1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *
4  * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
5  * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
6  * Copyright (C) Darryl Miles G7LED (dlm@g7led.demon.co.uk)
7  * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
8  * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
9  * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
10  * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl)
11  * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
12  */
13 #include <linux/capability.h>
14 #include <linux/module.h>
15 #include <linux/errno.h>
16 #include <linux/types.h>
17 #include <linux/socket.h>
18 #include <linux/in.h>
19 #include <linux/kernel.h>
20 #include <linux/sched/signal.h>
21 #include <linux/timer.h>
22 #include <linux/string.h>
23 #include <linux/sockios.h>
24 #include <linux/net.h>
25 #include <linux/slab.h>
26 #include <net/ax25.h>
27 #include <linux/inet.h>
28 #include <linux/netdevice.h>
29 #include <linux/if_arp.h>
30 #include <linux/skbuff.h>
31 #include <net/sock.h>
32 #include <linux/uaccess.h>
33 #include <linux/fcntl.h>
34 #include <linux/termios.h>	/* For TIOCINQ/OUTQ */
35 #include <linux/mm.h>
36 #include <linux/interrupt.h>
37 #include <linux/notifier.h>
38 #include <linux/proc_fs.h>
39 #include <linux/stat.h>
40 #include <linux/sysctl.h>
41 #include <linux/init.h>
42 #include <linux/spinlock.h>
43 #include <net/net_namespace.h>
44 #include <net/tcp_states.h>
45 #include <net/ip.h>
46 #include <net/arp.h>
47 
48 
49 
50 HLIST_HEAD(ax25_list);
51 DEFINE_SPINLOCK(ax25_list_lock);
52 
53 static const struct proto_ops ax25_proto_ops;
54 
ax25_free_sock(struct sock * sk)55 static void ax25_free_sock(struct sock *sk)
56 {
57 	ax25_cb_put(sk_to_ax25(sk));
58 }
59 
60 /*
61  *	Socket removal during an interrupt is now safe.
62  */
ax25_cb_del(ax25_cb * ax25)63 static void ax25_cb_del(ax25_cb *ax25)
64 {
65 	spin_lock_bh(&ax25_list_lock);
66 	if (!hlist_unhashed(&ax25->ax25_node)) {
67 		hlist_del_init(&ax25->ax25_node);
68 		ax25_cb_put(ax25);
69 	}
70 	spin_unlock_bh(&ax25_list_lock);
71 }
72 
73 /*
74  *	Kill all bound sockets on a dropped device.
75  */
ax25_kill_by_device(struct net_device * dev)76 static void ax25_kill_by_device(struct net_device *dev)
77 {
78 	ax25_dev *ax25_dev;
79 	ax25_cb *s;
80 	struct sock *sk;
81 
82 	if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
83 		return;
84 	ax25_dev->device_up = false;
85 
86 	spin_lock_bh(&ax25_list_lock);
87 again:
88 	ax25_for_each(s, &ax25_list) {
89 		if (s->ax25_dev == ax25_dev) {
90 			sk = s->sk;
91 			if (!sk) {
92 				spin_unlock_bh(&ax25_list_lock);
93 				ax25_disconnect(s, ENETUNREACH);
94 				s->ax25_dev = NULL;
95 				ax25_cb_del(s);
96 				spin_lock_bh(&ax25_list_lock);
97 				goto again;
98 			}
99 			sock_hold(sk);
100 			spin_unlock_bh(&ax25_list_lock);
101 			lock_sock(sk);
102 			ax25_disconnect(s, ENETUNREACH);
103 			s->ax25_dev = NULL;
104 			if (sk->sk_socket) {
105 				netdev_put(ax25_dev->dev,
106 					   &s->dev_tracker);
107 				ax25_dev_put(ax25_dev);
108 			}
109 			ax25_cb_del(s);
110 			release_sock(sk);
111 			spin_lock_bh(&ax25_list_lock);
112 			sock_put(sk);
113 			/* The entry could have been deleted from the
114 			 * list meanwhile and thus the next pointer is
115 			 * no longer valid.  Play it safe and restart
116 			 * the scan.  Forward progress is ensured
117 			 * because we set s->ax25_dev to NULL and we
118 			 * are never passed a NULL 'dev' argument.
119 			 */
120 			goto again;
121 		}
122 	}
123 	spin_unlock_bh(&ax25_list_lock);
124 }
125 
126 /*
127  *	Handle device status changes.
128  */
ax25_device_event(struct notifier_block * this,unsigned long event,void * ptr)129 static int ax25_device_event(struct notifier_block *this, unsigned long event,
130 			     void *ptr)
131 {
132 	struct net_device *dev = netdev_notifier_info_to_dev(ptr);
133 
134 	if (!net_eq(dev_net(dev), &init_net))
135 		return NOTIFY_DONE;
136 
137 	/* Reject non AX.25 devices */
138 	if (dev->type != ARPHRD_AX25)
139 		return NOTIFY_DONE;
140 
141 	switch (event) {
142 	case NETDEV_UP:
143 		ax25_dev_device_up(dev);
144 		break;
145 	case NETDEV_DOWN:
146 		ax25_kill_by_device(dev);
147 		ax25_rt_device_down(dev);
148 		ax25_dev_device_down(dev);
149 		break;
150 	default:
151 		break;
152 	}
153 
154 	return NOTIFY_DONE;
155 }
156 
157 /*
158  *	Add a socket to the bound sockets list.
159  */
ax25_cb_add(ax25_cb * ax25)160 void ax25_cb_add(ax25_cb *ax25)
161 {
162 	spin_lock_bh(&ax25_list_lock);
163 	ax25_cb_hold(ax25);
164 	hlist_add_head(&ax25->ax25_node, &ax25_list);
165 	spin_unlock_bh(&ax25_list_lock);
166 }
167 
168 /*
169  *	Find a socket that wants to accept the SABM we have just
170  *	received.
171  */
ax25_find_listener(ax25_address * addr,int digi,struct net_device * dev,int type)172 struct sock *ax25_find_listener(ax25_address *addr, int digi,
173 	struct net_device *dev, int type)
174 {
175 	ax25_cb *s;
176 
177 	spin_lock(&ax25_list_lock);
178 	ax25_for_each(s, &ax25_list) {
179 		if ((s->iamdigi && !digi) || (!s->iamdigi && digi))
180 			continue;
181 		if (s->sk && !ax25cmp(&s->source_addr, addr) &&
182 		    s->sk->sk_type == type && s->sk->sk_state == TCP_LISTEN) {
183 			/* If device is null we match any device */
184 			if (s->ax25_dev == NULL || s->ax25_dev->dev == dev) {
185 				sock_hold(s->sk);
186 				spin_unlock(&ax25_list_lock);
187 				return s->sk;
188 			}
189 		}
190 	}
191 	spin_unlock(&ax25_list_lock);
192 
193 	return NULL;
194 }
195 
196 /*
197  *	Find an AX.25 socket given both ends.
198  */
ax25_get_socket(ax25_address * my_addr,ax25_address * dest_addr,int type)199 struct sock *ax25_get_socket(ax25_address *my_addr, ax25_address *dest_addr,
200 	int type)
201 {
202 	struct sock *sk = NULL;
203 	ax25_cb *s;
204 
205 	spin_lock(&ax25_list_lock);
206 	ax25_for_each(s, &ax25_list) {
207 		if (s->sk && !ax25cmp(&s->source_addr, my_addr) &&
208 		    !ax25cmp(&s->dest_addr, dest_addr) &&
209 		    s->sk->sk_type == type) {
210 			sk = s->sk;
211 			sock_hold(sk);
212 			break;
213 		}
214 	}
215 
216 	spin_unlock(&ax25_list_lock);
217 
218 	return sk;
219 }
220 
221 /*
222  *	Find an AX.25 control block given both ends. It will only pick up
223  *	floating AX.25 control blocks or non Raw socket bound control blocks.
224  */
ax25_find_cb(const ax25_address * src_addr,ax25_address * dest_addr,ax25_digi * digi,struct net_device * dev)225 ax25_cb *ax25_find_cb(const ax25_address *src_addr, ax25_address *dest_addr,
226 	ax25_digi *digi, struct net_device *dev)
227 {
228 	ax25_cb *s;
229 
230 	spin_lock_bh(&ax25_list_lock);
231 	ax25_for_each(s, &ax25_list) {
232 		if (s->sk && s->sk->sk_type != SOCK_SEQPACKET)
233 			continue;
234 		if (s->ax25_dev == NULL)
235 			continue;
236 		if (ax25cmp(&s->source_addr, src_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->ax25_dev->dev == dev) {
237 			if (digi != NULL && digi->ndigi != 0) {
238 				if (s->digipeat == NULL)
239 					continue;
240 				if (ax25digicmp(s->digipeat, digi) != 0)
241 					continue;
242 			} else {
243 				if (s->digipeat != NULL && s->digipeat->ndigi != 0)
244 					continue;
245 			}
246 			ax25_cb_hold(s);
247 			spin_unlock_bh(&ax25_list_lock);
248 
249 			return s;
250 		}
251 	}
252 	spin_unlock_bh(&ax25_list_lock);
253 
254 	return NULL;
255 }
256 
257 EXPORT_SYMBOL(ax25_find_cb);
258 
ax25_send_to_raw(ax25_address * addr,struct sk_buff * skb,int proto)259 void ax25_send_to_raw(ax25_address *addr, struct sk_buff *skb, int proto)
260 {
261 	ax25_cb *s;
262 	struct sk_buff *copy;
263 
264 	spin_lock(&ax25_list_lock);
265 	ax25_for_each(s, &ax25_list) {
266 		if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 &&
267 		    s->sk->sk_type == SOCK_RAW &&
268 		    s->sk->sk_protocol == proto &&
269 		    s->ax25_dev->dev == skb->dev &&
270 		    atomic_read(&s->sk->sk_rmem_alloc) <= s->sk->sk_rcvbuf) {
271 			if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
272 				continue;
273 			if (sock_queue_rcv_skb(s->sk, copy) != 0)
274 				kfree_skb(copy);
275 		}
276 	}
277 	spin_unlock(&ax25_list_lock);
278 }
279 
280 /*
281  *	Deferred destroy.
282  */
283 void ax25_destroy_socket(ax25_cb *);
284 
285 /*
286  *	Handler for deferred kills.
287  */
ax25_destroy_timer(struct timer_list * t)288 static void ax25_destroy_timer(struct timer_list *t)
289 {
290 	ax25_cb *ax25 = from_timer(ax25, t, dtimer);
291 	struct sock *sk;
292 
293 	sk=ax25->sk;
294 
295 	bh_lock_sock(sk);
296 	sock_hold(sk);
297 	ax25_destroy_socket(ax25);
298 	bh_unlock_sock(sk);
299 	sock_put(sk);
300 }
301 
302 /*
303  *	This is called from user mode and the timers. Thus it protects itself
304  *	against interrupt users but doesn't worry about being called during
305  *	work. Once it is removed from the queue no interrupt or bottom half
306  *	will touch it and we are (fairly 8-) ) safe.
307  */
ax25_destroy_socket(ax25_cb * ax25)308 void ax25_destroy_socket(ax25_cb *ax25)
309 {
310 	struct sk_buff *skb;
311 
312 	ax25_cb_del(ax25);
313 
314 	ax25_stop_heartbeat(ax25);
315 	ax25_stop_t1timer(ax25);
316 	ax25_stop_t2timer(ax25);
317 	ax25_stop_t3timer(ax25);
318 	ax25_stop_idletimer(ax25);
319 
320 	ax25_clear_queues(ax25);	/* Flush the queues */
321 
322 	if (ax25->sk != NULL) {
323 		while ((skb = skb_dequeue(&ax25->sk->sk_receive_queue)) != NULL) {
324 			if (skb->sk != ax25->sk) {
325 				/* A pending connection */
326 				ax25_cb *sax25 = sk_to_ax25(skb->sk);
327 
328 				/* Queue the unaccepted socket for death */
329 				sock_orphan(skb->sk);
330 
331 				/* 9A4GL: hack to release unaccepted sockets */
332 				skb->sk->sk_state = TCP_LISTEN;
333 
334 				ax25_start_heartbeat(sax25);
335 				sax25->state = AX25_STATE_0;
336 			}
337 
338 			kfree_skb(skb);
339 		}
340 		skb_queue_purge(&ax25->sk->sk_write_queue);
341 	}
342 
343 	if (ax25->sk != NULL) {
344 		if (sk_has_allocations(ax25->sk)) {
345 			/* Defer: outstanding buffers */
346 			timer_setup(&ax25->dtimer, ax25_destroy_timer, 0);
347 			ax25->dtimer.expires  = jiffies + 2 * HZ;
348 			add_timer(&ax25->dtimer);
349 		} else {
350 			struct sock *sk=ax25->sk;
351 			ax25->sk=NULL;
352 			sock_put(sk);
353 		}
354 	} else {
355 		ax25_cb_put(ax25);
356 	}
357 }
358 
359 /*
360  * dl1bke 960311: set parameters for existing AX.25 connections,
361  *		  includes a KILL command to abort any connection.
362  *		  VERY useful for debugging ;-)
363  */
ax25_ctl_ioctl(const unsigned int cmd,void __user * arg)364 static int ax25_ctl_ioctl(const unsigned int cmd, void __user *arg)
365 {
366 	struct ax25_ctl_struct ax25_ctl;
367 	ax25_digi digi;
368 	ax25_dev *ax25_dev;
369 	ax25_cb *ax25;
370 	unsigned int k;
371 	int ret = 0;
372 
373 	if (copy_from_user(&ax25_ctl, arg, sizeof(ax25_ctl)))
374 		return -EFAULT;
375 
376 	if (ax25_ctl.digi_count > AX25_MAX_DIGIS)
377 		return -EINVAL;
378 
379 	if (ax25_ctl.arg > ULONG_MAX / HZ && ax25_ctl.cmd != AX25_KILL)
380 		return -EINVAL;
381 
382 	ax25_dev = ax25_addr_ax25dev(&ax25_ctl.port_addr);
383 	if (!ax25_dev)
384 		return -ENODEV;
385 
386 	digi.ndigi = ax25_ctl.digi_count;
387 	for (k = 0; k < digi.ndigi; k++)
388 		digi.calls[k] = ax25_ctl.digi_addr[k];
389 
390 	ax25 = ax25_find_cb(&ax25_ctl.source_addr, &ax25_ctl.dest_addr, &digi, ax25_dev->dev);
391 	if (!ax25) {
392 		ax25_dev_put(ax25_dev);
393 		return -ENOTCONN;
394 	}
395 
396 	switch (ax25_ctl.cmd) {
397 	case AX25_KILL:
398 		ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
399 #ifdef CONFIG_AX25_DAMA_SLAVE
400 		if (ax25_dev->dama.slave && ax25->ax25_dev->values[AX25_VALUES_PROTOCOL] == AX25_PROTO_DAMA_SLAVE)
401 			ax25_dama_off(ax25);
402 #endif
403 		ax25_disconnect(ax25, ENETRESET);
404 		break;
405 
406 	case AX25_WINDOW:
407 		if (ax25->modulus == AX25_MODULUS) {
408 			if (ax25_ctl.arg < 1 || ax25_ctl.arg > 7)
409 				goto einval_put;
410 		} else {
411 			if (ax25_ctl.arg < 1 || ax25_ctl.arg > 63)
412 				goto einval_put;
413 		}
414 		ax25->window = ax25_ctl.arg;
415 		break;
416 
417 	case AX25_T1:
418 		if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
419 			goto einval_put;
420 		ax25->rtt = (ax25_ctl.arg * HZ) / 2;
421 		ax25->t1  = ax25_ctl.arg * HZ;
422 		break;
423 
424 	case AX25_T2:
425 		if (ax25_ctl.arg < 1 || ax25_ctl.arg > ULONG_MAX / HZ)
426 			goto einval_put;
427 		ax25->t2 = ax25_ctl.arg * HZ;
428 		break;
429 
430 	case AX25_N2:
431 		if (ax25_ctl.arg < 1 || ax25_ctl.arg > 31)
432 			goto einval_put;
433 		ax25->n2count = 0;
434 		ax25->n2 = ax25_ctl.arg;
435 		break;
436 
437 	case AX25_T3:
438 		if (ax25_ctl.arg > ULONG_MAX / HZ)
439 			goto einval_put;
440 		ax25->t3 = ax25_ctl.arg * HZ;
441 		break;
442 
443 	case AX25_IDLE:
444 		if (ax25_ctl.arg > ULONG_MAX / (60 * HZ))
445 			goto einval_put;
446 
447 		ax25->idle = ax25_ctl.arg * 60 * HZ;
448 		break;
449 
450 	case AX25_PACLEN:
451 		if (ax25_ctl.arg < 16 || ax25_ctl.arg > 65535)
452 			goto einval_put;
453 		ax25->paclen = ax25_ctl.arg;
454 		break;
455 
456 	default:
457 		goto einval_put;
458 	  }
459 
460 out_put:
461 	ax25_dev_put(ax25_dev);
462 	ax25_cb_put(ax25);
463 	return ret;
464 
465 einval_put:
466 	ret = -EINVAL;
467 	goto out_put;
468 }
469 
ax25_fillin_cb_from_dev(ax25_cb * ax25,ax25_dev * ax25_dev)470 static void ax25_fillin_cb_from_dev(ax25_cb *ax25, ax25_dev *ax25_dev)
471 {
472 	ax25->rtt     = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]) / 2;
473 	ax25->t1      = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T1]);
474 	ax25->t2      = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T2]);
475 	ax25->t3      = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_T3]);
476 	ax25->n2      = ax25_dev->values[AX25_VALUES_N2];
477 	ax25->paclen  = ax25_dev->values[AX25_VALUES_PACLEN];
478 	ax25->idle    = msecs_to_jiffies(ax25_dev->values[AX25_VALUES_IDLE]);
479 	ax25->backoff = ax25_dev->values[AX25_VALUES_BACKOFF];
480 
481 	if (ax25_dev->values[AX25_VALUES_AXDEFMODE]) {
482 		ax25->modulus = AX25_EMODULUS;
483 		ax25->window  = ax25_dev->values[AX25_VALUES_EWINDOW];
484 	} else {
485 		ax25->modulus = AX25_MODULUS;
486 		ax25->window  = ax25_dev->values[AX25_VALUES_WINDOW];
487 	}
488 }
489 
490 /*
491  *	Fill in a created AX.25 created control block with the default
492  *	values for a particular device.
493  */
ax25_fillin_cb(ax25_cb * ax25,ax25_dev * ax25_dev)494 void ax25_fillin_cb(ax25_cb *ax25, ax25_dev *ax25_dev)
495 {
496 	ax25->ax25_dev = ax25_dev;
497 
498 	if (ax25->ax25_dev != NULL) {
499 		ax25_fillin_cb_from_dev(ax25, ax25_dev);
500 		return;
501 	}
502 
503 	/*
504 	 * No device, use kernel / AX.25 spec default values
505 	 */
506 	ax25->rtt     = msecs_to_jiffies(AX25_DEF_T1) / 2;
507 	ax25->t1      = msecs_to_jiffies(AX25_DEF_T1);
508 	ax25->t2      = msecs_to_jiffies(AX25_DEF_T2);
509 	ax25->t3      = msecs_to_jiffies(AX25_DEF_T3);
510 	ax25->n2      = AX25_DEF_N2;
511 	ax25->paclen  = AX25_DEF_PACLEN;
512 	ax25->idle    = msecs_to_jiffies(AX25_DEF_IDLE);
513 	ax25->backoff = AX25_DEF_BACKOFF;
514 
515 	if (AX25_DEF_AXDEFMODE) {
516 		ax25->modulus = AX25_EMODULUS;
517 		ax25->window  = AX25_DEF_EWINDOW;
518 	} else {
519 		ax25->modulus = AX25_MODULUS;
520 		ax25->window  = AX25_DEF_WINDOW;
521 	}
522 }
523 
524 /*
525  * Create an empty AX.25 control block.
526  */
ax25_create_cb(void)527 ax25_cb *ax25_create_cb(void)
528 {
529 	ax25_cb *ax25;
530 
531 	if ((ax25 = kzalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
532 		return NULL;
533 
534 	refcount_set(&ax25->refcount, 1);
535 
536 	skb_queue_head_init(&ax25->write_queue);
537 	skb_queue_head_init(&ax25->frag_queue);
538 	skb_queue_head_init(&ax25->ack_queue);
539 	skb_queue_head_init(&ax25->reseq_queue);
540 
541 	ax25_setup_timers(ax25);
542 
543 	ax25_fillin_cb(ax25, NULL);
544 
545 	ax25->state = AX25_STATE_0;
546 
547 	return ax25;
548 }
549 
550 /*
551  *	Handling for system calls applied via the various interfaces to an
552  *	AX25 socket object
553  */
554 
ax25_setsockopt(struct socket * sock,int level,int optname,sockptr_t optval,unsigned int optlen)555 static int ax25_setsockopt(struct socket *sock, int level, int optname,
556 		sockptr_t optval, unsigned int optlen)
557 {
558 	struct sock *sk = sock->sk;
559 	ax25_cb *ax25;
560 	struct net_device *dev;
561 	char devname[IFNAMSIZ];
562 	unsigned int opt;
563 	int res = 0;
564 
565 	if (level != SOL_AX25)
566 		return -ENOPROTOOPT;
567 
568 	if (optlen < sizeof(unsigned int))
569 		return -EINVAL;
570 
571 	if (copy_from_sockptr(&opt, optval, sizeof(unsigned int)))
572 		return -EFAULT;
573 
574 	lock_sock(sk);
575 	ax25 = sk_to_ax25(sk);
576 
577 	switch (optname) {
578 	case AX25_WINDOW:
579 		if (ax25->modulus == AX25_MODULUS) {
580 			if (opt < 1 || opt > 7) {
581 				res = -EINVAL;
582 				break;
583 			}
584 		} else {
585 			if (opt < 1 || opt > 63) {
586 				res = -EINVAL;
587 				break;
588 			}
589 		}
590 		ax25->window = opt;
591 		break;
592 
593 	case AX25_T1:
594 		if (opt < 1 || opt > UINT_MAX / HZ) {
595 			res = -EINVAL;
596 			break;
597 		}
598 		ax25->rtt = (opt * HZ) >> 1;
599 		ax25->t1  = opt * HZ;
600 		break;
601 
602 	case AX25_T2:
603 		if (opt < 1 || opt > UINT_MAX / HZ) {
604 			res = -EINVAL;
605 			break;
606 		}
607 		ax25->t2 = opt * HZ;
608 		break;
609 
610 	case AX25_N2:
611 		if (opt < 1 || opt > 31) {
612 			res = -EINVAL;
613 			break;
614 		}
615 		ax25->n2 = opt;
616 		break;
617 
618 	case AX25_T3:
619 		if (opt < 1 || opt > UINT_MAX / HZ) {
620 			res = -EINVAL;
621 			break;
622 		}
623 		ax25->t3 = opt * HZ;
624 		break;
625 
626 	case AX25_IDLE:
627 		if (opt > UINT_MAX / (60 * HZ)) {
628 			res = -EINVAL;
629 			break;
630 		}
631 		ax25->idle = opt * 60 * HZ;
632 		break;
633 
634 	case AX25_BACKOFF:
635 		if (opt > 2) {
636 			res = -EINVAL;
637 			break;
638 		}
639 		ax25->backoff = opt;
640 		break;
641 
642 	case AX25_EXTSEQ:
643 		ax25->modulus = opt ? AX25_EMODULUS : AX25_MODULUS;
644 		break;
645 
646 	case AX25_PIDINCL:
647 		ax25->pidincl = opt ? 1 : 0;
648 		break;
649 
650 	case AX25_IAMDIGI:
651 		ax25->iamdigi = opt ? 1 : 0;
652 		break;
653 
654 	case AX25_PACLEN:
655 		if (opt < 16 || opt > 65535) {
656 			res = -EINVAL;
657 			break;
658 		}
659 		ax25->paclen = opt;
660 		break;
661 
662 	case SO_BINDTODEVICE:
663 		if (optlen > IFNAMSIZ - 1)
664 			optlen = IFNAMSIZ - 1;
665 
666 		memset(devname, 0, sizeof(devname));
667 
668 		if (copy_from_sockptr(devname, optval, optlen)) {
669 			res = -EFAULT;
670 			break;
671 		}
672 
673 		if (sk->sk_type == SOCK_SEQPACKET &&
674 		   (sock->state != SS_UNCONNECTED ||
675 		    sk->sk_state == TCP_LISTEN)) {
676 			res = -EADDRNOTAVAIL;
677 			break;
678 		}
679 
680 		rtnl_lock();
681 		dev = __dev_get_by_name(&init_net, devname);
682 		if (!dev) {
683 			rtnl_unlock();
684 			res = -ENODEV;
685 			break;
686 		}
687 
688 		ax25->ax25_dev = ax25_dev_ax25dev(dev);
689 		if (!ax25->ax25_dev) {
690 			rtnl_unlock();
691 			res = -ENODEV;
692 			break;
693 		}
694 		ax25_fillin_cb(ax25, ax25->ax25_dev);
695 		rtnl_unlock();
696 		break;
697 
698 	default:
699 		res = -ENOPROTOOPT;
700 	}
701 	release_sock(sk);
702 
703 	return res;
704 }
705 
ax25_getsockopt(struct socket * sock,int level,int optname,char __user * optval,int __user * optlen)706 static int ax25_getsockopt(struct socket *sock, int level, int optname,
707 	char __user *optval, int __user *optlen)
708 {
709 	struct sock *sk = sock->sk;
710 	ax25_cb *ax25;
711 	struct ax25_dev *ax25_dev;
712 	char devname[IFNAMSIZ];
713 	void *valptr;
714 	int val = 0;
715 	int maxlen, length;
716 
717 	if (level != SOL_AX25)
718 		return -ENOPROTOOPT;
719 
720 	if (get_user(maxlen, optlen))
721 		return -EFAULT;
722 
723 	if (maxlen < 1)
724 		return -EFAULT;
725 
726 	valptr = &val;
727 	length = min_t(unsigned int, maxlen, sizeof(int));
728 
729 	lock_sock(sk);
730 	ax25 = sk_to_ax25(sk);
731 
732 	switch (optname) {
733 	case AX25_WINDOW:
734 		val = ax25->window;
735 		break;
736 
737 	case AX25_T1:
738 		val = ax25->t1 / HZ;
739 		break;
740 
741 	case AX25_T2:
742 		val = ax25->t2 / HZ;
743 		break;
744 
745 	case AX25_N2:
746 		val = ax25->n2;
747 		break;
748 
749 	case AX25_T3:
750 		val = ax25->t3 / HZ;
751 		break;
752 
753 	case AX25_IDLE:
754 		val = ax25->idle / (60 * HZ);
755 		break;
756 
757 	case AX25_BACKOFF:
758 		val = ax25->backoff;
759 		break;
760 
761 	case AX25_EXTSEQ:
762 		val = (ax25->modulus == AX25_EMODULUS);
763 		break;
764 
765 	case AX25_PIDINCL:
766 		val = ax25->pidincl;
767 		break;
768 
769 	case AX25_IAMDIGI:
770 		val = ax25->iamdigi;
771 		break;
772 
773 	case AX25_PACLEN:
774 		val = ax25->paclen;
775 		break;
776 
777 	case SO_BINDTODEVICE:
778 		ax25_dev = ax25->ax25_dev;
779 
780 		if (ax25_dev != NULL && ax25_dev->dev != NULL) {
781 			strscpy(devname, ax25_dev->dev->name, sizeof(devname));
782 			length = strlen(devname) + 1;
783 		} else {
784 			*devname = '\0';
785 			length = 1;
786 		}
787 
788 		valptr = devname;
789 		break;
790 
791 	default:
792 		release_sock(sk);
793 		return -ENOPROTOOPT;
794 	}
795 	release_sock(sk);
796 
797 	if (put_user(length, optlen))
798 		return -EFAULT;
799 
800 	return copy_to_user(optval, valptr, length) ? -EFAULT : 0;
801 }
802 
ax25_listen(struct socket * sock,int backlog)803 static int ax25_listen(struct socket *sock, int backlog)
804 {
805 	struct sock *sk = sock->sk;
806 	int res = 0;
807 
808 	lock_sock(sk);
809 	if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_LISTEN) {
810 		sk->sk_max_ack_backlog = backlog;
811 		sk->sk_state           = TCP_LISTEN;
812 		goto out;
813 	}
814 	res = -EOPNOTSUPP;
815 
816 out:
817 	release_sock(sk);
818 
819 	return res;
820 }
821 
822 /*
823  * XXX: when creating ax25_sock we should update the .obj_size setting
824  * below.
825  */
826 static struct proto ax25_proto = {
827 	.name	  = "AX25",
828 	.owner	  = THIS_MODULE,
829 	.obj_size = sizeof(struct ax25_sock),
830 };
831 
ax25_create(struct net * net,struct socket * sock,int protocol,int kern)832 static int ax25_create(struct net *net, struct socket *sock, int protocol,
833 		       int kern)
834 {
835 	struct sock *sk;
836 	ax25_cb *ax25;
837 
838 	if (protocol < 0 || protocol > U8_MAX)
839 		return -EINVAL;
840 
841 	if (!net_eq(net, &init_net))
842 		return -EAFNOSUPPORT;
843 
844 	switch (sock->type) {
845 	case SOCK_DGRAM:
846 		if (protocol == 0 || protocol == PF_AX25)
847 			protocol = AX25_P_TEXT;
848 		break;
849 
850 	case SOCK_SEQPACKET:
851 		switch (protocol) {
852 		case 0:
853 		case PF_AX25:	/* For CLX */
854 			protocol = AX25_P_TEXT;
855 			break;
856 		case AX25_P_SEGMENT:
857 #ifdef CONFIG_INET
858 		case AX25_P_ARP:
859 		case AX25_P_IP:
860 #endif
861 #ifdef CONFIG_NETROM
862 		case AX25_P_NETROM:
863 #endif
864 #ifdef CONFIG_ROSE
865 		case AX25_P_ROSE:
866 #endif
867 			return -ESOCKTNOSUPPORT;
868 #ifdef CONFIG_NETROM_MODULE
869 		case AX25_P_NETROM:
870 			if (ax25_protocol_is_registered(AX25_P_NETROM))
871 				return -ESOCKTNOSUPPORT;
872 			break;
873 #endif
874 #ifdef CONFIG_ROSE_MODULE
875 		case AX25_P_ROSE:
876 			if (ax25_protocol_is_registered(AX25_P_ROSE))
877 				return -ESOCKTNOSUPPORT;
878 			break;
879 #endif
880 		default:
881 			break;
882 		}
883 		break;
884 
885 	case SOCK_RAW:
886 		if (!capable(CAP_NET_RAW))
887 			return -EPERM;
888 		break;
889 	default:
890 		return -ESOCKTNOSUPPORT;
891 	}
892 
893 	sk = sk_alloc(net, PF_AX25, GFP_ATOMIC, &ax25_proto, kern);
894 	if (sk == NULL)
895 		return -ENOMEM;
896 
897 	ax25 = ax25_sk(sk)->cb = ax25_create_cb();
898 	if (!ax25) {
899 		sk_free(sk);
900 		return -ENOMEM;
901 	}
902 
903 	sock_init_data(sock, sk);
904 
905 	sk->sk_destruct = ax25_free_sock;
906 	sock->ops    = &ax25_proto_ops;
907 	sk->sk_protocol = protocol;
908 
909 	ax25->sk    = sk;
910 
911 	return 0;
912 }
913 
ax25_make_new(struct sock * osk,struct ax25_dev * ax25_dev)914 struct sock *ax25_make_new(struct sock *osk, struct ax25_dev *ax25_dev)
915 {
916 	struct sock *sk;
917 	ax25_cb *ax25, *oax25;
918 
919 	sk = sk_alloc(sock_net(osk), PF_AX25, GFP_ATOMIC, osk->sk_prot, 0);
920 	if (sk == NULL)
921 		return NULL;
922 
923 	if ((ax25 = ax25_create_cb()) == NULL) {
924 		sk_free(sk);
925 		return NULL;
926 	}
927 
928 	switch (osk->sk_type) {
929 	case SOCK_DGRAM:
930 		break;
931 	case SOCK_SEQPACKET:
932 		break;
933 	default:
934 		sk_free(sk);
935 		ax25_cb_put(ax25);
936 		return NULL;
937 	}
938 
939 	sock_init_data(NULL, sk);
940 
941 	sk->sk_type     = osk->sk_type;
942 	sk->sk_priority = READ_ONCE(osk->sk_priority);
943 	sk->sk_protocol = osk->sk_protocol;
944 	sk->sk_rcvbuf   = osk->sk_rcvbuf;
945 	sk->sk_sndbuf   = osk->sk_sndbuf;
946 	sk->sk_state    = TCP_ESTABLISHED;
947 	sock_copy_flags(sk, osk);
948 
949 	oax25 = sk_to_ax25(osk);
950 
951 	ax25->modulus = oax25->modulus;
952 	ax25->backoff = oax25->backoff;
953 	ax25->pidincl = oax25->pidincl;
954 	ax25->iamdigi = oax25->iamdigi;
955 	ax25->rtt     = oax25->rtt;
956 	ax25->t1      = oax25->t1;
957 	ax25->t2      = oax25->t2;
958 	ax25->t3      = oax25->t3;
959 	ax25->n2      = oax25->n2;
960 	ax25->idle    = oax25->idle;
961 	ax25->paclen  = oax25->paclen;
962 	ax25->window  = oax25->window;
963 
964 	ax25->ax25_dev    = ax25_dev;
965 	ax25->source_addr = oax25->source_addr;
966 
967 	if (oax25->digipeat != NULL) {
968 		ax25->digipeat = kmemdup(oax25->digipeat, sizeof(ax25_digi),
969 					 GFP_ATOMIC);
970 		if (ax25->digipeat == NULL) {
971 			sk_free(sk);
972 			ax25_cb_put(ax25);
973 			return NULL;
974 		}
975 	}
976 
977 	ax25_sk(sk)->cb = ax25;
978 	sk->sk_destruct = ax25_free_sock;
979 	ax25->sk    = sk;
980 
981 	return sk;
982 }
983 
ax25_release(struct socket * sock)984 static int ax25_release(struct socket *sock)
985 {
986 	struct sock *sk = sock->sk;
987 	ax25_cb *ax25;
988 	ax25_dev *ax25_dev;
989 
990 	if (sk == NULL)
991 		return 0;
992 
993 	sock_hold(sk);
994 	lock_sock(sk);
995 	sock_orphan(sk);
996 	ax25 = sk_to_ax25(sk);
997 	ax25_dev = ax25->ax25_dev;
998 
999 	if (sk->sk_type == SOCK_SEQPACKET) {
1000 		switch (ax25->state) {
1001 		case AX25_STATE_0:
1002 			if (!sock_flag(ax25->sk, SOCK_DEAD)) {
1003 				release_sock(sk);
1004 				ax25_disconnect(ax25, 0);
1005 				lock_sock(sk);
1006 			}
1007 			ax25_destroy_socket(ax25);
1008 			break;
1009 
1010 		case AX25_STATE_1:
1011 		case AX25_STATE_2:
1012 			ax25_send_control(ax25, AX25_DISC, AX25_POLLON, AX25_COMMAND);
1013 			release_sock(sk);
1014 			ax25_disconnect(ax25, 0);
1015 			lock_sock(sk);
1016 			if (!sock_flag(ax25->sk, SOCK_DESTROY))
1017 				ax25_destroy_socket(ax25);
1018 			break;
1019 
1020 		case AX25_STATE_3:
1021 		case AX25_STATE_4:
1022 			ax25_clear_queues(ax25);
1023 			ax25->n2count = 0;
1024 
1025 			switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1026 			case AX25_PROTO_STD_SIMPLEX:
1027 			case AX25_PROTO_STD_DUPLEX:
1028 				ax25_send_control(ax25,
1029 						  AX25_DISC,
1030 						  AX25_POLLON,
1031 						  AX25_COMMAND);
1032 				ax25_stop_t2timer(ax25);
1033 				ax25_stop_t3timer(ax25);
1034 				ax25_stop_idletimer(ax25);
1035 				break;
1036 #ifdef CONFIG_AX25_DAMA_SLAVE
1037 			case AX25_PROTO_DAMA_SLAVE:
1038 				ax25_stop_t3timer(ax25);
1039 				ax25_stop_idletimer(ax25);
1040 				break;
1041 #endif
1042 			}
1043 			ax25_calculate_t1(ax25);
1044 			ax25_start_t1timer(ax25);
1045 			ax25->state = AX25_STATE_2;
1046 			sk->sk_state                = TCP_CLOSE;
1047 			sk->sk_shutdown            |= SEND_SHUTDOWN;
1048 			sk->sk_state_change(sk);
1049 			sock_set_flag(sk, SOCK_DESTROY);
1050 			break;
1051 
1052 		default:
1053 			break;
1054 		}
1055 	} else {
1056 		sk->sk_state     = TCP_CLOSE;
1057 		sk->sk_shutdown |= SEND_SHUTDOWN;
1058 		sk->sk_state_change(sk);
1059 		ax25_destroy_socket(ax25);
1060 	}
1061 	if (ax25_dev) {
1062 		if (!ax25_dev->device_up) {
1063 			del_timer_sync(&ax25->timer);
1064 			del_timer_sync(&ax25->t1timer);
1065 			del_timer_sync(&ax25->t2timer);
1066 			del_timer_sync(&ax25->t3timer);
1067 			del_timer_sync(&ax25->idletimer);
1068 		}
1069 		netdev_put(ax25_dev->dev, &ax25->dev_tracker);
1070 		ax25_dev_put(ax25_dev);
1071 	}
1072 
1073 	sock->sk   = NULL;
1074 	release_sock(sk);
1075 	sock_put(sk);
1076 
1077 	return 0;
1078 }
1079 
1080 /*
1081  *	We support a funny extension here so you can (as root) give any callsign
1082  *	digipeated via a local address as source. This hack is obsolete now
1083  *	that we've implemented support for SO_BINDTODEVICE. It is however small
1084  *	and trivially backward compatible.
1085  */
ax25_bind(struct socket * sock,struct sockaddr * uaddr,int addr_len)1086 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1087 {
1088 	struct sock *sk = sock->sk;
1089 	struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1090 	ax25_dev *ax25_dev = NULL;
1091 	ax25_uid_assoc *user;
1092 	ax25_address call;
1093 	ax25_cb *ax25;
1094 	int err = 0;
1095 
1096 	if (addr_len != sizeof(struct sockaddr_ax25) &&
1097 	    addr_len != sizeof(struct full_sockaddr_ax25))
1098 		/* support for old structure may go away some time
1099 		 * ax25_bind(): uses old (6 digipeater) socket structure.
1100 		 */
1101 		if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1102 		    (addr_len > sizeof(struct full_sockaddr_ax25)))
1103 			return -EINVAL;
1104 
1105 	if (addr->fsa_ax25.sax25_family != AF_AX25)
1106 		return -EINVAL;
1107 
1108 	user = ax25_findbyuid(current_euid());
1109 	if (user) {
1110 		call = user->call;
1111 		ax25_uid_put(user);
1112 	} else {
1113 		if (ax25_uid_policy && !capable(CAP_NET_ADMIN))
1114 			return -EACCES;
1115 
1116 		call = addr->fsa_ax25.sax25_call;
1117 	}
1118 
1119 	lock_sock(sk);
1120 
1121 	ax25 = sk_to_ax25(sk);
1122 	if (!sock_flag(sk, SOCK_ZAPPED)) {
1123 		err = -EINVAL;
1124 		goto out;
1125 	}
1126 
1127 	ax25->source_addr = call;
1128 
1129 	/*
1130 	 * User already set interface with SO_BINDTODEVICE
1131 	 */
1132 	if (ax25->ax25_dev != NULL)
1133 		goto done;
1134 
1135 	if (addr_len > sizeof(struct sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1136 		if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) != 0 &&
1137 		    (ax25_dev = ax25_addr_ax25dev(&addr->fsa_digipeater[0])) == NULL) {
1138 			err = -EADDRNOTAVAIL;
1139 			goto out;
1140 		}
1141 	} else {
1142 		if ((ax25_dev = ax25_addr_ax25dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1143 			err = -EADDRNOTAVAIL;
1144 			goto out;
1145 		}
1146 	}
1147 
1148 	if (ax25_dev) {
1149 		ax25_fillin_cb(ax25, ax25_dev);
1150 		netdev_hold(ax25_dev->dev, &ax25->dev_tracker, GFP_ATOMIC);
1151 	}
1152 
1153 done:
1154 	ax25_cb_add(ax25);
1155 	sock_reset_flag(sk, SOCK_ZAPPED);
1156 
1157 out:
1158 	release_sock(sk);
1159 
1160 	return err;
1161 }
1162 
1163 /*
1164  *	FIXME: nonblock behaviour looks like it may have a bug.
1165  */
ax25_connect(struct socket * sock,struct sockaddr * uaddr,int addr_len,int flags)1166 static int __must_check ax25_connect(struct socket *sock,
1167 	struct sockaddr *uaddr, int addr_len, int flags)
1168 {
1169 	struct sock *sk = sock->sk;
1170 	ax25_cb *ax25 = sk_to_ax25(sk), *ax25t;
1171 	struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1172 	ax25_digi *digi = NULL;
1173 	int ct = 0, err = 0;
1174 
1175 	/*
1176 	 * some sanity checks. code further down depends on this
1177 	 */
1178 
1179 	if (addr_len == sizeof(struct sockaddr_ax25))
1180 		/* support for this will go away in early 2.5.x
1181 		 * ax25_connect(): uses obsolete socket structure
1182 		 */
1183 		;
1184 	else if (addr_len != sizeof(struct full_sockaddr_ax25))
1185 		/* support for old structure may go away some time
1186 		 * ax25_connect(): uses old (6 digipeater) socket structure.
1187 		 */
1188 		if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1189 		    (addr_len > sizeof(struct full_sockaddr_ax25)))
1190 			return -EINVAL;
1191 
1192 
1193 	if (fsa->fsa_ax25.sax25_family != AF_AX25)
1194 		return -EINVAL;
1195 
1196 	lock_sock(sk);
1197 
1198 	/* deal with restarts */
1199 	if (sock->state == SS_CONNECTING) {
1200 		switch (sk->sk_state) {
1201 		case TCP_SYN_SENT: /* still trying */
1202 			err = -EINPROGRESS;
1203 			goto out_release;
1204 
1205 		case TCP_ESTABLISHED: /* connection established */
1206 			sock->state = SS_CONNECTED;
1207 			goto out_release;
1208 
1209 		case TCP_CLOSE: /* connection refused */
1210 			sock->state = SS_UNCONNECTED;
1211 			err = -ECONNREFUSED;
1212 			goto out_release;
1213 		}
1214 	}
1215 
1216 	if (sk->sk_state == TCP_ESTABLISHED && sk->sk_type == SOCK_SEQPACKET) {
1217 		err = -EISCONN;	/* No reconnect on a seqpacket socket */
1218 		goto out_release;
1219 	}
1220 
1221 	sk->sk_state   = TCP_CLOSE;
1222 	sock->state = SS_UNCONNECTED;
1223 
1224 	kfree(ax25->digipeat);
1225 	ax25->digipeat = NULL;
1226 
1227 	/*
1228 	 *	Handle digi-peaters to be used.
1229 	 */
1230 	if (addr_len > sizeof(struct sockaddr_ax25) &&
1231 	    fsa->fsa_ax25.sax25_ndigis != 0) {
1232 		/* Valid number of digipeaters ? */
1233 		if (fsa->fsa_ax25.sax25_ndigis < 1 ||
1234 		    fsa->fsa_ax25.sax25_ndigis > AX25_MAX_DIGIS ||
1235 		    addr_len < sizeof(struct sockaddr_ax25) +
1236 		    sizeof(ax25_address) * fsa->fsa_ax25.sax25_ndigis) {
1237 			err = -EINVAL;
1238 			goto out_release;
1239 		}
1240 
1241 		if ((digi = kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL) {
1242 			err = -ENOBUFS;
1243 			goto out_release;
1244 		}
1245 
1246 		digi->ndigi      = fsa->fsa_ax25.sax25_ndigis;
1247 		digi->lastrepeat = -1;
1248 
1249 		while (ct < fsa->fsa_ax25.sax25_ndigis) {
1250 			if ((fsa->fsa_digipeater[ct].ax25_call[6] &
1251 			     AX25_HBIT) && ax25->iamdigi) {
1252 				digi->repeated[ct] = 1;
1253 				digi->lastrepeat   = ct;
1254 			} else {
1255 				digi->repeated[ct] = 0;
1256 			}
1257 			digi->calls[ct] = fsa->fsa_digipeater[ct];
1258 			ct++;
1259 		}
1260 	}
1261 
1262 	/*
1263 	 *	Must bind first - autobinding in this may or may not work. If
1264 	 *	the socket is already bound, check to see if the device has
1265 	 *	been filled in, error if it hasn't.
1266 	 */
1267 	if (sock_flag(sk, SOCK_ZAPPED)) {
1268 		/* check if we can remove this feature. It is broken. */
1269 		printk(KERN_WARNING "ax25_connect(): %s uses autobind, please contact jreuter@yaina.de\n",
1270 			current->comm);
1271 		if ((err = ax25_rt_autobind(ax25, &fsa->fsa_ax25.sax25_call)) < 0) {
1272 			kfree(digi);
1273 			goto out_release;
1274 		}
1275 
1276 		ax25_fillin_cb(ax25, ax25->ax25_dev);
1277 		ax25_cb_add(ax25);
1278 	} else {
1279 		if (ax25->ax25_dev == NULL) {
1280 			kfree(digi);
1281 			err = -EHOSTUNREACH;
1282 			goto out_release;
1283 		}
1284 	}
1285 
1286 	if (sk->sk_type == SOCK_SEQPACKET &&
1287 	    (ax25t=ax25_find_cb(&ax25->source_addr, &fsa->fsa_ax25.sax25_call, digi,
1288 			 ax25->ax25_dev->dev))) {
1289 		kfree(digi);
1290 		err = -EADDRINUSE;		/* Already such a connection */
1291 		ax25_cb_put(ax25t);
1292 		goto out_release;
1293 	}
1294 
1295 	ax25->dest_addr = fsa->fsa_ax25.sax25_call;
1296 	ax25->digipeat  = digi;
1297 
1298 	/* First the easy one */
1299 	if (sk->sk_type != SOCK_SEQPACKET) {
1300 		sock->state = SS_CONNECTED;
1301 		sk->sk_state   = TCP_ESTABLISHED;
1302 		goto out_release;
1303 	}
1304 
1305 	/* Move to connecting socket, ax.25 lapb WAIT_UA.. */
1306 	sock->state        = SS_CONNECTING;
1307 	sk->sk_state          = TCP_SYN_SENT;
1308 
1309 	switch (ax25->ax25_dev->values[AX25_VALUES_PROTOCOL]) {
1310 	case AX25_PROTO_STD_SIMPLEX:
1311 	case AX25_PROTO_STD_DUPLEX:
1312 		ax25_std_establish_data_link(ax25);
1313 		break;
1314 
1315 #ifdef CONFIG_AX25_DAMA_SLAVE
1316 	case AX25_PROTO_DAMA_SLAVE:
1317 		ax25->modulus = AX25_MODULUS;
1318 		ax25->window  = ax25->ax25_dev->values[AX25_VALUES_WINDOW];
1319 		if (ax25->ax25_dev->dama.slave)
1320 			ax25_ds_establish_data_link(ax25);
1321 		else
1322 			ax25_std_establish_data_link(ax25);
1323 		break;
1324 #endif
1325 	}
1326 
1327 	ax25->state = AX25_STATE_1;
1328 
1329 	ax25_start_heartbeat(ax25);
1330 
1331 	/* Now the loop */
1332 	if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) {
1333 		err = -EINPROGRESS;
1334 		goto out_release;
1335 	}
1336 
1337 	if (sk->sk_state == TCP_SYN_SENT) {
1338 		DEFINE_WAIT(wait);
1339 
1340 		for (;;) {
1341 			prepare_to_wait(sk_sleep(sk), &wait,
1342 					TASK_INTERRUPTIBLE);
1343 			if (sk->sk_state != TCP_SYN_SENT)
1344 				break;
1345 			if (!signal_pending(current)) {
1346 				release_sock(sk);
1347 				schedule();
1348 				lock_sock(sk);
1349 				continue;
1350 			}
1351 			err = -ERESTARTSYS;
1352 			break;
1353 		}
1354 		finish_wait(sk_sleep(sk), &wait);
1355 
1356 		if (err)
1357 			goto out_release;
1358 	}
1359 
1360 	if (sk->sk_state != TCP_ESTABLISHED) {
1361 		/* Not in ABM, not in WAIT_UA -> failed */
1362 		sock->state = SS_UNCONNECTED;
1363 		err = sock_error(sk);	/* Always set at this point */
1364 		goto out_release;
1365 	}
1366 
1367 	sock->state = SS_CONNECTED;
1368 
1369 	err = 0;
1370 out_release:
1371 	release_sock(sk);
1372 
1373 	return err;
1374 }
1375 
ax25_accept(struct socket * sock,struct socket * newsock,struct proto_accept_arg * arg)1376 static int ax25_accept(struct socket *sock, struct socket *newsock,
1377 		       struct proto_accept_arg *arg)
1378 {
1379 	struct sk_buff *skb;
1380 	struct sock *newsk;
1381 	ax25_dev *ax25_dev;
1382 	DEFINE_WAIT(wait);
1383 	struct sock *sk;
1384 	ax25_cb *ax25;
1385 	int err = 0;
1386 
1387 	if (sock->state != SS_UNCONNECTED)
1388 		return -EINVAL;
1389 
1390 	if ((sk = sock->sk) == NULL)
1391 		return -EINVAL;
1392 
1393 	lock_sock(sk);
1394 	if (sk->sk_type != SOCK_SEQPACKET) {
1395 		err = -EOPNOTSUPP;
1396 		goto out;
1397 	}
1398 
1399 	if (sk->sk_state != TCP_LISTEN) {
1400 		err = -EINVAL;
1401 		goto out;
1402 	}
1403 
1404 	/*
1405 	 *	The read queue this time is holding sockets ready to use
1406 	 *	hooked into the SABM we saved
1407 	 */
1408 	for (;;) {
1409 		prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1410 		skb = skb_dequeue(&sk->sk_receive_queue);
1411 		if (skb)
1412 			break;
1413 
1414 		if (arg->flags & O_NONBLOCK) {
1415 			err = -EWOULDBLOCK;
1416 			break;
1417 		}
1418 		if (!signal_pending(current)) {
1419 			release_sock(sk);
1420 			schedule();
1421 			lock_sock(sk);
1422 			continue;
1423 		}
1424 		err = -ERESTARTSYS;
1425 		break;
1426 	}
1427 	finish_wait(sk_sleep(sk), &wait);
1428 
1429 	if (err)
1430 		goto out;
1431 
1432 	newsk		 = skb->sk;
1433 	sock_graft(newsk, newsock);
1434 
1435 	/* Now attach up the new socket */
1436 	kfree_skb(skb);
1437 	sk_acceptq_removed(sk);
1438 	newsock->state = SS_CONNECTED;
1439 	ax25 = sk_to_ax25(newsk);
1440 	ax25_dev = ax25->ax25_dev;
1441 	netdev_hold(ax25_dev->dev, &ax25->dev_tracker, GFP_ATOMIC);
1442 	ax25_dev_hold(ax25_dev);
1443 
1444 out:
1445 	release_sock(sk);
1446 
1447 	return err;
1448 }
1449 
ax25_getname(struct socket * sock,struct sockaddr * uaddr,int peer)1450 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
1451 	int peer)
1452 {
1453 	struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)uaddr;
1454 	struct sock *sk = sock->sk;
1455 	unsigned char ndigi, i;
1456 	ax25_cb *ax25;
1457 	int err = 0;
1458 
1459 	memset(fsa, 0, sizeof(*fsa));
1460 	lock_sock(sk);
1461 	ax25 = sk_to_ax25(sk);
1462 
1463 	if (peer != 0) {
1464 		if (sk->sk_state != TCP_ESTABLISHED) {
1465 			err = -ENOTCONN;
1466 			goto out;
1467 		}
1468 
1469 		fsa->fsa_ax25.sax25_family = AF_AX25;
1470 		fsa->fsa_ax25.sax25_call   = ax25->dest_addr;
1471 
1472 		if (ax25->digipeat != NULL) {
1473 			ndigi = ax25->digipeat->ndigi;
1474 			fsa->fsa_ax25.sax25_ndigis = ndigi;
1475 			for (i = 0; i < ndigi; i++)
1476 				fsa->fsa_digipeater[i] =
1477 						ax25->digipeat->calls[i];
1478 		}
1479 	} else {
1480 		fsa->fsa_ax25.sax25_family = AF_AX25;
1481 		fsa->fsa_ax25.sax25_call   = ax25->source_addr;
1482 		fsa->fsa_ax25.sax25_ndigis = 1;
1483 		if (ax25->ax25_dev != NULL) {
1484 			memcpy(&fsa->fsa_digipeater[0],
1485 			       ax25->ax25_dev->dev->dev_addr, AX25_ADDR_LEN);
1486 		} else {
1487 			fsa->fsa_digipeater[0] = null_ax25_address;
1488 		}
1489 	}
1490 	err = sizeof (struct full_sockaddr_ax25);
1491 
1492 out:
1493 	release_sock(sk);
1494 
1495 	return err;
1496 }
1497 
ax25_sendmsg(struct socket * sock,struct msghdr * msg,size_t len)1498 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
1499 {
1500 	DECLARE_SOCKADDR(struct sockaddr_ax25 *, usax, msg->msg_name);
1501 	struct sock *sk = sock->sk;
1502 	struct sockaddr_ax25 sax;
1503 	struct sk_buff *skb;
1504 	ax25_digi dtmp, *dp;
1505 	ax25_cb *ax25;
1506 	size_t size;
1507 	int lv, err, addr_len = msg->msg_namelen;
1508 
1509 	if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_CMSG_COMPAT))
1510 		return -EINVAL;
1511 
1512 	lock_sock(sk);
1513 	ax25 = sk_to_ax25(sk);
1514 
1515 	if (sock_flag(sk, SOCK_ZAPPED)) {
1516 		err = -EADDRNOTAVAIL;
1517 		goto out;
1518 	}
1519 
1520 	if (sk->sk_shutdown & SEND_SHUTDOWN) {
1521 		send_sig(SIGPIPE, current, 0);
1522 		err = -EPIPE;
1523 		goto out;
1524 	}
1525 
1526 	if (ax25->ax25_dev == NULL) {
1527 		err = -ENETUNREACH;
1528 		goto out;
1529 	}
1530 
1531 	if (len > ax25->ax25_dev->dev->mtu) {
1532 		err = -EMSGSIZE;
1533 		goto out;
1534 	}
1535 
1536 	if (usax != NULL) {
1537 		if (usax->sax25_family != AF_AX25) {
1538 			err = -EINVAL;
1539 			goto out;
1540 		}
1541 
1542 		if (addr_len == sizeof(struct sockaddr_ax25))
1543 			/* ax25_sendmsg(): uses obsolete socket structure */
1544 			;
1545 		else if (addr_len != sizeof(struct full_sockaddr_ax25))
1546 			/* support for old structure may go away some time
1547 			 * ax25_sendmsg(): uses old (6 digipeater)
1548 			 * socket structure.
1549 			 */
1550 			if ((addr_len < sizeof(struct sockaddr_ax25) + sizeof(ax25_address) * 6) ||
1551 			    (addr_len > sizeof(struct full_sockaddr_ax25))) {
1552 				err = -EINVAL;
1553 				goto out;
1554 			}
1555 
1556 
1557 		if (addr_len > sizeof(struct sockaddr_ax25) && usax->sax25_ndigis != 0) {
1558 			int ct           = 0;
1559 			struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1560 
1561 			/* Valid number of digipeaters ? */
1562 			if (usax->sax25_ndigis < 1 ||
1563 			    usax->sax25_ndigis > AX25_MAX_DIGIS ||
1564 			    addr_len < sizeof(struct sockaddr_ax25) +
1565 			    sizeof(ax25_address) * usax->sax25_ndigis) {
1566 				err = -EINVAL;
1567 				goto out;
1568 			}
1569 
1570 			dtmp.ndigi      = usax->sax25_ndigis;
1571 
1572 			while (ct < usax->sax25_ndigis) {
1573 				dtmp.repeated[ct] = 0;
1574 				dtmp.calls[ct]    = fsa->fsa_digipeater[ct];
1575 				ct++;
1576 			}
1577 
1578 			dtmp.lastrepeat = 0;
1579 		}
1580 
1581 		sax = *usax;
1582 		if (sk->sk_type == SOCK_SEQPACKET &&
1583 		    ax25cmp(&ax25->dest_addr, &sax.sax25_call)) {
1584 			err = -EISCONN;
1585 			goto out;
1586 		}
1587 		if (usax->sax25_ndigis == 0)
1588 			dp = NULL;
1589 		else
1590 			dp = &dtmp;
1591 	} else {
1592 		/*
1593 		 *	FIXME: 1003.1g - if the socket is like this because
1594 		 *	it has become closed (not started closed) and is VC
1595 		 *	we ought to SIGPIPE, EPIPE
1596 		 */
1597 		if (sk->sk_state != TCP_ESTABLISHED) {
1598 			err = -ENOTCONN;
1599 			goto out;
1600 		}
1601 		sax.sax25_family = AF_AX25;
1602 		sax.sax25_call   = ax25->dest_addr;
1603 		dp = ax25->digipeat;
1604 	}
1605 
1606 	/* Build a packet */
1607 	/* Assume the worst case */
1608 	size = len + ax25->ax25_dev->dev->hard_header_len;
1609 
1610 	skb = sock_alloc_send_skb(sk, size, msg->msg_flags&MSG_DONTWAIT, &err);
1611 	if (skb == NULL)
1612 		goto out;
1613 
1614 	skb_reserve(skb, size - len);
1615 
1616 	/* User data follows immediately after the AX.25 data */
1617 	if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1618 		err = -EFAULT;
1619 		kfree_skb(skb);
1620 		goto out;
1621 	}
1622 
1623 	skb_reset_network_header(skb);
1624 
1625 	/* Add the PID if one is not supplied by the user in the skb */
1626 	if (!ax25->pidincl)
1627 		*(u8 *)skb_push(skb, 1) = sk->sk_protocol;
1628 
1629 	if (sk->sk_type == SOCK_SEQPACKET) {
1630 		/* Connected mode sockets go via the LAPB machine */
1631 		if (sk->sk_state != TCP_ESTABLISHED) {
1632 			kfree_skb(skb);
1633 			err = -ENOTCONN;
1634 			goto out;
1635 		}
1636 
1637 		/* Shove it onto the queue and kick */
1638 		ax25_output(ax25, ax25->paclen, skb);
1639 
1640 		err = len;
1641 		goto out;
1642 	}
1643 
1644 	skb_push(skb, 1 + ax25_addr_size(dp));
1645 
1646 	/* Building AX.25 Header */
1647 
1648 	/* Build an AX.25 header */
1649 	lv = ax25_addr_build(skb->data, &ax25->source_addr, &sax.sax25_call,
1650 			     dp, AX25_COMMAND, AX25_MODULUS);
1651 
1652 	skb_set_transport_header(skb, lv);
1653 
1654 	*skb_transport_header(skb) = AX25_UI;
1655 
1656 	/* Datagram frames go straight out of the door as UI */
1657 	ax25_queue_xmit(skb, ax25->ax25_dev->dev);
1658 
1659 	err = len;
1660 
1661 out:
1662 	release_sock(sk);
1663 
1664 	return err;
1665 }
1666 
ax25_recvmsg(struct socket * sock,struct msghdr * msg,size_t size,int flags)1667 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1668 			int flags)
1669 {
1670 	struct sock *sk = sock->sk;
1671 	struct sk_buff *skb, *last;
1672 	struct sk_buff_head *sk_queue;
1673 	int copied;
1674 	int err = 0;
1675 	int off = 0;
1676 	long timeo;
1677 
1678 	lock_sock(sk);
1679 	/*
1680 	 * 	This works for seqpacket too. The receiver has ordered the
1681 	 *	queue for us! We do one quick check first though
1682 	 */
1683 	if (sk->sk_type == SOCK_SEQPACKET && sk->sk_state != TCP_ESTABLISHED) {
1684 		err =  -ENOTCONN;
1685 		goto out;
1686 	}
1687 
1688 	/*  We need support for non-blocking reads. */
1689 	sk_queue = &sk->sk_receive_queue;
1690 	skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off, &err, &last);
1691 	/* If no packet is available, release_sock(sk) and try again. */
1692 	if (!skb) {
1693 		if (err != -EAGAIN)
1694 			goto out;
1695 		release_sock(sk);
1696 		timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
1697 		while (timeo && !__skb_wait_for_more_packets(sk, sk_queue, &err,
1698 							     &timeo, last)) {
1699 			skb = __skb_try_recv_datagram(sk, sk_queue, flags, &off,
1700 						      &err, &last);
1701 			if (skb)
1702 				break;
1703 
1704 			if (err != -EAGAIN)
1705 				goto done;
1706 		}
1707 		if (!skb)
1708 			goto done;
1709 		lock_sock(sk);
1710 	}
1711 
1712 	if (!sk_to_ax25(sk)->pidincl)
1713 		skb_pull(skb, 1);		/* Remove PID */
1714 
1715 	skb_reset_transport_header(skb);
1716 	copied = skb->len;
1717 
1718 	if (copied > size) {
1719 		copied = size;
1720 		msg->msg_flags |= MSG_TRUNC;
1721 	}
1722 
1723 	skb_copy_datagram_msg(skb, 0, msg, copied);
1724 
1725 	if (msg->msg_name) {
1726 		ax25_digi digi;
1727 		ax25_address src;
1728 		const unsigned char *mac = skb_mac_header(skb);
1729 		DECLARE_SOCKADDR(struct sockaddr_ax25 *, sax, msg->msg_name);
1730 
1731 		memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1732 		ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
1733 				&digi, NULL, NULL);
1734 		sax->sax25_family = AF_AX25;
1735 		/* We set this correctly, even though we may not let the
1736 		   application know the digi calls further down (because it
1737 		   did NOT ask to know them).  This could get political... **/
1738 		sax->sax25_ndigis = digi.ndigi;
1739 		sax->sax25_call   = src;
1740 
1741 		if (sax->sax25_ndigis != 0) {
1742 			int ct;
1743 			struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1744 
1745 			for (ct = 0; ct < digi.ndigi; ct++)
1746 				fsa->fsa_digipeater[ct] = digi.calls[ct];
1747 		}
1748 		msg->msg_namelen = sizeof(struct full_sockaddr_ax25);
1749 	}
1750 
1751 	skb_free_datagram(sk, skb);
1752 	err = copied;
1753 
1754 out:
1755 	release_sock(sk);
1756 
1757 done:
1758 	return err;
1759 }
1760 
ax25_shutdown(struct socket * sk,int how)1761 static int ax25_shutdown(struct socket *sk, int how)
1762 {
1763 	/* FIXME - generate DM and RNR states */
1764 	return -EOPNOTSUPP;
1765 }
1766 
ax25_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)1767 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
1768 {
1769 	struct sock *sk = sock->sk;
1770 	void __user *argp = (void __user *)arg;
1771 	int res = 0;
1772 
1773 	lock_sock(sk);
1774 	switch (cmd) {
1775 	case TIOCOUTQ: {
1776 		long amount;
1777 
1778 		amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
1779 		if (amount < 0)
1780 			amount = 0;
1781 		res = put_user(amount, (int __user *)argp);
1782 		break;
1783 	}
1784 
1785 	case TIOCINQ: {
1786 		struct sk_buff *skb;
1787 		long amount = 0L;
1788 		/* These two are safe on a single CPU system as only user tasks fiddle here */
1789 		if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL)
1790 			amount = skb->len;
1791 		res = put_user(amount, (int __user *) argp);
1792 		break;
1793 	}
1794 
1795 	case SIOCAX25ADDUID:	/* Add a uid to the uid/call map table */
1796 	case SIOCAX25DELUID:	/* Delete a uid from the uid/call map table */
1797 	case SIOCAX25GETUID: {
1798 		struct sockaddr_ax25 sax25;
1799 		if (copy_from_user(&sax25, argp, sizeof(sax25))) {
1800 			res = -EFAULT;
1801 			break;
1802 		}
1803 		res = ax25_uid_ioctl(cmd, &sax25);
1804 		break;
1805 	}
1806 
1807 	case SIOCAX25NOUID: {	/* Set the default policy (default/bar) */
1808 		long amount;
1809 		if (!capable(CAP_NET_ADMIN)) {
1810 			res = -EPERM;
1811 			break;
1812 		}
1813 		if (get_user(amount, (long __user *)argp)) {
1814 			res = -EFAULT;
1815 			break;
1816 		}
1817 		if (amount < 0 || amount > AX25_NOUID_BLOCK) {
1818 			res = -EINVAL;
1819 			break;
1820 		}
1821 		ax25_uid_policy = amount;
1822 		res = 0;
1823 		break;
1824 	}
1825 
1826 	case SIOCADDRT:
1827 	case SIOCDELRT:
1828 	case SIOCAX25OPTRT:
1829 		if (!capable(CAP_NET_ADMIN)) {
1830 			res = -EPERM;
1831 			break;
1832 		}
1833 		res = ax25_rt_ioctl(cmd, argp);
1834 		break;
1835 
1836 	case SIOCAX25CTLCON:
1837 		if (!capable(CAP_NET_ADMIN)) {
1838 			res = -EPERM;
1839 			break;
1840 		}
1841 		res = ax25_ctl_ioctl(cmd, argp);
1842 		break;
1843 
1844 	case SIOCAX25GETINFO:
1845 	case SIOCAX25GETINFOOLD: {
1846 		ax25_cb *ax25 = sk_to_ax25(sk);
1847 		struct ax25_info_struct ax25_info;
1848 
1849 		ax25_info.t1        = ax25->t1   / HZ;
1850 		ax25_info.t2        = ax25->t2   / HZ;
1851 		ax25_info.t3        = ax25->t3   / HZ;
1852 		ax25_info.idle      = ax25->idle / (60 * HZ);
1853 		ax25_info.n2        = ax25->n2;
1854 		ax25_info.t1timer   = ax25_display_timer(&ax25->t1timer)   / HZ;
1855 		ax25_info.t2timer   = ax25_display_timer(&ax25->t2timer)   / HZ;
1856 		ax25_info.t3timer   = ax25_display_timer(&ax25->t3timer)   / HZ;
1857 		ax25_info.idletimer = ax25_display_timer(&ax25->idletimer) / (60 * HZ);
1858 		ax25_info.n2count   = ax25->n2count;
1859 		ax25_info.state     = ax25->state;
1860 		ax25_info.rcv_q     = sk_rmem_alloc_get(sk);
1861 		ax25_info.snd_q     = sk_wmem_alloc_get(sk);
1862 		ax25_info.vs        = ax25->vs;
1863 		ax25_info.vr        = ax25->vr;
1864 		ax25_info.va        = ax25->va;
1865 		ax25_info.vs_max    = ax25->vs; /* reserved */
1866 		ax25_info.paclen    = ax25->paclen;
1867 		ax25_info.window    = ax25->window;
1868 
1869 		/* old structure? */
1870 		if (cmd == SIOCAX25GETINFOOLD) {
1871 			static int warned = 0;
1872 			if (!warned) {
1873 				printk(KERN_INFO "%s uses old SIOCAX25GETINFO\n",
1874 					current->comm);
1875 				warned=1;
1876 			}
1877 
1878 			if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct_deprecated))) {
1879 				res = -EFAULT;
1880 				break;
1881 			}
1882 		} else {
1883 			if (copy_to_user(argp, &ax25_info, sizeof(struct ax25_info_struct))) {
1884 				res = -EINVAL;
1885 				break;
1886 			}
1887 		}
1888 		res = 0;
1889 		break;
1890 	}
1891 
1892 	case SIOCAX25ADDFWD:
1893 	case SIOCAX25DELFWD: {
1894 		struct ax25_fwd_struct ax25_fwd;
1895 		if (!capable(CAP_NET_ADMIN)) {
1896 			res = -EPERM;
1897 			break;
1898 		}
1899 		if (copy_from_user(&ax25_fwd, argp, sizeof(ax25_fwd))) {
1900 			res = -EFAULT;
1901 			break;
1902 		}
1903 		res = ax25_fwd_ioctl(cmd, &ax25_fwd);
1904 		break;
1905 	}
1906 
1907 	case SIOCGIFADDR:
1908 	case SIOCSIFADDR:
1909 	case SIOCGIFDSTADDR:
1910 	case SIOCSIFDSTADDR:
1911 	case SIOCGIFBRDADDR:
1912 	case SIOCSIFBRDADDR:
1913 	case SIOCGIFNETMASK:
1914 	case SIOCSIFNETMASK:
1915 	case SIOCGIFMETRIC:
1916 	case SIOCSIFMETRIC:
1917 		res = -EINVAL;
1918 		break;
1919 
1920 	default:
1921 		res = -ENOIOCTLCMD;
1922 		break;
1923 	}
1924 	release_sock(sk);
1925 
1926 	return res;
1927 }
1928 
1929 #ifdef CONFIG_PROC_FS
1930 
ax25_info_start(struct seq_file * seq,loff_t * pos)1931 static void *ax25_info_start(struct seq_file *seq, loff_t *pos)
1932 	__acquires(ax25_list_lock)
1933 {
1934 	spin_lock_bh(&ax25_list_lock);
1935 	return seq_hlist_start(&ax25_list, *pos);
1936 }
1937 
ax25_info_next(struct seq_file * seq,void * v,loff_t * pos)1938 static void *ax25_info_next(struct seq_file *seq, void *v, loff_t *pos)
1939 {
1940 	return seq_hlist_next(v, &ax25_list, pos);
1941 }
1942 
ax25_info_stop(struct seq_file * seq,void * v)1943 static void ax25_info_stop(struct seq_file *seq, void *v)
1944 	__releases(ax25_list_lock)
1945 {
1946 	spin_unlock_bh(&ax25_list_lock);
1947 }
1948 
ax25_info_show(struct seq_file * seq,void * v)1949 static int ax25_info_show(struct seq_file *seq, void *v)
1950 {
1951 	ax25_cb *ax25 = hlist_entry(v, struct ax25_cb, ax25_node);
1952 	char buf[11];
1953 	int k;
1954 
1955 
1956 	/*
1957 	 * New format:
1958 	 * magic dev src_addr dest_addr,digi1,digi2,.. st vs vr va t1 t1 t2 t2 t3 t3 idle idle n2 n2 rtt window paclen Snd-Q Rcv-Q inode
1959 	 */
1960 
1961 	seq_printf(seq, "%p %s %s%s ",
1962 		   ax25,
1963 		   ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1964 		   ax2asc(buf, &ax25->source_addr),
1965 		   ax25->iamdigi? "*":"");
1966 	seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1967 
1968 	for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1969 		seq_printf(seq, ",%s%s",
1970 			   ax2asc(buf, &ax25->digipeat->calls[k]),
1971 			   ax25->digipeat->repeated[k]? "*":"");
1972 	}
1973 
1974 	seq_printf(seq, " %d %d %d %d %lu %lu %lu %lu %lu %lu %lu %lu %d %d %lu %d %d",
1975 		   ax25->state,
1976 		   ax25->vs, ax25->vr, ax25->va,
1977 		   ax25_display_timer(&ax25->t1timer) / HZ, ax25->t1 / HZ,
1978 		   ax25_display_timer(&ax25->t2timer) / HZ, ax25->t2 / HZ,
1979 		   ax25_display_timer(&ax25->t3timer) / HZ, ax25->t3 / HZ,
1980 		   ax25_display_timer(&ax25->idletimer) / (60 * HZ),
1981 		   ax25->idle / (60 * HZ),
1982 		   ax25->n2count, ax25->n2,
1983 		   ax25->rtt / HZ,
1984 		   ax25->window,
1985 		   ax25->paclen);
1986 
1987 	if (ax25->sk != NULL) {
1988 		seq_printf(seq, " %d %d %lu\n",
1989 			   sk_wmem_alloc_get(ax25->sk),
1990 			   sk_rmem_alloc_get(ax25->sk),
1991 			   sock_i_ino(ax25->sk));
1992 	} else {
1993 		seq_puts(seq, " * * *\n");
1994 	}
1995 	return 0;
1996 }
1997 
1998 static const struct seq_operations ax25_info_seqops = {
1999 	.start = ax25_info_start,
2000 	.next = ax25_info_next,
2001 	.stop = ax25_info_stop,
2002 	.show = ax25_info_show,
2003 };
2004 #endif
2005 
2006 static const struct net_proto_family ax25_family_ops = {
2007 	.family =	PF_AX25,
2008 	.create =	ax25_create,
2009 	.owner	=	THIS_MODULE,
2010 };
2011 
2012 static const struct proto_ops ax25_proto_ops = {
2013 	.family		= PF_AX25,
2014 	.owner		= THIS_MODULE,
2015 	.release	= ax25_release,
2016 	.bind		= ax25_bind,
2017 	.connect	= ax25_connect,
2018 	.socketpair	= sock_no_socketpair,
2019 	.accept		= ax25_accept,
2020 	.getname	= ax25_getname,
2021 	.poll		= datagram_poll,
2022 	.ioctl		= ax25_ioctl,
2023 	.gettstamp	= sock_gettstamp,
2024 	.listen		= ax25_listen,
2025 	.shutdown	= ax25_shutdown,
2026 	.setsockopt	= ax25_setsockopt,
2027 	.getsockopt	= ax25_getsockopt,
2028 	.sendmsg	= ax25_sendmsg,
2029 	.recvmsg	= ax25_recvmsg,
2030 	.mmap		= sock_no_mmap,
2031 };
2032 
2033 /*
2034  *	Called by socket.c on kernel start up
2035  */
2036 static struct packet_type ax25_packet_type __read_mostly = {
2037 	.type	=	cpu_to_be16(ETH_P_AX25),
2038 	.func	=	ax25_kiss_rcv,
2039 };
2040 
2041 static struct notifier_block ax25_dev_notifier = {
2042 	.notifier_call = ax25_device_event,
2043 };
2044 
ax25_init(void)2045 static int __init ax25_init(void)
2046 {
2047 	int rc = proto_register(&ax25_proto, 0);
2048 
2049 	if (rc != 0)
2050 		goto out;
2051 
2052 	sock_register(&ax25_family_ops);
2053 	dev_add_pack(&ax25_packet_type);
2054 	register_netdevice_notifier(&ax25_dev_notifier);
2055 
2056 	proc_create_seq("ax25_route", 0444, init_net.proc_net, &ax25_rt_seqops);
2057 	proc_create_seq("ax25", 0444, init_net.proc_net, &ax25_info_seqops);
2058 	proc_create_seq("ax25_calls", 0444, init_net.proc_net,
2059 			&ax25_uid_seqops);
2060 out:
2061 	return rc;
2062 }
2063 module_init(ax25_init);
2064 
2065 
2066 MODULE_AUTHOR("Jonathan Naylor G4KLX <g4klx@g4klx.demon.co.uk>");
2067 MODULE_DESCRIPTION("The amateur radio AX.25 link layer protocol");
2068 MODULE_LICENSE("GPL");
2069 MODULE_ALIAS_NETPROTO(PF_AX25);
2070 
ax25_exit(void)2071 static void __exit ax25_exit(void)
2072 {
2073 	remove_proc_entry("ax25_route", init_net.proc_net);
2074 	remove_proc_entry("ax25", init_net.proc_net);
2075 	remove_proc_entry("ax25_calls", init_net.proc_net);
2076 
2077 	unregister_netdevice_notifier(&ax25_dev_notifier);
2078 
2079 	dev_remove_pack(&ax25_packet_type);
2080 
2081 	sock_unregister(PF_AX25);
2082 	proto_unregister(&ax25_proto);
2083 
2084 	ax25_rt_free();
2085 	ax25_uid_free();
2086 	ax25_dev_free();
2087 }
2088 module_exit(ax25_exit);
2089