Avoid beyond bounds copy while caching ACL
[zen-stable.git] / net / ax25 / af_ax25.c
blob965c081436b93af3e56a40d953dfd90b09d33d4d
1 /*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
7 * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9 * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
10 * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
11 * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
12 * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
13 * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
14 * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
16 #include <linux/capability.h>
17 #include <linux/module.h>
18 #include <linux/errno.h>
19 #include <linux/types.h>
20 #include <linux/socket.h>
21 #include <linux/in.h>
22 #include <linux/kernel.h>
23 #include <linux/sched.h>
24 #include <linux/timer.h>
25 #include <linux/string.h>
26 #include <linux/sockios.h>
27 #include <linux/net.h>
28 #include <linux/slab.h>
29 #include <net/ax25.h>
30 #include <linux/inet.h>
31 #include <linux/netdevice.h>
32 #include <linux/if_arp.h>
33 #include <linux/skbuff.h>
34 #include <net/sock.h>
35 #include <asm/uaccess.h>
36 #include <asm/system.h>
37 #include <linux/fcntl.h>
38 #include <linux/termios.h> /* For TIOCINQ/OUTQ */
39 #include <linux/mm.h>
40 #include <linux/interrupt.h>
41 #include <linux/notifier.h>
42 #include <linux/proc_fs.h>
43 #include <linux/stat.h>
44 #include <linux/netfilter.h>
45 #include <linux/sysctl.h>
46 #include <linux/init.h>
47 #include <linux/spinlock.h>
48 #include <net/net_namespace.h>
49 #include <net/tcp_states.h>
50 #include <net/ip.h>
51 #include <net/arp.h>
55 HLIST_HEAD(ax25_list);
56 DEFINE_SPINLOCK(ax25_list_lock);
58 static const struct proto_ops ax25_proto_ops;
60 static void ax25_free_sock(struct sock *sk)
62 ax25_cb_put(ax25_sk(sk));
66 * Socket removal during an interrupt is now safe.
68 static void ax25_cb_del(ax25_cb *ax25)
70 if (!hlist_unhashed(&ax25->ax25_node)) {
71 spin_lock_bh(&ax25_list_lock);
72 hlist_del_init(&ax25->ax25_node);
73 spin_unlock_bh(&ax25_list_lock);
74 ax25_cb_put(ax25);
79 * Kill all bound sockets on a dropped device.
81 static void ax25_kill_by_device(struct net_device *dev)
83 ax25_dev *ax25_dev;
84 ax25_cb *s;
85 struct hlist_node *node;
87 if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
88 return;
90 spin_lock_bh(&ax25_list_lock);
91 again:
92 ax25_for_each(s, node, &ax25_list) {
93 if (s->ax25_dev == ax25_dev) {
94 s->ax25_dev = NULL;
95 spin_unlock_bh(&ax25_list_lock);
96 ax25_disconnect(s, ENETUNREACH);
97 spin_lock_bh(&ax25_list_lock);
99 /* The entry could have been deleted from the
100 * list meanwhile and thus the next pointer is
101 * no longer valid. Play it safe and restart
102 * the scan. Forward progress is ensured
103 * because we set s->ax25_dev to NULL and we
104 * are never passed a NULL 'dev' argument.
106 goto again;
109 spin_unlock_bh(&ax25_list_lock);
113 * Handle device status changes.
115 static int ax25_device_event(struct notifier_block *this, unsigned long event,
116 void *ptr)
118 struct net_device *dev = (struct net_device *)ptr;
120 if (!net_eq(dev_net(dev), &init_net))
121 return NOTIFY_DONE;
123 /* Reject non AX.25 devices */
124 if (dev->type != ARPHRD_AX25)
125 return NOTIFY_DONE;
127 switch (event) {
128 case NETDEV_UP:
129 ax25_dev_device_up(dev);
130 break;
131 case NETDEV_DOWN:
132 ax25_kill_by_device(dev);
133 ax25_rt_device_down(dev);
134 ax25_dev_device_down(dev);
135 break;
136 default:
137 break;
140 return NOTIFY_DONE;
144 * Add a socket to the bound sockets list.
146 void ax25_cb_add(ax25_cb *ax25)
148 spin_lock_bh(&ax25_list_lock);
149 ax25_cb_hold(ax25);
150 hlist_add_head(&ax25->ax25_node, &ax25_list);
151 spin_unlock_bh(&ax25_list_lock);
155 * Find a socket that wants to accept the SABM we have just
156 * received.
158 struct sock *ax25_find_listener(ax25_address *addr, int digi,
159 struct net_device *dev, int type)
161 ax25_cb *s;
162 struct hlist_node *node;
164 spin_lock(&ax25_list_lock);
165 ax25_for_each(s, node, &ax25_list) {
166 if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
167 continue;
168 if (s->sk && !ax25cmp(&s->source_addr, addr) &&
169 s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
170 /* If device is null we match any device */
171 if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
172 sock_hold(s->sk);
173 spin_unlock(&ax25_list_lock);
174 return s->sk;
178 spin_unlock(&ax25_list_lock);
180 return NULL;
184 * Find an AX.25 socket given both ends.
186 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
187 int type)
189 struct sock *sk = NULL;
190 ax25_cb *s;
191 struct hlist_node *node;
193 spin_lock(&ax25_list_lock);
194 ax25_for_each(s, node, &ax25_list) {
195 if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
196 !ax25cmp(&s->dest_addr, dest_addr) &&
197 s->sk->sk_type == type) {
198 sk = s->sk;
199 sock_hold(sk);
200 break;
204 spin_unlock(&ax25_list_lock);
206 return sk;
210 * Find an AX.25 control block given both ends. It will only pick up
211 * floating AX.25 control blocks or non Raw socket bound control blocks.
213 ax25_cb *ax25_find_cb(ax25_address *src_addr, ax25_address *dest_addr,
214 ax25_digi *digi, struct net_device *dev)
216 ax25_cb *s;
217 struct hlist_node *node;
219 spin_lock_bh(&ax25_list_lock);
220 ax25_for_each(s, node, &ax25_list) {
221 if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
222 continue;
223 if (s->ax25_dev == NULL)
224 continue;
225 if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
226 if (digi != NULL && digi->ndigi != 0) {
227 if (s->digipeat == NULL)
228 continue;
229 if (ax25digicmp(s->digipeat, digi) != 0)
230 continue;
231 } else {
232 if (s->digipeat != NULL && s->digipeat->ndigi != 0)
233 continue;
235 ax25_cb_hold(s);
236 spin_unlock_bh(&ax25_list_lock);
238 return s;
241 spin_unlock_bh(&ax25_list_lock);
243 return NULL;
246 EXPORT_SYMBOL(ax25_find_cb);
248 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
250 ax25_cb *s;
251 struct sk_buff *copy;
252 struct hlist_node *node;
254 spin_lock(&ax25_list_lock);
255 ax25_for_each(s, node, &ax25_list) {
256 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
257 s->sk->sk_type == SOCK_RAW &&
258 s->sk->sk_protocol == proto &&
259 s->ax25_dev->dev == skb->dev &&
260 atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
261 if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
262 continue;
263 if (sock_queue_rcv_skb(s->sk, copy) != 0)
264 kfree_skb(copy);
267 spin_unlock(&ax25_list_lock);
271 * Deferred destroy.
273 void ax25_destroy_socket(ax25_cb *);
276 * Handler for deferred kills.
278 static void ax25_destroy_timer(unsigned long data)
280 ax25_cb *ax25=(ax25_cb *)data;
281 struct sock *sk;
283 sk=ax25->sk;
285 bh_lock_sock(sk);
286 sock_hold(sk);
287 ax25_destroy_socket(ax25);
288 bh_unlock_sock(sk);
289 sock_put(sk);
293 * This is called from user mode and the timers. Thus it protects itself
294 * against interrupt users but doesn't worry about being called during
295 * work. Once it is removed from the queue no interrupt or bottom half
296 * will touch it and we are (fairly 8-) ) safe.
298 void ax25_destroy_socket(ax25_cb *ax25)
300 struct sk_buff *skb;
302 ax25_cb_del(ax25);
304 ax25_stop_heartbeat(ax25);
305 ax25_stop_t1timer(ax25);
306 ax25_stop_t2timer(ax25);
307 ax25_stop_t3timer(ax25);
308 ax25_stop_idletimer(ax25);
310 ax25_clear_queues(ax25); /* Flush the queues */
312 if (ax25->sk != NULL) {
313 while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
314 if (skb->sk != ax25->sk) {
315 /* A pending connection */
316 ax25_cb *sax25 = ax25_sk(skb->sk);
318 /* Queue the unaccepted socket for death */
319 sock_orphan(skb->sk);
321 /* 9A4GL: hack to release unaccepted sockets */
322 skb->sk->sk_state = TCP_LISTEN;
324 ax25_start_heartbeat(sax25);
325 sax25->state = AX25_STATE_0;
328 kfree_skb(skb);
330 skb_queue_purge(&ax25->sk->sk_write_queue);
333 if (ax25->sk != NULL) {
334 if (sk_has_allocations(ax25->sk)) {
335 /* Defer: outstanding buffers */
336 setup_timer(&ax25->dtimer, ax25_destroy_timer,
337 (unsigned long)ax25);
338 ax25->dtimer.expires = jiffies + 2 * HZ;
339 add_timer(&ax25->dtimer);
340 } else {
341 struct sock *sk=ax25->sk;
342 ax25->sk=NULL;
343 sock_put(sk);
345 } else {
346 ax25_cb_put(ax25);
351 * dl1bke 960311: set parameters for existing AX.25 connections,
352 * includes a KILL command to abort any connection.
353 * VERY useful for debugging ;-)
355 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
357 struct ax25_ctl_struct ax25_ctl;
358 ax25_digi digi;
359 ax25_dev *ax25_dev;
360 ax25_cb *ax25;
361 unsigned int k;
362 int ret = 0;
364 if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
365 return -EFAULT;
367 if ((ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr)) == NULL)
368 return -ENODEV;
370 if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
371 return -EINVAL;
373 if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
374 return -EINVAL;
376 digi.ndigi = ax25_ctl.digi_count;
377 for (k = 0; k < digi.ndigi; k++)
378 digi.calls[k] = ax25_ctl.digi_addr[k];
380 if ((ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev)) == NULL)
381 return -ENOTCONN;
383 switch (ax25_ctl.cmd) {
384 case AX25_KILL:
385 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
386 #ifdef CONFIG_AX25_DAMA_SLAVE
387 if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
388 ax25_dama_off(ax25);
389 #endif
390 ax25_disconnect(ax25, ENETRESET);
391 break;
393 case AX25_WINDOW:
394 if (ax25->modulus == AX25_MODULUS) {
395 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
396 goto einval_put;
397 } else {
398 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
399 goto einval_put;
401 ax25->window = ax25_ctl.arg;
402 break;
404 case AX25_T1:
405 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
406 goto einval_put;
407 ax25->rtt = (ax25_ctl.arg * HZ) / 2;
408 ax25->t1 = ax25_ctl.arg * HZ;
409 break;
411 case AX25_T2:
412 if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
413 goto einval_put;
414 ax25->t2 = ax25_ctl.arg * HZ;
415 break;
417 case AX25_N2:
418 if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
419 goto einval_put;
420 ax25->n2count = 0;
421 ax25->n2 = ax25_ctl.arg;
422 break;
424 case AX25_T3:
425 if (ax25_ctl.arg > ULONG_MAX / HZ)
426 goto einval_put;
427 ax25->t3 = ax25_ctl.arg * HZ;
428 break;
430 case AX25_IDLE:
431 if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
432 goto einval_put;
434 ax25->idle = ax25_ctl.arg * 60 * HZ;
435 break;
437 case AX25_PACLEN:
438 if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
439 goto einval_put;
440 ax25->paclen = ax25_ctl.arg;
441 break;
443 default:
444 goto einval_put;
447 out_put:
448 ax25_cb_put(ax25);
449 return ret;
451 einval_put:
452 ret = -EINVAL;
453 goto out_put;
456 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
458 ax25->rtt = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
459 ax25->t1 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
460 ax25->t2 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
461 ax25->t3 = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
462 ax25->n2 = ax25_dev->values[AX25_VALUES_N2];
463 ax25->paclen = ax25_dev->values[AX25_VALUES_PACLEN];
464 ax25->idle = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
465 ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
467 if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
468 ax25->modulus = AX25_EMODULUS;
469 ax25->window = ax25_dev->values[AX25_VALUES_EWINDOW];
470 } else {
471 ax25->modulus = AX25_MODULUS;
472 ax25->window = ax25_dev->values[AX25_VALUES_WINDOW];
477 * Fill in a created AX.25 created control block with the default
478 * values for a particular device.
480 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
482 ax25->ax25_dev = ax25_dev;
484 if (ax25->ax25_dev != NULL) {
485 ax25_fillin_cb_from_dev(ax25, ax25_dev);
486 return;
490 * No device, use kernel / AX.25 spec default values
492 ax25->rtt = msecs_to_jiffies(AX25_DEF_T1) / 2;
493 ax25->t1 = msecs_to_jiffies(AX25_DEF_T1);
494 ax25->t2 = msecs_to_jiffies(AX25_DEF_T2);
495 ax25->t3 = msecs_to_jiffies(AX25_DEF_T3);
496 ax25->n2 = AX25_DEF_N2;
497 ax25->paclen = AX25_DEF_PACLEN;
498 ax25->idle = msecs_to_jiffies(AX25_DEF_IDLE);
499 ax25->backoff = AX25_DEF_BACKOFF;
501 if (AX25_DEF_AXDEFMODE) {
502 ax25->modulus = AX25_EMODULUS;
503 ax25->window = AX25_DEF_EWINDOW;
504 } else {
505 ax25->modulus = AX25_MODULUS;
506 ax25->window = AX25_DEF_WINDOW;
511 * Create an empty AX.25 control block.
513 ax25_cb *ax25_create_cb(void)
515 ax25_cb *ax25;
517 if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
518 return NULL;
520 atomic_set(&ax25->refcount, 1);
522 skb_queue_head_init(&ax25->write_queue);
523 skb_queue_head_init(&ax25->frag_queue);
524 skb_queue_head_init(&ax25->ack_queue);
525 skb_queue_head_init(&ax25->reseq_queue);
527 ax25_setup_timers(ax25);
529 ax25_fillin_cb(ax25, NULL);
531 ax25->state = AX25_STATE_0;
533 return ax25;
537 * Handling for system calls applied via the various interfaces to an
538 * AX25 socket object
541 static int ax25_setsockopt(struct socket *sock, int level, int optname,
542 char __user *optval, unsigned int optlen)
544 struct sock *sk = sock->sk;
545 ax25_cb *ax25;
546 struct net_device *dev;
547 char devname[IFNAMSIZ];
548 unsigned long opt;
549 int res = 0;
551 if (level != SOL_AX25)
552 return -ENOPROTOOPT;
554 if (optlen < sizeof(unsigned int))
555 return -EINVAL;
557 if (get_user(opt, (unsigned int __user *)optval))
558 return -EFAULT;
560 lock_sock(sk);
561 ax25 = ax25_sk(sk);
563 switch (optname) {
564 case AX25_WINDOW:
565 if (ax25->modulus == AX25_MODULUS) {
566 if (opt < 1 || opt > 7) {
567 res = -EINVAL;
568 break;
570 } else {
571 if (opt < 1 || opt > 63) {
572 res = -EINVAL;
573 break;
576 ax25->window = opt;
577 break;
579 case AX25_T1:
580 if (opt < 1 || opt > ULONG_MAX / HZ) {
581 res = -EINVAL;
582 break;
584 ax25->rtt = (opt * HZ) >> 1;
585 ax25->t1 = opt * HZ;
586 break;
588 case AX25_T2:
589 if (opt < 1 || opt > ULONG_MAX / HZ) {
590 res = -EINVAL;
591 break;
593 ax25->t2 = opt * HZ;
594 break;
596 case AX25_N2:
597 if (opt < 1 || opt > 31) {
598 res = -EINVAL;
599 break;
601 ax25->n2 = opt;
602 break;
604 case AX25_T3:
605 if (opt < 1 || opt > ULONG_MAX / HZ) {
606 res = -EINVAL;
607 break;
609 ax25->t3 = opt * HZ;
610 break;
612 case AX25_IDLE:
613 if (opt > ULONG_MAX / (60 * HZ)) {
614 res = -EINVAL;
615 break;
617 ax25->idle = opt * 60 * HZ;
618 break;
620 case AX25_BACKOFF:
621 if (opt > 2) {
622 res = -EINVAL;
623 break;
625 ax25->backoff = opt;
626 break;
628 case AX25_EXTSEQ:
629 ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
630 break;
632 case AX25_PIDINCL:
633 ax25->pidincl = opt ? 1 : 0;
634 break;
636 case AX25_IAMDIGI:
637 ax25->iamdigi = opt ? 1 : 0;
638 break;
640 case AX25_PACLEN:
641 if (opt < 16 || opt > 65535) {
642 res = -EINVAL;
643 break;
645 ax25->paclen = opt;
646 break;
648 case SO_BINDTODEVICE:
649 if (optlen > IFNAMSIZ)
650 optlen = IFNAMSIZ;
652 if (copy_from_user(devname, optval, optlen)) {
653 res = -EFAULT;
654 break;
657 if (sk->sk_type == SOCK_SEQPACKET &&
658 (sock->state != SS_UNCONNECTED ||
659 sk->sk_state == TCP_LISTEN)) {
660 res = -EADDRNOTAVAIL;
661 break;
664 dev = dev_get_by_name(&init_net, devname);
665 if (!dev) {
666 res = -ENODEV;
667 break;
670 ax25->ax25_dev = ax25_dev_ax25dev(dev);
671 ax25_fillin_cb(ax25, ax25->ax25_dev);
672 dev_put(dev);
673 break;
675 default:
676 res = -ENOPROTOOPT;
678 release_sock(sk);
680 return res;
683 static int ax25_getsockopt(struct socket *sock, int level, int optname,
684 char __user *optval, int __user *optlen)
686 struct sock *sk = sock->sk;
687 ax25_cb *ax25;
688 struct ax25_dev *ax25_dev;
689 char devname[IFNAMSIZ];
690 void *valptr;
691 int val = 0;
692 int maxlen, length;
694 if (level != SOL_AX25)
695 return -ENOPROTOOPT;
697 if (get_user(maxlen, optlen))
698 return -EFAULT;
700 if (maxlen < 1)
701 return -EFAULT;
703 valptr = (void *) &val;
704 length = min_t(unsigned int, maxlen, sizeof(int));
706 lock_sock(sk);
707 ax25 = ax25_sk(sk);
709 switch (optname) {
710 case AX25_WINDOW:
711 val = ax25->window;
712 break;
714 case AX25_T1:
715 val = ax25->t1 / HZ;
716 break;
718 case AX25_T2:
719 val = ax25->t2 / HZ;
720 break;
722 case AX25_N2:
723 val = ax25->n2;
724 break;
726 case AX25_T3:
727 val = ax25->t3 / HZ;
728 break;
730 case AX25_IDLE:
731 val = ax25->idle / (60 * HZ);
732 break;
734 case AX25_BACKOFF:
735 val = ax25->backoff;
736 break;
738 case AX25_EXTSEQ:
739 val = (ax25->modulus == AX25_EMODULUS);
740 break;
742 case AX25_PIDINCL:
743 val = ax25->pidincl;
744 break;
746 case AX25_IAMDIGI:
747 val = ax25->iamdigi;
748 break;
750 case AX25_PACLEN:
751 val = ax25->paclen;
752 break;
754 case SO_BINDTODEVICE:
755 ax25_dev = ax25->ax25_dev;
757 if (ax25_dev != NULL && ax25_dev->dev != NULL) {
758 strlcpy(devname, ax25_dev->dev->name, sizeof(devname));
759 length = strlen(devname) + 1;
760 } else {
761 *devname = '\0';
762 length = 1;
765 valptr = (void *) devname;
766 break;
768 default:
769 release_sock(sk);
770 return -ENOPROTOOPT;
772 release_sock(sk);
774 if (put_user(length, optlen))
775 return -EFAULT;
777 return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
780 static int ax25_listen(struct socket *sock, int backlog)
782 struct sock *sk = sock->sk;
783 int res = 0;
785 lock_sock(sk);
786 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
787 sk->sk_max_ack_backlog = backlog;
788 sk->sk_state = TCP_LISTEN;
789 goto out;
791 res = -EOPNOTSUPP;
793 out:
794 release_sock(sk);
796 return res;
800 * XXX: when creating ax25_sock we should update the .obj_size setting
801 * below.
803 static struct proto ax25_proto = {
804 .name = "AX25",
805 .owner = THIS_MODULE,
806 .obj_size = sizeof(struct sock),
809 static int ax25_create(struct net *net, struct socket *sock, int protocol,
810 int kern)
812 struct sock *sk;
813 ax25_cb *ax25;
815 if (!net_eq(net, &init_net))
816 return -EAFNOSUPPORT;
818 switch (sock->type) {
819 case SOCK_DGRAM:
820 if (protocol == 0 || protocol == PF_AX25)
821 protocol = AX25_P_TEXT;
822 break;
824 case SOCK_SEQPACKET:
825 switch (protocol) {
826 case 0:
827 case PF_AX25: /* For CLX */
828 protocol = AX25_P_TEXT;
829 break;
830 case AX25_P_SEGMENT:
831 #ifdef CONFIG_INET
832 case AX25_P_ARP:
833 case AX25_P_IP:
834 #endif
835 #ifdef CONFIG_NETROM
836 case AX25_P_NETROM:
837 #endif
838 #ifdef CONFIG_ROSE
839 case AX25_P_ROSE:
840 #endif
841 return -ESOCKTNOSUPPORT;
842 #ifdef CONFIG_NETROM_MODULE
843 case AX25_P_NETROM:
844 if (ax25_protocol_is_registered(AX25_P_NETROM))
845 return -ESOCKTNOSUPPORT;
846 #endif
847 #ifdef CONFIG_ROSE_MODULE
848 case AX25_P_ROSE:
849 if (ax25_protocol_is_registered(AX25_P_ROSE))
850 return -ESOCKTNOSUPPORT;
851 #endif
852 default:
853 break;
855 break;
857 case SOCK_RAW:
858 break;
859 default:
860 return -ESOCKTNOSUPPORT;
863 sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto);
864 if (sk == NULL)
865 return -ENOMEM;
867 ax25 = sk->sk_protinfo = ax25_create_cb();
868 if (!ax25) {
869 sk_free(sk);
870 return -ENOMEM;
873 sock_init_data(sock, sk);
875 sk->sk_destruct = ax25_free_sock;
876 sock->ops = &ax25_proto_ops;
877 sk->sk_protocol = protocol;
879 ax25->sk = sk;
881 return 0;
884 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
886 struct sock *sk;
887 ax25_cb *ax25, *oax25;
889 sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot);
890 if (sk == NULL)
891 return NULL;
893 if ((ax25 = ax25_create_cb()) == NULL) {
894 sk_free(sk);
895 return NULL;
898 switch (osk->sk_type) {
899 case SOCK_DGRAM:
900 break;
901 case SOCK_SEQPACKET:
902 break;
903 default:
904 sk_free(sk);
905 ax25_cb_put(ax25);
906 return NULL;
909 sock_init_data(NULL, sk);
911 sk->sk_type = osk->sk_type;
912 sk->sk_priority = osk->sk_priority;
913 sk->sk_protocol = osk->sk_protocol;
914 sk->sk_rcvbuf = osk->sk_rcvbuf;
915 sk->sk_sndbuf = osk->sk_sndbuf;
916 sk->sk_state = TCP_ESTABLISHED;
917 sock_copy_flags(sk, osk);
919 oax25 = ax25_sk(osk);
921 ax25->modulus = oax25->modulus;
922 ax25->backoff = oax25->backoff;
923 ax25->pidincl = oax25->pidincl;
924 ax25->iamdigi = oax25->iamdigi;
925 ax25->rtt = oax25->rtt;
926 ax25->t1 = oax25->t1;
927 ax25->t2 = oax25->t2;
928 ax25->t3 = oax25->t3;
929 ax25->n2 = oax25->n2;
930 ax25->idle = oax25->idle;
931 ax25->paclen = oax25->paclen;
932 ax25->window = oax25->window;
934 ax25->ax25_dev = ax25_dev;
935 ax25->source_addr = oax25->source_addr;
937 if (oax25->digipeat != NULL) {
938 ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
939 GFP_ATOMIC);
940 if (ax25->digipeat == NULL) {
941 sk_free(sk);
942 ax25_cb_put(ax25);
943 return NULL;
947 sk->sk_protinfo = ax25;
948 sk->sk_destruct = ax25_free_sock;
949 ax25->sk = sk;
951 return sk;
954 static int ax25_release(struct socket *sock)
956 struct sock *sk = sock->sk;
957 ax25_cb *ax25;
959 if (sk == NULL)
960 return 0;
962 sock_hold(sk);
963 sock_orphan(sk);
964 lock_sock(sk);
965 ax25 = ax25_sk(sk);
967 if (sk->sk_type == SOCK_SEQPACKET) {
968 switch (ax25->state) {
969 case AX25_STATE_0:
970 release_sock(sk);
971 ax25_disconnect(ax25, 0);
972 lock_sock(sk);
973 ax25_destroy_socket(ax25);
974 break;
976 case AX25_STATE_1:
977 case AX25_STATE_2:
978 ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
979 release_sock(sk);
980 ax25_disconnect(ax25, 0);
981 lock_sock(sk);
982 ax25_destroy_socket(ax25);
983 break;
985 case AX25_STATE_3:
986 case AX25_STATE_4:
987 ax25_clear_queues(ax25);
988 ax25->n2count = 0;
990 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
991 case AX25_PROTO_STD_SIMPLEX:
992 case AX25_PROTO_STD_DUPLEX:
993 ax25_send_control(ax25,
994 AX25_DISC,
995 AX25_POLLON,
996 AX25_COMMAND);
997 ax25_stop_t2timer(ax25);
998 ax25_stop_t3timer(ax25);
999 ax25_stop_idletimer(ax25);
1000 break;
1001 #ifdef CONFIG_AX25_DAMA_SLAVE
1002 case AX25_PROTO_DAMA_SLAVE:
1003 ax25_stop_t3timer(ax25);
1004 ax25_stop_idletimer(ax25);
1005 break;
1006 #endif
1008 ax25_calculate_t1(ax25);
1009 ax25_start_t1timer(ax25);
1010 ax25->state = AX25_STATE_2;
1011 sk->sk_state = TCP_CLOSE;
1012 sk->sk_shutdown |= SEND_SHUTDOWN;
1013 sk->sk_state_change(sk);
1014 sock_set_flag(sk, SOCK_DESTROY);
1015 break;
1017 default:
1018 break;
1020 } else {
1021 sk->sk_state = TCP_CLOSE;
1022 sk->sk_shutdown |= SEND_SHUTDOWN;
1023 sk->sk_state_change(sk);
1024 ax25_destroy_socket(ax25);
1027 sock->sk = NULL;
1028 release_sock(sk);
1029 sock_put(sk);
1031 return 0;
1035 * We support a funny extension here so you can (as root) give any callsign
1036 * digipeated via a local address as source. This hack is obsolete now
1037 * that we've implemented support for SO_BINDTODEVICE. It is however small
1038 * and trivially backward compatible.
1040 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1042 struct sock *sk = sock->sk;
1043 struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1044 ax25_dev *ax25_dev = NULL;
1045 ax25_uid_assoc *user;
1046 ax25_address call;
1047 ax25_cb *ax25;
1048 int err = 0;
1050 if (addr_len != sizeof(struct sockaddr_ax25) &&
1051 addr_len != sizeof(struct full_sockaddr_ax25))
1052 /* support for old structure may go away some time
1053 * ax25_bind(): uses old (6 digipeater) socket structure.
1055 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1056 (addr_len > sizeof(struct full_sockaddr_ax25)))
1057 return -EINVAL;
1059 if (addr->fsa_ax25.sax25_family != AF_AX25)
1060 return -EINVAL;
1062 user = ax25_findbyuid(current_euid());
1063 if (user) {
1064 call = user->call;
1065 ax25_uid_put(user);
1066 } else {
1067 if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1068 return -EACCES;
1070 call = addr->fsa_ax25.sax25_call;
1073 lock_sock(sk);
1075 ax25 = ax25_sk(sk);
1076 if (!sock_flag(sk, SOCK_ZAPPED)) {
1077 err = -EINVAL;
1078 goto out;
1081 ax25->source_addr = call;
1084 * User already set interface with SO_BINDTODEVICE
1086 if (ax25->ax25_dev != NULL)
1087 goto done;
1089 if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1090 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1091 (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1092 err = -EADDRNOTAVAIL;
1093 goto out;
1095 } else {
1096 if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1097 err = -EADDRNOTAVAIL;
1098 goto out;
1102 if (ax25_dev != NULL)
1103 ax25_fillin_cb(ax25, ax25_dev);
1105 done:
1106 ax25_cb_add(ax25);
1107 sock_reset_flag(sk, SOCK_ZAPPED);
1109 out:
1110 release_sock(sk);
1112 return err;
1116 * FIXME: nonblock behaviour looks like it may have a bug.
1118 static int __must_check ax25_connect(struct socket *sock,
1119 struct sockaddr *uaddr, int addr_len, int flags)
1121 struct sock *sk = sock->sk;
1122 ax25_cb *ax25 = ax25_sk(sk), *ax25t;
1123 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1124 ax25_digi *digi = NULL;
1125 int ct = 0, err = 0;
1128 * some sanity checks. code further down depends on this
1131 if (addr_len == sizeof(struct sockaddr_ax25))
1132 /* support for this will go away in early 2.5.x
1133 * ax25_connect(): uses obsolete socket structure
1136 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1137 /* support for old structure may go away some time
1138 * ax25_connect(): uses old (6 digipeater) socket structure.
1140 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1141 (addr_len > sizeof(struct full_sockaddr_ax25)))
1142 return -EINVAL;
1145 if (fsa->fsa_ax25.sax25_family != AF_AX25)
1146 return -EINVAL;
1148 lock_sock(sk);
1150 /* deal with restarts */
1151 if (sock->state == SS_CONNECTING) {
1152 switch (sk->sk_state) {
1153 case TCP_SYN_SENT: /* still trying */
1154 err = -EINPROGRESS;
1155 goto out_release;
1157 case TCP_ESTABLISHED: /* connection established */
1158 sock->state = SS_CONNECTED;
1159 goto out_release;
1161 case TCP_CLOSE: /* connection refused */
1162 sock->state = SS_UNCONNECTED;
1163 err = -ECONNREFUSED;
1164 goto out_release;
1168 if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1169 err = -EISCONN; /* No reconnect on a seqpacket socket */
1170 goto out_release;
1173 sk->sk_state = TCP_CLOSE;
1174 sock->state = SS_UNCONNECTED;
1176 kfree(ax25->digipeat);
1177 ax25->digipeat = NULL;
1180 * Handle digi-peaters to be used.
1182 if (addr_len > sizeof(struct sockaddr_ax25) &&
1183 fsa->fsa_ax25.sax25_ndigis != 0) {
1184 /* Valid number of digipeaters ? */
1185 if (fsa->fsa_ax25.sax25_ndigis < 1 || fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS) {
1186 err = -EINVAL;
1187 goto out_release;
1190 if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1191 err = -ENOBUFS;
1192 goto out_release;
1195 digi->ndigi = fsa->fsa_ax25.sax25_ndigis;
1196 digi->lastrepeat = -1;
1198 while (ct < fsa->fsa_ax25.sax25_ndigis) {
1199 if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1200 AX25_HBIT) && ax25->iamdigi) {
1201 digi->repeated[ct] = 1;
1202 digi->lastrepeat = ct;
1203 } else {
1204 digi->repeated[ct] = 0;
1206 digi->calls[ct] = fsa->fsa_digipeater[ct];
1207 ct++;
1212 * Must bind first - autobinding in this may or may not work. If
1213 * the socket is already bound, check to see if the device has
1214 * been filled in, error if it hasn't.
1216 if (sock_flag(sk, SOCK_ZAPPED)) {
1217 /* check if we can remove this feature. It is broken. */
1218 printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1219 current->comm);
1220 if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1221 kfree(digi);
1222 goto out_release;
1225 ax25_fillin_cb(ax25, ax25->ax25_dev);
1226 ax25_cb_add(ax25);
1227 } else {
1228 if (ax25->ax25_dev == NULL) {
1229 kfree(digi);
1230 err = -EHOSTUNREACH;
1231 goto out_release;
1235 if (sk->sk_type == SOCK_SEQPACKET &&
1236 (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1237 ax25->ax25_dev->dev))) {
1238 kfree(digi);
1239 err = -EADDRINUSE; /* Already such a connection */
1240 ax25_cb_put(ax25t);
1241 goto out_release;
1244 ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1245 ax25->digipeat = digi;
1247 /* First the easy one */
1248 if (sk->sk_type != SOCK_SEQPACKET) {
1249 sock->state = SS_CONNECTED;
1250 sk->sk_state = TCP_ESTABLISHED;
1251 goto out_release;
1254 /* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1255 sock->state = SS_CONNECTING;
1256 sk->sk_state = TCP_SYN_SENT;
1258 switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1259 case AX25_PROTO_STD_SIMPLEX:
1260 case AX25_PROTO_STD_DUPLEX:
1261 ax25_std_establish_data_link(ax25);
1262 break;
1264 #ifdef CONFIG_AX25_DAMA_SLAVE
1265 case AX25_PROTO_DAMA_SLAVE:
1266 ax25->modulus = AX25_MODULUS;
1267 ax25->window = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1268 if (ax25->ax25_dev->dama.slave)
1269 ax25_ds_establish_data_link(ax25);
1270 else
1271 ax25_std_establish_data_link(ax25);
1272 break;
1273 #endif
1276 ax25->state = AX25_STATE_1;
1278 ax25_start_heartbeat(ax25);
1280 /* Now the loop */
1281 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1282 err = -EINPROGRESS;
1283 goto out_release;
1286 if (sk->sk_state == TCP_SYN_SENT) {
1287 DEFINE_WAIT(wait);
1289 for (;;) {
1290 prepare_to_wait(sk_sleep(sk), &wait,
1291 TASK_INTERRUPTIBLE);
1292 if (sk->sk_state != TCP_SYN_SENT)
1293 break;
1294 if (!signal_pending(current)) {
1295 release_sock(sk);
1296 schedule();
1297 lock_sock(sk);
1298 continue;
1300 err = -ERESTARTSYS;
1301 break;
1303 finish_wait(sk_sleep(sk), &wait);
1305 if (err)
1306 goto out_release;
1309 if (sk->sk_state != TCP_ESTABLISHED) {
1310 /* Not in ABM, not in WAIT_UA -> failed */
1311 sock->state = SS_UNCONNECTED;
1312 err = sock_error(sk); /* Always set at this point */
1313 goto out_release;
1316 sock->state = SS_CONNECTED;
1318 err = 0;
1319 out_release:
1320 release_sock(sk);
1322 return err;
1325 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags)
1327 struct sk_buff *skb;
1328 struct sock *newsk;
1329 DEFINE_WAIT(wait);
1330 struct sock *sk;
1331 int err = 0;
1333 if (sock->state != SS_UNCONNECTED)
1334 return -EINVAL;
1336 if ((sk = sock->sk) == NULL)
1337 return -EINVAL;
1339 lock_sock(sk);
1340 if (sk->sk_type != SOCK_SEQPACKET) {
1341 err = -EOPNOTSUPP;
1342 goto out;
1345 if (sk->sk_state != TCP_LISTEN) {
1346 err = -EINVAL;
1347 goto out;
1351 * The read queue this time is holding sockets ready to use
1352 * hooked into the SABM we saved
1354 for (;;) {
1355 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1356 skb = skb_dequeue(&sk->sk_receive_queue);
1357 if (skb)
1358 break;
1360 if (flags & O_NONBLOCK) {
1361 err = -EWOULDBLOCK;
1362 break;
1364 if (!signal_pending(current)) {
1365 release_sock(sk);
1366 schedule();
1367 lock_sock(sk);
1368 continue;
1370 err = -ERESTARTSYS;
1371 break;
1373 finish_wait(sk_sleep(sk), &wait);
1375 if (err)
1376 goto out;
1378 newsk = skb->sk;
1379 sock_graft(newsk, newsock);
1381 /* Now attach up the new socket */
1382 kfree_skb(skb);
1383 sk->sk_ack_backlog--;
1384 newsock->state = SS_CONNECTED;
1386 out:
1387 release_sock(sk);
1389 return err;
1392 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1393 int *uaddr_len, int peer)
1395 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1396 struct sock *sk = sock->sk;
1397 unsigned char ndigi, i;
1398 ax25_cb *ax25;
1399 int err = 0;
1401 memset(fsa, 0, sizeof(*fsa));
1402 lock_sock(sk);
1403 ax25 = ax25_sk(sk);
1405 if (peer != 0) {
1406 if (sk->sk_state != TCP_ESTABLISHED) {
1407 err = -ENOTCONN;
1408 goto out;
1411 fsa->fsa_ax25.sax25_family = AF_AX25;
1412 fsa->fsa_ax25.sax25_call = ax25->dest_addr;
1414 if (ax25->digipeat != NULL) {
1415 ndigi = ax25->digipeat->ndigi;
1416 fsa->fsa_ax25.sax25_ndigis = ndigi;
1417 for (i = 0; i < ndigi; i++)
1418 fsa->fsa_digipeater[i] =
1419 ax25->digipeat->calls[i];
1421 } else {
1422 fsa->fsa_ax25.sax25_family = AF_AX25;
1423 fsa->fsa_ax25.sax25_call = ax25->source_addr;
1424 fsa->fsa_ax25.sax25_ndigis = 1;
1425 if (ax25->ax25_dev != NULL) {
1426 memcpy(&fsa->fsa_digipeater[0],
1427 ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1428 } else {
1429 fsa->fsa_digipeater[0] = null_ax25_address;
1432 *uaddr_len = sizeof (struct full_sockaddr_ax25);
1434 out:
1435 release_sock(sk);
1437 return err;
1440 static int ax25_sendmsg(struct kiocb *iocb, struct socket *sock,
1441 struct msghdr *msg, size_t len)
1443 struct sockaddr_ax25 *usax = (struct sockaddr_ax25 *)msg->msg_name;
1444 struct sock *sk = sock->sk;
1445 struct sockaddr_ax25 sax;
1446 struct sk_buff *skb;
1447 ax25_digi dtmp, *dp;
1448 ax25_cb *ax25;
1449 size_t size;
1450 int lv, err, addr_len = msg->msg_namelen;
1452 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1453 return -EINVAL;
1455 lock_sock(sk);
1456 ax25 = ax25_sk(sk);
1458 if (sock_flag(sk, SOCK_ZAPPED)) {
1459 err = -EADDRNOTAVAIL;
1460 goto out;
1463 if (sk->sk_shutdown & SEND_SHUTDOWN) {
1464 send_sig(SIGPIPE, current, 0);
1465 err = -EPIPE;
1466 goto out;
1469 if (ax25->ax25_dev == NULL) {
1470 err = -ENETUNREACH;
1471 goto out;
1474 if (len > ax25->ax25_dev->dev->mtu) {
1475 err = -EMSGSIZE;
1476 goto out;
1479 if (usax != NULL) {
1480 if (usax->sax25_family != AF_AX25) {
1481 err = -EINVAL;
1482 goto out;
1485 if (addr_len == sizeof(struct sockaddr_ax25))
1486 /* ax25_sendmsg(): uses obsolete socket structure */
1488 else if (addr_len != sizeof(struct full_sockaddr_ax25))
1489 /* support for old structure may go away some time
1490 * ax25_sendmsg(): uses old (6 digipeater)
1491 * socket structure.
1493 if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1494 (addr_len > sizeof(struct full_sockaddr_ax25))) {
1495 err = -EINVAL;
1496 goto out;
1500 if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1501 int ct = 0;
1502 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1504 /* Valid number of digipeaters ? */
1505 if (usax->sax25_ndigis < 1 || usax->sax25_ndigis > AX25_MAX_DIGIS) {
1506 err = -EINVAL;
1507 goto out;
1510 dtmp.ndigi = usax->sax25_ndigis;
1512 while (ct < usax->sax25_ndigis) {
1513 dtmp.repeated[ct] = 0;
1514 dtmp.calls[ct] = fsa->fsa_digipeater[ct];
1515 ct++;
1518 dtmp.lastrepeat = 0;
1521 sax = *usax;
1522 if (sk->sk_type == SOCK_SEQPACKET &&
1523 ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1524 err = -EISCONN;
1525 goto out;
1527 if (usax->sax25_ndigis == 0)
1528 dp = NULL;
1529 else
1530 dp = &dtmp;
1531 } else {
1533 * FIXME: 1003.1g - if the socket is like this because
1534 * it has become closed (not started closed) and is VC
1535 * we ought to SIGPIPE, EPIPE
1537 if (sk->sk_state != TCP_ESTABLISHED) {
1538 err = -ENOTCONN;
1539 goto out;
1541 sax.sax25_family = AF_AX25;
1542 sax.sax25_call = ax25->dest_addr;
1543 dp = ax25->digipeat;
1546 /* Build a packet */
1547 /* Assume the worst case */
1548 size = len + ax25->ax25_dev->dev->hard_header_len;
1550 skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1551 if (skb == NULL)
1552 goto out;
1554 skb_reserve(skb, size - len);
1556 /* User data follows immediately after the AX.25 data */
1557 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
1558 err = -EFAULT;
1559 kfree_skb(skb);
1560 goto out;
1563 skb_reset_network_header(skb);
1565 /* Add the PID if one is not supplied by the user in the skb */
1566 if (!ax25->pidincl)
1567 *skb_push(skb, 1) = sk->sk_protocol;
1569 if (sk->sk_type == SOCK_SEQPACKET) {
1570 /* Connected mode sockets go via the LAPB machine */
1571 if (sk->sk_state != TCP_ESTABLISHED) {
1572 kfree_skb(skb);
1573 err = -ENOTCONN;
1574 goto out;
1577 /* Shove it onto the queue and kick */
1578 ax25_output(ax25, ax25->paclen, skb);
1580 err = len;
1581 goto out;
1584 skb_push(skb, 1 + ax25_addr_size(dp));
1586 /* Building AX.25 Header */
1588 /* Build an AX.25 header */
1589 lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1590 dp, AX25_COMMAND, AX25_MODULUS);
1592 skb_set_transport_header(skb, lv);
1594 *skb_transport_header(skb) = AX25_UI;
1596 /* Datagram frames go straight out of the door as UI */
1597 ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1599 err = len;
1601 out:
1602 release_sock(sk);
1604 return err;
1607 static int ax25_recvmsg(struct kiocb *iocb, struct socket *sock,
1608 struct msghdr *msg, size_t size, int flags)
1610 struct sock *sk = sock->sk;
1611 struct sk_buff *skb;
1612 int copied;
1613 int err = 0;
1615 lock_sock(sk);
1617 * This works for seqpacket too. The receiver has ordered the
1618 * queue for us! We do one quick check first though
1620 if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1621 err = -ENOTCONN;
1622 goto out;
1625 /* Now we can treat all alike */
1626 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1627 flags & MSG_DONTWAIT, &err);
1628 if (skb == NULL)
1629 goto out;
1631 if (!ax25_sk(sk)->pidincl)
1632 skb_pull(skb, 1); /* Remove PID */
1634 skb_reset_transport_header(skb);
1635 copied = skb->len;
1637 if (copied > size) {
1638 copied = size;
1639 msg->msg_flags |= MSG_TRUNC;
1642 skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1644 if (msg->msg_namelen != 0) {
1645 struct sockaddr_ax25 *sax = (struct sockaddr_ax25 *)msg->msg_name;
1646 ax25_digi digi;
1647 ax25_address src;
1648 const unsigned char *mac = skb_mac_header(skb);
1650 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1651 &digi, NULL, NULL);
1652 sax->sax25_family = AF_AX25;
1653 /* We set this correctly, even though we may not let the
1654 application know the digi calls further down (because it
1655 did NOT ask to know them). This could get political... **/
1656 sax->sax25_ndigis = digi.ndigi;
1657 sax->sax25_call = src;
1659 if (sax->sax25_ndigis != 0) {
1660 int ct;
1661 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1663 for (ct = 0; ct < digi.ndigi; ct++)
1664 fsa->fsa_digipeater[ct] = digi.calls[ct];
1666 msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1669 skb_free_datagram(sk, skb);
1670 err = copied;
1672 out:
1673 release_sock(sk);
1675 return err;
1678 static int ax25_shutdown(struct socket *sk, int how)
1680 /* FIXME - generate DM and RNR states */
1681 return -EOPNOTSUPP;
1684 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1686 struct sock *sk = sock->sk;
1687 void __user *argp = (void __user *)arg;
1688 int res = 0;
1690 lock_sock(sk);
1691 switch (cmd) {
1692 case TIOCOUTQ: {
1693 long amount;
1695 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1696 if (amount < 0)
1697 amount = 0;
1698 res = put_user(amount, (int __user *)argp);
1699 break;
1702 case TIOCINQ: {
1703 struct sk_buff *skb;
1704 long amount = 0L;
1705 /* These two are safe on a single CPU system as only user tasks fiddle here */
1706 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1707 amount = skb->len;
1708 res = put_user(amount, (int __user *) argp);
1709 break;
1712 case SIOCGSTAMP:
1713 res = sock_get_timestamp(sk, argp);
1714 break;
1716 case SIOCGSTAMPNS:
1717 res = sock_get_timestampns(sk, argp);
1718 break;
1720 case SIOCAX25ADDUID: /* Add a uid to the uid/call map table */
1721 case SIOCAX25DELUID: /* Delete a uid from the uid/call map table */
1722 case SIOCAX25GETUID: {
1723 struct sockaddr_ax25 sax25;
1724 if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1725 res = -EFAULT;
1726 break;
1728 res = ax25_uid_ioctl(cmd, &sax25);
1729 break;
1732 case SIOCAX25NOUID: { /* Set the default policy (default/bar) */
1733 long amount;
1734 if (!capable(CAP_NET_ADMIN)) {
1735 res = -EPERM;
1736 break;
1738 if (get_user(amount, (long __user *)argp)) {
1739 res = -EFAULT;
1740 break;
1742 if (amount > AX25_NOUID_BLOCK) {
1743 res = -EINVAL;
1744 break;
1746 ax25_uid_policy = amount;
1747 res = 0;
1748 break;
1751 case SIOCADDRT:
1752 case SIOCDELRT:
1753 case SIOCAX25OPTRT:
1754 if (!capable(CAP_NET_ADMIN)) {
1755 res = -EPERM;
1756 break;
1758 res = ax25_rt_ioctl(cmd, argp);
1759 break;
1761 case SIOCAX25CTLCON:
1762 if (!capable(CAP_NET_ADMIN)) {
1763 res = -EPERM;
1764 break;
1766 res = ax25_ctl_ioctl(cmd, argp);
1767 break;
1769 case SIOCAX25GETINFO:
1770 case SIOCAX25GETINFOOLD: {
1771 ax25_cb *ax25 = ax25_sk(sk);
1772 struct ax25_info_struct ax25_info;
1774 ax25_info.t1 = ax25->t1 / HZ;
1775 ax25_info.t2 = ax25->t2 / HZ;
1776 ax25_info.t3 = ax25->t3 / HZ;
1777 ax25_info.idle = ax25->idle / (60 * HZ);
1778 ax25_info.n2 = ax25->n2;
1779 ax25_info.t1timer = ax25_display_timer(&ax25->t1timer) / HZ;
1780 ax25_info.t2timer = ax25_display_timer(&ax25->t2timer) / HZ;
1781 ax25_info.t3timer = ax25_display_timer(&ax25->t3timer) / HZ;
1782 ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1783 ax25_info.n2count = ax25->n2count;
1784 ax25_info.state = ax25->state;
1785 ax25_info.rcv_q = sk_rmem_alloc_get(sk);
1786 ax25_info.snd_q = sk_wmem_alloc_get(sk);
1787 ax25_info.vs = ax25->vs;
1788 ax25_info.vr = ax25->vr;
1789 ax25_info.va = ax25->va;
1790 ax25_info.vs_max = ax25->vs; /* reserved */
1791 ax25_info.paclen = ax25->paclen;
1792 ax25_info.window = ax25->window;
1794 /* old structure? */
1795 if (cmd == SIOCAX25GETINFOOLD) {
1796 static int warned = 0;
1797 if (!warned) {
1798 printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1799 current->comm);
1800 warned=1;
1803 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1804 res = -EFAULT;
1805 break;
1807 } else {
1808 if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1809 res = -EINVAL;
1810 break;
1813 res = 0;
1814 break;
1817 case SIOCAX25ADDFWD:
1818 case SIOCAX25DELFWD: {
1819 struct ax25_fwd_struct ax25_fwd;
1820 if (!capable(CAP_NET_ADMIN)) {
1821 res = -EPERM;
1822 break;
1824 if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1825 res = -EFAULT;
1826 break;
1828 res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1829 break;
1832 case SIOCGIFADDR:
1833 case SIOCSIFADDR:
1834 case SIOCGIFDSTADDR:
1835 case SIOCSIFDSTADDR:
1836 case SIOCGIFBRDADDR:
1837 case SIOCSIFBRDADDR:
1838 case SIOCGIFNETMASK:
1839 case SIOCSIFNETMASK:
1840 case SIOCGIFMETRIC:
1841 case SIOCSIFMETRIC:
1842 res = -EINVAL;
1843 break;
1845 default:
1846 res = -ENOIOCTLCMD;
1847 break;
1849 release_sock(sk);
1851 return res;
1854 #ifdef CONFIG_PROC_FS
1856 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1857 __acquires(ax25_list_lock)
1859 spin_lock_bh(&ax25_list_lock);
1860 return seq_hlist_start(&ax25_list, *pos);
1863 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1865 return seq_hlist_next(v, &ax25_list, pos);
1868 static void ax25_info_stop(struct seq_file *seq, void *v)
1869 __releases(ax25_list_lock)
1871 spin_unlock_bh(&ax25_list_lock);
1874 static int ax25_info_show(struct seq_file *seq, void *v)
1876 ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1877 char buf[11];
1878 int k;
1882 * New format:
1883 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1886 seq_printf(seq, "%8.8lx %s %s%s ",
1887 (long) ax25,
1888 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1889 ax2asc(buf, &ax25->source_addr),
1890 ax25->iamdigi? "*":"");
1891 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1893 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1894 seq_printf(seq, ",%s%s",
1895 ax2asc(buf, &ax25->digipeat->calls[k]),
1896 ax25->digipeat->repeated[k]? "*":"");
1899 seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1900 ax25->state,
1901 ax25->vs, ax25->vr, ax25->va,
1902 ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1903 ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1904 ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1905 ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1906 ax25->idle / (60 * HZ),
1907 ax25->n2count, ax25->n2,
1908 ax25->rtt / HZ,
1909 ax25->window,
1910 ax25->paclen);
1912 if (ax25->sk != NULL) {
1913 seq_printf(seq, " %d %d %lu\n",
1914 sk_wmem_alloc_get(ax25->sk),
1915 sk_rmem_alloc_get(ax25->sk),
1916 sock_i_ino(ax25->sk));
1917 } else {
1918 seq_puts(seq, " * * *\n");
1920 return 0;
1923 static const struct seq_operations ax25_info_seqops = {
1924 .start = ax25_info_start,
1925 .next = ax25_info_next,
1926 .stop = ax25_info_stop,
1927 .show = ax25_info_show,
1930 static int ax25_info_open(struct inode *inode, struct file *file)
1932 return seq_open(file, &ax25_info_seqops);
1935 static const struct file_operations ax25_info_fops = {
1936 .owner = THIS_MODULE,
1937 .open = ax25_info_open,
1938 .read = seq_read,
1939 .llseek = seq_lseek,
1940 .release = seq_release,
1943 #endif
1945 static const struct net_proto_family ax25_family_ops = {
1946 .family = PF_AX25,
1947 .create = ax25_create,
1948 .owner = THIS_MODULE,
1951 static const struct proto_ops ax25_proto_ops = {
1952 .family = PF_AX25,
1953 .owner = THIS_MODULE,
1954 .release = ax25_release,
1955 .bind = ax25_bind,
1956 .connect = ax25_connect,
1957 .socketpair = sock_no_socketpair,
1958 .accept = ax25_accept,
1959 .getname = ax25_getname,
1960 .poll = datagram_poll,
1961 .ioctl = ax25_ioctl,
1962 .listen = ax25_listen,
1963 .shutdown = ax25_shutdown,
1964 .setsockopt = ax25_setsockopt,
1965 .getsockopt = ax25_getsockopt,
1966 .sendmsg = ax25_sendmsg,
1967 .recvmsg = ax25_recvmsg,
1968 .mmap = sock_no_mmap,
1969 .sendpage = sock_no_sendpage,
1973 * Called by socket.c on kernel start up
1975 static struct packet_type ax25_packet_type __read_mostly = {
1976 .type = cpu_to_be16(ETH_P_AX25),
1977 .func = ax25_kiss_rcv,
1980 static struct notifier_block ax25_dev_notifier = {
1981 .notifier_call =ax25_device_event,
1984 static int __init ax25_init(void)
1986 int rc = proto_register(&ax25_proto, 0);
1988 if (rc != 0)
1989 goto out;
1991 sock_register(&ax25_family_ops);
1992 dev_add_pack(&ax25_packet_type);
1993 register_netdevice_notifier(&ax25_dev_notifier);
1994 ax25_register_sysctl();
1996 proc_net_fops_create(&init_net, "ax25_route", S_IRUGO, &ax25_route_fops);
1997 proc_net_fops_create(&init_net, "ax25", S_IRUGO, &ax25_info_fops);
1998 proc_net_fops_create(&init_net, "ax25_calls", S_IRUGO, &ax25_uid_fops);
1999 out:
2000 return rc;
2002 module_init(ax25_init);
2005 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2006 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2007 MODULE_LICENSE("GPL");
2008 MODULE_ALIAS_NETPROTO(PF_AX25);
2010 static void __exit ax25_exit(void)
2012 proc_net_remove(&init_net, "ax25_route");
2013 proc_net_remove(&init_net, "ax25");
2014 proc_net_remove(&init_net, "ax25_calls");
2016 unregister_netdevice_notifier(&ax25_dev_notifier);
2017 ax25_unregister_sysctl();
2019 dev_remove_pack(&ax25_packet_type);
2021 sock_unregister(PF_AX25);
2022 proto_unregister(&ax25_proto);
2024 ax25_rt_free();
2025 ax25_uid_free();
2026 ax25_dev_free();
2028 module_exit(ax25_exit);