbus_write(struct file *filp, const char __user *buf,
+ size_t count, loff_t *f_pos __maybe_unused)
+{
+ struct kbus_private_data *priv = filp->private_data;
+ struct kbus_dev *dev = priv->dev;
+ ssize_t retval = 0;
+ size_t bytes_left = count;
+ size_t buf_pos = 0;
+
+ struct kbus_write_msg *this = &priv->write;
+
+ if (mutex_lock_interruptible(&dev->mux))
+ return -EAGAIN;
+
+ kbus_maybe_dbg(priv->dev, "%u WRITE count %u, pos %d\n",
+ priv->id, (unsigned)count, (int)*f_pos);
+
+ /*
+ * If we've already started to try sending a message, we don't
+ * want to continue appending to it
+ */
+ if (priv->sending) {
+ retval = -EALREADY;
+ goto done;
+ }
+
+ if (this->msg == NULL) {
+ /* Clearly, the start of a new message */
+ memset(this, 0, sizeof(*this));
- filp->private_data = priv;
+ /* This is the new (internal) message we're preparing */
+ this->msg = kmalloc(sizeof(*(this->msg)), GFP_KERNEL);
+ if (!this->msg) {
+ retval = -ENOMEM;
+ goto done;
+ }
+ memset(this->msg, 0, sizeof(*(this->msg)));
+ }
- mutex_unlock(&dev->mux);
+ while (bytes_left) {
+ retval = kbus_write_parts(priv, buf, &buf_pos, &bytes_left);
+ if (retval)
+ goto done;
+ }
- kbus_maybe_dbg(dev, "%u OPEN\n", priv->id);
+done:
+ kbus_maybe_dbg(priv->dev, "%u WRITE ends with retval %d\n",
+ priv->id, (int)retval);
- return 0;
+ if (retval)
+ kbus_empty_write_msg(priv);
+ mutex_unlock(&dev->mux);
+ if (retval)
+ return retval;
+ else
+ return count;
}
-static int kbus_release(struct inode *inode __always_unused, struct file *filp)
+static ssize_t kbus_read(struct file *filp, char __user *buf, size_t count,
+ loff_t *f_pos __maybe_unused)
{
- int retval2 = 0;
struct kbus_private_data *priv = filp->private_data;
struct kbus_dev *dev = priv->dev;
+ struct kbus_read_msg *this = &(priv->read);
+ ssize_t retval = 0;
+ u32 len, left;
+ u32 which = this->which;
if (mutex_lock_interruptible(&dev->mux))
- return -ERESTARTSYS;
+ return -EAGAIN; /* Just try again later */
- kbus_maybe_dbg(dev, "%u RELEASE\n", priv->id);
+ kbus_maybe_dbg(priv->dev, "%u READ count %u, pos %d\n",
+ priv->id, (unsigned)count, (int)*f_pos);
- kbus_forget_my_bindings(priv);
- retval2 = kbus_forget_open_ksock(dev, priv->id);
- kfree(priv);
+ if (this->msg == NULL) {
+ /* No message to read at the moment */
+ kbus_maybe_dbg(priv->dev, " Nothing to read\n");
+ retval = 0;
+ goto done;
+ }
- mutex_unlock(&dev->mux);
+ /*
+ * Read each of the parts of a message until we're read 'count'
+ * characters, or run off the end of the message.
+ */
+ while (which < KBUS_NUM_PARTS && count > 0) {
+ if (this->lengths[which] == 0) {
+ kbus_maybe_dbg(priv->dev,
+ " xx which %d, read_len[%d] %u\n",
+ which, which, this->lengths[which]);
+ this->pos = 0;
+ which++;
+ continue;
+ }
- return retval2;
+ if (which == KBUS_PART_DATA) {
+ struct kbus_data_ptr *dp = this->msg->data_ref;
+
+ left = dp->lengths[this->ref_data_index] - this->pos;
+ len = min(left, (u32) count);
+ if (len) {
+ if (copy_to_user(buf,
+ (void *)
+ dp->parts[this->ref_data_index]
+ + this->pos, len)) {
+ dev_err(priv->dev->dev,
+ "error reading from %u\n",
+ priv->id);
+ retval = -EFAULT;
+ goto done;
+ }
+ buf += len;
+ retval += len;
+ count -= len;
+ this->pos += len;
+ }
+
+ if (this->pos == dp->lengths[this->ref_data_index]) {
+ this->pos = 0;
+ this->ref_data_index++;
+ }
+ if (this->ref_data_index == dp->num_parts) {
+ this->pos = 0;
+ which++;
+ }
+ } else {
+ left = this->lengths[which] - this->pos;
+ len = min(left, (u32) count);
+ if (len) {
+ if (copy_to_user(buf,
+ this->parts[which] + this->pos,
+ len)) {
+ dev_err(priv->dev->dev,
+ "error reading from %u\n",
+ priv->id);
+ retval = -EFAULT;
+ goto done;
+ }
+ buf += len;
+ retval += len;
+ count -= len;
+ this->pos += len;
+ }
+
+ if (this->pos == this->lengths[which]) {
+ this->pos = 0;
+ which++;
+ }
+ }
+ }
+
+ if (which < KBUS_NUM_PARTS)
+ this->which = which;
+ else
+ kbus_empty_read_msg(priv);
+
+done:
+ mutex_unlock(&dev->mux);
+ return retval;
}
static int kbus_bind(struct kbus_private_data *priv,
@@ -651,12 +2712,507 @@ done:
return retval;
}
+/*
+ * Make the next message ready for reading by the user.
+ *
+ * Returns 0 if there is no next message, 1 if there is, and a negative value
+ * if there's an error.
+ */
+static int kbus_nextmsg(struct kbus_private_data *priv,
+ unsigned long arg)
+{
+ int retval = 0;
+ struct kbus_msg *msg;
+ struct kbus_read_msg *this = &(priv->read);
+ struct kbus_message_header *user_msg;
+
+ kbus_maybe_dbg(priv->dev, "%u NEXTMSG\n", priv->id);
+
+ /* If we were partway through a message, lose it */
+ if (this->msg) {
+ kbus_maybe_dbg(priv->dev, " Dropping partial message\n");
+ kbus_empty_read_msg(priv);
+ }
+
+ /* Have we got a next message? */
+ msg = kbus_pop_message(priv);
+ if (msg == NULL) {
+ kbus_maybe_dbg(priv->dev, " No next message\n");
+ /*
+ * A return value of 0 means no message, and that's
+ * what __put_user returns for success.
+ */
+ return __put_user(0, (u32 __user *) arg);
+ }
+
+ user_msg = (struct kbus_message_header *)&this->user_hdr;
+ user_msg->start_guard = KBUS_MSG_START_GUARD;
+ user_msg->id = msg->id;
+ user_msg->in_reply_to = msg->in_reply_to;
+ user_msg->to = msg->to;
+ user_msg->from = msg->from;
+ user_msg->orig_from = msg->orig_from;
+ user_msg->final_to = msg->final_to;
+ user_msg->extra = msg->extra;
+ user_msg->flags = msg->flags;
+ user_msg->name_len = msg->name_len;
+ user_msg->data_len = msg->data_len;
+ user_msg->name = NULL;
+ user_msg->data = NULL;
+ user_msg->end_guard = KBUS_MSG_END_GUARD;
+
+ this->msg = msg; /* Remember it so we can free it later */
+
+ this->parts[KBUS_PART_HDR] = (char *)user_msg;
+ this->parts[KBUS_PART_NAME] = msg->name_ref->name;
+ /* direct to the string */
+
+ this->parts[KBUS_PART_NPAD] = static_zero_padding;
+
+ /* The data is treated specially - see kbus_read() */
+ this->parts[KBUS_PART_DATA] = (char *)msg->data_ref;
+
+ this->parts[KBUS_PART_DPAD] = static_zero_padding;
+ this->parts[KBUS_PART_FINAL_GUARD] = (char *)&static_end_guard;
+
+ this->lengths[KBUS_PART_HDR] = sizeof(*user_msg);
+ this->lengths[KBUS_PART_NAME] = msg->name_len;
+ this->lengths[KBUS_PART_NPAD] =
+ KBUS_PADDED_NAME_LEN(msg->name_len) - msg->name_len;
+
+ /* The data is treated specially - see kbus_read() */
+ this->lengths[KBUS_PART_DATA] = msg->data_len;
+ this->lengths[KBUS_PART_DPAD] =
+ KBUS_PADDED_DATA_LEN(msg->data_len) - msg->data_len;
+
+ this->lengths[KBUS_PART_FINAL_GUARD] = 4;
+
+ /* And we'll be starting by writing out the first thing first */
+ this->which = 0;
+ this->pos = 0;
+ this->ref_data_index = 0;
+
+ /*
+ * If the message is a request (to us), then this is the approriate
+ * point to add it to our list of "requests we've read but not yet
+ * replied to" -- although that *sounds* as if we should be doing it in
+ * kbus_read, we might never get round to reading the content of the
+ * message (we might call NEXTMSG again, or DISCARD), and also
+ * kbus_read can get called multiple times for a single message body.
+ * If we do our remembering here, then we guarantee to get one memory
+ * for each request, as it leaves the message queue and is (in whatever
+ * way) dealt with.
+ */
+ if (msg->flags & KBUS_BIT_WANT_YOU_TO_REPLY) {
+ retval = kbus_reply_needed(priv, msg);
+ /* If it couldn't malloc, there's not much we can do,
+ * it's fairly fatal */
+ if (retval)
+ return retval;
+ }
+
+ retval = __put_user(KBUS_ENTIRE_MSG_LEN(msg->name_len, msg->data_len),
+ (u32 __user *) arg);
+ if (retval)
+ return retval;
+ return 1; /* We had a message */
+}
+
/* How much of the current message is left to read? */
extern u32 kbus_lenleft(struct kbus_private_data *priv)
{
+ struct kbus_read_msg *this = &(priv->read);
+ if (this->msg) {
+ int ii, jj;
+ u32 sofar = 0;
+ u32 total = KBUS_ENTIRE_MSG_LEN(this->msg->name_len,
+ this->msg->data_len);
+ /* Add up the items we're read all of, so far */
+ for (ii = 0; ii < this->which; ii++) {
+ if (this->which == KBUS_PART_DATA &&
+ this->msg->data_len > 0) {
+ struct kbus_data_ptr *dp = this->msg->data_ref;
+ for (jj = 0; jj < this->ref_data_index; jj++)
+ sofar += dp->lengths[jj];
+ if (this->ref_data_index < dp->num_parts)
+ sofar += this->pos;
+ } else {
+ sofar += this->lengths[ii];
+ }
+ }
+ /* Plus what we're read of the last one */
+ if (this->which < KBUS_NUM_PARTS) {
+ if (this->which == KBUS_PART_DATA &&
+ this->msg->data_len > 0) {
+ struct kbus_data_ptr *dp = this->msg->data_ref;
+ for (jj = 0; jj < this->ref_data_index; jj++)
+ sofar += dp->lengths[jj];
+ if (this->ref_data_index < dp->num_parts)
+ sofar += this->pos;
+ } else {
+ sofar += this->pos;
+ }
+ }
+ return total - sofar;
+ }
return 0; /* no message => nothing to read */
}
+/*
+ * Allocate the data arrays we need to hold reference-counted data, possibly
+ * spread over multiple pages. 'data_len' is from the message header.
+ *
+ * Note that the 'lengths[n]' field to each page 'n' will be set to zero.
+ */
+static int kbus_alloc_ref_data(struct kbus_private_data *priv __maybe_unused,
+ u32 data_len,
+ struct kbus_data_ptr **ret_ref_data)
+{
+ int num_parts = 0;
+ unsigned long *parts = NULL;
+ unsigned *lengths = NULL;
+ unsigned last_page_len = 0;
+ struct kbus_data_ptr *ref_data = NULL;
+ int as_pages;
+ int ii;
+
+ *ret_ref_data = NULL;
+
+ num_parts = (data_len + KBUS_PART_LEN - 1) / KBUS_PART_LEN;
+
+ /*
+ * To save recalculating the length of the last page every time
+ * we're interested, get it right once and for all.
+ */
+ last_page_len = data_len - (num_parts - 1) * KBUS_PART_LEN;
+
+ kbus_maybe_dbg(priv->dev,
+ "%u Allocate ref data: part=%lu, "
+ "threshold=%lu, data_len %u -> num_parts %d\n",
+ priv->id, KBUS_PART_LEN,
+ KBUS_PAGE_THRESHOLD, data_len, num_parts);
+
+ parts = kmalloc(sizeof(*parts) * num_parts, GFP_KERNEL);
+ if (!parts)
+ return -ENOMEM;
+ lengths = kmalloc(sizeof(*lengths) * num_parts, GFP_KERNEL);
+ if (!lengths) {
+ kfree(parts);
+ return -ENOMEM;
+ }
+
+ if (num_parts == 1 && data_len < KBUS_PAGE_THRESHOLD) {
+ /* A single part in "simple" memory */
+ as_pages = false;
+ parts[0] = (unsigned long)kmalloc(data_len, GFP_KERNEL);
+ if (!parts[0]) {
+ kfree(lengths);
+ kfree(parts);
+ return -ENOMEM;
+ }
+ lengths[0] = 0;
+ } else {
+ /*
+ * One or more pages
+ *
+ * For simplicity, we make all of our pages be full pages.
+ * In theory, we could use the same rules for the last page
+ * as we do if we only have a single page - but for the
+ * moment, we're not bothering.
+ *
+ * This means that the 'last_page_len' is strictly theoretical
+ * for the moment...
+ */
+ as_pages = true;
+ for (ii = 0; ii < num_parts; ii++) {
+ parts[ii] = __get_free_page(GFP_KERNEL);
+ if (!parts[ii]) {
+ int jj;
+ for (jj = 0; jj < ii; jj++)
+ free_page(parts[jj]);
+ kfree(lengths);
+ kfree(parts);
+ return -ENOMEM;
+ }
+ lengths[ii] = 0;
+ }
+ }
+ ref_data = kbus_wrap_data_in_ref(as_pages, num_parts, parts, lengths,
+ last_page_len);
+ if (!ref_data) {
+ int jj;
+ if (as_pages)
+ for (jj = 0; jj < num_parts; jj++)
+ free_page(parts[jj]);
+ else
+ kfree((void *)parts[0]);
+ kfree(lengths);
+ kfree(parts);
+ return -ENOMEM;
+ }
+ *ret_ref_data = ref_data;
+ return 0;
+}
+
+/*
+ * Does what it says on the box - take the user data and promote it to kernel
+ * space, as a reference counted quantity, possibly spread over multiple pages.
+ */
+static int kbus_wrap_user_data(struct kbus_private_data *priv,
+ u32 data_len,
+ void *user_data_ptr,
+ struct kbus_data_ptr **new_data)
+{
+ struct kbus_data_ptr *ref_data = NULL;
+ int num_parts;
+ unsigned long *parts;
+ unsigned *lengths;
+ int ii;
+ uint8_t __user *data_ptr;
+
+ int retval = kbus_alloc_ref_data(priv, data_len, &ref_data);
+ if (retval)
+ return retval;
+
+ num_parts = ref_data->num_parts;
+ lengths = ref_data->lengths;
+ parts = ref_data->parts;
+
+ kbus_maybe_dbg(priv->dev, " @@ copying %s\n",
+ ref_data->as_pages ? "as pages" : "as kmalloc'ed data");
+
+ /* Given all of the *space* for our data, populate it */
+ data_ptr = (void __user *) user_data_ptr;
+ for (ii = 0; ii < num_parts; ii++) {
+ unsigned len;
+ if (ii == num_parts - 1)
+ len = ref_data->last_page_len;
+ else
+ len = KBUS_PART_LEN;
+
+ kbus_maybe_dbg(priv->dev,
+ " @@ %d: copy %d bytes "
+ "from user address %lu\n",
+ ii, len, parts[ii]);
+
+ if (copy_from_user((void *)parts[ii], data_ptr, len)) {
+ kbus_lower_data_ref(ref_data);
+ return -EFAULT;
+ }
+ lengths[ii] = len;
+ data_ptr += len;
+ }
+ *new_data = ref_data;
+ return 0;
+}
+
+/*
+ * Given a "pointy" message header, copy the message name and data from
+ * user space into kernel space.
+ *
+ * The message name is copied as a reference-counted string.
+ *
+ * The message data (if any) is copied as reference-counted data.
+ *
+ * Also checks the legality of the message name, since we need the name in
+ * kernel space to do that, but prefer to do the check before copying any
+ * data (which can be expensive).
+ */
+static int kbus_copy_pointy_parts(struct kbus_private_data *priv,
+ struct kbus_write_msg *this)
+{
+ struct kbus_msg *msg = this->msg;
+ char *new_name = NULL;
+ struct kbus_name_ptr *name_ref;
+ struct kbus_data_ptr *new_data = NULL;
+
+ /* First, let's deal with the name */
+ new_name = kmalloc(msg->name_len + 1, GFP_KERNEL);
+ if (!new_name)
+ return -ENOMEM;
+ if (copy_from_user
+ (new_name, (void __user *)this->user_name_ptr, msg->name_len + 1)) {
+ kfree(new_name);
+ return -EFAULT;
+ }
+
+ /*
+ * We can check the name now it is in kernel space - we want
+ * to do this before we sort out the data, since that can involve
+ * a *lot* of copying...
+ */
+ if (kbus_invalid_message_name(priv->dev, new_name, msg->name_len)) {
+ kfree(new_name);
+ return -EBADMSG;
+ }
+ name_ref = kbus_wrap_name_in_ref(new_name);
+ if (!name_ref) {
+ kfree(new_name);
+ return -ENOMEM;
+ }
+
+ /* Now for the data. */
+ if (msg->data_len) {
+ int retval = kbus_wrap_user_data(priv, msg->data_len,
+ this->user_data_ptr,
+ &new_data);
+ if (retval) {
+ kbus_lower_name_ref(name_ref);
+ return retval;
+ }
+ }
+
+ kbus_maybe_dbg(priv->dev, " 'pointy' message normalised\n");
+
+ msg->name_ref = name_ref;
+ msg->data_ref = new_data;
+
+ this->user_name_ptr = NULL;
+ this->user_data_ptr = NULL;
+ this->pointers_are_local = true;
+
+ return 0;
+}
+
+static void kbus_discard(struct kbus_private_data *priv)
+{
+ kbus_empty_write_msg(priv);
+ priv->sending = false;
+}
+
+/*
+ * Returns 0 for success, and a negative value if there's an error.
+ */
+static int kbus_send(struct kbus_private_data *priv,
+ struct kbus_dev *dev, unsigned long arg)
+{
+ ssize_t retval = 0;
+ struct kbus_msg *msg = priv->write.msg;
+
+ kbus_maybe_dbg(priv->dev, "%u SEND\n", priv->id);
+
+ if (priv->write.msg == NULL)
+ return -ENOMSG;
+
+ if (!priv->write.is_finished) {
+ dev_err(priv->dev->dev, "pid %u [%s]"
+ " message not finished (in part %d of message)\n",
+ current->pid, current->comm, priv->write.which);
+ retval = -EINVAL;
+ goto done;
+ }
+
+ /*
+ * Users are not allowed to send messages marked as "synthetic"
+ * (since, after all, if the user sends it, it is not). However,
+ * it's possible that, in good faith, they re-sent a synthetic
+ * message that they received earlier, so we shall take care to
+ * unset the bit, if necessary.
+ */
+ if (KBUS_BIT_SYNTHETIC & msg->flags)
+ msg->flags &= ~KBUS_BIT_SYNTHETIC;
+
+ /*
+ * The "extra" field is reserved for future expansion, so for the
+ * moment we always zero it (this stops anyone from trying to take
+ * advantage of it, and getting caught out when we decide WE want it)
+ */
+ msg->extra = 0;
+
+ /*
+ * The message header is already in kernel space (thanks to kbus_write),
+ * but if it's a "pointy" message, the name and data are not. So let's
+ * fix that.
+ *
+ * Note that we *always* end up with a message header containing
+ * pointers to (copies of) the name and (if given) data, and the
+ * data reference counted, and maybe split over multiple pages.
+ *
+ * Note that if this is a message we already tried to send
+ * earlier, any "pointy" parts would have been copied earlier,
+ * hence the check we actually make.
+ */
+ if (!priv->write.pointers_are_local) {
+ retval = kbus_copy_pointy_parts(priv, &priv->write);
+ if (retval)
+ goto done;
+ }
+
+ /* ================================================================= */
+ /*
+ * If this message is a Request, then we can't send it until/unless
+ * we've got room in our message queue to receive the Reply.
+ *
+ * We do this check here, rather than in kbus_write_to_recipients,
+ * because:
+ *
+ * a) kbus_write_to_recipients gets (re)called by the POLL interface,
+ * and at that stage KBUS *knows* that there is room for the
+ * message concerned (so the checking code would need to know not
+ * to check)
+ *
+ * b) If the check fails, we do not want to consider ourselves in
+ * "sending" state, since we can't afford to block, because it's
+ * *this Ksock* that needs to do some reading to clear the relevant
+ * queue, and it can't do that if it's blocking. So we'd either
+ * need to handle that (somehow), or just do the check here.
+ *
+ * Similarly, we don't finalise the message (put in its "from" and "id"
+ * fields) until we pass this test.
+ */
+ if ((msg->flags & KBUS_BIT_WANT_A_REPLY) &&
+ kbus_queue_is_full(priv, "sender", false)) {
+ dev_err(priv->dev->dev, "%u Unable to send Request becausei"
+ " no room for a Reply in sender's message queue\n",
+ priv->id);
+ retval = -ENOLCK;
+ goto done;
+ }
+ /* ================================================================= */
+
+ /* So, we're actually ready to SEND! */
+
+ /* The message needs to say it is from us */
+ msg->from = priv->id;
+
+ /*
+ * If we've already tried to send this message earlier (and
+ * presumably failed with -EAGAIN), then we don't need to give
+ * it a message id, because it already has one...
+ */
+ if (!priv->sending) {
+ /* The message seems well formed, give it an id if necessary */
+ if (msg->id.network_id == 0)
+ msg->id.serial_num = kbus_next_serial_num(dev);
+ }
+
+ /* Also, remember this as the "message we last (tried to) send" */
+ priv->last_msg_id_sent = msg->id;
+
+ /*
+ * Figure out who should receive this message, and write it to them
+ */
+ retval = kbus_write_to_recipients(priv, dev, msg);
+
+done:
+ /*
+ * -EAGAIN means we were blocked from sending, and the caller
+ * should try again (as one might expect).
+ */
+ if (retval == -EAGAIN)
+ /* Remember we're still trying to send this message */
+ priv->sending = true;
+ else
+ /* We've now finished with our copy of the message header */
+ kbus_discard(priv);
+
+ if (retval == 0 || retval == -EAGAIN)
+ if (copy_to_user((void __user *)arg, &priv->last_msg_id_sent,
+ sizeof(priv->last_msg_id_sent)))
+ retval = -EFAULT;
+ return retval;
+}
+
static int kbus_maxmsgs(struct kbus_private_data *priv,
unsigned long arg)
{
@@ -800,6 +3356,60 @@ static long kbus_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
retval = kbus_replier(priv, dev, arg);
break;
+ case KBUS_IOC_NEXTMSG:
+ /*
+ * Get the next message ready to be read, and return its
+ * length.
+ *
+ * arg in: none
+ * arg out: number of bytes in next message
+ * retval: 0 if no next message, 1 if there is a next message,
+ * negative value if there's an error.
+ */
+ retval = kbus_nextmsg(priv, arg);
+ break;
+
+ case KBUS_IOC_LENLEFT:
+ /* How many bytes are left to read in the current message? */
+ {
+ u32 left = kbus_lenleft(priv);
+ kbus_maybe_dbg(priv->dev, "%u LENLEFT %u\n",
+ id, left);
+ retval = __put_user(left, (u32 __user *) arg);
+ }
+ break;
+
+ case KBUS_IOC_SEND:
+ /*
+ * Send the curent message, we've finished writing it.
+ *
+ * arg in: <ignored>
+ * arg out: the message id of said message
+ * retval: negative for bad message, etc., 0 otherwise
+ */
+ retval = kbus_send(priv, dev, arg);
+ break;
+
+ case KBUS_IOC_DISCARD:
+ /* Throw away the message we're currently writing. */
+ kbus_maybe_dbg(priv->dev, "%u DISCARD\n", id);
+ kbus_discard(priv);
+ break;
+
+ case KBUS_IOC_LASTSENT:
+ /*
+ * What was the message id of the last message written to this
+ * file descriptor? Before any messages have been written to
+ * this file descriptor, this ioctl will return {0,0).
+ */
+ kbus_maybe_dbg(priv->dev, "%u LASTSENT %u:%u\n", id,
+ priv->last_msg_id_sent.network_id,
+ priv->last_msg_id_sent.serial_num);
+ if (copy_to_user((void __user *)arg, &priv->last_msg_id_sent,
+ sizeof(priv->last_msg_id_sent)))
+ retval = -EFAULT;
+ break;
+
case KBUS_IOC_MAXMSGS:
/*
* Set (and/or query) maximum number of messages in this
@@ -821,6 +3431,14 @@ static long kbus_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
retval = kbus_nummsgs(priv, dev, arg);
break;
+ case KBUS_IOC_UNREPLIEDTO:
+ /* How many Requests (to us) do we still owe Replies to? */
+ kbus_maybe_dbg(priv->dev, "%u UNREPLIEDTO %d\n",
+ id, priv->num_replies_unsent);
+ retval = __put_user(priv->num_replies_unsent,
+ (u32 __user *) arg);
+ break;
+
case KBUS_IOC_VERBOSE:
/*
* Should we output verbose/debug messages?
@@ -842,10 +3460,110 @@ static long kbus_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
return retval;
}
+/*
+ * Try sending the (current waiting to be sent) message
+ *
+ * Returns true if the message has either been successfully sent, or an error
+ * occcurred (which has been dealt with) and there is no longer a current
+ * message.
+ *
+ * Returns false if we hit EAGAIN (again) and we're still trying to send the
+ * current message.
+ */
+static int kbus_poll_try_send_again(struct kbus_private_data *priv,
+ struct kbus_dev *dev)
+{
+ int retval;
+ struct kbus_msg *msg = priv->write.msg;
+
+ retval = kbus_write_to_recipients(priv, dev, msg);
+
+ switch (-retval) {
+ case 0: /* All is well, nothing to do */
+ break;
+ case EAGAIN: /* Still blocked by *someone* - nowt to do */
+ break;
+ case EADDRNOTAVAIL:
+ /*
+ * It's a Request and there's no Replier (presumably there was
+ * when the initial SEND was done, but now they've gone away).
+ * A Request *needs* a Reply...
+ */
+ kbus_push_synthetic_message(dev, 0, msg->from, msg->id,
+ KBUS_MSG_NAME_REPLIER_DISAPPEARED);
+ retval = 0;
+ break;
+ default:
+ /*
+ * Send *failed* - what can we do?
+ * Not much, perhaps, but we must ensure that a Request gets
+ * (some sort of) reply
+ */
+ if (msg->flags & KBUS_BIT_WANT_A_REPLY)
+ kbus_push_synthetic_message(dev, 0, msg->from, msg->id,
+ KBUS_MSG_NAME_ERROR_SENDING);
+ retval = 0;
+ break;
+ }
+
+ if (retval == 0) {
+ kbus_discard(priv);
+ return true;
+ }
+ return false;
+}
+
+static unsigned int kbus_poll(struct file *filp, poll_table * wait)
+{
+ struct kbus_private_data *priv = filp->private_data;
+ struct kbus_dev *dev = priv->dev;
+ unsigned mask = 0;
+
+ mutex_lock(&dev->mux);
+
+ kbus_maybe_dbg(priv->dev, "%u POLL\n", priv->id);
+
+ /*
+ * Did I wake up because there's a message available to be read?
+ */
+ if (priv->message_count != 0)
+ mask |= POLLIN | POLLRDNORM; /* readable */
+
+ /*
+ * Did I wake up because someone said they had space for a message on
+ * their message queue (where there wasn't space before)?
+ *
+ * And if that is the case, if we're opened for write and have a
+ * message waiting to be sent, can we now send it?
+ *
+ * The simplest way to find out is just to try again.
+ */
+ if (filp->f_mode & FMODE_WRITE) {
+ int writable = true;
+ if (priv->sending)
+ writable = kbus_poll_try_send_again(priv, dev);
+ if (writable)
+ mask |= POLLOUT | POLLWRNORM;
+ }
+
+ /* Wait until someone has a message waiting to be read */
+ poll_wait(filp, &priv->read_wait, wait);
+
+ /* Wait until someone has a space into which a message can be pushed */
+ if (priv->sending)
+ poll_wait(filp, &dev->write_wait, wait);
+
+ mutex_unlock(&dev->mux);
+ return mask;
+}
+
/* File operations for /dev/kbus<n> */
static const struct file_operations kbus_fops = {
.owner = THIS_MODULE,
+ .read = kbus_read,
+ .write = kbus_write,
.unlocked_ioctl = kbus_ioctl,
+ .poll = kbus_poll,
.open = kbus_open,
.release = kbus_release,
};
@@ -867,6 +3585,8 @@ static void kbus_setup_cdev(struct kbus_dev *dev, int devno)
INIT_LIST_HEAD(&dev->bound_message_list);
INIT_LIST_HEAD(&dev->open_ksock_list);
+ init_waitqueue_head(&dev->write_wait);
+
dev->next_ksock_id = 0;
dev->next_msg_serial_num = 0;
--
1.7.4.1
--
To unsubscribe from this list: send the line "unsubscribe linux-embedded" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
