From 5e96855fc505082389813afcf796d4c46301d4fe Mon Sep 17 00:00:00 2001 From: Tony Cheneau Date: Wed, 11 Jul 2012 06:51:16 +0000 Subject: 6lowpan: Change byte order when storing/accessing to len field Lenght field should be encoded using big endian byte order, such as intend in the specs. As it is currently written, the len field would not be decoded properly on an implementation using the correct byte ordering. Hence, it could lead to interroperability issues. Also, I rewrote the code so that iphc0 argument of lowpan_alloc_new_frame could be removed. Signed-off-by: Tony Cheneau Signed-off-by: David S. Miller --- net/ieee802154/6lowpan.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'net') diff --git a/net/ieee802154/6lowpan.c b/net/ieee802154/6lowpan.c index 536c6e21b20..6a095225148 100644 --- a/net/ieee802154/6lowpan.c +++ b/net/ieee802154/6lowpan.c @@ -645,7 +645,7 @@ static void lowpan_fragment_timer_expired(unsigned long entry_addr) } static struct lowpan_fragment * -lowpan_alloc_new_frame(struct sk_buff *skb, u8 iphc0, u8 len, u16 tag) +lowpan_alloc_new_frame(struct sk_buff *skb, u8 len, u16 tag) { struct lowpan_fragment *frame; @@ -656,7 +656,7 @@ lowpan_alloc_new_frame(struct sk_buff *skb, u8 iphc0, u8 len, u16 tag) INIT_LIST_HEAD(&frame->list); - frame->length = (iphc0 & 7) | (len << 3); + frame->length = len; frame->tag = tag; /* allocate buffer for frame assembling */ @@ -714,14 +714,18 @@ lowpan_process_data(struct sk_buff *skb) case LOWPAN_DISPATCH_FRAGN: { struct lowpan_fragment *frame; - u8 len, offset; - u16 tag; + /* slen stores the rightmost 8 bits of the 11 bits length */ + u8 slen, offset; + u16 len, tag; bool found = false; - if (lowpan_fetch_skb_u8(skb, &len) || /* frame length */ + if (lowpan_fetch_skb_u8(skb, &slen) || /* frame length */ lowpan_fetch_skb_u16(skb, &tag)) /* fragment tag */ goto drop; + /* adds the 3 MSB to the 8 LSB to retrieve the 11 bits length */ + len = ((iphc0 & 7) << 8) | slen; + /* * check if frame assembling with the same tag is * already in progress @@ -736,7 +740,7 @@ lowpan_process_data(struct sk_buff *skb) /* alloc new frame structure */ if (!found) { - frame = lowpan_alloc_new_frame(skb, iphc0, len, tag); + frame = lowpan_alloc_new_frame(skb, len, tag); if (!frame) goto unlock_and_drop; } @@ -1004,8 +1008,8 @@ lowpan_skb_fragmentation(struct sk_buff *skb) tag = fragment_tag++; /* first fragment header */ - head[0] = LOWPAN_DISPATCH_FRAG1 | (payload_length & 0x7); - head[1] = (payload_length >> 3) & 0xff; + head[0] = LOWPAN_DISPATCH_FRAG1 | ((payload_length >> 8) & 0x7); + head[1] = payload_length & 0xff; head[2] = tag >> 8; head[3] = tag & 0xff; -- cgit v1.2.3-70-g09d2