1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * X.25 Packet Layer release 002 4 * 5 * This is ALPHA test software. This code may break your machine, 6 * randomly fail to work with new releases, misbehave and/or generally 7 * screw up. It might even work. 8 * 9 * This code REQUIRES 2.1.15 or higher 10 * 11 * History 12 * X.25 001 Jonathan Naylor Started coding. 13 * X.25 002 Jonathan Naylor Centralised disconnect handling. 14 * New timer architecture. 15 * 2000-03-11 Henner Eisen MSG_EOR handling more POSIX compliant. 16 * 2000-03-22 Daniela Squassoni Allowed disabling/enabling of 17 * facilities negotiation and increased 18 * the throughput upper limit. 19 * 2000-08-27 Arnaldo C. Melo s/suser/capable/ + micro cleanups 20 * 2000-09-04 Henner Eisen Set sock->state in x25_accept(). 21 * Fixed x25_output() related skb leakage. 22 * 2000-10-02 Henner Eisen Made x25_kick() single threaded per socket. 23 * 2000-10-27 Henner Eisen MSG_DONTWAIT for fragment allocation. 24 * 2000-11-14 Henner Eisen Closing datalink from NETDEV_GOING_DOWN 25 * 2002-10-06 Arnaldo C. Melo Get rid of cli/sti, move proc stuff to 26 * x25_proc.c, using seq_file 27 * 2005-04-02 Shaun Pereira Selective sub address matching 28 * with call user data 29 * 2005-04-15 Shaun Pereira Fast select with no restriction on 30 * response 31 */ 32 33 #define pr_fmt(fmt) "X25: " fmt 34 35 #include <linux/module.h> 36 #include <linux/capability.h> 37 #include <linux/errno.h> 38 #include <linux/kernel.h> 39 #include <linux/sched/signal.h> 40 #include <linux/timer.h> 41 #include <linux/string.h> 42 #include <linux/net.h> 43 #include <linux/netdevice.h> 44 #include <linux/if_arp.h> 45 #include <linux/skbuff.h> 46 #include <linux/slab.h> 47 #include <net/sock.h> 48 #include <net/tcp_states.h> 49 #include <linux/uaccess.h> 50 #include <linux/fcntl.h> 51 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 52 #include <linux/notifier.h> 53 #include <linux/init.h> 54 #include <linux/compat.h> 55 #include <linux/ctype.h> 56 #include <linux/uio.h> 57 58 #include <net/x25.h> 59 #include <net/compat.h> 60 61 int sysctl_x25_restart_request_timeout = X25_DEFAULT_T20; 62 int sysctl_x25_call_request_timeout = X25_DEFAULT_T21; 63 int sysctl_x25_reset_request_timeout = X25_DEFAULT_T22; 64 int sysctl_x25_clear_request_timeout = X25_DEFAULT_T23; 65 int sysctl_x25_ack_holdback_timeout = X25_DEFAULT_T2; 66 int sysctl_x25_forward = 0; 67 68 HLIST_HEAD(x25_list); 69 DEFINE_RWLOCK(x25_list_lock); 70 71 static const struct proto_ops x25_proto_ops; 72 73 static const struct x25_address null_x25_address = {" "}; 74 75 #ifdef CONFIG_COMPAT 76 struct compat_x25_subscrip_struct { 77 char device[200-sizeof(compat_ulong_t)]; 78 compat_ulong_t global_facil_mask; 79 compat_uint_t extended; 80 }; 81 #endif 82 83 84 int x25_parse_address_block(struct sk_buff *skb, 85 struct x25_address *called_addr, 86 struct x25_address *calling_addr) 87 { 88 unsigned char len; 89 int needed; 90 int rc; 91 92 if (!pskb_may_pull(skb, 1)) { 93 /* packet has no address block */ 94 rc = 0; 95 goto empty; 96 } 97 98 len = *skb->data; 99 needed = 1 + ((len >> 4) + (len & 0x0f) + 1) / 2; 100 101 if (!pskb_may_pull(skb, needed)) { 102 /* packet is too short to hold the addresses it claims 103 to hold */ 104 rc = -1; 105 goto empty; 106 } 107 108 return x25_addr_ntoa(skb->data, called_addr, calling_addr); 109 110 empty: 111 *called_addr->x25_addr = 0; 112 *calling_addr->x25_addr = 0; 113 114 return rc; 115 } 116 117 118 int x25_addr_ntoa(unsigned char *p, struct x25_address *called_addr, 119 struct x25_address *calling_addr) 120 { 121 unsigned int called_len, calling_len; 122 char *called, *calling; 123 unsigned int i; 124 125 called_len = (*p >> 0) & 0x0F; 126 calling_len = (*p >> 4) & 0x0F; 127 128 called = called_addr->x25_addr; 129 calling = calling_addr->x25_addr; 130 p++; 131 132 for (i = 0; i < (called_len + calling_len); i++) { 133 if (i < called_len) { 134 if (i % 2 != 0) { 135 *called++ = ((*p >> 0) & 0x0F) + '0'; 136 p++; 137 } else { 138 *called++ = ((*p >> 4) & 0x0F) + '0'; 139 } 140 } else { 141 if (i % 2 != 0) { 142 *calling++ = ((*p >> 0) & 0x0F) + '0'; 143 p++; 144 } else { 145 *calling++ = ((*p >> 4) & 0x0F) + '0'; 146 } 147 } 148 } 149 150 *called = *calling = '\0'; 151 152 return 1 + (called_len + calling_len + 1) / 2; 153 } 154 155 int x25_addr_aton(unsigned char *p, struct x25_address *called_addr, 156 struct x25_address *calling_addr) 157 { 158 unsigned int called_len, calling_len; 159 char *called, *calling; 160 int i; 161 162 called = called_addr->x25_addr; 163 calling = calling_addr->x25_addr; 164 165 called_len = strlen(called); 166 calling_len = strlen(calling); 167 168 *p++ = (calling_len << 4) | (called_len << 0); 169 170 for (i = 0; i < (called_len + calling_len); i++) { 171 if (i < called_len) { 172 if (i % 2 != 0) { 173 *p |= (*called++ - '0') << 0; 174 p++; 175 } else { 176 *p = 0x00; 177 *p |= (*called++ - '0') << 4; 178 } 179 } else { 180 if (i % 2 != 0) { 181 *p |= (*calling++ - '0') << 0; 182 p++; 183 } else { 184 *p = 0x00; 185 *p |= (*calling++ - '0') << 4; 186 } 187 } 188 } 189 190 return 1 + (called_len + calling_len + 1) / 2; 191 } 192 193 /* 194 * Socket removal during an interrupt is now safe. 195 */ 196 static void x25_remove_socket(struct sock *sk) 197 { 198 write_lock_bh(&x25_list_lock); 199 sk_del_node_init(sk); 200 write_unlock_bh(&x25_list_lock); 201 } 202 203 /* 204 * Handle device status changes. 205 */ 206 static int x25_device_event(struct notifier_block *this, unsigned long event, 207 void *ptr) 208 { 209 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 210 struct x25_neigh *nb; 211 212 if (!net_eq(dev_net(dev), &init_net)) 213 return NOTIFY_DONE; 214 215 if (dev->type == ARPHRD_X25) { 216 switch (event) { 217 case NETDEV_REGISTER: 218 case NETDEV_POST_TYPE_CHANGE: 219 x25_link_device_up(dev); 220 break; 221 case NETDEV_DOWN: 222 nb = x25_get_neigh(dev); 223 if (nb) { 224 x25_link_terminated(nb); 225 x25_neigh_put(nb); 226 } 227 x25_route_device_down(dev); 228 break; 229 case NETDEV_PRE_TYPE_CHANGE: 230 case NETDEV_UNREGISTER: 231 x25_link_device_down(dev); 232 break; 233 case NETDEV_CHANGE: 234 if (!netif_carrier_ok(dev)) { 235 nb = x25_get_neigh(dev); 236 if (nb) { 237 x25_link_terminated(nb); 238 x25_neigh_put(nb); 239 } 240 } 241 break; 242 } 243 } 244 245 return NOTIFY_DONE; 246 } 247 248 /* 249 * Add a socket to the bound sockets list. 250 */ 251 static void x25_insert_socket(struct sock *sk) 252 { 253 write_lock_bh(&x25_list_lock); 254 sk_add_node(sk, &x25_list); 255 write_unlock_bh(&x25_list_lock); 256 } 257 258 /* 259 * Find a socket that wants to accept the Call Request we just 260 * received. Check the full list for an address/cud match. 261 * If no cuds match return the next_best thing, an address match. 262 * Note: if a listening socket has cud set it must only get calls 263 * with matching cud. 264 */ 265 static struct sock *x25_find_listener(struct x25_address *addr, 266 struct sk_buff *skb) 267 { 268 struct sock *s; 269 struct sock *next_best; 270 271 read_lock_bh(&x25_list_lock); 272 next_best = NULL; 273 274 sk_for_each(s, &x25_list) 275 if ((!strcmp(addr->x25_addr, 276 x25_sk(s)->source_addr.x25_addr) || 277 !strcmp(x25_sk(s)->source_addr.x25_addr, 278 null_x25_address.x25_addr)) && 279 s->sk_state == TCP_LISTEN) { 280 /* 281 * Found a listening socket, now check the incoming 282 * call user data vs this sockets call user data 283 */ 284 if (x25_sk(s)->cudmatchlength > 0 && 285 skb->len >= x25_sk(s)->cudmatchlength) { 286 if((memcmp(x25_sk(s)->calluserdata.cuddata, 287 skb->data, 288 x25_sk(s)->cudmatchlength)) == 0) { 289 sock_hold(s); 290 goto found; 291 } 292 } else 293 next_best = s; 294 } 295 if (next_best) { 296 s = next_best; 297 sock_hold(s); 298 goto found; 299 } 300 s = NULL; 301 found: 302 read_unlock_bh(&x25_list_lock); 303 return s; 304 } 305 306 /* 307 * Find a connected X.25 socket given my LCI and neighbour. 308 */ 309 static struct sock *__x25_find_socket(unsigned int lci, struct x25_neigh *nb) 310 { 311 struct sock *s; 312 313 sk_for_each(s, &x25_list) 314 if (x25_sk(s)->lci == lci && x25_sk(s)->neighbour == nb) { 315 sock_hold(s); 316 goto found; 317 } 318 s = NULL; 319 found: 320 return s; 321 } 322 323 struct sock *x25_find_socket(unsigned int lci, struct x25_neigh *nb) 324 { 325 struct sock *s; 326 327 read_lock_bh(&x25_list_lock); 328 s = __x25_find_socket(lci, nb); 329 read_unlock_bh(&x25_list_lock); 330 return s; 331 } 332 333 /* 334 * Find a unique LCI for a given device. 335 */ 336 static unsigned int x25_new_lci(struct x25_neigh *nb) 337 { 338 unsigned int lci = 1; 339 struct sock *sk; 340 341 while ((sk = x25_find_socket(lci, nb)) != NULL) { 342 sock_put(sk); 343 if (++lci == 4096) { 344 lci = 0; 345 break; 346 } 347 cond_resched(); 348 } 349 350 return lci; 351 } 352 353 /* 354 * Deferred destroy. 355 */ 356 static void __x25_destroy_socket(struct sock *); 357 358 /* 359 * handler for deferred kills. 360 */ 361 static void x25_destroy_timer(struct timer_list *t) 362 { 363 struct sock *sk = timer_container_of(sk, t, sk_timer); 364 365 x25_destroy_socket_from_timer(sk); 366 } 367 368 /* 369 * This is called from user mode and the timers. Thus it protects itself 370 * against interrupting users but doesn't worry about being called during 371 * work. Once it is removed from the queue no interrupt or bottom half 372 * will touch it and we are (fairly 8-) ) safe. 373 * Not static as it's used by the timer 374 */ 375 static void __x25_destroy_socket(struct sock *sk) 376 { 377 struct sk_buff *skb; 378 379 x25_stop_heartbeat(sk); 380 x25_stop_timer(sk); 381 382 x25_remove_socket(sk); 383 x25_clear_queues(sk); /* Flush the queues */ 384 385 while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) { 386 if (skb->sk != sk) { /* A pending connection */ 387 /* 388 * Queue the unaccepted socket for death 389 */ 390 skb->sk->sk_state = TCP_LISTEN; 391 sock_set_flag(skb->sk, SOCK_DEAD); 392 x25_start_heartbeat(skb->sk); 393 x25_sk(skb->sk)->state = X25_STATE_0; 394 } 395 396 kfree_skb(skb); 397 } 398 399 if (sk_has_allocations(sk)) { 400 /* Defer: outstanding buffers */ 401 sk->sk_timer.expires = jiffies + 10 * HZ; 402 sk->sk_timer.function = x25_destroy_timer; 403 add_timer(&sk->sk_timer); 404 } else { 405 /* drop last reference so sock_put will free */ 406 __sock_put(sk); 407 } 408 } 409 410 void x25_destroy_socket_from_timer(struct sock *sk) 411 { 412 sock_hold(sk); 413 bh_lock_sock(sk); 414 __x25_destroy_socket(sk); 415 bh_unlock_sock(sk); 416 sock_put(sk); 417 } 418 419 /* 420 * Handling for system calls applied via the various interfaces to a 421 * X.25 socket object. 422 */ 423 424 static int x25_setsockopt(struct socket *sock, int level, int optname, 425 sockptr_t optval, unsigned int optlen) 426 { 427 int opt; 428 struct sock *sk = sock->sk; 429 int rc = -ENOPROTOOPT; 430 431 if (level != SOL_X25 || optname != X25_QBITINCL) 432 goto out; 433 434 rc = -EINVAL; 435 if (optlen < sizeof(int)) 436 goto out; 437 438 rc = -EFAULT; 439 if (copy_from_sockptr(&opt, optval, sizeof(int))) 440 goto out; 441 442 if (opt) 443 set_bit(X25_Q_BIT_FLAG, &x25_sk(sk)->flags); 444 else 445 clear_bit(X25_Q_BIT_FLAG, &x25_sk(sk)->flags); 446 rc = 0; 447 out: 448 return rc; 449 } 450 451 static int x25_getsockopt(struct socket *sock, int level, int optname, 452 sockopt_t *opt) 453 { 454 struct sock *sk = sock->sk; 455 int val, len, rc = -ENOPROTOOPT; 456 457 if (level != SOL_X25 || optname != X25_QBITINCL) 458 goto out; 459 460 len = opt->optlen; 461 462 rc = -EINVAL; 463 if (len < 0) 464 goto out; 465 466 len = min_t(unsigned int, len, sizeof(int)); 467 opt->optlen = len; 468 469 val = test_bit(X25_Q_BIT_FLAG, &x25_sk(sk)->flags); 470 rc = copy_to_iter(&val, len, &opt->iter_out) != len ? -EFAULT : 0; 471 out: 472 return rc; 473 } 474 475 static int x25_listen(struct socket *sock, int backlog) 476 { 477 struct sock *sk = sock->sk; 478 int rc = -EOPNOTSUPP; 479 480 lock_sock(sk); 481 if (sock->state != SS_UNCONNECTED) { 482 rc = -EINVAL; 483 release_sock(sk); 484 return rc; 485 } 486 487 if (sk->sk_state != TCP_LISTEN) { 488 memset(&x25_sk(sk)->dest_addr, 0, X25_ADDR_LEN); 489 sk->sk_max_ack_backlog = backlog; 490 sk->sk_state = TCP_LISTEN; 491 rc = 0; 492 } 493 release_sock(sk); 494 495 return rc; 496 } 497 498 static struct proto x25_proto = { 499 .name = "X25", 500 .owner = THIS_MODULE, 501 .obj_size = sizeof(struct x25_sock), 502 }; 503 504 static struct sock *x25_alloc_socket(struct net *net, int kern) 505 { 506 struct x25_sock *x25; 507 struct sock *sk = sk_alloc(net, AF_X25, GFP_ATOMIC, &x25_proto, kern); 508 509 if (!sk) 510 goto out; 511 512 sock_init_data(NULL, sk); 513 514 x25 = x25_sk(sk); 515 skb_queue_head_init(&x25->ack_queue); 516 skb_queue_head_init(&x25->fragment_queue); 517 skb_queue_head_init(&x25->interrupt_in_queue); 518 skb_queue_head_init(&x25->interrupt_out_queue); 519 out: 520 return sk; 521 } 522 523 static int x25_create(struct net *net, struct socket *sock, int protocol, 524 int kern) 525 { 526 struct sock *sk; 527 struct x25_sock *x25; 528 int rc = -EAFNOSUPPORT; 529 530 if (!net_eq(net, &init_net)) 531 goto out; 532 533 rc = -ESOCKTNOSUPPORT; 534 if (sock->type != SOCK_SEQPACKET) 535 goto out; 536 537 rc = -EINVAL; 538 if (protocol) 539 goto out; 540 541 rc = -ENOMEM; 542 if ((sk = x25_alloc_socket(net, kern)) == NULL) 543 goto out; 544 545 x25 = x25_sk(sk); 546 547 sock_init_data(sock, sk); 548 549 x25_init_timers(sk); 550 551 sock->ops = &x25_proto_ops; 552 sk->sk_protocol = protocol; 553 sk->sk_backlog_rcv = x25_backlog_rcv; 554 555 x25->t21 = sysctl_x25_call_request_timeout; 556 x25->t22 = sysctl_x25_reset_request_timeout; 557 x25->t23 = sysctl_x25_clear_request_timeout; 558 x25->t2 = sysctl_x25_ack_holdback_timeout; 559 x25->state = X25_STATE_0; 560 x25->cudmatchlength = 0; 561 set_bit(X25_ACCPT_APPRV_FLAG, &x25->flags); /* normally no cud */ 562 /* on call accept */ 563 564 x25->facilities.winsize_in = X25_DEFAULT_WINDOW_SIZE; 565 x25->facilities.winsize_out = X25_DEFAULT_WINDOW_SIZE; 566 x25->facilities.pacsize_in = X25_DEFAULT_PACKET_SIZE; 567 x25->facilities.pacsize_out = X25_DEFAULT_PACKET_SIZE; 568 x25->facilities.throughput = 0; /* by default don't negotiate 569 throughput */ 570 x25->facilities.reverse = X25_DEFAULT_REVERSE; 571 x25->dte_facilities.calling_len = 0; 572 x25->dte_facilities.called_len = 0; 573 memset(x25->dte_facilities.called_ae, '\0', 574 sizeof(x25->dte_facilities.called_ae)); 575 memset(x25->dte_facilities.calling_ae, '\0', 576 sizeof(x25->dte_facilities.calling_ae)); 577 578 rc = 0; 579 out: 580 return rc; 581 } 582 583 static struct sock *x25_make_new(struct sock *osk) 584 { 585 struct sock *sk = NULL; 586 struct x25_sock *x25, *ox25; 587 588 if (osk->sk_type != SOCK_SEQPACKET) 589 goto out; 590 591 if ((sk = x25_alloc_socket(sock_net(osk), 0)) == NULL) 592 goto out; 593 594 x25 = x25_sk(sk); 595 596 sk->sk_type = osk->sk_type; 597 sk->sk_priority = READ_ONCE(osk->sk_priority); 598 sk->sk_protocol = osk->sk_protocol; 599 sk->sk_rcvbuf = osk->sk_rcvbuf; 600 sk->sk_sndbuf = osk->sk_sndbuf; 601 sk->sk_state = TCP_ESTABLISHED; 602 sk->sk_backlog_rcv = osk->sk_backlog_rcv; 603 sock_copy_flags(sk, osk); 604 605 ox25 = x25_sk(osk); 606 x25->t21 = ox25->t21; 607 x25->t22 = ox25->t22; 608 x25->t23 = ox25->t23; 609 x25->t2 = ox25->t2; 610 x25->flags = ox25->flags; 611 x25->facilities = ox25->facilities; 612 x25->dte_facilities = ox25->dte_facilities; 613 x25->cudmatchlength = ox25->cudmatchlength; 614 615 clear_bit(X25_INTERRUPT_FLAG, &x25->flags); 616 x25_init_timers(sk); 617 out: 618 return sk; 619 } 620 621 static int x25_release(struct socket *sock) 622 { 623 struct sock *sk = sock->sk; 624 struct x25_sock *x25; 625 626 if (!sk) 627 return 0; 628 629 x25 = x25_sk(sk); 630 631 sock_hold(sk); 632 lock_sock(sk); 633 switch (x25->state) { 634 635 case X25_STATE_0: 636 case X25_STATE_2: 637 x25_disconnect(sk, 0, 0, 0); 638 __x25_destroy_socket(sk); 639 goto out; 640 641 case X25_STATE_1: 642 case X25_STATE_3: 643 case X25_STATE_4: 644 x25_clear_queues(sk); 645 x25_write_internal(sk, X25_CLEAR_REQUEST); 646 x25_start_t23timer(sk); 647 x25->state = X25_STATE_2; 648 sk->sk_state = TCP_CLOSE; 649 sk->sk_shutdown |= SEND_SHUTDOWN; 650 sk->sk_state_change(sk); 651 sock_set_flag(sk, SOCK_DEAD); 652 sock_set_flag(sk, SOCK_DESTROY); 653 break; 654 655 case X25_STATE_5: 656 x25_write_internal(sk, X25_CLEAR_REQUEST); 657 x25_disconnect(sk, 0, 0, 0); 658 __x25_destroy_socket(sk); 659 goto out; 660 } 661 662 sock_orphan(sk); 663 out: 664 release_sock(sk); 665 sock_put(sk); 666 return 0; 667 } 668 669 static int x25_bind(struct socket *sock, struct sockaddr_unsized *uaddr, int addr_len) 670 { 671 struct sock *sk = sock->sk; 672 struct sockaddr_x25 *addr = (struct sockaddr_x25 *)uaddr; 673 int len, i, rc = 0; 674 675 if (addr_len != sizeof(struct sockaddr_x25) || 676 addr->sx25_family != AF_X25 || 677 strnlen(addr->sx25_addr.x25_addr, X25_ADDR_LEN) == X25_ADDR_LEN) { 678 rc = -EINVAL; 679 goto out; 680 } 681 682 /* check for the null_x25_address */ 683 if (strcmp(addr->sx25_addr.x25_addr, null_x25_address.x25_addr)) { 684 685 len = strlen(addr->sx25_addr.x25_addr); 686 for (i = 0; i < len; i++) { 687 if (!isdigit(addr->sx25_addr.x25_addr[i])) { 688 rc = -EINVAL; 689 goto out; 690 } 691 } 692 } 693 694 lock_sock(sk); 695 if (sock_flag(sk, SOCK_ZAPPED)) { 696 x25_sk(sk)->source_addr = addr->sx25_addr; 697 x25_insert_socket(sk); 698 sock_reset_flag(sk, SOCK_ZAPPED); 699 } else { 700 rc = -EINVAL; 701 } 702 release_sock(sk); 703 net_dbg_ratelimited("x25_bind: socket is bound\n"); 704 out: 705 return rc; 706 } 707 708 static int x25_wait_for_connection_establishment(struct sock *sk) 709 { 710 DECLARE_WAITQUEUE(wait, current); 711 int rc; 712 713 add_wait_queue_exclusive(sk_sleep(sk), &wait); 714 for (;;) { 715 __set_current_state(TASK_INTERRUPTIBLE); 716 rc = -ERESTARTSYS; 717 if (signal_pending(current)) 718 break; 719 rc = sock_error(sk); 720 if (rc) { 721 sk->sk_socket->state = SS_UNCONNECTED; 722 break; 723 } 724 rc = -ENOTCONN; 725 if (sk->sk_state == TCP_CLOSE) { 726 sk->sk_socket->state = SS_UNCONNECTED; 727 break; 728 } 729 rc = 0; 730 if (sk->sk_state != TCP_ESTABLISHED) { 731 release_sock(sk); 732 schedule(); 733 lock_sock(sk); 734 } else 735 break; 736 } 737 __set_current_state(TASK_RUNNING); 738 remove_wait_queue(sk_sleep(sk), &wait); 739 return rc; 740 } 741 742 static int x25_connect(struct socket *sock, struct sockaddr_unsized *uaddr, 743 int addr_len, int flags) 744 { 745 struct sock *sk = sock->sk; 746 struct x25_sock *x25 = x25_sk(sk); 747 struct sockaddr_x25 *addr = (struct sockaddr_x25 *)uaddr; 748 struct x25_route *rt; 749 int rc = 0; 750 751 lock_sock(sk); 752 if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) { 753 sock->state = SS_CONNECTED; 754 goto out; /* Connect completed during a ERESTARTSYS event */ 755 } 756 757 rc = -ECONNREFUSED; 758 if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) { 759 sock->state = SS_UNCONNECTED; 760 goto out; 761 } 762 763 rc = -EISCONN; /* No reconnect on a seqpacket socket */ 764 if (sk->sk_state == TCP_ESTABLISHED) 765 goto out; 766 767 rc = -EALREADY; /* Do nothing if call is already in progress */ 768 if (sk->sk_state == TCP_SYN_SENT) 769 goto out; 770 771 sk->sk_state = TCP_CLOSE; 772 sock->state = SS_UNCONNECTED; 773 774 rc = -EINVAL; 775 if (addr_len != sizeof(struct sockaddr_x25) || 776 addr->sx25_family != AF_X25 || 777 strnlen(addr->sx25_addr.x25_addr, X25_ADDR_LEN) == X25_ADDR_LEN) 778 goto out; 779 780 rc = -ENETUNREACH; 781 rt = x25_get_route(&addr->sx25_addr); 782 if (!rt) 783 goto out; 784 785 x25->neighbour = x25_get_neigh(rt->dev); 786 if (!x25->neighbour) 787 goto out_put_route; 788 789 x25_limit_facilities(&x25->facilities, x25->neighbour); 790 791 x25->lci = x25_new_lci(x25->neighbour); 792 if (!x25->lci) 793 goto out_put_neigh; 794 795 rc = -EINVAL; 796 if (sock_flag(sk, SOCK_ZAPPED)) /* Must bind first - autobinding does not work */ 797 goto out_put_neigh; 798 799 if (!strcmp(x25->source_addr.x25_addr, null_x25_address.x25_addr)) 800 memset(&x25->source_addr, '\0', X25_ADDR_LEN); 801 802 x25->dest_addr = addr->sx25_addr; 803 804 /* Move to connecting socket, start sending Connect Requests */ 805 sock->state = SS_CONNECTING; 806 sk->sk_state = TCP_SYN_SENT; 807 808 x25->state = X25_STATE_1; 809 810 x25_write_internal(sk, X25_CALL_REQUEST); 811 812 x25_start_heartbeat(sk); 813 x25_start_t21timer(sk); 814 815 /* Now the loop */ 816 rc = -EINPROGRESS; 817 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) 818 goto out; 819 820 rc = x25_wait_for_connection_establishment(sk); 821 if (rc) 822 goto out_put_neigh; 823 824 sock->state = SS_CONNECTED; 825 rc = 0; 826 out_put_neigh: 827 if (rc && x25->neighbour) { 828 read_lock_bh(&x25_list_lock); 829 x25_neigh_put(x25->neighbour); 830 x25->neighbour = NULL; 831 read_unlock_bh(&x25_list_lock); 832 x25->state = X25_STATE_0; 833 } 834 out_put_route: 835 x25_route_put(rt); 836 out: 837 release_sock(sk); 838 return rc; 839 } 840 841 static int x25_wait_for_data(struct sock *sk, long timeout) 842 { 843 DECLARE_WAITQUEUE(wait, current); 844 int rc = 0; 845 846 add_wait_queue_exclusive(sk_sleep(sk), &wait); 847 for (;;) { 848 __set_current_state(TASK_INTERRUPTIBLE); 849 if (sk->sk_shutdown & RCV_SHUTDOWN) 850 break; 851 rc = -ERESTARTSYS; 852 if (signal_pending(current)) 853 break; 854 rc = -EAGAIN; 855 if (!timeout) 856 break; 857 rc = 0; 858 if (skb_queue_empty(&sk->sk_receive_queue)) { 859 release_sock(sk); 860 timeout = schedule_timeout(timeout); 861 lock_sock(sk); 862 } else 863 break; 864 } 865 __set_current_state(TASK_RUNNING); 866 remove_wait_queue(sk_sleep(sk), &wait); 867 return rc; 868 } 869 870 static int x25_accept(struct socket *sock, struct socket *newsock, 871 struct proto_accept_arg *arg) 872 { 873 struct sock *sk = sock->sk; 874 struct sock *newsk; 875 struct sk_buff *skb; 876 int rc = -EINVAL; 877 878 if (!sk) 879 goto out; 880 881 rc = -EOPNOTSUPP; 882 if (sk->sk_type != SOCK_SEQPACKET) 883 goto out; 884 885 lock_sock(sk); 886 rc = -EINVAL; 887 if (sk->sk_state != TCP_LISTEN) 888 goto out2; 889 890 rc = x25_wait_for_data(sk, READ_ONCE(sk->sk_rcvtimeo)); 891 if (rc) 892 goto out2; 893 skb = skb_dequeue(&sk->sk_receive_queue); 894 rc = -EINVAL; 895 if (!skb->sk) 896 goto out2; 897 newsk = skb->sk; 898 sock_graft(newsk, newsock); 899 900 /* Now attach up the new socket */ 901 skb->sk = NULL; 902 kfree_skb(skb); 903 sk_acceptq_removed(sk); 904 newsock->state = SS_CONNECTED; 905 rc = 0; 906 out2: 907 release_sock(sk); 908 out: 909 return rc; 910 } 911 912 static int x25_getname(struct socket *sock, struct sockaddr *uaddr, 913 int peer) 914 { 915 struct sockaddr_x25 *sx25 = (struct sockaddr_x25 *)uaddr; 916 struct sock *sk = sock->sk; 917 struct x25_sock *x25 = x25_sk(sk); 918 int rc = 0; 919 920 if (peer) { 921 if (sk->sk_state != TCP_ESTABLISHED) { 922 rc = -ENOTCONN; 923 goto out; 924 } 925 sx25->sx25_addr = x25->dest_addr; 926 } else 927 sx25->sx25_addr = x25->source_addr; 928 929 sx25->sx25_family = AF_X25; 930 rc = sizeof(*sx25); 931 932 out: 933 return rc; 934 } 935 936 int x25_rx_call_request(struct sk_buff *skb, struct x25_neigh *nb, 937 unsigned int lci) 938 { 939 struct sock *sk; 940 struct sock *make; 941 struct x25_sock *makex25; 942 struct x25_address source_addr, dest_addr; 943 struct x25_facilities facilities; 944 struct x25_dte_facilities dte_facilities; 945 int len, addr_len, rc; 946 947 /* 948 * Remove the LCI and frame type. 949 */ 950 skb_pull(skb, X25_STD_MIN_LEN); 951 952 /* 953 * Extract the X.25 addresses and convert them to ASCII strings, 954 * and remove them. 955 * 956 * Address block is mandatory in call request packets 957 */ 958 addr_len = x25_parse_address_block(skb, &source_addr, &dest_addr); 959 if (addr_len <= 0) 960 goto out_clear_request; 961 skb_pull(skb, addr_len); 962 963 /* 964 * Get the length of the facilities, skip past them for the moment 965 * get the call user data because this is needed to determine 966 * the correct listener 967 * 968 * Facilities length is mandatory in call request packets 969 */ 970 if (!pskb_may_pull(skb, 1)) 971 goto out_clear_request; 972 len = skb->data[0] + 1; 973 if (!pskb_may_pull(skb, len)) 974 goto out_clear_request; 975 skb_pull(skb,len); 976 977 /* 978 * Ensure that the amount of call user data is valid. 979 */ 980 if (skb->len > X25_MAX_CUD_LEN) 981 goto out_clear_request; 982 983 /* 984 * Get all the call user data so it can be used in 985 * x25_find_listener and skb_copy_from_linear_data up ahead. 986 */ 987 if (!pskb_may_pull(skb, skb->len)) 988 goto out_clear_request; 989 990 /* 991 * Find a listener for the particular address/cud pair. 992 */ 993 sk = x25_find_listener(&source_addr,skb); 994 skb_push(skb,len); 995 996 if (sk != NULL && sk_acceptq_is_full(sk)) { 997 goto out_sock_put; 998 } 999 1000 /* 1001 * We dont have any listeners for this incoming call. 1002 * Try forwarding it. 1003 */ 1004 if (sk == NULL) { 1005 skb_push(skb, addr_len + X25_STD_MIN_LEN); 1006 if (sysctl_x25_forward && 1007 x25_forward_call(&dest_addr, nb, skb, lci) > 0) 1008 { 1009 /* Call was forwarded, dont process it any more */ 1010 kfree_skb(skb); 1011 rc = 1; 1012 goto out; 1013 } else { 1014 /* No listeners, can't forward, clear the call */ 1015 goto out_clear_request; 1016 } 1017 } 1018 1019 /* 1020 * Try to reach a compromise on the requested facilities. 1021 */ 1022 len = x25_negotiate_facilities(skb, sk, &facilities, &dte_facilities); 1023 if (len == -1) 1024 goto out_sock_put; 1025 1026 /* 1027 * current neighbour/link might impose additional limits 1028 * on certain facilities 1029 */ 1030 1031 x25_limit_facilities(&facilities, nb); 1032 1033 /* 1034 * Try to create a new socket. 1035 */ 1036 make = x25_make_new(sk); 1037 if (!make) 1038 goto out_sock_put; 1039 1040 /* 1041 * Remove the facilities 1042 */ 1043 skb_pull(skb, len); 1044 1045 skb->sk = make; 1046 make->sk_state = TCP_ESTABLISHED; 1047 1048 makex25 = x25_sk(make); 1049 makex25->lci = lci; 1050 makex25->dest_addr = dest_addr; 1051 makex25->source_addr = source_addr; 1052 x25_neigh_hold(nb); 1053 makex25->neighbour = nb; 1054 makex25->facilities = facilities; 1055 makex25->dte_facilities= dte_facilities; 1056 makex25->vc_facil_mask = x25_sk(sk)->vc_facil_mask; 1057 /* ensure no reverse facil on accept */ 1058 makex25->vc_facil_mask &= ~X25_MASK_REVERSE; 1059 /* ensure no calling address extension on accept */ 1060 makex25->vc_facil_mask &= ~X25_MASK_CALLING_AE; 1061 makex25->cudmatchlength = x25_sk(sk)->cudmatchlength; 1062 1063 /* Normally all calls are accepted immediately */ 1064 if (test_bit(X25_ACCPT_APPRV_FLAG, &makex25->flags)) { 1065 x25_write_internal(make, X25_CALL_ACCEPTED); 1066 makex25->state = X25_STATE_3; 1067 } else { 1068 makex25->state = X25_STATE_5; 1069 } 1070 1071 /* 1072 * Incoming Call User Data. 1073 */ 1074 skb_copy_from_linear_data(skb, makex25->calluserdata.cuddata, skb->len); 1075 makex25->calluserdata.cudlength = skb->len; 1076 1077 sk_acceptq_added(sk); 1078 1079 x25_insert_socket(make); 1080 1081 skb_queue_head(&sk->sk_receive_queue, skb); 1082 1083 x25_start_heartbeat(make); 1084 1085 if (!sock_flag(sk, SOCK_DEAD)) 1086 sk->sk_data_ready(sk); 1087 rc = 1; 1088 sock_put(sk); 1089 out: 1090 return rc; 1091 out_sock_put: 1092 sock_put(sk); 1093 out_clear_request: 1094 rc = 0; 1095 x25_transmit_clear_request(nb, lci, 0x01); 1096 goto out; 1097 } 1098 1099 static int x25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1100 { 1101 struct sock *sk = sock->sk; 1102 struct x25_sock *x25 = x25_sk(sk); 1103 DECLARE_SOCKADDR(struct sockaddr_x25 *, usx25, msg->msg_name); 1104 struct sockaddr_x25 sx25; 1105 struct sk_buff *skb; 1106 unsigned char *asmptr; 1107 int noblock = msg->msg_flags & MSG_DONTWAIT; 1108 size_t size; 1109 int qbit = 0, rc = -EINVAL; 1110 1111 lock_sock(sk); 1112 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_OOB|MSG_EOR|MSG_CMSG_COMPAT)) 1113 goto out; 1114 1115 /* we currently don't support segmented records at the user interface */ 1116 if (!(msg->msg_flags & (MSG_EOR|MSG_OOB))) 1117 goto out; 1118 1119 rc = -EADDRNOTAVAIL; 1120 if (sock_flag(sk, SOCK_ZAPPED)) 1121 goto out; 1122 1123 rc = -EPIPE; 1124 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1125 send_sig(SIGPIPE, current, 0); 1126 goto out; 1127 } 1128 1129 rc = -ENETUNREACH; 1130 if (!x25->neighbour) 1131 goto out; 1132 1133 if (usx25) { 1134 rc = -EINVAL; 1135 if (msg->msg_namelen < sizeof(sx25)) 1136 goto out; 1137 memcpy(&sx25, usx25, sizeof(sx25)); 1138 rc = -EISCONN; 1139 if (strcmp(x25->dest_addr.x25_addr, sx25.sx25_addr.x25_addr)) 1140 goto out; 1141 rc = -EINVAL; 1142 if (sx25.sx25_family != AF_X25) 1143 goto out; 1144 } else { 1145 /* 1146 * FIXME 1003.1g - if the socket is like this because 1147 * it has become closed (not started closed) we ought 1148 * to SIGPIPE, EPIPE; 1149 */ 1150 rc = -ENOTCONN; 1151 if (sk->sk_state != TCP_ESTABLISHED) 1152 goto out; 1153 1154 sx25.sx25_family = AF_X25; 1155 sx25.sx25_addr = x25->dest_addr; 1156 } 1157 1158 /* Sanity check the packet size */ 1159 if (len > 65535) { 1160 rc = -EMSGSIZE; 1161 goto out; 1162 } 1163 1164 net_dbg_ratelimited("x25_sendmsg: sendto: Addresses built.\n"); 1165 1166 /* Build a packet */ 1167 net_dbg_ratelimited("x25_sendmsg: sendto: building packet.\n"); 1168 1169 if ((msg->msg_flags & MSG_OOB) && len > 32) 1170 len = 32; 1171 1172 size = len + X25_MAX_L2_LEN + X25_EXT_MIN_LEN; 1173 1174 release_sock(sk); 1175 skb = sock_alloc_send_skb(sk, size, noblock, &rc); 1176 lock_sock(sk); 1177 if (!skb) 1178 goto out; 1179 X25_SKB_CB(skb)->flags = msg->msg_flags; 1180 1181 skb_reserve(skb, X25_MAX_L2_LEN + X25_EXT_MIN_LEN); 1182 1183 /* 1184 * Put the data on the end 1185 */ 1186 net_dbg_ratelimited("x25_sendmsg: Copying user data\n"); 1187 1188 skb_reset_transport_header(skb); 1189 skb_put(skb, len); 1190 1191 rc = memcpy_from_msg(skb_transport_header(skb), msg, len); 1192 if (rc) 1193 goto out_kfree_skb; 1194 1195 /* 1196 * If the Q BIT Include socket option is in force, the first 1197 * byte of the user data is the logical value of the Q Bit. 1198 */ 1199 if (test_bit(X25_Q_BIT_FLAG, &x25->flags)) { 1200 if (!pskb_may_pull(skb, 1)) 1201 goto out_kfree_skb; 1202 1203 qbit = skb->data[0]; 1204 skb_pull(skb, 1); 1205 } 1206 1207 /* 1208 * Push down the X.25 header 1209 */ 1210 net_dbg_ratelimited("x25_sendmsg: Building X.25 Header.\n"); 1211 1212 if (msg->msg_flags & MSG_OOB) { 1213 if (x25->neighbour->extended) { 1214 asmptr = skb_push(skb, X25_STD_MIN_LEN); 1215 *asmptr++ = ((x25->lci >> 8) & 0x0F) | X25_GFI_EXTSEQ; 1216 *asmptr++ = (x25->lci >> 0) & 0xFF; 1217 *asmptr++ = X25_INTERRUPT; 1218 } else { 1219 asmptr = skb_push(skb, X25_STD_MIN_LEN); 1220 *asmptr++ = ((x25->lci >> 8) & 0x0F) | X25_GFI_STDSEQ; 1221 *asmptr++ = (x25->lci >> 0) & 0xFF; 1222 *asmptr++ = X25_INTERRUPT; 1223 } 1224 } else { 1225 if (x25->neighbour->extended) { 1226 /* Build an Extended X.25 header */ 1227 asmptr = skb_push(skb, X25_EXT_MIN_LEN); 1228 *asmptr++ = ((x25->lci >> 8) & 0x0F) | X25_GFI_EXTSEQ; 1229 *asmptr++ = (x25->lci >> 0) & 0xFF; 1230 *asmptr++ = X25_DATA; 1231 *asmptr++ = X25_DATA; 1232 } else { 1233 /* Build an Standard X.25 header */ 1234 asmptr = skb_push(skb, X25_STD_MIN_LEN); 1235 *asmptr++ = ((x25->lci >> 8) & 0x0F) | X25_GFI_STDSEQ; 1236 *asmptr++ = (x25->lci >> 0) & 0xFF; 1237 *asmptr++ = X25_DATA; 1238 } 1239 1240 if (qbit) 1241 skb->data[0] |= X25_Q_BIT; 1242 } 1243 1244 net_dbg_ratelimited("x25_sendmsg: Built header.\n"); 1245 net_dbg_ratelimited("x25_sendmsg: Transmitting buffer\n"); 1246 1247 rc = -ENOTCONN; 1248 if (sk->sk_state != TCP_ESTABLISHED) 1249 goto out_kfree_skb; 1250 1251 if (msg->msg_flags & MSG_OOB) 1252 skb_queue_tail(&x25->interrupt_out_queue, skb); 1253 else { 1254 rc = x25_output(sk, skb); 1255 len = rc; 1256 if (rc < 0) 1257 kfree_skb(skb); 1258 else if (test_bit(X25_Q_BIT_FLAG, &x25->flags)) 1259 len++; 1260 } 1261 1262 x25_kick(sk); 1263 rc = len; 1264 out: 1265 release_sock(sk); 1266 return rc; 1267 out_kfree_skb: 1268 kfree_skb(skb); 1269 goto out; 1270 } 1271 1272 1273 static int x25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1274 int flags) 1275 { 1276 struct sock *sk = sock->sk; 1277 struct x25_sock *x25 = x25_sk(sk); 1278 DECLARE_SOCKADDR(struct sockaddr_x25 *, sx25, msg->msg_name); 1279 size_t copied; 1280 int qbit, header_len; 1281 struct sk_buff *skb; 1282 unsigned char *asmptr; 1283 int rc = -ENOTCONN; 1284 1285 lock_sock(sk); 1286 1287 if (x25->neighbour == NULL) 1288 goto out; 1289 1290 header_len = x25->neighbour->extended ? 1291 X25_EXT_MIN_LEN : X25_STD_MIN_LEN; 1292 1293 /* 1294 * This works for seqpacket too. The receiver has ordered the queue for 1295 * us! We do one quick check first though 1296 */ 1297 if (sk->sk_state != TCP_ESTABLISHED) 1298 goto out; 1299 1300 if (flags & MSG_OOB) { 1301 rc = -EINVAL; 1302 if (sock_flag(sk, SOCK_URGINLINE) || 1303 !skb_peek(&x25->interrupt_in_queue)) 1304 goto out; 1305 1306 skb = skb_dequeue(&x25->interrupt_in_queue); 1307 1308 if (!pskb_may_pull(skb, X25_STD_MIN_LEN)) 1309 goto out_free_dgram; 1310 1311 skb_pull(skb, X25_STD_MIN_LEN); 1312 1313 /* 1314 * No Q bit information on Interrupt data. 1315 */ 1316 if (test_bit(X25_Q_BIT_FLAG, &x25->flags)) { 1317 asmptr = skb_push(skb, 1); 1318 *asmptr = 0x00; 1319 } 1320 1321 msg->msg_flags |= MSG_OOB; 1322 } else { 1323 /* Now we can treat all alike */ 1324 release_sock(sk); 1325 skb = skb_recv_datagram(sk, flags, &rc); 1326 lock_sock(sk); 1327 if (!skb) 1328 goto out; 1329 1330 if (!pskb_may_pull(skb, header_len)) 1331 goto out_free_dgram; 1332 1333 qbit = (skb->data[0] & X25_Q_BIT) == X25_Q_BIT; 1334 1335 skb_pull(skb, header_len); 1336 1337 if (test_bit(X25_Q_BIT_FLAG, &x25->flags)) { 1338 asmptr = skb_push(skb, 1); 1339 *asmptr = qbit; 1340 } 1341 } 1342 1343 skb_reset_transport_header(skb); 1344 copied = skb->len; 1345 1346 if (copied > size) { 1347 copied = size; 1348 msg->msg_flags |= MSG_TRUNC; 1349 } 1350 1351 /* Currently, each datagram always contains a complete record */ 1352 msg->msg_flags |= MSG_EOR; 1353 1354 rc = skb_copy_datagram_msg(skb, 0, msg, copied); 1355 if (rc) 1356 goto out_free_dgram; 1357 1358 if (sx25) { 1359 sx25->sx25_family = AF_X25; 1360 sx25->sx25_addr = x25->dest_addr; 1361 msg->msg_namelen = sizeof(*sx25); 1362 } 1363 1364 x25_check_rbuf(sk); 1365 rc = copied; 1366 out_free_dgram: 1367 skb_free_datagram(sk, skb); 1368 out: 1369 release_sock(sk); 1370 return rc; 1371 } 1372 1373 1374 static int x25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1375 { 1376 struct sock *sk = sock->sk; 1377 struct x25_sock *x25 = x25_sk(sk); 1378 void __user *argp = (void __user *)arg; 1379 int rc; 1380 1381 switch (cmd) { 1382 case TIOCOUTQ: { 1383 int amount; 1384 1385 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1386 if (amount < 0) 1387 amount = 0; 1388 rc = put_user(amount, (unsigned int __user *)argp); 1389 break; 1390 } 1391 1392 case TIOCINQ: { 1393 struct sk_buff *skb; 1394 int amount = 0; 1395 /* 1396 * These two are safe on a single CPU system as 1397 * only user tasks fiddle here 1398 */ 1399 lock_sock(sk); 1400 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1401 amount = skb->len; 1402 release_sock(sk); 1403 rc = put_user(amount, (unsigned int __user *)argp); 1404 break; 1405 } 1406 1407 case SIOCGIFADDR: 1408 case SIOCSIFADDR: 1409 case SIOCGIFDSTADDR: 1410 case SIOCSIFDSTADDR: 1411 case SIOCGIFBRDADDR: 1412 case SIOCSIFBRDADDR: 1413 case SIOCGIFNETMASK: 1414 case SIOCSIFNETMASK: 1415 case SIOCGIFMETRIC: 1416 case SIOCSIFMETRIC: 1417 rc = -EINVAL; 1418 break; 1419 case SIOCADDRT: 1420 case SIOCDELRT: 1421 rc = -EPERM; 1422 if (!capable(CAP_NET_ADMIN)) 1423 break; 1424 rc = x25_route_ioctl(cmd, argp); 1425 break; 1426 case SIOCX25GSUBSCRIP: 1427 rc = x25_subscr_ioctl(cmd, argp); 1428 break; 1429 case SIOCX25SSUBSCRIP: 1430 rc = -EPERM; 1431 if (!capable(CAP_NET_ADMIN)) 1432 break; 1433 rc = x25_subscr_ioctl(cmd, argp); 1434 break; 1435 case SIOCX25GFACILITIES: { 1436 lock_sock(sk); 1437 rc = copy_to_user(argp, &x25->facilities, 1438 sizeof(x25->facilities)) 1439 ? -EFAULT : 0; 1440 release_sock(sk); 1441 break; 1442 } 1443 1444 case SIOCX25SFACILITIES: { 1445 struct x25_facilities facilities; 1446 rc = -EFAULT; 1447 if (copy_from_user(&facilities, argp, sizeof(facilities))) 1448 break; 1449 rc = -EINVAL; 1450 lock_sock(sk); 1451 if (sk->sk_state != TCP_LISTEN && 1452 sk->sk_state != TCP_CLOSE) 1453 goto out_fac_release; 1454 if (facilities.pacsize_in < X25_PS16 || 1455 facilities.pacsize_in > X25_PS4096) 1456 goto out_fac_release; 1457 if (facilities.pacsize_out < X25_PS16 || 1458 facilities.pacsize_out > X25_PS4096) 1459 goto out_fac_release; 1460 if (facilities.winsize_in < 1 || 1461 facilities.winsize_in > 127) 1462 goto out_fac_release; 1463 if (facilities.throughput) { 1464 int out = facilities.throughput & 0xf0; 1465 int in = facilities.throughput & 0x0f; 1466 if (!out) 1467 facilities.throughput |= 1468 X25_DEFAULT_THROUGHPUT << 4; 1469 else if (out < 0x30 || out > 0xD0) 1470 goto out_fac_release; 1471 if (!in) 1472 facilities.throughput |= 1473 X25_DEFAULT_THROUGHPUT; 1474 else if (in < 0x03 || in > 0x0D) 1475 goto out_fac_release; 1476 } 1477 if (facilities.reverse && 1478 (facilities.reverse & 0x81) != 0x81) 1479 goto out_fac_release; 1480 x25->facilities = facilities; 1481 rc = 0; 1482 out_fac_release: 1483 release_sock(sk); 1484 break; 1485 } 1486 1487 case SIOCX25GDTEFACILITIES: { 1488 lock_sock(sk); 1489 rc = copy_to_user(argp, &x25->dte_facilities, 1490 sizeof(x25->dte_facilities)); 1491 release_sock(sk); 1492 if (rc) 1493 rc = -EFAULT; 1494 break; 1495 } 1496 1497 case SIOCX25SDTEFACILITIES: { 1498 struct x25_dte_facilities dtefacs; 1499 rc = -EFAULT; 1500 if (copy_from_user(&dtefacs, argp, sizeof(dtefacs))) 1501 break; 1502 rc = -EINVAL; 1503 lock_sock(sk); 1504 if (sk->sk_state != TCP_LISTEN && 1505 sk->sk_state != TCP_CLOSE) 1506 goto out_dtefac_release; 1507 if (dtefacs.calling_len > X25_MAX_AE_LEN) 1508 goto out_dtefac_release; 1509 if (dtefacs.called_len > X25_MAX_AE_LEN) 1510 goto out_dtefac_release; 1511 x25->dte_facilities = dtefacs; 1512 rc = 0; 1513 out_dtefac_release: 1514 release_sock(sk); 1515 break; 1516 } 1517 1518 case SIOCX25GCALLUSERDATA: { 1519 lock_sock(sk); 1520 rc = copy_to_user(argp, &x25->calluserdata, 1521 sizeof(x25->calluserdata)) 1522 ? -EFAULT : 0; 1523 release_sock(sk); 1524 break; 1525 } 1526 1527 case SIOCX25SCALLUSERDATA: { 1528 struct x25_calluserdata calluserdata; 1529 1530 rc = -EFAULT; 1531 if (copy_from_user(&calluserdata, argp, sizeof(calluserdata))) 1532 break; 1533 rc = -EINVAL; 1534 if (calluserdata.cudlength > X25_MAX_CUD_LEN) 1535 break; 1536 lock_sock(sk); 1537 x25->calluserdata = calluserdata; 1538 release_sock(sk); 1539 rc = 0; 1540 break; 1541 } 1542 1543 case SIOCX25GCAUSEDIAG: { 1544 lock_sock(sk); 1545 rc = copy_to_user(argp, &x25->causediag, sizeof(x25->causediag)) 1546 ? -EFAULT : 0; 1547 release_sock(sk); 1548 break; 1549 } 1550 1551 case SIOCX25SCAUSEDIAG: { 1552 struct x25_causediag causediag; 1553 rc = -EFAULT; 1554 if (copy_from_user(&causediag, argp, sizeof(causediag))) 1555 break; 1556 lock_sock(sk); 1557 x25->causediag = causediag; 1558 release_sock(sk); 1559 rc = 0; 1560 break; 1561 1562 } 1563 1564 case SIOCX25SCUDMATCHLEN: { 1565 struct x25_subaddr sub_addr; 1566 rc = -EINVAL; 1567 lock_sock(sk); 1568 if(sk->sk_state != TCP_CLOSE) 1569 goto out_cud_release; 1570 rc = -EFAULT; 1571 if (copy_from_user(&sub_addr, argp, 1572 sizeof(sub_addr))) 1573 goto out_cud_release; 1574 rc = -EINVAL; 1575 if (sub_addr.cudmatchlength > X25_MAX_CUD_LEN) 1576 goto out_cud_release; 1577 x25->cudmatchlength = sub_addr.cudmatchlength; 1578 rc = 0; 1579 out_cud_release: 1580 release_sock(sk); 1581 break; 1582 } 1583 1584 case SIOCX25CALLACCPTAPPRV: { 1585 rc = -EINVAL; 1586 lock_sock(sk); 1587 if (sk->sk_state == TCP_CLOSE) { 1588 clear_bit(X25_ACCPT_APPRV_FLAG, &x25->flags); 1589 rc = 0; 1590 } 1591 release_sock(sk); 1592 break; 1593 } 1594 1595 case SIOCX25SENDCALLACCPT: { 1596 rc = -EINVAL; 1597 lock_sock(sk); 1598 if (sk->sk_state != TCP_ESTABLISHED) 1599 goto out_sendcallaccpt_release; 1600 /* must call accptapprv above */ 1601 if (test_bit(X25_ACCPT_APPRV_FLAG, &x25->flags)) 1602 goto out_sendcallaccpt_release; 1603 x25_write_internal(sk, X25_CALL_ACCEPTED); 1604 x25->state = X25_STATE_3; 1605 rc = 0; 1606 out_sendcallaccpt_release: 1607 release_sock(sk); 1608 break; 1609 } 1610 1611 default: 1612 rc = -ENOIOCTLCMD; 1613 break; 1614 } 1615 1616 return rc; 1617 } 1618 1619 static const struct net_proto_family x25_family_ops = { 1620 .family = AF_X25, 1621 .create = x25_create, 1622 .owner = THIS_MODULE, 1623 }; 1624 1625 #ifdef CONFIG_COMPAT 1626 static int compat_x25_subscr_ioctl(unsigned int cmd, 1627 struct compat_x25_subscrip_struct __user *x25_subscr32) 1628 { 1629 struct compat_x25_subscrip_struct x25_subscr; 1630 struct x25_neigh *nb; 1631 struct net_device *dev; 1632 int rc = -EINVAL; 1633 1634 rc = -EFAULT; 1635 if (copy_from_user(&x25_subscr, x25_subscr32, sizeof(*x25_subscr32))) 1636 goto out; 1637 1638 rc = -EINVAL; 1639 dev = x25_dev_get(x25_subscr.device); 1640 if (dev == NULL) 1641 goto out; 1642 1643 nb = x25_get_neigh(dev); 1644 if (nb == NULL) 1645 goto out_dev_put; 1646 1647 dev_put(dev); 1648 1649 if (cmd == SIOCX25GSUBSCRIP) { 1650 read_lock_bh(&x25_neigh_list_lock); 1651 x25_subscr.extended = nb->extended; 1652 x25_subscr.global_facil_mask = nb->global_facil_mask; 1653 read_unlock_bh(&x25_neigh_list_lock); 1654 rc = copy_to_user(x25_subscr32, &x25_subscr, 1655 sizeof(*x25_subscr32)) ? -EFAULT : 0; 1656 } else { 1657 rc = -EINVAL; 1658 if (x25_subscr.extended == 0 || x25_subscr.extended == 1) { 1659 rc = 0; 1660 write_lock_bh(&x25_neigh_list_lock); 1661 nb->extended = x25_subscr.extended; 1662 nb->global_facil_mask = x25_subscr.global_facil_mask; 1663 write_unlock_bh(&x25_neigh_list_lock); 1664 } 1665 } 1666 x25_neigh_put(nb); 1667 out: 1668 return rc; 1669 out_dev_put: 1670 dev_put(dev); 1671 goto out; 1672 } 1673 1674 static int compat_x25_ioctl(struct socket *sock, unsigned int cmd, 1675 unsigned long arg) 1676 { 1677 void __user *argp = compat_ptr(arg); 1678 int rc = -ENOIOCTLCMD; 1679 1680 switch(cmd) { 1681 case TIOCOUTQ: 1682 case TIOCINQ: 1683 rc = x25_ioctl(sock, cmd, (unsigned long)argp); 1684 break; 1685 case SIOCGIFADDR: 1686 case SIOCSIFADDR: 1687 case SIOCGIFDSTADDR: 1688 case SIOCSIFDSTADDR: 1689 case SIOCGIFBRDADDR: 1690 case SIOCSIFBRDADDR: 1691 case SIOCGIFNETMASK: 1692 case SIOCSIFNETMASK: 1693 case SIOCGIFMETRIC: 1694 case SIOCSIFMETRIC: 1695 rc = -EINVAL; 1696 break; 1697 case SIOCADDRT: 1698 case SIOCDELRT: 1699 rc = -EPERM; 1700 if (!capable(CAP_NET_ADMIN)) 1701 break; 1702 rc = x25_route_ioctl(cmd, argp); 1703 break; 1704 case SIOCX25GSUBSCRIP: 1705 rc = compat_x25_subscr_ioctl(cmd, argp); 1706 break; 1707 case SIOCX25SSUBSCRIP: 1708 rc = -EPERM; 1709 if (!capable(CAP_NET_ADMIN)) 1710 break; 1711 rc = compat_x25_subscr_ioctl(cmd, argp); 1712 break; 1713 case SIOCX25GFACILITIES: 1714 case SIOCX25SFACILITIES: 1715 case SIOCX25GDTEFACILITIES: 1716 case SIOCX25SDTEFACILITIES: 1717 case SIOCX25GCALLUSERDATA: 1718 case SIOCX25SCALLUSERDATA: 1719 case SIOCX25GCAUSEDIAG: 1720 case SIOCX25SCAUSEDIAG: 1721 case SIOCX25SCUDMATCHLEN: 1722 case SIOCX25CALLACCPTAPPRV: 1723 case SIOCX25SENDCALLACCPT: 1724 rc = x25_ioctl(sock, cmd, (unsigned long)argp); 1725 break; 1726 default: 1727 rc = -ENOIOCTLCMD; 1728 break; 1729 } 1730 return rc; 1731 } 1732 #endif 1733 1734 static const struct proto_ops x25_proto_ops = { 1735 .family = AF_X25, 1736 .owner = THIS_MODULE, 1737 .release = x25_release, 1738 .bind = x25_bind, 1739 .connect = x25_connect, 1740 .socketpair = sock_no_socketpair, 1741 .accept = x25_accept, 1742 .getname = x25_getname, 1743 .poll = datagram_poll, 1744 .ioctl = x25_ioctl, 1745 #ifdef CONFIG_COMPAT 1746 .compat_ioctl = compat_x25_ioctl, 1747 #endif 1748 .gettstamp = sock_gettstamp, 1749 .listen = x25_listen, 1750 .shutdown = sock_no_shutdown, 1751 .setsockopt = x25_setsockopt, 1752 .getsockopt_iter = x25_getsockopt, 1753 .sendmsg = x25_sendmsg, 1754 .recvmsg = x25_recvmsg, 1755 .mmap = sock_no_mmap, 1756 }; 1757 1758 static struct packet_type x25_packet_type __read_mostly = { 1759 .type = cpu_to_be16(ETH_P_X25), 1760 .func = x25_lapb_receive_frame, 1761 }; 1762 1763 static struct notifier_block x25_dev_notifier = { 1764 .notifier_call = x25_device_event, 1765 }; 1766 1767 void x25_kill_by_neigh(struct x25_neigh *nb) 1768 { 1769 struct sock *s; 1770 1771 write_lock_bh(&x25_list_lock); 1772 1773 sk_for_each(s, &x25_list) { 1774 if (x25_sk(s)->neighbour == nb) { 1775 write_unlock_bh(&x25_list_lock); 1776 lock_sock(s); 1777 x25_disconnect(s, ENETUNREACH, 0, 0); 1778 release_sock(s); 1779 write_lock_bh(&x25_list_lock); 1780 } 1781 } 1782 write_unlock_bh(&x25_list_lock); 1783 1784 /* Remove any related forwards */ 1785 x25_clear_forward_by_dev(nb->dev); 1786 } 1787 1788 static int __init x25_init(void) 1789 { 1790 int rc; 1791 1792 rc = proto_register(&x25_proto, 0); 1793 if (rc) 1794 goto out; 1795 1796 rc = sock_register(&x25_family_ops); 1797 if (rc) 1798 goto out_proto; 1799 1800 dev_add_pack(&x25_packet_type); 1801 1802 rc = register_netdevice_notifier(&x25_dev_notifier); 1803 if (rc) 1804 goto out_sock; 1805 1806 rc = x25_register_sysctl(); 1807 if (rc) 1808 goto out_dev; 1809 1810 rc = x25_proc_init(); 1811 if (rc) 1812 goto out_sysctl; 1813 1814 pr_info("Linux Version 0.2\n"); 1815 1816 out: 1817 return rc; 1818 out_sysctl: 1819 x25_unregister_sysctl(); 1820 out_dev: 1821 unregister_netdevice_notifier(&x25_dev_notifier); 1822 out_sock: 1823 dev_remove_pack(&x25_packet_type); 1824 sock_unregister(AF_X25); 1825 out_proto: 1826 proto_unregister(&x25_proto); 1827 goto out; 1828 } 1829 module_init(x25_init); 1830 1831 static void __exit x25_exit(void) 1832 { 1833 x25_proc_exit(); 1834 x25_link_free(); 1835 x25_route_free(); 1836 1837 x25_unregister_sysctl(); 1838 1839 unregister_netdevice_notifier(&x25_dev_notifier); 1840 1841 dev_remove_pack(&x25_packet_type); 1842 1843 sock_unregister(AF_X25); 1844 proto_unregister(&x25_proto); 1845 } 1846 module_exit(x25_exit); 1847 1848 MODULE_AUTHOR("Jonathan Naylor <g4klx@g4klx.demon.co.uk>"); 1849 MODULE_DESCRIPTION("The X.25 Packet Layer network layer protocol"); 1850 MODULE_LICENSE("GPL"); 1851 MODULE_ALIAS_NETPROTO(PF_X25); 1852