1 /*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
10 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
11 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
12 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
13 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
14 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
15 */
16 #include <linux/capability.h>
17 #include <linux/module.h>
18 #include <linux/errno.h>
19 #include <linux/types.h>
20 #include <linux/socket.h>
21 #include <linux/in.h>
22 #include <linux/kernel.h>
23 #include <linux/sched.h>
24 #include <linux/timer.h>
25 #include <linux/string.h>
26 #include <linux/sockios.h>
27 #include <linux/net.h>
28 #include <linux/slab.h>
29 #include <net/ax25.h>
30 #include <linux/inet.h>
31 #include <linux/netdevice.h>
32 #include <linux/if_arp.h>
33 #include <linux/skbuff.h>
34 #include <net/sock.h>
35 #include <asm/uaccess.h>
36 #include <linux/fcntl.h>
37 #include <linux/termios.h> /* For TIOCINQ/OUTQ */
38 #include <linux/mm.h>
39 #include <linux/interrupt.h>
40 #include <linux/notifier.h>
41 #include <linux/proc_fs.h>
42 #include <linux/stat.h>
43 #include <linux/netfilter.h>
44 #include <linux/sysctl.h>
45 #include <linux/init.h>
46 #include <linux/spinlock.h>
47 #include <net/net_namespace.h>
48 #include <net/tcp_states.h>
49 #include <net/ip.h>
50 #include <net/arp.h>
51
52
53
54 HLIST_HEAD(ax25_list);
55 DEFINE_SPINLOCK(ax25_list_lock);
56
57 static const struct proto_ops ax25_proto_ops;
58
ax25_free_sock(struct sock * sk)59 static void ax25_free_sock(struct sock *sk)
60 {
61 ax25_cb_put(ax25_sk(sk));
62 }
63
64 /*
65 * Socket removal during an interrupt is now safe.
66 */
ax25_cb_del(ax25_cb * ax25)67 static void ax25_cb_del(ax25_cb *ax25)
68 {
69 if (!hlist_unhashed(&ax25->ax25_node)) {
70 spin_lock_bh(&ax25_list_lock);
71 hlist_del_init(&ax25->ax25_node);
72 spin_unlock_bh(&ax25_list_lock);
73 ax25_cb_put(ax25);
74 }
75 }
76
77 /*
78 * Kill all bound sockets on a dropped device.
79 */
ax25_kill_by_device(struct net_device * dev)80 static void ax25_kill_by_device(struct net_device *dev)
81 {
82 ax25_dev *ax25_dev;
83 ax25_cb *s;
84
85 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
86 return;
87
88 spin_lock_bh(&ax25_list_lock);
89 again:
90 ax25_for_each(s, &ax25_list) {
91 if (s->ax25_dev == ax25_dev) {
92 s->ax25_dev = NULL;
93 spin_unlock_bh(&ax25_list_lock);
94 ax25_disconnect(s, ENETUNREACH);
95 spin_lock_bh(&ax25_list_lock);
96
97 /* The entry could have been deleted from the
98 * list meanwhile and thus the next pointer is
99 * no longer valid. Play it safe and restart
100 * the scan. Forward progress is ensured
101 * because we set s->ax25_dev to NULL and we
102 * are never passed a NULL 'dev' argument.
103 */
104 goto again;
105 }
106 }
107 spin_unlock_bh(&ax25_list_lock);
108 }
109
110 /*
111 * Handle device status changes.
112 */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)113 static int ax25_device_event(struct notifier_block *this, unsigned long event,
114 void *ptr)
115 {
116 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
117
118 if (!net_eq(dev_net(dev), &init_net))
119 return NOTIFY_DONE;
120
121 /* Reject non AX.25 devices */
122 if (dev->type != ARPHRD_AX25)
123 return NOTIFY_DONE;
124
125 switch (event) {
126 case NETDEV_UP:
127 ax25_dev_device_up(dev);
128 break;
129 case NETDEV_DOWN:
130 ax25_kill_by_device(dev);
131 ax25_rt_device_down(dev);
132 ax25_dev_device_down(dev);
133 break;
134 default:
135 break;
136 }
137
138 return NOTIFY_DONE;
139 }
140
141 /*
142 * Add a socket to the bound sockets list.
143 */
ax25_cb_add(ax25_cb * ax25)144 void ax25_cb_add(ax25_cb *ax25)
145 {
146 spin_lock_bh(&ax25_list_lock);
147 ax25_cb_hold(ax25);
148 hlist_add_head(&ax25->ax25_node, &ax25_list);
149 spin_unlock_bh(&ax25_list_lock);
150 }
151
152 /*
153 * Find a socket that wants to accept the SABM we have just
154 * received.
155 */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)156 struct sock *ax25_find_listener(ax25_address *addr, int digi,
157 struct net_device *dev, int type)
158 {
159 ax25_cb *s;
160
161 spin_lock(&ax25_list_lock);
162 ax25_for_each(s, &ax25_list) {
163 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
164 continue;
165 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
166 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
167 /* If device is null we match any device */
168 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
169 sock_hold(s->sk);
170 spin_unlock(&ax25_list_lock);
171 return s->sk;
172 }
173 }
174 }
175 spin_unlock(&ax25_list_lock);
176
177 return NULL;
178 }
179
180 /*
181 * Find an AX.25 socket given both ends.
182 */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)183 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
184 int type)
185 {
186 struct sock *sk = NULL;
187 ax25_cb *s;
188
189 spin_lock(&ax25_list_lock);
190 ax25_for_each(s, &ax25_list) {
191 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
192 !ax25cmp(&s->dest_addr, dest_addr) &&
193 s->sk->sk_type == type) {
194 sk = s->sk;
195 sock_hold(sk);
196 break;
197 }
198 }
199
200 spin_unlock(&ax25_list_lock);
201
202 return sk;
203 }
204
205 /*
206 * Find an AX.25 control block given both ends. It will only pick up
207 * floating AX.25 control blocks or non Raw socket bound control blocks.
208 */
ax25_find_cb(ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)209 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
210 ax25_digi *digi, struct net_device *dev)
211 {
212 ax25_cb *s;
213
214 spin_lock_bh(&ax25_list_lock);
215 ax25_for_each(s, &ax25_list) {
216 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
217 continue;
218 if (s->ax25_dev == NULL)
219 continue;
220 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
221 if (digi != NULL && digi->ndigi != 0) {
222 if (s->digipeat == NULL)
223 continue;
224 if (ax25digicmp(s->digipeat, digi) != 0)
225 continue;
226 } else {
227 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
228 continue;
229 }
230 ax25_cb_hold(s);
231 spin_unlock_bh(&ax25_list_lock);
232
233 return s;
234 }
235 }
236 spin_unlock_bh(&ax25_list_lock);
237
238 return NULL;
239 }
240
241 EXPORT_SYMBOL(ax25_find_cb);
242
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)243 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
244 {
245 ax25_cb *s;
246 struct sk_buff *copy;
247
248 spin_lock(&ax25_list_lock);
249 ax25_for_each(s, &ax25_list) {
250 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
251 s->sk->sk_type == SOCK_RAW &&
252 s->sk->sk_protocol == proto &&
253 s->ax25_dev->dev == skb->dev &&
254 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
255 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
256 continue;
257 if (sock_queue_rcv_skb(s->sk, copy) != 0)
258 kfree_skb(copy);
259 }
260 }
261 spin_unlock(&ax25_list_lock);
262 }
263
264 /*
265 * Deferred destroy.
266 */
267 void ax25_destroy_socket(ax25_cb *);
268
269 /*
270 * Handler for deferred kills.
271 */
ax25_destroy_timer(unsigned long data)272 static void ax25_destroy_timer(unsigned long data)
273 {
274 ax25_cb *ax25=(ax25_cb *)data;
275 struct sock *sk;
276
277 sk=ax25->sk;
278
279 bh_lock_sock(sk);
280 sock_hold(sk);
281 ax25_destroy_socket(ax25);
282 bh_unlock_sock(sk);
283 sock_put(sk);
284 }
285
286 /*
287 * This is called from user mode and the timers. Thus it protects itself
288 * against interrupt users but doesn't worry about being called during
289 * work. Once it is removed from the queue no interrupt or bottom half
290 * will touch it and we are (fairly 8-) ) safe.
291 */
ax25_destroy_socket(ax25_cb * ax25)292 void ax25_destroy_socket(ax25_cb *ax25)
293 {
294 struct sk_buff *skb;
295
296 ax25_cb_del(ax25);
297
298 ax25_stop_heartbeat(ax25);
299 ax25_stop_t1timer(ax25);
300 ax25_stop_t2timer(ax25);
301 ax25_stop_t3timer(ax25);
302 ax25_stop_idletimer(ax25);
303
304 ax25_clear_queues(ax25); /* Flush the queues */
305
306 if (ax25->sk != NULL) {
307 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
308 if (skb->sk != ax25->sk) {
309 /* A pending connection */
310 ax25_cb *sax25 = ax25_sk(skb->sk);
311
312 /* Queue the unaccepted socket for death */
313 sock_orphan(skb->sk);
314
315 /* 9A4GL: hack to release unaccepted sockets */
316 skb->sk->sk_state = TCP_LISTEN;
317
318 ax25_start_heartbeat(sax25);
319 sax25->state = AX25_STATE_0;
320 }
321
322 kfree_skb(skb);
323 }
324 skb_queue_purge(&ax25->sk->sk_write_queue);
325 }
326
327 if (ax25->sk != NULL) {
328 if (sk_has_allocations(ax25->sk)) {
329 /* Defer: outstanding buffers */
330 setup_timer(&ax25->dtimer, ax25_destroy_timer,
331 (unsigned long)ax25);
332 ax25->dtimer.expires = jiffies + 2 * HZ;
333 add_timer(&ax25->dtimer);
334 } else {
335 struct sock *sk=ax25->sk;
336 ax25->sk=NULL;
337 sock_put(sk);
338 }
339 } else {
340 ax25_cb_put(ax25);
341 }
342 }
343
344 /*
345 * dl1bke 960311: set parameters for existing AX.25 connections,
346 * includes a KILL command to abort any connection.
347 * VERY useful for debugging ;-)
348 */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)349 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
350 {
351 struct ax25_ctl_struct ax25_ctl;
352 ax25_digi digi;
353 ax25_dev *ax25_dev;
354 ax25_cb *ax25;
355 unsigned int k;
356 int ret = 0;
357
358 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
359 return -EFAULT;
360
361 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
362 return -ENODEV;
363
364 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
365 return -EINVAL;
366
367 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
368 return -EINVAL;
369
370 digi.ndigi = ax25_ctl.digi_count;
371 for (k = 0; k < digi.ndigi; k++)
372 digi.calls[k] = ax25_ctl.digi_addr[k];
373
374 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
375 return -ENOTCONN;
376
377 switch (ax25_ctl.cmd) {
378 case AX25_KILL:
379 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
380 #ifdef CONFIG_AX25_DAMA_SLAVE
381 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
382 ax25_dama_off(ax25);
383 #endif
384 ax25_disconnect(ax25, ENETRESET);
385 break;
386
387 case AX25_WINDOW:
388 if (ax25->modulus == AX25_MODULUS) {
389 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
390 goto einval_put;
391 } else {
392 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
393 goto einval_put;
394 }
395 ax25->window = ax25_ctl.arg;
396 break;
397
398 case AX25_T1:
399 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
400 goto einval_put;
401 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
402 ax25->t1 = ax25_ctl.arg * HZ;
403 break;
404
405 case AX25_T2:
406 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
407 goto einval_put;
408 ax25->t2 = ax25_ctl.arg * HZ;
409 break;
410
411 case AX25_N2:
412 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
413 goto einval_put;
414 ax25->n2count = 0;
415 ax25->n2 = ax25_ctl.arg;
416 break;
417
418 case AX25_T3:
419 if (ax25_ctl.arg > ULONG_MAX / HZ)
420 goto einval_put;
421 ax25->t3 = ax25_ctl.arg * HZ;
422 break;
423
424 case AX25_IDLE:
425 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
426 goto einval_put;
427
428 ax25->idle = ax25_ctl.arg * 60 * HZ;
429 break;
430
431 case AX25_PACLEN:
432 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
433 goto einval_put;
434 ax25->paclen = ax25_ctl.arg;
435 break;
436
437 default:
438 goto einval_put;
439 }
440
441 out_put:
442 ax25_cb_put(ax25);
443 return ret;
444
445 einval_put:
446 ret = -EINVAL;
447 goto out_put;
448 }
449
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)450 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
451 {
452 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
453 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
454 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
455 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
456 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
457 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
458 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
459 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
460
461 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
462 ax25->modulus = AX25_EMODULUS;
463 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
464 } else {
465 ax25->modulus = AX25_MODULUS;
466 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
467 }
468 }
469
470 /*
471 * Fill in a created AX.25 created control block with the default
472 * values for a particular device.
473 */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)474 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
475 {
476 ax25->ax25_dev = ax25_dev;
477
478 if (ax25->ax25_dev != NULL) {
479 ax25_fillin_cb_from_dev(ax25, ax25_dev);
480 return;
481 }
482
483 /*
484 * No device, use kernel / AX.25 spec default values
485 */
486 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
487 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
488 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
489 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
490 ax25->n2 = AX25_DEF_N2;
491 ax25->paclen = AX25_DEF_PACLEN;
492 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
493 ax25->backoff = AX25_DEF_BACKOFF;
494
495 if (AX25_DEF_AXDEFMODE) {
496 ax25->modulus = AX25_EMODULUS;
497 ax25->window = AX25_DEF_EWINDOW;
498 } else {
499 ax25->modulus = AX25_MODULUS;
500 ax25->window = AX25_DEF_WINDOW;
501 }
502 }
503
504 /*
505 * Create an empty AX.25 control block.
506 */
ax25_create_cb(void)507 ax25_cb *ax25_create_cb(void)
508 {
509 ax25_cb *ax25;
510
511 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
512 return NULL;
513
514 atomic_set(&ax25->refcount, 1);
515
516 skb_queue_head_init(&ax25->write_queue);
517 skb_queue_head_init(&ax25->frag_queue);
518 skb_queue_head_init(&ax25->ack_queue);
519 skb_queue_head_init(&ax25->reseq_queue);
520
521 ax25_setup_timers(ax25);
522
523 ax25_fillin_cb(ax25, NULL);
524
525 ax25->state = AX25_STATE_0;
526
527 return ax25;
528 }
529
530 /*
531 * Handling for system calls applied via the various interfaces to an
532 * AX25 socket object
533 */
534
ax25_setsockopt(struct socket * sock,int level,int optname,char __user * optval,unsigned int optlen)535 static int ax25_setsockopt(struct socket *sock, int level, int optname,
536 char __user *optval, unsigned int optlen)
537 {
538 struct sock *sk = sock->sk;
539 ax25_cb *ax25;
540 struct net_device *dev;
541 char devname[IFNAMSIZ];
542 unsigned long opt;
543 int res = 0;
544
545 if (level != SOL_AX25)
546 return -ENOPROTOOPT;
547
548 if (optlen < sizeof(unsigned int))
549 return -EINVAL;
550
551 if (get_user(opt, (unsigned int __user *)optval))
552 return -EFAULT;
553
554 lock_sock(sk);
555 ax25 = ax25_sk(sk);
556
557 switch (optname) {
558 case AX25_WINDOW:
559 if (ax25->modulus == AX25_MODULUS) {
560 if (opt < 1 || opt > 7) {
561 res = -EINVAL;
562 break;
563 }
564 } else {
565 if (opt < 1 || opt > 63) {
566 res = -EINVAL;
567 break;
568 }
569 }
570 ax25->window = opt;
571 break;
572
573 case AX25_T1:
574 if (opt < 1 || opt > ULONG_MAX / HZ) {
575 res = -EINVAL;
576 break;
577 }
578 ax25->rtt = (opt * HZ) >> 1;
579 ax25->t1 = opt * HZ;
580 break;
581
582 case AX25_T2:
583 if (opt < 1 || opt > ULONG_MAX / HZ) {
584 res = -EINVAL;
585 break;
586 }
587 ax25->t2 = opt * HZ;
588 break;
589
590 case AX25_N2:
591 if (opt < 1 || opt > 31) {
592 res = -EINVAL;
593 break;
594 }
595 ax25->n2 = opt;
596 break;
597
598 case AX25_T3:
599 if (opt < 1 || opt > ULONG_MAX / HZ) {
600 res = -EINVAL;
601 break;
602 }
603 ax25->t3 = opt * HZ;
604 break;
605
606 case AX25_IDLE:
607 if (opt > ULONG_MAX / (60 * HZ)) {
608 res = -EINVAL;
609 break;
610 }
611 ax25->idle = opt * 60 * HZ;
612 break;
613
614 case AX25_BACKOFF:
615 if (opt > 2) {
616 res = -EINVAL;
617 break;
618 }
619 ax25->backoff = opt;
620 break;
621
622 case AX25_EXTSEQ:
623 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
624 break;
625
626 case AX25_PIDINCL:
627 ax25->pidincl = opt ? 1 : 0;
628 break;
629
630 case AX25_IAMDIGI:
631 ax25->iamdigi = opt ? 1 : 0;
632 break;
633
634 case AX25_PACLEN:
635 if (opt < 16 || opt > 65535) {
636 res = -EINVAL;
637 break;
638 }
639 ax25->paclen = opt;
640 break;
641
642 case SO_BINDTODEVICE:
643 if (optlen > IFNAMSIZ)
644 optlen = IFNAMSIZ;
645
646 if (copy_from_user(devname, optval, optlen)) {
647 res = -EFAULT;
648 break;
649 }
650
651 if (sk->sk_type == SOCK_SEQPACKET &&
652 (sock->state != SS_UNCONNECTED ||
653 sk->sk_state == TCP_LISTEN)) {
654 res = -EADDRNOTAVAIL;
655 break;
656 }
657
658 dev = dev_get_by_name(&init_net, devname);
659 if (!dev) {
660 res = -ENODEV;
661 break;
662 }
663
664 ax25->ax25_dev = ax25_dev_ax25dev(dev);
665 ax25_fillin_cb(ax25, ax25->ax25_dev);
666 dev_put(dev);
667 break;
668
669 default:
670 res = -ENOPROTOOPT;
671 }
672 release_sock(sk);
673
674 return res;
675 }
676
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)677 static int ax25_getsockopt(struct socket *sock, int level, int optname,
678 char __user *optval, int __user *optlen)
679 {
680 struct sock *sk = sock->sk;
681 ax25_cb *ax25;
682 struct ax25_dev *ax25_dev;
683 char devname[IFNAMSIZ];
684 void *valptr;
685 int val = 0;
686 int maxlen, length;
687
688 if (level != SOL_AX25)
689 return -ENOPROTOOPT;
690
691 if (get_user(maxlen, optlen))
692 return -EFAULT;
693
694 if (maxlen < 1)
695 return -EFAULT;
696
697 valptr = (void *) &val;
698 length = min_t(unsigned int, maxlen, sizeof(int));
699
700 lock_sock(sk);
701 ax25 = ax25_sk(sk);
702
703 switch (optname) {
704 case AX25_WINDOW:
705 val = ax25->window;
706 break;
707
708 case AX25_T1:
709 val = ax25->t1 / HZ;
710 break;
711
712 case AX25_T2:
713 val = ax25->t2 / HZ;
714 break;
715
716 case AX25_N2:
717 val = ax25->n2;
718 break;
719
720 case AX25_T3:
721 val = ax25->t3 / HZ;
722 break;
723
724 case AX25_IDLE:
725 val = ax25->idle / (60 * HZ);
726 break;
727
728 case AX25_BACKOFF:
729 val = ax25->backoff;
730 break;
731
732 case AX25_EXTSEQ:
733 val = (ax25->modulus == AX25_EMODULUS);
734 break;
735
736 case AX25_PIDINCL:
737 val = ax25->pidincl;
738 break;
739
740 case AX25_IAMDIGI:
741 val = ax25->iamdigi;
742 break;
743
744 case AX25_PACLEN:
745 val = ax25->paclen;
746 break;
747
748 case SO_BINDTODEVICE:
749 ax25_dev = ax25->ax25_dev;
750
751 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
752 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
753 length = strlen(devname) + 1;
754 } else {
755 *devname = '\0';
756 length = 1;
757 }
758
759 valptr = (void *) devname;
760 break;
761
762 default:
763 release_sock(sk);
764 return -ENOPROTOOPT;
765 }
766 release_sock(sk);
767
768 if (put_user(length, optlen))
769 return -EFAULT;
770
771 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
772 }
773
ax25_listen(struct socket * sock,int backlog)774 static int ax25_listen(struct socket *sock, int backlog)
775 {
776 struct sock *sk = sock->sk;
777 int res = 0;
778
779 lock_sock(sk);
780 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
781 sk->sk_max_ack_backlog = backlog;
782 sk->sk_state = TCP_LISTEN;
783 goto out;
784 }
785 res = -EOPNOTSUPP;
786
787 out:
788 release_sock(sk);
789
790 return res;
791 }
792
793 /*
794 * XXX: when creating ax25_sock we should update the .obj_size setting
795 * below.
796 */
797 static struct proto ax25_proto = {
798 .name = "AX25",
799 .owner = THIS_MODULE,
800 .obj_size = sizeof(struct sock),
801 };
802
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)803 static int ax25_create(struct net *net, struct socket *sock, int protocol,
804 int kern)
805 {
806 struct sock *sk;
807 ax25_cb *ax25;
808
809 if (protocol < 0 || protocol > SK_PROTOCOL_MAX)
810 return -EINVAL;
811
812 if (!net_eq(net, &init_net))
813 return -EAFNOSUPPORT;
814
815 switch (sock->type) {
816 case SOCK_DGRAM:
817 if (protocol == 0 || protocol == PF_AX25)
818 protocol = AX25_P_TEXT;
819 break;
820
821 case SOCK_SEQPACKET:
822 switch (protocol) {
823 case 0:
824 case PF_AX25: /* For CLX */
825 protocol = AX25_P_TEXT;
826 break;
827 case AX25_P_SEGMENT:
828 #ifdef CONFIG_INET
829 case AX25_P_ARP:
830 case AX25_P_IP:
831 #endif
832 #ifdef CONFIG_NETROM
833 case AX25_P_NETROM:
834 #endif
835 #ifdef CONFIG_ROSE
836 case AX25_P_ROSE:
837 #endif
838 return -ESOCKTNOSUPPORT;
839 #ifdef CONFIG_NETROM_MODULE
840 case AX25_P_NETROM:
841 if (ax25_protocol_is_registered(AX25_P_NETROM))
842 return -ESOCKTNOSUPPORT;
843 break;
844 #endif
845 #ifdef CONFIG_ROSE_MODULE
846 case AX25_P_ROSE:
847 if (ax25_protocol_is_registered(AX25_P_ROSE))
848 return -ESOCKTNOSUPPORT;
849 #endif
850 default:
851 break;
852 }
853 break;
854
855 case SOCK_RAW:
856 break;
857 default:
858 return -ESOCKTNOSUPPORT;
859 }
860
861 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto);
862 if (sk == NULL)
863 return -ENOMEM;
864
865 ax25 = sk->sk_protinfo = ax25_create_cb();
866 if (!ax25) {
867 sk_free(sk);
868 return -ENOMEM;
869 }
870
871 sock_init_data(sock, sk);
872
873 sk->sk_destruct = ax25_free_sock;
874 sock->ops = &ax25_proto_ops;
875 sk->sk_protocol = protocol;
876
877 ax25->sk = sk;
878
879 return 0;
880 }
881
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)882 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
883 {
884 struct sock *sk;
885 ax25_cb *ax25, *oax25;
886
887 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot);
888 if (sk == NULL)
889 return NULL;
890
891 if ((ax25 = ax25_create_cb()) == NULL) {
892 sk_free(sk);
893 return NULL;
894 }
895
896 switch (osk->sk_type) {
897 case SOCK_DGRAM:
898 break;
899 case SOCK_SEQPACKET:
900 break;
901 default:
902 sk_free(sk);
903 ax25_cb_put(ax25);
904 return NULL;
905 }
906
907 sock_init_data(NULL, sk);
908
909 sk->sk_type = osk->sk_type;
910 sk->sk_priority = osk->sk_priority;
911 sk->sk_protocol = osk->sk_protocol;
912 sk->sk_rcvbuf = osk->sk_rcvbuf;
913 sk->sk_sndbuf = osk->sk_sndbuf;
914 sk->sk_state = TCP_ESTABLISHED;
915 sock_copy_flags(sk, osk);
916
917 oax25 = ax25_sk(osk);
918
919 ax25->modulus = oax25->modulus;
920 ax25->backoff = oax25->backoff;
921 ax25->pidincl = oax25->pidincl;
922 ax25->iamdigi = oax25->iamdigi;
923 ax25->rtt = oax25->rtt;
924 ax25->t1 = oax25->t1;
925 ax25->t2 = oax25->t2;
926 ax25->t3 = oax25->t3;
927 ax25->n2 = oax25->n2;
928 ax25->idle = oax25->idle;
929 ax25->paclen = oax25->paclen;
930 ax25->window = oax25->window;
931
932 ax25->ax25_dev = ax25_dev;
933 ax25->source_addr = oax25->source_addr;
934
935 if (oax25->digipeat != NULL) {
936 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
937 GFP_ATOMIC);
938 if (ax25->digipeat == NULL) {
939 sk_free(sk);
940 ax25_cb_put(ax25);
941 return NULL;
942 }
943 }
944
945 sk->sk_protinfo = ax25;
946 sk->sk_destruct = ax25_free_sock;
947 ax25->sk = sk;
948
949 return sk;
950 }
951
ax25_release(struct socket * sock)952 static int ax25_release(struct socket *sock)
953 {
954 struct sock *sk = sock->sk;
955 ax25_cb *ax25;
956
957 if (sk == NULL)
958 return 0;
959
960 sock_hold(sk);
961 sock_orphan(sk);
962 lock_sock(sk);
963 ax25 = ax25_sk(sk);
964
965 if (sk->sk_type == SOCK_SEQPACKET) {
966 switch (ax25->state) {
967 case AX25_STATE_0:
968 release_sock(sk);
969 ax25_disconnect(ax25, 0);
970 lock_sock(sk);
971 ax25_destroy_socket(ax25);
972 break;
973
974 case AX25_STATE_1:
975 case AX25_STATE_2:
976 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
977 release_sock(sk);
978 ax25_disconnect(ax25, 0);
979 lock_sock(sk);
980 ax25_destroy_socket(ax25);
981 break;
982
983 case AX25_STATE_3:
984 case AX25_STATE_4:
985 ax25_clear_queues(ax25);
986 ax25->n2count = 0;
987
988 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
989 case AX25_PROTO_STD_SIMPLEX:
990 case AX25_PROTO_STD_DUPLEX:
991 ax25_send_control(ax25,
992 AX25_DISC,
993 AX25_POLLON,
994 AX25_COMMAND);
995 ax25_stop_t2timer(ax25);
996 ax25_stop_t3timer(ax25);
997 ax25_stop_idletimer(ax25);
998 break;
999 #ifdef CONFIG_AX25_DAMA_SLAVE
1000 case AX25_PROTO_DAMA_SLAVE:
1001 ax25_stop_t3timer(ax25);
1002 ax25_stop_idletimer(ax25);
1003 break;
1004 #endif
1005 }
1006 ax25_calculate_t1(ax25);
1007 ax25_start_t1timer(ax25);
1008 ax25->state = AX25_STATE_2;
1009 sk->sk_state = TCP_CLOSE;
1010 sk->sk_shutdown |= SEND_SHUTDOWN;
1011 sk->sk_state_change(sk);
1012 sock_set_flag(sk, SOCK_DESTROY);
1013 break;
1014
1015 default:
1016 break;
1017 }
1018 } else {
1019 sk->sk_state = TCP_CLOSE;
1020 sk->sk_shutdown |= SEND_SHUTDOWN;
1021 sk->sk_state_change(sk);
1022 ax25_destroy_socket(ax25);
1023 }
1024
1025 sock->sk = NULL;
1026 release_sock(sk);
1027 sock_put(sk);
1028
1029 return 0;
1030 }
1031
1032 /*
1033 * We support a funny extension here so you can (as root) give any callsign
1034 * digipeated via a local address as source. This hack is obsolete now
1035 * that we've implemented support for SO_BINDTODEVICE. It is however small
1036 * and trivially backward compatible.
1037 */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1038 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1039 {
1040 struct sock *sk = sock->sk;
1041 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1042 ax25_dev *ax25_dev = NULL;
1043 ax25_uid_assoc *user;
1044 ax25_address call;
1045 ax25_cb *ax25;
1046 int err = 0;
1047
1048 if (addr_len != sizeof(struct sockaddr_ax25) &&
1049 addr_len != sizeof(struct full_sockaddr_ax25))
1050 /* support for old structure may go away some time
1051 * ax25_bind(): uses old (6 digipeater) socket structure.
1052 */
1053 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1054 (addr_len > sizeof(struct full_sockaddr_ax25)))
1055 return -EINVAL;
1056
1057 if (addr->fsa_ax25.sax25_family != AF_AX25)
1058 return -EINVAL;
1059
1060 user = ax25_findbyuid(current_euid());
1061 if (user) {
1062 call = user->call;
1063 ax25_uid_put(user);
1064 } else {
1065 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1066 return -EACCES;
1067
1068 call = addr->fsa_ax25.sax25_call;
1069 }
1070
1071 lock_sock(sk);
1072
1073 ax25 = ax25_sk(sk);
1074 if (!sock_flag(sk, SOCK_ZAPPED)) {
1075 err = -EINVAL;
1076 goto out;
1077 }
1078
1079 ax25->source_addr = call;
1080
1081 /*
1082 * User already set interface with SO_BINDTODEVICE
1083 */
1084 if (ax25->ax25_dev != NULL)
1085 goto done;
1086
1087 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1088 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1089 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1090 err = -EADDRNOTAVAIL;
1091 goto out;
1092 }
1093 } else {
1094 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1095 err = -EADDRNOTAVAIL;
1096 goto out;
1097 }
1098 }
1099
1100 if (ax25_dev != NULL)
1101 ax25_fillin_cb(ax25, ax25_dev);
1102
1103 done:
1104 ax25_cb_add(ax25);
1105 sock_reset_flag(sk, SOCK_ZAPPED);
1106
1107 out:
1108 release_sock(sk);
1109
1110 return err;
1111 }
1112
1113 /*
1114 * FIXME: nonblock behaviour looks like it may have a bug.
1115 */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1116 static int __must_check ax25_connect(struct socket *sock,
1117 struct sockaddr *uaddr, int addr_len, int flags)
1118 {
1119 struct sock *sk = sock->sk;
1120 ax25_cb *ax25 = ax25_sk(sk), *ax25t;
1121 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1122 ax25_digi *digi = NULL;
1123 int ct = 0, err = 0;
1124
1125 /*
1126 * some sanity checks. code further down depends on this
1127 */
1128
1129 if (addr_len == sizeof(struct sockaddr_ax25))
1130 /* support for this will go away in early 2.5.x
1131 * ax25_connect(): uses obsolete socket structure
1132 */
1133 ;
1134 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1135 /* support for old structure may go away some time
1136 * ax25_connect(): uses old (6 digipeater) socket structure.
1137 */
1138 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1139 (addr_len > sizeof(struct full_sockaddr_ax25)))
1140 return -EINVAL;
1141
1142
1143 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1144 return -EINVAL;
1145
1146 lock_sock(sk);
1147
1148 /* deal with restarts */
1149 if (sock->state == SS_CONNECTING) {
1150 switch (sk->sk_state) {
1151 case TCP_SYN_SENT: /* still trying */
1152 err = -EINPROGRESS;
1153 goto out_release;
1154
1155 case TCP_ESTABLISHED: /* connection established */
1156 sock->state = SS_CONNECTED;
1157 goto out_release;
1158
1159 case TCP_CLOSE: /* connection refused */
1160 sock->state = SS_UNCONNECTED;
1161 err = -ECONNREFUSED;
1162 goto out_release;
1163 }
1164 }
1165
1166 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1167 err = -EISCONN; /* No reconnect on a seqpacket socket */
1168 goto out_release;
1169 }
1170
1171 sk->sk_state = TCP_CLOSE;
1172 sock->state = SS_UNCONNECTED;
1173
1174 kfree(ax25->digipeat);
1175 ax25->digipeat = NULL;
1176
1177 /*
1178 * Handle digi-peaters to be used.
1179 */
1180 if (addr_len > sizeof(struct sockaddr_ax25) &&
1181 fsa->fsa_ax25.sax25_ndigis != 0) {
1182 /* Valid number of digipeaters ? */
1183 if (fsa->fsa_ax25.sax25_ndigis < 1 || fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS) {
1184 err = -EINVAL;
1185 goto out_release;
1186 }
1187
1188 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1189 err = -ENOBUFS;
1190 goto out_release;
1191 }
1192
1193 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1194 digi->lastrepeat = -1;
1195
1196 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1197 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1198 AX25_HBIT) && ax25->iamdigi) {
1199 digi->repeated[ct] = 1;
1200 digi->lastrepeat = ct;
1201 } else {
1202 digi->repeated[ct] = 0;
1203 }
1204 digi->calls[ct] = fsa->fsa_digipeater[ct];
1205 ct++;
1206 }
1207 }
1208
1209 /*
1210 * Must bind first - autobinding in this may or may not work. If
1211 * the socket is already bound, check to see if the device has
1212 * been filled in, error if it hasn't.
1213 */
1214 if (sock_flag(sk, SOCK_ZAPPED)) {
1215 /* check if we can remove this feature. It is broken. */
1216 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1217 current->comm);
1218 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1219 kfree(digi);
1220 goto out_release;
1221 }
1222
1223 ax25_fillin_cb(ax25, ax25->ax25_dev);
1224 ax25_cb_add(ax25);
1225 } else {
1226 if (ax25->ax25_dev == NULL) {
1227 kfree(digi);
1228 err = -EHOSTUNREACH;
1229 goto out_release;
1230 }
1231 }
1232
1233 if (sk->sk_type == SOCK_SEQPACKET &&
1234 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1235 ax25->ax25_dev->dev))) {
1236 kfree(digi);
1237 err = -EADDRINUSE; /* Already such a connection */
1238 ax25_cb_put(ax25t);
1239 goto out_release;
1240 }
1241
1242 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1243 ax25->digipeat = digi;
1244
1245 /* First the easy one */
1246 if (sk->sk_type != SOCK_SEQPACKET) {
1247 sock->state = SS_CONNECTED;
1248 sk->sk_state = TCP_ESTABLISHED;
1249 goto out_release;
1250 }
1251
1252 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1253 sock->state = SS_CONNECTING;
1254 sk->sk_state = TCP_SYN_SENT;
1255
1256 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1257 case AX25_PROTO_STD_SIMPLEX:
1258 case AX25_PROTO_STD_DUPLEX:
1259 ax25_std_establish_data_link(ax25);
1260 break;
1261
1262 #ifdef CONFIG_AX25_DAMA_SLAVE
1263 case AX25_PROTO_DAMA_SLAVE:
1264 ax25->modulus = AX25_MODULUS;
1265 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1266 if (ax25->ax25_dev->dama.slave)
1267 ax25_ds_establish_data_link(ax25);
1268 else
1269 ax25_std_establish_data_link(ax25);
1270 break;
1271 #endif
1272 }
1273
1274 ax25->state = AX25_STATE_1;
1275
1276 ax25_start_heartbeat(ax25);
1277
1278 /* Now the loop */
1279 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1280 err = -EINPROGRESS;
1281 goto out_release;
1282 }
1283
1284 if (sk->sk_state == TCP_SYN_SENT) {
1285 DEFINE_WAIT(wait);
1286
1287 for (;;) {
1288 prepare_to_wait(sk_sleep(sk), &wait,
1289 TASK_INTERRUPTIBLE);
1290 if (sk->sk_state != TCP_SYN_SENT)
1291 break;
1292 if (!signal_pending(current)) {
1293 release_sock(sk);
1294 schedule();
1295 lock_sock(sk);
1296 continue;
1297 }
1298 err = -ERESTARTSYS;
1299 break;
1300 }
1301 finish_wait(sk_sleep(sk), &wait);
1302
1303 if (err)
1304 goto out_release;
1305 }
1306
1307 if (sk->sk_state != TCP_ESTABLISHED) {
1308 /* Not in ABM, not in WAIT_UA -> failed */
1309 sock->state = SS_UNCONNECTED;
1310 err = sock_error(sk); /* Always set at this point */
1311 goto out_release;
1312 }
1313
1314 sock->state = SS_CONNECTED;
1315
1316 err = 0;
1317 out_release:
1318 release_sock(sk);
1319
1320 return err;
1321 }
1322
ax25_accept(struct socket * sock,struct socket * newsock,int flags)1323 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags)
1324 {
1325 struct sk_buff *skb;
1326 struct sock *newsk;
1327 DEFINE_WAIT(wait);
1328 struct sock *sk;
1329 int err = 0;
1330
1331 if (sock->state != SS_UNCONNECTED)
1332 return -EINVAL;
1333
1334 if ((sk = sock->sk) == NULL)
1335 return -EINVAL;
1336
1337 lock_sock(sk);
1338 if (sk->sk_type != SOCK_SEQPACKET) {
1339 err = -EOPNOTSUPP;
1340 goto out;
1341 }
1342
1343 if (sk->sk_state != TCP_LISTEN) {
1344 err = -EINVAL;
1345 goto out;
1346 }
1347
1348 /*
1349 * The read queue this time is holding sockets ready to use
1350 * hooked into the SABM we saved
1351 */
1352 for (;;) {
1353 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1354 skb = skb_dequeue(&sk->sk_receive_queue);
1355 if (skb)
1356 break;
1357
1358 if (flags & O_NONBLOCK) {
1359 err = -EWOULDBLOCK;
1360 break;
1361 }
1362 if (!signal_pending(current)) {
1363 release_sock(sk);
1364 schedule();
1365 lock_sock(sk);
1366 continue;
1367 }
1368 err = -ERESTARTSYS;
1369 break;
1370 }
1371 finish_wait(sk_sleep(sk), &wait);
1372
1373 if (err)
1374 goto out;
1375
1376 newsk = skb->sk;
1377 sock_graft(newsk, newsock);
1378
1379 /* Now attach up the new socket */
1380 kfree_skb(skb);
1381 sk->sk_ack_backlog--;
1382 newsock->state = SS_CONNECTED;
1383
1384 out:
1385 release_sock(sk);
1386
1387 return err;
1388 }
1389
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int * uaddr_len,int peer)1390 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1391 int *uaddr_len, int peer)
1392 {
1393 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1394 struct sock *sk = sock->sk;
1395 unsigned char ndigi, i;
1396 ax25_cb *ax25;
1397 int err = 0;
1398
1399 memset(fsa, 0, sizeof(*fsa));
1400 lock_sock(sk);
1401 ax25 = ax25_sk(sk);
1402
1403 if (peer != 0) {
1404 if (sk->sk_state != TCP_ESTABLISHED) {
1405 err = -ENOTCONN;
1406 goto out;
1407 }
1408
1409 fsa->fsa_ax25.sax25_family = AF_AX25;
1410 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1411
1412 if (ax25->digipeat != NULL) {
1413 ndigi = ax25->digipeat->ndigi;
1414 fsa->fsa_ax25.sax25_ndigis = ndigi;
1415 for (i = 0; i < ndigi; i++)
1416 fsa->fsa_digipeater[i] =
1417 ax25->digipeat->calls[i];
1418 }
1419 } else {
1420 fsa->fsa_ax25.sax25_family = AF_AX25;
1421 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1422 fsa->fsa_ax25.sax25_ndigis = 1;
1423 if (ax25->ax25_dev != NULL) {
1424 memcpy(&fsa->fsa_digipeater[0],
1425 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1426 } else {
1427 fsa->fsa_digipeater[0] = null_ax25_address;
1428 }
1429 }
1430 *uaddr_len = sizeof (struct full_sockaddr_ax25);
1431
1432 out:
1433 release_sock(sk);
1434
1435 return err;
1436 }
1437
ax25_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)1438 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1439 {
1440 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1441 struct sock *sk = sock->sk;
1442 struct sockaddr_ax25 sax;
1443 struct sk_buff *skb;
1444 ax25_digi dtmp, *dp;
1445 ax25_cb *ax25;
1446 size_t size;
1447 int lv, err, addr_len = msg->msg_namelen;
1448
1449 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1450 return -EINVAL;
1451
1452 lock_sock(sk);
1453 ax25 = ax25_sk(sk);
1454
1455 if (sock_flag(sk, SOCK_ZAPPED)) {
1456 err = -EADDRNOTAVAIL;
1457 goto out;
1458 }
1459
1460 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1461 send_sig(SIGPIPE, current, 0);
1462 err = -EPIPE;
1463 goto out;
1464 }
1465
1466 if (ax25->ax25_dev == NULL) {
1467 err = -ENETUNREACH;
1468 goto out;
1469 }
1470
1471 if (len > ax25->ax25_dev->dev->mtu) {
1472 err = -EMSGSIZE;
1473 goto out;
1474 }
1475
1476 if (usax != NULL) {
1477 if (usax->sax25_family != AF_AX25) {
1478 err = -EINVAL;
1479 goto out;
1480 }
1481
1482 if (addr_len == sizeof(struct sockaddr_ax25))
1483 /* ax25_sendmsg(): uses obsolete socket structure */
1484 ;
1485 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1486 /* support for old structure may go away some time
1487 * ax25_sendmsg(): uses old (6 digipeater)
1488 * socket structure.
1489 */
1490 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1491 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1492 err = -EINVAL;
1493 goto out;
1494 }
1495
1496
1497 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1498 int ct = 0;
1499 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1500
1501 /* Valid number of digipeaters ? */
1502 if (usax->sax25_ndigis < 1 || usax->sax25_ndigis > AX25_MAX_DIGIS) {
1503 err = -EINVAL;
1504 goto out;
1505 }
1506
1507 dtmp.ndigi = usax->sax25_ndigis;
1508
1509 while (ct < usax->sax25_ndigis) {
1510 dtmp.repeated[ct] = 0;
1511 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1512 ct++;
1513 }
1514
1515 dtmp.lastrepeat = 0;
1516 }
1517
1518 sax = *usax;
1519 if (sk->sk_type == SOCK_SEQPACKET &&
1520 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1521 err = -EISCONN;
1522 goto out;
1523 }
1524 if (usax->sax25_ndigis == 0)
1525 dp = NULL;
1526 else
1527 dp = &dtmp;
1528 } else {
1529 /*
1530 * FIXME: 1003.1g - if the socket is like this because
1531 * it has become closed (not started closed) and is VC
1532 * we ought to SIGPIPE, EPIPE
1533 */
1534 if (sk->sk_state != TCP_ESTABLISHED) {
1535 err = -ENOTCONN;
1536 goto out;
1537 }
1538 sax.sax25_family = AF_AX25;
1539 sax.sax25_call = ax25->dest_addr;
1540 dp = ax25->digipeat;
1541 }
1542
1543 /* Build a packet */
1544 /* Assume the worst case */
1545 size = len + ax25->ax25_dev->dev->hard_header_len;
1546
1547 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1548 if (skb == NULL)
1549 goto out;
1550
1551 skb_reserve(skb, size - len);
1552
1553 /* User data follows immediately after the AX.25 data */
1554 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1555 err = -EFAULT;
1556 kfree_skb(skb);
1557 goto out;
1558 }
1559
1560 skb_reset_network_header(skb);
1561
1562 /* Add the PID if one is not supplied by the user in the skb */
1563 if (!ax25->pidincl)
1564 *skb_push(skb, 1) = sk->sk_protocol;
1565
1566 if (sk->sk_type == SOCK_SEQPACKET) {
1567 /* Connected mode sockets go via the LAPB machine */
1568 if (sk->sk_state != TCP_ESTABLISHED) {
1569 kfree_skb(skb);
1570 err = -ENOTCONN;
1571 goto out;
1572 }
1573
1574 /* Shove it onto the queue and kick */
1575 ax25_output(ax25, ax25->paclen, skb);
1576
1577 err = len;
1578 goto out;
1579 }
1580
1581 skb_push(skb, 1 + ax25_addr_size(dp));
1582
1583 /* Building AX.25 Header */
1584
1585 /* Build an AX.25 header */
1586 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1587 dp, AX25_COMMAND, AX25_MODULUS);
1588
1589 skb_set_transport_header(skb, lv);
1590
1591 *skb_transport_header(skb) = AX25_UI;
1592
1593 /* Datagram frames go straight out of the door as UI */
1594 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1595
1596 err = len;
1597
1598 out:
1599 release_sock(sk);
1600
1601 return err;
1602 }
1603
ax25_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)1604 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1605 int flags)
1606 {
1607 struct sock *sk = sock->sk;
1608 struct sk_buff *skb;
1609 int copied;
1610 int err = 0;
1611
1612 lock_sock(sk);
1613 /*
1614 * This works for seqpacket too. The receiver has ordered the
1615 * queue for us! We do one quick check first though
1616 */
1617 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1618 err = -ENOTCONN;
1619 goto out;
1620 }
1621
1622 /* Now we can treat all alike */
1623 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1624 flags & MSG_DONTWAIT, &err);
1625 if (skb == NULL)
1626 goto out;
1627
1628 if (!ax25_sk(sk)->pidincl)
1629 skb_pull(skb, 1); /* Remove PID */
1630
1631 skb_reset_transport_header(skb);
1632 copied = skb->len;
1633
1634 if (copied > size) {
1635 copied = size;
1636 msg->msg_flags |= MSG_TRUNC;
1637 }
1638
1639 skb_copy_datagram_msg(skb, 0, msg, copied);
1640
1641 if (msg->msg_name) {
1642 ax25_digi digi;
1643 ax25_address src;
1644 const unsigned char *mac = skb_mac_header(skb);
1645 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1646
1647 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1648 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1649 &digi, NULL, NULL);
1650 sax->sax25_family = AF_AX25;
1651 /* We set this correctly, even though we may not let the
1652 application know the digi calls further down (because it
1653 did NOT ask to know them). This could get political... **/
1654 sax->sax25_ndigis = digi.ndigi;
1655 sax->sax25_call = src;
1656
1657 if (sax->sax25_ndigis != 0) {
1658 int ct;
1659 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1660
1661 for (ct = 0; ct < digi.ndigi; ct++)
1662 fsa->fsa_digipeater[ct] = digi.calls[ct];
1663 }
1664 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1665 }
1666
1667 skb_free_datagram(sk, skb);
1668 err = copied;
1669
1670 out:
1671 release_sock(sk);
1672
1673 return err;
1674 }
1675
ax25_shutdown(struct socket * sk,int how)1676 static int ax25_shutdown(struct socket *sk, int how)
1677 {
1678 /* FIXME - generate DM and RNR states */
1679 return -EOPNOTSUPP;
1680 }
1681
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1682 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1683 {
1684 struct sock *sk = sock->sk;
1685 void __user *argp = (void __user *)arg;
1686 int res = 0;
1687
1688 lock_sock(sk);
1689 switch (cmd) {
1690 case TIOCOUTQ: {
1691 long amount;
1692
1693 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1694 if (amount < 0)
1695 amount = 0;
1696 res = put_user(amount, (int __user *)argp);
1697 break;
1698 }
1699
1700 case TIOCINQ: {
1701 struct sk_buff *skb;
1702 long amount = 0L;
1703 /* These two are safe on a single CPU system as only user tasks fiddle here */
1704 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1705 amount = skb->len;
1706 res = put_user(amount, (int __user *) argp);
1707 break;
1708 }
1709
1710 case SIOCGSTAMP:
1711 res = sock_get_timestamp(sk, argp);
1712 break;
1713
1714 case SIOCGSTAMPNS:
1715 res = sock_get_timestampns(sk, argp);
1716 break;
1717
1718 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1719 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1720 case SIOCAX25GETUID: {
1721 struct sockaddr_ax25 sax25;
1722 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1723 res = -EFAULT;
1724 break;
1725 }
1726 res = ax25_uid_ioctl(cmd, &sax25);
1727 break;
1728 }
1729
1730 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1731 long amount;
1732 if (!capable(CAP_NET_ADMIN)) {
1733 res = -EPERM;
1734 break;
1735 }
1736 if (get_user(amount, (long __user *)argp)) {
1737 res = -EFAULT;
1738 break;
1739 }
1740 if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1741 res = -EINVAL;
1742 break;
1743 }
1744 ax25_uid_policy = amount;
1745 res = 0;
1746 break;
1747 }
1748
1749 case SIOCADDRT:
1750 case SIOCDELRT:
1751 case SIOCAX25OPTRT:
1752 if (!capable(CAP_NET_ADMIN)) {
1753 res = -EPERM;
1754 break;
1755 }
1756 res = ax25_rt_ioctl(cmd, argp);
1757 break;
1758
1759 case SIOCAX25CTLCON:
1760 if (!capable(CAP_NET_ADMIN)) {
1761 res = -EPERM;
1762 break;
1763 }
1764 res = ax25_ctl_ioctl(cmd, argp);
1765 break;
1766
1767 case SIOCAX25GETINFO:
1768 case SIOCAX25GETINFOOLD: {
1769 ax25_cb *ax25 = ax25_sk(sk);
1770 struct ax25_info_struct ax25_info;
1771
1772 ax25_info.t1 = ax25->t1 / HZ;
1773 ax25_info.t2 = ax25->t2 / HZ;
1774 ax25_info.t3 = ax25->t3 / HZ;
1775 ax25_info.idle = ax25->idle / (60 * HZ);
1776 ax25_info.n2 = ax25->n2;
1777 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1778 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1779 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1780 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1781 ax25_info.n2count = ax25->n2count;
1782 ax25_info.state = ax25->state;
1783 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1784 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1785 ax25_info.vs = ax25->vs;
1786 ax25_info.vr = ax25->vr;
1787 ax25_info.va = ax25->va;
1788 ax25_info.vs_max = ax25->vs; /* reserved */
1789 ax25_info.paclen = ax25->paclen;
1790 ax25_info.window = ax25->window;
1791
1792 /* old structure? */
1793 if (cmd == SIOCAX25GETINFOOLD) {
1794 static int warned = 0;
1795 if (!warned) {
1796 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1797 current->comm);
1798 warned=1;
1799 }
1800
1801 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1802 res = -EFAULT;
1803 break;
1804 }
1805 } else {
1806 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1807 res = -EINVAL;
1808 break;
1809 }
1810 }
1811 res = 0;
1812 break;
1813 }
1814
1815 case SIOCAX25ADDFWD:
1816 case SIOCAX25DELFWD: {
1817 struct ax25_fwd_struct ax25_fwd;
1818 if (!capable(CAP_NET_ADMIN)) {
1819 res = -EPERM;
1820 break;
1821 }
1822 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1823 res = -EFAULT;
1824 break;
1825 }
1826 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1827 break;
1828 }
1829
1830 case SIOCGIFADDR:
1831 case SIOCSIFADDR:
1832 case SIOCGIFDSTADDR:
1833 case SIOCSIFDSTADDR:
1834 case SIOCGIFBRDADDR:
1835 case SIOCSIFBRDADDR:
1836 case SIOCGIFNETMASK:
1837 case SIOCSIFNETMASK:
1838 case SIOCGIFMETRIC:
1839 case SIOCSIFMETRIC:
1840 res = -EINVAL;
1841 break;
1842
1843 default:
1844 res = -ENOIOCTLCMD;
1845 break;
1846 }
1847 release_sock(sk);
1848
1849 return res;
1850 }
1851
1852 #ifdef CONFIG_PROC_FS
1853
ax25_info_start(struct seq_file * seq,loff_t * pos)1854 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1855 __acquires(ax25_list_lock)
1856 {
1857 spin_lock_bh(&ax25_list_lock);
1858 return seq_hlist_start(&ax25_list, *pos);
1859 }
1860
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1861 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1862 {
1863 return seq_hlist_next(v, &ax25_list, pos);
1864 }
1865
ax25_info_stop(struct seq_file * seq,void * v)1866 static void ax25_info_stop(struct seq_file *seq, void *v)
1867 __releases(ax25_list_lock)
1868 {
1869 spin_unlock_bh(&ax25_list_lock);
1870 }
1871
ax25_info_show(struct seq_file * seq,void * v)1872 static int ax25_info_show(struct seq_file *seq, void *v)
1873 {
1874 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1875 char buf[11];
1876 int k;
1877
1878
1879 /*
1880 * New format:
1881 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1882 */
1883
1884 seq_printf(seq, "%8.8lx %s %s%s ",
1885 (long) ax25,
1886 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1887 ax2asc(buf, &ax25->source_addr),
1888 ax25->iamdigi? "*":"");
1889 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1890
1891 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1892 seq_printf(seq, ",%s%s",
1893 ax2asc(buf, &ax25->digipeat->calls[k]),
1894 ax25->digipeat->repeated[k]? "*":"");
1895 }
1896
1897 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1898 ax25->state,
1899 ax25->vs, ax25->vr, ax25->va,
1900 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1901 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1902 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1903 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1904 ax25->idle / (60 * HZ),
1905 ax25->n2count, ax25->n2,
1906 ax25->rtt / HZ,
1907 ax25->window,
1908 ax25->paclen);
1909
1910 if (ax25->sk != NULL) {
1911 seq_printf(seq, " %d %d %lu\n",
1912 sk_wmem_alloc_get(ax25->sk),
1913 sk_rmem_alloc_get(ax25->sk),
1914 sock_i_ino(ax25->sk));
1915 } else {
1916 seq_puts(seq, " * * *\n");
1917 }
1918 return 0;
1919 }
1920
1921 static const struct seq_operations ax25_info_seqops = {
1922 .start = ax25_info_start,
1923 .next = ax25_info_next,
1924 .stop = ax25_info_stop,
1925 .show = ax25_info_show,
1926 };
1927
ax25_info_open(struct inode * inode,struct file * file)1928 static int ax25_info_open(struct inode *inode, struct file *file)
1929 {
1930 return seq_open(file, &ax25_info_seqops);
1931 }
1932
1933 static const struct file_operations ax25_info_fops = {
1934 .owner = THIS_MODULE,
1935 .open = ax25_info_open,
1936 .read = seq_read,
1937 .llseek = seq_lseek,
1938 .release = seq_release,
1939 };
1940
1941 #endif
1942
1943 static const struct net_proto_family ax25_family_ops = {
1944 .family = PF_AX25,
1945 .create = ax25_create,
1946 .owner = THIS_MODULE,
1947 };
1948
1949 static const struct proto_ops ax25_proto_ops = {
1950 .family = PF_AX25,
1951 .owner = THIS_MODULE,
1952 .release = ax25_release,
1953 .bind = ax25_bind,
1954 .connect = ax25_connect,
1955 .socketpair = sock_no_socketpair,
1956 .accept = ax25_accept,
1957 .getname = ax25_getname,
1958 .poll = datagram_poll,
1959 .ioctl = ax25_ioctl,
1960 .listen = ax25_listen,
1961 .shutdown = ax25_shutdown,
1962 .setsockopt = ax25_setsockopt,
1963 .getsockopt = ax25_getsockopt,
1964 .sendmsg = ax25_sendmsg,
1965 .recvmsg = ax25_recvmsg,
1966 .mmap = sock_no_mmap,
1967 .sendpage = sock_no_sendpage,
1968 };
1969
1970 /*
1971 * Called by socket.c on kernel start up
1972 */
1973 static struct packet_type ax25_packet_type __read_mostly = {
1974 .type = cpu_to_be16(ETH_P_AX25),
1975 .func = ax25_kiss_rcv,
1976 };
1977
1978 static struct notifier_block ax25_dev_notifier = {
1979 .notifier_call = ax25_device_event,
1980 };
1981
ax25_init(void)1982 static int __init ax25_init(void)
1983 {
1984 int rc = proto_register(&ax25_proto, 0);
1985
1986 if (rc != 0)
1987 goto out;
1988
1989 sock_register(&ax25_family_ops);
1990 dev_add_pack(&ax25_packet_type);
1991 register_netdevice_notifier(&ax25_dev_notifier);
1992
1993 proc_create("ax25_route", S_IRUGO, init_net.proc_net,
1994 &ax25_route_fops);
1995 proc_create("ax25", S_IRUGO, init_net.proc_net, &ax25_info_fops);
1996 proc_create("ax25_calls", S_IRUGO, init_net.proc_net, &ax25_uid_fops);
1997 out:
1998 return rc;
1999 }
2000 module_init(ax25_init);
2001
2002
2003 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2004 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2005 MODULE_LICENSE("GPL");
2006 MODULE_ALIAS_NETPROTO(PF_AX25);
2007
ax25_exit(void)2008 static void __exit ax25_exit(void)
2009 {
2010 remove_proc_entry("ax25_route", init_net.proc_net);
2011 remove_proc_entry("ax25", init_net.proc_net);
2012 remove_proc_entry("ax25_calls", init_net.proc_net);
2013
2014 unregister_netdevice_notifier(&ax25_dev_notifier);
2015
2016 dev_remove_pack(&ax25_packet_type);
2017
2018 sock_unregister(PF_AX25);
2019 proto_unregister(&ax25_proto);
2020
2021 ax25_rt_free();
2022 ax25_uid_free();
2023 ax25_dev_free();
2024 }
2025 module_exit(ax25_exit);
2026