cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

x25_facilities.c (9085B)

      1// SPDX-License-Identifier: GPL-2.0-or-later
      2/*
      3 *	X.25 Packet Layer release 002
      4 *
      5 *	This is ALPHA test software. This code may break your machine,
      6 *	randomly fail to work with new releases, misbehave and/or generally
      7 *	screw up. It might even work.
      8 *
      9 *	This code REQUIRES 2.1.15 or higher
     10 *
     11 *	History
     12 *	X.25 001	Split from x25_subr.c
     13 *	mar/20/00	Daniela Squassoni Disabling/enabling of facilities
     14 *					  negotiation.
     15 *	apr/14/05	Shaun Pereira - Allow fast select with no restriction
     16 *					on response.
     17 */
     18
     19#define pr_fmt(fmt) "X25: " fmt
     20
     21#include <linux/kernel.h>
     22#include <linux/string.h>
     23#include <linux/skbuff.h>
     24#include <net/sock.h>
     25#include <net/x25.h>
     26
     27/**
     28 * x25_parse_facilities - Parse facilities from skb into the facilities structs
     29 *
     30 * @skb: sk_buff to parse
     31 * @facilities: Regular facilities, updated as facilities are found
     32 * @dte_facs: ITU DTE facilities, updated as DTE facilities are found
     33 * @vc_fac_mask: mask is updated with all facilities found
     34 *
     35 * Return codes:
     36 *  -1 - Parsing error, caller should drop call and clean up
     37 *   0 - Parse OK, this skb has no facilities
     38 *  >0 - Parse OK, returns the length of the facilities header
     39 *
     40 */
     41int x25_parse_facilities(struct sk_buff *skb, struct x25_facilities *facilities,
     42		struct x25_dte_facilities *dte_facs, unsigned long *vc_fac_mask)
     43{
     44	unsigned char *p;
     45	unsigned int len;
     46
     47	*vc_fac_mask = 0;
     48
     49	/*
     50	 * The kernel knows which facilities were set on an incoming call but
     51	 * currently this information is not available to userspace.  Here we
     52	 * give userspace who read incoming call facilities 0 length to indicate
     53	 * it wasn't set.
     54	 */
     55	dte_facs->calling_len = 0;
     56	dte_facs->called_len = 0;
     57	memset(dte_facs->called_ae, '\0', sizeof(dte_facs->called_ae));
     58	memset(dte_facs->calling_ae, '\0', sizeof(dte_facs->calling_ae));
     59
     60	if (!pskb_may_pull(skb, 1))
     61		return 0;
     62
     63	len = skb->data[0];
     64
     65	if (!pskb_may_pull(skb, 1 + len))
     66		return -1;
     67
     68	p = skb->data + 1;
     69
     70	while (len > 0) {
     71		switch (*p & X25_FAC_CLASS_MASK) {
     72		case X25_FAC_CLASS_A:
     73			if (len < 2)
     74				return -1;
     75			switch (*p) {
     76			case X25_FAC_REVERSE:
     77				if((p[1] & 0x81) == 0x81) {
     78					facilities->reverse = p[1] & 0x81;
     79					*vc_fac_mask |= X25_MASK_REVERSE;
     80					break;
     81				}
     82
     83				if((p[1] & 0x01) == 0x01) {
     84					facilities->reverse = p[1] & 0x01;
     85					*vc_fac_mask |= X25_MASK_REVERSE;
     86					break;
     87				}
     88
     89				if((p[1] & 0x80) == 0x80) {
     90					facilities->reverse = p[1] & 0x80;
     91					*vc_fac_mask |= X25_MASK_REVERSE;
     92					break;
     93				}
     94
     95				if(p[1] == 0x00) {
     96					facilities->reverse
     97						= X25_DEFAULT_REVERSE;
     98					*vc_fac_mask |= X25_MASK_REVERSE;
     99					break;
    100				}
    101				fallthrough;
    102			case X25_FAC_THROUGHPUT:
    103				facilities->throughput = p[1];
    104				*vc_fac_mask |= X25_MASK_THROUGHPUT;
    105				break;
    106			case X25_MARKER:
    107				break;
    108			default:
    109				pr_debug("unknown facility "
    110				       "%02X, value %02X\n",
    111				       p[0], p[1]);
    112				break;
    113			}
    114			p   += 2;
    115			len -= 2;
    116			break;
    117		case X25_FAC_CLASS_B:
    118			if (len < 3)
    119				return -1;
    120			switch (*p) {
    121			case X25_FAC_PACKET_SIZE:
    122				facilities->pacsize_in  = p[1];
    123				facilities->pacsize_out = p[2];
    124				*vc_fac_mask |= X25_MASK_PACKET_SIZE;
    125				break;
    126			case X25_FAC_WINDOW_SIZE:
    127				facilities->winsize_in  = p[1];
    128				facilities->winsize_out = p[2];
    129				*vc_fac_mask |= X25_MASK_WINDOW_SIZE;
    130				break;
    131			default:
    132				pr_debug("unknown facility "
    133				       "%02X, values %02X, %02X\n",
    134				       p[0], p[1], p[2]);
    135				break;
    136			}
    137			p   += 3;
    138			len -= 3;
    139			break;
    140		case X25_FAC_CLASS_C:
    141			if (len < 4)
    142				return -1;
    143			pr_debug("unknown facility %02X, "
    144			       "values %02X, %02X, %02X\n",
    145			       p[0], p[1], p[2], p[3]);
    146			p   += 4;
    147			len -= 4;
    148			break;
    149		case X25_FAC_CLASS_D:
    150			if (len < p[1] + 2)
    151				return -1;
    152			switch (*p) {
    153			case X25_FAC_CALLING_AE:
    154				if (p[1] > X25_MAX_DTE_FACIL_LEN || p[1] <= 1)
    155					return -1;
    156				if (p[2] > X25_MAX_AE_LEN)
    157					return -1;
    158				dte_facs->calling_len = p[2];
    159				memcpy(dte_facs->calling_ae, &p[3], p[1] - 1);
    160				*vc_fac_mask |= X25_MASK_CALLING_AE;
    161				break;
    162			case X25_FAC_CALLED_AE:
    163				if (p[1] > X25_MAX_DTE_FACIL_LEN || p[1] <= 1)
    164					return -1;
    165				if (p[2] > X25_MAX_AE_LEN)
    166					return -1;
    167				dte_facs->called_len = p[2];
    168				memcpy(dte_facs->called_ae, &p[3], p[1] - 1);
    169				*vc_fac_mask |= X25_MASK_CALLED_AE;
    170				break;
    171			default:
    172				pr_debug("unknown facility %02X,"
    173					"length %d\n", p[0], p[1]);
    174				break;
    175			}
    176			len -= p[1] + 2;
    177			p += p[1] + 2;
    178			break;
    179		}
    180	}
    181
    182	return p - skb->data;
    183}
    184
    185/*
    186 *	Create a set of facilities.
    187 */
    188int x25_create_facilities(unsigned char *buffer,
    189		struct x25_facilities *facilities,
    190		struct x25_dte_facilities *dte_facs, unsigned long facil_mask)
    191{
    192	unsigned char *p = buffer + 1;
    193	int len;
    194
    195	if (!facil_mask) {
    196		/*
    197		 * Length of the facilities field in call_req or
    198		 * call_accept packets
    199		 */
    200		buffer[0] = 0;
    201		len = 1; /* 1 byte for the length field */
    202		return len;
    203	}
    204
    205	if (facilities->reverse && (facil_mask & X25_MASK_REVERSE)) {
    206		*p++ = X25_FAC_REVERSE;
    207		*p++ = facilities->reverse;
    208	}
    209
    210	if (facilities->throughput && (facil_mask & X25_MASK_THROUGHPUT)) {
    211		*p++ = X25_FAC_THROUGHPUT;
    212		*p++ = facilities->throughput;
    213	}
    214
    215	if ((facilities->pacsize_in || facilities->pacsize_out) &&
    216	    (facil_mask & X25_MASK_PACKET_SIZE)) {
    217		*p++ = X25_FAC_PACKET_SIZE;
    218		*p++ = facilities->pacsize_in ? : facilities->pacsize_out;
    219		*p++ = facilities->pacsize_out ? : facilities->pacsize_in;
    220	}
    221
    222	if ((facilities->winsize_in || facilities->winsize_out) &&
    223	    (facil_mask & X25_MASK_WINDOW_SIZE)) {
    224		*p++ = X25_FAC_WINDOW_SIZE;
    225		*p++ = facilities->winsize_in ? : facilities->winsize_out;
    226		*p++ = facilities->winsize_out ? : facilities->winsize_in;
    227	}
    228
    229	if (facil_mask & (X25_MASK_CALLING_AE|X25_MASK_CALLED_AE)) {
    230		*p++ = X25_MARKER;
    231		*p++ = X25_DTE_SERVICES;
    232	}
    233
    234	if (dte_facs->calling_len && (facil_mask & X25_MASK_CALLING_AE)) {
    235		unsigned int bytecount = (dte_facs->calling_len + 1) >> 1;
    236		*p++ = X25_FAC_CALLING_AE;
    237		*p++ = 1 + bytecount;
    238		*p++ = dte_facs->calling_len;
    239		memcpy(p, dte_facs->calling_ae, bytecount);
    240		p += bytecount;
    241	}
    242
    243	if (dte_facs->called_len && (facil_mask & X25_MASK_CALLED_AE)) {
    244		unsigned int bytecount = (dte_facs->called_len % 2) ?
    245		dte_facs->called_len / 2 + 1 :
    246		dte_facs->called_len / 2;
    247		*p++ = X25_FAC_CALLED_AE;
    248		*p++ = 1 + bytecount;
    249		*p++ = dte_facs->called_len;
    250		memcpy(p, dte_facs->called_ae, bytecount);
    251		p+=bytecount;
    252	}
    253
    254	len       = p - buffer;
    255	buffer[0] = len - 1;
    256
    257	return len;
    258}
    259
    260/*
    261 *	Try to reach a compromise on a set of facilities.
    262 *
    263 *	The only real problem is with reverse charging.
    264 */
    265int x25_negotiate_facilities(struct sk_buff *skb, struct sock *sk,
    266		struct x25_facilities *new, struct x25_dte_facilities *dte)
    267{
    268	struct x25_sock *x25 = x25_sk(sk);
    269	struct x25_facilities *ours = &x25->facilities;
    270	struct x25_facilities theirs;
    271	int len;
    272
    273	memset(&theirs, 0, sizeof(theirs));
    274	memcpy(new, ours, sizeof(*new));
    275	memset(dte, 0, sizeof(*dte));
    276
    277	len = x25_parse_facilities(skb, &theirs, dte, &x25->vc_facil_mask);
    278	if (len < 0)
    279		return len;
    280
    281	/*
    282	 *	They want reverse charging, we won't accept it.
    283	 */
    284	if ((theirs.reverse & 0x01 ) && (ours->reverse & 0x01)) {
    285		SOCK_DEBUG(sk, "X.25: rejecting reverse charging request\n");
    286		return -1;
    287	}
    288
    289	new->reverse = theirs.reverse;
    290
    291	if (theirs.throughput) {
    292		int theirs_in =  theirs.throughput & 0x0f;
    293		int theirs_out = theirs.throughput & 0xf0;
    294		int ours_in  = ours->throughput & 0x0f;
    295		int ours_out = ours->throughput & 0xf0;
    296		if (!ours_in || theirs_in < ours_in) {
    297			SOCK_DEBUG(sk, "X.25: inbound throughput negotiated\n");
    298			new->throughput = (new->throughput & 0xf0) | theirs_in;
    299		}
    300		if (!ours_out || theirs_out < ours_out) {
    301			SOCK_DEBUG(sk,
    302				"X.25: outbound throughput negotiated\n");
    303			new->throughput = (new->throughput & 0x0f) | theirs_out;
    304		}
    305	}
    306
    307	if (theirs.pacsize_in && theirs.pacsize_out) {
    308		if (theirs.pacsize_in < ours->pacsize_in) {
    309			SOCK_DEBUG(sk, "X.25: packet size inwards negotiated down\n");
    310			new->pacsize_in = theirs.pacsize_in;
    311		}
    312		if (theirs.pacsize_out < ours->pacsize_out) {
    313			SOCK_DEBUG(sk, "X.25: packet size outwards negotiated down\n");
    314			new->pacsize_out = theirs.pacsize_out;
    315		}
    316	}
    317
    318	if (theirs.winsize_in && theirs.winsize_out) {
    319		if (theirs.winsize_in < ours->winsize_in) {
    320			SOCK_DEBUG(sk, "X.25: window size inwards negotiated down\n");
    321			new->winsize_in = theirs.winsize_in;
    322		}
    323		if (theirs.winsize_out < ours->winsize_out) {
    324			SOCK_DEBUG(sk, "X.25: window size outwards negotiated down\n");
    325			new->winsize_out = theirs.winsize_out;
    326		}
    327	}
    328
    329	return len;
    330}
    331
    332/*
    333 *	Limit values of certain facilities according to the capability of the
    334 *      currently attached x25 link.
    335 */
    336void x25_limit_facilities(struct x25_facilities *facilities,
    337			  struct x25_neigh *nb)
    338{
    339
    340	if (!nb->extended) {
    341		if (facilities->winsize_in  > 7) {
    342			pr_debug("incoming winsize limited to 7\n");
    343			facilities->winsize_in = 7;
    344		}
    345		if (facilities->winsize_out > 7) {
    346			facilities->winsize_out = 7;
    347			pr_debug("outgoing winsize limited to 7\n");
    348		}
    349	}
    350}