ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
[linux/fpc-iii.git] / net / ipx / af_ipx.c
blobe735f781e4f327a9c47a13e29fd70734f8a1d180
1 /*
2 * Implements an IPX socket layer.
4 * This code is derived from work by
5 * Ross Biro : Writing the original IP stack
6 * Fred Van Kempen : Tidying up the TCP/IP
8 * Many thanks go to Keith Baker, Institute For Industrial Information
9 * Technology Ltd, Swansea University for allowing me to work on this
10 * in my own time even though it was in some ways related to commercial
11 * work I am currently employed to do there.
13 * All the material in this file is subject to the Gnu license version 2.
14 * Neither Alan Cox nor the Swansea University Computer Society admit
15 * liability nor provide warranty for any of this software. This material
16 * is provided as is and at no charge.
18 * Portions Copyright (c) 2000-2003 Conectiva, Inc. <acme@conectiva.com.br>
19 * Neither Arnaldo Carvalho de Melo nor Conectiva, Inc. admit liability nor
20 * provide warranty for any of this software. This material is provided
21 * "AS-IS" and at no charge.
23 * Portions Copyright (c) 1995 Caldera, Inc. <greg@caldera.com>
24 * Neither Greg Page nor Caldera, Inc. admit liability nor provide
25 * warranty for any of this software. This material is provided
26 * "AS-IS" and at no charge.
28 * See net/ipx/ChangeLog.
31 #include <linux/capability.h>
32 #include <linux/errno.h>
33 #include <linux/if_arp.h>
34 #include <linux/if_ether.h>
35 #include <linux/init.h>
36 #include <linux/ipx.h>
37 #include <linux/kernel.h>
38 #include <linux/list.h>
39 #include <linux/module.h>
40 #include <linux/net.h>
41 #include <linux/netdevice.h>
42 #include <linux/uio.h>
43 #include <linux/slab.h>
44 #include <linux/skbuff.h>
45 #include <linux/socket.h>
46 #include <linux/sockios.h>
47 #include <linux/string.h>
48 #include <linux/types.h>
49 #include <linux/termios.h>
51 #include <net/ipx.h>
52 #include <net/p8022.h>
53 #include <net/psnap.h>
54 #include <net/sock.h>
55 #include <net/datalink.h>
56 #include <net/tcp_states.h>
57 #include <net/net_namespace.h>
59 #include <asm/uaccess.h>
61 /* Configuration Variables */
62 static unsigned char ipxcfg_max_hops = 16;
63 static char ipxcfg_auto_select_primary;
64 static char ipxcfg_auto_create_interfaces;
65 int sysctl_ipx_pprop_broadcasting = 1;
67 /* Global Variables */
68 static struct datalink_proto *p8022_datalink;
69 static struct datalink_proto *pEII_datalink;
70 static struct datalink_proto *p8023_datalink;
71 static struct datalink_proto *pSNAP_datalink;
73 static const struct proto_ops ipx_dgram_ops;
75 LIST_HEAD(ipx_interfaces);
76 DEFINE_SPINLOCK(ipx_interfaces_lock);
78 struct ipx_interface *ipx_primary_net;
79 struct ipx_interface *ipx_internal_net;
81 struct ipx_interface *ipx_interfaces_head(void)
83 struct ipx_interface *rc = NULL;
85 if (!list_empty(&ipx_interfaces))
86 rc = list_entry(ipx_interfaces.next,
87 struct ipx_interface, node);
88 return rc;
91 static void ipxcfg_set_auto_select(char val)
93 ipxcfg_auto_select_primary = val;
94 if (val && !ipx_primary_net)
95 ipx_primary_net = ipx_interfaces_head();
98 static int ipxcfg_get_config_data(struct ipx_config_data __user *arg)
100 struct ipx_config_data vals;
102 vals.ipxcfg_auto_create_interfaces = ipxcfg_auto_create_interfaces;
103 vals.ipxcfg_auto_select_primary = ipxcfg_auto_select_primary;
105 return copy_to_user(arg, &vals, sizeof(vals)) ? -EFAULT : 0;
109 * Note: Sockets may not be removed _during_ an interrupt or inet_bh
110 * handler using this technique. They can be added although we do not
111 * use this facility.
114 static void ipx_remove_socket(struct sock *sk)
116 /* Determine interface with which socket is associated */
117 struct ipx_interface *intrfc = ipx_sk(sk)->intrfc;
119 if (!intrfc)
120 goto out;
122 ipxitf_hold(intrfc);
123 spin_lock_bh(&intrfc->if_sklist_lock);
124 sk_del_node_init(sk);
125 spin_unlock_bh(&intrfc->if_sklist_lock);
126 ipxitf_put(intrfc);
127 out:
128 return;
131 static void ipx_destroy_socket(struct sock *sk)
133 ipx_remove_socket(sk);
134 skb_queue_purge(&sk->sk_receive_queue);
135 sk_refcnt_debug_dec(sk);
139 * The following code is used to support IPX Interfaces (IPXITF). An
140 * IPX interface is defined by a physical device and a frame type.
143 /* ipxitf_clear_primary_net has to be called with ipx_interfaces_lock held */
145 static void ipxitf_clear_primary_net(void)
147 ipx_primary_net = NULL;
148 if (ipxcfg_auto_select_primary)
149 ipx_primary_net = ipx_interfaces_head();
152 static struct ipx_interface *__ipxitf_find_using_phys(struct net_device *dev,
153 __be16 datalink)
155 struct ipx_interface *i;
157 list_for_each_entry(i, &ipx_interfaces, node)
158 if (i->if_dev == dev && i->if_dlink_type == datalink)
159 goto out;
160 i = NULL;
161 out:
162 return i;
165 static struct ipx_interface *ipxitf_find_using_phys(struct net_device *dev,
166 __be16 datalink)
168 struct ipx_interface *i;
170 spin_lock_bh(&ipx_interfaces_lock);
171 i = __ipxitf_find_using_phys(dev, datalink);
172 if (i)
173 ipxitf_hold(i);
174 spin_unlock_bh(&ipx_interfaces_lock);
175 return i;
178 struct ipx_interface *ipxitf_find_using_net(__be32 net)
180 struct ipx_interface *i;
182 spin_lock_bh(&ipx_interfaces_lock);
183 if (net) {
184 list_for_each_entry(i, &ipx_interfaces, node)
185 if (i->if_netnum == net)
186 goto hold;
187 i = NULL;
188 goto unlock;
191 i = ipx_primary_net;
192 if (i)
193 hold:
194 ipxitf_hold(i);
195 unlock:
196 spin_unlock_bh(&ipx_interfaces_lock);
197 return i;
200 /* Sockets are bound to a particular IPX interface. */
201 static void ipxitf_insert_socket(struct ipx_interface *intrfc, struct sock *sk)
203 ipxitf_hold(intrfc);
204 spin_lock_bh(&intrfc->if_sklist_lock);
205 ipx_sk(sk)->intrfc = intrfc;
206 sk_add_node(sk, &intrfc->if_sklist);
207 spin_unlock_bh(&intrfc->if_sklist_lock);
208 ipxitf_put(intrfc);
211 /* caller must hold intrfc->if_sklist_lock */
212 static struct sock *__ipxitf_find_socket(struct ipx_interface *intrfc,
213 __be16 port)
215 struct sock *s;
217 sk_for_each(s, &intrfc->if_sklist)
218 if (ipx_sk(s)->port == port)
219 goto found;
220 s = NULL;
221 found:
222 return s;
225 /* caller must hold a reference to intrfc */
226 static struct sock *ipxitf_find_socket(struct ipx_interface *intrfc,
227 __be16 port)
229 struct sock *s;
231 spin_lock_bh(&intrfc->if_sklist_lock);
232 s = __ipxitf_find_socket(intrfc, port);
233 if (s)
234 sock_hold(s);
235 spin_unlock_bh(&intrfc->if_sklist_lock);
237 return s;
240 #ifdef CONFIG_IPX_INTERN
241 static struct sock *ipxitf_find_internal_socket(struct ipx_interface *intrfc,
242 unsigned char *ipx_node,
243 __be16 port)
245 struct sock *s;
247 ipxitf_hold(intrfc);
248 spin_lock_bh(&intrfc->if_sklist_lock);
250 sk_for_each(s, &intrfc->if_sklist) {
251 struct ipx_sock *ipxs = ipx_sk(s);
253 if (ipxs->port == port &&
254 !memcmp(ipx_node, ipxs->node, IPX_NODE_LEN))
255 goto found;
257 s = NULL;
258 found:
259 spin_unlock_bh(&intrfc->if_sklist_lock);
260 ipxitf_put(intrfc);
261 return s;
263 #endif
265 static void __ipxitf_down(struct ipx_interface *intrfc)
267 struct sock *s;
268 struct hlist_node *t;
270 /* Delete all routes associated with this interface */
271 ipxrtr_del_routes(intrfc);
273 spin_lock_bh(&intrfc->if_sklist_lock);
274 /* error sockets */
275 sk_for_each_safe(s, t, &intrfc->if_sklist) {
276 struct ipx_sock *ipxs = ipx_sk(s);
278 s->sk_err = ENOLINK;
279 s->sk_error_report(s);
280 ipxs->intrfc = NULL;
281 ipxs->port = 0;
282 sock_set_flag(s, SOCK_ZAPPED); /* Indicates it is no longer bound */
283 sk_del_node_init(s);
285 INIT_HLIST_HEAD(&intrfc->if_sklist);
286 spin_unlock_bh(&intrfc->if_sklist_lock);
288 /* remove this interface from list */
289 list_del(&intrfc->node);
291 /* remove this interface from *special* networks */
292 if (intrfc == ipx_primary_net)
293 ipxitf_clear_primary_net();
294 if (intrfc == ipx_internal_net)
295 ipx_internal_net = NULL;
297 if (intrfc->if_dev)
298 dev_put(intrfc->if_dev);
299 kfree(intrfc);
302 void ipxitf_down(struct ipx_interface *intrfc)
304 spin_lock_bh(&ipx_interfaces_lock);
305 __ipxitf_down(intrfc);
306 spin_unlock_bh(&ipx_interfaces_lock);
309 static void __ipxitf_put(struct ipx_interface *intrfc)
311 if (atomic_dec_and_test(&intrfc->refcnt))
312 __ipxitf_down(intrfc);
315 static int ipxitf_device_event(struct notifier_block *notifier,
316 unsigned long event, void *ptr)
318 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
319 struct ipx_interface *i, *tmp;
321 if (!net_eq(dev_net(dev), &init_net))
322 return NOTIFY_DONE;
324 if (event != NETDEV_DOWN && event != NETDEV_UP)
325 goto out;
327 spin_lock_bh(&ipx_interfaces_lock);
328 list_for_each_entry_safe(i, tmp, &ipx_interfaces, node)
329 if (i->if_dev == dev) {
330 if (event == NETDEV_UP)
331 ipxitf_hold(i);
332 else
333 __ipxitf_put(i);
335 spin_unlock_bh(&ipx_interfaces_lock);
336 out:
337 return NOTIFY_DONE;
341 static __exit void ipxitf_cleanup(void)
343 struct ipx_interface *i, *tmp;
345 spin_lock_bh(&ipx_interfaces_lock);
346 list_for_each_entry_safe(i, tmp, &ipx_interfaces, node)
347 __ipxitf_put(i);
348 spin_unlock_bh(&ipx_interfaces_lock);
351 static void ipxitf_def_skb_handler(struct sock *sock, struct sk_buff *skb)
353 if (sock_queue_rcv_skb(sock, skb) < 0)
354 kfree_skb(skb);
358 * On input skb->sk is NULL. Nobody is charged for the memory.
361 /* caller must hold a reference to intrfc */
363 #ifdef CONFIG_IPX_INTERN
364 static int ipxitf_demux_socket(struct ipx_interface *intrfc,
365 struct sk_buff *skb, int copy)
367 struct ipxhdr *ipx = ipx_hdr(skb);
368 int is_broadcast = !memcmp(ipx->ipx_dest.node, ipx_broadcast_node,
369 IPX_NODE_LEN);
370 struct sock *s;
371 int rc;
373 spin_lock_bh(&intrfc->if_sklist_lock);
375 sk_for_each(s, &intrfc->if_sklist) {
376 struct ipx_sock *ipxs = ipx_sk(s);
378 if (ipxs->port == ipx->ipx_dest.sock &&
379 (is_broadcast || !memcmp(ipx->ipx_dest.node,
380 ipxs->node, IPX_NODE_LEN))) {
381 /* We found a socket to which to send */
382 struct sk_buff *skb1;
384 if (copy) {
385 skb1 = skb_clone(skb, GFP_ATOMIC);
386 rc = -ENOMEM;
387 if (!skb1)
388 goto out;
389 } else {
390 skb1 = skb;
391 copy = 1; /* skb may only be used once */
393 ipxitf_def_skb_handler(s, skb1);
395 /* On an external interface, one socket can listen */
396 if (intrfc != ipx_internal_net)
397 break;
401 /* skb was solely for us, and we did not make a copy, so free it. */
402 if (!copy)
403 kfree_skb(skb);
405 rc = 0;
406 out:
407 spin_unlock_bh(&intrfc->if_sklist_lock);
408 return rc;
410 #else
411 static struct sock *ncp_connection_hack(struct ipx_interface *intrfc,
412 struct ipxhdr *ipx)
414 /* The packet's target is a NCP connection handler. We want to hand it
415 * to the correct socket directly within the kernel, so that the
416 * mars_nwe packet distribution process does not have to do it. Here we
417 * only care about NCP and BURST packets.
419 * You might call this a hack, but believe me, you do not want a
420 * complete NCP layer in the kernel, and this is VERY fast as well. */
421 struct sock *sk = NULL;
422 int connection = 0;
423 u8 *ncphdr = (u8 *)(ipx + 1);
425 if (*ncphdr == 0x22 && *(ncphdr + 1) == 0x22) /* NCP request */
426 connection = (((int) *(ncphdr + 5)) << 8) | (int) *(ncphdr + 3);
427 else if (*ncphdr == 0x77 && *(ncphdr + 1) == 0x77) /* BURST packet */
428 connection = (((int) *(ncphdr + 9)) << 8) | (int) *(ncphdr + 8);
430 if (connection) {
431 /* Now we have to look for a special NCP connection handling
432 * socket. Only these sockets have ipx_ncp_conn != 0, set by
433 * SIOCIPXNCPCONN. */
434 spin_lock_bh(&intrfc->if_sklist_lock);
435 sk_for_each(sk, &intrfc->if_sklist)
436 if (ipx_sk(sk)->ipx_ncp_conn == connection) {
437 sock_hold(sk);
438 goto found;
440 sk = NULL;
441 found:
442 spin_unlock_bh(&intrfc->if_sklist_lock);
444 return sk;
447 static int ipxitf_demux_socket(struct ipx_interface *intrfc,
448 struct sk_buff *skb, int copy)
450 struct ipxhdr *ipx = ipx_hdr(skb);
451 struct sock *sock1 = NULL, *sock2 = NULL;
452 struct sk_buff *skb1 = NULL, *skb2 = NULL;
453 int rc;
455 if (intrfc == ipx_primary_net && ntohs(ipx->ipx_dest.sock) == 0x451)
456 sock1 = ncp_connection_hack(intrfc, ipx);
457 if (!sock1)
458 /* No special socket found, forward the packet the normal way */
459 sock1 = ipxitf_find_socket(intrfc, ipx->ipx_dest.sock);
462 * We need to check if there is a primary net and if
463 * this is addressed to one of the *SPECIAL* sockets because
464 * these need to be propagated to the primary net.
465 * The *SPECIAL* socket list contains: 0x452(SAP), 0x453(RIP) and
466 * 0x456(Diagnostic).
469 if (ipx_primary_net && intrfc != ipx_primary_net) {
470 const int dsock = ntohs(ipx->ipx_dest.sock);
472 if (dsock == 0x452 || dsock == 0x453 || dsock == 0x456)
473 /* The appropriate thing to do here is to dup the
474 * packet and route to the primary net interface via
475 * ipxitf_send; however, we'll cheat and just demux it
476 * here. */
477 sock2 = ipxitf_find_socket(ipx_primary_net,
478 ipx->ipx_dest.sock);
482 * If there is nothing to do return. The kfree will cancel any charging.
484 rc = 0;
485 if (!sock1 && !sock2) {
486 if (!copy)
487 kfree_skb(skb);
488 goto out;
492 * This next segment of code is a little awkward, but it sets it up
493 * so that the appropriate number of copies of the SKB are made and
494 * that skb1 and skb2 point to it (them) so that it (they) can be
495 * demuxed to sock1 and/or sock2. If we are unable to make enough
496 * copies, we do as much as is possible.
499 if (copy)
500 skb1 = skb_clone(skb, GFP_ATOMIC);
501 else
502 skb1 = skb;
504 rc = -ENOMEM;
505 if (!skb1)
506 goto out_put;
508 /* Do we need 2 SKBs? */
509 if (sock1 && sock2)
510 skb2 = skb_clone(skb1, GFP_ATOMIC);
511 else
512 skb2 = skb1;
514 if (sock1)
515 ipxitf_def_skb_handler(sock1, skb1);
517 if (!skb2)
518 goto out_put;
520 if (sock2)
521 ipxitf_def_skb_handler(sock2, skb2);
523 rc = 0;
524 out_put:
525 if (sock1)
526 sock_put(sock1);
527 if (sock2)
528 sock_put(sock2);
529 out:
530 return rc;
532 #endif /* CONFIG_IPX_INTERN */
534 static struct sk_buff *ipxitf_adjust_skbuff(struct ipx_interface *intrfc,
535 struct sk_buff *skb)
537 struct sk_buff *skb2;
538 int in_offset = (unsigned char *)ipx_hdr(skb) - skb->head;
539 int out_offset = intrfc->if_ipx_offset;
540 int len;
542 /* Hopefully, most cases */
543 if (in_offset >= out_offset)
544 return skb;
546 /* Need new SKB */
547 len = skb->len + out_offset;
548 skb2 = alloc_skb(len, GFP_ATOMIC);
549 if (skb2) {
550 skb_reserve(skb2, out_offset);
551 skb_reset_network_header(skb2);
552 skb_reset_transport_header(skb2);
553 skb_put(skb2, skb->len);
554 memcpy(ipx_hdr(skb2), ipx_hdr(skb), skb->len);
555 memcpy(skb2->cb, skb->cb, sizeof(skb->cb));
557 kfree_skb(skb);
558 return skb2;
561 /* caller must hold a reference to intrfc and the skb has to be unshared */
562 int ipxitf_send(struct ipx_interface *intrfc, struct sk_buff *skb, char *node)
564 struct ipxhdr *ipx = ipx_hdr(skb);
565 struct net_device *dev = intrfc->if_dev;
566 struct datalink_proto *dl = intrfc->if_dlink;
567 char dest_node[IPX_NODE_LEN];
568 int send_to_wire = 1;
569 int addr_len;
571 ipx->ipx_tctrl = IPX_SKB_CB(skb)->ipx_tctrl;
572 ipx->ipx_dest.net = IPX_SKB_CB(skb)->ipx_dest_net;
573 ipx->ipx_source.net = IPX_SKB_CB(skb)->ipx_source_net;
575 /* see if we need to include the netnum in the route list */
576 if (IPX_SKB_CB(skb)->last_hop.index >= 0) {
577 __be32 *last_hop = (__be32 *)(((u8 *) skb->data) +
578 sizeof(struct ipxhdr) +
579 IPX_SKB_CB(skb)->last_hop.index *
580 sizeof(__be32));
581 *last_hop = IPX_SKB_CB(skb)->last_hop.netnum;
582 IPX_SKB_CB(skb)->last_hop.index = -1;
586 * We need to know how many skbuffs it will take to send out this
587 * packet to avoid unnecessary copies.
590 if (!dl || !dev || dev->flags & IFF_LOOPBACK)
591 send_to_wire = 0; /* No non looped */
594 * See if this should be demuxed to sockets on this interface
596 * We want to ensure the original was eaten or that we only use
597 * up clones.
600 if (ipx->ipx_dest.net == intrfc->if_netnum) {
602 * To our own node, loop and free the original.
603 * The internal net will receive on all node address.
605 if (intrfc == ipx_internal_net ||
606 !memcmp(intrfc->if_node, node, IPX_NODE_LEN)) {
607 /* Don't charge sender */
608 skb_orphan(skb);
610 /* Will charge receiver */
611 return ipxitf_demux_socket(intrfc, skb, 0);
614 /* Broadcast, loop and possibly keep to send on. */
615 if (!memcmp(ipx_broadcast_node, node, IPX_NODE_LEN)) {
616 if (!send_to_wire)
617 skb_orphan(skb);
618 ipxitf_demux_socket(intrfc, skb, send_to_wire);
619 if (!send_to_wire)
620 goto out;
625 * If the originating net is not equal to our net; this is routed
626 * We are still charging the sender. Which is right - the driver
627 * free will handle this fairly.
629 if (ipx->ipx_source.net != intrfc->if_netnum) {
631 * Unshare the buffer before modifying the count in
632 * case it's a flood or tcpdump
634 skb = skb_unshare(skb, GFP_ATOMIC);
635 if (!skb)
636 goto out;
637 if (++ipx->ipx_tctrl > ipxcfg_max_hops)
638 send_to_wire = 0;
641 if (!send_to_wire) {
642 kfree_skb(skb);
643 goto out;
646 /* Determine the appropriate hardware address */
647 addr_len = dev->addr_len;
648 if (!memcmp(ipx_broadcast_node, node, IPX_NODE_LEN))
649 memcpy(dest_node, dev->broadcast, addr_len);
650 else
651 memcpy(dest_node, &(node[IPX_NODE_LEN-addr_len]), addr_len);
653 /* Make any compensation for differing physical/data link size */
654 skb = ipxitf_adjust_skbuff(intrfc, skb);
655 if (!skb)
656 goto out;
658 /* set up data link and physical headers */
659 skb->dev = dev;
660 skb->protocol = htons(ETH_P_IPX);
662 /* Send it out */
663 dl->request(dl, skb, dest_node);
664 out:
665 return 0;
668 static int ipxitf_add_local_route(struct ipx_interface *intrfc)
670 return ipxrtr_add_route(intrfc->if_netnum, intrfc, NULL);
673 static void ipxitf_discover_netnum(struct ipx_interface *intrfc,
674 struct sk_buff *skb);
675 static int ipxitf_pprop(struct ipx_interface *intrfc, struct sk_buff *skb);
677 static int ipxitf_rcv(struct ipx_interface *intrfc, struct sk_buff *skb)
679 struct ipxhdr *ipx = ipx_hdr(skb);
680 int rc = 0;
682 ipxitf_hold(intrfc);
684 /* See if we should update our network number */
685 if (!intrfc->if_netnum) /* net number of intrfc not known yet */
686 ipxitf_discover_netnum(intrfc, skb);
688 IPX_SKB_CB(skb)->last_hop.index = -1;
689 if (ipx->ipx_type == IPX_TYPE_PPROP) {
690 rc = ipxitf_pprop(intrfc, skb);
691 if (rc)
692 goto out_free_skb;
695 /* local processing follows */
696 if (!IPX_SKB_CB(skb)->ipx_dest_net)
697 IPX_SKB_CB(skb)->ipx_dest_net = intrfc->if_netnum;
698 if (!IPX_SKB_CB(skb)->ipx_source_net)
699 IPX_SKB_CB(skb)->ipx_source_net = intrfc->if_netnum;
701 /* it doesn't make sense to route a pprop packet, there's no meaning
702 * in the ipx_dest_net for such packets */
703 if (ipx->ipx_type != IPX_TYPE_PPROP &&
704 intrfc->if_netnum != IPX_SKB_CB(skb)->ipx_dest_net) {
705 /* We only route point-to-point packets. */
706 if (skb->pkt_type == PACKET_HOST) {
707 skb = skb_unshare(skb, GFP_ATOMIC);
708 if (skb)
709 rc = ipxrtr_route_skb(skb);
710 goto out_intrfc;
713 goto out_free_skb;
716 /* see if we should keep it */
717 if (!memcmp(ipx_broadcast_node, ipx->ipx_dest.node, IPX_NODE_LEN) ||
718 !memcmp(intrfc->if_node, ipx->ipx_dest.node, IPX_NODE_LEN)) {
719 rc = ipxitf_demux_socket(intrfc, skb, 0);
720 goto out_intrfc;
723 /* we couldn't pawn it off so unload it */
724 out_free_skb:
725 kfree_skb(skb);
726 out_intrfc:
727 ipxitf_put(intrfc);
728 return rc;
731 static void ipxitf_discover_netnum(struct ipx_interface *intrfc,
732 struct sk_buff *skb)
734 const struct ipx_cb *cb = IPX_SKB_CB(skb);
736 /* see if this is an intra packet: source_net == dest_net */
737 if (cb->ipx_source_net == cb->ipx_dest_net && cb->ipx_source_net) {
738 struct ipx_interface *i =
739 ipxitf_find_using_net(cb->ipx_source_net);
740 /* NB: NetWare servers lie about their hop count so we
741 * dropped the test based on it. This is the best way
742 * to determine this is a 0 hop count packet. */
743 if (!i) {
744 intrfc->if_netnum = cb->ipx_source_net;
745 ipxitf_add_local_route(intrfc);
746 } else {
747 printk(KERN_WARNING "IPX: Network number collision "
748 "%lx\n %s %s and %s %s\n",
749 (unsigned long) ntohl(cb->ipx_source_net),
750 ipx_device_name(i),
751 ipx_frame_name(i->if_dlink_type),
752 ipx_device_name(intrfc),
753 ipx_frame_name(intrfc->if_dlink_type));
754 ipxitf_put(i);
760 * ipxitf_pprop - Process packet propagation IPX packet type 0x14, used for
761 * NetBIOS broadcasts
762 * @intrfc: IPX interface receiving this packet
763 * @skb: Received packet
765 * Checks if packet is valid: if its more than %IPX_MAX_PPROP_HOPS hops or if it
766 * is smaller than a IPX header + the room for %IPX_MAX_PPROP_HOPS hops we drop
767 * it, not even processing it locally, if it has exact %IPX_MAX_PPROP_HOPS we
768 * don't broadcast it, but process it locally. See chapter 5 of Novell's "IPX
769 * RIP and SAP Router Specification", Part Number 107-000029-001.
771 * If it is valid, check if we have pprop broadcasting enabled by the user,
772 * if not, just return zero for local processing.
774 * If it is enabled check the packet and don't broadcast it if we have already
775 * seen this packet.
777 * Broadcast: send it to the interfaces that aren't on the packet visited nets
778 * array, just after the IPX header.
780 * Returns -EINVAL for invalid packets, so that the calling function drops
781 * the packet without local processing. 0 if packet is to be locally processed.
783 static int ipxitf_pprop(struct ipx_interface *intrfc, struct sk_buff *skb)
785 struct ipxhdr *ipx = ipx_hdr(skb);
786 int i, rc = -EINVAL;
787 struct ipx_interface *ifcs;
788 char *c;
789 __be32 *l;
791 /* Illegal packet - too many hops or too short */
792 /* We decide to throw it away: no broadcasting, no local processing.
793 * NetBIOS unaware implementations route them as normal packets -
794 * tctrl <= 15, any data payload... */
795 if (IPX_SKB_CB(skb)->ipx_tctrl > IPX_MAX_PPROP_HOPS ||
796 ntohs(ipx->ipx_pktsize) < sizeof(struct ipxhdr) +
797 IPX_MAX_PPROP_HOPS * sizeof(u32))
798 goto out;
799 /* are we broadcasting this damn thing? */
800 rc = 0;
801 if (!sysctl_ipx_pprop_broadcasting)
802 goto out;
803 /* We do broadcast packet on the IPX_MAX_PPROP_HOPS hop, but we
804 * process it locally. All previous hops broadcasted it, and process it
805 * locally. */
806 if (IPX_SKB_CB(skb)->ipx_tctrl == IPX_MAX_PPROP_HOPS)
807 goto out;
809 c = ((u8 *) ipx) + sizeof(struct ipxhdr);
810 l = (__be32 *) c;
812 /* Don't broadcast packet if already seen this net */
813 for (i = 0; i < IPX_SKB_CB(skb)->ipx_tctrl; i++)
814 if (*l++ == intrfc->if_netnum)
815 goto out;
817 /* < IPX_MAX_PPROP_HOPS hops && input interface not in list. Save the
818 * position where we will insert recvd netnum into list, later on,
819 * in ipxitf_send */
820 IPX_SKB_CB(skb)->last_hop.index = i;
821 IPX_SKB_CB(skb)->last_hop.netnum = intrfc->if_netnum;
822 /* xmit on all other interfaces... */
823 spin_lock_bh(&ipx_interfaces_lock);
824 list_for_each_entry(ifcs, &ipx_interfaces, node) {
825 /* Except unconfigured interfaces */
826 if (!ifcs->if_netnum)
827 continue;
829 /* That aren't in the list */
830 if (ifcs == intrfc)
831 continue;
832 l = (__be32 *) c;
833 /* don't consider the last entry in the packet list,
834 * it is our netnum, and it is not there yet */
835 for (i = 0; i < IPX_SKB_CB(skb)->ipx_tctrl; i++)
836 if (ifcs->if_netnum == *l++)
837 break;
838 if (i == IPX_SKB_CB(skb)->ipx_tctrl) {
839 struct sk_buff *s = skb_copy(skb, GFP_ATOMIC);
841 if (s) {
842 IPX_SKB_CB(s)->ipx_dest_net = ifcs->if_netnum;
843 ipxrtr_route_skb(s);
847 spin_unlock_bh(&ipx_interfaces_lock);
848 out:
849 return rc;
852 static void ipxitf_insert(struct ipx_interface *intrfc)
854 spin_lock_bh(&ipx_interfaces_lock);
855 list_add_tail(&intrfc->node, &ipx_interfaces);
856 spin_unlock_bh(&ipx_interfaces_lock);
858 if (ipxcfg_auto_select_primary && !ipx_primary_net)
859 ipx_primary_net = intrfc;
862 static struct ipx_interface *ipxitf_alloc(struct net_device *dev, __be32 netnum,
863 __be16 dlink_type,
864 struct datalink_proto *dlink,
865 unsigned char internal,
866 int ipx_offset)
868 struct ipx_interface *intrfc = kmalloc(sizeof(*intrfc), GFP_ATOMIC);
870 if (intrfc) {
871 intrfc->if_dev = dev;
872 intrfc->if_netnum = netnum;
873 intrfc->if_dlink_type = dlink_type;
874 intrfc->if_dlink = dlink;
875 intrfc->if_internal = internal;
876 intrfc->if_ipx_offset = ipx_offset;
877 intrfc->if_sknum = IPX_MIN_EPHEMERAL_SOCKET;
878 INIT_HLIST_HEAD(&intrfc->if_sklist);
879 atomic_set(&intrfc->refcnt, 1);
880 spin_lock_init(&intrfc->if_sklist_lock);
883 return intrfc;
886 static int ipxitf_create_internal(struct ipx_interface_definition *idef)
888 struct ipx_interface *intrfc;
889 int rc = -EEXIST;
891 /* Only one primary network allowed */
892 if (ipx_primary_net)
893 goto out;
895 /* Must have a valid network number */
896 rc = -EADDRNOTAVAIL;
897 if (!idef->ipx_network)
898 goto out;
899 intrfc = ipxitf_find_using_net(idef->ipx_network);
900 rc = -EADDRINUSE;
901 if (intrfc) {
902 ipxitf_put(intrfc);
903 goto out;
905 intrfc = ipxitf_alloc(NULL, idef->ipx_network, 0, NULL, 1, 0);
906 rc = -EAGAIN;
907 if (!intrfc)
908 goto out;
909 memcpy((char *)&(intrfc->if_node), idef->ipx_node, IPX_NODE_LEN);
910 ipx_internal_net = ipx_primary_net = intrfc;
911 ipxitf_hold(intrfc);
912 ipxitf_insert(intrfc);
914 rc = ipxitf_add_local_route(intrfc);
915 ipxitf_put(intrfc);
916 out:
917 return rc;
920 static __be16 ipx_map_frame_type(unsigned char type)
922 __be16 rc = 0;
924 switch (type) {
925 case IPX_FRAME_ETHERII: rc = htons(ETH_P_IPX); break;
926 case IPX_FRAME_8022: rc = htons(ETH_P_802_2); break;
927 case IPX_FRAME_SNAP: rc = htons(ETH_P_SNAP); break;
928 case IPX_FRAME_8023: rc = htons(ETH_P_802_3); break;
931 return rc;
934 static int ipxitf_create(struct ipx_interface_definition *idef)
936 struct net_device *dev;
937 __be16 dlink_type = 0;
938 struct datalink_proto *datalink = NULL;
939 struct ipx_interface *intrfc;
940 int rc;
942 if (idef->ipx_special == IPX_INTERNAL) {
943 rc = ipxitf_create_internal(idef);
944 goto out;
947 rc = -EEXIST;
948 if (idef->ipx_special == IPX_PRIMARY && ipx_primary_net)
949 goto out;
951 intrfc = ipxitf_find_using_net(idef->ipx_network);
952 rc = -EADDRINUSE;
953 if (idef->ipx_network && intrfc) {
954 ipxitf_put(intrfc);
955 goto out;
958 if (intrfc)
959 ipxitf_put(intrfc);
961 dev = dev_get_by_name(&init_net, idef->ipx_device);
962 rc = -ENODEV;
963 if (!dev)
964 goto out;
966 switch (idef->ipx_dlink_type) {
967 case IPX_FRAME_8022:
968 dlink_type = htons(ETH_P_802_2);
969 datalink = p8022_datalink;
970 break;
971 case IPX_FRAME_ETHERII:
972 if (dev->type != ARPHRD_IEEE802) {
973 dlink_type = htons(ETH_P_IPX);
974 datalink = pEII_datalink;
975 break;
977 /* fall through */
978 case IPX_FRAME_SNAP:
979 dlink_type = htons(ETH_P_SNAP);
980 datalink = pSNAP_datalink;
981 break;
982 case IPX_FRAME_8023:
983 dlink_type = htons(ETH_P_802_3);
984 datalink = p8023_datalink;
985 break;
986 case IPX_FRAME_NONE:
987 default:
988 rc = -EPROTONOSUPPORT;
989 goto out_dev;
992 rc = -ENETDOWN;
993 if (!(dev->flags & IFF_UP))
994 goto out_dev;
996 /* Check addresses are suitable */
997 rc = -EINVAL;
998 if (dev->addr_len > IPX_NODE_LEN)
999 goto out_dev;
1001 intrfc = ipxitf_find_using_phys(dev, dlink_type);
1002 if (!intrfc) {
1003 /* Ok now create */
1004 intrfc = ipxitf_alloc(dev, idef->ipx_network, dlink_type,
1005 datalink, 0, dev->hard_header_len +
1006 datalink->header_length);
1007 rc = -EAGAIN;
1008 if (!intrfc)
1009 goto out_dev;
1010 /* Setup primary if necessary */
1011 if (idef->ipx_special == IPX_PRIMARY)
1012 ipx_primary_net = intrfc;
1013 if (!memcmp(idef->ipx_node, "\000\000\000\000\000\000",
1014 IPX_NODE_LEN)) {
1015 memset(intrfc->if_node, 0, IPX_NODE_LEN);
1016 memcpy(intrfc->if_node + IPX_NODE_LEN - dev->addr_len,
1017 dev->dev_addr, dev->addr_len);
1018 } else
1019 memcpy(intrfc->if_node, idef->ipx_node, IPX_NODE_LEN);
1020 ipxitf_hold(intrfc);
1021 ipxitf_insert(intrfc);
1025 /* If the network number is known, add a route */
1026 rc = 0;
1027 if (!intrfc->if_netnum)
1028 goto out_intrfc;
1030 rc = ipxitf_add_local_route(intrfc);
1031 out_intrfc:
1032 ipxitf_put(intrfc);
1033 goto out;
1034 out_dev:
1035 dev_put(dev);
1036 out:
1037 return rc;
1040 static int ipxitf_delete(struct ipx_interface_definition *idef)
1042 struct net_device *dev = NULL;
1043 __be16 dlink_type = 0;
1044 struct ipx_interface *intrfc;
1045 int rc = 0;
1047 spin_lock_bh(&ipx_interfaces_lock);
1048 if (idef->ipx_special == IPX_INTERNAL) {
1049 if (ipx_internal_net) {
1050 __ipxitf_put(ipx_internal_net);
1051 goto out;
1053 rc = -ENOENT;
1054 goto out;
1057 dlink_type = ipx_map_frame_type(idef->ipx_dlink_type);
1058 rc = -EPROTONOSUPPORT;
1059 if (!dlink_type)
1060 goto out;
1062 dev = __dev_get_by_name(&init_net, idef->ipx_device);
1063 rc = -ENODEV;
1064 if (!dev)
1065 goto out;
1067 intrfc = __ipxitf_find_using_phys(dev, dlink_type);
1068 rc = -EINVAL;
1069 if (!intrfc)
1070 goto out;
1071 __ipxitf_put(intrfc);
1073 rc = 0;
1074 out:
1075 spin_unlock_bh(&ipx_interfaces_lock);
1076 return rc;
1079 static struct ipx_interface *ipxitf_auto_create(struct net_device *dev,
1080 __be16 dlink_type)
1082 struct ipx_interface *intrfc = NULL;
1083 struct datalink_proto *datalink;
1085 if (!dev)
1086 goto out;
1088 /* Check addresses are suitable */
1089 if (dev->addr_len > IPX_NODE_LEN)
1090 goto out;
1092 switch (ntohs(dlink_type)) {
1093 case ETH_P_IPX: datalink = pEII_datalink; break;
1094 case ETH_P_802_2: datalink = p8022_datalink; break;
1095 case ETH_P_SNAP: datalink = pSNAP_datalink; break;
1096 case ETH_P_802_3: datalink = p8023_datalink; break;
1097 default: goto out;
1100 intrfc = ipxitf_alloc(dev, 0, dlink_type, datalink, 0,
1101 dev->hard_header_len + datalink->header_length);
1103 if (intrfc) {
1104 memset(intrfc->if_node, 0, IPX_NODE_LEN);
1105 memcpy((char *)&(intrfc->if_node[IPX_NODE_LEN-dev->addr_len]),
1106 dev->dev_addr, dev->addr_len);
1107 spin_lock_init(&intrfc->if_sklist_lock);
1108 atomic_set(&intrfc->refcnt, 1);
1109 ipxitf_insert(intrfc);
1110 dev_hold(dev);
1113 out:
1114 return intrfc;
1117 static int ipxitf_ioctl(unsigned int cmd, void __user *arg)
1119 int rc = -EINVAL;
1120 struct ifreq ifr;
1121 int val;
1123 switch (cmd) {
1124 case SIOCSIFADDR: {
1125 struct sockaddr_ipx *sipx;
1126 struct ipx_interface_definition f;
1128 rc = -EFAULT;
1129 if (copy_from_user(&ifr, arg, sizeof(ifr)))
1130 break;
1131 sipx = (struct sockaddr_ipx *)&ifr.ifr_addr;
1132 rc = -EINVAL;
1133 if (sipx->sipx_family != AF_IPX)
1134 break;
1135 f.ipx_network = sipx->sipx_network;
1136 memcpy(f.ipx_device, ifr.ifr_name,
1137 sizeof(f.ipx_device));
1138 memcpy(f.ipx_node, sipx->sipx_node, IPX_NODE_LEN);
1139 f.ipx_dlink_type = sipx->sipx_type;
1140 f.ipx_special = sipx->sipx_special;
1142 if (sipx->sipx_action == IPX_DLTITF)
1143 rc = ipxitf_delete(&f);
1144 else
1145 rc = ipxitf_create(&f);
1146 break;
1148 case SIOCGIFADDR: {
1149 struct sockaddr_ipx *sipx;
1150 struct ipx_interface *ipxif;
1151 struct net_device *dev;
1153 rc = -EFAULT;
1154 if (copy_from_user(&ifr, arg, sizeof(ifr)))
1155 break;
1156 sipx = (struct sockaddr_ipx *)&ifr.ifr_addr;
1157 dev = __dev_get_by_name(&init_net, ifr.ifr_name);
1158 rc = -ENODEV;
1159 if (!dev)
1160 break;
1161 ipxif = ipxitf_find_using_phys(dev,
1162 ipx_map_frame_type(sipx->sipx_type));
1163 rc = -EADDRNOTAVAIL;
1164 if (!ipxif)
1165 break;
1167 sipx->sipx_family = AF_IPX;
1168 sipx->sipx_network = ipxif->if_netnum;
1169 memcpy(sipx->sipx_node, ipxif->if_node,
1170 sizeof(sipx->sipx_node));
1171 rc = 0;
1172 if (copy_to_user(arg, &ifr, sizeof(ifr)))
1173 rc = -EFAULT;
1174 ipxitf_put(ipxif);
1175 break;
1177 case SIOCAIPXITFCRT:
1178 rc = -EFAULT;
1179 if (get_user(val, (unsigned char __user *) arg))
1180 break;
1181 rc = 0;
1182 ipxcfg_auto_create_interfaces = val;
1183 break;
1184 case SIOCAIPXPRISLT:
1185 rc = -EFAULT;
1186 if (get_user(val, (unsigned char __user *) arg))
1187 break;
1188 rc = 0;
1189 ipxcfg_set_auto_select(val);
1190 break;
1193 return rc;
1197 * Checksum routine for IPX
1200 /* Note: We assume ipx_tctrl==0 and htons(length)==ipx_pktsize */
1201 /* This functions should *not* mess with packet contents */
1203 __be16 ipx_cksum(struct ipxhdr *packet, int length)
1206 * NOTE: sum is a net byte order quantity, which optimizes the
1207 * loop. This only works on big and little endian machines. (I
1208 * don't know of a machine that isn't.)
1210 /* handle the first 3 words separately; checksum should be skipped
1211 * and ipx_tctrl masked out */
1212 __u16 *p = (__u16 *)packet;
1213 __u32 sum = p[1] + (p[2] & (__force u16)htons(0x00ff));
1214 __u32 i = (length >> 1) - 3; /* Number of remaining complete words */
1216 /* Loop through them */
1217 p += 3;
1218 while (i--)
1219 sum += *p++;
1221 /* Add on the last part word if it exists */
1222 if (packet->ipx_pktsize & htons(1))
1223 sum += (__force u16)htons(0xff00) & *p;
1225 /* Do final fixup */
1226 sum = (sum & 0xffff) + (sum >> 16);
1228 /* It's a pity there's no concept of carry in C */
1229 if (sum >= 0x10000)
1230 sum++;
1233 * Leave 0 alone; we don't want 0xffff here. Note that we can't get
1234 * here with 0x10000, so this check is the same as ((__u16)sum)
1236 if (sum)
1237 sum = ~sum;
1239 return (__force __be16)sum;
1242 const char *ipx_frame_name(__be16 frame)
1244 char* rc = "None";
1246 switch (ntohs(frame)) {
1247 case ETH_P_IPX: rc = "EtherII"; break;
1248 case ETH_P_802_2: rc = "802.2"; break;
1249 case ETH_P_SNAP: rc = "SNAP"; break;
1250 case ETH_P_802_3: rc = "802.3"; break;
1253 return rc;
1256 const char *ipx_device_name(struct ipx_interface *intrfc)
1258 return intrfc->if_internal ? "Internal" :
1259 intrfc->if_dev ? intrfc->if_dev->name : "Unknown";
1262 /* Handling for system calls applied via the various interfaces to an IPX
1263 * socket object. */
1265 static int ipx_setsockopt(struct socket *sock, int level, int optname,
1266 char __user *optval, unsigned int optlen)
1268 struct sock *sk = sock->sk;
1269 int opt;
1270 int rc = -EINVAL;
1272 lock_sock(sk);
1273 if (optlen != sizeof(int))
1274 goto out;
1276 rc = -EFAULT;
1277 if (get_user(opt, (unsigned int __user *)optval))
1278 goto out;
1280 rc = -ENOPROTOOPT;
1281 if (!(level == SOL_IPX && optname == IPX_TYPE))
1282 goto out;
1284 ipx_sk(sk)->type = opt;
1285 rc = 0;
1286 out:
1287 release_sock(sk);
1288 return rc;
1291 static int ipx_getsockopt(struct socket *sock, int level, int optname,
1292 char __user *optval, int __user *optlen)
1294 struct sock *sk = sock->sk;
1295 int val = 0;
1296 int len;
1297 int rc = -ENOPROTOOPT;
1299 lock_sock(sk);
1300 if (!(level == SOL_IPX && optname == IPX_TYPE))
1301 goto out;
1303 val = ipx_sk(sk)->type;
1305 rc = -EFAULT;
1306 if (get_user(len, optlen))
1307 goto out;
1309 len = min_t(unsigned int, len, sizeof(int));
1310 rc = -EINVAL;
1311 if(len < 0)
1312 goto out;
1314 rc = -EFAULT;
1315 if (put_user(len, optlen) || copy_to_user(optval, &val, len))
1316 goto out;
1318 rc = 0;
1319 out:
1320 release_sock(sk);
1321 return rc;
1324 static struct proto ipx_proto = {
1325 .name = "IPX",
1326 .owner = THIS_MODULE,
1327 .obj_size = sizeof(struct ipx_sock),
1330 static int ipx_create(struct net *net, struct socket *sock, int protocol,
1331 int kern)
1333 int rc = -ESOCKTNOSUPPORT;
1334 struct sock *sk;
1336 if (!net_eq(net, &init_net))
1337 return -EAFNOSUPPORT;
1340 * SPX support is not anymore in the kernel sources. If you want to
1341 * ressurrect it, completing it and making it understand shared skbs,
1342 * be fully multithreaded, etc, grab the sources in an early 2.5 kernel
1343 * tree.
1345 if (sock->type != SOCK_DGRAM)
1346 goto out;
1348 rc = -ENOMEM;
1349 sk = sk_alloc(net, PF_IPX, GFP_KERNEL, &ipx_proto, kern);
1350 if (!sk)
1351 goto out;
1353 sk_refcnt_debug_inc(sk);
1354 sock_init_data(sock, sk);
1355 sk->sk_no_check_tx = 1; /* Checksum off by default */
1356 sock->ops = &ipx_dgram_ops;
1357 rc = 0;
1358 out:
1359 return rc;
1362 static int ipx_release(struct socket *sock)
1364 struct sock *sk = sock->sk;
1366 if (!sk)
1367 goto out;
1369 lock_sock(sk);
1370 sk->sk_shutdown = SHUTDOWN_MASK;
1371 if (!sock_flag(sk, SOCK_DEAD))
1372 sk->sk_state_change(sk);
1374 sock_set_flag(sk, SOCK_DEAD);
1375 sock->sk = NULL;
1376 sk_refcnt_debug_release(sk);
1377 ipx_destroy_socket(sk);
1378 release_sock(sk);
1379 sock_put(sk);
1380 out:
1381 return 0;
1384 /* caller must hold a reference to intrfc */
1386 static __be16 ipx_first_free_socketnum(struct ipx_interface *intrfc)
1388 unsigned short socketNum = intrfc->if_sknum;
1390 spin_lock_bh(&intrfc->if_sklist_lock);
1392 if (socketNum < IPX_MIN_EPHEMERAL_SOCKET)
1393 socketNum = IPX_MIN_EPHEMERAL_SOCKET;
1395 while (__ipxitf_find_socket(intrfc, htons(socketNum)))
1396 if (socketNum > IPX_MAX_EPHEMERAL_SOCKET)
1397 socketNum = IPX_MIN_EPHEMERAL_SOCKET;
1398 else
1399 socketNum++;
1401 spin_unlock_bh(&intrfc->if_sklist_lock);
1402 intrfc->if_sknum = socketNum;
1404 return htons(socketNum);
1407 static int __ipx_bind(struct socket *sock,
1408 struct sockaddr *uaddr, int addr_len)
1410 struct sock *sk = sock->sk;
1411 struct ipx_sock *ipxs = ipx_sk(sk);
1412 struct ipx_interface *intrfc;
1413 struct sockaddr_ipx *addr = (struct sockaddr_ipx *)uaddr;
1414 int rc = -EINVAL;
1416 if (!sock_flag(sk, SOCK_ZAPPED) || addr_len != sizeof(struct sockaddr_ipx))
1417 goto out;
1419 intrfc = ipxitf_find_using_net(addr->sipx_network);
1420 rc = -EADDRNOTAVAIL;
1421 if (!intrfc)
1422 goto out;
1424 if (!addr->sipx_port) {
1425 addr->sipx_port = ipx_first_free_socketnum(intrfc);
1426 rc = -EINVAL;
1427 if (!addr->sipx_port)
1428 goto out_put;
1431 /* protect IPX system stuff like routing/sap */
1432 rc = -EACCES;
1433 if (ntohs(addr->sipx_port) < IPX_MIN_EPHEMERAL_SOCKET &&
1434 !capable(CAP_NET_ADMIN))
1435 goto out_put;
1437 ipxs->port = addr->sipx_port;
1439 #ifdef CONFIG_IPX_INTERN
1440 if (intrfc == ipx_internal_net) {
1441 /* The source address is to be set explicitly if the
1442 * socket is to be bound on the internal network. If a
1443 * node number 0 was specified, the default is used.
1446 rc = -EINVAL;
1447 if (!memcmp(addr->sipx_node, ipx_broadcast_node, IPX_NODE_LEN))
1448 goto out_put;
1449 if (!memcmp(addr->sipx_node, ipx_this_node, IPX_NODE_LEN))
1450 memcpy(ipxs->node, intrfc->if_node, IPX_NODE_LEN);
1451 else
1452 memcpy(ipxs->node, addr->sipx_node, IPX_NODE_LEN);
1454 rc = -EADDRINUSE;
1455 if (ipxitf_find_internal_socket(intrfc, ipxs->node,
1456 ipxs->port)) {
1457 SOCK_DEBUG(sk,
1458 "IPX: bind failed because port %X in use.\n",
1459 ntohs(addr->sipx_port));
1460 goto out_put;
1462 } else {
1463 /* Source addresses are easy. It must be our
1464 * network:node pair for an interface routed to IPX
1465 * with the ipx routing ioctl()
1468 memcpy(ipxs->node, intrfc->if_node, IPX_NODE_LEN);
1470 rc = -EADDRINUSE;
1471 if (ipxitf_find_socket(intrfc, addr->sipx_port)) {
1472 SOCK_DEBUG(sk,
1473 "IPX: bind failed because port %X in use.\n",
1474 ntohs(addr->sipx_port));
1475 goto out_put;
1479 #else /* !def CONFIG_IPX_INTERN */
1481 /* Source addresses are easy. It must be our network:node pair for
1482 an interface routed to IPX with the ipx routing ioctl() */
1484 rc = -EADDRINUSE;
1485 if (ipxitf_find_socket(intrfc, addr->sipx_port)) {
1486 SOCK_DEBUG(sk, "IPX: bind failed because port %X in use.\n",
1487 ntohs((int)addr->sipx_port));
1488 goto out_put;
1491 #endif /* CONFIG_IPX_INTERN */
1493 ipxitf_insert_socket(intrfc, sk);
1494 sock_reset_flag(sk, SOCK_ZAPPED);
1496 rc = 0;
1497 out_put:
1498 ipxitf_put(intrfc);
1499 out:
1500 return rc;
1503 static int ipx_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1505 struct sock *sk = sock->sk;
1506 int rc;
1508 lock_sock(sk);
1509 rc = __ipx_bind(sock, uaddr, addr_len);
1510 release_sock(sk);
1512 return rc;
1515 static int ipx_connect(struct socket *sock, struct sockaddr *uaddr,
1516 int addr_len, int flags)
1518 struct sock *sk = sock->sk;
1519 struct ipx_sock *ipxs = ipx_sk(sk);
1520 struct sockaddr_ipx *addr;
1521 int rc = -EINVAL;
1522 struct ipx_route *rt;
1524 sk->sk_state = TCP_CLOSE;
1525 sock->state = SS_UNCONNECTED;
1527 lock_sock(sk);
1528 if (addr_len != sizeof(*addr))
1529 goto out;
1530 addr = (struct sockaddr_ipx *)uaddr;
1532 /* put the autobinding in */
1533 if (!ipxs->port) {
1534 struct sockaddr_ipx uaddr;
1536 uaddr.sipx_port = 0;
1537 uaddr.sipx_network = 0;
1539 #ifdef CONFIG_IPX_INTERN
1540 rc = -ENETDOWN;
1541 if (!ipxs->intrfc)
1542 goto out; /* Someone zonked the iface */
1543 memcpy(uaddr.sipx_node, ipxs->intrfc->if_node,
1544 IPX_NODE_LEN);
1545 #endif /* CONFIG_IPX_INTERN */
1547 rc = __ipx_bind(sock, (struct sockaddr *)&uaddr,
1548 sizeof(struct sockaddr_ipx));
1549 if (rc)
1550 goto out;
1553 /* We can either connect to primary network or somewhere
1554 * we can route to */
1555 rt = ipxrtr_lookup(addr->sipx_network);
1556 rc = -ENETUNREACH;
1557 if (!rt && !(!addr->sipx_network && ipx_primary_net))
1558 goto out;
1560 ipxs->dest_addr.net = addr->sipx_network;
1561 ipxs->dest_addr.sock = addr->sipx_port;
1562 memcpy(ipxs->dest_addr.node, addr->sipx_node, IPX_NODE_LEN);
1563 ipxs->type = addr->sipx_type;
1565 if (sock->type == SOCK_DGRAM) {
1566 sock->state = SS_CONNECTED;
1567 sk->sk_state = TCP_ESTABLISHED;
1570 if (rt)
1571 ipxrtr_put(rt);
1572 rc = 0;
1573 out:
1574 release_sock(sk);
1575 return rc;
1579 static int ipx_getname(struct socket *sock, struct sockaddr *uaddr,
1580 int *uaddr_len, int peer)
1582 struct ipx_address *addr;
1583 struct sockaddr_ipx sipx;
1584 struct sock *sk = sock->sk;
1585 struct ipx_sock *ipxs = ipx_sk(sk);
1586 int rc;
1588 *uaddr_len = sizeof(struct sockaddr_ipx);
1590 lock_sock(sk);
1591 if (peer) {
1592 rc = -ENOTCONN;
1593 if (sk->sk_state != TCP_ESTABLISHED)
1594 goto out;
1596 addr = &ipxs->dest_addr;
1597 sipx.sipx_network = addr->net;
1598 sipx.sipx_port = addr->sock;
1599 memcpy(sipx.sipx_node, addr->node, IPX_NODE_LEN);
1600 } else {
1601 if (ipxs->intrfc) {
1602 sipx.sipx_network = ipxs->intrfc->if_netnum;
1603 #ifdef CONFIG_IPX_INTERN
1604 memcpy(sipx.sipx_node, ipxs->node, IPX_NODE_LEN);
1605 #else
1606 memcpy(sipx.sipx_node, ipxs->intrfc->if_node,
1607 IPX_NODE_LEN);
1608 #endif /* CONFIG_IPX_INTERN */
1610 } else {
1611 sipx.sipx_network = 0;
1612 memset(sipx.sipx_node, '\0', IPX_NODE_LEN);
1615 sipx.sipx_port = ipxs->port;
1618 sipx.sipx_family = AF_IPX;
1619 sipx.sipx_type = ipxs->type;
1620 sipx.sipx_zero = 0;
1621 memcpy(uaddr, &sipx, sizeof(sipx));
1623 rc = 0;
1624 out:
1625 release_sock(sk);
1626 return rc;
1629 static int ipx_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev)
1631 /* NULL here for pt means the packet was looped back */
1632 struct ipx_interface *intrfc;
1633 struct ipxhdr *ipx;
1634 u16 ipx_pktsize;
1635 int rc = 0;
1637 if (!net_eq(dev_net(dev), &init_net))
1638 goto drop;
1640 /* Not ours */
1641 if (skb->pkt_type == PACKET_OTHERHOST)
1642 goto drop;
1644 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)
1645 goto out;
1647 if (!pskb_may_pull(skb, sizeof(struct ipxhdr)))
1648 goto drop;
1650 ipx_pktsize = ntohs(ipx_hdr(skb)->ipx_pktsize);
1652 /* Too small or invalid header? */
1653 if (ipx_pktsize < sizeof(struct ipxhdr) ||
1654 !pskb_may_pull(skb, ipx_pktsize))
1655 goto drop;
1657 ipx = ipx_hdr(skb);
1658 if (ipx->ipx_checksum != IPX_NO_CHECKSUM &&
1659 ipx->ipx_checksum != ipx_cksum(ipx, ipx_pktsize))
1660 goto drop;
1662 IPX_SKB_CB(skb)->ipx_tctrl = ipx->ipx_tctrl;
1663 IPX_SKB_CB(skb)->ipx_dest_net = ipx->ipx_dest.net;
1664 IPX_SKB_CB(skb)->ipx_source_net = ipx->ipx_source.net;
1666 /* Determine what local ipx endpoint this is */
1667 intrfc = ipxitf_find_using_phys(dev, pt->type);
1668 if (!intrfc) {
1669 if (ipxcfg_auto_create_interfaces &&
1670 IPX_SKB_CB(skb)->ipx_dest_net) {
1671 intrfc = ipxitf_auto_create(dev, pt->type);
1672 if (intrfc)
1673 ipxitf_hold(intrfc);
1676 if (!intrfc) /* Not one of ours */
1677 /* or invalid packet for auto creation */
1678 goto drop;
1681 rc = ipxitf_rcv(intrfc, skb);
1682 ipxitf_put(intrfc);
1683 goto out;
1684 drop:
1685 kfree_skb(skb);
1686 out:
1687 return rc;
1690 static int ipx_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1692 struct sock *sk = sock->sk;
1693 struct ipx_sock *ipxs = ipx_sk(sk);
1694 DECLARE_SOCKADDR(struct sockaddr_ipx *, usipx, msg->msg_name);
1695 struct sockaddr_ipx local_sipx;
1696 int rc = -EINVAL;
1697 int flags = msg->msg_flags;
1699 lock_sock(sk);
1700 /* Socket gets bound below anyway */
1701 /* if (sk->sk_zapped)
1702 return -EIO; */ /* Socket not bound */
1703 if (flags & ~(MSG_DONTWAIT|MSG_CMSG_COMPAT))
1704 goto out;
1706 /* Max possible packet size limited by 16 bit pktsize in header */
1707 if (len >= 65535 - sizeof(struct ipxhdr))
1708 goto out;
1710 if (usipx) {
1711 if (!ipxs->port) {
1712 struct sockaddr_ipx uaddr;
1714 uaddr.sipx_port = 0;
1715 uaddr.sipx_network = 0;
1716 #ifdef CONFIG_IPX_INTERN
1717 rc = -ENETDOWN;
1718 if (!ipxs->intrfc)
1719 goto out; /* Someone zonked the iface */
1720 memcpy(uaddr.sipx_node, ipxs->intrfc->if_node,
1721 IPX_NODE_LEN);
1722 #endif
1723 rc = __ipx_bind(sock, (struct sockaddr *)&uaddr,
1724 sizeof(struct sockaddr_ipx));
1725 if (rc)
1726 goto out;
1729 rc = -EINVAL;
1730 if (msg->msg_namelen < sizeof(*usipx) ||
1731 usipx->sipx_family != AF_IPX)
1732 goto out;
1733 } else {
1734 rc = -ENOTCONN;
1735 if (sk->sk_state != TCP_ESTABLISHED)
1736 goto out;
1738 usipx = &local_sipx;
1739 usipx->sipx_family = AF_IPX;
1740 usipx->sipx_type = ipxs->type;
1741 usipx->sipx_port = ipxs->dest_addr.sock;
1742 usipx->sipx_network = ipxs->dest_addr.net;
1743 memcpy(usipx->sipx_node, ipxs->dest_addr.node, IPX_NODE_LEN);
1746 rc = ipxrtr_route_packet(sk, usipx, msg, len, flags & MSG_DONTWAIT);
1747 if (rc >= 0)
1748 rc = len;
1749 out:
1750 release_sock(sk);
1751 return rc;
1755 static int ipx_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1756 int flags)
1758 struct sock *sk = sock->sk;
1759 struct ipx_sock *ipxs = ipx_sk(sk);
1760 DECLARE_SOCKADDR(struct sockaddr_ipx *, sipx, msg->msg_name);
1761 struct ipxhdr *ipx = NULL;
1762 struct sk_buff *skb;
1763 int copied, rc;
1764 bool locked = true;
1766 lock_sock(sk);
1767 /* put the autobinding in */
1768 if (!ipxs->port) {
1769 struct sockaddr_ipx uaddr;
1771 uaddr.sipx_port = 0;
1772 uaddr.sipx_network = 0;
1774 #ifdef CONFIG_IPX_INTERN
1775 rc = -ENETDOWN;
1776 if (!ipxs->intrfc)
1777 goto out; /* Someone zonked the iface */
1778 memcpy(uaddr.sipx_node, ipxs->intrfc->if_node, IPX_NODE_LEN);
1779 #endif /* CONFIG_IPX_INTERN */
1781 rc = __ipx_bind(sock, (struct sockaddr *)&uaddr,
1782 sizeof(struct sockaddr_ipx));
1783 if (rc)
1784 goto out;
1787 rc = -ENOTCONN;
1788 if (sock_flag(sk, SOCK_ZAPPED))
1789 goto out;
1791 release_sock(sk);
1792 locked = false;
1793 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1794 flags & MSG_DONTWAIT, &rc);
1795 if (!skb) {
1796 if (rc == -EAGAIN && (sk->sk_shutdown & RCV_SHUTDOWN))
1797 rc = 0;
1798 goto out;
1801 ipx = ipx_hdr(skb);
1802 copied = ntohs(ipx->ipx_pktsize) - sizeof(struct ipxhdr);
1803 if (copied > size) {
1804 copied = size;
1805 msg->msg_flags |= MSG_TRUNC;
1808 rc = skb_copy_datagram_msg(skb, sizeof(struct ipxhdr), msg, copied);
1809 if (rc)
1810 goto out_free;
1811 if (skb->tstamp.tv64)
1812 sk->sk_stamp = skb->tstamp;
1814 if (sipx) {
1815 sipx->sipx_family = AF_IPX;
1816 sipx->sipx_port = ipx->ipx_source.sock;
1817 memcpy(sipx->sipx_node, ipx->ipx_source.node, IPX_NODE_LEN);
1818 sipx->sipx_network = IPX_SKB_CB(skb)->ipx_source_net;
1819 sipx->sipx_type = ipx->ipx_type;
1820 sipx->sipx_zero = 0;
1821 msg->msg_namelen = sizeof(*sipx);
1823 rc = copied;
1825 out_free:
1826 skb_free_datagram(sk, skb);
1827 out:
1828 if (locked)
1829 release_sock(sk);
1830 return rc;
1834 static int ipx_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1836 int rc = 0;
1837 long amount = 0;
1838 struct sock *sk = sock->sk;
1839 void __user *argp = (void __user *)arg;
1841 lock_sock(sk);
1842 switch (cmd) {
1843 case TIOCOUTQ:
1844 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1845 if (amount < 0)
1846 amount = 0;
1847 rc = put_user(amount, (int __user *)argp);
1848 break;
1849 case TIOCINQ: {
1850 struct sk_buff *skb = skb_peek(&sk->sk_receive_queue);
1851 /* These two are safe on a single CPU system as only
1852 * user tasks fiddle here */
1853 if (skb)
1854 amount = skb->len - sizeof(struct ipxhdr);
1855 rc = put_user(amount, (int __user *)argp);
1856 break;
1858 case SIOCADDRT:
1859 case SIOCDELRT:
1860 rc = -EPERM;
1861 if (capable(CAP_NET_ADMIN))
1862 rc = ipxrtr_ioctl(cmd, argp);
1863 break;
1864 case SIOCSIFADDR:
1865 case SIOCAIPXITFCRT:
1866 case SIOCAIPXPRISLT:
1867 rc = -EPERM;
1868 if (!capable(CAP_NET_ADMIN))
1869 break;
1870 case SIOCGIFADDR:
1871 rc = ipxitf_ioctl(cmd, argp);
1872 break;
1873 case SIOCIPXCFGDATA:
1874 rc = ipxcfg_get_config_data(argp);
1875 break;
1876 case SIOCIPXNCPCONN:
1878 * This socket wants to take care of the NCP connection
1879 * handed to us in arg.
1881 rc = -EPERM;
1882 if (!capable(CAP_NET_ADMIN))
1883 break;
1884 rc = get_user(ipx_sk(sk)->ipx_ncp_conn,
1885 (const unsigned short __user *)argp);
1886 break;
1887 case SIOCGSTAMP:
1888 rc = sock_get_timestamp(sk, argp);
1889 break;
1890 case SIOCGIFDSTADDR:
1891 case SIOCSIFDSTADDR:
1892 case SIOCGIFBRDADDR:
1893 case SIOCSIFBRDADDR:
1894 case SIOCGIFNETMASK:
1895 case SIOCSIFNETMASK:
1896 rc = -EINVAL;
1897 break;
1898 default:
1899 rc = -ENOIOCTLCMD;
1900 break;
1902 release_sock(sk);
1904 return rc;
1908 #ifdef CONFIG_COMPAT
1909 static int ipx_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1912 * These 4 commands use same structure on 32bit and 64bit. Rest of IPX
1913 * commands is handled by generic ioctl code. As these commands are
1914 * SIOCPROTOPRIVATE..SIOCPROTOPRIVATE+3, they cannot be handled by generic
1915 * code.
1917 switch (cmd) {
1918 case SIOCAIPXITFCRT:
1919 case SIOCAIPXPRISLT:
1920 case SIOCIPXCFGDATA:
1921 case SIOCIPXNCPCONN:
1922 return ipx_ioctl(sock, cmd, arg);
1923 default:
1924 return -ENOIOCTLCMD;
1927 #endif
1929 static int ipx_shutdown(struct socket *sock, int mode)
1931 struct sock *sk = sock->sk;
1933 if (mode < SHUT_RD || mode > SHUT_RDWR)
1934 return -EINVAL;
1935 /* This maps:
1936 * SHUT_RD (0) -> RCV_SHUTDOWN (1)
1937 * SHUT_WR (1) -> SEND_SHUTDOWN (2)
1938 * SHUT_RDWR (2) -> SHUTDOWN_MASK (3)
1940 ++mode;
1942 lock_sock(sk);
1943 sk->sk_shutdown |= mode;
1944 release_sock(sk);
1945 sk->sk_state_change(sk);
1947 return 0;
1951 * Socket family declarations
1954 static const struct net_proto_family ipx_family_ops = {
1955 .family = PF_IPX,
1956 .create = ipx_create,
1957 .owner = THIS_MODULE,
1960 static const struct proto_ops ipx_dgram_ops = {
1961 .family = PF_IPX,
1962 .owner = THIS_MODULE,
1963 .release = ipx_release,
1964 .bind = ipx_bind,
1965 .connect = ipx_connect,
1966 .socketpair = sock_no_socketpair,
1967 .accept = sock_no_accept,
1968 .getname = ipx_getname,
1969 .poll = datagram_poll,
1970 .ioctl = ipx_ioctl,
1971 #ifdef CONFIG_COMPAT
1972 .compat_ioctl = ipx_compat_ioctl,
1973 #endif
1974 .listen = sock_no_listen,
1975 .shutdown = ipx_shutdown,
1976 .setsockopt = ipx_setsockopt,
1977 .getsockopt = ipx_getsockopt,
1978 .sendmsg = ipx_sendmsg,
1979 .recvmsg = ipx_recvmsg,
1980 .mmap = sock_no_mmap,
1981 .sendpage = sock_no_sendpage,
1984 static struct packet_type ipx_8023_packet_type __read_mostly = {
1985 .type = cpu_to_be16(ETH_P_802_3),
1986 .func = ipx_rcv,
1989 static struct packet_type ipx_dix_packet_type __read_mostly = {
1990 .type = cpu_to_be16(ETH_P_IPX),
1991 .func = ipx_rcv,
1994 static struct notifier_block ipx_dev_notifier = {
1995 .notifier_call = ipxitf_device_event,
1998 static const unsigned char ipx_8022_type = 0xE0;
1999 static const unsigned char ipx_snap_id[5] = { 0x0, 0x0, 0x0, 0x81, 0x37 };
2000 static const char ipx_EII_err_msg[] __initconst =
2001 KERN_CRIT "IPX: Unable to register with Ethernet II\n";
2002 static const char ipx_8023_err_msg[] __initconst =
2003 KERN_CRIT "IPX: Unable to register with 802.3\n";
2004 static const char ipx_llc_err_msg[] __initconst =
2005 KERN_CRIT "IPX: Unable to register with 802.2\n";
2006 static const char ipx_snap_err_msg[] __initconst =
2007 KERN_CRIT "IPX: Unable to register with SNAP\n";
2009 static int __init ipx_init(void)
2011 int rc = proto_register(&ipx_proto, 1);
2013 if (rc != 0)
2014 goto out;
2016 sock_register(&ipx_family_ops);
2018 pEII_datalink = make_EII_client();
2019 if (pEII_datalink)
2020 dev_add_pack(&ipx_dix_packet_type);
2021 else
2022 printk(ipx_EII_err_msg);
2024 p8023_datalink = make_8023_client();
2025 if (p8023_datalink)
2026 dev_add_pack(&ipx_8023_packet_type);
2027 else
2028 printk(ipx_8023_err_msg);
2030 p8022_datalink = register_8022_client(ipx_8022_type, ipx_rcv);
2031 if (!p8022_datalink)
2032 printk(ipx_llc_err_msg);
2034 pSNAP_datalink = register_snap_client(ipx_snap_id, ipx_rcv);
2035 if (!pSNAP_datalink)
2036 printk(ipx_snap_err_msg);
2038 register_netdevice_notifier(&ipx_dev_notifier);
2039 ipx_register_sysctl();
2040 ipx_proc_init();
2041 out:
2042 return rc;
2045 static void __exit ipx_proto_finito(void)
2047 ipx_proc_exit();
2048 ipx_unregister_sysctl();
2050 unregister_netdevice_notifier(&ipx_dev_notifier);
2052 ipxitf_cleanup();
2054 if (pSNAP_datalink) {
2055 unregister_snap_client(pSNAP_datalink);
2056 pSNAP_datalink = NULL;
2059 if (p8022_datalink) {
2060 unregister_8022_client(p8022_datalink);
2061 p8022_datalink = NULL;
2064 dev_remove_pack(&ipx_8023_packet_type);
2065 if (p8023_datalink) {
2066 destroy_8023_client(p8023_datalink);
2067 p8023_datalink = NULL;
2070 dev_remove_pack(&ipx_dix_packet_type);
2071 if (pEII_datalink) {
2072 destroy_EII_client(pEII_datalink);
2073 pEII_datalink = NULL;
2076 proto_unregister(&ipx_proto);
2077 sock_unregister(ipx_family_ops.family);
2080 module_init(ipx_init);
2081 module_exit(ipx_proto_finito);
2082 MODULE_LICENSE("GPL");
2083 MODULE_ALIAS_NETPROTO(PF_IPX);