ClabureDB: Classified Bug-Reports Database

Project: Linux Kernel

Showing error 1454

User:	Jiri Slaby
Error type:	Leaving function in locked state
Error type description:	Some lock is not unlocked on all paths of a function, so it is leaked
File location:	net/appletalk/aarp.c
Line in file:	952
Project:	Linux Kernel
Project version:	2.6.28
Tools:	Stanse (1.2)
Entered:	2012-05-21 20:30:05 UTC
Source:

   1/*
   2 *        AARP:                An implementation of the AppleTalk AARP protocol for
   3 *                        Ethernet 'ELAP'.
   4 *
   5 *                Alan Cox  <Alan.Cox@linux.org>
   6 *
   7 *        This doesn't fit cleanly with the IP arp. Potentially we can use
   8 *        the generic neighbour discovery code to clean this up.
   9 *
  10 *        FIXME:
  11 *                We ought to handle the retransmits with a single list and a
  12 *        separate fast timer for when it is needed.
  13 *                Use neighbour discovery code.
  14 *                Token Ring Support.
  15 *
  16 *                This program is free software; you can redistribute it and/or
  17 *                modify it under the terms of the GNU General Public License
  18 *                as published by the Free Software Foundation; either version
  19 *                2 of the License, or (at your option) any later version.
  20 *
  21 *
  22 *        References:
  23 *                Inside AppleTalk (2nd Ed).
  24 *        Fixes:
  25 *                Jaume Grau        -        flush caches on AARP_PROBE
  26 *                Rob Newberry        -        Added proxy AARP and AARP proc fs,
  27 *                                        moved probing from DDP module.
  28 *                Arnaldo C. Melo -        don't mangle rx packets
  29 *
  30 */
  31
  32#include <linux/if_arp.h>
  33#include <net/sock.h>
  34#include <net/datalink.h>
  35#include <net/psnap.h>
  36#include <linux/atalk.h>
  37#include <linux/delay.h>
  38#include <linux/init.h>
  39#include <linux/proc_fs.h>
  40#include <linux/seq_file.h>
  41
  42int sysctl_aarp_expiry_time = AARP_EXPIRY_TIME;
  43int sysctl_aarp_tick_time = AARP_TICK_TIME;
  44int sysctl_aarp_retransmit_limit = AARP_RETRANSMIT_LIMIT;
  45int sysctl_aarp_resolve_time = AARP_RESOLVE_TIME;
  46
  47/* Lists of aarp entries */
  48/**
  49 *        struct aarp_entry - AARP entry
  50 *        @last_sent - Last time we xmitted the aarp request
  51 *        @packet_queue - Queue of frames wait for resolution
  52 *        @status - Used for proxy AARP
  53 *        expires_at - Entry expiry time
  54 *        target_addr - DDP Address
  55 *        dev - Device to use
  56 *        hwaddr - Physical i/f address of target/router
  57 *        xmit_count - When this hits 10 we give up
  58 *        next - Next entry in chain
  59 */
  60struct aarp_entry {
  61        /* These first two are only used for unresolved entries */
  62        unsigned long                last_sent;
  63        struct sk_buff_head        packet_queue;
  64        int                        status;
  65        unsigned long                expires_at;
  66        struct atalk_addr        target_addr;
  67        struct net_device        *dev;
  68        char                        hwaddr[6];
  69        unsigned short                xmit_count;
  70        struct aarp_entry        *next;
  71};
  72
  73/* Hashed list of resolved, unresolved and proxy entries */
  74static struct aarp_entry *resolved[AARP_HASH_SIZE];
  75static struct aarp_entry *unresolved[AARP_HASH_SIZE];
  76static struct aarp_entry *proxies[AARP_HASH_SIZE];
  77static int unresolved_count;
  78
  79/* One lock protects it all. */
  80static DEFINE_RWLOCK(aarp_lock);
  81
  82/* Used to walk the list and purge/kick entries.  */
  83static struct timer_list aarp_timer;
  84
  85/*
  86 *        Delete an aarp queue
  87 *
  88 *        Must run under aarp_lock.
  89 */
  90static void __aarp_expire(struct aarp_entry *a)
  91{
  92        skb_queue_purge(&a->packet_queue);
  93        kfree(a);
  94}
  95
  96/*
  97 *        Send an aarp queue entry request
  98 *
  99 *        Must run under aarp_lock.
 100 */
 101static void __aarp_send_query(struct aarp_entry *a)
 102{
 103        static unsigned char aarp_eth_multicast[ETH_ALEN] =
 104                                        { 0x09, 0x00, 0x07, 0xFF, 0xFF, 0xFF };
 105        struct net_device *dev = a->dev;
 106        struct elapaarp *eah;
 107        int len = dev->hard_header_len + sizeof(*eah) + aarp_dl->header_length;
 108        struct sk_buff *skb = alloc_skb(len, GFP_ATOMIC);
 109        struct atalk_addr *sat = atalk_find_dev_addr(dev);
 110
 111        if (!skb)
 112                return;
 113
 114        if (!sat) {
 115                kfree_skb(skb);
 116                return;
 117        }
 118
 119        /* Set up the buffer */
 120        skb_reserve(skb, dev->hard_header_len + aarp_dl->header_length);
 121        skb_reset_network_header(skb);
 122        skb_reset_transport_header(skb);
 123        skb_put(skb, sizeof(*eah));
 124        skb->protocol    = htons(ETH_P_ATALK);
 125        skb->dev         = dev;
 126        eah                 = aarp_hdr(skb);
 127
 128        /* Set up the ARP */
 129        eah->hw_type         = htons(AARP_HW_TYPE_ETHERNET);
 130        eah->pa_type         = htons(ETH_P_ATALK);
 131        eah->hw_len         = ETH_ALEN;
 132        eah->pa_len         = AARP_PA_ALEN;
 133        eah->function         = htons(AARP_REQUEST);
 134
 135        memcpy(eah->hw_src, dev->dev_addr, ETH_ALEN);
 136
 137        eah->pa_src_zero = 0;
 138        eah->pa_src_net         = sat->s_net;
 139        eah->pa_src_node = sat->s_node;
 140
 141        memset(eah->hw_dst, '\0', ETH_ALEN);
 142
 143        eah->pa_dst_zero = 0;
 144        eah->pa_dst_net         = a->target_addr.s_net;
 145        eah->pa_dst_node = a->target_addr.s_node;
 146
 147        /* Send it */
 148        aarp_dl->request(aarp_dl, skb, aarp_eth_multicast);
 149        /* Update the sending count */
 150        a->xmit_count++;
 151        a->last_sent = jiffies;
 152}
 153
 154/* This runs under aarp_lock and in softint context, so only atomic memory
 155 * allocations can be used. */
 156static void aarp_send_reply(struct net_device *dev, struct atalk_addr *us,
 157                            struct atalk_addr *them, unsigned char *sha)
 158{
 159        struct elapaarp *eah;
 160        int len = dev->hard_header_len + sizeof(*eah) + aarp_dl->header_length;
 161        struct sk_buff *skb = alloc_skb(len, GFP_ATOMIC);
 162
 163        if (!skb)
 164                return;
 165
 166        /* Set up the buffer */
 167        skb_reserve(skb, dev->hard_header_len + aarp_dl->header_length);
 168        skb_reset_network_header(skb);
 169        skb_reset_transport_header(skb);
 170        skb_put(skb, sizeof(*eah));
 171        skb->protocol    = htons(ETH_P_ATALK);
 172        skb->dev         = dev;
 173        eah                 = aarp_hdr(skb);
 174
 175        /* Set up the ARP */
 176        eah->hw_type         = htons(AARP_HW_TYPE_ETHERNET);
 177        eah->pa_type         = htons(ETH_P_ATALK);
 178        eah->hw_len         = ETH_ALEN;
 179        eah->pa_len         = AARP_PA_ALEN;
 180        eah->function         = htons(AARP_REPLY);
 181
 182        memcpy(eah->hw_src, dev->dev_addr, ETH_ALEN);
 183
 184        eah->pa_src_zero = 0;
 185        eah->pa_src_net         = us->s_net;
 186        eah->pa_src_node = us->s_node;
 187
 188        if (!sha)
 189                memset(eah->hw_dst, '\0', ETH_ALEN);
 190        else
 191                memcpy(eah->hw_dst, sha, ETH_ALEN);
 192
 193        eah->pa_dst_zero = 0;
 194        eah->pa_dst_net         = them->s_net;
 195        eah->pa_dst_node = them->s_node;
 196
 197        /* Send it */
 198        aarp_dl->request(aarp_dl, skb, sha);
 199}
 200
 201/*
 202 *        Send probe frames. Called from aarp_probe_network and
 203 *        aarp_proxy_probe_network.
 204 */
 205
 206static void aarp_send_probe(struct net_device *dev, struct atalk_addr *us)
 207{
 208        struct elapaarp *eah;
 209        int len = dev->hard_header_len + sizeof(*eah) + aarp_dl->header_length;
 210        struct sk_buff *skb = alloc_skb(len, GFP_ATOMIC);
 211        static unsigned char aarp_eth_multicast[ETH_ALEN] =
 212                                        { 0x09, 0x00, 0x07, 0xFF, 0xFF, 0xFF };
 213
 214        if (!skb)
 215                return;
 216
 217        /* Set up the buffer */
 218        skb_reserve(skb, dev->hard_header_len + aarp_dl->header_length);
 219        skb_reset_network_header(skb);
 220        skb_reset_transport_header(skb);
 221        skb_put(skb, sizeof(*eah));
 222        skb->protocol    = htons(ETH_P_ATALK);
 223        skb->dev         = dev;
 224        eah                 = aarp_hdr(skb);
 225
 226        /* Set up the ARP */
 227        eah->hw_type         = htons(AARP_HW_TYPE_ETHERNET);
 228        eah->pa_type         = htons(ETH_P_ATALK);
 229        eah->hw_len         = ETH_ALEN;
 230        eah->pa_len         = AARP_PA_ALEN;
 231        eah->function         = htons(AARP_PROBE);
 232
 233        memcpy(eah->hw_src, dev->dev_addr, ETH_ALEN);
 234
 235        eah->pa_src_zero = 0;
 236        eah->pa_src_net         = us->s_net;
 237        eah->pa_src_node = us->s_node;
 238
 239        memset(eah->hw_dst, '\0', ETH_ALEN);
 240
 241        eah->pa_dst_zero = 0;
 242        eah->pa_dst_net         = us->s_net;
 243        eah->pa_dst_node = us->s_node;
 244
 245        /* Send it */
 246        aarp_dl->request(aarp_dl, skb, aarp_eth_multicast);
 247}
 248
 249/*
 250 *        Handle an aarp timer expire
 251 *
 252 *        Must run under the aarp_lock.
 253 */
 254
 255static void __aarp_expire_timer(struct aarp_entry **n)
 256{
 257        struct aarp_entry *t;
 258
 259        while (*n)
 260                /* Expired ? */
 261                if (time_after(jiffies, (*n)->expires_at)) {
 262                        t = *n;
 263                        *n = (*n)->next;
 264                        __aarp_expire(t);
 265                } else
 266                        n = &((*n)->next);
 267}
 268
 269/*
 270 *        Kick all pending requests 5 times a second.
 271 *
 272 *        Must run under the aarp_lock.
 273 */
 274static void __aarp_kick(struct aarp_entry **n)
 275{
 276        struct aarp_entry *t;
 277
 278        while (*n)
 279                /* Expired: if this will be the 11th tx, we delete instead. */
 280                if ((*n)->xmit_count >= sysctl_aarp_retransmit_limit) {
 281                        t = *n;
 282                        *n = (*n)->next;
 283                        __aarp_expire(t);
 284                } else {
 285                        __aarp_send_query(*n);
 286                        n = &((*n)->next);
 287                }
 288}
 289
 290/*
 291 *        A device has gone down. Take all entries referring to the device
 292 *        and remove them.
 293 *
 294 *        Must run under the aarp_lock.
 295 */
 296static void __aarp_expire_device(struct aarp_entry **n, struct net_device *dev)
 297{
 298        struct aarp_entry *t;
 299
 300        while (*n)
 301                if ((*n)->dev == dev) {
 302                        t = *n;
 303                        *n = (*n)->next;
 304                        __aarp_expire(t);
 305                } else
 306                        n = &((*n)->next);
 307}
 308
 309/* Handle the timer event */
 310static void aarp_expire_timeout(unsigned long unused)
 311{
 312        int ct;
 313
 314        write_lock_bh(&aarp_lock);
 315
 316        for (ct = 0; ct < AARP_HASH_SIZE; ct++) {
 317                __aarp_expire_timer(&resolved[ct]);
 318                __aarp_kick(&unresolved[ct]);
 319                __aarp_expire_timer(&unresolved[ct]);
 320                __aarp_expire_timer(&proxies[ct]);
 321        }
 322
 323        write_unlock_bh(&aarp_lock);
 324        mod_timer(&aarp_timer, jiffies +
 325                               (unresolved_count ? sysctl_aarp_tick_time :
 326                                sysctl_aarp_expiry_time));
 327}
 328
 329/* Network device notifier chain handler. */
 330static int aarp_device_event(struct notifier_block *this, unsigned long event,
 331                             void *ptr)
 332{
 333        struct net_device *dev = ptr;
 334        int ct;
 335
 336        if (!net_eq(dev_net(dev), &init_net))
 337                return NOTIFY_DONE;
 338
 339        if (event == NETDEV_DOWN) {
 340                write_lock_bh(&aarp_lock);
 341
 342                for (ct = 0; ct < AARP_HASH_SIZE; ct++) {
 343                        __aarp_expire_device(&resolved[ct], dev);
 344                        __aarp_expire_device(&unresolved[ct], dev);
 345                        __aarp_expire_device(&proxies[ct], dev);
 346                }
 347
 348                write_unlock_bh(&aarp_lock);
 349        }
 350        return NOTIFY_DONE;
 351}
 352
 353/* Expire all entries in a hash chain */
 354static void __aarp_expire_all(struct aarp_entry **n)
 355{
 356        struct aarp_entry *t;
 357
 358        while (*n) {
 359                t = *n;
 360                *n = (*n)->next;
 361                __aarp_expire(t);
 362        }
 363}
 364
 365/* Cleanup all hash chains -- module unloading */
 366static void aarp_purge(void)
 367{
 368        int ct;
 369
 370        write_lock_bh(&aarp_lock);
 371        for (ct = 0; ct < AARP_HASH_SIZE; ct++) {
 372                __aarp_expire_all(&resolved[ct]);
 373                __aarp_expire_all(&unresolved[ct]);
 374                __aarp_expire_all(&proxies[ct]);
 375        }
 376        write_unlock_bh(&aarp_lock);
 377}
 378
 379/*
 380 *        Create a new aarp entry.  This must use GFP_ATOMIC because it
 381 *        runs while holding spinlocks.
 382 */
 383static struct aarp_entry *aarp_alloc(void)
 384{
 385        struct aarp_entry *a = kmalloc(sizeof(*a), GFP_ATOMIC);
 386
 387        if (a)
 388                skb_queue_head_init(&a->packet_queue);
 389        return a;
 390}
 391
 392/*
 393 * Find an entry. We might return an expired but not yet purged entry. We
 394 * don't care as it will do no harm.
 395 *
 396 * This must run under the aarp_lock.
 397 */
 398static struct aarp_entry *__aarp_find_entry(struct aarp_entry *list,
 399                                            struct net_device *dev,
 400                                            struct atalk_addr *sat)
 401{
 402        while (list) {
 403                if (list->target_addr.s_net == sat->s_net &&
 404                    list->target_addr.s_node == sat->s_node &&
 405                    list->dev == dev)
 406                        break;
 407                list = list->next;
 408        }
 409
 410        return list;
 411}
 412
 413/* Called from the DDP code, and thus must be exported. */
 414void aarp_proxy_remove(struct net_device *dev, struct atalk_addr *sa)
 415{
 416        int hash = sa->s_node % (AARP_HASH_SIZE - 1);
 417        struct aarp_entry *a;
 418
 419        write_lock_bh(&aarp_lock);
 420
 421        a = __aarp_find_entry(proxies[hash], dev, sa);
 422        if (a)
 423                a->expires_at = jiffies - 1;
 424
 425        write_unlock_bh(&aarp_lock);
 426}
 427
 428/* This must run under aarp_lock. */
 429static struct atalk_addr *__aarp_proxy_find(struct net_device *dev,
 430                                            struct atalk_addr *sa)
 431{
 432        int hash = sa->s_node % (AARP_HASH_SIZE - 1);
 433        struct aarp_entry *a = __aarp_find_entry(proxies[hash], dev, sa);
 434
 435        return a ? sa : NULL;
 436}
 437
 438/*
 439 * Probe a Phase 1 device or a device that requires its Net:Node to
 440 * be set via an ioctl.
 441 */
 442static void aarp_send_probe_phase1(struct atalk_iface *iface)
 443{
 444        struct ifreq atreq;
 445        struct sockaddr_at *sa = (struct sockaddr_at *)&atreq.ifr_addr;
 446
 447        sa->sat_addr.s_node = iface->address.s_node;
 448        sa->sat_addr.s_net = ntohs(iface->address.s_net);
 449
 450        /* We pass the Net:Node to the drivers/cards by a Device ioctl. */
 451        if (!(iface->dev->do_ioctl(iface->dev, &atreq, SIOCSIFADDR))) {
 452                (void)iface->dev->do_ioctl(iface->dev, &atreq, SIOCGIFADDR);
 453                if (iface->address.s_net != htons(sa->sat_addr.s_net) ||
 454                    iface->address.s_node != sa->sat_addr.s_node)
 455                        iface->status |= ATIF_PROBE_FAIL;
 456
 457                iface->address.s_net  = htons(sa->sat_addr.s_net);
 458                iface->address.s_node = sa->sat_addr.s_node;
 459        }
 460}
 461
 462
 463void aarp_probe_network(struct atalk_iface *atif)
 464{
 465        if (atif->dev->type == ARPHRD_LOCALTLK ||
 466            atif->dev->type == ARPHRD_PPP)
 467                aarp_send_probe_phase1(atif);
 468        else {
 469                unsigned int count;
 470
 471                for (count = 0; count < AARP_RETRANSMIT_LIMIT; count++) {
 472                        aarp_send_probe(atif->dev, &atif->address);
 473
 474                        /* Defer 1/10th */
 475                        msleep(100);
 476
 477                        if (atif->status & ATIF_PROBE_FAIL)
 478                                break;
 479                }
 480        }
 481}
 482
 483int aarp_proxy_probe_network(struct atalk_iface *atif, struct atalk_addr *sa)
 484{
 485        int hash, retval = -EPROTONOSUPPORT;
 486        struct aarp_entry *entry;
 487        unsigned int count;
 488
 489        /*
 490         * we don't currently support LocalTalk or PPP for proxy AARP;
 491         * if someone wants to try and add it, have fun
 492         */
 493        if (atif->dev->type == ARPHRD_LOCALTLK ||
 494            atif->dev->type == ARPHRD_PPP)
 495                goto out;
 496
 497        /*
 498         * create a new AARP entry with the flags set to be published --
 499         * we need this one to hang around even if it's in use
 500         */
 501        entry = aarp_alloc();
 502        retval = -ENOMEM;
 503        if (!entry)
 504                goto out;
 505
 506        entry->expires_at = -1;
 507        entry->status = ATIF_PROBE;
 508        entry->target_addr.s_node = sa->s_node;
 509        entry->target_addr.s_net = sa->s_net;
 510        entry->dev = atif->dev;
 511
 512        write_lock_bh(&aarp_lock);
 513
 514        hash = sa->s_node % (AARP_HASH_SIZE - 1);
 515        entry->next = proxies[hash];
 516        proxies[hash] = entry;
 517
 518        for (count = 0; count < AARP_RETRANSMIT_LIMIT; count++) {
 519                aarp_send_probe(atif->dev, sa);
 520
 521                /* Defer 1/10th */
 522                write_unlock_bh(&aarp_lock);
 523                msleep(100);
 524                write_lock_bh(&aarp_lock);
 525
 526                if (entry->status & ATIF_PROBE_FAIL)
 527                        break;
 528        }
 529
 530        if (entry->status & ATIF_PROBE_FAIL) {
 531                entry->expires_at = jiffies - 1; /* free the entry */
 532                retval = -EADDRINUSE; /* return network full */
 533        } else { /* clear the probing flag */
 534                entry->status &= ~ATIF_PROBE;
 535                retval = 1;
 536        }
 537
 538        write_unlock_bh(&aarp_lock);
 539out:
 540        return retval;
 541}
 542
 543/* Send a DDP frame */
 544int aarp_send_ddp(struct net_device *dev, struct sk_buff *skb,
 545                  struct atalk_addr *sa, void *hwaddr)
 546{
 547        static char ddp_eth_multicast[ETH_ALEN] =
 548                { 0x09, 0x00, 0x07, 0xFF, 0xFF, 0xFF };
 549        int hash;
 550        struct aarp_entry *a;
 551
 552        skb_reset_network_header(skb);
 553
 554        /* Check for LocalTalk first */
 555        if (dev->type == ARPHRD_LOCALTLK) {
 556                struct atalk_addr *at = atalk_find_dev_addr(dev);
 557                struct ddpehdr *ddp = (struct ddpehdr *)skb->data;
 558                int ft = 2;
 559
 560                /*
 561                 * Compressible ?
 562                 *
 563                 * IFF: src_net == dest_net == device_net
 564                 * (zero matches anything)
 565                 */
 566
 567                if ((!ddp->deh_snet || at->s_net == ddp->deh_snet) &&
 568                    (!ddp->deh_dnet || at->s_net == ddp->deh_dnet)) {
 569                        skb_pull(skb, sizeof(*ddp) - 4);
 570
 571                        /*
 572                         *        The upper two remaining bytes are the port
 573                         *        numbers        we just happen to need. Now put the
 574                         *        length in the lower two.
 575                         */
 576                        *((__be16 *)skb->data) = htons(skb->len);
 577                        ft = 1;
 578                }
 579                /*
 580                 * Nice and easy. No AARP type protocols occur here so we can
 581                 * just shovel it out with a 3 byte LLAP header
 582                 */
 583
 584                skb_push(skb, 3);
 585                skb->data[0] = sa->s_node;
 586                skb->data[1] = at->s_node;
 587                skb->data[2] = ft;
 588                skb->dev     = dev;
 589                goto sendit;
 590        }
 591
 592        /* On a PPP link we neither compress nor aarp.  */
 593        if (dev->type == ARPHRD_PPP) {
 594                skb->protocol = htons(ETH_P_PPPTALK);
 595                skb->dev = dev;
 596                goto sendit;
 597        }
 598
 599        /* Non ELAP we cannot do. */
 600        if (dev->type != ARPHRD_ETHER)
 601                return -1;
 602
 603        skb->dev = dev;
 604        skb->protocol = htons(ETH_P_ATALK);
 605        hash = sa->s_node % (AARP_HASH_SIZE - 1);
 606
 607        /* Do we have a resolved entry? */
 608        if (sa->s_node == ATADDR_BCAST) {
 609                /* Send it */
 610                ddp_dl->request(ddp_dl, skb, ddp_eth_multicast);
 611                goto sent;
 612        }
 613
 614        write_lock_bh(&aarp_lock);
 615        a = __aarp_find_entry(resolved[hash], dev, sa);
 616
 617        if (a) { /* Return 1 and fill in the address */
 618                a->expires_at = jiffies + (sysctl_aarp_expiry_time * 10);
 619                ddp_dl->request(ddp_dl, skb, a->hwaddr);
 620                write_unlock_bh(&aarp_lock);
 621                goto sent;
 622        }
 623
 624        /* Do we have an unresolved entry: This is the less common path */
 625        a = __aarp_find_entry(unresolved[hash], dev, sa);
 626        if (a) { /* Queue onto the unresolved queue */
 627                skb_queue_tail(&a->packet_queue, skb);
 628                goto out_unlock;
 629        }
 630
 631        /* Allocate a new entry */
 632        a = aarp_alloc();
 633        if (!a) {
 634                /* Whoops slipped... good job it's an unreliable protocol 8) */
 635                write_unlock_bh(&aarp_lock);
 636                return -1;
 637        }
 638
 639        /* Set up the queue */
 640        skb_queue_tail(&a->packet_queue, skb);
 641        a->expires_at         = jiffies + sysctl_aarp_resolve_time;
 642        a->dev                 = dev;
 643        a->next                 = unresolved[hash];
 644        a->target_addr         = *sa;
 645        a->xmit_count         = 0;
 646        unresolved[hash] = a;
 647        unresolved_count++;
 648
 649        /* Send an initial request for the address */
 650        __aarp_send_query(a);
 651
 652        /*
 653         * Switch to fast timer if needed (That is if this is the first
 654         * unresolved entry to get added)
 655         */
 656
 657        if (unresolved_count == 1)
 658                mod_timer(&aarp_timer, jiffies + sysctl_aarp_tick_time);
 659
 660        /* Now finally, it is safe to drop the lock. */
 661out_unlock:
 662        write_unlock_bh(&aarp_lock);
 663
 664        /* Tell the ddp layer we have taken over for this frame. */
 665        return 0;
 666
 667sendit:
 668        if (skb->sk)
 669                skb->priority = skb->sk->sk_priority;
 670        dev_queue_xmit(skb);
 671sent:
 672        return 1;
 673}
 674
 675/*
 676 *        An entry in the aarp unresolved queue has become resolved. Send
 677 *        all the frames queued under it.
 678 *
 679 *        Must run under aarp_lock.
 680 */
 681static void __aarp_resolved(struct aarp_entry **list, struct aarp_entry *a,
 682                            int hash)
 683{
 684        struct sk_buff *skb;
 685
 686        while (*list)
 687                if (*list == a) {
 688                        unresolved_count--;
 689                        *list = a->next;
 690
 691                        /* Move into the resolved list */
 692                        a->next = resolved[hash];
 693                        resolved[hash] = a;
 694
 695                        /* Kick frames off */
 696                        while ((skb = skb_dequeue(&a->packet_queue)) != NULL) {
 697                                a->expires_at = jiffies +
 698                                                sysctl_aarp_expiry_time * 10;
 699                                ddp_dl->request(ddp_dl, skb, a->hwaddr);
 700                        }
 701                } else
 702                        list = &((*list)->next);
 703}
 704
 705/*
 706 *        This is called by the SNAP driver whenever we see an AARP SNAP
 707 *        frame. We currently only support Ethernet.
 708 */
 709static int aarp_rcv(struct sk_buff *skb, struct net_device *dev,
 710                    struct packet_type *pt, struct net_device *orig_dev)
 711{
 712        struct elapaarp *ea = aarp_hdr(skb);
 713        int hash, ret = 0;
 714        __u16 function;
 715        struct aarp_entry *a;
 716        struct atalk_addr sa, *ma, da;
 717        struct atalk_iface *ifa;
 718
 719        if (!net_eq(dev_net(dev), &init_net))
 720                goto out0;
 721
 722        /* We only do Ethernet SNAP AARP. */
 723        if (dev->type != ARPHRD_ETHER)
 724                goto out0;
 725
 726        /* Frame size ok? */
 727        if (!skb_pull(skb, sizeof(*ea)))
 728                goto out0;
 729
 730        function = ntohs(ea->function);
 731
 732        /* Sanity check fields. */
 733        if (function < AARP_REQUEST || function > AARP_PROBE ||
 734            ea->hw_len != ETH_ALEN || ea->pa_len != AARP_PA_ALEN ||
 735            ea->pa_src_zero || ea->pa_dst_zero)
 736                goto out0;
 737
 738        /* Looks good. */
 739        hash = ea->pa_src_node % (AARP_HASH_SIZE - 1);
 740
 741        /* Build an address. */
 742        sa.s_node = ea->pa_src_node;
 743        sa.s_net = ea->pa_src_net;
 744
 745        /* Process the packet. Check for replies of me. */
 746        ifa = atalk_find_dev(dev);
 747        if (!ifa)
 748                goto out1;
 749
 750        if (ifa->status & ATIF_PROBE &&
 751            ifa->address.s_node == ea->pa_dst_node &&
 752            ifa->address.s_net == ea->pa_dst_net) {
 753                ifa->status |= ATIF_PROBE_FAIL; /* Fail the probe (in use) */
 754                goto out1;
 755        }
 756
 757        /* Check for replies of proxy AARP entries */
 758        da.s_node = ea->pa_dst_node;
 759        da.s_net  = ea->pa_dst_net;
 760
 761        write_lock_bh(&aarp_lock);
 762        a = __aarp_find_entry(proxies[hash], dev, &da);
 763
 764        if (a && a->status & ATIF_PROBE) {
 765                a->status |= ATIF_PROBE_FAIL;
 766                /*
 767                 * we do not respond to probe or request packets for
 768                 * this address while we are probing this address
 769                 */
 770                goto unlock;
 771        }
 772
 773        switch (function) {
 774                case AARP_REPLY:
 775                        if (!unresolved_count)        /* Speed up */
 776                                break;
 777
 778                        /* Find the entry.  */
 779                        a = __aarp_find_entry(unresolved[hash], dev, &sa);
 780                        if (!a || dev != a->dev)
 781                                break;
 782
 783                        /* We can fill one in - this is good. */
 784                        memcpy(a->hwaddr, ea->hw_src, ETH_ALEN);
 785                        __aarp_resolved(&unresolved[hash], a, hash);
 786                        if (!unresolved_count)
 787                                mod_timer(&aarp_timer,
 788                                          jiffies + sysctl_aarp_expiry_time);
 789                        break;
 790
 791                case AARP_REQUEST:
 792                case AARP_PROBE:
 793
 794                        /*
 795                         * If it is my address set ma to my address and reply.
 796                         * We can treat probe and request the same.  Probe
 797                         * simply means we shouldn't cache the querying host,
 798                         * as in a probe they are proposing an address not
 799                         * using one.
 800                         *
 801                         * Support for proxy-AARP added. We check if the
 802                         * address is one of our proxies before we toss the
 803                         * packet out.
 804                         */
 805
 806                        sa.s_node = ea->pa_dst_node;
 807                        sa.s_net  = ea->pa_dst_net;
 808
 809                        /* See if we have a matching proxy. */
 810                        ma = __aarp_proxy_find(dev, &sa);
 811                        if (!ma)
 812                                ma = &ifa->address;
 813                        else { /* We need to make a copy of the entry. */
 814                                da.s_node = sa.s_node;
 815                                da.s_net = da.s_net;
 816                                ma = &da;
 817                        }
 818
 819                        if (function == AARP_PROBE) {
 820                                /*
 821                                 * A probe implies someone trying to get an
 822                                 * address. So as a precaution flush any
 823                                 * entries we have for this address.
 824                                 */
 825                                a = __aarp_find_entry(resolved[sa.s_node %
 826                                                          (AARP_HASH_SIZE - 1)],
 827                                                      skb->dev, &sa);
 828
 829                                /*
 830                                 * Make it expire next tick - that avoids us
 831                                 * getting into a probe/flush/learn/probe/
 832                                 * flush/learn cycle during probing of a slow
 833                                 * to respond host addr.
 834                                 */
 835                                if (a) {
 836                                        a->expires_at = jiffies - 1;
 837                                        mod_timer(&aarp_timer, jiffies +
 838                                                        sysctl_aarp_tick_time);
 839                                }
 840                        }
 841
 842                        if (sa.s_node != ma->s_node)
 843                                break;
 844
 845                        if (sa.s_net && ma->s_net && sa.s_net != ma->s_net)
 846                                break;
 847
 848                        sa.s_node = ea->pa_src_node;
 849                        sa.s_net = ea->pa_src_net;
 850
 851                        /* aarp_my_address has found the address to use for us.
 852                        */
 853                        aarp_send_reply(dev, ma, &sa, ea->hw_src);
 854                        break;
 855        }
 856
 857unlock:
 858        write_unlock_bh(&aarp_lock);
 859out1:
 860        ret = 1;
 861out0:
 862        kfree_skb(skb);
 863        return ret;
 864}
 865
 866static struct notifier_block aarp_notifier = {
 867        .notifier_call = aarp_device_event,
 868};
 869
 870static unsigned char aarp_snap_id[] = { 0x00, 0x00, 0x00, 0x80, 0xF3 };
 871
 872void __init aarp_proto_init(void)
 873{
 874        aarp_dl = register_snap_client(aarp_snap_id, aarp_rcv);
 875        if (!aarp_dl)
 876                printk(KERN_CRIT "Unable to register AARP with SNAP.\n");
 877        setup_timer(&aarp_timer, aarp_expire_timeout, 0);
 878        aarp_timer.expires  = jiffies + sysctl_aarp_expiry_time;
 879        add_timer(&aarp_timer);
 880        register_netdevice_notifier(&aarp_notifier);
 881}
 882
 883/* Remove the AARP entries associated with a device. */
 884void aarp_device_down(struct net_device *dev)
 885{
 886        int ct;
 887
 888        write_lock_bh(&aarp_lock);
 889
 890        for (ct = 0; ct < AARP_HASH_SIZE; ct++) {
 891                __aarp_expire_device(&resolved[ct], dev);
 892                __aarp_expire_device(&unresolved[ct], dev);
 893                __aarp_expire_device(&proxies[ct], dev);
 894        }
 895
 896        write_unlock_bh(&aarp_lock);
 897}
 898
 899#ifdef CONFIG_PROC_FS
 900struct aarp_iter_state {
 901        int bucket;
 902        struct aarp_entry **table;
 903};
 904
 905/*
 906 * Get the aarp entry that is in the chain described
 907 * by the iterator.
 908 * If pos is set then skip till that index.
 909 * pos = 1 is the first entry
 910 */
 911static struct aarp_entry *iter_next(struct aarp_iter_state *iter, loff_t *pos)
 912{
 913        int ct = iter->bucket;
 914        struct aarp_entry **table = iter->table;
 915        loff_t off = 0;
 916        struct aarp_entry *entry;
 917
 918 rescan:
 919        while(ct < AARP_HASH_SIZE) {
 920                for (entry = table[ct]; entry; entry = entry->next) {
 921                        if (!pos || ++off == *pos) {
 922                                iter->table = table;
 923                                iter->bucket = ct;
 924                                return entry;
 925                        }
 926                }
 927                ++ct;
 928        }
 929
 930        if (table == resolved) {
 931                ct = 0;
 932                table = unresolved;
 933                goto rescan;
 934        }
 935        if (table == unresolved) {
 936                ct = 0;
 937                table = proxies;
 938                goto rescan;
 939        }
 940        return NULL;
 941}
 942
 943static void *aarp_seq_start(struct seq_file *seq, loff_t *pos)
 944        __acquires(aarp_lock)
 945{
 946        struct aarp_iter_state *iter = seq->private;
 947
 948        read_lock_bh(&aarp_lock);
 949        iter->table     = resolved;
 950        iter->bucket    = 0;
 951
 952        return *pos ? iter_next(iter, pos) : SEQ_START_TOKEN;
 953}
 954
 955static void *aarp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
 956{
 957        struct aarp_entry *entry = v;
 958        struct aarp_iter_state *iter = seq->private;
 959
 960        ++*pos;
 961
 962        /* first line after header */
 963        if (v == SEQ_START_TOKEN)
 964                entry = iter_next(iter, NULL);
 965
 966        /* next entry in current bucket */
 967        else if (entry->next)
 968                entry = entry->next;
 969
 970        /* next bucket or table */
 971        else {
 972                ++iter->bucket;
 973                entry = iter_next(iter, NULL);
 974        }
 975        return entry;
 976}
 977
 978static void aarp_seq_stop(struct seq_file *seq, void *v)
 979        __releases(aarp_lock)
 980{
 981        read_unlock_bh(&aarp_lock);
 982}
 983
 984static const char *dt2str(unsigned long ticks)
 985{
 986        static char buf[32];
 987
 988        sprintf(buf, "%ld.%02ld", ticks / HZ, ((ticks % HZ) * 100 ) / HZ);
 989
 990        return buf;
 991}
 992
 993static int aarp_seq_show(struct seq_file *seq, void *v)
 994{
 995        struct aarp_iter_state *iter = seq->private;
 996        struct aarp_entry *entry = v;
 997        unsigned long now = jiffies;
 998        DECLARE_MAC_BUF(mac);
 999
1000        if (v == SEQ_START_TOKEN)
1001                seq_puts(seq,
1002                         "Address  Interface   Hardware Address"
1003                         "   Expires LastSend  Retry Status\n");
1004        else {
1005                seq_printf(seq, "%04X:%02X  %-12s",
1006                           ntohs(entry->target_addr.s_net),
1007                           (unsigned int) entry->target_addr.s_node,
1008                           entry->dev ? entry->dev->name : "????");
1009                seq_printf(seq, "%s", print_mac(mac, entry->hwaddr));
1010                seq_printf(seq, " %8s",
1011                           dt2str((long)entry->expires_at - (long)now));
1012                if (iter->table == unresolved)
1013                        seq_printf(seq, " %8s %6hu",
1014                                   dt2str(now - entry->last_sent),
1015                                   entry->xmit_count);
1016                else
1017                        seq_puts(seq, "                ");
1018                seq_printf(seq, " %s\n",
1019                           (iter->table == resolved) ? "resolved"
1020                           : (iter->table == unresolved) ? "unresolved"
1021                           : (iter->table == proxies) ? "proxies"
1022                           : "unknown");
1023        }
1024        return 0;
1025}
1026
1027static const struct seq_operations aarp_seq_ops = {
1028        .start  = aarp_seq_start,
1029        .next   = aarp_seq_next,
1030        .stop   = aarp_seq_stop,
1031        .show   = aarp_seq_show,
1032};
1033
1034static int aarp_seq_open(struct inode *inode, struct file *file)
1035{
1036        return seq_open_private(file, &aarp_seq_ops,
1037                        sizeof(struct aarp_iter_state));
1038}
1039
1040const struct file_operations atalk_seq_arp_fops = {
1041        .owner                = THIS_MODULE,
1042        .open           = aarp_seq_open,
1043        .read           = seq_read,
1044        .llseek         = seq_lseek,
1045        .release        = seq_release_private,
1046};
1047#endif
1048
1049/* General module cleanup. Called from cleanup_module() in ddp.c. */
1050void aarp_cleanup_module(void)
1051{
1052        del_timer_sync(&aarp_timer);
1053        unregister_netdevice_notifier(&aarp_notifier);
1054        unregister_snap_client(aarp_dl);
1055        aarp_purge();
1056}