1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 if (!hlist_unhashed(&ax25->ax25_node)) { 66 spin_lock_bh(&ax25_list_lock); 67 hlist_del_init(&ax25->ax25_node); 68 spin_unlock_bh(&ax25_list_lock); 69 ax25_cb_put(ax25); 70 } 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 81 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 82 return; 83 84 spin_lock_bh(&ax25_list_lock); 85 again: 86 ax25_for_each(s, &ax25_list) { 87 if (s->ax25_dev == ax25_dev) { 88 spin_unlock_bh(&ax25_list_lock); 89 lock_sock(s->sk); 90 s->ax25_dev = NULL; 91 release_sock(s->sk); 92 ax25_disconnect(s, ENETUNREACH); 93 spin_lock_bh(&ax25_list_lock); 94 95 /* The entry could have been deleted from the 96 * list meanwhile and thus the next pointer is 97 * no longer valid. Play it safe and restart 98 * the scan. Forward progress is ensured 99 * because we set s->ax25_dev to NULL and we 100 * are never passed a NULL 'dev' argument. 101 */ 102 goto again; 103 } 104 } 105 spin_unlock_bh(&ax25_list_lock); 106 } 107 108 /* 109 * Handle device status changes. 110 */ 111 static int ax25_device_event(struct notifier_block *this, unsigned long event, 112 void *ptr) 113 { 114 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 115 116 if (!net_eq(dev_net(dev), &init_net)) 117 return NOTIFY_DONE; 118 119 /* Reject non AX.25 devices */ 120 if (dev->type != ARPHRD_AX25) 121 return NOTIFY_DONE; 122 123 switch (event) { 124 case NETDEV_UP: 125 ax25_dev_device_up(dev); 126 break; 127 case NETDEV_DOWN: 128 ax25_kill_by_device(dev); 129 ax25_rt_device_down(dev); 130 ax25_dev_device_down(dev); 131 break; 132 default: 133 break; 134 } 135 136 return NOTIFY_DONE; 137 } 138 139 /* 140 * Add a socket to the bound sockets list. 141 */ 142 void ax25_cb_add(ax25_cb *ax25) 143 { 144 spin_lock_bh(&ax25_list_lock); 145 ax25_cb_hold(ax25); 146 hlist_add_head(&ax25->ax25_node, &ax25_list); 147 spin_unlock_bh(&ax25_list_lock); 148 } 149 150 /* 151 * Find a socket that wants to accept the SABM we have just 152 * received. 153 */ 154 struct sock *ax25_find_listener(ax25_address *addr, int digi, 155 struct net_device *dev, int type) 156 { 157 ax25_cb *s; 158 159 spin_lock(&ax25_list_lock); 160 ax25_for_each(s, &ax25_list) { 161 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 162 continue; 163 if (s->sk && !ax25cmp(&s->source_addr, addr) && 164 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 165 /* If device is null we match any device */ 166 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 167 sock_hold(s->sk); 168 spin_unlock(&ax25_list_lock); 169 return s->sk; 170 } 171 } 172 } 173 spin_unlock(&ax25_list_lock); 174 175 return NULL; 176 } 177 178 /* 179 * Find an AX.25 socket given both ends. 180 */ 181 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 182 int type) 183 { 184 struct sock *sk = NULL; 185 ax25_cb *s; 186 187 spin_lock(&ax25_list_lock); 188 ax25_for_each(s, &ax25_list) { 189 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 190 !ax25cmp(&s->dest_addr, dest_addr) && 191 s->sk->sk_type == type) { 192 sk = s->sk; 193 sock_hold(sk); 194 break; 195 } 196 } 197 198 spin_unlock(&ax25_list_lock); 199 200 return sk; 201 } 202 203 /* 204 * Find an AX.25 control block given both ends. It will only pick up 205 * floating AX.25 control blocks or non Raw socket bound control blocks. 206 */ 207 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr, 208 ax25_digi *digi, struct net_device *dev) 209 { 210 ax25_cb *s; 211 212 spin_lock_bh(&ax25_list_lock); 213 ax25_for_each(s, &ax25_list) { 214 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 215 continue; 216 if (s->ax25_dev == NULL) 217 continue; 218 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 219 if (digi != NULL && digi->ndigi != 0) { 220 if (s->digipeat == NULL) 221 continue; 222 if (ax25digicmp(s->digipeat, digi) != 0) 223 continue; 224 } else { 225 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 226 continue; 227 } 228 ax25_cb_hold(s); 229 spin_unlock_bh(&ax25_list_lock); 230 231 return s; 232 } 233 } 234 spin_unlock_bh(&ax25_list_lock); 235 236 return NULL; 237 } 238 239 EXPORT_SYMBOL(ax25_find_cb); 240 241 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 242 { 243 ax25_cb *s; 244 struct sk_buff *copy; 245 246 spin_lock(&ax25_list_lock); 247 ax25_for_each(s, &ax25_list) { 248 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 249 s->sk->sk_type == SOCK_RAW && 250 s->sk->sk_protocol == proto && 251 s->ax25_dev->dev == skb->dev && 252 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 253 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 254 continue; 255 if (sock_queue_rcv_skb(s->sk, copy) != 0) 256 kfree_skb(copy); 257 } 258 } 259 spin_unlock(&ax25_list_lock); 260 } 261 262 /* 263 * Deferred destroy. 264 */ 265 void ax25_destroy_socket(ax25_cb *); 266 267 /* 268 * Handler for deferred kills. 269 */ 270 static void ax25_destroy_timer(struct timer_list *t) 271 { 272 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 273 struct sock *sk; 274 275 sk=ax25->sk; 276 277 bh_lock_sock(sk); 278 sock_hold(sk); 279 ax25_destroy_socket(ax25); 280 bh_unlock_sock(sk); 281 sock_put(sk); 282 } 283 284 /* 285 * This is called from user mode and the timers. Thus it protects itself 286 * against interrupt users but doesn't worry about being called during 287 * work. Once it is removed from the queue no interrupt or bottom half 288 * will touch it and we are (fairly 8-) ) safe. 289 */ 290 void ax25_destroy_socket(ax25_cb *ax25) 291 { 292 struct sk_buff *skb; 293 294 ax25_cb_del(ax25); 295 296 ax25_stop_heartbeat(ax25); 297 ax25_stop_t1timer(ax25); 298 ax25_stop_t2timer(ax25); 299 ax25_stop_t3timer(ax25); 300 ax25_stop_idletimer(ax25); 301 302 ax25_clear_queues(ax25); /* Flush the queues */ 303 304 if (ax25->sk != NULL) { 305 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 306 if (skb->sk != ax25->sk) { 307 /* A pending connection */ 308 ax25_cb *sax25 = sk_to_ax25(skb->sk); 309 310 /* Queue the unaccepted socket for death */ 311 sock_orphan(skb->sk); 312 313 /* 9A4GL: hack to release unaccepted sockets */ 314 skb->sk->sk_state = TCP_LISTEN; 315 316 ax25_start_heartbeat(sax25); 317 sax25->state = AX25_STATE_0; 318 } 319 320 kfree_skb(skb); 321 } 322 skb_queue_purge(&ax25->sk->sk_write_queue); 323 } 324 325 if (ax25->sk != NULL) { 326 if (sk_has_allocations(ax25->sk)) { 327 /* Defer: outstanding buffers */ 328 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 329 ax25->dtimer.expires = jiffies + 2 * HZ; 330 add_timer(&ax25->dtimer); 331 } else { 332 struct sock *sk=ax25->sk; 333 ax25->sk=NULL; 334 sock_put(sk); 335 } 336 } else { 337 ax25_cb_put(ax25); 338 } 339 } 340 341 /* 342 * dl1bke 960311: set parameters for existing AX.25 connections, 343 * includes a KILL command to abort any connection. 344 * VERY useful for debugging ;-) 345 */ 346 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 347 { 348 struct ax25_ctl_struct ax25_ctl; 349 ax25_digi digi; 350 ax25_dev *ax25_dev; 351 ax25_cb *ax25; 352 unsigned int k; 353 int ret = 0; 354 355 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 356 return -EFAULT; 357 358 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL) 359 return -ENODEV; 360 361 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 362 return -EINVAL; 363 364 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 365 return -EINVAL; 366 367 digi.ndigi = ax25_ctl.digi_count; 368 for (k = 0; k < digi.ndigi; k++) 369 digi.calls[k] = ax25_ctl.digi_addr[k]; 370 371 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL) 372 return -ENOTCONN; 373 374 switch (ax25_ctl.cmd) { 375 case AX25_KILL: 376 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 377 #ifdef CONFIG_AX25_DAMA_SLAVE 378 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 379 ax25_dama_off(ax25); 380 #endif 381 ax25_disconnect(ax25, ENETRESET); 382 break; 383 384 case AX25_WINDOW: 385 if (ax25->modulus == AX25_MODULUS) { 386 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 387 goto einval_put; 388 } else { 389 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 390 goto einval_put; 391 } 392 ax25->window = ax25_ctl.arg; 393 break; 394 395 case AX25_T1: 396 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 397 goto einval_put; 398 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 399 ax25->t1 = ax25_ctl.arg * HZ; 400 break; 401 402 case AX25_T2: 403 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 404 goto einval_put; 405 ax25->t2 = ax25_ctl.arg * HZ; 406 break; 407 408 case AX25_N2: 409 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 410 goto einval_put; 411 ax25->n2count = 0; 412 ax25->n2 = ax25_ctl.arg; 413 break; 414 415 case AX25_T3: 416 if (ax25_ctl.arg > ULONG_MAX / HZ) 417 goto einval_put; 418 ax25->t3 = ax25_ctl.arg * HZ; 419 break; 420 421 case AX25_IDLE: 422 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 423 goto einval_put; 424 425 ax25->idle = ax25_ctl.arg * 60 * HZ; 426 break; 427 428 case AX25_PACLEN: 429 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 430 goto einval_put; 431 ax25->paclen = ax25_ctl.arg; 432 break; 433 434 default: 435 goto einval_put; 436 } 437 438 out_put: 439 ax25_cb_put(ax25); 440 return ret; 441 442 einval_put: 443 ret = -EINVAL; 444 goto out_put; 445 } 446 447 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev) 448 { 449 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 450 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 451 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 452 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 453 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 454 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 455 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 456 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 457 458 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 459 ax25->modulus = AX25_EMODULUS; 460 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 461 } else { 462 ax25->modulus = AX25_MODULUS; 463 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 464 } 465 } 466 467 /* 468 * Fill in a created AX.25 created control block with the default 469 * values for a particular device. 470 */ 471 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 472 { 473 ax25->ax25_dev = ax25_dev; 474 475 if (ax25->ax25_dev != NULL) { 476 ax25_fillin_cb_from_dev(ax25, ax25_dev); 477 return; 478 } 479 480 /* 481 * No device, use kernel / AX.25 spec default values 482 */ 483 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 484 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 485 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 486 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 487 ax25->n2 = AX25_DEF_N2; 488 ax25->paclen = AX25_DEF_PACLEN; 489 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 490 ax25->backoff = AX25_DEF_BACKOFF; 491 492 if (AX25_DEF_AXDEFMODE) { 493 ax25->modulus = AX25_EMODULUS; 494 ax25->window = AX25_DEF_EWINDOW; 495 } else { 496 ax25->modulus = AX25_MODULUS; 497 ax25->window = AX25_DEF_WINDOW; 498 } 499 } 500 501 /* 502 * Create an empty AX.25 control block. 503 */ 504 ax25_cb *ax25_create_cb(void) 505 { 506 ax25_cb *ax25; 507 508 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 509 return NULL; 510 511 refcount_set(&ax25->refcount, 1); 512 513 skb_queue_head_init(&ax25->write_queue); 514 skb_queue_head_init(&ax25->frag_queue); 515 skb_queue_head_init(&ax25->ack_queue); 516 skb_queue_head_init(&ax25->reseq_queue); 517 518 ax25_setup_timers(ax25); 519 520 ax25_fillin_cb(ax25, NULL); 521 522 ax25->state = AX25_STATE_0; 523 524 return ax25; 525 } 526 527 /* 528 * Handling for system calls applied via the various interfaces to an 529 * AX25 socket object 530 */ 531 532 static int ax25_setsockopt(struct socket *sock, int level, int optname, 533 sockptr_t optval, unsigned int optlen) 534 { 535 struct sock *sk = sock->sk; 536 ax25_cb *ax25; 537 struct net_device *dev; 538 char devname[IFNAMSIZ]; 539 unsigned int opt; 540 int res = 0; 541 542 if (level != SOL_AX25) 543 return -ENOPROTOOPT; 544 545 if (optlen < sizeof(unsigned int)) 546 return -EINVAL; 547 548 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 549 return -EFAULT; 550 551 lock_sock(sk); 552 ax25 = sk_to_ax25(sk); 553 554 switch (optname) { 555 case AX25_WINDOW: 556 if (ax25->modulus == AX25_MODULUS) { 557 if (opt < 1 || opt > 7) { 558 res = -EINVAL; 559 break; 560 } 561 } else { 562 if (opt < 1 || opt > 63) { 563 res = -EINVAL; 564 break; 565 } 566 } 567 ax25->window = opt; 568 break; 569 570 case AX25_T1: 571 if (opt < 1 || opt > UINT_MAX / HZ) { 572 res = -EINVAL; 573 break; 574 } 575 ax25->rtt = (opt * HZ) >> 1; 576 ax25->t1 = opt * HZ; 577 break; 578 579 case AX25_T2: 580 if (opt < 1 || opt > UINT_MAX / HZ) { 581 res = -EINVAL; 582 break; 583 } 584 ax25->t2 = opt * HZ; 585 break; 586 587 case AX25_N2: 588 if (opt < 1 || opt > 31) { 589 res = -EINVAL; 590 break; 591 } 592 ax25->n2 = opt; 593 break; 594 595 case AX25_T3: 596 if (opt < 1 || opt > UINT_MAX / HZ) { 597 res = -EINVAL; 598 break; 599 } 600 ax25->t3 = opt * HZ; 601 break; 602 603 case AX25_IDLE: 604 if (opt > UINT_MAX / (60 * HZ)) { 605 res = -EINVAL; 606 break; 607 } 608 ax25->idle = opt * 60 * HZ; 609 break; 610 611 case AX25_BACKOFF: 612 if (opt > 2) { 613 res = -EINVAL; 614 break; 615 } 616 ax25->backoff = opt; 617 break; 618 619 case AX25_EXTSEQ: 620 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 621 break; 622 623 case AX25_PIDINCL: 624 ax25->pidincl = opt ? 1 : 0; 625 break; 626 627 case AX25_IAMDIGI: 628 ax25->iamdigi = opt ? 1 : 0; 629 break; 630 631 case AX25_PACLEN: 632 if (opt < 16 || opt > 65535) { 633 res = -EINVAL; 634 break; 635 } 636 ax25->paclen = opt; 637 break; 638 639 case SO_BINDTODEVICE: 640 if (optlen > IFNAMSIZ - 1) 641 optlen = IFNAMSIZ - 1; 642 643 memset(devname, 0, sizeof(devname)); 644 645 if (copy_from_sockptr(devname, optval, optlen)) { 646 res = -EFAULT; 647 break; 648 } 649 650 if (sk->sk_type == SOCK_SEQPACKET && 651 (sock->state != SS_UNCONNECTED || 652 sk->sk_state == TCP_LISTEN)) { 653 res = -EADDRNOTAVAIL; 654 break; 655 } 656 657 rtnl_lock(); 658 dev = __dev_get_by_name(&init_net, devname); 659 if (!dev) { 660 rtnl_unlock(); 661 res = -ENODEV; 662 break; 663 } 664 665 ax25->ax25_dev = ax25_dev_ax25dev(dev); 666 if (!ax25->ax25_dev) { 667 rtnl_unlock(); 668 res = -ENODEV; 669 break; 670 } 671 ax25_fillin_cb(ax25, ax25->ax25_dev); 672 rtnl_unlock(); 673 break; 674 675 default: 676 res = -ENOPROTOOPT; 677 } 678 release_sock(sk); 679 680 return res; 681 } 682 683 static int ax25_getsockopt(struct socket *sock, int level, int optname, 684 char __user *optval, int __user *optlen) 685 { 686 struct sock *sk = sock->sk; 687 ax25_cb *ax25; 688 struct ax25_dev *ax25_dev; 689 char devname[IFNAMSIZ]; 690 void *valptr; 691 int val = 0; 692 int maxlen, length; 693 694 if (level != SOL_AX25) 695 return -ENOPROTOOPT; 696 697 if (get_user(maxlen, optlen)) 698 return -EFAULT; 699 700 if (maxlen < 1) 701 return -EFAULT; 702 703 valptr = (void *) &val; 704 length = min_t(unsigned int, maxlen, sizeof(int)); 705 706 lock_sock(sk); 707 ax25 = sk_to_ax25(sk); 708 709 switch (optname) { 710 case AX25_WINDOW: 711 val = ax25->window; 712 break; 713 714 case AX25_T1: 715 val = ax25->t1 / HZ; 716 break; 717 718 case AX25_T2: 719 val = ax25->t2 / HZ; 720 break; 721 722 case AX25_N2: 723 val = ax25->n2; 724 break; 725 726 case AX25_T3: 727 val = ax25->t3 / HZ; 728 break; 729 730 case AX25_IDLE: 731 val = ax25->idle / (60 * HZ); 732 break; 733 734 case AX25_BACKOFF: 735 val = ax25->backoff; 736 break; 737 738 case AX25_EXTSEQ: 739 val = (ax25->modulus == AX25_EMODULUS); 740 break; 741 742 case AX25_PIDINCL: 743 val = ax25->pidincl; 744 break; 745 746 case AX25_IAMDIGI: 747 val = ax25->iamdigi; 748 break; 749 750 case AX25_PACLEN: 751 val = ax25->paclen; 752 break; 753 754 case SO_BINDTODEVICE: 755 ax25_dev = ax25->ax25_dev; 756 757 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 758 strlcpy(devname, ax25_dev->dev->name, sizeof(devname)); 759 length = strlen(devname) + 1; 760 } else { 761 *devname = '\0'; 762 length = 1; 763 } 764 765 valptr = (void *) devname; 766 break; 767 768 default: 769 release_sock(sk); 770 return -ENOPROTOOPT; 771 } 772 release_sock(sk); 773 774 if (put_user(length, optlen)) 775 return -EFAULT; 776 777 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 778 } 779 780 static int ax25_listen(struct socket *sock, int backlog) 781 { 782 struct sock *sk = sock->sk; 783 int res = 0; 784 785 lock_sock(sk); 786 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 787 sk->sk_max_ack_backlog = backlog; 788 sk->sk_state = TCP_LISTEN; 789 goto out; 790 } 791 res = -EOPNOTSUPP; 792 793 out: 794 release_sock(sk); 795 796 return res; 797 } 798 799 /* 800 * XXX: when creating ax25_sock we should update the .obj_size setting 801 * below. 802 */ 803 static struct proto ax25_proto = { 804 .name = "AX25", 805 .owner = THIS_MODULE, 806 .obj_size = sizeof(struct ax25_sock), 807 }; 808 809 static int ax25_create(struct net *net, struct socket *sock, int protocol, 810 int kern) 811 { 812 struct sock *sk; 813 ax25_cb *ax25; 814 815 if (protocol < 0 || protocol > U8_MAX) 816 return -EINVAL; 817 818 if (!net_eq(net, &init_net)) 819 return -EAFNOSUPPORT; 820 821 switch (sock->type) { 822 case SOCK_DGRAM: 823 if (protocol == 0 || protocol == PF_AX25) 824 protocol = AX25_P_TEXT; 825 break; 826 827 case SOCK_SEQPACKET: 828 switch (protocol) { 829 case 0: 830 case PF_AX25: /* For CLX */ 831 protocol = AX25_P_TEXT; 832 break; 833 case AX25_P_SEGMENT: 834 #ifdef CONFIG_INET 835 case AX25_P_ARP: 836 case AX25_P_IP: 837 #endif 838 #ifdef CONFIG_NETROM 839 case AX25_P_NETROM: 840 #endif 841 #ifdef CONFIG_ROSE 842 case AX25_P_ROSE: 843 #endif 844 return -ESOCKTNOSUPPORT; 845 #ifdef CONFIG_NETROM_MODULE 846 case AX25_P_NETROM: 847 if (ax25_protocol_is_registered(AX25_P_NETROM)) 848 return -ESOCKTNOSUPPORT; 849 break; 850 #endif 851 #ifdef CONFIG_ROSE_MODULE 852 case AX25_P_ROSE: 853 if (ax25_protocol_is_registered(AX25_P_ROSE)) 854 return -ESOCKTNOSUPPORT; 855 break; 856 #endif 857 default: 858 break; 859 } 860 break; 861 862 case SOCK_RAW: 863 if (!capable(CAP_NET_RAW)) 864 return -EPERM; 865 break; 866 default: 867 return -ESOCKTNOSUPPORT; 868 } 869 870 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 871 if (sk == NULL) 872 return -ENOMEM; 873 874 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 875 if (!ax25) { 876 sk_free(sk); 877 return -ENOMEM; 878 } 879 880 sock_init_data(sock, sk); 881 882 sk->sk_destruct = ax25_free_sock; 883 sock->ops = &ax25_proto_ops; 884 sk->sk_protocol = protocol; 885 886 ax25->sk = sk; 887 888 return 0; 889 } 890 891 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 892 { 893 struct sock *sk; 894 ax25_cb *ax25, *oax25; 895 896 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 897 if (sk == NULL) 898 return NULL; 899 900 if ((ax25 = ax25_create_cb()) == NULL) { 901 sk_free(sk); 902 return NULL; 903 } 904 905 switch (osk->sk_type) { 906 case SOCK_DGRAM: 907 break; 908 case SOCK_SEQPACKET: 909 break; 910 default: 911 sk_free(sk); 912 ax25_cb_put(ax25); 913 return NULL; 914 } 915 916 sock_init_data(NULL, sk); 917 918 sk->sk_type = osk->sk_type; 919 sk->sk_priority = osk->sk_priority; 920 sk->sk_protocol = osk->sk_protocol; 921 sk->sk_rcvbuf = osk->sk_rcvbuf; 922 sk->sk_sndbuf = osk->sk_sndbuf; 923 sk->sk_state = TCP_ESTABLISHED; 924 sock_copy_flags(sk, osk); 925 926 oax25 = sk_to_ax25(osk); 927 928 ax25->modulus = oax25->modulus; 929 ax25->backoff = oax25->backoff; 930 ax25->pidincl = oax25->pidincl; 931 ax25->iamdigi = oax25->iamdigi; 932 ax25->rtt = oax25->rtt; 933 ax25->t1 = oax25->t1; 934 ax25->t2 = oax25->t2; 935 ax25->t3 = oax25->t3; 936 ax25->n2 = oax25->n2; 937 ax25->idle = oax25->idle; 938 ax25->paclen = oax25->paclen; 939 ax25->window = oax25->window; 940 941 ax25->ax25_dev = ax25_dev; 942 ax25->source_addr = oax25->source_addr; 943 944 if (oax25->digipeat != NULL) { 945 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 946 GFP_ATOMIC); 947 if (ax25->digipeat == NULL) { 948 sk_free(sk); 949 ax25_cb_put(ax25); 950 return NULL; 951 } 952 } 953 954 ax25_sk(sk)->cb = ax25; 955 sk->sk_destruct = ax25_free_sock; 956 ax25->sk = sk; 957 958 return sk; 959 } 960 961 static int ax25_release(struct socket *sock) 962 { 963 struct sock *sk = sock->sk; 964 ax25_cb *ax25; 965 966 if (sk == NULL) 967 return 0; 968 969 sock_hold(sk); 970 sock_orphan(sk); 971 lock_sock(sk); 972 ax25 = sk_to_ax25(sk); 973 974 if (sk->sk_type == SOCK_SEQPACKET) { 975 switch (ax25->state) { 976 case AX25_STATE_0: 977 release_sock(sk); 978 ax25_disconnect(ax25, 0); 979 lock_sock(sk); 980 ax25_destroy_socket(ax25); 981 break; 982 983 case AX25_STATE_1: 984 case AX25_STATE_2: 985 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 986 release_sock(sk); 987 ax25_disconnect(ax25, 0); 988 lock_sock(sk); 989 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 990 ax25_destroy_socket(ax25); 991 break; 992 993 case AX25_STATE_3: 994 case AX25_STATE_4: 995 ax25_clear_queues(ax25); 996 ax25->n2count = 0; 997 998 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 999 case AX25_PROTO_STD_SIMPLEX: 1000 case AX25_PROTO_STD_DUPLEX: 1001 ax25_send_control(ax25, 1002 AX25_DISC, 1003 AX25_POLLON, 1004 AX25_COMMAND); 1005 ax25_stop_t2timer(ax25); 1006 ax25_stop_t3timer(ax25); 1007 ax25_stop_idletimer(ax25); 1008 break; 1009 #ifdef CONFIG_AX25_DAMA_SLAVE 1010 case AX25_PROTO_DAMA_SLAVE: 1011 ax25_stop_t3timer(ax25); 1012 ax25_stop_idletimer(ax25); 1013 break; 1014 #endif 1015 } 1016 ax25_calculate_t1(ax25); 1017 ax25_start_t1timer(ax25); 1018 ax25->state = AX25_STATE_2; 1019 sk->sk_state = TCP_CLOSE; 1020 sk->sk_shutdown |= SEND_SHUTDOWN; 1021 sk->sk_state_change(sk); 1022 sock_set_flag(sk, SOCK_DESTROY); 1023 break; 1024 1025 default: 1026 break; 1027 } 1028 } else { 1029 sk->sk_state = TCP_CLOSE; 1030 sk->sk_shutdown |= SEND_SHUTDOWN; 1031 sk->sk_state_change(sk); 1032 ax25_destroy_socket(ax25); 1033 } 1034 1035 sock->sk = NULL; 1036 release_sock(sk); 1037 sock_put(sk); 1038 1039 return 0; 1040 } 1041 1042 /* 1043 * We support a funny extension here so you can (as root) give any callsign 1044 * digipeated via a local address as source. This hack is obsolete now 1045 * that we've implemented support for SO_BINDTODEVICE. It is however small 1046 * and trivially backward compatible. 1047 */ 1048 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1049 { 1050 struct sock *sk = sock->sk; 1051 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1052 ax25_dev *ax25_dev = NULL; 1053 ax25_uid_assoc *user; 1054 ax25_address call; 1055 ax25_cb *ax25; 1056 int err = 0; 1057 1058 if (addr_len != sizeof(struct sockaddr_ax25) && 1059 addr_len != sizeof(struct full_sockaddr_ax25)) 1060 /* support for old structure may go away some time 1061 * ax25_bind(): uses old (6 digipeater) socket structure. 1062 */ 1063 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1064 (addr_len > sizeof(struct full_sockaddr_ax25))) 1065 return -EINVAL; 1066 1067 if (addr->fsa_ax25.sax25_family != AF_AX25) 1068 return -EINVAL; 1069 1070 user = ax25_findbyuid(current_euid()); 1071 if (user) { 1072 call = user->call; 1073 ax25_uid_put(user); 1074 } else { 1075 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1076 return -EACCES; 1077 1078 call = addr->fsa_ax25.sax25_call; 1079 } 1080 1081 lock_sock(sk); 1082 1083 ax25 = sk_to_ax25(sk); 1084 if (!sock_flag(sk, SOCK_ZAPPED)) { 1085 err = -EINVAL; 1086 goto out; 1087 } 1088 1089 ax25->source_addr = call; 1090 1091 /* 1092 * User already set interface with SO_BINDTODEVICE 1093 */ 1094 if (ax25->ax25_dev != NULL) 1095 goto done; 1096 1097 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1098 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1099 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1100 err = -EADDRNOTAVAIL; 1101 goto out; 1102 } 1103 } else { 1104 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1105 err = -EADDRNOTAVAIL; 1106 goto out; 1107 } 1108 } 1109 1110 if (ax25_dev != NULL) 1111 ax25_fillin_cb(ax25, ax25_dev); 1112 1113 done: 1114 ax25_cb_add(ax25); 1115 sock_reset_flag(sk, SOCK_ZAPPED); 1116 1117 out: 1118 release_sock(sk); 1119 1120 return err; 1121 } 1122 1123 /* 1124 * FIXME: nonblock behaviour looks like it may have a bug. 1125 */ 1126 static int __must_check ax25_connect(struct socket *sock, 1127 struct sockaddr *uaddr, int addr_len, int flags) 1128 { 1129 struct sock *sk = sock->sk; 1130 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1131 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1132 ax25_digi *digi = NULL; 1133 int ct = 0, err = 0; 1134 1135 /* 1136 * some sanity checks. code further down depends on this 1137 */ 1138 1139 if (addr_len == sizeof(struct sockaddr_ax25)) 1140 /* support for this will go away in early 2.5.x 1141 * ax25_connect(): uses obsolete socket structure 1142 */ 1143 ; 1144 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1145 /* support for old structure may go away some time 1146 * ax25_connect(): uses old (6 digipeater) socket structure. 1147 */ 1148 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1149 (addr_len > sizeof(struct full_sockaddr_ax25))) 1150 return -EINVAL; 1151 1152 1153 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1154 return -EINVAL; 1155 1156 lock_sock(sk); 1157 1158 /* deal with restarts */ 1159 if (sock->state == SS_CONNECTING) { 1160 switch (sk->sk_state) { 1161 case TCP_SYN_SENT: /* still trying */ 1162 err = -EINPROGRESS; 1163 goto out_release; 1164 1165 case TCP_ESTABLISHED: /* connection established */ 1166 sock->state = SS_CONNECTED; 1167 goto out_release; 1168 1169 case TCP_CLOSE: /* connection refused */ 1170 sock->state = SS_UNCONNECTED; 1171 err = -ECONNREFUSED; 1172 goto out_release; 1173 } 1174 } 1175 1176 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1177 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1178 goto out_release; 1179 } 1180 1181 sk->sk_state = TCP_CLOSE; 1182 sock->state = SS_UNCONNECTED; 1183 1184 kfree(ax25->digipeat); 1185 ax25->digipeat = NULL; 1186 1187 /* 1188 * Handle digi-peaters to be used. 1189 */ 1190 if (addr_len > sizeof(struct sockaddr_ax25) && 1191 fsa->fsa_ax25.sax25_ndigis != 0) { 1192 /* Valid number of digipeaters ? */ 1193 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1194 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1195 addr_len < sizeof(struct sockaddr_ax25) + 1196 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1197 err = -EINVAL; 1198 goto out_release; 1199 } 1200 1201 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1202 err = -ENOBUFS; 1203 goto out_release; 1204 } 1205 1206 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1207 digi->lastrepeat = -1; 1208 1209 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1210 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1211 AX25_HBIT) && ax25->iamdigi) { 1212 digi->repeated[ct] = 1; 1213 digi->lastrepeat = ct; 1214 } else { 1215 digi->repeated[ct] = 0; 1216 } 1217 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1218 ct++; 1219 } 1220 } 1221 1222 /* 1223 * Must bind first - autobinding in this may or may not work. If 1224 * the socket is already bound, check to see if the device has 1225 * been filled in, error if it hasn't. 1226 */ 1227 if (sock_flag(sk, SOCK_ZAPPED)) { 1228 /* check if we can remove this feature. It is broken. */ 1229 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1230 current->comm); 1231 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1232 kfree(digi); 1233 goto out_release; 1234 } 1235 1236 ax25_fillin_cb(ax25, ax25->ax25_dev); 1237 ax25_cb_add(ax25); 1238 } else { 1239 if (ax25->ax25_dev == NULL) { 1240 kfree(digi); 1241 err = -EHOSTUNREACH; 1242 goto out_release; 1243 } 1244 } 1245 1246 if (sk->sk_type == SOCK_SEQPACKET && 1247 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1248 ax25->ax25_dev->dev))) { 1249 kfree(digi); 1250 err = -EADDRINUSE; /* Already such a connection */ 1251 ax25_cb_put(ax25t); 1252 goto out_release; 1253 } 1254 1255 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1256 ax25->digipeat = digi; 1257 1258 /* First the easy one */ 1259 if (sk->sk_type != SOCK_SEQPACKET) { 1260 sock->state = SS_CONNECTED; 1261 sk->sk_state = TCP_ESTABLISHED; 1262 goto out_release; 1263 } 1264 1265 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1266 sock->state = SS_CONNECTING; 1267 sk->sk_state = TCP_SYN_SENT; 1268 1269 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1270 case AX25_PROTO_STD_SIMPLEX: 1271 case AX25_PROTO_STD_DUPLEX: 1272 ax25_std_establish_data_link(ax25); 1273 break; 1274 1275 #ifdef CONFIG_AX25_DAMA_SLAVE 1276 case AX25_PROTO_DAMA_SLAVE: 1277 ax25->modulus = AX25_MODULUS; 1278 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1279 if (ax25->ax25_dev->dama.slave) 1280 ax25_ds_establish_data_link(ax25); 1281 else 1282 ax25_std_establish_data_link(ax25); 1283 break; 1284 #endif 1285 } 1286 1287 ax25->state = AX25_STATE_1; 1288 1289 ax25_start_heartbeat(ax25); 1290 1291 /* Now the loop */ 1292 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1293 err = -EINPROGRESS; 1294 goto out_release; 1295 } 1296 1297 if (sk->sk_state == TCP_SYN_SENT) { 1298 DEFINE_WAIT(wait); 1299 1300 for (;;) { 1301 prepare_to_wait(sk_sleep(sk), &wait, 1302 TASK_INTERRUPTIBLE); 1303 if (sk->sk_state != TCP_SYN_SENT) 1304 break; 1305 if (!signal_pending(current)) { 1306 release_sock(sk); 1307 schedule(); 1308 lock_sock(sk); 1309 continue; 1310 } 1311 err = -ERESTARTSYS; 1312 break; 1313 } 1314 finish_wait(sk_sleep(sk), &wait); 1315 1316 if (err) 1317 goto out_release; 1318 } 1319 1320 if (sk->sk_state != TCP_ESTABLISHED) { 1321 /* Not in ABM, not in WAIT_UA -> failed */ 1322 sock->state = SS_UNCONNECTED; 1323 err = sock_error(sk); /* Always set at this point */ 1324 goto out_release; 1325 } 1326 1327 sock->state = SS_CONNECTED; 1328 1329 err = 0; 1330 out_release: 1331 release_sock(sk); 1332 1333 return err; 1334 } 1335 1336 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags, 1337 bool kern) 1338 { 1339 struct sk_buff *skb; 1340 struct sock *newsk; 1341 DEFINE_WAIT(wait); 1342 struct sock *sk; 1343 int err = 0; 1344 1345 if (sock->state != SS_UNCONNECTED) 1346 return -EINVAL; 1347 1348 if ((sk = sock->sk) == NULL) 1349 return -EINVAL; 1350 1351 lock_sock(sk); 1352 if (sk->sk_type != SOCK_SEQPACKET) { 1353 err = -EOPNOTSUPP; 1354 goto out; 1355 } 1356 1357 if (sk->sk_state != TCP_LISTEN) { 1358 err = -EINVAL; 1359 goto out; 1360 } 1361 1362 /* 1363 * The read queue this time is holding sockets ready to use 1364 * hooked into the SABM we saved 1365 */ 1366 for (;;) { 1367 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1368 skb = skb_dequeue(&sk->sk_receive_queue); 1369 if (skb) 1370 break; 1371 1372 if (flags & O_NONBLOCK) { 1373 err = -EWOULDBLOCK; 1374 break; 1375 } 1376 if (!signal_pending(current)) { 1377 release_sock(sk); 1378 schedule(); 1379 lock_sock(sk); 1380 continue; 1381 } 1382 err = -ERESTARTSYS; 1383 break; 1384 } 1385 finish_wait(sk_sleep(sk), &wait); 1386 1387 if (err) 1388 goto out; 1389 1390 newsk = skb->sk; 1391 sock_graft(newsk, newsock); 1392 1393 /* Now attach up the new socket */ 1394 kfree_skb(skb); 1395 sk_acceptq_removed(sk); 1396 newsock->state = SS_CONNECTED; 1397 1398 out: 1399 release_sock(sk); 1400 1401 return err; 1402 } 1403 1404 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1405 int peer) 1406 { 1407 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1408 struct sock *sk = sock->sk; 1409 unsigned char ndigi, i; 1410 ax25_cb *ax25; 1411 int err = 0; 1412 1413 memset(fsa, 0, sizeof(*fsa)); 1414 lock_sock(sk); 1415 ax25 = sk_to_ax25(sk); 1416 1417 if (peer != 0) { 1418 if (sk->sk_state != TCP_ESTABLISHED) { 1419 err = -ENOTCONN; 1420 goto out; 1421 } 1422 1423 fsa->fsa_ax25.sax25_family = AF_AX25; 1424 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1425 1426 if (ax25->digipeat != NULL) { 1427 ndigi = ax25->digipeat->ndigi; 1428 fsa->fsa_ax25.sax25_ndigis = ndigi; 1429 for (i = 0; i < ndigi; i++) 1430 fsa->fsa_digipeater[i] = 1431 ax25->digipeat->calls[i]; 1432 } 1433 } else { 1434 fsa->fsa_ax25.sax25_family = AF_AX25; 1435 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1436 fsa->fsa_ax25.sax25_ndigis = 1; 1437 if (ax25->ax25_dev != NULL) { 1438 memcpy(&fsa->fsa_digipeater[0], 1439 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1440 } else { 1441 fsa->fsa_digipeater[0] = null_ax25_address; 1442 } 1443 } 1444 err = sizeof (struct full_sockaddr_ax25); 1445 1446 out: 1447 release_sock(sk); 1448 1449 return err; 1450 } 1451 1452 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1453 { 1454 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1455 struct sock *sk = sock->sk; 1456 struct sockaddr_ax25 sax; 1457 struct sk_buff *skb; 1458 ax25_digi dtmp, *dp; 1459 ax25_cb *ax25; 1460 size_t size; 1461 int lv, err, addr_len = msg->msg_namelen; 1462 1463 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1464 return -EINVAL; 1465 1466 lock_sock(sk); 1467 ax25 = sk_to_ax25(sk); 1468 1469 if (sock_flag(sk, SOCK_ZAPPED)) { 1470 err = -EADDRNOTAVAIL; 1471 goto out; 1472 } 1473 1474 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1475 send_sig(SIGPIPE, current, 0); 1476 err = -EPIPE; 1477 goto out; 1478 } 1479 1480 if (ax25->ax25_dev == NULL) { 1481 err = -ENETUNREACH; 1482 goto out; 1483 } 1484 1485 if (len > ax25->ax25_dev->dev->mtu) { 1486 err = -EMSGSIZE; 1487 goto out; 1488 } 1489 1490 if (usax != NULL) { 1491 if (usax->sax25_family != AF_AX25) { 1492 err = -EINVAL; 1493 goto out; 1494 } 1495 1496 if (addr_len == sizeof(struct sockaddr_ax25)) 1497 /* ax25_sendmsg(): uses obsolete socket structure */ 1498 ; 1499 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1500 /* support for old structure may go away some time 1501 * ax25_sendmsg(): uses old (6 digipeater) 1502 * socket structure. 1503 */ 1504 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1505 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1506 err = -EINVAL; 1507 goto out; 1508 } 1509 1510 1511 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1512 int ct = 0; 1513 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1514 1515 /* Valid number of digipeaters ? */ 1516 if (usax->sax25_ndigis < 1 || 1517 usax->sax25_ndigis > AX25_MAX_DIGIS || 1518 addr_len < sizeof(struct sockaddr_ax25) + 1519 sizeof(ax25_address) * usax->sax25_ndigis) { 1520 err = -EINVAL; 1521 goto out; 1522 } 1523 1524 dtmp.ndigi = usax->sax25_ndigis; 1525 1526 while (ct < usax->sax25_ndigis) { 1527 dtmp.repeated[ct] = 0; 1528 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1529 ct++; 1530 } 1531 1532 dtmp.lastrepeat = 0; 1533 } 1534 1535 sax = *usax; 1536 if (sk->sk_type == SOCK_SEQPACKET && 1537 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1538 err = -EISCONN; 1539 goto out; 1540 } 1541 if (usax->sax25_ndigis == 0) 1542 dp = NULL; 1543 else 1544 dp = &dtmp; 1545 } else { 1546 /* 1547 * FIXME: 1003.1g - if the socket is like this because 1548 * it has become closed (not started closed) and is VC 1549 * we ought to SIGPIPE, EPIPE 1550 */ 1551 if (sk->sk_state != TCP_ESTABLISHED) { 1552 err = -ENOTCONN; 1553 goto out; 1554 } 1555 sax.sax25_family = AF_AX25; 1556 sax.sax25_call = ax25->dest_addr; 1557 dp = ax25->digipeat; 1558 } 1559 1560 /* Build a packet */ 1561 /* Assume the worst case */ 1562 size = len + ax25->ax25_dev->dev->hard_header_len; 1563 1564 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1565 if (skb == NULL) 1566 goto out; 1567 1568 skb_reserve(skb, size - len); 1569 1570 /* User data follows immediately after the AX.25 data */ 1571 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1572 err = -EFAULT; 1573 kfree_skb(skb); 1574 goto out; 1575 } 1576 1577 skb_reset_network_header(skb); 1578 1579 /* Add the PID if one is not supplied by the user in the skb */ 1580 if (!ax25->pidincl) 1581 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1582 1583 if (sk->sk_type == SOCK_SEQPACKET) { 1584 /* Connected mode sockets go via the LAPB machine */ 1585 if (sk->sk_state != TCP_ESTABLISHED) { 1586 kfree_skb(skb); 1587 err = -ENOTCONN; 1588 goto out; 1589 } 1590 1591 /* Shove it onto the queue and kick */ 1592 ax25_output(ax25, ax25->paclen, skb); 1593 1594 err = len; 1595 goto out; 1596 } 1597 1598 skb_push(skb, 1 + ax25_addr_size(dp)); 1599 1600 /* Building AX.25 Header */ 1601 1602 /* Build an AX.25 header */ 1603 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1604 dp, AX25_COMMAND, AX25_MODULUS); 1605 1606 skb_set_transport_header(skb, lv); 1607 1608 *skb_transport_header(skb) = AX25_UI; 1609 1610 /* Datagram frames go straight out of the door as UI */ 1611 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1612 1613 err = len; 1614 1615 out: 1616 release_sock(sk); 1617 1618 return err; 1619 } 1620 1621 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1622 int flags) 1623 { 1624 struct sock *sk = sock->sk; 1625 struct sk_buff *skb; 1626 int copied; 1627 int err = 0; 1628 1629 lock_sock(sk); 1630 /* 1631 * This works for seqpacket too. The receiver has ordered the 1632 * queue for us! We do one quick check first though 1633 */ 1634 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1635 err = -ENOTCONN; 1636 goto out; 1637 } 1638 1639 /* Now we can treat all alike */ 1640 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1641 flags & MSG_DONTWAIT, &err); 1642 if (skb == NULL) 1643 goto out; 1644 1645 if (!sk_to_ax25(sk)->pidincl) 1646 skb_pull(skb, 1); /* Remove PID */ 1647 1648 skb_reset_transport_header(skb); 1649 copied = skb->len; 1650 1651 if (copied > size) { 1652 copied = size; 1653 msg->msg_flags |= MSG_TRUNC; 1654 } 1655 1656 skb_copy_datagram_msg(skb, 0, msg, copied); 1657 1658 if (msg->msg_name) { 1659 ax25_digi digi; 1660 ax25_address src; 1661 const unsigned char *mac = skb_mac_header(skb); 1662 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1663 1664 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1665 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1666 &digi, NULL, NULL); 1667 sax->sax25_family = AF_AX25; 1668 /* We set this correctly, even though we may not let the 1669 application know the digi calls further down (because it 1670 did NOT ask to know them). This could get political... **/ 1671 sax->sax25_ndigis = digi.ndigi; 1672 sax->sax25_call = src; 1673 1674 if (sax->sax25_ndigis != 0) { 1675 int ct; 1676 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1677 1678 for (ct = 0; ct < digi.ndigi; ct++) 1679 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1680 } 1681 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1682 } 1683 1684 skb_free_datagram(sk, skb); 1685 err = copied; 1686 1687 out: 1688 release_sock(sk); 1689 1690 return err; 1691 } 1692 1693 static int ax25_shutdown(struct socket *sk, int how) 1694 { 1695 /* FIXME - generate DM and RNR states */ 1696 return -EOPNOTSUPP; 1697 } 1698 1699 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1700 { 1701 struct sock *sk = sock->sk; 1702 void __user *argp = (void __user *)arg; 1703 int res = 0; 1704 1705 lock_sock(sk); 1706 switch (cmd) { 1707 case TIOCOUTQ: { 1708 long amount; 1709 1710 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1711 if (amount < 0) 1712 amount = 0; 1713 res = put_user(amount, (int __user *)argp); 1714 break; 1715 } 1716 1717 case TIOCINQ: { 1718 struct sk_buff *skb; 1719 long amount = 0L; 1720 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1721 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1722 amount = skb->len; 1723 res = put_user(amount, (int __user *) argp); 1724 break; 1725 } 1726 1727 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1728 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1729 case SIOCAX25GETUID: { 1730 struct sockaddr_ax25 sax25; 1731 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1732 res = -EFAULT; 1733 break; 1734 } 1735 res = ax25_uid_ioctl(cmd, &sax25); 1736 break; 1737 } 1738 1739 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1740 long amount; 1741 if (!capable(CAP_NET_ADMIN)) { 1742 res = -EPERM; 1743 break; 1744 } 1745 if (get_user(amount, (long __user *)argp)) { 1746 res = -EFAULT; 1747 break; 1748 } 1749 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1750 res = -EINVAL; 1751 break; 1752 } 1753 ax25_uid_policy = amount; 1754 res = 0; 1755 break; 1756 } 1757 1758 case SIOCADDRT: 1759 case SIOCDELRT: 1760 case SIOCAX25OPTRT: 1761 if (!capable(CAP_NET_ADMIN)) { 1762 res = -EPERM; 1763 break; 1764 } 1765 res = ax25_rt_ioctl(cmd, argp); 1766 break; 1767 1768 case SIOCAX25CTLCON: 1769 if (!capable(CAP_NET_ADMIN)) { 1770 res = -EPERM; 1771 break; 1772 } 1773 res = ax25_ctl_ioctl(cmd, argp); 1774 break; 1775 1776 case SIOCAX25GETINFO: 1777 case SIOCAX25GETINFOOLD: { 1778 ax25_cb *ax25 = sk_to_ax25(sk); 1779 struct ax25_info_struct ax25_info; 1780 1781 ax25_info.t1 = ax25->t1 / HZ; 1782 ax25_info.t2 = ax25->t2 / HZ; 1783 ax25_info.t3 = ax25->t3 / HZ; 1784 ax25_info.idle = ax25->idle / (60 * HZ); 1785 ax25_info.n2 = ax25->n2; 1786 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1787 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1788 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1789 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1790 ax25_info.n2count = ax25->n2count; 1791 ax25_info.state = ax25->state; 1792 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1793 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1794 ax25_info.vs = ax25->vs; 1795 ax25_info.vr = ax25->vr; 1796 ax25_info.va = ax25->va; 1797 ax25_info.vs_max = ax25->vs; /* reserved */ 1798 ax25_info.paclen = ax25->paclen; 1799 ax25_info.window = ax25->window; 1800 1801 /* old structure? */ 1802 if (cmd == SIOCAX25GETINFOOLD) { 1803 static int warned = 0; 1804 if (!warned) { 1805 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1806 current->comm); 1807 warned=1; 1808 } 1809 1810 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1811 res = -EFAULT; 1812 break; 1813 } 1814 } else { 1815 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1816 res = -EINVAL; 1817 break; 1818 } 1819 } 1820 res = 0; 1821 break; 1822 } 1823 1824 case SIOCAX25ADDFWD: 1825 case SIOCAX25DELFWD: { 1826 struct ax25_fwd_struct ax25_fwd; 1827 if (!capable(CAP_NET_ADMIN)) { 1828 res = -EPERM; 1829 break; 1830 } 1831 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1832 res = -EFAULT; 1833 break; 1834 } 1835 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1836 break; 1837 } 1838 1839 case SIOCGIFADDR: 1840 case SIOCSIFADDR: 1841 case SIOCGIFDSTADDR: 1842 case SIOCSIFDSTADDR: 1843 case SIOCGIFBRDADDR: 1844 case SIOCSIFBRDADDR: 1845 case SIOCGIFNETMASK: 1846 case SIOCSIFNETMASK: 1847 case SIOCGIFMETRIC: 1848 case SIOCSIFMETRIC: 1849 res = -EINVAL; 1850 break; 1851 1852 default: 1853 res = -ENOIOCTLCMD; 1854 break; 1855 } 1856 release_sock(sk); 1857 1858 return res; 1859 } 1860 1861 #ifdef CONFIG_PROC_FS 1862 1863 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1864 __acquires(ax25_list_lock) 1865 { 1866 spin_lock_bh(&ax25_list_lock); 1867 return seq_hlist_start(&ax25_list, *pos); 1868 } 1869 1870 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1871 { 1872 return seq_hlist_next(v, &ax25_list, pos); 1873 } 1874 1875 static void ax25_info_stop(struct seq_file *seq, void *v) 1876 __releases(ax25_list_lock) 1877 { 1878 spin_unlock_bh(&ax25_list_lock); 1879 } 1880 1881 static int ax25_info_show(struct seq_file *seq, void *v) 1882 { 1883 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1884 char buf[11]; 1885 int k; 1886 1887 1888 /* 1889 * New format: 1890 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1891 */ 1892 1893 seq_printf(seq, "%p %s %s%s ", 1894 ax25, 1895 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1896 ax2asc(buf, &ax25->source_addr), 1897 ax25->iamdigi? "*":""); 1898 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1899 1900 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1901 seq_printf(seq, ",%s%s", 1902 ax2asc(buf, &ax25->digipeat->calls[k]), 1903 ax25->digipeat->repeated[k]? "*":""); 1904 } 1905 1906 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1907 ax25->state, 1908 ax25->vs, ax25->vr, ax25->va, 1909 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1910 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1911 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1912 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1913 ax25->idle / (60 * HZ), 1914 ax25->n2count, ax25->n2, 1915 ax25->rtt / HZ, 1916 ax25->window, 1917 ax25->paclen); 1918 1919 if (ax25->sk != NULL) { 1920 seq_printf(seq, " %d %d %lu\n", 1921 sk_wmem_alloc_get(ax25->sk), 1922 sk_rmem_alloc_get(ax25->sk), 1923 sock_i_ino(ax25->sk)); 1924 } else { 1925 seq_puts(seq, " * * *\n"); 1926 } 1927 return 0; 1928 } 1929 1930 static const struct seq_operations ax25_info_seqops = { 1931 .start = ax25_info_start, 1932 .next = ax25_info_next, 1933 .stop = ax25_info_stop, 1934 .show = ax25_info_show, 1935 }; 1936 #endif 1937 1938 static const struct net_proto_family ax25_family_ops = { 1939 .family = PF_AX25, 1940 .create = ax25_create, 1941 .owner = THIS_MODULE, 1942 }; 1943 1944 static const struct proto_ops ax25_proto_ops = { 1945 .family = PF_AX25, 1946 .owner = THIS_MODULE, 1947 .release = ax25_release, 1948 .bind = ax25_bind, 1949 .connect = ax25_connect, 1950 .socketpair = sock_no_socketpair, 1951 .accept = ax25_accept, 1952 .getname = ax25_getname, 1953 .poll = datagram_poll, 1954 .ioctl = ax25_ioctl, 1955 .gettstamp = sock_gettstamp, 1956 .listen = ax25_listen, 1957 .shutdown = ax25_shutdown, 1958 .setsockopt = ax25_setsockopt, 1959 .getsockopt = ax25_getsockopt, 1960 .sendmsg = ax25_sendmsg, 1961 .recvmsg = ax25_recvmsg, 1962 .mmap = sock_no_mmap, 1963 .sendpage = sock_no_sendpage, 1964 }; 1965 1966 /* 1967 * Called by socket.c on kernel start up 1968 */ 1969 static struct packet_type ax25_packet_type __read_mostly = { 1970 .type = cpu_to_be16(ETH_P_AX25), 1971 .func = ax25_kiss_rcv, 1972 }; 1973 1974 static struct notifier_block ax25_dev_notifier = { 1975 .notifier_call = ax25_device_event, 1976 }; 1977 1978 static int __init ax25_init(void) 1979 { 1980 int rc = proto_register(&ax25_proto, 0); 1981 1982 if (rc != 0) 1983 goto out; 1984 1985 sock_register(&ax25_family_ops); 1986 dev_add_pack(&ax25_packet_type); 1987 register_netdevice_notifier(&ax25_dev_notifier); 1988 1989 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 1990 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 1991 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 1992 &ax25_uid_seqops); 1993 out: 1994 return rc; 1995 } 1996 module_init(ax25_init); 1997 1998 1999 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2000 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2001 MODULE_LICENSE("GPL"); 2002 MODULE_ALIAS_NETPROTO(PF_AX25); 2003 2004 static void __exit ax25_exit(void) 2005 { 2006 remove_proc_entry("ax25_route", init_net.proc_net); 2007 remove_proc_entry("ax25", init_net.proc_net); 2008 remove_proc_entry("ax25_calls", init_net.proc_net); 2009 2010 unregister_netdevice_notifier(&ax25_dev_notifier); 2011 2012 dev_remove_pack(&ax25_packet_type); 2013 2014 sock_unregister(PF_AX25); 2015 proto_unregister(&ax25_proto); 2016 2017 ax25_rt_free(); 2018 ax25_uid_free(); 2019 ax25_dev_free(); 2020 } 2021 module_exit(ax25_exit); 2022