1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 spin_lock_bh(&ax25_list_lock); 66 if (!hlist_unhashed(&ax25->ax25_node)) { 67 hlist_del_init(&ax25->ax25_node); 68 ax25_cb_put(ax25); 69 } 70 spin_unlock_bh(&ax25_list_lock); 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 struct sock *sk; 81 82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 83 return; 84 ax25_dev->device_up = false; 85 86 spin_lock_bh(&ax25_list_lock); 87 again: 88 ax25_for_each(s, &ax25_list) { 89 if (s->ax25_dev == ax25_dev) { 90 sk = s->sk; 91 if (!sk) { 92 spin_unlock_bh(&ax25_list_lock); 93 ax25_disconnect(s, ENETUNREACH); 94 s->ax25_dev = NULL; 95 ax25_cb_del(s); 96 spin_lock_bh(&ax25_list_lock); 97 goto again; 98 } 99 sock_hold(sk); 100 spin_unlock_bh(&ax25_list_lock); 101 lock_sock(sk); 102 ax25_disconnect(s, ENETUNREACH); 103 s->ax25_dev = NULL; 104 if (sk->sk_socket) { 105 dev_put_track(ax25_dev->dev, &ax25_dev->dev_tracker); 106 ax25_dev_put(ax25_dev); 107 } 108 ax25_cb_del(s); 109 release_sock(sk); 110 spin_lock_bh(&ax25_list_lock); 111 sock_put(sk); 112 /* The entry could have been deleted from the 113 * list meanwhile and thus the next pointer is 114 * no longer valid. Play it safe and restart 115 * the scan. Forward progress is ensured 116 * because we set s->ax25_dev to NULL and we 117 * are never passed a NULL 'dev' argument. 118 */ 119 goto again; 120 } 121 } 122 spin_unlock_bh(&ax25_list_lock); 123 } 124 125 /* 126 * Handle device status changes. 127 */ 128 static int ax25_device_event(struct notifier_block *this, unsigned long event, 129 void *ptr) 130 { 131 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 132 133 if (!net_eq(dev_net(dev), &init_net)) 134 return NOTIFY_DONE; 135 136 /* Reject non AX.25 devices */ 137 if (dev->type != ARPHRD_AX25) 138 return NOTIFY_DONE; 139 140 switch (event) { 141 case NETDEV_UP: 142 ax25_dev_device_up(dev); 143 break; 144 case NETDEV_DOWN: 145 ax25_kill_by_device(dev); 146 ax25_rt_device_down(dev); 147 ax25_dev_device_down(dev); 148 break; 149 default: 150 break; 151 } 152 153 return NOTIFY_DONE; 154 } 155 156 /* 157 * Add a socket to the bound sockets list. 158 */ 159 void ax25_cb_add(ax25_cb *ax25) 160 { 161 spin_lock_bh(&ax25_list_lock); 162 ax25_cb_hold(ax25); 163 hlist_add_head(&ax25->ax25_node, &ax25_list); 164 spin_unlock_bh(&ax25_list_lock); 165 } 166 167 /* 168 * Find a socket that wants to accept the SABM we have just 169 * received. 170 */ 171 struct sock *ax25_find_listener(ax25_address *addr, int digi, 172 struct net_device *dev, int type) 173 { 174 ax25_cb *s; 175 176 spin_lock(&ax25_list_lock); 177 ax25_for_each(s, &ax25_list) { 178 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 179 continue; 180 if (s->sk && !ax25cmp(&s->source_addr, addr) && 181 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 182 /* If device is null we match any device */ 183 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 184 sock_hold(s->sk); 185 spin_unlock(&ax25_list_lock); 186 return s->sk; 187 } 188 } 189 } 190 spin_unlock(&ax25_list_lock); 191 192 return NULL; 193 } 194 195 /* 196 * Find an AX.25 socket given both ends. 197 */ 198 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 199 int type) 200 { 201 struct sock *sk = NULL; 202 ax25_cb *s; 203 204 spin_lock(&ax25_list_lock); 205 ax25_for_each(s, &ax25_list) { 206 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 207 !ax25cmp(&s->dest_addr, dest_addr) && 208 s->sk->sk_type == type) { 209 sk = s->sk; 210 sock_hold(sk); 211 break; 212 } 213 } 214 215 spin_unlock(&ax25_list_lock); 216 217 return sk; 218 } 219 220 /* 221 * Find an AX.25 control block given both ends. It will only pick up 222 * floating AX.25 control blocks or non Raw socket bound control blocks. 223 */ 224 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr, 225 ax25_digi *digi, struct net_device *dev) 226 { 227 ax25_cb *s; 228 229 spin_lock_bh(&ax25_list_lock); 230 ax25_for_each(s, &ax25_list) { 231 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 232 continue; 233 if (s->ax25_dev == NULL) 234 continue; 235 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 236 if (digi != NULL && digi->ndigi != 0) { 237 if (s->digipeat == NULL) 238 continue; 239 if (ax25digicmp(s->digipeat, digi) != 0) 240 continue; 241 } else { 242 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 243 continue; 244 } 245 ax25_cb_hold(s); 246 spin_unlock_bh(&ax25_list_lock); 247 248 return s; 249 } 250 } 251 spin_unlock_bh(&ax25_list_lock); 252 253 return NULL; 254 } 255 256 EXPORT_SYMBOL(ax25_find_cb); 257 258 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 259 { 260 ax25_cb *s; 261 struct sk_buff *copy; 262 263 spin_lock(&ax25_list_lock); 264 ax25_for_each(s, &ax25_list) { 265 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 266 s->sk->sk_type == SOCK_RAW && 267 s->sk->sk_protocol == proto && 268 s->ax25_dev->dev == skb->dev && 269 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 270 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 271 continue; 272 if (sock_queue_rcv_skb(s->sk, copy) != 0) 273 kfree_skb(copy); 274 } 275 } 276 spin_unlock(&ax25_list_lock); 277 } 278 279 /* 280 * Deferred destroy. 281 */ 282 void ax25_destroy_socket(ax25_cb *); 283 284 /* 285 * Handler for deferred kills. 286 */ 287 static void ax25_destroy_timer(struct timer_list *t) 288 { 289 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 290 struct sock *sk; 291 292 sk=ax25->sk; 293 294 bh_lock_sock(sk); 295 sock_hold(sk); 296 ax25_destroy_socket(ax25); 297 bh_unlock_sock(sk); 298 sock_put(sk); 299 } 300 301 /* 302 * This is called from user mode and the timers. Thus it protects itself 303 * against interrupt users but doesn't worry about being called during 304 * work. Once it is removed from the queue no interrupt or bottom half 305 * will touch it and we are (fairly 8-) ) safe. 306 */ 307 void ax25_destroy_socket(ax25_cb *ax25) 308 { 309 struct sk_buff *skb; 310 311 ax25_cb_del(ax25); 312 313 ax25_stop_heartbeat(ax25); 314 ax25_stop_t1timer(ax25); 315 ax25_stop_t2timer(ax25); 316 ax25_stop_t3timer(ax25); 317 ax25_stop_idletimer(ax25); 318 319 ax25_clear_queues(ax25); /* Flush the queues */ 320 321 if (ax25->sk != NULL) { 322 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 323 if (skb->sk != ax25->sk) { 324 /* A pending connection */ 325 ax25_cb *sax25 = sk_to_ax25(skb->sk); 326 327 /* Queue the unaccepted socket for death */ 328 sock_orphan(skb->sk); 329 330 /* 9A4GL: hack to release unaccepted sockets */ 331 skb->sk->sk_state = TCP_LISTEN; 332 333 ax25_start_heartbeat(sax25); 334 sax25->state = AX25_STATE_0; 335 } 336 337 kfree_skb(skb); 338 } 339 skb_queue_purge(&ax25->sk->sk_write_queue); 340 } 341 342 if (ax25->sk != NULL) { 343 if (sk_has_allocations(ax25->sk)) { 344 /* Defer: outstanding buffers */ 345 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 346 ax25->dtimer.expires = jiffies + 2 * HZ; 347 add_timer(&ax25->dtimer); 348 } else { 349 struct sock *sk=ax25->sk; 350 ax25->sk=NULL; 351 sock_put(sk); 352 } 353 } else { 354 ax25_cb_put(ax25); 355 } 356 } 357 358 /* 359 * dl1bke 960311: set parameters for existing AX.25 connections, 360 * includes a KILL command to abort any connection. 361 * VERY useful for debugging ;-) 362 */ 363 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 364 { 365 struct ax25_ctl_struct ax25_ctl; 366 ax25_digi digi; 367 ax25_dev *ax25_dev; 368 ax25_cb *ax25; 369 unsigned int k; 370 int ret = 0; 371 372 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 373 return -EFAULT; 374 375 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 376 return -EINVAL; 377 378 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 379 return -EINVAL; 380 381 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr); 382 if (!ax25_dev) 383 return -ENODEV; 384 385 digi.ndigi = ax25_ctl.digi_count; 386 for (k = 0; k < digi.ndigi; k++) 387 digi.calls[k] = ax25_ctl.digi_addr[k]; 388 389 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev); 390 if (!ax25) { 391 ax25_dev_put(ax25_dev); 392 return -ENOTCONN; 393 } 394 395 switch (ax25_ctl.cmd) { 396 case AX25_KILL: 397 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 398 #ifdef CONFIG_AX25_DAMA_SLAVE 399 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 400 ax25_dama_off(ax25); 401 #endif 402 ax25_disconnect(ax25, ENETRESET); 403 break; 404 405 case AX25_WINDOW: 406 if (ax25->modulus == AX25_MODULUS) { 407 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 408 goto einval_put; 409 } else { 410 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 411 goto einval_put; 412 } 413 ax25->window = ax25_ctl.arg; 414 break; 415 416 case AX25_T1: 417 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 418 goto einval_put; 419 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 420 ax25->t1 = ax25_ctl.arg * HZ; 421 break; 422 423 case AX25_T2: 424 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 425 goto einval_put; 426 ax25->t2 = ax25_ctl.arg * HZ; 427 break; 428 429 case AX25_N2: 430 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 431 goto einval_put; 432 ax25->n2count = 0; 433 ax25->n2 = ax25_ctl.arg; 434 break; 435 436 case AX25_T3: 437 if (ax25_ctl.arg > ULONG_MAX / HZ) 438 goto einval_put; 439 ax25->t3 = ax25_ctl.arg * HZ; 440 break; 441 442 case AX25_IDLE: 443 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 444 goto einval_put; 445 446 ax25->idle = ax25_ctl.arg * 60 * HZ; 447 break; 448 449 case AX25_PACLEN: 450 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 451 goto einval_put; 452 ax25->paclen = ax25_ctl.arg; 453 break; 454 455 default: 456 goto einval_put; 457 } 458 459 out_put: 460 ax25_dev_put(ax25_dev); 461 ax25_cb_put(ax25); 462 return ret; 463 464 einval_put: 465 ret = -EINVAL; 466 goto out_put; 467 } 468 469 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev) 470 { 471 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 472 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 473 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 474 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 475 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 476 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 477 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 478 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 479 480 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 481 ax25->modulus = AX25_EMODULUS; 482 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 483 } else { 484 ax25->modulus = AX25_MODULUS; 485 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 486 } 487 } 488 489 /* 490 * Fill in a created AX.25 created control block with the default 491 * values for a particular device. 492 */ 493 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 494 { 495 ax25->ax25_dev = ax25_dev; 496 497 if (ax25->ax25_dev != NULL) { 498 ax25_fillin_cb_from_dev(ax25, ax25_dev); 499 return; 500 } 501 502 /* 503 * No device, use kernel / AX.25 spec default values 504 */ 505 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 506 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 507 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 508 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 509 ax25->n2 = AX25_DEF_N2; 510 ax25->paclen = AX25_DEF_PACLEN; 511 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 512 ax25->backoff = AX25_DEF_BACKOFF; 513 514 if (AX25_DEF_AXDEFMODE) { 515 ax25->modulus = AX25_EMODULUS; 516 ax25->window = AX25_DEF_EWINDOW; 517 } else { 518 ax25->modulus = AX25_MODULUS; 519 ax25->window = AX25_DEF_WINDOW; 520 } 521 } 522 523 /* 524 * Create an empty AX.25 control block. 525 */ 526 ax25_cb *ax25_create_cb(void) 527 { 528 ax25_cb *ax25; 529 530 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 531 return NULL; 532 533 refcount_set(&ax25->refcount, 1); 534 535 skb_queue_head_init(&ax25->write_queue); 536 skb_queue_head_init(&ax25->frag_queue); 537 skb_queue_head_init(&ax25->ack_queue); 538 skb_queue_head_init(&ax25->reseq_queue); 539 540 ax25_setup_timers(ax25); 541 542 ax25_fillin_cb(ax25, NULL); 543 544 ax25->state = AX25_STATE_0; 545 546 return ax25; 547 } 548 549 /* 550 * Handling for system calls applied via the various interfaces to an 551 * AX25 socket object 552 */ 553 554 static int ax25_setsockopt(struct socket *sock, int level, int optname, 555 sockptr_t optval, unsigned int optlen) 556 { 557 struct sock *sk = sock->sk; 558 ax25_cb *ax25; 559 struct net_device *dev; 560 char devname[IFNAMSIZ]; 561 unsigned int opt; 562 int res = 0; 563 564 if (level != SOL_AX25) 565 return -ENOPROTOOPT; 566 567 if (optlen < sizeof(unsigned int)) 568 return -EINVAL; 569 570 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 571 return -EFAULT; 572 573 lock_sock(sk); 574 ax25 = sk_to_ax25(sk); 575 576 switch (optname) { 577 case AX25_WINDOW: 578 if (ax25->modulus == AX25_MODULUS) { 579 if (opt < 1 || opt > 7) { 580 res = -EINVAL; 581 break; 582 } 583 } else { 584 if (opt < 1 || opt > 63) { 585 res = -EINVAL; 586 break; 587 } 588 } 589 ax25->window = opt; 590 break; 591 592 case AX25_T1: 593 if (opt < 1 || opt > UINT_MAX / HZ) { 594 res = -EINVAL; 595 break; 596 } 597 ax25->rtt = (opt * HZ) >> 1; 598 ax25->t1 = opt * HZ; 599 break; 600 601 case AX25_T2: 602 if (opt < 1 || opt > UINT_MAX / HZ) { 603 res = -EINVAL; 604 break; 605 } 606 ax25->t2 = opt * HZ; 607 break; 608 609 case AX25_N2: 610 if (opt < 1 || opt > 31) { 611 res = -EINVAL; 612 break; 613 } 614 ax25->n2 = opt; 615 break; 616 617 case AX25_T3: 618 if (opt < 1 || opt > UINT_MAX / HZ) { 619 res = -EINVAL; 620 break; 621 } 622 ax25->t3 = opt * HZ; 623 break; 624 625 case AX25_IDLE: 626 if (opt > UINT_MAX / (60 * HZ)) { 627 res = -EINVAL; 628 break; 629 } 630 ax25->idle = opt * 60 * HZ; 631 break; 632 633 case AX25_BACKOFF: 634 if (opt > 2) { 635 res = -EINVAL; 636 break; 637 } 638 ax25->backoff = opt; 639 break; 640 641 case AX25_EXTSEQ: 642 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 643 break; 644 645 case AX25_PIDINCL: 646 ax25->pidincl = opt ? 1 : 0; 647 break; 648 649 case AX25_IAMDIGI: 650 ax25->iamdigi = opt ? 1 : 0; 651 break; 652 653 case AX25_PACLEN: 654 if (opt < 16 || opt > 65535) { 655 res = -EINVAL; 656 break; 657 } 658 ax25->paclen = opt; 659 break; 660 661 case SO_BINDTODEVICE: 662 if (optlen > IFNAMSIZ - 1) 663 optlen = IFNAMSIZ - 1; 664 665 memset(devname, 0, sizeof(devname)); 666 667 if (copy_from_sockptr(devname, optval, optlen)) { 668 res = -EFAULT; 669 break; 670 } 671 672 if (sk->sk_type == SOCK_SEQPACKET && 673 (sock->state != SS_UNCONNECTED || 674 sk->sk_state == TCP_LISTEN)) { 675 res = -EADDRNOTAVAIL; 676 break; 677 } 678 679 rtnl_lock(); 680 dev = __dev_get_by_name(&init_net, devname); 681 if (!dev) { 682 rtnl_unlock(); 683 res = -ENODEV; 684 break; 685 } 686 687 ax25->ax25_dev = ax25_dev_ax25dev(dev); 688 if (!ax25->ax25_dev) { 689 rtnl_unlock(); 690 res = -ENODEV; 691 break; 692 } 693 ax25_fillin_cb(ax25, ax25->ax25_dev); 694 rtnl_unlock(); 695 break; 696 697 default: 698 res = -ENOPROTOOPT; 699 } 700 release_sock(sk); 701 702 return res; 703 } 704 705 static int ax25_getsockopt(struct socket *sock, int level, int optname, 706 char __user *optval, int __user *optlen) 707 { 708 struct sock *sk = sock->sk; 709 ax25_cb *ax25; 710 struct ax25_dev *ax25_dev; 711 char devname[IFNAMSIZ]; 712 void *valptr; 713 int val = 0; 714 int maxlen, length; 715 716 if (level != SOL_AX25) 717 return -ENOPROTOOPT; 718 719 if (get_user(maxlen, optlen)) 720 return -EFAULT; 721 722 if (maxlen < 1) 723 return -EFAULT; 724 725 valptr = (void *) &val; 726 length = min_t(unsigned int, maxlen, sizeof(int)); 727 728 lock_sock(sk); 729 ax25 = sk_to_ax25(sk); 730 731 switch (optname) { 732 case AX25_WINDOW: 733 val = ax25->window; 734 break; 735 736 case AX25_T1: 737 val = ax25->t1 / HZ; 738 break; 739 740 case AX25_T2: 741 val = ax25->t2 / HZ; 742 break; 743 744 case AX25_N2: 745 val = ax25->n2; 746 break; 747 748 case AX25_T3: 749 val = ax25->t3 / HZ; 750 break; 751 752 case AX25_IDLE: 753 val = ax25->idle / (60 * HZ); 754 break; 755 756 case AX25_BACKOFF: 757 val = ax25->backoff; 758 break; 759 760 case AX25_EXTSEQ: 761 val = (ax25->modulus == AX25_EMODULUS); 762 break; 763 764 case AX25_PIDINCL: 765 val = ax25->pidincl; 766 break; 767 768 case AX25_IAMDIGI: 769 val = ax25->iamdigi; 770 break; 771 772 case AX25_PACLEN: 773 val = ax25->paclen; 774 break; 775 776 case SO_BINDTODEVICE: 777 ax25_dev = ax25->ax25_dev; 778 779 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 780 strlcpy(devname, ax25_dev->dev->name, sizeof(devname)); 781 length = strlen(devname) + 1; 782 } else { 783 *devname = '\0'; 784 length = 1; 785 } 786 787 valptr = (void *) devname; 788 break; 789 790 default: 791 release_sock(sk); 792 return -ENOPROTOOPT; 793 } 794 release_sock(sk); 795 796 if (put_user(length, optlen)) 797 return -EFAULT; 798 799 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 800 } 801 802 static int ax25_listen(struct socket *sock, int backlog) 803 { 804 struct sock *sk = sock->sk; 805 int res = 0; 806 807 lock_sock(sk); 808 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 809 sk->sk_max_ack_backlog = backlog; 810 sk->sk_state = TCP_LISTEN; 811 goto out; 812 } 813 res = -EOPNOTSUPP; 814 815 out: 816 release_sock(sk); 817 818 return res; 819 } 820 821 /* 822 * XXX: when creating ax25_sock we should update the .obj_size setting 823 * below. 824 */ 825 static struct proto ax25_proto = { 826 .name = "AX25", 827 .owner = THIS_MODULE, 828 .obj_size = sizeof(struct ax25_sock), 829 }; 830 831 static int ax25_create(struct net *net, struct socket *sock, int protocol, 832 int kern) 833 { 834 struct sock *sk; 835 ax25_cb *ax25; 836 837 if (protocol < 0 || protocol > U8_MAX) 838 return -EINVAL; 839 840 if (!net_eq(net, &init_net)) 841 return -EAFNOSUPPORT; 842 843 switch (sock->type) { 844 case SOCK_DGRAM: 845 if (protocol == 0 || protocol == PF_AX25) 846 protocol = AX25_P_TEXT; 847 break; 848 849 case SOCK_SEQPACKET: 850 switch (protocol) { 851 case 0: 852 case PF_AX25: /* For CLX */ 853 protocol = AX25_P_TEXT; 854 break; 855 case AX25_P_SEGMENT: 856 #ifdef CONFIG_INET 857 case AX25_P_ARP: 858 case AX25_P_IP: 859 #endif 860 #ifdef CONFIG_NETROM 861 case AX25_P_NETROM: 862 #endif 863 #ifdef CONFIG_ROSE 864 case AX25_P_ROSE: 865 #endif 866 return -ESOCKTNOSUPPORT; 867 #ifdef CONFIG_NETROM_MODULE 868 case AX25_P_NETROM: 869 if (ax25_protocol_is_registered(AX25_P_NETROM)) 870 return -ESOCKTNOSUPPORT; 871 break; 872 #endif 873 #ifdef CONFIG_ROSE_MODULE 874 case AX25_P_ROSE: 875 if (ax25_protocol_is_registered(AX25_P_ROSE)) 876 return -ESOCKTNOSUPPORT; 877 break; 878 #endif 879 default: 880 break; 881 } 882 break; 883 884 case SOCK_RAW: 885 if (!capable(CAP_NET_RAW)) 886 return -EPERM; 887 break; 888 default: 889 return -ESOCKTNOSUPPORT; 890 } 891 892 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 893 if (sk == NULL) 894 return -ENOMEM; 895 896 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 897 if (!ax25) { 898 sk_free(sk); 899 return -ENOMEM; 900 } 901 902 sock_init_data(sock, sk); 903 904 sk->sk_destruct = ax25_free_sock; 905 sock->ops = &ax25_proto_ops; 906 sk->sk_protocol = protocol; 907 908 ax25->sk = sk; 909 910 return 0; 911 } 912 913 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 914 { 915 struct sock *sk; 916 ax25_cb *ax25, *oax25; 917 918 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 919 if (sk == NULL) 920 return NULL; 921 922 if ((ax25 = ax25_create_cb()) == NULL) { 923 sk_free(sk); 924 return NULL; 925 } 926 927 switch (osk->sk_type) { 928 case SOCK_DGRAM: 929 break; 930 case SOCK_SEQPACKET: 931 break; 932 default: 933 sk_free(sk); 934 ax25_cb_put(ax25); 935 return NULL; 936 } 937 938 sock_init_data(NULL, sk); 939 940 sk->sk_type = osk->sk_type; 941 sk->sk_priority = osk->sk_priority; 942 sk->sk_protocol = osk->sk_protocol; 943 sk->sk_rcvbuf = osk->sk_rcvbuf; 944 sk->sk_sndbuf = osk->sk_sndbuf; 945 sk->sk_state = TCP_ESTABLISHED; 946 sock_copy_flags(sk, osk); 947 948 oax25 = sk_to_ax25(osk); 949 950 ax25->modulus = oax25->modulus; 951 ax25->backoff = oax25->backoff; 952 ax25->pidincl = oax25->pidincl; 953 ax25->iamdigi = oax25->iamdigi; 954 ax25->rtt = oax25->rtt; 955 ax25->t1 = oax25->t1; 956 ax25->t2 = oax25->t2; 957 ax25->t3 = oax25->t3; 958 ax25->n2 = oax25->n2; 959 ax25->idle = oax25->idle; 960 ax25->paclen = oax25->paclen; 961 ax25->window = oax25->window; 962 963 ax25->ax25_dev = ax25_dev; 964 ax25->source_addr = oax25->source_addr; 965 966 if (oax25->digipeat != NULL) { 967 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 968 GFP_ATOMIC); 969 if (ax25->digipeat == NULL) { 970 sk_free(sk); 971 ax25_cb_put(ax25); 972 return NULL; 973 } 974 } 975 976 ax25_sk(sk)->cb = ax25; 977 sk->sk_destruct = ax25_free_sock; 978 ax25->sk = sk; 979 980 return sk; 981 } 982 983 static int ax25_release(struct socket *sock) 984 { 985 struct sock *sk = sock->sk; 986 ax25_cb *ax25; 987 ax25_dev *ax25_dev; 988 989 if (sk == NULL) 990 return 0; 991 992 sock_hold(sk); 993 lock_sock(sk); 994 sock_orphan(sk); 995 ax25 = sk_to_ax25(sk); 996 ax25_dev = ax25->ax25_dev; 997 998 if (sk->sk_type == SOCK_SEQPACKET) { 999 switch (ax25->state) { 1000 case AX25_STATE_0: 1001 if (!sock_flag(ax25->sk, SOCK_DEAD)) { 1002 release_sock(sk); 1003 ax25_disconnect(ax25, 0); 1004 lock_sock(sk); 1005 } 1006 ax25_destroy_socket(ax25); 1007 break; 1008 1009 case AX25_STATE_1: 1010 case AX25_STATE_2: 1011 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 1012 release_sock(sk); 1013 ax25_disconnect(ax25, 0); 1014 lock_sock(sk); 1015 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 1016 ax25_destroy_socket(ax25); 1017 break; 1018 1019 case AX25_STATE_3: 1020 case AX25_STATE_4: 1021 ax25_clear_queues(ax25); 1022 ax25->n2count = 0; 1023 1024 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1025 case AX25_PROTO_STD_SIMPLEX: 1026 case AX25_PROTO_STD_DUPLEX: 1027 ax25_send_control(ax25, 1028 AX25_DISC, 1029 AX25_POLLON, 1030 AX25_COMMAND); 1031 ax25_stop_t2timer(ax25); 1032 ax25_stop_t3timer(ax25); 1033 ax25_stop_idletimer(ax25); 1034 break; 1035 #ifdef CONFIG_AX25_DAMA_SLAVE 1036 case AX25_PROTO_DAMA_SLAVE: 1037 ax25_stop_t3timer(ax25); 1038 ax25_stop_idletimer(ax25); 1039 break; 1040 #endif 1041 } 1042 ax25_calculate_t1(ax25); 1043 ax25_start_t1timer(ax25); 1044 ax25->state = AX25_STATE_2; 1045 sk->sk_state = TCP_CLOSE; 1046 sk->sk_shutdown |= SEND_SHUTDOWN; 1047 sk->sk_state_change(sk); 1048 sock_set_flag(sk, SOCK_DESTROY); 1049 break; 1050 1051 default: 1052 break; 1053 } 1054 } else { 1055 sk->sk_state = TCP_CLOSE; 1056 sk->sk_shutdown |= SEND_SHUTDOWN; 1057 sk->sk_state_change(sk); 1058 ax25_destroy_socket(ax25); 1059 } 1060 if (ax25_dev) { 1061 if (!ax25_dev->device_up) { 1062 del_timer_sync(&ax25->timer); 1063 del_timer_sync(&ax25->t1timer); 1064 del_timer_sync(&ax25->t2timer); 1065 del_timer_sync(&ax25->t3timer); 1066 del_timer_sync(&ax25->idletimer); 1067 } 1068 dev_put_track(ax25_dev->dev, &ax25_dev->dev_tracker); 1069 ax25_dev_put(ax25_dev); 1070 } 1071 1072 sock->sk = NULL; 1073 release_sock(sk); 1074 sock_put(sk); 1075 1076 return 0; 1077 } 1078 1079 /* 1080 * We support a funny extension here so you can (as root) give any callsign 1081 * digipeated via a local address as source. This hack is obsolete now 1082 * that we've implemented support for SO_BINDTODEVICE. It is however small 1083 * and trivially backward compatible. 1084 */ 1085 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1086 { 1087 struct sock *sk = sock->sk; 1088 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1089 ax25_dev *ax25_dev = NULL; 1090 ax25_uid_assoc *user; 1091 ax25_address call; 1092 ax25_cb *ax25; 1093 int err = 0; 1094 1095 if (addr_len != sizeof(struct sockaddr_ax25) && 1096 addr_len != sizeof(struct full_sockaddr_ax25)) 1097 /* support for old structure may go away some time 1098 * ax25_bind(): uses old (6 digipeater) socket structure. 1099 */ 1100 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1101 (addr_len > sizeof(struct full_sockaddr_ax25))) 1102 return -EINVAL; 1103 1104 if (addr->fsa_ax25.sax25_family != AF_AX25) 1105 return -EINVAL; 1106 1107 user = ax25_findbyuid(current_euid()); 1108 if (user) { 1109 call = user->call; 1110 ax25_uid_put(user); 1111 } else { 1112 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1113 return -EACCES; 1114 1115 call = addr->fsa_ax25.sax25_call; 1116 } 1117 1118 lock_sock(sk); 1119 1120 ax25 = sk_to_ax25(sk); 1121 if (!sock_flag(sk, SOCK_ZAPPED)) { 1122 err = -EINVAL; 1123 goto out; 1124 } 1125 1126 ax25->source_addr = call; 1127 1128 /* 1129 * User already set interface with SO_BINDTODEVICE 1130 */ 1131 if (ax25->ax25_dev != NULL) 1132 goto done; 1133 1134 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1135 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1136 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1137 err = -EADDRNOTAVAIL; 1138 goto out; 1139 } 1140 } else { 1141 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1142 err = -EADDRNOTAVAIL; 1143 goto out; 1144 } 1145 } 1146 1147 if (ax25_dev) { 1148 ax25_fillin_cb(ax25, ax25_dev); 1149 dev_hold_track(ax25_dev->dev, &ax25_dev->dev_tracker, GFP_ATOMIC); 1150 } 1151 1152 done: 1153 ax25_cb_add(ax25); 1154 sock_reset_flag(sk, SOCK_ZAPPED); 1155 1156 out: 1157 release_sock(sk); 1158 1159 return err; 1160 } 1161 1162 /* 1163 * FIXME: nonblock behaviour looks like it may have a bug. 1164 */ 1165 static int __must_check ax25_connect(struct socket *sock, 1166 struct sockaddr *uaddr, int addr_len, int flags) 1167 { 1168 struct sock *sk = sock->sk; 1169 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1170 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1171 ax25_digi *digi = NULL; 1172 int ct = 0, err = 0; 1173 1174 /* 1175 * some sanity checks. code further down depends on this 1176 */ 1177 1178 if (addr_len == sizeof(struct sockaddr_ax25)) 1179 /* support for this will go away in early 2.5.x 1180 * ax25_connect(): uses obsolete socket structure 1181 */ 1182 ; 1183 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1184 /* support for old structure may go away some time 1185 * ax25_connect(): uses old (6 digipeater) socket structure. 1186 */ 1187 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1188 (addr_len > sizeof(struct full_sockaddr_ax25))) 1189 return -EINVAL; 1190 1191 1192 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1193 return -EINVAL; 1194 1195 lock_sock(sk); 1196 1197 /* deal with restarts */ 1198 if (sock->state == SS_CONNECTING) { 1199 switch (sk->sk_state) { 1200 case TCP_SYN_SENT: /* still trying */ 1201 err = -EINPROGRESS; 1202 goto out_release; 1203 1204 case TCP_ESTABLISHED: /* connection established */ 1205 sock->state = SS_CONNECTED; 1206 goto out_release; 1207 1208 case TCP_CLOSE: /* connection refused */ 1209 sock->state = SS_UNCONNECTED; 1210 err = -ECONNREFUSED; 1211 goto out_release; 1212 } 1213 } 1214 1215 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1216 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1217 goto out_release; 1218 } 1219 1220 sk->sk_state = TCP_CLOSE; 1221 sock->state = SS_UNCONNECTED; 1222 1223 kfree(ax25->digipeat); 1224 ax25->digipeat = NULL; 1225 1226 /* 1227 * Handle digi-peaters to be used. 1228 */ 1229 if (addr_len > sizeof(struct sockaddr_ax25) && 1230 fsa->fsa_ax25.sax25_ndigis != 0) { 1231 /* Valid number of digipeaters ? */ 1232 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1233 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1234 addr_len < sizeof(struct sockaddr_ax25) + 1235 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1236 err = -EINVAL; 1237 goto out_release; 1238 } 1239 1240 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1241 err = -ENOBUFS; 1242 goto out_release; 1243 } 1244 1245 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1246 digi->lastrepeat = -1; 1247 1248 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1249 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1250 AX25_HBIT) && ax25->iamdigi) { 1251 digi->repeated[ct] = 1; 1252 digi->lastrepeat = ct; 1253 } else { 1254 digi->repeated[ct] = 0; 1255 } 1256 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1257 ct++; 1258 } 1259 } 1260 1261 /* 1262 * Must bind first - autobinding in this may or may not work. If 1263 * the socket is already bound, check to see if the device has 1264 * been filled in, error if it hasn't. 1265 */ 1266 if (sock_flag(sk, SOCK_ZAPPED)) { 1267 /* check if we can remove this feature. It is broken. */ 1268 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1269 current->comm); 1270 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1271 kfree(digi); 1272 goto out_release; 1273 } 1274 1275 ax25_fillin_cb(ax25, ax25->ax25_dev); 1276 ax25_cb_add(ax25); 1277 } else { 1278 if (ax25->ax25_dev == NULL) { 1279 kfree(digi); 1280 err = -EHOSTUNREACH; 1281 goto out_release; 1282 } 1283 } 1284 1285 if (sk->sk_type == SOCK_SEQPACKET && 1286 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1287 ax25->ax25_dev->dev))) { 1288 kfree(digi); 1289 err = -EADDRINUSE; /* Already such a connection */ 1290 ax25_cb_put(ax25t); 1291 goto out_release; 1292 } 1293 1294 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1295 ax25->digipeat = digi; 1296 1297 /* First the easy one */ 1298 if (sk->sk_type != SOCK_SEQPACKET) { 1299 sock->state = SS_CONNECTED; 1300 sk->sk_state = TCP_ESTABLISHED; 1301 goto out_release; 1302 } 1303 1304 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1305 sock->state = SS_CONNECTING; 1306 sk->sk_state = TCP_SYN_SENT; 1307 1308 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1309 case AX25_PROTO_STD_SIMPLEX: 1310 case AX25_PROTO_STD_DUPLEX: 1311 ax25_std_establish_data_link(ax25); 1312 break; 1313 1314 #ifdef CONFIG_AX25_DAMA_SLAVE 1315 case AX25_PROTO_DAMA_SLAVE: 1316 ax25->modulus = AX25_MODULUS; 1317 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1318 if (ax25->ax25_dev->dama.slave) 1319 ax25_ds_establish_data_link(ax25); 1320 else 1321 ax25_std_establish_data_link(ax25); 1322 break; 1323 #endif 1324 } 1325 1326 ax25->state = AX25_STATE_1; 1327 1328 ax25_start_heartbeat(ax25); 1329 1330 /* Now the loop */ 1331 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1332 err = -EINPROGRESS; 1333 goto out_release; 1334 } 1335 1336 if (sk->sk_state == TCP_SYN_SENT) { 1337 DEFINE_WAIT(wait); 1338 1339 for (;;) { 1340 prepare_to_wait(sk_sleep(sk), &wait, 1341 TASK_INTERRUPTIBLE); 1342 if (sk->sk_state != TCP_SYN_SENT) 1343 break; 1344 if (!signal_pending(current)) { 1345 release_sock(sk); 1346 schedule(); 1347 lock_sock(sk); 1348 continue; 1349 } 1350 err = -ERESTARTSYS; 1351 break; 1352 } 1353 finish_wait(sk_sleep(sk), &wait); 1354 1355 if (err) 1356 goto out_release; 1357 } 1358 1359 if (sk->sk_state != TCP_ESTABLISHED) { 1360 /* Not in ABM, not in WAIT_UA -> failed */ 1361 sock->state = SS_UNCONNECTED; 1362 err = sock_error(sk); /* Always set at this point */ 1363 goto out_release; 1364 } 1365 1366 sock->state = SS_CONNECTED; 1367 1368 err = 0; 1369 out_release: 1370 release_sock(sk); 1371 1372 return err; 1373 } 1374 1375 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags, 1376 bool kern) 1377 { 1378 struct sk_buff *skb; 1379 struct sock *newsk; 1380 DEFINE_WAIT(wait); 1381 struct sock *sk; 1382 int err = 0; 1383 1384 if (sock->state != SS_UNCONNECTED) 1385 return -EINVAL; 1386 1387 if ((sk = sock->sk) == NULL) 1388 return -EINVAL; 1389 1390 lock_sock(sk); 1391 if (sk->sk_type != SOCK_SEQPACKET) { 1392 err = -EOPNOTSUPP; 1393 goto out; 1394 } 1395 1396 if (sk->sk_state != TCP_LISTEN) { 1397 err = -EINVAL; 1398 goto out; 1399 } 1400 1401 /* 1402 * The read queue this time is holding sockets ready to use 1403 * hooked into the SABM we saved 1404 */ 1405 for (;;) { 1406 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1407 skb = skb_dequeue(&sk->sk_receive_queue); 1408 if (skb) 1409 break; 1410 1411 if (flags & O_NONBLOCK) { 1412 err = -EWOULDBLOCK; 1413 break; 1414 } 1415 if (!signal_pending(current)) { 1416 release_sock(sk); 1417 schedule(); 1418 lock_sock(sk); 1419 continue; 1420 } 1421 err = -ERESTARTSYS; 1422 break; 1423 } 1424 finish_wait(sk_sleep(sk), &wait); 1425 1426 if (err) 1427 goto out; 1428 1429 newsk = skb->sk; 1430 sock_graft(newsk, newsock); 1431 1432 /* Now attach up the new socket */ 1433 kfree_skb(skb); 1434 sk_acceptq_removed(sk); 1435 newsock->state = SS_CONNECTED; 1436 1437 out: 1438 release_sock(sk); 1439 1440 return err; 1441 } 1442 1443 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1444 int peer) 1445 { 1446 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1447 struct sock *sk = sock->sk; 1448 unsigned char ndigi, i; 1449 ax25_cb *ax25; 1450 int err = 0; 1451 1452 memset(fsa, 0, sizeof(*fsa)); 1453 lock_sock(sk); 1454 ax25 = sk_to_ax25(sk); 1455 1456 if (peer != 0) { 1457 if (sk->sk_state != TCP_ESTABLISHED) { 1458 err = -ENOTCONN; 1459 goto out; 1460 } 1461 1462 fsa->fsa_ax25.sax25_family = AF_AX25; 1463 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1464 1465 if (ax25->digipeat != NULL) { 1466 ndigi = ax25->digipeat->ndigi; 1467 fsa->fsa_ax25.sax25_ndigis = ndigi; 1468 for (i = 0; i < ndigi; i++) 1469 fsa->fsa_digipeater[i] = 1470 ax25->digipeat->calls[i]; 1471 } 1472 } else { 1473 fsa->fsa_ax25.sax25_family = AF_AX25; 1474 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1475 fsa->fsa_ax25.sax25_ndigis = 1; 1476 if (ax25->ax25_dev != NULL) { 1477 memcpy(&fsa->fsa_digipeater[0], 1478 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1479 } else { 1480 fsa->fsa_digipeater[0] = null_ax25_address; 1481 } 1482 } 1483 err = sizeof (struct full_sockaddr_ax25); 1484 1485 out: 1486 release_sock(sk); 1487 1488 return err; 1489 } 1490 1491 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1492 { 1493 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1494 struct sock *sk = sock->sk; 1495 struct sockaddr_ax25 sax; 1496 struct sk_buff *skb; 1497 ax25_digi dtmp, *dp; 1498 ax25_cb *ax25; 1499 size_t size; 1500 int lv, err, addr_len = msg->msg_namelen; 1501 1502 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1503 return -EINVAL; 1504 1505 lock_sock(sk); 1506 ax25 = sk_to_ax25(sk); 1507 1508 if (sock_flag(sk, SOCK_ZAPPED)) { 1509 err = -EADDRNOTAVAIL; 1510 goto out; 1511 } 1512 1513 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1514 send_sig(SIGPIPE, current, 0); 1515 err = -EPIPE; 1516 goto out; 1517 } 1518 1519 if (ax25->ax25_dev == NULL) { 1520 err = -ENETUNREACH; 1521 goto out; 1522 } 1523 1524 if (len > ax25->ax25_dev->dev->mtu) { 1525 err = -EMSGSIZE; 1526 goto out; 1527 } 1528 1529 if (usax != NULL) { 1530 if (usax->sax25_family != AF_AX25) { 1531 err = -EINVAL; 1532 goto out; 1533 } 1534 1535 if (addr_len == sizeof(struct sockaddr_ax25)) 1536 /* ax25_sendmsg(): uses obsolete socket structure */ 1537 ; 1538 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1539 /* support for old structure may go away some time 1540 * ax25_sendmsg(): uses old (6 digipeater) 1541 * socket structure. 1542 */ 1543 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1544 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1545 err = -EINVAL; 1546 goto out; 1547 } 1548 1549 1550 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1551 int ct = 0; 1552 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1553 1554 /* Valid number of digipeaters ? */ 1555 if (usax->sax25_ndigis < 1 || 1556 usax->sax25_ndigis > AX25_MAX_DIGIS || 1557 addr_len < sizeof(struct sockaddr_ax25) + 1558 sizeof(ax25_address) * usax->sax25_ndigis) { 1559 err = -EINVAL; 1560 goto out; 1561 } 1562 1563 dtmp.ndigi = usax->sax25_ndigis; 1564 1565 while (ct < usax->sax25_ndigis) { 1566 dtmp.repeated[ct] = 0; 1567 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1568 ct++; 1569 } 1570 1571 dtmp.lastrepeat = 0; 1572 } 1573 1574 sax = *usax; 1575 if (sk->sk_type == SOCK_SEQPACKET && 1576 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1577 err = -EISCONN; 1578 goto out; 1579 } 1580 if (usax->sax25_ndigis == 0) 1581 dp = NULL; 1582 else 1583 dp = &dtmp; 1584 } else { 1585 /* 1586 * FIXME: 1003.1g - if the socket is like this because 1587 * it has become closed (not started closed) and is VC 1588 * we ought to SIGPIPE, EPIPE 1589 */ 1590 if (sk->sk_state != TCP_ESTABLISHED) { 1591 err = -ENOTCONN; 1592 goto out; 1593 } 1594 sax.sax25_family = AF_AX25; 1595 sax.sax25_call = ax25->dest_addr; 1596 dp = ax25->digipeat; 1597 } 1598 1599 /* Build a packet */ 1600 /* Assume the worst case */ 1601 size = len + ax25->ax25_dev->dev->hard_header_len; 1602 1603 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1604 if (skb == NULL) 1605 goto out; 1606 1607 skb_reserve(skb, size - len); 1608 1609 /* User data follows immediately after the AX.25 data */ 1610 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1611 err = -EFAULT; 1612 kfree_skb(skb); 1613 goto out; 1614 } 1615 1616 skb_reset_network_header(skb); 1617 1618 /* Add the PID if one is not supplied by the user in the skb */ 1619 if (!ax25->pidincl) 1620 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1621 1622 if (sk->sk_type == SOCK_SEQPACKET) { 1623 /* Connected mode sockets go via the LAPB machine */ 1624 if (sk->sk_state != TCP_ESTABLISHED) { 1625 kfree_skb(skb); 1626 err = -ENOTCONN; 1627 goto out; 1628 } 1629 1630 /* Shove it onto the queue and kick */ 1631 ax25_output(ax25, ax25->paclen, skb); 1632 1633 err = len; 1634 goto out; 1635 } 1636 1637 skb_push(skb, 1 + ax25_addr_size(dp)); 1638 1639 /* Building AX.25 Header */ 1640 1641 /* Build an AX.25 header */ 1642 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1643 dp, AX25_COMMAND, AX25_MODULUS); 1644 1645 skb_set_transport_header(skb, lv); 1646 1647 *skb_transport_header(skb) = AX25_UI; 1648 1649 /* Datagram frames go straight out of the door as UI */ 1650 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1651 1652 err = len; 1653 1654 out: 1655 release_sock(sk); 1656 1657 return err; 1658 } 1659 1660 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1661 int flags) 1662 { 1663 struct sock *sk = sock->sk; 1664 struct sk_buff *skb, *last; 1665 struct sk_buff_head *sk_queue; 1666 int copied; 1667 int err = 0; 1668 int off = 0; 1669 long timeo; 1670 1671 lock_sock(sk); 1672 /* 1673 * This works for seqpacket too. The receiver has ordered the 1674 * queue for us! We do one quick check first though 1675 */ 1676 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1677 err = -ENOTCONN; 1678 goto out; 1679 } 1680 1681 /* We need support for non-blocking reads. */ 1682 sk_queue = &sk->sk_receive_queue; 1683 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, &err, &last); 1684 /* If no packet is available, release_sock(sk) and try again. */ 1685 if (!skb) { 1686 if (err != -EAGAIN) 1687 goto out; 1688 release_sock(sk); 1689 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); 1690 while (timeo && !__skb_wait_for_more_packets(sk, sk_queue, &err, 1691 &timeo, last)) { 1692 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, 1693 &err, &last); 1694 if (skb) 1695 break; 1696 1697 if (err != -EAGAIN) 1698 goto done; 1699 } 1700 if (!skb) 1701 goto done; 1702 lock_sock(sk); 1703 } 1704 1705 if (!sk_to_ax25(sk)->pidincl) 1706 skb_pull(skb, 1); /* Remove PID */ 1707 1708 skb_reset_transport_header(skb); 1709 copied = skb->len; 1710 1711 if (copied > size) { 1712 copied = size; 1713 msg->msg_flags |= MSG_TRUNC; 1714 } 1715 1716 skb_copy_datagram_msg(skb, 0, msg, copied); 1717 1718 if (msg->msg_name) { 1719 ax25_digi digi; 1720 ax25_address src; 1721 const unsigned char *mac = skb_mac_header(skb); 1722 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1723 1724 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1725 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1726 &digi, NULL, NULL); 1727 sax->sax25_family = AF_AX25; 1728 /* We set this correctly, even though we may not let the 1729 application know the digi calls further down (because it 1730 did NOT ask to know them). This could get political... **/ 1731 sax->sax25_ndigis = digi.ndigi; 1732 sax->sax25_call = src; 1733 1734 if (sax->sax25_ndigis != 0) { 1735 int ct; 1736 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1737 1738 for (ct = 0; ct < digi.ndigi; ct++) 1739 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1740 } 1741 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1742 } 1743 1744 skb_free_datagram(sk, skb); 1745 err = copied; 1746 1747 out: 1748 release_sock(sk); 1749 1750 done: 1751 return err; 1752 } 1753 1754 static int ax25_shutdown(struct socket *sk, int how) 1755 { 1756 /* FIXME - generate DM and RNR states */ 1757 return -EOPNOTSUPP; 1758 } 1759 1760 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1761 { 1762 struct sock *sk = sock->sk; 1763 void __user *argp = (void __user *)arg; 1764 int res = 0; 1765 1766 lock_sock(sk); 1767 switch (cmd) { 1768 case TIOCOUTQ: { 1769 long amount; 1770 1771 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1772 if (amount < 0) 1773 amount = 0; 1774 res = put_user(amount, (int __user *)argp); 1775 break; 1776 } 1777 1778 case TIOCINQ: { 1779 struct sk_buff *skb; 1780 long amount = 0L; 1781 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1782 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1783 amount = skb->len; 1784 res = put_user(amount, (int __user *) argp); 1785 break; 1786 } 1787 1788 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1789 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1790 case SIOCAX25GETUID: { 1791 struct sockaddr_ax25 sax25; 1792 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1793 res = -EFAULT; 1794 break; 1795 } 1796 res = ax25_uid_ioctl(cmd, &sax25); 1797 break; 1798 } 1799 1800 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1801 long amount; 1802 if (!capable(CAP_NET_ADMIN)) { 1803 res = -EPERM; 1804 break; 1805 } 1806 if (get_user(amount, (long __user *)argp)) { 1807 res = -EFAULT; 1808 break; 1809 } 1810 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1811 res = -EINVAL; 1812 break; 1813 } 1814 ax25_uid_policy = amount; 1815 res = 0; 1816 break; 1817 } 1818 1819 case SIOCADDRT: 1820 case SIOCDELRT: 1821 case SIOCAX25OPTRT: 1822 if (!capable(CAP_NET_ADMIN)) { 1823 res = -EPERM; 1824 break; 1825 } 1826 res = ax25_rt_ioctl(cmd, argp); 1827 break; 1828 1829 case SIOCAX25CTLCON: 1830 if (!capable(CAP_NET_ADMIN)) { 1831 res = -EPERM; 1832 break; 1833 } 1834 res = ax25_ctl_ioctl(cmd, argp); 1835 break; 1836 1837 case SIOCAX25GETINFO: 1838 case SIOCAX25GETINFOOLD: { 1839 ax25_cb *ax25 = sk_to_ax25(sk); 1840 struct ax25_info_struct ax25_info; 1841 1842 ax25_info.t1 = ax25->t1 / HZ; 1843 ax25_info.t2 = ax25->t2 / HZ; 1844 ax25_info.t3 = ax25->t3 / HZ; 1845 ax25_info.idle = ax25->idle / (60 * HZ); 1846 ax25_info.n2 = ax25->n2; 1847 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1848 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1849 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1850 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1851 ax25_info.n2count = ax25->n2count; 1852 ax25_info.state = ax25->state; 1853 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1854 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1855 ax25_info.vs = ax25->vs; 1856 ax25_info.vr = ax25->vr; 1857 ax25_info.va = ax25->va; 1858 ax25_info.vs_max = ax25->vs; /* reserved */ 1859 ax25_info.paclen = ax25->paclen; 1860 ax25_info.window = ax25->window; 1861 1862 /* old structure? */ 1863 if (cmd == SIOCAX25GETINFOOLD) { 1864 static int warned = 0; 1865 if (!warned) { 1866 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1867 current->comm); 1868 warned=1; 1869 } 1870 1871 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1872 res = -EFAULT; 1873 break; 1874 } 1875 } else { 1876 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1877 res = -EINVAL; 1878 break; 1879 } 1880 } 1881 res = 0; 1882 break; 1883 } 1884 1885 case SIOCAX25ADDFWD: 1886 case SIOCAX25DELFWD: { 1887 struct ax25_fwd_struct ax25_fwd; 1888 if (!capable(CAP_NET_ADMIN)) { 1889 res = -EPERM; 1890 break; 1891 } 1892 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1893 res = -EFAULT; 1894 break; 1895 } 1896 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1897 break; 1898 } 1899 1900 case SIOCGIFADDR: 1901 case SIOCSIFADDR: 1902 case SIOCGIFDSTADDR: 1903 case SIOCSIFDSTADDR: 1904 case SIOCGIFBRDADDR: 1905 case SIOCSIFBRDADDR: 1906 case SIOCGIFNETMASK: 1907 case SIOCSIFNETMASK: 1908 case SIOCGIFMETRIC: 1909 case SIOCSIFMETRIC: 1910 res = -EINVAL; 1911 break; 1912 1913 default: 1914 res = -ENOIOCTLCMD; 1915 break; 1916 } 1917 release_sock(sk); 1918 1919 return res; 1920 } 1921 1922 #ifdef CONFIG_PROC_FS 1923 1924 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1925 __acquires(ax25_list_lock) 1926 { 1927 spin_lock_bh(&ax25_list_lock); 1928 return seq_hlist_start(&ax25_list, *pos); 1929 } 1930 1931 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1932 { 1933 return seq_hlist_next(v, &ax25_list, pos); 1934 } 1935 1936 static void ax25_info_stop(struct seq_file *seq, void *v) 1937 __releases(ax25_list_lock) 1938 { 1939 spin_unlock_bh(&ax25_list_lock); 1940 } 1941 1942 static int ax25_info_show(struct seq_file *seq, void *v) 1943 { 1944 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1945 char buf[11]; 1946 int k; 1947 1948 1949 /* 1950 * New format: 1951 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1952 */ 1953 1954 seq_printf(seq, "%p %s %s%s ", 1955 ax25, 1956 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1957 ax2asc(buf, &ax25->source_addr), 1958 ax25->iamdigi? "*":""); 1959 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1960 1961 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1962 seq_printf(seq, ",%s%s", 1963 ax2asc(buf, &ax25->digipeat->calls[k]), 1964 ax25->digipeat->repeated[k]? "*":""); 1965 } 1966 1967 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1968 ax25->state, 1969 ax25->vs, ax25->vr, ax25->va, 1970 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1971 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1972 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1973 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1974 ax25->idle / (60 * HZ), 1975 ax25->n2count, ax25->n2, 1976 ax25->rtt / HZ, 1977 ax25->window, 1978 ax25->paclen); 1979 1980 if (ax25->sk != NULL) { 1981 seq_printf(seq, " %d %d %lu\n", 1982 sk_wmem_alloc_get(ax25->sk), 1983 sk_rmem_alloc_get(ax25->sk), 1984 sock_i_ino(ax25->sk)); 1985 } else { 1986 seq_puts(seq, " * * *\n"); 1987 } 1988 return 0; 1989 } 1990 1991 static const struct seq_operations ax25_info_seqops = { 1992 .start = ax25_info_start, 1993 .next = ax25_info_next, 1994 .stop = ax25_info_stop, 1995 .show = ax25_info_show, 1996 }; 1997 #endif 1998 1999 static const struct net_proto_family ax25_family_ops = { 2000 .family = PF_AX25, 2001 .create = ax25_create, 2002 .owner = THIS_MODULE, 2003 }; 2004 2005 static const struct proto_ops ax25_proto_ops = { 2006 .family = PF_AX25, 2007 .owner = THIS_MODULE, 2008 .release = ax25_release, 2009 .bind = ax25_bind, 2010 .connect = ax25_connect, 2011 .socketpair = sock_no_socketpair, 2012 .accept = ax25_accept, 2013 .getname = ax25_getname, 2014 .poll = datagram_poll, 2015 .ioctl = ax25_ioctl, 2016 .gettstamp = sock_gettstamp, 2017 .listen = ax25_listen, 2018 .shutdown = ax25_shutdown, 2019 .setsockopt = ax25_setsockopt, 2020 .getsockopt = ax25_getsockopt, 2021 .sendmsg = ax25_sendmsg, 2022 .recvmsg = ax25_recvmsg, 2023 .mmap = sock_no_mmap, 2024 .sendpage = sock_no_sendpage, 2025 }; 2026 2027 /* 2028 * Called by socket.c on kernel start up 2029 */ 2030 static struct packet_type ax25_packet_type __read_mostly = { 2031 .type = cpu_to_be16(ETH_P_AX25), 2032 .func = ax25_kiss_rcv, 2033 }; 2034 2035 static struct notifier_block ax25_dev_notifier = { 2036 .notifier_call = ax25_device_event, 2037 }; 2038 2039 static int __init ax25_init(void) 2040 { 2041 int rc = proto_register(&ax25_proto, 0); 2042 2043 if (rc != 0) 2044 goto out; 2045 2046 sock_register(&ax25_family_ops); 2047 dev_add_pack(&ax25_packet_type); 2048 register_netdevice_notifier(&ax25_dev_notifier); 2049 2050 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 2051 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 2052 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 2053 &ax25_uid_seqops); 2054 out: 2055 return rc; 2056 } 2057 module_init(ax25_init); 2058 2059 2060 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2061 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2062 MODULE_LICENSE("GPL"); 2063 MODULE_ALIAS_NETPROTO(PF_AX25); 2064 2065 static void __exit ax25_exit(void) 2066 { 2067 remove_proc_entry("ax25_route", init_net.proc_net); 2068 remove_proc_entry("ax25", init_net.proc_net); 2069 remove_proc_entry("ax25_calls", init_net.proc_net); 2070 2071 unregister_netdevice_notifier(&ax25_dev_notifier); 2072 2073 dev_remove_pack(&ax25_packet_type); 2074 2075 sock_unregister(PF_AX25); 2076 proto_unregister(&ax25_proto); 2077 2078 ax25_rt_free(); 2079 ax25_uid_free(); 2080 ax25_dev_free(); 2081 } 2082 module_exit(ax25_exit); 2083