1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *
4  * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
5  * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
6  * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
7  * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
8  * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
9  * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
10  * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
11  * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
12  */
13 #include <linux/capability.h>
14 #include <linux/module.h>
15 #include <linux/errno.h>
16 #include <linux/types.h>
17 #include <linux/socket.h>
18 #include <linux/in.h>
19 #include <linux/kernel.h>
20 #include <linux/sched/signal.h>
21 #include <linux/timer.h>
22 #include <linux/string.h>
23 #include <linux/sockios.h>
24 #include <linux/net.h>
25 #include <linux/slab.h>
26 #include <net/ax25.h>
27 #include <linux/inet.h>
28 #include <linux/netdevice.h>
29 #include <linux/if_arp.h>
30 #include <linux/skbuff.h>
31 #include <net/sock.h>
32 #include <linux/uaccess.h>
33 #include <linux/fcntl.h>
34 #include <linux/termios.h>	/* For TIOCINQ/OUTQ */
35 #include <linux/mm.h>
36 #include <linux/interrupt.h>
37 #include <linux/notifier.h>
38 #include <linux/proc_fs.h>
39 #include <linux/stat.h>
40 #include <linux/sysctl.h>
41 #include <linux/init.h>
42 #include <linux/spinlock.h>
43 #include <net/net_namespace.h>
44 #include <net/tcp_states.h>
45 #include <net/ip.h>
46 #include <net/arp.h>
47 
48 
49 
50 HLIST_HEAD(ax25_list);
51 DEFINE_SPINLOCK(ax25_list_lock);
52 
53 static const struct proto_ops ax25_proto_ops;
54 
ax25_free_sock(struct sock * sk)55 static void ax25_free_sock(struct sock *sk)
56 {
57 	ax25_cb_put(sk_to_ax25(sk));
58 }
59 
60 /*
61  *	Socket removal during an interrupt is now safe.
62  */
ax25_cb_del(ax25_cb * ax25)63 static void ax25_cb_del(ax25_cb *ax25)
64 {
65 	spin_lock_bh(&ax25_list_lock);
66 	if (!hlist_unhashed(&ax25->ax25_node)) {
67 		hlist_del_init(&ax25->ax25_node);
68 		ax25_cb_put(ax25);
69 	}
70 	spin_unlock_bh(&ax25_list_lock);
71 }
72 
73 /*
74  *	Kill all bound sockets on a dropped device.
75  */
ax25_kill_by_device(struct net_device * dev)76 static void ax25_kill_by_device(struct net_device *dev)
77 {
78 	ax25_dev *ax25_dev;
79 	ax25_cb *s;
80 	struct sock *sk;
81 
82 	if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
83 		return;
84 	ax25_dev->device_up = false;
85 
86 	spin_lock_bh(&ax25_list_lock);
87 again:
88 	ax25_for_each(s, &ax25_list) {
89 		if (s->ax25_dev == ax25_dev) {
90 			sk = s->sk;
91 			if (!sk) {
92 				spin_unlock_bh(&ax25_list_lock);
93 				ax25_disconnect(s, ENETUNREACH);
94 				s->ax25_dev = NULL;
95 				ax25_cb_del(s);
96 				spin_lock_bh(&ax25_list_lock);
97 				goto again;
98 			}
99 			sock_hold(sk);
100 			spin_unlock_bh(&ax25_list_lock);
101 			lock_sock(sk);
102 			ax25_disconnect(s, ENETUNREACH);
103 			s->ax25_dev = NULL;
104 			if (sk->sk_socket) {
105 				netdev_put(ax25_dev->dev,
106 					   &ax25_dev->dev_tracker);
107 				ax25_dev_put(ax25_dev);
108 			}
109 			ax25_cb_del(s);
110 			release_sock(sk);
111 			spin_lock_bh(&ax25_list_lock);
112 			sock_put(sk);
113 			/* The entry could have been deleted from the
114 			 * list meanwhile and thus the next pointer is
115 			 * no longer valid.  Play it safe and restart
116 			 * the scan.  Forward progress is ensured
117 			 * because we set s->ax25_dev to NULL and we
118 			 * are never passed a NULL 'dev' argument.
119 			 */
120 			goto again;
121 		}
122 	}
123 	spin_unlock_bh(&ax25_list_lock);
124 }
125 
126 /*
127  *	Handle device status changes.
128  */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)129 static int ax25_device_event(struct notifier_block *this, unsigned long event,
130 			     void *ptr)
131 {
132 	struct net_device *dev = netdev_notifier_info_to_dev(ptr);
133 
134 	if (!net_eq(dev_net(dev), &init_net))
135 		return NOTIFY_DONE;
136 
137 	/* Reject non AX.25 devices */
138 	if (dev->type != ARPHRD_AX25)
139 		return NOTIFY_DONE;
140 
141 	switch (event) {
142 	case NETDEV_UP:
143 		ax25_dev_device_up(dev);
144 		break;
145 	case NETDEV_DOWN:
146 		ax25_kill_by_device(dev);
147 		ax25_rt_device_down(dev);
148 		ax25_dev_device_down(dev);
149 		break;
150 	default:
151 		break;
152 	}
153 
154 	return NOTIFY_DONE;
155 }
156 
157 /*
158  *	Add a socket to the bound sockets list.
159  */
ax25_cb_add(ax25_cb * ax25)160 void ax25_cb_add(ax25_cb *ax25)
161 {
162 	spin_lock_bh(&ax25_list_lock);
163 	ax25_cb_hold(ax25);
164 	hlist_add_head(&ax25->ax25_node, &ax25_list);
165 	spin_unlock_bh(&ax25_list_lock);
166 }
167 
168 /*
169  *	Find a socket that wants to accept the SABM we have just
170  *	received.
171  */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)172 struct sock *ax25_find_listener(ax25_address *addr, int digi,
173 	struct net_device *dev, int type)
174 {
175 	ax25_cb *s;
176 
177 	spin_lock(&ax25_list_lock);
178 	ax25_for_each(s, &ax25_list) {
179 		if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
180 			continue;
181 		if (s->sk && !ax25cmp(&s->source_addr, addr) &&
182 		    s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
183 			/* If device is null we match any device */
184 			if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
185 				sock_hold(s->sk);
186 				spin_unlock(&ax25_list_lock);
187 				return s->sk;
188 			}
189 		}
190 	}
191 	spin_unlock(&ax25_list_lock);
192 
193 	return NULL;
194 }
195 
196 /*
197  *	Find an AX.25 socket given both ends.
198  */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)199 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
200 	int type)
201 {
202 	struct sock *sk = NULL;
203 	ax25_cb *s;
204 
205 	spin_lock(&ax25_list_lock);
206 	ax25_for_each(s, &ax25_list) {
207 		if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
208 		    !ax25cmp(&s->dest_addr, dest_addr) &&
209 		    s->sk->sk_type == type) {
210 			sk = s->sk;
211 			sock_hold(sk);
212 			break;
213 		}
214 	}
215 
216 	spin_unlock(&ax25_list_lock);
217 
218 	return sk;
219 }
220 
221 /*
222  *	Find an AX.25 control block given both ends. It will only pick up
223  *	floating AX.25 control blocks or non Raw socket bound control blocks.
224  */
ax25_find_cb(const ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)225 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr,
226 	ax25_digi *digi, struct net_device *dev)
227 {
228 	ax25_cb *s;
229 
230 	spin_lock_bh(&ax25_list_lock);
231 	ax25_for_each(s, &ax25_list) {
232 		if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
233 			continue;
234 		if (s->ax25_dev == NULL)
235 			continue;
236 		if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
237 			if (digi != NULL && digi->ndigi != 0) {
238 				if (s->digipeat == NULL)
239 					continue;
240 				if (ax25digicmp(s->digipeat, digi) != 0)
241 					continue;
242 			} else {
243 				if (s->digipeat != NULL && s->digipeat->ndigi != 0)
244 					continue;
245 			}
246 			ax25_cb_hold(s);
247 			spin_unlock_bh(&ax25_list_lock);
248 
249 			return s;
250 		}
251 	}
252 	spin_unlock_bh(&ax25_list_lock);
253 
254 	return NULL;
255 }
256 
257 EXPORT_SYMBOL(ax25_find_cb);
258 
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)259 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
260 {
261 	ax25_cb *s;
262 	struct sk_buff *copy;
263 
264 	spin_lock(&ax25_list_lock);
265 	ax25_for_each(s, &ax25_list) {
266 		if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
267 		    s->sk->sk_type == SOCK_RAW &&
268 		    s->sk->sk_protocol == proto &&
269 		    s->ax25_dev->dev == skb->dev &&
270 		    atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
271 			if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
272 				continue;
273 			if (sock_queue_rcv_skb(s->sk, copy) != 0)
274 				kfree_skb(copy);
275 		}
276 	}
277 	spin_unlock(&ax25_list_lock);
278 }
279 
280 /*
281  *	Deferred destroy.
282  */
283 void ax25_destroy_socket(ax25_cb *);
284 
285 /*
286  *	Handler for deferred kills.
287  */
ax25_destroy_timer(struct timer_list * t)288 static void ax25_destroy_timer(struct timer_list *t)
289 {
290 	ax25_cb *ax25 = from_timer(ax25, t, dtimer);
291 	struct sock *sk;
292 
293 	sk=ax25->sk;
294 
295 	bh_lock_sock(sk);
296 	sock_hold(sk);
297 	ax25_destroy_socket(ax25);
298 	bh_unlock_sock(sk);
299 	sock_put(sk);
300 }
301 
302 /*
303  *	This is called from user mode and the timers. Thus it protects itself
304  *	against interrupt users but doesn't worry about being called during
305  *	work. Once it is removed from the queue no interrupt or bottom half
306  *	will touch it and we are (fairly 8-) ) safe.
307  */
ax25_destroy_socket(ax25_cb * ax25)308 void ax25_destroy_socket(ax25_cb *ax25)
309 {
310 	struct sk_buff *skb;
311 
312 	ax25_cb_del(ax25);
313 
314 	ax25_stop_heartbeat(ax25);
315 	ax25_stop_t1timer(ax25);
316 	ax25_stop_t2timer(ax25);
317 	ax25_stop_t3timer(ax25);
318 	ax25_stop_idletimer(ax25);
319 
320 	ax25_clear_queues(ax25);	/* Flush the queues */
321 
322 	if (ax25->sk != NULL) {
323 		while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
324 			if (skb->sk != ax25->sk) {
325 				/* A pending connection */
326 				ax25_cb *sax25 = sk_to_ax25(skb->sk);
327 
328 				/* Queue the unaccepted socket for death */
329 				sock_orphan(skb->sk);
330 
331 				/* 9A4GL: hack to release unaccepted sockets */
332 				skb->sk->sk_state = TCP_LISTEN;
333 
334 				ax25_start_heartbeat(sax25);
335 				sax25->state = AX25_STATE_0;
336 			}
337 
338 			kfree_skb(skb);
339 		}
340 		skb_queue_purge(&ax25->sk->sk_write_queue);
341 	}
342 
343 	if (ax25->sk != NULL) {
344 		if (sk_has_allocations(ax25->sk)) {
345 			/* Defer: outstanding buffers */
346 			timer_setup(&ax25->dtimer, ax25_destroy_timer, 0);
347 			ax25->dtimer.expires  = jiffies + 2 * HZ;
348 			add_timer(&ax25->dtimer);
349 		} else {
350 			struct sock *sk=ax25->sk;
351 			ax25->sk=NULL;
352 			sock_put(sk);
353 		}
354 	} else {
355 		ax25_cb_put(ax25);
356 	}
357 }
358 
359 /*
360  * dl1bke 960311: set parameters for existing AX.25 connections,
361  *		  includes a KILL command to abort any connection.
362  *		  VERY useful for debugging ;-)
363  */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)364 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
365 {
366 	struct ax25_ctl_struct ax25_ctl;
367 	ax25_digi digi;
368 	ax25_dev *ax25_dev;
369 	ax25_cb *ax25;
370 	unsigned int k;
371 	int ret = 0;
372 
373 	if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
374 		return -EFAULT;
375 
376 	if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
377 		return -EINVAL;
378 
379 	if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
380 		return -EINVAL;
381 
382 	ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr);
383 	if (!ax25_dev)
384 		return -ENODEV;
385 
386 	digi.ndigi = ax25_ctl.digi_count;
387 	for (k = 0; k < digi.ndigi; k++)
388 		digi.calls[k] = ax25_ctl.digi_addr[k];
389 
390 	ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev);
391 	if (!ax25) {
392 		ax25_dev_put(ax25_dev);
393 		return -ENOTCONN;
394 	}
395 
396 	switch (ax25_ctl.cmd) {
397 	case AX25_KILL:
398 		ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
399 #ifdef CONFIG_AX25_DAMA_SLAVE
400 		if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
401 			ax25_dama_off(ax25);
402 #endif
403 		ax25_disconnect(ax25, ENETRESET);
404 		break;
405 
406 	case AX25_WINDOW:
407 		if (ax25->modulus == AX25_MODULUS) {
408 			if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
409 				goto einval_put;
410 		} else {
411 			if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
412 				goto einval_put;
413 		}
414 		ax25->window = ax25_ctl.arg;
415 		break;
416 
417 	case AX25_T1:
418 		if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
419 			goto einval_put;
420 		ax25->rtt = (ax25_ctl.arg * HZ) / 2;
421 		ax25->t1  = ax25_ctl.arg * HZ;
422 		break;
423 
424 	case AX25_T2:
425 		if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
426 			goto einval_put;
427 		ax25->t2 = ax25_ctl.arg * HZ;
428 		break;
429 
430 	case AX25_N2:
431 		if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
432 			goto einval_put;
433 		ax25->n2count = 0;
434 		ax25->n2 = ax25_ctl.arg;
435 		break;
436 
437 	case AX25_T3:
438 		if (ax25_ctl.arg > ULONG_MAX / HZ)
439 			goto einval_put;
440 		ax25->t3 = ax25_ctl.arg * HZ;
441 		break;
442 
443 	case AX25_IDLE:
444 		if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
445 			goto einval_put;
446 
447 		ax25->idle = ax25_ctl.arg * 60 * HZ;
448 		break;
449 
450 	case AX25_PACLEN:
451 		if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
452 			goto einval_put;
453 		ax25->paclen = ax25_ctl.arg;
454 		break;
455 
456 	default:
457 		goto einval_put;
458 	  }
459 
460 out_put:
461 	ax25_dev_put(ax25_dev);
462 	ax25_cb_put(ax25);
463 	return ret;
464 
465 einval_put:
466 	ret = -EINVAL;
467 	goto out_put;
468 }
469 
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)470 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
471 {
472 	ax25->rtt     = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
473 	ax25->t1      = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
474 	ax25->t2      = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
475 	ax25->t3      = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
476 	ax25->n2      = ax25_dev->values[AX25_VALUES_N2];
477 	ax25->paclen  = ax25_dev->values[AX25_VALUES_PACLEN];
478 	ax25->idle    = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
479 	ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
480 
481 	if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
482 		ax25->modulus = AX25_EMODULUS;
483 		ax25->window  = ax25_dev->values[AX25_VALUES_EWINDOW];
484 	} else {
485 		ax25->modulus = AX25_MODULUS;
486 		ax25->window  = ax25_dev->values[AX25_VALUES_WINDOW];
487 	}
488 }
489 
490 /*
491  *	Fill in a created AX.25 created control block with the default
492  *	values for a particular device.
493  */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)494 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
495 {
496 	ax25->ax25_dev = ax25_dev;
497 
498 	if (ax25->ax25_dev != NULL) {
499 		ax25_fillin_cb_from_dev(ax25, ax25_dev);
500 		return;
501 	}
502 
503 	/*
504 	 * No device, use kernel / AX.25 spec default values
505 	 */
506 	ax25->rtt     = msecs_to_jiffies(AX25_DEF_T1) / 2;
507 	ax25->t1      = msecs_to_jiffies(AX25_DEF_T1);
508 	ax25->t2      = msecs_to_jiffies(AX25_DEF_T2);
509 	ax25->t3      = msecs_to_jiffies(AX25_DEF_T3);
510 	ax25->n2      = AX25_DEF_N2;
511 	ax25->paclen  = AX25_DEF_PACLEN;
512 	ax25->idle    = msecs_to_jiffies(AX25_DEF_IDLE);
513 	ax25->backoff = AX25_DEF_BACKOFF;
514 
515 	if (AX25_DEF_AXDEFMODE) {
516 		ax25->modulus = AX25_EMODULUS;
517 		ax25->window  = AX25_DEF_EWINDOW;
518 	} else {
519 		ax25->modulus = AX25_MODULUS;
520 		ax25->window  = AX25_DEF_WINDOW;
521 	}
522 }
523 
524 /*
525  * Create an empty AX.25 control block.
526  */
ax25_create_cb(void)527 ax25_cb *ax25_create_cb(void)
528 {
529 	ax25_cb *ax25;
530 
531 	if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
532 		return NULL;
533 
534 	refcount_set(&ax25->refcount, 1);
535 
536 	skb_queue_head_init(&ax25->write_queue);
537 	skb_queue_head_init(&ax25->frag_queue);
538 	skb_queue_head_init(&ax25->ack_queue);
539 	skb_queue_head_init(&ax25->reseq_queue);
540 
541 	ax25_setup_timers(ax25);
542 
543 	ax25_fillin_cb(ax25, NULL);
544 
545 	ax25->state = AX25_STATE_0;
546 
547 	return ax25;
548 }
549 
550 /*
551  *	Handling for system calls applied via the various interfaces to an
552  *	AX25 socket object
553  */
554 
ax25_setsockopt(struct socket * sock,int level,int optname,sockptr_t optval,unsigned int optlen)555 static int ax25_setsockopt(struct socket *sock, int level, int optname,
556 		sockptr_t optval, unsigned int optlen)
557 {
558 	struct sock *sk = sock->sk;
559 	ax25_cb *ax25;
560 	struct net_device *dev;
561 	char devname[IFNAMSIZ];
562 	unsigned int opt;
563 	int res = 0;
564 
565 	if (level != SOL_AX25)
566 		return -ENOPROTOOPT;
567 
568 	if (optlen < sizeof(unsigned int))
569 		return -EINVAL;
570 
571 	if (copy_from_sockptr(&opt, optval, sizeof(unsigned int)))
572 		return -EFAULT;
573 
574 	lock_sock(sk);
575 	ax25 = sk_to_ax25(sk);
576 
577 	switch (optname) {
578 	case AX25_WINDOW:
579 		if (ax25->modulus == AX25_MODULUS) {
580 			if (opt < 1 || opt > 7) {
581 				res = -EINVAL;
582 				break;
583 			}
584 		} else {
585 			if (opt < 1 || opt > 63) {
586 				res = -EINVAL;
587 				break;
588 			}
589 		}
590 		ax25->window = opt;
591 		break;
592 
593 	case AX25_T1:
594 		if (opt < 1 || opt > UINT_MAX / HZ) {
595 			res = -EINVAL;
596 			break;
597 		}
598 		ax25->rtt = (opt * HZ) >> 1;
599 		ax25->t1  = opt * HZ;
600 		break;
601 
602 	case AX25_T2:
603 		if (opt < 1 || opt > UINT_MAX / HZ) {
604 			res = -EINVAL;
605 			break;
606 		}
607 		ax25->t2 = opt * HZ;
608 		break;
609 
610 	case AX25_N2:
611 		if (opt < 1 || opt > 31) {
612 			res = -EINVAL;
613 			break;
614 		}
615 		ax25->n2 = opt;
616 		break;
617 
618 	case AX25_T3:
619 		if (opt < 1 || opt > UINT_MAX / HZ) {
620 			res = -EINVAL;
621 			break;
622 		}
623 		ax25->t3 = opt * HZ;
624 		break;
625 
626 	case AX25_IDLE:
627 		if (opt > UINT_MAX / (60 * HZ)) {
628 			res = -EINVAL;
629 			break;
630 		}
631 		ax25->idle = opt * 60 * HZ;
632 		break;
633 
634 	case AX25_BACKOFF:
635 		if (opt > 2) {
636 			res = -EINVAL;
637 			break;
638 		}
639 		ax25->backoff = opt;
640 		break;
641 
642 	case AX25_EXTSEQ:
643 		ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
644 		break;
645 
646 	case AX25_PIDINCL:
647 		ax25->pidincl = opt ? 1 : 0;
648 		break;
649 
650 	case AX25_IAMDIGI:
651 		ax25->iamdigi = opt ? 1 : 0;
652 		break;
653 
654 	case AX25_PACLEN:
655 		if (opt < 16 || opt > 65535) {
656 			res = -EINVAL;
657 			break;
658 		}
659 		ax25->paclen = opt;
660 		break;
661 
662 	case SO_BINDTODEVICE:
663 		if (optlen > IFNAMSIZ - 1)
664 			optlen = IFNAMSIZ - 1;
665 
666 		memset(devname, 0, sizeof(devname));
667 
668 		if (copy_from_sockptr(devname, optval, optlen)) {
669 			res = -EFAULT;
670 			break;
671 		}
672 
673 		if (sk->sk_type == SOCK_SEQPACKET &&
674 		   (sock->state != SS_UNCONNECTED ||
675 		    sk->sk_state == TCP_LISTEN)) {
676 			res = -EADDRNOTAVAIL;
677 			break;
678 		}
679 
680 		rtnl_lock();
681 		dev = __dev_get_by_name(&init_net, devname);
682 		if (!dev) {
683 			rtnl_unlock();
684 			res = -ENODEV;
685 			break;
686 		}
687 
688 		ax25->ax25_dev = ax25_dev_ax25dev(dev);
689 		if (!ax25->ax25_dev) {
690 			rtnl_unlock();
691 			res = -ENODEV;
692 			break;
693 		}
694 		ax25_fillin_cb(ax25, ax25->ax25_dev);
695 		rtnl_unlock();
696 		break;
697 
698 	default:
699 		res = -ENOPROTOOPT;
700 	}
701 	release_sock(sk);
702 
703 	return res;
704 }
705 
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)706 static int ax25_getsockopt(struct socket *sock, int level, int optname,
707 	char __user *optval, int __user *optlen)
708 {
709 	struct sock *sk = sock->sk;
710 	ax25_cb *ax25;
711 	struct ax25_dev *ax25_dev;
712 	char devname[IFNAMSIZ];
713 	void *valptr;
714 	int val = 0;
715 	int maxlen, length;
716 
717 	if (level != SOL_AX25)
718 		return -ENOPROTOOPT;
719 
720 	if (get_user(maxlen, optlen))
721 		return -EFAULT;
722 
723 	if (maxlen < 1)
724 		return -EFAULT;
725 
726 	valptr = &val;
727 	length = min_t(unsigned int, maxlen, sizeof(int));
728 
729 	lock_sock(sk);
730 	ax25 = sk_to_ax25(sk);
731 
732 	switch (optname) {
733 	case AX25_WINDOW:
734 		val = ax25->window;
735 		break;
736 
737 	case AX25_T1:
738 		val = ax25->t1 / HZ;
739 		break;
740 
741 	case AX25_T2:
742 		val = ax25->t2 / HZ;
743 		break;
744 
745 	case AX25_N2:
746 		val = ax25->n2;
747 		break;
748 
749 	case AX25_T3:
750 		val = ax25->t3 / HZ;
751 		break;
752 
753 	case AX25_IDLE:
754 		val = ax25->idle / (60 * HZ);
755 		break;
756 
757 	case AX25_BACKOFF:
758 		val = ax25->backoff;
759 		break;
760 
761 	case AX25_EXTSEQ:
762 		val = (ax25->modulus == AX25_EMODULUS);
763 		break;
764 
765 	case AX25_PIDINCL:
766 		val = ax25->pidincl;
767 		break;
768 
769 	case AX25_IAMDIGI:
770 		val = ax25->iamdigi;
771 		break;
772 
773 	case AX25_PACLEN:
774 		val = ax25->paclen;
775 		break;
776 
777 	case SO_BINDTODEVICE:
778 		ax25_dev = ax25->ax25_dev;
779 
780 		if (ax25_dev != NULL && ax25_dev->dev != NULL) {
781 			strscpy(devname, ax25_dev->dev->name, sizeof(devname));
782 			length = strlen(devname) + 1;
783 		} else {
784 			*devname = '\0';
785 			length = 1;
786 		}
787 
788 		valptr = devname;
789 		break;
790 
791 	default:
792 		release_sock(sk);
793 		return -ENOPROTOOPT;
794 	}
795 	release_sock(sk);
796 
797 	if (put_user(length, optlen))
798 		return -EFAULT;
799 
800 	return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
801 }
802 
ax25_listen(struct socket * sock,int backlog)803 static int ax25_listen(struct socket *sock, int backlog)
804 {
805 	struct sock *sk = sock->sk;
806 	int res = 0;
807 
808 	lock_sock(sk);
809 	if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
810 		sk->sk_max_ack_backlog = backlog;
811 		sk->sk_state           = TCP_LISTEN;
812 		goto out;
813 	}
814 	res = -EOPNOTSUPP;
815 
816 out:
817 	release_sock(sk);
818 
819 	return res;
820 }
821 
822 /*
823  * XXX: when creating ax25_sock we should update the .obj_size setting
824  * below.
825  */
826 static struct proto ax25_proto = {
827 	.name	  = "AX25",
828 	.owner	  = THIS_MODULE,
829 	.obj_size = sizeof(struct ax25_sock),
830 };
831 
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)832 static int ax25_create(struct net *net, struct socket *sock, int protocol,
833 		       int kern)
834 {
835 	struct sock *sk;
836 	ax25_cb *ax25;
837 
838 	if (protocol < 0 || protocol > U8_MAX)
839 		return -EINVAL;
840 
841 	if (!net_eq(net, &init_net))
842 		return -EAFNOSUPPORT;
843 
844 	switch (sock->type) {
845 	case SOCK_DGRAM:
846 		if (protocol == 0 || protocol == PF_AX25)
847 			protocol = AX25_P_TEXT;
848 		break;
849 
850 	case SOCK_SEQPACKET:
851 		switch (protocol) {
852 		case 0:
853 		case PF_AX25:	/* For CLX */
854 			protocol = AX25_P_TEXT;
855 			break;
856 		case AX25_P_SEGMENT:
857 #ifdef CONFIG_INET
858 		case AX25_P_ARP:
859 		case AX25_P_IP:
860 #endif
861 #ifdef CONFIG_NETROM
862 		case AX25_P_NETROM:
863 #endif
864 #ifdef CONFIG_ROSE
865 		case AX25_P_ROSE:
866 #endif
867 			return -ESOCKTNOSUPPORT;
868 #ifdef CONFIG_NETROM_MODULE
869 		case AX25_P_NETROM:
870 			if (ax25_protocol_is_registered(AX25_P_NETROM))
871 				return -ESOCKTNOSUPPORT;
872 			break;
873 #endif
874 #ifdef CONFIG_ROSE_MODULE
875 		case AX25_P_ROSE:
876 			if (ax25_protocol_is_registered(AX25_P_ROSE))
877 				return -ESOCKTNOSUPPORT;
878 			break;
879 #endif
880 		default:
881 			break;
882 		}
883 		break;
884 
885 	case SOCK_RAW:
886 		if (!capable(CAP_NET_RAW))
887 			return -EPERM;
888 		break;
889 	default:
890 		return -ESOCKTNOSUPPORT;
891 	}
892 
893 	sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern);
894 	if (sk == NULL)
895 		return -ENOMEM;
896 
897 	ax25 = ax25_sk(sk)->cb = ax25_create_cb();
898 	if (!ax25) {
899 		sk_free(sk);
900 		return -ENOMEM;
901 	}
902 
903 	sock_init_data(sock, sk);
904 
905 	sk->sk_destruct = ax25_free_sock;
906 	sock->ops    = &ax25_proto_ops;
907 	sk->sk_protocol = protocol;
908 
909 	ax25->sk    = sk;
910 
911 	return 0;
912 }
913 
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)914 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
915 {
916 	struct sock *sk;
917 	ax25_cb *ax25, *oax25;
918 
919 	sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0);
920 	if (sk == NULL)
921 		return NULL;
922 
923 	if ((ax25 = ax25_create_cb()) == NULL) {
924 		sk_free(sk);
925 		return NULL;
926 	}
927 
928 	switch (osk->sk_type) {
929 	case SOCK_DGRAM:
930 		break;
931 	case SOCK_SEQPACKET:
932 		break;
933 	default:
934 		sk_free(sk);
935 		ax25_cb_put(ax25);
936 		return NULL;
937 	}
938 
939 	sock_init_data(NULL, sk);
940 
941 	sk->sk_type     = osk->sk_type;
942 	sk->sk_priority = osk->sk_priority;
943 	sk->sk_protocol = osk->sk_protocol;
944 	sk->sk_rcvbuf   = osk->sk_rcvbuf;
945 	sk->sk_sndbuf   = osk->sk_sndbuf;
946 	sk->sk_state    = TCP_ESTABLISHED;
947 	sock_copy_flags(sk, osk);
948 
949 	oax25 = sk_to_ax25(osk);
950 
951 	ax25->modulus = oax25->modulus;
952 	ax25->backoff = oax25->backoff;
953 	ax25->pidincl = oax25->pidincl;
954 	ax25->iamdigi = oax25->iamdigi;
955 	ax25->rtt     = oax25->rtt;
956 	ax25->t1      = oax25->t1;
957 	ax25->t2      = oax25->t2;
958 	ax25->t3      = oax25->t3;
959 	ax25->n2      = oax25->n2;
960 	ax25->idle    = oax25->idle;
961 	ax25->paclen  = oax25->paclen;
962 	ax25->window  = oax25->window;
963 
964 	ax25->ax25_dev    = ax25_dev;
965 	ax25->source_addr = oax25->source_addr;
966 
967 	if (oax25->digipeat != NULL) {
968 		ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
969 					 GFP_ATOMIC);
970 		if (ax25->digipeat == NULL) {
971 			sk_free(sk);
972 			ax25_cb_put(ax25);
973 			return NULL;
974 		}
975 	}
976 
977 	ax25_sk(sk)->cb = ax25;
978 	sk->sk_destruct = ax25_free_sock;
979 	ax25->sk    = sk;
980 
981 	return sk;
982 }
983 
ax25_release(struct socket * sock)984 static int ax25_release(struct socket *sock)
985 {
986 	struct sock *sk = sock->sk;
987 	ax25_cb *ax25;
988 	ax25_dev *ax25_dev;
989 
990 	if (sk == NULL)
991 		return 0;
992 
993 	sock_hold(sk);
994 	lock_sock(sk);
995 	sock_orphan(sk);
996 	ax25 = sk_to_ax25(sk);
997 	ax25_dev = ax25->ax25_dev;
998 
999 	if (sk->sk_type == SOCK_SEQPACKET) {
1000 		switch (ax25->state) {
1001 		case AX25_STATE_0:
1002 			if (!sock_flag(ax25->sk, SOCK_DEAD)) {
1003 				release_sock(sk);
1004 				ax25_disconnect(ax25, 0);
1005 				lock_sock(sk);
1006 			}
1007 			ax25_destroy_socket(ax25);
1008 			break;
1009 
1010 		case AX25_STATE_1:
1011 		case AX25_STATE_2:
1012 			ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
1013 			release_sock(sk);
1014 			ax25_disconnect(ax25, 0);
1015 			lock_sock(sk);
1016 			if (!sock_flag(ax25->sk, SOCK_DESTROY))
1017 				ax25_destroy_socket(ax25);
1018 			break;
1019 
1020 		case AX25_STATE_3:
1021 		case AX25_STATE_4:
1022 			ax25_clear_queues(ax25);
1023 			ax25->n2count = 0;
1024 
1025 			switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1026 			case AX25_PROTO_STD_SIMPLEX:
1027 			case AX25_PROTO_STD_DUPLEX:
1028 				ax25_send_control(ax25,
1029 						  AX25_DISC,
1030 						  AX25_POLLON,
1031 						  AX25_COMMAND);
1032 				ax25_stop_t2timer(ax25);
1033 				ax25_stop_t3timer(ax25);
1034 				ax25_stop_idletimer(ax25);
1035 				break;
1036 #ifdef CONFIG_AX25_DAMA_SLAVE
1037 			case AX25_PROTO_DAMA_SLAVE:
1038 				ax25_stop_t3timer(ax25);
1039 				ax25_stop_idletimer(ax25);
1040 				break;
1041 #endif
1042 			}
1043 			ax25_calculate_t1(ax25);
1044 			ax25_start_t1timer(ax25);
1045 			ax25->state = AX25_STATE_2;
1046 			sk->sk_state                = TCP_CLOSE;
1047 			sk->sk_shutdown            |= SEND_SHUTDOWN;
1048 			sk->sk_state_change(sk);
1049 			sock_set_flag(sk, SOCK_DESTROY);
1050 			break;
1051 
1052 		default:
1053 			break;
1054 		}
1055 	} else {
1056 		sk->sk_state     = TCP_CLOSE;
1057 		sk->sk_shutdown |= SEND_SHUTDOWN;
1058 		sk->sk_state_change(sk);
1059 		ax25_destroy_socket(ax25);
1060 	}
1061 	if (ax25_dev) {
1062 		if (!ax25_dev->device_up) {
1063 			del_timer_sync(&ax25->timer);
1064 			del_timer_sync(&ax25->t1timer);
1065 			del_timer_sync(&ax25->t2timer);
1066 			del_timer_sync(&ax25->t3timer);
1067 			del_timer_sync(&ax25->idletimer);
1068 		}
1069 		netdev_put(ax25_dev->dev, &ax25->dev_tracker);
1070 		ax25_dev_put(ax25_dev);
1071 	}
1072 
1073 	sock->sk   = NULL;
1074 	release_sock(sk);
1075 	sock_put(sk);
1076 
1077 	return 0;
1078 }
1079 
1080 /*
1081  *	We support a funny extension here so you can (as root) give any callsign
1082  *	digipeated via a local address as source. This hack is obsolete now
1083  *	that we've implemented support for SO_BINDTODEVICE. It is however small
1084  *	and trivially backward compatible.
1085  */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1086 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1087 {
1088 	struct sock *sk = sock->sk;
1089 	struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1090 	ax25_dev *ax25_dev = NULL;
1091 	ax25_uid_assoc *user;
1092 	ax25_address call;
1093 	ax25_cb *ax25;
1094 	int err = 0;
1095 
1096 	if (addr_len != sizeof(struct sockaddr_ax25) &&
1097 	    addr_len != sizeof(struct full_sockaddr_ax25))
1098 		/* support for old structure may go away some time
1099 		 * ax25_bind(): uses old (6 digipeater) socket structure.
1100 		 */
1101 		if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1102 		    (addr_len > sizeof(struct full_sockaddr_ax25)))
1103 			return -EINVAL;
1104 
1105 	if (addr->fsa_ax25.sax25_family != AF_AX25)
1106 		return -EINVAL;
1107 
1108 	user = ax25_findbyuid(current_euid());
1109 	if (user) {
1110 		call = user->call;
1111 		ax25_uid_put(user);
1112 	} else {
1113 		if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1114 			return -EACCES;
1115 
1116 		call = addr->fsa_ax25.sax25_call;
1117 	}
1118 
1119 	lock_sock(sk);
1120 
1121 	ax25 = sk_to_ax25(sk);
1122 	if (!sock_flag(sk, SOCK_ZAPPED)) {
1123 		err = -EINVAL;
1124 		goto out;
1125 	}
1126 
1127 	ax25->source_addr = call;
1128 
1129 	/*
1130 	 * User already set interface with SO_BINDTODEVICE
1131 	 */
1132 	if (ax25->ax25_dev != NULL)
1133 		goto done;
1134 
1135 	if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1136 		if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1137 		    (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1138 			err = -EADDRNOTAVAIL;
1139 			goto out;
1140 		}
1141 	} else {
1142 		if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1143 			err = -EADDRNOTAVAIL;
1144 			goto out;
1145 		}
1146 	}
1147 
1148 	if (ax25_dev) {
1149 		ax25_fillin_cb(ax25, ax25_dev);
1150 		netdev_hold(ax25_dev->dev, &ax25->dev_tracker, GFP_ATOMIC);
1151 	}
1152 
1153 done:
1154 	ax25_cb_add(ax25);
1155 	sock_reset_flag(sk, SOCK_ZAPPED);
1156 
1157 out:
1158 	release_sock(sk);
1159 
1160 	return err;
1161 }
1162 
1163 /*
1164  *	FIXME: nonblock behaviour looks like it may have a bug.
1165  */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1166 static int __must_check ax25_connect(struct socket *sock,
1167 	struct sockaddr *uaddr, int addr_len, int flags)
1168 {
1169 	struct sock *sk = sock->sk;
1170 	ax25_cb *ax25 = sk_to_ax25(sk), *ax25t;
1171 	struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1172 	ax25_digi *digi = NULL;
1173 	int ct = 0, err = 0;
1174 
1175 	/*
1176 	 * some sanity checks. code further down depends on this
1177 	 */
1178 
1179 	if (addr_len == sizeof(struct sockaddr_ax25))
1180 		/* support for this will go away in early 2.5.x
1181 		 * ax25_connect(): uses obsolete socket structure
1182 		 */
1183 		;
1184 	else if (addr_len != sizeof(struct full_sockaddr_ax25))
1185 		/* support for old structure may go away some time
1186 		 * ax25_connect(): uses old (6 digipeater) socket structure.
1187 		 */
1188 		if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1189 		    (addr_len > sizeof(struct full_sockaddr_ax25)))
1190 			return -EINVAL;
1191 
1192 
1193 	if (fsa->fsa_ax25.sax25_family != AF_AX25)
1194 		return -EINVAL;
1195 
1196 	lock_sock(sk);
1197 
1198 	/* deal with restarts */
1199 	if (sock->state == SS_CONNECTING) {
1200 		switch (sk->sk_state) {
1201 		case TCP_SYN_SENT: /* still trying */
1202 			err = -EINPROGRESS;
1203 			goto out_release;
1204 
1205 		case TCP_ESTABLISHED: /* connection established */
1206 			sock->state = SS_CONNECTED;
1207 			goto out_release;
1208 
1209 		case TCP_CLOSE: /* connection refused */
1210 			sock->state = SS_UNCONNECTED;
1211 			err = -ECONNREFUSED;
1212 			goto out_release;
1213 		}
1214 	}
1215 
1216 	if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1217 		err = -EISCONN;	/* No reconnect on a seqpacket socket */
1218 		goto out_release;
1219 	}
1220 
1221 	sk->sk_state   = TCP_CLOSE;
1222 	sock->state = SS_UNCONNECTED;
1223 
1224 	kfree(ax25->digipeat);
1225 	ax25->digipeat = NULL;
1226 
1227 	/*
1228 	 *	Handle digi-peaters to be used.
1229 	 */
1230 	if (addr_len > sizeof(struct sockaddr_ax25) &&
1231 	    fsa->fsa_ax25.sax25_ndigis != 0) {
1232 		/* Valid number of digipeaters ? */
1233 		if (fsa->fsa_ax25.sax25_ndigis < 1 ||
1234 		    fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS ||
1235 		    addr_len < sizeof(struct sockaddr_ax25) +
1236 		    sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) {
1237 			err = -EINVAL;
1238 			goto out_release;
1239 		}
1240 
1241 		if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1242 			err = -ENOBUFS;
1243 			goto out_release;
1244 		}
1245 
1246 		digi->ndigi      = fsa->fsa_ax25.sax25_ndigis;
1247 		digi->lastrepeat = -1;
1248 
1249 		while (ct < fsa->fsa_ax25.sax25_ndigis) {
1250 			if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1251 			     AX25_HBIT) && ax25->iamdigi) {
1252 				digi->repeated[ct] = 1;
1253 				digi->lastrepeat   = ct;
1254 			} else {
1255 				digi->repeated[ct] = 0;
1256 			}
1257 			digi->calls[ct] = fsa->fsa_digipeater[ct];
1258 			ct++;
1259 		}
1260 	}
1261 
1262 	/*
1263 	 *	Must bind first - autobinding in this may or may not work. If
1264 	 *	the socket is already bound, check to see if the device has
1265 	 *	been filled in, error if it hasn't.
1266 	 */
1267 	if (sock_flag(sk, SOCK_ZAPPED)) {
1268 		/* check if we can remove this feature. It is broken. */
1269 		printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1270 			current->comm);
1271 		if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1272 			kfree(digi);
1273 			goto out_release;
1274 		}
1275 
1276 		ax25_fillin_cb(ax25, ax25->ax25_dev);
1277 		ax25_cb_add(ax25);
1278 	} else {
1279 		if (ax25->ax25_dev == NULL) {
1280 			kfree(digi);
1281 			err = -EHOSTUNREACH;
1282 			goto out_release;
1283 		}
1284 	}
1285 
1286 	if (sk->sk_type == SOCK_SEQPACKET &&
1287 	    (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1288 			 ax25->ax25_dev->dev))) {
1289 		kfree(digi);
1290 		err = -EADDRINUSE;		/* Already such a connection */
1291 		ax25_cb_put(ax25t);
1292 		goto out_release;
1293 	}
1294 
1295 	ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1296 	ax25->digipeat  = digi;
1297 
1298 	/* First the easy one */
1299 	if (sk->sk_type != SOCK_SEQPACKET) {
1300 		sock->state = SS_CONNECTED;
1301 		sk->sk_state   = TCP_ESTABLISHED;
1302 		goto out_release;
1303 	}
1304 
1305 	/* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1306 	sock->state        = SS_CONNECTING;
1307 	sk->sk_state          = TCP_SYN_SENT;
1308 
1309 	switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1310 	case AX25_PROTO_STD_SIMPLEX:
1311 	case AX25_PROTO_STD_DUPLEX:
1312 		ax25_std_establish_data_link(ax25);
1313 		break;
1314 
1315 #ifdef CONFIG_AX25_DAMA_SLAVE
1316 	case AX25_PROTO_DAMA_SLAVE:
1317 		ax25->modulus = AX25_MODULUS;
1318 		ax25->window  = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1319 		if (ax25->ax25_dev->dama.slave)
1320 			ax25_ds_establish_data_link(ax25);
1321 		else
1322 			ax25_std_establish_data_link(ax25);
1323 		break;
1324 #endif
1325 	}
1326 
1327 	ax25->state = AX25_STATE_1;
1328 
1329 	ax25_start_heartbeat(ax25);
1330 
1331 	/* Now the loop */
1332 	if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1333 		err = -EINPROGRESS;
1334 		goto out_release;
1335 	}
1336 
1337 	if (sk->sk_state == TCP_SYN_SENT) {
1338 		DEFINE_WAIT(wait);
1339 
1340 		for (;;) {
1341 			prepare_to_wait(sk_sleep(sk), &wait,
1342 					TASK_INTERRUPTIBLE);
1343 			if (sk->sk_state != TCP_SYN_SENT)
1344 				break;
1345 			if (!signal_pending(current)) {
1346 				release_sock(sk);
1347 				schedule();
1348 				lock_sock(sk);
1349 				continue;
1350 			}
1351 			err = -ERESTARTSYS;
1352 			break;
1353 		}
1354 		finish_wait(sk_sleep(sk), &wait);
1355 
1356 		if (err)
1357 			goto out_release;
1358 	}
1359 
1360 	if (sk->sk_state != TCP_ESTABLISHED) {
1361 		/* Not in ABM, not in WAIT_UA -> failed */
1362 		sock->state = SS_UNCONNECTED;
1363 		err = sock_error(sk);	/* Always set at this point */
1364 		goto out_release;
1365 	}
1366 
1367 	sock->state = SS_CONNECTED;
1368 
1369 	err = 0;
1370 out_release:
1371 	release_sock(sk);
1372 
1373 	return err;
1374 }
1375 
ax25_accept(struct socket * sock,struct socket * newsock,int flags,bool kern)1376 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags,
1377 		       bool kern)
1378 {
1379 	struct sk_buff *skb;
1380 	struct sock *newsk;
1381 	DEFINE_WAIT(wait);
1382 	struct sock *sk;
1383 	int err = 0;
1384 
1385 	if (sock->state != SS_UNCONNECTED)
1386 		return -EINVAL;
1387 
1388 	if ((sk = sock->sk) == NULL)
1389 		return -EINVAL;
1390 
1391 	lock_sock(sk);
1392 	if (sk->sk_type != SOCK_SEQPACKET) {
1393 		err = -EOPNOTSUPP;
1394 		goto out;
1395 	}
1396 
1397 	if (sk->sk_state != TCP_LISTEN) {
1398 		err = -EINVAL;
1399 		goto out;
1400 	}
1401 
1402 	/*
1403 	 *	The read queue this time is holding sockets ready to use
1404 	 *	hooked into the SABM we saved
1405 	 */
1406 	for (;;) {
1407 		prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1408 		skb = skb_dequeue(&sk->sk_receive_queue);
1409 		if (skb)
1410 			break;
1411 
1412 		if (flags & O_NONBLOCK) {
1413 			err = -EWOULDBLOCK;
1414 			break;
1415 		}
1416 		if (!signal_pending(current)) {
1417 			release_sock(sk);
1418 			schedule();
1419 			lock_sock(sk);
1420 			continue;
1421 		}
1422 		err = -ERESTARTSYS;
1423 		break;
1424 	}
1425 	finish_wait(sk_sleep(sk), &wait);
1426 
1427 	if (err)
1428 		goto out;
1429 
1430 	newsk		 = skb->sk;
1431 	sock_graft(newsk, newsock);
1432 
1433 	/* Now attach up the new socket */
1434 	kfree_skb(skb);
1435 	sk_acceptq_removed(sk);
1436 	newsock->state = SS_CONNECTED;
1437 
1438 out:
1439 	release_sock(sk);
1440 
1441 	return err;
1442 }
1443 
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int peer)1444 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1445 	int peer)
1446 {
1447 	struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1448 	struct sock *sk = sock->sk;
1449 	unsigned char ndigi, i;
1450 	ax25_cb *ax25;
1451 	int err = 0;
1452 
1453 	memset(fsa, 0, sizeof(*fsa));
1454 	lock_sock(sk);
1455 	ax25 = sk_to_ax25(sk);
1456 
1457 	if (peer != 0) {
1458 		if (sk->sk_state != TCP_ESTABLISHED) {
1459 			err = -ENOTCONN;
1460 			goto out;
1461 		}
1462 
1463 		fsa->fsa_ax25.sax25_family = AF_AX25;
1464 		fsa->fsa_ax25.sax25_call   = ax25->dest_addr;
1465 
1466 		if (ax25->digipeat != NULL) {
1467 			ndigi = ax25->digipeat->ndigi;
1468 			fsa->fsa_ax25.sax25_ndigis = ndigi;
1469 			for (i = 0; i < ndigi; i++)
1470 				fsa->fsa_digipeater[i] =
1471 						ax25->digipeat->calls[i];
1472 		}
1473 	} else {
1474 		fsa->fsa_ax25.sax25_family = AF_AX25;
1475 		fsa->fsa_ax25.sax25_call   = ax25->source_addr;
1476 		fsa->fsa_ax25.sax25_ndigis = 1;
1477 		if (ax25->ax25_dev != NULL) {
1478 			memcpy(&fsa->fsa_digipeater[0],
1479 			       ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1480 		} else {
1481 			fsa->fsa_digipeater[0] = null_ax25_address;
1482 		}
1483 	}
1484 	err = sizeof (struct full_sockaddr_ax25);
1485 
1486 out:
1487 	release_sock(sk);
1488 
1489 	return err;
1490 }
1491 
ax25_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)1492 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1493 {
1494 	DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1495 	struct sock *sk = sock->sk;
1496 	struct sockaddr_ax25 sax;
1497 	struct sk_buff *skb;
1498 	ax25_digi dtmp, *dp;
1499 	ax25_cb *ax25;
1500 	size_t size;
1501 	int lv, err, addr_len = msg->msg_namelen;
1502 
1503 	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1504 		return -EINVAL;
1505 
1506 	lock_sock(sk);
1507 	ax25 = sk_to_ax25(sk);
1508 
1509 	if (sock_flag(sk, SOCK_ZAPPED)) {
1510 		err = -EADDRNOTAVAIL;
1511 		goto out;
1512 	}
1513 
1514 	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1515 		send_sig(SIGPIPE, current, 0);
1516 		err = -EPIPE;
1517 		goto out;
1518 	}
1519 
1520 	if (ax25->ax25_dev == NULL) {
1521 		err = -ENETUNREACH;
1522 		goto out;
1523 	}
1524 
1525 	if (len > ax25->ax25_dev->dev->mtu) {
1526 		err = -EMSGSIZE;
1527 		goto out;
1528 	}
1529 
1530 	if (usax != NULL) {
1531 		if (usax->sax25_family != AF_AX25) {
1532 			err = -EINVAL;
1533 			goto out;
1534 		}
1535 
1536 		if (addr_len == sizeof(struct sockaddr_ax25))
1537 			/* ax25_sendmsg(): uses obsolete socket structure */
1538 			;
1539 		else if (addr_len != sizeof(struct full_sockaddr_ax25))
1540 			/* support for old structure may go away some time
1541 			 * ax25_sendmsg(): uses old (6 digipeater)
1542 			 * socket structure.
1543 			 */
1544 			if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1545 			    (addr_len > sizeof(struct full_sockaddr_ax25))) {
1546 				err = -EINVAL;
1547 				goto out;
1548 			}
1549 
1550 
1551 		if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1552 			int ct           = 0;
1553 			struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1554 
1555 			/* Valid number of digipeaters ? */
1556 			if (usax->sax25_ndigis < 1 ||
1557 			    usax->sax25_ndigis > AX25_MAX_DIGIS ||
1558 			    addr_len < sizeof(struct sockaddr_ax25) +
1559 			    sizeof(ax25_address) * usax->sax25_ndigis) {
1560 				err = -EINVAL;
1561 				goto out;
1562 			}
1563 
1564 			dtmp.ndigi      = usax->sax25_ndigis;
1565 
1566 			while (ct < usax->sax25_ndigis) {
1567 				dtmp.repeated[ct] = 0;
1568 				dtmp.calls[ct]    = fsa->fsa_digipeater[ct];
1569 				ct++;
1570 			}
1571 
1572 			dtmp.lastrepeat = 0;
1573 		}
1574 
1575 		sax = *usax;
1576 		if (sk->sk_type == SOCK_SEQPACKET &&
1577 		    ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1578 			err = -EISCONN;
1579 			goto out;
1580 		}
1581 		if (usax->sax25_ndigis == 0)
1582 			dp = NULL;
1583 		else
1584 			dp = &dtmp;
1585 	} else {
1586 		/*
1587 		 *	FIXME: 1003.1g - if the socket is like this because
1588 		 *	it has become closed (not started closed) and is VC
1589 		 *	we ought to SIGPIPE, EPIPE
1590 		 */
1591 		if (sk->sk_state != TCP_ESTABLISHED) {
1592 			err = -ENOTCONN;
1593 			goto out;
1594 		}
1595 		sax.sax25_family = AF_AX25;
1596 		sax.sax25_call   = ax25->dest_addr;
1597 		dp = ax25->digipeat;
1598 	}
1599 
1600 	/* Build a packet */
1601 	/* Assume the worst case */
1602 	size = len + ax25->ax25_dev->dev->hard_header_len;
1603 
1604 	skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1605 	if (skb == NULL)
1606 		goto out;
1607 
1608 	skb_reserve(skb, size - len);
1609 
1610 	/* User data follows immediately after the AX.25 data */
1611 	if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1612 		err = -EFAULT;
1613 		kfree_skb(skb);
1614 		goto out;
1615 	}
1616 
1617 	skb_reset_network_header(skb);
1618 
1619 	/* Add the PID if one is not supplied by the user in the skb */
1620 	if (!ax25->pidincl)
1621 		*(u8 *)skb_push(skb, 1) = sk->sk_protocol;
1622 
1623 	if (sk->sk_type == SOCK_SEQPACKET) {
1624 		/* Connected mode sockets go via the LAPB machine */
1625 		if (sk->sk_state != TCP_ESTABLISHED) {
1626 			kfree_skb(skb);
1627 			err = -ENOTCONN;
1628 			goto out;
1629 		}
1630 
1631 		/* Shove it onto the queue and kick */
1632 		ax25_output(ax25, ax25->paclen, skb);
1633 
1634 		err = len;
1635 		goto out;
1636 	}
1637 
1638 	skb_push(skb, 1 + ax25_addr_size(dp));
1639 
1640 	/* Building AX.25 Header */
1641 
1642 	/* Build an AX.25 header */
1643 	lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1644 			     dp, AX25_COMMAND, AX25_MODULUS);
1645 
1646 	skb_set_transport_header(skb, lv);
1647 
1648 	*skb_transport_header(skb) = AX25_UI;
1649 
1650 	/* Datagram frames go straight out of the door as UI */
1651 	ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1652 
1653 	err = len;
1654 
1655 out:
1656 	release_sock(sk);
1657 
1658 	return err;
1659 }
1660 
ax25_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)1661 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1662 			int flags)
1663 {
1664 	struct sock *sk = sock->sk;
1665 	struct sk_buff *skb, *last;
1666 	struct sk_buff_head *sk_queue;
1667 	int copied;
1668 	int err = 0;
1669 	int off = 0;
1670 	long timeo;
1671 
1672 	lock_sock(sk);
1673 	/*
1674 	 * 	This works for seqpacket too. The receiver has ordered the
1675 	 *	queue for us! We do one quick check first though
1676 	 */
1677 	if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1678 		err =  -ENOTCONN;
1679 		goto out;
1680 	}
1681 
1682 	/*  We need support for non-blocking reads. */
1683 	sk_queue = &sk->sk_receive_queue;
1684 	skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, &err, &last);
1685 	/* If no packet is available, release_sock(sk) and try again. */
1686 	if (!skb) {
1687 		if (err != -EAGAIN)
1688 			goto out;
1689 		release_sock(sk);
1690 		timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
1691 		while (timeo && !__skb_wait_for_more_packets(sk, sk_queue, &err,
1692 							     &timeo, last)) {
1693 			skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off,
1694 						      &err, &last);
1695 			if (skb)
1696 				break;
1697 
1698 			if (err != -EAGAIN)
1699 				goto done;
1700 		}
1701 		if (!skb)
1702 			goto done;
1703 		lock_sock(sk);
1704 	}
1705 
1706 	if (!sk_to_ax25(sk)->pidincl)
1707 		skb_pull(skb, 1);		/* Remove PID */
1708 
1709 	skb_reset_transport_header(skb);
1710 	copied = skb->len;
1711 
1712 	if (copied > size) {
1713 		copied = size;
1714 		msg->msg_flags |= MSG_TRUNC;
1715 	}
1716 
1717 	skb_copy_datagram_msg(skb, 0, msg, copied);
1718 
1719 	if (msg->msg_name) {
1720 		ax25_digi digi;
1721 		ax25_address src;
1722 		const unsigned char *mac = skb_mac_header(skb);
1723 		DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1724 
1725 		memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1726 		ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1727 				&digi, NULL, NULL);
1728 		sax->sax25_family = AF_AX25;
1729 		/* We set this correctly, even though we may not let the
1730 		   application know the digi calls further down (because it
1731 		   did NOT ask to know them).  This could get political... **/
1732 		sax->sax25_ndigis = digi.ndigi;
1733 		sax->sax25_call   = src;
1734 
1735 		if (sax->sax25_ndigis != 0) {
1736 			int ct;
1737 			struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1738 
1739 			for (ct = 0; ct < digi.ndigi; ct++)
1740 				fsa->fsa_digipeater[ct] = digi.calls[ct];
1741 		}
1742 		msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1743 	}
1744 
1745 	skb_free_datagram(sk, skb);
1746 	err = copied;
1747 
1748 out:
1749 	release_sock(sk);
1750 
1751 done:
1752 	return err;
1753 }
1754 
ax25_shutdown(struct socket * sk,int how)1755 static int ax25_shutdown(struct socket *sk, int how)
1756 {
1757 	/* FIXME - generate DM and RNR states */
1758 	return -EOPNOTSUPP;
1759 }
1760 
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1761 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1762 {
1763 	struct sock *sk = sock->sk;
1764 	void __user *argp = (void __user *)arg;
1765 	int res = 0;
1766 
1767 	lock_sock(sk);
1768 	switch (cmd) {
1769 	case TIOCOUTQ: {
1770 		long amount;
1771 
1772 		amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1773 		if (amount < 0)
1774 			amount = 0;
1775 		res = put_user(amount, (int __user *)argp);
1776 		break;
1777 	}
1778 
1779 	case TIOCINQ: {
1780 		struct sk_buff *skb;
1781 		long amount = 0L;
1782 		/* These two are safe on a single CPU system as only user tasks fiddle here */
1783 		if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1784 			amount = skb->len;
1785 		res = put_user(amount, (int __user *) argp);
1786 		break;
1787 	}
1788 
1789 	case SIOCAX25ADDUID:	/* Add a uid to the uid/call map table */
1790 	case SIOCAX25DELUID:	/* Delete a uid from the uid/call map table */
1791 	case SIOCAX25GETUID: {
1792 		struct sockaddr_ax25 sax25;
1793 		if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1794 			res = -EFAULT;
1795 			break;
1796 		}
1797 		res = ax25_uid_ioctl(cmd, &sax25);
1798 		break;
1799 	}
1800 
1801 	case SIOCAX25NOUID: {	/* Set the default policy (default/bar) */
1802 		long amount;
1803 		if (!capable(CAP_NET_ADMIN)) {
1804 			res = -EPERM;
1805 			break;
1806 		}
1807 		if (get_user(amount, (long __user *)argp)) {
1808 			res = -EFAULT;
1809 			break;
1810 		}
1811 		if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1812 			res = -EINVAL;
1813 			break;
1814 		}
1815 		ax25_uid_policy = amount;
1816 		res = 0;
1817 		break;
1818 	}
1819 
1820 	case SIOCADDRT:
1821 	case SIOCDELRT:
1822 	case SIOCAX25OPTRT:
1823 		if (!capable(CAP_NET_ADMIN)) {
1824 			res = -EPERM;
1825 			break;
1826 		}
1827 		res = ax25_rt_ioctl(cmd, argp);
1828 		break;
1829 
1830 	case SIOCAX25CTLCON:
1831 		if (!capable(CAP_NET_ADMIN)) {
1832 			res = -EPERM;
1833 			break;
1834 		}
1835 		res = ax25_ctl_ioctl(cmd, argp);
1836 		break;
1837 
1838 	case SIOCAX25GETINFO:
1839 	case SIOCAX25GETINFOOLD: {
1840 		ax25_cb *ax25 = sk_to_ax25(sk);
1841 		struct ax25_info_struct ax25_info;
1842 
1843 		ax25_info.t1        = ax25->t1   / HZ;
1844 		ax25_info.t2        = ax25->t2   / HZ;
1845 		ax25_info.t3        = ax25->t3   / HZ;
1846 		ax25_info.idle      = ax25->idle / (60 * HZ);
1847 		ax25_info.n2        = ax25->n2;
1848 		ax25_info.t1timer   = ax25_display_timer(&ax25->t1timer)   / HZ;
1849 		ax25_info.t2timer   = ax25_display_timer(&ax25->t2timer)   / HZ;
1850 		ax25_info.t3timer   = ax25_display_timer(&ax25->t3timer)   / HZ;
1851 		ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1852 		ax25_info.n2count   = ax25->n2count;
1853 		ax25_info.state     = ax25->state;
1854 		ax25_info.rcv_q     = sk_rmem_alloc_get(sk);
1855 		ax25_info.snd_q     = sk_wmem_alloc_get(sk);
1856 		ax25_info.vs        = ax25->vs;
1857 		ax25_info.vr        = ax25->vr;
1858 		ax25_info.va        = ax25->va;
1859 		ax25_info.vs_max    = ax25->vs; /* reserved */
1860 		ax25_info.paclen    = ax25->paclen;
1861 		ax25_info.window    = ax25->window;
1862 
1863 		/* old structure? */
1864 		if (cmd == SIOCAX25GETINFOOLD) {
1865 			static int warned = 0;
1866 			if (!warned) {
1867 				printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1868 					current->comm);
1869 				warned=1;
1870 			}
1871 
1872 			if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1873 				res = -EFAULT;
1874 				break;
1875 			}
1876 		} else {
1877 			if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1878 				res = -EINVAL;
1879 				break;
1880 			}
1881 		}
1882 		res = 0;
1883 		break;
1884 	}
1885 
1886 	case SIOCAX25ADDFWD:
1887 	case SIOCAX25DELFWD: {
1888 		struct ax25_fwd_struct ax25_fwd;
1889 		if (!capable(CAP_NET_ADMIN)) {
1890 			res = -EPERM;
1891 			break;
1892 		}
1893 		if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1894 			res = -EFAULT;
1895 			break;
1896 		}
1897 		res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1898 		break;
1899 	}
1900 
1901 	case SIOCGIFADDR:
1902 	case SIOCSIFADDR:
1903 	case SIOCGIFDSTADDR:
1904 	case SIOCSIFDSTADDR:
1905 	case SIOCGIFBRDADDR:
1906 	case SIOCSIFBRDADDR:
1907 	case SIOCGIFNETMASK:
1908 	case SIOCSIFNETMASK:
1909 	case SIOCGIFMETRIC:
1910 	case SIOCSIFMETRIC:
1911 		res = -EINVAL;
1912 		break;
1913 
1914 	default:
1915 		res = -ENOIOCTLCMD;
1916 		break;
1917 	}
1918 	release_sock(sk);
1919 
1920 	return res;
1921 }
1922 
1923 #ifdef CONFIG_PROC_FS
1924 
ax25_info_start(struct seq_file * seq,loff_t * pos)1925 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1926 	__acquires(ax25_list_lock)
1927 {
1928 	spin_lock_bh(&ax25_list_lock);
1929 	return seq_hlist_start(&ax25_list, *pos);
1930 }
1931 
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1932 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1933 {
1934 	return seq_hlist_next(v, &ax25_list, pos);
1935 }
1936 
ax25_info_stop(struct seq_file * seq,void * v)1937 static void ax25_info_stop(struct seq_file *seq, void *v)
1938 	__releases(ax25_list_lock)
1939 {
1940 	spin_unlock_bh(&ax25_list_lock);
1941 }
1942 
ax25_info_show(struct seq_file * seq,void * v)1943 static int ax25_info_show(struct seq_file *seq, void *v)
1944 {
1945 	ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1946 	char buf[11];
1947 	int k;
1948 
1949 
1950 	/*
1951 	 * New format:
1952 	 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1953 	 */
1954 
1955 	seq_printf(seq, "%p %s %s%s ",
1956 		   ax25,
1957 		   ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1958 		   ax2asc(buf, &ax25->source_addr),
1959 		   ax25->iamdigi? "*":"");
1960 	seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1961 
1962 	for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1963 		seq_printf(seq, ",%s%s",
1964 			   ax2asc(buf, &ax25->digipeat->calls[k]),
1965 			   ax25->digipeat->repeated[k]? "*":"");
1966 	}
1967 
1968 	seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1969 		   ax25->state,
1970 		   ax25->vs, ax25->vr, ax25->va,
1971 		   ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1972 		   ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1973 		   ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1974 		   ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1975 		   ax25->idle / (60 * HZ),
1976 		   ax25->n2count, ax25->n2,
1977 		   ax25->rtt / HZ,
1978 		   ax25->window,
1979 		   ax25->paclen);
1980 
1981 	if (ax25->sk != NULL) {
1982 		seq_printf(seq, " %d %d %lu\n",
1983 			   sk_wmem_alloc_get(ax25->sk),
1984 			   sk_rmem_alloc_get(ax25->sk),
1985 			   sock_i_ino(ax25->sk));
1986 	} else {
1987 		seq_puts(seq, " * * *\n");
1988 	}
1989 	return 0;
1990 }
1991 
1992 static const struct seq_operations ax25_info_seqops = {
1993 	.start = ax25_info_start,
1994 	.next = ax25_info_next,
1995 	.stop = ax25_info_stop,
1996 	.show = ax25_info_show,
1997 };
1998 #endif
1999 
2000 static const struct net_proto_family ax25_family_ops = {
2001 	.family =	PF_AX25,
2002 	.create =	ax25_create,
2003 	.owner	=	THIS_MODULE,
2004 };
2005 
2006 static const struct proto_ops ax25_proto_ops = {
2007 	.family		= PF_AX25,
2008 	.owner		= THIS_MODULE,
2009 	.release	= ax25_release,
2010 	.bind		= ax25_bind,
2011 	.connect	= ax25_connect,
2012 	.socketpair	= sock_no_socketpair,
2013 	.accept		= ax25_accept,
2014 	.getname	= ax25_getname,
2015 	.poll		= datagram_poll,
2016 	.ioctl		= ax25_ioctl,
2017 	.gettstamp	= sock_gettstamp,
2018 	.listen		= ax25_listen,
2019 	.shutdown	= ax25_shutdown,
2020 	.setsockopt	= ax25_setsockopt,
2021 	.getsockopt	= ax25_getsockopt,
2022 	.sendmsg	= ax25_sendmsg,
2023 	.recvmsg	= ax25_recvmsg,
2024 	.mmap		= sock_no_mmap,
2025 	.sendpage	= sock_no_sendpage,
2026 };
2027 
2028 /*
2029  *	Called by socket.c on kernel start up
2030  */
2031 static struct packet_type ax25_packet_type __read_mostly = {
2032 	.type	=	cpu_to_be16(ETH_P_AX25),
2033 	.func	=	ax25_kiss_rcv,
2034 };
2035 
2036 static struct notifier_block ax25_dev_notifier = {
2037 	.notifier_call = ax25_device_event,
2038 };
2039 
ax25_init(void)2040 static int __init ax25_init(void)
2041 {
2042 	int rc = proto_register(&ax25_proto, 0);
2043 
2044 	if (rc != 0)
2045 		goto out;
2046 
2047 	sock_register(&ax25_family_ops);
2048 	dev_add_pack(&ax25_packet_type);
2049 	register_netdevice_notifier(&ax25_dev_notifier);
2050 
2051 	proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops);
2052 	proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops);
2053 	proc_create_seq("ax25_calls", 0444, init_net.proc_net,
2054 			&ax25_uid_seqops);
2055 out:
2056 	return rc;
2057 }
2058 module_init(ax25_init);
2059 
2060 
2061 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2062 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2063 MODULE_LICENSE("GPL");
2064 MODULE_ALIAS_NETPROTO(PF_AX25);
2065 
ax25_exit(void)2066 static void __exit ax25_exit(void)
2067 {
2068 	remove_proc_entry("ax25_route", init_net.proc_net);
2069 	remove_proc_entry("ax25", init_net.proc_net);
2070 	remove_proc_entry("ax25_calls", init_net.proc_net);
2071 
2072 	unregister_netdevice_notifier(&ax25_dev_notifier);
2073 
2074 	dev_remove_pack(&ax25_packet_type);
2075 
2076 	sock_unregister(PF_AX25);
2077 	proto_unregister(&ax25_proto);
2078 
2079 	ax25_rt_free();
2080 	ax25_uid_free();
2081 	ax25_dev_free();
2082 }
2083 module_exit(ax25_exit);
2084