1 /*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
10 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
11 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
12 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
13 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
14 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
15 */
16 #include <linux/capability.h>
17 #include <linux/module.h>
18 #include <linux/errno.h>
19 #include <linux/types.h>
20 #include <linux/socket.h>
21 #include <linux/in.h>
22 #include <linux/kernel.h>
23 #include <linux/sched/signal.h>
24 #include <linux/timer.h>
25 #include <linux/string.h>
26 #include <linux/sockios.h>
27 #include <linux/net.h>
28 #include <linux/slab.h>
29 #include <net/ax25.h>
30 #include <linux/inet.h>
31 #include <linux/netdevice.h>
32 #include <linux/if_arp.h>
33 #include <linux/skbuff.h>
34 #include <net/sock.h>
35 #include <linux/uaccess.h>
36 #include <linux/fcntl.h>
37 #include <linux/termios.h> /* For TIOCINQ/OUTQ */
38 #include <linux/mm.h>
39 #include <linux/interrupt.h>
40 #include <linux/notifier.h>
41 #include <linux/proc_fs.h>
42 #include <linux/stat.h>
43 #include <linux/sysctl.h>
44 #include <linux/init.h>
45 #include <linux/spinlock.h>
46 #include <net/net_namespace.h>
47 #include <net/tcp_states.h>
48 #include <net/ip.h>
49 #include <net/arp.h>
50
51
52
53 HLIST_HEAD(ax25_list);
54 DEFINE_SPINLOCK(ax25_list_lock);
55
56 static const struct proto_ops ax25_proto_ops;
57
ax25_free_sock(struct sock * sk)58 static void ax25_free_sock(struct sock *sk)
59 {
60 ax25_cb_put(sk_to_ax25(sk));
61 }
62
63 /*
64 * Socket removal during an interrupt is now safe.
65 */
ax25_cb_del(ax25_cb * ax25)66 static void ax25_cb_del(ax25_cb *ax25)
67 {
68 if (!hlist_unhashed(&ax25->ax25_node)) {
69 spin_lock_bh(&ax25_list_lock);
70 hlist_del_init(&ax25->ax25_node);
71 spin_unlock_bh(&ax25_list_lock);
72 ax25_cb_put(ax25);
73 }
74 }
75
76 /*
77 * Kill all bound sockets on a dropped device.
78 */
ax25_kill_by_device(struct net_device * dev)79 static void ax25_kill_by_device(struct net_device *dev)
80 {
81 ax25_dev *ax25_dev;
82 ax25_cb *s;
83
84 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
85 return;
86
87 spin_lock_bh(&ax25_list_lock);
88 again:
89 ax25_for_each(s, &ax25_list) {
90 if (s->ax25_dev == ax25_dev) {
91 s->ax25_dev = NULL;
92 spin_unlock_bh(&ax25_list_lock);
93 ax25_disconnect(s, ENETUNREACH);
94 spin_lock_bh(&ax25_list_lock);
95
96 /* The entry could have been deleted from the
97 * list meanwhile and thus the next pointer is
98 * no longer valid. Play it safe and restart
99 * the scan. Forward progress is ensured
100 * because we set s->ax25_dev to NULL and we
101 * are never passed a NULL 'dev' argument.
102 */
103 goto again;
104 }
105 }
106 spin_unlock_bh(&ax25_list_lock);
107 }
108
109 /*
110 * Handle device status changes.
111 */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)112 static int ax25_device_event(struct notifier_block *this, unsigned long event,
113 void *ptr)
114 {
115 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
116
117 if (!net_eq(dev_net(dev), &init_net))
118 return NOTIFY_DONE;
119
120 /* Reject non AX.25 devices */
121 if (dev->type != ARPHRD_AX25)
122 return NOTIFY_DONE;
123
124 switch (event) {
125 case NETDEV_UP:
126 ax25_dev_device_up(dev);
127 break;
128 case NETDEV_DOWN:
129 ax25_kill_by_device(dev);
130 ax25_rt_device_down(dev);
131 ax25_dev_device_down(dev);
132 break;
133 default:
134 break;
135 }
136
137 return NOTIFY_DONE;
138 }
139
140 /*
141 * Add a socket to the bound sockets list.
142 */
ax25_cb_add(ax25_cb * ax25)143 void ax25_cb_add(ax25_cb *ax25)
144 {
145 spin_lock_bh(&ax25_list_lock);
146 ax25_cb_hold(ax25);
147 hlist_add_head(&ax25->ax25_node, &ax25_list);
148 spin_unlock_bh(&ax25_list_lock);
149 }
150
151 /*
152 * Find a socket that wants to accept the SABM we have just
153 * received.
154 */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)155 struct sock *ax25_find_listener(ax25_address *addr, int digi,
156 struct net_device *dev, int type)
157 {
158 ax25_cb *s;
159
160 spin_lock(&ax25_list_lock);
161 ax25_for_each(s, &ax25_list) {
162 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
163 continue;
164 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
165 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
166 /* If device is null we match any device */
167 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
168 sock_hold(s->sk);
169 spin_unlock(&ax25_list_lock);
170 return s->sk;
171 }
172 }
173 }
174 spin_unlock(&ax25_list_lock);
175
176 return NULL;
177 }
178
179 /*
180 * Find an AX.25 socket given both ends.
181 */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)182 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
183 int type)
184 {
185 struct sock *sk = NULL;
186 ax25_cb *s;
187
188 spin_lock(&ax25_list_lock);
189 ax25_for_each(s, &ax25_list) {
190 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
191 !ax25cmp(&s->dest_addr, dest_addr) &&
192 s->sk->sk_type == type) {
193 sk = s->sk;
194 sock_hold(sk);
195 break;
196 }
197 }
198
199 spin_unlock(&ax25_list_lock);
200
201 return sk;
202 }
203
204 /*
205 * Find an AX.25 control block given both ends. It will only pick up
206 * floating AX.25 control blocks or non Raw socket bound control blocks.
207 */
ax25_find_cb(ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)208 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
209 ax25_digi *digi, struct net_device *dev)
210 {
211 ax25_cb *s;
212
213 spin_lock_bh(&ax25_list_lock);
214 ax25_for_each(s, &ax25_list) {
215 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
216 continue;
217 if (s->ax25_dev == NULL)
218 continue;
219 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
220 if (digi != NULL && digi->ndigi != 0) {
221 if (s->digipeat == NULL)
222 continue;
223 if (ax25digicmp(s->digipeat, digi) != 0)
224 continue;
225 } else {
226 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
227 continue;
228 }
229 ax25_cb_hold(s);
230 spin_unlock_bh(&ax25_list_lock);
231
232 return s;
233 }
234 }
235 spin_unlock_bh(&ax25_list_lock);
236
237 return NULL;
238 }
239
240 EXPORT_SYMBOL(ax25_find_cb);
241
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)242 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
243 {
244 ax25_cb *s;
245 struct sk_buff *copy;
246
247 spin_lock(&ax25_list_lock);
248 ax25_for_each(s, &ax25_list) {
249 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
250 s->sk->sk_type == SOCK_RAW &&
251 s->sk->sk_protocol == proto &&
252 s->ax25_dev->dev == skb->dev &&
253 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
254 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
255 continue;
256 if (sock_queue_rcv_skb(s->sk, copy) != 0)
257 kfree_skb(copy);
258 }
259 }
260 spin_unlock(&ax25_list_lock);
261 }
262
263 /*
264 * Deferred destroy.
265 */
266 void ax25_destroy_socket(ax25_cb *);
267
268 /*
269 * Handler for deferred kills.
270 */
ax25_destroy_timer(unsigned long data)271 static void ax25_destroy_timer(unsigned long data)
272 {
273 ax25_cb *ax25=(ax25_cb *)data;
274 struct sock *sk;
275
276 sk=ax25->sk;
277
278 bh_lock_sock(sk);
279 sock_hold(sk);
280 ax25_destroy_socket(ax25);
281 bh_unlock_sock(sk);
282 sock_put(sk);
283 }
284
285 /*
286 * This is called from user mode and the timers. Thus it protects itself
287 * against interrupt users but doesn't worry about being called during
288 * work. Once it is removed from the queue no interrupt or bottom half
289 * will touch it and we are (fairly 8-) ) safe.
290 */
ax25_destroy_socket(ax25_cb * ax25)291 void ax25_destroy_socket(ax25_cb *ax25)
292 {
293 struct sk_buff *skb;
294
295 ax25_cb_del(ax25);
296
297 ax25_stop_heartbeat(ax25);
298 ax25_stop_t1timer(ax25);
299 ax25_stop_t2timer(ax25);
300 ax25_stop_t3timer(ax25);
301 ax25_stop_idletimer(ax25);
302
303 ax25_clear_queues(ax25); /* Flush the queues */
304
305 if (ax25->sk != NULL) {
306 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
307 if (skb->sk != ax25->sk) {
308 /* A pending connection */
309 ax25_cb *sax25 = sk_to_ax25(skb->sk);
310
311 /* Queue the unaccepted socket for death */
312 sock_orphan(skb->sk);
313
314 /* 9A4GL: hack to release unaccepted sockets */
315 skb->sk->sk_state = TCP_LISTEN;
316
317 ax25_start_heartbeat(sax25);
318 sax25->state = AX25_STATE_0;
319 }
320
321 kfree_skb(skb);
322 }
323 skb_queue_purge(&ax25->sk->sk_write_queue);
324 }
325
326 if (ax25->sk != NULL) {
327 if (sk_has_allocations(ax25->sk)) {
328 /* Defer: outstanding buffers */
329 setup_timer(&ax25->dtimer, ax25_destroy_timer,
330 (unsigned long)ax25);
331 ax25->dtimer.expires = jiffies + 2 * HZ;
332 add_timer(&ax25->dtimer);
333 } else {
334 struct sock *sk=ax25->sk;
335 ax25->sk=NULL;
336 sock_put(sk);
337 }
338 } else {
339 ax25_cb_put(ax25);
340 }
341 }
342
343 /*
344 * dl1bke 960311: set parameters for existing AX.25 connections,
345 * includes a KILL command to abort any connection.
346 * VERY useful for debugging ;-)
347 */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)348 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
349 {
350 struct ax25_ctl_struct ax25_ctl;
351 ax25_digi digi;
352 ax25_dev *ax25_dev;
353 ax25_cb *ax25;
354 unsigned int k;
355 int ret = 0;
356
357 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
358 return -EFAULT;
359
360 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
361 return -ENODEV;
362
363 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
364 return -EINVAL;
365
366 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
367 return -EINVAL;
368
369 digi.ndigi = ax25_ctl.digi_count;
370 for (k = 0; k < digi.ndigi; k++)
371 digi.calls[k] = ax25_ctl.digi_addr[k];
372
373 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
374 return -ENOTCONN;
375
376 switch (ax25_ctl.cmd) {
377 case AX25_KILL:
378 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
379 #ifdef CONFIG_AX25_DAMA_SLAVE
380 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
381 ax25_dama_off(ax25);
382 #endif
383 ax25_disconnect(ax25, ENETRESET);
384 break;
385
386 case AX25_WINDOW:
387 if (ax25->modulus == AX25_MODULUS) {
388 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
389 goto einval_put;
390 } else {
391 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
392 goto einval_put;
393 }
394 ax25->window = ax25_ctl.arg;
395 break;
396
397 case AX25_T1:
398 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
399 goto einval_put;
400 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
401 ax25->t1 = ax25_ctl.arg * HZ;
402 break;
403
404 case AX25_T2:
405 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
406 goto einval_put;
407 ax25->t2 = ax25_ctl.arg * HZ;
408 break;
409
410 case AX25_N2:
411 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
412 goto einval_put;
413 ax25->n2count = 0;
414 ax25->n2 = ax25_ctl.arg;
415 break;
416
417 case AX25_T3:
418 if (ax25_ctl.arg > ULONG_MAX / HZ)
419 goto einval_put;
420 ax25->t3 = ax25_ctl.arg * HZ;
421 break;
422
423 case AX25_IDLE:
424 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
425 goto einval_put;
426
427 ax25->idle = ax25_ctl.arg * 60 * HZ;
428 break;
429
430 case AX25_PACLEN:
431 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
432 goto einval_put;
433 ax25->paclen = ax25_ctl.arg;
434 break;
435
436 default:
437 goto einval_put;
438 }
439
440 out_put:
441 ax25_cb_put(ax25);
442 return ret;
443
444 einval_put:
445 ret = -EINVAL;
446 goto out_put;
447 }
448
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)449 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
450 {
451 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
452 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
453 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
454 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
455 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
456 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
457 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
458 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
459
460 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
461 ax25->modulus = AX25_EMODULUS;
462 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
463 } else {
464 ax25->modulus = AX25_MODULUS;
465 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
466 }
467 }
468
469 /*
470 * Fill in a created AX.25 created control block with the default
471 * values for a particular device.
472 */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)473 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
474 {
475 ax25->ax25_dev = ax25_dev;
476
477 if (ax25->ax25_dev != NULL) {
478 ax25_fillin_cb_from_dev(ax25, ax25_dev);
479 return;
480 }
481
482 /*
483 * No device, use kernel / AX.25 spec default values
484 */
485 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
486 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
487 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
488 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
489 ax25->n2 = AX25_DEF_N2;
490 ax25->paclen = AX25_DEF_PACLEN;
491 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
492 ax25->backoff = AX25_DEF_BACKOFF;
493
494 if (AX25_DEF_AXDEFMODE) {
495 ax25->modulus = AX25_EMODULUS;
496 ax25->window = AX25_DEF_EWINDOW;
497 } else {
498 ax25->modulus = AX25_MODULUS;
499 ax25->window = AX25_DEF_WINDOW;
500 }
501 }
502
503 /*
504 * Create an empty AX.25 control block.
505 */
ax25_create_cb(void)506 ax25_cb *ax25_create_cb(void)
507 {
508 ax25_cb *ax25;
509
510 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
511 return NULL;
512
513 refcount_set(&ax25->refcount, 1);
514
515 skb_queue_head_init(&ax25->write_queue);
516 skb_queue_head_init(&ax25->frag_queue);
517 skb_queue_head_init(&ax25->ack_queue);
518 skb_queue_head_init(&ax25->reseq_queue);
519
520 ax25_setup_timers(ax25);
521
522 ax25_fillin_cb(ax25, NULL);
523
524 ax25->state = AX25_STATE_0;
525
526 return ax25;
527 }
528
529 /*
530 * Handling for system calls applied via the various interfaces to an
531 * AX25 socket object
532 */
533
ax25_setsockopt(struct socket * sock,int level,int optname,char __user * optval,unsigned int optlen)534 static int ax25_setsockopt(struct socket *sock, int level, int optname,
535 char __user *optval, unsigned int optlen)
536 {
537 struct sock *sk = sock->sk;
538 ax25_cb *ax25;
539 struct net_device *dev;
540 char devname[IFNAMSIZ];
541 unsigned long opt;
542 int res = 0;
543
544 if (level != SOL_AX25)
545 return -ENOPROTOOPT;
546
547 if (optlen < sizeof(unsigned int))
548 return -EINVAL;
549
550 if (get_user(opt, (unsigned int __user *)optval))
551 return -EFAULT;
552
553 lock_sock(sk);
554 ax25 = sk_to_ax25(sk);
555
556 switch (optname) {
557 case AX25_WINDOW:
558 if (ax25->modulus == AX25_MODULUS) {
559 if (opt < 1 || opt > 7) {
560 res = -EINVAL;
561 break;
562 }
563 } else {
564 if (opt < 1 || opt > 63) {
565 res = -EINVAL;
566 break;
567 }
568 }
569 ax25->window = opt;
570 break;
571
572 case AX25_T1:
573 if (opt < 1 || opt > ULONG_MAX / HZ) {
574 res = -EINVAL;
575 break;
576 }
577 ax25->rtt = (opt * HZ) >> 1;
578 ax25->t1 = opt * HZ;
579 break;
580
581 case AX25_T2:
582 if (opt < 1 || opt > ULONG_MAX / HZ) {
583 res = -EINVAL;
584 break;
585 }
586 ax25->t2 = opt * HZ;
587 break;
588
589 case AX25_N2:
590 if (opt < 1 || opt > 31) {
591 res = -EINVAL;
592 break;
593 }
594 ax25->n2 = opt;
595 break;
596
597 case AX25_T3:
598 if (opt < 1 || opt > ULONG_MAX / HZ) {
599 res = -EINVAL;
600 break;
601 }
602 ax25->t3 = opt * HZ;
603 break;
604
605 case AX25_IDLE:
606 if (opt > ULONG_MAX / (60 * HZ)) {
607 res = -EINVAL;
608 break;
609 }
610 ax25->idle = opt * 60 * HZ;
611 break;
612
613 case AX25_BACKOFF:
614 if (opt > 2) {
615 res = -EINVAL;
616 break;
617 }
618 ax25->backoff = opt;
619 break;
620
621 case AX25_EXTSEQ:
622 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
623 break;
624
625 case AX25_PIDINCL:
626 ax25->pidincl = opt ? 1 : 0;
627 break;
628
629 case AX25_IAMDIGI:
630 ax25->iamdigi = opt ? 1 : 0;
631 break;
632
633 case AX25_PACLEN:
634 if (opt < 16 || opt > 65535) {
635 res = -EINVAL;
636 break;
637 }
638 ax25->paclen = opt;
639 break;
640
641 case SO_BINDTODEVICE:
642 if (optlen > IFNAMSIZ)
643 optlen = IFNAMSIZ;
644
645 if (copy_from_user(devname, optval, optlen)) {
646 res = -EFAULT;
647 break;
648 }
649
650 if (sk->sk_type == SOCK_SEQPACKET &&
651 (sock->state != SS_UNCONNECTED ||
652 sk->sk_state == TCP_LISTEN)) {
653 res = -EADDRNOTAVAIL;
654 break;
655 }
656
657 rtnl_lock();
658 dev = __dev_get_by_name(&init_net, devname);
659 if (!dev) {
660 rtnl_unlock();
661 res = -ENODEV;
662 break;
663 }
664
665 ax25->ax25_dev = ax25_dev_ax25dev(dev);
666 if (!ax25->ax25_dev) {
667 rtnl_unlock();
668 res = -ENODEV;
669 break;
670 }
671 ax25_fillin_cb(ax25, ax25->ax25_dev);
672 rtnl_unlock();
673 break;
674
675 default:
676 res = -ENOPROTOOPT;
677 }
678 release_sock(sk);
679
680 return res;
681 }
682
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)683 static int ax25_getsockopt(struct socket *sock, int level, int optname,
684 char __user *optval, int __user *optlen)
685 {
686 struct sock *sk = sock->sk;
687 ax25_cb *ax25;
688 struct ax25_dev *ax25_dev;
689 char devname[IFNAMSIZ];
690 void *valptr;
691 int val = 0;
692 int maxlen, length;
693
694 if (level != SOL_AX25)
695 return -ENOPROTOOPT;
696
697 if (get_user(maxlen, optlen))
698 return -EFAULT;
699
700 if (maxlen < 1)
701 return -EFAULT;
702
703 valptr = (void *) &val;
704 length = min_t(unsigned int, maxlen, sizeof(int));
705
706 lock_sock(sk);
707 ax25 = sk_to_ax25(sk);
708
709 switch (optname) {
710 case AX25_WINDOW:
711 val = ax25->window;
712 break;
713
714 case AX25_T1:
715 val = ax25->t1 / HZ;
716 break;
717
718 case AX25_T2:
719 val = ax25->t2 / HZ;
720 break;
721
722 case AX25_N2:
723 val = ax25->n2;
724 break;
725
726 case AX25_T3:
727 val = ax25->t3 / HZ;
728 break;
729
730 case AX25_IDLE:
731 val = ax25->idle / (60 * HZ);
732 break;
733
734 case AX25_BACKOFF:
735 val = ax25->backoff;
736 break;
737
738 case AX25_EXTSEQ:
739 val = (ax25->modulus == AX25_EMODULUS);
740 break;
741
742 case AX25_PIDINCL:
743 val = ax25->pidincl;
744 break;
745
746 case AX25_IAMDIGI:
747 val = ax25->iamdigi;
748 break;
749
750 case AX25_PACLEN:
751 val = ax25->paclen;
752 break;
753
754 case SO_BINDTODEVICE:
755 ax25_dev = ax25->ax25_dev;
756
757 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
758 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
759 length = strlen(devname) + 1;
760 } else {
761 *devname = '\0';
762 length = 1;
763 }
764
765 valptr = (void *) devname;
766 break;
767
768 default:
769 release_sock(sk);
770 return -ENOPROTOOPT;
771 }
772 release_sock(sk);
773
774 if (put_user(length, optlen))
775 return -EFAULT;
776
777 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
778 }
779
ax25_listen(struct socket * sock,int backlog)780 static int ax25_listen(struct socket *sock, int backlog)
781 {
782 struct sock *sk = sock->sk;
783 int res = 0;
784
785 lock_sock(sk);
786 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
787 sk->sk_max_ack_backlog = backlog;
788 sk->sk_state = TCP_LISTEN;
789 goto out;
790 }
791 res = -EOPNOTSUPP;
792
793 out:
794 release_sock(sk);
795
796 return res;
797 }
798
799 /*
800 * XXX: when creating ax25_sock we should update the .obj_size setting
801 * below.
802 */
803 static struct proto ax25_proto = {
804 .name = "AX25",
805 .owner = THIS_MODULE,
806 .obj_size = sizeof(struct ax25_sock),
807 };
808
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)809 static int ax25_create(struct net *net, struct socket *sock, int protocol,
810 int kern)
811 {
812 struct sock *sk;
813 ax25_cb *ax25;
814
815 if (protocol < 0 || protocol > SK_PROTOCOL_MAX)
816 return -EINVAL;
817
818 if (!net_eq(net, &init_net))
819 return -EAFNOSUPPORT;
820
821 switch (sock->type) {
822 case SOCK_DGRAM:
823 if (protocol == 0 || protocol == PF_AX25)
824 protocol = AX25_P_TEXT;
825 break;
826
827 case SOCK_SEQPACKET:
828 switch (protocol) {
829 case 0:
830 case PF_AX25: /* For CLX */
831 protocol = AX25_P_TEXT;
832 break;
833 case AX25_P_SEGMENT:
834 #ifdef CONFIG_INET
835 case AX25_P_ARP:
836 case AX25_P_IP:
837 #endif
838 #ifdef CONFIG_NETROM
839 case AX25_P_NETROM:
840 #endif
841 #ifdef CONFIG_ROSE
842 case AX25_P_ROSE:
843 #endif
844 return -ESOCKTNOSUPPORT;
845 #ifdef CONFIG_NETROM_MODULE
846 case AX25_P_NETROM:
847 if (ax25_protocol_is_registered(AX25_P_NETROM))
848 return -ESOCKTNOSUPPORT;
849 break;
850 #endif
851 #ifdef CONFIG_ROSE_MODULE
852 case AX25_P_ROSE:
853 if (ax25_protocol_is_registered(AX25_P_ROSE))
854 return -ESOCKTNOSUPPORT;
855 #endif
856 default:
857 break;
858 }
859 break;
860
861 case SOCK_RAW:
862 if (!capable(CAP_NET_RAW))
863 return -EPERM;
864 break;
865 default:
866 return -ESOCKTNOSUPPORT;
867 }
868
869 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern);
870 if (sk == NULL)
871 return -ENOMEM;
872
873 ax25 = ax25_sk(sk)->cb = ax25_create_cb();
874 if (!ax25) {
875 sk_free(sk);
876 return -ENOMEM;
877 }
878
879 sock_init_data(sock, sk);
880
881 sk->sk_destruct = ax25_free_sock;
882 sock->ops = &ax25_proto_ops;
883 sk->sk_protocol = protocol;
884
885 ax25->sk = sk;
886
887 return 0;
888 }
889
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)890 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
891 {
892 struct sock *sk;
893 ax25_cb *ax25, *oax25;
894
895 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0);
896 if (sk == NULL)
897 return NULL;
898
899 if ((ax25 = ax25_create_cb()) == NULL) {
900 sk_free(sk);
901 return NULL;
902 }
903
904 switch (osk->sk_type) {
905 case SOCK_DGRAM:
906 break;
907 case SOCK_SEQPACKET:
908 break;
909 default:
910 sk_free(sk);
911 ax25_cb_put(ax25);
912 return NULL;
913 }
914
915 sock_init_data(NULL, sk);
916
917 sk->sk_type = osk->sk_type;
918 sk->sk_priority = osk->sk_priority;
919 sk->sk_protocol = osk->sk_protocol;
920 sk->sk_rcvbuf = osk->sk_rcvbuf;
921 sk->sk_sndbuf = osk->sk_sndbuf;
922 sk->sk_state = TCP_ESTABLISHED;
923 sock_copy_flags(sk, osk);
924
925 oax25 = sk_to_ax25(osk);
926
927 ax25->modulus = oax25->modulus;
928 ax25->backoff = oax25->backoff;
929 ax25->pidincl = oax25->pidincl;
930 ax25->iamdigi = oax25->iamdigi;
931 ax25->rtt = oax25->rtt;
932 ax25->t1 = oax25->t1;
933 ax25->t2 = oax25->t2;
934 ax25->t3 = oax25->t3;
935 ax25->n2 = oax25->n2;
936 ax25->idle = oax25->idle;
937 ax25->paclen = oax25->paclen;
938 ax25->window = oax25->window;
939
940 ax25->ax25_dev = ax25_dev;
941 ax25->source_addr = oax25->source_addr;
942
943 if (oax25->digipeat != NULL) {
944 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
945 GFP_ATOMIC);
946 if (ax25->digipeat == NULL) {
947 sk_free(sk);
948 ax25_cb_put(ax25);
949 return NULL;
950 }
951 }
952
953 ax25_sk(sk)->cb = ax25;
954 sk->sk_destruct = ax25_free_sock;
955 ax25->sk = sk;
956
957 return sk;
958 }
959
ax25_release(struct socket * sock)960 static int ax25_release(struct socket *sock)
961 {
962 struct sock *sk = sock->sk;
963 ax25_cb *ax25;
964
965 if (sk == NULL)
966 return 0;
967
968 sock_hold(sk);
969 sock_orphan(sk);
970 lock_sock(sk);
971 ax25 = sk_to_ax25(sk);
972
973 if (sk->sk_type == SOCK_SEQPACKET) {
974 switch (ax25->state) {
975 case AX25_STATE_0:
976 release_sock(sk);
977 ax25_disconnect(ax25, 0);
978 lock_sock(sk);
979 ax25_destroy_socket(ax25);
980 break;
981
982 case AX25_STATE_1:
983 case AX25_STATE_2:
984 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
985 release_sock(sk);
986 ax25_disconnect(ax25, 0);
987 lock_sock(sk);
988 if (!sock_flag(ax25->sk, SOCK_DESTROY))
989 ax25_destroy_socket(ax25);
990 break;
991
992 case AX25_STATE_3:
993 case AX25_STATE_4:
994 ax25_clear_queues(ax25);
995 ax25->n2count = 0;
996
997 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
998 case AX25_PROTO_STD_SIMPLEX:
999 case AX25_PROTO_STD_DUPLEX:
1000 ax25_send_control(ax25,
1001 AX25_DISC,
1002 AX25_POLLON,
1003 AX25_COMMAND);
1004 ax25_stop_t2timer(ax25);
1005 ax25_stop_t3timer(ax25);
1006 ax25_stop_idletimer(ax25);
1007 break;
1008 #ifdef CONFIG_AX25_DAMA_SLAVE
1009 case AX25_PROTO_DAMA_SLAVE:
1010 ax25_stop_t3timer(ax25);
1011 ax25_stop_idletimer(ax25);
1012 break;
1013 #endif
1014 }
1015 ax25_calculate_t1(ax25);
1016 ax25_start_t1timer(ax25);
1017 ax25->state = AX25_STATE_2;
1018 sk->sk_state = TCP_CLOSE;
1019 sk->sk_shutdown |= SEND_SHUTDOWN;
1020 sk->sk_state_change(sk);
1021 sock_set_flag(sk, SOCK_DESTROY);
1022 break;
1023
1024 default:
1025 break;
1026 }
1027 } else {
1028 sk->sk_state = TCP_CLOSE;
1029 sk->sk_shutdown |= SEND_SHUTDOWN;
1030 sk->sk_state_change(sk);
1031 ax25_destroy_socket(ax25);
1032 }
1033
1034 sock->sk = NULL;
1035 release_sock(sk);
1036 sock_put(sk);
1037
1038 return 0;
1039 }
1040
1041 /*
1042 * We support a funny extension here so you can (as root) give any callsign
1043 * digipeated via a local address as source. This hack is obsolete now
1044 * that we've implemented support for SO_BINDTODEVICE. It is however small
1045 * and trivially backward compatible.
1046 */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1047 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1048 {
1049 struct sock *sk = sock->sk;
1050 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1051 ax25_dev *ax25_dev = NULL;
1052 ax25_uid_assoc *user;
1053 ax25_address call;
1054 ax25_cb *ax25;
1055 int err = 0;
1056
1057 if (addr_len != sizeof(struct sockaddr_ax25) &&
1058 addr_len != sizeof(struct full_sockaddr_ax25))
1059 /* support for old structure may go away some time
1060 * ax25_bind(): uses old (6 digipeater) socket structure.
1061 */
1062 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1063 (addr_len > sizeof(struct full_sockaddr_ax25)))
1064 return -EINVAL;
1065
1066 if (addr->fsa_ax25.sax25_family != AF_AX25)
1067 return -EINVAL;
1068
1069 user = ax25_findbyuid(current_euid());
1070 if (user) {
1071 call = user->call;
1072 ax25_uid_put(user);
1073 } else {
1074 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1075 return -EACCES;
1076
1077 call = addr->fsa_ax25.sax25_call;
1078 }
1079
1080 lock_sock(sk);
1081
1082 ax25 = sk_to_ax25(sk);
1083 if (!sock_flag(sk, SOCK_ZAPPED)) {
1084 err = -EINVAL;
1085 goto out;
1086 }
1087
1088 ax25->source_addr = call;
1089
1090 /*
1091 * User already set interface with SO_BINDTODEVICE
1092 */
1093 if (ax25->ax25_dev != NULL)
1094 goto done;
1095
1096 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1097 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1098 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1099 err = -EADDRNOTAVAIL;
1100 goto out;
1101 }
1102 } else {
1103 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1104 err = -EADDRNOTAVAIL;
1105 goto out;
1106 }
1107 }
1108
1109 if (ax25_dev != NULL)
1110 ax25_fillin_cb(ax25, ax25_dev);
1111
1112 done:
1113 ax25_cb_add(ax25);
1114 sock_reset_flag(sk, SOCK_ZAPPED);
1115
1116 out:
1117 release_sock(sk);
1118
1119 return err;
1120 }
1121
1122 /*
1123 * FIXME: nonblock behaviour looks like it may have a bug.
1124 */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1125 static int __must_check ax25_connect(struct socket *sock,
1126 struct sockaddr *uaddr, int addr_len, int flags)
1127 {
1128 struct sock *sk = sock->sk;
1129 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t;
1130 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1131 ax25_digi *digi = NULL;
1132 int ct = 0, err = 0;
1133
1134 /*
1135 * some sanity checks. code further down depends on this
1136 */
1137
1138 if (addr_len == sizeof(struct sockaddr_ax25))
1139 /* support for this will go away in early 2.5.x
1140 * ax25_connect(): uses obsolete socket structure
1141 */
1142 ;
1143 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1144 /* support for old structure may go away some time
1145 * ax25_connect(): uses old (6 digipeater) socket structure.
1146 */
1147 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1148 (addr_len > sizeof(struct full_sockaddr_ax25)))
1149 return -EINVAL;
1150
1151
1152 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1153 return -EINVAL;
1154
1155 lock_sock(sk);
1156
1157 /* deal with restarts */
1158 if (sock->state == SS_CONNECTING) {
1159 switch (sk->sk_state) {
1160 case TCP_SYN_SENT: /* still trying */
1161 err = -EINPROGRESS;
1162 goto out_release;
1163
1164 case TCP_ESTABLISHED: /* connection established */
1165 sock->state = SS_CONNECTED;
1166 goto out_release;
1167
1168 case TCP_CLOSE: /* connection refused */
1169 sock->state = SS_UNCONNECTED;
1170 err = -ECONNREFUSED;
1171 goto out_release;
1172 }
1173 }
1174
1175 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1176 err = -EISCONN; /* No reconnect on a seqpacket socket */
1177 goto out_release;
1178 }
1179
1180 sk->sk_state = TCP_CLOSE;
1181 sock->state = SS_UNCONNECTED;
1182
1183 kfree(ax25->digipeat);
1184 ax25->digipeat = NULL;
1185
1186 /*
1187 * Handle digi-peaters to be used.
1188 */
1189 if (addr_len > sizeof(struct sockaddr_ax25) &&
1190 fsa->fsa_ax25.sax25_ndigis != 0) {
1191 /* Valid number of digipeaters ? */
1192 if (fsa->fsa_ax25.sax25_ndigis < 1 || fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS) {
1193 err = -EINVAL;
1194 goto out_release;
1195 }
1196
1197 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1198 err = -ENOBUFS;
1199 goto out_release;
1200 }
1201
1202 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1203 digi->lastrepeat = -1;
1204
1205 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1206 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1207 AX25_HBIT) && ax25->iamdigi) {
1208 digi->repeated[ct] = 1;
1209 digi->lastrepeat = ct;
1210 } else {
1211 digi->repeated[ct] = 0;
1212 }
1213 digi->calls[ct] = fsa->fsa_digipeater[ct];
1214 ct++;
1215 }
1216 }
1217
1218 /*
1219 * Must bind first - autobinding in this may or may not work. If
1220 * the socket is already bound, check to see if the device has
1221 * been filled in, error if it hasn't.
1222 */
1223 if (sock_flag(sk, SOCK_ZAPPED)) {
1224 /* check if we can remove this feature. It is broken. */
1225 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1226 current->comm);
1227 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1228 kfree(digi);
1229 goto out_release;
1230 }
1231
1232 ax25_fillin_cb(ax25, ax25->ax25_dev);
1233 ax25_cb_add(ax25);
1234 } else {
1235 if (ax25->ax25_dev == NULL) {
1236 kfree(digi);
1237 err = -EHOSTUNREACH;
1238 goto out_release;
1239 }
1240 }
1241
1242 if (sk->sk_type == SOCK_SEQPACKET &&
1243 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1244 ax25->ax25_dev->dev))) {
1245 kfree(digi);
1246 err = -EADDRINUSE; /* Already such a connection */
1247 ax25_cb_put(ax25t);
1248 goto out_release;
1249 }
1250
1251 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1252 ax25->digipeat = digi;
1253
1254 /* First the easy one */
1255 if (sk->sk_type != SOCK_SEQPACKET) {
1256 sock->state = SS_CONNECTED;
1257 sk->sk_state = TCP_ESTABLISHED;
1258 goto out_release;
1259 }
1260
1261 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1262 sock->state = SS_CONNECTING;
1263 sk->sk_state = TCP_SYN_SENT;
1264
1265 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1266 case AX25_PROTO_STD_SIMPLEX:
1267 case AX25_PROTO_STD_DUPLEX:
1268 ax25_std_establish_data_link(ax25);
1269 break;
1270
1271 #ifdef CONFIG_AX25_DAMA_SLAVE
1272 case AX25_PROTO_DAMA_SLAVE:
1273 ax25->modulus = AX25_MODULUS;
1274 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1275 if (ax25->ax25_dev->dama.slave)
1276 ax25_ds_establish_data_link(ax25);
1277 else
1278 ax25_std_establish_data_link(ax25);
1279 break;
1280 #endif
1281 }
1282
1283 ax25->state = AX25_STATE_1;
1284
1285 ax25_start_heartbeat(ax25);
1286
1287 /* Now the loop */
1288 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1289 err = -EINPROGRESS;
1290 goto out_release;
1291 }
1292
1293 if (sk->sk_state == TCP_SYN_SENT) {
1294 DEFINE_WAIT(wait);
1295
1296 for (;;) {
1297 prepare_to_wait(sk_sleep(sk), &wait,
1298 TASK_INTERRUPTIBLE);
1299 if (sk->sk_state != TCP_SYN_SENT)
1300 break;
1301 if (!signal_pending(current)) {
1302 release_sock(sk);
1303 schedule();
1304 lock_sock(sk);
1305 continue;
1306 }
1307 err = -ERESTARTSYS;
1308 break;
1309 }
1310 finish_wait(sk_sleep(sk), &wait);
1311
1312 if (err)
1313 goto out_release;
1314 }
1315
1316 if (sk->sk_state != TCP_ESTABLISHED) {
1317 /* Not in ABM, not in WAIT_UA -> failed */
1318 sock->state = SS_UNCONNECTED;
1319 err = sock_error(sk); /* Always set at this point */
1320 goto out_release;
1321 }
1322
1323 sock->state = SS_CONNECTED;
1324
1325 err = 0;
1326 out_release:
1327 release_sock(sk);
1328
1329 return err;
1330 }
1331
ax25_accept(struct socket * sock,struct socket * newsock,int flags,bool kern)1332 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags,
1333 bool kern)
1334 {
1335 struct sk_buff *skb;
1336 struct sock *newsk;
1337 DEFINE_WAIT(wait);
1338 struct sock *sk;
1339 int err = 0;
1340
1341 if (sock->state != SS_UNCONNECTED)
1342 return -EINVAL;
1343
1344 if ((sk = sock->sk) == NULL)
1345 return -EINVAL;
1346
1347 lock_sock(sk);
1348 if (sk->sk_type != SOCK_SEQPACKET) {
1349 err = -EOPNOTSUPP;
1350 goto out;
1351 }
1352
1353 if (sk->sk_state != TCP_LISTEN) {
1354 err = -EINVAL;
1355 goto out;
1356 }
1357
1358 /*
1359 * The read queue this time is holding sockets ready to use
1360 * hooked into the SABM we saved
1361 */
1362 for (;;) {
1363 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1364 skb = skb_dequeue(&sk->sk_receive_queue);
1365 if (skb)
1366 break;
1367
1368 if (flags & O_NONBLOCK) {
1369 err = -EWOULDBLOCK;
1370 break;
1371 }
1372 if (!signal_pending(current)) {
1373 release_sock(sk);
1374 schedule();
1375 lock_sock(sk);
1376 continue;
1377 }
1378 err = -ERESTARTSYS;
1379 break;
1380 }
1381 finish_wait(sk_sleep(sk), &wait);
1382
1383 if (err)
1384 goto out;
1385
1386 newsk = skb->sk;
1387 sock_graft(newsk, newsock);
1388
1389 /* Now attach up the new socket */
1390 kfree_skb(skb);
1391 sk->sk_ack_backlog--;
1392 newsock->state = SS_CONNECTED;
1393
1394 out:
1395 release_sock(sk);
1396
1397 return err;
1398 }
1399
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int * uaddr_len,int peer)1400 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1401 int *uaddr_len, int peer)
1402 {
1403 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1404 struct sock *sk = sock->sk;
1405 unsigned char ndigi, i;
1406 ax25_cb *ax25;
1407 int err = 0;
1408
1409 memset(fsa, 0, sizeof(*fsa));
1410 lock_sock(sk);
1411 ax25 = sk_to_ax25(sk);
1412
1413 if (peer != 0) {
1414 if (sk->sk_state != TCP_ESTABLISHED) {
1415 err = -ENOTCONN;
1416 goto out;
1417 }
1418
1419 fsa->fsa_ax25.sax25_family = AF_AX25;
1420 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1421
1422 if (ax25->digipeat != NULL) {
1423 ndigi = ax25->digipeat->ndigi;
1424 fsa->fsa_ax25.sax25_ndigis = ndigi;
1425 for (i = 0; i < ndigi; i++)
1426 fsa->fsa_digipeater[i] =
1427 ax25->digipeat->calls[i];
1428 }
1429 } else {
1430 fsa->fsa_ax25.sax25_family = AF_AX25;
1431 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1432 fsa->fsa_ax25.sax25_ndigis = 1;
1433 if (ax25->ax25_dev != NULL) {
1434 memcpy(&fsa->fsa_digipeater[0],
1435 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1436 } else {
1437 fsa->fsa_digipeater[0] = null_ax25_address;
1438 }
1439 }
1440 *uaddr_len = sizeof (struct full_sockaddr_ax25);
1441
1442 out:
1443 release_sock(sk);
1444
1445 return err;
1446 }
1447
ax25_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)1448 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1449 {
1450 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1451 struct sock *sk = sock->sk;
1452 struct sockaddr_ax25 sax;
1453 struct sk_buff *skb;
1454 ax25_digi dtmp, *dp;
1455 ax25_cb *ax25;
1456 size_t size;
1457 int lv, err, addr_len = msg->msg_namelen;
1458
1459 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1460 return -EINVAL;
1461
1462 lock_sock(sk);
1463 ax25 = sk_to_ax25(sk);
1464
1465 if (sock_flag(sk, SOCK_ZAPPED)) {
1466 err = -EADDRNOTAVAIL;
1467 goto out;
1468 }
1469
1470 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1471 send_sig(SIGPIPE, current, 0);
1472 err = -EPIPE;
1473 goto out;
1474 }
1475
1476 if (ax25->ax25_dev == NULL) {
1477 err = -ENETUNREACH;
1478 goto out;
1479 }
1480
1481 if (len > ax25->ax25_dev->dev->mtu) {
1482 err = -EMSGSIZE;
1483 goto out;
1484 }
1485
1486 if (usax != NULL) {
1487 if (usax->sax25_family != AF_AX25) {
1488 err = -EINVAL;
1489 goto out;
1490 }
1491
1492 if (addr_len == sizeof(struct sockaddr_ax25))
1493 /* ax25_sendmsg(): uses obsolete socket structure */
1494 ;
1495 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1496 /* support for old structure may go away some time
1497 * ax25_sendmsg(): uses old (6 digipeater)
1498 * socket structure.
1499 */
1500 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1501 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1502 err = -EINVAL;
1503 goto out;
1504 }
1505
1506
1507 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1508 int ct = 0;
1509 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1510
1511 /* Valid number of digipeaters ? */
1512 if (usax->sax25_ndigis < 1 || usax->sax25_ndigis > AX25_MAX_DIGIS) {
1513 err = -EINVAL;
1514 goto out;
1515 }
1516
1517 dtmp.ndigi = usax->sax25_ndigis;
1518
1519 while (ct < usax->sax25_ndigis) {
1520 dtmp.repeated[ct] = 0;
1521 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1522 ct++;
1523 }
1524
1525 dtmp.lastrepeat = 0;
1526 }
1527
1528 sax = *usax;
1529 if (sk->sk_type == SOCK_SEQPACKET &&
1530 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1531 err = -EISCONN;
1532 goto out;
1533 }
1534 if (usax->sax25_ndigis == 0)
1535 dp = NULL;
1536 else
1537 dp = &dtmp;
1538 } else {
1539 /*
1540 * FIXME: 1003.1g - if the socket is like this because
1541 * it has become closed (not started closed) and is VC
1542 * we ought to SIGPIPE, EPIPE
1543 */
1544 if (sk->sk_state != TCP_ESTABLISHED) {
1545 err = -ENOTCONN;
1546 goto out;
1547 }
1548 sax.sax25_family = AF_AX25;
1549 sax.sax25_call = ax25->dest_addr;
1550 dp = ax25->digipeat;
1551 }
1552
1553 /* Build a packet */
1554 /* Assume the worst case */
1555 size = len + ax25->ax25_dev->dev->hard_header_len;
1556
1557 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1558 if (skb == NULL)
1559 goto out;
1560
1561 skb_reserve(skb, size - len);
1562
1563 /* User data follows immediately after the AX.25 data */
1564 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1565 err = -EFAULT;
1566 kfree_skb(skb);
1567 goto out;
1568 }
1569
1570 skb_reset_network_header(skb);
1571
1572 /* Add the PID if one is not supplied by the user in the skb */
1573 if (!ax25->pidincl)
1574 *(u8 *)skb_push(skb, 1) = sk->sk_protocol;
1575
1576 if (sk->sk_type == SOCK_SEQPACKET) {
1577 /* Connected mode sockets go via the LAPB machine */
1578 if (sk->sk_state != TCP_ESTABLISHED) {
1579 kfree_skb(skb);
1580 err = -ENOTCONN;
1581 goto out;
1582 }
1583
1584 /* Shove it onto the queue and kick */
1585 ax25_output(ax25, ax25->paclen, skb);
1586
1587 err = len;
1588 goto out;
1589 }
1590
1591 skb_push(skb, 1 + ax25_addr_size(dp));
1592
1593 /* Building AX.25 Header */
1594
1595 /* Build an AX.25 header */
1596 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1597 dp, AX25_COMMAND, AX25_MODULUS);
1598
1599 skb_set_transport_header(skb, lv);
1600
1601 *skb_transport_header(skb) = AX25_UI;
1602
1603 /* Datagram frames go straight out of the door as UI */
1604 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1605
1606 err = len;
1607
1608 out:
1609 release_sock(sk);
1610
1611 return err;
1612 }
1613
ax25_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)1614 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1615 int flags)
1616 {
1617 struct sock *sk = sock->sk;
1618 struct sk_buff *skb;
1619 int copied;
1620 int err = 0;
1621
1622 lock_sock(sk);
1623 /*
1624 * This works for seqpacket too. The receiver has ordered the
1625 * queue for us! We do one quick check first though
1626 */
1627 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1628 err = -ENOTCONN;
1629 goto out;
1630 }
1631
1632 /* Now we can treat all alike */
1633 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1634 flags & MSG_DONTWAIT, &err);
1635 if (skb == NULL)
1636 goto out;
1637
1638 if (!sk_to_ax25(sk)->pidincl)
1639 skb_pull(skb, 1); /* Remove PID */
1640
1641 skb_reset_transport_header(skb);
1642 copied = skb->len;
1643
1644 if (copied > size) {
1645 copied = size;
1646 msg->msg_flags |= MSG_TRUNC;
1647 }
1648
1649 skb_copy_datagram_msg(skb, 0, msg, copied);
1650
1651 if (msg->msg_name) {
1652 ax25_digi digi;
1653 ax25_address src;
1654 const unsigned char *mac = skb_mac_header(skb);
1655 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1656
1657 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1658 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1659 &digi, NULL, NULL);
1660 sax->sax25_family = AF_AX25;
1661 /* We set this correctly, even though we may not let the
1662 application know the digi calls further down (because it
1663 did NOT ask to know them). This could get political... **/
1664 sax->sax25_ndigis = digi.ndigi;
1665 sax->sax25_call = src;
1666
1667 if (sax->sax25_ndigis != 0) {
1668 int ct;
1669 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1670
1671 for (ct = 0; ct < digi.ndigi; ct++)
1672 fsa->fsa_digipeater[ct] = digi.calls[ct];
1673 }
1674 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1675 }
1676
1677 skb_free_datagram(sk, skb);
1678 err = copied;
1679
1680 out:
1681 release_sock(sk);
1682
1683 return err;
1684 }
1685
ax25_shutdown(struct socket * sk,int how)1686 static int ax25_shutdown(struct socket *sk, int how)
1687 {
1688 /* FIXME - generate DM and RNR states */
1689 return -EOPNOTSUPP;
1690 }
1691
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1692 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1693 {
1694 struct sock *sk = sock->sk;
1695 void __user *argp = (void __user *)arg;
1696 int res = 0;
1697
1698 lock_sock(sk);
1699 switch (cmd) {
1700 case TIOCOUTQ: {
1701 long amount;
1702
1703 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1704 if (amount < 0)
1705 amount = 0;
1706 res = put_user(amount, (int __user *)argp);
1707 break;
1708 }
1709
1710 case TIOCINQ: {
1711 struct sk_buff *skb;
1712 long amount = 0L;
1713 /* These two are safe on a single CPU system as only user tasks fiddle here */
1714 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1715 amount = skb->len;
1716 res = put_user(amount, (int __user *) argp);
1717 break;
1718 }
1719
1720 case SIOCGSTAMP:
1721 res = sock_get_timestamp(sk, argp);
1722 break;
1723
1724 case SIOCGSTAMPNS:
1725 res = sock_get_timestampns(sk, argp);
1726 break;
1727
1728 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1729 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1730 case SIOCAX25GETUID: {
1731 struct sockaddr_ax25 sax25;
1732 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1733 res = -EFAULT;
1734 break;
1735 }
1736 res = ax25_uid_ioctl(cmd, &sax25);
1737 break;
1738 }
1739
1740 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1741 long amount;
1742 if (!capable(CAP_NET_ADMIN)) {
1743 res = -EPERM;
1744 break;
1745 }
1746 if (get_user(amount, (long __user *)argp)) {
1747 res = -EFAULT;
1748 break;
1749 }
1750 if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1751 res = -EINVAL;
1752 break;
1753 }
1754 ax25_uid_policy = amount;
1755 res = 0;
1756 break;
1757 }
1758
1759 case SIOCADDRT:
1760 case SIOCDELRT:
1761 case SIOCAX25OPTRT:
1762 if (!capable(CAP_NET_ADMIN)) {
1763 res = -EPERM;
1764 break;
1765 }
1766 res = ax25_rt_ioctl(cmd, argp);
1767 break;
1768
1769 case SIOCAX25CTLCON:
1770 if (!capable(CAP_NET_ADMIN)) {
1771 res = -EPERM;
1772 break;
1773 }
1774 res = ax25_ctl_ioctl(cmd, argp);
1775 break;
1776
1777 case SIOCAX25GETINFO:
1778 case SIOCAX25GETINFOOLD: {
1779 ax25_cb *ax25 = sk_to_ax25(sk);
1780 struct ax25_info_struct ax25_info;
1781
1782 ax25_info.t1 = ax25->t1 / HZ;
1783 ax25_info.t2 = ax25->t2 / HZ;
1784 ax25_info.t3 = ax25->t3 / HZ;
1785 ax25_info.idle = ax25->idle / (60 * HZ);
1786 ax25_info.n2 = ax25->n2;
1787 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1788 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1789 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1790 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1791 ax25_info.n2count = ax25->n2count;
1792 ax25_info.state = ax25->state;
1793 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1794 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1795 ax25_info.vs = ax25->vs;
1796 ax25_info.vr = ax25->vr;
1797 ax25_info.va = ax25->va;
1798 ax25_info.vs_max = ax25->vs; /* reserved */
1799 ax25_info.paclen = ax25->paclen;
1800 ax25_info.window = ax25->window;
1801
1802 /* old structure? */
1803 if (cmd == SIOCAX25GETINFOOLD) {
1804 static int warned = 0;
1805 if (!warned) {
1806 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1807 current->comm);
1808 warned=1;
1809 }
1810
1811 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1812 res = -EFAULT;
1813 break;
1814 }
1815 } else {
1816 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1817 res = -EINVAL;
1818 break;
1819 }
1820 }
1821 res = 0;
1822 break;
1823 }
1824
1825 case SIOCAX25ADDFWD:
1826 case SIOCAX25DELFWD: {
1827 struct ax25_fwd_struct ax25_fwd;
1828 if (!capable(CAP_NET_ADMIN)) {
1829 res = -EPERM;
1830 break;
1831 }
1832 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1833 res = -EFAULT;
1834 break;
1835 }
1836 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1837 break;
1838 }
1839
1840 case SIOCGIFADDR:
1841 case SIOCSIFADDR:
1842 case SIOCGIFDSTADDR:
1843 case SIOCSIFDSTADDR:
1844 case SIOCGIFBRDADDR:
1845 case SIOCSIFBRDADDR:
1846 case SIOCGIFNETMASK:
1847 case SIOCSIFNETMASK:
1848 case SIOCGIFMETRIC:
1849 case SIOCSIFMETRIC:
1850 res = -EINVAL;
1851 break;
1852
1853 default:
1854 res = -ENOIOCTLCMD;
1855 break;
1856 }
1857 release_sock(sk);
1858
1859 return res;
1860 }
1861
1862 #ifdef CONFIG_PROC_FS
1863
ax25_info_start(struct seq_file * seq,loff_t * pos)1864 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1865 __acquires(ax25_list_lock)
1866 {
1867 spin_lock_bh(&ax25_list_lock);
1868 return seq_hlist_start(&ax25_list, *pos);
1869 }
1870
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1871 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1872 {
1873 return seq_hlist_next(v, &ax25_list, pos);
1874 }
1875
ax25_info_stop(struct seq_file * seq,void * v)1876 static void ax25_info_stop(struct seq_file *seq, void *v)
1877 __releases(ax25_list_lock)
1878 {
1879 spin_unlock_bh(&ax25_list_lock);
1880 }
1881
ax25_info_show(struct seq_file * seq,void * v)1882 static int ax25_info_show(struct seq_file *seq, void *v)
1883 {
1884 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1885 char buf[11];
1886 int k;
1887
1888
1889 /*
1890 * New format:
1891 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1892 */
1893
1894 seq_printf(seq, "%8.8lx %s %s%s ",
1895 (long) ax25,
1896 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1897 ax2asc(buf, &ax25->source_addr),
1898 ax25->iamdigi? "*":"");
1899 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1900
1901 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1902 seq_printf(seq, ",%s%s",
1903 ax2asc(buf, &ax25->digipeat->calls[k]),
1904 ax25->digipeat->repeated[k]? "*":"");
1905 }
1906
1907 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1908 ax25->state,
1909 ax25->vs, ax25->vr, ax25->va,
1910 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1911 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1912 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1913 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1914 ax25->idle / (60 * HZ),
1915 ax25->n2count, ax25->n2,
1916 ax25->rtt / HZ,
1917 ax25->window,
1918 ax25->paclen);
1919
1920 if (ax25->sk != NULL) {
1921 seq_printf(seq, " %d %d %lu\n",
1922 sk_wmem_alloc_get(ax25->sk),
1923 sk_rmem_alloc_get(ax25->sk),
1924 sock_i_ino(ax25->sk));
1925 } else {
1926 seq_puts(seq, " * * *\n");
1927 }
1928 return 0;
1929 }
1930
1931 static const struct seq_operations ax25_info_seqops = {
1932 .start = ax25_info_start,
1933 .next = ax25_info_next,
1934 .stop = ax25_info_stop,
1935 .show = ax25_info_show,
1936 };
1937
ax25_info_open(struct inode * inode,struct file * file)1938 static int ax25_info_open(struct inode *inode, struct file *file)
1939 {
1940 return seq_open(file, &ax25_info_seqops);
1941 }
1942
1943 static const struct file_operations ax25_info_fops = {
1944 .owner = THIS_MODULE,
1945 .open = ax25_info_open,
1946 .read = seq_read,
1947 .llseek = seq_lseek,
1948 .release = seq_release,
1949 };
1950
1951 #endif
1952
1953 static const struct net_proto_family ax25_family_ops = {
1954 .family = PF_AX25,
1955 .create = ax25_create,
1956 .owner = THIS_MODULE,
1957 };
1958
1959 static const struct proto_ops ax25_proto_ops = {
1960 .family = PF_AX25,
1961 .owner = THIS_MODULE,
1962 .release = ax25_release,
1963 .bind = ax25_bind,
1964 .connect = ax25_connect,
1965 .socketpair = sock_no_socketpair,
1966 .accept = ax25_accept,
1967 .getname = ax25_getname,
1968 .poll = datagram_poll,
1969 .ioctl = ax25_ioctl,
1970 .listen = ax25_listen,
1971 .shutdown = ax25_shutdown,
1972 .setsockopt = ax25_setsockopt,
1973 .getsockopt = ax25_getsockopt,
1974 .sendmsg = ax25_sendmsg,
1975 .recvmsg = ax25_recvmsg,
1976 .mmap = sock_no_mmap,
1977 .sendpage = sock_no_sendpage,
1978 };
1979
1980 /*
1981 * Called by socket.c on kernel start up
1982 */
1983 static struct packet_type ax25_packet_type __read_mostly = {
1984 .type = cpu_to_be16(ETH_P_AX25),
1985 .func = ax25_kiss_rcv,
1986 };
1987
1988 static struct notifier_block ax25_dev_notifier = {
1989 .notifier_call = ax25_device_event,
1990 };
1991
ax25_init(void)1992 static int __init ax25_init(void)
1993 {
1994 int rc = proto_register(&ax25_proto, 0);
1995
1996 if (rc != 0)
1997 goto out;
1998
1999 sock_register(&ax25_family_ops);
2000 dev_add_pack(&ax25_packet_type);
2001 register_netdevice_notifier(&ax25_dev_notifier);
2002
2003 proc_create("ax25_route", S_IRUGO, init_net.proc_net,
2004 &ax25_route_fops);
2005 proc_create("ax25", S_IRUGO, init_net.proc_net, &ax25_info_fops);
2006 proc_create("ax25_calls", S_IRUGO, init_net.proc_net, &ax25_uid_fops);
2007 out:
2008 return rc;
2009 }
2010 module_init(ax25_init);
2011
2012
2013 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2014 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2015 MODULE_LICENSE("GPL");
2016 MODULE_ALIAS_NETPROTO(PF_AX25);
2017
ax25_exit(void)2018 static void __exit ax25_exit(void)
2019 {
2020 remove_proc_entry("ax25_route", init_net.proc_net);
2021 remove_proc_entry("ax25", init_net.proc_net);
2022 remove_proc_entry("ax25_calls", init_net.proc_net);
2023
2024 unregister_netdevice_notifier(&ax25_dev_notifier);
2025
2026 dev_remove_pack(&ax25_packet_type);
2027
2028 sock_unregister(PF_AX25);
2029 proto_unregister(&ax25_proto);
2030
2031 ax25_rt_free();
2032 ax25_uid_free();
2033 ax25_dev_free();
2034 }
2035 module_exit(ax25_exit);
2036