File: /usr/src/linux/net/decnet/dn_nsp_in.c
1 /*
2 * DECnet An implementation of the DECnet protocol suite for the LINUX
3 * operating system. DECnet is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * DECnet Network Services Protocol (Input)
7 *
8 * Author: Eduardo Marcelo Serrat <emserrat@geocities.com>
9 *
10 * Changes:
11 *
12 * Steve Whitehouse: Split into dn_nsp_in.c and dn_nsp_out.c from
13 * original dn_nsp.c.
14 * Steve Whitehouse: Updated to work with my new routing architecture.
15 * Steve Whitehouse: Add changes from Eduardo Serrat's patches.
16 * Steve Whitehouse: Put all ack handling code in a common routine.
17 * Steve Whitehouse: Put other common bits into dn_nsp_rx()
18 * Steve Whitehouse: More checks on skb->len to catch bogus packets
19 * Fixed various race conditions and possible nasties.
20 * Steve Whitehouse: Now handles returned conninit frames.
21 * David S. Miller: New socket locking
22 * Steve Whitehouse: Fixed lockup when socket filtering was enabled.
23 * Paul Koning: Fix to push CC sockets into RUN when acks are
24 * received.
25 * Steve Whitehouse:
26 * Patrick Caulfield: Checking conninits for correctness & sending of error
27 * responses.
28 * Steve Whitehouse: Added backlog congestion level return codes.
29 * Patrick Caulfield:
30 * Steve Whitehouse: Added flow control support (outbound)
31 */
32
33 /******************************************************************************
34 (c) 1995-1998 E.M. Serrat emserrat@geocities.com
35
36 This program is free software; you can redistribute it and/or modify
37 it under the terms of the GNU General Public License as published by
38 the Free Software Foundation; either version 2 of the License, or
39 any later version.
40
41 This program is distributed in the hope that it will be useful,
42 but WITHOUT ANY WARRANTY; without even the implied warranty of
43 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
44 GNU General Public License for more details.
45 *******************************************************************************/
46
47 #include <linux/config.h>
48 #include <linux/errno.h>
49 #include <linux/types.h>
50 #include <linux/socket.h>
51 #include <linux/in.h>
52 #include <linux/kernel.h>
53 #include <linux/sched.h>
54 #include <linux/timer.h>
55 #include <linux/string.h>
56 #include <linux/sockios.h>
57 #include <linux/net.h>
58 #include <linux/netdevice.h>
59 #include <linux/inet.h>
60 #include <linux/route.h>
61 #include <net/sock.h>
62 #include <asm/segment.h>
63 #include <asm/system.h>
64 #include <linux/fcntl.h>
65 #include <linux/mm.h>
66 #include <linux/termios.h>
67 #include <linux/interrupt.h>
68 #include <linux/proc_fs.h>
69 #include <linux/stat.h>
70 #include <linux/init.h>
71 #include <linux/poll.h>
72 #include <linux/netfilter_decnet.h>
73 #include <net/neighbour.h>
74 #include <net/dst.h>
75 #include <net/dn_nsp.h>
76 #include <net/dn_dev.h>
77 #include <net/dn_route.h>
78
79 extern int decnet_log_martians;
80
81 static void dn_log_martian(struct sk_buff *skb, const char *msg)
82 {
83 if (decnet_log_martians && net_ratelimit()) {
84 char *devname = skb->dev ? skb->dev->name : "???";
85 struct dn_skb_cb *cb = DN_SKB_CB(skb);
86 printk(KERN_INFO "DECnet: Martian packet (%s) dev=%s src=0x%04hx dst=0x%04hx srcport=0x%04hx dstport=0x%04hx\n", msg, devname, cb->src, cb->dst, cb->src_port, cb->dst_port);
87 }
88 }
89
90 /*
91 * For this function we've flipped the cross-subchannel bit
92 * if the message is an otherdata or linkservice message. Thus
93 * we can use it to work out what to update.
94 */
95 static void dn_ack(struct sock *sk, struct sk_buff *skb, unsigned short ack)
96 {
97 struct dn_scp *scp = DN_SK(sk);
98 unsigned short type = ((ack >> 12) & 0x0003);
99 int wakeup = 0;
100
101 switch(type) {
102 case 0: /* ACK - Data */
103 if (after(ack, scp->ackrcv_dat)) {
104 scp->ackrcv_dat = ack & 0x0fff;
105 wakeup |= dn_nsp_check_xmit_queue(sk, skb, &scp->data_xmit_queue, ack);
106 }
107 break;
108 case 1: /* NAK - Data */
109 break;
110 case 2: /* ACK - OtherData */
111 if (after(ack, scp->ackrcv_oth)) {
112 scp->ackrcv_oth = ack & 0x0fff;
113 wakeup |= dn_nsp_check_xmit_queue(sk, skb, &scp->other_xmit_queue, ack);
114 }
115 break;
116 case 3: /* NAK - OtherData */
117 break;
118 }
119
120 if (wakeup && !sk->dead)
121 sk->state_change(sk);
122 }
123
124 /*
125 * This function is a universal ack processor.
126 */
127 static int dn_process_ack(struct sock *sk, struct sk_buff *skb, int oth)
128 {
129 unsigned short *ptr = (unsigned short *)skb->data;
130 int len = 0;
131 unsigned short ack;
132
133 if (skb->len < 2)
134 return len;
135
136 if ((ack = dn_ntohs(*ptr)) & 0x8000) {
137 skb_pull(skb, 2);
138 ptr++;
139 len += 2;
140 if ((ack & 0x4000) == 0) {
141 if (oth)
142 ack ^= 0x2000;
143 dn_ack(sk, skb, ack);
144 }
145 }
146
147 if (skb->len < 2)
148 return len;
149
150 if ((ack = dn_ntohs(*ptr)) & 0x8000) {
151 skb_pull(skb, 2);
152 len += 2;
153 if ((ack & 0x4000) == 0) {
154 if (oth)
155 ack ^= 0x2000;
156 dn_ack(sk, skb, ack);
157 }
158 }
159
160 return len;
161 }
162
163
164 /**
165 * dn_check_idf - Check an image data field format is correct.
166 * @pptr: Pointer to pointer to image data
167 * @len: Pointer to length of image data
168 * @max: The maximum allowed length of the data in the image data field
169 * @follow_on: Check that this many bytes exist beyond the end of the image data
170 *
171 * Returns: 0 if ok, -1 on error
172 */
173 static inline int dn_check_idf(unsigned char **pptr, int *len, unsigned char max, unsigned char follow_on)
174 {
175 unsigned char *ptr = *pptr;
176 unsigned char flen = *ptr++;
177
178 (*len)--;
179 if (flen > max)
180 return -1;
181 if ((flen + follow_on) > *len)
182 return -1;
183
184 *len -= flen;
185 *pptr = ptr + flen;
186 return 0;
187 }
188
189 /*
190 * Table of reason codes to pass back to node which sent us a badly
191 * formed message, plus text messages for the log. A zero entry in
192 * the reason field means "don't reply" otherwise a disc init is sent with
193 * the specified reason code.
194 */
195 static struct {
196 unsigned short reason;
197 const char *text;
198 } ci_err_table[] = {
199 { 0, "CI: Truncated message" },
200 { NSP_REASON_ID, "CI: Destination username error" },
201 { NSP_REASON_ID, "CI: Destination username type" },
202 { NSP_REASON_US, "CI: Source username error" },
203 { 0, "CI: Truncated at menuver" },
204 { 0, "CI: Truncated before access or user data" },
205 { NSP_REASON_IO, "CI: Access data format error" },
206 { NSP_REASON_IO, "CI: User data format error" }
207 };
208
209 /*
210 * This function uses a slightly different lookup method
211 * to find its sockets, since it searches on object name/number
212 * rather than port numbers. Various tests are done to ensure that
213 * the incoming data is in the correct format before it is queued to
214 * a socket.
215 */
216 static struct sock *dn_find_listener(struct sk_buff *skb, unsigned short *reason)
217 {
218 struct dn_skb_cb *cb = DN_SKB_CB(skb);
219 struct nsp_conn_init_msg *msg = (struct nsp_conn_init_msg *)skb->data;
220 struct sockaddr_dn dstaddr;
221 struct sockaddr_dn srcaddr;
222 unsigned char type = 0;
223 int dstlen;
224 int srclen;
225 unsigned char *ptr;
226 int len;
227 int err = 0;
228 unsigned char menuver;
229
230 memset(&dstaddr, 0, sizeof(struct sockaddr_dn));
231 memset(&srcaddr, 0, sizeof(struct sockaddr_dn));
232
233 /*
234 * 1. Decode & remove message header
235 */
236 cb->src_port = msg->srcaddr;
237 cb->dst_port = msg->dstaddr;
238 cb->services = msg->services;
239 cb->info = msg->info;
240 cb->segsize = dn_ntohs(msg->segsize);
241
242 if (skb->len < sizeof(*msg))
243 goto err_out;
244
245 skb_pull(skb, sizeof(*msg));
246
247 len = skb->len;
248 ptr = skb->data;
249
250 /*
251 * 2. Check destination end username format
252 */
253 dstlen = dn_username2sockaddr(ptr, len, &dstaddr, &type);
254 err++;
255 if (dstlen < 0)
256 goto err_out;
257
258 err++;
259 if (type > 1)
260 goto err_out;
261
262 len -= dstlen;
263 ptr += dstlen;
264
265 /*
266 * 3. Check source end username format
267 */
268 srclen = dn_username2sockaddr(ptr, len, &srcaddr, &type);
269 err++;
270 if (srclen < 0)
271 goto err_out;
272
273 len -= srclen;
274 ptr += srclen;
275 err++;
276 if (len < 1)
277 goto err_out;
278
279 menuver = *ptr;
280 ptr++;
281 len--;
282
283 /*
284 * 4. Check that optional data actually exists if menuver says it does
285 */
286 err++;
287 if ((menuver & (DN_MENUVER_ACC | DN_MENUVER_USR)) && (len < 1))
288 goto err_out;
289
290 /*
291 * 5. Check optional access data format
292 */
293 err++;
294 if (menuver & DN_MENUVER_ACC) {
295 if (dn_check_idf(&ptr, &len, 39, 1))
296 goto err_out;
297 if (dn_check_idf(&ptr, &len, 39, 1))
298 goto err_out;
299 if (dn_check_idf(&ptr, &len, 39, (menuver & DN_MENUVER_USR) ? 1 : 0))
300 goto err_out;
301 }
302
303 /*
304 * 6. Check optional user data format
305 */
306 err++;
307 if (menuver & DN_MENUVER_USR) {
308 if (dn_check_idf(&ptr, &len, 16, 0))
309 goto err_out;
310 }
311
312 /*
313 * 7. Look up socket based on destination end username
314 */
315 return dn_sklist_find_listener(&dstaddr);
316 err_out:
317 dn_log_martian(skb, ci_err_table[err].text);
318 *reason = ci_err_table[err].reason;
319 return NULL;
320 }
321
322
323 static void dn_nsp_conn_init(struct sock *sk, struct sk_buff *skb)
324 {
325 if (sk->ack_backlog >= sk->max_ack_backlog) {
326 kfree_skb(skb);
327 return;
328 }
329
330 sk->ack_backlog++;
331 skb_queue_tail(&sk->receive_queue, skb);
332 sk->state_change(sk);
333 }
334
335 static void dn_nsp_conn_conf(struct sock *sk, struct sk_buff *skb)
336 {
337 struct dn_skb_cb *cb = DN_SKB_CB(skb);
338 struct dn_scp *scp = DN_SK(sk);
339 unsigned char *ptr;
340
341 if (skb->len < 4)
342 goto out;
343
344 ptr = skb->data;
345 cb->services = *ptr++;
346 cb->info = *ptr++;
347 cb->segsize = dn_ntohs(*(__u16 *)ptr);
348
349 if ((scp->state == DN_CI) || (scp->state == DN_CD)) {
350 scp->persist = 0;
351 scp->addrrem = cb->src_port;
352 sk->state = TCP_ESTABLISHED;
353 scp->state = DN_RUN;
354 scp->services_rem = cb->services;
355 scp->info_rem = cb->info;
356 scp->segsize_rem = cb->segsize;
357
358 if (skb->len > 0) {
359 unsigned char dlen = *skb->data;
360 if ((dlen <= 16) && (dlen <= skb->len)) {
361 scp->conndata_in.opt_optl = dlen;
362 memcpy(scp->conndata_in.opt_data, skb->data + 1, dlen);
363 }
364 }
365 dn_nsp_send_link(sk, DN_NOCHANGE, 0);
366 if (!sk->dead)
367 sk->state_change(sk);
368 }
369
370 out:
371 kfree_skb(skb);
372 }
373
374 static void dn_nsp_conn_ack(struct sock *sk, struct sk_buff *skb)
375 {
376 struct dn_scp *scp = DN_SK(sk);
377
378 if (scp->state == DN_CI) {
379 scp->state = DN_CD;
380 scp->persist = 0;
381 }
382
383 kfree_skb(skb);
384 }
385
386 static void dn_nsp_disc_init(struct sock *sk, struct sk_buff *skb)
387 {
388 struct dn_scp *scp = DN_SK(sk);
389 struct dn_skb_cb *cb = DN_SKB_CB(skb);
390 unsigned short reason;
391
392 if (skb->len < 2)
393 goto out;
394
395 reason = dn_ntohs(*(__u16 *)skb->data);
396 skb_pull(skb, 2);
397
398 scp->discdata_in.opt_status = reason;
399 scp->discdata_in.opt_optl = 0;
400 memset(scp->discdata_in.opt_data, 0, 16);
401
402 if (skb->len > 0) {
403 unsigned char dlen = *skb->data;
404 if ((dlen <= 16) && (dlen <= skb->len)) {
405 scp->discdata_in.opt_optl = dlen;
406 memcpy(scp->discdata_in.opt_data, skb->data + 1, dlen);
407 }
408 }
409
410 scp->addrrem = cb->src_port;
411 sk->state = TCP_CLOSE;
412
413 switch(scp->state) {
414 case DN_CI:
415 case DN_CD:
416 scp->state = DN_RJ;
417 break;
418 case DN_RUN:
419 sk->shutdown |= SHUTDOWN_MASK;
420 scp->state = DN_DN;
421 break;
422 case DN_DI:
423 scp->state = DN_DIC;
424 break;
425 }
426
427 if (!sk->dead) {
428 if (sk->socket->state != SS_UNCONNECTED)
429 sk->socket->state = SS_DISCONNECTING;
430 sk->state_change(sk);
431 }
432
433 dn_nsp_send_disc(sk, NSP_DISCCONF, NSP_REASON_DC, GFP_ATOMIC);
434 scp->persist_fxn = dn_destroy_timer;
435 scp->persist = dn_nsp_persist(sk);
436
437 out:
438 kfree_skb(skb);
439 }
440
441 /*
442 * disc_conf messages are also called no_resources or no_link
443 * messages depending upon the "reason" field.
444 */
445 static void dn_nsp_disc_conf(struct sock *sk, struct sk_buff *skb)
446 {
447 struct dn_scp *scp = DN_SK(sk);
448 unsigned short reason;
449
450 if (skb->len != 2)
451 goto out;
452
453 reason = dn_ntohs(*(__u16 *)skb->data);
454
455 sk->state = TCP_CLOSE;
456
457 switch(scp->state) {
458 case DN_CI:
459 scp->state = DN_NR;
460 break;
461 case DN_DR:
462 if (reason == NSP_REASON_DC)
463 scp->state = DN_DRC;
464 if (reason == NSP_REASON_NL)
465 scp->state = DN_CN;
466 break;
467 case DN_DI:
468 scp->state = DN_DIC;
469 break;
470 case DN_RUN:
471 sk->shutdown |= SHUTDOWN_MASK;
472 case DN_CC:
473 scp->state = DN_CN;
474 }
475
476 if (!sk->dead) {
477 if (sk->socket->state != SS_UNCONNECTED)
478 sk->socket->state = SS_DISCONNECTING;
479 sk->state_change(sk);
480 }
481
482 scp->persist_fxn = dn_destroy_timer;
483 scp->persist = dn_nsp_persist(sk);
484
485 out:
486 kfree_skb(skb);
487 }
488
489 static void dn_nsp_linkservice(struct sock *sk, struct sk_buff *skb)
490 {
491 struct dn_scp *scp = DN_SK(sk);
492 unsigned short segnum;
493 unsigned char lsflags;
494 char fcval;
495 int wake_up = 0;
496 char *ptr = skb->data;
497 unsigned char fctype = scp->services_rem & NSP_FC_MASK;
498
499 if (skb->len != 4)
500 goto out;
501
502 segnum = dn_ntohs(*(__u16 *)ptr);
503 ptr += 2;
504 lsflags = *(unsigned char *)ptr++;
505 fcval = *ptr;
506
507 /*
508 * Here we ignore erronous packets which should really
509 * should cause a connection abort. It is not critical
510 * for now though.
511 */
512 if (lsflags & 0xf8)
513 goto out;
514
515 if (seq_next(scp->numoth_rcv, segnum)) {
516 seq_add(&scp->numoth_rcv, 1);
517 switch(lsflags & 0x04) { /* FCVAL INT */
518 case 0x00: /* Normal Request */
519 switch(lsflags & 0x03) { /* FCVAL MOD */
520 case 0x00: /* Request count */
521 if (fcval < 0) {
522 unsigned char p_fcval = -fcval;
523 if ((scp->flowrem_dat > p_fcval) &&
524 (fctype == NSP_FC_SCMC)) {
525 scp->flowrem_dat -= p_fcval;
526 }
527 } else if (fcval > 0) {
528 scp->flowrem_dat += fcval;
529 wake_up = 1;
530 }
531 break;
532 case 0x01: /* Stop outgoing data */
533 scp->flowrem_sw = DN_DONTSEND;
534 break;
535 case 0x02: /* Ok to start again */
536 scp->flowrem_sw = DN_SEND;
537 dn_nsp_output(sk);
538 wake_up = 1;
539 }
540 break;
541 case 0x04: /* Interrupt Request */
542 if (fcval > 0) {
543 scp->flowrem_oth += fcval;
544 wake_up = 1;
545 }
546 break;
547 }
548 if (wake_up && !sk->dead)
549 sk->state_change(sk);
550 }
551
552 dn_nsp_send_oth_ack(sk);
553
554 out:
555 kfree_skb(skb);
556 }
557
558 /*
559 * Copy of sock_queue_rcv_skb (from sock.h) without
560 * bh_lock_sock() (its already held when this is called) which
561 * also allows data and other data to be queued to a socket.
562 */
563 static __inline__ int dn_queue_skb(struct sock *sk, struct sk_buff *skb, int sig, struct sk_buff_head *queue)
564 {
565 #ifdef CONFIG_FILTER
566 struct sk_filter *filter;
567 #endif
568
569 /* Cast skb->rcvbuf to unsigned... It's pointless, but reduces
570 number of warnings when compiling with -W --ANK
571 */
572 if (atomic_read(&sk->rmem_alloc) + skb->truesize >= (unsigned)sk->rcvbuf
573 )
574 return -ENOMEM;
575
576 #ifdef CONFIG_FILTER
577 if (sk->filter) {
578 int err = 0;
579 if ((filter = sk->filter) != NULL && sk_filter(skb, sk->filter))
580 err = -EPERM; /* Toss packet */
581 if (err)
582 return err;
583 }
584 #endif /* CONFIG_FILTER */
585
586 skb_set_owner_r(skb, sk);
587 skb_queue_tail(queue, skb);
588
589 /* This code only runs from BH or BH protected context.
590 * Therefore the plain read_lock is ok here. -DaveM
591 */
592 read_lock(&sk->callback_lock);
593 if (!sk->dead) {
594 struct socket *sock = sk->socket;
595 wake_up_interruptible(sk->sleep);
596 if (sock && sock->fasync_list &&
597 !test_bit(SOCK_ASYNC_WAITDATA, &sock->flags))
598 __kill_fasync(sock->fasync_list, sig,
599 (sig == SIGURG) ? POLL_PRI : POLL_IN);
600 }
601 read_unlock(&sk->callback_lock);
602
603 return 0;
604 }
605
606 static void dn_nsp_otherdata(struct sock *sk, struct sk_buff *skb)
607 {
608 struct dn_scp *scp = DN_SK(sk);
609 unsigned short segnum;
610 struct dn_skb_cb *cb = DN_SKB_CB(skb);
611 int queued = 0;
612
613 if (skb->len < 2)
614 goto out;
615
616 cb->segnum = segnum = dn_ntohs(*(__u16 *)skb->data);
617 skb_pull(skb, 2);
618
619 if (seq_next(scp->numoth_rcv, segnum)) {
620
621 if (dn_queue_skb(sk, skb, SIGURG, &scp->other_receive_queue) == 0) {
622 seq_add(&scp->numoth_rcv, 1);
623 scp->other_report = 0;
624 queued = 1;
625 }
626 }
627
628 dn_nsp_send_oth_ack(sk);
629 out:
630 if (!queued)
631 kfree_skb(skb);
632 }
633
634 static void dn_nsp_data(struct sock *sk, struct sk_buff *skb)
635 {
636 int queued = 0;
637 unsigned short segnum;
638 struct dn_skb_cb *cb = DN_SKB_CB(skb);
639 struct dn_scp *scp = DN_SK(sk);
640
641 if (skb->len < 2)
642 goto out;
643
644 cb->segnum = segnum = dn_ntohs(*(__u16 *)skb->data);
645 skb_pull(skb, 2);
646
647 if (seq_next(scp->numdat_rcv, segnum)) {
648 if (dn_queue_skb(sk, skb, SIGIO, &sk->receive_queue) == 0) {
649 seq_add(&scp->numdat_rcv, 1);
650 queued = 1;
651 }
652
653 if ((scp->flowloc_sw == DN_SEND) && dn_congested(sk)) {
654 scp->flowloc_sw = DN_DONTSEND;
655 dn_nsp_send_link(sk, DN_DONTSEND, 0);
656 }
657 }
658
659 dn_nsp_send_data_ack(sk);
660 out:
661 if (!queued)
662 kfree_skb(skb);
663 }
664
665 /*
666 * If one of our conninit messages is returned, this function
667 * deals with it. It puts the socket into the NO_COMMUNICATION
668 * state.
669 */
670 static void dn_returned_conn_init(struct sock *sk, struct sk_buff *skb)
671 {
672 struct dn_scp *scp = DN_SK(sk);
673
674 if (scp->state == DN_CI) {
675 scp->state = DN_NC;
676 sk->state = TCP_CLOSE;
677 if (!sk->dead)
678 sk->state_change(sk);
679 }
680
681 kfree_skb(skb);
682 }
683
684 static int dn_nsp_no_socket(struct sk_buff *skb, unsigned short reason)
685 {
686 struct dn_skb_cb *cb = DN_SKB_CB(skb);
687 int ret = NET_RX_DROP;
688
689 /* Must not reply to returned packets */
690 if (cb->rt_flags & DN_RT_F_RTS)
691 goto out;
692
693 if ((reason != NSP_REASON_OK) && ((cb->nsp_flags & 0x0c) == 0x08)) {
694 switch(cb->nsp_flags & 0x70) {
695 case 0x10:
696 case 0x60: /* (Retransmitted) Connect Init */
697 dn_nsp_return_disc(skb, NSP_DISCINIT, reason);
698 ret = NET_RX_SUCCESS;
699 break;
700 case 0x20: /* Connect Confirm */
701 dn_nsp_return_disc(skb, NSP_DISCCONF, reason);
702 ret = NET_RX_SUCCESS;
703 break;
704 }
705 }
706
707 out:
708 kfree_skb(skb);
709 return ret;
710 }
711
712 static int dn_nsp_rx_packet(struct sk_buff *skb)
713 {
714 struct dn_skb_cb *cb = DN_SKB_CB(skb);
715 struct sock *sk = NULL;
716 unsigned char *ptr = (unsigned char *)skb->data;
717 unsigned short reason = NSP_REASON_NL;
718
719 skb->h.raw = skb->data;
720 cb->nsp_flags = *ptr++;
721
722 if (decnet_debug_level & 2)
723 printk(KERN_DEBUG "dn_nsp_rx: Message type 0x%02x\n", (int)cb->nsp_flags);
724
725 if (skb->len < 2)
726 goto free_out;
727
728 if (cb->nsp_flags & 0x83)
729 goto free_out;
730
731 /*
732 * Returned packets...
733 * Swap src & dst and look up in the normal way.
734 */
735 if (cb->rt_flags & DN_RT_F_RTS) {
736 unsigned short tmp = cb->dst_port;
737 cb->dst_port = cb->src_port;
738 cb->src_port = tmp;
739 tmp = cb->dst;
740 cb->dst = cb->src;
741 cb->src = tmp;
742 sk = dn_find_by_skb(skb);
743 goto got_it;
744 }
745
746 /*
747 * Filter out conninits and useless packet types
748 */
749 if ((cb->nsp_flags & 0x0c) == 0x08) {
750 switch(cb->nsp_flags & 0x70) {
751 case 0x00: /* NOP */
752 case 0x70: /* Reserved */
753 case 0x50: /* Reserved, Phase II node init */
754 goto free_out;
755 case 0x10:
756 case 0x60:
757 sk = dn_find_listener(skb, &reason);
758 goto got_it;
759 }
760 }
761
762 if (skb->len < 3)
763 goto free_out;
764
765 /*
766 * Grab the destination address.
767 */
768 cb->dst_port = *(unsigned short *)ptr;
769 cb->src_port = 0;
770 ptr += 2;
771
772 /*
773 * If not a connack, grab the source address too.
774 */
775 if (skb->len >= 5) {
776 cb->src_port = *(unsigned short *)ptr;
777 ptr += 2;
778 skb_pull(skb, 5);
779 }
780
781 /*
782 * Find the socket to which this skb is destined.
783 */
784 sk = dn_find_by_skb(skb);
785 got_it:
786 if (sk != NULL) {
787 struct dn_scp *scp = DN_SK(sk);
788 int ret;
789
790 /* Reset backoff */
791 scp->nsp_rxtshift = 0;
792
793 bh_lock_sock(sk);
794 ret = NET_RX_SUCCESS;
795 if (decnet_debug_level & 8)
796 printk(KERN_DEBUG "NSP: 0x%02x 0x%02x 0x%04x 0x%04x %d\n",
797 (int)cb->rt_flags, (int)cb->nsp_flags,
798 (int)cb->src_port, (int)cb->dst_port,
799 (int)sk->lock.users);
800 if (sk->lock.users == 0)
801 ret = dn_nsp_backlog_rcv(sk, skb);
802 else
803 sk_add_backlog(sk, skb);
804 bh_unlock_sock(sk);
805 sock_put(sk);
806
807 return ret;
808 }
809
810 return dn_nsp_no_socket(skb, reason);
811
812 free_out:
813 kfree_skb(skb);
814 return NET_RX_DROP;
815 }
816
817 int dn_nsp_rx(struct sk_buff *skb)
818 {
819 return NF_HOOK(PF_DECnet, NF_DN_LOCAL_IN, skb, skb->dev, NULL, dn_nsp_rx_packet);
820 }
821
822 /*
823 * This is the main receive routine for sockets. It is called
824 * from the above when the socket is not busy, and also from
825 * sock_release() when there is a backlog queued up.
826 */
827 int dn_nsp_backlog_rcv(struct sock *sk, struct sk_buff *skb)
828 {
829 struct dn_scp *scp = DN_SK(sk);
830 struct dn_skb_cb *cb = DN_SKB_CB(skb);
831
832 if (cb->rt_flags & DN_RT_F_RTS) {
833 dn_returned_conn_init(sk, skb);
834 return NET_RX_SUCCESS;
835 }
836
837 /*
838 * Control packet.
839 */
840 if ((cb->nsp_flags & 0x0c) == 0x08) {
841 switch(cb->nsp_flags & 0x70) {
842 case 0x10:
843 case 0x60:
844 dn_nsp_conn_init(sk, skb);
845 break;
846 case 0x20:
847 dn_nsp_conn_conf(sk, skb);
848 break;
849 case 0x30:
850 dn_nsp_disc_init(sk, skb);
851 break;
852 case 0x40:
853 dn_nsp_disc_conf(sk, skb);
854 break;
855 }
856
857 } else if (cb->nsp_flags == 0x24) {
858 /*
859 * Special for connacks, 'cos they don't have
860 * ack data or ack otherdata info.
861 */
862 dn_nsp_conn_ack(sk, skb);
863 } else {
864 int other = 1;
865
866 /* both data and ack frames can kick a CC socket into RUN */
867 if ((scp->state == DN_CC) && !sk->dead) {
868 scp->state = DN_RUN;
869 sk->state = TCP_ESTABLISHED;
870 sk->state_change(sk);
871 }
872
873 if ((cb->nsp_flags & 0x1c) == 0)
874 other = 0;
875 if (cb->nsp_flags == 0x04)
876 other = 0;
877
878 /*
879 * Read out ack data here, this applies equally
880 * to data, other data, link serivce and both
881 * ack data and ack otherdata.
882 */
883 dn_process_ack(sk, skb, other);
884
885 /*
886 * If we've some sort of data here then call a
887 * suitable routine for dealing with it, otherwise
888 * the packet is an ack and can be discarded.
889 */
890 if ((cb->nsp_flags & 0x0c) == 0) {
891
892 if (scp->state != DN_RUN)
893 goto free_out;
894
895 switch(cb->nsp_flags) {
896 case 0x10: /* LS */
897 dn_nsp_linkservice(sk, skb);
898 break;
899 case 0x30: /* OD */
900 dn_nsp_otherdata(sk, skb);
901 break;
902 default:
903 dn_nsp_data(sk, skb);
904 }
905
906 } else { /* Ack, chuck it out here */
907 free_out:
908 kfree_skb(skb);
909 }
910 }
911
912 return NET_RX_SUCCESS;
913 }
914
915