1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 if (!hlist_unhashed(&ax25->ax25_node)) { 66 spin_lock_bh(&ax25_list_lock); 67 hlist_del_init(&ax25->ax25_node); 68 spin_unlock_bh(&ax25_list_lock); 69 ax25_cb_put(ax25); 70 } 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 struct sock *sk; 81 82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 83 return; 84 85 spin_lock_bh(&ax25_list_lock); 86 again: 87 ax25_for_each(s, &ax25_list) { 88 if (s->ax25_dev == ax25_dev) { 89 sk = s->sk; 90 sock_hold(sk); 91 spin_unlock_bh(&ax25_list_lock); 92 lock_sock(sk); 93 s->ax25_dev = NULL; 94 ax25_dev_put(ax25_dev); 95 release_sock(sk); 96 ax25_disconnect(s, ENETUNREACH); 97 spin_lock_bh(&ax25_list_lock); 98 sock_put(sk); 99 /* The entry could have been deleted from the 100 * list meanwhile and thus the next pointer is 101 * no longer valid. Play it safe and restart 102 * the scan. Forward progress is ensured 103 * because we set s->ax25_dev to NULL and we 104 * are never passed a NULL 'dev' argument. 105 */ 106 goto again; 107 } 108 } 109 spin_unlock_bh(&ax25_list_lock); 110 } 111 112 /* 113 * Handle device status changes. 114 */ 115 static int ax25_device_event(struct notifier_block *this, unsigned long event, 116 void *ptr) 117 { 118 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 119 120 if (!net_eq(dev_net(dev), &init_net)) 121 return NOTIFY_DONE; 122 123 /* Reject non AX.25 devices */ 124 if (dev->type != ARPHRD_AX25) 125 return NOTIFY_DONE; 126 127 switch (event) { 128 case NETDEV_UP: 129 ax25_dev_device_up(dev); 130 break; 131 case NETDEV_DOWN: 132 ax25_kill_by_device(dev); 133 ax25_rt_device_down(dev); 134 ax25_dev_device_down(dev); 135 break; 136 default: 137 break; 138 } 139 140 return NOTIFY_DONE; 141 } 142 143 /* 144 * Add a socket to the bound sockets list. 145 */ 146 void ax25_cb_add(ax25_cb *ax25) 147 { 148 spin_lock_bh(&ax25_list_lock); 149 ax25_cb_hold(ax25); 150 hlist_add_head(&ax25->ax25_node, &ax25_list); 151 spin_unlock_bh(&ax25_list_lock); 152 } 153 154 /* 155 * Find a socket that wants to accept the SABM we have just 156 * received. 157 */ 158 struct sock *ax25_find_listener(ax25_address *addr, int digi, 159 struct net_device *dev, int type) 160 { 161 ax25_cb *s; 162 163 spin_lock(&ax25_list_lock); 164 ax25_for_each(s, &ax25_list) { 165 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 166 continue; 167 if (s->sk && !ax25cmp(&s->source_addr, addr) && 168 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 169 /* If device is null we match any device */ 170 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 171 sock_hold(s->sk); 172 spin_unlock(&ax25_list_lock); 173 return s->sk; 174 } 175 } 176 } 177 spin_unlock(&ax25_list_lock); 178 179 return NULL; 180 } 181 182 /* 183 * Find an AX.25 socket given both ends. 184 */ 185 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 186 int type) 187 { 188 struct sock *sk = NULL; 189 ax25_cb *s; 190 191 spin_lock(&ax25_list_lock); 192 ax25_for_each(s, &ax25_list) { 193 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 194 !ax25cmp(&s->dest_addr, dest_addr) && 195 s->sk->sk_type == type) { 196 sk = s->sk; 197 sock_hold(sk); 198 break; 199 } 200 } 201 202 spin_unlock(&ax25_list_lock); 203 204 return sk; 205 } 206 207 /* 208 * Find an AX.25 control block given both ends. It will only pick up 209 * floating AX.25 control blocks or non Raw socket bound control blocks. 210 */ 211 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr, 212 ax25_digi *digi, struct net_device *dev) 213 { 214 ax25_cb *s; 215 216 spin_lock_bh(&ax25_list_lock); 217 ax25_for_each(s, &ax25_list) { 218 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 219 continue; 220 if (s->ax25_dev == NULL) 221 continue; 222 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 223 if (digi != NULL && digi->ndigi != 0) { 224 if (s->digipeat == NULL) 225 continue; 226 if (ax25digicmp(s->digipeat, digi) != 0) 227 continue; 228 } else { 229 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 230 continue; 231 } 232 ax25_cb_hold(s); 233 spin_unlock_bh(&ax25_list_lock); 234 235 return s; 236 } 237 } 238 spin_unlock_bh(&ax25_list_lock); 239 240 return NULL; 241 } 242 243 EXPORT_SYMBOL(ax25_find_cb); 244 245 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 246 { 247 ax25_cb *s; 248 struct sk_buff *copy; 249 250 spin_lock(&ax25_list_lock); 251 ax25_for_each(s, &ax25_list) { 252 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 253 s->sk->sk_type == SOCK_RAW && 254 s->sk->sk_protocol == proto && 255 s->ax25_dev->dev == skb->dev && 256 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 257 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 258 continue; 259 if (sock_queue_rcv_skb(s->sk, copy) != 0) 260 kfree_skb(copy); 261 } 262 } 263 spin_unlock(&ax25_list_lock); 264 } 265 266 /* 267 * Deferred destroy. 268 */ 269 void ax25_destroy_socket(ax25_cb *); 270 271 /* 272 * Handler for deferred kills. 273 */ 274 static void ax25_destroy_timer(struct timer_list *t) 275 { 276 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 277 struct sock *sk; 278 279 sk=ax25->sk; 280 281 bh_lock_sock(sk); 282 sock_hold(sk); 283 ax25_destroy_socket(ax25); 284 bh_unlock_sock(sk); 285 sock_put(sk); 286 } 287 288 /* 289 * This is called from user mode and the timers. Thus it protects itself 290 * against interrupt users but doesn't worry about being called during 291 * work. Once it is removed from the queue no interrupt or bottom half 292 * will touch it and we are (fairly 8-) ) safe. 293 */ 294 void ax25_destroy_socket(ax25_cb *ax25) 295 { 296 struct sk_buff *skb; 297 298 ax25_cb_del(ax25); 299 300 ax25_stop_heartbeat(ax25); 301 ax25_stop_t1timer(ax25); 302 ax25_stop_t2timer(ax25); 303 ax25_stop_t3timer(ax25); 304 ax25_stop_idletimer(ax25); 305 306 ax25_clear_queues(ax25); /* Flush the queues */ 307 308 if (ax25->sk != NULL) { 309 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 310 if (skb->sk != ax25->sk) { 311 /* A pending connection */ 312 ax25_cb *sax25 = sk_to_ax25(skb->sk); 313 314 /* Queue the unaccepted socket for death */ 315 sock_orphan(skb->sk); 316 317 /* 9A4GL: hack to release unaccepted sockets */ 318 skb->sk->sk_state = TCP_LISTEN; 319 320 ax25_start_heartbeat(sax25); 321 sax25->state = AX25_STATE_0; 322 } 323 324 kfree_skb(skb); 325 } 326 skb_queue_purge(&ax25->sk->sk_write_queue); 327 } 328 329 if (ax25->sk != NULL) { 330 if (sk_has_allocations(ax25->sk)) { 331 /* Defer: outstanding buffers */ 332 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 333 ax25->dtimer.expires = jiffies + 2 * HZ; 334 add_timer(&ax25->dtimer); 335 } else { 336 struct sock *sk=ax25->sk; 337 ax25->sk=NULL; 338 sock_put(sk); 339 } 340 } else { 341 ax25_cb_put(ax25); 342 } 343 } 344 345 /* 346 * dl1bke 960311: set parameters for existing AX.25 connections, 347 * includes a KILL command to abort any connection. 348 * VERY useful for debugging ;-) 349 */ 350 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 351 { 352 struct ax25_ctl_struct ax25_ctl; 353 ax25_digi digi; 354 ax25_dev *ax25_dev; 355 ax25_cb *ax25; 356 unsigned int k; 357 int ret = 0; 358 359 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 360 return -EFAULT; 361 362 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 363 return -EINVAL; 364 365 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 366 return -EINVAL; 367 368 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr); 369 if (!ax25_dev) 370 return -ENODEV; 371 372 digi.ndigi = ax25_ctl.digi_count; 373 for (k = 0; k < digi.ndigi; k++) 374 digi.calls[k] = ax25_ctl.digi_addr[k]; 375 376 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev); 377 if (!ax25) { 378 ax25_dev_put(ax25_dev); 379 return -ENOTCONN; 380 } 381 382 switch (ax25_ctl.cmd) { 383 case AX25_KILL: 384 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 385 #ifdef CONFIG_AX25_DAMA_SLAVE 386 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 387 ax25_dama_off(ax25); 388 #endif 389 ax25_disconnect(ax25, ENETRESET); 390 break; 391 392 case AX25_WINDOW: 393 if (ax25->modulus == AX25_MODULUS) { 394 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 395 goto einval_put; 396 } else { 397 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 398 goto einval_put; 399 } 400 ax25->window = ax25_ctl.arg; 401 break; 402 403 case AX25_T1: 404 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 405 goto einval_put; 406 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 407 ax25->t1 = ax25_ctl.arg * HZ; 408 break; 409 410 case AX25_T2: 411 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 412 goto einval_put; 413 ax25->t2 = ax25_ctl.arg * HZ; 414 break; 415 416 case AX25_N2: 417 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 418 goto einval_put; 419 ax25->n2count = 0; 420 ax25->n2 = ax25_ctl.arg; 421 break; 422 423 case AX25_T3: 424 if (ax25_ctl.arg > ULONG_MAX / HZ) 425 goto einval_put; 426 ax25->t3 = ax25_ctl.arg * HZ; 427 break; 428 429 case AX25_IDLE: 430 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 431 goto einval_put; 432 433 ax25->idle = ax25_ctl.arg * 60 * HZ; 434 break; 435 436 case AX25_PACLEN: 437 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 438 goto einval_put; 439 ax25->paclen = ax25_ctl.arg; 440 break; 441 442 default: 443 goto einval_put; 444 } 445 446 out_put: 447 ax25_dev_put(ax25_dev); 448 ax25_cb_put(ax25); 449 return ret; 450 451 einval_put: 452 ret = -EINVAL; 453 goto out_put; 454 } 455 456 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev) 457 { 458 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 459 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 460 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 461 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 462 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 463 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 464 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 465 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 466 467 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 468 ax25->modulus = AX25_EMODULUS; 469 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 470 } else { 471 ax25->modulus = AX25_MODULUS; 472 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 473 } 474 } 475 476 /* 477 * Fill in a created AX.25 created control block with the default 478 * values for a particular device. 479 */ 480 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 481 { 482 ax25->ax25_dev = ax25_dev; 483 484 if (ax25->ax25_dev != NULL) { 485 ax25_fillin_cb_from_dev(ax25, ax25_dev); 486 return; 487 } 488 489 /* 490 * No device, use kernel / AX.25 spec default values 491 */ 492 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 493 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 494 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 495 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 496 ax25->n2 = AX25_DEF_N2; 497 ax25->paclen = AX25_DEF_PACLEN; 498 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 499 ax25->backoff = AX25_DEF_BACKOFF; 500 501 if (AX25_DEF_AXDEFMODE) { 502 ax25->modulus = AX25_EMODULUS; 503 ax25->window = AX25_DEF_EWINDOW; 504 } else { 505 ax25->modulus = AX25_MODULUS; 506 ax25->window = AX25_DEF_WINDOW; 507 } 508 } 509 510 /* 511 * Create an empty AX.25 control block. 512 */ 513 ax25_cb *ax25_create_cb(void) 514 { 515 ax25_cb *ax25; 516 517 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 518 return NULL; 519 520 refcount_set(&ax25->refcount, 1); 521 522 skb_queue_head_init(&ax25->write_queue); 523 skb_queue_head_init(&ax25->frag_queue); 524 skb_queue_head_init(&ax25->ack_queue); 525 skb_queue_head_init(&ax25->reseq_queue); 526 527 ax25_setup_timers(ax25); 528 529 ax25_fillin_cb(ax25, NULL); 530 531 ax25->state = AX25_STATE_0; 532 533 return ax25; 534 } 535 536 /* 537 * Handling for system calls applied via the various interfaces to an 538 * AX25 socket object 539 */ 540 541 static int ax25_setsockopt(struct socket *sock, int level, int optname, 542 sockptr_t optval, unsigned int optlen) 543 { 544 struct sock *sk = sock->sk; 545 ax25_cb *ax25; 546 struct net_device *dev; 547 char devname[IFNAMSIZ]; 548 unsigned int opt; 549 int res = 0; 550 551 if (level != SOL_AX25) 552 return -ENOPROTOOPT; 553 554 if (optlen < sizeof(unsigned int)) 555 return -EINVAL; 556 557 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 558 return -EFAULT; 559 560 lock_sock(sk); 561 ax25 = sk_to_ax25(sk); 562 563 switch (optname) { 564 case AX25_WINDOW: 565 if (ax25->modulus == AX25_MODULUS) { 566 if (opt < 1 || opt > 7) { 567 res = -EINVAL; 568 break; 569 } 570 } else { 571 if (opt < 1 || opt > 63) { 572 res = -EINVAL; 573 break; 574 } 575 } 576 ax25->window = opt; 577 break; 578 579 case AX25_T1: 580 if (opt < 1 || opt > UINT_MAX / HZ) { 581 res = -EINVAL; 582 break; 583 } 584 ax25->rtt = (opt * HZ) >> 1; 585 ax25->t1 = opt * HZ; 586 break; 587 588 case AX25_T2: 589 if (opt < 1 || opt > UINT_MAX / HZ) { 590 res = -EINVAL; 591 break; 592 } 593 ax25->t2 = opt * HZ; 594 break; 595 596 case AX25_N2: 597 if (opt < 1 || opt > 31) { 598 res = -EINVAL; 599 break; 600 } 601 ax25->n2 = opt; 602 break; 603 604 case AX25_T3: 605 if (opt < 1 || opt > UINT_MAX / HZ) { 606 res = -EINVAL; 607 break; 608 } 609 ax25->t3 = opt * HZ; 610 break; 611 612 case AX25_IDLE: 613 if (opt > UINT_MAX / (60 * HZ)) { 614 res = -EINVAL; 615 break; 616 } 617 ax25->idle = opt * 60 * HZ; 618 break; 619 620 case AX25_BACKOFF: 621 if (opt > 2) { 622 res = -EINVAL; 623 break; 624 } 625 ax25->backoff = opt; 626 break; 627 628 case AX25_EXTSEQ: 629 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 630 break; 631 632 case AX25_PIDINCL: 633 ax25->pidincl = opt ? 1 : 0; 634 break; 635 636 case AX25_IAMDIGI: 637 ax25->iamdigi = opt ? 1 : 0; 638 break; 639 640 case AX25_PACLEN: 641 if (opt < 16 || opt > 65535) { 642 res = -EINVAL; 643 break; 644 } 645 ax25->paclen = opt; 646 break; 647 648 case SO_BINDTODEVICE: 649 if (optlen > IFNAMSIZ - 1) 650 optlen = IFNAMSIZ - 1; 651 652 memset(devname, 0, sizeof(devname)); 653 654 if (copy_from_sockptr(devname, optval, optlen)) { 655 res = -EFAULT; 656 break; 657 } 658 659 if (sk->sk_type == SOCK_SEQPACKET && 660 (sock->state != SS_UNCONNECTED || 661 sk->sk_state == TCP_LISTEN)) { 662 res = -EADDRNOTAVAIL; 663 break; 664 } 665 666 rtnl_lock(); 667 dev = __dev_get_by_name(&init_net, devname); 668 if (!dev) { 669 rtnl_unlock(); 670 res = -ENODEV; 671 break; 672 } 673 674 ax25->ax25_dev = ax25_dev_ax25dev(dev); 675 if (!ax25->ax25_dev) { 676 rtnl_unlock(); 677 res = -ENODEV; 678 break; 679 } 680 ax25_fillin_cb(ax25, ax25->ax25_dev); 681 rtnl_unlock(); 682 break; 683 684 default: 685 res = -ENOPROTOOPT; 686 } 687 release_sock(sk); 688 689 return res; 690 } 691 692 static int ax25_getsockopt(struct socket *sock, int level, int optname, 693 char __user *optval, int __user *optlen) 694 { 695 struct sock *sk = sock->sk; 696 ax25_cb *ax25; 697 struct ax25_dev *ax25_dev; 698 char devname[IFNAMSIZ]; 699 void *valptr; 700 int val = 0; 701 int maxlen, length; 702 703 if (level != SOL_AX25) 704 return -ENOPROTOOPT; 705 706 if (get_user(maxlen, optlen)) 707 return -EFAULT; 708 709 if (maxlen < 1) 710 return -EFAULT; 711 712 valptr = (void *) &val; 713 length = min_t(unsigned int, maxlen, sizeof(int)); 714 715 lock_sock(sk); 716 ax25 = sk_to_ax25(sk); 717 718 switch (optname) { 719 case AX25_WINDOW: 720 val = ax25->window; 721 break; 722 723 case AX25_T1: 724 val = ax25->t1 / HZ; 725 break; 726 727 case AX25_T2: 728 val = ax25->t2 / HZ; 729 break; 730 731 case AX25_N2: 732 val = ax25->n2; 733 break; 734 735 case AX25_T3: 736 val = ax25->t3 / HZ; 737 break; 738 739 case AX25_IDLE: 740 val = ax25->idle / (60 * HZ); 741 break; 742 743 case AX25_BACKOFF: 744 val = ax25->backoff; 745 break; 746 747 case AX25_EXTSEQ: 748 val = (ax25->modulus == AX25_EMODULUS); 749 break; 750 751 case AX25_PIDINCL: 752 val = ax25->pidincl; 753 break; 754 755 case AX25_IAMDIGI: 756 val = ax25->iamdigi; 757 break; 758 759 case AX25_PACLEN: 760 val = ax25->paclen; 761 break; 762 763 case SO_BINDTODEVICE: 764 ax25_dev = ax25->ax25_dev; 765 766 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 767 strlcpy(devname, ax25_dev->dev->name, sizeof(devname)); 768 length = strlen(devname) + 1; 769 } else { 770 *devname = '\0'; 771 length = 1; 772 } 773 774 valptr = (void *) devname; 775 break; 776 777 default: 778 release_sock(sk); 779 return -ENOPROTOOPT; 780 } 781 release_sock(sk); 782 783 if (put_user(length, optlen)) 784 return -EFAULT; 785 786 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 787 } 788 789 static int ax25_listen(struct socket *sock, int backlog) 790 { 791 struct sock *sk = sock->sk; 792 int res = 0; 793 794 lock_sock(sk); 795 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 796 sk->sk_max_ack_backlog = backlog; 797 sk->sk_state = TCP_LISTEN; 798 goto out; 799 } 800 res = -EOPNOTSUPP; 801 802 out: 803 release_sock(sk); 804 805 return res; 806 } 807 808 /* 809 * XXX: when creating ax25_sock we should update the .obj_size setting 810 * below. 811 */ 812 static struct proto ax25_proto = { 813 .name = "AX25", 814 .owner = THIS_MODULE, 815 .obj_size = sizeof(struct ax25_sock), 816 }; 817 818 static int ax25_create(struct net *net, struct socket *sock, int protocol, 819 int kern) 820 { 821 struct sock *sk; 822 ax25_cb *ax25; 823 824 if (protocol < 0 || protocol > U8_MAX) 825 return -EINVAL; 826 827 if (!net_eq(net, &init_net)) 828 return -EAFNOSUPPORT; 829 830 switch (sock->type) { 831 case SOCK_DGRAM: 832 if (protocol == 0 || protocol == PF_AX25) 833 protocol = AX25_P_TEXT; 834 break; 835 836 case SOCK_SEQPACKET: 837 switch (protocol) { 838 case 0: 839 case PF_AX25: /* For CLX */ 840 protocol = AX25_P_TEXT; 841 break; 842 case AX25_P_SEGMENT: 843 #ifdef CONFIG_INET 844 case AX25_P_ARP: 845 case AX25_P_IP: 846 #endif 847 #ifdef CONFIG_NETROM 848 case AX25_P_NETROM: 849 #endif 850 #ifdef CONFIG_ROSE 851 case AX25_P_ROSE: 852 #endif 853 return -ESOCKTNOSUPPORT; 854 #ifdef CONFIG_NETROM_MODULE 855 case AX25_P_NETROM: 856 if (ax25_protocol_is_registered(AX25_P_NETROM)) 857 return -ESOCKTNOSUPPORT; 858 break; 859 #endif 860 #ifdef CONFIG_ROSE_MODULE 861 case AX25_P_ROSE: 862 if (ax25_protocol_is_registered(AX25_P_ROSE)) 863 return -ESOCKTNOSUPPORT; 864 break; 865 #endif 866 default: 867 break; 868 } 869 break; 870 871 case SOCK_RAW: 872 if (!capable(CAP_NET_RAW)) 873 return -EPERM; 874 break; 875 default: 876 return -ESOCKTNOSUPPORT; 877 } 878 879 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 880 if (sk == NULL) 881 return -ENOMEM; 882 883 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 884 if (!ax25) { 885 sk_free(sk); 886 return -ENOMEM; 887 } 888 889 sock_init_data(sock, sk); 890 891 sk->sk_destruct = ax25_free_sock; 892 sock->ops = &ax25_proto_ops; 893 sk->sk_protocol = protocol; 894 895 ax25->sk = sk; 896 897 return 0; 898 } 899 900 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 901 { 902 struct sock *sk; 903 ax25_cb *ax25, *oax25; 904 905 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 906 if (sk == NULL) 907 return NULL; 908 909 if ((ax25 = ax25_create_cb()) == NULL) { 910 sk_free(sk); 911 return NULL; 912 } 913 914 switch (osk->sk_type) { 915 case SOCK_DGRAM: 916 break; 917 case SOCK_SEQPACKET: 918 break; 919 default: 920 sk_free(sk); 921 ax25_cb_put(ax25); 922 return NULL; 923 } 924 925 sock_init_data(NULL, sk); 926 927 sk->sk_type = osk->sk_type; 928 sk->sk_priority = osk->sk_priority; 929 sk->sk_protocol = osk->sk_protocol; 930 sk->sk_rcvbuf = osk->sk_rcvbuf; 931 sk->sk_sndbuf = osk->sk_sndbuf; 932 sk->sk_state = TCP_ESTABLISHED; 933 sock_copy_flags(sk, osk); 934 935 oax25 = sk_to_ax25(osk); 936 937 ax25->modulus = oax25->modulus; 938 ax25->backoff = oax25->backoff; 939 ax25->pidincl = oax25->pidincl; 940 ax25->iamdigi = oax25->iamdigi; 941 ax25->rtt = oax25->rtt; 942 ax25->t1 = oax25->t1; 943 ax25->t2 = oax25->t2; 944 ax25->t3 = oax25->t3; 945 ax25->n2 = oax25->n2; 946 ax25->idle = oax25->idle; 947 ax25->paclen = oax25->paclen; 948 ax25->window = oax25->window; 949 950 ax25->ax25_dev = ax25_dev; 951 ax25->source_addr = oax25->source_addr; 952 953 if (oax25->digipeat != NULL) { 954 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 955 GFP_ATOMIC); 956 if (ax25->digipeat == NULL) { 957 sk_free(sk); 958 ax25_cb_put(ax25); 959 return NULL; 960 } 961 } 962 963 ax25_sk(sk)->cb = ax25; 964 sk->sk_destruct = ax25_free_sock; 965 ax25->sk = sk; 966 967 return sk; 968 } 969 970 static int ax25_release(struct socket *sock) 971 { 972 struct sock *sk = sock->sk; 973 ax25_cb *ax25; 974 975 if (sk == NULL) 976 return 0; 977 978 sock_hold(sk); 979 sock_orphan(sk); 980 lock_sock(sk); 981 ax25 = sk_to_ax25(sk); 982 983 if (sk->sk_type == SOCK_SEQPACKET) { 984 switch (ax25->state) { 985 case AX25_STATE_0: 986 release_sock(sk); 987 ax25_disconnect(ax25, 0); 988 lock_sock(sk); 989 ax25_destroy_socket(ax25); 990 break; 991 992 case AX25_STATE_1: 993 case AX25_STATE_2: 994 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 995 release_sock(sk); 996 ax25_disconnect(ax25, 0); 997 lock_sock(sk); 998 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 999 ax25_destroy_socket(ax25); 1000 break; 1001 1002 case AX25_STATE_3: 1003 case AX25_STATE_4: 1004 ax25_clear_queues(ax25); 1005 ax25->n2count = 0; 1006 1007 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1008 case AX25_PROTO_STD_SIMPLEX: 1009 case AX25_PROTO_STD_DUPLEX: 1010 ax25_send_control(ax25, 1011 AX25_DISC, 1012 AX25_POLLON, 1013 AX25_COMMAND); 1014 ax25_stop_t2timer(ax25); 1015 ax25_stop_t3timer(ax25); 1016 ax25_stop_idletimer(ax25); 1017 break; 1018 #ifdef CONFIG_AX25_DAMA_SLAVE 1019 case AX25_PROTO_DAMA_SLAVE: 1020 ax25_stop_t3timer(ax25); 1021 ax25_stop_idletimer(ax25); 1022 break; 1023 #endif 1024 } 1025 ax25_calculate_t1(ax25); 1026 ax25_start_t1timer(ax25); 1027 ax25->state = AX25_STATE_2; 1028 sk->sk_state = TCP_CLOSE; 1029 sk->sk_shutdown |= SEND_SHUTDOWN; 1030 sk->sk_state_change(sk); 1031 sock_set_flag(sk, SOCK_DESTROY); 1032 break; 1033 1034 default: 1035 break; 1036 } 1037 } else { 1038 sk->sk_state = TCP_CLOSE; 1039 sk->sk_shutdown |= SEND_SHUTDOWN; 1040 sk->sk_state_change(sk); 1041 ax25_destroy_socket(ax25); 1042 } 1043 1044 sock->sk = NULL; 1045 release_sock(sk); 1046 sock_put(sk); 1047 1048 return 0; 1049 } 1050 1051 /* 1052 * We support a funny extension here so you can (as root) give any callsign 1053 * digipeated via a local address as source. This hack is obsolete now 1054 * that we've implemented support for SO_BINDTODEVICE. It is however small 1055 * and trivially backward compatible. 1056 */ 1057 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1058 { 1059 struct sock *sk = sock->sk; 1060 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1061 ax25_dev *ax25_dev = NULL; 1062 ax25_uid_assoc *user; 1063 ax25_address call; 1064 ax25_cb *ax25; 1065 int err = 0; 1066 1067 if (addr_len != sizeof(struct sockaddr_ax25) && 1068 addr_len != sizeof(struct full_sockaddr_ax25)) 1069 /* support for old structure may go away some time 1070 * ax25_bind(): uses old (6 digipeater) socket structure. 1071 */ 1072 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1073 (addr_len > sizeof(struct full_sockaddr_ax25))) 1074 return -EINVAL; 1075 1076 if (addr->fsa_ax25.sax25_family != AF_AX25) 1077 return -EINVAL; 1078 1079 user = ax25_findbyuid(current_euid()); 1080 if (user) { 1081 call = user->call; 1082 ax25_uid_put(user); 1083 } else { 1084 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1085 return -EACCES; 1086 1087 call = addr->fsa_ax25.sax25_call; 1088 } 1089 1090 lock_sock(sk); 1091 1092 ax25 = sk_to_ax25(sk); 1093 if (!sock_flag(sk, SOCK_ZAPPED)) { 1094 err = -EINVAL; 1095 goto out; 1096 } 1097 1098 ax25->source_addr = call; 1099 1100 /* 1101 * User already set interface with SO_BINDTODEVICE 1102 */ 1103 if (ax25->ax25_dev != NULL) 1104 goto done; 1105 1106 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1107 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1108 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1109 err = -EADDRNOTAVAIL; 1110 goto out; 1111 } 1112 } else { 1113 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1114 err = -EADDRNOTAVAIL; 1115 goto out; 1116 } 1117 } 1118 1119 if (ax25_dev != NULL) 1120 ax25_fillin_cb(ax25, ax25_dev); 1121 1122 done: 1123 ax25_cb_add(ax25); 1124 sock_reset_flag(sk, SOCK_ZAPPED); 1125 1126 out: 1127 release_sock(sk); 1128 1129 return err; 1130 } 1131 1132 /* 1133 * FIXME: nonblock behaviour looks like it may have a bug. 1134 */ 1135 static int __must_check ax25_connect(struct socket *sock, 1136 struct sockaddr *uaddr, int addr_len, int flags) 1137 { 1138 struct sock *sk = sock->sk; 1139 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1140 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1141 ax25_digi *digi = NULL; 1142 int ct = 0, err = 0; 1143 1144 /* 1145 * some sanity checks. code further down depends on this 1146 */ 1147 1148 if (addr_len == sizeof(struct sockaddr_ax25)) 1149 /* support for this will go away in early 2.5.x 1150 * ax25_connect(): uses obsolete socket structure 1151 */ 1152 ; 1153 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1154 /* support for old structure may go away some time 1155 * ax25_connect(): uses old (6 digipeater) socket structure. 1156 */ 1157 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1158 (addr_len > sizeof(struct full_sockaddr_ax25))) 1159 return -EINVAL; 1160 1161 1162 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1163 return -EINVAL; 1164 1165 lock_sock(sk); 1166 1167 /* deal with restarts */ 1168 if (sock->state == SS_CONNECTING) { 1169 switch (sk->sk_state) { 1170 case TCP_SYN_SENT: /* still trying */ 1171 err = -EINPROGRESS; 1172 goto out_release; 1173 1174 case TCP_ESTABLISHED: /* connection established */ 1175 sock->state = SS_CONNECTED; 1176 goto out_release; 1177 1178 case TCP_CLOSE: /* connection refused */ 1179 sock->state = SS_UNCONNECTED; 1180 err = -ECONNREFUSED; 1181 goto out_release; 1182 } 1183 } 1184 1185 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1186 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1187 goto out_release; 1188 } 1189 1190 sk->sk_state = TCP_CLOSE; 1191 sock->state = SS_UNCONNECTED; 1192 1193 kfree(ax25->digipeat); 1194 ax25->digipeat = NULL; 1195 1196 /* 1197 * Handle digi-peaters to be used. 1198 */ 1199 if (addr_len > sizeof(struct sockaddr_ax25) && 1200 fsa->fsa_ax25.sax25_ndigis != 0) { 1201 /* Valid number of digipeaters ? */ 1202 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1203 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1204 addr_len < sizeof(struct sockaddr_ax25) + 1205 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1206 err = -EINVAL; 1207 goto out_release; 1208 } 1209 1210 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1211 err = -ENOBUFS; 1212 goto out_release; 1213 } 1214 1215 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1216 digi->lastrepeat = -1; 1217 1218 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1219 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1220 AX25_HBIT) && ax25->iamdigi) { 1221 digi->repeated[ct] = 1; 1222 digi->lastrepeat = ct; 1223 } else { 1224 digi->repeated[ct] = 0; 1225 } 1226 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1227 ct++; 1228 } 1229 } 1230 1231 /* 1232 * Must bind first - autobinding in this may or may not work. If 1233 * the socket is already bound, check to see if the device has 1234 * been filled in, error if it hasn't. 1235 */ 1236 if (sock_flag(sk, SOCK_ZAPPED)) { 1237 /* check if we can remove this feature. It is broken. */ 1238 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1239 current->comm); 1240 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1241 kfree(digi); 1242 goto out_release; 1243 } 1244 1245 ax25_fillin_cb(ax25, ax25->ax25_dev); 1246 ax25_cb_add(ax25); 1247 } else { 1248 if (ax25->ax25_dev == NULL) { 1249 kfree(digi); 1250 err = -EHOSTUNREACH; 1251 goto out_release; 1252 } 1253 } 1254 1255 if (sk->sk_type == SOCK_SEQPACKET && 1256 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1257 ax25->ax25_dev->dev))) { 1258 kfree(digi); 1259 err = -EADDRINUSE; /* Already such a connection */ 1260 ax25_cb_put(ax25t); 1261 goto out_release; 1262 } 1263 1264 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1265 ax25->digipeat = digi; 1266 1267 /* First the easy one */ 1268 if (sk->sk_type != SOCK_SEQPACKET) { 1269 sock->state = SS_CONNECTED; 1270 sk->sk_state = TCP_ESTABLISHED; 1271 goto out_release; 1272 } 1273 1274 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1275 sock->state = SS_CONNECTING; 1276 sk->sk_state = TCP_SYN_SENT; 1277 1278 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1279 case AX25_PROTO_STD_SIMPLEX: 1280 case AX25_PROTO_STD_DUPLEX: 1281 ax25_std_establish_data_link(ax25); 1282 break; 1283 1284 #ifdef CONFIG_AX25_DAMA_SLAVE 1285 case AX25_PROTO_DAMA_SLAVE: 1286 ax25->modulus = AX25_MODULUS; 1287 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1288 if (ax25->ax25_dev->dama.slave) 1289 ax25_ds_establish_data_link(ax25); 1290 else 1291 ax25_std_establish_data_link(ax25); 1292 break; 1293 #endif 1294 } 1295 1296 ax25->state = AX25_STATE_1; 1297 1298 ax25_start_heartbeat(ax25); 1299 1300 /* Now the loop */ 1301 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1302 err = -EINPROGRESS; 1303 goto out_release; 1304 } 1305 1306 if (sk->sk_state == TCP_SYN_SENT) { 1307 DEFINE_WAIT(wait); 1308 1309 for (;;) { 1310 prepare_to_wait(sk_sleep(sk), &wait, 1311 TASK_INTERRUPTIBLE); 1312 if (sk->sk_state != TCP_SYN_SENT) 1313 break; 1314 if (!signal_pending(current)) { 1315 release_sock(sk); 1316 schedule(); 1317 lock_sock(sk); 1318 continue; 1319 } 1320 err = -ERESTARTSYS; 1321 break; 1322 } 1323 finish_wait(sk_sleep(sk), &wait); 1324 1325 if (err) 1326 goto out_release; 1327 } 1328 1329 if (sk->sk_state != TCP_ESTABLISHED) { 1330 /* Not in ABM, not in WAIT_UA -> failed */ 1331 sock->state = SS_UNCONNECTED; 1332 err = sock_error(sk); /* Always set at this point */ 1333 goto out_release; 1334 } 1335 1336 sock->state = SS_CONNECTED; 1337 1338 err = 0; 1339 out_release: 1340 release_sock(sk); 1341 1342 return err; 1343 } 1344 1345 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags, 1346 bool kern) 1347 { 1348 struct sk_buff *skb; 1349 struct sock *newsk; 1350 DEFINE_WAIT(wait); 1351 struct sock *sk; 1352 int err = 0; 1353 1354 if (sock->state != SS_UNCONNECTED) 1355 return -EINVAL; 1356 1357 if ((sk = sock->sk) == NULL) 1358 return -EINVAL; 1359 1360 lock_sock(sk); 1361 if (sk->sk_type != SOCK_SEQPACKET) { 1362 err = -EOPNOTSUPP; 1363 goto out; 1364 } 1365 1366 if (sk->sk_state != TCP_LISTEN) { 1367 err = -EINVAL; 1368 goto out; 1369 } 1370 1371 /* 1372 * The read queue this time is holding sockets ready to use 1373 * hooked into the SABM we saved 1374 */ 1375 for (;;) { 1376 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1377 skb = skb_dequeue(&sk->sk_receive_queue); 1378 if (skb) 1379 break; 1380 1381 if (flags & O_NONBLOCK) { 1382 err = -EWOULDBLOCK; 1383 break; 1384 } 1385 if (!signal_pending(current)) { 1386 release_sock(sk); 1387 schedule(); 1388 lock_sock(sk); 1389 continue; 1390 } 1391 err = -ERESTARTSYS; 1392 break; 1393 } 1394 finish_wait(sk_sleep(sk), &wait); 1395 1396 if (err) 1397 goto out; 1398 1399 newsk = skb->sk; 1400 sock_graft(newsk, newsock); 1401 1402 /* Now attach up the new socket */ 1403 kfree_skb(skb); 1404 sk_acceptq_removed(sk); 1405 newsock->state = SS_CONNECTED; 1406 1407 out: 1408 release_sock(sk); 1409 1410 return err; 1411 } 1412 1413 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1414 int peer) 1415 { 1416 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1417 struct sock *sk = sock->sk; 1418 unsigned char ndigi, i; 1419 ax25_cb *ax25; 1420 int err = 0; 1421 1422 memset(fsa, 0, sizeof(*fsa)); 1423 lock_sock(sk); 1424 ax25 = sk_to_ax25(sk); 1425 1426 if (peer != 0) { 1427 if (sk->sk_state != TCP_ESTABLISHED) { 1428 err = -ENOTCONN; 1429 goto out; 1430 } 1431 1432 fsa->fsa_ax25.sax25_family = AF_AX25; 1433 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1434 1435 if (ax25->digipeat != NULL) { 1436 ndigi = ax25->digipeat->ndigi; 1437 fsa->fsa_ax25.sax25_ndigis = ndigi; 1438 for (i = 0; i < ndigi; i++) 1439 fsa->fsa_digipeater[i] = 1440 ax25->digipeat->calls[i]; 1441 } 1442 } else { 1443 fsa->fsa_ax25.sax25_family = AF_AX25; 1444 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1445 fsa->fsa_ax25.sax25_ndigis = 1; 1446 if (ax25->ax25_dev != NULL) { 1447 memcpy(&fsa->fsa_digipeater[0], 1448 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1449 } else { 1450 fsa->fsa_digipeater[0] = null_ax25_address; 1451 } 1452 } 1453 err = sizeof (struct full_sockaddr_ax25); 1454 1455 out: 1456 release_sock(sk); 1457 1458 return err; 1459 } 1460 1461 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1462 { 1463 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1464 struct sock *sk = sock->sk; 1465 struct sockaddr_ax25 sax; 1466 struct sk_buff *skb; 1467 ax25_digi dtmp, *dp; 1468 ax25_cb *ax25; 1469 size_t size; 1470 int lv, err, addr_len = msg->msg_namelen; 1471 1472 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1473 return -EINVAL; 1474 1475 lock_sock(sk); 1476 ax25 = sk_to_ax25(sk); 1477 1478 if (sock_flag(sk, SOCK_ZAPPED)) { 1479 err = -EADDRNOTAVAIL; 1480 goto out; 1481 } 1482 1483 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1484 send_sig(SIGPIPE, current, 0); 1485 err = -EPIPE; 1486 goto out; 1487 } 1488 1489 if (ax25->ax25_dev == NULL) { 1490 err = -ENETUNREACH; 1491 goto out; 1492 } 1493 1494 if (len > ax25->ax25_dev->dev->mtu) { 1495 err = -EMSGSIZE; 1496 goto out; 1497 } 1498 1499 if (usax != NULL) { 1500 if (usax->sax25_family != AF_AX25) { 1501 err = -EINVAL; 1502 goto out; 1503 } 1504 1505 if (addr_len == sizeof(struct sockaddr_ax25)) 1506 /* ax25_sendmsg(): uses obsolete socket structure */ 1507 ; 1508 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1509 /* support for old structure may go away some time 1510 * ax25_sendmsg(): uses old (6 digipeater) 1511 * socket structure. 1512 */ 1513 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1514 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1515 err = -EINVAL; 1516 goto out; 1517 } 1518 1519 1520 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1521 int ct = 0; 1522 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1523 1524 /* Valid number of digipeaters ? */ 1525 if (usax->sax25_ndigis < 1 || 1526 usax->sax25_ndigis > AX25_MAX_DIGIS || 1527 addr_len < sizeof(struct sockaddr_ax25) + 1528 sizeof(ax25_address) * usax->sax25_ndigis) { 1529 err = -EINVAL; 1530 goto out; 1531 } 1532 1533 dtmp.ndigi = usax->sax25_ndigis; 1534 1535 while (ct < usax->sax25_ndigis) { 1536 dtmp.repeated[ct] = 0; 1537 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1538 ct++; 1539 } 1540 1541 dtmp.lastrepeat = 0; 1542 } 1543 1544 sax = *usax; 1545 if (sk->sk_type == SOCK_SEQPACKET && 1546 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1547 err = -EISCONN; 1548 goto out; 1549 } 1550 if (usax->sax25_ndigis == 0) 1551 dp = NULL; 1552 else 1553 dp = &dtmp; 1554 } else { 1555 /* 1556 * FIXME: 1003.1g - if the socket is like this because 1557 * it has become closed (not started closed) and is VC 1558 * we ought to SIGPIPE, EPIPE 1559 */ 1560 if (sk->sk_state != TCP_ESTABLISHED) { 1561 err = -ENOTCONN; 1562 goto out; 1563 } 1564 sax.sax25_family = AF_AX25; 1565 sax.sax25_call = ax25->dest_addr; 1566 dp = ax25->digipeat; 1567 } 1568 1569 /* Build a packet */ 1570 /* Assume the worst case */ 1571 size = len + ax25->ax25_dev->dev->hard_header_len; 1572 1573 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1574 if (skb == NULL) 1575 goto out; 1576 1577 skb_reserve(skb, size - len); 1578 1579 /* User data follows immediately after the AX.25 data */ 1580 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1581 err = -EFAULT; 1582 kfree_skb(skb); 1583 goto out; 1584 } 1585 1586 skb_reset_network_header(skb); 1587 1588 /* Add the PID if one is not supplied by the user in the skb */ 1589 if (!ax25->pidincl) 1590 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1591 1592 if (sk->sk_type == SOCK_SEQPACKET) { 1593 /* Connected mode sockets go via the LAPB machine */ 1594 if (sk->sk_state != TCP_ESTABLISHED) { 1595 kfree_skb(skb); 1596 err = -ENOTCONN; 1597 goto out; 1598 } 1599 1600 /* Shove it onto the queue and kick */ 1601 ax25_output(ax25, ax25->paclen, skb); 1602 1603 err = len; 1604 goto out; 1605 } 1606 1607 skb_push(skb, 1 + ax25_addr_size(dp)); 1608 1609 /* Building AX.25 Header */ 1610 1611 /* Build an AX.25 header */ 1612 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1613 dp, AX25_COMMAND, AX25_MODULUS); 1614 1615 skb_set_transport_header(skb, lv); 1616 1617 *skb_transport_header(skb) = AX25_UI; 1618 1619 /* Datagram frames go straight out of the door as UI */ 1620 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1621 1622 err = len; 1623 1624 out: 1625 release_sock(sk); 1626 1627 return err; 1628 } 1629 1630 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1631 int flags) 1632 { 1633 struct sock *sk = sock->sk; 1634 struct sk_buff *skb; 1635 int copied; 1636 int err = 0; 1637 1638 lock_sock(sk); 1639 /* 1640 * This works for seqpacket too. The receiver has ordered the 1641 * queue for us! We do one quick check first though 1642 */ 1643 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1644 err = -ENOTCONN; 1645 goto out; 1646 } 1647 1648 /* Now we can treat all alike */ 1649 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1650 flags & MSG_DONTWAIT, &err); 1651 if (skb == NULL) 1652 goto out; 1653 1654 if (!sk_to_ax25(sk)->pidincl) 1655 skb_pull(skb, 1); /* Remove PID */ 1656 1657 skb_reset_transport_header(skb); 1658 copied = skb->len; 1659 1660 if (copied > size) { 1661 copied = size; 1662 msg->msg_flags |= MSG_TRUNC; 1663 } 1664 1665 skb_copy_datagram_msg(skb, 0, msg, copied); 1666 1667 if (msg->msg_name) { 1668 ax25_digi digi; 1669 ax25_address src; 1670 const unsigned char *mac = skb_mac_header(skb); 1671 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1672 1673 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1674 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1675 &digi, NULL, NULL); 1676 sax->sax25_family = AF_AX25; 1677 /* We set this correctly, even though we may not let the 1678 application know the digi calls further down (because it 1679 did NOT ask to know them). This could get political... **/ 1680 sax->sax25_ndigis = digi.ndigi; 1681 sax->sax25_call = src; 1682 1683 if (sax->sax25_ndigis != 0) { 1684 int ct; 1685 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1686 1687 for (ct = 0; ct < digi.ndigi; ct++) 1688 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1689 } 1690 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1691 } 1692 1693 skb_free_datagram(sk, skb); 1694 err = copied; 1695 1696 out: 1697 release_sock(sk); 1698 1699 return err; 1700 } 1701 1702 static int ax25_shutdown(struct socket *sk, int how) 1703 { 1704 /* FIXME - generate DM and RNR states */ 1705 return -EOPNOTSUPP; 1706 } 1707 1708 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1709 { 1710 struct sock *sk = sock->sk; 1711 void __user *argp = (void __user *)arg; 1712 int res = 0; 1713 1714 lock_sock(sk); 1715 switch (cmd) { 1716 case TIOCOUTQ: { 1717 long amount; 1718 1719 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1720 if (amount < 0) 1721 amount = 0; 1722 res = put_user(amount, (int __user *)argp); 1723 break; 1724 } 1725 1726 case TIOCINQ: { 1727 struct sk_buff *skb; 1728 long amount = 0L; 1729 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1730 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1731 amount = skb->len; 1732 res = put_user(amount, (int __user *) argp); 1733 break; 1734 } 1735 1736 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1737 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1738 case SIOCAX25GETUID: { 1739 struct sockaddr_ax25 sax25; 1740 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1741 res = -EFAULT; 1742 break; 1743 } 1744 res = ax25_uid_ioctl(cmd, &sax25); 1745 break; 1746 } 1747 1748 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1749 long amount; 1750 if (!capable(CAP_NET_ADMIN)) { 1751 res = -EPERM; 1752 break; 1753 } 1754 if (get_user(amount, (long __user *)argp)) { 1755 res = -EFAULT; 1756 break; 1757 } 1758 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1759 res = -EINVAL; 1760 break; 1761 } 1762 ax25_uid_policy = amount; 1763 res = 0; 1764 break; 1765 } 1766 1767 case SIOCADDRT: 1768 case SIOCDELRT: 1769 case SIOCAX25OPTRT: 1770 if (!capable(CAP_NET_ADMIN)) { 1771 res = -EPERM; 1772 break; 1773 } 1774 res = ax25_rt_ioctl(cmd, argp); 1775 break; 1776 1777 case SIOCAX25CTLCON: 1778 if (!capable(CAP_NET_ADMIN)) { 1779 res = -EPERM; 1780 break; 1781 } 1782 res = ax25_ctl_ioctl(cmd, argp); 1783 break; 1784 1785 case SIOCAX25GETINFO: 1786 case SIOCAX25GETINFOOLD: { 1787 ax25_cb *ax25 = sk_to_ax25(sk); 1788 struct ax25_info_struct ax25_info; 1789 1790 ax25_info.t1 = ax25->t1 / HZ; 1791 ax25_info.t2 = ax25->t2 / HZ; 1792 ax25_info.t3 = ax25->t3 / HZ; 1793 ax25_info.idle = ax25->idle / (60 * HZ); 1794 ax25_info.n2 = ax25->n2; 1795 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1796 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1797 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1798 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1799 ax25_info.n2count = ax25->n2count; 1800 ax25_info.state = ax25->state; 1801 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1802 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1803 ax25_info.vs = ax25->vs; 1804 ax25_info.vr = ax25->vr; 1805 ax25_info.va = ax25->va; 1806 ax25_info.vs_max = ax25->vs; /* reserved */ 1807 ax25_info.paclen = ax25->paclen; 1808 ax25_info.window = ax25->window; 1809 1810 /* old structure? */ 1811 if (cmd == SIOCAX25GETINFOOLD) { 1812 static int warned = 0; 1813 if (!warned) { 1814 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1815 current->comm); 1816 warned=1; 1817 } 1818 1819 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1820 res = -EFAULT; 1821 break; 1822 } 1823 } else { 1824 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1825 res = -EINVAL; 1826 break; 1827 } 1828 } 1829 res = 0; 1830 break; 1831 } 1832 1833 case SIOCAX25ADDFWD: 1834 case SIOCAX25DELFWD: { 1835 struct ax25_fwd_struct ax25_fwd; 1836 if (!capable(CAP_NET_ADMIN)) { 1837 res = -EPERM; 1838 break; 1839 } 1840 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1841 res = -EFAULT; 1842 break; 1843 } 1844 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1845 break; 1846 } 1847 1848 case SIOCGIFADDR: 1849 case SIOCSIFADDR: 1850 case SIOCGIFDSTADDR: 1851 case SIOCSIFDSTADDR: 1852 case SIOCGIFBRDADDR: 1853 case SIOCSIFBRDADDR: 1854 case SIOCGIFNETMASK: 1855 case SIOCSIFNETMASK: 1856 case SIOCGIFMETRIC: 1857 case SIOCSIFMETRIC: 1858 res = -EINVAL; 1859 break; 1860 1861 default: 1862 res = -ENOIOCTLCMD; 1863 break; 1864 } 1865 release_sock(sk); 1866 1867 return res; 1868 } 1869 1870 #ifdef CONFIG_PROC_FS 1871 1872 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1873 __acquires(ax25_list_lock) 1874 { 1875 spin_lock_bh(&ax25_list_lock); 1876 return seq_hlist_start(&ax25_list, *pos); 1877 } 1878 1879 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1880 { 1881 return seq_hlist_next(v, &ax25_list, pos); 1882 } 1883 1884 static void ax25_info_stop(struct seq_file *seq, void *v) 1885 __releases(ax25_list_lock) 1886 { 1887 spin_unlock_bh(&ax25_list_lock); 1888 } 1889 1890 static int ax25_info_show(struct seq_file *seq, void *v) 1891 { 1892 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1893 char buf[11]; 1894 int k; 1895 1896 1897 /* 1898 * New format: 1899 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1900 */ 1901 1902 seq_printf(seq, "%p %s %s%s ", 1903 ax25, 1904 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1905 ax2asc(buf, &ax25->source_addr), 1906 ax25->iamdigi? "*":""); 1907 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1908 1909 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1910 seq_printf(seq, ",%s%s", 1911 ax2asc(buf, &ax25->digipeat->calls[k]), 1912 ax25->digipeat->repeated[k]? "*":""); 1913 } 1914 1915 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1916 ax25->state, 1917 ax25->vs, ax25->vr, ax25->va, 1918 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1919 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1920 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1921 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1922 ax25->idle / (60 * HZ), 1923 ax25->n2count, ax25->n2, 1924 ax25->rtt / HZ, 1925 ax25->window, 1926 ax25->paclen); 1927 1928 if (ax25->sk != NULL) { 1929 seq_printf(seq, " %d %d %lu\n", 1930 sk_wmem_alloc_get(ax25->sk), 1931 sk_rmem_alloc_get(ax25->sk), 1932 sock_i_ino(ax25->sk)); 1933 } else { 1934 seq_puts(seq, " * * *\n"); 1935 } 1936 return 0; 1937 } 1938 1939 static const struct seq_operations ax25_info_seqops = { 1940 .start = ax25_info_start, 1941 .next = ax25_info_next, 1942 .stop = ax25_info_stop, 1943 .show = ax25_info_show, 1944 }; 1945 #endif 1946 1947 static const struct net_proto_family ax25_family_ops = { 1948 .family = PF_AX25, 1949 .create = ax25_create, 1950 .owner = THIS_MODULE, 1951 }; 1952 1953 static const struct proto_ops ax25_proto_ops = { 1954 .family = PF_AX25, 1955 .owner = THIS_MODULE, 1956 .release = ax25_release, 1957 .bind = ax25_bind, 1958 .connect = ax25_connect, 1959 .socketpair = sock_no_socketpair, 1960 .accept = ax25_accept, 1961 .getname = ax25_getname, 1962 .poll = datagram_poll, 1963 .ioctl = ax25_ioctl, 1964 .gettstamp = sock_gettstamp, 1965 .listen = ax25_listen, 1966 .shutdown = ax25_shutdown, 1967 .setsockopt = ax25_setsockopt, 1968 .getsockopt = ax25_getsockopt, 1969 .sendmsg = ax25_sendmsg, 1970 .recvmsg = ax25_recvmsg, 1971 .mmap = sock_no_mmap, 1972 .sendpage = sock_no_sendpage, 1973 }; 1974 1975 /* 1976 * Called by socket.c on kernel start up 1977 */ 1978 static struct packet_type ax25_packet_type __read_mostly = { 1979 .type = cpu_to_be16(ETH_P_AX25), 1980 .func = ax25_kiss_rcv, 1981 }; 1982 1983 static struct notifier_block ax25_dev_notifier = { 1984 .notifier_call = ax25_device_event, 1985 }; 1986 1987 static int __init ax25_init(void) 1988 { 1989 int rc = proto_register(&ax25_proto, 0); 1990 1991 if (rc != 0) 1992 goto out; 1993 1994 sock_register(&ax25_family_ops); 1995 dev_add_pack(&ax25_packet_type); 1996 register_netdevice_notifier(&ax25_dev_notifier); 1997 1998 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 1999 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 2000 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 2001 &ax25_uid_seqops); 2002 out: 2003 return rc; 2004 } 2005 module_init(ax25_init); 2006 2007 2008 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2009 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2010 MODULE_LICENSE("GPL"); 2011 MODULE_ALIAS_NETPROTO(PF_AX25); 2012 2013 static void __exit ax25_exit(void) 2014 { 2015 remove_proc_entry("ax25_route", init_net.proc_net); 2016 remove_proc_entry("ax25", init_net.proc_net); 2017 remove_proc_entry("ax25_calls", init_net.proc_net); 2018 2019 unregister_netdevice_notifier(&ax25_dev_notifier); 2020 2021 dev_remove_pack(&ax25_packet_type); 2022 2023 sock_unregister(PF_AX25); 2024 proto_unregister(&ax25_proto); 2025 2026 ax25_rt_free(); 2027 ax25_uid_free(); 2028 ax25_dev_free(); 2029 } 2030 module_exit(ax25_exit); 2031