2006-01-02 21:04:38 +03:00
/*
* net / tipc / bearer . h : Include file for TIPC bearer code
2007-02-09 17:25:21 +03:00
*
2006-01-11 21:14:19 +03:00
* Copyright ( c ) 1996 - 2006 , Ericsson AB
2006-01-02 21:04:38 +03:00
* Copyright ( c ) 2005 , Wind River Systems
* All rights reserved .
*
2006-01-11 15:30:43 +03:00
* Redistribution and use in source and binary forms , with or without
2006-01-02 21:04:38 +03:00
* modification , are permitted provided that the following conditions are met :
*
2006-01-11 15:30:43 +03:00
* 1. Redistributions of source code must retain the above copyright
* notice , this list of conditions and the following disclaimer .
* 2. Redistributions in binary form must reproduce the above copyright
* notice , this list of conditions and the following disclaimer in the
* documentation and / or other materials provided with the distribution .
* 3. Neither the names of the copyright holders nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission .
2006-01-02 21:04:38 +03:00
*
2006-01-11 15:30:43 +03:00
* Alternatively , this software may be distributed under the terms of the
* GNU General Public License ( " GPL " ) version 2 as published by the Free
* Software Foundation .
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS " AS IS "
* AND ANY EXPRESS OR IMPLIED WARRANTIES , INCLUDING , BUT NOT LIMITED TO , THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED . IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT , INDIRECT , INCIDENTAL , SPECIAL , EXEMPLARY , OR
* CONSEQUENTIAL DAMAGES ( INCLUDING , BUT NOT LIMITED TO , PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES ; LOSS OF USE , DATA , OR PROFITS ; OR BUSINESS
* INTERRUPTION ) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY , WHETHER IN
* CONTRACT , STRICT LIABILITY , OR TORT ( INCLUDING NEGLIGENCE OR OTHERWISE )
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE , EVEN IF ADVISED OF THE
2006-01-02 21:04:38 +03:00
* POSSIBILITY OF SUCH DAMAGE .
*/
# ifndef _TIPC_BEARER_H
# define _TIPC_BEARER_H
2006-01-13 13:45:44 +03:00
# include "core.h"
2006-01-02 21:04:38 +03:00
# include "bcast.h"
# define MAX_BEARERS 8
# define MAX_MEDIA 4
/**
* struct media - TIPC media information available to internal users
* @ send_msg : routine which handles buffer transmission
* @ enable_bearer : routine which enables a bearer
* @ disable_bearer : routine which disables a bearer
* @ addr2str : routine which converts bearer ' s address to string form
* @ bcast_addr : media address used in broadcasting
* @ bcast : non - zero if media supports broadcasting [ currently mandatory ]
* @ priority : default link ( and bearer ) priority
* @ tolerance : default time ( in ms ) before declaring link failure
* @ window : default window ( in packets ) before declaring link congestion
* @ type_id : TIPC media identifier [ defined in tipc_bearer . h ]
* @ name : media name
*/
2007-02-09 17:25:21 +03:00
2006-01-02 21:04:38 +03:00
struct media {
2007-02-09 17:25:21 +03:00
int ( * send_msg ) ( struct sk_buff * buf ,
2006-01-02 21:04:38 +03:00
struct tipc_bearer * b_ptr ,
struct tipc_media_addr * dest ) ;
int ( * enable_bearer ) ( struct tipc_bearer * b_ptr ) ;
void ( * disable_bearer ) ( struct tipc_bearer * b_ptr ) ;
2007-02-09 17:25:21 +03:00
char * ( * addr2str ) ( struct tipc_media_addr * a ,
2006-01-02 21:04:38 +03:00
char * str_buf , int str_size ) ;
struct tipc_media_addr bcast_addr ;
int bcast ;
u32 priority ;
u32 tolerance ;
u32 window ;
u32 type_id ;
char name [ TIPC_MAX_MEDIA_NAME ] ;
} ;
/**
* struct bearer - TIPC bearer information available to internal users
* @ publ : bearer information available to privileged users
* @ media : ptr to media structure associated with bearer
* @ priority : default link priority for bearer
* @ detect_scope : network address mask used during automatic link creation
* @ identity : array index of this bearer within TIPC bearer array
* @ link_req : ptr to ( optional ) structure making periodic link setup requests
* @ links : list of non - congested links associated with bearer
* @ cong_links : list of congested links associated with bearer
* @ continue_count : # of times bearer has resumed after congestion or blocking
* @ active : non - zero if bearer structure is represents a bearer
* @ net_plane : network plane ( ' A ' through ' H ' ) currently associated with bearer
* @ nodes : indicates which nodes in cluster can be reached through bearer
*/
2007-02-09 17:25:21 +03:00
2006-01-02 21:04:38 +03:00
struct bearer {
struct tipc_bearer publ ;
struct media * media ;
u32 priority ;
u32 detect_scope ;
u32 identity ;
struct link_req * link_req ;
struct list_head links ;
struct list_head cong_links ;
u32 continue_count ;
int active ;
char net_plane ;
2008-09-03 10:38:32 +04:00
struct tipc_node_map nodes ;
2006-01-02 21:04:38 +03:00
} ;
struct bearer_name {
char media_name [ TIPC_MAX_MEDIA_NAME ] ;
char if_name [ TIPC_MAX_IF_NAME ] ;
} ;
struct link ;
tipc: Fix oops on send prior to entering networked mode (v3)
Fix TIPC to disallow sending to remote addresses prior to entering NET_MODE
user programs can oops the kernel by sending datagrams via AF_TIPC prior to
entering networked mode. The following backtrace has been observed:
ID: 13459 TASK: ffff810014640040 CPU: 0 COMMAND: "tipc-client"
[exception RIP: tipc_node_select_next_hop+90]
RIP: ffffffff8869d3c3 RSP: ffff81002d9a5ab8 RFLAGS: 00010202
RAX: 0000000000000001 RBX: 0000000000000001 RCX: 0000000000000001
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000001001001
RBP: 0000000001001001 R8: 0074736575716552 R9: 0000000000000000
R10: ffff81003fbd0680 R11: 00000000000000c8 R12: 0000000000000008
R13: 0000000000000001 R14: 0000000000000001 R15: ffff810015c6ca00
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
RIP: 0000003cbd8d49a3 RSP: 00007fffc84e0be8 RFLAGS: 00010206
RAX: 000000000000002c RBX: ffffffff8005d116 RCX: 0000000000000000
RDX: 0000000000000008 RSI: 00007fffc84e0c00 RDI: 0000000000000003
RBP: 0000000000000000 R8: 00007fffc84e0c10 R9: 0000000000000010
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffc84e0d10 R14: 0000000000000000 R15: 00007fffc84e0c30
ORIG_RAX: 000000000000002c CS: 0033 SS: 002b
What happens is that, when the tipc module in inserted it enters a standalone
node mode in which communication to its own address is allowed <0.0.0> but not
to other addresses, since the appropriate data structures have not been
allocated yet (specifically the tipc_net pointer). There is nothing stopping a
client from trying to send such a message however, and if that happens, we
attempt to dereference tipc_net.zones while the pointer is still NULL, and
explode. The fix is pretty straightforward. Since these oopses all arise from
the dereference of global pointers prior to their assignment to allocated
values, and since these allocations are small (about 2k total), lets convert
these pointers to static arrays of the appropriate size. All the accesses to
these bits consider 0/NULL to be a non match when searching, so all the lookups
still work properly, and there is no longer a chance of a bad dererence
anywhere. As a bonus, this lets us eliminate the setup/teardown routines for
those pointers, and elimnates the need to preform any locking around them to
prevent access while their being allocated/freed.
I've updated the tipc_net structure to behave this way to fix the exact reported
problem, and also fixed up the tipc_bearers and media_list arrays to fix an
obvious simmilar problem that arises from issuing tipc-config commands to
manipulate bearers/links prior to entering networked mode
I've tested this for a few hours by running the sanity tests and stress test
with the tipcutils suite, and nothing has fallen over. There have been a few
lockdep warnings, but those were there before, and can be addressed later, as
they didn't actually result in any deadlock.
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
CC: Allan Stephens <allan.stephens@windriver.com>
CC: David S. Miller <davem@davemloft.net>
CC: tipc-discussion@lists.sourceforge.net
bearer.c | 37 ++++++-------------------------------
bearer.h | 2 +-
net.c | 25 ++++---------------------
3 files changed, 11 insertions(+), 53 deletions(-)
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-03-03 11:31:23 +03:00
extern struct bearer tipc_bearers [ ] ;
2006-01-02 21:04:38 +03:00
2006-01-18 02:38:21 +03:00
void tipc_media_addr_printf ( struct print_buf * pb , struct tipc_media_addr * a ) ;
struct sk_buff * tipc_media_get_names ( void ) ;
2006-01-02 21:04:38 +03:00
2006-01-18 02:38:21 +03:00
struct sk_buff * tipc_bearer_get_names ( void ) ;
void tipc_bearer_add_dest ( struct bearer * b_ptr , u32 dest ) ;
void tipc_bearer_remove_dest ( struct bearer * b_ptr , u32 dest ) ;
void tipc_bearer_schedule ( struct bearer * b_ptr , struct link * l_ptr ) ;
struct bearer * tipc_bearer_find_interface ( const char * if_name ) ;
int tipc_bearer_resolve_congestion ( struct bearer * b_ptr , struct link * l_ptr ) ;
2010-05-11 18:30:16 +04:00
int tipc_bearer_congested ( struct bearer * b_ptr , struct link * l_ptr ) ;
2006-01-18 02:38:21 +03:00
int tipc_bearer_init ( void ) ;
void tipc_bearer_stop ( void ) ;
void tipc_bearer_lock_push ( struct bearer * b_ptr ) ;
2006-01-02 21:04:38 +03:00
/**
2007-02-09 17:25:21 +03:00
* tipc_bearer_send - sends buffer to destination over bearer
*
2006-01-02 21:04:38 +03:00
* Returns true ( 1 ) if successful , or false ( 0 ) if unable to send
2007-02-09 17:25:21 +03:00
*
2006-01-02 21:04:38 +03:00
* IMPORTANT :
* The media send routine must not alter the buffer being passed in
* as it may be needed for later retransmission !
2007-02-09 17:25:21 +03:00
*
* If the media send routine returns a non - zero value ( indicating that
2006-01-02 21:04:38 +03:00
* it was unable to send the buffer ) , it must :
* 1 ) mark the bearer as blocked ,
* 2 ) call tipc_continue ( ) once the bearer is able to send again .
* Media types that are unable to meet these two critera must ensure their
* send routine always returns success - - even if the buffer was not sent - -
2007-02-09 17:25:21 +03:00
* and let TIPC ' s link code deal with the undelivered message .
2006-01-02 21:04:38 +03:00
*/
2006-01-18 02:38:21 +03:00
static inline int tipc_bearer_send ( struct bearer * b_ptr , struct sk_buff * buf ,
struct tipc_media_addr * dest )
2006-01-02 21:04:38 +03:00
{
return ! b_ptr - > media - > send_msg ( buf , & b_ptr - > publ , dest ) ;
}
2010-05-11 18:30:16 +04:00
# endif /* _TIPC_BEARER_H */