1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13#include <linux/capability.h> 14#include <linux/module.h> 15#include <linux/errno.h> 16#include <linux/types.h> 17#include <linux/socket.h> 18#include <linux/in.h> 19#include <linux/kernel.h> 20#include <linux/sched/signal.h> 21#include <linux/timer.h> 22#include <linux/string.h> 23#include <linux/sockios.h> 24#include <linux/net.h> 25#include <linux/slab.h> 26#include <net/ax25.h> 27#include <linux/inet.h> 28#include <linux/netdevice.h> 29#include <linux/if_arp.h> 30#include <linux/skbuff.h> 31#include <net/sock.h> 32#include <linux/uaccess.h> 33#include <linux/fcntl.h> 34#include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35#include <linux/mm.h> 36#include <linux/interrupt.h> 37#include <linux/notifier.h> 38#include <linux/proc_fs.h> 39#include <linux/stat.h> 40#include <linux/sysctl.h> 41#include <linux/init.h> 42#include <linux/spinlock.h> 43#include <net/net_namespace.h> 44#include <net/tcp_states.h> 45#include <net/ip.h> 46#include <net/arp.h> 47 48 49 50HLIST_HEAD(ax25_list); 51DEFINE_SPINLOCK(ax25_list_lock); 52 53static const struct proto_ops ax25_proto_ops; 54 55static void ax25_free_sock(struct sock *sk) 56{ 57 ax25_cb_put(sk_to_ax25(sk)); 58} 59 60/* 61 * Socket removal during an interrupt is now safe. 62 */ 63static void ax25_cb_del(ax25_cb *ax25) 64{ 65 if (!hlist_unhashed(&ax25->ax25_node)) { 66 spin_lock_bh(&ax25_list_lock); 67 hlist_del_init(&ax25->ax25_node); 68 spin_unlock_bh(&ax25_list_lock); 69 ax25_cb_put(ax25); 70 } 71} 72 73/* 74 * Kill all bound sockets on a dropped device. 75 */ 76static void ax25_kill_by_device(struct net_device *dev) 77{ 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 struct sock *sk; 81 82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 83 return; 84 85 spin_lock_bh(&ax25_list_lock); 86again: 87 ax25_for_each(s, &ax25_list) { 88 if (s->ax25_dev == ax25_dev) { 89 sk = s->sk; 90 if (!sk) { 91 spin_unlock_bh(&ax25_list_lock); 92 ax25_disconnect(s, ENETUNREACH); 93 s->ax25_dev = NULL; 94 spin_lock_bh(&ax25_list_lock); 95 goto again; 96 } 97 sock_hold(sk); 98 spin_unlock_bh(&ax25_list_lock); 99 lock_sock(sk); 100 ax25_disconnect(s, ENETUNREACH); 101 s->ax25_dev = NULL; 102 if (sk->sk_socket) { 103 dev_put(ax25_dev->dev); 104 ax25_dev_put(ax25_dev); 105 } 106 release_sock(sk); 107 spin_lock_bh(&ax25_list_lock); 108 sock_put(sk); 109 /* The entry could have been deleted from the 110 * list meanwhile and thus the next pointer is 111 * no longer valid. Play it safe and restart 112 * the scan. Forward progress is ensured 113 * because we set s->ax25_dev to NULL and we 114 * are never passed a NULL 'dev' argument. 115 */ 116 goto again; 117 } 118 } 119 spin_unlock_bh(&ax25_list_lock); 120} 121 122/* 123 * Handle device status changes. 124 */ 125static int ax25_device_event(struct notifier_block *this, unsigned long event, 126 void *ptr) 127{ 128 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 129 130 if (!net_eq(dev_net(dev), &init_net)) 131 return NOTIFY_DONE; 132 133 /* Reject non AX.25 devices */ 134 if (dev->type != ARPHRD_AX25) 135 return NOTIFY_DONE; 136 137 switch (event) { 138 case NETDEV_UP: 139 ax25_dev_device_up(dev); 140 break; 141 case NETDEV_DOWN: 142 ax25_kill_by_device(dev); 143 ax25_rt_device_down(dev); 144 ax25_dev_device_down(dev); 145 break; 146 default: 147 break; 148 } 149 150 return NOTIFY_DONE; 151} 152 153/* 154 * Add a socket to the bound sockets list. 155 */ 156void ax25_cb_add(ax25_cb *ax25) 157{ 158 spin_lock_bh(&ax25_list_lock); 159 ax25_cb_hold(ax25); 160 hlist_add_head(&ax25->ax25_node, &ax25_list); 161 spin_unlock_bh(&ax25_list_lock); 162} 163 164/* 165 * Find a socket that wants to accept the SABM we have just 166 * received. 167 */ 168struct sock *ax25_find_listener(ax25_address *addr, int digi, 169 struct net_device *dev, int type) 170{ 171 ax25_cb *s; 172 173 spin_lock(&ax25_list_lock); 174 ax25_for_each(s, &ax25_list) { 175 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 176 continue; 177 if (s->sk && !ax25cmp(&s->source_addr, addr) && 178 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 179 /* If device is null we match any device */ 180 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 181 sock_hold(s->sk); 182 spin_unlock(&ax25_list_lock); 183 return s->sk; 184 } 185 } 186 } 187 spin_unlock(&ax25_list_lock); 188 189 return NULL; 190} 191 192/* 193 * Find an AX.25 socket given both ends. 194 */ 195struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 196 int type) 197{ 198 struct sock *sk = NULL; 199 ax25_cb *s; 200 201 spin_lock(&ax25_list_lock); 202 ax25_for_each(s, &ax25_list) { 203 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 204 !ax25cmp(&s->dest_addr, dest_addr) && 205 s->sk->sk_type == type) { 206 sk = s->sk; 207 sock_hold(sk); 208 break; 209 } 210 } 211 212 spin_unlock(&ax25_list_lock); 213 214 return sk; 215} 216 217/* 218 * Find an AX.25 control block given both ends. It will only pick up 219 * floating AX.25 control blocks or non Raw socket bound control blocks. 220 */ 221ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr, 222 ax25_digi *digi, struct net_device *dev) 223{ 224 ax25_cb *s; 225 226 spin_lock_bh(&ax25_list_lock); 227 ax25_for_each(s, &ax25_list) { 228 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 229 continue; 230 if (s->ax25_dev == NULL) 231 continue; 232 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 233 if (digi != NULL && digi->ndigi != 0) { 234 if (s->digipeat == NULL) 235 continue; 236 if (ax25digicmp(s->digipeat, digi) != 0) 237 continue; 238 } else { 239 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 240 continue; 241 } 242 ax25_cb_hold(s); 243 spin_unlock_bh(&ax25_list_lock); 244 245 return s; 246 } 247 } 248 spin_unlock_bh(&ax25_list_lock); 249 250 return NULL; 251} 252 253EXPORT_SYMBOL(ax25_find_cb); 254 255void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 256{ 257 ax25_cb *s; 258 struct sk_buff *copy; 259 260 spin_lock(&ax25_list_lock); 261 ax25_for_each(s, &ax25_list) { 262 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 263 s->sk->sk_type == SOCK_RAW && 264 s->sk->sk_protocol == proto && 265 s->ax25_dev->dev == skb->dev && 266 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 267 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 268 continue; 269 if (sock_queue_rcv_skb(s->sk, copy) != 0) 270 kfree_skb(copy); 271 } 272 } 273 spin_unlock(&ax25_list_lock); 274} 275 276/* 277 * Deferred destroy. 278 */ 279void ax25_destroy_socket(ax25_cb *); 280 281/* 282 * Handler for deferred kills. 283 */ 284static void ax25_destroy_timer(struct timer_list *t) 285{ 286 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 287 struct sock *sk; 288 289 sk=ax25->sk; 290 291 bh_lock_sock(sk); 292 sock_hold(sk); 293 ax25_destroy_socket(ax25); 294 bh_unlock_sock(sk); 295 sock_put(sk); 296} 297 298/* 299 * This is called from user mode and the timers. Thus it protects itself 300 * against interrupt users but doesn't worry about being called during 301 * work. Once it is removed from the queue no interrupt or bottom half 302 * will touch it and we are (fairly 8-) ) safe. 303 */ 304void ax25_destroy_socket(ax25_cb *ax25) 305{ 306 struct sk_buff *skb; 307 308 ax25_cb_del(ax25); 309 310 ax25_stop_heartbeat(ax25); 311 ax25_stop_t1timer(ax25); 312 ax25_stop_t2timer(ax25); 313 ax25_stop_t3timer(ax25); 314 ax25_stop_idletimer(ax25); 315 316 ax25_clear_queues(ax25); /* Flush the queues */ 317 318 if (ax25->sk != NULL) { 319 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 320 if (skb->sk != ax25->sk) { 321 /* A pending connection */ 322 ax25_cb *sax25 = sk_to_ax25(skb->sk); 323 324 /* Queue the unaccepted socket for death */ 325 sock_orphan(skb->sk); 326 327 /* 9A4GL: hack to release unaccepted sockets */ 328 skb->sk->sk_state = TCP_LISTEN; 329 330 ax25_start_heartbeat(sax25); 331 sax25->state = AX25_STATE_0; 332 } 333 334 kfree_skb(skb); 335 } 336 skb_queue_purge(&ax25->sk->sk_write_queue); 337 } 338 339 if (ax25->sk != NULL) { 340 if (sk_has_allocations(ax25->sk)) { 341 /* Defer: outstanding buffers */ 342 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 343 ax25->dtimer.expires = jiffies + 2 * HZ; 344 add_timer(&ax25->dtimer); 345 } else { 346 struct sock *sk=ax25->sk; 347 ax25->sk=NULL; 348 sock_put(sk); 349 } 350 } else { 351 ax25_cb_put(ax25); 352 } 353} 354 355/* 356 * dl1bke 960311: set parameters for existing AX.25 connections, 357 * includes a KILL command to abort any connection. 358 * VERY useful for debugging ;-) 359 */ 360static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 361{ 362 struct ax25_ctl_struct ax25_ctl; 363 ax25_digi digi; 364 ax25_dev *ax25_dev; 365 ax25_cb *ax25; 366 unsigned int k; 367 int ret = 0; 368 369 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 370 return -EFAULT; 371 372 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 373 return -EINVAL; 374 375 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 376 return -EINVAL; 377 378 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr); 379 if (!ax25_dev) 380 return -ENODEV; 381 382 digi.ndigi = ax25_ctl.digi_count; 383 for (k = 0; k < digi.ndigi; k++) 384 digi.calls[k] = ax25_ctl.digi_addr[k]; 385 386 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev); 387 if (!ax25) { 388 ax25_dev_put(ax25_dev); 389 return -ENOTCONN; 390 } 391 392 switch (ax25_ctl.cmd) { 393 case AX25_KILL: 394 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 395#ifdef CONFIG_AX25_DAMA_SLAVE 396 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 397 ax25_dama_off(ax25); 398#endif 399 ax25_disconnect(ax25, ENETRESET); 400 break; 401 402 case AX25_WINDOW: 403 if (ax25->modulus == AX25_MODULUS) { 404 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 405 goto einval_put; 406 } else { 407 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 408 goto einval_put; 409 } 410 ax25->window = ax25_ctl.arg; 411 break; 412 413 case AX25_T1: 414 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 415 goto einval_put; 416 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 417 ax25->t1 = ax25_ctl.arg * HZ; 418 break; 419 420 case AX25_T2: 421 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 422 goto einval_put; 423 ax25->t2 = ax25_ctl.arg * HZ; 424 break; 425 426 case AX25_N2: 427 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 428 goto einval_put; 429 ax25->n2count = 0; 430 ax25->n2 = ax25_ctl.arg; 431 break; 432 433 case AX25_T3: 434 if (ax25_ctl.arg > ULONG_MAX / HZ) 435 goto einval_put; 436 ax25->t3 = ax25_ctl.arg * HZ; 437 break; 438 439 case AX25_IDLE: 440 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 441 goto einval_put; 442 443 ax25->idle = ax25_ctl.arg * 60 * HZ; 444 break; 445 446 case AX25_PACLEN: 447 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 448 goto einval_put; 449 ax25->paclen = ax25_ctl.arg; 450 break; 451 452 default: 453 goto einval_put; 454 } 455 456out_put: 457 ax25_dev_put(ax25_dev); 458 ax25_cb_put(ax25); 459 return ret; 460 461einval_put: 462 ret = -EINVAL; 463 goto out_put; 464} 465 466static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev) 467{ 468 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 469 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 470 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 471 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 472 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 473 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 474 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 475 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 476 477 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 478 ax25->modulus = AX25_EMODULUS; 479 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 480 } else { 481 ax25->modulus = AX25_MODULUS; 482 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 483 } 484} 485 486/* 487 * Fill in a created AX.25 created control block with the default 488 * values for a particular device. 489 */ 490void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 491{ 492 ax25->ax25_dev = ax25_dev; 493 494 if (ax25->ax25_dev != NULL) { 495 ax25_fillin_cb_from_dev(ax25, ax25_dev); 496 return; 497 } 498 499 /* 500 * No device, use kernel / AX.25 spec default values 501 */ 502 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 503 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 504 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 505 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 506 ax25->n2 = AX25_DEF_N2; 507 ax25->paclen = AX25_DEF_PACLEN; 508 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 509 ax25->backoff = AX25_DEF_BACKOFF; 510 511 if (AX25_DEF_AXDEFMODE) { 512 ax25->modulus = AX25_EMODULUS; 513 ax25->window = AX25_DEF_EWINDOW; 514 } else { 515 ax25->modulus = AX25_MODULUS; 516 ax25->window = AX25_DEF_WINDOW; 517 } 518} 519 520/* 521 * Create an empty AX.25 control block. 522 */ 523ax25_cb *ax25_create_cb(void) 524{ 525 ax25_cb *ax25; 526 527 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 528 return NULL; 529 530 refcount_set(&ax25->refcount, 1); 531 532 skb_queue_head_init(&ax25->write_queue); 533 skb_queue_head_init(&ax25->frag_queue); 534 skb_queue_head_init(&ax25->ack_queue); 535 skb_queue_head_init(&ax25->reseq_queue); 536 537 ax25_setup_timers(ax25); 538 539 ax25_fillin_cb(ax25, NULL); 540 541 ax25->state = AX25_STATE_0; 542 543 return ax25; 544} 545 546/* 547 * Handling for system calls applied via the various interfaces to an 548 * AX25 socket object 549 */ 550 551static int ax25_setsockopt(struct socket *sock, int level, int optname, 552 sockptr_t optval, unsigned int optlen) 553{ 554 struct sock *sk = sock->sk; 555 ax25_cb *ax25; 556 struct net_device *dev; 557 char devname[IFNAMSIZ]; 558 unsigned int opt; 559 int res = 0; 560 561 if (level != SOL_AX25) 562 return -ENOPROTOOPT; 563 564 if (optlen < sizeof(unsigned int)) 565 return -EINVAL; 566 567 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 568 return -EFAULT; 569 570 lock_sock(sk); 571 ax25 = sk_to_ax25(sk); 572 573 switch (optname) { 574 case AX25_WINDOW: 575 if (ax25->modulus == AX25_MODULUS) { 576 if (opt < 1 || opt > 7) { 577 res = -EINVAL; 578 break; 579 } 580 } else { 581 if (opt < 1 || opt > 63) { 582 res = -EINVAL; 583 break; 584 } 585 } 586 ax25->window = opt; 587 break; 588 589 case AX25_T1: 590 if (opt < 1 || opt > UINT_MAX / HZ) { 591 res = -EINVAL; 592 break; 593 } 594 ax25->rtt = (opt * HZ) >> 1; 595 ax25->t1 = opt * HZ; 596 break; 597 598 case AX25_T2: 599 if (opt < 1 || opt > UINT_MAX / HZ) { 600 res = -EINVAL; 601 break; 602 } 603 ax25->t2 = opt * HZ; 604 break; 605 606 case AX25_N2: 607 if (opt < 1 || opt > 31) { 608 res = -EINVAL; 609 break; 610 } 611 ax25->n2 = opt; 612 break; 613 614 case AX25_T3: 615 if (opt < 1 || opt > UINT_MAX / HZ) { 616 res = -EINVAL; 617 break; 618 } 619 ax25->t3 = opt * HZ; 620 break; 621 622 case AX25_IDLE: 623 if (opt > UINT_MAX / (60 * HZ)) { 624 res = -EINVAL; 625 break; 626 } 627 ax25->idle = opt * 60 * HZ; 628 break; 629 630 case AX25_BACKOFF: 631 if (opt > 2) { 632 res = -EINVAL; 633 break; 634 } 635 ax25->backoff = opt; 636 break; 637 638 case AX25_EXTSEQ: 639 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 640 break; 641 642 case AX25_PIDINCL: 643 ax25->pidincl = opt ? 1 : 0; 644 break; 645 646 case AX25_IAMDIGI: 647 ax25->iamdigi = opt ? 1 : 0; 648 break; 649 650 case AX25_PACLEN: 651 if (opt < 16 || opt > 65535) { 652 res = -EINVAL; 653 break; 654 } 655 ax25->paclen = opt; 656 break; 657 658 case SO_BINDTODEVICE: 659 if (optlen > IFNAMSIZ - 1) 660 optlen = IFNAMSIZ - 1; 661 662 memset(devname, 0, sizeof(devname)); 663 664 if (copy_from_sockptr(devname, optval, optlen)) { 665 res = -EFAULT; 666 break; 667 } 668 669 if (sk->sk_type == SOCK_SEQPACKET && 670 (sock->state != SS_UNCONNECTED || 671 sk->sk_state == TCP_LISTEN)) { 672 res = -EADDRNOTAVAIL; 673 break; 674 } 675 676 rtnl_lock(); 677 dev = __dev_get_by_name(&init_net, devname); 678 if (!dev) { 679 rtnl_unlock(); 680 res = -ENODEV; 681 break; 682 } 683 684 ax25->ax25_dev = ax25_dev_ax25dev(dev); 685 if (!ax25->ax25_dev) { 686 rtnl_unlock(); 687 res = -ENODEV; 688 break; 689 } 690 ax25_fillin_cb(ax25, ax25->ax25_dev); 691 rtnl_unlock(); 692 break; 693 694 default: 695 res = -ENOPROTOOPT; 696 } 697 release_sock(sk); 698 699 return res; 700} 701 702static int ax25_getsockopt(struct socket *sock, int level, int optname, 703 char __user *optval, int __user *optlen) 704{ 705 struct sock *sk = sock->sk; 706 ax25_cb *ax25; 707 struct ax25_dev *ax25_dev; 708 char devname[IFNAMSIZ]; 709 void *valptr; 710 int val = 0; 711 int maxlen, length; 712 713 if (level != SOL_AX25) 714 return -ENOPROTOOPT; 715 716 if (get_user(maxlen, optlen)) 717 return -EFAULT; 718 719 if (maxlen < 1) 720 return -EFAULT; 721 722 valptr = (void *) &val; 723 length = min_t(unsigned int, maxlen, sizeof(int)); 724 725 lock_sock(sk); 726 ax25 = sk_to_ax25(sk); 727 728 switch (optname) { 729 case AX25_WINDOW: 730 val = ax25->window; 731 break; 732 733 case AX25_T1: 734 val = ax25->t1 / HZ; 735 break; 736 737 case AX25_T2: 738 val = ax25->t2 / HZ; 739 break; 740 741 case AX25_N2: 742 val = ax25->n2; 743 break; 744 745 case AX25_T3: 746 val = ax25->t3 / HZ; 747 break; 748 749 case AX25_IDLE: 750 val = ax25->idle / (60 * HZ); 751 break; 752 753 case AX25_BACKOFF: 754 val = ax25->backoff; 755 break; 756 757 case AX25_EXTSEQ: 758 val = (ax25->modulus == AX25_EMODULUS); 759 break; 760 761 case AX25_PIDINCL: 762 val = ax25->pidincl; 763 break; 764 765 case AX25_IAMDIGI: 766 val = ax25->iamdigi; 767 break; 768 769 case AX25_PACLEN: 770 val = ax25->paclen; 771 break; 772 773 case SO_BINDTODEVICE: 774 ax25_dev = ax25->ax25_dev; 775 776 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 777 strlcpy(devname, ax25_dev->dev->name, sizeof(devname)); 778 length = strlen(devname) + 1; 779 } else { 780 *devname = '\0'; 781 length = 1; 782 } 783 784 valptr = (void *) devname; 785 break; 786 787 default: 788 release_sock(sk); 789 return -ENOPROTOOPT; 790 } 791 release_sock(sk); 792 793 if (put_user(length, optlen)) 794 return -EFAULT; 795 796 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 797} 798 799static int ax25_listen(struct socket *sock, int backlog) 800{ 801 struct sock *sk = sock->sk; 802 int res = 0; 803 804 lock_sock(sk); 805 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 806 sk->sk_max_ack_backlog = backlog; 807 sk->sk_state = TCP_LISTEN; 808 goto out; 809 } 810 res = -EOPNOTSUPP; 811 812out: 813 release_sock(sk); 814 815 return res; 816} 817 818/* 819 * XXX: when creating ax25_sock we should update the .obj_size setting 820 * below. 821 */ 822static struct proto ax25_proto = { 823 .name = "AX25", 824 .owner = THIS_MODULE, 825 .obj_size = sizeof(struct ax25_sock), 826}; 827 828static int ax25_create(struct net *net, struct socket *sock, int protocol, 829 int kern) 830{ 831 struct sock *sk; 832 ax25_cb *ax25; 833 834 if (protocol < 0 || protocol > U8_MAX) 835 return -EINVAL; 836 837 if (!net_eq(net, &init_net)) 838 return -EAFNOSUPPORT; 839 840 switch (sock->type) { 841 case SOCK_DGRAM: 842 if (protocol == 0 || protocol == PF_AX25) 843 protocol = AX25_P_TEXT; 844 break; 845 846 case SOCK_SEQPACKET: 847 switch (protocol) { 848 case 0: 849 case PF_AX25: /* For CLX */ 850 protocol = AX25_P_TEXT; 851 break; 852 case AX25_P_SEGMENT: 853#ifdef CONFIG_INET 854 case AX25_P_ARP: 855 case AX25_P_IP: 856#endif 857#ifdef CONFIG_NETROM 858 case AX25_P_NETROM: 859#endif 860#ifdef CONFIG_ROSE 861 case AX25_P_ROSE: 862#endif 863 return -ESOCKTNOSUPPORT; 864#ifdef CONFIG_NETROM_MODULE 865 case AX25_P_NETROM: 866 if (ax25_protocol_is_registered(AX25_P_NETROM)) 867 return -ESOCKTNOSUPPORT; 868 break; 869#endif 870#ifdef CONFIG_ROSE_MODULE 871 case AX25_P_ROSE: 872 if (ax25_protocol_is_registered(AX25_P_ROSE)) 873 return -ESOCKTNOSUPPORT; 874#endif 875 default: 876 break; 877 } 878 break; 879 880 case SOCK_RAW: 881 if (!capable(CAP_NET_RAW)) 882 return -EPERM; 883 break; 884 default: 885 return -ESOCKTNOSUPPORT; 886 } 887 888 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 889 if (sk == NULL) 890 return -ENOMEM; 891 892 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 893 if (!ax25) { 894 sk_free(sk); 895 return -ENOMEM; 896 } 897 898 sock_init_data(sock, sk); 899 900 sk->sk_destruct = ax25_free_sock; 901 sock->ops = &ax25_proto_ops; 902 sk->sk_protocol = protocol; 903 904 ax25->sk = sk; 905 906 return 0; 907} 908 909struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 910{ 911 struct sock *sk; 912 ax25_cb *ax25, *oax25; 913 914 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 915 if (sk == NULL) 916 return NULL; 917 918 if ((ax25 = ax25_create_cb()) == NULL) { 919 sk_free(sk); 920 return NULL; 921 } 922 923 switch (osk->sk_type) { 924 case SOCK_DGRAM: 925 break; 926 case SOCK_SEQPACKET: 927 break; 928 default: 929 sk_free(sk); 930 ax25_cb_put(ax25); 931 return NULL; 932 } 933 934 sock_init_data(NULL, sk); 935 936 sk->sk_type = osk->sk_type; 937 sk->sk_priority = osk->sk_priority; 938 sk->sk_protocol = osk->sk_protocol; 939 sk->sk_rcvbuf = osk->sk_rcvbuf; 940 sk->sk_sndbuf = osk->sk_sndbuf; 941 sk->sk_state = TCP_ESTABLISHED; 942 sock_copy_flags(sk, osk); 943 944 oax25 = sk_to_ax25(osk); 945 946 ax25->modulus = oax25->modulus; 947 ax25->backoff = oax25->backoff; 948 ax25->pidincl = oax25->pidincl; 949 ax25->iamdigi = oax25->iamdigi; 950 ax25->rtt = oax25->rtt; 951 ax25->t1 = oax25->t1; 952 ax25->t2 = oax25->t2; 953 ax25->t3 = oax25->t3; 954 ax25->n2 = oax25->n2; 955 ax25->idle = oax25->idle; 956 ax25->paclen = oax25->paclen; 957 ax25->window = oax25->window; 958 959 ax25->ax25_dev = ax25_dev; 960 ax25->source_addr = oax25->source_addr; 961 962 if (oax25->digipeat != NULL) { 963 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 964 GFP_ATOMIC); 965 if (ax25->digipeat == NULL) { 966 sk_free(sk); 967 ax25_cb_put(ax25); 968 return NULL; 969 } 970 } 971 972 ax25_sk(sk)->cb = ax25; 973 sk->sk_destruct = ax25_free_sock; 974 ax25->sk = sk; 975 976 return sk; 977} 978 979static int ax25_release(struct socket *sock) 980{ 981 struct sock *sk = sock->sk; 982 ax25_cb *ax25; 983 ax25_dev *ax25_dev; 984 985 if (sk == NULL) 986 return 0; 987 988 sock_hold(sk); 989 lock_sock(sk); 990 sock_orphan(sk); 991 ax25 = sk_to_ax25(sk); 992 ax25_dev = ax25->ax25_dev; 993 994 if (sk->sk_type == SOCK_SEQPACKET) { 995 switch (ax25->state) { 996 case AX25_STATE_0: 997 release_sock(sk); 998 ax25_disconnect(ax25, 0); 999 lock_sock(sk); 1000 ax25_destroy_socket(ax25); 1001 break; 1002 1003 case AX25_STATE_1: 1004 case AX25_STATE_2: 1005 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 1006 release_sock(sk); 1007 ax25_disconnect(ax25, 0); 1008 lock_sock(sk); 1009 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 1010 ax25_destroy_socket(ax25); 1011 break; 1012 1013 case AX25_STATE_3: 1014 case AX25_STATE_4: 1015 ax25_clear_queues(ax25); 1016 ax25->n2count = 0; 1017 1018 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1019 case AX25_PROTO_STD_SIMPLEX: 1020 case AX25_PROTO_STD_DUPLEX: 1021 ax25_send_control(ax25, 1022 AX25_DISC, 1023 AX25_POLLON, 1024 AX25_COMMAND); 1025 ax25_stop_t2timer(ax25); 1026 ax25_stop_t3timer(ax25); 1027 ax25_stop_idletimer(ax25); 1028 break; 1029#ifdef CONFIG_AX25_DAMA_SLAVE 1030 case AX25_PROTO_DAMA_SLAVE: 1031 ax25_stop_t3timer(ax25); 1032 ax25_stop_idletimer(ax25); 1033 break; 1034#endif 1035 } 1036 ax25_calculate_t1(ax25); 1037 ax25_start_t1timer(ax25); 1038 ax25->state = AX25_STATE_2; 1039 sk->sk_state = TCP_CLOSE; 1040 sk->sk_shutdown |= SEND_SHUTDOWN; 1041 sk->sk_state_change(sk); 1042 sock_set_flag(sk, SOCK_DESTROY); 1043 break; 1044 1045 default: 1046 break; 1047 } 1048 } else { 1049 sk->sk_state = TCP_CLOSE; 1050 sk->sk_shutdown |= SEND_SHUTDOWN; 1051 sk->sk_state_change(sk); 1052 ax25_destroy_socket(ax25); 1053 } 1054 if (ax25_dev) { 1055 del_timer_sync(&ax25->timer); 1056 del_timer_sync(&ax25->t1timer); 1057 del_timer_sync(&ax25->t2timer); 1058 del_timer_sync(&ax25->t3timer); 1059 del_timer_sync(&ax25->idletimer); 1060 dev_put(ax25_dev->dev); 1061 ax25_dev_put(ax25_dev); 1062 } 1063 1064 sock->sk = NULL; 1065 release_sock(sk); 1066 sock_put(sk); 1067 1068 return 0; 1069} 1070 1071/* 1072 * We support a funny extension here so you can (as root) give any callsign 1073 * digipeated via a local address as source. This hack is obsolete now 1074 * that we've implemented support for SO_BINDTODEVICE. It is however small 1075 * and trivially backward compatible. 1076 */ 1077static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1078{ 1079 struct sock *sk = sock->sk; 1080 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1081 ax25_dev *ax25_dev = NULL; 1082 ax25_uid_assoc *user; 1083 ax25_address call; 1084 ax25_cb *ax25; 1085 int err = 0; 1086 1087 if (addr_len != sizeof(struct sockaddr_ax25) && 1088 addr_len != sizeof(struct full_sockaddr_ax25)) 1089 /* support for old structure may go away some time 1090 * ax25_bind(): uses old (6 digipeater) socket structure. 1091 */ 1092 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1093 (addr_len > sizeof(struct full_sockaddr_ax25))) 1094 return -EINVAL; 1095 1096 if (addr->fsa_ax25.sax25_family != AF_AX25) 1097 return -EINVAL; 1098 1099 user = ax25_findbyuid(current_euid()); 1100 if (user) { 1101 call = user->call; 1102 ax25_uid_put(user); 1103 } else { 1104 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1105 return -EACCES; 1106 1107 call = addr->fsa_ax25.sax25_call; 1108 } 1109 1110 lock_sock(sk); 1111 1112 ax25 = sk_to_ax25(sk); 1113 if (!sock_flag(sk, SOCK_ZAPPED)) { 1114 err = -EINVAL; 1115 goto out; 1116 } 1117 1118 ax25->source_addr = call; 1119 1120 /* 1121 * User already set interface with SO_BINDTODEVICE 1122 */ 1123 if (ax25->ax25_dev != NULL) 1124 goto done; 1125 1126 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1127 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1128 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1129 err = -EADDRNOTAVAIL; 1130 goto out; 1131 } 1132 } else { 1133 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1134 err = -EADDRNOTAVAIL; 1135 goto out; 1136 } 1137 } 1138 1139 if (ax25_dev) { 1140 ax25_fillin_cb(ax25, ax25_dev); 1141 dev_hold(ax25_dev->dev); 1142 } 1143 1144done: 1145 ax25_cb_add(ax25); 1146 sock_reset_flag(sk, SOCK_ZAPPED); 1147 1148out: 1149 release_sock(sk); 1150 1151 return err; 1152} 1153 1154/* 1155 * FIXME: nonblock behaviour looks like it may have a bug. 1156 */ 1157static int __must_check ax25_connect(struct socket *sock, 1158 struct sockaddr *uaddr, int addr_len, int flags) 1159{ 1160 struct sock *sk = sock->sk; 1161 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1162 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1163 ax25_digi *digi = NULL; 1164 int ct = 0, err = 0; 1165 1166 /* 1167 * some sanity checks. code further down depends on this 1168 */ 1169 1170 if (addr_len == sizeof(struct sockaddr_ax25)) 1171 /* support for this will go away in early 2.5.x 1172 * ax25_connect(): uses obsolete socket structure 1173 */ 1174 ; 1175 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1176 /* support for old structure may go away some time 1177 * ax25_connect(): uses old (6 digipeater) socket structure. 1178 */ 1179 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1180 (addr_len > sizeof(struct full_sockaddr_ax25))) 1181 return -EINVAL; 1182 1183 1184 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1185 return -EINVAL; 1186 1187 lock_sock(sk); 1188 1189 /* deal with restarts */ 1190 if (sock->state == SS_CONNECTING) { 1191 switch (sk->sk_state) { 1192 case TCP_SYN_SENT: /* still trying */ 1193 err = -EINPROGRESS; 1194 goto out_release; 1195 1196 case TCP_ESTABLISHED: /* connection established */ 1197 sock->state = SS_CONNECTED; 1198 goto out_release; 1199 1200 case TCP_CLOSE: /* connection refused */ 1201 sock->state = SS_UNCONNECTED; 1202 err = -ECONNREFUSED; 1203 goto out_release; 1204 } 1205 } 1206 1207 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1208 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1209 goto out_release; 1210 } 1211 1212 sk->sk_state = TCP_CLOSE; 1213 sock->state = SS_UNCONNECTED; 1214 1215 kfree(ax25->digipeat); 1216 ax25->digipeat = NULL; 1217 1218 /* 1219 * Handle digi-peaters to be used. 1220 */ 1221 if (addr_len > sizeof(struct sockaddr_ax25) && 1222 fsa->fsa_ax25.sax25_ndigis != 0) { 1223 /* Valid number of digipeaters ? */ 1224 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1225 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1226 addr_len < sizeof(struct sockaddr_ax25) + 1227 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1228 err = -EINVAL; 1229 goto out_release; 1230 } 1231 1232 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1233 err = -ENOBUFS; 1234 goto out_release; 1235 } 1236 1237 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1238 digi->lastrepeat = -1; 1239 1240 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1241 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1242 AX25_HBIT) && ax25->iamdigi) { 1243 digi->repeated[ct] = 1; 1244 digi->lastrepeat = ct; 1245 } else { 1246 digi->repeated[ct] = 0; 1247 } 1248 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1249 ct++; 1250 } 1251 } 1252 1253 /* 1254 * Must bind first - autobinding in this may or may not work. If 1255 * the socket is already bound, check to see if the device has 1256 * been filled in, error if it hasn't. 1257 */ 1258 if (sock_flag(sk, SOCK_ZAPPED)) { 1259 /* check if we can remove this feature. It is broken. */ 1260 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1261 current->comm); 1262 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1263 kfree(digi); 1264 goto out_release; 1265 } 1266 1267 ax25_fillin_cb(ax25, ax25->ax25_dev); 1268 ax25_cb_add(ax25); 1269 } else { 1270 if (ax25->ax25_dev == NULL) { 1271 kfree(digi); 1272 err = -EHOSTUNREACH; 1273 goto out_release; 1274 } 1275 } 1276 1277 if (sk->sk_type == SOCK_SEQPACKET && 1278 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1279 ax25->ax25_dev->dev))) { 1280 kfree(digi); 1281 err = -EADDRINUSE; /* Already such a connection */ 1282 ax25_cb_put(ax25t); 1283 goto out_release; 1284 } 1285 1286 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1287 ax25->digipeat = digi; 1288 1289 /* First the easy one */ 1290 if (sk->sk_type != SOCK_SEQPACKET) { 1291 sock->state = SS_CONNECTED; 1292 sk->sk_state = TCP_ESTABLISHED; 1293 goto out_release; 1294 } 1295 1296 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1297 sock->state = SS_CONNECTING; 1298 sk->sk_state = TCP_SYN_SENT; 1299 1300 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1301 case AX25_PROTO_STD_SIMPLEX: 1302 case AX25_PROTO_STD_DUPLEX: 1303 ax25_std_establish_data_link(ax25); 1304 break; 1305 1306#ifdef CONFIG_AX25_DAMA_SLAVE 1307 case AX25_PROTO_DAMA_SLAVE: 1308 ax25->modulus = AX25_MODULUS; 1309 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1310 if (ax25->ax25_dev->dama.slave) 1311 ax25_ds_establish_data_link(ax25); 1312 else 1313 ax25_std_establish_data_link(ax25); 1314 break; 1315#endif 1316 } 1317 1318 ax25->state = AX25_STATE_1; 1319 1320 ax25_start_heartbeat(ax25); 1321 1322 /* Now the loop */ 1323 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1324 err = -EINPROGRESS; 1325 goto out_release; 1326 } 1327 1328 if (sk->sk_state == TCP_SYN_SENT) { 1329 DEFINE_WAIT(wait); 1330 1331 for (;;) { 1332 prepare_to_wait(sk_sleep(sk), &wait, 1333 TASK_INTERRUPTIBLE); 1334 if (sk->sk_state != TCP_SYN_SENT) 1335 break; 1336 if (!signal_pending(current)) { 1337 release_sock(sk); 1338 schedule(); 1339 lock_sock(sk); 1340 continue; 1341 } 1342 err = -ERESTARTSYS; 1343 break; 1344 } 1345 finish_wait(sk_sleep(sk), &wait); 1346 1347 if (err) 1348 goto out_release; 1349 } 1350 1351 if (sk->sk_state != TCP_ESTABLISHED) { 1352 /* Not in ABM, not in WAIT_UA -> failed */ 1353 sock->state = SS_UNCONNECTED; 1354 err = sock_error(sk); /* Always set at this point */ 1355 goto out_release; 1356 } 1357 1358 sock->state = SS_CONNECTED; 1359 1360 err = 0; 1361out_release: 1362 release_sock(sk); 1363 1364 return err; 1365} 1366 1367static int ax25_accept(struct socket *sock, struct socket *newsock, int flags, 1368 bool kern) 1369{ 1370 struct sk_buff *skb; 1371 struct sock *newsk; 1372 DEFINE_WAIT(wait); 1373 struct sock *sk; 1374 int err = 0; 1375 1376 if (sock->state != SS_UNCONNECTED) 1377 return -EINVAL; 1378 1379 if ((sk = sock->sk) == NULL) 1380 return -EINVAL; 1381 1382 lock_sock(sk); 1383 if (sk->sk_type != SOCK_SEQPACKET) { 1384 err = -EOPNOTSUPP; 1385 goto out; 1386 } 1387 1388 if (sk->sk_state != TCP_LISTEN) { 1389 err = -EINVAL; 1390 goto out; 1391 } 1392 1393 /* 1394 * The read queue this time is holding sockets ready to use 1395 * hooked into the SABM we saved 1396 */ 1397 for (;;) { 1398 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1399 skb = skb_dequeue(&sk->sk_receive_queue); 1400 if (skb) 1401 break; 1402 1403 if (flags & O_NONBLOCK) { 1404 err = -EWOULDBLOCK; 1405 break; 1406 } 1407 if (!signal_pending(current)) { 1408 release_sock(sk); 1409 schedule(); 1410 lock_sock(sk); 1411 continue; 1412 } 1413 err = -ERESTARTSYS; 1414 break; 1415 } 1416 finish_wait(sk_sleep(sk), &wait); 1417 1418 if (err) 1419 goto out; 1420 1421 newsk = skb->sk; 1422 sock_graft(newsk, newsock); 1423 1424 /* Now attach up the new socket */ 1425 kfree_skb(skb); 1426 sk_acceptq_removed(sk); 1427 newsock->state = SS_CONNECTED; 1428 1429out: 1430 release_sock(sk); 1431 1432 return err; 1433} 1434 1435static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1436 int peer) 1437{ 1438 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1439 struct sock *sk = sock->sk; 1440 unsigned char ndigi, i; 1441 ax25_cb *ax25; 1442 int err = 0; 1443 1444 memset(fsa, 0, sizeof(*fsa)); 1445 lock_sock(sk); 1446 ax25 = sk_to_ax25(sk); 1447 1448 if (peer != 0) { 1449 if (sk->sk_state != TCP_ESTABLISHED) { 1450 err = -ENOTCONN; 1451 goto out; 1452 } 1453 1454 fsa->fsa_ax25.sax25_family = AF_AX25; 1455 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1456 1457 if (ax25->digipeat != NULL) { 1458 ndigi = ax25->digipeat->ndigi; 1459 fsa->fsa_ax25.sax25_ndigis = ndigi; 1460 for (i = 0; i < ndigi; i++) 1461 fsa->fsa_digipeater[i] = 1462 ax25->digipeat->calls[i]; 1463 } 1464 } else { 1465 fsa->fsa_ax25.sax25_family = AF_AX25; 1466 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1467 fsa->fsa_ax25.sax25_ndigis = 1; 1468 if (ax25->ax25_dev != NULL) { 1469 memcpy(&fsa->fsa_digipeater[0], 1470 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1471 } else { 1472 fsa->fsa_digipeater[0] = null_ax25_address; 1473 } 1474 } 1475 err = sizeof (struct full_sockaddr_ax25); 1476 1477out: 1478 release_sock(sk); 1479 1480 return err; 1481} 1482 1483static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1484{ 1485 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1486 struct sock *sk = sock->sk; 1487 struct sockaddr_ax25 sax; 1488 struct sk_buff *skb; 1489 ax25_digi dtmp, *dp; 1490 ax25_cb *ax25; 1491 size_t size; 1492 int lv, err, addr_len = msg->msg_namelen; 1493 1494 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1495 return -EINVAL; 1496 1497 lock_sock(sk); 1498 ax25 = sk_to_ax25(sk); 1499 1500 if (sock_flag(sk, SOCK_ZAPPED)) { 1501 err = -EADDRNOTAVAIL; 1502 goto out; 1503 } 1504 1505 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1506 send_sig(SIGPIPE, current, 0); 1507 err = -EPIPE; 1508 goto out; 1509 } 1510 1511 if (ax25->ax25_dev == NULL) { 1512 err = -ENETUNREACH; 1513 goto out; 1514 } 1515 1516 if (len > ax25->ax25_dev->dev->mtu) { 1517 err = -EMSGSIZE; 1518 goto out; 1519 } 1520 1521 if (usax != NULL) { 1522 if (usax->sax25_family != AF_AX25) { 1523 err = -EINVAL; 1524 goto out; 1525 } 1526 1527 if (addr_len == sizeof(struct sockaddr_ax25)) 1528 /* ax25_sendmsg(): uses obsolete socket structure */ 1529 ; 1530 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1531 /* support for old structure may go away some time 1532 * ax25_sendmsg(): uses old (6 digipeater) 1533 * socket structure. 1534 */ 1535 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1536 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1537 err = -EINVAL; 1538 goto out; 1539 } 1540 1541 1542 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1543 int ct = 0; 1544 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1545 1546 /* Valid number of digipeaters ? */ 1547 if (usax->sax25_ndigis < 1 || 1548 usax->sax25_ndigis > AX25_MAX_DIGIS || 1549 addr_len < sizeof(struct sockaddr_ax25) + 1550 sizeof(ax25_address) * usax->sax25_ndigis) { 1551 err = -EINVAL; 1552 goto out; 1553 } 1554 1555 dtmp.ndigi = usax->sax25_ndigis; 1556 1557 while (ct < usax->sax25_ndigis) { 1558 dtmp.repeated[ct] = 0; 1559 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1560 ct++; 1561 } 1562 1563 dtmp.lastrepeat = 0; 1564 } 1565 1566 sax = *usax; 1567 if (sk->sk_type == SOCK_SEQPACKET && 1568 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1569 err = -EISCONN; 1570 goto out; 1571 } 1572 if (usax->sax25_ndigis == 0) 1573 dp = NULL; 1574 else 1575 dp = &dtmp; 1576 } else { 1577 /* 1578 * FIXME: 1003.1g - if the socket is like this because 1579 * it has become closed (not started closed) and is VC 1580 * we ought to SIGPIPE, EPIPE 1581 */ 1582 if (sk->sk_state != TCP_ESTABLISHED) { 1583 err = -ENOTCONN; 1584 goto out; 1585 } 1586 sax.sax25_family = AF_AX25; 1587 sax.sax25_call = ax25->dest_addr; 1588 dp = ax25->digipeat; 1589 } 1590 1591 /* Build a packet */ 1592 /* Assume the worst case */ 1593 size = len + ax25->ax25_dev->dev->hard_header_len; 1594 1595 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1596 if (skb == NULL) 1597 goto out; 1598 1599 skb_reserve(skb, size - len); 1600 1601 /* User data follows immediately after the AX.25 data */ 1602 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1603 err = -EFAULT; 1604 kfree_skb(skb); 1605 goto out; 1606 } 1607 1608 skb_reset_network_header(skb); 1609 1610 /* Add the PID if one is not supplied by the user in the skb */ 1611 if (!ax25->pidincl) 1612 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1613 1614 if (sk->sk_type == SOCK_SEQPACKET) { 1615 /* Connected mode sockets go via the LAPB machine */ 1616 if (sk->sk_state != TCP_ESTABLISHED) { 1617 kfree_skb(skb); 1618 err = -ENOTCONN; 1619 goto out; 1620 } 1621 1622 /* Shove it onto the queue and kick */ 1623 ax25_output(ax25, ax25->paclen, skb); 1624 1625 err = len; 1626 goto out; 1627 } 1628 1629 skb_push(skb, 1 + ax25_addr_size(dp)); 1630 1631 /* Building AX.25 Header */ 1632 1633 /* Build an AX.25 header */ 1634 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1635 dp, AX25_COMMAND, AX25_MODULUS); 1636 1637 skb_set_transport_header(skb, lv); 1638 1639 *skb_transport_header(skb) = AX25_UI; 1640 1641 /* Datagram frames go straight out of the door as UI */ 1642 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1643 1644 err = len; 1645 1646out: 1647 release_sock(sk); 1648 1649 return err; 1650} 1651 1652static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1653 int flags) 1654{ 1655 struct sock *sk = sock->sk; 1656 struct sk_buff *skb, *last; 1657 struct sk_buff_head *sk_queue; 1658 int copied; 1659 int err = 0; 1660 int off = 0; 1661 long timeo; 1662 1663 lock_sock(sk); 1664 /* 1665 * This works for seqpacket too. The receiver has ordered the 1666 * queue for us! We do one quick check first though 1667 */ 1668 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1669 err = -ENOTCONN; 1670 goto out; 1671 } 1672 1673 /* We need support for non-blocking reads. */ 1674 sk_queue = &sk->sk_receive_queue; 1675 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, &err, &last); 1676 /* If no packet is available, release_sock(sk) and try again. */ 1677 if (!skb) { 1678 if (err != -EAGAIN) 1679 goto out; 1680 release_sock(sk); 1681 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); 1682 while (timeo && !__skb_wait_for_more_packets(sk, sk_queue, &err, 1683 &timeo, last)) { 1684 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, 1685 &err, &last); 1686 if (skb) 1687 break; 1688 1689 if (err != -EAGAIN) 1690 goto done; 1691 } 1692 if (!skb) 1693 goto done; 1694 lock_sock(sk); 1695 } 1696 1697 if (!sk_to_ax25(sk)->pidincl) 1698 skb_pull(skb, 1); /* Remove PID */ 1699 1700 skb_reset_transport_header(skb); 1701 copied = skb->len; 1702 1703 if (copied > size) { 1704 copied = size; 1705 msg->msg_flags |= MSG_TRUNC; 1706 } 1707 1708 skb_copy_datagram_msg(skb, 0, msg, copied); 1709 1710 if (msg->msg_name) { 1711 ax25_digi digi; 1712 ax25_address src; 1713 const unsigned char *mac = skb_mac_header(skb); 1714 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1715 1716 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1717 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1718 &digi, NULL, NULL); 1719 sax->sax25_family = AF_AX25; 1720 /* We set this correctly, even though we may not let the 1721 application know the digi calls further down (because it 1722 did NOT ask to know them). This could get political... **/ 1723 sax->sax25_ndigis = digi.ndigi; 1724 sax->sax25_call = src; 1725 1726 if (sax->sax25_ndigis != 0) { 1727 int ct; 1728 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1729 1730 for (ct = 0; ct < digi.ndigi; ct++) 1731 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1732 } 1733 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1734 } 1735 1736 skb_free_datagram(sk, skb); 1737 err = copied; 1738 1739out: 1740 release_sock(sk); 1741 1742done: 1743 return err; 1744} 1745 1746static int ax25_shutdown(struct socket *sk, int how) 1747{ 1748 /* FIXME - generate DM and RNR states */ 1749 return -EOPNOTSUPP; 1750} 1751 1752static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1753{ 1754 struct sock *sk = sock->sk; 1755 void __user *argp = (void __user *)arg; 1756 int res = 0; 1757 1758 lock_sock(sk); 1759 switch (cmd) { 1760 case TIOCOUTQ: { 1761 long amount; 1762 1763 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1764 if (amount < 0) 1765 amount = 0; 1766 res = put_user(amount, (int __user *)argp); 1767 break; 1768 } 1769 1770 case TIOCINQ: { 1771 struct sk_buff *skb; 1772 long amount = 0L; 1773 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1774 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1775 amount = skb->len; 1776 res = put_user(amount, (int __user *) argp); 1777 break; 1778 } 1779 1780 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1781 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1782 case SIOCAX25GETUID: { 1783 struct sockaddr_ax25 sax25; 1784 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1785 res = -EFAULT; 1786 break; 1787 } 1788 res = ax25_uid_ioctl(cmd, &sax25); 1789 break; 1790 } 1791 1792 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1793 long amount; 1794 if (!capable(CAP_NET_ADMIN)) { 1795 res = -EPERM; 1796 break; 1797 } 1798 if (get_user(amount, (long __user *)argp)) { 1799 res = -EFAULT; 1800 break; 1801 } 1802 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1803 res = -EINVAL; 1804 break; 1805 } 1806 ax25_uid_policy = amount; 1807 res = 0; 1808 break; 1809 } 1810 1811 case SIOCADDRT: 1812 case SIOCDELRT: 1813 case SIOCAX25OPTRT: 1814 if (!capable(CAP_NET_ADMIN)) { 1815 res = -EPERM; 1816 break; 1817 } 1818 res = ax25_rt_ioctl(cmd, argp); 1819 break; 1820 1821 case SIOCAX25CTLCON: 1822 if (!capable(CAP_NET_ADMIN)) { 1823 res = -EPERM; 1824 break; 1825 } 1826 res = ax25_ctl_ioctl(cmd, argp); 1827 break; 1828 1829 case SIOCAX25GETINFO: 1830 case SIOCAX25GETINFOOLD: { 1831 ax25_cb *ax25 = sk_to_ax25(sk); 1832 struct ax25_info_struct ax25_info; 1833 1834 ax25_info.t1 = ax25->t1 / HZ; 1835 ax25_info.t2 = ax25->t2 / HZ; 1836 ax25_info.t3 = ax25->t3 / HZ; 1837 ax25_info.idle = ax25->idle / (60 * HZ); 1838 ax25_info.n2 = ax25->n2; 1839 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1840 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1841 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1842 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1843 ax25_info.n2count = ax25->n2count; 1844 ax25_info.state = ax25->state; 1845 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1846 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1847 ax25_info.vs = ax25->vs; 1848 ax25_info.vr = ax25->vr; 1849 ax25_info.va = ax25->va; 1850 ax25_info.vs_max = ax25->vs; /* reserved */ 1851 ax25_info.paclen = ax25->paclen; 1852 ax25_info.window = ax25->window; 1853 1854 /* old structure? */ 1855 if (cmd == SIOCAX25GETINFOOLD) { 1856 static int warned = 0; 1857 if (!warned) { 1858 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1859 current->comm); 1860 warned=1; 1861 } 1862 1863 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1864 res = -EFAULT; 1865 break; 1866 } 1867 } else { 1868 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1869 res = -EINVAL; 1870 break; 1871 } 1872 } 1873 res = 0; 1874 break; 1875 } 1876 1877 case SIOCAX25ADDFWD: 1878 case SIOCAX25DELFWD: { 1879 struct ax25_fwd_struct ax25_fwd; 1880 if (!capable(CAP_NET_ADMIN)) { 1881 res = -EPERM; 1882 break; 1883 } 1884 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1885 res = -EFAULT; 1886 break; 1887 } 1888 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1889 break; 1890 } 1891 1892 case SIOCGIFADDR: 1893 case SIOCSIFADDR: 1894 case SIOCGIFDSTADDR: 1895 case SIOCSIFDSTADDR: 1896 case SIOCGIFBRDADDR: 1897 case SIOCSIFBRDADDR: 1898 case SIOCGIFNETMASK: 1899 case SIOCSIFNETMASK: 1900 case SIOCGIFMETRIC: 1901 case SIOCSIFMETRIC: 1902 res = -EINVAL; 1903 break; 1904 1905 default: 1906 res = -ENOIOCTLCMD; 1907 break; 1908 } 1909 release_sock(sk); 1910 1911 return res; 1912} 1913 1914#ifdef CONFIG_PROC_FS 1915 1916static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1917 __acquires(ax25_list_lock) 1918{ 1919 spin_lock_bh(&ax25_list_lock); 1920 return seq_hlist_start(&ax25_list, *pos); 1921} 1922 1923static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1924{ 1925 return seq_hlist_next(v, &ax25_list, pos); 1926} 1927 1928static void ax25_info_stop(struct seq_file *seq, void *v) 1929 __releases(ax25_list_lock) 1930{ 1931 spin_unlock_bh(&ax25_list_lock); 1932} 1933 1934static int ax25_info_show(struct seq_file *seq, void *v) 1935{ 1936 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1937 char buf[11]; 1938 int k; 1939 1940 1941 /* 1942 * New format: 1943 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1944 */ 1945 1946 seq_printf(seq, "%p %s %s%s ", 1947 ax25, 1948 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1949 ax2asc(buf, &ax25->source_addr), 1950 ax25->iamdigi? "*":""); 1951 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1952 1953 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1954 seq_printf(seq, ",%s%s", 1955 ax2asc(buf, &ax25->digipeat->calls[k]), 1956 ax25->digipeat->repeated[k]? "*":""); 1957 } 1958 1959 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1960 ax25->state, 1961 ax25->vs, ax25->vr, ax25->va, 1962 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1963 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1964 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1965 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1966 ax25->idle / (60 * HZ), 1967 ax25->n2count, ax25->n2, 1968 ax25->rtt / HZ, 1969 ax25->window, 1970 ax25->paclen); 1971 1972 if (ax25->sk != NULL) { 1973 seq_printf(seq, " %d %d %lu\n", 1974 sk_wmem_alloc_get(ax25->sk), 1975 sk_rmem_alloc_get(ax25->sk), 1976 sock_i_ino(ax25->sk)); 1977 } else { 1978 seq_puts(seq, " * * *\n"); 1979 } 1980 return 0; 1981} 1982 1983static const struct seq_operations ax25_info_seqops = { 1984 .start = ax25_info_start, 1985 .next = ax25_info_next, 1986 .stop = ax25_info_stop, 1987 .show = ax25_info_show, 1988}; 1989#endif 1990 1991static const struct net_proto_family ax25_family_ops = { 1992 .family = PF_AX25, 1993 .create = ax25_create, 1994 .owner = THIS_MODULE, 1995}; 1996 1997static const struct proto_ops ax25_proto_ops = { 1998 .family = PF_AX25, 1999 .owner = THIS_MODULE, 2000 .release = ax25_release, 2001 .bind = ax25_bind, 2002 .connect = ax25_connect, 2003 .socketpair = sock_no_socketpair, 2004 .accept = ax25_accept, 2005 .getname = ax25_getname, 2006 .poll = datagram_poll, 2007 .ioctl = ax25_ioctl, 2008 .gettstamp = sock_gettstamp, 2009 .listen = ax25_listen, 2010 .shutdown = ax25_shutdown, 2011 .setsockopt = ax25_setsockopt, 2012 .getsockopt = ax25_getsockopt, 2013 .sendmsg = ax25_sendmsg, 2014 .recvmsg = ax25_recvmsg, 2015 .mmap = sock_no_mmap, 2016 .sendpage = sock_no_sendpage, 2017}; 2018 2019/* 2020 * Called by socket.c on kernel start up 2021 */ 2022static struct packet_type ax25_packet_type __read_mostly = { 2023 .type = cpu_to_be16(ETH_P_AX25), 2024 .func = ax25_kiss_rcv, 2025}; 2026 2027static struct notifier_block ax25_dev_notifier = { 2028 .notifier_call = ax25_device_event, 2029}; 2030 2031static int __init ax25_init(void) 2032{ 2033 int rc = proto_register(&ax25_proto, 0); 2034 2035 if (rc != 0) 2036 goto out; 2037 2038 sock_register(&ax25_family_ops); 2039 dev_add_pack(&ax25_packet_type); 2040 register_netdevice_notifier(&ax25_dev_notifier); 2041 2042 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 2043 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 2044 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 2045 &ax25_uid_seqops); 2046out: 2047 return rc; 2048} 2049module_init(ax25_init); 2050 2051 2052MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2053MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2054MODULE_LICENSE("GPL"); 2055MODULE_ALIAS_NETPROTO(PF_AX25); 2056 2057static void __exit ax25_exit(void) 2058{ 2059 remove_proc_entry("ax25_route", init_net.proc_net); 2060 remove_proc_entry("ax25", init_net.proc_net); 2061 remove_proc_entry("ax25_calls", init_net.proc_net); 2062 2063 unregister_netdevice_notifier(&ax25_dev_notifier); 2064 2065 dev_remove_pack(&ax25_packet_type); 2066 2067 sock_unregister(PF_AX25); 2068 proto_unregister(&ax25_proto); 2069 2070 ax25_rt_free(); 2071 ax25_uid_free(); 2072 ax25_dev_free(); 2073} 2074module_exit(ax25_exit); 2075