1 /*
2  * net/tipc/node.c: TIPC node management routines
3  *
4  * Copyright (c) 2000-2006, 2012-2016, Ericsson AB
5  * Copyright (c) 2005-2006, 2010-2014, Wind River Systems
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. Neither the names of the copyright holders nor the names of its
17  *    contributors may be used to endorse or promote products derived from
18  *    this software without specific prior written permission.
19  *
20  * Alternatively, this software may be distributed under the terms of the
21  * GNU General Public License ("GPL") version 2 as published by the Free
22  * Software Foundation.
23  *
24  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
25  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
28  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
31  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
32  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
33  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
34  * POSSIBILITY OF SUCH DAMAGE.
35  */
36 
37 #include "core.h"
38 #include "link.h"
39 #include "node.h"
40 #include "name_distr.h"
41 #include "socket.h"
42 #include "bcast.h"
43 #include "monitor.h"
44 #include "discover.h"
45 #include "netlink.h"
46 #include "trace.h"
47 #include "crypto.h"
48 
49 #define INVALID_NODE_SIG	0x10000
50 #define NODE_CLEANUP_AFTER	300000
51 
52 /* Flags used to take different actions according to flag type
53  * TIPC_NOTIFY_NODE_DOWN: notify node is down
54  * TIPC_NOTIFY_NODE_UP: notify node is up
55  * TIPC_DISTRIBUTE_NAME: publish or withdraw link state name type
56  */
57 enum {
58 	TIPC_NOTIFY_NODE_DOWN		= (1 << 3),
59 	TIPC_NOTIFY_NODE_UP		= (1 << 4),
60 	TIPC_NOTIFY_LINK_UP		= (1 << 6),
61 	TIPC_NOTIFY_LINK_DOWN		= (1 << 7)
62 };
63 
64 struct tipc_link_entry {
65 	struct tipc_link *link;
66 	spinlock_t lock; /* per link */
67 	u32 mtu;
68 	struct sk_buff_head inputq;
69 	struct tipc_media_addr maddr;
70 };
71 
72 struct tipc_bclink_entry {
73 	struct tipc_link *link;
74 	struct sk_buff_head inputq1;
75 	struct sk_buff_head arrvq;
76 	struct sk_buff_head inputq2;
77 	struct sk_buff_head namedq;
78 	u16 named_rcv_nxt;
79 	bool named_open;
80 };
81 
82 /**
83  * struct tipc_node - TIPC node structure
84  * @addr: network address of node
85  * @kref: reference counter to node object
86  * @lock: rwlock governing access to structure
87  * @net: the applicable net namespace
88  * @hash: links to adjacent nodes in unsorted hash chain
89  * @inputq: pointer to input queue containing messages for msg event
90  * @namedq: pointer to name table input queue with name table messages
91  * @active_links: bearer ids of active links, used as index into links[] array
92  * @links: array containing references to all links to node
93  * @bc_entry: broadcast link entry
94  * @action_flags: bit mask of different types of node actions
95  * @state: connectivity state vs peer node
96  * @preliminary: a preliminary node or not
97  * @failover_sent: failover sent or not
98  * @sync_point: sequence number where synch/failover is finished
99  * @list: links to adjacent nodes in sorted list of cluster's nodes
100  * @working_links: number of working links to node (both active and standby)
101  * @link_cnt: number of links to node
102  * @capabilities: bitmap, indicating peer node's functional capabilities
103  * @signature: node instance identifier
104  * @link_id: local and remote bearer ids of changing link, if any
105  * @peer_id: 128-bit ID of peer
106  * @peer_id_string: ID string of peer
107  * @publ_list: list of publications
108  * @conn_sks: list of connections (FIXME)
109  * @timer: node's keepalive timer
110  * @keepalive_intv: keepalive interval in milliseconds
111  * @rcu: rcu struct for tipc_node
112  * @delete_at: indicates the time for deleting a down node
113  * @peer_net: peer's net namespace
114  * @peer_hash_mix: hash for this peer (FIXME)
115  * @crypto_rx: RX crypto handler
116  */
117 struct tipc_node {
118 	u32 addr;
119 	struct kref kref;
120 	rwlock_t lock;
121 	struct net *net;
122 	struct hlist_node hash;
123 	int active_links[2];
124 	struct tipc_link_entry links[MAX_BEARERS];
125 	struct tipc_bclink_entry bc_entry;
126 	int action_flags;
127 	struct list_head list;
128 	int state;
129 	bool preliminary;
130 	bool failover_sent;
131 	u16 sync_point;
132 	int link_cnt;
133 	u16 working_links;
134 	u16 capabilities;
135 	u32 signature;
136 	u32 link_id;
137 	u8 peer_id[16];
138 	char peer_id_string[NODE_ID_STR_LEN];
139 	struct list_head publ_list;
140 	struct list_head conn_sks;
141 	unsigned long keepalive_intv;
142 	struct timer_list timer;
143 	struct rcu_head rcu;
144 	unsigned long delete_at;
145 	struct net *peer_net;
146 	u32 peer_hash_mix;
147 #ifdef CONFIG_TIPC_CRYPTO
148 	struct tipc_crypto *crypto_rx;
149 #endif
150 };
151 
152 /* Node FSM states and events:
153  */
154 enum {
155 	SELF_DOWN_PEER_DOWN    = 0xdd,
156 	SELF_UP_PEER_UP        = 0xaa,
157 	SELF_DOWN_PEER_LEAVING = 0xd1,
158 	SELF_UP_PEER_COMING    = 0xac,
159 	SELF_COMING_PEER_UP    = 0xca,
160 	SELF_LEAVING_PEER_DOWN = 0x1d,
161 	NODE_FAILINGOVER       = 0xf0,
162 	NODE_SYNCHING          = 0xcc
163 };
164 
165 enum {
166 	SELF_ESTABL_CONTACT_EVT = 0xece,
167 	SELF_LOST_CONTACT_EVT   = 0x1ce,
168 	PEER_ESTABL_CONTACT_EVT = 0x9ece,
169 	PEER_LOST_CONTACT_EVT   = 0x91ce,
170 	NODE_FAILOVER_BEGIN_EVT = 0xfbe,
171 	NODE_FAILOVER_END_EVT   = 0xfee,
172 	NODE_SYNCH_BEGIN_EVT    = 0xcbe,
173 	NODE_SYNCH_END_EVT      = 0xcee
174 };
175 
176 static void __tipc_node_link_down(struct tipc_node *n, int *bearer_id,
177 				  struct sk_buff_head *xmitq,
178 				  struct tipc_media_addr **maddr);
179 static void tipc_node_link_down(struct tipc_node *n, int bearer_id,
180 				bool delete);
181 static void node_lost_contact(struct tipc_node *n, struct sk_buff_head *inputq);
182 static void tipc_node_delete(struct tipc_node *node);
183 static void tipc_node_timeout(struct timer_list *t);
184 static void tipc_node_fsm_evt(struct tipc_node *n, int evt);
185 static struct tipc_node *tipc_node_find(struct net *net, u32 addr);
186 static struct tipc_node *tipc_node_find_by_id(struct net *net, u8 *id);
187 static bool node_is_up(struct tipc_node *n);
188 static void tipc_node_delete_from_list(struct tipc_node *node);
189 
190 struct tipc_sock_conn {
191 	u32 port;
192 	u32 peer_port;
193 	u32 peer_node;
194 	struct list_head list;
195 };
196 
node_active_link(struct tipc_node * n,int sel)197 static struct tipc_link *node_active_link(struct tipc_node *n, int sel)
198 {
199 	int bearer_id = n->active_links[sel & 1];
200 
201 	if (unlikely(bearer_id == INVALID_BEARER_ID))
202 		return NULL;
203 
204 	return n->links[bearer_id].link;
205 }
206 
tipc_node_get_mtu(struct net * net,u32 addr,u32 sel,bool connected)207 int tipc_node_get_mtu(struct net *net, u32 addr, u32 sel, bool connected)
208 {
209 	struct tipc_node *n;
210 	int bearer_id;
211 	unsigned int mtu = MAX_MSG_SIZE;
212 
213 	n = tipc_node_find(net, addr);
214 	if (unlikely(!n))
215 		return mtu;
216 
217 	/* Allow MAX_MSG_SIZE when building connection oriented message
218 	 * if they are in the same core network
219 	 */
220 	if (n->peer_net && connected) {
221 		tipc_node_put(n);
222 		return mtu;
223 	}
224 
225 	bearer_id = n->active_links[sel & 1];
226 	if (likely(bearer_id != INVALID_BEARER_ID))
227 		mtu = n->links[bearer_id].mtu;
228 	tipc_node_put(n);
229 	return mtu;
230 }
231 
tipc_node_get_id(struct net * net,u32 addr,u8 * id)232 bool tipc_node_get_id(struct net *net, u32 addr, u8 *id)
233 {
234 	u8 *own_id = tipc_own_id(net);
235 	struct tipc_node *n;
236 
237 	if (!own_id)
238 		return true;
239 
240 	if (addr == tipc_own_addr(net)) {
241 		memcpy(id, own_id, TIPC_NODEID_LEN);
242 		return true;
243 	}
244 	n = tipc_node_find(net, addr);
245 	if (!n)
246 		return false;
247 
248 	memcpy(id, &n->peer_id, TIPC_NODEID_LEN);
249 	tipc_node_put(n);
250 	return true;
251 }
252 
tipc_node_get_capabilities(struct net * net,u32 addr)253 u16 tipc_node_get_capabilities(struct net *net, u32 addr)
254 {
255 	struct tipc_node *n;
256 	u16 caps;
257 
258 	n = tipc_node_find(net, addr);
259 	if (unlikely(!n))
260 		return TIPC_NODE_CAPABILITIES;
261 	caps = n->capabilities;
262 	tipc_node_put(n);
263 	return caps;
264 }
265 
tipc_node_get_addr(struct tipc_node * node)266 u32 tipc_node_get_addr(struct tipc_node *node)
267 {
268 	return (node) ? node->addr : 0;
269 }
270 
tipc_node_get_id_str(struct tipc_node * node)271 char *tipc_node_get_id_str(struct tipc_node *node)
272 {
273 	return node->peer_id_string;
274 }
275 
276 #ifdef CONFIG_TIPC_CRYPTO
277 /**
278  * tipc_node_crypto_rx - Retrieve crypto RX handle from node
279  * @__n: target tipc_node
280  * Note: node ref counter must be held first!
281  */
tipc_node_crypto_rx(struct tipc_node * __n)282 struct tipc_crypto *tipc_node_crypto_rx(struct tipc_node *__n)
283 {
284 	return (__n) ? __n->crypto_rx : NULL;
285 }
286 
tipc_node_crypto_rx_by_list(struct list_head * pos)287 struct tipc_crypto *tipc_node_crypto_rx_by_list(struct list_head *pos)
288 {
289 	return container_of(pos, struct tipc_node, list)->crypto_rx;
290 }
291 
tipc_node_crypto_rx_by_addr(struct net * net,u32 addr)292 struct tipc_crypto *tipc_node_crypto_rx_by_addr(struct net *net, u32 addr)
293 {
294 	struct tipc_node *n;
295 
296 	n = tipc_node_find(net, addr);
297 	return (n) ? n->crypto_rx : NULL;
298 }
299 #endif
300 
tipc_node_free(struct rcu_head * rp)301 static void tipc_node_free(struct rcu_head *rp)
302 {
303 	struct tipc_node *n = container_of(rp, struct tipc_node, rcu);
304 
305 #ifdef CONFIG_TIPC_CRYPTO
306 	tipc_crypto_stop(&n->crypto_rx);
307 #endif
308 	kfree(n);
309 }
310 
tipc_node_kref_release(struct kref * kref)311 static void tipc_node_kref_release(struct kref *kref)
312 {
313 	struct tipc_node *n = container_of(kref, struct tipc_node, kref);
314 
315 	kfree(n->bc_entry.link);
316 	call_rcu(&n->rcu, tipc_node_free);
317 }
318 
tipc_node_put(struct tipc_node * node)319 void tipc_node_put(struct tipc_node *node)
320 {
321 	kref_put(&node->kref, tipc_node_kref_release);
322 }
323 
tipc_node_get(struct tipc_node * node)324 void tipc_node_get(struct tipc_node *node)
325 {
326 	kref_get(&node->kref);
327 }
328 
329 /*
330  * tipc_node_find - locate specified node object, if it exists
331  */
tipc_node_find(struct net * net,u32 addr)332 static struct tipc_node *tipc_node_find(struct net *net, u32 addr)
333 {
334 	struct tipc_net *tn = tipc_net(net);
335 	struct tipc_node *node;
336 	unsigned int thash = tipc_hashfn(addr);
337 
338 	rcu_read_lock();
339 	hlist_for_each_entry_rcu(node, &tn->node_htable[thash], hash) {
340 		if (node->addr != addr || node->preliminary)
341 			continue;
342 		if (!kref_get_unless_zero(&node->kref))
343 			node = NULL;
344 		break;
345 	}
346 	rcu_read_unlock();
347 	return node;
348 }
349 
350 /* tipc_node_find_by_id - locate specified node object by its 128-bit id
351  * Note: this function is called only when a discovery request failed
352  * to find the node by its 32-bit id, and is not time critical
353  */
tipc_node_find_by_id(struct net * net,u8 * id)354 static struct tipc_node *tipc_node_find_by_id(struct net *net, u8 *id)
355 {
356 	struct tipc_net *tn = tipc_net(net);
357 	struct tipc_node *n;
358 	bool found = false;
359 
360 	rcu_read_lock();
361 	list_for_each_entry_rcu(n, &tn->node_list, list) {
362 		read_lock_bh(&n->lock);
363 		if (!memcmp(id, n->peer_id, 16) &&
364 		    kref_get_unless_zero(&n->kref))
365 			found = true;
366 		read_unlock_bh(&n->lock);
367 		if (found)
368 			break;
369 	}
370 	rcu_read_unlock();
371 	return found ? n : NULL;
372 }
373 
tipc_node_read_lock(struct tipc_node * n)374 static void tipc_node_read_lock(struct tipc_node *n)
375 	__acquires(n->lock)
376 {
377 	read_lock_bh(&n->lock);
378 }
379 
tipc_node_read_unlock(struct tipc_node * n)380 static void tipc_node_read_unlock(struct tipc_node *n)
381 	__releases(n->lock)
382 {
383 	read_unlock_bh(&n->lock);
384 }
385 
tipc_node_write_lock(struct tipc_node * n)386 static void tipc_node_write_lock(struct tipc_node *n)
387 	__acquires(n->lock)
388 {
389 	write_lock_bh(&n->lock);
390 }
391 
tipc_node_write_unlock_fast(struct tipc_node * n)392 static void tipc_node_write_unlock_fast(struct tipc_node *n)
393 	__releases(n->lock)
394 {
395 	write_unlock_bh(&n->lock);
396 }
397 
tipc_node_write_unlock(struct tipc_node * n)398 static void tipc_node_write_unlock(struct tipc_node *n)
399 	__releases(n->lock)
400 {
401 	struct tipc_socket_addr sk;
402 	struct net *net = n->net;
403 	u32 flags = n->action_flags;
404 	struct list_head *publ_list;
405 	struct tipc_uaddr ua;
406 	u32 bearer_id, node;
407 
408 	if (likely(!flags)) {
409 		write_unlock_bh(&n->lock);
410 		return;
411 	}
412 
413 	tipc_uaddr(&ua, TIPC_SERVICE_RANGE, TIPC_NODE_SCOPE,
414 		   TIPC_LINK_STATE, n->addr, n->addr);
415 	sk.ref = n->link_id;
416 	sk.node = tipc_own_addr(net);
417 	node = n->addr;
418 	bearer_id = n->link_id & 0xffff;
419 	publ_list = &n->publ_list;
420 
421 	n->action_flags &= ~(TIPC_NOTIFY_NODE_DOWN | TIPC_NOTIFY_NODE_UP |
422 			     TIPC_NOTIFY_LINK_DOWN | TIPC_NOTIFY_LINK_UP);
423 
424 	write_unlock_bh(&n->lock);
425 
426 	if (flags & TIPC_NOTIFY_NODE_DOWN)
427 		tipc_publ_notify(net, publ_list, node, n->capabilities);
428 
429 	if (flags & TIPC_NOTIFY_NODE_UP)
430 		tipc_named_node_up(net, node, n->capabilities);
431 
432 	if (flags & TIPC_NOTIFY_LINK_UP) {
433 		tipc_mon_peer_up(net, node, bearer_id);
434 		tipc_nametbl_publish(net, &ua, &sk, sk.ref);
435 	}
436 	if (flags & TIPC_NOTIFY_LINK_DOWN) {
437 		tipc_mon_peer_down(net, node, bearer_id);
438 		tipc_nametbl_withdraw(net, &ua, &sk, sk.ref);
439 	}
440 }
441 
tipc_node_assign_peer_net(struct tipc_node * n,u32 hash_mixes)442 static void tipc_node_assign_peer_net(struct tipc_node *n, u32 hash_mixes)
443 {
444 	int net_id = tipc_netid(n->net);
445 	struct tipc_net *tn_peer;
446 	struct net *tmp;
447 	u32 hash_chk;
448 
449 	if (n->peer_net)
450 		return;
451 
452 	for_each_net_rcu(tmp) {
453 		tn_peer = tipc_net(tmp);
454 		if (!tn_peer)
455 			continue;
456 		/* Integrity checking whether node exists in namespace or not */
457 		if (tn_peer->net_id != net_id)
458 			continue;
459 		if (memcmp(n->peer_id, tn_peer->node_id, NODE_ID_LEN))
460 			continue;
461 		hash_chk = tipc_net_hash_mixes(tmp, tn_peer->random);
462 		if (hash_mixes ^ hash_chk)
463 			continue;
464 		n->peer_net = tmp;
465 		n->peer_hash_mix = hash_mixes;
466 		break;
467 	}
468 }
469 
tipc_node_create(struct net * net,u32 addr,u8 * peer_id,u16 capabilities,u32 hash_mixes,bool preliminary)470 struct tipc_node *tipc_node_create(struct net *net, u32 addr, u8 *peer_id,
471 				   u16 capabilities, u32 hash_mixes,
472 				   bool preliminary)
473 {
474 	struct tipc_net *tn = net_generic(net, tipc_net_id);
475 	struct tipc_link *l, *snd_l = tipc_bc_sndlink(net);
476 	struct tipc_node *n, *temp_node;
477 	unsigned long intv;
478 	int bearer_id;
479 	int i;
480 
481 	spin_lock_bh(&tn->node_list_lock);
482 	n = tipc_node_find(net, addr) ?:
483 		tipc_node_find_by_id(net, peer_id);
484 	if (n) {
485 		if (!n->preliminary)
486 			goto update;
487 		if (preliminary)
488 			goto exit;
489 		/* A preliminary node becomes "real" now, refresh its data */
490 		tipc_node_write_lock(n);
491 		if (!tipc_link_bc_create(net, tipc_own_addr(net), addr, peer_id, U16_MAX,
492 					 tipc_link_min_win(snd_l), tipc_link_max_win(snd_l),
493 					 n->capabilities, &n->bc_entry.inputq1,
494 					 &n->bc_entry.namedq, snd_l, &n->bc_entry.link)) {
495 			pr_warn("Broadcast rcv link refresh failed, no memory\n");
496 			tipc_node_write_unlock_fast(n);
497 			tipc_node_put(n);
498 			n = NULL;
499 			goto exit;
500 		}
501 		n->preliminary = false;
502 		n->addr = addr;
503 		hlist_del_rcu(&n->hash);
504 		hlist_add_head_rcu(&n->hash,
505 				   &tn->node_htable[tipc_hashfn(addr)]);
506 		list_del_rcu(&n->list);
507 		list_for_each_entry_rcu(temp_node, &tn->node_list, list) {
508 			if (n->addr < temp_node->addr)
509 				break;
510 		}
511 		list_add_tail_rcu(&n->list, &temp_node->list);
512 		tipc_node_write_unlock_fast(n);
513 
514 update:
515 		if (n->peer_hash_mix ^ hash_mixes)
516 			tipc_node_assign_peer_net(n, hash_mixes);
517 		if (n->capabilities == capabilities)
518 			goto exit;
519 		/* Same node may come back with new capabilities */
520 		tipc_node_write_lock(n);
521 		n->capabilities = capabilities;
522 		for (bearer_id = 0; bearer_id < MAX_BEARERS; bearer_id++) {
523 			l = n->links[bearer_id].link;
524 			if (l)
525 				tipc_link_update_caps(l, capabilities);
526 		}
527 		tipc_node_write_unlock_fast(n);
528 
529 		/* Calculate cluster capabilities */
530 		tn->capabilities = TIPC_NODE_CAPABILITIES;
531 		list_for_each_entry_rcu(temp_node, &tn->node_list, list) {
532 			tn->capabilities &= temp_node->capabilities;
533 		}
534 
535 		tipc_bcast_toggle_rcast(net,
536 					(tn->capabilities & TIPC_BCAST_RCAST));
537 
538 		goto exit;
539 	}
540 	n = kzalloc(sizeof(*n), GFP_ATOMIC);
541 	if (!n) {
542 		pr_warn("Node creation failed, no memory\n");
543 		goto exit;
544 	}
545 	tipc_nodeid2string(n->peer_id_string, peer_id);
546 #ifdef CONFIG_TIPC_CRYPTO
547 	if (unlikely(tipc_crypto_start(&n->crypto_rx, net, n))) {
548 		pr_warn("Failed to start crypto RX(%s)!\n", n->peer_id_string);
549 		kfree(n);
550 		n = NULL;
551 		goto exit;
552 	}
553 #endif
554 	n->addr = addr;
555 	n->preliminary = preliminary;
556 	memcpy(&n->peer_id, peer_id, 16);
557 	n->net = net;
558 	n->peer_net = NULL;
559 	n->peer_hash_mix = 0;
560 	/* Assign kernel local namespace if exists */
561 	tipc_node_assign_peer_net(n, hash_mixes);
562 	n->capabilities = capabilities;
563 	kref_init(&n->kref);
564 	rwlock_init(&n->lock);
565 	INIT_HLIST_NODE(&n->hash);
566 	INIT_LIST_HEAD(&n->list);
567 	INIT_LIST_HEAD(&n->publ_list);
568 	INIT_LIST_HEAD(&n->conn_sks);
569 	skb_queue_head_init(&n->bc_entry.namedq);
570 	skb_queue_head_init(&n->bc_entry.inputq1);
571 	__skb_queue_head_init(&n->bc_entry.arrvq);
572 	skb_queue_head_init(&n->bc_entry.inputq2);
573 	for (i = 0; i < MAX_BEARERS; i++)
574 		spin_lock_init(&n->links[i].lock);
575 	n->state = SELF_DOWN_PEER_LEAVING;
576 	n->delete_at = jiffies + msecs_to_jiffies(NODE_CLEANUP_AFTER);
577 	n->signature = INVALID_NODE_SIG;
578 	n->active_links[0] = INVALID_BEARER_ID;
579 	n->active_links[1] = INVALID_BEARER_ID;
580 	if (!preliminary &&
581 	    !tipc_link_bc_create(net, tipc_own_addr(net), addr, peer_id, U16_MAX,
582 				 tipc_link_min_win(snd_l), tipc_link_max_win(snd_l),
583 				 n->capabilities, &n->bc_entry.inputq1,
584 				 &n->bc_entry.namedq, snd_l, &n->bc_entry.link)) {
585 		pr_warn("Broadcast rcv link creation failed, no memory\n");
586 		kfree(n);
587 		n = NULL;
588 		goto exit;
589 	}
590 	tipc_node_get(n);
591 	timer_setup(&n->timer, tipc_node_timeout, 0);
592 	/* Start a slow timer anyway, crypto needs it */
593 	n->keepalive_intv = 10000;
594 	intv = jiffies + msecs_to_jiffies(n->keepalive_intv);
595 	if (!mod_timer(&n->timer, intv))
596 		tipc_node_get(n);
597 	hlist_add_head_rcu(&n->hash, &tn->node_htable[tipc_hashfn(addr)]);
598 	list_for_each_entry_rcu(temp_node, &tn->node_list, list) {
599 		if (n->addr < temp_node->addr)
600 			break;
601 	}
602 	list_add_tail_rcu(&n->list, &temp_node->list);
603 	/* Calculate cluster capabilities */
604 	tn->capabilities = TIPC_NODE_CAPABILITIES;
605 	list_for_each_entry_rcu(temp_node, &tn->node_list, list) {
606 		tn->capabilities &= temp_node->capabilities;
607 	}
608 	tipc_bcast_toggle_rcast(net, (tn->capabilities & TIPC_BCAST_RCAST));
609 	trace_tipc_node_create(n, true, " ");
610 exit:
611 	spin_unlock_bh(&tn->node_list_lock);
612 	return n;
613 }
614 
tipc_node_calculate_timer(struct tipc_node * n,struct tipc_link * l)615 static void tipc_node_calculate_timer(struct tipc_node *n, struct tipc_link *l)
616 {
617 	unsigned long tol = tipc_link_tolerance(l);
618 	unsigned long intv = ((tol / 4) > 500) ? 500 : tol / 4;
619 
620 	/* Link with lowest tolerance determines timer interval */
621 	if (intv < n->keepalive_intv)
622 		n->keepalive_intv = intv;
623 
624 	/* Ensure link's abort limit corresponds to current tolerance */
625 	tipc_link_set_abort_limit(l, tol / n->keepalive_intv);
626 }
627 
tipc_node_delete_from_list(struct tipc_node * node)628 static void tipc_node_delete_from_list(struct tipc_node *node)
629 {
630 #ifdef CONFIG_TIPC_CRYPTO
631 	tipc_crypto_key_flush(node->crypto_rx);
632 #endif
633 	list_del_rcu(&node->list);
634 	hlist_del_rcu(&node->hash);
635 	tipc_node_put(node);
636 }
637 
tipc_node_delete(struct tipc_node * node)638 static void tipc_node_delete(struct tipc_node *node)
639 {
640 	trace_tipc_node_delete(node, true, " ");
641 	tipc_node_delete_from_list(node);
642 
643 	del_timer_sync(&node->timer);
644 	tipc_node_put(node);
645 }
646 
tipc_node_stop(struct net * net)647 void tipc_node_stop(struct net *net)
648 {
649 	struct tipc_net *tn = tipc_net(net);
650 	struct tipc_node *node, *t_node;
651 
652 	spin_lock_bh(&tn->node_list_lock);
653 	list_for_each_entry_safe(node, t_node, &tn->node_list, list)
654 		tipc_node_delete(node);
655 	spin_unlock_bh(&tn->node_list_lock);
656 }
657 
tipc_node_subscribe(struct net * net,struct list_head * subscr,u32 addr)658 void tipc_node_subscribe(struct net *net, struct list_head *subscr, u32 addr)
659 {
660 	struct tipc_node *n;
661 
662 	if (in_own_node(net, addr))
663 		return;
664 
665 	n = tipc_node_find(net, addr);
666 	if (!n) {
667 		pr_warn("Node subscribe rejected, unknown node 0x%x\n", addr);
668 		return;
669 	}
670 	tipc_node_write_lock(n);
671 	list_add_tail(subscr, &n->publ_list);
672 	tipc_node_write_unlock_fast(n);
673 	tipc_node_put(n);
674 }
675 
tipc_node_unsubscribe(struct net * net,struct list_head * subscr,u32 addr)676 void tipc_node_unsubscribe(struct net *net, struct list_head *subscr, u32 addr)
677 {
678 	struct tipc_node *n;
679 
680 	if (in_own_node(net, addr))
681 		return;
682 
683 	n = tipc_node_find(net, addr);
684 	if (!n) {
685 		pr_warn("Node unsubscribe rejected, unknown node 0x%x\n", addr);
686 		return;
687 	}
688 	tipc_node_write_lock(n);
689 	list_del_init(subscr);
690 	tipc_node_write_unlock_fast(n);
691 	tipc_node_put(n);
692 }
693 
tipc_node_add_conn(struct net * net,u32 dnode,u32 port,u32 peer_port)694 int tipc_node_add_conn(struct net *net, u32 dnode, u32 port, u32 peer_port)
695 {
696 	struct tipc_node *node;
697 	struct tipc_sock_conn *conn;
698 	int err = 0;
699 
700 	if (in_own_node(net, dnode))
701 		return 0;
702 
703 	node = tipc_node_find(net, dnode);
704 	if (!node) {
705 		pr_warn("Connecting sock to node 0x%x failed\n", dnode);
706 		return -EHOSTUNREACH;
707 	}
708 	conn = kmalloc(sizeof(*conn), GFP_ATOMIC);
709 	if (!conn) {
710 		err = -EHOSTUNREACH;
711 		goto exit;
712 	}
713 	conn->peer_node = dnode;
714 	conn->port = port;
715 	conn->peer_port = peer_port;
716 
717 	tipc_node_write_lock(node);
718 	list_add_tail(&conn->list, &node->conn_sks);
719 	tipc_node_write_unlock(node);
720 exit:
721 	tipc_node_put(node);
722 	return err;
723 }
724 
tipc_node_remove_conn(struct net * net,u32 dnode,u32 port)725 void tipc_node_remove_conn(struct net *net, u32 dnode, u32 port)
726 {
727 	struct tipc_node *node;
728 	struct tipc_sock_conn *conn, *safe;
729 
730 	if (in_own_node(net, dnode))
731 		return;
732 
733 	node = tipc_node_find(net, dnode);
734 	if (!node)
735 		return;
736 
737 	tipc_node_write_lock(node);
738 	list_for_each_entry_safe(conn, safe, &node->conn_sks, list) {
739 		if (port != conn->port)
740 			continue;
741 		list_del(&conn->list);
742 		kfree(conn);
743 	}
744 	tipc_node_write_unlock(node);
745 	tipc_node_put(node);
746 }
747 
tipc_node_clear_links(struct tipc_node * node)748 static void  tipc_node_clear_links(struct tipc_node *node)
749 {
750 	int i;
751 
752 	for (i = 0; i < MAX_BEARERS; i++) {
753 		struct tipc_link_entry *le = &node->links[i];
754 
755 		if (le->link) {
756 			kfree(le->link);
757 			le->link = NULL;
758 			node->link_cnt--;
759 		}
760 	}
761 }
762 
763 /* tipc_node_cleanup - delete nodes that does not
764  * have active links for NODE_CLEANUP_AFTER time
765  */
tipc_node_cleanup(struct tipc_node * peer)766 static bool tipc_node_cleanup(struct tipc_node *peer)
767 {
768 	struct tipc_node *temp_node;
769 	struct tipc_net *tn = tipc_net(peer->net);
770 	bool deleted = false;
771 
772 	/* If lock held by tipc_node_stop() the node will be deleted anyway */
773 	if (!spin_trylock_bh(&tn->node_list_lock))
774 		return false;
775 
776 	tipc_node_write_lock(peer);
777 
778 	if (!node_is_up(peer) && time_after(jiffies, peer->delete_at)) {
779 		tipc_node_clear_links(peer);
780 		tipc_node_delete_from_list(peer);
781 		deleted = true;
782 	}
783 	tipc_node_write_unlock(peer);
784 
785 	if (!deleted) {
786 		spin_unlock_bh(&tn->node_list_lock);
787 		return deleted;
788 	}
789 
790 	/* Calculate cluster capabilities */
791 	tn->capabilities = TIPC_NODE_CAPABILITIES;
792 	list_for_each_entry_rcu(temp_node, &tn->node_list, list) {
793 		tn->capabilities &= temp_node->capabilities;
794 	}
795 	tipc_bcast_toggle_rcast(peer->net,
796 				(tn->capabilities & TIPC_BCAST_RCAST));
797 	spin_unlock_bh(&tn->node_list_lock);
798 	return deleted;
799 }
800 
801 /* tipc_node_timeout - handle expiration of node timer
802  */
tipc_node_timeout(struct timer_list * t)803 static void tipc_node_timeout(struct timer_list *t)
804 {
805 	struct tipc_node *n = from_timer(n, t, timer);
806 	struct tipc_link_entry *le;
807 	struct sk_buff_head xmitq;
808 	int remains = n->link_cnt;
809 	int bearer_id;
810 	int rc = 0;
811 
812 	trace_tipc_node_timeout(n, false, " ");
813 	if (!node_is_up(n) && tipc_node_cleanup(n)) {
814 		/*Removing the reference of Timer*/
815 		tipc_node_put(n);
816 		return;
817 	}
818 
819 #ifdef CONFIG_TIPC_CRYPTO
820 	/* Take any crypto key related actions first */
821 	tipc_crypto_timeout(n->crypto_rx);
822 #endif
823 	__skb_queue_head_init(&xmitq);
824 
825 	/* Initial node interval to value larger (10 seconds), then it will be
826 	 * recalculated with link lowest tolerance
827 	 */
828 	tipc_node_read_lock(n);
829 	n->keepalive_intv = 10000;
830 	tipc_node_read_unlock(n);
831 	for (bearer_id = 0; remains && (bearer_id < MAX_BEARERS); bearer_id++) {
832 		tipc_node_read_lock(n);
833 		le = &n->links[bearer_id];
834 		if (le->link) {
835 			spin_lock_bh(&le->lock);
836 			/* Link tolerance may change asynchronously: */
837 			tipc_node_calculate_timer(n, le->link);
838 			rc = tipc_link_timeout(le->link, &xmitq);
839 			spin_unlock_bh(&le->lock);
840 			remains--;
841 		}
842 		tipc_node_read_unlock(n);
843 		tipc_bearer_xmit(n->net, bearer_id, &xmitq, &le->maddr, n);
844 		if (rc & TIPC_LINK_DOWN_EVT)
845 			tipc_node_link_down(n, bearer_id, false);
846 	}
847 	mod_timer(&n->timer, jiffies + msecs_to_jiffies(n->keepalive_intv));
848 }
849 
850 /**
851  * __tipc_node_link_up - handle addition of link
852  * @n: target tipc_node
853  * @bearer_id: id of the bearer
854  * @xmitq: queue for messages to be xmited on
855  * Node lock must be held by caller
856  * Link becomes active (alone or shared) or standby, depending on its priority.
857  */
__tipc_node_link_up(struct tipc_node * n,int bearer_id,struct sk_buff_head * xmitq)858 static void __tipc_node_link_up(struct tipc_node *n, int bearer_id,
859 				struct sk_buff_head *xmitq)
860 {
861 	int *slot0 = &n->active_links[0];
862 	int *slot1 = &n->active_links[1];
863 	struct tipc_link *ol = node_active_link(n, 0);
864 	struct tipc_link *nl = n->links[bearer_id].link;
865 
866 	if (!nl || tipc_link_is_up(nl))
867 		return;
868 
869 	tipc_link_fsm_evt(nl, LINK_ESTABLISH_EVT);
870 	if (!tipc_link_is_up(nl))
871 		return;
872 
873 	n->working_links++;
874 	n->action_flags |= TIPC_NOTIFY_LINK_UP;
875 	n->link_id = tipc_link_id(nl);
876 
877 	/* Leave room for tunnel header when returning 'mtu' to users: */
878 	n->links[bearer_id].mtu = tipc_link_mss(nl);
879 
880 	tipc_bearer_add_dest(n->net, bearer_id, n->addr);
881 	tipc_bcast_inc_bearer_dst_cnt(n->net, bearer_id);
882 
883 	pr_debug("Established link <%s> on network plane %c\n",
884 		 tipc_link_name(nl), tipc_link_plane(nl));
885 	trace_tipc_node_link_up(n, true, " ");
886 
887 	/* Ensure that a STATE message goes first */
888 	tipc_link_build_state_msg(nl, xmitq);
889 
890 	/* First link? => give it both slots */
891 	if (!ol) {
892 		*slot0 = bearer_id;
893 		*slot1 = bearer_id;
894 		tipc_node_fsm_evt(n, SELF_ESTABL_CONTACT_EVT);
895 		n->action_flags |= TIPC_NOTIFY_NODE_UP;
896 		tipc_link_set_active(nl, true);
897 		tipc_bcast_add_peer(n->net, nl, xmitq);
898 		return;
899 	}
900 
901 	/* Second link => redistribute slots */
902 	if (tipc_link_prio(nl) > tipc_link_prio(ol)) {
903 		pr_debug("Old link <%s> becomes standby\n", tipc_link_name(ol));
904 		*slot0 = bearer_id;
905 		*slot1 = bearer_id;
906 		tipc_link_set_active(nl, true);
907 		tipc_link_set_active(ol, false);
908 	} else if (tipc_link_prio(nl) == tipc_link_prio(ol)) {
909 		tipc_link_set_active(nl, true);
910 		*slot1 = bearer_id;
911 	} else {
912 		pr_debug("New link <%s> is standby\n", tipc_link_name(nl));
913 	}
914 
915 	/* Prepare synchronization with first link */
916 	tipc_link_tnl_prepare(ol, nl, SYNCH_MSG, xmitq);
917 }
918 
919 /**
920  * tipc_node_link_up - handle addition of link
921  * @n: target tipc_node
922  * @bearer_id: id of the bearer
923  * @xmitq: queue for messages to be xmited on
924  *
925  * Link becomes active (alone or shared) or standby, depending on its priority.
926  */
tipc_node_link_up(struct tipc_node * n,int bearer_id,struct sk_buff_head * xmitq)927 static void tipc_node_link_up(struct tipc_node *n, int bearer_id,
928 			      struct sk_buff_head *xmitq)
929 {
930 	struct tipc_media_addr *maddr;
931 
932 	tipc_node_write_lock(n);
933 	__tipc_node_link_up(n, bearer_id, xmitq);
934 	maddr = &n->links[bearer_id].maddr;
935 	tipc_bearer_xmit(n->net, bearer_id, xmitq, maddr, n);
936 	tipc_node_write_unlock(n);
937 }
938 
939 /**
940  * tipc_node_link_failover() - start failover in case "half-failover"
941  *
942  * This function is only called in a very special situation where link
943  * failover can be already started on peer node but not on this node.
944  * This can happen when e.g.::
945  *
946  *	1. Both links <1A-2A>, <1B-2B> down
947  *	2. Link endpoint 2A up, but 1A still down (e.g. due to network
948  *	disturbance, wrong session, etc.)
949  *	3. Link <1B-2B> up
950  *	4. Link endpoint 2A down (e.g. due to link tolerance timeout)
951  *	5. Node 2 starts failover onto link <1B-2B>
952  *
953  *	==> Node 1 does never start link/node failover!
954  *
955  * @n: tipc node structure
956  * @l: link peer endpoint failingover (- can be NULL)
957  * @tnl: tunnel link
958  * @xmitq: queue for messages to be xmited on tnl link later
959  */
tipc_node_link_failover(struct tipc_node * n,struct tipc_link * l,struct tipc_link * tnl,struct sk_buff_head * xmitq)960 static void tipc_node_link_failover(struct tipc_node *n, struct tipc_link *l,
961 				    struct tipc_link *tnl,
962 				    struct sk_buff_head *xmitq)
963 {
964 	/* Avoid to be "self-failover" that can never end */
965 	if (!tipc_link_is_up(tnl))
966 		return;
967 
968 	/* Don't rush, failure link may be in the process of resetting */
969 	if (l && !tipc_link_is_reset(l))
970 		return;
971 
972 	tipc_link_fsm_evt(tnl, LINK_SYNCH_END_EVT);
973 	tipc_node_fsm_evt(n, NODE_SYNCH_END_EVT);
974 
975 	n->sync_point = tipc_link_rcv_nxt(tnl) + (U16_MAX / 2 - 1);
976 	tipc_link_failover_prepare(l, tnl, xmitq);
977 
978 	if (l)
979 		tipc_link_fsm_evt(l, LINK_FAILOVER_BEGIN_EVT);
980 	tipc_node_fsm_evt(n, NODE_FAILOVER_BEGIN_EVT);
981 }
982 
983 /**
984  * __tipc_node_link_down - handle loss of link
985  * @n: target tipc_node
986  * @bearer_id: id of the bearer
987  * @xmitq: queue for messages to be xmited on
988  * @maddr: output media address of the bearer
989  */
__tipc_node_link_down(struct tipc_node * n,int * bearer_id,struct sk_buff_head * xmitq,struct tipc_media_addr ** maddr)990 static void __tipc_node_link_down(struct tipc_node *n, int *bearer_id,
991 				  struct sk_buff_head *xmitq,
992 				  struct tipc_media_addr **maddr)
993 {
994 	struct tipc_link_entry *le = &n->links[*bearer_id];
995 	int *slot0 = &n->active_links[0];
996 	int *slot1 = &n->active_links[1];
997 	int i, highest = 0, prio;
998 	struct tipc_link *l, *_l, *tnl;
999 
1000 	l = n->links[*bearer_id].link;
1001 	if (!l || tipc_link_is_reset(l))
1002 		return;
1003 
1004 	n->working_links--;
1005 	n->action_flags |= TIPC_NOTIFY_LINK_DOWN;
1006 	n->link_id = tipc_link_id(l);
1007 
1008 	tipc_bearer_remove_dest(n->net, *bearer_id, n->addr);
1009 
1010 	pr_debug("Lost link <%s> on network plane %c\n",
1011 		 tipc_link_name(l), tipc_link_plane(l));
1012 
1013 	/* Select new active link if any available */
1014 	*slot0 = INVALID_BEARER_ID;
1015 	*slot1 = INVALID_BEARER_ID;
1016 	for (i = 0; i < MAX_BEARERS; i++) {
1017 		_l = n->links[i].link;
1018 		if (!_l || !tipc_link_is_up(_l))
1019 			continue;
1020 		if (_l == l)
1021 			continue;
1022 		prio = tipc_link_prio(_l);
1023 		if (prio < highest)
1024 			continue;
1025 		if (prio > highest) {
1026 			highest = prio;
1027 			*slot0 = i;
1028 			*slot1 = i;
1029 			continue;
1030 		}
1031 		*slot1 = i;
1032 	}
1033 
1034 	if (!node_is_up(n)) {
1035 		if (tipc_link_peer_is_down(l))
1036 			tipc_node_fsm_evt(n, PEER_LOST_CONTACT_EVT);
1037 		tipc_node_fsm_evt(n, SELF_LOST_CONTACT_EVT);
1038 		trace_tipc_link_reset(l, TIPC_DUMP_ALL, "link down!");
1039 		tipc_link_fsm_evt(l, LINK_RESET_EVT);
1040 		tipc_link_reset(l);
1041 		tipc_link_build_reset_msg(l, xmitq);
1042 		*maddr = &n->links[*bearer_id].maddr;
1043 		node_lost_contact(n, &le->inputq);
1044 		tipc_bcast_dec_bearer_dst_cnt(n->net, *bearer_id);
1045 		return;
1046 	}
1047 	tipc_bcast_dec_bearer_dst_cnt(n->net, *bearer_id);
1048 
1049 	/* There is still a working link => initiate failover */
1050 	*bearer_id = n->active_links[0];
1051 	tnl = n->links[*bearer_id].link;
1052 	tipc_link_fsm_evt(tnl, LINK_SYNCH_END_EVT);
1053 	tipc_node_fsm_evt(n, NODE_SYNCH_END_EVT);
1054 	n->sync_point = tipc_link_rcv_nxt(tnl) + (U16_MAX / 2 - 1);
1055 	tipc_link_tnl_prepare(l, tnl, FAILOVER_MSG, xmitq);
1056 	trace_tipc_link_reset(l, TIPC_DUMP_ALL, "link down -> failover!");
1057 	tipc_link_reset(l);
1058 	tipc_link_fsm_evt(l, LINK_RESET_EVT);
1059 	tipc_link_fsm_evt(l, LINK_FAILOVER_BEGIN_EVT);
1060 	tipc_node_fsm_evt(n, NODE_FAILOVER_BEGIN_EVT);
1061 	*maddr = &n->links[*bearer_id].maddr;
1062 }
1063 
tipc_node_link_down(struct tipc_node * n,int bearer_id,bool delete)1064 static void tipc_node_link_down(struct tipc_node *n, int bearer_id, bool delete)
1065 {
1066 	struct tipc_link_entry *le = &n->links[bearer_id];
1067 	struct tipc_media_addr *maddr = NULL;
1068 	struct tipc_link *l = le->link;
1069 	int old_bearer_id = bearer_id;
1070 	struct sk_buff_head xmitq;
1071 
1072 	if (!l)
1073 		return;
1074 
1075 	__skb_queue_head_init(&xmitq);
1076 
1077 	tipc_node_write_lock(n);
1078 	if (!tipc_link_is_establishing(l)) {
1079 		__tipc_node_link_down(n, &bearer_id, &xmitq, &maddr);
1080 	} else {
1081 		/* Defuse pending tipc_node_link_up() */
1082 		tipc_link_reset(l);
1083 		tipc_link_fsm_evt(l, LINK_RESET_EVT);
1084 	}
1085 	if (delete) {
1086 		kfree(l);
1087 		le->link = NULL;
1088 		n->link_cnt--;
1089 	}
1090 	trace_tipc_node_link_down(n, true, "node link down or deleted!");
1091 	tipc_node_write_unlock(n);
1092 	if (delete)
1093 		tipc_mon_remove_peer(n->net, n->addr, old_bearer_id);
1094 	if (!skb_queue_empty(&xmitq))
1095 		tipc_bearer_xmit(n->net, bearer_id, &xmitq, maddr, n);
1096 	tipc_sk_rcv(n->net, &le->inputq);
1097 }
1098 
node_is_up(struct tipc_node * n)1099 static bool node_is_up(struct tipc_node *n)
1100 {
1101 	return n->active_links[0] != INVALID_BEARER_ID;
1102 }
1103 
tipc_node_is_up(struct net * net,u32 addr)1104 bool tipc_node_is_up(struct net *net, u32 addr)
1105 {
1106 	struct tipc_node *n;
1107 	bool retval = false;
1108 
1109 	if (in_own_node(net, addr))
1110 		return true;
1111 
1112 	n = tipc_node_find(net, addr);
1113 	if (!n)
1114 		return false;
1115 	retval = node_is_up(n);
1116 	tipc_node_put(n);
1117 	return retval;
1118 }
1119 
tipc_node_suggest_addr(struct net * net,u32 addr)1120 static u32 tipc_node_suggest_addr(struct net *net, u32 addr)
1121 {
1122 	struct tipc_node *n;
1123 
1124 	addr ^= tipc_net(net)->random;
1125 	while ((n = tipc_node_find(net, addr))) {
1126 		tipc_node_put(n);
1127 		addr++;
1128 	}
1129 	return addr;
1130 }
1131 
1132 /* tipc_node_try_addr(): Check if addr can be used by peer, suggest other if not
1133  * Returns suggested address if any, otherwise 0
1134  */
tipc_node_try_addr(struct net * net,u8 * id,u32 addr)1135 u32 tipc_node_try_addr(struct net *net, u8 *id, u32 addr)
1136 {
1137 	struct tipc_net *tn = tipc_net(net);
1138 	struct tipc_node *n;
1139 	bool preliminary;
1140 	u32 sugg_addr;
1141 
1142 	/* Suggest new address if some other peer is using this one */
1143 	n = tipc_node_find(net, addr);
1144 	if (n) {
1145 		if (!memcmp(n->peer_id, id, NODE_ID_LEN))
1146 			addr = 0;
1147 		tipc_node_put(n);
1148 		if (!addr)
1149 			return 0;
1150 		return tipc_node_suggest_addr(net, addr);
1151 	}
1152 
1153 	/* Suggest previously used address if peer is known */
1154 	n = tipc_node_find_by_id(net, id);
1155 	if (n) {
1156 		sugg_addr = n->addr;
1157 		preliminary = n->preliminary;
1158 		tipc_node_put(n);
1159 		if (!preliminary)
1160 			return sugg_addr;
1161 	}
1162 
1163 	/* Even this node may be in conflict */
1164 	if (tn->trial_addr == addr)
1165 		return tipc_node_suggest_addr(net, addr);
1166 
1167 	return 0;
1168 }
1169 
tipc_node_check_dest(struct net * net,u32 addr,u8 * peer_id,struct tipc_bearer * b,u16 capabilities,u32 signature,u32 hash_mixes,struct tipc_media_addr * maddr,bool * respond,bool * dupl_addr)1170 void tipc_node_check_dest(struct net *net, u32 addr,
1171 			  u8 *peer_id, struct tipc_bearer *b,
1172 			  u16 capabilities, u32 signature, u32 hash_mixes,
1173 			  struct tipc_media_addr *maddr,
1174 			  bool *respond, bool *dupl_addr)
1175 {
1176 	struct tipc_node *n;
1177 	struct tipc_link *l;
1178 	struct tipc_link_entry *le;
1179 	bool addr_match = false;
1180 	bool sign_match = false;
1181 	bool link_up = false;
1182 	bool accept_addr = false;
1183 	bool reset = true;
1184 	char *if_name;
1185 	unsigned long intv;
1186 	u16 session;
1187 
1188 	*dupl_addr = false;
1189 	*respond = false;
1190 
1191 	n = tipc_node_create(net, addr, peer_id, capabilities, hash_mixes,
1192 			     false);
1193 	if (!n)
1194 		return;
1195 
1196 	tipc_node_write_lock(n);
1197 
1198 	le = &n->links[b->identity];
1199 
1200 	/* Prepare to validate requesting node's signature and media address */
1201 	l = le->link;
1202 	link_up = l && tipc_link_is_up(l);
1203 	addr_match = l && !memcmp(&le->maddr, maddr, sizeof(*maddr));
1204 	sign_match = (signature == n->signature);
1205 
1206 	/* These three flags give us eight permutations: */
1207 
1208 	if (sign_match && addr_match && link_up) {
1209 		/* All is fine. Do nothing. */
1210 		reset = false;
1211 		/* Peer node is not a container/local namespace */
1212 		if (!n->peer_hash_mix)
1213 			n->peer_hash_mix = hash_mixes;
1214 	} else if (sign_match && addr_match && !link_up) {
1215 		/* Respond. The link will come up in due time */
1216 		*respond = true;
1217 	} else if (sign_match && !addr_match && link_up) {
1218 		/* Peer has changed i/f address without rebooting.
1219 		 * If so, the link will reset soon, and the next
1220 		 * discovery will be accepted. So we can ignore it.
1221 		 * It may also be a cloned or malicious peer having
1222 		 * chosen the same node address and signature as an
1223 		 * existing one.
1224 		 * Ignore requests until the link goes down, if ever.
1225 		 */
1226 		*dupl_addr = true;
1227 	} else if (sign_match && !addr_match && !link_up) {
1228 		/* Peer link has changed i/f address without rebooting.
1229 		 * It may also be a cloned or malicious peer; we can't
1230 		 * distinguish between the two.
1231 		 * The signature is correct, so we must accept.
1232 		 */
1233 		accept_addr = true;
1234 		*respond = true;
1235 	} else if (!sign_match && addr_match && link_up) {
1236 		/* Peer node rebooted. Two possibilities:
1237 		 *  - Delayed re-discovery; this link endpoint has already
1238 		 *    reset and re-established contact with the peer, before
1239 		 *    receiving a discovery message from that node.
1240 		 *    (The peer happened to receive one from this node first).
1241 		 *  - The peer came back so fast that our side has not
1242 		 *    discovered it yet. Probing from this side will soon
1243 		 *    reset the link, since there can be no working link
1244 		 *    endpoint at the peer end, and the link will re-establish.
1245 		 *  Accept the signature, since it comes from a known peer.
1246 		 */
1247 		n->signature = signature;
1248 	} else if (!sign_match && addr_match && !link_up) {
1249 		/*  The peer node has rebooted.
1250 		 *  Accept signature, since it is a known peer.
1251 		 */
1252 		n->signature = signature;
1253 		*respond = true;
1254 	} else if (!sign_match && !addr_match && link_up) {
1255 		/* Peer rebooted with new address, or a new/duplicate peer.
1256 		 * Ignore until the link goes down, if ever.
1257 		 */
1258 		*dupl_addr = true;
1259 	} else if (!sign_match && !addr_match && !link_up) {
1260 		/* Peer rebooted with new address, or it is a new peer.
1261 		 * Accept signature and address.
1262 		 */
1263 		n->signature = signature;
1264 		accept_addr = true;
1265 		*respond = true;
1266 	}
1267 
1268 	if (!accept_addr)
1269 		goto exit;
1270 
1271 	/* Now create new link if not already existing */
1272 	if (!l) {
1273 		if (n->link_cnt == 2)
1274 			goto exit;
1275 
1276 		if_name = strchr(b->name, ':') + 1;
1277 		get_random_bytes(&session, sizeof(u16));
1278 		if (!tipc_link_create(net, if_name, b->identity, b->tolerance,
1279 				      b->net_plane, b->mtu, b->priority,
1280 				      b->min_win, b->max_win, session,
1281 				      tipc_own_addr(net), addr, peer_id,
1282 				      n->capabilities,
1283 				      tipc_bc_sndlink(n->net), n->bc_entry.link,
1284 				      &le->inputq,
1285 				      &n->bc_entry.namedq, &l)) {
1286 			*respond = false;
1287 			goto exit;
1288 		}
1289 		trace_tipc_link_reset(l, TIPC_DUMP_ALL, "link created!");
1290 		tipc_link_reset(l);
1291 		tipc_link_fsm_evt(l, LINK_RESET_EVT);
1292 		if (n->state == NODE_FAILINGOVER)
1293 			tipc_link_fsm_evt(l, LINK_FAILOVER_BEGIN_EVT);
1294 		le->link = l;
1295 		n->link_cnt++;
1296 		tipc_node_calculate_timer(n, l);
1297 		if (n->link_cnt == 1) {
1298 			intv = jiffies + msecs_to_jiffies(n->keepalive_intv);
1299 			if (!mod_timer(&n->timer, intv))
1300 				tipc_node_get(n);
1301 		}
1302 	}
1303 	memcpy(&le->maddr, maddr, sizeof(*maddr));
1304 exit:
1305 	tipc_node_write_unlock(n);
1306 	if (reset && l && !tipc_link_is_reset(l))
1307 		tipc_node_link_down(n, b->identity, false);
1308 	tipc_node_put(n);
1309 }
1310 
tipc_node_delete_links(struct net * net,int bearer_id)1311 void tipc_node_delete_links(struct net *net, int bearer_id)
1312 {
1313 	struct tipc_net *tn = net_generic(net, tipc_net_id);
1314 	struct tipc_node *n;
1315 
1316 	rcu_read_lock();
1317 	list_for_each_entry_rcu(n, &tn->node_list, list) {
1318 		tipc_node_link_down(n, bearer_id, true);
1319 	}
1320 	rcu_read_unlock();
1321 }
1322 
tipc_node_reset_links(struct tipc_node * n)1323 static void tipc_node_reset_links(struct tipc_node *n)
1324 {
1325 	int i;
1326 
1327 	pr_warn("Resetting all links to %x\n", n->addr);
1328 
1329 	trace_tipc_node_reset_links(n, true, " ");
1330 	for (i = 0; i < MAX_BEARERS; i++) {
1331 		tipc_node_link_down(n, i, false);
1332 	}
1333 }
1334 
1335 /* tipc_node_fsm_evt - node finite state machine
1336  * Determines when contact is allowed with peer node
1337  */
tipc_node_fsm_evt(struct tipc_node * n,int evt)1338 static void tipc_node_fsm_evt(struct tipc_node *n, int evt)
1339 {
1340 	int state = n->state;
1341 
1342 	switch (state) {
1343 	case SELF_DOWN_PEER_DOWN:
1344 		switch (evt) {
1345 		case SELF_ESTABL_CONTACT_EVT:
1346 			state = SELF_UP_PEER_COMING;
1347 			break;
1348 		case PEER_ESTABL_CONTACT_EVT:
1349 			state = SELF_COMING_PEER_UP;
1350 			break;
1351 		case SELF_LOST_CONTACT_EVT:
1352 		case PEER_LOST_CONTACT_EVT:
1353 			break;
1354 		case NODE_SYNCH_END_EVT:
1355 		case NODE_SYNCH_BEGIN_EVT:
1356 		case NODE_FAILOVER_BEGIN_EVT:
1357 		case NODE_FAILOVER_END_EVT:
1358 		default:
1359 			goto illegal_evt;
1360 		}
1361 		break;
1362 	case SELF_UP_PEER_UP:
1363 		switch (evt) {
1364 		case SELF_LOST_CONTACT_EVT:
1365 			state = SELF_DOWN_PEER_LEAVING;
1366 			break;
1367 		case PEER_LOST_CONTACT_EVT:
1368 			state = SELF_LEAVING_PEER_DOWN;
1369 			break;
1370 		case NODE_SYNCH_BEGIN_EVT:
1371 			state = NODE_SYNCHING;
1372 			break;
1373 		case NODE_FAILOVER_BEGIN_EVT:
1374 			state = NODE_FAILINGOVER;
1375 			break;
1376 		case SELF_ESTABL_CONTACT_EVT:
1377 		case PEER_ESTABL_CONTACT_EVT:
1378 		case NODE_SYNCH_END_EVT:
1379 		case NODE_FAILOVER_END_EVT:
1380 			break;
1381 		default:
1382 			goto illegal_evt;
1383 		}
1384 		break;
1385 	case SELF_DOWN_PEER_LEAVING:
1386 		switch (evt) {
1387 		case PEER_LOST_CONTACT_EVT:
1388 			state = SELF_DOWN_PEER_DOWN;
1389 			break;
1390 		case SELF_ESTABL_CONTACT_EVT:
1391 		case PEER_ESTABL_CONTACT_EVT:
1392 		case SELF_LOST_CONTACT_EVT:
1393 			break;
1394 		case NODE_SYNCH_END_EVT:
1395 		case NODE_SYNCH_BEGIN_EVT:
1396 		case NODE_FAILOVER_BEGIN_EVT:
1397 		case NODE_FAILOVER_END_EVT:
1398 		default:
1399 			goto illegal_evt;
1400 		}
1401 		break;
1402 	case SELF_UP_PEER_COMING:
1403 		switch (evt) {
1404 		case PEER_ESTABL_CONTACT_EVT:
1405 			state = SELF_UP_PEER_UP;
1406 			break;
1407 		case SELF_LOST_CONTACT_EVT:
1408 			state = SELF_DOWN_PEER_DOWN;
1409 			break;
1410 		case SELF_ESTABL_CONTACT_EVT:
1411 		case PEER_LOST_CONTACT_EVT:
1412 		case NODE_SYNCH_END_EVT:
1413 		case NODE_FAILOVER_BEGIN_EVT:
1414 			break;
1415 		case NODE_SYNCH_BEGIN_EVT:
1416 		case NODE_FAILOVER_END_EVT:
1417 		default:
1418 			goto illegal_evt;
1419 		}
1420 		break;
1421 	case SELF_COMING_PEER_UP:
1422 		switch (evt) {
1423 		case SELF_ESTABL_CONTACT_EVT:
1424 			state = SELF_UP_PEER_UP;
1425 			break;
1426 		case PEER_LOST_CONTACT_EVT:
1427 			state = SELF_DOWN_PEER_DOWN;
1428 			break;
1429 		case SELF_LOST_CONTACT_EVT:
1430 		case PEER_ESTABL_CONTACT_EVT:
1431 			break;
1432 		case NODE_SYNCH_END_EVT:
1433 		case NODE_SYNCH_BEGIN_EVT:
1434 		case NODE_FAILOVER_BEGIN_EVT:
1435 		case NODE_FAILOVER_END_EVT:
1436 		default:
1437 			goto illegal_evt;
1438 		}
1439 		break;
1440 	case SELF_LEAVING_PEER_DOWN:
1441 		switch (evt) {
1442 		case SELF_LOST_CONTACT_EVT:
1443 			state = SELF_DOWN_PEER_DOWN;
1444 			break;
1445 		case SELF_ESTABL_CONTACT_EVT:
1446 		case PEER_ESTABL_CONTACT_EVT:
1447 		case PEER_LOST_CONTACT_EVT:
1448 			break;
1449 		case NODE_SYNCH_END_EVT:
1450 		case NODE_SYNCH_BEGIN_EVT:
1451 		case NODE_FAILOVER_BEGIN_EVT:
1452 		case NODE_FAILOVER_END_EVT:
1453 		default:
1454 			goto illegal_evt;
1455 		}
1456 		break;
1457 	case NODE_FAILINGOVER:
1458 		switch (evt) {
1459 		case SELF_LOST_CONTACT_EVT:
1460 			state = SELF_DOWN_PEER_LEAVING;
1461 			break;
1462 		case PEER_LOST_CONTACT_EVT:
1463 			state = SELF_LEAVING_PEER_DOWN;
1464 			break;
1465 		case NODE_FAILOVER_END_EVT:
1466 			state = SELF_UP_PEER_UP;
1467 			break;
1468 		case NODE_FAILOVER_BEGIN_EVT:
1469 		case SELF_ESTABL_CONTACT_EVT:
1470 		case PEER_ESTABL_CONTACT_EVT:
1471 			break;
1472 		case NODE_SYNCH_BEGIN_EVT:
1473 		case NODE_SYNCH_END_EVT:
1474 		default:
1475 			goto illegal_evt;
1476 		}
1477 		break;
1478 	case NODE_SYNCHING:
1479 		switch (evt) {
1480 		case SELF_LOST_CONTACT_EVT:
1481 			state = SELF_DOWN_PEER_LEAVING;
1482 			break;
1483 		case PEER_LOST_CONTACT_EVT:
1484 			state = SELF_LEAVING_PEER_DOWN;
1485 			break;
1486 		case NODE_SYNCH_END_EVT:
1487 			state = SELF_UP_PEER_UP;
1488 			break;
1489 		case NODE_FAILOVER_BEGIN_EVT:
1490 			state = NODE_FAILINGOVER;
1491 			break;
1492 		case NODE_SYNCH_BEGIN_EVT:
1493 		case SELF_ESTABL_CONTACT_EVT:
1494 		case PEER_ESTABL_CONTACT_EVT:
1495 			break;
1496 		case NODE_FAILOVER_END_EVT:
1497 		default:
1498 			goto illegal_evt;
1499 		}
1500 		break;
1501 	default:
1502 		pr_err("Unknown node fsm state %x\n", state);
1503 		break;
1504 	}
1505 	trace_tipc_node_fsm(n->peer_id, n->state, state, evt);
1506 	n->state = state;
1507 	return;
1508 
1509 illegal_evt:
1510 	pr_err("Illegal node fsm evt %x in state %x\n", evt, state);
1511 	trace_tipc_node_fsm(n->peer_id, n->state, state, evt);
1512 }
1513 
node_lost_contact(struct tipc_node * n,struct sk_buff_head * inputq)1514 static void node_lost_contact(struct tipc_node *n,
1515 			      struct sk_buff_head *inputq)
1516 {
1517 	struct tipc_sock_conn *conn, *safe;
1518 	struct tipc_link *l;
1519 	struct list_head *conns = &n->conn_sks;
1520 	struct sk_buff *skb;
1521 	uint i;
1522 
1523 	pr_debug("Lost contact with %x\n", n->addr);
1524 	n->delete_at = jiffies + msecs_to_jiffies(NODE_CLEANUP_AFTER);
1525 	trace_tipc_node_lost_contact(n, true, " ");
1526 
1527 	/* Clean up broadcast state */
1528 	tipc_bcast_remove_peer(n->net, n->bc_entry.link);
1529 	skb_queue_purge(&n->bc_entry.namedq);
1530 
1531 	/* Abort any ongoing link failover */
1532 	for (i = 0; i < MAX_BEARERS; i++) {
1533 		l = n->links[i].link;
1534 		if (l)
1535 			tipc_link_fsm_evt(l, LINK_FAILOVER_END_EVT);
1536 	}
1537 
1538 	/* Notify publications from this node */
1539 	n->action_flags |= TIPC_NOTIFY_NODE_DOWN;
1540 	n->peer_net = NULL;
1541 	n->peer_hash_mix = 0;
1542 	/* Notify sockets connected to node */
1543 	list_for_each_entry_safe(conn, safe, conns, list) {
1544 		skb = tipc_msg_create(TIPC_CRITICAL_IMPORTANCE, TIPC_CONN_MSG,
1545 				      SHORT_H_SIZE, 0, tipc_own_addr(n->net),
1546 				      conn->peer_node, conn->port,
1547 				      conn->peer_port, TIPC_ERR_NO_NODE);
1548 		if (likely(skb))
1549 			skb_queue_tail(inputq, skb);
1550 		list_del(&conn->list);
1551 		kfree(conn);
1552 	}
1553 }
1554 
1555 /**
1556  * tipc_node_get_linkname - get the name of a link
1557  *
1558  * @net: the applicable net namespace
1559  * @bearer_id: id of the bearer
1560  * @addr: peer node address
1561  * @linkname: link name output buffer
1562  * @len: size of @linkname output buffer
1563  *
1564  * Return: 0 on success
1565  */
tipc_node_get_linkname(struct net * net,u32 bearer_id,u32 addr,char * linkname,size_t len)1566 int tipc_node_get_linkname(struct net *net, u32 bearer_id, u32 addr,
1567 			   char *linkname, size_t len)
1568 {
1569 	struct tipc_link *link;
1570 	int err = -EINVAL;
1571 	struct tipc_node *node = tipc_node_find(net, addr);
1572 
1573 	if (!node)
1574 		return err;
1575 
1576 	if (bearer_id >= MAX_BEARERS)
1577 		goto exit;
1578 
1579 	tipc_node_read_lock(node);
1580 	link = node->links[bearer_id].link;
1581 	if (link) {
1582 		strncpy(linkname, tipc_link_name(link), len);
1583 		err = 0;
1584 	}
1585 	tipc_node_read_unlock(node);
1586 exit:
1587 	tipc_node_put(node);
1588 	return err;
1589 }
1590 
1591 /* Caller should hold node lock for the passed node */
__tipc_nl_add_node(struct tipc_nl_msg * msg,struct tipc_node * node)1592 static int __tipc_nl_add_node(struct tipc_nl_msg *msg, struct tipc_node *node)
1593 {
1594 	void *hdr;
1595 	struct nlattr *attrs;
1596 
1597 	hdr = genlmsg_put(msg->skb, msg->portid, msg->seq, &tipc_genl_family,
1598 			  NLM_F_MULTI, TIPC_NL_NODE_GET);
1599 	if (!hdr)
1600 		return -EMSGSIZE;
1601 
1602 	attrs = nla_nest_start_noflag(msg->skb, TIPC_NLA_NODE);
1603 	if (!attrs)
1604 		goto msg_full;
1605 
1606 	if (nla_put_u32(msg->skb, TIPC_NLA_NODE_ADDR, node->addr))
1607 		goto attr_msg_full;
1608 	if (node_is_up(node))
1609 		if (nla_put_flag(msg->skb, TIPC_NLA_NODE_UP))
1610 			goto attr_msg_full;
1611 
1612 	nla_nest_end(msg->skb, attrs);
1613 	genlmsg_end(msg->skb, hdr);
1614 
1615 	return 0;
1616 
1617 attr_msg_full:
1618 	nla_nest_cancel(msg->skb, attrs);
1619 msg_full:
1620 	genlmsg_cancel(msg->skb, hdr);
1621 
1622 	return -EMSGSIZE;
1623 }
1624 
tipc_lxc_xmit(struct net * peer_net,struct sk_buff_head * list)1625 static void tipc_lxc_xmit(struct net *peer_net, struct sk_buff_head *list)
1626 {
1627 	struct tipc_msg *hdr = buf_msg(skb_peek(list));
1628 	struct sk_buff_head inputq;
1629 
1630 	switch (msg_user(hdr)) {
1631 	case TIPC_LOW_IMPORTANCE:
1632 	case TIPC_MEDIUM_IMPORTANCE:
1633 	case TIPC_HIGH_IMPORTANCE:
1634 	case TIPC_CRITICAL_IMPORTANCE:
1635 		if (msg_connected(hdr) || msg_named(hdr) ||
1636 		    msg_direct(hdr)) {
1637 			tipc_loopback_trace(peer_net, list);
1638 			spin_lock_init(&list->lock);
1639 			tipc_sk_rcv(peer_net, list);
1640 			return;
1641 		}
1642 		if (msg_mcast(hdr)) {
1643 			tipc_loopback_trace(peer_net, list);
1644 			skb_queue_head_init(&inputq);
1645 			tipc_sk_mcast_rcv(peer_net, list, &inputq);
1646 			__skb_queue_purge(list);
1647 			skb_queue_purge(&inputq);
1648 			return;
1649 		}
1650 		return;
1651 	case MSG_FRAGMENTER:
1652 		if (tipc_msg_assemble(list)) {
1653 			tipc_loopback_trace(peer_net, list);
1654 			skb_queue_head_init(&inputq);
1655 			tipc_sk_mcast_rcv(peer_net, list, &inputq);
1656 			__skb_queue_purge(list);
1657 			skb_queue_purge(&inputq);
1658 		}
1659 		return;
1660 	case GROUP_PROTOCOL:
1661 	case CONN_MANAGER:
1662 		tipc_loopback_trace(peer_net, list);
1663 		spin_lock_init(&list->lock);
1664 		tipc_sk_rcv(peer_net, list);
1665 		return;
1666 	case LINK_PROTOCOL:
1667 	case NAME_DISTRIBUTOR:
1668 	case TUNNEL_PROTOCOL:
1669 	case BCAST_PROTOCOL:
1670 		return;
1671 	default:
1672 		return;
1673 	}
1674 }
1675 
1676 /**
1677  * tipc_node_xmit() - general link level function for message sending
1678  * @net: the applicable net namespace
1679  * @list: chain of buffers containing message
1680  * @dnode: address of destination node
1681  * @selector: a number used for deterministic link selection
1682  * Consumes the buffer chain.
1683  * Return: 0 if success, otherwise: -ELINKCONG,-EHOSTUNREACH,-EMSGSIZE,-ENOBUF
1684  */
tipc_node_xmit(struct net * net,struct sk_buff_head * list,u32 dnode,int selector)1685 int tipc_node_xmit(struct net *net, struct sk_buff_head *list,
1686 		   u32 dnode, int selector)
1687 {
1688 	struct tipc_link_entry *le = NULL;
1689 	struct tipc_node *n;
1690 	struct sk_buff_head xmitq;
1691 	bool node_up = false;
1692 	struct net *peer_net;
1693 	int bearer_id;
1694 	int rc;
1695 
1696 	if (in_own_node(net, dnode)) {
1697 		tipc_loopback_trace(net, list);
1698 		spin_lock_init(&list->lock);
1699 		tipc_sk_rcv(net, list);
1700 		return 0;
1701 	}
1702 
1703 	n = tipc_node_find(net, dnode);
1704 	if (unlikely(!n)) {
1705 		__skb_queue_purge(list);
1706 		return -EHOSTUNREACH;
1707 	}
1708 
1709 	rcu_read_lock();
1710 	tipc_node_read_lock(n);
1711 	node_up = node_is_up(n);
1712 	peer_net = n->peer_net;
1713 	tipc_node_read_unlock(n);
1714 	if (node_up && peer_net && check_net(peer_net)) {
1715 		/* xmit inner linux container */
1716 		tipc_lxc_xmit(peer_net, list);
1717 		if (likely(skb_queue_empty(list))) {
1718 			rcu_read_unlock();
1719 			tipc_node_put(n);
1720 			return 0;
1721 		}
1722 	}
1723 	rcu_read_unlock();
1724 
1725 	tipc_node_read_lock(n);
1726 	bearer_id = n->active_links[selector & 1];
1727 	if (unlikely(bearer_id == INVALID_BEARER_ID)) {
1728 		tipc_node_read_unlock(n);
1729 		tipc_node_put(n);
1730 		__skb_queue_purge(list);
1731 		return -EHOSTUNREACH;
1732 	}
1733 
1734 	__skb_queue_head_init(&xmitq);
1735 	le = &n->links[bearer_id];
1736 	spin_lock_bh(&le->lock);
1737 	rc = tipc_link_xmit(le->link, list, &xmitq);
1738 	spin_unlock_bh(&le->lock);
1739 	tipc_node_read_unlock(n);
1740 
1741 	if (unlikely(rc == -ENOBUFS))
1742 		tipc_node_link_down(n, bearer_id, false);
1743 	else
1744 		tipc_bearer_xmit(net, bearer_id, &xmitq, &le->maddr, n);
1745 
1746 	tipc_node_put(n);
1747 
1748 	return rc;
1749 }
1750 
1751 /* tipc_node_xmit_skb(): send single buffer to destination
1752  * Buffers sent via this function are generally TIPC_SYSTEM_IMPORTANCE
1753  * messages, which will not be rejected
1754  * The only exception is datagram messages rerouted after secondary
1755  * lookup, which are rare and safe to dispose of anyway.
1756  */
tipc_node_xmit_skb(struct net * net,struct sk_buff * skb,u32 dnode,u32 selector)1757 int tipc_node_xmit_skb(struct net *net, struct sk_buff *skb, u32 dnode,
1758 		       u32 selector)
1759 {
1760 	struct sk_buff_head head;
1761 
1762 	__skb_queue_head_init(&head);
1763 	__skb_queue_tail(&head, skb);
1764 	tipc_node_xmit(net, &head, dnode, selector);
1765 	return 0;
1766 }
1767 
1768 /* tipc_node_distr_xmit(): send single buffer msgs to individual destinations
1769  * Note: this is only for SYSTEM_IMPORTANCE messages, which cannot be rejected
1770  */
tipc_node_distr_xmit(struct net * net,struct sk_buff_head * xmitq)1771 int tipc_node_distr_xmit(struct net *net, struct sk_buff_head *xmitq)
1772 {
1773 	struct sk_buff *skb;
1774 	u32 selector, dnode;
1775 
1776 	while ((skb = __skb_dequeue(xmitq))) {
1777 		selector = msg_origport(buf_msg(skb));
1778 		dnode = msg_destnode(buf_msg(skb));
1779 		tipc_node_xmit_skb(net, skb, dnode, selector);
1780 	}
1781 	return 0;
1782 }
1783 
tipc_node_broadcast(struct net * net,struct sk_buff * skb,int rc_dests)1784 void tipc_node_broadcast(struct net *net, struct sk_buff *skb, int rc_dests)
1785 {
1786 	struct sk_buff_head xmitq;
1787 	struct sk_buff *txskb;
1788 	struct tipc_node *n;
1789 	u16 dummy;
1790 	u32 dst;
1791 
1792 	/* Use broadcast if all nodes support it */
1793 	if (!rc_dests && tipc_bcast_get_mode(net) != BCLINK_MODE_RCAST) {
1794 		__skb_queue_head_init(&xmitq);
1795 		__skb_queue_tail(&xmitq, skb);
1796 		tipc_bcast_xmit(net, &xmitq, &dummy);
1797 		return;
1798 	}
1799 
1800 	/* Otherwise use legacy replicast method */
1801 	rcu_read_lock();
1802 	list_for_each_entry_rcu(n, tipc_nodes(net), list) {
1803 		dst = n->addr;
1804 		if (in_own_node(net, dst))
1805 			continue;
1806 		if (!node_is_up(n))
1807 			continue;
1808 		txskb = pskb_copy(skb, GFP_ATOMIC);
1809 		if (!txskb)
1810 			break;
1811 		msg_set_destnode(buf_msg(txskb), dst);
1812 		tipc_node_xmit_skb(net, txskb, dst, 0);
1813 	}
1814 	rcu_read_unlock();
1815 	kfree_skb(skb);
1816 }
1817 
tipc_node_mcast_rcv(struct tipc_node * n)1818 static void tipc_node_mcast_rcv(struct tipc_node *n)
1819 {
1820 	struct tipc_bclink_entry *be = &n->bc_entry;
1821 
1822 	/* 'arrvq' is under inputq2's lock protection */
1823 	spin_lock_bh(&be->inputq2.lock);
1824 	spin_lock_bh(&be->inputq1.lock);
1825 	skb_queue_splice_tail_init(&be->inputq1, &be->arrvq);
1826 	spin_unlock_bh(&be->inputq1.lock);
1827 	spin_unlock_bh(&be->inputq2.lock);
1828 	tipc_sk_mcast_rcv(n->net, &be->arrvq, &be->inputq2);
1829 }
1830 
tipc_node_bc_sync_rcv(struct tipc_node * n,struct tipc_msg * hdr,int bearer_id,struct sk_buff_head * xmitq)1831 static void tipc_node_bc_sync_rcv(struct tipc_node *n, struct tipc_msg *hdr,
1832 				  int bearer_id, struct sk_buff_head *xmitq)
1833 {
1834 	struct tipc_link *ucl;
1835 	int rc;
1836 
1837 	rc = tipc_bcast_sync_rcv(n->net, n->bc_entry.link, hdr, xmitq);
1838 
1839 	if (rc & TIPC_LINK_DOWN_EVT) {
1840 		tipc_node_reset_links(n);
1841 		return;
1842 	}
1843 
1844 	if (!(rc & TIPC_LINK_SND_STATE))
1845 		return;
1846 
1847 	/* If probe message, a STATE response will be sent anyway */
1848 	if (msg_probe(hdr))
1849 		return;
1850 
1851 	/* Produce a STATE message carrying broadcast NACK */
1852 	tipc_node_read_lock(n);
1853 	ucl = n->links[bearer_id].link;
1854 	if (ucl)
1855 		tipc_link_build_state_msg(ucl, xmitq);
1856 	tipc_node_read_unlock(n);
1857 }
1858 
1859 /**
1860  * tipc_node_bc_rcv - process TIPC broadcast packet arriving from off-node
1861  * @net: the applicable net namespace
1862  * @skb: TIPC packet
1863  * @bearer_id: id of bearer message arrived on
1864  *
1865  * Invoked with no locks held.
1866  */
tipc_node_bc_rcv(struct net * net,struct sk_buff * skb,int bearer_id)1867 static void tipc_node_bc_rcv(struct net *net, struct sk_buff *skb, int bearer_id)
1868 {
1869 	int rc;
1870 	struct sk_buff_head xmitq;
1871 	struct tipc_bclink_entry *be;
1872 	struct tipc_link_entry *le;
1873 	struct tipc_msg *hdr = buf_msg(skb);
1874 	int usr = msg_user(hdr);
1875 	u32 dnode = msg_destnode(hdr);
1876 	struct tipc_node *n;
1877 
1878 	__skb_queue_head_init(&xmitq);
1879 
1880 	/* If NACK for other node, let rcv link for that node peek into it */
1881 	if ((usr == BCAST_PROTOCOL) && (dnode != tipc_own_addr(net)))
1882 		n = tipc_node_find(net, dnode);
1883 	else
1884 		n = tipc_node_find(net, msg_prevnode(hdr));
1885 	if (!n) {
1886 		kfree_skb(skb);
1887 		return;
1888 	}
1889 	be = &n->bc_entry;
1890 	le = &n->links[bearer_id];
1891 
1892 	rc = tipc_bcast_rcv(net, be->link, skb);
1893 
1894 	/* Broadcast ACKs are sent on a unicast link */
1895 	if (rc & TIPC_LINK_SND_STATE) {
1896 		tipc_node_read_lock(n);
1897 		tipc_link_build_state_msg(le->link, &xmitq);
1898 		tipc_node_read_unlock(n);
1899 	}
1900 
1901 	if (!skb_queue_empty(&xmitq))
1902 		tipc_bearer_xmit(net, bearer_id, &xmitq, &le->maddr, n);
1903 
1904 	if (!skb_queue_empty(&be->inputq1))
1905 		tipc_node_mcast_rcv(n);
1906 
1907 	/* Handle NAME_DISTRIBUTOR messages sent from 1.7 nodes */
1908 	if (!skb_queue_empty(&n->bc_entry.namedq))
1909 		tipc_named_rcv(net, &n->bc_entry.namedq,
1910 			       &n->bc_entry.named_rcv_nxt,
1911 			       &n->bc_entry.named_open);
1912 
1913 	/* If reassembly or retransmission failure => reset all links to peer */
1914 	if (rc & TIPC_LINK_DOWN_EVT)
1915 		tipc_node_reset_links(n);
1916 
1917 	tipc_node_put(n);
1918 }
1919 
1920 /**
1921  * tipc_node_check_state - check and if necessary update node state
1922  * @n: target tipc_node
1923  * @skb: TIPC packet
1924  * @bearer_id: identity of bearer delivering the packet
1925  * @xmitq: queue for messages to be xmited on
1926  * Return: true if state and msg are ok, otherwise false
1927  */
tipc_node_check_state(struct tipc_node * n,struct sk_buff * skb,int bearer_id,struct sk_buff_head * xmitq)1928 static bool tipc_node_check_state(struct tipc_node *n, struct sk_buff *skb,
1929 				  int bearer_id, struct sk_buff_head *xmitq)
1930 {
1931 	struct tipc_msg *hdr = buf_msg(skb);
1932 	int usr = msg_user(hdr);
1933 	int mtyp = msg_type(hdr);
1934 	u16 oseqno = msg_seqno(hdr);
1935 	u16 exp_pkts = msg_msgcnt(hdr);
1936 	u16 rcv_nxt, syncpt, dlv_nxt, inputq_len;
1937 	int state = n->state;
1938 	struct tipc_link *l, *tnl, *pl = NULL;
1939 	struct tipc_media_addr *maddr;
1940 	int pb_id;
1941 
1942 	if (trace_tipc_node_check_state_enabled()) {
1943 		trace_tipc_skb_dump(skb, false, "skb for node state check");
1944 		trace_tipc_node_check_state(n, true, " ");
1945 	}
1946 	l = n->links[bearer_id].link;
1947 	if (!l)
1948 		return false;
1949 	rcv_nxt = tipc_link_rcv_nxt(l);
1950 
1951 
1952 	if (likely((state == SELF_UP_PEER_UP) && (usr != TUNNEL_PROTOCOL)))
1953 		return true;
1954 
1955 	/* Find parallel link, if any */
1956 	for (pb_id = 0; pb_id < MAX_BEARERS; pb_id++) {
1957 		if ((pb_id != bearer_id) && n->links[pb_id].link) {
1958 			pl = n->links[pb_id].link;
1959 			break;
1960 		}
1961 	}
1962 
1963 	if (!tipc_link_validate_msg(l, hdr)) {
1964 		trace_tipc_skb_dump(skb, false, "PROTO invalid (2)!");
1965 		trace_tipc_link_dump(l, TIPC_DUMP_NONE, "PROTO invalid (2)!");
1966 		return false;
1967 	}
1968 
1969 	/* Check and update node accesibility if applicable */
1970 	if (state == SELF_UP_PEER_COMING) {
1971 		if (!tipc_link_is_up(l))
1972 			return true;
1973 		if (!msg_peer_link_is_up(hdr))
1974 			return true;
1975 		tipc_node_fsm_evt(n, PEER_ESTABL_CONTACT_EVT);
1976 	}
1977 
1978 	if (state == SELF_DOWN_PEER_LEAVING) {
1979 		if (msg_peer_node_is_up(hdr))
1980 			return false;
1981 		tipc_node_fsm_evt(n, PEER_LOST_CONTACT_EVT);
1982 		return true;
1983 	}
1984 
1985 	if (state == SELF_LEAVING_PEER_DOWN)
1986 		return false;
1987 
1988 	/* Ignore duplicate packets */
1989 	if ((usr != LINK_PROTOCOL) && less(oseqno, rcv_nxt))
1990 		return true;
1991 
1992 	/* Initiate or update failover mode if applicable */
1993 	if ((usr == TUNNEL_PROTOCOL) && (mtyp == FAILOVER_MSG)) {
1994 		syncpt = oseqno + exp_pkts - 1;
1995 		if (pl && !tipc_link_is_reset(pl)) {
1996 			__tipc_node_link_down(n, &pb_id, xmitq, &maddr);
1997 			trace_tipc_node_link_down(n, true,
1998 						  "node link down <- failover!");
1999 			tipc_skb_queue_splice_tail_init(tipc_link_inputq(pl),
2000 							tipc_link_inputq(l));
2001 		}
2002 
2003 		/* If parallel link was already down, and this happened before
2004 		 * the tunnel link came up, node failover was never started.
2005 		 * Ensure that a FAILOVER_MSG is sent to get peer out of
2006 		 * NODE_FAILINGOVER state, also this node must accept
2007 		 * TUNNEL_MSGs from peer.
2008 		 */
2009 		if (n->state != NODE_FAILINGOVER)
2010 			tipc_node_link_failover(n, pl, l, xmitq);
2011 
2012 		/* If pkts arrive out of order, use lowest calculated syncpt */
2013 		if (less(syncpt, n->sync_point))
2014 			n->sync_point = syncpt;
2015 	}
2016 
2017 	/* Open parallel link when tunnel link reaches synch point */
2018 	if ((n->state == NODE_FAILINGOVER) && tipc_link_is_up(l)) {
2019 		if (!more(rcv_nxt, n->sync_point))
2020 			return true;
2021 		tipc_node_fsm_evt(n, NODE_FAILOVER_END_EVT);
2022 		if (pl)
2023 			tipc_link_fsm_evt(pl, LINK_FAILOVER_END_EVT);
2024 		return true;
2025 	}
2026 
2027 	/* No syncing needed if only one link */
2028 	if (!pl || !tipc_link_is_up(pl))
2029 		return true;
2030 
2031 	/* Initiate synch mode if applicable */
2032 	if ((usr == TUNNEL_PROTOCOL) && (mtyp == SYNCH_MSG) && (oseqno == 1)) {
2033 		if (n->capabilities & TIPC_TUNNEL_ENHANCED)
2034 			syncpt = msg_syncpt(hdr);
2035 		else
2036 			syncpt = msg_seqno(msg_inner_hdr(hdr)) + exp_pkts - 1;
2037 		if (!tipc_link_is_up(l))
2038 			__tipc_node_link_up(n, bearer_id, xmitq);
2039 		if (n->state == SELF_UP_PEER_UP) {
2040 			n->sync_point = syncpt;
2041 			tipc_link_fsm_evt(l, LINK_SYNCH_BEGIN_EVT);
2042 			tipc_node_fsm_evt(n, NODE_SYNCH_BEGIN_EVT);
2043 		}
2044 	}
2045 
2046 	/* Open tunnel link when parallel link reaches synch point */
2047 	if (n->state == NODE_SYNCHING) {
2048 		if (tipc_link_is_synching(l)) {
2049 			tnl = l;
2050 		} else {
2051 			tnl = pl;
2052 			pl = l;
2053 		}
2054 		inputq_len = skb_queue_len(tipc_link_inputq(pl));
2055 		dlv_nxt = tipc_link_rcv_nxt(pl) - inputq_len;
2056 		if (more(dlv_nxt, n->sync_point)) {
2057 			tipc_link_fsm_evt(tnl, LINK_SYNCH_END_EVT);
2058 			tipc_node_fsm_evt(n, NODE_SYNCH_END_EVT);
2059 			return true;
2060 		}
2061 		if (l == pl)
2062 			return true;
2063 		if ((usr == TUNNEL_PROTOCOL) && (mtyp == SYNCH_MSG))
2064 			return true;
2065 		if (usr == LINK_PROTOCOL)
2066 			return true;
2067 		return false;
2068 	}
2069 	return true;
2070 }
2071 
2072 /**
2073  * tipc_rcv - process TIPC packets/messages arriving from off-node
2074  * @net: the applicable net namespace
2075  * @skb: TIPC packet
2076  * @b: pointer to bearer message arrived on
2077  *
2078  * Invoked with no locks held. Bearer pointer must point to a valid bearer
2079  * structure (i.e. cannot be NULL), but bearer can be inactive.
2080  */
tipc_rcv(struct net * net,struct sk_buff * skb,struct tipc_bearer * b)2081 void tipc_rcv(struct net *net, struct sk_buff *skb, struct tipc_bearer *b)
2082 {
2083 	struct sk_buff_head xmitq;
2084 	struct tipc_link_entry *le;
2085 	struct tipc_msg *hdr;
2086 	struct tipc_node *n;
2087 	int bearer_id = b->identity;
2088 	u32 self = tipc_own_addr(net);
2089 	int usr, rc = 0;
2090 	u16 bc_ack;
2091 #ifdef CONFIG_TIPC_CRYPTO
2092 	struct tipc_ehdr *ehdr;
2093 
2094 	/* Check if message must be decrypted first */
2095 	if (TIPC_SKB_CB(skb)->decrypted || !tipc_ehdr_validate(skb))
2096 		goto rcv;
2097 
2098 	ehdr = (struct tipc_ehdr *)skb->data;
2099 	if (likely(ehdr->user != LINK_CONFIG)) {
2100 		n = tipc_node_find(net, ntohl(ehdr->addr));
2101 		if (unlikely(!n))
2102 			goto discard;
2103 	} else {
2104 		n = tipc_node_find_by_id(net, ehdr->id);
2105 	}
2106 	tipc_crypto_rcv(net, (n) ? n->crypto_rx : NULL, &skb, b);
2107 	if (!skb)
2108 		return;
2109 
2110 rcv:
2111 #endif
2112 	/* Ensure message is well-formed before touching the header */
2113 	if (unlikely(!tipc_msg_validate(&skb)))
2114 		goto discard;
2115 	__skb_queue_head_init(&xmitq);
2116 	hdr = buf_msg(skb);
2117 	usr = msg_user(hdr);
2118 	bc_ack = msg_bcast_ack(hdr);
2119 
2120 	/* Handle arrival of discovery or broadcast packet */
2121 	if (unlikely(msg_non_seq(hdr))) {
2122 		if (unlikely(usr == LINK_CONFIG))
2123 			return tipc_disc_rcv(net, skb, b);
2124 		else
2125 			return tipc_node_bc_rcv(net, skb, bearer_id);
2126 	}
2127 
2128 	/* Discard unicast link messages destined for another node */
2129 	if (unlikely(!msg_short(hdr) && (msg_destnode(hdr) != self)))
2130 		goto discard;
2131 
2132 	/* Locate neighboring node that sent packet */
2133 	n = tipc_node_find(net, msg_prevnode(hdr));
2134 	if (unlikely(!n))
2135 		goto discard;
2136 	le = &n->links[bearer_id];
2137 
2138 	/* Ensure broadcast reception is in synch with peer's send state */
2139 	if (unlikely(usr == LINK_PROTOCOL)) {
2140 		if (unlikely(skb_linearize(skb))) {
2141 			tipc_node_put(n);
2142 			goto discard;
2143 		}
2144 		hdr = buf_msg(skb);
2145 		tipc_node_bc_sync_rcv(n, hdr, bearer_id, &xmitq);
2146 	} else if (unlikely(tipc_link_acked(n->bc_entry.link) != bc_ack)) {
2147 		tipc_bcast_ack_rcv(net, n->bc_entry.link, hdr);
2148 	}
2149 
2150 	/* Receive packet directly if conditions permit */
2151 	tipc_node_read_lock(n);
2152 	if (likely((n->state == SELF_UP_PEER_UP) && (usr != TUNNEL_PROTOCOL))) {
2153 		spin_lock_bh(&le->lock);
2154 		if (le->link) {
2155 			rc = tipc_link_rcv(le->link, skb, &xmitq);
2156 			skb = NULL;
2157 		}
2158 		spin_unlock_bh(&le->lock);
2159 	}
2160 	tipc_node_read_unlock(n);
2161 
2162 	/* Check/update node state before receiving */
2163 	if (unlikely(skb)) {
2164 		if (unlikely(skb_linearize(skb)))
2165 			goto out_node_put;
2166 		tipc_node_write_lock(n);
2167 		if (tipc_node_check_state(n, skb, bearer_id, &xmitq)) {
2168 			if (le->link) {
2169 				rc = tipc_link_rcv(le->link, skb, &xmitq);
2170 				skb = NULL;
2171 			}
2172 		}
2173 		tipc_node_write_unlock(n);
2174 	}
2175 
2176 	if (unlikely(rc & TIPC_LINK_UP_EVT))
2177 		tipc_node_link_up(n, bearer_id, &xmitq);
2178 
2179 	if (unlikely(rc & TIPC_LINK_DOWN_EVT))
2180 		tipc_node_link_down(n, bearer_id, false);
2181 
2182 	if (unlikely(!skb_queue_empty(&n->bc_entry.namedq)))
2183 		tipc_named_rcv(net, &n->bc_entry.namedq,
2184 			       &n->bc_entry.named_rcv_nxt,
2185 			       &n->bc_entry.named_open);
2186 
2187 	if (unlikely(!skb_queue_empty(&n->bc_entry.inputq1)))
2188 		tipc_node_mcast_rcv(n);
2189 
2190 	if (!skb_queue_empty(&le->inputq))
2191 		tipc_sk_rcv(net, &le->inputq);
2192 
2193 	if (!skb_queue_empty(&xmitq))
2194 		tipc_bearer_xmit(net, bearer_id, &xmitq, &le->maddr, n);
2195 
2196 out_node_put:
2197 	tipc_node_put(n);
2198 discard:
2199 	kfree_skb(skb);
2200 }
2201 
tipc_node_apply_property(struct net * net,struct tipc_bearer * b,int prop)2202 void tipc_node_apply_property(struct net *net, struct tipc_bearer *b,
2203 			      int prop)
2204 {
2205 	struct tipc_net *tn = tipc_net(net);
2206 	int bearer_id = b->identity;
2207 	struct sk_buff_head xmitq;
2208 	struct tipc_link_entry *e;
2209 	struct tipc_node *n;
2210 
2211 	__skb_queue_head_init(&xmitq);
2212 
2213 	rcu_read_lock();
2214 
2215 	list_for_each_entry_rcu(n, &tn->node_list, list) {
2216 		tipc_node_write_lock(n);
2217 		e = &n->links[bearer_id];
2218 		if (e->link) {
2219 			if (prop == TIPC_NLA_PROP_TOL)
2220 				tipc_link_set_tolerance(e->link, b->tolerance,
2221 							&xmitq);
2222 			else if (prop == TIPC_NLA_PROP_MTU)
2223 				tipc_link_set_mtu(e->link, b->mtu);
2224 
2225 			/* Update MTU for node link entry */
2226 			e->mtu = tipc_link_mss(e->link);
2227 		}
2228 
2229 		tipc_node_write_unlock(n);
2230 		tipc_bearer_xmit(net, bearer_id, &xmitq, &e->maddr, NULL);
2231 	}
2232 
2233 	rcu_read_unlock();
2234 }
2235 
tipc_nl_peer_rm(struct sk_buff * skb,struct genl_info * info)2236 int tipc_nl_peer_rm(struct sk_buff *skb, struct genl_info *info)
2237 {
2238 	struct net *net = sock_net(skb->sk);
2239 	struct tipc_net *tn = net_generic(net, tipc_net_id);
2240 	struct nlattr *attrs[TIPC_NLA_NET_MAX + 1];
2241 	struct tipc_node *peer, *temp_node;
2242 	u8 node_id[NODE_ID_LEN];
2243 	u64 *w0 = (u64 *)&node_id[0];
2244 	u64 *w1 = (u64 *)&node_id[8];
2245 	u32 addr;
2246 	int err;
2247 
2248 	/* We identify the peer by its net */
2249 	if (!info->attrs[TIPC_NLA_NET])
2250 		return -EINVAL;
2251 
2252 	err = nla_parse_nested_deprecated(attrs, TIPC_NLA_NET_MAX,
2253 					  info->attrs[TIPC_NLA_NET],
2254 					  tipc_nl_net_policy, info->extack);
2255 	if (err)
2256 		return err;
2257 
2258 	/* attrs[TIPC_NLA_NET_NODEID] and attrs[TIPC_NLA_NET_ADDR] are
2259 	 * mutually exclusive cases
2260 	 */
2261 	if (attrs[TIPC_NLA_NET_ADDR]) {
2262 		addr = nla_get_u32(attrs[TIPC_NLA_NET_ADDR]);
2263 		if (!addr)
2264 			return -EINVAL;
2265 	}
2266 
2267 	if (attrs[TIPC_NLA_NET_NODEID]) {
2268 		if (!attrs[TIPC_NLA_NET_NODEID_W1])
2269 			return -EINVAL;
2270 		*w0 = nla_get_u64(attrs[TIPC_NLA_NET_NODEID]);
2271 		*w1 = nla_get_u64(attrs[TIPC_NLA_NET_NODEID_W1]);
2272 		addr = hash128to32(node_id);
2273 	}
2274 
2275 	if (in_own_node(net, addr))
2276 		return -ENOTSUPP;
2277 
2278 	spin_lock_bh(&tn->node_list_lock);
2279 	peer = tipc_node_find(net, addr);
2280 	if (!peer) {
2281 		spin_unlock_bh(&tn->node_list_lock);
2282 		return -ENXIO;
2283 	}
2284 
2285 	tipc_node_write_lock(peer);
2286 	if (peer->state != SELF_DOWN_PEER_DOWN &&
2287 	    peer->state != SELF_DOWN_PEER_LEAVING) {
2288 		tipc_node_write_unlock(peer);
2289 		err = -EBUSY;
2290 		goto err_out;
2291 	}
2292 
2293 	tipc_node_clear_links(peer);
2294 	tipc_node_write_unlock(peer);
2295 	tipc_node_delete(peer);
2296 
2297 	/* Calculate cluster capabilities */
2298 	tn->capabilities = TIPC_NODE_CAPABILITIES;
2299 	list_for_each_entry_rcu(temp_node, &tn->node_list, list) {
2300 		tn->capabilities &= temp_node->capabilities;
2301 	}
2302 	tipc_bcast_toggle_rcast(net, (tn->capabilities & TIPC_BCAST_RCAST));
2303 	err = 0;
2304 err_out:
2305 	tipc_node_put(peer);
2306 	spin_unlock_bh(&tn->node_list_lock);
2307 
2308 	return err;
2309 }
2310 
tipc_nl_node_dump(struct sk_buff * skb,struct netlink_callback * cb)2311 int tipc_nl_node_dump(struct sk_buff *skb, struct netlink_callback *cb)
2312 {
2313 	int err;
2314 	struct net *net = sock_net(skb->sk);
2315 	struct tipc_net *tn = net_generic(net, tipc_net_id);
2316 	int done = cb->args[0];
2317 	int last_addr = cb->args[1];
2318 	struct tipc_node *node;
2319 	struct tipc_nl_msg msg;
2320 
2321 	if (done)
2322 		return 0;
2323 
2324 	msg.skb = skb;
2325 	msg.portid = NETLINK_CB(cb->skb).portid;
2326 	msg.seq = cb->nlh->nlmsg_seq;
2327 
2328 	rcu_read_lock();
2329 	if (last_addr) {
2330 		node = tipc_node_find(net, last_addr);
2331 		if (!node) {
2332 			rcu_read_unlock();
2333 			/* We never set seq or call nl_dump_check_consistent()
2334 			 * this means that setting prev_seq here will cause the
2335 			 * consistence check to fail in the netlink callback
2336 			 * handler. Resulting in the NLMSG_DONE message having
2337 			 * the NLM_F_DUMP_INTR flag set if the node state
2338 			 * changed while we released the lock.
2339 			 */
2340 			cb->prev_seq = 1;
2341 			return -EPIPE;
2342 		}
2343 		tipc_node_put(node);
2344 	}
2345 
2346 	list_for_each_entry_rcu(node, &tn->node_list, list) {
2347 		if (node->preliminary)
2348 			continue;
2349 		if (last_addr) {
2350 			if (node->addr == last_addr)
2351 				last_addr = 0;
2352 			else
2353 				continue;
2354 		}
2355 
2356 		tipc_node_read_lock(node);
2357 		err = __tipc_nl_add_node(&msg, node);
2358 		if (err) {
2359 			last_addr = node->addr;
2360 			tipc_node_read_unlock(node);
2361 			goto out;
2362 		}
2363 
2364 		tipc_node_read_unlock(node);
2365 	}
2366 	done = 1;
2367 out:
2368 	cb->args[0] = done;
2369 	cb->args[1] = last_addr;
2370 	rcu_read_unlock();
2371 
2372 	return skb->len;
2373 }
2374 
2375 /* tipc_node_find_by_name - locate owner node of link by link's name
2376  * @net: the applicable net namespace
2377  * @name: pointer to link name string
2378  * @bearer_id: pointer to index in 'node->links' array where the link was found.
2379  *
2380  * Returns pointer to node owning the link, or 0 if no matching link is found.
2381  */
tipc_node_find_by_name(struct net * net,const char * link_name,unsigned int * bearer_id)2382 static struct tipc_node *tipc_node_find_by_name(struct net *net,
2383 						const char *link_name,
2384 						unsigned int *bearer_id)
2385 {
2386 	struct tipc_net *tn = net_generic(net, tipc_net_id);
2387 	struct tipc_link *l;
2388 	struct tipc_node *n;
2389 	struct tipc_node *found_node = NULL;
2390 	int i;
2391 
2392 	*bearer_id = 0;
2393 	rcu_read_lock();
2394 	list_for_each_entry_rcu(n, &tn->node_list, list) {
2395 		tipc_node_read_lock(n);
2396 		for (i = 0; i < MAX_BEARERS; i++) {
2397 			l = n->links[i].link;
2398 			if (l && !strcmp(tipc_link_name(l), link_name)) {
2399 				*bearer_id = i;
2400 				found_node = n;
2401 				break;
2402 			}
2403 		}
2404 		tipc_node_read_unlock(n);
2405 		if (found_node)
2406 			break;
2407 	}
2408 	rcu_read_unlock();
2409 
2410 	return found_node;
2411 }
2412 
tipc_nl_node_set_link(struct sk_buff * skb,struct genl_info * info)2413 int tipc_nl_node_set_link(struct sk_buff *skb, struct genl_info *info)
2414 {
2415 	int err;
2416 	int res = 0;
2417 	int bearer_id;
2418 	char *name;
2419 	struct tipc_link *link;
2420 	struct tipc_node *node;
2421 	struct sk_buff_head xmitq;
2422 	struct nlattr *attrs[TIPC_NLA_LINK_MAX + 1];
2423 	struct net *net = sock_net(skb->sk);
2424 
2425 	__skb_queue_head_init(&xmitq);
2426 
2427 	if (!info->attrs[TIPC_NLA_LINK])
2428 		return -EINVAL;
2429 
2430 	err = nla_parse_nested_deprecated(attrs, TIPC_NLA_LINK_MAX,
2431 					  info->attrs[TIPC_NLA_LINK],
2432 					  tipc_nl_link_policy, info->extack);
2433 	if (err)
2434 		return err;
2435 
2436 	if (!attrs[TIPC_NLA_LINK_NAME])
2437 		return -EINVAL;
2438 
2439 	name = nla_data(attrs[TIPC_NLA_LINK_NAME]);
2440 
2441 	if (strcmp(name, tipc_bclink_name) == 0)
2442 		return tipc_nl_bc_link_set(net, attrs);
2443 
2444 	node = tipc_node_find_by_name(net, name, &bearer_id);
2445 	if (!node)
2446 		return -EINVAL;
2447 
2448 	tipc_node_read_lock(node);
2449 
2450 	link = node->links[bearer_id].link;
2451 	if (!link) {
2452 		res = -EINVAL;
2453 		goto out;
2454 	}
2455 
2456 	if (attrs[TIPC_NLA_LINK_PROP]) {
2457 		struct nlattr *props[TIPC_NLA_PROP_MAX + 1];
2458 
2459 		err = tipc_nl_parse_link_prop(attrs[TIPC_NLA_LINK_PROP], props);
2460 		if (err) {
2461 			res = err;
2462 			goto out;
2463 		}
2464 
2465 		if (props[TIPC_NLA_PROP_TOL]) {
2466 			u32 tol;
2467 
2468 			tol = nla_get_u32(props[TIPC_NLA_PROP_TOL]);
2469 			tipc_link_set_tolerance(link, tol, &xmitq);
2470 		}
2471 		if (props[TIPC_NLA_PROP_PRIO]) {
2472 			u32 prio;
2473 
2474 			prio = nla_get_u32(props[TIPC_NLA_PROP_PRIO]);
2475 			tipc_link_set_prio(link, prio, &xmitq);
2476 		}
2477 		if (props[TIPC_NLA_PROP_WIN]) {
2478 			u32 max_win;
2479 
2480 			max_win = nla_get_u32(props[TIPC_NLA_PROP_WIN]);
2481 			tipc_link_set_queue_limits(link,
2482 						   tipc_link_min_win(link),
2483 						   max_win);
2484 		}
2485 	}
2486 
2487 out:
2488 	tipc_node_read_unlock(node);
2489 	tipc_bearer_xmit(net, bearer_id, &xmitq, &node->links[bearer_id].maddr,
2490 			 NULL);
2491 	return res;
2492 }
2493 
tipc_nl_node_get_link(struct sk_buff * skb,struct genl_info * info)2494 int tipc_nl_node_get_link(struct sk_buff *skb, struct genl_info *info)
2495 {
2496 	struct net *net = genl_info_net(info);
2497 	struct nlattr *attrs[TIPC_NLA_LINK_MAX + 1];
2498 	struct tipc_nl_msg msg;
2499 	char *name;
2500 	int err;
2501 
2502 	msg.portid = info->snd_portid;
2503 	msg.seq = info->snd_seq;
2504 
2505 	if (!info->attrs[TIPC_NLA_LINK])
2506 		return -EINVAL;
2507 
2508 	err = nla_parse_nested_deprecated(attrs, TIPC_NLA_LINK_MAX,
2509 					  info->attrs[TIPC_NLA_LINK],
2510 					  tipc_nl_link_policy, info->extack);
2511 	if (err)
2512 		return err;
2513 
2514 	if (!attrs[TIPC_NLA_LINK_NAME])
2515 		return -EINVAL;
2516 
2517 	name = nla_data(attrs[TIPC_NLA_LINK_NAME]);
2518 
2519 	msg.skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
2520 	if (!msg.skb)
2521 		return -ENOMEM;
2522 
2523 	if (strcmp(name, tipc_bclink_name) == 0) {
2524 		err = tipc_nl_add_bc_link(net, &msg, tipc_net(net)->bcl);
2525 		if (err)
2526 			goto err_free;
2527 	} else {
2528 		int bearer_id;
2529 		struct tipc_node *node;
2530 		struct tipc_link *link;
2531 
2532 		node = tipc_node_find_by_name(net, name, &bearer_id);
2533 		if (!node) {
2534 			err = -EINVAL;
2535 			goto err_free;
2536 		}
2537 
2538 		tipc_node_read_lock(node);
2539 		link = node->links[bearer_id].link;
2540 		if (!link) {
2541 			tipc_node_read_unlock(node);
2542 			err = -EINVAL;
2543 			goto err_free;
2544 		}
2545 
2546 		err = __tipc_nl_add_link(net, &msg, link, 0);
2547 		tipc_node_read_unlock(node);
2548 		if (err)
2549 			goto err_free;
2550 	}
2551 
2552 	return genlmsg_reply(msg.skb, info);
2553 
2554 err_free:
2555 	nlmsg_free(msg.skb);
2556 	return err;
2557 }
2558 
tipc_nl_node_reset_link_stats(struct sk_buff * skb,struct genl_info * info)2559 int tipc_nl_node_reset_link_stats(struct sk_buff *skb, struct genl_info *info)
2560 {
2561 	int err;
2562 	char *link_name;
2563 	unsigned int bearer_id;
2564 	struct tipc_link *link;
2565 	struct tipc_node *node;
2566 	struct nlattr *attrs[TIPC_NLA_LINK_MAX + 1];
2567 	struct net *net = sock_net(skb->sk);
2568 	struct tipc_net *tn = tipc_net(net);
2569 	struct tipc_link_entry *le;
2570 
2571 	if (!info->attrs[TIPC_NLA_LINK])
2572 		return -EINVAL;
2573 
2574 	err = nla_parse_nested_deprecated(attrs, TIPC_NLA_LINK_MAX,
2575 					  info->attrs[TIPC_NLA_LINK],
2576 					  tipc_nl_link_policy, info->extack);
2577 	if (err)
2578 		return err;
2579 
2580 	if (!attrs[TIPC_NLA_LINK_NAME])
2581 		return -EINVAL;
2582 
2583 	link_name = nla_data(attrs[TIPC_NLA_LINK_NAME]);
2584 
2585 	err = -EINVAL;
2586 	if (!strcmp(link_name, tipc_bclink_name)) {
2587 		err = tipc_bclink_reset_stats(net, tipc_bc_sndlink(net));
2588 		if (err)
2589 			return err;
2590 		return 0;
2591 	} else if (strstr(link_name, tipc_bclink_name)) {
2592 		rcu_read_lock();
2593 		list_for_each_entry_rcu(node, &tn->node_list, list) {
2594 			tipc_node_read_lock(node);
2595 			link = node->bc_entry.link;
2596 			if (link && !strcmp(link_name, tipc_link_name(link))) {
2597 				err = tipc_bclink_reset_stats(net, link);
2598 				tipc_node_read_unlock(node);
2599 				break;
2600 			}
2601 			tipc_node_read_unlock(node);
2602 		}
2603 		rcu_read_unlock();
2604 		return err;
2605 	}
2606 
2607 	node = tipc_node_find_by_name(net, link_name, &bearer_id);
2608 	if (!node)
2609 		return -EINVAL;
2610 
2611 	le = &node->links[bearer_id];
2612 	tipc_node_read_lock(node);
2613 	spin_lock_bh(&le->lock);
2614 	link = node->links[bearer_id].link;
2615 	if (!link) {
2616 		spin_unlock_bh(&le->lock);
2617 		tipc_node_read_unlock(node);
2618 		return -EINVAL;
2619 	}
2620 	tipc_link_reset_stats(link);
2621 	spin_unlock_bh(&le->lock);
2622 	tipc_node_read_unlock(node);
2623 	return 0;
2624 }
2625 
2626 /* Caller should hold node lock  */
__tipc_nl_add_node_links(struct net * net,struct tipc_nl_msg * msg,struct tipc_node * node,u32 * prev_link,bool bc_link)2627 static int __tipc_nl_add_node_links(struct net *net, struct tipc_nl_msg *msg,
2628 				    struct tipc_node *node, u32 *prev_link,
2629 				    bool bc_link)
2630 {
2631 	u32 i;
2632 	int err;
2633 
2634 	for (i = *prev_link; i < MAX_BEARERS; i++) {
2635 		*prev_link = i;
2636 
2637 		if (!node->links[i].link)
2638 			continue;
2639 
2640 		err = __tipc_nl_add_link(net, msg,
2641 					 node->links[i].link, NLM_F_MULTI);
2642 		if (err)
2643 			return err;
2644 	}
2645 
2646 	if (bc_link) {
2647 		*prev_link = i;
2648 		err = tipc_nl_add_bc_link(net, msg, node->bc_entry.link);
2649 		if (err)
2650 			return err;
2651 	}
2652 
2653 	*prev_link = 0;
2654 
2655 	return 0;
2656 }
2657 
tipc_nl_node_dump_link(struct sk_buff * skb,struct netlink_callback * cb)2658 int tipc_nl_node_dump_link(struct sk_buff *skb, struct netlink_callback *cb)
2659 {
2660 	struct net *net = sock_net(skb->sk);
2661 	struct nlattr **attrs = genl_dumpit_info(cb)->attrs;
2662 	struct nlattr *link[TIPC_NLA_LINK_MAX + 1];
2663 	struct tipc_net *tn = net_generic(net, tipc_net_id);
2664 	struct tipc_node *node;
2665 	struct tipc_nl_msg msg;
2666 	u32 prev_node = cb->args[0];
2667 	u32 prev_link = cb->args[1];
2668 	int done = cb->args[2];
2669 	bool bc_link = cb->args[3];
2670 	int err;
2671 
2672 	if (done)
2673 		return 0;
2674 
2675 	if (!prev_node) {
2676 		/* Check if broadcast-receiver links dumping is needed */
2677 		if (attrs && attrs[TIPC_NLA_LINK]) {
2678 			err = nla_parse_nested_deprecated(link,
2679 							  TIPC_NLA_LINK_MAX,
2680 							  attrs[TIPC_NLA_LINK],
2681 							  tipc_nl_link_policy,
2682 							  NULL);
2683 			if (unlikely(err))
2684 				return err;
2685 			if (unlikely(!link[TIPC_NLA_LINK_BROADCAST]))
2686 				return -EINVAL;
2687 			bc_link = true;
2688 		}
2689 	}
2690 
2691 	msg.skb = skb;
2692 	msg.portid = NETLINK_CB(cb->skb).portid;
2693 	msg.seq = cb->nlh->nlmsg_seq;
2694 
2695 	rcu_read_lock();
2696 	if (prev_node) {
2697 		node = tipc_node_find(net, prev_node);
2698 		if (!node) {
2699 			/* We never set seq or call nl_dump_check_consistent()
2700 			 * this means that setting prev_seq here will cause the
2701 			 * consistence check to fail in the netlink callback
2702 			 * handler. Resulting in the last NLMSG_DONE message
2703 			 * having the NLM_F_DUMP_INTR flag set.
2704 			 */
2705 			cb->prev_seq = 1;
2706 			goto out;
2707 		}
2708 		tipc_node_put(node);
2709 
2710 		list_for_each_entry_continue_rcu(node, &tn->node_list,
2711 						 list) {
2712 			tipc_node_read_lock(node);
2713 			err = __tipc_nl_add_node_links(net, &msg, node,
2714 						       &prev_link, bc_link);
2715 			tipc_node_read_unlock(node);
2716 			if (err)
2717 				goto out;
2718 
2719 			prev_node = node->addr;
2720 		}
2721 	} else {
2722 		err = tipc_nl_add_bc_link(net, &msg, tn->bcl);
2723 		if (err)
2724 			goto out;
2725 
2726 		list_for_each_entry_rcu(node, &tn->node_list, list) {
2727 			tipc_node_read_lock(node);
2728 			err = __tipc_nl_add_node_links(net, &msg, node,
2729 						       &prev_link, bc_link);
2730 			tipc_node_read_unlock(node);
2731 			if (err)
2732 				goto out;
2733 
2734 			prev_node = node->addr;
2735 		}
2736 	}
2737 	done = 1;
2738 out:
2739 	rcu_read_unlock();
2740 
2741 	cb->args[0] = prev_node;
2742 	cb->args[1] = prev_link;
2743 	cb->args[2] = done;
2744 	cb->args[3] = bc_link;
2745 
2746 	return skb->len;
2747 }
2748 
tipc_nl_node_set_monitor(struct sk_buff * skb,struct genl_info * info)2749 int tipc_nl_node_set_monitor(struct sk_buff *skb, struct genl_info *info)
2750 {
2751 	struct nlattr *attrs[TIPC_NLA_MON_MAX + 1];
2752 	struct net *net = sock_net(skb->sk);
2753 	int err;
2754 
2755 	if (!info->attrs[TIPC_NLA_MON])
2756 		return -EINVAL;
2757 
2758 	err = nla_parse_nested_deprecated(attrs, TIPC_NLA_MON_MAX,
2759 					  info->attrs[TIPC_NLA_MON],
2760 					  tipc_nl_monitor_policy,
2761 					  info->extack);
2762 	if (err)
2763 		return err;
2764 
2765 	if (attrs[TIPC_NLA_MON_ACTIVATION_THRESHOLD]) {
2766 		u32 val;
2767 
2768 		val = nla_get_u32(attrs[TIPC_NLA_MON_ACTIVATION_THRESHOLD]);
2769 		err = tipc_nl_monitor_set_threshold(net, val);
2770 		if (err)
2771 			return err;
2772 	}
2773 
2774 	return 0;
2775 }
2776 
__tipc_nl_add_monitor_prop(struct net * net,struct tipc_nl_msg * msg)2777 static int __tipc_nl_add_monitor_prop(struct net *net, struct tipc_nl_msg *msg)
2778 {
2779 	struct nlattr *attrs;
2780 	void *hdr;
2781 	u32 val;
2782 
2783 	hdr = genlmsg_put(msg->skb, msg->portid, msg->seq, &tipc_genl_family,
2784 			  0, TIPC_NL_MON_GET);
2785 	if (!hdr)
2786 		return -EMSGSIZE;
2787 
2788 	attrs = nla_nest_start_noflag(msg->skb, TIPC_NLA_MON);
2789 	if (!attrs)
2790 		goto msg_full;
2791 
2792 	val = tipc_nl_monitor_get_threshold(net);
2793 
2794 	if (nla_put_u32(msg->skb, TIPC_NLA_MON_ACTIVATION_THRESHOLD, val))
2795 		goto attr_msg_full;
2796 
2797 	nla_nest_end(msg->skb, attrs);
2798 	genlmsg_end(msg->skb, hdr);
2799 
2800 	return 0;
2801 
2802 attr_msg_full:
2803 	nla_nest_cancel(msg->skb, attrs);
2804 msg_full:
2805 	genlmsg_cancel(msg->skb, hdr);
2806 
2807 	return -EMSGSIZE;
2808 }
2809 
tipc_nl_node_get_monitor(struct sk_buff * skb,struct genl_info * info)2810 int tipc_nl_node_get_monitor(struct sk_buff *skb, struct genl_info *info)
2811 {
2812 	struct net *net = sock_net(skb->sk);
2813 	struct tipc_nl_msg msg;
2814 	int err;
2815 
2816 	msg.skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
2817 	if (!msg.skb)
2818 		return -ENOMEM;
2819 	msg.portid = info->snd_portid;
2820 	msg.seq = info->snd_seq;
2821 
2822 	err = __tipc_nl_add_monitor_prop(net, &msg);
2823 	if (err) {
2824 		nlmsg_free(msg.skb);
2825 		return err;
2826 	}
2827 
2828 	return genlmsg_reply(msg.skb, info);
2829 }
2830 
tipc_nl_node_dump_monitor(struct sk_buff * skb,struct netlink_callback * cb)2831 int tipc_nl_node_dump_monitor(struct sk_buff *skb, struct netlink_callback *cb)
2832 {
2833 	struct net *net = sock_net(skb->sk);
2834 	u32 prev_bearer = cb->args[0];
2835 	struct tipc_nl_msg msg;
2836 	int bearer_id;
2837 	int err;
2838 
2839 	if (prev_bearer == MAX_BEARERS)
2840 		return 0;
2841 
2842 	msg.skb = skb;
2843 	msg.portid = NETLINK_CB(cb->skb).portid;
2844 	msg.seq = cb->nlh->nlmsg_seq;
2845 
2846 	rtnl_lock();
2847 	for (bearer_id = prev_bearer; bearer_id < MAX_BEARERS; bearer_id++) {
2848 		err = __tipc_nl_add_monitor(net, &msg, bearer_id);
2849 		if (err)
2850 			break;
2851 	}
2852 	rtnl_unlock();
2853 	cb->args[0] = bearer_id;
2854 
2855 	return skb->len;
2856 }
2857 
tipc_nl_node_dump_monitor_peer(struct sk_buff * skb,struct netlink_callback * cb)2858 int tipc_nl_node_dump_monitor_peer(struct sk_buff *skb,
2859 				   struct netlink_callback *cb)
2860 {
2861 	struct net *net = sock_net(skb->sk);
2862 	u32 prev_node = cb->args[1];
2863 	u32 bearer_id = cb->args[2];
2864 	int done = cb->args[0];
2865 	struct tipc_nl_msg msg;
2866 	int err;
2867 
2868 	if (!prev_node) {
2869 		struct nlattr **attrs = genl_dumpit_info(cb)->attrs;
2870 		struct nlattr *mon[TIPC_NLA_MON_MAX + 1];
2871 
2872 		if (!attrs[TIPC_NLA_MON])
2873 			return -EINVAL;
2874 
2875 		err = nla_parse_nested_deprecated(mon, TIPC_NLA_MON_MAX,
2876 						  attrs[TIPC_NLA_MON],
2877 						  tipc_nl_monitor_policy,
2878 						  NULL);
2879 		if (err)
2880 			return err;
2881 
2882 		if (!mon[TIPC_NLA_MON_REF])
2883 			return -EINVAL;
2884 
2885 		bearer_id = nla_get_u32(mon[TIPC_NLA_MON_REF]);
2886 
2887 		if (bearer_id >= MAX_BEARERS)
2888 			return -EINVAL;
2889 	}
2890 
2891 	if (done)
2892 		return 0;
2893 
2894 	msg.skb = skb;
2895 	msg.portid = NETLINK_CB(cb->skb).portid;
2896 	msg.seq = cb->nlh->nlmsg_seq;
2897 
2898 	rtnl_lock();
2899 	err = tipc_nl_add_monitor_peer(net, &msg, bearer_id, &prev_node);
2900 	if (!err)
2901 		done = 1;
2902 
2903 	rtnl_unlock();
2904 	cb->args[0] = done;
2905 	cb->args[1] = prev_node;
2906 	cb->args[2] = bearer_id;
2907 
2908 	return skb->len;
2909 }
2910 
2911 #ifdef CONFIG_TIPC_CRYPTO
tipc_nl_retrieve_key(struct nlattr ** attrs,struct tipc_aead_key ** pkey)2912 static int tipc_nl_retrieve_key(struct nlattr **attrs,
2913 				struct tipc_aead_key **pkey)
2914 {
2915 	struct nlattr *attr = attrs[TIPC_NLA_NODE_KEY];
2916 	struct tipc_aead_key *key;
2917 
2918 	if (!attr)
2919 		return -ENODATA;
2920 
2921 	if (nla_len(attr) < sizeof(*key))
2922 		return -EINVAL;
2923 	key = (struct tipc_aead_key *)nla_data(attr);
2924 	if (key->keylen > TIPC_AEAD_KEYLEN_MAX ||
2925 	    nla_len(attr) < tipc_aead_key_size(key))
2926 		return -EINVAL;
2927 
2928 	*pkey = key;
2929 	return 0;
2930 }
2931 
tipc_nl_retrieve_nodeid(struct nlattr ** attrs,u8 ** node_id)2932 static int tipc_nl_retrieve_nodeid(struct nlattr **attrs, u8 **node_id)
2933 {
2934 	struct nlattr *attr = attrs[TIPC_NLA_NODE_ID];
2935 
2936 	if (!attr)
2937 		return -ENODATA;
2938 
2939 	if (nla_len(attr) < TIPC_NODEID_LEN)
2940 		return -EINVAL;
2941 
2942 	*node_id = (u8 *)nla_data(attr);
2943 	return 0;
2944 }
2945 
tipc_nl_retrieve_rekeying(struct nlattr ** attrs,u32 * intv)2946 static int tipc_nl_retrieve_rekeying(struct nlattr **attrs, u32 *intv)
2947 {
2948 	struct nlattr *attr = attrs[TIPC_NLA_NODE_REKEYING];
2949 
2950 	if (!attr)
2951 		return -ENODATA;
2952 
2953 	*intv = nla_get_u32(attr);
2954 	return 0;
2955 }
2956 
__tipc_nl_node_set_key(struct sk_buff * skb,struct genl_info * info)2957 static int __tipc_nl_node_set_key(struct sk_buff *skb, struct genl_info *info)
2958 {
2959 	struct nlattr *attrs[TIPC_NLA_NODE_MAX + 1];
2960 	struct net *net = sock_net(skb->sk);
2961 	struct tipc_crypto *tx = tipc_net(net)->crypto_tx, *c = tx;
2962 	struct tipc_node *n = NULL;
2963 	struct tipc_aead_key *ukey;
2964 	bool rekeying = true, master_key = false;
2965 	u8 *id, *own_id, mode;
2966 	u32 intv = 0;
2967 	int rc = 0;
2968 
2969 	if (!info->attrs[TIPC_NLA_NODE])
2970 		return -EINVAL;
2971 
2972 	rc = nla_parse_nested(attrs, TIPC_NLA_NODE_MAX,
2973 			      info->attrs[TIPC_NLA_NODE],
2974 			      tipc_nl_node_policy, info->extack);
2975 	if (rc)
2976 		return rc;
2977 
2978 	own_id = tipc_own_id(net);
2979 	if (!own_id) {
2980 		GENL_SET_ERR_MSG(info, "not found own node identity (set id?)");
2981 		return -EPERM;
2982 	}
2983 
2984 	rc = tipc_nl_retrieve_rekeying(attrs, &intv);
2985 	if (rc == -ENODATA)
2986 		rekeying = false;
2987 
2988 	rc = tipc_nl_retrieve_key(attrs, &ukey);
2989 	if (rc == -ENODATA && rekeying)
2990 		goto rekeying;
2991 	else if (rc)
2992 		return rc;
2993 
2994 	rc = tipc_aead_key_validate(ukey, info);
2995 	if (rc)
2996 		return rc;
2997 
2998 	rc = tipc_nl_retrieve_nodeid(attrs, &id);
2999 	switch (rc) {
3000 	case -ENODATA:
3001 		mode = CLUSTER_KEY;
3002 		master_key = !!(attrs[TIPC_NLA_NODE_KEY_MASTER]);
3003 		break;
3004 	case 0:
3005 		mode = PER_NODE_KEY;
3006 		if (memcmp(id, own_id, NODE_ID_LEN)) {
3007 			n = tipc_node_find_by_id(net, id) ?:
3008 				tipc_node_create(net, 0, id, 0xffffu, 0, true);
3009 			if (unlikely(!n))
3010 				return -ENOMEM;
3011 			c = n->crypto_rx;
3012 		}
3013 		break;
3014 	default:
3015 		return rc;
3016 	}
3017 
3018 	/* Initiate the TX/RX key */
3019 	rc = tipc_crypto_key_init(c, ukey, mode, master_key);
3020 	if (n)
3021 		tipc_node_put(n);
3022 
3023 	if (unlikely(rc < 0)) {
3024 		GENL_SET_ERR_MSG(info, "unable to initiate or attach new key");
3025 		return rc;
3026 	} else if (c == tx) {
3027 		/* Distribute TX key but not master one */
3028 		if (!master_key && tipc_crypto_key_distr(tx, rc, NULL))
3029 			GENL_SET_ERR_MSG(info, "failed to replicate new key");
3030 rekeying:
3031 		/* Schedule TX rekeying if needed */
3032 		tipc_crypto_rekeying_sched(tx, rekeying, intv);
3033 	}
3034 
3035 	return 0;
3036 }
3037 
tipc_nl_node_set_key(struct sk_buff * skb,struct genl_info * info)3038 int tipc_nl_node_set_key(struct sk_buff *skb, struct genl_info *info)
3039 {
3040 	int err;
3041 
3042 	rtnl_lock();
3043 	err = __tipc_nl_node_set_key(skb, info);
3044 	rtnl_unlock();
3045 
3046 	return err;
3047 }
3048 
__tipc_nl_node_flush_key(struct sk_buff * skb,struct genl_info * info)3049 static int __tipc_nl_node_flush_key(struct sk_buff *skb,
3050 				    struct genl_info *info)
3051 {
3052 	struct net *net = sock_net(skb->sk);
3053 	struct tipc_net *tn = tipc_net(net);
3054 	struct tipc_node *n;
3055 
3056 	tipc_crypto_key_flush(tn->crypto_tx);
3057 	rcu_read_lock();
3058 	list_for_each_entry_rcu(n, &tn->node_list, list)
3059 		tipc_crypto_key_flush(n->crypto_rx);
3060 	rcu_read_unlock();
3061 
3062 	return 0;
3063 }
3064 
tipc_nl_node_flush_key(struct sk_buff * skb,struct genl_info * info)3065 int tipc_nl_node_flush_key(struct sk_buff *skb, struct genl_info *info)
3066 {
3067 	int err;
3068 
3069 	rtnl_lock();
3070 	err = __tipc_nl_node_flush_key(skb, info);
3071 	rtnl_unlock();
3072 
3073 	return err;
3074 }
3075 #endif
3076 
3077 /**
3078  * tipc_node_dump - dump TIPC node data
3079  * @n: tipc node to be dumped
3080  * @more: dump more?
3081  *        - false: dump only tipc node data
3082  *        - true: dump node link data as well
3083  * @buf: returned buffer of dump data in format
3084  */
tipc_node_dump(struct tipc_node * n,bool more,char * buf)3085 int tipc_node_dump(struct tipc_node *n, bool more, char *buf)
3086 {
3087 	int i = 0;
3088 	size_t sz = (more) ? NODE_LMAX : NODE_LMIN;
3089 
3090 	if (!n) {
3091 		i += scnprintf(buf, sz, "node data: (null)\n");
3092 		return i;
3093 	}
3094 
3095 	i += scnprintf(buf, sz, "node data: %x", n->addr);
3096 	i += scnprintf(buf + i, sz - i, " %x", n->state);
3097 	i += scnprintf(buf + i, sz - i, " %d", n->active_links[0]);
3098 	i += scnprintf(buf + i, sz - i, " %d", n->active_links[1]);
3099 	i += scnprintf(buf + i, sz - i, " %x", n->action_flags);
3100 	i += scnprintf(buf + i, sz - i, " %u", n->failover_sent);
3101 	i += scnprintf(buf + i, sz - i, " %u", n->sync_point);
3102 	i += scnprintf(buf + i, sz - i, " %d", n->link_cnt);
3103 	i += scnprintf(buf + i, sz - i, " %u", n->working_links);
3104 	i += scnprintf(buf + i, sz - i, " %x", n->capabilities);
3105 	i += scnprintf(buf + i, sz - i, " %lu\n", n->keepalive_intv);
3106 
3107 	if (!more)
3108 		return i;
3109 
3110 	i += scnprintf(buf + i, sz - i, "link_entry[0]:\n");
3111 	i += scnprintf(buf + i, sz - i, " mtu: %u\n", n->links[0].mtu);
3112 	i += scnprintf(buf + i, sz - i, " media: ");
3113 	i += tipc_media_addr_printf(buf + i, sz - i, &n->links[0].maddr);
3114 	i += scnprintf(buf + i, sz - i, "\n");
3115 	i += tipc_link_dump(n->links[0].link, TIPC_DUMP_NONE, buf + i);
3116 	i += scnprintf(buf + i, sz - i, " inputq: ");
3117 	i += tipc_list_dump(&n->links[0].inputq, false, buf + i);
3118 
3119 	i += scnprintf(buf + i, sz - i, "link_entry[1]:\n");
3120 	i += scnprintf(buf + i, sz - i, " mtu: %u\n", n->links[1].mtu);
3121 	i += scnprintf(buf + i, sz - i, " media: ");
3122 	i += tipc_media_addr_printf(buf + i, sz - i, &n->links[1].maddr);
3123 	i += scnprintf(buf + i, sz - i, "\n");
3124 	i += tipc_link_dump(n->links[1].link, TIPC_DUMP_NONE, buf + i);
3125 	i += scnprintf(buf + i, sz - i, " inputq: ");
3126 	i += tipc_list_dump(&n->links[1].inputq, false, buf + i);
3127 
3128 	i += scnprintf(buf + i, sz - i, "bclink:\n ");
3129 	i += tipc_link_dump(n->bc_entry.link, TIPC_DUMP_NONE, buf + i);
3130 
3131 	return i;
3132 }
3133 
tipc_node_pre_cleanup_net(struct net * exit_net)3134 void tipc_node_pre_cleanup_net(struct net *exit_net)
3135 {
3136 	struct tipc_node *n;
3137 	struct tipc_net *tn;
3138 	struct net *tmp;
3139 
3140 	rcu_read_lock();
3141 	for_each_net_rcu(tmp) {
3142 		if (tmp == exit_net)
3143 			continue;
3144 		tn = tipc_net(tmp);
3145 		if (!tn)
3146 			continue;
3147 		spin_lock_bh(&tn->node_list_lock);
3148 		list_for_each_entry_rcu(n, &tn->node_list, list) {
3149 			if (!n->peer_net)
3150 				continue;
3151 			if (n->peer_net != exit_net)
3152 				continue;
3153 			tipc_node_write_lock(n);
3154 			n->peer_net = NULL;
3155 			n->peer_hash_mix = 0;
3156 			tipc_node_write_unlock_fast(n);
3157 			break;
3158 		}
3159 		spin_unlock_bh(&tn->node_list_lock);
3160 	}
3161 	rcu_read_unlock();
3162 }
3163