Avoid reading past buffer when calling GETACL
[zen-stable.git] / net / irda / irlan / irlan_provider.c
blob8b61cf0d8a69817cc70c5dfdb71c921efb9f3a90
1 /*********************************************************************
3 * Filename: irlan_provider.c
4 * Version: 0.9
5 * Description: IrDA LAN Access Protocol Implementation
6 * Status: Experimental.
7 * Author: Dag Brattli <dagb@cs.uit.no>
8 * Created at: Sun Aug 31 20:14:37 1997
9 * Modified at: Sat Oct 30 12:52:10 1999
10 * Modified by: Dag Brattli <dagb@cs.uit.no>
11 * Sources: skeleton.c by Donald Becker <becker@CESDIS.gsfc.nasa.gov>
12 * slip.c by Laurence Culhane, <loz@holmes.demon.co.uk>
13 * Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
15 * Copyright (c) 1998-1999 Dag Brattli <dagb@cs.uit.no>,
16 * All Rights Reserved.
18 * This program is free software; you can redistribute it and/or
19 * modify it under the terms of the GNU General Public License as
20 * published by the Free Software Foundation; either version 2 of
21 * the License, or (at your option) any later version.
23 * Neither Dag Brattli nor University of Tromsø admit liability nor
24 * provide warranty for any of this software. This material is
25 * provided "AS-IS" and at no charge.
27 ********************************************************************/
29 #include <linux/kernel.h>
30 #include <linux/string.h>
31 #include <linux/errno.h>
32 #include <linux/netdevice.h>
33 #include <linux/etherdevice.h>
34 #include <linux/init.h>
35 #include <linux/random.h>
36 #include <linux/bitops.h>
37 #include <linux/slab.h>
39 #include <asm/system.h>
40 #include <asm/byteorder.h>
42 #include <net/irda/irda.h>
43 #include <net/irda/irttp.h>
44 #include <net/irda/irlmp.h>
45 #include <net/irda/irias_object.h>
46 #include <net/irda/iriap.h>
47 #include <net/irda/timer.h>
49 #include <net/irda/irlan_common.h>
50 #include <net/irda/irlan_eth.h>
51 #include <net/irda/irlan_event.h>
52 #include <net/irda/irlan_provider.h>
53 #include <net/irda/irlan_filter.h>
54 #include <net/irda/irlan_client.h>
56 static void irlan_provider_connect_indication(void *instance, void *sap,
57 struct qos_info *qos,
58 __u32 max_sdu_size,
59 __u8 max_header_size,
60 struct sk_buff *skb);
63 * Function irlan_provider_control_data_indication (handle, skb)
65 * This function gets the data that is received on the control channel
68 static int irlan_provider_data_indication(void *instance, void *sap,
69 struct sk_buff *skb)
71 struct irlan_cb *self;
72 __u8 code;
74 IRDA_DEBUG(4, "%s()\n", __func__ );
76 self = instance;
78 IRDA_ASSERT(self != NULL, return -1;);
79 IRDA_ASSERT(self->magic == IRLAN_MAGIC, return -1;);
81 IRDA_ASSERT(skb != NULL, return -1;);
83 code = skb->data[0];
84 switch(code) {
85 case CMD_GET_PROVIDER_INFO:
86 IRDA_DEBUG(4, "Got GET_PROVIDER_INFO command!\n");
87 irlan_do_provider_event(self, IRLAN_GET_INFO_CMD, skb);
88 break;
90 case CMD_GET_MEDIA_CHAR:
91 IRDA_DEBUG(4, "Got GET_MEDIA_CHAR command!\n");
92 irlan_do_provider_event(self, IRLAN_GET_MEDIA_CMD, skb);
93 break;
94 case CMD_OPEN_DATA_CHANNEL:
95 IRDA_DEBUG(4, "Got OPEN_DATA_CHANNEL command!\n");
96 irlan_do_provider_event(self, IRLAN_OPEN_DATA_CMD, skb);
97 break;
98 case CMD_FILTER_OPERATION:
99 IRDA_DEBUG(4, "Got FILTER_OPERATION command!\n");
100 irlan_do_provider_event(self, IRLAN_FILTER_CONFIG_CMD, skb);
101 break;
102 case CMD_RECONNECT_DATA_CHAN:
103 IRDA_DEBUG(2, "%s(), Got RECONNECT_DATA_CHAN command\n", __func__ );
104 IRDA_DEBUG(2, "%s(), NOT IMPLEMENTED\n", __func__ );
105 break;
106 case CMD_CLOSE_DATA_CHAN:
107 IRDA_DEBUG(2, "Got CLOSE_DATA_CHAN command!\n");
108 IRDA_DEBUG(2, "%s(), NOT IMPLEMENTED\n", __func__ );
109 break;
110 default:
111 IRDA_DEBUG(2, "%s(), Unknown command!\n", __func__ );
112 break;
114 return 0;
118 * Function irlan_provider_connect_indication (handle, skb, priv)
120 * Got connection from peer IrLAN client
123 static void irlan_provider_connect_indication(void *instance, void *sap,
124 struct qos_info *qos,
125 __u32 max_sdu_size,
126 __u8 max_header_size,
127 struct sk_buff *skb)
129 struct irlan_cb *self;
130 struct tsap_cb *tsap;
132 IRDA_DEBUG(0, "%s()\n", __func__ );
134 self = instance;
135 tsap = sap;
137 IRDA_ASSERT(self != NULL, return;);
138 IRDA_ASSERT(self->magic == IRLAN_MAGIC, return;);
140 IRDA_ASSERT(tsap == self->provider.tsap_ctrl,return;);
141 IRDA_ASSERT(self->provider.state == IRLAN_IDLE, return;);
143 self->provider.max_sdu_size = max_sdu_size;
144 self->provider.max_header_size = max_header_size;
146 irlan_do_provider_event(self, IRLAN_CONNECT_INDICATION, NULL);
149 * If we are in peer mode, the client may not have got the discovery
150 * indication it needs to make progress. If the client is still in
151 * IDLE state, we must kick it.
153 if ((self->provider.access_type == ACCESS_PEER) &&
154 (self->client.state == IRLAN_IDLE))
156 irlan_client_wakeup(self, self->saddr, self->daddr);
161 * Function irlan_provider_connect_response (handle)
163 * Accept incoming connection
166 void irlan_provider_connect_response(struct irlan_cb *self,
167 struct tsap_cb *tsap)
169 IRDA_ASSERT(self != NULL, return;);
170 IRDA_ASSERT(self->magic == IRLAN_MAGIC, return;);
172 /* Just accept */
173 irttp_connect_response(tsap, IRLAN_MTU, NULL);
176 static void irlan_provider_disconnect_indication(void *instance, void *sap,
177 LM_REASON reason,
178 struct sk_buff *userdata)
180 struct irlan_cb *self;
181 struct tsap_cb *tsap;
183 IRDA_DEBUG(4, "%s(), reason=%d\n", __func__ , reason);
185 self = instance;
186 tsap = sap;
188 IRDA_ASSERT(self != NULL, return;);
189 IRDA_ASSERT(self->magic == IRLAN_MAGIC, return;);
190 IRDA_ASSERT(tsap != NULL, return;);
191 IRDA_ASSERT(tsap->magic == TTP_TSAP_MAGIC, return;);
193 IRDA_ASSERT(tsap == self->provider.tsap_ctrl, return;);
195 irlan_do_provider_event(self, IRLAN_LMP_DISCONNECT, NULL);
199 * Function irlan_parse_open_data_cmd (self, skb)
204 int irlan_parse_open_data_cmd(struct irlan_cb *self, struct sk_buff *skb)
206 int ret;
208 ret = irlan_provider_parse_command(self, CMD_OPEN_DATA_CHANNEL, skb);
210 /* Open data channel */
211 irlan_open_data_tsap(self);
213 return ret;
217 * Function parse_command (skb)
219 * Extract all parameters from received buffer, then feed them to
220 * check_params for parsing
223 int irlan_provider_parse_command(struct irlan_cb *self, int cmd,
224 struct sk_buff *skb)
226 __u8 *frame;
227 __u8 *ptr;
228 int count;
229 __u16 val_len;
230 int i;
231 char *name;
232 char *value;
233 int ret = RSP_SUCCESS;
235 IRDA_ASSERT(skb != NULL, return -RSP_PROTOCOL_ERROR;);
237 IRDA_DEBUG(4, "%s(), skb->len=%d\n", __func__ , (int)skb->len);
239 IRDA_ASSERT(self != NULL, return -RSP_PROTOCOL_ERROR;);
240 IRDA_ASSERT(self->magic == IRLAN_MAGIC, return -RSP_PROTOCOL_ERROR;);
242 if (!skb)
243 return -RSP_PROTOCOL_ERROR;
245 frame = skb->data;
247 name = kmalloc(255, GFP_ATOMIC);
248 if (!name)
249 return -RSP_INSUFFICIENT_RESOURCES;
250 value = kmalloc(1016, GFP_ATOMIC);
251 if (!value) {
252 kfree(name);
253 return -RSP_INSUFFICIENT_RESOURCES;
256 /* How many parameters? */
257 count = frame[1];
259 IRDA_DEBUG(4, "Got %d parameters\n", count);
261 ptr = frame+2;
263 /* For all parameters */
264 for (i=0; i<count;i++) {
265 ret = irlan_extract_param(ptr, name, value, &val_len);
266 if (ret < 0) {
267 IRDA_DEBUG(2, "%s(), IrLAN, Error!\n", __func__ );
268 break;
270 ptr+=ret;
271 ret = RSP_SUCCESS;
272 irlan_check_command_param(self, name, value);
274 /* Cleanup */
275 kfree(name);
276 kfree(value);
278 return ret;
282 * Function irlan_provider_send_reply (self, info)
284 * Send reply to query to peer IrLAN layer
287 void irlan_provider_send_reply(struct irlan_cb *self, int command,
288 int ret_code)
290 struct sk_buff *skb;
292 IRDA_DEBUG(4, "%s()\n", __func__ );
294 IRDA_ASSERT(self != NULL, return;);
295 IRDA_ASSERT(self->magic == IRLAN_MAGIC, return;);
297 skb = alloc_skb(IRLAN_MAX_HEADER + IRLAN_CMD_HEADER +
298 /* Bigger param length comes from CMD_GET_MEDIA_CHAR */
299 IRLAN_STRING_PARAMETER_LEN("FILTER_TYPE", "DIRECTED") +
300 IRLAN_STRING_PARAMETER_LEN("FILTER_TYPE", "BORADCAST") +
301 IRLAN_STRING_PARAMETER_LEN("FILTER_TYPE", "MULTICAST") +
302 IRLAN_STRING_PARAMETER_LEN("ACCESS_TYPE", "HOSTED"),
303 GFP_ATOMIC);
305 if (!skb)
306 return;
308 /* Reserve space for TTP, LMP, and LAP header */
309 skb_reserve(skb, self->provider.max_header_size);
310 skb_put(skb, 2);
312 switch (command) {
313 case CMD_GET_PROVIDER_INFO:
314 skb->data[0] = 0x00; /* Success */
315 skb->data[1] = 0x02; /* 2 parameters */
316 switch (self->media) {
317 case MEDIA_802_3:
318 irlan_insert_string_param(skb, "MEDIA", "802.3");
319 break;
320 case MEDIA_802_5:
321 irlan_insert_string_param(skb, "MEDIA", "802.5");
322 break;
323 default:
324 IRDA_DEBUG(2, "%s(), unknown media type!\n", __func__ );
325 break;
327 irlan_insert_short_param(skb, "IRLAN_VER", 0x0101);
328 break;
330 case CMD_GET_MEDIA_CHAR:
331 skb->data[0] = 0x00; /* Success */
332 skb->data[1] = 0x05; /* 5 parameters */
333 irlan_insert_string_param(skb, "FILTER_TYPE", "DIRECTED");
334 irlan_insert_string_param(skb, "FILTER_TYPE", "BROADCAST");
335 irlan_insert_string_param(skb, "FILTER_TYPE", "MULTICAST");
337 switch (self->provider.access_type) {
338 case ACCESS_DIRECT:
339 irlan_insert_string_param(skb, "ACCESS_TYPE", "DIRECT");
340 break;
341 case ACCESS_PEER:
342 irlan_insert_string_param(skb, "ACCESS_TYPE", "PEER");
343 break;
344 case ACCESS_HOSTED:
345 irlan_insert_string_param(skb, "ACCESS_TYPE", "HOSTED");
346 break;
347 default:
348 IRDA_DEBUG(2, "%s(), Unknown access type\n", __func__ );
349 break;
351 irlan_insert_short_param(skb, "MAX_FRAME", 0x05ee);
352 break;
353 case CMD_OPEN_DATA_CHANNEL:
354 skb->data[0] = 0x00; /* Success */
355 if (self->provider.send_arb_val) {
356 skb->data[1] = 0x03; /* 3 parameters */
357 irlan_insert_short_param(skb, "CON_ARB",
358 self->provider.send_arb_val);
359 } else
360 skb->data[1] = 0x02; /* 2 parameters */
361 irlan_insert_byte_param(skb, "DATA_CHAN", self->stsap_sel_data);
362 irlan_insert_string_param(skb, "RECONNECT_KEY", "LINUX RULES!");
363 break;
364 case CMD_FILTER_OPERATION:
365 irlan_filter_request(self, skb);
366 break;
367 default:
368 IRDA_DEBUG(2, "%s(), Unknown command!\n", __func__ );
369 break;
372 irttp_data_request(self->provider.tsap_ctrl, skb);
376 * Function irlan_provider_register(void)
378 * Register provider support so we can accept incoming connections.
381 int irlan_provider_open_ctrl_tsap(struct irlan_cb *self)
383 struct tsap_cb *tsap;
384 notify_t notify;
386 IRDA_DEBUG(4, "%s()\n", __func__ );
388 IRDA_ASSERT(self != NULL, return -1;);
389 IRDA_ASSERT(self->magic == IRLAN_MAGIC, return -1;);
391 /* Check if already open */
392 if (self->provider.tsap_ctrl)
393 return -1;
396 * First register well known control TSAP
398 irda_notify_init(&notify);
399 notify.data_indication = irlan_provider_data_indication;
400 notify.connect_indication = irlan_provider_connect_indication;
401 notify.disconnect_indication = irlan_provider_disconnect_indication;
402 notify.instance = self;
403 strlcpy(notify.name, "IrLAN ctrl (p)", sizeof(notify.name));
405 tsap = irttp_open_tsap(LSAP_ANY, 1, &notify);
406 if (!tsap) {
407 IRDA_DEBUG(2, "%s(), Got no tsap!\n", __func__ );
408 return -1;
410 self->provider.tsap_ctrl = tsap;
412 /* Register with LM-IAS */
413 irlan_ias_register(self, tsap->stsap_sel);
415 return 0;