1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 if (!hlist_unhashed(&ax25->ax25_node)) { 66 spin_lock_bh(&ax25_list_lock); 67 hlist_del_init(&ax25->ax25_node); 68 spin_unlock_bh(&ax25_list_lock); 69 ax25_cb_put(ax25); 70 } 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 struct sock *sk; 81 82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 83 return; 84 85 spin_lock_bh(&ax25_list_lock); 86 again: 87 ax25_for_each(s, &ax25_list) { 88 if (s->ax25_dev == ax25_dev) { 89 sk = s->sk; 90 if (!sk) { 91 spin_unlock_bh(&ax25_list_lock); 92 ax25_disconnect(s, ENETUNREACH); 93 s->ax25_dev = NULL; 94 spin_lock_bh(&ax25_list_lock); 95 goto again; 96 } 97 sock_hold(sk); 98 spin_unlock_bh(&ax25_list_lock); 99 lock_sock(sk); 100 ax25_disconnect(s, ENETUNREACH); 101 s->ax25_dev = NULL; 102 if (sk->sk_socket) { 103 dev_put_track(ax25_dev->dev, &ax25_dev->dev_tracker); 104 ax25_dev_put(ax25_dev); 105 } 106 release_sock(sk); 107 spin_lock_bh(&ax25_list_lock); 108 sock_put(sk); 109 /* The entry could have been deleted from the 110 * list meanwhile and thus the next pointer is 111 * no longer valid. Play it safe and restart 112 * the scan. Forward progress is ensured 113 * because we set s->ax25_dev to NULL and we 114 * are never passed a NULL 'dev' argument. 115 */ 116 goto again; 117 } 118 } 119 spin_unlock_bh(&ax25_list_lock); 120 } 121 122 /* 123 * Handle device status changes. 124 */ 125 static int ax25_device_event(struct notifier_block *this, unsigned long event, 126 void *ptr) 127 { 128 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 129 130 if (!net_eq(dev_net(dev), &init_net)) 131 return NOTIFY_DONE; 132 133 /* Reject non AX.25 devices */ 134 if (dev->type != ARPHRD_AX25) 135 return NOTIFY_DONE; 136 137 switch (event) { 138 case NETDEV_UP: 139 ax25_dev_device_up(dev); 140 break; 141 case NETDEV_DOWN: 142 ax25_kill_by_device(dev); 143 ax25_rt_device_down(dev); 144 ax25_dev_device_down(dev); 145 break; 146 default: 147 break; 148 } 149 150 return NOTIFY_DONE; 151 } 152 153 /* 154 * Add a socket to the bound sockets list. 155 */ 156 void ax25_cb_add(ax25_cb *ax25) 157 { 158 spin_lock_bh(&ax25_list_lock); 159 ax25_cb_hold(ax25); 160 hlist_add_head(&ax25->ax25_node, &ax25_list); 161 spin_unlock_bh(&ax25_list_lock); 162 } 163 164 /* 165 * Find a socket that wants to accept the SABM we have just 166 * received. 167 */ 168 struct sock *ax25_find_listener(ax25_address *addr, int digi, 169 struct net_device *dev, int type) 170 { 171 ax25_cb *s; 172 173 spin_lock(&ax25_list_lock); 174 ax25_for_each(s, &ax25_list) { 175 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 176 continue; 177 if (s->sk && !ax25cmp(&s->source_addr, addr) && 178 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 179 /* If device is null we match any device */ 180 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 181 sock_hold(s->sk); 182 spin_unlock(&ax25_list_lock); 183 return s->sk; 184 } 185 } 186 } 187 spin_unlock(&ax25_list_lock); 188 189 return NULL; 190 } 191 192 /* 193 * Find an AX.25 socket given both ends. 194 */ 195 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 196 int type) 197 { 198 struct sock *sk = NULL; 199 ax25_cb *s; 200 201 spin_lock(&ax25_list_lock); 202 ax25_for_each(s, &ax25_list) { 203 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 204 !ax25cmp(&s->dest_addr, dest_addr) && 205 s->sk->sk_type == type) { 206 sk = s->sk; 207 sock_hold(sk); 208 break; 209 } 210 } 211 212 spin_unlock(&ax25_list_lock); 213 214 return sk; 215 } 216 217 /* 218 * Find an AX.25 control block given both ends. It will only pick up 219 * floating AX.25 control blocks or non Raw socket bound control blocks. 220 */ 221 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr, 222 ax25_digi *digi, struct net_device *dev) 223 { 224 ax25_cb *s; 225 226 spin_lock_bh(&ax25_list_lock); 227 ax25_for_each(s, &ax25_list) { 228 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 229 continue; 230 if (s->ax25_dev == NULL) 231 continue; 232 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 233 if (digi != NULL && digi->ndigi != 0) { 234 if (s->digipeat == NULL) 235 continue; 236 if (ax25digicmp(s->digipeat, digi) != 0) 237 continue; 238 } else { 239 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 240 continue; 241 } 242 ax25_cb_hold(s); 243 spin_unlock_bh(&ax25_list_lock); 244 245 return s; 246 } 247 } 248 spin_unlock_bh(&ax25_list_lock); 249 250 return NULL; 251 } 252 253 EXPORT_SYMBOL(ax25_find_cb); 254 255 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 256 { 257 ax25_cb *s; 258 struct sk_buff *copy; 259 260 spin_lock(&ax25_list_lock); 261 ax25_for_each(s, &ax25_list) { 262 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 263 s->sk->sk_type == SOCK_RAW && 264 s->sk->sk_protocol == proto && 265 s->ax25_dev->dev == skb->dev && 266 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 267 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 268 continue; 269 if (sock_queue_rcv_skb(s->sk, copy) != 0) 270 kfree_skb(copy); 271 } 272 } 273 spin_unlock(&ax25_list_lock); 274 } 275 276 /* 277 * Deferred destroy. 278 */ 279 void ax25_destroy_socket(ax25_cb *); 280 281 /* 282 * Handler for deferred kills. 283 */ 284 static void ax25_destroy_timer(struct timer_list *t) 285 { 286 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 287 struct sock *sk; 288 289 sk=ax25->sk; 290 291 bh_lock_sock(sk); 292 sock_hold(sk); 293 ax25_destroy_socket(ax25); 294 bh_unlock_sock(sk); 295 sock_put(sk); 296 } 297 298 /* 299 * This is called from user mode and the timers. Thus it protects itself 300 * against interrupt users but doesn't worry about being called during 301 * work. Once it is removed from the queue no interrupt or bottom half 302 * will touch it and we are (fairly 8-) ) safe. 303 */ 304 void ax25_destroy_socket(ax25_cb *ax25) 305 { 306 struct sk_buff *skb; 307 308 ax25_cb_del(ax25); 309 310 ax25_stop_heartbeat(ax25); 311 ax25_stop_t1timer(ax25); 312 ax25_stop_t2timer(ax25); 313 ax25_stop_t3timer(ax25); 314 ax25_stop_idletimer(ax25); 315 316 ax25_clear_queues(ax25); /* Flush the queues */ 317 318 if (ax25->sk != NULL) { 319 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 320 if (skb->sk != ax25->sk) { 321 /* A pending connection */ 322 ax25_cb *sax25 = sk_to_ax25(skb->sk); 323 324 /* Queue the unaccepted socket for death */ 325 sock_orphan(skb->sk); 326 327 /* 9A4GL: hack to release unaccepted sockets */ 328 skb->sk->sk_state = TCP_LISTEN; 329 330 ax25_start_heartbeat(sax25); 331 sax25->state = AX25_STATE_0; 332 } 333 334 kfree_skb(skb); 335 } 336 skb_queue_purge(&ax25->sk->sk_write_queue); 337 } 338 339 if (ax25->sk != NULL) { 340 if (sk_has_allocations(ax25->sk)) { 341 /* Defer: outstanding buffers */ 342 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 343 ax25->dtimer.expires = jiffies + 2 * HZ; 344 add_timer(&ax25->dtimer); 345 } else { 346 struct sock *sk=ax25->sk; 347 ax25->sk=NULL; 348 sock_put(sk); 349 } 350 } else { 351 ax25_cb_put(ax25); 352 } 353 } 354 355 /* 356 * dl1bke 960311: set parameters for existing AX.25 connections, 357 * includes a KILL command to abort any connection. 358 * VERY useful for debugging ;-) 359 */ 360 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 361 { 362 struct ax25_ctl_struct ax25_ctl; 363 ax25_digi digi; 364 ax25_dev *ax25_dev; 365 ax25_cb *ax25; 366 unsigned int k; 367 int ret = 0; 368 369 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 370 return -EFAULT; 371 372 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 373 return -EINVAL; 374 375 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 376 return -EINVAL; 377 378 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr); 379 if (!ax25_dev) 380 return -ENODEV; 381 382 digi.ndigi = ax25_ctl.digi_count; 383 for (k = 0; k < digi.ndigi; k++) 384 digi.calls[k] = ax25_ctl.digi_addr[k]; 385 386 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev); 387 if (!ax25) { 388 ax25_dev_put(ax25_dev); 389 return -ENOTCONN; 390 } 391 392 switch (ax25_ctl.cmd) { 393 case AX25_KILL: 394 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 395 #ifdef CONFIG_AX25_DAMA_SLAVE 396 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 397 ax25_dama_off(ax25); 398 #endif 399 ax25_disconnect(ax25, ENETRESET); 400 break; 401 402 case AX25_WINDOW: 403 if (ax25->modulus == AX25_MODULUS) { 404 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 405 goto einval_put; 406 } else { 407 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 408 goto einval_put; 409 } 410 ax25->window = ax25_ctl.arg; 411 break; 412 413 case AX25_T1: 414 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 415 goto einval_put; 416 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 417 ax25->t1 = ax25_ctl.arg * HZ; 418 break; 419 420 case AX25_T2: 421 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 422 goto einval_put; 423 ax25->t2 = ax25_ctl.arg * HZ; 424 break; 425 426 case AX25_N2: 427 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 428 goto einval_put; 429 ax25->n2count = 0; 430 ax25->n2 = ax25_ctl.arg; 431 break; 432 433 case AX25_T3: 434 if (ax25_ctl.arg > ULONG_MAX / HZ) 435 goto einval_put; 436 ax25->t3 = ax25_ctl.arg * HZ; 437 break; 438 439 case AX25_IDLE: 440 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 441 goto einval_put; 442 443 ax25->idle = ax25_ctl.arg * 60 * HZ; 444 break; 445 446 case AX25_PACLEN: 447 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 448 goto einval_put; 449 ax25->paclen = ax25_ctl.arg; 450 break; 451 452 default: 453 goto einval_put; 454 } 455 456 out_put: 457 ax25_dev_put(ax25_dev); 458 ax25_cb_put(ax25); 459 return ret; 460 461 einval_put: 462 ret = -EINVAL; 463 goto out_put; 464 } 465 466 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev) 467 { 468 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 469 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 470 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 471 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 472 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 473 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 474 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 475 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 476 477 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 478 ax25->modulus = AX25_EMODULUS; 479 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 480 } else { 481 ax25->modulus = AX25_MODULUS; 482 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 483 } 484 } 485 486 /* 487 * Fill in a created AX.25 created control block with the default 488 * values for a particular device. 489 */ 490 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 491 { 492 ax25->ax25_dev = ax25_dev; 493 494 if (ax25->ax25_dev != NULL) { 495 ax25_fillin_cb_from_dev(ax25, ax25_dev); 496 return; 497 } 498 499 /* 500 * No device, use kernel / AX.25 spec default values 501 */ 502 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 503 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 504 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 505 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 506 ax25->n2 = AX25_DEF_N2; 507 ax25->paclen = AX25_DEF_PACLEN; 508 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 509 ax25->backoff = AX25_DEF_BACKOFF; 510 511 if (AX25_DEF_AXDEFMODE) { 512 ax25->modulus = AX25_EMODULUS; 513 ax25->window = AX25_DEF_EWINDOW; 514 } else { 515 ax25->modulus = AX25_MODULUS; 516 ax25->window = AX25_DEF_WINDOW; 517 } 518 } 519 520 /* 521 * Create an empty AX.25 control block. 522 */ 523 ax25_cb *ax25_create_cb(void) 524 { 525 ax25_cb *ax25; 526 527 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 528 return NULL; 529 530 refcount_set(&ax25->refcount, 1); 531 532 skb_queue_head_init(&ax25->write_queue); 533 skb_queue_head_init(&ax25->frag_queue); 534 skb_queue_head_init(&ax25->ack_queue); 535 skb_queue_head_init(&ax25->reseq_queue); 536 537 ax25_setup_timers(ax25); 538 539 ax25_fillin_cb(ax25, NULL); 540 541 ax25->state = AX25_STATE_0; 542 543 return ax25; 544 } 545 546 /* 547 * Handling for system calls applied via the various interfaces to an 548 * AX25 socket object 549 */ 550 551 static int ax25_setsockopt(struct socket *sock, int level, int optname, 552 sockptr_t optval, unsigned int optlen) 553 { 554 struct sock *sk = sock->sk; 555 ax25_cb *ax25; 556 struct net_device *dev; 557 char devname[IFNAMSIZ]; 558 unsigned int opt; 559 int res = 0; 560 561 if (level != SOL_AX25) 562 return -ENOPROTOOPT; 563 564 if (optlen < sizeof(unsigned int)) 565 return -EINVAL; 566 567 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 568 return -EFAULT; 569 570 lock_sock(sk); 571 ax25 = sk_to_ax25(sk); 572 573 switch (optname) { 574 case AX25_WINDOW: 575 if (ax25->modulus == AX25_MODULUS) { 576 if (opt < 1 || opt > 7) { 577 res = -EINVAL; 578 break; 579 } 580 } else { 581 if (opt < 1 || opt > 63) { 582 res = -EINVAL; 583 break; 584 } 585 } 586 ax25->window = opt; 587 break; 588 589 case AX25_T1: 590 if (opt < 1 || opt > UINT_MAX / HZ) { 591 res = -EINVAL; 592 break; 593 } 594 ax25->rtt = (opt * HZ) >> 1; 595 ax25->t1 = opt * HZ; 596 break; 597 598 case AX25_T2: 599 if (opt < 1 || opt > UINT_MAX / HZ) { 600 res = -EINVAL; 601 break; 602 } 603 ax25->t2 = opt * HZ; 604 break; 605 606 case AX25_N2: 607 if (opt < 1 || opt > 31) { 608 res = -EINVAL; 609 break; 610 } 611 ax25->n2 = opt; 612 break; 613 614 case AX25_T3: 615 if (opt < 1 || opt > UINT_MAX / HZ) { 616 res = -EINVAL; 617 break; 618 } 619 ax25->t3 = opt * HZ; 620 break; 621 622 case AX25_IDLE: 623 if (opt > UINT_MAX / (60 * HZ)) { 624 res = -EINVAL; 625 break; 626 } 627 ax25->idle = opt * 60 * HZ; 628 break; 629 630 case AX25_BACKOFF: 631 if (opt > 2) { 632 res = -EINVAL; 633 break; 634 } 635 ax25->backoff = opt; 636 break; 637 638 case AX25_EXTSEQ: 639 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 640 break; 641 642 case AX25_PIDINCL: 643 ax25->pidincl = opt ? 1 : 0; 644 break; 645 646 case AX25_IAMDIGI: 647 ax25->iamdigi = opt ? 1 : 0; 648 break; 649 650 case AX25_PACLEN: 651 if (opt < 16 || opt > 65535) { 652 res = -EINVAL; 653 break; 654 } 655 ax25->paclen = opt; 656 break; 657 658 case SO_BINDTODEVICE: 659 if (optlen > IFNAMSIZ - 1) 660 optlen = IFNAMSIZ - 1; 661 662 memset(devname, 0, sizeof(devname)); 663 664 if (copy_from_sockptr(devname, optval, optlen)) { 665 res = -EFAULT; 666 break; 667 } 668 669 if (sk->sk_type == SOCK_SEQPACKET && 670 (sock->state != SS_UNCONNECTED || 671 sk->sk_state == TCP_LISTEN)) { 672 res = -EADDRNOTAVAIL; 673 break; 674 } 675 676 rtnl_lock(); 677 dev = __dev_get_by_name(&init_net, devname); 678 if (!dev) { 679 rtnl_unlock(); 680 res = -ENODEV; 681 break; 682 } 683 684 ax25->ax25_dev = ax25_dev_ax25dev(dev); 685 if (!ax25->ax25_dev) { 686 rtnl_unlock(); 687 res = -ENODEV; 688 break; 689 } 690 ax25_fillin_cb(ax25, ax25->ax25_dev); 691 rtnl_unlock(); 692 break; 693 694 default: 695 res = -ENOPROTOOPT; 696 } 697 release_sock(sk); 698 699 return res; 700 } 701 702 static int ax25_getsockopt(struct socket *sock, int level, int optname, 703 char __user *optval, int __user *optlen) 704 { 705 struct sock *sk = sock->sk; 706 ax25_cb *ax25; 707 struct ax25_dev *ax25_dev; 708 char devname[IFNAMSIZ]; 709 void *valptr; 710 int val = 0; 711 int maxlen, length; 712 713 if (level != SOL_AX25) 714 return -ENOPROTOOPT; 715 716 if (get_user(maxlen, optlen)) 717 return -EFAULT; 718 719 if (maxlen < 1) 720 return -EFAULT; 721 722 valptr = (void *) &val; 723 length = min_t(unsigned int, maxlen, sizeof(int)); 724 725 lock_sock(sk); 726 ax25 = sk_to_ax25(sk); 727 728 switch (optname) { 729 case AX25_WINDOW: 730 val = ax25->window; 731 break; 732 733 case AX25_T1: 734 val = ax25->t1 / HZ; 735 break; 736 737 case AX25_T2: 738 val = ax25->t2 / HZ; 739 break; 740 741 case AX25_N2: 742 val = ax25->n2; 743 break; 744 745 case AX25_T3: 746 val = ax25->t3 / HZ; 747 break; 748 749 case AX25_IDLE: 750 val = ax25->idle / (60 * HZ); 751 break; 752 753 case AX25_BACKOFF: 754 val = ax25->backoff; 755 break; 756 757 case AX25_EXTSEQ: 758 val = (ax25->modulus == AX25_EMODULUS); 759 break; 760 761 case AX25_PIDINCL: 762 val = ax25->pidincl; 763 break; 764 765 case AX25_IAMDIGI: 766 val = ax25->iamdigi; 767 break; 768 769 case AX25_PACLEN: 770 val = ax25->paclen; 771 break; 772 773 case SO_BINDTODEVICE: 774 ax25_dev = ax25->ax25_dev; 775 776 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 777 strlcpy(devname, ax25_dev->dev->name, sizeof(devname)); 778 length = strlen(devname) + 1; 779 } else { 780 *devname = '\0'; 781 length = 1; 782 } 783 784 valptr = (void *) devname; 785 break; 786 787 default: 788 release_sock(sk); 789 return -ENOPROTOOPT; 790 } 791 release_sock(sk); 792 793 if (put_user(length, optlen)) 794 return -EFAULT; 795 796 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 797 } 798 799 static int ax25_listen(struct socket *sock, int backlog) 800 { 801 struct sock *sk = sock->sk; 802 int res = 0; 803 804 lock_sock(sk); 805 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 806 sk->sk_max_ack_backlog = backlog; 807 sk->sk_state = TCP_LISTEN; 808 goto out; 809 } 810 res = -EOPNOTSUPP; 811 812 out: 813 release_sock(sk); 814 815 return res; 816 } 817 818 /* 819 * XXX: when creating ax25_sock we should update the .obj_size setting 820 * below. 821 */ 822 static struct proto ax25_proto = { 823 .name = "AX25", 824 .owner = THIS_MODULE, 825 .obj_size = sizeof(struct ax25_sock), 826 }; 827 828 static int ax25_create(struct net *net, struct socket *sock, int protocol, 829 int kern) 830 { 831 struct sock *sk; 832 ax25_cb *ax25; 833 834 if (protocol < 0 || protocol > U8_MAX) 835 return -EINVAL; 836 837 if (!net_eq(net, &init_net)) 838 return -EAFNOSUPPORT; 839 840 switch (sock->type) { 841 case SOCK_DGRAM: 842 if (protocol == 0 || protocol == PF_AX25) 843 protocol = AX25_P_TEXT; 844 break; 845 846 case SOCK_SEQPACKET: 847 switch (protocol) { 848 case 0: 849 case PF_AX25: /* For CLX */ 850 protocol = AX25_P_TEXT; 851 break; 852 case AX25_P_SEGMENT: 853 #ifdef CONFIG_INET 854 case AX25_P_ARP: 855 case AX25_P_IP: 856 #endif 857 #ifdef CONFIG_NETROM 858 case AX25_P_NETROM: 859 #endif 860 #ifdef CONFIG_ROSE 861 case AX25_P_ROSE: 862 #endif 863 return -ESOCKTNOSUPPORT; 864 #ifdef CONFIG_NETROM_MODULE 865 case AX25_P_NETROM: 866 if (ax25_protocol_is_registered(AX25_P_NETROM)) 867 return -ESOCKTNOSUPPORT; 868 break; 869 #endif 870 #ifdef CONFIG_ROSE_MODULE 871 case AX25_P_ROSE: 872 if (ax25_protocol_is_registered(AX25_P_ROSE)) 873 return -ESOCKTNOSUPPORT; 874 break; 875 #endif 876 default: 877 break; 878 } 879 break; 880 881 case SOCK_RAW: 882 if (!capable(CAP_NET_RAW)) 883 return -EPERM; 884 break; 885 default: 886 return -ESOCKTNOSUPPORT; 887 } 888 889 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 890 if (sk == NULL) 891 return -ENOMEM; 892 893 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 894 if (!ax25) { 895 sk_free(sk); 896 return -ENOMEM; 897 } 898 899 sock_init_data(sock, sk); 900 901 sk->sk_destruct = ax25_free_sock; 902 sock->ops = &ax25_proto_ops; 903 sk->sk_protocol = protocol; 904 905 ax25->sk = sk; 906 907 return 0; 908 } 909 910 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 911 { 912 struct sock *sk; 913 ax25_cb *ax25, *oax25; 914 915 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 916 if (sk == NULL) 917 return NULL; 918 919 if ((ax25 = ax25_create_cb()) == NULL) { 920 sk_free(sk); 921 return NULL; 922 } 923 924 switch (osk->sk_type) { 925 case SOCK_DGRAM: 926 break; 927 case SOCK_SEQPACKET: 928 break; 929 default: 930 sk_free(sk); 931 ax25_cb_put(ax25); 932 return NULL; 933 } 934 935 sock_init_data(NULL, sk); 936 937 sk->sk_type = osk->sk_type; 938 sk->sk_priority = osk->sk_priority; 939 sk->sk_protocol = osk->sk_protocol; 940 sk->sk_rcvbuf = osk->sk_rcvbuf; 941 sk->sk_sndbuf = osk->sk_sndbuf; 942 sk->sk_state = TCP_ESTABLISHED; 943 sock_copy_flags(sk, osk); 944 945 oax25 = sk_to_ax25(osk); 946 947 ax25->modulus = oax25->modulus; 948 ax25->backoff = oax25->backoff; 949 ax25->pidincl = oax25->pidincl; 950 ax25->iamdigi = oax25->iamdigi; 951 ax25->rtt = oax25->rtt; 952 ax25->t1 = oax25->t1; 953 ax25->t2 = oax25->t2; 954 ax25->t3 = oax25->t3; 955 ax25->n2 = oax25->n2; 956 ax25->idle = oax25->idle; 957 ax25->paclen = oax25->paclen; 958 ax25->window = oax25->window; 959 960 ax25->ax25_dev = ax25_dev; 961 ax25->source_addr = oax25->source_addr; 962 963 if (oax25->digipeat != NULL) { 964 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 965 GFP_ATOMIC); 966 if (ax25->digipeat == NULL) { 967 sk_free(sk); 968 ax25_cb_put(ax25); 969 return NULL; 970 } 971 } 972 973 ax25_sk(sk)->cb = ax25; 974 sk->sk_destruct = ax25_free_sock; 975 ax25->sk = sk; 976 977 return sk; 978 } 979 980 static int ax25_release(struct socket *sock) 981 { 982 struct sock *sk = sock->sk; 983 ax25_cb *ax25; 984 ax25_dev *ax25_dev; 985 986 if (sk == NULL) 987 return 0; 988 989 sock_hold(sk); 990 lock_sock(sk); 991 sock_orphan(sk); 992 ax25 = sk_to_ax25(sk); 993 ax25_dev = ax25->ax25_dev; 994 995 if (sk->sk_type == SOCK_SEQPACKET) { 996 switch (ax25->state) { 997 case AX25_STATE_0: 998 release_sock(sk); 999 ax25_disconnect(ax25, 0); 1000 lock_sock(sk); 1001 ax25_destroy_socket(ax25); 1002 break; 1003 1004 case AX25_STATE_1: 1005 case AX25_STATE_2: 1006 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 1007 release_sock(sk); 1008 ax25_disconnect(ax25, 0); 1009 lock_sock(sk); 1010 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 1011 ax25_destroy_socket(ax25); 1012 break; 1013 1014 case AX25_STATE_3: 1015 case AX25_STATE_4: 1016 ax25_clear_queues(ax25); 1017 ax25->n2count = 0; 1018 1019 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1020 case AX25_PROTO_STD_SIMPLEX: 1021 case AX25_PROTO_STD_DUPLEX: 1022 ax25_send_control(ax25, 1023 AX25_DISC, 1024 AX25_POLLON, 1025 AX25_COMMAND); 1026 ax25_stop_t2timer(ax25); 1027 ax25_stop_t3timer(ax25); 1028 ax25_stop_idletimer(ax25); 1029 break; 1030 #ifdef CONFIG_AX25_DAMA_SLAVE 1031 case AX25_PROTO_DAMA_SLAVE: 1032 ax25_stop_t3timer(ax25); 1033 ax25_stop_idletimer(ax25); 1034 break; 1035 #endif 1036 } 1037 ax25_calculate_t1(ax25); 1038 ax25_start_t1timer(ax25); 1039 ax25->state = AX25_STATE_2; 1040 sk->sk_state = TCP_CLOSE; 1041 sk->sk_shutdown |= SEND_SHUTDOWN; 1042 sk->sk_state_change(sk); 1043 sock_set_flag(sk, SOCK_DESTROY); 1044 break; 1045 1046 default: 1047 break; 1048 } 1049 } else { 1050 sk->sk_state = TCP_CLOSE; 1051 sk->sk_shutdown |= SEND_SHUTDOWN; 1052 sk->sk_state_change(sk); 1053 ax25_destroy_socket(ax25); 1054 } 1055 if (ax25_dev) { 1056 del_timer_sync(&ax25->timer); 1057 del_timer_sync(&ax25->t1timer); 1058 del_timer_sync(&ax25->t2timer); 1059 del_timer_sync(&ax25->t3timer); 1060 del_timer_sync(&ax25->idletimer); 1061 dev_put_track(ax25_dev->dev, &ax25_dev->dev_tracker); 1062 ax25_dev_put(ax25_dev); 1063 } 1064 1065 sock->sk = NULL; 1066 release_sock(sk); 1067 sock_put(sk); 1068 1069 return 0; 1070 } 1071 1072 /* 1073 * We support a funny extension here so you can (as root) give any callsign 1074 * digipeated via a local address as source. This hack is obsolete now 1075 * that we've implemented support for SO_BINDTODEVICE. It is however small 1076 * and trivially backward compatible. 1077 */ 1078 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1079 { 1080 struct sock *sk = sock->sk; 1081 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1082 ax25_dev *ax25_dev = NULL; 1083 ax25_uid_assoc *user; 1084 ax25_address call; 1085 ax25_cb *ax25; 1086 int err = 0; 1087 1088 if (addr_len != sizeof(struct sockaddr_ax25) && 1089 addr_len != sizeof(struct full_sockaddr_ax25)) 1090 /* support for old structure may go away some time 1091 * ax25_bind(): uses old (6 digipeater) socket structure. 1092 */ 1093 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1094 (addr_len > sizeof(struct full_sockaddr_ax25))) 1095 return -EINVAL; 1096 1097 if (addr->fsa_ax25.sax25_family != AF_AX25) 1098 return -EINVAL; 1099 1100 user = ax25_findbyuid(current_euid()); 1101 if (user) { 1102 call = user->call; 1103 ax25_uid_put(user); 1104 } else { 1105 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1106 return -EACCES; 1107 1108 call = addr->fsa_ax25.sax25_call; 1109 } 1110 1111 lock_sock(sk); 1112 1113 ax25 = sk_to_ax25(sk); 1114 if (!sock_flag(sk, SOCK_ZAPPED)) { 1115 err = -EINVAL; 1116 goto out; 1117 } 1118 1119 ax25->source_addr = call; 1120 1121 /* 1122 * User already set interface with SO_BINDTODEVICE 1123 */ 1124 if (ax25->ax25_dev != NULL) 1125 goto done; 1126 1127 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1128 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1129 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1130 err = -EADDRNOTAVAIL; 1131 goto out; 1132 } 1133 } else { 1134 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1135 err = -EADDRNOTAVAIL; 1136 goto out; 1137 } 1138 } 1139 1140 if (ax25_dev) { 1141 ax25_fillin_cb(ax25, ax25_dev); 1142 dev_hold_track(ax25_dev->dev, &ax25_dev->dev_tracker, GFP_ATOMIC); 1143 } 1144 1145 done: 1146 ax25_cb_add(ax25); 1147 sock_reset_flag(sk, SOCK_ZAPPED); 1148 1149 out: 1150 release_sock(sk); 1151 1152 return err; 1153 } 1154 1155 /* 1156 * FIXME: nonblock behaviour looks like it may have a bug. 1157 */ 1158 static int __must_check ax25_connect(struct socket *sock, 1159 struct sockaddr *uaddr, int addr_len, int flags) 1160 { 1161 struct sock *sk = sock->sk; 1162 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1163 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1164 ax25_digi *digi = NULL; 1165 int ct = 0, err = 0; 1166 1167 /* 1168 * some sanity checks. code further down depends on this 1169 */ 1170 1171 if (addr_len == sizeof(struct sockaddr_ax25)) 1172 /* support for this will go away in early 2.5.x 1173 * ax25_connect(): uses obsolete socket structure 1174 */ 1175 ; 1176 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1177 /* support for old structure may go away some time 1178 * ax25_connect(): uses old (6 digipeater) socket structure. 1179 */ 1180 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1181 (addr_len > sizeof(struct full_sockaddr_ax25))) 1182 return -EINVAL; 1183 1184 1185 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1186 return -EINVAL; 1187 1188 lock_sock(sk); 1189 1190 /* deal with restarts */ 1191 if (sock->state == SS_CONNECTING) { 1192 switch (sk->sk_state) { 1193 case TCP_SYN_SENT: /* still trying */ 1194 err = -EINPROGRESS; 1195 goto out_release; 1196 1197 case TCP_ESTABLISHED: /* connection established */ 1198 sock->state = SS_CONNECTED; 1199 goto out_release; 1200 1201 case TCP_CLOSE: /* connection refused */ 1202 sock->state = SS_UNCONNECTED; 1203 err = -ECONNREFUSED; 1204 goto out_release; 1205 } 1206 } 1207 1208 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1209 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1210 goto out_release; 1211 } 1212 1213 sk->sk_state = TCP_CLOSE; 1214 sock->state = SS_UNCONNECTED; 1215 1216 kfree(ax25->digipeat); 1217 ax25->digipeat = NULL; 1218 1219 /* 1220 * Handle digi-peaters to be used. 1221 */ 1222 if (addr_len > sizeof(struct sockaddr_ax25) && 1223 fsa->fsa_ax25.sax25_ndigis != 0) { 1224 /* Valid number of digipeaters ? */ 1225 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1226 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1227 addr_len < sizeof(struct sockaddr_ax25) + 1228 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1229 err = -EINVAL; 1230 goto out_release; 1231 } 1232 1233 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1234 err = -ENOBUFS; 1235 goto out_release; 1236 } 1237 1238 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1239 digi->lastrepeat = -1; 1240 1241 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1242 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1243 AX25_HBIT) && ax25->iamdigi) { 1244 digi->repeated[ct] = 1; 1245 digi->lastrepeat = ct; 1246 } else { 1247 digi->repeated[ct] = 0; 1248 } 1249 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1250 ct++; 1251 } 1252 } 1253 1254 /* 1255 * Must bind first - autobinding in this may or may not work. If 1256 * the socket is already bound, check to see if the device has 1257 * been filled in, error if it hasn't. 1258 */ 1259 if (sock_flag(sk, SOCK_ZAPPED)) { 1260 /* check if we can remove this feature. It is broken. */ 1261 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1262 current->comm); 1263 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1264 kfree(digi); 1265 goto out_release; 1266 } 1267 1268 ax25_fillin_cb(ax25, ax25->ax25_dev); 1269 ax25_cb_add(ax25); 1270 } else { 1271 if (ax25->ax25_dev == NULL) { 1272 kfree(digi); 1273 err = -EHOSTUNREACH; 1274 goto out_release; 1275 } 1276 } 1277 1278 if (sk->sk_type == SOCK_SEQPACKET && 1279 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1280 ax25->ax25_dev->dev))) { 1281 kfree(digi); 1282 err = -EADDRINUSE; /* Already such a connection */ 1283 ax25_cb_put(ax25t); 1284 goto out_release; 1285 } 1286 1287 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1288 ax25->digipeat = digi; 1289 1290 /* First the easy one */ 1291 if (sk->sk_type != SOCK_SEQPACKET) { 1292 sock->state = SS_CONNECTED; 1293 sk->sk_state = TCP_ESTABLISHED; 1294 goto out_release; 1295 } 1296 1297 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1298 sock->state = SS_CONNECTING; 1299 sk->sk_state = TCP_SYN_SENT; 1300 1301 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1302 case AX25_PROTO_STD_SIMPLEX: 1303 case AX25_PROTO_STD_DUPLEX: 1304 ax25_std_establish_data_link(ax25); 1305 break; 1306 1307 #ifdef CONFIG_AX25_DAMA_SLAVE 1308 case AX25_PROTO_DAMA_SLAVE: 1309 ax25->modulus = AX25_MODULUS; 1310 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1311 if (ax25->ax25_dev->dama.slave) 1312 ax25_ds_establish_data_link(ax25); 1313 else 1314 ax25_std_establish_data_link(ax25); 1315 break; 1316 #endif 1317 } 1318 1319 ax25->state = AX25_STATE_1; 1320 1321 ax25_start_heartbeat(ax25); 1322 1323 /* Now the loop */ 1324 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1325 err = -EINPROGRESS; 1326 goto out_release; 1327 } 1328 1329 if (sk->sk_state == TCP_SYN_SENT) { 1330 DEFINE_WAIT(wait); 1331 1332 for (;;) { 1333 prepare_to_wait(sk_sleep(sk), &wait, 1334 TASK_INTERRUPTIBLE); 1335 if (sk->sk_state != TCP_SYN_SENT) 1336 break; 1337 if (!signal_pending(current)) { 1338 release_sock(sk); 1339 schedule(); 1340 lock_sock(sk); 1341 continue; 1342 } 1343 err = -ERESTARTSYS; 1344 break; 1345 } 1346 finish_wait(sk_sleep(sk), &wait); 1347 1348 if (err) 1349 goto out_release; 1350 } 1351 1352 if (sk->sk_state != TCP_ESTABLISHED) { 1353 /* Not in ABM, not in WAIT_UA -> failed */ 1354 sock->state = SS_UNCONNECTED; 1355 err = sock_error(sk); /* Always set at this point */ 1356 goto out_release; 1357 } 1358 1359 sock->state = SS_CONNECTED; 1360 1361 err = 0; 1362 out_release: 1363 release_sock(sk); 1364 1365 return err; 1366 } 1367 1368 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags, 1369 bool kern) 1370 { 1371 struct sk_buff *skb; 1372 struct sock *newsk; 1373 DEFINE_WAIT(wait); 1374 struct sock *sk; 1375 int err = 0; 1376 1377 if (sock->state != SS_UNCONNECTED) 1378 return -EINVAL; 1379 1380 if ((sk = sock->sk) == NULL) 1381 return -EINVAL; 1382 1383 lock_sock(sk); 1384 if (sk->sk_type != SOCK_SEQPACKET) { 1385 err = -EOPNOTSUPP; 1386 goto out; 1387 } 1388 1389 if (sk->sk_state != TCP_LISTEN) { 1390 err = -EINVAL; 1391 goto out; 1392 } 1393 1394 /* 1395 * The read queue this time is holding sockets ready to use 1396 * hooked into the SABM we saved 1397 */ 1398 for (;;) { 1399 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1400 skb = skb_dequeue(&sk->sk_receive_queue); 1401 if (skb) 1402 break; 1403 1404 if (flags & O_NONBLOCK) { 1405 err = -EWOULDBLOCK; 1406 break; 1407 } 1408 if (!signal_pending(current)) { 1409 release_sock(sk); 1410 schedule(); 1411 lock_sock(sk); 1412 continue; 1413 } 1414 err = -ERESTARTSYS; 1415 break; 1416 } 1417 finish_wait(sk_sleep(sk), &wait); 1418 1419 if (err) 1420 goto out; 1421 1422 newsk = skb->sk; 1423 sock_graft(newsk, newsock); 1424 1425 /* Now attach up the new socket */ 1426 kfree_skb(skb); 1427 sk_acceptq_removed(sk); 1428 newsock->state = SS_CONNECTED; 1429 1430 out: 1431 release_sock(sk); 1432 1433 return err; 1434 } 1435 1436 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1437 int peer) 1438 { 1439 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1440 struct sock *sk = sock->sk; 1441 unsigned char ndigi, i; 1442 ax25_cb *ax25; 1443 int err = 0; 1444 1445 memset(fsa, 0, sizeof(*fsa)); 1446 lock_sock(sk); 1447 ax25 = sk_to_ax25(sk); 1448 1449 if (peer != 0) { 1450 if (sk->sk_state != TCP_ESTABLISHED) { 1451 err = -ENOTCONN; 1452 goto out; 1453 } 1454 1455 fsa->fsa_ax25.sax25_family = AF_AX25; 1456 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1457 1458 if (ax25->digipeat != NULL) { 1459 ndigi = ax25->digipeat->ndigi; 1460 fsa->fsa_ax25.sax25_ndigis = ndigi; 1461 for (i = 0; i < ndigi; i++) 1462 fsa->fsa_digipeater[i] = 1463 ax25->digipeat->calls[i]; 1464 } 1465 } else { 1466 fsa->fsa_ax25.sax25_family = AF_AX25; 1467 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1468 fsa->fsa_ax25.sax25_ndigis = 1; 1469 if (ax25->ax25_dev != NULL) { 1470 memcpy(&fsa->fsa_digipeater[0], 1471 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1472 } else { 1473 fsa->fsa_digipeater[0] = null_ax25_address; 1474 } 1475 } 1476 err = sizeof (struct full_sockaddr_ax25); 1477 1478 out: 1479 release_sock(sk); 1480 1481 return err; 1482 } 1483 1484 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1485 { 1486 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1487 struct sock *sk = sock->sk; 1488 struct sockaddr_ax25 sax; 1489 struct sk_buff *skb; 1490 ax25_digi dtmp, *dp; 1491 ax25_cb *ax25; 1492 size_t size; 1493 int lv, err, addr_len = msg->msg_namelen; 1494 1495 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1496 return -EINVAL; 1497 1498 lock_sock(sk); 1499 ax25 = sk_to_ax25(sk); 1500 1501 if (sock_flag(sk, SOCK_ZAPPED)) { 1502 err = -EADDRNOTAVAIL; 1503 goto out; 1504 } 1505 1506 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1507 send_sig(SIGPIPE, current, 0); 1508 err = -EPIPE; 1509 goto out; 1510 } 1511 1512 if (ax25->ax25_dev == NULL) { 1513 err = -ENETUNREACH; 1514 goto out; 1515 } 1516 1517 if (len > ax25->ax25_dev->dev->mtu) { 1518 err = -EMSGSIZE; 1519 goto out; 1520 } 1521 1522 if (usax != NULL) { 1523 if (usax->sax25_family != AF_AX25) { 1524 err = -EINVAL; 1525 goto out; 1526 } 1527 1528 if (addr_len == sizeof(struct sockaddr_ax25)) 1529 /* ax25_sendmsg(): uses obsolete socket structure */ 1530 ; 1531 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1532 /* support for old structure may go away some time 1533 * ax25_sendmsg(): uses old (6 digipeater) 1534 * socket structure. 1535 */ 1536 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1537 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1538 err = -EINVAL; 1539 goto out; 1540 } 1541 1542 1543 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1544 int ct = 0; 1545 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1546 1547 /* Valid number of digipeaters ? */ 1548 if (usax->sax25_ndigis < 1 || 1549 usax->sax25_ndigis > AX25_MAX_DIGIS || 1550 addr_len < sizeof(struct sockaddr_ax25) + 1551 sizeof(ax25_address) * usax->sax25_ndigis) { 1552 err = -EINVAL; 1553 goto out; 1554 } 1555 1556 dtmp.ndigi = usax->sax25_ndigis; 1557 1558 while (ct < usax->sax25_ndigis) { 1559 dtmp.repeated[ct] = 0; 1560 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1561 ct++; 1562 } 1563 1564 dtmp.lastrepeat = 0; 1565 } 1566 1567 sax = *usax; 1568 if (sk->sk_type == SOCK_SEQPACKET && 1569 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1570 err = -EISCONN; 1571 goto out; 1572 } 1573 if (usax->sax25_ndigis == 0) 1574 dp = NULL; 1575 else 1576 dp = &dtmp; 1577 } else { 1578 /* 1579 * FIXME: 1003.1g - if the socket is like this because 1580 * it has become closed (not started closed) and is VC 1581 * we ought to SIGPIPE, EPIPE 1582 */ 1583 if (sk->sk_state != TCP_ESTABLISHED) { 1584 err = -ENOTCONN; 1585 goto out; 1586 } 1587 sax.sax25_family = AF_AX25; 1588 sax.sax25_call = ax25->dest_addr; 1589 dp = ax25->digipeat; 1590 } 1591 1592 /* Build a packet */ 1593 /* Assume the worst case */ 1594 size = len + ax25->ax25_dev->dev->hard_header_len; 1595 1596 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1597 if (skb == NULL) 1598 goto out; 1599 1600 skb_reserve(skb, size - len); 1601 1602 /* User data follows immediately after the AX.25 data */ 1603 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1604 err = -EFAULT; 1605 kfree_skb(skb); 1606 goto out; 1607 } 1608 1609 skb_reset_network_header(skb); 1610 1611 /* Add the PID if one is not supplied by the user in the skb */ 1612 if (!ax25->pidincl) 1613 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1614 1615 if (sk->sk_type == SOCK_SEQPACKET) { 1616 /* Connected mode sockets go via the LAPB machine */ 1617 if (sk->sk_state != TCP_ESTABLISHED) { 1618 kfree_skb(skb); 1619 err = -ENOTCONN; 1620 goto out; 1621 } 1622 1623 /* Shove it onto the queue and kick */ 1624 ax25_output(ax25, ax25->paclen, skb); 1625 1626 err = len; 1627 goto out; 1628 } 1629 1630 skb_push(skb, 1 + ax25_addr_size(dp)); 1631 1632 /* Building AX.25 Header */ 1633 1634 /* Build an AX.25 header */ 1635 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1636 dp, AX25_COMMAND, AX25_MODULUS); 1637 1638 skb_set_transport_header(skb, lv); 1639 1640 *skb_transport_header(skb) = AX25_UI; 1641 1642 /* Datagram frames go straight out of the door as UI */ 1643 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1644 1645 err = len; 1646 1647 out: 1648 release_sock(sk); 1649 1650 return err; 1651 } 1652 1653 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1654 int flags) 1655 { 1656 struct sock *sk = sock->sk; 1657 struct sk_buff *skb; 1658 int copied; 1659 int err = 0; 1660 1661 lock_sock(sk); 1662 /* 1663 * This works for seqpacket too. The receiver has ordered the 1664 * queue for us! We do one quick check first though 1665 */ 1666 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1667 err = -ENOTCONN; 1668 goto out; 1669 } 1670 1671 /* Now we can treat all alike */ 1672 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1673 flags & MSG_DONTWAIT, &err); 1674 if (skb == NULL) 1675 goto out; 1676 1677 if (!sk_to_ax25(sk)->pidincl) 1678 skb_pull(skb, 1); /* Remove PID */ 1679 1680 skb_reset_transport_header(skb); 1681 copied = skb->len; 1682 1683 if (copied > size) { 1684 copied = size; 1685 msg->msg_flags |= MSG_TRUNC; 1686 } 1687 1688 skb_copy_datagram_msg(skb, 0, msg, copied); 1689 1690 if (msg->msg_name) { 1691 ax25_digi digi; 1692 ax25_address src; 1693 const unsigned char *mac = skb_mac_header(skb); 1694 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1695 1696 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1697 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1698 &digi, NULL, NULL); 1699 sax->sax25_family = AF_AX25; 1700 /* We set this correctly, even though we may not let the 1701 application know the digi calls further down (because it 1702 did NOT ask to know them). This could get political... **/ 1703 sax->sax25_ndigis = digi.ndigi; 1704 sax->sax25_call = src; 1705 1706 if (sax->sax25_ndigis != 0) { 1707 int ct; 1708 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1709 1710 for (ct = 0; ct < digi.ndigi; ct++) 1711 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1712 } 1713 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1714 } 1715 1716 skb_free_datagram(sk, skb); 1717 err = copied; 1718 1719 out: 1720 release_sock(sk); 1721 1722 return err; 1723 } 1724 1725 static int ax25_shutdown(struct socket *sk, int how) 1726 { 1727 /* FIXME - generate DM and RNR states */ 1728 return -EOPNOTSUPP; 1729 } 1730 1731 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1732 { 1733 struct sock *sk = sock->sk; 1734 void __user *argp = (void __user *)arg; 1735 int res = 0; 1736 1737 lock_sock(sk); 1738 switch (cmd) { 1739 case TIOCOUTQ: { 1740 long amount; 1741 1742 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1743 if (amount < 0) 1744 amount = 0; 1745 res = put_user(amount, (int __user *)argp); 1746 break; 1747 } 1748 1749 case TIOCINQ: { 1750 struct sk_buff *skb; 1751 long amount = 0L; 1752 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1753 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1754 amount = skb->len; 1755 res = put_user(amount, (int __user *) argp); 1756 break; 1757 } 1758 1759 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1760 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1761 case SIOCAX25GETUID: { 1762 struct sockaddr_ax25 sax25; 1763 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1764 res = -EFAULT; 1765 break; 1766 } 1767 res = ax25_uid_ioctl(cmd, &sax25); 1768 break; 1769 } 1770 1771 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1772 long amount; 1773 if (!capable(CAP_NET_ADMIN)) { 1774 res = -EPERM; 1775 break; 1776 } 1777 if (get_user(amount, (long __user *)argp)) { 1778 res = -EFAULT; 1779 break; 1780 } 1781 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1782 res = -EINVAL; 1783 break; 1784 } 1785 ax25_uid_policy = amount; 1786 res = 0; 1787 break; 1788 } 1789 1790 case SIOCADDRT: 1791 case SIOCDELRT: 1792 case SIOCAX25OPTRT: 1793 if (!capable(CAP_NET_ADMIN)) { 1794 res = -EPERM; 1795 break; 1796 } 1797 res = ax25_rt_ioctl(cmd, argp); 1798 break; 1799 1800 case SIOCAX25CTLCON: 1801 if (!capable(CAP_NET_ADMIN)) { 1802 res = -EPERM; 1803 break; 1804 } 1805 res = ax25_ctl_ioctl(cmd, argp); 1806 break; 1807 1808 case SIOCAX25GETINFO: 1809 case SIOCAX25GETINFOOLD: { 1810 ax25_cb *ax25 = sk_to_ax25(sk); 1811 struct ax25_info_struct ax25_info; 1812 1813 ax25_info.t1 = ax25->t1 / HZ; 1814 ax25_info.t2 = ax25->t2 / HZ; 1815 ax25_info.t3 = ax25->t3 / HZ; 1816 ax25_info.idle = ax25->idle / (60 * HZ); 1817 ax25_info.n2 = ax25->n2; 1818 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1819 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1820 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1821 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1822 ax25_info.n2count = ax25->n2count; 1823 ax25_info.state = ax25->state; 1824 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1825 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1826 ax25_info.vs = ax25->vs; 1827 ax25_info.vr = ax25->vr; 1828 ax25_info.va = ax25->va; 1829 ax25_info.vs_max = ax25->vs; /* reserved */ 1830 ax25_info.paclen = ax25->paclen; 1831 ax25_info.window = ax25->window; 1832 1833 /* old structure? */ 1834 if (cmd == SIOCAX25GETINFOOLD) { 1835 static int warned = 0; 1836 if (!warned) { 1837 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1838 current->comm); 1839 warned=1; 1840 } 1841 1842 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1843 res = -EFAULT; 1844 break; 1845 } 1846 } else { 1847 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1848 res = -EINVAL; 1849 break; 1850 } 1851 } 1852 res = 0; 1853 break; 1854 } 1855 1856 case SIOCAX25ADDFWD: 1857 case SIOCAX25DELFWD: { 1858 struct ax25_fwd_struct ax25_fwd; 1859 if (!capable(CAP_NET_ADMIN)) { 1860 res = -EPERM; 1861 break; 1862 } 1863 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1864 res = -EFAULT; 1865 break; 1866 } 1867 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1868 break; 1869 } 1870 1871 case SIOCGIFADDR: 1872 case SIOCSIFADDR: 1873 case SIOCGIFDSTADDR: 1874 case SIOCSIFDSTADDR: 1875 case SIOCGIFBRDADDR: 1876 case SIOCSIFBRDADDR: 1877 case SIOCGIFNETMASK: 1878 case SIOCSIFNETMASK: 1879 case SIOCGIFMETRIC: 1880 case SIOCSIFMETRIC: 1881 res = -EINVAL; 1882 break; 1883 1884 default: 1885 res = -ENOIOCTLCMD; 1886 break; 1887 } 1888 release_sock(sk); 1889 1890 return res; 1891 } 1892 1893 #ifdef CONFIG_PROC_FS 1894 1895 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1896 __acquires(ax25_list_lock) 1897 { 1898 spin_lock_bh(&ax25_list_lock); 1899 return seq_hlist_start(&ax25_list, *pos); 1900 } 1901 1902 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1903 { 1904 return seq_hlist_next(v, &ax25_list, pos); 1905 } 1906 1907 static void ax25_info_stop(struct seq_file *seq, void *v) 1908 __releases(ax25_list_lock) 1909 { 1910 spin_unlock_bh(&ax25_list_lock); 1911 } 1912 1913 static int ax25_info_show(struct seq_file *seq, void *v) 1914 { 1915 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1916 char buf[11]; 1917 int k; 1918 1919 1920 /* 1921 * New format: 1922 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1923 */ 1924 1925 seq_printf(seq, "%p %s %s%s ", 1926 ax25, 1927 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1928 ax2asc(buf, &ax25->source_addr), 1929 ax25->iamdigi? "*":""); 1930 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1931 1932 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1933 seq_printf(seq, ",%s%s", 1934 ax2asc(buf, &ax25->digipeat->calls[k]), 1935 ax25->digipeat->repeated[k]? "*":""); 1936 } 1937 1938 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1939 ax25->state, 1940 ax25->vs, ax25->vr, ax25->va, 1941 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1942 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1943 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1944 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1945 ax25->idle / (60 * HZ), 1946 ax25->n2count, ax25->n2, 1947 ax25->rtt / HZ, 1948 ax25->window, 1949 ax25->paclen); 1950 1951 if (ax25->sk != NULL) { 1952 seq_printf(seq, " %d %d %lu\n", 1953 sk_wmem_alloc_get(ax25->sk), 1954 sk_rmem_alloc_get(ax25->sk), 1955 sock_i_ino(ax25->sk)); 1956 } else { 1957 seq_puts(seq, " * * *\n"); 1958 } 1959 return 0; 1960 } 1961 1962 static const struct seq_operations ax25_info_seqops = { 1963 .start = ax25_info_start, 1964 .next = ax25_info_next, 1965 .stop = ax25_info_stop, 1966 .show = ax25_info_show, 1967 }; 1968 #endif 1969 1970 static const struct net_proto_family ax25_family_ops = { 1971 .family = PF_AX25, 1972 .create = ax25_create, 1973 .owner = THIS_MODULE, 1974 }; 1975 1976 static const struct proto_ops ax25_proto_ops = { 1977 .family = PF_AX25, 1978 .owner = THIS_MODULE, 1979 .release = ax25_release, 1980 .bind = ax25_bind, 1981 .connect = ax25_connect, 1982 .socketpair = sock_no_socketpair, 1983 .accept = ax25_accept, 1984 .getname = ax25_getname, 1985 .poll = datagram_poll, 1986 .ioctl = ax25_ioctl, 1987 .gettstamp = sock_gettstamp, 1988 .listen = ax25_listen, 1989 .shutdown = ax25_shutdown, 1990 .setsockopt = ax25_setsockopt, 1991 .getsockopt = ax25_getsockopt, 1992 .sendmsg = ax25_sendmsg, 1993 .recvmsg = ax25_recvmsg, 1994 .mmap = sock_no_mmap, 1995 .sendpage = sock_no_sendpage, 1996 }; 1997 1998 /* 1999 * Called by socket.c on kernel start up 2000 */ 2001 static struct packet_type ax25_packet_type __read_mostly = { 2002 .type = cpu_to_be16(ETH_P_AX25), 2003 .func = ax25_kiss_rcv, 2004 }; 2005 2006 static struct notifier_block ax25_dev_notifier = { 2007 .notifier_call = ax25_device_event, 2008 }; 2009 2010 static int __init ax25_init(void) 2011 { 2012 int rc = proto_register(&ax25_proto, 0); 2013 2014 if (rc != 0) 2015 goto out; 2016 2017 sock_register(&ax25_family_ops); 2018 dev_add_pack(&ax25_packet_type); 2019 register_netdevice_notifier(&ax25_dev_notifier); 2020 2021 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 2022 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 2023 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 2024 &ax25_uid_seqops); 2025 out: 2026 return rc; 2027 } 2028 module_init(ax25_init); 2029 2030 2031 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2032 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2033 MODULE_LICENSE("GPL"); 2034 MODULE_ALIAS_NETPROTO(PF_AX25); 2035 2036 static void __exit ax25_exit(void) 2037 { 2038 remove_proc_entry("ax25_route", init_net.proc_net); 2039 remove_proc_entry("ax25", init_net.proc_net); 2040 remove_proc_entry("ax25_calls", init_net.proc_net); 2041 2042 unregister_netdevice_notifier(&ax25_dev_notifier); 2043 2044 dev_remove_pack(&ax25_packet_type); 2045 2046 sock_unregister(PF_AX25); 2047 proto_unregister(&ax25_proto); 2048 2049 ax25_rt_free(); 2050 ax25_uid_free(); 2051 ax25_dev_free(); 2052 } 2053 module_exit(ax25_exit); 2054