diff options
| author | Simon Wunderlich <siwu@hrz.tu-chemnitz.de> | 2010-06-22 01:25:51 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2010-06-22 14:05:06 -0700 |
| commit | cf2d72ec5c66ac3ebe9d28c3d88314a958cc180e (patch) | |
| tree | 186fd2f2f9bc7d08f4e25d7d503cd9192997b0a3 /drivers/staging/batman-adv/send.c | |
| parent | 6856ba1f44522b381c9a60b7972dd0fb52c54093 (diff) | |
| download | kernel_samsung_smdk4412-cf2d72ec5c66ac3ebe9d28c3d88314a958cc180e.zip kernel_samsung_smdk4412-cf2d72ec5c66ac3ebe9d28c3d88314a958cc180e.tar.gz kernel_samsung_smdk4412-cf2d72ec5c66ac3ebe9d28c3d88314a958cc180e.tar.bz2 | |
Staging: batman-adv: 32bit sequence number and TTL for broadcasts
This patch changes the sequence number range from 8 or 16 bit to 32 bit.
This should avoid problems with the sequence number sliding window algorithm
which we had seen in the past for broadcast floods or malicious packet
injections. We can not assure 100% security with this patch, but it is quite
an improvement over the old 16 bit sequence numbers:
* expected window size can be increased (4096 -> 65536)
* 64k packets in the right order would now be needed to cause a loop,
which seems practically impossible.
Furthermore, a TTL field has been added to the broadcast packet type, just to
make sure.
These changes required to increase the compatibility level once again.
Signed-off-by: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
[sven.eckelmann@gmx.de: Change atomic64_* back to atomic_*, Rework on
top of current version]
Signed-off-by: Sven Eckelmann <sven.eckelmann@gmx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'drivers/staging/batman-adv/send.c')
| -rw-r--r-- | drivers/staging/batman-adv/send.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/drivers/staging/batman-adv/send.c b/drivers/staging/batman-adv/send.c index e8f0e2a..f2653dd 100644 --- a/drivers/staging/batman-adv/send.c +++ b/drivers/staging/batman-adv/send.c @@ -159,7 +159,7 @@ static void send_packet_to_if(struct forw_packet *forw_packet, "%s %spacket (originator %pM, seqno %d, TQ %d, TTL %d," " IDF %s) on interface %s [%s]\n", fwd_str, (packet_num > 0 ? "aggregated " : ""), - batman_packet->orig, ntohs(batman_packet->seqno), + batman_packet->orig, ntohl(batman_packet->seqno), batman_packet->tq, batman_packet->ttl, (batman_packet->flags & DIRECTLINK ? "on" : "off"), @@ -204,7 +204,7 @@ static void send_packet(struct forw_packet *forw_packet) "%s packet (originator %pM, seqno %d, TTL %d) " "on interface %s [%s]\n", (forw_packet->own ? "Sending own" : "Forwarding"), - batman_packet->orig, ntohs(batman_packet->seqno), + batman_packet->orig, ntohl(batman_packet->seqno), batman_packet->ttl, forw_packet->if_incoming->dev, forw_packet->if_incoming->addr_str); @@ -283,14 +283,14 @@ void schedule_own_packet(struct batman_if *batman_if) batman_packet = (struct batman_packet *)batman_if->packet_buff; /* change sequence number to network order */ - batman_packet->seqno = htons((uint16_t)atomic_read(&batman_if->seqno)); + batman_packet->seqno = + htonl((uint32_t)atomic_read(&batman_if->seqno)); if (vis_server == VIS_TYPE_SERVER_SYNC) batman_packet->flags = VIS_SERVER; else batman_packet->flags &= ~VIS_SERVER; - /* could be read by receive_bat_packet() */ atomic_inc(&batman_if->seqno); slide_own_bcast_window(batman_if); @@ -347,7 +347,7 @@ void schedule_forward_packet(struct orig_node *orig_node, in_tq, tq_avg, batman_packet->tq, in_ttl - 1, batman_packet->ttl); - batman_packet->seqno = htons(batman_packet->seqno); + batman_packet->seqno = htonl(batman_packet->seqno); if (directlink) batman_packet->flags |= DIRECTLINK; @@ -399,6 +399,7 @@ static void _add_bcast_packet_to_list(struct forw_packet *forw_packet, int add_bcast_packet_to_list(struct sk_buff *skb) { struct forw_packet *forw_packet; + struct bcast_packet *bcast_packet; if (!atomic_dec_not_zero(&bcast_queue_left)) { bat_dbg(DBG_BATMAN, "bcast packet queue full\n"); @@ -414,6 +415,10 @@ int add_bcast_packet_to_list(struct sk_buff *skb) if (!skb) goto packet_free; + /* as we have a copy now, it is safe to decrease the TTL */ + bcast_packet = (struct bcast_packet *)skb->data; + bcast_packet->ttl--; + skb_reset_mac_header(skb); forw_packet->skb = skb; |