1 /*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
10 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
11 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
12 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
13 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
14 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
15 */
16 #include <linux/capability.h>
17 #include <linux/module.h>
18 #include <linux/errno.h>
19 #include <linux/types.h>
20 #include <linux/socket.h>
21 #include <linux/in.h>
22 #include <linux/kernel.h>
23 #include <linux/sched.h>
24 #include <linux/timer.h>
25 #include <linux/string.h>
26 #include <linux/sockios.h>
27 #include <linux/net.h>
28 #include <linux/slab.h>
29 #include <net/ax25.h>
30 #include <linux/inet.h>
31 #include <linux/netdevice.h>
32 #include <linux/if_arp.h>
33 #include <linux/skbuff.h>
34 #include <net/sock.h>
35 #include <asm/uaccess.h>
36 #include <linux/fcntl.h>
37 #include <linux/termios.h> /* For TIOCINQ/OUTQ */
38 #include <linux/mm.h>
39 #include <linux/interrupt.h>
40 #include <linux/notifier.h>
41 #include <linux/proc_fs.h>
42 #include <linux/stat.h>
43 #include <linux/sysctl.h>
44 #include <linux/init.h>
45 #include <linux/spinlock.h>
46 #include <net/net_namespace.h>
47 #include <net/tcp_states.h>
48 #include <net/ip.h>
49 #include <net/arp.h>
50
51
52
53 HLIST_HEAD(ax25_list);
54 DEFINE_SPINLOCK(ax25_list_lock);
55
56 static const struct proto_ops ax25_proto_ops;
57
ax25_free_sock(struct sock * sk)58 static void ax25_free_sock(struct sock *sk)
59 {
60 ax25_cb_put(sk_to_ax25(sk));
61 }
62
63 /*
64 * Socket removal during an interrupt is now safe.
65 */
ax25_cb_del(ax25_cb * ax25)66 static void ax25_cb_del(ax25_cb *ax25)
67 {
68 if (!hlist_unhashed(&ax25->ax25_node)) {
69 spin_lock_bh(&ax25_list_lock);
70 hlist_del_init(&ax25->ax25_node);
71 spin_unlock_bh(&ax25_list_lock);
72 ax25_cb_put(ax25);
73 }
74 }
75
76 /*
77 * Kill all bound sockets on a dropped device.
78 */
ax25_kill_by_device(struct net_device * dev)79 static void ax25_kill_by_device(struct net_device *dev)
80 {
81 ax25_dev *ax25_dev;
82 ax25_cb *s;
83
84 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
85 return;
86
87 spin_lock_bh(&ax25_list_lock);
88 again:
89 ax25_for_each(s, &ax25_list) {
90 if (s->ax25_dev == ax25_dev) {
91 spin_unlock_bh(&ax25_list_lock);
92 lock_sock(s->sk);
93 s->ax25_dev = NULL;
94 release_sock(s->sk);
95 ax25_disconnect(s, ENETUNREACH);
96 spin_lock_bh(&ax25_list_lock);
97
98 /* The entry could have been deleted from the
99 * list meanwhile and thus the next pointer is
100 * no longer valid. Play it safe and restart
101 * the scan. Forward progress is ensured
102 * because we set s->ax25_dev to NULL and we
103 * are never passed a NULL 'dev' argument.
104 */
105 goto again;
106 }
107 }
108 spin_unlock_bh(&ax25_list_lock);
109 }
110
111 /*
112 * Handle device status changes.
113 */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)114 static int ax25_device_event(struct notifier_block *this, unsigned long event,
115 void *ptr)
116 {
117 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
118
119 if (!net_eq(dev_net(dev), &init_net))
120 return NOTIFY_DONE;
121
122 /* Reject non AX.25 devices */
123 if (dev->type != ARPHRD_AX25)
124 return NOTIFY_DONE;
125
126 switch (event) {
127 case NETDEV_UP:
128 ax25_dev_device_up(dev);
129 break;
130 case NETDEV_DOWN:
131 ax25_kill_by_device(dev);
132 ax25_rt_device_down(dev);
133 ax25_dev_device_down(dev);
134 break;
135 default:
136 break;
137 }
138
139 return NOTIFY_DONE;
140 }
141
142 /*
143 * Add a socket to the bound sockets list.
144 */
ax25_cb_add(ax25_cb * ax25)145 void ax25_cb_add(ax25_cb *ax25)
146 {
147 spin_lock_bh(&ax25_list_lock);
148 ax25_cb_hold(ax25);
149 hlist_add_head(&ax25->ax25_node, &ax25_list);
150 spin_unlock_bh(&ax25_list_lock);
151 }
152
153 /*
154 * Find a socket that wants to accept the SABM we have just
155 * received.
156 */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)157 struct sock *ax25_find_listener(ax25_address *addr, int digi,
158 struct net_device *dev, int type)
159 {
160 ax25_cb *s;
161
162 spin_lock(&ax25_list_lock);
163 ax25_for_each(s, &ax25_list) {
164 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
165 continue;
166 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
167 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
168 /* If device is null we match any device */
169 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
170 sock_hold(s->sk);
171 spin_unlock(&ax25_list_lock);
172 return s->sk;
173 }
174 }
175 }
176 spin_unlock(&ax25_list_lock);
177
178 return NULL;
179 }
180
181 /*
182 * Find an AX.25 socket given both ends.
183 */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)184 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
185 int type)
186 {
187 struct sock *sk = NULL;
188 ax25_cb *s;
189
190 spin_lock(&ax25_list_lock);
191 ax25_for_each(s, &ax25_list) {
192 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
193 !ax25cmp(&s->dest_addr, dest_addr) &&
194 s->sk->sk_type == type) {
195 sk = s->sk;
196 sock_hold(sk);
197 break;
198 }
199 }
200
201 spin_unlock(&ax25_list_lock);
202
203 return sk;
204 }
205
206 /*
207 * Find an AX.25 control block given both ends. It will only pick up
208 * floating AX.25 control blocks or non Raw socket bound control blocks.
209 */
ax25_find_cb(ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)210 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
211 ax25_digi *digi, struct net_device *dev)
212 {
213 ax25_cb *s;
214
215 spin_lock_bh(&ax25_list_lock);
216 ax25_for_each(s, &ax25_list) {
217 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
218 continue;
219 if (s->ax25_dev == NULL)
220 continue;
221 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
222 if (digi != NULL && digi->ndigi != 0) {
223 if (s->digipeat == NULL)
224 continue;
225 if (ax25digicmp(s->digipeat, digi) != 0)
226 continue;
227 } else {
228 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
229 continue;
230 }
231 ax25_cb_hold(s);
232 spin_unlock_bh(&ax25_list_lock);
233
234 return s;
235 }
236 }
237 spin_unlock_bh(&ax25_list_lock);
238
239 return NULL;
240 }
241
242 EXPORT_SYMBOL(ax25_find_cb);
243
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)244 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
245 {
246 ax25_cb *s;
247 struct sk_buff *copy;
248
249 spin_lock(&ax25_list_lock);
250 ax25_for_each(s, &ax25_list) {
251 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
252 s->sk->sk_type == SOCK_RAW &&
253 s->sk->sk_protocol == proto &&
254 s->ax25_dev->dev == skb->dev &&
255 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
256 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
257 continue;
258 if (sock_queue_rcv_skb(s->sk, copy) != 0)
259 kfree_skb(copy);
260 }
261 }
262 spin_unlock(&ax25_list_lock);
263 }
264
265 /*
266 * Deferred destroy.
267 */
268 void ax25_destroy_socket(ax25_cb *);
269
270 /*
271 * Handler for deferred kills.
272 */
ax25_destroy_timer(unsigned long data)273 static void ax25_destroy_timer(unsigned long data)
274 {
275 ax25_cb *ax25=(ax25_cb *)data;
276 struct sock *sk;
277
278 sk=ax25->sk;
279
280 bh_lock_sock(sk);
281 sock_hold(sk);
282 ax25_destroy_socket(ax25);
283 bh_unlock_sock(sk);
284 sock_put(sk);
285 }
286
287 /*
288 * This is called from user mode and the timers. Thus it protects itself
289 * against interrupt users but doesn't worry about being called during
290 * work. Once it is removed from the queue no interrupt or bottom half
291 * will touch it and we are (fairly 8-) ) safe.
292 */
ax25_destroy_socket(ax25_cb * ax25)293 void ax25_destroy_socket(ax25_cb *ax25)
294 {
295 struct sk_buff *skb;
296
297 ax25_cb_del(ax25);
298
299 ax25_stop_heartbeat(ax25);
300 ax25_stop_t1timer(ax25);
301 ax25_stop_t2timer(ax25);
302 ax25_stop_t3timer(ax25);
303 ax25_stop_idletimer(ax25);
304
305 ax25_clear_queues(ax25); /* Flush the queues */
306
307 if (ax25->sk != NULL) {
308 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
309 if (skb->sk != ax25->sk) {
310 /* A pending connection */
311 ax25_cb *sax25 = sk_to_ax25(skb->sk);
312
313 /* Queue the unaccepted socket for death */
314 sock_orphan(skb->sk);
315
316 /* 9A4GL: hack to release unaccepted sockets */
317 skb->sk->sk_state = TCP_LISTEN;
318
319 ax25_start_heartbeat(sax25);
320 sax25->state = AX25_STATE_0;
321 }
322
323 kfree_skb(skb);
324 }
325 skb_queue_purge(&ax25->sk->sk_write_queue);
326 }
327
328 if (ax25->sk != NULL) {
329 if (sk_has_allocations(ax25->sk)) {
330 /* Defer: outstanding buffers */
331 setup_timer(&ax25->dtimer, ax25_destroy_timer,
332 (unsigned long)ax25);
333 ax25->dtimer.expires = jiffies + 2 * HZ;
334 add_timer(&ax25->dtimer);
335 } else {
336 struct sock *sk=ax25->sk;
337 ax25->sk=NULL;
338 sock_put(sk);
339 }
340 } else {
341 ax25_cb_put(ax25);
342 }
343 }
344
345 /*
346 * dl1bke 960311: set parameters for existing AX.25 connections,
347 * includes a KILL command to abort any connection.
348 * VERY useful for debugging ;-)
349 */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)350 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
351 {
352 struct ax25_ctl_struct ax25_ctl;
353 ax25_digi digi;
354 ax25_dev *ax25_dev;
355 ax25_cb *ax25;
356 unsigned int k;
357 int ret = 0;
358
359 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
360 return -EFAULT;
361
362 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
363 return -ENODEV;
364
365 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
366 return -EINVAL;
367
368 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
369 return -EINVAL;
370
371 digi.ndigi = ax25_ctl.digi_count;
372 for (k = 0; k < digi.ndigi; k++)
373 digi.calls[k] = ax25_ctl.digi_addr[k];
374
375 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
376 return -ENOTCONN;
377
378 switch (ax25_ctl.cmd) {
379 case AX25_KILL:
380 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
381 #ifdef CONFIG_AX25_DAMA_SLAVE
382 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
383 ax25_dama_off(ax25);
384 #endif
385 ax25_disconnect(ax25, ENETRESET);
386 break;
387
388 case AX25_WINDOW:
389 if (ax25->modulus == AX25_MODULUS) {
390 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
391 goto einval_put;
392 } else {
393 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
394 goto einval_put;
395 }
396 ax25->window = ax25_ctl.arg;
397 break;
398
399 case AX25_T1:
400 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
401 goto einval_put;
402 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
403 ax25->t1 = ax25_ctl.arg * HZ;
404 break;
405
406 case AX25_T2:
407 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
408 goto einval_put;
409 ax25->t2 = ax25_ctl.arg * HZ;
410 break;
411
412 case AX25_N2:
413 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
414 goto einval_put;
415 ax25->n2count = 0;
416 ax25->n2 = ax25_ctl.arg;
417 break;
418
419 case AX25_T3:
420 if (ax25_ctl.arg > ULONG_MAX / HZ)
421 goto einval_put;
422 ax25->t3 = ax25_ctl.arg * HZ;
423 break;
424
425 case AX25_IDLE:
426 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
427 goto einval_put;
428
429 ax25->idle = ax25_ctl.arg * 60 * HZ;
430 break;
431
432 case AX25_PACLEN:
433 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
434 goto einval_put;
435 ax25->paclen = ax25_ctl.arg;
436 break;
437
438 default:
439 goto einval_put;
440 }
441
442 out_put:
443 ax25_cb_put(ax25);
444 return ret;
445
446 einval_put:
447 ret = -EINVAL;
448 goto out_put;
449 }
450
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)451 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
452 {
453 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
454 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
455 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
456 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
457 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
458 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
459 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
460 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
461
462 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
463 ax25->modulus = AX25_EMODULUS;
464 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
465 } else {
466 ax25->modulus = AX25_MODULUS;
467 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
468 }
469 }
470
471 /*
472 * Fill in a created AX.25 created control block with the default
473 * values for a particular device.
474 */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)475 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
476 {
477 ax25->ax25_dev = ax25_dev;
478
479 if (ax25->ax25_dev != NULL) {
480 ax25_fillin_cb_from_dev(ax25, ax25_dev);
481 return;
482 }
483
484 /*
485 * No device, use kernel / AX.25 spec default values
486 */
487 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
488 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
489 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
490 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
491 ax25->n2 = AX25_DEF_N2;
492 ax25->paclen = AX25_DEF_PACLEN;
493 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
494 ax25->backoff = AX25_DEF_BACKOFF;
495
496 if (AX25_DEF_AXDEFMODE) {
497 ax25->modulus = AX25_EMODULUS;
498 ax25->window = AX25_DEF_EWINDOW;
499 } else {
500 ax25->modulus = AX25_MODULUS;
501 ax25->window = AX25_DEF_WINDOW;
502 }
503 }
504
505 /*
506 * Create an empty AX.25 control block.
507 */
ax25_create_cb(void)508 ax25_cb *ax25_create_cb(void)
509 {
510 ax25_cb *ax25;
511
512 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
513 return NULL;
514
515 atomic_set(&ax25->refcount, 1);
516
517 skb_queue_head_init(&ax25->write_queue);
518 skb_queue_head_init(&ax25->frag_queue);
519 skb_queue_head_init(&ax25->ack_queue);
520 skb_queue_head_init(&ax25->reseq_queue);
521
522 ax25_setup_timers(ax25);
523
524 ax25_fillin_cb(ax25, NULL);
525
526 ax25->state = AX25_STATE_0;
527
528 return ax25;
529 }
530
531 /*
532 * Handling for system calls applied via the various interfaces to an
533 * AX25 socket object
534 */
535
ax25_setsockopt(struct socket * sock,int level,int optname,char __user * optval,unsigned int optlen)536 static int ax25_setsockopt(struct socket *sock, int level, int optname,
537 char __user *optval, unsigned int optlen)
538 {
539 struct sock *sk = sock->sk;
540 ax25_cb *ax25;
541 struct net_device *dev;
542 char devname[IFNAMSIZ];
543 unsigned long opt;
544 int res = 0;
545
546 if (level != SOL_AX25)
547 return -ENOPROTOOPT;
548
549 if (optlen < sizeof(unsigned int))
550 return -EINVAL;
551
552 if (get_user(opt, (unsigned int __user *)optval))
553 return -EFAULT;
554
555 lock_sock(sk);
556 ax25 = sk_to_ax25(sk);
557
558 switch (optname) {
559 case AX25_WINDOW:
560 if (ax25->modulus == AX25_MODULUS) {
561 if (opt < 1 || opt > 7) {
562 res = -EINVAL;
563 break;
564 }
565 } else {
566 if (opt < 1 || opt > 63) {
567 res = -EINVAL;
568 break;
569 }
570 }
571 ax25->window = opt;
572 break;
573
574 case AX25_T1:
575 if (opt < 1 || opt > ULONG_MAX / HZ) {
576 res = -EINVAL;
577 break;
578 }
579 ax25->rtt = (opt * HZ) >> 1;
580 ax25->t1 = opt * HZ;
581 break;
582
583 case AX25_T2:
584 if (opt < 1 || opt > ULONG_MAX / HZ) {
585 res = -EINVAL;
586 break;
587 }
588 ax25->t2 = opt * HZ;
589 break;
590
591 case AX25_N2:
592 if (opt < 1 || opt > 31) {
593 res = -EINVAL;
594 break;
595 }
596 ax25->n2 = opt;
597 break;
598
599 case AX25_T3:
600 if (opt < 1 || opt > ULONG_MAX / HZ) {
601 res = -EINVAL;
602 break;
603 }
604 ax25->t3 = opt * HZ;
605 break;
606
607 case AX25_IDLE:
608 if (opt > ULONG_MAX / (60 * HZ)) {
609 res = -EINVAL;
610 break;
611 }
612 ax25->idle = opt * 60 * HZ;
613 break;
614
615 case AX25_BACKOFF:
616 if (opt > 2) {
617 res = -EINVAL;
618 break;
619 }
620 ax25->backoff = opt;
621 break;
622
623 case AX25_EXTSEQ:
624 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
625 break;
626
627 case AX25_PIDINCL:
628 ax25->pidincl = opt ? 1 : 0;
629 break;
630
631 case AX25_IAMDIGI:
632 ax25->iamdigi = opt ? 1 : 0;
633 break;
634
635 case AX25_PACLEN:
636 if (opt < 16 || opt > 65535) {
637 res = -EINVAL;
638 break;
639 }
640 ax25->paclen = opt;
641 break;
642
643 case SO_BINDTODEVICE:
644 if (optlen > IFNAMSIZ - 1)
645 optlen = IFNAMSIZ - 1;
646
647 memset(devname, 0, sizeof(devname));
648
649 if (copy_from_user(devname, optval, optlen)) {
650 res = -EFAULT;
651 break;
652 }
653
654 if (sk->sk_type == SOCK_SEQPACKET &&
655 (sock->state != SS_UNCONNECTED ||
656 sk->sk_state == TCP_LISTEN)) {
657 res = -EADDRNOTAVAIL;
658 break;
659 }
660
661 rtnl_lock();
662 dev = __dev_get_by_name(&init_net, devname);
663 if (!dev) {
664 rtnl_unlock();
665 res = -ENODEV;
666 break;
667 }
668
669 ax25->ax25_dev = ax25_dev_ax25dev(dev);
670 if (!ax25->ax25_dev) {
671 rtnl_unlock();
672 res = -ENODEV;
673 break;
674 }
675 ax25_fillin_cb(ax25, ax25->ax25_dev);
676 rtnl_unlock();
677 break;
678
679 default:
680 res = -ENOPROTOOPT;
681 }
682 release_sock(sk);
683
684 return res;
685 }
686
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)687 static int ax25_getsockopt(struct socket *sock, int level, int optname,
688 char __user *optval, int __user *optlen)
689 {
690 struct sock *sk = sock->sk;
691 ax25_cb *ax25;
692 struct ax25_dev *ax25_dev;
693 char devname[IFNAMSIZ];
694 void *valptr;
695 int val = 0;
696 int maxlen, length;
697
698 if (level != SOL_AX25)
699 return -ENOPROTOOPT;
700
701 if (get_user(maxlen, optlen))
702 return -EFAULT;
703
704 if (maxlen < 1)
705 return -EFAULT;
706
707 valptr = (void *) &val;
708 length = min_t(unsigned int, maxlen, sizeof(int));
709
710 lock_sock(sk);
711 ax25 = sk_to_ax25(sk);
712
713 switch (optname) {
714 case AX25_WINDOW:
715 val = ax25->window;
716 break;
717
718 case AX25_T1:
719 val = ax25->t1 / HZ;
720 break;
721
722 case AX25_T2:
723 val = ax25->t2 / HZ;
724 break;
725
726 case AX25_N2:
727 val = ax25->n2;
728 break;
729
730 case AX25_T3:
731 val = ax25->t3 / HZ;
732 break;
733
734 case AX25_IDLE:
735 val = ax25->idle / (60 * HZ);
736 break;
737
738 case AX25_BACKOFF:
739 val = ax25->backoff;
740 break;
741
742 case AX25_EXTSEQ:
743 val = (ax25->modulus == AX25_EMODULUS);
744 break;
745
746 case AX25_PIDINCL:
747 val = ax25->pidincl;
748 break;
749
750 case AX25_IAMDIGI:
751 val = ax25->iamdigi;
752 break;
753
754 case AX25_PACLEN:
755 val = ax25->paclen;
756 break;
757
758 case SO_BINDTODEVICE:
759 ax25_dev = ax25->ax25_dev;
760
761 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
762 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
763 length = strlen(devname) + 1;
764 } else {
765 *devname = '\0';
766 length = 1;
767 }
768
769 valptr = (void *) devname;
770 break;
771
772 default:
773 release_sock(sk);
774 return -ENOPROTOOPT;
775 }
776 release_sock(sk);
777
778 if (put_user(length, optlen))
779 return -EFAULT;
780
781 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
782 }
783
ax25_listen(struct socket * sock,int backlog)784 static int ax25_listen(struct socket *sock, int backlog)
785 {
786 struct sock *sk = sock->sk;
787 int res = 0;
788
789 lock_sock(sk);
790 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
791 sk->sk_max_ack_backlog = backlog;
792 sk->sk_state = TCP_LISTEN;
793 goto out;
794 }
795 res = -EOPNOTSUPP;
796
797 out:
798 release_sock(sk);
799
800 return res;
801 }
802
803 /*
804 * XXX: when creating ax25_sock we should update the .obj_size setting
805 * below.
806 */
807 static struct proto ax25_proto = {
808 .name = "AX25",
809 .owner = THIS_MODULE,
810 .obj_size = sizeof(struct ax25_sock),
811 };
812
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)813 static int ax25_create(struct net *net, struct socket *sock, int protocol,
814 int kern)
815 {
816 struct sock *sk;
817 ax25_cb *ax25;
818
819 if (protocol < 0 || protocol > SK_PROTOCOL_MAX)
820 return -EINVAL;
821
822 if (!net_eq(net, &init_net))
823 return -EAFNOSUPPORT;
824
825 switch (sock->type) {
826 case SOCK_DGRAM:
827 if (protocol == 0 || protocol == PF_AX25)
828 protocol = AX25_P_TEXT;
829 break;
830
831 case SOCK_SEQPACKET:
832 switch (protocol) {
833 case 0:
834 case PF_AX25: /* For CLX */
835 protocol = AX25_P_TEXT;
836 break;
837 case AX25_P_SEGMENT:
838 #ifdef CONFIG_INET
839 case AX25_P_ARP:
840 case AX25_P_IP:
841 #endif
842 #ifdef CONFIG_NETROM
843 case AX25_P_NETROM:
844 #endif
845 #ifdef CONFIG_ROSE
846 case AX25_P_ROSE:
847 #endif
848 return -ESOCKTNOSUPPORT;
849 #ifdef CONFIG_NETROM_MODULE
850 case AX25_P_NETROM:
851 if (ax25_protocol_is_registered(AX25_P_NETROM))
852 return -ESOCKTNOSUPPORT;
853 break;
854 #endif
855 #ifdef CONFIG_ROSE_MODULE
856 case AX25_P_ROSE:
857 if (ax25_protocol_is_registered(AX25_P_ROSE))
858 return -ESOCKTNOSUPPORT;
859 #endif
860 default:
861 break;
862 }
863 break;
864
865 case SOCK_RAW:
866 if (!capable(CAP_NET_RAW))
867 return -EPERM;
868 break;
869 default:
870 return -ESOCKTNOSUPPORT;
871 }
872
873 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern);
874 if (sk == NULL)
875 return -ENOMEM;
876
877 ax25 = ax25_sk(sk)->cb = ax25_create_cb();
878 if (!ax25) {
879 sk_free(sk);
880 return -ENOMEM;
881 }
882
883 sock_init_data(sock, sk);
884
885 sk->sk_destruct = ax25_free_sock;
886 sock->ops = &ax25_proto_ops;
887 sk->sk_protocol = protocol;
888
889 ax25->sk = sk;
890
891 return 0;
892 }
893
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)894 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
895 {
896 struct sock *sk;
897 ax25_cb *ax25, *oax25;
898
899 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0);
900 if (sk == NULL)
901 return NULL;
902
903 if ((ax25 = ax25_create_cb()) == NULL) {
904 sk_free(sk);
905 return NULL;
906 }
907
908 switch (osk->sk_type) {
909 case SOCK_DGRAM:
910 break;
911 case SOCK_SEQPACKET:
912 break;
913 default:
914 sk_free(sk);
915 ax25_cb_put(ax25);
916 return NULL;
917 }
918
919 sock_init_data(NULL, sk);
920
921 sk->sk_type = osk->sk_type;
922 sk->sk_priority = osk->sk_priority;
923 sk->sk_protocol = osk->sk_protocol;
924 sk->sk_rcvbuf = osk->sk_rcvbuf;
925 sk->sk_sndbuf = osk->sk_sndbuf;
926 sk->sk_state = TCP_ESTABLISHED;
927 sock_copy_flags(sk, osk);
928
929 oax25 = sk_to_ax25(osk);
930
931 ax25->modulus = oax25->modulus;
932 ax25->backoff = oax25->backoff;
933 ax25->pidincl = oax25->pidincl;
934 ax25->iamdigi = oax25->iamdigi;
935 ax25->rtt = oax25->rtt;
936 ax25->t1 = oax25->t1;
937 ax25->t2 = oax25->t2;
938 ax25->t3 = oax25->t3;
939 ax25->n2 = oax25->n2;
940 ax25->idle = oax25->idle;
941 ax25->paclen = oax25->paclen;
942 ax25->window = oax25->window;
943
944 ax25->ax25_dev = ax25_dev;
945 ax25->source_addr = oax25->source_addr;
946
947 if (oax25->digipeat != NULL) {
948 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
949 GFP_ATOMIC);
950 if (ax25->digipeat == NULL) {
951 sk_free(sk);
952 ax25_cb_put(ax25);
953 return NULL;
954 }
955 }
956
957 ax25_sk(sk)->cb = ax25;
958 sk->sk_destruct = ax25_free_sock;
959 ax25->sk = sk;
960
961 return sk;
962 }
963
ax25_release(struct socket * sock)964 static int ax25_release(struct socket *sock)
965 {
966 struct sock *sk = sock->sk;
967 ax25_cb *ax25;
968
969 if (sk == NULL)
970 return 0;
971
972 sock_hold(sk);
973 sock_orphan(sk);
974 lock_sock(sk);
975 ax25 = sk_to_ax25(sk);
976
977 if (sk->sk_type == SOCK_SEQPACKET) {
978 switch (ax25->state) {
979 case AX25_STATE_0:
980 release_sock(sk);
981 ax25_disconnect(ax25, 0);
982 lock_sock(sk);
983 ax25_destroy_socket(ax25);
984 break;
985
986 case AX25_STATE_1:
987 case AX25_STATE_2:
988 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
989 release_sock(sk);
990 ax25_disconnect(ax25, 0);
991 lock_sock(sk);
992 if (!sock_flag(ax25->sk, SOCK_DESTROY))
993 ax25_destroy_socket(ax25);
994 break;
995
996 case AX25_STATE_3:
997 case AX25_STATE_4:
998 ax25_clear_queues(ax25);
999 ax25->n2count = 0;
1000
1001 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1002 case AX25_PROTO_STD_SIMPLEX:
1003 case AX25_PROTO_STD_DUPLEX:
1004 ax25_send_control(ax25,
1005 AX25_DISC,
1006 AX25_POLLON,
1007 AX25_COMMAND);
1008 ax25_stop_t2timer(ax25);
1009 ax25_stop_t3timer(ax25);
1010 ax25_stop_idletimer(ax25);
1011 break;
1012 #ifdef CONFIG_AX25_DAMA_SLAVE
1013 case AX25_PROTO_DAMA_SLAVE:
1014 ax25_stop_t3timer(ax25);
1015 ax25_stop_idletimer(ax25);
1016 break;
1017 #endif
1018 }
1019 ax25_calculate_t1(ax25);
1020 ax25_start_t1timer(ax25);
1021 ax25->state = AX25_STATE_2;
1022 sk->sk_state = TCP_CLOSE;
1023 sk->sk_shutdown |= SEND_SHUTDOWN;
1024 sk->sk_state_change(sk);
1025 sock_set_flag(sk, SOCK_DESTROY);
1026 break;
1027
1028 default:
1029 break;
1030 }
1031 } else {
1032 sk->sk_state = TCP_CLOSE;
1033 sk->sk_shutdown |= SEND_SHUTDOWN;
1034 sk->sk_state_change(sk);
1035 ax25_destroy_socket(ax25);
1036 }
1037
1038 sock->sk = NULL;
1039 release_sock(sk);
1040 sock_put(sk);
1041
1042 return 0;
1043 }
1044
1045 /*
1046 * We support a funny extension here so you can (as root) give any callsign
1047 * digipeated via a local address as source. This hack is obsolete now
1048 * that we've implemented support for SO_BINDTODEVICE. It is however small
1049 * and trivially backward compatible.
1050 */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1051 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1052 {
1053 struct sock *sk = sock->sk;
1054 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1055 ax25_dev *ax25_dev = NULL;
1056 ax25_uid_assoc *user;
1057 ax25_address call;
1058 ax25_cb *ax25;
1059 int err = 0;
1060
1061 if (addr_len != sizeof(struct sockaddr_ax25) &&
1062 addr_len != sizeof(struct full_sockaddr_ax25))
1063 /* support for old structure may go away some time
1064 * ax25_bind(): uses old (6 digipeater) socket structure.
1065 */
1066 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1067 (addr_len > sizeof(struct full_sockaddr_ax25)))
1068 return -EINVAL;
1069
1070 if (addr->fsa_ax25.sax25_family != AF_AX25)
1071 return -EINVAL;
1072
1073 user = ax25_findbyuid(current_euid());
1074 if (user) {
1075 call = user->call;
1076 ax25_uid_put(user);
1077 } else {
1078 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1079 return -EACCES;
1080
1081 call = addr->fsa_ax25.sax25_call;
1082 }
1083
1084 lock_sock(sk);
1085
1086 ax25 = sk_to_ax25(sk);
1087 if (!sock_flag(sk, SOCK_ZAPPED)) {
1088 err = -EINVAL;
1089 goto out;
1090 }
1091
1092 ax25->source_addr = call;
1093
1094 /*
1095 * User already set interface with SO_BINDTODEVICE
1096 */
1097 if (ax25->ax25_dev != NULL)
1098 goto done;
1099
1100 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1101 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1102 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1103 err = -EADDRNOTAVAIL;
1104 goto out;
1105 }
1106 } else {
1107 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1108 err = -EADDRNOTAVAIL;
1109 goto out;
1110 }
1111 }
1112
1113 if (ax25_dev != NULL)
1114 ax25_fillin_cb(ax25, ax25_dev);
1115
1116 done:
1117 ax25_cb_add(ax25);
1118 sock_reset_flag(sk, SOCK_ZAPPED);
1119
1120 out:
1121 release_sock(sk);
1122
1123 return err;
1124 }
1125
1126 /*
1127 * FIXME: nonblock behaviour looks like it may have a bug.
1128 */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1129 static int __must_check ax25_connect(struct socket *sock,
1130 struct sockaddr *uaddr, int addr_len, int flags)
1131 {
1132 struct sock *sk = sock->sk;
1133 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t;
1134 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1135 ax25_digi *digi = NULL;
1136 int ct = 0, err = 0;
1137
1138 /*
1139 * some sanity checks. code further down depends on this
1140 */
1141
1142 if (addr_len == sizeof(struct sockaddr_ax25))
1143 /* support for this will go away in early 2.5.x
1144 * ax25_connect(): uses obsolete socket structure
1145 */
1146 ;
1147 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1148 /* support for old structure may go away some time
1149 * ax25_connect(): uses old (6 digipeater) socket structure.
1150 */
1151 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1152 (addr_len > sizeof(struct full_sockaddr_ax25)))
1153 return -EINVAL;
1154
1155
1156 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1157 return -EINVAL;
1158
1159 lock_sock(sk);
1160
1161 /* deal with restarts */
1162 if (sock->state == SS_CONNECTING) {
1163 switch (sk->sk_state) {
1164 case TCP_SYN_SENT: /* still trying */
1165 err = -EINPROGRESS;
1166 goto out_release;
1167
1168 case TCP_ESTABLISHED: /* connection established */
1169 sock->state = SS_CONNECTED;
1170 goto out_release;
1171
1172 case TCP_CLOSE: /* connection refused */
1173 sock->state = SS_UNCONNECTED;
1174 err = -ECONNREFUSED;
1175 goto out_release;
1176 }
1177 }
1178
1179 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1180 err = -EISCONN; /* No reconnect on a seqpacket socket */
1181 goto out_release;
1182 }
1183
1184 sk->sk_state = TCP_CLOSE;
1185 sock->state = SS_UNCONNECTED;
1186
1187 kfree(ax25->digipeat);
1188 ax25->digipeat = NULL;
1189
1190 /*
1191 * Handle digi-peaters to be used.
1192 */
1193 if (addr_len > sizeof(struct sockaddr_ax25) &&
1194 fsa->fsa_ax25.sax25_ndigis != 0) {
1195 /* Valid number of digipeaters ? */
1196 if (fsa->fsa_ax25.sax25_ndigis < 1 ||
1197 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS ||
1198 addr_len < sizeof(struct sockaddr_ax25) +
1199 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) {
1200 err = -EINVAL;
1201 goto out_release;
1202 }
1203
1204 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1205 err = -ENOBUFS;
1206 goto out_release;
1207 }
1208
1209 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1210 digi->lastrepeat = -1;
1211
1212 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1213 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1214 AX25_HBIT) && ax25->iamdigi) {
1215 digi->repeated[ct] = 1;
1216 digi->lastrepeat = ct;
1217 } else {
1218 digi->repeated[ct] = 0;
1219 }
1220 digi->calls[ct] = fsa->fsa_digipeater[ct];
1221 ct++;
1222 }
1223 }
1224
1225 /*
1226 * Must bind first - autobinding in this may or may not work. If
1227 * the socket is already bound, check to see if the device has
1228 * been filled in, error if it hasn't.
1229 */
1230 if (sock_flag(sk, SOCK_ZAPPED)) {
1231 /* check if we can remove this feature. It is broken. */
1232 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1233 current->comm);
1234 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1235 kfree(digi);
1236 goto out_release;
1237 }
1238
1239 ax25_fillin_cb(ax25, ax25->ax25_dev);
1240 ax25_cb_add(ax25);
1241 } else {
1242 if (ax25->ax25_dev == NULL) {
1243 kfree(digi);
1244 err = -EHOSTUNREACH;
1245 goto out_release;
1246 }
1247 }
1248
1249 if (sk->sk_type == SOCK_SEQPACKET &&
1250 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1251 ax25->ax25_dev->dev))) {
1252 kfree(digi);
1253 err = -EADDRINUSE; /* Already such a connection */
1254 ax25_cb_put(ax25t);
1255 goto out_release;
1256 }
1257
1258 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1259 ax25->digipeat = digi;
1260
1261 /* First the easy one */
1262 if (sk->sk_type != SOCK_SEQPACKET) {
1263 sock->state = SS_CONNECTED;
1264 sk->sk_state = TCP_ESTABLISHED;
1265 goto out_release;
1266 }
1267
1268 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1269 sock->state = SS_CONNECTING;
1270 sk->sk_state = TCP_SYN_SENT;
1271
1272 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1273 case AX25_PROTO_STD_SIMPLEX:
1274 case AX25_PROTO_STD_DUPLEX:
1275 ax25_std_establish_data_link(ax25);
1276 break;
1277
1278 #ifdef CONFIG_AX25_DAMA_SLAVE
1279 case AX25_PROTO_DAMA_SLAVE:
1280 ax25->modulus = AX25_MODULUS;
1281 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1282 if (ax25->ax25_dev->dama.slave)
1283 ax25_ds_establish_data_link(ax25);
1284 else
1285 ax25_std_establish_data_link(ax25);
1286 break;
1287 #endif
1288 }
1289
1290 ax25->state = AX25_STATE_1;
1291
1292 ax25_start_heartbeat(ax25);
1293
1294 /* Now the loop */
1295 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1296 err = -EINPROGRESS;
1297 goto out_release;
1298 }
1299
1300 if (sk->sk_state == TCP_SYN_SENT) {
1301 DEFINE_WAIT(wait);
1302
1303 for (;;) {
1304 prepare_to_wait(sk_sleep(sk), &wait,
1305 TASK_INTERRUPTIBLE);
1306 if (sk->sk_state != TCP_SYN_SENT)
1307 break;
1308 if (!signal_pending(current)) {
1309 release_sock(sk);
1310 schedule();
1311 lock_sock(sk);
1312 continue;
1313 }
1314 err = -ERESTARTSYS;
1315 break;
1316 }
1317 finish_wait(sk_sleep(sk), &wait);
1318
1319 if (err)
1320 goto out_release;
1321 }
1322
1323 if (sk->sk_state != TCP_ESTABLISHED) {
1324 /* Not in ABM, not in WAIT_UA -> failed */
1325 sock->state = SS_UNCONNECTED;
1326 err = sock_error(sk); /* Always set at this point */
1327 goto out_release;
1328 }
1329
1330 sock->state = SS_CONNECTED;
1331
1332 err = 0;
1333 out_release:
1334 release_sock(sk);
1335
1336 return err;
1337 }
1338
ax25_accept(struct socket * sock,struct socket * newsock,int flags)1339 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags)
1340 {
1341 struct sk_buff *skb;
1342 struct sock *newsk;
1343 DEFINE_WAIT(wait);
1344 struct sock *sk;
1345 int err = 0;
1346
1347 if (sock->state != SS_UNCONNECTED)
1348 return -EINVAL;
1349
1350 if ((sk = sock->sk) == NULL)
1351 return -EINVAL;
1352
1353 lock_sock(sk);
1354 if (sk->sk_type != SOCK_SEQPACKET) {
1355 err = -EOPNOTSUPP;
1356 goto out;
1357 }
1358
1359 if (sk->sk_state != TCP_LISTEN) {
1360 err = -EINVAL;
1361 goto out;
1362 }
1363
1364 /*
1365 * The read queue this time is holding sockets ready to use
1366 * hooked into the SABM we saved
1367 */
1368 for (;;) {
1369 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1370 skb = skb_dequeue(&sk->sk_receive_queue);
1371 if (skb)
1372 break;
1373
1374 if (flags & O_NONBLOCK) {
1375 err = -EWOULDBLOCK;
1376 break;
1377 }
1378 if (!signal_pending(current)) {
1379 release_sock(sk);
1380 schedule();
1381 lock_sock(sk);
1382 continue;
1383 }
1384 err = -ERESTARTSYS;
1385 break;
1386 }
1387 finish_wait(sk_sleep(sk), &wait);
1388
1389 if (err)
1390 goto out;
1391
1392 newsk = skb->sk;
1393 sock_graft(newsk, newsock);
1394
1395 /* Now attach up the new socket */
1396 kfree_skb(skb);
1397 sk->sk_ack_backlog--;
1398 newsock->state = SS_CONNECTED;
1399
1400 out:
1401 release_sock(sk);
1402
1403 return err;
1404 }
1405
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int * uaddr_len,int peer)1406 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1407 int *uaddr_len, int peer)
1408 {
1409 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1410 struct sock *sk = sock->sk;
1411 unsigned char ndigi, i;
1412 ax25_cb *ax25;
1413 int err = 0;
1414
1415 memset(fsa, 0, sizeof(*fsa));
1416 lock_sock(sk);
1417 ax25 = sk_to_ax25(sk);
1418
1419 if (peer != 0) {
1420 if (sk->sk_state != TCP_ESTABLISHED) {
1421 err = -ENOTCONN;
1422 goto out;
1423 }
1424
1425 fsa->fsa_ax25.sax25_family = AF_AX25;
1426 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1427
1428 if (ax25->digipeat != NULL) {
1429 ndigi = ax25->digipeat->ndigi;
1430 fsa->fsa_ax25.sax25_ndigis = ndigi;
1431 for (i = 0; i < ndigi; i++)
1432 fsa->fsa_digipeater[i] =
1433 ax25->digipeat->calls[i];
1434 }
1435 } else {
1436 fsa->fsa_ax25.sax25_family = AF_AX25;
1437 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1438 fsa->fsa_ax25.sax25_ndigis = 1;
1439 if (ax25->ax25_dev != NULL) {
1440 memcpy(&fsa->fsa_digipeater[0],
1441 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1442 } else {
1443 fsa->fsa_digipeater[0] = null_ax25_address;
1444 }
1445 }
1446 *uaddr_len = sizeof (struct full_sockaddr_ax25);
1447
1448 out:
1449 release_sock(sk);
1450
1451 return err;
1452 }
1453
ax25_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)1454 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1455 {
1456 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1457 struct sock *sk = sock->sk;
1458 struct sockaddr_ax25 sax;
1459 struct sk_buff *skb;
1460 ax25_digi dtmp, *dp;
1461 ax25_cb *ax25;
1462 size_t size;
1463 int lv, err, addr_len = msg->msg_namelen;
1464
1465 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1466 return -EINVAL;
1467
1468 lock_sock(sk);
1469 ax25 = sk_to_ax25(sk);
1470
1471 if (sock_flag(sk, SOCK_ZAPPED)) {
1472 err = -EADDRNOTAVAIL;
1473 goto out;
1474 }
1475
1476 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1477 send_sig(SIGPIPE, current, 0);
1478 err = -EPIPE;
1479 goto out;
1480 }
1481
1482 if (ax25->ax25_dev == NULL) {
1483 err = -ENETUNREACH;
1484 goto out;
1485 }
1486
1487 if (len > ax25->ax25_dev->dev->mtu) {
1488 err = -EMSGSIZE;
1489 goto out;
1490 }
1491
1492 if (usax != NULL) {
1493 if (usax->sax25_family != AF_AX25) {
1494 err = -EINVAL;
1495 goto out;
1496 }
1497
1498 if (addr_len == sizeof(struct sockaddr_ax25))
1499 /* ax25_sendmsg(): uses obsolete socket structure */
1500 ;
1501 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1502 /* support for old structure may go away some time
1503 * ax25_sendmsg(): uses old (6 digipeater)
1504 * socket structure.
1505 */
1506 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1507 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1508 err = -EINVAL;
1509 goto out;
1510 }
1511
1512
1513 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1514 int ct = 0;
1515 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1516
1517 /* Valid number of digipeaters ? */
1518 if (usax->sax25_ndigis < 1 ||
1519 usax->sax25_ndigis > AX25_MAX_DIGIS ||
1520 addr_len < sizeof(struct sockaddr_ax25) +
1521 sizeof(ax25_address) * usax->sax25_ndigis) {
1522 err = -EINVAL;
1523 goto out;
1524 }
1525
1526 dtmp.ndigi = usax->sax25_ndigis;
1527
1528 while (ct < usax->sax25_ndigis) {
1529 dtmp.repeated[ct] = 0;
1530 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1531 ct++;
1532 }
1533
1534 dtmp.lastrepeat = 0;
1535 }
1536
1537 sax = *usax;
1538 if (sk->sk_type == SOCK_SEQPACKET &&
1539 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1540 err = -EISCONN;
1541 goto out;
1542 }
1543 if (usax->sax25_ndigis == 0)
1544 dp = NULL;
1545 else
1546 dp = &dtmp;
1547 } else {
1548 /*
1549 * FIXME: 1003.1g - if the socket is like this because
1550 * it has become closed (not started closed) and is VC
1551 * we ought to SIGPIPE, EPIPE
1552 */
1553 if (sk->sk_state != TCP_ESTABLISHED) {
1554 err = -ENOTCONN;
1555 goto out;
1556 }
1557 sax.sax25_family = AF_AX25;
1558 sax.sax25_call = ax25->dest_addr;
1559 dp = ax25->digipeat;
1560 }
1561
1562 /* Build a packet */
1563 /* Assume the worst case */
1564 size = len + ax25->ax25_dev->dev->hard_header_len;
1565
1566 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1567 if (skb == NULL)
1568 goto out;
1569
1570 skb_reserve(skb, size - len);
1571
1572 /* User data follows immediately after the AX.25 data */
1573 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1574 err = -EFAULT;
1575 kfree_skb(skb);
1576 goto out;
1577 }
1578
1579 skb_reset_network_header(skb);
1580
1581 /* Add the PID if one is not supplied by the user in the skb */
1582 if (!ax25->pidincl)
1583 *skb_push(skb, 1) = sk->sk_protocol;
1584
1585 if (sk->sk_type == SOCK_SEQPACKET) {
1586 /* Connected mode sockets go via the LAPB machine */
1587 if (sk->sk_state != TCP_ESTABLISHED) {
1588 kfree_skb(skb);
1589 err = -ENOTCONN;
1590 goto out;
1591 }
1592
1593 /* Shove it onto the queue and kick */
1594 ax25_output(ax25, ax25->paclen, skb);
1595
1596 err = len;
1597 goto out;
1598 }
1599
1600 skb_push(skb, 1 + ax25_addr_size(dp));
1601
1602 /* Building AX.25 Header */
1603
1604 /* Build an AX.25 header */
1605 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1606 dp, AX25_COMMAND, AX25_MODULUS);
1607
1608 skb_set_transport_header(skb, lv);
1609
1610 *skb_transport_header(skb) = AX25_UI;
1611
1612 /* Datagram frames go straight out of the door as UI */
1613 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1614
1615 err = len;
1616
1617 out:
1618 release_sock(sk);
1619
1620 return err;
1621 }
1622
ax25_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)1623 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1624 int flags)
1625 {
1626 struct sock *sk = sock->sk;
1627 struct sk_buff *skb;
1628 int copied;
1629 int err = 0;
1630
1631 lock_sock(sk);
1632 /*
1633 * This works for seqpacket too. The receiver has ordered the
1634 * queue for us! We do one quick check first though
1635 */
1636 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1637 err = -ENOTCONN;
1638 goto out;
1639 }
1640
1641 /* Now we can treat all alike */
1642 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1643 flags & MSG_DONTWAIT, &err);
1644 if (skb == NULL)
1645 goto out;
1646
1647 if (!sk_to_ax25(sk)->pidincl)
1648 skb_pull(skb, 1); /* Remove PID */
1649
1650 skb_reset_transport_header(skb);
1651 copied = skb->len;
1652
1653 if (copied > size) {
1654 copied = size;
1655 msg->msg_flags |= MSG_TRUNC;
1656 }
1657
1658 skb_copy_datagram_msg(skb, 0, msg, copied);
1659
1660 if (msg->msg_name) {
1661 ax25_digi digi;
1662 ax25_address src;
1663 const unsigned char *mac = skb_mac_header(skb);
1664 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1665
1666 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1667 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1668 &digi, NULL, NULL);
1669 sax->sax25_family = AF_AX25;
1670 /* We set this correctly, even though we may not let the
1671 application know the digi calls further down (because it
1672 did NOT ask to know them). This could get political... **/
1673 sax->sax25_ndigis = digi.ndigi;
1674 sax->sax25_call = src;
1675
1676 if (sax->sax25_ndigis != 0) {
1677 int ct;
1678 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1679
1680 for (ct = 0; ct < digi.ndigi; ct++)
1681 fsa->fsa_digipeater[ct] = digi.calls[ct];
1682 }
1683 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1684 }
1685
1686 skb_free_datagram(sk, skb);
1687 err = copied;
1688
1689 out:
1690 release_sock(sk);
1691
1692 return err;
1693 }
1694
ax25_shutdown(struct socket * sk,int how)1695 static int ax25_shutdown(struct socket *sk, int how)
1696 {
1697 /* FIXME - generate DM and RNR states */
1698 return -EOPNOTSUPP;
1699 }
1700
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1701 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1702 {
1703 struct sock *sk = sock->sk;
1704 void __user *argp = (void __user *)arg;
1705 int res = 0;
1706
1707 lock_sock(sk);
1708 switch (cmd) {
1709 case TIOCOUTQ: {
1710 long amount;
1711
1712 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1713 if (amount < 0)
1714 amount = 0;
1715 res = put_user(amount, (int __user *)argp);
1716 break;
1717 }
1718
1719 case TIOCINQ: {
1720 struct sk_buff *skb;
1721 long amount = 0L;
1722 /* These two are safe on a single CPU system as only user tasks fiddle here */
1723 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1724 amount = skb->len;
1725 res = put_user(amount, (int __user *) argp);
1726 break;
1727 }
1728
1729 case SIOCGSTAMP:
1730 res = sock_get_timestamp(sk, argp);
1731 break;
1732
1733 case SIOCGSTAMPNS:
1734 res = sock_get_timestampns(sk, argp);
1735 break;
1736
1737 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1738 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1739 case SIOCAX25GETUID: {
1740 struct sockaddr_ax25 sax25;
1741 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1742 res = -EFAULT;
1743 break;
1744 }
1745 res = ax25_uid_ioctl(cmd, &sax25);
1746 break;
1747 }
1748
1749 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1750 long amount;
1751 if (!capable(CAP_NET_ADMIN)) {
1752 res = -EPERM;
1753 break;
1754 }
1755 if (get_user(amount, (long __user *)argp)) {
1756 res = -EFAULT;
1757 break;
1758 }
1759 if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1760 res = -EINVAL;
1761 break;
1762 }
1763 ax25_uid_policy = amount;
1764 res = 0;
1765 break;
1766 }
1767
1768 case SIOCADDRT:
1769 case SIOCDELRT:
1770 case SIOCAX25OPTRT:
1771 if (!capable(CAP_NET_ADMIN)) {
1772 res = -EPERM;
1773 break;
1774 }
1775 res = ax25_rt_ioctl(cmd, argp);
1776 break;
1777
1778 case SIOCAX25CTLCON:
1779 if (!capable(CAP_NET_ADMIN)) {
1780 res = -EPERM;
1781 break;
1782 }
1783 res = ax25_ctl_ioctl(cmd, argp);
1784 break;
1785
1786 case SIOCAX25GETINFO:
1787 case SIOCAX25GETINFOOLD: {
1788 ax25_cb *ax25 = sk_to_ax25(sk);
1789 struct ax25_info_struct ax25_info;
1790
1791 ax25_info.t1 = ax25->t1 / HZ;
1792 ax25_info.t2 = ax25->t2 / HZ;
1793 ax25_info.t3 = ax25->t3 / HZ;
1794 ax25_info.idle = ax25->idle / (60 * HZ);
1795 ax25_info.n2 = ax25->n2;
1796 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1797 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1798 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1799 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1800 ax25_info.n2count = ax25->n2count;
1801 ax25_info.state = ax25->state;
1802 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1803 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1804 ax25_info.vs = ax25->vs;
1805 ax25_info.vr = ax25->vr;
1806 ax25_info.va = ax25->va;
1807 ax25_info.vs_max = ax25->vs; /* reserved */
1808 ax25_info.paclen = ax25->paclen;
1809 ax25_info.window = ax25->window;
1810
1811 /* old structure? */
1812 if (cmd == SIOCAX25GETINFOOLD) {
1813 static int warned = 0;
1814 if (!warned) {
1815 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1816 current->comm);
1817 warned=1;
1818 }
1819
1820 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1821 res = -EFAULT;
1822 break;
1823 }
1824 } else {
1825 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1826 res = -EINVAL;
1827 break;
1828 }
1829 }
1830 res = 0;
1831 break;
1832 }
1833
1834 case SIOCAX25ADDFWD:
1835 case SIOCAX25DELFWD: {
1836 struct ax25_fwd_struct ax25_fwd;
1837 if (!capable(CAP_NET_ADMIN)) {
1838 res = -EPERM;
1839 break;
1840 }
1841 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1842 res = -EFAULT;
1843 break;
1844 }
1845 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1846 break;
1847 }
1848
1849 case SIOCGIFADDR:
1850 case SIOCSIFADDR:
1851 case SIOCGIFDSTADDR:
1852 case SIOCSIFDSTADDR:
1853 case SIOCGIFBRDADDR:
1854 case SIOCSIFBRDADDR:
1855 case SIOCGIFNETMASK:
1856 case SIOCSIFNETMASK:
1857 case SIOCGIFMETRIC:
1858 case SIOCSIFMETRIC:
1859 res = -EINVAL;
1860 break;
1861
1862 default:
1863 res = -ENOIOCTLCMD;
1864 break;
1865 }
1866 release_sock(sk);
1867
1868 return res;
1869 }
1870
1871 #ifdef CONFIG_PROC_FS
1872
ax25_info_start(struct seq_file * seq,loff_t * pos)1873 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1874 __acquires(ax25_list_lock)
1875 {
1876 spin_lock_bh(&ax25_list_lock);
1877 return seq_hlist_start(&ax25_list, *pos);
1878 }
1879
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1880 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1881 {
1882 return seq_hlist_next(v, &ax25_list, pos);
1883 }
1884
ax25_info_stop(struct seq_file * seq,void * v)1885 static void ax25_info_stop(struct seq_file *seq, void *v)
1886 __releases(ax25_list_lock)
1887 {
1888 spin_unlock_bh(&ax25_list_lock);
1889 }
1890
ax25_info_show(struct seq_file * seq,void * v)1891 static int ax25_info_show(struct seq_file *seq, void *v)
1892 {
1893 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1894 char buf[11];
1895 int k;
1896
1897
1898 /*
1899 * New format:
1900 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1901 */
1902
1903 seq_printf(seq, "%8.8lx %s %s%s ",
1904 (long) ax25,
1905 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1906 ax2asc(buf, &ax25->source_addr),
1907 ax25->iamdigi? "*":"");
1908 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1909
1910 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1911 seq_printf(seq, ",%s%s",
1912 ax2asc(buf, &ax25->digipeat->calls[k]),
1913 ax25->digipeat->repeated[k]? "*":"");
1914 }
1915
1916 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1917 ax25->state,
1918 ax25->vs, ax25->vr, ax25->va,
1919 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1920 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1921 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1922 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1923 ax25->idle / (60 * HZ),
1924 ax25->n2count, ax25->n2,
1925 ax25->rtt / HZ,
1926 ax25->window,
1927 ax25->paclen);
1928
1929 if (ax25->sk != NULL) {
1930 seq_printf(seq, " %d %d %lu\n",
1931 sk_wmem_alloc_get(ax25->sk),
1932 sk_rmem_alloc_get(ax25->sk),
1933 sock_i_ino(ax25->sk));
1934 } else {
1935 seq_puts(seq, " * * *\n");
1936 }
1937 return 0;
1938 }
1939
1940 static const struct seq_operations ax25_info_seqops = {
1941 .start = ax25_info_start,
1942 .next = ax25_info_next,
1943 .stop = ax25_info_stop,
1944 .show = ax25_info_show,
1945 };
1946
ax25_info_open(struct inode * inode,struct file * file)1947 static int ax25_info_open(struct inode *inode, struct file *file)
1948 {
1949 return seq_open(file, &ax25_info_seqops);
1950 }
1951
1952 static const struct file_operations ax25_info_fops = {
1953 .owner = THIS_MODULE,
1954 .open = ax25_info_open,
1955 .read = seq_read,
1956 .llseek = seq_lseek,
1957 .release = seq_release,
1958 };
1959
1960 #endif
1961
1962 static const struct net_proto_family ax25_family_ops = {
1963 .family = PF_AX25,
1964 .create = ax25_create,
1965 .owner = THIS_MODULE,
1966 };
1967
1968 static const struct proto_ops ax25_proto_ops = {
1969 .family = PF_AX25,
1970 .owner = THIS_MODULE,
1971 .release = ax25_release,
1972 .bind = ax25_bind,
1973 .connect = ax25_connect,
1974 .socketpair = sock_no_socketpair,
1975 .accept = ax25_accept,
1976 .getname = ax25_getname,
1977 .poll = datagram_poll,
1978 .ioctl = ax25_ioctl,
1979 .listen = ax25_listen,
1980 .shutdown = ax25_shutdown,
1981 .setsockopt = ax25_setsockopt,
1982 .getsockopt = ax25_getsockopt,
1983 .sendmsg = ax25_sendmsg,
1984 .recvmsg = ax25_recvmsg,
1985 .mmap = sock_no_mmap,
1986 .sendpage = sock_no_sendpage,
1987 };
1988
1989 /*
1990 * Called by socket.c on kernel start up
1991 */
1992 static struct packet_type ax25_packet_type __read_mostly = {
1993 .type = cpu_to_be16(ETH_P_AX25),
1994 .func = ax25_kiss_rcv,
1995 };
1996
1997 static struct notifier_block ax25_dev_notifier = {
1998 .notifier_call = ax25_device_event,
1999 };
2000
ax25_init(void)2001 static int __init ax25_init(void)
2002 {
2003 int rc = proto_register(&ax25_proto, 0);
2004
2005 if (rc != 0)
2006 goto out;
2007
2008 sock_register(&ax25_family_ops);
2009 dev_add_pack(&ax25_packet_type);
2010 register_netdevice_notifier(&ax25_dev_notifier);
2011
2012 proc_create("ax25_route", S_IRUGO, init_net.proc_net,
2013 &ax25_route_fops);
2014 proc_create("ax25", S_IRUGO, init_net.proc_net, &ax25_info_fops);
2015 proc_create("ax25_calls", S_IRUGO, init_net.proc_net, &ax25_uid_fops);
2016 out:
2017 return rc;
2018 }
2019 module_init(ax25_init);
2020
2021
2022 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2023 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2024 MODULE_LICENSE("GPL");
2025 MODULE_ALIAS_NETPROTO(PF_AX25);
2026
ax25_exit(void)2027 static void __exit ax25_exit(void)
2028 {
2029 remove_proc_entry("ax25_route", init_net.proc_net);
2030 remove_proc_entry("ax25", init_net.proc_net);
2031 remove_proc_entry("ax25_calls", init_net.proc_net);
2032
2033 unregister_netdevice_notifier(&ax25_dev_notifier);
2034
2035 dev_remove_pack(&ax25_packet_type);
2036
2037 sock_unregister(PF_AX25);
2038 proto_unregister(&ax25_proto);
2039
2040 ax25_rt_free();
2041 ax25_uid_free();
2042 ax25_dev_free();
2043 }
2044 module_exit(ax25_exit);
2045