1 /* 2 * This program is free software; you can redistribute it and/or modify 3 * it under the terms of the GNU General Public License as published by 4 * the Free Software Foundation; either version 2 of the License, or 5 * (at your option) any later version. 6 * 7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 9 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 10 */ 11 #include <linux/errno.h> 12 #include <linux/types.h> 13 #include <linux/socket.h> 14 #include <linux/in.h> 15 #include <linux/kernel.h> 16 #include <linux/module.h> 17 #include <linux/timer.h> 18 #include <linux/string.h> 19 #include <linux/sockios.h> 20 #include <linux/spinlock.h> 21 #include <linux/net.h> 22 #include <net/ax25.h> 23 #include <linux/inet.h> 24 #include <linux/netdevice.h> 25 #include <linux/skbuff.h> 26 #include <linux/netfilter.h> 27 #include <net/sock.h> 28 #include <asm/uaccess.h> 29 #include <asm/system.h> 30 #include <linux/fcntl.h> 31 #include <linux/mm.h> 32 #include <linux/interrupt.h> 33 34 static DEFINE_SPINLOCK(ax25_frag_lock); 35 36 ax25_cb *ax25_send_frame(struct sk_buff *skb, int paclen, ax25_address *src, ax25_address *dest, ax25_digi *digi, struct net_device *dev) 37 { 38 ax25_dev *ax25_dev; 39 ax25_cb *ax25; 40 41 /* 42 * Take the default packet length for the device if zero is 43 * specified. 44 */ 45 if (paclen == 0) { 46 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 47 return NULL; 48 49 paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 50 } 51 52 /* 53 * Look for an existing connection. 54 */ 55 if ((ax25 = ax25_find_cb(src, dest, digi, dev)) != NULL) { 56 ax25_output(ax25, paclen, skb); 57 return ax25; /* It already existed */ 58 } 59 60 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 61 return NULL; 62 63 if ((ax25 = ax25_create_cb()) == NULL) 64 return NULL; 65 66 ax25_fillin_cb(ax25, ax25_dev); 67 68 ax25->source_addr = *src; 69 ax25->dest_addr = *dest; 70 71 if (digi != NULL) { 72 ax25->digipeat = kmemdup(digi, sizeof(*digi), GFP_ATOMIC); 73 if (ax25->digipeat == NULL) { 74 ax25_cb_put(ax25); 75 return NULL; 76 } 77 } 78 79 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 80 case AX25_PROTO_STD_SIMPLEX: 81 case AX25_PROTO_STD_DUPLEX: 82 ax25_std_establish_data_link(ax25); 83 break; 84 85 #ifdef CONFIG_AX25_DAMA_SLAVE 86 case AX25_PROTO_DAMA_SLAVE: 87 if (ax25_dev->dama.slave) 88 ax25_ds_establish_data_link(ax25); 89 else 90 ax25_std_establish_data_link(ax25); 91 break; 92 #endif 93 } 94 95 ax25_cb_add(ax25); 96 97 ax25->state = AX25_STATE_1; 98 99 ax25_start_heartbeat(ax25); 100 101 ax25_output(ax25, paclen, skb); 102 103 return ax25; /* We had to create it */ 104 } 105 106 EXPORT_SYMBOL(ax25_send_frame); 107 108 /* 109 * All outgoing AX.25 I frames pass via this routine. Therefore this is 110 * where the fragmentation of frames takes place. If fragment is set to 111 * zero then we are not allowed to do fragmentation, even if the frame 112 * is too large. 113 */ 114 void ax25_output(ax25_cb *ax25, int paclen, struct sk_buff *skb) 115 { 116 struct sk_buff *skbn; 117 unsigned char *p; 118 int frontlen, len, fragno, ka9qfrag, first = 1; 119 120 if (paclen < 16) { 121 WARN_ON_ONCE(1); 122 kfree_skb(skb); 123 return; 124 } 125 126 if ((skb->len - 1) > paclen) { 127 if (*skb->data == AX25_P_TEXT) { 128 skb_pull(skb, 1); /* skip PID */ 129 ka9qfrag = 0; 130 } else { 131 paclen -= 2; /* Allow for fragment control info */ 132 ka9qfrag = 1; 133 } 134 135 fragno = skb->len / paclen; 136 if (skb->len % paclen == 0) fragno--; 137 138 frontlen = skb_headroom(skb); /* Address space + CTRL */ 139 140 while (skb->len > 0) { 141 spin_lock_bh(&ax25_frag_lock); 142 if ((skbn = alloc_skb(paclen + 2 + frontlen, GFP_ATOMIC)) == NULL) { 143 spin_unlock_bh(&ax25_frag_lock); 144 printk(KERN_CRIT "AX.25: ax25_output - out of memory\n"); 145 return; 146 } 147 148 if (skb->sk != NULL) 149 skb_set_owner_w(skbn, skb->sk); 150 151 spin_unlock_bh(&ax25_frag_lock); 152 153 len = (paclen > skb->len) ? skb->len : paclen; 154 155 if (ka9qfrag == 1) { 156 skb_reserve(skbn, frontlen + 2); 157 skb_set_network_header(skbn, 158 skb_network_offset(skb)); 159 skb_copy_from_linear_data(skb, skb_put(skbn, len), len); 160 p = skb_push(skbn, 2); 161 162 *p++ = AX25_P_SEGMENT; 163 164 *p = fragno--; 165 if (first) { 166 *p |= AX25_SEG_FIRST; 167 first = 0; 168 } 169 } else { 170 skb_reserve(skbn, frontlen + 1); 171 skb_set_network_header(skbn, 172 skb_network_offset(skb)); 173 skb_copy_from_linear_data(skb, skb_put(skbn, len), len); 174 p = skb_push(skbn, 1); 175 *p = AX25_P_TEXT; 176 } 177 178 skb_pull(skb, len); 179 skb_queue_tail(&ax25->write_queue, skbn); /* Throw it on the queue */ 180 } 181 182 kfree_skb(skb); 183 } else { 184 skb_queue_tail(&ax25->write_queue, skb); /* Throw it on the queue */ 185 } 186 187 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 188 case AX25_PROTO_STD_SIMPLEX: 189 case AX25_PROTO_STD_DUPLEX: 190 ax25_kick(ax25); 191 break; 192 193 #ifdef CONFIG_AX25_DAMA_SLAVE 194 /* 195 * A DAMA slave is _required_ to work as normal AX.25L2V2 196 * if no DAMA master is available. 197 */ 198 case AX25_PROTO_DAMA_SLAVE: 199 if (!ax25->ax25_dev->dama.slave) ax25_kick(ax25); 200 break; 201 #endif 202 } 203 } 204 205 /* 206 * This procedure is passed a buffer descriptor for an iframe. It builds 207 * the rest of the control part of the frame and then writes it out. 208 */ 209 static void ax25_send_iframe(ax25_cb *ax25, struct sk_buff *skb, int poll_bit) 210 { 211 unsigned char *frame; 212 213 if (skb == NULL) 214 return; 215 216 skb_reset_network_header(skb); 217 218 if (ax25->modulus == AX25_MODULUS) { 219 frame = skb_push(skb, 1); 220 221 *frame = AX25_I; 222 *frame |= (poll_bit) ? AX25_PF : 0; 223 *frame |= (ax25->vr << 5); 224 *frame |= (ax25->vs << 1); 225 } else { 226 frame = skb_push(skb, 2); 227 228 frame[0] = AX25_I; 229 frame[0] |= (ax25->vs << 1); 230 frame[1] = (poll_bit) ? AX25_EPF : 0; 231 frame[1] |= (ax25->vr << 1); 232 } 233 234 ax25_start_idletimer(ax25); 235 236 ax25_transmit_buffer(ax25, skb, AX25_COMMAND); 237 } 238 239 void ax25_kick(ax25_cb *ax25) 240 { 241 struct sk_buff *skb, *skbn; 242 int last = 1; 243 unsigned short start, end, next; 244 245 if (ax25->state != AX25_STATE_3 && ax25->state != AX25_STATE_4) 246 return; 247 248 if (ax25->condition & AX25_COND_PEER_RX_BUSY) 249 return; 250 251 if (skb_peek(&ax25->write_queue) == NULL) 252 return; 253 254 start = (skb_peek(&ax25->ack_queue) == NULL) ? ax25->va : ax25->vs; 255 end = (ax25->va + ax25->window) % ax25->modulus; 256 257 if (start == end) 258 return; 259 260 /* 261 * Transmit data until either we're out of data to send or 262 * the window is full. Send a poll on the final I frame if 263 * the window is filled. 264 */ 265 266 /* 267 * Dequeue the frame and copy it. 268 * Check for race with ax25_clear_queues(). 269 */ 270 skb = skb_dequeue(&ax25->write_queue); 271 if (!skb) 272 return; 273 274 ax25->vs = start; 275 276 do { 277 if ((skbn = skb_clone(skb, GFP_ATOMIC)) == NULL) { 278 skb_queue_head(&ax25->write_queue, skb); 279 break; 280 } 281 282 if (skb->sk != NULL) 283 skb_set_owner_w(skbn, skb->sk); 284 285 next = (ax25->vs + 1) % ax25->modulus; 286 last = (next == end); 287 288 /* 289 * Transmit the frame copy. 290 * bke 960114: do not set the Poll bit on the last frame 291 * in DAMA mode. 292 */ 293 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 294 case AX25_PROTO_STD_SIMPLEX: 295 case AX25_PROTO_STD_DUPLEX: 296 ax25_send_iframe(ax25, skbn, (last) ? AX25_POLLON : AX25_POLLOFF); 297 break; 298 299 #ifdef CONFIG_AX25_DAMA_SLAVE 300 case AX25_PROTO_DAMA_SLAVE: 301 ax25_send_iframe(ax25, skbn, AX25_POLLOFF); 302 break; 303 #endif 304 } 305 306 ax25->vs = next; 307 308 /* 309 * Requeue the original data frame. 310 */ 311 skb_queue_tail(&ax25->ack_queue, skb); 312 313 } while (!last && (skb = skb_dequeue(&ax25->write_queue)) != NULL); 314 315 ax25->condition &= ~AX25_COND_ACK_PENDING; 316 317 if (!ax25_t1timer_running(ax25)) { 318 ax25_stop_t3timer(ax25); 319 ax25_calculate_t1(ax25); 320 ax25_start_t1timer(ax25); 321 } 322 } 323 324 void ax25_transmit_buffer(ax25_cb *ax25, struct sk_buff *skb, int type) 325 { 326 struct sk_buff *skbn; 327 unsigned char *ptr; 328 int headroom; 329 330 if (ax25->ax25_dev == NULL) { 331 ax25_disconnect(ax25, ENETUNREACH); 332 return; 333 } 334 335 headroom = ax25_addr_size(ax25->digipeat); 336 337 if (skb_headroom(skb) < headroom) { 338 if ((skbn = skb_realloc_headroom(skb, headroom)) == NULL) { 339 printk(KERN_CRIT "AX.25: ax25_transmit_buffer - out of memory\n"); 340 kfree_skb(skb); 341 return; 342 } 343 344 if (skb->sk != NULL) 345 skb_set_owner_w(skbn, skb->sk); 346 347 kfree_skb(skb); 348 skb = skbn; 349 } 350 351 ptr = skb_push(skb, headroom); 352 353 ax25_addr_build(ptr, &ax25->source_addr, &ax25->dest_addr, ax25->digipeat, type, ax25->modulus); 354 355 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 356 } 357 358 /* 359 * A small shim to dev_queue_xmit to add the KISS control byte, and do 360 * any packet forwarding in operation. 361 */ 362 void ax25_queue_xmit(struct sk_buff *skb, struct net_device *dev) 363 { 364 unsigned char *ptr; 365 366 skb->protocol = ax25_type_trans(skb, ax25_fwd_dev(dev)); 367 368 ptr = skb_push(skb, 1); 369 *ptr = 0x00; /* KISS */ 370 371 dev_queue_xmit(skb); 372 } 373 374 int ax25_check_iframes_acked(ax25_cb *ax25, unsigned short nr) 375 { 376 if (ax25->vs == nr) { 377 ax25_frames_acked(ax25, nr); 378 ax25_calculate_rtt(ax25); 379 ax25_stop_t1timer(ax25); 380 ax25_start_t3timer(ax25); 381 return 1; 382 } else { 383 if (ax25->va != nr) { 384 ax25_frames_acked(ax25, nr); 385 ax25_calculate_t1(ax25); 386 ax25_start_t1timer(ax25); 387 return 1; 388 } 389 } 390 return 0; 391 } 392 393