| 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
|---|
| 2 | /* |
|---|
| 3 | * |
|---|
| 4 | * Copyright Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) |
|---|
| 5 | */ |
|---|
| 6 | #include <linux/errno.h> |
|---|
| 7 | #include <linux/types.h> |
|---|
| 8 | #include <linux/socket.h> |
|---|
| 9 | #include <linux/in.h> |
|---|
| 10 | #include <linux/kernel.h> |
|---|
| 11 | #include <linux/timer.h> |
|---|
| 12 | #include <linux/string.h> |
|---|
| 13 | #include <linux/sockios.h> |
|---|
| 14 | #include <linux/net.h> |
|---|
| 15 | #include <linux/slab.h> |
|---|
| 16 | #include <net/ax25.h> |
|---|
| 17 | #include <linux/inet.h> |
|---|
| 18 | #include <linux/netdevice.h> |
|---|
| 19 | #include <linux/skbuff.h> |
|---|
| 20 | #include <net/sock.h> |
|---|
| 21 | #include <net/tcp_states.h> |
|---|
| 22 | #include <linux/uaccess.h> |
|---|
| 23 | #include <linux/fcntl.h> |
|---|
| 24 | #include <linux/mm.h> |
|---|
| 25 | #include <linux/interrupt.h> |
|---|
| 26 | #include <net/netrom.h> |
|---|
| 27 | |
|---|
| 28 | /* |
|---|
| 29 | * This routine purges all of the queues of frames. |
|---|
| 30 | */ |
|---|
| 31 | void nr_clear_queues(struct sock *sk) |
|---|
| 32 | { |
|---|
| 33 | struct nr_sock *nr = nr_sk(sk); |
|---|
| 34 | |
|---|
| 35 | skb_queue_purge(list: &sk->sk_write_queue); |
|---|
| 36 | skb_queue_purge(list: &nr->ack_queue); |
|---|
| 37 | skb_queue_purge(list: &nr->reseq_queue); |
|---|
| 38 | skb_queue_purge(list: &nr->frag_queue); |
|---|
| 39 | } |
|---|
| 40 | |
|---|
| 41 | /* |
|---|
| 42 | * This routine purges the input queue of those frames that have been |
|---|
| 43 | * acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the |
|---|
| 44 | * SDL diagram. |
|---|
| 45 | */ |
|---|
| 46 | void nr_frames_acked(struct sock *sk, unsigned short nr) |
|---|
| 47 | { |
|---|
| 48 | struct nr_sock *nrom = nr_sk(sk); |
|---|
| 49 | struct sk_buff *skb; |
|---|
| 50 | |
|---|
| 51 | /* |
|---|
| 52 | * Remove all the ack-ed frames from the ack queue. |
|---|
| 53 | */ |
|---|
| 54 | if (nrom->va != nr) { |
|---|
| 55 | while (skb_peek(list_: &nrom->ack_queue) != NULL && nrom->va != nr) { |
|---|
| 56 | skb = skb_dequeue(list: &nrom->ack_queue); |
|---|
| 57 | kfree_skb(skb); |
|---|
| 58 | nrom->va = (nrom->va + 1) % NR_MODULUS; |
|---|
| 59 | } |
|---|
| 60 | } |
|---|
| 61 | } |
|---|
| 62 | |
|---|
| 63 | /* |
|---|
| 64 | * Requeue all the un-ack-ed frames on the output queue to be picked |
|---|
| 65 | * up by nr_kick called from the timer. This arrangement handles the |
|---|
| 66 | * possibility of an empty output queue. |
|---|
| 67 | */ |
|---|
| 68 | void nr_requeue_frames(struct sock *sk) |
|---|
| 69 | { |
|---|
| 70 | struct sk_buff *skb, *skb_prev = NULL; |
|---|
| 71 | |
|---|
| 72 | while ((skb = skb_dequeue(list: &nr_sk(sk)->ack_queue)) != NULL) { |
|---|
| 73 | if (skb_prev == NULL) |
|---|
| 74 | skb_queue_head(list: &sk->sk_write_queue, newsk: skb); |
|---|
| 75 | else |
|---|
| 76 | skb_append(old: skb_prev, newsk: skb, list: &sk->sk_write_queue); |
|---|
| 77 | skb_prev = skb; |
|---|
| 78 | } |
|---|
| 79 | } |
|---|
| 80 | |
|---|
| 81 | /* |
|---|
| 82 | * Validate that the value of nr is between va and vs. Return true or |
|---|
| 83 | * false for testing. |
|---|
| 84 | */ |
|---|
| 85 | int nr_validate_nr(struct sock *sk, unsigned short nr) |
|---|
| 86 | { |
|---|
| 87 | struct nr_sock *nrom = nr_sk(sk); |
|---|
| 88 | unsigned short vc = nrom->va; |
|---|
| 89 | |
|---|
| 90 | while (vc != nrom->vs) { |
|---|
| 91 | if (nr == vc) return 1; |
|---|
| 92 | vc = (vc + 1) % NR_MODULUS; |
|---|
| 93 | } |
|---|
| 94 | |
|---|
| 95 | return nr == nrom->vs; |
|---|
| 96 | } |
|---|
| 97 | |
|---|
| 98 | /* |
|---|
| 99 | * Check that ns is within the receive window. |
|---|
| 100 | */ |
|---|
| 101 | int nr_in_rx_window(struct sock *sk, unsigned short ns) |
|---|
| 102 | { |
|---|
| 103 | struct nr_sock *nr = nr_sk(sk); |
|---|
| 104 | unsigned short vc = nr->vr; |
|---|
| 105 | unsigned short vt = (nr->vl + nr->window) % NR_MODULUS; |
|---|
| 106 | |
|---|
| 107 | while (vc != vt) { |
|---|
| 108 | if (ns == vc) return 1; |
|---|
| 109 | vc = (vc + 1) % NR_MODULUS; |
|---|
| 110 | } |
|---|
| 111 | |
|---|
| 112 | return 0; |
|---|
| 113 | } |
|---|
| 114 | |
|---|
| 115 | /* |
|---|
| 116 | * This routine is called when the HDLC layer internally generates a |
|---|
| 117 | * control frame. |
|---|
| 118 | */ |
|---|
| 119 | void nr_write_internal(struct sock *sk, int frametype) |
|---|
| 120 | { |
|---|
| 121 | struct nr_sock *nr = nr_sk(sk); |
|---|
| 122 | struct sk_buff *skb; |
|---|
| 123 | unsigned char *dptr; |
|---|
| 124 | int len, timeout; |
|---|
| 125 | |
|---|
| 126 | len = NR_TRANSPORT_LEN; |
|---|
| 127 | |
|---|
| 128 | switch (frametype & 0x0F) { |
|---|
| 129 | case NR_CONNREQ: |
|---|
| 130 | len += 17; |
|---|
| 131 | break; |
|---|
| 132 | case NR_CONNACK: |
|---|
| 133 | len += (nr->bpqext) ? 2 : 1; |
|---|
| 134 | break; |
|---|
| 135 | case NR_DISCREQ: |
|---|
| 136 | case NR_DISCACK: |
|---|
| 137 | case NR_INFOACK: |
|---|
| 138 | break; |
|---|
| 139 | default: |
|---|
| 140 | printk(KERN_ERR "NET/ROM: nr_write_internal - invalid frame type %d\n" , frametype); |
|---|
| 141 | return; |
|---|
| 142 | } |
|---|
| 143 | |
|---|
| 144 | skb = alloc_skb(NR_NETWORK_LEN + len, GFP_ATOMIC); |
|---|
| 145 | if (!skb) |
|---|
| 146 | return; |
|---|
| 147 | |
|---|
| 148 | /* |
|---|
| 149 | * Space for AX.25 and NET/ROM network header |
|---|
| 150 | */ |
|---|
| 151 | skb_reserve(skb, NR_NETWORK_LEN); |
|---|
| 152 | |
|---|
| 153 | dptr = skb_put(skb, len); |
|---|
| 154 | |
|---|
| 155 | switch (frametype & 0x0F) { |
|---|
| 156 | case NR_CONNREQ: |
|---|
| 157 | timeout = nr->t1 / HZ; |
|---|
| 158 | *dptr++ = nr->my_index; |
|---|
| 159 | *dptr++ = nr->my_id; |
|---|
| 160 | *dptr++ = 0; |
|---|
| 161 | *dptr++ = 0; |
|---|
| 162 | *dptr++ = frametype; |
|---|
| 163 | *dptr++ = nr->window; |
|---|
| 164 | memcpy(dptr, &nr->user_addr, AX25_ADDR_LEN); |
|---|
| 165 | dptr[6] &= ~AX25_CBIT; |
|---|
| 166 | dptr[6] &= ~AX25_EBIT; |
|---|
| 167 | dptr[6] |= AX25_SSSID_SPARE; |
|---|
| 168 | dptr += AX25_ADDR_LEN; |
|---|
| 169 | memcpy(dptr, &nr->source_addr, AX25_ADDR_LEN); |
|---|
| 170 | dptr[6] &= ~AX25_CBIT; |
|---|
| 171 | dptr[6] &= ~AX25_EBIT; |
|---|
| 172 | dptr[6] |= AX25_SSSID_SPARE; |
|---|
| 173 | dptr += AX25_ADDR_LEN; |
|---|
| 174 | *dptr++ = timeout % 256; |
|---|
| 175 | *dptr++ = timeout / 256; |
|---|
| 176 | break; |
|---|
| 177 | |
|---|
| 178 | case NR_CONNACK: |
|---|
| 179 | *dptr++ = nr->your_index; |
|---|
| 180 | *dptr++ = nr->your_id; |
|---|
| 181 | *dptr++ = nr->my_index; |
|---|
| 182 | *dptr++ = nr->my_id; |
|---|
| 183 | *dptr++ = frametype; |
|---|
| 184 | *dptr++ = nr->window; |
|---|
| 185 | if (nr->bpqext) |
|---|
| 186 | *dptr++ = READ_ONCE(sysctl_netrom_network_ttl_initialiser); |
|---|
| 187 | break; |
|---|
| 188 | |
|---|
| 189 | case NR_DISCREQ: |
|---|
| 190 | case NR_DISCACK: |
|---|
| 191 | *dptr++ = nr->your_index; |
|---|
| 192 | *dptr++ = nr->your_id; |
|---|
| 193 | *dptr++ = 0; |
|---|
| 194 | *dptr++ = 0; |
|---|
| 195 | *dptr++ = frametype; |
|---|
| 196 | break; |
|---|
| 197 | |
|---|
| 198 | case NR_INFOACK: |
|---|
| 199 | *dptr++ = nr->your_index; |
|---|
| 200 | *dptr++ = nr->your_id; |
|---|
| 201 | *dptr++ = 0; |
|---|
| 202 | *dptr++ = nr->vr; |
|---|
| 203 | *dptr++ = frametype; |
|---|
| 204 | break; |
|---|
| 205 | } |
|---|
| 206 | |
|---|
| 207 | nr_transmit_buffer(sk, skb); |
|---|
| 208 | } |
|---|
| 209 | |
|---|
| 210 | /* |
|---|
| 211 | * This routine is called to send an error reply. |
|---|
| 212 | */ |
|---|
| 213 | void __nr_transmit_reply(struct sk_buff *skb, int mine, unsigned char cmdflags) |
|---|
| 214 | { |
|---|
| 215 | struct sk_buff *skbn; |
|---|
| 216 | unsigned char *dptr; |
|---|
| 217 | int len; |
|---|
| 218 | |
|---|
| 219 | len = NR_NETWORK_LEN + NR_TRANSPORT_LEN + 1; |
|---|
| 220 | |
|---|
| 221 | if ((skbn = alloc_skb(size: len, GFP_ATOMIC)) == NULL) |
|---|
| 222 | return; |
|---|
| 223 | |
|---|
| 224 | skb_reserve(skb: skbn, len: 0); |
|---|
| 225 | |
|---|
| 226 | dptr = skb_put(skb: skbn, NR_NETWORK_LEN + NR_TRANSPORT_LEN); |
|---|
| 227 | |
|---|
| 228 | skb_copy_from_linear_data_offset(skb, offset: 7, to: dptr, AX25_ADDR_LEN); |
|---|
| 229 | dptr[6] &= ~AX25_CBIT; |
|---|
| 230 | dptr[6] &= ~AX25_EBIT; |
|---|
| 231 | dptr[6] |= AX25_SSSID_SPARE; |
|---|
| 232 | dptr += AX25_ADDR_LEN; |
|---|
| 233 | |
|---|
| 234 | skb_copy_from_linear_data(skb, to: dptr, AX25_ADDR_LEN); |
|---|
| 235 | dptr[6] &= ~AX25_CBIT; |
|---|
| 236 | dptr[6] |= AX25_EBIT; |
|---|
| 237 | dptr[6] |= AX25_SSSID_SPARE; |
|---|
| 238 | dptr += AX25_ADDR_LEN; |
|---|
| 239 | |
|---|
| 240 | *dptr++ = READ_ONCE(sysctl_netrom_network_ttl_initialiser); |
|---|
| 241 | |
|---|
| 242 | if (mine) { |
|---|
| 243 | *dptr++ = 0; |
|---|
| 244 | *dptr++ = 0; |
|---|
| 245 | *dptr++ = skb->data[15]; |
|---|
| 246 | *dptr++ = skb->data[16]; |
|---|
| 247 | } else { |
|---|
| 248 | *dptr++ = skb->data[15]; |
|---|
| 249 | *dptr++ = skb->data[16]; |
|---|
| 250 | *dptr++ = 0; |
|---|
| 251 | *dptr++ = 0; |
|---|
| 252 | } |
|---|
| 253 | |
|---|
| 254 | *dptr++ = cmdflags; |
|---|
| 255 | *dptr++ = 0; |
|---|
| 256 | |
|---|
| 257 | if (!nr_route_frame(skbn, NULL)) |
|---|
| 258 | kfree_skb(skb: skbn); |
|---|
| 259 | } |
|---|
| 260 | |
|---|
| 261 | void nr_disconnect(struct sock *sk, int reason) |
|---|
| 262 | { |
|---|
| 263 | nr_stop_t1timer(sk); |
|---|
| 264 | nr_stop_t2timer(sk); |
|---|
| 265 | nr_stop_t4timer(sk); |
|---|
| 266 | nr_stop_idletimer(sk); |
|---|
| 267 | |
|---|
| 268 | nr_clear_queues(sk); |
|---|
| 269 | |
|---|
| 270 | nr_sk(sk)->state = NR_STATE_0; |
|---|
| 271 | |
|---|
| 272 | sk->sk_state = TCP_CLOSE; |
|---|
| 273 | sk->sk_err = reason; |
|---|
| 274 | sk->sk_shutdown |= SEND_SHUTDOWN; |
|---|
| 275 | |
|---|
| 276 | if (!sock_flag(sk, flag: SOCK_DEAD)) { |
|---|
| 277 | sk->sk_state_change(sk); |
|---|
| 278 | sock_set_flag(sk, flag: SOCK_DEAD); |
|---|
| 279 | } |
|---|
| 280 | } |
|---|
| 281 | |
|---|
