af_x25.c (41127B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * X.25 Packet Layer release 002 4 * 5 * This is ALPHA test software. This code may break your machine, 6 * randomly fail to work with new releases, misbehave and/or generally 7 * screw up. It might even work. 8 * 9 * This code REQUIRES 2.1.15 or higher 10 * 11 * History 12 * X.25 001 Jonathan Naylor Started coding. 13 * X.25 002 Jonathan Naylor Centralised disconnect handling. 14 * New timer architecture. 15 * 2000-03-11 Henner Eisen MSG_EOR handling more POSIX compliant. 16 * 2000-03-22 Daniela Squassoni Allowed disabling/enabling of 17 * facilities negotiation and increased 18 * the throughput upper limit. 19 * 2000-08-27 Arnaldo C. Melo s/suser/capable/ + micro cleanups 20 * 2000-09-04 Henner Eisen Set sock->state in x25_accept(). 21 * Fixed x25_output() related skb leakage. 22 * 2000-10-02 Henner Eisen Made x25_kick() single threaded per socket. 23 * 2000-10-27 Henner Eisen MSG_DONTWAIT for fragment allocation. 24 * 2000-11-14 Henner Eisen Closing datalink from NETDEV_GOING_DOWN 25 * 2002-10-06 Arnaldo C. Melo Get rid of cli/sti, move proc stuff to 26 * x25_proc.c, using seq_file 27 * 2005-04-02 Shaun Pereira Selective sub address matching 28 * with call user data 29 * 2005-04-15 Shaun Pereira Fast select with no restriction on 30 * response 31 */ 32 33#define pr_fmt(fmt) "X25: " fmt 34 35#include <linux/module.h> 36#include <linux/capability.h> 37#include <linux/errno.h> 38#include <linux/kernel.h> 39#include <linux/sched/signal.h> 40#include <linux/timer.h> 41#include <linux/string.h> 42#include <linux/net.h> 43#include <linux/netdevice.h> 44#include <linux/if_arp.h> 45#include <linux/skbuff.h> 46#include <linux/slab.h> 47#include <net/sock.h> 48#include <net/tcp_states.h> 49#include <linux/uaccess.h> 50#include <linux/fcntl.h> 51#include <linux/termios.h> /* For TIOCINQ/OUTQ */ 52#include <linux/notifier.h> 53#include <linux/init.h> 54#include <linux/compat.h> 55#include <linux/ctype.h> 56 57#include <net/x25.h> 58#include <net/compat.h> 59 60int sysctl_x25_restart_request_timeout = X25_DEFAULT_T20; 61int sysctl_x25_call_request_timeout = X25_DEFAULT_T21; 62int sysctl_x25_reset_request_timeout = X25_DEFAULT_T22; 63int sysctl_x25_clear_request_timeout = X25_DEFAULT_T23; 64int sysctl_x25_ack_holdback_timeout = X25_DEFAULT_T2; 65int sysctl_x25_forward = 0; 66 67HLIST_HEAD(x25_list); 68DEFINE_RWLOCK(x25_list_lock); 69 70static const struct proto_ops x25_proto_ops; 71 72static const struct x25_address null_x25_address = {" "}; 73 74#ifdef CONFIG_COMPAT 75struct compat_x25_subscrip_struct { 76 char device[200-sizeof(compat_ulong_t)]; 77 compat_ulong_t global_facil_mask; 78 compat_uint_t extended; 79}; 80#endif 81 82 83int x25_parse_address_block(struct sk_buff *skb, 84 struct x25_address *called_addr, 85 struct x25_address *calling_addr) 86{ 87 unsigned char len; 88 int needed; 89 int rc; 90 91 if (!pskb_may_pull(skb, 1)) { 92 /* packet has no address block */ 93 rc = 0; 94 goto empty; 95 } 96 97 len = *skb->data; 98 needed = 1 + ((len >> 4) + (len & 0x0f) + 1) / 2; 99 100 if (!pskb_may_pull(skb, needed)) { 101 /* packet is too short to hold the addresses it claims 102 to hold */ 103 rc = -1; 104 goto empty; 105 } 106 107 return x25_addr_ntoa(skb->data, called_addr, calling_addr); 108 109empty: 110 *called_addr->x25_addr = 0; 111 *calling_addr->x25_addr = 0; 112 113 return rc; 114} 115 116 117int x25_addr_ntoa(unsigned char *p, struct x25_address *called_addr, 118 struct x25_address *calling_addr) 119{ 120 unsigned int called_len, calling_len; 121 char *called, *calling; 122 unsigned int i; 123 124 called_len = (*p >> 0) & 0x0F; 125 calling_len = (*p >> 4) & 0x0F; 126 127 called = called_addr->x25_addr; 128 calling = calling_addr->x25_addr; 129 p++; 130 131 for (i = 0; i < (called_len + calling_len); i++) { 132 if (i < called_len) { 133 if (i % 2 != 0) { 134 *called++ = ((*p >> 0) & 0x0F) + '0'; 135 p++; 136 } else { 137 *called++ = ((*p >> 4) & 0x0F) + '0'; 138 } 139 } else { 140 if (i % 2 != 0) { 141 *calling++ = ((*p >> 0) & 0x0F) + '0'; 142 p++; 143 } else { 144 *calling++ = ((*p >> 4) & 0x0F) + '0'; 145 } 146 } 147 } 148 149 *called = *calling = '\0'; 150 151 return 1 + (called_len + calling_len + 1) / 2; 152} 153 154int x25_addr_aton(unsigned char *p, struct x25_address *called_addr, 155 struct x25_address *calling_addr) 156{ 157 unsigned int called_len, calling_len; 158 char *called, *calling; 159 int i; 160 161 called = called_addr->x25_addr; 162 calling = calling_addr->x25_addr; 163 164 called_len = strlen(called); 165 calling_len = strlen(calling); 166 167 *p++ = (calling_len << 4) | (called_len << 0); 168 169 for (i = 0; i < (called_len + calling_len); i++) { 170 if (i < called_len) { 171 if (i % 2 != 0) { 172 *p |= (*called++ - '0') << 0; 173 p++; 174 } else { 175 *p = 0x00; 176 *p |= (*called++ - '0') << 4; 177 } 178 } else { 179 if (i % 2 != 0) { 180 *p |= (*calling++ - '0') << 0; 181 p++; 182 } else { 183 *p = 0x00; 184 *p |= (*calling++ - '0') << 4; 185 } 186 } 187 } 188 189 return 1 + (called_len + calling_len + 1) / 2; 190} 191 192/* 193 * Socket removal during an interrupt is now safe. 194 */ 195static void x25_remove_socket(struct sock *sk) 196{ 197 write_lock_bh(&x25_list_lock); 198 sk_del_node_init(sk); 199 write_unlock_bh(&x25_list_lock); 200} 201 202/* 203 * Handle device status changes. 204 */ 205static int x25_device_event(struct notifier_block *this, unsigned long event, 206 void *ptr) 207{ 208 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 209 struct x25_neigh *nb; 210 211 if (!net_eq(dev_net(dev), &init_net)) 212 return NOTIFY_DONE; 213 214 if (dev->type == ARPHRD_X25) { 215 switch (event) { 216 case NETDEV_REGISTER: 217 case NETDEV_POST_TYPE_CHANGE: 218 x25_link_device_up(dev); 219 break; 220 case NETDEV_DOWN: 221 nb = x25_get_neigh(dev); 222 if (nb) { 223 x25_link_terminated(nb); 224 x25_neigh_put(nb); 225 } 226 x25_route_device_down(dev); 227 break; 228 case NETDEV_PRE_TYPE_CHANGE: 229 case NETDEV_UNREGISTER: 230 x25_link_device_down(dev); 231 break; 232 case NETDEV_CHANGE: 233 if (!netif_carrier_ok(dev)) { 234 nb = x25_get_neigh(dev); 235 if (nb) { 236 x25_link_terminated(nb); 237 x25_neigh_put(nb); 238 } 239 } 240 break; 241 } 242 } 243 244 return NOTIFY_DONE; 245} 246 247/* 248 * Add a socket to the bound sockets list. 249 */ 250static void x25_insert_socket(struct sock *sk) 251{ 252 write_lock_bh(&x25_list_lock); 253 sk_add_node(sk, &x25_list); 254 write_unlock_bh(&x25_list_lock); 255} 256 257/* 258 * Find a socket that wants to accept the Call Request we just 259 * received. Check the full list for an address/cud match. 260 * If no cuds match return the next_best thing, an address match. 261 * Note: if a listening socket has cud set it must only get calls 262 * with matching cud. 263 */ 264static struct sock *x25_find_listener(struct x25_address *addr, 265 struct sk_buff *skb) 266{ 267 struct sock *s; 268 struct sock *next_best; 269 270 read_lock_bh(&x25_list_lock); 271 next_best = NULL; 272 273 sk_for_each(s, &x25_list) 274 if ((!strcmp(addr->x25_addr, 275 x25_sk(s)->source_addr.x25_addr) || 276 !strcmp(x25_sk(s)->source_addr.x25_addr, 277 null_x25_address.x25_addr)) && 278 s->sk_state == TCP_LISTEN) { 279 /* 280 * Found a listening socket, now check the incoming 281 * call user data vs this sockets call user data 282 */ 283 if (x25_sk(s)->cudmatchlength > 0 && 284 skb->len >= x25_sk(s)->cudmatchlength) { 285 if((memcmp(x25_sk(s)->calluserdata.cuddata, 286 skb->data, 287 x25_sk(s)->cudmatchlength)) == 0) { 288 sock_hold(s); 289 goto found; 290 } 291 } else 292 next_best = s; 293 } 294 if (next_best) { 295 s = next_best; 296 sock_hold(s); 297 goto found; 298 } 299 s = NULL; 300found: 301 read_unlock_bh(&x25_list_lock); 302 return s; 303} 304 305/* 306 * Find a connected X.25 socket given my LCI and neighbour. 307 */ 308static struct sock *__x25_find_socket(unsigned int lci, struct x25_neigh *nb) 309{ 310 struct sock *s; 311 312 sk_for_each(s, &x25_list) 313 if (x25_sk(s)->lci == lci && x25_sk(s)->neighbour == nb) { 314 sock_hold(s); 315 goto found; 316 } 317 s = NULL; 318found: 319 return s; 320} 321 322struct sock *x25_find_socket(unsigned int lci, struct x25_neigh *nb) 323{ 324 struct sock *s; 325 326 read_lock_bh(&x25_list_lock); 327 s = __x25_find_socket(lci, nb); 328 read_unlock_bh(&x25_list_lock); 329 return s; 330} 331 332/* 333 * Find a unique LCI for a given device. 334 */ 335static unsigned int x25_new_lci(struct x25_neigh *nb) 336{ 337 unsigned int lci = 1; 338 struct sock *sk; 339 340 while ((sk = x25_find_socket(lci, nb)) != NULL) { 341 sock_put(sk); 342 if (++lci == 4096) { 343 lci = 0; 344 break; 345 } 346 cond_resched(); 347 } 348 349 return lci; 350} 351 352/* 353 * Deferred destroy. 354 */ 355static void __x25_destroy_socket(struct sock *); 356 357/* 358 * handler for deferred kills. 359 */ 360static void x25_destroy_timer(struct timer_list *t) 361{ 362 struct sock *sk = from_timer(sk, t, sk_timer); 363 364 x25_destroy_socket_from_timer(sk); 365} 366 367/* 368 * This is called from user mode and the timers. Thus it protects itself 369 * against interrupting users but doesn't worry about being called during 370 * work. Once it is removed from the queue no interrupt or bottom half 371 * will touch it and we are (fairly 8-) ) safe. 372 * Not static as it's used by the timer 373 */ 374static void __x25_destroy_socket(struct sock *sk) 375{ 376 struct sk_buff *skb; 377 378 x25_stop_heartbeat(sk); 379 x25_stop_timer(sk); 380 381 x25_remove_socket(sk); 382 x25_clear_queues(sk); /* Flush the queues */ 383 384 while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) { 385 if (skb->sk != sk) { /* A pending connection */ 386 /* 387 * Queue the unaccepted socket for death 388 */ 389 skb->sk->sk_state = TCP_LISTEN; 390 sock_set_flag(skb->sk, SOCK_DEAD); 391 x25_start_heartbeat(skb->sk); 392 x25_sk(skb->sk)->state = X25_STATE_0; 393 } 394 395 kfree_skb(skb); 396 } 397 398 if (sk_has_allocations(sk)) { 399 /* Defer: outstanding buffers */ 400 sk->sk_timer.expires = jiffies + 10 * HZ; 401 sk->sk_timer.function = x25_destroy_timer; 402 add_timer(&sk->sk_timer); 403 } else { 404 /* drop last reference so sock_put will free */ 405 __sock_put(sk); 406 } 407} 408 409void x25_destroy_socket_from_timer(struct sock *sk) 410{ 411 sock_hold(sk); 412 bh_lock_sock(sk); 413 __x25_destroy_socket(sk); 414 bh_unlock_sock(sk); 415 sock_put(sk); 416} 417 418/* 419 * Handling for system calls applied via the various interfaces to a 420 * X.25 socket object. 421 */ 422 423static int x25_setsockopt(struct socket *sock, int level, int optname, 424 sockptr_t optval, unsigned int optlen) 425{ 426 int opt; 427 struct sock *sk = sock->sk; 428 int rc = -ENOPROTOOPT; 429 430 if (level != SOL_X25 || optname != X25_QBITINCL) 431 goto out; 432 433 rc = -EINVAL; 434 if (optlen < sizeof(int)) 435 goto out; 436 437 rc = -EFAULT; 438 if (copy_from_sockptr(&opt, optval, sizeof(int))) 439 goto out; 440 441 if (opt) 442 set_bit(X25_Q_BIT_FLAG, &x25_sk(sk)->flags); 443 else 444 clear_bit(X25_Q_BIT_FLAG, &x25_sk(sk)->flags); 445 rc = 0; 446out: 447 return rc; 448} 449 450static int x25_getsockopt(struct socket *sock, int level, int optname, 451 char __user *optval, int __user *optlen) 452{ 453 struct sock *sk = sock->sk; 454 int val, len, rc = -ENOPROTOOPT; 455 456 if (level != SOL_X25 || optname != X25_QBITINCL) 457 goto out; 458 459 rc = -EFAULT; 460 if (get_user(len, optlen)) 461 goto out; 462 463 len = min_t(unsigned int, len, sizeof(int)); 464 465 rc = -EINVAL; 466 if (len < 0) 467 goto out; 468 469 rc = -EFAULT; 470 if (put_user(len, optlen)) 471 goto out; 472 473 val = test_bit(X25_Q_BIT_FLAG, &x25_sk(sk)->flags); 474 rc = copy_to_user(optval, &val, len) ? -EFAULT : 0; 475out: 476 return rc; 477} 478 479static int x25_listen(struct socket *sock, int backlog) 480{ 481 struct sock *sk = sock->sk; 482 int rc = -EOPNOTSUPP; 483 484 lock_sock(sk); 485 if (sk->sk_state != TCP_LISTEN) { 486 memset(&x25_sk(sk)->dest_addr, 0, X25_ADDR_LEN); 487 sk->sk_max_ack_backlog = backlog; 488 sk->sk_state = TCP_LISTEN; 489 rc = 0; 490 } 491 release_sock(sk); 492 493 return rc; 494} 495 496static struct proto x25_proto = { 497 .name = "X25", 498 .owner = THIS_MODULE, 499 .obj_size = sizeof(struct x25_sock), 500}; 501 502static struct sock *x25_alloc_socket(struct net *net, int kern) 503{ 504 struct x25_sock *x25; 505 struct sock *sk = sk_alloc(net, AF_X25, GFP_ATOMIC, &x25_proto, kern); 506 507 if (!sk) 508 goto out; 509 510 sock_init_data(NULL, sk); 511 512 x25 = x25_sk(sk); 513 skb_queue_head_init(&x25->ack_queue); 514 skb_queue_head_init(&x25->fragment_queue); 515 skb_queue_head_init(&x25->interrupt_in_queue); 516 skb_queue_head_init(&x25->interrupt_out_queue); 517out: 518 return sk; 519} 520 521static int x25_create(struct net *net, struct socket *sock, int protocol, 522 int kern) 523{ 524 struct sock *sk; 525 struct x25_sock *x25; 526 int rc = -EAFNOSUPPORT; 527 528 if (!net_eq(net, &init_net)) 529 goto out; 530 531 rc = -ESOCKTNOSUPPORT; 532 if (sock->type != SOCK_SEQPACKET) 533 goto out; 534 535 rc = -EINVAL; 536 if (protocol) 537 goto out; 538 539 rc = -ENOMEM; 540 if ((sk = x25_alloc_socket(net, kern)) == NULL) 541 goto out; 542 543 x25 = x25_sk(sk); 544 545 sock_init_data(sock, sk); 546 547 x25_init_timers(sk); 548 549 sock->ops = &x25_proto_ops; 550 sk->sk_protocol = protocol; 551 sk->sk_backlog_rcv = x25_backlog_rcv; 552 553 x25->t21 = sysctl_x25_call_request_timeout; 554 x25->t22 = sysctl_x25_reset_request_timeout; 555 x25->t23 = sysctl_x25_clear_request_timeout; 556 x25->t2 = sysctl_x25_ack_holdback_timeout; 557 x25->state = X25_STATE_0; 558 x25->cudmatchlength = 0; 559 set_bit(X25_ACCPT_APPRV_FLAG, &x25->flags); /* normally no cud */ 560 /* on call accept */ 561 562 x25->facilities.winsize_in = X25_DEFAULT_WINDOW_SIZE; 563 x25->facilities.winsize_out = X25_DEFAULT_WINDOW_SIZE; 564 x25->facilities.pacsize_in = X25_DEFAULT_PACKET_SIZE; 565 x25->facilities.pacsize_out = X25_DEFAULT_PACKET_SIZE; 566 x25->facilities.throughput = 0; /* by default don't negotiate 567 throughput */ 568 x25->facilities.reverse = X25_DEFAULT_REVERSE; 569 x25->dte_facilities.calling_len = 0; 570 x25->dte_facilities.called_len = 0; 571 memset(x25->dte_facilities.called_ae, '\0', 572 sizeof(x25->dte_facilities.called_ae)); 573 memset(x25->dte_facilities.calling_ae, '\0', 574 sizeof(x25->dte_facilities.calling_ae)); 575 576 rc = 0; 577out: 578 return rc; 579} 580 581static struct sock *x25_make_new(struct sock *osk) 582{ 583 struct sock *sk = NULL; 584 struct x25_sock *x25, *ox25; 585 586 if (osk->sk_type != SOCK_SEQPACKET) 587 goto out; 588 589 if ((sk = x25_alloc_socket(sock_net(osk), 0)) == NULL) 590 goto out; 591 592 x25 = x25_sk(sk); 593 594 sk->sk_type = osk->sk_type; 595 sk->sk_priority = osk->sk_priority; 596 sk->sk_protocol = osk->sk_protocol; 597 sk->sk_rcvbuf = osk->sk_rcvbuf; 598 sk->sk_sndbuf = osk->sk_sndbuf; 599 sk->sk_state = TCP_ESTABLISHED; 600 sk->sk_backlog_rcv = osk->sk_backlog_rcv; 601 sock_copy_flags(sk, osk); 602 603 ox25 = x25_sk(osk); 604 x25->t21 = ox25->t21; 605 x25->t22 = ox25->t22; 606 x25->t23 = ox25->t23; 607 x25->t2 = ox25->t2; 608 x25->flags = ox25->flags; 609 x25->facilities = ox25->facilities; 610 x25->dte_facilities = ox25->dte_facilities; 611 x25->cudmatchlength = ox25->cudmatchlength; 612 613 clear_bit(X25_INTERRUPT_FLAG, &x25->flags); 614 x25_init_timers(sk); 615out: 616 return sk; 617} 618 619static int x25_release(struct socket *sock) 620{ 621 struct sock *sk = sock->sk; 622 struct x25_sock *x25; 623 624 if (!sk) 625 return 0; 626 627 x25 = x25_sk(sk); 628 629 sock_hold(sk); 630 lock_sock(sk); 631 switch (x25->state) { 632 633 case X25_STATE_0: 634 case X25_STATE_2: 635 x25_disconnect(sk, 0, 0, 0); 636 __x25_destroy_socket(sk); 637 goto out; 638 639 case X25_STATE_1: 640 case X25_STATE_3: 641 case X25_STATE_4: 642 x25_clear_queues(sk); 643 x25_write_internal(sk, X25_CLEAR_REQUEST); 644 x25_start_t23timer(sk); 645 x25->state = X25_STATE_2; 646 sk->sk_state = TCP_CLOSE; 647 sk->sk_shutdown |= SEND_SHUTDOWN; 648 sk->sk_state_change(sk); 649 sock_set_flag(sk, SOCK_DEAD); 650 sock_set_flag(sk, SOCK_DESTROY); 651 break; 652 653 case X25_STATE_5: 654 x25_write_internal(sk, X25_CLEAR_REQUEST); 655 x25_disconnect(sk, 0, 0, 0); 656 __x25_destroy_socket(sk); 657 goto out; 658 } 659 660 sock_orphan(sk); 661out: 662 release_sock(sk); 663 sock_put(sk); 664 return 0; 665} 666 667static int x25_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 668{ 669 struct sock *sk = sock->sk; 670 struct sockaddr_x25 *addr = (struct sockaddr_x25 *)uaddr; 671 int len, i, rc = 0; 672 673 if (addr_len != sizeof(struct sockaddr_x25) || 674 addr->sx25_family != AF_X25 || 675 strnlen(addr->sx25_addr.x25_addr, X25_ADDR_LEN) == X25_ADDR_LEN) { 676 rc = -EINVAL; 677 goto out; 678 } 679 680 /* check for the null_x25_address */ 681 if (strcmp(addr->sx25_addr.x25_addr, null_x25_address.x25_addr)) { 682 683 len = strlen(addr->sx25_addr.x25_addr); 684 for (i = 0; i < len; i++) { 685 if (!isdigit(addr->sx25_addr.x25_addr[i])) { 686 rc = -EINVAL; 687 goto out; 688 } 689 } 690 } 691 692 lock_sock(sk); 693 if (sock_flag(sk, SOCK_ZAPPED)) { 694 x25_sk(sk)->source_addr = addr->sx25_addr; 695 x25_insert_socket(sk); 696 sock_reset_flag(sk, SOCK_ZAPPED); 697 } else { 698 rc = -EINVAL; 699 } 700 release_sock(sk); 701 SOCK_DEBUG(sk, "x25_bind: socket is bound\n"); 702out: 703 return rc; 704} 705 706static int x25_wait_for_connection_establishment(struct sock *sk) 707{ 708 DECLARE_WAITQUEUE(wait, current); 709 int rc; 710 711 add_wait_queue_exclusive(sk_sleep(sk), &wait); 712 for (;;) { 713 __set_current_state(TASK_INTERRUPTIBLE); 714 rc = -ERESTARTSYS; 715 if (signal_pending(current)) 716 break; 717 rc = sock_error(sk); 718 if (rc) { 719 sk->sk_socket->state = SS_UNCONNECTED; 720 break; 721 } 722 rc = 0; 723 if (sk->sk_state != TCP_ESTABLISHED) { 724 release_sock(sk); 725 schedule(); 726 lock_sock(sk); 727 } else 728 break; 729 } 730 __set_current_state(TASK_RUNNING); 731 remove_wait_queue(sk_sleep(sk), &wait); 732 return rc; 733} 734 735static int x25_connect(struct socket *sock, struct sockaddr *uaddr, 736 int addr_len, int flags) 737{ 738 struct sock *sk = sock->sk; 739 struct x25_sock *x25 = x25_sk(sk); 740 struct sockaddr_x25 *addr = (struct sockaddr_x25 *)uaddr; 741 struct x25_route *rt; 742 int rc = 0; 743 744 lock_sock(sk); 745 if (sk->sk_state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) { 746 sock->state = SS_CONNECTED; 747 goto out; /* Connect completed during a ERESTARTSYS event */ 748 } 749 750 rc = -ECONNREFUSED; 751 if (sk->sk_state == TCP_CLOSE && sock->state == SS_CONNECTING) { 752 sock->state = SS_UNCONNECTED; 753 goto out; 754 } 755 756 rc = -EISCONN; /* No reconnect on a seqpacket socket */ 757 if (sk->sk_state == TCP_ESTABLISHED) 758 goto out; 759 760 rc = -EALREADY; /* Do nothing if call is already in progress */ 761 if (sk->sk_state == TCP_SYN_SENT) 762 goto out; 763 764 sk->sk_state = TCP_CLOSE; 765 sock->state = SS_UNCONNECTED; 766 767 rc = -EINVAL; 768 if (addr_len != sizeof(struct sockaddr_x25) || 769 addr->sx25_family != AF_X25 || 770 strnlen(addr->sx25_addr.x25_addr, X25_ADDR_LEN) == X25_ADDR_LEN) 771 goto out; 772 773 rc = -ENETUNREACH; 774 rt = x25_get_route(&addr->sx25_addr); 775 if (!rt) 776 goto out; 777 778 x25->neighbour = x25_get_neigh(rt->dev); 779 if (!x25->neighbour) 780 goto out_put_route; 781 782 x25_limit_facilities(&x25->facilities, x25->neighbour); 783 784 x25->lci = x25_new_lci(x25->neighbour); 785 if (!x25->lci) 786 goto out_put_neigh; 787 788 rc = -EINVAL; 789 if (sock_flag(sk, SOCK_ZAPPED)) /* Must bind first - autobinding does not work */ 790 goto out_put_neigh; 791 792 if (!strcmp(x25->source_addr.x25_addr, null_x25_address.x25_addr)) 793 memset(&x25->source_addr, '\0', X25_ADDR_LEN); 794 795 x25->dest_addr = addr->sx25_addr; 796 797 /* Move to connecting socket, start sending Connect Requests */ 798 sock->state = SS_CONNECTING; 799 sk->sk_state = TCP_SYN_SENT; 800 801 x25->state = X25_STATE_1; 802 803 x25_write_internal(sk, X25_CALL_REQUEST); 804 805 x25_start_heartbeat(sk); 806 x25_start_t21timer(sk); 807 808 /* Now the loop */ 809 rc = -EINPROGRESS; 810 if (sk->sk_state != TCP_ESTABLISHED && (flags & O_NONBLOCK)) 811 goto out; 812 813 rc = x25_wait_for_connection_establishment(sk); 814 if (rc) 815 goto out_put_neigh; 816 817 sock->state = SS_CONNECTED; 818 rc = 0; 819out_put_neigh: 820 if (rc && x25->neighbour) { 821 read_lock_bh(&x25_list_lock); 822 x25_neigh_put(x25->neighbour); 823 x25->neighbour = NULL; 824 read_unlock_bh(&x25_list_lock); 825 x25->state = X25_STATE_0; 826 } 827out_put_route: 828 x25_route_put(rt); 829out: 830 release_sock(sk); 831 return rc; 832} 833 834static int x25_wait_for_data(struct sock *sk, long timeout) 835{ 836 DECLARE_WAITQUEUE(wait, current); 837 int rc = 0; 838 839 add_wait_queue_exclusive(sk_sleep(sk), &wait); 840 for (;;) { 841 __set_current_state(TASK_INTERRUPTIBLE); 842 if (sk->sk_shutdown & RCV_SHUTDOWN) 843 break; 844 rc = -ERESTARTSYS; 845 if (signal_pending(current)) 846 break; 847 rc = -EAGAIN; 848 if (!timeout) 849 break; 850 rc = 0; 851 if (skb_queue_empty(&sk->sk_receive_queue)) { 852 release_sock(sk); 853 timeout = schedule_timeout(timeout); 854 lock_sock(sk); 855 } else 856 break; 857 } 858 __set_current_state(TASK_RUNNING); 859 remove_wait_queue(sk_sleep(sk), &wait); 860 return rc; 861} 862 863static int x25_accept(struct socket *sock, struct socket *newsock, int flags, 864 bool kern) 865{ 866 struct sock *sk = sock->sk; 867 struct sock *newsk; 868 struct sk_buff *skb; 869 int rc = -EINVAL; 870 871 if (!sk) 872 goto out; 873 874 rc = -EOPNOTSUPP; 875 if (sk->sk_type != SOCK_SEQPACKET) 876 goto out; 877 878 lock_sock(sk); 879 rc = -EINVAL; 880 if (sk->sk_state != TCP_LISTEN) 881 goto out2; 882 883 rc = x25_wait_for_data(sk, sk->sk_rcvtimeo); 884 if (rc) 885 goto out2; 886 skb = skb_dequeue(&sk->sk_receive_queue); 887 rc = -EINVAL; 888 if (!skb->sk) 889 goto out2; 890 newsk = skb->sk; 891 sock_graft(newsk, newsock); 892 893 /* Now attach up the new socket */ 894 skb->sk = NULL; 895 kfree_skb(skb); 896 sk_acceptq_removed(sk); 897 newsock->state = SS_CONNECTED; 898 rc = 0; 899out2: 900 release_sock(sk); 901out: 902 return rc; 903} 904 905static int x25_getname(struct socket *sock, struct sockaddr *uaddr, 906 int peer) 907{ 908 struct sockaddr_x25 *sx25 = (struct sockaddr_x25 *)uaddr; 909 struct sock *sk = sock->sk; 910 struct x25_sock *x25 = x25_sk(sk); 911 int rc = 0; 912 913 if (peer) { 914 if (sk->sk_state != TCP_ESTABLISHED) { 915 rc = -ENOTCONN; 916 goto out; 917 } 918 sx25->sx25_addr = x25->dest_addr; 919 } else 920 sx25->sx25_addr = x25->source_addr; 921 922 sx25->sx25_family = AF_X25; 923 rc = sizeof(*sx25); 924 925out: 926 return rc; 927} 928 929int x25_rx_call_request(struct sk_buff *skb, struct x25_neigh *nb, 930 unsigned int lci) 931{ 932 struct sock *sk; 933 struct sock *make; 934 struct x25_sock *makex25; 935 struct x25_address source_addr, dest_addr; 936 struct x25_facilities facilities; 937 struct x25_dte_facilities dte_facilities; 938 int len, addr_len, rc; 939 940 /* 941 * Remove the LCI and frame type. 942 */ 943 skb_pull(skb, X25_STD_MIN_LEN); 944 945 /* 946 * Extract the X.25 addresses and convert them to ASCII strings, 947 * and remove them. 948 * 949 * Address block is mandatory in call request packets 950 */ 951 addr_len = x25_parse_address_block(skb, &source_addr, &dest_addr); 952 if (addr_len <= 0) 953 goto out_clear_request; 954 skb_pull(skb, addr_len); 955 956 /* 957 * Get the length of the facilities, skip past them for the moment 958 * get the call user data because this is needed to determine 959 * the correct listener 960 * 961 * Facilities length is mandatory in call request packets 962 */ 963 if (!pskb_may_pull(skb, 1)) 964 goto out_clear_request; 965 len = skb->data[0] + 1; 966 if (!pskb_may_pull(skb, len)) 967 goto out_clear_request; 968 skb_pull(skb,len); 969 970 /* 971 * Ensure that the amount of call user data is valid. 972 */ 973 if (skb->len > X25_MAX_CUD_LEN) 974 goto out_clear_request; 975 976 /* 977 * Get all the call user data so it can be used in 978 * x25_find_listener and skb_copy_from_linear_data up ahead. 979 */ 980 if (!pskb_may_pull(skb, skb->len)) 981 goto out_clear_request; 982 983 /* 984 * Find a listener for the particular address/cud pair. 985 */ 986 sk = x25_find_listener(&source_addr,skb); 987 skb_push(skb,len); 988 989 if (sk != NULL && sk_acceptq_is_full(sk)) { 990 goto out_sock_put; 991 } 992 993 /* 994 * We dont have any listeners for this incoming call. 995 * Try forwarding it. 996 */ 997 if (sk == NULL) { 998 skb_push(skb, addr_len + X25_STD_MIN_LEN); 999 if (sysctl_x25_forward && 1000 x25_forward_call(&dest_addr, nb, skb, lci) > 0) 1001 { 1002 /* Call was forwarded, dont process it any more */ 1003 kfree_skb(skb); 1004 rc = 1; 1005 goto out; 1006 } else { 1007 /* No listeners, can't forward, clear the call */ 1008 goto out_clear_request; 1009 } 1010 } 1011 1012 /* 1013 * Try to reach a compromise on the requested facilities. 1014 */ 1015 len = x25_negotiate_facilities(skb, sk, &facilities, &dte_facilities); 1016 if (len == -1) 1017 goto out_sock_put; 1018 1019 /* 1020 * current neighbour/link might impose additional limits 1021 * on certain facilities 1022 */ 1023 1024 x25_limit_facilities(&facilities, nb); 1025 1026 /* 1027 * Try to create a new socket. 1028 */ 1029 make = x25_make_new(sk); 1030 if (!make) 1031 goto out_sock_put; 1032 1033 /* 1034 * Remove the facilities 1035 */ 1036 skb_pull(skb, len); 1037 1038 skb->sk = make; 1039 make->sk_state = TCP_ESTABLISHED; 1040 1041 makex25 = x25_sk(make); 1042 makex25->lci = lci; 1043 makex25->dest_addr = dest_addr; 1044 makex25->source_addr = source_addr; 1045 x25_neigh_hold(nb); 1046 makex25->neighbour = nb; 1047 makex25->facilities = facilities; 1048 makex25->dte_facilities= dte_facilities; 1049 makex25->vc_facil_mask = x25_sk(sk)->vc_facil_mask; 1050 /* ensure no reverse facil on accept */ 1051 makex25->vc_facil_mask &= ~X25_MASK_REVERSE; 1052 /* ensure no calling address extension on accept */ 1053 makex25->vc_facil_mask &= ~X25_MASK_CALLING_AE; 1054 makex25->cudmatchlength = x25_sk(sk)->cudmatchlength; 1055 1056 /* Normally all calls are accepted immediately */ 1057 if (test_bit(X25_ACCPT_APPRV_FLAG, &makex25->flags)) { 1058 x25_write_internal(make, X25_CALL_ACCEPTED); 1059 makex25->state = X25_STATE_3; 1060 } else { 1061 makex25->state = X25_STATE_5; 1062 } 1063 1064 /* 1065 * Incoming Call User Data. 1066 */ 1067 skb_copy_from_linear_data(skb, makex25->calluserdata.cuddata, skb->len); 1068 makex25->calluserdata.cudlength = skb->len; 1069 1070 sk_acceptq_added(sk); 1071 1072 x25_insert_socket(make); 1073 1074 skb_queue_head(&sk->sk_receive_queue, skb); 1075 1076 x25_start_heartbeat(make); 1077 1078 if (!sock_flag(sk, SOCK_DEAD)) 1079 sk->sk_data_ready(sk); 1080 rc = 1; 1081 sock_put(sk); 1082out: 1083 return rc; 1084out_sock_put: 1085 sock_put(sk); 1086out_clear_request: 1087 rc = 0; 1088 x25_transmit_clear_request(nb, lci, 0x01); 1089 goto out; 1090} 1091 1092static int x25_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) 1093{ 1094 struct sock *sk = sock->sk; 1095 struct x25_sock *x25 = x25_sk(sk); 1096 DECLARE_SOCKADDR(struct sockaddr_x25 *, usx25, msg->msg_name); 1097 struct sockaddr_x25 sx25; 1098 struct sk_buff *skb; 1099 unsigned char *asmptr; 1100 int noblock = msg->msg_flags & MSG_DONTWAIT; 1101 size_t size; 1102 int qbit = 0, rc = -EINVAL; 1103 1104 lock_sock(sk); 1105 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_OOB|MSG_EOR|MSG_CMSG_COMPAT)) 1106 goto out; 1107 1108 /* we currently don't support segmented records at the user interface */ 1109 if (!(msg->msg_flags & (MSG_EOR|MSG_OOB))) 1110 goto out; 1111 1112 rc = -EADDRNOTAVAIL; 1113 if (sock_flag(sk, SOCK_ZAPPED)) 1114 goto out; 1115 1116 rc = -EPIPE; 1117 if (sk->sk_shutdown & SEND_SHUTDOWN) { 1118 send_sig(SIGPIPE, current, 0); 1119 goto out; 1120 } 1121 1122 rc = -ENETUNREACH; 1123 if (!x25->neighbour) 1124 goto out; 1125 1126 if (usx25) { 1127 rc = -EINVAL; 1128 if (msg->msg_namelen < sizeof(sx25)) 1129 goto out; 1130 memcpy(&sx25, usx25, sizeof(sx25)); 1131 rc = -EISCONN; 1132 if (strcmp(x25->dest_addr.x25_addr, sx25.sx25_addr.x25_addr)) 1133 goto out; 1134 rc = -EINVAL; 1135 if (sx25.sx25_family != AF_X25) 1136 goto out; 1137 } else { 1138 /* 1139 * FIXME 1003.1g - if the socket is like this because 1140 * it has become closed (not started closed) we ought 1141 * to SIGPIPE, EPIPE; 1142 */ 1143 rc = -ENOTCONN; 1144 if (sk->sk_state != TCP_ESTABLISHED) 1145 goto out; 1146 1147 sx25.sx25_family = AF_X25; 1148 sx25.sx25_addr = x25->dest_addr; 1149 } 1150 1151 /* Sanity check the packet size */ 1152 if (len > 65535) { 1153 rc = -EMSGSIZE; 1154 goto out; 1155 } 1156 1157 SOCK_DEBUG(sk, "x25_sendmsg: sendto: Addresses built.\n"); 1158 1159 /* Build a packet */ 1160 SOCK_DEBUG(sk, "x25_sendmsg: sendto: building packet.\n"); 1161 1162 if ((msg->msg_flags & MSG_OOB) && len > 32) 1163 len = 32; 1164 1165 size = len + X25_MAX_L2_LEN + X25_EXT_MIN_LEN; 1166 1167 release_sock(sk); 1168 skb = sock_alloc_send_skb(sk, size, noblock, &rc); 1169 lock_sock(sk); 1170 if (!skb) 1171 goto out; 1172 X25_SKB_CB(skb)->flags = msg->msg_flags; 1173 1174 skb_reserve(skb, X25_MAX_L2_LEN + X25_EXT_MIN_LEN); 1175 1176 /* 1177 * Put the data on the end 1178 */ 1179 SOCK_DEBUG(sk, "x25_sendmsg: Copying user data\n"); 1180 1181 skb_reset_transport_header(skb); 1182 skb_put(skb, len); 1183 1184 rc = memcpy_from_msg(skb_transport_header(skb), msg, len); 1185 if (rc) 1186 goto out_kfree_skb; 1187 1188 /* 1189 * If the Q BIT Include socket option is in force, the first 1190 * byte of the user data is the logical value of the Q Bit. 1191 */ 1192 if (test_bit(X25_Q_BIT_FLAG, &x25->flags)) { 1193 if (!pskb_may_pull(skb, 1)) 1194 goto out_kfree_skb; 1195 1196 qbit = skb->data[0]; 1197 skb_pull(skb, 1); 1198 } 1199 1200 /* 1201 * Push down the X.25 header 1202 */ 1203 SOCK_DEBUG(sk, "x25_sendmsg: Building X.25 Header.\n"); 1204 1205 if (msg->msg_flags & MSG_OOB) { 1206 if (x25->neighbour->extended) { 1207 asmptr = skb_push(skb, X25_STD_MIN_LEN); 1208 *asmptr++ = ((x25->lci >> 8) & 0x0F) | X25_GFI_EXTSEQ; 1209 *asmptr++ = (x25->lci >> 0) & 0xFF; 1210 *asmptr++ = X25_INTERRUPT; 1211 } else { 1212 asmptr = skb_push(skb, X25_STD_MIN_LEN); 1213 *asmptr++ = ((x25->lci >> 8) & 0x0F) | X25_GFI_STDSEQ; 1214 *asmptr++ = (x25->lci >> 0) & 0xFF; 1215 *asmptr++ = X25_INTERRUPT; 1216 } 1217 } else { 1218 if (x25->neighbour->extended) { 1219 /* Build an Extended X.25 header */ 1220 asmptr = skb_push(skb, X25_EXT_MIN_LEN); 1221 *asmptr++ = ((x25->lci >> 8) & 0x0F) | X25_GFI_EXTSEQ; 1222 *asmptr++ = (x25->lci >> 0) & 0xFF; 1223 *asmptr++ = X25_DATA; 1224 *asmptr++ = X25_DATA; 1225 } else { 1226 /* Build an Standard X.25 header */ 1227 asmptr = skb_push(skb, X25_STD_MIN_LEN); 1228 *asmptr++ = ((x25->lci >> 8) & 0x0F) | X25_GFI_STDSEQ; 1229 *asmptr++ = (x25->lci >> 0) & 0xFF; 1230 *asmptr++ = X25_DATA; 1231 } 1232 1233 if (qbit) 1234 skb->data[0] |= X25_Q_BIT; 1235 } 1236 1237 SOCK_DEBUG(sk, "x25_sendmsg: Built header.\n"); 1238 SOCK_DEBUG(sk, "x25_sendmsg: Transmitting buffer\n"); 1239 1240 rc = -ENOTCONN; 1241 if (sk->sk_state != TCP_ESTABLISHED) 1242 goto out_kfree_skb; 1243 1244 if (msg->msg_flags & MSG_OOB) 1245 skb_queue_tail(&x25->interrupt_out_queue, skb); 1246 else { 1247 rc = x25_output(sk, skb); 1248 len = rc; 1249 if (rc < 0) 1250 kfree_skb(skb); 1251 else if (test_bit(X25_Q_BIT_FLAG, &x25->flags)) 1252 len++; 1253 } 1254 1255 x25_kick(sk); 1256 rc = len; 1257out: 1258 release_sock(sk); 1259 return rc; 1260out_kfree_skb: 1261 kfree_skb(skb); 1262 goto out; 1263} 1264 1265 1266static int x25_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, 1267 int flags) 1268{ 1269 struct sock *sk = sock->sk; 1270 struct x25_sock *x25 = x25_sk(sk); 1271 DECLARE_SOCKADDR(struct sockaddr_x25 *, sx25, msg->msg_name); 1272 size_t copied; 1273 int qbit, header_len; 1274 struct sk_buff *skb; 1275 unsigned char *asmptr; 1276 int rc = -ENOTCONN; 1277 1278 lock_sock(sk); 1279 1280 if (x25->neighbour == NULL) 1281 goto out; 1282 1283 header_len = x25->neighbour->extended ? 1284 X25_EXT_MIN_LEN : X25_STD_MIN_LEN; 1285 1286 /* 1287 * This works for seqpacket too. The receiver has ordered the queue for 1288 * us! We do one quick check first though 1289 */ 1290 if (sk->sk_state != TCP_ESTABLISHED) 1291 goto out; 1292 1293 if (flags & MSG_OOB) { 1294 rc = -EINVAL; 1295 if (sock_flag(sk, SOCK_URGINLINE) || 1296 !skb_peek(&x25->interrupt_in_queue)) 1297 goto out; 1298 1299 skb = skb_dequeue(&x25->interrupt_in_queue); 1300 1301 if (!pskb_may_pull(skb, X25_STD_MIN_LEN)) 1302 goto out_free_dgram; 1303 1304 skb_pull(skb, X25_STD_MIN_LEN); 1305 1306 /* 1307 * No Q bit information on Interrupt data. 1308 */ 1309 if (test_bit(X25_Q_BIT_FLAG, &x25->flags)) { 1310 asmptr = skb_push(skb, 1); 1311 *asmptr = 0x00; 1312 } 1313 1314 msg->msg_flags |= MSG_OOB; 1315 } else { 1316 /* Now we can treat all alike */ 1317 release_sock(sk); 1318 skb = skb_recv_datagram(sk, flags, &rc); 1319 lock_sock(sk); 1320 if (!skb) 1321 goto out; 1322 1323 if (!pskb_may_pull(skb, header_len)) 1324 goto out_free_dgram; 1325 1326 qbit = (skb->data[0] & X25_Q_BIT) == X25_Q_BIT; 1327 1328 skb_pull(skb, header_len); 1329 1330 if (test_bit(X25_Q_BIT_FLAG, &x25->flags)) { 1331 asmptr = skb_push(skb, 1); 1332 *asmptr = qbit; 1333 } 1334 } 1335 1336 skb_reset_transport_header(skb); 1337 copied = skb->len; 1338 1339 if (copied > size) { 1340 copied = size; 1341 msg->msg_flags |= MSG_TRUNC; 1342 } 1343 1344 /* Currently, each datagram always contains a complete record */ 1345 msg->msg_flags |= MSG_EOR; 1346 1347 rc = skb_copy_datagram_msg(skb, 0, msg, copied); 1348 if (rc) 1349 goto out_free_dgram; 1350 1351 if (sx25) { 1352 sx25->sx25_family = AF_X25; 1353 sx25->sx25_addr = x25->dest_addr; 1354 msg->msg_namelen = sizeof(*sx25); 1355 } 1356 1357 x25_check_rbuf(sk); 1358 rc = copied; 1359out_free_dgram: 1360 skb_free_datagram(sk, skb); 1361out: 1362 release_sock(sk); 1363 return rc; 1364} 1365 1366 1367static int x25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 1368{ 1369 struct sock *sk = sock->sk; 1370 struct x25_sock *x25 = x25_sk(sk); 1371 void __user *argp = (void __user *)arg; 1372 int rc; 1373 1374 switch (cmd) { 1375 case TIOCOUTQ: { 1376 int amount; 1377 1378 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk); 1379 if (amount < 0) 1380 amount = 0; 1381 rc = put_user(amount, (unsigned int __user *)argp); 1382 break; 1383 } 1384 1385 case TIOCINQ: { 1386 struct sk_buff *skb; 1387 int amount = 0; 1388 /* 1389 * These two are safe on a single CPU system as 1390 * only user tasks fiddle here 1391 */ 1392 lock_sock(sk); 1393 if ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) 1394 amount = skb->len; 1395 release_sock(sk); 1396 rc = put_user(amount, (unsigned int __user *)argp); 1397 break; 1398 } 1399 1400 case SIOCGIFADDR: 1401 case SIOCSIFADDR: 1402 case SIOCGIFDSTADDR: 1403 case SIOCSIFDSTADDR: 1404 case SIOCGIFBRDADDR: 1405 case SIOCSIFBRDADDR: 1406 case SIOCGIFNETMASK: 1407 case SIOCSIFNETMASK: 1408 case SIOCGIFMETRIC: 1409 case SIOCSIFMETRIC: 1410 rc = -EINVAL; 1411 break; 1412 case SIOCADDRT: 1413 case SIOCDELRT: 1414 rc = -EPERM; 1415 if (!capable(CAP_NET_ADMIN)) 1416 break; 1417 rc = x25_route_ioctl(cmd, argp); 1418 break; 1419 case SIOCX25GSUBSCRIP: 1420 rc = x25_subscr_ioctl(cmd, argp); 1421 break; 1422 case SIOCX25SSUBSCRIP: 1423 rc = -EPERM; 1424 if (!capable(CAP_NET_ADMIN)) 1425 break; 1426 rc = x25_subscr_ioctl(cmd, argp); 1427 break; 1428 case SIOCX25GFACILITIES: { 1429 lock_sock(sk); 1430 rc = copy_to_user(argp, &x25->facilities, 1431 sizeof(x25->facilities)) 1432 ? -EFAULT : 0; 1433 release_sock(sk); 1434 break; 1435 } 1436 1437 case SIOCX25SFACILITIES: { 1438 struct x25_facilities facilities; 1439 rc = -EFAULT; 1440 if (copy_from_user(&facilities, argp, sizeof(facilities))) 1441 break; 1442 rc = -EINVAL; 1443 lock_sock(sk); 1444 if (sk->sk_state != TCP_LISTEN && 1445 sk->sk_state != TCP_CLOSE) 1446 goto out_fac_release; 1447 if (facilities.pacsize_in < X25_PS16 || 1448 facilities.pacsize_in > X25_PS4096) 1449 goto out_fac_release; 1450 if (facilities.pacsize_out < X25_PS16 || 1451 facilities.pacsize_out > X25_PS4096) 1452 goto out_fac_release; 1453 if (facilities.winsize_in < 1 || 1454 facilities.winsize_in > 127) 1455 goto out_fac_release; 1456 if (facilities.throughput) { 1457 int out = facilities.throughput & 0xf0; 1458 int in = facilities.throughput & 0x0f; 1459 if (!out) 1460 facilities.throughput |= 1461 X25_DEFAULT_THROUGHPUT << 4; 1462 else if (out < 0x30 || out > 0xD0) 1463 goto out_fac_release; 1464 if (!in) 1465 facilities.throughput |= 1466 X25_DEFAULT_THROUGHPUT; 1467 else if (in < 0x03 || in > 0x0D) 1468 goto out_fac_release; 1469 } 1470 if (facilities.reverse && 1471 (facilities.reverse & 0x81) != 0x81) 1472 goto out_fac_release; 1473 x25->facilities = facilities; 1474 rc = 0; 1475out_fac_release: 1476 release_sock(sk); 1477 break; 1478 } 1479 1480 case SIOCX25GDTEFACILITIES: { 1481 lock_sock(sk); 1482 rc = copy_to_user(argp, &x25->dte_facilities, 1483 sizeof(x25->dte_facilities)); 1484 release_sock(sk); 1485 if (rc) 1486 rc = -EFAULT; 1487 break; 1488 } 1489 1490 case SIOCX25SDTEFACILITIES: { 1491 struct x25_dte_facilities dtefacs; 1492 rc = -EFAULT; 1493 if (copy_from_user(&dtefacs, argp, sizeof(dtefacs))) 1494 break; 1495 rc = -EINVAL; 1496 lock_sock(sk); 1497 if (sk->sk_state != TCP_LISTEN && 1498 sk->sk_state != TCP_CLOSE) 1499 goto out_dtefac_release; 1500 if (dtefacs.calling_len > X25_MAX_AE_LEN) 1501 goto out_dtefac_release; 1502 if (dtefacs.called_len > X25_MAX_AE_LEN) 1503 goto out_dtefac_release; 1504 x25->dte_facilities = dtefacs; 1505 rc = 0; 1506out_dtefac_release: 1507 release_sock(sk); 1508 break; 1509 } 1510 1511 case SIOCX25GCALLUSERDATA: { 1512 lock_sock(sk); 1513 rc = copy_to_user(argp, &x25->calluserdata, 1514 sizeof(x25->calluserdata)) 1515 ? -EFAULT : 0; 1516 release_sock(sk); 1517 break; 1518 } 1519 1520 case SIOCX25SCALLUSERDATA: { 1521 struct x25_calluserdata calluserdata; 1522 1523 rc = -EFAULT; 1524 if (copy_from_user(&calluserdata, argp, sizeof(calluserdata))) 1525 break; 1526 rc = -EINVAL; 1527 if (calluserdata.cudlength > X25_MAX_CUD_LEN) 1528 break; 1529 lock_sock(sk); 1530 x25->calluserdata = calluserdata; 1531 release_sock(sk); 1532 rc = 0; 1533 break; 1534 } 1535 1536 case SIOCX25GCAUSEDIAG: { 1537 lock_sock(sk); 1538 rc = copy_to_user(argp, &x25->causediag, sizeof(x25->causediag)) 1539 ? -EFAULT : 0; 1540 release_sock(sk); 1541 break; 1542 } 1543 1544 case SIOCX25SCAUSEDIAG: { 1545 struct x25_causediag causediag; 1546 rc = -EFAULT; 1547 if (copy_from_user(&causediag, argp, sizeof(causediag))) 1548 break; 1549 lock_sock(sk); 1550 x25->causediag = causediag; 1551 release_sock(sk); 1552 rc = 0; 1553 break; 1554 1555 } 1556 1557 case SIOCX25SCUDMATCHLEN: { 1558 struct x25_subaddr sub_addr; 1559 rc = -EINVAL; 1560 lock_sock(sk); 1561 if(sk->sk_state != TCP_CLOSE) 1562 goto out_cud_release; 1563 rc = -EFAULT; 1564 if (copy_from_user(&sub_addr, argp, 1565 sizeof(sub_addr))) 1566 goto out_cud_release; 1567 rc = -EINVAL; 1568 if (sub_addr.cudmatchlength > X25_MAX_CUD_LEN) 1569 goto out_cud_release; 1570 x25->cudmatchlength = sub_addr.cudmatchlength; 1571 rc = 0; 1572out_cud_release: 1573 release_sock(sk); 1574 break; 1575 } 1576 1577 case SIOCX25CALLACCPTAPPRV: { 1578 rc = -EINVAL; 1579 lock_sock(sk); 1580 if (sk->sk_state == TCP_CLOSE) { 1581 clear_bit(X25_ACCPT_APPRV_FLAG, &x25->flags); 1582 rc = 0; 1583 } 1584 release_sock(sk); 1585 break; 1586 } 1587 1588 case SIOCX25SENDCALLACCPT: { 1589 rc = -EINVAL; 1590 lock_sock(sk); 1591 if (sk->sk_state != TCP_ESTABLISHED) 1592 goto out_sendcallaccpt_release; 1593 /* must call accptapprv above */ 1594 if (test_bit(X25_ACCPT_APPRV_FLAG, &x25->flags)) 1595 goto out_sendcallaccpt_release; 1596 x25_write_internal(sk, X25_CALL_ACCEPTED); 1597 x25->state = X25_STATE_3; 1598 rc = 0; 1599out_sendcallaccpt_release: 1600 release_sock(sk); 1601 break; 1602 } 1603 1604 default: 1605 rc = -ENOIOCTLCMD; 1606 break; 1607 } 1608 1609 return rc; 1610} 1611 1612static const struct net_proto_family x25_family_ops = { 1613 .family = AF_X25, 1614 .create = x25_create, 1615 .owner = THIS_MODULE, 1616}; 1617 1618#ifdef CONFIG_COMPAT 1619static int compat_x25_subscr_ioctl(unsigned int cmd, 1620 struct compat_x25_subscrip_struct __user *x25_subscr32) 1621{ 1622 struct compat_x25_subscrip_struct x25_subscr; 1623 struct x25_neigh *nb; 1624 struct net_device *dev; 1625 int rc = -EINVAL; 1626 1627 rc = -EFAULT; 1628 if (copy_from_user(&x25_subscr, x25_subscr32, sizeof(*x25_subscr32))) 1629 goto out; 1630 1631 rc = -EINVAL; 1632 dev = x25_dev_get(x25_subscr.device); 1633 if (dev == NULL) 1634 goto out; 1635 1636 nb = x25_get_neigh(dev); 1637 if (nb == NULL) 1638 goto out_dev_put; 1639 1640 dev_put(dev); 1641 1642 if (cmd == SIOCX25GSUBSCRIP) { 1643 read_lock_bh(&x25_neigh_list_lock); 1644 x25_subscr.extended = nb->extended; 1645 x25_subscr.global_facil_mask = nb->global_facil_mask; 1646 read_unlock_bh(&x25_neigh_list_lock); 1647 rc = copy_to_user(x25_subscr32, &x25_subscr, 1648 sizeof(*x25_subscr32)) ? -EFAULT : 0; 1649 } else { 1650 rc = -EINVAL; 1651 if (x25_subscr.extended == 0 || x25_subscr.extended == 1) { 1652 rc = 0; 1653 write_lock_bh(&x25_neigh_list_lock); 1654 nb->extended = x25_subscr.extended; 1655 nb->global_facil_mask = x25_subscr.global_facil_mask; 1656 write_unlock_bh(&x25_neigh_list_lock); 1657 } 1658 } 1659 x25_neigh_put(nb); 1660out: 1661 return rc; 1662out_dev_put: 1663 dev_put(dev); 1664 goto out; 1665} 1666 1667static int compat_x25_ioctl(struct socket *sock, unsigned int cmd, 1668 unsigned long arg) 1669{ 1670 void __user *argp = compat_ptr(arg); 1671 int rc = -ENOIOCTLCMD; 1672 1673 switch(cmd) { 1674 case TIOCOUTQ: 1675 case TIOCINQ: 1676 rc = x25_ioctl(sock, cmd, (unsigned long)argp); 1677 break; 1678 case SIOCGIFADDR: 1679 case SIOCSIFADDR: 1680 case SIOCGIFDSTADDR: 1681 case SIOCSIFDSTADDR: 1682 case SIOCGIFBRDADDR: 1683 case SIOCSIFBRDADDR: 1684 case SIOCGIFNETMASK: 1685 case SIOCSIFNETMASK: 1686 case SIOCGIFMETRIC: 1687 case SIOCSIFMETRIC: 1688 rc = -EINVAL; 1689 break; 1690 case SIOCADDRT: 1691 case SIOCDELRT: 1692 rc = -EPERM; 1693 if (!capable(CAP_NET_ADMIN)) 1694 break; 1695 rc = x25_route_ioctl(cmd, argp); 1696 break; 1697 case SIOCX25GSUBSCRIP: 1698 rc = compat_x25_subscr_ioctl(cmd, argp); 1699 break; 1700 case SIOCX25SSUBSCRIP: 1701 rc = -EPERM; 1702 if (!capable(CAP_NET_ADMIN)) 1703 break; 1704 rc = compat_x25_subscr_ioctl(cmd, argp); 1705 break; 1706 case SIOCX25GFACILITIES: 1707 case SIOCX25SFACILITIES: 1708 case SIOCX25GDTEFACILITIES: 1709 case SIOCX25SDTEFACILITIES: 1710 case SIOCX25GCALLUSERDATA: 1711 case SIOCX25SCALLUSERDATA: 1712 case SIOCX25GCAUSEDIAG: 1713 case SIOCX25SCAUSEDIAG: 1714 case SIOCX25SCUDMATCHLEN: 1715 case SIOCX25CALLACCPTAPPRV: 1716 case SIOCX25SENDCALLACCPT: 1717 rc = x25_ioctl(sock, cmd, (unsigned long)argp); 1718 break; 1719 default: 1720 rc = -ENOIOCTLCMD; 1721 break; 1722 } 1723 return rc; 1724} 1725#endif 1726 1727static const struct proto_ops x25_proto_ops = { 1728 .family = AF_X25, 1729 .owner = THIS_MODULE, 1730 .release = x25_release, 1731 .bind = x25_bind, 1732 .connect = x25_connect, 1733 .socketpair = sock_no_socketpair, 1734 .accept = x25_accept, 1735 .getname = x25_getname, 1736 .poll = datagram_poll, 1737 .ioctl = x25_ioctl, 1738#ifdef CONFIG_COMPAT 1739 .compat_ioctl = compat_x25_ioctl, 1740#endif 1741 .gettstamp = sock_gettstamp, 1742 .listen = x25_listen, 1743 .shutdown = sock_no_shutdown, 1744 .setsockopt = x25_setsockopt, 1745 .getsockopt = x25_getsockopt, 1746 .sendmsg = x25_sendmsg, 1747 .recvmsg = x25_recvmsg, 1748 .mmap = sock_no_mmap, 1749 .sendpage = sock_no_sendpage, 1750}; 1751 1752static struct packet_type x25_packet_type __read_mostly = { 1753 .type = cpu_to_be16(ETH_P_X25), 1754 .func = x25_lapb_receive_frame, 1755}; 1756 1757static struct notifier_block x25_dev_notifier = { 1758 .notifier_call = x25_device_event, 1759}; 1760 1761void x25_kill_by_neigh(struct x25_neigh *nb) 1762{ 1763 struct sock *s; 1764 1765 write_lock_bh(&x25_list_lock); 1766 1767 sk_for_each(s, &x25_list) { 1768 if (x25_sk(s)->neighbour == nb) { 1769 write_unlock_bh(&x25_list_lock); 1770 lock_sock(s); 1771 x25_disconnect(s, ENETUNREACH, 0, 0); 1772 release_sock(s); 1773 write_lock_bh(&x25_list_lock); 1774 } 1775 } 1776 write_unlock_bh(&x25_list_lock); 1777 1778 /* Remove any related forwards */ 1779 x25_clear_forward_by_dev(nb->dev); 1780} 1781 1782static int __init x25_init(void) 1783{ 1784 int rc; 1785 1786 rc = proto_register(&x25_proto, 0); 1787 if (rc) 1788 goto out; 1789 1790 rc = sock_register(&x25_family_ops); 1791 if (rc) 1792 goto out_proto; 1793 1794 dev_add_pack(&x25_packet_type); 1795 1796 rc = register_netdevice_notifier(&x25_dev_notifier); 1797 if (rc) 1798 goto out_sock; 1799 1800 rc = x25_register_sysctl(); 1801 if (rc) 1802 goto out_dev; 1803 1804 rc = x25_proc_init(); 1805 if (rc) 1806 goto out_sysctl; 1807 1808 pr_info("Linux Version 0.2\n"); 1809 1810out: 1811 return rc; 1812out_sysctl: 1813 x25_unregister_sysctl(); 1814out_dev: 1815 unregister_netdevice_notifier(&x25_dev_notifier); 1816out_sock: 1817 dev_remove_pack(&x25_packet_type); 1818 sock_unregister(AF_X25); 1819out_proto: 1820 proto_unregister(&x25_proto); 1821 goto out; 1822} 1823module_init(x25_init); 1824 1825static void __exit x25_exit(void) 1826{ 1827 x25_proc_exit(); 1828 x25_link_free(); 1829 x25_route_free(); 1830 1831 x25_unregister_sysctl(); 1832 1833 unregister_netdevice_notifier(&x25_dev_notifier); 1834 1835 dev_remove_pack(&x25_packet_type); 1836 1837 sock_unregister(AF_X25); 1838 proto_unregister(&x25_proto); 1839} 1840module_exit(x25_exit); 1841 1842MODULE_AUTHOR("Jonathan Naylor <g4klx@g4klx.demon.co.uk>"); 1843MODULE_DESCRIPTION("The X.25 Packet Layer network layer protocol"); 1844MODULE_LICENSE("GPL"); 1845MODULE_ALIAS_NETPROTO(PF_X25);