Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
dn_nsp_in.c
Go to the documentation of this file.
1 /*
2  * DECnet An implementation of the DECnet protocol suite for the LINUX
3  * operating system. DECnet is implemented using the BSD Socket
4  * interface as the means of communication with the user level.
5  *
6  * DECnet Network Services Protocol (Input)
7  *
8  * Author: Eduardo Marcelo Serrat <[email protected]>
9  *
10  * Changes:
11  *
12  * Steve Whitehouse: Split into dn_nsp_in.c and dn_nsp_out.c from
13  * original dn_nsp.c.
14  * Steve Whitehouse: Updated to work with my new routing architecture.
15  * Steve Whitehouse: Add changes from Eduardo Serrat's patches.
16  * Steve Whitehouse: Put all ack handling code in a common routine.
17  * Steve Whitehouse: Put other common bits into dn_nsp_rx()
18  * Steve Whitehouse: More checks on skb->len to catch bogus packets
19  * Fixed various race conditions and possible nasties.
20  * Steve Whitehouse: Now handles returned conninit frames.
21  * David S. Miller: New socket locking
22  * Steve Whitehouse: Fixed lockup when socket filtering was enabled.
23  * Paul Koning: Fix to push CC sockets into RUN when acks are
24  * received.
25  * Steve Whitehouse:
26  * Patrick Caulfield: Checking conninits for correctness & sending of error
27  * responses.
28  * Steve Whitehouse: Added backlog congestion level return codes.
29  * Patrick Caulfield:
30  * Steve Whitehouse: Added flow control support (outbound)
31  * Steve Whitehouse: Prepare for nonlinear skbs
32  */
33 
34 /******************************************************************************
35  (c) 1995-1998 E.M. Serrat [email protected]
36 
37  This program is free software; you can redistribute it and/or modify
38  it under the terms of the GNU General Public License as published by
39  the Free Software Foundation; either version 2 of the License, or
40  any later version.
41 
42  This program is distributed in the hope that it will be useful,
43  but WITHOUT ANY WARRANTY; without even the implied warranty of
44  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
45  GNU General Public License for more details.
46 *******************************************************************************/
47 
48 #include <linux/errno.h>
49 #include <linux/types.h>
50 #include <linux/socket.h>
51 #include <linux/in.h>
52 #include <linux/kernel.h>
53 #include <linux/timer.h>
54 #include <linux/string.h>
55 #include <linux/sockios.h>
56 #include <linux/net.h>
57 #include <linux/netdevice.h>
58 #include <linux/inet.h>
59 #include <linux/route.h>
60 #include <linux/slab.h>
61 #include <net/sock.h>
62 #include <net/tcp_states.h>
63 #include <linux/fcntl.h>
64 #include <linux/mm.h>
65 #include <linux/termios.h>
66 #include <linux/interrupt.h>
67 #include <linux/proc_fs.h>
68 #include <linux/stat.h>
69 #include <linux/init.h>
70 #include <linux/poll.h>
71 #include <linux/netfilter_decnet.h>
72 #include <net/neighbour.h>
73 #include <net/dst.h>
74 #include <net/dn.h>
75 #include <net/dn_nsp.h>
76 #include <net/dn_dev.h>
77 #include <net/dn_route.h>
78 
79 extern int decnet_log_martians;
80 
81 static void dn_log_martian(struct sk_buff *skb, const char *msg)
82 {
83  if (decnet_log_martians) {
84  char *devname = skb->dev ? skb->dev->name : "???";
85  struct dn_skb_cb *cb = DN_SKB_CB(skb);
86  net_info_ratelimited("DECnet: Martian packet (%s) dev=%s src=0x%04hx dst=0x%04hx srcport=0x%04hx dstport=0x%04hx\n",
87  msg, devname,
88  le16_to_cpu(cb->src),
89  le16_to_cpu(cb->dst),
90  le16_to_cpu(cb->src_port),
91  le16_to_cpu(cb->dst_port));
92  }
93 }
94 
95 /*
96  * For this function we've flipped the cross-subchannel bit
97  * if the message is an otherdata or linkservice message. Thus
98  * we can use it to work out what to update.
99  */
100 static void dn_ack(struct sock *sk, struct sk_buff *skb, unsigned short ack)
101 {
102  struct dn_scp *scp = DN_SK(sk);
103  unsigned short type = ((ack >> 12) & 0x0003);
104  int wakeup = 0;
105 
106  switch (type) {
107  case 0: /* ACK - Data */
108  if (dn_after(ack, scp->ackrcv_dat)) {
109  scp->ackrcv_dat = ack & 0x0fff;
110  wakeup |= dn_nsp_check_xmit_queue(sk, skb,
111  &scp->data_xmit_queue,
112  ack);
113  }
114  break;
115  case 1: /* NAK - Data */
116  break;
117  case 2: /* ACK - OtherData */
118  if (dn_after(ack, scp->ackrcv_oth)) {
119  scp->ackrcv_oth = ack & 0x0fff;
120  wakeup |= dn_nsp_check_xmit_queue(sk, skb,
121  &scp->other_xmit_queue,
122  ack);
123  }
124  break;
125  case 3: /* NAK - OtherData */
126  break;
127  }
128 
129  if (wakeup && !sock_flag(sk, SOCK_DEAD))
130  sk->sk_state_change(sk);
131 }
132 
133 /*
134  * This function is a universal ack processor.
135  */
136 static int dn_process_ack(struct sock *sk, struct sk_buff *skb, int oth)
137 {
138  __le16 *ptr = (__le16 *)skb->data;
139  int len = 0;
140  unsigned short ack;
141 
142  if (skb->len < 2)
143  return len;
144 
145  if ((ack = le16_to_cpu(*ptr)) & 0x8000) {
146  skb_pull(skb, 2);
147  ptr++;
148  len += 2;
149  if ((ack & 0x4000) == 0) {
150  if (oth)
151  ack ^= 0x2000;
152  dn_ack(sk, skb, ack);
153  }
154  }
155 
156  if (skb->len < 2)
157  return len;
158 
159  if ((ack = le16_to_cpu(*ptr)) & 0x8000) {
160  skb_pull(skb, 2);
161  len += 2;
162  if ((ack & 0x4000) == 0) {
163  if (oth)
164  ack ^= 0x2000;
165  dn_ack(sk, skb, ack);
166  }
167  }
168 
169  return len;
170 }
171 
172 
182 static inline int dn_check_idf(unsigned char **pptr, int *len, unsigned char max, unsigned char follow_on)
183 {
184  unsigned char *ptr = *pptr;
185  unsigned char flen = *ptr++;
186 
187  (*len)--;
188  if (flen > max)
189  return -1;
190  if ((flen + follow_on) > *len)
191  return -1;
192 
193  *len -= flen;
194  *pptr = ptr + flen;
195  return 0;
196 }
197 
198 /*
199  * Table of reason codes to pass back to node which sent us a badly
200  * formed message, plus text messages for the log. A zero entry in
201  * the reason field means "don't reply" otherwise a disc init is sent with
202  * the specified reason code.
203  */
204 static struct {
205  unsigned short reason;
206  const char *text;
207 } ci_err_table[] = {
208  { 0, "CI: Truncated message" },
209  { NSP_REASON_ID, "CI: Destination username error" },
210  { NSP_REASON_ID, "CI: Destination username type" },
211  { NSP_REASON_US, "CI: Source username error" },
212  { 0, "CI: Truncated at menuver" },
213  { 0, "CI: Truncated before access or user data" },
214  { NSP_REASON_IO, "CI: Access data format error" },
215  { NSP_REASON_IO, "CI: User data format error" }
216 };
217 
218 /*
219  * This function uses a slightly different lookup method
220  * to find its sockets, since it searches on object name/number
221  * rather than port numbers. Various tests are done to ensure that
222  * the incoming data is in the correct format before it is queued to
223  * a socket.
224  */
225 static struct sock *dn_find_listener(struct sk_buff *skb, unsigned short *reason)
226 {
227  struct dn_skb_cb *cb = DN_SKB_CB(skb);
228  struct nsp_conn_init_msg *msg = (struct nsp_conn_init_msg *)skb->data;
229  struct sockaddr_dn dstaddr;
230  struct sockaddr_dn srcaddr;
231  unsigned char type = 0;
232  int dstlen;
233  int srclen;
234  unsigned char *ptr;
235  int len;
236  int err = 0;
237  unsigned char menuver;
238 
239  memset(&dstaddr, 0, sizeof(struct sockaddr_dn));
240  memset(&srcaddr, 0, sizeof(struct sockaddr_dn));
241 
242  /*
243  * 1. Decode & remove message header
244  */
245  cb->src_port = msg->srcaddr;
246  cb->dst_port = msg->dstaddr;
247  cb->services = msg->services;
248  cb->info = msg->info;
249  cb->segsize = le16_to_cpu(msg->segsize);
250 
251  if (!pskb_may_pull(skb, sizeof(*msg)))
252  goto err_out;
253 
254  skb_pull(skb, sizeof(*msg));
255 
256  len = skb->len;
257  ptr = skb->data;
258 
259  /*
260  * 2. Check destination end username format
261  */
262  dstlen = dn_username2sockaddr(ptr, len, &dstaddr, &type);
263  err++;
264  if (dstlen < 0)
265  goto err_out;
266 
267  err++;
268  if (type > 1)
269  goto err_out;
270 
271  len -= dstlen;
272  ptr += dstlen;
273 
274  /*
275  * 3. Check source end username format
276  */
277  srclen = dn_username2sockaddr(ptr, len, &srcaddr, &type);
278  err++;
279  if (srclen < 0)
280  goto err_out;
281 
282  len -= srclen;
283  ptr += srclen;
284  err++;
285  if (len < 1)
286  goto err_out;
287 
288  menuver = *ptr;
289  ptr++;
290  len--;
291 
292  /*
293  * 4. Check that optional data actually exists if menuver says it does
294  */
295  err++;
296  if ((menuver & (DN_MENUVER_ACC | DN_MENUVER_USR)) && (len < 1))
297  goto err_out;
298 
299  /*
300  * 5. Check optional access data format
301  */
302  err++;
303  if (menuver & DN_MENUVER_ACC) {
304  if (dn_check_idf(&ptr, &len, 39, 1))
305  goto err_out;
306  if (dn_check_idf(&ptr, &len, 39, 1))
307  goto err_out;
308  if (dn_check_idf(&ptr, &len, 39, (menuver & DN_MENUVER_USR) ? 1 : 0))
309  goto err_out;
310  }
311 
312  /*
313  * 6. Check optional user data format
314  */
315  err++;
316  if (menuver & DN_MENUVER_USR) {
317  if (dn_check_idf(&ptr, &len, 16, 0))
318  goto err_out;
319  }
320 
321  /*
322  * 7. Look up socket based on destination end username
323  */
324  return dn_sklist_find_listener(&dstaddr);
325 err_out:
326  dn_log_martian(skb, ci_err_table[err].text);
327  *reason = ci_err_table[err].reason;
328  return NULL;
329 }
330 
331 
332 static void dn_nsp_conn_init(struct sock *sk, struct sk_buff *skb)
333 {
334  if (sk_acceptq_is_full(sk)) {
335  kfree_skb(skb);
336  return;
337  }
338 
339  sk->sk_ack_backlog++;
340  skb_queue_tail(&sk->sk_receive_queue, skb);
341  sk->sk_state_change(sk);
342 }
343 
344 static void dn_nsp_conn_conf(struct sock *sk, struct sk_buff *skb)
345 {
346  struct dn_skb_cb *cb = DN_SKB_CB(skb);
347  struct dn_scp *scp = DN_SK(sk);
348  unsigned char *ptr;
349 
350  if (skb->len < 4)
351  goto out;
352 
353  ptr = skb->data;
354  cb->services = *ptr++;
355  cb->info = *ptr++;
356  cb->segsize = le16_to_cpu(*(__le16 *)ptr);
357 
358  if ((scp->state == DN_CI) || (scp->state == DN_CD)) {
359  scp->persist = 0;
360  scp->addrrem = cb->src_port;
361  sk->sk_state = TCP_ESTABLISHED;
362  scp->state = DN_RUN;
363  scp->services_rem = cb->services;
364  scp->info_rem = cb->info;
365  scp->segsize_rem = cb->segsize;
366 
367  if ((scp->services_rem & NSP_FC_MASK) == NSP_FC_NONE)
368  scp->max_window = decnet_no_fc_max_cwnd;
369 
370  if (skb->len > 0) {
371  u16 dlen = *skb->data;
372  if ((dlen <= 16) && (dlen <= skb->len)) {
373  scp->conndata_in.opt_optl = cpu_to_le16(dlen);
374  skb_copy_from_linear_data_offset(skb, 1,
375  scp->conndata_in.opt_data, dlen);
376  }
377  }
378  dn_nsp_send_link(sk, DN_NOCHANGE, 0);
379  if (!sock_flag(sk, SOCK_DEAD))
380  sk->sk_state_change(sk);
381  }
382 
383 out:
384  kfree_skb(skb);
385 }
386 
387 static void dn_nsp_conn_ack(struct sock *sk, struct sk_buff *skb)
388 {
389  struct dn_scp *scp = DN_SK(sk);
390 
391  if (scp->state == DN_CI) {
392  scp->state = DN_CD;
393  scp->persist = 0;
394  }
395 
396  kfree_skb(skb);
397 }
398 
399 static void dn_nsp_disc_init(struct sock *sk, struct sk_buff *skb)
400 {
401  struct dn_scp *scp = DN_SK(sk);
402  struct dn_skb_cb *cb = DN_SKB_CB(skb);
403  unsigned short reason;
404 
405  if (skb->len < 2)
406  goto out;
407 
408  reason = le16_to_cpu(*(__le16 *)skb->data);
409  skb_pull(skb, 2);
410 
411  scp->discdata_in.opt_status = cpu_to_le16(reason);
412  scp->discdata_in.opt_optl = 0;
413  memset(scp->discdata_in.opt_data, 0, 16);
414 
415  if (skb->len > 0) {
416  u16 dlen = *skb->data;
417  if ((dlen <= 16) && (dlen <= skb->len)) {
418  scp->discdata_in.opt_optl = cpu_to_le16(dlen);
419  skb_copy_from_linear_data_offset(skb, 1, scp->discdata_in.opt_data, dlen);
420  }
421  }
422 
423  scp->addrrem = cb->src_port;
424  sk->sk_state = TCP_CLOSE;
425 
426  switch (scp->state) {
427  case DN_CI:
428  case DN_CD:
429  scp->state = DN_RJ;
430  sk->sk_err = ECONNREFUSED;
431  break;
432  case DN_RUN:
433  sk->sk_shutdown |= SHUTDOWN_MASK;
434  scp->state = DN_DN;
435  break;
436  case DN_DI:
437  scp->state = DN_DIC;
438  break;
439  }
440 
441  if (!sock_flag(sk, SOCK_DEAD)) {
442  if (sk->sk_socket->state != SS_UNCONNECTED)
443  sk->sk_socket->state = SS_DISCONNECTING;
444  sk->sk_state_change(sk);
445  }
446 
447  /*
448  * It appears that its possible for remote machines to send disc
449  * init messages with no port identifier if we are in the CI and
450  * possibly also the CD state. Obviously we shouldn't reply with
451  * a message if we don't know what the end point is.
452  */
453  if (scp->addrrem) {
454  dn_nsp_send_disc(sk, NSP_DISCCONF, NSP_REASON_DC, GFP_ATOMIC);
455  }
456  scp->persist_fxn = dn_destroy_timer;
457  scp->persist = dn_nsp_persist(sk);
458 
459 out:
460  kfree_skb(skb);
461 }
462 
463 /*
464  * disc_conf messages are also called no_resources or no_link
465  * messages depending upon the "reason" field.
466  */
467 static void dn_nsp_disc_conf(struct sock *sk, struct sk_buff *skb)
468 {
469  struct dn_scp *scp = DN_SK(sk);
470  unsigned short reason;
471 
472  if (skb->len != 2)
473  goto out;
474 
475  reason = le16_to_cpu(*(__le16 *)skb->data);
476 
477  sk->sk_state = TCP_CLOSE;
478 
479  switch (scp->state) {
480  case DN_CI:
481  scp->state = DN_NR;
482  break;
483  case DN_DR:
484  if (reason == NSP_REASON_DC)
485  scp->state = DN_DRC;
486  if (reason == NSP_REASON_NL)
487  scp->state = DN_CN;
488  break;
489  case DN_DI:
490  scp->state = DN_DIC;
491  break;
492  case DN_RUN:
493  sk->sk_shutdown |= SHUTDOWN_MASK;
494  case DN_CC:
495  scp->state = DN_CN;
496  }
497 
498  if (!sock_flag(sk, SOCK_DEAD)) {
499  if (sk->sk_socket->state != SS_UNCONNECTED)
500  sk->sk_socket->state = SS_DISCONNECTING;
501  sk->sk_state_change(sk);
502  }
503 
504  scp->persist_fxn = dn_destroy_timer;
505  scp->persist = dn_nsp_persist(sk);
506 
507 out:
508  kfree_skb(skb);
509 }
510 
511 static void dn_nsp_linkservice(struct sock *sk, struct sk_buff *skb)
512 {
513  struct dn_scp *scp = DN_SK(sk);
514  unsigned short segnum;
515  unsigned char lsflags;
516  signed char fcval;
517  int wake_up = 0;
518  char *ptr = skb->data;
519  unsigned char fctype = scp->services_rem & NSP_FC_MASK;
520 
521  if (skb->len != 4)
522  goto out;
523 
524  segnum = le16_to_cpu(*(__le16 *)ptr);
525  ptr += 2;
526  lsflags = *(unsigned char *)ptr++;
527  fcval = *ptr;
528 
529  /*
530  * Here we ignore erronous packets which should really
531  * should cause a connection abort. It is not critical
532  * for now though.
533  */
534  if (lsflags & 0xf8)
535  goto out;
536 
537  if (seq_next(scp->numoth_rcv, segnum)) {
538  seq_add(&scp->numoth_rcv, 1);
539  switch(lsflags & 0x04) { /* FCVAL INT */
540  case 0x00: /* Normal Request */
541  switch(lsflags & 0x03) { /* FCVAL MOD */
542  case 0x00: /* Request count */
543  if (fcval < 0) {
544  unsigned char p_fcval = -fcval;
545  if ((scp->flowrem_dat > p_fcval) &&
546  (fctype == NSP_FC_SCMC)) {
547  scp->flowrem_dat -= p_fcval;
548  }
549  } else if (fcval > 0) {
550  scp->flowrem_dat += fcval;
551  wake_up = 1;
552  }
553  break;
554  case 0x01: /* Stop outgoing data */
555  scp->flowrem_sw = DN_DONTSEND;
556  break;
557  case 0x02: /* Ok to start again */
558  scp->flowrem_sw = DN_SEND;
559  dn_nsp_output(sk);
560  wake_up = 1;
561  }
562  break;
563  case 0x04: /* Interrupt Request */
564  if (fcval > 0) {
565  scp->flowrem_oth += fcval;
566  wake_up = 1;
567  }
568  break;
569  }
570  if (wake_up && !sock_flag(sk, SOCK_DEAD))
571  sk->sk_state_change(sk);
572  }
573 
574  dn_nsp_send_oth_ack(sk);
575 
576 out:
577  kfree_skb(skb);
578 }
579 
580 /*
581  * Copy of sock_queue_rcv_skb (from sock.h) without
582  * bh_lock_sock() (its already held when this is called) which
583  * also allows data and other data to be queued to a socket.
584  */
585 static __inline__ int dn_queue_skb(struct sock *sk, struct sk_buff *skb, int sig, struct sk_buff_head *queue)
586 {
587  int err;
588  int skb_len;
589 
590  /* Cast skb->rcvbuf to unsigned... It's pointless, but reduces
591  number of warnings when compiling with -W --ANK
592  */
593  if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
594  (unsigned int)sk->sk_rcvbuf) {
595  err = -ENOMEM;
596  goto out;
597  }
598 
599  err = sk_filter(sk, skb);
600  if (err)
601  goto out;
602 
603  skb_len = skb->len;
604  skb_set_owner_r(skb, sk);
605  skb_queue_tail(queue, skb);
606 
607  if (!sock_flag(sk, SOCK_DEAD))
608  sk->sk_data_ready(sk, skb_len);
609 out:
610  return err;
611 }
612 
613 static void dn_nsp_otherdata(struct sock *sk, struct sk_buff *skb)
614 {
615  struct dn_scp *scp = DN_SK(sk);
616  unsigned short segnum;
617  struct dn_skb_cb *cb = DN_SKB_CB(skb);
618  int queued = 0;
619 
620  if (skb->len < 2)
621  goto out;
622 
623  cb->segnum = segnum = le16_to_cpu(*(__le16 *)skb->data);
624  skb_pull(skb, 2);
625 
626  if (seq_next(scp->numoth_rcv, segnum)) {
627 
628  if (dn_queue_skb(sk, skb, SIGURG, &scp->other_receive_queue) == 0) {
629  seq_add(&scp->numoth_rcv, 1);
630  scp->other_report = 0;
631  queued = 1;
632  }
633  }
634 
635  dn_nsp_send_oth_ack(sk);
636 out:
637  if (!queued)
638  kfree_skb(skb);
639 }
640 
641 static void dn_nsp_data(struct sock *sk, struct sk_buff *skb)
642 {
643  int queued = 0;
644  unsigned short segnum;
645  struct dn_skb_cb *cb = DN_SKB_CB(skb);
646  struct dn_scp *scp = DN_SK(sk);
647 
648  if (skb->len < 2)
649  goto out;
650 
651  cb->segnum = segnum = le16_to_cpu(*(__le16 *)skb->data);
652  skb_pull(skb, 2);
653 
654  if (seq_next(scp->numdat_rcv, segnum)) {
655  if (dn_queue_skb(sk, skb, SIGIO, &sk->sk_receive_queue) == 0) {
656  seq_add(&scp->numdat_rcv, 1);
657  queued = 1;
658  }
659 
660  if ((scp->flowloc_sw == DN_SEND) && dn_congested(sk)) {
661  scp->flowloc_sw = DN_DONTSEND;
662  dn_nsp_send_link(sk, DN_DONTSEND, 0);
663  }
664  }
665 
666  dn_nsp_send_data_ack(sk);
667 out:
668  if (!queued)
669  kfree_skb(skb);
670 }
671 
672 /*
673  * If one of our conninit messages is returned, this function
674  * deals with it. It puts the socket into the NO_COMMUNICATION
675  * state.
676  */
677 static void dn_returned_conn_init(struct sock *sk, struct sk_buff *skb)
678 {
679  struct dn_scp *scp = DN_SK(sk);
680 
681  if (scp->state == DN_CI) {
682  scp->state = DN_NC;
683  sk->sk_state = TCP_CLOSE;
684  if (!sock_flag(sk, SOCK_DEAD))
685  sk->sk_state_change(sk);
686  }
687 
688  kfree_skb(skb);
689 }
690 
691 static int dn_nsp_no_socket(struct sk_buff *skb, unsigned short reason)
692 {
693  struct dn_skb_cb *cb = DN_SKB_CB(skb);
694  int ret = NET_RX_DROP;
695 
696  /* Must not reply to returned packets */
697  if (cb->rt_flags & DN_RT_F_RTS)
698  goto out;
699 
700  if ((reason != NSP_REASON_OK) && ((cb->nsp_flags & 0x0c) == 0x08)) {
701  switch (cb->nsp_flags & 0x70) {
702  case 0x10:
703  case 0x60: /* (Retransmitted) Connect Init */
704  dn_nsp_return_disc(skb, NSP_DISCINIT, reason);
705  ret = NET_RX_SUCCESS;
706  break;
707  case 0x20: /* Connect Confirm */
708  dn_nsp_return_disc(skb, NSP_DISCCONF, reason);
709  ret = NET_RX_SUCCESS;
710  break;
711  }
712  }
713 
714 out:
715  kfree_skb(skb);
716  return ret;
717 }
718 
719 static int dn_nsp_rx_packet(struct sk_buff *skb)
720 {
721  struct dn_skb_cb *cb = DN_SKB_CB(skb);
722  struct sock *sk = NULL;
723  unsigned char *ptr = (unsigned char *)skb->data;
724  unsigned short reason = NSP_REASON_NL;
725 
726  if (!pskb_may_pull(skb, 2))
727  goto free_out;
728 
729  skb_reset_transport_header(skb);
730  cb->nsp_flags = *ptr++;
731 
732  if (decnet_debug_level & 2)
733  printk(KERN_DEBUG "dn_nsp_rx: Message type 0x%02x\n", (int)cb->nsp_flags);
734 
735  if (cb->nsp_flags & 0x83)
736  goto free_out;
737 
738  /*
739  * Filter out conninits and useless packet types
740  */
741  if ((cb->nsp_flags & 0x0c) == 0x08) {
742  switch (cb->nsp_flags & 0x70) {
743  case 0x00: /* NOP */
744  case 0x70: /* Reserved */
745  case 0x50: /* Reserved, Phase II node init */
746  goto free_out;
747  case 0x10:
748  case 0x60:
749  if (unlikely(cb->rt_flags & DN_RT_F_RTS))
750  goto free_out;
751  sk = dn_find_listener(skb, &reason);
752  goto got_it;
753  }
754  }
755 
756  if (!pskb_may_pull(skb, 3))
757  goto free_out;
758 
759  /*
760  * Grab the destination address.
761  */
762  cb->dst_port = *(__le16 *)ptr;
763  cb->src_port = 0;
764  ptr += 2;
765 
766  /*
767  * If not a connack, grab the source address too.
768  */
769  if (pskb_may_pull(skb, 5)) {
770  cb->src_port = *(__le16 *)ptr;
771  ptr += 2;
772  skb_pull(skb, 5);
773  }
774 
775  /*
776  * Returned packets...
777  * Swap src & dst and look up in the normal way.
778  */
779  if (unlikely(cb->rt_flags & DN_RT_F_RTS)) {
780  __le16 tmp = cb->dst_port;
781  cb->dst_port = cb->src_port;
782  cb->src_port = tmp;
783  tmp = cb->dst;
784  cb->dst = cb->src;
785  cb->src = tmp;
786  }
787 
788  /*
789  * Find the socket to which this skb is destined.
790  */
791  sk = dn_find_by_skb(skb);
792 got_it:
793  if (sk != NULL) {
794  struct dn_scp *scp = DN_SK(sk);
795 
796  /* Reset backoff */
797  scp->nsp_rxtshift = 0;
798 
799  /*
800  * We linearize everything except data segments here.
801  */
802  if (cb->nsp_flags & ~0x60) {
803  if (unlikely(skb_linearize(skb)))
804  goto free_out;
805  }
806 
807  return sk_receive_skb(sk, skb, 0);
808  }
809 
810  return dn_nsp_no_socket(skb, reason);
811 
812 free_out:
813  kfree_skb(skb);
814  return NET_RX_DROP;
815 }
816 
817 int dn_nsp_rx(struct sk_buff *skb)
818 {
819  return NF_HOOK(NFPROTO_DECNET, NF_DN_LOCAL_IN, skb, skb->dev, NULL,
820  dn_nsp_rx_packet);
821 }
822 
823 /*
824  * This is the main receive routine for sockets. It is called
825  * from the above when the socket is not busy, and also from
826  * sock_release() when there is a backlog queued up.
827  */
828 int dn_nsp_backlog_rcv(struct sock *sk, struct sk_buff *skb)
829 {
830  struct dn_scp *scp = DN_SK(sk);
831  struct dn_skb_cb *cb = DN_SKB_CB(skb);
832 
833  if (cb->rt_flags & DN_RT_F_RTS) {
834  if (cb->nsp_flags == 0x18 || cb->nsp_flags == 0x68)
835  dn_returned_conn_init(sk, skb);
836  else
837  kfree_skb(skb);
838  return NET_RX_SUCCESS;
839  }
840 
841  /*
842  * Control packet.
843  */
844  if ((cb->nsp_flags & 0x0c) == 0x08) {
845  switch (cb->nsp_flags & 0x70) {
846  case 0x10:
847  case 0x60:
848  dn_nsp_conn_init(sk, skb);
849  break;
850  case 0x20:
851  dn_nsp_conn_conf(sk, skb);
852  break;
853  case 0x30:
854  dn_nsp_disc_init(sk, skb);
855  break;
856  case 0x40:
857  dn_nsp_disc_conf(sk, skb);
858  break;
859  }
860 
861  } else if (cb->nsp_flags == 0x24) {
862  /*
863  * Special for connacks, 'cos they don't have
864  * ack data or ack otherdata info.
865  */
866  dn_nsp_conn_ack(sk, skb);
867  } else {
868  int other = 1;
869 
870  /* both data and ack frames can kick a CC socket into RUN */
871  if ((scp->state == DN_CC) && !sock_flag(sk, SOCK_DEAD)) {
872  scp->state = DN_RUN;
873  sk->sk_state = TCP_ESTABLISHED;
874  sk->sk_state_change(sk);
875  }
876 
877  if ((cb->nsp_flags & 0x1c) == 0)
878  other = 0;
879  if (cb->nsp_flags == 0x04)
880  other = 0;
881 
882  /*
883  * Read out ack data here, this applies equally
884  * to data, other data, link serivce and both
885  * ack data and ack otherdata.
886  */
887  dn_process_ack(sk, skb, other);
888 
889  /*
890  * If we've some sort of data here then call a
891  * suitable routine for dealing with it, otherwise
892  * the packet is an ack and can be discarded.
893  */
894  if ((cb->nsp_flags & 0x0c) == 0) {
895 
896  if (scp->state != DN_RUN)
897  goto free_out;
898 
899  switch (cb->nsp_flags) {
900  case 0x10: /* LS */
901  dn_nsp_linkservice(sk, skb);
902  break;
903  case 0x30: /* OD */
904  dn_nsp_otherdata(sk, skb);
905  break;
906  default:
907  dn_nsp_data(sk, skb);
908  }
909 
910  } else { /* Ack, chuck it out here */
911 free_out:
912  kfree_skb(skb);
913  }
914  }
915 
916  return NET_RX_SUCCESS;
917 }
918 
Generated on Thu Jan 10 2013 14:58:02 for Linux Kernel by   doxygen 1.8.2