xref: /linux/net/mac802154/rx.c (revision 55d0969c451159cff86949b38c39171cab962069)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Copyright (C) 2007-2012 Siemens AG
4  *
5  * Written by:
6  * Pavel Smolenskiy <pavel.smolenskiy@gmail.com>
7  * Maxim Gorbachyov <maxim.gorbachev@siemens.com>
8  * Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
9  * Alexander Smirnov <alex.bluesman.smirnov@gmail.com>
10  */
11 
12 #include <linux/kernel.h>
13 #include <linux/module.h>
14 #include <linux/netdevice.h>
15 #include <linux/crc-ccitt.h>
16 #include <linux/unaligned.h>
17 
18 #include <net/mac802154.h>
19 #include <net/ieee802154_netdev.h>
20 #include <net/nl802154.h>
21 
22 #include "ieee802154_i.h"
23 
24 static int ieee802154_deliver_skb(struct sk_buff *skb)
25 {
26 	skb->ip_summed = CHECKSUM_UNNECESSARY;
27 	skb->protocol = htons(ETH_P_IEEE802154);
28 
29 	return netif_receive_skb(skb);
30 }
31 
32 void mac802154_rx_beacon_worker(struct work_struct *work)
33 {
34 	struct ieee802154_local *local =
35 		container_of(work, struct ieee802154_local, rx_beacon_work);
36 	struct cfg802154_mac_pkt *mac_pkt;
37 
38 	mac_pkt = list_first_entry_or_null(&local->rx_beacon_list,
39 					   struct cfg802154_mac_pkt, node);
40 	if (!mac_pkt)
41 		return;
42 
43 	mac802154_process_beacon(local, mac_pkt->skb, mac_pkt->page, mac_pkt->channel);
44 
45 	list_del(&mac_pkt->node);
46 	kfree_skb(mac_pkt->skb);
47 	kfree(mac_pkt);
48 }
49 
50 static bool mac802154_should_answer_beacon_req(struct ieee802154_local *local)
51 {
52 	struct cfg802154_beacon_request *beacon_req;
53 	unsigned int interval;
54 
55 	rcu_read_lock();
56 	beacon_req = rcu_dereference(local->beacon_req);
57 	if (!beacon_req) {
58 		rcu_read_unlock();
59 		return false;
60 	}
61 
62 	interval = beacon_req->interval;
63 	rcu_read_unlock();
64 
65 	if (!mac802154_is_beaconing(local))
66 		return false;
67 
68 	return interval == IEEE802154_ACTIVE_SCAN_DURATION;
69 }
70 
71 void mac802154_rx_mac_cmd_worker(struct work_struct *work)
72 {
73 	struct ieee802154_local *local =
74 		container_of(work, struct ieee802154_local, rx_mac_cmd_work);
75 	struct cfg802154_mac_pkt *mac_pkt;
76 	u8 mac_cmd;
77 	int rc;
78 
79 	mac_pkt = list_first_entry_or_null(&local->rx_mac_cmd_list,
80 					   struct cfg802154_mac_pkt, node);
81 	if (!mac_pkt)
82 		return;
83 
84 	rc = ieee802154_get_mac_cmd(mac_pkt->skb, &mac_cmd);
85 	if (rc)
86 		goto out;
87 
88 	switch (mac_cmd) {
89 	case IEEE802154_CMD_BEACON_REQ:
90 		dev_dbg(&mac_pkt->sdata->dev->dev, "processing BEACON REQ\n");
91 		if (!mac802154_should_answer_beacon_req(local))
92 			break;
93 
94 		queue_delayed_work(local->mac_wq, &local->beacon_work, 0);
95 		break;
96 
97 	case IEEE802154_CMD_ASSOCIATION_RESP:
98 		dev_dbg(&mac_pkt->sdata->dev->dev, "processing ASSOC RESP\n");
99 		if (!mac802154_is_associating(local))
100 			break;
101 
102 		mac802154_process_association_resp(mac_pkt->sdata, mac_pkt->skb);
103 		break;
104 
105 	case IEEE802154_CMD_ASSOCIATION_REQ:
106 		dev_dbg(&mac_pkt->sdata->dev->dev, "processing ASSOC REQ\n");
107 		if (mac_pkt->sdata->wpan_dev.iftype != NL802154_IFTYPE_COORD)
108 			break;
109 
110 		mac802154_process_association_req(mac_pkt->sdata, mac_pkt->skb);
111 		break;
112 
113 	case IEEE802154_CMD_DISASSOCIATION_NOTIFY:
114 		dev_dbg(&mac_pkt->sdata->dev->dev, "processing DISASSOC NOTIF\n");
115 		if (mac_pkt->sdata->wpan_dev.iftype != NL802154_IFTYPE_COORD)
116 			break;
117 
118 		mac802154_process_disassociation_notif(mac_pkt->sdata, mac_pkt->skb);
119 		break;
120 
121 	default:
122 		break;
123 	}
124 
125 out:
126 	list_del(&mac_pkt->node);
127 	kfree_skb(mac_pkt->skb);
128 	kfree(mac_pkt);
129 }
130 
131 static int
132 ieee802154_subif_frame(struct ieee802154_sub_if_data *sdata,
133 		       struct sk_buff *skb, const struct ieee802154_hdr *hdr)
134 {
135 	struct wpan_phy *wpan_phy = sdata->local->hw.phy;
136 	struct wpan_dev *wpan_dev = &sdata->wpan_dev;
137 	struct cfg802154_mac_pkt *mac_pkt;
138 	__le16 span, sshort;
139 	int rc;
140 
141 	pr_debug("getting packet via slave interface %s\n", sdata->dev->name);
142 
143 	span = wpan_dev->pan_id;
144 	sshort = wpan_dev->short_addr;
145 
146 	/* Level 3 filtering: Only beacons are accepted during scans */
147 	if (sdata->required_filtering == IEEE802154_FILTERING_3_SCAN &&
148 	    sdata->required_filtering > wpan_phy->filtering) {
149 		if (mac_cb(skb)->type != IEEE802154_FC_TYPE_BEACON) {
150 			dev_dbg(&sdata->dev->dev,
151 				"drop non-beacon frame (0x%x) during scan\n",
152 				mac_cb(skb)->type);
153 			goto fail;
154 		}
155 	}
156 
157 	switch (mac_cb(skb)->dest.mode) {
158 	case IEEE802154_ADDR_NONE:
159 		if (hdr->source.mode == IEEE802154_ADDR_NONE)
160 			/* ACK comes with both addresses empty */
161 			skb->pkt_type = PACKET_HOST;
162 		else if (!wpan_dev->parent)
163 			/* No dest means PAN coordinator is the recipient */
164 			skb->pkt_type = PACKET_HOST;
165 		else
166 			/* We are not the PAN coordinator, just relaying */
167 			skb->pkt_type = PACKET_OTHERHOST;
168 		break;
169 	case IEEE802154_ADDR_LONG:
170 		if (mac_cb(skb)->dest.pan_id != span &&
171 		    mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST))
172 			skb->pkt_type = PACKET_OTHERHOST;
173 		else if (mac_cb(skb)->dest.extended_addr == wpan_dev->extended_addr)
174 			skb->pkt_type = PACKET_HOST;
175 		else
176 			skb->pkt_type = PACKET_OTHERHOST;
177 		break;
178 	case IEEE802154_ADDR_SHORT:
179 		if (mac_cb(skb)->dest.pan_id != span &&
180 		    mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST))
181 			skb->pkt_type = PACKET_OTHERHOST;
182 		else if (mac_cb(skb)->dest.short_addr == sshort)
183 			skb->pkt_type = PACKET_HOST;
184 		else if (mac_cb(skb)->dest.short_addr ==
185 			  cpu_to_le16(IEEE802154_ADDR_BROADCAST))
186 			skb->pkt_type = PACKET_BROADCAST;
187 		else
188 			skb->pkt_type = PACKET_OTHERHOST;
189 		break;
190 	default:
191 		pr_debug("invalid dest mode\n");
192 		goto fail;
193 	}
194 
195 	skb->dev = sdata->dev;
196 
197 	/* TODO this should be moved after netif_receive_skb call, otherwise
198 	 * wireshark will show a mac header with security fields and the
199 	 * payload is already decrypted.
200 	 */
201 	rc = mac802154_llsec_decrypt(&sdata->sec, skb);
202 	if (rc) {
203 		pr_debug("decryption failed: %i\n", rc);
204 		goto fail;
205 	}
206 
207 	sdata->dev->stats.rx_packets++;
208 	sdata->dev->stats.rx_bytes += skb->len;
209 
210 	switch (mac_cb(skb)->type) {
211 	case IEEE802154_FC_TYPE_BEACON:
212 		dev_dbg(&sdata->dev->dev, "BEACON received\n");
213 		if (!mac802154_is_scanning(sdata->local))
214 			goto fail;
215 
216 		mac_pkt = kzalloc(sizeof(*mac_pkt), GFP_ATOMIC);
217 		if (!mac_pkt)
218 			goto fail;
219 
220 		mac_pkt->skb = skb_get(skb);
221 		mac_pkt->sdata = sdata;
222 		mac_pkt->page = sdata->local->scan_page;
223 		mac_pkt->channel = sdata->local->scan_channel;
224 		list_add_tail(&mac_pkt->node, &sdata->local->rx_beacon_list);
225 		queue_work(sdata->local->mac_wq, &sdata->local->rx_beacon_work);
226 		return NET_RX_SUCCESS;
227 
228 	case IEEE802154_FC_TYPE_MAC_CMD:
229 		dev_dbg(&sdata->dev->dev, "MAC COMMAND received\n");
230 		mac_pkt = kzalloc(sizeof(*mac_pkt), GFP_ATOMIC);
231 		if (!mac_pkt)
232 			goto fail;
233 
234 		mac_pkt->skb = skb_get(skb);
235 		mac_pkt->sdata = sdata;
236 		list_add_tail(&mac_pkt->node, &sdata->local->rx_mac_cmd_list);
237 		queue_work(sdata->local->mac_wq, &sdata->local->rx_mac_cmd_work);
238 		return NET_RX_SUCCESS;
239 
240 	case IEEE802154_FC_TYPE_ACK:
241 		goto fail;
242 
243 	case IEEE802154_FC_TYPE_DATA:
244 		return ieee802154_deliver_skb(skb);
245 	default:
246 		pr_warn_ratelimited("ieee802154: bad frame received "
247 				    "(type = %d)\n", mac_cb(skb)->type);
248 		goto fail;
249 	}
250 
251 fail:
252 	kfree_skb(skb);
253 	return NET_RX_DROP;
254 }
255 
256 static void
257 ieee802154_print_addr(const char *name, const struct ieee802154_addr *addr)
258 {
259 	if (addr->mode == IEEE802154_ADDR_NONE) {
260 		pr_debug("%s not present\n", name);
261 		return;
262 	}
263 
264 	pr_debug("%s PAN ID: %04x\n", name, le16_to_cpu(addr->pan_id));
265 	if (addr->mode == IEEE802154_ADDR_SHORT) {
266 		pr_debug("%s is short: %04x\n", name,
267 			 le16_to_cpu(addr->short_addr));
268 	} else {
269 		u64 hw = swab64((__force u64)addr->extended_addr);
270 
271 		pr_debug("%s is hardware: %8phC\n", name, &hw);
272 	}
273 }
274 
275 static int
276 ieee802154_parse_frame_start(struct sk_buff *skb, struct ieee802154_hdr *hdr)
277 {
278 	int hlen;
279 	struct ieee802154_mac_cb *cb = mac_cb(skb);
280 
281 	skb_reset_mac_header(skb);
282 
283 	hlen = ieee802154_hdr_pull(skb, hdr);
284 	if (hlen < 0)
285 		return -EINVAL;
286 
287 	skb->mac_len = hlen;
288 
289 	pr_debug("fc: %04x dsn: %02x\n", le16_to_cpup((__le16 *)&hdr->fc),
290 		 hdr->seq);
291 
292 	cb->type = hdr->fc.type;
293 	cb->ackreq = hdr->fc.ack_request;
294 	cb->secen = hdr->fc.security_enabled;
295 
296 	ieee802154_print_addr("destination", &hdr->dest);
297 	ieee802154_print_addr("source", &hdr->source);
298 
299 	cb->source = hdr->source;
300 	cb->dest = hdr->dest;
301 
302 	if (hdr->fc.security_enabled) {
303 		u64 key;
304 
305 		pr_debug("seclevel %i\n", hdr->sec.level);
306 
307 		switch (hdr->sec.key_id_mode) {
308 		case IEEE802154_SCF_KEY_IMPLICIT:
309 			pr_debug("implicit key\n");
310 			break;
311 
312 		case IEEE802154_SCF_KEY_INDEX:
313 			pr_debug("key %02x\n", hdr->sec.key_id);
314 			break;
315 
316 		case IEEE802154_SCF_KEY_SHORT_INDEX:
317 			pr_debug("key %04x:%04x %02x\n",
318 				 le32_to_cpu(hdr->sec.short_src) >> 16,
319 				 le32_to_cpu(hdr->sec.short_src) & 0xffff,
320 				 hdr->sec.key_id);
321 			break;
322 
323 		case IEEE802154_SCF_KEY_HW_INDEX:
324 			key = swab64((__force u64)hdr->sec.extended_src);
325 			pr_debug("key source %8phC %02x\n", &key,
326 				 hdr->sec.key_id);
327 			break;
328 		}
329 	}
330 
331 	return 0;
332 }
333 
334 static void
335 __ieee802154_rx_handle_packet(struct ieee802154_local *local,
336 			      struct sk_buff *skb)
337 {
338 	int ret;
339 	struct ieee802154_sub_if_data *sdata;
340 	struct ieee802154_hdr hdr;
341 	struct sk_buff *skb2;
342 
343 	ret = ieee802154_parse_frame_start(skb, &hdr);
344 	if (ret) {
345 		pr_debug("got invalid frame\n");
346 		return;
347 	}
348 
349 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
350 		if (sdata->wpan_dev.iftype == NL802154_IFTYPE_MONITOR)
351 			continue;
352 
353 		if (!ieee802154_sdata_running(sdata))
354 			continue;
355 
356 		/* Do not deliver packets received on interfaces expecting
357 		 * AACK=1 if the address filters where disabled.
358 		 */
359 		if (local->hw.phy->filtering < IEEE802154_FILTERING_4_FRAME_FIELDS &&
360 		    sdata->required_filtering == IEEE802154_FILTERING_4_FRAME_FIELDS)
361 			continue;
362 
363 		skb2 = skb_clone(skb, GFP_ATOMIC);
364 		if (skb2) {
365 			skb2->dev = sdata->dev;
366 			ieee802154_subif_frame(sdata, skb2, &hdr);
367 		}
368 	}
369 }
370 
371 static void
372 ieee802154_monitors_rx(struct ieee802154_local *local, struct sk_buff *skb)
373 {
374 	struct sk_buff *skb2;
375 	struct ieee802154_sub_if_data *sdata;
376 
377 	skb_reset_mac_header(skb);
378 	skb->ip_summed = CHECKSUM_UNNECESSARY;
379 	skb->pkt_type = PACKET_OTHERHOST;
380 	skb->protocol = htons(ETH_P_IEEE802154);
381 
382 	list_for_each_entry_rcu(sdata, &local->interfaces, list) {
383 		if (sdata->wpan_dev.iftype != NL802154_IFTYPE_MONITOR)
384 			continue;
385 
386 		if (!ieee802154_sdata_running(sdata))
387 			continue;
388 
389 		skb2 = skb_clone(skb, GFP_ATOMIC);
390 		if (skb2) {
391 			skb2->dev = sdata->dev;
392 			ieee802154_deliver_skb(skb2);
393 
394 			sdata->dev->stats.rx_packets++;
395 			sdata->dev->stats.rx_bytes += skb->len;
396 		}
397 	}
398 }
399 
400 void ieee802154_rx(struct ieee802154_local *local, struct sk_buff *skb)
401 {
402 	u16 crc;
403 
404 	WARN_ON_ONCE(softirq_count() == 0);
405 
406 	if (local->suspended)
407 		goto free_skb;
408 
409 	/* TODO: When a transceiver omits the checksum here, we
410 	 * add an own calculated one. This is currently an ugly
411 	 * solution because the monitor needs a crc here.
412 	 */
413 	if (local->hw.flags & IEEE802154_HW_RX_OMIT_CKSUM) {
414 		crc = crc_ccitt(0, skb->data, skb->len);
415 		put_unaligned_le16(crc, skb_put(skb, 2));
416 	}
417 
418 	rcu_read_lock();
419 
420 	ieee802154_monitors_rx(local, skb);
421 
422 	/* Level 1 filtering: Check the FCS by software when relevant */
423 	if (local->hw.phy->filtering == IEEE802154_FILTERING_NONE) {
424 		crc = crc_ccitt(0, skb->data, skb->len);
425 		if (crc)
426 			goto drop;
427 	}
428 	/* remove crc */
429 	skb_trim(skb, skb->len - 2);
430 
431 	__ieee802154_rx_handle_packet(local, skb);
432 
433 drop:
434 	rcu_read_unlock();
435 free_skb:
436 	kfree_skb(skb);
437 }
438 
439 void
440 ieee802154_rx_irqsafe(struct ieee802154_hw *hw, struct sk_buff *skb, u8 lqi)
441 {
442 	struct ieee802154_local *local = hw_to_local(hw);
443 	struct ieee802154_mac_cb *cb = mac_cb_init(skb);
444 
445 	cb->lqi = lqi;
446 	skb->pkt_type = IEEE802154_RX_MSG;
447 	skb_queue_tail(&local->skb_queue, skb);
448 	tasklet_schedule(&local->tasklet);
449 }
450 EXPORT_SYMBOL(ieee802154_rx_irqsafe);
451