Loading...
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
10 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
11 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
12 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
13 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
14 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
15 */
16#include <linux/capability.h>
17#include <linux/module.h>
18#include <linux/errno.h>
19#include <linux/types.h>
20#include <linux/socket.h>
21#include <linux/in.h>
22#include <linux/kernel.h>
23#include <linux/sched/signal.h>
24#include <linux/timer.h>
25#include <linux/string.h>
26#include <linux/sockios.h>
27#include <linux/net.h>
28#include <linux/slab.h>
29#include <net/ax25.h>
30#include <linux/inet.h>
31#include <linux/netdevice.h>
32#include <linux/if_arp.h>
33#include <linux/skbuff.h>
34#include <net/sock.h>
35#include <linux/uaccess.h>
36#include <linux/fcntl.h>
37#include <linux/termios.h> /* For TIOCINQ/OUTQ */
38#include <linux/mm.h>
39#include <linux/interrupt.h>
40#include <linux/notifier.h>
41#include <linux/proc_fs.h>
42#include <linux/stat.h>
43#include <linux/sysctl.h>
44#include <linux/init.h>
45#include <linux/spinlock.h>
46#include <net/net_namespace.h>
47#include <net/tcp_states.h>
48#include <net/ip.h>
49#include <net/arp.h>
50
51
52
53HLIST_HEAD(ax25_list);
54DEFINE_SPINLOCK(ax25_list_lock);
55
56static const struct proto_ops ax25_proto_ops;
57
58static void ax25_free_sock(struct sock *sk)
59{
60 ax25_cb_put(sk_to_ax25(sk));
61}
62
63/*
64 * Socket removal during an interrupt is now safe.
65 */
66static void ax25_cb_del(ax25_cb *ax25)
67{
68 if (!hlist_unhashed(&ax25->ax25_node)) {
69 spin_lock_bh(&ax25_list_lock);
70 hlist_del_init(&ax25->ax25_node);
71 spin_unlock_bh(&ax25_list_lock);
72 ax25_cb_put(ax25);
73 }
74}
75
76/*
77 * Kill all bound sockets on a dropped device.
78 */
79static void ax25_kill_by_device(struct net_device *dev)
80{
81 ax25_dev *ax25_dev;
82 ax25_cb *s;
83
84 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
85 return;
86
87 spin_lock_bh(&ax25_list_lock);
88again:
89 ax25_for_each(s, &ax25_list) {
90 if (s->ax25_dev == ax25_dev) {
91 s->ax25_dev = NULL;
92 spin_unlock_bh(&ax25_list_lock);
93 ax25_disconnect(s, ENETUNREACH);
94 spin_lock_bh(&ax25_list_lock);
95
96 /* The entry could have been deleted from the
97 * list meanwhile and thus the next pointer is
98 * no longer valid. Play it safe and restart
99 * the scan. Forward progress is ensured
100 * because we set s->ax25_dev to NULL and we
101 * are never passed a NULL 'dev' argument.
102 */
103 goto again;
104 }
105 }
106 spin_unlock_bh(&ax25_list_lock);
107}
108
109/*
110 * Handle device status changes.
111 */
112static int ax25_device_event(struct notifier_block *this, unsigned long event,
113 void *ptr)
114{
115 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
116
117 if (!net_eq(dev_net(dev), &init_net))
118 return NOTIFY_DONE;
119
120 /* Reject non AX.25 devices */
121 if (dev->type != ARPHRD_AX25)
122 return NOTIFY_DONE;
123
124 switch (event) {
125 case NETDEV_UP:
126 ax25_dev_device_up(dev);
127 break;
128 case NETDEV_DOWN:
129 ax25_kill_by_device(dev);
130 ax25_rt_device_down(dev);
131 ax25_dev_device_down(dev);
132 break;
133 default:
134 break;
135 }
136
137 return NOTIFY_DONE;
138}
139
140/*
141 * Add a socket to the bound sockets list.
142 */
143void ax25_cb_add(ax25_cb *ax25)
144{
145 spin_lock_bh(&ax25_list_lock);
146 ax25_cb_hold(ax25);
147 hlist_add_head(&ax25->ax25_node, &ax25_list);
148 spin_unlock_bh(&ax25_list_lock);
149}
150
151/*
152 * Find a socket that wants to accept the SABM we have just
153 * received.
154 */
155struct sock *ax25_find_listener(ax25_address *addr, int digi,
156 struct net_device *dev, int type)
157{
158 ax25_cb *s;
159
160 spin_lock(&ax25_list_lock);
161 ax25_for_each(s, &ax25_list) {
162 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
163 continue;
164 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
165 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
166 /* If device is null we match any device */
167 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
168 sock_hold(s->sk);
169 spin_unlock(&ax25_list_lock);
170 return s->sk;
171 }
172 }
173 }
174 spin_unlock(&ax25_list_lock);
175
176 return NULL;
177}
178
179/*
180 * Find an AX.25 socket given both ends.
181 */
182struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
183 int type)
184{
185 struct sock *sk = NULL;
186 ax25_cb *s;
187
188 spin_lock(&ax25_list_lock);
189 ax25_for_each(s, &ax25_list) {
190 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
191 !ax25cmp(&s->dest_addr, dest_addr) &&
192 s->sk->sk_type == type) {
193 sk = s->sk;
194 sock_hold(sk);
195 break;
196 }
197 }
198
199 spin_unlock(&ax25_list_lock);
200
201 return sk;
202}
203
204/*
205 * Find an AX.25 control block given both ends. It will only pick up
206 * floating AX.25 control blocks or non Raw socket bound control blocks.
207 */
208ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
209 ax25_digi *digi, struct net_device *dev)
210{
211 ax25_cb *s;
212
213 spin_lock_bh(&ax25_list_lock);
214 ax25_for_each(s, &ax25_list) {
215 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
216 continue;
217 if (s->ax25_dev == NULL)
218 continue;
219 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
220 if (digi != NULL && digi->ndigi != 0) {
221 if (s->digipeat == NULL)
222 continue;
223 if (ax25digicmp(s->digipeat, digi) != 0)
224 continue;
225 } else {
226 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
227 continue;
228 }
229 ax25_cb_hold(s);
230 spin_unlock_bh(&ax25_list_lock);
231
232 return s;
233 }
234 }
235 spin_unlock_bh(&ax25_list_lock);
236
237 return NULL;
238}
239
240EXPORT_SYMBOL(ax25_find_cb);
241
242void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
243{
244 ax25_cb *s;
245 struct sk_buff *copy;
246
247 spin_lock(&ax25_list_lock);
248 ax25_for_each(s, &ax25_list) {
249 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
250 s->sk->sk_type == SOCK_RAW &&
251 s->sk->sk_protocol == proto &&
252 s->ax25_dev->dev == skb->dev &&
253 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
254 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
255 continue;
256 if (sock_queue_rcv_skb(s->sk, copy) != 0)
257 kfree_skb(copy);
258 }
259 }
260 spin_unlock(&ax25_list_lock);
261}
262
263/*
264 * Deferred destroy.
265 */
266void ax25_destroy_socket(ax25_cb *);
267
268/*
269 * Handler for deferred kills.
270 */
271static void ax25_destroy_timer(struct timer_list *t)
272{
273 ax25_cb *ax25 = from_timer(ax25, t, dtimer);
274 struct sock *sk;
275
276 sk=ax25->sk;
277
278 bh_lock_sock(sk);
279 sock_hold(sk);
280 ax25_destroy_socket(ax25);
281 bh_unlock_sock(sk);
282 sock_put(sk);
283}
284
285/*
286 * This is called from user mode and the timers. Thus it protects itself
287 * against interrupt users but doesn't worry about being called during
288 * work. Once it is removed from the queue no interrupt or bottom half
289 * will touch it and we are (fairly 8-) ) safe.
290 */
291void ax25_destroy_socket(ax25_cb *ax25)
292{
293 struct sk_buff *skb;
294
295 ax25_cb_del(ax25);
296
297 ax25_stop_heartbeat(ax25);
298 ax25_stop_t1timer(ax25);
299 ax25_stop_t2timer(ax25);
300 ax25_stop_t3timer(ax25);
301 ax25_stop_idletimer(ax25);
302
303 ax25_clear_queues(ax25); /* Flush the queues */
304
305 if (ax25->sk != NULL) {
306 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
307 if (skb->sk != ax25->sk) {
308 /* A pending connection */
309 ax25_cb *sax25 = sk_to_ax25(skb->sk);
310
311 /* Queue the unaccepted socket for death */
312 sock_orphan(skb->sk);
313
314 /* 9A4GL: hack to release unaccepted sockets */
315 skb->sk->sk_state = TCP_LISTEN;
316
317 ax25_start_heartbeat(sax25);
318 sax25->state = AX25_STATE_0;
319 }
320
321 kfree_skb(skb);
322 }
323 skb_queue_purge(&ax25->sk->sk_write_queue);
324 }
325
326 if (ax25->sk != NULL) {
327 if (sk_has_allocations(ax25->sk)) {
328 /* Defer: outstanding buffers */
329 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0);
330 ax25->dtimer.expires = jiffies + 2 * HZ;
331 add_timer(&ax25->dtimer);
332 } else {
333 struct sock *sk=ax25->sk;
334 ax25->sk=NULL;
335 sock_put(sk);
336 }
337 } else {
338 ax25_cb_put(ax25);
339 }
340}
341
342/*
343 * dl1bke 960311: set parameters for existing AX.25 connections,
344 * includes a KILL command to abort any connection.
345 * VERY useful for debugging ;-)
346 */
347static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
348{
349 struct ax25_ctl_struct ax25_ctl;
350 ax25_digi digi;
351 ax25_dev *ax25_dev;
352 ax25_cb *ax25;
353 unsigned int k;
354 int ret = 0;
355
356 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
357 return -EFAULT;
358
359 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
360 return -ENODEV;
361
362 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
363 return -EINVAL;
364
365 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
366 return -EINVAL;
367
368 digi.ndigi = ax25_ctl.digi_count;
369 for (k = 0; k < digi.ndigi; k++)
370 digi.calls[k] = ax25_ctl.digi_addr[k];
371
372 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
373 return -ENOTCONN;
374
375 switch (ax25_ctl.cmd) {
376 case AX25_KILL:
377 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
378#ifdef CONFIG_AX25_DAMA_SLAVE
379 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
380 ax25_dama_off(ax25);
381#endif
382 ax25_disconnect(ax25, ENETRESET);
383 break;
384
385 case AX25_WINDOW:
386 if (ax25->modulus == AX25_MODULUS) {
387 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
388 goto einval_put;
389 } else {
390 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
391 goto einval_put;
392 }
393 ax25->window = ax25_ctl.arg;
394 break;
395
396 case AX25_T1:
397 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
398 goto einval_put;
399 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
400 ax25->t1 = ax25_ctl.arg * HZ;
401 break;
402
403 case AX25_T2:
404 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
405 goto einval_put;
406 ax25->t2 = ax25_ctl.arg * HZ;
407 break;
408
409 case AX25_N2:
410 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
411 goto einval_put;
412 ax25->n2count = 0;
413 ax25->n2 = ax25_ctl.arg;
414 break;
415
416 case AX25_T3:
417 if (ax25_ctl.arg > ULONG_MAX / HZ)
418 goto einval_put;
419 ax25->t3 = ax25_ctl.arg * HZ;
420 break;
421
422 case AX25_IDLE:
423 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
424 goto einval_put;
425
426 ax25->idle = ax25_ctl.arg * 60 * HZ;
427 break;
428
429 case AX25_PACLEN:
430 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
431 goto einval_put;
432 ax25->paclen = ax25_ctl.arg;
433 break;
434
435 default:
436 goto einval_put;
437 }
438
439out_put:
440 ax25_cb_put(ax25);
441 return ret;
442
443einval_put:
444 ret = -EINVAL;
445 goto out_put;
446}
447
448static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
449{
450 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
451 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
452 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
453 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
454 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
455 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
456 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
457 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
458
459 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
460 ax25->modulus = AX25_EMODULUS;
461 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
462 } else {
463 ax25->modulus = AX25_MODULUS;
464 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
465 }
466}
467
468/*
469 * Fill in a created AX.25 created control block with the default
470 * values for a particular device.
471 */
472void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
473{
474 ax25->ax25_dev = ax25_dev;
475
476 if (ax25->ax25_dev != NULL) {
477 ax25_fillin_cb_from_dev(ax25, ax25_dev);
478 return;
479 }
480
481 /*
482 * No device, use kernel / AX.25 spec default values
483 */
484 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
485 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
486 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
487 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
488 ax25->n2 = AX25_DEF_N2;
489 ax25->paclen = AX25_DEF_PACLEN;
490 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
491 ax25->backoff = AX25_DEF_BACKOFF;
492
493 if (AX25_DEF_AXDEFMODE) {
494 ax25->modulus = AX25_EMODULUS;
495 ax25->window = AX25_DEF_EWINDOW;
496 } else {
497 ax25->modulus = AX25_MODULUS;
498 ax25->window = AX25_DEF_WINDOW;
499 }
500}
501
502/*
503 * Create an empty AX.25 control block.
504 */
505ax25_cb *ax25_create_cb(void)
506{
507 ax25_cb *ax25;
508
509 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
510 return NULL;
511
512 refcount_set(&ax25->refcount, 1);
513
514 skb_queue_head_init(&ax25->write_queue);
515 skb_queue_head_init(&ax25->frag_queue);
516 skb_queue_head_init(&ax25->ack_queue);
517 skb_queue_head_init(&ax25->reseq_queue);
518
519 ax25_setup_timers(ax25);
520
521 ax25_fillin_cb(ax25, NULL);
522
523 ax25->state = AX25_STATE_0;
524
525 return ax25;
526}
527
528/*
529 * Handling for system calls applied via the various interfaces to an
530 * AX25 socket object
531 */
532
533static int ax25_setsockopt(struct socket *sock, int level, int optname,
534 char __user *optval, unsigned int optlen)
535{
536 struct sock *sk = sock->sk;
537 ax25_cb *ax25;
538 struct net_device *dev;
539 char devname[IFNAMSIZ];
540 unsigned long opt;
541 int res = 0;
542
543 if (level != SOL_AX25)
544 return -ENOPROTOOPT;
545
546 if (optlen < sizeof(unsigned int))
547 return -EINVAL;
548
549 if (get_user(opt, (unsigned int __user *)optval))
550 return -EFAULT;
551
552 lock_sock(sk);
553 ax25 = sk_to_ax25(sk);
554
555 switch (optname) {
556 case AX25_WINDOW:
557 if (ax25->modulus == AX25_MODULUS) {
558 if (opt < 1 || opt > 7) {
559 res = -EINVAL;
560 break;
561 }
562 } else {
563 if (opt < 1 || opt > 63) {
564 res = -EINVAL;
565 break;
566 }
567 }
568 ax25->window = opt;
569 break;
570
571 case AX25_T1:
572 if (opt < 1 || opt > ULONG_MAX / HZ) {
573 res = -EINVAL;
574 break;
575 }
576 ax25->rtt = (opt * HZ) >> 1;
577 ax25->t1 = opt * HZ;
578 break;
579
580 case AX25_T2:
581 if (opt < 1 || opt > ULONG_MAX / HZ) {
582 res = -EINVAL;
583 break;
584 }
585 ax25->t2 = opt * HZ;
586 break;
587
588 case AX25_N2:
589 if (opt < 1 || opt > 31) {
590 res = -EINVAL;
591 break;
592 }
593 ax25->n2 = opt;
594 break;
595
596 case AX25_T3:
597 if (opt < 1 || opt > ULONG_MAX / HZ) {
598 res = -EINVAL;
599 break;
600 }
601 ax25->t3 = opt * HZ;
602 break;
603
604 case AX25_IDLE:
605 if (opt > ULONG_MAX / (60 * HZ)) {
606 res = -EINVAL;
607 break;
608 }
609 ax25->idle = opt * 60 * HZ;
610 break;
611
612 case AX25_BACKOFF:
613 if (opt > 2) {
614 res = -EINVAL;
615 break;
616 }
617 ax25->backoff = opt;
618 break;
619
620 case AX25_EXTSEQ:
621 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
622 break;
623
624 case AX25_PIDINCL:
625 ax25->pidincl = opt ? 1 : 0;
626 break;
627
628 case AX25_IAMDIGI:
629 ax25->iamdigi = opt ? 1 : 0;
630 break;
631
632 case AX25_PACLEN:
633 if (opt < 16 || opt > 65535) {
634 res = -EINVAL;
635 break;
636 }
637 ax25->paclen = opt;
638 break;
639
640 case SO_BINDTODEVICE:
641 if (optlen > IFNAMSIZ)
642 optlen = IFNAMSIZ;
643
644 if (copy_from_user(devname, optval, optlen)) {
645 res = -EFAULT;
646 break;
647 }
648
649 if (sk->sk_type == SOCK_SEQPACKET &&
650 (sock->state != SS_UNCONNECTED ||
651 sk->sk_state == TCP_LISTEN)) {
652 res = -EADDRNOTAVAIL;
653 break;
654 }
655
656 dev = dev_get_by_name(&init_net, devname);
657 if (!dev) {
658 res = -ENODEV;
659 break;
660 }
661
662 ax25->ax25_dev = ax25_dev_ax25dev(dev);
663 ax25_fillin_cb(ax25, ax25->ax25_dev);
664 dev_put(dev);
665 break;
666
667 default:
668 res = -ENOPROTOOPT;
669 }
670 release_sock(sk);
671
672 return res;
673}
674
675static int ax25_getsockopt(struct socket *sock, int level, int optname,
676 char __user *optval, int __user *optlen)
677{
678 struct sock *sk = sock->sk;
679 ax25_cb *ax25;
680 struct ax25_dev *ax25_dev;
681 char devname[IFNAMSIZ];
682 void *valptr;
683 int val = 0;
684 int maxlen, length;
685
686 if (level != SOL_AX25)
687 return -ENOPROTOOPT;
688
689 if (get_user(maxlen, optlen))
690 return -EFAULT;
691
692 if (maxlen < 1)
693 return -EFAULT;
694
695 valptr = (void *) &val;
696 length = min_t(unsigned int, maxlen, sizeof(int));
697
698 lock_sock(sk);
699 ax25 = sk_to_ax25(sk);
700
701 switch (optname) {
702 case AX25_WINDOW:
703 val = ax25->window;
704 break;
705
706 case AX25_T1:
707 val = ax25->t1 / HZ;
708 break;
709
710 case AX25_T2:
711 val = ax25->t2 / HZ;
712 break;
713
714 case AX25_N2:
715 val = ax25->n2;
716 break;
717
718 case AX25_T3:
719 val = ax25->t3 / HZ;
720 break;
721
722 case AX25_IDLE:
723 val = ax25->idle / (60 * HZ);
724 break;
725
726 case AX25_BACKOFF:
727 val = ax25->backoff;
728 break;
729
730 case AX25_EXTSEQ:
731 val = (ax25->modulus == AX25_EMODULUS);
732 break;
733
734 case AX25_PIDINCL:
735 val = ax25->pidincl;
736 break;
737
738 case AX25_IAMDIGI:
739 val = ax25->iamdigi;
740 break;
741
742 case AX25_PACLEN:
743 val = ax25->paclen;
744 break;
745
746 case SO_BINDTODEVICE:
747 ax25_dev = ax25->ax25_dev;
748
749 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
750 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
751 length = strlen(devname) + 1;
752 } else {
753 *devname = '\0';
754 length = 1;
755 }
756
757 valptr = (void *) devname;
758 break;
759
760 default:
761 release_sock(sk);
762 return -ENOPROTOOPT;
763 }
764 release_sock(sk);
765
766 if (put_user(length, optlen))
767 return -EFAULT;
768
769 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
770}
771
772static int ax25_listen(struct socket *sock, int backlog)
773{
774 struct sock *sk = sock->sk;
775 int res = 0;
776
777 lock_sock(sk);
778 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
779 sk->sk_max_ack_backlog = backlog;
780 sk->sk_state = TCP_LISTEN;
781 goto out;
782 }
783 res = -EOPNOTSUPP;
784
785out:
786 release_sock(sk);
787
788 return res;
789}
790
791/*
792 * XXX: when creating ax25_sock we should update the .obj_size setting
793 * below.
794 */
795static struct proto ax25_proto = {
796 .name = "AX25",
797 .owner = THIS_MODULE,
798 .obj_size = sizeof(struct ax25_sock),
799};
800
801static int ax25_create(struct net *net, struct socket *sock, int protocol,
802 int kern)
803{
804 struct sock *sk;
805 ax25_cb *ax25;
806
807 if (protocol < 0 || protocol > SK_PROTOCOL_MAX)
808 return -EINVAL;
809
810 if (!net_eq(net, &init_net))
811 return -EAFNOSUPPORT;
812
813 switch (sock->type) {
814 case SOCK_DGRAM:
815 if (protocol == 0 || protocol == PF_AX25)
816 protocol = AX25_P_TEXT;
817 break;
818
819 case SOCK_SEQPACKET:
820 switch (protocol) {
821 case 0:
822 case PF_AX25: /* For CLX */
823 protocol = AX25_P_TEXT;
824 break;
825 case AX25_P_SEGMENT:
826#ifdef CONFIG_INET
827 case AX25_P_ARP:
828 case AX25_P_IP:
829#endif
830#ifdef CONFIG_NETROM
831 case AX25_P_NETROM:
832#endif
833#ifdef CONFIG_ROSE
834 case AX25_P_ROSE:
835#endif
836 return -ESOCKTNOSUPPORT;
837#ifdef CONFIG_NETROM_MODULE
838 case AX25_P_NETROM:
839 if (ax25_protocol_is_registered(AX25_P_NETROM))
840 return -ESOCKTNOSUPPORT;
841 break;
842#endif
843#ifdef CONFIG_ROSE_MODULE
844 case AX25_P_ROSE:
845 if (ax25_protocol_is_registered(AX25_P_ROSE))
846 return -ESOCKTNOSUPPORT;
847#endif
848 default:
849 break;
850 }
851 break;
852
853 case SOCK_RAW:
854 break;
855 default:
856 return -ESOCKTNOSUPPORT;
857 }
858
859 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern);
860 if (sk == NULL)
861 return -ENOMEM;
862
863 ax25 = ax25_sk(sk)->cb = ax25_create_cb();
864 if (!ax25) {
865 sk_free(sk);
866 return -ENOMEM;
867 }
868
869 sock_init_data(sock, sk);
870
871 sk->sk_destruct = ax25_free_sock;
872 sock->ops = &ax25_proto_ops;
873 sk->sk_protocol = protocol;
874
875 ax25->sk = sk;
876
877 return 0;
878}
879
880struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
881{
882 struct sock *sk;
883 ax25_cb *ax25, *oax25;
884
885 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0);
886 if (sk == NULL)
887 return NULL;
888
889 if ((ax25 = ax25_create_cb()) == NULL) {
890 sk_free(sk);
891 return NULL;
892 }
893
894 switch (osk->sk_type) {
895 case SOCK_DGRAM:
896 break;
897 case SOCK_SEQPACKET:
898 break;
899 default:
900 sk_free(sk);
901 ax25_cb_put(ax25);
902 return NULL;
903 }
904
905 sock_init_data(NULL, sk);
906
907 sk->sk_type = osk->sk_type;
908 sk->sk_priority = osk->sk_priority;
909 sk->sk_protocol = osk->sk_protocol;
910 sk->sk_rcvbuf = osk->sk_rcvbuf;
911 sk->sk_sndbuf = osk->sk_sndbuf;
912 sk->sk_state = TCP_ESTABLISHED;
913 sock_copy_flags(sk, osk);
914
915 oax25 = sk_to_ax25(osk);
916
917 ax25->modulus = oax25->modulus;
918 ax25->backoff = oax25->backoff;
919 ax25->pidincl = oax25->pidincl;
920 ax25->iamdigi = oax25->iamdigi;
921 ax25->rtt = oax25->rtt;
922 ax25->t1 = oax25->t1;
923 ax25->t2 = oax25->t2;
924 ax25->t3 = oax25->t3;
925 ax25->n2 = oax25->n2;
926 ax25->idle = oax25->idle;
927 ax25->paclen = oax25->paclen;
928 ax25->window = oax25->window;
929
930 ax25->ax25_dev = ax25_dev;
931 ax25->source_addr = oax25->source_addr;
932
933 if (oax25->digipeat != NULL) {
934 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
935 GFP_ATOMIC);
936 if (ax25->digipeat == NULL) {
937 sk_free(sk);
938 ax25_cb_put(ax25);
939 return NULL;
940 }
941 }
942
943 ax25_sk(sk)->cb = ax25;
944 sk->sk_destruct = ax25_free_sock;
945 ax25->sk = sk;
946
947 return sk;
948}
949
950static int ax25_release(struct socket *sock)
951{
952 struct sock *sk = sock->sk;
953 ax25_cb *ax25;
954
955 if (sk == NULL)
956 return 0;
957
958 sock_hold(sk);
959 sock_orphan(sk);
960 lock_sock(sk);
961 ax25 = sk_to_ax25(sk);
962
963 if (sk->sk_type == SOCK_SEQPACKET) {
964 switch (ax25->state) {
965 case AX25_STATE_0:
966 release_sock(sk);
967 ax25_disconnect(ax25, 0);
968 lock_sock(sk);
969 ax25_destroy_socket(ax25);
970 break;
971
972 case AX25_STATE_1:
973 case AX25_STATE_2:
974 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
975 release_sock(sk);
976 ax25_disconnect(ax25, 0);
977 lock_sock(sk);
978 if (!sock_flag(ax25->sk, SOCK_DESTROY))
979 ax25_destroy_socket(ax25);
980 break;
981
982 case AX25_STATE_3:
983 case AX25_STATE_4:
984 ax25_clear_queues(ax25);
985 ax25->n2count = 0;
986
987 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
988 case AX25_PROTO_STD_SIMPLEX:
989 case AX25_PROTO_STD_DUPLEX:
990 ax25_send_control(ax25,
991 AX25_DISC,
992 AX25_POLLON,
993 AX25_COMMAND);
994 ax25_stop_t2timer(ax25);
995 ax25_stop_t3timer(ax25);
996 ax25_stop_idletimer(ax25);
997 break;
998#ifdef CONFIG_AX25_DAMA_SLAVE
999 case AX25_PROTO_DAMA_SLAVE:
1000 ax25_stop_t3timer(ax25);
1001 ax25_stop_idletimer(ax25);
1002 break;
1003#endif
1004 }
1005 ax25_calculate_t1(ax25);
1006 ax25_start_t1timer(ax25);
1007 ax25->state = AX25_STATE_2;
1008 sk->sk_state = TCP_CLOSE;
1009 sk->sk_shutdown |= SEND_SHUTDOWN;
1010 sk->sk_state_change(sk);
1011 sock_set_flag(sk, SOCK_DESTROY);
1012 break;
1013
1014 default:
1015 break;
1016 }
1017 } else {
1018 sk->sk_state = TCP_CLOSE;
1019 sk->sk_shutdown |= SEND_SHUTDOWN;
1020 sk->sk_state_change(sk);
1021 ax25_destroy_socket(ax25);
1022 }
1023
1024 sock->sk = NULL;
1025 release_sock(sk);
1026 sock_put(sk);
1027
1028 return 0;
1029}
1030
1031/*
1032 * We support a funny extension here so you can (as root) give any callsign
1033 * digipeated via a local address as source. This hack is obsolete now
1034 * that we've implemented support for SO_BINDTODEVICE. It is however small
1035 * and trivially backward compatible.
1036 */
1037static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1038{
1039 struct sock *sk = sock->sk;
1040 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1041 ax25_dev *ax25_dev = NULL;
1042 ax25_uid_assoc *user;
1043 ax25_address call;
1044 ax25_cb *ax25;
1045 int err = 0;
1046
1047 if (addr_len != sizeof(struct sockaddr_ax25) &&
1048 addr_len != sizeof(struct full_sockaddr_ax25))
1049 /* support for old structure may go away some time
1050 * ax25_bind(): uses old (6 digipeater) socket structure.
1051 */
1052 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1053 (addr_len > sizeof(struct full_sockaddr_ax25)))
1054 return -EINVAL;
1055
1056 if (addr->fsa_ax25.sax25_family != AF_AX25)
1057 return -EINVAL;
1058
1059 user = ax25_findbyuid(current_euid());
1060 if (user) {
1061 call = user->call;
1062 ax25_uid_put(user);
1063 } else {
1064 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1065 return -EACCES;
1066
1067 call = addr->fsa_ax25.sax25_call;
1068 }
1069
1070 lock_sock(sk);
1071
1072 ax25 = sk_to_ax25(sk);
1073 if (!sock_flag(sk, SOCK_ZAPPED)) {
1074 err = -EINVAL;
1075 goto out;
1076 }
1077
1078 ax25->source_addr = call;
1079
1080 /*
1081 * User already set interface with SO_BINDTODEVICE
1082 */
1083 if (ax25->ax25_dev != NULL)
1084 goto done;
1085
1086 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1087 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1088 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1089 err = -EADDRNOTAVAIL;
1090 goto out;
1091 }
1092 } else {
1093 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1094 err = -EADDRNOTAVAIL;
1095 goto out;
1096 }
1097 }
1098
1099 if (ax25_dev != NULL)
1100 ax25_fillin_cb(ax25, ax25_dev);
1101
1102done:
1103 ax25_cb_add(ax25);
1104 sock_reset_flag(sk, SOCK_ZAPPED);
1105
1106out:
1107 release_sock(sk);
1108
1109 return err;
1110}
1111
1112/*
1113 * FIXME: nonblock behaviour looks like it may have a bug.
1114 */
1115static int __must_check ax25_connect(struct socket *sock,
1116 struct sockaddr *uaddr, int addr_len, int flags)
1117{
1118 struct sock *sk = sock->sk;
1119 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t;
1120 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1121 ax25_digi *digi = NULL;
1122 int ct = 0, err = 0;
1123
1124 /*
1125 * some sanity checks. code further down depends on this
1126 */
1127
1128 if (addr_len == sizeof(struct sockaddr_ax25))
1129 /* support for this will go away in early 2.5.x
1130 * ax25_connect(): uses obsolete socket structure
1131 */
1132 ;
1133 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1134 /* support for old structure may go away some time
1135 * ax25_connect(): uses old (6 digipeater) socket structure.
1136 */
1137 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1138 (addr_len > sizeof(struct full_sockaddr_ax25)))
1139 return -EINVAL;
1140
1141
1142 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1143 return -EINVAL;
1144
1145 lock_sock(sk);
1146
1147 /* deal with restarts */
1148 if (sock->state == SS_CONNECTING) {
1149 switch (sk->sk_state) {
1150 case TCP_SYN_SENT: /* still trying */
1151 err = -EINPROGRESS;
1152 goto out_release;
1153
1154 case TCP_ESTABLISHED: /* connection established */
1155 sock->state = SS_CONNECTED;
1156 goto out_release;
1157
1158 case TCP_CLOSE: /* connection refused */
1159 sock->state = SS_UNCONNECTED;
1160 err = -ECONNREFUSED;
1161 goto out_release;
1162 }
1163 }
1164
1165 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1166 err = -EISCONN; /* No reconnect on a seqpacket socket */
1167 goto out_release;
1168 }
1169
1170 sk->sk_state = TCP_CLOSE;
1171 sock->state = SS_UNCONNECTED;
1172
1173 kfree(ax25->digipeat);
1174 ax25->digipeat = NULL;
1175
1176 /*
1177 * Handle digi-peaters to be used.
1178 */
1179 if (addr_len > sizeof(struct sockaddr_ax25) &&
1180 fsa->fsa_ax25.sax25_ndigis != 0) {
1181 /* Valid number of digipeaters ? */
1182 if (fsa->fsa_ax25.sax25_ndigis < 1 || fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS) {
1183 err = -EINVAL;
1184 goto out_release;
1185 }
1186
1187 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1188 err = -ENOBUFS;
1189 goto out_release;
1190 }
1191
1192 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1193 digi->lastrepeat = -1;
1194
1195 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1196 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1197 AX25_HBIT) && ax25->iamdigi) {
1198 digi->repeated[ct] = 1;
1199 digi->lastrepeat = ct;
1200 } else {
1201 digi->repeated[ct] = 0;
1202 }
1203 digi->calls[ct] = fsa->fsa_digipeater[ct];
1204 ct++;
1205 }
1206 }
1207
1208 /*
1209 * Must bind first - autobinding in this may or may not work. If
1210 * the socket is already bound, check to see if the device has
1211 * been filled in, error if it hasn't.
1212 */
1213 if (sock_flag(sk, SOCK_ZAPPED)) {
1214 /* check if we can remove this feature. It is broken. */
1215 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1216 current->comm);
1217 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1218 kfree(digi);
1219 goto out_release;
1220 }
1221
1222 ax25_fillin_cb(ax25, ax25->ax25_dev);
1223 ax25_cb_add(ax25);
1224 } else {
1225 if (ax25->ax25_dev == NULL) {
1226 kfree(digi);
1227 err = -EHOSTUNREACH;
1228 goto out_release;
1229 }
1230 }
1231
1232 if (sk->sk_type == SOCK_SEQPACKET &&
1233 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1234 ax25->ax25_dev->dev))) {
1235 kfree(digi);
1236 err = -EADDRINUSE; /* Already such a connection */
1237 ax25_cb_put(ax25t);
1238 goto out_release;
1239 }
1240
1241 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1242 ax25->digipeat = digi;
1243
1244 /* First the easy one */
1245 if (sk->sk_type != SOCK_SEQPACKET) {
1246 sock->state = SS_CONNECTED;
1247 sk->sk_state = TCP_ESTABLISHED;
1248 goto out_release;
1249 }
1250
1251 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1252 sock->state = SS_CONNECTING;
1253 sk->sk_state = TCP_SYN_SENT;
1254
1255 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1256 case AX25_PROTO_STD_SIMPLEX:
1257 case AX25_PROTO_STD_DUPLEX:
1258 ax25_std_establish_data_link(ax25);
1259 break;
1260
1261#ifdef CONFIG_AX25_DAMA_SLAVE
1262 case AX25_PROTO_DAMA_SLAVE:
1263 ax25->modulus = AX25_MODULUS;
1264 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1265 if (ax25->ax25_dev->dama.slave)
1266 ax25_ds_establish_data_link(ax25);
1267 else
1268 ax25_std_establish_data_link(ax25);
1269 break;
1270#endif
1271 }
1272
1273 ax25->state = AX25_STATE_1;
1274
1275 ax25_start_heartbeat(ax25);
1276
1277 /* Now the loop */
1278 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1279 err = -EINPROGRESS;
1280 goto out_release;
1281 }
1282
1283 if (sk->sk_state == TCP_SYN_SENT) {
1284 DEFINE_WAIT(wait);
1285
1286 for (;;) {
1287 prepare_to_wait(sk_sleep(sk), &wait,
1288 TASK_INTERRUPTIBLE);
1289 if (sk->sk_state != TCP_SYN_SENT)
1290 break;
1291 if (!signal_pending(current)) {
1292 release_sock(sk);
1293 schedule();
1294 lock_sock(sk);
1295 continue;
1296 }
1297 err = -ERESTARTSYS;
1298 break;
1299 }
1300 finish_wait(sk_sleep(sk), &wait);
1301
1302 if (err)
1303 goto out_release;
1304 }
1305
1306 if (sk->sk_state != TCP_ESTABLISHED) {
1307 /* Not in ABM, not in WAIT_UA -> failed */
1308 sock->state = SS_UNCONNECTED;
1309 err = sock_error(sk); /* Always set at this point */
1310 goto out_release;
1311 }
1312
1313 sock->state = SS_CONNECTED;
1314
1315 err = 0;
1316out_release:
1317 release_sock(sk);
1318
1319 return err;
1320}
1321
1322static int ax25_accept(struct socket *sock, struct socket *newsock, int flags,
1323 bool kern)
1324{
1325 struct sk_buff *skb;
1326 struct sock *newsk;
1327 DEFINE_WAIT(wait);
1328 struct sock *sk;
1329 int err = 0;
1330
1331 if (sock->state != SS_UNCONNECTED)
1332 return -EINVAL;
1333
1334 if ((sk = sock->sk) == NULL)
1335 return -EINVAL;
1336
1337 lock_sock(sk);
1338 if (sk->sk_type != SOCK_SEQPACKET) {
1339 err = -EOPNOTSUPP;
1340 goto out;
1341 }
1342
1343 if (sk->sk_state != TCP_LISTEN) {
1344 err = -EINVAL;
1345 goto out;
1346 }
1347
1348 /*
1349 * The read queue this time is holding sockets ready to use
1350 * hooked into the SABM we saved
1351 */
1352 for (;;) {
1353 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1354 skb = skb_dequeue(&sk->sk_receive_queue);
1355 if (skb)
1356 break;
1357
1358 if (flags & O_NONBLOCK) {
1359 err = -EWOULDBLOCK;
1360 break;
1361 }
1362 if (!signal_pending(current)) {
1363 release_sock(sk);
1364 schedule();
1365 lock_sock(sk);
1366 continue;
1367 }
1368 err = -ERESTARTSYS;
1369 break;
1370 }
1371 finish_wait(sk_sleep(sk), &wait);
1372
1373 if (err)
1374 goto out;
1375
1376 newsk = skb->sk;
1377 sock_graft(newsk, newsock);
1378
1379 /* Now attach up the new socket */
1380 kfree_skb(skb);
1381 sk->sk_ack_backlog--;
1382 newsock->state = SS_CONNECTED;
1383
1384out:
1385 release_sock(sk);
1386
1387 return err;
1388}
1389
1390static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1391 int peer)
1392{
1393 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1394 struct sock *sk = sock->sk;
1395 unsigned char ndigi, i;
1396 ax25_cb *ax25;
1397 int err = 0;
1398
1399 memset(fsa, 0, sizeof(*fsa));
1400 lock_sock(sk);
1401 ax25 = sk_to_ax25(sk);
1402
1403 if (peer != 0) {
1404 if (sk->sk_state != TCP_ESTABLISHED) {
1405 err = -ENOTCONN;
1406 goto out;
1407 }
1408
1409 fsa->fsa_ax25.sax25_family = AF_AX25;
1410 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1411
1412 if (ax25->digipeat != NULL) {
1413 ndigi = ax25->digipeat->ndigi;
1414 fsa->fsa_ax25.sax25_ndigis = ndigi;
1415 for (i = 0; i < ndigi; i++)
1416 fsa->fsa_digipeater[i] =
1417 ax25->digipeat->calls[i];
1418 }
1419 } else {
1420 fsa->fsa_ax25.sax25_family = AF_AX25;
1421 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1422 fsa->fsa_ax25.sax25_ndigis = 1;
1423 if (ax25->ax25_dev != NULL) {
1424 memcpy(&fsa->fsa_digipeater[0],
1425 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1426 } else {
1427 fsa->fsa_digipeater[0] = null_ax25_address;
1428 }
1429 }
1430 err = sizeof (struct full_sockaddr_ax25);
1431
1432out:
1433 release_sock(sk);
1434
1435 return err;
1436}
1437
1438static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1439{
1440 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1441 struct sock *sk = sock->sk;
1442 struct sockaddr_ax25 sax;
1443 struct sk_buff *skb;
1444 ax25_digi dtmp, *dp;
1445 ax25_cb *ax25;
1446 size_t size;
1447 int lv, err, addr_len = msg->msg_namelen;
1448
1449 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1450 return -EINVAL;
1451
1452 lock_sock(sk);
1453 ax25 = sk_to_ax25(sk);
1454
1455 if (sock_flag(sk, SOCK_ZAPPED)) {
1456 err = -EADDRNOTAVAIL;
1457 goto out;
1458 }
1459
1460 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1461 send_sig(SIGPIPE, current, 0);
1462 err = -EPIPE;
1463 goto out;
1464 }
1465
1466 if (ax25->ax25_dev == NULL) {
1467 err = -ENETUNREACH;
1468 goto out;
1469 }
1470
1471 if (len > ax25->ax25_dev->dev->mtu) {
1472 err = -EMSGSIZE;
1473 goto out;
1474 }
1475
1476 if (usax != NULL) {
1477 if (usax->sax25_family != AF_AX25) {
1478 err = -EINVAL;
1479 goto out;
1480 }
1481
1482 if (addr_len == sizeof(struct sockaddr_ax25))
1483 /* ax25_sendmsg(): uses obsolete socket structure */
1484 ;
1485 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1486 /* support for old structure may go away some time
1487 * ax25_sendmsg(): uses old (6 digipeater)
1488 * socket structure.
1489 */
1490 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1491 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1492 err = -EINVAL;
1493 goto out;
1494 }
1495
1496
1497 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1498 int ct = 0;
1499 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1500
1501 /* Valid number of digipeaters ? */
1502 if (usax->sax25_ndigis < 1 || usax->sax25_ndigis > AX25_MAX_DIGIS) {
1503 err = -EINVAL;
1504 goto out;
1505 }
1506
1507 dtmp.ndigi = usax->sax25_ndigis;
1508
1509 while (ct < usax->sax25_ndigis) {
1510 dtmp.repeated[ct] = 0;
1511 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1512 ct++;
1513 }
1514
1515 dtmp.lastrepeat = 0;
1516 }
1517
1518 sax = *usax;
1519 if (sk->sk_type == SOCK_SEQPACKET &&
1520 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1521 err = -EISCONN;
1522 goto out;
1523 }
1524 if (usax->sax25_ndigis == 0)
1525 dp = NULL;
1526 else
1527 dp = &dtmp;
1528 } else {
1529 /*
1530 * FIXME: 1003.1g - if the socket is like this because
1531 * it has become closed (not started closed) and is VC
1532 * we ought to SIGPIPE, EPIPE
1533 */
1534 if (sk->sk_state != TCP_ESTABLISHED) {
1535 err = -ENOTCONN;
1536 goto out;
1537 }
1538 sax.sax25_family = AF_AX25;
1539 sax.sax25_call = ax25->dest_addr;
1540 dp = ax25->digipeat;
1541 }
1542
1543 /* Build a packet */
1544 /* Assume the worst case */
1545 size = len + ax25->ax25_dev->dev->hard_header_len;
1546
1547 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1548 if (skb == NULL)
1549 goto out;
1550
1551 skb_reserve(skb, size - len);
1552
1553 /* User data follows immediately after the AX.25 data */
1554 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1555 err = -EFAULT;
1556 kfree_skb(skb);
1557 goto out;
1558 }
1559
1560 skb_reset_network_header(skb);
1561
1562 /* Add the PID if one is not supplied by the user in the skb */
1563 if (!ax25->pidincl)
1564 *(u8 *)skb_push(skb, 1) = sk->sk_protocol;
1565
1566 if (sk->sk_type == SOCK_SEQPACKET) {
1567 /* Connected mode sockets go via the LAPB machine */
1568 if (sk->sk_state != TCP_ESTABLISHED) {
1569 kfree_skb(skb);
1570 err = -ENOTCONN;
1571 goto out;
1572 }
1573
1574 /* Shove it onto the queue and kick */
1575 ax25_output(ax25, ax25->paclen, skb);
1576
1577 err = len;
1578 goto out;
1579 }
1580
1581 skb_push(skb, 1 + ax25_addr_size(dp));
1582
1583 /* Building AX.25 Header */
1584
1585 /* Build an AX.25 header */
1586 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1587 dp, AX25_COMMAND, AX25_MODULUS);
1588
1589 skb_set_transport_header(skb, lv);
1590
1591 *skb_transport_header(skb) = AX25_UI;
1592
1593 /* Datagram frames go straight out of the door as UI */
1594 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1595
1596 err = len;
1597
1598out:
1599 release_sock(sk);
1600
1601 return err;
1602}
1603
1604static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1605 int flags)
1606{
1607 struct sock *sk = sock->sk;
1608 struct sk_buff *skb;
1609 int copied;
1610 int err = 0;
1611
1612 lock_sock(sk);
1613 /*
1614 * This works for seqpacket too. The receiver has ordered the
1615 * queue for us! We do one quick check first though
1616 */
1617 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1618 err = -ENOTCONN;
1619 goto out;
1620 }
1621
1622 /* Now we can treat all alike */
1623 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1624 flags & MSG_DONTWAIT, &err);
1625 if (skb == NULL)
1626 goto out;
1627
1628 if (!sk_to_ax25(sk)->pidincl)
1629 skb_pull(skb, 1); /* Remove PID */
1630
1631 skb_reset_transport_header(skb);
1632 copied = skb->len;
1633
1634 if (copied > size) {
1635 copied = size;
1636 msg->msg_flags |= MSG_TRUNC;
1637 }
1638
1639 skb_copy_datagram_msg(skb, 0, msg, copied);
1640
1641 if (msg->msg_name) {
1642 ax25_digi digi;
1643 ax25_address src;
1644 const unsigned char *mac = skb_mac_header(skb);
1645 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1646
1647 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1648 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1649 &digi, NULL, NULL);
1650 sax->sax25_family = AF_AX25;
1651 /* We set this correctly, even though we may not let the
1652 application know the digi calls further down (because it
1653 did NOT ask to know them). This could get political... **/
1654 sax->sax25_ndigis = digi.ndigi;
1655 sax->sax25_call = src;
1656
1657 if (sax->sax25_ndigis != 0) {
1658 int ct;
1659 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1660
1661 for (ct = 0; ct < digi.ndigi; ct++)
1662 fsa->fsa_digipeater[ct] = digi.calls[ct];
1663 }
1664 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1665 }
1666
1667 skb_free_datagram(sk, skb);
1668 err = copied;
1669
1670out:
1671 release_sock(sk);
1672
1673 return err;
1674}
1675
1676static int ax25_shutdown(struct socket *sk, int how)
1677{
1678 /* FIXME - generate DM and RNR states */
1679 return -EOPNOTSUPP;
1680}
1681
1682static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1683{
1684 struct sock *sk = sock->sk;
1685 void __user *argp = (void __user *)arg;
1686 int res = 0;
1687
1688 lock_sock(sk);
1689 switch (cmd) {
1690 case TIOCOUTQ: {
1691 long amount;
1692
1693 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1694 if (amount < 0)
1695 amount = 0;
1696 res = put_user(amount, (int __user *)argp);
1697 break;
1698 }
1699
1700 case TIOCINQ: {
1701 struct sk_buff *skb;
1702 long amount = 0L;
1703 /* These two are safe on a single CPU system as only user tasks fiddle here */
1704 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1705 amount = skb->len;
1706 res = put_user(amount, (int __user *) argp);
1707 break;
1708 }
1709
1710 case SIOCGSTAMP:
1711 res = sock_get_timestamp(sk, argp);
1712 break;
1713
1714 case SIOCGSTAMPNS:
1715 res = sock_get_timestampns(sk, argp);
1716 break;
1717
1718 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1719 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1720 case SIOCAX25GETUID: {
1721 struct sockaddr_ax25 sax25;
1722 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1723 res = -EFAULT;
1724 break;
1725 }
1726 res = ax25_uid_ioctl(cmd, &sax25);
1727 break;
1728 }
1729
1730 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1731 long amount;
1732 if (!capable(CAP_NET_ADMIN)) {
1733 res = -EPERM;
1734 break;
1735 }
1736 if (get_user(amount, (long __user *)argp)) {
1737 res = -EFAULT;
1738 break;
1739 }
1740 if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1741 res = -EINVAL;
1742 break;
1743 }
1744 ax25_uid_policy = amount;
1745 res = 0;
1746 break;
1747 }
1748
1749 case SIOCADDRT:
1750 case SIOCDELRT:
1751 case SIOCAX25OPTRT:
1752 if (!capable(CAP_NET_ADMIN)) {
1753 res = -EPERM;
1754 break;
1755 }
1756 res = ax25_rt_ioctl(cmd, argp);
1757 break;
1758
1759 case SIOCAX25CTLCON:
1760 if (!capable(CAP_NET_ADMIN)) {
1761 res = -EPERM;
1762 break;
1763 }
1764 res = ax25_ctl_ioctl(cmd, argp);
1765 break;
1766
1767 case SIOCAX25GETINFO:
1768 case SIOCAX25GETINFOOLD: {
1769 ax25_cb *ax25 = sk_to_ax25(sk);
1770 struct ax25_info_struct ax25_info;
1771
1772 ax25_info.t1 = ax25->t1 / HZ;
1773 ax25_info.t2 = ax25->t2 / HZ;
1774 ax25_info.t3 = ax25->t3 / HZ;
1775 ax25_info.idle = ax25->idle / (60 * HZ);
1776 ax25_info.n2 = ax25->n2;
1777 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1778 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1779 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1780 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1781 ax25_info.n2count = ax25->n2count;
1782 ax25_info.state = ax25->state;
1783 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1784 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1785 ax25_info.vs = ax25->vs;
1786 ax25_info.vr = ax25->vr;
1787 ax25_info.va = ax25->va;
1788 ax25_info.vs_max = ax25->vs; /* reserved */
1789 ax25_info.paclen = ax25->paclen;
1790 ax25_info.window = ax25->window;
1791
1792 /* old structure? */
1793 if (cmd == SIOCAX25GETINFOOLD) {
1794 static int warned = 0;
1795 if (!warned) {
1796 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1797 current->comm);
1798 warned=1;
1799 }
1800
1801 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1802 res = -EFAULT;
1803 break;
1804 }
1805 } else {
1806 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1807 res = -EINVAL;
1808 break;
1809 }
1810 }
1811 res = 0;
1812 break;
1813 }
1814
1815 case SIOCAX25ADDFWD:
1816 case SIOCAX25DELFWD: {
1817 struct ax25_fwd_struct ax25_fwd;
1818 if (!capable(CAP_NET_ADMIN)) {
1819 res = -EPERM;
1820 break;
1821 }
1822 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1823 res = -EFAULT;
1824 break;
1825 }
1826 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1827 break;
1828 }
1829
1830 case SIOCGIFADDR:
1831 case SIOCSIFADDR:
1832 case SIOCGIFDSTADDR:
1833 case SIOCSIFDSTADDR:
1834 case SIOCGIFBRDADDR:
1835 case SIOCSIFBRDADDR:
1836 case SIOCGIFNETMASK:
1837 case SIOCSIFNETMASK:
1838 case SIOCGIFMETRIC:
1839 case SIOCSIFMETRIC:
1840 res = -EINVAL;
1841 break;
1842
1843 default:
1844 res = -ENOIOCTLCMD;
1845 break;
1846 }
1847 release_sock(sk);
1848
1849 return res;
1850}
1851
1852#ifdef CONFIG_PROC_FS
1853
1854static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1855 __acquires(ax25_list_lock)
1856{
1857 spin_lock_bh(&ax25_list_lock);
1858 return seq_hlist_start(&ax25_list, *pos);
1859}
1860
1861static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1862{
1863 return seq_hlist_next(v, &ax25_list, pos);
1864}
1865
1866static void ax25_info_stop(struct seq_file *seq, void *v)
1867 __releases(ax25_list_lock)
1868{
1869 spin_unlock_bh(&ax25_list_lock);
1870}
1871
1872static int ax25_info_show(struct seq_file *seq, void *v)
1873{
1874 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1875 char buf[11];
1876 int k;
1877
1878
1879 /*
1880 * New format:
1881 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1882 */
1883
1884 seq_printf(seq, "%8.8lx %s %s%s ",
1885 (long) ax25,
1886 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1887 ax2asc(buf, &ax25->source_addr),
1888 ax25->iamdigi? "*":"");
1889 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1890
1891 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1892 seq_printf(seq, ",%s%s",
1893 ax2asc(buf, &ax25->digipeat->calls[k]),
1894 ax25->digipeat->repeated[k]? "*":"");
1895 }
1896
1897 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1898 ax25->state,
1899 ax25->vs, ax25->vr, ax25->va,
1900 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1901 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1902 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1903 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1904 ax25->idle / (60 * HZ),
1905 ax25->n2count, ax25->n2,
1906 ax25->rtt / HZ,
1907 ax25->window,
1908 ax25->paclen);
1909
1910 if (ax25->sk != NULL) {
1911 seq_printf(seq, " %d %d %lu\n",
1912 sk_wmem_alloc_get(ax25->sk),
1913 sk_rmem_alloc_get(ax25->sk),
1914 sock_i_ino(ax25->sk));
1915 } else {
1916 seq_puts(seq, " * * *\n");
1917 }
1918 return 0;
1919}
1920
1921static const struct seq_operations ax25_info_seqops = {
1922 .start = ax25_info_start,
1923 .next = ax25_info_next,
1924 .stop = ax25_info_stop,
1925 .show = ax25_info_show,
1926};
1927
1928static int ax25_info_open(struct inode *inode, struct file *file)
1929{
1930 return seq_open(file, &ax25_info_seqops);
1931}
1932
1933static const struct file_operations ax25_info_fops = {
1934 .open = ax25_info_open,
1935 .read = seq_read,
1936 .llseek = seq_lseek,
1937 .release = seq_release,
1938};
1939
1940#endif
1941
1942static const struct net_proto_family ax25_family_ops = {
1943 .family = PF_AX25,
1944 .create = ax25_create,
1945 .owner = THIS_MODULE,
1946};
1947
1948static const struct proto_ops ax25_proto_ops = {
1949 .family = PF_AX25,
1950 .owner = THIS_MODULE,
1951 .release = ax25_release,
1952 .bind = ax25_bind,
1953 .connect = ax25_connect,
1954 .socketpair = sock_no_socketpair,
1955 .accept = ax25_accept,
1956 .getname = ax25_getname,
1957 .poll = datagram_poll,
1958 .ioctl = ax25_ioctl,
1959 .listen = ax25_listen,
1960 .shutdown = ax25_shutdown,
1961 .setsockopt = ax25_setsockopt,
1962 .getsockopt = ax25_getsockopt,
1963 .sendmsg = ax25_sendmsg,
1964 .recvmsg = ax25_recvmsg,
1965 .mmap = sock_no_mmap,
1966 .sendpage = sock_no_sendpage,
1967};
1968
1969/*
1970 * Called by socket.c on kernel start up
1971 */
1972static struct packet_type ax25_packet_type __read_mostly = {
1973 .type = cpu_to_be16(ETH_P_AX25),
1974 .func = ax25_kiss_rcv,
1975};
1976
1977static struct notifier_block ax25_dev_notifier = {
1978 .notifier_call = ax25_device_event,
1979};
1980
1981static int __init ax25_init(void)
1982{
1983 int rc = proto_register(&ax25_proto, 0);
1984
1985 if (rc != 0)
1986 goto out;
1987
1988 sock_register(&ax25_family_ops);
1989 dev_add_pack(&ax25_packet_type);
1990 register_netdevice_notifier(&ax25_dev_notifier);
1991
1992 proc_create("ax25_route", 0444, init_net.proc_net,
1993 &ax25_route_fops);
1994 proc_create("ax25", 0444, init_net.proc_net, &ax25_info_fops);
1995 proc_create("ax25_calls", 0444, init_net.proc_net, &ax25_uid_fops);
1996out:
1997 return rc;
1998}
1999module_init(ax25_init);
2000
2001
2002MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2003MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2004MODULE_LICENSE("GPL");
2005MODULE_ALIAS_NETPROTO(PF_AX25);
2006
2007static void __exit ax25_exit(void)
2008{
2009 remove_proc_entry("ax25_route", init_net.proc_net);
2010 remove_proc_entry("ax25", init_net.proc_net);
2011 remove_proc_entry("ax25_calls", init_net.proc_net);
2012
2013 unregister_netdevice_notifier(&ax25_dev_notifier);
2014
2015 dev_remove_pack(&ax25_packet_type);
2016
2017 sock_unregister(PF_AX25);
2018 proto_unregister(&ax25_proto);
2019
2020 ax25_rt_free();
2021 ax25_uid_free();
2022 ax25_dev_free();
2023}
2024module_exit(ax25_exit);
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 *
4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
12 */
13#include <linux/capability.h>
14#include <linux/module.h>
15#include <linux/errno.h>
16#include <linux/types.h>
17#include <linux/socket.h>
18#include <linux/in.h>
19#include <linux/kernel.h>
20#include <linux/sched/signal.h>
21#include <linux/timer.h>
22#include <linux/string.h>
23#include <linux/sockios.h>
24#include <linux/net.h>
25#include <linux/slab.h>
26#include <net/ax25.h>
27#include <linux/inet.h>
28#include <linux/netdevice.h>
29#include <linux/if_arp.h>
30#include <linux/skbuff.h>
31#include <net/sock.h>
32#include <linux/uaccess.h>
33#include <linux/fcntl.h>
34#include <linux/termios.h> /* For TIOCINQ/OUTQ */
35#include <linux/mm.h>
36#include <linux/interrupt.h>
37#include <linux/notifier.h>
38#include <linux/proc_fs.h>
39#include <linux/stat.h>
40#include <linux/sysctl.h>
41#include <linux/init.h>
42#include <linux/spinlock.h>
43#include <net/net_namespace.h>
44#include <net/tcp_states.h>
45#include <net/ip.h>
46#include <net/arp.h>
47
48
49
50HLIST_HEAD(ax25_list);
51DEFINE_SPINLOCK(ax25_list_lock);
52
53static const struct proto_ops ax25_proto_ops;
54
55static void ax25_free_sock(struct sock *sk)
56{
57 ax25_cb_put(sk_to_ax25(sk));
58}
59
60/*
61 * Socket removal during an interrupt is now safe.
62 */
63static void ax25_cb_del(ax25_cb *ax25)
64{
65 spin_lock_bh(&ax25_list_lock);
66 if (!hlist_unhashed(&ax25->ax25_node)) {
67 hlist_del_init(&ax25->ax25_node);
68 ax25_cb_put(ax25);
69 }
70 spin_unlock_bh(&ax25_list_lock);
71}
72
73/*
74 * Kill all bound sockets on a dropped device.
75 */
76static void ax25_kill_by_device(struct net_device *dev)
77{
78 ax25_dev *ax25_dev;
79 ax25_cb *s;
80 struct sock *sk;
81
82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
83 return;
84 ax25_dev->device_up = false;
85
86 spin_lock_bh(&ax25_list_lock);
87again:
88 ax25_for_each(s, &ax25_list) {
89 if (s->ax25_dev == ax25_dev) {
90 sk = s->sk;
91 if (!sk) {
92 spin_unlock_bh(&ax25_list_lock);
93 ax25_disconnect(s, ENETUNREACH);
94 s->ax25_dev = NULL;
95 ax25_cb_del(s);
96 spin_lock_bh(&ax25_list_lock);
97 goto again;
98 }
99 sock_hold(sk);
100 spin_unlock_bh(&ax25_list_lock);
101 lock_sock(sk);
102 ax25_disconnect(s, ENETUNREACH);
103 s->ax25_dev = NULL;
104 if (sk->sk_socket) {
105 netdev_put(ax25_dev->dev,
106 &ax25_dev->dev_tracker);
107 ax25_dev_put(ax25_dev);
108 }
109 ax25_cb_del(s);
110 release_sock(sk);
111 spin_lock_bh(&ax25_list_lock);
112 sock_put(sk);
113 /* The entry could have been deleted from the
114 * list meanwhile and thus the next pointer is
115 * no longer valid. Play it safe and restart
116 * the scan. Forward progress is ensured
117 * because we set s->ax25_dev to NULL and we
118 * are never passed a NULL 'dev' argument.
119 */
120 goto again;
121 }
122 }
123 spin_unlock_bh(&ax25_list_lock);
124}
125
126/*
127 * Handle device status changes.
128 */
129static int ax25_device_event(struct notifier_block *this, unsigned long event,
130 void *ptr)
131{
132 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
133
134 if (!net_eq(dev_net(dev), &init_net))
135 return NOTIFY_DONE;
136
137 /* Reject non AX.25 devices */
138 if (dev->type != ARPHRD_AX25)
139 return NOTIFY_DONE;
140
141 switch (event) {
142 case NETDEV_UP:
143 ax25_dev_device_up(dev);
144 break;
145 case NETDEV_DOWN:
146 ax25_kill_by_device(dev);
147 ax25_rt_device_down(dev);
148 ax25_dev_device_down(dev);
149 break;
150 default:
151 break;
152 }
153
154 return NOTIFY_DONE;
155}
156
157/*
158 * Add a socket to the bound sockets list.
159 */
160void ax25_cb_add(ax25_cb *ax25)
161{
162 spin_lock_bh(&ax25_list_lock);
163 ax25_cb_hold(ax25);
164 hlist_add_head(&ax25->ax25_node, &ax25_list);
165 spin_unlock_bh(&ax25_list_lock);
166}
167
168/*
169 * Find a socket that wants to accept the SABM we have just
170 * received.
171 */
172struct sock *ax25_find_listener(ax25_address *addr, int digi,
173 struct net_device *dev, int type)
174{
175 ax25_cb *s;
176
177 spin_lock(&ax25_list_lock);
178 ax25_for_each(s, &ax25_list) {
179 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
180 continue;
181 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
182 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
183 /* If device is null we match any device */
184 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
185 sock_hold(s->sk);
186 spin_unlock(&ax25_list_lock);
187 return s->sk;
188 }
189 }
190 }
191 spin_unlock(&ax25_list_lock);
192
193 return NULL;
194}
195
196/*
197 * Find an AX.25 socket given both ends.
198 */
199struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
200 int type)
201{
202 struct sock *sk = NULL;
203 ax25_cb *s;
204
205 spin_lock(&ax25_list_lock);
206 ax25_for_each(s, &ax25_list) {
207 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
208 !ax25cmp(&s->dest_addr, dest_addr) &&
209 s->sk->sk_type == type) {
210 sk = s->sk;
211 sock_hold(sk);
212 break;
213 }
214 }
215
216 spin_unlock(&ax25_list_lock);
217
218 return sk;
219}
220
221/*
222 * Find an AX.25 control block given both ends. It will only pick up
223 * floating AX.25 control blocks or non Raw socket bound control blocks.
224 */
225ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr,
226 ax25_digi *digi, struct net_device *dev)
227{
228 ax25_cb *s;
229
230 spin_lock_bh(&ax25_list_lock);
231 ax25_for_each(s, &ax25_list) {
232 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
233 continue;
234 if (s->ax25_dev == NULL)
235 continue;
236 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
237 if (digi != NULL && digi->ndigi != 0) {
238 if (s->digipeat == NULL)
239 continue;
240 if (ax25digicmp(s->digipeat, digi) != 0)
241 continue;
242 } else {
243 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
244 continue;
245 }
246 ax25_cb_hold(s);
247 spin_unlock_bh(&ax25_list_lock);
248
249 return s;
250 }
251 }
252 spin_unlock_bh(&ax25_list_lock);
253
254 return NULL;
255}
256
257EXPORT_SYMBOL(ax25_find_cb);
258
259void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
260{
261 ax25_cb *s;
262 struct sk_buff *copy;
263
264 spin_lock(&ax25_list_lock);
265 ax25_for_each(s, &ax25_list) {
266 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
267 s->sk->sk_type == SOCK_RAW &&
268 s->sk->sk_protocol == proto &&
269 s->ax25_dev->dev == skb->dev &&
270 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
271 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
272 continue;
273 if (sock_queue_rcv_skb(s->sk, copy) != 0)
274 kfree_skb(copy);
275 }
276 }
277 spin_unlock(&ax25_list_lock);
278}
279
280/*
281 * Deferred destroy.
282 */
283void ax25_destroy_socket(ax25_cb *);
284
285/*
286 * Handler for deferred kills.
287 */
288static void ax25_destroy_timer(struct timer_list *t)
289{
290 ax25_cb *ax25 = from_timer(ax25, t, dtimer);
291 struct sock *sk;
292
293 sk=ax25->sk;
294
295 bh_lock_sock(sk);
296 sock_hold(sk);
297 ax25_destroy_socket(ax25);
298 bh_unlock_sock(sk);
299 sock_put(sk);
300}
301
302/*
303 * This is called from user mode and the timers. Thus it protects itself
304 * against interrupt users but doesn't worry about being called during
305 * work. Once it is removed from the queue no interrupt or bottom half
306 * will touch it and we are (fairly 8-) ) safe.
307 */
308void ax25_destroy_socket(ax25_cb *ax25)
309{
310 struct sk_buff *skb;
311
312 ax25_cb_del(ax25);
313
314 ax25_stop_heartbeat(ax25);
315 ax25_stop_t1timer(ax25);
316 ax25_stop_t2timer(ax25);
317 ax25_stop_t3timer(ax25);
318 ax25_stop_idletimer(ax25);
319
320 ax25_clear_queues(ax25); /* Flush the queues */
321
322 if (ax25->sk != NULL) {
323 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
324 if (skb->sk != ax25->sk) {
325 /* A pending connection */
326 ax25_cb *sax25 = sk_to_ax25(skb->sk);
327
328 /* Queue the unaccepted socket for death */
329 sock_orphan(skb->sk);
330
331 /* 9A4GL: hack to release unaccepted sockets */
332 skb->sk->sk_state = TCP_LISTEN;
333
334 ax25_start_heartbeat(sax25);
335 sax25->state = AX25_STATE_0;
336 }
337
338 kfree_skb(skb);
339 }
340 skb_queue_purge(&ax25->sk->sk_write_queue);
341 }
342
343 if (ax25->sk != NULL) {
344 if (sk_has_allocations(ax25->sk)) {
345 /* Defer: outstanding buffers */
346 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0);
347 ax25->dtimer.expires = jiffies + 2 * HZ;
348 add_timer(&ax25->dtimer);
349 } else {
350 struct sock *sk=ax25->sk;
351 ax25->sk=NULL;
352 sock_put(sk);
353 }
354 } else {
355 ax25_cb_put(ax25);
356 }
357}
358
359/*
360 * dl1bke 960311: set parameters for existing AX.25 connections,
361 * includes a KILL command to abort any connection.
362 * VERY useful for debugging ;-)
363 */
364static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
365{
366 struct ax25_ctl_struct ax25_ctl;
367 ax25_digi digi;
368 ax25_dev *ax25_dev;
369 ax25_cb *ax25;
370 unsigned int k;
371 int ret = 0;
372
373 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
374 return -EFAULT;
375
376 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
377 return -EINVAL;
378
379 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
380 return -EINVAL;
381
382 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr);
383 if (!ax25_dev)
384 return -ENODEV;
385
386 digi.ndigi = ax25_ctl.digi_count;
387 for (k = 0; k < digi.ndigi; k++)
388 digi.calls[k] = ax25_ctl.digi_addr[k];
389
390 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev);
391 if (!ax25) {
392 ax25_dev_put(ax25_dev);
393 return -ENOTCONN;
394 }
395
396 switch (ax25_ctl.cmd) {
397 case AX25_KILL:
398 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
399#ifdef CONFIG_AX25_DAMA_SLAVE
400 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
401 ax25_dama_off(ax25);
402#endif
403 ax25_disconnect(ax25, ENETRESET);
404 break;
405
406 case AX25_WINDOW:
407 if (ax25->modulus == AX25_MODULUS) {
408 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
409 goto einval_put;
410 } else {
411 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
412 goto einval_put;
413 }
414 ax25->window = ax25_ctl.arg;
415 break;
416
417 case AX25_T1:
418 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
419 goto einval_put;
420 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
421 ax25->t1 = ax25_ctl.arg * HZ;
422 break;
423
424 case AX25_T2:
425 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
426 goto einval_put;
427 ax25->t2 = ax25_ctl.arg * HZ;
428 break;
429
430 case AX25_N2:
431 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
432 goto einval_put;
433 ax25->n2count = 0;
434 ax25->n2 = ax25_ctl.arg;
435 break;
436
437 case AX25_T3:
438 if (ax25_ctl.arg > ULONG_MAX / HZ)
439 goto einval_put;
440 ax25->t3 = ax25_ctl.arg * HZ;
441 break;
442
443 case AX25_IDLE:
444 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
445 goto einval_put;
446
447 ax25->idle = ax25_ctl.arg * 60 * HZ;
448 break;
449
450 case AX25_PACLEN:
451 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
452 goto einval_put;
453 ax25->paclen = ax25_ctl.arg;
454 break;
455
456 default:
457 goto einval_put;
458 }
459
460out_put:
461 ax25_dev_put(ax25_dev);
462 ax25_cb_put(ax25);
463 return ret;
464
465einval_put:
466 ret = -EINVAL;
467 goto out_put;
468}
469
470static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
471{
472 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
473 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
474 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
475 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
476 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
477 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
478 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
479 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
480
481 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
482 ax25->modulus = AX25_EMODULUS;
483 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
484 } else {
485 ax25->modulus = AX25_MODULUS;
486 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
487 }
488}
489
490/*
491 * Fill in a created AX.25 created control block with the default
492 * values for a particular device.
493 */
494void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
495{
496 ax25->ax25_dev = ax25_dev;
497
498 if (ax25->ax25_dev != NULL) {
499 ax25_fillin_cb_from_dev(ax25, ax25_dev);
500 return;
501 }
502
503 /*
504 * No device, use kernel / AX.25 spec default values
505 */
506 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
507 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
508 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
509 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
510 ax25->n2 = AX25_DEF_N2;
511 ax25->paclen = AX25_DEF_PACLEN;
512 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
513 ax25->backoff = AX25_DEF_BACKOFF;
514
515 if (AX25_DEF_AXDEFMODE) {
516 ax25->modulus = AX25_EMODULUS;
517 ax25->window = AX25_DEF_EWINDOW;
518 } else {
519 ax25->modulus = AX25_MODULUS;
520 ax25->window = AX25_DEF_WINDOW;
521 }
522}
523
524/*
525 * Create an empty AX.25 control block.
526 */
527ax25_cb *ax25_create_cb(void)
528{
529 ax25_cb *ax25;
530
531 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
532 return NULL;
533
534 refcount_set(&ax25->refcount, 1);
535
536 skb_queue_head_init(&ax25->write_queue);
537 skb_queue_head_init(&ax25->frag_queue);
538 skb_queue_head_init(&ax25->ack_queue);
539 skb_queue_head_init(&ax25->reseq_queue);
540
541 ax25_setup_timers(ax25);
542
543 ax25_fillin_cb(ax25, NULL);
544
545 ax25->state = AX25_STATE_0;
546
547 return ax25;
548}
549
550/*
551 * Handling for system calls applied via the various interfaces to an
552 * AX25 socket object
553 */
554
555static int ax25_setsockopt(struct socket *sock, int level, int optname,
556 sockptr_t optval, unsigned int optlen)
557{
558 struct sock *sk = sock->sk;
559 ax25_cb *ax25;
560 struct net_device *dev;
561 char devname[IFNAMSIZ];
562 unsigned int opt;
563 int res = 0;
564
565 if (level != SOL_AX25)
566 return -ENOPROTOOPT;
567
568 if (optlen < sizeof(unsigned int))
569 return -EINVAL;
570
571 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int)))
572 return -EFAULT;
573
574 lock_sock(sk);
575 ax25 = sk_to_ax25(sk);
576
577 switch (optname) {
578 case AX25_WINDOW:
579 if (ax25->modulus == AX25_MODULUS) {
580 if (opt < 1 || opt > 7) {
581 res = -EINVAL;
582 break;
583 }
584 } else {
585 if (opt < 1 || opt > 63) {
586 res = -EINVAL;
587 break;
588 }
589 }
590 ax25->window = opt;
591 break;
592
593 case AX25_T1:
594 if (opt < 1 || opt > UINT_MAX / HZ) {
595 res = -EINVAL;
596 break;
597 }
598 ax25->rtt = (opt * HZ) >> 1;
599 ax25->t1 = opt * HZ;
600 break;
601
602 case AX25_T2:
603 if (opt < 1 || opt > UINT_MAX / HZ) {
604 res = -EINVAL;
605 break;
606 }
607 ax25->t2 = opt * HZ;
608 break;
609
610 case AX25_N2:
611 if (opt < 1 || opt > 31) {
612 res = -EINVAL;
613 break;
614 }
615 ax25->n2 = opt;
616 break;
617
618 case AX25_T3:
619 if (opt < 1 || opt > UINT_MAX / HZ) {
620 res = -EINVAL;
621 break;
622 }
623 ax25->t3 = opt * HZ;
624 break;
625
626 case AX25_IDLE:
627 if (opt > UINT_MAX / (60 * HZ)) {
628 res = -EINVAL;
629 break;
630 }
631 ax25->idle = opt * 60 * HZ;
632 break;
633
634 case AX25_BACKOFF:
635 if (opt > 2) {
636 res = -EINVAL;
637 break;
638 }
639 ax25->backoff = opt;
640 break;
641
642 case AX25_EXTSEQ:
643 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
644 break;
645
646 case AX25_PIDINCL:
647 ax25->pidincl = opt ? 1 : 0;
648 break;
649
650 case AX25_IAMDIGI:
651 ax25->iamdigi = opt ? 1 : 0;
652 break;
653
654 case AX25_PACLEN:
655 if (opt < 16 || opt > 65535) {
656 res = -EINVAL;
657 break;
658 }
659 ax25->paclen = opt;
660 break;
661
662 case SO_BINDTODEVICE:
663 if (optlen > IFNAMSIZ - 1)
664 optlen = IFNAMSIZ - 1;
665
666 memset(devname, 0, sizeof(devname));
667
668 if (copy_from_sockptr(devname, optval, optlen)) {
669 res = -EFAULT;
670 break;
671 }
672
673 if (sk->sk_type == SOCK_SEQPACKET &&
674 (sock->state != SS_UNCONNECTED ||
675 sk->sk_state == TCP_LISTEN)) {
676 res = -EADDRNOTAVAIL;
677 break;
678 }
679
680 rtnl_lock();
681 dev = __dev_get_by_name(&init_net, devname);
682 if (!dev) {
683 rtnl_unlock();
684 res = -ENODEV;
685 break;
686 }
687
688 ax25->ax25_dev = ax25_dev_ax25dev(dev);
689 if (!ax25->ax25_dev) {
690 rtnl_unlock();
691 res = -ENODEV;
692 break;
693 }
694 ax25_fillin_cb(ax25, ax25->ax25_dev);
695 rtnl_unlock();
696 break;
697
698 default:
699 res = -ENOPROTOOPT;
700 }
701 release_sock(sk);
702
703 return res;
704}
705
706static int ax25_getsockopt(struct socket *sock, int level, int optname,
707 char __user *optval, int __user *optlen)
708{
709 struct sock *sk = sock->sk;
710 ax25_cb *ax25;
711 struct ax25_dev *ax25_dev;
712 char devname[IFNAMSIZ];
713 void *valptr;
714 int val = 0;
715 int maxlen, length;
716
717 if (level != SOL_AX25)
718 return -ENOPROTOOPT;
719
720 if (get_user(maxlen, optlen))
721 return -EFAULT;
722
723 if (maxlen < 1)
724 return -EFAULT;
725
726 valptr = &val;
727 length = min_t(unsigned int, maxlen, sizeof(int));
728
729 lock_sock(sk);
730 ax25 = sk_to_ax25(sk);
731
732 switch (optname) {
733 case AX25_WINDOW:
734 val = ax25->window;
735 break;
736
737 case AX25_T1:
738 val = ax25->t1 / HZ;
739 break;
740
741 case AX25_T2:
742 val = ax25->t2 / HZ;
743 break;
744
745 case AX25_N2:
746 val = ax25->n2;
747 break;
748
749 case AX25_T3:
750 val = ax25->t3 / HZ;
751 break;
752
753 case AX25_IDLE:
754 val = ax25->idle / (60 * HZ);
755 break;
756
757 case AX25_BACKOFF:
758 val = ax25->backoff;
759 break;
760
761 case AX25_EXTSEQ:
762 val = (ax25->modulus == AX25_EMODULUS);
763 break;
764
765 case AX25_PIDINCL:
766 val = ax25->pidincl;
767 break;
768
769 case AX25_IAMDIGI:
770 val = ax25->iamdigi;
771 break;
772
773 case AX25_PACLEN:
774 val = ax25->paclen;
775 break;
776
777 case SO_BINDTODEVICE:
778 ax25_dev = ax25->ax25_dev;
779
780 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
781 strscpy(devname, ax25_dev->dev->name, sizeof(devname));
782 length = strlen(devname) + 1;
783 } else {
784 *devname = '\0';
785 length = 1;
786 }
787
788 valptr = devname;
789 break;
790
791 default:
792 release_sock(sk);
793 return -ENOPROTOOPT;
794 }
795 release_sock(sk);
796
797 if (put_user(length, optlen))
798 return -EFAULT;
799
800 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
801}
802
803static int ax25_listen(struct socket *sock, int backlog)
804{
805 struct sock *sk = sock->sk;
806 int res = 0;
807
808 lock_sock(sk);
809 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
810 sk->sk_max_ack_backlog = backlog;
811 sk->sk_state = TCP_LISTEN;
812 goto out;
813 }
814 res = -EOPNOTSUPP;
815
816out:
817 release_sock(sk);
818
819 return res;
820}
821
822/*
823 * XXX: when creating ax25_sock we should update the .obj_size setting
824 * below.
825 */
826static struct proto ax25_proto = {
827 .name = "AX25",
828 .owner = THIS_MODULE,
829 .obj_size = sizeof(struct ax25_sock),
830};
831
832static int ax25_create(struct net *net, struct socket *sock, int protocol,
833 int kern)
834{
835 struct sock *sk;
836 ax25_cb *ax25;
837
838 if (protocol < 0 || protocol > U8_MAX)
839 return -EINVAL;
840
841 if (!net_eq(net, &init_net))
842 return -EAFNOSUPPORT;
843
844 switch (sock->type) {
845 case SOCK_DGRAM:
846 if (protocol == 0 || protocol == PF_AX25)
847 protocol = AX25_P_TEXT;
848 break;
849
850 case SOCK_SEQPACKET:
851 switch (protocol) {
852 case 0:
853 case PF_AX25: /* For CLX */
854 protocol = AX25_P_TEXT;
855 break;
856 case AX25_P_SEGMENT:
857#ifdef CONFIG_INET
858 case AX25_P_ARP:
859 case AX25_P_IP:
860#endif
861#ifdef CONFIG_NETROM
862 case AX25_P_NETROM:
863#endif
864#ifdef CONFIG_ROSE
865 case AX25_P_ROSE:
866#endif
867 return -ESOCKTNOSUPPORT;
868#ifdef CONFIG_NETROM_MODULE
869 case AX25_P_NETROM:
870 if (ax25_protocol_is_registered(AX25_P_NETROM))
871 return -ESOCKTNOSUPPORT;
872 break;
873#endif
874#ifdef CONFIG_ROSE_MODULE
875 case AX25_P_ROSE:
876 if (ax25_protocol_is_registered(AX25_P_ROSE))
877 return -ESOCKTNOSUPPORT;
878 break;
879#endif
880 default:
881 break;
882 }
883 break;
884
885 case SOCK_RAW:
886 if (!capable(CAP_NET_RAW))
887 return -EPERM;
888 break;
889 default:
890 return -ESOCKTNOSUPPORT;
891 }
892
893 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern);
894 if (sk == NULL)
895 return -ENOMEM;
896
897 ax25 = ax25_sk(sk)->cb = ax25_create_cb();
898 if (!ax25) {
899 sk_free(sk);
900 return -ENOMEM;
901 }
902
903 sock_init_data(sock, sk);
904
905 sk->sk_destruct = ax25_free_sock;
906 sock->ops = &ax25_proto_ops;
907 sk->sk_protocol = protocol;
908
909 ax25->sk = sk;
910
911 return 0;
912}
913
914struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
915{
916 struct sock *sk;
917 ax25_cb *ax25, *oax25;
918
919 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0);
920 if (sk == NULL)
921 return NULL;
922
923 if ((ax25 = ax25_create_cb()) == NULL) {
924 sk_free(sk);
925 return NULL;
926 }
927
928 switch (osk->sk_type) {
929 case SOCK_DGRAM:
930 break;
931 case SOCK_SEQPACKET:
932 break;
933 default:
934 sk_free(sk);
935 ax25_cb_put(ax25);
936 return NULL;
937 }
938
939 sock_init_data(NULL, sk);
940
941 sk->sk_type = osk->sk_type;
942 sk->sk_priority = osk->sk_priority;
943 sk->sk_protocol = osk->sk_protocol;
944 sk->sk_rcvbuf = osk->sk_rcvbuf;
945 sk->sk_sndbuf = osk->sk_sndbuf;
946 sk->sk_state = TCP_ESTABLISHED;
947 sock_copy_flags(sk, osk);
948
949 oax25 = sk_to_ax25(osk);
950
951 ax25->modulus = oax25->modulus;
952 ax25->backoff = oax25->backoff;
953 ax25->pidincl = oax25->pidincl;
954 ax25->iamdigi = oax25->iamdigi;
955 ax25->rtt = oax25->rtt;
956 ax25->t1 = oax25->t1;
957 ax25->t2 = oax25->t2;
958 ax25->t3 = oax25->t3;
959 ax25->n2 = oax25->n2;
960 ax25->idle = oax25->idle;
961 ax25->paclen = oax25->paclen;
962 ax25->window = oax25->window;
963
964 ax25->ax25_dev = ax25_dev;
965 ax25->source_addr = oax25->source_addr;
966
967 if (oax25->digipeat != NULL) {
968 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
969 GFP_ATOMIC);
970 if (ax25->digipeat == NULL) {
971 sk_free(sk);
972 ax25_cb_put(ax25);
973 return NULL;
974 }
975 }
976
977 ax25_sk(sk)->cb = ax25;
978 sk->sk_destruct = ax25_free_sock;
979 ax25->sk = sk;
980
981 return sk;
982}
983
984static int ax25_release(struct socket *sock)
985{
986 struct sock *sk = sock->sk;
987 ax25_cb *ax25;
988 ax25_dev *ax25_dev;
989
990 if (sk == NULL)
991 return 0;
992
993 sock_hold(sk);
994 lock_sock(sk);
995 sock_orphan(sk);
996 ax25 = sk_to_ax25(sk);
997 ax25_dev = ax25->ax25_dev;
998
999 if (sk->sk_type == SOCK_SEQPACKET) {
1000 switch (ax25->state) {
1001 case AX25_STATE_0:
1002 if (!sock_flag(ax25->sk, SOCK_DEAD)) {
1003 release_sock(sk);
1004 ax25_disconnect(ax25, 0);
1005 lock_sock(sk);
1006 }
1007 ax25_destroy_socket(ax25);
1008 break;
1009
1010 case AX25_STATE_1:
1011 case AX25_STATE_2:
1012 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
1013 release_sock(sk);
1014 ax25_disconnect(ax25, 0);
1015 lock_sock(sk);
1016 if (!sock_flag(ax25->sk, SOCK_DESTROY))
1017 ax25_destroy_socket(ax25);
1018 break;
1019
1020 case AX25_STATE_3:
1021 case AX25_STATE_4:
1022 ax25_clear_queues(ax25);
1023 ax25->n2count = 0;
1024
1025 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1026 case AX25_PROTO_STD_SIMPLEX:
1027 case AX25_PROTO_STD_DUPLEX:
1028 ax25_send_control(ax25,
1029 AX25_DISC,
1030 AX25_POLLON,
1031 AX25_COMMAND);
1032 ax25_stop_t2timer(ax25);
1033 ax25_stop_t3timer(ax25);
1034 ax25_stop_idletimer(ax25);
1035 break;
1036#ifdef CONFIG_AX25_DAMA_SLAVE
1037 case AX25_PROTO_DAMA_SLAVE:
1038 ax25_stop_t3timer(ax25);
1039 ax25_stop_idletimer(ax25);
1040 break;
1041#endif
1042 }
1043 ax25_calculate_t1(ax25);
1044 ax25_start_t1timer(ax25);
1045 ax25->state = AX25_STATE_2;
1046 sk->sk_state = TCP_CLOSE;
1047 sk->sk_shutdown |= SEND_SHUTDOWN;
1048 sk->sk_state_change(sk);
1049 sock_set_flag(sk, SOCK_DESTROY);
1050 break;
1051
1052 default:
1053 break;
1054 }
1055 } else {
1056 sk->sk_state = TCP_CLOSE;
1057 sk->sk_shutdown |= SEND_SHUTDOWN;
1058 sk->sk_state_change(sk);
1059 ax25_destroy_socket(ax25);
1060 }
1061 if (ax25_dev) {
1062 if (!ax25_dev->device_up) {
1063 del_timer_sync(&ax25->timer);
1064 del_timer_sync(&ax25->t1timer);
1065 del_timer_sync(&ax25->t2timer);
1066 del_timer_sync(&ax25->t3timer);
1067 del_timer_sync(&ax25->idletimer);
1068 }
1069 netdev_put(ax25_dev->dev, &ax25->dev_tracker);
1070 ax25_dev_put(ax25_dev);
1071 }
1072
1073 sock->sk = NULL;
1074 release_sock(sk);
1075 sock_put(sk);
1076
1077 return 0;
1078}
1079
1080/*
1081 * We support a funny extension here so you can (as root) give any callsign
1082 * digipeated via a local address as source. This hack is obsolete now
1083 * that we've implemented support for SO_BINDTODEVICE. It is however small
1084 * and trivially backward compatible.
1085 */
1086static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1087{
1088 struct sock *sk = sock->sk;
1089 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1090 ax25_dev *ax25_dev = NULL;
1091 ax25_uid_assoc *user;
1092 ax25_address call;
1093 ax25_cb *ax25;
1094 int err = 0;
1095
1096 if (addr_len != sizeof(struct sockaddr_ax25) &&
1097 addr_len != sizeof(struct full_sockaddr_ax25))
1098 /* support for old structure may go away some time
1099 * ax25_bind(): uses old (6 digipeater) socket structure.
1100 */
1101 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1102 (addr_len > sizeof(struct full_sockaddr_ax25)))
1103 return -EINVAL;
1104
1105 if (addr->fsa_ax25.sax25_family != AF_AX25)
1106 return -EINVAL;
1107
1108 user = ax25_findbyuid(current_euid());
1109 if (user) {
1110 call = user->call;
1111 ax25_uid_put(user);
1112 } else {
1113 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1114 return -EACCES;
1115
1116 call = addr->fsa_ax25.sax25_call;
1117 }
1118
1119 lock_sock(sk);
1120
1121 ax25 = sk_to_ax25(sk);
1122 if (!sock_flag(sk, SOCK_ZAPPED)) {
1123 err = -EINVAL;
1124 goto out;
1125 }
1126
1127 ax25->source_addr = call;
1128
1129 /*
1130 * User already set interface with SO_BINDTODEVICE
1131 */
1132 if (ax25->ax25_dev != NULL)
1133 goto done;
1134
1135 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1136 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1137 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1138 err = -EADDRNOTAVAIL;
1139 goto out;
1140 }
1141 } else {
1142 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1143 err = -EADDRNOTAVAIL;
1144 goto out;
1145 }
1146 }
1147
1148 if (ax25_dev) {
1149 ax25_fillin_cb(ax25, ax25_dev);
1150 netdev_hold(ax25_dev->dev, &ax25->dev_tracker, GFP_ATOMIC);
1151 }
1152
1153done:
1154 ax25_cb_add(ax25);
1155 sock_reset_flag(sk, SOCK_ZAPPED);
1156
1157out:
1158 release_sock(sk);
1159
1160 return err;
1161}
1162
1163/*
1164 * FIXME: nonblock behaviour looks like it may have a bug.
1165 */
1166static int __must_check ax25_connect(struct socket *sock,
1167 struct sockaddr *uaddr, int addr_len, int flags)
1168{
1169 struct sock *sk = sock->sk;
1170 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t;
1171 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1172 ax25_digi *digi = NULL;
1173 int ct = 0, err = 0;
1174
1175 /*
1176 * some sanity checks. code further down depends on this
1177 */
1178
1179 if (addr_len == sizeof(struct sockaddr_ax25))
1180 /* support for this will go away in early 2.5.x
1181 * ax25_connect(): uses obsolete socket structure
1182 */
1183 ;
1184 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1185 /* support for old structure may go away some time
1186 * ax25_connect(): uses old (6 digipeater) socket structure.
1187 */
1188 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1189 (addr_len > sizeof(struct full_sockaddr_ax25)))
1190 return -EINVAL;
1191
1192
1193 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1194 return -EINVAL;
1195
1196 lock_sock(sk);
1197
1198 /* deal with restarts */
1199 if (sock->state == SS_CONNECTING) {
1200 switch (sk->sk_state) {
1201 case TCP_SYN_SENT: /* still trying */
1202 err = -EINPROGRESS;
1203 goto out_release;
1204
1205 case TCP_ESTABLISHED: /* connection established */
1206 sock->state = SS_CONNECTED;
1207 goto out_release;
1208
1209 case TCP_CLOSE: /* connection refused */
1210 sock->state = SS_UNCONNECTED;
1211 err = -ECONNREFUSED;
1212 goto out_release;
1213 }
1214 }
1215
1216 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1217 err = -EISCONN; /* No reconnect on a seqpacket socket */
1218 goto out_release;
1219 }
1220
1221 sk->sk_state = TCP_CLOSE;
1222 sock->state = SS_UNCONNECTED;
1223
1224 kfree(ax25->digipeat);
1225 ax25->digipeat = NULL;
1226
1227 /*
1228 * Handle digi-peaters to be used.
1229 */
1230 if (addr_len > sizeof(struct sockaddr_ax25) &&
1231 fsa->fsa_ax25.sax25_ndigis != 0) {
1232 /* Valid number of digipeaters ? */
1233 if (fsa->fsa_ax25.sax25_ndigis < 1 ||
1234 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS ||
1235 addr_len < sizeof(struct sockaddr_ax25) +
1236 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) {
1237 err = -EINVAL;
1238 goto out_release;
1239 }
1240
1241 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1242 err = -ENOBUFS;
1243 goto out_release;
1244 }
1245
1246 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1247 digi->lastrepeat = -1;
1248
1249 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1250 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1251 AX25_HBIT) && ax25->iamdigi) {
1252 digi->repeated[ct] = 1;
1253 digi->lastrepeat = ct;
1254 } else {
1255 digi->repeated[ct] = 0;
1256 }
1257 digi->calls[ct] = fsa->fsa_digipeater[ct];
1258 ct++;
1259 }
1260 }
1261
1262 /*
1263 * Must bind first - autobinding in this may or may not work. If
1264 * the socket is already bound, check to see if the device has
1265 * been filled in, error if it hasn't.
1266 */
1267 if (sock_flag(sk, SOCK_ZAPPED)) {
1268 /* check if we can remove this feature. It is broken. */
1269 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1270 current->comm);
1271 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1272 kfree(digi);
1273 goto out_release;
1274 }
1275
1276 ax25_fillin_cb(ax25, ax25->ax25_dev);
1277 ax25_cb_add(ax25);
1278 } else {
1279 if (ax25->ax25_dev == NULL) {
1280 kfree(digi);
1281 err = -EHOSTUNREACH;
1282 goto out_release;
1283 }
1284 }
1285
1286 if (sk->sk_type == SOCK_SEQPACKET &&
1287 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1288 ax25->ax25_dev->dev))) {
1289 kfree(digi);
1290 err = -EADDRINUSE; /* Already such a connection */
1291 ax25_cb_put(ax25t);
1292 goto out_release;
1293 }
1294
1295 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1296 ax25->digipeat = digi;
1297
1298 /* First the easy one */
1299 if (sk->sk_type != SOCK_SEQPACKET) {
1300 sock->state = SS_CONNECTED;
1301 sk->sk_state = TCP_ESTABLISHED;
1302 goto out_release;
1303 }
1304
1305 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1306 sock->state = SS_CONNECTING;
1307 sk->sk_state = TCP_SYN_SENT;
1308
1309 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1310 case AX25_PROTO_STD_SIMPLEX:
1311 case AX25_PROTO_STD_DUPLEX:
1312 ax25_std_establish_data_link(ax25);
1313 break;
1314
1315#ifdef CONFIG_AX25_DAMA_SLAVE
1316 case AX25_PROTO_DAMA_SLAVE:
1317 ax25->modulus = AX25_MODULUS;
1318 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1319 if (ax25->ax25_dev->dama.slave)
1320 ax25_ds_establish_data_link(ax25);
1321 else
1322 ax25_std_establish_data_link(ax25);
1323 break;
1324#endif
1325 }
1326
1327 ax25->state = AX25_STATE_1;
1328
1329 ax25_start_heartbeat(ax25);
1330
1331 /* Now the loop */
1332 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1333 err = -EINPROGRESS;
1334 goto out_release;
1335 }
1336
1337 if (sk->sk_state == TCP_SYN_SENT) {
1338 DEFINE_WAIT(wait);
1339
1340 for (;;) {
1341 prepare_to_wait(sk_sleep(sk), &wait,
1342 TASK_INTERRUPTIBLE);
1343 if (sk->sk_state != TCP_SYN_SENT)
1344 break;
1345 if (!signal_pending(current)) {
1346 release_sock(sk);
1347 schedule();
1348 lock_sock(sk);
1349 continue;
1350 }
1351 err = -ERESTARTSYS;
1352 break;
1353 }
1354 finish_wait(sk_sleep(sk), &wait);
1355
1356 if (err)
1357 goto out_release;
1358 }
1359
1360 if (sk->sk_state != TCP_ESTABLISHED) {
1361 /* Not in ABM, not in WAIT_UA -> failed */
1362 sock->state = SS_UNCONNECTED;
1363 err = sock_error(sk); /* Always set at this point */
1364 goto out_release;
1365 }
1366
1367 sock->state = SS_CONNECTED;
1368
1369 err = 0;
1370out_release:
1371 release_sock(sk);
1372
1373 return err;
1374}
1375
1376static int ax25_accept(struct socket *sock, struct socket *newsock, int flags,
1377 bool kern)
1378{
1379 struct sk_buff *skb;
1380 struct sock *newsk;
1381 DEFINE_WAIT(wait);
1382 struct sock *sk;
1383 int err = 0;
1384
1385 if (sock->state != SS_UNCONNECTED)
1386 return -EINVAL;
1387
1388 if ((sk = sock->sk) == NULL)
1389 return -EINVAL;
1390
1391 lock_sock(sk);
1392 if (sk->sk_type != SOCK_SEQPACKET) {
1393 err = -EOPNOTSUPP;
1394 goto out;
1395 }
1396
1397 if (sk->sk_state != TCP_LISTEN) {
1398 err = -EINVAL;
1399 goto out;
1400 }
1401
1402 /*
1403 * The read queue this time is holding sockets ready to use
1404 * hooked into the SABM we saved
1405 */
1406 for (;;) {
1407 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1408 skb = skb_dequeue(&sk->sk_receive_queue);
1409 if (skb)
1410 break;
1411
1412 if (flags & O_NONBLOCK) {
1413 err = -EWOULDBLOCK;
1414 break;
1415 }
1416 if (!signal_pending(current)) {
1417 release_sock(sk);
1418 schedule();
1419 lock_sock(sk);
1420 continue;
1421 }
1422 err = -ERESTARTSYS;
1423 break;
1424 }
1425 finish_wait(sk_sleep(sk), &wait);
1426
1427 if (err)
1428 goto out;
1429
1430 newsk = skb->sk;
1431 sock_graft(newsk, newsock);
1432
1433 /* Now attach up the new socket */
1434 kfree_skb(skb);
1435 sk_acceptq_removed(sk);
1436 newsock->state = SS_CONNECTED;
1437
1438out:
1439 release_sock(sk);
1440
1441 return err;
1442}
1443
1444static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1445 int peer)
1446{
1447 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1448 struct sock *sk = sock->sk;
1449 unsigned char ndigi, i;
1450 ax25_cb *ax25;
1451 int err = 0;
1452
1453 memset(fsa, 0, sizeof(*fsa));
1454 lock_sock(sk);
1455 ax25 = sk_to_ax25(sk);
1456
1457 if (peer != 0) {
1458 if (sk->sk_state != TCP_ESTABLISHED) {
1459 err = -ENOTCONN;
1460 goto out;
1461 }
1462
1463 fsa->fsa_ax25.sax25_family = AF_AX25;
1464 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1465
1466 if (ax25->digipeat != NULL) {
1467 ndigi = ax25->digipeat->ndigi;
1468 fsa->fsa_ax25.sax25_ndigis = ndigi;
1469 for (i = 0; i < ndigi; i++)
1470 fsa->fsa_digipeater[i] =
1471 ax25->digipeat->calls[i];
1472 }
1473 } else {
1474 fsa->fsa_ax25.sax25_family = AF_AX25;
1475 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1476 fsa->fsa_ax25.sax25_ndigis = 1;
1477 if (ax25->ax25_dev != NULL) {
1478 memcpy(&fsa->fsa_digipeater[0],
1479 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1480 } else {
1481 fsa->fsa_digipeater[0] = null_ax25_address;
1482 }
1483 }
1484 err = sizeof (struct full_sockaddr_ax25);
1485
1486out:
1487 release_sock(sk);
1488
1489 return err;
1490}
1491
1492static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1493{
1494 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1495 struct sock *sk = sock->sk;
1496 struct sockaddr_ax25 sax;
1497 struct sk_buff *skb;
1498 ax25_digi dtmp, *dp;
1499 ax25_cb *ax25;
1500 size_t size;
1501 int lv, err, addr_len = msg->msg_namelen;
1502
1503 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1504 return -EINVAL;
1505
1506 lock_sock(sk);
1507 ax25 = sk_to_ax25(sk);
1508
1509 if (sock_flag(sk, SOCK_ZAPPED)) {
1510 err = -EADDRNOTAVAIL;
1511 goto out;
1512 }
1513
1514 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1515 send_sig(SIGPIPE, current, 0);
1516 err = -EPIPE;
1517 goto out;
1518 }
1519
1520 if (ax25->ax25_dev == NULL) {
1521 err = -ENETUNREACH;
1522 goto out;
1523 }
1524
1525 if (len > ax25->ax25_dev->dev->mtu) {
1526 err = -EMSGSIZE;
1527 goto out;
1528 }
1529
1530 if (usax != NULL) {
1531 if (usax->sax25_family != AF_AX25) {
1532 err = -EINVAL;
1533 goto out;
1534 }
1535
1536 if (addr_len == sizeof(struct sockaddr_ax25))
1537 /* ax25_sendmsg(): uses obsolete socket structure */
1538 ;
1539 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1540 /* support for old structure may go away some time
1541 * ax25_sendmsg(): uses old (6 digipeater)
1542 * socket structure.
1543 */
1544 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1545 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1546 err = -EINVAL;
1547 goto out;
1548 }
1549
1550
1551 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1552 int ct = 0;
1553 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1554
1555 /* Valid number of digipeaters ? */
1556 if (usax->sax25_ndigis < 1 ||
1557 usax->sax25_ndigis > AX25_MAX_DIGIS ||
1558 addr_len < sizeof(struct sockaddr_ax25) +
1559 sizeof(ax25_address) * usax->sax25_ndigis) {
1560 err = -EINVAL;
1561 goto out;
1562 }
1563
1564 dtmp.ndigi = usax->sax25_ndigis;
1565
1566 while (ct < usax->sax25_ndigis) {
1567 dtmp.repeated[ct] = 0;
1568 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1569 ct++;
1570 }
1571
1572 dtmp.lastrepeat = 0;
1573 }
1574
1575 sax = *usax;
1576 if (sk->sk_type == SOCK_SEQPACKET &&
1577 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1578 err = -EISCONN;
1579 goto out;
1580 }
1581 if (usax->sax25_ndigis == 0)
1582 dp = NULL;
1583 else
1584 dp = &dtmp;
1585 } else {
1586 /*
1587 * FIXME: 1003.1g - if the socket is like this because
1588 * it has become closed (not started closed) and is VC
1589 * we ought to SIGPIPE, EPIPE
1590 */
1591 if (sk->sk_state != TCP_ESTABLISHED) {
1592 err = -ENOTCONN;
1593 goto out;
1594 }
1595 sax.sax25_family = AF_AX25;
1596 sax.sax25_call = ax25->dest_addr;
1597 dp = ax25->digipeat;
1598 }
1599
1600 /* Build a packet */
1601 /* Assume the worst case */
1602 size = len + ax25->ax25_dev->dev->hard_header_len;
1603
1604 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1605 if (skb == NULL)
1606 goto out;
1607
1608 skb_reserve(skb, size - len);
1609
1610 /* User data follows immediately after the AX.25 data */
1611 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1612 err = -EFAULT;
1613 kfree_skb(skb);
1614 goto out;
1615 }
1616
1617 skb_reset_network_header(skb);
1618
1619 /* Add the PID if one is not supplied by the user in the skb */
1620 if (!ax25->pidincl)
1621 *(u8 *)skb_push(skb, 1) = sk->sk_protocol;
1622
1623 if (sk->sk_type == SOCK_SEQPACKET) {
1624 /* Connected mode sockets go via the LAPB machine */
1625 if (sk->sk_state != TCP_ESTABLISHED) {
1626 kfree_skb(skb);
1627 err = -ENOTCONN;
1628 goto out;
1629 }
1630
1631 /* Shove it onto the queue and kick */
1632 ax25_output(ax25, ax25->paclen, skb);
1633
1634 err = len;
1635 goto out;
1636 }
1637
1638 skb_push(skb, 1 + ax25_addr_size(dp));
1639
1640 /* Building AX.25 Header */
1641
1642 /* Build an AX.25 header */
1643 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1644 dp, AX25_COMMAND, AX25_MODULUS);
1645
1646 skb_set_transport_header(skb, lv);
1647
1648 *skb_transport_header(skb) = AX25_UI;
1649
1650 /* Datagram frames go straight out of the door as UI */
1651 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1652
1653 err = len;
1654
1655out:
1656 release_sock(sk);
1657
1658 return err;
1659}
1660
1661static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1662 int flags)
1663{
1664 struct sock *sk = sock->sk;
1665 struct sk_buff *skb, *last;
1666 struct sk_buff_head *sk_queue;
1667 int copied;
1668 int err = 0;
1669 int off = 0;
1670 long timeo;
1671
1672 lock_sock(sk);
1673 /*
1674 * This works for seqpacket too. The receiver has ordered the
1675 * queue for us! We do one quick check first though
1676 */
1677 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1678 err = -ENOTCONN;
1679 goto out;
1680 }
1681
1682 /* We need support for non-blocking reads. */
1683 sk_queue = &sk->sk_receive_queue;
1684 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, &err, &last);
1685 /* If no packet is available, release_sock(sk) and try again. */
1686 if (!skb) {
1687 if (err != -EAGAIN)
1688 goto out;
1689 release_sock(sk);
1690 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
1691 while (timeo && !__skb_wait_for_more_packets(sk, sk_queue, &err,
1692 &timeo, last)) {
1693 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off,
1694 &err, &last);
1695 if (skb)
1696 break;
1697
1698 if (err != -EAGAIN)
1699 goto done;
1700 }
1701 if (!skb)
1702 goto done;
1703 lock_sock(sk);
1704 }
1705
1706 if (!sk_to_ax25(sk)->pidincl)
1707 skb_pull(skb, 1); /* Remove PID */
1708
1709 skb_reset_transport_header(skb);
1710 copied = skb->len;
1711
1712 if (copied > size) {
1713 copied = size;
1714 msg->msg_flags |= MSG_TRUNC;
1715 }
1716
1717 skb_copy_datagram_msg(skb, 0, msg, copied);
1718
1719 if (msg->msg_name) {
1720 ax25_digi digi;
1721 ax25_address src;
1722 const unsigned char *mac = skb_mac_header(skb);
1723 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1724
1725 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1726 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1727 &digi, NULL, NULL);
1728 sax->sax25_family = AF_AX25;
1729 /* We set this correctly, even though we may not let the
1730 application know the digi calls further down (because it
1731 did NOT ask to know them). This could get political... **/
1732 sax->sax25_ndigis = digi.ndigi;
1733 sax->sax25_call = src;
1734
1735 if (sax->sax25_ndigis != 0) {
1736 int ct;
1737 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1738
1739 for (ct = 0; ct < digi.ndigi; ct++)
1740 fsa->fsa_digipeater[ct] = digi.calls[ct];
1741 }
1742 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1743 }
1744
1745 skb_free_datagram(sk, skb);
1746 err = copied;
1747
1748out:
1749 release_sock(sk);
1750
1751done:
1752 return err;
1753}
1754
1755static int ax25_shutdown(struct socket *sk, int how)
1756{
1757 /* FIXME - generate DM and RNR states */
1758 return -EOPNOTSUPP;
1759}
1760
1761static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1762{
1763 struct sock *sk = sock->sk;
1764 void __user *argp = (void __user *)arg;
1765 int res = 0;
1766
1767 lock_sock(sk);
1768 switch (cmd) {
1769 case TIOCOUTQ: {
1770 long amount;
1771
1772 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1773 if (amount < 0)
1774 amount = 0;
1775 res = put_user(amount, (int __user *)argp);
1776 break;
1777 }
1778
1779 case TIOCINQ: {
1780 struct sk_buff *skb;
1781 long amount = 0L;
1782 /* These two are safe on a single CPU system as only user tasks fiddle here */
1783 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1784 amount = skb->len;
1785 res = put_user(amount, (int __user *) argp);
1786 break;
1787 }
1788
1789 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1790 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1791 case SIOCAX25GETUID: {
1792 struct sockaddr_ax25 sax25;
1793 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1794 res = -EFAULT;
1795 break;
1796 }
1797 res = ax25_uid_ioctl(cmd, &sax25);
1798 break;
1799 }
1800
1801 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1802 long amount;
1803 if (!capable(CAP_NET_ADMIN)) {
1804 res = -EPERM;
1805 break;
1806 }
1807 if (get_user(amount, (long __user *)argp)) {
1808 res = -EFAULT;
1809 break;
1810 }
1811 if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1812 res = -EINVAL;
1813 break;
1814 }
1815 ax25_uid_policy = amount;
1816 res = 0;
1817 break;
1818 }
1819
1820 case SIOCADDRT:
1821 case SIOCDELRT:
1822 case SIOCAX25OPTRT:
1823 if (!capable(CAP_NET_ADMIN)) {
1824 res = -EPERM;
1825 break;
1826 }
1827 res = ax25_rt_ioctl(cmd, argp);
1828 break;
1829
1830 case SIOCAX25CTLCON:
1831 if (!capable(CAP_NET_ADMIN)) {
1832 res = -EPERM;
1833 break;
1834 }
1835 res = ax25_ctl_ioctl(cmd, argp);
1836 break;
1837
1838 case SIOCAX25GETINFO:
1839 case SIOCAX25GETINFOOLD: {
1840 ax25_cb *ax25 = sk_to_ax25(sk);
1841 struct ax25_info_struct ax25_info;
1842
1843 ax25_info.t1 = ax25->t1 / HZ;
1844 ax25_info.t2 = ax25->t2 / HZ;
1845 ax25_info.t3 = ax25->t3 / HZ;
1846 ax25_info.idle = ax25->idle / (60 * HZ);
1847 ax25_info.n2 = ax25->n2;
1848 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1849 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1850 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1851 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1852 ax25_info.n2count = ax25->n2count;
1853 ax25_info.state = ax25->state;
1854 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1855 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1856 ax25_info.vs = ax25->vs;
1857 ax25_info.vr = ax25->vr;
1858 ax25_info.va = ax25->va;
1859 ax25_info.vs_max = ax25->vs; /* reserved */
1860 ax25_info.paclen = ax25->paclen;
1861 ax25_info.window = ax25->window;
1862
1863 /* old structure? */
1864 if (cmd == SIOCAX25GETINFOOLD) {
1865 static int warned = 0;
1866 if (!warned) {
1867 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1868 current->comm);
1869 warned=1;
1870 }
1871
1872 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1873 res = -EFAULT;
1874 break;
1875 }
1876 } else {
1877 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1878 res = -EINVAL;
1879 break;
1880 }
1881 }
1882 res = 0;
1883 break;
1884 }
1885
1886 case SIOCAX25ADDFWD:
1887 case SIOCAX25DELFWD: {
1888 struct ax25_fwd_struct ax25_fwd;
1889 if (!capable(CAP_NET_ADMIN)) {
1890 res = -EPERM;
1891 break;
1892 }
1893 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1894 res = -EFAULT;
1895 break;
1896 }
1897 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1898 break;
1899 }
1900
1901 case SIOCGIFADDR:
1902 case SIOCSIFADDR:
1903 case SIOCGIFDSTADDR:
1904 case SIOCSIFDSTADDR:
1905 case SIOCGIFBRDADDR:
1906 case SIOCSIFBRDADDR:
1907 case SIOCGIFNETMASK:
1908 case SIOCSIFNETMASK:
1909 case SIOCGIFMETRIC:
1910 case SIOCSIFMETRIC:
1911 res = -EINVAL;
1912 break;
1913
1914 default:
1915 res = -ENOIOCTLCMD;
1916 break;
1917 }
1918 release_sock(sk);
1919
1920 return res;
1921}
1922
1923#ifdef CONFIG_PROC_FS
1924
1925static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1926 __acquires(ax25_list_lock)
1927{
1928 spin_lock_bh(&ax25_list_lock);
1929 return seq_hlist_start(&ax25_list, *pos);
1930}
1931
1932static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1933{
1934 return seq_hlist_next(v, &ax25_list, pos);
1935}
1936
1937static void ax25_info_stop(struct seq_file *seq, void *v)
1938 __releases(ax25_list_lock)
1939{
1940 spin_unlock_bh(&ax25_list_lock);
1941}
1942
1943static int ax25_info_show(struct seq_file *seq, void *v)
1944{
1945 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1946 char buf[11];
1947 int k;
1948
1949
1950 /*
1951 * New format:
1952 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1953 */
1954
1955 seq_printf(seq, "%p %s %s%s ",
1956 ax25,
1957 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1958 ax2asc(buf, &ax25->source_addr),
1959 ax25->iamdigi? "*":"");
1960 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1961
1962 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1963 seq_printf(seq, ",%s%s",
1964 ax2asc(buf, &ax25->digipeat->calls[k]),
1965 ax25->digipeat->repeated[k]? "*":"");
1966 }
1967
1968 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1969 ax25->state,
1970 ax25->vs, ax25->vr, ax25->va,
1971 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1972 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1973 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1974 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1975 ax25->idle / (60 * HZ),
1976 ax25->n2count, ax25->n2,
1977 ax25->rtt / HZ,
1978 ax25->window,
1979 ax25->paclen);
1980
1981 if (ax25->sk != NULL) {
1982 seq_printf(seq, " %d %d %lu\n",
1983 sk_wmem_alloc_get(ax25->sk),
1984 sk_rmem_alloc_get(ax25->sk),
1985 sock_i_ino(ax25->sk));
1986 } else {
1987 seq_puts(seq, " * * *\n");
1988 }
1989 return 0;
1990}
1991
1992static const struct seq_operations ax25_info_seqops = {
1993 .start = ax25_info_start,
1994 .next = ax25_info_next,
1995 .stop = ax25_info_stop,
1996 .show = ax25_info_show,
1997};
1998#endif
1999
2000static const struct net_proto_family ax25_family_ops = {
2001 .family = PF_AX25,
2002 .create = ax25_create,
2003 .owner = THIS_MODULE,
2004};
2005
2006static const struct proto_ops ax25_proto_ops = {
2007 .family = PF_AX25,
2008 .owner = THIS_MODULE,
2009 .release = ax25_release,
2010 .bind = ax25_bind,
2011 .connect = ax25_connect,
2012 .socketpair = sock_no_socketpair,
2013 .accept = ax25_accept,
2014 .getname = ax25_getname,
2015 .poll = datagram_poll,
2016 .ioctl = ax25_ioctl,
2017 .gettstamp = sock_gettstamp,
2018 .listen = ax25_listen,
2019 .shutdown = ax25_shutdown,
2020 .setsockopt = ax25_setsockopt,
2021 .getsockopt = ax25_getsockopt,
2022 .sendmsg = ax25_sendmsg,
2023 .recvmsg = ax25_recvmsg,
2024 .mmap = sock_no_mmap,
2025 .sendpage = sock_no_sendpage,
2026};
2027
2028/*
2029 * Called by socket.c on kernel start up
2030 */
2031static struct packet_type ax25_packet_type __read_mostly = {
2032 .type = cpu_to_be16(ETH_P_AX25),
2033 .func = ax25_kiss_rcv,
2034};
2035
2036static struct notifier_block ax25_dev_notifier = {
2037 .notifier_call = ax25_device_event,
2038};
2039
2040static int __init ax25_init(void)
2041{
2042 int rc = proto_register(&ax25_proto, 0);
2043
2044 if (rc != 0)
2045 goto out;
2046
2047 sock_register(&ax25_family_ops);
2048 dev_add_pack(&ax25_packet_type);
2049 register_netdevice_notifier(&ax25_dev_notifier);
2050
2051 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops);
2052 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops);
2053 proc_create_seq("ax25_calls", 0444, init_net.proc_net,
2054 &ax25_uid_seqops);
2055out:
2056 return rc;
2057}
2058module_init(ax25_init);
2059
2060
2061MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2062MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2063MODULE_LICENSE("GPL");
2064MODULE_ALIAS_NETPROTO(PF_AX25);
2065
2066static void __exit ax25_exit(void)
2067{
2068 remove_proc_entry("ax25_route", init_net.proc_net);
2069 remove_proc_entry("ax25", init_net.proc_net);
2070 remove_proc_entry("ax25_calls", init_net.proc_net);
2071
2072 unregister_netdevice_notifier(&ax25_dev_notifier);
2073
2074 dev_remove_pack(&ax25_packet_type);
2075
2076 sock_unregister(PF_AX25);
2077 proto_unregister(&ax25_proto);
2078
2079 ax25_rt_free();
2080 ax25_uid_free();
2081 ax25_dev_free();
2082}
2083module_exit(ax25_exit);