1 /*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
10 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
11 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
12 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
13 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
14 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
15 */
16 #include <linux/capability.h>
17 #include <linux/module.h>
18 #include <linux/errno.h>
19 #include <linux/types.h>
20 #include <linux/socket.h>
21 #include <linux/in.h>
22 #include <linux/kernel.h>
23 #include <linux/sched/signal.h>
24 #include <linux/timer.h>
25 #include <linux/string.h>
26 #include <linux/sockios.h>
27 #include <linux/net.h>
28 #include <linux/slab.h>
29 #include <net/ax25.h>
30 #include <linux/inet.h>
31 #include <linux/netdevice.h>
32 #include <linux/if_arp.h>
33 #include <linux/skbuff.h>
34 #include <net/sock.h>
35 #include <linux/uaccess.h>
36 #include <linux/fcntl.h>
37 #include <linux/termios.h> /* For TIOCINQ/OUTQ */
38 #include <linux/mm.h>
39 #include <linux/interrupt.h>
40 #include <linux/notifier.h>
41 #include <linux/proc_fs.h>
42 #include <linux/stat.h>
43 #include <linux/sysctl.h>
44 #include <linux/init.h>
45 #include <linux/spinlock.h>
46 #include <net/net_namespace.h>
47 #include <net/tcp_states.h>
48 #include <net/ip.h>
49 #include <net/arp.h>
50
51
52
53 HLIST_HEAD(ax25_list);
54 DEFINE_SPINLOCK(ax25_list_lock);
55
56 static const struct proto_ops ax25_proto_ops;
57
ax25_free_sock(struct sock * sk)58 static void ax25_free_sock(struct sock *sk)
59 {
60 ax25_cb_put(sk_to_ax25(sk));
61 }
62
63 /*
64 * Socket removal during an interrupt is now safe.
65 */
ax25_cb_del(ax25_cb * ax25)66 static void ax25_cb_del(ax25_cb *ax25)
67 {
68 if (!hlist_unhashed(&ax25->ax25_node)) {
69 spin_lock_bh(&ax25_list_lock);
70 hlist_del_init(&ax25->ax25_node);
71 spin_unlock_bh(&ax25_list_lock);
72 ax25_cb_put(ax25);
73 }
74 }
75
76 /*
77 * Kill all bound sockets on a dropped device.
78 */
ax25_kill_by_device(struct net_device * dev)79 static void ax25_kill_by_device(struct net_device *dev)
80 {
81 ax25_dev *ax25_dev;
82 ax25_cb *s;
83
84 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
85 return;
86
87 spin_lock_bh(&ax25_list_lock);
88 again:
89 ax25_for_each(s, &ax25_list) {
90 if (s->ax25_dev == ax25_dev) {
91 s->ax25_dev = NULL;
92 spin_unlock_bh(&ax25_list_lock);
93 ax25_disconnect(s, ENETUNREACH);
94 spin_lock_bh(&ax25_list_lock);
95
96 /* The entry could have been deleted from the
97 * list meanwhile and thus the next pointer is
98 * no longer valid. Play it safe and restart
99 * the scan. Forward progress is ensured
100 * because we set s->ax25_dev to NULL and we
101 * are never passed a NULL 'dev' argument.
102 */
103 goto again;
104 }
105 }
106 spin_unlock_bh(&ax25_list_lock);
107 }
108
109 /*
110 * Handle device status changes.
111 */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)112 static int ax25_device_event(struct notifier_block *this, unsigned long event,
113 void *ptr)
114 {
115 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
116
117 if (!net_eq(dev_net(dev), &init_net))
118 return NOTIFY_DONE;
119
120 /* Reject non AX.25 devices */
121 if (dev->type != ARPHRD_AX25)
122 return NOTIFY_DONE;
123
124 switch (event) {
125 case NETDEV_UP:
126 ax25_dev_device_up(dev);
127 break;
128 case NETDEV_DOWN:
129 ax25_kill_by_device(dev);
130 ax25_rt_device_down(dev);
131 ax25_dev_device_down(dev);
132 break;
133 default:
134 break;
135 }
136
137 return NOTIFY_DONE;
138 }
139
140 /*
141 * Add a socket to the bound sockets list.
142 */
ax25_cb_add(ax25_cb * ax25)143 void ax25_cb_add(ax25_cb *ax25)
144 {
145 spin_lock_bh(&ax25_list_lock);
146 ax25_cb_hold(ax25);
147 hlist_add_head(&ax25->ax25_node, &ax25_list);
148 spin_unlock_bh(&ax25_list_lock);
149 }
150
151 /*
152 * Find a socket that wants to accept the SABM we have just
153 * received.
154 */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)155 struct sock *ax25_find_listener(ax25_address *addr, int digi,
156 struct net_device *dev, int type)
157 {
158 ax25_cb *s;
159
160 spin_lock(&ax25_list_lock);
161 ax25_for_each(s, &ax25_list) {
162 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
163 continue;
164 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
165 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
166 /* If device is null we match any device */
167 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
168 sock_hold(s->sk);
169 spin_unlock(&ax25_list_lock);
170 return s->sk;
171 }
172 }
173 }
174 spin_unlock(&ax25_list_lock);
175
176 return NULL;
177 }
178
179 /*
180 * Find an AX.25 socket given both ends.
181 */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)182 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
183 int type)
184 {
185 struct sock *sk = NULL;
186 ax25_cb *s;
187
188 spin_lock(&ax25_list_lock);
189 ax25_for_each(s, &ax25_list) {
190 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
191 !ax25cmp(&s->dest_addr, dest_addr) &&
192 s->sk->sk_type == type) {
193 sk = s->sk;
194 sock_hold(sk);
195 break;
196 }
197 }
198
199 spin_unlock(&ax25_list_lock);
200
201 return sk;
202 }
203
204 /*
205 * Find an AX.25 control block given both ends. It will only pick up
206 * floating AX.25 control blocks or non Raw socket bound control blocks.
207 */
ax25_find_cb(ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)208 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
209 ax25_digi *digi, struct net_device *dev)
210 {
211 ax25_cb *s;
212
213 spin_lock_bh(&ax25_list_lock);
214 ax25_for_each(s, &ax25_list) {
215 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
216 continue;
217 if (s->ax25_dev == NULL)
218 continue;
219 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
220 if (digi != NULL && digi->ndigi != 0) {
221 if (s->digipeat == NULL)
222 continue;
223 if (ax25digicmp(s->digipeat, digi) != 0)
224 continue;
225 } else {
226 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
227 continue;
228 }
229 ax25_cb_hold(s);
230 spin_unlock_bh(&ax25_list_lock);
231
232 return s;
233 }
234 }
235 spin_unlock_bh(&ax25_list_lock);
236
237 return NULL;
238 }
239
240 EXPORT_SYMBOL(ax25_find_cb);
241
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)242 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
243 {
244 ax25_cb *s;
245 struct sk_buff *copy;
246
247 spin_lock(&ax25_list_lock);
248 ax25_for_each(s, &ax25_list) {
249 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
250 s->sk->sk_type == SOCK_RAW &&
251 s->sk->sk_protocol == proto &&
252 s->ax25_dev->dev == skb->dev &&
253 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
254 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
255 continue;
256 if (sock_queue_rcv_skb(s->sk, copy) != 0)
257 kfree_skb(copy);
258 }
259 }
260 spin_unlock(&ax25_list_lock);
261 }
262
263 /*
264 * Deferred destroy.
265 */
266 void ax25_destroy_socket(ax25_cb *);
267
268 /*
269 * Handler for deferred kills.
270 */
ax25_destroy_timer(struct timer_list * t)271 static void ax25_destroy_timer(struct timer_list *t)
272 {
273 ax25_cb *ax25 = from_timer(ax25, t, dtimer);
274 struct sock *sk;
275
276 sk=ax25->sk;
277
278 bh_lock_sock(sk);
279 sock_hold(sk);
280 ax25_destroy_socket(ax25);
281 bh_unlock_sock(sk);
282 sock_put(sk);
283 }
284
285 /*
286 * This is called from user mode and the timers. Thus it protects itself
287 * against interrupt users but doesn't worry about being called during
288 * work. Once it is removed from the queue no interrupt or bottom half
289 * will touch it and we are (fairly 8-) ) safe.
290 */
ax25_destroy_socket(ax25_cb * ax25)291 void ax25_destroy_socket(ax25_cb *ax25)
292 {
293 struct sk_buff *skb;
294
295 ax25_cb_del(ax25);
296
297 ax25_stop_heartbeat(ax25);
298 ax25_stop_t1timer(ax25);
299 ax25_stop_t2timer(ax25);
300 ax25_stop_t3timer(ax25);
301 ax25_stop_idletimer(ax25);
302
303 ax25_clear_queues(ax25); /* Flush the queues */
304
305 if (ax25->sk != NULL) {
306 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
307 if (skb->sk != ax25->sk) {
308 /* A pending connection */
309 ax25_cb *sax25 = sk_to_ax25(skb->sk);
310
311 /* Queue the unaccepted socket for death */
312 sock_orphan(skb->sk);
313
314 /* 9A4GL: hack to release unaccepted sockets */
315 skb->sk->sk_state = TCP_LISTEN;
316
317 ax25_start_heartbeat(sax25);
318 sax25->state = AX25_STATE_0;
319 }
320
321 kfree_skb(skb);
322 }
323 skb_queue_purge(&ax25->sk->sk_write_queue);
324 }
325
326 if (ax25->sk != NULL) {
327 if (sk_has_allocations(ax25->sk)) {
328 /* Defer: outstanding buffers */
329 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0);
330 ax25->dtimer.expires = jiffies + 2 * HZ;
331 add_timer(&ax25->dtimer);
332 } else {
333 struct sock *sk=ax25->sk;
334 ax25->sk=NULL;
335 sock_put(sk);
336 }
337 } else {
338 ax25_cb_put(ax25);
339 }
340 }
341
342 /*
343 * dl1bke 960311: set parameters for existing AX.25 connections,
344 * includes a KILL command to abort any connection.
345 * VERY useful for debugging ;-)
346 */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)347 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
348 {
349 struct ax25_ctl_struct ax25_ctl;
350 ax25_digi digi;
351 ax25_dev *ax25_dev;
352 ax25_cb *ax25;
353 unsigned int k;
354 int ret = 0;
355
356 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
357 return -EFAULT;
358
359 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
360 return -ENODEV;
361
362 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
363 return -EINVAL;
364
365 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
366 return -EINVAL;
367
368 digi.ndigi = ax25_ctl.digi_count;
369 for (k = 0; k < digi.ndigi; k++)
370 digi.calls[k] = ax25_ctl.digi_addr[k];
371
372 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
373 return -ENOTCONN;
374
375 switch (ax25_ctl.cmd) {
376 case AX25_KILL:
377 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
378 #ifdef CONFIG_AX25_DAMA_SLAVE
379 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
380 ax25_dama_off(ax25);
381 #endif
382 ax25_disconnect(ax25, ENETRESET);
383 break;
384
385 case AX25_WINDOW:
386 if (ax25->modulus == AX25_MODULUS) {
387 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
388 goto einval_put;
389 } else {
390 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
391 goto einval_put;
392 }
393 ax25->window = ax25_ctl.arg;
394 break;
395
396 case AX25_T1:
397 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
398 goto einval_put;
399 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
400 ax25->t1 = ax25_ctl.arg * HZ;
401 break;
402
403 case AX25_T2:
404 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
405 goto einval_put;
406 ax25->t2 = ax25_ctl.arg * HZ;
407 break;
408
409 case AX25_N2:
410 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
411 goto einval_put;
412 ax25->n2count = 0;
413 ax25->n2 = ax25_ctl.arg;
414 break;
415
416 case AX25_T3:
417 if (ax25_ctl.arg > ULONG_MAX / HZ)
418 goto einval_put;
419 ax25->t3 = ax25_ctl.arg * HZ;
420 break;
421
422 case AX25_IDLE:
423 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
424 goto einval_put;
425
426 ax25->idle = ax25_ctl.arg * 60 * HZ;
427 break;
428
429 case AX25_PACLEN:
430 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
431 goto einval_put;
432 ax25->paclen = ax25_ctl.arg;
433 break;
434
435 default:
436 goto einval_put;
437 }
438
439 out_put:
440 ax25_cb_put(ax25);
441 return ret;
442
443 einval_put:
444 ret = -EINVAL;
445 goto out_put;
446 }
447
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)448 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
449 {
450 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
451 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
452 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
453 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
454 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
455 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
456 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
457 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
458
459 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
460 ax25->modulus = AX25_EMODULUS;
461 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
462 } else {
463 ax25->modulus = AX25_MODULUS;
464 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
465 }
466 }
467
468 /*
469 * Fill in a created AX.25 created control block with the default
470 * values for a particular device.
471 */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)472 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
473 {
474 ax25->ax25_dev = ax25_dev;
475
476 if (ax25->ax25_dev != NULL) {
477 ax25_fillin_cb_from_dev(ax25, ax25_dev);
478 return;
479 }
480
481 /*
482 * No device, use kernel / AX.25 spec default values
483 */
484 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
485 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
486 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
487 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
488 ax25->n2 = AX25_DEF_N2;
489 ax25->paclen = AX25_DEF_PACLEN;
490 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
491 ax25->backoff = AX25_DEF_BACKOFF;
492
493 if (AX25_DEF_AXDEFMODE) {
494 ax25->modulus = AX25_EMODULUS;
495 ax25->window = AX25_DEF_EWINDOW;
496 } else {
497 ax25->modulus = AX25_MODULUS;
498 ax25->window = AX25_DEF_WINDOW;
499 }
500 }
501
502 /*
503 * Create an empty AX.25 control block.
504 */
ax25_create_cb(void)505 ax25_cb *ax25_create_cb(void)
506 {
507 ax25_cb *ax25;
508
509 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
510 return NULL;
511
512 refcount_set(&ax25->refcount, 1);
513
514 skb_queue_head_init(&ax25->write_queue);
515 skb_queue_head_init(&ax25->frag_queue);
516 skb_queue_head_init(&ax25->ack_queue);
517 skb_queue_head_init(&ax25->reseq_queue);
518
519 ax25_setup_timers(ax25);
520
521 ax25_fillin_cb(ax25, NULL);
522
523 ax25->state = AX25_STATE_0;
524
525 return ax25;
526 }
527
528 /*
529 * Handling for system calls applied via the various interfaces to an
530 * AX25 socket object
531 */
532
ax25_setsockopt(struct socket * sock,int level,int optname,char __user * optval,unsigned int optlen)533 static int ax25_setsockopt(struct socket *sock, int level, int optname,
534 char __user *optval, unsigned int optlen)
535 {
536 struct sock *sk = sock->sk;
537 ax25_cb *ax25;
538 struct net_device *dev;
539 char devname[IFNAMSIZ];
540 unsigned long opt;
541 int res = 0;
542
543 if (level != SOL_AX25)
544 return -ENOPROTOOPT;
545
546 if (optlen < sizeof(unsigned int))
547 return -EINVAL;
548
549 if (get_user(opt, (unsigned int __user *)optval))
550 return -EFAULT;
551
552 lock_sock(sk);
553 ax25 = sk_to_ax25(sk);
554
555 switch (optname) {
556 case AX25_WINDOW:
557 if (ax25->modulus == AX25_MODULUS) {
558 if (opt < 1 || opt > 7) {
559 res = -EINVAL;
560 break;
561 }
562 } else {
563 if (opt < 1 || opt > 63) {
564 res = -EINVAL;
565 break;
566 }
567 }
568 ax25->window = opt;
569 break;
570
571 case AX25_T1:
572 if (opt < 1 || opt > ULONG_MAX / HZ) {
573 res = -EINVAL;
574 break;
575 }
576 ax25->rtt = (opt * HZ) >> 1;
577 ax25->t1 = opt * HZ;
578 break;
579
580 case AX25_T2:
581 if (opt < 1 || opt > ULONG_MAX / HZ) {
582 res = -EINVAL;
583 break;
584 }
585 ax25->t2 = opt * HZ;
586 break;
587
588 case AX25_N2:
589 if (opt < 1 || opt > 31) {
590 res = -EINVAL;
591 break;
592 }
593 ax25->n2 = opt;
594 break;
595
596 case AX25_T3:
597 if (opt < 1 || opt > ULONG_MAX / HZ) {
598 res = -EINVAL;
599 break;
600 }
601 ax25->t3 = opt * HZ;
602 break;
603
604 case AX25_IDLE:
605 if (opt > ULONG_MAX / (60 * HZ)) {
606 res = -EINVAL;
607 break;
608 }
609 ax25->idle = opt * 60 * HZ;
610 break;
611
612 case AX25_BACKOFF:
613 if (opt > 2) {
614 res = -EINVAL;
615 break;
616 }
617 ax25->backoff = opt;
618 break;
619
620 case AX25_EXTSEQ:
621 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
622 break;
623
624 case AX25_PIDINCL:
625 ax25->pidincl = opt ? 1 : 0;
626 break;
627
628 case AX25_IAMDIGI:
629 ax25->iamdigi = opt ? 1 : 0;
630 break;
631
632 case AX25_PACLEN:
633 if (opt < 16 || opt > 65535) {
634 res = -EINVAL;
635 break;
636 }
637 ax25->paclen = opt;
638 break;
639
640 case SO_BINDTODEVICE:
641 if (optlen > IFNAMSIZ - 1)
642 optlen = IFNAMSIZ - 1;
643
644 memset(devname, 0, sizeof(devname));
645
646 if (copy_from_user(devname, optval, optlen)) {
647 res = -EFAULT;
648 break;
649 }
650
651 if (sk->sk_type == SOCK_SEQPACKET &&
652 (sock->state != SS_UNCONNECTED ||
653 sk->sk_state == TCP_LISTEN)) {
654 res = -EADDRNOTAVAIL;
655 break;
656 }
657
658 rtnl_lock();
659 dev = __dev_get_by_name(&init_net, devname);
660 if (!dev) {
661 rtnl_unlock();
662 res = -ENODEV;
663 break;
664 }
665
666 ax25->ax25_dev = ax25_dev_ax25dev(dev);
667 if (!ax25->ax25_dev) {
668 rtnl_unlock();
669 res = -ENODEV;
670 break;
671 }
672 ax25_fillin_cb(ax25, ax25->ax25_dev);
673 rtnl_unlock();
674 break;
675
676 default:
677 res = -ENOPROTOOPT;
678 }
679 release_sock(sk);
680
681 return res;
682 }
683
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)684 static int ax25_getsockopt(struct socket *sock, int level, int optname,
685 char __user *optval, int __user *optlen)
686 {
687 struct sock *sk = sock->sk;
688 ax25_cb *ax25;
689 struct ax25_dev *ax25_dev;
690 char devname[IFNAMSIZ];
691 void *valptr;
692 int val = 0;
693 int maxlen, length;
694
695 if (level != SOL_AX25)
696 return -ENOPROTOOPT;
697
698 if (get_user(maxlen, optlen))
699 return -EFAULT;
700
701 if (maxlen < 1)
702 return -EFAULT;
703
704 valptr = (void *) &val;
705 length = min_t(unsigned int, maxlen, sizeof(int));
706
707 lock_sock(sk);
708 ax25 = sk_to_ax25(sk);
709
710 switch (optname) {
711 case AX25_WINDOW:
712 val = ax25->window;
713 break;
714
715 case AX25_T1:
716 val = ax25->t1 / HZ;
717 break;
718
719 case AX25_T2:
720 val = ax25->t2 / HZ;
721 break;
722
723 case AX25_N2:
724 val = ax25->n2;
725 break;
726
727 case AX25_T3:
728 val = ax25->t3 / HZ;
729 break;
730
731 case AX25_IDLE:
732 val = ax25->idle / (60 * HZ);
733 break;
734
735 case AX25_BACKOFF:
736 val = ax25->backoff;
737 break;
738
739 case AX25_EXTSEQ:
740 val = (ax25->modulus == AX25_EMODULUS);
741 break;
742
743 case AX25_PIDINCL:
744 val = ax25->pidincl;
745 break;
746
747 case AX25_IAMDIGI:
748 val = ax25->iamdigi;
749 break;
750
751 case AX25_PACLEN:
752 val = ax25->paclen;
753 break;
754
755 case SO_BINDTODEVICE:
756 ax25_dev = ax25->ax25_dev;
757
758 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
759 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
760 length = strlen(devname) + 1;
761 } else {
762 *devname = '\0';
763 length = 1;
764 }
765
766 valptr = (void *) devname;
767 break;
768
769 default:
770 release_sock(sk);
771 return -ENOPROTOOPT;
772 }
773 release_sock(sk);
774
775 if (put_user(length, optlen))
776 return -EFAULT;
777
778 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
779 }
780
ax25_listen(struct socket * sock,int backlog)781 static int ax25_listen(struct socket *sock, int backlog)
782 {
783 struct sock *sk = sock->sk;
784 int res = 0;
785
786 lock_sock(sk);
787 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
788 sk->sk_max_ack_backlog = backlog;
789 sk->sk_state = TCP_LISTEN;
790 goto out;
791 }
792 res = -EOPNOTSUPP;
793
794 out:
795 release_sock(sk);
796
797 return res;
798 }
799
800 /*
801 * XXX: when creating ax25_sock we should update the .obj_size setting
802 * below.
803 */
804 static struct proto ax25_proto = {
805 .name = "AX25",
806 .owner = THIS_MODULE,
807 .obj_size = sizeof(struct ax25_sock),
808 };
809
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)810 static int ax25_create(struct net *net, struct socket *sock, int protocol,
811 int kern)
812 {
813 struct sock *sk;
814 ax25_cb *ax25;
815
816 if (protocol < 0 || protocol > SK_PROTOCOL_MAX)
817 return -EINVAL;
818
819 if (!net_eq(net, &init_net))
820 return -EAFNOSUPPORT;
821
822 switch (sock->type) {
823 case SOCK_DGRAM:
824 if (protocol == 0 || protocol == PF_AX25)
825 protocol = AX25_P_TEXT;
826 break;
827
828 case SOCK_SEQPACKET:
829 switch (protocol) {
830 case 0:
831 case PF_AX25: /* For CLX */
832 protocol = AX25_P_TEXT;
833 break;
834 case AX25_P_SEGMENT:
835 #ifdef CONFIG_INET
836 case AX25_P_ARP:
837 case AX25_P_IP:
838 #endif
839 #ifdef CONFIG_NETROM
840 case AX25_P_NETROM:
841 #endif
842 #ifdef CONFIG_ROSE
843 case AX25_P_ROSE:
844 #endif
845 return -ESOCKTNOSUPPORT;
846 #ifdef CONFIG_NETROM_MODULE
847 case AX25_P_NETROM:
848 if (ax25_protocol_is_registered(AX25_P_NETROM))
849 return -ESOCKTNOSUPPORT;
850 break;
851 #endif
852 #ifdef CONFIG_ROSE_MODULE
853 case AX25_P_ROSE:
854 if (ax25_protocol_is_registered(AX25_P_ROSE))
855 return -ESOCKTNOSUPPORT;
856 #endif
857 default:
858 break;
859 }
860 break;
861
862 case SOCK_RAW:
863 if (!capable(CAP_NET_RAW))
864 return -EPERM;
865 break;
866 default:
867 return -ESOCKTNOSUPPORT;
868 }
869
870 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern);
871 if (sk == NULL)
872 return -ENOMEM;
873
874 ax25 = ax25_sk(sk)->cb = ax25_create_cb();
875 if (!ax25) {
876 sk_free(sk);
877 return -ENOMEM;
878 }
879
880 sock_init_data(sock, sk);
881
882 sk->sk_destruct = ax25_free_sock;
883 sock->ops = &ax25_proto_ops;
884 sk->sk_protocol = protocol;
885
886 ax25->sk = sk;
887
888 return 0;
889 }
890
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)891 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
892 {
893 struct sock *sk;
894 ax25_cb *ax25, *oax25;
895
896 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0);
897 if (sk == NULL)
898 return NULL;
899
900 if ((ax25 = ax25_create_cb()) == NULL) {
901 sk_free(sk);
902 return NULL;
903 }
904
905 switch (osk->sk_type) {
906 case SOCK_DGRAM:
907 break;
908 case SOCK_SEQPACKET:
909 break;
910 default:
911 sk_free(sk);
912 ax25_cb_put(ax25);
913 return NULL;
914 }
915
916 sock_init_data(NULL, sk);
917
918 sk->sk_type = osk->sk_type;
919 sk->sk_priority = osk->sk_priority;
920 sk->sk_protocol = osk->sk_protocol;
921 sk->sk_rcvbuf = osk->sk_rcvbuf;
922 sk->sk_sndbuf = osk->sk_sndbuf;
923 sk->sk_state = TCP_ESTABLISHED;
924 sock_copy_flags(sk, osk);
925
926 oax25 = sk_to_ax25(osk);
927
928 ax25->modulus = oax25->modulus;
929 ax25->backoff = oax25->backoff;
930 ax25->pidincl = oax25->pidincl;
931 ax25->iamdigi = oax25->iamdigi;
932 ax25->rtt = oax25->rtt;
933 ax25->t1 = oax25->t1;
934 ax25->t2 = oax25->t2;
935 ax25->t3 = oax25->t3;
936 ax25->n2 = oax25->n2;
937 ax25->idle = oax25->idle;
938 ax25->paclen = oax25->paclen;
939 ax25->window = oax25->window;
940
941 ax25->ax25_dev = ax25_dev;
942 ax25->source_addr = oax25->source_addr;
943
944 if (oax25->digipeat != NULL) {
945 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
946 GFP_ATOMIC);
947 if (ax25->digipeat == NULL) {
948 sk_free(sk);
949 ax25_cb_put(ax25);
950 return NULL;
951 }
952 }
953
954 ax25_sk(sk)->cb = ax25;
955 sk->sk_destruct = ax25_free_sock;
956 ax25->sk = sk;
957
958 return sk;
959 }
960
ax25_release(struct socket * sock)961 static int ax25_release(struct socket *sock)
962 {
963 struct sock *sk = sock->sk;
964 ax25_cb *ax25;
965
966 if (sk == NULL)
967 return 0;
968
969 sock_hold(sk);
970 sock_orphan(sk);
971 lock_sock(sk);
972 ax25 = sk_to_ax25(sk);
973
974 if (sk->sk_type == SOCK_SEQPACKET) {
975 switch (ax25->state) {
976 case AX25_STATE_0:
977 release_sock(sk);
978 ax25_disconnect(ax25, 0);
979 lock_sock(sk);
980 ax25_destroy_socket(ax25);
981 break;
982
983 case AX25_STATE_1:
984 case AX25_STATE_2:
985 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
986 release_sock(sk);
987 ax25_disconnect(ax25, 0);
988 lock_sock(sk);
989 if (!sock_flag(ax25->sk, SOCK_DESTROY))
990 ax25_destroy_socket(ax25);
991 break;
992
993 case AX25_STATE_3:
994 case AX25_STATE_4:
995 ax25_clear_queues(ax25);
996 ax25->n2count = 0;
997
998 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
999 case AX25_PROTO_STD_SIMPLEX:
1000 case AX25_PROTO_STD_DUPLEX:
1001 ax25_send_control(ax25,
1002 AX25_DISC,
1003 AX25_POLLON,
1004 AX25_COMMAND);
1005 ax25_stop_t2timer(ax25);
1006 ax25_stop_t3timer(ax25);
1007 ax25_stop_idletimer(ax25);
1008 break;
1009 #ifdef CONFIG_AX25_DAMA_SLAVE
1010 case AX25_PROTO_DAMA_SLAVE:
1011 ax25_stop_t3timer(ax25);
1012 ax25_stop_idletimer(ax25);
1013 break;
1014 #endif
1015 }
1016 ax25_calculate_t1(ax25);
1017 ax25_start_t1timer(ax25);
1018 ax25->state = AX25_STATE_2;
1019 sk->sk_state = TCP_CLOSE;
1020 sk->sk_shutdown |= SEND_SHUTDOWN;
1021 sk->sk_state_change(sk);
1022 sock_set_flag(sk, SOCK_DESTROY);
1023 break;
1024
1025 default:
1026 break;
1027 }
1028 } else {
1029 sk->sk_state = TCP_CLOSE;
1030 sk->sk_shutdown |= SEND_SHUTDOWN;
1031 sk->sk_state_change(sk);
1032 ax25_destroy_socket(ax25);
1033 }
1034
1035 sock->sk = NULL;
1036 release_sock(sk);
1037 sock_put(sk);
1038
1039 return 0;
1040 }
1041
1042 /*
1043 * We support a funny extension here so you can (as root) give any callsign
1044 * digipeated via a local address as source. This hack is obsolete now
1045 * that we've implemented support for SO_BINDTODEVICE. It is however small
1046 * and trivially backward compatible.
1047 */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1048 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1049 {
1050 struct sock *sk = sock->sk;
1051 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1052 ax25_dev *ax25_dev = NULL;
1053 ax25_uid_assoc *user;
1054 ax25_address call;
1055 ax25_cb *ax25;
1056 int err = 0;
1057
1058 if (addr_len != sizeof(struct sockaddr_ax25) &&
1059 addr_len != sizeof(struct full_sockaddr_ax25))
1060 /* support for old structure may go away some time
1061 * ax25_bind(): uses old (6 digipeater) socket structure.
1062 */
1063 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1064 (addr_len > sizeof(struct full_sockaddr_ax25)))
1065 return -EINVAL;
1066
1067 if (addr->fsa_ax25.sax25_family != AF_AX25)
1068 return -EINVAL;
1069
1070 user = ax25_findbyuid(current_euid());
1071 if (user) {
1072 call = user->call;
1073 ax25_uid_put(user);
1074 } else {
1075 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1076 return -EACCES;
1077
1078 call = addr->fsa_ax25.sax25_call;
1079 }
1080
1081 lock_sock(sk);
1082
1083 ax25 = sk_to_ax25(sk);
1084 if (!sock_flag(sk, SOCK_ZAPPED)) {
1085 err = -EINVAL;
1086 goto out;
1087 }
1088
1089 ax25->source_addr = call;
1090
1091 /*
1092 * User already set interface with SO_BINDTODEVICE
1093 */
1094 if (ax25->ax25_dev != NULL)
1095 goto done;
1096
1097 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1098 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1099 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1100 err = -EADDRNOTAVAIL;
1101 goto out;
1102 }
1103 } else {
1104 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1105 err = -EADDRNOTAVAIL;
1106 goto out;
1107 }
1108 }
1109
1110 if (ax25_dev != NULL)
1111 ax25_fillin_cb(ax25, ax25_dev);
1112
1113 done:
1114 ax25_cb_add(ax25);
1115 sock_reset_flag(sk, SOCK_ZAPPED);
1116
1117 out:
1118 release_sock(sk);
1119
1120 return err;
1121 }
1122
1123 /*
1124 * FIXME: nonblock behaviour looks like it may have a bug.
1125 */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1126 static int __must_check ax25_connect(struct socket *sock,
1127 struct sockaddr *uaddr, int addr_len, int flags)
1128 {
1129 struct sock *sk = sock->sk;
1130 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t;
1131 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1132 ax25_digi *digi = NULL;
1133 int ct = 0, err = 0;
1134
1135 /*
1136 * some sanity checks. code further down depends on this
1137 */
1138
1139 if (addr_len == sizeof(struct sockaddr_ax25))
1140 /* support for this will go away in early 2.5.x
1141 * ax25_connect(): uses obsolete socket structure
1142 */
1143 ;
1144 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1145 /* support for old structure may go away some time
1146 * ax25_connect(): uses old (6 digipeater) socket structure.
1147 */
1148 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1149 (addr_len > sizeof(struct full_sockaddr_ax25)))
1150 return -EINVAL;
1151
1152
1153 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1154 return -EINVAL;
1155
1156 lock_sock(sk);
1157
1158 /* deal with restarts */
1159 if (sock->state == SS_CONNECTING) {
1160 switch (sk->sk_state) {
1161 case TCP_SYN_SENT: /* still trying */
1162 err = -EINPROGRESS;
1163 goto out_release;
1164
1165 case TCP_ESTABLISHED: /* connection established */
1166 sock->state = SS_CONNECTED;
1167 goto out_release;
1168
1169 case TCP_CLOSE: /* connection refused */
1170 sock->state = SS_UNCONNECTED;
1171 err = -ECONNREFUSED;
1172 goto out_release;
1173 }
1174 }
1175
1176 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1177 err = -EISCONN; /* No reconnect on a seqpacket socket */
1178 goto out_release;
1179 }
1180
1181 sk->sk_state = TCP_CLOSE;
1182 sock->state = SS_UNCONNECTED;
1183
1184 kfree(ax25->digipeat);
1185 ax25->digipeat = NULL;
1186
1187 /*
1188 * Handle digi-peaters to be used.
1189 */
1190 if (addr_len > sizeof(struct sockaddr_ax25) &&
1191 fsa->fsa_ax25.sax25_ndigis != 0) {
1192 /* Valid number of digipeaters ? */
1193 if (fsa->fsa_ax25.sax25_ndigis < 1 ||
1194 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS ||
1195 addr_len < sizeof(struct sockaddr_ax25) +
1196 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) {
1197 err = -EINVAL;
1198 goto out_release;
1199 }
1200
1201 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1202 err = -ENOBUFS;
1203 goto out_release;
1204 }
1205
1206 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1207 digi->lastrepeat = -1;
1208
1209 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1210 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1211 AX25_HBIT) && ax25->iamdigi) {
1212 digi->repeated[ct] = 1;
1213 digi->lastrepeat = ct;
1214 } else {
1215 digi->repeated[ct] = 0;
1216 }
1217 digi->calls[ct] = fsa->fsa_digipeater[ct];
1218 ct++;
1219 }
1220 }
1221
1222 /*
1223 * Must bind first - autobinding in this may or may not work. If
1224 * the socket is already bound, check to see if the device has
1225 * been filled in, error if it hasn't.
1226 */
1227 if (sock_flag(sk, SOCK_ZAPPED)) {
1228 /* check if we can remove this feature. It is broken. */
1229 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1230 current->comm);
1231 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1232 kfree(digi);
1233 goto out_release;
1234 }
1235
1236 ax25_fillin_cb(ax25, ax25->ax25_dev);
1237 ax25_cb_add(ax25);
1238 } else {
1239 if (ax25->ax25_dev == NULL) {
1240 kfree(digi);
1241 err = -EHOSTUNREACH;
1242 goto out_release;
1243 }
1244 }
1245
1246 if (sk->sk_type == SOCK_SEQPACKET &&
1247 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1248 ax25->ax25_dev->dev))) {
1249 kfree(digi);
1250 err = -EADDRINUSE; /* Already such a connection */
1251 ax25_cb_put(ax25t);
1252 goto out_release;
1253 }
1254
1255 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1256 ax25->digipeat = digi;
1257
1258 /* First the easy one */
1259 if (sk->sk_type != SOCK_SEQPACKET) {
1260 sock->state = SS_CONNECTED;
1261 sk->sk_state = TCP_ESTABLISHED;
1262 goto out_release;
1263 }
1264
1265 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1266 sock->state = SS_CONNECTING;
1267 sk->sk_state = TCP_SYN_SENT;
1268
1269 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1270 case AX25_PROTO_STD_SIMPLEX:
1271 case AX25_PROTO_STD_DUPLEX:
1272 ax25_std_establish_data_link(ax25);
1273 break;
1274
1275 #ifdef CONFIG_AX25_DAMA_SLAVE
1276 case AX25_PROTO_DAMA_SLAVE:
1277 ax25->modulus = AX25_MODULUS;
1278 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1279 if (ax25->ax25_dev->dama.slave)
1280 ax25_ds_establish_data_link(ax25);
1281 else
1282 ax25_std_establish_data_link(ax25);
1283 break;
1284 #endif
1285 }
1286
1287 ax25->state = AX25_STATE_1;
1288
1289 ax25_start_heartbeat(ax25);
1290
1291 /* Now the loop */
1292 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1293 err = -EINPROGRESS;
1294 goto out_release;
1295 }
1296
1297 if (sk->sk_state == TCP_SYN_SENT) {
1298 DEFINE_WAIT(wait);
1299
1300 for (;;) {
1301 prepare_to_wait(sk_sleep(sk), &wait,
1302 TASK_INTERRUPTIBLE);
1303 if (sk->sk_state != TCP_SYN_SENT)
1304 break;
1305 if (!signal_pending(current)) {
1306 release_sock(sk);
1307 schedule();
1308 lock_sock(sk);
1309 continue;
1310 }
1311 err = -ERESTARTSYS;
1312 break;
1313 }
1314 finish_wait(sk_sleep(sk), &wait);
1315
1316 if (err)
1317 goto out_release;
1318 }
1319
1320 if (sk->sk_state != TCP_ESTABLISHED) {
1321 /* Not in ABM, not in WAIT_UA -> failed */
1322 sock->state = SS_UNCONNECTED;
1323 err = sock_error(sk); /* Always set at this point */
1324 goto out_release;
1325 }
1326
1327 sock->state = SS_CONNECTED;
1328
1329 err = 0;
1330 out_release:
1331 release_sock(sk);
1332
1333 return err;
1334 }
1335
ax25_accept(struct socket * sock,struct socket * newsock,int flags,bool kern)1336 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags,
1337 bool kern)
1338 {
1339 struct sk_buff *skb;
1340 struct sock *newsk;
1341 DEFINE_WAIT(wait);
1342 struct sock *sk;
1343 int err = 0;
1344
1345 if (sock->state != SS_UNCONNECTED)
1346 return -EINVAL;
1347
1348 if ((sk = sock->sk) == NULL)
1349 return -EINVAL;
1350
1351 lock_sock(sk);
1352 if (sk->sk_type != SOCK_SEQPACKET) {
1353 err = -EOPNOTSUPP;
1354 goto out;
1355 }
1356
1357 if (sk->sk_state != TCP_LISTEN) {
1358 err = -EINVAL;
1359 goto out;
1360 }
1361
1362 /*
1363 * The read queue this time is holding sockets ready to use
1364 * hooked into the SABM we saved
1365 */
1366 for (;;) {
1367 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1368 skb = skb_dequeue(&sk->sk_receive_queue);
1369 if (skb)
1370 break;
1371
1372 if (flags & O_NONBLOCK) {
1373 err = -EWOULDBLOCK;
1374 break;
1375 }
1376 if (!signal_pending(current)) {
1377 release_sock(sk);
1378 schedule();
1379 lock_sock(sk);
1380 continue;
1381 }
1382 err = -ERESTARTSYS;
1383 break;
1384 }
1385 finish_wait(sk_sleep(sk), &wait);
1386
1387 if (err)
1388 goto out;
1389
1390 newsk = skb->sk;
1391 sock_graft(newsk, newsock);
1392
1393 /* Now attach up the new socket */
1394 kfree_skb(skb);
1395 sk->sk_ack_backlog--;
1396 newsock->state = SS_CONNECTED;
1397
1398 out:
1399 release_sock(sk);
1400
1401 return err;
1402 }
1403
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int peer)1404 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1405 int peer)
1406 {
1407 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1408 struct sock *sk = sock->sk;
1409 unsigned char ndigi, i;
1410 ax25_cb *ax25;
1411 int err = 0;
1412
1413 memset(fsa, 0, sizeof(*fsa));
1414 lock_sock(sk);
1415 ax25 = sk_to_ax25(sk);
1416
1417 if (peer != 0) {
1418 if (sk->sk_state != TCP_ESTABLISHED) {
1419 err = -ENOTCONN;
1420 goto out;
1421 }
1422
1423 fsa->fsa_ax25.sax25_family = AF_AX25;
1424 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1425
1426 if (ax25->digipeat != NULL) {
1427 ndigi = ax25->digipeat->ndigi;
1428 fsa->fsa_ax25.sax25_ndigis = ndigi;
1429 for (i = 0; i < ndigi; i++)
1430 fsa->fsa_digipeater[i] =
1431 ax25->digipeat->calls[i];
1432 }
1433 } else {
1434 fsa->fsa_ax25.sax25_family = AF_AX25;
1435 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1436 fsa->fsa_ax25.sax25_ndigis = 1;
1437 if (ax25->ax25_dev != NULL) {
1438 memcpy(&fsa->fsa_digipeater[0],
1439 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1440 } else {
1441 fsa->fsa_digipeater[0] = null_ax25_address;
1442 }
1443 }
1444 err = sizeof (struct full_sockaddr_ax25);
1445
1446 out:
1447 release_sock(sk);
1448
1449 return err;
1450 }
1451
ax25_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)1452 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1453 {
1454 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1455 struct sock *sk = sock->sk;
1456 struct sockaddr_ax25 sax;
1457 struct sk_buff *skb;
1458 ax25_digi dtmp, *dp;
1459 ax25_cb *ax25;
1460 size_t size;
1461 int lv, err, addr_len = msg->msg_namelen;
1462
1463 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1464 return -EINVAL;
1465
1466 lock_sock(sk);
1467 ax25 = sk_to_ax25(sk);
1468
1469 if (sock_flag(sk, SOCK_ZAPPED)) {
1470 err = -EADDRNOTAVAIL;
1471 goto out;
1472 }
1473
1474 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1475 send_sig(SIGPIPE, current, 0);
1476 err = -EPIPE;
1477 goto out;
1478 }
1479
1480 if (ax25->ax25_dev == NULL) {
1481 err = -ENETUNREACH;
1482 goto out;
1483 }
1484
1485 if (len > ax25->ax25_dev->dev->mtu) {
1486 err = -EMSGSIZE;
1487 goto out;
1488 }
1489
1490 if (usax != NULL) {
1491 if (usax->sax25_family != AF_AX25) {
1492 err = -EINVAL;
1493 goto out;
1494 }
1495
1496 if (addr_len == sizeof(struct sockaddr_ax25))
1497 /* ax25_sendmsg(): uses obsolete socket structure */
1498 ;
1499 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1500 /* support for old structure may go away some time
1501 * ax25_sendmsg(): uses old (6 digipeater)
1502 * socket structure.
1503 */
1504 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1505 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1506 err = -EINVAL;
1507 goto out;
1508 }
1509
1510
1511 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1512 int ct = 0;
1513 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1514
1515 /* Valid number of digipeaters ? */
1516 if (usax->sax25_ndigis < 1 ||
1517 usax->sax25_ndigis > AX25_MAX_DIGIS ||
1518 addr_len < sizeof(struct sockaddr_ax25) +
1519 sizeof(ax25_address) * usax->sax25_ndigis) {
1520 err = -EINVAL;
1521 goto out;
1522 }
1523
1524 dtmp.ndigi = usax->sax25_ndigis;
1525
1526 while (ct < usax->sax25_ndigis) {
1527 dtmp.repeated[ct] = 0;
1528 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1529 ct++;
1530 }
1531
1532 dtmp.lastrepeat = 0;
1533 }
1534
1535 sax = *usax;
1536 if (sk->sk_type == SOCK_SEQPACKET &&
1537 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1538 err = -EISCONN;
1539 goto out;
1540 }
1541 if (usax->sax25_ndigis == 0)
1542 dp = NULL;
1543 else
1544 dp = &dtmp;
1545 } else {
1546 /*
1547 * FIXME: 1003.1g - if the socket is like this because
1548 * it has become closed (not started closed) and is VC
1549 * we ought to SIGPIPE, EPIPE
1550 */
1551 if (sk->sk_state != TCP_ESTABLISHED) {
1552 err = -ENOTCONN;
1553 goto out;
1554 }
1555 sax.sax25_family = AF_AX25;
1556 sax.sax25_call = ax25->dest_addr;
1557 dp = ax25->digipeat;
1558 }
1559
1560 /* Build a packet */
1561 /* Assume the worst case */
1562 size = len + ax25->ax25_dev->dev->hard_header_len;
1563
1564 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1565 if (skb == NULL)
1566 goto out;
1567
1568 skb_reserve(skb, size - len);
1569
1570 /* User data follows immediately after the AX.25 data */
1571 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1572 err = -EFAULT;
1573 kfree_skb(skb);
1574 goto out;
1575 }
1576
1577 skb_reset_network_header(skb);
1578
1579 /* Add the PID if one is not supplied by the user in the skb */
1580 if (!ax25->pidincl)
1581 *(u8 *)skb_push(skb, 1) = sk->sk_protocol;
1582
1583 if (sk->sk_type == SOCK_SEQPACKET) {
1584 /* Connected mode sockets go via the LAPB machine */
1585 if (sk->sk_state != TCP_ESTABLISHED) {
1586 kfree_skb(skb);
1587 err = -ENOTCONN;
1588 goto out;
1589 }
1590
1591 /* Shove it onto the queue and kick */
1592 ax25_output(ax25, ax25->paclen, skb);
1593
1594 err = len;
1595 goto out;
1596 }
1597
1598 skb_push(skb, 1 + ax25_addr_size(dp));
1599
1600 /* Building AX.25 Header */
1601
1602 /* Build an AX.25 header */
1603 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1604 dp, AX25_COMMAND, AX25_MODULUS);
1605
1606 skb_set_transport_header(skb, lv);
1607
1608 *skb_transport_header(skb) = AX25_UI;
1609
1610 /* Datagram frames go straight out of the door as UI */
1611 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1612
1613 err = len;
1614
1615 out:
1616 release_sock(sk);
1617
1618 return err;
1619 }
1620
ax25_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)1621 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1622 int flags)
1623 {
1624 struct sock *sk = sock->sk;
1625 struct sk_buff *skb;
1626 int copied;
1627 int err = 0;
1628
1629 lock_sock(sk);
1630 /*
1631 * This works for seqpacket too. The receiver has ordered the
1632 * queue for us! We do one quick check first though
1633 */
1634 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1635 err = -ENOTCONN;
1636 goto out;
1637 }
1638
1639 /* Now we can treat all alike */
1640 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1641 flags & MSG_DONTWAIT, &err);
1642 if (skb == NULL)
1643 goto out;
1644
1645 if (!sk_to_ax25(sk)->pidincl)
1646 skb_pull(skb, 1); /* Remove PID */
1647
1648 skb_reset_transport_header(skb);
1649 copied = skb->len;
1650
1651 if (copied > size) {
1652 copied = size;
1653 msg->msg_flags |= MSG_TRUNC;
1654 }
1655
1656 skb_copy_datagram_msg(skb, 0, msg, copied);
1657
1658 if (msg->msg_name) {
1659 ax25_digi digi;
1660 ax25_address src;
1661 const unsigned char *mac = skb_mac_header(skb);
1662 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1663
1664 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1665 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1666 &digi, NULL, NULL);
1667 sax->sax25_family = AF_AX25;
1668 /* We set this correctly, even though we may not let the
1669 application know the digi calls further down (because it
1670 did NOT ask to know them). This could get political... **/
1671 sax->sax25_ndigis = digi.ndigi;
1672 sax->sax25_call = src;
1673
1674 if (sax->sax25_ndigis != 0) {
1675 int ct;
1676 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1677
1678 for (ct = 0; ct < digi.ndigi; ct++)
1679 fsa->fsa_digipeater[ct] = digi.calls[ct];
1680 }
1681 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1682 }
1683
1684 skb_free_datagram(sk, skb);
1685 err = copied;
1686
1687 out:
1688 release_sock(sk);
1689
1690 return err;
1691 }
1692
ax25_shutdown(struct socket * sk,int how)1693 static int ax25_shutdown(struct socket *sk, int how)
1694 {
1695 /* FIXME - generate DM and RNR states */
1696 return -EOPNOTSUPP;
1697 }
1698
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1699 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1700 {
1701 struct sock *sk = sock->sk;
1702 void __user *argp = (void __user *)arg;
1703 int res = 0;
1704
1705 lock_sock(sk);
1706 switch (cmd) {
1707 case TIOCOUTQ: {
1708 long amount;
1709
1710 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1711 if (amount < 0)
1712 amount = 0;
1713 res = put_user(amount, (int __user *)argp);
1714 break;
1715 }
1716
1717 case TIOCINQ: {
1718 struct sk_buff *skb;
1719 long amount = 0L;
1720 /* These two are safe on a single CPU system as only user tasks fiddle here */
1721 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1722 amount = skb->len;
1723 res = put_user(amount, (int __user *) argp);
1724 break;
1725 }
1726
1727 case SIOCGSTAMP:
1728 res = sock_get_timestamp(sk, argp);
1729 break;
1730
1731 case SIOCGSTAMPNS:
1732 res = sock_get_timestampns(sk, argp);
1733 break;
1734
1735 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1736 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1737 case SIOCAX25GETUID: {
1738 struct sockaddr_ax25 sax25;
1739 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1740 res = -EFAULT;
1741 break;
1742 }
1743 res = ax25_uid_ioctl(cmd, &sax25);
1744 break;
1745 }
1746
1747 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1748 long amount;
1749 if (!capable(CAP_NET_ADMIN)) {
1750 res = -EPERM;
1751 break;
1752 }
1753 if (get_user(amount, (long __user *)argp)) {
1754 res = -EFAULT;
1755 break;
1756 }
1757 if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1758 res = -EINVAL;
1759 break;
1760 }
1761 ax25_uid_policy = amount;
1762 res = 0;
1763 break;
1764 }
1765
1766 case SIOCADDRT:
1767 case SIOCDELRT:
1768 case SIOCAX25OPTRT:
1769 if (!capable(CAP_NET_ADMIN)) {
1770 res = -EPERM;
1771 break;
1772 }
1773 res = ax25_rt_ioctl(cmd, argp);
1774 break;
1775
1776 case SIOCAX25CTLCON:
1777 if (!capable(CAP_NET_ADMIN)) {
1778 res = -EPERM;
1779 break;
1780 }
1781 res = ax25_ctl_ioctl(cmd, argp);
1782 break;
1783
1784 case SIOCAX25GETINFO:
1785 case SIOCAX25GETINFOOLD: {
1786 ax25_cb *ax25 = sk_to_ax25(sk);
1787 struct ax25_info_struct ax25_info;
1788
1789 ax25_info.t1 = ax25->t1 / HZ;
1790 ax25_info.t2 = ax25->t2 / HZ;
1791 ax25_info.t3 = ax25->t3 / HZ;
1792 ax25_info.idle = ax25->idle / (60 * HZ);
1793 ax25_info.n2 = ax25->n2;
1794 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1795 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1796 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1797 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1798 ax25_info.n2count = ax25->n2count;
1799 ax25_info.state = ax25->state;
1800 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1801 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1802 ax25_info.vs = ax25->vs;
1803 ax25_info.vr = ax25->vr;
1804 ax25_info.va = ax25->va;
1805 ax25_info.vs_max = ax25->vs; /* reserved */
1806 ax25_info.paclen = ax25->paclen;
1807 ax25_info.window = ax25->window;
1808
1809 /* old structure? */
1810 if (cmd == SIOCAX25GETINFOOLD) {
1811 static int warned = 0;
1812 if (!warned) {
1813 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1814 current->comm);
1815 warned=1;
1816 }
1817
1818 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1819 res = -EFAULT;
1820 break;
1821 }
1822 } else {
1823 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1824 res = -EINVAL;
1825 break;
1826 }
1827 }
1828 res = 0;
1829 break;
1830 }
1831
1832 case SIOCAX25ADDFWD:
1833 case SIOCAX25DELFWD: {
1834 struct ax25_fwd_struct ax25_fwd;
1835 if (!capable(CAP_NET_ADMIN)) {
1836 res = -EPERM;
1837 break;
1838 }
1839 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1840 res = -EFAULT;
1841 break;
1842 }
1843 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1844 break;
1845 }
1846
1847 case SIOCGIFADDR:
1848 case SIOCSIFADDR:
1849 case SIOCGIFDSTADDR:
1850 case SIOCSIFDSTADDR:
1851 case SIOCGIFBRDADDR:
1852 case SIOCSIFBRDADDR:
1853 case SIOCGIFNETMASK:
1854 case SIOCSIFNETMASK:
1855 case SIOCGIFMETRIC:
1856 case SIOCSIFMETRIC:
1857 res = -EINVAL;
1858 break;
1859
1860 default:
1861 res = -ENOIOCTLCMD;
1862 break;
1863 }
1864 release_sock(sk);
1865
1866 return res;
1867 }
1868
1869 #ifdef CONFIG_PROC_FS
1870
ax25_info_start(struct seq_file * seq,loff_t * pos)1871 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1872 __acquires(ax25_list_lock)
1873 {
1874 spin_lock_bh(&ax25_list_lock);
1875 return seq_hlist_start(&ax25_list, *pos);
1876 }
1877
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1878 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1879 {
1880 return seq_hlist_next(v, &ax25_list, pos);
1881 }
1882
ax25_info_stop(struct seq_file * seq,void * v)1883 static void ax25_info_stop(struct seq_file *seq, void *v)
1884 __releases(ax25_list_lock)
1885 {
1886 spin_unlock_bh(&ax25_list_lock);
1887 }
1888
ax25_info_show(struct seq_file * seq,void * v)1889 static int ax25_info_show(struct seq_file *seq, void *v)
1890 {
1891 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1892 char buf[11];
1893 int k;
1894
1895
1896 /*
1897 * New format:
1898 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1899 */
1900
1901 seq_printf(seq, "%8.8lx %s %s%s ",
1902 (long) ax25,
1903 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1904 ax2asc(buf, &ax25->source_addr),
1905 ax25->iamdigi? "*":"");
1906 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1907
1908 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1909 seq_printf(seq, ",%s%s",
1910 ax2asc(buf, &ax25->digipeat->calls[k]),
1911 ax25->digipeat->repeated[k]? "*":"");
1912 }
1913
1914 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1915 ax25->state,
1916 ax25->vs, ax25->vr, ax25->va,
1917 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1918 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1919 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1920 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1921 ax25->idle / (60 * HZ),
1922 ax25->n2count, ax25->n2,
1923 ax25->rtt / HZ,
1924 ax25->window,
1925 ax25->paclen);
1926
1927 if (ax25->sk != NULL) {
1928 seq_printf(seq, " %d %d %lu\n",
1929 sk_wmem_alloc_get(ax25->sk),
1930 sk_rmem_alloc_get(ax25->sk),
1931 sock_i_ino(ax25->sk));
1932 } else {
1933 seq_puts(seq, " * * *\n");
1934 }
1935 return 0;
1936 }
1937
1938 static const struct seq_operations ax25_info_seqops = {
1939 .start = ax25_info_start,
1940 .next = ax25_info_next,
1941 .stop = ax25_info_stop,
1942 .show = ax25_info_show,
1943 };
1944 #endif
1945
1946 static const struct net_proto_family ax25_family_ops = {
1947 .family = PF_AX25,
1948 .create = ax25_create,
1949 .owner = THIS_MODULE,
1950 };
1951
1952 static const struct proto_ops ax25_proto_ops = {
1953 .family = PF_AX25,
1954 .owner = THIS_MODULE,
1955 .release = ax25_release,
1956 .bind = ax25_bind,
1957 .connect = ax25_connect,
1958 .socketpair = sock_no_socketpair,
1959 .accept = ax25_accept,
1960 .getname = ax25_getname,
1961 .poll = datagram_poll,
1962 .ioctl = ax25_ioctl,
1963 .listen = ax25_listen,
1964 .shutdown = ax25_shutdown,
1965 .setsockopt = ax25_setsockopt,
1966 .getsockopt = ax25_getsockopt,
1967 .sendmsg = ax25_sendmsg,
1968 .recvmsg = ax25_recvmsg,
1969 .mmap = sock_no_mmap,
1970 .sendpage = sock_no_sendpage,
1971 };
1972
1973 /*
1974 * Called by socket.c on kernel start up
1975 */
1976 static struct packet_type ax25_packet_type __read_mostly = {
1977 .type = cpu_to_be16(ETH_P_AX25),
1978 .func = ax25_kiss_rcv,
1979 };
1980
1981 static struct notifier_block ax25_dev_notifier = {
1982 .notifier_call = ax25_device_event,
1983 };
1984
ax25_init(void)1985 static int __init ax25_init(void)
1986 {
1987 int rc = proto_register(&ax25_proto, 0);
1988
1989 if (rc != 0)
1990 goto out;
1991
1992 sock_register(&ax25_family_ops);
1993 dev_add_pack(&ax25_packet_type);
1994 register_netdevice_notifier(&ax25_dev_notifier);
1995
1996 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops);
1997 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops);
1998 proc_create_seq("ax25_calls", 0444, init_net.proc_net,
1999 &ax25_uid_seqops);
2000 out:
2001 return rc;
2002 }
2003 module_init(ax25_init);
2004
2005
2006 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2007 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2008 MODULE_LICENSE("GPL");
2009 MODULE_ALIAS_NETPROTO(PF_AX25);
2010
ax25_exit(void)2011 static void __exit ax25_exit(void)
2012 {
2013 remove_proc_entry("ax25_route", init_net.proc_net);
2014 remove_proc_entry("ax25", init_net.proc_net);
2015 remove_proc_entry("ax25_calls", init_net.proc_net);
2016
2017 unregister_netdevice_notifier(&ax25_dev_notifier);
2018
2019 dev_remove_pack(&ax25_packet_type);
2020
2021 sock_unregister(PF_AX25);
2022 proto_unregister(&ax25_proto);
2023
2024 ax25_rt_free();
2025 ax25_uid_free();
2026 ax25_dev_free();
2027 }
2028 module_exit(ax25_exit);
2029