1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright (C) 2007-2020 B.A.T.M.A.N. contributors:
3 *
4 * Marek Lindner
5 */
6
7 #include "icmp_socket.h"
8 #include "main.h"
9
10 #include <linux/atomic.h>
11 #include <linux/compiler.h>
12 #include <linux/debugfs.h>
13 #include <linux/errno.h>
14 #include <linux/etherdevice.h>
15 #include <linux/eventpoll.h>
16 #include <linux/export.h>
17 #include <linux/fcntl.h>
18 #include <linux/fs.h>
19 #include <linux/gfp.h>
20 #include <linux/if_ether.h>
21 #include <linux/kernel.h>
22 #include <linux/list.h>
23 #include <linux/module.h>
24 #include <linux/netdevice.h>
25 #include <linux/pkt_sched.h>
26 #include <linux/poll.h>
27 #include <linux/printk.h>
28 #include <linux/sched.h> /* for linux/wait.h */
29 #include <linux/skbuff.h>
30 #include <linux/slab.h>
31 #include <linux/spinlock.h>
32 #include <linux/stddef.h>
33 #include <linux/string.h>
34 #include <linux/uaccess.h>
35 #include <linux/wait.h>
36 #include <uapi/linux/batadv_packet.h>
37
38 #include "debugfs.h"
39 #include "hard-interface.h"
40 #include "log.h"
41 #include "originator.h"
42 #include "send.h"
43
44 static struct batadv_socket_client *batadv_socket_client_hash[256];
45
46 static void batadv_socket_add_packet(struct batadv_socket_client *socket_client,
47 struct batadv_icmp_header *icmph,
48 size_t icmp_len);
49
50 /**
51 * batadv_socket_init() - Initialize soft interface independent socket data
52 */
batadv_socket_init(void)53 void batadv_socket_init(void)
54 {
55 memset(batadv_socket_client_hash, 0, sizeof(batadv_socket_client_hash));
56 }
57
batadv_socket_open(struct inode * inode,struct file * file)58 static int batadv_socket_open(struct inode *inode, struct file *file)
59 {
60 unsigned int i;
61 struct batadv_socket_client *socket_client;
62
63 if (!try_module_get(THIS_MODULE))
64 return -EBUSY;
65
66 batadv_debugfs_deprecated(file, "");
67
68 stream_open(inode, file);
69
70 socket_client = kmalloc(sizeof(*socket_client), GFP_KERNEL);
71 if (!socket_client) {
72 module_put(THIS_MODULE);
73 return -ENOMEM;
74 }
75
76 for (i = 0; i < ARRAY_SIZE(batadv_socket_client_hash); i++) {
77 if (!batadv_socket_client_hash[i]) {
78 batadv_socket_client_hash[i] = socket_client;
79 break;
80 }
81 }
82
83 if (i == ARRAY_SIZE(batadv_socket_client_hash)) {
84 pr_err("Error - can't add another packet client: maximum number of clients reached\n");
85 kfree(socket_client);
86 module_put(THIS_MODULE);
87 return -EXFULL;
88 }
89
90 INIT_LIST_HEAD(&socket_client->queue_list);
91 socket_client->queue_len = 0;
92 socket_client->index = i;
93 socket_client->bat_priv = inode->i_private;
94 spin_lock_init(&socket_client->lock);
95 init_waitqueue_head(&socket_client->queue_wait);
96
97 file->private_data = socket_client;
98
99 return 0;
100 }
101
batadv_socket_release(struct inode * inode,struct file * file)102 static int batadv_socket_release(struct inode *inode, struct file *file)
103 {
104 struct batadv_socket_client *client = file->private_data;
105 struct batadv_socket_packet *packet, *tmp;
106
107 spin_lock_bh(&client->lock);
108
109 /* for all packets in the queue ... */
110 list_for_each_entry_safe(packet, tmp, &client->queue_list, list) {
111 list_del(&packet->list);
112 kfree(packet);
113 }
114
115 batadv_socket_client_hash[client->index] = NULL;
116 spin_unlock_bh(&client->lock);
117
118 kfree(client);
119 module_put(THIS_MODULE);
120
121 return 0;
122 }
123
batadv_socket_read(struct file * file,char __user * buf,size_t count,loff_t * ppos)124 static ssize_t batadv_socket_read(struct file *file, char __user *buf,
125 size_t count, loff_t *ppos)
126 {
127 struct batadv_socket_client *socket_client = file->private_data;
128 struct batadv_socket_packet *socket_packet;
129 size_t packet_len;
130 int error;
131
132 if ((file->f_flags & O_NONBLOCK) && socket_client->queue_len == 0)
133 return -EAGAIN;
134
135 if (!buf || count < sizeof(struct batadv_icmp_packet))
136 return -EINVAL;
137
138 error = wait_event_interruptible(socket_client->queue_wait,
139 socket_client->queue_len);
140
141 if (error)
142 return error;
143
144 spin_lock_bh(&socket_client->lock);
145
146 socket_packet = list_first_entry(&socket_client->queue_list,
147 struct batadv_socket_packet, list);
148 list_del(&socket_packet->list);
149 socket_client->queue_len--;
150
151 spin_unlock_bh(&socket_client->lock);
152
153 packet_len = min(count, socket_packet->icmp_len);
154 error = copy_to_user(buf, &socket_packet->icmp_packet, packet_len);
155
156 kfree(socket_packet);
157
158 if (error)
159 return -EFAULT;
160
161 return packet_len;
162 }
163
batadv_socket_write(struct file * file,const char __user * buff,size_t len,loff_t * off)164 static ssize_t batadv_socket_write(struct file *file, const char __user *buff,
165 size_t len, loff_t *off)
166 {
167 struct batadv_socket_client *socket_client = file->private_data;
168 struct batadv_priv *bat_priv = socket_client->bat_priv;
169 struct batadv_hard_iface *primary_if = NULL;
170 struct sk_buff *skb;
171 struct batadv_icmp_packet_rr *icmp_packet_rr;
172 struct batadv_icmp_header *icmp_header;
173 struct batadv_orig_node *orig_node = NULL;
174 struct batadv_neigh_node *neigh_node = NULL;
175 size_t packet_len = sizeof(struct batadv_icmp_packet);
176 u8 *addr;
177
178 if (len < sizeof(struct batadv_icmp_header)) {
179 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
180 "Error - can't send packet from char device: invalid packet size\n");
181 return -EINVAL;
182 }
183
184 primary_if = batadv_primary_if_get_selected(bat_priv);
185
186 if (!primary_if) {
187 len = -EFAULT;
188 goto out;
189 }
190
191 if (len >= BATADV_ICMP_MAX_PACKET_SIZE)
192 packet_len = BATADV_ICMP_MAX_PACKET_SIZE;
193 else
194 packet_len = len;
195
196 skb = netdev_alloc_skb_ip_align(NULL, packet_len + ETH_HLEN);
197 if (!skb) {
198 len = -ENOMEM;
199 goto out;
200 }
201
202 skb->priority = TC_PRIO_CONTROL;
203 skb_reserve(skb, ETH_HLEN);
204 icmp_header = skb_put(skb, packet_len);
205
206 if (copy_from_user(icmp_header, buff, packet_len)) {
207 len = -EFAULT;
208 goto free_skb;
209 }
210
211 if (icmp_header->packet_type != BATADV_ICMP) {
212 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
213 "Error - can't send packet from char device: got bogus packet type (expected: BAT_ICMP)\n");
214 len = -EINVAL;
215 goto free_skb;
216 }
217
218 switch (icmp_header->msg_type) {
219 case BATADV_ECHO_REQUEST:
220 if (len < sizeof(struct batadv_icmp_packet)) {
221 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
222 "Error - can't send packet from char device: invalid packet size\n");
223 len = -EINVAL;
224 goto free_skb;
225 }
226
227 if (atomic_read(&bat_priv->mesh_state) != BATADV_MESH_ACTIVE)
228 goto dst_unreach;
229
230 orig_node = batadv_orig_hash_find(bat_priv, icmp_header->dst);
231 if (!orig_node)
232 goto dst_unreach;
233
234 neigh_node = batadv_orig_router_get(orig_node,
235 BATADV_IF_DEFAULT);
236 if (!neigh_node)
237 goto dst_unreach;
238
239 if (!neigh_node->if_incoming)
240 goto dst_unreach;
241
242 if (neigh_node->if_incoming->if_status != BATADV_IF_ACTIVE)
243 goto dst_unreach;
244
245 icmp_packet_rr = (struct batadv_icmp_packet_rr *)icmp_header;
246 if (packet_len == sizeof(*icmp_packet_rr)) {
247 addr = neigh_node->if_incoming->net_dev->dev_addr;
248 ether_addr_copy(icmp_packet_rr->rr[0], addr);
249 }
250
251 break;
252 default:
253 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
254 "Error - can't send packet from char device: got unknown message type\n");
255 len = -EINVAL;
256 goto free_skb;
257 }
258
259 icmp_header->uid = socket_client->index;
260
261 if (icmp_header->version != BATADV_COMPAT_VERSION) {
262 icmp_header->msg_type = BATADV_PARAMETER_PROBLEM;
263 icmp_header->version = BATADV_COMPAT_VERSION;
264 batadv_socket_add_packet(socket_client, icmp_header,
265 packet_len);
266 goto free_skb;
267 }
268
269 ether_addr_copy(icmp_header->orig, primary_if->net_dev->dev_addr);
270
271 batadv_send_unicast_skb(skb, neigh_node);
272 goto out;
273
274 dst_unreach:
275 icmp_header->msg_type = BATADV_DESTINATION_UNREACHABLE;
276 batadv_socket_add_packet(socket_client, icmp_header, packet_len);
277 free_skb:
278 kfree_skb(skb);
279 out:
280 if (primary_if)
281 batadv_hardif_put(primary_if);
282 if (neigh_node)
283 batadv_neigh_node_put(neigh_node);
284 if (orig_node)
285 batadv_orig_node_put(orig_node);
286 return len;
287 }
288
batadv_socket_poll(struct file * file,poll_table * wait)289 static __poll_t batadv_socket_poll(struct file *file, poll_table *wait)
290 {
291 struct batadv_socket_client *socket_client = file->private_data;
292
293 poll_wait(file, &socket_client->queue_wait, wait);
294
295 if (socket_client->queue_len > 0)
296 return EPOLLIN | EPOLLRDNORM;
297
298 return 0;
299 }
300
301 static const struct file_operations batadv_fops = {
302 .owner = THIS_MODULE,
303 .open = batadv_socket_open,
304 .release = batadv_socket_release,
305 .read = batadv_socket_read,
306 .write = batadv_socket_write,
307 .poll = batadv_socket_poll,
308 .llseek = no_llseek,
309 };
310
311 /**
312 * batadv_socket_setup() - Create debugfs "socket" file
313 * @bat_priv: the bat priv with all the soft interface information
314 */
batadv_socket_setup(struct batadv_priv * bat_priv)315 void batadv_socket_setup(struct batadv_priv *bat_priv)
316 {
317 debugfs_create_file(BATADV_ICMP_SOCKET, 0600, bat_priv->debug_dir,
318 bat_priv, &batadv_fops);
319 }
320
321 /**
322 * batadv_socket_add_packet() - schedule an icmp packet to be sent to
323 * userspace on an icmp socket.
324 * @socket_client: the socket this packet belongs to
325 * @icmph: pointer to the header of the icmp packet
326 * @icmp_len: total length of the icmp packet
327 */
batadv_socket_add_packet(struct batadv_socket_client * socket_client,struct batadv_icmp_header * icmph,size_t icmp_len)328 static void batadv_socket_add_packet(struct batadv_socket_client *socket_client,
329 struct batadv_icmp_header *icmph,
330 size_t icmp_len)
331 {
332 struct batadv_socket_packet *socket_packet;
333 size_t len;
334
335 socket_packet = kmalloc(sizeof(*socket_packet), GFP_ATOMIC);
336
337 if (!socket_packet)
338 return;
339
340 len = icmp_len;
341 /* check the maximum length before filling the buffer */
342 if (len > sizeof(socket_packet->icmp_packet))
343 len = sizeof(socket_packet->icmp_packet);
344
345 INIT_LIST_HEAD(&socket_packet->list);
346 memcpy(&socket_packet->icmp_packet, icmph, len);
347 socket_packet->icmp_len = len;
348
349 spin_lock_bh(&socket_client->lock);
350
351 /* while waiting for the lock the socket_client could have been
352 * deleted
353 */
354 if (!batadv_socket_client_hash[icmph->uid]) {
355 spin_unlock_bh(&socket_client->lock);
356 kfree(socket_packet);
357 return;
358 }
359
360 list_add_tail(&socket_packet->list, &socket_client->queue_list);
361 socket_client->queue_len++;
362
363 if (socket_client->queue_len > 100) {
364 socket_packet = list_first_entry(&socket_client->queue_list,
365 struct batadv_socket_packet,
366 list);
367
368 list_del(&socket_packet->list);
369 kfree(socket_packet);
370 socket_client->queue_len--;
371 }
372
373 spin_unlock_bh(&socket_client->lock);
374
375 wake_up(&socket_client->queue_wait);
376 }
377
378 /**
379 * batadv_socket_receive_packet() - schedule an icmp packet to be received
380 * locally and sent to userspace.
381 * @icmph: pointer to the header of the icmp packet
382 * @icmp_len: total length of the icmp packet
383 */
batadv_socket_receive_packet(struct batadv_icmp_header * icmph,size_t icmp_len)384 void batadv_socket_receive_packet(struct batadv_icmp_header *icmph,
385 size_t icmp_len)
386 {
387 struct batadv_socket_client *hash;
388
389 hash = batadv_socket_client_hash[icmph->uid];
390 if (hash)
391 batadv_socket_add_packet(hash, icmph, icmp_len);
392 }
393