1 // SPDX-License-Identifier: GPL-2.0 2 // Copyright (c) 2010-2011 EIA Electronics, 3 // Kurt Van Dijck <kurt.van.dijck@eia.be> 4 // Copyright (c) 2018 Protonic, 5 // Robin van der Gracht <robin@protonic.nl> 6 // Copyright (c) 2017-2019 Pengutronix, 7 // Marc Kleine-Budde <kernel@pengutronix.de> 8 // Copyright (c) 2017-2019 Pengutronix, 9 // Oleksij Rempel <kernel@pengutronix.de> 10 11 #include <linux/can/skb.h> 12 13 #include "j1939-priv.h" 14 15 #define J1939_XTP_TX_RETRY_LIMIT 100 16 17 #define J1939_ETP_PGN_CTL 0xc800 18 #define J1939_ETP_PGN_DAT 0xc700 19 #define J1939_TP_PGN_CTL 0xec00 20 #define J1939_TP_PGN_DAT 0xeb00 21 22 #define J1939_TP_CMD_RTS 0x10 23 #define J1939_TP_CMD_CTS 0x11 24 #define J1939_TP_CMD_EOMA 0x13 25 #define J1939_TP_CMD_BAM 0x20 26 #define J1939_TP_CMD_ABORT 0xff 27 28 #define J1939_ETP_CMD_RTS 0x14 29 #define J1939_ETP_CMD_CTS 0x15 30 #define J1939_ETP_CMD_DPO 0x16 31 #define J1939_ETP_CMD_EOMA 0x17 32 #define J1939_ETP_CMD_ABORT 0xff 33 34 enum j1939_xtp_abort { 35 J1939_XTP_NO_ABORT = 0, 36 J1939_XTP_ABORT_BUSY = 1, 37 /* Already in one or more connection managed sessions and 38 * cannot support another. 39 * 40 * EALREADY: 41 * Operation already in progress 42 */ 43 44 J1939_XTP_ABORT_RESOURCE = 2, 45 /* System resources were needed for another task so this 46 * connection managed session was terminated. 47 * 48 * EMSGSIZE: 49 * The socket type requires that message be sent atomically, 50 * and the size of the message to be sent made this 51 * impossible. 52 */ 53 54 J1939_XTP_ABORT_TIMEOUT = 3, 55 /* A timeout occurred and this is the connection abort to 56 * close the session. 57 * 58 * EHOSTUNREACH: 59 * The destination host cannot be reached (probably because 60 * the host is down or a remote router cannot reach it). 61 */ 62 63 J1939_XTP_ABORT_GENERIC = 4, 64 /* CTS messages received when data transfer is in progress 65 * 66 * EBADMSG: 67 * Not a data message 68 */ 69 70 J1939_XTP_ABORT_FAULT = 5, 71 /* Maximal retransmit request limit reached 72 * 73 * ENOTRECOVERABLE: 74 * State not recoverable 75 */ 76 77 J1939_XTP_ABORT_UNEXPECTED_DATA = 6, 78 /* Unexpected data transfer packet 79 * 80 * ENOTCONN: 81 * Transport endpoint is not connected 82 */ 83 84 J1939_XTP_ABORT_BAD_SEQ = 7, 85 /* Bad sequence number (and software is not able to recover) 86 * 87 * EILSEQ: 88 * Illegal byte sequence 89 */ 90 91 J1939_XTP_ABORT_DUP_SEQ = 8, 92 /* Duplicate sequence number (and software is not able to 93 * recover) 94 */ 95 96 J1939_XTP_ABORT_EDPO_UNEXPECTED = 9, 97 /* Unexpected EDPO packet (ETP) or Message size > 1785 bytes 98 * (TP) 99 */ 100 101 J1939_XTP_ABORT_BAD_EDPO_PGN = 10, 102 /* Unexpected EDPO PGN (PGN in EDPO is bad) */ 103 104 J1939_XTP_ABORT_EDPO_OUTOF_CTS = 11, 105 /* EDPO number of packets is greater than CTS */ 106 107 J1939_XTP_ABORT_BAD_EDPO_OFFSET = 12, 108 /* Bad EDPO offset */ 109 110 J1939_XTP_ABORT_OTHER_DEPRECATED = 13, 111 /* Deprecated. Use 250 instead (Any other reason) */ 112 113 J1939_XTP_ABORT_ECTS_UNXPECTED_PGN = 14, 114 /* Unexpected ECTS PGN (PGN in ECTS is bad) */ 115 116 J1939_XTP_ABORT_ECTS_TOO_BIG = 15, 117 /* ECTS requested packets exceeds message size */ 118 119 J1939_XTP_ABORT_OTHER = 250, 120 /* Any other reason (if a Connection Abort reason is 121 * identified that is not listed in the table use code 250) 122 */ 123 }; 124 125 static unsigned int j1939_tp_block = 255; 126 static unsigned int j1939_tp_packet_delay; 127 static unsigned int j1939_tp_padding = 1; 128 129 /* helpers */ 130 static const char *j1939_xtp_abort_to_str(enum j1939_xtp_abort abort) 131 { 132 switch (abort) { 133 case J1939_XTP_ABORT_BUSY: 134 return "Already in one or more connection managed sessions and cannot support another."; 135 case J1939_XTP_ABORT_RESOURCE: 136 return "System resources were needed for another task so this connection managed session was terminated."; 137 case J1939_XTP_ABORT_TIMEOUT: 138 return "A timeout occurred and this is the connection abort to close the session."; 139 case J1939_XTP_ABORT_GENERIC: 140 return "CTS messages received when data transfer is in progress"; 141 case J1939_XTP_ABORT_FAULT: 142 return "Maximal retransmit request limit reached"; 143 case J1939_XTP_ABORT_UNEXPECTED_DATA: 144 return "Unexpected data transfer packet"; 145 case J1939_XTP_ABORT_BAD_SEQ: 146 return "Bad sequence number (and software is not able to recover)"; 147 case J1939_XTP_ABORT_DUP_SEQ: 148 return "Duplicate sequence number (and software is not able to recover)"; 149 case J1939_XTP_ABORT_EDPO_UNEXPECTED: 150 return "Unexpected EDPO packet (ETP) or Message size > 1785 bytes (TP)"; 151 case J1939_XTP_ABORT_BAD_EDPO_PGN: 152 return "Unexpected EDPO PGN (PGN in EDPO is bad)"; 153 case J1939_XTP_ABORT_EDPO_OUTOF_CTS: 154 return "EDPO number of packets is greater than CTS"; 155 case J1939_XTP_ABORT_BAD_EDPO_OFFSET: 156 return "Bad EDPO offset"; 157 case J1939_XTP_ABORT_OTHER_DEPRECATED: 158 return "Deprecated. Use 250 instead (Any other reason)"; 159 case J1939_XTP_ABORT_ECTS_UNXPECTED_PGN: 160 return "Unexpected ECTS PGN (PGN in ECTS is bad)"; 161 case J1939_XTP_ABORT_ECTS_TOO_BIG: 162 return "ECTS requested packets exceeds message size"; 163 case J1939_XTP_ABORT_OTHER: 164 return "Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250)"; 165 default: 166 return "<unknown>"; 167 } 168 } 169 170 static int j1939_xtp_abort_to_errno(struct j1939_priv *priv, 171 enum j1939_xtp_abort abort) 172 { 173 int err; 174 175 switch (abort) { 176 case J1939_XTP_NO_ABORT: 177 WARN_ON_ONCE(abort == J1939_XTP_NO_ABORT); 178 err = 0; 179 break; 180 case J1939_XTP_ABORT_BUSY: 181 err = EALREADY; 182 break; 183 case J1939_XTP_ABORT_RESOURCE: 184 err = EMSGSIZE; 185 break; 186 case J1939_XTP_ABORT_TIMEOUT: 187 err = EHOSTUNREACH; 188 break; 189 case J1939_XTP_ABORT_GENERIC: 190 err = EBADMSG; 191 break; 192 case J1939_XTP_ABORT_FAULT: 193 err = ENOTRECOVERABLE; 194 break; 195 case J1939_XTP_ABORT_UNEXPECTED_DATA: 196 err = ENOTCONN; 197 break; 198 case J1939_XTP_ABORT_BAD_SEQ: 199 err = EILSEQ; 200 break; 201 case J1939_XTP_ABORT_DUP_SEQ: 202 err = EPROTO; 203 break; 204 case J1939_XTP_ABORT_EDPO_UNEXPECTED: 205 err = EPROTO; 206 break; 207 case J1939_XTP_ABORT_BAD_EDPO_PGN: 208 err = EPROTO; 209 break; 210 case J1939_XTP_ABORT_EDPO_OUTOF_CTS: 211 err = EPROTO; 212 break; 213 case J1939_XTP_ABORT_BAD_EDPO_OFFSET: 214 err = EPROTO; 215 break; 216 case J1939_XTP_ABORT_OTHER_DEPRECATED: 217 err = EPROTO; 218 break; 219 case J1939_XTP_ABORT_ECTS_UNXPECTED_PGN: 220 err = EPROTO; 221 break; 222 case J1939_XTP_ABORT_ECTS_TOO_BIG: 223 err = EPROTO; 224 break; 225 case J1939_XTP_ABORT_OTHER: 226 err = EPROTO; 227 break; 228 default: 229 netdev_warn(priv->ndev, "Unknown abort code %i", abort); 230 err = EPROTO; 231 } 232 233 return err; 234 } 235 236 static inline void j1939_session_list_lock(struct j1939_priv *priv) 237 { 238 spin_lock_bh(&priv->active_session_list_lock); 239 } 240 241 static inline void j1939_session_list_unlock(struct j1939_priv *priv) 242 { 243 spin_unlock_bh(&priv->active_session_list_lock); 244 } 245 246 void j1939_session_get(struct j1939_session *session) 247 { 248 kref_get(&session->kref); 249 } 250 251 /* session completion functions */ 252 static void __j1939_session_drop(struct j1939_session *session) 253 { 254 if (!session->transmission) 255 return; 256 257 j1939_sock_pending_del(session->sk); 258 sock_put(session->sk); 259 } 260 261 static void j1939_session_destroy(struct j1939_session *session) 262 { 263 struct sk_buff *skb; 264 265 if (session->transmission) { 266 if (session->err) 267 j1939_sk_errqueue(session, J1939_ERRQUEUE_TX_ABORT); 268 else 269 j1939_sk_errqueue(session, J1939_ERRQUEUE_TX_ACK); 270 } else if (session->err) { 271 j1939_sk_errqueue(session, J1939_ERRQUEUE_RX_ABORT); 272 } 273 274 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", __func__, session); 275 276 WARN_ON_ONCE(!list_empty(&session->sk_session_queue_entry)); 277 WARN_ON_ONCE(!list_empty(&session->active_session_list_entry)); 278 279 while ((skb = skb_dequeue(&session->skb_queue)) != NULL) { 280 /* drop ref taken in j1939_session_skb_queue() */ 281 skb_unref(skb); 282 kfree_skb(skb); 283 } 284 __j1939_session_drop(session); 285 j1939_priv_put(session->priv); 286 kfree(session); 287 } 288 289 static void __j1939_session_release(struct kref *kref) 290 { 291 struct j1939_session *session = container_of(kref, struct j1939_session, 292 kref); 293 294 j1939_session_destroy(session); 295 } 296 297 void j1939_session_put(struct j1939_session *session) 298 { 299 kref_put(&session->kref, __j1939_session_release); 300 } 301 302 static void j1939_session_txtimer_cancel(struct j1939_session *session) 303 { 304 if (hrtimer_cancel(&session->txtimer)) 305 j1939_session_put(session); 306 } 307 308 static void j1939_session_rxtimer_cancel(struct j1939_session *session) 309 { 310 if (hrtimer_cancel(&session->rxtimer)) 311 j1939_session_put(session); 312 } 313 314 void j1939_session_timers_cancel(struct j1939_session *session) 315 { 316 j1939_session_txtimer_cancel(session); 317 j1939_session_rxtimer_cancel(session); 318 } 319 320 static inline bool j1939_cb_is_broadcast(const struct j1939_sk_buff_cb *skcb) 321 { 322 return (!skcb->addr.dst_name && (skcb->addr.da == 0xff)); 323 } 324 325 static void j1939_session_skb_drop_old(struct j1939_session *session) 326 { 327 struct sk_buff *do_skb; 328 struct j1939_sk_buff_cb *do_skcb; 329 unsigned int offset_start; 330 unsigned long flags; 331 332 if (skb_queue_len(&session->skb_queue) < 2) 333 return; 334 335 offset_start = session->pkt.tx_acked * 7; 336 337 spin_lock_irqsave(&session->skb_queue.lock, flags); 338 do_skb = skb_peek(&session->skb_queue); 339 do_skcb = j1939_skb_to_cb(do_skb); 340 341 if ((do_skcb->offset + do_skb->len) < offset_start) { 342 __skb_unlink(do_skb, &session->skb_queue); 343 /* drop ref taken in j1939_session_skb_queue() */ 344 skb_unref(do_skb); 345 346 kfree_skb(do_skb); 347 } 348 spin_unlock_irqrestore(&session->skb_queue.lock, flags); 349 } 350 351 void j1939_session_skb_queue(struct j1939_session *session, 352 struct sk_buff *skb) 353 { 354 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 355 struct j1939_priv *priv = session->priv; 356 357 j1939_ac_fixup(priv, skb); 358 359 if (j1939_address_is_unicast(skcb->addr.da) && 360 priv->ents[skcb->addr.da].nusers) 361 skcb->flags |= J1939_ECU_LOCAL_DST; 362 363 skcb->flags |= J1939_ECU_LOCAL_SRC; 364 365 skb_get(skb); 366 skb_queue_tail(&session->skb_queue, skb); 367 } 368 369 static struct 370 sk_buff *j1939_session_skb_get_by_offset(struct j1939_session *session, 371 unsigned int offset_start) 372 { 373 struct j1939_priv *priv = session->priv; 374 struct j1939_sk_buff_cb *do_skcb; 375 struct sk_buff *skb = NULL; 376 struct sk_buff *do_skb; 377 unsigned long flags; 378 379 spin_lock_irqsave(&session->skb_queue.lock, flags); 380 skb_queue_walk(&session->skb_queue, do_skb) { 381 do_skcb = j1939_skb_to_cb(do_skb); 382 383 if (offset_start >= do_skcb->offset && 384 offset_start < (do_skcb->offset + do_skb->len)) { 385 skb = do_skb; 386 } 387 } 388 389 if (skb) 390 skb_get(skb); 391 392 spin_unlock_irqrestore(&session->skb_queue.lock, flags); 393 394 if (!skb) 395 netdev_dbg(priv->ndev, "%s: 0x%p: no skb found for start: %i, queue size: %i\n", 396 __func__, session, offset_start, 397 skb_queue_len(&session->skb_queue)); 398 399 return skb; 400 } 401 402 static struct sk_buff *j1939_session_skb_get(struct j1939_session *session) 403 { 404 unsigned int offset_start; 405 406 offset_start = session->pkt.dpo * 7; 407 return j1939_session_skb_get_by_offset(session, offset_start); 408 } 409 410 /* see if we are receiver 411 * returns 0 for broadcasts, although we will receive them 412 */ 413 static inline int j1939_tp_im_receiver(const struct j1939_sk_buff_cb *skcb) 414 { 415 return skcb->flags & J1939_ECU_LOCAL_DST; 416 } 417 418 /* see if we are sender */ 419 static inline int j1939_tp_im_transmitter(const struct j1939_sk_buff_cb *skcb) 420 { 421 return skcb->flags & J1939_ECU_LOCAL_SRC; 422 } 423 424 /* see if we are involved as either receiver or transmitter */ 425 static int j1939_tp_im_involved(const struct j1939_sk_buff_cb *skcb, bool swap) 426 { 427 if (swap) 428 return j1939_tp_im_receiver(skcb); 429 else 430 return j1939_tp_im_transmitter(skcb); 431 } 432 433 static int j1939_tp_im_involved_anydir(struct j1939_sk_buff_cb *skcb) 434 { 435 return skcb->flags & (J1939_ECU_LOCAL_SRC | J1939_ECU_LOCAL_DST); 436 } 437 438 /* extract pgn from flow-ctl message */ 439 static inline pgn_t j1939_xtp_ctl_to_pgn(const u8 *dat) 440 { 441 pgn_t pgn; 442 443 pgn = (dat[7] << 16) | (dat[6] << 8) | (dat[5] << 0); 444 if (j1939_pgn_is_pdu1(pgn)) 445 pgn &= 0xffff00; 446 return pgn; 447 } 448 449 static inline unsigned int j1939_tp_ctl_to_size(const u8 *dat) 450 { 451 return (dat[2] << 8) + (dat[1] << 0); 452 } 453 454 static inline unsigned int j1939_etp_ctl_to_packet(const u8 *dat) 455 { 456 return (dat[4] << 16) | (dat[3] << 8) | (dat[2] << 0); 457 } 458 459 static inline unsigned int j1939_etp_ctl_to_size(const u8 *dat) 460 { 461 return (dat[4] << 24) | (dat[3] << 16) | 462 (dat[2] << 8) | (dat[1] << 0); 463 } 464 465 /* find existing session: 466 * reverse: swap cb's src & dst 467 * there is no problem with matching broadcasts, since 468 * broadcasts (no dst, no da) would never call this 469 * with reverse == true 470 */ 471 static bool j1939_session_match(struct j1939_addr *se_addr, 472 struct j1939_addr *sk_addr, bool reverse) 473 { 474 if (se_addr->type != sk_addr->type) 475 return false; 476 477 if (reverse) { 478 if (se_addr->src_name) { 479 if (se_addr->src_name != sk_addr->dst_name) 480 return false; 481 } else if (se_addr->sa != sk_addr->da) { 482 return false; 483 } 484 485 if (se_addr->dst_name) { 486 if (se_addr->dst_name != sk_addr->src_name) 487 return false; 488 } else if (se_addr->da != sk_addr->sa) { 489 return false; 490 } 491 } else { 492 if (se_addr->src_name) { 493 if (se_addr->src_name != sk_addr->src_name) 494 return false; 495 } else if (se_addr->sa != sk_addr->sa) { 496 return false; 497 } 498 499 if (se_addr->dst_name) { 500 if (se_addr->dst_name != sk_addr->dst_name) 501 return false; 502 } else if (se_addr->da != sk_addr->da) { 503 return false; 504 } 505 } 506 507 return true; 508 } 509 510 static struct 511 j1939_session *j1939_session_get_by_addr_locked(struct j1939_priv *priv, 512 struct list_head *root, 513 struct j1939_addr *addr, 514 bool reverse, bool transmitter) 515 { 516 struct j1939_session *session; 517 518 lockdep_assert_held(&priv->active_session_list_lock); 519 520 list_for_each_entry(session, root, active_session_list_entry) { 521 j1939_session_get(session); 522 if (j1939_session_match(&session->skcb.addr, addr, reverse) && 523 session->transmission == transmitter) 524 return session; 525 j1939_session_put(session); 526 } 527 528 return NULL; 529 } 530 531 static struct 532 j1939_session *j1939_session_get_simple(struct j1939_priv *priv, 533 struct sk_buff *skb) 534 { 535 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 536 struct j1939_session *session; 537 538 lockdep_assert_held(&priv->active_session_list_lock); 539 540 list_for_each_entry(session, &priv->active_session_list, 541 active_session_list_entry) { 542 j1939_session_get(session); 543 if (session->skcb.addr.type == J1939_SIMPLE && 544 session->tskey == skcb->tskey && session->sk == skb->sk) 545 return session; 546 j1939_session_put(session); 547 } 548 549 return NULL; 550 } 551 552 static struct 553 j1939_session *j1939_session_get_by_addr(struct j1939_priv *priv, 554 struct j1939_addr *addr, 555 bool reverse, bool transmitter) 556 { 557 struct j1939_session *session; 558 559 j1939_session_list_lock(priv); 560 session = j1939_session_get_by_addr_locked(priv, 561 &priv->active_session_list, 562 addr, reverse, transmitter); 563 j1939_session_list_unlock(priv); 564 565 return session; 566 } 567 568 static void j1939_skbcb_swap(struct j1939_sk_buff_cb *skcb) 569 { 570 u8 tmp = 0; 571 572 swap(skcb->addr.dst_name, skcb->addr.src_name); 573 swap(skcb->addr.da, skcb->addr.sa); 574 575 /* swap SRC and DST flags, leave other untouched */ 576 if (skcb->flags & J1939_ECU_LOCAL_SRC) 577 tmp |= J1939_ECU_LOCAL_DST; 578 if (skcb->flags & J1939_ECU_LOCAL_DST) 579 tmp |= J1939_ECU_LOCAL_SRC; 580 skcb->flags &= ~(J1939_ECU_LOCAL_SRC | J1939_ECU_LOCAL_DST); 581 skcb->flags |= tmp; 582 } 583 584 static struct 585 sk_buff *j1939_tp_tx_dat_new(struct j1939_priv *priv, 586 const struct j1939_sk_buff_cb *re_skcb, 587 bool ctl, 588 bool swap_src_dst) 589 { 590 struct sk_buff *skb; 591 struct j1939_sk_buff_cb *skcb; 592 593 skb = alloc_skb(sizeof(struct can_frame) + sizeof(struct can_skb_priv), 594 GFP_ATOMIC); 595 if (unlikely(!skb)) 596 return ERR_PTR(-ENOMEM); 597 598 skb->dev = priv->ndev; 599 can_skb_reserve(skb); 600 can_skb_prv(skb)->ifindex = priv->ndev->ifindex; 601 can_skb_prv(skb)->skbcnt = 0; 602 /* reserve CAN header */ 603 skb_reserve(skb, offsetof(struct can_frame, data)); 604 605 memcpy(skb->cb, re_skcb, sizeof(skb->cb)); 606 skcb = j1939_skb_to_cb(skb); 607 if (swap_src_dst) 608 j1939_skbcb_swap(skcb); 609 610 if (ctl) { 611 if (skcb->addr.type == J1939_ETP) 612 skcb->addr.pgn = J1939_ETP_PGN_CTL; 613 else 614 skcb->addr.pgn = J1939_TP_PGN_CTL; 615 } else { 616 if (skcb->addr.type == J1939_ETP) 617 skcb->addr.pgn = J1939_ETP_PGN_DAT; 618 else 619 skcb->addr.pgn = J1939_TP_PGN_DAT; 620 } 621 622 return skb; 623 } 624 625 /* TP transmit packet functions */ 626 static int j1939_tp_tx_dat(struct j1939_session *session, 627 const u8 *dat, int len) 628 { 629 struct j1939_priv *priv = session->priv; 630 struct sk_buff *skb; 631 632 skb = j1939_tp_tx_dat_new(priv, &session->skcb, 633 false, false); 634 if (IS_ERR(skb)) 635 return PTR_ERR(skb); 636 637 skb_put_data(skb, dat, len); 638 if (j1939_tp_padding && len < 8) 639 memset(skb_put(skb, 8 - len), 0xff, 8 - len); 640 641 return j1939_send_one(priv, skb); 642 } 643 644 static int j1939_xtp_do_tx_ctl(struct j1939_priv *priv, 645 const struct j1939_sk_buff_cb *re_skcb, 646 bool swap_src_dst, pgn_t pgn, const u8 *dat) 647 { 648 struct sk_buff *skb; 649 u8 *skdat; 650 651 if (!j1939_tp_im_involved(re_skcb, swap_src_dst)) 652 return 0; 653 654 skb = j1939_tp_tx_dat_new(priv, re_skcb, true, swap_src_dst); 655 if (IS_ERR(skb)) 656 return PTR_ERR(skb); 657 658 skdat = skb_put(skb, 8); 659 memcpy(skdat, dat, 5); 660 skdat[5] = (pgn >> 0); 661 skdat[6] = (pgn >> 8); 662 skdat[7] = (pgn >> 16); 663 664 return j1939_send_one(priv, skb); 665 } 666 667 static inline int j1939_tp_tx_ctl(struct j1939_session *session, 668 bool swap_src_dst, const u8 *dat) 669 { 670 struct j1939_priv *priv = session->priv; 671 672 return j1939_xtp_do_tx_ctl(priv, &session->skcb, 673 swap_src_dst, 674 session->skcb.addr.pgn, dat); 675 } 676 677 static int j1939_xtp_tx_abort(struct j1939_priv *priv, 678 const struct j1939_sk_buff_cb *re_skcb, 679 bool swap_src_dst, 680 enum j1939_xtp_abort err, 681 pgn_t pgn) 682 { 683 u8 dat[5]; 684 685 if (!j1939_tp_im_involved(re_skcb, swap_src_dst)) 686 return 0; 687 688 memset(dat, 0xff, sizeof(dat)); 689 dat[0] = J1939_TP_CMD_ABORT; 690 dat[1] = err; 691 return j1939_xtp_do_tx_ctl(priv, re_skcb, swap_src_dst, pgn, dat); 692 } 693 694 void j1939_tp_schedule_txtimer(struct j1939_session *session, int msec) 695 { 696 j1939_session_get(session); 697 hrtimer_start(&session->txtimer, ms_to_ktime(msec), 698 HRTIMER_MODE_REL_SOFT); 699 } 700 701 static inline void j1939_tp_set_rxtimeout(struct j1939_session *session, 702 int msec) 703 { 704 j1939_session_rxtimer_cancel(session); 705 j1939_session_get(session); 706 hrtimer_start(&session->rxtimer, ms_to_ktime(msec), 707 HRTIMER_MODE_REL_SOFT); 708 } 709 710 static int j1939_session_tx_rts(struct j1939_session *session) 711 { 712 u8 dat[8]; 713 int ret; 714 715 memset(dat, 0xff, sizeof(dat)); 716 717 dat[1] = (session->total_message_size >> 0); 718 dat[2] = (session->total_message_size >> 8); 719 dat[3] = session->pkt.total; 720 721 if (session->skcb.addr.type == J1939_ETP) { 722 dat[0] = J1939_ETP_CMD_RTS; 723 dat[1] = (session->total_message_size >> 0); 724 dat[2] = (session->total_message_size >> 8); 725 dat[3] = (session->total_message_size >> 16); 726 dat[4] = (session->total_message_size >> 24); 727 } else if (j1939_cb_is_broadcast(&session->skcb)) { 728 dat[0] = J1939_TP_CMD_BAM; 729 /* fake cts for broadcast */ 730 session->pkt.tx = 0; 731 } else { 732 dat[0] = J1939_TP_CMD_RTS; 733 dat[4] = dat[3]; 734 } 735 736 if (dat[0] == session->last_txcmd) 737 /* done already */ 738 return 0; 739 740 ret = j1939_tp_tx_ctl(session, false, dat); 741 if (ret < 0) 742 return ret; 743 744 session->last_txcmd = dat[0]; 745 if (dat[0] == J1939_TP_CMD_BAM) { 746 j1939_tp_schedule_txtimer(session, 50); 747 j1939_tp_set_rxtimeout(session, 250); 748 } else { 749 j1939_tp_set_rxtimeout(session, 1250); 750 } 751 752 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", __func__, session); 753 754 return 0; 755 } 756 757 static int j1939_session_tx_dpo(struct j1939_session *session) 758 { 759 unsigned int pkt; 760 u8 dat[8]; 761 int ret; 762 763 memset(dat, 0xff, sizeof(dat)); 764 765 dat[0] = J1939_ETP_CMD_DPO; 766 session->pkt.dpo = session->pkt.tx_acked; 767 pkt = session->pkt.dpo; 768 dat[1] = session->pkt.last - session->pkt.tx_acked; 769 dat[2] = (pkt >> 0); 770 dat[3] = (pkt >> 8); 771 dat[4] = (pkt >> 16); 772 773 ret = j1939_tp_tx_ctl(session, false, dat); 774 if (ret < 0) 775 return ret; 776 777 session->last_txcmd = dat[0]; 778 j1939_tp_set_rxtimeout(session, 1250); 779 session->pkt.tx = session->pkt.tx_acked; 780 781 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", __func__, session); 782 783 return 0; 784 } 785 786 static int j1939_session_tx_dat(struct j1939_session *session) 787 { 788 struct j1939_priv *priv = session->priv; 789 struct j1939_sk_buff_cb *se_skcb; 790 int offset, pkt_done, pkt_end; 791 unsigned int len, pdelay; 792 struct sk_buff *se_skb; 793 const u8 *tpdat; 794 int ret = 0; 795 u8 dat[8]; 796 797 se_skb = j1939_session_skb_get_by_offset(session, session->pkt.tx * 7); 798 if (!se_skb) 799 return -ENOBUFS; 800 801 se_skcb = j1939_skb_to_cb(se_skb); 802 tpdat = se_skb->data; 803 ret = 0; 804 pkt_done = 0; 805 if (session->skcb.addr.type != J1939_ETP && 806 j1939_cb_is_broadcast(&session->skcb)) 807 pkt_end = session->pkt.total; 808 else 809 pkt_end = session->pkt.last; 810 811 while (session->pkt.tx < pkt_end) { 812 dat[0] = session->pkt.tx - session->pkt.dpo + 1; 813 offset = (session->pkt.tx * 7) - se_skcb->offset; 814 len = se_skb->len - offset; 815 if (len > 7) 816 len = 7; 817 818 if (offset + len > se_skb->len) { 819 netdev_err_once(priv->ndev, 820 "%s: 0x%p: requested data outside of queued buffer: offset %i, len %i, pkt.tx: %i\n", 821 __func__, session, se_skcb->offset, 822 se_skb->len , session->pkt.tx); 823 ret = -EOVERFLOW; 824 goto out_free; 825 } 826 827 if (!len) { 828 ret = -ENOBUFS; 829 break; 830 } 831 832 memcpy(&dat[1], &tpdat[offset], len); 833 ret = j1939_tp_tx_dat(session, dat, len + 1); 834 if (ret < 0) { 835 /* ENOBUFS == CAN interface TX queue is full */ 836 if (ret != -ENOBUFS) 837 netdev_alert(priv->ndev, 838 "%s: 0x%p: queue data error: %i\n", 839 __func__, session, ret); 840 break; 841 } 842 843 session->last_txcmd = 0xff; 844 pkt_done++; 845 session->pkt.tx++; 846 pdelay = j1939_cb_is_broadcast(&session->skcb) ? 50 : 847 j1939_tp_packet_delay; 848 849 if (session->pkt.tx < session->pkt.total && pdelay) { 850 j1939_tp_schedule_txtimer(session, pdelay); 851 break; 852 } 853 } 854 855 if (pkt_done) 856 j1939_tp_set_rxtimeout(session, 250); 857 858 out_free: 859 if (ret) 860 kfree_skb(se_skb); 861 else 862 consume_skb(se_skb); 863 864 return ret; 865 } 866 867 static int j1939_xtp_txnext_transmiter(struct j1939_session *session) 868 { 869 struct j1939_priv *priv = session->priv; 870 int ret = 0; 871 872 if (!j1939_tp_im_transmitter(&session->skcb)) { 873 netdev_alert(priv->ndev, "%s: 0x%p: called by not transmitter!\n", 874 __func__, session); 875 return -EINVAL; 876 } 877 878 switch (session->last_cmd) { 879 case 0: 880 ret = j1939_session_tx_rts(session); 881 break; 882 883 case J1939_ETP_CMD_CTS: 884 if (session->last_txcmd != J1939_ETP_CMD_DPO) { 885 ret = j1939_session_tx_dpo(session); 886 if (ret) 887 return ret; 888 } 889 890 fallthrough; 891 case J1939_TP_CMD_CTS: 892 case 0xff: /* did some data */ 893 case J1939_ETP_CMD_DPO: 894 case J1939_TP_CMD_BAM: 895 ret = j1939_session_tx_dat(session); 896 897 break; 898 default: 899 netdev_alert(priv->ndev, "%s: 0x%p: unexpected last_cmd: %x\n", 900 __func__, session, session->last_cmd); 901 } 902 903 return ret; 904 } 905 906 static int j1939_session_tx_cts(struct j1939_session *session) 907 { 908 struct j1939_priv *priv = session->priv; 909 unsigned int pkt, len; 910 int ret; 911 u8 dat[8]; 912 913 if (!j1939_sk_recv_match(priv, &session->skcb)) 914 return -ENOENT; 915 916 len = session->pkt.total - session->pkt.rx; 917 len = min3(len, session->pkt.block, j1939_tp_block ?: 255); 918 memset(dat, 0xff, sizeof(dat)); 919 920 if (session->skcb.addr.type == J1939_ETP) { 921 pkt = session->pkt.rx + 1; 922 dat[0] = J1939_ETP_CMD_CTS; 923 dat[1] = len; 924 dat[2] = (pkt >> 0); 925 dat[3] = (pkt >> 8); 926 dat[4] = (pkt >> 16); 927 } else { 928 dat[0] = J1939_TP_CMD_CTS; 929 dat[1] = len; 930 dat[2] = session->pkt.rx + 1; 931 } 932 933 if (dat[0] == session->last_txcmd) 934 /* done already */ 935 return 0; 936 937 ret = j1939_tp_tx_ctl(session, true, dat); 938 if (ret < 0) 939 return ret; 940 941 if (len) 942 /* only mark cts done when len is set */ 943 session->last_txcmd = dat[0]; 944 j1939_tp_set_rxtimeout(session, 1250); 945 946 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", __func__, session); 947 948 return 0; 949 } 950 951 static int j1939_session_tx_eoma(struct j1939_session *session) 952 { 953 struct j1939_priv *priv = session->priv; 954 u8 dat[8]; 955 int ret; 956 957 if (!j1939_sk_recv_match(priv, &session->skcb)) 958 return -ENOENT; 959 960 memset(dat, 0xff, sizeof(dat)); 961 962 if (session->skcb.addr.type == J1939_ETP) { 963 dat[0] = J1939_ETP_CMD_EOMA; 964 dat[1] = session->total_message_size >> 0; 965 dat[2] = session->total_message_size >> 8; 966 dat[3] = session->total_message_size >> 16; 967 dat[4] = session->total_message_size >> 24; 968 } else { 969 dat[0] = J1939_TP_CMD_EOMA; 970 dat[1] = session->total_message_size; 971 dat[2] = session->total_message_size >> 8; 972 dat[3] = session->pkt.total; 973 } 974 975 if (dat[0] == session->last_txcmd) 976 /* done already */ 977 return 0; 978 979 ret = j1939_tp_tx_ctl(session, true, dat); 980 if (ret < 0) 981 return ret; 982 983 session->last_txcmd = dat[0]; 984 985 /* wait for the EOMA packet to come in */ 986 j1939_tp_set_rxtimeout(session, 1250); 987 988 netdev_dbg(session->priv->ndev, "%p: 0x%p\n", __func__, session); 989 990 return 0; 991 } 992 993 static int j1939_xtp_txnext_receiver(struct j1939_session *session) 994 { 995 struct j1939_priv *priv = session->priv; 996 int ret = 0; 997 998 if (!j1939_tp_im_receiver(&session->skcb)) { 999 netdev_alert(priv->ndev, "%s: 0x%p: called by not receiver!\n", 1000 __func__, session); 1001 return -EINVAL; 1002 } 1003 1004 switch (session->last_cmd) { 1005 case J1939_TP_CMD_RTS: 1006 case J1939_ETP_CMD_RTS: 1007 ret = j1939_session_tx_cts(session); 1008 break; 1009 1010 case J1939_ETP_CMD_CTS: 1011 case J1939_TP_CMD_CTS: 1012 case 0xff: /* did some data */ 1013 case J1939_ETP_CMD_DPO: 1014 if ((session->skcb.addr.type == J1939_TP && 1015 j1939_cb_is_broadcast(&session->skcb))) 1016 break; 1017 1018 if (session->pkt.rx >= session->pkt.total) { 1019 ret = j1939_session_tx_eoma(session); 1020 } else if (session->pkt.rx >= session->pkt.last) { 1021 session->last_txcmd = 0; 1022 ret = j1939_session_tx_cts(session); 1023 } 1024 break; 1025 default: 1026 netdev_alert(priv->ndev, "%s: 0x%p: unexpected last_cmd: %x\n", 1027 __func__, session, session->last_cmd); 1028 } 1029 1030 return ret; 1031 } 1032 1033 static int j1939_simple_txnext(struct j1939_session *session) 1034 { 1035 struct j1939_priv *priv = session->priv; 1036 struct sk_buff *se_skb = j1939_session_skb_get(session); 1037 struct sk_buff *skb; 1038 int ret; 1039 1040 if (!se_skb) 1041 return 0; 1042 1043 skb = skb_clone(se_skb, GFP_ATOMIC); 1044 if (!skb) { 1045 ret = -ENOMEM; 1046 goto out_free; 1047 } 1048 1049 can_skb_set_owner(skb, se_skb->sk); 1050 1051 j1939_tp_set_rxtimeout(session, J1939_SIMPLE_ECHO_TIMEOUT_MS); 1052 1053 ret = j1939_send_one(priv, skb); 1054 if (ret) 1055 goto out_free; 1056 1057 j1939_sk_errqueue(session, J1939_ERRQUEUE_TX_SCHED); 1058 j1939_sk_queue_activate_next(session); 1059 1060 out_free: 1061 if (ret) 1062 kfree_skb(se_skb); 1063 else 1064 consume_skb(se_skb); 1065 1066 return ret; 1067 } 1068 1069 static bool j1939_session_deactivate_locked(struct j1939_session *session) 1070 { 1071 bool active = false; 1072 1073 lockdep_assert_held(&session->priv->active_session_list_lock); 1074 1075 if (session->state >= J1939_SESSION_ACTIVE && 1076 session->state < J1939_SESSION_ACTIVE_MAX) { 1077 active = true; 1078 1079 list_del_init(&session->active_session_list_entry); 1080 session->state = J1939_SESSION_DONE; 1081 j1939_session_put(session); 1082 } 1083 1084 return active; 1085 } 1086 1087 static bool j1939_session_deactivate(struct j1939_session *session) 1088 { 1089 struct j1939_priv *priv = session->priv; 1090 bool active; 1091 1092 j1939_session_list_lock(priv); 1093 /* This function should be called with a session ref-count of at 1094 * least 2. 1095 */ 1096 WARN_ON_ONCE(kref_read(&session->kref) < 2); 1097 active = j1939_session_deactivate_locked(session); 1098 j1939_session_list_unlock(priv); 1099 1100 return active; 1101 } 1102 1103 static void 1104 j1939_session_deactivate_activate_next(struct j1939_session *session) 1105 { 1106 if (j1939_session_deactivate(session)) 1107 j1939_sk_queue_activate_next(session); 1108 } 1109 1110 static void __j1939_session_cancel(struct j1939_session *session, 1111 enum j1939_xtp_abort err) 1112 { 1113 struct j1939_priv *priv = session->priv; 1114 1115 WARN_ON_ONCE(!err); 1116 lockdep_assert_held(&session->priv->active_session_list_lock); 1117 1118 session->err = j1939_xtp_abort_to_errno(priv, err); 1119 session->state = J1939_SESSION_WAITING_ABORT; 1120 /* do not send aborts on incoming broadcasts */ 1121 if (!j1939_cb_is_broadcast(&session->skcb)) { 1122 j1939_xtp_tx_abort(priv, &session->skcb, 1123 !session->transmission, 1124 err, session->skcb.addr.pgn); 1125 } 1126 1127 if (session->sk) 1128 j1939_sk_send_loop_abort(session->sk, session->err); 1129 else 1130 j1939_sk_errqueue(session, J1939_ERRQUEUE_RX_ABORT); 1131 } 1132 1133 static void j1939_session_cancel(struct j1939_session *session, 1134 enum j1939_xtp_abort err) 1135 { 1136 j1939_session_list_lock(session->priv); 1137 1138 if (session->state >= J1939_SESSION_ACTIVE && 1139 session->state < J1939_SESSION_WAITING_ABORT) { 1140 j1939_tp_set_rxtimeout(session, J1939_XTP_ABORT_TIMEOUT_MS); 1141 __j1939_session_cancel(session, err); 1142 } 1143 1144 j1939_session_list_unlock(session->priv); 1145 } 1146 1147 static enum hrtimer_restart j1939_tp_txtimer(struct hrtimer *hrtimer) 1148 { 1149 struct j1939_session *session = 1150 container_of(hrtimer, struct j1939_session, txtimer); 1151 struct j1939_priv *priv = session->priv; 1152 int ret = 0; 1153 1154 if (session->skcb.addr.type == J1939_SIMPLE) { 1155 ret = j1939_simple_txnext(session); 1156 } else { 1157 if (session->transmission) 1158 ret = j1939_xtp_txnext_transmiter(session); 1159 else 1160 ret = j1939_xtp_txnext_receiver(session); 1161 } 1162 1163 switch (ret) { 1164 case -ENOBUFS: 1165 /* Retry limit is currently arbitrary chosen */ 1166 if (session->tx_retry < J1939_XTP_TX_RETRY_LIMIT) { 1167 session->tx_retry++; 1168 j1939_tp_schedule_txtimer(session, 1169 10 + prandom_u32_max(16)); 1170 } else { 1171 netdev_alert(priv->ndev, "%s: 0x%p: tx retry count reached\n", 1172 __func__, session); 1173 session->err = -ENETUNREACH; 1174 j1939_session_rxtimer_cancel(session); 1175 j1939_session_deactivate_activate_next(session); 1176 } 1177 break; 1178 case -ENETDOWN: 1179 /* In this case we should get a netdev_event(), all active 1180 * sessions will be cleared by 1181 * j1939_cancel_all_active_sessions(). So handle this as an 1182 * error, but let j1939_cancel_all_active_sessions() do the 1183 * cleanup including propagation of the error to user space. 1184 */ 1185 break; 1186 case -EOVERFLOW: 1187 j1939_session_cancel(session, J1939_XTP_ABORT_ECTS_TOO_BIG); 1188 break; 1189 case 0: 1190 session->tx_retry = 0; 1191 break; 1192 default: 1193 netdev_alert(priv->ndev, "%s: 0x%p: tx aborted with unknown reason: %i\n", 1194 __func__, session, ret); 1195 if (session->skcb.addr.type != J1939_SIMPLE) { 1196 j1939_session_cancel(session, J1939_XTP_ABORT_OTHER); 1197 } else { 1198 session->err = ret; 1199 j1939_session_rxtimer_cancel(session); 1200 j1939_session_deactivate_activate_next(session); 1201 } 1202 } 1203 1204 j1939_session_put(session); 1205 1206 return HRTIMER_NORESTART; 1207 } 1208 1209 static void j1939_session_completed(struct j1939_session *session) 1210 { 1211 struct sk_buff *se_skb; 1212 1213 if (!session->transmission) { 1214 se_skb = j1939_session_skb_get(session); 1215 /* distribute among j1939 receivers */ 1216 j1939_sk_recv(session->priv, se_skb); 1217 consume_skb(se_skb); 1218 } 1219 1220 j1939_session_deactivate_activate_next(session); 1221 } 1222 1223 static enum hrtimer_restart j1939_tp_rxtimer(struct hrtimer *hrtimer) 1224 { 1225 struct j1939_session *session = container_of(hrtimer, 1226 struct j1939_session, 1227 rxtimer); 1228 struct j1939_priv *priv = session->priv; 1229 1230 if (session->state == J1939_SESSION_WAITING_ABORT) { 1231 netdev_alert(priv->ndev, "%s: 0x%p: abort rx timeout. Force session deactivation\n", 1232 __func__, session); 1233 1234 j1939_session_deactivate_activate_next(session); 1235 1236 } else if (session->skcb.addr.type == J1939_SIMPLE) { 1237 netdev_alert(priv->ndev, "%s: 0x%p: Timeout. Failed to send simple message.\n", 1238 __func__, session); 1239 1240 /* The message is probably stuck in the CAN controller and can 1241 * be send as soon as CAN bus is in working state again. 1242 */ 1243 session->err = -ETIME; 1244 j1939_session_deactivate(session); 1245 } else { 1246 j1939_session_list_lock(session->priv); 1247 if (session->state >= J1939_SESSION_ACTIVE && 1248 session->state < J1939_SESSION_ACTIVE_MAX) { 1249 netdev_alert(priv->ndev, "%s: 0x%p: rx timeout, send abort\n", 1250 __func__, session); 1251 j1939_session_get(session); 1252 hrtimer_start(&session->rxtimer, 1253 ms_to_ktime(J1939_XTP_ABORT_TIMEOUT_MS), 1254 HRTIMER_MODE_REL_SOFT); 1255 __j1939_session_cancel(session, J1939_XTP_ABORT_TIMEOUT); 1256 } 1257 j1939_session_list_unlock(session->priv); 1258 } 1259 1260 j1939_session_put(session); 1261 1262 return HRTIMER_NORESTART; 1263 } 1264 1265 static bool j1939_xtp_rx_cmd_bad_pgn(struct j1939_session *session, 1266 const struct sk_buff *skb) 1267 { 1268 const struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1269 pgn_t pgn = j1939_xtp_ctl_to_pgn(skb->data); 1270 struct j1939_priv *priv = session->priv; 1271 enum j1939_xtp_abort abort = J1939_XTP_NO_ABORT; 1272 u8 cmd = skb->data[0]; 1273 1274 if (session->skcb.addr.pgn == pgn) 1275 return false; 1276 1277 switch (cmd) { 1278 case J1939_TP_CMD_BAM: 1279 abort = J1939_XTP_NO_ABORT; 1280 break; 1281 1282 case J1939_ETP_CMD_RTS: 1283 fallthrough; 1284 case J1939_TP_CMD_RTS: 1285 abort = J1939_XTP_ABORT_BUSY; 1286 break; 1287 1288 case J1939_ETP_CMD_CTS: 1289 fallthrough; 1290 case J1939_TP_CMD_CTS: 1291 abort = J1939_XTP_ABORT_ECTS_UNXPECTED_PGN; 1292 break; 1293 1294 case J1939_ETP_CMD_DPO: 1295 abort = J1939_XTP_ABORT_BAD_EDPO_PGN; 1296 break; 1297 1298 case J1939_ETP_CMD_EOMA: 1299 fallthrough; 1300 case J1939_TP_CMD_EOMA: 1301 abort = J1939_XTP_ABORT_OTHER; 1302 break; 1303 1304 case J1939_ETP_CMD_ABORT: /* && J1939_TP_CMD_ABORT */ 1305 abort = J1939_XTP_NO_ABORT; 1306 break; 1307 1308 default: 1309 WARN_ON_ONCE(1); 1310 break; 1311 } 1312 1313 netdev_warn(priv->ndev, "%s: 0x%p: CMD 0x%02x with PGN 0x%05x for running session with different PGN 0x%05x.\n", 1314 __func__, session, cmd, pgn, session->skcb.addr.pgn); 1315 if (abort != J1939_XTP_NO_ABORT) 1316 j1939_xtp_tx_abort(priv, skcb, true, abort, pgn); 1317 1318 return true; 1319 } 1320 1321 static void j1939_xtp_rx_abort_one(struct j1939_priv *priv, struct sk_buff *skb, 1322 bool reverse, bool transmitter) 1323 { 1324 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1325 struct j1939_session *session; 1326 u8 abort = skb->data[1]; 1327 1328 session = j1939_session_get_by_addr(priv, &skcb->addr, reverse, 1329 transmitter); 1330 if (!session) 1331 return; 1332 1333 if (j1939_xtp_rx_cmd_bad_pgn(session, skb)) 1334 goto abort_put; 1335 1336 netdev_info(priv->ndev, "%s: 0x%p: 0x%05x: (%u) %s\n", __func__, 1337 session, j1939_xtp_ctl_to_pgn(skb->data), abort, 1338 j1939_xtp_abort_to_str(abort)); 1339 1340 j1939_session_timers_cancel(session); 1341 session->err = j1939_xtp_abort_to_errno(priv, abort); 1342 if (session->sk) 1343 j1939_sk_send_loop_abort(session->sk, session->err); 1344 else 1345 j1939_sk_errqueue(session, J1939_ERRQUEUE_RX_ABORT); 1346 j1939_session_deactivate_activate_next(session); 1347 1348 abort_put: 1349 j1939_session_put(session); 1350 } 1351 1352 /* abort packets may come in 2 directions */ 1353 static void 1354 j1939_xtp_rx_abort(struct j1939_priv *priv, struct sk_buff *skb, 1355 bool transmitter) 1356 { 1357 j1939_xtp_rx_abort_one(priv, skb, false, transmitter); 1358 j1939_xtp_rx_abort_one(priv, skb, true, transmitter); 1359 } 1360 1361 static void 1362 j1939_xtp_rx_eoma_one(struct j1939_session *session, struct sk_buff *skb) 1363 { 1364 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1365 const u8 *dat; 1366 int len; 1367 1368 if (j1939_xtp_rx_cmd_bad_pgn(session, skb)) 1369 return; 1370 1371 dat = skb->data; 1372 1373 if (skcb->addr.type == J1939_ETP) 1374 len = j1939_etp_ctl_to_size(dat); 1375 else 1376 len = j1939_tp_ctl_to_size(dat); 1377 1378 if (session->total_message_size != len) { 1379 netdev_warn_once(session->priv->ndev, 1380 "%s: 0x%p: Incorrect size. Expected: %i; got: %i.\n", 1381 __func__, session, session->total_message_size, 1382 len); 1383 } 1384 1385 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", __func__, session); 1386 1387 session->pkt.tx_acked = session->pkt.total; 1388 j1939_session_timers_cancel(session); 1389 /* transmitted without problems */ 1390 j1939_session_completed(session); 1391 } 1392 1393 static void 1394 j1939_xtp_rx_eoma(struct j1939_priv *priv, struct sk_buff *skb, 1395 bool transmitter) 1396 { 1397 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1398 struct j1939_session *session; 1399 1400 session = j1939_session_get_by_addr(priv, &skcb->addr, true, 1401 transmitter); 1402 if (!session) 1403 return; 1404 1405 j1939_xtp_rx_eoma_one(session, skb); 1406 j1939_session_put(session); 1407 } 1408 1409 static void 1410 j1939_xtp_rx_cts_one(struct j1939_session *session, struct sk_buff *skb) 1411 { 1412 enum j1939_xtp_abort err = J1939_XTP_ABORT_FAULT; 1413 unsigned int pkt; 1414 const u8 *dat; 1415 1416 dat = skb->data; 1417 1418 if (j1939_xtp_rx_cmd_bad_pgn(session, skb)) 1419 return; 1420 1421 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", __func__, session); 1422 1423 if (session->last_cmd == dat[0]) { 1424 err = J1939_XTP_ABORT_DUP_SEQ; 1425 goto out_session_cancel; 1426 } 1427 1428 if (session->skcb.addr.type == J1939_ETP) 1429 pkt = j1939_etp_ctl_to_packet(dat); 1430 else 1431 pkt = dat[2]; 1432 1433 if (!pkt) 1434 goto out_session_cancel; 1435 else if (dat[1] > session->pkt.block /* 0xff for etp */) 1436 goto out_session_cancel; 1437 1438 /* set packet counters only when not CTS(0) */ 1439 session->pkt.tx_acked = pkt - 1; 1440 j1939_session_skb_drop_old(session); 1441 session->pkt.last = session->pkt.tx_acked + dat[1]; 1442 if (session->pkt.last > session->pkt.total) 1443 /* safety measure */ 1444 session->pkt.last = session->pkt.total; 1445 /* TODO: do not set tx here, do it in txtimer */ 1446 session->pkt.tx = session->pkt.tx_acked; 1447 1448 session->last_cmd = dat[0]; 1449 if (dat[1]) { 1450 j1939_tp_set_rxtimeout(session, 1250); 1451 if (session->transmission) { 1452 if (session->pkt.tx_acked) 1453 j1939_sk_errqueue(session, 1454 J1939_ERRQUEUE_TX_SCHED); 1455 j1939_session_txtimer_cancel(session); 1456 j1939_tp_schedule_txtimer(session, 0); 1457 } 1458 } else { 1459 /* CTS(0) */ 1460 j1939_tp_set_rxtimeout(session, 550); 1461 } 1462 return; 1463 1464 out_session_cancel: 1465 j1939_session_timers_cancel(session); 1466 j1939_session_cancel(session, err); 1467 } 1468 1469 static void 1470 j1939_xtp_rx_cts(struct j1939_priv *priv, struct sk_buff *skb, bool transmitter) 1471 { 1472 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1473 struct j1939_session *session; 1474 1475 session = j1939_session_get_by_addr(priv, &skcb->addr, true, 1476 transmitter); 1477 if (!session) 1478 return; 1479 j1939_xtp_rx_cts_one(session, skb); 1480 j1939_session_put(session); 1481 } 1482 1483 static struct j1939_session *j1939_session_new(struct j1939_priv *priv, 1484 struct sk_buff *skb, size_t size) 1485 { 1486 struct j1939_session *session; 1487 struct j1939_sk_buff_cb *skcb; 1488 1489 session = kzalloc(sizeof(*session), gfp_any()); 1490 if (!session) 1491 return NULL; 1492 1493 INIT_LIST_HEAD(&session->active_session_list_entry); 1494 INIT_LIST_HEAD(&session->sk_session_queue_entry); 1495 kref_init(&session->kref); 1496 1497 j1939_priv_get(priv); 1498 session->priv = priv; 1499 session->total_message_size = size; 1500 session->state = J1939_SESSION_NEW; 1501 1502 skb_queue_head_init(&session->skb_queue); 1503 skb_queue_tail(&session->skb_queue, skb); 1504 1505 skcb = j1939_skb_to_cb(skb); 1506 memcpy(&session->skcb, skcb, sizeof(session->skcb)); 1507 1508 hrtimer_init(&session->txtimer, CLOCK_MONOTONIC, 1509 HRTIMER_MODE_REL_SOFT); 1510 session->txtimer.function = j1939_tp_txtimer; 1511 hrtimer_init(&session->rxtimer, CLOCK_MONOTONIC, 1512 HRTIMER_MODE_REL_SOFT); 1513 session->rxtimer.function = j1939_tp_rxtimer; 1514 1515 netdev_dbg(priv->ndev, "%s: 0x%p: sa: %02x, da: %02x\n", 1516 __func__, session, skcb->addr.sa, skcb->addr.da); 1517 1518 return session; 1519 } 1520 1521 static struct 1522 j1939_session *j1939_session_fresh_new(struct j1939_priv *priv, 1523 int size, 1524 const struct j1939_sk_buff_cb *rel_skcb) 1525 { 1526 struct sk_buff *skb; 1527 struct j1939_sk_buff_cb *skcb; 1528 struct j1939_session *session; 1529 1530 skb = alloc_skb(size + sizeof(struct can_skb_priv), GFP_ATOMIC); 1531 if (unlikely(!skb)) 1532 return NULL; 1533 1534 skb->dev = priv->ndev; 1535 can_skb_reserve(skb); 1536 can_skb_prv(skb)->ifindex = priv->ndev->ifindex; 1537 can_skb_prv(skb)->skbcnt = 0; 1538 skcb = j1939_skb_to_cb(skb); 1539 memcpy(skcb, rel_skcb, sizeof(*skcb)); 1540 1541 session = j1939_session_new(priv, skb, size); 1542 if (!session) { 1543 kfree_skb(skb); 1544 return NULL; 1545 } 1546 1547 /* alloc data area */ 1548 skb_put(skb, size); 1549 /* skb is recounted in j1939_session_new() */ 1550 return session; 1551 } 1552 1553 int j1939_session_activate(struct j1939_session *session) 1554 { 1555 struct j1939_priv *priv = session->priv; 1556 struct j1939_session *active = NULL; 1557 int ret = 0; 1558 1559 j1939_session_list_lock(priv); 1560 if (session->skcb.addr.type != J1939_SIMPLE) 1561 active = j1939_session_get_by_addr_locked(priv, 1562 &priv->active_session_list, 1563 &session->skcb.addr, false, 1564 session->transmission); 1565 if (active) { 1566 j1939_session_put(active); 1567 ret = -EAGAIN; 1568 } else { 1569 WARN_ON_ONCE(session->state != J1939_SESSION_NEW); 1570 list_add_tail(&session->active_session_list_entry, 1571 &priv->active_session_list); 1572 j1939_session_get(session); 1573 session->state = J1939_SESSION_ACTIVE; 1574 1575 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", 1576 __func__, session); 1577 } 1578 j1939_session_list_unlock(priv); 1579 1580 return ret; 1581 } 1582 1583 static struct 1584 j1939_session *j1939_xtp_rx_rts_session_new(struct j1939_priv *priv, 1585 struct sk_buff *skb) 1586 { 1587 enum j1939_xtp_abort abort = J1939_XTP_NO_ABORT; 1588 struct j1939_sk_buff_cb skcb = *j1939_skb_to_cb(skb); 1589 struct j1939_session *session; 1590 const u8 *dat; 1591 pgn_t pgn; 1592 int len; 1593 1594 netdev_dbg(priv->ndev, "%s\n", __func__); 1595 1596 dat = skb->data; 1597 pgn = j1939_xtp_ctl_to_pgn(dat); 1598 skcb.addr.pgn = pgn; 1599 1600 if (!j1939_sk_recv_match(priv, &skcb)) 1601 return NULL; 1602 1603 if (skcb.addr.type == J1939_ETP) { 1604 len = j1939_etp_ctl_to_size(dat); 1605 if (len > J1939_MAX_ETP_PACKET_SIZE) 1606 abort = J1939_XTP_ABORT_FAULT; 1607 else if (len > priv->tp_max_packet_size) 1608 abort = J1939_XTP_ABORT_RESOURCE; 1609 else if (len <= J1939_MAX_TP_PACKET_SIZE) 1610 abort = J1939_XTP_ABORT_FAULT; 1611 } else { 1612 len = j1939_tp_ctl_to_size(dat); 1613 if (len > J1939_MAX_TP_PACKET_SIZE) 1614 abort = J1939_XTP_ABORT_FAULT; 1615 else if (len > priv->tp_max_packet_size) 1616 abort = J1939_XTP_ABORT_RESOURCE; 1617 else if (len < J1939_MIN_TP_PACKET_SIZE) 1618 abort = J1939_XTP_ABORT_FAULT; 1619 } 1620 1621 if (abort != J1939_XTP_NO_ABORT) { 1622 j1939_xtp_tx_abort(priv, &skcb, true, abort, pgn); 1623 return NULL; 1624 } 1625 1626 session = j1939_session_fresh_new(priv, len, &skcb); 1627 if (!session) { 1628 j1939_xtp_tx_abort(priv, &skcb, true, 1629 J1939_XTP_ABORT_RESOURCE, pgn); 1630 return NULL; 1631 } 1632 1633 /* initialize the control buffer: plain copy */ 1634 session->pkt.total = (len + 6) / 7; 1635 session->pkt.block = 0xff; 1636 if (skcb.addr.type != J1939_ETP) { 1637 if (dat[3] != session->pkt.total) 1638 netdev_alert(priv->ndev, "%s: 0x%p: strange total, %u != %u\n", 1639 __func__, session, session->pkt.total, 1640 dat[3]); 1641 session->pkt.total = dat[3]; 1642 session->pkt.block = min(dat[3], dat[4]); 1643 } 1644 1645 session->pkt.rx = 0; 1646 session->pkt.tx = 0; 1647 1648 session->tskey = priv->rx_tskey++; 1649 j1939_sk_errqueue(session, J1939_ERRQUEUE_RX_RTS); 1650 1651 WARN_ON_ONCE(j1939_session_activate(session)); 1652 1653 return session; 1654 } 1655 1656 static int j1939_xtp_rx_rts_session_active(struct j1939_session *session, 1657 struct sk_buff *skb) 1658 { 1659 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1660 struct j1939_priv *priv = session->priv; 1661 1662 if (!session->transmission) { 1663 if (j1939_xtp_rx_cmd_bad_pgn(session, skb)) 1664 return -EBUSY; 1665 1666 /* RTS on active session */ 1667 j1939_session_timers_cancel(session); 1668 j1939_session_cancel(session, J1939_XTP_ABORT_BUSY); 1669 } 1670 1671 if (session->last_cmd != 0) { 1672 /* we received a second rts on the same connection */ 1673 netdev_alert(priv->ndev, "%s: 0x%p: connection exists (%02x %02x). last cmd: %x\n", 1674 __func__, session, skcb->addr.sa, skcb->addr.da, 1675 session->last_cmd); 1676 1677 j1939_session_timers_cancel(session); 1678 j1939_session_cancel(session, J1939_XTP_ABORT_BUSY); 1679 1680 return -EBUSY; 1681 } 1682 1683 if (session->skcb.addr.sa != skcb->addr.sa || 1684 session->skcb.addr.da != skcb->addr.da) 1685 netdev_warn(priv->ndev, "%s: 0x%p: session->skcb.addr.sa=0x%02x skcb->addr.sa=0x%02x session->skcb.addr.da=0x%02x skcb->addr.da=0x%02x\n", 1686 __func__, session, 1687 session->skcb.addr.sa, skcb->addr.sa, 1688 session->skcb.addr.da, skcb->addr.da); 1689 /* make sure 'sa' & 'da' are correct ! 1690 * They may be 'not filled in yet' for sending 1691 * skb's, since they did not pass the Address Claim ever. 1692 */ 1693 session->skcb.addr.sa = skcb->addr.sa; 1694 session->skcb.addr.da = skcb->addr.da; 1695 1696 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", __func__, session); 1697 1698 return 0; 1699 } 1700 1701 static void j1939_xtp_rx_rts(struct j1939_priv *priv, struct sk_buff *skb, 1702 bool transmitter) 1703 { 1704 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1705 struct j1939_session *session; 1706 u8 cmd = skb->data[0]; 1707 1708 session = j1939_session_get_by_addr(priv, &skcb->addr, false, 1709 transmitter); 1710 1711 if (!session) { 1712 if (transmitter) { 1713 /* If we're the transmitter and this function is called, 1714 * we received our own RTS. A session has already been 1715 * created. 1716 * 1717 * For some reasons however it might have been destroyed 1718 * already. So don't create a new one here (using 1719 * "j1939_xtp_rx_rts_session_new()") as this will be a 1720 * receiver session. 1721 * 1722 * The reasons the session is already destroyed might 1723 * be: 1724 * - user space closed socket was and the session was 1725 * aborted 1726 * - session was aborted due to external abort message 1727 */ 1728 return; 1729 } 1730 session = j1939_xtp_rx_rts_session_new(priv, skb); 1731 if (!session) { 1732 if (cmd == J1939_TP_CMD_BAM && j1939_sk_recv_match(priv, skcb)) 1733 netdev_info(priv->ndev, "%s: failed to create TP BAM session\n", 1734 __func__); 1735 return; 1736 } 1737 } else { 1738 if (j1939_xtp_rx_rts_session_active(session, skb)) { 1739 j1939_session_put(session); 1740 return; 1741 } 1742 } 1743 session->last_cmd = cmd; 1744 1745 if (cmd == J1939_TP_CMD_BAM) { 1746 if (!session->transmission) 1747 j1939_tp_set_rxtimeout(session, 750); 1748 } else { 1749 if (!session->transmission) { 1750 j1939_session_txtimer_cancel(session); 1751 j1939_tp_schedule_txtimer(session, 0); 1752 } 1753 j1939_tp_set_rxtimeout(session, 1250); 1754 } 1755 1756 j1939_session_put(session); 1757 } 1758 1759 static void j1939_xtp_rx_dpo_one(struct j1939_session *session, 1760 struct sk_buff *skb) 1761 { 1762 const u8 *dat = skb->data; 1763 1764 if (j1939_xtp_rx_cmd_bad_pgn(session, skb)) 1765 return; 1766 1767 netdev_dbg(session->priv->ndev, "%s: 0x%p\n", __func__, session); 1768 1769 /* transmitted without problems */ 1770 session->pkt.dpo = j1939_etp_ctl_to_packet(skb->data); 1771 session->last_cmd = dat[0]; 1772 j1939_tp_set_rxtimeout(session, 750); 1773 1774 if (!session->transmission) 1775 j1939_sk_errqueue(session, J1939_ERRQUEUE_RX_DPO); 1776 } 1777 1778 static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, 1779 bool transmitter) 1780 { 1781 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1782 struct j1939_session *session; 1783 1784 session = j1939_session_get_by_addr(priv, &skcb->addr, false, 1785 transmitter); 1786 if (!session) { 1787 netdev_info(priv->ndev, 1788 "%s: no connection found\n", __func__); 1789 return; 1790 } 1791 1792 j1939_xtp_rx_dpo_one(session, skb); 1793 j1939_session_put(session); 1794 } 1795 1796 static void j1939_xtp_rx_dat_one(struct j1939_session *session, 1797 struct sk_buff *skb) 1798 { 1799 enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; 1800 struct j1939_priv *priv = session->priv; 1801 struct j1939_sk_buff_cb *skcb, *se_skcb; 1802 struct sk_buff *se_skb = NULL; 1803 const u8 *dat; 1804 u8 *tpdat; 1805 int offset; 1806 int nbytes; 1807 bool final = false; 1808 bool remain = false; 1809 bool do_cts_eoma = false; 1810 int packet; 1811 1812 skcb = j1939_skb_to_cb(skb); 1813 dat = skb->data; 1814 if (skb->len != 8) { 1815 /* makes no sense */ 1816 abort = J1939_XTP_ABORT_UNEXPECTED_DATA; 1817 goto out_session_cancel; 1818 } 1819 1820 switch (session->last_cmd) { 1821 case 0xff: 1822 break; 1823 case J1939_ETP_CMD_DPO: 1824 if (skcb->addr.type == J1939_ETP) 1825 break; 1826 fallthrough; 1827 case J1939_TP_CMD_BAM: 1828 fallthrough; 1829 case J1939_TP_CMD_CTS: 1830 if (skcb->addr.type != J1939_ETP) 1831 break; 1832 fallthrough; 1833 default: 1834 netdev_info(priv->ndev, "%s: 0x%p: last %02x\n", __func__, 1835 session, session->last_cmd); 1836 goto out_session_cancel; 1837 } 1838 1839 packet = (dat[0] - 1 + session->pkt.dpo); 1840 if (packet > session->pkt.total || 1841 (session->pkt.rx + 1) > session->pkt.total) { 1842 netdev_info(priv->ndev, "%s: 0x%p: should have been completed\n", 1843 __func__, session); 1844 goto out_session_cancel; 1845 } 1846 1847 se_skb = j1939_session_skb_get_by_offset(session, packet * 7); 1848 if (!se_skb) { 1849 netdev_warn(priv->ndev, "%s: 0x%p: no skb found\n", __func__, 1850 session); 1851 goto out_session_cancel; 1852 } 1853 1854 se_skcb = j1939_skb_to_cb(se_skb); 1855 offset = packet * 7 - se_skcb->offset; 1856 nbytes = se_skb->len - offset; 1857 if (nbytes > 7) 1858 nbytes = 7; 1859 if (nbytes <= 0 || (nbytes + 1) > skb->len) { 1860 netdev_info(priv->ndev, "%s: 0x%p: nbytes %i, len %i\n", 1861 __func__, session, nbytes, skb->len); 1862 goto out_session_cancel; 1863 } 1864 1865 tpdat = se_skb->data; 1866 if (!session->transmission) { 1867 memcpy(&tpdat[offset], &dat[1], nbytes); 1868 } else { 1869 int err; 1870 1871 err = memcmp(&tpdat[offset], &dat[1], nbytes); 1872 if (err) 1873 netdev_err_once(priv->ndev, 1874 "%s: 0x%p: Data of RX-looped back packet (%*ph) doesn't match TX data (%*ph)!\n", 1875 __func__, session, 1876 nbytes, &dat[1], 1877 nbytes, &tpdat[offset]); 1878 } 1879 1880 if (packet == session->pkt.rx) 1881 session->pkt.rx++; 1882 1883 if (se_skcb->addr.type != J1939_ETP && 1884 j1939_cb_is_broadcast(&session->skcb)) { 1885 if (session->pkt.rx >= session->pkt.total) 1886 final = true; 1887 else 1888 remain = true; 1889 } else { 1890 /* never final, an EOMA must follow */ 1891 if (session->pkt.rx >= session->pkt.last) 1892 do_cts_eoma = true; 1893 } 1894 1895 if (final) { 1896 j1939_session_timers_cancel(session); 1897 j1939_session_completed(session); 1898 } else if (remain) { 1899 if (!session->transmission) 1900 j1939_tp_set_rxtimeout(session, 750); 1901 } else if (do_cts_eoma) { 1902 j1939_tp_set_rxtimeout(session, 1250); 1903 if (!session->transmission) 1904 j1939_tp_schedule_txtimer(session, 0); 1905 } else { 1906 j1939_tp_set_rxtimeout(session, 750); 1907 } 1908 session->last_cmd = 0xff; 1909 consume_skb(se_skb); 1910 j1939_session_put(session); 1911 1912 return; 1913 1914 out_session_cancel: 1915 kfree_skb(se_skb); 1916 j1939_session_timers_cancel(session); 1917 j1939_session_cancel(session, abort); 1918 j1939_session_put(session); 1919 } 1920 1921 static void j1939_xtp_rx_dat(struct j1939_priv *priv, struct sk_buff *skb) 1922 { 1923 struct j1939_sk_buff_cb *skcb; 1924 struct j1939_session *session; 1925 1926 skcb = j1939_skb_to_cb(skb); 1927 1928 if (j1939_tp_im_transmitter(skcb)) { 1929 session = j1939_session_get_by_addr(priv, &skcb->addr, false, 1930 true); 1931 if (!session) 1932 netdev_info(priv->ndev, "%s: no tx connection found\n", 1933 __func__); 1934 else 1935 j1939_xtp_rx_dat_one(session, skb); 1936 } 1937 1938 if (j1939_tp_im_receiver(skcb)) { 1939 session = j1939_session_get_by_addr(priv, &skcb->addr, false, 1940 false); 1941 if (!session) 1942 netdev_info(priv->ndev, "%s: no rx connection found\n", 1943 __func__); 1944 else 1945 j1939_xtp_rx_dat_one(session, skb); 1946 } 1947 1948 if (j1939_cb_is_broadcast(skcb)) { 1949 session = j1939_session_get_by_addr(priv, &skcb->addr, false, 1950 false); 1951 if (session) 1952 j1939_xtp_rx_dat_one(session, skb); 1953 } 1954 } 1955 1956 /* j1939 main intf */ 1957 struct j1939_session *j1939_tp_send(struct j1939_priv *priv, 1958 struct sk_buff *skb, size_t size) 1959 { 1960 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 1961 struct j1939_session *session; 1962 int ret; 1963 1964 if (skcb->addr.pgn == J1939_TP_PGN_DAT || 1965 skcb->addr.pgn == J1939_TP_PGN_CTL || 1966 skcb->addr.pgn == J1939_ETP_PGN_DAT || 1967 skcb->addr.pgn == J1939_ETP_PGN_CTL) 1968 /* avoid conflict */ 1969 return ERR_PTR(-EDOM); 1970 1971 if (size > priv->tp_max_packet_size) 1972 return ERR_PTR(-EMSGSIZE); 1973 1974 if (size <= 8) 1975 skcb->addr.type = J1939_SIMPLE; 1976 else if (size > J1939_MAX_TP_PACKET_SIZE) 1977 skcb->addr.type = J1939_ETP; 1978 else 1979 skcb->addr.type = J1939_TP; 1980 1981 if (skcb->addr.type == J1939_ETP && 1982 j1939_cb_is_broadcast(skcb)) 1983 return ERR_PTR(-EDESTADDRREQ); 1984 1985 /* fill in addresses from names */ 1986 ret = j1939_ac_fixup(priv, skb); 1987 if (unlikely(ret)) 1988 return ERR_PTR(ret); 1989 1990 /* fix DST flags, it may be used there soon */ 1991 if (j1939_address_is_unicast(skcb->addr.da) && 1992 priv->ents[skcb->addr.da].nusers) 1993 skcb->flags |= J1939_ECU_LOCAL_DST; 1994 1995 /* src is always local, I'm sending ... */ 1996 skcb->flags |= J1939_ECU_LOCAL_SRC; 1997 1998 /* prepare new session */ 1999 session = j1939_session_new(priv, skb, size); 2000 if (!session) 2001 return ERR_PTR(-ENOMEM); 2002 2003 /* skb is recounted in j1939_session_new() */ 2004 sock_hold(skb->sk); 2005 session->sk = skb->sk; 2006 session->transmission = true; 2007 session->pkt.total = (size + 6) / 7; 2008 session->pkt.block = skcb->addr.type == J1939_ETP ? 255 : 2009 min(j1939_tp_block ?: 255, session->pkt.total); 2010 2011 if (j1939_cb_is_broadcast(&session->skcb)) 2012 /* set the end-packet for broadcast */ 2013 session->pkt.last = session->pkt.total; 2014 2015 skcb->tskey = atomic_inc_return(&session->sk->sk_tskey) - 1; 2016 session->tskey = skcb->tskey; 2017 2018 return session; 2019 } 2020 2021 static void j1939_tp_cmd_recv(struct j1939_priv *priv, struct sk_buff *skb) 2022 { 2023 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 2024 int extd = J1939_TP; 2025 u8 cmd = skb->data[0]; 2026 2027 switch (cmd) { 2028 case J1939_ETP_CMD_RTS: 2029 extd = J1939_ETP; 2030 fallthrough; 2031 case J1939_TP_CMD_BAM: 2032 if (cmd == J1939_TP_CMD_BAM && !j1939_cb_is_broadcast(skcb)) { 2033 netdev_err_once(priv->ndev, "%s: BAM to unicast (%02x), ignoring!\n", 2034 __func__, skcb->addr.sa); 2035 return; 2036 } 2037 fallthrough; 2038 case J1939_TP_CMD_RTS: 2039 if (skcb->addr.type != extd) 2040 return; 2041 2042 if (cmd == J1939_TP_CMD_RTS && j1939_cb_is_broadcast(skcb)) { 2043 netdev_alert(priv->ndev, "%s: rts without destination (%02x)\n", 2044 __func__, skcb->addr.sa); 2045 return; 2046 } 2047 2048 if (j1939_tp_im_transmitter(skcb)) 2049 j1939_xtp_rx_rts(priv, skb, true); 2050 2051 if (j1939_tp_im_receiver(skcb) || j1939_cb_is_broadcast(skcb)) 2052 j1939_xtp_rx_rts(priv, skb, false); 2053 2054 break; 2055 2056 case J1939_ETP_CMD_CTS: 2057 extd = J1939_ETP; 2058 fallthrough; 2059 case J1939_TP_CMD_CTS: 2060 if (skcb->addr.type != extd) 2061 return; 2062 2063 if (j1939_tp_im_transmitter(skcb)) 2064 j1939_xtp_rx_cts(priv, skb, false); 2065 2066 if (j1939_tp_im_receiver(skcb)) 2067 j1939_xtp_rx_cts(priv, skb, true); 2068 2069 break; 2070 2071 case J1939_ETP_CMD_DPO: 2072 if (skcb->addr.type != J1939_ETP) 2073 return; 2074 2075 if (j1939_tp_im_transmitter(skcb)) 2076 j1939_xtp_rx_dpo(priv, skb, true); 2077 2078 if (j1939_tp_im_receiver(skcb)) 2079 j1939_xtp_rx_dpo(priv, skb, false); 2080 2081 break; 2082 2083 case J1939_ETP_CMD_EOMA: 2084 extd = J1939_ETP; 2085 fallthrough; 2086 case J1939_TP_CMD_EOMA: 2087 if (skcb->addr.type != extd) 2088 return; 2089 2090 if (j1939_tp_im_transmitter(skcb)) 2091 j1939_xtp_rx_eoma(priv, skb, false); 2092 2093 if (j1939_tp_im_receiver(skcb)) 2094 j1939_xtp_rx_eoma(priv, skb, true); 2095 2096 break; 2097 2098 case J1939_ETP_CMD_ABORT: /* && J1939_TP_CMD_ABORT */ 2099 if (j1939_cb_is_broadcast(skcb)) { 2100 netdev_err_once(priv->ndev, "%s: abort to broadcast (%02x), ignoring!\n", 2101 __func__, skcb->addr.sa); 2102 return; 2103 } 2104 2105 if (j1939_tp_im_transmitter(skcb)) 2106 j1939_xtp_rx_abort(priv, skb, true); 2107 2108 if (j1939_tp_im_receiver(skcb)) 2109 j1939_xtp_rx_abort(priv, skb, false); 2110 2111 break; 2112 default: 2113 return; 2114 } 2115 } 2116 2117 int j1939_tp_recv(struct j1939_priv *priv, struct sk_buff *skb) 2118 { 2119 struct j1939_sk_buff_cb *skcb = j1939_skb_to_cb(skb); 2120 2121 if (!j1939_tp_im_involved_anydir(skcb) && !j1939_cb_is_broadcast(skcb)) 2122 return 0; 2123 2124 switch (skcb->addr.pgn) { 2125 case J1939_ETP_PGN_DAT: 2126 skcb->addr.type = J1939_ETP; 2127 fallthrough; 2128 case J1939_TP_PGN_DAT: 2129 j1939_xtp_rx_dat(priv, skb); 2130 break; 2131 2132 case J1939_ETP_PGN_CTL: 2133 skcb->addr.type = J1939_ETP; 2134 fallthrough; 2135 case J1939_TP_PGN_CTL: 2136 if (skb->len < 8) 2137 return 0; /* Don't care. Nothing to extract here */ 2138 2139 j1939_tp_cmd_recv(priv, skb); 2140 break; 2141 default: 2142 return 0; /* no problem */ 2143 } 2144 return 1; /* "I processed the message" */ 2145 } 2146 2147 void j1939_simple_recv(struct j1939_priv *priv, struct sk_buff *skb) 2148 { 2149 struct j1939_session *session; 2150 2151 if (!skb->sk) 2152 return; 2153 2154 if (skb->sk->sk_family != AF_CAN || 2155 skb->sk->sk_protocol != CAN_J1939) 2156 return; 2157 2158 j1939_session_list_lock(priv); 2159 session = j1939_session_get_simple(priv, skb); 2160 j1939_session_list_unlock(priv); 2161 if (!session) { 2162 netdev_warn(priv->ndev, 2163 "%s: Received already invalidated message\n", 2164 __func__); 2165 return; 2166 } 2167 2168 j1939_session_timers_cancel(session); 2169 j1939_session_deactivate(session); 2170 j1939_session_put(session); 2171 } 2172 2173 int j1939_cancel_active_session(struct j1939_priv *priv, struct sock *sk) 2174 { 2175 struct j1939_session *session, *saved; 2176 2177 netdev_dbg(priv->ndev, "%s, sk: %p\n", __func__, sk); 2178 j1939_session_list_lock(priv); 2179 list_for_each_entry_safe(session, saved, 2180 &priv->active_session_list, 2181 active_session_list_entry) { 2182 if (!sk || sk == session->sk) { 2183 if (hrtimer_try_to_cancel(&session->txtimer) == 1) 2184 j1939_session_put(session); 2185 if (hrtimer_try_to_cancel(&session->rxtimer) == 1) 2186 j1939_session_put(session); 2187 2188 session->err = ESHUTDOWN; 2189 j1939_session_deactivate_locked(session); 2190 } 2191 } 2192 j1939_session_list_unlock(priv); 2193 return NOTIFY_DONE; 2194 } 2195 2196 void j1939_tp_init(struct j1939_priv *priv) 2197 { 2198 spin_lock_init(&priv->active_session_list_lock); 2199 INIT_LIST_HEAD(&priv->active_session_list); 2200 priv->tp_max_packet_size = J1939_MAX_ETP_PACKET_SIZE; 2201 } 2202