From: Andreas Pape <APape(a)phoenixcontact.com>
If dat is enabled it must be made sure that only the backbone gw which has
claimed the remote destination for the ARP request answers the ARP request
directly if the MAC address is known due to the local dat table. This
prevents multiple ARP replies in a common backbone if more than one
gateway already knows the remote mac searched for in the ARP request.
Signed-off-by: Andreas Pape <apape(a)phoenixcontact.com>
Acked-by: Simon Wunderlich <sw(a)simonwunderlich.de>
[sven(a)narfation.org: fix conflicts with current version]
Signed-off-by: Sven Eckelmann <sven(a)narfation.org>
---
net/batman-adv/bridge_loop_avoidance.c | 49 ++++++++++++++++++++++++++++++++++
net/batman-adv/bridge_loop_avoidance.h | 11 ++++++++
net/batman-adv/distributed-arp-table.c | 15 +++++++++++
3 files changed, 75 insertions(+)
diff --git a/net/batman-adv/bridge_loop_avoidance.c b/net/batman-adv/bridge_loop_avoidance.c
index e7f690b..41ab4a6 100644
--- a/net/batman-adv/bridge_loop_avoidance.c
+++ b/net/batman-adv/bridge_loop_avoidance.c
@@ -2450,3 +2450,52 @@ out:
return ret;
}
+
+#ifdef CONFIG_BATMAN_ADV_DAT
+/**
+ * batadv_bla_check_claim - check if address is claimed
+ *
+ * @bat_priv: the bat priv with all the soft interface information
+ * @addr: mac address of which the claim status is checked
+ * @vid: the VLAN ID
+ *
+ * addr is checked if this address is claimed by the local device itself.
+ *
+ * Return: true if bla is disabled or the mac is claimed by the device,
+ * false if the device addr is already claimed by another gateway
+ */
+bool batadv_bla_check_claim(struct batadv_priv *bat_priv,
+ u8 *addr, unsigned short vid)
+{
+ struct batadv_bla_claim search_claim;
+ struct batadv_bla_claim *claim = NULL;
+ struct batadv_hard_iface *primary_if = NULL;
+ bool ret = true;
+
+ if (!atomic_read(&bat_priv->bridge_loop_avoidance))
+ return ret;
+
+ primary_if = batadv_primary_if_get_selected(bat_priv);
+ if (!primary_if)
+ return ret;
+
+ /* First look if the mac address is claimed */
+ ether_addr_copy(search_claim.addr, addr);
+ search_claim.vid = vid;
+
+ claim = batadv_claim_hash_find(bat_priv, &search_claim);
+
+ /* If there is a claim and we are not owner of the claim,
+ * return false.
+ */
+ if (claim) {
+ if (!batadv_compare_eth(claim->backbone_gw->orig,
+ primary_if->net_dev->dev_addr))
+ ret = false;
+ batadv_claim_put(claim);
+ }
+
+ batadv_hardif_put(primary_if);
+ return ret;
+}
+#endif
diff --git a/net/batman-adv/bridge_loop_avoidance.h b/net/batman-adv/bridge_loop_avoidance.h
index 1ae93e4..86b8740 100644
--- a/net/batman-adv/bridge_loop_avoidance.h
+++ b/net/batman-adv/bridge_loop_avoidance.h
@@ -51,6 +51,10 @@ void batadv_bla_status_update(struct net_device *net_dev);
int batadv_bla_init(struct batadv_priv *bat_priv);
void batadv_bla_free(struct batadv_priv *bat_priv);
int batadv_bla_claim_dump(struct sk_buff *msg, struct netlink_callback *cb);
+#ifdef CONFIG_BATMAN_ADV_DAT
+bool batadv_bla_check_claim(struct batadv_priv *bat_priv, u8 *addr,
+ unsigned short vid);
+#endif
#define BATADV_BLA_CRC_INIT 0
#else /* ifdef CONFIG_BATMAN_ADV_BLA */
@@ -127,6 +131,13 @@ static inline int batadv_bla_backbone_dump(struct sk_buff *msg,
return -EOPNOTSUPP;
}
+static inline
+bool batadv_bla_check_claim(struct batadv_priv *bat_priv, u8 *addr,
+ unsigned short vid)
+{
+ return true;
+}
+
#endif /* ifdef CONFIG_BATMAN_ADV_BLA */
#endif /* ifndef _NET_BATMAN_ADV_BLA_H_ */
diff --git a/net/batman-adv/distributed-arp-table.c b/net/batman-adv/distributed-arp-table.c
index e257efd..cf53404 100644
--- a/net/batman-adv/distributed-arp-table.c
+++ b/net/batman-adv/distributed-arp-table.c
@@ -43,6 +43,7 @@
#include <linux/workqueue.h>
#include <net/arp.h>
+#include "bridge_loop_avoidance.h"
#include "hard-interface.h"
#include "hash.h"
#include "log.h"
@@ -1007,6 +1008,20 @@ bool batadv_dat_snoop_outgoing_arp_request(struct batadv_priv *bat_priv,
goto out;
}
+ /* If BLA is enabled, only send ARP replies if we have claimed
+ * the destination for the ARP request or if no one else of
+ * the backbone gws belonging to our backbone has claimed the
+ * destination.
+ */
+ if (!batadv_bla_check_claim(bat_priv,
+ dat_entry->mac_addr, vid)) {
+ batadv_dbg(BATADV_DBG_DAT, bat_priv,
+ "Device %pM claimed by another backbone gw. Don't send ARP reply!",
+ dat_entry->mac_addr);
+ ret = true;
+ goto out;
+ }
+
skb_new = arp_create(ARPOP_REPLY, ETH_P_ARP, ip_src,
bat_priv->soft_iface, ip_dst, hw_src,
dat_entry->mac_addr, hw_src);
--
2.9.3
Hi,
Marek created some patches a while ago to automatically detect the wifi
interface under virtual interfaces like VLANs. These patches had some problems
because they failed to correctly set the num_bcasts in these situations and
also had some locking problems.
The following patches try to address these by introducing a cache for the
detected wifi configuration (wifi_flags which make taking the rtnl lock in
critical section unnecessary) and by updating the num_bcast and wifi_flags
when the interface behind iflink changes.
* added patch "batman-adv: Return non-const ptr in batadv_getlink_net"
* added patch "batman-adv: Close two alignment holes in batadv_hard_iface"
* added patch "batman-adv: Cache the type of wifi device for each hardif"
* added patch "batman-adv: Update wifi flags on upper link change"
* introduced batadv_get_real_netdevice which can be used inside rtnl
locked contexts
* replaced wifi check functions with ones that use the wifi_flags cache
* use batadv_getlink_net to get the iflink net_namespace
* force rtnl_lock in batadv_get_real_netdev
Kind regards,
Sven
Marek Lindner (3):
batman-adv: refactor wifi interface detection
batman-adv: additional checks for virtual interfaces on top of WiFi
batman-adv: retrieve B.A.T.M.A.N. V WiFi neighbor stats from real interface
Sven Eckelmann (4):
batman-adv: Return non-const ptr in batadv_getlink_net
batman-adv: Close two alignment holes in batadv_hard_iface
batman-adv: Cache the type of wifi device for each hardif
batman-adv: Update wifi flags on upper link change
net/batman-adv/bat_iv_ogm.c | 2 +-
net/batman-adv/bat_v_elp.c | 41 +++++----
net/batman-adv/hard-interface.c | 173 ++++++++++++++++++++++++++++++++++---
net/batman-adv/hard-interface.h | 5 +-
net/batman-adv/translation-table.c | 10 ++-
net/batman-adv/types.h | 21 ++++-
6 files changed, 217 insertions(+), 35 deletions(-)
The routing checks are validating the source mac address of the outer
ethernet header. They reject every source mac address which is a broadcast
address. But they also have to reject and multicast mac addresses.
Signed-off-by: Sven Eckelmann <sven(a)narfation.org>
---
v3:
- Fix patch subject
v2:
- clarify in commit message that only the outer ethernet header is
affected
(thanks Linus)
- split in patch 1/2
- Allow zero mac address as source address in outer header as requested by
Linus
---
net/batman-adv/routing.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c
index 610f2c4..913ab51 100644
--- a/net/batman-adv/routing.c
+++ b/net/batman-adv/routing.c
@@ -357,8 +357,8 @@ int batadv_recv_icmp_packet(struct sk_buff *skb,
if (is_broadcast_ether_addr(ethhdr->h_dest))
goto out;
- /* packet with broadcast sender address */
- if (is_broadcast_ether_addr(ethhdr->h_source))
+ /* packet with broadcast/multicast sender address */
+ if (is_multicast_ether_addr(ethhdr->h_source))
goto out;
/* not for me */
@@ -449,8 +449,8 @@ static int batadv_check_unicast_packet(struct batadv_priv *bat_priv,
if (is_broadcast_ether_addr(ethhdr->h_dest))
return -EBADR;
- /* packet with broadcast sender address */
- if (is_broadcast_ether_addr(ethhdr->h_source))
+ /* packet with broadcast/multicast sender address */
+ if (is_multicast_ether_addr(ethhdr->h_source))
return -EBADR;
/* not for me */
@@ -1091,8 +1091,8 @@ int batadv_recv_bcast_packet(struct sk_buff *skb,
if (!is_broadcast_ether_addr(ethhdr->h_dest))
goto out;
- /* packet with broadcast sender address */
- if (is_broadcast_ether_addr(ethhdr->h_source))
+ /* packet with broadcast/multicast sender address */
+ if (is_multicast_ether_addr(ethhdr->h_source))
goto out;
/* ignore broadcasts sent by myself */
--
2.8.1
During broadcast queueing, the skb_reset_mac_header() sets the skb
to a place invalid for a MAC header, pointing right into the
batman-adv broadcast packet. Luckily, no one seems to actually use
eth_hdr(skb) afterwards until batadv_send_skb_packet() resets the
header to a valid position again.
Therefore removing this unnecessary, weird skb_reset_mac_header()
call.
Reviewed-by: Sven Eckelmann <sven(a)narfation.org>
Signed-off-by: Linus Lüssing <linus.luessing(a)c0d3.blue>
---
Changes in v2-v5:
* none
net/batman-adv/send.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/net/batman-adv/send.c b/net/batman-adv/send.c
index 8d4e1f5..97bdb0c 100644
--- a/net/batman-adv/send.c
+++ b/net/batman-adv/send.c
@@ -586,8 +586,6 @@ int batadv_add_bcast_packet_to_list(struct batadv_priv *bat_priv,
bcast_packet = (struct batadv_bcast_packet *)newskb->data;
bcast_packet->ttl--;
- skb_reset_mac_header(newskb);
-
forw_packet->skb = newskb;
INIT_DELAYED_WORK(&forw_packet->delayed_work,
--
2.1.4
batadv_mcast_mla_list_free() just frees some leftovers of a local feast
in batadv_mcast_mla_update(). No lockdep needed as it has nothing to do
with bat_priv->mcast.mla_list.
Fixes: 5b95c427d187 ("batman-adv: Annotate deleting functions with external lock via lockdep")
Signed-off-by: Linus Lüssing <linus.luessing(a)c0d3.blue>
Reviewed-by: Sven Eckelmann <sven(a)narfation.org>
---
Changes in v3:
* none
Changes in v2:
* none
net/batman-adv/multicast.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/net/batman-adv/multicast.c b/net/batman-adv/multicast.c
index 13661f4..45757fa 100644
--- a/net/batman-adv/multicast.c
+++ b/net/batman-adv/multicast.c
@@ -231,19 +231,15 @@ out:
/**
* batadv_mcast_mla_list_free - free a list of multicast addresses
- * @bat_priv: the bat priv with all the soft interface information
* @mcast_list: the list to free
*
* Removes and frees all items in the given mcast_list.
*/
-static void batadv_mcast_mla_list_free(struct batadv_priv *bat_priv,
- struct hlist_head *mcast_list)
+static void batadv_mcast_mla_list_free(struct hlist_head *mcast_list)
{
struct batadv_hw_addr *mcast_entry;
struct hlist_node *tmp;
- lockdep_assert_held(&bat_priv->tt.commit_lock);
-
hlist_for_each_entry_safe(mcast_entry, tmp, mcast_list, list) {
hlist_del(&mcast_entry->list);
kfree(mcast_entry);
@@ -560,7 +556,7 @@ update:
batadv_mcast_mla_tt_add(bat_priv, &mcast_list);
out:
- batadv_mcast_mla_list_free(bat_priv, &mcast_list);
+ batadv_mcast_mla_list_free(&mcast_list);
}
/**
--
2.1.4