ddp_input.c revision 194619 
1/*-
2 * Copyright (c) 2004-2009 Robert N. M. Watson
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * Copyright (c) 1990, 1994 Regents of The University of Michigan.
27 *
28 * Permission to use, copy, modify, and distribute this software and
29 * its documentation for any purpose and without fee is hereby granted,
30 * provided that the above copyright notice appears in all copies and
31 * that both that copyright notice and this permission notice appear
32 * in supporting documentation, and that the name of The University
33 * of Michigan not be used in advertising or publicity pertaining to
34 * distribution of the software without specific, written prior
35 * permission. This software is supplied as is without expressed or
36 * implied warranties of any kind.
37 *
38 * This product includes software developed by the University of
39 * California, Berkeley and its contributors.
40 *
41 *	Research Systems Unix Group
42 *	The University of Michigan
43 *	c/o Wesley Craig
44 *	535 W. William Street
45 *	Ann Arbor, Michigan
46 *	+1-313-764-2278
47 *	netatalk@umich.edu
48 *
49 * $FreeBSD: head/sys/netatalk/ddp_input.c 194619 2009-06-22 10:23:54Z rwatson $
50 */
51
52#include <sys/param.h>
53#include <sys/kernel.h>
54#include <sys/lock.h>
55#include <sys/mbuf.h>
56#include <sys/signalvar.h>
57#include <sys/socket.h>
58#include <sys/socketvar.h>
59#include <sys/sx.h>
60#include <sys/systm.h>
61#include <net/if.h>
62#include <net/route.h>
63
64#include <netatalk/at.h>
65#include <netatalk/at_var.h>
66#include <netatalk/ddp.h>
67#include <netatalk/ddp_var.h>
68#include <netatalk/ddp_pcb.h>
69#include <netatalk/at_extern.h>
70
71#include <security/mac/mac_framework.h>
72
73static volatile int	ddp_forward = 1;
74static volatile int	ddp_firewall = 0;
75static struct ddpstat	ddpstat;
76
77static struct route	forwro;
78
79static void     ddp_input(struct mbuf *, struct ifnet *, struct elaphdr *, int);
80
81/*
82 * Could probably merge these two code segments a little better...
83 */
84void
85at2intr(struct mbuf *m)
86{
87
88	/*
89	 * Phase 2 packet handling .
90	 */
91	ddp_input(m, m->m_pkthdr.rcvif, NULL, 2);
92}
93
94void
95at1intr(struct mbuf *m)
96{
97	struct elaphdr *elhp, elh;
98
99	/*
100	 * Phase 1 packet handling
101	 */
102	if (m->m_len < SZ_ELAPHDR && ((m = m_pullup(m, SZ_ELAPHDR)) ==
103	    NULL)) {
104		ddpstat.ddps_tooshort++;
105		return;
106	}
107
108	/*
109	 * This seems a little dubious, but I don't know phase 1 so leave it.
110	 */
111	elhp = mtod(m, struct elaphdr *);
112	m_adj(m, SZ_ELAPHDR);
113
114	if (elhp->el_type != ELAP_DDPEXTEND) {
115		bcopy((caddr_t)elhp, (caddr_t)&elh, SZ_ELAPHDR);
116		ddp_input(m, m->m_pkthdr.rcvif, &elh, 1);
117	} else
118		ddp_input(m, m->m_pkthdr.rcvif, NULL, 1);
119}
120
121static void
122ddp_input(struct mbuf *m, struct ifnet *ifp, struct elaphdr *elh, int phase)
123{
124	struct sockaddr_at from, to;
125	struct ddpshdr *dsh, ddps;
126	struct at_ifaddr *aa;
127	struct ddpehdr *deh = NULL, ddpe;
128	struct ddpcb *ddp;
129	int dlen, mlen;
130	u_short cksum = 0;
131
132	bzero((caddr_t)&from, sizeof(struct sockaddr_at));
133	bzero((caddr_t)&to, sizeof(struct sockaddr_at));
134	if (elh != NULL) {
135		/*
136		 * Extract the information in the short header.  Network
137		 * information is defaulted to ATADDR_ANYNET and node
138		 * information comes from the elh info.  We must be phase 1.
139		 */
140		ddpstat.ddps_short++;
141
142		if (m->m_len < sizeof(struct ddpshdr) &&
143		    ((m = m_pullup(m, sizeof(struct ddpshdr))) == NULL)) {
144			ddpstat.ddps_tooshort++;
145			return;
146		}
147
148		dsh = mtod(m, struct ddpshdr *);
149		bcopy((caddr_t)dsh, (caddr_t)&ddps, sizeof(struct ddpshdr));
150		ddps.dsh_bytes = ntohl(ddps.dsh_bytes);
151		dlen = ddps.dsh_len;
152
153		to.sat_addr.s_net = ATADDR_ANYNET;
154		to.sat_addr.s_node = elh->el_dnode;
155		to.sat_port = ddps.dsh_dport;
156		from.sat_addr.s_net = ATADDR_ANYNET;
157		from.sat_addr.s_node = elh->el_snode;
158		from.sat_port = ddps.dsh_sport;
159
160		/*
161		 * Make sure that we point to the phase1 ifaddr info and that
162		 * it's valid for this packet.
163		 */
164		AT_IFADDR_RLOCK();
165		for (aa = at_ifaddr_list; aa != NULL; aa = aa->aa_next) {
166			if ((aa->aa_ifp == ifp)
167			    && ((aa->aa_flags & AFA_PHASE2) == 0)
168			    && ((to.sat_addr.s_node ==
169			    AA_SAT(aa)->sat_addr.s_node) ||
170			    (to.sat_addr.s_node == ATADDR_BCAST)))
171				break;
172		}
173		/*
174		 * maybe we got a broadcast not meant for us.. ditch it.
175		 */
176		if (aa == NULL) {
177			AT_IFADDR_RUNLOCK();
178			m_freem(m);
179			return;
180		}
181	} else {
182		/*
183		 * There was no 'elh' passed on. This could still be either
184		 * phase1 or phase2.  We have a long header, but we may be
185		 * running on a phase 1 net.  Extract out all the info
186		 * regarding this packet's src & dst.
187		 */
188		ddpstat.ddps_long++;
189
190		if (m->m_len < sizeof(struct ddpehdr) &&
191		    ((m = m_pullup(m, sizeof(struct ddpehdr))) == NULL)) {
192			AT_IFADDR_RUNLOCK();
193			ddpstat.ddps_tooshort++;
194			return;
195		}
196
197		deh = mtod(m, struct ddpehdr *);
198		bcopy((caddr_t)deh, (caddr_t)&ddpe, sizeof(struct ddpehdr));
199		ddpe.deh_bytes = ntohl(ddpe.deh_bytes);
200		dlen = ddpe.deh_len;
201
202		if ((cksum = ddpe.deh_sum) == 0)
203			ddpstat.ddps_nosum++;
204
205		from.sat_addr.s_net = ddpe.deh_snet;
206		from.sat_addr.s_node = ddpe.deh_snode;
207		from.sat_port = ddpe.deh_sport;
208		to.sat_addr.s_net = ddpe.deh_dnet;
209		to.sat_addr.s_node = ddpe.deh_dnode;
210		to.sat_port = ddpe.deh_dport;
211
212		AT_IFADDR_RLOCK();
213		if (to.sat_addr.s_net == ATADDR_ANYNET) {
214			/*
215			 * The TO address doesn't specify a net, so by
216			 * definition it's for this net.  Try find ifaddr
217			 * info with the right phase, the right interface,
218			 * and either to our node, a broadcast, or looped
219			 * back (though that SHOULD be covered in the other
220			 * cases).
221			 *
222			 * XXX If we have multiple interfaces, then the first
223			 * with this node number will match (which may NOT be
224			 * what we want, but it's probably safe in 99.999% of
225			 * cases.
226			 */
227			for (aa = at_ifaddr_list; aa != NULL;
228			    aa = aa->aa_next) {
229				if (phase == 1 && (aa->aa_flags &
230				    AFA_PHASE2))
231					continue;
232				if (phase == 2 && (aa->aa_flags &
233				    AFA_PHASE2) == 0)
234					continue;
235				if ((aa->aa_ifp == ifp) &&
236				    ((to.sat_addr.s_node ==
237				    AA_SAT(aa)->sat_addr.s_node) ||
238				    (to.sat_addr.s_node == ATADDR_BCAST) ||
239				    (ifp->if_flags & IFF_LOOPBACK)))
240					break;
241			}
242		} else {
243			/*
244			 * A destination network was given.  We just try to
245			 * find which ifaddr info matches it.
246	    		 */
247			for (aa = at_ifaddr_list; aa != NULL;
248			    aa = aa->aa_next) {
249				/*
250				 * This is a kludge. Accept packets that are
251				 * for any router on a local netrange.
252				 */
253				if (to.sat_addr.s_net == aa->aa_firstnet &&
254				    to.sat_addr.s_node == 0)
255					break;
256				/*
257				 * Don't use ifaddr info for which we are
258				 * totally outside the netrange, and it's not
259				 * a startup packet.  Startup packets are
260				 * always implicitly allowed on to the next
261				 * test.
262				 */
263				if (((ntohs(to.sat_addr.s_net) <
264				    ntohs(aa->aa_firstnet)) ||
265				    (ntohs(to.sat_addr.s_net) >
266				    ntohs(aa->aa_lastnet))) &&
267				    ((ntohs(to.sat_addr.s_net) < 0xff00) ||
268				    (ntohs(to.sat_addr.s_net) > 0xfffe)))
269					continue;
270
271				/*
272				 * Don't record a match either if we just
273				 * don't have a match in the node address.
274				 * This can have if the interface is in
275				 * promiscuous mode for example.
276				 */
277				if ((to.sat_addr.s_node !=
278				    AA_SAT(aa)->sat_addr.s_node) &&
279				    (to.sat_addr.s_node != ATADDR_BCAST))
280					continue;
281				break;
282			}
283		}
284	}
285	if (aa != NULL)
286		ifa_ref(&aa->aa_ifa);
287	AT_IFADDR_RUNLOCK();
288
289	/*
290	 * Adjust the length, removing any padding that may have been added
291	 * at a link layer.  We do this before we attempt to forward a
292	 * packet, possibly on a different media.
293	 */
294	mlen = m->m_pkthdr.len;
295	if (mlen < dlen) {
296		ddpstat.ddps_toosmall++;
297		goto out;
298	}
299	if (mlen > dlen)
300		m_adj(m, dlen - mlen);
301
302	/*
303	 * If it isn't for a net on any of our interfaces, or it IS for a net
304	 * on a different interface than it came in on, (and it is not looped
305	 * back) then consider if we should forward it.  As we are not really
306	 * a router this is a bit cheeky, but it may be useful some day.
307	 */
308	if ((aa == NULL) || ((to.sat_addr.s_node == ATADDR_BCAST) &&
309	    (aa->aa_ifp != ifp) && ((ifp->if_flags & IFF_LOOPBACK) == 0))) {
310		/*
311		 * If we've explicitly disabled it, don't route anything.
312		 */
313		if (ddp_forward == 0)
314			goto out;
315
316		/*
317		 * If the cached forwarding route is still valid, use it.
318		 *
319		 * XXXRW: Access to the cached route may not be properly
320		 * synchronized for parallel input handling.
321		 */
322		if (forwro.ro_rt &&
323		    (satosat(&forwro.ro_dst)->sat_addr.s_net !=
324		    to.sat_addr.s_net ||
325		    satosat(&forwro.ro_dst)->sat_addr.s_node !=
326		    to.sat_addr.s_node)) {
327			RTFREE(forwro.ro_rt);
328			forwro.ro_rt = NULL;
329		}
330
331		/*
332		 * If we don't have a cached one (any more) or it's useless,
333		 * then get a new route.
334		 *
335		 * XXX this could cause a 'route leak'.  Check this!
336		 */
337		if (forwro.ro_rt == NULL || forwro.ro_rt->rt_ifp == NULL) {
338			forwro.ro_dst.sa_len = sizeof(struct sockaddr_at);
339			forwro.ro_dst.sa_family = AF_APPLETALK;
340			satosat(&forwro.ro_dst)->sat_addr.s_net =
341			    to.sat_addr.s_net;
342			satosat(&forwro.ro_dst)->sat_addr.s_node =
343			    to.sat_addr.s_node;
344			rtalloc(&forwro);
345		}
346
347		/*
348		 * If it's not going to get there on this hop, and it's
349		 * already done too many hops, then throw it away.
350		 */
351		if ((to.sat_addr.s_net !=
352		    satosat(&forwro.ro_dst)->sat_addr.s_net) &&
353		    (ddpe.deh_hops == DDP_MAXHOPS))
354			goto out;
355
356		/*
357		 * A ddp router might use the same interface to forward the
358		 * packet, which this would not effect.  Don't allow packets
359		 * to cross from one interface to another however.
360		 */
361		if (ddp_firewall && ((forwro.ro_rt == NULL) ||
362		    (forwro.ro_rt->rt_ifp != ifp)))
363			goto out;
364
365		/*
366		 * Adjust the header.  If it was a short header then it would
367		 * have not gotten here, so we can assume there is room to
368		 * drop the header in.
369		 *
370		 * XXX what about promiscuous mode, etc...
371		 */
372		ddpe.deh_hops++;
373		ddpe.deh_bytes = htonl(ddpe.deh_bytes);
374		/* XXX deh? */
375		bcopy((caddr_t)&ddpe, (caddr_t)deh, sizeof(u_short));
376		if (ddp_route(m, &forwro))
377			ddpstat.ddps_cantforward++;
378		else
379			ddpstat.ddps_forward++;
380		if (aa != NULL)
381			ifa_free(&aa->aa_ifa);
382		return;
383	}
384
385	/*
386	 * It was for us, and we have an ifaddr to use with it.
387	 */
388	from.sat_len = sizeof(struct sockaddr_at);
389	from.sat_family = AF_APPLETALK;
390
391	/*
392	 * We are no longer interested in the link layer so cut it off.
393	 */
394	if (elh == NULL) {
395		if (ddp_cksum && cksum && cksum !=
396		    at_cksum(m, sizeof(int))) {
397			ddpstat.ddps_badsum++;
398			goto out;
399		}
400		m_adj(m, sizeof(struct ddpehdr));
401	} else
402		m_adj(m, sizeof(struct ddpshdr));
403
404	/*
405	 * Search for ddp protocol control blocks that match these addresses.
406	 */
407	DDP_LIST_SLOCK();
408	if ((ddp = ddp_search(&from, &to, aa)) == NULL)
409		goto out_unlock;
410
411#ifdef MAC
412	if (mac_socket_check_deliver(ddp->ddp_socket, m) != 0)
413		goto out_unlock;
414#endif
415
416	/*
417	 * If we found one, deliver the packet to the socket
418	 */
419	SOCKBUF_LOCK(&ddp->ddp_socket->so_rcv);
420	if (sbappendaddr_locked(&ddp->ddp_socket->so_rcv,
421	    (struct sockaddr *)&from, m, NULL) == 0) {
422    		SOCKBUF_UNLOCK(&ddp->ddp_socket->so_rcv);
423		/*
424		 * If the socket is full (or similar error) dump the packet.
425		 */
426		ddpstat.ddps_nosockspace++;
427		goto out_unlock;
428	}
429
430	/*
431	 * And wake up whatever might be waiting for it
432	 */
433	sorwakeup_locked(ddp->ddp_socket);
434	m = NULL;
435out_unlock:
436	DDP_LIST_SUNLOCK();
437out:
438	if (aa != NULL)
439		ifa_free(&aa->aa_ifa);
440	if (m != NULL)
441		m_freem(m);
442}
443