• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *
4  * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
5  * Copyright (C) Terry Dawson VK2KTJ (terry@animats.net)
6  */
7 #include <linux/errno.h>
8 #include <linux/types.h>
9 #include <linux/socket.h>
10 #include <linux/in.h>
11 #include <linux/kernel.h>
12 #include <linux/timer.h>
13 #include <linux/string.h>
14 #include <linux/sockios.h>
15 #include <linux/net.h>
16 #include <linux/slab.h>
17 #include <net/ax25.h>
18 #include <linux/inet.h>
19 #include <linux/netdevice.h>
20 #include <net/arp.h>
21 #include <linux/if_arp.h>
22 #include <linux/skbuff.h>
23 #include <net/sock.h>
24 #include <net/tcp_states.h>
25 #include <linux/uaccess.h>
26 #include <linux/fcntl.h>
27 #include <linux/termios.h>	/* For TIOCINQ/OUTQ */
28 #include <linux/mm.h>
29 #include <linux/interrupt.h>
30 #include <linux/notifier.h>
31 #include <linux/init.h>
32 #include <net/rose.h>
33 #include <linux/seq_file.h>
34 #include <linux/export.h>
35 
36 static unsigned int rose_neigh_no = 1;
37 
38 static struct rose_node  *rose_node_list;
39 static DEFINE_SPINLOCK(rose_node_list_lock);
40 static struct rose_neigh *rose_neigh_list;
41 static DEFINE_SPINLOCK(rose_neigh_list_lock);
42 static struct rose_route *rose_route_list;
43 static DEFINE_SPINLOCK(rose_route_list_lock);
44 
45 struct rose_neigh *rose_loopback_neigh;
46 
47 /*
48  *	Add a new route to a node, and in the process add the node and the
49  *	neighbour if it is new.
50  */
rose_add_node(struct rose_route_struct * rose_route,struct net_device * dev)51 static int __must_check rose_add_node(struct rose_route_struct *rose_route,
52 	struct net_device *dev)
53 {
54 	struct rose_node  *rose_node, *rose_tmpn, *rose_tmpp;
55 	struct rose_neigh *rose_neigh;
56 	int i, res = 0;
57 
58 	spin_lock_bh(&rose_node_list_lock);
59 	spin_lock_bh(&rose_neigh_list_lock);
60 
61 	rose_node = rose_node_list;
62 	while (rose_node != NULL) {
63 		if ((rose_node->mask == rose_route->mask) &&
64 		    (rosecmpm(&rose_route->address, &rose_node->address,
65 			      rose_route->mask) == 0))
66 			break;
67 		rose_node = rose_node->next;
68 	}
69 
70 	if (rose_node != NULL && rose_node->loopback) {
71 		res = -EINVAL;
72 		goto out;
73 	}
74 
75 	rose_neigh = rose_neigh_list;
76 	while (rose_neigh != NULL) {
77 		if (ax25cmp(&rose_route->neighbour,
78 			    &rose_neigh->callsign) == 0 &&
79 		    rose_neigh->dev == dev)
80 			break;
81 		rose_neigh = rose_neigh->next;
82 	}
83 
84 	if (rose_neigh == NULL) {
85 		rose_neigh = kmalloc(sizeof(*rose_neigh), GFP_ATOMIC);
86 		if (rose_neigh == NULL) {
87 			res = -ENOMEM;
88 			goto out;
89 		}
90 
91 		rose_neigh->callsign  = rose_route->neighbour;
92 		rose_neigh->digipeat  = NULL;
93 		rose_neigh->ax25      = NULL;
94 		rose_neigh->dev       = dev;
95 		rose_neigh->count     = 0;
96 		rose_neigh->use       = 0;
97 		rose_neigh->dce_mode  = 0;
98 		rose_neigh->loopback  = 0;
99 		rose_neigh->number    = rose_neigh_no++;
100 		rose_neigh->restarted = 0;
101 
102 		skb_queue_head_init(&rose_neigh->queue);
103 
104 		timer_setup(&rose_neigh->ftimer, NULL, 0);
105 		timer_setup(&rose_neigh->t0timer, NULL, 0);
106 
107 		if (rose_route->ndigis != 0) {
108 			rose_neigh->digipeat =
109 				kmalloc(sizeof(ax25_digi), GFP_ATOMIC);
110 			if (rose_neigh->digipeat == NULL) {
111 				kfree(rose_neigh);
112 				res = -ENOMEM;
113 				goto out;
114 			}
115 
116 			rose_neigh->digipeat->ndigi      = rose_route->ndigis;
117 			rose_neigh->digipeat->lastrepeat = -1;
118 
119 			for (i = 0; i < rose_route->ndigis; i++) {
120 				rose_neigh->digipeat->calls[i]    =
121 					rose_route->digipeaters[i];
122 				rose_neigh->digipeat->repeated[i] = 0;
123 			}
124 		}
125 
126 		rose_neigh->next = rose_neigh_list;
127 		rose_neigh_list  = rose_neigh;
128 	}
129 
130 	/*
131 	 * This is a new node to be inserted into the list. Find where it needs
132 	 * to be inserted into the list, and insert it. We want to be sure
133 	 * to order the list in descending order of mask size to ensure that
134 	 * later when we are searching this list the first match will be the
135 	 * best match.
136 	 */
137 	if (rose_node == NULL) {
138 		rose_tmpn = rose_node_list;
139 		rose_tmpp = NULL;
140 
141 		while (rose_tmpn != NULL) {
142 			if (rose_tmpn->mask > rose_route->mask) {
143 				rose_tmpp = rose_tmpn;
144 				rose_tmpn = rose_tmpn->next;
145 			} else {
146 				break;
147 			}
148 		}
149 
150 		/* create new node */
151 		rose_node = kmalloc(sizeof(*rose_node), GFP_ATOMIC);
152 		if (rose_node == NULL) {
153 			res = -ENOMEM;
154 			goto out;
155 		}
156 
157 		rose_node->address      = rose_route->address;
158 		rose_node->mask         = rose_route->mask;
159 		rose_node->count        = 1;
160 		rose_node->loopback     = 0;
161 		rose_node->neighbour[0] = rose_neigh;
162 
163 		if (rose_tmpn == NULL) {
164 			if (rose_tmpp == NULL) {	/* Empty list */
165 				rose_node_list  = rose_node;
166 				rose_node->next = NULL;
167 			} else {
168 				rose_tmpp->next = rose_node;
169 				rose_node->next = NULL;
170 			}
171 		} else {
172 			if (rose_tmpp == NULL) {	/* 1st node */
173 				rose_node->next = rose_node_list;
174 				rose_node_list  = rose_node;
175 			} else {
176 				rose_tmpp->next = rose_node;
177 				rose_node->next = rose_tmpn;
178 			}
179 		}
180 		rose_neigh->count++;
181 
182 		goto out;
183 	}
184 
185 	/* We have space, slot it in */
186 	if (rose_node->count < 3) {
187 		rose_node->neighbour[rose_node->count] = rose_neigh;
188 		rose_node->count++;
189 		rose_neigh->count++;
190 	}
191 
192 out:
193 	spin_unlock_bh(&rose_neigh_list_lock);
194 	spin_unlock_bh(&rose_node_list_lock);
195 
196 	return res;
197 }
198 
199 /*
200  * Caller is holding rose_node_list_lock.
201  */
rose_remove_node(struct rose_node * rose_node)202 static void rose_remove_node(struct rose_node *rose_node)
203 {
204 	struct rose_node *s;
205 
206 	if ((s = rose_node_list) == rose_node) {
207 		rose_node_list = rose_node->next;
208 		kfree(rose_node);
209 		return;
210 	}
211 
212 	while (s != NULL && s->next != NULL) {
213 		if (s->next == rose_node) {
214 			s->next = rose_node->next;
215 			kfree(rose_node);
216 			return;
217 		}
218 
219 		s = s->next;
220 	}
221 }
222 
223 /*
224  * Caller is holding rose_neigh_list_lock.
225  */
rose_remove_neigh(struct rose_neigh * rose_neigh)226 static void rose_remove_neigh(struct rose_neigh *rose_neigh)
227 {
228 	struct rose_neigh *s;
229 
230 	rose_stop_ftimer(rose_neigh);
231 	rose_stop_t0timer(rose_neigh);
232 
233 	skb_queue_purge(&rose_neigh->queue);
234 
235 	if ((s = rose_neigh_list) == rose_neigh) {
236 		rose_neigh_list = rose_neigh->next;
237 		if (rose_neigh->ax25)
238 			ax25_cb_put(rose_neigh->ax25);
239 		kfree(rose_neigh->digipeat);
240 		kfree(rose_neigh);
241 		return;
242 	}
243 
244 	while (s != NULL && s->next != NULL) {
245 		if (s->next == rose_neigh) {
246 			s->next = rose_neigh->next;
247 			if (rose_neigh->ax25)
248 				ax25_cb_put(rose_neigh->ax25);
249 			kfree(rose_neigh->digipeat);
250 			kfree(rose_neigh);
251 			return;
252 		}
253 
254 		s = s->next;
255 	}
256 }
257 
258 /*
259  * Caller is holding rose_route_list_lock.
260  */
rose_remove_route(struct rose_route * rose_route)261 static void rose_remove_route(struct rose_route *rose_route)
262 {
263 	struct rose_route *s;
264 
265 	if (rose_route->neigh1 != NULL)
266 		rose_route->neigh1->use--;
267 
268 	if (rose_route->neigh2 != NULL)
269 		rose_route->neigh2->use--;
270 
271 	if ((s = rose_route_list) == rose_route) {
272 		rose_route_list = rose_route->next;
273 		kfree(rose_route);
274 		return;
275 	}
276 
277 	while (s != NULL && s->next != NULL) {
278 		if (s->next == rose_route) {
279 			s->next = rose_route->next;
280 			kfree(rose_route);
281 			return;
282 		}
283 
284 		s = s->next;
285 	}
286 }
287 
288 /*
289  *	"Delete" a node. Strictly speaking remove a route to a node. The node
290  *	is only deleted if no routes are left to it.
291  */
rose_del_node(struct rose_route_struct * rose_route,struct net_device * dev)292 static int rose_del_node(struct rose_route_struct *rose_route,
293 	struct net_device *dev)
294 {
295 	struct rose_node  *rose_node;
296 	struct rose_neigh *rose_neigh;
297 	int i, err = 0;
298 
299 	spin_lock_bh(&rose_node_list_lock);
300 	spin_lock_bh(&rose_neigh_list_lock);
301 
302 	rose_node = rose_node_list;
303 	while (rose_node != NULL) {
304 		if ((rose_node->mask == rose_route->mask) &&
305 		    (rosecmpm(&rose_route->address, &rose_node->address,
306 			      rose_route->mask) == 0))
307 			break;
308 		rose_node = rose_node->next;
309 	}
310 
311 	if (rose_node == NULL || rose_node->loopback) {
312 		err = -EINVAL;
313 		goto out;
314 	}
315 
316 	rose_neigh = rose_neigh_list;
317 	while (rose_neigh != NULL) {
318 		if (ax25cmp(&rose_route->neighbour,
319 			    &rose_neigh->callsign) == 0 &&
320 		    rose_neigh->dev == dev)
321 			break;
322 		rose_neigh = rose_neigh->next;
323 	}
324 
325 	if (rose_neigh == NULL) {
326 		err = -EINVAL;
327 		goto out;
328 	}
329 
330 	for (i = 0; i < rose_node->count; i++) {
331 		if (rose_node->neighbour[i] == rose_neigh) {
332 			rose_neigh->count--;
333 
334 			if (rose_neigh->count == 0 && rose_neigh->use == 0)
335 				rose_remove_neigh(rose_neigh);
336 
337 			rose_node->count--;
338 
339 			if (rose_node->count == 0) {
340 				rose_remove_node(rose_node);
341 			} else {
342 				switch (i) {
343 				case 0:
344 					rose_node->neighbour[0] =
345 						rose_node->neighbour[1];
346 					/* fall through */
347 				case 1:
348 					rose_node->neighbour[1] =
349 						rose_node->neighbour[2];
350 				case 2:
351 					break;
352 				}
353 			}
354 			goto out;
355 		}
356 	}
357 	err = -EINVAL;
358 
359 out:
360 	spin_unlock_bh(&rose_neigh_list_lock);
361 	spin_unlock_bh(&rose_node_list_lock);
362 
363 	return err;
364 }
365 
366 /*
367  *	Add the loopback neighbour.
368  */
rose_add_loopback_neigh(void)369 void rose_add_loopback_neigh(void)
370 {
371 	struct rose_neigh *sn;
372 
373 	rose_loopback_neigh = kmalloc(sizeof(struct rose_neigh), GFP_KERNEL);
374 	if (!rose_loopback_neigh)
375 		return;
376 	sn = rose_loopback_neigh;
377 
378 	sn->callsign  = null_ax25_address;
379 	sn->digipeat  = NULL;
380 	sn->ax25      = NULL;
381 	sn->dev       = NULL;
382 	sn->count     = 0;
383 	sn->use       = 0;
384 	sn->dce_mode  = 1;
385 	sn->loopback  = 1;
386 	sn->number    = rose_neigh_no++;
387 	sn->restarted = 1;
388 
389 	skb_queue_head_init(&sn->queue);
390 
391 	timer_setup(&sn->ftimer, NULL, 0);
392 	timer_setup(&sn->t0timer, NULL, 0);
393 
394 	spin_lock_bh(&rose_neigh_list_lock);
395 	sn->next = rose_neigh_list;
396 	rose_neigh_list           = sn;
397 	spin_unlock_bh(&rose_neigh_list_lock);
398 }
399 
400 /*
401  *	Add a loopback node.
402  */
rose_add_loopback_node(rose_address * address)403 int rose_add_loopback_node(rose_address *address)
404 {
405 	struct rose_node *rose_node;
406 	int err = 0;
407 
408 	spin_lock_bh(&rose_node_list_lock);
409 
410 	rose_node = rose_node_list;
411 	while (rose_node != NULL) {
412 		if ((rose_node->mask == 10) &&
413 		     (rosecmpm(address, &rose_node->address, 10) == 0) &&
414 		     rose_node->loopback)
415 			break;
416 		rose_node = rose_node->next;
417 	}
418 
419 	if (rose_node != NULL)
420 		goto out;
421 
422 	if ((rose_node = kmalloc(sizeof(*rose_node), GFP_ATOMIC)) == NULL) {
423 		err = -ENOMEM;
424 		goto out;
425 	}
426 
427 	rose_node->address      = *address;
428 	rose_node->mask         = 10;
429 	rose_node->count        = 1;
430 	rose_node->loopback     = 1;
431 	rose_node->neighbour[0] = rose_loopback_neigh;
432 
433 	/* Insert at the head of list. Address is always mask=10 */
434 	rose_node->next = rose_node_list;
435 	rose_node_list  = rose_node;
436 
437 	rose_loopback_neigh->count++;
438 
439 out:
440 	spin_unlock_bh(&rose_node_list_lock);
441 
442 	return err;
443 }
444 
445 /*
446  *	Delete a loopback node.
447  */
rose_del_loopback_node(rose_address * address)448 void rose_del_loopback_node(rose_address *address)
449 {
450 	struct rose_node *rose_node;
451 
452 	spin_lock_bh(&rose_node_list_lock);
453 
454 	rose_node = rose_node_list;
455 	while (rose_node != NULL) {
456 		if ((rose_node->mask == 10) &&
457 		    (rosecmpm(address, &rose_node->address, 10) == 0) &&
458 		    rose_node->loopback)
459 			break;
460 		rose_node = rose_node->next;
461 	}
462 
463 	if (rose_node == NULL)
464 		goto out;
465 
466 	rose_remove_node(rose_node);
467 
468 	rose_loopback_neigh->count--;
469 
470 out:
471 	spin_unlock_bh(&rose_node_list_lock);
472 }
473 
474 /*
475  *	A device has been removed. Remove its routes and neighbours.
476  */
rose_rt_device_down(struct net_device * dev)477 void rose_rt_device_down(struct net_device *dev)
478 {
479 	struct rose_neigh *s, *rose_neigh;
480 	struct rose_node  *t, *rose_node;
481 	int i;
482 
483 	spin_lock_bh(&rose_node_list_lock);
484 	spin_lock_bh(&rose_neigh_list_lock);
485 	rose_neigh = rose_neigh_list;
486 	while (rose_neigh != NULL) {
487 		s          = rose_neigh;
488 		rose_neigh = rose_neigh->next;
489 
490 		if (s->dev != dev)
491 			continue;
492 
493 		rose_node = rose_node_list;
494 
495 		while (rose_node != NULL) {
496 			t         = rose_node;
497 			rose_node = rose_node->next;
498 
499 			for (i = 0; i < t->count; i++) {
500 				if (t->neighbour[i] != s)
501 					continue;
502 
503 				t->count--;
504 
505 				switch (i) {
506 				case 0:
507 					t->neighbour[0] = t->neighbour[1];
508 					/* fall through */
509 				case 1:
510 					t->neighbour[1] = t->neighbour[2];
511 				case 2:
512 					break;
513 				}
514 			}
515 
516 			if (t->count <= 0)
517 				rose_remove_node(t);
518 		}
519 
520 		rose_remove_neigh(s);
521 	}
522 	spin_unlock_bh(&rose_neigh_list_lock);
523 	spin_unlock_bh(&rose_node_list_lock);
524 }
525 
526 #if 0 /* Currently unused */
527 /*
528  *	A device has been removed. Remove its links.
529  */
530 void rose_route_device_down(struct net_device *dev)
531 {
532 	struct rose_route *s, *rose_route;
533 
534 	spin_lock_bh(&rose_route_list_lock);
535 	rose_route = rose_route_list;
536 	while (rose_route != NULL) {
537 		s          = rose_route;
538 		rose_route = rose_route->next;
539 
540 		if (s->neigh1->dev == dev || s->neigh2->dev == dev)
541 			rose_remove_route(s);
542 	}
543 	spin_unlock_bh(&rose_route_list_lock);
544 }
545 #endif
546 
547 /*
548  *	Clear all nodes and neighbours out, except for neighbours with
549  *	active connections going through them.
550  *  Do not clear loopback neighbour and nodes.
551  */
rose_clear_routes(void)552 static int rose_clear_routes(void)
553 {
554 	struct rose_neigh *s, *rose_neigh;
555 	struct rose_node  *t, *rose_node;
556 
557 	spin_lock_bh(&rose_node_list_lock);
558 	spin_lock_bh(&rose_neigh_list_lock);
559 
560 	rose_neigh = rose_neigh_list;
561 	rose_node  = rose_node_list;
562 
563 	while (rose_node != NULL) {
564 		t         = rose_node;
565 		rose_node = rose_node->next;
566 		if (!t->loopback)
567 			rose_remove_node(t);
568 	}
569 
570 	while (rose_neigh != NULL) {
571 		s          = rose_neigh;
572 		rose_neigh = rose_neigh->next;
573 
574 		if (s->use == 0 && !s->loopback) {
575 			s->count = 0;
576 			rose_remove_neigh(s);
577 		}
578 	}
579 
580 	spin_unlock_bh(&rose_neigh_list_lock);
581 	spin_unlock_bh(&rose_node_list_lock);
582 
583 	return 0;
584 }
585 
586 /*
587  *	Check that the device given is a valid AX.25 interface that is "up".
588  * 	called with RTNL
589  */
rose_ax25_dev_find(char * devname)590 static struct net_device *rose_ax25_dev_find(char *devname)
591 {
592 	struct net_device *dev;
593 
594 	if ((dev = __dev_get_by_name(&init_net, devname)) == NULL)
595 		return NULL;
596 
597 	if ((dev->flags & IFF_UP) && dev->type == ARPHRD_AX25)
598 		return dev;
599 
600 	return NULL;
601 }
602 
603 /*
604  *	Find the first active ROSE device, usually "rose0".
605  */
rose_dev_first(void)606 struct net_device *rose_dev_first(void)
607 {
608 	struct net_device *dev, *first = NULL;
609 
610 	rcu_read_lock();
611 	for_each_netdev_rcu(&init_net, dev) {
612 		if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE)
613 			if (first == NULL || strncmp(dev->name, first->name, 3) < 0)
614 				first = dev;
615 	}
616 	rcu_read_unlock();
617 
618 	return first;
619 }
620 
621 /*
622  *	Find the ROSE device for the given address.
623  */
rose_dev_get(rose_address * addr)624 struct net_device *rose_dev_get(rose_address *addr)
625 {
626 	struct net_device *dev;
627 
628 	rcu_read_lock();
629 	for_each_netdev_rcu(&init_net, dev) {
630 		if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE && rosecmp(addr, (rose_address *)dev->dev_addr) == 0) {
631 			dev_hold(dev);
632 			goto out;
633 		}
634 	}
635 	dev = NULL;
636 out:
637 	rcu_read_unlock();
638 	return dev;
639 }
640 
rose_dev_exists(rose_address * addr)641 static int rose_dev_exists(rose_address *addr)
642 {
643 	struct net_device *dev;
644 
645 	rcu_read_lock();
646 	for_each_netdev_rcu(&init_net, dev) {
647 		if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE && rosecmp(addr, (rose_address *)dev->dev_addr) == 0)
648 			goto out;
649 	}
650 	dev = NULL;
651 out:
652 	rcu_read_unlock();
653 	return dev != NULL;
654 }
655 
656 
657 
658 
rose_route_free_lci(unsigned int lci,struct rose_neigh * neigh)659 struct rose_route *rose_route_free_lci(unsigned int lci, struct rose_neigh *neigh)
660 {
661 	struct rose_route *rose_route;
662 
663 	for (rose_route = rose_route_list; rose_route != NULL; rose_route = rose_route->next)
664 		if ((rose_route->neigh1 == neigh && rose_route->lci1 == lci) ||
665 		    (rose_route->neigh2 == neigh && rose_route->lci2 == lci))
666 			return rose_route;
667 
668 	return NULL;
669 }
670 
671 /*
672  *	Find a neighbour or a route given a ROSE address.
673  */
rose_get_neigh(rose_address * addr,unsigned char * cause,unsigned char * diagnostic,int route_frame)674 struct rose_neigh *rose_get_neigh(rose_address *addr, unsigned char *cause,
675 	unsigned char *diagnostic, int route_frame)
676 {
677 	struct rose_neigh *res = NULL;
678 	struct rose_node *node;
679 	int failed = 0;
680 	int i;
681 
682 	if (!route_frame) spin_lock_bh(&rose_node_list_lock);
683 	for (node = rose_node_list; node != NULL; node = node->next) {
684 		if (rosecmpm(addr, &node->address, node->mask) == 0) {
685 			for (i = 0; i < node->count; i++) {
686 				if (node->neighbour[i]->restarted) {
687 					res = node->neighbour[i];
688 					goto out;
689 				}
690 			}
691 		}
692 	}
693 	if (!route_frame) { /* connect request */
694 		for (node = rose_node_list; node != NULL; node = node->next) {
695 			if (rosecmpm(addr, &node->address, node->mask) == 0) {
696 				for (i = 0; i < node->count; i++) {
697 					if (!rose_ftimer_running(node->neighbour[i])) {
698 						res = node->neighbour[i];
699 						failed = 0;
700 						goto out;
701 					}
702 					failed = 1;
703 				}
704 			}
705 		}
706 	}
707 
708 	if (failed) {
709 		*cause      = ROSE_OUT_OF_ORDER;
710 		*diagnostic = 0;
711 	} else {
712 		*cause      = ROSE_NOT_OBTAINABLE;
713 		*diagnostic = 0;
714 	}
715 
716 out:
717 	if (!route_frame) spin_unlock_bh(&rose_node_list_lock);
718 	return res;
719 }
720 
721 /*
722  *	Handle the ioctls that control the routing functions.
723  */
rose_rt_ioctl(unsigned int cmd,void __user * arg)724 int rose_rt_ioctl(unsigned int cmd, void __user *arg)
725 {
726 	struct rose_route_struct rose_route;
727 	struct net_device *dev;
728 	int err;
729 
730 	switch (cmd) {
731 	case SIOCADDRT:
732 		if (copy_from_user(&rose_route, arg, sizeof(struct rose_route_struct)))
733 			return -EFAULT;
734 		if ((dev = rose_ax25_dev_find(rose_route.device)) == NULL)
735 			return -EINVAL;
736 		if (rose_dev_exists(&rose_route.address)) /* Can't add routes to ourself */
737 			return -EINVAL;
738 		if (rose_route.mask > 10) /* Mask can't be more than 10 digits */
739 			return -EINVAL;
740 		if (rose_route.ndigis > AX25_MAX_DIGIS)
741 			return -EINVAL;
742 		err = rose_add_node(&rose_route, dev);
743 		return err;
744 
745 	case SIOCDELRT:
746 		if (copy_from_user(&rose_route, arg, sizeof(struct rose_route_struct)))
747 			return -EFAULT;
748 		if ((dev = rose_ax25_dev_find(rose_route.device)) == NULL)
749 			return -EINVAL;
750 		err = rose_del_node(&rose_route, dev);
751 		return err;
752 
753 	case SIOCRSCLRRT:
754 		return rose_clear_routes();
755 
756 	default:
757 		return -EINVAL;
758 	}
759 
760 	return 0;
761 }
762 
rose_del_route_by_neigh(struct rose_neigh * rose_neigh)763 static void rose_del_route_by_neigh(struct rose_neigh *rose_neigh)
764 {
765 	struct rose_route *rose_route, *s;
766 
767 	rose_neigh->restarted = 0;
768 
769 	rose_stop_t0timer(rose_neigh);
770 	rose_start_ftimer(rose_neigh);
771 
772 	skb_queue_purge(&rose_neigh->queue);
773 
774 	spin_lock_bh(&rose_route_list_lock);
775 
776 	rose_route = rose_route_list;
777 
778 	while (rose_route != NULL) {
779 		if ((rose_route->neigh1 == rose_neigh && rose_route->neigh2 == rose_neigh) ||
780 		    (rose_route->neigh1 == rose_neigh && rose_route->neigh2 == NULL)       ||
781 		    (rose_route->neigh2 == rose_neigh && rose_route->neigh1 == NULL)) {
782 			s = rose_route->next;
783 			rose_remove_route(rose_route);
784 			rose_route = s;
785 			continue;
786 		}
787 
788 		if (rose_route->neigh1 == rose_neigh) {
789 			rose_route->neigh1->use--;
790 			rose_route->neigh1 = NULL;
791 			rose_transmit_clear_request(rose_route->neigh2, rose_route->lci2, ROSE_OUT_OF_ORDER, 0);
792 		}
793 
794 		if (rose_route->neigh2 == rose_neigh) {
795 			rose_route->neigh2->use--;
796 			rose_route->neigh2 = NULL;
797 			rose_transmit_clear_request(rose_route->neigh1, rose_route->lci1, ROSE_OUT_OF_ORDER, 0);
798 		}
799 
800 		rose_route = rose_route->next;
801 	}
802 	spin_unlock_bh(&rose_route_list_lock);
803 }
804 
805 /*
806  * 	A level 2 link has timed out, therefore it appears to be a poor link,
807  *	then don't use that neighbour until it is reset. Blow away all through
808  *	routes and connections using this route.
809  */
rose_link_failed(ax25_cb * ax25,int reason)810 void rose_link_failed(ax25_cb *ax25, int reason)
811 {
812 	struct rose_neigh *rose_neigh;
813 
814 	spin_lock_bh(&rose_neigh_list_lock);
815 	rose_neigh = rose_neigh_list;
816 	while (rose_neigh != NULL) {
817 		if (rose_neigh->ax25 == ax25)
818 			break;
819 		rose_neigh = rose_neigh->next;
820 	}
821 
822 	if (rose_neigh != NULL) {
823 		rose_neigh->ax25 = NULL;
824 		ax25_cb_put(ax25);
825 
826 		rose_del_route_by_neigh(rose_neigh);
827 		rose_kill_by_neigh(rose_neigh);
828 	}
829 	spin_unlock_bh(&rose_neigh_list_lock);
830 }
831 
832 /*
833  * 	A device has been "downed" remove its link status. Blow away all
834  *	through routes and connections that use this device.
835  */
rose_link_device_down(struct net_device * dev)836 void rose_link_device_down(struct net_device *dev)
837 {
838 	struct rose_neigh *rose_neigh;
839 
840 	for (rose_neigh = rose_neigh_list; rose_neigh != NULL; rose_neigh = rose_neigh->next) {
841 		if (rose_neigh->dev == dev) {
842 			rose_del_route_by_neigh(rose_neigh);
843 			rose_kill_by_neigh(rose_neigh);
844 		}
845 	}
846 }
847 
848 /*
849  *	Route a frame to an appropriate AX.25 connection.
850  *	A NULL ax25_cb indicates an internally generated frame.
851  */
rose_route_frame(struct sk_buff * skb,ax25_cb * ax25)852 int rose_route_frame(struct sk_buff *skb, ax25_cb *ax25)
853 {
854 	struct rose_neigh *rose_neigh, *new_neigh;
855 	struct rose_route *rose_route;
856 	struct rose_facilities_struct facilities;
857 	rose_address *src_addr, *dest_addr;
858 	struct sock *sk;
859 	unsigned short frametype;
860 	unsigned int lci, new_lci;
861 	unsigned char cause, diagnostic;
862 	struct net_device *dev;
863 	int res = 0;
864 	char buf[11];
865 
866 	if (skb->len < ROSE_MIN_LEN)
867 		return res;
868 
869 	if (!ax25)
870 		return rose_loopback_queue(skb, NULL);
871 
872 	frametype = skb->data[2];
873 	lci = ((skb->data[0] << 8) & 0xF00) + ((skb->data[1] << 0) & 0x0FF);
874 	if (frametype == ROSE_CALL_REQUEST &&
875 	    (skb->len <= ROSE_CALL_REQ_FACILITIES_OFF ||
876 	     skb->data[ROSE_CALL_REQ_ADDR_LEN_OFF] !=
877 	     ROSE_CALL_REQ_ADDR_LEN_VAL))
878 		return res;
879 	src_addr  = (rose_address *)(skb->data + ROSE_CALL_REQ_SRC_ADDR_OFF);
880 	dest_addr = (rose_address *)(skb->data + ROSE_CALL_REQ_DEST_ADDR_OFF);
881 
882 	spin_lock_bh(&rose_neigh_list_lock);
883 	spin_lock_bh(&rose_route_list_lock);
884 
885 	rose_neigh = rose_neigh_list;
886 	while (rose_neigh != NULL) {
887 		if (ax25cmp(&ax25->dest_addr, &rose_neigh->callsign) == 0 &&
888 		    ax25->ax25_dev->dev == rose_neigh->dev)
889 			break;
890 		rose_neigh = rose_neigh->next;
891 	}
892 
893 	if (rose_neigh == NULL) {
894 		printk("rose_route : unknown neighbour or device %s\n",
895 		       ax2asc(buf, &ax25->dest_addr));
896 		goto out;
897 	}
898 
899 	/*
900 	 *	Obviously the link is working, halt the ftimer.
901 	 */
902 	rose_stop_ftimer(rose_neigh);
903 
904 	/*
905 	 *	LCI of zero is always for us, and its always a restart
906 	 * 	frame.
907 	 */
908 	if (lci == 0) {
909 		rose_link_rx_restart(skb, rose_neigh, frametype);
910 		goto out;
911 	}
912 
913 	/*
914 	 *	Find an existing socket.
915 	 */
916 	if ((sk = rose_find_socket(lci, rose_neigh)) != NULL) {
917 		if (frametype == ROSE_CALL_REQUEST) {
918 			struct rose_sock *rose = rose_sk(sk);
919 
920 			/* Remove an existing unused socket */
921 			rose_clear_queues(sk);
922 			rose->cause	 = ROSE_NETWORK_CONGESTION;
923 			rose->diagnostic = 0;
924 			rose->neighbour->use--;
925 			rose->neighbour	 = NULL;
926 			rose->lci	 = 0;
927 			rose->state	 = ROSE_STATE_0;
928 			sk->sk_state	 = TCP_CLOSE;
929 			sk->sk_err	 = 0;
930 			sk->sk_shutdown	 |= SEND_SHUTDOWN;
931 			if (!sock_flag(sk, SOCK_DEAD)) {
932 				sk->sk_state_change(sk);
933 				sock_set_flag(sk, SOCK_DEAD);
934 			}
935 		}
936 		else {
937 			skb_reset_transport_header(skb);
938 			res = rose_process_rx_frame(sk, skb);
939 			goto out;
940 		}
941 	}
942 
943 	/*
944 	 *	Is is a Call Request and is it for us ?
945 	 */
946 	if (frametype == ROSE_CALL_REQUEST)
947 		if ((dev = rose_dev_get(dest_addr)) != NULL) {
948 			res = rose_rx_call_request(skb, dev, rose_neigh, lci);
949 			dev_put(dev);
950 			goto out;
951 		}
952 
953 	if (!sysctl_rose_routing_control) {
954 		rose_transmit_clear_request(rose_neigh, lci, ROSE_NOT_OBTAINABLE, 0);
955 		goto out;
956 	}
957 
958 	/*
959 	 *	Route it to the next in line if we have an entry for it.
960 	 */
961 	rose_route = rose_route_list;
962 	while (rose_route != NULL) {
963 		if (rose_route->lci1 == lci &&
964 		    rose_route->neigh1 == rose_neigh) {
965 			if (frametype == ROSE_CALL_REQUEST) {
966 				/* F6FBB - Remove an existing unused route */
967 				rose_remove_route(rose_route);
968 				break;
969 			} else if (rose_route->neigh2 != NULL) {
970 				skb->data[0] &= 0xF0;
971 				skb->data[0] |= (rose_route->lci2 >> 8) & 0x0F;
972 				skb->data[1]  = (rose_route->lci2 >> 0) & 0xFF;
973 				rose_transmit_link(skb, rose_route->neigh2);
974 				if (frametype == ROSE_CLEAR_CONFIRMATION)
975 					rose_remove_route(rose_route);
976 				res = 1;
977 				goto out;
978 			} else {
979 				if (frametype == ROSE_CLEAR_CONFIRMATION)
980 					rose_remove_route(rose_route);
981 				goto out;
982 			}
983 		}
984 		if (rose_route->lci2 == lci &&
985 		    rose_route->neigh2 == rose_neigh) {
986 			if (frametype == ROSE_CALL_REQUEST) {
987 				/* F6FBB - Remove an existing unused route */
988 				rose_remove_route(rose_route);
989 				break;
990 			} else if (rose_route->neigh1 != NULL) {
991 				skb->data[0] &= 0xF0;
992 				skb->data[0] |= (rose_route->lci1 >> 8) & 0x0F;
993 				skb->data[1]  = (rose_route->lci1 >> 0) & 0xFF;
994 				rose_transmit_link(skb, rose_route->neigh1);
995 				if (frametype == ROSE_CLEAR_CONFIRMATION)
996 					rose_remove_route(rose_route);
997 				res = 1;
998 				goto out;
999 			} else {
1000 				if (frametype == ROSE_CLEAR_CONFIRMATION)
1001 					rose_remove_route(rose_route);
1002 				goto out;
1003 			}
1004 		}
1005 		rose_route = rose_route->next;
1006 	}
1007 
1008 	/*
1009 	 *	We know that:
1010 	 *	1. The frame isn't for us,
1011 	 *	2. It isn't "owned" by any existing route.
1012 	 */
1013 	if (frametype != ROSE_CALL_REQUEST) {	/* XXX */
1014 		res = 0;
1015 		goto out;
1016 	}
1017 
1018 	memset(&facilities, 0x00, sizeof(struct rose_facilities_struct));
1019 
1020 	if (!rose_parse_facilities(skb->data + ROSE_CALL_REQ_FACILITIES_OFF,
1021 				   skb->len - ROSE_CALL_REQ_FACILITIES_OFF,
1022 				   &facilities)) {
1023 		rose_transmit_clear_request(rose_neigh, lci, ROSE_INVALID_FACILITY, 76);
1024 		goto out;
1025 	}
1026 
1027 	/*
1028 	 *	Check for routing loops.
1029 	 */
1030 	rose_route = rose_route_list;
1031 	while (rose_route != NULL) {
1032 		if (rose_route->rand == facilities.rand &&
1033 		    rosecmp(src_addr, &rose_route->src_addr) == 0 &&
1034 		    ax25cmp(&facilities.dest_call, &rose_route->src_call) == 0 &&
1035 		    ax25cmp(&facilities.source_call, &rose_route->dest_call) == 0) {
1036 			rose_transmit_clear_request(rose_neigh, lci, ROSE_NOT_OBTAINABLE, 120);
1037 			goto out;
1038 		}
1039 		rose_route = rose_route->next;
1040 	}
1041 
1042 	if ((new_neigh = rose_get_neigh(dest_addr, &cause, &diagnostic, 1)) == NULL) {
1043 		rose_transmit_clear_request(rose_neigh, lci, cause, diagnostic);
1044 		goto out;
1045 	}
1046 
1047 	if ((new_lci = rose_new_lci(new_neigh)) == 0) {
1048 		rose_transmit_clear_request(rose_neigh, lci, ROSE_NETWORK_CONGESTION, 71);
1049 		goto out;
1050 	}
1051 
1052 	if ((rose_route = kmalloc(sizeof(*rose_route), GFP_ATOMIC)) == NULL) {
1053 		rose_transmit_clear_request(rose_neigh, lci, ROSE_NETWORK_CONGESTION, 120);
1054 		goto out;
1055 	}
1056 
1057 	rose_route->lci1      = lci;
1058 	rose_route->src_addr  = *src_addr;
1059 	rose_route->dest_addr = *dest_addr;
1060 	rose_route->src_call  = facilities.dest_call;
1061 	rose_route->dest_call = facilities.source_call;
1062 	rose_route->rand      = facilities.rand;
1063 	rose_route->neigh1    = rose_neigh;
1064 	rose_route->lci2      = new_lci;
1065 	rose_route->neigh2    = new_neigh;
1066 
1067 	rose_route->neigh1->use++;
1068 	rose_route->neigh2->use++;
1069 
1070 	rose_route->next = rose_route_list;
1071 	rose_route_list  = rose_route;
1072 
1073 	skb->data[0] &= 0xF0;
1074 	skb->data[0] |= (rose_route->lci2 >> 8) & 0x0F;
1075 	skb->data[1]  = (rose_route->lci2 >> 0) & 0xFF;
1076 
1077 	rose_transmit_link(skb, rose_route->neigh2);
1078 	res = 1;
1079 
1080 out:
1081 	spin_unlock_bh(&rose_route_list_lock);
1082 	spin_unlock_bh(&rose_neigh_list_lock);
1083 
1084 	return res;
1085 }
1086 
1087 #ifdef CONFIG_PROC_FS
1088 
rose_node_start(struct seq_file * seq,loff_t * pos)1089 static void *rose_node_start(struct seq_file *seq, loff_t *pos)
1090 	__acquires(rose_node_list_lock)
1091 {
1092 	struct rose_node *rose_node;
1093 	int i = 1;
1094 
1095 	spin_lock_bh(&rose_node_list_lock);
1096 	if (*pos == 0)
1097 		return SEQ_START_TOKEN;
1098 
1099 	for (rose_node = rose_node_list; rose_node && i < *pos;
1100 	     rose_node = rose_node->next, ++i);
1101 
1102 	return (i == *pos) ? rose_node : NULL;
1103 }
1104 
rose_node_next(struct seq_file * seq,void * v,loff_t * pos)1105 static void *rose_node_next(struct seq_file *seq, void *v, loff_t *pos)
1106 {
1107 	++*pos;
1108 
1109 	return (v == SEQ_START_TOKEN) ? rose_node_list
1110 		: ((struct rose_node *)v)->next;
1111 }
1112 
rose_node_stop(struct seq_file * seq,void * v)1113 static void rose_node_stop(struct seq_file *seq, void *v)
1114 	__releases(rose_node_list_lock)
1115 {
1116 	spin_unlock_bh(&rose_node_list_lock);
1117 }
1118 
rose_node_show(struct seq_file * seq,void * v)1119 static int rose_node_show(struct seq_file *seq, void *v)
1120 {
1121 	char rsbuf[11];
1122 	int i;
1123 
1124 	if (v == SEQ_START_TOKEN)
1125 		seq_puts(seq, "address    mask n neigh neigh neigh\n");
1126 	else {
1127 		const struct rose_node *rose_node = v;
1128 		/* if (rose_node->loopback) {
1129 			seq_printf(seq, "%-10s %04d 1 loopback\n",
1130 				   rose2asc(rsbuf, &rose_node->address),
1131 				   rose_node->mask);
1132 		} else { */
1133 			seq_printf(seq, "%-10s %04d %d",
1134 				   rose2asc(rsbuf, &rose_node->address),
1135 				   rose_node->mask,
1136 				   rose_node->count);
1137 
1138 			for (i = 0; i < rose_node->count; i++)
1139 				seq_printf(seq, " %05d",
1140 					rose_node->neighbour[i]->number);
1141 
1142 			seq_puts(seq, "\n");
1143 		/* } */
1144 	}
1145 	return 0;
1146 }
1147 
1148 const struct seq_operations rose_node_seqops = {
1149 	.start = rose_node_start,
1150 	.next = rose_node_next,
1151 	.stop = rose_node_stop,
1152 	.show = rose_node_show,
1153 };
1154 
rose_neigh_start(struct seq_file * seq,loff_t * pos)1155 static void *rose_neigh_start(struct seq_file *seq, loff_t *pos)
1156 	__acquires(rose_neigh_list_lock)
1157 {
1158 	struct rose_neigh *rose_neigh;
1159 	int i = 1;
1160 
1161 	spin_lock_bh(&rose_neigh_list_lock);
1162 	if (*pos == 0)
1163 		return SEQ_START_TOKEN;
1164 
1165 	for (rose_neigh = rose_neigh_list; rose_neigh && i < *pos;
1166 	     rose_neigh = rose_neigh->next, ++i);
1167 
1168 	return (i == *pos) ? rose_neigh : NULL;
1169 }
1170 
rose_neigh_next(struct seq_file * seq,void * v,loff_t * pos)1171 static void *rose_neigh_next(struct seq_file *seq, void *v, loff_t *pos)
1172 {
1173 	++*pos;
1174 
1175 	return (v == SEQ_START_TOKEN) ? rose_neigh_list
1176 		: ((struct rose_neigh *)v)->next;
1177 }
1178 
rose_neigh_stop(struct seq_file * seq,void * v)1179 static void rose_neigh_stop(struct seq_file *seq, void *v)
1180 	__releases(rose_neigh_list_lock)
1181 {
1182 	spin_unlock_bh(&rose_neigh_list_lock);
1183 }
1184 
rose_neigh_show(struct seq_file * seq,void * v)1185 static int rose_neigh_show(struct seq_file *seq, void *v)
1186 {
1187 	char buf[11];
1188 	int i;
1189 
1190 	if (v == SEQ_START_TOKEN)
1191 		seq_puts(seq,
1192 			 "addr  callsign  dev  count use mode restart  t0  tf digipeaters\n");
1193 	else {
1194 		struct rose_neigh *rose_neigh = v;
1195 
1196 		/* if (!rose_neigh->loopback) { */
1197 		seq_printf(seq, "%05d %-9s %-4s   %3d %3d  %3s     %3s %3lu %3lu",
1198 			   rose_neigh->number,
1199 			   (rose_neigh->loopback) ? "RSLOOP-0" : ax2asc(buf, &rose_neigh->callsign),
1200 			   rose_neigh->dev ? rose_neigh->dev->name : "???",
1201 			   rose_neigh->count,
1202 			   rose_neigh->use,
1203 			   (rose_neigh->dce_mode) ? "DCE" : "DTE",
1204 			   (rose_neigh->restarted) ? "yes" : "no",
1205 			   ax25_display_timer(&rose_neigh->t0timer) / HZ,
1206 			   ax25_display_timer(&rose_neigh->ftimer)  / HZ);
1207 
1208 		if (rose_neigh->digipeat != NULL) {
1209 			for (i = 0; i < rose_neigh->digipeat->ndigi; i++)
1210 				seq_printf(seq, " %s", ax2asc(buf, &rose_neigh->digipeat->calls[i]));
1211 		}
1212 
1213 		seq_puts(seq, "\n");
1214 	}
1215 	return 0;
1216 }
1217 
1218 
1219 const struct seq_operations rose_neigh_seqops = {
1220 	.start = rose_neigh_start,
1221 	.next = rose_neigh_next,
1222 	.stop = rose_neigh_stop,
1223 	.show = rose_neigh_show,
1224 };
1225 
rose_route_start(struct seq_file * seq,loff_t * pos)1226 static void *rose_route_start(struct seq_file *seq, loff_t *pos)
1227 	__acquires(rose_route_list_lock)
1228 {
1229 	struct rose_route *rose_route;
1230 	int i = 1;
1231 
1232 	spin_lock_bh(&rose_route_list_lock);
1233 	if (*pos == 0)
1234 		return SEQ_START_TOKEN;
1235 
1236 	for (rose_route = rose_route_list; rose_route && i < *pos;
1237 	     rose_route = rose_route->next, ++i);
1238 
1239 	return (i == *pos) ? rose_route : NULL;
1240 }
1241 
rose_route_next(struct seq_file * seq,void * v,loff_t * pos)1242 static void *rose_route_next(struct seq_file *seq, void *v, loff_t *pos)
1243 {
1244 	++*pos;
1245 
1246 	return (v == SEQ_START_TOKEN) ? rose_route_list
1247 		: ((struct rose_route *)v)->next;
1248 }
1249 
rose_route_stop(struct seq_file * seq,void * v)1250 static void rose_route_stop(struct seq_file *seq, void *v)
1251 	__releases(rose_route_list_lock)
1252 {
1253 	spin_unlock_bh(&rose_route_list_lock);
1254 }
1255 
rose_route_show(struct seq_file * seq,void * v)1256 static int rose_route_show(struct seq_file *seq, void *v)
1257 {
1258 	char buf[11], rsbuf[11];
1259 
1260 	if (v == SEQ_START_TOKEN)
1261 		seq_puts(seq,
1262 			 "lci  address     callsign   neigh  <-> lci  address     callsign   neigh\n");
1263 	else {
1264 		struct rose_route *rose_route = v;
1265 
1266 		if (rose_route->neigh1)
1267 			seq_printf(seq,
1268 				   "%3.3X  %-10s  %-9s  %05d      ",
1269 				   rose_route->lci1,
1270 				   rose2asc(rsbuf, &rose_route->src_addr),
1271 				   ax2asc(buf, &rose_route->src_call),
1272 				   rose_route->neigh1->number);
1273 		else
1274 			seq_puts(seq,
1275 				 "000  *           *          00000      ");
1276 
1277 		if (rose_route->neigh2)
1278 			seq_printf(seq,
1279 				   "%3.3X  %-10s  %-9s  %05d\n",
1280 				   rose_route->lci2,
1281 				   rose2asc(rsbuf, &rose_route->dest_addr),
1282 				   ax2asc(buf, &rose_route->dest_call),
1283 				   rose_route->neigh2->number);
1284 		 else
1285 			 seq_puts(seq,
1286 				  "000  *           *          00000\n");
1287 		}
1288 	return 0;
1289 }
1290 
1291 struct seq_operations rose_route_seqops = {
1292 	.start = rose_route_start,
1293 	.next = rose_route_next,
1294 	.stop = rose_route_stop,
1295 	.show = rose_route_show,
1296 };
1297 #endif /* CONFIG_PROC_FS */
1298 
1299 /*
1300  *	Release all memory associated with ROSE routing structures.
1301  */
rose_rt_free(void)1302 void __exit rose_rt_free(void)
1303 {
1304 	struct rose_neigh *s, *rose_neigh = rose_neigh_list;
1305 	struct rose_node  *t, *rose_node  = rose_node_list;
1306 	struct rose_route *u, *rose_route = rose_route_list;
1307 
1308 	while (rose_neigh != NULL) {
1309 		s          = rose_neigh;
1310 		rose_neigh = rose_neigh->next;
1311 
1312 		rose_remove_neigh(s);
1313 	}
1314 
1315 	while (rose_node != NULL) {
1316 		t         = rose_node;
1317 		rose_node = rose_node->next;
1318 
1319 		rose_remove_node(t);
1320 	}
1321 
1322 	while (rose_route != NULL) {
1323 		u          = rose_route;
1324 		rose_route = rose_route->next;
1325 
1326 		rose_remove_route(u);
1327 	}
1328 }
1329