projects / mirror_ubuntu-jammy-kernel.git / blame
| Commit | Line | Data |
|---|---|---|
| b97bf3fd PL |
1 | /* |
| 2 | * net/tipc/msg.c: TIPC message header routines | |
| c4307285 | 3 | * |
| cf2157f8 | 4 | * Copyright (c) 2000-2006, 2014-2015, Ericsson AB |
| 741de3e9 | 5 | * Copyright (c) 2005, 2010-2011, Wind River Systems |
| b97bf3fd PL |
6 | * All rights reserved. |
| 7 | * | |
| 9ea1fd3c | 8 | * Redistribution and use in source and binary forms, with or without |
| b97bf3fd PL |
9 | * modification, are permitted provided that the following conditions are met: |
| 10 | * | |
| 9ea1fd3c PL |
11 | * 1. Redistributions of source code must retain the above copyright |
| 12 | * notice, this list of conditions and the following disclaimer. | |
| 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
| 14 | * notice, this list of conditions and the following disclaimer in the | |
| 15 | * documentation and/or other materials provided with the distribution. | |
| 16 | * 3. Neither the names of the copyright holders nor the names of its | |
| 17 | * contributors may be used to endorse or promote products derived from | |
| 18 | * this software without specific prior written permission. | |
| b97bf3fd | 19 | * |
| 9ea1fd3c PL |
20 | * Alternatively, this software may be distributed under the terms of the |
| 21 | * GNU General Public License ("GPL") version 2 as published by the Free | |
| 22 | * Software Foundation. | |
| 23 | * | |
| 24 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | |
| 25 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
| 26 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
| 27 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE | |
| 28 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
| 29 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
| 30 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
| 31 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |
| 32 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
| 33 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
| b97bf3fd PL |
34 | * POSSIBILITY OF SUCH DAMAGE. |
| 35 | */ | |
| 36 | ||
| c93d3baa | 37 | #include <net/sock.h> |
| b97bf3fd | 38 | #include "core.h" |
| b97bf3fd | 39 | #include "msg.h" |
| 5a379074 JPM |
40 | #include "addr.h" |
| 41 | #include "name_table.h" | |
| fc1b6d6d | 42 | #include "crypto.h" |
| b97bf3fd | 43 | |
| 8db1bae3 | 44 | #define MAX_FORWARD_SIZE 1024 |
| fc1b6d6d TL |
45 | #ifdef CONFIG_TIPC_CRYPTO |
| 46 | #define BUF_HEADROOM ALIGN(((LL_MAX_HEADER + 48) + EHDR_MAX_SIZE), 16) | |
| 47 | #define BUF_TAILROOM (TIPC_AES_GCM_TAG_SIZE) | |
| 48 | #else | |
| 27777daa JPM |
49 | #define BUF_HEADROOM (LL_MAX_HEADER + 48) |
| 50 | #define BUF_TAILROOM 16 | |
| fc1b6d6d | 51 | #endif |
| 8db1bae3 | 52 | |
| 4f1688b2 | 53 | static unsigned int align(unsigned int i) |
| 23461e83 | 54 | { |
| 4f1688b2 | 55 | return (i + 3) & ~3u; |
| 23461e83 AS |
56 | } |
| 57 | ||
| 859fc7c0 YX |
58 | /** |
| 59 | * tipc_buf_acquire - creates a TIPC message buffer | |
| 60 | * @size: message size (including TIPC header) | |
| 61 | * | |
| 62 | * Returns a new buffer with data pointers set to the specified size. | |
| 63 | * | |
| 64 | * NOTE: Headroom is reserved to allow prepending of a data link header. | |
| 65 | * There may also be unrequested tailroom present at the buffer's end. | |
| 66 | */ | |
| 57d5f64d | 67 | struct sk_buff *tipc_buf_acquire(u32 size, gfp_t gfp) |
| 859fc7c0 YX |
68 | { |
| 69 | struct sk_buff *skb; | |
| fc1b6d6d TL |
70 | #ifdef CONFIG_TIPC_CRYPTO |
| 71 | unsigned int buf_size = (BUF_HEADROOM + size + BUF_TAILROOM + 3) & ~3u; | |
| 72 | #else | |
| 859fc7c0 | 73 | unsigned int buf_size = (BUF_HEADROOM + size + 3) & ~3u; |
| fc1b6d6d | 74 | #endif |
| 859fc7c0 | 75 | |
| 57d5f64d | 76 | skb = alloc_skb_fclone(buf_size, gfp); |
| 859fc7c0 YX |
77 | if (skb) { |
| 78 | skb_reserve(skb, BUF_HEADROOM); | |
| 79 | skb_put(skb, size); | |
| 80 | skb->next = NULL; | |
| 81 | } | |
| 82 | return skb; | |
| 83 | } | |
| 84 | ||
| c5898636 JPM |
85 | void tipc_msg_init(u32 own_node, struct tipc_msg *m, u32 user, u32 type, |
| 86 | u32 hsize, u32 dnode) | |
| 23461e83 AS |
87 | { |
| 88 | memset(m, 0, hsize); | |
| 89 | msg_set_version(m); | |
| 90 | msg_set_user(m, user); | |
| 91 | msg_set_hdr_sz(m, hsize); | |
| 92 | msg_set_size(m, hsize); | |
| c5898636 | 93 | msg_set_prevnode(m, own_node); |
| 23461e83 | 94 | msg_set_type(m, type); |
| 1dd0bd2b | 95 | if (hsize > SHORT_H_SIZE) { |
| c5898636 JPM |
96 | msg_set_orignode(m, own_node); |
| 97 | msg_set_destnode(m, dnode); | |
| 1dd0bd2b JPM |
98 | } |
| 99 | } | |
| 100 | ||
| c5898636 | 101 | struct sk_buff *tipc_msg_create(uint user, uint type, |
| 34747539 YX |
102 | uint hdr_sz, uint data_sz, u32 dnode, |
| 103 | u32 onode, u32 dport, u32 oport, int errcode) | |
| 1dd0bd2b JPM |
104 | { |
| 105 | struct tipc_msg *msg; | |
| 106 | struct sk_buff *buf; | |
| 107 | ||
| 57d5f64d | 108 | buf = tipc_buf_acquire(hdr_sz + data_sz, GFP_ATOMIC); |
| 1dd0bd2b JPM |
109 | if (unlikely(!buf)) |
| 110 | return NULL; | |
| 111 | ||
| 112 | msg = buf_msg(buf); | |
| c5898636 | 113 | tipc_msg_init(onode, msg, user, type, hdr_sz, dnode); |
| 1dd0bd2b | 114 | msg_set_size(msg, hdr_sz + data_sz); |
| 1dd0bd2b JPM |
115 | msg_set_origport(msg, oport); |
| 116 | msg_set_destport(msg, dport); | |
| 117 | msg_set_errcode(msg, errcode); | |
| 118 | if (hdr_sz > SHORT_H_SIZE) { | |
| 119 | msg_set_orignode(msg, onode); | |
| 120 | msg_set_destnode(msg, dnode); | |
| 121 | } | |
| 122 | return buf; | |
| 23461e83 AS |
123 | } |
| 124 | ||
| 37e22164 | 125 | /* tipc_buf_append(): Append a buffer to the fragment list of another buffer |
| 29322d0d JPM |
126 | * @*headbuf: in: NULL for first frag, otherwise value returned from prev call |
| 127 | * out: set when successful non-complete reassembly, otherwise NULL | |
| 128 | * @*buf: in: the buffer to append. Always defined | |
| b2ad5e5f | 129 | * out: head buf after successful complete reassembly, otherwise NULL |
| 29322d0d | 130 | * Returns 1 when reassembly complete, otherwise 0 |
| 37e22164 JPM |
131 | */ |
| 132 | int tipc_buf_append(struct sk_buff **headbuf, struct sk_buff **buf) | |
| 133 | { | |
| 134 | struct sk_buff *head = *headbuf; | |
| 135 | struct sk_buff *frag = *buf; | |
| 45c8b7b1 | 136 | struct sk_buff *tail = NULL; |
| 13e9b997 JPM |
137 | struct tipc_msg *msg; |
| 138 | u32 fragid; | |
| 37e22164 | 139 | int delta; |
| 13e9b997 | 140 | bool headstolen; |
| 37e22164 | 141 | |
| 13e9b997 JPM |
142 | if (!frag) |
| 143 | goto err; | |
| 144 | ||
| 145 | msg = buf_msg(frag); | |
| 146 | fragid = msg_type(msg); | |
| 147 | frag->next = NULL; | |
| 37e22164 JPM |
148 | skb_pull(frag, msg_hdr_sz(msg)); |
| 149 | ||
| 150 | if (fragid == FIRST_FRAGMENT) { | |
| 13e9b997 JPM |
151 | if (unlikely(head)) |
| 152 | goto err; | |
| ed42989e CW |
153 | if (skb_cloned(frag)) |
| 154 | frag = skb_copy(frag, GFP_ATOMIC); | |
| ff48b622 | 155 | if (unlikely(!frag)) |
| 13e9b997 | 156 | goto err; |
| 37e22164 | 157 | head = *headbuf = frag; |
| 29322d0d | 158 | *buf = NULL; |
| 45c8b7b1 JPM |
159 | TIPC_SKB_CB(head)->tail = NULL; |
| 160 | if (skb_is_nonlinear(head)) { | |
| 161 | skb_walk_frags(head, tail) { | |
| 162 | TIPC_SKB_CB(head)->tail = tail; | |
| 163 | } | |
| 164 | } else { | |
| 165 | skb_frag_list_init(head); | |
| 166 | } | |
| 37e22164 JPM |
167 | return 0; |
| 168 | } | |
| 13e9b997 | 169 | |
| 37e22164 | 170 | if (!head) |
| 13e9b997 JPM |
171 | goto err; |
| 172 | ||
| 37e22164 JPM |
173 | if (skb_try_coalesce(head, frag, &headstolen, &delta)) { |
| 174 | kfree_skb_partial(frag, headstolen); | |
| 175 | } else { | |
| 13e9b997 | 176 | tail = TIPC_SKB_CB(head)->tail; |
| 37e22164 JPM |
177 | if (!skb_has_frag_list(head)) |
| 178 | skb_shinfo(head)->frag_list = frag; | |
| 179 | else | |
| 180 | tail->next = frag; | |
| 181 | head->truesize += frag->truesize; | |
| 182 | head->data_len += frag->len; | |
| 183 | head->len += frag->len; | |
| 184 | TIPC_SKB_CB(head)->tail = frag; | |
| 185 | } | |
| 13e9b997 | 186 | |
| 37e22164 | 187 | if (fragid == LAST_FRAGMENT) { |
| fc1b6d6d | 188 | TIPC_SKB_CB(head)->validated = 0; |
| d618d09a | 189 | if (unlikely(!tipc_msg_validate(&head))) |
| 1149557d | 190 | goto err; |
| 37e22164 JPM |
191 | *buf = head; |
| 192 | TIPC_SKB_CB(head)->tail = NULL; | |
| 193 | *headbuf = NULL; | |
| 194 | return 1; | |
| 195 | } | |
| 196 | *buf = NULL; | |
| 197 | return 0; | |
| 13e9b997 | 198 | err: |
| 37e22164 | 199 | kfree_skb(*buf); |
| 29322d0d JPM |
200 | kfree_skb(*headbuf); |
| 201 | *buf = *headbuf = NULL; | |
| 37e22164 JPM |
202 | return 0; |
| 203 | } | |
| 4f1688b2 | 204 | |
| c0bceb97 JM |
205 | /** |
| 206 | * tipc_msg_append(): Append data to tail of an existing buffer queue | |
| d8141208 | 207 | * @_hdr: header to be used |
| c0bceb97 JM |
208 | * @m: the data to be appended |
| 209 | * @mss: max allowable size of buffer | |
| 210 | * @dlen: size of data to be appended | |
| 211 | * @txq: queue to appand to | |
| 212 | * Returns the number og 1k blocks appended or errno value | |
| 213 | */ | |
| 214 | int tipc_msg_append(struct tipc_msg *_hdr, struct msghdr *m, int dlen, | |
| 215 | int mss, struct sk_buff_head *txq) | |
| 216 | { | |
| 8298a419 | 217 | struct sk_buff *skb; |
| c0bceb97 JM |
218 | int accounted, total, curr; |
| 219 | int mlen, cpy, rem = dlen; | |
| 220 | struct tipc_msg *hdr; | |
| 221 | ||
| 222 | skb = skb_peek_tail(txq); | |
| 223 | accounted = skb ? msg_blocks(buf_msg(skb)) : 0; | |
| 224 | total = accounted; | |
| 225 | ||
| 5e9eeccc | 226 | do { |
| c0bceb97 | 227 | if (!skb || skb->len >= mss) { |
| c0bceb97 JM |
228 | skb = tipc_buf_acquire(mss, GFP_KERNEL); |
| 229 | if (unlikely(!skb)) | |
| 230 | return -ENOMEM; | |
| 231 | skb_orphan(skb); | |
| 232 | skb_trim(skb, MIN_H_SIZE); | |
| 233 | hdr = buf_msg(skb); | |
| 234 | skb_copy_to_linear_data(skb, _hdr, MIN_H_SIZE); | |
| 235 | msg_set_hdr_sz(hdr, MIN_H_SIZE); | |
| 236 | msg_set_size(hdr, MIN_H_SIZE); | |
| 237 | __skb_queue_tail(txq, skb); | |
| 238 | total += 1; | |
| c0bceb97 JM |
239 | } |
| 240 | hdr = buf_msg(skb); | |
| 241 | curr = msg_blocks(hdr); | |
| 242 | mlen = msg_size(hdr); | |
| c9aa81fa | 243 | cpy = min_t(size_t, rem, mss - mlen); |
| c0bceb97 JM |
244 | if (cpy != copy_from_iter(skb->data + mlen, cpy, &m->msg_iter)) |
| 245 | return -EFAULT; | |
| 246 | msg_set_size(hdr, mlen + cpy); | |
| 247 | skb_put(skb, cpy); | |
| 248 | rem -= cpy; | |
| 249 | total += msg_blocks(hdr) - curr; | |
| c9aa81fa | 250 | } while (rem > 0); |
| c0bceb97 JM |
251 | return total - accounted; |
| 252 | } | |
| 253 | ||
| cf2157f8 JPM |
254 | /* tipc_msg_validate - validate basic format of received message |
| 255 | * | |
| 256 | * This routine ensures a TIPC message has an acceptable header, and at least | |
| 257 | * as much data as the header indicates it should. The routine also ensures | |
| 258 | * that the entire message header is stored in the main fragment of the message | |
| 259 | * buffer, to simplify future access to message header fields. | |
| 260 | * | |
| 261 | * Note: Having extra info present in the message header or data areas is OK. | |
| 262 | * TIPC will ignore the excess, under the assumption that it is optional info | |
| 263 | * introduced by a later release of the protocol. | |
| 264 | */ | |
| d618d09a | 265 | bool tipc_msg_validate(struct sk_buff **_skb) |
| cf2157f8 | 266 | { |
| d618d09a JM |
267 | struct sk_buff *skb = *_skb; |
| 268 | struct tipc_msg *hdr; | |
| cf2157f8 JPM |
269 | int msz, hsz; |
| 270 | ||
| d618d09a | 271 | /* Ensure that flow control ratio condition is satisfied */ |
| 55b3280d HL |
272 | if (unlikely(skb->truesize / buf_roundup_len(skb) >= 4)) { |
| 273 | skb = skb_copy_expand(skb, BUF_HEADROOM, 0, GFP_ATOMIC); | |
| d618d09a JM |
274 | if (!skb) |
| 275 | return false; | |
| 276 | kfree_skb(*_skb); | |
| 277 | *_skb = skb; | |
| 278 | } | |
| 279 | ||
| cf2157f8 JPM |
280 | if (unlikely(TIPC_SKB_CB(skb)->validated)) |
| 281 | return true; | |
| fc1b6d6d | 282 | |
| cf2157f8 JPM |
283 | if (unlikely(!pskb_may_pull(skb, MIN_H_SIZE))) |
| 284 | return false; | |
| 285 | ||
| 286 | hsz = msg_hdr_sz(buf_msg(skb)); | |
| 287 | if (unlikely(hsz < MIN_H_SIZE) || (hsz > MAX_H_SIZE)) | |
| 288 | return false; | |
| 289 | if (unlikely(!pskb_may_pull(skb, hsz))) | |
| 290 | return false; | |
| 291 | ||
| d618d09a JM |
292 | hdr = buf_msg(skb); |
| 293 | if (unlikely(msg_version(hdr) != TIPC_VERSION)) | |
| cf2157f8 JPM |
294 | return false; |
| 295 | ||
| d618d09a | 296 | msz = msg_size(hdr); |
| cf2157f8 JPM |
297 | if (unlikely(msz < hsz)) |
| 298 | return false; | |
| 299 | if (unlikely((msz - hsz) > TIPC_MAX_USER_MSG_SIZE)) | |
| 300 | return false; | |
| 301 | if (unlikely(skb->len < msz)) | |
| 302 | return false; | |
| 303 | ||
| fc1b6d6d | 304 | TIPC_SKB_CB(skb)->validated = 1; |
| cf2157f8 JPM |
305 | return true; |
| 306 | } | |
| 067608e9 | 307 | |
| 2320bcda TL |
308 | /** |
| 309 | * tipc_msg_fragment - build a fragment skb list for TIPC message | |
| 310 | * | |
| 311 | * @skb: TIPC message skb | |
| 312 | * @hdr: internal msg header to be put on the top of the fragments | |
| 313 | * @pktmax: max size of a fragment incl. the header | |
| 314 | * @frags: returned fragment skb list | |
| 315 | * | |
| 316 | * Returns 0 if the fragmentation is successful, otherwise: -EINVAL | |
| 317 | * or -ENOMEM | |
| 318 | */ | |
| 319 | int tipc_msg_fragment(struct sk_buff *skb, const struct tipc_msg *hdr, | |
| 320 | int pktmax, struct sk_buff_head *frags) | |
| 321 | { | |
| 322 | int pktno, nof_fragms, dsz, dmax, eat; | |
| 323 | struct tipc_msg *_hdr; | |
| 324 | struct sk_buff *_skb; | |
| 325 | u8 *data; | |
| 326 | ||
| 327 | /* Non-linear buffer? */ | |
| 328 | if (skb_linearize(skb)) | |
| 329 | return -ENOMEM; | |
| 330 | ||
| 331 | data = (u8 *)skb->data; | |
| 332 | dsz = msg_size(buf_msg(skb)); | |
| 333 | dmax = pktmax - INT_H_SIZE; | |
| 334 | if (dsz <= dmax || !dmax) | |
| 335 | return -EINVAL; | |
| 336 | ||
| 337 | nof_fragms = dsz / dmax + 1; | |
| 338 | for (pktno = 1; pktno <= nof_fragms; pktno++) { | |
| 339 | if (pktno < nof_fragms) | |
| 340 | eat = dmax; | |
| 341 | else | |
| 342 | eat = dsz % dmax; | |
| 343 | /* Allocate a new fragment */ | |
| 344 | _skb = tipc_buf_acquire(INT_H_SIZE + eat, GFP_ATOMIC); | |
| 345 | if (!_skb) | |
| 346 | goto error; | |
| 347 | skb_orphan(_skb); | |
| 348 | __skb_queue_tail(frags, _skb); | |
| 349 | /* Copy header & data to the fragment */ | |
| 350 | skb_copy_to_linear_data(_skb, hdr, INT_H_SIZE); | |
| 351 | skb_copy_to_linear_data_offset(_skb, INT_H_SIZE, data, eat); | |
| 352 | data += eat; | |
| 353 | /* Update the fragment's header */ | |
| 354 | _hdr = buf_msg(_skb); | |
| 355 | msg_set_fragm_no(_hdr, pktno); | |
| 356 | msg_set_nof_fragms(_hdr, nof_fragms); | |
| 357 | msg_set_size(_hdr, INT_H_SIZE + eat); | |
| 358 | } | |
| 359 | return 0; | |
| 360 | ||
| 361 | error: | |
| 362 | __skb_queue_purge(frags); | |
| 363 | __skb_queue_head_init(frags); | |
| 364 | return -ENOMEM; | |
| 365 | } | |
| 366 | ||
| 067608e9 | 367 | /** |
| 9fbfb8b1 | 368 | * tipc_msg_build - create buffer chain containing specified header and data |
| 067608e9 | 369 | * @mhdr: Message header, to be prepended to data |
| 45dcc687 | 370 | * @m: User message |
| 067608e9 JPM |
371 | * @dsz: Total length of user data |
| 372 | * @pktmax: Max packet size that can be used | |
| a6ca1094 YX |
373 | * @list: Buffer or chain of buffers to be returned to caller |
| 374 | * | |
| 4c94cc2d JM |
375 | * Note that the recursive call we are making here is safe, since it can |
| 376 | * logically go only one further level down. | |
| 377 | * | |
| 067608e9 JPM |
378 | * Returns message data size or errno: -ENOMEM, -EFAULT |
| 379 | */ | |
| 4c94cc2d JM |
380 | int tipc_msg_build(struct tipc_msg *mhdr, struct msghdr *m, int offset, |
| 381 | int dsz, int pktmax, struct sk_buff_head *list) | |
| 067608e9 JPM |
382 | { |
| 383 | int mhsz = msg_hdr_sz(mhdr); | |
| 4c94cc2d | 384 | struct tipc_msg pkthdr; |
| 067608e9 | 385 | int msz = mhsz + dsz; |
| 067608e9 | 386 | int pktrem = pktmax; |
| a6ca1094 | 387 | struct sk_buff *skb; |
| 4c94cc2d JM |
388 | int drem = dsz; |
| 389 | int pktno = 1; | |
| 067608e9 | 390 | char *pktpos; |
| 4c94cc2d | 391 | int pktsz; |
| 067608e9 | 392 | int rc; |
| a6ca1094 | 393 | |
| 067608e9 JPM |
394 | msg_set_size(mhdr, msz); |
| 395 | ||
| 396 | /* No fragmentation needed? */ | |
| 397 | if (likely(msz <= pktmax)) { | |
| 57d5f64d | 398 | skb = tipc_buf_acquire(msz, GFP_KERNEL); |
| 4c94cc2d JM |
399 | |
| 400 | /* Fall back to smaller MTU if node local message */ | |
| 401 | if (unlikely(!skb)) { | |
| 402 | if (pktmax != MAX_MSG_SIZE) | |
| 403 | return -ENOMEM; | |
| 404 | rc = tipc_msg_build(mhdr, m, offset, dsz, FB_MTU, list); | |
| 405 | if (rc != dsz) | |
| 406 | return rc; | |
| 407 | if (tipc_msg_assemble(list)) | |
| 408 | return dsz; | |
| 067608e9 | 409 | return -ENOMEM; |
| 4c94cc2d | 410 | } |
| c93d3baa | 411 | skb_orphan(skb); |
| a6ca1094 YX |
412 | __skb_queue_tail(list, skb); |
| 413 | skb_copy_to_linear_data(skb, mhdr, mhsz); | |
| 414 | pktpos = skb->data + mhsz; | |
| cbbd26b8 | 415 | if (copy_from_iter_full(pktpos, dsz, &m->msg_iter)) |
| 067608e9 JPM |
416 | return dsz; |
| 417 | rc = -EFAULT; | |
| 418 | goto error; | |
| 419 | } | |
| 420 | ||
| 421 | /* Prepare reusable fragment header */ | |
| c5898636 JPM |
422 | tipc_msg_init(msg_prevnode(mhdr), &pkthdr, MSG_FRAGMENTER, |
| 423 | FIRST_FRAGMENT, INT_H_SIZE, msg_destnode(mhdr)); | |
| 067608e9 JPM |
424 | msg_set_size(&pkthdr, pktmax); |
| 425 | msg_set_fragm_no(&pkthdr, pktno); | |
| e3eea1eb | 426 | msg_set_importance(&pkthdr, msg_importance(mhdr)); |
| 067608e9 JPM |
427 | |
| 428 | /* Prepare first fragment */ | |
| 57d5f64d | 429 | skb = tipc_buf_acquire(pktmax, GFP_KERNEL); |
| a6ca1094 | 430 | if (!skb) |
| 067608e9 | 431 | return -ENOMEM; |
| c93d3baa | 432 | skb_orphan(skb); |
| a6ca1094 YX |
433 | __skb_queue_tail(list, skb); |
| 434 | pktpos = skb->data; | |
| 435 | skb_copy_to_linear_data(skb, &pkthdr, INT_H_SIZE); | |
| 067608e9 JPM |
436 | pktpos += INT_H_SIZE; |
| 437 | pktrem -= INT_H_SIZE; | |
| a6ca1094 | 438 | skb_copy_to_linear_data_offset(skb, INT_H_SIZE, mhdr, mhsz); |
| 067608e9 JPM |
439 | pktpos += mhsz; |
| 440 | pktrem -= mhsz; | |
| 441 | ||
| 442 | do { | |
| 443 | if (drem < pktrem) | |
| 444 | pktrem = drem; | |
| 445 | ||
| cbbd26b8 | 446 | if (!copy_from_iter_full(pktpos, pktrem, &m->msg_iter)) { |
| 067608e9 JPM |
447 | rc = -EFAULT; |
| 448 | goto error; | |
| 449 | } | |
| 450 | drem -= pktrem; | |
| 067608e9 JPM |
451 | |
| 452 | if (!drem) | |
| 453 | break; | |
| 454 | ||
| 455 | /* Prepare new fragment: */ | |
| 456 | if (drem < (pktmax - INT_H_SIZE)) | |
| 457 | pktsz = drem + INT_H_SIZE; | |
| 458 | else | |
| 459 | pktsz = pktmax; | |
| 57d5f64d | 460 | skb = tipc_buf_acquire(pktsz, GFP_KERNEL); |
| a6ca1094 | 461 | if (!skb) { |
| 067608e9 JPM |
462 | rc = -ENOMEM; |
| 463 | goto error; | |
| 464 | } | |
| c93d3baa | 465 | skb_orphan(skb); |
| a6ca1094 | 466 | __skb_queue_tail(list, skb); |
| 067608e9 JPM |
467 | msg_set_type(&pkthdr, FRAGMENT); |
| 468 | msg_set_size(&pkthdr, pktsz); | |
| 469 | msg_set_fragm_no(&pkthdr, ++pktno); | |
| a6ca1094 YX |
470 | skb_copy_to_linear_data(skb, &pkthdr, INT_H_SIZE); |
| 471 | pktpos = skb->data + INT_H_SIZE; | |
| 067608e9 JPM |
472 | pktrem = pktsz - INT_H_SIZE; |
| 473 | ||
| 474 | } while (1); | |
| a6ca1094 | 475 | msg_set_type(buf_msg(skb), LAST_FRAGMENT); |
| 067608e9 JPM |
476 | return dsz; |
| 477 | error: | |
| a6ca1094 YX |
478 | __skb_queue_purge(list); |
| 479 | __skb_queue_head_init(list); | |
| 067608e9 JPM |
480 | return rc; |
| 481 | } | |
| 482 | ||
| 4f1688b2 | 483 | /** |
| 06e7c70c TL |
484 | * tipc_msg_bundle - Append contents of a buffer to tail of an existing one |
| 485 | * @bskb: the bundle buffer to append to | |
| 486 | * @msg: message to be appended | |
| 487 | * @max: max allowable size for the bundle buffer | |
| 488 | * | |
| 489 | * Returns "true" if bundling has been performed, otherwise "false" | |
| 4f1688b2 | 490 | */ |
| 06e7c70c TL |
491 | static bool tipc_msg_bundle(struct sk_buff *bskb, struct tipc_msg *msg, |
| 492 | u32 max) | |
| 4f1688b2 | 493 | { |
| 06e7c70c TL |
494 | struct tipc_msg *bmsg = buf_msg(bskb); |
| 495 | u32 msz, bsz, offset, pad; | |
| 4f1688b2 | 496 | |
| 06e7c70c | 497 | msz = msg_size(msg); |
| 05dcc5aa | 498 | bsz = msg_size(bmsg); |
| 06e7c70c TL |
499 | offset = align(bsz); |
| 500 | pad = offset - bsz; | |
| 05dcc5aa | 501 | |
| 06e7c70c | 502 | if (unlikely(skb_tailroom(bskb) < (pad + msz))) |
| 4f1688b2 | 503 | return false; |
| 06e7c70c | 504 | if (unlikely(max < (offset + msz))) |
| 4f1688b2 | 505 | return false; |
| 06e7c70c TL |
506 | |
| 507 | skb_put(bskb, pad + msz); | |
| 508 | skb_copy_to_linear_data_offset(bskb, offset, msg, msz); | |
| 509 | msg_set_size(bmsg, offset + msz); | |
| 510 | msg_set_msgcnt(bmsg, msg_msgcnt(bmsg) + 1); | |
| 511 | return true; | |
| 512 | } | |
| 513 | ||
| 514 | /** | |
| 515 | * tipc_msg_try_bundle - Try to bundle a new message to the last one | |
| 516 | * @tskb: the last/target message to which the new one will be appended | |
| 517 | * @skb: the new message skb pointer | |
| 518 | * @mss: max message size (header inclusive) | |
| 519 | * @dnode: destination node for the message | |
| 520 | * @new_bundle: if this call made a new bundle or not | |
| 521 | * | |
| 522 | * Return: "true" if the new message skb is potential for bundling this time or | |
| 523 | * later, in the case a bundling has been done this time, the skb is consumed | |
| 524 | * (the skb pointer = NULL). | |
| 525 | * Otherwise, "false" if the skb cannot be bundled at all. | |
| 526 | */ | |
| 527 | bool tipc_msg_try_bundle(struct sk_buff *tskb, struct sk_buff **skb, u32 mss, | |
| 528 | u32 dnode, bool *new_bundle) | |
| 529 | { | |
| 530 | struct tipc_msg *msg, *inner, *outer; | |
| 531 | u32 tsz; | |
| 532 | ||
| 533 | /* First, check if the new buffer is suitable for bundling */ | |
| 534 | msg = buf_msg(*skb); | |
| 535 | if (msg_user(msg) == MSG_FRAGMENTER) | |
| 4f1688b2 | 536 | return false; |
| 06e7c70c | 537 | if (msg_user(msg) == TUNNEL_PROTOCOL) |
| 4f1688b2 | 538 | return false; |
| 06e7c70c | 539 | if (msg_user(msg) == BCAST_PROTOCOL) |
| 4f1688b2 | 540 | return false; |
| 06e7c70c | 541 | if (mss <= INT_H_SIZE + msg_size(msg)) |
| f21e897e | 542 | return false; |
| 4f1688b2 | 543 | |
| 06e7c70c TL |
544 | /* Ok, but the last/target buffer can be empty? */ |
| 545 | if (unlikely(!tskb)) | |
| 546 | return true; | |
| 547 | ||
| 548 | /* Is it a bundle already? Try to bundle the new message to it */ | |
| 549 | if (msg_user(buf_msg(tskb)) == MSG_BUNDLER) { | |
| 550 | *new_bundle = false; | |
| 551 | goto bundle; | |
| 552 | } | |
| 553 | ||
| 554 | /* Make a new bundle of the two messages if possible */ | |
| 555 | tsz = msg_size(buf_msg(tskb)); | |
| 556 | if (unlikely(mss < align(INT_H_SIZE + tsz) + msg_size(msg))) | |
| 557 | return true; | |
| 558 | if (unlikely(pskb_expand_head(tskb, INT_H_SIZE, mss - tsz - INT_H_SIZE, | |
| 559 | GFP_ATOMIC))) | |
| 560 | return true; | |
| 561 | inner = buf_msg(tskb); | |
| 562 | skb_push(tskb, INT_H_SIZE); | |
| 563 | outer = buf_msg(tskb); | |
| 564 | tipc_msg_init(msg_prevnode(inner), outer, MSG_BUNDLER, 0, INT_H_SIZE, | |
| 565 | dnode); | |
| 566 | msg_set_importance(outer, msg_importance(inner)); | |
| 567 | msg_set_size(outer, INT_H_SIZE + tsz); | |
| 568 | msg_set_msgcnt(outer, 1); | |
| 569 | *new_bundle = true; | |
| 570 | ||
| 571 | bundle: | |
| 572 | if (likely(tipc_msg_bundle(tskb, msg, mss))) { | |
| 573 | consume_skb(*skb); | |
| 574 | *skb = NULL; | |
| 575 | } | |
| 4f1688b2 JPM |
576 | return true; |
| 577 | } | |
| 578 | ||
| c637c103 JPM |
579 | /** |
| 580 | * tipc_msg_extract(): extract bundled inner packet from buffer | |
| c1336ee4 | 581 | * @skb: buffer to be extracted from. |
| c637c103 | 582 | * @iskb: extracted inner buffer, to be returned |
| c1336ee4 JPM |
583 | * @pos: position in outer message of msg to be extracted. |
| 584 | * Returns position of next msg | |
| c637c103 | 585 | * Consumes outer buffer when last packet extracted |
| 60462191 | 586 | * Returns true when there is an extracted buffer, otherwise false |
| c637c103 JPM |
587 | */ |
| 588 | bool tipc_msg_extract(struct sk_buff *skb, struct sk_buff **iskb, int *pos) | |
| 589 | { | |
| ef9be755 TN |
590 | struct tipc_msg *hdr, *ihdr; |
| 591 | int imsz; | |
| c637c103 | 592 | |
| c1336ee4 | 593 | *iskb = NULL; |
| 1149557d | 594 | if (unlikely(skb_linearize(skb))) |
| c1336ee4 JPM |
595 | goto none; |
| 596 | ||
| ef9be755 TN |
597 | hdr = buf_msg(skb); |
| 598 | if (unlikely(*pos > (msg_data_sz(hdr) - MIN_H_SIZE))) | |
| c637c103 | 599 | goto none; |
| c637c103 | 600 | |
| ef9be755 TN |
601 | ihdr = (struct tipc_msg *)(msg_data(hdr) + *pos); |
| 602 | imsz = msg_size(ihdr); | |
| 603 | ||
| 604 | if ((*pos + imsz) > msg_data_sz(hdr)) | |
| c637c103 | 605 | goto none; |
| ef9be755 TN |
606 | |
| 607 | *iskb = tipc_buf_acquire(imsz, GFP_ATOMIC); | |
| 608 | if (!*iskb) | |
| 609 | goto none; | |
| 610 | ||
| 611 | skb_copy_to_linear_data(*iskb, ihdr, imsz); | |
| d618d09a | 612 | if (unlikely(!tipc_msg_validate(iskb))) |
| c637c103 | 613 | goto none; |
| ef9be755 | 614 | |
| c637c103 JPM |
615 | *pos += align(imsz); |
| 616 | return true; | |
| 617 | none: | |
| 618 | kfree_skb(skb); | |
| c1336ee4 | 619 | kfree_skb(*iskb); |
| c637c103 JPM |
620 | *iskb = NULL; |
| 621 | return false; | |
| 622 | } | |
| 623 | ||
| 8db1bae3 JPM |
624 | /** |
| 625 | * tipc_msg_reverse(): swap source and destination addresses and add error code | |
| 29042e19 | 626 | * @own_node: originating node id for reversed message |
| 5cbdbd1a | 627 | * @skb: buffer containing message to be reversed; will be consumed |
| 29042e19 | 628 | * @err: error code to be set in message, if any |
| 5cbdbd1a | 629 | * Replaces consumed buffer with new one when successful |
| 8db1bae3 JPM |
630 | * Returns true if success, otherwise false |
| 631 | */ | |
| bcd3ffd4 | 632 | bool tipc_msg_reverse(u32 own_node, struct sk_buff **skb, int err) |
| 8db1bae3 | 633 | { |
| 29042e19 | 634 | struct sk_buff *_skb = *skb; |
| 5cbdbd1a JM |
635 | struct tipc_msg *_hdr, *hdr; |
| 636 | int hlen, dlen; | |
| 8db1bae3 | 637 | |
| 29042e19 | 638 | if (skb_linearize(_skb)) |
| 8db1bae3 | 639 | goto exit; |
| 5cbdbd1a JM |
640 | _hdr = buf_msg(_skb); |
| 641 | dlen = min_t(uint, msg_data_sz(_hdr), MAX_FORWARD_SIZE); | |
| 642 | hlen = msg_hdr_sz(_hdr); | |
| 643 | ||
| 644 | if (msg_dest_droppable(_hdr)) | |
| ac0074ee | 645 | goto exit; |
| 5cbdbd1a | 646 | if (msg_errcode(_hdr)) |
| 8db1bae3 | 647 | goto exit; |
| 29042e19 | 648 | |
| 5cbdbd1a JM |
649 | /* Never return SHORT header */ |
| 650 | if (hlen == SHORT_H_SIZE) | |
| 651 | hlen = BASIC_H_SIZE; | |
| 29042e19 | 652 | |
| 67879274 TN |
653 | /* Don't return data along with SYN+, - sender has a clone */ |
| 654 | if (msg_is_syn(_hdr) && err == TIPC_ERR_OVERLOAD) | |
| 655 | dlen = 0; | |
| 656 | ||
| 5cbdbd1a JM |
657 | /* Allocate new buffer to return */ |
| 658 | *skb = tipc_buf_acquire(hlen + dlen, GFP_ATOMIC); | |
| 659 | if (!*skb) | |
| 660 | goto exit; | |
| 661 | memcpy((*skb)->data, _skb->data, msg_hdr_sz(_hdr)); | |
| 662 | memcpy((*skb)->data + hlen, msg_data(_hdr), dlen); | |
| 663 | ||
| 664 | /* Build reverse header in new buffer */ | |
| 665 | hdr = buf_msg(*skb); | |
| 666 | msg_set_hdr_sz(hdr, hlen); | |
| 29042e19 | 667 | msg_set_errcode(hdr, err); |
| 59a361bc | 668 | msg_set_non_seq(hdr, 0); |
| 5cbdbd1a JM |
669 | msg_set_origport(hdr, msg_destport(_hdr)); |
| 670 | msg_set_destport(hdr, msg_origport(_hdr)); | |
| 671 | msg_set_destnode(hdr, msg_prevnode(_hdr)); | |
| 29042e19 JPM |
672 | msg_set_prevnode(hdr, own_node); |
| 673 | msg_set_orignode(hdr, own_node); | |
| 5cbdbd1a | 674 | msg_set_size(hdr, hlen + dlen); |
| 29042e19 | 675 | skb_orphan(_skb); |
| 5cbdbd1a | 676 | kfree_skb(_skb); |
| 8db1bae3 JPM |
677 | return true; |
| 678 | exit: | |
| 29042e19 JPM |
679 | kfree_skb(_skb); |
| 680 | *skb = NULL; | |
| 8db1bae3 JPM |
681 | return false; |
| 682 | } | |
| 5a379074 | 683 | |
| 67879274 TN |
684 | bool tipc_msg_skb_clone(struct sk_buff_head *msg, struct sk_buff_head *cpy) |
| 685 | { | |
| 686 | struct sk_buff *skb, *_skb; | |
| 687 | ||
| 688 | skb_queue_walk(msg, skb) { | |
| 689 | _skb = skb_clone(skb, GFP_ATOMIC); | |
| 690 | if (!_skb) { | |
| 691 | __skb_queue_purge(cpy); | |
| 692 | pr_err_ratelimited("Failed to clone buffer chain\n"); | |
| 693 | return false; | |
| 694 | } | |
| 695 | __skb_queue_tail(cpy, _skb); | |
| 696 | } | |
| 697 | return true; | |
| 698 | } | |
| 699 | ||
| 5a379074 | 700 | /** |
| e3a77561 JPM |
701 | * tipc_msg_lookup_dest(): try to find new destination for named message |
| 702 | * @skb: the buffer containing the message. | |
| cda3696d | 703 | * @err: error code to be used by caller if lookup fails |
| 5a379074 | 704 | * Does not consume buffer |
| e3a77561 | 705 | * Returns true if a destination is found, false otherwise |
| 5a379074 | 706 | */ |
| cda3696d | 707 | bool tipc_msg_lookup_dest(struct net *net, struct sk_buff *skb, int *err) |
| 5a379074 | 708 | { |
| e3a77561 | 709 | struct tipc_msg *msg = buf_msg(skb); |
| cda3696d JPM |
710 | u32 dport, dnode; |
| 711 | u32 onode = tipc_own_addr(net); | |
| 5a379074 | 712 | |
| e3a77561 JPM |
713 | if (!msg_isdata(msg)) |
| 714 | return false; | |
| 715 | if (!msg_named(msg)) | |
| 716 | return false; | |
| d482994f JPM |
717 | if (msg_errcode(msg)) |
| 718 | return false; | |
| aad06212 | 719 | *err = TIPC_ERR_NO_NAME; |
| e3a77561 JPM |
720 | if (skb_linearize(skb)) |
| 721 | return false; | |
| 4e3ae001 | 722 | msg = buf_msg(skb); |
| d482994f | 723 | if (msg_reroute_cnt(msg)) |
| e3a77561 | 724 | return false; |
| 928df188 | 725 | dnode = tipc_scope2node(net, msg_lookup_scope(msg)); |
| 4ac1c8d0 | 726 | dport = tipc_nametbl_translate(net, msg_nametype(msg), |
| cda3696d | 727 | msg_nameinst(msg), &dnode); |
| 5a379074 | 728 | if (!dport) |
| e3a77561 | 729 | return false; |
| 5a379074 | 730 | msg_incr_reroute_cnt(msg); |
| cda3696d JPM |
731 | if (dnode != onode) |
| 732 | msg_set_prevnode(msg, onode); | |
| 733 | msg_set_destnode(msg, dnode); | |
| 5a379074 | 734 | msg_set_destport(msg, dport); |
| e3a77561 | 735 | *err = TIPC_OK; |
| a9e2971b | 736 | |
| e3a77561 | 737 | return true; |
| 5a379074 | 738 | } |
| 078bec82 | 739 | |
| 4c94cc2d JM |
740 | /* tipc_msg_assemble() - assemble chain of fragments into one message |
| 741 | */ | |
| 742 | bool tipc_msg_assemble(struct sk_buff_head *list) | |
| 743 | { | |
| 744 | struct sk_buff *skb, *tmp = NULL; | |
| 745 | ||
| 746 | if (skb_queue_len(list) == 1) | |
| 747 | return true; | |
| 748 | ||
| 749 | while ((skb = __skb_dequeue(list))) { | |
| 750 | skb->next = NULL; | |
| 751 | if (tipc_buf_append(&tmp, &skb)) { | |
| 752 | __skb_queue_tail(list, skb); | |
| 753 | return true; | |
| 754 | } | |
| 755 | if (!tmp) | |
| 756 | break; | |
| 757 | } | |
| 758 | __skb_queue_purge(list); | |
| 759 | __skb_queue_head_init(list); | |
| 760 | pr_warn("Failed do assemble buffer\n"); | |
| 761 | return false; | |
| 762 | } | |
| 763 | ||
| 078bec82 JPM |
764 | /* tipc_msg_reassemble() - clone a buffer chain of fragments and |
| 765 | * reassemble the clones into one message | |
| 766 | */ | |
| 2f566124 | 767 | bool tipc_msg_reassemble(struct sk_buff_head *list, struct sk_buff_head *rcvq) |
| 078bec82 | 768 | { |
| 2f566124 | 769 | struct sk_buff *skb, *_skb; |
| a6ca1094 | 770 | struct sk_buff *frag = NULL; |
| 078bec82 | 771 | struct sk_buff *head = NULL; |
| 2f566124 | 772 | int hdr_len; |
| 078bec82 JPM |
773 | |
| 774 | /* Copy header if single buffer */ | |
| a6ca1094 YX |
775 | if (skb_queue_len(list) == 1) { |
| 776 | skb = skb_peek(list); | |
| 2f566124 JPM |
777 | hdr_len = skb_headroom(skb) + msg_hdr_sz(buf_msg(skb)); |
| 778 | _skb = __pskb_copy(skb, hdr_len, GFP_ATOMIC); | |
| 779 | if (!_skb) | |
| 780 | return false; | |
| 781 | __skb_queue_tail(rcvq, _skb); | |
| 782 | return true; | |
| 078bec82 JPM |
783 | } |
| 784 | ||
| 785 | /* Clone all fragments and reassemble */ | |
| a6ca1094 YX |
786 | skb_queue_walk(list, skb) { |
| 787 | frag = skb_clone(skb, GFP_ATOMIC); | |
| 078bec82 JPM |
788 | if (!frag) |
| 789 | goto error; | |
| 790 | frag->next = NULL; | |
| 791 | if (tipc_buf_append(&head, &frag)) | |
| 792 | break; | |
| 793 | if (!head) | |
| 794 | goto error; | |
| 078bec82 | 795 | } |
| 2f566124 JPM |
796 | __skb_queue_tail(rcvq, frag); |
| 797 | return true; | |
| 078bec82 JPM |
798 | error: |
| 799 | pr_warn("Failed do clone local mcast rcv buffer\n"); | |
| 800 | kfree_skb(head); | |
| 2f566124 | 801 | return false; |
| 078bec82 | 802 | } |
| 8306f99a | 803 | |
| a853e4c6 JPM |
804 | bool tipc_msg_pskb_copy(u32 dst, struct sk_buff_head *msg, |
| 805 | struct sk_buff_head *cpy) | |
| 806 | { | |
| 807 | struct sk_buff *skb, *_skb; | |
| 808 | ||
| 809 | skb_queue_walk(msg, skb) { | |
| 810 | _skb = pskb_copy(skb, GFP_ATOMIC); | |
| 811 | if (!_skb) { | |
| 812 | __skb_queue_purge(cpy); | |
| 813 | return false; | |
| 814 | } | |
| 815 | msg_set_destnode(buf_msg(_skb), dst); | |
| 816 | __skb_queue_tail(cpy, _skb); | |
| 817 | } | |
| 818 | return true; | |
| 819 | } | |
| 820 | ||
| 8306f99a JPM |
821 | /* tipc_skb_queue_sorted(); sort pkt into list according to sequence number |
| 822 | * @list: list to be appended to | |
| 823 | * @seqno: sequence number of buffer to add | |
| 824 | * @skb: buffer to add | |
| 825 | */ | |
| 03b6fefd | 826 | bool __tipc_skb_queue_sorted(struct sk_buff_head *list, u16 seqno, |
| 8306f99a JPM |
827 | struct sk_buff *skb) |
| 828 | { | |
| 829 | struct sk_buff *_skb, *tmp; | |
| 830 | ||
| 831 | if (skb_queue_empty(list) || less(seqno, buf_seqno(skb_peek(list)))) { | |
| 832 | __skb_queue_head(list, skb); | |
| 03b6fefd | 833 | return true; |
| 8306f99a JPM |
834 | } |
| 835 | ||
| 836 | if (more(seqno, buf_seqno(skb_peek_tail(list)))) { | |
| 837 | __skb_queue_tail(list, skb); | |
| 03b6fefd | 838 | return true; |
| 8306f99a JPM |
839 | } |
| 840 | ||
| 841 | skb_queue_walk_safe(list, _skb, tmp) { | |
| 842 | if (more(seqno, buf_seqno(_skb))) | |
| 843 | continue; | |
| 844 | if (seqno == buf_seqno(_skb)) | |
| 845 | break; | |
| 846 | __skb_queue_before(list, _skb, skb); | |
| 03b6fefd | 847 | return true; |
| 8306f99a JPM |
848 | } |
| 849 | kfree_skb(skb); | |
| 03b6fefd | 850 | return false; |
| 8306f99a | 851 | } |
| 64ac5f59 JM |
852 | |
| 853 | void tipc_skb_reject(struct net *net, int err, struct sk_buff *skb, | |
| 854 | struct sk_buff_head *xmitq) | |
| 855 | { | |
| 856 | if (tipc_msg_reverse(tipc_own_addr(net), &skb, err)) | |
| 857 | __skb_queue_tail(xmitq, skb); | |
| 858 | } |