batman-adv: Increase orig_node refcount before releasing rcu read lock
[linux-3.10.git] / net / batman-adv / unicast.c
1 /*
2  * Copyright (C) 2010-2011 B.A.T.M.A.N. contributors:
3  *
4  * Andreas Langer
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of version 2 of the GNU General Public
8  * License as published by the Free Software Foundation.
9  *
10  * This program is distributed in the hope that it will be useful, but
11  * WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
18  * 02110-1301, USA
19  *
20  */
21
22 #include "main.h"
23 #include "unicast.h"
24 #include "send.h"
25 #include "soft-interface.h"
26 #include "gateway_client.h"
27 #include "originator.h"
28 #include "hash.h"
29 #include "translation-table.h"
30 #include "routing.h"
31 #include "hard-interface.h"
32
33
34 static struct sk_buff *frag_merge_packet(struct list_head *head,
35                                          struct frag_packet_list_entry *tfp,
36                                          struct sk_buff *skb)
37 {
38         struct unicast_frag_packet *up =
39                 (struct unicast_frag_packet *)skb->data;
40         struct sk_buff *tmp_skb;
41         struct unicast_packet *unicast_packet;
42         int hdr_len = sizeof(struct unicast_packet);
43         int uni_diff = sizeof(struct unicast_frag_packet) - hdr_len;
44
45         /* set skb to the first part and tmp_skb to the second part */
46         if (up->flags & UNI_FRAG_HEAD) {
47                 tmp_skb = tfp->skb;
48         } else {
49                 tmp_skb = skb;
50                 skb = tfp->skb;
51         }
52
53         skb_pull(tmp_skb, sizeof(struct unicast_frag_packet));
54         if (pskb_expand_head(skb, 0, tmp_skb->len, GFP_ATOMIC) < 0) {
55                 /* free buffered skb, skb will be freed later */
56                 kfree_skb(tfp->skb);
57                 return NULL;
58         }
59
60         /* move free entry to end */
61         tfp->skb = NULL;
62         tfp->seqno = 0;
63         list_move_tail(&tfp->list, head);
64
65         memcpy(skb_put(skb, tmp_skb->len), tmp_skb->data, tmp_skb->len);
66         kfree_skb(tmp_skb);
67
68         memmove(skb->data + uni_diff, skb->data, hdr_len);
69         unicast_packet = (struct unicast_packet *) skb_pull(skb, uni_diff);
70         unicast_packet->packet_type = BAT_UNICAST;
71
72         return skb;
73 }
74
75 static void frag_create_entry(struct list_head *head, struct sk_buff *skb)
76 {
77         struct frag_packet_list_entry *tfp;
78         struct unicast_frag_packet *up =
79                 (struct unicast_frag_packet *)skb->data;
80
81         /* free and oldest packets stand at the end */
82         tfp = list_entry((head)->prev, typeof(*tfp), list);
83         kfree_skb(tfp->skb);
84
85         tfp->seqno = ntohs(up->seqno);
86         tfp->skb = skb;
87         list_move(&tfp->list, head);
88         return;
89 }
90
91 static int frag_create_buffer(struct list_head *head)
92 {
93         int i;
94         struct frag_packet_list_entry *tfp;
95
96         for (i = 0; i < FRAG_BUFFER_SIZE; i++) {
97                 tfp = kmalloc(sizeof(struct frag_packet_list_entry),
98                         GFP_ATOMIC);
99                 if (!tfp) {
100                         frag_list_free(head);
101                         return -ENOMEM;
102                 }
103                 tfp->skb = NULL;
104                 tfp->seqno = 0;
105                 INIT_LIST_HEAD(&tfp->list);
106                 list_add(&tfp->list, head);
107         }
108
109         return 0;
110 }
111
112 static struct frag_packet_list_entry *frag_search_packet(struct list_head *head,
113                                                  struct unicast_frag_packet *up)
114 {
115         struct frag_packet_list_entry *tfp;
116         struct unicast_frag_packet *tmp_up = NULL;
117         uint16_t search_seqno;
118
119         if (up->flags & UNI_FRAG_HEAD)
120                 search_seqno = ntohs(up->seqno)+1;
121         else
122                 search_seqno = ntohs(up->seqno)-1;
123
124         list_for_each_entry(tfp, head, list) {
125
126                 if (!tfp->skb)
127                         continue;
128
129                 if (tfp->seqno == ntohs(up->seqno))
130                         goto mov_tail;
131
132                 tmp_up = (struct unicast_frag_packet *)tfp->skb->data;
133
134                 if (tfp->seqno == search_seqno) {
135
136                         if ((tmp_up->flags & UNI_FRAG_HEAD) !=
137                             (up->flags & UNI_FRAG_HEAD))
138                                 return tfp;
139                         else
140                                 goto mov_tail;
141                 }
142         }
143         return NULL;
144
145 mov_tail:
146         list_move_tail(&tfp->list, head);
147         return NULL;
148 }
149
150 void frag_list_free(struct list_head *head)
151 {
152         struct frag_packet_list_entry *pf, *tmp_pf;
153
154         if (!list_empty(head)) {
155
156                 list_for_each_entry_safe(pf, tmp_pf, head, list) {
157                         kfree_skb(pf->skb);
158                         list_del(&pf->list);
159                         kfree(pf);
160                 }
161         }
162         return;
163 }
164
165 /* frag_reassemble_skb():
166  * returns NET_RX_DROP if the operation failed - skb is left intact
167  * returns NET_RX_SUCCESS if the fragment was buffered (skb_new will be NULL)
168  * or the skb could be reassembled (skb_new will point to the new packet and
169  * skb was freed)
170  */
171 int frag_reassemble_skb(struct sk_buff *skb, struct bat_priv *bat_priv,
172                         struct sk_buff **new_skb)
173 {
174         struct orig_node *orig_node;
175         struct frag_packet_list_entry *tmp_frag_entry;
176         int ret = NET_RX_DROP;
177         struct unicast_frag_packet *unicast_packet =
178                 (struct unicast_frag_packet *)skb->data;
179
180         *new_skb = NULL;
181         spin_lock_bh(&bat_priv->orig_hash_lock);
182         rcu_read_lock();
183         orig_node = ((struct orig_node *)
184                     hash_find(bat_priv->orig_hash, compare_orig, choose_orig,
185                               unicast_packet->orig));
186         rcu_read_unlock();
187
188         if (!orig_node) {
189                 pr_debug("couldn't find originator in orig_hash\n");
190                 goto out;
191         }
192
193         orig_node->last_frag_packet = jiffies;
194
195         if (list_empty(&orig_node->frag_list) &&
196             frag_create_buffer(&orig_node->frag_list)) {
197                 pr_debug("couldn't create frag buffer\n");
198                 goto out;
199         }
200
201         tmp_frag_entry = frag_search_packet(&orig_node->frag_list,
202                                             unicast_packet);
203
204         if (!tmp_frag_entry) {
205                 frag_create_entry(&orig_node->frag_list, skb);
206                 ret = NET_RX_SUCCESS;
207                 goto out;
208         }
209
210         *new_skb = frag_merge_packet(&orig_node->frag_list, tmp_frag_entry,
211                                      skb);
212         /* if not, merge failed */
213         if (*new_skb)
214                 ret = NET_RX_SUCCESS;
215 out:
216         spin_unlock_bh(&bat_priv->orig_hash_lock);
217
218         return ret;
219 }
220
221 int frag_send_skb(struct sk_buff *skb, struct bat_priv *bat_priv,
222                   struct batman_if *batman_if, uint8_t dstaddr[])
223 {
224         struct unicast_packet tmp_uc, *unicast_packet;
225         struct sk_buff *frag_skb;
226         struct unicast_frag_packet *frag1, *frag2;
227         int uc_hdr_len = sizeof(struct unicast_packet);
228         int ucf_hdr_len = sizeof(struct unicast_frag_packet);
229         int data_len = skb->len - uc_hdr_len;
230         int large_tail = 0;
231         uint16_t seqno;
232
233         if (!bat_priv->primary_if)
234                 goto dropped;
235
236         frag_skb = dev_alloc_skb(data_len - (data_len / 2) + ucf_hdr_len);
237         if (!frag_skb)
238                 goto dropped;
239         skb_reserve(frag_skb, ucf_hdr_len);
240
241         unicast_packet = (struct unicast_packet *) skb->data;
242         memcpy(&tmp_uc, unicast_packet, uc_hdr_len);
243         skb_split(skb, frag_skb, data_len / 2 + uc_hdr_len);
244
245         if (my_skb_head_push(skb, ucf_hdr_len - uc_hdr_len) < 0 ||
246             my_skb_head_push(frag_skb, ucf_hdr_len) < 0)
247                 goto drop_frag;
248
249         frag1 = (struct unicast_frag_packet *)skb->data;
250         frag2 = (struct unicast_frag_packet *)frag_skb->data;
251
252         memcpy(frag1, &tmp_uc, sizeof(struct unicast_packet));
253
254         frag1->ttl--;
255         frag1->version = COMPAT_VERSION;
256         frag1->packet_type = BAT_UNICAST_FRAG;
257
258         memcpy(frag1->orig, bat_priv->primary_if->net_dev->dev_addr, ETH_ALEN);
259         memcpy(frag2, frag1, sizeof(struct unicast_frag_packet));
260
261         if (data_len & 1)
262                 large_tail = UNI_FRAG_LARGETAIL;
263
264         frag1->flags = UNI_FRAG_HEAD | large_tail;
265         frag2->flags = large_tail;
266
267         seqno = atomic_add_return(2, &batman_if->frag_seqno);
268         frag1->seqno = htons(seqno - 1);
269         frag2->seqno = htons(seqno);
270
271         send_skb_packet(skb, batman_if, dstaddr);
272         send_skb_packet(frag_skb, batman_if, dstaddr);
273         return NET_RX_SUCCESS;
274
275 drop_frag:
276         kfree_skb(frag_skb);
277 dropped:
278         kfree_skb(skb);
279         return NET_RX_DROP;
280 }
281
282 int unicast_send_skb(struct sk_buff *skb, struct bat_priv *bat_priv)
283 {
284         struct ethhdr *ethhdr = (struct ethhdr *)skb->data;
285         struct unicast_packet *unicast_packet;
286         struct orig_node *orig_node = NULL;
287         struct batman_if *batman_if;
288         struct neigh_node *neigh_node;
289         int data_len = skb->len;
290         uint8_t dstaddr[6];
291         int ret = 1;
292
293         spin_lock_bh(&bat_priv->orig_hash_lock);
294
295         /* get routing information */
296         if (is_multicast_ether_addr(ethhdr->h_dest)) {
297                 orig_node = (struct orig_node *)gw_get_selected(bat_priv);
298                 if (orig_node)
299                         goto find_router;
300         }
301
302         /* check for hna host - increases orig_node refcount */
303         orig_node = transtable_search(bat_priv, ethhdr->h_dest);
304
305 find_router:
306         /* find_router() increases neigh_nodes refcount if found. */
307         neigh_node = find_router(bat_priv, orig_node, NULL);
308
309         if (!neigh_node)
310                 goto unlock;
311
312         if (neigh_node->if_incoming->if_status != IF_ACTIVE)
313                 goto unlock;
314
315         if (my_skb_head_push(skb, sizeof(struct unicast_packet)) < 0)
316                 goto unlock;
317
318         /* don't lock while sending the packets ... we therefore
319          * copy the required data before sending */
320         batman_if = neigh_node->if_incoming;
321         memcpy(dstaddr, neigh_node->addr, ETH_ALEN);
322         spin_unlock_bh(&bat_priv->orig_hash_lock);
323
324         unicast_packet = (struct unicast_packet *)skb->data;
325
326         unicast_packet->version = COMPAT_VERSION;
327         /* batman packet type: unicast */
328         unicast_packet->packet_type = BAT_UNICAST;
329         /* set unicast ttl */
330         unicast_packet->ttl = TTL;
331         /* copy the destination for faster routing */
332         memcpy(unicast_packet->dest, orig_node->orig, ETH_ALEN);
333
334         if (atomic_read(&bat_priv->fragmentation) &&
335             data_len + sizeof(struct unicast_packet) >
336                                                 batman_if->net_dev->mtu) {
337                 /* send frag skb decreases ttl */
338                 unicast_packet->ttl++;
339                 ret = frag_send_skb(skb, bat_priv, batman_if, dstaddr);
340                 goto out;
341         }
342
343         send_skb_packet(skb, batman_if, dstaddr);
344         ret = 0;
345         goto out;
346
347 unlock:
348         spin_unlock_bh(&bat_priv->orig_hash_lock);
349 out:
350         if (neigh_node)
351                 neigh_node_free_ref(neigh_node);
352         if (orig_node)
353                 kref_put(&orig_node->refcount, orig_node_free_ref);
354         if (ret == 1)
355                 kfree_skb(skb);
356         return ret;
357 }