1 /*
2 * DECnet An implementation of the DECnet protocol suite for the LINUX
3 * operating system. DECnet is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * DECnet Network Services Protocol (Input)
7 *
8 * Author: Eduardo Marcelo Serrat <emserrat@geocities.com>
9 *
10 * Changes:
11 *
12 * Steve Whitehouse: Split into dn_nsp_in.c and dn_nsp_out.c from
13 * original dn_nsp.c.
14 * Steve Whitehouse: Updated to work with my new routing architecture.
15 * Steve Whitehouse: Add changes from Eduardo Serrat's patches.
16 * Steve Whitehouse: Put all ack handling code in a common routine.
17 * Steve Whitehouse: Put other common bits into dn_nsp_rx()
18 * Steve Whitehouse: More checks on skb->len to catch bogus packets
19 * Fixed various race conditions and possible nasties.
20 * Steve Whitehouse: Now handles returned conninit frames.
21 * David S. Miller: New socket locking
22 * Steve Whitehouse: Fixed lockup when socket filtering was enabled.
23 * Paul Koning: Fix to push CC sockets into RUN when acks are
24 * received.
25 * Steve Whitehouse:
26 * Patrick Caulfield: Checking conninits for correctness & sending of error
27 * responses.
28 * Steve Whitehouse: Added backlog congestion level return codes.
29 * Patrick Caulfield:
30 * Steve Whitehouse: Added flow control support (outbound)
31 */
32
33 /******************************************************************************
34 (c) 1995-1998 E.M. Serrat emserrat@geocities.com
35
36 This program is free software; you can redistribute it and/or modify
37 it under the terms of the GNU General Public License as published by
38 the Free Software Foundation; either version 2 of the License, or
39 any later version.
40
41 This program is distributed in the hope that it will be useful,
42 but WITHOUT ANY WARRANTY; without even the implied warranty of
43 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
44 GNU General Public License for more details.
45 *******************************************************************************/
46
47 #include <linux/config.h>
48 #include <linux/errno.h>
49 #include <linux/types.h>
50 #include <linux/socket.h>
51 #include <linux/in.h>
52 #include <linux/kernel.h>
53 #include <linux/sched.h>
54 #include <linux/timer.h>
55 #include <linux/string.h>
56 #include <linux/sockios.h>
57 #include <linux/net.h>
58 #include <linux/netdevice.h>
59 #include <linux/inet.h>
60 #include <linux/route.h>
61 #include <net/sock.h>
62 #include <asm/segment.h>
63 #include <asm/system.h>
64 #include <linux/fcntl.h>
65 #include <linux/mm.h>
66 #include <linux/termios.h>
67 #include <linux/interrupt.h>
68 #include <linux/proc_fs.h>
69 #include <linux/stat.h>
70 #include <linux/init.h>
71 #include <linux/poll.h>
72 #include <linux/netfilter_decnet.h>
73 #include <net/neighbour.h>
74 #include <net/dst.h>
75 #include <net/dn_nsp.h>
76 #include <net/dn_dev.h>
77 #include <net/dn_route.h>
78
79 extern int decnet_log_martians;
80
81 static void dn_log_martian(struct sk_buff *skb, const char *msg)
82 {
83 if (decnet_log_martians && net_ratelimit()) {
84 char *devname = skb->dev ? skb->dev->name : "???";
85 struct dn_skb_cb *cb = DN_SKB_CB(skb);
86 printk(KERN_INFO "DECnet: Martian packet (%s) dev=%s src=0x%04hx dst=0x%04hx srcport=0x%04hx dstport=0x%04hx\n", msg, devname, cb->src, cb->dst, cb->src_port, cb->dst_port);
87 }
88 }
89
90 /*
91 * For this function we've flipped the cross-subchannel bit
92 * if the message is an otherdata or linkservice message. Thus
93 * we can use it to work out what to update.
94 */
95 static void dn_ack(struct sock *sk, struct sk_buff *skb, unsigned short ack)
96 {
97 struct dn_scp *scp = DN_SK(sk);
98 unsigned short type = ((ack >> 12) & 0x0003);
99 int wakeup = 0;
100
101 switch(type) {
102 case 0: /* ACK - Data */
103 if (after(ack, scp->ackrcv_dat)) {
104 scp->ackrcv_dat = ack & 0x0fff;
105 wakeup |= dn_nsp_check_xmit_queue(sk, skb, &scp->data_xmit_queue, ack);
106 }
107 break;
108 case 1: /* NAK - Data */
109 break;
110 case 2: /* ACK - OtherData */
111 if (after(ack, scp->ackrcv_oth)) {
112 scp->ackrcv_oth = ack & 0x0fff;
113 wakeup |= dn_nsp_check_xmit_queue(sk, skb, &scp->other_xmit_queue, ack);
114 }
115 break;
116 case 3: /* NAK - OtherData */
117 break;
118 }
119
120 if (wakeup && !sk->dead)
121 sk->state_change(sk);
122 }
123
124 /*
125 * This function is a universal ack processor.
126 */
127 static int dn_process_ack(struct sock *sk, struct sk_buff *skb, int oth)
128 {
129 unsigned short *ptr = (unsigned short *)skb->data;
130 int len = 0;
131 unsigned short ack;
132
133 if (skb->len < 2)
134 return len;
135
136 if ((ack = dn_ntohs(*ptr)) & 0x8000) {
137 skb_pull(skb, 2);
138 ptr++;
139 len += 2;
140 if ((ack & 0x4000) == 0) {
141 if (oth)
142 ack ^= 0x2000;
143 dn_ack(sk, skb, ack);
144 }
145 }
146
147 if (skb->len < 2)
148 return len;
149
150 if ((ack = dn_ntohs(*ptr)) & 0x8000) {
151 skb_pull(skb, 2);
152 len += 2;
153 if ((ack & 0x4000) == 0) {
154 if (oth)
155 ack ^= 0x2000;
156 dn_ack(sk, skb, ack);
157 }
158 }
159
160 return len;
161 }
162
163
164 /**
165 * dn_check_idf - Check an image data field format is correct.
166 * @pptr: Pointer to pointer to image data
167 * @len: Pointer to length of image data
168 * @max: The maximum allowed length of the data in the image data field
169 * @follow_on: Check that this many bytes exist beyond the end of the image data
170 *
171 * Returns: 0 if ok, -1 on error
172 */
173 static inline int dn_check_idf(unsigned char **pptr, int *len, unsigned char max, unsigned char follow_on)
174 {
175 unsigned char *ptr = *pptr;
176 unsigned char flen = *ptr++;
177
178 (*len)--;
179 if (flen > max)
180 return -1;
181 if ((flen + follow_on) > *len)
182 return -1;
183
184 *len -= flen;
185 *pptr = ptr + flen;
186 return 0;
187 }
188
189 /*
190 * Table of reason codes to pass back to node which sent us a badly
191 * formed message, plus text messages for the log. A zero entry in
192 * the reason field means "don't reply" otherwise a disc init is sent with
193 * the specified reason code.
194 */
195 static struct {
196 unsigned short reason;
197 const char *text;
198 } ci_err_table[] = {
199 { 0, "CI: Truncated message" },
200 { NSP_REASON_ID, "CI: Destination username error" },
201 { NSP_REASON_ID, "CI: Destination username type" },
202 { NSP_REASON_US, "CI: Source username error" },
203 { 0, "CI: Truncated at menuver" },
204 { 0, "CI: Truncated before access or user data" },
205 { NSP_REASON_IO, "CI: Access data format error" },
206 { NSP_REASON_IO, "CI: User data format error" }
207 };
208
209 /*
210 * This function uses a slightly different lookup method
211 * to find its sockets, since it searches on object name/number
212 * rather than port numbers. Various tests are done to ensure that
213 * the incoming data is in the correct format before it is queued to
214 * a socket.
215 */
216 static struct sock *dn_find_listener(struct sk_buff *skb, unsigned short *reason)
217 {
218 struct dn_skb_cb *cb = DN_SKB_CB(skb);
219 struct nsp_conn_init_msg *msg = (struct nsp_conn_init_msg *)skb->data;
220 struct sockaddr_dn dstaddr;
221 struct sockaddr_dn srcaddr;
222 unsigned char type = 0;
223 int dstlen;
224 int srclen;
225 unsigned char *ptr;
226 int len;
227 int err = 0;
228 unsigned char menuver;
229
230 memset(&dstaddr, 0, sizeof(struct sockaddr_dn));
231 memset(&srcaddr, 0, sizeof(struct sockaddr_dn));
232
233 /*
234 * 1. Decode & remove message header
235 */
236 cb->src_port = msg->srcaddr;
237 cb->dst_port = msg->dstaddr;
238 cb->services = msg->services;
239 cb->info = msg->info;
240 cb->segsize = dn_ntohs(msg->segsize);
241
242 if (skb->len < sizeof(*msg))
243 goto err_out;
244
245 skb_pull(skb, sizeof(*msg));
246
247 len = skb->len;
248 ptr = skb->data;
249
250 /*
251 * 2. Check destination end username format
252 */
253 dstlen = dn_username2sockaddr(ptr, len, &dstaddr, &type);
254 err++;
255 if (dstlen < 0)
256 goto err_out;
257
258 err++;
259 if (type > 1)
260 goto err_out;
261
262 len -= dstlen;
263 ptr += dstlen;
264
265 /*
266 * 3. Check source end username format
267 */
268 srclen = dn_username2sockaddr(ptr, len, &srcaddr, &type);
269 err++;
270 if (srclen < 0)
271 goto err_out;
272
273 len -= srclen;
274 ptr += srclen;
275 err++;
276 if (len < 1)
277 goto err_out;
278
279 menuver = *ptr;
280 ptr++;
281 len--;
282
283 /*
284 * 4. Check that optional data actually exists if menuver says it does
285 */
286 err++;
287 if ((menuver & (DN_MENUVER_ACC | DN_MENUVER_USR)) && (len < 1))
288 goto err_out;
289
290 /*
291 * 5. Check optional access data format
292 */
293 err++;
294 if (menuver & DN_MENUVER_ACC) {
295 if (dn_check_idf(&ptr, &len, 39, 1))
296 goto err_out;
297 if (dn_check_idf(&ptr, &len, 39, 1))
298 goto err_out;
299 if (dn_check_idf(&ptr, &len, 39, (menuver & DN_MENUVER_USR) ? 1 : 0))
300 goto err_out;
301 }
302
303 /*
304 * 6. Check optional user data format
305 */
306 err++;
307 if (menuver & DN_MENUVER_USR) {
308 if (dn_check_idf(&ptr, &len, 16, 0))
309 goto err_out;
310 }
311
312 /*
313 * 7. Look up socket based on destination end username
314 */
315 return dn_sklist_find_listener(&dstaddr);
316 err_out:
317 dn_log_martian(skb, ci_err_table[err].text);
318 *reason = ci_err_table[err].reason;
319 return NULL;
320 }
321
322
323 static void dn_nsp_conn_init(struct sock *sk, struct sk_buff *skb)
324 {
325 if (sk->ack_backlog >= sk->max_ack_backlog) {
326 kfree_skb(skb);
327 return;
328 }
329
330 sk->ack_backlog++;
331 skb_queue_tail(&sk->receive_queue, skb);
332 sk->state_change(sk);
333 }
334
335 static void dn_nsp_conn_conf(struct sock *sk, struct sk_buff *skb)
336 {
337 struct dn_skb_cb *cb = DN_SKB_CB(skb);
338 struct dn_scp *scp = DN_SK(sk);
339 unsigned char *ptr;
340
341 if (skb->len < 4)
342 goto out;
343
344 ptr = skb->data;
345 cb->services = *ptr++;
346 cb->info = *ptr++;
347 cb->segsize = dn_ntohs(*(__u16 *)ptr);
348
349 if ((scp->state == DN_CI) || (scp->state == DN_CD)) {
350 scp->persist = 0;
351 scp->addrrem = cb->src_port;
352 sk->state = TCP_ESTABLISHED;
353 scp->state = DN_RUN;
354 scp->services_rem = cb->services;
355 scp->info_rem = cb->info;
356 scp->segsize_rem = cb->segsize;
357
358 if ((scp->services_rem & NSP_FC_MASK) == NSP_FC_NONE)
359 scp->max_window = decnet_no_fc_max_cwnd;
360
361 if (skb->len > 0) {
362 unsigned char dlen = *skb->data;
363 if ((dlen <= 16) && (dlen <= skb->len)) {
364 scp->conndata_in.opt_optl = dlen;
365 memcpy(scp->conndata_in.opt_data, skb->data + 1, dlen);
366 }
367 }
368 dn_nsp_send_link(sk, DN_NOCHANGE, 0);
369 if (!sk->dead)
370 sk->state_change(sk);
371 }
372
373 out:
374 kfree_skb(skb);
375 }
376
377 static void dn_nsp_conn_ack(struct sock *sk, struct sk_buff *skb)
378 {
379 struct dn_scp *scp = DN_SK(sk);
380
381 if (scp->state == DN_CI) {
382 scp->state = DN_CD;
383 scp->persist = 0;
384 }
385
386 kfree_skb(skb);
387 }
388
389 static void dn_nsp_disc_init(struct sock *sk, struct sk_buff *skb)
390 {
391 struct dn_scp *scp = DN_SK(sk);
392 struct dn_skb_cb *cb = DN_SKB_CB(skb);
393 unsigned short reason;
394
395 if (skb->len < 2)
396 goto out;
397
398 reason = dn_ntohs(*(__u16 *)skb->data);
399 skb_pull(skb, 2);
400
401 scp->discdata_in.opt_status = reason;
402 scp->discdata_in.opt_optl = 0;
403 memset(scp->discdata_in.opt_data, 0, 16);
404
405 if (skb->len > 0) {
406 unsigned char dlen = *skb->data;
407 if ((dlen <= 16) && (dlen <= skb->len)) {
408 scp->discdata_in.opt_optl = dlen;
409 memcpy(scp->discdata_in.opt_data, skb->data + 1, dlen);
410 }
411 }
412
413 scp->addrrem = cb->src_port;
414 sk->state = TCP_CLOSE;
415
416 switch(scp->state) {
417 case DN_CI:
418 case DN_CD:
419 scp->state = DN_RJ;
420 break;
421 case DN_RUN:
422 sk->shutdown |= SHUTDOWN_MASK;
423 scp->state = DN_DN;
424 break;
425 case DN_DI:
426 scp->state = DN_DIC;
427 break;
428 }
429
430 if (!sk->dead) {
431 if (sk->socket->state != SS_UNCONNECTED)
432 sk->socket->state = SS_DISCONNECTING;
433 sk->state_change(sk);
434 }
435
436 dn_nsp_send_disc(sk, NSP_DISCCONF, NSP_REASON_DC, GFP_ATOMIC);
437 scp->persist_fxn = dn_destroy_timer;
438 scp->persist = dn_nsp_persist(sk);
439
440 out:
441 kfree_skb(skb);
442 }
443
444 /*
445 * disc_conf messages are also called no_resources or no_link
446 * messages depending upon the "reason" field.
447 */
448 static void dn_nsp_disc_conf(struct sock *sk, struct sk_buff *skb)
449 {
450 struct dn_scp *scp = DN_SK(sk);
451 unsigned short reason;
452
453 if (skb->len != 2)
454 goto out;
455
456 reason = dn_ntohs(*(__u16 *)skb->data);
457
458 sk->state = TCP_CLOSE;
459
460 switch(scp->state) {
461 case DN_CI:
462 scp->state = DN_NR;
463 break;
464 case DN_DR:
465 if (reason == NSP_REASON_DC)
466 scp->state = DN_DRC;
467 if (reason == NSP_REASON_NL)
468 scp->state = DN_CN;
469 break;
470 case DN_DI:
471 scp->state = DN_DIC;
472 break;
473 case DN_RUN:
474 sk->shutdown |= SHUTDOWN_MASK;
475 case DN_CC:
476 scp->state = DN_CN;
477 }
478
479 if (!sk->dead) {
480 if (sk->socket->state != SS_UNCONNECTED)
481 sk->socket->state = SS_DISCONNECTING;
482 sk->state_change(sk);
483 }
484
485 scp->persist_fxn = dn_destroy_timer;
486 scp->persist = dn_nsp_persist(sk);
487
488 out:
489 kfree_skb(skb);
490 }
491
492 static void dn_nsp_linkservice(struct sock *sk, struct sk_buff *skb)
493 {
494 struct dn_scp *scp = DN_SK(sk);
495 unsigned short segnum;
496 unsigned char lsflags;
497 char fcval;
498 int wake_up = 0;
499 char *ptr = skb->data;
500 unsigned char fctype = scp->services_rem & NSP_FC_MASK;
501
502 if (skb->len != 4)
503 goto out;
504
505 segnum = dn_ntohs(*(__u16 *)ptr);
506 ptr += 2;
507 lsflags = *(unsigned char *)ptr++;
508 fcval = *ptr;
509
510 /*
511 * Here we ignore erronous packets which should really
512 * should cause a connection abort. It is not critical
513 * for now though.
514 */
515 if (lsflags & 0xf8)
516 goto out;
517
518 if (seq_next(scp->numoth_rcv, segnum)) {
519 seq_add(&scp->numoth_rcv, 1);
520 switch(lsflags & 0x04) { /* FCVAL INT */
521 case 0x00: /* Normal Request */
522 switch(lsflags & 0x03) { /* FCVAL MOD */
523 case 0x00: /* Request count */
524 if (fcval < 0) {
525 unsigned char p_fcval = -fcval;
526 if ((scp->flowrem_dat > p_fcval) &&
527 (fctype == NSP_FC_SCMC)) {
528 scp->flowrem_dat -= p_fcval;
529 }
530 } else if (fcval > 0) {
531 scp->flowrem_dat += fcval;
532 wake_up = 1;
533 }
534 break;
535 case 0x01: /* Stop outgoing data */
536 scp->flowrem_sw = DN_DONTSEND;
537 break;
538 case 0x02: /* Ok to start again */
539 scp->flowrem_sw = DN_SEND;
540 dn_nsp_output(sk);
541 wake_up = 1;
542 }
543 break;
544 case 0x04: /* Interrupt Request */
545 if (fcval > 0) {
546 scp->flowrem_oth += fcval;
547 wake_up = 1;
548 }
549 break;
550 }
551 if (wake_up && !sk->dead)
552 sk->state_change(sk);
553 }
554
555 dn_nsp_send_oth_ack(sk);
556
557 out:
558 kfree_skb(skb);
559 }
560
561 /*
562 * Copy of sock_queue_rcv_skb (from sock.h) without
563 * bh_lock_sock() (its already held when this is called) which
564 * also allows data and other data to be queued to a socket.
565 */
566 static __inline__ int dn_queue_skb(struct sock *sk, struct sk_buff *skb, int sig, struct sk_buff_head *queue)
567 {
568 int err;
569
570 /* Cast skb->rcvbuf to unsigned... It's pointless, but reduces
571 number of warnings when compiling with -W --ANK
572 */
573 if (atomic_read(&sk->rmem_alloc) + skb->truesize >= (unsigned)sk->rcvbuf) {
574 err = -ENOMEM;
575 goto out;
576 }
577
578 err = sk_filter(sk, skb, 0);
579 if (err)
580 goto out;
581
582 skb_set_owner_r(skb, sk);
583 skb_queue_tail(queue, skb);
584
585 /* This code only runs from BH or BH protected context.
586 * Therefore the plain read_lock is ok here. -DaveM
587 */
588 read_lock(&sk->callback_lock);
589 if (!sk->dead) {
590 struct socket *sock = sk->socket;
591 wake_up_interruptible(sk->sleep);
592 if (sock && sock->fasync_list &&
593 !test_bit(SOCK_ASYNC_WAITDATA, &sock->flags))
594 __kill_fasync(sock->fasync_list, sig,
595 (sig == SIGURG) ? POLL_PRI : POLL_IN);
596 }
597 read_unlock(&sk->callback_lock);
598 out:
599 return err;
600 }
601
602 static void dn_nsp_otherdata(struct sock *sk, struct sk_buff *skb)
603 {
604 struct dn_scp *scp = DN_SK(sk);
605 unsigned short segnum;
606 struct dn_skb_cb *cb = DN_SKB_CB(skb);
607 int queued = 0;
608
609 if (skb->len < 2)
610 goto out;
611
612 cb->segnum = segnum = dn_ntohs(*(__u16 *)skb->data);
613 skb_pull(skb, 2);
614
615 if (seq_next(scp->numoth_rcv, segnum)) {
616
617 if (dn_queue_skb(sk, skb, SIGURG, &scp->other_receive_queue) == 0) {
618 seq_add(&scp->numoth_rcv, 1);
619 scp->other_report = 0;
620 queued = 1;
621 }
622 }
623
624 dn_nsp_send_oth_ack(sk);
625 out:
626 if (!queued)
627 kfree_skb(skb);
628 }
629
630 static void dn_nsp_data(struct sock *sk, struct sk_buff *skb)
631 {
632 int queued = 0;
633 unsigned short segnum;
634 struct dn_skb_cb *cb = DN_SKB_CB(skb);
635 struct dn_scp *scp = DN_SK(sk);
636
637 if (skb->len < 2)
638 goto out;
639
640 cb->segnum = segnum = dn_ntohs(*(__u16 *)skb->data);
641 skb_pull(skb, 2);
642
643 if (seq_next(scp->numdat_rcv, segnum)) {
644 if (dn_queue_skb(sk, skb, SIGIO, &sk->receive_queue) == 0) {
645 seq_add(&scp->numdat_rcv, 1);
646 queued = 1;
647 }
648
649 if ((scp->flowloc_sw == DN_SEND) && dn_congested(sk)) {
650 scp->flowloc_sw = DN_DONTSEND;
651 dn_nsp_send_link(sk, DN_DONTSEND, 0);
652 }
653 }
654
655 dn_nsp_send_data_ack(sk);
656 out:
657 if (!queued)
658 kfree_skb(skb);
659 }
660
661 /*
662 * If one of our conninit messages is returned, this function
663 * deals with it. It puts the socket into the NO_COMMUNICATION
664 * state.
665 */
666 static void dn_returned_conn_init(struct sock *sk, struct sk_buff *skb)
667 {
668 struct dn_scp *scp = DN_SK(sk);
669
670 if (scp->state == DN_CI) {
671 scp->state = DN_NC;
672 sk->state = TCP_CLOSE;
673 if (!sk->dead)
674 sk->state_change(sk);
675 }
676
677 kfree_skb(skb);
678 }
679
680 static int dn_nsp_no_socket(struct sk_buff *skb, unsigned short reason)
681 {
682 struct dn_skb_cb *cb = DN_SKB_CB(skb);
683 int ret = NET_RX_DROP;
684
685 /* Must not reply to returned packets */
686 if (cb->rt_flags & DN_RT_F_RTS)
687 goto out;
688
689 if ((reason != NSP_REASON_OK) && ((cb->nsp_flags & 0x0c) == 0x08)) {
690 switch(cb->nsp_flags & 0x70) {
691 case 0x10:
692 case 0x60: /* (Retransmitted) Connect Init */
693 dn_nsp_return_disc(skb, NSP_DISCINIT, reason);
694 ret = NET_RX_SUCCESS;
695 break;
696 case 0x20: /* Connect Confirm */
697 dn_nsp_return_disc(skb, NSP_DISCCONF, reason);
698 ret = NET_RX_SUCCESS;
699 break;
700 }
701 }
702
703 out:
704 kfree_skb(skb);
705 return ret;
706 }
707
708 static int dn_nsp_rx_packet(struct sk_buff *skb)
709 {
710 struct dn_skb_cb *cb = DN_SKB_CB(skb);
711 struct sock *sk = NULL;
712 unsigned char *ptr = (unsigned char *)skb->data;
713 unsigned short reason = NSP_REASON_NL;
714
715 skb->h.raw = skb->data;
716 cb->nsp_flags = *ptr++;
717
718 if (decnet_debug_level & 2)
719 printk(KERN_DEBUG "dn_nsp_rx: Message type 0x%02x\n", (int)cb->nsp_flags);
720
721 if (skb->len < 2)
722 goto free_out;
723
724 if (cb->nsp_flags & 0x83)
725 goto free_out;
726
727 /*
728 * Returned packets...
729 * Swap src & dst and look up in the normal way.
730 */
731 if (cb->rt_flags & DN_RT_F_RTS) {
732 unsigned short tmp = cb->dst_port;
733 cb->dst_port = cb->src_port;
734 cb->src_port = tmp;
735 tmp = cb->dst;
736 cb->dst = cb->src;
737 cb->src = tmp;
738 sk = dn_find_by_skb(skb);
739 goto got_it;
740 }
741
742 /*
743 * Filter out conninits and useless packet types
744 */
745 if ((cb->nsp_flags & 0x0c) == 0x08) {
746 switch(cb->nsp_flags & 0x70) {
747 case 0x00: /* NOP */
748 case 0x70: /* Reserved */
749 case 0x50: /* Reserved, Phase II node init */
750 goto free_out;
751 case 0x10:
752 case 0x60:
753 sk = dn_find_listener(skb, &reason);
754 goto got_it;
755 }
756 }
757
758 if (skb->len < 3)
759 goto free_out;
760
761 /*
762 * Grab the destination address.
763 */
764 cb->dst_port = *(unsigned short *)ptr;
765 cb->src_port = 0;
766 ptr += 2;
767
768 /*
769 * If not a connack, grab the source address too.
770 */
771 if (skb->len >= 5) {
772 cb->src_port = *(unsigned short *)ptr;
773 ptr += 2;
774 skb_pull(skb, 5);
775 }
776
777 /*
778 * Find the socket to which this skb is destined.
779 */
780 sk = dn_find_by_skb(skb);
781 got_it:
782 if (sk != NULL) {
783 struct dn_scp *scp = DN_SK(sk);
784 int ret;
785
786 /* Reset backoff */
787 scp->nsp_rxtshift = 0;
788
789 bh_lock_sock(sk);
790 ret = NET_RX_SUCCESS;
791 if (decnet_debug_level & 8)
792 printk(KERN_DEBUG "NSP: 0x%02x 0x%02x 0x%04x 0x%04x %d\n",
793 (int)cb->rt_flags, (int)cb->nsp_flags,
794 (int)cb->src_port, (int)cb->dst_port,
795 (int)sk->lock.users);
796 if (sk->lock.users == 0)
797 ret = dn_nsp_backlog_rcv(sk, skb);
798 else
799 sk_add_backlog(sk, skb);
800 bh_unlock_sock(sk);
801 sock_put(sk);
802
803 return ret;
804 }
805
806 return dn_nsp_no_socket(skb, reason);
807
808 free_out:
809 kfree_skb(skb);
810 return NET_RX_DROP;
811 }
812
813 int dn_nsp_rx(struct sk_buff *skb)
814 {
815 return NF_HOOK(PF_DECnet, NF_DN_LOCAL_IN, skb, skb->dev, NULL, dn_nsp_rx_packet);
816 }
817
818 /*
819 * This is the main receive routine for sockets. It is called
820 * from the above when the socket is not busy, and also from
821 * sock_release() when there is a backlog queued up.
822 */
823 int dn_nsp_backlog_rcv(struct sock *sk, struct sk_buff *skb)
824 {
825 struct dn_scp *scp = DN_SK(sk);
826 struct dn_skb_cb *cb = DN_SKB_CB(skb);
827
828 if (cb->rt_flags & DN_RT_F_RTS) {
829 dn_returned_conn_init(sk, skb);
830 return NET_RX_SUCCESS;
831 }
832
833 /*
834 * Control packet.
835 */
836 if ((cb->nsp_flags & 0x0c) == 0x08) {
837 switch(cb->nsp_flags & 0x70) {
838 case 0x10:
839 case 0x60:
840 dn_nsp_conn_init(sk, skb);
841 break;
842 case 0x20:
843 dn_nsp_conn_conf(sk, skb);
844 break;
845 case 0x30:
846 dn_nsp_disc_init(sk, skb);
847 break;
848 case 0x40:
849 dn_nsp_disc_conf(sk, skb);
850 break;
851 }
852
853 } else if (cb->nsp_flags == 0x24) {
854 /*
855 * Special for connacks, 'cos they don't have
856 * ack data or ack otherdata info.
857 */
858 dn_nsp_conn_ack(sk, skb);
859 } else {
860 int other = 1;
861
862 /* both data and ack frames can kick a CC socket into RUN */
863 if ((scp->state == DN_CC) && !sk->dead) {
864 scp->state = DN_RUN;
865 sk->state = TCP_ESTABLISHED;
866 sk->state_change(sk);
867 }
868
869 if ((cb->nsp_flags & 0x1c) == 0)
870 other = 0;
871 if (cb->nsp_flags == 0x04)
872 other = 0;
873
874 /*
875 * Read out ack data here, this applies equally
876 * to data, other data, link serivce and both
877 * ack data and ack otherdata.
878 */
879 dn_process_ack(sk, skb, other);
880
881 /*
882 * If we've some sort of data here then call a
883 * suitable routine for dealing with it, otherwise
884 * the packet is an ack and can be discarded.
885 */
886 if ((cb->nsp_flags & 0x0c) == 0) {
887
888 if (scp->state != DN_RUN)
889 goto free_out;
890
891 switch(cb->nsp_flags) {
892 case 0x10: /* LS */
893 dn_nsp_linkservice(sk, skb);
894 break;
895 case 0x30: /* OD */
896 dn_nsp_otherdata(sk, skb);
897 break;
898 default:
899 dn_nsp_data(sk, skb);
900 }
901
902 } else { /* Ack, chuck it out here */
903 free_out:
904 kfree_skb(skb);
905 }
906 }
907
908 return NET_RX_SUCCESS;
909 }
910
911
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.