1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 *
4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
12 */
13 #include <linux/capability.h>
14 #include <linux/module.h>
15 #include <linux/errno.h>
16 #include <linux/types.h>
17 #include <linux/socket.h>
18 #include <linux/in.h>
19 #include <linux/kernel.h>
20 #include <linux/sched/signal.h>
21 #include <linux/timer.h>
22 #include <linux/string.h>
23 #include <linux/sockios.h>
24 #include <linux/net.h>
25 #include <linux/slab.h>
26 #include <net/ax25.h>
27 #include <linux/inet.h>
28 #include <linux/netdevice.h>
29 #include <linux/if_arp.h>
30 #include <linux/skbuff.h>
31 #include <net/sock.h>
32 #include <linux/uaccess.h>
33 #include <linux/fcntl.h>
34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */
35 #include <linux/mm.h>
36 #include <linux/interrupt.h>
37 #include <linux/notifier.h>
38 #include <linux/proc_fs.h>
39 #include <linux/stat.h>
40 #include <linux/sysctl.h>
41 #include <linux/init.h>
42 #include <linux/spinlock.h>
43 #include <net/net_namespace.h>
44 #include <net/tcp_states.h>
45 #include <net/ip.h>
46 #include <net/arp.h>
47
48
49
50 HLIST_HEAD(ax25_list);
51 DEFINE_SPINLOCK(ax25_list_lock);
52
53 static const struct proto_ops ax25_proto_ops;
54
ax25_free_sock(struct sock * sk)55 static void ax25_free_sock(struct sock *sk)
56 {
57 ax25_cb_put(sk_to_ax25(sk));
58 }
59
60 /*
61 * Socket removal during an interrupt is now safe.
62 */
ax25_cb_del(ax25_cb * ax25)63 static void ax25_cb_del(ax25_cb *ax25)
64 {
65 if (!hlist_unhashed(&ax25->ax25_node)) {
66 spin_lock_bh(&ax25_list_lock);
67 hlist_del_init(&ax25->ax25_node);
68 spin_unlock_bh(&ax25_list_lock);
69 ax25_cb_put(ax25);
70 }
71 }
72
73 /*
74 * Kill all bound sockets on a dropped device.
75 */
ax25_kill_by_device(struct net_device * dev)76 static void ax25_kill_by_device(struct net_device *dev)
77 {
78 ax25_dev *ax25_dev;
79 ax25_cb *s;
80
81 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
82 return;
83
84 spin_lock_bh(&ax25_list_lock);
85 again:
86 ax25_for_each(s, &ax25_list) {
87 if (s->ax25_dev == ax25_dev) {
88 s->ax25_dev = NULL;
89 spin_unlock_bh(&ax25_list_lock);
90 ax25_disconnect(s, ENETUNREACH);
91 spin_lock_bh(&ax25_list_lock);
92
93 /* The entry could have been deleted from the
94 * list meanwhile and thus the next pointer is
95 * no longer valid. Play it safe and restart
96 * the scan. Forward progress is ensured
97 * because we set s->ax25_dev to NULL and we
98 * are never passed a NULL 'dev' argument.
99 */
100 goto again;
101 }
102 }
103 spin_unlock_bh(&ax25_list_lock);
104 }
105
106 /*
107 * Handle device status changes.
108 */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)109 static int ax25_device_event(struct notifier_block *this, unsigned long event,
110 void *ptr)
111 {
112 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
113
114 if (!net_eq(dev_net(dev), &init_net))
115 return NOTIFY_DONE;
116
117 /* Reject non AX.25 devices */
118 if (dev->type != ARPHRD_AX25)
119 return NOTIFY_DONE;
120
121 switch (event) {
122 case NETDEV_UP:
123 ax25_dev_device_up(dev);
124 break;
125 case NETDEV_DOWN:
126 ax25_kill_by_device(dev);
127 ax25_rt_device_down(dev);
128 ax25_dev_device_down(dev);
129 break;
130 default:
131 break;
132 }
133
134 return NOTIFY_DONE;
135 }
136
137 /*
138 * Add a socket to the bound sockets list.
139 */
ax25_cb_add(ax25_cb * ax25)140 void ax25_cb_add(ax25_cb *ax25)
141 {
142 spin_lock_bh(&ax25_list_lock);
143 ax25_cb_hold(ax25);
144 hlist_add_head(&ax25->ax25_node, &ax25_list);
145 spin_unlock_bh(&ax25_list_lock);
146 }
147
148 /*
149 * Find a socket that wants to accept the SABM we have just
150 * received.
151 */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)152 struct sock *ax25_find_listener(ax25_address *addr, int digi,
153 struct net_device *dev, int type)
154 {
155 ax25_cb *s;
156
157 spin_lock(&ax25_list_lock);
158 ax25_for_each(s, &ax25_list) {
159 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
160 continue;
161 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
162 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
163 /* If device is null we match any device */
164 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
165 sock_hold(s->sk);
166 spin_unlock(&ax25_list_lock);
167 return s->sk;
168 }
169 }
170 }
171 spin_unlock(&ax25_list_lock);
172
173 return NULL;
174 }
175
176 /*
177 * Find an AX.25 socket given both ends.
178 */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)179 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
180 int type)
181 {
182 struct sock *sk = NULL;
183 ax25_cb *s;
184
185 spin_lock(&ax25_list_lock);
186 ax25_for_each(s, &ax25_list) {
187 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
188 !ax25cmp(&s->dest_addr, dest_addr) &&
189 s->sk->sk_type == type) {
190 sk = s->sk;
191 sock_hold(sk);
192 break;
193 }
194 }
195
196 spin_unlock(&ax25_list_lock);
197
198 return sk;
199 }
200
201 /*
202 * Find an AX.25 control block given both ends. It will only pick up
203 * floating AX.25 control blocks or non Raw socket bound control blocks.
204 */
ax25_find_cb(ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)205 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
206 ax25_digi *digi, struct net_device *dev)
207 {
208 ax25_cb *s;
209
210 spin_lock_bh(&ax25_list_lock);
211 ax25_for_each(s, &ax25_list) {
212 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
213 continue;
214 if (s->ax25_dev == NULL)
215 continue;
216 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
217 if (digi != NULL && digi->ndigi != 0) {
218 if (s->digipeat == NULL)
219 continue;
220 if (ax25digicmp(s->digipeat, digi) != 0)
221 continue;
222 } else {
223 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
224 continue;
225 }
226 ax25_cb_hold(s);
227 spin_unlock_bh(&ax25_list_lock);
228
229 return s;
230 }
231 }
232 spin_unlock_bh(&ax25_list_lock);
233
234 return NULL;
235 }
236
237 EXPORT_SYMBOL(ax25_find_cb);
238
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)239 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
240 {
241 ax25_cb *s;
242 struct sk_buff *copy;
243
244 spin_lock(&ax25_list_lock);
245 ax25_for_each(s, &ax25_list) {
246 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
247 s->sk->sk_type == SOCK_RAW &&
248 s->sk->sk_protocol == proto &&
249 s->ax25_dev->dev == skb->dev &&
250 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
251 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
252 continue;
253 if (sock_queue_rcv_skb(s->sk, copy) != 0)
254 kfree_skb(copy);
255 }
256 }
257 spin_unlock(&ax25_list_lock);
258 }
259
260 /*
261 * Deferred destroy.
262 */
263 void ax25_destroy_socket(ax25_cb *);
264
265 /*
266 * Handler for deferred kills.
267 */
ax25_destroy_timer(struct timer_list * t)268 static void ax25_destroy_timer(struct timer_list *t)
269 {
270 ax25_cb *ax25 = from_timer(ax25, t, dtimer);
271 struct sock *sk;
272
273 sk=ax25->sk;
274
275 bh_lock_sock(sk);
276 sock_hold(sk);
277 ax25_destroy_socket(ax25);
278 bh_unlock_sock(sk);
279 sock_put(sk);
280 }
281
282 /*
283 * This is called from user mode and the timers. Thus it protects itself
284 * against interrupt users but doesn't worry about being called during
285 * work. Once it is removed from the queue no interrupt or bottom half
286 * will touch it and we are (fairly 8-) ) safe.
287 */
ax25_destroy_socket(ax25_cb * ax25)288 void ax25_destroy_socket(ax25_cb *ax25)
289 {
290 struct sk_buff *skb;
291
292 ax25_cb_del(ax25);
293
294 ax25_stop_heartbeat(ax25);
295 ax25_stop_t1timer(ax25);
296 ax25_stop_t2timer(ax25);
297 ax25_stop_t3timer(ax25);
298 ax25_stop_idletimer(ax25);
299
300 ax25_clear_queues(ax25); /* Flush the queues */
301
302 if (ax25->sk != NULL) {
303 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
304 if (skb->sk != ax25->sk) {
305 /* A pending connection */
306 ax25_cb *sax25 = sk_to_ax25(skb->sk);
307
308 /* Queue the unaccepted socket for death */
309 sock_orphan(skb->sk);
310
311 /* 9A4GL: hack to release unaccepted sockets */
312 skb->sk->sk_state = TCP_LISTEN;
313
314 ax25_start_heartbeat(sax25);
315 sax25->state = AX25_STATE_0;
316 }
317
318 kfree_skb(skb);
319 }
320 skb_queue_purge(&ax25->sk->sk_write_queue);
321 }
322
323 if (ax25->sk != NULL) {
324 if (sk_has_allocations(ax25->sk)) {
325 /* Defer: outstanding buffers */
326 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0);
327 ax25->dtimer.expires = jiffies + 2 * HZ;
328 add_timer(&ax25->dtimer);
329 } else {
330 struct sock *sk=ax25->sk;
331 ax25->sk=NULL;
332 sock_put(sk);
333 }
334 } else {
335 ax25_cb_put(ax25);
336 }
337 }
338
339 /*
340 * dl1bke 960311: set parameters for existing AX.25 connections,
341 * includes a KILL command to abort any connection.
342 * VERY useful for debugging ;-)
343 */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)344 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
345 {
346 struct ax25_ctl_struct ax25_ctl;
347 ax25_digi digi;
348 ax25_dev *ax25_dev;
349 ax25_cb *ax25;
350 unsigned int k;
351 int ret = 0;
352
353 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
354 return -EFAULT;
355
356 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
357 return -ENODEV;
358
359 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
360 return -EINVAL;
361
362 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
363 return -EINVAL;
364
365 digi.ndigi = ax25_ctl.digi_count;
366 for (k = 0; k < digi.ndigi; k++)
367 digi.calls[k] = ax25_ctl.digi_addr[k];
368
369 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
370 return -ENOTCONN;
371
372 switch (ax25_ctl.cmd) {
373 case AX25_KILL:
374 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
375 #ifdef CONFIG_AX25_DAMA_SLAVE
376 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
377 ax25_dama_off(ax25);
378 #endif
379 ax25_disconnect(ax25, ENETRESET);
380 break;
381
382 case AX25_WINDOW:
383 if (ax25->modulus == AX25_MODULUS) {
384 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
385 goto einval_put;
386 } else {
387 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
388 goto einval_put;
389 }
390 ax25->window = ax25_ctl.arg;
391 break;
392
393 case AX25_T1:
394 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
395 goto einval_put;
396 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
397 ax25->t1 = ax25_ctl.arg * HZ;
398 break;
399
400 case AX25_T2:
401 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
402 goto einval_put;
403 ax25->t2 = ax25_ctl.arg * HZ;
404 break;
405
406 case AX25_N2:
407 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
408 goto einval_put;
409 ax25->n2count = 0;
410 ax25->n2 = ax25_ctl.arg;
411 break;
412
413 case AX25_T3:
414 if (ax25_ctl.arg > ULONG_MAX / HZ)
415 goto einval_put;
416 ax25->t3 = ax25_ctl.arg * HZ;
417 break;
418
419 case AX25_IDLE:
420 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
421 goto einval_put;
422
423 ax25->idle = ax25_ctl.arg * 60 * HZ;
424 break;
425
426 case AX25_PACLEN:
427 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
428 goto einval_put;
429 ax25->paclen = ax25_ctl.arg;
430 break;
431
432 default:
433 goto einval_put;
434 }
435
436 out_put:
437 ax25_cb_put(ax25);
438 return ret;
439
440 einval_put:
441 ret = -EINVAL;
442 goto out_put;
443 }
444
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)445 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
446 {
447 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
448 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
449 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
450 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
451 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
452 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
453 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
454 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
455
456 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
457 ax25->modulus = AX25_EMODULUS;
458 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
459 } else {
460 ax25->modulus = AX25_MODULUS;
461 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
462 }
463 }
464
465 /*
466 * Fill in a created AX.25 created control block with the default
467 * values for a particular device.
468 */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)469 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
470 {
471 ax25->ax25_dev = ax25_dev;
472
473 if (ax25->ax25_dev != NULL) {
474 ax25_fillin_cb_from_dev(ax25, ax25_dev);
475 return;
476 }
477
478 /*
479 * No device, use kernel / AX.25 spec default values
480 */
481 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
482 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
483 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
484 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
485 ax25->n2 = AX25_DEF_N2;
486 ax25->paclen = AX25_DEF_PACLEN;
487 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
488 ax25->backoff = AX25_DEF_BACKOFF;
489
490 if (AX25_DEF_AXDEFMODE) {
491 ax25->modulus = AX25_EMODULUS;
492 ax25->window = AX25_DEF_EWINDOW;
493 } else {
494 ax25->modulus = AX25_MODULUS;
495 ax25->window = AX25_DEF_WINDOW;
496 }
497 }
498
499 /*
500 * Create an empty AX.25 control block.
501 */
ax25_create_cb(void)502 ax25_cb *ax25_create_cb(void)
503 {
504 ax25_cb *ax25;
505
506 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
507 return NULL;
508
509 refcount_set(&ax25->refcount, 1);
510
511 skb_queue_head_init(&ax25->write_queue);
512 skb_queue_head_init(&ax25->frag_queue);
513 skb_queue_head_init(&ax25->ack_queue);
514 skb_queue_head_init(&ax25->reseq_queue);
515
516 ax25_setup_timers(ax25);
517
518 ax25_fillin_cb(ax25, NULL);
519
520 ax25->state = AX25_STATE_0;
521
522 return ax25;
523 }
524
525 /*
526 * Handling for system calls applied via the various interfaces to an
527 * AX25 socket object
528 */
529
ax25_setsockopt(struct socket * sock,int level,int optname,sockptr_t optval,unsigned int optlen)530 static int ax25_setsockopt(struct socket *sock, int level, int optname,
531 sockptr_t optval, unsigned int optlen)
532 {
533 struct sock *sk = sock->sk;
534 ax25_cb *ax25;
535 struct net_device *dev;
536 char devname[IFNAMSIZ];
537 unsigned long opt;
538 int res = 0;
539
540 if (level != SOL_AX25)
541 return -ENOPROTOOPT;
542
543 if (optlen < sizeof(unsigned int))
544 return -EINVAL;
545
546 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int)))
547 return -EFAULT;
548
549 lock_sock(sk);
550 ax25 = sk_to_ax25(sk);
551
552 switch (optname) {
553 case AX25_WINDOW:
554 if (ax25->modulus == AX25_MODULUS) {
555 if (opt < 1 || opt > 7) {
556 res = -EINVAL;
557 break;
558 }
559 } else {
560 if (opt < 1 || opt > 63) {
561 res = -EINVAL;
562 break;
563 }
564 }
565 ax25->window = opt;
566 break;
567
568 case AX25_T1:
569 if (opt < 1 || opt > ULONG_MAX / HZ) {
570 res = -EINVAL;
571 break;
572 }
573 ax25->rtt = (opt * HZ) >> 1;
574 ax25->t1 = opt * HZ;
575 break;
576
577 case AX25_T2:
578 if (opt < 1 || opt > ULONG_MAX / HZ) {
579 res = -EINVAL;
580 break;
581 }
582 ax25->t2 = opt * HZ;
583 break;
584
585 case AX25_N2:
586 if (opt < 1 || opt > 31) {
587 res = -EINVAL;
588 break;
589 }
590 ax25->n2 = opt;
591 break;
592
593 case AX25_T3:
594 if (opt < 1 || opt > ULONG_MAX / HZ) {
595 res = -EINVAL;
596 break;
597 }
598 ax25->t3 = opt * HZ;
599 break;
600
601 case AX25_IDLE:
602 if (opt > ULONG_MAX / (60 * HZ)) {
603 res = -EINVAL;
604 break;
605 }
606 ax25->idle = opt * 60 * HZ;
607 break;
608
609 case AX25_BACKOFF:
610 if (opt > 2) {
611 res = -EINVAL;
612 break;
613 }
614 ax25->backoff = opt;
615 break;
616
617 case AX25_EXTSEQ:
618 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
619 break;
620
621 case AX25_PIDINCL:
622 ax25->pidincl = opt ? 1 : 0;
623 break;
624
625 case AX25_IAMDIGI:
626 ax25->iamdigi = opt ? 1 : 0;
627 break;
628
629 case AX25_PACLEN:
630 if (opt < 16 || opt > 65535) {
631 res = -EINVAL;
632 break;
633 }
634 ax25->paclen = opt;
635 break;
636
637 case SO_BINDTODEVICE:
638 if (optlen > IFNAMSIZ - 1)
639 optlen = IFNAMSIZ - 1;
640
641 memset(devname, 0, sizeof(devname));
642
643 if (copy_from_sockptr(devname, optval, optlen)) {
644 res = -EFAULT;
645 break;
646 }
647
648 if (sk->sk_type == SOCK_SEQPACKET &&
649 (sock->state != SS_UNCONNECTED ||
650 sk->sk_state == TCP_LISTEN)) {
651 res = -EADDRNOTAVAIL;
652 break;
653 }
654
655 rtnl_lock();
656 dev = __dev_get_by_name(&init_net, devname);
657 if (!dev) {
658 rtnl_unlock();
659 res = -ENODEV;
660 break;
661 }
662
663 ax25->ax25_dev = ax25_dev_ax25dev(dev);
664 if (!ax25->ax25_dev) {
665 rtnl_unlock();
666 res = -ENODEV;
667 break;
668 }
669 ax25_fillin_cb(ax25, ax25->ax25_dev);
670 rtnl_unlock();
671 break;
672
673 default:
674 res = -ENOPROTOOPT;
675 }
676 release_sock(sk);
677
678 return res;
679 }
680
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)681 static int ax25_getsockopt(struct socket *sock, int level, int optname,
682 char __user *optval, int __user *optlen)
683 {
684 struct sock *sk = sock->sk;
685 ax25_cb *ax25;
686 struct ax25_dev *ax25_dev;
687 char devname[IFNAMSIZ];
688 void *valptr;
689 int val = 0;
690 int maxlen, length;
691
692 if (level != SOL_AX25)
693 return -ENOPROTOOPT;
694
695 if (get_user(maxlen, optlen))
696 return -EFAULT;
697
698 if (maxlen < 1)
699 return -EFAULT;
700
701 valptr = (void *) &val;
702 length = min_t(unsigned int, maxlen, sizeof(int));
703
704 lock_sock(sk);
705 ax25 = sk_to_ax25(sk);
706
707 switch (optname) {
708 case AX25_WINDOW:
709 val = ax25->window;
710 break;
711
712 case AX25_T1:
713 val = ax25->t1 / HZ;
714 break;
715
716 case AX25_T2:
717 val = ax25->t2 / HZ;
718 break;
719
720 case AX25_N2:
721 val = ax25->n2;
722 break;
723
724 case AX25_T3:
725 val = ax25->t3 / HZ;
726 break;
727
728 case AX25_IDLE:
729 val = ax25->idle / (60 * HZ);
730 break;
731
732 case AX25_BACKOFF:
733 val = ax25->backoff;
734 break;
735
736 case AX25_EXTSEQ:
737 val = (ax25->modulus == AX25_EMODULUS);
738 break;
739
740 case AX25_PIDINCL:
741 val = ax25->pidincl;
742 break;
743
744 case AX25_IAMDIGI:
745 val = ax25->iamdigi;
746 break;
747
748 case AX25_PACLEN:
749 val = ax25->paclen;
750 break;
751
752 case SO_BINDTODEVICE:
753 ax25_dev = ax25->ax25_dev;
754
755 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
756 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
757 length = strlen(devname) + 1;
758 } else {
759 *devname = '\0';
760 length = 1;
761 }
762
763 valptr = (void *) devname;
764 break;
765
766 default:
767 release_sock(sk);
768 return -ENOPROTOOPT;
769 }
770 release_sock(sk);
771
772 if (put_user(length, optlen))
773 return -EFAULT;
774
775 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
776 }
777
ax25_listen(struct socket * sock,int backlog)778 static int ax25_listen(struct socket *sock, int backlog)
779 {
780 struct sock *sk = sock->sk;
781 int res = 0;
782
783 lock_sock(sk);
784 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
785 sk->sk_max_ack_backlog = backlog;
786 sk->sk_state = TCP_LISTEN;
787 goto out;
788 }
789 res = -EOPNOTSUPP;
790
791 out:
792 release_sock(sk);
793
794 return res;
795 }
796
797 /*
798 * XXX: when creating ax25_sock we should update the .obj_size setting
799 * below.
800 */
801 static struct proto ax25_proto = {
802 .name = "AX25",
803 .owner = THIS_MODULE,
804 .obj_size = sizeof(struct ax25_sock),
805 };
806
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)807 static int ax25_create(struct net *net, struct socket *sock, int protocol,
808 int kern)
809 {
810 struct sock *sk;
811 ax25_cb *ax25;
812
813 if (protocol < 0 || protocol > U8_MAX)
814 return -EINVAL;
815
816 if (!net_eq(net, &init_net))
817 return -EAFNOSUPPORT;
818
819 switch (sock->type) {
820 case SOCK_DGRAM:
821 if (protocol == 0 || protocol == PF_AX25)
822 protocol = AX25_P_TEXT;
823 break;
824
825 case SOCK_SEQPACKET:
826 switch (protocol) {
827 case 0:
828 case PF_AX25: /* For CLX */
829 protocol = AX25_P_TEXT;
830 break;
831 case AX25_P_SEGMENT:
832 #ifdef CONFIG_INET
833 case AX25_P_ARP:
834 case AX25_P_IP:
835 #endif
836 #ifdef CONFIG_NETROM
837 case AX25_P_NETROM:
838 #endif
839 #ifdef CONFIG_ROSE
840 case AX25_P_ROSE:
841 #endif
842 return -ESOCKTNOSUPPORT;
843 #ifdef CONFIG_NETROM_MODULE
844 case AX25_P_NETROM:
845 if (ax25_protocol_is_registered(AX25_P_NETROM))
846 return -ESOCKTNOSUPPORT;
847 break;
848 #endif
849 #ifdef CONFIG_ROSE_MODULE
850 case AX25_P_ROSE:
851 if (ax25_protocol_is_registered(AX25_P_ROSE))
852 return -ESOCKTNOSUPPORT;
853 #endif
854 default:
855 break;
856 }
857 break;
858
859 case SOCK_RAW:
860 if (!capable(CAP_NET_RAW))
861 return -EPERM;
862 break;
863 default:
864 return -ESOCKTNOSUPPORT;
865 }
866
867 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern);
868 if (sk == NULL)
869 return -ENOMEM;
870
871 ax25 = ax25_sk(sk)->cb = ax25_create_cb();
872 if (!ax25) {
873 sk_free(sk);
874 return -ENOMEM;
875 }
876
877 sock_init_data(sock, sk);
878
879 sk->sk_destruct = ax25_free_sock;
880 sock->ops = &ax25_proto_ops;
881 sk->sk_protocol = protocol;
882
883 ax25->sk = sk;
884
885 return 0;
886 }
887
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)888 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
889 {
890 struct sock *sk;
891 ax25_cb *ax25, *oax25;
892
893 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0);
894 if (sk == NULL)
895 return NULL;
896
897 if ((ax25 = ax25_create_cb()) == NULL) {
898 sk_free(sk);
899 return NULL;
900 }
901
902 switch (osk->sk_type) {
903 case SOCK_DGRAM:
904 break;
905 case SOCK_SEQPACKET:
906 break;
907 default:
908 sk_free(sk);
909 ax25_cb_put(ax25);
910 return NULL;
911 }
912
913 sock_init_data(NULL, sk);
914
915 sk->sk_type = osk->sk_type;
916 sk->sk_priority = osk->sk_priority;
917 sk->sk_protocol = osk->sk_protocol;
918 sk->sk_rcvbuf = osk->sk_rcvbuf;
919 sk->sk_sndbuf = osk->sk_sndbuf;
920 sk->sk_state = TCP_ESTABLISHED;
921 sock_copy_flags(sk, osk);
922
923 oax25 = sk_to_ax25(osk);
924
925 ax25->modulus = oax25->modulus;
926 ax25->backoff = oax25->backoff;
927 ax25->pidincl = oax25->pidincl;
928 ax25->iamdigi = oax25->iamdigi;
929 ax25->rtt = oax25->rtt;
930 ax25->t1 = oax25->t1;
931 ax25->t2 = oax25->t2;
932 ax25->t3 = oax25->t3;
933 ax25->n2 = oax25->n2;
934 ax25->idle = oax25->idle;
935 ax25->paclen = oax25->paclen;
936 ax25->window = oax25->window;
937
938 ax25->ax25_dev = ax25_dev;
939 ax25->source_addr = oax25->source_addr;
940
941 if (oax25->digipeat != NULL) {
942 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
943 GFP_ATOMIC);
944 if (ax25->digipeat == NULL) {
945 sk_free(sk);
946 ax25_cb_put(ax25);
947 return NULL;
948 }
949 }
950
951 ax25_sk(sk)->cb = ax25;
952 sk->sk_destruct = ax25_free_sock;
953 ax25->sk = sk;
954
955 return sk;
956 }
957
ax25_release(struct socket * sock)958 static int ax25_release(struct socket *sock)
959 {
960 struct sock *sk = sock->sk;
961 ax25_cb *ax25;
962
963 if (sk == NULL)
964 return 0;
965
966 sock_hold(sk);
967 sock_orphan(sk);
968 lock_sock(sk);
969 ax25 = sk_to_ax25(sk);
970
971 if (sk->sk_type == SOCK_SEQPACKET) {
972 switch (ax25->state) {
973 case AX25_STATE_0:
974 release_sock(sk);
975 ax25_disconnect(ax25, 0);
976 lock_sock(sk);
977 ax25_destroy_socket(ax25);
978 break;
979
980 case AX25_STATE_1:
981 case AX25_STATE_2:
982 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
983 release_sock(sk);
984 ax25_disconnect(ax25, 0);
985 lock_sock(sk);
986 if (!sock_flag(ax25->sk, SOCK_DESTROY))
987 ax25_destroy_socket(ax25);
988 break;
989
990 case AX25_STATE_3:
991 case AX25_STATE_4:
992 ax25_clear_queues(ax25);
993 ax25->n2count = 0;
994
995 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
996 case AX25_PROTO_STD_SIMPLEX:
997 case AX25_PROTO_STD_DUPLEX:
998 ax25_send_control(ax25,
999 AX25_DISC,
1000 AX25_POLLON,
1001 AX25_COMMAND);
1002 ax25_stop_t2timer(ax25);
1003 ax25_stop_t3timer(ax25);
1004 ax25_stop_idletimer(ax25);
1005 break;
1006 #ifdef CONFIG_AX25_DAMA_SLAVE
1007 case AX25_PROTO_DAMA_SLAVE:
1008 ax25_stop_t3timer(ax25);
1009 ax25_stop_idletimer(ax25);
1010 break;
1011 #endif
1012 }
1013 ax25_calculate_t1(ax25);
1014 ax25_start_t1timer(ax25);
1015 ax25->state = AX25_STATE_2;
1016 sk->sk_state = TCP_CLOSE;
1017 sk->sk_shutdown |= SEND_SHUTDOWN;
1018 sk->sk_state_change(sk);
1019 sock_set_flag(sk, SOCK_DESTROY);
1020 break;
1021
1022 default:
1023 break;
1024 }
1025 } else {
1026 sk->sk_state = TCP_CLOSE;
1027 sk->sk_shutdown |= SEND_SHUTDOWN;
1028 sk->sk_state_change(sk);
1029 ax25_destroy_socket(ax25);
1030 }
1031
1032 sock->sk = NULL;
1033 release_sock(sk);
1034 sock_put(sk);
1035
1036 return 0;
1037 }
1038
1039 /*
1040 * We support a funny extension here so you can (as root) give any callsign
1041 * digipeated via a local address as source. This hack is obsolete now
1042 * that we've implemented support for SO_BINDTODEVICE. It is however small
1043 * and trivially backward compatible.
1044 */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1045 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1046 {
1047 struct sock *sk = sock->sk;
1048 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1049 ax25_dev *ax25_dev = NULL;
1050 ax25_uid_assoc *user;
1051 ax25_address call;
1052 ax25_cb *ax25;
1053 int err = 0;
1054
1055 if (addr_len != sizeof(struct sockaddr_ax25) &&
1056 addr_len != sizeof(struct full_sockaddr_ax25))
1057 /* support for old structure may go away some time
1058 * ax25_bind(): uses old (6 digipeater) socket structure.
1059 */
1060 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1061 (addr_len > sizeof(struct full_sockaddr_ax25)))
1062 return -EINVAL;
1063
1064 if (addr->fsa_ax25.sax25_family != AF_AX25)
1065 return -EINVAL;
1066
1067 user = ax25_findbyuid(current_euid());
1068 if (user) {
1069 call = user->call;
1070 ax25_uid_put(user);
1071 } else {
1072 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1073 return -EACCES;
1074
1075 call = addr->fsa_ax25.sax25_call;
1076 }
1077
1078 lock_sock(sk);
1079
1080 ax25 = sk_to_ax25(sk);
1081 if (!sock_flag(sk, SOCK_ZAPPED)) {
1082 err = -EINVAL;
1083 goto out;
1084 }
1085
1086 ax25->source_addr = call;
1087
1088 /*
1089 * User already set interface with SO_BINDTODEVICE
1090 */
1091 if (ax25->ax25_dev != NULL)
1092 goto done;
1093
1094 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1095 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1096 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1097 err = -EADDRNOTAVAIL;
1098 goto out;
1099 }
1100 } else {
1101 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1102 err = -EADDRNOTAVAIL;
1103 goto out;
1104 }
1105 }
1106
1107 if (ax25_dev != NULL)
1108 ax25_fillin_cb(ax25, ax25_dev);
1109
1110 done:
1111 ax25_cb_add(ax25);
1112 sock_reset_flag(sk, SOCK_ZAPPED);
1113
1114 out:
1115 release_sock(sk);
1116
1117 return err;
1118 }
1119
1120 /*
1121 * FIXME: nonblock behaviour looks like it may have a bug.
1122 */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1123 static int __must_check ax25_connect(struct socket *sock,
1124 struct sockaddr *uaddr, int addr_len, int flags)
1125 {
1126 struct sock *sk = sock->sk;
1127 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t;
1128 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1129 ax25_digi *digi = NULL;
1130 int ct = 0, err = 0;
1131
1132 /*
1133 * some sanity checks. code further down depends on this
1134 */
1135
1136 if (addr_len == sizeof(struct sockaddr_ax25))
1137 /* support for this will go away in early 2.5.x
1138 * ax25_connect(): uses obsolete socket structure
1139 */
1140 ;
1141 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1142 /* support for old structure may go away some time
1143 * ax25_connect(): uses old (6 digipeater) socket structure.
1144 */
1145 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1146 (addr_len > sizeof(struct full_sockaddr_ax25)))
1147 return -EINVAL;
1148
1149
1150 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1151 return -EINVAL;
1152
1153 lock_sock(sk);
1154
1155 /* deal with restarts */
1156 if (sock->state == SS_CONNECTING) {
1157 switch (sk->sk_state) {
1158 case TCP_SYN_SENT: /* still trying */
1159 err = -EINPROGRESS;
1160 goto out_release;
1161
1162 case TCP_ESTABLISHED: /* connection established */
1163 sock->state = SS_CONNECTED;
1164 goto out_release;
1165
1166 case TCP_CLOSE: /* connection refused */
1167 sock->state = SS_UNCONNECTED;
1168 err = -ECONNREFUSED;
1169 goto out_release;
1170 }
1171 }
1172
1173 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1174 err = -EISCONN; /* No reconnect on a seqpacket socket */
1175 goto out_release;
1176 }
1177
1178 sk->sk_state = TCP_CLOSE;
1179 sock->state = SS_UNCONNECTED;
1180
1181 kfree(ax25->digipeat);
1182 ax25->digipeat = NULL;
1183
1184 /*
1185 * Handle digi-peaters to be used.
1186 */
1187 if (addr_len > sizeof(struct sockaddr_ax25) &&
1188 fsa->fsa_ax25.sax25_ndigis != 0) {
1189 /* Valid number of digipeaters ? */
1190 if (fsa->fsa_ax25.sax25_ndigis < 1 ||
1191 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS ||
1192 addr_len < sizeof(struct sockaddr_ax25) +
1193 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) {
1194 err = -EINVAL;
1195 goto out_release;
1196 }
1197
1198 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1199 err = -ENOBUFS;
1200 goto out_release;
1201 }
1202
1203 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1204 digi->lastrepeat = -1;
1205
1206 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1207 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1208 AX25_HBIT) && ax25->iamdigi) {
1209 digi->repeated[ct] = 1;
1210 digi->lastrepeat = ct;
1211 } else {
1212 digi->repeated[ct] = 0;
1213 }
1214 digi->calls[ct] = fsa->fsa_digipeater[ct];
1215 ct++;
1216 }
1217 }
1218
1219 /*
1220 * Must bind first - autobinding in this may or may not work. If
1221 * the socket is already bound, check to see if the device has
1222 * been filled in, error if it hasn't.
1223 */
1224 if (sock_flag(sk, SOCK_ZAPPED)) {
1225 /* check if we can remove this feature. It is broken. */
1226 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1227 current->comm);
1228 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1229 kfree(digi);
1230 goto out_release;
1231 }
1232
1233 ax25_fillin_cb(ax25, ax25->ax25_dev);
1234 ax25_cb_add(ax25);
1235 } else {
1236 if (ax25->ax25_dev == NULL) {
1237 kfree(digi);
1238 err = -EHOSTUNREACH;
1239 goto out_release;
1240 }
1241 }
1242
1243 if (sk->sk_type == SOCK_SEQPACKET &&
1244 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1245 ax25->ax25_dev->dev))) {
1246 kfree(digi);
1247 err = -EADDRINUSE; /* Already such a connection */
1248 ax25_cb_put(ax25t);
1249 goto out_release;
1250 }
1251
1252 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1253 ax25->digipeat = digi;
1254
1255 /* First the easy one */
1256 if (sk->sk_type != SOCK_SEQPACKET) {
1257 sock->state = SS_CONNECTED;
1258 sk->sk_state = TCP_ESTABLISHED;
1259 goto out_release;
1260 }
1261
1262 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1263 sock->state = SS_CONNECTING;
1264 sk->sk_state = TCP_SYN_SENT;
1265
1266 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1267 case AX25_PROTO_STD_SIMPLEX:
1268 case AX25_PROTO_STD_DUPLEX:
1269 ax25_std_establish_data_link(ax25);
1270 break;
1271
1272 #ifdef CONFIG_AX25_DAMA_SLAVE
1273 case AX25_PROTO_DAMA_SLAVE:
1274 ax25->modulus = AX25_MODULUS;
1275 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1276 if (ax25->ax25_dev->dama.slave)
1277 ax25_ds_establish_data_link(ax25);
1278 else
1279 ax25_std_establish_data_link(ax25);
1280 break;
1281 #endif
1282 }
1283
1284 ax25->state = AX25_STATE_1;
1285
1286 ax25_start_heartbeat(ax25);
1287
1288 /* Now the loop */
1289 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1290 err = -EINPROGRESS;
1291 goto out_release;
1292 }
1293
1294 if (sk->sk_state == TCP_SYN_SENT) {
1295 DEFINE_WAIT(wait);
1296
1297 for (;;) {
1298 prepare_to_wait(sk_sleep(sk), &wait,
1299 TASK_INTERRUPTIBLE);
1300 if (sk->sk_state != TCP_SYN_SENT)
1301 break;
1302 if (!signal_pending(current)) {
1303 release_sock(sk);
1304 schedule();
1305 lock_sock(sk);
1306 continue;
1307 }
1308 err = -ERESTARTSYS;
1309 break;
1310 }
1311 finish_wait(sk_sleep(sk), &wait);
1312
1313 if (err)
1314 goto out_release;
1315 }
1316
1317 if (sk->sk_state != TCP_ESTABLISHED) {
1318 /* Not in ABM, not in WAIT_UA -> failed */
1319 sock->state = SS_UNCONNECTED;
1320 err = sock_error(sk); /* Always set at this point */
1321 goto out_release;
1322 }
1323
1324 sock->state = SS_CONNECTED;
1325
1326 err = 0;
1327 out_release:
1328 release_sock(sk);
1329
1330 return err;
1331 }
1332
ax25_accept(struct socket * sock,struct socket * newsock,int flags,bool kern)1333 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags,
1334 bool kern)
1335 {
1336 struct sk_buff *skb;
1337 struct sock *newsk;
1338 DEFINE_WAIT(wait);
1339 struct sock *sk;
1340 int err = 0;
1341
1342 if (sock->state != SS_UNCONNECTED)
1343 return -EINVAL;
1344
1345 if ((sk = sock->sk) == NULL)
1346 return -EINVAL;
1347
1348 lock_sock(sk);
1349 if (sk->sk_type != SOCK_SEQPACKET) {
1350 err = -EOPNOTSUPP;
1351 goto out;
1352 }
1353
1354 if (sk->sk_state != TCP_LISTEN) {
1355 err = -EINVAL;
1356 goto out;
1357 }
1358
1359 /*
1360 * The read queue this time is holding sockets ready to use
1361 * hooked into the SABM we saved
1362 */
1363 for (;;) {
1364 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1365 skb = skb_dequeue(&sk->sk_receive_queue);
1366 if (skb)
1367 break;
1368
1369 if (flags & O_NONBLOCK) {
1370 err = -EWOULDBLOCK;
1371 break;
1372 }
1373 if (!signal_pending(current)) {
1374 release_sock(sk);
1375 schedule();
1376 lock_sock(sk);
1377 continue;
1378 }
1379 err = -ERESTARTSYS;
1380 break;
1381 }
1382 finish_wait(sk_sleep(sk), &wait);
1383
1384 if (err)
1385 goto out;
1386
1387 newsk = skb->sk;
1388 sock_graft(newsk, newsock);
1389
1390 /* Now attach up the new socket */
1391 kfree_skb(skb);
1392 sk_acceptq_removed(sk);
1393 newsock->state = SS_CONNECTED;
1394
1395 out:
1396 release_sock(sk);
1397
1398 return err;
1399 }
1400
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int peer)1401 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1402 int peer)
1403 {
1404 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1405 struct sock *sk = sock->sk;
1406 unsigned char ndigi, i;
1407 ax25_cb *ax25;
1408 int err = 0;
1409
1410 memset(fsa, 0, sizeof(*fsa));
1411 lock_sock(sk);
1412 ax25 = sk_to_ax25(sk);
1413
1414 if (peer != 0) {
1415 if (sk->sk_state != TCP_ESTABLISHED) {
1416 err = -ENOTCONN;
1417 goto out;
1418 }
1419
1420 fsa->fsa_ax25.sax25_family = AF_AX25;
1421 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1422
1423 if (ax25->digipeat != NULL) {
1424 ndigi = ax25->digipeat->ndigi;
1425 fsa->fsa_ax25.sax25_ndigis = ndigi;
1426 for (i = 0; i < ndigi; i++)
1427 fsa->fsa_digipeater[i] =
1428 ax25->digipeat->calls[i];
1429 }
1430 } else {
1431 fsa->fsa_ax25.sax25_family = AF_AX25;
1432 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1433 fsa->fsa_ax25.sax25_ndigis = 1;
1434 if (ax25->ax25_dev != NULL) {
1435 memcpy(&fsa->fsa_digipeater[0],
1436 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1437 } else {
1438 fsa->fsa_digipeater[0] = null_ax25_address;
1439 }
1440 }
1441 err = sizeof (struct full_sockaddr_ax25);
1442
1443 out:
1444 release_sock(sk);
1445
1446 return err;
1447 }
1448
ax25_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)1449 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1450 {
1451 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1452 struct sock *sk = sock->sk;
1453 struct sockaddr_ax25 sax;
1454 struct sk_buff *skb;
1455 ax25_digi dtmp, *dp;
1456 ax25_cb *ax25;
1457 size_t size;
1458 int lv, err, addr_len = msg->msg_namelen;
1459
1460 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1461 return -EINVAL;
1462
1463 lock_sock(sk);
1464 ax25 = sk_to_ax25(sk);
1465
1466 if (sock_flag(sk, SOCK_ZAPPED)) {
1467 err = -EADDRNOTAVAIL;
1468 goto out;
1469 }
1470
1471 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1472 send_sig(SIGPIPE, current, 0);
1473 err = -EPIPE;
1474 goto out;
1475 }
1476
1477 if (ax25->ax25_dev == NULL) {
1478 err = -ENETUNREACH;
1479 goto out;
1480 }
1481
1482 if (len > ax25->ax25_dev->dev->mtu) {
1483 err = -EMSGSIZE;
1484 goto out;
1485 }
1486
1487 if (usax != NULL) {
1488 if (usax->sax25_family != AF_AX25) {
1489 err = -EINVAL;
1490 goto out;
1491 }
1492
1493 if (addr_len == sizeof(struct sockaddr_ax25))
1494 /* ax25_sendmsg(): uses obsolete socket structure */
1495 ;
1496 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1497 /* support for old structure may go away some time
1498 * ax25_sendmsg(): uses old (6 digipeater)
1499 * socket structure.
1500 */
1501 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1502 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1503 err = -EINVAL;
1504 goto out;
1505 }
1506
1507
1508 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1509 int ct = 0;
1510 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1511
1512 /* Valid number of digipeaters ? */
1513 if (usax->sax25_ndigis < 1 ||
1514 usax->sax25_ndigis > AX25_MAX_DIGIS ||
1515 addr_len < sizeof(struct sockaddr_ax25) +
1516 sizeof(ax25_address) * usax->sax25_ndigis) {
1517 err = -EINVAL;
1518 goto out;
1519 }
1520
1521 dtmp.ndigi = usax->sax25_ndigis;
1522
1523 while (ct < usax->sax25_ndigis) {
1524 dtmp.repeated[ct] = 0;
1525 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1526 ct++;
1527 }
1528
1529 dtmp.lastrepeat = 0;
1530 }
1531
1532 sax = *usax;
1533 if (sk->sk_type == SOCK_SEQPACKET &&
1534 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1535 err = -EISCONN;
1536 goto out;
1537 }
1538 if (usax->sax25_ndigis == 0)
1539 dp = NULL;
1540 else
1541 dp = &dtmp;
1542 } else {
1543 /*
1544 * FIXME: 1003.1g - if the socket is like this because
1545 * it has become closed (not started closed) and is VC
1546 * we ought to SIGPIPE, EPIPE
1547 */
1548 if (sk->sk_state != TCP_ESTABLISHED) {
1549 err = -ENOTCONN;
1550 goto out;
1551 }
1552 sax.sax25_family = AF_AX25;
1553 sax.sax25_call = ax25->dest_addr;
1554 dp = ax25->digipeat;
1555 }
1556
1557 /* Build a packet */
1558 /* Assume the worst case */
1559 size = len + ax25->ax25_dev->dev->hard_header_len;
1560
1561 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1562 if (skb == NULL)
1563 goto out;
1564
1565 skb_reserve(skb, size - len);
1566
1567 /* User data follows immediately after the AX.25 data */
1568 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1569 err = -EFAULT;
1570 kfree_skb(skb);
1571 goto out;
1572 }
1573
1574 skb_reset_network_header(skb);
1575
1576 /* Add the PID if one is not supplied by the user in the skb */
1577 if (!ax25->pidincl)
1578 *(u8 *)skb_push(skb, 1) = sk->sk_protocol;
1579
1580 if (sk->sk_type == SOCK_SEQPACKET) {
1581 /* Connected mode sockets go via the LAPB machine */
1582 if (sk->sk_state != TCP_ESTABLISHED) {
1583 kfree_skb(skb);
1584 err = -ENOTCONN;
1585 goto out;
1586 }
1587
1588 /* Shove it onto the queue and kick */
1589 ax25_output(ax25, ax25->paclen, skb);
1590
1591 err = len;
1592 goto out;
1593 }
1594
1595 skb_push(skb, 1 + ax25_addr_size(dp));
1596
1597 /* Building AX.25 Header */
1598
1599 /* Build an AX.25 header */
1600 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1601 dp, AX25_COMMAND, AX25_MODULUS);
1602
1603 skb_set_transport_header(skb, lv);
1604
1605 *skb_transport_header(skb) = AX25_UI;
1606
1607 /* Datagram frames go straight out of the door as UI */
1608 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1609
1610 err = len;
1611
1612 out:
1613 release_sock(sk);
1614
1615 return err;
1616 }
1617
ax25_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)1618 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1619 int flags)
1620 {
1621 struct sock *sk = sock->sk;
1622 struct sk_buff *skb;
1623 int copied;
1624 int err = 0;
1625
1626 lock_sock(sk);
1627 /*
1628 * This works for seqpacket too. The receiver has ordered the
1629 * queue for us! We do one quick check first though
1630 */
1631 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1632 err = -ENOTCONN;
1633 goto out;
1634 }
1635
1636 /* Now we can treat all alike */
1637 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1638 flags & MSG_DONTWAIT, &err);
1639 if (skb == NULL)
1640 goto out;
1641
1642 if (!sk_to_ax25(sk)->pidincl)
1643 skb_pull(skb, 1); /* Remove PID */
1644
1645 skb_reset_transport_header(skb);
1646 copied = skb->len;
1647
1648 if (copied > size) {
1649 copied = size;
1650 msg->msg_flags |= MSG_TRUNC;
1651 }
1652
1653 skb_copy_datagram_msg(skb, 0, msg, copied);
1654
1655 if (msg->msg_name) {
1656 ax25_digi digi;
1657 ax25_address src;
1658 const unsigned char *mac = skb_mac_header(skb);
1659 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1660
1661 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1662 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1663 &digi, NULL, NULL);
1664 sax->sax25_family = AF_AX25;
1665 /* We set this correctly, even though we may not let the
1666 application know the digi calls further down (because it
1667 did NOT ask to know them). This could get political... **/
1668 sax->sax25_ndigis = digi.ndigi;
1669 sax->sax25_call = src;
1670
1671 if (sax->sax25_ndigis != 0) {
1672 int ct;
1673 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1674
1675 for (ct = 0; ct < digi.ndigi; ct++)
1676 fsa->fsa_digipeater[ct] = digi.calls[ct];
1677 }
1678 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1679 }
1680
1681 skb_free_datagram(sk, skb);
1682 err = copied;
1683
1684 out:
1685 release_sock(sk);
1686
1687 return err;
1688 }
1689
ax25_shutdown(struct socket * sk,int how)1690 static int ax25_shutdown(struct socket *sk, int how)
1691 {
1692 /* FIXME - generate DM and RNR states */
1693 return -EOPNOTSUPP;
1694 }
1695
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1696 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1697 {
1698 struct sock *sk = sock->sk;
1699 void __user *argp = (void __user *)arg;
1700 int res = 0;
1701
1702 lock_sock(sk);
1703 switch (cmd) {
1704 case TIOCOUTQ: {
1705 long amount;
1706
1707 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1708 if (amount < 0)
1709 amount = 0;
1710 res = put_user(amount, (int __user *)argp);
1711 break;
1712 }
1713
1714 case TIOCINQ: {
1715 struct sk_buff *skb;
1716 long amount = 0L;
1717 /* These two are safe on a single CPU system as only user tasks fiddle here */
1718 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1719 amount = skb->len;
1720 res = put_user(amount, (int __user *) argp);
1721 break;
1722 }
1723
1724 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1725 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1726 case SIOCAX25GETUID: {
1727 struct sockaddr_ax25 sax25;
1728 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1729 res = -EFAULT;
1730 break;
1731 }
1732 res = ax25_uid_ioctl(cmd, &sax25);
1733 break;
1734 }
1735
1736 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1737 long amount;
1738 if (!capable(CAP_NET_ADMIN)) {
1739 res = -EPERM;
1740 break;
1741 }
1742 if (get_user(amount, (long __user *)argp)) {
1743 res = -EFAULT;
1744 break;
1745 }
1746 if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1747 res = -EINVAL;
1748 break;
1749 }
1750 ax25_uid_policy = amount;
1751 res = 0;
1752 break;
1753 }
1754
1755 case SIOCADDRT:
1756 case SIOCDELRT:
1757 case SIOCAX25OPTRT:
1758 if (!capable(CAP_NET_ADMIN)) {
1759 res = -EPERM;
1760 break;
1761 }
1762 res = ax25_rt_ioctl(cmd, argp);
1763 break;
1764
1765 case SIOCAX25CTLCON:
1766 if (!capable(CAP_NET_ADMIN)) {
1767 res = -EPERM;
1768 break;
1769 }
1770 res = ax25_ctl_ioctl(cmd, argp);
1771 break;
1772
1773 case SIOCAX25GETINFO:
1774 case SIOCAX25GETINFOOLD: {
1775 ax25_cb *ax25 = sk_to_ax25(sk);
1776 struct ax25_info_struct ax25_info;
1777
1778 ax25_info.t1 = ax25->t1 / HZ;
1779 ax25_info.t2 = ax25->t2 / HZ;
1780 ax25_info.t3 = ax25->t3 / HZ;
1781 ax25_info.idle = ax25->idle / (60 * HZ);
1782 ax25_info.n2 = ax25->n2;
1783 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1784 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1785 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1786 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1787 ax25_info.n2count = ax25->n2count;
1788 ax25_info.state = ax25->state;
1789 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1790 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1791 ax25_info.vs = ax25->vs;
1792 ax25_info.vr = ax25->vr;
1793 ax25_info.va = ax25->va;
1794 ax25_info.vs_max = ax25->vs; /* reserved */
1795 ax25_info.paclen = ax25->paclen;
1796 ax25_info.window = ax25->window;
1797
1798 /* old structure? */
1799 if (cmd == SIOCAX25GETINFOOLD) {
1800 static int warned = 0;
1801 if (!warned) {
1802 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1803 current->comm);
1804 warned=1;
1805 }
1806
1807 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1808 res = -EFAULT;
1809 break;
1810 }
1811 } else {
1812 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1813 res = -EINVAL;
1814 break;
1815 }
1816 }
1817 res = 0;
1818 break;
1819 }
1820
1821 case SIOCAX25ADDFWD:
1822 case SIOCAX25DELFWD: {
1823 struct ax25_fwd_struct ax25_fwd;
1824 if (!capable(CAP_NET_ADMIN)) {
1825 res = -EPERM;
1826 break;
1827 }
1828 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1829 res = -EFAULT;
1830 break;
1831 }
1832 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1833 break;
1834 }
1835
1836 case SIOCGIFADDR:
1837 case SIOCSIFADDR:
1838 case SIOCGIFDSTADDR:
1839 case SIOCSIFDSTADDR:
1840 case SIOCGIFBRDADDR:
1841 case SIOCSIFBRDADDR:
1842 case SIOCGIFNETMASK:
1843 case SIOCSIFNETMASK:
1844 case SIOCGIFMETRIC:
1845 case SIOCSIFMETRIC:
1846 res = -EINVAL;
1847 break;
1848
1849 default:
1850 res = -ENOIOCTLCMD;
1851 break;
1852 }
1853 release_sock(sk);
1854
1855 return res;
1856 }
1857
1858 #ifdef CONFIG_PROC_FS
1859
ax25_info_start(struct seq_file * seq,loff_t * pos)1860 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1861 __acquires(ax25_list_lock)
1862 {
1863 spin_lock_bh(&ax25_list_lock);
1864 return seq_hlist_start(&ax25_list, *pos);
1865 }
1866
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1867 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1868 {
1869 return seq_hlist_next(v, &ax25_list, pos);
1870 }
1871
ax25_info_stop(struct seq_file * seq,void * v)1872 static void ax25_info_stop(struct seq_file *seq, void *v)
1873 __releases(ax25_list_lock)
1874 {
1875 spin_unlock_bh(&ax25_list_lock);
1876 }
1877
ax25_info_show(struct seq_file * seq,void * v)1878 static int ax25_info_show(struct seq_file *seq, void *v)
1879 {
1880 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1881 char buf[11];
1882 int k;
1883
1884
1885 /*
1886 * New format:
1887 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1888 */
1889
1890 seq_printf(seq, "%p %s %s%s ",
1891 ax25,
1892 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1893 ax2asc(buf, &ax25->source_addr),
1894 ax25->iamdigi? "*":"");
1895 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1896
1897 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1898 seq_printf(seq, ",%s%s",
1899 ax2asc(buf, &ax25->digipeat->calls[k]),
1900 ax25->digipeat->repeated[k]? "*":"");
1901 }
1902
1903 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1904 ax25->state,
1905 ax25->vs, ax25->vr, ax25->va,
1906 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1907 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1908 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1909 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1910 ax25->idle / (60 * HZ),
1911 ax25->n2count, ax25->n2,
1912 ax25->rtt / HZ,
1913 ax25->window,
1914 ax25->paclen);
1915
1916 if (ax25->sk != NULL) {
1917 seq_printf(seq, " %d %d %lu\n",
1918 sk_wmem_alloc_get(ax25->sk),
1919 sk_rmem_alloc_get(ax25->sk),
1920 sock_i_ino(ax25->sk));
1921 } else {
1922 seq_puts(seq, " * * *\n");
1923 }
1924 return 0;
1925 }
1926
1927 static const struct seq_operations ax25_info_seqops = {
1928 .start = ax25_info_start,
1929 .next = ax25_info_next,
1930 .stop = ax25_info_stop,
1931 .show = ax25_info_show,
1932 };
1933 #endif
1934
1935 static const struct net_proto_family ax25_family_ops = {
1936 .family = PF_AX25,
1937 .create = ax25_create,
1938 .owner = THIS_MODULE,
1939 };
1940
1941 static const struct proto_ops ax25_proto_ops = {
1942 .family = PF_AX25,
1943 .owner = THIS_MODULE,
1944 .release = ax25_release,
1945 .bind = ax25_bind,
1946 .connect = ax25_connect,
1947 .socketpair = sock_no_socketpair,
1948 .accept = ax25_accept,
1949 .getname = ax25_getname,
1950 .poll = datagram_poll,
1951 .ioctl = ax25_ioctl,
1952 .gettstamp = sock_gettstamp,
1953 .listen = ax25_listen,
1954 .shutdown = ax25_shutdown,
1955 .setsockopt = ax25_setsockopt,
1956 .getsockopt = ax25_getsockopt,
1957 .sendmsg = ax25_sendmsg,
1958 .recvmsg = ax25_recvmsg,
1959 .mmap = sock_no_mmap,
1960 .sendpage = sock_no_sendpage,
1961 };
1962
1963 /*
1964 * Called by socket.c on kernel start up
1965 */
1966 static struct packet_type ax25_packet_type __read_mostly = {
1967 .type = cpu_to_be16(ETH_P_AX25),
1968 .func = ax25_kiss_rcv,
1969 };
1970
1971 static struct notifier_block ax25_dev_notifier = {
1972 .notifier_call = ax25_device_event,
1973 };
1974
ax25_init(void)1975 static int __init ax25_init(void)
1976 {
1977 int rc = proto_register(&ax25_proto, 0);
1978
1979 if (rc != 0)
1980 goto out;
1981
1982 sock_register(&ax25_family_ops);
1983 dev_add_pack(&ax25_packet_type);
1984 register_netdevice_notifier(&ax25_dev_notifier);
1985
1986 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops);
1987 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops);
1988 proc_create_seq("ax25_calls", 0444, init_net.proc_net,
1989 &ax25_uid_seqops);
1990 out:
1991 return rc;
1992 }
1993 module_init(ax25_init);
1994
1995
1996 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
1997 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
1998 MODULE_LICENSE("GPL");
1999 MODULE_ALIAS_NETPROTO(PF_AX25);
2000
ax25_exit(void)2001 static void __exit ax25_exit(void)
2002 {
2003 remove_proc_entry("ax25_route", init_net.proc_net);
2004 remove_proc_entry("ax25", init_net.proc_net);
2005 remove_proc_entry("ax25_calls", init_net.proc_net);
2006
2007 unregister_netdevice_notifier(&ax25_dev_notifier);
2008
2009 dev_remove_pack(&ax25_packet_type);
2010
2011 sock_unregister(PF_AX25);
2012 proto_unregister(&ax25_proto);
2013
2014 ax25_rt_free();
2015 ax25_uid_free();
2016 ax25_dev_free();
2017 }
2018 module_exit(ax25_exit);
2019
