batman-adv: implement AP-isolation on the sender side

If a node has to send a packet issued by a WIFI client to another WIFI client, the packet is dropped. Signed-off-by: Antonio Quartulli <ordex@autistici.org> Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
author: Antonio Quartulli <ordex@autistici.org> 2011-07-07 09:35:37 -0400
committer: Marek Lindner <lindner_marek@yahoo.de> 2011-08-22 09:16:21 -0400
commit: 3d393e47321062dbf9078a66a7cc1c2a52bafecc (patch)
tree: f8e5675fd58984db15571fdc361655fbe6674241
parent: 59b699cdee039d75915c354da06937102d1f9a84 (diff)
5 files changed, 29 insertions, 12 deletions
diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c
index 13444e92bc99..91a7860ecadd 100644
--- a/net/batman-adv/routing.c
+++ b/net/batman-adv/routing.c
@@ -1535,7 +1535,7 @@ static int check_unicast_ttvn(struct bat_priv *bat_priv,
                ethhdr = (struct ethhdr *)(skb->data +
                        sizeof(struct unicast_packet));
-                orig_node = transtable_search(bat_priv, ethhdr->h_dest);
+                orig_node = transtable_search(bat_priv, NULL, ethhdr->h_dest);
                if (!orig_node) {
                        if (!is_my_client(bat_priv, ethhdr->h_dest))
diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c
index 9addbab52999..402fd96239d8 100644
--- a/net/batman-adv/soft-interface.c
+++ b/net/batman-adv/soft-interface.c
@@ -597,7 +597,8 @@ static int interface_tx(struct sk_buff *skb, struct net_device *soft_iface)
        /* Register the client MAC in the transtable */
        tt_local_add(soft_iface, ethhdr->h_source, skb->skb_iif);
-        orig_node = transtable_search(bat_priv, ethhdr->h_dest);
+        orig_node = transtable_search(bat_priv, ethhdr->h_source,
+                                      ethhdr->h_dest);
        if (is_multicast_ether_addr(ethhdr->h_dest) ||
                                (orig_node && orig_node->gw_flags)) {
                ret = gw_is_target(bat_priv, skb, orig_node);
diff --git a/net/batman-adv/translation-table.c b/net/batman-adv/translation-table.c
index d0ed931ad2e7..1f128e1656a7 100644
--- a/net/batman-adv/translation-table.c
+++ b/net/batman-adv/translation-table.c
@@ -794,29 +794,43 @@ static bool _is_ap_isolated(struct tt_local_entry *tt_local_entry,
 }
 struct orig_node *transtable_search(struct bat_priv *bat_priv,
-                                    const uint8_t *addr)
+                                    const uint8_t *src, const uint8_t *addr)
 {
-        struct tt_global_entry *tt_global_entry;
+        struct tt_local_entry *tt_local_entry = NULL;
+        struct tt_global_entry *tt_global_entry = NULL;
        struct orig_node *orig_node = NULL;
-        tt_global_entry = tt_global_hash_find(bat_priv, addr);
+        if (src && atomic_read(&bat_priv->ap_isolation)) {
+                tt_local_entry = tt_local_hash_find(bat_priv, src);
+                if (!tt_local_entry)
+                        goto out;
+        }
+        tt_global_entry = tt_global_hash_find(bat_priv, addr);
        if (!tt_global_entry)
                goto out;
+        /* check whether the clients should not communicate due to AP
+         * isolation */
+        if (tt_local_entry && _is_ap_isolated(tt_local_entry, tt_global_entry))
+                goto out;
        if (!atomic_inc_not_zero(&tt_global_entry->orig_node->refcount))
-                goto free_tt;
+                goto out;
        /* A global client marked as PENDING has already moved from that
         * originator */
        if (tt_global_entry->flags & TT_CLIENT_PENDING)
-                goto free_tt;
+                goto out;
        orig_node = tt_global_entry->orig_node;
-free_tt:
-        tt_global_entry_free_ref(tt_global_entry);
 out:
+        if (tt_global_entry)
+                tt_global_entry_free_ref(tt_global_entry);
+        if (tt_local_entry)
+                tt_local_entry_free_ref(tt_local_entry);
        return orig_node;
 }
diff --git a/net/batman-adv/translation-table.h b/net/batman-adv/translation-table.h
index f1d148ef0e36..b47e8760b76b 100644
--- a/net/batman-adv/translation-table.h
+++ b/net/batman-adv/translation-table.h
@@ -43,7 +43,7 @@ void tt_global_del(struct bat_priv *bat_priv,
                   struct orig_node *orig_node, const unsigned char *addr,
                   const char *message, bool roaming);
 struct orig_node *transtable_search(struct bat_priv *bat_priv,
-                                    const uint8_t *addr);
+                                    const uint8_t *src, const uint8_t *addr);
 void tt_save_orig_buffer(struct bat_priv *bat_priv, struct orig_node *orig_node,
                         const unsigned char *tt_buff, uint8_t tt_num_changes);
 uint16_t tt_local_crc(struct bat_priv *bat_priv);
diff --git a/net/batman-adv/unicast.c b/net/batman-adv/unicast.c
index 32b125fb3d3b..07d1c1da89dd 100644
--- a/net/batman-adv/unicast.c
+++ b/net/batman-adv/unicast.c
@@ -299,8 +299,10 @@ int unicast_send_skb(struct sk_buff *skb, struct bat_priv *bat_priv)
                        goto find_router;
        }
-        /* check for tt host - increases orig_node refcount */
+        /* check for tt host - increases orig_node refcount.
-        orig_node = transtable_search(bat_priv, ethhdr->h_dest);
+         * returns NULL in case of AP isolation */
+        orig_node = transtable_search(bat_priv, ethhdr->h_source,
+                                      ethhdr->h_dest);
 find_router:
        /**
author	Antonio Quartulli <ordex@autistici.org>	2011-07-07 09:35:37 -0400
committer	Marek Lindner <lindner_marek@yahoo.de>	2011-08-22 09:16:21 -0400
commit	3d393e47321062dbf9078a66a7cc1c2a52bafecc (patch)
tree	f8e5675fd58984db15571fdc361655fbe6674241
parent	59b699cdee039d75915c354da06937102d1f9a84 (diff)