1 /* Copyright (C) 2007-2012 B.A.T.M.A.N. contributors: 2 * 3 * Marek Lindner, Simon Wunderlich 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of version 2 of the GNU General Public 7 * License as published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, but 10 * WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 * General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 17 * 02110-1301, USA 18 */ 19 20 #include "main.h" 21 #include "routing.h" 22 #include "send.h" 23 #include "soft-interface.h" 24 #include "hard-interface.h" 25 #include "icmp_socket.h" 26 #include "translation-table.h" 27 #include "originator.h" 28 #include "vis.h" 29 #include "unicast.h" 30 #include "bridge_loop_avoidance.h" 31 32 static int route_unicast_packet(struct sk_buff *skb, 33 struct hard_iface *recv_if); 34 35 void batadv_slide_own_bcast_window(struct hard_iface *hard_iface) 36 { 37 struct bat_priv *bat_priv = netdev_priv(hard_iface->soft_iface); 38 struct hashtable_t *hash = bat_priv->orig_hash; 39 struct hlist_node *node; 40 struct hlist_head *head; 41 struct orig_node *orig_node; 42 unsigned long *word; 43 uint32_t i; 44 size_t word_index; 45 46 for (i = 0; i < hash->size; i++) { 47 head = &hash->table[i]; 48 49 rcu_read_lock(); 50 hlist_for_each_entry_rcu(orig_node, node, head, hash_entry) { 51 spin_lock_bh(&orig_node->ogm_cnt_lock); 52 word_index = hard_iface->if_num * NUM_WORDS; 53 word = &(orig_node->bcast_own[word_index]); 54 55 batadv_bit_get_packet(bat_priv, word, 1, 0); 56 orig_node->bcast_own_sum[hard_iface->if_num] = 57 bitmap_weight(word, TQ_LOCAL_WINDOW_SIZE); 58 spin_unlock_bh(&orig_node->ogm_cnt_lock); 59 } 60 rcu_read_unlock(); 61 } 62 } 63 64 static void _update_route(struct bat_priv *bat_priv, 65 struct orig_node *orig_node, 66 struct neigh_node *neigh_node) 67 { 68 struct neigh_node *curr_router; 69 70 curr_router = batadv_orig_node_get_router(orig_node); 71 72 /* route deleted */ 73 if ((curr_router) && (!neigh_node)) { 74 bat_dbg(DBG_ROUTES, bat_priv, "Deleting route towards: %pM\n", 75 orig_node->orig); 76 batadv_tt_global_del_orig(bat_priv, orig_node, 77 "Deleted route towards originator"); 78 79 /* route added */ 80 } else if ((!curr_router) && (neigh_node)) { 81 82 bat_dbg(DBG_ROUTES, bat_priv, 83 "Adding route towards: %pM (via %pM)\n", 84 orig_node->orig, neigh_node->addr); 85 /* route changed */ 86 } else if (neigh_node && curr_router) { 87 bat_dbg(DBG_ROUTES, bat_priv, 88 "Changing route towards: %pM (now via %pM - was via %pM)\n", 89 orig_node->orig, neigh_node->addr, 90 curr_router->addr); 91 } 92 93 if (curr_router) 94 batadv_neigh_node_free_ref(curr_router); 95 96 /* increase refcount of new best neighbor */ 97 if (neigh_node && !atomic_inc_not_zero(&neigh_node->refcount)) 98 neigh_node = NULL; 99 100 spin_lock_bh(&orig_node->neigh_list_lock); 101 rcu_assign_pointer(orig_node->router, neigh_node); 102 spin_unlock_bh(&orig_node->neigh_list_lock); 103 104 /* decrease refcount of previous best neighbor */ 105 if (curr_router) 106 batadv_neigh_node_free_ref(curr_router); 107 } 108 109 void batadv_update_route(struct bat_priv *bat_priv, struct orig_node *orig_node, 110 struct neigh_node *neigh_node) 111 { 112 struct neigh_node *router = NULL; 113 114 if (!orig_node) 115 goto out; 116 117 router = batadv_orig_node_get_router(orig_node); 118 119 if (router != neigh_node) 120 _update_route(bat_priv, orig_node, neigh_node); 121 122 out: 123 if (router) 124 batadv_neigh_node_free_ref(router); 125 } 126 127 /* caller must hold the neigh_list_lock */ 128 void batadv_bonding_candidate_del(struct orig_node *orig_node, 129 struct neigh_node *neigh_node) 130 { 131 /* this neighbor is not part of our candidate list */ 132 if (list_empty(&neigh_node->bonding_list)) 133 goto out; 134 135 list_del_rcu(&neigh_node->bonding_list); 136 INIT_LIST_HEAD(&neigh_node->bonding_list); 137 batadv_neigh_node_free_ref(neigh_node); 138 atomic_dec(&orig_node->bond_candidates); 139 140 out: 141 return; 142 } 143 144 void batadv_bonding_candidate_add(struct orig_node *orig_node, 145 struct neigh_node *neigh_node) 146 { 147 struct hlist_node *node; 148 struct neigh_node *tmp_neigh_node, *router = NULL; 149 uint8_t interference_candidate = 0; 150 151 spin_lock_bh(&orig_node->neigh_list_lock); 152 153 /* only consider if it has the same primary address ... */ 154 if (!compare_eth(orig_node->orig, 155 neigh_node->orig_node->primary_addr)) 156 goto candidate_del; 157 158 router = batadv_orig_node_get_router(orig_node); 159 if (!router) 160 goto candidate_del; 161 162 /* ... and is good enough to be considered */ 163 if (neigh_node->tq_avg < router->tq_avg - BONDING_TQ_THRESHOLD) 164 goto candidate_del; 165 166 /* check if we have another candidate with the same mac address or 167 * interface. If we do, we won't select this candidate because of 168 * possible interference. 169 */ 170 hlist_for_each_entry_rcu(tmp_neigh_node, node, 171 &orig_node->neigh_list, list) { 172 173 if (tmp_neigh_node == neigh_node) 174 continue; 175 176 /* we only care if the other candidate is even 177 * considered as candidate. 178 */ 179 if (list_empty(&tmp_neigh_node->bonding_list)) 180 continue; 181 182 if ((neigh_node->if_incoming == tmp_neigh_node->if_incoming) || 183 (compare_eth(neigh_node->addr, tmp_neigh_node->addr))) { 184 interference_candidate = 1; 185 break; 186 } 187 } 188 189 /* don't care further if it is an interference candidate */ 190 if (interference_candidate) 191 goto candidate_del; 192 193 /* this neighbor already is part of our candidate list */ 194 if (!list_empty(&neigh_node->bonding_list)) 195 goto out; 196 197 if (!atomic_inc_not_zero(&neigh_node->refcount)) 198 goto out; 199 200 list_add_rcu(&neigh_node->bonding_list, &orig_node->bond_list); 201 atomic_inc(&orig_node->bond_candidates); 202 goto out; 203 204 candidate_del: 205 batadv_bonding_candidate_del(orig_node, neigh_node); 206 207 out: 208 spin_unlock_bh(&orig_node->neigh_list_lock); 209 210 if (router) 211 batadv_neigh_node_free_ref(router); 212 } 213 214 /* copy primary address for bonding */ 215 void 216 batadv_bonding_save_primary(const struct orig_node *orig_node, 217 struct orig_node *orig_neigh_node, 218 const struct batman_ogm_packet *batman_ogm_packet) 219 { 220 if (!(batman_ogm_packet->flags & PRIMARIES_FIRST_HOP)) 221 return; 222 223 memcpy(orig_neigh_node->primary_addr, orig_node->orig, ETH_ALEN); 224 } 225 226 /* checks whether the host restarted and is in the protection time. 227 * returns: 228 * 0 if the packet is to be accepted 229 * 1 if the packet is to be ignored. 230 */ 231 int batadv_window_protected(struct bat_priv *bat_priv, int32_t seq_num_diff, 232 unsigned long *last_reset) 233 { 234 if ((seq_num_diff <= -TQ_LOCAL_WINDOW_SIZE) || 235 (seq_num_diff >= EXPECTED_SEQNO_RANGE)) { 236 if (!has_timed_out(*last_reset, RESET_PROTECTION_MS)) 237 return 1; 238 239 *last_reset = jiffies; 240 bat_dbg(DBG_BATMAN, bat_priv, 241 "old packet received, start protection\n"); 242 } 243 244 return 0; 245 } 246 247 bool batadv_check_management_packet(struct sk_buff *skb, 248 struct hard_iface *hard_iface, 249 int header_len) 250 { 251 struct ethhdr *ethhdr; 252 253 /* drop packet if it has not necessary minimum size */ 254 if (unlikely(!pskb_may_pull(skb, header_len))) 255 return false; 256 257 ethhdr = (struct ethhdr *)skb_mac_header(skb); 258 259 /* packet with broadcast indication but unicast recipient */ 260 if (!is_broadcast_ether_addr(ethhdr->h_dest)) 261 return false; 262 263 /* packet with broadcast sender address */ 264 if (is_broadcast_ether_addr(ethhdr->h_source)) 265 return false; 266 267 /* create a copy of the skb, if needed, to modify it. */ 268 if (skb_cow(skb, 0) < 0) 269 return false; 270 271 /* keep skb linear */ 272 if (skb_linearize(skb) < 0) 273 return false; 274 275 return true; 276 } 277 278 static int recv_my_icmp_packet(struct bat_priv *bat_priv, 279 struct sk_buff *skb, size_t icmp_len) 280 { 281 struct hard_iface *primary_if = NULL; 282 struct orig_node *orig_node = NULL; 283 struct neigh_node *router = NULL; 284 struct icmp_packet_rr *icmp_packet; 285 int ret = NET_RX_DROP; 286 287 icmp_packet = (struct icmp_packet_rr *)skb->data; 288 289 /* add data to device queue */ 290 if (icmp_packet->msg_type != ECHO_REQUEST) { 291 batadv_socket_receive_packet(icmp_packet, icmp_len); 292 goto out; 293 } 294 295 primary_if = primary_if_get_selected(bat_priv); 296 if (!primary_if) 297 goto out; 298 299 /* answer echo request (ping) */ 300 /* get routing information */ 301 orig_node = orig_hash_find(bat_priv, icmp_packet->orig); 302 if (!orig_node) 303 goto out; 304 305 router = batadv_orig_node_get_router(orig_node); 306 if (!router) 307 goto out; 308 309 /* create a copy of the skb, if needed, to modify it. */ 310 if (skb_cow(skb, ETH_HLEN) < 0) 311 goto out; 312 313 icmp_packet = (struct icmp_packet_rr *)skb->data; 314 315 memcpy(icmp_packet->dst, icmp_packet->orig, ETH_ALEN); 316 memcpy(icmp_packet->orig, primary_if->net_dev->dev_addr, ETH_ALEN); 317 icmp_packet->msg_type = ECHO_REPLY; 318 icmp_packet->header.ttl = TTL; 319 320 batadv_send_skb_packet(skb, router->if_incoming, router->addr); 321 ret = NET_RX_SUCCESS; 322 323 out: 324 if (primary_if) 325 hardif_free_ref(primary_if); 326 if (router) 327 batadv_neigh_node_free_ref(router); 328 if (orig_node) 329 batadv_orig_node_free_ref(orig_node); 330 return ret; 331 } 332 333 static int recv_icmp_ttl_exceeded(struct bat_priv *bat_priv, 334 struct sk_buff *skb) 335 { 336 struct hard_iface *primary_if = NULL; 337 struct orig_node *orig_node = NULL; 338 struct neigh_node *router = NULL; 339 struct icmp_packet *icmp_packet; 340 int ret = NET_RX_DROP; 341 342 icmp_packet = (struct icmp_packet *)skb->data; 343 344 /* send TTL exceeded if packet is an echo request (traceroute) */ 345 if (icmp_packet->msg_type != ECHO_REQUEST) { 346 pr_debug("Warning - can't forward icmp packet from %pM to %pM: ttl exceeded\n", 347 icmp_packet->orig, icmp_packet->dst); 348 goto out; 349 } 350 351 primary_if = primary_if_get_selected(bat_priv); 352 if (!primary_if) 353 goto out; 354 355 /* get routing information */ 356 orig_node = orig_hash_find(bat_priv, icmp_packet->orig); 357 if (!orig_node) 358 goto out; 359 360 router = batadv_orig_node_get_router(orig_node); 361 if (!router) 362 goto out; 363 364 /* create a copy of the skb, if needed, to modify it. */ 365 if (skb_cow(skb, ETH_HLEN) < 0) 366 goto out; 367 368 icmp_packet = (struct icmp_packet *)skb->data; 369 370 memcpy(icmp_packet->dst, icmp_packet->orig, ETH_ALEN); 371 memcpy(icmp_packet->orig, primary_if->net_dev->dev_addr, ETH_ALEN); 372 icmp_packet->msg_type = TTL_EXCEEDED; 373 icmp_packet->header.ttl = TTL; 374 375 batadv_send_skb_packet(skb, router->if_incoming, router->addr); 376 ret = NET_RX_SUCCESS; 377 378 out: 379 if (primary_if) 380 hardif_free_ref(primary_if); 381 if (router) 382 batadv_neigh_node_free_ref(router); 383 if (orig_node) 384 batadv_orig_node_free_ref(orig_node); 385 return ret; 386 } 387 388 389 int batadv_recv_icmp_packet(struct sk_buff *skb, struct hard_iface *recv_if) 390 { 391 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface); 392 struct icmp_packet_rr *icmp_packet; 393 struct ethhdr *ethhdr; 394 struct orig_node *orig_node = NULL; 395 struct neigh_node *router = NULL; 396 int hdr_size = sizeof(struct icmp_packet); 397 int ret = NET_RX_DROP; 398 399 /* we truncate all incoming icmp packets if they don't match our size */ 400 if (skb->len >= sizeof(struct icmp_packet_rr)) 401 hdr_size = sizeof(struct icmp_packet_rr); 402 403 /* drop packet if it has not necessary minimum size */ 404 if (unlikely(!pskb_may_pull(skb, hdr_size))) 405 goto out; 406 407 ethhdr = (struct ethhdr *)skb_mac_header(skb); 408 409 /* packet with unicast indication but broadcast recipient */ 410 if (is_broadcast_ether_addr(ethhdr->h_dest)) 411 goto out; 412 413 /* packet with broadcast sender address */ 414 if (is_broadcast_ether_addr(ethhdr->h_source)) 415 goto out; 416 417 /* not for me */ 418 if (!batadv_is_my_mac(ethhdr->h_dest)) 419 goto out; 420 421 icmp_packet = (struct icmp_packet_rr *)skb->data; 422 423 /* add record route information if not full */ 424 if ((hdr_size == sizeof(struct icmp_packet_rr)) && 425 (icmp_packet->rr_cur < BAT_RR_LEN)) { 426 memcpy(&(icmp_packet->rr[icmp_packet->rr_cur]), 427 ethhdr->h_dest, ETH_ALEN); 428 icmp_packet->rr_cur++; 429 } 430 431 /* packet for me */ 432 if (batadv_is_my_mac(icmp_packet->dst)) 433 return recv_my_icmp_packet(bat_priv, skb, hdr_size); 434 435 /* TTL exceeded */ 436 if (icmp_packet->header.ttl < 2) 437 return recv_icmp_ttl_exceeded(bat_priv, skb); 438 439 /* get routing information */ 440 orig_node = orig_hash_find(bat_priv, icmp_packet->dst); 441 if (!orig_node) 442 goto out; 443 444 router = batadv_orig_node_get_router(orig_node); 445 if (!router) 446 goto out; 447 448 /* create a copy of the skb, if needed, to modify it. */ 449 if (skb_cow(skb, ETH_HLEN) < 0) 450 goto out; 451 452 icmp_packet = (struct icmp_packet_rr *)skb->data; 453 454 /* decrement ttl */ 455 icmp_packet->header.ttl--; 456 457 /* route it */ 458 batadv_send_skb_packet(skb, router->if_incoming, router->addr); 459 ret = NET_RX_SUCCESS; 460 461 out: 462 if (router) 463 batadv_neigh_node_free_ref(router); 464 if (orig_node) 465 batadv_orig_node_free_ref(orig_node); 466 return ret; 467 } 468 469 /* In the bonding case, send the packets in a round 470 * robin fashion over the remaining interfaces. 471 * 472 * This method rotates the bonding list and increases the 473 * returned router's refcount. 474 */ 475 static struct neigh_node *find_bond_router(struct orig_node *primary_orig, 476 const struct hard_iface *recv_if) 477 { 478 struct neigh_node *tmp_neigh_node; 479 struct neigh_node *router = NULL, *first_candidate = NULL; 480 481 rcu_read_lock(); 482 list_for_each_entry_rcu(tmp_neigh_node, &primary_orig->bond_list, 483 bonding_list) { 484 if (!first_candidate) 485 first_candidate = tmp_neigh_node; 486 487 /* recv_if == NULL on the first node. */ 488 if (tmp_neigh_node->if_incoming == recv_if) 489 continue; 490 491 if (!atomic_inc_not_zero(&tmp_neigh_node->refcount)) 492 continue; 493 494 router = tmp_neigh_node; 495 break; 496 } 497 498 /* use the first candidate if nothing was found. */ 499 if (!router && first_candidate && 500 atomic_inc_not_zero(&first_candidate->refcount)) 501 router = first_candidate; 502 503 if (!router) 504 goto out; 505 506 /* selected should point to the next element 507 * after the current router 508 */ 509 spin_lock_bh(&primary_orig->neigh_list_lock); 510 /* this is a list_move(), which unfortunately 511 * does not exist as rcu version 512 */ 513 list_del_rcu(&primary_orig->bond_list); 514 list_add_rcu(&primary_orig->bond_list, 515 &router->bonding_list); 516 spin_unlock_bh(&primary_orig->neigh_list_lock); 517 518 out: 519 rcu_read_unlock(); 520 return router; 521 } 522 523 /* Interface Alternating: Use the best of the 524 * remaining candidates which are not using 525 * this interface. 526 * 527 * Increases the returned router's refcount 528 */ 529 static struct neigh_node *find_ifalter_router(struct orig_node *primary_orig, 530 const struct hard_iface *recv_if) 531 { 532 struct neigh_node *tmp_neigh_node; 533 struct neigh_node *router = NULL, *first_candidate = NULL; 534 535 rcu_read_lock(); 536 list_for_each_entry_rcu(tmp_neigh_node, &primary_orig->bond_list, 537 bonding_list) { 538 if (!first_candidate) 539 first_candidate = tmp_neigh_node; 540 541 /* recv_if == NULL on the first node. */ 542 if (tmp_neigh_node->if_incoming == recv_if) 543 continue; 544 545 if (!atomic_inc_not_zero(&tmp_neigh_node->refcount)) 546 continue; 547 548 /* if we don't have a router yet 549 * or this one is better, choose it. 550 */ 551 if ((!router) || 552 (tmp_neigh_node->tq_avg > router->tq_avg)) { 553 /* decrement refcount of 554 * previously selected router 555 */ 556 if (router) 557 batadv_neigh_node_free_ref(router); 558 559 router = tmp_neigh_node; 560 atomic_inc_not_zero(&router->refcount); 561 } 562 563 batadv_neigh_node_free_ref(tmp_neigh_node); 564 } 565 566 /* use the first candidate if nothing was found. */ 567 if (!router && first_candidate && 568 atomic_inc_not_zero(&first_candidate->refcount)) 569 router = first_candidate; 570 571 rcu_read_unlock(); 572 return router; 573 } 574 575 int batadv_recv_tt_query(struct sk_buff *skb, struct hard_iface *recv_if) 576 { 577 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface); 578 struct tt_query_packet *tt_query; 579 uint16_t tt_size; 580 struct ethhdr *ethhdr; 581 582 /* drop packet if it has not necessary minimum size */ 583 if (unlikely(!pskb_may_pull(skb, sizeof(struct tt_query_packet)))) 584 goto out; 585 586 /* I could need to modify it */ 587 if (skb_cow(skb, sizeof(struct tt_query_packet)) < 0) 588 goto out; 589 590 ethhdr = (struct ethhdr *)skb_mac_header(skb); 591 592 /* packet with unicast indication but broadcast recipient */ 593 if (is_broadcast_ether_addr(ethhdr->h_dest)) 594 goto out; 595 596 /* packet with broadcast sender address */ 597 if (is_broadcast_ether_addr(ethhdr->h_source)) 598 goto out; 599 600 tt_query = (struct tt_query_packet *)skb->data; 601 602 switch (tt_query->flags & TT_QUERY_TYPE_MASK) { 603 case TT_REQUEST: 604 batadv_inc_counter(bat_priv, BAT_CNT_TT_REQUEST_RX); 605 606 /* If we cannot provide an answer the tt_request is 607 * forwarded 608 */ 609 if (!batadv_send_tt_response(bat_priv, tt_query)) { 610 bat_dbg(DBG_TT, bat_priv, 611 "Routing TT_REQUEST to %pM [%c]\n", 612 tt_query->dst, 613 (tt_query->flags & TT_FULL_TABLE ? 'F' : '.')); 614 return route_unicast_packet(skb, recv_if); 615 } 616 break; 617 case TT_RESPONSE: 618 batadv_inc_counter(bat_priv, BAT_CNT_TT_RESPONSE_RX); 619 620 if (batadv_is_my_mac(tt_query->dst)) { 621 /* packet needs to be linearized to access the TT 622 * changes 623 */ 624 if (skb_linearize(skb) < 0) 625 goto out; 626 /* skb_linearize() possibly changed skb->data */ 627 tt_query = (struct tt_query_packet *)skb->data; 628 629 tt_size = batadv_tt_len(ntohs(tt_query->tt_data)); 630 631 /* Ensure we have all the claimed data */ 632 if (unlikely(skb_headlen(skb) < 633 sizeof(struct tt_query_packet) + tt_size)) 634 goto out; 635 636 batadv_handle_tt_response(bat_priv, tt_query); 637 } else { 638 bat_dbg(DBG_TT, bat_priv, 639 "Routing TT_RESPONSE to %pM [%c]\n", 640 tt_query->dst, 641 (tt_query->flags & TT_FULL_TABLE ? 'F' : '.')); 642 return route_unicast_packet(skb, recv_if); 643 } 644 break; 645 } 646 647 out: 648 /* returning NET_RX_DROP will make the caller function kfree the skb */ 649 return NET_RX_DROP; 650 } 651 652 int batadv_recv_roam_adv(struct sk_buff *skb, struct hard_iface *recv_if) 653 { 654 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface); 655 struct roam_adv_packet *roam_adv_packet; 656 struct orig_node *orig_node; 657 struct ethhdr *ethhdr; 658 659 /* drop packet if it has not necessary minimum size */ 660 if (unlikely(!pskb_may_pull(skb, sizeof(struct roam_adv_packet)))) 661 goto out; 662 663 ethhdr = (struct ethhdr *)skb_mac_header(skb); 664 665 /* packet with unicast indication but broadcast recipient */ 666 if (is_broadcast_ether_addr(ethhdr->h_dest)) 667 goto out; 668 669 /* packet with broadcast sender address */ 670 if (is_broadcast_ether_addr(ethhdr->h_source)) 671 goto out; 672 673 batadv_inc_counter(bat_priv, BAT_CNT_TT_ROAM_ADV_RX); 674 675 roam_adv_packet = (struct roam_adv_packet *)skb->data; 676 677 if (!batadv_is_my_mac(roam_adv_packet->dst)) 678 return route_unicast_packet(skb, recv_if); 679 680 /* check if it is a backbone gateway. we don't accept 681 * roaming advertisement from it, as it has the same 682 * entries as we have. 683 */ 684 if (batadv_bla_is_backbone_gw_orig(bat_priv, roam_adv_packet->src)) 685 goto out; 686 687 orig_node = orig_hash_find(bat_priv, roam_adv_packet->src); 688 if (!orig_node) 689 goto out; 690 691 bat_dbg(DBG_TT, bat_priv, 692 "Received ROAMING_ADV from %pM (client %pM)\n", 693 roam_adv_packet->src, roam_adv_packet->client); 694 695 batadv_tt_global_add(bat_priv, orig_node, roam_adv_packet->client, 696 atomic_read(&orig_node->last_ttvn) + 1, true, 697 false); 698 699 /* Roaming phase starts: I have new information but the ttvn has not 700 * been incremented yet. This flag will make me check all the incoming 701 * packets for the correct destination. 702 */ 703 bat_priv->tt_poss_change = true; 704 705 batadv_orig_node_free_ref(orig_node); 706 out: 707 /* returning NET_RX_DROP will make the caller function kfree the skb */ 708 return NET_RX_DROP; 709 } 710 711 /* find a suitable router for this originator, and use 712 * bonding if possible. increases the found neighbors 713 * refcount. 714 */ 715 struct neigh_node *batadv_find_router(struct bat_priv *bat_priv, 716 struct orig_node *orig_node, 717 const struct hard_iface *recv_if) 718 { 719 struct orig_node *primary_orig_node; 720 struct orig_node *router_orig; 721 struct neigh_node *router; 722 static uint8_t zero_mac[ETH_ALEN] = {0, 0, 0, 0, 0, 0}; 723 int bonding_enabled; 724 725 if (!orig_node) 726 return NULL; 727 728 router = batadv_orig_node_get_router(orig_node); 729 if (!router) 730 goto err; 731 732 /* without bonding, the first node should 733 * always choose the default router. 734 */ 735 bonding_enabled = atomic_read(&bat_priv->bonding); 736 737 rcu_read_lock(); 738 /* select default router to output */ 739 router_orig = router->orig_node; 740 if (!router_orig) 741 goto err_unlock; 742 743 if ((!recv_if) && (!bonding_enabled)) 744 goto return_router; 745 746 /* if we have something in the primary_addr, we can search 747 * for a potential bonding candidate. 748 */ 749 if (compare_eth(router_orig->primary_addr, zero_mac)) 750 goto return_router; 751 752 /* find the orig_node which has the primary interface. might 753 * even be the same as our router_orig in many cases 754 */ 755 if (compare_eth(router_orig->primary_addr, router_orig->orig)) { 756 primary_orig_node = router_orig; 757 } else { 758 primary_orig_node = orig_hash_find(bat_priv, 759 router_orig->primary_addr); 760 if (!primary_orig_node) 761 goto return_router; 762 763 batadv_orig_node_free_ref(primary_orig_node); 764 } 765 766 /* with less than 2 candidates, we can't do any 767 * bonding and prefer the original router. 768 */ 769 if (atomic_read(&primary_orig_node->bond_candidates) < 2) 770 goto return_router; 771 772 /* all nodes between should choose a candidate which 773 * is is not on the interface where the packet came 774 * in. 775 */ 776 batadv_neigh_node_free_ref(router); 777 778 if (bonding_enabled) 779 router = find_bond_router(primary_orig_node, recv_if); 780 else 781 router = find_ifalter_router(primary_orig_node, recv_if); 782 783 return_router: 784 if (router && router->if_incoming->if_status != IF_ACTIVE) 785 goto err_unlock; 786 787 rcu_read_unlock(); 788 return router; 789 err_unlock: 790 rcu_read_unlock(); 791 err: 792 if (router) 793 batadv_neigh_node_free_ref(router); 794 return NULL; 795 } 796 797 static int check_unicast_packet(struct sk_buff *skb, int hdr_size) 798 { 799 struct ethhdr *ethhdr; 800 801 /* drop packet if it has not necessary minimum size */ 802 if (unlikely(!pskb_may_pull(skb, hdr_size))) 803 return -1; 804 805 ethhdr = (struct ethhdr *)skb_mac_header(skb); 806 807 /* packet with unicast indication but broadcast recipient */ 808 if (is_broadcast_ether_addr(ethhdr->h_dest)) 809 return -1; 810 811 /* packet with broadcast sender address */ 812 if (is_broadcast_ether_addr(ethhdr->h_source)) 813 return -1; 814 815 /* not for me */ 816 if (!batadv_is_my_mac(ethhdr->h_dest)) 817 return -1; 818 819 return 0; 820 } 821 822 static int route_unicast_packet(struct sk_buff *skb, struct hard_iface *recv_if) 823 { 824 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface); 825 struct orig_node *orig_node = NULL; 826 struct neigh_node *neigh_node = NULL; 827 struct unicast_packet *unicast_packet; 828 struct ethhdr *ethhdr = (struct ethhdr *)skb_mac_header(skb); 829 int ret = NET_RX_DROP; 830 struct sk_buff *new_skb; 831 832 unicast_packet = (struct unicast_packet *)skb->data; 833 834 /* TTL exceeded */ 835 if (unicast_packet->header.ttl < 2) { 836 pr_debug("Warning - can't forward unicast packet from %pM to %pM: ttl exceeded\n", 837 ethhdr->h_source, unicast_packet->dest); 838 goto out; 839 } 840 841 /* get routing information */ 842 orig_node = orig_hash_find(bat_priv, unicast_packet->dest); 843 844 if (!orig_node) 845 goto out; 846 847 /* find_router() increases neigh_nodes refcount if found. */ 848 neigh_node = batadv_find_router(bat_priv, orig_node, recv_if); 849 850 if (!neigh_node) 851 goto out; 852 853 /* create a copy of the skb, if needed, to modify it. */ 854 if (skb_cow(skb, ETH_HLEN) < 0) 855 goto out; 856 857 unicast_packet = (struct unicast_packet *)skb->data; 858 859 if (unicast_packet->header.packet_type == BAT_UNICAST && 860 atomic_read(&bat_priv->fragmentation) && 861 skb->len > neigh_node->if_incoming->net_dev->mtu) { 862 ret = batadv_frag_send_skb(skb, bat_priv, 863 neigh_node->if_incoming, 864 neigh_node->addr); 865 goto out; 866 } 867 868 if (unicast_packet->header.packet_type == BAT_UNICAST_FRAG && 869 frag_can_reassemble(skb, neigh_node->if_incoming->net_dev->mtu)) { 870 871 ret = batadv_frag_reassemble_skb(skb, bat_priv, &new_skb); 872 873 if (ret == NET_RX_DROP) 874 goto out; 875 876 /* packet was buffered for late merge */ 877 if (!new_skb) { 878 ret = NET_RX_SUCCESS; 879 goto out; 880 } 881 882 skb = new_skb; 883 unicast_packet = (struct unicast_packet *)skb->data; 884 } 885 886 /* decrement ttl */ 887 unicast_packet->header.ttl--; 888 889 /* Update stats counter */ 890 batadv_inc_counter(bat_priv, BAT_CNT_FORWARD); 891 batadv_add_counter(bat_priv, BAT_CNT_FORWARD_BYTES, 892 skb->len + ETH_HLEN); 893 894 /* route it */ 895 batadv_send_skb_packet(skb, neigh_node->if_incoming, neigh_node->addr); 896 ret = NET_RX_SUCCESS; 897 898 out: 899 if (neigh_node) 900 batadv_neigh_node_free_ref(neigh_node); 901 if (orig_node) 902 batadv_orig_node_free_ref(orig_node); 903 return ret; 904 } 905 906 static int check_unicast_ttvn(struct bat_priv *bat_priv, 907 struct sk_buff *skb) { 908 uint8_t curr_ttvn; 909 struct orig_node *orig_node; 910 struct ethhdr *ethhdr; 911 struct hard_iface *primary_if; 912 struct unicast_packet *unicast_packet; 913 bool tt_poss_change; 914 915 /* I could need to modify it */ 916 if (skb_cow(skb, sizeof(struct unicast_packet)) < 0) 917 return 0; 918 919 unicast_packet = (struct unicast_packet *)skb->data; 920 921 if (batadv_is_my_mac(unicast_packet->dest)) { 922 tt_poss_change = bat_priv->tt_poss_change; 923 curr_ttvn = (uint8_t)atomic_read(&bat_priv->ttvn); 924 } else { 925 orig_node = orig_hash_find(bat_priv, unicast_packet->dest); 926 927 if (!orig_node) 928 return 0; 929 930 curr_ttvn = (uint8_t)atomic_read(&orig_node->last_ttvn); 931 tt_poss_change = orig_node->tt_poss_change; 932 batadv_orig_node_free_ref(orig_node); 933 } 934 935 /* Check whether I have to reroute the packet */ 936 if (seq_before(unicast_packet->ttvn, curr_ttvn) || tt_poss_change) { 937 /* check if there is enough data before accessing it */ 938 if (pskb_may_pull(skb, sizeof(struct unicast_packet) + 939 ETH_HLEN) < 0) 940 return 0; 941 942 ethhdr = (struct ethhdr *)(skb->data + 943 sizeof(struct unicast_packet)); 944 945 /* we don't have an updated route for this client, so we should 946 * not try to reroute the packet!! 947 */ 948 if (batadv_tt_global_client_is_roaming(bat_priv, 949 ethhdr->h_dest)) 950 return 1; 951 952 orig_node = batadv_transtable_search(bat_priv, NULL, 953 ethhdr->h_dest); 954 955 if (!orig_node) { 956 if (!batadv_is_my_client(bat_priv, ethhdr->h_dest)) 957 return 0; 958 primary_if = primary_if_get_selected(bat_priv); 959 if (!primary_if) 960 return 0; 961 memcpy(unicast_packet->dest, 962 primary_if->net_dev->dev_addr, ETH_ALEN); 963 hardif_free_ref(primary_if); 964 } else { 965 memcpy(unicast_packet->dest, orig_node->orig, 966 ETH_ALEN); 967 curr_ttvn = (uint8_t) 968 atomic_read(&orig_node->last_ttvn); 969 batadv_orig_node_free_ref(orig_node); 970 } 971 972 bat_dbg(DBG_ROUTES, bat_priv, 973 "TTVN mismatch (old_ttvn %u new_ttvn %u)! Rerouting unicast packet (for %pM) to %pM\n", 974 unicast_packet->ttvn, curr_ttvn, ethhdr->h_dest, 975 unicast_packet->dest); 976 977 unicast_packet->ttvn = curr_ttvn; 978 } 979 return 1; 980 } 981 982 int batadv_recv_unicast_packet(struct sk_buff *skb, struct hard_iface *recv_if) 983 { 984 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface); 985 struct unicast_packet *unicast_packet; 986 int hdr_size = sizeof(*unicast_packet); 987 988 if (check_unicast_packet(skb, hdr_size) < 0) 989 return NET_RX_DROP; 990 991 if (!check_unicast_ttvn(bat_priv, skb)) 992 return NET_RX_DROP; 993 994 unicast_packet = (struct unicast_packet *)skb->data; 995 996 /* packet for me */ 997 if (batadv_is_my_mac(unicast_packet->dest)) { 998 batadv_interface_rx(recv_if->soft_iface, skb, recv_if, 999 hdr_size); 1000 return NET_RX_SUCCESS; 1001 } 1002 1003 return route_unicast_packet(skb, recv_if); 1004 } 1005 1006 int batadv_recv_ucast_frag_packet(struct sk_buff *skb, 1007 struct hard_iface *recv_if) 1008 { 1009 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1010 struct unicast_frag_packet *unicast_packet; 1011 int hdr_size = sizeof(*unicast_packet); 1012 struct sk_buff *new_skb = NULL; 1013 int ret; 1014 1015 if (check_unicast_packet(skb, hdr_size) < 0) 1016 return NET_RX_DROP; 1017 1018 if (!check_unicast_ttvn(bat_priv, skb)) 1019 return NET_RX_DROP; 1020 1021 unicast_packet = (struct unicast_frag_packet *)skb->data; 1022 1023 /* packet for me */ 1024 if (batadv_is_my_mac(unicast_packet->dest)) { 1025 1026 ret = batadv_frag_reassemble_skb(skb, bat_priv, &new_skb); 1027 1028 if (ret == NET_RX_DROP) 1029 return NET_RX_DROP; 1030 1031 /* packet was buffered for late merge */ 1032 if (!new_skb) 1033 return NET_RX_SUCCESS; 1034 1035 batadv_interface_rx(recv_if->soft_iface, new_skb, recv_if, 1036 sizeof(struct unicast_packet)); 1037 return NET_RX_SUCCESS; 1038 } 1039 1040 return route_unicast_packet(skb, recv_if); 1041 } 1042 1043 1044 int batadv_recv_bcast_packet(struct sk_buff *skb, struct hard_iface *recv_if) 1045 { 1046 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1047 struct orig_node *orig_node = NULL; 1048 struct bcast_packet *bcast_packet; 1049 struct ethhdr *ethhdr; 1050 int hdr_size = sizeof(*bcast_packet); 1051 int ret = NET_RX_DROP; 1052 int32_t seq_diff; 1053 1054 /* drop packet if it has not necessary minimum size */ 1055 if (unlikely(!pskb_may_pull(skb, hdr_size))) 1056 goto out; 1057 1058 ethhdr = (struct ethhdr *)skb_mac_header(skb); 1059 1060 /* packet with broadcast indication but unicast recipient */ 1061 if (!is_broadcast_ether_addr(ethhdr->h_dest)) 1062 goto out; 1063 1064 /* packet with broadcast sender address */ 1065 if (is_broadcast_ether_addr(ethhdr->h_source)) 1066 goto out; 1067 1068 /* ignore broadcasts sent by myself */ 1069 if (batadv_is_my_mac(ethhdr->h_source)) 1070 goto out; 1071 1072 bcast_packet = (struct bcast_packet *)skb->data; 1073 1074 /* ignore broadcasts originated by myself */ 1075 if (batadv_is_my_mac(bcast_packet->orig)) 1076 goto out; 1077 1078 if (bcast_packet->header.ttl < 2) 1079 goto out; 1080 1081 orig_node = orig_hash_find(bat_priv, bcast_packet->orig); 1082 1083 if (!orig_node) 1084 goto out; 1085 1086 spin_lock_bh(&orig_node->bcast_seqno_lock); 1087 1088 /* check whether the packet is a duplicate */ 1089 if (bat_test_bit(orig_node->bcast_bits, orig_node->last_bcast_seqno, 1090 ntohl(bcast_packet->seqno))) 1091 goto spin_unlock; 1092 1093 seq_diff = ntohl(bcast_packet->seqno) - orig_node->last_bcast_seqno; 1094 1095 /* check whether the packet is old and the host just restarted. */ 1096 if (batadv_window_protected(bat_priv, seq_diff, 1097 &orig_node->bcast_seqno_reset)) 1098 goto spin_unlock; 1099 1100 /* mark broadcast in flood history, update window position 1101 * if required. 1102 */ 1103 if (batadv_bit_get_packet(bat_priv, orig_node->bcast_bits, seq_diff, 1)) 1104 orig_node->last_bcast_seqno = ntohl(bcast_packet->seqno); 1105 1106 spin_unlock_bh(&orig_node->bcast_seqno_lock); 1107 1108 /* check whether this has been sent by another originator before */ 1109 if (batadv_bla_check_bcast_duplist(bat_priv, bcast_packet, hdr_size)) 1110 goto out; 1111 1112 /* rebroadcast packet */ 1113 batadv_add_bcast_packet_to_list(bat_priv, skb, 1); 1114 1115 /* don't hand the broadcast up if it is from an originator 1116 * from the same backbone. 1117 */ 1118 if (batadv_bla_is_backbone_gw(skb, orig_node, hdr_size)) 1119 goto out; 1120 1121 /* broadcast for me */ 1122 batadv_interface_rx(recv_if->soft_iface, skb, recv_if, hdr_size); 1123 ret = NET_RX_SUCCESS; 1124 goto out; 1125 1126 spin_unlock: 1127 spin_unlock_bh(&orig_node->bcast_seqno_lock); 1128 out: 1129 if (orig_node) 1130 batadv_orig_node_free_ref(orig_node); 1131 return ret; 1132 } 1133 1134 int batadv_recv_vis_packet(struct sk_buff *skb, struct hard_iface *recv_if) 1135 { 1136 struct vis_packet *vis_packet; 1137 struct ethhdr *ethhdr; 1138 struct bat_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1139 int hdr_size = sizeof(*vis_packet); 1140 1141 /* keep skb linear */ 1142 if (skb_linearize(skb) < 0) 1143 return NET_RX_DROP; 1144 1145 if (unlikely(!pskb_may_pull(skb, hdr_size))) 1146 return NET_RX_DROP; 1147 1148 vis_packet = (struct vis_packet *)skb->data; 1149 ethhdr = (struct ethhdr *)skb_mac_header(skb); 1150 1151 /* not for me */ 1152 if (!batadv_is_my_mac(ethhdr->h_dest)) 1153 return NET_RX_DROP; 1154 1155 /* ignore own packets */ 1156 if (batadv_is_my_mac(vis_packet->vis_orig)) 1157 return NET_RX_DROP; 1158 1159 if (batadv_is_my_mac(vis_packet->sender_orig)) 1160 return NET_RX_DROP; 1161 1162 switch (vis_packet->vis_type) { 1163 case VIS_TYPE_SERVER_SYNC: 1164 batadv_receive_server_sync_packet(bat_priv, vis_packet, 1165 skb_headlen(skb)); 1166 break; 1167 1168 case VIS_TYPE_CLIENT_UPDATE: 1169 batadv_receive_client_update_packet(bat_priv, vis_packet, 1170 skb_headlen(skb)); 1171 break; 1172 1173 default: /* ignore unknown packet */ 1174 break; 1175 } 1176 1177 /* We take a copy of the data in the packet, so we should 1178 * always free the skbuf. 1179 */ 1180 return NET_RX_DROP; 1181 } 1182