1 /*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
10 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
11 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
12 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
13 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
14 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
15 */
16 #include <linux/capability.h>
17 #include <linux/module.h>
18 #include <linux/errno.h>
19 #include <linux/types.h>
20 #include <linux/socket.h>
21 #include <linux/in.h>
22 #include <linux/kernel.h>
23 #include <linux/sched.h>
24 #include <linux/timer.h>
25 #include <linux/string.h>
26 #include <linux/sockios.h>
27 #include <linux/net.h>
28 #include <linux/slab.h>
29 #include <net/ax25.h>
30 #include <linux/inet.h>
31 #include <linux/netdevice.h>
32 #include <linux/if_arp.h>
33 #include <linux/skbuff.h>
34 #include <net/sock.h>
35 #include <asm/uaccess.h>
36 #include <linux/fcntl.h>
37 #include <linux/termios.h> /* For TIOCINQ/OUTQ */
38 #include <linux/mm.h>
39 #include <linux/interrupt.h>
40 #include <linux/notifier.h>
41 #include <linux/proc_fs.h>
42 #include <linux/stat.h>
43 #include <linux/netfilter.h>
44 #include <linux/sysctl.h>
45 #include <linux/init.h>
46 #include <linux/spinlock.h>
47 #include <net/net_namespace.h>
48 #include <net/tcp_states.h>
49 #include <net/ip.h>
50 #include <net/arp.h>
51
52
53
54 HLIST_HEAD(ax25_list);
55 DEFINE_SPINLOCK(ax25_list_lock);
56
57 static const struct proto_ops ax25_proto_ops;
58
ax25_free_sock(struct sock * sk)59 static void ax25_free_sock(struct sock *sk)
60 {
61 ax25_cb_put(ax25_sk(sk));
62 }
63
64 /*
65 * Socket removal during an interrupt is now safe.
66 */
ax25_cb_del(ax25_cb * ax25)67 static void ax25_cb_del(ax25_cb *ax25)
68 {
69 if (!hlist_unhashed(&ax25->ax25_node)) {
70 spin_lock_bh(&ax25_list_lock);
71 hlist_del_init(&ax25->ax25_node);
72 spin_unlock_bh(&ax25_list_lock);
73 ax25_cb_put(ax25);
74 }
75 }
76
77 /*
78 * Kill all bound sockets on a dropped device.
79 */
ax25_kill_by_device(struct net_device * dev)80 static void ax25_kill_by_device(struct net_device *dev)
81 {
82 ax25_dev *ax25_dev;
83 ax25_cb *s;
84
85 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
86 return;
87
88 spin_lock_bh(&ax25_list_lock);
89 again:
90 ax25_for_each(s, &ax25_list) {
91 if (s->ax25_dev == ax25_dev) {
92 s->ax25_dev = NULL;
93 spin_unlock_bh(&ax25_list_lock);
94 ax25_disconnect(s, ENETUNREACH);
95 spin_lock_bh(&ax25_list_lock);
96
97 /* The entry could have been deleted from the
98 * list meanwhile and thus the next pointer is
99 * no longer valid. Play it safe and restart
100 * the scan. Forward progress is ensured
101 * because we set s->ax25_dev to NULL and we
102 * are never passed a NULL 'dev' argument.
103 */
104 goto again;
105 }
106 }
107 spin_unlock_bh(&ax25_list_lock);
108 }
109
110 /*
111 * Handle device status changes.
112 */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)113 static int ax25_device_event(struct notifier_block *this, unsigned long event,
114 void *ptr)
115 {
116 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
117
118 if (!net_eq(dev_net(dev), &init_net))
119 return NOTIFY_DONE;
120
121 /* Reject non AX.25 devices */
122 if (dev->type != ARPHRD_AX25)
123 return NOTIFY_DONE;
124
125 switch (event) {
126 case NETDEV_UP:
127 ax25_dev_device_up(dev);
128 break;
129 case NETDEV_DOWN:
130 ax25_kill_by_device(dev);
131 ax25_rt_device_down(dev);
132 ax25_dev_device_down(dev);
133 break;
134 default:
135 break;
136 }
137
138 return NOTIFY_DONE;
139 }
140
141 /*
142 * Add a socket to the bound sockets list.
143 */
ax25_cb_add(ax25_cb * ax25)144 void ax25_cb_add(ax25_cb *ax25)
145 {
146 spin_lock_bh(&ax25_list_lock);
147 ax25_cb_hold(ax25);
148 hlist_add_head(&ax25->ax25_node, &ax25_list);
149 spin_unlock_bh(&ax25_list_lock);
150 }
151
152 /*
153 * Find a socket that wants to accept the SABM we have just
154 * received.
155 */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)156 struct sock *ax25_find_listener(ax25_address *addr, int digi,
157 struct net_device *dev, int type)
158 {
159 ax25_cb *s;
160
161 spin_lock(&ax25_list_lock);
162 ax25_for_each(s, &ax25_list) {
163 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
164 continue;
165 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
166 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
167 /* If device is null we match any device */
168 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
169 sock_hold(s->sk);
170 spin_unlock(&ax25_list_lock);
171 return s->sk;
172 }
173 }
174 }
175 spin_unlock(&ax25_list_lock);
176
177 return NULL;
178 }
179
180 /*
181 * Find an AX.25 socket given both ends.
182 */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)183 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
184 int type)
185 {
186 struct sock *sk = NULL;
187 ax25_cb *s;
188
189 spin_lock(&ax25_list_lock);
190 ax25_for_each(s, &ax25_list) {
191 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
192 !ax25cmp(&s->dest_addr, dest_addr) &&
193 s->sk->sk_type == type) {
194 sk = s->sk;
195 sock_hold(sk);
196 break;
197 }
198 }
199
200 spin_unlock(&ax25_list_lock);
201
202 return sk;
203 }
204
205 /*
206 * Find an AX.25 control block given both ends. It will only pick up
207 * floating AX.25 control blocks or non Raw socket bound control blocks.
208 */
ax25_find_cb(ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)209 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
210 ax25_digi *digi, struct net_device *dev)
211 {
212 ax25_cb *s;
213
214 spin_lock_bh(&ax25_list_lock);
215 ax25_for_each(s, &ax25_list) {
216 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
217 continue;
218 if (s->ax25_dev == NULL)
219 continue;
220 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
221 if (digi != NULL && digi->ndigi != 0) {
222 if (s->digipeat == NULL)
223 continue;
224 if (ax25digicmp(s->digipeat, digi) != 0)
225 continue;
226 } else {
227 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
228 continue;
229 }
230 ax25_cb_hold(s);
231 spin_unlock_bh(&ax25_list_lock);
232
233 return s;
234 }
235 }
236 spin_unlock_bh(&ax25_list_lock);
237
238 return NULL;
239 }
240
241 EXPORT_SYMBOL(ax25_find_cb);
242
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)243 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
244 {
245 ax25_cb *s;
246 struct sk_buff *copy;
247
248 spin_lock(&ax25_list_lock);
249 ax25_for_each(s, &ax25_list) {
250 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
251 s->sk->sk_type == SOCK_RAW &&
252 s->sk->sk_protocol == proto &&
253 s->ax25_dev->dev == skb->dev &&
254 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
255 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
256 continue;
257 if (sock_queue_rcv_skb(s->sk, copy) != 0)
258 kfree_skb(copy);
259 }
260 }
261 spin_unlock(&ax25_list_lock);
262 }
263
264 /*
265 * Deferred destroy.
266 */
267 void ax25_destroy_socket(ax25_cb *);
268
269 /*
270 * Handler for deferred kills.
271 */
ax25_destroy_timer(unsigned long data)272 static void ax25_destroy_timer(unsigned long data)
273 {
274 ax25_cb *ax25=(ax25_cb *)data;
275 struct sock *sk;
276
277 sk=ax25->sk;
278
279 bh_lock_sock(sk);
280 sock_hold(sk);
281 ax25_destroy_socket(ax25);
282 bh_unlock_sock(sk);
283 sock_put(sk);
284 }
285
286 /*
287 * This is called from user mode and the timers. Thus it protects itself
288 * against interrupt users but doesn't worry about being called during
289 * work. Once it is removed from the queue no interrupt or bottom half
290 * will touch it and we are (fairly 8-) ) safe.
291 */
ax25_destroy_socket(ax25_cb * ax25)292 void ax25_destroy_socket(ax25_cb *ax25)
293 {
294 struct sk_buff *skb;
295
296 ax25_cb_del(ax25);
297
298 ax25_stop_heartbeat(ax25);
299 ax25_stop_t1timer(ax25);
300 ax25_stop_t2timer(ax25);
301 ax25_stop_t3timer(ax25);
302 ax25_stop_idletimer(ax25);
303
304 ax25_clear_queues(ax25); /* Flush the queues */
305
306 if (ax25->sk != NULL) {
307 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
308 if (skb->sk != ax25->sk) {
309 /* A pending connection */
310 ax25_cb *sax25 = ax25_sk(skb->sk);
311
312 /* Queue the unaccepted socket for death */
313 sock_orphan(skb->sk);
314
315 /* 9A4GL: hack to release unaccepted sockets */
316 skb->sk->sk_state = TCP_LISTEN;
317
318 ax25_start_heartbeat(sax25);
319 sax25->state = AX25_STATE_0;
320 }
321
322 kfree_skb(skb);
323 }
324 skb_queue_purge(&ax25->sk->sk_write_queue);
325 }
326
327 if (ax25->sk != NULL) {
328 if (sk_has_allocations(ax25->sk)) {
329 /* Defer: outstanding buffers */
330 setup_timer(&ax25->dtimer, ax25_destroy_timer,
331 (unsigned long)ax25);
332 ax25->dtimer.expires = jiffies + 2 * HZ;
333 add_timer(&ax25->dtimer);
334 } else {
335 struct sock *sk=ax25->sk;
336 ax25->sk=NULL;
337 sock_put(sk);
338 }
339 } else {
340 ax25_cb_put(ax25);
341 }
342 }
343
344 /*
345 * dl1bke 960311: set parameters for existing AX.25 connections,
346 * includes a KILL command to abort any connection.
347 * VERY useful for debugging ;-)
348 */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)349 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
350 {
351 struct ax25_ctl_struct ax25_ctl;
352 ax25_digi digi;
353 ax25_dev *ax25_dev;
354 ax25_cb *ax25;
355 unsigned int k;
356 int ret = 0;
357
358 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
359 return -EFAULT;
360
361 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
362 return -ENODEV;
363
364 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
365 return -EINVAL;
366
367 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
368 return -EINVAL;
369
370 digi.ndigi = ax25_ctl.digi_count;
371 for (k = 0; k < digi.ndigi; k++)
372 digi.calls[k] = ax25_ctl.digi_addr[k];
373
374 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
375 return -ENOTCONN;
376
377 switch (ax25_ctl.cmd) {
378 case AX25_KILL:
379 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
380 #ifdef CONFIG_AX25_DAMA_SLAVE
381 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
382 ax25_dama_off(ax25);
383 #endif
384 ax25_disconnect(ax25, ENETRESET);
385 break;
386
387 case AX25_WINDOW:
388 if (ax25->modulus == AX25_MODULUS) {
389 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
390 goto einval_put;
391 } else {
392 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
393 goto einval_put;
394 }
395 ax25->window = ax25_ctl.arg;
396 break;
397
398 case AX25_T1:
399 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
400 goto einval_put;
401 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
402 ax25->t1 = ax25_ctl.arg * HZ;
403 break;
404
405 case AX25_T2:
406 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
407 goto einval_put;
408 ax25->t2 = ax25_ctl.arg * HZ;
409 break;
410
411 case AX25_N2:
412 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
413 goto einval_put;
414 ax25->n2count = 0;
415 ax25->n2 = ax25_ctl.arg;
416 break;
417
418 case AX25_T3:
419 if (ax25_ctl.arg > ULONG_MAX / HZ)
420 goto einval_put;
421 ax25->t3 = ax25_ctl.arg * HZ;
422 break;
423
424 case AX25_IDLE:
425 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
426 goto einval_put;
427
428 ax25->idle = ax25_ctl.arg * 60 * HZ;
429 break;
430
431 case AX25_PACLEN:
432 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
433 goto einval_put;
434 ax25->paclen = ax25_ctl.arg;
435 break;
436
437 default:
438 goto einval_put;
439 }
440
441 out_put:
442 ax25_cb_put(ax25);
443 return ret;
444
445 einval_put:
446 ret = -EINVAL;
447 goto out_put;
448 }
449
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)450 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
451 {
452 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
453 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
454 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
455 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
456 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
457 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
458 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
459 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
460
461 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
462 ax25->modulus = AX25_EMODULUS;
463 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
464 } else {
465 ax25->modulus = AX25_MODULUS;
466 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
467 }
468 }
469
470 /*
471 * Fill in a created AX.25 created control block with the default
472 * values for a particular device.
473 */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)474 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
475 {
476 ax25->ax25_dev = ax25_dev;
477
478 if (ax25->ax25_dev != NULL) {
479 ax25_fillin_cb_from_dev(ax25, ax25_dev);
480 return;
481 }
482
483 /*
484 * No device, use kernel / AX.25 spec default values
485 */
486 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
487 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
488 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
489 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
490 ax25->n2 = AX25_DEF_N2;
491 ax25->paclen = AX25_DEF_PACLEN;
492 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
493 ax25->backoff = AX25_DEF_BACKOFF;
494
495 if (AX25_DEF_AXDEFMODE) {
496 ax25->modulus = AX25_EMODULUS;
497 ax25->window = AX25_DEF_EWINDOW;
498 } else {
499 ax25->modulus = AX25_MODULUS;
500 ax25->window = AX25_DEF_WINDOW;
501 }
502 }
503
504 /*
505 * Create an empty AX.25 control block.
506 */
ax25_create_cb(void)507 ax25_cb *ax25_create_cb(void)
508 {
509 ax25_cb *ax25;
510
511 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
512 return NULL;
513
514 atomic_set(&ax25->refcount, 1);
515
516 skb_queue_head_init(&ax25->write_queue);
517 skb_queue_head_init(&ax25->frag_queue);
518 skb_queue_head_init(&ax25->ack_queue);
519 skb_queue_head_init(&ax25->reseq_queue);
520
521 ax25_setup_timers(ax25);
522
523 ax25_fillin_cb(ax25, NULL);
524
525 ax25->state = AX25_STATE_0;
526
527 return ax25;
528 }
529
530 /*
531 * Handling for system calls applied via the various interfaces to an
532 * AX25 socket object
533 */
534
ax25_setsockopt(struct socket * sock,int level,int optname,char __user * optval,unsigned int optlen)535 static int ax25_setsockopt(struct socket *sock, int level, int optname,
536 char __user *optval, unsigned int optlen)
537 {
538 struct sock *sk = sock->sk;
539 ax25_cb *ax25;
540 struct net_device *dev;
541 char devname[IFNAMSIZ];
542 unsigned long opt;
543 int res = 0;
544
545 if (level != SOL_AX25)
546 return -ENOPROTOOPT;
547
548 if (optlen < sizeof(unsigned int))
549 return -EINVAL;
550
551 if (get_user(opt, (unsigned int __user *)optval))
552 return -EFAULT;
553
554 lock_sock(sk);
555 ax25 = ax25_sk(sk);
556
557 switch (optname) {
558 case AX25_WINDOW:
559 if (ax25->modulus == AX25_MODULUS) {
560 if (opt < 1 || opt > 7) {
561 res = -EINVAL;
562 break;
563 }
564 } else {
565 if (opt < 1 || opt > 63) {
566 res = -EINVAL;
567 break;
568 }
569 }
570 ax25->window = opt;
571 break;
572
573 case AX25_T1:
574 if (opt < 1 || opt > ULONG_MAX / HZ) {
575 res = -EINVAL;
576 break;
577 }
578 ax25->rtt = (opt * HZ) >> 1;
579 ax25->t1 = opt * HZ;
580 break;
581
582 case AX25_T2:
583 if (opt < 1 || opt > ULONG_MAX / HZ) {
584 res = -EINVAL;
585 break;
586 }
587 ax25->t2 = opt * HZ;
588 break;
589
590 case AX25_N2:
591 if (opt < 1 || opt > 31) {
592 res = -EINVAL;
593 break;
594 }
595 ax25->n2 = opt;
596 break;
597
598 case AX25_T3:
599 if (opt < 1 || opt > ULONG_MAX / HZ) {
600 res = -EINVAL;
601 break;
602 }
603 ax25->t3 = opt * HZ;
604 break;
605
606 case AX25_IDLE:
607 if (opt > ULONG_MAX / (60 * HZ)) {
608 res = -EINVAL;
609 break;
610 }
611 ax25->idle = opt * 60 * HZ;
612 break;
613
614 case AX25_BACKOFF:
615 if (opt > 2) {
616 res = -EINVAL;
617 break;
618 }
619 ax25->backoff = opt;
620 break;
621
622 case AX25_EXTSEQ:
623 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
624 break;
625
626 case AX25_PIDINCL:
627 ax25->pidincl = opt ? 1 : 0;
628 break;
629
630 case AX25_IAMDIGI:
631 ax25->iamdigi = opt ? 1 : 0;
632 break;
633
634 case AX25_PACLEN:
635 if (opt < 16 || opt > 65535) {
636 res = -EINVAL;
637 break;
638 }
639 ax25->paclen = opt;
640 break;
641
642 case SO_BINDTODEVICE:
643 if (optlen > IFNAMSIZ)
644 optlen = IFNAMSIZ;
645
646 if (copy_from_user(devname, optval, optlen)) {
647 res = -EFAULT;
648 break;
649 }
650
651 if (sk->sk_type == SOCK_SEQPACKET &&
652 (sock->state != SS_UNCONNECTED ||
653 sk->sk_state == TCP_LISTEN)) {
654 res = -EADDRNOTAVAIL;
655 break;
656 }
657
658 dev = dev_get_by_name(&init_net, devname);
659 if (!dev) {
660 res = -ENODEV;
661 break;
662 }
663
664 ax25->ax25_dev = ax25_dev_ax25dev(dev);
665 ax25_fillin_cb(ax25, ax25->ax25_dev);
666 dev_put(dev);
667 break;
668
669 default:
670 res = -ENOPROTOOPT;
671 }
672 release_sock(sk);
673
674 return res;
675 }
676
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)677 static int ax25_getsockopt(struct socket *sock, int level, int optname,
678 char __user *optval, int __user *optlen)
679 {
680 struct sock *sk = sock->sk;
681 ax25_cb *ax25;
682 struct ax25_dev *ax25_dev;
683 char devname[IFNAMSIZ];
684 void *valptr;
685 int val = 0;
686 int maxlen, length;
687
688 if (level != SOL_AX25)
689 return -ENOPROTOOPT;
690
691 if (get_user(maxlen, optlen))
692 return -EFAULT;
693
694 if (maxlen < 1)
695 return -EFAULT;
696
697 valptr = (void *) &val;
698 length = min_t(unsigned int, maxlen, sizeof(int));
699
700 lock_sock(sk);
701 ax25 = ax25_sk(sk);
702
703 switch (optname) {
704 case AX25_WINDOW:
705 val = ax25->window;
706 break;
707
708 case AX25_T1:
709 val = ax25->t1 / HZ;
710 break;
711
712 case AX25_T2:
713 val = ax25->t2 / HZ;
714 break;
715
716 case AX25_N2:
717 val = ax25->n2;
718 break;
719
720 case AX25_T3:
721 val = ax25->t3 / HZ;
722 break;
723
724 case AX25_IDLE:
725 val = ax25->idle / (60 * HZ);
726 break;
727
728 case AX25_BACKOFF:
729 val = ax25->backoff;
730 break;
731
732 case AX25_EXTSEQ:
733 val = (ax25->modulus == AX25_EMODULUS);
734 break;
735
736 case AX25_PIDINCL:
737 val = ax25->pidincl;
738 break;
739
740 case AX25_IAMDIGI:
741 val = ax25->iamdigi;
742 break;
743
744 case AX25_PACLEN:
745 val = ax25->paclen;
746 break;
747
748 case SO_BINDTODEVICE:
749 ax25_dev = ax25->ax25_dev;
750
751 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
752 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
753 length = strlen(devname) + 1;
754 } else {
755 *devname = '\0';
756 length = 1;
757 }
758
759 valptr = (void *) devname;
760 break;
761
762 default:
763 release_sock(sk);
764 return -ENOPROTOOPT;
765 }
766 release_sock(sk);
767
768 if (put_user(length, optlen))
769 return -EFAULT;
770
771 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
772 }
773
ax25_listen(struct socket * sock,int backlog)774 static int ax25_listen(struct socket *sock, int backlog)
775 {
776 struct sock *sk = sock->sk;
777 int res = 0;
778
779 lock_sock(sk);
780 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
781 sk->sk_max_ack_backlog = backlog;
782 sk->sk_state = TCP_LISTEN;
783 goto out;
784 }
785 res = -EOPNOTSUPP;
786
787 out:
788 release_sock(sk);
789
790 return res;
791 }
792
793 /*
794 * XXX: when creating ax25_sock we should update the .obj_size setting
795 * below.
796 */
797 static struct proto ax25_proto = {
798 .name = "AX25",
799 .owner = THIS_MODULE,
800 .obj_size = sizeof(struct sock),
801 };
802
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)803 static int ax25_create(struct net *net, struct socket *sock, int protocol,
804 int kern)
805 {
806 struct sock *sk;
807 ax25_cb *ax25;
808
809 if (protocol < 0 || protocol > SK_PROTOCOL_MAX)
810 return -EINVAL;
811
812 if (!net_eq(net, &init_net))
813 return -EAFNOSUPPORT;
814
815 switch (sock->type) {
816 case SOCK_DGRAM:
817 if (protocol == 0 || protocol == PF_AX25)
818 protocol = AX25_P_TEXT;
819 break;
820
821 case SOCK_SEQPACKET:
822 switch (protocol) {
823 case 0:
824 case PF_AX25: /* For CLX */
825 protocol = AX25_P_TEXT;
826 break;
827 case AX25_P_SEGMENT:
828 #ifdef CONFIG_INET
829 case AX25_P_ARP:
830 case AX25_P_IP:
831 #endif
832 #ifdef CONFIG_NETROM
833 case AX25_P_NETROM:
834 #endif
835 #ifdef CONFIG_ROSE
836 case AX25_P_ROSE:
837 #endif
838 return -ESOCKTNOSUPPORT;
839 #ifdef CONFIG_NETROM_MODULE
840 case AX25_P_NETROM:
841 if (ax25_protocol_is_registered(AX25_P_NETROM))
842 return -ESOCKTNOSUPPORT;
843 break;
844 #endif
845 #ifdef CONFIG_ROSE_MODULE
846 case AX25_P_ROSE:
847 if (ax25_protocol_is_registered(AX25_P_ROSE))
848 return -ESOCKTNOSUPPORT;
849 #endif
850 default:
851 break;
852 }
853 break;
854
855 case SOCK_RAW:
856 break;
857 default:
858 return -ESOCKTNOSUPPORT;
859 }
860
861 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto);
862 if (sk == NULL)
863 return -ENOMEM;
864
865 ax25 = sk->sk_protinfo = ax25_create_cb();
866 if (!ax25) {
867 sk_free(sk);
868 return -ENOMEM;
869 }
870
871 sock_init_data(sock, sk);
872
873 sk->sk_destruct = ax25_free_sock;
874 sock->ops = &ax25_proto_ops;
875 sk->sk_protocol = protocol;
876
877 ax25->sk = sk;
878
879 return 0;
880 }
881
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)882 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
883 {
884 struct sock *sk;
885 ax25_cb *ax25, *oax25;
886
887 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot);
888 if (sk == NULL)
889 return NULL;
890
891 if ((ax25 = ax25_create_cb()) == NULL) {
892 sk_free(sk);
893 return NULL;
894 }
895
896 switch (osk->sk_type) {
897 case SOCK_DGRAM:
898 break;
899 case SOCK_SEQPACKET:
900 break;
901 default:
902 sk_free(sk);
903 ax25_cb_put(ax25);
904 return NULL;
905 }
906
907 sock_init_data(NULL, sk);
908
909 sk->sk_type = osk->sk_type;
910 sk->sk_priority = osk->sk_priority;
911 sk->sk_protocol = osk->sk_protocol;
912 sk->sk_rcvbuf = osk->sk_rcvbuf;
913 sk->sk_sndbuf = osk->sk_sndbuf;
914 sk->sk_state = TCP_ESTABLISHED;
915 sock_copy_flags(sk, osk);
916
917 oax25 = ax25_sk(osk);
918
919 ax25->modulus = oax25->modulus;
920 ax25->backoff = oax25->backoff;
921 ax25->pidincl = oax25->pidincl;
922 ax25->iamdigi = oax25->iamdigi;
923 ax25->rtt = oax25->rtt;
924 ax25->t1 = oax25->t1;
925 ax25->t2 = oax25->t2;
926 ax25->t3 = oax25->t3;
927 ax25->n2 = oax25->n2;
928 ax25->idle = oax25->idle;
929 ax25->paclen = oax25->paclen;
930 ax25->window = oax25->window;
931
932 ax25->ax25_dev = ax25_dev;
933 ax25->source_addr = oax25->source_addr;
934
935 if (oax25->digipeat != NULL) {
936 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
937 GFP_ATOMIC);
938 if (ax25->digipeat == NULL) {
939 sk_free(sk);
940 ax25_cb_put(ax25);
941 return NULL;
942 }
943 }
944
945 sk->sk_protinfo = ax25;
946 sk->sk_destruct = ax25_free_sock;
947 ax25->sk = sk;
948
949 return sk;
950 }
951
ax25_release(struct socket * sock)952 static int ax25_release(struct socket *sock)
953 {
954 struct sock *sk = sock->sk;
955 ax25_cb *ax25;
956
957 if (sk == NULL)
958 return 0;
959
960 sock_hold(sk);
961 sock_orphan(sk);
962 lock_sock(sk);
963 ax25 = ax25_sk(sk);
964
965 if (sk->sk_type == SOCK_SEQPACKET) {
966 switch (ax25->state) {
967 case AX25_STATE_0:
968 release_sock(sk);
969 ax25_disconnect(ax25, 0);
970 lock_sock(sk);
971 ax25_destroy_socket(ax25);
972 break;
973
974 case AX25_STATE_1:
975 case AX25_STATE_2:
976 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
977 release_sock(sk);
978 ax25_disconnect(ax25, 0);
979 lock_sock(sk);
980 ax25_destroy_socket(ax25);
981 break;
982
983 case AX25_STATE_3:
984 case AX25_STATE_4:
985 ax25_clear_queues(ax25);
986 ax25->n2count = 0;
987
988 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
989 case AX25_PROTO_STD_SIMPLEX:
990 case AX25_PROTO_STD_DUPLEX:
991 ax25_send_control(ax25,
992 AX25_DISC,
993 AX25_POLLON,
994 AX25_COMMAND);
995 ax25_stop_t2timer(ax25);
996 ax25_stop_t3timer(ax25);
997 ax25_stop_idletimer(ax25);
998 break;
999 #ifdef CONFIG_AX25_DAMA_SLAVE
1000 case AX25_PROTO_DAMA_SLAVE:
1001 ax25_stop_t3timer(ax25);
1002 ax25_stop_idletimer(ax25);
1003 break;
1004 #endif
1005 }
1006 ax25_calculate_t1(ax25);
1007 ax25_start_t1timer(ax25);
1008 ax25->state = AX25_STATE_2;
1009 sk->sk_state = TCP_CLOSE;
1010 sk->sk_shutdown |= SEND_SHUTDOWN;
1011 sk->sk_state_change(sk);
1012 sock_set_flag(sk, SOCK_DESTROY);
1013 break;
1014
1015 default:
1016 break;
1017 }
1018 } else {
1019 sk->sk_state = TCP_CLOSE;
1020 sk->sk_shutdown |= SEND_SHUTDOWN;
1021 sk->sk_state_change(sk);
1022 ax25_destroy_socket(ax25);
1023 }
1024
1025 sock->sk = NULL;
1026 release_sock(sk);
1027 sock_put(sk);
1028
1029 return 0;
1030 }
1031
1032 /*
1033 * We support a funny extension here so you can (as root) give any callsign
1034 * digipeated via a local address as source. This hack is obsolete now
1035 * that we've implemented support for SO_BINDTODEVICE. It is however small
1036 * and trivially backward compatible.
1037 */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1038 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1039 {
1040 struct sock *sk = sock->sk;
1041 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1042 ax25_dev *ax25_dev = NULL;
1043 ax25_uid_assoc *user;
1044 ax25_address call;
1045 ax25_cb *ax25;
1046 int err = 0;
1047
1048 if (addr_len != sizeof(struct sockaddr_ax25) &&
1049 addr_len != sizeof(struct full_sockaddr_ax25))
1050 /* support for old structure may go away some time
1051 * ax25_bind(): uses old (6 digipeater) socket structure.
1052 */
1053 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1054 (addr_len > sizeof(struct full_sockaddr_ax25)))
1055 return -EINVAL;
1056
1057 if (addr->fsa_ax25.sax25_family != AF_AX25)
1058 return -EINVAL;
1059
1060 user = ax25_findbyuid(current_euid());
1061 if (user) {
1062 call = user->call;
1063 ax25_uid_put(user);
1064 } else {
1065 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1066 return -EACCES;
1067
1068 call = addr->fsa_ax25.sax25_call;
1069 }
1070
1071 lock_sock(sk);
1072
1073 ax25 = ax25_sk(sk);
1074 if (!sock_flag(sk, SOCK_ZAPPED)) {
1075 err = -EINVAL;
1076 goto out;
1077 }
1078
1079 ax25->source_addr = call;
1080
1081 /*
1082 * User already set interface with SO_BINDTODEVICE
1083 */
1084 if (ax25->ax25_dev != NULL)
1085 goto done;
1086
1087 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1088 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1089 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1090 err = -EADDRNOTAVAIL;
1091 goto out;
1092 }
1093 } else {
1094 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1095 err = -EADDRNOTAVAIL;
1096 goto out;
1097 }
1098 }
1099
1100 if (ax25_dev != NULL)
1101 ax25_fillin_cb(ax25, ax25_dev);
1102
1103 done:
1104 ax25_cb_add(ax25);
1105 sock_reset_flag(sk, SOCK_ZAPPED);
1106
1107 out:
1108 release_sock(sk);
1109
1110 return err;
1111 }
1112
1113 /*
1114 * FIXME: nonblock behaviour looks like it may have a bug.
1115 */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1116 static int __must_check ax25_connect(struct socket *sock,
1117 struct sockaddr *uaddr, int addr_len, int flags)
1118 {
1119 struct sock *sk = sock->sk;
1120 ax25_cb *ax25 = ax25_sk(sk), *ax25t;
1121 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1122 ax25_digi *digi = NULL;
1123 int ct = 0, err = 0;
1124
1125 /*
1126 * some sanity checks. code further down depends on this
1127 */
1128
1129 if (addr_len == sizeof(struct sockaddr_ax25))
1130 /* support for this will go away in early 2.5.x
1131 * ax25_connect(): uses obsolete socket structure
1132 */
1133 ;
1134 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1135 /* support for old structure may go away some time
1136 * ax25_connect(): uses old (6 digipeater) socket structure.
1137 */
1138 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1139 (addr_len > sizeof(struct full_sockaddr_ax25)))
1140 return -EINVAL;
1141
1142
1143 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1144 return -EINVAL;
1145
1146 lock_sock(sk);
1147
1148 /* deal with restarts */
1149 if (sock->state == SS_CONNECTING) {
1150 switch (sk->sk_state) {
1151 case TCP_SYN_SENT: /* still trying */
1152 err = -EINPROGRESS;
1153 goto out_release;
1154
1155 case TCP_ESTABLISHED: /* connection established */
1156 sock->state = SS_CONNECTED;
1157 goto out_release;
1158
1159 case TCP_CLOSE: /* connection refused */
1160 sock->state = SS_UNCONNECTED;
1161 err = -ECONNREFUSED;
1162 goto out_release;
1163 }
1164 }
1165
1166 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1167 err = -EISCONN; /* No reconnect on a seqpacket socket */
1168 goto out_release;
1169 }
1170
1171 sk->sk_state = TCP_CLOSE;
1172 sock->state = SS_UNCONNECTED;
1173
1174 kfree(ax25->digipeat);
1175 ax25->digipeat = NULL;
1176
1177 /*
1178 * Handle digi-peaters to be used.
1179 */
1180 if (addr_len > sizeof(struct sockaddr_ax25) &&
1181 fsa->fsa_ax25.sax25_ndigis != 0) {
1182 /* Valid number of digipeaters ? */
1183 if (fsa->fsa_ax25.sax25_ndigis < 1 || fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS) {
1184 err = -EINVAL;
1185 goto out_release;
1186 }
1187
1188 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1189 err = -ENOBUFS;
1190 goto out_release;
1191 }
1192
1193 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1194 digi->lastrepeat = -1;
1195
1196 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1197 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1198 AX25_HBIT) && ax25->iamdigi) {
1199 digi->repeated[ct] = 1;
1200 digi->lastrepeat = ct;
1201 } else {
1202 digi->repeated[ct] = 0;
1203 }
1204 digi->calls[ct] = fsa->fsa_digipeater[ct];
1205 ct++;
1206 }
1207 }
1208
1209 /*
1210 * Must bind first - autobinding in this may or may not work. If
1211 * the socket is already bound, check to see if the device has
1212 * been filled in, error if it hasn't.
1213 */
1214 if (sock_flag(sk, SOCK_ZAPPED)) {
1215 /* check if we can remove this feature. It is broken. */
1216 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1217 current->comm);
1218 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1219 kfree(digi);
1220 goto out_release;
1221 }
1222
1223 ax25_fillin_cb(ax25, ax25->ax25_dev);
1224 ax25_cb_add(ax25);
1225 } else {
1226 if (ax25->ax25_dev == NULL) {
1227 kfree(digi);
1228 err = -EHOSTUNREACH;
1229 goto out_release;
1230 }
1231 }
1232
1233 if (sk->sk_type == SOCK_SEQPACKET &&
1234 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1235 ax25->ax25_dev->dev))) {
1236 kfree(digi);
1237 err = -EADDRINUSE; /* Already such a connection */
1238 ax25_cb_put(ax25t);
1239 goto out_release;
1240 }
1241
1242 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1243 ax25->digipeat = digi;
1244
1245 /* First the easy one */
1246 if (sk->sk_type != SOCK_SEQPACKET) {
1247 sock->state = SS_CONNECTED;
1248 sk->sk_state = TCP_ESTABLISHED;
1249 goto out_release;
1250 }
1251
1252 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1253 sock->state = SS_CONNECTING;
1254 sk->sk_state = TCP_SYN_SENT;
1255
1256 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1257 case AX25_PROTO_STD_SIMPLEX:
1258 case AX25_PROTO_STD_DUPLEX:
1259 ax25_std_establish_data_link(ax25);
1260 break;
1261
1262 #ifdef CONFIG_AX25_DAMA_SLAVE
1263 case AX25_PROTO_DAMA_SLAVE:
1264 ax25->modulus = AX25_MODULUS;
1265 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1266 if (ax25->ax25_dev->dama.slave)
1267 ax25_ds_establish_data_link(ax25);
1268 else
1269 ax25_std_establish_data_link(ax25);
1270 break;
1271 #endif
1272 }
1273
1274 ax25->state = AX25_STATE_1;
1275
1276 ax25_start_heartbeat(ax25);
1277
1278 /* Now the loop */
1279 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1280 err = -EINPROGRESS;
1281 goto out_release;
1282 }
1283
1284 if (sk->sk_state == TCP_SYN_SENT) {
1285 DEFINE_WAIT(wait);
1286
1287 for (;;) {
1288 prepare_to_wait(sk_sleep(sk), &wait,
1289 TASK_INTERRUPTIBLE);
1290 if (sk->sk_state != TCP_SYN_SENT)
1291 break;
1292 if (!signal_pending(current)) {
1293 release_sock(sk);
1294 schedule();
1295 lock_sock(sk);
1296 continue;
1297 }
1298 err = -ERESTARTSYS;
1299 break;
1300 }
1301 finish_wait(sk_sleep(sk), &wait);
1302
1303 if (err)
1304 goto out_release;
1305 }
1306
1307 if (sk->sk_state != TCP_ESTABLISHED) {
1308 /* Not in ABM, not in WAIT_UA -> failed */
1309 sock->state = SS_UNCONNECTED;
1310 err = sock_error(sk); /* Always set at this point */
1311 goto out_release;
1312 }
1313
1314 sock->state = SS_CONNECTED;
1315
1316 err = 0;
1317 out_release:
1318 release_sock(sk);
1319
1320 return err;
1321 }
1322
ax25_accept(struct socket * sock,struct socket * newsock,int flags)1323 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags)
1324 {
1325 struct sk_buff *skb;
1326 struct sock *newsk;
1327 DEFINE_WAIT(wait);
1328 struct sock *sk;
1329 int err = 0;
1330
1331 if (sock->state != SS_UNCONNECTED)
1332 return -EINVAL;
1333
1334 if ((sk = sock->sk) == NULL)
1335 return -EINVAL;
1336
1337 lock_sock(sk);
1338 if (sk->sk_type != SOCK_SEQPACKET) {
1339 err = -EOPNOTSUPP;
1340 goto out;
1341 }
1342
1343 if (sk->sk_state != TCP_LISTEN) {
1344 err = -EINVAL;
1345 goto out;
1346 }
1347
1348 /*
1349 * The read queue this time is holding sockets ready to use
1350 * hooked into the SABM we saved
1351 */
1352 for (;;) {
1353 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1354 skb = skb_dequeue(&sk->sk_receive_queue);
1355 if (skb)
1356 break;
1357
1358 if (flags & O_NONBLOCK) {
1359 err = -EWOULDBLOCK;
1360 break;
1361 }
1362 if (!signal_pending(current)) {
1363 release_sock(sk);
1364 schedule();
1365 lock_sock(sk);
1366 continue;
1367 }
1368 err = -ERESTARTSYS;
1369 break;
1370 }
1371 finish_wait(sk_sleep(sk), &wait);
1372
1373 if (err)
1374 goto out;
1375
1376 newsk = skb->sk;
1377 sock_graft(newsk, newsock);
1378
1379 /* Now attach up the new socket */
1380 kfree_skb(skb);
1381 sk->sk_ack_backlog--;
1382 newsock->state = SS_CONNECTED;
1383
1384 out:
1385 release_sock(sk);
1386
1387 return err;
1388 }
1389
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int * uaddr_len,int peer)1390 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1391 int *uaddr_len, int peer)
1392 {
1393 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1394 struct sock *sk = sock->sk;
1395 unsigned char ndigi, i;
1396 ax25_cb *ax25;
1397 int err = 0;
1398
1399 memset(fsa, 0, sizeof(*fsa));
1400 lock_sock(sk);
1401 ax25 = ax25_sk(sk);
1402
1403 if (peer != 0) {
1404 if (sk->sk_state != TCP_ESTABLISHED) {
1405 err = -ENOTCONN;
1406 goto out;
1407 }
1408
1409 fsa->fsa_ax25.sax25_family = AF_AX25;
1410 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1411
1412 if (ax25->digipeat != NULL) {
1413 ndigi = ax25->digipeat->ndigi;
1414 fsa->fsa_ax25.sax25_ndigis = ndigi;
1415 for (i = 0; i < ndigi; i++)
1416 fsa->fsa_digipeater[i] =
1417 ax25->digipeat->calls[i];
1418 }
1419 } else {
1420 fsa->fsa_ax25.sax25_family = AF_AX25;
1421 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1422 fsa->fsa_ax25.sax25_ndigis = 1;
1423 if (ax25->ax25_dev != NULL) {
1424 memcpy(&fsa->fsa_digipeater[0],
1425 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1426 } else {
1427 fsa->fsa_digipeater[0] = null_ax25_address;
1428 }
1429 }
1430 *uaddr_len = sizeof (struct full_sockaddr_ax25);
1431
1432 out:
1433 release_sock(sk);
1434
1435 return err;
1436 }
1437
ax25_sendmsg(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t len)1438 static int ax25_sendmsg(struct kiocb *iocb, struct socket *sock,
1439 struct msghdr *msg, size_t len)
1440 {
1441 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1442 struct sock *sk = sock->sk;
1443 struct sockaddr_ax25 sax;
1444 struct sk_buff *skb;
1445 ax25_digi dtmp, *dp;
1446 ax25_cb *ax25;
1447 size_t size;
1448 int lv, err, addr_len = msg->msg_namelen;
1449
1450 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1451 return -EINVAL;
1452
1453 lock_sock(sk);
1454 ax25 = ax25_sk(sk);
1455
1456 if (sock_flag(sk, SOCK_ZAPPED)) {
1457 err = -EADDRNOTAVAIL;
1458 goto out;
1459 }
1460
1461 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1462 send_sig(SIGPIPE, current, 0);
1463 err = -EPIPE;
1464 goto out;
1465 }
1466
1467 if (ax25->ax25_dev == NULL) {
1468 err = -ENETUNREACH;
1469 goto out;
1470 }
1471
1472 if (len > ax25->ax25_dev->dev->mtu) {
1473 err = -EMSGSIZE;
1474 goto out;
1475 }
1476
1477 if (usax != NULL) {
1478 if (usax->sax25_family != AF_AX25) {
1479 err = -EINVAL;
1480 goto out;
1481 }
1482
1483 if (addr_len == sizeof(struct sockaddr_ax25))
1484 /* ax25_sendmsg(): uses obsolete socket structure */
1485 ;
1486 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1487 /* support for old structure may go away some time
1488 * ax25_sendmsg(): uses old (6 digipeater)
1489 * socket structure.
1490 */
1491 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1492 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1493 err = -EINVAL;
1494 goto out;
1495 }
1496
1497
1498 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1499 int ct = 0;
1500 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1501
1502 /* Valid number of digipeaters ? */
1503 if (usax->sax25_ndigis < 1 || usax->sax25_ndigis > AX25_MAX_DIGIS) {
1504 err = -EINVAL;
1505 goto out;
1506 }
1507
1508 dtmp.ndigi = usax->sax25_ndigis;
1509
1510 while (ct < usax->sax25_ndigis) {
1511 dtmp.repeated[ct] = 0;
1512 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1513 ct++;
1514 }
1515
1516 dtmp.lastrepeat = 0;
1517 }
1518
1519 sax = *usax;
1520 if (sk->sk_type == SOCK_SEQPACKET &&
1521 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1522 err = -EISCONN;
1523 goto out;
1524 }
1525 if (usax->sax25_ndigis == 0)
1526 dp = NULL;
1527 else
1528 dp = &dtmp;
1529 } else {
1530 /*
1531 * FIXME: 1003.1g - if the socket is like this because
1532 * it has become closed (not started closed) and is VC
1533 * we ought to SIGPIPE, EPIPE
1534 */
1535 if (sk->sk_state != TCP_ESTABLISHED) {
1536 err = -ENOTCONN;
1537 goto out;
1538 }
1539 sax.sax25_family = AF_AX25;
1540 sax.sax25_call = ax25->dest_addr;
1541 dp = ax25->digipeat;
1542 }
1543
1544 /* Build a packet */
1545 /* Assume the worst case */
1546 size = len + ax25->ax25_dev->dev->hard_header_len;
1547
1548 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1549 if (skb == NULL)
1550 goto out;
1551
1552 skb_reserve(skb, size - len);
1553
1554 /* User data follows immediately after the AX.25 data */
1555 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
1556 err = -EFAULT;
1557 kfree_skb(skb);
1558 goto out;
1559 }
1560
1561 skb_reset_network_header(skb);
1562
1563 /* Add the PID if one is not supplied by the user in the skb */
1564 if (!ax25->pidincl)
1565 *skb_push(skb, 1) = sk->sk_protocol;
1566
1567 if (sk->sk_type == SOCK_SEQPACKET) {
1568 /* Connected mode sockets go via the LAPB machine */
1569 if (sk->sk_state != TCP_ESTABLISHED) {
1570 kfree_skb(skb);
1571 err = -ENOTCONN;
1572 goto out;
1573 }
1574
1575 /* Shove it onto the queue and kick */
1576 ax25_output(ax25, ax25->paclen, skb);
1577
1578 err = len;
1579 goto out;
1580 }
1581
1582 skb_push(skb, 1 + ax25_addr_size(dp));
1583
1584 /* Building AX.25 Header */
1585
1586 /* Build an AX.25 header */
1587 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1588 dp, AX25_COMMAND, AX25_MODULUS);
1589
1590 skb_set_transport_header(skb, lv);
1591
1592 *skb_transport_header(skb) = AX25_UI;
1593
1594 /* Datagram frames go straight out of the door as UI */
1595 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1596
1597 err = len;
1598
1599 out:
1600 release_sock(sk);
1601
1602 return err;
1603 }
1604
ax25_recvmsg(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t size,int flags)1605 static int ax25_recvmsg(struct kiocb *iocb, struct socket *sock,
1606 struct msghdr *msg, size_t size, int flags)
1607 {
1608 struct sock *sk = sock->sk;
1609 struct sk_buff *skb;
1610 int copied;
1611 int err = 0;
1612
1613 lock_sock(sk);
1614 /*
1615 * This works for seqpacket too. The receiver has ordered the
1616 * queue for us! We do one quick check first though
1617 */
1618 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1619 err = -ENOTCONN;
1620 goto out;
1621 }
1622
1623 /* Now we can treat all alike */
1624 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1625 flags & MSG_DONTWAIT, &err);
1626 if (skb == NULL)
1627 goto out;
1628
1629 if (!ax25_sk(sk)->pidincl)
1630 skb_pull(skb, 1); /* Remove PID */
1631
1632 skb_reset_transport_header(skb);
1633 copied = skb->len;
1634
1635 if (copied > size) {
1636 copied = size;
1637 msg->msg_flags |= MSG_TRUNC;
1638 }
1639
1640 skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1641
1642 if (msg->msg_name) {
1643 ax25_digi digi;
1644 ax25_address src;
1645 const unsigned char *mac = skb_mac_header(skb);
1646 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1647
1648 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1649 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1650 &digi, NULL, NULL);
1651 sax->sax25_family = AF_AX25;
1652 /* We set this correctly, even though we may not let the
1653 application know the digi calls further down (because it
1654 did NOT ask to know them). This could get political... **/
1655 sax->sax25_ndigis = digi.ndigi;
1656 sax->sax25_call = src;
1657
1658 if (sax->sax25_ndigis != 0) {
1659 int ct;
1660 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1661
1662 for (ct = 0; ct < digi.ndigi; ct++)
1663 fsa->fsa_digipeater[ct] = digi.calls[ct];
1664 }
1665 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1666 }
1667
1668 skb_free_datagram(sk, skb);
1669 err = copied;
1670
1671 out:
1672 release_sock(sk);
1673
1674 return err;
1675 }
1676
ax25_shutdown(struct socket * sk,int how)1677 static int ax25_shutdown(struct socket *sk, int how)
1678 {
1679 /* FIXME - generate DM and RNR states */
1680 return -EOPNOTSUPP;
1681 }
1682
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1683 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1684 {
1685 struct sock *sk = sock->sk;
1686 void __user *argp = (void __user *)arg;
1687 int res = 0;
1688
1689 lock_sock(sk);
1690 switch (cmd) {
1691 case TIOCOUTQ: {
1692 long amount;
1693
1694 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1695 if (amount < 0)
1696 amount = 0;
1697 res = put_user(amount, (int __user *)argp);
1698 break;
1699 }
1700
1701 case TIOCINQ: {
1702 struct sk_buff *skb;
1703 long amount = 0L;
1704 /* These two are safe on a single CPU system as only user tasks fiddle here */
1705 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1706 amount = skb->len;
1707 res = put_user(amount, (int __user *) argp);
1708 break;
1709 }
1710
1711 case SIOCGSTAMP:
1712 res = sock_get_timestamp(sk, argp);
1713 break;
1714
1715 case SIOCGSTAMPNS:
1716 res = sock_get_timestampns(sk, argp);
1717 break;
1718
1719 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1720 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1721 case SIOCAX25GETUID: {
1722 struct sockaddr_ax25 sax25;
1723 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1724 res = -EFAULT;
1725 break;
1726 }
1727 res = ax25_uid_ioctl(cmd, &sax25);
1728 break;
1729 }
1730
1731 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1732 long amount;
1733 if (!capable(CAP_NET_ADMIN)) {
1734 res = -EPERM;
1735 break;
1736 }
1737 if (get_user(amount, (long __user *)argp)) {
1738 res = -EFAULT;
1739 break;
1740 }
1741 if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1742 res = -EINVAL;
1743 break;
1744 }
1745 ax25_uid_policy = amount;
1746 res = 0;
1747 break;
1748 }
1749
1750 case SIOCADDRT:
1751 case SIOCDELRT:
1752 case SIOCAX25OPTRT:
1753 if (!capable(CAP_NET_ADMIN)) {
1754 res = -EPERM;
1755 break;
1756 }
1757 res = ax25_rt_ioctl(cmd, argp);
1758 break;
1759
1760 case SIOCAX25CTLCON:
1761 if (!capable(CAP_NET_ADMIN)) {
1762 res = -EPERM;
1763 break;
1764 }
1765 res = ax25_ctl_ioctl(cmd, argp);
1766 break;
1767
1768 case SIOCAX25GETINFO:
1769 case SIOCAX25GETINFOOLD: {
1770 ax25_cb *ax25 = ax25_sk(sk);
1771 struct ax25_info_struct ax25_info;
1772
1773 ax25_info.t1 = ax25->t1 / HZ;
1774 ax25_info.t2 = ax25->t2 / HZ;
1775 ax25_info.t3 = ax25->t3 / HZ;
1776 ax25_info.idle = ax25->idle / (60 * HZ);
1777 ax25_info.n2 = ax25->n2;
1778 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1779 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1780 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1781 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1782 ax25_info.n2count = ax25->n2count;
1783 ax25_info.state = ax25->state;
1784 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1785 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1786 ax25_info.vs = ax25->vs;
1787 ax25_info.vr = ax25->vr;
1788 ax25_info.va = ax25->va;
1789 ax25_info.vs_max = ax25->vs; /* reserved */
1790 ax25_info.paclen = ax25->paclen;
1791 ax25_info.window = ax25->window;
1792
1793 /* old structure? */
1794 if (cmd == SIOCAX25GETINFOOLD) {
1795 static int warned = 0;
1796 if (!warned) {
1797 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1798 current->comm);
1799 warned=1;
1800 }
1801
1802 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1803 res = -EFAULT;
1804 break;
1805 }
1806 } else {
1807 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1808 res = -EINVAL;
1809 break;
1810 }
1811 }
1812 res = 0;
1813 break;
1814 }
1815
1816 case SIOCAX25ADDFWD:
1817 case SIOCAX25DELFWD: {
1818 struct ax25_fwd_struct ax25_fwd;
1819 if (!capable(CAP_NET_ADMIN)) {
1820 res = -EPERM;
1821 break;
1822 }
1823 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1824 res = -EFAULT;
1825 break;
1826 }
1827 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1828 break;
1829 }
1830
1831 case SIOCGIFADDR:
1832 case SIOCSIFADDR:
1833 case SIOCGIFDSTADDR:
1834 case SIOCSIFDSTADDR:
1835 case SIOCGIFBRDADDR:
1836 case SIOCSIFBRDADDR:
1837 case SIOCGIFNETMASK:
1838 case SIOCSIFNETMASK:
1839 case SIOCGIFMETRIC:
1840 case SIOCSIFMETRIC:
1841 res = -EINVAL;
1842 break;
1843
1844 default:
1845 res = -ENOIOCTLCMD;
1846 break;
1847 }
1848 release_sock(sk);
1849
1850 return res;
1851 }
1852
1853 #ifdef CONFIG_PROC_FS
1854
ax25_info_start(struct seq_file * seq,loff_t * pos)1855 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1856 __acquires(ax25_list_lock)
1857 {
1858 spin_lock_bh(&ax25_list_lock);
1859 return seq_hlist_start(&ax25_list, *pos);
1860 }
1861
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1862 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1863 {
1864 return seq_hlist_next(v, &ax25_list, pos);
1865 }
1866
ax25_info_stop(struct seq_file * seq,void * v)1867 static void ax25_info_stop(struct seq_file *seq, void *v)
1868 __releases(ax25_list_lock)
1869 {
1870 spin_unlock_bh(&ax25_list_lock);
1871 }
1872
ax25_info_show(struct seq_file * seq,void * v)1873 static int ax25_info_show(struct seq_file *seq, void *v)
1874 {
1875 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1876 char buf[11];
1877 int k;
1878
1879
1880 /*
1881 * New format:
1882 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1883 */
1884
1885 seq_printf(seq, "%8.8lx %s %s%s ",
1886 (long) ax25,
1887 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1888 ax2asc(buf, &ax25->source_addr),
1889 ax25->iamdigi? "*":"");
1890 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1891
1892 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1893 seq_printf(seq, ",%s%s",
1894 ax2asc(buf, &ax25->digipeat->calls[k]),
1895 ax25->digipeat->repeated[k]? "*":"");
1896 }
1897
1898 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1899 ax25->state,
1900 ax25->vs, ax25->vr, ax25->va,
1901 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1902 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1903 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1904 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1905 ax25->idle / (60 * HZ),
1906 ax25->n2count, ax25->n2,
1907 ax25->rtt / HZ,
1908 ax25->window,
1909 ax25->paclen);
1910
1911 if (ax25->sk != NULL) {
1912 seq_printf(seq, " %d %d %lu\n",
1913 sk_wmem_alloc_get(ax25->sk),
1914 sk_rmem_alloc_get(ax25->sk),
1915 sock_i_ino(ax25->sk));
1916 } else {
1917 seq_puts(seq, " * * *\n");
1918 }
1919 return 0;
1920 }
1921
1922 static const struct seq_operations ax25_info_seqops = {
1923 .start = ax25_info_start,
1924 .next = ax25_info_next,
1925 .stop = ax25_info_stop,
1926 .show = ax25_info_show,
1927 };
1928
ax25_info_open(struct inode * inode,struct file * file)1929 static int ax25_info_open(struct inode *inode, struct file *file)
1930 {
1931 return seq_open(file, &ax25_info_seqops);
1932 }
1933
1934 static const struct file_operations ax25_info_fops = {
1935 .owner = THIS_MODULE,
1936 .open = ax25_info_open,
1937 .read = seq_read,
1938 .llseek = seq_lseek,
1939 .release = seq_release,
1940 };
1941
1942 #endif
1943
1944 static const struct net_proto_family ax25_family_ops = {
1945 .family = PF_AX25,
1946 .create = ax25_create,
1947 .owner = THIS_MODULE,
1948 };
1949
1950 static const struct proto_ops ax25_proto_ops = {
1951 .family = PF_AX25,
1952 .owner = THIS_MODULE,
1953 .release = ax25_release,
1954 .bind = ax25_bind,
1955 .connect = ax25_connect,
1956 .socketpair = sock_no_socketpair,
1957 .accept = ax25_accept,
1958 .getname = ax25_getname,
1959 .poll = datagram_poll,
1960 .ioctl = ax25_ioctl,
1961 .listen = ax25_listen,
1962 .shutdown = ax25_shutdown,
1963 .setsockopt = ax25_setsockopt,
1964 .getsockopt = ax25_getsockopt,
1965 .sendmsg = ax25_sendmsg,
1966 .recvmsg = ax25_recvmsg,
1967 .mmap = sock_no_mmap,
1968 .sendpage = sock_no_sendpage,
1969 };
1970
1971 /*
1972 * Called by socket.c on kernel start up
1973 */
1974 static struct packet_type ax25_packet_type __read_mostly = {
1975 .type = cpu_to_be16(ETH_P_AX25),
1976 .func = ax25_kiss_rcv,
1977 };
1978
1979 static struct notifier_block ax25_dev_notifier = {
1980 .notifier_call = ax25_device_event,
1981 };
1982
ax25_init(void)1983 static int __init ax25_init(void)
1984 {
1985 int rc = proto_register(&ax25_proto, 0);
1986
1987 if (rc != 0)
1988 goto out;
1989
1990 sock_register(&ax25_family_ops);
1991 dev_add_pack(&ax25_packet_type);
1992 register_netdevice_notifier(&ax25_dev_notifier);
1993
1994 proc_create("ax25_route", S_IRUGO, init_net.proc_net,
1995 &ax25_route_fops);
1996 proc_create("ax25", S_IRUGO, init_net.proc_net, &ax25_info_fops);
1997 proc_create("ax25_calls", S_IRUGO, init_net.proc_net, &ax25_uid_fops);
1998 out:
1999 return rc;
2000 }
2001 module_init(ax25_init);
2002
2003
2004 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2005 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2006 MODULE_LICENSE("GPL");
2007 MODULE_ALIAS_NETPROTO(PF_AX25);
2008
ax25_exit(void)2009 static void __exit ax25_exit(void)
2010 {
2011 remove_proc_entry("ax25_route", init_net.proc_net);
2012 remove_proc_entry("ax25", init_net.proc_net);
2013 remove_proc_entry("ax25_calls", init_net.proc_net);
2014
2015 unregister_netdevice_notifier(&ax25_dev_notifier);
2016
2017 dev_remove_pack(&ax25_packet_type);
2018
2019 sock_unregister(PF_AX25);
2020 proto_unregister(&ax25_proto);
2021
2022 ax25_rt_free();
2023 ax25_uid_free();
2024 ax25_dev_free();
2025 }
2026 module_exit(ax25_exit);
2027