search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
uprobes: Fix overflow in vma_address()/find_active_uprobe()
[linux-2.6.git] / net / batman-adv / routing.c
blob015471d801b42eceb554c0ed86d6a49971389774
1 /*
2 * Copyright (C) 2007-2012 B.A.T.M.A.N. contributors:
3 *
4 * Marek Lindner, Simon Wunderlich
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of version 2 of the GNU General Public
8 * License as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
18 * 02110-1301, USA
19 *
20 */
21
22 #include "main.h"
23 #include "routing.h"
24 #include "send.h"
25 #include "soft-interface.h"
26 #include "hard-interface.h"
27 #include "icmp_socket.h"
28 #include "translation-table.h"
29 #include "originator.h"
30 #include "vis.h"
31 #include "unicast.h"
32 #include "bridge_loop_avoidance.h"
33
34 static int route_unicast_packet(struct sk_buff *skb,
35 struct hard_iface *recv_if);
36
37 void slide_own_bcast_window(struct hard_iface *hard_iface)
38 {
39 struct bat_priv *bat_priv = netdev_priv(hard_iface->soft_iface);
40 struct hashtable_t *hash = bat_priv->orig_hash;
41 struct hlist_node *node;
42 struct hlist_head *head;
43 struct orig_node *orig_node;
44 unsigned long *word;
45 uint32_t i;
46 size_t word_index;
47
48 for (i = 0; i < hash->size; i++) {
49 head = &hash->table[i];
50
51 rcu_read_lock();
52 hlist_for_each_entry_rcu(orig_node, node, head, hash_entry) {
53 spin_lock_bh(&orig_node->ogm_cnt_lock);
54 word_index = hard_iface->if_num * NUM_WORDS;
55 word = &(orig_node->bcast_own[word_index]);
56
57 bit_get_packet(bat_priv, word, 1, 0);
58 orig_node->bcast_own_sum[hard_iface->if_num] =
59 bitmap_weight(word, TQ_LOCAL_WINDOW_SIZE);
60 spin_unlock_bh(&orig_node->ogm_cnt_lock);
61 }
62 rcu_read_unlock();
63 }
64 }
65
66 static void _update_route(struct bat_priv *bat_priv,
67 struct orig_node *orig_node,
68 struct neigh_node *neigh_node)
69 {
70 struct neigh_node *curr_router;
71
72 curr_router = orig_node_get_router(orig_node);
73
74 /* route deleted */
75 if ((curr_router) && (!neigh_node)) {
76 bat_dbg(DBG_ROUTES, bat_priv, "Deleting route towards: %pM\n",
77 orig_node->orig);
78 tt_global_del_orig(bat_priv, orig_node,
79 "Deleted route towards originator");
80
81 /* route added */
82 } else if ((!curr_router) && (neigh_node)) {
83
84 bat_dbg(DBG_ROUTES, bat_priv,
85 "Adding route towards: %pM (via %pM)\n",
86 orig_node->orig, neigh_node->addr);
87 /* route changed */
88 } else if (neigh_node && curr_router) {
89 bat_dbg(DBG_ROUTES, bat_priv,
90 "Changing route towards: %pM (now via %pM - was via %pM)\n",
91 orig_node->orig, neigh_node->addr,
92 curr_router->addr);
93 }
94
95 if (curr_router)
96 neigh_node_free_ref(curr_router);
97
98 /* increase refcount of new best neighbor */
99 if (neigh_node && !atomic_inc_not_zero(&neigh_node->refcount))
100 neigh_node = NULL;
101
102 spin_lock_bh(&orig_node->neigh_list_lock);
103 rcu_assign_pointer(orig_node->router, neigh_node);
104 spin_unlock_bh(&orig_node->neigh_list_lock);
105
106 /* decrease refcount of previous best neighbor */
107 if (curr_router)
108 neigh_node_free_ref(curr_router);
109 }
110
111 void update_route(struct bat_priv *bat_priv, struct orig_node *orig_node,
112 struct neigh_node *neigh_node)
113 {
114 struct neigh_node *router = NULL;
115
116 if (!orig_node)
117 goto out;
118
119 router = orig_node_get_router(orig_node);
120
121 if (router != neigh_node)
122 _update_route(bat_priv, orig_node, neigh_node);
123
124 out:
125 if (router)
126 neigh_node_free_ref(router);
127 }
128
129 /* caller must hold the neigh_list_lock */
130 void bonding_candidate_del(struct orig_node *orig_node,
131 struct neigh_node *neigh_node)
132 {
133 /* this neighbor is not part of our candidate list */
134 if (list_empty(&neigh_node->bonding_list))
135 goto out;
136
137 list_del_rcu(&neigh_node->bonding_list);
138 INIT_LIST_HEAD(&neigh_node->bonding_list);
139 neigh_node_free_ref(neigh_node);
140 atomic_dec(&orig_node->bond_candidates);
141
142 out:
143 return;
144 }
145
146 void bonding_candidate_add(struct orig_node *orig_node,
147 struct neigh_node *neigh_node)
148 {
149 struct hlist_node *node;
150 struct neigh_node *tmp_neigh_node, *router = NULL;
151 uint8_t interference_candidate = 0;
152
153 spin_lock_bh(&orig_node->neigh_list_lock);
154
155 /* only consider if it has the same primary address ... */
156 if (!compare_eth(orig_node->orig,
157 neigh_node->orig_node->primary_addr))
158 goto candidate_del;
159
160 router = orig_node_get_router(orig_node);
161 if (!router)
162 goto candidate_del;
163
164 /* ... and is good enough to be considered */
165 if (neigh_node->tq_avg < router->tq_avg - BONDING_TQ_THRESHOLD)
166 goto candidate_del;
167
168 /**
169 * check if we have another candidate with the same mac address or
170 * interface. If we do, we won't select this candidate because of
171 * possible interference.
172 */
173 hlist_for_each_entry_rcu(tmp_neigh_node, node,
174 &orig_node->neigh_list, list) {
175
176 if (tmp_neigh_node == neigh_node)
177 continue;
178
179 /* we only care if the other candidate is even
180 * considered as candidate. */
181 if (list_empty(&tmp_neigh_node->bonding_list))
182 continue;
183
184 if ((neigh_node->if_incoming == tmp_neigh_node->if_incoming) ||
185 (compare_eth(neigh_node->addr, tmp_neigh_node->addr))) {
186 interference_candidate = 1;
187 break;
188 }
189 }
190
191 /* don't care further if it is an interference candidate */
192 if (interference_candidate)
193 goto candidate_del;
194
195 /* this neighbor already is part of our candidate list */
196 if (!list_empty(&neigh_node->bonding_list))
197 goto out;
198
199 if (!atomic_inc_not_zero(&neigh_node->refcount))
200 goto out;
201
202 list_add_rcu(&neigh_node->bonding_list, &orig_node->bond_list);
203 atomic_inc(&orig_node->bond_candidates);
204 goto out;
205
206 candidate_del:
207 bonding_candidate_del(orig_node, neigh_node);
208
209 out:
210 spin_unlock_bh(&orig_node->neigh_list_lock);
211
212 if (router)
213 neigh_node_free_ref(router);
214 }
215
216 /* copy primary address for bonding */
217 void bonding_save_primary(const struct orig_node *orig_node,
218 struct orig_node *orig_neigh_node,
219 const struct batman_ogm_packet *batman_ogm_packet)
220 {
221 if (!(batman_ogm_packet->flags & PRIMARIES_FIRST_HOP))
222 return;
223
224 memcpy(orig_neigh_node->primary_addr, orig_node->orig, ETH_ALEN);
225 }
226
227 /* checks whether the host restarted and is in the protection time.
228 * returns:
229 * 0 if the packet is to be accepted
230 * 1 if the packet is to be ignored.
231 */
232 int window_protected(struct bat_priv *bat_priv, int32_t seq_num_diff,
233 unsigned long *last_reset)
234 {
235 if ((seq_num_diff <= -TQ_LOCAL_WINDOW_SIZE) ||
236 (seq_num_diff >= EXPECTED_SEQNO_RANGE)) {
237 if (!has_timed_out(*last_reset, RESET_PROTECTION_MS))
238 return 1;
239
240 *last_reset = jiffies;
241 bat_dbg(DBG_BATMAN, bat_priv,
242 "old packet received, start protection\n");
243 }
244
245 return 0;
246 }
247
248 bool check_management_packet(struct sk_buff *skb,
249 struct hard_iface *hard_iface,
250 int header_len)
251 {
252 struct ethhdr *ethhdr;
253
254 /* drop packet if it has not necessary minimum size */
255 if (unlikely(!pskb_may_pull(skb, header_len)))
256 return false;
257
258 ethhdr = (struct ethhdr *)skb_mac_header(skb);
259
260 /* packet with broadcast indication but unicast recipient */
261 if (!is_broadcast_ether_addr(ethhdr->h_dest))
262 return false;
263
264 /* packet with broadcast sender address */
265 if (is_broadcast_ether_addr(ethhdr->h_source))
266 return false;
267
268 /* create a copy of the skb, if needed, to modify it. */
269 if (skb_cow(skb, 0) < 0)
270 return false;
271
272 /* keep skb linear */
273 if (skb_linearize(skb) < 0)
274 return false;
275
276 return true;
277 }
278
279 static int recv_my_icmp_packet(struct bat_priv *bat_priv,
280 struct sk_buff *skb, size_t icmp_len)
281 {
282 struct hard_iface *primary_if = NULL;
283 struct orig_node *orig_node = NULL;
284 struct neigh_node *router = NULL;
285 struct icmp_packet_rr *icmp_packet;
286 int ret = NET_RX_DROP;
287
288 icmp_packet = (struct icmp_packet_rr *)skb->data;
289
290 /* add data to device queue */
291 if (icmp_packet->msg_type != ECHO_REQUEST) {
292 bat_socket_receive_packet(icmp_packet, icmp_len);
293 goto out;
294 }
295
296 primary_if = primary_if_get_selected(bat_priv);
297 if (!primary_if)
298 goto out;
299
300 /* answer echo request (ping) */
301 /* get routing information */
302 orig_node = orig_hash_find(bat_priv, icmp_packet->orig);
303 if (!orig_node)
304 goto out;
305
306 router = orig_node_get_router(orig_node);
307 if (!router)
308 goto out;
309
310 /* create a copy of the skb, if needed, to modify it. */
311 if (skb_cow(skb, ETH_HLEN) < 0)
312 goto out;
313
314 icmp_packet = (struct icmp_packet_rr *)skb->data;
315
316 memcpy(icmp_packet->dst, icmp_packet->orig, ETH_ALEN);
317 memcpy(icmp_packet->orig, primary_if->net_dev->dev_addr, ETH_ALEN);
318 icmp_packet->msg_type = ECHO_REPLY;
319 icmp_packet->header.ttl = TTL;
320
321 send_skb_packet(skb, router->if_incoming, router->addr);
322 ret = NET_RX_SUCCESS;
323
324 out:
325 if (primary_if)
326 hardif_free_ref(primary_if);
327 if (router)
328 neigh_node_free_ref(router);
329 if (orig_node)
330 orig_node_free_ref(orig_node);
331 return ret;
332 }
333
334 static int recv_icmp_ttl_exceeded(struct bat_priv *bat_priv,
335 struct sk_buff *skb)
336 {
337 struct hard_iface *primary_if = NULL;
338 struct orig_node *orig_node = NULL;
339 struct neigh_node *router = NULL;
340 struct icmp_packet *icmp_packet;
341 int ret = NET_RX_DROP;
342
343 icmp_packet = (struct icmp_packet *)skb->data;
344
345 /* send TTL exceeded if packet is an echo request (traceroute) */
346 if (icmp_packet->msg_type != ECHO_REQUEST) {
347 pr_debug("Warning - can't forward icmp packet from %pM to %pM: ttl exceeded\n",
348 icmp_packet->orig, icmp_packet->dst);
349 goto out;
350 }
351
352 primary_if = primary_if_get_selected(bat_priv);
353 if (!primary_if)
354 goto out;
355
356 /* get routing information */
357 orig_node = orig_hash_find(bat_priv, icmp_packet->orig);
358 if (!orig_node)
359 goto out;
360
361 router = orig_node_get_router(orig_node);
362 if (!router)
363 goto out;
364
365 /* create a copy of the skb, if needed, to modify it. */
366 if (skb_cow(skb, ETH_HLEN) < 0)
367 goto out;
368
369 icmp_packet = (struct icmp_packet *)skb->data;
370
371 memcpy(icmp_packet->dst, icmp_packet->orig, ETH_ALEN);
372 memcpy(icmp_packet->orig, primary_if->net_dev->dev_addr, ETH_ALEN);
373 icmp_packet->msg_type = TTL_EXCEEDED;
374 icmp_packet->header.ttl = TTL;
375
376 send_skb_packet(skb, router->if_incoming, router->addr);
377 ret = NET_RX_SUCCESS;
378
379 out:
380 if (primary_if)
381 hardif_free_ref(primary_if);
382 if (router)
383 neigh_node_free_ref(router);
384 if (orig_node)
385 orig_node_free_ref(orig_node);
386 return ret;
387 }
388
389
390 int recv_icmp_packet(struct sk_buff *skb, struct hard_iface *recv_if)
391 {
392 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface);
393 struct icmp_packet_rr *icmp_packet;
394 struct ethhdr *ethhdr;
395 struct orig_node *orig_node = NULL;
396 struct neigh_node *router = NULL;
397 int hdr_size = sizeof(struct icmp_packet);
398 int ret = NET_RX_DROP;
399
400 /**
401 * we truncate all incoming icmp packets if they don't match our size
402 */
403 if (skb->len >= sizeof(struct icmp_packet_rr))
404 hdr_size = sizeof(struct icmp_packet_rr);
405
406 /* drop packet if it has not necessary minimum size */
407 if (unlikely(!pskb_may_pull(skb, hdr_size)))
408 goto out;
409
410 ethhdr = (struct ethhdr *)skb_mac_header(skb);
411
412 /* packet with unicast indication but broadcast recipient */
413 if (is_broadcast_ether_addr(ethhdr->h_dest))
414 goto out;
415
416 /* packet with broadcast sender address */
417 if (is_broadcast_ether_addr(ethhdr->h_source))
418 goto out;
419
420 /* not for me */
421 if (!is_my_mac(ethhdr->h_dest))
422 goto out;
423
424 icmp_packet = (struct icmp_packet_rr *)skb->data;
425
426 /* add record route information if not full */
427 if ((hdr_size == sizeof(struct icmp_packet_rr)) &&
428 (icmp_packet->rr_cur < BAT_RR_LEN)) {
429 memcpy(&(icmp_packet->rr[icmp_packet->rr_cur]),
430 ethhdr->h_dest, ETH_ALEN);
431 icmp_packet->rr_cur++;
432 }
433
434 /* packet for me */
435 if (is_my_mac(icmp_packet->dst))
436 return recv_my_icmp_packet(bat_priv, skb, hdr_size);
437
438 /* TTL exceeded */
439 if (icmp_packet->header.ttl < 2)
440 return recv_icmp_ttl_exceeded(bat_priv, skb);
441
442 /* get routing information */
443 orig_node = orig_hash_find(bat_priv, icmp_packet->dst);
444 if (!orig_node)
445 goto out;
446
447 router = orig_node_get_router(orig_node);
448 if (!router)
449 goto out;
450
451 /* create a copy of the skb, if needed, to modify it. */
452 if (skb_cow(skb, ETH_HLEN) < 0)
453 goto out;
454
455 icmp_packet = (struct icmp_packet_rr *)skb->data;
456
457 /* decrement ttl */
458 icmp_packet->header.ttl--;
459
460 /* route it */
461 send_skb_packet(skb, router->if_incoming, router->addr);
462 ret = NET_RX_SUCCESS;
463
464 out:
465 if (router)
466 neigh_node_free_ref(router);
467 if (orig_node)
468 orig_node_free_ref(orig_node);
469 return ret;
470 }
471
472 /* In the bonding case, send the packets in a round
473 * robin fashion over the remaining interfaces.
474 *
475 * This method rotates the bonding list and increases the
476 * returned router's refcount. */
477 static struct neigh_node *find_bond_router(struct orig_node *primary_orig,
478 const struct hard_iface *recv_if)
479 {
480 struct neigh_node *tmp_neigh_node;
481 struct neigh_node *router = NULL, *first_candidate = NULL;
482
483 rcu_read_lock();
484 list_for_each_entry_rcu(tmp_neigh_node, &primary_orig->bond_list,
485 bonding_list) {
486 if (!first_candidate)
487 first_candidate = tmp_neigh_node;
488
489 /* recv_if == NULL on the first node. */
490 if (tmp_neigh_node->if_incoming == recv_if)
491 continue;
492
493 if (!atomic_inc_not_zero(&tmp_neigh_node->refcount))
494 continue;
495
496 router = tmp_neigh_node;
497 break;
498 }
499
500 /* use the first candidate if nothing was found. */
501 if (!router && first_candidate &&
502 atomic_inc_not_zero(&first_candidate->refcount))
503 router = first_candidate;
504
505 if (!router)
506 goto out;
507
508 /* selected should point to the next element
509 * after the current router */
510 spin_lock_bh(&primary_orig->neigh_list_lock);
511 /* this is a list_move(), which unfortunately
512 * does not exist as rcu version */
513 list_del_rcu(&primary_orig->bond_list);
514 list_add_rcu(&primary_orig->bond_list,
515 &router->bonding_list);
516 spin_unlock_bh(&primary_orig->neigh_list_lock);
517
518 out:
519 rcu_read_unlock();
520 return router;
521 }
522
523 /* Interface Alternating: Use the best of the
524 * remaining candidates which are not using
525 * this interface.
526 *
527 * Increases the returned router's refcount */
528 static struct neigh_node *find_ifalter_router(struct orig_node *primary_orig,
529 const struct hard_iface *recv_if)
530 {
531 struct neigh_node *tmp_neigh_node;
532 struct neigh_node *router = NULL, *first_candidate = NULL;
533
534 rcu_read_lock();
535 list_for_each_entry_rcu(tmp_neigh_node, &primary_orig->bond_list,
536 bonding_list) {
537 if (!first_candidate)
538 first_candidate = tmp_neigh_node;
539
540 /* recv_if == NULL on the first node. */
541 if (tmp_neigh_node->if_incoming == recv_if)
542 continue;
543
544 if (!atomic_inc_not_zero(&tmp_neigh_node->refcount))
545 continue;
546
547 /* if we don't have a router yet
548 * or this one is better, choose it. */
549 if ((!router) ||
550 (tmp_neigh_node->tq_avg > router->tq_avg)) {
551 /* decrement refcount of
552 * previously selected router */
553 if (router)
554 neigh_node_free_ref(router);
555
556 router = tmp_neigh_node;
557 atomic_inc_not_zero(&router->refcount);
558 }
559
560 neigh_node_free_ref(tmp_neigh_node);
561 }
562
563 /* use the first candidate if nothing was found. */
564 if (!router && first_candidate &&
565 atomic_inc_not_zero(&first_candidate->refcount))
566 router = first_candidate;
567
568 rcu_read_unlock();
569 return router;
570 }
571
572 int recv_tt_query(struct sk_buff *skb, struct hard_iface *recv_if)
573 {
574 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface);
575 struct tt_query_packet *tt_query;
576 uint16_t tt_len;
577 struct ethhdr *ethhdr;
578
579 /* drop packet if it has not necessary minimum size */
580 if (unlikely(!pskb_may_pull(skb, sizeof(struct tt_query_packet))))
581 goto out;
582
583 /* I could need to modify it */
584 if (skb_cow(skb, sizeof(struct tt_query_packet)) < 0)
585 goto out;
586
587 ethhdr = (struct ethhdr *)skb_mac_header(skb);
588
589 /* packet with unicast indication but broadcast recipient */
590 if (is_broadcast_ether_addr(ethhdr->h_dest))
591 goto out;
592
593 /* packet with broadcast sender address */
594 if (is_broadcast_ether_addr(ethhdr->h_source))
595 goto out;
596
597 tt_query = (struct tt_query_packet *)skb->data;
598
599 tt_query->tt_data = ntohs(tt_query->tt_data);
600
601 switch (tt_query->flags & TT_QUERY_TYPE_MASK) {
602 case TT_REQUEST:
603 /* If we cannot provide an answer the tt_request is
604 * forwarded */
605 if (!send_tt_response(bat_priv, tt_query)) {
606 bat_dbg(DBG_TT, bat_priv,
607 "Routing TT_REQUEST to %pM [%c]\n",
608 tt_query->dst,
609 (tt_query->flags & TT_FULL_TABLE ? 'F' : '.'));
610 tt_query->tt_data = htons(tt_query->tt_data);
611 return route_unicast_packet(skb, recv_if);
612 }
613 break;
614 case TT_RESPONSE:
615 if (is_my_mac(tt_query->dst)) {
616 /* packet needs to be linearized to access the TT
617 * changes */
618 if (skb_linearize(skb) < 0)
619 goto out;
620 /* skb_linearize() possibly changed skb->data */
621 tt_query = (struct tt_query_packet *)skb->data;
622
623 tt_len = tt_query->tt_data * sizeof(struct tt_change);
624
625 /* Ensure we have all the claimed data */
626 if (unlikely(skb_headlen(skb) <
627 sizeof(struct tt_query_packet) + tt_len))
628 goto out;
629
630 handle_tt_response(bat_priv, tt_query);
631 } else {
632 bat_dbg(DBG_TT, bat_priv,
633 "Routing TT_RESPONSE to %pM [%c]\n",
634 tt_query->dst,
635 (tt_query->flags & TT_FULL_TABLE ? 'F' : '.'));
636 tt_query->tt_data = htons(tt_query->tt_data);
637 return route_unicast_packet(skb, recv_if);
638 }
639 break;
640 }
641
642 out:
643 /* returning NET_RX_DROP will make the caller function kfree the skb */
644 return NET_RX_DROP;
645 }
646
647 int recv_roam_adv(struct sk_buff *skb, struct hard_iface *recv_if)
648 {
649 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface);
650 struct roam_adv_packet *roam_adv_packet;
651 struct orig_node *orig_node;
652 struct ethhdr *ethhdr;
653
654 /* drop packet if it has not necessary minimum size */
655 if (unlikely(!pskb_may_pull(skb, sizeof(struct roam_adv_packet))))
656 goto out;
657
658 ethhdr = (struct ethhdr *)skb_mac_header(skb);
659
660 /* packet with unicast indication but broadcast recipient */
661 if (is_broadcast_ether_addr(ethhdr->h_dest))
662 goto out;
663
664 /* packet with broadcast sender address */
665 if (is_broadcast_ether_addr(ethhdr->h_source))
666 goto out;
667
668 roam_adv_packet = (struct roam_adv_packet *)skb->data;
669
670 if (!is_my_mac(roam_adv_packet->dst))
671 return route_unicast_packet(skb, recv_if);
672
673 /* check if it is a backbone gateway. we don't accept
674 * roaming advertisement from it, as it has the same
675 * entries as we have.
676 */
677 if (bla_is_backbone_gw_orig(bat_priv, roam_adv_packet->src))
678 goto out;
679
680 orig_node = orig_hash_find(bat_priv, roam_adv_packet->src);
681 if (!orig_node)
682 goto out;
683
684 bat_dbg(DBG_TT, bat_priv,
685 "Received ROAMING_ADV from %pM (client %pM)\n",
686 roam_adv_packet->src, roam_adv_packet->client);
687
688 tt_global_add(bat_priv, orig_node, roam_adv_packet->client,
689 atomic_read(&orig_node->last_ttvn) + 1, true, false);
690
691 /* Roaming phase starts: I have new information but the ttvn has not
692 * been incremented yet. This flag will make me check all the incoming
693 * packets for the correct destination. */
694 bat_priv->tt_poss_change = true;
695
696 orig_node_free_ref(orig_node);
697 out:
698 /* returning NET_RX_DROP will make the caller function kfree the skb */
699 return NET_RX_DROP;
700 }
701
702 /* find a suitable router for this originator, and use
703 * bonding if possible. increases the found neighbors
704 * refcount.*/
705 struct neigh_node *find_router(struct bat_priv *bat_priv,
706 struct orig_node *orig_node,
707 const struct hard_iface *recv_if)
708 {
709 struct orig_node *primary_orig_node;
710 struct orig_node *router_orig;
711 struct neigh_node *router;
712 static uint8_t zero_mac[ETH_ALEN] = {0, 0, 0, 0, 0, 0};
713 int bonding_enabled;
714
715 if (!orig_node)
716 return NULL;
717
718 router = orig_node_get_router(orig_node);
719 if (!router)
720 goto err;
721
722 /* without bonding, the first node should
723 * always choose the default router. */
724 bonding_enabled = atomic_read(&bat_priv->bonding);
725
726 rcu_read_lock();
727 /* select default router to output */
728 router_orig = router->orig_node;
729 if (!router_orig)
730 goto err_unlock;
731
732 if ((!recv_if) && (!bonding_enabled))
733 goto return_router;
734
735 /* if we have something in the primary_addr, we can search
736 * for a potential bonding candidate. */
737 if (compare_eth(router_orig->primary_addr, zero_mac))
738 goto return_router;
739
740 /* find the orig_node which has the primary interface. might
741 * even be the same as our router_orig in many cases */
742
743 if (compare_eth(router_orig->primary_addr, router_orig->orig)) {
744 primary_orig_node = router_orig;
745 } else {
746 primary_orig_node = orig_hash_find(bat_priv,
747 router_orig->primary_addr);
748 if (!primary_orig_node)
749 goto return_router;
750
751 orig_node_free_ref(primary_orig_node);
752 }
753
754 /* with less than 2 candidates, we can't do any
755 * bonding and prefer the original router. */
756 if (atomic_read(&primary_orig_node->bond_candidates) < 2)
757 goto return_router;
758
759 /* all nodes between should choose a candidate which
760 * is is not on the interface where the packet came
761 * in. */
762
763 neigh_node_free_ref(router);
764
765 if (bonding_enabled)
766 router = find_bond_router(primary_orig_node, recv_if);
767 else
768 router = find_ifalter_router(primary_orig_node, recv_if);
769
770 return_router:
771 if (router && router->if_incoming->if_status != IF_ACTIVE)
772 goto err_unlock;
773
774 rcu_read_unlock();
775 return router;
776 err_unlock:
777 rcu_read_unlock();
778 err:
779 if (router)
780 neigh_node_free_ref(router);
781 return NULL;
782 }
783
784 static int check_unicast_packet(struct sk_buff *skb, int hdr_size)
785 {
786 struct ethhdr *ethhdr;
787
788 /* drop packet if it has not necessary minimum size */
789 if (unlikely(!pskb_may_pull(skb, hdr_size)))
790 return -1;
791
792 ethhdr = (struct ethhdr *)skb_mac_header(skb);
793
794 /* packet with unicast indication but broadcast recipient */
795 if (is_broadcast_ether_addr(ethhdr->h_dest))
796 return -1;
797
798 /* packet with broadcast sender address */
799 if (is_broadcast_ether_addr(ethhdr->h_source))
800 return -1;
801
802 /* not for me */
803 if (!is_my_mac(ethhdr->h_dest))
804 return -1;
805
806 return 0;
807 }
808
809 static int route_unicast_packet(struct sk_buff *skb, struct hard_iface *recv_if)
810 {
811 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface);
812 struct orig_node *orig_node = NULL;
813 struct neigh_node *neigh_node = NULL;
814 struct unicast_packet *unicast_packet;
815 struct ethhdr *ethhdr = (struct ethhdr *)skb_mac_header(skb);
816 int ret = NET_RX_DROP;
817 struct sk_buff *new_skb;
818
819 unicast_packet = (struct unicast_packet *)skb->data;
820
821 /* TTL exceeded */
822 if (unicast_packet->header.ttl < 2) {
823 pr_debug("Warning - can't forward unicast packet from %pM to %pM: ttl exceeded\n",
824 ethhdr->h_source, unicast_packet->dest);
825 goto out;
826 }
827
828 /* get routing information */
829 orig_node = orig_hash_find(bat_priv, unicast_packet->dest);
830
831 if (!orig_node)
832 goto out;
833
834 /* find_router() increases neigh_nodes refcount if found. */
835 neigh_node = find_router(bat_priv, orig_node, recv_if);
836
837 if (!neigh_node)
838 goto out;
839
840 /* create a copy of the skb, if needed, to modify it. */
841 if (skb_cow(skb, ETH_HLEN) < 0)
842 goto out;
843
844 unicast_packet = (struct unicast_packet *)skb->data;
845
846 if (unicast_packet->header.packet_type == BAT_UNICAST &&
847 atomic_read(&bat_priv->fragmentation) &&
848 skb->len > neigh_node->if_incoming->net_dev->mtu) {
849 ret = frag_send_skb(skb, bat_priv,
850 neigh_node->if_incoming, neigh_node->addr);
851 goto out;
852 }
853
854 if (unicast_packet->header.packet_type == BAT_UNICAST_FRAG &&
855 frag_can_reassemble(skb, neigh_node->if_incoming->net_dev->mtu)) {
856
857 ret = frag_reassemble_skb(skb, bat_priv, &new_skb);
858
859 if (ret == NET_RX_DROP)
860 goto out;
861
862 /* packet was buffered for late merge */
863 if (!new_skb) {
864 ret = NET_RX_SUCCESS;
865 goto out;
866 }
867
868 skb = new_skb;
869 unicast_packet = (struct unicast_packet *)skb->data;
870 }
871
872 /* decrement ttl */
873 unicast_packet->header.ttl--;
874
875 /* route it */
876 send_skb_packet(skb, neigh_node->if_incoming, neigh_node->addr);
877 ret = NET_RX_SUCCESS;
878
879 out:
880 if (neigh_node)
881 neigh_node_free_ref(neigh_node);
882 if (orig_node)
883 orig_node_free_ref(orig_node);
884 return ret;
885 }
886
887 static int check_unicast_ttvn(struct bat_priv *bat_priv,
888 struct sk_buff *skb) {
889 uint8_t curr_ttvn;
890 struct orig_node *orig_node;
891 struct ethhdr *ethhdr;
892 struct hard_iface *primary_if;
893 struct unicast_packet *unicast_packet;
894 bool tt_poss_change;
895
896 /* I could need to modify it */
897 if (skb_cow(skb, sizeof(struct unicast_packet)) < 0)
898 return 0;
899
900 unicast_packet = (struct unicast_packet *)skb->data;
901
902 if (is_my_mac(unicast_packet->dest)) {
903 tt_poss_change = bat_priv->tt_poss_change;
904 curr_ttvn = (uint8_t)atomic_read(&bat_priv->ttvn);
905 } else {
906 orig_node = orig_hash_find(bat_priv, unicast_packet->dest);
907
908 if (!orig_node)
909 return 0;
910
911 curr_ttvn = (uint8_t)atomic_read(&orig_node->last_ttvn);
912 tt_poss_change = orig_node->tt_poss_change;
913 orig_node_free_ref(orig_node);
914 }
915
916 /* Check whether I have to reroute the packet */
917 if (seq_before(unicast_packet->ttvn, curr_ttvn) || tt_poss_change) {
918 /* check if there is enough data before accessing it */
919 if (pskb_may_pull(skb, sizeof(struct unicast_packet) +
920 ETH_HLEN) < 0)
921 return 0;
922
923 ethhdr = (struct ethhdr *)(skb->data +
924 sizeof(struct unicast_packet));
925
926 /* we don't have an updated route for this client, so we should
927 * not try to reroute the packet!!
928 */
929 if (tt_global_client_is_roaming(bat_priv, ethhdr->h_dest))
930 return 1;
931
932 orig_node = transtable_search(bat_priv, NULL, ethhdr->h_dest);
933
934 if (!orig_node) {
935 if (!is_my_client(bat_priv, ethhdr->h_dest))
936 return 0;
937 primary_if = primary_if_get_selected(bat_priv);
938 if (!primary_if)
939 return 0;
940 memcpy(unicast_packet->dest,
941 primary_if->net_dev->dev_addr, ETH_ALEN);
942 hardif_free_ref(primary_if);
943 } else {
944 memcpy(unicast_packet->dest, orig_node->orig,
945 ETH_ALEN);
946 curr_ttvn = (uint8_t)
947 atomic_read(&orig_node->last_ttvn);
948 orig_node_free_ref(orig_node);
949 }
950
951 bat_dbg(DBG_ROUTES, bat_priv,
952 "TTVN mismatch (old_ttvn %u new_ttvn %u)! Rerouting unicast packet (for %pM) to %pM\n",
953 unicast_packet->ttvn, curr_ttvn, ethhdr->h_dest,
954 unicast_packet->dest);
955
956 unicast_packet->ttvn = curr_ttvn;
957 }
958 return 1;
959 }
960
961 int recv_unicast_packet(struct sk_buff *skb, struct hard_iface *recv_if)
962 {
963 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface);
964 struct unicast_packet *unicast_packet;
965 int hdr_size = sizeof(*unicast_packet);
966
967 if (check_unicast_packet(skb, hdr_size) < 0)
968 return NET_RX_DROP;
969
970 if (!check_unicast_ttvn(bat_priv, skb))
971 return NET_RX_DROP;
972
973 unicast_packet = (struct unicast_packet *)skb->data;
974
975 /* packet for me */
976 if (is_my_mac(unicast_packet->dest)) {
977 interface_rx(recv_if->soft_iface, skb, recv_if, hdr_size);
978 return NET_RX_SUCCESS;
979 }
980
981 return route_unicast_packet(skb, recv_if);
982 }
983
984 int recv_ucast_frag_packet(struct sk_buff *skb, struct hard_iface *recv_if)
985 {
986 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface);
987 struct unicast_frag_packet *unicast_packet;
988 int hdr_size = sizeof(*unicast_packet);
989 struct sk_buff *new_skb = NULL;
990 int ret;
991
992 if (check_unicast_packet(skb, hdr_size) < 0)
993 return NET_RX_DROP;
994
995 if (!check_unicast_ttvn(bat_priv, skb))
996 return NET_RX_DROP;
997
998 unicast_packet = (struct unicast_frag_packet *)skb->data;
999
1000 /* packet for me */
1001 if (is_my_mac(unicast_packet->dest)) {
1002
1003 ret = frag_reassemble_skb(skb, bat_priv, &new_skb);
1004
1005 if (ret == NET_RX_DROP)
1006 return NET_RX_DROP;
1007
1008 /* packet was buffered for late merge */
1009 if (!new_skb)
1010 return NET_RX_SUCCESS;
1011
1012 interface_rx(recv_if->soft_iface, new_skb, recv_if,
1013 sizeof(struct unicast_packet));
1014 return NET_RX_SUCCESS;
1015 }
1016
1017 return route_unicast_packet(skb, recv_if);
1018 }
1019
1020
1021 int recv_bcast_packet(struct sk_buff *skb, struct hard_iface *recv_if)
1022 {
1023 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface);
1024 struct orig_node *orig_node = NULL;
1025 struct bcast_packet *bcast_packet;
1026 struct ethhdr *ethhdr;
1027 int hdr_size = sizeof(*bcast_packet);
1028 int ret = NET_RX_DROP;
1029 int32_t seq_diff;
1030
1031 /* drop packet if it has not necessary minimum size */
1032 if (unlikely(!pskb_may_pull(skb, hdr_size)))
1033 goto out;
1034
1035 ethhdr = (struct ethhdr *)skb_mac_header(skb);
1036
1037 /* packet with broadcast indication but unicast recipient */
1038 if (!is_broadcast_ether_addr(ethhdr->h_dest))
1039 goto out;
1040
1041 /* packet with broadcast sender address */
1042 if (is_broadcast_ether_addr(ethhdr->h_source))
1043 goto out;
1044
1045 /* ignore broadcasts sent by myself */
1046 if (is_my_mac(ethhdr->h_source))
1047 goto out;
1048
1049 bcast_packet = (struct bcast_packet *)skb->data;
1050
1051 /* ignore broadcasts originated by myself */
1052 if (is_my_mac(bcast_packet->orig))
1053 goto out;
1054
1055 if (bcast_packet->header.ttl < 2)
1056 goto out;
1057
1058 orig_node = orig_hash_find(bat_priv, bcast_packet->orig);
1059
1060 if (!orig_node)
1061 goto out;
1062
1063 spin_lock_bh(&orig_node->bcast_seqno_lock);
1064
1065 /* check whether the packet is a duplicate */
1066 if (bat_test_bit(orig_node->bcast_bits, orig_node->last_bcast_seqno,
1067 ntohl(bcast_packet->seqno)))
1068 goto spin_unlock;
1069
1070 seq_diff = ntohl(bcast_packet->seqno) - orig_node->last_bcast_seqno;
1071
1072 /* check whether the packet is old and the host just restarted. */
1073 if (window_protected(bat_priv, seq_diff,
1074 &orig_node->bcast_seqno_reset))
1075 goto spin_unlock;
1076
1077 /* mark broadcast in flood history, update window position
1078 * if required. */
1079 if (bit_get_packet(bat_priv, orig_node->bcast_bits, seq_diff, 1))
1080 orig_node->last_bcast_seqno = ntohl(bcast_packet->seqno);
1081
1082 spin_unlock_bh(&orig_node->bcast_seqno_lock);
1083
1084 /* check whether this has been sent by another originator before */
1085 if (bla_check_bcast_duplist(bat_priv, bcast_packet, hdr_size))
1086 goto out;
1087
1088 /* rebroadcast packet */
1089 add_bcast_packet_to_list(bat_priv, skb, 1);
1090
1091 /* don't hand the broadcast up if it is from an originator
1092 * from the same backbone.
1093 */
1094 if (bla_is_backbone_gw(skb, orig_node, hdr_size))
1095 goto out;
1096
1097 /* broadcast for me */
1098 interface_rx(recv_if->soft_iface, skb, recv_if, hdr_size);
1099 ret = NET_RX_SUCCESS;
1100 goto out;
1101
1102 spin_unlock:
1103 spin_unlock_bh(&orig_node->bcast_seqno_lock);
1104 out:
1105 if (orig_node)
1106 orig_node_free_ref(orig_node);
1107 return ret;
1108 }
1109
1110 int recv_vis_packet(struct sk_buff *skb, struct hard_iface *recv_if)
1111 {
1112 struct vis_packet *vis_packet;
1113 struct ethhdr *ethhdr;
1114 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface);
1115 int hdr_size = sizeof(*vis_packet);
1116
1117 /* keep skb linear */
1118 if (skb_linearize(skb) < 0)
1119 return NET_RX_DROP;
1120
1121 if (unlikely(!pskb_may_pull(skb, hdr_size)))
1122 return NET_RX_DROP;
1123
1124 vis_packet = (struct vis_packet *)skb->data;
1125 ethhdr = (struct ethhdr *)skb_mac_header(skb);
1126
1127 /* not for me */
1128 if (!is_my_mac(ethhdr->h_dest))
1129 return NET_RX_DROP;
1130
1131 /* ignore own packets */
1132 if (is_my_mac(vis_packet->vis_orig))
1133 return NET_RX_DROP;
1134
1135 if (is_my_mac(vis_packet->sender_orig))
1136 return NET_RX_DROP;
1137
1138 switch (vis_packet->vis_type) {
1139 case VIS_TYPE_SERVER_SYNC:
1140 receive_server_sync_packet(bat_priv, vis_packet,
1141 skb_headlen(skb));
1142 break;
1143
1144 case VIS_TYPE_CLIENT_UPDATE:
1145 receive_client_update_packet(bat_priv, vis_packet,
1146 skb_headlen(skb));
1147 break;
1148
1149 default: /* ignore unknown packet */
1150 break;
1151 }
1152
1153 /* We take a copy of the data in the packet, so we should
1154 always free the skbuf. */
1155 return NET_RX_DROP;
1156 }
Linus' kernel tree