tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1/*
2 * DECnet An implementation of the DECnet protocol suite for the LINUX
3 * operating system. DECnet is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * DECnet Network Services Protocol (Input)
7 *
8 * Author: Eduardo Marcelo Serrat <emserrat@geocities.com>
9 *
10 * Changes:
11 *
12 * Steve Whitehouse: Split into dn_nsp_in.c and dn_nsp_out.c from
13 * original dn_nsp.c.
14 * Steve Whitehouse: Updated to work with my new routing architecture.
15 * Steve Whitehouse: Add changes from Eduardo Serrat's patches.
16 * Steve Whitehouse: Put all ack handling code in a common routine.
17 * Steve Whitehouse: Put other common bits into dn_nsp_rx()
18 * Steve Whitehouse: More checks on skb->len to catch bogus packets
19 * Fixed various race conditions and possible nasties.
20 * Steve Whitehouse: Now handles returned conninit frames.
21 * David S. Miller: New socket locking
22 * Steve Whitehouse: Fixed lockup when socket filtering was enabled.
23 * Paul Koning: Fix to push CC sockets into RUN when acks are
24 * received.
25 * Steve Whitehouse:
26 * Patrick Caulfield: Checking conninits for correctness & sending of error
27 * responses.
28 * Steve Whitehouse: Added backlog congestion level return codes.
29 * Patrick Caulfield:
30 * Steve Whitehouse: Added flow control support (outbound)
31 * Steve Whitehouse: Prepare for nonlinear skbs
32 */
33
34/******************************************************************************
35 (c) 1995-1998 E.M. Serrat emserrat@geocities.com
36
37 This program is free software; you can redistribute it and/or modify
38 it under the terms of the GNU General Public License as published by
39 the Free Software Foundation; either version 2 of the License, or
40 any later version.
41
42 This program is distributed in the hope that it will be useful,
43 but WITHOUT ANY WARRANTY; without even the implied warranty of
44 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
45 GNU General Public License for more details.
46*******************************************************************************/
47
48#include <linux/config.h>
49#include <linux/errno.h>
50#include <linux/types.h>
51#include <linux/socket.h>
52#include <linux/in.h>
53#include <linux/kernel.h>
54#include <linux/sched.h>
55#include <linux/timer.h>
56#include <linux/string.h>
57#include <linux/sockios.h>
58#include <linux/net.h>
59#include <linux/netdevice.h>
60#include <linux/inet.h>
61#include <linux/route.h>
62#include <net/sock.h>
63#include <net/tcp.h>
64#include <asm/system.h>
65#include <linux/fcntl.h>
66#include <linux/mm.h>
67#include <linux/termios.h>
68#include <linux/interrupt.h>
69#include <linux/proc_fs.h>
70#include <linux/stat.h>
71#include <linux/init.h>
72#include <linux/poll.h>
73#include <linux/netfilter_decnet.h>
74#include <net/neighbour.h>
75#include <net/dst.h>
76#include <net/dn.h>
77#include <net/dn_nsp.h>
78#include <net/dn_dev.h>
79#include <net/dn_route.h>
80
81extern int decnet_log_martians;
82
83static void dn_log_martian(struct sk_buff *skb, const char *msg)
84{
85 if (decnet_log_martians && net_ratelimit()) {
86 char *devname = skb->dev ? skb->dev->name : "???";
87 struct dn_skb_cb *cb = DN_SKB_CB(skb);
88 printk(KERN_INFO "DECnet: Martian packet (%s) dev=%s src=0x%04hx dst=0x%04hx srcport=0x%04hx dstport=0x%04hx\n", msg, devname, cb->src, cb->dst, cb->src_port, cb->dst_port);
89 }
90}
91
92/*
93 * For this function we've flipped the cross-subchannel bit
94 * if the message is an otherdata or linkservice message. Thus
95 * we can use it to work out what to update.
96 */
97static void dn_ack(struct sock *sk, struct sk_buff *skb, unsigned short ack)
98{
99 struct dn_scp *scp = DN_SK(sk);
100 unsigned short type = ((ack >> 12) & 0x0003);
101 int wakeup = 0;
102
103 switch(type) {
104 case 0: /* ACK - Data */
105 if (dn_after(ack, scp->ackrcv_dat)) {
106 scp->ackrcv_dat = ack & 0x0fff;
107 wakeup |= dn_nsp_check_xmit_queue(sk, skb, &scp->data_xmit_queue, ack);
108 }
109 break;
110 case 1: /* NAK - Data */
111 break;
112 case 2: /* ACK - OtherData */
113 if (dn_after(ack, scp->ackrcv_oth)) {
114 scp->ackrcv_oth = ack & 0x0fff;
115 wakeup |= dn_nsp_check_xmit_queue(sk, skb, &scp->other_xmit_queue, ack);
116 }
117 break;
118 case 3: /* NAK - OtherData */
119 break;
120 }
121
122 if (wakeup && !sock_flag(sk, SOCK_DEAD))
123 sk->sk_state_change(sk);
124}
125
126/*
127 * This function is a universal ack processor.
128 */
129static int dn_process_ack(struct sock *sk, struct sk_buff *skb, int oth)
130{
131 unsigned short *ptr = (unsigned short *)skb->data;
132 int len = 0;
133 unsigned short ack;
134
135 if (skb->len < 2)
136 return len;
137
138 if ((ack = dn_ntohs(*ptr)) & 0x8000) {
139 skb_pull(skb, 2);
140 ptr++;
141 len += 2;
142 if ((ack & 0x4000) == 0) {
143 if (oth)
144 ack ^= 0x2000;
145 dn_ack(sk, skb, ack);
146 }
147 }
148
149 if (skb->len < 2)
150 return len;
151
152 if ((ack = dn_ntohs(*ptr)) & 0x8000) {
153 skb_pull(skb, 2);
154 len += 2;
155 if ((ack & 0x4000) == 0) {
156 if (oth)
157 ack ^= 0x2000;
158 dn_ack(sk, skb, ack);
159 }
160 }
161
162 return len;
163}
164
165
166/**
167 * dn_check_idf - Check an image data field format is correct.
168 * @pptr: Pointer to pointer to image data
169 * @len: Pointer to length of image data
170 * @max: The maximum allowed length of the data in the image data field
171 * @follow_on: Check that this many bytes exist beyond the end of the image data
172 *
173 * Returns: 0 if ok, -1 on error
174 */
175static inline int dn_check_idf(unsigned char **pptr, int *len, unsigned char max, unsigned char follow_on)
176{
177 unsigned char *ptr = *pptr;
178 unsigned char flen = *ptr++;
179
180 (*len)--;
181 if (flen > max)
182 return -1;
183 if ((flen + follow_on) > *len)
184 return -1;
185
186 *len -= flen;
187 *pptr = ptr + flen;
188 return 0;
189}
190
191/*
192 * Table of reason codes to pass back to node which sent us a badly
193 * formed message, plus text messages for the log. A zero entry in
194 * the reason field means "don't reply" otherwise a disc init is sent with
195 * the specified reason code.
196 */
197static struct {
198 unsigned short reason;
199 const char *text;
200} ci_err_table[] = {
201 { 0, "CI: Truncated message" },
202 { NSP_REASON_ID, "CI: Destination username error" },
203 { NSP_REASON_ID, "CI: Destination username type" },
204 { NSP_REASON_US, "CI: Source username error" },
205 { 0, "CI: Truncated at menuver" },
206 { 0, "CI: Truncated before access or user data" },
207 { NSP_REASON_IO, "CI: Access data format error" },
208 { NSP_REASON_IO, "CI: User data format error" }
209};
210
211/*
212 * This function uses a slightly different lookup method
213 * to find its sockets, since it searches on object name/number
214 * rather than port numbers. Various tests are done to ensure that
215 * the incoming data is in the correct format before it is queued to
216 * a socket.
217 */
218static struct sock *dn_find_listener(struct sk_buff *skb, unsigned short *reason)
219{
220 struct dn_skb_cb *cb = DN_SKB_CB(skb);
221 struct nsp_conn_init_msg *msg = (struct nsp_conn_init_msg *)skb->data;
222 struct sockaddr_dn dstaddr;
223 struct sockaddr_dn srcaddr;
224 unsigned char type = 0;
225 int dstlen;
226 int srclen;
227 unsigned char *ptr;
228 int len;
229 int err = 0;
230 unsigned char menuver;
231
232 memset(&dstaddr, 0, sizeof(struct sockaddr_dn));
233 memset(&srcaddr, 0, sizeof(struct sockaddr_dn));
234
235 /*
236 * 1. Decode & remove message header
237 */
238 cb->src_port = msg->srcaddr;
239 cb->dst_port = msg->dstaddr;
240 cb->services = msg->services;
241 cb->info = msg->info;
242 cb->segsize = dn_ntohs(msg->segsize);
243
244 if (!pskb_may_pull(skb, sizeof(*msg)))
245 goto err_out;
246
247 skb_pull(skb, sizeof(*msg));
248
249 len = skb->len;
250 ptr = skb->data;
251
252 /*
253 * 2. Check destination end username format
254 */
255 dstlen = dn_username2sockaddr(ptr, len, &dstaddr, &type);
256 err++;
257 if (dstlen < 0)
258 goto err_out;
259
260 err++;
261 if (type > 1)
262 goto err_out;
263
264 len -= dstlen;
265 ptr += dstlen;
266
267 /*
268 * 3. Check source end username format
269 */
270 srclen = dn_username2sockaddr(ptr, len, &srcaddr, &type);
271 err++;
272 if (srclen < 0)
273 goto err_out;
274
275 len -= srclen;
276 ptr += srclen;
277 err++;
278 if (len < 1)
279 goto err_out;
280
281 menuver = *ptr;
282 ptr++;
283 len--;
284
285 /*
286 * 4. Check that optional data actually exists if menuver says it does
287 */
288 err++;
289 if ((menuver & (DN_MENUVER_ACC | DN_MENUVER_USR)) && (len < 1))
290 goto err_out;
291
292 /*
293 * 5. Check optional access data format
294 */
295 err++;
296 if (menuver & DN_MENUVER_ACC) {
297 if (dn_check_idf(&ptr, &len, 39, 1))
298 goto err_out;
299 if (dn_check_idf(&ptr, &len, 39, 1))
300 goto err_out;
301 if (dn_check_idf(&ptr, &len, 39, (menuver & DN_MENUVER_USR) ? 1 : 0))
302 goto err_out;
303 }
304
305 /*
306 * 6. Check optional user data format
307 */
308 err++;
309 if (menuver & DN_MENUVER_USR) {
310 if (dn_check_idf(&ptr, &len, 16, 0))
311 goto err_out;
312 }
313
314 /*
315 * 7. Look up socket based on destination end username
316 */
317 return dn_sklist_find_listener(&dstaddr);
318err_out:
319 dn_log_martian(skb, ci_err_table[err].text);
320 *reason = ci_err_table[err].reason;
321 return NULL;
322}
323
324
325static void dn_nsp_conn_init(struct sock *sk, struct sk_buff *skb)
326{
327 if (sk_acceptq_is_full(sk)) {
328 kfree_skb(skb);
329 return;
330 }
331
332 sk->sk_ack_backlog++;
333 skb_queue_tail(&sk->sk_receive_queue, skb);
334 sk->sk_state_change(sk);
335}
336
337static void dn_nsp_conn_conf(struct sock *sk, struct sk_buff *skb)
338{
339 struct dn_skb_cb *cb = DN_SKB_CB(skb);
340 struct dn_scp *scp = DN_SK(sk);
341 unsigned char *ptr;
342
343 if (skb->len < 4)
344 goto out;
345
346 ptr = skb->data;
347 cb->services = *ptr++;
348 cb->info = *ptr++;
349 cb->segsize = dn_ntohs(*(__u16 *)ptr);
350
351 if ((scp->state == DN_CI) || (scp->state == DN_CD)) {
352 scp->persist = 0;
353 scp->addrrem = cb->src_port;
354 sk->sk_state = TCP_ESTABLISHED;
355 scp->state = DN_RUN;
356 scp->services_rem = cb->services;
357 scp->info_rem = cb->info;
358 scp->segsize_rem = cb->segsize;
359
360 if ((scp->services_rem & NSP_FC_MASK) == NSP_FC_NONE)
361 scp->max_window = decnet_no_fc_max_cwnd;
362
363 if (skb->len > 0) {
364 unsigned char dlen = *skb->data;
365 if ((dlen <= 16) && (dlen <= skb->len)) {
366 scp->conndata_in.opt_optl = dlen;
367 memcpy(scp->conndata_in.opt_data, skb->data + 1, dlen);
368 }
369 }
370 dn_nsp_send_link(sk, DN_NOCHANGE, 0);
371 if (!sock_flag(sk, SOCK_DEAD))
372 sk->sk_state_change(sk);
373 }
374
375out:
376 kfree_skb(skb);
377}
378
379static void dn_nsp_conn_ack(struct sock *sk, struct sk_buff *skb)
380{
381 struct dn_scp *scp = DN_SK(sk);
382
383 if (scp->state == DN_CI) {
384 scp->state = DN_CD;
385 scp->persist = 0;
386 }
387
388 kfree_skb(skb);
389}
390
391static void dn_nsp_disc_init(struct sock *sk, struct sk_buff *skb)
392{
393 struct dn_scp *scp = DN_SK(sk);
394 struct dn_skb_cb *cb = DN_SKB_CB(skb);
395 unsigned short reason;
396
397 if (skb->len < 2)
398 goto out;
399
400 reason = dn_ntohs(*(__u16 *)skb->data);
401 skb_pull(skb, 2);
402
403 scp->discdata_in.opt_status = reason;
404 scp->discdata_in.opt_optl = 0;
405 memset(scp->discdata_in.opt_data, 0, 16);
406
407 if (skb->len > 0) {
408 unsigned char dlen = *skb->data;
409 if ((dlen <= 16) && (dlen <= skb->len)) {
410 scp->discdata_in.opt_optl = dlen;
411 memcpy(scp->discdata_in.opt_data, skb->data + 1, dlen);
412 }
413 }
414
415 scp->addrrem = cb->src_port;
416 sk->sk_state = TCP_CLOSE;
417
418 switch(scp->state) {
419 case DN_CI:
420 case DN_CD:
421 scp->state = DN_RJ;
422 sk->sk_err = ECONNREFUSED;
423 break;
424 case DN_RUN:
425 sk->sk_shutdown |= SHUTDOWN_MASK;
426 scp->state = DN_DN;
427 break;
428 case DN_DI:
429 scp->state = DN_DIC;
430 break;
431 }
432
433 if (!sock_flag(sk, SOCK_DEAD)) {
434 if (sk->sk_socket->state != SS_UNCONNECTED)
435 sk->sk_socket->state = SS_DISCONNECTING;
436 sk->sk_state_change(sk);
437 }
438
439 /*
440 * It appears that its possible for remote machines to send disc
441 * init messages with no port identifier if we are in the CI and
442 * possibly also the CD state. Obviously we shouldn't reply with
443 * a message if we don't know what the end point is.
444 */
445 if (scp->addrrem) {
446 dn_nsp_send_disc(sk, NSP_DISCCONF, NSP_REASON_DC, GFP_ATOMIC);
447 }
448 scp->persist_fxn = dn_destroy_timer;
449 scp->persist = dn_nsp_persist(sk);
450
451out:
452 kfree_skb(skb);
453}
454
455/*
456 * disc_conf messages are also called no_resources or no_link
457 * messages depending upon the "reason" field.
458 */
459static void dn_nsp_disc_conf(struct sock *sk, struct sk_buff *skb)
460{
461 struct dn_scp *scp = DN_SK(sk);
462 unsigned short reason;
463
464 if (skb->len != 2)
465 goto out;
466
467 reason = dn_ntohs(*(__u16 *)skb->data);
468
469 sk->sk_state = TCP_CLOSE;
470
471 switch(scp->state) {
472 case DN_CI:
473 scp->state = DN_NR;
474 break;
475 case DN_DR:
476 if (reason == NSP_REASON_DC)
477 scp->state = DN_DRC;
478 if (reason == NSP_REASON_NL)
479 scp->state = DN_CN;
480 break;
481 case DN_DI:
482 scp->state = DN_DIC;
483 break;
484 case DN_RUN:
485 sk->sk_shutdown |= SHUTDOWN_MASK;
486 case DN_CC:
487 scp->state = DN_CN;
488 }
489
490 if (!sock_flag(sk, SOCK_DEAD)) {
491 if (sk->sk_socket->state != SS_UNCONNECTED)
492 sk->sk_socket->state = SS_DISCONNECTING;
493 sk->sk_state_change(sk);
494 }
495
496 scp->persist_fxn = dn_destroy_timer;
497 scp->persist = dn_nsp_persist(sk);
498
499out:
500 kfree_skb(skb);
501}
502
503static void dn_nsp_linkservice(struct sock *sk, struct sk_buff *skb)
504{
505 struct dn_scp *scp = DN_SK(sk);
506 unsigned short segnum;
507 unsigned char lsflags;
508 signed char fcval;
509 int wake_up = 0;
510 char *ptr = skb->data;
511 unsigned char fctype = scp->services_rem & NSP_FC_MASK;
512
513 if (skb->len != 4)
514 goto out;
515
516 segnum = dn_ntohs(*(__u16 *)ptr);
517 ptr += 2;
518 lsflags = *(unsigned char *)ptr++;
519 fcval = *ptr;
520
521 /*
522 * Here we ignore erronous packets which should really
523 * should cause a connection abort. It is not critical
524 * for now though.
525 */
526 if (lsflags & 0xf8)
527 goto out;
528
529 if (seq_next(scp->numoth_rcv, segnum)) {
530 seq_add(&scp->numoth_rcv, 1);
531 switch(lsflags & 0x04) { /* FCVAL INT */
532 case 0x00: /* Normal Request */
533 switch(lsflags & 0x03) { /* FCVAL MOD */
534 case 0x00: /* Request count */
535 if (fcval < 0) {
536 unsigned char p_fcval = -fcval;
537 if ((scp->flowrem_dat > p_fcval) &&
538 (fctype == NSP_FC_SCMC)) {
539 scp->flowrem_dat -= p_fcval;
540 }
541 } else if (fcval > 0) {
542 scp->flowrem_dat += fcval;
543 wake_up = 1;
544 }
545 break;
546 case 0x01: /* Stop outgoing data */
547 scp->flowrem_sw = DN_DONTSEND;
548 break;
549 case 0x02: /* Ok to start again */
550 scp->flowrem_sw = DN_SEND;
551 dn_nsp_output(sk);
552 wake_up = 1;
553 }
554 break;
555 case 0x04: /* Interrupt Request */
556 if (fcval > 0) {
557 scp->flowrem_oth += fcval;
558 wake_up = 1;
559 }
560 break;
561 }
562 if (wake_up && !sock_flag(sk, SOCK_DEAD))
563 sk->sk_state_change(sk);
564 }
565
566 dn_nsp_send_oth_ack(sk);
567
568out:
569 kfree_skb(skb);
570}
571
572/*
573 * Copy of sock_queue_rcv_skb (from sock.h) without
574 * bh_lock_sock() (its already held when this is called) which
575 * also allows data and other data to be queued to a socket.
576 */
577static __inline__ int dn_queue_skb(struct sock *sk, struct sk_buff *skb, int sig, struct sk_buff_head *queue)
578{
579 int err;
580
581 /* Cast skb->rcvbuf to unsigned... It's pointless, but reduces
582 number of warnings when compiling with -W --ANK
583 */
584 if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >=
585 (unsigned)sk->sk_rcvbuf) {
586 err = -ENOMEM;
587 goto out;
588 }
589
590 err = sk_filter(sk, skb, 0);
591 if (err)
592 goto out;
593
594 skb_set_owner_r(skb, sk);
595 skb_queue_tail(queue, skb);
596
597 /* This code only runs from BH or BH protected context.
598 * Therefore the plain read_lock is ok here. -DaveM
599 */
600 read_lock(&sk->sk_callback_lock);
601 if (!sock_flag(sk, SOCK_DEAD)) {
602 struct socket *sock = sk->sk_socket;
603 wake_up_interruptible(sk->sk_sleep);
604 if (sock && sock->fasync_list &&
605 !test_bit(SOCK_ASYNC_WAITDATA, &sock->flags))
606 __kill_fasync(sock->fasync_list, sig,
607 (sig == SIGURG) ? POLL_PRI : POLL_IN);
608 }
609 read_unlock(&sk->sk_callback_lock);
610out:
611 return err;
612}
613
614static void dn_nsp_otherdata(struct sock *sk, struct sk_buff *skb)
615{
616 struct dn_scp *scp = DN_SK(sk);
617 unsigned short segnum;
618 struct dn_skb_cb *cb = DN_SKB_CB(skb);
619 int queued = 0;
620
621 if (skb->len < 2)
622 goto out;
623
624 cb->segnum = segnum = dn_ntohs(*(__u16 *)skb->data);
625 skb_pull(skb, 2);
626
627 if (seq_next(scp->numoth_rcv, segnum)) {
628
629 if (dn_queue_skb(sk, skb, SIGURG, &scp->other_receive_queue) == 0) {
630 seq_add(&scp->numoth_rcv, 1);
631 scp->other_report = 0;
632 queued = 1;
633 }
634 }
635
636 dn_nsp_send_oth_ack(sk);
637out:
638 if (!queued)
639 kfree_skb(skb);
640}
641
642static void dn_nsp_data(struct sock *sk, struct sk_buff *skb)
643{
644 int queued = 0;
645 unsigned short segnum;
646 struct dn_skb_cb *cb = DN_SKB_CB(skb);
647 struct dn_scp *scp = DN_SK(sk);
648
649 if (skb->len < 2)
650 goto out;
651
652 cb->segnum = segnum = dn_ntohs(*(__u16 *)skb->data);
653 skb_pull(skb, 2);
654
655 if (seq_next(scp->numdat_rcv, segnum)) {
656 if (dn_queue_skb(sk, skb, SIGIO, &sk->sk_receive_queue) == 0) {
657 seq_add(&scp->numdat_rcv, 1);
658 queued = 1;
659 }
660
661 if ((scp->flowloc_sw == DN_SEND) && dn_congested(sk)) {
662 scp->flowloc_sw = DN_DONTSEND;
663 dn_nsp_send_link(sk, DN_DONTSEND, 0);
664 }
665 }
666
667 dn_nsp_send_data_ack(sk);
668out:
669 if (!queued)
670 kfree_skb(skb);
671}
672
673/*
674 * If one of our conninit messages is returned, this function
675 * deals with it. It puts the socket into the NO_COMMUNICATION
676 * state.
677 */
678static void dn_returned_conn_init(struct sock *sk, struct sk_buff *skb)
679{
680 struct dn_scp *scp = DN_SK(sk);
681
682 if (scp->state == DN_CI) {
683 scp->state = DN_NC;
684 sk->sk_state = TCP_CLOSE;
685 if (!sock_flag(sk, SOCK_DEAD))
686 sk->sk_state_change(sk);
687 }
688
689 kfree_skb(skb);
690}
691
692static int dn_nsp_no_socket(struct sk_buff *skb, unsigned short reason)
693{
694 struct dn_skb_cb *cb = DN_SKB_CB(skb);
695 int ret = NET_RX_DROP;
696
697 /* Must not reply to returned packets */
698 if (cb->rt_flags & DN_RT_F_RTS)
699 goto out;
700
701 if ((reason != NSP_REASON_OK) && ((cb->nsp_flags & 0x0c) == 0x08)) {
702 switch(cb->nsp_flags & 0x70) {
703 case 0x10:
704 case 0x60: /* (Retransmitted) Connect Init */
705 dn_nsp_return_disc(skb, NSP_DISCINIT, reason);
706 ret = NET_RX_SUCCESS;
707 break;
708 case 0x20: /* Connect Confirm */
709 dn_nsp_return_disc(skb, NSP_DISCCONF, reason);
710 ret = NET_RX_SUCCESS;
711 break;
712 }
713 }
714
715out:
716 kfree_skb(skb);
717 return ret;
718}
719
720static int dn_nsp_rx_packet(struct sk_buff *skb)
721{
722 struct dn_skb_cb *cb = DN_SKB_CB(skb);
723 struct sock *sk = NULL;
724 unsigned char *ptr = (unsigned char *)skb->data;
725 unsigned short reason = NSP_REASON_NL;
726
727 if (!pskb_may_pull(skb, 2))
728 goto free_out;
729
730 skb->h.raw = skb->data;
731 cb->nsp_flags = *ptr++;
732
733 if (decnet_debug_level & 2)
734 printk(KERN_DEBUG "dn_nsp_rx: Message type 0x%02x\n", (int)cb->nsp_flags);
735
736 if (cb->nsp_flags & 0x83)
737 goto free_out;
738
739 /*
740 * Filter out conninits and useless packet types
741 */
742 if ((cb->nsp_flags & 0x0c) == 0x08) {
743 switch(cb->nsp_flags & 0x70) {
744 case 0x00: /* NOP */
745 case 0x70: /* Reserved */
746 case 0x50: /* Reserved, Phase II node init */
747 goto free_out;
748 case 0x10:
749 case 0x60:
750 if (unlikely(cb->rt_flags & DN_RT_F_RTS))
751 goto free_out;
752 sk = dn_find_listener(skb, &reason);
753 goto got_it;
754 }
755 }
756
757 if (!pskb_may_pull(skb, 3))
758 goto free_out;
759
760 /*
761 * Grab the destination address.
762 */
763 cb->dst_port = *(unsigned short *)ptr;
764 cb->src_port = 0;
765 ptr += 2;
766
767 /*
768 * If not a connack, grab the source address too.
769 */
770 if (pskb_may_pull(skb, 5)) {
771 cb->src_port = *(unsigned short *)ptr;
772 ptr += 2;
773 skb_pull(skb, 5);
774 }
775
776 /*
777 * Returned packets...
778 * Swap src & dst and look up in the normal way.
779 */
780 if (unlikely(cb->rt_flags & DN_RT_F_RTS)) {
781 unsigned short tmp = cb->dst_port;
782 cb->dst_port = cb->src_port;
783 cb->src_port = tmp;
784 tmp = cb->dst;
785 cb->dst = cb->src;
786 cb->src = tmp;
787 }
788
789 /*
790 * Find the socket to which this skb is destined.
791 */
792 sk = dn_find_by_skb(skb);
793got_it:
794 if (sk != NULL) {
795 struct dn_scp *scp = DN_SK(sk);
796 int ret;
797
798 /* Reset backoff */
799 scp->nsp_rxtshift = 0;
800
801 /*
802 * We linearize everything except data segments here.
803 */
804 if (cb->nsp_flags & ~0x60) {
805 if (unlikely(skb_is_nonlinear(skb)) &&
806 skb_linearize(skb, GFP_ATOMIC) != 0)
807 goto free_out;
808 }
809
810 bh_lock_sock(sk);
811 ret = NET_RX_SUCCESS;
812 if (decnet_debug_level & 8)
813 printk(KERN_DEBUG "NSP: 0x%02x 0x%02x 0x%04x 0x%04x %d\n",
814 (int)cb->rt_flags, (int)cb->nsp_flags,
815 (int)cb->src_port, (int)cb->dst_port,
816 !!sock_owned_by_user(sk));
817 if (!sock_owned_by_user(sk))
818 ret = dn_nsp_backlog_rcv(sk, skb);
819 else
820 sk_add_backlog(sk, skb);
821 bh_unlock_sock(sk);
822 sock_put(sk);
823
824 return ret;
825 }
826
827 return dn_nsp_no_socket(skb, reason);
828
829free_out:
830 kfree_skb(skb);
831 return NET_RX_DROP;
832}
833
834int dn_nsp_rx(struct sk_buff *skb)
835{
836 return NF_HOOK(PF_DECnet, NF_DN_LOCAL_IN, skb, skb->dev, NULL, dn_nsp_rx_packet);
837}
838
839/*
840 * This is the main receive routine for sockets. It is called
841 * from the above when the socket is not busy, and also from
842 * sock_release() when there is a backlog queued up.
843 */
844int dn_nsp_backlog_rcv(struct sock *sk, struct sk_buff *skb)
845{
846 struct dn_scp *scp = DN_SK(sk);
847 struct dn_skb_cb *cb = DN_SKB_CB(skb);
848
849 if (cb->rt_flags & DN_RT_F_RTS) {
850 if (cb->nsp_flags == 0x18 || cb->nsp_flags == 0x68)
851 dn_returned_conn_init(sk, skb);
852 else
853 kfree_skb(skb);
854 return NET_RX_SUCCESS;
855 }
856
857 /*
858 * Control packet.
859 */
860 if ((cb->nsp_flags & 0x0c) == 0x08) {
861 switch(cb->nsp_flags & 0x70) {
862 case 0x10:
863 case 0x60:
864 dn_nsp_conn_init(sk, skb);
865 break;
866 case 0x20:
867 dn_nsp_conn_conf(sk, skb);
868 break;
869 case 0x30:
870 dn_nsp_disc_init(sk, skb);
871 break;
872 case 0x40:
873 dn_nsp_disc_conf(sk, skb);
874 break;
875 }
876
877 } else if (cb->nsp_flags == 0x24) {
878 /*
879 * Special for connacks, 'cos they don't have
880 * ack data or ack otherdata info.
881 */
882 dn_nsp_conn_ack(sk, skb);
883 } else {
884 int other = 1;
885
886 /* both data and ack frames can kick a CC socket into RUN */
887 if ((scp->state == DN_CC) && !sock_flag(sk, SOCK_DEAD)) {
888 scp->state = DN_RUN;
889 sk->sk_state = TCP_ESTABLISHED;
890 sk->sk_state_change(sk);
891 }
892
893 if ((cb->nsp_flags & 0x1c) == 0)
894 other = 0;
895 if (cb->nsp_flags == 0x04)
896 other = 0;
897
898 /*
899 * Read out ack data here, this applies equally
900 * to data, other data, link serivce and both
901 * ack data and ack otherdata.
902 */
903 dn_process_ack(sk, skb, other);
904
905 /*
906 * If we've some sort of data here then call a
907 * suitable routine for dealing with it, otherwise
908 * the packet is an ack and can be discarded.
909 */
910 if ((cb->nsp_flags & 0x0c) == 0) {
911
912 if (scp->state != DN_RUN)
913 goto free_out;
914
915 switch(cb->nsp_flags) {
916 case 0x10: /* LS */
917 dn_nsp_linkservice(sk, skb);
918 break;
919 case 0x30: /* OD */
920 dn_nsp_otherdata(sk, skb);
921 break;
922 default:
923 dn_nsp_data(sk, skb);
924 }
925
926 } else { /* Ack, chuck it out here */
927free_out:
928 kfree_skb(skb);
929 }
930 }
931
932 return NET_RX_SUCCESS;
933}
934