1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright (C) 2007-2019 B.A.T.M.A.N. contributors:
3 *
4 * Marek Lindner, Simon Wunderlich
5 */
6
7 #include "routing.h"
8 #include "main.h"
9
10 #include <linux/atomic.h>
11 #include <linux/byteorder/generic.h>
12 #include <linux/compiler.h>
13 #include <linux/errno.h>
14 #include <linux/etherdevice.h>
15 #include <linux/if_ether.h>
16 #include <linux/jiffies.h>
17 #include <linux/kref.h>
18 #include <linux/netdevice.h>
19 #include <linux/printk.h>
20 #include <linux/rculist.h>
21 #include <linux/rcupdate.h>
22 #include <linux/skbuff.h>
23 #include <linux/spinlock.h>
24 #include <linux/stddef.h>
25 #include <uapi/linux/batadv_packet.h>
26
27 #include "bitarray.h"
28 #include "bridge_loop_avoidance.h"
29 #include "distributed-arp-table.h"
30 #include "fragmentation.h"
31 #include "hard-interface.h"
32 #include "icmp_socket.h"
33 #include "log.h"
34 #include "network-coding.h"
35 #include "originator.h"
36 #include "send.h"
37 #include "soft-interface.h"
38 #include "tp_meter.h"
39 #include "translation-table.h"
40 #include "tvlv.h"
41
42 static int batadv_route_unicast_packet(struct sk_buff *skb,
43 struct batadv_hard_iface *recv_if);
44
45 /**
46 * _batadv_update_route() - set the router for this originator
47 * @bat_priv: the bat priv with all the soft interface information
48 * @orig_node: orig node which is to be configured
49 * @recv_if: the receive interface for which this route is set
50 * @neigh_node: neighbor which should be the next router
51 *
52 * This function does not perform any error checks
53 */
_batadv_update_route(struct batadv_priv * bat_priv,struct batadv_orig_node * orig_node,struct batadv_hard_iface * recv_if,struct batadv_neigh_node * neigh_node)54 static void _batadv_update_route(struct batadv_priv *bat_priv,
55 struct batadv_orig_node *orig_node,
56 struct batadv_hard_iface *recv_if,
57 struct batadv_neigh_node *neigh_node)
58 {
59 struct batadv_orig_ifinfo *orig_ifinfo;
60 struct batadv_neigh_node *curr_router;
61
62 orig_ifinfo = batadv_orig_ifinfo_get(orig_node, recv_if);
63 if (!orig_ifinfo)
64 return;
65
66 spin_lock_bh(&orig_node->neigh_list_lock);
67 /* curr_router used earlier may not be the current orig_ifinfo->router
68 * anymore because it was dereferenced outside of the neigh_list_lock
69 * protected region. After the new best neighbor has replace the current
70 * best neighbor the reference counter needs to decrease. Consequently,
71 * the code needs to ensure the curr_router variable contains a pointer
72 * to the replaced best neighbor.
73 */
74 curr_router = rcu_dereference_protected(orig_ifinfo->router, true);
75
76 /* increase refcount of new best neighbor */
77 if (neigh_node)
78 kref_get(&neigh_node->refcount);
79
80 rcu_assign_pointer(orig_ifinfo->router, neigh_node);
81 spin_unlock_bh(&orig_node->neigh_list_lock);
82 batadv_orig_ifinfo_put(orig_ifinfo);
83
84 /* route deleted */
85 if (curr_router && !neigh_node) {
86 batadv_dbg(BATADV_DBG_ROUTES, bat_priv,
87 "Deleting route towards: %pM\n", orig_node->orig);
88 batadv_tt_global_del_orig(bat_priv, orig_node, -1,
89 "Deleted route towards originator");
90
91 /* route added */
92 } else if (!curr_router && neigh_node) {
93 batadv_dbg(BATADV_DBG_ROUTES, bat_priv,
94 "Adding route towards: %pM (via %pM)\n",
95 orig_node->orig, neigh_node->addr);
96 /* route changed */
97 } else if (neigh_node && curr_router) {
98 batadv_dbg(BATADV_DBG_ROUTES, bat_priv,
99 "Changing route towards: %pM (now via %pM - was via %pM)\n",
100 orig_node->orig, neigh_node->addr,
101 curr_router->addr);
102 }
103
104 /* decrease refcount of previous best neighbor */
105 if (curr_router)
106 batadv_neigh_node_put(curr_router);
107 }
108
109 /**
110 * batadv_update_route() - set the router for this originator
111 * @bat_priv: the bat priv with all the soft interface information
112 * @orig_node: orig node which is to be configured
113 * @recv_if: the receive interface for which this route is set
114 * @neigh_node: neighbor which should be the next router
115 */
batadv_update_route(struct batadv_priv * bat_priv,struct batadv_orig_node * orig_node,struct batadv_hard_iface * recv_if,struct batadv_neigh_node * neigh_node)116 void batadv_update_route(struct batadv_priv *bat_priv,
117 struct batadv_orig_node *orig_node,
118 struct batadv_hard_iface *recv_if,
119 struct batadv_neigh_node *neigh_node)
120 {
121 struct batadv_neigh_node *router = NULL;
122
123 if (!orig_node)
124 goto out;
125
126 router = batadv_orig_router_get(orig_node, recv_if);
127
128 if (router != neigh_node)
129 _batadv_update_route(bat_priv, orig_node, recv_if, neigh_node);
130
131 out:
132 if (router)
133 batadv_neigh_node_put(router);
134 }
135
136 /**
137 * batadv_window_protected() - checks whether the host restarted and is in the
138 * protection time.
139 * @bat_priv: the bat priv with all the soft interface information
140 * @seq_num_diff: difference between the current/received sequence number and
141 * the last sequence number
142 * @seq_old_max_diff: maximum age of sequence number not considered as restart
143 * @last_reset: jiffies timestamp of the last reset, will be updated when reset
144 * is detected
145 * @protection_started: is set to true if the protection window was started,
146 * doesn't change otherwise.
147 *
148 * Return:
149 * false if the packet is to be accepted.
150 * true if the packet is to be ignored.
151 */
batadv_window_protected(struct batadv_priv * bat_priv,s32 seq_num_diff,s32 seq_old_max_diff,unsigned long * last_reset,bool * protection_started)152 bool batadv_window_protected(struct batadv_priv *bat_priv, s32 seq_num_diff,
153 s32 seq_old_max_diff, unsigned long *last_reset,
154 bool *protection_started)
155 {
156 if (seq_num_diff <= -seq_old_max_diff ||
157 seq_num_diff >= BATADV_EXPECTED_SEQNO_RANGE) {
158 if (!batadv_has_timed_out(*last_reset,
159 BATADV_RESET_PROTECTION_MS))
160 return true;
161
162 *last_reset = jiffies;
163 if (protection_started)
164 *protection_started = true;
165 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
166 "old packet received, start protection\n");
167 }
168
169 return false;
170 }
171
172 /**
173 * batadv_check_management_packet() - Check preconditions for management packets
174 * @skb: incoming packet buffer
175 * @hard_iface: incoming hard interface
176 * @header_len: minimal header length of packet type
177 *
178 * Return: true when management preconditions are met, false otherwise
179 */
batadv_check_management_packet(struct sk_buff * skb,struct batadv_hard_iface * hard_iface,int header_len)180 bool batadv_check_management_packet(struct sk_buff *skb,
181 struct batadv_hard_iface *hard_iface,
182 int header_len)
183 {
184 struct ethhdr *ethhdr;
185
186 /* drop packet if it has not necessary minimum size */
187 if (unlikely(!pskb_may_pull(skb, header_len)))
188 return false;
189
190 ethhdr = eth_hdr(skb);
191
192 /* packet with broadcast indication but unicast recipient */
193 if (!is_broadcast_ether_addr(ethhdr->h_dest))
194 return false;
195
196 /* packet with invalid sender address */
197 if (!is_valid_ether_addr(ethhdr->h_source))
198 return false;
199
200 /* create a copy of the skb, if needed, to modify it. */
201 if (skb_cow(skb, 0) < 0)
202 return false;
203
204 /* keep skb linear */
205 if (skb_linearize(skb) < 0)
206 return false;
207
208 return true;
209 }
210
211 /**
212 * batadv_recv_my_icmp_packet() - receive an icmp packet locally
213 * @bat_priv: the bat priv with all the soft interface information
214 * @skb: icmp packet to process
215 *
216 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP
217 * otherwise.
218 */
batadv_recv_my_icmp_packet(struct batadv_priv * bat_priv,struct sk_buff * skb)219 static int batadv_recv_my_icmp_packet(struct batadv_priv *bat_priv,
220 struct sk_buff *skb)
221 {
222 struct batadv_hard_iface *primary_if = NULL;
223 struct batadv_orig_node *orig_node = NULL;
224 struct batadv_icmp_header *icmph;
225 int res, ret = NET_RX_DROP;
226
227 icmph = (struct batadv_icmp_header *)skb->data;
228
229 switch (icmph->msg_type) {
230 case BATADV_ECHO_REPLY:
231 case BATADV_DESTINATION_UNREACHABLE:
232 case BATADV_TTL_EXCEEDED:
233 /* receive the packet */
234 if (skb_linearize(skb) < 0)
235 break;
236
237 batadv_socket_receive_packet(icmph, skb->len);
238 break;
239 case BATADV_ECHO_REQUEST:
240 /* answer echo request (ping) */
241 primary_if = batadv_primary_if_get_selected(bat_priv);
242 if (!primary_if)
243 goto out;
244
245 /* get routing information */
246 orig_node = batadv_orig_hash_find(bat_priv, icmph->orig);
247 if (!orig_node)
248 goto out;
249
250 /* create a copy of the skb, if needed, to modify it. */
251 if (skb_cow(skb, ETH_HLEN) < 0)
252 goto out;
253
254 icmph = (struct batadv_icmp_header *)skb->data;
255
256 ether_addr_copy(icmph->dst, icmph->orig);
257 ether_addr_copy(icmph->orig, primary_if->net_dev->dev_addr);
258 icmph->msg_type = BATADV_ECHO_REPLY;
259 icmph->ttl = BATADV_TTL;
260
261 res = batadv_send_skb_to_orig(skb, orig_node, NULL);
262 if (res == NET_XMIT_SUCCESS)
263 ret = NET_RX_SUCCESS;
264
265 /* skb was consumed */
266 skb = NULL;
267 break;
268 case BATADV_TP:
269 if (!pskb_may_pull(skb, sizeof(struct batadv_icmp_tp_packet)))
270 goto out;
271
272 batadv_tp_meter_recv(bat_priv, skb);
273 ret = NET_RX_SUCCESS;
274 /* skb was consumed */
275 skb = NULL;
276 goto out;
277 default:
278 /* drop unknown type */
279 goto out;
280 }
281 out:
282 if (primary_if)
283 batadv_hardif_put(primary_if);
284 if (orig_node)
285 batadv_orig_node_put(orig_node);
286
287 kfree_skb(skb);
288
289 return ret;
290 }
291
batadv_recv_icmp_ttl_exceeded(struct batadv_priv * bat_priv,struct sk_buff * skb)292 static int batadv_recv_icmp_ttl_exceeded(struct batadv_priv *bat_priv,
293 struct sk_buff *skb)
294 {
295 struct batadv_hard_iface *primary_if = NULL;
296 struct batadv_orig_node *orig_node = NULL;
297 struct batadv_icmp_packet *icmp_packet;
298 int res, ret = NET_RX_DROP;
299
300 icmp_packet = (struct batadv_icmp_packet *)skb->data;
301
302 /* send TTL exceeded if packet is an echo request (traceroute) */
303 if (icmp_packet->msg_type != BATADV_ECHO_REQUEST) {
304 pr_debug("Warning - can't forward icmp packet from %pM to %pM: ttl exceeded\n",
305 icmp_packet->orig, icmp_packet->dst);
306 goto out;
307 }
308
309 primary_if = batadv_primary_if_get_selected(bat_priv);
310 if (!primary_if)
311 goto out;
312
313 /* get routing information */
314 orig_node = batadv_orig_hash_find(bat_priv, icmp_packet->orig);
315 if (!orig_node)
316 goto out;
317
318 /* create a copy of the skb, if needed, to modify it. */
319 if (skb_cow(skb, ETH_HLEN) < 0)
320 goto out;
321
322 icmp_packet = (struct batadv_icmp_packet *)skb->data;
323
324 ether_addr_copy(icmp_packet->dst, icmp_packet->orig);
325 ether_addr_copy(icmp_packet->orig, primary_if->net_dev->dev_addr);
326 icmp_packet->msg_type = BATADV_TTL_EXCEEDED;
327 icmp_packet->ttl = BATADV_TTL;
328
329 res = batadv_send_skb_to_orig(skb, orig_node, NULL);
330 if (res == NET_RX_SUCCESS)
331 ret = NET_XMIT_SUCCESS;
332
333 /* skb was consumed */
334 skb = NULL;
335
336 out:
337 if (primary_if)
338 batadv_hardif_put(primary_if);
339 if (orig_node)
340 batadv_orig_node_put(orig_node);
341
342 kfree_skb(skb);
343
344 return ret;
345 }
346
347 /**
348 * batadv_recv_icmp_packet() - Process incoming icmp packet
349 * @skb: incoming packet buffer
350 * @recv_if: incoming hard interface
351 *
352 * Return: NET_RX_SUCCESS on success or NET_RX_DROP in case of failure
353 */
batadv_recv_icmp_packet(struct sk_buff * skb,struct batadv_hard_iface * recv_if)354 int batadv_recv_icmp_packet(struct sk_buff *skb,
355 struct batadv_hard_iface *recv_if)
356 {
357 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
358 struct batadv_icmp_header *icmph;
359 struct batadv_icmp_packet_rr *icmp_packet_rr;
360 struct ethhdr *ethhdr;
361 struct batadv_orig_node *orig_node = NULL;
362 int hdr_size = sizeof(struct batadv_icmp_header);
363 int res, ret = NET_RX_DROP;
364
365 /* drop packet if it has not necessary minimum size */
366 if (unlikely(!pskb_may_pull(skb, hdr_size)))
367 goto free_skb;
368
369 ethhdr = eth_hdr(skb);
370
371 /* packet with unicast indication but non-unicast recipient */
372 if (!is_valid_ether_addr(ethhdr->h_dest))
373 goto free_skb;
374
375 /* packet with broadcast/multicast sender address */
376 if (is_multicast_ether_addr(ethhdr->h_source))
377 goto free_skb;
378
379 /* not for me */
380 if (!batadv_is_my_mac(bat_priv, ethhdr->h_dest))
381 goto free_skb;
382
383 icmph = (struct batadv_icmp_header *)skb->data;
384
385 /* add record route information if not full */
386 if ((icmph->msg_type == BATADV_ECHO_REPLY ||
387 icmph->msg_type == BATADV_ECHO_REQUEST) &&
388 skb->len >= sizeof(struct batadv_icmp_packet_rr)) {
389 if (skb_linearize(skb) < 0)
390 goto free_skb;
391
392 /* create a copy of the skb, if needed, to modify it. */
393 if (skb_cow(skb, ETH_HLEN) < 0)
394 goto free_skb;
395
396 ethhdr = eth_hdr(skb);
397 icmph = (struct batadv_icmp_header *)skb->data;
398 icmp_packet_rr = (struct batadv_icmp_packet_rr *)icmph;
399 if (icmp_packet_rr->rr_cur >= BATADV_RR_LEN)
400 goto free_skb;
401
402 ether_addr_copy(icmp_packet_rr->rr[icmp_packet_rr->rr_cur],
403 ethhdr->h_dest);
404 icmp_packet_rr->rr_cur++;
405 }
406
407 /* packet for me */
408 if (batadv_is_my_mac(bat_priv, icmph->dst))
409 return batadv_recv_my_icmp_packet(bat_priv, skb);
410
411 /* TTL exceeded */
412 if (icmph->ttl < 2)
413 return batadv_recv_icmp_ttl_exceeded(bat_priv, skb);
414
415 /* get routing information */
416 orig_node = batadv_orig_hash_find(bat_priv, icmph->dst);
417 if (!orig_node)
418 goto free_skb;
419
420 /* create a copy of the skb, if needed, to modify it. */
421 if (skb_cow(skb, ETH_HLEN) < 0)
422 goto put_orig_node;
423
424 icmph = (struct batadv_icmp_header *)skb->data;
425
426 /* decrement ttl */
427 icmph->ttl--;
428
429 /* route it */
430 res = batadv_send_skb_to_orig(skb, orig_node, recv_if);
431 if (res == NET_XMIT_SUCCESS)
432 ret = NET_RX_SUCCESS;
433
434 /* skb was consumed */
435 skb = NULL;
436
437 put_orig_node:
438 if (orig_node)
439 batadv_orig_node_put(orig_node);
440 free_skb:
441 kfree_skb(skb);
442
443 return ret;
444 }
445
446 /**
447 * batadv_check_unicast_packet() - Check for malformed unicast packets
448 * @bat_priv: the bat priv with all the soft interface information
449 * @skb: packet to check
450 * @hdr_size: size of header to pull
451 *
452 * Check for short header and bad addresses in given packet.
453 *
454 * Return: negative value when check fails and 0 otherwise. The negative value
455 * depends on the reason: -ENODATA for bad header, -EBADR for broadcast
456 * destination or source, and -EREMOTE for non-local (other host) destination.
457 */
batadv_check_unicast_packet(struct batadv_priv * bat_priv,struct sk_buff * skb,int hdr_size)458 static int batadv_check_unicast_packet(struct batadv_priv *bat_priv,
459 struct sk_buff *skb, int hdr_size)
460 {
461 struct ethhdr *ethhdr;
462
463 /* drop packet if it has not necessary minimum size */
464 if (unlikely(!pskb_may_pull(skb, hdr_size)))
465 return -ENODATA;
466
467 ethhdr = eth_hdr(skb);
468
469 /* packet with unicast indication but non-unicast recipient */
470 if (!is_valid_ether_addr(ethhdr->h_dest))
471 return -EBADR;
472
473 /* packet with broadcast/multicast sender address */
474 if (is_multicast_ether_addr(ethhdr->h_source))
475 return -EBADR;
476
477 /* not for me */
478 if (!batadv_is_my_mac(bat_priv, ethhdr->h_dest))
479 return -EREMOTE;
480
481 return 0;
482 }
483
484 /**
485 * batadv_last_bonding_get() - Get last_bonding_candidate of orig_node
486 * @orig_node: originator node whose last bonding candidate should be retrieved
487 *
488 * Return: last bonding candidate of router or NULL if not found
489 *
490 * The object is returned with refcounter increased by 1.
491 */
492 static struct batadv_orig_ifinfo *
batadv_last_bonding_get(struct batadv_orig_node * orig_node)493 batadv_last_bonding_get(struct batadv_orig_node *orig_node)
494 {
495 struct batadv_orig_ifinfo *last_bonding_candidate;
496
497 spin_lock_bh(&orig_node->neigh_list_lock);
498 last_bonding_candidate = orig_node->last_bonding_candidate;
499
500 if (last_bonding_candidate)
501 kref_get(&last_bonding_candidate->refcount);
502 spin_unlock_bh(&orig_node->neigh_list_lock);
503
504 return last_bonding_candidate;
505 }
506
507 /**
508 * batadv_last_bonding_replace() - Replace last_bonding_candidate of orig_node
509 * @orig_node: originator node whose bonding candidates should be replaced
510 * @new_candidate: new bonding candidate or NULL
511 */
512 static void
batadv_last_bonding_replace(struct batadv_orig_node * orig_node,struct batadv_orig_ifinfo * new_candidate)513 batadv_last_bonding_replace(struct batadv_orig_node *orig_node,
514 struct batadv_orig_ifinfo *new_candidate)
515 {
516 struct batadv_orig_ifinfo *old_candidate;
517
518 spin_lock_bh(&orig_node->neigh_list_lock);
519 old_candidate = orig_node->last_bonding_candidate;
520
521 if (new_candidate)
522 kref_get(&new_candidate->refcount);
523 orig_node->last_bonding_candidate = new_candidate;
524 spin_unlock_bh(&orig_node->neigh_list_lock);
525
526 if (old_candidate)
527 batadv_orig_ifinfo_put(old_candidate);
528 }
529
530 /**
531 * batadv_find_router() - find a suitable router for this originator
532 * @bat_priv: the bat priv with all the soft interface information
533 * @orig_node: the destination node
534 * @recv_if: pointer to interface this packet was received on
535 *
536 * Return: the router which should be used for this orig_node on
537 * this interface, or NULL if not available.
538 */
539 struct batadv_neigh_node *
batadv_find_router(struct batadv_priv * bat_priv,struct batadv_orig_node * orig_node,struct batadv_hard_iface * recv_if)540 batadv_find_router(struct batadv_priv *bat_priv,
541 struct batadv_orig_node *orig_node,
542 struct batadv_hard_iface *recv_if)
543 {
544 struct batadv_algo_ops *bao = bat_priv->algo_ops;
545 struct batadv_neigh_node *first_candidate_router = NULL;
546 struct batadv_neigh_node *next_candidate_router = NULL;
547 struct batadv_neigh_node *router, *cand_router = NULL;
548 struct batadv_neigh_node *last_cand_router = NULL;
549 struct batadv_orig_ifinfo *cand, *first_candidate = NULL;
550 struct batadv_orig_ifinfo *next_candidate = NULL;
551 struct batadv_orig_ifinfo *last_candidate;
552 bool last_candidate_found = false;
553
554 if (!orig_node)
555 return NULL;
556
557 router = batadv_orig_router_get(orig_node, recv_if);
558
559 if (!router)
560 return router;
561
562 /* only consider bonding for recv_if == BATADV_IF_DEFAULT (first hop)
563 * and if activated.
564 */
565 if (!(recv_if == BATADV_IF_DEFAULT && atomic_read(&bat_priv->bonding)))
566 return router;
567
568 /* bonding: loop through the list of possible routers found
569 * for the various outgoing interfaces and find a candidate after
570 * the last chosen bonding candidate (next_candidate). If no such
571 * router is found, use the first candidate found (the previously
572 * chosen bonding candidate might have been the last one in the list).
573 * If this can't be found either, return the previously chosen
574 * router - obviously there are no other candidates.
575 */
576 rcu_read_lock();
577 last_candidate = batadv_last_bonding_get(orig_node);
578 if (last_candidate)
579 last_cand_router = rcu_dereference(last_candidate->router);
580
581 hlist_for_each_entry_rcu(cand, &orig_node->ifinfo_list, list) {
582 /* acquire some structures and references ... */
583 if (!kref_get_unless_zero(&cand->refcount))
584 continue;
585
586 cand_router = rcu_dereference(cand->router);
587 if (!cand_router)
588 goto next;
589
590 if (!kref_get_unless_zero(&cand_router->refcount)) {
591 cand_router = NULL;
592 goto next;
593 }
594
595 /* alternative candidate should be good enough to be
596 * considered
597 */
598 if (!bao->neigh.is_similar_or_better(cand_router,
599 cand->if_outgoing, router,
600 recv_if))
601 goto next;
602
603 /* don't use the same router twice */
604 if (last_cand_router == cand_router)
605 goto next;
606
607 /* mark the first possible candidate */
608 if (!first_candidate) {
609 kref_get(&cand_router->refcount);
610 kref_get(&cand->refcount);
611 first_candidate = cand;
612 first_candidate_router = cand_router;
613 }
614
615 /* check if the loop has already passed the previously selected
616 * candidate ... this function should select the next candidate
617 * AFTER the previously used bonding candidate.
618 */
619 if (!last_candidate || last_candidate_found) {
620 next_candidate = cand;
621 next_candidate_router = cand_router;
622 break;
623 }
624
625 if (last_candidate == cand)
626 last_candidate_found = true;
627 next:
628 /* free references */
629 if (cand_router) {
630 batadv_neigh_node_put(cand_router);
631 cand_router = NULL;
632 }
633 batadv_orig_ifinfo_put(cand);
634 }
635 rcu_read_unlock();
636
637 /* After finding candidates, handle the three cases:
638 * 1) there is a next candidate, use that
639 * 2) there is no next candidate, use the first of the list
640 * 3) there is no candidate at all, return the default router
641 */
642 if (next_candidate) {
643 batadv_neigh_node_put(router);
644
645 kref_get(&next_candidate_router->refcount);
646 router = next_candidate_router;
647 batadv_last_bonding_replace(orig_node, next_candidate);
648 } else if (first_candidate) {
649 batadv_neigh_node_put(router);
650
651 kref_get(&first_candidate_router->refcount);
652 router = first_candidate_router;
653 batadv_last_bonding_replace(orig_node, first_candidate);
654 } else {
655 batadv_last_bonding_replace(orig_node, NULL);
656 }
657
658 /* cleanup of candidates */
659 if (first_candidate) {
660 batadv_neigh_node_put(first_candidate_router);
661 batadv_orig_ifinfo_put(first_candidate);
662 }
663
664 if (next_candidate) {
665 batadv_neigh_node_put(next_candidate_router);
666 batadv_orig_ifinfo_put(next_candidate);
667 }
668
669 if (last_candidate)
670 batadv_orig_ifinfo_put(last_candidate);
671
672 return router;
673 }
674
batadv_route_unicast_packet(struct sk_buff * skb,struct batadv_hard_iface * recv_if)675 static int batadv_route_unicast_packet(struct sk_buff *skb,
676 struct batadv_hard_iface *recv_if)
677 {
678 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
679 struct batadv_orig_node *orig_node = NULL;
680 struct batadv_unicast_packet *unicast_packet;
681 struct ethhdr *ethhdr = eth_hdr(skb);
682 int res, hdr_len, ret = NET_RX_DROP;
683 unsigned int len;
684
685 unicast_packet = (struct batadv_unicast_packet *)skb->data;
686
687 /* TTL exceeded */
688 if (unicast_packet->ttl < 2) {
689 pr_debug("Warning - can't forward unicast packet from %pM to %pM: ttl exceeded\n",
690 ethhdr->h_source, unicast_packet->dest);
691 goto free_skb;
692 }
693
694 /* get routing information */
695 orig_node = batadv_orig_hash_find(bat_priv, unicast_packet->dest);
696
697 if (!orig_node)
698 goto free_skb;
699
700 /* create a copy of the skb, if needed, to modify it. */
701 if (skb_cow(skb, ETH_HLEN) < 0)
702 goto put_orig_node;
703
704 /* decrement ttl */
705 unicast_packet = (struct batadv_unicast_packet *)skb->data;
706 unicast_packet->ttl--;
707
708 switch (unicast_packet->packet_type) {
709 case BATADV_UNICAST_4ADDR:
710 hdr_len = sizeof(struct batadv_unicast_4addr_packet);
711 break;
712 case BATADV_UNICAST:
713 hdr_len = sizeof(struct batadv_unicast_packet);
714 break;
715 default:
716 /* other packet types not supported - yet */
717 hdr_len = -1;
718 break;
719 }
720
721 if (hdr_len > 0)
722 batadv_skb_set_priority(skb, hdr_len);
723
724 len = skb->len;
725 res = batadv_send_skb_to_orig(skb, orig_node, recv_if);
726
727 /* translate transmit result into receive result */
728 if (res == NET_XMIT_SUCCESS) {
729 ret = NET_RX_SUCCESS;
730 /* skb was transmitted and consumed */
731 batadv_inc_counter(bat_priv, BATADV_CNT_FORWARD);
732 batadv_add_counter(bat_priv, BATADV_CNT_FORWARD_BYTES,
733 len + ETH_HLEN);
734 }
735
736 /* skb was consumed */
737 skb = NULL;
738
739 put_orig_node:
740 batadv_orig_node_put(orig_node);
741 free_skb:
742 kfree_skb(skb);
743
744 return ret;
745 }
746
747 /**
748 * batadv_reroute_unicast_packet() - update the unicast header for re-routing
749 * @bat_priv: the bat priv with all the soft interface information
750 * @skb: unicast packet to process
751 * @unicast_packet: the unicast header to be updated
752 * @dst_addr: the payload destination
753 * @vid: VLAN identifier
754 *
755 * Search the translation table for dst_addr and update the unicast header with
756 * the new corresponding information (originator address where the destination
757 * client currently is and its known TTVN)
758 *
759 * Return: true if the packet header has been updated, false otherwise
760 */
761 static bool
batadv_reroute_unicast_packet(struct batadv_priv * bat_priv,struct sk_buff * skb,struct batadv_unicast_packet * unicast_packet,u8 * dst_addr,unsigned short vid)762 batadv_reroute_unicast_packet(struct batadv_priv *bat_priv, struct sk_buff *skb,
763 struct batadv_unicast_packet *unicast_packet,
764 u8 *dst_addr, unsigned short vid)
765 {
766 struct batadv_orig_node *orig_node = NULL;
767 struct batadv_hard_iface *primary_if = NULL;
768 bool ret = false;
769 u8 *orig_addr, orig_ttvn;
770
771 if (batadv_is_my_client(bat_priv, dst_addr, vid)) {
772 primary_if = batadv_primary_if_get_selected(bat_priv);
773 if (!primary_if)
774 goto out;
775 orig_addr = primary_if->net_dev->dev_addr;
776 orig_ttvn = (u8)atomic_read(&bat_priv->tt.vn);
777 } else {
778 orig_node = batadv_transtable_search(bat_priv, NULL, dst_addr,
779 vid);
780 if (!orig_node)
781 goto out;
782
783 if (batadv_compare_eth(orig_node->orig, unicast_packet->dest))
784 goto out;
785
786 orig_addr = orig_node->orig;
787 orig_ttvn = (u8)atomic_read(&orig_node->last_ttvn);
788 }
789
790 /* update the packet header */
791 skb_postpull_rcsum(skb, unicast_packet, sizeof(*unicast_packet));
792 ether_addr_copy(unicast_packet->dest, orig_addr);
793 unicast_packet->ttvn = orig_ttvn;
794 skb_postpush_rcsum(skb, unicast_packet, sizeof(*unicast_packet));
795
796 ret = true;
797 out:
798 if (primary_if)
799 batadv_hardif_put(primary_if);
800 if (orig_node)
801 batadv_orig_node_put(orig_node);
802
803 return ret;
804 }
805
batadv_check_unicast_ttvn(struct batadv_priv * bat_priv,struct sk_buff * skb,int hdr_len)806 static bool batadv_check_unicast_ttvn(struct batadv_priv *bat_priv,
807 struct sk_buff *skb, int hdr_len)
808 {
809 struct batadv_unicast_packet *unicast_packet;
810 struct batadv_hard_iface *primary_if;
811 struct batadv_orig_node *orig_node;
812 u8 curr_ttvn, old_ttvn;
813 struct ethhdr *ethhdr;
814 unsigned short vid;
815 int is_old_ttvn;
816
817 /* check if there is enough data before accessing it */
818 if (!pskb_may_pull(skb, hdr_len + ETH_HLEN))
819 return false;
820
821 /* create a copy of the skb (in case of for re-routing) to modify it. */
822 if (skb_cow(skb, sizeof(*unicast_packet)) < 0)
823 return false;
824
825 unicast_packet = (struct batadv_unicast_packet *)skb->data;
826 vid = batadv_get_vid(skb, hdr_len);
827 ethhdr = (struct ethhdr *)(skb->data + hdr_len);
828
829 /* check if the destination client was served by this node and it is now
830 * roaming. In this case, it means that the node has got a ROAM_ADV
831 * message and that it knows the new destination in the mesh to re-route
832 * the packet to
833 */
834 if (batadv_tt_local_client_is_roaming(bat_priv, ethhdr->h_dest, vid)) {
835 if (batadv_reroute_unicast_packet(bat_priv, skb, unicast_packet,
836 ethhdr->h_dest, vid))
837 batadv_dbg_ratelimited(BATADV_DBG_TT,
838 bat_priv,
839 "Rerouting unicast packet to %pM (dst=%pM): Local Roaming\n",
840 unicast_packet->dest,
841 ethhdr->h_dest);
842 /* at this point the mesh destination should have been
843 * substituted with the originator address found in the global
844 * table. If not, let the packet go untouched anyway because
845 * there is nothing the node can do
846 */
847 return true;
848 }
849
850 /* retrieve the TTVN known by this node for the packet destination. This
851 * value is used later to check if the node which sent (or re-routed
852 * last time) the packet had an updated information or not
853 */
854 curr_ttvn = (u8)atomic_read(&bat_priv->tt.vn);
855 if (!batadv_is_my_mac(bat_priv, unicast_packet->dest)) {
856 orig_node = batadv_orig_hash_find(bat_priv,
857 unicast_packet->dest);
858 /* if it is not possible to find the orig_node representing the
859 * destination, the packet can immediately be dropped as it will
860 * not be possible to deliver it
861 */
862 if (!orig_node)
863 return false;
864
865 curr_ttvn = (u8)atomic_read(&orig_node->last_ttvn);
866 batadv_orig_node_put(orig_node);
867 }
868
869 /* check if the TTVN contained in the packet is fresher than what the
870 * node knows
871 */
872 is_old_ttvn = batadv_seq_before(unicast_packet->ttvn, curr_ttvn);
873 if (!is_old_ttvn)
874 return true;
875
876 old_ttvn = unicast_packet->ttvn;
877 /* the packet was forged based on outdated network information. Its
878 * destination can possibly be updated and forwarded towards the new
879 * target host
880 */
881 if (batadv_reroute_unicast_packet(bat_priv, skb, unicast_packet,
882 ethhdr->h_dest, vid)) {
883 batadv_dbg_ratelimited(BATADV_DBG_TT, bat_priv,
884 "Rerouting unicast packet to %pM (dst=%pM): TTVN mismatch old_ttvn=%u new_ttvn=%u\n",
885 unicast_packet->dest, ethhdr->h_dest,
886 old_ttvn, curr_ttvn);
887 return true;
888 }
889
890 /* the packet has not been re-routed: either the destination is
891 * currently served by this node or there is no destination at all and
892 * it is possible to drop the packet
893 */
894 if (!batadv_is_my_client(bat_priv, ethhdr->h_dest, vid))
895 return false;
896
897 /* update the header in order to let the packet be delivered to this
898 * node's soft interface
899 */
900 primary_if = batadv_primary_if_get_selected(bat_priv);
901 if (!primary_if)
902 return false;
903
904 /* update the packet header */
905 skb_postpull_rcsum(skb, unicast_packet, sizeof(*unicast_packet));
906 ether_addr_copy(unicast_packet->dest, primary_if->net_dev->dev_addr);
907 unicast_packet->ttvn = curr_ttvn;
908 skb_postpush_rcsum(skb, unicast_packet, sizeof(*unicast_packet));
909
910 batadv_hardif_put(primary_if);
911
912 return true;
913 }
914
915 /**
916 * batadv_recv_unhandled_unicast_packet() - receive and process packets which
917 * are in the unicast number space but not yet known to the implementation
918 * @skb: unicast tvlv packet to process
919 * @recv_if: pointer to interface this packet was received on
920 *
921 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP
922 * otherwise.
923 */
batadv_recv_unhandled_unicast_packet(struct sk_buff * skb,struct batadv_hard_iface * recv_if)924 int batadv_recv_unhandled_unicast_packet(struct sk_buff *skb,
925 struct batadv_hard_iface *recv_if)
926 {
927 struct batadv_unicast_packet *unicast_packet;
928 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
929 int check, hdr_size = sizeof(*unicast_packet);
930
931 check = batadv_check_unicast_packet(bat_priv, skb, hdr_size);
932 if (check < 0)
933 goto free_skb;
934
935 /* we don't know about this type, drop it. */
936 unicast_packet = (struct batadv_unicast_packet *)skb->data;
937 if (batadv_is_my_mac(bat_priv, unicast_packet->dest))
938 goto free_skb;
939
940 return batadv_route_unicast_packet(skb, recv_if);
941
942 free_skb:
943 kfree_skb(skb);
944 return NET_RX_DROP;
945 }
946
947 /**
948 * batadv_recv_unicast_packet() - Process incoming unicast packet
949 * @skb: incoming packet buffer
950 * @recv_if: incoming hard interface
951 *
952 * Return: NET_RX_SUCCESS on success or NET_RX_DROP in case of failure
953 */
batadv_recv_unicast_packet(struct sk_buff * skb,struct batadv_hard_iface * recv_if)954 int batadv_recv_unicast_packet(struct sk_buff *skb,
955 struct batadv_hard_iface *recv_if)
956 {
957 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
958 struct batadv_unicast_packet *unicast_packet;
959 struct batadv_unicast_4addr_packet *unicast_4addr_packet;
960 u8 *orig_addr, *orig_addr_gw;
961 struct batadv_orig_node *orig_node = NULL, *orig_node_gw = NULL;
962 int check, hdr_size = sizeof(*unicast_packet);
963 enum batadv_subtype subtype;
964 int ret = NET_RX_DROP;
965 bool is4addr, is_gw;
966
967 unicast_packet = (struct batadv_unicast_packet *)skb->data;
968 is4addr = unicast_packet->packet_type == BATADV_UNICAST_4ADDR;
969 /* the caller function should have already pulled 2 bytes */
970 if (is4addr)
971 hdr_size = sizeof(*unicast_4addr_packet);
972
973 /* function returns -EREMOTE for promiscuous packets */
974 check = batadv_check_unicast_packet(bat_priv, skb, hdr_size);
975
976 /* Even though the packet is not for us, we might save it to use for
977 * decoding a later received coded packet
978 */
979 if (check == -EREMOTE)
980 batadv_nc_skb_store_sniffed_unicast(bat_priv, skb);
981
982 if (check < 0)
983 goto free_skb;
984 if (!batadv_check_unicast_ttvn(bat_priv, skb, hdr_size))
985 goto free_skb;
986
987 unicast_packet = (struct batadv_unicast_packet *)skb->data;
988
989 /* packet for me */
990 if (batadv_is_my_mac(bat_priv, unicast_packet->dest)) {
991 /* If this is a unicast packet from another backgone gw,
992 * drop it.
993 */
994 orig_addr_gw = eth_hdr(skb)->h_source;
995 orig_node_gw = batadv_orig_hash_find(bat_priv, orig_addr_gw);
996 if (orig_node_gw) {
997 is_gw = batadv_bla_is_backbone_gw(skb, orig_node_gw,
998 hdr_size);
999 batadv_orig_node_put(orig_node_gw);
1000 if (is_gw) {
1001 batadv_dbg(BATADV_DBG_BLA, bat_priv,
1002 "%s(): Dropped unicast pkt received from another backbone gw %pM.\n",
1003 __func__, orig_addr_gw);
1004 goto free_skb;
1005 }
1006 }
1007
1008 if (is4addr) {
1009 unicast_4addr_packet =
1010 (struct batadv_unicast_4addr_packet *)skb->data;
1011 subtype = unicast_4addr_packet->subtype;
1012 batadv_dat_inc_counter(bat_priv, subtype);
1013
1014 /* Only payload data should be considered for speedy
1015 * join. For example, DAT also uses unicast 4addr
1016 * types, but those packets should not be considered
1017 * for speedy join, since the clients do not actually
1018 * reside at the sending originator.
1019 */
1020 if (subtype == BATADV_P_DATA) {
1021 orig_addr = unicast_4addr_packet->src;
1022 orig_node = batadv_orig_hash_find(bat_priv,
1023 orig_addr);
1024 }
1025 }
1026
1027 if (batadv_dat_snoop_incoming_arp_request(bat_priv, skb,
1028 hdr_size))
1029 goto rx_success;
1030 if (batadv_dat_snoop_incoming_arp_reply(bat_priv, skb,
1031 hdr_size))
1032 goto rx_success;
1033
1034 batadv_dat_snoop_incoming_dhcp_ack(bat_priv, skb, hdr_size);
1035
1036 batadv_interface_rx(recv_if->soft_iface, skb, hdr_size,
1037 orig_node);
1038
1039 rx_success:
1040 if (orig_node)
1041 batadv_orig_node_put(orig_node);
1042
1043 return NET_RX_SUCCESS;
1044 }
1045
1046 ret = batadv_route_unicast_packet(skb, recv_if);
1047 /* skb was consumed */
1048 skb = NULL;
1049
1050 free_skb:
1051 kfree_skb(skb);
1052
1053 return ret;
1054 }
1055
1056 /**
1057 * batadv_recv_unicast_tvlv() - receive and process unicast tvlv packets
1058 * @skb: unicast tvlv packet to process
1059 * @recv_if: pointer to interface this packet was received on
1060 *
1061 * Return: NET_RX_SUCCESS if the packet has been consumed or NET_RX_DROP
1062 * otherwise.
1063 */
batadv_recv_unicast_tvlv(struct sk_buff * skb,struct batadv_hard_iface * recv_if)1064 int batadv_recv_unicast_tvlv(struct sk_buff *skb,
1065 struct batadv_hard_iface *recv_if)
1066 {
1067 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
1068 struct batadv_unicast_tvlv_packet *unicast_tvlv_packet;
1069 unsigned char *tvlv_buff;
1070 u16 tvlv_buff_len;
1071 int hdr_size = sizeof(*unicast_tvlv_packet);
1072 int ret = NET_RX_DROP;
1073
1074 if (batadv_check_unicast_packet(bat_priv, skb, hdr_size) < 0)
1075 goto free_skb;
1076
1077 /* the header is likely to be modified while forwarding */
1078 if (skb_cow(skb, hdr_size) < 0)
1079 goto free_skb;
1080
1081 /* packet needs to be linearized to access the tvlv content */
1082 if (skb_linearize(skb) < 0)
1083 goto free_skb;
1084
1085 unicast_tvlv_packet = (struct batadv_unicast_tvlv_packet *)skb->data;
1086
1087 tvlv_buff = (unsigned char *)(skb->data + hdr_size);
1088 tvlv_buff_len = ntohs(unicast_tvlv_packet->tvlv_len);
1089
1090 if (tvlv_buff_len > skb->len - hdr_size)
1091 goto free_skb;
1092
1093 ret = batadv_tvlv_containers_process(bat_priv, false, NULL,
1094 unicast_tvlv_packet->src,
1095 unicast_tvlv_packet->dst,
1096 tvlv_buff, tvlv_buff_len);
1097
1098 if (ret != NET_RX_SUCCESS) {
1099 ret = batadv_route_unicast_packet(skb, recv_if);
1100 /* skb was consumed */
1101 skb = NULL;
1102 }
1103
1104 free_skb:
1105 kfree_skb(skb);
1106
1107 return ret;
1108 }
1109
1110 /**
1111 * batadv_recv_frag_packet() - process received fragment
1112 * @skb: the received fragment
1113 * @recv_if: interface that the skb is received on
1114 *
1115 * This function does one of the three following things: 1) Forward fragment, if
1116 * the assembled packet will exceed our MTU; 2) Buffer fragment, if we till
1117 * lack further fragments; 3) Merge fragments, if we have all needed parts.
1118 *
1119 * Return: NET_RX_DROP if the skb is not consumed, NET_RX_SUCCESS otherwise.
1120 */
batadv_recv_frag_packet(struct sk_buff * skb,struct batadv_hard_iface * recv_if)1121 int batadv_recv_frag_packet(struct sk_buff *skb,
1122 struct batadv_hard_iface *recv_if)
1123 {
1124 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
1125 struct batadv_orig_node *orig_node_src = NULL;
1126 struct batadv_frag_packet *frag_packet;
1127 int ret = NET_RX_DROP;
1128
1129 if (batadv_check_unicast_packet(bat_priv, skb,
1130 sizeof(*frag_packet)) < 0)
1131 goto free_skb;
1132
1133 frag_packet = (struct batadv_frag_packet *)skb->data;
1134 orig_node_src = batadv_orig_hash_find(bat_priv, frag_packet->orig);
1135 if (!orig_node_src)
1136 goto free_skb;
1137
1138 skb->priority = frag_packet->priority + 256;
1139
1140 /* Route the fragment if it is not for us and too big to be merged. */
1141 if (!batadv_is_my_mac(bat_priv, frag_packet->dest) &&
1142 batadv_frag_skb_fwd(skb, recv_if, orig_node_src)) {
1143 /* skb was consumed */
1144 skb = NULL;
1145 ret = NET_RX_SUCCESS;
1146 goto put_orig_node;
1147 }
1148
1149 batadv_inc_counter(bat_priv, BATADV_CNT_FRAG_RX);
1150 batadv_add_counter(bat_priv, BATADV_CNT_FRAG_RX_BYTES, skb->len);
1151
1152 /* Add fragment to buffer and merge if possible. */
1153 if (!batadv_frag_skb_buffer(&skb, orig_node_src))
1154 goto put_orig_node;
1155
1156 /* Deliver merged packet to the appropriate handler, if it was
1157 * merged
1158 */
1159 if (skb) {
1160 batadv_batman_skb_recv(skb, recv_if->net_dev,
1161 &recv_if->batman_adv_ptype, NULL);
1162 /* skb was consumed */
1163 skb = NULL;
1164 }
1165
1166 ret = NET_RX_SUCCESS;
1167
1168 put_orig_node:
1169 batadv_orig_node_put(orig_node_src);
1170 free_skb:
1171 kfree_skb(skb);
1172
1173 return ret;
1174 }
1175
1176 /**
1177 * batadv_recv_bcast_packet() - Process incoming broadcast packet
1178 * @skb: incoming packet buffer
1179 * @recv_if: incoming hard interface
1180 *
1181 * Return: NET_RX_SUCCESS on success or NET_RX_DROP in case of failure
1182 */
batadv_recv_bcast_packet(struct sk_buff * skb,struct batadv_hard_iface * recv_if)1183 int batadv_recv_bcast_packet(struct sk_buff *skb,
1184 struct batadv_hard_iface *recv_if)
1185 {
1186 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
1187 struct batadv_orig_node *orig_node = NULL;
1188 struct batadv_bcast_packet *bcast_packet;
1189 struct ethhdr *ethhdr;
1190 int hdr_size = sizeof(*bcast_packet);
1191 int ret = NET_RX_DROP;
1192 s32 seq_diff;
1193 u32 seqno;
1194
1195 /* drop packet if it has not necessary minimum size */
1196 if (unlikely(!pskb_may_pull(skb, hdr_size)))
1197 goto free_skb;
1198
1199 ethhdr = eth_hdr(skb);
1200
1201 /* packet with broadcast indication but unicast recipient */
1202 if (!is_broadcast_ether_addr(ethhdr->h_dest))
1203 goto free_skb;
1204
1205 /* packet with broadcast/multicast sender address */
1206 if (is_multicast_ether_addr(ethhdr->h_source))
1207 goto free_skb;
1208
1209 /* ignore broadcasts sent by myself */
1210 if (batadv_is_my_mac(bat_priv, ethhdr->h_source))
1211 goto free_skb;
1212
1213 bcast_packet = (struct batadv_bcast_packet *)skb->data;
1214
1215 /* ignore broadcasts originated by myself */
1216 if (batadv_is_my_mac(bat_priv, bcast_packet->orig))
1217 goto free_skb;
1218
1219 if (bcast_packet->ttl < 2)
1220 goto free_skb;
1221
1222 orig_node = batadv_orig_hash_find(bat_priv, bcast_packet->orig);
1223
1224 if (!orig_node)
1225 goto free_skb;
1226
1227 spin_lock_bh(&orig_node->bcast_seqno_lock);
1228
1229 seqno = ntohl(bcast_packet->seqno);
1230 /* check whether the packet is a duplicate */
1231 if (batadv_test_bit(orig_node->bcast_bits, orig_node->last_bcast_seqno,
1232 seqno))
1233 goto spin_unlock;
1234
1235 seq_diff = seqno - orig_node->last_bcast_seqno;
1236
1237 /* check whether the packet is old and the host just restarted. */
1238 if (batadv_window_protected(bat_priv, seq_diff,
1239 BATADV_BCAST_MAX_AGE,
1240 &orig_node->bcast_seqno_reset, NULL))
1241 goto spin_unlock;
1242
1243 /* mark broadcast in flood history, update window position
1244 * if required.
1245 */
1246 if (batadv_bit_get_packet(bat_priv, orig_node->bcast_bits, seq_diff, 1))
1247 orig_node->last_bcast_seqno = seqno;
1248
1249 spin_unlock_bh(&orig_node->bcast_seqno_lock);
1250
1251 /* check whether this has been sent by another originator before */
1252 if (batadv_bla_check_bcast_duplist(bat_priv, skb))
1253 goto free_skb;
1254
1255 batadv_skb_set_priority(skb, sizeof(struct batadv_bcast_packet));
1256
1257 /* rebroadcast packet */
1258 batadv_add_bcast_packet_to_list(bat_priv, skb, 1, false);
1259
1260 /* don't hand the broadcast up if it is from an originator
1261 * from the same backbone.
1262 */
1263 if (batadv_bla_is_backbone_gw(skb, orig_node, hdr_size))
1264 goto free_skb;
1265
1266 if (batadv_dat_snoop_incoming_arp_request(bat_priv, skb, hdr_size))
1267 goto rx_success;
1268 if (batadv_dat_snoop_incoming_arp_reply(bat_priv, skb, hdr_size))
1269 goto rx_success;
1270
1271 batadv_dat_snoop_incoming_dhcp_ack(bat_priv, skb, hdr_size);
1272
1273 /* broadcast for me */
1274 batadv_interface_rx(recv_if->soft_iface, skb, hdr_size, orig_node);
1275
1276 rx_success:
1277 ret = NET_RX_SUCCESS;
1278 goto out;
1279
1280 spin_unlock:
1281 spin_unlock_bh(&orig_node->bcast_seqno_lock);
1282 free_skb:
1283 kfree_skb(skb);
1284 out:
1285 if (orig_node)
1286 batadv_orig_node_put(orig_node);
1287 return ret;
1288 }
1289
