1 /* 2 * This program is free software; you can redistribute it and/or modify 3 * it under the terms of the GNU General Public License as published by 4 * the Free Software Foundation; either version 2 of the License, or 5 * (at your option) any later version. 6 * 7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 9 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 10 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 11 */ 12 #include <linux/errno.h> 13 #include <linux/types.h> 14 #include <linux/socket.h> 15 #include <linux/in.h> 16 #include <linux/kernel.h> 17 #include <linux/timer.h> 18 #include <linux/string.h> 19 #include <linux/sockios.h> 20 #include <linux/net.h> 21 #include <linux/slab.h> 22 #include <net/ax25.h> 23 #include <linux/inet.h> 24 #include <linux/netdevice.h> 25 #include <linux/skbuff.h> 26 #include <net/sock.h> 27 #include <net/tcp_states.h> 28 #include <asm/uaccess.h> 29 #include <linux/fcntl.h> 30 #include <linux/mm.h> 31 #include <linux/interrupt.h> 32 33 /* 34 * This routine purges all the queues of frames. 35 */ 36 void ax25_clear_queues(ax25_cb *ax25) 37 { 38 skb_queue_purge(&ax25->write_queue); 39 skb_queue_purge(&ax25->ack_queue); 40 skb_queue_purge(&ax25->reseq_queue); 41 skb_queue_purge(&ax25->frag_queue); 42 } 43 44 /* 45 * This routine purges the input queue of those frames that have been 46 * acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the 47 * SDL diagram. 48 */ 49 void ax25_frames_acked(ax25_cb *ax25, unsigned short nr) 50 { 51 struct sk_buff *skb; 52 53 /* 54 * Remove all the ack-ed frames from the ack queue. 55 */ 56 if (ax25->va != nr) { 57 while (skb_peek(&ax25->ack_queue) != NULL && ax25->va != nr) { 58 skb = skb_dequeue(&ax25->ack_queue); 59 kfree_skb(skb); 60 ax25->va = (ax25->va + 1) % ax25->modulus; 61 } 62 } 63 } 64 65 void ax25_requeue_frames(ax25_cb *ax25) 66 { 67 struct sk_buff *skb; 68 69 /* 70 * Requeue all the un-ack-ed frames on the output queue to be picked 71 * up by ax25_kick called from the timer. This arrangement handles the 72 * possibility of an empty output queue. 73 */ 74 while ((skb = skb_dequeue_tail(&ax25->ack_queue)) != NULL) 75 skb_queue_head(&ax25->write_queue, skb); 76 } 77 78 /* 79 * Validate that the value of nr is between va and vs. Return true or 80 * false for testing. 81 */ 82 int ax25_validate_nr(ax25_cb *ax25, unsigned short nr) 83 { 84 unsigned short vc = ax25->va; 85 86 while (vc != ax25->vs) { 87 if (nr == vc) return 1; 88 vc = (vc + 1) % ax25->modulus; 89 } 90 91 if (nr == ax25->vs) return 1; 92 93 return 0; 94 } 95 96 /* 97 * This routine is the centralised routine for parsing the control 98 * information for the different frame formats. 99 */ 100 int ax25_decode(ax25_cb *ax25, struct sk_buff *skb, int *ns, int *nr, int *pf) 101 { 102 unsigned char *frame; 103 int frametype = AX25_ILLEGAL; 104 105 frame = skb->data; 106 *ns = *nr = *pf = 0; 107 108 if (ax25->modulus == AX25_MODULUS) { 109 if ((frame[0] & AX25_S) == 0) { 110 frametype = AX25_I; /* I frame - carries NR/NS/PF */ 111 *ns = (frame[0] >> 1) & 0x07; 112 *nr = (frame[0] >> 5) & 0x07; 113 *pf = frame[0] & AX25_PF; 114 } else if ((frame[0] & AX25_U) == 1) { /* S frame - take out PF/NR */ 115 frametype = frame[0] & 0x0F; 116 *nr = (frame[0] >> 5) & 0x07; 117 *pf = frame[0] & AX25_PF; 118 } else if ((frame[0] & AX25_U) == 3) { /* U frame - take out PF */ 119 frametype = frame[0] & ~AX25_PF; 120 *pf = frame[0] & AX25_PF; 121 } 122 skb_pull(skb, 1); 123 } else { 124 if ((frame[0] & AX25_S) == 0) { 125 frametype = AX25_I; /* I frame - carries NR/NS/PF */ 126 *ns = (frame[0] >> 1) & 0x7F; 127 *nr = (frame[1] >> 1) & 0x7F; 128 *pf = frame[1] & AX25_EPF; 129 skb_pull(skb, 2); 130 } else if ((frame[0] & AX25_U) == 1) { /* S frame - take out PF/NR */ 131 frametype = frame[0] & 0x0F; 132 *nr = (frame[1] >> 1) & 0x7F; 133 *pf = frame[1] & AX25_EPF; 134 skb_pull(skb, 2); 135 } else if ((frame[0] & AX25_U) == 3) { /* U frame - take out PF */ 136 frametype = frame[0] & ~AX25_PF; 137 *pf = frame[0] & AX25_PF; 138 skb_pull(skb, 1); 139 } 140 } 141 142 return frametype; 143 } 144 145 /* 146 * This routine is called when the HDLC layer internally generates a 147 * command or response for the remote machine ( eg. RR, UA etc. ). 148 * Only supervisory or unnumbered frames are processed. 149 */ 150 void ax25_send_control(ax25_cb *ax25, int frametype, int poll_bit, int type) 151 { 152 struct sk_buff *skb; 153 unsigned char *dptr; 154 155 if ((skb = alloc_skb(ax25->ax25_dev->dev->hard_header_len + 2, GFP_ATOMIC)) == NULL) 156 return; 157 158 skb_reserve(skb, ax25->ax25_dev->dev->hard_header_len); 159 160 skb_reset_network_header(skb); 161 162 /* Assume a response - address structure for DTE */ 163 if (ax25->modulus == AX25_MODULUS) { 164 dptr = skb_put(skb, 1); 165 *dptr = frametype; 166 *dptr |= (poll_bit) ? AX25_PF : 0; 167 if ((frametype & AX25_U) == AX25_S) /* S frames carry NR */ 168 *dptr |= (ax25->vr << 5); 169 } else { 170 if ((frametype & AX25_U) == AX25_U) { 171 dptr = skb_put(skb, 1); 172 *dptr = frametype; 173 *dptr |= (poll_bit) ? AX25_PF : 0; 174 } else { 175 dptr = skb_put(skb, 2); 176 dptr[0] = frametype; 177 dptr[1] = (ax25->vr << 1); 178 dptr[1] |= (poll_bit) ? AX25_EPF : 0; 179 } 180 } 181 182 ax25_transmit_buffer(ax25, skb, type); 183 } 184 185 /* 186 * Send a 'DM' to an unknown connection attempt, or an invalid caller. 187 * 188 * Note: src here is the sender, thus it's the target of the DM 189 */ 190 void ax25_return_dm(struct net_device *dev, ax25_address *src, ax25_address *dest, ax25_digi *digi) 191 { 192 struct sk_buff *skb; 193 char *dptr; 194 ax25_digi retdigi; 195 196 if (dev == NULL) 197 return; 198 199 if ((skb = alloc_skb(dev->hard_header_len + 1, GFP_ATOMIC)) == NULL) 200 return; /* Next SABM will get DM'd */ 201 202 skb_reserve(skb, dev->hard_header_len); 203 skb_reset_network_header(skb); 204 205 ax25_digi_invert(digi, &retdigi); 206 207 dptr = skb_put(skb, 1); 208 209 *dptr = AX25_DM | AX25_PF; 210 211 /* 212 * Do the address ourselves 213 */ 214 dptr = skb_push(skb, ax25_addr_size(digi)); 215 dptr += ax25_addr_build(dptr, dest, src, &retdigi, AX25_RESPONSE, AX25_MODULUS); 216 217 ax25_queue_xmit(skb, dev); 218 } 219 220 /* 221 * Exponential backoff for AX.25 222 */ 223 void ax25_calculate_t1(ax25_cb *ax25) 224 { 225 int n, t = 2; 226 227 switch (ax25->backoff) { 228 case 0: 229 break; 230 231 case 1: 232 t += 2 * ax25->n2count; 233 break; 234 235 case 2: 236 for (n = 0; n < ax25->n2count; n++) 237 t *= 2; 238 if (t > 8) t = 8; 239 break; 240 } 241 242 ax25->t1 = t * ax25->rtt; 243 } 244 245 /* 246 * Calculate the Round Trip Time 247 */ 248 void ax25_calculate_rtt(ax25_cb *ax25) 249 { 250 if (ax25->backoff == 0) 251 return; 252 253 if (ax25_t1timer_running(ax25) && ax25->n2count == 0) 254 ax25->rtt = (9 * ax25->rtt + ax25->t1 - ax25_display_timer(&ax25->t1timer)) / 10; 255 256 if (ax25->rtt < AX25_T1CLAMPLO) 257 ax25->rtt = AX25_T1CLAMPLO; 258 259 if (ax25->rtt > AX25_T1CLAMPHI) 260 ax25->rtt = AX25_T1CLAMPHI; 261 } 262 263 void ax25_disconnect(ax25_cb *ax25, int reason) 264 { 265 ax25_clear_queues(ax25); 266 267 ax25_stop_t1timer(ax25); 268 ax25_stop_t2timer(ax25); 269 ax25_stop_t3timer(ax25); 270 ax25_stop_idletimer(ax25); 271 272 ax25->state = AX25_STATE_0; 273 274 ax25_link_failed(ax25, reason); 275 276 if (ax25->sk != NULL) { 277 local_bh_disable(); 278 bh_lock_sock(ax25->sk); 279 ax25->sk->sk_state = TCP_CLOSE; 280 ax25->sk->sk_err = reason; 281 ax25->sk->sk_shutdown |= SEND_SHUTDOWN; 282 if (!sock_flag(ax25->sk, SOCK_DEAD)) { 283 ax25->sk->sk_state_change(ax25->sk); 284 sock_set_flag(ax25->sk, SOCK_DEAD); 285 } 286 bh_unlock_sock(ax25->sk); 287 local_bh_enable(); 288 } 289 } 290