KEYS: add missing permission check for request_key() destination
[linux/fpc-iii.git] / net / tipc / discover.c
blobaa722a42ef8b03b4d840e31bbf7582d51948fbae
1 /*
2 * net/tipc/discover.c
4 * Copyright (c) 2003-2006, 2014, Ericsson AB
5 * Copyright (c) 2005-2006, 2010-2011, Wind River Systems
6 * All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the names of the copyright holders nor the names of its
17 * contributors may be used to endorse or promote products derived from
18 * this software without specific prior written permission.
20 * Alternatively, this software may be distributed under the terms of the
21 * GNU General Public License ("GPL") version 2 as published by the Free
22 * Software Foundation.
24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
25 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
32 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
33 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
34 * POSSIBILITY OF SUCH DAMAGE.
37 #include "core.h"
38 #include "link.h"
39 #include "discover.h"
41 #define TIPC_LINK_REQ_INIT 125 /* min delay during bearer start up */
42 #define TIPC_LINK_REQ_FAST 1000 /* max delay if bearer has no links */
43 #define TIPC_LINK_REQ_SLOW 60000 /* max delay if bearer has links */
44 #define TIPC_LINK_REQ_INACTIVE 0xffffffff /* indicates no timer in use */
47 /**
48 * struct tipc_link_req - information about an ongoing link setup request
49 * @bearer_id: identity of bearer issuing requests
50 * @dest: destination address for request messages
51 * @domain: network domain to which links can be established
52 * @num_nodes: number of nodes currently discovered (i.e. with an active link)
53 * @lock: spinlock for controlling access to requests
54 * @buf: request message to be (repeatedly) sent
55 * @timer: timer governing period between requests
56 * @timer_intv: current interval between requests (in ms)
58 struct tipc_link_req {
59 u32 bearer_id;
60 struct tipc_media_addr dest;
61 u32 domain;
62 int num_nodes;
63 spinlock_t lock;
64 struct sk_buff *buf;
65 struct timer_list timer;
66 unsigned int timer_intv;
69 /**
70 * tipc_disc_init_msg - initialize a link setup message
71 * @type: message type (request or response)
72 * @b_ptr: ptr to bearer issuing message
74 static void tipc_disc_init_msg(struct sk_buff *buf, u32 type,
75 struct tipc_bearer *b_ptr)
77 struct tipc_msg *msg;
78 u32 dest_domain = b_ptr->domain;
80 msg = buf_msg(buf);
81 tipc_msg_init(msg, LINK_CONFIG, type, INT_H_SIZE, dest_domain);
82 msg_set_non_seq(msg, 1);
83 msg_set_node_sig(msg, tipc_random);
84 msg_set_dest_domain(msg, dest_domain);
85 msg_set_bc_netid(msg, tipc_net_id);
86 b_ptr->media->addr2msg(msg_media_addr(msg), &b_ptr->addr);
89 /**
90 * disc_dupl_alert - issue node address duplication alert
91 * @b_ptr: pointer to bearer detecting duplication
92 * @node_addr: duplicated node address
93 * @media_addr: media address advertised by duplicated node
95 static void disc_dupl_alert(struct tipc_bearer *b_ptr, u32 node_addr,
96 struct tipc_media_addr *media_addr)
98 char node_addr_str[16];
99 char media_addr_str[64];
101 tipc_addr_string_fill(node_addr_str, node_addr);
102 tipc_media_addr_printf(media_addr_str, sizeof(media_addr_str),
103 media_addr);
104 pr_warn("Duplicate %s using %s seen on <%s>\n", node_addr_str,
105 media_addr_str, b_ptr->name);
109 * tipc_disc_rcv - handle incoming discovery message (request or response)
110 * @buf: buffer containing message
111 * @bearer: bearer that message arrived on
113 void tipc_disc_rcv(struct sk_buff *buf, struct tipc_bearer *bearer)
115 struct tipc_node *node;
116 struct tipc_link *link;
117 struct tipc_media_addr maddr;
118 struct sk_buff *rbuf;
119 struct tipc_msg *msg = buf_msg(buf);
120 u32 ddom = msg_dest_domain(msg);
121 u32 onode = msg_prevnode(msg);
122 u32 net_id = msg_bc_netid(msg);
123 u32 mtyp = msg_type(msg);
124 u32 signature = msg_node_sig(msg);
125 bool addr_match = false;
126 bool sign_match = false;
127 bool link_up = false;
128 bool accept_addr = false;
129 bool accept_sign = false;
130 bool respond = false;
132 bearer->media->msg2addr(bearer, &maddr, msg_media_addr(msg));
133 kfree_skb(buf);
135 /* Ensure message from node is valid and communication is permitted */
136 if (net_id != tipc_net_id)
137 return;
138 if (maddr.broadcast)
139 return;
140 if (!tipc_addr_domain_valid(ddom))
141 return;
142 if (!tipc_addr_node_valid(onode))
143 return;
145 if (in_own_node(onode)) {
146 if (memcmp(&maddr, &bearer->addr, sizeof(maddr)))
147 disc_dupl_alert(bearer, tipc_own_addr, &maddr);
148 return;
150 if (!tipc_in_scope(ddom, tipc_own_addr))
151 return;
152 if (!tipc_in_scope(bearer->domain, onode))
153 return;
155 /* Locate, or if necessary, create, node: */
156 node = tipc_node_find(onode);
157 if (!node)
158 node = tipc_node_create(onode);
159 if (!node)
160 return;
162 tipc_node_lock(node);
163 link = node->links[bearer->identity];
165 /* Prepare to validate requesting node's signature and media address */
166 sign_match = (signature == node->signature);
167 addr_match = link && !memcmp(&link->media_addr, &maddr, sizeof(maddr));
168 link_up = link && tipc_link_is_up(link);
171 /* These three flags give us eight permutations: */
173 if (sign_match && addr_match && link_up) {
174 /* All is fine. Do nothing. */
175 } else if (sign_match && addr_match && !link_up) {
176 /* Respond. The link will come up in due time */
177 respond = true;
178 } else if (sign_match && !addr_match && link_up) {
179 /* Peer has changed i/f address without rebooting.
180 * If so, the link will reset soon, and the next
181 * discovery will be accepted. So we can ignore it.
182 * It may also be an cloned or malicious peer having
183 * chosen the same node address and signature as an
184 * existing one.
185 * Ignore requests until the link goes down, if ever.
187 disc_dupl_alert(bearer, onode, &maddr);
188 } else if (sign_match && !addr_match && !link_up) {
189 /* Peer link has changed i/f address without rebooting.
190 * It may also be a cloned or malicious peer; we can't
191 * distinguish between the two.
192 * The signature is correct, so we must accept.
194 accept_addr = true;
195 respond = true;
196 } else if (!sign_match && addr_match && link_up) {
197 /* Peer node rebooted. Two possibilities:
198 * - Delayed re-discovery; this link endpoint has already
199 * reset and re-established contact with the peer, before
200 * receiving a discovery message from that node.
201 * (The peer happened to receive one from this node first).
202 * - The peer came back so fast that our side has not
203 * discovered it yet. Probing from this side will soon
204 * reset the link, since there can be no working link
205 * endpoint at the peer end, and the link will re-establish.
206 * Accept the signature, since it comes from a known peer.
208 accept_sign = true;
209 } else if (!sign_match && addr_match && !link_up) {
210 /* The peer node has rebooted.
211 * Accept signature, since it is a known peer.
213 accept_sign = true;
214 respond = true;
215 } else if (!sign_match && !addr_match && link_up) {
216 /* Peer rebooted with new address, or a new/duplicate peer.
217 * Ignore until the link goes down, if ever.
219 disc_dupl_alert(bearer, onode, &maddr);
220 } else if (!sign_match && !addr_match && !link_up) {
221 /* Peer rebooted with new address, or it is a new peer.
222 * Accept signature and address.
224 accept_sign = true;
225 accept_addr = true;
226 respond = true;
229 if (accept_sign)
230 node->signature = signature;
232 if (accept_addr) {
233 if (!link)
234 link = tipc_link_create(node, bearer, &maddr);
235 if (link) {
236 memcpy(&link->media_addr, &maddr, sizeof(maddr));
237 tipc_link_reset(link);
238 } else {
239 respond = false;
243 /* Send response, if necessary */
244 if (respond && (mtyp == DSC_REQ_MSG)) {
245 rbuf = tipc_buf_acquire(INT_H_SIZE);
246 if (rbuf) {
247 tipc_disc_init_msg(rbuf, DSC_RESP_MSG, bearer);
248 tipc_bearer_send(bearer->identity, rbuf, &maddr);
249 kfree_skb(rbuf);
252 tipc_node_unlock(node);
256 * disc_update - update frequency of periodic link setup requests
257 * @req: ptr to link request structure
259 * Reinitiates discovery process if discovery object has no associated nodes
260 * and is either not currently searching or is searching at a slow rate
262 static void disc_update(struct tipc_link_req *req)
264 if (!req->num_nodes) {
265 if ((req->timer_intv == TIPC_LINK_REQ_INACTIVE) ||
266 (req->timer_intv > TIPC_LINK_REQ_FAST)) {
267 req->timer_intv = TIPC_LINK_REQ_INIT;
268 k_start_timer(&req->timer, req->timer_intv);
274 * tipc_disc_add_dest - increment set of discovered nodes
275 * @req: ptr to link request structure
277 void tipc_disc_add_dest(struct tipc_link_req *req)
279 spin_lock_bh(&req->lock);
280 req->num_nodes++;
281 spin_unlock_bh(&req->lock);
285 * tipc_disc_remove_dest - decrement set of discovered nodes
286 * @req: ptr to link request structure
288 void tipc_disc_remove_dest(struct tipc_link_req *req)
290 spin_lock_bh(&req->lock);
291 req->num_nodes--;
292 disc_update(req);
293 spin_unlock_bh(&req->lock);
297 * disc_timeout - send a periodic link setup request
298 * @req: ptr to link request structure
300 * Called whenever a link setup request timer associated with a bearer expires.
302 static void disc_timeout(struct tipc_link_req *req)
304 int max_delay;
306 spin_lock_bh(&req->lock);
308 /* Stop searching if only desired node has been found */
309 if (tipc_node(req->domain) && req->num_nodes) {
310 req->timer_intv = TIPC_LINK_REQ_INACTIVE;
311 goto exit;
315 * Send discovery message, then update discovery timer
317 * Keep doubling time between requests until limit is reached;
318 * hold at fast polling rate if don't have any associated nodes,
319 * otherwise hold at slow polling rate
321 tipc_bearer_send(req->bearer_id, req->buf, &req->dest);
324 req->timer_intv *= 2;
325 if (req->num_nodes)
326 max_delay = TIPC_LINK_REQ_SLOW;
327 else
328 max_delay = TIPC_LINK_REQ_FAST;
329 if (req->timer_intv > max_delay)
330 req->timer_intv = max_delay;
332 k_start_timer(&req->timer, req->timer_intv);
333 exit:
334 spin_unlock_bh(&req->lock);
338 * tipc_disc_create - create object to send periodic link setup requests
339 * @b_ptr: ptr to bearer issuing requests
340 * @dest: destination address for request messages
341 * @dest_domain: network domain to which links can be established
343 * Returns 0 if successful, otherwise -errno.
345 int tipc_disc_create(struct tipc_bearer *b_ptr, struct tipc_media_addr *dest)
347 struct tipc_link_req *req;
349 req = kmalloc(sizeof(*req), GFP_ATOMIC);
350 if (!req)
351 return -ENOMEM;
353 req->buf = tipc_buf_acquire(INT_H_SIZE);
354 if (!req->buf) {
355 kfree(req);
356 return -ENOMEM;
359 tipc_disc_init_msg(req->buf, DSC_REQ_MSG, b_ptr);
360 memcpy(&req->dest, dest, sizeof(*dest));
361 req->bearer_id = b_ptr->identity;
362 req->domain = b_ptr->domain;
363 req->num_nodes = 0;
364 req->timer_intv = TIPC_LINK_REQ_INIT;
365 spin_lock_init(&req->lock);
366 k_init_timer(&req->timer, (Handler)disc_timeout, (unsigned long)req);
367 k_start_timer(&req->timer, req->timer_intv);
368 b_ptr->link_req = req;
369 tipc_bearer_send(req->bearer_id, req->buf, &req->dest);
370 return 0;
374 * tipc_disc_delete - destroy object sending periodic link setup requests
375 * @req: ptr to link request structure
377 void tipc_disc_delete(struct tipc_link_req *req)
379 k_cancel_timer(&req->timer);
380 k_term_timer(&req->timer);
381 kfree_skb(req->buf);
382 kfree(req);
386 * tipc_disc_reset - reset object to send periodic link setup requests
387 * @b_ptr: ptr to bearer issuing requests
388 * @dest_domain: network domain to which links can be established
390 void tipc_disc_reset(struct tipc_bearer *b_ptr)
392 struct tipc_link_req *req = b_ptr->link_req;
394 spin_lock_bh(&req->lock);
395 tipc_disc_init_msg(req->buf, DSC_REQ_MSG, b_ptr);
396 req->bearer_id = b_ptr->identity;
397 req->domain = b_ptr->domain;
398 req->num_nodes = 0;
399 req->timer_intv = TIPC_LINK_REQ_INIT;
400 k_start_timer(&req->timer, req->timer_intv);
401 tipc_bearer_send(req->bearer_id, req->buf, &req->dest);
402 spin_unlock_bh(&req->lock);