Merge tag 'defconfig-5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
[platform/kernel/linux-rpi.git] / net / decnet / dn_route.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * DECnet       An implementation of the DECnet protocol suite for the LINUX
4  *              operating system.  DECnet is implemented using the  BSD Socket
5  *              interface as the means of communication with the user level.
6  *
7  *              DECnet Routing Functions (Endnode and Router)
8  *
9  * Authors:     Steve Whitehouse <SteveW@ACM.org>
10  *              Eduardo Marcelo Serrat <emserrat@geocities.com>
11  *
12  * Changes:
13  *              Steve Whitehouse : Fixes to allow "intra-ethernet" and
14  *                                 "return-to-sender" bits on outgoing
15  *                                 packets.
16  *              Steve Whitehouse : Timeouts for cached routes.
17  *              Steve Whitehouse : Use dst cache for input routes too.
18  *              Steve Whitehouse : Fixed error values in dn_send_skb.
19  *              Steve Whitehouse : Rework routing functions to better fit
20  *                                 DECnet routing design
21  *              Alexey Kuznetsov : New SMP locking
22  *              Steve Whitehouse : More SMP locking changes & dn_cache_dump()
23  *              Steve Whitehouse : Prerouting NF hook, now really is prerouting.
24  *                                 Fixed possible skb leak in rtnetlink funcs.
25  *              Steve Whitehouse : Dave Miller's dynamic hash table sizing and
26  *                                 Alexey Kuznetsov's finer grained locking
27  *                                 from ipv4/route.c.
28  *              Steve Whitehouse : Routing is now starting to look like a
29  *                                 sensible set of code now, mainly due to
30  *                                 my copying the IPv4 routing code. The
31  *                                 hooks here are modified and will continue
32  *                                 to evolve for a while.
33  *              Steve Whitehouse : Real SMP at last :-) Also new netfilter
34  *                                 stuff. Look out raw sockets your days
35  *                                 are numbered!
36  *              Steve Whitehouse : Added return-to-sender functions. Added
37  *                                 backlog congestion level return codes.
38  *              Steve Whitehouse : Fixed bug where routes were set up with
39  *                                 no ref count on net devices.
40  *              Steve Whitehouse : RCU for the route cache
41  *              Steve Whitehouse : Preparations for the flow cache
42  *              Steve Whitehouse : Prepare for nonlinear skbs
43  */
44
45 /******************************************************************************
46     (c) 1995-1998 E.M. Serrat           emserrat@geocities.com
47
48 *******************************************************************************/
49
50 #include <linux/errno.h>
51 #include <linux/types.h>
52 #include <linux/socket.h>
53 #include <linux/in.h>
54 #include <linux/kernel.h>
55 #include <linux/sockios.h>
56 #include <linux/net.h>
57 #include <linux/netdevice.h>
58 #include <linux/inet.h>
59 #include <linux/route.h>
60 #include <linux/in_route.h>
61 #include <linux/slab.h>
62 #include <net/sock.h>
63 #include <linux/mm.h>
64 #include <linux/proc_fs.h>
65 #include <linux/seq_file.h>
66 #include <linux/init.h>
67 #include <linux/rtnetlink.h>
68 #include <linux/string.h>
69 #include <linux/netfilter_decnet.h>
70 #include <linux/rcupdate.h>
71 #include <linux/times.h>
72 #include <linux/export.h>
73 #include <asm/errno.h>
74 #include <net/net_namespace.h>
75 #include <net/netlink.h>
76 #include <net/neighbour.h>
77 #include <net/dst.h>
78 #include <net/flow.h>
79 #include <net/fib_rules.h>
80 #include <net/dn.h>
81 #include <net/dn_dev.h>
82 #include <net/dn_nsp.h>
83 #include <net/dn_route.h>
84 #include <net/dn_neigh.h>
85 #include <net/dn_fib.h>
86
87 struct dn_rt_hash_bucket {
88         struct dn_route __rcu *chain;
89         spinlock_t lock;
90 };
91
92 extern struct neigh_table dn_neigh_table;
93
94
95 static unsigned char dn_hiord_addr[6] = {0xAA, 0x00, 0x04, 0x00, 0x00, 0x00};
96
97 static const int dn_rt_min_delay = 2 * HZ;
98 static const int dn_rt_max_delay = 10 * HZ;
99 static const int dn_rt_mtu_expires = 10 * 60 * HZ;
100
101 static unsigned long dn_rt_deadline;
102
103 static int dn_dst_gc(struct dst_ops *ops);
104 static struct dst_entry *dn_dst_check(struct dst_entry *, __u32);
105 static unsigned int dn_dst_default_advmss(const struct dst_entry *dst);
106 static unsigned int dn_dst_mtu(const struct dst_entry *dst);
107 static void dn_dst_destroy(struct dst_entry *);
108 static void dn_dst_ifdown(struct dst_entry *, struct net_device *dev, int how);
109 static struct dst_entry *dn_dst_negative_advice(struct dst_entry *);
110 static void dn_dst_link_failure(struct sk_buff *);
111 static void dn_dst_update_pmtu(struct dst_entry *dst, struct sock *sk,
112                                struct sk_buff *skb , u32 mtu,
113                                bool confirm_neigh);
114 static void dn_dst_redirect(struct dst_entry *dst, struct sock *sk,
115                             struct sk_buff *skb);
116 static struct neighbour *dn_dst_neigh_lookup(const struct dst_entry *dst,
117                                              struct sk_buff *skb,
118                                              const void *daddr);
119 static int dn_route_input(struct sk_buff *);
120 static void dn_run_flush(struct timer_list *unused);
121
122 static struct dn_rt_hash_bucket *dn_rt_hash_table;
123 static unsigned int dn_rt_hash_mask;
124
125 static struct timer_list dn_route_timer;
126 static DEFINE_TIMER(dn_rt_flush_timer, dn_run_flush);
127 int decnet_dst_gc_interval = 2;
128
129 static struct dst_ops dn_dst_ops = {
130         .family =               PF_DECnet,
131         .gc_thresh =            128,
132         .gc =                   dn_dst_gc,
133         .check =                dn_dst_check,
134         .default_advmss =       dn_dst_default_advmss,
135         .mtu =                  dn_dst_mtu,
136         .cow_metrics =          dst_cow_metrics_generic,
137         .destroy =              dn_dst_destroy,
138         .ifdown =               dn_dst_ifdown,
139         .negative_advice =      dn_dst_negative_advice,
140         .link_failure =         dn_dst_link_failure,
141         .update_pmtu =          dn_dst_update_pmtu,
142         .redirect =             dn_dst_redirect,
143         .neigh_lookup =         dn_dst_neigh_lookup,
144 };
145
146 static void dn_dst_destroy(struct dst_entry *dst)
147 {
148         struct dn_route *rt = (struct dn_route *) dst;
149
150         if (rt->n)
151                 neigh_release(rt->n);
152         dst_destroy_metrics_generic(dst);
153 }
154
155 static void dn_dst_ifdown(struct dst_entry *dst, struct net_device *dev, int how)
156 {
157         if (how) {
158                 struct dn_route *rt = (struct dn_route *) dst;
159                 struct neighbour *n = rt->n;
160
161                 if (n && n->dev == dev) {
162                         n->dev = dev_net(dev)->loopback_dev;
163                         dev_hold(n->dev);
164                         dev_put(dev);
165                 }
166         }
167 }
168
169 static __inline__ unsigned int dn_hash(__le16 src, __le16 dst)
170 {
171         __u16 tmp = (__u16 __force)(src ^ dst);
172         tmp ^= (tmp >> 3);
173         tmp ^= (tmp >> 5);
174         tmp ^= (tmp >> 10);
175         return dn_rt_hash_mask & (unsigned int)tmp;
176 }
177
178 static void dn_dst_check_expire(struct timer_list *unused)
179 {
180         int i;
181         struct dn_route *rt;
182         struct dn_route __rcu **rtp;
183         unsigned long now = jiffies;
184         unsigned long expire = 120 * HZ;
185
186         for (i = 0; i <= dn_rt_hash_mask; i++) {
187                 rtp = &dn_rt_hash_table[i].chain;
188
189                 spin_lock(&dn_rt_hash_table[i].lock);
190                 while ((rt = rcu_dereference_protected(*rtp,
191                                                 lockdep_is_held(&dn_rt_hash_table[i].lock))) != NULL) {
192                         if (atomic_read(&rt->dst.__refcnt) > 1 ||
193                             (now - rt->dst.lastuse) < expire) {
194                                 rtp = &rt->dn_next;
195                                 continue;
196                         }
197                         *rtp = rt->dn_next;
198                         rt->dn_next = NULL;
199                         dst_dev_put(&rt->dst);
200                         dst_release(&rt->dst);
201                 }
202                 spin_unlock(&dn_rt_hash_table[i].lock);
203
204                 if ((jiffies - now) > 0)
205                         break;
206         }
207
208         mod_timer(&dn_route_timer, now + decnet_dst_gc_interval * HZ);
209 }
210
211 static int dn_dst_gc(struct dst_ops *ops)
212 {
213         struct dn_route *rt;
214         struct dn_route __rcu **rtp;
215         int i;
216         unsigned long now = jiffies;
217         unsigned long expire = 10 * HZ;
218
219         for (i = 0; i <= dn_rt_hash_mask; i++) {
220
221                 spin_lock_bh(&dn_rt_hash_table[i].lock);
222                 rtp = &dn_rt_hash_table[i].chain;
223
224                 while ((rt = rcu_dereference_protected(*rtp,
225                                                 lockdep_is_held(&dn_rt_hash_table[i].lock))) != NULL) {
226                         if (atomic_read(&rt->dst.__refcnt) > 1 ||
227                             (now - rt->dst.lastuse) < expire) {
228                                 rtp = &rt->dn_next;
229                                 continue;
230                         }
231                         *rtp = rt->dn_next;
232                         rt->dn_next = NULL;
233                         dst_dev_put(&rt->dst);
234                         dst_release(&rt->dst);
235                         break;
236                 }
237                 spin_unlock_bh(&dn_rt_hash_table[i].lock);
238         }
239
240         return 0;
241 }
242
243 /*
244  * The decnet standards don't impose a particular minimum mtu, what they
245  * do insist on is that the routing layer accepts a datagram of at least
246  * 230 bytes long. Here we have to subtract the routing header length from
247  * 230 to get the minimum acceptable mtu. If there is no neighbour, then we
248  * assume the worst and use a long header size.
249  *
250  * We update both the mtu and the advertised mss (i.e. the segment size we
251  * advertise to the other end).
252  */
253 static void dn_dst_update_pmtu(struct dst_entry *dst, struct sock *sk,
254                                struct sk_buff *skb, u32 mtu,
255                                bool confirm_neigh)
256 {
257         struct dn_route *rt = (struct dn_route *) dst;
258         struct neighbour *n = rt->n;
259         u32 min_mtu = 230;
260         struct dn_dev *dn;
261
262         dn = n ? rcu_dereference_raw(n->dev->dn_ptr) : NULL;
263
264         if (dn && dn->use_long == 0)
265                 min_mtu -= 6;
266         else
267                 min_mtu -= 21;
268
269         if (dst_metric(dst, RTAX_MTU) > mtu && mtu >= min_mtu) {
270                 if (!(dst_metric_locked(dst, RTAX_MTU))) {
271                         dst_metric_set(dst, RTAX_MTU, mtu);
272                         dst_set_expires(dst, dn_rt_mtu_expires);
273                 }
274                 if (!(dst_metric_locked(dst, RTAX_ADVMSS))) {
275                         u32 mss = mtu - DN_MAX_NSP_DATA_HEADER;
276                         u32 existing_mss = dst_metric_raw(dst, RTAX_ADVMSS);
277                         if (!existing_mss || existing_mss > mss)
278                                 dst_metric_set(dst, RTAX_ADVMSS, mss);
279                 }
280         }
281 }
282
283 static void dn_dst_redirect(struct dst_entry *dst, struct sock *sk,
284                             struct sk_buff *skb)
285 {
286 }
287
288 /*
289  * When a route has been marked obsolete. (e.g. routing cache flush)
290  */
291 static struct dst_entry *dn_dst_check(struct dst_entry *dst, __u32 cookie)
292 {
293         return NULL;
294 }
295
296 static struct dst_entry *dn_dst_negative_advice(struct dst_entry *dst)
297 {
298         dst_release(dst);
299         return NULL;
300 }
301
302 static void dn_dst_link_failure(struct sk_buff *skb)
303 {
304 }
305
306 static inline int compare_keys(struct flowidn *fl1, struct flowidn *fl2)
307 {
308         return ((fl1->daddr ^ fl2->daddr) |
309                 (fl1->saddr ^ fl2->saddr) |
310                 (fl1->flowidn_mark ^ fl2->flowidn_mark) |
311                 (fl1->flowidn_scope ^ fl2->flowidn_scope) |
312                 (fl1->flowidn_oif ^ fl2->flowidn_oif) |
313                 (fl1->flowidn_iif ^ fl2->flowidn_iif)) == 0;
314 }
315
316 static int dn_insert_route(struct dn_route *rt, unsigned int hash, struct dn_route **rp)
317 {
318         struct dn_route *rth;
319         struct dn_route __rcu **rthp;
320         unsigned long now = jiffies;
321
322         rthp = &dn_rt_hash_table[hash].chain;
323
324         spin_lock_bh(&dn_rt_hash_table[hash].lock);
325         while ((rth = rcu_dereference_protected(*rthp,
326                                                 lockdep_is_held(&dn_rt_hash_table[hash].lock))) != NULL) {
327                 if (compare_keys(&rth->fld, &rt->fld)) {
328                         /* Put it first */
329                         *rthp = rth->dn_next;
330                         rcu_assign_pointer(rth->dn_next,
331                                            dn_rt_hash_table[hash].chain);
332                         rcu_assign_pointer(dn_rt_hash_table[hash].chain, rth);
333
334                         dst_hold_and_use(&rth->dst, now);
335                         spin_unlock_bh(&dn_rt_hash_table[hash].lock);
336
337                         dst_release_immediate(&rt->dst);
338                         *rp = rth;
339                         return 0;
340                 }
341                 rthp = &rth->dn_next;
342         }
343
344         rcu_assign_pointer(rt->dn_next, dn_rt_hash_table[hash].chain);
345         rcu_assign_pointer(dn_rt_hash_table[hash].chain, rt);
346
347         dst_hold_and_use(&rt->dst, now);
348         spin_unlock_bh(&dn_rt_hash_table[hash].lock);
349         *rp = rt;
350         return 0;
351 }
352
353 static void dn_run_flush(struct timer_list *unused)
354 {
355         int i;
356         struct dn_route *rt, *next;
357
358         for (i = 0; i < dn_rt_hash_mask; i++) {
359                 spin_lock_bh(&dn_rt_hash_table[i].lock);
360
361                 rt = xchg((struct dn_route **)&dn_rt_hash_table[i].chain, NULL);
362                 if (!rt)
363                         goto nothing_to_declare;
364
365                 for (; rt; rt = next) {
366                         next = rcu_dereference_raw(rt->dn_next);
367                         RCU_INIT_POINTER(rt->dn_next, NULL);
368                         dst_dev_put(&rt->dst);
369                         dst_release(&rt->dst);
370                 }
371
372 nothing_to_declare:
373                 spin_unlock_bh(&dn_rt_hash_table[i].lock);
374         }
375 }
376
377 static DEFINE_SPINLOCK(dn_rt_flush_lock);
378
379 void dn_rt_cache_flush(int delay)
380 {
381         unsigned long now = jiffies;
382         int user_mode = !in_interrupt();
383
384         if (delay < 0)
385                 delay = dn_rt_min_delay;
386
387         spin_lock_bh(&dn_rt_flush_lock);
388
389         if (del_timer(&dn_rt_flush_timer) && delay > 0 && dn_rt_deadline) {
390                 long tmo = (long)(dn_rt_deadline - now);
391
392                 if (user_mode && tmo < dn_rt_max_delay - dn_rt_min_delay)
393                         tmo = 0;
394
395                 if (delay > tmo)
396                         delay = tmo;
397         }
398
399         if (delay <= 0) {
400                 spin_unlock_bh(&dn_rt_flush_lock);
401                 dn_run_flush(NULL);
402                 return;
403         }
404
405         if (dn_rt_deadline == 0)
406                 dn_rt_deadline = now + dn_rt_max_delay;
407
408         dn_rt_flush_timer.expires = now + delay;
409         add_timer(&dn_rt_flush_timer);
410         spin_unlock_bh(&dn_rt_flush_lock);
411 }
412
413 /**
414  * dn_return_short - Return a short packet to its sender
415  * @skb: The packet to return
416  *
417  */
418 static int dn_return_short(struct sk_buff *skb)
419 {
420         struct dn_skb_cb *cb;
421         unsigned char *ptr;
422         __le16 *src;
423         __le16 *dst;
424
425         /* Add back headers */
426         skb_push(skb, skb->data - skb_network_header(skb));
427
428         skb = skb_unshare(skb, GFP_ATOMIC);
429         if (!skb)
430                 return NET_RX_DROP;
431
432         cb = DN_SKB_CB(skb);
433         /* Skip packet length and point to flags */
434         ptr = skb->data + 2;
435         *ptr++ = (cb->rt_flags & ~DN_RT_F_RQR) | DN_RT_F_RTS;
436
437         dst = (__le16 *)ptr;
438         ptr += 2;
439         src = (__le16 *)ptr;
440         ptr += 2;
441         *ptr = 0; /* Zero hop count */
442
443         swap(*src, *dst);
444
445         skb->pkt_type = PACKET_OUTGOING;
446         dn_rt_finish_output(skb, NULL, NULL);
447         return NET_RX_SUCCESS;
448 }
449
450 /**
451  * dn_return_long - Return a long packet to its sender
452  * @skb: The long format packet to return
453  *
454  */
455 static int dn_return_long(struct sk_buff *skb)
456 {
457         struct dn_skb_cb *cb;
458         unsigned char *ptr;
459         unsigned char *src_addr, *dst_addr;
460         unsigned char tmp[ETH_ALEN];
461
462         /* Add back all headers */
463         skb_push(skb, skb->data - skb_network_header(skb));
464
465         skb = skb_unshare(skb, GFP_ATOMIC);
466         if (!skb)
467                 return NET_RX_DROP;
468
469         cb = DN_SKB_CB(skb);
470         /* Ignore packet length and point to flags */
471         ptr = skb->data + 2;
472
473         /* Skip padding */
474         if (*ptr & DN_RT_F_PF) {
475                 char padlen = (*ptr & ~DN_RT_F_PF);
476                 ptr += padlen;
477         }
478
479         *ptr++ = (cb->rt_flags & ~DN_RT_F_RQR) | DN_RT_F_RTS;
480         ptr += 2;
481         dst_addr = ptr;
482         ptr += 8;
483         src_addr = ptr;
484         ptr += 6;
485         *ptr = 0; /* Zero hop count */
486
487         /* Swap source and destination */
488         memcpy(tmp, src_addr, ETH_ALEN);
489         memcpy(src_addr, dst_addr, ETH_ALEN);
490         memcpy(dst_addr, tmp, ETH_ALEN);
491
492         skb->pkt_type = PACKET_OUTGOING;
493         dn_rt_finish_output(skb, dst_addr, src_addr);
494         return NET_RX_SUCCESS;
495 }
496
497 /**
498  * dn_route_rx_packet - Try and find a route for an incoming packet
499  * @net: The applicable net namespace
500  * @sk: Socket packet transmitted on
501  * @skb: The packet to find a route for
502  *
503  * Returns: result of input function if route is found, error code otherwise
504  */
505 static int dn_route_rx_packet(struct net *net, struct sock *sk, struct sk_buff *skb)
506 {
507         struct dn_skb_cb *cb;
508         int err;
509
510         err = dn_route_input(skb);
511         if (err == 0)
512                 return dst_input(skb);
513
514         cb = DN_SKB_CB(skb);
515         if (decnet_debug_level & 4) {
516                 char *devname = skb->dev ? skb->dev->name : "???";
517
518                 printk(KERN_DEBUG
519                         "DECnet: dn_route_rx_packet: rt_flags=0x%02x dev=%s len=%d src=0x%04hx dst=0x%04hx err=%d type=%d\n",
520                         (int)cb->rt_flags, devname, skb->len,
521                         le16_to_cpu(cb->src), le16_to_cpu(cb->dst),
522                         err, skb->pkt_type);
523         }
524
525         if ((skb->pkt_type == PACKET_HOST) && (cb->rt_flags & DN_RT_F_RQR)) {
526                 switch (cb->rt_flags & DN_RT_PKT_MSK) {
527                 case DN_RT_PKT_SHORT:
528                         return dn_return_short(skb);
529                 case DN_RT_PKT_LONG:
530                         return dn_return_long(skb);
531                 }
532         }
533
534         kfree_skb(skb);
535         return NET_RX_DROP;
536 }
537
538 static int dn_route_rx_long(struct sk_buff *skb)
539 {
540         struct dn_skb_cb *cb = DN_SKB_CB(skb);
541         unsigned char *ptr = skb->data;
542
543         if (!pskb_may_pull(skb, 21)) /* 20 for long header, 1 for shortest nsp */
544                 goto drop_it;
545
546         skb_pull(skb, 20);
547         skb_reset_transport_header(skb);
548
549         /* Destination info */
550         ptr += 2;
551         cb->dst = dn_eth2dn(ptr);
552         if (memcmp(ptr, dn_hiord_addr, 4) != 0)
553                 goto drop_it;
554         ptr += 6;
555
556
557         /* Source info */
558         ptr += 2;
559         cb->src = dn_eth2dn(ptr);
560         if (memcmp(ptr, dn_hiord_addr, 4) != 0)
561                 goto drop_it;
562         ptr += 6;
563         /* Other junk */
564         ptr++;
565         cb->hops = *ptr++; /* Visit Count */
566
567         return NF_HOOK(NFPROTO_DECNET, NF_DN_PRE_ROUTING,
568                        &init_net, NULL, skb, skb->dev, NULL,
569                        dn_route_rx_packet);
570
571 drop_it:
572         kfree_skb(skb);
573         return NET_RX_DROP;
574 }
575
576
577
578 static int dn_route_rx_short(struct sk_buff *skb)
579 {
580         struct dn_skb_cb *cb = DN_SKB_CB(skb);
581         unsigned char *ptr = skb->data;
582
583         if (!pskb_may_pull(skb, 6)) /* 5 for short header + 1 for shortest nsp */
584                 goto drop_it;
585
586         skb_pull(skb, 5);
587         skb_reset_transport_header(skb);
588
589         cb->dst = *(__le16 *)ptr;
590         ptr += 2;
591         cb->src = *(__le16 *)ptr;
592         ptr += 2;
593         cb->hops = *ptr & 0x3f;
594
595         return NF_HOOK(NFPROTO_DECNET, NF_DN_PRE_ROUTING,
596                        &init_net, NULL, skb, skb->dev, NULL,
597                        dn_route_rx_packet);
598
599 drop_it:
600         kfree_skb(skb);
601         return NET_RX_DROP;
602 }
603
604 static int dn_route_discard(struct net *net, struct sock *sk, struct sk_buff *skb)
605 {
606         /*
607          * I know we drop the packet here, but that's considered success in
608          * this case
609          */
610         kfree_skb(skb);
611         return NET_RX_SUCCESS;
612 }
613
614 static int dn_route_ptp_hello(struct net *net, struct sock *sk, struct sk_buff *skb)
615 {
616         dn_dev_hello(skb);
617         dn_neigh_pointopoint_hello(skb);
618         return NET_RX_SUCCESS;
619 }
620
621 int dn_route_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev)
622 {
623         struct dn_skb_cb *cb;
624         unsigned char flags = 0;
625         __u16 len = le16_to_cpu(*(__le16 *)skb->data);
626         struct dn_dev *dn = rcu_dereference(dev->dn_ptr);
627         unsigned char padlen = 0;
628
629         if (!net_eq(dev_net(dev), &init_net))
630                 goto dump_it;
631
632         if (dn == NULL)
633                 goto dump_it;
634
635         skb = skb_share_check(skb, GFP_ATOMIC);
636         if (!skb)
637                 goto out;
638
639         if (!pskb_may_pull(skb, 3))
640                 goto dump_it;
641
642         skb_pull(skb, 2);
643
644         if (len > skb->len)
645                 goto dump_it;
646
647         skb_trim(skb, len);
648
649         flags = *skb->data;
650
651         cb = DN_SKB_CB(skb);
652         cb->stamp = jiffies;
653         cb->iif = dev->ifindex;
654
655         /*
656          * If we have padding, remove it.
657          */
658         if (flags & DN_RT_F_PF) {
659                 padlen = flags & ~DN_RT_F_PF;
660                 if (!pskb_may_pull(skb, padlen + 1))
661                         goto dump_it;
662                 skb_pull(skb, padlen);
663                 flags = *skb->data;
664         }
665
666         skb_reset_network_header(skb);
667
668         /*
669          * Weed out future version DECnet
670          */
671         if (flags & DN_RT_F_VER)
672                 goto dump_it;
673
674         cb->rt_flags = flags;
675
676         if (decnet_debug_level & 1)
677                 printk(KERN_DEBUG
678                         "dn_route_rcv: got 0x%02x from %s [%d %d %d]\n",
679                         (int)flags, dev->name, len, skb->len,
680                         padlen);
681
682         if (flags & DN_RT_PKT_CNTL) {
683                 if (unlikely(skb_linearize(skb)))
684                         goto dump_it;
685
686                 switch (flags & DN_RT_CNTL_MSK) {
687                 case DN_RT_PKT_INIT:
688                         dn_dev_init_pkt(skb);
689                         break;
690                 case DN_RT_PKT_VERI:
691                         dn_dev_veri_pkt(skb);
692                         break;
693                 }
694
695                 if (dn->parms.state != DN_DEV_S_RU)
696                         goto dump_it;
697
698                 switch (flags & DN_RT_CNTL_MSK) {
699                 case DN_RT_PKT_HELO:
700                         return NF_HOOK(NFPROTO_DECNET, NF_DN_HELLO,
701                                        &init_net, NULL, skb, skb->dev, NULL,
702                                        dn_route_ptp_hello);
703
704                 case DN_RT_PKT_L1RT:
705                 case DN_RT_PKT_L2RT:
706                         return NF_HOOK(NFPROTO_DECNET, NF_DN_ROUTE,
707                                        &init_net, NULL, skb, skb->dev, NULL,
708                                        dn_route_discard);
709                 case DN_RT_PKT_ERTH:
710                         return NF_HOOK(NFPROTO_DECNET, NF_DN_HELLO,
711                                        &init_net, NULL, skb, skb->dev, NULL,
712                                        dn_neigh_router_hello);
713
714                 case DN_RT_PKT_EEDH:
715                         return NF_HOOK(NFPROTO_DECNET, NF_DN_HELLO,
716                                        &init_net, NULL, skb, skb->dev, NULL,
717                                        dn_neigh_endnode_hello);
718                 }
719         } else {
720                 if (dn->parms.state != DN_DEV_S_RU)
721                         goto dump_it;
722
723                 skb_pull(skb, 1); /* Pull flags */
724
725                 switch (flags & DN_RT_PKT_MSK) {
726                 case DN_RT_PKT_LONG:
727                         return dn_route_rx_long(skb);
728                 case DN_RT_PKT_SHORT:
729                         return dn_route_rx_short(skb);
730                 }
731         }
732
733 dump_it:
734         kfree_skb(skb);
735 out:
736         return NET_RX_DROP;
737 }
738
739 static int dn_output(struct net *net, struct sock *sk, struct sk_buff *skb)
740 {
741         struct dst_entry *dst = skb_dst(skb);
742         struct dn_route *rt = (struct dn_route *)dst;
743         struct net_device *dev = dst->dev;
744         struct dn_skb_cb *cb = DN_SKB_CB(skb);
745
746         int err = -EINVAL;
747
748         if (rt->n == NULL)
749                 goto error;
750
751         skb->dev = dev;
752
753         cb->src = rt->rt_saddr;
754         cb->dst = rt->rt_daddr;
755
756         /*
757          * Always set the Intra-Ethernet bit on all outgoing packets
758          * originated on this node. Only valid flag from upper layers
759          * is return-to-sender-requested. Set hop count to 0 too.
760          */
761         cb->rt_flags &= ~DN_RT_F_RQR;
762         cb->rt_flags |= DN_RT_F_IE;
763         cb->hops = 0;
764
765         return NF_HOOK(NFPROTO_DECNET, NF_DN_LOCAL_OUT,
766                        &init_net, sk, skb, NULL, dev,
767                        dn_to_neigh_output);
768
769 error:
770         net_dbg_ratelimited("dn_output: This should not happen\n");
771
772         kfree_skb(skb);
773
774         return err;
775 }
776
777 static int dn_forward(struct sk_buff *skb)
778 {
779         struct dn_skb_cb *cb = DN_SKB_CB(skb);
780         struct dst_entry *dst = skb_dst(skb);
781         struct dn_dev *dn_db = rcu_dereference(dst->dev->dn_ptr);
782         struct dn_route *rt;
783         int header_len;
784         struct net_device *dev = skb->dev;
785
786         if (skb->pkt_type != PACKET_HOST)
787                 goto drop;
788
789         /* Ensure that we have enough space for headers */
790         rt = (struct dn_route *)skb_dst(skb);
791         header_len = dn_db->use_long ? 21 : 6;
792         if (skb_cow(skb, LL_RESERVED_SPACE(rt->dst.dev)+header_len))
793                 goto drop;
794
795         /*
796          * Hop count exceeded.
797          */
798         if (++cb->hops > 30)
799                 goto drop;
800
801         skb->dev = rt->dst.dev;
802
803         /*
804          * If packet goes out same interface it came in on, then set
805          * the Intra-Ethernet bit. This has no effect for short
806          * packets, so we don't need to test for them here.
807          */
808         cb->rt_flags &= ~DN_RT_F_IE;
809         if (rt->rt_flags & RTCF_DOREDIRECT)
810                 cb->rt_flags |= DN_RT_F_IE;
811
812         return NF_HOOK(NFPROTO_DECNET, NF_DN_FORWARD,
813                        &init_net, NULL, skb, dev, skb->dev,
814                        dn_to_neigh_output);
815
816 drop:
817         kfree_skb(skb);
818         return NET_RX_DROP;
819 }
820
821 /*
822  * Used to catch bugs. This should never normally get
823  * called.
824  */
825 static int dn_rt_bug_out(struct net *net, struct sock *sk, struct sk_buff *skb)
826 {
827         struct dn_skb_cb *cb = DN_SKB_CB(skb);
828
829         net_dbg_ratelimited("dn_rt_bug: skb from:%04x to:%04x\n",
830                             le16_to_cpu(cb->src), le16_to_cpu(cb->dst));
831
832         kfree_skb(skb);
833
834         return NET_RX_DROP;
835 }
836
837 static int dn_rt_bug(struct sk_buff *skb)
838 {
839         struct dn_skb_cb *cb = DN_SKB_CB(skb);
840
841         net_dbg_ratelimited("dn_rt_bug: skb from:%04x to:%04x\n",
842                             le16_to_cpu(cb->src), le16_to_cpu(cb->dst));
843
844         kfree_skb(skb);
845
846         return NET_RX_DROP;
847 }
848
849 static unsigned int dn_dst_default_advmss(const struct dst_entry *dst)
850 {
851         return dn_mss_from_pmtu(dst->dev, dst_mtu(dst));
852 }
853
854 static unsigned int dn_dst_mtu(const struct dst_entry *dst)
855 {
856         unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
857
858         return mtu ? : dst->dev->mtu;
859 }
860
861 static struct neighbour *dn_dst_neigh_lookup(const struct dst_entry *dst,
862                                              struct sk_buff *skb,
863                                              const void *daddr)
864 {
865         return __neigh_lookup_errno(&dn_neigh_table, daddr, dst->dev);
866 }
867
868 static int dn_rt_set_next_hop(struct dn_route *rt, struct dn_fib_res *res)
869 {
870         struct dn_fib_info *fi = res->fi;
871         struct net_device *dev = rt->dst.dev;
872         unsigned int mss_metric;
873         struct neighbour *n;
874
875         if (fi) {
876                 if (DN_FIB_RES_GW(*res) &&
877                     DN_FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
878                         rt->rt_gateway = DN_FIB_RES_GW(*res);
879                 dst_init_metrics(&rt->dst, fi->fib_metrics, true);
880         }
881         rt->rt_type = res->type;
882
883         if (dev != NULL && rt->n == NULL) {
884                 n = __neigh_lookup_errno(&dn_neigh_table, &rt->rt_gateway, dev);
885                 if (IS_ERR(n))
886                         return PTR_ERR(n);
887                 rt->n = n;
888         }
889
890         if (dst_metric(&rt->dst, RTAX_MTU) > rt->dst.dev->mtu)
891                 dst_metric_set(&rt->dst, RTAX_MTU, rt->dst.dev->mtu);
892         mss_metric = dst_metric_raw(&rt->dst, RTAX_ADVMSS);
893         if (mss_metric) {
894                 unsigned int mss = dn_mss_from_pmtu(dev, dst_mtu(&rt->dst));
895                 if (mss_metric > mss)
896                         dst_metric_set(&rt->dst, RTAX_ADVMSS, mss);
897         }
898         return 0;
899 }
900
901 static inline int dn_match_addr(__le16 addr1, __le16 addr2)
902 {
903         __u16 tmp = le16_to_cpu(addr1) ^ le16_to_cpu(addr2);
904         int match = 16;
905         while (tmp) {
906                 tmp >>= 1;
907                 match--;
908         }
909         return match;
910 }
911
912 static __le16 dnet_select_source(const struct net_device *dev, __le16 daddr, int scope)
913 {
914         __le16 saddr = 0;
915         struct dn_dev *dn_db;
916         struct dn_ifaddr *ifa;
917         int best_match = 0;
918         int ret;
919
920         rcu_read_lock();
921         dn_db = rcu_dereference(dev->dn_ptr);
922         for (ifa = rcu_dereference(dn_db->ifa_list);
923              ifa != NULL;
924              ifa = rcu_dereference(ifa->ifa_next)) {
925                 if (ifa->ifa_scope > scope)
926                         continue;
927                 if (!daddr) {
928                         saddr = ifa->ifa_local;
929                         break;
930                 }
931                 ret = dn_match_addr(daddr, ifa->ifa_local);
932                 if (ret > best_match)
933                         saddr = ifa->ifa_local;
934                 if (best_match == 0)
935                         saddr = ifa->ifa_local;
936         }
937         rcu_read_unlock();
938
939         return saddr;
940 }
941
942 static inline __le16 __dn_fib_res_prefsrc(struct dn_fib_res *res)
943 {
944         return dnet_select_source(DN_FIB_RES_DEV(*res), DN_FIB_RES_GW(*res), res->scope);
945 }
946
947 static inline __le16 dn_fib_rules_map_destination(__le16 daddr, struct dn_fib_res *res)
948 {
949         __le16 mask = dnet_make_mask(res->prefixlen);
950         return (daddr&~mask)|res->fi->fib_nh->nh_gw;
951 }
952
953 static int dn_route_output_slow(struct dst_entry **pprt, const struct flowidn *oldflp, int try_hard)
954 {
955         struct flowidn fld = {
956                 .daddr = oldflp->daddr,
957                 .saddr = oldflp->saddr,
958                 .flowidn_scope = RT_SCOPE_UNIVERSE,
959                 .flowidn_mark = oldflp->flowidn_mark,
960                 .flowidn_iif = LOOPBACK_IFINDEX,
961                 .flowidn_oif = oldflp->flowidn_oif,
962         };
963         struct dn_route *rt = NULL;
964         struct net_device *dev_out = NULL, *dev;
965         struct neighbour *neigh = NULL;
966         unsigned int hash;
967         unsigned int flags = 0;
968         struct dn_fib_res res = { .fi = NULL, .type = RTN_UNICAST };
969         int err;
970         int free_res = 0;
971         __le16 gateway = 0;
972
973         if (decnet_debug_level & 16)
974                 printk(KERN_DEBUG
975                        "dn_route_output_slow: dst=%04x src=%04x mark=%d"
976                        " iif=%d oif=%d\n", le16_to_cpu(oldflp->daddr),
977                        le16_to_cpu(oldflp->saddr),
978                        oldflp->flowidn_mark, LOOPBACK_IFINDEX,
979                        oldflp->flowidn_oif);
980
981         /* If we have an output interface, verify its a DECnet device */
982         if (oldflp->flowidn_oif) {
983                 dev_out = dev_get_by_index(&init_net, oldflp->flowidn_oif);
984                 err = -ENODEV;
985                 if (dev_out && dev_out->dn_ptr == NULL) {
986                         dev_put(dev_out);
987                         dev_out = NULL;
988                 }
989                 if (dev_out == NULL)
990                         goto out;
991         }
992
993         /* If we have a source address, verify that its a local address */
994         if (oldflp->saddr) {
995                 err = -EADDRNOTAVAIL;
996
997                 if (dev_out) {
998                         if (dn_dev_islocal(dev_out, oldflp->saddr))
999                                 goto source_ok;
1000                         dev_put(dev_out);
1001                         goto out;
1002                 }
1003                 rcu_read_lock();
1004                 for_each_netdev_rcu(&init_net, dev) {
1005                         if (!dev->dn_ptr)
1006                                 continue;
1007                         if (!dn_dev_islocal(dev, oldflp->saddr))
1008                                 continue;
1009                         if ((dev->flags & IFF_LOOPBACK) &&
1010                             oldflp->daddr &&
1011                             !dn_dev_islocal(dev, oldflp->daddr))
1012                                 continue;
1013
1014                         dev_out = dev;
1015                         break;
1016                 }
1017                 rcu_read_unlock();
1018                 if (dev_out == NULL)
1019                         goto out;
1020                 dev_hold(dev_out);
1021 source_ok:
1022                 ;
1023         }
1024
1025         /* No destination? Assume its local */
1026         if (!fld.daddr) {
1027                 fld.daddr = fld.saddr;
1028
1029                 dev_put(dev_out);
1030                 err = -EINVAL;
1031                 dev_out = init_net.loopback_dev;
1032                 if (!dev_out->dn_ptr)
1033                         goto out;
1034                 err = -EADDRNOTAVAIL;
1035                 dev_hold(dev_out);
1036                 if (!fld.daddr) {
1037                         fld.daddr =
1038                         fld.saddr = dnet_select_source(dev_out, 0,
1039                                                        RT_SCOPE_HOST);
1040                         if (!fld.daddr)
1041                                 goto done;
1042                 }
1043                 fld.flowidn_oif = LOOPBACK_IFINDEX;
1044                 res.type = RTN_LOCAL;
1045                 goto make_route;
1046         }
1047
1048         if (decnet_debug_level & 16)
1049                 printk(KERN_DEBUG
1050                        "dn_route_output_slow: initial checks complete."
1051                        " dst=%04x src=%04x oif=%d try_hard=%d\n",
1052                        le16_to_cpu(fld.daddr), le16_to_cpu(fld.saddr),
1053                        fld.flowidn_oif, try_hard);
1054
1055         /*
1056          * N.B. If the kernel is compiled without router support then
1057          * dn_fib_lookup() will evaluate to non-zero so this if () block
1058          * will always be executed.
1059          */
1060         err = -ESRCH;
1061         if (try_hard || (err = dn_fib_lookup(&fld, &res)) != 0) {
1062                 struct dn_dev *dn_db;
1063                 if (err != -ESRCH)
1064                         goto out;
1065                 /*
1066                  * Here the fallback is basically the standard algorithm for
1067                  * routing in endnodes which is described in the DECnet routing
1068                  * docs
1069                  *
1070                  * If we are not trying hard, look in neighbour cache.
1071                  * The result is tested to ensure that if a specific output
1072                  * device/source address was requested, then we honour that
1073                  * here
1074                  */
1075                 if (!try_hard) {
1076                         neigh = neigh_lookup_nodev(&dn_neigh_table, &init_net, &fld.daddr);
1077                         if (neigh) {
1078                                 if ((oldflp->flowidn_oif &&
1079                                     (neigh->dev->ifindex != oldflp->flowidn_oif)) ||
1080                                     (oldflp->saddr &&
1081                                     (!dn_dev_islocal(neigh->dev,
1082                                                      oldflp->saddr)))) {
1083                                         neigh_release(neigh);
1084                                         neigh = NULL;
1085                                 } else {
1086                                         dev_put(dev_out);
1087                                         if (dn_dev_islocal(neigh->dev, fld.daddr)) {
1088                                                 dev_out = init_net.loopback_dev;
1089                                                 res.type = RTN_LOCAL;
1090                                         } else {
1091                                                 dev_out = neigh->dev;
1092                                         }
1093                                         dev_hold(dev_out);
1094                                         goto select_source;
1095                                 }
1096                         }
1097                 }
1098
1099                 /* Not there? Perhaps its a local address */
1100                 if (dev_out == NULL)
1101                         dev_out = dn_dev_get_default();
1102                 err = -ENODEV;
1103                 if (dev_out == NULL)
1104                         goto out;
1105                 dn_db = rcu_dereference_raw(dev_out->dn_ptr);
1106                 if (!dn_db)
1107                         goto e_inval;
1108                 /* Possible improvement - check all devices for local addr */
1109                 if (dn_dev_islocal(dev_out, fld.daddr)) {
1110                         dev_put(dev_out);
1111                         dev_out = init_net.loopback_dev;
1112                         dev_hold(dev_out);
1113                         res.type = RTN_LOCAL;
1114                         goto select_source;
1115                 }
1116                 /* Not local either.... try sending it to the default router */
1117                 neigh = neigh_clone(dn_db->router);
1118                 BUG_ON(neigh && neigh->dev != dev_out);
1119
1120                 /* Ok then, we assume its directly connected and move on */
1121 select_source:
1122                 if (neigh)
1123                         gateway = ((struct dn_neigh *)neigh)->addr;
1124                 if (gateway == 0)
1125                         gateway = fld.daddr;
1126                 if (fld.saddr == 0) {
1127                         fld.saddr = dnet_select_source(dev_out, gateway,
1128                                                        res.type == RTN_LOCAL ?
1129                                                        RT_SCOPE_HOST :
1130                                                        RT_SCOPE_LINK);
1131                         if (fld.saddr == 0 && res.type != RTN_LOCAL)
1132                                 goto e_addr;
1133                 }
1134                 fld.flowidn_oif = dev_out->ifindex;
1135                 goto make_route;
1136         }
1137         free_res = 1;
1138
1139         if (res.type == RTN_NAT)
1140                 goto e_inval;
1141
1142         if (res.type == RTN_LOCAL) {
1143                 if (!fld.saddr)
1144                         fld.saddr = fld.daddr;
1145                 dev_put(dev_out);
1146                 dev_out = init_net.loopback_dev;
1147                 dev_hold(dev_out);
1148                 if (!dev_out->dn_ptr)
1149                         goto e_inval;
1150                 fld.flowidn_oif = dev_out->ifindex;
1151                 if (res.fi)
1152                         dn_fib_info_put(res.fi);
1153                 res.fi = NULL;
1154                 goto make_route;
1155         }
1156
1157         if (res.fi->fib_nhs > 1 && fld.flowidn_oif == 0)
1158                 dn_fib_select_multipath(&fld, &res);
1159
1160         /*
1161          * We could add some logic to deal with default routes here and
1162          * get rid of some of the special casing above.
1163          */
1164
1165         if (!fld.saddr)
1166                 fld.saddr = DN_FIB_RES_PREFSRC(res);
1167
1168         dev_put(dev_out);
1169         dev_out = DN_FIB_RES_DEV(res);
1170         dev_hold(dev_out);
1171         fld.flowidn_oif = dev_out->ifindex;
1172         gateway = DN_FIB_RES_GW(res);
1173
1174 make_route:
1175         if (dev_out->flags & IFF_LOOPBACK)
1176                 flags |= RTCF_LOCAL;
1177
1178         rt = dst_alloc(&dn_dst_ops, dev_out, 0, DST_OBSOLETE_NONE, 0);
1179         if (rt == NULL)
1180                 goto e_nobufs;
1181
1182         rt->dn_next = NULL;
1183         memset(&rt->fld, 0, sizeof(rt->fld));
1184         rt->fld.saddr        = oldflp->saddr;
1185         rt->fld.daddr        = oldflp->daddr;
1186         rt->fld.flowidn_oif  = oldflp->flowidn_oif;
1187         rt->fld.flowidn_iif  = 0;
1188         rt->fld.flowidn_mark = oldflp->flowidn_mark;
1189
1190         rt->rt_saddr      = fld.saddr;
1191         rt->rt_daddr      = fld.daddr;
1192         rt->rt_gateway    = gateway ? gateway : fld.daddr;
1193         rt->rt_local_src  = fld.saddr;
1194
1195         rt->rt_dst_map    = fld.daddr;
1196         rt->rt_src_map    = fld.saddr;
1197
1198         rt->n = neigh;
1199         neigh = NULL;
1200
1201         rt->dst.lastuse = jiffies;
1202         rt->dst.output  = dn_output;
1203         rt->dst.input   = dn_rt_bug;
1204         rt->rt_flags      = flags;
1205         if (flags & RTCF_LOCAL)
1206                 rt->dst.input = dn_nsp_rx;
1207
1208         err = dn_rt_set_next_hop(rt, &res);
1209         if (err)
1210                 goto e_neighbour;
1211
1212         hash = dn_hash(rt->fld.saddr, rt->fld.daddr);
1213         /* dn_insert_route() increments dst->__refcnt */
1214         dn_insert_route(rt, hash, (struct dn_route **)pprt);
1215
1216 done:
1217         if (neigh)
1218                 neigh_release(neigh);
1219         if (free_res)
1220                 dn_fib_res_put(&res);
1221         dev_put(dev_out);
1222 out:
1223         return err;
1224
1225 e_addr:
1226         err = -EADDRNOTAVAIL;
1227         goto done;
1228 e_inval:
1229         err = -EINVAL;
1230         goto done;
1231 e_nobufs:
1232         err = -ENOBUFS;
1233         goto done;
1234 e_neighbour:
1235         dst_release_immediate(&rt->dst);
1236         goto e_nobufs;
1237 }
1238
1239
1240 /*
1241  * N.B. The flags may be moved into the flowi at some future stage.
1242  */
1243 static int __dn_route_output_key(struct dst_entry **pprt, const struct flowidn *flp, int flags)
1244 {
1245         unsigned int hash = dn_hash(flp->saddr, flp->daddr);
1246         struct dn_route *rt = NULL;
1247
1248         if (!(flags & MSG_TRYHARD)) {
1249                 rcu_read_lock_bh();
1250                 for (rt = rcu_dereference_bh(dn_rt_hash_table[hash].chain); rt;
1251                         rt = rcu_dereference_bh(rt->dn_next)) {
1252                         if ((flp->daddr == rt->fld.daddr) &&
1253                             (flp->saddr == rt->fld.saddr) &&
1254                             (flp->flowidn_mark == rt->fld.flowidn_mark) &&
1255                             dn_is_output_route(rt) &&
1256                             (rt->fld.flowidn_oif == flp->flowidn_oif)) {
1257                                 dst_hold_and_use(&rt->dst, jiffies);
1258                                 rcu_read_unlock_bh();
1259                                 *pprt = &rt->dst;
1260                                 return 0;
1261                         }
1262                 }
1263                 rcu_read_unlock_bh();
1264         }
1265
1266         return dn_route_output_slow(pprt, flp, flags);
1267 }
1268
1269 static int dn_route_output_key(struct dst_entry **pprt, struct flowidn *flp, int flags)
1270 {
1271         int err;
1272
1273         err = __dn_route_output_key(pprt, flp, flags);
1274         if (err == 0 && flp->flowidn_proto) {
1275                 *pprt = xfrm_lookup(&init_net, *pprt,
1276                                     flowidn_to_flowi(flp), NULL, 0);
1277                 if (IS_ERR(*pprt)) {
1278                         err = PTR_ERR(*pprt);
1279                         *pprt = NULL;
1280                 }
1281         }
1282         return err;
1283 }
1284
1285 int dn_route_output_sock(struct dst_entry __rcu **pprt, struct flowidn *fl, struct sock *sk, int flags)
1286 {
1287         int err;
1288
1289         err = __dn_route_output_key(pprt, fl, flags & MSG_TRYHARD);
1290         if (err == 0 && fl->flowidn_proto) {
1291                 *pprt = xfrm_lookup(&init_net, *pprt,
1292                                     flowidn_to_flowi(fl), sk, 0);
1293                 if (IS_ERR(*pprt)) {
1294                         err = PTR_ERR(*pprt);
1295                         *pprt = NULL;
1296                 }
1297         }
1298         return err;
1299 }
1300
1301 static int dn_route_input_slow(struct sk_buff *skb)
1302 {
1303         struct dn_route *rt = NULL;
1304         struct dn_skb_cb *cb = DN_SKB_CB(skb);
1305         struct net_device *in_dev = skb->dev;
1306         struct net_device *out_dev = NULL;
1307         struct dn_dev *dn_db;
1308         struct neighbour *neigh = NULL;
1309         unsigned int hash;
1310         int flags = 0;
1311         __le16 gateway = 0;
1312         __le16 local_src = 0;
1313         struct flowidn fld = {
1314                 .daddr = cb->dst,
1315                 .saddr = cb->src,
1316                 .flowidn_scope = RT_SCOPE_UNIVERSE,
1317                 .flowidn_mark = skb->mark,
1318                 .flowidn_iif = skb->dev->ifindex,
1319         };
1320         struct dn_fib_res res = { .fi = NULL, .type = RTN_UNREACHABLE };
1321         int err = -EINVAL;
1322         int free_res = 0;
1323
1324         dev_hold(in_dev);
1325
1326         dn_db = rcu_dereference(in_dev->dn_ptr);
1327         if (!dn_db)
1328                 goto out;
1329
1330         /* Zero source addresses are not allowed */
1331         if (fld.saddr == 0)
1332                 goto out;
1333
1334         /*
1335          * In this case we've just received a packet from a source
1336          * outside ourselves pretending to come from us. We don't
1337          * allow it any further to prevent routing loops, spoofing and
1338          * other nasties. Loopback packets already have the dst attached
1339          * so this only affects packets which have originated elsewhere.
1340          */
1341         err  = -ENOTUNIQ;
1342         if (dn_dev_islocal(in_dev, cb->src))
1343                 goto out;
1344
1345         err = dn_fib_lookup(&fld, &res);
1346         if (err) {
1347                 if (err != -ESRCH)
1348                         goto out;
1349                 /*
1350                  * Is the destination us ?
1351                  */
1352                 if (!dn_dev_islocal(in_dev, cb->dst))
1353                         goto e_inval;
1354
1355                 res.type = RTN_LOCAL;
1356         } else {
1357                 __le16 src_map = fld.saddr;
1358                 free_res = 1;
1359
1360                 out_dev = DN_FIB_RES_DEV(res);
1361                 if (out_dev == NULL) {
1362                         net_crit_ratelimited("Bug in dn_route_input_slow() No output device\n");
1363                         goto e_inval;
1364                 }
1365                 dev_hold(out_dev);
1366
1367                 if (res.r)
1368                         src_map = fld.saddr; /* no NAT support for now */
1369
1370                 gateway = DN_FIB_RES_GW(res);
1371                 if (res.type == RTN_NAT) {
1372                         fld.daddr = dn_fib_rules_map_destination(fld.daddr, &res);
1373                         dn_fib_res_put(&res);
1374                         free_res = 0;
1375                         if (dn_fib_lookup(&fld, &res))
1376                                 goto e_inval;
1377                         free_res = 1;
1378                         if (res.type != RTN_UNICAST)
1379                                 goto e_inval;
1380                         flags |= RTCF_DNAT;
1381                         gateway = fld.daddr;
1382                 }
1383                 fld.saddr = src_map;
1384         }
1385
1386         switch (res.type) {
1387         case RTN_UNICAST:
1388                 /*
1389                  * Forwarding check here, we only check for forwarding
1390                  * being turned off, if you want to only forward intra
1391                  * area, its up to you to set the routing tables up
1392                  * correctly.
1393                  */
1394                 if (dn_db->parms.forwarding == 0)
1395                         goto e_inval;
1396
1397                 if (res.fi->fib_nhs > 1 && fld.flowidn_oif == 0)
1398                         dn_fib_select_multipath(&fld, &res);
1399
1400                 /*
1401                  * Check for out_dev == in_dev. We use the RTCF_DOREDIRECT
1402                  * flag as a hint to set the intra-ethernet bit when
1403                  * forwarding. If we've got NAT in operation, we don't do
1404                  * this optimisation.
1405                  */
1406                 if (out_dev == in_dev && !(flags & RTCF_NAT))
1407                         flags |= RTCF_DOREDIRECT;
1408
1409                 local_src = DN_FIB_RES_PREFSRC(res);
1410                 break;
1411         case RTN_BLACKHOLE:
1412         case RTN_UNREACHABLE:
1413                 break;
1414         case RTN_LOCAL:
1415                 flags |= RTCF_LOCAL;
1416                 fld.saddr = cb->dst;
1417                 fld.daddr = cb->src;
1418
1419                 /* Routing tables gave us a gateway */
1420                 if (gateway)
1421                         goto make_route;
1422
1423                 /* Packet was intra-ethernet, so we know its on-link */
1424                 if (cb->rt_flags & DN_RT_F_IE) {
1425                         gateway = cb->src;
1426                         goto make_route;
1427                 }
1428
1429                 /* Use the default router if there is one */
1430                 neigh = neigh_clone(dn_db->router);
1431                 if (neigh) {
1432                         gateway = ((struct dn_neigh *)neigh)->addr;
1433                         goto make_route;
1434                 }
1435
1436                 /* Close eyes and pray */
1437                 gateway = cb->src;
1438                 goto make_route;
1439         default:
1440                 goto e_inval;
1441         }
1442
1443 make_route:
1444         rt = dst_alloc(&dn_dst_ops, out_dev, 1, DST_OBSOLETE_NONE, 0);
1445         if (rt == NULL)
1446                 goto e_nobufs;
1447
1448         rt->dn_next = NULL;
1449         memset(&rt->fld, 0, sizeof(rt->fld));
1450         rt->rt_saddr      = fld.saddr;
1451         rt->rt_daddr      = fld.daddr;
1452         rt->rt_gateway    = fld.daddr;
1453         if (gateway)
1454                 rt->rt_gateway = gateway;
1455         rt->rt_local_src  = local_src ? local_src : rt->rt_saddr;
1456
1457         rt->rt_dst_map    = fld.daddr;
1458         rt->rt_src_map    = fld.saddr;
1459
1460         rt->fld.saddr        = cb->src;
1461         rt->fld.daddr        = cb->dst;
1462         rt->fld.flowidn_oif  = 0;
1463         rt->fld.flowidn_iif  = in_dev->ifindex;
1464         rt->fld.flowidn_mark = fld.flowidn_mark;
1465
1466         rt->n = neigh;
1467         rt->dst.lastuse = jiffies;
1468         rt->dst.output = dn_rt_bug_out;
1469         switch (res.type) {
1470         case RTN_UNICAST:
1471                 rt->dst.input = dn_forward;
1472                 break;
1473         case RTN_LOCAL:
1474                 rt->dst.output = dn_output;
1475                 rt->dst.input = dn_nsp_rx;
1476                 rt->dst.dev = in_dev;
1477                 flags |= RTCF_LOCAL;
1478                 break;
1479         default:
1480         case RTN_UNREACHABLE:
1481         case RTN_BLACKHOLE:
1482                 rt->dst.input = dst_discard;
1483         }
1484         rt->rt_flags = flags;
1485
1486         err = dn_rt_set_next_hop(rt, &res);
1487         if (err)
1488                 goto e_neighbour;
1489
1490         hash = dn_hash(rt->fld.saddr, rt->fld.daddr);
1491         /* dn_insert_route() increments dst->__refcnt */
1492         dn_insert_route(rt, hash, &rt);
1493         skb_dst_set(skb, &rt->dst);
1494
1495 done:
1496         if (neigh)
1497                 neigh_release(neigh);
1498         if (free_res)
1499                 dn_fib_res_put(&res);
1500         dev_put(in_dev);
1501         dev_put(out_dev);
1502 out:
1503         return err;
1504
1505 e_inval:
1506         err = -EINVAL;
1507         goto done;
1508
1509 e_nobufs:
1510         err = -ENOBUFS;
1511         goto done;
1512
1513 e_neighbour:
1514         dst_release_immediate(&rt->dst);
1515         goto done;
1516 }
1517
1518 static int dn_route_input(struct sk_buff *skb)
1519 {
1520         struct dn_route *rt;
1521         struct dn_skb_cb *cb = DN_SKB_CB(skb);
1522         unsigned int hash = dn_hash(cb->src, cb->dst);
1523
1524         if (skb_dst(skb))
1525                 return 0;
1526
1527         rcu_read_lock();
1528         for (rt = rcu_dereference(dn_rt_hash_table[hash].chain); rt != NULL;
1529             rt = rcu_dereference(rt->dn_next)) {
1530                 if ((rt->fld.saddr == cb->src) &&
1531                     (rt->fld.daddr == cb->dst) &&
1532                     (rt->fld.flowidn_oif == 0) &&
1533                     (rt->fld.flowidn_mark == skb->mark) &&
1534                     (rt->fld.flowidn_iif == cb->iif)) {
1535                         dst_hold_and_use(&rt->dst, jiffies);
1536                         rcu_read_unlock();
1537                         skb_dst_set(skb, (struct dst_entry *)rt);
1538                         return 0;
1539                 }
1540         }
1541         rcu_read_unlock();
1542
1543         return dn_route_input_slow(skb);
1544 }
1545
1546 static int dn_rt_fill_info(struct sk_buff *skb, u32 portid, u32 seq,
1547                            int event, int nowait, unsigned int flags)
1548 {
1549         struct dn_route *rt = (struct dn_route *)skb_dst(skb);
1550         struct rtmsg *r;
1551         struct nlmsghdr *nlh;
1552         long expires;
1553
1554         nlh = nlmsg_put(skb, portid, seq, event, sizeof(*r), flags);
1555         if (!nlh)
1556                 return -EMSGSIZE;
1557
1558         r = nlmsg_data(nlh);
1559         r->rtm_family = AF_DECnet;
1560         r->rtm_dst_len = 16;
1561         r->rtm_src_len = 0;
1562         r->rtm_tos = 0;
1563         r->rtm_table = RT_TABLE_MAIN;
1564         r->rtm_type = rt->rt_type;
1565         r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
1566         r->rtm_scope = RT_SCOPE_UNIVERSE;
1567         r->rtm_protocol = RTPROT_UNSPEC;
1568
1569         if (rt->rt_flags & RTCF_NOTIFY)
1570                 r->rtm_flags |= RTM_F_NOTIFY;
1571
1572         if (nla_put_u32(skb, RTA_TABLE, RT_TABLE_MAIN) < 0 ||
1573             nla_put_le16(skb, RTA_DST, rt->rt_daddr) < 0)
1574                 goto errout;
1575
1576         if (rt->fld.saddr) {
1577                 r->rtm_src_len = 16;
1578                 if (nla_put_le16(skb, RTA_SRC, rt->fld.saddr) < 0)
1579                         goto errout;
1580         }
1581         if (rt->dst.dev &&
1582             nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex) < 0)
1583                 goto errout;
1584
1585         /*
1586          * Note to self - change this if input routes reverse direction when
1587          * they deal only with inputs and not with replies like they do
1588          * currently.
1589          */
1590         if (nla_put_le16(skb, RTA_PREFSRC, rt->rt_local_src) < 0)
1591                 goto errout;
1592
1593         if (rt->rt_daddr != rt->rt_gateway &&
1594             nla_put_le16(skb, RTA_GATEWAY, rt->rt_gateway) < 0)
1595                 goto errout;
1596
1597         if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
1598                 goto errout;
1599
1600         expires = rt->dst.expires ? rt->dst.expires - jiffies : 0;
1601         if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires,
1602                                rt->dst.error) < 0)
1603                 goto errout;
1604
1605         if (dn_is_input_route(rt) &&
1606             nla_put_u32(skb, RTA_IIF, rt->fld.flowidn_iif) < 0)
1607                 goto errout;
1608
1609         nlmsg_end(skb, nlh);
1610         return 0;
1611
1612 errout:
1613         nlmsg_cancel(skb, nlh);
1614         return -EMSGSIZE;
1615 }
1616
1617 const struct nla_policy rtm_dn_policy[RTA_MAX + 1] = {
1618         [RTA_DST]               = { .type = NLA_U16 },
1619         [RTA_SRC]               = { .type = NLA_U16 },
1620         [RTA_IIF]               = { .type = NLA_U32 },
1621         [RTA_OIF]               = { .type = NLA_U32 },
1622         [RTA_GATEWAY]           = { .type = NLA_U16 },
1623         [RTA_PRIORITY]          = { .type = NLA_U32 },
1624         [RTA_PREFSRC]           = { .type = NLA_U16 },
1625         [RTA_METRICS]           = { .type = NLA_NESTED },
1626         [RTA_MULTIPATH]         = { .type = NLA_NESTED },
1627         [RTA_TABLE]             = { .type = NLA_U32 },
1628         [RTA_MARK]              = { .type = NLA_U32 },
1629 };
1630
1631 /*
1632  * This is called by both endnodes and routers now.
1633  */
1634 static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
1635                              struct netlink_ext_ack *extack)
1636 {
1637         struct net *net = sock_net(in_skb->sk);
1638         struct rtmsg *rtm = nlmsg_data(nlh);
1639         struct dn_route *rt = NULL;
1640         struct dn_skb_cb *cb;
1641         int err;
1642         struct sk_buff *skb;
1643         struct flowidn fld;
1644         struct nlattr *tb[RTA_MAX+1];
1645
1646         if (!net_eq(net, &init_net))
1647                 return -EINVAL;
1648
1649         err = nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
1650                                      rtm_dn_policy, extack);
1651         if (err < 0)
1652                 return err;
1653
1654         memset(&fld, 0, sizeof(fld));
1655         fld.flowidn_proto = DNPROTO_NSP;
1656
1657         skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1658         if (skb == NULL)
1659                 return -ENOBUFS;
1660         skb_reset_mac_header(skb);
1661         cb = DN_SKB_CB(skb);
1662
1663         if (tb[RTA_SRC])
1664                 fld.saddr = nla_get_le16(tb[RTA_SRC]);
1665
1666         if (tb[RTA_DST])
1667                 fld.daddr = nla_get_le16(tb[RTA_DST]);
1668
1669         if (tb[RTA_IIF])
1670                 fld.flowidn_iif = nla_get_u32(tb[RTA_IIF]);
1671
1672         if (fld.flowidn_iif) {
1673                 struct net_device *dev;
1674                 dev = __dev_get_by_index(&init_net, fld.flowidn_iif);
1675                 if (!dev || !dev->dn_ptr) {
1676                         kfree_skb(skb);
1677                         return -ENODEV;
1678                 }
1679                 skb->protocol = htons(ETH_P_DNA_RT);
1680                 skb->dev = dev;
1681                 cb->src = fld.saddr;
1682                 cb->dst = fld.daddr;
1683                 local_bh_disable();
1684                 err = dn_route_input(skb);
1685                 local_bh_enable();
1686                 memset(cb, 0, sizeof(struct dn_skb_cb));
1687                 rt = (struct dn_route *)skb_dst(skb);
1688                 if (!err && -rt->dst.error)
1689                         err = rt->dst.error;
1690         } else {
1691                 if (tb[RTA_OIF])
1692                         fld.flowidn_oif = nla_get_u32(tb[RTA_OIF]);
1693
1694                 err = dn_route_output_key((struct dst_entry **)&rt, &fld, 0);
1695         }
1696
1697         skb->dev = NULL;
1698         if (err)
1699                 goto out_free;
1700         skb_dst_set(skb, &rt->dst);
1701         if (rtm->rtm_flags & RTM_F_NOTIFY)
1702                 rt->rt_flags |= RTCF_NOTIFY;
1703
1704         err = dn_rt_fill_info(skb, NETLINK_CB(in_skb).portid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0);
1705         if (err < 0) {
1706                 err = -EMSGSIZE;
1707                 goto out_free;
1708         }
1709
1710         return rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).portid);
1711
1712 out_free:
1713         kfree_skb(skb);
1714         return err;
1715 }
1716
1717 /*
1718  * For routers, this is called from dn_fib_dump, but for endnodes its
1719  * called directly from the rtnetlink dispatch table.
1720  */
1721 int dn_cache_dump(struct sk_buff *skb, struct netlink_callback *cb)
1722 {
1723         struct net *net = sock_net(skb->sk);
1724         struct dn_route *rt;
1725         int h, s_h;
1726         int idx, s_idx;
1727         struct rtmsg *rtm;
1728
1729         if (!net_eq(net, &init_net))
1730                 return 0;
1731
1732         if (nlmsg_len(cb->nlh) < sizeof(struct rtmsg))
1733                 return -EINVAL;
1734
1735         rtm = nlmsg_data(cb->nlh);
1736         if (!(rtm->rtm_flags & RTM_F_CLONED))
1737                 return 0;
1738
1739         s_h = cb->args[0];
1740         s_idx = idx = cb->args[1];
1741         for (h = 0; h <= dn_rt_hash_mask; h++) {
1742                 if (h < s_h)
1743                         continue;
1744                 if (h > s_h)
1745                         s_idx = 0;
1746                 rcu_read_lock_bh();
1747                 for (rt = rcu_dereference_bh(dn_rt_hash_table[h].chain), idx = 0;
1748                         rt;
1749                         rt = rcu_dereference_bh(rt->dn_next), idx++) {
1750                         if (idx < s_idx)
1751                                 continue;
1752                         skb_dst_set(skb, dst_clone(&rt->dst));
1753                         if (dn_rt_fill_info(skb, NETLINK_CB(cb->skb).portid,
1754                                         cb->nlh->nlmsg_seq, RTM_NEWROUTE,
1755                                         1, NLM_F_MULTI) < 0) {
1756                                 skb_dst_drop(skb);
1757                                 rcu_read_unlock_bh();
1758                                 goto done;
1759                         }
1760                         skb_dst_drop(skb);
1761                 }
1762                 rcu_read_unlock_bh();
1763         }
1764
1765 done:
1766         cb->args[0] = h;
1767         cb->args[1] = idx;
1768         return skb->len;
1769 }
1770
1771 #ifdef CONFIG_PROC_FS
1772 struct dn_rt_cache_iter_state {
1773         int bucket;
1774 };
1775
1776 static struct dn_route *dn_rt_cache_get_first(struct seq_file *seq)
1777 {
1778         struct dn_route *rt = NULL;
1779         struct dn_rt_cache_iter_state *s = seq->private;
1780
1781         for (s->bucket = dn_rt_hash_mask; s->bucket >= 0; --s->bucket) {
1782                 rcu_read_lock_bh();
1783                 rt = rcu_dereference_bh(dn_rt_hash_table[s->bucket].chain);
1784                 if (rt)
1785                         break;
1786                 rcu_read_unlock_bh();
1787         }
1788         return rt;
1789 }
1790
1791 static struct dn_route *dn_rt_cache_get_next(struct seq_file *seq, struct dn_route *rt)
1792 {
1793         struct dn_rt_cache_iter_state *s = seq->private;
1794
1795         rt = rcu_dereference_bh(rt->dn_next);
1796         while (!rt) {
1797                 rcu_read_unlock_bh();
1798                 if (--s->bucket < 0)
1799                         break;
1800                 rcu_read_lock_bh();
1801                 rt = rcu_dereference_bh(dn_rt_hash_table[s->bucket].chain);
1802         }
1803         return rt;
1804 }
1805
1806 static void *dn_rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
1807 {
1808         struct dn_route *rt = dn_rt_cache_get_first(seq);
1809
1810         if (rt) {
1811                 while (*pos && (rt = dn_rt_cache_get_next(seq, rt)))
1812                         --*pos;
1813         }
1814         return *pos ? NULL : rt;
1815 }
1816
1817 static void *dn_rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1818 {
1819         struct dn_route *rt = dn_rt_cache_get_next(seq, v);
1820         ++*pos;
1821         return rt;
1822 }
1823
1824 static void dn_rt_cache_seq_stop(struct seq_file *seq, void *v)
1825 {
1826         if (v)
1827                 rcu_read_unlock_bh();
1828 }
1829
1830 static int dn_rt_cache_seq_show(struct seq_file *seq, void *v)
1831 {
1832         struct dn_route *rt = v;
1833         char buf1[DN_ASCBUF_LEN], buf2[DN_ASCBUF_LEN];
1834
1835         seq_printf(seq, "%-8s %-7s %-7s %04d %04d %04d\n",
1836                    rt->dst.dev ? rt->dst.dev->name : "*",
1837                    dn_addr2asc(le16_to_cpu(rt->rt_daddr), buf1),
1838                    dn_addr2asc(le16_to_cpu(rt->rt_saddr), buf2),
1839                    atomic_read(&rt->dst.__refcnt),
1840                    rt->dst.__use, 0);
1841         return 0;
1842 }
1843
1844 static const struct seq_operations dn_rt_cache_seq_ops = {
1845         .start  = dn_rt_cache_seq_start,
1846         .next   = dn_rt_cache_seq_next,
1847         .stop   = dn_rt_cache_seq_stop,
1848         .show   = dn_rt_cache_seq_show,
1849 };
1850 #endif /* CONFIG_PROC_FS */
1851
1852 void __init dn_route_init(void)
1853 {
1854         int i, goal, order;
1855
1856         dn_dst_ops.kmem_cachep =
1857                 kmem_cache_create("dn_dst_cache", sizeof(struct dn_route), 0,
1858                                   SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
1859         dst_entries_init(&dn_dst_ops);
1860         timer_setup(&dn_route_timer, dn_dst_check_expire, 0);
1861         dn_route_timer.expires = jiffies + decnet_dst_gc_interval * HZ;
1862         add_timer(&dn_route_timer);
1863
1864         goal = totalram_pages() >> (26 - PAGE_SHIFT);
1865
1866         for (order = 0; (1UL << order) < goal; order++)
1867                 /* NOTHING */;
1868
1869         /*
1870          * Only want 1024 entries max, since the table is very, very unlikely
1871          * to be larger than that.
1872          */
1873         while (order && ((((1UL << order) * PAGE_SIZE) /
1874                                 sizeof(struct dn_rt_hash_bucket)) >= 2048))
1875                 order--;
1876
1877         do {
1878                 dn_rt_hash_mask = (1UL << order) * PAGE_SIZE /
1879                         sizeof(struct dn_rt_hash_bucket);
1880                 while (dn_rt_hash_mask & (dn_rt_hash_mask - 1))
1881                         dn_rt_hash_mask--;
1882                 dn_rt_hash_table = (struct dn_rt_hash_bucket *)
1883                         __get_free_pages(GFP_ATOMIC, order);
1884         } while (dn_rt_hash_table == NULL && --order > 0);
1885
1886         if (!dn_rt_hash_table)
1887                 panic("Failed to allocate DECnet route cache hash table\n");
1888
1889         printk(KERN_INFO
1890                 "DECnet: Routing cache hash table of %u buckets, %ldKbytes\n",
1891                 dn_rt_hash_mask,
1892                 (long)(dn_rt_hash_mask*sizeof(struct dn_rt_hash_bucket))/1024);
1893
1894         dn_rt_hash_mask--;
1895         for (i = 0; i <= dn_rt_hash_mask; i++) {
1896                 spin_lock_init(&dn_rt_hash_table[i].lock);
1897                 dn_rt_hash_table[i].chain = NULL;
1898         }
1899
1900         dn_dst_ops.gc_thresh = (dn_rt_hash_mask + 1);
1901
1902         proc_create_seq_private("decnet_cache", 0444, init_net.proc_net,
1903                         &dn_rt_cache_seq_ops,
1904                         sizeof(struct dn_rt_cache_iter_state), NULL);
1905
1906 #ifdef CONFIG_DECNET_ROUTER
1907         rtnl_register_module(THIS_MODULE, PF_DECnet, RTM_GETROUTE,
1908                              dn_cache_getroute, dn_fib_dump, 0);
1909 #else
1910         rtnl_register_module(THIS_MODULE, PF_DECnet, RTM_GETROUTE,
1911                              dn_cache_getroute, dn_cache_dump, 0);
1912 #endif
1913 }
1914
1915 void __exit dn_route_cleanup(void)
1916 {
1917         del_timer(&dn_route_timer);
1918         dn_run_flush(NULL);
1919
1920         remove_proc_entry("decnet_cache", init_net.proc_net);
1921         dst_entries_destroy(&dn_dst_ops);
1922 }