Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
No need to assign `ptr' to the return value of idr_replace()
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
During the review on LKML, Thomas Gleixner stubled over the usage
of our 'p' variable assignment. Apparantly, the idea of assigning
memdup()'ed memory to a void pointer that is automatically freed
at the end of the function wasn't obvious to readers.
Let's fix this, and
a) make kdbus_memdup_user() return void* instead of int, so we can
directly assign variables to the return value
b) assign the void* variable after the memdup, and call it 'free_ptr'
to make clearer what's going on.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Al Viro writes:
BTW, the calling conventions for your foo_new() are annoying - instead of
"return -E... or 0, storing the reference to new object in var parameter
passed as the last argument", could you please just return ERR_PTR(-E...)
on error, a pointer to new object on success and to hell with those
struct foo **foo in the argument lists?
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Arnd Bergmann writes:
I think in general, using enum is great, but for ioctl command numbers,
we probably want to have defines so the user space implementation can
use #ifdef to see if the kernel version that it is being built for
knows a particular command.
[...]
which might in fact help some tools that try to do automated parsing
of header files to find ioctl commands.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
This should fix tonight's build bot error.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
No need to create the kdbus msg every time, and if we are sending a
memfd, then just store its item offset, patch it later with the right
memfd fd+data, seal it, then send it.
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Tweak the test case accordingly.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Calls that end up in wait_event_interruptible_timeout() are subject
to be interrupted if the userspace task receives a signal. In such
cases, the function will return -ERESTARTSYS, and in case a signal
handler was installed with SA_RESTART, the syscall would be
automatically restarted.
However, in case of KDBUS_CMD_MSG_SEND, however, we have to avoid
sending the same message again in that case, which is why we
decided to return -EINPROGRESS before, and let userspace call into
a special ioctl to catch up on the 2nd half of the SEND syscall.
However, it turns out there's a much simpler solution to that:
* If a system call is interrupted, we set .interrupted = true in
the reply tracker object, so it will be cleaned up by the
connection worker.
* When KDBUS_CMD_MSG_SEND is calles in a synchronous fashion,
try to find a reply tracking object in the destination connection.
If it exists, and is marked as .interrupted == true, catch up on
it, and go back to wait_event_interruptible_timeout() right away.
That way, we can explicitly support SA_RESTART now, and as timeouts
are absolute, a restarted syscall does the right thing.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Add a new boolean flag to track reply objects affected by interrupted
system calls. Treat such object as non-sync in kdbus_conn_work().
This patch does not add any user that sets this flag yet.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Use an else branch for better readability.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Introduce kdbus_conn_find_reply() and factor out the list walking
code from kdbus_cmd_msg_cancel() and kdbus_conn_check_access().
There will be one more user later.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Copyright information in kdbus.h seems overkill, so remove it.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Move capabilites to its own struct inside kdbus_item. This also gives
us the ability to inform userspace of the highest caps bit the kernel
knows about.
Hence, if the capabilites grow in either the number of sets or the
number of rows, we can now detect and handle both from userspace.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Just two tiny cleanups.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Try to validate the KDBUS_ITEM_NAME before going further
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
|
|
If a SYNC-SEND is interrupted by a signal, there is no way we can restart
the syscall. If we returned ERESTARTSYS, we'd queue the message again on
restart. This is very irritating, therefore, we never support restarting
syscalls. Instead, we return EINPROGRESS if the message was queued but no
reply was received, yet.
Internally, we turn the 'sync' reply_wait into an 'async' reply. This way,
it will be treated the same way as any other asynchronous reply.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
If a timeout occurs before we can queue a reply to a message, we might
queue it _after_ the sync caller already returned and dropped its ref.
Avoid this by using the 'waiting' flag to sync between sender and
receiver.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
If we reply to a pending method call, we must make sure to only allow a
single connection to respond. Therefore, unqueue reply_wake entries
unconditionally after we allowed a single call to pass through.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
We pass reply_wake around without holding any locks. It might get
destructed by parallel timeouts of other replies that are faster than we
are. Make sure we hold a reference to avoid those races.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
conn_reply objects are used all over the place. We often pass pointers
around without actually holding the parent lock. They might get destructed
while we use it. To avoid this, make it ref-counted so there's no need to
constantly hold locks..
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
Rename kdbus_conn_add_expected_reply() to kdbus_conn_reply_new(). The
function no longer adds replies but only allocates them. No reason to keep
the old name.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
Currently, we queue the conn_reply _before_ queueing the actual message.
This might leak conn_reply objects if we cannot queue the message. Avoid
this by queuing the conn_reply object at the same time we queue the
message.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
If a name is taken over by an activator, we move messages that were
targetted at the this exact name over. However, we must make sure to leave
all other messages correctly queued on the source, so it can continue
using other names it might posess.
This fixes the filtering we apply on the messages itself, to no longer
leak them. Furthermore, it also applies proper filtering to the conn_reply
objects, so only matching objects are moved.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
reply->conn is pretty vague and I have a hard time remembering which side
of the communication it points to. Rename it to "reply_dst" so it's clear
that it points to the destination of the reply (or: origin of the call).
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
If we synchronously send messages, we never queue notifications on the
sender if a timeout or reset occurs. Fix the DEAD_DESTINATION handling to
not queue such messages either.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
There is no reason why we cannot destroy replies while holding a
connection lock. If the reply points to the connection whose lock we hold,
we also have another ref on that connection due to our context. If the
lock points to another connection, we can simply unref it at any time.
Note that we never cause disconnects on the connection. We only unref it!
The object destruction is a simple memory cleanup. Nothing fancy is done
there, and no inter-object refs can exist anymore (otherwise, it would not
get freed). Therefore, fix all our callers to free replies directly,
instead of releasing the locks first.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
As we now use kdbus_cmd_conn_info and kdbus_conn_info for bus creator
information as well, rename the structs to a more generic term.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Add a call to return metadata on the task that created a bus, at the
moment it did so. The call behaves similar to KDBUS_CMD_CONN_INFO, and
shares the same dispatcher code in handle.c.
While at it, factor out bus-related test functions to their own file,
and also add some code test the new ioctl.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
|
|
Satisfy a kernel check so we can be sure we really bail out due
to the check we're actually enforcing.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
As discussed on LPC.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|