Client interface briding was only possible when 4addr frames were used with
a 4addr/WDS aware AP. It was not possible to do it otherwise due to 3addr
frame limitation.
The extap logic introduces a smart MAC address masking/translation
(including modyfing packets beyond SA/DA, e.g. DHCP broadcast flag is set).
There are still some unsolved problems and bugs:
- due to bridge port routing and sk_buff payload sharing skb_copy() is
performed; this ideally should be reworked
- ipv6 support is still not finished
- extap is enabled by default currently; it should be configurable via
nl80211 the same way 4addr is
There's also an idea to move this as a generic link driver (just like
macvlan, et al) which would allow unmodified cfg80211 drivers to enjoy the
extap functionality. Thoughts?
Note: This changes cfg80211 file in this single patch only for reviewing
convienence.
This is an early draft to solicit comments on the design.
Signed-off-by: Grzegorz Bajorski <grzegorz.bajorski@xxxxxxxxx>
---
net/mac80211/Makefile | 3 +-
net/mac80211/extap.c | 440 +++++++++++++++++++++++++++++++++++++++++++++
net/mac80211/extap.h | 31 ++++
net/mac80211/ieee80211_i.h | 2 +
net/mac80211/iface.c | 3 +
net/mac80211/rx.c | 5 +
net/mac80211/tx.c | 11 ++
net/wireless/core.c | 2 +
8 files changed, 496 insertions(+), 1 deletion(-)
create mode 100644 net/mac80211/extap.c
create mode 100644 net/mac80211/extap.h
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index f9137a8..e3d7fd7 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -30,7 +30,8 @@ mac80211-y := \
chan.o \
trace.o mlme.o \
tdls.o \
- ocb.o
+ ocb.o \
+ extap.o
mac80211-$(CONFIG_MAC80211_LEDS) += led.o
mac80211-$(CONFIG_MAC80211_DEBUGFS) += \
diff --git a/net/mac80211/extap.c b/net/mac80211/extap.c
new file mode 100644
index 0000000..852f2a0
--- /dev/null
+++ b/net/mac80211/extap.c
@@ -0,0 +1,440 @@
+ /*
+ * Copyright (c) 2016, Qualcomm Atheros Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "extap.h"
+#include <linux/if_ether.h>
+#include <linux/kernel.h>
+#include <linux/etherdevice.h>
+#include <linux/if_arp.h>
+#include <linux/in.h>
+#include <linux/ip.h>
+#include <linux/udp.h>
+#include <net/ip.h>
+#include <net/udp.h>
+#include <net/ndisc.h>
+#include <uapi/linux/ip.h>
+#include <uapi/linux/udp.h>
+
+#define EXPIRY_SEC 600
+#define UDP_DST_PORT 67
+#define IPV4_ADDR_LEN 4
+#define IPV6_ADDR_LEN 16
+
+#define DHCP_MSG_BOOTREQ 1
+#define DHCP_FLAG_BCAST 0x8000
+#define DHCP_COOKIE 0x63825363
+#define EXTAP_MAX_ENTRIES 512
+
+struct ip4arp {
+ struct arphdr hdr;
+ u8 ar_sha[ETH_ALEN];
+ u8 ar_sip[4];
+ u8 ar_dha[ETH_ALEN];
+ u8 ar_tip[4];
+} __packed;
+
+struct dhcphdr {
+ u8 dhcp_msg_type;
+ u8 dhcp_hw_type;
+ u8 dhcp_hw_addr_len;
+ u8 dhcp_num_hops;
+ __be32 dhcp_transc_id;
+ __be16 dhcp_secs_elapsed;
+ __be16 dhcp_flags;
+ __be32 dhcp_ciaddr;
+ __be32 dhcp_yiaddr;
+ __be32 dhcp_siaddr_nip;
+ __be32 dhcp_gateway_nip;
+ u8 dhcp_chaddr[16];
+ u8 dhcp_sname[64];
+ u8 dhcp_file[128];
+ __be32 dhcp_cookie;
+} __packed;
+
+static int extap_arp_has_ip4(struct arphdr *arp)
+{
+ return arp->ar_hln == ETH_ALEN && arp->ar_pln == IPV4_ADDR_LEN;
+}
+
+static struct ip4arp *extap_ip4arp(struct sk_buff *skb)
+{
+ struct arphdr *arp = arp_hdr(skb);
+
+ if (!arp)
+ return NULL;
+
+ if (!extap_arp_has_ip4(arp))
+ return NULL;
+
+ return (void *)arp;
+}
+
+static void extap_dhcp_hack(struct sk_buff *skb)
+{
+ struct iphdr *ip = ip_hdr(skb);
+ struct udphdr *udp = udp_hdr(skb);
+ struct dhcphdr *dhcp;
+
+ if (!ip)
+ return;
+
+ if (!udp)
+ return;
+
+ if (ip->protocol != IPPROTO_UDP)
+ return;
+
+ if (udp->dest != cpu_to_be16(UDP_DST_PORT))
+ return;
+
+ dhcp = (void *)udp + sizeof(*udp);
+
+ if (WARN_ON_ONCE(dhcp->dhcp_cookie != cpu_to_be32(DHCP_COOKIE)))
+ return;
+
+ if (dhcp->dhcp_msg_type != DHCP_MSG_BOOTREQ)
+ return;
+
+ dhcp->dhcp_flags |= cpu_to_be16(DHCP_FLAG_BCAST);
+
+ udp->check = 0;
+ udp->check = csum_tcpudp_magic(ip->saddr,
+ ip->daddr,
+ be16_to_cpu(udp->len),
+ IPPROTO_UDP,
+ csum_partial((void *)udp,
+ be16_to_cpu(udp->len),
+ 0));
+}
+
+static struct extap_entry *extap_lookup(struct extap *extap,
+ const void *addr,
+ size_t addr_len)
+{
+ struct extap_entry *i;
+
+ lockdep_assert_held(&extap->lock);
+
+ list_for_each_entry(i, &extap->entries, list)
+ if (i->addr_len == addr_len &&
+ !memcmp(addr, (void *)&i->addr, addr_len))
+ return i;
+
+ return NULL;
+}
+
+static void extap_gc(struct extap *extap)
+{
+ struct extap_entry *i;
+ struct extap_entry *tmp;
+
+ lockdep_assert_held(&extap->lock);
+
+ list_for_each_entry_safe(i, tmp, &extap->entries, list) {
+ if (time_after(jiffies, i->expiry)) {
+ list_del(&i->list);
+ kfree(i);
+ extap->num_entries--;
+ }
+ }
+}
+
+static void extap_bump_expiry(struct extap_entry *entry)
+{
+ entry->expiry = jiffies + msecs_to_jiffies(EXPIRY_SEC * MSEC_PER_SEC);
+}
+
+static void extap_bump_expiry_by_addr(struct extap *extap,
+ void *addr,
+ size_t addr_len)
+{
+ struct extap_entry *entry;
+
+ lockdep_assert_held(&extap->lock);
+
+ entry = extap_lookup(extap, addr, addr_len);
+ if (entry)
+ extap_bump_expiry(entry);
+}
+
+static void extap_entry_create(struct extap *extap,
+ const void *mac,
+ const void *addr,
+ size_t addr_len)
+{
+ struct extap_entry *entry;
+
+ extap_gc(extap);
+
+ if (extap->num_entries >= EXTAP_MAX_ENTRIES)
+ return;
+
+ entry = kzalloc(sizeof(*entry), GFP_ATOMIC);
+ if (!entry)
+ return;
+
+ INIT_LIST_HEAD(&entry->list);
+ entry->addr_len = addr_len;
+ ether_addr_copy(entry->mac, mac);
+ memcpy(entry->addr, addr, addr_len);
+
+ list_add_tail(&entry->list, &extap->entries);
+ extap->num_entries++;
+}
+
+static void extap_learn_ipv6(struct extap *extap, struct sk_buff *skb)
+{
+ struct ethhdr *eth = eth_hdr(skb);
+ struct ipv6hdr *ip6 = ipv6_hdr(skb);
+ struct icmp6hdr *icmp6 = icmp6_hdr(skb);
+ struct extap_entry *entry;
+ void *addr;
+
+ if (ip6->nexthdr != NEXTHDR_ICMP)
+ return;
+
+ switch (icmp6->icmp6_type) {
+ case NDISC_NEIGHBOUR_SOLICITATION:
+ case NDISC_NEIGHBOUR_ADVERTISEMENT:
+ addr = ip6->daddr.in6_u.u6_addr8;
+ break;
+ default:
+ return;
+ }
+
+ entry = extap_lookup(extap, addr, IPV6_ADDR_LEN);
+ if (entry) {
+ extap_bump_expiry(entry);
+ ether_addr_copy(entry->mac, eth->h_source);
+ return;
+ }
+
+ extap_entry_create(extap, eth->h_source, addr, IPV6_ADDR_LEN);
+}
+
+static void extap_learn(struct extap *extap, struct sk_buff *skb)
+{
+ struct ethhdr *eth = eth_hdr(skb);
+ struct iphdr *ip;
+ struct ip4arp *arp;
+
+ lockdep_assert_held(&extap->lock);
+
+ switch (be16_to_cpu(eth->h_proto)) {
+ case ETH_P_ARP:
+ arp = extap_ip4arp(skb);
+ if (!arp)
+ break;
+
+ if (be16_to_cpu(arp->hdr.ar_op) != ARPOP_REQUEST &&
+ be16_to_cpu(arp->hdr.ar_op) != ARPOP_RREQUEST)
+ break;
+
+ extap_entry_create(extap, eth->h_source, arp->ar_sip,
+ IPV4_ADDR_LEN);
+ break;
+ case ETH_P_IP:
+ extap_dhcp_hack(skb);
+
+ ip = ip_hdr(skb);
+ if (ip)
+ extap_bump_expiry_by_addr(extap, &ip->saddr,
+ IPV4_ADDR_LEN);
+ break;
+ case ETH_P_IPV6:
+ extap_learn_ipv6(extap, skb);
+ break;
+ default:
+ break;
+ }
+}
+
+static void extap_put_entry_da(struct sk_buff *skb, void *mac)
+{
+ struct ethhdr *eth = eth_hdr(skb);
+ struct ip4arp *arp;
+
+ switch (be16_to_cpu(eth->h_proto)) {
+ case ETH_P_ARP:
+ arp = extap_ip4arp(skb);
+ if (arp)
+ ether_addr_copy(arp->ar_dha, mac);
+ break;
+ }
+
+ ether_addr_copy(eth->h_dest, mac);
+}
+
+static void extap_xlate_sa_arp(struct extap *extap, struct sk_buff *skb)
+{
+ struct ethhdr *eth = eth_hdr(skb);
+ struct ip4arp *arp;
+
+ arp = extap_ip4arp(skb);
+ if (!arp)
+ return;
+
+ switch (be16_to_cpu(arp->hdr.ar_op)) {
+ case ARPOP_REQUEST:
+ case ARPOP_REPLY:
+ case ARPOP_RREQUEST:
+ case ARPOP_RREPLY:
+ ether_addr_copy(arp->ar_sha, extap->addr);
+ break;
+ }
+
+ ether_addr_copy(eth->h_source, extap->addr);
+}
+
+static void extap_xlate_sa_ipv4(struct extap *extap, struct sk_buff *skb)
+{
+ struct ethhdr *eth = eth_hdr(skb);
+
+ ether_addr_copy(eth->h_source, extap->addr);
+}
+
+static void extap_xlate_sa_ipv6(struct extap *extap, struct sk_buff *skb)
+{
+ struct ethhdr *eth = eth_hdr(skb);
+ struct ipv6hdr *ip6 = ipv6_hdr(skb);
+ struct nd_msg *nd = (void *)icmp6_hdr(skb);
+ struct nd_opt_hdr *opt;
+ void *addr;
+
+ if (ip6->nexthdr != NEXTHDR_ICMP)
+ return;
+
+ switch (nd->icmph.icmp6_type) {
+ case NDISC_NEIGHBOUR_ADVERTISEMENT:
+ case NDISC_NEIGHBOUR_SOLICITATION:
+ opt = (void *)nd->opt;
+ addr = (void *)opt + sizeof(*opt);
+ ether_addr_copy(addr, extap->addr);
+
+ nd->icmph.icmp6_cksum = 0;
+ nd->icmph.icmp6_cksum = csum_ipv6_magic(&ip6->saddr,
+ &ip6->daddr,
+ be16_to_cpu(ip6->payload_len),
+ IPPROTO_ICMPV6,
+ csum_partial((void *)nd,
+ be16_to_cpu(ip6->payload_len),
+ 0));
+ break;
+ }
+
+ ether_addr_copy(eth->h_source, extap->addr);
+}
+
+void extap_xlate_sa(struct extap *extap, struct sk_buff *skb)
+{
+ struct ethhdr *eth = eth_hdr(skb);
+
+ spin_lock_bh(&extap->lock);
+ extap_learn(extap, skb);
+ spin_unlock_bh(&extap->lock);
+
+ switch (be16_to_cpu(eth->h_proto)) {
+ case ETH_P_ARP:
+ extap_xlate_sa_arp(extap, skb);
+ break;
+ case ETH_P_IP:
+ extap_xlate_sa_ipv4(extap, skb);
+ break;
+ case ETH_P_IPV6:
+ extap_xlate_sa_ipv6(extap, skb);
+ break;
+ }
+}
+
+void extap_xlate_da(struct extap *extap, struct sk_buff *skb)
+{
+ struct ethhdr *eth = eth_hdr(skb);
+ struct extap_entry *entry;
+ struct ip4arp *arp;
+ struct iphdr *iphdr = NULL;
+ struct ipv6hdr *ip6 = NULL;
+ size_t addr_len = 0;
+ u8 mcast[ETH_ALEN] = {0};
+ __be32 ip4;
+ void *addr;
+ void *mac;
+
+ switch (be16_to_cpu(eth->h_proto)) {
+ case ETH_P_ARP:
+ arp = extap_ip4arp(skb);
+ if (arp) {
+ addr_len = IPV4_ADDR_LEN;
+ addr = arp->ar_tip;
+ }
+ break;
+ case ETH_P_IP:
+ iphdr = ip_hdr(skb);
+ if (iphdr) {
+ addr_len = IPV4_ADDR_LEN;
+ addr = &iphdr->daddr;
+ }
+ break;
+ case ETH_P_IPV6:
+ ip6 = ipv6_hdr(skb);
+ if (ip6) {
+ addr_len = IPV6_ADDR_LEN;
+ addr = ip6->daddr.in6_u.u6_addr8;
+ }
+ break;
+ }
+
+ if (addr_len == 0)
+ return;
+
+ spin_lock_bh(&extap->lock);
+
+ entry = extap_lookup(extap, addr, addr_len);
+ if (entry) {
+ mac = entry->mac;
+ } else if (addr_len == IPV4_ADDR_LEN &&
+ is_unicast_ether_addr(eth->h_dest)) {
+ memcpy(&ip4, addr, addr_len);
+ ip_eth_mc_map(ip4, mcast);
+ mac = mcast;
+ } else {
+ mac = NULL;
+ }
+
+ if (mac)
+ extap_put_entry_da(skb, mac);
+
+ spin_unlock_bh(&extap->lock);
+}
+
+void extap_init(struct extap *extap, const u8 addr[ETH_ALEN])
+{
+ INIT_LIST_HEAD(&extap->entries);
+ ether_addr_copy(extap->addr, addr);
+ spin_lock_init(&extap->lock);
+}
+
+void extap_fini(struct extap *extap)
+{
+ struct extap_entry *i;
+ struct extap_entry *tmp;
+
+ list_for_each_entry_safe(i, tmp, &extap->entries, list) {
+ list_del(&i->list);
+ kfree(i);
+ }
+
+ extap->num_entries = 0;
+}
diff --git a/net/mac80211/extap.h b/net/mac80211/extap.h
new file mode 100644
index 0000000..f918a23
--- /dev/null
+++ b/net/mac80211/extap.h
@@ -0,0 +1,31 @@
+#ifndef _EXTAP_H
+#define _EXTAP_H
+
+#include <uapi/linux/if_ether.h>
+#include <linux/list.h>
+#include <linux/spinlock.h>
+
+struct sk_buff;
+struct net_device;
+
+struct extap_entry {
+ struct list_head list;
+ size_t addr_len;
+ u8 mac[ETH_ALEN] __aligned(sizeof(u16));
+ u8 addr[16];
+ unsigned long expiry;
+};
+
+struct extap {
+ u8 addr[ETH_ALEN] __aligned(sizeof(u16));
+ struct list_head entries;
+ unsigned int num_entries;
+ spinlock_t lock; /* protects entries */
+};
+
+void extap_xlate_sa(struct extap *extap, struct sk_buff *skb);
+void extap_xlate_da(struct extap *extap, struct sk_buff *skb);
+void extap_init(struct extap *extap, const u8 addr[ETH_ALEN]);
+void extap_fini(struct extap *extap);
+
+#endif /* _EXPAT_H */
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index a49c103..6c1ecf5 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -30,6 +30,7 @@
#include <net/ieee80211_radiotap.h>
#include <net/cfg80211.h>
#include <net/mac80211.h>
+#include "extap.h"
#include "key.h"
#include "sta_info.h"
#include "debug.h"
@@ -814,6 +815,7 @@ struct ieee80211_sub_if_data {
struct list_head list;
struct wireless_dev wdev;
+ struct extap extap;
/* keys */
struct list_head key_list;
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 453b4e74..71a3c74f 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -1094,6 +1094,8 @@ static void ieee80211_teardown_sdata(struct ieee80211_sub_if_data *sdata)
if (ieee80211_vif_is_mesh(&sdata->vif))
mesh_rmc_free(sdata);
+
+ extap_fini(&sdata->extap);
}
static void ieee80211_uninit(struct net_device *dev)
@@ -1401,6 +1403,7 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
INIT_WORK(&sdata->csa_finalize_work, ieee80211_csa_finalize_work);
INIT_LIST_HEAD(&sdata->assigned_chanctx_list);
INIT_LIST_HEAD(&sdata->reserved_chanctx_list);
+ extap_init(&sdata->extap, sdata->dev->dev_addr);
switch (type) {
case NL80211_IFTYPE_P2P_GO:
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 9127957..f5ae4eb 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -33,6 +33,7 @@
#include "tkip.h"
#include "wme.h"
#include "rate.h"
+#include "extap.h"
static inline void ieee80211_rx_stats(struct net_device *dev, u32 len)
{
@@ -2168,7 +2169,11 @@ ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
if (skb) {
/* deliver to local stack */
skb->protocol = eth_type_trans(skb, dev);
+ skb_reset_network_header(skb);
memset(skb->cb, 0, sizeof(skb->cb));
+
+ extap_xlate_da(&sdata->extap, skb);
+
if (rx->napi)
napi_gro_receive(rx->napi, skb);
else
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 7bb67fa..2b29d73 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -34,6 +34,7 @@
#include "wpa.h"
#include "wme.h"
#include "rate.h"
+#include "extap.h"
/* misc utils */
@@ -3012,6 +3013,16 @@ void __ieee80211_subif_start_xmit(struct sk_buff *skb,
netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
struct net_device *dev)
{
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+ struct sk_buff *tmp_skb;
+
+ /* XXX: This is a hack. Only to check if solves ARP problem. */
+ tmp_skb = skb;
+ skb = skb_copy(tmp_skb, GFP_ATOMIC);
+ kfree_skb(tmp_skb);
+
+ extap_xlate_sa(&sdata->extap, skb);
+
__ieee80211_subif_start_xmit(skb, dev, 0);
return NETDEV_TX_OK;
}
diff --git a/net/wireless/core.c b/net/wireless/core.c
index 3a9c41b..d2464f6 100644
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -1037,10 +1037,12 @@ static int cfg80211_netdev_notifier_call(struct notifier_block *nb,
/* allow mac80211 to determine the timeout */
wdev->ps_timeout = -1;
+#if 0
if ((wdev->iftype == NL80211_IFTYPE_STATION ||
wdev->iftype == NL80211_IFTYPE_P2P_CLIENT ||
wdev->iftype == NL80211_IFTYPE_ADHOC) && !wdev->use_4addr)
dev->priv_flags |= IFF_DONT_BRIDGE;
+#endif
break;
case NETDEV_GOING_DOWN:
cfg80211_leave(rdev, wdev);
--
2.3.7
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
