Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 *
4 * Copyright Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
5 * Copyright Darryl Miles G7LED (dlm@g7led.demon.co.uk)
6 */
7#include <linux/errno.h>
8#include <linux/types.h>
9#include <linux/socket.h>
10#include <linux/in.h>
11#include <linux/kernel.h>
12#include <linux/timer.h>
13#include <linux/string.h>
14#include <linux/sockios.h>
15#include <linux/net.h>
16#include <linux/slab.h>
17#include <net/ax25.h>
18#include <linux/inet.h>
19#include <linux/netdevice.h>
20#include <linux/skbuff.h>
21#include <net/sock.h>
22#include <net/tcp_states.h>
23#include <linux/uaccess.h>
24#include <linux/fcntl.h>
25#include <linux/mm.h>
26#include <linux/interrupt.h>
27#include <net/netrom.h>
28
29static int nr_queue_rx_frame(struct sock *sk, struct sk_buff *skb, int more)
30{
31 struct sk_buff *skbo, *skbn = skb;
32 struct nr_sock *nr = nr_sk(sk);
33
34 skb_pull(skb, NR_NETWORK_LEN + NR_TRANSPORT_LEN);
35
36 nr_start_idletimer(sk);
37
38 if (more) {
39 nr->fraglen += skb->len;
40 skb_queue_tail(&nr->frag_queue, skb);
41 return 0;
42 }
43
44 if (!more && nr->fraglen > 0) { /* End of fragment */
45 nr->fraglen += skb->len;
46 skb_queue_tail(&nr->frag_queue, skb);
47
48 if ((skbn = alloc_skb(nr->fraglen, GFP_ATOMIC)) == NULL)
49 return 1;
50
51 skb_reset_transport_header(skbn);
52
53 while ((skbo = skb_dequeue(&nr->frag_queue)) != NULL) {
54 skb_copy_from_linear_data(skbo,
55 skb_put(skbn, skbo->len),
56 skbo->len);
57 kfree_skb(skbo);
58 }
59
60 nr->fraglen = 0;
61 }
62
63 return sock_queue_rcv_skb(sk, skbn);
64}
65
66/*
67 * State machine for state 1, Awaiting Connection State.
68 * The handling of the timer(s) is in file nr_timer.c.
69 * Handling of state 0 and connection release is in netrom.c.
70 */
71static int nr_state1_machine(struct sock *sk, struct sk_buff *skb,
72 int frametype)
73{
74 switch (frametype) {
75 case NR_CONNACK: {
76 struct nr_sock *nr = nr_sk(sk);
77
78 nr_stop_t1timer(sk);
79 nr_start_idletimer(sk);
80 nr->your_index = skb->data[17];
81 nr->your_id = skb->data[18];
82 nr->vs = 0;
83 nr->va = 0;
84 nr->vr = 0;
85 nr->vl = 0;
86 nr->state = NR_STATE_3;
87 nr->n2count = 0;
88 nr->window = skb->data[20];
89 sk->sk_state = TCP_ESTABLISHED;
90 if (!sock_flag(sk, SOCK_DEAD))
91 sk->sk_state_change(sk);
92 break;
93 }
94
95 case NR_CONNACK | NR_CHOKE_FLAG:
96 nr_disconnect(sk, ECONNREFUSED);
97 break;
98
99 case NR_RESET:
100 if (sysctl_netrom_reset_circuit)
101 nr_disconnect(sk, ECONNRESET);
102 break;
103
104 default:
105 break;
106 }
107 return 0;
108}
109
110/*
111 * State machine for state 2, Awaiting Release State.
112 * The handling of the timer(s) is in file nr_timer.c
113 * Handling of state 0 and connection release is in netrom.c.
114 */
115static int nr_state2_machine(struct sock *sk, struct sk_buff *skb,
116 int frametype)
117{
118 switch (frametype) {
119 case NR_CONNACK | NR_CHOKE_FLAG:
120 nr_disconnect(sk, ECONNRESET);
121 break;
122
123 case NR_DISCREQ:
124 nr_write_internal(sk, NR_DISCACK);
125 /* fall through */
126 case NR_DISCACK:
127 nr_disconnect(sk, 0);
128 break;
129
130 case NR_RESET:
131 if (sysctl_netrom_reset_circuit)
132 nr_disconnect(sk, ECONNRESET);
133 break;
134
135 default:
136 break;
137 }
138 return 0;
139}
140
141/*
142 * State machine for state 3, Connected State.
143 * The handling of the timer(s) is in file nr_timer.c
144 * Handling of state 0 and connection release is in netrom.c.
145 */
146static int nr_state3_machine(struct sock *sk, struct sk_buff *skb, int frametype)
147{
148 struct nr_sock *nrom = nr_sk(sk);
149 struct sk_buff_head temp_queue;
150 struct sk_buff *skbn;
151 unsigned short save_vr;
152 unsigned short nr, ns;
153 int queued = 0;
154
155 nr = skb->data[18];
156 ns = skb->data[17];
157
158 switch (frametype) {
159 case NR_CONNREQ:
160 nr_write_internal(sk, NR_CONNACK);
161 break;
162
163 case NR_DISCREQ:
164 nr_write_internal(sk, NR_DISCACK);
165 nr_disconnect(sk, 0);
166 break;
167
168 case NR_CONNACK | NR_CHOKE_FLAG:
169 case NR_DISCACK:
170 nr_disconnect(sk, ECONNRESET);
171 break;
172
173 case NR_INFOACK:
174 case NR_INFOACK | NR_CHOKE_FLAG:
175 case NR_INFOACK | NR_NAK_FLAG:
176 case NR_INFOACK | NR_NAK_FLAG | NR_CHOKE_FLAG:
177 if (frametype & NR_CHOKE_FLAG) {
178 nrom->condition |= NR_COND_PEER_RX_BUSY;
179 nr_start_t4timer(sk);
180 } else {
181 nrom->condition &= ~NR_COND_PEER_RX_BUSY;
182 nr_stop_t4timer(sk);
183 }
184 if (!nr_validate_nr(sk, nr)) {
185 break;
186 }
187 if (frametype & NR_NAK_FLAG) {
188 nr_frames_acked(sk, nr);
189 nr_send_nak_frame(sk);
190 } else {
191 if (nrom->condition & NR_COND_PEER_RX_BUSY) {
192 nr_frames_acked(sk, nr);
193 } else {
194 nr_check_iframes_acked(sk, nr);
195 }
196 }
197 break;
198
199 case NR_INFO:
200 case NR_INFO | NR_NAK_FLAG:
201 case NR_INFO | NR_CHOKE_FLAG:
202 case NR_INFO | NR_MORE_FLAG:
203 case NR_INFO | NR_NAK_FLAG | NR_CHOKE_FLAG:
204 case NR_INFO | NR_CHOKE_FLAG | NR_MORE_FLAG:
205 case NR_INFO | NR_NAK_FLAG | NR_MORE_FLAG:
206 case NR_INFO | NR_NAK_FLAG | NR_CHOKE_FLAG | NR_MORE_FLAG:
207 if (frametype & NR_CHOKE_FLAG) {
208 nrom->condition |= NR_COND_PEER_RX_BUSY;
209 nr_start_t4timer(sk);
210 } else {
211 nrom->condition &= ~NR_COND_PEER_RX_BUSY;
212 nr_stop_t4timer(sk);
213 }
214 if (nr_validate_nr(sk, nr)) {
215 if (frametype & NR_NAK_FLAG) {
216 nr_frames_acked(sk, nr);
217 nr_send_nak_frame(sk);
218 } else {
219 if (nrom->condition & NR_COND_PEER_RX_BUSY) {
220 nr_frames_acked(sk, nr);
221 } else {
222 nr_check_iframes_acked(sk, nr);
223 }
224 }
225 }
226 queued = 1;
227 skb_queue_head(&nrom->reseq_queue, skb);
228 if (nrom->condition & NR_COND_OWN_RX_BUSY)
229 break;
230 skb_queue_head_init(&temp_queue);
231 do {
232 save_vr = nrom->vr;
233 while ((skbn = skb_dequeue(&nrom->reseq_queue)) != NULL) {
234 ns = skbn->data[17];
235 if (ns == nrom->vr) {
236 if (nr_queue_rx_frame(sk, skbn, frametype & NR_MORE_FLAG) == 0) {
237 nrom->vr = (nrom->vr + 1) % NR_MODULUS;
238 } else {
239 nrom->condition |= NR_COND_OWN_RX_BUSY;
240 skb_queue_tail(&temp_queue, skbn);
241 }
242 } else if (nr_in_rx_window(sk, ns)) {
243 skb_queue_tail(&temp_queue, skbn);
244 } else {
245 kfree_skb(skbn);
246 }
247 }
248 while ((skbn = skb_dequeue(&temp_queue)) != NULL) {
249 skb_queue_tail(&nrom->reseq_queue, skbn);
250 }
251 } while (save_vr != nrom->vr);
252 /*
253 * Window is full, ack it immediately.
254 */
255 if (((nrom->vl + nrom->window) % NR_MODULUS) == nrom->vr) {
256 nr_enquiry_response(sk);
257 } else {
258 if (!(nrom->condition & NR_COND_ACK_PENDING)) {
259 nrom->condition |= NR_COND_ACK_PENDING;
260 nr_start_t2timer(sk);
261 }
262 }
263 break;
264
265 case NR_RESET:
266 if (sysctl_netrom_reset_circuit)
267 nr_disconnect(sk, ECONNRESET);
268 break;
269
270 default:
271 break;
272 }
273 return queued;
274}
275
276/* Higher level upcall for a LAPB frame - called with sk locked */
277int nr_process_rx_frame(struct sock *sk, struct sk_buff *skb)
278{
279 struct nr_sock *nr = nr_sk(sk);
280 int queued = 0, frametype;
281
282 if (nr->state == NR_STATE_0)
283 return 0;
284
285 frametype = skb->data[19];
286
287 switch (nr->state) {
288 case NR_STATE_1:
289 queued = nr_state1_machine(sk, skb, frametype);
290 break;
291 case NR_STATE_2:
292 queued = nr_state2_machine(sk, skb, frametype);
293 break;
294 case NR_STATE_3:
295 queued = nr_state3_machine(sk, skb, frametype);
296 break;
297 }
298
299 nr_kick(sk);
300
301 return queued;
302}
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
8 * Copyright Darryl Miles G7LED (dlm@g7led.demon.co.uk)
9 */
10#include <linux/errno.h>
11#include <linux/types.h>
12#include <linux/socket.h>
13#include <linux/in.h>
14#include <linux/kernel.h>
15#include <linux/timer.h>
16#include <linux/string.h>
17#include <linux/sockios.h>
18#include <linux/net.h>
19#include <linux/slab.h>
20#include <net/ax25.h>
21#include <linux/inet.h>
22#include <linux/netdevice.h>
23#include <linux/skbuff.h>
24#include <net/sock.h>
25#include <net/tcp_states.h>
26#include <asm/uaccess.h>
27#include <asm/system.h>
28#include <linux/fcntl.h>
29#include <linux/mm.h>
30#include <linux/interrupt.h>
31#include <net/netrom.h>
32
33static int nr_queue_rx_frame(struct sock *sk, struct sk_buff *skb, int more)
34{
35 struct sk_buff *skbo, *skbn = skb;
36 struct nr_sock *nr = nr_sk(sk);
37
38 skb_pull(skb, NR_NETWORK_LEN + NR_TRANSPORT_LEN);
39
40 nr_start_idletimer(sk);
41
42 if (more) {
43 nr->fraglen += skb->len;
44 skb_queue_tail(&nr->frag_queue, skb);
45 return 0;
46 }
47
48 if (!more && nr->fraglen > 0) { /* End of fragment */
49 nr->fraglen += skb->len;
50 skb_queue_tail(&nr->frag_queue, skb);
51
52 if ((skbn = alloc_skb(nr->fraglen, GFP_ATOMIC)) == NULL)
53 return 1;
54
55 skb_reset_transport_header(skbn);
56
57 while ((skbo = skb_dequeue(&nr->frag_queue)) != NULL) {
58 skb_copy_from_linear_data(skbo,
59 skb_put(skbn, skbo->len),
60 skbo->len);
61 kfree_skb(skbo);
62 }
63
64 nr->fraglen = 0;
65 }
66
67 return sock_queue_rcv_skb(sk, skbn);
68}
69
70/*
71 * State machine for state 1, Awaiting Connection State.
72 * The handling of the timer(s) is in file nr_timer.c.
73 * Handling of state 0 and connection release is in netrom.c.
74 */
75static int nr_state1_machine(struct sock *sk, struct sk_buff *skb,
76 int frametype)
77{
78 switch (frametype) {
79 case NR_CONNACK: {
80 struct nr_sock *nr = nr_sk(sk);
81
82 nr_stop_t1timer(sk);
83 nr_start_idletimer(sk);
84 nr->your_index = skb->data[17];
85 nr->your_id = skb->data[18];
86 nr->vs = 0;
87 nr->va = 0;
88 nr->vr = 0;
89 nr->vl = 0;
90 nr->state = NR_STATE_3;
91 nr->n2count = 0;
92 nr->window = skb->data[20];
93 sk->sk_state = TCP_ESTABLISHED;
94 if (!sock_flag(sk, SOCK_DEAD))
95 sk->sk_state_change(sk);
96 break;
97 }
98
99 case NR_CONNACK | NR_CHOKE_FLAG:
100 nr_disconnect(sk, ECONNREFUSED);
101 break;
102
103 case NR_RESET:
104 if (sysctl_netrom_reset_circuit)
105 nr_disconnect(sk, ECONNRESET);
106 break;
107
108 default:
109 break;
110 }
111 return 0;
112}
113
114/*
115 * State machine for state 2, Awaiting Release State.
116 * The handling of the timer(s) is in file nr_timer.c
117 * Handling of state 0 and connection release is in netrom.c.
118 */
119static int nr_state2_machine(struct sock *sk, struct sk_buff *skb,
120 int frametype)
121{
122 switch (frametype) {
123 case NR_CONNACK | NR_CHOKE_FLAG:
124 nr_disconnect(sk, ECONNRESET);
125 break;
126
127 case NR_DISCREQ:
128 nr_write_internal(sk, NR_DISCACK);
129
130 case NR_DISCACK:
131 nr_disconnect(sk, 0);
132 break;
133
134 case NR_RESET:
135 if (sysctl_netrom_reset_circuit)
136 nr_disconnect(sk, ECONNRESET);
137 break;
138
139 default:
140 break;
141 }
142 return 0;
143}
144
145/*
146 * State machine for state 3, Connected State.
147 * The handling of the timer(s) is in file nr_timer.c
148 * Handling of state 0 and connection release is in netrom.c.
149 */
150static int nr_state3_machine(struct sock *sk, struct sk_buff *skb, int frametype)
151{
152 struct nr_sock *nrom = nr_sk(sk);
153 struct sk_buff_head temp_queue;
154 struct sk_buff *skbn;
155 unsigned short save_vr;
156 unsigned short nr, ns;
157 int queued = 0;
158
159 nr = skb->data[18];
160 ns = skb->data[17];
161
162 switch (frametype) {
163 case NR_CONNREQ:
164 nr_write_internal(sk, NR_CONNACK);
165 break;
166
167 case NR_DISCREQ:
168 nr_write_internal(sk, NR_DISCACK);
169 nr_disconnect(sk, 0);
170 break;
171
172 case NR_CONNACK | NR_CHOKE_FLAG:
173 case NR_DISCACK:
174 nr_disconnect(sk, ECONNRESET);
175 break;
176
177 case NR_INFOACK:
178 case NR_INFOACK | NR_CHOKE_FLAG:
179 case NR_INFOACK | NR_NAK_FLAG:
180 case NR_INFOACK | NR_NAK_FLAG | NR_CHOKE_FLAG:
181 if (frametype & NR_CHOKE_FLAG) {
182 nrom->condition |= NR_COND_PEER_RX_BUSY;
183 nr_start_t4timer(sk);
184 } else {
185 nrom->condition &= ~NR_COND_PEER_RX_BUSY;
186 nr_stop_t4timer(sk);
187 }
188 if (!nr_validate_nr(sk, nr)) {
189 break;
190 }
191 if (frametype & NR_NAK_FLAG) {
192 nr_frames_acked(sk, nr);
193 nr_send_nak_frame(sk);
194 } else {
195 if (nrom->condition & NR_COND_PEER_RX_BUSY) {
196 nr_frames_acked(sk, nr);
197 } else {
198 nr_check_iframes_acked(sk, nr);
199 }
200 }
201 break;
202
203 case NR_INFO:
204 case NR_INFO | NR_NAK_FLAG:
205 case NR_INFO | NR_CHOKE_FLAG:
206 case NR_INFO | NR_MORE_FLAG:
207 case NR_INFO | NR_NAK_FLAG | NR_CHOKE_FLAG:
208 case NR_INFO | NR_CHOKE_FLAG | NR_MORE_FLAG:
209 case NR_INFO | NR_NAK_FLAG | NR_MORE_FLAG:
210 case NR_INFO | NR_NAK_FLAG | NR_CHOKE_FLAG | NR_MORE_FLAG:
211 if (frametype & NR_CHOKE_FLAG) {
212 nrom->condition |= NR_COND_PEER_RX_BUSY;
213 nr_start_t4timer(sk);
214 } else {
215 nrom->condition &= ~NR_COND_PEER_RX_BUSY;
216 nr_stop_t4timer(sk);
217 }
218 if (nr_validate_nr(sk, nr)) {
219 if (frametype & NR_NAK_FLAG) {
220 nr_frames_acked(sk, nr);
221 nr_send_nak_frame(sk);
222 } else {
223 if (nrom->condition & NR_COND_PEER_RX_BUSY) {
224 nr_frames_acked(sk, nr);
225 } else {
226 nr_check_iframes_acked(sk, nr);
227 }
228 }
229 }
230 queued = 1;
231 skb_queue_head(&nrom->reseq_queue, skb);
232 if (nrom->condition & NR_COND_OWN_RX_BUSY)
233 break;
234 skb_queue_head_init(&temp_queue);
235 do {
236 save_vr = nrom->vr;
237 while ((skbn = skb_dequeue(&nrom->reseq_queue)) != NULL) {
238 ns = skbn->data[17];
239 if (ns == nrom->vr) {
240 if (nr_queue_rx_frame(sk, skbn, frametype & NR_MORE_FLAG) == 0) {
241 nrom->vr = (nrom->vr + 1) % NR_MODULUS;
242 } else {
243 nrom->condition |= NR_COND_OWN_RX_BUSY;
244 skb_queue_tail(&temp_queue, skbn);
245 }
246 } else if (nr_in_rx_window(sk, ns)) {
247 skb_queue_tail(&temp_queue, skbn);
248 } else {
249 kfree_skb(skbn);
250 }
251 }
252 while ((skbn = skb_dequeue(&temp_queue)) != NULL) {
253 skb_queue_tail(&nrom->reseq_queue, skbn);
254 }
255 } while (save_vr != nrom->vr);
256 /*
257 * Window is full, ack it immediately.
258 */
259 if (((nrom->vl + nrom->window) % NR_MODULUS) == nrom->vr) {
260 nr_enquiry_response(sk);
261 } else {
262 if (!(nrom->condition & NR_COND_ACK_PENDING)) {
263 nrom->condition |= NR_COND_ACK_PENDING;
264 nr_start_t2timer(sk);
265 }
266 }
267 break;
268
269 case NR_RESET:
270 if (sysctl_netrom_reset_circuit)
271 nr_disconnect(sk, ECONNRESET);
272 break;
273
274 default:
275 break;
276 }
277 return queued;
278}
279
280/* Higher level upcall for a LAPB frame - called with sk locked */
281int nr_process_rx_frame(struct sock *sk, struct sk_buff *skb)
282{
283 struct nr_sock *nr = nr_sk(sk);
284 int queued = 0, frametype;
285
286 if (nr->state == NR_STATE_0)
287 return 0;
288
289 frametype = skb->data[19];
290
291 switch (nr->state) {
292 case NR_STATE_1:
293 queued = nr_state1_machine(sk, skb, frametype);
294 break;
295 case NR_STATE_2:
296 queued = nr_state2_machine(sk, skb, frametype);
297 break;
298 case NR_STATE_3:
299 queued = nr_state3_machine(sk, skb, frametype);
300 break;
301 }
302
303 nr_kick(sk);
304
305 return queued;
306}