162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * 462306a36Sopenharmony_ci * Copyright Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 562306a36Sopenharmony_ci */ 662306a36Sopenharmony_ci#include <linux/errno.h> 762306a36Sopenharmony_ci#include <linux/types.h> 862306a36Sopenharmony_ci#include <linux/socket.h> 962306a36Sopenharmony_ci#include <linux/in.h> 1062306a36Sopenharmony_ci#include <linux/kernel.h> 1162306a36Sopenharmony_ci#include <linux/timer.h> 1262306a36Sopenharmony_ci#include <linux/string.h> 1362306a36Sopenharmony_ci#include <linux/sockios.h> 1462306a36Sopenharmony_ci#include <linux/net.h> 1562306a36Sopenharmony_ci#include <linux/slab.h> 1662306a36Sopenharmony_ci#include <net/ax25.h> 1762306a36Sopenharmony_ci#include <linux/inet.h> 1862306a36Sopenharmony_ci#include <linux/netdevice.h> 1962306a36Sopenharmony_ci#include <linux/skbuff.h> 2062306a36Sopenharmony_ci#include <net/sock.h> 2162306a36Sopenharmony_ci#include <net/tcp_states.h> 2262306a36Sopenharmony_ci#include <linux/uaccess.h> 2362306a36Sopenharmony_ci#include <linux/fcntl.h> 2462306a36Sopenharmony_ci#include <linux/mm.h> 2562306a36Sopenharmony_ci#include <linux/interrupt.h> 2662306a36Sopenharmony_ci#include <net/netrom.h> 2762306a36Sopenharmony_ci 2862306a36Sopenharmony_ci/* 2962306a36Sopenharmony_ci * This routine purges all of the queues of frames. 3062306a36Sopenharmony_ci */ 3162306a36Sopenharmony_civoid nr_clear_queues(struct sock *sk) 3262306a36Sopenharmony_ci{ 3362306a36Sopenharmony_ci struct nr_sock *nr = nr_sk(sk); 3462306a36Sopenharmony_ci 3562306a36Sopenharmony_ci skb_queue_purge(&sk->sk_write_queue); 3662306a36Sopenharmony_ci skb_queue_purge(&nr->ack_queue); 3762306a36Sopenharmony_ci skb_queue_purge(&nr->reseq_queue); 3862306a36Sopenharmony_ci skb_queue_purge(&nr->frag_queue); 3962306a36Sopenharmony_ci} 4062306a36Sopenharmony_ci 4162306a36Sopenharmony_ci/* 4262306a36Sopenharmony_ci * This routine purges the input queue of those frames that have been 4362306a36Sopenharmony_ci * acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the 4462306a36Sopenharmony_ci * SDL diagram. 4562306a36Sopenharmony_ci */ 4662306a36Sopenharmony_civoid nr_frames_acked(struct sock *sk, unsigned short nr) 4762306a36Sopenharmony_ci{ 4862306a36Sopenharmony_ci struct nr_sock *nrom = nr_sk(sk); 4962306a36Sopenharmony_ci struct sk_buff *skb; 5062306a36Sopenharmony_ci 5162306a36Sopenharmony_ci /* 5262306a36Sopenharmony_ci * Remove all the ack-ed frames from the ack queue. 5362306a36Sopenharmony_ci */ 5462306a36Sopenharmony_ci if (nrom->va != nr) { 5562306a36Sopenharmony_ci while (skb_peek(&nrom->ack_queue) != NULL && nrom->va != nr) { 5662306a36Sopenharmony_ci skb = skb_dequeue(&nrom->ack_queue); 5762306a36Sopenharmony_ci kfree_skb(skb); 5862306a36Sopenharmony_ci nrom->va = (nrom->va + 1) % NR_MODULUS; 5962306a36Sopenharmony_ci } 6062306a36Sopenharmony_ci } 6162306a36Sopenharmony_ci} 6262306a36Sopenharmony_ci 6362306a36Sopenharmony_ci/* 6462306a36Sopenharmony_ci * Requeue all the un-ack-ed frames on the output queue to be picked 6562306a36Sopenharmony_ci * up by nr_kick called from the timer. This arrangement handles the 6662306a36Sopenharmony_ci * possibility of an empty output queue. 6762306a36Sopenharmony_ci */ 6862306a36Sopenharmony_civoid nr_requeue_frames(struct sock *sk) 6962306a36Sopenharmony_ci{ 7062306a36Sopenharmony_ci struct sk_buff *skb, *skb_prev = NULL; 7162306a36Sopenharmony_ci 7262306a36Sopenharmony_ci while ((skb = skb_dequeue(&nr_sk(sk)->ack_queue)) != NULL) { 7362306a36Sopenharmony_ci if (skb_prev == NULL) 7462306a36Sopenharmony_ci skb_queue_head(&sk->sk_write_queue, skb); 7562306a36Sopenharmony_ci else 7662306a36Sopenharmony_ci skb_append(skb_prev, skb, &sk->sk_write_queue); 7762306a36Sopenharmony_ci skb_prev = skb; 7862306a36Sopenharmony_ci } 7962306a36Sopenharmony_ci} 8062306a36Sopenharmony_ci 8162306a36Sopenharmony_ci/* 8262306a36Sopenharmony_ci * Validate that the value of nr is between va and vs. Return true or 8362306a36Sopenharmony_ci * false for testing. 8462306a36Sopenharmony_ci */ 8562306a36Sopenharmony_ciint nr_validate_nr(struct sock *sk, unsigned short nr) 8662306a36Sopenharmony_ci{ 8762306a36Sopenharmony_ci struct nr_sock *nrom = nr_sk(sk); 8862306a36Sopenharmony_ci unsigned short vc = nrom->va; 8962306a36Sopenharmony_ci 9062306a36Sopenharmony_ci while (vc != nrom->vs) { 9162306a36Sopenharmony_ci if (nr == vc) return 1; 9262306a36Sopenharmony_ci vc = (vc + 1) % NR_MODULUS; 9362306a36Sopenharmony_ci } 9462306a36Sopenharmony_ci 9562306a36Sopenharmony_ci return nr == nrom->vs; 9662306a36Sopenharmony_ci} 9762306a36Sopenharmony_ci 9862306a36Sopenharmony_ci/* 9962306a36Sopenharmony_ci * Check that ns is within the receive window. 10062306a36Sopenharmony_ci */ 10162306a36Sopenharmony_ciint nr_in_rx_window(struct sock *sk, unsigned short ns) 10262306a36Sopenharmony_ci{ 10362306a36Sopenharmony_ci struct nr_sock *nr = nr_sk(sk); 10462306a36Sopenharmony_ci unsigned short vc = nr->vr; 10562306a36Sopenharmony_ci unsigned short vt = (nr->vl + nr->window) % NR_MODULUS; 10662306a36Sopenharmony_ci 10762306a36Sopenharmony_ci while (vc != vt) { 10862306a36Sopenharmony_ci if (ns == vc) return 1; 10962306a36Sopenharmony_ci vc = (vc + 1) % NR_MODULUS; 11062306a36Sopenharmony_ci } 11162306a36Sopenharmony_ci 11262306a36Sopenharmony_ci return 0; 11362306a36Sopenharmony_ci} 11462306a36Sopenharmony_ci 11562306a36Sopenharmony_ci/* 11662306a36Sopenharmony_ci * This routine is called when the HDLC layer internally generates a 11762306a36Sopenharmony_ci * control frame. 11862306a36Sopenharmony_ci */ 11962306a36Sopenharmony_civoid nr_write_internal(struct sock *sk, int frametype) 12062306a36Sopenharmony_ci{ 12162306a36Sopenharmony_ci struct nr_sock *nr = nr_sk(sk); 12262306a36Sopenharmony_ci struct sk_buff *skb; 12362306a36Sopenharmony_ci unsigned char *dptr; 12462306a36Sopenharmony_ci int len, timeout; 12562306a36Sopenharmony_ci 12662306a36Sopenharmony_ci len = NR_TRANSPORT_LEN; 12762306a36Sopenharmony_ci 12862306a36Sopenharmony_ci switch (frametype & 0x0F) { 12962306a36Sopenharmony_ci case NR_CONNREQ: 13062306a36Sopenharmony_ci len += 17; 13162306a36Sopenharmony_ci break; 13262306a36Sopenharmony_ci case NR_CONNACK: 13362306a36Sopenharmony_ci len += (nr->bpqext) ? 2 : 1; 13462306a36Sopenharmony_ci break; 13562306a36Sopenharmony_ci case NR_DISCREQ: 13662306a36Sopenharmony_ci case NR_DISCACK: 13762306a36Sopenharmony_ci case NR_INFOACK: 13862306a36Sopenharmony_ci break; 13962306a36Sopenharmony_ci default: 14062306a36Sopenharmony_ci printk(KERN_ERR "NET/ROM: nr_write_internal - invalid frame type %d\n", frametype); 14162306a36Sopenharmony_ci return; 14262306a36Sopenharmony_ci } 14362306a36Sopenharmony_ci 14462306a36Sopenharmony_ci skb = alloc_skb(NR_NETWORK_LEN + len, GFP_ATOMIC); 14562306a36Sopenharmony_ci if (!skb) 14662306a36Sopenharmony_ci return; 14762306a36Sopenharmony_ci 14862306a36Sopenharmony_ci /* 14962306a36Sopenharmony_ci * Space for AX.25 and NET/ROM network header 15062306a36Sopenharmony_ci */ 15162306a36Sopenharmony_ci skb_reserve(skb, NR_NETWORK_LEN); 15262306a36Sopenharmony_ci 15362306a36Sopenharmony_ci dptr = skb_put(skb, len); 15462306a36Sopenharmony_ci 15562306a36Sopenharmony_ci switch (frametype & 0x0F) { 15662306a36Sopenharmony_ci case NR_CONNREQ: 15762306a36Sopenharmony_ci timeout = nr->t1 / HZ; 15862306a36Sopenharmony_ci *dptr++ = nr->my_index; 15962306a36Sopenharmony_ci *dptr++ = nr->my_id; 16062306a36Sopenharmony_ci *dptr++ = 0; 16162306a36Sopenharmony_ci *dptr++ = 0; 16262306a36Sopenharmony_ci *dptr++ = frametype; 16362306a36Sopenharmony_ci *dptr++ = nr->window; 16462306a36Sopenharmony_ci memcpy(dptr, &nr->user_addr, AX25_ADDR_LEN); 16562306a36Sopenharmony_ci dptr[6] &= ~AX25_CBIT; 16662306a36Sopenharmony_ci dptr[6] &= ~AX25_EBIT; 16762306a36Sopenharmony_ci dptr[6] |= AX25_SSSID_SPARE; 16862306a36Sopenharmony_ci dptr += AX25_ADDR_LEN; 16962306a36Sopenharmony_ci memcpy(dptr, &nr->source_addr, AX25_ADDR_LEN); 17062306a36Sopenharmony_ci dptr[6] &= ~AX25_CBIT; 17162306a36Sopenharmony_ci dptr[6] &= ~AX25_EBIT; 17262306a36Sopenharmony_ci dptr[6] |= AX25_SSSID_SPARE; 17362306a36Sopenharmony_ci dptr += AX25_ADDR_LEN; 17462306a36Sopenharmony_ci *dptr++ = timeout % 256; 17562306a36Sopenharmony_ci *dptr++ = timeout / 256; 17662306a36Sopenharmony_ci break; 17762306a36Sopenharmony_ci 17862306a36Sopenharmony_ci case NR_CONNACK: 17962306a36Sopenharmony_ci *dptr++ = nr->your_index; 18062306a36Sopenharmony_ci *dptr++ = nr->your_id; 18162306a36Sopenharmony_ci *dptr++ = nr->my_index; 18262306a36Sopenharmony_ci *dptr++ = nr->my_id; 18362306a36Sopenharmony_ci *dptr++ = frametype; 18462306a36Sopenharmony_ci *dptr++ = nr->window; 18562306a36Sopenharmony_ci if (nr->bpqext) 18662306a36Sopenharmony_ci *dptr++ = READ_ONCE(sysctl_netrom_network_ttl_initialiser); 18762306a36Sopenharmony_ci break; 18862306a36Sopenharmony_ci 18962306a36Sopenharmony_ci case NR_DISCREQ: 19062306a36Sopenharmony_ci case NR_DISCACK: 19162306a36Sopenharmony_ci *dptr++ = nr->your_index; 19262306a36Sopenharmony_ci *dptr++ = nr->your_id; 19362306a36Sopenharmony_ci *dptr++ = 0; 19462306a36Sopenharmony_ci *dptr++ = 0; 19562306a36Sopenharmony_ci *dptr++ = frametype; 19662306a36Sopenharmony_ci break; 19762306a36Sopenharmony_ci 19862306a36Sopenharmony_ci case NR_INFOACK: 19962306a36Sopenharmony_ci *dptr++ = nr->your_index; 20062306a36Sopenharmony_ci *dptr++ = nr->your_id; 20162306a36Sopenharmony_ci *dptr++ = 0; 20262306a36Sopenharmony_ci *dptr++ = nr->vr; 20362306a36Sopenharmony_ci *dptr++ = frametype; 20462306a36Sopenharmony_ci break; 20562306a36Sopenharmony_ci } 20662306a36Sopenharmony_ci 20762306a36Sopenharmony_ci nr_transmit_buffer(sk, skb); 20862306a36Sopenharmony_ci} 20962306a36Sopenharmony_ci 21062306a36Sopenharmony_ci/* 21162306a36Sopenharmony_ci * This routine is called to send an error reply. 21262306a36Sopenharmony_ci */ 21362306a36Sopenharmony_civoid __nr_transmit_reply(struct sk_buff *skb, int mine, unsigned char cmdflags) 21462306a36Sopenharmony_ci{ 21562306a36Sopenharmony_ci struct sk_buff *skbn; 21662306a36Sopenharmony_ci unsigned char *dptr; 21762306a36Sopenharmony_ci int len; 21862306a36Sopenharmony_ci 21962306a36Sopenharmony_ci len = NR_NETWORK_LEN + NR_TRANSPORT_LEN + 1; 22062306a36Sopenharmony_ci 22162306a36Sopenharmony_ci if ((skbn = alloc_skb(len, GFP_ATOMIC)) == NULL) 22262306a36Sopenharmony_ci return; 22362306a36Sopenharmony_ci 22462306a36Sopenharmony_ci skb_reserve(skbn, 0); 22562306a36Sopenharmony_ci 22662306a36Sopenharmony_ci dptr = skb_put(skbn, NR_NETWORK_LEN + NR_TRANSPORT_LEN); 22762306a36Sopenharmony_ci 22862306a36Sopenharmony_ci skb_copy_from_linear_data_offset(skb, 7, dptr, AX25_ADDR_LEN); 22962306a36Sopenharmony_ci dptr[6] &= ~AX25_CBIT; 23062306a36Sopenharmony_ci dptr[6] &= ~AX25_EBIT; 23162306a36Sopenharmony_ci dptr[6] |= AX25_SSSID_SPARE; 23262306a36Sopenharmony_ci dptr += AX25_ADDR_LEN; 23362306a36Sopenharmony_ci 23462306a36Sopenharmony_ci skb_copy_from_linear_data(skb, dptr, AX25_ADDR_LEN); 23562306a36Sopenharmony_ci dptr[6] &= ~AX25_CBIT; 23662306a36Sopenharmony_ci dptr[6] |= AX25_EBIT; 23762306a36Sopenharmony_ci dptr[6] |= AX25_SSSID_SPARE; 23862306a36Sopenharmony_ci dptr += AX25_ADDR_LEN; 23962306a36Sopenharmony_ci 24062306a36Sopenharmony_ci *dptr++ = READ_ONCE(sysctl_netrom_network_ttl_initialiser); 24162306a36Sopenharmony_ci 24262306a36Sopenharmony_ci if (mine) { 24362306a36Sopenharmony_ci *dptr++ = 0; 24462306a36Sopenharmony_ci *dptr++ = 0; 24562306a36Sopenharmony_ci *dptr++ = skb->data[15]; 24662306a36Sopenharmony_ci *dptr++ = skb->data[16]; 24762306a36Sopenharmony_ci } else { 24862306a36Sopenharmony_ci *dptr++ = skb->data[15]; 24962306a36Sopenharmony_ci *dptr++ = skb->data[16]; 25062306a36Sopenharmony_ci *dptr++ = 0; 25162306a36Sopenharmony_ci *dptr++ = 0; 25262306a36Sopenharmony_ci } 25362306a36Sopenharmony_ci 25462306a36Sopenharmony_ci *dptr++ = cmdflags; 25562306a36Sopenharmony_ci *dptr++ = 0; 25662306a36Sopenharmony_ci 25762306a36Sopenharmony_ci if (!nr_route_frame(skbn, NULL)) 25862306a36Sopenharmony_ci kfree_skb(skbn); 25962306a36Sopenharmony_ci} 26062306a36Sopenharmony_ci 26162306a36Sopenharmony_civoid nr_disconnect(struct sock *sk, int reason) 26262306a36Sopenharmony_ci{ 26362306a36Sopenharmony_ci nr_stop_t1timer(sk); 26462306a36Sopenharmony_ci nr_stop_t2timer(sk); 26562306a36Sopenharmony_ci nr_stop_t4timer(sk); 26662306a36Sopenharmony_ci nr_stop_idletimer(sk); 26762306a36Sopenharmony_ci 26862306a36Sopenharmony_ci nr_clear_queues(sk); 26962306a36Sopenharmony_ci 27062306a36Sopenharmony_ci nr_sk(sk)->state = NR_STATE_0; 27162306a36Sopenharmony_ci 27262306a36Sopenharmony_ci sk->sk_state = TCP_CLOSE; 27362306a36Sopenharmony_ci sk->sk_err = reason; 27462306a36Sopenharmony_ci sk->sk_shutdown |= SEND_SHUTDOWN; 27562306a36Sopenharmony_ci 27662306a36Sopenharmony_ci if (!sock_flag(sk, SOCK_DEAD)) { 27762306a36Sopenharmony_ci sk->sk_state_change(sk); 27862306a36Sopenharmony_ci sock_set_flag(sk, SOCK_DEAD); 27962306a36Sopenharmony_ci } 28062306a36Sopenharmony_ci} 281