1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * File: af_phonet.c
4 *
5 * Phonet protocols family
6 *
7 * Copyright (C) 2008 Nokia Corporation.
8 *
9 * Authors: Sakari Ailus <sakari.ailus@nokia.com>
10 * Rémi Denis-Courmont
11 */
12
13 #include <linux/kernel.h>
14 #include <linux/module.h>
15 #include <linux/slab.h>
16 #include <linux/unaligned.h>
17 #include <net/sock.h>
18
19 #include <linux/if_phonet.h>
20 #include <linux/phonet.h>
21 #include <net/phonet/phonet.h>
22 #include <net/phonet/pn_dev.h>
23
24 /* Transport protocol registration */
25 static const struct phonet_protocol __rcu *proto_tab[PHONET_NPROTO] __read_mostly;
26
phonet_proto_get(unsigned int protocol)27 static const struct phonet_protocol *phonet_proto_get(unsigned int protocol)
28 {
29 const struct phonet_protocol *pp;
30
31 if (protocol >= PHONET_NPROTO)
32 return NULL;
33
34 rcu_read_lock();
35 pp = rcu_dereference(proto_tab[protocol]);
36 if (pp && !try_module_get(pp->prot->owner))
37 pp = NULL;
38 rcu_read_unlock();
39
40 return pp;
41 }
42
phonet_proto_put(const struct phonet_protocol * pp)43 static inline void phonet_proto_put(const struct phonet_protocol *pp)
44 {
45 module_put(pp->prot->owner);
46 }
47
48 /* protocol family functions */
49
pn_socket_create(struct net * net,struct socket * sock,int protocol,int kern)50 static int pn_socket_create(struct net *net, struct socket *sock, int protocol,
51 int kern)
52 {
53 struct sock *sk;
54 struct pn_sock *pn;
55 const struct phonet_protocol *pnp;
56 int err;
57
58 if (!capable(CAP_SYS_ADMIN))
59 return -EPERM;
60
61 if (protocol == 0) {
62 /* Default protocol selection */
63 switch (sock->type) {
64 case SOCK_DGRAM:
65 protocol = PN_PROTO_PHONET;
66 break;
67 case SOCK_SEQPACKET:
68 protocol = PN_PROTO_PIPE;
69 break;
70 default:
71 return -EPROTONOSUPPORT;
72 }
73 }
74
75 pnp = phonet_proto_get(protocol);
76 if (pnp == NULL &&
77 request_module("net-pf-%d-proto-%d", PF_PHONET, protocol) == 0)
78 pnp = phonet_proto_get(protocol);
79
80 if (pnp == NULL)
81 return -EPROTONOSUPPORT;
82 if (sock->type != pnp->sock_type) {
83 err = -EPROTONOSUPPORT;
84 goto out;
85 }
86
87 sk = sk_alloc(net, PF_PHONET, GFP_KERNEL, pnp->prot, kern);
88 if (sk == NULL) {
89 err = -ENOMEM;
90 goto out;
91 }
92
93 sock_init_data(sock, sk);
94 sock->state = SS_UNCONNECTED;
95 sock->ops = pnp->ops;
96 sk->sk_backlog_rcv = sk->sk_prot->backlog_rcv;
97 sk->sk_protocol = protocol;
98 pn = pn_sk(sk);
99 pn->sobject = 0;
100 pn->dobject = 0;
101 pn->resource = 0;
102 sk->sk_prot->init(sk);
103 err = 0;
104
105 out:
106 phonet_proto_put(pnp);
107 return err;
108 }
109
110 static const struct net_proto_family phonet_proto_family = {
111 .family = PF_PHONET,
112 .create = pn_socket_create,
113 .owner = THIS_MODULE,
114 };
115
116 /* Phonet device header operations */
pn_header_create(struct sk_buff * skb,struct net_device * dev,unsigned short type,const void * daddr,const void * saddr,unsigned int len)117 static int pn_header_create(struct sk_buff *skb, struct net_device *dev,
118 unsigned short type, const void *daddr,
119 const void *saddr, unsigned int len)
120 {
121 u8 *media = skb_push(skb, 1);
122
123 if (type != ETH_P_PHONET)
124 return -1;
125
126 if (!saddr)
127 saddr = dev->dev_addr;
128 *media = *(const u8 *)saddr;
129 return 1;
130 }
131
pn_header_parse(const struct sk_buff * skb,const struct net_device * dev,unsigned char * haddr)132 static int pn_header_parse(const struct sk_buff *skb,
133 const struct net_device *dev,
134 unsigned char *haddr)
135 {
136 const u8 *media = skb_mac_header(skb);
137
138 *haddr = *media;
139 return 1;
140 }
141
142 const struct header_ops phonet_header_ops = {
143 .create = pn_header_create,
144 .parse = pn_header_parse,
145 };
146 EXPORT_SYMBOL(phonet_header_ops);
147
148 /*
149 * Prepends an ISI header and sends a datagram.
150 */
pn_send(struct sk_buff * skb,struct net_device * dev,u16 dst,u16 src,u8 res)151 static int pn_send(struct sk_buff *skb, struct net_device *dev,
152 u16 dst, u16 src, u8 res)
153 {
154 struct phonethdr *ph;
155 int err;
156
157 if (skb->len + 2 > 0xffff /* Phonet length field limit */ ||
158 skb->len + sizeof(struct phonethdr) > dev->mtu) {
159 err = -EMSGSIZE;
160 goto drop;
161 }
162
163 /* Broadcast sending is not implemented */
164 if (pn_addr(dst) == PNADDR_BROADCAST) {
165 err = -EOPNOTSUPP;
166 goto drop;
167 }
168
169 skb_reset_transport_header(skb);
170 WARN_ON(skb_headroom(skb) & 1); /* HW assumes word alignment */
171 skb_push(skb, sizeof(struct phonethdr));
172 skb_reset_network_header(skb);
173 ph = pn_hdr(skb);
174 ph->pn_rdev = pn_dev(dst);
175 ph->pn_sdev = pn_dev(src);
176 ph->pn_res = res;
177 ph->pn_length = __cpu_to_be16(skb->len + 2 - sizeof(*ph));
178 ph->pn_robj = pn_obj(dst);
179 ph->pn_sobj = pn_obj(src);
180
181 skb->protocol = htons(ETH_P_PHONET);
182 skb->priority = 0;
183 skb->dev = dev;
184
185 if (skb->pkt_type == PACKET_LOOPBACK) {
186 skb_reset_mac_header(skb);
187 skb_orphan(skb);
188 err = netif_rx(skb) ? -ENOBUFS : 0;
189 } else {
190 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
191 NULL, NULL, skb->len);
192 if (err < 0) {
193 err = -EHOSTUNREACH;
194 goto drop;
195 }
196 err = dev_queue_xmit(skb);
197 if (unlikely(err > 0))
198 err = net_xmit_errno(err);
199 }
200
201 return err;
202 drop:
203 kfree_skb(skb);
204 return err;
205 }
206
pn_raw_send(const void * data,int len,struct net_device * dev,u16 dst,u16 src,u8 res)207 static int pn_raw_send(const void *data, int len, struct net_device *dev,
208 u16 dst, u16 src, u8 res)
209 {
210 struct sk_buff *skb = alloc_skb(MAX_PHONET_HEADER + len, GFP_ATOMIC);
211 if (skb == NULL)
212 return -ENOMEM;
213
214 if (phonet_address_lookup(dev_net(dev), pn_addr(dst)) == 0)
215 skb->pkt_type = PACKET_LOOPBACK;
216
217 skb_reserve(skb, MAX_PHONET_HEADER);
218 __skb_put(skb, len);
219 skb_copy_to_linear_data(skb, data, len);
220 return pn_send(skb, dev, dst, src, res);
221 }
222
223 /*
224 * Create a Phonet header for the skb and send it out. Returns
225 * non-zero error code if failed. The skb is freed then.
226 */
pn_skb_send(struct sock * sk,struct sk_buff * skb,const struct sockaddr_pn * target)227 int pn_skb_send(struct sock *sk, struct sk_buff *skb,
228 const struct sockaddr_pn *target)
229 {
230 struct net *net = sock_net(sk);
231 struct net_device *dev;
232 struct pn_sock *pn = pn_sk(sk);
233 int err;
234 u16 src, dst;
235 u8 daddr, saddr, res;
236
237 src = pn->sobject;
238 if (target != NULL) {
239 dst = pn_sockaddr_get_object(target);
240 res = pn_sockaddr_get_resource(target);
241 } else {
242 dst = pn->dobject;
243 res = pn->resource;
244 }
245 daddr = pn_addr(dst);
246
247 err = -EHOSTUNREACH;
248 if (sk->sk_bound_dev_if)
249 dev = dev_get_by_index(net, sk->sk_bound_dev_if);
250 else if (phonet_address_lookup(net, daddr) == 0) {
251 dev = phonet_device_get(net);
252 skb->pkt_type = PACKET_LOOPBACK;
253 } else if (dst == 0) {
254 /* Resource routing (small race until phonet_rcv()) */
255 struct sock *sk = pn_find_sock_by_res(net, res);
256 if (sk) {
257 sock_put(sk);
258 dev = phonet_device_get(net);
259 skb->pkt_type = PACKET_LOOPBACK;
260 } else
261 dev = phonet_route_output(net, daddr);
262 } else
263 dev = phonet_route_output(net, daddr);
264
265 if (!dev || !(dev->flags & IFF_UP))
266 goto drop;
267
268 saddr = phonet_address_get(dev, daddr);
269 if (saddr == PN_NO_ADDR)
270 goto drop;
271
272 if (!pn_addr(src))
273 src = pn_object(saddr, pn_obj(src));
274
275 err = pn_send(skb, dev, dst, src, res);
276 dev_put(dev);
277 return err;
278
279 drop:
280 kfree_skb(skb);
281 dev_put(dev);
282 return err;
283 }
284 EXPORT_SYMBOL(pn_skb_send);
285
286 /* Do not send an error message in response to an error message */
can_respond(struct sk_buff * skb)287 static inline int can_respond(struct sk_buff *skb)
288 {
289 const struct phonethdr *ph;
290 const struct phonetmsg *pm;
291 u8 submsg_id;
292
293 if (!pskb_may_pull(skb, 3))
294 return 0;
295
296 ph = pn_hdr(skb);
297 if (ph->pn_res == PN_PREFIX && !pskb_may_pull(skb, 5))
298 return 0;
299 if (ph->pn_res == PN_COMMGR) /* indications */
300 return 0;
301
302 ph = pn_hdr(skb); /* re-acquires the pointer */
303 pm = pn_msg(skb);
304 if (pm->pn_msg_id != PN_COMMON_MESSAGE)
305 return 1;
306 submsg_id = (ph->pn_res == PN_PREFIX)
307 ? pm->pn_e_submsg_id : pm->pn_submsg_id;
308 if (submsg_id != PN_COMM_ISA_ENTITY_NOT_REACHABLE_RESP &&
309 pm->pn_e_submsg_id != PN_COMM_SERVICE_NOT_IDENTIFIED_RESP)
310 return 1;
311 return 0;
312 }
313
send_obj_unreachable(struct sk_buff * rskb)314 static int send_obj_unreachable(struct sk_buff *rskb)
315 {
316 const struct phonethdr *oph = pn_hdr(rskb);
317 const struct phonetmsg *opm = pn_msg(rskb);
318 struct phonetmsg resp;
319
320 memset(&resp, 0, sizeof(resp));
321 resp.pn_trans_id = opm->pn_trans_id;
322 resp.pn_msg_id = PN_COMMON_MESSAGE;
323 if (oph->pn_res == PN_PREFIX) {
324 resp.pn_e_res_id = opm->pn_e_res_id;
325 resp.pn_e_submsg_id = PN_COMM_ISA_ENTITY_NOT_REACHABLE_RESP;
326 resp.pn_e_orig_msg_id = opm->pn_msg_id;
327 resp.pn_e_status = 0;
328 } else {
329 resp.pn_submsg_id = PN_COMM_ISA_ENTITY_NOT_REACHABLE_RESP;
330 resp.pn_orig_msg_id = opm->pn_msg_id;
331 resp.pn_status = 0;
332 }
333 return pn_raw_send(&resp, sizeof(resp), rskb->dev,
334 pn_object(oph->pn_sdev, oph->pn_sobj),
335 pn_object(oph->pn_rdev, oph->pn_robj),
336 oph->pn_res);
337 }
338
send_reset_indications(struct sk_buff * rskb)339 static int send_reset_indications(struct sk_buff *rskb)
340 {
341 struct phonethdr *oph = pn_hdr(rskb);
342 static const u8 data[4] = {
343 0x00 /* trans ID */, 0x10 /* subscribe msg */,
344 0x00 /* subscription count */, 0x00 /* dummy */
345 };
346
347 return pn_raw_send(data, sizeof(data), rskb->dev,
348 pn_object(oph->pn_sdev, 0x00),
349 pn_object(oph->pn_rdev, oph->pn_robj),
350 PN_COMMGR);
351 }
352
353
354 /* packet type functions */
355
356 /*
357 * Stuff received packets to associated sockets.
358 * On error, returns non-zero and releases the skb.
359 */
phonet_rcv(struct sk_buff * skb,struct net_device * dev,struct packet_type * pkttype,struct net_device * orig_dev)360 static int phonet_rcv(struct sk_buff *skb, struct net_device *dev,
361 struct packet_type *pkttype,
362 struct net_device *orig_dev)
363 {
364 struct net *net = dev_net(dev);
365 struct phonethdr *ph;
366 struct sockaddr_pn sa;
367 u16 len;
368
369 skb = skb_share_check(skb, GFP_ATOMIC);
370 if (!skb)
371 return NET_RX_DROP;
372
373 /* check we have at least a full Phonet header */
374 if (!pskb_pull(skb, sizeof(struct phonethdr)))
375 goto out;
376
377 /* check that the advertised length is correct */
378 ph = pn_hdr(skb);
379 len = get_unaligned_be16(&ph->pn_length);
380 if (len < 2)
381 goto out;
382 len -= 2;
383 if ((len > skb->len) || pskb_trim(skb, len))
384 goto out;
385 skb_reset_transport_header(skb);
386
387 pn_skb_get_dst_sockaddr(skb, &sa);
388
389 /* check if this is broadcasted */
390 if (pn_sockaddr_get_addr(&sa) == PNADDR_BROADCAST) {
391 pn_deliver_sock_broadcast(net, skb);
392 goto out;
393 }
394
395 /* resource routing */
396 if (pn_sockaddr_get_object(&sa) == 0) {
397 struct sock *sk = pn_find_sock_by_res(net, sa.spn_resource);
398 if (sk)
399 return sk_receive_skb(sk, skb, 0);
400 }
401
402 /* check if we are the destination */
403 if (phonet_address_lookup(net, pn_sockaddr_get_addr(&sa)) == 0) {
404 /* Phonet packet input */
405 struct sock *sk = pn_find_sock_by_sa(net, &sa);
406
407 if (sk)
408 return sk_receive_skb(sk, skb, 0);
409
410 if (can_respond(skb)) {
411 send_obj_unreachable(skb);
412 send_reset_indications(skb);
413 }
414 } else if (unlikely(skb->pkt_type == PACKET_LOOPBACK))
415 goto out; /* Race between address deletion and loopback */
416 else {
417 /* Phonet packet routing */
418 struct net_device *out_dev;
419
420 out_dev = phonet_route_output(net, pn_sockaddr_get_addr(&sa));
421 if (!out_dev) {
422 net_dbg_ratelimited("No Phonet route to %02X\n",
423 pn_sockaddr_get_addr(&sa));
424 goto out;
425 }
426
427 __skb_push(skb, sizeof(struct phonethdr));
428 skb->dev = out_dev;
429 if (out_dev == dev) {
430 net_dbg_ratelimited("Phonet loop to %02X on %s\n",
431 pn_sockaddr_get_addr(&sa),
432 dev->name);
433 goto out_dev;
434 }
435 /* Some drivers (e.g. TUN) do not allocate HW header space */
436 if (skb_cow_head(skb, out_dev->hard_header_len))
437 goto out_dev;
438
439 if (dev_hard_header(skb, out_dev, ETH_P_PHONET, NULL, NULL,
440 skb->len) < 0)
441 goto out_dev;
442 dev_queue_xmit(skb);
443 dev_put(out_dev);
444 return NET_RX_SUCCESS;
445 out_dev:
446 dev_put(out_dev);
447 }
448
449 out:
450 kfree_skb(skb);
451 return NET_RX_DROP;
452 }
453
454 static struct packet_type phonet_packet_type __read_mostly = {
455 .type = cpu_to_be16(ETH_P_PHONET),
456 .func = phonet_rcv,
457 };
458
459 static DEFINE_MUTEX(proto_tab_lock);
460
phonet_proto_register(unsigned int protocol,const struct phonet_protocol * pp)461 int __init_or_module phonet_proto_register(unsigned int protocol,
462 const struct phonet_protocol *pp)
463 {
464 int err = 0;
465
466 if (protocol >= PHONET_NPROTO)
467 return -EINVAL;
468
469 err = proto_register(pp->prot, 1);
470 if (err)
471 return err;
472
473 mutex_lock(&proto_tab_lock);
474 if (proto_tab[protocol])
475 err = -EBUSY;
476 else
477 rcu_assign_pointer(proto_tab[protocol], pp);
478 mutex_unlock(&proto_tab_lock);
479
480 return err;
481 }
482 EXPORT_SYMBOL(phonet_proto_register);
483
phonet_proto_unregister(unsigned int protocol,const struct phonet_protocol * pp)484 void phonet_proto_unregister(unsigned int protocol,
485 const struct phonet_protocol *pp)
486 {
487 mutex_lock(&proto_tab_lock);
488 BUG_ON(rcu_access_pointer(proto_tab[protocol]) != pp);
489 RCU_INIT_POINTER(proto_tab[protocol], NULL);
490 mutex_unlock(&proto_tab_lock);
491 synchronize_rcu();
492 proto_unregister(pp->prot);
493 }
494 EXPORT_SYMBOL(phonet_proto_unregister);
495
496 /* Module registration */
phonet_init(void)497 static int __init phonet_init(void)
498 {
499 int err;
500
501 err = phonet_device_init();
502 if (err)
503 return err;
504
505 pn_sock_init();
506 err = sock_register(&phonet_proto_family);
507 if (err) {
508 printk(KERN_ALERT
509 "phonet protocol family initialization failed\n");
510 goto err_sock;
511 }
512
513 dev_add_pack(&phonet_packet_type);
514 phonet_sysctl_init();
515
516 err = isi_register();
517 if (err)
518 goto err;
519 return 0;
520
521 err:
522 phonet_sysctl_exit();
523 sock_unregister(PF_PHONET);
524 dev_remove_pack(&phonet_packet_type);
525 err_sock:
526 phonet_device_exit();
527 return err;
528 }
529
phonet_exit(void)530 static void __exit phonet_exit(void)
531 {
532 isi_unregister();
533 phonet_sysctl_exit();
534 sock_unregister(PF_PHONET);
535 dev_remove_pack(&phonet_packet_type);
536 phonet_device_exit();
537 }
538
539 module_init(phonet_init);
540 module_exit(phonet_exit);
541 MODULE_DESCRIPTION("Phonet protocol stack for Linux");
542 MODULE_LICENSE("GPL");
543 MODULE_ALIAS_NETPROTO(PF_PHONET);
544