0002-batman-adv-Introduce-no-noflood-mark.patch

From: Linus Lüssing <linus.luessing@c0d3.blue>
Date: Sat, 1 May 2021 22:19:03 +0200
Subject: batman-adv: Introduce no noflood mark

This mark prevents a multicast packet being flooded through the whole
mesh. The advantage of marking certain multicast packets via e.g.
ebtables instead of dropping is then the following:

This allows an administrator to let specific multicast packets pass as
long as they are forwarded to a limited number of nodes only and are
therefore creating no burdon to unrelated nodes.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

diff --git a/batman-adv/patches/0034-batman-adv-Introduce-no-noflood-mark.patch b/batman-adv/patches/0034-batman-adv-Introduce-no-noflood-mark.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8dbde75343f04fb3a643e300856ecfac7dc23e32
--- /dev/null
+++ b/batman-adv/patches/0034-batman-adv-Introduce-no-noflood-mark.patch
@@ -0,0 +1,156 @@
+From 25b21382238c783298c0d8defc8c739126c1b54d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Linus=20L=C3=BCssing?= <linus.luessing@c0d3.blue>
+Date: Sat, 31 Mar 2018 03:36:19 +0200
+Subject: [PATCH] batman-adv: Introduce no noflood mark
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This mark prevents a multicast packet being flooded through the whole
+mesh. The advantage of marking certain multicast packets via e.g.
+ebtables instead of dropping is then the following:
+
+This allows an administrator to let specific multicast packets pass as
+long as they are forwarded to a limited number of nodes only and are
+therefore creating no burdon to unrelated nodes.
+
+Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
+
+---
+
+https://www.open-mesh.org/projects/batman-adv/wiki/Noflood-broadcast-prevention
+
+Changelog v2:
+
+* rebased to master
+* sysfs -> netlink
+---
+ include/uapi/linux/batman_adv.h | 12 ++++++++++++
+ net/batman-adv/netlink.c        | 22 ++++++++++++++++++++++
+ net/batman-adv/soft-interface.c | 20 ++++++++++++++++++++
+ net/batman-adv/types.h          | 12 ++++++++++++
+ 4 files changed, 66 insertions(+)
+
+--- a/include/uapi/linux/batman_adv.h
++++ b/include/uapi/linux/batman_adv.h
+@@ -481,6 +481,18 @@ enum batadv_nl_attrs {
+ 	 */
+ 	BATADV_ATTR_MULTICAST_FANOUT,
+ 
++	/**
++	 * @BATADV_ATTR_NOFLOOD_MARK: the noflood mark which allows to tag
++	 *  frames which should never be broadcast flooded through the mesh.
++	 */
++	BATADV_ATTR_NOFLOOD_MARK,
++
++	/**
++	 * @BATADV_ATTR_NOFLOOD_MASK: the noflood (bit)mask which allows to tag
++	 *  frames which should never be broadcast flooded through the mesh.
++	 */
++	BATADV_ATTR_NOFLOOD_MASK,
++
+ 	/* add attributes above here, update the policy in netlink.c */
+ 
+ 	/**
+--- a/net/batman-adv/netlink.c
++++ b/net/batman-adv/netlink.c
+@@ -134,6 +134,8 @@ static const struct nla_policy batadv_ne
+ 	[BATADV_ATTR_AP_ISOLATION_ENABLED]	= { .type = NLA_U8 },
+ 	[BATADV_ATTR_ISOLATION_MARK]		= { .type = NLA_U32 },
+ 	[BATADV_ATTR_ISOLATION_MASK]		= { .type = NLA_U32 },
++	[BATADV_ATTR_NOFLOOD_MARK]		= { .type = NLA_U32 },
++	[BATADV_ATTR_NOFLOOD_MASK]		= { .type = NLA_U32 },
+ 	[BATADV_ATTR_BONDING_ENABLED]		= { .type = NLA_U8 },
+ 	[BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED]	= { .type = NLA_U8 },
+ 	[BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED]	= { .type = NLA_U8 },
+@@ -286,6 +288,14 @@ static int batadv_netlink_mesh_fill(stru
+ 			bat_priv->isolation_mark_mask))
+ 		goto nla_put_failure;
+ 
++	if (nla_put_u32(msg, BATADV_ATTR_NOFLOOD_MARK,
++			bat_priv->noflood_mark))
++		goto nla_put_failure;
++
++	if (nla_put_u32(msg, BATADV_ATTR_NOFLOOD_MASK,
++			bat_priv->noflood_mark_mask))
++		goto nla_put_failure;
++
+ 	if (nla_put_u8(msg, BATADV_ATTR_BONDING_ENABLED,
+ 		       !!atomic_read(&bat_priv->bonding)))
+ 		goto nla_put_failure;
+@@ -466,6 +476,18 @@ static int batadv_netlink_set_mesh(struc
+ 		bat_priv->isolation_mark_mask = nla_get_u32(attr);
+ 	}
+ 
++	if (info->attrs[BATADV_ATTR_NOFLOOD_MARK]) {
++		attr = info->attrs[BATADV_ATTR_NOFLOOD_MARK];
++
++		bat_priv->noflood_mark = nla_get_u32(attr);
++	}
++
++	if (info->attrs[BATADV_ATTR_NOFLOOD_MASK]) {
++		attr = info->attrs[BATADV_ATTR_NOFLOOD_MASK];
++
++		bat_priv->noflood_mark_mask = nla_get_u32(attr);
++	}
++
+ 	if (info->attrs[BATADV_ATTR_BONDING_ENABLED]) {
+ 		attr = info->attrs[BATADV_ATTR_BONDING_ENABLED];
+ 
+--- a/net/batman-adv/soft-interface.c
++++ b/net/batman-adv/soft-interface.c
+@@ -175,6 +175,23 @@ static void batadv_interface_set_rx_mode
+ {
+ }
+ 
++/**
++ * batadv_send_skb_has_noflood_mark() - check if packet has a noflood mark
++ * @bat_priv: the bat priv with all the soft interface information
++ * @skb: the packet to check
++ *
++ * Return: True if the skb's mark matches a configured noflood mark and
++ * noflood mark mask. False otherwise.
++ */
++static bool
++batadv_skb_has_noflood_mark(struct batadv_priv *bat_priv, struct sk_buff *skb)
++{
++	u32 match_mark = skb->mark & bat_priv->noflood_mark_mask;
++
++	return bat_priv->noflood_mark_mask &&
++	       match_mark == bat_priv->noflood_mark;
++}
++
+ static netdev_tx_t batadv_interface_tx(struct sk_buff *skb,
+ 				       struct net_device *soft_iface)
+ {
+@@ -325,6 +342,9 @@ send:
+ 		if (batadv_dat_snoop_outgoing_arp_request(bat_priv, skb))
+ 			brd_delay = msecs_to_jiffies(ARP_REQ_DELAY);
+ 
++		if (batadv_skb_has_noflood_mark(bat_priv, skb))
++			goto dropped;
++
+ 		if (batadv_skb_head_push(skb, sizeof(*bcast_packet)) < 0)
+ 			goto dropped;
+ 
+--- a/net/batman-adv/types.h
++++ b/net/batman-adv/types.h
+@@ -1635,6 +1635,18 @@ struct batadv_priv {
+ 	 */
+ 	u32 isolation_mark_mask;
+ 
++	/**
++	 * @noflood_mark: the skb->mark value used to allow directed targeting
++	 *  only
++	 */
++	u32 noflood_mark;
++
++	/**
++	 * @noflood_mark_mask: bitmask identifying the bits in skb->mark to be
++	 *  used for the noflood mark
++	 */
++	u32 noflood_mark_mask;
++
+ 	/** @bcast_seqno: last sent broadcast packet sequence number */
+ 	atomic_t bcast_seqno;
+