can: gw: add a per rule limitation of frame hops

	CGW_DST_IF,	/* ifindex of destination network interface */

	CGW_DST_IF,	/* ifindex of destination network interface */

	CGW_FILTER,	/* specify struct can_filter on source CAN device */

	CGW_FILTER,	/* specify struct can_filter on source CAN device */

	CGW_DELETED,	/* number of deleted CAN frames (see max_hops param) */

	CGW_DELETED,	/* number of deleted CAN frames (see max_hops param) */

	CGW_LIM_HOPS,	/* limit the number of hops of this specific rule */

	__CGW_MAX

	__CGW_MAX

};

};

 * Sets a CAN receive filter for the gateway job specified by the

 * Sets a CAN receive filter for the gateway job specified by the

 * struct can_filter described in include/linux/can.h

 * struct can_filter described in include/linux/can.h

 *

 *

 * CGW_MOD_XXX (length 17 bytes):

 * CGW_MOD_(AND|OR|XOR|SET) (length 17 bytes):

 * Specifies a modification that's done to a received CAN frame before it is

 * Specifies a modification that's done to a received CAN frame before it is

 * send out to the destination interface.

 * send out to the destination interface.

 *

 *

 * <struct can_frame> data used as operator

 * <struct can_frame> data used as operator

 * <u8> affected CAN frame elements

 * <u8> affected CAN frame elements

 *

 *

 * CGW_LIM_HOPS (length 1 byte):

 * Limit the number of hops of this specific rule. Usually the received CAN

 * frame can be processed as much as 'max_hops' times (which is given at module

 * load time of the can-gw module). This value is used to reduce the number of

 * possible hops for this gateway rule to a value smaller then max_hops.

 *

 * CGW_CS_XOR (length 4 bytes):

 * CGW_CS_XOR (length 4 bytes):

 * Set a simple XOR checksum starting with an initial value into

 * Set a simple XOR checksum starting with an initial value into

 * data[result-idx] using data[start-idx] .. data[end-idx]

 * data[result-idx] using data[start-idx] .. data[end-idx]

		/* tbc */

		/* tbc */

	};

	};

	u8 gwtype;

	u8 gwtype;

	u8 limit_hops;

	u16 flags;

	u16 flags;

};

};

	/* put the incremented hop counter in the cloned skb */

	/* put the incremented hop counter in the cloned skb */

	cgw_hops(nskb) = cgw_hops(skb) + 1;

	cgw_hops(nskb) = cgw_hops(skb) + 1;

	/* first processing of this CAN frame -> adjust to private hop limit */

	if (gwj->limit_hops && cgw_hops(nskb) == 1)

		cgw_hops(nskb) = max_hops - gwj->limit_hops + 1;

	nskb->dev = gwj->dst.dev;

	nskb->dev = gwj->dst.dev;

	/* pointer to modifiable CAN frame */

	/* pointer to modifiable CAN frame */

	/* check non default settings of attributes */

	/* check non default settings of attributes */

	if (gwj->limit_hops) {

		if (nla_put_u8(skb, CGW_LIM_HOPS, gwj->limit_hops) < 0)

			goto cancel;

	}

	if (gwj->mod.modtype.and) {

	if (gwj->mod.modtype.and) {

		memcpy(&mb.cf, &gwj->mod.modframe.and, sizeof(mb.cf));

		memcpy(&mb.cf, &gwj->mod.modframe.and, sizeof(mb.cf));

		mb.modtype = gwj->mod.modtype.and;

		mb.modtype = gwj->mod.modtype.and;

	[CGW_SRC_IF]	= { .type = NLA_U32 },

	[CGW_SRC_IF]	= { .type = NLA_U32 },

	[CGW_DST_IF]	= { .type = NLA_U32 },

	[CGW_DST_IF]	= { .type = NLA_U32 },

	[CGW_FILTER]	= { .len = sizeof(struct can_filter) },

	[CGW_FILTER]	= { .len = sizeof(struct can_filter) },

	[CGW_LIM_HOPS]	= { .type = NLA_U8 },

};

};

/* check for common and gwtype specific attributes */

/* check for common and gwtype specific attributes */

static int cgw_parse_attr(struct nlmsghdr *nlh, struct cf_mod *mod,

static int cgw_parse_attr(struct nlmsghdr *nlh, struct cf_mod *mod,

			  u8 gwtype, void *gwtypeattr)

			  u8 gwtype, void *gwtypeattr, u8 *limhops)

{

{

	struct nlattr *tb[CGW_MAX+1];

	struct nlattr *tb[CGW_MAX+1];

	struct cgw_frame_mod mb;

	struct cgw_frame_mod mb;

	if (err < 0)

	if (err < 0)

		return err;

		return err;

	if (tb[CGW_LIM_HOPS]) {

		*limhops = nla_get_u8(tb[CGW_LIM_HOPS]);

		if (*limhops < 1 || *limhops > max_hops)

			return -EINVAL;

	}

	/* check for AND/OR/XOR/SET modifications */

	/* check for AND/OR/XOR/SET modifications */

	if (tb[CGW_MOD_AND]) {

	if (tb[CGW_MOD_AND]) {

{

{

	struct rtcanmsg *r;

	struct rtcanmsg *r;

	struct cgw_job *gwj;

	struct cgw_job *gwj;

	u8 limhops = 0;

	int err = 0;

	int err = 0;

	if (!capable(CAP_NET_ADMIN))

	if (!capable(CAP_NET_ADMIN))

	gwj->flags = r->flags;

	gwj->flags = r->flags;

	gwj->gwtype = r->gwtype;

	gwj->gwtype = r->gwtype;

	err = cgw_parse_attr(nlh, &gwj->mod, CGW_TYPE_CAN_CAN, &gwj->ccgw);

	err = cgw_parse_attr(nlh, &gwj->mod, CGW_TYPE_CAN_CAN, &gwj->ccgw,

			     &limhops);

	if (err < 0)

	if (err < 0)

		goto out;

		goto out;

	if (gwj->dst.dev->type != ARPHRD_CAN || gwj->dst.dev->header_ops)

	if (gwj->dst.dev->type != ARPHRD_CAN || gwj->dst.dev->header_ops)

		goto put_src_dst_out;

		goto put_src_dst_out;

	gwj->limit_hops = limhops;

	ASSERT_RTNL();

	ASSERT_RTNL();

	err = cgw_register_filter(gwj);

	err = cgw_register_filter(gwj);

	struct rtcanmsg *r;

	struct rtcanmsg *r;

	struct cf_mod mod;

	struct cf_mod mod;

	struct can_can_gw ccgw;

	struct can_can_gw ccgw;

	u8 limhops = 0;

	int err = 0;

	int err = 0;

	if (!capable(CAP_NET_ADMIN))

	if (!capable(CAP_NET_ADMIN))

	if (r->gwtype != CGW_TYPE_CAN_CAN)

	if (r->gwtype != CGW_TYPE_CAN_CAN)

		return -EINVAL;

		return -EINVAL;

	err = cgw_parse_attr(nlh, &mod, CGW_TYPE_CAN_CAN, &ccgw);

	err = cgw_parse_attr(nlh, &mod, CGW_TYPE_CAN_CAN, &ccgw, &limhops);

	if (err < 0)

	if (err < 0)

		return err;

		return err;

		if (gwj->flags != r->flags)

		if (gwj->flags != r->flags)

			continue;

			continue;

		if (gwj->limit_hops != limhops)

			continue;

		if (memcmp(&gwj->mod, &mod, sizeof(mod)))

		if (memcmp(&gwj->mod, &mod, sizeof(mod)))

			continue;

			continue;