1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 if (!hlist_unhashed(&ax25->ax25_node)) { 66 spin_lock_bh(&ax25_list_lock); 67 hlist_del_init(&ax25->ax25_node); 68 spin_unlock_bh(&ax25_list_lock); 69 ax25_cb_put(ax25); 70 } 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 struct sock *sk; 81 82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 83 return; 84 85 spin_lock_bh(&ax25_list_lock); 86 again: 87 ax25_for_each(s, &ax25_list) { 88 if (s->ax25_dev == ax25_dev) { 89 sk = s->sk; 90 if (!sk) { 91 spin_unlock_bh(&ax25_list_lock); 92 ax25_disconnect(s, ENETUNREACH); 93 s->ax25_dev = NULL; 94 spin_lock_bh(&ax25_list_lock); 95 goto again; 96 } 97 sock_hold(sk); 98 spin_unlock_bh(&ax25_list_lock); 99 lock_sock(sk); 100 ax25_disconnect(s, ENETUNREACH); 101 s->ax25_dev = NULL; 102 if (sk->sk_socket) { 103 dev_put_track(ax25_dev->dev, &ax25_dev->dev_tracker); 104 ax25_dev_put(ax25_dev); 105 } 106 release_sock(sk); 107 spin_lock_bh(&ax25_list_lock); 108 sock_put(sk); 109 /* The entry could have been deleted from the 110 * list meanwhile and thus the next pointer is 111 * no longer valid. Play it safe and restart 112 * the scan. Forward progress is ensured 113 * because we set s->ax25_dev to NULL and we 114 * are never passed a NULL 'dev' argument. 115 */ 116 goto again; 117 } 118 } 119 spin_unlock_bh(&ax25_list_lock); 120 } 121 122 /* 123 * Handle device status changes. 124 */ 125 static int ax25_device_event(struct notifier_block *this, unsigned long event, 126 void *ptr) 127 { 128 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 129 130 if (!net_eq(dev_net(dev), &init_net)) 131 return NOTIFY_DONE; 132 133 /* Reject non AX.25 devices */ 134 if (dev->type != ARPHRD_AX25) 135 return NOTIFY_DONE; 136 137 switch (event) { 138 case NETDEV_UP: 139 ax25_dev_device_up(dev); 140 break; 141 case NETDEV_DOWN: 142 ax25_kill_by_device(dev); 143 ax25_rt_device_down(dev); 144 ax25_dev_device_down(dev); 145 break; 146 default: 147 break; 148 } 149 150 return NOTIFY_DONE; 151 } 152 153 /* 154 * Add a socket to the bound sockets list. 155 */ 156 void ax25_cb_add(ax25_cb *ax25) 157 { 158 spin_lock_bh(&ax25_list_lock); 159 ax25_cb_hold(ax25); 160 hlist_add_head(&ax25->ax25_node, &ax25_list); 161 spin_unlock_bh(&ax25_list_lock); 162 } 163 164 /* 165 * Find a socket that wants to accept the SABM we have just 166 * received. 167 */ 168 struct sock *ax25_find_listener(ax25_address *addr, int digi, 169 struct net_device *dev, int type) 170 { 171 ax25_cb *s; 172 173 spin_lock(&ax25_list_lock); 174 ax25_for_each(s, &ax25_list) { 175 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 176 continue; 177 if (s->sk && !ax25cmp(&s->source_addr, addr) && 178 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 179 /* If device is null we match any device */ 180 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 181 sock_hold(s->sk); 182 spin_unlock(&ax25_list_lock); 183 return s->sk; 184 } 185 } 186 } 187 spin_unlock(&ax25_list_lock); 188 189 return NULL; 190 } 191 192 /* 193 * Find an AX.25 socket given both ends. 194 */ 195 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 196 int type) 197 { 198 struct sock *sk = NULL; 199 ax25_cb *s; 200 201 spin_lock(&ax25_list_lock); 202 ax25_for_each(s, &ax25_list) { 203 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 204 !ax25cmp(&s->dest_addr, dest_addr) && 205 s->sk->sk_type == type) { 206 sk = s->sk; 207 sock_hold(sk); 208 break; 209 } 210 } 211 212 spin_unlock(&ax25_list_lock); 213 214 return sk; 215 } 216 217 /* 218 * Find an AX.25 control block given both ends. It will only pick up 219 * floating AX.25 control blocks or non Raw socket bound control blocks. 220 */ 221 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr, 222 ax25_digi *digi, struct net_device *dev) 223 { 224 ax25_cb *s; 225 226 spin_lock_bh(&ax25_list_lock); 227 ax25_for_each(s, &ax25_list) { 228 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 229 continue; 230 if (s->ax25_dev == NULL) 231 continue; 232 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 233 if (digi != NULL && digi->ndigi != 0) { 234 if (s->digipeat == NULL) 235 continue; 236 if (ax25digicmp(s->digipeat, digi) != 0) 237 continue; 238 } else { 239 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 240 continue; 241 } 242 ax25_cb_hold(s); 243 spin_unlock_bh(&ax25_list_lock); 244 245 return s; 246 } 247 } 248 spin_unlock_bh(&ax25_list_lock); 249 250 return NULL; 251 } 252 253 EXPORT_SYMBOL(ax25_find_cb); 254 255 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 256 { 257 ax25_cb *s; 258 struct sk_buff *copy; 259 260 spin_lock(&ax25_list_lock); 261 ax25_for_each(s, &ax25_list) { 262 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 263 s->sk->sk_type == SOCK_RAW && 264 s->sk->sk_protocol == proto && 265 s->ax25_dev->dev == skb->dev && 266 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 267 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 268 continue; 269 if (sock_queue_rcv_skb(s->sk, copy) != 0) 270 kfree_skb(copy); 271 } 272 } 273 spin_unlock(&ax25_list_lock); 274 } 275 276 /* 277 * Deferred destroy. 278 */ 279 void ax25_destroy_socket(ax25_cb *); 280 281 /* 282 * Handler for deferred kills. 283 */ 284 static void ax25_destroy_timer(struct timer_list *t) 285 { 286 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 287 struct sock *sk; 288 289 sk=ax25->sk; 290 291 bh_lock_sock(sk); 292 sock_hold(sk); 293 ax25_destroy_socket(ax25); 294 bh_unlock_sock(sk); 295 sock_put(sk); 296 } 297 298 /* 299 * This is called from user mode and the timers. Thus it protects itself 300 * against interrupt users but doesn't worry about being called during 301 * work. Once it is removed from the queue no interrupt or bottom half 302 * will touch it and we are (fairly 8-) ) safe. 303 */ 304 void ax25_destroy_socket(ax25_cb *ax25) 305 { 306 struct sk_buff *skb; 307 308 ax25_cb_del(ax25); 309 310 ax25_stop_heartbeat(ax25); 311 ax25_stop_t1timer(ax25); 312 ax25_stop_t2timer(ax25); 313 ax25_stop_t3timer(ax25); 314 ax25_stop_idletimer(ax25); 315 316 ax25_clear_queues(ax25); /* Flush the queues */ 317 318 if (ax25->sk != NULL) { 319 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 320 if (skb->sk != ax25->sk) { 321 /* A pending connection */ 322 ax25_cb *sax25 = sk_to_ax25(skb->sk); 323 324 /* Queue the unaccepted socket for death */ 325 sock_orphan(skb->sk); 326 327 /* 9A4GL: hack to release unaccepted sockets */ 328 skb->sk->sk_state = TCP_LISTEN; 329 330 ax25_start_heartbeat(sax25); 331 sax25->state = AX25_STATE_0; 332 } 333 334 kfree_skb(skb); 335 } 336 skb_queue_purge(&ax25->sk->sk_write_queue); 337 } 338 339 if (ax25->sk != NULL) { 340 if (sk_has_allocations(ax25->sk)) { 341 /* Defer: outstanding buffers */ 342 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 343 ax25->dtimer.expires = jiffies + 2 * HZ; 344 add_timer(&ax25->dtimer); 345 } else { 346 struct sock *sk=ax25->sk; 347 ax25->sk=NULL; 348 sock_put(sk); 349 } 350 } else { 351 ax25_cb_put(ax25); 352 } 353 } 354 355 /* 356 * dl1bke 960311: set parameters for existing AX.25 connections, 357 * includes a KILL command to abort any connection. 358 * VERY useful for debugging ;-) 359 */ 360 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 361 { 362 struct ax25_ctl_struct ax25_ctl; 363 ax25_digi digi; 364 ax25_dev *ax25_dev; 365 ax25_cb *ax25; 366 unsigned int k; 367 int ret = 0; 368 369 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 370 return -EFAULT; 371 372 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 373 return -EINVAL; 374 375 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 376 return -EINVAL; 377 378 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr); 379 if (!ax25_dev) 380 return -ENODEV; 381 382 digi.ndigi = ax25_ctl.digi_count; 383 for (k = 0; k < digi.ndigi; k++) 384 digi.calls[k] = ax25_ctl.digi_addr[k]; 385 386 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev); 387 if (!ax25) { 388 ax25_dev_put(ax25_dev); 389 return -ENOTCONN; 390 } 391 392 switch (ax25_ctl.cmd) { 393 case AX25_KILL: 394 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 395 #ifdef CONFIG_AX25_DAMA_SLAVE 396 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 397 ax25_dama_off(ax25); 398 #endif 399 ax25_disconnect(ax25, ENETRESET); 400 break; 401 402 case AX25_WINDOW: 403 if (ax25->modulus == AX25_MODULUS) { 404 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 405 goto einval_put; 406 } else { 407 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 408 goto einval_put; 409 } 410 ax25->window = ax25_ctl.arg; 411 break; 412 413 case AX25_T1: 414 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 415 goto einval_put; 416 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 417 ax25->t1 = ax25_ctl.arg * HZ; 418 break; 419 420 case AX25_T2: 421 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 422 goto einval_put; 423 ax25->t2 = ax25_ctl.arg * HZ; 424 break; 425 426 case AX25_N2: 427 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 428 goto einval_put; 429 ax25->n2count = 0; 430 ax25->n2 = ax25_ctl.arg; 431 break; 432 433 case AX25_T3: 434 if (ax25_ctl.arg > ULONG_MAX / HZ) 435 goto einval_put; 436 ax25->t3 = ax25_ctl.arg * HZ; 437 break; 438 439 case AX25_IDLE: 440 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 441 goto einval_put; 442 443 ax25->idle = ax25_ctl.arg * 60 * HZ; 444 break; 445 446 case AX25_PACLEN: 447 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 448 goto einval_put; 449 ax25->paclen = ax25_ctl.arg; 450 break; 451 452 default: 453 goto einval_put; 454 } 455 456 out_put: 457 ax25_dev_put(ax25_dev); 458 ax25_cb_put(ax25); 459 return ret; 460 461 einval_put: 462 ret = -EINVAL; 463 goto out_put; 464 } 465 466 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev) 467 { 468 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 469 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 470 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 471 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 472 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 473 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 474 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 475 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 476 477 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 478 ax25->modulus = AX25_EMODULUS; 479 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 480 } else { 481 ax25->modulus = AX25_MODULUS; 482 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 483 } 484 } 485 486 /* 487 * Fill in a created AX.25 created control block with the default 488 * values for a particular device. 489 */ 490 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 491 { 492 ax25->ax25_dev = ax25_dev; 493 494 if (ax25->ax25_dev != NULL) { 495 ax25_fillin_cb_from_dev(ax25, ax25_dev); 496 return; 497 } 498 499 /* 500 * No device, use kernel / AX.25 spec default values 501 */ 502 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 503 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 504 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 505 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 506 ax25->n2 = AX25_DEF_N2; 507 ax25->paclen = AX25_DEF_PACLEN; 508 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 509 ax25->backoff = AX25_DEF_BACKOFF; 510 511 if (AX25_DEF_AXDEFMODE) { 512 ax25->modulus = AX25_EMODULUS; 513 ax25->window = AX25_DEF_EWINDOW; 514 } else { 515 ax25->modulus = AX25_MODULUS; 516 ax25->window = AX25_DEF_WINDOW; 517 } 518 } 519 520 /* 521 * Create an empty AX.25 control block. 522 */ 523 ax25_cb *ax25_create_cb(void) 524 { 525 ax25_cb *ax25; 526 527 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 528 return NULL; 529 530 refcount_set(&ax25->refcount, 1); 531 532 skb_queue_head_init(&ax25->write_queue); 533 skb_queue_head_init(&ax25->frag_queue); 534 skb_queue_head_init(&ax25->ack_queue); 535 skb_queue_head_init(&ax25->reseq_queue); 536 537 ax25_setup_timers(ax25); 538 539 ax25_fillin_cb(ax25, NULL); 540 541 ax25->state = AX25_STATE_0; 542 543 return ax25; 544 } 545 546 /* 547 * Handling for system calls applied via the various interfaces to an 548 * AX25 socket object 549 */ 550 551 static int ax25_setsockopt(struct socket *sock, int level, int optname, 552 sockptr_t optval, unsigned int optlen) 553 { 554 struct sock *sk = sock->sk; 555 ax25_cb *ax25; 556 struct net_device *dev; 557 char devname[IFNAMSIZ]; 558 unsigned int opt; 559 int res = 0; 560 561 if (level != SOL_AX25) 562 return -ENOPROTOOPT; 563 564 if (optlen < sizeof(unsigned int)) 565 return -EINVAL; 566 567 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 568 return -EFAULT; 569 570 lock_sock(sk); 571 ax25 = sk_to_ax25(sk); 572 573 switch (optname) { 574 case AX25_WINDOW: 575 if (ax25->modulus == AX25_MODULUS) { 576 if (opt < 1 || opt > 7) { 577 res = -EINVAL; 578 break; 579 } 580 } else { 581 if (opt < 1 || opt > 63) { 582 res = -EINVAL; 583 break; 584 } 585 } 586 ax25->window = opt; 587 break; 588 589 case AX25_T1: 590 if (opt < 1 || opt > UINT_MAX / HZ) { 591 res = -EINVAL; 592 break; 593 } 594 ax25->rtt = (opt * HZ) >> 1; 595 ax25->t1 = opt * HZ; 596 break; 597 598 case AX25_T2: 599 if (opt < 1 || opt > UINT_MAX / HZ) { 600 res = -EINVAL; 601 break; 602 } 603 ax25->t2 = opt * HZ; 604 break; 605 606 case AX25_N2: 607 if (opt < 1 || opt > 31) { 608 res = -EINVAL; 609 break; 610 } 611 ax25->n2 = opt; 612 break; 613 614 case AX25_T3: 615 if (opt < 1 || opt > UINT_MAX / HZ) { 616 res = -EINVAL; 617 break; 618 } 619 ax25->t3 = opt * HZ; 620 break; 621 622 case AX25_IDLE: 623 if (opt > UINT_MAX / (60 * HZ)) { 624 res = -EINVAL; 625 break; 626 } 627 ax25->idle = opt * 60 * HZ; 628 break; 629 630 case AX25_BACKOFF: 631 if (opt > 2) { 632 res = -EINVAL; 633 break; 634 } 635 ax25->backoff = opt; 636 break; 637 638 case AX25_EXTSEQ: 639 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 640 break; 641 642 case AX25_PIDINCL: 643 ax25->pidincl = opt ? 1 : 0; 644 break; 645 646 case AX25_IAMDIGI: 647 ax25->iamdigi = opt ? 1 : 0; 648 break; 649 650 case AX25_PACLEN: 651 if (opt < 16 || opt > 65535) { 652 res = -EINVAL; 653 break; 654 } 655 ax25->paclen = opt; 656 break; 657 658 case SO_BINDTODEVICE: 659 if (optlen > IFNAMSIZ - 1) 660 optlen = IFNAMSIZ - 1; 661 662 memset(devname, 0, sizeof(devname)); 663 664 if (copy_from_sockptr(devname, optval, optlen)) { 665 res = -EFAULT; 666 break; 667 } 668 669 if (sk->sk_type == SOCK_SEQPACKET && 670 (sock->state != SS_UNCONNECTED || 671 sk->sk_state == TCP_LISTEN)) { 672 res = -EADDRNOTAVAIL; 673 break; 674 } 675 676 rtnl_lock(); 677 dev = __dev_get_by_name(&init_net, devname); 678 if (!dev) { 679 rtnl_unlock(); 680 res = -ENODEV; 681 break; 682 } 683 684 ax25->ax25_dev = ax25_dev_ax25dev(dev); 685 if (!ax25->ax25_dev) { 686 rtnl_unlock(); 687 res = -ENODEV; 688 break; 689 } 690 ax25_fillin_cb(ax25, ax25->ax25_dev); 691 rtnl_unlock(); 692 break; 693 694 default: 695 res = -ENOPROTOOPT; 696 } 697 release_sock(sk); 698 699 return res; 700 } 701 702 static int ax25_getsockopt(struct socket *sock, int level, int optname, 703 char __user *optval, int __user *optlen) 704 { 705 struct sock *sk = sock->sk; 706 ax25_cb *ax25; 707 struct ax25_dev *ax25_dev; 708 char devname[IFNAMSIZ]; 709 void *valptr; 710 int val = 0; 711 int maxlen, length; 712 713 if (level != SOL_AX25) 714 return -ENOPROTOOPT; 715 716 if (get_user(maxlen, optlen)) 717 return -EFAULT; 718 719 if (maxlen < 1) 720 return -EFAULT; 721 722 valptr = (void *) &val; 723 length = min_t(unsigned int, maxlen, sizeof(int)); 724 725 lock_sock(sk); 726 ax25 = sk_to_ax25(sk); 727 728 switch (optname) { 729 case AX25_WINDOW: 730 val = ax25->window; 731 break; 732 733 case AX25_T1: 734 val = ax25->t1 / HZ; 735 break; 736 737 case AX25_T2: 738 val = ax25->t2 / HZ; 739 break; 740 741 case AX25_N2: 742 val = ax25->n2; 743 break; 744 745 case AX25_T3: 746 val = ax25->t3 / HZ; 747 break; 748 749 case AX25_IDLE: 750 val = ax25->idle / (60 * HZ); 751 break; 752 753 case AX25_BACKOFF: 754 val = ax25->backoff; 755 break; 756 757 case AX25_EXTSEQ: 758 val = (ax25->modulus == AX25_EMODULUS); 759 break; 760 761 case AX25_PIDINCL: 762 val = ax25->pidincl; 763 break; 764 765 case AX25_IAMDIGI: 766 val = ax25->iamdigi; 767 break; 768 769 case AX25_PACLEN: 770 val = ax25->paclen; 771 break; 772 773 case SO_BINDTODEVICE: 774 ax25_dev = ax25->ax25_dev; 775 776 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 777 strlcpy(devname, ax25_dev->dev->name, sizeof(devname)); 778 length = strlen(devname) + 1; 779 } else { 780 *devname = '\0'; 781 length = 1; 782 } 783 784 valptr = (void *) devname; 785 break; 786 787 default: 788 release_sock(sk); 789 return -ENOPROTOOPT; 790 } 791 release_sock(sk); 792 793 if (put_user(length, optlen)) 794 return -EFAULT; 795 796 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 797 } 798 799 static int ax25_listen(struct socket *sock, int backlog) 800 { 801 struct sock *sk = sock->sk; 802 int res = 0; 803 804 lock_sock(sk); 805 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 806 sk->sk_max_ack_backlog = backlog; 807 sk->sk_state = TCP_LISTEN; 808 goto out; 809 } 810 res = -EOPNOTSUPP; 811 812 out: 813 release_sock(sk); 814 815 return res; 816 } 817 818 /* 819 * XXX: when creating ax25_sock we should update the .obj_size setting 820 * below. 821 */ 822 static struct proto ax25_proto = { 823 .name = "AX25", 824 .owner = THIS_MODULE, 825 .obj_size = sizeof(struct ax25_sock), 826 }; 827 828 static int ax25_create(struct net *net, struct socket *sock, int protocol, 829 int kern) 830 { 831 struct sock *sk; 832 ax25_cb *ax25; 833 834 if (protocol < 0 || protocol > U8_MAX) 835 return -EINVAL; 836 837 if (!net_eq(net, &init_net)) 838 return -EAFNOSUPPORT; 839 840 switch (sock->type) { 841 case SOCK_DGRAM: 842 if (protocol == 0 || protocol == PF_AX25) 843 protocol = AX25_P_TEXT; 844 break; 845 846 case SOCK_SEQPACKET: 847 switch (protocol) { 848 case 0: 849 case PF_AX25: /* For CLX */ 850 protocol = AX25_P_TEXT; 851 break; 852 case AX25_P_SEGMENT: 853 #ifdef CONFIG_INET 854 case AX25_P_ARP: 855 case AX25_P_IP: 856 #endif 857 #ifdef CONFIG_NETROM 858 case AX25_P_NETROM: 859 #endif 860 #ifdef CONFIG_ROSE 861 case AX25_P_ROSE: 862 #endif 863 return -ESOCKTNOSUPPORT; 864 #ifdef CONFIG_NETROM_MODULE 865 case AX25_P_NETROM: 866 if (ax25_protocol_is_registered(AX25_P_NETROM)) 867 return -ESOCKTNOSUPPORT; 868 break; 869 #endif 870 #ifdef CONFIG_ROSE_MODULE 871 case AX25_P_ROSE: 872 if (ax25_protocol_is_registered(AX25_P_ROSE)) 873 return -ESOCKTNOSUPPORT; 874 break; 875 #endif 876 default: 877 break; 878 } 879 break; 880 881 case SOCK_RAW: 882 if (!capable(CAP_NET_RAW)) 883 return -EPERM; 884 break; 885 default: 886 return -ESOCKTNOSUPPORT; 887 } 888 889 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 890 if (sk == NULL) 891 return -ENOMEM; 892 893 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 894 if (!ax25) { 895 sk_free(sk); 896 return -ENOMEM; 897 } 898 899 sock_init_data(sock, sk); 900 901 sk->sk_destruct = ax25_free_sock; 902 sock->ops = &ax25_proto_ops; 903 sk->sk_protocol = protocol; 904 905 ax25->sk = sk; 906 907 return 0; 908 } 909 910 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 911 { 912 struct sock *sk; 913 ax25_cb *ax25, *oax25; 914 915 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 916 if (sk == NULL) 917 return NULL; 918 919 if ((ax25 = ax25_create_cb()) == NULL) { 920 sk_free(sk); 921 return NULL; 922 } 923 924 switch (osk->sk_type) { 925 case SOCK_DGRAM: 926 break; 927 case SOCK_SEQPACKET: 928 break; 929 default: 930 sk_free(sk); 931 ax25_cb_put(ax25); 932 return NULL; 933 } 934 935 sock_init_data(NULL, sk); 936 937 sk->sk_type = osk->sk_type; 938 sk->sk_priority = osk->sk_priority; 939 sk->sk_protocol = osk->sk_protocol; 940 sk->sk_rcvbuf = osk->sk_rcvbuf; 941 sk->sk_sndbuf = osk->sk_sndbuf; 942 sk->sk_state = TCP_ESTABLISHED; 943 sock_copy_flags(sk, osk); 944 945 oax25 = sk_to_ax25(osk); 946 947 ax25->modulus = oax25->modulus; 948 ax25->backoff = oax25->backoff; 949 ax25->pidincl = oax25->pidincl; 950 ax25->iamdigi = oax25->iamdigi; 951 ax25->rtt = oax25->rtt; 952 ax25->t1 = oax25->t1; 953 ax25->t2 = oax25->t2; 954 ax25->t3 = oax25->t3; 955 ax25->n2 = oax25->n2; 956 ax25->idle = oax25->idle; 957 ax25->paclen = oax25->paclen; 958 ax25->window = oax25->window; 959 960 ax25->ax25_dev = ax25_dev; 961 ax25->source_addr = oax25->source_addr; 962 963 if (oax25->digipeat != NULL) { 964 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 965 GFP_ATOMIC); 966 if (ax25->digipeat == NULL) { 967 sk_free(sk); 968 ax25_cb_put(ax25); 969 return NULL; 970 } 971 } 972 973 ax25_sk(sk)->cb = ax25; 974 sk->sk_destruct = ax25_free_sock; 975 ax25->sk = sk; 976 977 return sk; 978 } 979 980 static int ax25_release(struct socket *sock) 981 { 982 struct sock *sk = sock->sk; 983 ax25_cb *ax25; 984 ax25_dev *ax25_dev; 985 986 if (sk == NULL) 987 return 0; 988 989 sock_hold(sk); 990 lock_sock(sk); 991 sock_orphan(sk); 992 ax25 = sk_to_ax25(sk); 993 ax25_dev = ax25->ax25_dev; 994 if (ax25_dev) { 995 dev_put_track(ax25_dev->dev, &ax25_dev->dev_tracker); 996 ax25_dev_put(ax25_dev); 997 } 998 999 if (sk->sk_type == SOCK_SEQPACKET) { 1000 switch (ax25->state) { 1001 case AX25_STATE_0: 1002 release_sock(sk); 1003 ax25_disconnect(ax25, 0); 1004 lock_sock(sk); 1005 ax25_destroy_socket(ax25); 1006 break; 1007 1008 case AX25_STATE_1: 1009 case AX25_STATE_2: 1010 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 1011 release_sock(sk); 1012 ax25_disconnect(ax25, 0); 1013 lock_sock(sk); 1014 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 1015 ax25_destroy_socket(ax25); 1016 break; 1017 1018 case AX25_STATE_3: 1019 case AX25_STATE_4: 1020 ax25_clear_queues(ax25); 1021 ax25->n2count = 0; 1022 1023 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1024 case AX25_PROTO_STD_SIMPLEX: 1025 case AX25_PROTO_STD_DUPLEX: 1026 ax25_send_control(ax25, 1027 AX25_DISC, 1028 AX25_POLLON, 1029 AX25_COMMAND); 1030 ax25_stop_t2timer(ax25); 1031 ax25_stop_t3timer(ax25); 1032 ax25_stop_idletimer(ax25); 1033 break; 1034 #ifdef CONFIG_AX25_DAMA_SLAVE 1035 case AX25_PROTO_DAMA_SLAVE: 1036 ax25_stop_t3timer(ax25); 1037 ax25_stop_idletimer(ax25); 1038 break; 1039 #endif 1040 } 1041 ax25_calculate_t1(ax25); 1042 ax25_start_t1timer(ax25); 1043 ax25->state = AX25_STATE_2; 1044 sk->sk_state = TCP_CLOSE; 1045 sk->sk_shutdown |= SEND_SHUTDOWN; 1046 sk->sk_state_change(sk); 1047 sock_set_flag(sk, SOCK_DESTROY); 1048 break; 1049 1050 default: 1051 break; 1052 } 1053 } else { 1054 sk->sk_state = TCP_CLOSE; 1055 sk->sk_shutdown |= SEND_SHUTDOWN; 1056 sk->sk_state_change(sk); 1057 ax25_destroy_socket(ax25); 1058 } 1059 1060 sock->sk = NULL; 1061 release_sock(sk); 1062 sock_put(sk); 1063 1064 return 0; 1065 } 1066 1067 /* 1068 * We support a funny extension here so you can (as root) give any callsign 1069 * digipeated via a local address as source. This hack is obsolete now 1070 * that we've implemented support for SO_BINDTODEVICE. It is however small 1071 * and trivially backward compatible. 1072 */ 1073 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1074 { 1075 struct sock *sk = sock->sk; 1076 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1077 ax25_dev *ax25_dev = NULL; 1078 ax25_uid_assoc *user; 1079 ax25_address call; 1080 ax25_cb *ax25; 1081 int err = 0; 1082 1083 if (addr_len != sizeof(struct sockaddr_ax25) && 1084 addr_len != sizeof(struct full_sockaddr_ax25)) 1085 /* support for old structure may go away some time 1086 * ax25_bind(): uses old (6 digipeater) socket structure. 1087 */ 1088 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1089 (addr_len > sizeof(struct full_sockaddr_ax25))) 1090 return -EINVAL; 1091 1092 if (addr->fsa_ax25.sax25_family != AF_AX25) 1093 return -EINVAL; 1094 1095 user = ax25_findbyuid(current_euid()); 1096 if (user) { 1097 call = user->call; 1098 ax25_uid_put(user); 1099 } else { 1100 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1101 return -EACCES; 1102 1103 call = addr->fsa_ax25.sax25_call; 1104 } 1105 1106 lock_sock(sk); 1107 1108 ax25 = sk_to_ax25(sk); 1109 if (!sock_flag(sk, SOCK_ZAPPED)) { 1110 err = -EINVAL; 1111 goto out; 1112 } 1113 1114 ax25->source_addr = call; 1115 1116 /* 1117 * User already set interface with SO_BINDTODEVICE 1118 */ 1119 if (ax25->ax25_dev != NULL) 1120 goto done; 1121 1122 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1123 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1124 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1125 err = -EADDRNOTAVAIL; 1126 goto out; 1127 } 1128 } else { 1129 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1130 err = -EADDRNOTAVAIL; 1131 goto out; 1132 } 1133 } 1134 1135 if (ax25_dev) { 1136 ax25_fillin_cb(ax25, ax25_dev); 1137 dev_hold_track(ax25_dev->dev, &ax25_dev->dev_tracker, GFP_ATOMIC); 1138 } 1139 1140 done: 1141 ax25_cb_add(ax25); 1142 sock_reset_flag(sk, SOCK_ZAPPED); 1143 1144 out: 1145 release_sock(sk); 1146 1147 return err; 1148 } 1149 1150 /* 1151 * FIXME: nonblock behaviour looks like it may have a bug. 1152 */ 1153 static int __must_check ax25_connect(struct socket *sock, 1154 struct sockaddr *uaddr, int addr_len, int flags) 1155 { 1156 struct sock *sk = sock->sk; 1157 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1158 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1159 ax25_digi *digi = NULL; 1160 int ct = 0, err = 0; 1161 1162 /* 1163 * some sanity checks. code further down depends on this 1164 */ 1165 1166 if (addr_len == sizeof(struct sockaddr_ax25)) 1167 /* support for this will go away in early 2.5.x 1168 * ax25_connect(): uses obsolete socket structure 1169 */ 1170 ; 1171 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1172 /* support for old structure may go away some time 1173 * ax25_connect(): uses old (6 digipeater) socket structure. 1174 */ 1175 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1176 (addr_len > sizeof(struct full_sockaddr_ax25))) 1177 return -EINVAL; 1178 1179 1180 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1181 return -EINVAL; 1182 1183 lock_sock(sk); 1184 1185 /* deal with restarts */ 1186 if (sock->state == SS_CONNECTING) { 1187 switch (sk->sk_state) { 1188 case TCP_SYN_SENT: /* still trying */ 1189 err = -EINPROGRESS; 1190 goto out_release; 1191 1192 case TCP_ESTABLISHED: /* connection established */ 1193 sock->state = SS_CONNECTED; 1194 goto out_release; 1195 1196 case TCP_CLOSE: /* connection refused */ 1197 sock->state = SS_UNCONNECTED; 1198 err = -ECONNREFUSED; 1199 goto out_release; 1200 } 1201 } 1202 1203 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1204 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1205 goto out_release; 1206 } 1207 1208 sk->sk_state = TCP_CLOSE; 1209 sock->state = SS_UNCONNECTED; 1210 1211 kfree(ax25->digipeat); 1212 ax25->digipeat = NULL; 1213 1214 /* 1215 * Handle digi-peaters to be used. 1216 */ 1217 if (addr_len > sizeof(struct sockaddr_ax25) && 1218 fsa->fsa_ax25.sax25_ndigis != 0) { 1219 /* Valid number of digipeaters ? */ 1220 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1221 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1222 addr_len < sizeof(struct sockaddr_ax25) + 1223 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1224 err = -EINVAL; 1225 goto out_release; 1226 } 1227 1228 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1229 err = -ENOBUFS; 1230 goto out_release; 1231 } 1232 1233 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1234 digi->lastrepeat = -1; 1235 1236 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1237 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1238 AX25_HBIT) && ax25->iamdigi) { 1239 digi->repeated[ct] = 1; 1240 digi->lastrepeat = ct; 1241 } else { 1242 digi->repeated[ct] = 0; 1243 } 1244 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1245 ct++; 1246 } 1247 } 1248 1249 /* 1250 * Must bind first - autobinding in this may or may not work. If 1251 * the socket is already bound, check to see if the device has 1252 * been filled in, error if it hasn't. 1253 */ 1254 if (sock_flag(sk, SOCK_ZAPPED)) { 1255 /* check if we can remove this feature. It is broken. */ 1256 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1257 current->comm); 1258 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1259 kfree(digi); 1260 goto out_release; 1261 } 1262 1263 ax25_fillin_cb(ax25, ax25->ax25_dev); 1264 ax25_cb_add(ax25); 1265 } else { 1266 if (ax25->ax25_dev == NULL) { 1267 kfree(digi); 1268 err = -EHOSTUNREACH; 1269 goto out_release; 1270 } 1271 } 1272 1273 if (sk->sk_type == SOCK_SEQPACKET && 1274 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1275 ax25->ax25_dev->dev))) { 1276 kfree(digi); 1277 err = -EADDRINUSE; /* Already such a connection */ 1278 ax25_cb_put(ax25t); 1279 goto out_release; 1280 } 1281 1282 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1283 ax25->digipeat = digi; 1284 1285 /* First the easy one */ 1286 if (sk->sk_type != SOCK_SEQPACKET) { 1287 sock->state = SS_CONNECTED; 1288 sk->sk_state = TCP_ESTABLISHED; 1289 goto out_release; 1290 } 1291 1292 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1293 sock->state = SS_CONNECTING; 1294 sk->sk_state = TCP_SYN_SENT; 1295 1296 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1297 case AX25_PROTO_STD_SIMPLEX: 1298 case AX25_PROTO_STD_DUPLEX: 1299 ax25_std_establish_data_link(ax25); 1300 break; 1301 1302 #ifdef CONFIG_AX25_DAMA_SLAVE 1303 case AX25_PROTO_DAMA_SLAVE: 1304 ax25->modulus = AX25_MODULUS; 1305 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1306 if (ax25->ax25_dev->dama.slave) 1307 ax25_ds_establish_data_link(ax25); 1308 else 1309 ax25_std_establish_data_link(ax25); 1310 break; 1311 #endif 1312 } 1313 1314 ax25->state = AX25_STATE_1; 1315 1316 ax25_start_heartbeat(ax25); 1317 1318 /* Now the loop */ 1319 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1320 err = -EINPROGRESS; 1321 goto out_release; 1322 } 1323 1324 if (sk->sk_state == TCP_SYN_SENT) { 1325 DEFINE_WAIT(wait); 1326 1327 for (;;) { 1328 prepare_to_wait(sk_sleep(sk), &wait, 1329 TASK_INTERRUPTIBLE); 1330 if (sk->sk_state != TCP_SYN_SENT) 1331 break; 1332 if (!signal_pending(current)) { 1333 release_sock(sk); 1334 schedule(); 1335 lock_sock(sk); 1336 continue; 1337 } 1338 err = -ERESTARTSYS; 1339 break; 1340 } 1341 finish_wait(sk_sleep(sk), &wait); 1342 1343 if (err) 1344 goto out_release; 1345 } 1346 1347 if (sk->sk_state != TCP_ESTABLISHED) { 1348 /* Not in ABM, not in WAIT_UA -> failed */ 1349 sock->state = SS_UNCONNECTED; 1350 err = sock_error(sk); /* Always set at this point */ 1351 goto out_release; 1352 } 1353 1354 sock->state = SS_CONNECTED; 1355 1356 err = 0; 1357 out_release: 1358 release_sock(sk); 1359 1360 return err; 1361 } 1362 1363 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags, 1364 bool kern) 1365 { 1366 struct sk_buff *skb; 1367 struct sock *newsk; 1368 DEFINE_WAIT(wait); 1369 struct sock *sk; 1370 int err = 0; 1371 1372 if (sock->state != SS_UNCONNECTED) 1373 return -EINVAL; 1374 1375 if ((sk = sock->sk) == NULL) 1376 return -EINVAL; 1377 1378 lock_sock(sk); 1379 if (sk->sk_type != SOCK_SEQPACKET) { 1380 err = -EOPNOTSUPP; 1381 goto out; 1382 } 1383 1384 if (sk->sk_state != TCP_LISTEN) { 1385 err = -EINVAL; 1386 goto out; 1387 } 1388 1389 /* 1390 * The read queue this time is holding sockets ready to use 1391 * hooked into the SABM we saved 1392 */ 1393 for (;;) { 1394 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1395 skb = skb_dequeue(&sk->sk_receive_queue); 1396 if (skb) 1397 break; 1398 1399 if (flags & O_NONBLOCK) { 1400 err = -EWOULDBLOCK; 1401 break; 1402 } 1403 if (!signal_pending(current)) { 1404 release_sock(sk); 1405 schedule(); 1406 lock_sock(sk); 1407 continue; 1408 } 1409 err = -ERESTARTSYS; 1410 break; 1411 } 1412 finish_wait(sk_sleep(sk), &wait); 1413 1414 if (err) 1415 goto out; 1416 1417 newsk = skb->sk; 1418 sock_graft(newsk, newsock); 1419 1420 /* Now attach up the new socket */ 1421 kfree_skb(skb); 1422 sk_acceptq_removed(sk); 1423 newsock->state = SS_CONNECTED; 1424 1425 out: 1426 release_sock(sk); 1427 1428 return err; 1429 } 1430 1431 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1432 int peer) 1433 { 1434 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1435 struct sock *sk = sock->sk; 1436 unsigned char ndigi, i; 1437 ax25_cb *ax25; 1438 int err = 0; 1439 1440 memset(fsa, 0, sizeof(*fsa)); 1441 lock_sock(sk); 1442 ax25 = sk_to_ax25(sk); 1443 1444 if (peer != 0) { 1445 if (sk->sk_state != TCP_ESTABLISHED) { 1446 err = -ENOTCONN; 1447 goto out; 1448 } 1449 1450 fsa->fsa_ax25.sax25_family = AF_AX25; 1451 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1452 1453 if (ax25->digipeat != NULL) { 1454 ndigi = ax25->digipeat->ndigi; 1455 fsa->fsa_ax25.sax25_ndigis = ndigi; 1456 for (i = 0; i < ndigi; i++) 1457 fsa->fsa_digipeater[i] = 1458 ax25->digipeat->calls[i]; 1459 } 1460 } else { 1461 fsa->fsa_ax25.sax25_family = AF_AX25; 1462 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1463 fsa->fsa_ax25.sax25_ndigis = 1; 1464 if (ax25->ax25_dev != NULL) { 1465 memcpy(&fsa->fsa_digipeater[0], 1466 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1467 } else { 1468 fsa->fsa_digipeater[0] = null_ax25_address; 1469 } 1470 } 1471 err = sizeof (struct full_sockaddr_ax25); 1472 1473 out: 1474 release_sock(sk); 1475 1476 return err; 1477 } 1478 1479 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1480 { 1481 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1482 struct sock *sk = sock->sk; 1483 struct sockaddr_ax25 sax; 1484 struct sk_buff *skb; 1485 ax25_digi dtmp, *dp; 1486 ax25_cb *ax25; 1487 size_t size; 1488 int lv, err, addr_len = msg->msg_namelen; 1489 1490 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1491 return -EINVAL; 1492 1493 lock_sock(sk); 1494 ax25 = sk_to_ax25(sk); 1495 1496 if (sock_flag(sk, SOCK_ZAPPED)) { 1497 err = -EADDRNOTAVAIL; 1498 goto out; 1499 } 1500 1501 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1502 send_sig(SIGPIPE, current, 0); 1503 err = -EPIPE; 1504 goto out; 1505 } 1506 1507 if (ax25->ax25_dev == NULL) { 1508 err = -ENETUNREACH; 1509 goto out; 1510 } 1511 1512 if (len > ax25->ax25_dev->dev->mtu) { 1513 err = -EMSGSIZE; 1514 goto out; 1515 } 1516 1517 if (usax != NULL) { 1518 if (usax->sax25_family != AF_AX25) { 1519 err = -EINVAL; 1520 goto out; 1521 } 1522 1523 if (addr_len == sizeof(struct sockaddr_ax25)) 1524 /* ax25_sendmsg(): uses obsolete socket structure */ 1525 ; 1526 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1527 /* support for old structure may go away some time 1528 * ax25_sendmsg(): uses old (6 digipeater) 1529 * socket structure. 1530 */ 1531 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1532 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1533 err = -EINVAL; 1534 goto out; 1535 } 1536 1537 1538 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1539 int ct = 0; 1540 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1541 1542 /* Valid number of digipeaters ? */ 1543 if (usax->sax25_ndigis < 1 || 1544 usax->sax25_ndigis > AX25_MAX_DIGIS || 1545 addr_len < sizeof(struct sockaddr_ax25) + 1546 sizeof(ax25_address) * usax->sax25_ndigis) { 1547 err = -EINVAL; 1548 goto out; 1549 } 1550 1551 dtmp.ndigi = usax->sax25_ndigis; 1552 1553 while (ct < usax->sax25_ndigis) { 1554 dtmp.repeated[ct] = 0; 1555 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1556 ct++; 1557 } 1558 1559 dtmp.lastrepeat = 0; 1560 } 1561 1562 sax = *usax; 1563 if (sk->sk_type == SOCK_SEQPACKET && 1564 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1565 err = -EISCONN; 1566 goto out; 1567 } 1568 if (usax->sax25_ndigis == 0) 1569 dp = NULL; 1570 else 1571 dp = &dtmp; 1572 } else { 1573 /* 1574 * FIXME: 1003.1g - if the socket is like this because 1575 * it has become closed (not started closed) and is VC 1576 * we ought to SIGPIPE, EPIPE 1577 */ 1578 if (sk->sk_state != TCP_ESTABLISHED) { 1579 err = -ENOTCONN; 1580 goto out; 1581 } 1582 sax.sax25_family = AF_AX25; 1583 sax.sax25_call = ax25->dest_addr; 1584 dp = ax25->digipeat; 1585 } 1586 1587 /* Build a packet */ 1588 /* Assume the worst case */ 1589 size = len + ax25->ax25_dev->dev->hard_header_len; 1590 1591 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1592 if (skb == NULL) 1593 goto out; 1594 1595 skb_reserve(skb, size - len); 1596 1597 /* User data follows immediately after the AX.25 data */ 1598 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1599 err = -EFAULT; 1600 kfree_skb(skb); 1601 goto out; 1602 } 1603 1604 skb_reset_network_header(skb); 1605 1606 /* Add the PID if one is not supplied by the user in the skb */ 1607 if (!ax25->pidincl) 1608 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1609 1610 if (sk->sk_type == SOCK_SEQPACKET) { 1611 /* Connected mode sockets go via the LAPB machine */ 1612 if (sk->sk_state != TCP_ESTABLISHED) { 1613 kfree_skb(skb); 1614 err = -ENOTCONN; 1615 goto out; 1616 } 1617 1618 /* Shove it onto the queue and kick */ 1619 ax25_output(ax25, ax25->paclen, skb); 1620 1621 err = len; 1622 goto out; 1623 } 1624 1625 skb_push(skb, 1 + ax25_addr_size(dp)); 1626 1627 /* Building AX.25 Header */ 1628 1629 /* Build an AX.25 header */ 1630 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1631 dp, AX25_COMMAND, AX25_MODULUS); 1632 1633 skb_set_transport_header(skb, lv); 1634 1635 *skb_transport_header(skb) = AX25_UI; 1636 1637 /* Datagram frames go straight out of the door as UI */ 1638 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1639 1640 err = len; 1641 1642 out: 1643 release_sock(sk); 1644 1645 return err; 1646 } 1647 1648 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1649 int flags) 1650 { 1651 struct sock *sk = sock->sk; 1652 struct sk_buff *skb; 1653 int copied; 1654 int err = 0; 1655 1656 lock_sock(sk); 1657 /* 1658 * This works for seqpacket too. The receiver has ordered the 1659 * queue for us! We do one quick check first though 1660 */ 1661 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1662 err = -ENOTCONN; 1663 goto out; 1664 } 1665 1666 /* Now we can treat all alike */ 1667 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1668 flags & MSG_DONTWAIT, &err); 1669 if (skb == NULL) 1670 goto out; 1671 1672 if (!sk_to_ax25(sk)->pidincl) 1673 skb_pull(skb, 1); /* Remove PID */ 1674 1675 skb_reset_transport_header(skb); 1676 copied = skb->len; 1677 1678 if (copied > size) { 1679 copied = size; 1680 msg->msg_flags |= MSG_TRUNC; 1681 } 1682 1683 skb_copy_datagram_msg(skb, 0, msg, copied); 1684 1685 if (msg->msg_name) { 1686 ax25_digi digi; 1687 ax25_address src; 1688 const unsigned char *mac = skb_mac_header(skb); 1689 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1690 1691 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1692 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1693 &digi, NULL, NULL); 1694 sax->sax25_family = AF_AX25; 1695 /* We set this correctly, even though we may not let the 1696 application know the digi calls further down (because it 1697 did NOT ask to know them). This could get political... **/ 1698 sax->sax25_ndigis = digi.ndigi; 1699 sax->sax25_call = src; 1700 1701 if (sax->sax25_ndigis != 0) { 1702 int ct; 1703 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1704 1705 for (ct = 0; ct < digi.ndigi; ct++) 1706 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1707 } 1708 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1709 } 1710 1711 skb_free_datagram(sk, skb); 1712 err = copied; 1713 1714 out: 1715 release_sock(sk); 1716 1717 return err; 1718 } 1719 1720 static int ax25_shutdown(struct socket *sk, int how) 1721 { 1722 /* FIXME - generate DM and RNR states */ 1723 return -EOPNOTSUPP; 1724 } 1725 1726 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1727 { 1728 struct sock *sk = sock->sk; 1729 void __user *argp = (void __user *)arg; 1730 int res = 0; 1731 1732 lock_sock(sk); 1733 switch (cmd) { 1734 case TIOCOUTQ: { 1735 long amount; 1736 1737 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1738 if (amount < 0) 1739 amount = 0; 1740 res = put_user(amount, (int __user *)argp); 1741 break; 1742 } 1743 1744 case TIOCINQ: { 1745 struct sk_buff *skb; 1746 long amount = 0L; 1747 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1748 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1749 amount = skb->len; 1750 res = put_user(amount, (int __user *) argp); 1751 break; 1752 } 1753 1754 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1755 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1756 case SIOCAX25GETUID: { 1757 struct sockaddr_ax25 sax25; 1758 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1759 res = -EFAULT; 1760 break; 1761 } 1762 res = ax25_uid_ioctl(cmd, &sax25); 1763 break; 1764 } 1765 1766 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1767 long amount; 1768 if (!capable(CAP_NET_ADMIN)) { 1769 res = -EPERM; 1770 break; 1771 } 1772 if (get_user(amount, (long __user *)argp)) { 1773 res = -EFAULT; 1774 break; 1775 } 1776 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1777 res = -EINVAL; 1778 break; 1779 } 1780 ax25_uid_policy = amount; 1781 res = 0; 1782 break; 1783 } 1784 1785 case SIOCADDRT: 1786 case SIOCDELRT: 1787 case SIOCAX25OPTRT: 1788 if (!capable(CAP_NET_ADMIN)) { 1789 res = -EPERM; 1790 break; 1791 } 1792 res = ax25_rt_ioctl(cmd, argp); 1793 break; 1794 1795 case SIOCAX25CTLCON: 1796 if (!capable(CAP_NET_ADMIN)) { 1797 res = -EPERM; 1798 break; 1799 } 1800 res = ax25_ctl_ioctl(cmd, argp); 1801 break; 1802 1803 case SIOCAX25GETINFO: 1804 case SIOCAX25GETINFOOLD: { 1805 ax25_cb *ax25 = sk_to_ax25(sk); 1806 struct ax25_info_struct ax25_info; 1807 1808 ax25_info.t1 = ax25->t1 / HZ; 1809 ax25_info.t2 = ax25->t2 / HZ; 1810 ax25_info.t3 = ax25->t3 / HZ; 1811 ax25_info.idle = ax25->idle / (60 * HZ); 1812 ax25_info.n2 = ax25->n2; 1813 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1814 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1815 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1816 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1817 ax25_info.n2count = ax25->n2count; 1818 ax25_info.state = ax25->state; 1819 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1820 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1821 ax25_info.vs = ax25->vs; 1822 ax25_info.vr = ax25->vr; 1823 ax25_info.va = ax25->va; 1824 ax25_info.vs_max = ax25->vs; /* reserved */ 1825 ax25_info.paclen = ax25->paclen; 1826 ax25_info.window = ax25->window; 1827 1828 /* old structure? */ 1829 if (cmd == SIOCAX25GETINFOOLD) { 1830 static int warned = 0; 1831 if (!warned) { 1832 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1833 current->comm); 1834 warned=1; 1835 } 1836 1837 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1838 res = -EFAULT; 1839 break; 1840 } 1841 } else { 1842 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1843 res = -EINVAL; 1844 break; 1845 } 1846 } 1847 res = 0; 1848 break; 1849 } 1850 1851 case SIOCAX25ADDFWD: 1852 case SIOCAX25DELFWD: { 1853 struct ax25_fwd_struct ax25_fwd; 1854 if (!capable(CAP_NET_ADMIN)) { 1855 res = -EPERM; 1856 break; 1857 } 1858 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1859 res = -EFAULT; 1860 break; 1861 } 1862 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1863 break; 1864 } 1865 1866 case SIOCGIFADDR: 1867 case SIOCSIFADDR: 1868 case SIOCGIFDSTADDR: 1869 case SIOCSIFDSTADDR: 1870 case SIOCGIFBRDADDR: 1871 case SIOCSIFBRDADDR: 1872 case SIOCGIFNETMASK: 1873 case SIOCSIFNETMASK: 1874 case SIOCGIFMETRIC: 1875 case SIOCSIFMETRIC: 1876 res = -EINVAL; 1877 break; 1878 1879 default: 1880 res = -ENOIOCTLCMD; 1881 break; 1882 } 1883 release_sock(sk); 1884 1885 return res; 1886 } 1887 1888 #ifdef CONFIG_PROC_FS 1889 1890 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1891 __acquires(ax25_list_lock) 1892 { 1893 spin_lock_bh(&ax25_list_lock); 1894 return seq_hlist_start(&ax25_list, *pos); 1895 } 1896 1897 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1898 { 1899 return seq_hlist_next(v, &ax25_list, pos); 1900 } 1901 1902 static void ax25_info_stop(struct seq_file *seq, void *v) 1903 __releases(ax25_list_lock) 1904 { 1905 spin_unlock_bh(&ax25_list_lock); 1906 } 1907 1908 static int ax25_info_show(struct seq_file *seq, void *v) 1909 { 1910 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1911 char buf[11]; 1912 int k; 1913 1914 1915 /* 1916 * New format: 1917 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1918 */ 1919 1920 seq_printf(seq, "%p %s %s%s ", 1921 ax25, 1922 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1923 ax2asc(buf, &ax25->source_addr), 1924 ax25->iamdigi? "*":""); 1925 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1926 1927 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1928 seq_printf(seq, ",%s%s", 1929 ax2asc(buf, &ax25->digipeat->calls[k]), 1930 ax25->digipeat->repeated[k]? "*":""); 1931 } 1932 1933 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1934 ax25->state, 1935 ax25->vs, ax25->vr, ax25->va, 1936 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1937 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1938 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1939 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1940 ax25->idle / (60 * HZ), 1941 ax25->n2count, ax25->n2, 1942 ax25->rtt / HZ, 1943 ax25->window, 1944 ax25->paclen); 1945 1946 if (ax25->sk != NULL) { 1947 seq_printf(seq, " %d %d %lu\n", 1948 sk_wmem_alloc_get(ax25->sk), 1949 sk_rmem_alloc_get(ax25->sk), 1950 sock_i_ino(ax25->sk)); 1951 } else { 1952 seq_puts(seq, " * * *\n"); 1953 } 1954 return 0; 1955 } 1956 1957 static const struct seq_operations ax25_info_seqops = { 1958 .start = ax25_info_start, 1959 .next = ax25_info_next, 1960 .stop = ax25_info_stop, 1961 .show = ax25_info_show, 1962 }; 1963 #endif 1964 1965 static const struct net_proto_family ax25_family_ops = { 1966 .family = PF_AX25, 1967 .create = ax25_create, 1968 .owner = THIS_MODULE, 1969 }; 1970 1971 static const struct proto_ops ax25_proto_ops = { 1972 .family = PF_AX25, 1973 .owner = THIS_MODULE, 1974 .release = ax25_release, 1975 .bind = ax25_bind, 1976 .connect = ax25_connect, 1977 .socketpair = sock_no_socketpair, 1978 .accept = ax25_accept, 1979 .getname = ax25_getname, 1980 .poll = datagram_poll, 1981 .ioctl = ax25_ioctl, 1982 .gettstamp = sock_gettstamp, 1983 .listen = ax25_listen, 1984 .shutdown = ax25_shutdown, 1985 .setsockopt = ax25_setsockopt, 1986 .getsockopt = ax25_getsockopt, 1987 .sendmsg = ax25_sendmsg, 1988 .recvmsg = ax25_recvmsg, 1989 .mmap = sock_no_mmap, 1990 .sendpage = sock_no_sendpage, 1991 }; 1992 1993 /* 1994 * Called by socket.c on kernel start up 1995 */ 1996 static struct packet_type ax25_packet_type __read_mostly = { 1997 .type = cpu_to_be16(ETH_P_AX25), 1998 .func = ax25_kiss_rcv, 1999 }; 2000 2001 static struct notifier_block ax25_dev_notifier = { 2002 .notifier_call = ax25_device_event, 2003 }; 2004 2005 static int __init ax25_init(void) 2006 { 2007 int rc = proto_register(&ax25_proto, 0); 2008 2009 if (rc != 0) 2010 goto out; 2011 2012 sock_register(&ax25_family_ops); 2013 dev_add_pack(&ax25_packet_type); 2014 register_netdevice_notifier(&ax25_dev_notifier); 2015 2016 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 2017 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 2018 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 2019 &ax25_uid_seqops); 2020 out: 2021 return rc; 2022 } 2023 module_init(ax25_init); 2024 2025 2026 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2027 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2028 MODULE_LICENSE("GPL"); 2029 MODULE_ALIAS_NETPROTO(PF_AX25); 2030 2031 static void __exit ax25_exit(void) 2032 { 2033 remove_proc_entry("ax25_route", init_net.proc_net); 2034 remove_proc_entry("ax25", init_net.proc_net); 2035 remove_proc_entry("ax25_calls", init_net.proc_net); 2036 2037 unregister_netdevice_notifier(&ax25_dev_notifier); 2038 2039 dev_remove_pack(&ax25_packet_type); 2040 2041 sock_unregister(PF_AX25); 2042 proto_unregister(&ax25_proto); 2043 2044 ax25_rt_free(); 2045 ax25_uid_free(); 2046 ax25_dev_free(); 2047 } 2048 module_exit(ax25_exit); 2049