1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 spin_lock_bh(&ax25_list_lock); 66 if (!hlist_unhashed(&ax25->ax25_node)) { 67 hlist_del_init(&ax25->ax25_node); 68 ax25_cb_put(ax25); 69 } 70 spin_unlock_bh(&ax25_list_lock); 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 struct sock *sk; 81 82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 83 return; 84 ax25_dev->device_up = false; 85 86 spin_lock_bh(&ax25_list_lock); 87 again: 88 ax25_for_each(s, &ax25_list) { 89 if (s->ax25_dev == ax25_dev) { 90 sk = s->sk; 91 if (!sk) { 92 spin_unlock_bh(&ax25_list_lock); 93 ax25_disconnect(s, ENETUNREACH); 94 s->ax25_dev = NULL; 95 ax25_cb_del(s); 96 spin_lock_bh(&ax25_list_lock); 97 goto again; 98 } 99 sock_hold(sk); 100 spin_unlock_bh(&ax25_list_lock); 101 lock_sock(sk); 102 ax25_disconnect(s, ENETUNREACH); 103 s->ax25_dev = NULL; 104 if (sk->sk_socket) { 105 netdev_put(ax25_dev->dev, 106 &s->dev_tracker); 107 ax25_dev_put(ax25_dev); 108 } 109 ax25_cb_del(s); 110 release_sock(sk); 111 spin_lock_bh(&ax25_list_lock); 112 sock_put(sk); 113 /* The entry could have been deleted from the 114 * list meanwhile and thus the next pointer is 115 * no longer valid. Play it safe and restart 116 * the scan. Forward progress is ensured 117 * because we set s->ax25_dev to NULL and we 118 * are never passed a NULL 'dev' argument. 119 */ 120 goto again; 121 } 122 } 123 spin_unlock_bh(&ax25_list_lock); 124 } 125 126 /* 127 * Handle device status changes. 128 */ 129 static int ax25_device_event(struct notifier_block *this, unsigned long event, 130 void *ptr) 131 { 132 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 133 134 if (!net_eq(dev_net(dev), &init_net)) 135 return NOTIFY_DONE; 136 137 /* Reject non AX.25 devices */ 138 if (dev->type != ARPHRD_AX25) 139 return NOTIFY_DONE; 140 141 switch (event) { 142 case NETDEV_UP: 143 ax25_dev_device_up(dev); 144 break; 145 case NETDEV_DOWN: 146 ax25_kill_by_device(dev); 147 ax25_rt_device_down(dev); 148 ax25_dev_device_down(dev); 149 break; 150 default: 151 break; 152 } 153 154 return NOTIFY_DONE; 155 } 156 157 /* 158 * Add a socket to the bound sockets list. 159 */ 160 void ax25_cb_add(ax25_cb *ax25) 161 { 162 spin_lock_bh(&ax25_list_lock); 163 ax25_cb_hold(ax25); 164 hlist_add_head(&ax25->ax25_node, &ax25_list); 165 spin_unlock_bh(&ax25_list_lock); 166 } 167 168 /* 169 * Find a socket that wants to accept the SABM we have just 170 * received. 171 */ 172 struct sock *ax25_find_listener(ax25_address *addr, int digi, 173 struct net_device *dev, int type) 174 { 175 ax25_cb *s; 176 177 spin_lock(&ax25_list_lock); 178 ax25_for_each(s, &ax25_list) { 179 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 180 continue; 181 if (s->sk && !ax25cmp(&s->source_addr, addr) && 182 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 183 /* If device is null we match any device */ 184 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 185 sock_hold(s->sk); 186 spin_unlock(&ax25_list_lock); 187 return s->sk; 188 } 189 } 190 } 191 spin_unlock(&ax25_list_lock); 192 193 return NULL; 194 } 195 196 /* 197 * Find an AX.25 socket given both ends. 198 */ 199 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 200 int type) 201 { 202 struct sock *sk = NULL; 203 ax25_cb *s; 204 205 spin_lock(&ax25_list_lock); 206 ax25_for_each(s, &ax25_list) { 207 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 208 !ax25cmp(&s->dest_addr, dest_addr) && 209 s->sk->sk_type == type) { 210 sk = s->sk; 211 sock_hold(sk); 212 break; 213 } 214 } 215 216 spin_unlock(&ax25_list_lock); 217 218 return sk; 219 } 220 221 /* 222 * Find an AX.25 control block given both ends. It will only pick up 223 * floating AX.25 control blocks or non Raw socket bound control blocks. 224 */ 225 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr, 226 ax25_digi *digi, struct net_device *dev) 227 { 228 ax25_cb *s; 229 230 spin_lock_bh(&ax25_list_lock); 231 ax25_for_each(s, &ax25_list) { 232 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 233 continue; 234 if (s->ax25_dev == NULL) 235 continue; 236 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 237 if (digi != NULL && digi->ndigi != 0) { 238 if (s->digipeat == NULL) 239 continue; 240 if (ax25digicmp(s->digipeat, digi) != 0) 241 continue; 242 } else { 243 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 244 continue; 245 } 246 ax25_cb_hold(s); 247 spin_unlock_bh(&ax25_list_lock); 248 249 return s; 250 } 251 } 252 spin_unlock_bh(&ax25_list_lock); 253 254 return NULL; 255 } 256 257 EXPORT_SYMBOL(ax25_find_cb); 258 259 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 260 { 261 ax25_cb *s; 262 struct sk_buff *copy; 263 264 spin_lock(&ax25_list_lock); 265 ax25_for_each(s, &ax25_list) { 266 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 267 s->sk->sk_type == SOCK_RAW && 268 s->sk->sk_protocol == proto && 269 s->ax25_dev->dev == skb->dev && 270 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 271 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 272 continue; 273 if (sock_queue_rcv_skb(s->sk, copy) != 0) 274 kfree_skb(copy); 275 } 276 } 277 spin_unlock(&ax25_list_lock); 278 } 279 280 /* 281 * Deferred destroy. 282 */ 283 void ax25_destroy_socket(ax25_cb *); 284 285 /* 286 * Handler for deferred kills. 287 */ 288 static void ax25_destroy_timer(struct timer_list *t) 289 { 290 ax25_cb *ax25 = from_timer(ax25, t, dtimer); 291 struct sock *sk; 292 293 sk=ax25->sk; 294 295 bh_lock_sock(sk); 296 sock_hold(sk); 297 ax25_destroy_socket(ax25); 298 bh_unlock_sock(sk); 299 sock_put(sk); 300 } 301 302 /* 303 * This is called from user mode and the timers. Thus it protects itself 304 * against interrupt users but doesn't worry about being called during 305 * work. Once it is removed from the queue no interrupt or bottom half 306 * will touch it and we are (fairly 8-) ) safe. 307 */ 308 void ax25_destroy_socket(ax25_cb *ax25) 309 { 310 struct sk_buff *skb; 311 312 ax25_cb_del(ax25); 313 314 ax25_stop_heartbeat(ax25); 315 ax25_stop_t1timer(ax25); 316 ax25_stop_t2timer(ax25); 317 ax25_stop_t3timer(ax25); 318 ax25_stop_idletimer(ax25); 319 320 ax25_clear_queues(ax25); /* Flush the queues */ 321 322 if (ax25->sk != NULL) { 323 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 324 if (skb->sk != ax25->sk) { 325 /* A pending connection */ 326 ax25_cb *sax25 = sk_to_ax25(skb->sk); 327 328 /* Queue the unaccepted socket for death */ 329 sock_orphan(skb->sk); 330 331 /* 9A4GL: hack to release unaccepted sockets */ 332 skb->sk->sk_state = TCP_LISTEN; 333 334 ax25_start_heartbeat(sax25); 335 sax25->state = AX25_STATE_0; 336 } 337 338 kfree_skb(skb); 339 } 340 skb_queue_purge(&ax25->sk->sk_write_queue); 341 } 342 343 if (ax25->sk != NULL) { 344 if (sk_has_allocations(ax25->sk)) { 345 /* Defer: outstanding buffers */ 346 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 347 ax25->dtimer.expires = jiffies + 2 * HZ; 348 add_timer(&ax25->dtimer); 349 } else { 350 struct sock *sk=ax25->sk; 351 ax25->sk=NULL; 352 sock_put(sk); 353 } 354 } else { 355 ax25_cb_put(ax25); 356 } 357 } 358 359 /* 360 * dl1bke 960311: set parameters for existing AX.25 connections, 361 * includes a KILL command to abort any connection. 362 * VERY useful for debugging ;-) 363 */ 364 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 365 { 366 struct ax25_ctl_struct ax25_ctl; 367 ax25_digi digi; 368 ax25_dev *ax25_dev; 369 ax25_cb *ax25; 370 unsigned int k; 371 int ret = 0; 372 373 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 374 return -EFAULT; 375 376 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 377 return -EINVAL; 378 379 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 380 return -EINVAL; 381 382 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr); 383 if (!ax25_dev) 384 return -ENODEV; 385 386 digi.ndigi = ax25_ctl.digi_count; 387 for (k = 0; k < digi.ndigi; k++) 388 digi.calls[k] = ax25_ctl.digi_addr[k]; 389 390 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev); 391 if (!ax25) { 392 ax25_dev_put(ax25_dev); 393 return -ENOTCONN; 394 } 395 396 switch (ax25_ctl.cmd) { 397 case AX25_KILL: 398 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 399 #ifdef CONFIG_AX25_DAMA_SLAVE 400 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 401 ax25_dama_off(ax25); 402 #endif 403 ax25_disconnect(ax25, ENETRESET); 404 break; 405 406 case AX25_WINDOW: 407 if (ax25->modulus == AX25_MODULUS) { 408 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 409 goto einval_put; 410 } else { 411 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 412 goto einval_put; 413 } 414 ax25->window = ax25_ctl.arg; 415 break; 416 417 case AX25_T1: 418 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 419 goto einval_put; 420 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 421 ax25->t1 = ax25_ctl.arg * HZ; 422 break; 423 424 case AX25_T2: 425 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 426 goto einval_put; 427 ax25->t2 = ax25_ctl.arg * HZ; 428 break; 429 430 case AX25_N2: 431 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 432 goto einval_put; 433 ax25->n2count = 0; 434 ax25->n2 = ax25_ctl.arg; 435 break; 436 437 case AX25_T3: 438 if (ax25_ctl.arg > ULONG_MAX / HZ) 439 goto einval_put; 440 ax25->t3 = ax25_ctl.arg * HZ; 441 break; 442 443 case AX25_IDLE: 444 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 445 goto einval_put; 446 447 ax25->idle = ax25_ctl.arg * 60 * HZ; 448 break; 449 450 case AX25_PACLEN: 451 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 452 goto einval_put; 453 ax25->paclen = ax25_ctl.arg; 454 break; 455 456 default: 457 goto einval_put; 458 } 459 460 out_put: 461 ax25_dev_put(ax25_dev); 462 ax25_cb_put(ax25); 463 return ret; 464 465 einval_put: 466 ret = -EINVAL; 467 goto out_put; 468 } 469 470 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, const ax25_dev *ax25_dev) 471 { 472 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 473 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 474 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 475 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 476 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 477 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 478 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 479 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 480 481 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 482 ax25->modulus = AX25_EMODULUS; 483 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 484 } else { 485 ax25->modulus = AX25_MODULUS; 486 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 487 } 488 } 489 490 /* 491 * Fill in a created AX.25 created control block with the default 492 * values for a particular device. 493 */ 494 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 495 { 496 ax25->ax25_dev = ax25_dev; 497 498 if (ax25->ax25_dev != NULL) { 499 ax25_fillin_cb_from_dev(ax25, ax25_dev); 500 return; 501 } 502 503 /* 504 * No device, use kernel / AX.25 spec default values 505 */ 506 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 507 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 508 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 509 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 510 ax25->n2 = AX25_DEF_N2; 511 ax25->paclen = AX25_DEF_PACLEN; 512 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 513 ax25->backoff = AX25_DEF_BACKOFF; 514 515 if (AX25_DEF_AXDEFMODE) { 516 ax25->modulus = AX25_EMODULUS; 517 ax25->window = AX25_DEF_EWINDOW; 518 } else { 519 ax25->modulus = AX25_MODULUS; 520 ax25->window = AX25_DEF_WINDOW; 521 } 522 } 523 524 /* 525 * Create an empty AX.25 control block. 526 */ 527 ax25_cb *ax25_create_cb(void) 528 { 529 ax25_cb *ax25; 530 531 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 532 return NULL; 533 534 refcount_set(&ax25->refcount, 1); 535 536 skb_queue_head_init(&ax25->write_queue); 537 skb_queue_head_init(&ax25->frag_queue); 538 skb_queue_head_init(&ax25->ack_queue); 539 skb_queue_head_init(&ax25->reseq_queue); 540 541 ax25_setup_timers(ax25); 542 543 ax25_fillin_cb(ax25, NULL); 544 545 ax25->state = AX25_STATE_0; 546 547 return ax25; 548 } 549 550 /* 551 * Handling for system calls applied via the various interfaces to an 552 * AX25 socket object 553 */ 554 555 static int ax25_setsockopt(struct socket *sock, int level, int optname, 556 sockptr_t optval, unsigned int optlen) 557 { 558 struct sock *sk = sock->sk; 559 ax25_cb *ax25; 560 struct net_device *dev; 561 char devname[IFNAMSIZ]; 562 unsigned int opt; 563 int res = 0; 564 565 if (level != SOL_AX25) 566 return -ENOPROTOOPT; 567 568 if (optlen < sizeof(unsigned int)) 569 return -EINVAL; 570 571 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 572 return -EFAULT; 573 574 lock_sock(sk); 575 ax25 = sk_to_ax25(sk); 576 577 switch (optname) { 578 case AX25_WINDOW: 579 if (ax25->modulus == AX25_MODULUS) { 580 if (opt < 1 || opt > 7) { 581 res = -EINVAL; 582 break; 583 } 584 } else { 585 if (opt < 1 || opt > 63) { 586 res = -EINVAL; 587 break; 588 } 589 } 590 ax25->window = opt; 591 break; 592 593 case AX25_T1: 594 if (opt < 1 || opt > UINT_MAX / HZ) { 595 res = -EINVAL; 596 break; 597 } 598 ax25->rtt = (opt * HZ) >> 1; 599 ax25->t1 = opt * HZ; 600 break; 601 602 case AX25_T2: 603 if (opt < 1 || opt > UINT_MAX / HZ) { 604 res = -EINVAL; 605 break; 606 } 607 ax25->t2 = opt * HZ; 608 break; 609 610 case AX25_N2: 611 if (opt < 1 || opt > 31) { 612 res = -EINVAL; 613 break; 614 } 615 ax25->n2 = opt; 616 break; 617 618 case AX25_T3: 619 if (opt < 1 || opt > UINT_MAX / HZ) { 620 res = -EINVAL; 621 break; 622 } 623 ax25->t3 = opt * HZ; 624 break; 625 626 case AX25_IDLE: 627 if (opt > UINT_MAX / (60 * HZ)) { 628 res = -EINVAL; 629 break; 630 } 631 ax25->idle = opt * 60 * HZ; 632 break; 633 634 case AX25_BACKOFF: 635 if (opt > 2) { 636 res = -EINVAL; 637 break; 638 } 639 ax25->backoff = opt; 640 break; 641 642 case AX25_EXTSEQ: 643 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 644 break; 645 646 case AX25_PIDINCL: 647 ax25->pidincl = opt ? 1 : 0; 648 break; 649 650 case AX25_IAMDIGI: 651 ax25->iamdigi = opt ? 1 : 0; 652 break; 653 654 case AX25_PACLEN: 655 if (opt < 16 || opt > 65535) { 656 res = -EINVAL; 657 break; 658 } 659 ax25->paclen = opt; 660 break; 661 662 case SO_BINDTODEVICE: 663 if (optlen > IFNAMSIZ - 1) 664 optlen = IFNAMSIZ - 1; 665 666 memset(devname, 0, sizeof(devname)); 667 668 if (copy_from_sockptr(devname, optval, optlen)) { 669 res = -EFAULT; 670 break; 671 } 672 673 if (sk->sk_type == SOCK_SEQPACKET && 674 (sock->state != SS_UNCONNECTED || 675 sk->sk_state == TCP_LISTEN)) { 676 res = -EADDRNOTAVAIL; 677 break; 678 } 679 680 rcu_read_lock(); 681 dev = dev_get_by_name_rcu(&init_net, devname); 682 if (!dev) { 683 rcu_read_unlock(); 684 res = -ENODEV; 685 break; 686 } 687 688 if (ax25->ax25_dev) { 689 if (dev == ax25->ax25_dev->dev) { 690 rcu_read_unlock(); 691 break; 692 } 693 netdev_put(ax25->ax25_dev->dev, &ax25->dev_tracker); 694 ax25_dev_put(ax25->ax25_dev); 695 } 696 697 ax25->ax25_dev = ax25_dev_ax25dev(dev); 698 if (!ax25->ax25_dev) { 699 rcu_read_unlock(); 700 res = -ENODEV; 701 break; 702 } 703 ax25_fillin_cb(ax25, ax25->ax25_dev); 704 netdev_hold(dev, &ax25->dev_tracker, GFP_ATOMIC); 705 ax25_dev_hold(ax25->ax25_dev); 706 rcu_read_unlock(); 707 break; 708 709 default: 710 res = -ENOPROTOOPT; 711 } 712 release_sock(sk); 713 714 return res; 715 } 716 717 static int ax25_getsockopt(struct socket *sock, int level, int optname, 718 char __user *optval, int __user *optlen) 719 { 720 struct sock *sk = sock->sk; 721 ax25_cb *ax25; 722 struct ax25_dev *ax25_dev; 723 char devname[IFNAMSIZ]; 724 void *valptr; 725 int val = 0; 726 int maxlen, length; 727 728 if (level != SOL_AX25) 729 return -ENOPROTOOPT; 730 731 if (get_user(maxlen, optlen)) 732 return -EFAULT; 733 734 if (maxlen < 1) 735 return -EFAULT; 736 737 valptr = &val; 738 length = min_t(unsigned int, maxlen, sizeof(int)); 739 740 lock_sock(sk); 741 ax25 = sk_to_ax25(sk); 742 743 switch (optname) { 744 case AX25_WINDOW: 745 val = ax25->window; 746 break; 747 748 case AX25_T1: 749 val = ax25->t1 / HZ; 750 break; 751 752 case AX25_T2: 753 val = ax25->t2 / HZ; 754 break; 755 756 case AX25_N2: 757 val = ax25->n2; 758 break; 759 760 case AX25_T3: 761 val = ax25->t3 / HZ; 762 break; 763 764 case AX25_IDLE: 765 val = ax25->idle / (60 * HZ); 766 break; 767 768 case AX25_BACKOFF: 769 val = ax25->backoff; 770 break; 771 772 case AX25_EXTSEQ: 773 val = (ax25->modulus == AX25_EMODULUS); 774 break; 775 776 case AX25_PIDINCL: 777 val = ax25->pidincl; 778 break; 779 780 case AX25_IAMDIGI: 781 val = ax25->iamdigi; 782 break; 783 784 case AX25_PACLEN: 785 val = ax25->paclen; 786 break; 787 788 case SO_BINDTODEVICE: 789 ax25_dev = ax25->ax25_dev; 790 791 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 792 strscpy(devname, ax25_dev->dev->name, sizeof(devname)); 793 length = strlen(devname) + 1; 794 } else { 795 *devname = '\0'; 796 length = 1; 797 } 798 799 valptr = devname; 800 break; 801 802 default: 803 release_sock(sk); 804 return -ENOPROTOOPT; 805 } 806 release_sock(sk); 807 808 if (put_user(length, optlen)) 809 return -EFAULT; 810 811 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 812 } 813 814 static int ax25_listen(struct socket *sock, int backlog) 815 { 816 struct sock *sk = sock->sk; 817 int res = 0; 818 819 lock_sock(sk); 820 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 821 sk->sk_max_ack_backlog = backlog; 822 sk->sk_state = TCP_LISTEN; 823 goto out; 824 } 825 res = -EOPNOTSUPP; 826 827 out: 828 release_sock(sk); 829 830 return res; 831 } 832 833 /* 834 * XXX: when creating ax25_sock we should update the .obj_size setting 835 * below. 836 */ 837 static struct proto ax25_proto = { 838 .name = "AX25", 839 .owner = THIS_MODULE, 840 .obj_size = sizeof(struct ax25_sock), 841 }; 842 843 static int ax25_create(struct net *net, struct socket *sock, int protocol, 844 int kern) 845 { 846 struct sock *sk; 847 ax25_cb *ax25; 848 849 if (protocol < 0 || protocol > U8_MAX) 850 return -EINVAL; 851 852 if (!net_eq(net, &init_net)) 853 return -EAFNOSUPPORT; 854 855 switch (sock->type) { 856 case SOCK_DGRAM: 857 if (protocol == 0 || protocol == PF_AX25) 858 protocol = AX25_P_TEXT; 859 break; 860 861 case SOCK_SEQPACKET: 862 switch (protocol) { 863 case 0: 864 case PF_AX25: /* For CLX */ 865 protocol = AX25_P_TEXT; 866 break; 867 case AX25_P_SEGMENT: 868 #ifdef CONFIG_INET 869 case AX25_P_ARP: 870 case AX25_P_IP: 871 #endif 872 #ifdef CONFIG_NETROM 873 case AX25_P_NETROM: 874 #endif 875 #ifdef CONFIG_ROSE 876 case AX25_P_ROSE: 877 #endif 878 return -ESOCKTNOSUPPORT; 879 #ifdef CONFIG_NETROM_MODULE 880 case AX25_P_NETROM: 881 if (ax25_protocol_is_registered(AX25_P_NETROM)) 882 return -ESOCKTNOSUPPORT; 883 break; 884 #endif 885 #ifdef CONFIG_ROSE_MODULE 886 case AX25_P_ROSE: 887 if (ax25_protocol_is_registered(AX25_P_ROSE)) 888 return -ESOCKTNOSUPPORT; 889 break; 890 #endif 891 default: 892 break; 893 } 894 break; 895 896 case SOCK_RAW: 897 if (!capable(CAP_NET_RAW)) 898 return -EPERM; 899 break; 900 default: 901 return -ESOCKTNOSUPPORT; 902 } 903 904 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 905 if (sk == NULL) 906 return -ENOMEM; 907 908 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 909 if (!ax25) { 910 sk_free(sk); 911 return -ENOMEM; 912 } 913 914 sock_init_data(sock, sk); 915 916 sk->sk_destruct = ax25_free_sock; 917 sock->ops = &ax25_proto_ops; 918 sk->sk_protocol = protocol; 919 920 ax25->sk = sk; 921 922 return 0; 923 } 924 925 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 926 { 927 struct sock *sk; 928 ax25_cb *ax25, *oax25; 929 930 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 931 if (sk == NULL) 932 return NULL; 933 934 if ((ax25 = ax25_create_cb()) == NULL) { 935 sk_free(sk); 936 return NULL; 937 } 938 939 switch (osk->sk_type) { 940 case SOCK_DGRAM: 941 break; 942 case SOCK_SEQPACKET: 943 break; 944 default: 945 sk_free(sk); 946 ax25_cb_put(ax25); 947 return NULL; 948 } 949 950 sock_init_data(NULL, sk); 951 952 sk->sk_type = osk->sk_type; 953 sk->sk_priority = READ_ONCE(osk->sk_priority); 954 sk->sk_protocol = osk->sk_protocol; 955 sk->sk_rcvbuf = osk->sk_rcvbuf; 956 sk->sk_sndbuf = osk->sk_sndbuf; 957 sk->sk_state = TCP_ESTABLISHED; 958 sock_copy_flags(sk, osk); 959 960 oax25 = sk_to_ax25(osk); 961 962 ax25->modulus = oax25->modulus; 963 ax25->backoff = oax25->backoff; 964 ax25->pidincl = oax25->pidincl; 965 ax25->iamdigi = oax25->iamdigi; 966 ax25->rtt = oax25->rtt; 967 ax25->t1 = oax25->t1; 968 ax25->t2 = oax25->t2; 969 ax25->t3 = oax25->t3; 970 ax25->n2 = oax25->n2; 971 ax25->idle = oax25->idle; 972 ax25->paclen = oax25->paclen; 973 ax25->window = oax25->window; 974 975 ax25->ax25_dev = ax25_dev; 976 ax25->source_addr = oax25->source_addr; 977 978 if (oax25->digipeat != NULL) { 979 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 980 GFP_ATOMIC); 981 if (ax25->digipeat == NULL) { 982 sk_free(sk); 983 ax25_cb_put(ax25); 984 return NULL; 985 } 986 } 987 988 ax25_sk(sk)->cb = ax25; 989 sk->sk_destruct = ax25_free_sock; 990 ax25->sk = sk; 991 992 return sk; 993 } 994 995 static int ax25_release(struct socket *sock) 996 { 997 struct sock *sk = sock->sk; 998 ax25_cb *ax25; 999 ax25_dev *ax25_dev; 1000 1001 if (sk == NULL) 1002 return 0; 1003 1004 sock_hold(sk); 1005 lock_sock(sk); 1006 sock_orphan(sk); 1007 ax25 = sk_to_ax25(sk); 1008 ax25_dev = ax25->ax25_dev; 1009 1010 if (sk->sk_type == SOCK_SEQPACKET) { 1011 switch (ax25->state) { 1012 case AX25_STATE_0: 1013 if (!sock_flag(ax25->sk, SOCK_DEAD)) { 1014 release_sock(sk); 1015 ax25_disconnect(ax25, 0); 1016 lock_sock(sk); 1017 } 1018 ax25_destroy_socket(ax25); 1019 break; 1020 1021 case AX25_STATE_1: 1022 case AX25_STATE_2: 1023 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 1024 release_sock(sk); 1025 ax25_disconnect(ax25, 0); 1026 lock_sock(sk); 1027 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 1028 ax25_destroy_socket(ax25); 1029 break; 1030 1031 case AX25_STATE_3: 1032 case AX25_STATE_4: 1033 ax25_clear_queues(ax25); 1034 ax25->n2count = 0; 1035 1036 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1037 case AX25_PROTO_STD_SIMPLEX: 1038 case AX25_PROTO_STD_DUPLEX: 1039 ax25_send_control(ax25, 1040 AX25_DISC, 1041 AX25_POLLON, 1042 AX25_COMMAND); 1043 ax25_stop_t2timer(ax25); 1044 ax25_stop_t3timer(ax25); 1045 ax25_stop_idletimer(ax25); 1046 break; 1047 #ifdef CONFIG_AX25_DAMA_SLAVE 1048 case AX25_PROTO_DAMA_SLAVE: 1049 ax25_stop_t3timer(ax25); 1050 ax25_stop_idletimer(ax25); 1051 break; 1052 #endif 1053 } 1054 ax25_calculate_t1(ax25); 1055 ax25_start_t1timer(ax25); 1056 ax25->state = AX25_STATE_2; 1057 sk->sk_state = TCP_CLOSE; 1058 sk->sk_shutdown |= SEND_SHUTDOWN; 1059 sk->sk_state_change(sk); 1060 sock_set_flag(sk, SOCK_DESTROY); 1061 break; 1062 1063 default: 1064 break; 1065 } 1066 } else { 1067 sk->sk_state = TCP_CLOSE; 1068 sk->sk_shutdown |= SEND_SHUTDOWN; 1069 sk->sk_state_change(sk); 1070 ax25_destroy_socket(ax25); 1071 } 1072 if (ax25_dev) { 1073 if (!ax25_dev->device_up) { 1074 del_timer_sync(&ax25->timer); 1075 del_timer_sync(&ax25->t1timer); 1076 del_timer_sync(&ax25->t2timer); 1077 del_timer_sync(&ax25->t3timer); 1078 del_timer_sync(&ax25->idletimer); 1079 } 1080 netdev_put(ax25_dev->dev, &ax25->dev_tracker); 1081 ax25_dev_put(ax25_dev); 1082 } 1083 1084 sock->sk = NULL; 1085 release_sock(sk); 1086 sock_put(sk); 1087 1088 return 0; 1089 } 1090 1091 /* 1092 * We support a funny extension here so you can (as root) give any callsign 1093 * digipeated via a local address as source. This hack is obsolete now 1094 * that we've implemented support for SO_BINDTODEVICE. It is however small 1095 * and trivially backward compatible. 1096 */ 1097 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1098 { 1099 struct sock *sk = sock->sk; 1100 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1101 ax25_dev *ax25_dev = NULL; 1102 ax25_uid_assoc *user; 1103 ax25_address call; 1104 ax25_cb *ax25; 1105 int err = 0; 1106 1107 if (addr_len != sizeof(struct sockaddr_ax25) && 1108 addr_len != sizeof(struct full_sockaddr_ax25)) 1109 /* support for old structure may go away some time 1110 * ax25_bind(): uses old (6 digipeater) socket structure. 1111 */ 1112 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1113 (addr_len > sizeof(struct full_sockaddr_ax25))) 1114 return -EINVAL; 1115 1116 if (addr->fsa_ax25.sax25_family != AF_AX25) 1117 return -EINVAL; 1118 1119 user = ax25_findbyuid(current_euid()); 1120 if (user) { 1121 call = user->call; 1122 ax25_uid_put(user); 1123 } else { 1124 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1125 return -EACCES; 1126 1127 call = addr->fsa_ax25.sax25_call; 1128 } 1129 1130 lock_sock(sk); 1131 1132 ax25 = sk_to_ax25(sk); 1133 if (!sock_flag(sk, SOCK_ZAPPED)) { 1134 err = -EINVAL; 1135 goto out; 1136 } 1137 1138 ax25->source_addr = call; 1139 1140 /* 1141 * User already set interface with SO_BINDTODEVICE 1142 */ 1143 if (ax25->ax25_dev != NULL) 1144 goto done; 1145 1146 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1147 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1148 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1149 err = -EADDRNOTAVAIL; 1150 goto out; 1151 } 1152 } else { 1153 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1154 err = -EADDRNOTAVAIL; 1155 goto out; 1156 } 1157 } 1158 1159 if (ax25_dev) { 1160 ax25_fillin_cb(ax25, ax25_dev); 1161 netdev_hold(ax25_dev->dev, &ax25->dev_tracker, GFP_ATOMIC); 1162 } 1163 1164 done: 1165 ax25_cb_add(ax25); 1166 sock_reset_flag(sk, SOCK_ZAPPED); 1167 1168 out: 1169 release_sock(sk); 1170 1171 return err; 1172 } 1173 1174 /* 1175 * FIXME: nonblock behaviour looks like it may have a bug. 1176 */ 1177 static int __must_check ax25_connect(struct socket *sock, 1178 struct sockaddr *uaddr, int addr_len, int flags) 1179 { 1180 struct sock *sk = sock->sk; 1181 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1182 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1183 ax25_digi *digi = NULL; 1184 int ct = 0, err = 0; 1185 1186 /* 1187 * some sanity checks. code further down depends on this 1188 */ 1189 1190 if (addr_len == sizeof(struct sockaddr_ax25)) 1191 /* support for this will go away in early 2.5.x 1192 * ax25_connect(): uses obsolete socket structure 1193 */ 1194 ; 1195 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1196 /* support for old structure may go away some time 1197 * ax25_connect(): uses old (6 digipeater) socket structure. 1198 */ 1199 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1200 (addr_len > sizeof(struct full_sockaddr_ax25))) 1201 return -EINVAL; 1202 1203 1204 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1205 return -EINVAL; 1206 1207 lock_sock(sk); 1208 1209 /* deal with restarts */ 1210 if (sock->state == SS_CONNECTING) { 1211 switch (sk->sk_state) { 1212 case TCP_SYN_SENT: /* still trying */ 1213 err = -EINPROGRESS; 1214 goto out_release; 1215 1216 case TCP_ESTABLISHED: /* connection established */ 1217 sock->state = SS_CONNECTED; 1218 goto out_release; 1219 1220 case TCP_CLOSE: /* connection refused */ 1221 sock->state = SS_UNCONNECTED; 1222 err = -ECONNREFUSED; 1223 goto out_release; 1224 } 1225 } 1226 1227 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1228 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1229 goto out_release; 1230 } 1231 1232 sk->sk_state = TCP_CLOSE; 1233 sock->state = SS_UNCONNECTED; 1234 1235 kfree(ax25->digipeat); 1236 ax25->digipeat = NULL; 1237 1238 /* 1239 * Handle digi-peaters to be used. 1240 */ 1241 if (addr_len > sizeof(struct sockaddr_ax25) && 1242 fsa->fsa_ax25.sax25_ndigis != 0) { 1243 /* Valid number of digipeaters ? */ 1244 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1245 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1246 addr_len < sizeof(struct sockaddr_ax25) + 1247 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1248 err = -EINVAL; 1249 goto out_release; 1250 } 1251 1252 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1253 err = -ENOBUFS; 1254 goto out_release; 1255 } 1256 1257 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1258 digi->lastrepeat = -1; 1259 1260 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1261 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1262 AX25_HBIT) && ax25->iamdigi) { 1263 digi->repeated[ct] = 1; 1264 digi->lastrepeat = ct; 1265 } else { 1266 digi->repeated[ct] = 0; 1267 } 1268 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1269 ct++; 1270 } 1271 } 1272 1273 /* 1274 * Must bind first - autobinding in this may or may not work. If 1275 * the socket is already bound, check to see if the device has 1276 * been filled in, error if it hasn't. 1277 */ 1278 if (sock_flag(sk, SOCK_ZAPPED)) { 1279 /* check if we can remove this feature. It is broken. */ 1280 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n", 1281 current->comm); 1282 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) { 1283 kfree(digi); 1284 goto out_release; 1285 } 1286 1287 ax25_fillin_cb(ax25, ax25->ax25_dev); 1288 ax25_cb_add(ax25); 1289 } else { 1290 if (ax25->ax25_dev == NULL) { 1291 kfree(digi); 1292 err = -EHOSTUNREACH; 1293 goto out_release; 1294 } 1295 } 1296 1297 if (sk->sk_type == SOCK_SEQPACKET && 1298 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1299 ax25->ax25_dev->dev))) { 1300 kfree(digi); 1301 err = -EADDRINUSE; /* Already such a connection */ 1302 ax25_cb_put(ax25t); 1303 goto out_release; 1304 } 1305 1306 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1307 ax25->digipeat = digi; 1308 1309 /* First the easy one */ 1310 if (sk->sk_type != SOCK_SEQPACKET) { 1311 sock->state = SS_CONNECTED; 1312 sk->sk_state = TCP_ESTABLISHED; 1313 goto out_release; 1314 } 1315 1316 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1317 sock->state = SS_CONNECTING; 1318 sk->sk_state = TCP_SYN_SENT; 1319 1320 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1321 case AX25_PROTO_STD_SIMPLEX: 1322 case AX25_PROTO_STD_DUPLEX: 1323 ax25_std_establish_data_link(ax25); 1324 break; 1325 1326 #ifdef CONFIG_AX25_DAMA_SLAVE 1327 case AX25_PROTO_DAMA_SLAVE: 1328 ax25->modulus = AX25_MODULUS; 1329 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1330 if (ax25->ax25_dev->dama.slave) 1331 ax25_ds_establish_data_link(ax25); 1332 else 1333 ax25_std_establish_data_link(ax25); 1334 break; 1335 #endif 1336 } 1337 1338 ax25->state = AX25_STATE_1; 1339 1340 ax25_start_heartbeat(ax25); 1341 1342 /* Now the loop */ 1343 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1344 err = -EINPROGRESS; 1345 goto out_release; 1346 } 1347 1348 if (sk->sk_state == TCP_SYN_SENT) { 1349 DEFINE_WAIT(wait); 1350 1351 for (;;) { 1352 prepare_to_wait(sk_sleep(sk), &wait, 1353 TASK_INTERRUPTIBLE); 1354 if (sk->sk_state != TCP_SYN_SENT) 1355 break; 1356 if (!signal_pending(current)) { 1357 release_sock(sk); 1358 schedule(); 1359 lock_sock(sk); 1360 continue; 1361 } 1362 err = -ERESTARTSYS; 1363 break; 1364 } 1365 finish_wait(sk_sleep(sk), &wait); 1366 1367 if (err) 1368 goto out_release; 1369 } 1370 1371 if (sk->sk_state != TCP_ESTABLISHED) { 1372 /* Not in ABM, not in WAIT_UA -> failed */ 1373 sock->state = SS_UNCONNECTED; 1374 err = sock_error(sk); /* Always set at this point */ 1375 goto out_release; 1376 } 1377 1378 sock->state = SS_CONNECTED; 1379 1380 err = 0; 1381 out_release: 1382 release_sock(sk); 1383 1384 return err; 1385 } 1386 1387 static int ax25_accept(struct socket *sock, struct socket *newsock, 1388 struct proto_accept_arg *arg) 1389 { 1390 struct sk_buff *skb; 1391 struct sock *newsk; 1392 ax25_dev *ax25_dev; 1393 DEFINE_WAIT(wait); 1394 struct sock *sk; 1395 ax25_cb *ax25; 1396 int err = 0; 1397 1398 if (sock->state != SS_UNCONNECTED) 1399 return -EINVAL; 1400 1401 if ((sk = sock->sk) == NULL) 1402 return -EINVAL; 1403 1404 lock_sock(sk); 1405 if (sk->sk_type != SOCK_SEQPACKET) { 1406 err = -EOPNOTSUPP; 1407 goto out; 1408 } 1409 1410 if (sk->sk_state != TCP_LISTEN) { 1411 err = -EINVAL; 1412 goto out; 1413 } 1414 1415 /* 1416 * The read queue this time is holding sockets ready to use 1417 * hooked into the SABM we saved 1418 */ 1419 for (;;) { 1420 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1421 skb = skb_dequeue(&sk->sk_receive_queue); 1422 if (skb) 1423 break; 1424 1425 if (arg->flags & O_NONBLOCK) { 1426 err = -EWOULDBLOCK; 1427 break; 1428 } 1429 if (!signal_pending(current)) { 1430 release_sock(sk); 1431 schedule(); 1432 lock_sock(sk); 1433 continue; 1434 } 1435 err = -ERESTARTSYS; 1436 break; 1437 } 1438 finish_wait(sk_sleep(sk), &wait); 1439 1440 if (err) 1441 goto out; 1442 1443 newsk = skb->sk; 1444 sock_graft(newsk, newsock); 1445 1446 /* Now attach up the new socket */ 1447 kfree_skb(skb); 1448 sk_acceptq_removed(sk); 1449 newsock->state = SS_CONNECTED; 1450 ax25 = sk_to_ax25(newsk); 1451 ax25_dev = ax25->ax25_dev; 1452 netdev_hold(ax25_dev->dev, &ax25->dev_tracker, GFP_ATOMIC); 1453 ax25_dev_hold(ax25_dev); 1454 1455 out: 1456 release_sock(sk); 1457 1458 return err; 1459 } 1460 1461 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1462 int peer) 1463 { 1464 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1465 struct sock *sk = sock->sk; 1466 unsigned char ndigi, i; 1467 ax25_cb *ax25; 1468 int err = 0; 1469 1470 memset(fsa, 0, sizeof(*fsa)); 1471 lock_sock(sk); 1472 ax25 = sk_to_ax25(sk); 1473 1474 if (peer != 0) { 1475 if (sk->sk_state != TCP_ESTABLISHED) { 1476 err = -ENOTCONN; 1477 goto out; 1478 } 1479 1480 fsa->fsa_ax25.sax25_family = AF_AX25; 1481 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1482 1483 if (ax25->digipeat != NULL) { 1484 ndigi = ax25->digipeat->ndigi; 1485 fsa->fsa_ax25.sax25_ndigis = ndigi; 1486 for (i = 0; i < ndigi; i++) 1487 fsa->fsa_digipeater[i] = 1488 ax25->digipeat->calls[i]; 1489 } 1490 } else { 1491 fsa->fsa_ax25.sax25_family = AF_AX25; 1492 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1493 fsa->fsa_ax25.sax25_ndigis = 1; 1494 if (ax25->ax25_dev != NULL) { 1495 memcpy(&fsa->fsa_digipeater[0], 1496 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1497 } else { 1498 fsa->fsa_digipeater[0] = null_ax25_address; 1499 } 1500 } 1501 err = sizeof (struct full_sockaddr_ax25); 1502 1503 out: 1504 release_sock(sk); 1505 1506 return err; 1507 } 1508 1509 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1510 { 1511 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1512 struct sock *sk = sock->sk; 1513 struct sockaddr_ax25 sax; 1514 struct sk_buff *skb; 1515 ax25_digi dtmp, *dp; 1516 ax25_cb *ax25; 1517 size_t size; 1518 int lv, err, addr_len = msg->msg_namelen; 1519 1520 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1521 return -EINVAL; 1522 1523 lock_sock(sk); 1524 ax25 = sk_to_ax25(sk); 1525 1526 if (sock_flag(sk, SOCK_ZAPPED)) { 1527 err = -EADDRNOTAVAIL; 1528 goto out; 1529 } 1530 1531 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1532 send_sig(SIGPIPE, current, 0); 1533 err = -EPIPE; 1534 goto out; 1535 } 1536 1537 if (ax25->ax25_dev == NULL) { 1538 err = -ENETUNREACH; 1539 goto out; 1540 } 1541 1542 if (len > ax25->ax25_dev->dev->mtu) { 1543 err = -EMSGSIZE; 1544 goto out; 1545 } 1546 1547 if (usax != NULL) { 1548 if (usax->sax25_family != AF_AX25) { 1549 err = -EINVAL; 1550 goto out; 1551 } 1552 1553 if (addr_len == sizeof(struct sockaddr_ax25)) 1554 /* ax25_sendmsg(): uses obsolete socket structure */ 1555 ; 1556 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1557 /* support for old structure may go away some time 1558 * ax25_sendmsg(): uses old (6 digipeater) 1559 * socket structure. 1560 */ 1561 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1562 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1563 err = -EINVAL; 1564 goto out; 1565 } 1566 1567 1568 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1569 int ct = 0; 1570 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1571 1572 /* Valid number of digipeaters ? */ 1573 if (usax->sax25_ndigis < 1 || 1574 usax->sax25_ndigis > AX25_MAX_DIGIS || 1575 addr_len < sizeof(struct sockaddr_ax25) + 1576 sizeof(ax25_address) * usax->sax25_ndigis) { 1577 err = -EINVAL; 1578 goto out; 1579 } 1580 1581 dtmp.ndigi = usax->sax25_ndigis; 1582 1583 while (ct < usax->sax25_ndigis) { 1584 dtmp.repeated[ct] = 0; 1585 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1586 ct++; 1587 } 1588 1589 dtmp.lastrepeat = 0; 1590 } 1591 1592 sax = *usax; 1593 if (sk->sk_type == SOCK_SEQPACKET && 1594 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1595 err = -EISCONN; 1596 goto out; 1597 } 1598 if (usax->sax25_ndigis == 0) 1599 dp = NULL; 1600 else 1601 dp = &dtmp; 1602 } else { 1603 /* 1604 * FIXME: 1003.1g - if the socket is like this because 1605 * it has become closed (not started closed) and is VC 1606 * we ought to SIGPIPE, EPIPE 1607 */ 1608 if (sk->sk_state != TCP_ESTABLISHED) { 1609 err = -ENOTCONN; 1610 goto out; 1611 } 1612 sax.sax25_family = AF_AX25; 1613 sax.sax25_call = ax25->dest_addr; 1614 dp = ax25->digipeat; 1615 } 1616 1617 /* Build a packet */ 1618 /* Assume the worst case */ 1619 size = len + ax25->ax25_dev->dev->hard_header_len; 1620 1621 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1622 if (skb == NULL) 1623 goto out; 1624 1625 skb_reserve(skb, size - len); 1626 1627 /* User data follows immediately after the AX.25 data */ 1628 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1629 err = -EFAULT; 1630 kfree_skb(skb); 1631 goto out; 1632 } 1633 1634 skb_reset_network_header(skb); 1635 1636 /* Add the PID if one is not supplied by the user in the skb */ 1637 if (!ax25->pidincl) 1638 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1639 1640 if (sk->sk_type == SOCK_SEQPACKET) { 1641 /* Connected mode sockets go via the LAPB machine */ 1642 if (sk->sk_state != TCP_ESTABLISHED) { 1643 kfree_skb(skb); 1644 err = -ENOTCONN; 1645 goto out; 1646 } 1647 1648 /* Shove it onto the queue and kick */ 1649 ax25_output(ax25, ax25->paclen, skb); 1650 1651 err = len; 1652 goto out; 1653 } 1654 1655 skb_push(skb, 1 + ax25_addr_size(dp)); 1656 1657 /* Building AX.25 Header */ 1658 1659 /* Build an AX.25 header */ 1660 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1661 dp, AX25_COMMAND, AX25_MODULUS); 1662 1663 skb_set_transport_header(skb, lv); 1664 1665 *skb_transport_header(skb) = AX25_UI; 1666 1667 /* Datagram frames go straight out of the door as UI */ 1668 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1669 1670 err = len; 1671 1672 out: 1673 release_sock(sk); 1674 1675 return err; 1676 } 1677 1678 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1679 int flags) 1680 { 1681 struct sock *sk = sock->sk; 1682 struct sk_buff *skb, *last; 1683 struct sk_buff_head *sk_queue; 1684 int copied; 1685 int err = 0; 1686 int off = 0; 1687 long timeo; 1688 1689 lock_sock(sk); 1690 /* 1691 * This works for seqpacket too. The receiver has ordered the 1692 * queue for us! We do one quick check first though 1693 */ 1694 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1695 err = -ENOTCONN; 1696 goto out; 1697 } 1698 1699 /* We need support for non-blocking reads. */ 1700 sk_queue = &sk->sk_receive_queue; 1701 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, &err, &last); 1702 /* If no packet is available, release_sock(sk) and try again. */ 1703 if (!skb) { 1704 if (err != -EAGAIN) 1705 goto out; 1706 release_sock(sk); 1707 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); 1708 while (timeo && !__skb_wait_for_more_packets(sk, sk_queue, &err, 1709 &timeo, last)) { 1710 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, 1711 &err, &last); 1712 if (skb) 1713 break; 1714 1715 if (err != -EAGAIN) 1716 goto done; 1717 } 1718 if (!skb) 1719 goto done; 1720 lock_sock(sk); 1721 } 1722 1723 if (!sk_to_ax25(sk)->pidincl) 1724 skb_pull(skb, 1); /* Remove PID */ 1725 1726 skb_reset_transport_header(skb); 1727 copied = skb->len; 1728 1729 if (copied > size) { 1730 copied = size; 1731 msg->msg_flags |= MSG_TRUNC; 1732 } 1733 1734 skb_copy_datagram_msg(skb, 0, msg, copied); 1735 1736 if (msg->msg_name) { 1737 ax25_digi digi; 1738 ax25_address src; 1739 const unsigned char *mac = skb_mac_header(skb); 1740 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1741 1742 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1743 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1744 &digi, NULL, NULL); 1745 sax->sax25_family = AF_AX25; 1746 /* We set this correctly, even though we may not let the 1747 application know the digi calls further down (because it 1748 did NOT ask to know them). This could get political... **/ 1749 sax->sax25_ndigis = digi.ndigi; 1750 sax->sax25_call = src; 1751 1752 if (sax->sax25_ndigis != 0) { 1753 int ct; 1754 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1755 1756 for (ct = 0; ct < digi.ndigi; ct++) 1757 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1758 } 1759 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1760 } 1761 1762 skb_free_datagram(sk, skb); 1763 err = copied; 1764 1765 out: 1766 release_sock(sk); 1767 1768 done: 1769 return err; 1770 } 1771 1772 static int ax25_shutdown(struct socket *sk, int how) 1773 { 1774 /* FIXME - generate DM and RNR states */ 1775 return -EOPNOTSUPP; 1776 } 1777 1778 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1779 { 1780 struct sock *sk = sock->sk; 1781 void __user *argp = (void __user *)arg; 1782 int res = 0; 1783 1784 lock_sock(sk); 1785 switch (cmd) { 1786 case TIOCOUTQ: { 1787 long amount; 1788 1789 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1790 if (amount < 0) 1791 amount = 0; 1792 res = put_user(amount, (int __user *)argp); 1793 break; 1794 } 1795 1796 case TIOCINQ: { 1797 struct sk_buff *skb; 1798 long amount = 0L; 1799 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1800 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1801 amount = skb->len; 1802 res = put_user(amount, (int __user *) argp); 1803 break; 1804 } 1805 1806 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1807 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1808 case SIOCAX25GETUID: { 1809 struct sockaddr_ax25 sax25; 1810 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1811 res = -EFAULT; 1812 break; 1813 } 1814 res = ax25_uid_ioctl(cmd, &sax25); 1815 break; 1816 } 1817 1818 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1819 long amount; 1820 if (!capable(CAP_NET_ADMIN)) { 1821 res = -EPERM; 1822 break; 1823 } 1824 if (get_user(amount, (long __user *)argp)) { 1825 res = -EFAULT; 1826 break; 1827 } 1828 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1829 res = -EINVAL; 1830 break; 1831 } 1832 ax25_uid_policy = amount; 1833 res = 0; 1834 break; 1835 } 1836 1837 case SIOCADDRT: 1838 case SIOCDELRT: 1839 case SIOCAX25OPTRT: 1840 if (!capable(CAP_NET_ADMIN)) { 1841 res = -EPERM; 1842 break; 1843 } 1844 res = ax25_rt_ioctl(cmd, argp); 1845 break; 1846 1847 case SIOCAX25CTLCON: 1848 if (!capable(CAP_NET_ADMIN)) { 1849 res = -EPERM; 1850 break; 1851 } 1852 res = ax25_ctl_ioctl(cmd, argp); 1853 break; 1854 1855 case SIOCAX25GETINFO: 1856 case SIOCAX25GETINFOOLD: { 1857 ax25_cb *ax25 = sk_to_ax25(sk); 1858 struct ax25_info_struct ax25_info; 1859 1860 ax25_info.t1 = ax25->t1 / HZ; 1861 ax25_info.t2 = ax25->t2 / HZ; 1862 ax25_info.t3 = ax25->t3 / HZ; 1863 ax25_info.idle = ax25->idle / (60 * HZ); 1864 ax25_info.n2 = ax25->n2; 1865 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1866 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1867 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1868 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1869 ax25_info.n2count = ax25->n2count; 1870 ax25_info.state = ax25->state; 1871 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1872 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1873 ax25_info.vs = ax25->vs; 1874 ax25_info.vr = ax25->vr; 1875 ax25_info.va = ax25->va; 1876 ax25_info.vs_max = ax25->vs; /* reserved */ 1877 ax25_info.paclen = ax25->paclen; 1878 ax25_info.window = ax25->window; 1879 1880 /* old structure? */ 1881 if (cmd == SIOCAX25GETINFOOLD) { 1882 static int warned = 0; 1883 if (!warned) { 1884 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1885 current->comm); 1886 warned=1; 1887 } 1888 1889 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1890 res = -EFAULT; 1891 break; 1892 } 1893 } else { 1894 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1895 res = -EINVAL; 1896 break; 1897 } 1898 } 1899 res = 0; 1900 break; 1901 } 1902 1903 case SIOCAX25ADDFWD: 1904 case SIOCAX25DELFWD: { 1905 struct ax25_fwd_struct ax25_fwd; 1906 if (!capable(CAP_NET_ADMIN)) { 1907 res = -EPERM; 1908 break; 1909 } 1910 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1911 res = -EFAULT; 1912 break; 1913 } 1914 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1915 break; 1916 } 1917 1918 case SIOCGIFADDR: 1919 case SIOCSIFADDR: 1920 case SIOCGIFDSTADDR: 1921 case SIOCSIFDSTADDR: 1922 case SIOCGIFBRDADDR: 1923 case SIOCSIFBRDADDR: 1924 case SIOCGIFNETMASK: 1925 case SIOCSIFNETMASK: 1926 case SIOCGIFMETRIC: 1927 case SIOCSIFMETRIC: 1928 res = -EINVAL; 1929 break; 1930 1931 default: 1932 res = -ENOIOCTLCMD; 1933 break; 1934 } 1935 release_sock(sk); 1936 1937 return res; 1938 } 1939 1940 #ifdef CONFIG_PROC_FS 1941 1942 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1943 __acquires(ax25_list_lock) 1944 { 1945 spin_lock_bh(&ax25_list_lock); 1946 return seq_hlist_start(&ax25_list, *pos); 1947 } 1948 1949 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1950 { 1951 return seq_hlist_next(v, &ax25_list, pos); 1952 } 1953 1954 static void ax25_info_stop(struct seq_file *seq, void *v) 1955 __releases(ax25_list_lock) 1956 { 1957 spin_unlock_bh(&ax25_list_lock); 1958 } 1959 1960 static int ax25_info_show(struct seq_file *seq, void *v) 1961 { 1962 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1963 char buf[11]; 1964 int k; 1965 1966 1967 /* 1968 * New format: 1969 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1970 */ 1971 1972 seq_printf(seq, "%p %s %s%s ", 1973 ax25, 1974 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1975 ax2asc(buf, &ax25->source_addr), 1976 ax25->iamdigi? "*":""); 1977 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1978 1979 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1980 seq_printf(seq, ",%s%s", 1981 ax2asc(buf, &ax25->digipeat->calls[k]), 1982 ax25->digipeat->repeated[k]? "*":""); 1983 } 1984 1985 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1986 ax25->state, 1987 ax25->vs, ax25->vr, ax25->va, 1988 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1989 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1990 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1991 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1992 ax25->idle / (60 * HZ), 1993 ax25->n2count, ax25->n2, 1994 ax25->rtt / HZ, 1995 ax25->window, 1996 ax25->paclen); 1997 1998 if (ax25->sk != NULL) { 1999 seq_printf(seq, " %d %d %lu\n", 2000 sk_wmem_alloc_get(ax25->sk), 2001 sk_rmem_alloc_get(ax25->sk), 2002 sock_i_ino(ax25->sk)); 2003 } else { 2004 seq_puts(seq, " * * *\n"); 2005 } 2006 return 0; 2007 } 2008 2009 static const struct seq_operations ax25_info_seqops = { 2010 .start = ax25_info_start, 2011 .next = ax25_info_next, 2012 .stop = ax25_info_stop, 2013 .show = ax25_info_show, 2014 }; 2015 #endif 2016 2017 static const struct net_proto_family ax25_family_ops = { 2018 .family = PF_AX25, 2019 .create = ax25_create, 2020 .owner = THIS_MODULE, 2021 }; 2022 2023 static const struct proto_ops ax25_proto_ops = { 2024 .family = PF_AX25, 2025 .owner = THIS_MODULE, 2026 .release = ax25_release, 2027 .bind = ax25_bind, 2028 .connect = ax25_connect, 2029 .socketpair = sock_no_socketpair, 2030 .accept = ax25_accept, 2031 .getname = ax25_getname, 2032 .poll = datagram_poll, 2033 .ioctl = ax25_ioctl, 2034 .gettstamp = sock_gettstamp, 2035 .listen = ax25_listen, 2036 .shutdown = ax25_shutdown, 2037 .setsockopt = ax25_setsockopt, 2038 .getsockopt = ax25_getsockopt, 2039 .sendmsg = ax25_sendmsg, 2040 .recvmsg = ax25_recvmsg, 2041 .mmap = sock_no_mmap, 2042 }; 2043 2044 /* 2045 * Called by socket.c on kernel start up 2046 */ 2047 static struct packet_type ax25_packet_type __read_mostly = { 2048 .type = cpu_to_be16(ETH_P_AX25), 2049 .func = ax25_kiss_rcv, 2050 }; 2051 2052 static struct notifier_block ax25_dev_notifier = { 2053 .notifier_call = ax25_device_event, 2054 }; 2055 2056 static int __init ax25_init(void) 2057 { 2058 int rc = proto_register(&ax25_proto, 0); 2059 2060 if (rc != 0) 2061 goto out; 2062 2063 sock_register(&ax25_family_ops); 2064 dev_add_pack(&ax25_packet_type); 2065 register_netdevice_notifier(&ax25_dev_notifier); 2066 2067 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 2068 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 2069 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 2070 &ax25_uid_seqops); 2071 out: 2072 return rc; 2073 } 2074 module_init(ax25_init); 2075 2076 2077 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2078 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2079 MODULE_LICENSE("GPL"); 2080 MODULE_ALIAS_NETPROTO(PF_AX25); 2081 2082 static void __exit ax25_exit(void) 2083 { 2084 remove_proc_entry("ax25_route", init_net.proc_net); 2085 remove_proc_entry("ax25", init_net.proc_net); 2086 remove_proc_entry("ax25_calls", init_net.proc_net); 2087 2088 unregister_netdevice_notifier(&ax25_dev_notifier); 2089 2090 dev_remove_pack(&ax25_packet_type); 2091 2092 sock_unregister(PF_AX25); 2093 proto_unregister(&ax25_proto); 2094 2095 ax25_rt_free(); 2096 ax25_uid_free(); 2097 ax25_dev_free(); 2098 } 2099 module_exit(ax25_exit); 2100