Loading...
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
10 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
11 *
12 * Most of this code is based on the SDL diagrams published in the 7th ARRL
13 * Computer Networking Conference papers. The diagrams have mistakes in them,
14 * but are mostly correct. Before you modify the code could you read the SDL
15 * diagrams as the code is not obvious and probably very easy to break.
16 */
17#include <linux/errno.h>
18#include <linux/types.h>
19#include <linux/socket.h>
20#include <linux/in.h>
21#include <linux/kernel.h>
22#include <linux/timer.h>
23#include <linux/string.h>
24#include <linux/sockios.h>
25#include <linux/net.h>
26#include <net/ax25.h>
27#include <linux/inet.h>
28#include <linux/netdevice.h>
29#include <linux/skbuff.h>
30#include <net/sock.h>
31#include <net/tcp_states.h>
32#include <asm/uaccess.h>
33#include <asm/system.h>
34#include <linux/fcntl.h>
35#include <linux/mm.h>
36#include <linux/interrupt.h>
37
38/*
39 * State machine for state 1, Awaiting Connection State.
40 * The handling of the timer(s) is in file ax25_std_timer.c.
41 * Handling of state 0 and connection release is in ax25.c.
42 */
43static int ax25_std_state1_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int pf, int type)
44{
45 switch (frametype) {
46 case AX25_SABM:
47 ax25->modulus = AX25_MODULUS;
48 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
49 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
50 break;
51
52 case AX25_SABME:
53 ax25->modulus = AX25_EMODULUS;
54 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW];
55 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
56 break;
57
58 case AX25_DISC:
59 ax25_send_control(ax25, AX25_DM, pf, AX25_RESPONSE);
60 break;
61
62 case AX25_UA:
63 if (pf) {
64 ax25_calculate_rtt(ax25);
65 ax25_stop_t1timer(ax25);
66 ax25_start_t3timer(ax25);
67 ax25_start_idletimer(ax25);
68 ax25->vs = 0;
69 ax25->va = 0;
70 ax25->vr = 0;
71 ax25->state = AX25_STATE_3;
72 ax25->n2count = 0;
73 if (ax25->sk != NULL) {
74 bh_lock_sock(ax25->sk);
75 ax25->sk->sk_state = TCP_ESTABLISHED;
76 /* For WAIT_SABM connections we will produce an accept ready socket here */
77 if (!sock_flag(ax25->sk, SOCK_DEAD))
78 ax25->sk->sk_state_change(ax25->sk);
79 bh_unlock_sock(ax25->sk);
80 }
81 }
82 break;
83
84 case AX25_DM:
85 if (pf) {
86 if (ax25->modulus == AX25_MODULUS) {
87 ax25_disconnect(ax25, ECONNREFUSED);
88 } else {
89 ax25->modulus = AX25_MODULUS;
90 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
91 }
92 }
93 break;
94
95 default:
96 break;
97 }
98
99 return 0;
100}
101
102/*
103 * State machine for state 2, Awaiting Release State.
104 * The handling of the timer(s) is in file ax25_std_timer.c
105 * Handling of state 0 and connection release is in ax25.c.
106 */
107static int ax25_std_state2_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int pf, int type)
108{
109 switch (frametype) {
110 case AX25_SABM:
111 case AX25_SABME:
112 ax25_send_control(ax25, AX25_DM, pf, AX25_RESPONSE);
113 break;
114
115 case AX25_DISC:
116 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
117 ax25_disconnect(ax25, 0);
118 break;
119
120 case AX25_DM:
121 case AX25_UA:
122 if (pf)
123 ax25_disconnect(ax25, 0);
124 break;
125
126 case AX25_I:
127 case AX25_REJ:
128 case AX25_RNR:
129 case AX25_RR:
130 if (pf) ax25_send_control(ax25, AX25_DM, AX25_POLLON, AX25_RESPONSE);
131 break;
132
133 default:
134 break;
135 }
136
137 return 0;
138}
139
140/*
141 * State machine for state 3, Connected State.
142 * The handling of the timer(s) is in file ax25_std_timer.c
143 * Handling of state 0 and connection release is in ax25.c.
144 */
145static int ax25_std_state3_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int ns, int nr, int pf, int type)
146{
147 int queued = 0;
148
149 switch (frametype) {
150 case AX25_SABM:
151 case AX25_SABME:
152 if (frametype == AX25_SABM) {
153 ax25->modulus = AX25_MODULUS;
154 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
155 } else {
156 ax25->modulus = AX25_EMODULUS;
157 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW];
158 }
159 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
160 ax25_stop_t1timer(ax25);
161 ax25_stop_t2timer(ax25);
162 ax25_start_t3timer(ax25);
163 ax25_start_idletimer(ax25);
164 ax25->condition = 0x00;
165 ax25->vs = 0;
166 ax25->va = 0;
167 ax25->vr = 0;
168 ax25_requeue_frames(ax25);
169 break;
170
171 case AX25_DISC:
172 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
173 ax25_disconnect(ax25, 0);
174 break;
175
176 case AX25_DM:
177 ax25_disconnect(ax25, ECONNRESET);
178 break;
179
180 case AX25_RR:
181 case AX25_RNR:
182 if (frametype == AX25_RR)
183 ax25->condition &= ~AX25_COND_PEER_RX_BUSY;
184 else
185 ax25->condition |= AX25_COND_PEER_RX_BUSY;
186 if (type == AX25_COMMAND && pf)
187 ax25_std_enquiry_response(ax25);
188 if (ax25_validate_nr(ax25, nr)) {
189 ax25_check_iframes_acked(ax25, nr);
190 } else {
191 ax25_std_nr_error_recovery(ax25);
192 ax25->state = AX25_STATE_1;
193 }
194 break;
195
196 case AX25_REJ:
197 ax25->condition &= ~AX25_COND_PEER_RX_BUSY;
198 if (type == AX25_COMMAND && pf)
199 ax25_std_enquiry_response(ax25);
200 if (ax25_validate_nr(ax25, nr)) {
201 ax25_frames_acked(ax25, nr);
202 ax25_calculate_rtt(ax25);
203 ax25_stop_t1timer(ax25);
204 ax25_start_t3timer(ax25);
205 ax25_requeue_frames(ax25);
206 } else {
207 ax25_std_nr_error_recovery(ax25);
208 ax25->state = AX25_STATE_1;
209 }
210 break;
211
212 case AX25_I:
213 if (!ax25_validate_nr(ax25, nr)) {
214 ax25_std_nr_error_recovery(ax25);
215 ax25->state = AX25_STATE_1;
216 break;
217 }
218 if (ax25->condition & AX25_COND_PEER_RX_BUSY) {
219 ax25_frames_acked(ax25, nr);
220 } else {
221 ax25_check_iframes_acked(ax25, nr);
222 }
223 if (ax25->condition & AX25_COND_OWN_RX_BUSY) {
224 if (pf) ax25_std_enquiry_response(ax25);
225 break;
226 }
227 if (ns == ax25->vr) {
228 ax25->vr = (ax25->vr + 1) % ax25->modulus;
229 queued = ax25_rx_iframe(ax25, skb);
230 if (ax25->condition & AX25_COND_OWN_RX_BUSY)
231 ax25->vr = ns; /* ax25->vr - 1 */
232 ax25->condition &= ~AX25_COND_REJECT;
233 if (pf) {
234 ax25_std_enquiry_response(ax25);
235 } else {
236 if (!(ax25->condition & AX25_COND_ACK_PENDING)) {
237 ax25->condition |= AX25_COND_ACK_PENDING;
238 ax25_start_t2timer(ax25);
239 }
240 }
241 } else {
242 if (ax25->condition & AX25_COND_REJECT) {
243 if (pf) ax25_std_enquiry_response(ax25);
244 } else {
245 ax25->condition |= AX25_COND_REJECT;
246 ax25_send_control(ax25, AX25_REJ, pf, AX25_RESPONSE);
247 ax25->condition &= ~AX25_COND_ACK_PENDING;
248 }
249 }
250 break;
251
252 case AX25_FRMR:
253 case AX25_ILLEGAL:
254 ax25_std_establish_data_link(ax25);
255 ax25->state = AX25_STATE_1;
256 break;
257
258 default:
259 break;
260 }
261
262 return queued;
263}
264
265/*
266 * State machine for state 4, Timer Recovery State.
267 * The handling of the timer(s) is in file ax25_std_timer.c
268 * Handling of state 0 and connection release is in ax25.c.
269 */
270static int ax25_std_state4_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int ns, int nr, int pf, int type)
271{
272 int queued = 0;
273
274 switch (frametype) {
275 case AX25_SABM:
276 case AX25_SABME:
277 if (frametype == AX25_SABM) {
278 ax25->modulus = AX25_MODULUS;
279 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
280 } else {
281 ax25->modulus = AX25_EMODULUS;
282 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW];
283 }
284 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
285 ax25_stop_t1timer(ax25);
286 ax25_stop_t2timer(ax25);
287 ax25_start_t3timer(ax25);
288 ax25_start_idletimer(ax25);
289 ax25->condition = 0x00;
290 ax25->vs = 0;
291 ax25->va = 0;
292 ax25->vr = 0;
293 ax25->state = AX25_STATE_3;
294 ax25->n2count = 0;
295 ax25_requeue_frames(ax25);
296 break;
297
298 case AX25_DISC:
299 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
300 ax25_disconnect(ax25, 0);
301 break;
302
303 case AX25_DM:
304 ax25_disconnect(ax25, ECONNRESET);
305 break;
306
307 case AX25_RR:
308 case AX25_RNR:
309 if (frametype == AX25_RR)
310 ax25->condition &= ~AX25_COND_PEER_RX_BUSY;
311 else
312 ax25->condition |= AX25_COND_PEER_RX_BUSY;
313 if (type == AX25_RESPONSE && pf) {
314 ax25_stop_t1timer(ax25);
315 ax25->n2count = 0;
316 if (ax25_validate_nr(ax25, nr)) {
317 ax25_frames_acked(ax25, nr);
318 if (ax25->vs == ax25->va) {
319 ax25_start_t3timer(ax25);
320 ax25->state = AX25_STATE_3;
321 } else {
322 ax25_requeue_frames(ax25);
323 }
324 } else {
325 ax25_std_nr_error_recovery(ax25);
326 ax25->state = AX25_STATE_1;
327 }
328 break;
329 }
330 if (type == AX25_COMMAND && pf)
331 ax25_std_enquiry_response(ax25);
332 if (ax25_validate_nr(ax25, nr)) {
333 ax25_frames_acked(ax25, nr);
334 } else {
335 ax25_std_nr_error_recovery(ax25);
336 ax25->state = AX25_STATE_1;
337 }
338 break;
339
340 case AX25_REJ:
341 ax25->condition &= ~AX25_COND_PEER_RX_BUSY;
342 if (pf && type == AX25_RESPONSE) {
343 ax25_stop_t1timer(ax25);
344 ax25->n2count = 0;
345 if (ax25_validate_nr(ax25, nr)) {
346 ax25_frames_acked(ax25, nr);
347 if (ax25->vs == ax25->va) {
348 ax25_start_t3timer(ax25);
349 ax25->state = AX25_STATE_3;
350 } else {
351 ax25_requeue_frames(ax25);
352 }
353 } else {
354 ax25_std_nr_error_recovery(ax25);
355 ax25->state = AX25_STATE_1;
356 }
357 break;
358 }
359 if (type == AX25_COMMAND && pf)
360 ax25_std_enquiry_response(ax25);
361 if (ax25_validate_nr(ax25, nr)) {
362 ax25_frames_acked(ax25, nr);
363 ax25_requeue_frames(ax25);
364 } else {
365 ax25_std_nr_error_recovery(ax25);
366 ax25->state = AX25_STATE_1;
367 }
368 break;
369
370 case AX25_I:
371 if (!ax25_validate_nr(ax25, nr)) {
372 ax25_std_nr_error_recovery(ax25);
373 ax25->state = AX25_STATE_1;
374 break;
375 }
376 ax25_frames_acked(ax25, nr);
377 if (ax25->condition & AX25_COND_OWN_RX_BUSY) {
378 if (pf)
379 ax25_std_enquiry_response(ax25);
380 break;
381 }
382 if (ns == ax25->vr) {
383 ax25->vr = (ax25->vr + 1) % ax25->modulus;
384 queued = ax25_rx_iframe(ax25, skb);
385 if (ax25->condition & AX25_COND_OWN_RX_BUSY)
386 ax25->vr = ns; /* ax25->vr - 1 */
387 ax25->condition &= ~AX25_COND_REJECT;
388 if (pf) {
389 ax25_std_enquiry_response(ax25);
390 } else {
391 if (!(ax25->condition & AX25_COND_ACK_PENDING)) {
392 ax25->condition |= AX25_COND_ACK_PENDING;
393 ax25_start_t2timer(ax25);
394 }
395 }
396 } else {
397 if (ax25->condition & AX25_COND_REJECT) {
398 if (pf) ax25_std_enquiry_response(ax25);
399 } else {
400 ax25->condition |= AX25_COND_REJECT;
401 ax25_send_control(ax25, AX25_REJ, pf, AX25_RESPONSE);
402 ax25->condition &= ~AX25_COND_ACK_PENDING;
403 }
404 }
405 break;
406
407 case AX25_FRMR:
408 case AX25_ILLEGAL:
409 ax25_std_establish_data_link(ax25);
410 ax25->state = AX25_STATE_1;
411 break;
412
413 default:
414 break;
415 }
416
417 return queued;
418}
419
420/*
421 * Higher level upcall for a LAPB frame
422 */
423int ax25_std_frame_in(ax25_cb *ax25, struct sk_buff *skb, int type)
424{
425 int queued = 0, frametype, ns, nr, pf;
426
427 frametype = ax25_decode(ax25, skb, &ns, &nr, &pf);
428
429 switch (ax25->state) {
430 case AX25_STATE_1:
431 queued = ax25_std_state1_machine(ax25, skb, frametype, pf, type);
432 break;
433 case AX25_STATE_2:
434 queued = ax25_std_state2_machine(ax25, skb, frametype, pf, type);
435 break;
436 case AX25_STATE_3:
437 queued = ax25_std_state3_machine(ax25, skb, frametype, ns, nr, pf, type);
438 break;
439 case AX25_STATE_4:
440 queued = ax25_std_state4_machine(ax25, skb, frametype, ns, nr, pf, type);
441 break;
442 }
443
444 ax25_kick(ax25);
445
446 return queued;
447}
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
10 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
11 *
12 * Most of this code is based on the SDL diagrams published in the 7th ARRL
13 * Computer Networking Conference papers. The diagrams have mistakes in them,
14 * but are mostly correct. Before you modify the code could you read the SDL
15 * diagrams as the code is not obvious and probably very easy to break.
16 */
17#include <linux/errno.h>
18#include <linux/types.h>
19#include <linux/socket.h>
20#include <linux/in.h>
21#include <linux/kernel.h>
22#include <linux/timer.h>
23#include <linux/string.h>
24#include <linux/sockios.h>
25#include <linux/net.h>
26#include <net/ax25.h>
27#include <linux/inet.h>
28#include <linux/netdevice.h>
29#include <linux/skbuff.h>
30#include <net/sock.h>
31#include <net/tcp_states.h>
32#include <asm/uaccess.h>
33#include <linux/fcntl.h>
34#include <linux/mm.h>
35#include <linux/interrupt.h>
36
37/*
38 * State machine for state 1, Awaiting Connection State.
39 * The handling of the timer(s) is in file ax25_std_timer.c.
40 * Handling of state 0 and connection release is in ax25.c.
41 */
42static int ax25_std_state1_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int pf, int type)
43{
44 switch (frametype) {
45 case AX25_SABM:
46 ax25->modulus = AX25_MODULUS;
47 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
48 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
49 break;
50
51 case AX25_SABME:
52 ax25->modulus = AX25_EMODULUS;
53 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW];
54 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
55 break;
56
57 case AX25_DISC:
58 ax25_send_control(ax25, AX25_DM, pf, AX25_RESPONSE);
59 break;
60
61 case AX25_UA:
62 if (pf) {
63 ax25_calculate_rtt(ax25);
64 ax25_stop_t1timer(ax25);
65 ax25_start_t3timer(ax25);
66 ax25_start_idletimer(ax25);
67 ax25->vs = 0;
68 ax25->va = 0;
69 ax25->vr = 0;
70 ax25->state = AX25_STATE_3;
71 ax25->n2count = 0;
72 if (ax25->sk != NULL) {
73 bh_lock_sock(ax25->sk);
74 ax25->sk->sk_state = TCP_ESTABLISHED;
75 /* For WAIT_SABM connections we will produce an accept ready socket here */
76 if (!sock_flag(ax25->sk, SOCK_DEAD))
77 ax25->sk->sk_state_change(ax25->sk);
78 bh_unlock_sock(ax25->sk);
79 }
80 }
81 break;
82
83 case AX25_DM:
84 if (pf) {
85 if (ax25->modulus == AX25_MODULUS) {
86 ax25_disconnect(ax25, ECONNREFUSED);
87 } else {
88 ax25->modulus = AX25_MODULUS;
89 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
90 }
91 }
92 break;
93
94 default:
95 break;
96 }
97
98 return 0;
99}
100
101/*
102 * State machine for state 2, Awaiting Release State.
103 * The handling of the timer(s) is in file ax25_std_timer.c
104 * Handling of state 0 and connection release is in ax25.c.
105 */
106static int ax25_std_state2_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int pf, int type)
107{
108 switch (frametype) {
109 case AX25_SABM:
110 case AX25_SABME:
111 ax25_send_control(ax25, AX25_DM, pf, AX25_RESPONSE);
112 break;
113
114 case AX25_DISC:
115 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
116 ax25_disconnect(ax25, 0);
117 break;
118
119 case AX25_DM:
120 case AX25_UA:
121 if (pf)
122 ax25_disconnect(ax25, 0);
123 break;
124
125 case AX25_I:
126 case AX25_REJ:
127 case AX25_RNR:
128 case AX25_RR:
129 if (pf) ax25_send_control(ax25, AX25_DM, AX25_POLLON, AX25_RESPONSE);
130 break;
131
132 default:
133 break;
134 }
135
136 return 0;
137}
138
139/*
140 * State machine for state 3, Connected State.
141 * The handling of the timer(s) is in file ax25_std_timer.c
142 * Handling of state 0 and connection release is in ax25.c.
143 */
144static int ax25_std_state3_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int ns, int nr, int pf, int type)
145{
146 int queued = 0;
147
148 switch (frametype) {
149 case AX25_SABM:
150 case AX25_SABME:
151 if (frametype == AX25_SABM) {
152 ax25->modulus = AX25_MODULUS;
153 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
154 } else {
155 ax25->modulus = AX25_EMODULUS;
156 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW];
157 }
158 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
159 ax25_stop_t1timer(ax25);
160 ax25_stop_t2timer(ax25);
161 ax25_start_t3timer(ax25);
162 ax25_start_idletimer(ax25);
163 ax25->condition = 0x00;
164 ax25->vs = 0;
165 ax25->va = 0;
166 ax25->vr = 0;
167 ax25_requeue_frames(ax25);
168 break;
169
170 case AX25_DISC:
171 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
172 ax25_disconnect(ax25, 0);
173 break;
174
175 case AX25_DM:
176 ax25_disconnect(ax25, ECONNRESET);
177 break;
178
179 case AX25_RR:
180 case AX25_RNR:
181 if (frametype == AX25_RR)
182 ax25->condition &= ~AX25_COND_PEER_RX_BUSY;
183 else
184 ax25->condition |= AX25_COND_PEER_RX_BUSY;
185 if (type == AX25_COMMAND && pf)
186 ax25_std_enquiry_response(ax25);
187 if (ax25_validate_nr(ax25, nr)) {
188 ax25_check_iframes_acked(ax25, nr);
189 } else {
190 ax25_std_nr_error_recovery(ax25);
191 ax25->state = AX25_STATE_1;
192 }
193 break;
194
195 case AX25_REJ:
196 ax25->condition &= ~AX25_COND_PEER_RX_BUSY;
197 if (type == AX25_COMMAND && pf)
198 ax25_std_enquiry_response(ax25);
199 if (ax25_validate_nr(ax25, nr)) {
200 ax25_frames_acked(ax25, nr);
201 ax25_calculate_rtt(ax25);
202 ax25_stop_t1timer(ax25);
203 ax25_start_t3timer(ax25);
204 ax25_requeue_frames(ax25);
205 } else {
206 ax25_std_nr_error_recovery(ax25);
207 ax25->state = AX25_STATE_1;
208 }
209 break;
210
211 case AX25_I:
212 if (!ax25_validate_nr(ax25, nr)) {
213 ax25_std_nr_error_recovery(ax25);
214 ax25->state = AX25_STATE_1;
215 break;
216 }
217 if (ax25->condition & AX25_COND_PEER_RX_BUSY) {
218 ax25_frames_acked(ax25, nr);
219 } else {
220 ax25_check_iframes_acked(ax25, nr);
221 }
222 if (ax25->condition & AX25_COND_OWN_RX_BUSY) {
223 if (pf) ax25_std_enquiry_response(ax25);
224 break;
225 }
226 if (ns == ax25->vr) {
227 ax25->vr = (ax25->vr + 1) % ax25->modulus;
228 queued = ax25_rx_iframe(ax25, skb);
229 if (ax25->condition & AX25_COND_OWN_RX_BUSY)
230 ax25->vr = ns; /* ax25->vr - 1 */
231 ax25->condition &= ~AX25_COND_REJECT;
232 if (pf) {
233 ax25_std_enquiry_response(ax25);
234 } else {
235 if (!(ax25->condition & AX25_COND_ACK_PENDING)) {
236 ax25->condition |= AX25_COND_ACK_PENDING;
237 ax25_start_t2timer(ax25);
238 }
239 }
240 } else {
241 if (ax25->condition & AX25_COND_REJECT) {
242 if (pf) ax25_std_enquiry_response(ax25);
243 } else {
244 ax25->condition |= AX25_COND_REJECT;
245 ax25_send_control(ax25, AX25_REJ, pf, AX25_RESPONSE);
246 ax25->condition &= ~AX25_COND_ACK_PENDING;
247 }
248 }
249 break;
250
251 case AX25_FRMR:
252 case AX25_ILLEGAL:
253 ax25_std_establish_data_link(ax25);
254 ax25->state = AX25_STATE_1;
255 break;
256
257 default:
258 break;
259 }
260
261 return queued;
262}
263
264/*
265 * State machine for state 4, Timer Recovery State.
266 * The handling of the timer(s) is in file ax25_std_timer.c
267 * Handling of state 0 and connection release is in ax25.c.
268 */
269static int ax25_std_state4_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int ns, int nr, int pf, int type)
270{
271 int queued = 0;
272
273 switch (frametype) {
274 case AX25_SABM:
275 case AX25_SABME:
276 if (frametype == AX25_SABM) {
277 ax25->modulus = AX25_MODULUS;
278 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
279 } else {
280 ax25->modulus = AX25_EMODULUS;
281 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW];
282 }
283 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
284 ax25_stop_t1timer(ax25);
285 ax25_stop_t2timer(ax25);
286 ax25_start_t3timer(ax25);
287 ax25_start_idletimer(ax25);
288 ax25->condition = 0x00;
289 ax25->vs = 0;
290 ax25->va = 0;
291 ax25->vr = 0;
292 ax25->state = AX25_STATE_3;
293 ax25->n2count = 0;
294 ax25_requeue_frames(ax25);
295 break;
296
297 case AX25_DISC:
298 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE);
299 ax25_disconnect(ax25, 0);
300 break;
301
302 case AX25_DM:
303 ax25_disconnect(ax25, ECONNRESET);
304 break;
305
306 case AX25_RR:
307 case AX25_RNR:
308 if (frametype == AX25_RR)
309 ax25->condition &= ~AX25_COND_PEER_RX_BUSY;
310 else
311 ax25->condition |= AX25_COND_PEER_RX_BUSY;
312 if (type == AX25_RESPONSE && pf) {
313 ax25_stop_t1timer(ax25);
314 ax25->n2count = 0;
315 if (ax25_validate_nr(ax25, nr)) {
316 ax25_frames_acked(ax25, nr);
317 if (ax25->vs == ax25->va) {
318 ax25_start_t3timer(ax25);
319 ax25->state = AX25_STATE_3;
320 } else {
321 ax25_requeue_frames(ax25);
322 }
323 } else {
324 ax25_std_nr_error_recovery(ax25);
325 ax25->state = AX25_STATE_1;
326 }
327 break;
328 }
329 if (type == AX25_COMMAND && pf)
330 ax25_std_enquiry_response(ax25);
331 if (ax25_validate_nr(ax25, nr)) {
332 ax25_frames_acked(ax25, nr);
333 } else {
334 ax25_std_nr_error_recovery(ax25);
335 ax25->state = AX25_STATE_1;
336 }
337 break;
338
339 case AX25_REJ:
340 ax25->condition &= ~AX25_COND_PEER_RX_BUSY;
341 if (pf && type == AX25_RESPONSE) {
342 ax25_stop_t1timer(ax25);
343 ax25->n2count = 0;
344 if (ax25_validate_nr(ax25, nr)) {
345 ax25_frames_acked(ax25, nr);
346 if (ax25->vs == ax25->va) {
347 ax25_start_t3timer(ax25);
348 ax25->state = AX25_STATE_3;
349 } else {
350 ax25_requeue_frames(ax25);
351 }
352 } else {
353 ax25_std_nr_error_recovery(ax25);
354 ax25->state = AX25_STATE_1;
355 }
356 break;
357 }
358 if (type == AX25_COMMAND && pf)
359 ax25_std_enquiry_response(ax25);
360 if (ax25_validate_nr(ax25, nr)) {
361 ax25_frames_acked(ax25, nr);
362 ax25_requeue_frames(ax25);
363 } else {
364 ax25_std_nr_error_recovery(ax25);
365 ax25->state = AX25_STATE_1;
366 }
367 break;
368
369 case AX25_I:
370 if (!ax25_validate_nr(ax25, nr)) {
371 ax25_std_nr_error_recovery(ax25);
372 ax25->state = AX25_STATE_1;
373 break;
374 }
375 ax25_frames_acked(ax25, nr);
376 if (ax25->condition & AX25_COND_OWN_RX_BUSY) {
377 if (pf)
378 ax25_std_enquiry_response(ax25);
379 break;
380 }
381 if (ns == ax25->vr) {
382 ax25->vr = (ax25->vr + 1) % ax25->modulus;
383 queued = ax25_rx_iframe(ax25, skb);
384 if (ax25->condition & AX25_COND_OWN_RX_BUSY)
385 ax25->vr = ns; /* ax25->vr - 1 */
386 ax25->condition &= ~AX25_COND_REJECT;
387 if (pf) {
388 ax25_std_enquiry_response(ax25);
389 } else {
390 if (!(ax25->condition & AX25_COND_ACK_PENDING)) {
391 ax25->condition |= AX25_COND_ACK_PENDING;
392 ax25_start_t2timer(ax25);
393 }
394 }
395 } else {
396 if (ax25->condition & AX25_COND_REJECT) {
397 if (pf) ax25_std_enquiry_response(ax25);
398 } else {
399 ax25->condition |= AX25_COND_REJECT;
400 ax25_send_control(ax25, AX25_REJ, pf, AX25_RESPONSE);
401 ax25->condition &= ~AX25_COND_ACK_PENDING;
402 }
403 }
404 break;
405
406 case AX25_FRMR:
407 case AX25_ILLEGAL:
408 ax25_std_establish_data_link(ax25);
409 ax25->state = AX25_STATE_1;
410 break;
411
412 default:
413 break;
414 }
415
416 return queued;
417}
418
419/*
420 * Higher level upcall for a LAPB frame
421 */
422int ax25_std_frame_in(ax25_cb *ax25, struct sk_buff *skb, int type)
423{
424 int queued = 0, frametype, ns, nr, pf;
425
426 frametype = ax25_decode(ax25, skb, &ns, &nr, &pf);
427
428 switch (ax25->state) {
429 case AX25_STATE_1:
430 queued = ax25_std_state1_machine(ax25, skb, frametype, pf, type);
431 break;
432 case AX25_STATE_2:
433 queued = ax25_std_state2_machine(ax25, skb, frametype, pf, type);
434 break;
435 case AX25_STATE_3:
436 queued = ax25_std_state3_machine(ax25, skb, frametype, ns, nr, pf, type);
437 break;
438 case AX25_STATE_4:
439 queued = ax25_std_state4_machine(ax25, skb, frametype, ns, nr, pf, type);
440 break;
441 }
442
443 ax25_kick(ax25);
444
445 return queued;
446}