1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 if (!hlist_unhashed(&ax25->ax25_node)) { 66 spin_lock_bh(&ax25_list_lock); 67 hlist_del_init(&ax25->ax25_node); 68 spin_unlock_bh(&ax25_list_lock); 69 ax25_cb_put(ax25); 70 } 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 struct sock *sk; 81 82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 83 return; 84 85 spin_lock_bh(&ax25_list_lock); 86 again: 87 ax25_for_each(s, &ax25_list) { 88 if (s->ax25_dev == ax25_dev) { 89 sk = s->sk; 90 if (!sk) { 91 spin_unlock_bh(&ax25_list_lock); 92 s->ax25_dev = NULL; 93 ax25_disconnect(s, ENETUNREACH); 94 spin_lock_bh(&ax25_list_lock); 95 goto again; 96 } 97 sock_hold(sk); 98 spin_unlock_bh(&ax25_list_lock); 99 lock_sock(sk); 100 s->ax25_dev = NULL; 101 dev_put_track(ax25_dev->dev, &ax25_dev->dev_tracker); 102 ax25_dev_put(ax25_dev); 103 ax25_disconnect(s, ENETUNREACH); 104 release_sock(sk); 105 spin_lock_bh(&ax25_list_lock); 106 sock_put(sk); 107 /* The entry could have been deleted from the 108 * list meanwhile and thus the next pointer is 109 * no longer valid. Play it safe and restart 110 * the scan. Forward progress is ensured 111 * because we set s->ax25_dev to NULL and we 112 * are never passed a NULL 'dev' argument. 113 */ 114 goto again; 115 } 116 } 117 spin_unlock_bh(&ax25_list_lock); 118 } 119 120 /* 121 * Handle device status changes. 122 */ 123 static int ax25_device_event(struct notifier_block *this, unsigned long event, 124 void *ptr) 125 { 126 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 127 128 if (!net_eq(dev_net(dev), &init_net)) 129 return NOTIFY_DONE; 130 131 /* Reject non AX.25 devices */ 132 if (dev->type != ARPHRD_AX25) 133 return NOTIFY_DONE; 134 135 switch (event) { 136 case NETDEV_UP: 137 ax25_dev_device_up(dev); 138 break; 139 case NETDEV_DOWN: 140 ax25_kill_by_device(dev); 141 ax25_rt_device_down(dev); 142 ax25_dev_device_down(dev); 143 break; 144 default: 145 break; 146 } 147 148 return NOTIFY_DONE; 149 } 150 151 /* 152 * Add a socket to the bound sockets list. 153 */ 154 void ax25_cb_add(ax25_cb *ax25) 155 { 156 spin_lock_bh(&ax25_list_lock); 157 ax25_cb_hold(ax25); 158 hlist_add_head(&ax25->ax25_node, &ax25_list); 159 spin_unlock_bh(&ax25_list_lock); 160 } 161 162 /* 163 * Find a socket that wants to accept the SABM we have just 164 * received. 165 */ 166 struct sock *ax25_find_listener(ax25_address *addr, int digi, 167 struct net_device *dev, int type) 168 { 169 ax25_cb *s; 170 171 spin_lock(&ax25_list_lock); 172 ax25_for_each(s, &ax25_list) { 173 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 174 continue; 175 if (s->sk && !ax25cmp(&s->source_addr, addr) && 176 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 177 /* If device is null we match any device */ 178 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 179 sock_hold(s->sk); 180 spin_unlock(&ax25_list_lock); 181 return s->sk; 182 } 183 } 184 } 185 spin_unlock(&ax25_list_lock); 186 187 return NULL; 188 } 189 190 /* 191 * Find an AX.25 socket given both ends. 192 */ 193 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 194 int type) 195 { 196 struct sock *sk = NULL; 197 ax25_cb *s; 198 199 spin_lock(&ax25_list_lock); 200 ax25_for_each(s, &ax25_list) { 201 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 202 !ax25cmp(&s->dest_addr, dest_addr) && 203 s->sk->sk_type == type) { 204 sk = s->sk; 205 sock_hold(sk); 206 break; 207 } 208 } 209 210 spin_unlock(&ax25_list_lock); 211 212 return sk; 213 } 214 215 /* 216 * Find an AX.25 control block given both ends. It will only pick up 217 * floating AX.25 control blocks or non Raw socket bound control blocks. 218 */ 219 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr, 220 ax25_digi *digi, struct net_device *dev) 221 { 222 ax25_cb *s; 223 224 spin_lock_bh(&ax25_list_lock); 225 ax25_for_each(s, &ax25_list) { 226 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 227 continue; 228 if (s->ax25_dev == NULL) 229 continue; 230 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 231 if (digi != NULL && digi->ndigi != 0) { 232 if (s->digipeat == NULL) 233 continue; 234 if (ax25digicmp(s->digipeat, digi) != 0) 235 continue; 236 } else { 237 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 238 continue; 239 } 240 ax25_cb_hold(s); 241 spin_unlock_bh(&ax25_list_lock); 242 243 return s; 244 } 245 } 246 spin_unlock_bh(&ax25_list_lock); 247 248 return NULL; 249 } 250 251 EXPORT_SYMBOL(ax25_find_cb); 252 253 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 254 { 255 ax25_cb *s; 256 struct sk_buff *copy; 257 258 spin_lock(&ax25_list_lock); 259 ax25_for_each(s, &ax25_list) { 260 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 261 s->sk->sk_type == SOCK_RAW && 262 s->sk->sk_protocol == proto && 263 s->ax25_dev->dev == skb->dev && 264 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 265 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 266 continue; 267 if (sock_queue_rcv_skb(s->sk, copy) != 0) 268 kfree_skb(copy); 269 } 270 } 271 spin_unlock(&ax25_list_lock); 272 } 273 274 /* 275 * Deferred destroy. 276 */ 277 void ax25_destroy_socket(ax25_cb *); 278 279 /* 280 * Handler for deferred kills. 281 */ 282 static void ax25_destroy_timer(struct timer_list *t) 283 { 284 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 285 struct sock *sk; 286 287 sk=ax25->sk; 288 289 bh_lock_sock(sk); 290 sock_hold(sk); 291 ax25_destroy_socket(ax25); 292 bh_unlock_sock(sk); 293 sock_put(sk); 294 } 295 296 /* 297 * This is called from user mode and the timers. Thus it protects itself 298 * against interrupt users but doesn't worry about being called during 299 * work. Once it is removed from the queue no interrupt or bottom half 300 * will touch it and we are (fairly 8-) ) safe. 301 */ 302 void ax25_destroy_socket(ax25_cb *ax25) 303 { 304 struct sk_buff *skb; 305 306 ax25_cb_del(ax25); 307 308 ax25_stop_heartbeat(ax25); 309 ax25_stop_t1timer(ax25); 310 ax25_stop_t2timer(ax25); 311 ax25_stop_t3timer(ax25); 312 ax25_stop_idletimer(ax25); 313 314 ax25_clear_queues(ax25); /* Flush the queues */ 315 316 if (ax25->sk != NULL) { 317 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 318 if (skb->sk != ax25->sk) { 319 /* A pending connection */ 320 ax25_cb *sax25 = sk_to_ax25(skb->sk); 321 322 /* Queue the unaccepted socket for death */ 323 sock_orphan(skb->sk); 324 325 /* 9A4GL: hack to release unaccepted sockets */ 326 skb->sk->sk_state = TCP_LISTEN; 327 328 ax25_start_heartbeat(sax25); 329 sax25->state = AX25_STATE_0; 330 } 331 332 kfree_skb(skb); 333 } 334 skb_queue_purge(&ax25->sk->sk_write_queue); 335 } 336 337 if (ax25->sk != NULL) { 338 if (sk_has_allocations(ax25->sk)) { 339 /* Defer: outstanding buffers */ 340 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 341 ax25->dtimer.expires = jiffies + 2 * HZ; 342 add_timer(&ax25->dtimer); 343 } else { 344 struct sock *sk=ax25->sk; 345 ax25->sk=NULL; 346 sock_put(sk); 347 } 348 } else { 349 ax25_cb_put(ax25); 350 } 351 } 352 353 /* 354 * dl1bke 960311: set parameters for existing AX.25 connections, 355 * includes a KILL command to abort any connection. 356 * VERY useful for debugging ;-) 357 */ 358 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 359 { 360 struct ax25_ctl_struct ax25_ctl; 361 ax25_digi digi; 362 ax25_dev *ax25_dev; 363 ax25_cb *ax25; 364 unsigned int k; 365 int ret = 0; 366 367 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 368 return -EFAULT; 369 370 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 371 return -EINVAL; 372 373 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 374 return -EINVAL; 375 376 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr); 377 if (!ax25_dev) 378 return -ENODEV; 379 380 digi.ndigi = ax25_ctl.digi_count; 381 for (k = 0; k < digi.ndigi; k++) 382 digi.calls[k] = ax25_ctl.digi_addr[k]; 383 384 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev); 385 if (!ax25) { 386 ax25_dev_put(ax25_dev); 387 return -ENOTCONN; 388 } 389 390 switch (ax25_ctl.cmd) { 391 case AX25_KILL: 392 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 393 #ifdef CONFIG_AX25_DAMA_SLAVE 394 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 395 ax25_dama_off(ax25); 396 #endif 397 ax25_disconnect(ax25, ENETRESET); 398 break; 399 400 case AX25_WINDOW: 401 if (ax25->modulus == AX25_MODULUS) { 402 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 403 goto einval_put; 404 } else { 405 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 406 goto einval_put; 407 } 408 ax25->window = ax25_ctl.arg; 409 break; 410 411 case AX25_T1: 412 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 413 goto einval_put; 414 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 415 ax25->t1 = ax25_ctl.arg * HZ; 416 break; 417 418 case AX25_T2: 419 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 420 goto einval_put; 421 ax25->t2 = ax25_ctl.arg * HZ; 422 break; 423 424 case AX25_N2: 425 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 426 goto einval_put; 427 ax25->n2count = 0; 428 ax25->n2 = ax25_ctl.arg; 429 break; 430 431 case AX25_T3: 432 if (ax25_ctl.arg > ULONG_MAX / HZ) 433 goto einval_put; 434 ax25->t3 = ax25_ctl.arg * HZ; 435 break; 436 437 case AX25_IDLE: 438 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 439 goto einval_put; 440 441 ax25->idle = ax25_ctl.arg * 60 * HZ; 442 break; 443 444 case AX25_PACLEN: 445 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 446 goto einval_put; 447 ax25->paclen = ax25_ctl.arg; 448 break; 449 450 default: 451 goto einval_put; 452 } 453 454 out_put: 455 ax25_dev_put(ax25_dev); 456 ax25_cb_put(ax25); 457 return ret; 458 459 einval_put: 460 ret = -EINVAL; 461 goto out_put; 462 } 463 464 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev) 465 { 466 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 467 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 468 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 469 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 470 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 471 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 472 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 473 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 474 475 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 476 ax25->modulus = AX25_EMODULUS; 477 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 478 } else { 479 ax25->modulus = AX25_MODULUS; 480 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 481 } 482 } 483 484 /* 485 * Fill in a created AX.25 created control block with the default 486 * values for a particular device. 487 */ 488 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 489 { 490 ax25->ax25_dev = ax25_dev; 491 492 if (ax25->ax25_dev != NULL) { 493 ax25_fillin_cb_from_dev(ax25, ax25_dev); 494 return; 495 } 496 497 /* 498 * No device, use kernel / AX.25 spec default values 499 */ 500 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 501 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 502 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 503 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 504 ax25->n2 = AX25_DEF_N2; 505 ax25->paclen = AX25_DEF_PACLEN; 506 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 507 ax25->backoff = AX25_DEF_BACKOFF; 508 509 if (AX25_DEF_AXDEFMODE) { 510 ax25->modulus = AX25_EMODULUS; 511 ax25->window = AX25_DEF_EWINDOW; 512 } else { 513 ax25->modulus = AX25_MODULUS; 514 ax25->window = AX25_DEF_WINDOW; 515 } 516 } 517 518 /* 519 * Create an empty AX.25 control block. 520 */ 521 ax25_cb *ax25_create_cb(void) 522 { 523 ax25_cb *ax25; 524 525 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 526 return NULL; 527 528 refcount_set(&ax25->refcount, 1); 529 530 skb_queue_head_init(&ax25->write_queue); 531 skb_queue_head_init(&ax25->frag_queue); 532 skb_queue_head_init(&ax25->ack_queue); 533 skb_queue_head_init(&ax25->reseq_queue); 534 535 ax25_setup_timers(ax25); 536 537 ax25_fillin_cb(ax25, NULL); 538 539 ax25->state = AX25_STATE_0; 540 541 return ax25; 542 } 543 544 /* 545 * Handling for system calls applied via the various interfaces to an 546 * AX25 socket object 547 */ 548 549 static int ax25_setsockopt(struct socket *sock, int level, int optname, 550 sockptr_t optval, unsigned int optlen) 551 { 552 struct sock *sk = sock->sk; 553 ax25_cb *ax25; 554 struct net_device *dev; 555 char devname[IFNAMSIZ]; 556 unsigned int opt; 557 int res = 0; 558 559 if (level != SOL_AX25) 560 return -ENOPROTOOPT; 561 562 if (optlen < sizeof(unsigned int)) 563 return -EINVAL; 564 565 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 566 return -EFAULT; 567 568 lock_sock(sk); 569 ax25 = sk_to_ax25(sk); 570 571 switch (optname) { 572 case AX25_WINDOW: 573 if (ax25->modulus == AX25_MODULUS) { 574 if (opt < 1 || opt > 7) { 575 res = -EINVAL; 576 break; 577 } 578 } else { 579 if (opt < 1 || opt > 63) { 580 res = -EINVAL; 581 break; 582 } 583 } 584 ax25->window = opt; 585 break; 586 587 case AX25_T1: 588 if (opt < 1 || opt > UINT_MAX / HZ) { 589 res = -EINVAL; 590 break; 591 } 592 ax25->rtt = (opt * HZ) >> 1; 593 ax25->t1 = opt * HZ; 594 break; 595 596 case AX25_T2: 597 if (opt < 1 || opt > UINT_MAX / HZ) { 598 res = -EINVAL; 599 break; 600 } 601 ax25->t2 = opt * HZ; 602 break; 603 604 case AX25_N2: 605 if (opt < 1 || opt > 31) { 606 res = -EINVAL; 607 break; 608 } 609 ax25->n2 = opt; 610 break; 611 612 case AX25_T3: 613 if (opt < 1 || opt > UINT_MAX / HZ) { 614 res = -EINVAL; 615 break; 616 } 617 ax25->t3 = opt * HZ; 618 break; 619 620 case AX25_IDLE: 621 if (opt > UINT_MAX / (60 * HZ)) { 622 res = -EINVAL; 623 break; 624 } 625 ax25->idle = opt * 60 * HZ; 626 break; 627 628 case AX25_BACKOFF: 629 if (opt > 2) { 630 res = -EINVAL; 631 break; 632 } 633 ax25->backoff = opt; 634 break; 635 636 case AX25_EXTSEQ: 637 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 638 break; 639 640 case AX25_PIDINCL: 641 ax25->pidincl = opt ? 1 : 0; 642 break; 643 644 case AX25_IAMDIGI: 645 ax25->iamdigi = opt ? 1 : 0; 646 break; 647 648 case AX25_PACLEN: 649 if (opt < 16 || opt > 65535) { 650 res = -EINVAL; 651 break; 652 } 653 ax25->paclen = opt; 654 break; 655 656 case SO_BINDTODEVICE: 657 if (optlen > IFNAMSIZ - 1) 658 optlen = IFNAMSIZ - 1; 659 660 memset(devname, 0, sizeof(devname)); 661 662 if (copy_from_sockptr(devname, optval, optlen)) { 663 res = -EFAULT; 664 break; 665 } 666 667 if (sk->sk_type == SOCK_SEQPACKET && 668 (sock->state != SS_UNCONNECTED || 669 sk->sk_state == TCP_LISTEN)) { 670 res = -EADDRNOTAVAIL; 671 break; 672 } 673 674 rtnl_lock(); 675 dev = __dev_get_by_name(&init_net, devname); 676 if (!dev) { 677 rtnl_unlock(); 678 res = -ENODEV; 679 break; 680 } 681 682 ax25->ax25_dev = ax25_dev_ax25dev(dev); 683 if (!ax25->ax25_dev) { 684 rtnl_unlock(); 685 res = -ENODEV; 686 break; 687 } 688 ax25_fillin_cb(ax25, ax25->ax25_dev); 689 rtnl_unlock(); 690 break; 691 692 default: 693 res = -ENOPROTOOPT; 694 } 695 release_sock(sk); 696 697 return res; 698 } 699 700 static int ax25_getsockopt(struct socket *sock, int level, int optname, 701 char __user *optval, int __user *optlen) 702 { 703 struct sock *sk = sock->sk; 704 ax25_cb *ax25; 705 struct ax25_dev *ax25_dev; 706 char devname[IFNAMSIZ]; 707 void *valptr; 708 int val = 0; 709 int maxlen, length; 710 711 if (level != SOL_AX25) 712 return -ENOPROTOOPT; 713 714 if (get_user(maxlen, optlen)) 715 return -EFAULT; 716 717 if (maxlen < 1) 718 return -EFAULT; 719 720 valptr = (void *) &val; 721 length = min_t(unsigned int, maxlen, sizeof(int)); 722 723 lock_sock(sk); 724 ax25 = sk_to_ax25(sk); 725 726 switch (optname) { 727 case AX25_WINDOW: 728 val = ax25->window; 729 break; 730 731 case AX25_T1: 732 val = ax25->t1 / HZ; 733 break; 734 735 case AX25_T2: 736 val = ax25->t2 / HZ; 737 break; 738 739 case AX25_N2: 740 val = ax25->n2; 741 break; 742 743 case AX25_T3: 744 val = ax25->t3 / HZ; 745 break; 746 747 case AX25_IDLE: 748 val = ax25->idle / (60 * HZ); 749 break; 750 751 case AX25_BACKOFF: 752 val = ax25->backoff; 753 break; 754 755 case AX25_EXTSEQ: 756 val = (ax25->modulus == AX25_EMODULUS); 757 break; 758 759 case AX25_PIDINCL: 760 val = ax25->pidincl; 761 break; 762 763 case AX25_IAMDIGI: 764 val = ax25->iamdigi; 765 break; 766 767 case AX25_PACLEN: 768 val = ax25->paclen; 769 break; 770 771 case SO_BINDTODEVICE: 772 ax25_dev = ax25->ax25_dev; 773 774 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 775 strlcpy(devname, ax25_dev->dev->name, sizeof(devname)); 776 length = strlen(devname) + 1; 777 } else { 778 *devname = '\0'; 779 length = 1; 780 } 781 782 valptr = (void *) devname; 783 break; 784 785 default: 786 release_sock(sk); 787 return -ENOPROTOOPT; 788 } 789 release_sock(sk); 790 791 if (put_user(length, optlen)) 792 return -EFAULT; 793 794 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 795 } 796 797 static int ax25_listen(struct socket *sock, int backlog) 798 { 799 struct sock *sk = sock->sk; 800 int res = 0; 801 802 lock_sock(sk); 803 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 804 sk->sk_max_ack_backlog = backlog; 805 sk->sk_state = TCP_LISTEN; 806 goto out; 807 } 808 res = -EOPNOTSUPP; 809 810 out: 811 release_sock(sk); 812 813 return res; 814 } 815 816 /* 817 * XXX: when creating ax25_sock we should update the .obj_size setting 818 * below. 819 */ 820 static struct proto ax25_proto = { 821 .name = "AX25", 822 .owner = THIS_MODULE, 823 .obj_size = sizeof(struct ax25_sock), 824 }; 825 826 static int ax25_create(struct net *net, struct socket *sock, int protocol, 827 int kern) 828 { 829 struct sock *sk; 830 ax25_cb *ax25; 831 832 if (protocol < 0 || protocol > U8_MAX) 833 return -EINVAL; 834 835 if (!net_eq(net, &init_net)) 836 return -EAFNOSUPPORT; 837 838 switch (sock->type) { 839 case SOCK_DGRAM: 840 if (protocol == 0 || protocol == PF_AX25) 841 protocol = AX25_P_TEXT; 842 break; 843 844 case SOCK_SEQPACKET: 845 switch (protocol) { 846 case 0: 847 case PF_AX25: /* For CLX */ 848 protocol = AX25_P_TEXT; 849 break; 850 case AX25_P_SEGMENT: 851 #ifdef CONFIG_INET 852 case AX25_P_ARP: 853 case AX25_P_IP: 854 #endif 855 #ifdef CONFIG_NETROM 856 case AX25_P_NETROM: 857 #endif 858 #ifdef CONFIG_ROSE 859 case AX25_P_ROSE: 860 #endif 861 return -ESOCKTNOSUPPORT; 862 #ifdef CONFIG_NETROM_MODULE 863 case AX25_P_NETROM: 864 if (ax25_protocol_is_registered(AX25_P_NETROM)) 865 return -ESOCKTNOSUPPORT; 866 break; 867 #endif 868 #ifdef CONFIG_ROSE_MODULE 869 case AX25_P_ROSE: 870 if (ax25_protocol_is_registered(AX25_P_ROSE)) 871 return -ESOCKTNOSUPPORT; 872 break; 873 #endif 874 default: 875 break; 876 } 877 break; 878 879 case SOCK_RAW: 880 if (!capable(CAP_NET_RAW)) 881 return -EPERM; 882 break; 883 default: 884 return -ESOCKTNOSUPPORT; 885 } 886 887 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 888 if (sk == NULL) 889 return -ENOMEM; 890 891 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 892 if (!ax25) { 893 sk_free(sk); 894 return -ENOMEM; 895 } 896 897 sock_init_data(sock, sk); 898 899 sk->sk_destruct = ax25_free_sock; 900 sock->ops = &ax25_proto_ops; 901 sk->sk_protocol = protocol; 902 903 ax25->sk = sk; 904 905 return 0; 906 } 907 908 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 909 { 910 struct sock *sk; 911 ax25_cb *ax25, *oax25; 912 913 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 914 if (sk == NULL) 915 return NULL; 916 917 if ((ax25 = ax25_create_cb()) == NULL) { 918 sk_free(sk); 919 return NULL; 920 } 921 922 switch (osk->sk_type) { 923 case SOCK_DGRAM: 924 break; 925 case SOCK_SEQPACKET: 926 break; 927 default: 928 sk_free(sk); 929 ax25_cb_put(ax25); 930 return NULL; 931 } 932 933 sock_init_data(NULL, sk); 934 935 sk->sk_type = osk->sk_type; 936 sk->sk_priority = osk->sk_priority; 937 sk->sk_protocol = osk->sk_protocol; 938 sk->sk_rcvbuf = osk->sk_rcvbuf; 939 sk->sk_sndbuf = osk->sk_sndbuf; 940 sk->sk_state = TCP_ESTABLISHED; 941 sock_copy_flags(sk, osk); 942 943 oax25 = sk_to_ax25(osk); 944 945 ax25->modulus = oax25->modulus; 946 ax25->backoff = oax25->backoff; 947 ax25->pidincl = oax25->pidincl; 948 ax25->iamdigi = oax25->iamdigi; 949 ax25->rtt = oax25->rtt; 950 ax25->t1 = oax25->t1; 951 ax25->t2 = oax25->t2; 952 ax25->t3 = oax25->t3; 953 ax25->n2 = oax25->n2; 954 ax25->idle = oax25->idle; 955 ax25->paclen = oax25->paclen; 956 ax25->window = oax25->window; 957 958 ax25->ax25_dev = ax25_dev; 959 ax25->source_addr = oax25->source_addr; 960 961 if (oax25->digipeat != NULL) { 962 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 963 GFP_ATOMIC); 964 if (ax25->digipeat == NULL) { 965 sk_free(sk); 966 ax25_cb_put(ax25); 967 return NULL; 968 } 969 } 970 971 ax25_sk(sk)->cb = ax25; 972 sk->sk_destruct = ax25_free_sock; 973 ax25->sk = sk; 974 975 return sk; 976 } 977 978 static int ax25_release(struct socket *sock) 979 { 980 struct sock *sk = sock->sk; 981 ax25_cb *ax25; 982 983 if (sk == NULL) 984 return 0; 985 986 sock_hold(sk); 987 sock_orphan(sk); 988 lock_sock(sk); 989 ax25 = sk_to_ax25(sk); 990 991 if (sk->sk_type == SOCK_SEQPACKET) { 992 switch (ax25->state) { 993 case AX25_STATE_0: 994 release_sock(sk); 995 ax25_disconnect(ax25, 0); 996 lock_sock(sk); 997 ax25_destroy_socket(ax25); 998 break; 999 1000 case AX25_STATE_1: 1001 case AX25_STATE_2: 1002 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 1003 release_sock(sk); 1004 ax25_disconnect(ax25, 0); 1005 lock_sock(sk); 1006 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 1007 ax25_destroy_socket(ax25); 1008 break; 1009 1010 case AX25_STATE_3: 1011 case AX25_STATE_4: 1012 ax25_clear_queues(ax25); 1013 ax25->n2count = 0; 1014 1015 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1016 case AX25_PROTO_STD_SIMPLEX: 1017 case AX25_PROTO_STD_DUPLEX: 1018 ax25_send_control(ax25, 1019 AX25_DISC, 1020 AX25_POLLON, 1021 AX25_COMMAND); 1022 ax25_stop_t2timer(ax25); 1023 ax25_stop_t3timer(ax25); 1024 ax25_stop_idletimer(ax25); 1025 break; 1026 #ifdef CONFIG_AX25_DAMA_SLAVE 1027 case AX25_PROTO_DAMA_SLAVE: 1028 ax25_stop_t3timer(ax25); 1029 ax25_stop_idletimer(ax25); 1030 break; 1031 #endif 1032 } 1033 ax25_calculate_t1(ax25); 1034 ax25_start_t1timer(ax25); 1035 ax25->state = AX25_STATE_2; 1036 sk->sk_state = TCP_CLOSE; 1037 sk->sk_shutdown |= SEND_SHUTDOWN; 1038 sk->sk_state_change(sk); 1039 sock_set_flag(sk, SOCK_DESTROY); 1040 break; 1041 1042 default: 1043 break; 1044 } 1045 } else { 1046 sk->sk_state = TCP_CLOSE; 1047 sk->sk_shutdown |= SEND_SHUTDOWN; 1048 sk->sk_state_change(sk); 1049 ax25_destroy_socket(ax25); 1050 } 1051 1052 sock->sk = NULL; 1053 release_sock(sk); 1054 sock_put(sk); 1055 1056 return 0; 1057 } 1058 1059 /* 1060 * We support a funny extension here so you can (as root) give any callsign 1061 * digipeated via a local address as source. This hack is obsolete now 1062 * that we've implemented support for SO_BINDTODEVICE. It is however small 1063 * and trivially backward compatible. 1064 */ 1065 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1066 { 1067 struct sock *sk = sock->sk; 1068 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1069 ax25_dev *ax25_dev = NULL; 1070 ax25_uid_assoc *user; 1071 ax25_address call; 1072 ax25_cb *ax25; 1073 int err = 0; 1074 1075 if (addr_len != sizeof(struct sockaddr_ax25) && 1076 addr_len != sizeof(struct full_sockaddr_ax25)) 1077 /* support for old structure may go away some time 1078 * ax25_bind(): uses old (6 digipeater) socket structure. 1079 */ 1080 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1081 (addr_len > sizeof(struct full_sockaddr_ax25))) 1082 return -EINVAL; 1083 1084 if (addr->fsa_ax25.sax25_family != AF_AX25) 1085 return -EINVAL; 1086 1087 user = ax25_findbyuid(current_euid()); 1088 if (user) { 1089 call = user->call; 1090 ax25_uid_put(user); 1091 } else { 1092 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1093 return -EACCES; 1094 1095 call = addr->fsa_ax25.sax25_call; 1096 } 1097 1098 lock_sock(sk); 1099 1100 ax25 = sk_to_ax25(sk); 1101 if (!sock_flag(sk, SOCK_ZAPPED)) { 1102 err = -EINVAL; 1103 goto out; 1104 } 1105 1106 ax25->source_addr = call; 1107 1108 /* 1109 * User already set interface with SO_BINDTODEVICE 1110 */ 1111 if (ax25->ax25_dev != NULL) 1112 goto done; 1113 1114 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1115 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1116 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1117 err = -EADDRNOTAVAIL; 1118 goto out; 1119 } 1120 } else { 1121 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1122 err = -EADDRNOTAVAIL; 1123 goto out; 1124 } 1125 } 1126 1127 if (ax25_dev) { 1128 ax25_fillin_cb(ax25, ax25_dev); 1129 dev_hold_track(ax25_dev->dev, &ax25_dev->dev_tracker, GFP_ATOMIC); 1130 } 1131 1132 done: 1133 ax25_cb_add(ax25); 1134 sock_reset_flag(sk, SOCK_ZAPPED); 1135 1136 out: 1137 release_sock(sk); 1138 1139 return err; 1140 } 1141 1142 /* 1143 * FIXME: nonblock behaviour looks like it may have a bug. 1144 */ 1145 static int __must_check ax25_connect(struct socket *sock, 1146 struct sockaddr *uaddr, int addr_len, int flags) 1147 { 1148 struct sock *sk = sock->sk; 1149 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1150 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1151 ax25_digi *digi = NULL; 1152 int ct = 0, err = 0; 1153 1154 /* 1155 * some sanity checks. code further down depends on this 1156 */ 1157 1158 if (addr_len == sizeof(struct sockaddr_ax25)) 1159 /* support for this will go away in early 2.5.x 1160 * ax25_connect(): uses obsolete socket structure 1161 */ 1162 ; 1163 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1164 /* support for old structure may go away some time 1165 * ax25_connect(): uses old (6 digipeater) socket structure. 1166 */ 1167 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1168 (addr_len > sizeof(struct full_sockaddr_ax25))) 1169 return -EINVAL; 1170 1171 1172 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1173 return -EINVAL; 1174 1175 lock_sock(sk); 1176 1177 /* deal with restarts */ 1178 if (sock->state == SS_CONNECTING) { 1179 switch (sk->sk_state) { 1180 case TCP_SYN_SENT: /* still trying */ 1181 err = -EINPROGRESS; 1182 goto out_release; 1183 1184 case TCP_ESTABLISHED: /* connection established */ 1185 sock->state = SS_CONNECTED; 1186 goto out_release; 1187 1188 case TCP_CLOSE: /* connection refused */ 1189 sock->state = SS_UNCONNECTED; 1190 err = -ECONNREFUSED; 1191 goto out_release; 1192 } 1193 } 1194 1195 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1196 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1197 goto out_release; 1198 } 1199 1200 sk->sk_state = TCP_CLOSE; 1201 sock->state = SS_UNCONNECTED; 1202 1203 kfree(ax25->digipeat); 1204 ax25->digipeat = NULL; 1205 1206 /* 1207 * Handle digi-peaters to be used. 1208 */ 1209 if (addr_len > sizeof(struct sockaddr_ax25) && 1210 fsa->fsa_ax25.sax25_ndigis != 0) { 1211 /* Valid number of digipeaters ? */ 1212 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1213 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1214 addr_len < sizeof(struct sockaddr_ax25) + 1215 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1216 err = -EINVAL; 1217 goto out_release; 1218 } 1219 1220 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1221 err = -ENOBUFS; 1222 goto out_release; 1223 } 1224 1225 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1226 digi->lastrepeat = -1; 1227 1228 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1229 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1230 AX25_HBIT) && ax25->iamdigi) { 1231 digi->repeated[ct] = 1; 1232 digi->lastrepeat = ct; 1233 } else { 1234 digi->repeated[ct] = 0; 1235 } 1236 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1237 ct++; 1238 } 1239 } 1240 1241 /* 1242 * Must bind first - autobinding in this may or may not work. If 1243 * the socket is already bound, check to see if the device has 1244 * been filled in, error if it hasn't. 1245 */ 1246 if (sock_flag(sk, SOCK_ZAPPED)) { 1247 /* check if we can remove this feature. It is broken. */ 1248 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1249 current->comm); 1250 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1251 kfree(digi); 1252 goto out_release; 1253 } 1254 1255 ax25_fillin_cb(ax25, ax25->ax25_dev); 1256 ax25_cb_add(ax25); 1257 } else { 1258 if (ax25->ax25_dev == NULL) { 1259 kfree(digi); 1260 err = -EHOSTUNREACH; 1261 goto out_release; 1262 } 1263 } 1264 1265 if (sk->sk_type == SOCK_SEQPACKET && 1266 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1267 ax25->ax25_dev->dev))) { 1268 kfree(digi); 1269 err = -EADDRINUSE; /* Already such a connection */ 1270 ax25_cb_put(ax25t); 1271 goto out_release; 1272 } 1273 1274 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1275 ax25->digipeat = digi; 1276 1277 /* First the easy one */ 1278 if (sk->sk_type != SOCK_SEQPACKET) { 1279 sock->state = SS_CONNECTED; 1280 sk->sk_state = TCP_ESTABLISHED; 1281 goto out_release; 1282 } 1283 1284 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1285 sock->state = SS_CONNECTING; 1286 sk->sk_state = TCP_SYN_SENT; 1287 1288 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1289 case AX25_PROTO_STD_SIMPLEX: 1290 case AX25_PROTO_STD_DUPLEX: 1291 ax25_std_establish_data_link(ax25); 1292 break; 1293 1294 #ifdef CONFIG_AX25_DAMA_SLAVE 1295 case AX25_PROTO_DAMA_SLAVE: 1296 ax25->modulus = AX25_MODULUS; 1297 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1298 if (ax25->ax25_dev->dama.slave) 1299 ax25_ds_establish_data_link(ax25); 1300 else 1301 ax25_std_establish_data_link(ax25); 1302 break; 1303 #endif 1304 } 1305 1306 ax25->state = AX25_STATE_1; 1307 1308 ax25_start_heartbeat(ax25); 1309 1310 /* Now the loop */ 1311 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1312 err = -EINPROGRESS; 1313 goto out_release; 1314 } 1315 1316 if (sk->sk_state == TCP_SYN_SENT) { 1317 DEFINE_WAIT(wait); 1318 1319 for (;;) { 1320 prepare_to_wait(sk_sleep(sk), &wait, 1321 TASK_INTERRUPTIBLE); 1322 if (sk->sk_state != TCP_SYN_SENT) 1323 break; 1324 if (!signal_pending(current)) { 1325 release_sock(sk); 1326 schedule(); 1327 lock_sock(sk); 1328 continue; 1329 } 1330 err = -ERESTARTSYS; 1331 break; 1332 } 1333 finish_wait(sk_sleep(sk), &wait); 1334 1335 if (err) 1336 goto out_release; 1337 } 1338 1339 if (sk->sk_state != TCP_ESTABLISHED) { 1340 /* Not in ABM, not in WAIT_UA -> failed */ 1341 sock->state = SS_UNCONNECTED; 1342 err = sock_error(sk); /* Always set at this point */ 1343 goto out_release; 1344 } 1345 1346 sock->state = SS_CONNECTED; 1347 1348 err = 0; 1349 out_release: 1350 release_sock(sk); 1351 1352 return err; 1353 } 1354 1355 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags, 1356 bool kern) 1357 { 1358 struct sk_buff *skb; 1359 struct sock *newsk; 1360 DEFINE_WAIT(wait); 1361 struct sock *sk; 1362 int err = 0; 1363 1364 if (sock->state != SS_UNCONNECTED) 1365 return -EINVAL; 1366 1367 if ((sk = sock->sk) == NULL) 1368 return -EINVAL; 1369 1370 lock_sock(sk); 1371 if (sk->sk_type != SOCK_SEQPACKET) { 1372 err = -EOPNOTSUPP; 1373 goto out; 1374 } 1375 1376 if (sk->sk_state != TCP_LISTEN) { 1377 err = -EINVAL; 1378 goto out; 1379 } 1380 1381 /* 1382 * The read queue this time is holding sockets ready to use 1383 * hooked into the SABM we saved 1384 */ 1385 for (;;) { 1386 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1387 skb = skb_dequeue(&sk->sk_receive_queue); 1388 if (skb) 1389 break; 1390 1391 if (flags & O_NONBLOCK) { 1392 err = -EWOULDBLOCK; 1393 break; 1394 } 1395 if (!signal_pending(current)) { 1396 release_sock(sk); 1397 schedule(); 1398 lock_sock(sk); 1399 continue; 1400 } 1401 err = -ERESTARTSYS; 1402 break; 1403 } 1404 finish_wait(sk_sleep(sk), &wait); 1405 1406 if (err) 1407 goto out; 1408 1409 newsk = skb->sk; 1410 sock_graft(newsk, newsock); 1411 1412 /* Now attach up the new socket */ 1413 kfree_skb(skb); 1414 sk_acceptq_removed(sk); 1415 newsock->state = SS_CONNECTED; 1416 1417 out: 1418 release_sock(sk); 1419 1420 return err; 1421 } 1422 1423 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1424 int peer) 1425 { 1426 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1427 struct sock *sk = sock->sk; 1428 unsigned char ndigi, i; 1429 ax25_cb *ax25; 1430 int err = 0; 1431 1432 memset(fsa, 0, sizeof(*fsa)); 1433 lock_sock(sk); 1434 ax25 = sk_to_ax25(sk); 1435 1436 if (peer != 0) { 1437 if (sk->sk_state != TCP_ESTABLISHED) { 1438 err = -ENOTCONN; 1439 goto out; 1440 } 1441 1442 fsa->fsa_ax25.sax25_family = AF_AX25; 1443 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1444 1445 if (ax25->digipeat != NULL) { 1446 ndigi = ax25->digipeat->ndigi; 1447 fsa->fsa_ax25.sax25_ndigis = ndigi; 1448 for (i = 0; i < ndigi; i++) 1449 fsa->fsa_digipeater[i] = 1450 ax25->digipeat->calls[i]; 1451 } 1452 } else { 1453 fsa->fsa_ax25.sax25_family = AF_AX25; 1454 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1455 fsa->fsa_ax25.sax25_ndigis = 1; 1456 if (ax25->ax25_dev != NULL) { 1457 memcpy(&fsa->fsa_digipeater[0], 1458 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1459 } else { 1460 fsa->fsa_digipeater[0] = null_ax25_address; 1461 } 1462 } 1463 err = sizeof (struct full_sockaddr_ax25); 1464 1465 out: 1466 release_sock(sk); 1467 1468 return err; 1469 } 1470 1471 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1472 { 1473 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1474 struct sock *sk = sock->sk; 1475 struct sockaddr_ax25 sax; 1476 struct sk_buff *skb; 1477 ax25_digi dtmp, *dp; 1478 ax25_cb *ax25; 1479 size_t size; 1480 int lv, err, addr_len = msg->msg_namelen; 1481 1482 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1483 return -EINVAL; 1484 1485 lock_sock(sk); 1486 ax25 = sk_to_ax25(sk); 1487 1488 if (sock_flag(sk, SOCK_ZAPPED)) { 1489 err = -EADDRNOTAVAIL; 1490 goto out; 1491 } 1492 1493 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1494 send_sig(SIGPIPE, current, 0); 1495 err = -EPIPE; 1496 goto out; 1497 } 1498 1499 if (ax25->ax25_dev == NULL) { 1500 err = -ENETUNREACH; 1501 goto out; 1502 } 1503 1504 if (len > ax25->ax25_dev->dev->mtu) { 1505 err = -EMSGSIZE; 1506 goto out; 1507 } 1508 1509 if (usax != NULL) { 1510 if (usax->sax25_family != AF_AX25) { 1511 err = -EINVAL; 1512 goto out; 1513 } 1514 1515 if (addr_len == sizeof(struct sockaddr_ax25)) 1516 /* ax25_sendmsg(): uses obsolete socket structure */ 1517 ; 1518 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1519 /* support for old structure may go away some time 1520 * ax25_sendmsg(): uses old (6 digipeater) 1521 * socket structure. 1522 */ 1523 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1524 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1525 err = -EINVAL; 1526 goto out; 1527 } 1528 1529 1530 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1531 int ct = 0; 1532 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1533 1534 /* Valid number of digipeaters ? */ 1535 if (usax->sax25_ndigis < 1 || 1536 usax->sax25_ndigis > AX25_MAX_DIGIS || 1537 addr_len < sizeof(struct sockaddr_ax25) + 1538 sizeof(ax25_address) * usax->sax25_ndigis) { 1539 err = -EINVAL; 1540 goto out; 1541 } 1542 1543 dtmp.ndigi = usax->sax25_ndigis; 1544 1545 while (ct < usax->sax25_ndigis) { 1546 dtmp.repeated[ct] = 0; 1547 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1548 ct++; 1549 } 1550 1551 dtmp.lastrepeat = 0; 1552 } 1553 1554 sax = *usax; 1555 if (sk->sk_type == SOCK_SEQPACKET && 1556 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1557 err = -EISCONN; 1558 goto out; 1559 } 1560 if (usax->sax25_ndigis == 0) 1561 dp = NULL; 1562 else 1563 dp = &dtmp; 1564 } else { 1565 /* 1566 * FIXME: 1003.1g - if the socket is like this because 1567 * it has become closed (not started closed) and is VC 1568 * we ought to SIGPIPE, EPIPE 1569 */ 1570 if (sk->sk_state != TCP_ESTABLISHED) { 1571 err = -ENOTCONN; 1572 goto out; 1573 } 1574 sax.sax25_family = AF_AX25; 1575 sax.sax25_call = ax25->dest_addr; 1576 dp = ax25->digipeat; 1577 } 1578 1579 /* Build a packet */ 1580 /* Assume the worst case */ 1581 size = len + ax25->ax25_dev->dev->hard_header_len; 1582 1583 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1584 if (skb == NULL) 1585 goto out; 1586 1587 skb_reserve(skb, size - len); 1588 1589 /* User data follows immediately after the AX.25 data */ 1590 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1591 err = -EFAULT; 1592 kfree_skb(skb); 1593 goto out; 1594 } 1595 1596 skb_reset_network_header(skb); 1597 1598 /* Add the PID if one is not supplied by the user in the skb */ 1599 if (!ax25->pidincl) 1600 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1601 1602 if (sk->sk_type == SOCK_SEQPACKET) { 1603 /* Connected mode sockets go via the LAPB machine */ 1604 if (sk->sk_state != TCP_ESTABLISHED) { 1605 kfree_skb(skb); 1606 err = -ENOTCONN; 1607 goto out; 1608 } 1609 1610 /* Shove it onto the queue and kick */ 1611 ax25_output(ax25, ax25->paclen, skb); 1612 1613 err = len; 1614 goto out; 1615 } 1616 1617 skb_push(skb, 1 + ax25_addr_size(dp)); 1618 1619 /* Building AX.25 Header */ 1620 1621 /* Build an AX.25 header */ 1622 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1623 dp, AX25_COMMAND, AX25_MODULUS); 1624 1625 skb_set_transport_header(skb, lv); 1626 1627 *skb_transport_header(skb) = AX25_UI; 1628 1629 /* Datagram frames go straight out of the door as UI */ 1630 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1631 1632 err = len; 1633 1634 out: 1635 release_sock(sk); 1636 1637 return err; 1638 } 1639 1640 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1641 int flags) 1642 { 1643 struct sock *sk = sock->sk; 1644 struct sk_buff *skb; 1645 int copied; 1646 int err = 0; 1647 1648 lock_sock(sk); 1649 /* 1650 * This works for seqpacket too. The receiver has ordered the 1651 * queue for us! We do one quick check first though 1652 */ 1653 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1654 err = -ENOTCONN; 1655 goto out; 1656 } 1657 1658 /* Now we can treat all alike */ 1659 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1660 flags & MSG_DONTWAIT, &err); 1661 if (skb == NULL) 1662 goto out; 1663 1664 if (!sk_to_ax25(sk)->pidincl) 1665 skb_pull(skb, 1); /* Remove PID */ 1666 1667 skb_reset_transport_header(skb); 1668 copied = skb->len; 1669 1670 if (copied > size) { 1671 copied = size; 1672 msg->msg_flags |= MSG_TRUNC; 1673 } 1674 1675 skb_copy_datagram_msg(skb, 0, msg, copied); 1676 1677 if (msg->msg_name) { 1678 ax25_digi digi; 1679 ax25_address src; 1680 const unsigned char *mac = skb_mac_header(skb); 1681 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1682 1683 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1684 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1685 &digi, NULL, NULL); 1686 sax->sax25_family = AF_AX25; 1687 /* We set this correctly, even though we may not let the 1688 application know the digi calls further down (because it 1689 did NOT ask to know them). This could get political... **/ 1690 sax->sax25_ndigis = digi.ndigi; 1691 sax->sax25_call = src; 1692 1693 if (sax->sax25_ndigis != 0) { 1694 int ct; 1695 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1696 1697 for (ct = 0; ct < digi.ndigi; ct++) 1698 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1699 } 1700 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1701 } 1702 1703 skb_free_datagram(sk, skb); 1704 err = copied; 1705 1706 out: 1707 release_sock(sk); 1708 1709 return err; 1710 } 1711 1712 static int ax25_shutdown(struct socket *sk, int how) 1713 { 1714 /* FIXME - generate DM and RNR states */ 1715 return -EOPNOTSUPP; 1716 } 1717 1718 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1719 { 1720 struct sock *sk = sock->sk; 1721 void __user *argp = (void __user *)arg; 1722 int res = 0; 1723 1724 lock_sock(sk); 1725 switch (cmd) { 1726 case TIOCOUTQ: { 1727 long amount; 1728 1729 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1730 if (amount < 0) 1731 amount = 0; 1732 res = put_user(amount, (int __user *)argp); 1733 break; 1734 } 1735 1736 case TIOCINQ: { 1737 struct sk_buff *skb; 1738 long amount = 0L; 1739 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1740 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1741 amount = skb->len; 1742 res = put_user(amount, (int __user *) argp); 1743 break; 1744 } 1745 1746 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1747 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1748 case SIOCAX25GETUID: { 1749 struct sockaddr_ax25 sax25; 1750 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1751 res = -EFAULT; 1752 break; 1753 } 1754 res = ax25_uid_ioctl(cmd, &sax25); 1755 break; 1756 } 1757 1758 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1759 long amount; 1760 if (!capable(CAP_NET_ADMIN)) { 1761 res = -EPERM; 1762 break; 1763 } 1764 if (get_user(amount, (long __user *)argp)) { 1765 res = -EFAULT; 1766 break; 1767 } 1768 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1769 res = -EINVAL; 1770 break; 1771 } 1772 ax25_uid_policy = amount; 1773 res = 0; 1774 break; 1775 } 1776 1777 case SIOCADDRT: 1778 case SIOCDELRT: 1779 case SIOCAX25OPTRT: 1780 if (!capable(CAP_NET_ADMIN)) { 1781 res = -EPERM; 1782 break; 1783 } 1784 res = ax25_rt_ioctl(cmd, argp); 1785 break; 1786 1787 case SIOCAX25CTLCON: 1788 if (!capable(CAP_NET_ADMIN)) { 1789 res = -EPERM; 1790 break; 1791 } 1792 res = ax25_ctl_ioctl(cmd, argp); 1793 break; 1794 1795 case SIOCAX25GETINFO: 1796 case SIOCAX25GETINFOOLD: { 1797 ax25_cb *ax25 = sk_to_ax25(sk); 1798 struct ax25_info_struct ax25_info; 1799 1800 ax25_info.t1 = ax25->t1 / HZ; 1801 ax25_info.t2 = ax25->t2 / HZ; 1802 ax25_info.t3 = ax25->t3 / HZ; 1803 ax25_info.idle = ax25->idle / (60 * HZ); 1804 ax25_info.n2 = ax25->n2; 1805 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1806 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1807 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1808 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1809 ax25_info.n2count = ax25->n2count; 1810 ax25_info.state = ax25->state; 1811 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1812 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1813 ax25_info.vs = ax25->vs; 1814 ax25_info.vr = ax25->vr; 1815 ax25_info.va = ax25->va; 1816 ax25_info.vs_max = ax25->vs; /* reserved */ 1817 ax25_info.paclen = ax25->paclen; 1818 ax25_info.window = ax25->window; 1819 1820 /* old structure? */ 1821 if (cmd == SIOCAX25GETINFOOLD) { 1822 static int warned = 0; 1823 if (!warned) { 1824 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1825 current->comm); 1826 warned=1; 1827 } 1828 1829 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1830 res = -EFAULT; 1831 break; 1832 } 1833 } else { 1834 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1835 res = -EINVAL; 1836 break; 1837 } 1838 } 1839 res = 0; 1840 break; 1841 } 1842 1843 case SIOCAX25ADDFWD: 1844 case SIOCAX25DELFWD: { 1845 struct ax25_fwd_struct ax25_fwd; 1846 if (!capable(CAP_NET_ADMIN)) { 1847 res = -EPERM; 1848 break; 1849 } 1850 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1851 res = -EFAULT; 1852 break; 1853 } 1854 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1855 break; 1856 } 1857 1858 case SIOCGIFADDR: 1859 case SIOCSIFADDR: 1860 case SIOCGIFDSTADDR: 1861 case SIOCSIFDSTADDR: 1862 case SIOCGIFBRDADDR: 1863 case SIOCSIFBRDADDR: 1864 case SIOCGIFNETMASK: 1865 case SIOCSIFNETMASK: 1866 case SIOCGIFMETRIC: 1867 case SIOCSIFMETRIC: 1868 res = -EINVAL; 1869 break; 1870 1871 default: 1872 res = -ENOIOCTLCMD; 1873 break; 1874 } 1875 release_sock(sk); 1876 1877 return res; 1878 } 1879 1880 #ifdef CONFIG_PROC_FS 1881 1882 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1883 __acquires(ax25_list_lock) 1884 { 1885 spin_lock_bh(&ax25_list_lock); 1886 return seq_hlist_start(&ax25_list, *pos); 1887 } 1888 1889 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1890 { 1891 return seq_hlist_next(v, &ax25_list, pos); 1892 } 1893 1894 static void ax25_info_stop(struct seq_file *seq, void *v) 1895 __releases(ax25_list_lock) 1896 { 1897 spin_unlock_bh(&ax25_list_lock); 1898 } 1899 1900 static int ax25_info_show(struct seq_file *seq, void *v) 1901 { 1902 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1903 char buf[11]; 1904 int k; 1905 1906 1907 /* 1908 * New format: 1909 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1910 */ 1911 1912 seq_printf(seq, "%p %s %s%s ", 1913 ax25, 1914 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1915 ax2asc(buf, &ax25->source_addr), 1916 ax25->iamdigi? "*":""); 1917 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1918 1919 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1920 seq_printf(seq, ",%s%s", 1921 ax2asc(buf, &ax25->digipeat->calls[k]), 1922 ax25->digipeat->repeated[k]? "*":""); 1923 } 1924 1925 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1926 ax25->state, 1927 ax25->vs, ax25->vr, ax25->va, 1928 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1929 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1930 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1931 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1932 ax25->idle / (60 * HZ), 1933 ax25->n2count, ax25->n2, 1934 ax25->rtt / HZ, 1935 ax25->window, 1936 ax25->paclen); 1937 1938 if (ax25->sk != NULL) { 1939 seq_printf(seq, " %d %d %lu\n", 1940 sk_wmem_alloc_get(ax25->sk), 1941 sk_rmem_alloc_get(ax25->sk), 1942 sock_i_ino(ax25->sk)); 1943 } else { 1944 seq_puts(seq, " * * *\n"); 1945 } 1946 return 0; 1947 } 1948 1949 static const struct seq_operations ax25_info_seqops = { 1950 .start = ax25_info_start, 1951 .next = ax25_info_next, 1952 .stop = ax25_info_stop, 1953 .show = ax25_info_show, 1954 }; 1955 #endif 1956 1957 static const struct net_proto_family ax25_family_ops = { 1958 .family = PF_AX25, 1959 .create = ax25_create, 1960 .owner = THIS_MODULE, 1961 }; 1962 1963 static const struct proto_ops ax25_proto_ops = { 1964 .family = PF_AX25, 1965 .owner = THIS_MODULE, 1966 .release = ax25_release, 1967 .bind = ax25_bind, 1968 .connect = ax25_connect, 1969 .socketpair = sock_no_socketpair, 1970 .accept = ax25_accept, 1971 .getname = ax25_getname, 1972 .poll = datagram_poll, 1973 .ioctl = ax25_ioctl, 1974 .gettstamp = sock_gettstamp, 1975 .listen = ax25_listen, 1976 .shutdown = ax25_shutdown, 1977 .setsockopt = ax25_setsockopt, 1978 .getsockopt = ax25_getsockopt, 1979 .sendmsg = ax25_sendmsg, 1980 .recvmsg = ax25_recvmsg, 1981 .mmap = sock_no_mmap, 1982 .sendpage = sock_no_sendpage, 1983 }; 1984 1985 /* 1986 * Called by socket.c on kernel start up 1987 */ 1988 static struct packet_type ax25_packet_type __read_mostly = { 1989 .type = cpu_to_be16(ETH_P_AX25), 1990 .func = ax25_kiss_rcv, 1991 }; 1992 1993 static struct notifier_block ax25_dev_notifier = { 1994 .notifier_call = ax25_device_event, 1995 }; 1996 1997 static int __init ax25_init(void) 1998 { 1999 int rc = proto_register(&ax25_proto, 0); 2000 2001 if (rc != 0) 2002 goto out; 2003 2004 sock_register(&ax25_family_ops); 2005 dev_add_pack(&ax25_packet_type); 2006 register_netdevice_notifier(&ax25_dev_notifier); 2007 2008 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 2009 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 2010 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 2011 &ax25_uid_seqops); 2012 out: 2013 return rc; 2014 } 2015 module_init(ax25_init); 2016 2017 2018 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2019 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2020 MODULE_LICENSE("GPL"); 2021 MODULE_ALIAS_NETPROTO(PF_AX25); 2022 2023 static void __exit ax25_exit(void) 2024 { 2025 remove_proc_entry("ax25_route", init_net.proc_net); 2026 remove_proc_entry("ax25", init_net.proc_net); 2027 remove_proc_entry("ax25_calls", init_net.proc_net); 2028 2029 unregister_netdevice_notifier(&ax25_dev_notifier); 2030 2031 dev_remove_pack(&ax25_packet_type); 2032 2033 sock_unregister(PF_AX25); 2034 proto_unregister(&ax25_proto); 2035 2036 ax25_rt_free(); 2037 ax25_uid_free(); 2038 ax25_dev_free(); 2039 } 2040 module_exit(ax25_exit); 2041