1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 5 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 6 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk) 7 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org) 8 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 9 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de) 10 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) 11 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 12 */ 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/errno.h> 16 #include <linux/types.h> 17 #include <linux/socket.h> 18 #include <linux/in.h> 19 #include <linux/kernel.h> 20 #include <linux/sched/signal.h> 21 #include <linux/timer.h> 22 #include <linux/string.h> 23 #include <linux/sockios.h> 24 #include <linux/net.h> 25 #include <linux/slab.h> 26 #include <net/ax25.h> 27 #include <linux/inet.h> 28 #include <linux/netdevice.h> 29 #include <linux/if_arp.h> 30 #include <linux/skbuff.h> 31 #include <net/sock.h> 32 #include <linux/uaccess.h> 33 #include <linux/fcntl.h> 34 #include <linux/termios.h> /* For TIOCINQ/OUTQ */ 35 #include <linux/mm.h> 36 #include <linux/interrupt.h> 37 #include <linux/notifier.h> 38 #include <linux/proc_fs.h> 39 #include <linux/stat.h> 40 #include <linux/sysctl.h> 41 #include <linux/init.h> 42 #include <linux/spinlock.h> 43 #include <net/net_namespace.h> 44 #include <net/tcp_states.h> 45 #include <net/ip.h> 46 #include <net/arp.h> 47 48 49 50 HLIST_HEAD(ax25_list); 51 DEFINE_SPINLOCK(ax25_list_lock); 52 53 static const struct proto_ops ax25_proto_ops; 54 55 static void ax25_free_sock(struct sock *sk) 56 { 57 ax25_cb_put(sk_to_ax25(sk)); 58 } 59 60 /* 61 * Socket removal during an interrupt is now safe. 62 */ 63 static void ax25_cb_del(ax25_cb *ax25) 64 { 65 spin_lock_bh(&ax25_list_lock); 66 if (!hlist_unhashed(&ax25->ax25_node)) { 67 hlist_del_init(&ax25->ax25_node); 68 ax25_cb_put(ax25); 69 } 70 spin_unlock_bh(&ax25_list_lock); 71 } 72 73 /* 74 * Kill all bound sockets on a dropped device. 75 */ 76 static void ax25_kill_by_device(struct net_device *dev) 77 { 78 ax25_dev *ax25_dev; 79 ax25_cb *s; 80 struct sock *sk; 81 82 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL) 83 return; 84 ax25_dev->device_up = false; 85 86 spin_lock_bh(&ax25_list_lock); 87 again: 88 ax25_for_each(s, &ax25_list) { 89 if (s->ax25_dev == ax25_dev) { 90 sk = s->sk; 91 if (!sk) { 92 spin_unlock_bh(&ax25_list_lock); 93 ax25_disconnect(s, ENETUNREACH); 94 s->ax25_dev = NULL; 95 ax25_cb_del(s); 96 spin_lock_bh(&ax25_list_lock); 97 goto again; 98 } 99 sock_hold(sk); 100 spin_unlock_bh(&ax25_list_lock); 101 lock_sock(sk); 102 ax25_disconnect(s, ENETUNREACH); 103 s->ax25_dev = NULL; 104 if (sk->sk_socket) { 105 netdev_put(ax25_dev->dev, 106 &s->dev_tracker); 107 ax25_dev_put(ax25_dev); 108 } 109 ax25_cb_del(s); 110 release_sock(sk); 111 spin_lock_bh(&ax25_list_lock); 112 sock_put(sk); 113 /* The entry could have been deleted from the 114 * list meanwhile and thus the next pointer is 115 * no longer valid. Play it safe and restart 116 * the scan. Forward progress is ensured 117 * because we set s->ax25_dev to NULL and we 118 * are never passed a NULL 'dev' argument. 119 */ 120 goto again; 121 } 122 } 123 spin_unlock_bh(&ax25_list_lock); 124 } 125 126 /* 127 * Handle device status changes. 128 */ 129 static int ax25_device_event(struct notifier_block *this, unsigned long event, 130 void *ptr) 131 { 132 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 133 134 if (!net_eq(dev_net(dev), &init_net)) 135 return NOTIFY_DONE; 136 137 /* Reject non AX.25 devices */ 138 if (dev->type != ARPHRD_AX25) 139 return NOTIFY_DONE; 140 141 switch (event) { 142 case NETDEV_UP: 143 ax25_dev_device_up(dev); 144 break; 145 case NETDEV_DOWN: 146 ax25_kill_by_device(dev); 147 ax25_rt_device_down(dev); 148 ax25_dev_device_down(dev); 149 break; 150 default: 151 break; 152 } 153 154 return NOTIFY_DONE; 155 } 156 157 /* 158 * Add a socket to the bound sockets list. 159 */ 160 void ax25_cb_add(ax25_cb *ax25) 161 { 162 spin_lock_bh(&ax25_list_lock); 163 ax25_cb_hold(ax25); 164 hlist_add_head(&ax25->ax25_node, &ax25_list); 165 spin_unlock_bh(&ax25_list_lock); 166 } 167 168 /* 169 * Find a socket that wants to accept the SABM we have just 170 * received. 171 */ 172 struct sock *ax25_find_listener(ax25_address *addr, int digi, 173 struct net_device *dev, int type) 174 { 175 ax25_cb *s; 176 177 spin_lock(&ax25_list_lock); 178 ax25_for_each(s, &ax25_list) { 179 if ((s->iamdigi && !digi) || (!s->iamdigi && digi)) 180 continue; 181 if (s->sk && !ax25cmp(&s->source_addr, addr) && 182 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) { 183 /* If device is null we match any device */ 184 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) { 185 sock_hold(s->sk); 186 spin_unlock(&ax25_list_lock); 187 return s->sk; 188 } 189 } 190 } 191 spin_unlock(&ax25_list_lock); 192 193 return NULL; 194 } 195 196 /* 197 * Find an AX.25 socket given both ends. 198 */ 199 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr, 200 int type) 201 { 202 struct sock *sk = NULL; 203 ax25_cb *s; 204 205 spin_lock(&ax25_list_lock); 206 ax25_for_each(s, &ax25_list) { 207 if (s->sk && !ax25cmp(&s->source_addr, my_addr) && 208 !ax25cmp(&s->dest_addr, dest_addr) && 209 s->sk->sk_type == type) { 210 sk = s->sk; 211 sock_hold(sk); 212 break; 213 } 214 } 215 216 spin_unlock(&ax25_list_lock); 217 218 return sk; 219 } 220 221 /* 222 * Find an AX.25 control block given both ends. It will only pick up 223 * floating AX.25 control blocks or non Raw socket bound control blocks. 224 */ 225 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr, 226 ax25_digi *digi, struct net_device *dev) 227 { 228 ax25_cb *s; 229 230 spin_lock_bh(&ax25_list_lock); 231 ax25_for_each(s, &ax25_list) { 232 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET) 233 continue; 234 if (s->ax25_dev == NULL) 235 continue; 236 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) { 237 if (digi != NULL && digi->ndigi != 0) { 238 if (s->digipeat == NULL) 239 continue; 240 if (ax25digicmp(s->digipeat, digi) != 0) 241 continue; 242 } else { 243 if (s->digipeat != NULL && s->digipeat->ndigi != 0) 244 continue; 245 } 246 ax25_cb_hold(s); 247 spin_unlock_bh(&ax25_list_lock); 248 249 return s; 250 } 251 } 252 spin_unlock_bh(&ax25_list_lock); 253 254 return NULL; 255 } 256 257 EXPORT_SYMBOL(ax25_find_cb); 258 259 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto) 260 { 261 ax25_cb *s; 262 struct sk_buff *copy; 263 264 spin_lock(&ax25_list_lock); 265 ax25_for_each(s, &ax25_list) { 266 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && 267 s->sk->sk_type == SOCK_RAW && 268 s->sk->sk_protocol == proto && 269 s->ax25_dev->dev == skb->dev && 270 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) { 271 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL) 272 continue; 273 if (sock_queue_rcv_skb(s->sk, copy) != 0) 274 kfree_skb(copy); 275 } 276 } 277 spin_unlock(&ax25_list_lock); 278 } 279 280 /* 281 * Deferred destroy. 282 */ 283 void ax25_destroy_socket(ax25_cb *); 284 285 /* 286 * Handler for deferred kills. 287 */ 288 static void ax25_destroy_timer(struct timer_list *t) 289 { 290 ax25_cb *ax25 = timer_container_of(ax25, t, dtimer); 291 struct sock *sk; 292 293 sk=ax25->sk; 294 295 bh_lock_sock(sk); 296 sock_hold(sk); 297 ax25_destroy_socket(ax25); 298 bh_unlock_sock(sk); 299 sock_put(sk); 300 } 301 302 /* 303 * This is called from user mode and the timers. Thus it protects itself 304 * against interrupt users but doesn't worry about being called during 305 * work. Once it is removed from the queue no interrupt or bottom half 306 * will touch it and we are (fairly 8-) ) safe. 307 */ 308 void ax25_destroy_socket(ax25_cb *ax25) 309 { 310 struct sk_buff *skb; 311 312 ax25_cb_del(ax25); 313 314 ax25_stop_heartbeat(ax25); 315 ax25_stop_t1timer(ax25); 316 ax25_stop_t2timer(ax25); 317 ax25_stop_t3timer(ax25); 318 ax25_stop_idletimer(ax25); 319 320 ax25_clear_queues(ax25); /* Flush the queues */ 321 322 if (ax25->sk != NULL) { 323 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) { 324 if (skb->sk != ax25->sk) { 325 /* A pending connection */ 326 ax25_cb *sax25 = sk_to_ax25(skb->sk); 327 328 /* Queue the unaccepted socket for death */ 329 sock_orphan(skb->sk); 330 331 /* 9A4GL: hack to release unaccepted sockets */ 332 skb->sk->sk_state = TCP_LISTEN; 333 334 ax25_start_heartbeat(sax25); 335 sax25->state = AX25_STATE_0; 336 } 337 338 kfree_skb(skb); 339 } 340 skb_queue_purge(&ax25->sk->sk_write_queue); 341 } 342 343 if (ax25->sk != NULL) { 344 if (sk_has_allocations(ax25->sk)) { 345 /* Defer: outstanding buffers */ 346 timer_setup(&ax25->dtimer, ax25_destroy_timer, 0); 347 ax25->dtimer.expires = jiffies + 2 * HZ; 348 add_timer(&ax25->dtimer); 349 } else { 350 struct sock *sk=ax25->sk; 351 ax25->sk=NULL; 352 sock_put(sk); 353 } 354 } else { 355 ax25_cb_put(ax25); 356 } 357 } 358 359 /* 360 * dl1bke 960311: set parameters for existing AX.25 connections, 361 * includes a KILL command to abort any connection. 362 * VERY useful for debugging ;-) 363 */ 364 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg) 365 { 366 struct ax25_ctl_struct ax25_ctl; 367 ax25_digi digi; 368 ax25_dev *ax25_dev; 369 ax25_cb *ax25; 370 unsigned int k; 371 int ret = 0; 372 373 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl))) 374 return -EFAULT; 375 376 if (ax25_ctl.digi_count > AX25_MAX_DIGIS) 377 return -EINVAL; 378 379 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL) 380 return -EINVAL; 381 382 ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr); 383 if (!ax25_dev) 384 return -ENODEV; 385 386 digi.ndigi = ax25_ctl.digi_count; 387 for (k = 0; k < digi.ndigi; k++) 388 digi.calls[k] = ax25_ctl.digi_addr[k]; 389 390 ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev); 391 if (!ax25) { 392 ax25_dev_put(ax25_dev); 393 return -ENOTCONN; 394 } 395 396 switch (ax25_ctl.cmd) { 397 case AX25_KILL: 398 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 399 #ifdef CONFIG_AX25_DAMA_SLAVE 400 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE) 401 ax25_dama_off(ax25); 402 #endif 403 ax25_disconnect(ax25, ENETRESET); 404 break; 405 406 case AX25_WINDOW: 407 if (ax25->modulus == AX25_MODULUS) { 408 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7) 409 goto einval_put; 410 } else { 411 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63) 412 goto einval_put; 413 } 414 ax25->window = ax25_ctl.arg; 415 break; 416 417 case AX25_T1: 418 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 419 goto einval_put; 420 ax25->rtt = (ax25_ctl.arg * HZ) / 2; 421 ax25->t1 = ax25_ctl.arg * HZ; 422 break; 423 424 case AX25_T2: 425 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ) 426 goto einval_put; 427 ax25->t2 = ax25_ctl.arg * HZ; 428 break; 429 430 case AX25_N2: 431 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31) 432 goto einval_put; 433 ax25->n2count = 0; 434 ax25->n2 = ax25_ctl.arg; 435 break; 436 437 case AX25_T3: 438 if (ax25_ctl.arg > ULONG_MAX / HZ) 439 goto einval_put; 440 ax25->t3 = ax25_ctl.arg * HZ; 441 break; 442 443 case AX25_IDLE: 444 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ)) 445 goto einval_put; 446 447 ax25->idle = ax25_ctl.arg * 60 * HZ; 448 break; 449 450 case AX25_PACLEN: 451 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535) 452 goto einval_put; 453 ax25->paclen = ax25_ctl.arg; 454 break; 455 456 default: 457 goto einval_put; 458 } 459 460 out_put: 461 ax25_dev_put(ax25_dev); 462 ax25_cb_put(ax25); 463 return ret; 464 465 einval_put: 466 ret = -EINVAL; 467 goto out_put; 468 } 469 470 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, const ax25_dev *ax25_dev) 471 { 472 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2; 473 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]); 474 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]); 475 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]); 476 ax25->n2 = ax25_dev->values[AX25_VALUES_N2]; 477 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN]; 478 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]); 479 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF]; 480 481 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) { 482 ax25->modulus = AX25_EMODULUS; 483 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW]; 484 } else { 485 ax25->modulus = AX25_MODULUS; 486 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW]; 487 } 488 } 489 490 /* 491 * Fill in a created AX.25 created control block with the default 492 * values for a particular device. 493 */ 494 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev) 495 { 496 ax25->ax25_dev = ax25_dev; 497 498 if (ax25->ax25_dev != NULL) { 499 ax25_fillin_cb_from_dev(ax25, ax25_dev); 500 return; 501 } 502 503 /* 504 * No device, use kernel / AX.25 spec default values 505 */ 506 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2; 507 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1); 508 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2); 509 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3); 510 ax25->n2 = AX25_DEF_N2; 511 ax25->paclen = AX25_DEF_PACLEN; 512 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE); 513 ax25->backoff = AX25_DEF_BACKOFF; 514 515 if (AX25_DEF_AXDEFMODE) { 516 ax25->modulus = AX25_EMODULUS; 517 ax25->window = AX25_DEF_EWINDOW; 518 } else { 519 ax25->modulus = AX25_MODULUS; 520 ax25->window = AX25_DEF_WINDOW; 521 } 522 } 523 524 /* 525 * Create an empty AX.25 control block. 526 */ 527 ax25_cb *ax25_create_cb(void) 528 { 529 ax25_cb *ax25; 530 531 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL) 532 return NULL; 533 534 refcount_set(&ax25->refcount, 1); 535 536 skb_queue_head_init(&ax25->write_queue); 537 skb_queue_head_init(&ax25->frag_queue); 538 skb_queue_head_init(&ax25->ack_queue); 539 skb_queue_head_init(&ax25->reseq_queue); 540 541 ax25_setup_timers(ax25); 542 543 ax25_fillin_cb(ax25, NULL); 544 545 ax25->state = AX25_STATE_0; 546 547 return ax25; 548 } 549 550 /* 551 * Handling for system calls applied via the various interfaces to an 552 * AX25 socket object 553 */ 554 555 static int ax25_setsockopt(struct socket *sock, int level, int optname, 556 sockptr_t optval, unsigned int optlen) 557 { 558 struct sock *sk = sock->sk; 559 ax25_cb *ax25; 560 struct net_device *dev; 561 char devname[IFNAMSIZ]; 562 unsigned int opt; 563 int res = 0; 564 565 if (level != SOL_AX25) 566 return -ENOPROTOOPT; 567 568 if (optlen < sizeof(unsigned int)) 569 return -EINVAL; 570 571 if (copy_from_sockptr(&opt, optval, sizeof(unsigned int))) 572 return -EFAULT; 573 574 lock_sock(sk); 575 ax25 = sk_to_ax25(sk); 576 577 switch (optname) { 578 case AX25_WINDOW: 579 if (ax25->modulus == AX25_MODULUS) { 580 if (opt < 1 || opt > 7) { 581 res = -EINVAL; 582 break; 583 } 584 } else { 585 if (opt < 1 || opt > 63) { 586 res = -EINVAL; 587 break; 588 } 589 } 590 ax25->window = opt; 591 break; 592 593 case AX25_T1: 594 if (opt < 1 || opt > UINT_MAX / HZ) { 595 res = -EINVAL; 596 break; 597 } 598 ax25->rtt = (opt * HZ) >> 1; 599 ax25->t1 = opt * HZ; 600 break; 601 602 case AX25_T2: 603 if (opt < 1 || opt > UINT_MAX / HZ) { 604 res = -EINVAL; 605 break; 606 } 607 ax25->t2 = opt * HZ; 608 break; 609 610 case AX25_N2: 611 if (opt < 1 || opt > 31) { 612 res = -EINVAL; 613 break; 614 } 615 ax25->n2 = opt; 616 break; 617 618 case AX25_T3: 619 if (opt < 1 || opt > UINT_MAX / HZ) { 620 res = -EINVAL; 621 break; 622 } 623 ax25->t3 = opt * HZ; 624 break; 625 626 case AX25_IDLE: 627 if (opt > UINT_MAX / (60 * HZ)) { 628 res = -EINVAL; 629 break; 630 } 631 ax25->idle = opt * 60 * HZ; 632 break; 633 634 case AX25_BACKOFF: 635 if (opt > 2) { 636 res = -EINVAL; 637 break; 638 } 639 ax25->backoff = opt; 640 break; 641 642 case AX25_EXTSEQ: 643 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS; 644 break; 645 646 case AX25_PIDINCL: 647 ax25->pidincl = opt ? 1 : 0; 648 break; 649 650 case AX25_IAMDIGI: 651 ax25->iamdigi = opt ? 1 : 0; 652 break; 653 654 case AX25_PACLEN: 655 if (opt < 16 || opt > 65535) { 656 res = -EINVAL; 657 break; 658 } 659 ax25->paclen = opt; 660 break; 661 662 case SO_BINDTODEVICE: 663 if (optlen > IFNAMSIZ - 1) 664 optlen = IFNAMSIZ - 1; 665 666 memset(devname, 0, sizeof(devname)); 667 668 if (copy_from_sockptr(devname, optval, optlen)) { 669 res = -EFAULT; 670 break; 671 } 672 673 if (sk->sk_type == SOCK_SEQPACKET && 674 (sock->state != SS_UNCONNECTED || 675 sk->sk_state == TCP_LISTEN)) { 676 res = -EADDRNOTAVAIL; 677 break; 678 } 679 680 rcu_read_lock(); 681 dev = dev_get_by_name_rcu(&init_net, devname); 682 if (!dev) { 683 rcu_read_unlock(); 684 res = -ENODEV; 685 break; 686 } 687 688 if (ax25->ax25_dev) { 689 if (dev == ax25->ax25_dev->dev) { 690 rcu_read_unlock(); 691 break; 692 } 693 netdev_put(ax25->ax25_dev->dev, &ax25->dev_tracker); 694 ax25_dev_put(ax25->ax25_dev); 695 } 696 697 ax25->ax25_dev = ax25_dev_ax25dev(dev); 698 if (!ax25->ax25_dev) { 699 rcu_read_unlock(); 700 res = -ENODEV; 701 break; 702 } 703 ax25_fillin_cb(ax25, ax25->ax25_dev); 704 netdev_hold(dev, &ax25->dev_tracker, GFP_ATOMIC); 705 ax25_dev_hold(ax25->ax25_dev); 706 rcu_read_unlock(); 707 break; 708 709 default: 710 res = -ENOPROTOOPT; 711 } 712 release_sock(sk); 713 714 return res; 715 } 716 717 static int ax25_getsockopt(struct socket *sock, int level, int optname, 718 char __user *optval, int __user *optlen) 719 { 720 struct sock *sk = sock->sk; 721 ax25_cb *ax25; 722 struct ax25_dev *ax25_dev; 723 char devname[IFNAMSIZ]; 724 void *valptr; 725 int val = 0; 726 int maxlen, length; 727 728 if (level != SOL_AX25) 729 return -ENOPROTOOPT; 730 731 if (get_user(maxlen, optlen)) 732 return -EFAULT; 733 734 if (maxlen < 1) 735 return -EFAULT; 736 737 valptr = &val; 738 length = min_t(unsigned int, maxlen, sizeof(int)); 739 740 lock_sock(sk); 741 ax25 = sk_to_ax25(sk); 742 743 switch (optname) { 744 case AX25_WINDOW: 745 val = ax25->window; 746 break; 747 748 case AX25_T1: 749 val = ax25->t1 / HZ; 750 break; 751 752 case AX25_T2: 753 val = ax25->t2 / HZ; 754 break; 755 756 case AX25_N2: 757 val = ax25->n2; 758 break; 759 760 case AX25_T3: 761 val = ax25->t3 / HZ; 762 break; 763 764 case AX25_IDLE: 765 val = ax25->idle / (60 * HZ); 766 break; 767 768 case AX25_BACKOFF: 769 val = ax25->backoff; 770 break; 771 772 case AX25_EXTSEQ: 773 val = (ax25->modulus == AX25_EMODULUS); 774 break; 775 776 case AX25_PIDINCL: 777 val = ax25->pidincl; 778 break; 779 780 case AX25_IAMDIGI: 781 val = ax25->iamdigi; 782 break; 783 784 case AX25_PACLEN: 785 val = ax25->paclen; 786 break; 787 788 case SO_BINDTODEVICE: 789 ax25_dev = ax25->ax25_dev; 790 791 if (ax25_dev != NULL && ax25_dev->dev != NULL) { 792 strscpy(devname, ax25_dev->dev->name, sizeof(devname)); 793 length = strlen(devname) + 1; 794 } else { 795 *devname = '\0'; 796 length = 1; 797 } 798 799 valptr = devname; 800 break; 801 802 default: 803 release_sock(sk); 804 return -ENOPROTOOPT; 805 } 806 release_sock(sk); 807 808 if (put_user(length, optlen)) 809 return -EFAULT; 810 811 return copy_to_user(optval, valptr, length) ? -EFAULT : 0; 812 } 813 814 static int ax25_listen(struct socket *sock, int backlog) 815 { 816 struct sock *sk = sock->sk; 817 int res = 0; 818 819 lock_sock(sk); 820 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) { 821 sk->sk_max_ack_backlog = backlog; 822 sk->sk_state = TCP_LISTEN; 823 goto out; 824 } 825 res = -EOPNOTSUPP; 826 827 out: 828 release_sock(sk); 829 830 return res; 831 } 832 833 /* 834 * XXX: when creating ax25_sock we should update the .obj_size setting 835 * below. 836 */ 837 static struct proto ax25_proto = { 838 .name = "AX25", 839 .owner = THIS_MODULE, 840 .obj_size = sizeof(struct ax25_sock), 841 }; 842 843 static int ax25_create(struct net *net, struct socket *sock, int protocol, 844 int kern) 845 { 846 struct sock *sk; 847 ax25_cb *ax25; 848 849 if (protocol < 0 || protocol > U8_MAX) 850 return -EINVAL; 851 852 if (!net_eq(net, &init_net)) 853 return -EAFNOSUPPORT; 854 855 switch (sock->type) { 856 case SOCK_DGRAM: 857 if (protocol == 0 || protocol == PF_AX25) 858 protocol = AX25_P_TEXT; 859 break; 860 861 case SOCK_SEQPACKET: 862 switch (protocol) { 863 case 0: 864 case PF_AX25: /* For CLX */ 865 protocol = AX25_P_TEXT; 866 break; 867 case AX25_P_SEGMENT: 868 #ifdef CONFIG_INET 869 case AX25_P_ARP: 870 case AX25_P_IP: 871 #endif 872 #ifdef CONFIG_NETROM 873 case AX25_P_NETROM: 874 #endif 875 #ifdef CONFIG_ROSE 876 case AX25_P_ROSE: 877 #endif 878 return -ESOCKTNOSUPPORT; 879 #ifdef CONFIG_NETROM_MODULE 880 case AX25_P_NETROM: 881 if (ax25_protocol_is_registered(AX25_P_NETROM)) 882 return -ESOCKTNOSUPPORT; 883 break; 884 #endif 885 #ifdef CONFIG_ROSE_MODULE 886 case AX25_P_ROSE: 887 if (ax25_protocol_is_registered(AX25_P_ROSE)) 888 return -ESOCKTNOSUPPORT; 889 break; 890 #endif 891 default: 892 break; 893 } 894 break; 895 896 case SOCK_RAW: 897 if (!capable(CAP_NET_RAW)) 898 return -EPERM; 899 break; 900 default: 901 return -ESOCKTNOSUPPORT; 902 } 903 904 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern); 905 if (sk == NULL) 906 return -ENOMEM; 907 908 ax25 = ax25_sk(sk)->cb = ax25_create_cb(); 909 if (!ax25) { 910 sk_free(sk); 911 return -ENOMEM; 912 } 913 914 sock_init_data(sock, sk); 915 916 sk->sk_destruct = ax25_free_sock; 917 sock->ops = &ax25_proto_ops; 918 sk->sk_protocol = protocol; 919 920 ax25->sk = sk; 921 922 return 0; 923 } 924 925 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev) 926 { 927 struct sock *sk; 928 ax25_cb *ax25, *oax25; 929 930 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0); 931 if (sk == NULL) 932 return NULL; 933 934 if ((ax25 = ax25_create_cb()) == NULL) { 935 sk_free(sk); 936 return NULL; 937 } 938 939 switch (osk->sk_type) { 940 case SOCK_DGRAM: 941 break; 942 case SOCK_SEQPACKET: 943 break; 944 default: 945 sk_free(sk); 946 ax25_cb_put(ax25); 947 return NULL; 948 } 949 950 sock_init_data(NULL, sk); 951 952 sk->sk_type = osk->sk_type; 953 sk->sk_priority = READ_ONCE(osk->sk_priority); 954 sk->sk_protocol = osk->sk_protocol; 955 sk->sk_rcvbuf = osk->sk_rcvbuf; 956 sk->sk_sndbuf = osk->sk_sndbuf; 957 sk->sk_state = TCP_ESTABLISHED; 958 sock_copy_flags(sk, osk); 959 960 oax25 = sk_to_ax25(osk); 961 962 ax25->modulus = oax25->modulus; 963 ax25->backoff = oax25->backoff; 964 ax25->pidincl = oax25->pidincl; 965 ax25->iamdigi = oax25->iamdigi; 966 ax25->rtt = oax25->rtt; 967 ax25->t1 = oax25->t1; 968 ax25->t2 = oax25->t2; 969 ax25->t3 = oax25->t3; 970 ax25->n2 = oax25->n2; 971 ax25->idle = oax25->idle; 972 ax25->paclen = oax25->paclen; 973 ax25->window = oax25->window; 974 975 ax25->ax25_dev = ax25_dev; 976 ax25->source_addr = oax25->source_addr; 977 978 if (oax25->digipeat != NULL) { 979 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi), 980 GFP_ATOMIC); 981 if (ax25->digipeat == NULL) { 982 sk_free(sk); 983 ax25_cb_put(ax25); 984 return NULL; 985 } 986 } 987 988 ax25_sk(sk)->cb = ax25; 989 sk->sk_destruct = ax25_free_sock; 990 ax25->sk = sk; 991 992 return sk; 993 } 994 995 static int ax25_release(struct socket *sock) 996 { 997 struct sock *sk = sock->sk; 998 ax25_cb *ax25; 999 ax25_dev *ax25_dev; 1000 1001 if (sk == NULL) 1002 return 0; 1003 1004 sock_hold(sk); 1005 lock_sock(sk); 1006 sock_orphan(sk); 1007 ax25 = sk_to_ax25(sk); 1008 ax25_dev = ax25->ax25_dev; 1009 1010 if (sk->sk_type == SOCK_SEQPACKET) { 1011 switch (ax25->state) { 1012 case AX25_STATE_0: 1013 if (!sock_flag(ax25->sk, SOCK_DEAD)) { 1014 release_sock(sk); 1015 ax25_disconnect(ax25, 0); 1016 lock_sock(sk); 1017 } 1018 ax25_destroy_socket(ax25); 1019 break; 1020 1021 case AX25_STATE_1: 1022 case AX25_STATE_2: 1023 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND); 1024 release_sock(sk); 1025 ax25_disconnect(ax25, 0); 1026 lock_sock(sk); 1027 if (!sock_flag(ax25->sk, SOCK_DESTROY)) 1028 ax25_destroy_socket(ax25); 1029 break; 1030 1031 case AX25_STATE_3: 1032 case AX25_STATE_4: 1033 ax25_clear_queues(ax25); 1034 ax25->n2count = 0; 1035 1036 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1037 case AX25_PROTO_STD_SIMPLEX: 1038 case AX25_PROTO_STD_DUPLEX: 1039 ax25_send_control(ax25, 1040 AX25_DISC, 1041 AX25_POLLON, 1042 AX25_COMMAND); 1043 ax25_stop_t2timer(ax25); 1044 ax25_stop_t3timer(ax25); 1045 ax25_stop_idletimer(ax25); 1046 break; 1047 #ifdef CONFIG_AX25_DAMA_SLAVE 1048 case AX25_PROTO_DAMA_SLAVE: 1049 ax25_stop_t3timer(ax25); 1050 ax25_stop_idletimer(ax25); 1051 break; 1052 #endif 1053 } 1054 ax25_calculate_t1(ax25); 1055 ax25_start_t1timer(ax25); 1056 ax25->state = AX25_STATE_2; 1057 sk->sk_state = TCP_CLOSE; 1058 sk->sk_shutdown |= SEND_SHUTDOWN; 1059 sk->sk_state_change(sk); 1060 sock_set_flag(sk, SOCK_DESTROY); 1061 break; 1062 1063 default: 1064 break; 1065 } 1066 } else { 1067 sk->sk_state = TCP_CLOSE; 1068 sk->sk_shutdown |= SEND_SHUTDOWN; 1069 sk->sk_state_change(sk); 1070 ax25_destroy_socket(ax25); 1071 } 1072 if (ax25_dev) { 1073 if (!ax25_dev->device_up) { 1074 timer_delete_sync(&ax25->timer); 1075 timer_delete_sync(&ax25->t1timer); 1076 timer_delete_sync(&ax25->t2timer); 1077 timer_delete_sync(&ax25->t3timer); 1078 timer_delete_sync(&ax25->idletimer); 1079 } 1080 netdev_put(ax25_dev->dev, &ax25->dev_tracker); 1081 ax25_dev_put(ax25_dev); 1082 } 1083 1084 sock->sk = NULL; 1085 release_sock(sk); 1086 sock_put(sk); 1087 1088 return 0; 1089 } 1090 1091 /* 1092 * We support a funny extension here so you can (as root) give any callsign 1093 * digipeated via a local address as source. This hack is obsolete now 1094 * that we've implemented support for SO_BINDTODEVICE. It is however small 1095 * and trivially backward compatible. 1096 */ 1097 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1098 { 1099 struct sock *sk = sock->sk; 1100 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr; 1101 ax25_dev *ax25_dev = NULL; 1102 ax25_uid_assoc *user; 1103 ax25_address call; 1104 ax25_cb *ax25; 1105 int err = 0; 1106 1107 if (addr_len != sizeof(struct sockaddr_ax25) && 1108 addr_len != sizeof(struct full_sockaddr_ax25)) 1109 /* support for old structure may go away some time 1110 * ax25_bind(): uses old (6 digipeater) socket structure. 1111 */ 1112 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1113 (addr_len > sizeof(struct full_sockaddr_ax25))) 1114 return -EINVAL; 1115 1116 if (addr->fsa_ax25.sax25_family != AF_AX25) 1117 return -EINVAL; 1118 1119 user = ax25_findbyuid(current_euid()); 1120 if (user) { 1121 call = user->call; 1122 ax25_uid_put(user); 1123 } else { 1124 if (ax25_uid_policy && !capable(CAP_NET_ADMIN)) 1125 return -EACCES; 1126 1127 call = addr->fsa_ax25.sax25_call; 1128 } 1129 1130 lock_sock(sk); 1131 1132 ax25 = sk_to_ax25(sk); 1133 if (!sock_flag(sk, SOCK_ZAPPED)) { 1134 err = -EINVAL; 1135 goto out; 1136 } 1137 1138 ax25->source_addr = call; 1139 1140 /* 1141 * User already set interface with SO_BINDTODEVICE 1142 */ 1143 if (ax25->ax25_dev != NULL) 1144 goto done; 1145 1146 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) { 1147 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 && 1148 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) { 1149 err = -EADDRNOTAVAIL; 1150 goto out; 1151 } 1152 } else { 1153 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) { 1154 err = -EADDRNOTAVAIL; 1155 goto out; 1156 } 1157 } 1158 1159 if (ax25_dev) { 1160 ax25_fillin_cb(ax25, ax25_dev); 1161 netdev_hold(ax25_dev->dev, &ax25->dev_tracker, GFP_ATOMIC); 1162 } 1163 1164 done: 1165 ax25_cb_add(ax25); 1166 sock_reset_flag(sk, SOCK_ZAPPED); 1167 1168 out: 1169 release_sock(sk); 1170 1171 return err; 1172 } 1173 1174 /* 1175 * FIXME: nonblock behaviour looks like it may have a bug. 1176 */ 1177 static int __must_check ax25_connect(struct socket *sock, 1178 struct sockaddr *uaddr, int addr_len, int flags) 1179 { 1180 struct sock *sk = sock->sk; 1181 ax25_cb *ax25 = sk_to_ax25(sk), *ax25t; 1182 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1183 ax25_digi *digi = NULL; 1184 int ct = 0, err = 0; 1185 1186 /* 1187 * some sanity checks. code further down depends on this 1188 */ 1189 1190 if (addr_len == sizeof(struct sockaddr_ax25)) 1191 /* support for this will go away in early 2.5.x 1192 * ax25_connect(): uses obsolete socket structure 1193 */ 1194 ; 1195 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1196 /* support for old structure may go away some time 1197 * ax25_connect(): uses old (6 digipeater) socket structure. 1198 */ 1199 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1200 (addr_len > sizeof(struct full_sockaddr_ax25))) 1201 return -EINVAL; 1202 1203 1204 if (fsa->fsa_ax25.sax25_family != AF_AX25) 1205 return -EINVAL; 1206 1207 lock_sock(sk); 1208 1209 /* deal with restarts */ 1210 if (sock->state == SS_CONNECTING) { 1211 switch (sk->sk_state) { 1212 case TCP_SYN_SENT: /* still trying */ 1213 err = -EINPROGRESS; 1214 goto out_release; 1215 1216 case TCP_ESTABLISHED: /* connection established */ 1217 sock->state = SS_CONNECTED; 1218 goto out_release; 1219 1220 case TCP_CLOSE: /* connection refused */ 1221 sock->state = SS_UNCONNECTED; 1222 err = -ECONNREFUSED; 1223 goto out_release; 1224 } 1225 } 1226 1227 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) { 1228 err = -EISCONN; /* No reconnect on a seqpacket socket */ 1229 goto out_release; 1230 } 1231 1232 sk->sk_state = TCP_CLOSE; 1233 sock->state = SS_UNCONNECTED; 1234 1235 kfree(ax25->digipeat); 1236 ax25->digipeat = NULL; 1237 1238 /* 1239 * Handle digi-peaters to be used. 1240 */ 1241 if (addr_len > sizeof(struct sockaddr_ax25) && 1242 fsa->fsa_ax25.sax25_ndigis != 0) { 1243 /* Valid number of digipeaters ? */ 1244 if (fsa->fsa_ax25.sax25_ndigis < 1 || 1245 fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS || 1246 addr_len < sizeof(struct sockaddr_ax25) + 1247 sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) { 1248 err = -EINVAL; 1249 goto out_release; 1250 } 1251 1252 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) { 1253 err = -ENOBUFS; 1254 goto out_release; 1255 } 1256 1257 digi->ndigi = fsa->fsa_ax25.sax25_ndigis; 1258 digi->lastrepeat = -1; 1259 1260 while (ct < fsa->fsa_ax25.sax25_ndigis) { 1261 if ((fsa->fsa_digipeater[ct].ax25_call[6] & 1262 AX25_HBIT) && ax25->iamdigi) { 1263 digi->repeated[ct] = 1; 1264 digi->lastrepeat = ct; 1265 } else { 1266 digi->repeated[ct] = 0; 1267 } 1268 digi->calls[ct] = fsa->fsa_digipeater[ct]; 1269 ct++; 1270 } 1271 } 1272 1273 /* Must bind first - autobinding does not work. */ 1274 if (sock_flag(sk, SOCK_ZAPPED)) { 1275 kfree(digi); 1276 err = -EINVAL; 1277 goto out_release; 1278 } 1279 1280 /* Check to see if the device has been filled in, error if it hasn't. */ 1281 if (ax25->ax25_dev == NULL) { 1282 kfree(digi); 1283 err = -EHOSTUNREACH; 1284 goto out_release; 1285 } 1286 1287 if (sk->sk_type == SOCK_SEQPACKET && 1288 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi, 1289 ax25->ax25_dev->dev))) { 1290 kfree(digi); 1291 err = -EADDRINUSE; /* Already such a connection */ 1292 ax25_cb_put(ax25t); 1293 goto out_release; 1294 } 1295 1296 ax25->dest_addr = fsa->fsa_ax25.sax25_call; 1297 ax25->digipeat = digi; 1298 1299 /* First the easy one */ 1300 if (sk->sk_type != SOCK_SEQPACKET) { 1301 sock->state = SS_CONNECTED; 1302 sk->sk_state = TCP_ESTABLISHED; 1303 goto out_release; 1304 } 1305 1306 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */ 1307 sock->state = SS_CONNECTING; 1308 sk->sk_state = TCP_SYN_SENT; 1309 1310 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) { 1311 case AX25_PROTO_STD_SIMPLEX: 1312 case AX25_PROTO_STD_DUPLEX: 1313 ax25_std_establish_data_link(ax25); 1314 break; 1315 1316 #ifdef CONFIG_AX25_DAMA_SLAVE 1317 case AX25_PROTO_DAMA_SLAVE: 1318 ax25->modulus = AX25_MODULUS; 1319 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW]; 1320 if (ax25->ax25_dev->dama.slave) 1321 ax25_ds_establish_data_link(ax25); 1322 else 1323 ax25_std_establish_data_link(ax25); 1324 break; 1325 #endif 1326 } 1327 1328 ax25->state = AX25_STATE_1; 1329 1330 ax25_start_heartbeat(ax25); 1331 1332 /* Now the loop */ 1333 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) { 1334 err = -EINPROGRESS; 1335 goto out_release; 1336 } 1337 1338 if (sk->sk_state == TCP_SYN_SENT) { 1339 DEFINE_WAIT(wait); 1340 1341 for (;;) { 1342 prepare_to_wait(sk_sleep(sk), &wait, 1343 TASK_INTERRUPTIBLE); 1344 if (sk->sk_state != TCP_SYN_SENT) 1345 break; 1346 if (!signal_pending(current)) { 1347 release_sock(sk); 1348 schedule(); 1349 lock_sock(sk); 1350 continue; 1351 } 1352 err = -ERESTARTSYS; 1353 break; 1354 } 1355 finish_wait(sk_sleep(sk), &wait); 1356 1357 if (err) 1358 goto out_release; 1359 } 1360 1361 if (sk->sk_state != TCP_ESTABLISHED) { 1362 /* Not in ABM, not in WAIT_UA -> failed */ 1363 sock->state = SS_UNCONNECTED; 1364 err = sock_error(sk); /* Always set at this point */ 1365 goto out_release; 1366 } 1367 1368 sock->state = SS_CONNECTED; 1369 1370 err = 0; 1371 out_release: 1372 release_sock(sk); 1373 1374 return err; 1375 } 1376 1377 static int ax25_accept(struct socket *sock, struct socket *newsock, 1378 struct proto_accept_arg *arg) 1379 { 1380 struct sk_buff *skb; 1381 struct sock *newsk; 1382 ax25_dev *ax25_dev; 1383 DEFINE_WAIT(wait); 1384 struct sock *sk; 1385 ax25_cb *ax25; 1386 int err = 0; 1387 1388 if (sock->state != SS_UNCONNECTED) 1389 return -EINVAL; 1390 1391 if ((sk = sock->sk) == NULL) 1392 return -EINVAL; 1393 1394 lock_sock(sk); 1395 if (sk->sk_type != SOCK_SEQPACKET) { 1396 err = -EOPNOTSUPP; 1397 goto out; 1398 } 1399 1400 if (sk->sk_state != TCP_LISTEN) { 1401 err = -EINVAL; 1402 goto out; 1403 } 1404 1405 /* 1406 * The read queue this time is holding sockets ready to use 1407 * hooked into the SABM we saved 1408 */ 1409 for (;;) { 1410 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1411 skb = skb_dequeue(&sk->sk_receive_queue); 1412 if (skb) 1413 break; 1414 1415 if (arg->flags & O_NONBLOCK) { 1416 err = -EWOULDBLOCK; 1417 break; 1418 } 1419 if (!signal_pending(current)) { 1420 release_sock(sk); 1421 schedule(); 1422 lock_sock(sk); 1423 continue; 1424 } 1425 err = -ERESTARTSYS; 1426 break; 1427 } 1428 finish_wait(sk_sleep(sk), &wait); 1429 1430 if (err) 1431 goto out; 1432 1433 newsk = skb->sk; 1434 sock_graft(newsk, newsock); 1435 1436 /* Now attach up the new socket */ 1437 kfree_skb(skb); 1438 sk_acceptq_removed(sk); 1439 newsock->state = SS_CONNECTED; 1440 ax25 = sk_to_ax25(newsk); 1441 ax25_dev = ax25->ax25_dev; 1442 netdev_hold(ax25_dev->dev, &ax25->dev_tracker, GFP_ATOMIC); 1443 ax25_dev_hold(ax25_dev); 1444 1445 out: 1446 release_sock(sk); 1447 1448 return err; 1449 } 1450 1451 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, 1452 int peer) 1453 { 1454 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr; 1455 struct sock *sk = sock->sk; 1456 unsigned char ndigi, i; 1457 ax25_cb *ax25; 1458 int err = 0; 1459 1460 memset(fsa, 0, sizeof(*fsa)); 1461 lock_sock(sk); 1462 ax25 = sk_to_ax25(sk); 1463 1464 if (peer != 0) { 1465 if (sk->sk_state != TCP_ESTABLISHED) { 1466 err = -ENOTCONN; 1467 goto out; 1468 } 1469 1470 fsa->fsa_ax25.sax25_family = AF_AX25; 1471 fsa->fsa_ax25.sax25_call = ax25->dest_addr; 1472 1473 if (ax25->digipeat != NULL) { 1474 ndigi = ax25->digipeat->ndigi; 1475 fsa->fsa_ax25.sax25_ndigis = ndigi; 1476 for (i = 0; i < ndigi; i++) 1477 fsa->fsa_digipeater[i] = 1478 ax25->digipeat->calls[i]; 1479 } 1480 } else { 1481 fsa->fsa_ax25.sax25_family = AF_AX25; 1482 fsa->fsa_ax25.sax25_call = ax25->source_addr; 1483 fsa->fsa_ax25.sax25_ndigis = 1; 1484 if (ax25->ax25_dev != NULL) { 1485 memcpy(&fsa->fsa_digipeater[0], 1486 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN); 1487 } else { 1488 fsa->fsa_digipeater[0] = null_ax25_address; 1489 } 1490 } 1491 err = sizeof (struct full_sockaddr_ax25); 1492 1493 out: 1494 release_sock(sk); 1495 1496 return err; 1497 } 1498 1499 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1500 { 1501 DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name); 1502 struct sock *sk = sock->sk; 1503 struct sockaddr_ax25 sax; 1504 struct sk_buff *skb; 1505 ax25_digi dtmp, *dp; 1506 ax25_cb *ax25; 1507 size_t size; 1508 int lv, err, addr_len = msg->msg_namelen; 1509 1510 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT)) 1511 return -EINVAL; 1512 1513 lock_sock(sk); 1514 ax25 = sk_to_ax25(sk); 1515 1516 if (sock_flag(sk, SOCK_ZAPPED)) { 1517 err = -EADDRNOTAVAIL; 1518 goto out; 1519 } 1520 1521 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1522 send_sig(SIGPIPE, current, 0); 1523 err = -EPIPE; 1524 goto out; 1525 } 1526 1527 if (ax25->ax25_dev == NULL) { 1528 err = -ENETUNREACH; 1529 goto out; 1530 } 1531 1532 if (len > ax25->ax25_dev->dev->mtu) { 1533 err = -EMSGSIZE; 1534 goto out; 1535 } 1536 1537 if (usax != NULL) { 1538 if (usax->sax25_family != AF_AX25) { 1539 err = -EINVAL; 1540 goto out; 1541 } 1542 1543 if (addr_len == sizeof(struct sockaddr_ax25)) 1544 /* ax25_sendmsg(): uses obsolete socket structure */ 1545 ; 1546 else if (addr_len != sizeof(struct full_sockaddr_ax25)) 1547 /* support for old structure may go away some time 1548 * ax25_sendmsg(): uses old (6 digipeater) 1549 * socket structure. 1550 */ 1551 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) || 1552 (addr_len > sizeof(struct full_sockaddr_ax25))) { 1553 err = -EINVAL; 1554 goto out; 1555 } 1556 1557 1558 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) { 1559 int ct = 0; 1560 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax; 1561 1562 /* Valid number of digipeaters ? */ 1563 if (usax->sax25_ndigis < 1 || 1564 usax->sax25_ndigis > AX25_MAX_DIGIS || 1565 addr_len < sizeof(struct sockaddr_ax25) + 1566 sizeof(ax25_address) * usax->sax25_ndigis) { 1567 err = -EINVAL; 1568 goto out; 1569 } 1570 1571 dtmp.ndigi = usax->sax25_ndigis; 1572 1573 while (ct < usax->sax25_ndigis) { 1574 dtmp.repeated[ct] = 0; 1575 dtmp.calls[ct] = fsa->fsa_digipeater[ct]; 1576 ct++; 1577 } 1578 1579 dtmp.lastrepeat = 0; 1580 } 1581 1582 sax = *usax; 1583 if (sk->sk_type == SOCK_SEQPACKET && 1584 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) { 1585 err = -EISCONN; 1586 goto out; 1587 } 1588 if (usax->sax25_ndigis == 0) 1589 dp = NULL; 1590 else 1591 dp = &dtmp; 1592 } else { 1593 /* 1594 * FIXME: 1003.1g - if the socket is like this because 1595 * it has become closed (not started closed) and is VC 1596 * we ought to SIGPIPE, EPIPE 1597 */ 1598 if (sk->sk_state != TCP_ESTABLISHED) { 1599 err = -ENOTCONN; 1600 goto out; 1601 } 1602 sax.sax25_family = AF_AX25; 1603 sax.sax25_call = ax25->dest_addr; 1604 dp = ax25->digipeat; 1605 } 1606 1607 /* Build a packet */ 1608 /* Assume the worst case */ 1609 size = len + ax25->ax25_dev->dev->hard_header_len; 1610 1611 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err); 1612 if (skb == NULL) 1613 goto out; 1614 1615 skb_reserve(skb, size - len); 1616 1617 /* User data follows immediately after the AX.25 data */ 1618 if (memcpy_from_msg(skb_put(skb, len), msg, len)) { 1619 err = -EFAULT; 1620 kfree_skb(skb); 1621 goto out; 1622 } 1623 1624 skb_reset_network_header(skb); 1625 1626 /* Add the PID if one is not supplied by the user in the skb */ 1627 if (!ax25->pidincl) 1628 *(u8 *)skb_push(skb, 1) = sk->sk_protocol; 1629 1630 if (sk->sk_type == SOCK_SEQPACKET) { 1631 /* Connected mode sockets go via the LAPB machine */ 1632 if (sk->sk_state != TCP_ESTABLISHED) { 1633 kfree_skb(skb); 1634 err = -ENOTCONN; 1635 goto out; 1636 } 1637 1638 /* Shove it onto the queue and kick */ 1639 ax25_output(ax25, ax25->paclen, skb); 1640 1641 err = len; 1642 goto out; 1643 } 1644 1645 skb_push(skb, 1 + ax25_addr_size(dp)); 1646 1647 /* Building AX.25 Header */ 1648 1649 /* Build an AX.25 header */ 1650 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call, 1651 dp, AX25_COMMAND, AX25_MODULUS); 1652 1653 skb_set_transport_header(skb, lv); 1654 1655 *skb_transport_header(skb) = AX25_UI; 1656 1657 /* Datagram frames go straight out of the door as UI */ 1658 ax25_queue_xmit(skb, ax25->ax25_dev->dev); 1659 1660 err = len; 1661 1662 out: 1663 release_sock(sk); 1664 1665 return err; 1666 } 1667 1668 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1669 int flags) 1670 { 1671 struct sock *sk = sock->sk; 1672 struct sk_buff *skb, *last; 1673 struct sk_buff_head *sk_queue; 1674 int copied; 1675 int err = 0; 1676 int off = 0; 1677 long timeo; 1678 1679 lock_sock(sk); 1680 /* 1681 * This works for seqpacket too. The receiver has ordered the 1682 * queue for us! We do one quick check first though 1683 */ 1684 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) { 1685 err = -ENOTCONN; 1686 goto out; 1687 } 1688 1689 /* We need support for non-blocking reads. */ 1690 sk_queue = &sk->sk_receive_queue; 1691 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, &err, &last); 1692 /* If no packet is available, release_sock(sk) and try again. */ 1693 if (!skb) { 1694 if (err != -EAGAIN) 1695 goto out; 1696 release_sock(sk); 1697 timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); 1698 while (timeo && !__skb_wait_for_more_packets(sk, sk_queue, &err, 1699 &timeo, last)) { 1700 skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, 1701 &err, &last); 1702 if (skb) 1703 break; 1704 1705 if (err != -EAGAIN) 1706 goto done; 1707 } 1708 if (!skb) 1709 goto done; 1710 lock_sock(sk); 1711 } 1712 1713 if (!sk_to_ax25(sk)->pidincl) 1714 skb_pull(skb, 1); /* Remove PID */ 1715 1716 skb_reset_transport_header(skb); 1717 copied = skb->len; 1718 1719 if (copied > size) { 1720 copied = size; 1721 msg->msg_flags |= MSG_TRUNC; 1722 } 1723 1724 skb_copy_datagram_msg(skb, 0, msg, copied); 1725 1726 if (msg->msg_name) { 1727 ax25_digi digi; 1728 ax25_address src; 1729 const unsigned char *mac = skb_mac_header(skb); 1730 DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name); 1731 1732 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1733 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1734 &digi, NULL, NULL); 1735 sax->sax25_family = AF_AX25; 1736 /* We set this correctly, even though we may not let the 1737 application know the digi calls further down (because it 1738 did NOT ask to know them). This could get political... **/ 1739 sax->sax25_ndigis = digi.ndigi; 1740 sax->sax25_call = src; 1741 1742 if (sax->sax25_ndigis != 0) { 1743 int ct; 1744 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax; 1745 1746 for (ct = 0; ct < digi.ndigi; ct++) 1747 fsa->fsa_digipeater[ct] = digi.calls[ct]; 1748 } 1749 msg->msg_namelen = sizeof(struct full_sockaddr_ax25); 1750 } 1751 1752 skb_free_datagram(sk, skb); 1753 err = copied; 1754 1755 out: 1756 release_sock(sk); 1757 1758 done: 1759 return err; 1760 } 1761 1762 static int ax25_shutdown(struct socket *sk, int how) 1763 { 1764 /* FIXME - generate DM and RNR states */ 1765 return -EOPNOTSUPP; 1766 } 1767 1768 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1769 { 1770 struct sock *sk = sock->sk; 1771 void __user *argp = (void __user *)arg; 1772 int res = 0; 1773 1774 lock_sock(sk); 1775 switch (cmd) { 1776 case TIOCOUTQ: { 1777 long amount; 1778 1779 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1780 if (amount < 0) 1781 amount = 0; 1782 res = put_user(amount, (int __user *)argp); 1783 break; 1784 } 1785 1786 case TIOCINQ: { 1787 struct sk_buff *skb; 1788 long amount = 0L; 1789 /* These two are safe on a single CPU system as only user tasks fiddle here */ 1790 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1791 amount = skb->len; 1792 res = put_user(amount, (int __user *) argp); 1793 break; 1794 } 1795 1796 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */ 1797 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */ 1798 case SIOCAX25GETUID: { 1799 struct sockaddr_ax25 sax25; 1800 if (copy_from_user(&sax25, argp, sizeof(sax25))) { 1801 res = -EFAULT; 1802 break; 1803 } 1804 res = ax25_uid_ioctl(cmd, &sax25); 1805 break; 1806 } 1807 1808 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */ 1809 long amount; 1810 if (!capable(CAP_NET_ADMIN)) { 1811 res = -EPERM; 1812 break; 1813 } 1814 if (get_user(amount, (long __user *)argp)) { 1815 res = -EFAULT; 1816 break; 1817 } 1818 if (amount < 0 || amount > AX25_NOUID_BLOCK) { 1819 res = -EINVAL; 1820 break; 1821 } 1822 ax25_uid_policy = amount; 1823 res = 0; 1824 break; 1825 } 1826 1827 case SIOCADDRT: 1828 case SIOCDELRT: 1829 case SIOCAX25OPTRT: 1830 if (!capable(CAP_NET_ADMIN)) { 1831 res = -EPERM; 1832 break; 1833 } 1834 res = ax25_rt_ioctl(cmd, argp); 1835 break; 1836 1837 case SIOCAX25CTLCON: 1838 if (!capable(CAP_NET_ADMIN)) { 1839 res = -EPERM; 1840 break; 1841 } 1842 res = ax25_ctl_ioctl(cmd, argp); 1843 break; 1844 1845 case SIOCAX25GETINFO: 1846 case SIOCAX25GETINFOOLD: { 1847 ax25_cb *ax25 = sk_to_ax25(sk); 1848 struct ax25_info_struct ax25_info; 1849 1850 ax25_info.t1 = ax25->t1 / HZ; 1851 ax25_info.t2 = ax25->t2 / HZ; 1852 ax25_info.t3 = ax25->t3 / HZ; 1853 ax25_info.idle = ax25->idle / (60 * HZ); 1854 ax25_info.n2 = ax25->n2; 1855 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ; 1856 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ; 1857 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ; 1858 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ); 1859 ax25_info.n2count = ax25->n2count; 1860 ax25_info.state = ax25->state; 1861 ax25_info.rcv_q = sk_rmem_alloc_get(sk); 1862 ax25_info.snd_q = sk_wmem_alloc_get(sk); 1863 ax25_info.vs = ax25->vs; 1864 ax25_info.vr = ax25->vr; 1865 ax25_info.va = ax25->va; 1866 ax25_info.vs_max = ax25->vs; /* reserved */ 1867 ax25_info.paclen = ax25->paclen; 1868 ax25_info.window = ax25->window; 1869 1870 /* old structure? */ 1871 if (cmd == SIOCAX25GETINFOOLD) { 1872 static int warned = 0; 1873 if (!warned) { 1874 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n", 1875 current->comm); 1876 warned=1; 1877 } 1878 1879 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) { 1880 res = -EFAULT; 1881 break; 1882 } 1883 } else { 1884 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) { 1885 res = -EINVAL; 1886 break; 1887 } 1888 } 1889 res = 0; 1890 break; 1891 } 1892 1893 case SIOCAX25ADDFWD: 1894 case SIOCAX25DELFWD: { 1895 struct ax25_fwd_struct ax25_fwd; 1896 if (!capable(CAP_NET_ADMIN)) { 1897 res = -EPERM; 1898 break; 1899 } 1900 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) { 1901 res = -EFAULT; 1902 break; 1903 } 1904 res = ax25_fwd_ioctl(cmd, &ax25_fwd); 1905 break; 1906 } 1907 1908 case SIOCGIFADDR: 1909 case SIOCSIFADDR: 1910 case SIOCGIFDSTADDR: 1911 case SIOCSIFDSTADDR: 1912 case SIOCGIFBRDADDR: 1913 case SIOCSIFBRDADDR: 1914 case SIOCGIFNETMASK: 1915 case SIOCSIFNETMASK: 1916 case SIOCGIFMETRIC: 1917 case SIOCSIFMETRIC: 1918 res = -EINVAL; 1919 break; 1920 1921 default: 1922 res = -ENOIOCTLCMD; 1923 break; 1924 } 1925 release_sock(sk); 1926 1927 return res; 1928 } 1929 1930 #ifdef CONFIG_PROC_FS 1931 1932 static void *ax25_info_start(struct seq_file *seq, loff_t *pos) 1933 __acquires(ax25_list_lock) 1934 { 1935 spin_lock_bh(&ax25_list_lock); 1936 return seq_hlist_start(&ax25_list, *pos); 1937 } 1938 1939 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos) 1940 { 1941 return seq_hlist_next(v, &ax25_list, pos); 1942 } 1943 1944 static void ax25_info_stop(struct seq_file *seq, void *v) 1945 __releases(ax25_list_lock) 1946 { 1947 spin_unlock_bh(&ax25_list_lock); 1948 } 1949 1950 static int ax25_info_show(struct seq_file *seq, void *v) 1951 { 1952 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node); 1953 char buf[11]; 1954 int k; 1955 1956 1957 /* 1958 * New format: 1959 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode 1960 */ 1961 1962 seq_printf(seq, "%p %s %s%s ", 1963 ax25, 1964 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1965 ax2asc(buf, &ax25->source_addr), 1966 ax25->iamdigi? "*":""); 1967 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr)); 1968 1969 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1970 seq_printf(seq, ",%s%s", 1971 ax2asc(buf, &ax25->digipeat->calls[k]), 1972 ax25->digipeat->repeated[k]? "*":""); 1973 } 1974 1975 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d", 1976 ax25->state, 1977 ax25->vs, ax25->vr, ax25->va, 1978 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ, 1979 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ, 1980 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ, 1981 ax25_display_timer(&ax25->idletimer) / (60 * HZ), 1982 ax25->idle / (60 * HZ), 1983 ax25->n2count, ax25->n2, 1984 ax25->rtt / HZ, 1985 ax25->window, 1986 ax25->paclen); 1987 1988 if (ax25->sk != NULL) { 1989 seq_printf(seq, " %d %d %lu\n", 1990 sk_wmem_alloc_get(ax25->sk), 1991 sk_rmem_alloc_get(ax25->sk), 1992 sock_i_ino(ax25->sk)); 1993 } else { 1994 seq_puts(seq, " * * *\n"); 1995 } 1996 return 0; 1997 } 1998 1999 static const struct seq_operations ax25_info_seqops = { 2000 .start = ax25_info_start, 2001 .next = ax25_info_next, 2002 .stop = ax25_info_stop, 2003 .show = ax25_info_show, 2004 }; 2005 #endif 2006 2007 static const struct net_proto_family ax25_family_ops = { 2008 .family = PF_AX25, 2009 .create = ax25_create, 2010 .owner = THIS_MODULE, 2011 }; 2012 2013 static const struct proto_ops ax25_proto_ops = { 2014 .family = PF_AX25, 2015 .owner = THIS_MODULE, 2016 .release = ax25_release, 2017 .bind = ax25_bind, 2018 .connect = ax25_connect, 2019 .socketpair = sock_no_socketpair, 2020 .accept = ax25_accept, 2021 .getname = ax25_getname, 2022 .poll = datagram_poll, 2023 .ioctl = ax25_ioctl, 2024 .gettstamp = sock_gettstamp, 2025 .listen = ax25_listen, 2026 .shutdown = ax25_shutdown, 2027 .setsockopt = ax25_setsockopt, 2028 .getsockopt = ax25_getsockopt, 2029 .sendmsg = ax25_sendmsg, 2030 .recvmsg = ax25_recvmsg, 2031 .mmap = sock_no_mmap, 2032 }; 2033 2034 /* 2035 * Called by socket.c on kernel start up 2036 */ 2037 static struct packet_type ax25_packet_type __read_mostly = { 2038 .type = cpu_to_be16(ETH_P_AX25), 2039 .func = ax25_kiss_rcv, 2040 }; 2041 2042 static struct notifier_block ax25_dev_notifier = { 2043 .notifier_call = ax25_device_event, 2044 }; 2045 2046 static int __init ax25_init(void) 2047 { 2048 int rc = proto_register(&ax25_proto, 0); 2049 2050 if (rc != 0) 2051 goto out; 2052 2053 sock_register(&ax25_family_ops); 2054 dev_add_pack(&ax25_packet_type); 2055 register_netdevice_notifier(&ax25_dev_notifier); 2056 2057 proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops); 2058 proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops); 2059 proc_create_seq("ax25_calls", 0444, init_net.proc_net, 2060 &ax25_uid_seqops); 2061 out: 2062 return rc; 2063 } 2064 module_init(ax25_init); 2065 2066 2067 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>"); 2068 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol"); 2069 MODULE_LICENSE("GPL"); 2070 MODULE_ALIAS_NETPROTO(PF_AX25); 2071 2072 static void __exit ax25_exit(void) 2073 { 2074 remove_proc_entry("ax25_route", init_net.proc_net); 2075 remove_proc_entry("ax25", init_net.proc_net); 2076 remove_proc_entry("ax25_calls", init_net.proc_net); 2077 2078 unregister_netdevice_notifier(&ax25_dev_notifier); 2079 2080 dev_remove_pack(&ax25_packet_type); 2081 2082 sock_unregister(PF_AX25); 2083 proto_unregister(&ax25_proto); 2084 2085 ax25_rt_free(); 2086 ax25_uid_free(); 2087 ax25_dev_free(); 2088 } 2089 module_exit(ax25_exit); 2090