0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013 #include <linux/idr.h>
0014 #include <linux/kconfig.h>
0015 #include <linux/mctp.h>
0016 #include <linux/netdevice.h>
0017 #include <linux/rtnetlink.h>
0018 #include <linux/skbuff.h>
0019
0020 #include <uapi/linux/if_arp.h>
0021
0022 #include <net/mctp.h>
0023 #include <net/mctpdevice.h>
0024 #include <net/netlink.h>
0025 #include <net/sock.h>
0026
0027 #include <trace/events/mctp.h>
0028
0029 static const unsigned int mctp_message_maxlen = 64 * 1024;
0030 static const unsigned long mctp_key_lifetime = 6 * CONFIG_HZ;
0031
0032 static void mctp_flow_prepare_output(struct sk_buff *skb, struct mctp_dev *dev);
0033
0034
0035 static int mctp_route_discard(struct mctp_route *route, struct sk_buff *skb)
0036 {
0037 kfree_skb(skb);
0038 return 0;
0039 }
0040
0041 static struct mctp_sock *mctp_lookup_bind(struct net *net, struct sk_buff *skb)
0042 {
0043 struct mctp_skb_cb *cb = mctp_cb(skb);
0044 struct mctp_hdr *mh;
0045 struct sock *sk;
0046 u8 type;
0047
0048 WARN_ON(!rcu_read_lock_held());
0049
0050
0051 mh = mctp_hdr(skb);
0052
0053 if (!skb_headlen(skb))
0054 return NULL;
0055
0056 type = (*(u8 *)skb->data) & 0x7f;
0057
0058 sk_for_each_rcu(sk, &net->mctp.binds) {
0059 struct mctp_sock *msk = container_of(sk, struct mctp_sock, sk);
0060
0061 if (msk->bind_net != MCTP_NET_ANY && msk->bind_net != cb->net)
0062 continue;
0063
0064 if (msk->bind_type != type)
0065 continue;
0066
0067 if (!mctp_address_matches(msk->bind_addr, mh->dest))
0068 continue;
0069
0070 return msk;
0071 }
0072
0073 return NULL;
0074 }
0075
0076 static bool mctp_key_match(struct mctp_sk_key *key, mctp_eid_t local,
0077 mctp_eid_t peer, u8 tag)
0078 {
0079 if (!mctp_address_matches(key->local_addr, local))
0080 return false;
0081
0082 if (key->peer_addr != peer)
0083 return false;
0084
0085 if (key->tag != tag)
0086 return false;
0087
0088 return true;
0089 }
0090
0091
0092
0093
0094 static struct mctp_sk_key *mctp_lookup_key(struct net *net, struct sk_buff *skb,
0095 mctp_eid_t peer,
0096 unsigned long *irqflags)
0097 __acquires(&key->lock)
0098 {
0099 struct mctp_sk_key *key, *ret;
0100 unsigned long flags;
0101 struct mctp_hdr *mh;
0102 u8 tag;
0103
0104 mh = mctp_hdr(skb);
0105 tag = mh->flags_seq_tag & (MCTP_HDR_TAG_MASK | MCTP_HDR_FLAG_TO);
0106
0107 ret = NULL;
0108 spin_lock_irqsave(&net->mctp.keys_lock, flags);
0109
0110 hlist_for_each_entry(key, &net->mctp.keys, hlist) {
0111 if (!mctp_key_match(key, mh->dest, peer, tag))
0112 continue;
0113
0114 spin_lock(&key->lock);
0115 if (key->valid) {
0116 refcount_inc(&key->refs);
0117 ret = key;
0118 break;
0119 }
0120 spin_unlock(&key->lock);
0121 }
0122
0123 if (ret) {
0124 spin_unlock(&net->mctp.keys_lock);
0125 *irqflags = flags;
0126 } else {
0127 spin_unlock_irqrestore(&net->mctp.keys_lock, flags);
0128 }
0129
0130 return ret;
0131 }
0132
0133 static struct mctp_sk_key *mctp_key_alloc(struct mctp_sock *msk,
0134 mctp_eid_t local, mctp_eid_t peer,
0135 u8 tag, gfp_t gfp)
0136 {
0137 struct mctp_sk_key *key;
0138
0139 key = kzalloc(sizeof(*key), gfp);
0140 if (!key)
0141 return NULL;
0142
0143 key->peer_addr = peer;
0144 key->local_addr = local;
0145 key->tag = tag;
0146 key->sk = &msk->sk;
0147 key->valid = true;
0148 spin_lock_init(&key->lock);
0149 refcount_set(&key->refs, 1);
0150
0151 return key;
0152 }
0153
0154 void mctp_key_unref(struct mctp_sk_key *key)
0155 {
0156 unsigned long flags;
0157
0158 if (!refcount_dec_and_test(&key->refs))
0159 return;
0160
0161
0162
0163
0164 spin_lock_irqsave(&key->lock, flags);
0165 mctp_dev_release_key(key->dev, key);
0166 spin_unlock_irqrestore(&key->lock, flags);
0167
0168 kfree(key);
0169 }
0170
0171 static int mctp_key_add(struct mctp_sk_key *key, struct mctp_sock *msk)
0172 {
0173 struct net *net = sock_net(&msk->sk);
0174 struct mctp_sk_key *tmp;
0175 unsigned long flags;
0176 int rc = 0;
0177
0178 spin_lock_irqsave(&net->mctp.keys_lock, flags);
0179
0180 hlist_for_each_entry(tmp, &net->mctp.keys, hlist) {
0181 if (mctp_key_match(tmp, key->local_addr, key->peer_addr,
0182 key->tag)) {
0183 spin_lock(&tmp->lock);
0184 if (tmp->valid)
0185 rc = -EEXIST;
0186 spin_unlock(&tmp->lock);
0187 if (rc)
0188 break;
0189 }
0190 }
0191
0192 if (!rc) {
0193 refcount_inc(&key->refs);
0194 key->expiry = jiffies + mctp_key_lifetime;
0195 timer_reduce(&msk->key_expiry, key->expiry);
0196
0197 hlist_add_head(&key->hlist, &net->mctp.keys);
0198 hlist_add_head(&key->sklist, &msk->keys);
0199 }
0200
0201 spin_unlock_irqrestore(&net->mctp.keys_lock, flags);
0202
0203 return rc;
0204 }
0205
0206
0207
0208
0209
0210
0211
0212 static void __mctp_key_done_in(struct mctp_sk_key *key, struct net *net,
0213 unsigned long flags, unsigned long reason)
0214 __releases(&key->lock)
0215 {
0216 struct sk_buff *skb;
0217
0218 trace_mctp_key_release(key, reason);
0219 skb = key->reasm_head;
0220 key->reasm_head = NULL;
0221
0222 if (!key->manual_alloc) {
0223 key->reasm_dead = true;
0224 key->valid = false;
0225 mctp_dev_release_key(key->dev, key);
0226 }
0227 spin_unlock_irqrestore(&key->lock, flags);
0228
0229 if (!key->manual_alloc) {
0230 spin_lock_irqsave(&net->mctp.keys_lock, flags);
0231 hlist_del(&key->hlist);
0232 hlist_del(&key->sklist);
0233 spin_unlock_irqrestore(&net->mctp.keys_lock, flags);
0234
0235
0236 mctp_key_unref(key);
0237 }
0238
0239
0240 mctp_key_unref(key);
0241
0242 kfree_skb(skb);
0243 }
0244
0245 #ifdef CONFIG_MCTP_FLOWS
0246 static void mctp_skb_set_flow(struct sk_buff *skb, struct mctp_sk_key *key)
0247 {
0248 struct mctp_flow *flow;
0249
0250 flow = skb_ext_add(skb, SKB_EXT_MCTP);
0251 if (!flow)
0252 return;
0253
0254 refcount_inc(&key->refs);
0255 flow->key = key;
0256 }
0257
0258 static void mctp_flow_prepare_output(struct sk_buff *skb, struct mctp_dev *dev)
0259 {
0260 struct mctp_sk_key *key;
0261 struct mctp_flow *flow;
0262
0263 flow = skb_ext_find(skb, SKB_EXT_MCTP);
0264 if (!flow)
0265 return;
0266
0267 key = flow->key;
0268
0269 if (WARN_ON(key->dev && key->dev != dev))
0270 return;
0271
0272 mctp_dev_set_key(dev, key);
0273 }
0274 #else
0275 static void mctp_skb_set_flow(struct sk_buff *skb, struct mctp_sk_key *key) {}
0276 static void mctp_flow_prepare_output(struct sk_buff *skb, struct mctp_dev *dev) {}
0277 #endif
0278
0279 static int mctp_frag_queue(struct mctp_sk_key *key, struct sk_buff *skb)
0280 {
0281 struct mctp_hdr *hdr = mctp_hdr(skb);
0282 u8 exp_seq, this_seq;
0283
0284 this_seq = (hdr->flags_seq_tag >> MCTP_HDR_SEQ_SHIFT)
0285 & MCTP_HDR_SEQ_MASK;
0286
0287 if (!key->reasm_head) {
0288 key->reasm_head = skb;
0289 key->reasm_tailp = &(skb_shinfo(skb)->frag_list);
0290 key->last_seq = this_seq;
0291 return 0;
0292 }
0293
0294 exp_seq = (key->last_seq + 1) & MCTP_HDR_SEQ_MASK;
0295
0296 if (this_seq != exp_seq)
0297 return -EINVAL;
0298
0299 if (key->reasm_head->len + skb->len > mctp_message_maxlen)
0300 return -EINVAL;
0301
0302 skb->next = NULL;
0303 skb->sk = NULL;
0304 *key->reasm_tailp = skb;
0305 key->reasm_tailp = &skb->next;
0306
0307 key->last_seq = this_seq;
0308
0309 key->reasm_head->data_len += skb->len;
0310 key->reasm_head->len += skb->len;
0311 key->reasm_head->truesize += skb->truesize;
0312
0313 return 0;
0314 }
0315
0316 static int mctp_route_input(struct mctp_route *route, struct sk_buff *skb)
0317 {
0318 struct net *net = dev_net(skb->dev);
0319 struct mctp_sk_key *key;
0320 struct mctp_sock *msk;
0321 struct mctp_hdr *mh;
0322 unsigned long f;
0323 u8 tag, flags;
0324 int rc;
0325
0326 msk = NULL;
0327 rc = -EINVAL;
0328
0329
0330
0331
0332 skb_orphan(skb);
0333
0334
0335 if (skb->len < sizeof(struct mctp_hdr) + 1)
0336 goto out;
0337
0338
0339 mh = mctp_hdr(skb);
0340 skb_pull(skb, sizeof(struct mctp_hdr));
0341
0342 if (mh->ver != 1)
0343 goto out;
0344
0345 flags = mh->flags_seq_tag & (MCTP_HDR_FLAG_SOM | MCTP_HDR_FLAG_EOM);
0346 tag = mh->flags_seq_tag & (MCTP_HDR_TAG_MASK | MCTP_HDR_FLAG_TO);
0347
0348 rcu_read_lock();
0349
0350
0351
0352
0353 key = mctp_lookup_key(net, skb, mh->src, &f);
0354
0355 if (flags & MCTP_HDR_FLAG_SOM) {
0356 if (key) {
0357 msk = container_of(key->sk, struct mctp_sock, sk);
0358 } else {
0359
0360
0361
0362
0363
0364 key = mctp_lookup_key(net, skb, MCTP_ADDR_ANY, &f);
0365 if (key) {
0366 msk = container_of(key->sk,
0367 struct mctp_sock, sk);
0368 spin_unlock_irqrestore(&key->lock, f);
0369 mctp_key_unref(key);
0370 key = NULL;
0371 }
0372 }
0373
0374 if (!key && !msk && (tag & MCTP_HDR_FLAG_TO))
0375 msk = mctp_lookup_bind(net, skb);
0376
0377 if (!msk) {
0378 rc = -ENOENT;
0379 goto out_unlock;
0380 }
0381
0382
0383
0384
0385 if (flags & MCTP_HDR_FLAG_EOM) {
0386 sock_queue_rcv_skb(&msk->sk, skb);
0387 if (key) {
0388
0389
0390
0391 __mctp_key_done_in(key, net, f,
0392 MCTP_TRACE_KEY_REPLIED);
0393 key = NULL;
0394 }
0395 rc = 0;
0396 goto out_unlock;
0397 }
0398
0399
0400
0401
0402 if (!key) {
0403 key = mctp_key_alloc(msk, mh->dest, mh->src,
0404 tag, GFP_ATOMIC);
0405 if (!key) {
0406 rc = -ENOMEM;
0407 goto out_unlock;
0408 }
0409
0410
0411
0412
0413 mctp_frag_queue(key, skb);
0414
0415
0416
0417
0418
0419
0420
0421 rc = mctp_key_add(key, msk);
0422 if (rc) {
0423 kfree(key);
0424 } else {
0425 trace_mctp_key_acquire(key);
0426
0427
0428 mctp_key_unref(key);
0429 }
0430 key = NULL;
0431
0432 } else {
0433 if (key->reasm_head || key->reasm_dead) {
0434
0435 __mctp_key_done_in(key, net, f,
0436 MCTP_TRACE_KEY_INVALIDATED);
0437 rc = -EEXIST;
0438 key = NULL;
0439 } else {
0440 rc = mctp_frag_queue(key, skb);
0441 }
0442 }
0443
0444 } else if (key) {
0445
0446
0447
0448
0449
0450 if (!key->reasm_head)
0451 rc = -EINVAL;
0452 else
0453 rc = mctp_frag_queue(key, skb);
0454
0455
0456
0457
0458 if (!rc && flags & MCTP_HDR_FLAG_EOM) {
0459 sock_queue_rcv_skb(key->sk, key->reasm_head);
0460 key->reasm_head = NULL;
0461 __mctp_key_done_in(key, net, f, MCTP_TRACE_KEY_REPLIED);
0462 key = NULL;
0463 }
0464
0465 } else {
0466
0467 rc = -ENOENT;
0468 }
0469
0470 out_unlock:
0471 rcu_read_unlock();
0472 if (key) {
0473 spin_unlock_irqrestore(&key->lock, f);
0474 mctp_key_unref(key);
0475 }
0476 out:
0477 if (rc)
0478 kfree_skb(skb);
0479 return rc;
0480 }
0481
0482 static unsigned int mctp_route_mtu(struct mctp_route *rt)
0483 {
0484 return rt->mtu ?: READ_ONCE(rt->dev->dev->mtu);
0485 }
0486
0487 static int mctp_route_output(struct mctp_route *route, struct sk_buff *skb)
0488 {
0489 struct mctp_skb_cb *cb = mctp_cb(skb);
0490 struct mctp_hdr *hdr = mctp_hdr(skb);
0491 char daddr_buf[MAX_ADDR_LEN];
0492 char *daddr = NULL;
0493 unsigned int mtu;
0494 int rc;
0495
0496 skb->protocol = htons(ETH_P_MCTP);
0497
0498 mtu = READ_ONCE(skb->dev->mtu);
0499 if (skb->len > mtu) {
0500 kfree_skb(skb);
0501 return -EMSGSIZE;
0502 }
0503
0504 if (cb->ifindex) {
0505
0506 if (cb->halen != skb->dev->addr_len) {
0507
0508 kfree_skb(skb);
0509 return -EMSGSIZE;
0510 }
0511 daddr = cb->haddr;
0512 } else {
0513
0514 if (mctp_neigh_lookup(route->dev, hdr->dest, daddr_buf) == 0)
0515 daddr = daddr_buf;
0516 }
0517
0518 rc = dev_hard_header(skb, skb->dev, ntohs(skb->protocol),
0519 daddr, skb->dev->dev_addr, skb->len);
0520 if (rc < 0) {
0521 kfree_skb(skb);
0522 return -EHOSTUNREACH;
0523 }
0524
0525 mctp_flow_prepare_output(skb, route->dev);
0526
0527 rc = dev_queue_xmit(skb);
0528 if (rc)
0529 rc = net_xmit_errno(rc);
0530
0531 return rc;
0532 }
0533
0534
0535 static void mctp_route_release(struct mctp_route *rt)
0536 {
0537 if (refcount_dec_and_test(&rt->refs)) {
0538 mctp_dev_put(rt->dev);
0539 kfree_rcu(rt, rcu);
0540 }
0541 }
0542
0543
0544 static struct mctp_route *mctp_route_alloc(void)
0545 {
0546 struct mctp_route *rt;
0547
0548 rt = kzalloc(sizeof(*rt), GFP_KERNEL);
0549 if (!rt)
0550 return NULL;
0551
0552 INIT_LIST_HEAD(&rt->list);
0553 refcount_set(&rt->refs, 1);
0554 rt->output = mctp_route_discard;
0555
0556 return rt;
0557 }
0558
0559 unsigned int mctp_default_net(struct net *net)
0560 {
0561 return READ_ONCE(net->mctp.default_net);
0562 }
0563
0564 int mctp_default_net_set(struct net *net, unsigned int index)
0565 {
0566 if (index == 0)
0567 return -EINVAL;
0568 WRITE_ONCE(net->mctp.default_net, index);
0569 return 0;
0570 }
0571
0572
0573 static void mctp_reserve_tag(struct net *net, struct mctp_sk_key *key,
0574 struct mctp_sock *msk)
0575 {
0576 struct netns_mctp *mns = &net->mctp;
0577
0578 lockdep_assert_held(&mns->keys_lock);
0579
0580 key->expiry = jiffies + mctp_key_lifetime;
0581 timer_reduce(&msk->key_expiry, key->expiry);
0582
0583
0584
0585
0586 hlist_add_head_rcu(&key->hlist, &mns->keys);
0587 hlist_add_head_rcu(&key->sklist, &msk->keys);
0588 refcount_inc(&key->refs);
0589 }
0590
0591
0592
0593
0594 struct mctp_sk_key *mctp_alloc_local_tag(struct mctp_sock *msk,
0595 mctp_eid_t daddr, mctp_eid_t saddr,
0596 bool manual, u8 *tagp)
0597 {
0598 struct net *net = sock_net(&msk->sk);
0599 struct netns_mctp *mns = &net->mctp;
0600 struct mctp_sk_key *key, *tmp;
0601 unsigned long flags;
0602 u8 tagbits;
0603
0604
0605 if (daddr == MCTP_ADDR_NULL)
0606 daddr = MCTP_ADDR_ANY;
0607
0608
0609 key = mctp_key_alloc(msk, saddr, daddr, 0, GFP_KERNEL);
0610 if (!key)
0611 return ERR_PTR(-ENOMEM);
0612
0613
0614 tagbits = 0xff;
0615
0616 spin_lock_irqsave(&mns->keys_lock, flags);
0617
0618
0619
0620
0621 hlist_for_each_entry(tmp, &mns->keys, hlist) {
0622
0623
0624
0625
0626
0627 if (tmp->tag & MCTP_HDR_FLAG_TO)
0628 continue;
0629
0630 if (!(mctp_address_matches(tmp->peer_addr, daddr) &&
0631 mctp_address_matches(tmp->local_addr, saddr)))
0632 continue;
0633
0634 spin_lock(&tmp->lock);
0635
0636
0637
0638 if (tmp->valid)
0639 tagbits &= ~(1 << tmp->tag);
0640 spin_unlock(&tmp->lock);
0641
0642 if (!tagbits)
0643 break;
0644 }
0645
0646 if (tagbits) {
0647 key->tag = __ffs(tagbits);
0648 mctp_reserve_tag(net, key, msk);
0649 trace_mctp_key_acquire(key);
0650
0651 key->manual_alloc = manual;
0652 *tagp = key->tag;
0653 }
0654
0655 spin_unlock_irqrestore(&mns->keys_lock, flags);
0656
0657 if (!tagbits) {
0658 kfree(key);
0659 return ERR_PTR(-EBUSY);
0660 }
0661
0662 return key;
0663 }
0664
0665 static struct mctp_sk_key *mctp_lookup_prealloc_tag(struct mctp_sock *msk,
0666 mctp_eid_t daddr,
0667 u8 req_tag, u8 *tagp)
0668 {
0669 struct net *net = sock_net(&msk->sk);
0670 struct netns_mctp *mns = &net->mctp;
0671 struct mctp_sk_key *key, *tmp;
0672 unsigned long flags;
0673
0674 req_tag &= ~(MCTP_TAG_PREALLOC | MCTP_TAG_OWNER);
0675 key = NULL;
0676
0677 spin_lock_irqsave(&mns->keys_lock, flags);
0678
0679 hlist_for_each_entry(tmp, &mns->keys, hlist) {
0680 if (tmp->tag != req_tag)
0681 continue;
0682
0683 if (!mctp_address_matches(tmp->peer_addr, daddr))
0684 continue;
0685
0686 if (!tmp->manual_alloc)
0687 continue;
0688
0689 spin_lock(&tmp->lock);
0690 if (tmp->valid) {
0691 key = tmp;
0692 refcount_inc(&key->refs);
0693 spin_unlock(&tmp->lock);
0694 break;
0695 }
0696 spin_unlock(&tmp->lock);
0697 }
0698 spin_unlock_irqrestore(&mns->keys_lock, flags);
0699
0700 if (!key)
0701 return ERR_PTR(-ENOENT);
0702
0703 if (tagp)
0704 *tagp = key->tag;
0705
0706 return key;
0707 }
0708
0709
0710 static bool mctp_rt_match_eid(struct mctp_route *rt,
0711 unsigned int net, mctp_eid_t eid)
0712 {
0713 return READ_ONCE(rt->dev->net) == net &&
0714 rt->min <= eid && rt->max >= eid;
0715 }
0716
0717
0718 static bool mctp_rt_compare_exact(struct mctp_route *rt1,
0719 struct mctp_route *rt2)
0720 {
0721 ASSERT_RTNL();
0722 return rt1->dev->net == rt2->dev->net &&
0723 rt1->min == rt2->min &&
0724 rt1->max == rt2->max;
0725 }
0726
0727 struct mctp_route *mctp_route_lookup(struct net *net, unsigned int dnet,
0728 mctp_eid_t daddr)
0729 {
0730 struct mctp_route *tmp, *rt = NULL;
0731
0732 list_for_each_entry_rcu(tmp, &net->mctp.routes, list) {
0733
0734 if (mctp_rt_match_eid(tmp, dnet, daddr)) {
0735 if (refcount_inc_not_zero(&tmp->refs)) {
0736 rt = tmp;
0737 break;
0738 }
0739 }
0740 }
0741
0742 return rt;
0743 }
0744
0745 static struct mctp_route *mctp_route_lookup_null(struct net *net,
0746 struct net_device *dev)
0747 {
0748 struct mctp_route *rt;
0749
0750 list_for_each_entry_rcu(rt, &net->mctp.routes, list) {
0751 if (rt->dev->dev == dev && rt->type == RTN_LOCAL &&
0752 refcount_inc_not_zero(&rt->refs))
0753 return rt;
0754 }
0755
0756 return NULL;
0757 }
0758
0759 static int mctp_do_fragment_route(struct mctp_route *rt, struct sk_buff *skb,
0760 unsigned int mtu, u8 tag)
0761 {
0762 const unsigned int hlen = sizeof(struct mctp_hdr);
0763 struct mctp_hdr *hdr, *hdr2;
0764 unsigned int pos, size, headroom;
0765 struct sk_buff *skb2;
0766 int rc;
0767 u8 seq;
0768
0769 hdr = mctp_hdr(skb);
0770 seq = 0;
0771 rc = 0;
0772
0773 if (mtu < hlen + 1) {
0774 kfree_skb(skb);
0775 return -EMSGSIZE;
0776 }
0777
0778
0779 headroom = skb_headroom(skb);
0780
0781
0782 skb_pull(skb, hlen);
0783
0784 for (pos = 0; pos < skb->len;) {
0785
0786 size = min(mtu - hlen, skb->len - pos);
0787
0788 skb2 = alloc_skb(headroom + hlen + size, GFP_KERNEL);
0789 if (!skb2) {
0790 rc = -ENOMEM;
0791 break;
0792 }
0793
0794
0795 skb2->protocol = skb->protocol;
0796 skb2->priority = skb->priority;
0797 skb2->dev = skb->dev;
0798 memcpy(skb2->cb, skb->cb, sizeof(skb2->cb));
0799
0800 if (skb->sk)
0801 skb_set_owner_w(skb2, skb->sk);
0802
0803
0804 skb_reserve(skb2, headroom);
0805 skb_reset_network_header(skb2);
0806 skb_put(skb2, hlen + size);
0807 skb2->transport_header = skb2->network_header + hlen;
0808
0809
0810 hdr2 = mctp_hdr(skb2);
0811 hdr2->ver = hdr->ver;
0812 hdr2->dest = hdr->dest;
0813 hdr2->src = hdr->src;
0814 hdr2->flags_seq_tag = tag &
0815 (MCTP_HDR_TAG_MASK | MCTP_HDR_FLAG_TO);
0816
0817 if (pos == 0)
0818 hdr2->flags_seq_tag |= MCTP_HDR_FLAG_SOM;
0819
0820 if (pos + size == skb->len)
0821 hdr2->flags_seq_tag |= MCTP_HDR_FLAG_EOM;
0822
0823 hdr2->flags_seq_tag |= seq << MCTP_HDR_SEQ_SHIFT;
0824
0825
0826 skb_copy_bits(skb, pos, skb_transport_header(skb2), size);
0827
0828
0829 rc = rt->output(rt, skb2);
0830 if (rc)
0831 break;
0832
0833 seq = (seq + 1) & MCTP_HDR_SEQ_MASK;
0834 pos += size;
0835 }
0836
0837 consume_skb(skb);
0838 return rc;
0839 }
0840
0841 int mctp_local_output(struct sock *sk, struct mctp_route *rt,
0842 struct sk_buff *skb, mctp_eid_t daddr, u8 req_tag)
0843 {
0844 struct mctp_sock *msk = container_of(sk, struct mctp_sock, sk);
0845 struct mctp_skb_cb *cb = mctp_cb(skb);
0846 struct mctp_route tmp_rt = {0};
0847 struct mctp_sk_key *key;
0848 struct mctp_hdr *hdr;
0849 unsigned long flags;
0850 unsigned int mtu;
0851 mctp_eid_t saddr;
0852 bool ext_rt;
0853 int rc;
0854 u8 tag;
0855
0856 rc = -ENODEV;
0857
0858 if (rt) {
0859 ext_rt = false;
0860 if (WARN_ON(!rt->dev))
0861 goto out_release;
0862
0863 } else if (cb->ifindex) {
0864 struct net_device *dev;
0865
0866 ext_rt = true;
0867 rt = &tmp_rt;
0868
0869 rcu_read_lock();
0870 dev = dev_get_by_index_rcu(sock_net(sk), cb->ifindex);
0871 if (!dev) {
0872 rcu_read_unlock();
0873 return rc;
0874 }
0875 rt->dev = __mctp_dev_get(dev);
0876 rcu_read_unlock();
0877
0878 if (!rt->dev)
0879 goto out_release;
0880
0881
0882
0883
0884 rt->output = mctp_route_output;
0885 rt->mtu = 0;
0886
0887 } else {
0888 return -EINVAL;
0889 }
0890
0891 spin_lock_irqsave(&rt->dev->addrs_lock, flags);
0892 if (rt->dev->num_addrs == 0) {
0893 rc = -EHOSTUNREACH;
0894 } else {
0895
0896 saddr = rt->dev->addrs[0];
0897 rc = 0;
0898 }
0899 spin_unlock_irqrestore(&rt->dev->addrs_lock, flags);
0900
0901 if (rc)
0902 goto out_release;
0903
0904 if (req_tag & MCTP_TAG_OWNER) {
0905 if (req_tag & MCTP_TAG_PREALLOC)
0906 key = mctp_lookup_prealloc_tag(msk, daddr,
0907 req_tag, &tag);
0908 else
0909 key = mctp_alloc_local_tag(msk, daddr, saddr,
0910 false, &tag);
0911
0912 if (IS_ERR(key)) {
0913 rc = PTR_ERR(key);
0914 goto out_release;
0915 }
0916 mctp_skb_set_flow(skb, key);
0917
0918 mctp_key_unref(key);
0919 tag |= MCTP_HDR_FLAG_TO;
0920 } else {
0921 key = NULL;
0922 tag = req_tag & MCTP_TAG_MASK;
0923 }
0924
0925 skb->protocol = htons(ETH_P_MCTP);
0926 skb->priority = 0;
0927 skb_reset_transport_header(skb);
0928 skb_push(skb, sizeof(struct mctp_hdr));
0929 skb_reset_network_header(skb);
0930 skb->dev = rt->dev->dev;
0931
0932
0933 cb->src = saddr;
0934
0935
0936 hdr = mctp_hdr(skb);
0937 hdr->ver = 1;
0938 hdr->dest = daddr;
0939 hdr->src = saddr;
0940
0941 mtu = mctp_route_mtu(rt);
0942
0943 if (skb->len + sizeof(struct mctp_hdr) <= mtu) {
0944 hdr->flags_seq_tag = MCTP_HDR_FLAG_SOM |
0945 MCTP_HDR_FLAG_EOM | tag;
0946 rc = rt->output(rt, skb);
0947 } else {
0948 rc = mctp_do_fragment_route(rt, skb, mtu, tag);
0949 }
0950
0951 out_release:
0952 if (!ext_rt)
0953 mctp_route_release(rt);
0954
0955 mctp_dev_put(tmp_rt.dev);
0956
0957 return rc;
0958 }
0959
0960
0961 static int mctp_route_add(struct mctp_dev *mdev, mctp_eid_t daddr_start,
0962 unsigned int daddr_extent, unsigned int mtu,
0963 unsigned char type)
0964 {
0965 int (*rtfn)(struct mctp_route *rt, struct sk_buff *skb);
0966 struct net *net = dev_net(mdev->dev);
0967 struct mctp_route *rt, *ert;
0968
0969 if (!mctp_address_unicast(daddr_start))
0970 return -EINVAL;
0971
0972 if (daddr_extent > 0xff || daddr_start + daddr_extent >= 255)
0973 return -EINVAL;
0974
0975 switch (type) {
0976 case RTN_LOCAL:
0977 rtfn = mctp_route_input;
0978 break;
0979 case RTN_UNICAST:
0980 rtfn = mctp_route_output;
0981 break;
0982 default:
0983 return -EINVAL;
0984 }
0985
0986 rt = mctp_route_alloc();
0987 if (!rt)
0988 return -ENOMEM;
0989
0990 rt->min = daddr_start;
0991 rt->max = daddr_start + daddr_extent;
0992 rt->mtu = mtu;
0993 rt->dev = mdev;
0994 mctp_dev_hold(rt->dev);
0995 rt->type = type;
0996 rt->output = rtfn;
0997
0998 ASSERT_RTNL();
0999
1000 list_for_each_entry(ert, &net->mctp.routes, list) {
1001 if (mctp_rt_compare_exact(rt, ert)) {
1002 mctp_route_release(rt);
1003 return -EEXIST;
1004 }
1005 }
1006
1007 list_add_rcu(&rt->list, &net->mctp.routes);
1008
1009 return 0;
1010 }
1011
1012 static int mctp_route_remove(struct mctp_dev *mdev, mctp_eid_t daddr_start,
1013 unsigned int daddr_extent, unsigned char type)
1014 {
1015 struct net *net = dev_net(mdev->dev);
1016 struct mctp_route *rt, *tmp;
1017 mctp_eid_t daddr_end;
1018 bool dropped;
1019
1020 if (daddr_extent > 0xff || daddr_start + daddr_extent >= 255)
1021 return -EINVAL;
1022
1023 daddr_end = daddr_start + daddr_extent;
1024 dropped = false;
1025
1026 ASSERT_RTNL();
1027
1028 list_for_each_entry_safe(rt, tmp, &net->mctp.routes, list) {
1029 if (rt->dev == mdev &&
1030 rt->min == daddr_start && rt->max == daddr_end &&
1031 rt->type == type) {
1032 list_del_rcu(&rt->list);
1033
1034 mctp_route_release(rt);
1035 dropped = true;
1036 }
1037 }
1038
1039 return dropped ? 0 : -ENOENT;
1040 }
1041
1042 int mctp_route_add_local(struct mctp_dev *mdev, mctp_eid_t addr)
1043 {
1044 return mctp_route_add(mdev, addr, 0, 0, RTN_LOCAL);
1045 }
1046
1047 int mctp_route_remove_local(struct mctp_dev *mdev, mctp_eid_t addr)
1048 {
1049 return mctp_route_remove(mdev, addr, 0, RTN_LOCAL);
1050 }
1051
1052
1053 void mctp_route_remove_dev(struct mctp_dev *mdev)
1054 {
1055 struct net *net = dev_net(mdev->dev);
1056 struct mctp_route *rt, *tmp;
1057
1058 ASSERT_RTNL();
1059 list_for_each_entry_safe(rt, tmp, &net->mctp.routes, list) {
1060 if (rt->dev == mdev) {
1061 list_del_rcu(&rt->list);
1062
1063 mctp_route_release(rt);
1064 }
1065 }
1066 }
1067
1068
1069
1070 static int mctp_pkttype_receive(struct sk_buff *skb, struct net_device *dev,
1071 struct packet_type *pt,
1072 struct net_device *orig_dev)
1073 {
1074 struct net *net = dev_net(dev);
1075 struct mctp_dev *mdev;
1076 struct mctp_skb_cb *cb;
1077 struct mctp_route *rt;
1078 struct mctp_hdr *mh;
1079
1080 rcu_read_lock();
1081 mdev = __mctp_dev_get(dev);
1082 rcu_read_unlock();
1083 if (!mdev) {
1084
1085 goto err_drop;
1086 }
1087
1088 if (!pskb_may_pull(skb, sizeof(struct mctp_hdr)))
1089 goto err_drop;
1090
1091 skb_reset_transport_header(skb);
1092 skb_reset_network_header(skb);
1093
1094
1095 mh = mctp_hdr(skb);
1096 if (mh->ver < MCTP_VER_MIN || mh->ver > MCTP_VER_MAX)
1097 goto err_drop;
1098
1099
1100
1101
1102 if (!(mctp_address_unicast(mh->src) || mctp_address_null(mh->src)))
1103 goto err_drop;
1104
1105
1106 if (!(mctp_address_unicast(mh->dest) || mctp_address_null(mh->dest) ||
1107 mctp_address_broadcast(mh->dest)))
1108 goto err_drop;
1109
1110
1111 if (dev->type == ARPHRD_MCTP) {
1112 cb = mctp_cb(skb);
1113 } else {
1114 cb = __mctp_cb(skb);
1115 cb->halen = 0;
1116 }
1117 cb->net = READ_ONCE(mdev->net);
1118 cb->ifindex = dev->ifindex;
1119
1120 rt = mctp_route_lookup(net, cb->net, mh->dest);
1121
1122
1123 if (!rt && mh->dest == MCTP_ADDR_NULL && skb->pkt_type == PACKET_HOST)
1124 rt = mctp_route_lookup_null(net, dev);
1125
1126 if (!rt)
1127 goto err_drop;
1128
1129 rt->output(rt, skb);
1130 mctp_route_release(rt);
1131 mctp_dev_put(mdev);
1132
1133 return NET_RX_SUCCESS;
1134
1135 err_drop:
1136 kfree_skb(skb);
1137 mctp_dev_put(mdev);
1138 return NET_RX_DROP;
1139 }
1140
1141 static struct packet_type mctp_packet_type = {
1142 .type = cpu_to_be16(ETH_P_MCTP),
1143 .func = mctp_pkttype_receive,
1144 };
1145
1146
1147
1148 static const struct nla_policy rta_mctp_policy[RTA_MAX + 1] = {
1149 [RTA_DST] = { .type = NLA_U8 },
1150 [RTA_METRICS] = { .type = NLA_NESTED },
1151 [RTA_OIF] = { .type = NLA_U32 },
1152 };
1153
1154
1155
1156
1157 static int mctp_route_nlparse(struct sk_buff *skb, struct nlmsghdr *nlh,
1158 struct netlink_ext_ack *extack,
1159 struct nlattr **tb, struct rtmsg **rtm,
1160 struct mctp_dev **mdev, mctp_eid_t *daddr_start)
1161 {
1162 struct net *net = sock_net(skb->sk);
1163 struct net_device *dev;
1164 unsigned int ifindex;
1165 int rc;
1166
1167 rc = nlmsg_parse(nlh, sizeof(struct rtmsg), tb, RTA_MAX,
1168 rta_mctp_policy, extack);
1169 if (rc < 0) {
1170 NL_SET_ERR_MSG(extack, "incorrect format");
1171 return rc;
1172 }
1173
1174 if (!tb[RTA_DST]) {
1175 NL_SET_ERR_MSG(extack, "dst EID missing");
1176 return -EINVAL;
1177 }
1178 *daddr_start = nla_get_u8(tb[RTA_DST]);
1179
1180 if (!tb[RTA_OIF]) {
1181 NL_SET_ERR_MSG(extack, "ifindex missing");
1182 return -EINVAL;
1183 }
1184 ifindex = nla_get_u32(tb[RTA_OIF]);
1185
1186 *rtm = nlmsg_data(nlh);
1187 if ((*rtm)->rtm_family != AF_MCTP) {
1188 NL_SET_ERR_MSG(extack, "route family must be AF_MCTP");
1189 return -EINVAL;
1190 }
1191
1192 dev = __dev_get_by_index(net, ifindex);
1193 if (!dev) {
1194 NL_SET_ERR_MSG(extack, "bad ifindex");
1195 return -ENODEV;
1196 }
1197 *mdev = mctp_dev_get_rtnl(dev);
1198 if (!*mdev)
1199 return -ENODEV;
1200
1201 if (dev->flags & IFF_LOOPBACK) {
1202 NL_SET_ERR_MSG(extack, "no routes to loopback");
1203 return -EINVAL;
1204 }
1205
1206 return 0;
1207 }
1208
1209 static const struct nla_policy rta_metrics_policy[RTAX_MAX + 1] = {
1210 [RTAX_MTU] = { .type = NLA_U32 },
1211 };
1212
1213 static int mctp_newroute(struct sk_buff *skb, struct nlmsghdr *nlh,
1214 struct netlink_ext_ack *extack)
1215 {
1216 struct nlattr *tb[RTA_MAX + 1];
1217 struct nlattr *tbx[RTAX_MAX + 1];
1218 mctp_eid_t daddr_start;
1219 struct mctp_dev *mdev;
1220 struct rtmsg *rtm;
1221 unsigned int mtu;
1222 int rc;
1223
1224 rc = mctp_route_nlparse(skb, nlh, extack, tb,
1225 &rtm, &mdev, &daddr_start);
1226 if (rc < 0)
1227 return rc;
1228
1229 if (rtm->rtm_type != RTN_UNICAST) {
1230 NL_SET_ERR_MSG(extack, "rtm_type must be RTN_UNICAST");
1231 return -EINVAL;
1232 }
1233
1234 mtu = 0;
1235 if (tb[RTA_METRICS]) {
1236 rc = nla_parse_nested(tbx, RTAX_MAX, tb[RTA_METRICS],
1237 rta_metrics_policy, NULL);
1238 if (rc < 0)
1239 return rc;
1240 if (tbx[RTAX_MTU])
1241 mtu = nla_get_u32(tbx[RTAX_MTU]);
1242 }
1243
1244 if (rtm->rtm_type != RTN_UNICAST)
1245 return -EINVAL;
1246
1247 rc = mctp_route_add(mdev, daddr_start, rtm->rtm_dst_len, mtu,
1248 rtm->rtm_type);
1249 return rc;
1250 }
1251
1252 static int mctp_delroute(struct sk_buff *skb, struct nlmsghdr *nlh,
1253 struct netlink_ext_ack *extack)
1254 {
1255 struct nlattr *tb[RTA_MAX + 1];
1256 mctp_eid_t daddr_start;
1257 struct mctp_dev *mdev;
1258 struct rtmsg *rtm;
1259 int rc;
1260
1261 rc = mctp_route_nlparse(skb, nlh, extack, tb,
1262 &rtm, &mdev, &daddr_start);
1263 if (rc < 0)
1264 return rc;
1265
1266
1267 if (rtm->rtm_type != RTN_UNICAST)
1268 return -EINVAL;
1269
1270 rc = mctp_route_remove(mdev, daddr_start, rtm->rtm_dst_len, RTN_UNICAST);
1271 return rc;
1272 }
1273
1274 static int mctp_fill_rtinfo(struct sk_buff *skb, struct mctp_route *rt,
1275 u32 portid, u32 seq, int event, unsigned int flags)
1276 {
1277 struct nlmsghdr *nlh;
1278 struct rtmsg *hdr;
1279 void *metrics;
1280
1281 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*hdr), flags);
1282 if (!nlh)
1283 return -EMSGSIZE;
1284
1285 hdr = nlmsg_data(nlh);
1286 hdr->rtm_family = AF_MCTP;
1287
1288
1289
1290
1291 hdr->rtm_dst_len = rt->max - rt->min;
1292 hdr->rtm_src_len = 0;
1293 hdr->rtm_tos = 0;
1294 hdr->rtm_table = RT_TABLE_DEFAULT;
1295 hdr->rtm_protocol = RTPROT_STATIC;
1296 hdr->rtm_scope = RT_SCOPE_LINK;
1297 hdr->rtm_type = rt->type;
1298
1299 if (nla_put_u8(skb, RTA_DST, rt->min))
1300 goto cancel;
1301
1302 metrics = nla_nest_start_noflag(skb, RTA_METRICS);
1303 if (!metrics)
1304 goto cancel;
1305
1306 if (rt->mtu) {
1307 if (nla_put_u32(skb, RTAX_MTU, rt->mtu))
1308 goto cancel;
1309 }
1310
1311 nla_nest_end(skb, metrics);
1312
1313 if (rt->dev) {
1314 if (nla_put_u32(skb, RTA_OIF, rt->dev->dev->ifindex))
1315 goto cancel;
1316 }
1317
1318
1319
1320 nlmsg_end(skb, nlh);
1321
1322 return 0;
1323
1324 cancel:
1325 nlmsg_cancel(skb, nlh);
1326 return -EMSGSIZE;
1327 }
1328
1329 static int mctp_dump_rtinfo(struct sk_buff *skb, struct netlink_callback *cb)
1330 {
1331 struct net *net = sock_net(skb->sk);
1332 struct mctp_route *rt;
1333 int s_idx, idx;
1334
1335
1336
1337
1338
1339
1340 s_idx = cb->args[0];
1341 idx = 0;
1342
1343 rcu_read_lock();
1344 list_for_each_entry_rcu(rt, &net->mctp.routes, list) {
1345 if (idx++ < s_idx)
1346 continue;
1347 if (mctp_fill_rtinfo(skb, rt,
1348 NETLINK_CB(cb->skb).portid,
1349 cb->nlh->nlmsg_seq,
1350 RTM_NEWROUTE, NLM_F_MULTI) < 0)
1351 break;
1352 }
1353
1354 rcu_read_unlock();
1355 cb->args[0] = idx;
1356
1357 return skb->len;
1358 }
1359
1360
1361 static int __net_init mctp_routes_net_init(struct net *net)
1362 {
1363 struct netns_mctp *ns = &net->mctp;
1364
1365 INIT_LIST_HEAD(&ns->routes);
1366 INIT_HLIST_HEAD(&ns->binds);
1367 mutex_init(&ns->bind_lock);
1368 INIT_HLIST_HEAD(&ns->keys);
1369 spin_lock_init(&ns->keys_lock);
1370 WARN_ON(mctp_default_net_set(net, MCTP_INITIAL_DEFAULT_NET));
1371 return 0;
1372 }
1373
1374 static void __net_exit mctp_routes_net_exit(struct net *net)
1375 {
1376 struct mctp_route *rt;
1377
1378 rcu_read_lock();
1379 list_for_each_entry_rcu(rt, &net->mctp.routes, list)
1380 mctp_route_release(rt);
1381 rcu_read_unlock();
1382 }
1383
1384 static struct pernet_operations mctp_net_ops = {
1385 .init = mctp_routes_net_init,
1386 .exit = mctp_routes_net_exit,
1387 };
1388
1389 int __init mctp_routes_init(void)
1390 {
1391 dev_add_pack(&mctp_packet_type);
1392
1393 rtnl_register_module(THIS_MODULE, PF_MCTP, RTM_GETROUTE,
1394 NULL, mctp_dump_rtinfo, 0);
1395 rtnl_register_module(THIS_MODULE, PF_MCTP, RTM_NEWROUTE,
1396 mctp_newroute, NULL, 0);
1397 rtnl_register_module(THIS_MODULE, PF_MCTP, RTM_DELROUTE,
1398 mctp_delroute, NULL, 0);
1399
1400 return register_pernet_subsys(&mctp_net_ops);
1401 }
1402
1403 void __exit mctp_routes_exit(void)
1404 {
1405 unregister_pernet_subsys(&mctp_net_ops);
1406 rtnl_unregister(PF_MCTP, RTM_DELROUTE);
1407 rtnl_unregister(PF_MCTP, RTM_NEWROUTE);
1408 rtnl_unregister(PF_MCTP, RTM_GETROUTE);
1409 dev_remove_pack(&mctp_packet_type);
1410 }
1411
1412 #if IS_ENABLED(CONFIG_MCTP_TEST)
1413 #include "test/route-test.c"
1414 #endif
