| 1 | // SPDX-License-Identifier: GPL-2.0-only |
| 2 | /* |
| 3 | * Copyright (C) 2007-2012 Siemens AG |
| 4 | * |
| 5 | * Written by: |
| 6 | * Pavel Smolenskiy <pavel.smolenskiy@gmail.com> |
| 7 | * Maxim Gorbachyov <maxim.gorbachev@siemens.com> |
| 8 | * Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> |
| 9 | * Alexander Smirnov <alex.bluesman.smirnov@gmail.com> |
| 10 | */ |
| 11 | |
| 12 | #include <linux/kernel.h> |
| 13 | #include <linux/module.h> |
| 14 | #include <linux/netdevice.h> |
| 15 | #include <linux/crc-ccitt.h> |
| 16 | #include <asm/unaligned.h> |
| 17 | |
| 18 | #include <net/mac802154.h> |
| 19 | #include <net/ieee802154_netdev.h> |
| 20 | #include <net/nl802154.h> |
| 21 | |
| 22 | #include "ieee802154_i.h" |
| 23 | |
| 24 | static int ieee802154_deliver_skb(struct sk_buff *skb) |
| 25 | { |
| 26 | skb->ip_summed = CHECKSUM_UNNECESSARY; |
| 27 | skb->protocol = htons(ETH_P_IEEE802154); |
| 28 | |
| 29 | return netif_receive_skb(skb); |
| 30 | } |
| 31 | |
| 32 | void mac802154_rx_beacon_worker(struct work_struct *work) |
| 33 | { |
| 34 | struct ieee802154_local *local = |
| 35 | container_of(work, struct ieee802154_local, rx_beacon_work); |
| 36 | struct cfg802154_mac_pkt *mac_pkt; |
| 37 | |
| 38 | mac_pkt = list_first_entry_or_null(&local->rx_beacon_list, |
| 39 | struct cfg802154_mac_pkt, node); |
| 40 | if (!mac_pkt) |
| 41 | return; |
| 42 | |
| 43 | mac802154_process_beacon(local, mac_pkt->skb, mac_pkt->page, mac_pkt->channel); |
| 44 | |
| 45 | list_del(&mac_pkt->node); |
| 46 | kfree_skb(mac_pkt->skb); |
| 47 | kfree(mac_pkt); |
| 48 | } |
| 49 | |
| 50 | static bool mac802154_should_answer_beacon_req(struct ieee802154_local *local) |
| 51 | { |
| 52 | struct cfg802154_beacon_request *beacon_req; |
| 53 | unsigned int interval; |
| 54 | |
| 55 | rcu_read_lock(); |
| 56 | beacon_req = rcu_dereference(local->beacon_req); |
| 57 | if (!beacon_req) { |
| 58 | rcu_read_unlock(); |
| 59 | return false; |
| 60 | } |
| 61 | |
| 62 | interval = beacon_req->interval; |
| 63 | rcu_read_unlock(); |
| 64 | |
| 65 | if (!mac802154_is_beaconing(local)) |
| 66 | return false; |
| 67 | |
| 68 | return interval == IEEE802154_ACTIVE_SCAN_DURATION; |
| 69 | } |
| 70 | |
| 71 | void mac802154_rx_mac_cmd_worker(struct work_struct *work) |
| 72 | { |
| 73 | struct ieee802154_local *local = |
| 74 | container_of(work, struct ieee802154_local, rx_mac_cmd_work); |
| 75 | struct cfg802154_mac_pkt *mac_pkt; |
| 76 | u8 mac_cmd; |
| 77 | int rc; |
| 78 | |
| 79 | mac_pkt = list_first_entry_or_null(&local->rx_mac_cmd_list, |
| 80 | struct cfg802154_mac_pkt, node); |
| 81 | if (!mac_pkt) |
| 82 | return; |
| 83 | |
| 84 | rc = ieee802154_get_mac_cmd(mac_pkt->skb, &mac_cmd); |
| 85 | if (rc) |
| 86 | goto out; |
| 87 | |
| 88 | switch (mac_cmd) { |
| 89 | case IEEE802154_CMD_BEACON_REQ: |
| 90 | dev_dbg(&mac_pkt->sdata->dev->dev, "processing BEACON REQ\n"); |
| 91 | if (!mac802154_should_answer_beacon_req(local)) |
| 92 | break; |
| 93 | |
| 94 | queue_delayed_work(local->mac_wq, &local->beacon_work, 0); |
| 95 | break; |
| 96 | |
| 97 | case IEEE802154_CMD_ASSOCIATION_RESP: |
| 98 | dev_dbg(&mac_pkt->sdata->dev->dev, "processing ASSOC RESP\n"); |
| 99 | if (!mac802154_is_associating(local)) |
| 100 | break; |
| 101 | |
| 102 | mac802154_process_association_resp(mac_pkt->sdata, mac_pkt->skb); |
| 103 | break; |
| 104 | |
| 105 | case IEEE802154_CMD_ASSOCIATION_REQ: |
| 106 | dev_dbg(&mac_pkt->sdata->dev->dev, "processing ASSOC REQ\n"); |
| 107 | if (mac_pkt->sdata->wpan_dev.iftype != NL802154_IFTYPE_COORD) |
| 108 | break; |
| 109 | |
| 110 | mac802154_process_association_req(mac_pkt->sdata, mac_pkt->skb); |
| 111 | break; |
| 112 | |
| 113 | case IEEE802154_CMD_DISASSOCIATION_NOTIFY: |
| 114 | dev_dbg(&mac_pkt->sdata->dev->dev, "processing DISASSOC NOTIF\n"); |
| 115 | if (mac_pkt->sdata->wpan_dev.iftype != NL802154_IFTYPE_COORD) |
| 116 | break; |
| 117 | |
| 118 | mac802154_process_disassociation_notif(mac_pkt->sdata, mac_pkt->skb); |
| 119 | break; |
| 120 | |
| 121 | default: |
| 122 | break; |
| 123 | } |
| 124 | |
| 125 | out: |
| 126 | list_del(&mac_pkt->node); |
| 127 | kfree_skb(mac_pkt->skb); |
| 128 | kfree(mac_pkt); |
| 129 | } |
| 130 | |
| 131 | static int |
| 132 | ieee802154_subif_frame(struct ieee802154_sub_if_data *sdata, |
| 133 | struct sk_buff *skb, const struct ieee802154_hdr *hdr) |
| 134 | { |
| 135 | struct wpan_phy *wpan_phy = sdata->local->hw.phy; |
| 136 | struct wpan_dev *wpan_dev = &sdata->wpan_dev; |
| 137 | struct cfg802154_mac_pkt *mac_pkt; |
| 138 | __le16 span, sshort; |
| 139 | int rc; |
| 140 | |
| 141 | pr_debug("getting packet via slave interface %s\n", sdata->dev->name); |
| 142 | |
| 143 | span = wpan_dev->pan_id; |
| 144 | sshort = wpan_dev->short_addr; |
| 145 | |
| 146 | /* Level 3 filtering: Only beacons are accepted during scans */ |
| 147 | if (sdata->required_filtering == IEEE802154_FILTERING_3_SCAN && |
| 148 | sdata->required_filtering > wpan_phy->filtering) { |
| 149 | if (mac_cb(skb)->type != IEEE802154_FC_TYPE_BEACON) { |
| 150 | dev_dbg(&sdata->dev->dev, |
| 151 | "drop non-beacon frame (0x%x) during scan\n", |
| 152 | mac_cb(skb)->type); |
| 153 | goto fail; |
| 154 | } |
| 155 | } |
| 156 | |
| 157 | switch (mac_cb(skb)->dest.mode) { |
| 158 | case IEEE802154_ADDR_NONE: |
| 159 | if (hdr->source.mode == IEEE802154_ADDR_NONE) |
| 160 | /* ACK comes with both addresses empty */ |
| 161 | skb->pkt_type = PACKET_HOST; |
| 162 | else if (!wpan_dev->parent) |
| 163 | /* No dest means PAN coordinator is the recipient */ |
| 164 | skb->pkt_type = PACKET_HOST; |
| 165 | else |
| 166 | /* We are not the PAN coordinator, just relaying */ |
| 167 | skb->pkt_type = PACKET_OTHERHOST; |
| 168 | break; |
| 169 | case IEEE802154_ADDR_LONG: |
| 170 | if (mac_cb(skb)->dest.pan_id != span && |
| 171 | mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST)) |
| 172 | skb->pkt_type = PACKET_OTHERHOST; |
| 173 | else if (mac_cb(skb)->dest.extended_addr == wpan_dev->extended_addr) |
| 174 | skb->pkt_type = PACKET_HOST; |
| 175 | else |
| 176 | skb->pkt_type = PACKET_OTHERHOST; |
| 177 | break; |
| 178 | case IEEE802154_ADDR_SHORT: |
| 179 | if (mac_cb(skb)->dest.pan_id != span && |
| 180 | mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST)) |
| 181 | skb->pkt_type = PACKET_OTHERHOST; |
| 182 | else if (mac_cb(skb)->dest.short_addr == sshort) |
| 183 | skb->pkt_type = PACKET_HOST; |
| 184 | else if (mac_cb(skb)->dest.short_addr == |
| 185 | cpu_to_le16(IEEE802154_ADDR_BROADCAST)) |
| 186 | skb->pkt_type = PACKET_BROADCAST; |
| 187 | else |
| 188 | skb->pkt_type = PACKET_OTHERHOST; |
| 189 | break; |
| 190 | default: |
| 191 | pr_debug("invalid dest mode\n"); |
| 192 | goto fail; |
| 193 | } |
| 194 | |
| 195 | skb->dev = sdata->dev; |
| 196 | |
| 197 | /* TODO this should be moved after netif_receive_skb call, otherwise |
| 198 | * wireshark will show a mac header with security fields and the |
| 199 | * payload is already decrypted. |
| 200 | */ |
| 201 | rc = mac802154_llsec_decrypt(&sdata->sec, skb); |
| 202 | if (rc) { |
| 203 | pr_debug("decryption failed: %i\n", rc); |
| 204 | goto fail; |
| 205 | } |
| 206 | |
| 207 | sdata->dev->stats.rx_packets++; |
| 208 | sdata->dev->stats.rx_bytes += skb->len; |
| 209 | |
| 210 | switch (mac_cb(skb)->type) { |
| 211 | case IEEE802154_FC_TYPE_BEACON: |
| 212 | dev_dbg(&sdata->dev->dev, "BEACON received\n"); |
| 213 | if (!mac802154_is_scanning(sdata->local)) |
| 214 | goto fail; |
| 215 | |
| 216 | mac_pkt = kzalloc(sizeof(*mac_pkt), GFP_ATOMIC); |
| 217 | if (!mac_pkt) |
| 218 | goto fail; |
| 219 | |
| 220 | mac_pkt->skb = skb_get(skb); |
| 221 | mac_pkt->sdata = sdata; |
| 222 | mac_pkt->page = sdata->local->scan_page; |
| 223 | mac_pkt->channel = sdata->local->scan_channel; |
| 224 | list_add_tail(&mac_pkt->node, &sdata->local->rx_beacon_list); |
| 225 | queue_work(sdata->local->mac_wq, &sdata->local->rx_beacon_work); |
| 226 | return NET_RX_SUCCESS; |
| 227 | |
| 228 | case IEEE802154_FC_TYPE_MAC_CMD: |
| 229 | dev_dbg(&sdata->dev->dev, "MAC COMMAND received\n"); |
| 230 | mac_pkt = kzalloc(sizeof(*mac_pkt), GFP_ATOMIC); |
| 231 | if (!mac_pkt) |
| 232 | goto fail; |
| 233 | |
| 234 | mac_pkt->skb = skb_get(skb); |
| 235 | mac_pkt->sdata = sdata; |
| 236 | list_add_tail(&mac_pkt->node, &sdata->local->rx_mac_cmd_list); |
| 237 | queue_work(sdata->local->mac_wq, &sdata->local->rx_mac_cmd_work); |
| 238 | return NET_RX_SUCCESS; |
| 239 | |
| 240 | case IEEE802154_FC_TYPE_ACK: |
| 241 | goto fail; |
| 242 | |
| 243 | case IEEE802154_FC_TYPE_DATA: |
| 244 | return ieee802154_deliver_skb(skb); |
| 245 | default: |
| 246 | pr_warn_ratelimited("ieee802154: bad frame received " |
| 247 | "(type = %d)\n", mac_cb(skb)->type); |
| 248 | goto fail; |
| 249 | } |
| 250 | |
| 251 | fail: |
| 252 | kfree_skb(skb); |
| 253 | return NET_RX_DROP; |
| 254 | } |
| 255 | |
| 256 | static void |
| 257 | ieee802154_print_addr(const char *name, const struct ieee802154_addr *addr) |
| 258 | { |
| 259 | if (addr->mode == IEEE802154_ADDR_NONE) { |
| 260 | pr_debug("%s not present\n", name); |
| 261 | return; |
| 262 | } |
| 263 | |
| 264 | pr_debug("%s PAN ID: %04x\n", name, le16_to_cpu(addr->pan_id)); |
| 265 | if (addr->mode == IEEE802154_ADDR_SHORT) { |
| 266 | pr_debug("%s is short: %04x\n", name, |
| 267 | le16_to_cpu(addr->short_addr)); |
| 268 | } else { |
| 269 | u64 hw = swab64((__force u64)addr->extended_addr); |
| 270 | |
| 271 | pr_debug("%s is hardware: %8phC\n", name, &hw); |
| 272 | } |
| 273 | } |
| 274 | |
| 275 | static int |
| 276 | ieee802154_parse_frame_start(struct sk_buff *skb, struct ieee802154_hdr *hdr) |
| 277 | { |
| 278 | int hlen; |
| 279 | struct ieee802154_mac_cb *cb = mac_cb(skb); |
| 280 | |
| 281 | skb_reset_mac_header(skb); |
| 282 | |
| 283 | hlen = ieee802154_hdr_pull(skb, hdr); |
| 284 | if (hlen < 0) |
| 285 | return -EINVAL; |
| 286 | |
| 287 | skb->mac_len = hlen; |
| 288 | |
| 289 | pr_debug("fc: %04x dsn: %02x\n", le16_to_cpup((__le16 *)&hdr->fc), |
| 290 | hdr->seq); |
| 291 | |
| 292 | cb->type = hdr->fc.type; |
| 293 | cb->ackreq = hdr->fc.ack_request; |
| 294 | cb->secen = hdr->fc.security_enabled; |
| 295 | |
| 296 | ieee802154_print_addr("destination", &hdr->dest); |
| 297 | ieee802154_print_addr("source", &hdr->source); |
| 298 | |
| 299 | cb->source = hdr->source; |
| 300 | cb->dest = hdr->dest; |
| 301 | |
| 302 | if (hdr->fc.security_enabled) { |
| 303 | u64 key; |
| 304 | |
| 305 | pr_debug("seclevel %i\n", hdr->sec.level); |
| 306 | |
| 307 | switch (hdr->sec.key_id_mode) { |
| 308 | case IEEE802154_SCF_KEY_IMPLICIT: |
| 309 | pr_debug("implicit key\n"); |
| 310 | break; |
| 311 | |
| 312 | case IEEE802154_SCF_KEY_INDEX: |
| 313 | pr_debug("key %02x\n", hdr->sec.key_id); |
| 314 | break; |
| 315 | |
| 316 | case IEEE802154_SCF_KEY_SHORT_INDEX: |
| 317 | pr_debug("key %04x:%04x %02x\n", |
| 318 | le32_to_cpu(hdr->sec.short_src) >> 16, |
| 319 | le32_to_cpu(hdr->sec.short_src) & 0xffff, |
| 320 | hdr->sec.key_id); |
| 321 | break; |
| 322 | |
| 323 | case IEEE802154_SCF_KEY_HW_INDEX: |
| 324 | key = swab64((__force u64)hdr->sec.extended_src); |
| 325 | pr_debug("key source %8phC %02x\n", &key, |
| 326 | hdr->sec.key_id); |
| 327 | break; |
| 328 | } |
| 329 | } |
| 330 | |
| 331 | return 0; |
| 332 | } |
| 333 | |
| 334 | static void |
| 335 | __ieee802154_rx_handle_packet(struct ieee802154_local *local, |
| 336 | struct sk_buff *skb) |
| 337 | { |
| 338 | int ret; |
| 339 | struct ieee802154_sub_if_data *sdata; |
| 340 | struct ieee802154_hdr hdr; |
| 341 | struct sk_buff *skb2; |
| 342 | |
| 343 | ret = ieee802154_parse_frame_start(skb, &hdr); |
| 344 | if (ret) { |
| 345 | pr_debug("got invalid frame\n"); |
| 346 | return; |
| 347 | } |
| 348 | |
| 349 | list_for_each_entry_rcu(sdata, &local->interfaces, list) { |
| 350 | if (sdata->wpan_dev.iftype == NL802154_IFTYPE_MONITOR) |
| 351 | continue; |
| 352 | |
| 353 | if (!ieee802154_sdata_running(sdata)) |
| 354 | continue; |
| 355 | |
| 356 | /* Do not deliver packets received on interfaces expecting |
| 357 | * AACK=1 if the address filters where disabled. |
| 358 | */ |
| 359 | if (local->hw.phy->filtering < IEEE802154_FILTERING_4_FRAME_FIELDS && |
| 360 | sdata->required_filtering == IEEE802154_FILTERING_4_FRAME_FIELDS) |
| 361 | continue; |
| 362 | |
| 363 | skb2 = skb_clone(skb, GFP_ATOMIC); |
| 364 | if (skb2) { |
| 365 | skb2->dev = sdata->dev; |
| 366 | ieee802154_subif_frame(sdata, skb2, &hdr); |
| 367 | } |
| 368 | } |
| 369 | } |
| 370 | |
| 371 | static void |
| 372 | ieee802154_monitors_rx(struct ieee802154_local *local, struct sk_buff *skb) |
| 373 | { |
| 374 | struct sk_buff *skb2; |
| 375 | struct ieee802154_sub_if_data *sdata; |
| 376 | |
| 377 | skb_reset_mac_header(skb); |
| 378 | skb->ip_summed = CHECKSUM_UNNECESSARY; |
| 379 | skb->pkt_type = PACKET_OTHERHOST; |
| 380 | skb->protocol = htons(ETH_P_IEEE802154); |
| 381 | |
| 382 | list_for_each_entry_rcu(sdata, &local->interfaces, list) { |
| 383 | if (sdata->wpan_dev.iftype != NL802154_IFTYPE_MONITOR) |
| 384 | continue; |
| 385 | |
| 386 | if (!ieee802154_sdata_running(sdata)) |
| 387 | continue; |
| 388 | |
| 389 | skb2 = skb_clone(skb, GFP_ATOMIC); |
| 390 | if (skb2) { |
| 391 | skb2->dev = sdata->dev; |
| 392 | ieee802154_deliver_skb(skb2); |
| 393 | |
| 394 | sdata->dev->stats.rx_packets++; |
| 395 | sdata->dev->stats.rx_bytes += skb->len; |
| 396 | } |
| 397 | } |
| 398 | } |
| 399 | |
| 400 | void ieee802154_rx(struct ieee802154_local *local, struct sk_buff *skb) |
| 401 | { |
| 402 | u16 crc; |
| 403 | |
| 404 | WARN_ON_ONCE(softirq_count() == 0); |
| 405 | |
| 406 | if (local->suspended) |
| 407 | goto free_skb; |
| 408 | |
| 409 | /* TODO: When a transceiver omits the checksum here, we |
| 410 | * add an own calculated one. This is currently an ugly |
| 411 | * solution because the monitor needs a crc here. |
| 412 | */ |
| 413 | if (local->hw.flags & IEEE802154_HW_RX_OMIT_CKSUM) { |
| 414 | crc = crc_ccitt(0, skb->data, skb->len); |
| 415 | put_unaligned_le16(crc, skb_put(skb, 2)); |
| 416 | } |
| 417 | |
| 418 | rcu_read_lock(); |
| 419 | |
| 420 | ieee802154_monitors_rx(local, skb); |
| 421 | |
| 422 | /* Level 1 filtering: Check the FCS by software when relevant */ |
| 423 | if (local->hw.phy->filtering == IEEE802154_FILTERING_NONE) { |
| 424 | crc = crc_ccitt(0, skb->data, skb->len); |
| 425 | if (crc) |
| 426 | goto drop; |
| 427 | } |
| 428 | /* remove crc */ |
| 429 | skb_trim(skb, skb->len - 2); |
| 430 | |
| 431 | __ieee802154_rx_handle_packet(local, skb); |
| 432 | |
| 433 | drop: |
| 434 | rcu_read_unlock(); |
| 435 | free_skb: |
| 436 | kfree_skb(skb); |
| 437 | } |
| 438 | |
| 439 | void |
| 440 | ieee802154_rx_irqsafe(struct ieee802154_hw *hw, struct sk_buff *skb, u8 lqi) |
| 441 | { |
| 442 | struct ieee802154_local *local = hw_to_local(hw); |
| 443 | struct ieee802154_mac_cb *cb = mac_cb_init(skb); |
| 444 | |
| 445 | cb->lqi = lqi; |
| 446 | skb->pkt_type = IEEE802154_RX_MSG; |
| 447 | skb_queue_tail(&local->skb_queue, skb); |
| 448 | tasklet_schedule(&local->tasklet); |
| 449 | } |
| 450 | EXPORT_SYMBOL(ieee802154_rx_irqsafe); |