linux/net/can/gw.c
<<
>>
Prefs
   1/*
   2 * gw.c - CAN frame Gateway/Router/Bridge with netlink interface
   3 *
   4 * Copyright (c) 2017 Volkswagen Group Electronic Research
   5 * All rights reserved.
   6 *
   7 * Redistribution and use in source and binary forms, with or without
   8 * modification, are permitted provided that the following conditions
   9 * are met:
  10 * 1. Redistributions of source code must retain the above copyright
  11 *    notice, this list of conditions and the following disclaimer.
  12 * 2. Redistributions in binary form must reproduce the above copyright
  13 *    notice, this list of conditions and the following disclaimer in the
  14 *    documentation and/or other materials provided with the distribution.
  15 * 3. Neither the name of Volkswagen nor the names of its contributors
  16 *    may be used to endorse or promote products derived from this software
  17 *    without specific prior written permission.
  18 *
  19 * Alternatively, provided that this notice is retained in full, this
  20 * software may be distributed under the terms of the GNU General
  21 * Public License ("GPL") version 2, in which case the provisions of the
  22 * GPL apply INSTEAD OF those given above.
  23 *
  24 * The provided data structures and external interfaces from this code
  25 * are not restricted to be used by modules with a GPL compatible license.
  26 *
  27 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  28 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  29 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  30 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  31 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  32 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  33 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  34 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  35 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  36 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  37 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
  38 * DAMAGE.
  39 *
  40 */
  41
  42#include <linux/module.h>
  43#include <linux/init.h>
  44#include <linux/types.h>
  45#include <linux/kernel.h>
  46#include <linux/list.h>
  47#include <linux/spinlock.h>
  48#include <linux/rcupdate.h>
  49#include <linux/rculist.h>
  50#include <linux/net.h>
  51#include <linux/netdevice.h>
  52#include <linux/if_arp.h>
  53#include <linux/skbuff.h>
  54#include <linux/can.h>
  55#include <linux/can/core.h>
  56#include <linux/can/skb.h>
  57#include <linux/can/gw.h>
  58#include <net/rtnetlink.h>
  59#include <net/net_namespace.h>
  60#include <net/sock.h>
  61
  62#define CAN_GW_VERSION "20170425"
  63#define CAN_GW_NAME "can-gw"
  64
  65MODULE_DESCRIPTION("PF_CAN netlink gateway");
  66MODULE_LICENSE("Dual BSD/GPL");
  67MODULE_AUTHOR("Oliver Hartkopp <oliver.hartkopp@volkswagen.de>");
  68MODULE_ALIAS(CAN_GW_NAME);
  69
  70#define CGW_MIN_HOPS 1
  71#define CGW_MAX_HOPS 6
  72#define CGW_DEFAULT_HOPS 1
  73
  74static unsigned int max_hops __read_mostly = CGW_DEFAULT_HOPS;
  75module_param(max_hops, uint, S_IRUGO);
  76MODULE_PARM_DESC(max_hops,
  77                 "maximum " CAN_GW_NAME " routing hops for CAN frames "
  78                 "(valid values: " __stringify(CGW_MIN_HOPS) "-"
  79                 __stringify(CGW_MAX_HOPS) " hops, "
  80                 "default: " __stringify(CGW_DEFAULT_HOPS) ")");
  81
  82static struct notifier_block notifier;
  83static struct kmem_cache *cgw_cache __read_mostly;
  84
  85/* structure that contains the (on-the-fly) CAN frame modifications */
  86struct cf_mod {
  87        struct {
  88                struct can_frame and;
  89                struct can_frame or;
  90                struct can_frame xor;
  91                struct can_frame set;
  92        } modframe;
  93        struct {
  94                u8 and;
  95                u8 or;
  96                u8 xor;
  97                u8 set;
  98        } modtype;
  99        void (*modfunc[MAX_MODFUNCTIONS])(struct can_frame *cf,
 100                                          struct cf_mod *mod);
 101
 102        /* CAN frame checksum calculation after CAN frame modifications */
 103        struct {
 104                struct cgw_csum_xor xor;
 105                struct cgw_csum_crc8 crc8;
 106        } csum;
 107        struct {
 108                void (*xor)(struct can_frame *cf, struct cgw_csum_xor *xor);
 109                void (*crc8)(struct can_frame *cf, struct cgw_csum_crc8 *crc8);
 110        } csumfunc;
 111        u32 uid;
 112};
 113
 114
 115/*
 116 * So far we just support CAN -> CAN routing and frame modifications.
 117 *
 118 * The internal can_can_gw structure contains data and attributes for
 119 * a CAN -> CAN gateway job.
 120 */
 121struct can_can_gw {
 122        struct can_filter filter;
 123        int src_idx;
 124        int dst_idx;
 125};
 126
 127/* list entry for CAN gateways jobs */
 128struct cgw_job {
 129        struct hlist_node list;
 130        struct rcu_head rcu;
 131        u32 handled_frames;
 132        u32 dropped_frames;
 133        u32 deleted_frames;
 134        struct cf_mod mod;
 135        union {
 136                /* CAN frame data source */
 137                struct net_device *dev;
 138        } src;
 139        union {
 140                /* CAN frame data destination */
 141                struct net_device *dev;
 142        } dst;
 143        union {
 144                struct can_can_gw ccgw;
 145                /* tbc */
 146        };
 147        u8 gwtype;
 148        u8 limit_hops;
 149        u16 flags;
 150};
 151
 152/* modification functions that are invoked in the hot path in can_can_gw_rcv */
 153
 154#define MODFUNC(func, op) static void func(struct can_frame *cf, \
 155                                           struct cf_mod *mod) { op ; }
 156
 157MODFUNC(mod_and_id, cf->can_id &= mod->modframe.and.can_id)
 158MODFUNC(mod_and_dlc, cf->can_dlc &= mod->modframe.and.can_dlc)
 159MODFUNC(mod_and_data, *(u64 *)cf->data &= *(u64 *)mod->modframe.and.data)
 160MODFUNC(mod_or_id, cf->can_id |= mod->modframe.or.can_id)
 161MODFUNC(mod_or_dlc, cf->can_dlc |= mod->modframe.or.can_dlc)
 162MODFUNC(mod_or_data, *(u64 *)cf->data |= *(u64 *)mod->modframe.or.data)
 163MODFUNC(mod_xor_id, cf->can_id ^= mod->modframe.xor.can_id)
 164MODFUNC(mod_xor_dlc, cf->can_dlc ^= mod->modframe.xor.can_dlc)
 165MODFUNC(mod_xor_data, *(u64 *)cf->data ^= *(u64 *)mod->modframe.xor.data)
 166MODFUNC(mod_set_id, cf->can_id = mod->modframe.set.can_id)
 167MODFUNC(mod_set_dlc, cf->can_dlc = mod->modframe.set.can_dlc)
 168MODFUNC(mod_set_data, *(u64 *)cf->data = *(u64 *)mod->modframe.set.data)
 169
 170static inline void canframecpy(struct can_frame *dst, struct can_frame *src)
 171{
 172        /*
 173         * Copy the struct members separately to ensure that no uninitialized
 174         * data are copied in the 3 bytes hole of the struct. This is needed
 175         * to make easy compares of the data in the struct cf_mod.
 176         */
 177
 178        dst->can_id = src->can_id;
 179        dst->can_dlc = src->can_dlc;
 180        *(u64 *)dst->data = *(u64 *)src->data;
 181}
 182
 183static int cgw_chk_csum_parms(s8 fr, s8 to, s8 re)
 184{
 185        /*
 186         * absolute dlc values 0 .. 7 => 0 .. 7, e.g. data [0]
 187         * relative to received dlc -1 .. -8 :
 188         * e.g. for received dlc = 8
 189         * -1 => index = 7 (data[7])
 190         * -3 => index = 5 (data[5])
 191         * -8 => index = 0 (data[0])
 192         */
 193
 194        if (fr > -9 && fr < 8 &&
 195            to > -9 && to < 8 &&
 196            re > -9 && re < 8)
 197                return 0;
 198        else
 199                return -EINVAL;
 200}
 201
 202static inline int calc_idx(int idx, int rx_dlc)
 203{
 204        if (idx < 0)
 205                return rx_dlc + idx;
 206        else
 207                return idx;
 208}
 209
 210static void cgw_csum_xor_rel(struct can_frame *cf, struct cgw_csum_xor *xor)
 211{
 212        int from = calc_idx(xor->from_idx, cf->can_dlc);
 213        int to = calc_idx(xor->to_idx, cf->can_dlc);
 214        int res = calc_idx(xor->result_idx, cf->can_dlc);
 215        u8 val = xor->init_xor_val;
 216        int i;
 217
 218        if (from < 0 || to < 0 || res < 0)
 219                return;
 220
 221        if (from <= to) {
 222                for (i = from; i <= to; i++)
 223                        val ^= cf->data[i];
 224        } else {
 225                for (i = from; i >= to; i--)
 226                        val ^= cf->data[i];
 227        }
 228
 229        cf->data[res] = val;
 230}
 231
 232static void cgw_csum_xor_pos(struct can_frame *cf, struct cgw_csum_xor *xor)
 233{
 234        u8 val = xor->init_xor_val;
 235        int i;
 236
 237        for (i = xor->from_idx; i <= xor->to_idx; i++)
 238                val ^= cf->data[i];
 239
 240        cf->data[xor->result_idx] = val;
 241}
 242
 243static void cgw_csum_xor_neg(struct can_frame *cf, struct cgw_csum_xor *xor)
 244{
 245        u8 val = xor->init_xor_val;
 246        int i;
 247
 248        for (i = xor->from_idx; i >= xor->to_idx; i--)
 249                val ^= cf->data[i];
 250
 251        cf->data[xor->result_idx] = val;
 252}
 253
 254static void cgw_csum_crc8_rel(struct can_frame *cf, struct cgw_csum_crc8 *crc8)
 255{
 256        int from = calc_idx(crc8->from_idx, cf->can_dlc);
 257        int to = calc_idx(crc8->to_idx, cf->can_dlc);
 258        int res = calc_idx(crc8->result_idx, cf->can_dlc);
 259        u8 crc = crc8->init_crc_val;
 260        int i;
 261
 262        if (from < 0 || to < 0 || res < 0)
 263                return;
 264
 265        if (from <= to) {
 266                for (i = crc8->from_idx; i <= crc8->to_idx; i++)
 267                        crc = crc8->crctab[crc^cf->data[i]];
 268        } else {
 269                for (i = crc8->from_idx; i >= crc8->to_idx; i--)
 270                        crc = crc8->crctab[crc^cf->data[i]];
 271        }
 272
 273        switch (crc8->profile) {
 274
 275        case CGW_CRC8PRF_1U8:
 276                crc = crc8->crctab[crc^crc8->profile_data[0]];
 277                break;
 278
 279        case  CGW_CRC8PRF_16U8:
 280                crc = crc8->crctab[crc^crc8->profile_data[cf->data[1] & 0xF]];
 281                break;
 282
 283        case CGW_CRC8PRF_SFFID_XOR:
 284                crc = crc8->crctab[crc^(cf->can_id & 0xFF)^
 285                                   (cf->can_id >> 8 & 0xFF)];
 286                break;
 287
 288        }
 289
 290        cf->data[crc8->result_idx] = crc^crc8->final_xor_val;
 291}
 292
 293static void cgw_csum_crc8_pos(struct can_frame *cf, struct cgw_csum_crc8 *crc8)
 294{
 295        u8 crc = crc8->init_crc_val;
 296        int i;
 297
 298        for (i = crc8->from_idx; i <= crc8->to_idx; i++)
 299                crc = crc8->crctab[crc^cf->data[i]];
 300
 301        switch (crc8->profile) {
 302
 303        case CGW_CRC8PRF_1U8:
 304                crc = crc8->crctab[crc^crc8->profile_data[0]];
 305                break;
 306
 307        case  CGW_CRC8PRF_16U8:
 308                crc = crc8->crctab[crc^crc8->profile_data[cf->data[1] & 0xF]];
 309                break;
 310
 311        case CGW_CRC8PRF_SFFID_XOR:
 312                crc = crc8->crctab[crc^(cf->can_id & 0xFF)^
 313                                   (cf->can_id >> 8 & 0xFF)];
 314                break;
 315        }
 316
 317        cf->data[crc8->result_idx] = crc^crc8->final_xor_val;
 318}
 319
 320static void cgw_csum_crc8_neg(struct can_frame *cf, struct cgw_csum_crc8 *crc8)
 321{
 322        u8 crc = crc8->init_crc_val;
 323        int i;
 324
 325        for (i = crc8->from_idx; i >= crc8->to_idx; i--)
 326                crc = crc8->crctab[crc^cf->data[i]];
 327
 328        switch (crc8->profile) {
 329
 330        case CGW_CRC8PRF_1U8:
 331                crc = crc8->crctab[crc^crc8->profile_data[0]];
 332                break;
 333
 334        case  CGW_CRC8PRF_16U8:
 335                crc = crc8->crctab[crc^crc8->profile_data[cf->data[1] & 0xF]];
 336                break;
 337
 338        case CGW_CRC8PRF_SFFID_XOR:
 339                crc = crc8->crctab[crc^(cf->can_id & 0xFF)^
 340                                   (cf->can_id >> 8 & 0xFF)];
 341                break;
 342        }
 343
 344        cf->data[crc8->result_idx] = crc^crc8->final_xor_val;
 345}
 346
 347/* the receive & process & send function */
 348static void can_can_gw_rcv(struct sk_buff *skb, void *data)
 349{
 350        struct cgw_job *gwj = (struct cgw_job *)data;
 351        struct can_frame *cf;
 352        struct sk_buff *nskb;
 353        int modidx = 0;
 354
 355        /*
 356         * Do not handle CAN frames routed more than 'max_hops' times.
 357         * In general we should never catch this delimiter which is intended
 358         * to cover a misconfiguration protection (e.g. circular CAN routes).
 359         *
 360         * The Controller Area Network controllers only accept CAN frames with
 361         * correct CRCs - which are not visible in the controller registers.
 362         * According to skbuff.h documentation the csum_start element for IP
 363         * checksums is undefined/unused when ip_summed == CHECKSUM_UNNECESSARY.
 364         * Only CAN skbs can be processed here which already have this property.
 365         */
 366
 367#define cgw_hops(skb) ((skb)->csum_start)
 368
 369        BUG_ON(skb->ip_summed != CHECKSUM_UNNECESSARY);
 370
 371        if (cgw_hops(skb) >= max_hops) {
 372                /* indicate deleted frames due to misconfiguration */
 373                gwj->deleted_frames++;
 374                return;
 375        }
 376
 377        if (!(gwj->dst.dev->flags & IFF_UP)) {
 378                gwj->dropped_frames++;
 379                return;
 380        }
 381
 382        /* is sending the skb back to the incoming interface not allowed? */
 383        if (!(gwj->flags & CGW_FLAGS_CAN_IIF_TX_OK) &&
 384            can_skb_prv(skb)->ifindex == gwj->dst.dev->ifindex)
 385                return;
 386
 387        /*
 388         * clone the given skb, which has not been done in can_rcv()
 389         *
 390         * When there is at least one modification function activated,
 391         * we need to copy the skb as we want to modify skb->data.
 392         */
 393        if (gwj->mod.modfunc[0])
 394                nskb = skb_copy(skb, GFP_ATOMIC);
 395        else
 396                nskb = skb_clone(skb, GFP_ATOMIC);
 397
 398        if (!nskb) {
 399                gwj->dropped_frames++;
 400                return;
 401        }
 402
 403        /* put the incremented hop counter in the cloned skb */
 404        cgw_hops(nskb) = cgw_hops(skb) + 1;
 405
 406        /* first processing of this CAN frame -> adjust to private hop limit */
 407        if (gwj->limit_hops && cgw_hops(nskb) == 1)
 408                cgw_hops(nskb) = max_hops - gwj->limit_hops + 1;
 409
 410        nskb->dev = gwj->dst.dev;
 411
 412        /* pointer to modifiable CAN frame */
 413        cf = (struct can_frame *)nskb->data;
 414
 415        /* perform preprocessed modification functions if there are any */
 416        while (modidx < MAX_MODFUNCTIONS && gwj->mod.modfunc[modidx])
 417                (*gwj->mod.modfunc[modidx++])(cf, &gwj->mod);
 418
 419        /* check for checksum updates when the CAN frame has been modified */
 420        if (modidx) {
 421                if (gwj->mod.csumfunc.crc8)
 422                        (*gwj->mod.csumfunc.crc8)(cf, &gwj->mod.csum.crc8);
 423
 424                if (gwj->mod.csumfunc.xor)
 425                        (*gwj->mod.csumfunc.xor)(cf, &gwj->mod.csum.xor);
 426        }
 427
 428        /* clear the skb timestamp if not configured the other way */
 429        if (!(gwj->flags & CGW_FLAGS_CAN_SRC_TSTAMP))
 430                nskb->tstamp = 0;
 431
 432        /* send to netdevice */
 433        if (can_send(nskb, gwj->flags & CGW_FLAGS_CAN_ECHO))
 434                gwj->dropped_frames++;
 435        else
 436                gwj->handled_frames++;
 437}
 438
 439static inline int cgw_register_filter(struct net *net, struct cgw_job *gwj)
 440{
 441        return can_rx_register(net, gwj->src.dev, gwj->ccgw.filter.can_id,
 442                               gwj->ccgw.filter.can_mask, can_can_gw_rcv,
 443                               gwj, "gw", NULL);
 444}
 445
 446static inline void cgw_unregister_filter(struct net *net, struct cgw_job *gwj)
 447{
 448        can_rx_unregister(net, gwj->src.dev, gwj->ccgw.filter.can_id,
 449                          gwj->ccgw.filter.can_mask, can_can_gw_rcv, gwj);
 450}
 451
 452static int cgw_notifier(struct notifier_block *nb,
 453                        unsigned long msg, void *ptr)
 454{
 455        struct net_device *dev = netdev_notifier_info_to_dev(ptr);
 456        struct net *net = dev_net(dev);
 457
 458        if (dev->type != ARPHRD_CAN)
 459                return NOTIFY_DONE;
 460
 461        if (msg == NETDEV_UNREGISTER) {
 462
 463                struct cgw_job *gwj = NULL;
 464                struct hlist_node *nx;
 465
 466                ASSERT_RTNL();
 467
 468                hlist_for_each_entry_safe(gwj, nx, &net->can.cgw_list, list) {
 469
 470                        if (gwj->src.dev == dev || gwj->dst.dev == dev) {
 471                                hlist_del(&gwj->list);
 472                                cgw_unregister_filter(net, gwj);
 473                                kmem_cache_free(cgw_cache, gwj);
 474                        }
 475                }
 476        }
 477
 478        return NOTIFY_DONE;
 479}
 480
 481static int cgw_put_job(struct sk_buff *skb, struct cgw_job *gwj, int type,
 482                       u32 pid, u32 seq, int flags)
 483{
 484        struct cgw_frame_mod mb;
 485        struct rtcanmsg *rtcan;
 486        struct nlmsghdr *nlh;
 487
 488        nlh = nlmsg_put(skb, pid, seq, type, sizeof(*rtcan), flags);
 489        if (!nlh)
 490                return -EMSGSIZE;
 491
 492        rtcan = nlmsg_data(nlh);
 493        rtcan->can_family = AF_CAN;
 494        rtcan->gwtype = gwj->gwtype;
 495        rtcan->flags = gwj->flags;
 496
 497        /* add statistics if available */
 498
 499        if (gwj->handled_frames) {
 500                if (nla_put_u32(skb, CGW_HANDLED, gwj->handled_frames) < 0)
 501                        goto cancel;
 502        }
 503
 504        if (gwj->dropped_frames) {
 505                if (nla_put_u32(skb, CGW_DROPPED, gwj->dropped_frames) < 0)
 506                        goto cancel;
 507        }
 508
 509        if (gwj->deleted_frames) {
 510                if (nla_put_u32(skb, CGW_DELETED, gwj->deleted_frames) < 0)
 511                        goto cancel;
 512        }
 513
 514        /* check non default settings of attributes */
 515
 516        if (gwj->limit_hops) {
 517                if (nla_put_u8(skb, CGW_LIM_HOPS, gwj->limit_hops) < 0)
 518                        goto cancel;
 519        }
 520
 521        if (gwj->mod.modtype.and) {
 522                memcpy(&mb.cf, &gwj->mod.modframe.and, sizeof(mb.cf));
 523                mb.modtype = gwj->mod.modtype.and;
 524                if (nla_put(skb, CGW_MOD_AND, sizeof(mb), &mb) < 0)
 525                        goto cancel;
 526        }
 527
 528        if (gwj->mod.modtype.or) {
 529                memcpy(&mb.cf, &gwj->mod.modframe.or, sizeof(mb.cf));
 530                mb.modtype = gwj->mod.modtype.or;
 531                if (nla_put(skb, CGW_MOD_OR, sizeof(mb), &mb) < 0)
 532                        goto cancel;
 533        }
 534
 535        if (gwj->mod.modtype.xor) {
 536                memcpy(&mb.cf, &gwj->mod.modframe.xor, sizeof(mb.cf));
 537                mb.modtype = gwj->mod.modtype.xor;
 538                if (nla_put(skb, CGW_MOD_XOR, sizeof(mb), &mb) < 0)
 539                        goto cancel;
 540        }
 541
 542        if (gwj->mod.modtype.set) {
 543                memcpy(&mb.cf, &gwj->mod.modframe.set, sizeof(mb.cf));
 544                mb.modtype = gwj->mod.modtype.set;
 545                if (nla_put(skb, CGW_MOD_SET, sizeof(mb), &mb) < 0)
 546                        goto cancel;
 547        }
 548
 549        if (gwj->mod.uid) {
 550                if (nla_put_u32(skb, CGW_MOD_UID, gwj->mod.uid) < 0)
 551                        goto cancel;
 552        }
 553
 554        if (gwj->mod.csumfunc.crc8) {
 555                if (nla_put(skb, CGW_CS_CRC8, CGW_CS_CRC8_LEN,
 556                            &gwj->mod.csum.crc8) < 0)
 557                        goto cancel;
 558        }
 559
 560        if (gwj->mod.csumfunc.xor) {
 561                if (nla_put(skb, CGW_CS_XOR, CGW_CS_XOR_LEN,
 562                            &gwj->mod.csum.xor) < 0)
 563                        goto cancel;
 564        }
 565
 566        if (gwj->gwtype == CGW_TYPE_CAN_CAN) {
 567
 568                if (gwj->ccgw.filter.can_id || gwj->ccgw.filter.can_mask) {
 569                        if (nla_put(skb, CGW_FILTER, sizeof(struct can_filter),
 570                                    &gwj->ccgw.filter) < 0)
 571                                goto cancel;
 572                }
 573
 574                if (nla_put_u32(skb, CGW_SRC_IF, gwj->ccgw.src_idx) < 0)
 575                        goto cancel;
 576
 577                if (nla_put_u32(skb, CGW_DST_IF, gwj->ccgw.dst_idx) < 0)
 578                        goto cancel;
 579        }
 580
 581        nlmsg_end(skb, nlh);
 582        return 0;
 583
 584cancel:
 585        nlmsg_cancel(skb, nlh);
 586        return -EMSGSIZE;
 587}
 588
 589/* Dump information about all CAN gateway jobs, in response to RTM_GETROUTE */
 590static int cgw_dump_jobs(struct sk_buff *skb, struct netlink_callback *cb)
 591{
 592        struct net *net = sock_net(skb->sk);
 593        struct cgw_job *gwj = NULL;
 594        int idx = 0;
 595        int s_idx = cb->args[0];
 596
 597        rcu_read_lock();
 598        hlist_for_each_entry_rcu(gwj, &net->can.cgw_list, list) {
 599                if (idx < s_idx)
 600                        goto cont;
 601
 602                if (cgw_put_job(skb, gwj, RTM_NEWROUTE, NETLINK_CB(cb->skb).portid,
 603                    cb->nlh->nlmsg_seq, NLM_F_MULTI) < 0)
 604                        break;
 605cont:
 606                idx++;
 607        }
 608        rcu_read_unlock();
 609
 610        cb->args[0] = idx;
 611
 612        return skb->len;
 613}
 614
 615static const struct nla_policy cgw_policy[CGW_MAX+1] = {
 616        [CGW_MOD_AND]   = { .len = sizeof(struct cgw_frame_mod) },
 617        [CGW_MOD_OR]    = { .len = sizeof(struct cgw_frame_mod) },
 618        [CGW_MOD_XOR]   = { .len = sizeof(struct cgw_frame_mod) },
 619        [CGW_MOD_SET]   = { .len = sizeof(struct cgw_frame_mod) },
 620        [CGW_CS_XOR]    = { .len = sizeof(struct cgw_csum_xor) },
 621        [CGW_CS_CRC8]   = { .len = sizeof(struct cgw_csum_crc8) },
 622        [CGW_SRC_IF]    = { .type = NLA_U32 },
 623        [CGW_DST_IF]    = { .type = NLA_U32 },
 624        [CGW_FILTER]    = { .len = sizeof(struct can_filter) },
 625        [CGW_LIM_HOPS]  = { .type = NLA_U8 },
 626        [CGW_MOD_UID]   = { .type = NLA_U32 },
 627};
 628
 629/* check for common and gwtype specific attributes */
 630static int cgw_parse_attr(struct nlmsghdr *nlh, struct cf_mod *mod,
 631                          u8 gwtype, void *gwtypeattr, u8 *limhops)
 632{
 633        struct nlattr *tb[CGW_MAX+1];
 634        struct cgw_frame_mod mb;
 635        int modidx = 0;
 636        int err = 0;
 637
 638        /* initialize modification & checksum data space */
 639        memset(mod, 0, sizeof(*mod));
 640
 641        err = nlmsg_parse(nlh, sizeof(struct rtcanmsg), tb, CGW_MAX,
 642                          cgw_policy, NULL);
 643        if (err < 0)
 644                return err;
 645
 646        if (tb[CGW_LIM_HOPS]) {
 647                *limhops = nla_get_u8(tb[CGW_LIM_HOPS]);
 648
 649                if (*limhops < 1 || *limhops > max_hops)
 650                        return -EINVAL;
 651        }
 652
 653        /* check for AND/OR/XOR/SET modifications */
 654
 655        if (tb[CGW_MOD_AND]) {
 656                nla_memcpy(&mb, tb[CGW_MOD_AND], CGW_MODATTR_LEN);
 657
 658                canframecpy(&mod->modframe.and, &mb.cf);
 659                mod->modtype.and = mb.modtype;
 660
 661                if (mb.modtype & CGW_MOD_ID)
 662                        mod->modfunc[modidx++] = mod_and_id;
 663
 664                if (mb.modtype & CGW_MOD_DLC)
 665                        mod->modfunc[modidx++] = mod_and_dlc;
 666
 667                if (mb.modtype & CGW_MOD_DATA)
 668                        mod->modfunc[modidx++] = mod_and_data;
 669        }
 670
 671        if (tb[CGW_MOD_OR]) {
 672                nla_memcpy(&mb, tb[CGW_MOD_OR], CGW_MODATTR_LEN);
 673
 674                canframecpy(&mod->modframe.or, &mb.cf);
 675                mod->modtype.or = mb.modtype;
 676
 677                if (mb.modtype & CGW_MOD_ID)
 678                        mod->modfunc[modidx++] = mod_or_id;
 679
 680                if (mb.modtype & CGW_MOD_DLC)
 681                        mod->modfunc[modidx++] = mod_or_dlc;
 682
 683                if (mb.modtype & CGW_MOD_DATA)
 684                        mod->modfunc[modidx++] = mod_or_data;
 685        }
 686
 687        if (tb[CGW_MOD_XOR]) {
 688                nla_memcpy(&mb, tb[CGW_MOD_XOR], CGW_MODATTR_LEN);
 689
 690                canframecpy(&mod->modframe.xor, &mb.cf);
 691                mod->modtype.xor = mb.modtype;
 692
 693                if (mb.modtype & CGW_MOD_ID)
 694                        mod->modfunc[modidx++] = mod_xor_id;
 695
 696                if (mb.modtype & CGW_MOD_DLC)
 697                        mod->modfunc[modidx++] = mod_xor_dlc;
 698
 699                if (mb.modtype & CGW_MOD_DATA)
 700                        mod->modfunc[modidx++] = mod_xor_data;
 701        }
 702
 703        if (tb[CGW_MOD_SET]) {
 704                nla_memcpy(&mb, tb[CGW_MOD_SET], CGW_MODATTR_LEN);
 705
 706                canframecpy(&mod->modframe.set, &mb.cf);
 707                mod->modtype.set = mb.modtype;
 708
 709                if (mb.modtype & CGW_MOD_ID)
 710                        mod->modfunc[modidx++] = mod_set_id;
 711
 712                if (mb.modtype & CGW_MOD_DLC)
 713                        mod->modfunc[modidx++] = mod_set_dlc;
 714
 715                if (mb.modtype & CGW_MOD_DATA)
 716                        mod->modfunc[modidx++] = mod_set_data;
 717        }
 718
 719        /* check for checksum operations after CAN frame modifications */
 720        if (modidx) {
 721
 722                if (tb[CGW_CS_CRC8]) {
 723                        struct cgw_csum_crc8 *c = nla_data(tb[CGW_CS_CRC8]);
 724
 725                        err = cgw_chk_csum_parms(c->from_idx, c->to_idx,
 726                                                 c->result_idx);
 727                        if (err)
 728                                return err;
 729
 730                        nla_memcpy(&mod->csum.crc8, tb[CGW_CS_CRC8],
 731                                   CGW_CS_CRC8_LEN);
 732
 733                        /*
 734                         * select dedicated processing function to reduce
 735                         * runtime operations in receive hot path.
 736                         */
 737                        if (c->from_idx < 0 || c->to_idx < 0 ||
 738                            c->result_idx < 0)
 739                                mod->csumfunc.crc8 = cgw_csum_crc8_rel;
 740                        else if (c->from_idx <= c->to_idx)
 741                                mod->csumfunc.crc8 = cgw_csum_crc8_pos;
 742                        else
 743                                mod->csumfunc.crc8 = cgw_csum_crc8_neg;
 744                }
 745
 746                if (tb[CGW_CS_XOR]) {
 747                        struct cgw_csum_xor *c = nla_data(tb[CGW_CS_XOR]);
 748
 749                        err = cgw_chk_csum_parms(c->from_idx, c->to_idx,
 750                                                 c->result_idx);
 751                        if (err)
 752                                return err;
 753
 754                        nla_memcpy(&mod->csum.xor, tb[CGW_CS_XOR],
 755                                   CGW_CS_XOR_LEN);
 756
 757                        /*
 758                         * select dedicated processing function to reduce
 759                         * runtime operations in receive hot path.
 760                         */
 761                        if (c->from_idx < 0 || c->to_idx < 0 ||
 762                            c->result_idx < 0)
 763                                mod->csumfunc.xor = cgw_csum_xor_rel;
 764                        else if (c->from_idx <= c->to_idx)
 765                                mod->csumfunc.xor = cgw_csum_xor_pos;
 766                        else
 767                                mod->csumfunc.xor = cgw_csum_xor_neg;
 768                }
 769
 770                if (tb[CGW_MOD_UID]) {
 771                        nla_memcpy(&mod->uid, tb[CGW_MOD_UID], sizeof(u32));
 772                }
 773        }
 774
 775        if (gwtype == CGW_TYPE_CAN_CAN) {
 776
 777                /* check CGW_TYPE_CAN_CAN specific attributes */
 778
 779                struct can_can_gw *ccgw = (struct can_can_gw *)gwtypeattr;
 780                memset(ccgw, 0, sizeof(*ccgw));
 781
 782                /* check for can_filter in attributes */
 783                if (tb[CGW_FILTER])
 784                        nla_memcpy(&ccgw->filter, tb[CGW_FILTER],
 785                                   sizeof(struct can_filter));
 786
 787                err = -ENODEV;
 788
 789                /* specifying two interfaces is mandatory */
 790                if (!tb[CGW_SRC_IF] || !tb[CGW_DST_IF])
 791                        return err;
 792
 793                ccgw->src_idx = nla_get_u32(tb[CGW_SRC_IF]);
 794                ccgw->dst_idx = nla_get_u32(tb[CGW_DST_IF]);
 795
 796                /* both indices set to 0 for flushing all routing entries */
 797                if (!ccgw->src_idx && !ccgw->dst_idx)
 798                        return 0;
 799
 800                /* only one index set to 0 is an error */
 801                if (!ccgw->src_idx || !ccgw->dst_idx)
 802                        return err;
 803        }
 804
 805        /* add the checks for other gwtypes here */
 806
 807        return 0;
 808}
 809
 810static int cgw_create_job(struct sk_buff *skb,  struct nlmsghdr *nlh,
 811                          struct netlink_ext_ack *extack)
 812{
 813        struct net *net = sock_net(skb->sk);
 814        struct rtcanmsg *r;
 815        struct cgw_job *gwj;
 816        struct cf_mod mod;
 817        struct can_can_gw ccgw;
 818        u8 limhops = 0;
 819        int err = 0;
 820
 821        if (!netlink_capable(skb, CAP_NET_ADMIN))
 822                return -EPERM;
 823
 824        if (nlmsg_len(nlh) < sizeof(*r))
 825                return -EINVAL;
 826
 827        r = nlmsg_data(nlh);
 828        if (r->can_family != AF_CAN)
 829                return -EPFNOSUPPORT;
 830
 831        /* so far we only support CAN -> CAN routings */
 832        if (r->gwtype != CGW_TYPE_CAN_CAN)
 833                return -EINVAL;
 834
 835        err = cgw_parse_attr(nlh, &mod, CGW_TYPE_CAN_CAN, &ccgw, &limhops);
 836        if (err < 0)
 837                return err;
 838
 839        if (mod.uid) {
 840
 841                ASSERT_RTNL();
 842
 843                /* check for updating an existing job with identical uid */
 844                hlist_for_each_entry(gwj, &net->can.cgw_list, list) {
 845
 846                        if (gwj->mod.uid != mod.uid)
 847                                continue;
 848
 849                        /* interfaces & filters must be identical */
 850                        if (memcmp(&gwj->ccgw, &ccgw, sizeof(ccgw)))
 851                                return -EINVAL;
 852
 853                        /* update modifications with disabled softirq & quit */
 854                        local_bh_disable();
 855                        memcpy(&gwj->mod, &mod, sizeof(mod));
 856                        local_bh_enable();
 857                        return 0;
 858                }
 859        }
 860
 861        /* ifindex == 0 is not allowed for job creation */
 862        if (!ccgw.src_idx || !ccgw.dst_idx)
 863                return -ENODEV;
 864
 865        gwj = kmem_cache_alloc(cgw_cache, GFP_KERNEL);
 866        if (!gwj)
 867                return -ENOMEM;
 868
 869        gwj->handled_frames = 0;
 870        gwj->dropped_frames = 0;
 871        gwj->deleted_frames = 0;
 872        gwj->flags = r->flags;
 873        gwj->gwtype = r->gwtype;
 874        gwj->limit_hops = limhops;
 875
 876        /* insert already parsed information */
 877        memcpy(&gwj->mod, &mod, sizeof(mod));
 878        memcpy(&gwj->ccgw, &ccgw, sizeof(ccgw));
 879
 880        err = -ENODEV;
 881
 882        gwj->src.dev = __dev_get_by_index(net, gwj->ccgw.src_idx);
 883
 884        if (!gwj->src.dev)
 885                goto out;
 886
 887        if (gwj->src.dev->type != ARPHRD_CAN)
 888                goto out;
 889
 890        gwj->dst.dev = __dev_get_by_index(net, gwj->ccgw.dst_idx);
 891
 892        if (!gwj->dst.dev)
 893                goto out;
 894
 895        if (gwj->dst.dev->type != ARPHRD_CAN)
 896                goto out;
 897
 898        ASSERT_RTNL();
 899
 900        err = cgw_register_filter(net, gwj);
 901        if (!err)
 902                hlist_add_head_rcu(&gwj->list, &net->can.cgw_list);
 903out:
 904        if (err)
 905                kmem_cache_free(cgw_cache, gwj);
 906
 907        return err;
 908}
 909
 910static void cgw_remove_all_jobs(struct net *net)
 911{
 912        struct cgw_job *gwj = NULL;
 913        struct hlist_node *nx;
 914
 915        ASSERT_RTNL();
 916
 917        hlist_for_each_entry_safe(gwj, nx, &net->can.cgw_list, list) {
 918                hlist_del(&gwj->list);
 919                cgw_unregister_filter(net, gwj);
 920                kmem_cache_free(cgw_cache, gwj);
 921        }
 922}
 923
 924static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh,
 925                          struct netlink_ext_ack *extack)
 926{
 927        struct net *net = sock_net(skb->sk);
 928        struct cgw_job *gwj = NULL;
 929        struct hlist_node *nx;
 930        struct rtcanmsg *r;
 931        struct cf_mod mod;
 932        struct can_can_gw ccgw;
 933        u8 limhops = 0;
 934        int err = 0;
 935
 936        if (!netlink_capable(skb, CAP_NET_ADMIN))
 937                return -EPERM;
 938
 939        if (nlmsg_len(nlh) < sizeof(*r))
 940                return -EINVAL;
 941
 942        r = nlmsg_data(nlh);
 943        if (r->can_family != AF_CAN)
 944                return -EPFNOSUPPORT;
 945
 946        /* so far we only support CAN -> CAN routings */
 947        if (r->gwtype != CGW_TYPE_CAN_CAN)
 948                return -EINVAL;
 949
 950        err = cgw_parse_attr(nlh, &mod, CGW_TYPE_CAN_CAN, &ccgw, &limhops);
 951        if (err < 0)
 952                return err;
 953
 954        /* two interface indices both set to 0 => remove all entries */
 955        if (!ccgw.src_idx && !ccgw.dst_idx) {
 956                cgw_remove_all_jobs(net);
 957                return 0;
 958        }
 959
 960        err = -EINVAL;
 961
 962        ASSERT_RTNL();
 963
 964        /* remove only the first matching entry */
 965        hlist_for_each_entry_safe(gwj, nx, &net->can.cgw_list, list) {
 966
 967                if (gwj->flags != r->flags)
 968                        continue;
 969
 970                if (gwj->limit_hops != limhops)
 971                        continue;
 972
 973                /* we have a match when uid is enabled and identical */
 974                if (gwj->mod.uid || mod.uid) {
 975                        if (gwj->mod.uid != mod.uid)
 976                                continue;
 977                } else {
 978                        /* no uid => check for identical modifications */
 979                        if (memcmp(&gwj->mod, &mod, sizeof(mod)))
 980                                continue;
 981                }
 982
 983                /* if (r->gwtype == CGW_TYPE_CAN_CAN) - is made sure here */
 984                if (memcmp(&gwj->ccgw, &ccgw, sizeof(ccgw)))
 985                        continue;
 986
 987                hlist_del(&gwj->list);
 988                cgw_unregister_filter(net, gwj);
 989                kmem_cache_free(cgw_cache, gwj);
 990                err = 0;
 991                break;
 992        }
 993
 994        return err;
 995}
 996
 997static int __net_init cangw_pernet_init(struct net *net)
 998{
 999        INIT_HLIST_HEAD(&net->can.cgw_list);
1000        return 0;
1001}
1002
1003static void __net_exit cangw_pernet_exit(struct net *net)
1004{
1005        rtnl_lock();
1006        cgw_remove_all_jobs(net);
1007        rtnl_unlock();
1008}
1009
1010static struct pernet_operations cangw_pernet_ops = {
1011        .init = cangw_pernet_init,
1012        .exit = cangw_pernet_exit,
1013};
1014
1015static __init int cgw_module_init(void)
1016{
1017        /* sanitize given module parameter */
1018        max_hops = clamp_t(unsigned int, max_hops, CGW_MIN_HOPS, CGW_MAX_HOPS);
1019
1020        pr_info("can: netlink gateway (rev " CAN_GW_VERSION ") max_hops=%d\n",
1021                max_hops);
1022
1023        register_pernet_subsys(&cangw_pernet_ops);
1024        cgw_cache = kmem_cache_create("can_gw", sizeof(struct cgw_job),
1025                                      0, 0, NULL);
1026
1027        if (!cgw_cache)
1028                return -ENOMEM;
1029
1030        /* set notifier */
1031        notifier.notifier_call = cgw_notifier;
1032        register_netdevice_notifier(&notifier);
1033
1034        if (__rtnl_register(PF_CAN, RTM_GETROUTE, NULL, cgw_dump_jobs, 0)) {
1035                unregister_netdevice_notifier(&notifier);
1036                kmem_cache_destroy(cgw_cache);
1037                return -ENOBUFS;
1038        }
1039
1040        /* Only the first call to __rtnl_register can fail */
1041        __rtnl_register(PF_CAN, RTM_NEWROUTE, cgw_create_job, NULL, 0);
1042        __rtnl_register(PF_CAN, RTM_DELROUTE, cgw_remove_job, NULL, 0);
1043
1044        return 0;
1045}
1046
1047static __exit void cgw_module_exit(void)
1048{
1049        rtnl_unregister_all(PF_CAN);
1050
1051        unregister_netdevice_notifier(&notifier);
1052
1053        unregister_pernet_subsys(&cangw_pernet_ops);
1054        rcu_barrier(); /* Wait for completion of call_rcu()'s */
1055
1056        kmem_cache_destroy(cgw_cache);
1057}
1058
1059module_init(cgw_module_init);
1060module_exit(cgw_module_exit);
1061