1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 if (!hlist_unhashed(&ax25->ax25_node)) { 66 spin_lock_bh(&ax25_list_lock); 67 hlist_del_init(&ax25->ax25_node); 68 spin_unlock_bh(&ax25_list_lock); 69 ax25_cb_put(ax25); 70 } 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 81 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 82 return; 83 84 spin_lock_bh(&ax25_list_lock); 85 again: 86 ax25_for_each(s, &ax25_list) { 87 if (s->ax25_dev == ax25_dev) { 88 s->ax25_dev = NULL; 89 spin_unlock_bh(&ax25_list_lock); 90 ax25_disconnect(s, ENETUNREACH); 91 spin_lock_bh(&ax25_list_lock); 92 93 /* The entry could have been deleted from the 94 * list meanwhile and thus the next pointer is 95 * no longer valid. Play it safe and restart 96 * the scan. Forward progress is ensured 97 * because we set s->ax25_dev to NULL and we 98 * are never passed a NULL 'dev' argument. 99 */ 100 goto again; 101 } 102 } 103 spin_unlock_bh(&ax25_list_lock); 104 } 105 106 /* 107 * Handle device status changes. 108 */ 109 static int ax25_device_event(struct notifier_block *this, unsigned long event, 110 void *ptr) 111 { 112 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 113 114 if (!net_eq(dev_net(dev), &init_net)) 115 return NOTIFY_DONE; 116 117 /* Reject non AX.25 devices */ 118 if (dev->type != ARPHRD_AX25) 119 return NOTIFY_DONE; 120 121 switch (event) { 122 case NETDEV_UP: 123 ax25_dev_device_up(dev); 124 break; 125 case NETDEV_DOWN: 126 ax25_kill_by_device(dev); 127 ax25_rt_device_down(dev); 128 ax25_dev_device_down(dev); 129 break; 130 default: 131 break; 132 } 133 134 return NOTIFY_DONE; 135 } 136 137 /* 138 * Add a socket to the bound sockets list. 139 */ 140 void ax25_cb_add(ax25_cb *ax25) 141 { 142 spin_lock_bh(&ax25_list_lock); 143 ax25_cb_hold(ax25); 144 hlist_add_head(&ax25->ax25_node, &ax25_list); 145 spin_unlock_bh(&ax25_list_lock); 146 } 147 148 /* 149 * Find a socket that wants to accept the SABM we have just 150 * received. 151 */ 152 struct sock *ax25_find_listener(ax25_address *addr, int digi, 153 struct net_device *dev, int type) 154 { 155 ax25_cb *s; 156 157 spin_lock(&ax25_list_lock); 158 ax25_for_each(s, &ax25_list) { 159 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 160 continue; 161 if (s->sk && !ax25cmp(&s->source_addr, addr) && 162 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 163 /* If device is null we match any device */ 164 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 165 sock_hold(s->sk); 166 spin_unlock(&ax25_list_lock); 167 return s->sk; 168 } 169 } 170 } 171 spin_unlock(&ax25_list_lock); 172 173 return NULL; 174 } 175 176 /* 177 * Find an AX.25 socket given both ends. 178 */ 179 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 180 int type) 181 { 182 struct sock *sk = NULL; 183 ax25_cb *s; 184 185 spin_lock(&ax25_list_lock); 186 ax25_for_each(s, &ax25_list) { 187 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 188 !ax25cmp(&s->dest_addr, dest_addr) && 189 s->sk->sk_type == type) { 190 sk = s->sk; 191 sock_hold(sk); 192 break; 193 } 194 } 195 196 spin_unlock(&ax25_list_lock); 197 198 return sk; 199 } 200 201 /* 202 * Find an AX.25 control block given both ends. It will only pick up 203 * floating AX.25 control blocks or non Raw socket bound control blocks. 204 */ 205 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr, 206 ax25_digi *digi, struct net_device *dev) 207 { 208 ax25_cb *s; 209 210 spin_lock_bh(&ax25_list_lock); 211 ax25_for_each(s, &ax25_list) { 212 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 213 continue; 214 if (s->ax25_dev == NULL) 215 continue; 216 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 217 if (digi != NULL && digi->ndigi != 0) { 218 if (s->digipeat == NULL) 219 continue; 220 if (ax25digicmp(s->digipeat, digi) != 0) 221 continue; 222 } else { 223 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 224 continue; 225 } 226 ax25_cb_hold(s); 227 spin_unlock_bh(&ax25_list_lock); 228 229 return s; 230 } 231 } 232 spin_unlock_bh(&ax25_list_lock); 233 234 return NULL; 235 } 236 237 EXPORT_SYMBOL(ax25_find_cb); 238 239 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 240 { 241 ax25_cb *s; 242 struct sk_buff *copy; 243 244 spin_lock(&ax25_list_lock); 245 ax25_for_each(s, &ax25_list) { 246 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 247 s->sk->sk_type == SOCK_RAW && 248 s->sk->sk_protocol == proto && 249 s->ax25_dev->dev == skb->dev && 250 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 251 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 252 continue; 253 if (sock_queue_rcv_skb(s->sk, copy) != 0) 254 kfree_skb(copy); 255 } 256 } 257 spin_unlock(&ax25_list_lock); 258 } 259 260 /* 261 * Deferred destroy. 262 */ 263 void ax25_destroy_socket(ax25_cb *); 264 265 /* 266 * Handler for deferred kills. 267 */ 268 static void ax25_destroy_timer(struct timer_list *t) 269 { 270 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 271 struct sock *sk; 272 273 sk=ax25->sk; 274 275 bh_lock_sock(sk); 276 sock_hold(sk); 277 ax25_destroy_socket(ax25); 278 bh_unlock_sock(sk); 279 sock_put(sk); 280 } 281 282 /* 283 * This is called from user mode and the timers. Thus it protects itself 284 * against interrupt users but doesn't worry about being called during 285 * work. Once it is removed from the queue no interrupt or bottom half 286 * will touch it and we are (fairly 8-) ) safe. 287 */ 288 void ax25_destroy_socket(ax25_cb *ax25) 289 { 290 struct sk_buff *skb; 291 292 ax25_cb_del(ax25); 293 294 ax25_stop_heartbeat(ax25); 295 ax25_stop_t1timer(ax25); 296 ax25_stop_t2timer(ax25); 297 ax25_stop_t3timer(ax25); 298 ax25_stop_idletimer(ax25); 299 300 ax25_clear_queues(ax25); /* Flush the queues */ 301 302 if (ax25->sk != NULL) { 303 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 304 if (skb->sk != ax25->sk) { 305 /* A pending connection */ 306 ax25_cb *sax25 = sk_to_ax25(skb->sk); 307 308 /* Queue the unaccepted socket for death */ 309 sock_orphan(skb->sk); 310 311 /* 9A4GL: hack to release unaccepted sockets */ 312 skb->sk->sk_state = TCP_LISTEN; 313 314 ax25_start_heartbeat(sax25); 315 sax25->state = AX25_STATE_0; 316 } 317 318 kfree_skb(skb); 319 } 320 skb_queue_purge(&ax25->sk->sk_write_queue); 321 } 322 323 if (ax25->sk != NULL) { 324 if (sk_has_allocations(ax25->sk)) { 325 /* Defer: outstanding buffers */ 326 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 327 ax25->dtimer.expires = jiffies + 2 * HZ; 328 add_timer(&ax25->dtimer); 329 } else { 330 struct sock *sk=ax25->sk; 331 ax25->sk=NULL; 332 sock_put(sk); 333 } 334 } else { 335 ax25_cb_put(ax25); 336 } 337 } 338 339 /* 340 * dl1bke 960311: set parameters for existing AX.25 connections, 341 * includes a KILL command to abort any connection. 342 * VERY useful for debugging ;-) 343 */ 344 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 345 { 346 struct ax25_ctl_struct ax25_ctl; 347 ax25_digi digi; 348 ax25_dev *ax25_dev; 349 ax25_cb *ax25; 350 unsigned int k; 351 int ret = 0; 352 353 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 354 return -EFAULT; 355 356 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL) 357 return -ENODEV; 358 359 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 360 return -EINVAL; 361 362 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 363 return -EINVAL; 364 365 digi.ndigi = ax25_ctl.digi_count; 366 for (k = 0; k < digi.ndigi; k++) 367 digi.calls[k] = ax25_ctl.digi_addr[k]; 368 369 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL) 370 return -ENOTCONN; 371 372 switch (ax25_ctl.cmd) { 373 case AX25_KILL: 374 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 375 #ifdef CONFIG_AX25_DAMA_SLAVE 376 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 377 ax25_dama_off(ax25); 378 #endif 379 ax25_disconnect(ax25, ENETRESET); 380 break; 381 382 case AX25_WINDOW: 383 if (ax25->modulus == AX25_MODULUS) { 384 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 385 goto einval_put; 386 } else { 387 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 388 goto einval_put; 389 } 390 ax25->window = ax25_ctl.arg; 391 break; 392 393 case AX25_T1: 394 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 395 goto einval_put; 396 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 397 ax25->t1 = ax25_ctl.arg * HZ; 398 break; 399 400 case AX25_T2: 401 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 402 goto einval_put; 403 ax25->t2 = ax25_ctl.arg * HZ; 404 break; 405 406 case AX25_N2: 407 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 408 goto einval_put; 409 ax25->n2count = 0; 410 ax25->n2 = ax25_ctl.arg; 411 break; 412 413 case AX25_T3: 414 if (ax25_ctl.arg > ULONG_MAX / HZ) 415 goto einval_put; 416 ax25->t3 = ax25_ctl.arg * HZ; 417 break; 418 419 case AX25_IDLE: 420 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 421 goto einval_put; 422 423 ax25->idle = ax25_ctl.arg * 60 * HZ; 424 break; 425 426 case AX25_PACLEN: 427 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 428 goto einval_put; 429 ax25->paclen = ax25_ctl.arg; 430 break; 431 432 default: 433 goto einval_put; 434 } 435 436 out_put: 437 ax25_cb_put(ax25); 438 return ret; 439 440 einval_put: 441 ret = -EINVAL; 442 goto out_put; 443 } 444 445 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev) 446 { 447 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 448 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 449 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 450 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 451 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 452 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 453 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 454 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 455 456 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 457 ax25->modulus = AX25_EMODULUS; 458 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 459 } else { 460 ax25->modulus = AX25_MODULUS; 461 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 462 } 463 } 464 465 /* 466 * Fill in a created AX.25 created control block with the default 467 * values for a particular device. 468 */ 469 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 470 { 471 ax25->ax25_dev = ax25_dev; 472 473 if (ax25->ax25_dev != NULL) { 474 ax25_fillin_cb_from_dev(ax25, ax25_dev); 475 return; 476 } 477 478 /* 479 * No device, use kernel / AX.25 spec default values 480 */ 481 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 482 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 483 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 484 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 485 ax25->n2 = AX25_DEF_N2; 486 ax25->paclen = AX25_DEF_PACLEN; 487 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 488 ax25->backoff = AX25_DEF_BACKOFF; 489 490 if (AX25_DEF_AXDEFMODE) { 491 ax25->modulus = AX25_EMODULUS; 492 ax25->window = AX25_DEF_EWINDOW; 493 } else { 494 ax25->modulus = AX25_MODULUS; 495 ax25->window = AX25_DEF_WINDOW; 496 } 497 } 498 499 /* 500 * Create an empty AX.25 control block. 501 */ 502 ax25_cb *ax25_create_cb(void) 503 { 504 ax25_cb *ax25; 505 506 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 507 return NULL; 508 509 refcount_set(&ax25->refcount, 1); 510 511 skb_queue_head_init(&ax25->write_queue); 512 skb_queue_head_init(&ax25->frag_queue); 513 skb_queue_head_init(&ax25->ack_queue); 514 skb_queue_head_init(&ax25->reseq_queue); 515 516 ax25_setup_timers(ax25); 517 518 ax25_fillin_cb(ax25, NULL); 519 520 ax25->state = AX25_STATE_0; 521 522 return ax25; 523 } 524 525 /* 526 * Handling for system calls applied via the various interfaces to an 527 * AX25 socket object 528 */ 529 530 static int ax25_setsockopt(struct socket *sock, int level, int optname, 531 char __user *optval, unsigned int optlen) 532 { 533 struct sock *sk = sock->sk; 534 ax25_cb *ax25; 535 struct net_device *dev; 536 char devname[IFNAMSIZ]; 537 unsigned long opt; 538 int res = 0; 539 540 if (level != SOL_AX25) 541 return -ENOPROTOOPT; 542 543 if (optlen < sizeof(unsigned int)) 544 return -EINVAL; 545 546 if (get_user(opt, (unsigned int __user *)optval)) 547 return -EFAULT; 548 549 lock_sock(sk); 550 ax25 = sk_to_ax25(sk); 551 552 switch (optname) { 553 case AX25_WINDOW: 554 if (ax25->modulus == AX25_MODULUS) { 555 if (opt < 1 || opt > 7) { 556 res = -EINVAL; 557 break; 558 } 559 } else { 560 if (opt < 1 || opt > 63) { 561 res = -EINVAL; 562 break; 563 } 564 } 565 ax25->window = opt; 566 break; 567 568 case AX25_T1: 569 if (opt < 1 || opt > ULONG_MAX / HZ) { 570 res = -EINVAL; 571 break; 572 } 573 ax25->rtt = (opt * HZ) >> 1; 574 ax25->t1 = opt * HZ; 575 break; 576 577 case AX25_T2: 578 if (opt < 1 || opt > ULONG_MAX / HZ) { 579 res = -EINVAL; 580 break; 581 } 582 ax25->t2 = opt * HZ; 583 break; 584 585 case AX25_N2: 586 if (opt < 1 || opt > 31) { 587 res = -EINVAL; 588 break; 589 } 590 ax25->n2 = opt; 591 break; 592 593 case AX25_T3: 594 if (opt < 1 || opt > ULONG_MAX / HZ) { 595 res = -EINVAL; 596 break; 597 } 598 ax25->t3 = opt * HZ; 599 break; 600 601 case AX25_IDLE: 602 if (opt > ULONG_MAX / (60 * HZ)) { 603 res = -EINVAL; 604 break; 605 } 606 ax25->idle = opt * 60 * HZ; 607 break; 608 609 case AX25_BACKOFF: 610 if (opt > 2) { 611 res = -EINVAL; 612 break; 613 } 614 ax25->backoff = opt; 615 break; 616 617 case AX25_EXTSEQ: 618 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 619 break; 620 621 case AX25_PIDINCL: 622 ax25->pidincl = opt ? 1 : 0; 623 break; 624 625 case AX25_IAMDIGI: 626 ax25->iamdigi = opt ? 1 : 0; 627 break; 628 629 case AX25_PACLEN: 630 if (opt < 16 || opt > 65535) { 631 res = -EINVAL; 632 break; 633 } 634 ax25->paclen = opt; 635 break; 636 637 case SO_BINDTODEVICE: 638 if (optlen > IFNAMSIZ) 639 optlen = IFNAMSIZ; 640 641 if (copy_from_user(devname, optval, optlen)) { 642 res = -EFAULT; 643 break; 644 } 645 646 if (sk->sk_type == SOCK_SEQPACKET && 647 (sock->state != SS_UNCONNECTED || 648 sk->sk_state == TCP_LISTEN)) { 649 res = -EADDRNOTAVAIL; 650 break; 651 } 652 653 rtnl_lock(); 654 dev = __dev_get_by_name(&init_net, devname); 655 if (!dev) { 656 rtnl_unlock(); 657 res = -ENODEV; 658 break; 659 } 660 661 ax25->ax25_dev = ax25_dev_ax25dev(dev); 662 if (!ax25->ax25_dev) { 663 rtnl_unlock(); 664 res = -ENODEV; 665 break; 666 } 667 ax25_fillin_cb(ax25, ax25->ax25_dev); 668 rtnl_unlock(); 669 break; 670 671 default: 672 res = -ENOPROTOOPT; 673 } 674 release_sock(sk); 675 676 return res; 677 } 678 679 static int ax25_getsockopt(struct socket *sock, int level, int optname, 680 char __user *optval, int __user *optlen) 681 { 682 struct sock *sk = sock->sk; 683 ax25_cb *ax25; 684 struct ax25_dev *ax25_dev; 685 char devname[IFNAMSIZ]; 686 void *valptr; 687 int val = 0; 688 int maxlen, length; 689 690 if (level != SOL_AX25) 691 return -ENOPROTOOPT; 692 693 if (get_user(maxlen, optlen)) 694 return -EFAULT; 695 696 if (maxlen < 1) 697 return -EFAULT; 698 699 valptr = (void *) &val; 700 length = min_t(unsigned int, maxlen, sizeof(int)); 701 702 lock_sock(sk); 703 ax25 = sk_to_ax25(sk); 704 705 switch (optname) { 706 case AX25_WINDOW: 707 val = ax25->window; 708 break; 709 710 case AX25_T1: 711 val = ax25->t1 / HZ; 712 break; 713 714 case AX25_T2: 715 val = ax25->t2 / HZ; 716 break; 717 718 case AX25_N2: 719 val = ax25->n2; 720 break; 721 722 case AX25_T3: 723 val = ax25->t3 / HZ; 724 break; 725 726 case AX25_IDLE: 727 val = ax25->idle / (60 * HZ); 728 break; 729 730 case AX25_BACKOFF: 731 val = ax25->backoff; 732 break; 733 734 case AX25_EXTSEQ: 735 val = (ax25->modulus == AX25_EMODULUS); 736 break; 737 738 case AX25_PIDINCL: 739 val = ax25->pidincl; 740 break; 741 742 case AX25_IAMDIGI: 743 val = ax25->iamdigi; 744 break; 745 746 case AX25_PACLEN: 747 val = ax25->paclen; 748 break; 749 750 case SO_BINDTODEVICE: 751 ax25_dev = ax25->ax25_dev; 752 753 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 754 strlcpy(devname, ax25_dev->dev->name, sizeof(devname)); 755 length = strlen(devname) + 1; 756 } else { 757 *devname = '\0'; 758 length = 1; 759 } 760 761 valptr = (void *) devname; 762 break; 763 764 default: 765 release_sock(sk); 766 return -ENOPROTOOPT; 767 } 768 release_sock(sk); 769 770 if (put_user(length, optlen)) 771 return -EFAULT; 772 773 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 774 } 775 776 static int ax25_listen(struct socket *sock, int backlog) 777 { 778 struct sock *sk = sock->sk; 779 int res = 0; 780 781 lock_sock(sk); 782 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 783 sk->sk_max_ack_backlog = backlog; 784 sk->sk_state = TCP_LISTEN; 785 goto out; 786 } 787 res = -EOPNOTSUPP; 788 789 out: 790 release_sock(sk); 791 792 return res; 793 } 794 795 /* 796 * XXX: when creating ax25_sock we should update the .obj_size setting 797 * below. 798 */ 799 static struct proto ax25_proto = { 800 .name = "AX25", 801 .owner = THIS_MODULE, 802 .obj_size = sizeof(struct ax25_sock), 803 }; 804 805 static int ax25_create(struct net *net, struct socket *sock, int protocol, 806 int kern) 807 { 808 struct sock *sk; 809 ax25_cb *ax25; 810 811 if (protocol < 0 || protocol > SK_PROTOCOL_MAX) 812 return -EINVAL; 813 814 if (!net_eq(net, &init_net)) 815 return -EAFNOSUPPORT; 816 817 switch (sock->type) { 818 case SOCK_DGRAM: 819 if (protocol == 0 || protocol == PF_AX25) 820 protocol = AX25_P_TEXT; 821 break; 822 823 case SOCK_SEQPACKET: 824 switch (protocol) { 825 case 0: 826 case PF_AX25: /* For CLX */ 827 protocol = AX25_P_TEXT; 828 break; 829 case AX25_P_SEGMENT: 830 #ifdef CONFIG_INET 831 case AX25_P_ARP: 832 case AX25_P_IP: 833 #endif 834 #ifdef CONFIG_NETROM 835 case AX25_P_NETROM: 836 #endif 837 #ifdef CONFIG_ROSE 838 case AX25_P_ROSE: 839 #endif 840 return -ESOCKTNOSUPPORT; 841 #ifdef CONFIG_NETROM_MODULE 842 case AX25_P_NETROM: 843 if (ax25_protocol_is_registered(AX25_P_NETROM)) 844 return -ESOCKTNOSUPPORT; 845 break; 846 #endif 847 #ifdef CONFIG_ROSE_MODULE 848 case AX25_P_ROSE: 849 if (ax25_protocol_is_registered(AX25_P_ROSE)) 850 return -ESOCKTNOSUPPORT; 851 #endif 852 default: 853 break; 854 } 855 break; 856 857 case SOCK_RAW: 858 break; 859 default: 860 return -ESOCKTNOSUPPORT; 861 } 862 863 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 864 if (sk == NULL) 865 return -ENOMEM; 866 867 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 868 if (!ax25) { 869 sk_free(sk); 870 return -ENOMEM; 871 } 872 873 sock_init_data(sock, sk); 874 875 sk->sk_destruct = ax25_free_sock; 876 sock->ops = &ax25_proto_ops; 877 sk->sk_protocol = protocol; 878 879 ax25->sk = sk; 880 881 return 0; 882 } 883 884 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 885 { 886 struct sock *sk; 887 ax25_cb *ax25, *oax25; 888 889 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 890 if (sk == NULL) 891 return NULL; 892 893 if ((ax25 = ax25_create_cb()) == NULL) { 894 sk_free(sk); 895 return NULL; 896 } 897 898 switch (osk->sk_type) { 899 case SOCK_DGRAM: 900 break; 901 case SOCK_SEQPACKET: 902 break; 903 default: 904 sk_free(sk); 905 ax25_cb_put(ax25); 906 return NULL; 907 } 908 909 sock_init_data(NULL, sk); 910 911 sk->sk_type = osk->sk_type; 912 sk->sk_priority = osk->sk_priority; 913 sk->sk_protocol = osk->sk_protocol; 914 sk->sk_rcvbuf = osk->sk_rcvbuf; 915 sk->sk_sndbuf = osk->sk_sndbuf; 916 sk->sk_state = TCP_ESTABLISHED; 917 sock_copy_flags(sk, osk); 918 919 oax25 = sk_to_ax25(osk); 920 921 ax25->modulus = oax25->modulus; 922 ax25->backoff = oax25->backoff; 923 ax25->pidincl = oax25->pidincl; 924 ax25->iamdigi = oax25->iamdigi; 925 ax25->rtt = oax25->rtt; 926 ax25->t1 = oax25->t1; 927 ax25->t2 = oax25->t2; 928 ax25->t3 = oax25->t3; 929 ax25->n2 = oax25->n2; 930 ax25->idle = oax25->idle; 931 ax25->paclen = oax25->paclen; 932 ax25->window = oax25->window; 933 934 ax25->ax25_dev = ax25_dev; 935 ax25->source_addr = oax25->source_addr; 936 937 if (oax25->digipeat != NULL) { 938 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 939 GFP_ATOMIC); 940 if (ax25->digipeat == NULL) { 941 sk_free(sk); 942 ax25_cb_put(ax25); 943 return NULL; 944 } 945 } 946 947 ax25_sk(sk)->cb = ax25; 948 sk->sk_destruct = ax25_free_sock; 949 ax25->sk = sk; 950 951 return sk; 952 } 953 954 static int ax25_release(struct socket *sock) 955 { 956 struct sock *sk = sock->sk; 957 ax25_cb *ax25; 958 959 if (sk == NULL) 960 return 0; 961 962 sock_hold(sk); 963 sock_orphan(sk); 964 lock_sock(sk); 965 ax25 = sk_to_ax25(sk); 966 967 if (sk->sk_type == SOCK_SEQPACKET) { 968 switch (ax25->state) { 969 case AX25_STATE_0: 970 release_sock(sk); 971 ax25_disconnect(ax25, 0); 972 lock_sock(sk); 973 ax25_destroy_socket(ax25); 974 break; 975 976 case AX25_STATE_1: 977 case AX25_STATE_2: 978 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 979 release_sock(sk); 980 ax25_disconnect(ax25, 0); 981 lock_sock(sk); 982 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 983 ax25_destroy_socket(ax25); 984 break; 985 986 case AX25_STATE_3: 987 case AX25_STATE_4: 988 ax25_clear_queues(ax25); 989 ax25->n2count = 0; 990 991 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 992 case AX25_PROTO_STD_SIMPLEX: 993 case AX25_PROTO_STD_DUPLEX: 994 ax25_send_control(ax25, 995 AX25_DISC, 996 AX25_POLLON, 997 AX25_COMMAND); 998 ax25_stop_t2timer(ax25); 999 ax25_stop_t3timer(ax25); 1000 ax25_stop_idletimer(ax25); 1001 break; 1002 #ifdef CONFIG_AX25_DAMA_SLAVE 1003 case AX25_PROTO_DAMA_SLAVE: 1004 ax25_stop_t3timer(ax25); 1005 ax25_stop_idletimer(ax25); 1006 break; 1007 #endif 1008 } 1009 ax25_calculate_t1(ax25); 1010 ax25_start_t1timer(ax25); 1011 ax25->state = AX25_STATE_2; 1012 sk->sk_state = TCP_CLOSE; 1013 sk->sk_shutdown |= SEND_SHUTDOWN; 1014 sk->sk_state_change(sk); 1015 sock_set_flag(sk, SOCK_DESTROY); 1016 break; 1017 1018 default: 1019 break; 1020 } 1021 } else { 1022 sk->sk_state = TCP_CLOSE; 1023 sk->sk_shutdown |= SEND_SHUTDOWN; 1024 sk->sk_state_change(sk); 1025 ax25_destroy_socket(ax25); 1026 } 1027 1028 sock->sk = NULL; 1029 release_sock(sk); 1030 sock_put(sk); 1031 1032 return 0; 1033 } 1034 1035 /* 1036 * We support a funny extension here so you can (as root) give any callsign 1037 * digipeated via a local address as source. This hack is obsolete now 1038 * that we've implemented support for SO_BINDTODEVICE. It is however small 1039 * and trivially backward compatible. 1040 */ 1041 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1042 { 1043 struct sock *sk = sock->sk; 1044 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1045 ax25_dev *ax25_dev = NULL; 1046 ax25_uid_assoc *user; 1047 ax25_address call; 1048 ax25_cb *ax25; 1049 int err = 0; 1050 1051 if (addr_len != sizeof(struct sockaddr_ax25) && 1052 addr_len != sizeof(struct full_sockaddr_ax25)) 1053 /* support for old structure may go away some time 1054 * ax25_bind(): uses old (6 digipeater) socket structure. 1055 */ 1056 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1057 (addr_len > sizeof(struct full_sockaddr_ax25))) 1058 return -EINVAL; 1059 1060 if (addr->fsa_ax25.sax25_family != AF_AX25) 1061 return -EINVAL; 1062 1063 user = ax25_findbyuid(current_euid()); 1064 if (user) { 1065 call = user->call; 1066 ax25_uid_put(user); 1067 } else { 1068 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1069 return -EACCES; 1070 1071 call = addr->fsa_ax25.sax25_call; 1072 } 1073 1074 lock_sock(sk); 1075 1076 ax25 = sk_to_ax25(sk); 1077 if (!sock_flag(sk, SOCK_ZAPPED)) { 1078 err = -EINVAL; 1079 goto out; 1080 } 1081 1082 ax25->source_addr = call; 1083 1084 /* 1085 * User already set interface with SO_BINDTODEVICE 1086 */ 1087 if (ax25->ax25_dev != NULL) 1088 goto done; 1089 1090 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1091 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1092 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1093 err = -EADDRNOTAVAIL; 1094 goto out; 1095 } 1096 } else { 1097 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1098 err = -EADDRNOTAVAIL; 1099 goto out; 1100 } 1101 } 1102 1103 if (ax25_dev != NULL) 1104 ax25_fillin_cb(ax25, ax25_dev); 1105 1106 done: 1107 ax25_cb_add(ax25); 1108 sock_reset_flag(sk, SOCK_ZAPPED); 1109 1110 out: 1111 release_sock(sk); 1112 1113 return err; 1114 } 1115 1116 /* 1117 * FIXME: nonblock behaviour looks like it may have a bug. 1118 */ 1119 static int __must_check ax25_connect(struct socket *sock, 1120 struct sockaddr *uaddr, int addr_len, int flags) 1121 { 1122 struct sock *sk = sock->sk; 1123 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1124 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1125 ax25_digi *digi = NULL; 1126 int ct = 0, err = 0; 1127 1128 /* 1129 * some sanity checks. code further down depends on this 1130 */ 1131 1132 if (addr_len == sizeof(struct sockaddr_ax25)) 1133 /* support for this will go away in early 2.5.x 1134 * ax25_connect(): uses obsolete socket structure 1135 */ 1136 ; 1137 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1138 /* support for old structure may go away some time 1139 * ax25_connect(): uses old (6 digipeater) socket structure. 1140 */ 1141 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1142 (addr_len > sizeof(struct full_sockaddr_ax25))) 1143 return -EINVAL; 1144 1145 1146 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1147 return -EINVAL; 1148 1149 lock_sock(sk); 1150 1151 /* deal with restarts */ 1152 if (sock->state == SS_CONNECTING) { 1153 switch (sk->sk_state) { 1154 case TCP_SYN_SENT: /* still trying */ 1155 err = -EINPROGRESS; 1156 goto out_release; 1157 1158 case TCP_ESTABLISHED: /* connection established */ 1159 sock->state = SS_CONNECTED; 1160 goto out_release; 1161 1162 case TCP_CLOSE: /* connection refused */ 1163 sock->state = SS_UNCONNECTED; 1164 err = -ECONNREFUSED; 1165 goto out_release; 1166 } 1167 } 1168 1169 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1170 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1171 goto out_release; 1172 } 1173 1174 sk->sk_state = TCP_CLOSE; 1175 sock->state = SS_UNCONNECTED; 1176 1177 kfree(ax25->digipeat); 1178 ax25->digipeat = NULL; 1179 1180 /* 1181 * Handle digi-peaters to be used. 1182 */ 1183 if (addr_len > sizeof(struct sockaddr_ax25) && 1184 fsa->fsa_ax25.sax25_ndigis != 0) { 1185 /* Valid number of digipeaters ? */ 1186 if (fsa->fsa_ax25.sax25_ndigis < 1 || fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS) { 1187 err = -EINVAL; 1188 goto out_release; 1189 } 1190 1191 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1192 err = -ENOBUFS; 1193 goto out_release; 1194 } 1195 1196 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1197 digi->lastrepeat = -1; 1198 1199 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1200 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1201 AX25_HBIT) && ax25->iamdigi) { 1202 digi->repeated[ct] = 1; 1203 digi->lastrepeat = ct; 1204 } else { 1205 digi->repeated[ct] = 0; 1206 } 1207 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1208 ct++; 1209 } 1210 } 1211 1212 /* 1213 * Must bind first - autobinding in this may or may not work. If 1214 * the socket is already bound, check to see if the device has 1215 * been filled in, error if it hasn't. 1216 */ 1217 if (sock_flag(sk, SOCK_ZAPPED)) { 1218 /* check if we can remove this feature. It is broken. */ 1219 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1220 current->comm); 1221 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1222 kfree(digi); 1223 goto out_release; 1224 } 1225 1226 ax25_fillin_cb(ax25, ax25->ax25_dev); 1227 ax25_cb_add(ax25); 1228 } else { 1229 if (ax25->ax25_dev == NULL) { 1230 kfree(digi); 1231 err = -EHOSTUNREACH; 1232 goto out_release; 1233 } 1234 } 1235 1236 if (sk->sk_type == SOCK_SEQPACKET && 1237 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1238 ax25->ax25_dev->dev))) { 1239 kfree(digi); 1240 err = -EADDRINUSE; /* Already such a connection */ 1241 ax25_cb_put(ax25t); 1242 goto out_release; 1243 } 1244 1245 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1246 ax25->digipeat = digi; 1247 1248 /* First the easy one */ 1249 if (sk->sk_type != SOCK_SEQPACKET) { 1250 sock->state = SS_CONNECTED; 1251 sk->sk_state = TCP_ESTABLISHED; 1252 goto out_release; 1253 } 1254 1255 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1256 sock->state = SS_CONNECTING; 1257 sk->sk_state = TCP_SYN_SENT; 1258 1259 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1260 case AX25_PROTO_STD_SIMPLEX: 1261 case AX25_PROTO_STD_DUPLEX: 1262 ax25_std_establish_data_link(ax25); 1263 break; 1264 1265 #ifdef CONFIG_AX25_DAMA_SLAVE 1266 case AX25_PROTO_DAMA_SLAVE: 1267 ax25->modulus = AX25_MODULUS; 1268 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1269 if (ax25->ax25_dev->dama.slave) 1270 ax25_ds_establish_data_link(ax25); 1271 else 1272 ax25_std_establish_data_link(ax25); 1273 break; 1274 #endif 1275 } 1276 1277 ax25->state = AX25_STATE_1; 1278 1279 ax25_start_heartbeat(ax25); 1280 1281 /* Now the loop */ 1282 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1283 err = -EINPROGRESS; 1284 goto out_release; 1285 } 1286 1287 if (sk->sk_state == TCP_SYN_SENT) { 1288 DEFINE_WAIT(wait); 1289 1290 for (;;) { 1291 prepare_to_wait(sk_sleep(sk), &wait, 1292 TASK_INTERRUPTIBLE); 1293 if (sk->sk_state != TCP_SYN_SENT) 1294 break; 1295 if (!signal_pending(current)) { 1296 release_sock(sk); 1297 schedule(); 1298 lock_sock(sk); 1299 continue; 1300 } 1301 err = -ERESTARTSYS; 1302 break; 1303 } 1304 finish_wait(sk_sleep(sk), &wait); 1305 1306 if (err) 1307 goto out_release; 1308 } 1309 1310 if (sk->sk_state != TCP_ESTABLISHED) { 1311 /* Not in ABM, not in WAIT_UA -> failed */ 1312 sock->state = SS_UNCONNECTED; 1313 err = sock_error(sk); /* Always set at this point */ 1314 goto out_release; 1315 } 1316 1317 sock->state = SS_CONNECTED; 1318 1319 err = 0; 1320 out_release: 1321 release_sock(sk); 1322 1323 return err; 1324 } 1325 1326 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags, 1327 bool kern) 1328 { 1329 struct sk_buff *skb; 1330 struct sock *newsk; 1331 DEFINE_WAIT(wait); 1332 struct sock *sk; 1333 int err = 0; 1334 1335 if (sock->state != SS_UNCONNECTED) 1336 return -EINVAL; 1337 1338 if ((sk = sock->sk) == NULL) 1339 return -EINVAL; 1340 1341 lock_sock(sk); 1342 if (sk->sk_type != SOCK_SEQPACKET) { 1343 err = -EOPNOTSUPP; 1344 goto out; 1345 } 1346 1347 if (sk->sk_state != TCP_LISTEN) { 1348 err = -EINVAL; 1349 goto out; 1350 } 1351 1352 /* 1353 * The read queue this time is holding sockets ready to use 1354 * hooked into the SABM we saved 1355 */ 1356 for (;;) { 1357 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1358 skb = skb_dequeue(&sk->sk_receive_queue); 1359 if (skb) 1360 break; 1361 1362 if (flags & O_NONBLOCK) { 1363 err = -EWOULDBLOCK; 1364 break; 1365 } 1366 if (!signal_pending(current)) { 1367 release_sock(sk); 1368 schedule(); 1369 lock_sock(sk); 1370 continue; 1371 } 1372 err = -ERESTARTSYS; 1373 break; 1374 } 1375 finish_wait(sk_sleep(sk), &wait); 1376 1377 if (err) 1378 goto out; 1379 1380 newsk = skb->sk; 1381 sock_graft(newsk, newsock); 1382 1383 /* Now attach up the new socket */ 1384 kfree_skb(skb); 1385 sk->sk_ack_backlog--; 1386 newsock->state = SS_CONNECTED; 1387 1388 out: 1389 release_sock(sk); 1390 1391 return err; 1392 } 1393 1394 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1395 int peer) 1396 { 1397 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1398 struct sock *sk = sock->sk; 1399 unsigned char ndigi, i; 1400 ax25_cb *ax25; 1401 int err = 0; 1402 1403 memset(fsa, 0, sizeof(*fsa)); 1404 lock_sock(sk); 1405 ax25 = sk_to_ax25(sk); 1406 1407 if (peer != 0) { 1408 if (sk->sk_state != TCP_ESTABLISHED) { 1409 err = -ENOTCONN; 1410 goto out; 1411 } 1412 1413 fsa->fsa_ax25.sax25_family = AF_AX25; 1414 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1415 1416 if (ax25->digipeat != NULL) { 1417 ndigi = ax25->digipeat->ndigi; 1418 fsa->fsa_ax25.sax25_ndigis = ndigi; 1419 for (i = 0; i < ndigi; i++) 1420 fsa->fsa_digipeater[i] = 1421 ax25->digipeat->calls[i]; 1422 } 1423 } else { 1424 fsa->fsa_ax25.sax25_family = AF_AX25; 1425 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1426 fsa->fsa_ax25.sax25_ndigis = 1; 1427 if (ax25->ax25_dev != NULL) { 1428 memcpy(&fsa->fsa_digipeater[0], 1429 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1430 } else { 1431 fsa->fsa_digipeater[0] = null_ax25_address; 1432 } 1433 } 1434 err = sizeof (struct full_sockaddr_ax25); 1435 1436 out: 1437 release_sock(sk); 1438 1439 return err; 1440 } 1441 1442 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1443 { 1444 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1445 struct sock *sk = sock->sk; 1446 struct sockaddr_ax25 sax; 1447 struct sk_buff *skb; 1448 ax25_digi dtmp, *dp; 1449 ax25_cb *ax25; 1450 size_t size; 1451 int lv, err, addr_len = msg->msg_namelen; 1452 1453 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1454 return -EINVAL; 1455 1456 lock_sock(sk); 1457 ax25 = sk_to_ax25(sk); 1458 1459 if (sock_flag(sk, SOCK_ZAPPED)) { 1460 err = -EADDRNOTAVAIL; 1461 goto out; 1462 } 1463 1464 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1465 send_sig(SIGPIPE, current, 0); 1466 err = -EPIPE; 1467 goto out; 1468 } 1469 1470 if (ax25->ax25_dev == NULL) { 1471 err = -ENETUNREACH; 1472 goto out; 1473 } 1474 1475 if (len > ax25->ax25_dev->dev->mtu) { 1476 err = -EMSGSIZE; 1477 goto out; 1478 } 1479 1480 if (usax != NULL) { 1481 if (usax->sax25_family != AF_AX25) { 1482 err = -EINVAL; 1483 goto out; 1484 } 1485 1486 if (addr_len == sizeof(struct sockaddr_ax25)) 1487 /* ax25_sendmsg(): uses obsolete socket structure */ 1488 ; 1489 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1490 /* support for old structure may go away some time 1491 * ax25_sendmsg(): uses old (6 digipeater) 1492 * socket structure. 1493 */ 1494 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1495 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1496 err = -EINVAL; 1497 goto out; 1498 } 1499 1500 1501 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1502 int ct = 0; 1503 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1504 1505 /* Valid number of digipeaters ? */ 1506 if (usax->sax25_ndigis < 1 || usax->sax25_ndigis > AX25_MAX_DIGIS) { 1507 err = -EINVAL; 1508 goto out; 1509 } 1510 1511 dtmp.ndigi = usax->sax25_ndigis; 1512 1513 while (ct < usax->sax25_ndigis) { 1514 dtmp.repeated[ct] = 0; 1515 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1516 ct++; 1517 } 1518 1519 dtmp.lastrepeat = 0; 1520 } 1521 1522 sax = *usax; 1523 if (sk->sk_type == SOCK_SEQPACKET && 1524 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1525 err = -EISCONN; 1526 goto out; 1527 } 1528 if (usax->sax25_ndigis == 0) 1529 dp = NULL; 1530 else 1531 dp = &dtmp; 1532 } else { 1533 /* 1534 * FIXME: 1003.1g - if the socket is like this because 1535 * it has become closed (not started closed) and is VC 1536 * we ought to SIGPIPE, EPIPE 1537 */ 1538 if (sk->sk_state != TCP_ESTABLISHED) { 1539 err = -ENOTCONN; 1540 goto out; 1541 } 1542 sax.sax25_family = AF_AX25; 1543 sax.sax25_call = ax25->dest_addr; 1544 dp = ax25->digipeat; 1545 } 1546 1547 /* Build a packet */ 1548 /* Assume the worst case */ 1549 size = len + ax25->ax25_dev->dev->hard_header_len; 1550 1551 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1552 if (skb == NULL) 1553 goto out; 1554 1555 skb_reserve(skb, size - len); 1556 1557 /* User data follows immediately after the AX.25 data */ 1558 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1559 err = -EFAULT; 1560 kfree_skb(skb); 1561 goto out; 1562 } 1563 1564 skb_reset_network_header(skb); 1565 1566 /* Add the PID if one is not supplied by the user in the skb */ 1567 if (!ax25->pidincl) 1568 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1569 1570 if (sk->sk_type == SOCK_SEQPACKET) { 1571 /* Connected mode sockets go via the LAPB machine */ 1572 if (sk->sk_state != TCP_ESTABLISHED) { 1573 kfree_skb(skb); 1574 err = -ENOTCONN; 1575 goto out; 1576 } 1577 1578 /* Shove it onto the queue and kick */ 1579 ax25_output(ax25, ax25->paclen, skb); 1580 1581 err = len; 1582 goto out; 1583 } 1584 1585 skb_push(skb, 1 + ax25_addr_size(dp)); 1586 1587 /* Building AX.25 Header */ 1588 1589 /* Build an AX.25 header */ 1590 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1591 dp, AX25_COMMAND, AX25_MODULUS); 1592 1593 skb_set_transport_header(skb, lv); 1594 1595 *skb_transport_header(skb) = AX25_UI; 1596 1597 /* Datagram frames go straight out of the door as UI */ 1598 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1599 1600 err = len; 1601 1602 out: 1603 release_sock(sk); 1604 1605 return err; 1606 } 1607 1608 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1609 int flags) 1610 { 1611 struct sock *sk = sock->sk; 1612 struct sk_buff *skb; 1613 int copied; 1614 int err = 0; 1615 1616 lock_sock(sk); 1617 /* 1618 * This works for seqpacket too. The receiver has ordered the 1619 * queue for us! We do one quick check first though 1620 */ 1621 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1622 err = -ENOTCONN; 1623 goto out; 1624 } 1625 1626 /* Now we can treat all alike */ 1627 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1628 flags & MSG_DONTWAIT, &err); 1629 if (skb == NULL) 1630 goto out; 1631 1632 if (!sk_to_ax25(sk)->pidincl) 1633 skb_pull(skb, 1); /* Remove PID */ 1634 1635 skb_reset_transport_header(skb); 1636 copied = skb->len; 1637 1638 if (copied > size) { 1639 copied = size; 1640 msg->msg_flags |= MSG_TRUNC; 1641 } 1642 1643 skb_copy_datagram_msg(skb, 0, msg, copied); 1644 1645 if (msg->msg_name) { 1646 ax25_digi digi; 1647 ax25_address src; 1648 const unsigned char *mac = skb_mac_header(skb); 1649 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1650 1651 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1652 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1653 &digi, NULL, NULL); 1654 sax->sax25_family = AF_AX25; 1655 /* We set this correctly, even though we may not let the 1656 application know the digi calls further down (because it 1657 did NOT ask to know them). This could get political... **/ 1658 sax->sax25_ndigis = digi.ndigi; 1659 sax->sax25_call = src; 1660 1661 if (sax->sax25_ndigis != 0) { 1662 int ct; 1663 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1664 1665 for (ct = 0; ct < digi.ndigi; ct++) 1666 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1667 } 1668 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1669 } 1670 1671 skb_free_datagram(sk, skb); 1672 err = copied; 1673 1674 out: 1675 release_sock(sk); 1676 1677 return err; 1678 } 1679 1680 static int ax25_shutdown(struct socket *sk, int how) 1681 { 1682 /* FIXME - generate DM and RNR states */ 1683 return -EOPNOTSUPP; 1684 } 1685 1686 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1687 { 1688 struct sock *sk = sock->sk; 1689 void __user *argp = (void __user *)arg; 1690 int res = 0; 1691 1692 lock_sock(sk); 1693 switch (cmd) { 1694 case TIOCOUTQ: { 1695 long amount; 1696 1697 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1698 if (amount < 0) 1699 amount = 0; 1700 res = put_user(amount, (int __user *)argp); 1701 break; 1702 } 1703 1704 case TIOCINQ: { 1705 struct sk_buff *skb; 1706 long amount = 0L; 1707 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1708 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1709 amount = skb->len; 1710 res = put_user(amount, (int __user *) argp); 1711 break; 1712 } 1713 1714 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1715 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1716 case SIOCAX25GETUID: { 1717 struct sockaddr_ax25 sax25; 1718 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1719 res = -EFAULT; 1720 break; 1721 } 1722 res = ax25_uid_ioctl(cmd, &sax25); 1723 break; 1724 } 1725 1726 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1727 long amount; 1728 if (!capable(CAP_NET_ADMIN)) { 1729 res = -EPERM; 1730 break; 1731 } 1732 if (get_user(amount, (long __user *)argp)) { 1733 res = -EFAULT; 1734 break; 1735 } 1736 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1737 res = -EINVAL; 1738 break; 1739 } 1740 ax25_uid_policy = amount; 1741 res = 0; 1742 break; 1743 } 1744 1745 case SIOCADDRT: 1746 case SIOCDELRT: 1747 case SIOCAX25OPTRT: 1748 if (!capable(CAP_NET_ADMIN)) { 1749 res = -EPERM; 1750 break; 1751 } 1752 res = ax25_rt_ioctl(cmd, argp); 1753 break; 1754 1755 case SIOCAX25CTLCON: 1756 if (!capable(CAP_NET_ADMIN)) { 1757 res = -EPERM; 1758 break; 1759 } 1760 res = ax25_ctl_ioctl(cmd, argp); 1761 break; 1762 1763 case SIOCAX25GETINFO: 1764 case SIOCAX25GETINFOOLD: { 1765 ax25_cb *ax25 = sk_to_ax25(sk); 1766 struct ax25_info_struct ax25_info; 1767 1768 ax25_info.t1 = ax25->t1 / HZ; 1769 ax25_info.t2 = ax25->t2 / HZ; 1770 ax25_info.t3 = ax25->t3 / HZ; 1771 ax25_info.idle = ax25->idle / (60 * HZ); 1772 ax25_info.n2 = ax25->n2; 1773 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1774 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1775 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1776 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1777 ax25_info.n2count = ax25->n2count; 1778 ax25_info.state = ax25->state; 1779 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1780 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1781 ax25_info.vs = ax25->vs; 1782 ax25_info.vr = ax25->vr; 1783 ax25_info.va = ax25->va; 1784 ax25_info.vs_max = ax25->vs; /* reserved */ 1785 ax25_info.paclen = ax25->paclen; 1786 ax25_info.window = ax25->window; 1787 1788 /* old structure? */ 1789 if (cmd == SIOCAX25GETINFOOLD) { 1790 static int warned = 0; 1791 if (!warned) { 1792 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1793 current->comm); 1794 warned=1; 1795 } 1796 1797 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1798 res = -EFAULT; 1799 break; 1800 } 1801 } else { 1802 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1803 res = -EINVAL; 1804 break; 1805 } 1806 } 1807 res = 0; 1808 break; 1809 } 1810 1811 case SIOCAX25ADDFWD: 1812 case SIOCAX25DELFWD: { 1813 struct ax25_fwd_struct ax25_fwd; 1814 if (!capable(CAP_NET_ADMIN)) { 1815 res = -EPERM; 1816 break; 1817 } 1818 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1819 res = -EFAULT; 1820 break; 1821 } 1822 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1823 break; 1824 } 1825 1826 case SIOCGIFADDR: 1827 case SIOCSIFADDR: 1828 case SIOCGIFDSTADDR: 1829 case SIOCSIFDSTADDR: 1830 case SIOCGIFBRDADDR: 1831 case SIOCSIFBRDADDR: 1832 case SIOCGIFNETMASK: 1833 case SIOCSIFNETMASK: 1834 case SIOCGIFMETRIC: 1835 case SIOCSIFMETRIC: 1836 res = -EINVAL; 1837 break; 1838 1839 default: 1840 res = -ENOIOCTLCMD; 1841 break; 1842 } 1843 release_sock(sk); 1844 1845 return res; 1846 } 1847 1848 #ifdef CONFIG_PROC_FS 1849 1850 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1851 __acquires(ax25_list_lock) 1852 { 1853 spin_lock_bh(&ax25_list_lock); 1854 return seq_hlist_start(&ax25_list, *pos); 1855 } 1856 1857 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1858 { 1859 return seq_hlist_next(v, &ax25_list, pos); 1860 } 1861 1862 static void ax25_info_stop(struct seq_file *seq, void *v) 1863 __releases(ax25_list_lock) 1864 { 1865 spin_unlock_bh(&ax25_list_lock); 1866 } 1867 1868 static int ax25_info_show(struct seq_file *seq, void *v) 1869 { 1870 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1871 char buf[11]; 1872 int k; 1873 1874 1875 /* 1876 * New format: 1877 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1878 */ 1879 1880 seq_printf(seq, "%p %s %s%s ", 1881 ax25, 1882 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1883 ax2asc(buf, &ax25->source_addr), 1884 ax25->iamdigi? "*":""); 1885 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1886 1887 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1888 seq_printf(seq, ",%s%s", 1889 ax2asc(buf, &ax25->digipeat->calls[k]), 1890 ax25->digipeat->repeated[k]? "*":""); 1891 } 1892 1893 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1894 ax25->state, 1895 ax25->vs, ax25->vr, ax25->va, 1896 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1897 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1898 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1899 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1900 ax25->idle / (60 * HZ), 1901 ax25->n2count, ax25->n2, 1902 ax25->rtt / HZ, 1903 ax25->window, 1904 ax25->paclen); 1905 1906 if (ax25->sk != NULL) { 1907 seq_printf(seq, " %d %d %lu\n", 1908 sk_wmem_alloc_get(ax25->sk), 1909 sk_rmem_alloc_get(ax25->sk), 1910 sock_i_ino(ax25->sk)); 1911 } else { 1912 seq_puts(seq, " * * *\n"); 1913 } 1914 return 0; 1915 } 1916 1917 static const struct seq_operations ax25_info_seqops = { 1918 .start = ax25_info_start, 1919 .next = ax25_info_next, 1920 .stop = ax25_info_stop, 1921 .show = ax25_info_show, 1922 }; 1923 #endif 1924 1925 static const struct net_proto_family ax25_family_ops = { 1926 .family = PF_AX25, 1927 .create = ax25_create, 1928 .owner = THIS_MODULE, 1929 }; 1930 1931 static const struct proto_ops ax25_proto_ops = { 1932 .family = PF_AX25, 1933 .owner = THIS_MODULE, 1934 .release = ax25_release, 1935 .bind = ax25_bind, 1936 .connect = ax25_connect, 1937 .socketpair = sock_no_socketpair, 1938 .accept = ax25_accept, 1939 .getname = ax25_getname, 1940 .poll = datagram_poll, 1941 .ioctl = ax25_ioctl, 1942 .gettstamp = sock_gettstamp, 1943 .listen = ax25_listen, 1944 .shutdown = ax25_shutdown, 1945 .setsockopt = ax25_setsockopt, 1946 .getsockopt = ax25_getsockopt, 1947 .sendmsg = ax25_sendmsg, 1948 .recvmsg = ax25_recvmsg, 1949 .mmap = sock_no_mmap, 1950 .sendpage = sock_no_sendpage, 1951 }; 1952 1953 /* 1954 * Called by socket.c on kernel start up 1955 */ 1956 static struct packet_type ax25_packet_type __read_mostly = { 1957 .type = cpu_to_be16(ETH_P_AX25), 1958 .func = ax25_kiss_rcv, 1959 }; 1960 1961 static struct notifier_block ax25_dev_notifier = { 1962 .notifier_call = ax25_device_event, 1963 }; 1964 1965 static int __init ax25_init(void) 1966 { 1967 int rc = proto_register(&ax25_proto, 0); 1968 1969 if (rc != 0) 1970 goto out; 1971 1972 sock_register(&ax25_family_ops); 1973 dev_add_pack(&ax25_packet_type); 1974 register_netdevice_notifier(&ax25_dev_notifier); 1975 1976 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 1977 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 1978 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 1979 &ax25_uid_seqops); 1980 out: 1981 return rc; 1982 } 1983 module_init(ax25_init); 1984 1985 1986 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 1987 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 1988 MODULE_LICENSE("GPL"); 1989 MODULE_ALIAS_NETPROTO(PF_AX25); 1990 1991 static void __exit ax25_exit(void) 1992 { 1993 remove_proc_entry("ax25_route", init_net.proc_net); 1994 remove_proc_entry("ax25", init_net.proc_net); 1995 remove_proc_entry("ax25_calls", init_net.proc_net); 1996 1997 unregister_netdevice_notifier(&ax25_dev_notifier); 1998 1999 dev_remove_pack(&ax25_packet_type); 2000 2001 sock_unregister(PF_AX25); 2002 proto_unregister(&ax25_proto); 2003 2004 ax25_rt_free(); 2005 ax25_uid_free(); 2006 ax25_dev_free(); 2007 } 2008 module_exit(ax25_exit); 2009