11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * This program is free software; you can redistribute it and/or modify 31da177e4SLinus Torvalds * it under the terms of the GNU General Public License as published by 41da177e4SLinus Torvalds * the Free Software Foundation; either version 2 of the License, or 51da177e4SLinus Torvalds * (at your option) any later version. 61da177e4SLinus Torvalds * 71da177e4SLinus Torvalds * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 81da177e4SLinus Torvalds * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 91da177e4SLinus Torvalds * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 101da177e4SLinus Torvalds * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 111da177e4SLinus Torvalds */ 121da177e4SLinus Torvalds #include <linux/errno.h> 131da177e4SLinus Torvalds #include <linux/types.h> 141da177e4SLinus Torvalds #include <linux/socket.h> 151da177e4SLinus Torvalds #include <linux/in.h> 161da177e4SLinus Torvalds #include <linux/kernel.h> 171da177e4SLinus Torvalds #include <linux/sched.h> 181da177e4SLinus Torvalds #include <linux/timer.h> 191da177e4SLinus Torvalds #include <linux/string.h> 201da177e4SLinus Torvalds #include <linux/sockios.h> 211da177e4SLinus Torvalds #include <linux/net.h> 221da177e4SLinus Torvalds #include <net/ax25.h> 231da177e4SLinus Torvalds #include <linux/inet.h> 241da177e4SLinus Torvalds #include <linux/netdevice.h> 251da177e4SLinus Torvalds #include <linux/skbuff.h> 261da177e4SLinus Torvalds #include <linux/netfilter.h> 271da177e4SLinus Torvalds #include <net/sock.h> 28c752f073SArnaldo Carvalho de Melo #include <net/tcp_states.h> 291da177e4SLinus Torvalds #include <asm/uaccess.h> 301da177e4SLinus Torvalds #include <asm/system.h> 311da177e4SLinus Torvalds #include <linux/fcntl.h> 321da177e4SLinus Torvalds #include <linux/mm.h> 331da177e4SLinus Torvalds #include <linux/interrupt.h> 341da177e4SLinus Torvalds 351da177e4SLinus Torvalds /* 361da177e4SLinus Torvalds * Given a fragment, queue it on the fragment queue and if the fragment 371da177e4SLinus Torvalds * is complete, send it back to ax25_rx_iframe. 381da177e4SLinus Torvalds */ 391da177e4SLinus Torvalds static int ax25_rx_fragment(ax25_cb *ax25, struct sk_buff *skb) 401da177e4SLinus Torvalds { 411da177e4SLinus Torvalds struct sk_buff *skbn, *skbo; 421da177e4SLinus Torvalds 431da177e4SLinus Torvalds if (ax25->fragno != 0) { 441da177e4SLinus Torvalds if (!(*skb->data & AX25_SEG_FIRST)) { 451da177e4SLinus Torvalds if ((ax25->fragno - 1) == (*skb->data & AX25_SEG_REM)) { 461da177e4SLinus Torvalds /* Enqueue fragment */ 471da177e4SLinus Torvalds ax25->fragno = *skb->data & AX25_SEG_REM; 481da177e4SLinus Torvalds skb_pull(skb, 1); /* skip fragno */ 491da177e4SLinus Torvalds ax25->fraglen += skb->len; 501da177e4SLinus Torvalds skb_queue_tail(&ax25->frag_queue, skb); 511da177e4SLinus Torvalds 521da177e4SLinus Torvalds /* Last fragment received ? */ 531da177e4SLinus Torvalds if (ax25->fragno == 0) { 541da177e4SLinus Torvalds skbn = alloc_skb(AX25_MAX_HEADER_LEN + 551da177e4SLinus Torvalds ax25->fraglen, 561da177e4SLinus Torvalds GFP_ATOMIC); 571da177e4SLinus Torvalds if (!skbn) { 581da177e4SLinus Torvalds skb_queue_purge(&ax25->frag_queue); 591da177e4SLinus Torvalds return 1; 601da177e4SLinus Torvalds } 611da177e4SLinus Torvalds 621da177e4SLinus Torvalds skb_reserve(skbn, AX25_MAX_HEADER_LEN); 631da177e4SLinus Torvalds 641da177e4SLinus Torvalds skbn->dev = ax25->ax25_dev->dev; 651da177e4SLinus Torvalds skbn->h.raw = skbn->data; 661da177e4SLinus Torvalds skbn->nh.raw = skbn->data; 671da177e4SLinus Torvalds 681da177e4SLinus Torvalds /* Copy data from the fragments */ 691da177e4SLinus Torvalds while ((skbo = skb_dequeue(&ax25->frag_queue)) != NULL) { 701da177e4SLinus Torvalds memcpy(skb_put(skbn, skbo->len), skbo->data, skbo->len); 711da177e4SLinus Torvalds kfree_skb(skbo); 721da177e4SLinus Torvalds } 731da177e4SLinus Torvalds 741da177e4SLinus Torvalds ax25->fraglen = 0; 751da177e4SLinus Torvalds 761da177e4SLinus Torvalds if (ax25_rx_iframe(ax25, skbn) == 0) 771da177e4SLinus Torvalds kfree_skb(skbn); 781da177e4SLinus Torvalds } 791da177e4SLinus Torvalds 801da177e4SLinus Torvalds return 1; 811da177e4SLinus Torvalds } 821da177e4SLinus Torvalds } 831da177e4SLinus Torvalds } else { 841da177e4SLinus Torvalds /* First fragment received */ 851da177e4SLinus Torvalds if (*skb->data & AX25_SEG_FIRST) { 861da177e4SLinus Torvalds skb_queue_purge(&ax25->frag_queue); 871da177e4SLinus Torvalds ax25->fragno = *skb->data & AX25_SEG_REM; 881da177e4SLinus Torvalds skb_pull(skb, 1); /* skip fragno */ 891da177e4SLinus Torvalds ax25->fraglen = skb->len; 901da177e4SLinus Torvalds skb_queue_tail(&ax25->frag_queue, skb); 911da177e4SLinus Torvalds return 1; 921da177e4SLinus Torvalds } 931da177e4SLinus Torvalds } 941da177e4SLinus Torvalds 951da177e4SLinus Torvalds return 0; 961da177e4SLinus Torvalds } 971da177e4SLinus Torvalds 981da177e4SLinus Torvalds /* 991da177e4SLinus Torvalds * This is where all valid I frames are sent to, to be dispatched to 1001da177e4SLinus Torvalds * whichever protocol requires them. 1011da177e4SLinus Torvalds */ 1021da177e4SLinus Torvalds int ax25_rx_iframe(ax25_cb *ax25, struct sk_buff *skb) 1031da177e4SLinus Torvalds { 1041da177e4SLinus Torvalds int (*func)(struct sk_buff *, ax25_cb *); 1051da177e4SLinus Torvalds volatile int queued = 0; 1061da177e4SLinus Torvalds unsigned char pid; 1071da177e4SLinus Torvalds 1081da177e4SLinus Torvalds if (skb == NULL) return 0; 1091da177e4SLinus Torvalds 1101da177e4SLinus Torvalds ax25_start_idletimer(ax25); 1111da177e4SLinus Torvalds 1121da177e4SLinus Torvalds pid = *skb->data; 1131da177e4SLinus Torvalds 1141da177e4SLinus Torvalds if (pid == AX25_P_IP) { 1151da177e4SLinus Torvalds /* working around a TCP bug to keep additional listeners 1161da177e4SLinus Torvalds * happy. TCP re-uses the buffer and destroys the original 1171da177e4SLinus Torvalds * content. 1181da177e4SLinus Torvalds */ 1191da177e4SLinus Torvalds struct sk_buff *skbn = skb_copy(skb, GFP_ATOMIC); 1201da177e4SLinus Torvalds if (skbn != NULL) { 1211da177e4SLinus Torvalds kfree_skb(skb); 1221da177e4SLinus Torvalds skb = skbn; 1231da177e4SLinus Torvalds } 1241da177e4SLinus Torvalds 1251da177e4SLinus Torvalds skb_pull(skb, 1); /* Remove PID */ 1261da177e4SLinus Torvalds skb->h.raw = skb->data; 1271da177e4SLinus Torvalds skb->nh.raw = skb->data; 1281da177e4SLinus Torvalds skb->dev = ax25->ax25_dev->dev; 1291da177e4SLinus Torvalds skb->pkt_type = PACKET_HOST; 1301da177e4SLinus Torvalds skb->protocol = htons(ETH_P_IP); 13198a82febSRalf Baechle netif_rx(skb); 1321da177e4SLinus Torvalds return 1; 1331da177e4SLinus Torvalds } 1341da177e4SLinus Torvalds if (pid == AX25_P_SEGMENT) { 1351da177e4SLinus Torvalds skb_pull(skb, 1); /* Remove PID */ 1361da177e4SLinus Torvalds return ax25_rx_fragment(ax25, skb); 1371da177e4SLinus Torvalds } 1381da177e4SLinus Torvalds 1391da177e4SLinus Torvalds if ((func = ax25_protocol_function(pid)) != NULL) { 1401da177e4SLinus Torvalds skb_pull(skb, 1); /* Remove PID */ 1411da177e4SLinus Torvalds return (*func)(skb, ax25); 1421da177e4SLinus Torvalds } 1431da177e4SLinus Torvalds 1441da177e4SLinus Torvalds if (ax25->sk != NULL && ax25->ax25_dev->values[AX25_VALUES_CONMODE] == 2) { 1451da177e4SLinus Torvalds if ((!ax25->pidincl && ax25->sk->sk_protocol == pid) || 1461da177e4SLinus Torvalds ax25->pidincl) { 1471da177e4SLinus Torvalds if (sock_queue_rcv_skb(ax25->sk, skb) == 0) 1481da177e4SLinus Torvalds queued = 1; 1491da177e4SLinus Torvalds else 1501da177e4SLinus Torvalds ax25->condition |= AX25_COND_OWN_RX_BUSY; 1511da177e4SLinus Torvalds } 1521da177e4SLinus Torvalds } 1531da177e4SLinus Torvalds 1541da177e4SLinus Torvalds return queued; 1551da177e4SLinus Torvalds } 1561da177e4SLinus Torvalds 1571da177e4SLinus Torvalds /* 1581da177e4SLinus Torvalds * Higher level upcall for a LAPB frame 1591da177e4SLinus Torvalds */ 1601da177e4SLinus Torvalds static int ax25_process_rx_frame(ax25_cb *ax25, struct sk_buff *skb, int type, int dama) 1611da177e4SLinus Torvalds { 1621da177e4SLinus Torvalds int queued = 0; 1631da177e4SLinus Torvalds 1641da177e4SLinus Torvalds if (ax25->state == AX25_STATE_0) 1651da177e4SLinus Torvalds return 0; 1661da177e4SLinus Torvalds 1671da177e4SLinus Torvalds switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1681da177e4SLinus Torvalds case AX25_PROTO_STD_SIMPLEX: 1691da177e4SLinus Torvalds case AX25_PROTO_STD_DUPLEX: 1701da177e4SLinus Torvalds queued = ax25_std_frame_in(ax25, skb, type); 1711da177e4SLinus Torvalds break; 1721da177e4SLinus Torvalds 1731da177e4SLinus Torvalds #ifdef CONFIG_AX25_DAMA_SLAVE 1741da177e4SLinus Torvalds case AX25_PROTO_DAMA_SLAVE: 1751da177e4SLinus Torvalds if (dama || ax25->ax25_dev->dama.slave) 1761da177e4SLinus Torvalds queued = ax25_ds_frame_in(ax25, skb, type); 1771da177e4SLinus Torvalds else 1781da177e4SLinus Torvalds queued = ax25_std_frame_in(ax25, skb, type); 1791da177e4SLinus Torvalds break; 1801da177e4SLinus Torvalds #endif 1811da177e4SLinus Torvalds } 1821da177e4SLinus Torvalds 1831da177e4SLinus Torvalds return queued; 1841da177e4SLinus Torvalds } 1851da177e4SLinus Torvalds 1861da177e4SLinus Torvalds static int ax25_rcv(struct sk_buff *skb, struct net_device *dev, 1871da177e4SLinus Torvalds ax25_address *dev_addr, struct packet_type *ptype) 1881da177e4SLinus Torvalds { 1891da177e4SLinus Torvalds ax25_address src, dest, *next_digi = NULL; 1901da177e4SLinus Torvalds int type = 0, mine = 0, dama; 1911da177e4SLinus Torvalds struct sock *make, *sk; 1921da177e4SLinus Torvalds ax25_digi dp, reverse_dp; 1931da177e4SLinus Torvalds ax25_cb *ax25; 1941da177e4SLinus Torvalds ax25_dev *ax25_dev; 1951da177e4SLinus Torvalds 1961da177e4SLinus Torvalds /* 1971da177e4SLinus Torvalds * Process the AX.25/LAPB frame. 1981da177e4SLinus Torvalds */ 1991da177e4SLinus Torvalds 2001da177e4SLinus Torvalds skb->h.raw = skb->data; 2011da177e4SLinus Torvalds 2021da177e4SLinus Torvalds if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) { 2031da177e4SLinus Torvalds kfree_skb(skb); 2041da177e4SLinus Torvalds return 0; 2051da177e4SLinus Torvalds } 2061da177e4SLinus Torvalds 2071da177e4SLinus Torvalds /* 2081da177e4SLinus Torvalds * Parse the address header. 2091da177e4SLinus Torvalds */ 2101da177e4SLinus Torvalds 2111da177e4SLinus Torvalds if (ax25_addr_parse(skb->data, skb->len, &src, &dest, &dp, &type, &dama) == NULL) { 2121da177e4SLinus Torvalds kfree_skb(skb); 2131da177e4SLinus Torvalds return 0; 2141da177e4SLinus Torvalds } 2151da177e4SLinus Torvalds 2161da177e4SLinus Torvalds /* 2171da177e4SLinus Torvalds * Ours perhaps ? 2181da177e4SLinus Torvalds */ 2191da177e4SLinus Torvalds if (dp.lastrepeat + 1 < dp.ndigi) /* Not yet digipeated completely */ 2201da177e4SLinus Torvalds next_digi = &dp.calls[dp.lastrepeat + 1]; 2211da177e4SLinus Torvalds 2221da177e4SLinus Torvalds /* 2231da177e4SLinus Torvalds * Pull of the AX.25 headers leaving the CTRL/PID bytes 2241da177e4SLinus Torvalds */ 2251da177e4SLinus Torvalds skb_pull(skb, ax25_addr_size(&dp)); 2261da177e4SLinus Torvalds 2271da177e4SLinus Torvalds /* For our port addresses ? */ 2281da177e4SLinus Torvalds if (ax25cmp(&dest, dev_addr) == 0 && dp.lastrepeat + 1 == dp.ndigi) 2291da177e4SLinus Torvalds mine = 1; 2301da177e4SLinus Torvalds 2311da177e4SLinus Torvalds /* Also match on any registered callsign from L3/4 */ 2321da177e4SLinus Torvalds if (!mine && ax25_listen_mine(&dest, dev) && dp.lastrepeat + 1 == dp.ndigi) 2331da177e4SLinus Torvalds mine = 1; 2341da177e4SLinus Torvalds 2351da177e4SLinus Torvalds /* UI frame - bypass LAPB processing */ 2361da177e4SLinus Torvalds if ((*skb->data & ~0x10) == AX25_UI && dp.lastrepeat + 1 == dp.ndigi) { 2371da177e4SLinus Torvalds skb->h.raw = skb->data + 2; /* skip control and pid */ 2381da177e4SLinus Torvalds 2391da177e4SLinus Torvalds ax25_send_to_raw(&dest, skb, skb->data[1]); 2401da177e4SLinus Torvalds 2411da177e4SLinus Torvalds if (!mine && ax25cmp(&dest, (ax25_address *)dev->broadcast) != 0) { 2421da177e4SLinus Torvalds kfree_skb(skb); 2431da177e4SLinus Torvalds return 0; 2441da177e4SLinus Torvalds } 2451da177e4SLinus Torvalds 2461da177e4SLinus Torvalds /* Now we are pointing at the pid byte */ 2471da177e4SLinus Torvalds switch (skb->data[1]) { 2481da177e4SLinus Torvalds case AX25_P_IP: 2491da177e4SLinus Torvalds skb_pull(skb,2); /* drop PID/CTRL */ 2501da177e4SLinus Torvalds skb->h.raw = skb->data; 2511da177e4SLinus Torvalds skb->nh.raw = skb->data; 2521da177e4SLinus Torvalds skb->dev = dev; 2531da177e4SLinus Torvalds skb->pkt_type = PACKET_HOST; 2541da177e4SLinus Torvalds skb->protocol = htons(ETH_P_IP); 25598a82febSRalf Baechle netif_rx(skb); 2561da177e4SLinus Torvalds break; 2571da177e4SLinus Torvalds 2581da177e4SLinus Torvalds case AX25_P_ARP: 2591da177e4SLinus Torvalds skb_pull(skb,2); 2601da177e4SLinus Torvalds skb->h.raw = skb->data; 2611da177e4SLinus Torvalds skb->nh.raw = skb->data; 2621da177e4SLinus Torvalds skb->dev = dev; 2631da177e4SLinus Torvalds skb->pkt_type = PACKET_HOST; 2641da177e4SLinus Torvalds skb->protocol = htons(ETH_P_ARP); 26598a82febSRalf Baechle netif_rx(skb); 2661da177e4SLinus Torvalds break; 2671da177e4SLinus Torvalds case AX25_P_TEXT: 2681da177e4SLinus Torvalds /* Now find a suitable dgram socket */ 2691da177e4SLinus Torvalds sk = ax25_get_socket(&dest, &src, SOCK_DGRAM); 2701da177e4SLinus Torvalds if (sk != NULL) { 2711da177e4SLinus Torvalds bh_lock_sock(sk); 2721da177e4SLinus Torvalds if (atomic_read(&sk->sk_rmem_alloc) >= 2731da177e4SLinus Torvalds sk->sk_rcvbuf) { 2741da177e4SLinus Torvalds kfree_skb(skb); 2751da177e4SLinus Torvalds } else { 2761da177e4SLinus Torvalds /* 2771da177e4SLinus Torvalds * Remove the control and PID. 2781da177e4SLinus Torvalds */ 2791da177e4SLinus Torvalds skb_pull(skb, 2); 2801da177e4SLinus Torvalds if (sock_queue_rcv_skb(sk, skb) != 0) 2811da177e4SLinus Torvalds kfree_skb(skb); 2821da177e4SLinus Torvalds } 2831da177e4SLinus Torvalds bh_unlock_sock(sk); 2841da177e4SLinus Torvalds sock_put(sk); 2851da177e4SLinus Torvalds } else { 2861da177e4SLinus Torvalds kfree_skb(skb); 2871da177e4SLinus Torvalds } 2881da177e4SLinus Torvalds break; 2891da177e4SLinus Torvalds 2901da177e4SLinus Torvalds default: 2911da177e4SLinus Torvalds kfree_skb(skb); /* Will scan SOCK_AX25 RAW sockets */ 2921da177e4SLinus Torvalds break; 2931da177e4SLinus Torvalds } 2941da177e4SLinus Torvalds 2951da177e4SLinus Torvalds return 0; 2961da177e4SLinus Torvalds } 2971da177e4SLinus Torvalds 2981da177e4SLinus Torvalds /* 2991da177e4SLinus Torvalds * Is connected mode supported on this device ? 3001da177e4SLinus Torvalds * If not, should we DM the incoming frame (except DMs) or 3011da177e4SLinus Torvalds * silently ignore them. For now we stay quiet. 3021da177e4SLinus Torvalds */ 3031da177e4SLinus Torvalds if (ax25_dev->values[AX25_VALUES_CONMODE] == 0) { 3041da177e4SLinus Torvalds kfree_skb(skb); 3051da177e4SLinus Torvalds return 0; 3061da177e4SLinus Torvalds } 3071da177e4SLinus Torvalds 3081da177e4SLinus Torvalds /* LAPB */ 3091da177e4SLinus Torvalds 3101da177e4SLinus Torvalds /* AX.25 state 1-4 */ 3111da177e4SLinus Torvalds 3121da177e4SLinus Torvalds ax25_digi_invert(&dp, &reverse_dp); 3131da177e4SLinus Torvalds 3141da177e4SLinus Torvalds if ((ax25 = ax25_find_cb(&dest, &src, &reverse_dp, dev)) != NULL) { 3151da177e4SLinus Torvalds /* 3161da177e4SLinus Torvalds * Process the frame. If it is queued up internally it 3171da177e4SLinus Torvalds * returns one otherwise we free it immediately. This 3181da177e4SLinus Torvalds * routine itself wakes the user context layers so we do 3191da177e4SLinus Torvalds * no further work 3201da177e4SLinus Torvalds */ 3211da177e4SLinus Torvalds if (ax25_process_rx_frame(ax25, skb, type, dama) == 0) 3221da177e4SLinus Torvalds kfree_skb(skb); 3231da177e4SLinus Torvalds 3241da177e4SLinus Torvalds ax25_cb_put(ax25); 3251da177e4SLinus Torvalds return 0; 3261da177e4SLinus Torvalds } 3271da177e4SLinus Torvalds 3281da177e4SLinus Torvalds /* AX.25 state 0 (disconnected) */ 3291da177e4SLinus Torvalds 3301da177e4SLinus Torvalds /* a) received not a SABM(E) */ 3311da177e4SLinus Torvalds 3321da177e4SLinus Torvalds if ((*skb->data & ~AX25_PF) != AX25_SABM && 3331da177e4SLinus Torvalds (*skb->data & ~AX25_PF) != AX25_SABME) { 3341da177e4SLinus Torvalds /* 3351da177e4SLinus Torvalds * Never reply to a DM. Also ignore any connects for 3361da177e4SLinus Torvalds * addresses that are not our interfaces and not a socket. 3371da177e4SLinus Torvalds */ 3381da177e4SLinus Torvalds if ((*skb->data & ~AX25_PF) != AX25_DM && mine) 3391da177e4SLinus Torvalds ax25_return_dm(dev, &src, &dest, &dp); 3401da177e4SLinus Torvalds 3411da177e4SLinus Torvalds kfree_skb(skb); 3421da177e4SLinus Torvalds return 0; 3431da177e4SLinus Torvalds } 3441da177e4SLinus Torvalds 3451da177e4SLinus Torvalds /* b) received SABM(E) */ 3461da177e4SLinus Torvalds 3471da177e4SLinus Torvalds if (dp.lastrepeat + 1 == dp.ndigi) 3481da177e4SLinus Torvalds sk = ax25_find_listener(&dest, 0, dev, SOCK_SEQPACKET); 3491da177e4SLinus Torvalds else 3501da177e4SLinus Torvalds sk = ax25_find_listener(next_digi, 1, dev, SOCK_SEQPACKET); 3511da177e4SLinus Torvalds 3521da177e4SLinus Torvalds if (sk != NULL) { 3531da177e4SLinus Torvalds bh_lock_sock(sk); 3541da177e4SLinus Torvalds if (sk_acceptq_is_full(sk) || 3551da177e4SLinus Torvalds (make = ax25_make_new(sk, ax25_dev)) == NULL) { 3561da177e4SLinus Torvalds if (mine) 3571da177e4SLinus Torvalds ax25_return_dm(dev, &src, &dest, &dp); 3581da177e4SLinus Torvalds kfree_skb(skb); 3591da177e4SLinus Torvalds bh_unlock_sock(sk); 3601da177e4SLinus Torvalds sock_put(sk); 3611da177e4SLinus Torvalds 3621da177e4SLinus Torvalds return 0; 3631da177e4SLinus Torvalds } 3641da177e4SLinus Torvalds 3651da177e4SLinus Torvalds ax25 = ax25_sk(make); 3661da177e4SLinus Torvalds skb_set_owner_r(skb, make); 3671da177e4SLinus Torvalds skb_queue_head(&sk->sk_receive_queue, skb); 3681da177e4SLinus Torvalds 3691da177e4SLinus Torvalds make->sk_state = TCP_ESTABLISHED; 3701da177e4SLinus Torvalds 3711da177e4SLinus Torvalds sk->sk_ack_backlog++; 3721da177e4SLinus Torvalds bh_unlock_sock(sk); 3731da177e4SLinus Torvalds } else { 3741da177e4SLinus Torvalds if (!mine) { 3751da177e4SLinus Torvalds kfree_skb(skb); 3761da177e4SLinus Torvalds return 0; 3771da177e4SLinus Torvalds } 3781da177e4SLinus Torvalds 3791da177e4SLinus Torvalds if ((ax25 = ax25_create_cb()) == NULL) { 3801da177e4SLinus Torvalds ax25_return_dm(dev, &src, &dest, &dp); 3811da177e4SLinus Torvalds kfree_skb(skb); 3821da177e4SLinus Torvalds return 0; 3831da177e4SLinus Torvalds } 3841da177e4SLinus Torvalds 3851da177e4SLinus Torvalds ax25_fillin_cb(ax25, ax25_dev); 3861da177e4SLinus Torvalds } 3871da177e4SLinus Torvalds 3881da177e4SLinus Torvalds ax25->source_addr = dest; 3891da177e4SLinus Torvalds ax25->dest_addr = src; 3901da177e4SLinus Torvalds 3911da177e4SLinus Torvalds /* 3921da177e4SLinus Torvalds * Sort out any digipeated paths. 3931da177e4SLinus Torvalds */ 3941da177e4SLinus Torvalds if (dp.ndigi && !ax25->digipeat && 3951da177e4SLinus Torvalds (ax25->digipeat = kmalloc(sizeof(ax25_digi), GFP_ATOMIC)) == NULL) { 3961da177e4SLinus Torvalds kfree_skb(skb); 3971da177e4SLinus Torvalds ax25_destroy_socket(ax25); 3981da177e4SLinus Torvalds if (sk) 3991da177e4SLinus Torvalds sock_put(sk); 4001da177e4SLinus Torvalds return 0; 4011da177e4SLinus Torvalds } 4021da177e4SLinus Torvalds 4031da177e4SLinus Torvalds if (dp.ndigi == 0) { 4041da177e4SLinus Torvalds if (ax25->digipeat != NULL) { 4051da177e4SLinus Torvalds kfree(ax25->digipeat); 4061da177e4SLinus Torvalds ax25->digipeat = NULL; 4071da177e4SLinus Torvalds } 4081da177e4SLinus Torvalds } else { 4091da177e4SLinus Torvalds /* Reverse the source SABM's path */ 4101da177e4SLinus Torvalds memcpy(ax25->digipeat, &reverse_dp, sizeof(ax25_digi)); 4111da177e4SLinus Torvalds } 4121da177e4SLinus Torvalds 4131da177e4SLinus Torvalds if ((*skb->data & ~AX25_PF) == AX25_SABME) { 4141da177e4SLinus Torvalds ax25->modulus = AX25_EMODULUS; 4151da177e4SLinus Torvalds ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 4161da177e4SLinus Torvalds } else { 4171da177e4SLinus Torvalds ax25->modulus = AX25_MODULUS; 4181da177e4SLinus Torvalds ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 4191da177e4SLinus Torvalds } 4201da177e4SLinus Torvalds 4211da177e4SLinus Torvalds ax25_send_control(ax25, AX25_UA, AX25_POLLON, AX25_RESPONSE); 4221da177e4SLinus Torvalds 4231da177e4SLinus Torvalds #ifdef CONFIG_AX25_DAMA_SLAVE 4241da177e4SLinus Torvalds if (dama && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 4251da177e4SLinus Torvalds ax25_dama_on(ax25); 4261da177e4SLinus Torvalds #endif 4271da177e4SLinus Torvalds 4281da177e4SLinus Torvalds ax25->state = AX25_STATE_3; 4291da177e4SLinus Torvalds 4301da177e4SLinus Torvalds ax25_cb_add(ax25); 4311da177e4SLinus Torvalds 4321da177e4SLinus Torvalds ax25_start_heartbeat(ax25); 4331da177e4SLinus Torvalds ax25_start_t3timer(ax25); 4341da177e4SLinus Torvalds ax25_start_idletimer(ax25); 4351da177e4SLinus Torvalds 4361da177e4SLinus Torvalds if (sk) { 4371da177e4SLinus Torvalds if (!sock_flag(sk, SOCK_DEAD)) 4381da177e4SLinus Torvalds sk->sk_data_ready(sk, skb->len); 4391da177e4SLinus Torvalds sock_put(sk); 4401da177e4SLinus Torvalds } else 4411da177e4SLinus Torvalds kfree_skb(skb); 4421da177e4SLinus Torvalds 4431da177e4SLinus Torvalds return 0; 4441da177e4SLinus Torvalds } 4451da177e4SLinus Torvalds 4461da177e4SLinus Torvalds /* 4471da177e4SLinus Torvalds * Receive an AX.25 frame via a SLIP interface. 4481da177e4SLinus Torvalds */ 4491da177e4SLinus Torvalds int ax25_kiss_rcv(struct sk_buff *skb, struct net_device *dev, 450f2ccd8faSDavid S. Miller struct packet_type *ptype, struct net_device *orig_dev) 4511da177e4SLinus Torvalds { 4521da177e4SLinus Torvalds skb->sk = NULL; /* Initially we don't know who it's for */ 4531da177e4SLinus Torvalds skb->destructor = NULL; /* Who initializes this, dammit?! */ 4541da177e4SLinus Torvalds 4551da177e4SLinus Torvalds if ((*skb->data & 0x0F) != 0) { 4561da177e4SLinus Torvalds kfree_skb(skb); /* Not a KISS data frame */ 4571da177e4SLinus Torvalds return 0; 4581da177e4SLinus Torvalds } 4591da177e4SLinus Torvalds 4601da177e4SLinus Torvalds skb_pull(skb, AX25_KISS_HEADER_LEN); /* Remove the KISS byte */ 4611da177e4SLinus Torvalds 4621da177e4SLinus Torvalds return ax25_rcv(skb, dev, (ax25_address *)dev->dev_addr, ptype); 4631da177e4SLinus Torvalds } 464