1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2007-2012 Siemens AG 4 * 5 * Written by: 6 * Pavel Smolenskiy <pavel.smolenskiy@gmail.com> 7 * Maxim Gorbachyov <maxim.gorbachev@siemens.com> 8 * Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 9 * Alexander Smirnov <alex.bluesman.smirnov@gmail.com> 10 */ 11 12 #include <linux/kernel.h> 13 #include <linux/module.h> 14 #include <linux/netdevice.h> 15 #include <linux/crc-ccitt.h> 16 #include <linux/unaligned.h> 17 18 #include <net/mac802154.h> 19 #include <net/ieee802154_netdev.h> 20 #include <net/nl802154.h> 21 22 #include "ieee802154_i.h" 23 24 static int ieee802154_deliver_skb(struct sk_buff *skb) 25 { 26 skb->ip_summed = CHECKSUM_UNNECESSARY; 27 skb->protocol = htons(ETH_P_IEEE802154); 28 29 return netif_receive_skb(skb); 30 } 31 32 void mac802154_rx_beacon_worker(struct work_struct *work) 33 { 34 struct ieee802154_local *local = 35 container_of(work, struct ieee802154_local, rx_beacon_work); 36 struct cfg802154_mac_pkt *mac_pkt; 37 38 mac_pkt = list_first_entry_or_null(&local->rx_beacon_list, 39 struct cfg802154_mac_pkt, node); 40 if (!mac_pkt) 41 return; 42 43 mac802154_process_beacon(local, mac_pkt->skb, mac_pkt->page, mac_pkt->channel); 44 45 list_del(&mac_pkt->node); 46 kfree_skb(mac_pkt->skb); 47 kfree(mac_pkt); 48 } 49 50 static bool mac802154_should_answer_beacon_req(struct ieee802154_local *local) 51 { 52 struct cfg802154_beacon_request *beacon_req; 53 unsigned int interval; 54 55 rcu_read_lock(); 56 beacon_req = rcu_dereference(local->beacon_req); 57 if (!beacon_req) { 58 rcu_read_unlock(); 59 return false; 60 } 61 62 interval = beacon_req->interval; 63 rcu_read_unlock(); 64 65 if (!mac802154_is_beaconing(local)) 66 return false; 67 68 return interval == IEEE802154_ACTIVE_SCAN_DURATION; 69 } 70 71 void mac802154_rx_mac_cmd_worker(struct work_struct *work) 72 { 73 struct ieee802154_local *local = 74 container_of(work, struct ieee802154_local, rx_mac_cmd_work); 75 struct cfg802154_mac_pkt *mac_pkt; 76 u8 mac_cmd; 77 int rc; 78 79 mac_pkt = list_first_entry_or_null(&local->rx_mac_cmd_list, 80 struct cfg802154_mac_pkt, node); 81 if (!mac_pkt) 82 return; 83 84 rc = ieee802154_get_mac_cmd(mac_pkt->skb, &mac_cmd); 85 if (rc) 86 goto out; 87 88 switch (mac_cmd) { 89 case IEEE802154_CMD_BEACON_REQ: 90 dev_dbg(&mac_pkt->sdata->dev->dev, "processing BEACON REQ\n"); 91 if (!mac802154_should_answer_beacon_req(local)) 92 break; 93 94 queue_delayed_work(local->mac_wq, &local->beacon_work, 0); 95 break; 96 97 case IEEE802154_CMD_ASSOCIATION_RESP: 98 dev_dbg(&mac_pkt->sdata->dev->dev, "processing ASSOC RESP\n"); 99 if (!mac802154_is_associating(local)) 100 break; 101 102 mac802154_process_association_resp(mac_pkt->sdata, mac_pkt->skb); 103 break; 104 105 case IEEE802154_CMD_ASSOCIATION_REQ: 106 dev_dbg(&mac_pkt->sdata->dev->dev, "processing ASSOC REQ\n"); 107 if (mac_pkt->sdata->wpan_dev.iftype != NL802154_IFTYPE_COORD) 108 break; 109 110 mac802154_process_association_req(mac_pkt->sdata, mac_pkt->skb); 111 break; 112 113 case IEEE802154_CMD_DISASSOCIATION_NOTIFY: 114 dev_dbg(&mac_pkt->sdata->dev->dev, "processing DISASSOC NOTIF\n"); 115 if (mac_pkt->sdata->wpan_dev.iftype != NL802154_IFTYPE_COORD) 116 break; 117 118 mac802154_process_disassociation_notif(mac_pkt->sdata, mac_pkt->skb); 119 break; 120 121 default: 122 break; 123 } 124 125 out: 126 list_del(&mac_pkt->node); 127 kfree_skb(mac_pkt->skb); 128 kfree(mac_pkt); 129 } 130 131 static int 132 ieee802154_subif_frame(struct ieee802154_sub_if_data *sdata, 133 struct sk_buff *skb, const struct ieee802154_hdr *hdr) 134 { 135 struct wpan_phy *wpan_phy = sdata->local->hw.phy; 136 struct wpan_dev *wpan_dev = &sdata->wpan_dev; 137 struct cfg802154_mac_pkt *mac_pkt; 138 __le16 span, sshort; 139 int rc; 140 141 pr_debug("getting packet via slave interface %s\n", sdata->dev->name); 142 143 span = wpan_dev->pan_id; 144 sshort = wpan_dev->short_addr; 145 146 /* Level 3 filtering: Only beacons are accepted during scans */ 147 if (sdata->required_filtering == IEEE802154_FILTERING_3_SCAN && 148 sdata->required_filtering > wpan_phy->filtering) { 149 if (mac_cb(skb)->type != IEEE802154_FC_TYPE_BEACON) { 150 dev_dbg(&sdata->dev->dev, 151 "drop non-beacon frame (0x%x) during scan\n", 152 mac_cb(skb)->type); 153 goto fail; 154 } 155 } 156 157 switch (mac_cb(skb)->dest.mode) { 158 case IEEE802154_ADDR_NONE: 159 if (hdr->source.mode == IEEE802154_ADDR_NONE) 160 /* ACK comes with both addresses empty */ 161 skb->pkt_type = PACKET_HOST; 162 else if (!wpan_dev->parent) 163 /* No dest means PAN coordinator is the recipient */ 164 skb->pkt_type = PACKET_HOST; 165 else 166 /* We are not the PAN coordinator, just relaying */ 167 skb->pkt_type = PACKET_OTHERHOST; 168 break; 169 case IEEE802154_ADDR_LONG: 170 if (mac_cb(skb)->dest.pan_id != span && 171 mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST)) 172 skb->pkt_type = PACKET_OTHERHOST; 173 else if (mac_cb(skb)->dest.extended_addr == wpan_dev->extended_addr) 174 skb->pkt_type = PACKET_HOST; 175 else 176 skb->pkt_type = PACKET_OTHERHOST; 177 break; 178 case IEEE802154_ADDR_SHORT: 179 if (mac_cb(skb)->dest.pan_id != span && 180 mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST)) 181 skb->pkt_type = PACKET_OTHERHOST; 182 else if (mac_cb(skb)->dest.short_addr == sshort) 183 skb->pkt_type = PACKET_HOST; 184 else if (mac_cb(skb)->dest.short_addr == 185 cpu_to_le16(IEEE802154_ADDR_BROADCAST)) 186 skb->pkt_type = PACKET_BROADCAST; 187 else 188 skb->pkt_type = PACKET_OTHERHOST; 189 break; 190 default: 191 pr_debug("invalid dest mode\n"); 192 goto fail; 193 } 194 195 skb->dev = sdata->dev; 196 197 /* TODO this should be moved after netif_receive_skb call, otherwise 198 * wireshark will show a mac header with security fields and the 199 * payload is already decrypted. 200 */ 201 rc = mac802154_llsec_decrypt(&sdata->sec, skb); 202 if (rc) { 203 pr_debug("decryption failed: %i\n", rc); 204 goto fail; 205 } 206 207 sdata->dev->stats.rx_packets++; 208 sdata->dev->stats.rx_bytes += skb->len; 209 210 switch (mac_cb(skb)->type) { 211 case IEEE802154_FC_TYPE_BEACON: 212 dev_dbg(&sdata->dev->dev, "BEACON received\n"); 213 if (!mac802154_is_scanning(sdata->local)) 214 goto fail; 215 216 mac_pkt = kzalloc(sizeof(*mac_pkt), GFP_ATOMIC); 217 if (!mac_pkt) 218 goto fail; 219 220 mac_pkt->skb = skb_get(skb); 221 mac_pkt->sdata = sdata; 222 mac_pkt->page = sdata->local->scan_page; 223 mac_pkt->channel = sdata->local->scan_channel; 224 list_add_tail(&mac_pkt->node, &sdata->local->rx_beacon_list); 225 queue_work(sdata->local->mac_wq, &sdata->local->rx_beacon_work); 226 return NET_RX_SUCCESS; 227 228 case IEEE802154_FC_TYPE_MAC_CMD: 229 dev_dbg(&sdata->dev->dev, "MAC COMMAND received\n"); 230 mac_pkt = kzalloc(sizeof(*mac_pkt), GFP_ATOMIC); 231 if (!mac_pkt) 232 goto fail; 233 234 mac_pkt->skb = skb_get(skb); 235 mac_pkt->sdata = sdata; 236 list_add_tail(&mac_pkt->node, &sdata->local->rx_mac_cmd_list); 237 queue_work(sdata->local->mac_wq, &sdata->local->rx_mac_cmd_work); 238 return NET_RX_SUCCESS; 239 240 case IEEE802154_FC_TYPE_ACK: 241 goto fail; 242 243 case IEEE802154_FC_TYPE_DATA: 244 return ieee802154_deliver_skb(skb); 245 default: 246 pr_warn_ratelimited("ieee802154: bad frame received " 247 "(type = %d)\n", mac_cb(skb)->type); 248 goto fail; 249 } 250 251 fail: 252 kfree_skb(skb); 253 return NET_RX_DROP; 254 } 255 256 static void 257 ieee802154_print_addr(const char *name, const struct ieee802154_addr *addr) 258 { 259 if (addr->mode == IEEE802154_ADDR_NONE) { 260 pr_debug("%s not present\n", name); 261 return; 262 } 263 264 pr_debug("%s PAN ID: %04x\n", name, le16_to_cpu(addr->pan_id)); 265 if (addr->mode == IEEE802154_ADDR_SHORT) { 266 pr_debug("%s is short: %04x\n", name, 267 le16_to_cpu(addr->short_addr)); 268 } else { 269 u64 hw = swab64((__force u64)addr->extended_addr); 270 271 pr_debug("%s is hardware: %8phC\n", name, &hw); 272 } 273 } 274 275 static int 276 ieee802154_parse_frame_start(struct sk_buff *skb, struct ieee802154_hdr *hdr) 277 { 278 int hlen; 279 struct ieee802154_mac_cb *cb = mac_cb(skb); 280 281 skb_reset_mac_header(skb); 282 283 hlen = ieee802154_hdr_pull(skb, hdr); 284 if (hlen < 0) 285 return -EINVAL; 286 287 skb->mac_len = hlen; 288 289 pr_debug("fc: %04x dsn: %02x\n", le16_to_cpup((__le16 *)&hdr->fc), 290 hdr->seq); 291 292 cb->type = hdr->fc.type; 293 cb->ackreq = hdr->fc.ack_request; 294 cb->secen = hdr->fc.security_enabled; 295 296 ieee802154_print_addr("destination", &hdr->dest); 297 ieee802154_print_addr("source", &hdr->source); 298 299 cb->source = hdr->source; 300 cb->dest = hdr->dest; 301 302 if (hdr->fc.security_enabled) { 303 u64 key; 304 305 pr_debug("seclevel %i\n", hdr->sec.level); 306 307 switch (hdr->sec.key_id_mode) { 308 case IEEE802154_SCF_KEY_IMPLICIT: 309 pr_debug("implicit key\n"); 310 break; 311 312 case IEEE802154_SCF_KEY_INDEX: 313 pr_debug("key %02x\n", hdr->sec.key_id); 314 break; 315 316 case IEEE802154_SCF_KEY_SHORT_INDEX: 317 pr_debug("key %04x:%04x %02x\n", 318 le32_to_cpu(hdr->sec.short_src) >> 16, 319 le32_to_cpu(hdr->sec.short_src) & 0xffff, 320 hdr->sec.key_id); 321 break; 322 323 case IEEE802154_SCF_KEY_HW_INDEX: 324 key = swab64((__force u64)hdr->sec.extended_src); 325 pr_debug("key source %8phC %02x\n", &key, 326 hdr->sec.key_id); 327 break; 328 } 329 } 330 331 return 0; 332 } 333 334 static void 335 __ieee802154_rx_handle_packet(struct ieee802154_local *local, 336 struct sk_buff *skb) 337 { 338 int ret; 339 struct ieee802154_sub_if_data *sdata; 340 struct ieee802154_hdr hdr; 341 struct sk_buff *skb2; 342 343 ret = ieee802154_parse_frame_start(skb, &hdr); 344 if (ret) { 345 pr_debug("got invalid frame\n"); 346 return; 347 } 348 349 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 350 if (sdata->wpan_dev.iftype == NL802154_IFTYPE_MONITOR) 351 continue; 352 353 if (!ieee802154_sdata_running(sdata)) 354 continue; 355 356 /* Do not deliver packets received on interfaces expecting 357 * AACK=1 if the address filters where disabled. 358 */ 359 if (local->hw.phy->filtering < IEEE802154_FILTERING_4_FRAME_FIELDS && 360 sdata->required_filtering == IEEE802154_FILTERING_4_FRAME_FIELDS) 361 continue; 362 363 skb2 = skb_clone(skb, GFP_ATOMIC); 364 if (skb2) { 365 skb2->dev = sdata->dev; 366 ieee802154_subif_frame(sdata, skb2, &hdr); 367 } 368 } 369 } 370 371 static void 372 ieee802154_monitors_rx(struct ieee802154_local *local, struct sk_buff *skb) 373 { 374 struct sk_buff *skb2; 375 struct ieee802154_sub_if_data *sdata; 376 377 skb_reset_mac_header(skb); 378 skb->ip_summed = CHECKSUM_UNNECESSARY; 379 skb->pkt_type = PACKET_OTHERHOST; 380 skb->protocol = htons(ETH_P_IEEE802154); 381 382 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 383 if (sdata->wpan_dev.iftype != NL802154_IFTYPE_MONITOR) 384 continue; 385 386 if (!ieee802154_sdata_running(sdata)) 387 continue; 388 389 skb2 = skb_clone(skb, GFP_ATOMIC); 390 if (skb2) { 391 skb2->dev = sdata->dev; 392 ieee802154_deliver_skb(skb2); 393 394 sdata->dev->stats.rx_packets++; 395 sdata->dev->stats.rx_bytes += skb->len; 396 } 397 } 398 } 399 400 void ieee802154_rx(struct ieee802154_local *local, struct sk_buff *skb) 401 { 402 u16 crc; 403 404 WARN_ON_ONCE(softirq_count() == 0); 405 406 if (local->suspended) 407 goto free_skb; 408 409 /* TODO: When a transceiver omits the checksum here, we 410 * add an own calculated one. This is currently an ugly 411 * solution because the monitor needs a crc here. 412 */ 413 if (local->hw.flags & IEEE802154_HW_RX_OMIT_CKSUM) { 414 crc = crc_ccitt(0, skb->data, skb->len); 415 put_unaligned_le16(crc, skb_put(skb, 2)); 416 } 417 418 rcu_read_lock(); 419 420 ieee802154_monitors_rx(local, skb); 421 422 /* Level 1 filtering: Check the FCS by software when relevant */ 423 if (local->hw.phy->filtering == IEEE802154_FILTERING_NONE) { 424 crc = crc_ccitt(0, skb->data, skb->len); 425 if (crc) 426 goto drop; 427 } 428 /* remove crc */ 429 skb_trim(skb, skb->len - 2); 430 431 __ieee802154_rx_handle_packet(local, skb); 432 433 drop: 434 rcu_read_unlock(); 435 free_skb: 436 kfree_skb(skb); 437 } 438 439 void 440 ieee802154_rx_irqsafe(struct ieee802154_hw *hw, struct sk_buff *skb, u8 lqi) 441 { 442 struct ieee802154_local *local = hw_to_local(hw); 443 struct ieee802154_mac_cb *cb = mac_cb_init(skb); 444 445 cb->lqi = lqi; 446 skb->pkt_type = IEEE802154_RX_MSG; 447 skb_queue_tail(&local->skb_queue, skb); 448 tasklet_schedule(&local->tasklet); 449 } 450 EXPORT_SYMBOL(ieee802154_rx_irqsafe); 451