1 /* Copyright (C) 2007-2017 B.A.T.M.A.N. contributors: 2 * 3 * Marek Lindner, Simon Wunderlich 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of version 2 of the GNU General Public 7 * License as published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, but 10 * WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 * General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, see <http://www.gnu.org/licenses/>. 16 */ 17 18 #include "routing.h" 19 #include "main.h" 20 21 #include <linux/atomic.h> 22 #include <linux/byteorder/generic.h> 23 #include <linux/compiler.h> 24 #include <linux/errno.h> 25 #include <linux/etherdevice.h> 26 #include <linux/if_ether.h> 27 #include <linux/jiffies.h> 28 #include <linux/kref.h> 29 #include <linux/netdevice.h> 30 #include <linux/printk.h> 31 #include <linux/rculist.h> 32 #include <linux/rcupdate.h> 33 #include <linux/skbuff.h> 34 #include <linux/spinlock.h> 35 #include <linux/stddef.h> 36 37 #include "bitarray.h" 38 #include "bridge_loop_avoidance.h" 39 #include "distributed-arp-table.h" 40 #include "fragmentation.h" 41 #include "hard-interface.h" 42 #include "icmp_socket.h" 43 #include "log.h" 44 #include "network-coding.h" 45 #include "originator.h" 46 #include "packet.h" 47 #include "send.h" 48 #include "soft-interface.h" 49 #include "tp_meter.h" 50 #include "translation-table.h" 51 #include "tvlv.h" 52 53 static int batadv_route_unicast_packet(struct sk_buff *skb, 54 struct batadv_hard_iface *recv_if); 55 56 /** 57 * _batadv_update_route - set the router for this originator 58 * @bat_priv: the bat priv with all the soft interface information 59 * @orig_node: orig node which is to be configured 60 * @recv_if: the receive interface for which this route is set 61 * @neigh_node: neighbor which should be the next router 62 * 63 * This function does not perform any error checks 64 */ 65 static void _batadv_update_route(struct batadv_priv *bat_priv, 66 struct batadv_orig_node *orig_node, 67 struct batadv_hard_iface *recv_if, 68 struct batadv_neigh_node *neigh_node) 69 { 70 struct batadv_orig_ifinfo *orig_ifinfo; 71 struct batadv_neigh_node *curr_router; 72 73 orig_ifinfo = batadv_orig_ifinfo_get(orig_node, recv_if); 74 if (!orig_ifinfo) 75 return; 76 77 spin_lock_bh(&orig_node->neigh_list_lock); 78 /* curr_router used earlier may not be the current orig_ifinfo->router 79 * anymore because it was dereferenced outside of the neigh_list_lock 80 * protected region. After the new best neighbor has replace the current 81 * best neighbor the reference counter needs to decrease. Consequently, 82 * the code needs to ensure the curr_router variable contains a pointer 83 * to the replaced best neighbor. 84 */ 85 curr_router = rcu_dereference_protected(orig_ifinfo->router, true); 86 87 /* increase refcount of new best neighbor */ 88 if (neigh_node) 89 kref_get(&neigh_node->refcount); 90 91 rcu_assign_pointer(orig_ifinfo->router, neigh_node); 92 spin_unlock_bh(&orig_node->neigh_list_lock); 93 batadv_orig_ifinfo_put(orig_ifinfo); 94 95 /* route deleted */ 96 if ((curr_router) && (!neigh_node)) { 97 batadv_dbg(BATADV_DBG_ROUTES, bat_priv, 98 "Deleting route towards: %pM\n", orig_node->orig); 99 batadv_tt_global_del_orig(bat_priv, orig_node, -1, 100 "Deleted route towards originator"); 101 102 /* route added */ 103 } else if ((!curr_router) && (neigh_node)) { 104 batadv_dbg(BATADV_DBG_ROUTES, bat_priv, 105 "Adding route towards: %pM (via %pM)\n", 106 orig_node->orig, neigh_node->addr); 107 /* route changed */ 108 } else if (neigh_node && curr_router) { 109 batadv_dbg(BATADV_DBG_ROUTES, bat_priv, 110 "Changing route towards: %pM (now via %pM - was via %pM)\n", 111 orig_node->orig, neigh_node->addr, 112 curr_router->addr); 113 } 114 115 /* decrease refcount of previous best neighbor */ 116 if (curr_router) 117 batadv_neigh_node_put(curr_router); 118 } 119 120 /** 121 * batadv_update_route - set the router for this originator 122 * @bat_priv: the bat priv with all the soft interface information 123 * @orig_node: orig node which is to be configured 124 * @recv_if: the receive interface for which this route is set 125 * @neigh_node: neighbor which should be the next router 126 */ 127 void batadv_update_route(struct batadv_priv *bat_priv, 128 struct batadv_orig_node *orig_node, 129 struct batadv_hard_iface *recv_if, 130 struct batadv_neigh_node *neigh_node) 131 { 132 struct batadv_neigh_node *router = NULL; 133 134 if (!orig_node) 135 goto out; 136 137 router = batadv_orig_router_get(orig_node, recv_if); 138 139 if (router != neigh_node) 140 _batadv_update_route(bat_priv, orig_node, recv_if, neigh_node); 141 142 out: 143 if (router) 144 batadv_neigh_node_put(router); 145 } 146 147 /** 148 * batadv_window_protected - checks whether the host restarted and is in the 149 * protection time. 150 * @bat_priv: the bat priv with all the soft interface information 151 * @seq_num_diff: difference between the current/received sequence number and 152 * the last sequence number 153 * @seq_old_max_diff: maximum age of sequence number not considered as restart 154 * @last_reset: jiffies timestamp of the last reset, will be updated when reset 155 * is detected 156 * @protection_started: is set to true if the protection window was started, 157 * doesn't change otherwise. 158 * 159 * Return: 160 * false if the packet is to be accepted. 161 * true if the packet is to be ignored. 162 */ 163 bool batadv_window_protected(struct batadv_priv *bat_priv, s32 seq_num_diff, 164 s32 seq_old_max_diff, unsigned long *last_reset, 165 bool *protection_started) 166 { 167 if (seq_num_diff <= -seq_old_max_diff || 168 seq_num_diff >= BATADV_EXPECTED_SEQNO_RANGE) { 169 if (!batadv_has_timed_out(*last_reset, 170 BATADV_RESET_PROTECTION_MS)) 171 return true; 172 173 *last_reset = jiffies; 174 if (protection_started) 175 *protection_started = true; 176 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 177 "old packet received, start protection\n"); 178 } 179 180 return false; 181 } 182 183 bool batadv_check_management_packet(struct sk_buff *skb, 184 struct batadv_hard_iface *hard_iface, 185 int header_len) 186 { 187 struct ethhdr *ethhdr; 188 189 /* drop packet if it has not necessary minimum size */ 190 if (unlikely(!pskb_may_pull(skb, header_len))) 191 return false; 192 193 ethhdr = eth_hdr(skb); 194 195 /* packet with broadcast indication but unicast recipient */ 196 if (!is_broadcast_ether_addr(ethhdr->h_dest)) 197 return false; 198 199 /* packet with invalid sender address */ 200 if (!is_valid_ether_addr(ethhdr->h_source)) 201 return false; 202 203 /* create a copy of the skb, if needed, to modify it. */ 204 if (skb_cow(skb, 0) < 0) 205 return false; 206 207 /* keep skb linear */ 208 if (skb_linearize(skb) < 0) 209 return false; 210 211 return true; 212 } 213 214 /** 215 * batadv_recv_my_icmp_packet - receive an icmp packet locally 216 * @bat_priv: the bat priv with all the soft interface information 217 * @skb: icmp packet to process 218 * 219 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP 220 * otherwise. 221 */ 222 static int batadv_recv_my_icmp_packet(struct batadv_priv *bat_priv, 223 struct sk_buff *skb) 224 { 225 struct batadv_hard_iface *primary_if = NULL; 226 struct batadv_orig_node *orig_node = NULL; 227 struct batadv_icmp_header *icmph; 228 int res, ret = NET_RX_DROP; 229 230 icmph = (struct batadv_icmp_header *)skb->data; 231 232 switch (icmph->msg_type) { 233 case BATADV_ECHO_REPLY: 234 case BATADV_DESTINATION_UNREACHABLE: 235 case BATADV_TTL_EXCEEDED: 236 /* receive the packet */ 237 if (skb_linearize(skb) < 0) 238 break; 239 240 batadv_socket_receive_packet(icmph, skb->len); 241 break; 242 case BATADV_ECHO_REQUEST: 243 /* answer echo request (ping) */ 244 primary_if = batadv_primary_if_get_selected(bat_priv); 245 if (!primary_if) 246 goto out; 247 248 /* get routing information */ 249 orig_node = batadv_orig_hash_find(bat_priv, icmph->orig); 250 if (!orig_node) 251 goto out; 252 253 /* create a copy of the skb, if needed, to modify it. */ 254 if (skb_cow(skb, ETH_HLEN) < 0) 255 goto out; 256 257 icmph = (struct batadv_icmp_header *)skb->data; 258 259 ether_addr_copy(icmph->dst, icmph->orig); 260 ether_addr_copy(icmph->orig, primary_if->net_dev->dev_addr); 261 icmph->msg_type = BATADV_ECHO_REPLY; 262 icmph->ttl = BATADV_TTL; 263 264 res = batadv_send_skb_to_orig(skb, orig_node, NULL); 265 if (res == NET_XMIT_SUCCESS) 266 ret = NET_RX_SUCCESS; 267 268 /* skb was consumed */ 269 skb = NULL; 270 break; 271 case BATADV_TP: 272 if (!pskb_may_pull(skb, sizeof(struct batadv_icmp_tp_packet))) 273 goto out; 274 275 batadv_tp_meter_recv(bat_priv, skb); 276 ret = NET_RX_SUCCESS; 277 /* skb was consumed */ 278 skb = NULL; 279 goto out; 280 default: 281 /* drop unknown type */ 282 goto out; 283 } 284 out: 285 if (primary_if) 286 batadv_hardif_put(primary_if); 287 if (orig_node) 288 batadv_orig_node_put(orig_node); 289 290 kfree_skb(skb); 291 292 return ret; 293 } 294 295 static int batadv_recv_icmp_ttl_exceeded(struct batadv_priv *bat_priv, 296 struct sk_buff *skb) 297 { 298 struct batadv_hard_iface *primary_if = NULL; 299 struct batadv_orig_node *orig_node = NULL; 300 struct batadv_icmp_packet *icmp_packet; 301 int res, ret = NET_RX_DROP; 302 303 icmp_packet = (struct batadv_icmp_packet *)skb->data; 304 305 /* send TTL exceeded if packet is an echo request (traceroute) */ 306 if (icmp_packet->msg_type != BATADV_ECHO_REQUEST) { 307 pr_debug("Warning - can't forward icmp packet from %pM to %pM: ttl exceeded\n", 308 icmp_packet->orig, icmp_packet->dst); 309 goto out; 310 } 311 312 primary_if = batadv_primary_if_get_selected(bat_priv); 313 if (!primary_if) 314 goto out; 315 316 /* get routing information */ 317 orig_node = batadv_orig_hash_find(bat_priv, icmp_packet->orig); 318 if (!orig_node) 319 goto out; 320 321 /* create a copy of the skb, if needed, to modify it. */ 322 if (skb_cow(skb, ETH_HLEN) < 0) 323 goto out; 324 325 icmp_packet = (struct batadv_icmp_packet *)skb->data; 326 327 ether_addr_copy(icmp_packet->dst, icmp_packet->orig); 328 ether_addr_copy(icmp_packet->orig, primary_if->net_dev->dev_addr); 329 icmp_packet->msg_type = BATADV_TTL_EXCEEDED; 330 icmp_packet->ttl = BATADV_TTL; 331 332 res = batadv_send_skb_to_orig(skb, orig_node, NULL); 333 if (res == NET_RX_SUCCESS) 334 ret = NET_XMIT_SUCCESS; 335 336 /* skb was consumed */ 337 skb = NULL; 338 339 out: 340 if (primary_if) 341 batadv_hardif_put(primary_if); 342 if (orig_node) 343 batadv_orig_node_put(orig_node); 344 345 kfree_skb(skb); 346 347 return ret; 348 } 349 350 int batadv_recv_icmp_packet(struct sk_buff *skb, 351 struct batadv_hard_iface *recv_if) 352 { 353 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 354 struct batadv_icmp_header *icmph; 355 struct batadv_icmp_packet_rr *icmp_packet_rr; 356 struct ethhdr *ethhdr; 357 struct batadv_orig_node *orig_node = NULL; 358 int hdr_size = sizeof(struct batadv_icmp_header); 359 int res, ret = NET_RX_DROP; 360 361 /* drop packet if it has not necessary minimum size */ 362 if (unlikely(!pskb_may_pull(skb, hdr_size))) 363 goto free_skb; 364 365 ethhdr = eth_hdr(skb); 366 367 /* packet with unicast indication but non-unicast recipient */ 368 if (!is_valid_ether_addr(ethhdr->h_dest)) 369 goto free_skb; 370 371 /* packet with broadcast/multicast sender address */ 372 if (is_multicast_ether_addr(ethhdr->h_source)) 373 goto free_skb; 374 375 /* not for me */ 376 if (!batadv_is_my_mac(bat_priv, ethhdr->h_dest)) 377 goto free_skb; 378 379 icmph = (struct batadv_icmp_header *)skb->data; 380 381 /* add record route information if not full */ 382 if ((icmph->msg_type == BATADV_ECHO_REPLY || 383 icmph->msg_type == BATADV_ECHO_REQUEST) && 384 (skb->len >= sizeof(struct batadv_icmp_packet_rr))) { 385 if (skb_linearize(skb) < 0) 386 goto free_skb; 387 388 /* create a copy of the skb, if needed, to modify it. */ 389 if (skb_cow(skb, ETH_HLEN) < 0) 390 goto free_skb; 391 392 ethhdr = eth_hdr(skb); 393 icmph = (struct batadv_icmp_header *)skb->data; 394 icmp_packet_rr = (struct batadv_icmp_packet_rr *)icmph; 395 if (icmp_packet_rr->rr_cur >= BATADV_RR_LEN) 396 goto free_skb; 397 398 ether_addr_copy(icmp_packet_rr->rr[icmp_packet_rr->rr_cur], 399 ethhdr->h_dest); 400 icmp_packet_rr->rr_cur++; 401 } 402 403 /* packet for me */ 404 if (batadv_is_my_mac(bat_priv, icmph->dst)) 405 return batadv_recv_my_icmp_packet(bat_priv, skb); 406 407 /* TTL exceeded */ 408 if (icmph->ttl < 2) 409 return batadv_recv_icmp_ttl_exceeded(bat_priv, skb); 410 411 /* get routing information */ 412 orig_node = batadv_orig_hash_find(bat_priv, icmph->dst); 413 if (!orig_node) 414 goto free_skb; 415 416 /* create a copy of the skb, if needed, to modify it. */ 417 if (skb_cow(skb, ETH_HLEN) < 0) 418 goto put_orig_node; 419 420 icmph = (struct batadv_icmp_header *)skb->data; 421 422 /* decrement ttl */ 423 icmph->ttl--; 424 425 /* route it */ 426 res = batadv_send_skb_to_orig(skb, orig_node, recv_if); 427 if (res == NET_XMIT_SUCCESS) 428 ret = NET_RX_SUCCESS; 429 430 /* skb was consumed */ 431 skb = NULL; 432 433 put_orig_node: 434 if (orig_node) 435 batadv_orig_node_put(orig_node); 436 free_skb: 437 kfree_skb(skb); 438 439 return ret; 440 } 441 442 /** 443 * batadv_check_unicast_packet - Check for malformed unicast packets 444 * @bat_priv: the bat priv with all the soft interface information 445 * @skb: packet to check 446 * @hdr_size: size of header to pull 447 * 448 * Check for short header and bad addresses in given packet. 449 * 450 * Return: negative value when check fails and 0 otherwise. The negative value 451 * depends on the reason: -ENODATA for bad header, -EBADR for broadcast 452 * destination or source, and -EREMOTE for non-local (other host) destination. 453 */ 454 static int batadv_check_unicast_packet(struct batadv_priv *bat_priv, 455 struct sk_buff *skb, int hdr_size) 456 { 457 struct ethhdr *ethhdr; 458 459 /* drop packet if it has not necessary minimum size */ 460 if (unlikely(!pskb_may_pull(skb, hdr_size))) 461 return -ENODATA; 462 463 ethhdr = eth_hdr(skb); 464 465 /* packet with unicast indication but non-unicast recipient */ 466 if (!is_valid_ether_addr(ethhdr->h_dest)) 467 return -EBADR; 468 469 /* packet with broadcast/multicast sender address */ 470 if (is_multicast_ether_addr(ethhdr->h_source)) 471 return -EBADR; 472 473 /* not for me */ 474 if (!batadv_is_my_mac(bat_priv, ethhdr->h_dest)) 475 return -EREMOTE; 476 477 return 0; 478 } 479 480 /** 481 * batadv_last_bonding_get - Get last_bonding_candidate of orig_node 482 * @orig_node: originator node whose last bonding candidate should be retrieved 483 * 484 * Return: last bonding candidate of router or NULL if not found 485 * 486 * The object is returned with refcounter increased by 1. 487 */ 488 static struct batadv_orig_ifinfo * 489 batadv_last_bonding_get(struct batadv_orig_node *orig_node) 490 { 491 struct batadv_orig_ifinfo *last_bonding_candidate; 492 493 spin_lock_bh(&orig_node->neigh_list_lock); 494 last_bonding_candidate = orig_node->last_bonding_candidate; 495 496 if (last_bonding_candidate) 497 kref_get(&last_bonding_candidate->refcount); 498 spin_unlock_bh(&orig_node->neigh_list_lock); 499 500 return last_bonding_candidate; 501 } 502 503 /** 504 * batadv_last_bonding_replace - Replace last_bonding_candidate of orig_node 505 * @orig_node: originator node whose bonding candidates should be replaced 506 * @new_candidate: new bonding candidate or NULL 507 */ 508 static void 509 batadv_last_bonding_replace(struct batadv_orig_node *orig_node, 510 struct batadv_orig_ifinfo *new_candidate) 511 { 512 struct batadv_orig_ifinfo *old_candidate; 513 514 spin_lock_bh(&orig_node->neigh_list_lock); 515 old_candidate = orig_node->last_bonding_candidate; 516 517 if (new_candidate) 518 kref_get(&new_candidate->refcount); 519 orig_node->last_bonding_candidate = new_candidate; 520 spin_unlock_bh(&orig_node->neigh_list_lock); 521 522 if (old_candidate) 523 batadv_orig_ifinfo_put(old_candidate); 524 } 525 526 /** 527 * batadv_find_router - find a suitable router for this originator 528 * @bat_priv: the bat priv with all the soft interface information 529 * @orig_node: the destination node 530 * @recv_if: pointer to interface this packet was received on 531 * 532 * Return: the router which should be used for this orig_node on 533 * this interface, or NULL if not available. 534 */ 535 struct batadv_neigh_node * 536 batadv_find_router(struct batadv_priv *bat_priv, 537 struct batadv_orig_node *orig_node, 538 struct batadv_hard_iface *recv_if) 539 { 540 struct batadv_algo_ops *bao = bat_priv->algo_ops; 541 struct batadv_neigh_node *first_candidate_router = NULL; 542 struct batadv_neigh_node *next_candidate_router = NULL; 543 struct batadv_neigh_node *router, *cand_router = NULL; 544 struct batadv_neigh_node *last_cand_router = NULL; 545 struct batadv_orig_ifinfo *cand, *first_candidate = NULL; 546 struct batadv_orig_ifinfo *next_candidate = NULL; 547 struct batadv_orig_ifinfo *last_candidate; 548 bool last_candidate_found = false; 549 550 if (!orig_node) 551 return NULL; 552 553 router = batadv_orig_router_get(orig_node, recv_if); 554 555 if (!router) 556 return router; 557 558 /* only consider bonding for recv_if == BATADV_IF_DEFAULT (first hop) 559 * and if activated. 560 */ 561 if (!(recv_if == BATADV_IF_DEFAULT && atomic_read(&bat_priv->bonding))) 562 return router; 563 564 /* bonding: loop through the list of possible routers found 565 * for the various outgoing interfaces and find a candidate after 566 * the last chosen bonding candidate (next_candidate). If no such 567 * router is found, use the first candidate found (the previously 568 * chosen bonding candidate might have been the last one in the list). 569 * If this can't be found either, return the previously chosen 570 * router - obviously there are no other candidates. 571 */ 572 rcu_read_lock(); 573 last_candidate = batadv_last_bonding_get(orig_node); 574 if (last_candidate) 575 last_cand_router = rcu_dereference(last_candidate->router); 576 577 hlist_for_each_entry_rcu(cand, &orig_node->ifinfo_list, list) { 578 /* acquire some structures and references ... */ 579 if (!kref_get_unless_zero(&cand->refcount)) 580 continue; 581 582 cand_router = rcu_dereference(cand->router); 583 if (!cand_router) 584 goto next; 585 586 if (!kref_get_unless_zero(&cand_router->refcount)) { 587 cand_router = NULL; 588 goto next; 589 } 590 591 /* alternative candidate should be good enough to be 592 * considered 593 */ 594 if (!bao->neigh.is_similar_or_better(cand_router, 595 cand->if_outgoing, router, 596 recv_if)) 597 goto next; 598 599 /* don't use the same router twice */ 600 if (last_cand_router == cand_router) 601 goto next; 602 603 /* mark the first possible candidate */ 604 if (!first_candidate) { 605 kref_get(&cand_router->refcount); 606 kref_get(&cand->refcount); 607 first_candidate = cand; 608 first_candidate_router = cand_router; 609 } 610 611 /* check if the loop has already passed the previously selected 612 * candidate ... this function should select the next candidate 613 * AFTER the previously used bonding candidate. 614 */ 615 if (!last_candidate || last_candidate_found) { 616 next_candidate = cand; 617 next_candidate_router = cand_router; 618 break; 619 } 620 621 if (last_candidate == cand) 622 last_candidate_found = true; 623 next: 624 /* free references */ 625 if (cand_router) { 626 batadv_neigh_node_put(cand_router); 627 cand_router = NULL; 628 } 629 batadv_orig_ifinfo_put(cand); 630 } 631 rcu_read_unlock(); 632 633 /* After finding candidates, handle the three cases: 634 * 1) there is a next candidate, use that 635 * 2) there is no next candidate, use the first of the list 636 * 3) there is no candidate at all, return the default router 637 */ 638 if (next_candidate) { 639 batadv_neigh_node_put(router); 640 641 kref_get(&next_candidate_router->refcount); 642 router = next_candidate_router; 643 batadv_last_bonding_replace(orig_node, next_candidate); 644 } else if (first_candidate) { 645 batadv_neigh_node_put(router); 646 647 kref_get(&first_candidate_router->refcount); 648 router = first_candidate_router; 649 batadv_last_bonding_replace(orig_node, first_candidate); 650 } else { 651 batadv_last_bonding_replace(orig_node, NULL); 652 } 653 654 /* cleanup of candidates */ 655 if (first_candidate) { 656 batadv_neigh_node_put(first_candidate_router); 657 batadv_orig_ifinfo_put(first_candidate); 658 } 659 660 if (next_candidate) { 661 batadv_neigh_node_put(next_candidate_router); 662 batadv_orig_ifinfo_put(next_candidate); 663 } 664 665 if (last_candidate) 666 batadv_orig_ifinfo_put(last_candidate); 667 668 return router; 669 } 670 671 static int batadv_route_unicast_packet(struct sk_buff *skb, 672 struct batadv_hard_iface *recv_if) 673 { 674 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 675 struct batadv_orig_node *orig_node = NULL; 676 struct batadv_unicast_packet *unicast_packet; 677 struct ethhdr *ethhdr = eth_hdr(skb); 678 int res, hdr_len, ret = NET_RX_DROP; 679 unsigned int len; 680 681 unicast_packet = (struct batadv_unicast_packet *)skb->data; 682 683 /* TTL exceeded */ 684 if (unicast_packet->ttl < 2) { 685 pr_debug("Warning - can't forward unicast packet from %pM to %pM: ttl exceeded\n", 686 ethhdr->h_source, unicast_packet->dest); 687 goto free_skb; 688 } 689 690 /* get routing information */ 691 orig_node = batadv_orig_hash_find(bat_priv, unicast_packet->dest); 692 693 if (!orig_node) 694 goto free_skb; 695 696 /* create a copy of the skb, if needed, to modify it. */ 697 if (skb_cow(skb, ETH_HLEN) < 0) 698 goto put_orig_node; 699 700 /* decrement ttl */ 701 unicast_packet = (struct batadv_unicast_packet *)skb->data; 702 unicast_packet->ttl--; 703 704 switch (unicast_packet->packet_type) { 705 case BATADV_UNICAST_4ADDR: 706 hdr_len = sizeof(struct batadv_unicast_4addr_packet); 707 break; 708 case BATADV_UNICAST: 709 hdr_len = sizeof(struct batadv_unicast_packet); 710 break; 711 default: 712 /* other packet types not supported - yet */ 713 hdr_len = -1; 714 break; 715 } 716 717 if (hdr_len > 0) 718 batadv_skb_set_priority(skb, hdr_len); 719 720 len = skb->len; 721 res = batadv_send_skb_to_orig(skb, orig_node, recv_if); 722 723 /* translate transmit result into receive result */ 724 if (res == NET_XMIT_SUCCESS) { 725 ret = NET_RX_SUCCESS; 726 /* skb was transmitted and consumed */ 727 batadv_inc_counter(bat_priv, BATADV_CNT_FORWARD); 728 batadv_add_counter(bat_priv, BATADV_CNT_FORWARD_BYTES, 729 len + ETH_HLEN); 730 } 731 732 /* skb was consumed */ 733 skb = NULL; 734 735 put_orig_node: 736 batadv_orig_node_put(orig_node); 737 free_skb: 738 kfree_skb(skb); 739 740 return ret; 741 } 742 743 /** 744 * batadv_reroute_unicast_packet - update the unicast header for re-routing 745 * @bat_priv: the bat priv with all the soft interface information 746 * @unicast_packet: the unicast header to be updated 747 * @dst_addr: the payload destination 748 * @vid: VLAN identifier 749 * 750 * Search the translation table for dst_addr and update the unicast header with 751 * the new corresponding information (originator address where the destination 752 * client currently is and its known TTVN) 753 * 754 * Return: true if the packet header has been updated, false otherwise 755 */ 756 static bool 757 batadv_reroute_unicast_packet(struct batadv_priv *bat_priv, 758 struct batadv_unicast_packet *unicast_packet, 759 u8 *dst_addr, unsigned short vid) 760 { 761 struct batadv_orig_node *orig_node = NULL; 762 struct batadv_hard_iface *primary_if = NULL; 763 bool ret = false; 764 u8 *orig_addr, orig_ttvn; 765 766 if (batadv_is_my_client(bat_priv, dst_addr, vid)) { 767 primary_if = batadv_primary_if_get_selected(bat_priv); 768 if (!primary_if) 769 goto out; 770 orig_addr = primary_if->net_dev->dev_addr; 771 orig_ttvn = (u8)atomic_read(&bat_priv->tt.vn); 772 } else { 773 orig_node = batadv_transtable_search(bat_priv, NULL, dst_addr, 774 vid); 775 if (!orig_node) 776 goto out; 777 778 if (batadv_compare_eth(orig_node->orig, unicast_packet->dest)) 779 goto out; 780 781 orig_addr = orig_node->orig; 782 orig_ttvn = (u8)atomic_read(&orig_node->last_ttvn); 783 } 784 785 /* update the packet header */ 786 ether_addr_copy(unicast_packet->dest, orig_addr); 787 unicast_packet->ttvn = orig_ttvn; 788 789 ret = true; 790 out: 791 if (primary_if) 792 batadv_hardif_put(primary_if); 793 if (orig_node) 794 batadv_orig_node_put(orig_node); 795 796 return ret; 797 } 798 799 static bool batadv_check_unicast_ttvn(struct batadv_priv *bat_priv, 800 struct sk_buff *skb, int hdr_len) 801 { 802 struct batadv_unicast_packet *unicast_packet; 803 struct batadv_hard_iface *primary_if; 804 struct batadv_orig_node *orig_node; 805 u8 curr_ttvn, old_ttvn; 806 struct ethhdr *ethhdr; 807 unsigned short vid; 808 int is_old_ttvn; 809 810 /* check if there is enough data before accessing it */ 811 if (!pskb_may_pull(skb, hdr_len + ETH_HLEN)) 812 return false; 813 814 /* create a copy of the skb (in case of for re-routing) to modify it. */ 815 if (skb_cow(skb, sizeof(*unicast_packet)) < 0) 816 return false; 817 818 unicast_packet = (struct batadv_unicast_packet *)skb->data; 819 vid = batadv_get_vid(skb, hdr_len); 820 ethhdr = (struct ethhdr *)(skb->data + hdr_len); 821 822 /* check if the destination client was served by this node and it is now 823 * roaming. In this case, it means that the node has got a ROAM_ADV 824 * message and that it knows the new destination in the mesh to re-route 825 * the packet to 826 */ 827 if (batadv_tt_local_client_is_roaming(bat_priv, ethhdr->h_dest, vid)) { 828 if (batadv_reroute_unicast_packet(bat_priv, unicast_packet, 829 ethhdr->h_dest, vid)) 830 batadv_dbg_ratelimited(BATADV_DBG_TT, 831 bat_priv, 832 "Rerouting unicast packet to %pM (dst=%pM): Local Roaming\n", 833 unicast_packet->dest, 834 ethhdr->h_dest); 835 /* at this point the mesh destination should have been 836 * substituted with the originator address found in the global 837 * table. If not, let the packet go untouched anyway because 838 * there is nothing the node can do 839 */ 840 return true; 841 } 842 843 /* retrieve the TTVN known by this node for the packet destination. This 844 * value is used later to check if the node which sent (or re-routed 845 * last time) the packet had an updated information or not 846 */ 847 curr_ttvn = (u8)atomic_read(&bat_priv->tt.vn); 848 if (!batadv_is_my_mac(bat_priv, unicast_packet->dest)) { 849 orig_node = batadv_orig_hash_find(bat_priv, 850 unicast_packet->dest); 851 /* if it is not possible to find the orig_node representing the 852 * destination, the packet can immediately be dropped as it will 853 * not be possible to deliver it 854 */ 855 if (!orig_node) 856 return false; 857 858 curr_ttvn = (u8)atomic_read(&orig_node->last_ttvn); 859 batadv_orig_node_put(orig_node); 860 } 861 862 /* check if the TTVN contained in the packet is fresher than what the 863 * node knows 864 */ 865 is_old_ttvn = batadv_seq_before(unicast_packet->ttvn, curr_ttvn); 866 if (!is_old_ttvn) 867 return true; 868 869 old_ttvn = unicast_packet->ttvn; 870 /* the packet was forged based on outdated network information. Its 871 * destination can possibly be updated and forwarded towards the new 872 * target host 873 */ 874 if (batadv_reroute_unicast_packet(bat_priv, unicast_packet, 875 ethhdr->h_dest, vid)) { 876 batadv_dbg_ratelimited(BATADV_DBG_TT, bat_priv, 877 "Rerouting unicast packet to %pM (dst=%pM): TTVN mismatch old_ttvn=%u new_ttvn=%u\n", 878 unicast_packet->dest, ethhdr->h_dest, 879 old_ttvn, curr_ttvn); 880 return true; 881 } 882 883 /* the packet has not been re-routed: either the destination is 884 * currently served by this node or there is no destination at all and 885 * it is possible to drop the packet 886 */ 887 if (!batadv_is_my_client(bat_priv, ethhdr->h_dest, vid)) 888 return false; 889 890 /* update the header in order to let the packet be delivered to this 891 * node's soft interface 892 */ 893 primary_if = batadv_primary_if_get_selected(bat_priv); 894 if (!primary_if) 895 return false; 896 897 ether_addr_copy(unicast_packet->dest, primary_if->net_dev->dev_addr); 898 899 batadv_hardif_put(primary_if); 900 901 unicast_packet->ttvn = curr_ttvn; 902 903 return true; 904 } 905 906 /** 907 * batadv_recv_unhandled_unicast_packet - receive and process packets which 908 * are in the unicast number space but not yet known to the implementation 909 * @skb: unicast tvlv packet to process 910 * @recv_if: pointer to interface this packet was received on 911 * 912 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP 913 * otherwise. 914 */ 915 int batadv_recv_unhandled_unicast_packet(struct sk_buff *skb, 916 struct batadv_hard_iface *recv_if) 917 { 918 struct batadv_unicast_packet *unicast_packet; 919 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 920 int check, hdr_size = sizeof(*unicast_packet); 921 922 check = batadv_check_unicast_packet(bat_priv, skb, hdr_size); 923 if (check < 0) 924 goto free_skb; 925 926 /* we don't know about this type, drop it. */ 927 unicast_packet = (struct batadv_unicast_packet *)skb->data; 928 if (batadv_is_my_mac(bat_priv, unicast_packet->dest)) 929 goto free_skb; 930 931 return batadv_route_unicast_packet(skb, recv_if); 932 933 free_skb: 934 kfree_skb(skb); 935 return NET_RX_DROP; 936 } 937 938 int batadv_recv_unicast_packet(struct sk_buff *skb, 939 struct batadv_hard_iface *recv_if) 940 { 941 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 942 struct batadv_unicast_packet *unicast_packet; 943 struct batadv_unicast_4addr_packet *unicast_4addr_packet; 944 u8 *orig_addr; 945 struct batadv_orig_node *orig_node = NULL; 946 int check, hdr_size = sizeof(*unicast_packet); 947 enum batadv_subtype subtype; 948 bool is4addr; 949 int ret = NET_RX_DROP; 950 951 unicast_packet = (struct batadv_unicast_packet *)skb->data; 952 unicast_4addr_packet = (struct batadv_unicast_4addr_packet *)skb->data; 953 954 is4addr = unicast_packet->packet_type == BATADV_UNICAST_4ADDR; 955 /* the caller function should have already pulled 2 bytes */ 956 if (is4addr) 957 hdr_size = sizeof(*unicast_4addr_packet); 958 959 /* function returns -EREMOTE for promiscuous packets */ 960 check = batadv_check_unicast_packet(bat_priv, skb, hdr_size); 961 962 /* Even though the packet is not for us, we might save it to use for 963 * decoding a later received coded packet 964 */ 965 if (check == -EREMOTE) 966 batadv_nc_skb_store_sniffed_unicast(bat_priv, skb); 967 968 if (check < 0) 969 goto free_skb; 970 if (!batadv_check_unicast_ttvn(bat_priv, skb, hdr_size)) 971 goto free_skb; 972 973 /* packet for me */ 974 if (batadv_is_my_mac(bat_priv, unicast_packet->dest)) { 975 if (is4addr) { 976 subtype = unicast_4addr_packet->subtype; 977 batadv_dat_inc_counter(bat_priv, subtype); 978 979 /* Only payload data should be considered for speedy 980 * join. For example, DAT also uses unicast 4addr 981 * types, but those packets should not be considered 982 * for speedy join, since the clients do not actually 983 * reside at the sending originator. 984 */ 985 if (subtype == BATADV_P_DATA) { 986 orig_addr = unicast_4addr_packet->src; 987 orig_node = batadv_orig_hash_find(bat_priv, 988 orig_addr); 989 } 990 } 991 992 if (batadv_dat_snoop_incoming_arp_request(bat_priv, skb, 993 hdr_size)) 994 goto rx_success; 995 if (batadv_dat_snoop_incoming_arp_reply(bat_priv, skb, 996 hdr_size)) 997 goto rx_success; 998 999 batadv_interface_rx(recv_if->soft_iface, skb, hdr_size, 1000 orig_node); 1001 1002 rx_success: 1003 if (orig_node) 1004 batadv_orig_node_put(orig_node); 1005 1006 return NET_RX_SUCCESS; 1007 } 1008 1009 ret = batadv_route_unicast_packet(skb, recv_if); 1010 /* skb was consumed */ 1011 skb = NULL; 1012 1013 free_skb: 1014 kfree_skb(skb); 1015 1016 return ret; 1017 } 1018 1019 /** 1020 * batadv_recv_unicast_tvlv - receive and process unicast tvlv packets 1021 * @skb: unicast tvlv packet to process 1022 * @recv_if: pointer to interface this packet was received on 1023 * 1024 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP 1025 * otherwise. 1026 */ 1027 int batadv_recv_unicast_tvlv(struct sk_buff *skb, 1028 struct batadv_hard_iface *recv_if) 1029 { 1030 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1031 struct batadv_unicast_tvlv_packet *unicast_tvlv_packet; 1032 unsigned char *tvlv_buff; 1033 u16 tvlv_buff_len; 1034 int hdr_size = sizeof(*unicast_tvlv_packet); 1035 int ret = NET_RX_DROP; 1036 1037 if (batadv_check_unicast_packet(bat_priv, skb, hdr_size) < 0) 1038 goto free_skb; 1039 1040 /* the header is likely to be modified while forwarding */ 1041 if (skb_cow(skb, hdr_size) < 0) 1042 goto free_skb; 1043 1044 /* packet needs to be linearized to access the tvlv content */ 1045 if (skb_linearize(skb) < 0) 1046 goto free_skb; 1047 1048 unicast_tvlv_packet = (struct batadv_unicast_tvlv_packet *)skb->data; 1049 1050 tvlv_buff = (unsigned char *)(skb->data + hdr_size); 1051 tvlv_buff_len = ntohs(unicast_tvlv_packet->tvlv_len); 1052 1053 if (tvlv_buff_len > skb->len - hdr_size) 1054 goto free_skb; 1055 1056 ret = batadv_tvlv_containers_process(bat_priv, false, NULL, 1057 unicast_tvlv_packet->src, 1058 unicast_tvlv_packet->dst, 1059 tvlv_buff, tvlv_buff_len); 1060 1061 if (ret != NET_RX_SUCCESS) { 1062 ret = batadv_route_unicast_packet(skb, recv_if); 1063 /* skb was consumed */ 1064 skb = NULL; 1065 } 1066 1067 free_skb: 1068 kfree_skb(skb); 1069 1070 return ret; 1071 } 1072 1073 /** 1074 * batadv_recv_frag_packet - process received fragment 1075 * @skb: the received fragment 1076 * @recv_if: interface that the skb is received on 1077 * 1078 * This function does one of the three following things: 1) Forward fragment, if 1079 * the assembled packet will exceed our MTU; 2) Buffer fragment, if we till 1080 * lack further fragments; 3) Merge fragments, if we have all needed parts. 1081 * 1082 * Return: NET_RX_DROP if the skb is not consumed, NET_RX_SUCCESS otherwise. 1083 */ 1084 int batadv_recv_frag_packet(struct sk_buff *skb, 1085 struct batadv_hard_iface *recv_if) 1086 { 1087 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1088 struct batadv_orig_node *orig_node_src = NULL; 1089 struct batadv_frag_packet *frag_packet; 1090 int ret = NET_RX_DROP; 1091 1092 if (batadv_check_unicast_packet(bat_priv, skb, 1093 sizeof(*frag_packet)) < 0) 1094 goto free_skb; 1095 1096 frag_packet = (struct batadv_frag_packet *)skb->data; 1097 orig_node_src = batadv_orig_hash_find(bat_priv, frag_packet->orig); 1098 if (!orig_node_src) 1099 goto free_skb; 1100 1101 skb->priority = frag_packet->priority + 256; 1102 1103 /* Route the fragment if it is not for us and too big to be merged. */ 1104 if (!batadv_is_my_mac(bat_priv, frag_packet->dest) && 1105 batadv_frag_skb_fwd(skb, recv_if, orig_node_src)) { 1106 /* skb was consumed */ 1107 skb = NULL; 1108 ret = NET_RX_SUCCESS; 1109 goto put_orig_node; 1110 } 1111 1112 batadv_inc_counter(bat_priv, BATADV_CNT_FRAG_RX); 1113 batadv_add_counter(bat_priv, BATADV_CNT_FRAG_RX_BYTES, skb->len); 1114 1115 /* Add fragment to buffer and merge if possible. */ 1116 if (!batadv_frag_skb_buffer(&skb, orig_node_src)) 1117 goto put_orig_node; 1118 1119 /* Deliver merged packet to the appropriate handler, if it was 1120 * merged 1121 */ 1122 if (skb) { 1123 batadv_batman_skb_recv(skb, recv_if->net_dev, 1124 &recv_if->batman_adv_ptype, NULL); 1125 /* skb was consumed */ 1126 skb = NULL; 1127 } 1128 1129 ret = NET_RX_SUCCESS; 1130 1131 put_orig_node: 1132 batadv_orig_node_put(orig_node_src); 1133 free_skb: 1134 kfree_skb(skb); 1135 1136 return ret; 1137 } 1138 1139 int batadv_recv_bcast_packet(struct sk_buff *skb, 1140 struct batadv_hard_iface *recv_if) 1141 { 1142 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1143 struct batadv_orig_node *orig_node = NULL; 1144 struct batadv_bcast_packet *bcast_packet; 1145 struct ethhdr *ethhdr; 1146 int hdr_size = sizeof(*bcast_packet); 1147 int ret = NET_RX_DROP; 1148 s32 seq_diff; 1149 u32 seqno; 1150 1151 /* drop packet if it has not necessary minimum size */ 1152 if (unlikely(!pskb_may_pull(skb, hdr_size))) 1153 goto free_skb; 1154 1155 ethhdr = eth_hdr(skb); 1156 1157 /* packet with broadcast indication but unicast recipient */ 1158 if (!is_broadcast_ether_addr(ethhdr->h_dest)) 1159 goto free_skb; 1160 1161 /* packet with broadcast/multicast sender address */ 1162 if (is_multicast_ether_addr(ethhdr->h_source)) 1163 goto free_skb; 1164 1165 /* ignore broadcasts sent by myself */ 1166 if (batadv_is_my_mac(bat_priv, ethhdr->h_source)) 1167 goto free_skb; 1168 1169 bcast_packet = (struct batadv_bcast_packet *)skb->data; 1170 1171 /* ignore broadcasts originated by myself */ 1172 if (batadv_is_my_mac(bat_priv, bcast_packet->orig)) 1173 goto free_skb; 1174 1175 if (bcast_packet->ttl < 2) 1176 goto free_skb; 1177 1178 orig_node = batadv_orig_hash_find(bat_priv, bcast_packet->orig); 1179 1180 if (!orig_node) 1181 goto free_skb; 1182 1183 spin_lock_bh(&orig_node->bcast_seqno_lock); 1184 1185 seqno = ntohl(bcast_packet->seqno); 1186 /* check whether the packet is a duplicate */ 1187 if (batadv_test_bit(orig_node->bcast_bits, orig_node->last_bcast_seqno, 1188 seqno)) 1189 goto spin_unlock; 1190 1191 seq_diff = seqno - orig_node->last_bcast_seqno; 1192 1193 /* check whether the packet is old and the host just restarted. */ 1194 if (batadv_window_protected(bat_priv, seq_diff, 1195 BATADV_BCAST_MAX_AGE, 1196 &orig_node->bcast_seqno_reset, NULL)) 1197 goto spin_unlock; 1198 1199 /* mark broadcast in flood history, update window position 1200 * if required. 1201 */ 1202 if (batadv_bit_get_packet(bat_priv, orig_node->bcast_bits, seq_diff, 1)) 1203 orig_node->last_bcast_seqno = seqno; 1204 1205 spin_unlock_bh(&orig_node->bcast_seqno_lock); 1206 1207 /* check whether this has been sent by another originator before */ 1208 if (batadv_bla_check_bcast_duplist(bat_priv, skb)) 1209 goto free_skb; 1210 1211 batadv_skb_set_priority(skb, sizeof(struct batadv_bcast_packet)); 1212 1213 /* rebroadcast packet */ 1214 batadv_add_bcast_packet_to_list(bat_priv, skb, 1, false); 1215 1216 /* don't hand the broadcast up if it is from an originator 1217 * from the same backbone. 1218 */ 1219 if (batadv_bla_is_backbone_gw(skb, orig_node, hdr_size)) 1220 goto free_skb; 1221 1222 if (batadv_dat_snoop_incoming_arp_request(bat_priv, skb, hdr_size)) 1223 goto rx_success; 1224 if (batadv_dat_snoop_incoming_arp_reply(bat_priv, skb, hdr_size)) 1225 goto rx_success; 1226 1227 /* broadcast for me */ 1228 batadv_interface_rx(recv_if->soft_iface, skb, hdr_size, orig_node); 1229 1230 rx_success: 1231 ret = NET_RX_SUCCESS; 1232 goto out; 1233 1234 spin_unlock: 1235 spin_unlock_bh(&orig_node->bcast_seqno_lock); 1236 free_skb: 1237 kfree_skb(skb); 1238 out: 1239 if (orig_node) 1240 batadv_orig_node_put(orig_node); 1241 return ret; 1242 } 1243