1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * File: af_phonet.c 4 * 5 * Phonet protocols family 6 * 7 * Copyright (C) 2008 Nokia Corporation. 8 * 9 * Authors: Sakari Ailus <sakari.ailus@nokia.com> 10 * Rémi Denis-Courmont 11 */ 12 13 #include <linux/kernel.h> 14 #include <linux/module.h> 15 #include <linux/slab.h> 16 #include <linux/unaligned.h> 17 #include <net/sock.h> 18 19 #include <linux/if_phonet.h> 20 #include <linux/phonet.h> 21 #include <net/phonet/phonet.h> 22 #include <net/phonet/pn_dev.h> 23 24 /* Transport protocol registration */ 25 static const struct phonet_protocol __rcu *proto_tab[PHONET_NPROTO] __read_mostly; 26 27 static const struct phonet_protocol *phonet_proto_get(unsigned int protocol) 28 { 29 const struct phonet_protocol *pp; 30 31 if (protocol >= PHONET_NPROTO) 32 return NULL; 33 34 rcu_read_lock(); 35 pp = rcu_dereference(proto_tab[protocol]); 36 if (pp && !try_module_get(pp->prot->owner)) 37 pp = NULL; 38 rcu_read_unlock(); 39 40 return pp; 41 } 42 43 static inline void phonet_proto_put(const struct phonet_protocol *pp) 44 { 45 module_put(pp->prot->owner); 46 } 47 48 /* protocol family functions */ 49 50 static int pn_socket_create(struct net *net, struct socket *sock, int protocol, 51 int kern) 52 { 53 struct sock *sk; 54 struct pn_sock *pn; 55 const struct phonet_protocol *pnp; 56 int err; 57 58 if (!capable(CAP_SYS_ADMIN)) 59 return -EPERM; 60 61 if (protocol == 0) { 62 /* Default protocol selection */ 63 switch (sock->type) { 64 case SOCK_DGRAM: 65 protocol = PN_PROTO_PHONET; 66 break; 67 case SOCK_SEQPACKET: 68 protocol = PN_PROTO_PIPE; 69 break; 70 default: 71 return -EPROTONOSUPPORT; 72 } 73 } 74 75 pnp = phonet_proto_get(protocol); 76 if (pnp == NULL && 77 request_module("net-pf-%d-proto-%d", PF_PHONET, protocol) == 0) 78 pnp = phonet_proto_get(protocol); 79 80 if (pnp == NULL) 81 return -EPROTONOSUPPORT; 82 if (sock->type != pnp->sock_type) { 83 err = -EPROTONOSUPPORT; 84 goto out; 85 } 86 87 sk = sk_alloc(net, PF_PHONET, GFP_KERNEL, pnp->prot, kern); 88 if (sk == NULL) { 89 err = -ENOMEM; 90 goto out; 91 } 92 93 sock_init_data(sock, sk); 94 sock->state = SS_UNCONNECTED; 95 sock->ops = pnp->ops; 96 sk->sk_backlog_rcv = sk->sk_prot->backlog_rcv; 97 sk->sk_protocol = protocol; 98 pn = pn_sk(sk); 99 pn->sobject = 0; 100 pn->dobject = 0; 101 pn->resource = 0; 102 sk->sk_prot->init(sk); 103 err = 0; 104 105 out: 106 phonet_proto_put(pnp); 107 return err; 108 } 109 110 static const struct net_proto_family phonet_proto_family = { 111 .family = PF_PHONET, 112 .create = pn_socket_create, 113 .owner = THIS_MODULE, 114 }; 115 116 /* Phonet device header operations */ 117 static int pn_header_create(struct sk_buff *skb, struct net_device *dev, 118 unsigned short type, const void *daddr, 119 const void *saddr, unsigned int len) 120 { 121 u8 *media = skb_push(skb, 1); 122 123 if (type != ETH_P_PHONET) 124 return -1; 125 126 if (!saddr) 127 saddr = dev->dev_addr; 128 *media = *(const u8 *)saddr; 129 return 1; 130 } 131 132 static int pn_header_parse(const struct sk_buff *skb, 133 const struct net_device *dev, 134 unsigned char *haddr) 135 { 136 const u8 *media = skb_mac_header(skb); 137 138 *haddr = *media; 139 return 1; 140 } 141 142 const struct header_ops phonet_header_ops = { 143 .create = pn_header_create, 144 .parse = pn_header_parse, 145 }; 146 EXPORT_SYMBOL(phonet_header_ops); 147 148 /* 149 * Prepends an ISI header and sends a datagram. 150 */ 151 static int pn_send(struct sk_buff *skb, struct net_device *dev, 152 u16 dst, u16 src, u8 res) 153 { 154 struct phonethdr *ph; 155 int err; 156 157 if (skb->len + 2 > 0xffff /* Phonet length field limit */ || 158 skb->len + sizeof(struct phonethdr) > dev->mtu) { 159 err = -EMSGSIZE; 160 goto drop; 161 } 162 163 /* Broadcast sending is not implemented */ 164 if (pn_addr(dst) == PNADDR_BROADCAST) { 165 err = -EOPNOTSUPP; 166 goto drop; 167 } 168 169 skb_reset_transport_header(skb); 170 WARN_ON(skb_headroom(skb) & 1); /* HW assumes word alignment */ 171 skb_push(skb, sizeof(struct phonethdr)); 172 skb_reset_network_header(skb); 173 ph = pn_hdr(skb); 174 ph->pn_rdev = pn_dev(dst); 175 ph->pn_sdev = pn_dev(src); 176 ph->pn_res = res; 177 ph->pn_length = __cpu_to_be16(skb->len + 2 - sizeof(*ph)); 178 ph->pn_robj = pn_obj(dst); 179 ph->pn_sobj = pn_obj(src); 180 181 skb->protocol = htons(ETH_P_PHONET); 182 skb->priority = 0; 183 skb->dev = dev; 184 185 if (skb->pkt_type == PACKET_LOOPBACK) { 186 skb_reset_mac_header(skb); 187 skb_orphan(skb); 188 err = netif_rx(skb) ? -ENOBUFS : 0; 189 } else { 190 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 191 NULL, NULL, skb->len); 192 if (err < 0) { 193 err = -EHOSTUNREACH; 194 goto drop; 195 } 196 err = dev_queue_xmit(skb); 197 if (unlikely(err > 0)) 198 err = net_xmit_errno(err); 199 } 200 201 return err; 202 drop: 203 kfree_skb(skb); 204 return err; 205 } 206 207 static int pn_raw_send(const void *data, int len, struct net_device *dev, 208 u16 dst, u16 src, u8 res) 209 { 210 struct sk_buff *skb = alloc_skb(MAX_PHONET_HEADER + len, GFP_ATOMIC); 211 if (skb == NULL) 212 return -ENOMEM; 213 214 if (phonet_address_lookup(dev_net(dev), pn_addr(dst)) == 0) 215 skb->pkt_type = PACKET_LOOPBACK; 216 217 skb_reserve(skb, MAX_PHONET_HEADER); 218 __skb_put(skb, len); 219 skb_copy_to_linear_data(skb, data, len); 220 return pn_send(skb, dev, dst, src, res); 221 } 222 223 /* 224 * Create a Phonet header for the skb and send it out. Returns 225 * non-zero error code if failed. The skb is freed then. 226 */ 227 int pn_skb_send(struct sock *sk, struct sk_buff *skb, 228 const struct sockaddr_pn *target) 229 { 230 struct net *net = sock_net(sk); 231 struct net_device *dev; 232 struct pn_sock *pn = pn_sk(sk); 233 int err; 234 u16 src, dst; 235 u8 daddr, saddr, res; 236 237 src = pn->sobject; 238 if (target != NULL) { 239 dst = pn_sockaddr_get_object(target); 240 res = pn_sockaddr_get_resource(target); 241 } else { 242 dst = pn->dobject; 243 res = pn->resource; 244 } 245 daddr = pn_addr(dst); 246 247 err = -EHOSTUNREACH; 248 if (sk->sk_bound_dev_if) 249 dev = dev_get_by_index(net, sk->sk_bound_dev_if); 250 else if (phonet_address_lookup(net, daddr) == 0) { 251 dev = phonet_device_get(net); 252 skb->pkt_type = PACKET_LOOPBACK; 253 } else if (dst == 0) { 254 /* Resource routing (small race until phonet_rcv()) */ 255 struct sock *sk = pn_find_sock_by_res(net, res); 256 if (sk) { 257 sock_put(sk); 258 dev = phonet_device_get(net); 259 skb->pkt_type = PACKET_LOOPBACK; 260 } else 261 dev = phonet_route_output(net, daddr); 262 } else 263 dev = phonet_route_output(net, daddr); 264 265 if (!dev || !(dev->flags & IFF_UP)) 266 goto drop; 267 268 saddr = phonet_address_get(dev, daddr); 269 if (saddr == PN_NO_ADDR) 270 goto drop; 271 272 if (!pn_addr(src)) 273 src = pn_object(saddr, pn_obj(src)); 274 275 err = pn_send(skb, dev, dst, src, res); 276 dev_put(dev); 277 return err; 278 279 drop: 280 kfree_skb(skb); 281 dev_put(dev); 282 return err; 283 } 284 EXPORT_SYMBOL(pn_skb_send); 285 286 /* Do not send an error message in response to an error message */ 287 static inline int can_respond(struct sk_buff *skb) 288 { 289 const struct phonethdr *ph; 290 const struct phonetmsg *pm; 291 u8 submsg_id; 292 293 if (!pskb_may_pull(skb, 3)) 294 return 0; 295 296 ph = pn_hdr(skb); 297 if (ph->pn_res == PN_PREFIX && !pskb_may_pull(skb, 5)) 298 return 0; 299 if (ph->pn_res == PN_COMMGR) /* indications */ 300 return 0; 301 302 ph = pn_hdr(skb); /* re-acquires the pointer */ 303 pm = pn_msg(skb); 304 if (pm->pn_msg_id != PN_COMMON_MESSAGE) 305 return 1; 306 submsg_id = (ph->pn_res == PN_PREFIX) 307 ? pm->pn_e_submsg_id : pm->pn_submsg_id; 308 if (submsg_id != PN_COMM_ISA_ENTITY_NOT_REACHABLE_RESP && 309 pm->pn_e_submsg_id != PN_COMM_SERVICE_NOT_IDENTIFIED_RESP) 310 return 1; 311 return 0; 312 } 313 314 static int send_obj_unreachable(struct sk_buff *rskb) 315 { 316 const struct phonethdr *oph = pn_hdr(rskb); 317 const struct phonetmsg *opm = pn_msg(rskb); 318 struct phonetmsg resp; 319 320 memset(&resp, 0, sizeof(resp)); 321 resp.pn_trans_id = opm->pn_trans_id; 322 resp.pn_msg_id = PN_COMMON_MESSAGE; 323 if (oph->pn_res == PN_PREFIX) { 324 resp.pn_e_res_id = opm->pn_e_res_id; 325 resp.pn_e_submsg_id = PN_COMM_ISA_ENTITY_NOT_REACHABLE_RESP; 326 resp.pn_e_orig_msg_id = opm->pn_msg_id; 327 resp.pn_e_status = 0; 328 } else { 329 resp.pn_submsg_id = PN_COMM_ISA_ENTITY_NOT_REACHABLE_RESP; 330 resp.pn_orig_msg_id = opm->pn_msg_id; 331 resp.pn_status = 0; 332 } 333 return pn_raw_send(&resp, sizeof(resp), rskb->dev, 334 pn_object(oph->pn_sdev, oph->pn_sobj), 335 pn_object(oph->pn_rdev, oph->pn_robj), 336 oph->pn_res); 337 } 338 339 static int send_reset_indications(struct sk_buff *rskb) 340 { 341 struct phonethdr *oph = pn_hdr(rskb); 342 static const u8 data[4] = { 343 0x00 /* trans ID */, 0x10 /* subscribe msg */, 344 0x00 /* subscription count */, 0x00 /* dummy */ 345 }; 346 347 return pn_raw_send(data, sizeof(data), rskb->dev, 348 pn_object(oph->pn_sdev, 0x00), 349 pn_object(oph->pn_rdev, oph->pn_robj), 350 PN_COMMGR); 351 } 352 353 354 /* packet type functions */ 355 356 /* 357 * Stuff received packets to associated sockets. 358 * On error, returns non-zero and releases the skb. 359 */ 360 static int phonet_rcv(struct sk_buff *skb, struct net_device *dev, 361 struct packet_type *pkttype, 362 struct net_device *orig_dev) 363 { 364 struct net *net = dev_net(dev); 365 struct phonethdr *ph; 366 struct sockaddr_pn sa; 367 u16 len; 368 369 skb = skb_share_check(skb, GFP_ATOMIC); 370 if (!skb) 371 return NET_RX_DROP; 372 373 /* check we have at least a full Phonet header */ 374 if (!pskb_pull(skb, sizeof(struct phonethdr))) 375 goto out; 376 377 /* check that the advertised length is correct */ 378 ph = pn_hdr(skb); 379 len = get_unaligned_be16(&ph->pn_length); 380 if (len < 2) 381 goto out; 382 len -= 2; 383 if ((len > skb->len) || pskb_trim(skb, len)) 384 goto out; 385 skb_reset_transport_header(skb); 386 387 pn_skb_get_dst_sockaddr(skb, &sa); 388 389 /* check if this is broadcasted */ 390 if (pn_sockaddr_get_addr(&sa) == PNADDR_BROADCAST) { 391 pn_deliver_sock_broadcast(net, skb); 392 goto out; 393 } 394 395 /* resource routing */ 396 if (pn_sockaddr_get_object(&sa) == 0) { 397 struct sock *sk = pn_find_sock_by_res(net, sa.spn_resource); 398 if (sk) 399 return sk_receive_skb(sk, skb, 0); 400 } 401 402 /* check if we are the destination */ 403 if (phonet_address_lookup(net, pn_sockaddr_get_addr(&sa)) == 0) { 404 /* Phonet packet input */ 405 struct sock *sk = pn_find_sock_by_sa(net, &sa); 406 407 if (sk) 408 return sk_receive_skb(sk, skb, 0); 409 410 if (can_respond(skb)) { 411 send_obj_unreachable(skb); 412 send_reset_indications(skb); 413 } 414 } else if (unlikely(skb->pkt_type == PACKET_LOOPBACK)) 415 goto out; /* Race between address deletion and loopback */ 416 else { 417 /* Phonet packet routing */ 418 struct net_device *out_dev; 419 420 out_dev = phonet_route_output(net, pn_sockaddr_get_addr(&sa)); 421 if (!out_dev) { 422 net_dbg_ratelimited("No Phonet route to %02X\n", 423 pn_sockaddr_get_addr(&sa)); 424 goto out; 425 } 426 427 __skb_push(skb, sizeof(struct phonethdr)); 428 skb->dev = out_dev; 429 if (out_dev == dev) { 430 net_dbg_ratelimited("Phonet loop to %02X on %s\n", 431 pn_sockaddr_get_addr(&sa), 432 dev->name); 433 goto out_dev; 434 } 435 /* Some drivers (e.g. TUN) do not allocate HW header space */ 436 if (skb_cow_head(skb, out_dev->hard_header_len)) 437 goto out_dev; 438 439 if (dev_hard_header(skb, out_dev, ETH_P_PHONET, NULL, NULL, 440 skb->len) < 0) 441 goto out_dev; 442 dev_queue_xmit(skb); 443 dev_put(out_dev); 444 return NET_RX_SUCCESS; 445 out_dev: 446 dev_put(out_dev); 447 } 448 449 out: 450 kfree_skb(skb); 451 return NET_RX_DROP; 452 } 453 454 static struct packet_type phonet_packet_type __read_mostly = { 455 .type = cpu_to_be16(ETH_P_PHONET), 456 .func = phonet_rcv, 457 }; 458 459 static DEFINE_MUTEX(proto_tab_lock); 460 461 int __init_or_module phonet_proto_register(unsigned int protocol, 462 const struct phonet_protocol *pp) 463 { 464 int err = 0; 465 466 if (protocol >= PHONET_NPROTO) 467 return -EINVAL; 468 469 err = proto_register(pp->prot, 1); 470 if (err) 471 return err; 472 473 mutex_lock(&proto_tab_lock); 474 if (proto_tab[protocol]) 475 err = -EBUSY; 476 else 477 rcu_assign_pointer(proto_tab[protocol], pp); 478 mutex_unlock(&proto_tab_lock); 479 480 return err; 481 } 482 EXPORT_SYMBOL(phonet_proto_register); 483 484 void phonet_proto_unregister(unsigned int protocol, 485 const struct phonet_protocol *pp) 486 { 487 mutex_lock(&proto_tab_lock); 488 BUG_ON(rcu_access_pointer(proto_tab[protocol]) != pp); 489 RCU_INIT_POINTER(proto_tab[protocol], NULL); 490 mutex_unlock(&proto_tab_lock); 491 synchronize_rcu(); 492 proto_unregister(pp->prot); 493 } 494 EXPORT_SYMBOL(phonet_proto_unregister); 495 496 /* Module registration */ 497 static int __init phonet_init(void) 498 { 499 int err; 500 501 err = phonet_device_init(); 502 if (err) 503 return err; 504 505 pn_sock_init(); 506 err = sock_register(&phonet_proto_family); 507 if (err) { 508 printk(KERN_ALERT 509 "phonet protocol family initialization failed\n"); 510 goto err_sock; 511 } 512 513 dev_add_pack(&phonet_packet_type); 514 phonet_sysctl_init(); 515 516 err = isi_register(); 517 if (err) 518 goto err; 519 return 0; 520 521 err: 522 phonet_sysctl_exit(); 523 sock_unregister(PF_PHONET); 524 dev_remove_pack(&phonet_packet_type); 525 err_sock: 526 phonet_device_exit(); 527 return err; 528 } 529 530 static void __exit phonet_exit(void) 531 { 532 isi_unregister(); 533 phonet_sysctl_exit(); 534 sock_unregister(PF_PHONET); 535 dev_remove_pack(&phonet_packet_type); 536 phonet_device_exit(); 537 } 538 539 module_init(phonet_init); 540 module_exit(phonet_exit); 541 MODULE_DESCRIPTION("Phonet protocol stack for Linux"); 542 MODULE_LICENSE("GPL"); 543 MODULE_ALIAS_NETPROTO(PF_PHONET); 544