1 /*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
10 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
11 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
12 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
13 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
14 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
15 */
16 #include <linux/capability.h>
17 #include <linux/module.h>
18 #include <linux/errno.h>
19 #include <linux/types.h>
20 #include <linux/socket.h>
21 #include <linux/in.h>
22 #include <linux/kernel.h>
23 #include <linux/sched.h>
24 #include <linux/timer.h>
25 #include <linux/string.h>
26 #include <linux/sockios.h>
27 #include <linux/net.h>
28 #include <linux/slab.h>
29 #include <net/ax25.h>
30 #include <linux/inet.h>
31 #include <linux/netdevice.h>
32 #include <linux/if_arp.h>
33 #include <linux/skbuff.h>
34 #include <net/sock.h>
35 #include <asm/uaccess.h>
36 #include <linux/fcntl.h>
37 #include <linux/termios.h> /* For TIOCINQ/OUTQ */
38 #include <linux/mm.h>
39 #include <linux/interrupt.h>
40 #include <linux/notifier.h>
41 #include <linux/proc_fs.h>
42 #include <linux/stat.h>
43 #include <linux/netfilter.h>
44 #include <linux/sysctl.h>
45 #include <linux/init.h>
46 #include <linux/spinlock.h>
47 #include <net/net_namespace.h>
48 #include <net/tcp_states.h>
49 #include <net/ip.h>
50 #include <net/arp.h>
51
52
53
54 HLIST_HEAD(ax25_list);
55 DEFINE_SPINLOCK(ax25_list_lock);
56
57 static const struct proto_ops ax25_proto_ops;
58
ax25_free_sock(struct sock * sk)59 static void ax25_free_sock(struct sock *sk)
60 {
61 ax25_cb_put(ax25_sk(sk));
62 }
63
64 /*
65 * Socket removal during an interrupt is now safe.
66 */
ax25_cb_del(ax25_cb * ax25)67 static void ax25_cb_del(ax25_cb *ax25)
68 {
69 if (!hlist_unhashed(&ax25->ax25_node)) {
70 spin_lock_bh(&ax25_list_lock);
71 hlist_del_init(&ax25->ax25_node);
72 spin_unlock_bh(&ax25_list_lock);
73 ax25_cb_put(ax25);
74 }
75 }
76
77 /*
78 * Kill all bound sockets on a dropped device.
79 */
ax25_kill_by_device(struct net_device * dev)80 static void ax25_kill_by_device(struct net_device *dev)
81 {
82 ax25_dev *ax25_dev;
83 ax25_cb *s;
84 struct hlist_node *node;
85
86 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
87 return;
88
89 spin_lock_bh(&ax25_list_lock);
90 again:
91 ax25_for_each(s, node, &ax25_list) {
92 if (s->ax25_dev == ax25_dev) {
93 s->ax25_dev = NULL;
94 spin_unlock_bh(&ax25_list_lock);
95 ax25_disconnect(s, ENETUNREACH);
96 spin_lock_bh(&ax25_list_lock);
97
98 /* The entry could have been deleted from the
99 * list meanwhile and thus the next pointer is
100 * no longer valid. Play it safe and restart
101 * the scan. Forward progress is ensured
102 * because we set s->ax25_dev to NULL and we
103 * are never passed a NULL 'dev' argument.
104 */
105 goto again;
106 }
107 }
108 spin_unlock_bh(&ax25_list_lock);
109 }
110
111 /*
112 * Handle device status changes.
113 */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)114 static int ax25_device_event(struct notifier_block *this, unsigned long event,
115 void *ptr)
116 {
117 struct net_device *dev = (struct net_device *)ptr;
118
119 if (!net_eq(dev_net(dev), &init_net))
120 return NOTIFY_DONE;
121
122 /* Reject non AX.25 devices */
123 if (dev->type != ARPHRD_AX25)
124 return NOTIFY_DONE;
125
126 switch (event) {
127 case NETDEV_UP:
128 ax25_dev_device_up(dev);
129 break;
130 case NETDEV_DOWN:
131 ax25_kill_by_device(dev);
132 ax25_rt_device_down(dev);
133 ax25_dev_device_down(dev);
134 break;
135 default:
136 break;
137 }
138
139 return NOTIFY_DONE;
140 }
141
142 /*
143 * Add a socket to the bound sockets list.
144 */
ax25_cb_add(ax25_cb * ax25)145 void ax25_cb_add(ax25_cb *ax25)
146 {
147 spin_lock_bh(&ax25_list_lock);
148 ax25_cb_hold(ax25);
149 hlist_add_head(&ax25->ax25_node, &ax25_list);
150 spin_unlock_bh(&ax25_list_lock);
151 }
152
153 /*
154 * Find a socket that wants to accept the SABM we have just
155 * received.
156 */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)157 struct sock *ax25_find_listener(ax25_address *addr, int digi,
158 struct net_device *dev, int type)
159 {
160 ax25_cb *s;
161 struct hlist_node *node;
162
163 spin_lock(&ax25_list_lock);
164 ax25_for_each(s, node, &ax25_list) {
165 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
166 continue;
167 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
168 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
169 /* If device is null we match any device */
170 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
171 sock_hold(s->sk);
172 spin_unlock(&ax25_list_lock);
173 return s->sk;
174 }
175 }
176 }
177 spin_unlock(&ax25_list_lock);
178
179 return NULL;
180 }
181
182 /*
183 * Find an AX.25 socket given both ends.
184 */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)185 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
186 int type)
187 {
188 struct sock *sk = NULL;
189 ax25_cb *s;
190 struct hlist_node *node;
191
192 spin_lock(&ax25_list_lock);
193 ax25_for_each(s, node, &ax25_list) {
194 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
195 !ax25cmp(&s->dest_addr, dest_addr) &&
196 s->sk->sk_type == type) {
197 sk = s->sk;
198 sock_hold(sk);
199 break;
200 }
201 }
202
203 spin_unlock(&ax25_list_lock);
204
205 return sk;
206 }
207
208 /*
209 * Find an AX.25 control block given both ends. It will only pick up
210 * floating AX.25 control blocks or non Raw socket bound control blocks.
211 */
ax25_find_cb(ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)212 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
213 ax25_digi *digi, struct net_device *dev)
214 {
215 ax25_cb *s;
216 struct hlist_node *node;
217
218 spin_lock_bh(&ax25_list_lock);
219 ax25_for_each(s, node, &ax25_list) {
220 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
221 continue;
222 if (s->ax25_dev == NULL)
223 continue;
224 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
225 if (digi != NULL && digi->ndigi != 0) {
226 if (s->digipeat == NULL)
227 continue;
228 if (ax25digicmp(s->digipeat, digi) != 0)
229 continue;
230 } else {
231 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
232 continue;
233 }
234 ax25_cb_hold(s);
235 spin_unlock_bh(&ax25_list_lock);
236
237 return s;
238 }
239 }
240 spin_unlock_bh(&ax25_list_lock);
241
242 return NULL;
243 }
244
245 EXPORT_SYMBOL(ax25_find_cb);
246
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)247 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
248 {
249 ax25_cb *s;
250 struct sk_buff *copy;
251 struct hlist_node *node;
252
253 spin_lock(&ax25_list_lock);
254 ax25_for_each(s, node, &ax25_list) {
255 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
256 s->sk->sk_type == SOCK_RAW &&
257 s->sk->sk_protocol == proto &&
258 s->ax25_dev->dev == skb->dev &&
259 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
260 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
261 continue;
262 if (sock_queue_rcv_skb(s->sk, copy) != 0)
263 kfree_skb(copy);
264 }
265 }
266 spin_unlock(&ax25_list_lock);
267 }
268
269 /*
270 * Deferred destroy.
271 */
272 void ax25_destroy_socket(ax25_cb *);
273
274 /*
275 * Handler for deferred kills.
276 */
ax25_destroy_timer(unsigned long data)277 static void ax25_destroy_timer(unsigned long data)
278 {
279 ax25_cb *ax25=(ax25_cb *)data;
280 struct sock *sk;
281
282 sk=ax25->sk;
283
284 bh_lock_sock(sk);
285 sock_hold(sk);
286 ax25_destroy_socket(ax25);
287 bh_unlock_sock(sk);
288 sock_put(sk);
289 }
290
291 /*
292 * This is called from user mode and the timers. Thus it protects itself
293 * against interrupt users but doesn't worry about being called during
294 * work. Once it is removed from the queue no interrupt or bottom half
295 * will touch it and we are (fairly 8-) ) safe.
296 */
ax25_destroy_socket(ax25_cb * ax25)297 void ax25_destroy_socket(ax25_cb *ax25)
298 {
299 struct sk_buff *skb;
300
301 ax25_cb_del(ax25);
302
303 ax25_stop_heartbeat(ax25);
304 ax25_stop_t1timer(ax25);
305 ax25_stop_t2timer(ax25);
306 ax25_stop_t3timer(ax25);
307 ax25_stop_idletimer(ax25);
308
309 ax25_clear_queues(ax25); /* Flush the queues */
310
311 if (ax25->sk != NULL) {
312 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
313 if (skb->sk != ax25->sk) {
314 /* A pending connection */
315 ax25_cb *sax25 = ax25_sk(skb->sk);
316
317 /* Queue the unaccepted socket for death */
318 sock_orphan(skb->sk);
319
320 /* 9A4GL: hack to release unaccepted sockets */
321 skb->sk->sk_state = TCP_LISTEN;
322
323 ax25_start_heartbeat(sax25);
324 sax25->state = AX25_STATE_0;
325 }
326
327 kfree_skb(skb);
328 }
329 skb_queue_purge(&ax25->sk->sk_write_queue);
330 }
331
332 if (ax25->sk != NULL) {
333 if (sk_has_allocations(ax25->sk)) {
334 /* Defer: outstanding buffers */
335 setup_timer(&ax25->dtimer, ax25_destroy_timer,
336 (unsigned long)ax25);
337 ax25->dtimer.expires = jiffies + 2 * HZ;
338 add_timer(&ax25->dtimer);
339 } else {
340 struct sock *sk=ax25->sk;
341 ax25->sk=NULL;
342 sock_put(sk);
343 }
344 } else {
345 ax25_cb_put(ax25);
346 }
347 }
348
349 /*
350 * dl1bke 960311: set parameters for existing AX.25 connections,
351 * includes a KILL command to abort any connection.
352 * VERY useful for debugging ;-)
353 */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)354 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
355 {
356 struct ax25_ctl_struct ax25_ctl;
357 ax25_digi digi;
358 ax25_dev *ax25_dev;
359 ax25_cb *ax25;
360 unsigned int k;
361 int ret = 0;
362
363 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
364 return -EFAULT;
365
366 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
367 return -ENODEV;
368
369 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
370 return -EINVAL;
371
372 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
373 return -EINVAL;
374
375 digi.ndigi = ax25_ctl.digi_count;
376 for (k = 0; k < digi.ndigi; k++)
377 digi.calls[k] = ax25_ctl.digi_addr[k];
378
379 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
380 return -ENOTCONN;
381
382 switch (ax25_ctl.cmd) {
383 case AX25_KILL:
384 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
385 #ifdef CONFIG_AX25_DAMA_SLAVE
386 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
387 ax25_dama_off(ax25);
388 #endif
389 ax25_disconnect(ax25, ENETRESET);
390 break;
391
392 case AX25_WINDOW:
393 if (ax25->modulus == AX25_MODULUS) {
394 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
395 goto einval_put;
396 } else {
397 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
398 goto einval_put;
399 }
400 ax25->window = ax25_ctl.arg;
401 break;
402
403 case AX25_T1:
404 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
405 goto einval_put;
406 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
407 ax25->t1 = ax25_ctl.arg * HZ;
408 break;
409
410 case AX25_T2:
411 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
412 goto einval_put;
413 ax25->t2 = ax25_ctl.arg * HZ;
414 break;
415
416 case AX25_N2:
417 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
418 goto einval_put;
419 ax25->n2count = 0;
420 ax25->n2 = ax25_ctl.arg;
421 break;
422
423 case AX25_T3:
424 if (ax25_ctl.arg > ULONG_MAX / HZ)
425 goto einval_put;
426 ax25->t3 = ax25_ctl.arg * HZ;
427 break;
428
429 case AX25_IDLE:
430 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
431 goto einval_put;
432
433 ax25->idle = ax25_ctl.arg * 60 * HZ;
434 break;
435
436 case AX25_PACLEN:
437 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
438 goto einval_put;
439 ax25->paclen = ax25_ctl.arg;
440 break;
441
442 default:
443 goto einval_put;
444 }
445
446 out_put:
447 ax25_cb_put(ax25);
448 return ret;
449
450 einval_put:
451 ret = -EINVAL;
452 goto out_put;
453 }
454
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)455 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
456 {
457 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
458 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
459 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
460 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
461 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
462 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
463 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
464 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
465
466 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
467 ax25->modulus = AX25_EMODULUS;
468 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
469 } else {
470 ax25->modulus = AX25_MODULUS;
471 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
472 }
473 }
474
475 /*
476 * Fill in a created AX.25 created control block with the default
477 * values for a particular device.
478 */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)479 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
480 {
481 ax25->ax25_dev = ax25_dev;
482
483 if (ax25->ax25_dev != NULL) {
484 ax25_fillin_cb_from_dev(ax25, ax25_dev);
485 return;
486 }
487
488 /*
489 * No device, use kernel / AX.25 spec default values
490 */
491 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
492 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
493 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
494 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
495 ax25->n2 = AX25_DEF_N2;
496 ax25->paclen = AX25_DEF_PACLEN;
497 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
498 ax25->backoff = AX25_DEF_BACKOFF;
499
500 if (AX25_DEF_AXDEFMODE) {
501 ax25->modulus = AX25_EMODULUS;
502 ax25->window = AX25_DEF_EWINDOW;
503 } else {
504 ax25->modulus = AX25_MODULUS;
505 ax25->window = AX25_DEF_WINDOW;
506 }
507 }
508
509 /*
510 * Create an empty AX.25 control block.
511 */
ax25_create_cb(void)512 ax25_cb *ax25_create_cb(void)
513 {
514 ax25_cb *ax25;
515
516 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
517 return NULL;
518
519 atomic_set(&ax25->refcount, 1);
520
521 skb_queue_head_init(&ax25->write_queue);
522 skb_queue_head_init(&ax25->frag_queue);
523 skb_queue_head_init(&ax25->ack_queue);
524 skb_queue_head_init(&ax25->reseq_queue);
525
526 ax25_setup_timers(ax25);
527
528 ax25_fillin_cb(ax25, NULL);
529
530 ax25->state = AX25_STATE_0;
531
532 return ax25;
533 }
534
535 /*
536 * Handling for system calls applied via the various interfaces to an
537 * AX25 socket object
538 */
539
ax25_setsockopt(struct socket * sock,int level,int optname,char __user * optval,unsigned int optlen)540 static int ax25_setsockopt(struct socket *sock, int level, int optname,
541 char __user *optval, unsigned int optlen)
542 {
543 struct sock *sk = sock->sk;
544 ax25_cb *ax25;
545 struct net_device *dev;
546 char devname[IFNAMSIZ];
547 unsigned long opt;
548 int res = 0;
549
550 if (level != SOL_AX25)
551 return -ENOPROTOOPT;
552
553 if (optlen < sizeof(unsigned int))
554 return -EINVAL;
555
556 if (get_user(opt, (unsigned int __user *)optval))
557 return -EFAULT;
558
559 lock_sock(sk);
560 ax25 = ax25_sk(sk);
561
562 switch (optname) {
563 case AX25_WINDOW:
564 if (ax25->modulus == AX25_MODULUS) {
565 if (opt < 1 || opt > 7) {
566 res = -EINVAL;
567 break;
568 }
569 } else {
570 if (opt < 1 || opt > 63) {
571 res = -EINVAL;
572 break;
573 }
574 }
575 ax25->window = opt;
576 break;
577
578 case AX25_T1:
579 if (opt < 1 || opt > ULONG_MAX / HZ) {
580 res = -EINVAL;
581 break;
582 }
583 ax25->rtt = (opt * HZ) >> 1;
584 ax25->t1 = opt * HZ;
585 break;
586
587 case AX25_T2:
588 if (opt < 1 || opt > ULONG_MAX / HZ) {
589 res = -EINVAL;
590 break;
591 }
592 ax25->t2 = opt * HZ;
593 break;
594
595 case AX25_N2:
596 if (opt < 1 || opt > 31) {
597 res = -EINVAL;
598 break;
599 }
600 ax25->n2 = opt;
601 break;
602
603 case AX25_T3:
604 if (opt < 1 || opt > ULONG_MAX / HZ) {
605 res = -EINVAL;
606 break;
607 }
608 ax25->t3 = opt * HZ;
609 break;
610
611 case AX25_IDLE:
612 if (opt > ULONG_MAX / (60 * HZ)) {
613 res = -EINVAL;
614 break;
615 }
616 ax25->idle = opt * 60 * HZ;
617 break;
618
619 case AX25_BACKOFF:
620 if (opt > 2) {
621 res = -EINVAL;
622 break;
623 }
624 ax25->backoff = opt;
625 break;
626
627 case AX25_EXTSEQ:
628 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
629 break;
630
631 case AX25_PIDINCL:
632 ax25->pidincl = opt ? 1 : 0;
633 break;
634
635 case AX25_IAMDIGI:
636 ax25->iamdigi = opt ? 1 : 0;
637 break;
638
639 case AX25_PACLEN:
640 if (opt < 16 || opt > 65535) {
641 res = -EINVAL;
642 break;
643 }
644 ax25->paclen = opt;
645 break;
646
647 case SO_BINDTODEVICE:
648 if (optlen > IFNAMSIZ)
649 optlen = IFNAMSIZ;
650
651 if (copy_from_user(devname, optval, optlen)) {
652 res = -EFAULT;
653 break;
654 }
655
656 if (sk->sk_type == SOCK_SEQPACKET &&
657 (sock->state != SS_UNCONNECTED ||
658 sk->sk_state == TCP_LISTEN)) {
659 res = -EADDRNOTAVAIL;
660 break;
661 }
662
663 dev = dev_get_by_name(&init_net, devname);
664 if (!dev) {
665 res = -ENODEV;
666 break;
667 }
668
669 ax25->ax25_dev = ax25_dev_ax25dev(dev);
670 ax25_fillin_cb(ax25, ax25->ax25_dev);
671 dev_put(dev);
672 break;
673
674 default:
675 res = -ENOPROTOOPT;
676 }
677 release_sock(sk);
678
679 return res;
680 }
681
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)682 static int ax25_getsockopt(struct socket *sock, int level, int optname,
683 char __user *optval, int __user *optlen)
684 {
685 struct sock *sk = sock->sk;
686 ax25_cb *ax25;
687 struct ax25_dev *ax25_dev;
688 char devname[IFNAMSIZ];
689 void *valptr;
690 int val = 0;
691 int maxlen, length;
692
693 if (level != SOL_AX25)
694 return -ENOPROTOOPT;
695
696 if (get_user(maxlen, optlen))
697 return -EFAULT;
698
699 if (maxlen < 1)
700 return -EFAULT;
701
702 valptr = (void *) &val;
703 length = min_t(unsigned int, maxlen, sizeof(int));
704
705 lock_sock(sk);
706 ax25 = ax25_sk(sk);
707
708 switch (optname) {
709 case AX25_WINDOW:
710 val = ax25->window;
711 break;
712
713 case AX25_T1:
714 val = ax25->t1 / HZ;
715 break;
716
717 case AX25_T2:
718 val = ax25->t2 / HZ;
719 break;
720
721 case AX25_N2:
722 val = ax25->n2;
723 break;
724
725 case AX25_T3:
726 val = ax25->t3 / HZ;
727 break;
728
729 case AX25_IDLE:
730 val = ax25->idle / (60 * HZ);
731 break;
732
733 case AX25_BACKOFF:
734 val = ax25->backoff;
735 break;
736
737 case AX25_EXTSEQ:
738 val = (ax25->modulus == AX25_EMODULUS);
739 break;
740
741 case AX25_PIDINCL:
742 val = ax25->pidincl;
743 break;
744
745 case AX25_IAMDIGI:
746 val = ax25->iamdigi;
747 break;
748
749 case AX25_PACLEN:
750 val = ax25->paclen;
751 break;
752
753 case SO_BINDTODEVICE:
754 ax25_dev = ax25->ax25_dev;
755
756 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
757 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
758 length = strlen(devname) + 1;
759 } else {
760 *devname = '\0';
761 length = 1;
762 }
763
764 valptr = (void *) devname;
765 break;
766
767 default:
768 release_sock(sk);
769 return -ENOPROTOOPT;
770 }
771 release_sock(sk);
772
773 if (put_user(length, optlen))
774 return -EFAULT;
775
776 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
777 }
778
ax25_listen(struct socket * sock,int backlog)779 static int ax25_listen(struct socket *sock, int backlog)
780 {
781 struct sock *sk = sock->sk;
782 int res = 0;
783
784 lock_sock(sk);
785 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
786 sk->sk_max_ack_backlog = backlog;
787 sk->sk_state = TCP_LISTEN;
788 goto out;
789 }
790 res = -EOPNOTSUPP;
791
792 out:
793 release_sock(sk);
794
795 return res;
796 }
797
798 /*
799 * XXX: when creating ax25_sock we should update the .obj_size setting
800 * below.
801 */
802 static struct proto ax25_proto = {
803 .name = "AX25",
804 .owner = THIS_MODULE,
805 .obj_size = sizeof(struct sock),
806 };
807
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)808 static int ax25_create(struct net *net, struct socket *sock, int protocol,
809 int kern)
810 {
811 struct sock *sk;
812 ax25_cb *ax25;
813
814 if (!net_eq(net, &init_net))
815 return -EAFNOSUPPORT;
816
817 switch (sock->type) {
818 case SOCK_DGRAM:
819 if (protocol == 0 || protocol == PF_AX25)
820 protocol = AX25_P_TEXT;
821 break;
822
823 case SOCK_SEQPACKET:
824 switch (protocol) {
825 case 0:
826 case PF_AX25: /* For CLX */
827 protocol = AX25_P_TEXT;
828 break;
829 case AX25_P_SEGMENT:
830 #ifdef CONFIG_INET
831 case AX25_P_ARP:
832 case AX25_P_IP:
833 #endif
834 #ifdef CONFIG_NETROM
835 case AX25_P_NETROM:
836 #endif
837 #ifdef CONFIG_ROSE
838 case AX25_P_ROSE:
839 #endif
840 return -ESOCKTNOSUPPORT;
841 #ifdef CONFIG_NETROM_MODULE
842 case AX25_P_NETROM:
843 if (ax25_protocol_is_registered(AX25_P_NETROM))
844 return -ESOCKTNOSUPPORT;
845 #endif
846 #ifdef CONFIG_ROSE_MODULE
847 case AX25_P_ROSE:
848 if (ax25_protocol_is_registered(AX25_P_ROSE))
849 return -ESOCKTNOSUPPORT;
850 #endif
851 default:
852 break;
853 }
854 break;
855
856 case SOCK_RAW:
857 break;
858 default:
859 return -ESOCKTNOSUPPORT;
860 }
861
862 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto);
863 if (sk == NULL)
864 return -ENOMEM;
865
866 ax25 = sk->sk_protinfo = ax25_create_cb();
867 if (!ax25) {
868 sk_free(sk);
869 return -ENOMEM;
870 }
871
872 sock_init_data(sock, sk);
873
874 sk->sk_destruct = ax25_free_sock;
875 sock->ops = &ax25_proto_ops;
876 sk->sk_protocol = protocol;
877
878 ax25->sk = sk;
879
880 return 0;
881 }
882
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)883 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
884 {
885 struct sock *sk;
886 ax25_cb *ax25, *oax25;
887
888 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot);
889 if (sk == NULL)
890 return NULL;
891
892 if ((ax25 = ax25_create_cb()) == NULL) {
893 sk_free(sk);
894 return NULL;
895 }
896
897 switch (osk->sk_type) {
898 case SOCK_DGRAM:
899 break;
900 case SOCK_SEQPACKET:
901 break;
902 default:
903 sk_free(sk);
904 ax25_cb_put(ax25);
905 return NULL;
906 }
907
908 sock_init_data(NULL, sk);
909
910 sk->sk_type = osk->sk_type;
911 sk->sk_priority = osk->sk_priority;
912 sk->sk_protocol = osk->sk_protocol;
913 sk->sk_rcvbuf = osk->sk_rcvbuf;
914 sk->sk_sndbuf = osk->sk_sndbuf;
915 sk->sk_state = TCP_ESTABLISHED;
916 sock_copy_flags(sk, osk);
917
918 oax25 = ax25_sk(osk);
919
920 ax25->modulus = oax25->modulus;
921 ax25->backoff = oax25->backoff;
922 ax25->pidincl = oax25->pidincl;
923 ax25->iamdigi = oax25->iamdigi;
924 ax25->rtt = oax25->rtt;
925 ax25->t1 = oax25->t1;
926 ax25->t2 = oax25->t2;
927 ax25->t3 = oax25->t3;
928 ax25->n2 = oax25->n2;
929 ax25->idle = oax25->idle;
930 ax25->paclen = oax25->paclen;
931 ax25->window = oax25->window;
932
933 ax25->ax25_dev = ax25_dev;
934 ax25->source_addr = oax25->source_addr;
935
936 if (oax25->digipeat != NULL) {
937 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
938 GFP_ATOMIC);
939 if (ax25->digipeat == NULL) {
940 sk_free(sk);
941 ax25_cb_put(ax25);
942 return NULL;
943 }
944 }
945
946 sk->sk_protinfo = ax25;
947 sk->sk_destruct = ax25_free_sock;
948 ax25->sk = sk;
949
950 return sk;
951 }
952
ax25_release(struct socket * sock)953 static int ax25_release(struct socket *sock)
954 {
955 struct sock *sk = sock->sk;
956 ax25_cb *ax25;
957
958 if (sk == NULL)
959 return 0;
960
961 sock_hold(sk);
962 sock_orphan(sk);
963 lock_sock(sk);
964 ax25 = ax25_sk(sk);
965
966 if (sk->sk_type == SOCK_SEQPACKET) {
967 switch (ax25->state) {
968 case AX25_STATE_0:
969 release_sock(sk);
970 ax25_disconnect(ax25, 0);
971 lock_sock(sk);
972 ax25_destroy_socket(ax25);
973 break;
974
975 case AX25_STATE_1:
976 case AX25_STATE_2:
977 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
978 release_sock(sk);
979 ax25_disconnect(ax25, 0);
980 lock_sock(sk);
981 ax25_destroy_socket(ax25);
982 break;
983
984 case AX25_STATE_3:
985 case AX25_STATE_4:
986 ax25_clear_queues(ax25);
987 ax25->n2count = 0;
988
989 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
990 case AX25_PROTO_STD_SIMPLEX:
991 case AX25_PROTO_STD_DUPLEX:
992 ax25_send_control(ax25,
993 AX25_DISC,
994 AX25_POLLON,
995 AX25_COMMAND);
996 ax25_stop_t2timer(ax25);
997 ax25_stop_t3timer(ax25);
998 ax25_stop_idletimer(ax25);
999 break;
1000 #ifdef CONFIG_AX25_DAMA_SLAVE
1001 case AX25_PROTO_DAMA_SLAVE:
1002 ax25_stop_t3timer(ax25);
1003 ax25_stop_idletimer(ax25);
1004 break;
1005 #endif
1006 }
1007 ax25_calculate_t1(ax25);
1008 ax25_start_t1timer(ax25);
1009 ax25->state = AX25_STATE_2;
1010 sk->sk_state = TCP_CLOSE;
1011 sk->sk_shutdown |= SEND_SHUTDOWN;
1012 sk->sk_state_change(sk);
1013 sock_set_flag(sk, SOCK_DESTROY);
1014 break;
1015
1016 default:
1017 break;
1018 }
1019 } else {
1020 sk->sk_state = TCP_CLOSE;
1021 sk->sk_shutdown |= SEND_SHUTDOWN;
1022 sk->sk_state_change(sk);
1023 ax25_destroy_socket(ax25);
1024 }
1025
1026 sock->sk = NULL;
1027 release_sock(sk);
1028 sock_put(sk);
1029
1030 return 0;
1031 }
1032
1033 /*
1034 * We support a funny extension here so you can (as root) give any callsign
1035 * digipeated via a local address as source. This hack is obsolete now
1036 * that we've implemented support for SO_BINDTODEVICE. It is however small
1037 * and trivially backward compatible.
1038 */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1039 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1040 {
1041 struct sock *sk = sock->sk;
1042 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1043 ax25_dev *ax25_dev = NULL;
1044 ax25_uid_assoc *user;
1045 ax25_address call;
1046 ax25_cb *ax25;
1047 int err = 0;
1048
1049 if (addr_len != sizeof(struct sockaddr_ax25) &&
1050 addr_len != sizeof(struct full_sockaddr_ax25))
1051 /* support for old structure may go away some time
1052 * ax25_bind(): uses old (6 digipeater) socket structure.
1053 */
1054 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1055 (addr_len > sizeof(struct full_sockaddr_ax25)))
1056 return -EINVAL;
1057
1058 if (addr->fsa_ax25.sax25_family != AF_AX25)
1059 return -EINVAL;
1060
1061 user = ax25_findbyuid(current_euid());
1062 if (user) {
1063 call = user->call;
1064 ax25_uid_put(user);
1065 } else {
1066 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1067 return -EACCES;
1068
1069 call = addr->fsa_ax25.sax25_call;
1070 }
1071
1072 lock_sock(sk);
1073
1074 ax25 = ax25_sk(sk);
1075 if (!sock_flag(sk, SOCK_ZAPPED)) {
1076 err = -EINVAL;
1077 goto out;
1078 }
1079
1080 ax25->source_addr = call;
1081
1082 /*
1083 * User already set interface with SO_BINDTODEVICE
1084 */
1085 if (ax25->ax25_dev != NULL)
1086 goto done;
1087
1088 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1089 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1090 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1091 err = -EADDRNOTAVAIL;
1092 goto out;
1093 }
1094 } else {
1095 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1096 err = -EADDRNOTAVAIL;
1097 goto out;
1098 }
1099 }
1100
1101 if (ax25_dev != NULL)
1102 ax25_fillin_cb(ax25, ax25_dev);
1103
1104 done:
1105 ax25_cb_add(ax25);
1106 sock_reset_flag(sk, SOCK_ZAPPED);
1107
1108 out:
1109 release_sock(sk);
1110
1111 return err;
1112 }
1113
1114 /*
1115 * FIXME: nonblock behaviour looks like it may have a bug.
1116 */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1117 static int __must_check ax25_connect(struct socket *sock,
1118 struct sockaddr *uaddr, int addr_len, int flags)
1119 {
1120 struct sock *sk = sock->sk;
1121 ax25_cb *ax25 = ax25_sk(sk), *ax25t;
1122 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1123 ax25_digi *digi = NULL;
1124 int ct = 0, err = 0;
1125
1126 /*
1127 * some sanity checks. code further down depends on this
1128 */
1129
1130 if (addr_len == sizeof(struct sockaddr_ax25))
1131 /* support for this will go away in early 2.5.x
1132 * ax25_connect(): uses obsolete socket structure
1133 */
1134 ;
1135 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1136 /* support for old structure may go away some time
1137 * ax25_connect(): uses old (6 digipeater) socket structure.
1138 */
1139 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1140 (addr_len > sizeof(struct full_sockaddr_ax25)))
1141 return -EINVAL;
1142
1143
1144 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1145 return -EINVAL;
1146
1147 lock_sock(sk);
1148
1149 /* deal with restarts */
1150 if (sock->state == SS_CONNECTING) {
1151 switch (sk->sk_state) {
1152 case TCP_SYN_SENT: /* still trying */
1153 err = -EINPROGRESS;
1154 goto out_release;
1155
1156 case TCP_ESTABLISHED: /* connection established */
1157 sock->state = SS_CONNECTED;
1158 goto out_release;
1159
1160 case TCP_CLOSE: /* connection refused */
1161 sock->state = SS_UNCONNECTED;
1162 err = -ECONNREFUSED;
1163 goto out_release;
1164 }
1165 }
1166
1167 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1168 err = -EISCONN; /* No reconnect on a seqpacket socket */
1169 goto out_release;
1170 }
1171
1172 sk->sk_state = TCP_CLOSE;
1173 sock->state = SS_UNCONNECTED;
1174
1175 kfree(ax25->digipeat);
1176 ax25->digipeat = NULL;
1177
1178 /*
1179 * Handle digi-peaters to be used.
1180 */
1181 if (addr_len > sizeof(struct sockaddr_ax25) &&
1182 fsa->fsa_ax25.sax25_ndigis != 0) {
1183 /* Valid number of digipeaters ? */
1184 if (fsa->fsa_ax25.sax25_ndigis < 1 || fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS) {
1185 err = -EINVAL;
1186 goto out_release;
1187 }
1188
1189 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1190 err = -ENOBUFS;
1191 goto out_release;
1192 }
1193
1194 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1195 digi->lastrepeat = -1;
1196
1197 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1198 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1199 AX25_HBIT) && ax25->iamdigi) {
1200 digi->repeated[ct] = 1;
1201 digi->lastrepeat = ct;
1202 } else {
1203 digi->repeated[ct] = 0;
1204 }
1205 digi->calls[ct] = fsa->fsa_digipeater[ct];
1206 ct++;
1207 }
1208 }
1209
1210 /*
1211 * Must bind first - autobinding in this may or may not work. If
1212 * the socket is already bound, check to see if the device has
1213 * been filled in, error if it hasn't.
1214 */
1215 if (sock_flag(sk, SOCK_ZAPPED)) {
1216 /* check if we can remove this feature. It is broken. */
1217 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1218 current->comm);
1219 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1220 kfree(digi);
1221 goto out_release;
1222 }
1223
1224 ax25_fillin_cb(ax25, ax25->ax25_dev);
1225 ax25_cb_add(ax25);
1226 } else {
1227 if (ax25->ax25_dev == NULL) {
1228 kfree(digi);
1229 err = -EHOSTUNREACH;
1230 goto out_release;
1231 }
1232 }
1233
1234 if (sk->sk_type == SOCK_SEQPACKET &&
1235 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1236 ax25->ax25_dev->dev))) {
1237 kfree(digi);
1238 err = -EADDRINUSE; /* Already such a connection */
1239 ax25_cb_put(ax25t);
1240 goto out_release;
1241 }
1242
1243 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1244 ax25->digipeat = digi;
1245
1246 /* First the easy one */
1247 if (sk->sk_type != SOCK_SEQPACKET) {
1248 sock->state = SS_CONNECTED;
1249 sk->sk_state = TCP_ESTABLISHED;
1250 goto out_release;
1251 }
1252
1253 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1254 sock->state = SS_CONNECTING;
1255 sk->sk_state = TCP_SYN_SENT;
1256
1257 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1258 case AX25_PROTO_STD_SIMPLEX:
1259 case AX25_PROTO_STD_DUPLEX:
1260 ax25_std_establish_data_link(ax25);
1261 break;
1262
1263 #ifdef CONFIG_AX25_DAMA_SLAVE
1264 case AX25_PROTO_DAMA_SLAVE:
1265 ax25->modulus = AX25_MODULUS;
1266 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1267 if (ax25->ax25_dev->dama.slave)
1268 ax25_ds_establish_data_link(ax25);
1269 else
1270 ax25_std_establish_data_link(ax25);
1271 break;
1272 #endif
1273 }
1274
1275 ax25->state = AX25_STATE_1;
1276
1277 ax25_start_heartbeat(ax25);
1278
1279 /* Now the loop */
1280 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1281 err = -EINPROGRESS;
1282 goto out_release;
1283 }
1284
1285 if (sk->sk_state == TCP_SYN_SENT) {
1286 DEFINE_WAIT(wait);
1287
1288 for (;;) {
1289 prepare_to_wait(sk_sleep(sk), &wait,
1290 TASK_INTERRUPTIBLE);
1291 if (sk->sk_state != TCP_SYN_SENT)
1292 break;
1293 if (!signal_pending(current)) {
1294 release_sock(sk);
1295 schedule();
1296 lock_sock(sk);
1297 continue;
1298 }
1299 err = -ERESTARTSYS;
1300 break;
1301 }
1302 finish_wait(sk_sleep(sk), &wait);
1303
1304 if (err)
1305 goto out_release;
1306 }
1307
1308 if (sk->sk_state != TCP_ESTABLISHED) {
1309 /* Not in ABM, not in WAIT_UA -> failed */
1310 sock->state = SS_UNCONNECTED;
1311 err = sock_error(sk); /* Always set at this point */
1312 goto out_release;
1313 }
1314
1315 sock->state = SS_CONNECTED;
1316
1317 err = 0;
1318 out_release:
1319 release_sock(sk);
1320
1321 return err;
1322 }
1323
ax25_accept(struct socket * sock,struct socket * newsock,int flags)1324 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags)
1325 {
1326 struct sk_buff *skb;
1327 struct sock *newsk;
1328 DEFINE_WAIT(wait);
1329 struct sock *sk;
1330 int err = 0;
1331
1332 if (sock->state != SS_UNCONNECTED)
1333 return -EINVAL;
1334
1335 if ((sk = sock->sk) == NULL)
1336 return -EINVAL;
1337
1338 lock_sock(sk);
1339 if (sk->sk_type != SOCK_SEQPACKET) {
1340 err = -EOPNOTSUPP;
1341 goto out;
1342 }
1343
1344 if (sk->sk_state != TCP_LISTEN) {
1345 err = -EINVAL;
1346 goto out;
1347 }
1348
1349 /*
1350 * The read queue this time is holding sockets ready to use
1351 * hooked into the SABM we saved
1352 */
1353 for (;;) {
1354 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1355 skb = skb_dequeue(&sk->sk_receive_queue);
1356 if (skb)
1357 break;
1358
1359 if (flags & O_NONBLOCK) {
1360 err = -EWOULDBLOCK;
1361 break;
1362 }
1363 if (!signal_pending(current)) {
1364 release_sock(sk);
1365 schedule();
1366 lock_sock(sk);
1367 continue;
1368 }
1369 err = -ERESTARTSYS;
1370 break;
1371 }
1372 finish_wait(sk_sleep(sk), &wait);
1373
1374 if (err)
1375 goto out;
1376
1377 newsk = skb->sk;
1378 sock_graft(newsk, newsock);
1379
1380 /* Now attach up the new socket */
1381 kfree_skb(skb);
1382 sk->sk_ack_backlog--;
1383 newsock->state = SS_CONNECTED;
1384
1385 out:
1386 release_sock(sk);
1387
1388 return err;
1389 }
1390
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int * uaddr_len,int peer)1391 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1392 int *uaddr_len, int peer)
1393 {
1394 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1395 struct sock *sk = sock->sk;
1396 unsigned char ndigi, i;
1397 ax25_cb *ax25;
1398 int err = 0;
1399
1400 memset(fsa, 0, sizeof(*fsa));
1401 lock_sock(sk);
1402 ax25 = ax25_sk(sk);
1403
1404 if (peer != 0) {
1405 if (sk->sk_state != TCP_ESTABLISHED) {
1406 err = -ENOTCONN;
1407 goto out;
1408 }
1409
1410 fsa->fsa_ax25.sax25_family = AF_AX25;
1411 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1412
1413 if (ax25->digipeat != NULL) {
1414 ndigi = ax25->digipeat->ndigi;
1415 fsa->fsa_ax25.sax25_ndigis = ndigi;
1416 for (i = 0; i < ndigi; i++)
1417 fsa->fsa_digipeater[i] =
1418 ax25->digipeat->calls[i];
1419 }
1420 } else {
1421 fsa->fsa_ax25.sax25_family = AF_AX25;
1422 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1423 fsa->fsa_ax25.sax25_ndigis = 1;
1424 if (ax25->ax25_dev != NULL) {
1425 memcpy(&fsa->fsa_digipeater[0],
1426 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1427 } else {
1428 fsa->fsa_digipeater[0] = null_ax25_address;
1429 }
1430 }
1431 *uaddr_len = sizeof (struct full_sockaddr_ax25);
1432
1433 out:
1434 release_sock(sk);
1435
1436 return err;
1437 }
1438
ax25_sendmsg(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t len)1439 static int ax25_sendmsg(struct kiocb *iocb, struct socket *sock,
1440 struct msghdr *msg, size_t len)
1441 {
1442 struct sockaddr_ax25 *usax = (struct sockaddr_ax25 *)msg->msg_name;
1443 struct sock *sk = sock->sk;
1444 struct sockaddr_ax25 sax;
1445 struct sk_buff *skb;
1446 ax25_digi dtmp, *dp;
1447 ax25_cb *ax25;
1448 size_t size;
1449 int lv, err, addr_len = msg->msg_namelen;
1450
1451 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1452 return -EINVAL;
1453
1454 lock_sock(sk);
1455 ax25 = ax25_sk(sk);
1456
1457 if (sock_flag(sk, SOCK_ZAPPED)) {
1458 err = -EADDRNOTAVAIL;
1459 goto out;
1460 }
1461
1462 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1463 send_sig(SIGPIPE, current, 0);
1464 err = -EPIPE;
1465 goto out;
1466 }
1467
1468 if (ax25->ax25_dev == NULL) {
1469 err = -ENETUNREACH;
1470 goto out;
1471 }
1472
1473 if (len > ax25->ax25_dev->dev->mtu) {
1474 err = -EMSGSIZE;
1475 goto out;
1476 }
1477
1478 if (usax != NULL) {
1479 if (usax->sax25_family != AF_AX25) {
1480 err = -EINVAL;
1481 goto out;
1482 }
1483
1484 if (addr_len == sizeof(struct sockaddr_ax25))
1485 /* ax25_sendmsg(): uses obsolete socket structure */
1486 ;
1487 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1488 /* support for old structure may go away some time
1489 * ax25_sendmsg(): uses old (6 digipeater)
1490 * socket structure.
1491 */
1492 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1493 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1494 err = -EINVAL;
1495 goto out;
1496 }
1497
1498
1499 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1500 int ct = 0;
1501 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1502
1503 /* Valid number of digipeaters ? */
1504 if (usax->sax25_ndigis < 1 || usax->sax25_ndigis > AX25_MAX_DIGIS) {
1505 err = -EINVAL;
1506 goto out;
1507 }
1508
1509 dtmp.ndigi = usax->sax25_ndigis;
1510
1511 while (ct < usax->sax25_ndigis) {
1512 dtmp.repeated[ct] = 0;
1513 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1514 ct++;
1515 }
1516
1517 dtmp.lastrepeat = 0;
1518 }
1519
1520 sax = *usax;
1521 if (sk->sk_type == SOCK_SEQPACKET &&
1522 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1523 err = -EISCONN;
1524 goto out;
1525 }
1526 if (usax->sax25_ndigis == 0)
1527 dp = NULL;
1528 else
1529 dp = &dtmp;
1530 } else {
1531 /*
1532 * FIXME: 1003.1g - if the socket is like this because
1533 * it has become closed (not started closed) and is VC
1534 * we ought to SIGPIPE, EPIPE
1535 */
1536 if (sk->sk_state != TCP_ESTABLISHED) {
1537 err = -ENOTCONN;
1538 goto out;
1539 }
1540 sax.sax25_family = AF_AX25;
1541 sax.sax25_call = ax25->dest_addr;
1542 dp = ax25->digipeat;
1543 }
1544
1545 /* Build a packet */
1546 /* Assume the worst case */
1547 size = len + ax25->ax25_dev->dev->hard_header_len;
1548
1549 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1550 if (skb == NULL)
1551 goto out;
1552
1553 skb_reserve(skb, size - len);
1554
1555 /* User data follows immediately after the AX.25 data */
1556 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
1557 err = -EFAULT;
1558 kfree_skb(skb);
1559 goto out;
1560 }
1561
1562 skb_reset_network_header(skb);
1563
1564 /* Add the PID if one is not supplied by the user in the skb */
1565 if (!ax25->pidincl)
1566 *skb_push(skb, 1) = sk->sk_protocol;
1567
1568 if (sk->sk_type == SOCK_SEQPACKET) {
1569 /* Connected mode sockets go via the LAPB machine */
1570 if (sk->sk_state != TCP_ESTABLISHED) {
1571 kfree_skb(skb);
1572 err = -ENOTCONN;
1573 goto out;
1574 }
1575
1576 /* Shove it onto the queue and kick */
1577 ax25_output(ax25, ax25->paclen, skb);
1578
1579 err = len;
1580 goto out;
1581 }
1582
1583 skb_push(skb, 1 + ax25_addr_size(dp));
1584
1585 /* Building AX.25 Header */
1586
1587 /* Build an AX.25 header */
1588 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1589 dp, AX25_COMMAND, AX25_MODULUS);
1590
1591 skb_set_transport_header(skb, lv);
1592
1593 *skb_transport_header(skb) = AX25_UI;
1594
1595 /* Datagram frames go straight out of the door as UI */
1596 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1597
1598 err = len;
1599
1600 out:
1601 release_sock(sk);
1602
1603 return err;
1604 }
1605
ax25_recvmsg(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t size,int flags)1606 static int ax25_recvmsg(struct kiocb *iocb, struct socket *sock,
1607 struct msghdr *msg, size_t size, int flags)
1608 {
1609 struct sock *sk = sock->sk;
1610 struct sk_buff *skb;
1611 int copied;
1612 int err = 0;
1613
1614 lock_sock(sk);
1615 /*
1616 * This works for seqpacket too. The receiver has ordered the
1617 * queue for us! We do one quick check first though
1618 */
1619 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1620 err = -ENOTCONN;
1621 goto out;
1622 }
1623
1624 /* Now we can treat all alike */
1625 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1626 flags & MSG_DONTWAIT, &err);
1627 if (skb == NULL)
1628 goto out;
1629
1630 if (!ax25_sk(sk)->pidincl)
1631 skb_pull(skb, 1); /* Remove PID */
1632
1633 skb_reset_transport_header(skb);
1634 copied = skb->len;
1635
1636 if (copied > size) {
1637 copied = size;
1638 msg->msg_flags |= MSG_TRUNC;
1639 }
1640
1641 skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1642
1643 if (msg->msg_name) {
1644 ax25_digi digi;
1645 ax25_address src;
1646 const unsigned char *mac = skb_mac_header(skb);
1647 struct sockaddr_ax25 *sax = msg->msg_name;
1648
1649 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1650 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1651 &digi, NULL, NULL);
1652 sax->sax25_family = AF_AX25;
1653 /* We set this correctly, even though we may not let the
1654 application know the digi calls further down (because it
1655 did NOT ask to know them). This could get political... **/
1656 sax->sax25_ndigis = digi.ndigi;
1657 sax->sax25_call = src;
1658
1659 if (sax->sax25_ndigis != 0) {
1660 int ct;
1661 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1662
1663 for (ct = 0; ct < digi.ndigi; ct++)
1664 fsa->fsa_digipeater[ct] = digi.calls[ct];
1665 }
1666 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1667 }
1668
1669 skb_free_datagram(sk, skb);
1670 err = copied;
1671
1672 out:
1673 release_sock(sk);
1674
1675 return err;
1676 }
1677
ax25_shutdown(struct socket * sk,int how)1678 static int ax25_shutdown(struct socket *sk, int how)
1679 {
1680 /* FIXME - generate DM and RNR states */
1681 return -EOPNOTSUPP;
1682 }
1683
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1684 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1685 {
1686 struct sock *sk = sock->sk;
1687 void __user *argp = (void __user *)arg;
1688 int res = 0;
1689
1690 lock_sock(sk);
1691 switch (cmd) {
1692 case TIOCOUTQ: {
1693 long amount;
1694
1695 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1696 if (amount < 0)
1697 amount = 0;
1698 res = put_user(amount, (int __user *)argp);
1699 break;
1700 }
1701
1702 case TIOCINQ: {
1703 struct sk_buff *skb;
1704 long amount = 0L;
1705 /* These two are safe on a single CPU system as only user tasks fiddle here */
1706 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1707 amount = skb->len;
1708 res = put_user(amount, (int __user *) argp);
1709 break;
1710 }
1711
1712 case SIOCGSTAMP:
1713 res = sock_get_timestamp(sk, argp);
1714 break;
1715
1716 case SIOCGSTAMPNS:
1717 res = sock_get_timestampns(sk, argp);
1718 break;
1719
1720 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1721 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1722 case SIOCAX25GETUID: {
1723 struct sockaddr_ax25 sax25;
1724 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1725 res = -EFAULT;
1726 break;
1727 }
1728 res = ax25_uid_ioctl(cmd, &sax25);
1729 break;
1730 }
1731
1732 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1733 long amount;
1734 if (!capable(CAP_NET_ADMIN)) {
1735 res = -EPERM;
1736 break;
1737 }
1738 if (get_user(amount, (long __user *)argp)) {
1739 res = -EFAULT;
1740 break;
1741 }
1742 if (amount > AX25_NOUID_BLOCK) {
1743 res = -EINVAL;
1744 break;
1745 }
1746 ax25_uid_policy = amount;
1747 res = 0;
1748 break;
1749 }
1750
1751 case SIOCADDRT:
1752 case SIOCDELRT:
1753 case SIOCAX25OPTRT:
1754 if (!capable(CAP_NET_ADMIN)) {
1755 res = -EPERM;
1756 break;
1757 }
1758 res = ax25_rt_ioctl(cmd, argp);
1759 break;
1760
1761 case SIOCAX25CTLCON:
1762 if (!capable(CAP_NET_ADMIN)) {
1763 res = -EPERM;
1764 break;
1765 }
1766 res = ax25_ctl_ioctl(cmd, argp);
1767 break;
1768
1769 case SIOCAX25GETINFO:
1770 case SIOCAX25GETINFOOLD: {
1771 ax25_cb *ax25 = ax25_sk(sk);
1772 struct ax25_info_struct ax25_info;
1773
1774 ax25_info.t1 = ax25->t1 / HZ;
1775 ax25_info.t2 = ax25->t2 / HZ;
1776 ax25_info.t3 = ax25->t3 / HZ;
1777 ax25_info.idle = ax25->idle / (60 * HZ);
1778 ax25_info.n2 = ax25->n2;
1779 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1780 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1781 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1782 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1783 ax25_info.n2count = ax25->n2count;
1784 ax25_info.state = ax25->state;
1785 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1786 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1787 ax25_info.vs = ax25->vs;
1788 ax25_info.vr = ax25->vr;
1789 ax25_info.va = ax25->va;
1790 ax25_info.vs_max = ax25->vs; /* reserved */
1791 ax25_info.paclen = ax25->paclen;
1792 ax25_info.window = ax25->window;
1793
1794 /* old structure? */
1795 if (cmd == SIOCAX25GETINFOOLD) {
1796 static int warned = 0;
1797 if (!warned) {
1798 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1799 current->comm);
1800 warned=1;
1801 }
1802
1803 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1804 res = -EFAULT;
1805 break;
1806 }
1807 } else {
1808 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1809 res = -EINVAL;
1810 break;
1811 }
1812 }
1813 res = 0;
1814 break;
1815 }
1816
1817 case SIOCAX25ADDFWD:
1818 case SIOCAX25DELFWD: {
1819 struct ax25_fwd_struct ax25_fwd;
1820 if (!capable(CAP_NET_ADMIN)) {
1821 res = -EPERM;
1822 break;
1823 }
1824 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1825 res = -EFAULT;
1826 break;
1827 }
1828 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1829 break;
1830 }
1831
1832 case SIOCGIFADDR:
1833 case SIOCSIFADDR:
1834 case SIOCGIFDSTADDR:
1835 case SIOCSIFDSTADDR:
1836 case SIOCGIFBRDADDR:
1837 case SIOCSIFBRDADDR:
1838 case SIOCGIFNETMASK:
1839 case SIOCSIFNETMASK:
1840 case SIOCGIFMETRIC:
1841 case SIOCSIFMETRIC:
1842 res = -EINVAL;
1843 break;
1844
1845 default:
1846 res = -ENOIOCTLCMD;
1847 break;
1848 }
1849 release_sock(sk);
1850
1851 return res;
1852 }
1853
1854 #ifdef CONFIG_PROC_FS
1855
ax25_info_start(struct seq_file * seq,loff_t * pos)1856 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1857 __acquires(ax25_list_lock)
1858 {
1859 spin_lock_bh(&ax25_list_lock);
1860 return seq_hlist_start(&ax25_list, *pos);
1861 }
1862
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1863 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1864 {
1865 return seq_hlist_next(v, &ax25_list, pos);
1866 }
1867
ax25_info_stop(struct seq_file * seq,void * v)1868 static void ax25_info_stop(struct seq_file *seq, void *v)
1869 __releases(ax25_list_lock)
1870 {
1871 spin_unlock_bh(&ax25_list_lock);
1872 }
1873
ax25_info_show(struct seq_file * seq,void * v)1874 static int ax25_info_show(struct seq_file *seq, void *v)
1875 {
1876 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1877 char buf[11];
1878 int k;
1879
1880
1881 /*
1882 * New format:
1883 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1884 */
1885
1886 seq_printf(seq, "%8.8lx %s %s%s ",
1887 (long) ax25,
1888 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1889 ax2asc(buf, &ax25->source_addr),
1890 ax25->iamdigi? "*":"");
1891 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1892
1893 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1894 seq_printf(seq, ",%s%s",
1895 ax2asc(buf, &ax25->digipeat->calls[k]),
1896 ax25->digipeat->repeated[k]? "*":"");
1897 }
1898
1899 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1900 ax25->state,
1901 ax25->vs, ax25->vr, ax25->va,
1902 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1903 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1904 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1905 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1906 ax25->idle / (60 * HZ),
1907 ax25->n2count, ax25->n2,
1908 ax25->rtt / HZ,
1909 ax25->window,
1910 ax25->paclen);
1911
1912 if (ax25->sk != NULL) {
1913 seq_printf(seq, " %d %d %lu\n",
1914 sk_wmem_alloc_get(ax25->sk),
1915 sk_rmem_alloc_get(ax25->sk),
1916 sock_i_ino(ax25->sk));
1917 } else {
1918 seq_puts(seq, " * * *\n");
1919 }
1920 return 0;
1921 }
1922
1923 static const struct seq_operations ax25_info_seqops = {
1924 .start = ax25_info_start,
1925 .next = ax25_info_next,
1926 .stop = ax25_info_stop,
1927 .show = ax25_info_show,
1928 };
1929
ax25_info_open(struct inode * inode,struct file * file)1930 static int ax25_info_open(struct inode *inode, struct file *file)
1931 {
1932 return seq_open(file, &ax25_info_seqops);
1933 }
1934
1935 static const struct file_operations ax25_info_fops = {
1936 .owner = THIS_MODULE,
1937 .open = ax25_info_open,
1938 .read = seq_read,
1939 .llseek = seq_lseek,
1940 .release = seq_release,
1941 };
1942
1943 #endif
1944
1945 static const struct net_proto_family ax25_family_ops = {
1946 .family = PF_AX25,
1947 .create = ax25_create,
1948 .owner = THIS_MODULE,
1949 };
1950
1951 static const struct proto_ops ax25_proto_ops = {
1952 .family = PF_AX25,
1953 .owner = THIS_MODULE,
1954 .release = ax25_release,
1955 .bind = ax25_bind,
1956 .connect = ax25_connect,
1957 .socketpair = sock_no_socketpair,
1958 .accept = ax25_accept,
1959 .getname = ax25_getname,
1960 .poll = datagram_poll,
1961 .ioctl = ax25_ioctl,
1962 .listen = ax25_listen,
1963 .shutdown = ax25_shutdown,
1964 .setsockopt = ax25_setsockopt,
1965 .getsockopt = ax25_getsockopt,
1966 .sendmsg = ax25_sendmsg,
1967 .recvmsg = ax25_recvmsg,
1968 .mmap = sock_no_mmap,
1969 .sendpage = sock_no_sendpage,
1970 };
1971
1972 /*
1973 * Called by socket.c on kernel start up
1974 */
1975 static struct packet_type ax25_packet_type __read_mostly = {
1976 .type = cpu_to_be16(ETH_P_AX25),
1977 .func = ax25_kiss_rcv,
1978 };
1979
1980 static struct notifier_block ax25_dev_notifier = {
1981 .notifier_call =ax25_device_event,
1982 };
1983
ax25_init(void)1984 static int __init ax25_init(void)
1985 {
1986 int rc = proto_register(&ax25_proto, 0);
1987
1988 if (rc != 0)
1989 goto out;
1990
1991 sock_register(&ax25_family_ops);
1992 dev_add_pack(&ax25_packet_type);
1993 register_netdevice_notifier(&ax25_dev_notifier);
1994 ax25_register_sysctl();
1995
1996 proc_net_fops_create(&init_net, "ax25_route", S_IRUGO, &ax25_route_fops);
1997 proc_net_fops_create(&init_net, "ax25", S_IRUGO, &ax25_info_fops);
1998 proc_net_fops_create(&init_net, "ax25_calls", S_IRUGO, &ax25_uid_fops);
1999 out:
2000 return rc;
2001 }
2002 module_init(ax25_init);
2003
2004
2005 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2006 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2007 MODULE_LICENSE("GPL");
2008 MODULE_ALIAS_NETPROTO(PF_AX25);
2009
ax25_exit(void)2010 static void __exit ax25_exit(void)
2011 {
2012 proc_net_remove(&init_net, "ax25_route");
2013 proc_net_remove(&init_net, "ax25");
2014 proc_net_remove(&init_net, "ax25_calls");
2015
2016 unregister_netdevice_notifier(&ax25_dev_notifier);
2017 ax25_unregister_sysctl();
2018
2019 dev_remove_pack(&ax25_packet_type);
2020
2021 sock_unregister(PF_AX25);
2022 proto_unregister(&ax25_proto);
2023
2024 ax25_rt_free();
2025 ax25_uid_free();
2026 ax25_dev_free();
2027 }
2028 module_exit(ax25_exit);
2029