1 /*
2 * llc_sap.c - driver routines for SAP component.
3 *
4 * Copyright (c) 1997 by Procom Technology, Inc.
5 * 2001-2003 by Arnaldo Carvalho de Melo <acme@conectiva.com.br>
6 *
7 * This program can be redistributed or modified under the terms of the
8 * GNU General Public License as published by the Free Software Foundation.
9 * This program is distributed without any warranty or implied warranty
10 * of merchantability or fitness for a particular purpose.
11 *
12 * See the GNU General Public License for more details.
13 */
14
15 #include <net/llc.h>
16 #include <net/llc_if.h>
17 #include <net/llc_conn.h>
18 #include <net/llc_pdu.h>
19 #include <net/llc_sap.h>
20 #include <net/llc_s_ac.h>
21 #include <net/llc_s_ev.h>
22 #include <net/llc_s_st.h>
23 #include <net/sock.h>
24 #include <net/tcp_states.h>
25 #include <linux/llc.h>
26 #include <linux/slab.h>
27
llc_mac_header_len(unsigned short devtype)28 static int llc_mac_header_len(unsigned short devtype)
29 {
30 switch (devtype) {
31 case ARPHRD_ETHER:
32 case ARPHRD_LOOPBACK:
33 return sizeof(struct ethhdr);
34 }
35 return 0;
36 }
37
38 /**
39 * llc_alloc_frame - allocates sk_buff for frame
40 * @dev: network device this skb will be sent over
41 * @type: pdu type to allocate
42 * @data_size: data size to allocate
43 *
44 * Allocates an sk_buff for frame and initializes sk_buff fields.
45 * Returns allocated skb or %NULL when out of memory.
46 */
llc_alloc_frame(struct sock * sk,struct net_device * dev,u8 type,u32 data_size)47 struct sk_buff *llc_alloc_frame(struct sock *sk, struct net_device *dev,
48 u8 type, u32 data_size)
49 {
50 int hlen = type == LLC_PDU_TYPE_U ? 3 : 4;
51 struct sk_buff *skb;
52
53 hlen += llc_mac_header_len(dev->type);
54 skb = alloc_skb(hlen + data_size, GFP_ATOMIC);
55
56 if (skb) {
57 skb_reset_mac_header(skb);
58 skb_reserve(skb, hlen);
59 skb_reset_network_header(skb);
60 skb_reset_transport_header(skb);
61 skb->protocol = htons(ETH_P_802_2);
62 skb->dev = dev;
63 if (sk != NULL)
64 skb_set_owner_w(skb, sk);
65 }
66 return skb;
67 }
68
llc_save_primitive(struct sock * sk,struct sk_buff * skb,u8 prim)69 void llc_save_primitive(struct sock *sk, struct sk_buff *skb, u8 prim)
70 {
71 struct sockaddr_llc *addr;
72
73 /* save primitive for use by the user. */
74 addr = llc_ui_skb_cb(skb);
75
76 memset(addr, 0, sizeof(*addr));
77 addr->sllc_family = sk->sk_family;
78 addr->sllc_arphrd = skb->dev->type;
79 addr->sllc_test = prim == LLC_TEST_PRIM;
80 addr->sllc_xid = prim == LLC_XID_PRIM;
81 addr->sllc_ua = prim == LLC_DATAUNIT_PRIM;
82 llc_pdu_decode_sa(skb, addr->sllc_mac);
83 llc_pdu_decode_ssap(skb, &addr->sllc_sap);
84 }
85
86 /**
87 * llc_sap_rtn_pdu - Informs upper layer on rx of an UI, XID or TEST pdu.
88 * @sap: pointer to SAP
89 * @skb: received pdu
90 */
llc_sap_rtn_pdu(struct llc_sap * sap,struct sk_buff * skb)91 void llc_sap_rtn_pdu(struct llc_sap *sap, struct sk_buff *skb)
92 {
93 struct llc_sap_state_ev *ev = llc_sap_ev(skb);
94 struct llc_pdu_un *pdu = llc_pdu_un_hdr(skb);
95
96 switch (LLC_U_PDU_RSP(pdu)) {
97 case LLC_1_PDU_CMD_TEST:
98 ev->prim = LLC_TEST_PRIM; break;
99 case LLC_1_PDU_CMD_XID:
100 ev->prim = LLC_XID_PRIM; break;
101 case LLC_1_PDU_CMD_UI:
102 ev->prim = LLC_DATAUNIT_PRIM; break;
103 }
104 ev->ind_cfm_flag = LLC_IND;
105 }
106
107 /**
108 * llc_find_sap_trans - finds transition for event
109 * @sap: pointer to SAP
110 * @skb: happened event
111 *
112 * This function finds transition that matches with happened event.
113 * Returns the pointer to found transition on success or %NULL for
114 * failure.
115 */
llc_find_sap_trans(struct llc_sap * sap,struct sk_buff * skb)116 static struct llc_sap_state_trans *llc_find_sap_trans(struct llc_sap *sap,
117 struct sk_buff *skb)
118 {
119 int i = 0;
120 struct llc_sap_state_trans *rc = NULL;
121 struct llc_sap_state_trans **next_trans;
122 struct llc_sap_state *curr_state = &llc_sap_state_table[sap->state - 1];
123 /*
124 * Search thru events for this state until list exhausted or until
125 * its obvious the event is not valid for the current state
126 */
127 for (next_trans = curr_state->transitions; next_trans[i]->ev; i++)
128 if (!next_trans[i]->ev(sap, skb)) {
129 rc = next_trans[i]; /* got event match; return it */
130 break;
131 }
132 return rc;
133 }
134
135 /**
136 * llc_exec_sap_trans_actions - execute actions related to event
137 * @sap: pointer to SAP
138 * @trans: pointer to transition that it's actions must be performed
139 * @skb: happened event.
140 *
141 * This function executes actions that is related to happened event.
142 * Returns 0 for success and 1 for failure of at least one action.
143 */
llc_exec_sap_trans_actions(struct llc_sap * sap,struct llc_sap_state_trans * trans,struct sk_buff * skb)144 static int llc_exec_sap_trans_actions(struct llc_sap *sap,
145 struct llc_sap_state_trans *trans,
146 struct sk_buff *skb)
147 {
148 int rc = 0;
149 llc_sap_action_t *next_action = trans->ev_actions;
150
151 for (; next_action && *next_action; next_action++)
152 if ((*next_action)(sap, skb))
153 rc = 1;
154 return rc;
155 }
156
157 /**
158 * llc_sap_next_state - finds transition, execs actions & change SAP state
159 * @sap: pointer to SAP
160 * @skb: happened event
161 *
162 * This function finds transition that matches with happened event, then
163 * executes related actions and finally changes state of SAP. It returns
164 * 0 on success and 1 for failure.
165 */
llc_sap_next_state(struct llc_sap * sap,struct sk_buff * skb)166 static int llc_sap_next_state(struct llc_sap *sap, struct sk_buff *skb)
167 {
168 int rc = 1;
169 struct llc_sap_state_trans *trans;
170
171 if (sap->state > LLC_NR_SAP_STATES)
172 goto out;
173 trans = llc_find_sap_trans(sap, skb);
174 if (!trans)
175 goto out;
176 /*
177 * Got the state to which we next transition; perform the actions
178 * associated with this transition before actually transitioning to the
179 * next state
180 */
181 rc = llc_exec_sap_trans_actions(sap, trans, skb);
182 if (rc)
183 goto out;
184 /*
185 * Transition SAP to next state if all actions execute successfully
186 */
187 sap->state = trans->next_state;
188 out:
189 return rc;
190 }
191
192 /**
193 * llc_sap_state_process - sends event to SAP state machine
194 * @sap: sap to use
195 * @skb: pointer to occurred event
196 *
197 * After executing actions of the event, upper layer will be indicated
198 * if needed(on receiving an UI frame). sk can be null for the
199 * datalink_proto case.
200 */
llc_sap_state_process(struct llc_sap * sap,struct sk_buff * skb)201 static void llc_sap_state_process(struct llc_sap *sap, struct sk_buff *skb)
202 {
203 struct llc_sap_state_ev *ev = llc_sap_ev(skb);
204
205 /*
206 * We have to hold the skb, because llc_sap_next_state
207 * will kfree it in the sending path and we need to
208 * look at the skb->cb, where we encode llc_sap_state_ev.
209 */
210 skb_get(skb);
211 ev->ind_cfm_flag = 0;
212 llc_sap_next_state(sap, skb);
213 if (ev->ind_cfm_flag == LLC_IND) {
214 if (skb->sk->sk_state == TCP_LISTEN)
215 kfree_skb(skb);
216 else {
217 llc_save_primitive(skb->sk, skb, ev->prim);
218
219 /* queue skb to the user. */
220 if (sock_queue_rcv_skb(skb->sk, skb))
221 kfree_skb(skb);
222 }
223 }
224 kfree_skb(skb);
225 }
226
227 /**
228 * llc_build_and_send_test_pkt - TEST interface for upper layers.
229 * @sap: sap to use
230 * @skb: packet to send
231 * @dmac: destination mac address
232 * @dsap: destination sap
233 *
234 * This function is called when upper layer wants to send a TEST pdu.
235 * Returns 0 for success, 1 otherwise.
236 */
llc_build_and_send_test_pkt(struct llc_sap * sap,struct sk_buff * skb,u8 * dmac,u8 dsap)237 void llc_build_and_send_test_pkt(struct llc_sap *sap,
238 struct sk_buff *skb, u8 *dmac, u8 dsap)
239 {
240 struct llc_sap_state_ev *ev = llc_sap_ev(skb);
241
242 ev->saddr.lsap = sap->laddr.lsap;
243 ev->daddr.lsap = dsap;
244 memcpy(ev->saddr.mac, skb->dev->dev_addr, IFHWADDRLEN);
245 memcpy(ev->daddr.mac, dmac, IFHWADDRLEN);
246
247 ev->type = LLC_SAP_EV_TYPE_PRIM;
248 ev->prim = LLC_TEST_PRIM;
249 ev->prim_type = LLC_PRIM_TYPE_REQ;
250 llc_sap_state_process(sap, skb);
251 }
252
253 /**
254 * llc_build_and_send_xid_pkt - XID interface for upper layers
255 * @sap: sap to use
256 * @skb: packet to send
257 * @dmac: destination mac address
258 * @dsap: destination sap
259 *
260 * This function is called when upper layer wants to send a XID pdu.
261 * Returns 0 for success, 1 otherwise.
262 */
llc_build_and_send_xid_pkt(struct llc_sap * sap,struct sk_buff * skb,u8 * dmac,u8 dsap)263 void llc_build_and_send_xid_pkt(struct llc_sap *sap, struct sk_buff *skb,
264 u8 *dmac, u8 dsap)
265 {
266 struct llc_sap_state_ev *ev = llc_sap_ev(skb);
267
268 ev->saddr.lsap = sap->laddr.lsap;
269 ev->daddr.lsap = dsap;
270 memcpy(ev->saddr.mac, skb->dev->dev_addr, IFHWADDRLEN);
271 memcpy(ev->daddr.mac, dmac, IFHWADDRLEN);
272
273 ev->type = LLC_SAP_EV_TYPE_PRIM;
274 ev->prim = LLC_XID_PRIM;
275 ev->prim_type = LLC_PRIM_TYPE_REQ;
276 llc_sap_state_process(sap, skb);
277 }
278
279 /**
280 * llc_sap_rcv - sends received pdus to the sap state machine
281 * @sap: current sap component structure.
282 * @skb: received frame.
283 *
284 * Sends received pdus to the sap state machine.
285 */
llc_sap_rcv(struct llc_sap * sap,struct sk_buff * skb,struct sock * sk)286 static void llc_sap_rcv(struct llc_sap *sap, struct sk_buff *skb,
287 struct sock *sk)
288 {
289 struct llc_sap_state_ev *ev = llc_sap_ev(skb);
290
291 ev->type = LLC_SAP_EV_TYPE_PDU;
292 ev->reason = 0;
293 skb_orphan(skb);
294 sock_hold(sk);
295 skb->sk = sk;
296 skb->destructor = sock_efree;
297 llc_sap_state_process(sap, skb);
298 }
299
llc_dgram_match(const struct llc_sap * sap,const struct llc_addr * laddr,const struct sock * sk)300 static inline bool llc_dgram_match(const struct llc_sap *sap,
301 const struct llc_addr *laddr,
302 const struct sock *sk)
303 {
304 struct llc_sock *llc = llc_sk(sk);
305
306 return sk->sk_type == SOCK_DGRAM &&
307 llc->laddr.lsap == laddr->lsap &&
308 ether_addr_equal(llc->laddr.mac, laddr->mac);
309 }
310
311 /**
312 * llc_lookup_dgram - Finds dgram socket for the local sap/mac
313 * @sap: SAP
314 * @laddr: address of local LLC (MAC + SAP)
315 *
316 * Search socket list of the SAP and finds connection using the local
317 * mac, and local sap. Returns pointer for socket found, %NULL otherwise.
318 */
llc_lookup_dgram(struct llc_sap * sap,const struct llc_addr * laddr)319 static struct sock *llc_lookup_dgram(struct llc_sap *sap,
320 const struct llc_addr *laddr)
321 {
322 struct sock *rc;
323 struct hlist_nulls_node *node;
324 int slot = llc_sk_laddr_hashfn(sap, laddr);
325 struct hlist_nulls_head *laddr_hb = &sap->sk_laddr_hash[slot];
326
327 rcu_read_lock_bh();
328 again:
329 sk_nulls_for_each_rcu(rc, node, laddr_hb) {
330 if (llc_dgram_match(sap, laddr, rc)) {
331 /* Extra checks required by SLAB_DESTROY_BY_RCU */
332 if (unlikely(!atomic_inc_not_zero(&rc->sk_refcnt)))
333 goto again;
334 if (unlikely(llc_sk(rc)->sap != sap ||
335 !llc_dgram_match(sap, laddr, rc))) {
336 sock_put(rc);
337 continue;
338 }
339 goto found;
340 }
341 }
342 rc = NULL;
343 /*
344 * if the nulls value we got at the end of this lookup is
345 * not the expected one, we must restart lookup.
346 * We probably met an item that was moved to another chain.
347 */
348 if (unlikely(get_nulls_value(node) != slot))
349 goto again;
350 found:
351 rcu_read_unlock_bh();
352 return rc;
353 }
354
llc_mcast_match(const struct llc_sap * sap,const struct llc_addr * laddr,const struct sk_buff * skb,const struct sock * sk)355 static inline bool llc_mcast_match(const struct llc_sap *sap,
356 const struct llc_addr *laddr,
357 const struct sk_buff *skb,
358 const struct sock *sk)
359 {
360 struct llc_sock *llc = llc_sk(sk);
361
362 return sk->sk_type == SOCK_DGRAM &&
363 llc->laddr.lsap == laddr->lsap &&
364 llc->dev == skb->dev;
365 }
366
llc_do_mcast(struct llc_sap * sap,struct sk_buff * skb,struct sock ** stack,int count)367 static void llc_do_mcast(struct llc_sap *sap, struct sk_buff *skb,
368 struct sock **stack, int count)
369 {
370 struct sk_buff *skb1;
371 int i;
372
373 for (i = 0; i < count; i++) {
374 skb1 = skb_clone(skb, GFP_ATOMIC);
375 if (!skb1) {
376 sock_put(stack[i]);
377 continue;
378 }
379
380 llc_sap_rcv(sap, skb1, stack[i]);
381 sock_put(stack[i]);
382 }
383 }
384
385 /**
386 * llc_sap_mcast - Deliver multicast PDU's to all matching datagram sockets.
387 * @sap: SAP
388 * @laddr: address of local LLC (MAC + SAP)
389 *
390 * Search socket list of the SAP and finds connections with same sap.
391 * Deliver clone to each.
392 */
llc_sap_mcast(struct llc_sap * sap,const struct llc_addr * laddr,struct sk_buff * skb)393 static void llc_sap_mcast(struct llc_sap *sap,
394 const struct llc_addr *laddr,
395 struct sk_buff *skb)
396 {
397 int i = 0, count = 256 / sizeof(struct sock *);
398 struct sock *sk, *stack[count];
399 struct llc_sock *llc;
400 struct hlist_head *dev_hb = llc_sk_dev_hash(sap, skb->dev->ifindex);
401
402 spin_lock_bh(&sap->sk_lock);
403 hlist_for_each_entry(llc, dev_hb, dev_hash_node) {
404
405 sk = &llc->sk;
406
407 if (!llc_mcast_match(sap, laddr, skb, sk))
408 continue;
409
410 sock_hold(sk);
411 if (i < count)
412 stack[i++] = sk;
413 else {
414 llc_do_mcast(sap, skb, stack, i);
415 i = 0;
416 }
417 }
418 spin_unlock_bh(&sap->sk_lock);
419
420 llc_do_mcast(sap, skb, stack, i);
421 }
422
423
llc_sap_handler(struct llc_sap * sap,struct sk_buff * skb)424 void llc_sap_handler(struct llc_sap *sap, struct sk_buff *skb)
425 {
426 struct llc_addr laddr;
427
428 llc_pdu_decode_da(skb, laddr.mac);
429 llc_pdu_decode_dsap(skb, &laddr.lsap);
430
431 if (is_multicast_ether_addr(laddr.mac)) {
432 llc_sap_mcast(sap, &laddr, skb);
433 kfree_skb(skb);
434 } else {
435 struct sock *sk = llc_lookup_dgram(sap, &laddr);
436 if (sk) {
437 llc_sap_rcv(sap, skb, sk);
438 sock_put(sk);
439 } else
440 kfree_skb(skb);
441 }
442 }
443