162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * 462306a36Sopenharmony_ci * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 562306a36Sopenharmony_ci * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 662306a36Sopenharmony_ci * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 762306a36Sopenharmony_ci * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 862306a36Sopenharmony_ci */ 962306a36Sopenharmony_ci#include <linux/errno.h> 1062306a36Sopenharmony_ci#include <linux/types.h> 1162306a36Sopenharmony_ci#include <linux/socket.h> 1262306a36Sopenharmony_ci#include <linux/in.h> 1362306a36Sopenharmony_ci#include <linux/kernel.h> 1462306a36Sopenharmony_ci#include <linux/timer.h> 1562306a36Sopenharmony_ci#include <linux/string.h> 1662306a36Sopenharmony_ci#include <linux/sockios.h> 1762306a36Sopenharmony_ci#include <linux/net.h> 1862306a36Sopenharmony_ci#include <linux/slab.h> 1962306a36Sopenharmony_ci#include <net/ax25.h> 2062306a36Sopenharmony_ci#include <linux/inet.h> 2162306a36Sopenharmony_ci#include <linux/netdevice.h> 2262306a36Sopenharmony_ci#include <linux/skbuff.h> 2362306a36Sopenharmony_ci#include <net/sock.h> 2462306a36Sopenharmony_ci#include <net/tcp_states.h> 2562306a36Sopenharmony_ci#include <linux/uaccess.h> 2662306a36Sopenharmony_ci#include <linux/fcntl.h> 2762306a36Sopenharmony_ci#include <linux/mm.h> 2862306a36Sopenharmony_ci#include <linux/interrupt.h> 2962306a36Sopenharmony_ci 3062306a36Sopenharmony_ci/* 3162306a36Sopenharmony_ci * This routine purges all the queues of frames. 3262306a36Sopenharmony_ci */ 3362306a36Sopenharmony_civoid ax25_clear_queues(ax25_cb *ax25) 3462306a36Sopenharmony_ci{ 3562306a36Sopenharmony_ci skb_queue_purge(&ax25->write_queue); 3662306a36Sopenharmony_ci skb_queue_purge(&ax25->ack_queue); 3762306a36Sopenharmony_ci skb_queue_purge(&ax25->reseq_queue); 3862306a36Sopenharmony_ci skb_queue_purge(&ax25->frag_queue); 3962306a36Sopenharmony_ci} 4062306a36Sopenharmony_ci 4162306a36Sopenharmony_ci/* 4262306a36Sopenharmony_ci * This routine purges the input queue of those frames that have been 4362306a36Sopenharmony_ci * acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the 4462306a36Sopenharmony_ci * SDL diagram. 4562306a36Sopenharmony_ci */ 4662306a36Sopenharmony_civoid ax25_frames_acked(ax25_cb *ax25, unsigned short nr) 4762306a36Sopenharmony_ci{ 4862306a36Sopenharmony_ci struct sk_buff *skb; 4962306a36Sopenharmony_ci 5062306a36Sopenharmony_ci /* 5162306a36Sopenharmony_ci * Remove all the ack-ed frames from the ack queue. 5262306a36Sopenharmony_ci */ 5362306a36Sopenharmony_ci if (ax25->va != nr) { 5462306a36Sopenharmony_ci while (skb_peek(&ax25->ack_queue) != NULL && ax25->va != nr) { 5562306a36Sopenharmony_ci skb = skb_dequeue(&ax25->ack_queue); 5662306a36Sopenharmony_ci kfree_skb(skb); 5762306a36Sopenharmony_ci ax25->va = (ax25->va + 1) % ax25->modulus; 5862306a36Sopenharmony_ci } 5962306a36Sopenharmony_ci } 6062306a36Sopenharmony_ci} 6162306a36Sopenharmony_ci 6262306a36Sopenharmony_civoid ax25_requeue_frames(ax25_cb *ax25) 6362306a36Sopenharmony_ci{ 6462306a36Sopenharmony_ci struct sk_buff *skb; 6562306a36Sopenharmony_ci 6662306a36Sopenharmony_ci /* 6762306a36Sopenharmony_ci * Requeue all the un-ack-ed frames on the output queue to be picked 6862306a36Sopenharmony_ci * up by ax25_kick called from the timer. This arrangement handles the 6962306a36Sopenharmony_ci * possibility of an empty output queue. 7062306a36Sopenharmony_ci */ 7162306a36Sopenharmony_ci while ((skb = skb_dequeue_tail(&ax25->ack_queue)) != NULL) 7262306a36Sopenharmony_ci skb_queue_head(&ax25->write_queue, skb); 7362306a36Sopenharmony_ci} 7462306a36Sopenharmony_ci 7562306a36Sopenharmony_ci/* 7662306a36Sopenharmony_ci * Validate that the value of nr is between va and vs. Return true or 7762306a36Sopenharmony_ci * false for testing. 7862306a36Sopenharmony_ci */ 7962306a36Sopenharmony_ciint ax25_validate_nr(ax25_cb *ax25, unsigned short nr) 8062306a36Sopenharmony_ci{ 8162306a36Sopenharmony_ci unsigned short vc = ax25->va; 8262306a36Sopenharmony_ci 8362306a36Sopenharmony_ci while (vc != ax25->vs) { 8462306a36Sopenharmony_ci if (nr == vc) return 1; 8562306a36Sopenharmony_ci vc = (vc + 1) % ax25->modulus; 8662306a36Sopenharmony_ci } 8762306a36Sopenharmony_ci 8862306a36Sopenharmony_ci if (nr == ax25->vs) return 1; 8962306a36Sopenharmony_ci 9062306a36Sopenharmony_ci return 0; 9162306a36Sopenharmony_ci} 9262306a36Sopenharmony_ci 9362306a36Sopenharmony_ci/* 9462306a36Sopenharmony_ci * This routine is the centralised routine for parsing the control 9562306a36Sopenharmony_ci * information for the different frame formats. 9662306a36Sopenharmony_ci */ 9762306a36Sopenharmony_ciint ax25_decode(ax25_cb *ax25, struct sk_buff *skb, int *ns, int *nr, int *pf) 9862306a36Sopenharmony_ci{ 9962306a36Sopenharmony_ci unsigned char *frame; 10062306a36Sopenharmony_ci int frametype = AX25_ILLEGAL; 10162306a36Sopenharmony_ci 10262306a36Sopenharmony_ci frame = skb->data; 10362306a36Sopenharmony_ci *ns = *nr = *pf = 0; 10462306a36Sopenharmony_ci 10562306a36Sopenharmony_ci if (ax25->modulus == AX25_MODULUS) { 10662306a36Sopenharmony_ci if ((frame[0] & AX25_S) == 0) { 10762306a36Sopenharmony_ci frametype = AX25_I; /* I frame - carries NR/NS/PF */ 10862306a36Sopenharmony_ci *ns = (frame[0] >> 1) & 0x07; 10962306a36Sopenharmony_ci *nr = (frame[0] >> 5) & 0x07; 11062306a36Sopenharmony_ci *pf = frame[0] & AX25_PF; 11162306a36Sopenharmony_ci } else if ((frame[0] & AX25_U) == 1) { /* S frame - take out PF/NR */ 11262306a36Sopenharmony_ci frametype = frame[0] & 0x0F; 11362306a36Sopenharmony_ci *nr = (frame[0] >> 5) & 0x07; 11462306a36Sopenharmony_ci *pf = frame[0] & AX25_PF; 11562306a36Sopenharmony_ci } else if ((frame[0] & AX25_U) == 3) { /* U frame - take out PF */ 11662306a36Sopenharmony_ci frametype = frame[0] & ~AX25_PF; 11762306a36Sopenharmony_ci *pf = frame[0] & AX25_PF; 11862306a36Sopenharmony_ci } 11962306a36Sopenharmony_ci skb_pull(skb, 1); 12062306a36Sopenharmony_ci } else { 12162306a36Sopenharmony_ci if ((frame[0] & AX25_S) == 0) { 12262306a36Sopenharmony_ci frametype = AX25_I; /* I frame - carries NR/NS/PF */ 12362306a36Sopenharmony_ci *ns = (frame[0] >> 1) & 0x7F; 12462306a36Sopenharmony_ci *nr = (frame[1] >> 1) & 0x7F; 12562306a36Sopenharmony_ci *pf = frame[1] & AX25_EPF; 12662306a36Sopenharmony_ci skb_pull(skb, 2); 12762306a36Sopenharmony_ci } else if ((frame[0] & AX25_U) == 1) { /* S frame - take out PF/NR */ 12862306a36Sopenharmony_ci frametype = frame[0] & 0x0F; 12962306a36Sopenharmony_ci *nr = (frame[1] >> 1) & 0x7F; 13062306a36Sopenharmony_ci *pf = frame[1] & AX25_EPF; 13162306a36Sopenharmony_ci skb_pull(skb, 2); 13262306a36Sopenharmony_ci } else if ((frame[0] & AX25_U) == 3) { /* U frame - take out PF */ 13362306a36Sopenharmony_ci frametype = frame[0] & ~AX25_PF; 13462306a36Sopenharmony_ci *pf = frame[0] & AX25_PF; 13562306a36Sopenharmony_ci skb_pull(skb, 1); 13662306a36Sopenharmony_ci } 13762306a36Sopenharmony_ci } 13862306a36Sopenharmony_ci 13962306a36Sopenharmony_ci return frametype; 14062306a36Sopenharmony_ci} 14162306a36Sopenharmony_ci 14262306a36Sopenharmony_ci/* 14362306a36Sopenharmony_ci * This routine is called when the HDLC layer internally generates a 14462306a36Sopenharmony_ci * command or response for the remote machine ( eg. RR, UA etc. ). 14562306a36Sopenharmony_ci * Only supervisory or unnumbered frames are processed. 14662306a36Sopenharmony_ci */ 14762306a36Sopenharmony_civoid ax25_send_control(ax25_cb *ax25, int frametype, int poll_bit, int type) 14862306a36Sopenharmony_ci{ 14962306a36Sopenharmony_ci struct sk_buff *skb; 15062306a36Sopenharmony_ci unsigned char *dptr; 15162306a36Sopenharmony_ci 15262306a36Sopenharmony_ci if ((skb = alloc_skb(ax25->ax25_dev->dev->hard_header_len + 2, GFP_ATOMIC)) == NULL) 15362306a36Sopenharmony_ci return; 15462306a36Sopenharmony_ci 15562306a36Sopenharmony_ci skb_reserve(skb, ax25->ax25_dev->dev->hard_header_len); 15662306a36Sopenharmony_ci 15762306a36Sopenharmony_ci skb_reset_network_header(skb); 15862306a36Sopenharmony_ci 15962306a36Sopenharmony_ci /* Assume a response - address structure for DTE */ 16062306a36Sopenharmony_ci if (ax25->modulus == AX25_MODULUS) { 16162306a36Sopenharmony_ci dptr = skb_put(skb, 1); 16262306a36Sopenharmony_ci *dptr = frametype; 16362306a36Sopenharmony_ci *dptr |= (poll_bit) ? AX25_PF : 0; 16462306a36Sopenharmony_ci if ((frametype & AX25_U) == AX25_S) /* S frames carry NR */ 16562306a36Sopenharmony_ci *dptr |= (ax25->vr << 5); 16662306a36Sopenharmony_ci } else { 16762306a36Sopenharmony_ci if ((frametype & AX25_U) == AX25_U) { 16862306a36Sopenharmony_ci dptr = skb_put(skb, 1); 16962306a36Sopenharmony_ci *dptr = frametype; 17062306a36Sopenharmony_ci *dptr |= (poll_bit) ? AX25_PF : 0; 17162306a36Sopenharmony_ci } else { 17262306a36Sopenharmony_ci dptr = skb_put(skb, 2); 17362306a36Sopenharmony_ci dptr[0] = frametype; 17462306a36Sopenharmony_ci dptr[1] = (ax25->vr << 1); 17562306a36Sopenharmony_ci dptr[1] |= (poll_bit) ? AX25_EPF : 0; 17662306a36Sopenharmony_ci } 17762306a36Sopenharmony_ci } 17862306a36Sopenharmony_ci 17962306a36Sopenharmony_ci ax25_transmit_buffer(ax25, skb, type); 18062306a36Sopenharmony_ci} 18162306a36Sopenharmony_ci 18262306a36Sopenharmony_ci/* 18362306a36Sopenharmony_ci * Send a 'DM' to an unknown connection attempt, or an invalid caller. 18462306a36Sopenharmony_ci * 18562306a36Sopenharmony_ci * Note: src here is the sender, thus it's the target of the DM 18662306a36Sopenharmony_ci */ 18762306a36Sopenharmony_civoid ax25_return_dm(struct net_device *dev, ax25_address *src, ax25_address *dest, ax25_digi *digi) 18862306a36Sopenharmony_ci{ 18962306a36Sopenharmony_ci struct sk_buff *skb; 19062306a36Sopenharmony_ci char *dptr; 19162306a36Sopenharmony_ci ax25_digi retdigi; 19262306a36Sopenharmony_ci 19362306a36Sopenharmony_ci if (dev == NULL) 19462306a36Sopenharmony_ci return; 19562306a36Sopenharmony_ci 19662306a36Sopenharmony_ci if ((skb = alloc_skb(dev->hard_header_len + 1, GFP_ATOMIC)) == NULL) 19762306a36Sopenharmony_ci return; /* Next SABM will get DM'd */ 19862306a36Sopenharmony_ci 19962306a36Sopenharmony_ci skb_reserve(skb, dev->hard_header_len); 20062306a36Sopenharmony_ci skb_reset_network_header(skb); 20162306a36Sopenharmony_ci 20262306a36Sopenharmony_ci ax25_digi_invert(digi, &retdigi); 20362306a36Sopenharmony_ci 20462306a36Sopenharmony_ci dptr = skb_put(skb, 1); 20562306a36Sopenharmony_ci 20662306a36Sopenharmony_ci *dptr = AX25_DM | AX25_PF; 20762306a36Sopenharmony_ci 20862306a36Sopenharmony_ci /* 20962306a36Sopenharmony_ci * Do the address ourselves 21062306a36Sopenharmony_ci */ 21162306a36Sopenharmony_ci dptr = skb_push(skb, ax25_addr_size(digi)); 21262306a36Sopenharmony_ci dptr += ax25_addr_build(dptr, dest, src, &retdigi, AX25_RESPONSE, AX25_MODULUS); 21362306a36Sopenharmony_ci 21462306a36Sopenharmony_ci ax25_queue_xmit(skb, dev); 21562306a36Sopenharmony_ci} 21662306a36Sopenharmony_ci 21762306a36Sopenharmony_ci/* 21862306a36Sopenharmony_ci * Exponential backoff for AX.25 21962306a36Sopenharmony_ci */ 22062306a36Sopenharmony_civoid ax25_calculate_t1(ax25_cb *ax25) 22162306a36Sopenharmony_ci{ 22262306a36Sopenharmony_ci int n, t = 2; 22362306a36Sopenharmony_ci 22462306a36Sopenharmony_ci switch (ax25->backoff) { 22562306a36Sopenharmony_ci case 0: 22662306a36Sopenharmony_ci break; 22762306a36Sopenharmony_ci 22862306a36Sopenharmony_ci case 1: 22962306a36Sopenharmony_ci t += 2 * ax25->n2count; 23062306a36Sopenharmony_ci break; 23162306a36Sopenharmony_ci 23262306a36Sopenharmony_ci case 2: 23362306a36Sopenharmony_ci for (n = 0; n < ax25->n2count; n++) 23462306a36Sopenharmony_ci t *= 2; 23562306a36Sopenharmony_ci if (t > 8) t = 8; 23662306a36Sopenharmony_ci break; 23762306a36Sopenharmony_ci } 23862306a36Sopenharmony_ci 23962306a36Sopenharmony_ci ax25->t1 = t * ax25->rtt; 24062306a36Sopenharmony_ci} 24162306a36Sopenharmony_ci 24262306a36Sopenharmony_ci/* 24362306a36Sopenharmony_ci * Calculate the Round Trip Time 24462306a36Sopenharmony_ci */ 24562306a36Sopenharmony_civoid ax25_calculate_rtt(ax25_cb *ax25) 24662306a36Sopenharmony_ci{ 24762306a36Sopenharmony_ci if (ax25->backoff == 0) 24862306a36Sopenharmony_ci return; 24962306a36Sopenharmony_ci 25062306a36Sopenharmony_ci if (ax25_t1timer_running(ax25) && ax25->n2count == 0) 25162306a36Sopenharmony_ci ax25->rtt = (9 * ax25->rtt + ax25->t1 - ax25_display_timer(&ax25->t1timer)) / 10; 25262306a36Sopenharmony_ci 25362306a36Sopenharmony_ci if (ax25->rtt < AX25_T1CLAMPLO) 25462306a36Sopenharmony_ci ax25->rtt = AX25_T1CLAMPLO; 25562306a36Sopenharmony_ci 25662306a36Sopenharmony_ci if (ax25->rtt > AX25_T1CLAMPHI) 25762306a36Sopenharmony_ci ax25->rtt = AX25_T1CLAMPHI; 25862306a36Sopenharmony_ci} 25962306a36Sopenharmony_ci 26062306a36Sopenharmony_civoid ax25_disconnect(ax25_cb *ax25, int reason) 26162306a36Sopenharmony_ci{ 26262306a36Sopenharmony_ci ax25_clear_queues(ax25); 26362306a36Sopenharmony_ci 26462306a36Sopenharmony_ci if (reason == ENETUNREACH) { 26562306a36Sopenharmony_ci del_timer_sync(&ax25->timer); 26662306a36Sopenharmony_ci del_timer_sync(&ax25->t1timer); 26762306a36Sopenharmony_ci del_timer_sync(&ax25->t2timer); 26862306a36Sopenharmony_ci del_timer_sync(&ax25->t3timer); 26962306a36Sopenharmony_ci del_timer_sync(&ax25->idletimer); 27062306a36Sopenharmony_ci } else { 27162306a36Sopenharmony_ci if (ax25->sk && !sock_flag(ax25->sk, SOCK_DESTROY)) 27262306a36Sopenharmony_ci ax25_stop_heartbeat(ax25); 27362306a36Sopenharmony_ci ax25_stop_t1timer(ax25); 27462306a36Sopenharmony_ci ax25_stop_t2timer(ax25); 27562306a36Sopenharmony_ci ax25_stop_t3timer(ax25); 27662306a36Sopenharmony_ci ax25_stop_idletimer(ax25); 27762306a36Sopenharmony_ci } 27862306a36Sopenharmony_ci 27962306a36Sopenharmony_ci ax25->state = AX25_STATE_0; 28062306a36Sopenharmony_ci 28162306a36Sopenharmony_ci ax25_link_failed(ax25, reason); 28262306a36Sopenharmony_ci 28362306a36Sopenharmony_ci if (ax25->sk != NULL) { 28462306a36Sopenharmony_ci local_bh_disable(); 28562306a36Sopenharmony_ci bh_lock_sock(ax25->sk); 28662306a36Sopenharmony_ci ax25->sk->sk_state = TCP_CLOSE; 28762306a36Sopenharmony_ci ax25->sk->sk_err = reason; 28862306a36Sopenharmony_ci ax25->sk->sk_shutdown |= SEND_SHUTDOWN; 28962306a36Sopenharmony_ci if (!sock_flag(ax25->sk, SOCK_DEAD)) { 29062306a36Sopenharmony_ci ax25->sk->sk_state_change(ax25->sk); 29162306a36Sopenharmony_ci sock_set_flag(ax25->sk, SOCK_DEAD); 29262306a36Sopenharmony_ci } 29362306a36Sopenharmony_ci bh_unlock_sock(ax25->sk); 29462306a36Sopenharmony_ci local_bh_enable(); 29562306a36Sopenharmony_ci } 29662306a36Sopenharmony_ci} 297