1 // SPDX-License-Identifier: GPL-2.0 2 /* Copyright (C) B.A.T.M.A.N. contributors: 3 * 4 * Marek Lindner, Simon Wunderlich 5 */ 6 7 #include "routing.h" 8 #include "main.h" 9 10 #include <linux/atomic.h> 11 #include <linux/byteorder/generic.h> 12 #include <linux/compiler.h> 13 #include <linux/errno.h> 14 #include <linux/etherdevice.h> 15 #include <linux/if_ether.h> 16 #include <linux/jiffies.h> 17 #include <linux/kref.h> 18 #include <linux/netdevice.h> 19 #include <linux/printk.h> 20 #include <linux/rculist.h> 21 #include <linux/rcupdate.h> 22 #include <linux/skbuff.h> 23 #include <linux/spinlock.h> 24 #include <linux/stddef.h> 25 #include <uapi/linux/batadv_packet.h> 26 27 #include "bitarray.h" 28 #include "bridge_loop_avoidance.h" 29 #include "distributed-arp-table.h" 30 #include "fragmentation.h" 31 #include "hard-interface.h" 32 #include "log.h" 33 #include "network-coding.h" 34 #include "originator.h" 35 #include "send.h" 36 #include "soft-interface.h" 37 #include "tp_meter.h" 38 #include "translation-table.h" 39 #include "tvlv.h" 40 41 static int batadv_route_unicast_packet(struct sk_buff *skb, 42 struct batadv_hard_iface *recv_if); 43 44 /** 45 * _batadv_update_route() - set the router for this originator 46 * @bat_priv: the bat priv with all the soft interface information 47 * @orig_node: orig node which is to be configured 48 * @recv_if: the receive interface for which this route is set 49 * @neigh_node: neighbor which should be the next router 50 * 51 * This function does not perform any error checks 52 */ 53 static void _batadv_update_route(struct batadv_priv *bat_priv, 54 struct batadv_orig_node *orig_node, 55 struct batadv_hard_iface *recv_if, 56 struct batadv_neigh_node *neigh_node) 57 { 58 struct batadv_orig_ifinfo *orig_ifinfo; 59 struct batadv_neigh_node *curr_router; 60 61 orig_ifinfo = batadv_orig_ifinfo_get(orig_node, recv_if); 62 if (!orig_ifinfo) 63 return; 64 65 spin_lock_bh(&orig_node->neigh_list_lock); 66 /* curr_router used earlier may not be the current orig_ifinfo->router 67 * anymore because it was dereferenced outside of the neigh_list_lock 68 * protected region. After the new best neighbor has replace the current 69 * best neighbor the reference counter needs to decrease. Consequently, 70 * the code needs to ensure the curr_router variable contains a pointer 71 * to the replaced best neighbor. 72 */ 73 74 /* increase refcount of new best neighbor */ 75 if (neigh_node) 76 kref_get(&neigh_node->refcount); 77 78 curr_router = rcu_replace_pointer(orig_ifinfo->router, neigh_node, 79 true); 80 spin_unlock_bh(&orig_node->neigh_list_lock); 81 batadv_orig_ifinfo_put(orig_ifinfo); 82 83 /* route deleted */ 84 if (curr_router && !neigh_node) { 85 batadv_dbg(BATADV_DBG_ROUTES, bat_priv, 86 "Deleting route towards: %pM\n", orig_node->orig); 87 batadv_tt_global_del_orig(bat_priv, orig_node, -1, 88 "Deleted route towards originator"); 89 90 /* route added */ 91 } else if (!curr_router && neigh_node) { 92 batadv_dbg(BATADV_DBG_ROUTES, bat_priv, 93 "Adding route towards: %pM (via %pM)\n", 94 orig_node->orig, neigh_node->addr); 95 /* route changed */ 96 } else if (neigh_node && curr_router) { 97 batadv_dbg(BATADV_DBG_ROUTES, bat_priv, 98 "Changing route towards: %pM (now via %pM - was via %pM)\n", 99 orig_node->orig, neigh_node->addr, 100 curr_router->addr); 101 } 102 103 /* decrease refcount of previous best neighbor */ 104 if (curr_router) 105 batadv_neigh_node_put(curr_router); 106 } 107 108 /** 109 * batadv_update_route() - set the router for this originator 110 * @bat_priv: the bat priv with all the soft interface information 111 * @orig_node: orig node which is to be configured 112 * @recv_if: the receive interface for which this route is set 113 * @neigh_node: neighbor which should be the next router 114 */ 115 void batadv_update_route(struct batadv_priv *bat_priv, 116 struct batadv_orig_node *orig_node, 117 struct batadv_hard_iface *recv_if, 118 struct batadv_neigh_node *neigh_node) 119 { 120 struct batadv_neigh_node *router = NULL; 121 122 if (!orig_node) 123 goto out; 124 125 router = batadv_orig_router_get(orig_node, recv_if); 126 127 if (router != neigh_node) 128 _batadv_update_route(bat_priv, orig_node, recv_if, neigh_node); 129 130 out: 131 if (router) 132 batadv_neigh_node_put(router); 133 } 134 135 /** 136 * batadv_window_protected() - checks whether the host restarted and is in the 137 * protection time. 138 * @bat_priv: the bat priv with all the soft interface information 139 * @seq_num_diff: difference between the current/received sequence number and 140 * the last sequence number 141 * @seq_old_max_diff: maximum age of sequence number not considered as restart 142 * @last_reset: jiffies timestamp of the last reset, will be updated when reset 143 * is detected 144 * @protection_started: is set to true if the protection window was started, 145 * doesn't change otherwise. 146 * 147 * Return: 148 * false if the packet is to be accepted. 149 * true if the packet is to be ignored. 150 */ 151 bool batadv_window_protected(struct batadv_priv *bat_priv, s32 seq_num_diff, 152 s32 seq_old_max_diff, unsigned long *last_reset, 153 bool *protection_started) 154 { 155 if (seq_num_diff <= -seq_old_max_diff || 156 seq_num_diff >= BATADV_EXPECTED_SEQNO_RANGE) { 157 if (!batadv_has_timed_out(*last_reset, 158 BATADV_RESET_PROTECTION_MS)) 159 return true; 160 161 *last_reset = jiffies; 162 if (protection_started) 163 *protection_started = true; 164 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 165 "old packet received, start protection\n"); 166 } 167 168 return false; 169 } 170 171 /** 172 * batadv_check_management_packet() - Check preconditions for management packets 173 * @skb: incoming packet buffer 174 * @hard_iface: incoming hard interface 175 * @header_len: minimal header length of packet type 176 * 177 * Return: true when management preconditions are met, false otherwise 178 */ 179 bool batadv_check_management_packet(struct sk_buff *skb, 180 struct batadv_hard_iface *hard_iface, 181 int header_len) 182 { 183 struct ethhdr *ethhdr; 184 185 /* drop packet if it has not necessary minimum size */ 186 if (unlikely(!pskb_may_pull(skb, header_len))) 187 return false; 188 189 ethhdr = eth_hdr(skb); 190 191 /* packet with broadcast indication but unicast recipient */ 192 if (!is_broadcast_ether_addr(ethhdr->h_dest)) 193 return false; 194 195 /* packet with invalid sender address */ 196 if (!is_valid_ether_addr(ethhdr->h_source)) 197 return false; 198 199 /* create a copy of the skb, if needed, to modify it. */ 200 if (skb_cow(skb, 0) < 0) 201 return false; 202 203 /* keep skb linear */ 204 if (skb_linearize(skb) < 0) 205 return false; 206 207 return true; 208 } 209 210 /** 211 * batadv_recv_my_icmp_packet() - receive an icmp packet locally 212 * @bat_priv: the bat priv with all the soft interface information 213 * @skb: icmp packet to process 214 * 215 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP 216 * otherwise. 217 */ 218 static int batadv_recv_my_icmp_packet(struct batadv_priv *bat_priv, 219 struct sk_buff *skb) 220 { 221 struct batadv_hard_iface *primary_if = NULL; 222 struct batadv_orig_node *orig_node = NULL; 223 struct batadv_icmp_header *icmph; 224 int res, ret = NET_RX_DROP; 225 226 icmph = (struct batadv_icmp_header *)skb->data; 227 228 switch (icmph->msg_type) { 229 case BATADV_ECHO_REQUEST: 230 /* answer echo request (ping) */ 231 primary_if = batadv_primary_if_get_selected(bat_priv); 232 if (!primary_if) 233 goto out; 234 235 /* get routing information */ 236 orig_node = batadv_orig_hash_find(bat_priv, icmph->orig); 237 if (!orig_node) 238 goto out; 239 240 /* create a copy of the skb, if needed, to modify it. */ 241 if (skb_cow(skb, ETH_HLEN) < 0) 242 goto out; 243 244 icmph = (struct batadv_icmp_header *)skb->data; 245 246 ether_addr_copy(icmph->dst, icmph->orig); 247 ether_addr_copy(icmph->orig, primary_if->net_dev->dev_addr); 248 icmph->msg_type = BATADV_ECHO_REPLY; 249 icmph->ttl = BATADV_TTL; 250 251 res = batadv_send_skb_to_orig(skb, orig_node, NULL); 252 if (res == NET_XMIT_SUCCESS) 253 ret = NET_RX_SUCCESS; 254 255 /* skb was consumed */ 256 skb = NULL; 257 break; 258 case BATADV_TP: 259 if (!pskb_may_pull(skb, sizeof(struct batadv_icmp_tp_packet))) 260 goto out; 261 262 batadv_tp_meter_recv(bat_priv, skb); 263 ret = NET_RX_SUCCESS; 264 /* skb was consumed */ 265 skb = NULL; 266 goto out; 267 default: 268 /* drop unknown type */ 269 goto out; 270 } 271 out: 272 if (primary_if) 273 batadv_hardif_put(primary_if); 274 if (orig_node) 275 batadv_orig_node_put(orig_node); 276 277 kfree_skb(skb); 278 279 return ret; 280 } 281 282 static int batadv_recv_icmp_ttl_exceeded(struct batadv_priv *bat_priv, 283 struct sk_buff *skb) 284 { 285 struct batadv_hard_iface *primary_if = NULL; 286 struct batadv_orig_node *orig_node = NULL; 287 struct batadv_icmp_packet *icmp_packet; 288 int res, ret = NET_RX_DROP; 289 290 icmp_packet = (struct batadv_icmp_packet *)skb->data; 291 292 /* send TTL exceeded if packet is an echo request (traceroute) */ 293 if (icmp_packet->msg_type != BATADV_ECHO_REQUEST) { 294 pr_debug("Warning - can't forward icmp packet from %pM to %pM: ttl exceeded\n", 295 icmp_packet->orig, icmp_packet->dst); 296 goto out; 297 } 298 299 primary_if = batadv_primary_if_get_selected(bat_priv); 300 if (!primary_if) 301 goto out; 302 303 /* get routing information */ 304 orig_node = batadv_orig_hash_find(bat_priv, icmp_packet->orig); 305 if (!orig_node) 306 goto out; 307 308 /* create a copy of the skb, if needed, to modify it. */ 309 if (skb_cow(skb, ETH_HLEN) < 0) 310 goto out; 311 312 icmp_packet = (struct batadv_icmp_packet *)skb->data; 313 314 ether_addr_copy(icmp_packet->dst, icmp_packet->orig); 315 ether_addr_copy(icmp_packet->orig, primary_if->net_dev->dev_addr); 316 icmp_packet->msg_type = BATADV_TTL_EXCEEDED; 317 icmp_packet->ttl = BATADV_TTL; 318 319 res = batadv_send_skb_to_orig(skb, orig_node, NULL); 320 if (res == NET_RX_SUCCESS) 321 ret = NET_XMIT_SUCCESS; 322 323 /* skb was consumed */ 324 skb = NULL; 325 326 out: 327 if (primary_if) 328 batadv_hardif_put(primary_if); 329 if (orig_node) 330 batadv_orig_node_put(orig_node); 331 332 kfree_skb(skb); 333 334 return ret; 335 } 336 337 /** 338 * batadv_recv_icmp_packet() - Process incoming icmp packet 339 * @skb: incoming packet buffer 340 * @recv_if: incoming hard interface 341 * 342 * Return: NET_RX_SUCCESS on success or NET_RX_DROP in case of failure 343 */ 344 int batadv_recv_icmp_packet(struct sk_buff *skb, 345 struct batadv_hard_iface *recv_if) 346 { 347 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 348 struct batadv_icmp_header *icmph; 349 struct batadv_icmp_packet_rr *icmp_packet_rr; 350 struct ethhdr *ethhdr; 351 struct batadv_orig_node *orig_node = NULL; 352 int hdr_size = sizeof(struct batadv_icmp_header); 353 int res, ret = NET_RX_DROP; 354 355 /* drop packet if it has not necessary minimum size */ 356 if (unlikely(!pskb_may_pull(skb, hdr_size))) 357 goto free_skb; 358 359 ethhdr = eth_hdr(skb); 360 361 /* packet with unicast indication but non-unicast recipient */ 362 if (!is_valid_ether_addr(ethhdr->h_dest)) 363 goto free_skb; 364 365 /* packet with broadcast/multicast sender address */ 366 if (is_multicast_ether_addr(ethhdr->h_source)) 367 goto free_skb; 368 369 /* not for me */ 370 if (!batadv_is_my_mac(bat_priv, ethhdr->h_dest)) 371 goto free_skb; 372 373 icmph = (struct batadv_icmp_header *)skb->data; 374 375 /* add record route information if not full */ 376 if ((icmph->msg_type == BATADV_ECHO_REPLY || 377 icmph->msg_type == BATADV_ECHO_REQUEST) && 378 skb->len >= sizeof(struct batadv_icmp_packet_rr)) { 379 if (skb_linearize(skb) < 0) 380 goto free_skb; 381 382 /* create a copy of the skb, if needed, to modify it. */ 383 if (skb_cow(skb, ETH_HLEN) < 0) 384 goto free_skb; 385 386 ethhdr = eth_hdr(skb); 387 icmph = (struct batadv_icmp_header *)skb->data; 388 icmp_packet_rr = (struct batadv_icmp_packet_rr *)icmph; 389 if (icmp_packet_rr->rr_cur >= BATADV_RR_LEN) 390 goto free_skb; 391 392 ether_addr_copy(icmp_packet_rr->rr[icmp_packet_rr->rr_cur], 393 ethhdr->h_dest); 394 icmp_packet_rr->rr_cur++; 395 } 396 397 /* packet for me */ 398 if (batadv_is_my_mac(bat_priv, icmph->dst)) 399 return batadv_recv_my_icmp_packet(bat_priv, skb); 400 401 /* TTL exceeded */ 402 if (icmph->ttl < 2) 403 return batadv_recv_icmp_ttl_exceeded(bat_priv, skb); 404 405 /* get routing information */ 406 orig_node = batadv_orig_hash_find(bat_priv, icmph->dst); 407 if (!orig_node) 408 goto free_skb; 409 410 /* create a copy of the skb, if needed, to modify it. */ 411 if (skb_cow(skb, ETH_HLEN) < 0) 412 goto put_orig_node; 413 414 icmph = (struct batadv_icmp_header *)skb->data; 415 416 /* decrement ttl */ 417 icmph->ttl--; 418 419 /* route it */ 420 res = batadv_send_skb_to_orig(skb, orig_node, recv_if); 421 if (res == NET_XMIT_SUCCESS) 422 ret = NET_RX_SUCCESS; 423 424 /* skb was consumed */ 425 skb = NULL; 426 427 put_orig_node: 428 if (orig_node) 429 batadv_orig_node_put(orig_node); 430 free_skb: 431 kfree_skb(skb); 432 433 return ret; 434 } 435 436 /** 437 * batadv_check_unicast_packet() - Check for malformed unicast packets 438 * @bat_priv: the bat priv with all the soft interface information 439 * @skb: packet to check 440 * @hdr_size: size of header to pull 441 * 442 * Checks for short header and bad addresses in the given packet. 443 * 444 * Return: negative value when check fails and 0 otherwise. The negative value 445 * depends on the reason: -ENODATA for bad header, -EBADR for broadcast 446 * destination or source, and -EREMOTE for non-local (other host) destination. 447 */ 448 static int batadv_check_unicast_packet(struct batadv_priv *bat_priv, 449 struct sk_buff *skb, int hdr_size) 450 { 451 struct ethhdr *ethhdr; 452 453 /* drop packet if it has not necessary minimum size */ 454 if (unlikely(!pskb_may_pull(skb, hdr_size))) 455 return -ENODATA; 456 457 ethhdr = eth_hdr(skb); 458 459 /* packet with unicast indication but non-unicast recipient */ 460 if (!is_valid_ether_addr(ethhdr->h_dest)) 461 return -EBADR; 462 463 /* packet with broadcast/multicast sender address */ 464 if (is_multicast_ether_addr(ethhdr->h_source)) 465 return -EBADR; 466 467 /* not for me */ 468 if (!batadv_is_my_mac(bat_priv, ethhdr->h_dest)) 469 return -EREMOTE; 470 471 return 0; 472 } 473 474 /** 475 * batadv_last_bonding_get() - Get last_bonding_candidate of orig_node 476 * @orig_node: originator node whose last bonding candidate should be retrieved 477 * 478 * Return: last bonding candidate of router or NULL if not found 479 * 480 * The object is returned with refcounter increased by 1. 481 */ 482 static struct batadv_orig_ifinfo * 483 batadv_last_bonding_get(struct batadv_orig_node *orig_node) 484 { 485 struct batadv_orig_ifinfo *last_bonding_candidate; 486 487 spin_lock_bh(&orig_node->neigh_list_lock); 488 last_bonding_candidate = orig_node->last_bonding_candidate; 489 490 if (last_bonding_candidate) 491 kref_get(&last_bonding_candidate->refcount); 492 spin_unlock_bh(&orig_node->neigh_list_lock); 493 494 return last_bonding_candidate; 495 } 496 497 /** 498 * batadv_last_bonding_replace() - Replace last_bonding_candidate of orig_node 499 * @orig_node: originator node whose bonding candidates should be replaced 500 * @new_candidate: new bonding candidate or NULL 501 */ 502 static void 503 batadv_last_bonding_replace(struct batadv_orig_node *orig_node, 504 struct batadv_orig_ifinfo *new_candidate) 505 { 506 struct batadv_orig_ifinfo *old_candidate; 507 508 spin_lock_bh(&orig_node->neigh_list_lock); 509 old_candidate = orig_node->last_bonding_candidate; 510 511 if (new_candidate) 512 kref_get(&new_candidate->refcount); 513 orig_node->last_bonding_candidate = new_candidate; 514 spin_unlock_bh(&orig_node->neigh_list_lock); 515 516 if (old_candidate) 517 batadv_orig_ifinfo_put(old_candidate); 518 } 519 520 /** 521 * batadv_find_router() - find a suitable router for this originator 522 * @bat_priv: the bat priv with all the soft interface information 523 * @orig_node: the destination node 524 * @recv_if: pointer to interface this packet was received on 525 * 526 * Return: the router which should be used for this orig_node on 527 * this interface, or NULL if not available. 528 */ 529 struct batadv_neigh_node * 530 batadv_find_router(struct batadv_priv *bat_priv, 531 struct batadv_orig_node *orig_node, 532 struct batadv_hard_iface *recv_if) 533 { 534 struct batadv_algo_ops *bao = bat_priv->algo_ops; 535 struct batadv_neigh_node *first_candidate_router = NULL; 536 struct batadv_neigh_node *next_candidate_router = NULL; 537 struct batadv_neigh_node *router, *cand_router = NULL; 538 struct batadv_neigh_node *last_cand_router = NULL; 539 struct batadv_orig_ifinfo *cand, *first_candidate = NULL; 540 struct batadv_orig_ifinfo *next_candidate = NULL; 541 struct batadv_orig_ifinfo *last_candidate; 542 bool last_candidate_found = false; 543 544 if (!orig_node) 545 return NULL; 546 547 router = batadv_orig_router_get(orig_node, recv_if); 548 549 if (!router) 550 return router; 551 552 /* only consider bonding for recv_if == BATADV_IF_DEFAULT (first hop) 553 * and if activated. 554 */ 555 if (!(recv_if == BATADV_IF_DEFAULT && atomic_read(&bat_priv->bonding))) 556 return router; 557 558 /* bonding: loop through the list of possible routers found 559 * for the various outgoing interfaces and find a candidate after 560 * the last chosen bonding candidate (next_candidate). If no such 561 * router is found, use the first candidate found (the previously 562 * chosen bonding candidate might have been the last one in the list). 563 * If this can't be found either, return the previously chosen 564 * router - obviously there are no other candidates. 565 */ 566 rcu_read_lock(); 567 last_candidate = batadv_last_bonding_get(orig_node); 568 if (last_candidate) 569 last_cand_router = rcu_dereference(last_candidate->router); 570 571 hlist_for_each_entry_rcu(cand, &orig_node->ifinfo_list, list) { 572 /* acquire some structures and references ... */ 573 if (!kref_get_unless_zero(&cand->refcount)) 574 continue; 575 576 cand_router = rcu_dereference(cand->router); 577 if (!cand_router) 578 goto next; 579 580 if (!kref_get_unless_zero(&cand_router->refcount)) { 581 cand_router = NULL; 582 goto next; 583 } 584 585 /* alternative candidate should be good enough to be 586 * considered 587 */ 588 if (!bao->neigh.is_similar_or_better(cand_router, 589 cand->if_outgoing, router, 590 recv_if)) 591 goto next; 592 593 /* don't use the same router twice */ 594 if (last_cand_router == cand_router) 595 goto next; 596 597 /* mark the first possible candidate */ 598 if (!first_candidate) { 599 kref_get(&cand_router->refcount); 600 kref_get(&cand->refcount); 601 first_candidate = cand; 602 first_candidate_router = cand_router; 603 } 604 605 /* check if the loop has already passed the previously selected 606 * candidate ... this function should select the next candidate 607 * AFTER the previously used bonding candidate. 608 */ 609 if (!last_candidate || last_candidate_found) { 610 next_candidate = cand; 611 next_candidate_router = cand_router; 612 break; 613 } 614 615 if (last_candidate == cand) 616 last_candidate_found = true; 617 next: 618 /* free references */ 619 if (cand_router) { 620 batadv_neigh_node_put(cand_router); 621 cand_router = NULL; 622 } 623 batadv_orig_ifinfo_put(cand); 624 } 625 rcu_read_unlock(); 626 627 /* After finding candidates, handle the three cases: 628 * 1) there is a next candidate, use that 629 * 2) there is no next candidate, use the first of the list 630 * 3) there is no candidate at all, return the default router 631 */ 632 if (next_candidate) { 633 batadv_neigh_node_put(router); 634 635 kref_get(&next_candidate_router->refcount); 636 router = next_candidate_router; 637 batadv_last_bonding_replace(orig_node, next_candidate); 638 } else if (first_candidate) { 639 batadv_neigh_node_put(router); 640 641 kref_get(&first_candidate_router->refcount); 642 router = first_candidate_router; 643 batadv_last_bonding_replace(orig_node, first_candidate); 644 } else { 645 batadv_last_bonding_replace(orig_node, NULL); 646 } 647 648 /* cleanup of candidates */ 649 if (first_candidate) { 650 batadv_neigh_node_put(first_candidate_router); 651 batadv_orig_ifinfo_put(first_candidate); 652 } 653 654 if (next_candidate) { 655 batadv_neigh_node_put(next_candidate_router); 656 batadv_orig_ifinfo_put(next_candidate); 657 } 658 659 if (last_candidate) 660 batadv_orig_ifinfo_put(last_candidate); 661 662 return router; 663 } 664 665 static int batadv_route_unicast_packet(struct sk_buff *skb, 666 struct batadv_hard_iface *recv_if) 667 { 668 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 669 struct batadv_orig_node *orig_node = NULL; 670 struct batadv_unicast_packet *unicast_packet; 671 struct ethhdr *ethhdr = eth_hdr(skb); 672 int res, hdr_len, ret = NET_RX_DROP; 673 unsigned int len; 674 675 unicast_packet = (struct batadv_unicast_packet *)skb->data; 676 677 /* TTL exceeded */ 678 if (unicast_packet->ttl < 2) { 679 pr_debug("Warning - can't forward unicast packet from %pM to %pM: ttl exceeded\n", 680 ethhdr->h_source, unicast_packet->dest); 681 goto free_skb; 682 } 683 684 /* get routing information */ 685 orig_node = batadv_orig_hash_find(bat_priv, unicast_packet->dest); 686 687 if (!orig_node) 688 goto free_skb; 689 690 /* create a copy of the skb, if needed, to modify it. */ 691 if (skb_cow(skb, ETH_HLEN) < 0) 692 goto put_orig_node; 693 694 /* decrement ttl */ 695 unicast_packet = (struct batadv_unicast_packet *)skb->data; 696 unicast_packet->ttl--; 697 698 switch (unicast_packet->packet_type) { 699 case BATADV_UNICAST_4ADDR: 700 hdr_len = sizeof(struct batadv_unicast_4addr_packet); 701 break; 702 case BATADV_UNICAST: 703 hdr_len = sizeof(struct batadv_unicast_packet); 704 break; 705 default: 706 /* other packet types not supported - yet */ 707 hdr_len = -1; 708 break; 709 } 710 711 if (hdr_len > 0) 712 batadv_skb_set_priority(skb, hdr_len); 713 714 len = skb->len; 715 res = batadv_send_skb_to_orig(skb, orig_node, recv_if); 716 717 /* translate transmit result into receive result */ 718 if (res == NET_XMIT_SUCCESS) { 719 ret = NET_RX_SUCCESS; 720 /* skb was transmitted and consumed */ 721 batadv_inc_counter(bat_priv, BATADV_CNT_FORWARD); 722 batadv_add_counter(bat_priv, BATADV_CNT_FORWARD_BYTES, 723 len + ETH_HLEN); 724 } 725 726 /* skb was consumed */ 727 skb = NULL; 728 729 put_orig_node: 730 batadv_orig_node_put(orig_node); 731 free_skb: 732 kfree_skb(skb); 733 734 return ret; 735 } 736 737 /** 738 * batadv_reroute_unicast_packet() - update the unicast header for re-routing 739 * @bat_priv: the bat priv with all the soft interface information 740 * @skb: unicast packet to process 741 * @unicast_packet: the unicast header to be updated 742 * @dst_addr: the payload destination 743 * @vid: VLAN identifier 744 * 745 * Search the translation table for dst_addr and update the unicast header with 746 * the new corresponding information (originator address where the destination 747 * client currently is and its known TTVN) 748 * 749 * Return: true if the packet header has been updated, false otherwise 750 */ 751 static bool 752 batadv_reroute_unicast_packet(struct batadv_priv *bat_priv, struct sk_buff *skb, 753 struct batadv_unicast_packet *unicast_packet, 754 u8 *dst_addr, unsigned short vid) 755 { 756 struct batadv_orig_node *orig_node = NULL; 757 struct batadv_hard_iface *primary_if = NULL; 758 bool ret = false; 759 u8 *orig_addr, orig_ttvn; 760 761 if (batadv_is_my_client(bat_priv, dst_addr, vid)) { 762 primary_if = batadv_primary_if_get_selected(bat_priv); 763 if (!primary_if) 764 goto out; 765 orig_addr = primary_if->net_dev->dev_addr; 766 orig_ttvn = (u8)atomic_read(&bat_priv->tt.vn); 767 } else { 768 orig_node = batadv_transtable_search(bat_priv, NULL, dst_addr, 769 vid); 770 if (!orig_node) 771 goto out; 772 773 if (batadv_compare_eth(orig_node->orig, unicast_packet->dest)) 774 goto out; 775 776 orig_addr = orig_node->orig; 777 orig_ttvn = (u8)atomic_read(&orig_node->last_ttvn); 778 } 779 780 /* update the packet header */ 781 skb_postpull_rcsum(skb, unicast_packet, sizeof(*unicast_packet)); 782 ether_addr_copy(unicast_packet->dest, orig_addr); 783 unicast_packet->ttvn = orig_ttvn; 784 skb_postpush_rcsum(skb, unicast_packet, sizeof(*unicast_packet)); 785 786 ret = true; 787 out: 788 if (primary_if) 789 batadv_hardif_put(primary_if); 790 if (orig_node) 791 batadv_orig_node_put(orig_node); 792 793 return ret; 794 } 795 796 static bool batadv_check_unicast_ttvn(struct batadv_priv *bat_priv, 797 struct sk_buff *skb, int hdr_len) 798 { 799 struct batadv_unicast_packet *unicast_packet; 800 struct batadv_hard_iface *primary_if; 801 struct batadv_orig_node *orig_node; 802 u8 curr_ttvn, old_ttvn; 803 struct ethhdr *ethhdr; 804 unsigned short vid; 805 int is_old_ttvn; 806 807 /* check if there is enough data before accessing it */ 808 if (!pskb_may_pull(skb, hdr_len + ETH_HLEN)) 809 return false; 810 811 /* create a copy of the skb (in case of for re-routing) to modify it. */ 812 if (skb_cow(skb, sizeof(*unicast_packet)) < 0) 813 return false; 814 815 unicast_packet = (struct batadv_unicast_packet *)skb->data; 816 vid = batadv_get_vid(skb, hdr_len); 817 ethhdr = (struct ethhdr *)(skb->data + hdr_len); 818 819 /* do not reroute multicast frames in a unicast header */ 820 if (is_multicast_ether_addr(ethhdr->h_dest)) 821 return true; 822 823 /* check if the destination client was served by this node and it is now 824 * roaming. In this case, it means that the node has got a ROAM_ADV 825 * message and that it knows the new destination in the mesh to re-route 826 * the packet to 827 */ 828 if (batadv_tt_local_client_is_roaming(bat_priv, ethhdr->h_dest, vid)) { 829 if (batadv_reroute_unicast_packet(bat_priv, skb, unicast_packet, 830 ethhdr->h_dest, vid)) 831 batadv_dbg_ratelimited(BATADV_DBG_TT, 832 bat_priv, 833 "Rerouting unicast packet to %pM (dst=%pM): Local Roaming\n", 834 unicast_packet->dest, 835 ethhdr->h_dest); 836 /* at this point the mesh destination should have been 837 * substituted with the originator address found in the global 838 * table. If not, let the packet go untouched anyway because 839 * there is nothing the node can do 840 */ 841 return true; 842 } 843 844 /* retrieve the TTVN known by this node for the packet destination. This 845 * value is used later to check if the node which sent (or re-routed 846 * last time) the packet had an updated information or not 847 */ 848 curr_ttvn = (u8)atomic_read(&bat_priv->tt.vn); 849 if (!batadv_is_my_mac(bat_priv, unicast_packet->dest)) { 850 orig_node = batadv_orig_hash_find(bat_priv, 851 unicast_packet->dest); 852 /* if it is not possible to find the orig_node representing the 853 * destination, the packet can immediately be dropped as it will 854 * not be possible to deliver it 855 */ 856 if (!orig_node) 857 return false; 858 859 curr_ttvn = (u8)atomic_read(&orig_node->last_ttvn); 860 batadv_orig_node_put(orig_node); 861 } 862 863 /* check if the TTVN contained in the packet is fresher than what the 864 * node knows 865 */ 866 is_old_ttvn = batadv_seq_before(unicast_packet->ttvn, curr_ttvn); 867 if (!is_old_ttvn) 868 return true; 869 870 old_ttvn = unicast_packet->ttvn; 871 /* the packet was forged based on outdated network information. Its 872 * destination can possibly be updated and forwarded towards the new 873 * target host 874 */ 875 if (batadv_reroute_unicast_packet(bat_priv, skb, unicast_packet, 876 ethhdr->h_dest, vid)) { 877 batadv_dbg_ratelimited(BATADV_DBG_TT, bat_priv, 878 "Rerouting unicast packet to %pM (dst=%pM): TTVN mismatch old_ttvn=%u new_ttvn=%u\n", 879 unicast_packet->dest, ethhdr->h_dest, 880 old_ttvn, curr_ttvn); 881 return true; 882 } 883 884 /* the packet has not been re-routed: either the destination is 885 * currently served by this node or there is no destination at all and 886 * it is possible to drop the packet 887 */ 888 if (!batadv_is_my_client(bat_priv, ethhdr->h_dest, vid)) 889 return false; 890 891 /* update the header in order to let the packet be delivered to this 892 * node's soft interface 893 */ 894 primary_if = batadv_primary_if_get_selected(bat_priv); 895 if (!primary_if) 896 return false; 897 898 /* update the packet header */ 899 skb_postpull_rcsum(skb, unicast_packet, sizeof(*unicast_packet)); 900 ether_addr_copy(unicast_packet->dest, primary_if->net_dev->dev_addr); 901 unicast_packet->ttvn = curr_ttvn; 902 skb_postpush_rcsum(skb, unicast_packet, sizeof(*unicast_packet)); 903 904 batadv_hardif_put(primary_if); 905 906 return true; 907 } 908 909 /** 910 * batadv_recv_unhandled_unicast_packet() - receive and process packets which 911 * are in the unicast number space but not yet known to the implementation 912 * @skb: unicast tvlv packet to process 913 * @recv_if: pointer to interface this packet was received on 914 * 915 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP 916 * otherwise. 917 */ 918 int batadv_recv_unhandled_unicast_packet(struct sk_buff *skb, 919 struct batadv_hard_iface *recv_if) 920 { 921 struct batadv_unicast_packet *unicast_packet; 922 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 923 int check, hdr_size = sizeof(*unicast_packet); 924 925 check = batadv_check_unicast_packet(bat_priv, skb, hdr_size); 926 if (check < 0) 927 goto free_skb; 928 929 /* we don't know about this type, drop it. */ 930 unicast_packet = (struct batadv_unicast_packet *)skb->data; 931 if (batadv_is_my_mac(bat_priv, unicast_packet->dest)) 932 goto free_skb; 933 934 return batadv_route_unicast_packet(skb, recv_if); 935 936 free_skb: 937 kfree_skb(skb); 938 return NET_RX_DROP; 939 } 940 941 /** 942 * batadv_recv_unicast_packet() - Process incoming unicast packet 943 * @skb: incoming packet buffer 944 * @recv_if: incoming hard interface 945 * 946 * Return: NET_RX_SUCCESS on success or NET_RX_DROP in case of failure 947 */ 948 int batadv_recv_unicast_packet(struct sk_buff *skb, 949 struct batadv_hard_iface *recv_if) 950 { 951 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 952 struct batadv_unicast_packet *unicast_packet; 953 struct batadv_unicast_4addr_packet *unicast_4addr_packet; 954 u8 *orig_addr, *orig_addr_gw; 955 struct batadv_orig_node *orig_node = NULL, *orig_node_gw = NULL; 956 int check, hdr_size = sizeof(*unicast_packet); 957 enum batadv_subtype subtype; 958 int ret = NET_RX_DROP; 959 bool is4addr, is_gw; 960 961 unicast_packet = (struct batadv_unicast_packet *)skb->data; 962 is4addr = unicast_packet->packet_type == BATADV_UNICAST_4ADDR; 963 /* the caller function should have already pulled 2 bytes */ 964 if (is4addr) 965 hdr_size = sizeof(*unicast_4addr_packet); 966 967 /* function returns -EREMOTE for promiscuous packets */ 968 check = batadv_check_unicast_packet(bat_priv, skb, hdr_size); 969 970 /* Even though the packet is not for us, we might save it to use for 971 * decoding a later received coded packet 972 */ 973 if (check == -EREMOTE) 974 batadv_nc_skb_store_sniffed_unicast(bat_priv, skb); 975 976 if (check < 0) 977 goto free_skb; 978 if (!batadv_check_unicast_ttvn(bat_priv, skb, hdr_size)) 979 goto free_skb; 980 981 unicast_packet = (struct batadv_unicast_packet *)skb->data; 982 983 /* packet for me */ 984 if (batadv_is_my_mac(bat_priv, unicast_packet->dest)) { 985 /* If this is a unicast packet from another backgone gw, 986 * drop it. 987 */ 988 orig_addr_gw = eth_hdr(skb)->h_source; 989 orig_node_gw = batadv_orig_hash_find(bat_priv, orig_addr_gw); 990 if (orig_node_gw) { 991 is_gw = batadv_bla_is_backbone_gw(skb, orig_node_gw, 992 hdr_size); 993 batadv_orig_node_put(orig_node_gw); 994 if (is_gw) { 995 batadv_dbg(BATADV_DBG_BLA, bat_priv, 996 "%s(): Dropped unicast pkt received from another backbone gw %pM.\n", 997 __func__, orig_addr_gw); 998 goto free_skb; 999 } 1000 } 1001 1002 if (is4addr) { 1003 unicast_4addr_packet = 1004 (struct batadv_unicast_4addr_packet *)skb->data; 1005 subtype = unicast_4addr_packet->subtype; 1006 batadv_dat_inc_counter(bat_priv, subtype); 1007 1008 /* Only payload data should be considered for speedy 1009 * join. For example, DAT also uses unicast 4addr 1010 * types, but those packets should not be considered 1011 * for speedy join, since the clients do not actually 1012 * reside at the sending originator. 1013 */ 1014 if (subtype == BATADV_P_DATA) { 1015 orig_addr = unicast_4addr_packet->src; 1016 orig_node = batadv_orig_hash_find(bat_priv, 1017 orig_addr); 1018 } 1019 } 1020 1021 if (batadv_dat_snoop_incoming_arp_request(bat_priv, skb, 1022 hdr_size)) 1023 goto rx_success; 1024 if (batadv_dat_snoop_incoming_arp_reply(bat_priv, skb, 1025 hdr_size)) 1026 goto rx_success; 1027 1028 batadv_dat_snoop_incoming_dhcp_ack(bat_priv, skb, hdr_size); 1029 1030 batadv_interface_rx(recv_if->soft_iface, skb, hdr_size, 1031 orig_node); 1032 1033 rx_success: 1034 if (orig_node) 1035 batadv_orig_node_put(orig_node); 1036 1037 return NET_RX_SUCCESS; 1038 } 1039 1040 ret = batadv_route_unicast_packet(skb, recv_if); 1041 /* skb was consumed */ 1042 skb = NULL; 1043 1044 free_skb: 1045 kfree_skb(skb); 1046 1047 return ret; 1048 } 1049 1050 /** 1051 * batadv_recv_unicast_tvlv() - receive and process unicast tvlv packets 1052 * @skb: unicast tvlv packet to process 1053 * @recv_if: pointer to interface this packet was received on 1054 * 1055 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP 1056 * otherwise. 1057 */ 1058 int batadv_recv_unicast_tvlv(struct sk_buff *skb, 1059 struct batadv_hard_iface *recv_if) 1060 { 1061 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1062 struct batadv_unicast_tvlv_packet *unicast_tvlv_packet; 1063 unsigned char *tvlv_buff; 1064 u16 tvlv_buff_len; 1065 int hdr_size = sizeof(*unicast_tvlv_packet); 1066 int ret = NET_RX_DROP; 1067 1068 if (batadv_check_unicast_packet(bat_priv, skb, hdr_size) < 0) 1069 goto free_skb; 1070 1071 /* the header is likely to be modified while forwarding */ 1072 if (skb_cow(skb, hdr_size) < 0) 1073 goto free_skb; 1074 1075 /* packet needs to be linearized to access the tvlv content */ 1076 if (skb_linearize(skb) < 0) 1077 goto free_skb; 1078 1079 unicast_tvlv_packet = (struct batadv_unicast_tvlv_packet *)skb->data; 1080 1081 tvlv_buff = (unsigned char *)(skb->data + hdr_size); 1082 tvlv_buff_len = ntohs(unicast_tvlv_packet->tvlv_len); 1083 1084 if (tvlv_buff_len > skb->len - hdr_size) 1085 goto free_skb; 1086 1087 ret = batadv_tvlv_containers_process(bat_priv, false, NULL, 1088 unicast_tvlv_packet->src, 1089 unicast_tvlv_packet->dst, 1090 tvlv_buff, tvlv_buff_len); 1091 1092 if (ret != NET_RX_SUCCESS) { 1093 ret = batadv_route_unicast_packet(skb, recv_if); 1094 /* skb was consumed */ 1095 skb = NULL; 1096 } 1097 1098 free_skb: 1099 kfree_skb(skb); 1100 1101 return ret; 1102 } 1103 1104 /** 1105 * batadv_recv_frag_packet() - process received fragment 1106 * @skb: the received fragment 1107 * @recv_if: interface that the skb is received on 1108 * 1109 * This function does one of the three following things: 1) Forward fragment, if 1110 * the assembled packet will exceed our MTU; 2) Buffer fragment, if we still 1111 * lack further fragments; 3) Merge fragments, if we have all needed parts. 1112 * 1113 * Return: NET_RX_DROP if the skb is not consumed, NET_RX_SUCCESS otherwise. 1114 */ 1115 int batadv_recv_frag_packet(struct sk_buff *skb, 1116 struct batadv_hard_iface *recv_if) 1117 { 1118 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1119 struct batadv_orig_node *orig_node_src = NULL; 1120 struct batadv_frag_packet *frag_packet; 1121 int ret = NET_RX_DROP; 1122 1123 if (batadv_check_unicast_packet(bat_priv, skb, 1124 sizeof(*frag_packet)) < 0) 1125 goto free_skb; 1126 1127 frag_packet = (struct batadv_frag_packet *)skb->data; 1128 orig_node_src = batadv_orig_hash_find(bat_priv, frag_packet->orig); 1129 if (!orig_node_src) 1130 goto free_skb; 1131 1132 skb->priority = frag_packet->priority + 256; 1133 1134 /* Route the fragment if it is not for us and too big to be merged. */ 1135 if (!batadv_is_my_mac(bat_priv, frag_packet->dest) && 1136 batadv_frag_skb_fwd(skb, recv_if, orig_node_src)) { 1137 /* skb was consumed */ 1138 skb = NULL; 1139 ret = NET_RX_SUCCESS; 1140 goto put_orig_node; 1141 } 1142 1143 batadv_inc_counter(bat_priv, BATADV_CNT_FRAG_RX); 1144 batadv_add_counter(bat_priv, BATADV_CNT_FRAG_RX_BYTES, skb->len); 1145 1146 /* Add fragment to buffer and merge if possible. */ 1147 if (!batadv_frag_skb_buffer(&skb, orig_node_src)) 1148 goto put_orig_node; 1149 1150 /* Deliver merged packet to the appropriate handler, if it was 1151 * merged 1152 */ 1153 if (skb) { 1154 batadv_batman_skb_recv(skb, recv_if->net_dev, 1155 &recv_if->batman_adv_ptype, NULL); 1156 /* skb was consumed */ 1157 skb = NULL; 1158 } 1159 1160 ret = NET_RX_SUCCESS; 1161 1162 put_orig_node: 1163 batadv_orig_node_put(orig_node_src); 1164 free_skb: 1165 kfree_skb(skb); 1166 1167 return ret; 1168 } 1169 1170 /** 1171 * batadv_recv_bcast_packet() - Process incoming broadcast packet 1172 * @skb: incoming packet buffer 1173 * @recv_if: incoming hard interface 1174 * 1175 * Return: NET_RX_SUCCESS on success or NET_RX_DROP in case of failure 1176 */ 1177 int batadv_recv_bcast_packet(struct sk_buff *skb, 1178 struct batadv_hard_iface *recv_if) 1179 { 1180 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface); 1181 struct batadv_orig_node *orig_node = NULL; 1182 struct batadv_bcast_packet *bcast_packet; 1183 struct ethhdr *ethhdr; 1184 int hdr_size = sizeof(*bcast_packet); 1185 int ret = NET_RX_DROP; 1186 s32 seq_diff; 1187 u32 seqno; 1188 1189 /* drop packet if it has not necessary minimum size */ 1190 if (unlikely(!pskb_may_pull(skb, hdr_size))) 1191 goto free_skb; 1192 1193 ethhdr = eth_hdr(skb); 1194 1195 /* packet with broadcast indication but unicast recipient */ 1196 if (!is_broadcast_ether_addr(ethhdr->h_dest)) 1197 goto free_skb; 1198 1199 /* packet with broadcast/multicast sender address */ 1200 if (is_multicast_ether_addr(ethhdr->h_source)) 1201 goto free_skb; 1202 1203 /* ignore broadcasts sent by myself */ 1204 if (batadv_is_my_mac(bat_priv, ethhdr->h_source)) 1205 goto free_skb; 1206 1207 bcast_packet = (struct batadv_bcast_packet *)skb->data; 1208 1209 /* ignore broadcasts originated by myself */ 1210 if (batadv_is_my_mac(bat_priv, bcast_packet->orig)) 1211 goto free_skb; 1212 1213 if (bcast_packet->ttl < 2) 1214 goto free_skb; 1215 1216 orig_node = batadv_orig_hash_find(bat_priv, bcast_packet->orig); 1217 1218 if (!orig_node) 1219 goto free_skb; 1220 1221 spin_lock_bh(&orig_node->bcast_seqno_lock); 1222 1223 seqno = ntohl(bcast_packet->seqno); 1224 /* check whether the packet is a duplicate */ 1225 if (batadv_test_bit(orig_node->bcast_bits, orig_node->last_bcast_seqno, 1226 seqno)) 1227 goto spin_unlock; 1228 1229 seq_diff = seqno - orig_node->last_bcast_seqno; 1230 1231 /* check whether the packet is old and the host just restarted. */ 1232 if (batadv_window_protected(bat_priv, seq_diff, 1233 BATADV_BCAST_MAX_AGE, 1234 &orig_node->bcast_seqno_reset, NULL)) 1235 goto spin_unlock; 1236 1237 /* mark broadcast in flood history, update window position 1238 * if required. 1239 */ 1240 if (batadv_bit_get_packet(bat_priv, orig_node->bcast_bits, seq_diff, 1)) 1241 orig_node->last_bcast_seqno = seqno; 1242 1243 spin_unlock_bh(&orig_node->bcast_seqno_lock); 1244 1245 /* check whether this has been sent by another originator before */ 1246 if (batadv_bla_check_bcast_duplist(bat_priv, skb)) 1247 goto free_skb; 1248 1249 batadv_skb_set_priority(skb, sizeof(struct batadv_bcast_packet)); 1250 1251 /* rebroadcast packet */ 1252 batadv_add_bcast_packet_to_list(bat_priv, skb, 1, false); 1253 1254 /* don't hand the broadcast up if it is from an originator 1255 * from the same backbone. 1256 */ 1257 if (batadv_bla_is_backbone_gw(skb, orig_node, hdr_size)) 1258 goto free_skb; 1259 1260 if (batadv_dat_snoop_incoming_arp_request(bat_priv, skb, hdr_size)) 1261 goto rx_success; 1262 if (batadv_dat_snoop_incoming_arp_reply(bat_priv, skb, hdr_size)) 1263 goto rx_success; 1264 1265 batadv_dat_snoop_incoming_dhcp_ack(bat_priv, skb, hdr_size); 1266 1267 /* broadcast for me */ 1268 batadv_interface_rx(recv_if->soft_iface, skb, hdr_size, orig_node); 1269 1270 rx_success: 1271 ret = NET_RX_SUCCESS; 1272 goto out; 1273 1274 spin_unlock: 1275 spin_unlock_bh(&orig_node->bcast_seqno_lock); 1276 free_skb: 1277 kfree_skb(skb); 1278 out: 1279 if (orig_node) 1280 batadv_orig_node_put(orig_node); 1281 return ret; 1282 } 1283