projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / rxrpc / ar-output.c
1 /* RxRPC packet transmission
2 *
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12 #include <linux/net.h>
13 #include <linux/gfp.h>
14 #include <linux/skbuff.h>
15 #include <linux/circ_buf.h>
16 #include <linux/export.h>
17 #include <net/sock.h>
18 #include <net/af_rxrpc.h>
19 #include "ar-internal.h"
20
21 int rxrpc_resend_timeout = 4;
22
23 static int rxrpc_send_data(struct kiocb *iocb,
24 struct rxrpc_sock *rx,
25 struct rxrpc_call *call,
26 struct msghdr *msg, size_t len);
27
28 /*
29 * extract control messages from the sendmsg() control buffer
30 */
31 static int rxrpc_sendmsg_cmsg(struct rxrpc_sock *rx, struct msghdr *msg,
32 unsigned long *user_call_ID,
33 enum rxrpc_command *command,
34 u32 *abort_code,
35 bool server)
36 {
37 struct cmsghdr *cmsg;
38 int len;
39
40 *command = RXRPC_CMD_SEND_DATA;
41
42 if (msg->msg_controllen == 0)
43 return -EINVAL;
44
45 for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
46 if (!CMSG_OK(msg, cmsg))
47 return -EINVAL;
48
49 len = cmsg->cmsg_len - CMSG_ALIGN(sizeof(struct cmsghdr));
50 _debug("CMSG %d, %d, %d",
51 cmsg->cmsg_level, cmsg->cmsg_type, len);
52
53 if (cmsg->cmsg_level != SOL_RXRPC)
54 continue;
55
56 switch (cmsg->cmsg_type) {
57 case RXRPC_USER_CALL_ID:
58 if (msg->msg_flags & MSG_CMSG_COMPAT) {
59 if (len != sizeof(u32))
60 return -EINVAL;
61 *user_call_ID = *(u32 *) CMSG_DATA(cmsg);
62 } else {
63 if (len != sizeof(unsigned long))
64 return -EINVAL;
65 *user_call_ID = *(unsigned long *)
66 CMSG_DATA(cmsg);
67 }
68 _debug("User Call ID %lx", *user_call_ID);
69 break;
70
71 case RXRPC_ABORT:
72 if (*command != RXRPC_CMD_SEND_DATA)
73 return -EINVAL;
74 *command = RXRPC_CMD_SEND_ABORT;
75 if (len != sizeof(*abort_code))
76 return -EINVAL;
77 *abort_code = *(unsigned int *) CMSG_DATA(cmsg);
78 _debug("Abort %x", *abort_code);
79 if (*abort_code == 0)
80 return -EINVAL;
81 break;
82
83 case RXRPC_ACCEPT:
84 if (*command != RXRPC_CMD_SEND_DATA)
85 return -EINVAL;
86 *command = RXRPC_CMD_ACCEPT;
87 if (len != 0)
88 return -EINVAL;
89 if (!server)
90 return -EISCONN;
91 break;
92
93 default:
94 return -EINVAL;
95 }
96 }
97
98 _leave(" = 0");
99 return 0;
100 }
101
102 /*
103 * abort a call, sending an ABORT packet to the peer
104 */
105 static void rxrpc_send_abort(struct rxrpc_call *call, u32 abort_code)
106 {
107 write_lock_bh(&call->state_lock);
108
109 if (call->state <= RXRPC_CALL_COMPLETE) {
110 call->state = RXRPC_CALL_LOCALLY_ABORTED;
111 call->abort_code = abort_code;
112 set_bit(RXRPC_CALL_ABORT, &call->events);
113 del_timer_sync(&call->resend_timer);
114 del_timer_sync(&call->ack_timer);
115 clear_bit(RXRPC_CALL_RESEND_TIMER, &call->events);
116 clear_bit(RXRPC_CALL_ACK, &call->events);
117 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
118 rxrpc_queue_call(call);
119 }
120
121 write_unlock_bh(&call->state_lock);
122 }
123
124 /*
125 * send a message forming part of a client call through an RxRPC socket
126 * - caller holds the socket locked
127 * - the socket may be either a client socket or a server socket
128 */
129 int rxrpc_client_sendmsg(struct kiocb *iocb, struct rxrpc_sock *rx,
130 struct rxrpc_transport *trans, struct msghdr *msg,
131 size_t len)
132 {
133 struct rxrpc_conn_bundle *bundle;
134 enum rxrpc_command cmd;
135 struct rxrpc_call *call;
136 unsigned long user_call_ID = 0;
137 struct key *key;
138 __be16 service_id;
139 u32 abort_code = 0;
140 int ret;
141
142 _enter("");
143
144 ASSERT(trans != NULL);
145
146 ret = rxrpc_sendmsg_cmsg(rx, msg, &user_call_ID, &cmd, &abort_code,
147 false);
148 if (ret < 0)
149 return ret;
150
151 bundle = NULL;
152 if (trans) {
153 service_id = rx->service_id;
154 if (msg->msg_name) {
155 struct sockaddr_rxrpc *srx =
156 (struct sockaddr_rxrpc *) msg->msg_name;
157 service_id = htons(srx->srx_service);
158 }
159 key = rx->key;
160 if (key && !rx->key->payload.data)
161 key = NULL;
162 bundle = rxrpc_get_bundle(rx, trans, key, service_id,
163 GFP_KERNEL);
164 if (IS_ERR(bundle))
165 return PTR_ERR(bundle);
166 }
167
168 call = rxrpc_get_client_call(rx, trans, bundle, user_call_ID,
169 abort_code == 0, GFP_KERNEL);
170 if (trans)
171 rxrpc_put_bundle(trans, bundle);
172 if (IS_ERR(call)) {
173 _leave(" = %ld", PTR_ERR(call));
174 return PTR_ERR(call);
175 }
176
177 _debug("CALL %d USR %lx ST %d on CONN %p",
178 call->debug_id, call->user_call_ID, call->state, call->conn);
179
180 if (call->state >= RXRPC_CALL_COMPLETE) {
181 /* it's too late for this call */
182 ret = -ESHUTDOWN;
183 } else if (cmd == RXRPC_CMD_SEND_ABORT) {
184 rxrpc_send_abort(call, abort_code);
185 } else if (cmd != RXRPC_CMD_SEND_DATA) {
186 ret = -EINVAL;
187 } else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST) {
188 /* request phase complete for this client call */
189 ret = -EPROTO;
190 } else {
191 ret = rxrpc_send_data(iocb, rx, call, msg, len);
192 }
193
194 rxrpc_put_call(call);
195 _leave(" = %d", ret);
196 return ret;
197 }
198
199 /**
200 * rxrpc_kernel_send_data - Allow a kernel service to send data on a call
201 * @call: The call to send data through
202 * @msg: The data to send
203 * @len: The amount of data to send
204 *
205 * Allow a kernel service to send data on a call. The call must be in an state
206 * appropriate to sending data. No control data should be supplied in @msg,
207 * nor should an address be supplied. MSG_MORE should be flagged if there's
208 * more data to come, otherwise this data will end the transmission phase.
209 */
210 int rxrpc_kernel_send_data(struct rxrpc_call *call, struct msghdr *msg,
211 size_t len)
212 {
213 int ret;
214
215 _enter("{%d,%s},", call->debug_id, rxrpc_call_states[call->state]);
216
217 ASSERTCMP(msg->msg_name, ==, NULL);
218 ASSERTCMP(msg->msg_control, ==, NULL);
219
220 lock_sock(&call->socket->sk);
221
222 _debug("CALL %d USR %lx ST %d on CONN %p",
223 call->debug_id, call->user_call_ID, call->state, call->conn);
224
225 if (call->state >= RXRPC_CALL_COMPLETE) {
226 ret = -ESHUTDOWN; /* it's too late for this call */
227 } else if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
228 call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
229 call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
230 ret = -EPROTO; /* request phase complete for this client call */
231 } else {
232 mm_segment_t oldfs = get_fs();
233 set_fs(KERNEL_DS);
234 ret = rxrpc_send_data(NULL, call->socket, call, msg, len);
235 set_fs(oldfs);
236 }
237
238 release_sock(&call->socket->sk);
239 _leave(" = %d", ret);
240 return ret;
241 }
242
243 EXPORT_SYMBOL(rxrpc_kernel_send_data);
244
245 /**
246 * rxrpc_kernel_abort_call - Allow a kernel service to abort a call
247 * @call: The call to be aborted
248 * @abort_code: The abort code to stick into the ABORT packet
249 *
250 * Allow a kernel service to abort a call, if it's still in an abortable state.
251 */
252 void rxrpc_kernel_abort_call(struct rxrpc_call *call, u32 abort_code)
253 {
254 _enter("{%d},%d", call->debug_id, abort_code);
255
256 lock_sock(&call->socket->sk);
257
258 _debug("CALL %d USR %lx ST %d on CONN %p",
259 call->debug_id, call->user_call_ID, call->state, call->conn);
260
261 if (call->state < RXRPC_CALL_COMPLETE)
262 rxrpc_send_abort(call, abort_code);
263
264 release_sock(&call->socket->sk);
265 _leave("");
266 }
267
268 EXPORT_SYMBOL(rxrpc_kernel_abort_call);
269
270 /*
271 * send a message through a server socket
272 * - caller holds the socket locked
273 */
274 int rxrpc_server_sendmsg(struct kiocb *iocb, struct rxrpc_sock *rx,
275 struct msghdr *msg, size_t len)
276 {
277 enum rxrpc_command cmd;
278 struct rxrpc_call *call;
279 unsigned long user_call_ID = 0;
280 u32 abort_code = 0;
281 int ret;
282
283 _enter("");
284
285 ret = rxrpc_sendmsg_cmsg(rx, msg, &user_call_ID, &cmd, &abort_code,
286 true);
287 if (ret < 0)
288 return ret;
289
290 if (cmd == RXRPC_CMD_ACCEPT) {
291 call = rxrpc_accept_call(rx, user_call_ID);
292 if (IS_ERR(call))
293 return PTR_ERR(call);
294 rxrpc_put_call(call);
295 return 0;
296 }
297
298 call = rxrpc_find_server_call(rx, user_call_ID);
299 if (!call)
300 return -EBADSLT;
301 if (call->state >= RXRPC_CALL_COMPLETE) {
302 ret = -ESHUTDOWN;
303 goto out;
304 }
305
306 switch (cmd) {
307 case RXRPC_CMD_SEND_DATA:
308 if (call->state != RXRPC_CALL_CLIENT_SEND_REQUEST &&
309 call->state != RXRPC_CALL_SERVER_ACK_REQUEST &&
310 call->state != RXRPC_CALL_SERVER_SEND_REPLY) {
311 /* Tx phase not yet begun for this call */
312 ret = -EPROTO;
313 break;
314 }
315
316 ret = rxrpc_send_data(iocb, rx, call, msg, len);
317 break;
318
319 case RXRPC_CMD_SEND_ABORT:
320 rxrpc_send_abort(call, abort_code);
321 break;
322 default:
323 BUG();
324 }
325
326 out:
327 rxrpc_put_call(call);
328 _leave(" = %d", ret);
329 return ret;
330 }
331
332 /*
333 * send a packet through the transport endpoint
334 */
335 int rxrpc_send_packet(struct rxrpc_transport *trans, struct sk_buff *skb)
336 {
337 struct kvec iov[1];
338 struct msghdr msg;
339 int ret, opt;
340
341 _enter(",{%d}", skb->len);
342
343 iov[0].iov_base = skb->head;
344 iov[0].iov_len = skb->len;
345
346 msg.msg_name = &trans->peer->srx.transport.sin;
347 msg.msg_namelen = sizeof(trans->peer->srx.transport.sin);
348 msg.msg_control = NULL;
349 msg.msg_controllen = 0;
350 msg.msg_flags = 0;
351
352 /* send the packet with the don't fragment bit set if we currently
353 * think it's small enough */
354 if (skb->len - sizeof(struct rxrpc_header) < trans->peer->maxdata) {
355 down_read(&trans->local->defrag_sem);
356 /* send the packet by UDP
357 * - returns -EMSGSIZE if UDP would have to fragment the packet
358 * to go out of the interface
359 * - in which case, we'll have processed the ICMP error
360 * message and update the peer record
361 */
362 ret = kernel_sendmsg(trans->local->socket, &msg, iov, 1,
363 iov[0].iov_len);
364
365 up_read(&trans->local->defrag_sem);
366 if (ret == -EMSGSIZE)
367 goto send_fragmentable;
368
369 _leave(" = %d [%u]", ret, trans->peer->maxdata);
370 return ret;
371 }
372
373 send_fragmentable:
374 /* attempt to send this message with fragmentation enabled */
375 _debug("send fragment");
376
377 down_write(&trans->local->defrag_sem);
378 opt = IP_PMTUDISC_DONT;
379 ret = kernel_setsockopt(trans->local->socket, SOL_IP, IP_MTU_DISCOVER,
380 (char *) &opt, sizeof(opt));
381 if (ret == 0) {
382 ret = kernel_sendmsg(trans->local->socket, &msg, iov, 1,
383 iov[0].iov_len);
384
385 opt = IP_PMTUDISC_DO;
386 kernel_setsockopt(trans->local->socket, SOL_IP,
387 IP_MTU_DISCOVER, (char *) &opt, sizeof(opt));
388 }
389
390 up_write(&trans->local->defrag_sem);
391 _leave(" = %d [frag %u]", ret, trans->peer->maxdata);
392 return ret;
393 }
394
395 /*
396 * wait for space to appear in the transmit/ACK window
397 * - caller holds the socket locked
398 */
399 static int rxrpc_wait_for_tx_window(struct rxrpc_sock *rx,
400 struct rxrpc_call *call,
401 long *timeo)
402 {
403 DECLARE_WAITQUEUE(myself, current);
404 int ret;
405
406 _enter(",{%d},%ld",
407 CIRC_SPACE(call->acks_head, call->acks_tail, call->acks_winsz),
408 *timeo);
409
410 add_wait_queue(&call->tx_waitq, &myself);
411
412 for (;;) {
413 set_current_state(TASK_INTERRUPTIBLE);
414 ret = 0;
415 if (CIRC_SPACE(call->acks_head, call->acks_tail,
416 call->acks_winsz) > 0)
417 break;
418 if (signal_pending(current)) {
419 ret = sock_intr_errno(*timeo);
420 break;
421 }
422
423 release_sock(&rx->sk);
424 *timeo = schedule_timeout(*timeo);
425 lock_sock(&rx->sk);
426 }
427
428 remove_wait_queue(&call->tx_waitq, &myself);
429 set_current_state(TASK_RUNNING);
430 _leave(" = %d", ret);
431 return ret;
432 }
433
434 /*
435 * attempt to schedule an instant Tx resend
436 */
437 static inline void rxrpc_instant_resend(struct rxrpc_call *call)
438 {
439 read_lock_bh(&call->state_lock);
440 if (try_to_del_timer_sync(&call->resend_timer) >= 0) {
441 clear_bit(RXRPC_CALL_RUN_RTIMER, &call->flags);
442 if (call->state < RXRPC_CALL_COMPLETE &&
443 !test_and_set_bit(RXRPC_CALL_RESEND_TIMER, &call->events))
444 rxrpc_queue_call(call);
445 }
446 read_unlock_bh(&call->state_lock);
447 }
448
449 /*
450 * queue a packet for transmission, set the resend timer and attempt
451 * to send the packet immediately
452 */
453 static void rxrpc_queue_packet(struct rxrpc_call *call, struct sk_buff *skb,
454 bool last)
455 {
456 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
457 int ret;
458
459 _net("queue skb %p [%d]", skb, call->acks_head);
460
461 ASSERT(call->acks_window != NULL);
462 call->acks_window[call->acks_head] = (unsigned long) skb;
463 smp_wmb();
464 call->acks_head = (call->acks_head + 1) & (call->acks_winsz - 1);
465
466 if (last || call->state == RXRPC_CALL_SERVER_ACK_REQUEST) {
467 _debug("________awaiting reply/ACK__________");
468 write_lock_bh(&call->state_lock);
469 switch (call->state) {
470 case RXRPC_CALL_CLIENT_SEND_REQUEST:
471 call->state = RXRPC_CALL_CLIENT_AWAIT_REPLY;
472 break;
473 case RXRPC_CALL_SERVER_ACK_REQUEST:
474 call->state = RXRPC_CALL_SERVER_SEND_REPLY;
475 if (!last)
476 break;
477 case RXRPC_CALL_SERVER_SEND_REPLY:
478 call->state = RXRPC_CALL_SERVER_AWAIT_ACK;
479 break;
480 default:
481 break;
482 }
483 write_unlock_bh(&call->state_lock);
484 }
485
486 _proto("Tx DATA %%%u { #%u }",
487 ntohl(sp->hdr.serial), ntohl(sp->hdr.seq));
488
489 sp->need_resend = false;
490 sp->resend_at = jiffies + rxrpc_resend_timeout * HZ;
491 if (!test_and_set_bit(RXRPC_CALL_RUN_RTIMER, &call->flags)) {
492 _debug("run timer");
493 call->resend_timer.expires = sp->resend_at;
494 add_timer(&call->resend_timer);
495 }
496
497 /* attempt to cancel the rx-ACK timer, deferring reply transmission if
498 * we're ACK'ing the request phase of an incoming call */
499 ret = -EAGAIN;
500 if (try_to_del_timer_sync(&call->ack_timer) >= 0) {
501 /* the packet may be freed by rxrpc_process_call() before this
502 * returns */
503 ret = rxrpc_send_packet(call->conn->trans, skb);
504 _net("sent skb %p", skb);
505 } else {
506 _debug("failed to delete ACK timer");
507 }
508
509 if (ret < 0) {
510 _debug("need instant resend %d", ret);
511 sp->need_resend = true;
512 rxrpc_instant_resend(call);
513 }
514
515 _leave("");
516 }
517
518 /*
519 * send data through a socket
520 * - must be called in process context
521 * - caller holds the socket locked
522 */
523 static int rxrpc_send_data(struct kiocb *iocb,
524 struct rxrpc_sock *rx,
525 struct rxrpc_call *call,
526 struct msghdr *msg, size_t len)
527 {
528 struct rxrpc_skb_priv *sp;
529 unsigned char __user *from;
530 struct sk_buff *skb;
531 struct iovec *iov;
532 struct sock *sk = &rx->sk;
533 long timeo;
534 bool more;
535 int ret, ioc, segment, copied;
536
537 _enter(",,,{%zu},%zu", msg->msg_iovlen, len);
538
539 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
540
541 /* this should be in poll */
542 clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
543
544 if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN))
545 return -EPIPE;
546
547 iov = msg->msg_iov;
548 ioc = msg->msg_iovlen - 1;
549 from = iov->iov_base;
550 segment = iov->iov_len;
551 iov++;
552 more = msg->msg_flags & MSG_MORE;
553
554 skb = call->tx_pending;
555 call->tx_pending = NULL;
556
557 copied = 0;
558 do {
559 int copy;
560
561 if (segment > len)
562 segment = len;
563
564 _debug("SEGMENT %d @%p", segment, from);
565
566 if (!skb) {
567 size_t size, chunk, max, space;
568
569 _debug("alloc");
570
571 if (CIRC_SPACE(call->acks_head, call->acks_tail,
572 call->acks_winsz) <= 0) {
573 ret = -EAGAIN;
574 if (msg->msg_flags & MSG_DONTWAIT)
575 goto maybe_error;
576 ret = rxrpc_wait_for_tx_window(rx, call,
577 &timeo);
578 if (ret < 0)
579 goto maybe_error;
580 }
581
582 max = call->conn->trans->peer->maxdata;
583 max -= call->conn->security_size;
584 max &= ~(call->conn->size_align - 1UL);
585
586 chunk = max;
587 if (chunk > len && !more)
588 chunk = len;
589
590 space = chunk + call->conn->size_align;
591 space &= ~(call->conn->size_align - 1UL);
592
593 size = space + call->conn->header_size;
594
595 _debug("SIZE: %zu/%zu/%zu", chunk, space, size);
596
597 /* create a buffer that we can retain until it's ACK'd */
598 skb = sock_alloc_send_skb(
599 sk, size, msg->msg_flags & MSG_DONTWAIT, &ret);
600 if (!skb)
601 goto maybe_error;
602
603 rxrpc_new_skb(skb);
604
605 _debug("ALLOC SEND %p", skb);
606
607 ASSERTCMP(skb->mark, ==, 0);
608
609 _debug("HS: %u", call->conn->header_size);
610 skb_reserve(skb, call->conn->header_size);
611 skb->len += call->conn->header_size;
612
613 sp = rxrpc_skb(skb);
614 sp->remain = chunk;
615 if (sp->remain > skb_tailroom(skb))
616 sp->remain = skb_tailroom(skb);
617
618 _net("skb: hr %d, tr %d, hl %d, rm %d",
619 skb_headroom(skb),
620 skb_tailroom(skb),
621 skb_headlen(skb),
622 sp->remain);
623
624 skb->ip_summed = CHECKSUM_UNNECESSARY;
625 }
626
627 _debug("append");
628 sp = rxrpc_skb(skb);
629
630 /* append next segment of data to the current buffer */
631 copy = skb_tailroom(skb);
632 ASSERTCMP(copy, >, 0);
633 if (copy > segment)
634 copy = segment;
635 if (copy > sp->remain)
636 copy = sp->remain;
637
638 _debug("add");
639 ret = skb_add_data(skb, from, copy);
640 _debug("added");
641 if (ret < 0)
642 goto efault;
643 sp->remain -= copy;
644 skb->mark += copy;
645 copied += copy;
646
647 len -= copy;
648 segment -= copy;
649 from += copy;
650 while (segment == 0 && ioc > 0) {
651 from = iov->iov_base;
652 segment = iov->iov_len;
653 iov++;
654 ioc--;
655 }
656 if (len == 0) {
657 segment = 0;
658 ioc = 0;
659 }
660
661 /* check for the far side aborting the call or a network error
662 * occurring */
663 if (call->state > RXRPC_CALL_COMPLETE)
664 goto call_aborted;
665
666 /* add the packet to the send queue if it's now full */
667 if (sp->remain <= 0 || (segment == 0 && !more)) {
668 struct rxrpc_connection *conn = call->conn;
669 size_t pad;
670
671 /* pad out if we're using security */
672 if (conn->security) {
673 pad = conn->security_size + skb->mark;
674 pad = conn->size_align - pad;
675 pad &= conn->size_align - 1;
676 _debug("pad %zu", pad);
677 if (pad)
678 memset(skb_put(skb, pad), 0, pad);
679 }
680
681 sp->hdr.epoch = conn->epoch;
682 sp->hdr.cid = call->cid;
683 sp->hdr.callNumber = call->call_id;
684 sp->hdr.seq =
685 htonl(atomic_inc_return(&call->sequence));
686 sp->hdr.serial =
687 htonl(atomic_inc_return(&conn->serial));
688 sp->hdr.type = RXRPC_PACKET_TYPE_DATA;
689 sp->hdr.userStatus = 0;
690 sp->hdr.securityIndex = conn->security_ix;
691 sp->hdr._rsvd = 0;
692 sp->hdr.serviceId = conn->service_id;
693
694 sp->hdr.flags = conn->out_clientflag;
695 if (len == 0 && !more)
696 sp->hdr.flags |= RXRPC_LAST_PACKET;
697 else if (CIRC_SPACE(call->acks_head, call->acks_tail,
698 call->acks_winsz) > 1)
699 sp->hdr.flags |= RXRPC_MORE_PACKETS;
700
701 ret = rxrpc_secure_packet(
702 call, skb, skb->mark,
703 skb->head + sizeof(struct rxrpc_header));
704 if (ret < 0)
705 goto out;
706
707 memcpy(skb->head, &sp->hdr,
708 sizeof(struct rxrpc_header));
709 rxrpc_queue_packet(call, skb, segment == 0 && !more);
710 skb = NULL;
711 }
712
713 } while (segment > 0);
714
715 success:
716 ret = copied;
717 out:
718 call->tx_pending = skb;
719 _leave(" = %d", ret);
720 return ret;
721
722 call_aborted:
723 rxrpc_free_skb(skb);
724 if (call->state == RXRPC_CALL_NETWORK_ERROR)
725 ret = call->conn->trans->peer->net_error;
726 else
727 ret = -ECONNABORTED;
728 _leave(" = %d", ret);
729 return ret;
730
731 maybe_error:
732 if (copied)
733 goto success;
734 goto out;
735
736 efault:
737 ret = -EFAULT;
738 goto out;
739 }
kernel source for telekom puls (alcatel/mediatek)