1 // SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 2 /* 3 * gw.c - CAN frame Gateway/Router/Bridge with netlink interface 4 * 5 * Copyright (c) 2017 Volkswagen Group Electronic Research 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of Volkswagen nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * Alternatively, provided that this notice is retained in full, this 21 * software may be distributed under the terms of the GNU General 22 * Public License ("GPL") version 2, in which case the provisions of the 23 * GPL apply INSTEAD OF those given above. 24 * 25 * The provided data structures and external interfaces from this code 26 * are not restricted to be used by modules with a GPL compatible license. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 29 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 30 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 31 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 32 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 33 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 34 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 35 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 36 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 37 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 38 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 39 * DAMAGE. 40 * 41 */ 42 43 #include <linux/module.h> 44 #include <linux/init.h> 45 #include <linux/types.h> 46 #include <linux/kernel.h> 47 #include <linux/list.h> 48 #include <linux/spinlock.h> 49 #include <linux/rcupdate.h> 50 #include <linux/rculist.h> 51 #include <linux/net.h> 52 #include <linux/netdevice.h> 53 #include <linux/if_arp.h> 54 #include <linux/skbuff.h> 55 #include <linux/can.h> 56 #include <linux/can/core.h> 57 #include <linux/can/skb.h> 58 #include <linux/can/gw.h> 59 #include <net/rtnetlink.h> 60 #include <net/net_namespace.h> 61 #include <net/sock.h> 62 63 #define CAN_GW_VERSION "20170425" 64 #define CAN_GW_NAME "can-gw" 65 66 MODULE_DESCRIPTION("PF_CAN netlink gateway"); 67 MODULE_LICENSE("Dual BSD/GPL"); 68 MODULE_AUTHOR("Oliver Hartkopp <oliver.hartkopp@volkswagen.de>"); 69 MODULE_ALIAS(CAN_GW_NAME); 70 71 #define CGW_MIN_HOPS 1 72 #define CGW_MAX_HOPS 6 73 #define CGW_DEFAULT_HOPS 1 74 75 static unsigned int max_hops __read_mostly = CGW_DEFAULT_HOPS; 76 module_param(max_hops, uint, 0444); 77 MODULE_PARM_DESC(max_hops, 78 "maximum " CAN_GW_NAME " routing hops for CAN frames " 79 "(valid values: " __stringify(CGW_MIN_HOPS) "-" 80 __stringify(CGW_MAX_HOPS) " hops, " 81 "default: " __stringify(CGW_DEFAULT_HOPS) ")"); 82 83 static struct notifier_block notifier; 84 static struct kmem_cache *cgw_cache __read_mostly; 85 86 /* structure that contains the (on-the-fly) CAN frame modifications */ 87 struct cf_mod { 88 struct { 89 struct can_frame and; 90 struct can_frame or; 91 struct can_frame xor; 92 struct can_frame set; 93 } modframe; 94 struct { 95 u8 and; 96 u8 or; 97 u8 xor; 98 u8 set; 99 } modtype; 100 void (*modfunc[MAX_MODFUNCTIONS])(struct can_frame *cf, 101 struct cf_mod *mod); 102 103 /* CAN frame checksum calculation after CAN frame modifications */ 104 struct { 105 struct cgw_csum_xor xor; 106 struct cgw_csum_crc8 crc8; 107 } csum; 108 struct { 109 void (*xor)(struct can_frame *cf, struct cgw_csum_xor *xor); 110 void (*crc8)(struct can_frame *cf, struct cgw_csum_crc8 *crc8); 111 } csumfunc; 112 u32 uid; 113 }; 114 115 116 /* 117 * So far we just support CAN -> CAN routing and frame modifications. 118 * 119 * The internal can_can_gw structure contains data and attributes for 120 * a CAN -> CAN gateway job. 121 */ 122 struct can_can_gw { 123 struct can_filter filter; 124 int src_idx; 125 int dst_idx; 126 }; 127 128 /* list entry for CAN gateways jobs */ 129 struct cgw_job { 130 struct hlist_node list; 131 struct rcu_head rcu; 132 u32 handled_frames; 133 u32 dropped_frames; 134 u32 deleted_frames; 135 struct cf_mod mod; 136 union { 137 /* CAN frame data source */ 138 struct net_device *dev; 139 } src; 140 union { 141 /* CAN frame data destination */ 142 struct net_device *dev; 143 } dst; 144 union { 145 struct can_can_gw ccgw; 146 /* tbc */ 147 }; 148 u8 gwtype; 149 u8 limit_hops; 150 u16 flags; 151 }; 152 153 /* modification functions that are invoked in the hot path in can_can_gw_rcv */ 154 155 #define MODFUNC(func, op) static void func(struct can_frame *cf, \ 156 struct cf_mod *mod) { op ; } 157 158 MODFUNC(mod_and_id, cf->can_id &= mod->modframe.and.can_id) 159 MODFUNC(mod_and_dlc, cf->can_dlc &= mod->modframe.and.can_dlc) 160 MODFUNC(mod_and_data, *(u64 *)cf->data &= *(u64 *)mod->modframe.and.data) 161 MODFUNC(mod_or_id, cf->can_id |= mod->modframe.or.can_id) 162 MODFUNC(mod_or_dlc, cf->can_dlc |= mod->modframe.or.can_dlc) 163 MODFUNC(mod_or_data, *(u64 *)cf->data |= *(u64 *)mod->modframe.or.data) 164 MODFUNC(mod_xor_id, cf->can_id ^= mod->modframe.xor.can_id) 165 MODFUNC(mod_xor_dlc, cf->can_dlc ^= mod->modframe.xor.can_dlc) 166 MODFUNC(mod_xor_data, *(u64 *)cf->data ^= *(u64 *)mod->modframe.xor.data) 167 MODFUNC(mod_set_id, cf->can_id = mod->modframe.set.can_id) 168 MODFUNC(mod_set_dlc, cf->can_dlc = mod->modframe.set.can_dlc) 169 MODFUNC(mod_set_data, *(u64 *)cf->data = *(u64 *)mod->modframe.set.data) 170 171 static inline void canframecpy(struct can_frame *dst, struct can_frame *src) 172 { 173 /* 174 * Copy the struct members separately to ensure that no uninitialized 175 * data are copied in the 3 bytes hole of the struct. This is needed 176 * to make easy compares of the data in the struct cf_mod. 177 */ 178 179 dst->can_id = src->can_id; 180 dst->can_dlc = src->can_dlc; 181 *(u64 *)dst->data = *(u64 *)src->data; 182 } 183 184 static int cgw_chk_csum_parms(s8 fr, s8 to, s8 re) 185 { 186 /* 187 * absolute dlc values 0 .. 7 => 0 .. 7, e.g. data [0] 188 * relative to received dlc -1 .. -8 : 189 * e.g. for received dlc = 8 190 * -1 => index = 7 (data[7]) 191 * -3 => index = 5 (data[5]) 192 * -8 => index = 0 (data[0]) 193 */ 194 195 if (fr > -9 && fr < 8 && 196 to > -9 && to < 8 && 197 re > -9 && re < 8) 198 return 0; 199 else 200 return -EINVAL; 201 } 202 203 static inline int calc_idx(int idx, int rx_dlc) 204 { 205 if (idx < 0) 206 return rx_dlc + idx; 207 else 208 return idx; 209 } 210 211 static void cgw_csum_xor_rel(struct can_frame *cf, struct cgw_csum_xor *xor) 212 { 213 int from = calc_idx(xor->from_idx, cf->can_dlc); 214 int to = calc_idx(xor->to_idx, cf->can_dlc); 215 int res = calc_idx(xor->result_idx, cf->can_dlc); 216 u8 val = xor->init_xor_val; 217 int i; 218 219 if (from < 0 || to < 0 || res < 0) 220 return; 221 222 if (from <= to) { 223 for (i = from; i <= to; i++) 224 val ^= cf->data[i]; 225 } else { 226 for (i = from; i >= to; i--) 227 val ^= cf->data[i]; 228 } 229 230 cf->data[res] = val; 231 } 232 233 static void cgw_csum_xor_pos(struct can_frame *cf, struct cgw_csum_xor *xor) 234 { 235 u8 val = xor->init_xor_val; 236 int i; 237 238 for (i = xor->from_idx; i <= xor->to_idx; i++) 239 val ^= cf->data[i]; 240 241 cf->data[xor->result_idx] = val; 242 } 243 244 static void cgw_csum_xor_neg(struct can_frame *cf, struct cgw_csum_xor *xor) 245 { 246 u8 val = xor->init_xor_val; 247 int i; 248 249 for (i = xor->from_idx; i >= xor->to_idx; i--) 250 val ^= cf->data[i]; 251 252 cf->data[xor->result_idx] = val; 253 } 254 255 static void cgw_csum_crc8_rel(struct can_frame *cf, struct cgw_csum_crc8 *crc8) 256 { 257 int from = calc_idx(crc8->from_idx, cf->can_dlc); 258 int to = calc_idx(crc8->to_idx, cf->can_dlc); 259 int res = calc_idx(crc8->result_idx, cf->can_dlc); 260 u8 crc = crc8->init_crc_val; 261 int i; 262 263 if (from < 0 || to < 0 || res < 0) 264 return; 265 266 if (from <= to) { 267 for (i = crc8->from_idx; i <= crc8->to_idx; i++) 268 crc = crc8->crctab[crc^cf->data[i]]; 269 } else { 270 for (i = crc8->from_idx; i >= crc8->to_idx; i--) 271 crc = crc8->crctab[crc^cf->data[i]]; 272 } 273 274 switch (crc8->profile) { 275 276 case CGW_CRC8PRF_1U8: 277 crc = crc8->crctab[crc^crc8->profile_data[0]]; 278 break; 279 280 case CGW_CRC8PRF_16U8: 281 crc = crc8->crctab[crc^crc8->profile_data[cf->data[1] & 0xF]]; 282 break; 283 284 case CGW_CRC8PRF_SFFID_XOR: 285 crc = crc8->crctab[crc^(cf->can_id & 0xFF)^ 286 (cf->can_id >> 8 & 0xFF)]; 287 break; 288 289 } 290 291 cf->data[crc8->result_idx] = crc^crc8->final_xor_val; 292 } 293 294 static void cgw_csum_crc8_pos(struct can_frame *cf, struct cgw_csum_crc8 *crc8) 295 { 296 u8 crc = crc8->init_crc_val; 297 int i; 298 299 for (i = crc8->from_idx; i <= crc8->to_idx; i++) 300 crc = crc8->crctab[crc^cf->data[i]]; 301 302 switch (crc8->profile) { 303 304 case CGW_CRC8PRF_1U8: 305 crc = crc8->crctab[crc^crc8->profile_data[0]]; 306 break; 307 308 case CGW_CRC8PRF_16U8: 309 crc = crc8->crctab[crc^crc8->profile_data[cf->data[1] & 0xF]]; 310 break; 311 312 case CGW_CRC8PRF_SFFID_XOR: 313 crc = crc8->crctab[crc^(cf->can_id & 0xFF)^ 314 (cf->can_id >> 8 & 0xFF)]; 315 break; 316 } 317 318 cf->data[crc8->result_idx] = crc^crc8->final_xor_val; 319 } 320 321 static void cgw_csum_crc8_neg(struct can_frame *cf, struct cgw_csum_crc8 *crc8) 322 { 323 u8 crc = crc8->init_crc_val; 324 int i; 325 326 for (i = crc8->from_idx; i >= crc8->to_idx; i--) 327 crc = crc8->crctab[crc^cf->data[i]]; 328 329 switch (crc8->profile) { 330 331 case CGW_CRC8PRF_1U8: 332 crc = crc8->crctab[crc^crc8->profile_data[0]]; 333 break; 334 335 case CGW_CRC8PRF_16U8: 336 crc = crc8->crctab[crc^crc8->profile_data[cf->data[1] & 0xF]]; 337 break; 338 339 case CGW_CRC8PRF_SFFID_XOR: 340 crc = crc8->crctab[crc^(cf->can_id & 0xFF)^ 341 (cf->can_id >> 8 & 0xFF)]; 342 break; 343 } 344 345 cf->data[crc8->result_idx] = crc^crc8->final_xor_val; 346 } 347 348 /* the receive & process & send function */ 349 static void can_can_gw_rcv(struct sk_buff *skb, void *data) 350 { 351 struct cgw_job *gwj = (struct cgw_job *)data; 352 struct can_frame *cf; 353 struct sk_buff *nskb; 354 int modidx = 0; 355 356 /* 357 * Do not handle CAN frames routed more than 'max_hops' times. 358 * In general we should never catch this delimiter which is intended 359 * to cover a misconfiguration protection (e.g. circular CAN routes). 360 * 361 * The Controller Area Network controllers only accept CAN frames with 362 * correct CRCs - which are not visible in the controller registers. 363 * According to skbuff.h documentation the csum_start element for IP 364 * checksums is undefined/unused when ip_summed == CHECKSUM_UNNECESSARY. 365 * Only CAN skbs can be processed here which already have this property. 366 */ 367 368 #define cgw_hops(skb) ((skb)->csum_start) 369 370 BUG_ON(skb->ip_summed != CHECKSUM_UNNECESSARY); 371 372 if (cgw_hops(skb) >= max_hops) { 373 /* indicate deleted frames due to misconfiguration */ 374 gwj->deleted_frames++; 375 return; 376 } 377 378 if (!(gwj->dst.dev->flags & IFF_UP)) { 379 gwj->dropped_frames++; 380 return; 381 } 382 383 /* is sending the skb back to the incoming interface not allowed? */ 384 if (!(gwj->flags & CGW_FLAGS_CAN_IIF_TX_OK) && 385 can_skb_prv(skb)->ifindex == gwj->dst.dev->ifindex) 386 return; 387 388 /* 389 * clone the given skb, which has not been done in can_rcv() 390 * 391 * When there is at least one modification function activated, 392 * we need to copy the skb as we want to modify skb->data. 393 */ 394 if (gwj->mod.modfunc[0]) 395 nskb = skb_copy(skb, GFP_ATOMIC); 396 else 397 nskb = skb_clone(skb, GFP_ATOMIC); 398 399 if (!nskb) { 400 gwj->dropped_frames++; 401 return; 402 } 403 404 /* put the incremented hop counter in the cloned skb */ 405 cgw_hops(nskb) = cgw_hops(skb) + 1; 406 407 /* first processing of this CAN frame -> adjust to private hop limit */ 408 if (gwj->limit_hops && cgw_hops(nskb) == 1) 409 cgw_hops(nskb) = max_hops - gwj->limit_hops + 1; 410 411 nskb->dev = gwj->dst.dev; 412 413 /* pointer to modifiable CAN frame */ 414 cf = (struct can_frame *)nskb->data; 415 416 /* perform preprocessed modification functions if there are any */ 417 while (modidx < MAX_MODFUNCTIONS && gwj->mod.modfunc[modidx]) 418 (*gwj->mod.modfunc[modidx++])(cf, &gwj->mod); 419 420 /* Has the CAN frame been modified? */ 421 if (modidx) { 422 /* get available space for the processed CAN frame type */ 423 int max_len = nskb->len - offsetof(struct can_frame, data); 424 425 /* dlc may have changed, make sure it fits to the CAN frame */ 426 if (cf->can_dlc > max_len) 427 goto out_delete; 428 429 /* check for checksum updates in classic CAN length only */ 430 if (gwj->mod.csumfunc.crc8) { 431 if (cf->can_dlc > 8) 432 goto out_delete; 433 434 (*gwj->mod.csumfunc.crc8)(cf, &gwj->mod.csum.crc8); 435 } 436 437 if (gwj->mod.csumfunc.xor) { 438 if (cf->can_dlc > 8) 439 goto out_delete; 440 441 (*gwj->mod.csumfunc.xor)(cf, &gwj->mod.csum.xor); 442 } 443 } 444 445 /* clear the skb timestamp if not configured the other way */ 446 if (!(gwj->flags & CGW_FLAGS_CAN_SRC_TSTAMP)) 447 nskb->tstamp = 0; 448 449 /* send to netdevice */ 450 if (can_send(nskb, gwj->flags & CGW_FLAGS_CAN_ECHO)) 451 gwj->dropped_frames++; 452 else 453 gwj->handled_frames++; 454 455 return; 456 457 out_delete: 458 /* delete frame due to misconfiguration */ 459 gwj->deleted_frames++; 460 kfree_skb(nskb); 461 return; 462 } 463 464 static inline int cgw_register_filter(struct net *net, struct cgw_job *gwj) 465 { 466 return can_rx_register(net, gwj->src.dev, gwj->ccgw.filter.can_id, 467 gwj->ccgw.filter.can_mask, can_can_gw_rcv, 468 gwj, "gw", NULL); 469 } 470 471 static inline void cgw_unregister_filter(struct net *net, struct cgw_job *gwj) 472 { 473 can_rx_unregister(net, gwj->src.dev, gwj->ccgw.filter.can_id, 474 gwj->ccgw.filter.can_mask, can_can_gw_rcv, gwj); 475 } 476 477 static int cgw_notifier(struct notifier_block *nb, 478 unsigned long msg, void *ptr) 479 { 480 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 481 struct net *net = dev_net(dev); 482 483 if (dev->type != ARPHRD_CAN) 484 return NOTIFY_DONE; 485 486 if (msg == NETDEV_UNREGISTER) { 487 488 struct cgw_job *gwj = NULL; 489 struct hlist_node *nx; 490 491 ASSERT_RTNL(); 492 493 hlist_for_each_entry_safe(gwj, nx, &net->can.cgw_list, list) { 494 495 if (gwj->src.dev == dev || gwj->dst.dev == dev) { 496 hlist_del(&gwj->list); 497 cgw_unregister_filter(net, gwj); 498 kmem_cache_free(cgw_cache, gwj); 499 } 500 } 501 } 502 503 return NOTIFY_DONE; 504 } 505 506 static int cgw_put_job(struct sk_buff *skb, struct cgw_job *gwj, int type, 507 u32 pid, u32 seq, int flags) 508 { 509 struct cgw_frame_mod mb; 510 struct rtcanmsg *rtcan; 511 struct nlmsghdr *nlh; 512 513 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*rtcan), flags); 514 if (!nlh) 515 return -EMSGSIZE; 516 517 rtcan = nlmsg_data(nlh); 518 rtcan->can_family = AF_CAN; 519 rtcan->gwtype = gwj->gwtype; 520 rtcan->flags = gwj->flags; 521 522 /* add statistics if available */ 523 524 if (gwj->handled_frames) { 525 if (nla_put_u32(skb, CGW_HANDLED, gwj->handled_frames) < 0) 526 goto cancel; 527 } 528 529 if (gwj->dropped_frames) { 530 if (nla_put_u32(skb, CGW_DROPPED, gwj->dropped_frames) < 0) 531 goto cancel; 532 } 533 534 if (gwj->deleted_frames) { 535 if (nla_put_u32(skb, CGW_DELETED, gwj->deleted_frames) < 0) 536 goto cancel; 537 } 538 539 /* check non default settings of attributes */ 540 541 if (gwj->limit_hops) { 542 if (nla_put_u8(skb, CGW_LIM_HOPS, gwj->limit_hops) < 0) 543 goto cancel; 544 } 545 546 if (gwj->mod.modtype.and) { 547 memcpy(&mb.cf, &gwj->mod.modframe.and, sizeof(mb.cf)); 548 mb.modtype = gwj->mod.modtype.and; 549 if (nla_put(skb, CGW_MOD_AND, sizeof(mb), &mb) < 0) 550 goto cancel; 551 } 552 553 if (gwj->mod.modtype.or) { 554 memcpy(&mb.cf, &gwj->mod.modframe.or, sizeof(mb.cf)); 555 mb.modtype = gwj->mod.modtype.or; 556 if (nla_put(skb, CGW_MOD_OR, sizeof(mb), &mb) < 0) 557 goto cancel; 558 } 559 560 if (gwj->mod.modtype.xor) { 561 memcpy(&mb.cf, &gwj->mod.modframe.xor, sizeof(mb.cf)); 562 mb.modtype = gwj->mod.modtype.xor; 563 if (nla_put(skb, CGW_MOD_XOR, sizeof(mb), &mb) < 0) 564 goto cancel; 565 } 566 567 if (gwj->mod.modtype.set) { 568 memcpy(&mb.cf, &gwj->mod.modframe.set, sizeof(mb.cf)); 569 mb.modtype = gwj->mod.modtype.set; 570 if (nla_put(skb, CGW_MOD_SET, sizeof(mb), &mb) < 0) 571 goto cancel; 572 } 573 574 if (gwj->mod.uid) { 575 if (nla_put_u32(skb, CGW_MOD_UID, gwj->mod.uid) < 0) 576 goto cancel; 577 } 578 579 if (gwj->mod.csumfunc.crc8) { 580 if (nla_put(skb, CGW_CS_CRC8, CGW_CS_CRC8_LEN, 581 &gwj->mod.csum.crc8) < 0) 582 goto cancel; 583 } 584 585 if (gwj->mod.csumfunc.xor) { 586 if (nla_put(skb, CGW_CS_XOR, CGW_CS_XOR_LEN, 587 &gwj->mod.csum.xor) < 0) 588 goto cancel; 589 } 590 591 if (gwj->gwtype == CGW_TYPE_CAN_CAN) { 592 593 if (gwj->ccgw.filter.can_id || gwj->ccgw.filter.can_mask) { 594 if (nla_put(skb, CGW_FILTER, sizeof(struct can_filter), 595 &gwj->ccgw.filter) < 0) 596 goto cancel; 597 } 598 599 if (nla_put_u32(skb, CGW_SRC_IF, gwj->ccgw.src_idx) < 0) 600 goto cancel; 601 602 if (nla_put_u32(skb, CGW_DST_IF, gwj->ccgw.dst_idx) < 0) 603 goto cancel; 604 } 605 606 nlmsg_end(skb, nlh); 607 return 0; 608 609 cancel: 610 nlmsg_cancel(skb, nlh); 611 return -EMSGSIZE; 612 } 613 614 /* Dump information about all CAN gateway jobs, in response to RTM_GETROUTE */ 615 static int cgw_dump_jobs(struct sk_buff *skb, struct netlink_callback *cb) 616 { 617 struct net *net = sock_net(skb->sk); 618 struct cgw_job *gwj = NULL; 619 int idx = 0; 620 int s_idx = cb->args[0]; 621 622 rcu_read_lock(); 623 hlist_for_each_entry_rcu(gwj, &net->can.cgw_list, list) { 624 if (idx < s_idx) 625 goto cont; 626 627 if (cgw_put_job(skb, gwj, RTM_NEWROUTE, NETLINK_CB(cb->skb).portid, 628 cb->nlh->nlmsg_seq, NLM_F_MULTI) < 0) 629 break; 630 cont: 631 idx++; 632 } 633 rcu_read_unlock(); 634 635 cb->args[0] = idx; 636 637 return skb->len; 638 } 639 640 static const struct nla_policy cgw_policy[CGW_MAX+1] = { 641 [CGW_MOD_AND] = { .len = sizeof(struct cgw_frame_mod) }, 642 [CGW_MOD_OR] = { .len = sizeof(struct cgw_frame_mod) }, 643 [CGW_MOD_XOR] = { .len = sizeof(struct cgw_frame_mod) }, 644 [CGW_MOD_SET] = { .len = sizeof(struct cgw_frame_mod) }, 645 [CGW_CS_XOR] = { .len = sizeof(struct cgw_csum_xor) }, 646 [CGW_CS_CRC8] = { .len = sizeof(struct cgw_csum_crc8) }, 647 [CGW_SRC_IF] = { .type = NLA_U32 }, 648 [CGW_DST_IF] = { .type = NLA_U32 }, 649 [CGW_FILTER] = { .len = sizeof(struct can_filter) }, 650 [CGW_LIM_HOPS] = { .type = NLA_U8 }, 651 [CGW_MOD_UID] = { .type = NLA_U32 }, 652 }; 653 654 /* check for common and gwtype specific attributes */ 655 static int cgw_parse_attr(struct nlmsghdr *nlh, struct cf_mod *mod, 656 u8 gwtype, void *gwtypeattr, u8 *limhops) 657 { 658 struct nlattr *tb[CGW_MAX+1]; 659 struct cgw_frame_mod mb; 660 int modidx = 0; 661 int err = 0; 662 663 /* initialize modification & checksum data space */ 664 memset(mod, 0, sizeof(*mod)); 665 666 err = nlmsg_parse_deprecated(nlh, sizeof(struct rtcanmsg), tb, 667 CGW_MAX, cgw_policy, NULL); 668 if (err < 0) 669 return err; 670 671 if (tb[CGW_LIM_HOPS]) { 672 *limhops = nla_get_u8(tb[CGW_LIM_HOPS]); 673 674 if (*limhops < 1 || *limhops > max_hops) 675 return -EINVAL; 676 } 677 678 /* check for AND/OR/XOR/SET modifications */ 679 680 if (tb[CGW_MOD_AND]) { 681 nla_memcpy(&mb, tb[CGW_MOD_AND], CGW_MODATTR_LEN); 682 683 canframecpy(&mod->modframe.and, &mb.cf); 684 mod->modtype.and = mb.modtype; 685 686 if (mb.modtype & CGW_MOD_ID) 687 mod->modfunc[modidx++] = mod_and_id; 688 689 if (mb.modtype & CGW_MOD_DLC) 690 mod->modfunc[modidx++] = mod_and_dlc; 691 692 if (mb.modtype & CGW_MOD_DATA) 693 mod->modfunc[modidx++] = mod_and_data; 694 } 695 696 if (tb[CGW_MOD_OR]) { 697 nla_memcpy(&mb, tb[CGW_MOD_OR], CGW_MODATTR_LEN); 698 699 canframecpy(&mod->modframe.or, &mb.cf); 700 mod->modtype.or = mb.modtype; 701 702 if (mb.modtype & CGW_MOD_ID) 703 mod->modfunc[modidx++] = mod_or_id; 704 705 if (mb.modtype & CGW_MOD_DLC) 706 mod->modfunc[modidx++] = mod_or_dlc; 707 708 if (mb.modtype & CGW_MOD_DATA) 709 mod->modfunc[modidx++] = mod_or_data; 710 } 711 712 if (tb[CGW_MOD_XOR]) { 713 nla_memcpy(&mb, tb[CGW_MOD_XOR], CGW_MODATTR_LEN); 714 715 canframecpy(&mod->modframe.xor, &mb.cf); 716 mod->modtype.xor = mb.modtype; 717 718 if (mb.modtype & CGW_MOD_ID) 719 mod->modfunc[modidx++] = mod_xor_id; 720 721 if (mb.modtype & CGW_MOD_DLC) 722 mod->modfunc[modidx++] = mod_xor_dlc; 723 724 if (mb.modtype & CGW_MOD_DATA) 725 mod->modfunc[modidx++] = mod_xor_data; 726 } 727 728 if (tb[CGW_MOD_SET]) { 729 nla_memcpy(&mb, tb[CGW_MOD_SET], CGW_MODATTR_LEN); 730 731 canframecpy(&mod->modframe.set, &mb.cf); 732 mod->modtype.set = mb.modtype; 733 734 if (mb.modtype & CGW_MOD_ID) 735 mod->modfunc[modidx++] = mod_set_id; 736 737 if (mb.modtype & CGW_MOD_DLC) 738 mod->modfunc[modidx++] = mod_set_dlc; 739 740 if (mb.modtype & CGW_MOD_DATA) 741 mod->modfunc[modidx++] = mod_set_data; 742 } 743 744 /* check for checksum operations after CAN frame modifications */ 745 if (modidx) { 746 747 if (tb[CGW_CS_CRC8]) { 748 struct cgw_csum_crc8 *c = nla_data(tb[CGW_CS_CRC8]); 749 750 err = cgw_chk_csum_parms(c->from_idx, c->to_idx, 751 c->result_idx); 752 if (err) 753 return err; 754 755 nla_memcpy(&mod->csum.crc8, tb[CGW_CS_CRC8], 756 CGW_CS_CRC8_LEN); 757 758 /* 759 * select dedicated processing function to reduce 760 * runtime operations in receive hot path. 761 */ 762 if (c->from_idx < 0 || c->to_idx < 0 || 763 c->result_idx < 0) 764 mod->csumfunc.crc8 = cgw_csum_crc8_rel; 765 else if (c->from_idx <= c->to_idx) 766 mod->csumfunc.crc8 = cgw_csum_crc8_pos; 767 else 768 mod->csumfunc.crc8 = cgw_csum_crc8_neg; 769 } 770 771 if (tb[CGW_CS_XOR]) { 772 struct cgw_csum_xor *c = nla_data(tb[CGW_CS_XOR]); 773 774 err = cgw_chk_csum_parms(c->from_idx, c->to_idx, 775 c->result_idx); 776 if (err) 777 return err; 778 779 nla_memcpy(&mod->csum.xor, tb[CGW_CS_XOR], 780 CGW_CS_XOR_LEN); 781 782 /* 783 * select dedicated processing function to reduce 784 * runtime operations in receive hot path. 785 */ 786 if (c->from_idx < 0 || c->to_idx < 0 || 787 c->result_idx < 0) 788 mod->csumfunc.xor = cgw_csum_xor_rel; 789 else if (c->from_idx <= c->to_idx) 790 mod->csumfunc.xor = cgw_csum_xor_pos; 791 else 792 mod->csumfunc.xor = cgw_csum_xor_neg; 793 } 794 795 if (tb[CGW_MOD_UID]) { 796 nla_memcpy(&mod->uid, tb[CGW_MOD_UID], sizeof(u32)); 797 } 798 } 799 800 if (gwtype == CGW_TYPE_CAN_CAN) { 801 802 /* check CGW_TYPE_CAN_CAN specific attributes */ 803 804 struct can_can_gw *ccgw = (struct can_can_gw *)gwtypeattr; 805 memset(ccgw, 0, sizeof(*ccgw)); 806 807 /* check for can_filter in attributes */ 808 if (tb[CGW_FILTER]) 809 nla_memcpy(&ccgw->filter, tb[CGW_FILTER], 810 sizeof(struct can_filter)); 811 812 err = -ENODEV; 813 814 /* specifying two interfaces is mandatory */ 815 if (!tb[CGW_SRC_IF] || !tb[CGW_DST_IF]) 816 return err; 817 818 ccgw->src_idx = nla_get_u32(tb[CGW_SRC_IF]); 819 ccgw->dst_idx = nla_get_u32(tb[CGW_DST_IF]); 820 821 /* both indices set to 0 for flushing all routing entries */ 822 if (!ccgw->src_idx && !ccgw->dst_idx) 823 return 0; 824 825 /* only one index set to 0 is an error */ 826 if (!ccgw->src_idx || !ccgw->dst_idx) 827 return err; 828 } 829 830 /* add the checks for other gwtypes here */ 831 832 return 0; 833 } 834 835 static int cgw_create_job(struct sk_buff *skb, struct nlmsghdr *nlh, 836 struct netlink_ext_ack *extack) 837 { 838 struct net *net = sock_net(skb->sk); 839 struct rtcanmsg *r; 840 struct cgw_job *gwj; 841 struct cf_mod mod; 842 struct can_can_gw ccgw; 843 u8 limhops = 0; 844 int err = 0; 845 846 if (!netlink_capable(skb, CAP_NET_ADMIN)) 847 return -EPERM; 848 849 if (nlmsg_len(nlh) < sizeof(*r)) 850 return -EINVAL; 851 852 r = nlmsg_data(nlh); 853 if (r->can_family != AF_CAN) 854 return -EPFNOSUPPORT; 855 856 /* so far we only support CAN -> CAN routings */ 857 if (r->gwtype != CGW_TYPE_CAN_CAN) 858 return -EINVAL; 859 860 err = cgw_parse_attr(nlh, &mod, CGW_TYPE_CAN_CAN, &ccgw, &limhops); 861 if (err < 0) 862 return err; 863 864 if (mod.uid) { 865 866 ASSERT_RTNL(); 867 868 /* check for updating an existing job with identical uid */ 869 hlist_for_each_entry(gwj, &net->can.cgw_list, list) { 870 871 if (gwj->mod.uid != mod.uid) 872 continue; 873 874 /* interfaces & filters must be identical */ 875 if (memcmp(&gwj->ccgw, &ccgw, sizeof(ccgw))) 876 return -EINVAL; 877 878 /* update modifications with disabled softirq & quit */ 879 local_bh_disable(); 880 memcpy(&gwj->mod, &mod, sizeof(mod)); 881 local_bh_enable(); 882 return 0; 883 } 884 } 885 886 /* ifindex == 0 is not allowed for job creation */ 887 if (!ccgw.src_idx || !ccgw.dst_idx) 888 return -ENODEV; 889 890 gwj = kmem_cache_alloc(cgw_cache, GFP_KERNEL); 891 if (!gwj) 892 return -ENOMEM; 893 894 gwj->handled_frames = 0; 895 gwj->dropped_frames = 0; 896 gwj->deleted_frames = 0; 897 gwj->flags = r->flags; 898 gwj->gwtype = r->gwtype; 899 gwj->limit_hops = limhops; 900 901 /* insert already parsed information */ 902 memcpy(&gwj->mod, &mod, sizeof(mod)); 903 memcpy(&gwj->ccgw, &ccgw, sizeof(ccgw)); 904 905 err = -ENODEV; 906 907 gwj->src.dev = __dev_get_by_index(net, gwj->ccgw.src_idx); 908 909 if (!gwj->src.dev) 910 goto out; 911 912 if (gwj->src.dev->type != ARPHRD_CAN) 913 goto out; 914 915 gwj->dst.dev = __dev_get_by_index(net, gwj->ccgw.dst_idx); 916 917 if (!gwj->dst.dev) 918 goto out; 919 920 if (gwj->dst.dev->type != ARPHRD_CAN) 921 goto out; 922 923 ASSERT_RTNL(); 924 925 err = cgw_register_filter(net, gwj); 926 if (!err) 927 hlist_add_head_rcu(&gwj->list, &net->can.cgw_list); 928 out: 929 if (err) 930 kmem_cache_free(cgw_cache, gwj); 931 932 return err; 933 } 934 935 static void cgw_remove_all_jobs(struct net *net) 936 { 937 struct cgw_job *gwj = NULL; 938 struct hlist_node *nx; 939 940 ASSERT_RTNL(); 941 942 hlist_for_each_entry_safe(gwj, nx, &net->can.cgw_list, list) { 943 hlist_del(&gwj->list); 944 cgw_unregister_filter(net, gwj); 945 kmem_cache_free(cgw_cache, gwj); 946 } 947 } 948 949 static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, 950 struct netlink_ext_ack *extack) 951 { 952 struct net *net = sock_net(skb->sk); 953 struct cgw_job *gwj = NULL; 954 struct hlist_node *nx; 955 struct rtcanmsg *r; 956 struct cf_mod mod; 957 struct can_can_gw ccgw; 958 u8 limhops = 0; 959 int err = 0; 960 961 if (!netlink_capable(skb, CAP_NET_ADMIN)) 962 return -EPERM; 963 964 if (nlmsg_len(nlh) < sizeof(*r)) 965 return -EINVAL; 966 967 r = nlmsg_data(nlh); 968 if (r->can_family != AF_CAN) 969 return -EPFNOSUPPORT; 970 971 /* so far we only support CAN -> CAN routings */ 972 if (r->gwtype != CGW_TYPE_CAN_CAN) 973 return -EINVAL; 974 975 err = cgw_parse_attr(nlh, &mod, CGW_TYPE_CAN_CAN, &ccgw, &limhops); 976 if (err < 0) 977 return err; 978 979 /* two interface indices both set to 0 => remove all entries */ 980 if (!ccgw.src_idx && !ccgw.dst_idx) { 981 cgw_remove_all_jobs(net); 982 return 0; 983 } 984 985 err = -EINVAL; 986 987 ASSERT_RTNL(); 988 989 /* remove only the first matching entry */ 990 hlist_for_each_entry_safe(gwj, nx, &net->can.cgw_list, list) { 991 992 if (gwj->flags != r->flags) 993 continue; 994 995 if (gwj->limit_hops != limhops) 996 continue; 997 998 /* we have a match when uid is enabled and identical */ 999 if (gwj->mod.uid || mod.uid) { 1000 if (gwj->mod.uid != mod.uid) 1001 continue; 1002 } else { 1003 /* no uid => check for identical modifications */ 1004 if (memcmp(&gwj->mod, &mod, sizeof(mod))) 1005 continue; 1006 } 1007 1008 /* if (r->gwtype == CGW_TYPE_CAN_CAN) - is made sure here */ 1009 if (memcmp(&gwj->ccgw, &ccgw, sizeof(ccgw))) 1010 continue; 1011 1012 hlist_del(&gwj->list); 1013 cgw_unregister_filter(net, gwj); 1014 kmem_cache_free(cgw_cache, gwj); 1015 err = 0; 1016 break; 1017 } 1018 1019 return err; 1020 } 1021 1022 static int __net_init cangw_pernet_init(struct net *net) 1023 { 1024 INIT_HLIST_HEAD(&net->can.cgw_list); 1025 return 0; 1026 } 1027 1028 static void __net_exit cangw_pernet_exit(struct net *net) 1029 { 1030 rtnl_lock(); 1031 cgw_remove_all_jobs(net); 1032 rtnl_unlock(); 1033 } 1034 1035 static struct pernet_operations cangw_pernet_ops = { 1036 .init = cangw_pernet_init, 1037 .exit = cangw_pernet_exit, 1038 }; 1039 1040 static __init int cgw_module_init(void) 1041 { 1042 int ret; 1043 1044 /* sanitize given module parameter */ 1045 max_hops = clamp_t(unsigned int, max_hops, CGW_MIN_HOPS, CGW_MAX_HOPS); 1046 1047 pr_info("can: netlink gateway (rev " CAN_GW_VERSION ") max_hops=%d\n", 1048 max_hops); 1049 1050 ret = register_pernet_subsys(&cangw_pernet_ops); 1051 if (ret) 1052 return ret; 1053 1054 ret = -ENOMEM; 1055 cgw_cache = kmem_cache_create("can_gw", sizeof(struct cgw_job), 1056 0, 0, NULL); 1057 if (!cgw_cache) 1058 goto out_cache_create; 1059 1060 /* set notifier */ 1061 notifier.notifier_call = cgw_notifier; 1062 ret = register_netdevice_notifier(¬ifier); 1063 if (ret) 1064 goto out_register_notifier; 1065 1066 ret = rtnl_register_module(THIS_MODULE, PF_CAN, RTM_GETROUTE, 1067 NULL, cgw_dump_jobs, 0); 1068 if (ret) 1069 goto out_rtnl_register1; 1070 1071 ret = rtnl_register_module(THIS_MODULE, PF_CAN, RTM_NEWROUTE, 1072 cgw_create_job, NULL, 0); 1073 if (ret) 1074 goto out_rtnl_register2; 1075 ret = rtnl_register_module(THIS_MODULE, PF_CAN, RTM_DELROUTE, 1076 cgw_remove_job, NULL, 0); 1077 if (ret) 1078 goto out_rtnl_register3; 1079 1080 return 0; 1081 1082 out_rtnl_register3: 1083 rtnl_unregister(PF_CAN, RTM_NEWROUTE); 1084 out_rtnl_register2: 1085 rtnl_unregister(PF_CAN, RTM_GETROUTE); 1086 out_rtnl_register1: 1087 unregister_netdevice_notifier(¬ifier); 1088 out_register_notifier: 1089 kmem_cache_destroy(cgw_cache); 1090 out_cache_create: 1091 unregister_pernet_subsys(&cangw_pernet_ops); 1092 1093 return ret; 1094 } 1095 1096 static __exit void cgw_module_exit(void) 1097 { 1098 rtnl_unregister_all(PF_CAN); 1099 1100 unregister_netdevice_notifier(¬ifier); 1101 1102 unregister_pernet_subsys(&cangw_pernet_ops); 1103 rcu_barrier(); /* Wait for completion of call_rcu()'s */ 1104 1105 kmem_cache_destroy(cgw_cache); 1106 } 1107 1108 module_init(cgw_module_init); 1109 module_exit(cgw_module_exit); 1110