1 /* 2 * This program is free software; you can redistribute it and/or modify 3 * it under the terms of the GNU General Public License as published by 4 * the Free Software Foundation; either version 2 of the License, or 5 * (at your option) any later version. 6 * 7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) 8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) 9 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) 10 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) 11 */ 12 #include <linux/errno.h> 13 #include <linux/types.h> 14 #include <linux/socket.h> 15 #include <linux/in.h> 16 #include <linux/kernel.h> 17 #include <linux/timer.h> 18 #include <linux/string.h> 19 #include <linux/sockios.h> 20 #include <linux/net.h> 21 #include <linux/slab.h> 22 #include <net/ax25.h> 23 #include <linux/inet.h> 24 #include <linux/netdevice.h> 25 #include <linux/skbuff.h> 26 #include <net/sock.h> 27 #include <net/tcp_states.h> 28 #include <asm/uaccess.h> 29 #include <asm/system.h> 30 #include <linux/fcntl.h> 31 #include <linux/mm.h> 32 #include <linux/interrupt.h> 33 34 /* 35 * This routine purges all the queues of frames. 36 */ 37 void ax25_clear_queues(ax25_cb *ax25) 38 { 39 skb_queue_purge(&ax25->write_queue); 40 skb_queue_purge(&ax25->ack_queue); 41 skb_queue_purge(&ax25->reseq_queue); 42 skb_queue_purge(&ax25->frag_queue); 43 } 44 45 /* 46 * This routine purges the input queue of those frames that have been 47 * acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the 48 * SDL diagram. 49 */ 50 void ax25_frames_acked(ax25_cb *ax25, unsigned short nr) 51 { 52 struct sk_buff *skb; 53 54 /* 55 * Remove all the ack-ed frames from the ack queue. 56 */ 57 if (ax25->va != nr) { 58 while (skb_peek(&ax25->ack_queue) != NULL && ax25->va != nr) { 59 skb = skb_dequeue(&ax25->ack_queue); 60 kfree_skb(skb); 61 ax25->va = (ax25->va + 1) % ax25->modulus; 62 } 63 } 64 } 65 66 void ax25_requeue_frames(ax25_cb *ax25) 67 { 68 struct sk_buff *skb; 69 70 /* 71 * Requeue all the un-ack-ed frames on the output queue to be picked 72 * up by ax25_kick called from the timer. This arrangement handles the 73 * possibility of an empty output queue. 74 */ 75 while ((skb = skb_dequeue_tail(&ax25->ack_queue)) != NULL) 76 skb_queue_head(&ax25->write_queue, skb); 77 } 78 79 /* 80 * Validate that the value of nr is between va and vs. Return true or 81 * false for testing. 82 */ 83 int ax25_validate_nr(ax25_cb *ax25, unsigned short nr) 84 { 85 unsigned short vc = ax25->va; 86 87 while (vc != ax25->vs) { 88 if (nr == vc) return 1; 89 vc = (vc + 1) % ax25->modulus; 90 } 91 92 if (nr == ax25->vs) return 1; 93 94 return 0; 95 } 96 97 /* 98 * This routine is the centralised routine for parsing the control 99 * information for the different frame formats. 100 */ 101 int ax25_decode(ax25_cb *ax25, struct sk_buff *skb, int *ns, int *nr, int *pf) 102 { 103 unsigned char *frame; 104 int frametype = AX25_ILLEGAL; 105 106 frame = skb->data; 107 *ns = *nr = *pf = 0; 108 109 if (ax25->modulus == AX25_MODULUS) { 110 if ((frame[0] & AX25_S) == 0) { 111 frametype = AX25_I; /* I frame - carries NR/NS/PF */ 112 *ns = (frame[0] >> 1) & 0x07; 113 *nr = (frame[0] >> 5) & 0x07; 114 *pf = frame[0] & AX25_PF; 115 } else if ((frame[0] & AX25_U) == 1) { /* S frame - take out PF/NR */ 116 frametype = frame[0] & 0x0F; 117 *nr = (frame[0] >> 5) & 0x07; 118 *pf = frame[0] & AX25_PF; 119 } else if ((frame[0] & AX25_U) == 3) { /* U frame - take out PF */ 120 frametype = frame[0] & ~AX25_PF; 121 *pf = frame[0] & AX25_PF; 122 } 123 skb_pull(skb, 1); 124 } else { 125 if ((frame[0] & AX25_S) == 0) { 126 frametype = AX25_I; /* I frame - carries NR/NS/PF */ 127 *ns = (frame[0] >> 1) & 0x7F; 128 *nr = (frame[1] >> 1) & 0x7F; 129 *pf = frame[1] & AX25_EPF; 130 skb_pull(skb, 2); 131 } else if ((frame[0] & AX25_U) == 1) { /* S frame - take out PF/NR */ 132 frametype = frame[0] & 0x0F; 133 *nr = (frame[1] >> 1) & 0x7F; 134 *pf = frame[1] & AX25_EPF; 135 skb_pull(skb, 2); 136 } else if ((frame[0] & AX25_U) == 3) { /* U frame - take out PF */ 137 frametype = frame[0] & ~AX25_PF; 138 *pf = frame[0] & AX25_PF; 139 skb_pull(skb, 1); 140 } 141 } 142 143 return frametype; 144 } 145 146 /* 147 * This routine is called when the HDLC layer internally generates a 148 * command or response for the remote machine ( eg. RR, UA etc. ). 149 * Only supervisory or unnumbered frames are processed. 150 */ 151 void ax25_send_control(ax25_cb *ax25, int frametype, int poll_bit, int type) 152 { 153 struct sk_buff *skb; 154 unsigned char *dptr; 155 156 if ((skb = alloc_skb(ax25->ax25_dev->dev->hard_header_len + 2, GFP_ATOMIC)) == NULL) 157 return; 158 159 skb_reserve(skb, ax25->ax25_dev->dev->hard_header_len); 160 161 skb_reset_network_header(skb); 162 163 /* Assume a response - address structure for DTE */ 164 if (ax25->modulus == AX25_MODULUS) { 165 dptr = skb_put(skb, 1); 166 *dptr = frametype; 167 *dptr |= (poll_bit) ? AX25_PF : 0; 168 if ((frametype & AX25_U) == AX25_S) /* S frames carry NR */ 169 *dptr |= (ax25->vr << 5); 170 } else { 171 if ((frametype & AX25_U) == AX25_U) { 172 dptr = skb_put(skb, 1); 173 *dptr = frametype; 174 *dptr |= (poll_bit) ? AX25_PF : 0; 175 } else { 176 dptr = skb_put(skb, 2); 177 dptr[0] = frametype; 178 dptr[1] = (ax25->vr << 1); 179 dptr[1] |= (poll_bit) ? AX25_EPF : 0; 180 } 181 } 182 183 ax25_transmit_buffer(ax25, skb, type); 184 } 185 186 /* 187 * Send a 'DM' to an unknown connection attempt, or an invalid caller. 188 * 189 * Note: src here is the sender, thus it's the target of the DM 190 */ 191 void ax25_return_dm(struct net_device *dev, ax25_address *src, ax25_address *dest, ax25_digi *digi) 192 { 193 struct sk_buff *skb; 194 char *dptr; 195 ax25_digi retdigi; 196 197 if (dev == NULL) 198 return; 199 200 if ((skb = alloc_skb(dev->hard_header_len + 1, GFP_ATOMIC)) == NULL) 201 return; /* Next SABM will get DM'd */ 202 203 skb_reserve(skb, dev->hard_header_len); 204 skb_reset_network_header(skb); 205 206 ax25_digi_invert(digi, &retdigi); 207 208 dptr = skb_put(skb, 1); 209 210 *dptr = AX25_DM | AX25_PF; 211 212 /* 213 * Do the address ourselves 214 */ 215 dptr = skb_push(skb, ax25_addr_size(digi)); 216 dptr += ax25_addr_build(dptr, dest, src, &retdigi, AX25_RESPONSE, AX25_MODULUS); 217 218 ax25_queue_xmit(skb, dev); 219 } 220 221 /* 222 * Exponential backoff for AX.25 223 */ 224 void ax25_calculate_t1(ax25_cb *ax25) 225 { 226 int n, t = 2; 227 228 switch (ax25->backoff) { 229 case 0: 230 break; 231 232 case 1: 233 t += 2 * ax25->n2count; 234 break; 235 236 case 2: 237 for (n = 0; n < ax25->n2count; n++) 238 t *= 2; 239 if (t > 8) t = 8; 240 break; 241 } 242 243 ax25->t1 = t * ax25->rtt; 244 } 245 246 /* 247 * Calculate the Round Trip Time 248 */ 249 void ax25_calculate_rtt(ax25_cb *ax25) 250 { 251 if (ax25->backoff == 0) 252 return; 253 254 if (ax25_t1timer_running(ax25) && ax25->n2count == 0) 255 ax25->rtt = (9 * ax25->rtt + ax25->t1 - ax25_display_timer(&ax25->t1timer)) / 10; 256 257 if (ax25->rtt < AX25_T1CLAMPLO) 258 ax25->rtt = AX25_T1CLAMPLO; 259 260 if (ax25->rtt > AX25_T1CLAMPHI) 261 ax25->rtt = AX25_T1CLAMPHI; 262 } 263 264 void ax25_disconnect(ax25_cb *ax25, int reason) 265 { 266 ax25_clear_queues(ax25); 267 268 ax25_stop_t1timer(ax25); 269 ax25_stop_t2timer(ax25); 270 ax25_stop_t3timer(ax25); 271 ax25_stop_idletimer(ax25); 272 273 ax25->state = AX25_STATE_0; 274 275 ax25_link_failed(ax25, reason); 276 277 if (ax25->sk != NULL) { 278 local_bh_disable(); 279 bh_lock_sock(ax25->sk); 280 ax25->sk->sk_state = TCP_CLOSE; 281 ax25->sk->sk_err = reason; 282 ax25->sk->sk_shutdown |= SEND_SHUTDOWN; 283 if (!sock_flag(ax25->sk, SOCK_DEAD)) { 284 ax25->sk->sk_state_change(ax25->sk); 285 sock_set_flag(ax25->sk, SOCK_DEAD); 286 } 287 bh_unlock_sock(ax25->sk); 288 local_bh_enable(); 289 } 290 } 291