1 /* 2 * This program is free software; you can redistribute it and/or modify 3 * it under the terms of the GNU General Public License as published by 4 * the Free Software Foundation; either version 2 of the License, or 5 * (at your option) any later version. 6 * 7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 9 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 10 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 11 * 12 * Most of this code is based on the SDL diagrams published in the 7th ARRL 13 * Computer Networking Conference papers. The diagrams have mistakes in them, 14 * but are mostly correct. Before you modify the code could you read the SDL 15 * diagrams as the code is not obvious and probably very easy to break. 16 */ 17 #include <linux/errno.h> 18 #include <linux/types.h> 19 #include <linux/socket.h> 20 #include <linux/in.h> 21 #include <linux/kernel.h> 22 #include <linux/sched.h> 23 #include <linux/timer.h> 24 #include <linux/string.h> 25 #include <linux/sockios.h> 26 #include <linux/net.h> 27 #include <net/ax25.h> 28 #include <linux/inet.h> 29 #include <linux/netdevice.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <net/ip.h> /* For ip_rcv */ 33 #include <net/tcp.h> 34 #include <asm/uaccess.h> 35 #include <asm/system.h> 36 #include <linux/fcntl.h> 37 #include <linux/mm.h> 38 #include <linux/interrupt.h> 39 40 /* 41 * State machine for state 1, Awaiting Connection State. 42 * The handling of the timer(s) is in file ax25_std_timer.c. 43 * Handling of state 0 and connection release is in ax25.c. 44 */ 45 static int ax25_std_state1_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int pf, int type) 46 { 47 switch (frametype) { 48 case AX25_SABM: 49 ax25->modulus = AX25_MODULUS; 50 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 51 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE); 52 break; 53 54 case AX25_SABME: 55 ax25->modulus = AX25_EMODULUS; 56 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW]; 57 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE); 58 break; 59 60 case AX25_DISC: 61 ax25_send_control(ax25, AX25_DM, pf, AX25_RESPONSE); 62 break; 63 64 case AX25_UA: 65 if (pf) { 66 ax25_calculate_rtt(ax25); 67 ax25_stop_t1timer(ax25); 68 ax25_start_t3timer(ax25); 69 ax25_start_idletimer(ax25); 70 ax25->vs = 0; 71 ax25->va = 0; 72 ax25->vr = 0; 73 ax25->state = AX25_STATE_3; 74 ax25->n2count = 0; 75 if (ax25->sk != NULL) { 76 bh_lock_sock(ax25->sk); 77 ax25->sk->sk_state = TCP_ESTABLISHED; 78 /* For WAIT_SABM connections we will produce an accept ready socket here */ 79 if (!sock_flag(ax25->sk, SOCK_DEAD)) 80 ax25->sk->sk_state_change(ax25->sk); 81 bh_unlock_sock(ax25->sk); 82 } 83 } 84 break; 85 86 case AX25_DM: 87 if (pf) { 88 if (ax25->modulus == AX25_MODULUS) { 89 ax25_disconnect(ax25, ECONNREFUSED); 90 } else { 91 ax25->modulus = AX25_MODULUS; 92 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 93 } 94 } 95 break; 96 97 default: 98 break; 99 } 100 101 return 0; 102 } 103 104 /* 105 * State machine for state 2, Awaiting Release State. 106 * The handling of the timer(s) is in file ax25_std_timer.c 107 * Handling of state 0 and connection release is in ax25.c. 108 */ 109 static int ax25_std_state2_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int pf, int type) 110 { 111 switch (frametype) { 112 case AX25_SABM: 113 case AX25_SABME: 114 ax25_send_control(ax25, AX25_DM, pf, AX25_RESPONSE); 115 break; 116 117 case AX25_DISC: 118 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE); 119 ax25_disconnect(ax25, 0); 120 break; 121 122 case AX25_DM: 123 case AX25_UA: 124 if (pf) 125 ax25_disconnect(ax25, 0); 126 break; 127 128 case AX25_I: 129 case AX25_REJ: 130 case AX25_RNR: 131 case AX25_RR: 132 if (pf) ax25_send_control(ax25, AX25_DM, AX25_POLLON, AX25_RESPONSE); 133 break; 134 135 default: 136 break; 137 } 138 139 return 0; 140 } 141 142 /* 143 * State machine for state 3, Connected State. 144 * The handling of the timer(s) is in file ax25_std_timer.c 145 * Handling of state 0 and connection release is in ax25.c. 146 */ 147 static int ax25_std_state3_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int ns, int nr, int pf, int type) 148 { 149 int queued = 0; 150 151 switch (frametype) { 152 case AX25_SABM: 153 case AX25_SABME: 154 if (frametype == AX25_SABM) { 155 ax25->modulus = AX25_MODULUS; 156 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 157 } else { 158 ax25->modulus = AX25_EMODULUS; 159 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW]; 160 } 161 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE); 162 ax25_stop_t1timer(ax25); 163 ax25_stop_t2timer(ax25); 164 ax25_start_t3timer(ax25); 165 ax25_start_idletimer(ax25); 166 ax25->condition = 0x00; 167 ax25->vs = 0; 168 ax25->va = 0; 169 ax25->vr = 0; 170 ax25_requeue_frames(ax25); 171 break; 172 173 case AX25_DISC: 174 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE); 175 ax25_disconnect(ax25, 0); 176 break; 177 178 case AX25_DM: 179 ax25_disconnect(ax25, ECONNRESET); 180 break; 181 182 case AX25_RR: 183 case AX25_RNR: 184 if (frametype == AX25_RR) 185 ax25->condition &= ~AX25_COND_PEER_RX_BUSY; 186 else 187 ax25->condition |= AX25_COND_PEER_RX_BUSY; 188 if (type == AX25_COMMAND && pf) 189 ax25_std_enquiry_response(ax25); 190 if (ax25_validate_nr(ax25, nr)) { 191 ax25_check_iframes_acked(ax25, nr); 192 } else { 193 ax25_std_nr_error_recovery(ax25); 194 ax25->state = AX25_STATE_1; 195 } 196 break; 197 198 case AX25_REJ: 199 ax25->condition &= ~AX25_COND_PEER_RX_BUSY; 200 if (type == AX25_COMMAND && pf) 201 ax25_std_enquiry_response(ax25); 202 if (ax25_validate_nr(ax25, nr)) { 203 ax25_frames_acked(ax25, nr); 204 ax25_calculate_rtt(ax25); 205 ax25_stop_t1timer(ax25); 206 ax25_start_t3timer(ax25); 207 ax25_requeue_frames(ax25); 208 } else { 209 ax25_std_nr_error_recovery(ax25); 210 ax25->state = AX25_STATE_1; 211 } 212 break; 213 214 case AX25_I: 215 if (!ax25_validate_nr(ax25, nr)) { 216 ax25_std_nr_error_recovery(ax25); 217 ax25->state = AX25_STATE_1; 218 break; 219 } 220 if (ax25->condition & AX25_COND_PEER_RX_BUSY) { 221 ax25_frames_acked(ax25, nr); 222 } else { 223 ax25_check_iframes_acked(ax25, nr); 224 } 225 if (ax25->condition & AX25_COND_OWN_RX_BUSY) { 226 if (pf) ax25_std_enquiry_response(ax25); 227 break; 228 } 229 if (ns == ax25->vr) { 230 ax25->vr = (ax25->vr + 1) % ax25->modulus; 231 queued = ax25_rx_iframe(ax25, skb); 232 if (ax25->condition & AX25_COND_OWN_RX_BUSY) 233 ax25->vr = ns; /* ax25->vr - 1 */ 234 ax25->condition &= ~AX25_COND_REJECT; 235 if (pf) { 236 ax25_std_enquiry_response(ax25); 237 } else { 238 if (!(ax25->condition & AX25_COND_ACK_PENDING)) { 239 ax25->condition |= AX25_COND_ACK_PENDING; 240 ax25_start_t2timer(ax25); 241 } 242 } 243 } else { 244 if (ax25->condition & AX25_COND_REJECT) { 245 if (pf) ax25_std_enquiry_response(ax25); 246 } else { 247 ax25->condition |= AX25_COND_REJECT; 248 ax25_send_control(ax25, AX25_REJ, pf, AX25_RESPONSE); 249 ax25->condition &= ~AX25_COND_ACK_PENDING; 250 } 251 } 252 break; 253 254 case AX25_FRMR: 255 case AX25_ILLEGAL: 256 ax25_std_establish_data_link(ax25); 257 ax25->state = AX25_STATE_1; 258 break; 259 260 default: 261 break; 262 } 263 264 return queued; 265 } 266 267 /* 268 * State machine for state 4, Timer Recovery State. 269 * The handling of the timer(s) is in file ax25_std_timer.c 270 * Handling of state 0 and connection release is in ax25.c. 271 */ 272 static int ax25_std_state4_machine(ax25_cb *ax25, struct sk_buff *skb, int frametype, int ns, int nr, int pf, int type) 273 { 274 int queued = 0; 275 276 switch (frametype) { 277 case AX25_SABM: 278 case AX25_SABME: 279 if (frametype == AX25_SABM) { 280 ax25->modulus = AX25_MODULUS; 281 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 282 } else { 283 ax25->modulus = AX25_EMODULUS; 284 ax25->window = ax25->ax25_dev->values[AX25_VALUES_EWINDOW]; 285 } 286 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE); 287 ax25_stop_t1timer(ax25); 288 ax25_stop_t2timer(ax25); 289 ax25_start_t3timer(ax25); 290 ax25_start_idletimer(ax25); 291 ax25->condition = 0x00; 292 ax25->vs = 0; 293 ax25->va = 0; 294 ax25->vr = 0; 295 ax25->state = AX25_STATE_3; 296 ax25->n2count = 0; 297 ax25_requeue_frames(ax25); 298 break; 299 300 case AX25_DISC: 301 ax25_send_control(ax25, AX25_UA, pf, AX25_RESPONSE); 302 ax25_disconnect(ax25, 0); 303 break; 304 305 case AX25_DM: 306 ax25_disconnect(ax25, ECONNRESET); 307 break; 308 309 case AX25_RR: 310 case AX25_RNR: 311 if (frametype == AX25_RR) 312 ax25->condition &= ~AX25_COND_PEER_RX_BUSY; 313 else 314 ax25->condition |= AX25_COND_PEER_RX_BUSY; 315 if (type == AX25_RESPONSE && pf) { 316 ax25_stop_t1timer(ax25); 317 ax25->n2count = 0; 318 if (ax25_validate_nr(ax25, nr)) { 319 ax25_frames_acked(ax25, nr); 320 if (ax25->vs == ax25->va) { 321 ax25_start_t3timer(ax25); 322 ax25->state = AX25_STATE_3; 323 } else { 324 ax25_requeue_frames(ax25); 325 } 326 } else { 327 ax25_std_nr_error_recovery(ax25); 328 ax25->state = AX25_STATE_1; 329 } 330 break; 331 } 332 if (type == AX25_COMMAND && pf) 333 ax25_std_enquiry_response(ax25); 334 if (ax25_validate_nr(ax25, nr)) { 335 ax25_frames_acked(ax25, nr); 336 } else { 337 ax25_std_nr_error_recovery(ax25); 338 ax25->state = AX25_STATE_1; 339 } 340 break; 341 342 case AX25_REJ: 343 ax25->condition &= ~AX25_COND_PEER_RX_BUSY; 344 if (pf && type == AX25_RESPONSE) { 345 ax25_stop_t1timer(ax25); 346 ax25->n2count = 0; 347 if (ax25_validate_nr(ax25, nr)) { 348 ax25_frames_acked(ax25, nr); 349 if (ax25->vs == ax25->va) { 350 ax25_start_t3timer(ax25); 351 ax25->state = AX25_STATE_3; 352 } else { 353 ax25_requeue_frames(ax25); 354 } 355 } else { 356 ax25_std_nr_error_recovery(ax25); 357 ax25->state = AX25_STATE_1; 358 } 359 break; 360 } 361 if (type == AX25_COMMAND && pf) 362 ax25_std_enquiry_response(ax25); 363 if (ax25_validate_nr(ax25, nr)) { 364 ax25_frames_acked(ax25, nr); 365 ax25_requeue_frames(ax25); 366 } else { 367 ax25_std_nr_error_recovery(ax25); 368 ax25->state = AX25_STATE_1; 369 } 370 break; 371 372 case AX25_I: 373 if (!ax25_validate_nr(ax25, nr)) { 374 ax25_std_nr_error_recovery(ax25); 375 ax25->state = AX25_STATE_1; 376 break; 377 } 378 ax25_frames_acked(ax25, nr); 379 if (ax25->condition & AX25_COND_OWN_RX_BUSY) { 380 if (pf) 381 ax25_std_enquiry_response(ax25); 382 break; 383 } 384 if (ns == ax25->vr) { 385 ax25->vr = (ax25->vr + 1) % ax25->modulus; 386 queued = ax25_rx_iframe(ax25, skb); 387 if (ax25->condition & AX25_COND_OWN_RX_BUSY) 388 ax25->vr = ns; /* ax25->vr - 1 */ 389 ax25->condition &= ~AX25_COND_REJECT; 390 if (pf) { 391 ax25_std_enquiry_response(ax25); 392 } else { 393 if (!(ax25->condition & AX25_COND_ACK_PENDING)) { 394 ax25->condition |= AX25_COND_ACK_PENDING; 395 ax25_start_t2timer(ax25); 396 } 397 } 398 } else { 399 if (ax25->condition & AX25_COND_REJECT) { 400 if (pf) ax25_std_enquiry_response(ax25); 401 } else { 402 ax25->condition |= AX25_COND_REJECT; 403 ax25_send_control(ax25, AX25_REJ, pf, AX25_RESPONSE); 404 ax25->condition &= ~AX25_COND_ACK_PENDING; 405 } 406 } 407 break; 408 409 case AX25_FRMR: 410 case AX25_ILLEGAL: 411 ax25_std_establish_data_link(ax25); 412 ax25->state = AX25_STATE_1; 413 break; 414 415 default: 416 break; 417 } 418 419 return queued; 420 } 421 422 /* 423 * Higher level upcall for a LAPB frame 424 */ 425 int ax25_std_frame_in(ax25_cb *ax25, struct sk_buff *skb, int type) 426 { 427 int queued = 0, frametype, ns, nr, pf; 428 429 frametype = ax25_decode(ax25, skb, &ns, &nr, &pf); 430 431 switch (ax25->state) { 432 case AX25_STATE_1: 433 queued = ax25_std_state1_machine(ax25, skb, frametype, pf, type); 434 break; 435 case AX25_STATE_2: 436 queued = ax25_std_state2_machine(ax25, skb, frametype, pf, type); 437 break; 438 case AX25_STATE_3: 439 queued = ax25_std_state3_machine(ax25, skb, frametype, ns, nr, pf, type); 440 break; 441 case AX25_STATE_4: 442 queued = ax25_std_state4_machine(ax25, skb, frametype, ns, nr, pf, type); 443 break; 444 } 445 446 ax25_kick(ax25); 447 448 return queued; 449 } 450