1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *	AARP:		An implementation of the AppleTalk AARP protocol for
4  *			Ethernet 'ELAP'.
5  *
6  *		Alan Cox  <Alan.Cox@linux.org>
7  *
8  *	This doesn't fit cleanly with the IP arp. Potentially we can use
9  *	the generic neighbour discovery code to clean this up.
10  *
11  *	FIXME:
12  *		We ought to handle the retransmits with a single list and a
13  *	separate fast timer for when it is needed.
14  *		Use neighbour discovery code.
15  *		Token Ring Support.
16  *
17  *	References:
18  *		Inside AppleTalk (2nd Ed).
19  *	Fixes:
20  *		Jaume Grau	-	flush caches on AARP_PROBE
21  *		Rob Newberry	-	Added proxy AARP and AARP proc fs,
22  *					moved probing from DDP module.
23  *		Arnaldo C. Melo -	don't mangle rx packets
24  */
25 
26 #include <linux/if_arp.h>
27 #include <linux/slab.h>
28 #include <net/sock.h>
29 #include <net/datalink.h>
30 #include <net/psnap.h>
31 #include <linux/atalk.h>
32 #include <linux/delay.h>
33 #include <linux/init.h>
34 #include <linux/proc_fs.h>
35 #include <linux/seq_file.h>
36 #include <linux/export.h>
37 #include <linux/etherdevice.h>
38 
39 int sysctl_aarp_expiry_time = AARP_EXPIRY_TIME;
40 int sysctl_aarp_tick_time = AARP_TICK_TIME;
41 int sysctl_aarp_retransmit_limit = AARP_RETRANSMIT_LIMIT;
42 int sysctl_aarp_resolve_time = AARP_RESOLVE_TIME;
43 
44 /* Lists of aarp entries */
45 /**
46  *	struct aarp_entry - AARP entry
47  *	@last_sent - Last time we xmitted the aarp request
48  *	@packet_queue - Queue of frames wait for resolution
49  *	@status - Used for proxy AARP
50  *	expires_at - Entry expiry time
51  *	target_addr - DDP Address
52  *	dev - Device to use
53  *	hwaddr - Physical i/f address of target/router
54  *	xmit_count - When this hits 10 we give up
55  *	next - Next entry in chain
56  */
57 struct aarp_entry {
58 	/* These first two are only used for unresolved entries */
59 	unsigned long		last_sent;
60 	struct sk_buff_head	packet_queue;
61 	int			status;
62 	unsigned long		expires_at;
63 	struct atalk_addr	target_addr;
64 	struct net_device	*dev;
65 	char			hwaddr[ETH_ALEN];
66 	unsigned short		xmit_count;
67 	struct aarp_entry	*next;
68 };
69 
70 /* Hashed list of resolved, unresolved and proxy entries */
71 static struct aarp_entry *resolved[AARP_HASH_SIZE];
72 static struct aarp_entry *unresolved[AARP_HASH_SIZE];
73 static struct aarp_entry *proxies[AARP_HASH_SIZE];
74 static int unresolved_count;
75 
76 /* One lock protects it all. */
77 static DEFINE_RWLOCK(aarp_lock);
78 
79 /* Used to walk the list and purge/kick entries.  */
80 static struct timer_list aarp_timer;
81 
82 /*
83  *	Delete an aarp queue
84  *
85  *	Must run under aarp_lock.
86  */
__aarp_expire(struct aarp_entry * a)87 static void __aarp_expire(struct aarp_entry *a)
88 {
89 	skb_queue_purge(&a->packet_queue);
90 	kfree(a);
91 }
92 
93 /*
94  *	Send an aarp queue entry request
95  *
96  *	Must run under aarp_lock.
97  */
__aarp_send_query(struct aarp_entry * a)98 static void __aarp_send_query(struct aarp_entry *a)
99 {
100 	static unsigned char aarp_eth_multicast[ETH_ALEN] =
101 					{ 0x09, 0x00, 0x07, 0xFF, 0xFF, 0xFF };
102 	struct net_device *dev = a->dev;
103 	struct elapaarp *eah;
104 	int len = dev->hard_header_len + sizeof(*eah) + aarp_dl->header_length;
105 	struct sk_buff *skb = alloc_skb(len, GFP_ATOMIC);
106 	struct atalk_addr *sat = atalk_find_dev_addr(dev);
107 
108 	if (!skb)
109 		return;
110 
111 	if (!sat) {
112 		kfree_skb(skb);
113 		return;
114 	}
115 
116 	/* Set up the buffer */
117 	skb_reserve(skb, dev->hard_header_len + aarp_dl->header_length);
118 	skb_reset_network_header(skb);
119 	skb_reset_transport_header(skb);
120 	skb_put(skb, sizeof(*eah));
121 	skb->protocol    = htons(ETH_P_ATALK);
122 	skb->dev	 = dev;
123 	eah		 = aarp_hdr(skb);
124 
125 	/* Set up the ARP */
126 	eah->hw_type	 = htons(AARP_HW_TYPE_ETHERNET);
127 	eah->pa_type	 = htons(ETH_P_ATALK);
128 	eah->hw_len	 = ETH_ALEN;
129 	eah->pa_len	 = AARP_PA_ALEN;
130 	eah->function	 = htons(AARP_REQUEST);
131 
132 	ether_addr_copy(eah->hw_src, dev->dev_addr);
133 
134 	eah->pa_src_zero = 0;
135 	eah->pa_src_net	 = sat->s_net;
136 	eah->pa_src_node = sat->s_node;
137 
138 	eth_zero_addr(eah->hw_dst);
139 
140 	eah->pa_dst_zero = 0;
141 	eah->pa_dst_net	 = a->target_addr.s_net;
142 	eah->pa_dst_node = a->target_addr.s_node;
143 
144 	/* Send it */
145 	aarp_dl->request(aarp_dl, skb, aarp_eth_multicast);
146 	/* Update the sending count */
147 	a->xmit_count++;
148 	a->last_sent = jiffies;
149 }
150 
151 /* This runs under aarp_lock and in softint context, so only atomic memory
152  * allocations can be used. */
aarp_send_reply(struct net_device * dev,struct atalk_addr * us,struct atalk_addr * them,unsigned char * sha)153 static void aarp_send_reply(struct net_device *dev, struct atalk_addr *us,
154 			    struct atalk_addr *them, unsigned char *sha)
155 {
156 	struct elapaarp *eah;
157 	int len = dev->hard_header_len + sizeof(*eah) + aarp_dl->header_length;
158 	struct sk_buff *skb = alloc_skb(len, GFP_ATOMIC);
159 
160 	if (!skb)
161 		return;
162 
163 	/* Set up the buffer */
164 	skb_reserve(skb, dev->hard_header_len + aarp_dl->header_length);
165 	skb_reset_network_header(skb);
166 	skb_reset_transport_header(skb);
167 	skb_put(skb, sizeof(*eah));
168 	skb->protocol    = htons(ETH_P_ATALK);
169 	skb->dev	 = dev;
170 	eah		 = aarp_hdr(skb);
171 
172 	/* Set up the ARP */
173 	eah->hw_type	 = htons(AARP_HW_TYPE_ETHERNET);
174 	eah->pa_type	 = htons(ETH_P_ATALK);
175 	eah->hw_len	 = ETH_ALEN;
176 	eah->pa_len	 = AARP_PA_ALEN;
177 	eah->function	 = htons(AARP_REPLY);
178 
179 	ether_addr_copy(eah->hw_src, dev->dev_addr);
180 
181 	eah->pa_src_zero = 0;
182 	eah->pa_src_net	 = us->s_net;
183 	eah->pa_src_node = us->s_node;
184 
185 	if (!sha)
186 		eth_zero_addr(eah->hw_dst);
187 	else
188 		ether_addr_copy(eah->hw_dst, sha);
189 
190 	eah->pa_dst_zero = 0;
191 	eah->pa_dst_net	 = them->s_net;
192 	eah->pa_dst_node = them->s_node;
193 
194 	/* Send it */
195 	aarp_dl->request(aarp_dl, skb, sha);
196 }
197 
198 /*
199  *	Send probe frames. Called from aarp_probe_network and
200  *	aarp_proxy_probe_network.
201  */
202 
aarp_send_probe(struct net_device * dev,struct atalk_addr * us)203 static void aarp_send_probe(struct net_device *dev, struct atalk_addr *us)
204 {
205 	struct elapaarp *eah;
206 	int len = dev->hard_header_len + sizeof(*eah) + aarp_dl->header_length;
207 	struct sk_buff *skb = alloc_skb(len, GFP_ATOMIC);
208 	static unsigned char aarp_eth_multicast[ETH_ALEN] =
209 					{ 0x09, 0x00, 0x07, 0xFF, 0xFF, 0xFF };
210 
211 	if (!skb)
212 		return;
213 
214 	/* Set up the buffer */
215 	skb_reserve(skb, dev->hard_header_len + aarp_dl->header_length);
216 	skb_reset_network_header(skb);
217 	skb_reset_transport_header(skb);
218 	skb_put(skb, sizeof(*eah));
219 	skb->protocol    = htons(ETH_P_ATALK);
220 	skb->dev	 = dev;
221 	eah		 = aarp_hdr(skb);
222 
223 	/* Set up the ARP */
224 	eah->hw_type	 = htons(AARP_HW_TYPE_ETHERNET);
225 	eah->pa_type	 = htons(ETH_P_ATALK);
226 	eah->hw_len	 = ETH_ALEN;
227 	eah->pa_len	 = AARP_PA_ALEN;
228 	eah->function	 = htons(AARP_PROBE);
229 
230 	ether_addr_copy(eah->hw_src, dev->dev_addr);
231 
232 	eah->pa_src_zero = 0;
233 	eah->pa_src_net	 = us->s_net;
234 	eah->pa_src_node = us->s_node;
235 
236 	eth_zero_addr(eah->hw_dst);
237 
238 	eah->pa_dst_zero = 0;
239 	eah->pa_dst_net	 = us->s_net;
240 	eah->pa_dst_node = us->s_node;
241 
242 	/* Send it */
243 	aarp_dl->request(aarp_dl, skb, aarp_eth_multicast);
244 }
245 
246 /*
247  *	Handle an aarp timer expire
248  *
249  *	Must run under the aarp_lock.
250  */
251 
__aarp_expire_timer(struct aarp_entry ** n)252 static void __aarp_expire_timer(struct aarp_entry **n)
253 {
254 	struct aarp_entry *t;
255 
256 	while (*n)
257 		/* Expired ? */
258 		if (time_after(jiffies, (*n)->expires_at)) {
259 			t = *n;
260 			*n = (*n)->next;
261 			__aarp_expire(t);
262 		} else
263 			n = &((*n)->next);
264 }
265 
266 /*
267  *	Kick all pending requests 5 times a second.
268  *
269  *	Must run under the aarp_lock.
270  */
__aarp_kick(struct aarp_entry ** n)271 static void __aarp_kick(struct aarp_entry **n)
272 {
273 	struct aarp_entry *t;
274 
275 	while (*n)
276 		/* Expired: if this will be the 11th tx, we delete instead. */
277 		if ((*n)->xmit_count >= sysctl_aarp_retransmit_limit) {
278 			t = *n;
279 			*n = (*n)->next;
280 			__aarp_expire(t);
281 		} else {
282 			__aarp_send_query(*n);
283 			n = &((*n)->next);
284 		}
285 }
286 
287 /*
288  *	A device has gone down. Take all entries referring to the device
289  *	and remove them.
290  *
291  *	Must run under the aarp_lock.
292  */
__aarp_expire_device(struct aarp_entry ** n,struct net_device * dev)293 static void __aarp_expire_device(struct aarp_entry **n, struct net_device *dev)
294 {
295 	struct aarp_entry *t;
296 
297 	while (*n)
298 		if ((*n)->dev == dev) {
299 			t = *n;
300 			*n = (*n)->next;
301 			__aarp_expire(t);
302 		} else
303 			n = &((*n)->next);
304 }
305 
306 /* Handle the timer event */
aarp_expire_timeout(struct timer_list * unused)307 static void aarp_expire_timeout(struct timer_list *unused)
308 {
309 	int ct;
310 
311 	write_lock_bh(&aarp_lock);
312 
313 	for (ct = 0; ct < AARP_HASH_SIZE; ct++) {
314 		__aarp_expire_timer(&resolved[ct]);
315 		__aarp_kick(&unresolved[ct]);
316 		__aarp_expire_timer(&unresolved[ct]);
317 		__aarp_expire_timer(&proxies[ct]);
318 	}
319 
320 	write_unlock_bh(&aarp_lock);
321 	mod_timer(&aarp_timer, jiffies +
322 			       (unresolved_count ? sysctl_aarp_tick_time :
323 				sysctl_aarp_expiry_time));
324 }
325 
326 /* Network device notifier chain handler. */
aarp_device_event(struct notifier_block * this,unsigned long event,void * ptr)327 static int aarp_device_event(struct notifier_block *this, unsigned long event,
328 			     void *ptr)
329 {
330 	struct net_device *dev = netdev_notifier_info_to_dev(ptr);
331 	int ct;
332 
333 	if (!net_eq(dev_net(dev), &init_net))
334 		return NOTIFY_DONE;
335 
336 	if (event == NETDEV_DOWN) {
337 		write_lock_bh(&aarp_lock);
338 
339 		for (ct = 0; ct < AARP_HASH_SIZE; ct++) {
340 			__aarp_expire_device(&resolved[ct], dev);
341 			__aarp_expire_device(&unresolved[ct], dev);
342 			__aarp_expire_device(&proxies[ct], dev);
343 		}
344 
345 		write_unlock_bh(&aarp_lock);
346 	}
347 	return NOTIFY_DONE;
348 }
349 
350 /* Expire all entries in a hash chain */
__aarp_expire_all(struct aarp_entry ** n)351 static void __aarp_expire_all(struct aarp_entry **n)
352 {
353 	struct aarp_entry *t;
354 
355 	while (*n) {
356 		t = *n;
357 		*n = (*n)->next;
358 		__aarp_expire(t);
359 	}
360 }
361 
362 /* Cleanup all hash chains -- module unloading */
aarp_purge(void)363 static void aarp_purge(void)
364 {
365 	int ct;
366 
367 	write_lock_bh(&aarp_lock);
368 	for (ct = 0; ct < AARP_HASH_SIZE; ct++) {
369 		__aarp_expire_all(&resolved[ct]);
370 		__aarp_expire_all(&unresolved[ct]);
371 		__aarp_expire_all(&proxies[ct]);
372 	}
373 	write_unlock_bh(&aarp_lock);
374 }
375 
376 /*
377  *	Create a new aarp entry.  This must use GFP_ATOMIC because it
378  *	runs while holding spinlocks.
379  */
aarp_alloc(void)380 static struct aarp_entry *aarp_alloc(void)
381 {
382 	struct aarp_entry *a = kmalloc(sizeof(*a), GFP_ATOMIC);
383 
384 	if (a)
385 		skb_queue_head_init(&a->packet_queue);
386 	return a;
387 }
388 
389 /*
390  * Find an entry. We might return an expired but not yet purged entry. We
391  * don't care as it will do no harm.
392  *
393  * This must run under the aarp_lock.
394  */
__aarp_find_entry(struct aarp_entry * list,struct net_device * dev,struct atalk_addr * sat)395 static struct aarp_entry *__aarp_find_entry(struct aarp_entry *list,
396 					    struct net_device *dev,
397 					    struct atalk_addr *sat)
398 {
399 	while (list) {
400 		if (list->target_addr.s_net == sat->s_net &&
401 		    list->target_addr.s_node == sat->s_node &&
402 		    list->dev == dev)
403 			break;
404 		list = list->next;
405 	}
406 
407 	return list;
408 }
409 
410 /* Called from the DDP code, and thus must be exported. */
aarp_proxy_remove(struct net_device * dev,struct atalk_addr * sa)411 void aarp_proxy_remove(struct net_device *dev, struct atalk_addr *sa)
412 {
413 	int hash = sa->s_node % (AARP_HASH_SIZE - 1);
414 	struct aarp_entry *a;
415 
416 	write_lock_bh(&aarp_lock);
417 
418 	a = __aarp_find_entry(proxies[hash], dev, sa);
419 	if (a)
420 		a->expires_at = jiffies - 1;
421 
422 	write_unlock_bh(&aarp_lock);
423 }
424 
425 /* This must run under aarp_lock. */
__aarp_proxy_find(struct net_device * dev,struct atalk_addr * sa)426 static struct atalk_addr *__aarp_proxy_find(struct net_device *dev,
427 					    struct atalk_addr *sa)
428 {
429 	int hash = sa->s_node % (AARP_HASH_SIZE - 1);
430 	struct aarp_entry *a = __aarp_find_entry(proxies[hash], dev, sa);
431 
432 	return a ? sa : NULL;
433 }
434 
435 /*
436  * Probe a Phase 1 device or a device that requires its Net:Node to
437  * be set via an ioctl.
438  */
aarp_send_probe_phase1(struct atalk_iface * iface)439 static void aarp_send_probe_phase1(struct atalk_iface *iface)
440 {
441 	struct ifreq atreq;
442 	struct sockaddr_at *sa = (struct sockaddr_at *)&atreq.ifr_addr;
443 	const struct net_device_ops *ops = iface->dev->netdev_ops;
444 
445 	sa->sat_addr.s_node = iface->address.s_node;
446 	sa->sat_addr.s_net = ntohs(iface->address.s_net);
447 
448 	/* We pass the Net:Node to the drivers/cards by a Device ioctl. */
449 	if (!(ops->ndo_do_ioctl(iface->dev, &atreq, SIOCSIFADDR))) {
450 		ops->ndo_do_ioctl(iface->dev, &atreq, SIOCGIFADDR);
451 		if (iface->address.s_net != htons(sa->sat_addr.s_net) ||
452 		    iface->address.s_node != sa->sat_addr.s_node)
453 			iface->status |= ATIF_PROBE_FAIL;
454 
455 		iface->address.s_net  = htons(sa->sat_addr.s_net);
456 		iface->address.s_node = sa->sat_addr.s_node;
457 	}
458 }
459 
460 
aarp_probe_network(struct atalk_iface * atif)461 void aarp_probe_network(struct atalk_iface *atif)
462 {
463 	if (atif->dev->type == ARPHRD_LOCALTLK ||
464 	    atif->dev->type == ARPHRD_PPP)
465 		aarp_send_probe_phase1(atif);
466 	else {
467 		unsigned int count;
468 
469 		for (count = 0; count < AARP_RETRANSMIT_LIMIT; count++) {
470 			aarp_send_probe(atif->dev, &atif->address);
471 
472 			/* Defer 1/10th */
473 			msleep(100);
474 
475 			if (atif->status & ATIF_PROBE_FAIL)
476 				break;
477 		}
478 	}
479 }
480 
aarp_proxy_probe_network(struct atalk_iface * atif,struct atalk_addr * sa)481 int aarp_proxy_probe_network(struct atalk_iface *atif, struct atalk_addr *sa)
482 {
483 	int hash, retval = -EPROTONOSUPPORT;
484 	struct aarp_entry *entry;
485 	unsigned int count;
486 
487 	/*
488 	 * we don't currently support LocalTalk or PPP for proxy AARP;
489 	 * if someone wants to try and add it, have fun
490 	 */
491 	if (atif->dev->type == ARPHRD_LOCALTLK ||
492 	    atif->dev->type == ARPHRD_PPP)
493 		goto out;
494 
495 	/*
496 	 * create a new AARP entry with the flags set to be published --
497 	 * we need this one to hang around even if it's in use
498 	 */
499 	entry = aarp_alloc();
500 	retval = -ENOMEM;
501 	if (!entry)
502 		goto out;
503 
504 	entry->expires_at = -1;
505 	entry->status = ATIF_PROBE;
506 	entry->target_addr.s_node = sa->s_node;
507 	entry->target_addr.s_net = sa->s_net;
508 	entry->dev = atif->dev;
509 
510 	write_lock_bh(&aarp_lock);
511 
512 	hash = sa->s_node % (AARP_HASH_SIZE - 1);
513 	entry->next = proxies[hash];
514 	proxies[hash] = entry;
515 
516 	for (count = 0; count < AARP_RETRANSMIT_LIMIT; count++) {
517 		aarp_send_probe(atif->dev, sa);
518 
519 		/* Defer 1/10th */
520 		write_unlock_bh(&aarp_lock);
521 		msleep(100);
522 		write_lock_bh(&aarp_lock);
523 
524 		if (entry->status & ATIF_PROBE_FAIL)
525 			break;
526 	}
527 
528 	if (entry->status & ATIF_PROBE_FAIL) {
529 		entry->expires_at = jiffies - 1; /* free the entry */
530 		retval = -EADDRINUSE; /* return network full */
531 	} else { /* clear the probing flag */
532 		entry->status &= ~ATIF_PROBE;
533 		retval = 1;
534 	}
535 
536 	write_unlock_bh(&aarp_lock);
537 out:
538 	return retval;
539 }
540 
541 /* Send a DDP frame */
aarp_send_ddp(struct net_device * dev,struct sk_buff * skb,struct atalk_addr * sa,void * hwaddr)542 int aarp_send_ddp(struct net_device *dev, struct sk_buff *skb,
543 		  struct atalk_addr *sa, void *hwaddr)
544 {
545 	static char ddp_eth_multicast[ETH_ALEN] =
546 		{ 0x09, 0x00, 0x07, 0xFF, 0xFF, 0xFF };
547 	int hash;
548 	struct aarp_entry *a;
549 
550 	skb_reset_network_header(skb);
551 
552 	/* Check for LocalTalk first */
553 	if (dev->type == ARPHRD_LOCALTLK) {
554 		struct atalk_addr *at = atalk_find_dev_addr(dev);
555 		struct ddpehdr *ddp = (struct ddpehdr *)skb->data;
556 		int ft = 2;
557 
558 		/*
559 		 * Compressible ?
560 		 *
561 		 * IFF: src_net == dest_net == device_net
562 		 * (zero matches anything)
563 		 */
564 
565 		if ((!ddp->deh_snet || at->s_net == ddp->deh_snet) &&
566 		    (!ddp->deh_dnet || at->s_net == ddp->deh_dnet)) {
567 			skb_pull(skb, sizeof(*ddp) - 4);
568 
569 			/*
570 			 *	The upper two remaining bytes are the port
571 			 *	numbers	we just happen to need. Now put the
572 			 *	length in the lower two.
573 			 */
574 			*((__be16 *)skb->data) = htons(skb->len);
575 			ft = 1;
576 		}
577 		/*
578 		 * Nice and easy. No AARP type protocols occur here so we can
579 		 * just shovel it out with a 3 byte LLAP header
580 		 */
581 
582 		skb_push(skb, 3);
583 		skb->data[0] = sa->s_node;
584 		skb->data[1] = at->s_node;
585 		skb->data[2] = ft;
586 		skb->dev     = dev;
587 		goto sendit;
588 	}
589 
590 	/* On a PPP link we neither compress nor aarp.  */
591 	if (dev->type == ARPHRD_PPP) {
592 		skb->protocol = htons(ETH_P_PPPTALK);
593 		skb->dev = dev;
594 		goto sendit;
595 	}
596 
597 	/* Non ELAP we cannot do. */
598 	if (dev->type != ARPHRD_ETHER)
599 		goto free_it;
600 
601 	skb->dev = dev;
602 	skb->protocol = htons(ETH_P_ATALK);
603 	hash = sa->s_node % (AARP_HASH_SIZE - 1);
604 
605 	/* Do we have a resolved entry? */
606 	if (sa->s_node == ATADDR_BCAST) {
607 		/* Send it */
608 		ddp_dl->request(ddp_dl, skb, ddp_eth_multicast);
609 		goto sent;
610 	}
611 
612 	write_lock_bh(&aarp_lock);
613 	a = __aarp_find_entry(resolved[hash], dev, sa);
614 
615 	if (a) { /* Return 1 and fill in the address */
616 		a->expires_at = jiffies + (sysctl_aarp_expiry_time * 10);
617 		ddp_dl->request(ddp_dl, skb, a->hwaddr);
618 		write_unlock_bh(&aarp_lock);
619 		goto sent;
620 	}
621 
622 	/* Do we have an unresolved entry: This is the less common path */
623 	a = __aarp_find_entry(unresolved[hash], dev, sa);
624 	if (a) { /* Queue onto the unresolved queue */
625 		skb_queue_tail(&a->packet_queue, skb);
626 		goto out_unlock;
627 	}
628 
629 	/* Allocate a new entry */
630 	a = aarp_alloc();
631 	if (!a) {
632 		/* Whoops slipped... good job it's an unreliable protocol 8) */
633 		write_unlock_bh(&aarp_lock);
634 		goto free_it;
635 	}
636 
637 	/* Set up the queue */
638 	skb_queue_tail(&a->packet_queue, skb);
639 	a->expires_at	 = jiffies + sysctl_aarp_resolve_time;
640 	a->dev		 = dev;
641 	a->next		 = unresolved[hash];
642 	a->target_addr	 = *sa;
643 	a->xmit_count	 = 0;
644 	unresolved[hash] = a;
645 	unresolved_count++;
646 
647 	/* Send an initial request for the address */
648 	__aarp_send_query(a);
649 
650 	/*
651 	 * Switch to fast timer if needed (That is if this is the first
652 	 * unresolved entry to get added)
653 	 */
654 
655 	if (unresolved_count == 1)
656 		mod_timer(&aarp_timer, jiffies + sysctl_aarp_tick_time);
657 
658 	/* Now finally, it is safe to drop the lock. */
659 out_unlock:
660 	write_unlock_bh(&aarp_lock);
661 
662 	/* Tell the ddp layer we have taken over for this frame. */
663 	goto sent;
664 
665 sendit:
666 	if (skb->sk)
667 		skb->priority = skb->sk->sk_priority;
668 	if (dev_queue_xmit(skb))
669 		goto drop;
670 sent:
671 	return NET_XMIT_SUCCESS;
672 free_it:
673 	kfree_skb(skb);
674 drop:
675 	return NET_XMIT_DROP;
676 }
677 EXPORT_SYMBOL(aarp_send_ddp);
678 
679 /*
680  *	An entry in the aarp unresolved queue has become resolved. Send
681  *	all the frames queued under it.
682  *
683  *	Must run under aarp_lock.
684  */
__aarp_resolved(struct aarp_entry ** list,struct aarp_entry * a,int hash)685 static void __aarp_resolved(struct aarp_entry **list, struct aarp_entry *a,
686 			    int hash)
687 {
688 	struct sk_buff *skb;
689 
690 	while (*list)
691 		if (*list == a) {
692 			unresolved_count--;
693 			*list = a->next;
694 
695 			/* Move into the resolved list */
696 			a->next = resolved[hash];
697 			resolved[hash] = a;
698 
699 			/* Kick frames off */
700 			while ((skb = skb_dequeue(&a->packet_queue)) != NULL) {
701 				a->expires_at = jiffies +
702 						sysctl_aarp_expiry_time * 10;
703 				ddp_dl->request(ddp_dl, skb, a->hwaddr);
704 			}
705 		} else
706 			list = &((*list)->next);
707 }
708 
709 /*
710  *	This is called by the SNAP driver whenever we see an AARP SNAP
711  *	frame. We currently only support Ethernet.
712  */
aarp_rcv(struct sk_buff * skb,struct net_device * dev,struct packet_type * pt,struct net_device * orig_dev)713 static int aarp_rcv(struct sk_buff *skb, struct net_device *dev,
714 		    struct packet_type *pt, struct net_device *orig_dev)
715 {
716 	struct elapaarp *ea = aarp_hdr(skb);
717 	int hash, ret = 0;
718 	__u16 function;
719 	struct aarp_entry *a;
720 	struct atalk_addr sa, *ma, da;
721 	struct atalk_iface *ifa;
722 
723 	if (!net_eq(dev_net(dev), &init_net))
724 		goto out0;
725 
726 	/* We only do Ethernet SNAP AARP. */
727 	if (dev->type != ARPHRD_ETHER)
728 		goto out0;
729 
730 	/* Frame size ok? */
731 	if (!skb_pull(skb, sizeof(*ea)))
732 		goto out0;
733 
734 	function = ntohs(ea->function);
735 
736 	/* Sanity check fields. */
737 	if (function < AARP_REQUEST || function > AARP_PROBE ||
738 	    ea->hw_len != ETH_ALEN || ea->pa_len != AARP_PA_ALEN ||
739 	    ea->pa_src_zero || ea->pa_dst_zero)
740 		goto out0;
741 
742 	/* Looks good. */
743 	hash = ea->pa_src_node % (AARP_HASH_SIZE - 1);
744 
745 	/* Build an address. */
746 	sa.s_node = ea->pa_src_node;
747 	sa.s_net = ea->pa_src_net;
748 
749 	/* Process the packet. Check for replies of me. */
750 	ifa = atalk_find_dev(dev);
751 	if (!ifa)
752 		goto out1;
753 
754 	if (ifa->status & ATIF_PROBE &&
755 	    ifa->address.s_node == ea->pa_dst_node &&
756 	    ifa->address.s_net == ea->pa_dst_net) {
757 		ifa->status |= ATIF_PROBE_FAIL; /* Fail the probe (in use) */
758 		goto out1;
759 	}
760 
761 	/* Check for replies of proxy AARP entries */
762 	da.s_node = ea->pa_dst_node;
763 	da.s_net  = ea->pa_dst_net;
764 
765 	write_lock_bh(&aarp_lock);
766 	a = __aarp_find_entry(proxies[hash], dev, &da);
767 
768 	if (a && a->status & ATIF_PROBE) {
769 		a->status |= ATIF_PROBE_FAIL;
770 		/*
771 		 * we do not respond to probe or request packets for
772 		 * this address while we are probing this address
773 		 */
774 		goto unlock;
775 	}
776 
777 	switch (function) {
778 	case AARP_REPLY:
779 		if (!unresolved_count)	/* Speed up */
780 			break;
781 
782 		/* Find the entry.  */
783 		a = __aarp_find_entry(unresolved[hash], dev, &sa);
784 		if (!a || dev != a->dev)
785 			break;
786 
787 		/* We can fill one in - this is good. */
788 		ether_addr_copy(a->hwaddr, ea->hw_src);
789 		__aarp_resolved(&unresolved[hash], a, hash);
790 		if (!unresolved_count)
791 			mod_timer(&aarp_timer,
792 				  jiffies + sysctl_aarp_expiry_time);
793 		break;
794 
795 	case AARP_REQUEST:
796 	case AARP_PROBE:
797 
798 		/*
799 		 * If it is my address set ma to my address and reply.
800 		 * We can treat probe and request the same.  Probe
801 		 * simply means we shouldn't cache the querying host,
802 		 * as in a probe they are proposing an address not
803 		 * using one.
804 		 *
805 		 * Support for proxy-AARP added. We check if the
806 		 * address is one of our proxies before we toss the
807 		 * packet out.
808 		 */
809 
810 		sa.s_node = ea->pa_dst_node;
811 		sa.s_net  = ea->pa_dst_net;
812 
813 		/* See if we have a matching proxy. */
814 		ma = __aarp_proxy_find(dev, &sa);
815 		if (!ma)
816 			ma = &ifa->address;
817 		else { /* We need to make a copy of the entry. */
818 			da.s_node = sa.s_node;
819 			da.s_net = sa.s_net;
820 			ma = &da;
821 		}
822 
823 		if (function == AARP_PROBE) {
824 			/*
825 			 * A probe implies someone trying to get an
826 			 * address. So as a precaution flush any
827 			 * entries we have for this address.
828 			 */
829 			a = __aarp_find_entry(resolved[sa.s_node %
830 						       (AARP_HASH_SIZE - 1)],
831 					      skb->dev, &sa);
832 
833 			/*
834 			 * Make it expire next tick - that avoids us
835 			 * getting into a probe/flush/learn/probe/
836 			 * flush/learn cycle during probing of a slow
837 			 * to respond host addr.
838 			 */
839 			if (a) {
840 				a->expires_at = jiffies - 1;
841 				mod_timer(&aarp_timer, jiffies +
842 					  sysctl_aarp_tick_time);
843 			}
844 		}
845 
846 		if (sa.s_node != ma->s_node)
847 			break;
848 
849 		if (sa.s_net && ma->s_net && sa.s_net != ma->s_net)
850 			break;
851 
852 		sa.s_node = ea->pa_src_node;
853 		sa.s_net = ea->pa_src_net;
854 
855 		/* aarp_my_address has found the address to use for us.
856 		 */
857 		aarp_send_reply(dev, ma, &sa, ea->hw_src);
858 		break;
859 	}
860 
861 unlock:
862 	write_unlock_bh(&aarp_lock);
863 out1:
864 	ret = 1;
865 out0:
866 	kfree_skb(skb);
867 	return ret;
868 }
869 
870 static struct notifier_block aarp_notifier = {
871 	.notifier_call = aarp_device_event,
872 };
873 
874 static unsigned char aarp_snap_id[] = { 0x00, 0x00, 0x00, 0x80, 0xF3 };
875 
aarp_proto_init(void)876 int __init aarp_proto_init(void)
877 {
878 	int rc;
879 
880 	aarp_dl = register_snap_client(aarp_snap_id, aarp_rcv);
881 	if (!aarp_dl) {
882 		printk(KERN_CRIT "Unable to register AARP with SNAP.\n");
883 		return -ENOMEM;
884 	}
885 	timer_setup(&aarp_timer, aarp_expire_timeout, 0);
886 	aarp_timer.expires  = jiffies + sysctl_aarp_expiry_time;
887 	add_timer(&aarp_timer);
888 	rc = register_netdevice_notifier(&aarp_notifier);
889 	if (rc) {
890 		del_timer_sync(&aarp_timer);
891 		unregister_snap_client(aarp_dl);
892 	}
893 	return rc;
894 }
895 
896 /* Remove the AARP entries associated with a device. */
aarp_device_down(struct net_device * dev)897 void aarp_device_down(struct net_device *dev)
898 {
899 	int ct;
900 
901 	write_lock_bh(&aarp_lock);
902 
903 	for (ct = 0; ct < AARP_HASH_SIZE; ct++) {
904 		__aarp_expire_device(&resolved[ct], dev);
905 		__aarp_expire_device(&unresolved[ct], dev);
906 		__aarp_expire_device(&proxies[ct], dev);
907 	}
908 
909 	write_unlock_bh(&aarp_lock);
910 }
911 
912 #ifdef CONFIG_PROC_FS
913 /*
914  * Get the aarp entry that is in the chain described
915  * by the iterator.
916  * If pos is set then skip till that index.
917  * pos = 1 is the first entry
918  */
iter_next(struct aarp_iter_state * iter,loff_t * pos)919 static struct aarp_entry *iter_next(struct aarp_iter_state *iter, loff_t *pos)
920 {
921 	int ct = iter->bucket;
922 	struct aarp_entry **table = iter->table;
923 	loff_t off = 0;
924 	struct aarp_entry *entry;
925 
926  rescan:
927 	while (ct < AARP_HASH_SIZE) {
928 		for (entry = table[ct]; entry; entry = entry->next) {
929 			if (!pos || ++off == *pos) {
930 				iter->table = table;
931 				iter->bucket = ct;
932 				return entry;
933 			}
934 		}
935 		++ct;
936 	}
937 
938 	if (table == resolved) {
939 		ct = 0;
940 		table = unresolved;
941 		goto rescan;
942 	}
943 	if (table == unresolved) {
944 		ct = 0;
945 		table = proxies;
946 		goto rescan;
947 	}
948 	return NULL;
949 }
950 
aarp_seq_start(struct seq_file * seq,loff_t * pos)951 static void *aarp_seq_start(struct seq_file *seq, loff_t *pos)
952 	__acquires(aarp_lock)
953 {
954 	struct aarp_iter_state *iter = seq->private;
955 
956 	read_lock_bh(&aarp_lock);
957 	iter->table     = resolved;
958 	iter->bucket    = 0;
959 
960 	return *pos ? iter_next(iter, pos) : SEQ_START_TOKEN;
961 }
962 
aarp_seq_next(struct seq_file * seq,void * v,loff_t * pos)963 static void *aarp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
964 {
965 	struct aarp_entry *entry = v;
966 	struct aarp_iter_state *iter = seq->private;
967 
968 	++*pos;
969 
970 	/* first line after header */
971 	if (v == SEQ_START_TOKEN)
972 		entry = iter_next(iter, NULL);
973 
974 	/* next entry in current bucket */
975 	else if (entry->next)
976 		entry = entry->next;
977 
978 	/* next bucket or table */
979 	else {
980 		++iter->bucket;
981 		entry = iter_next(iter, NULL);
982 	}
983 	return entry;
984 }
985 
aarp_seq_stop(struct seq_file * seq,void * v)986 static void aarp_seq_stop(struct seq_file *seq, void *v)
987 	__releases(aarp_lock)
988 {
989 	read_unlock_bh(&aarp_lock);
990 }
991 
dt2str(unsigned long ticks)992 static const char *dt2str(unsigned long ticks)
993 {
994 	static char buf[32];
995 
996 	sprintf(buf, "%ld.%02ld", ticks / HZ, ((ticks % HZ) * 100) / HZ);
997 
998 	return buf;
999 }
1000 
aarp_seq_show(struct seq_file * seq,void * v)1001 static int aarp_seq_show(struct seq_file *seq, void *v)
1002 {
1003 	struct aarp_iter_state *iter = seq->private;
1004 	struct aarp_entry *entry = v;
1005 	unsigned long now = jiffies;
1006 
1007 	if (v == SEQ_START_TOKEN)
1008 		seq_puts(seq,
1009 			 "Address  Interface   Hardware Address"
1010 			 "   Expires LastSend  Retry Status\n");
1011 	else {
1012 		seq_printf(seq, "%04X:%02X  %-12s",
1013 			   ntohs(entry->target_addr.s_net),
1014 			   (unsigned int) entry->target_addr.s_node,
1015 			   entry->dev ? entry->dev->name : "????");
1016 		seq_printf(seq, "%pM", entry->hwaddr);
1017 		seq_printf(seq, " %8s",
1018 			   dt2str((long)entry->expires_at - (long)now));
1019 		if (iter->table == unresolved)
1020 			seq_printf(seq, " %8s %6hu",
1021 				   dt2str(now - entry->last_sent),
1022 				   entry->xmit_count);
1023 		else
1024 			seq_puts(seq, "                ");
1025 		seq_printf(seq, " %s\n",
1026 			   (iter->table == resolved) ? "resolved"
1027 			   : (iter->table == unresolved) ? "unresolved"
1028 			   : (iter->table == proxies) ? "proxies"
1029 			   : "unknown");
1030 	}
1031 	return 0;
1032 }
1033 
1034 const struct seq_operations aarp_seq_ops = {
1035 	.start  = aarp_seq_start,
1036 	.next   = aarp_seq_next,
1037 	.stop   = aarp_seq_stop,
1038 	.show   = aarp_seq_show,
1039 };
1040 #endif
1041 
1042 /* General module cleanup. Called from cleanup_module() in ddp.c. */
aarp_cleanup_module(void)1043 void aarp_cleanup_module(void)
1044 {
1045 	del_timer_sync(&aarp_timer);
1046 	unregister_netdevice_notifier(&aarp_notifier);
1047 	unregister_snap_client(aarp_dl);
1048 	aarp_purge();
1049 }
1050