2
* DECnet An implementation of the DECnet protocol suite for the LINUX
3
* operating system. DECnet is implemented using the BSD Socket
4
* interface as the means of communication with the user level.
6
* DECnet Network Services Protocol (Input)
8
* Author: Eduardo Marcelo Serrat <emserrat@geocities.com>
12
* Steve Whitehouse: Split into dn_nsp_in.c and dn_nsp_out.c from
14
* Steve Whitehouse: Updated to work with my new routing architecture.
15
* Steve Whitehouse: Add changes from Eduardo Serrat's patches.
16
* Steve Whitehouse: Put all ack handling code in a common routine.
17
* Steve Whitehouse: Put other common bits into dn_nsp_rx()
18
* Steve Whitehouse: More checks on skb->len to catch bogus packets
19
* Fixed various race conditions and possible nasties.
20
* Steve Whitehouse: Now handles returned conninit frames.
21
* David S. Miller: New socket locking
22
* Steve Whitehouse: Fixed lockup when socket filtering was enabled.
23
* Paul Koning: Fix to push CC sockets into RUN when acks are
26
* Patrick Caulfield: Checking conninits for correctness & sending of error
28
* Steve Whitehouse: Added backlog congestion level return codes.
30
* Steve Whitehouse: Added flow control support (outbound)
31
* Steve Whitehouse: Prepare for nonlinear skbs
34
/******************************************************************************
35
(c) 1995-1998 E.M. Serrat emserrat@geocities.com
37
This program is free software; you can redistribute it and/or modify
38
it under the terms of the GNU General Public License as published by
39
the Free Software Foundation; either version 2 of the License, or
42
This program is distributed in the hope that it will be useful,
43
but WITHOUT ANY WARRANTY; without even the implied warranty of
44
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
45
GNU General Public License for more details.
46
*******************************************************************************/
48
#include <linux/errno.h>
49
#include <linux/types.h>
50
#include <linux/socket.h>
52
#include <linux/kernel.h>
53
#include <linux/timer.h>
54
#include <linux/string.h>
55
#include <linux/sockios.h>
56
#include <linux/net.h>
57
#include <linux/netdevice.h>
58
#include <linux/inet.h>
59
#include <linux/route.h>
60
#include <linux/slab.h>
62
#include <net/tcp_states.h>
63
#include <asm/system.h>
64
#include <linux/fcntl.h>
66
#include <linux/termios.h>
67
#include <linux/interrupt.h>
68
#include <linux/proc_fs.h>
69
#include <linux/stat.h>
70
#include <linux/init.h>
71
#include <linux/poll.h>
72
#include <linux/netfilter_decnet.h>
73
#include <net/neighbour.h>
76
#include <net/dn_nsp.h>
77
#include <net/dn_dev.h>
78
#include <net/dn_route.h>
80
extern int decnet_log_martians;
82
static void dn_log_martian(struct sk_buff *skb, const char *msg)
84
if (decnet_log_martians && net_ratelimit()) {
85
char *devname = skb->dev ? skb->dev->name : "???";
86
struct dn_skb_cb *cb = DN_SKB_CB(skb);
87
printk(KERN_INFO "DECnet: Martian packet (%s) dev=%s src=0x%04hx dst=0x%04hx srcport=0x%04hx dstport=0x%04hx\n",
88
msg, devname, le16_to_cpu(cb->src), le16_to_cpu(cb->dst),
89
le16_to_cpu(cb->src_port), le16_to_cpu(cb->dst_port));
94
* For this function we've flipped the cross-subchannel bit
95
* if the message is an otherdata or linkservice message. Thus
96
* we can use it to work out what to update.
98
static void dn_ack(struct sock *sk, struct sk_buff *skb, unsigned short ack)
100
struct dn_scp *scp = DN_SK(sk);
101
unsigned short type = ((ack >> 12) & 0x0003);
105
case 0: /* ACK - Data */
106
if (dn_after(ack, scp->ackrcv_dat)) {
107
scp->ackrcv_dat = ack & 0x0fff;
108
wakeup |= dn_nsp_check_xmit_queue(sk, skb, &scp->data_xmit_queue, ack);
111
case 1: /* NAK - Data */
113
case 2: /* ACK - OtherData */
114
if (dn_after(ack, scp->ackrcv_oth)) {
115
scp->ackrcv_oth = ack & 0x0fff;
116
wakeup |= dn_nsp_check_xmit_queue(sk, skb, &scp->other_xmit_queue, ack);
119
case 3: /* NAK - OtherData */
123
if (wakeup && !sock_flag(sk, SOCK_DEAD))
124
sk->sk_state_change(sk);
128
* This function is a universal ack processor.
130
static int dn_process_ack(struct sock *sk, struct sk_buff *skb, int oth)
132
__le16 *ptr = (__le16 *)skb->data;
139
if ((ack = le16_to_cpu(*ptr)) & 0x8000) {
143
if ((ack & 0x4000) == 0) {
146
dn_ack(sk, skb, ack);
153
if ((ack = le16_to_cpu(*ptr)) & 0x8000) {
156
if ((ack & 0x4000) == 0) {
159
dn_ack(sk, skb, ack);
168
* dn_check_idf - Check an image data field format is correct.
169
* @pptr: Pointer to pointer to image data
170
* @len: Pointer to length of image data
171
* @max: The maximum allowed length of the data in the image data field
172
* @follow_on: Check that this many bytes exist beyond the end of the image data
174
* Returns: 0 if ok, -1 on error
176
static inline int dn_check_idf(unsigned char **pptr, int *len, unsigned char max, unsigned char follow_on)
178
unsigned char *ptr = *pptr;
179
unsigned char flen = *ptr++;
184
if ((flen + follow_on) > *len)
193
* Table of reason codes to pass back to node which sent us a badly
194
* formed message, plus text messages for the log. A zero entry in
195
* the reason field means "don't reply" otherwise a disc init is sent with
196
* the specified reason code.
199
unsigned short reason;
202
{ 0, "CI: Truncated message" },
203
{ NSP_REASON_ID, "CI: Destination username error" },
204
{ NSP_REASON_ID, "CI: Destination username type" },
205
{ NSP_REASON_US, "CI: Source username error" },
206
{ 0, "CI: Truncated at menuver" },
207
{ 0, "CI: Truncated before access or user data" },
208
{ NSP_REASON_IO, "CI: Access data format error" },
209
{ NSP_REASON_IO, "CI: User data format error" }
213
* This function uses a slightly different lookup method
214
* to find its sockets, since it searches on object name/number
215
* rather than port numbers. Various tests are done to ensure that
216
* the incoming data is in the correct format before it is queued to
219
static struct sock *dn_find_listener(struct sk_buff *skb, unsigned short *reason)
221
struct dn_skb_cb *cb = DN_SKB_CB(skb);
222
struct nsp_conn_init_msg *msg = (struct nsp_conn_init_msg *)skb->data;
223
struct sockaddr_dn dstaddr;
224
struct sockaddr_dn srcaddr;
225
unsigned char type = 0;
231
unsigned char menuver;
233
memset(&dstaddr, 0, sizeof(struct sockaddr_dn));
234
memset(&srcaddr, 0, sizeof(struct sockaddr_dn));
237
* 1. Decode & remove message header
239
cb->src_port = msg->srcaddr;
240
cb->dst_port = msg->dstaddr;
241
cb->services = msg->services;
242
cb->info = msg->info;
243
cb->segsize = le16_to_cpu(msg->segsize);
245
if (!pskb_may_pull(skb, sizeof(*msg)))
248
skb_pull(skb, sizeof(*msg));
254
* 2. Check destination end username format
256
dstlen = dn_username2sockaddr(ptr, len, &dstaddr, &type);
269
* 3. Check source end username format
271
srclen = dn_username2sockaddr(ptr, len, &srcaddr, &type);
287
* 4. Check that optional data actually exists if menuver says it does
290
if ((menuver & (DN_MENUVER_ACC | DN_MENUVER_USR)) && (len < 1))
294
* 5. Check optional access data format
297
if (menuver & DN_MENUVER_ACC) {
298
if (dn_check_idf(&ptr, &len, 39, 1))
300
if (dn_check_idf(&ptr, &len, 39, 1))
302
if (dn_check_idf(&ptr, &len, 39, (menuver & DN_MENUVER_USR) ? 1 : 0))
307
* 6. Check optional user data format
310
if (menuver & DN_MENUVER_USR) {
311
if (dn_check_idf(&ptr, &len, 16, 0))
316
* 7. Look up socket based on destination end username
318
return dn_sklist_find_listener(&dstaddr);
320
dn_log_martian(skb, ci_err_table[err].text);
321
*reason = ci_err_table[err].reason;
326
static void dn_nsp_conn_init(struct sock *sk, struct sk_buff *skb)
328
if (sk_acceptq_is_full(sk)) {
333
sk->sk_ack_backlog++;
334
skb_queue_tail(&sk->sk_receive_queue, skb);
335
sk->sk_state_change(sk);
338
static void dn_nsp_conn_conf(struct sock *sk, struct sk_buff *skb)
340
struct dn_skb_cb *cb = DN_SKB_CB(skb);
341
struct dn_scp *scp = DN_SK(sk);
348
cb->services = *ptr++;
350
cb->segsize = le16_to_cpu(*(__le16 *)ptr);
352
if ((scp->state == DN_CI) || (scp->state == DN_CD)) {
354
scp->addrrem = cb->src_port;
355
sk->sk_state = TCP_ESTABLISHED;
357
scp->services_rem = cb->services;
358
scp->info_rem = cb->info;
359
scp->segsize_rem = cb->segsize;
361
if ((scp->services_rem & NSP_FC_MASK) == NSP_FC_NONE)
362
scp->max_window = decnet_no_fc_max_cwnd;
365
u16 dlen = *skb->data;
366
if ((dlen <= 16) && (dlen <= skb->len)) {
367
scp->conndata_in.opt_optl = cpu_to_le16(dlen);
368
skb_copy_from_linear_data_offset(skb, 1,
369
scp->conndata_in.opt_data, dlen);
372
dn_nsp_send_link(sk, DN_NOCHANGE, 0);
373
if (!sock_flag(sk, SOCK_DEAD))
374
sk->sk_state_change(sk);
381
static void dn_nsp_conn_ack(struct sock *sk, struct sk_buff *skb)
383
struct dn_scp *scp = DN_SK(sk);
385
if (scp->state == DN_CI) {
393
static void dn_nsp_disc_init(struct sock *sk, struct sk_buff *skb)
395
struct dn_scp *scp = DN_SK(sk);
396
struct dn_skb_cb *cb = DN_SKB_CB(skb);
397
unsigned short reason;
402
reason = le16_to_cpu(*(__le16 *)skb->data);
405
scp->discdata_in.opt_status = cpu_to_le16(reason);
406
scp->discdata_in.opt_optl = 0;
407
memset(scp->discdata_in.opt_data, 0, 16);
410
u16 dlen = *skb->data;
411
if ((dlen <= 16) && (dlen <= skb->len)) {
412
scp->discdata_in.opt_optl = cpu_to_le16(dlen);
413
skb_copy_from_linear_data_offset(skb, 1, scp->discdata_in.opt_data, dlen);
417
scp->addrrem = cb->src_port;
418
sk->sk_state = TCP_CLOSE;
424
sk->sk_err = ECONNREFUSED;
427
sk->sk_shutdown |= SHUTDOWN_MASK;
435
if (!sock_flag(sk, SOCK_DEAD)) {
436
if (sk->sk_socket->state != SS_UNCONNECTED)
437
sk->sk_socket->state = SS_DISCONNECTING;
438
sk->sk_state_change(sk);
442
* It appears that its possible for remote machines to send disc
443
* init messages with no port identifier if we are in the CI and
444
* possibly also the CD state. Obviously we shouldn't reply with
445
* a message if we don't know what the end point is.
448
dn_nsp_send_disc(sk, NSP_DISCCONF, NSP_REASON_DC, GFP_ATOMIC);
450
scp->persist_fxn = dn_destroy_timer;
451
scp->persist = dn_nsp_persist(sk);
458
* disc_conf messages are also called no_resources or no_link
459
* messages depending upon the "reason" field.
461
static void dn_nsp_disc_conf(struct sock *sk, struct sk_buff *skb)
463
struct dn_scp *scp = DN_SK(sk);
464
unsigned short reason;
469
reason = le16_to_cpu(*(__le16 *)skb->data);
471
sk->sk_state = TCP_CLOSE;
478
if (reason == NSP_REASON_DC)
480
if (reason == NSP_REASON_NL)
487
sk->sk_shutdown |= SHUTDOWN_MASK;
492
if (!sock_flag(sk, SOCK_DEAD)) {
493
if (sk->sk_socket->state != SS_UNCONNECTED)
494
sk->sk_socket->state = SS_DISCONNECTING;
495
sk->sk_state_change(sk);
498
scp->persist_fxn = dn_destroy_timer;
499
scp->persist = dn_nsp_persist(sk);
505
static void dn_nsp_linkservice(struct sock *sk, struct sk_buff *skb)
507
struct dn_scp *scp = DN_SK(sk);
508
unsigned short segnum;
509
unsigned char lsflags;
512
char *ptr = skb->data;
513
unsigned char fctype = scp->services_rem & NSP_FC_MASK;
518
segnum = le16_to_cpu(*(__le16 *)ptr);
520
lsflags = *(unsigned char *)ptr++;
524
* Here we ignore erronous packets which should really
525
* should cause a connection abort. It is not critical
531
if (seq_next(scp->numoth_rcv, segnum)) {
532
seq_add(&scp->numoth_rcv, 1);
533
switch(lsflags & 0x04) { /* FCVAL INT */
534
case 0x00: /* Normal Request */
535
switch(lsflags & 0x03) { /* FCVAL MOD */
536
case 0x00: /* Request count */
538
unsigned char p_fcval = -fcval;
539
if ((scp->flowrem_dat > p_fcval) &&
540
(fctype == NSP_FC_SCMC)) {
541
scp->flowrem_dat -= p_fcval;
543
} else if (fcval > 0) {
544
scp->flowrem_dat += fcval;
548
case 0x01: /* Stop outgoing data */
549
scp->flowrem_sw = DN_DONTSEND;
551
case 0x02: /* Ok to start again */
552
scp->flowrem_sw = DN_SEND;
557
case 0x04: /* Interrupt Request */
559
scp->flowrem_oth += fcval;
564
if (wake_up && !sock_flag(sk, SOCK_DEAD))
565
sk->sk_state_change(sk);
568
dn_nsp_send_oth_ack(sk);
575
* Copy of sock_queue_rcv_skb (from sock.h) without
576
* bh_lock_sock() (its already held when this is called) which
577
* also allows data and other data to be queued to a socket.
579
static __inline__ int dn_queue_skb(struct sock *sk, struct sk_buff *skb, int sig, struct sk_buff_head *queue)
584
/* Cast skb->rcvbuf to unsigned... It's pointless, but reduces
585
number of warnings when compiling with -W --ANK
587
if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
588
(unsigned)sk->sk_rcvbuf) {
593
err = sk_filter(sk, skb);
598
skb_set_owner_r(skb, sk);
599
skb_queue_tail(queue, skb);
601
if (!sock_flag(sk, SOCK_DEAD))
602
sk->sk_data_ready(sk, skb_len);
607
static void dn_nsp_otherdata(struct sock *sk, struct sk_buff *skb)
609
struct dn_scp *scp = DN_SK(sk);
610
unsigned short segnum;
611
struct dn_skb_cb *cb = DN_SKB_CB(skb);
617
cb->segnum = segnum = le16_to_cpu(*(__le16 *)skb->data);
620
if (seq_next(scp->numoth_rcv, segnum)) {
622
if (dn_queue_skb(sk, skb, SIGURG, &scp->other_receive_queue) == 0) {
623
seq_add(&scp->numoth_rcv, 1);
624
scp->other_report = 0;
629
dn_nsp_send_oth_ack(sk);
635
static void dn_nsp_data(struct sock *sk, struct sk_buff *skb)
638
unsigned short segnum;
639
struct dn_skb_cb *cb = DN_SKB_CB(skb);
640
struct dn_scp *scp = DN_SK(sk);
645
cb->segnum = segnum = le16_to_cpu(*(__le16 *)skb->data);
648
if (seq_next(scp->numdat_rcv, segnum)) {
649
if (dn_queue_skb(sk, skb, SIGIO, &sk->sk_receive_queue) == 0) {
650
seq_add(&scp->numdat_rcv, 1);
654
if ((scp->flowloc_sw == DN_SEND) && dn_congested(sk)) {
655
scp->flowloc_sw = DN_DONTSEND;
656
dn_nsp_send_link(sk, DN_DONTSEND, 0);
660
dn_nsp_send_data_ack(sk);
667
* If one of our conninit messages is returned, this function
668
* deals with it. It puts the socket into the NO_COMMUNICATION
671
static void dn_returned_conn_init(struct sock *sk, struct sk_buff *skb)
673
struct dn_scp *scp = DN_SK(sk);
675
if (scp->state == DN_CI) {
677
sk->sk_state = TCP_CLOSE;
678
if (!sock_flag(sk, SOCK_DEAD))
679
sk->sk_state_change(sk);
685
static int dn_nsp_no_socket(struct sk_buff *skb, unsigned short reason)
687
struct dn_skb_cb *cb = DN_SKB_CB(skb);
688
int ret = NET_RX_DROP;
690
/* Must not reply to returned packets */
691
if (cb->rt_flags & DN_RT_F_RTS)
694
if ((reason != NSP_REASON_OK) && ((cb->nsp_flags & 0x0c) == 0x08)) {
695
switch(cb->nsp_flags & 0x70) {
697
case 0x60: /* (Retransmitted) Connect Init */
698
dn_nsp_return_disc(skb, NSP_DISCINIT, reason);
699
ret = NET_RX_SUCCESS;
701
case 0x20: /* Connect Confirm */
702
dn_nsp_return_disc(skb, NSP_DISCCONF, reason);
703
ret = NET_RX_SUCCESS;
713
static int dn_nsp_rx_packet(struct sk_buff *skb)
715
struct dn_skb_cb *cb = DN_SKB_CB(skb);
716
struct sock *sk = NULL;
717
unsigned char *ptr = (unsigned char *)skb->data;
718
unsigned short reason = NSP_REASON_NL;
720
if (!pskb_may_pull(skb, 2))
723
skb_reset_transport_header(skb);
724
cb->nsp_flags = *ptr++;
726
if (decnet_debug_level & 2)
727
printk(KERN_DEBUG "dn_nsp_rx: Message type 0x%02x\n", (int)cb->nsp_flags);
729
if (cb->nsp_flags & 0x83)
733
* Filter out conninits and useless packet types
735
if ((cb->nsp_flags & 0x0c) == 0x08) {
736
switch(cb->nsp_flags & 0x70) {
738
case 0x70: /* Reserved */
739
case 0x50: /* Reserved, Phase II node init */
743
if (unlikely(cb->rt_flags & DN_RT_F_RTS))
745
sk = dn_find_listener(skb, &reason);
750
if (!pskb_may_pull(skb, 3))
754
* Grab the destination address.
756
cb->dst_port = *(__le16 *)ptr;
761
* If not a connack, grab the source address too.
763
if (pskb_may_pull(skb, 5)) {
764
cb->src_port = *(__le16 *)ptr;
770
* Returned packets...
771
* Swap src & dst and look up in the normal way.
773
if (unlikely(cb->rt_flags & DN_RT_F_RTS)) {
774
__le16 tmp = cb->dst_port;
775
cb->dst_port = cb->src_port;
783
* Find the socket to which this skb is destined.
785
sk = dn_find_by_skb(skb);
788
struct dn_scp *scp = DN_SK(sk);
791
scp->nsp_rxtshift = 0;
794
* We linearize everything except data segments here.
796
if (cb->nsp_flags & ~0x60) {
797
if (unlikely(skb_linearize(skb)))
801
return sk_receive_skb(sk, skb, 0);
804
return dn_nsp_no_socket(skb, reason);
811
int dn_nsp_rx(struct sk_buff *skb)
813
return NF_HOOK(NFPROTO_DECNET, NF_DN_LOCAL_IN, skb, skb->dev, NULL,
818
* This is the main receive routine for sockets. It is called
819
* from the above when the socket is not busy, and also from
820
* sock_release() when there is a backlog queued up.
822
int dn_nsp_backlog_rcv(struct sock *sk, struct sk_buff *skb)
824
struct dn_scp *scp = DN_SK(sk);
825
struct dn_skb_cb *cb = DN_SKB_CB(skb);
827
if (cb->rt_flags & DN_RT_F_RTS) {
828
if (cb->nsp_flags == 0x18 || cb->nsp_flags == 0x68)
829
dn_returned_conn_init(sk, skb);
832
return NET_RX_SUCCESS;
838
if ((cb->nsp_flags & 0x0c) == 0x08) {
839
switch(cb->nsp_flags & 0x70) {
842
dn_nsp_conn_init(sk, skb);
845
dn_nsp_conn_conf(sk, skb);
848
dn_nsp_disc_init(sk, skb);
851
dn_nsp_disc_conf(sk, skb);
855
} else if (cb->nsp_flags == 0x24) {
857
* Special for connacks, 'cos they don't have
858
* ack data or ack otherdata info.
860
dn_nsp_conn_ack(sk, skb);
864
/* both data and ack frames can kick a CC socket into RUN */
865
if ((scp->state == DN_CC) && !sock_flag(sk, SOCK_DEAD)) {
867
sk->sk_state = TCP_ESTABLISHED;
868
sk->sk_state_change(sk);
871
if ((cb->nsp_flags & 0x1c) == 0)
873
if (cb->nsp_flags == 0x04)
877
* Read out ack data here, this applies equally
878
* to data, other data, link serivce and both
879
* ack data and ack otherdata.
881
dn_process_ack(sk, skb, other);
884
* If we've some sort of data here then call a
885
* suitable routine for dealing with it, otherwise
886
* the packet is an ack and can be discarded.
888
if ((cb->nsp_flags & 0x0c) == 0) {
890
if (scp->state != DN_RUN)
893
switch(cb->nsp_flags) {
895
dn_nsp_linkservice(sk, skb);
898
dn_nsp_otherdata(sk, skb);
901
dn_nsp_data(sk, skb);
904
} else { /* Ack, chuck it out here */
910
return NET_RX_SUCCESS;