root/net/ax25/af_ax25.c

/* [previous][next][first][last][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. ax2asc
  2. ax25cmp
  3. ax25_remove_socket
  4. ax25_kill_by_device
  5. ax25_device_event
  6. ax25_insert_socket
  7. ax25_find_listener
  8. ax25_find_socket
  9. ax25_find_cb
  10. ax25_addr_match
  11. ax25_send_to_raw
  12. ax25_destroy_timer
  13. ax25_destroy_socket
  14. ax25_findbyuid
  15. ax25_uid_ioctl
  16. ax25_create_cb
  17. ax25_dev_is_dama_slave
  18. ax25_fillin_cb
  19. ax25_send_frame
  20. ax25rtr_get_dev
  21. ax25_fcntl
  22. ax25_setsockopt
  23. ax25_getsockopt
  24. ax25_listen
  25. def_callback1
  26. def_callback2
  27. ax25_create
  28. ax25_make_new
  29. ax25_dup
  30. ax25_release
  31. ax25_bind
  32. ax25_connect
  33. ax25_socketpair
  34. ax25_accept
  35. ax25_getname
  36. ax25_rcv
  37. kiss_rcv
  38. bpq_rcv
  39. ax25_sendmsg
  40. ax25_recvmsg
  41. ax25_shutdown
  42. ax25_select
  43. ax25_ioctl
  44. ax25_get_info
  45. ax25_proto_init
  46. ax25_queue_xmit
  47. ax25_encapsulate
  48. ax25_rebuild_header

   1 /*
   2  *      AX.25 release 031
   3  *
   4  *      This is ALPHA test software. This code may break your machine, randomly fail to work with new 
   5  *      releases, misbehave and/or generally screw up. It might even work. 
   6  *
   7  *      This code REQUIRES 1.2.1 or higher/ NET3.029
   8  *
   9  *      This module:
  10  *              This module is free software; you can redistribute it and/or
  11  *              modify it under the terms of the GNU General Public License
  12  *              as published by the Free Software Foundation; either version
  13  *              2 of the License, or (at your option) any later version.
  14  *
  15  *      History
  16  *      AX.25 006       Alan(GW4PTS)            Nearly died of shock - its working 8-)
  17  *      AX.25 007       Alan(GW4PTS)            Removed the silliest bugs
  18  *      AX.25 008       Alan(GW4PTS)            Cleaned up, fixed a few state machine problems, added callbacks
  19  *      AX.25 009       Alan(GW4PTS)            Emergency patch kit to fix memory corruption
  20  *      AX.25 010       Alan(GW4PTS)            Added RAW sockets/Digipeat.
  21  *      AX.25 011       Alan(GW4PTS)            RAW socket and datagram fixes (thanks) - Raw sendto now gets PID right
  22  *                                              datagram sendto uses correct target address.
  23  *      AX.25 012       Alan(GW4PTS)            Correct incoming connection handling, send DM to failed connects.
  24  *                                              Use skb->data not skb+1. Support sk->priority correctly.
  25  *                                              Correct receive on SOCK_DGRAM.
  26  *      AX.25 013       Alan(GW4PTS)            Send DM to all unknown frames, missing initialiser fixed
  27  *                                              Leave spare SSID bits set (DAMA etc) - thanks for bug report,
  28  *                                              removed device registration (its not used or needed). Clean up for
  29  *                                              gcc 2.5.8. PID to AX25_P_
  30  *      AX.25 014       Alan(GW4PTS)            Cleanup and NET3 merge
  31  *      AX.25 015       Alan(GW4PTS)            Internal test version.
  32  *      AX.25 016       Alan(GW4PTS)            Semi Internal version for PI card
  33  *                                              work.
  34  *      AX.25 017       Alan(GW4PTS)            Fixed some small bugs reported by
  35  *                                              G4KLX
  36  *      AX.25 018       Alan(GW4PTS)            Fixed a small error in SOCK_DGRAM
  37  *      AX.25 019       Alan(GW4PTS)            Clean ups for the non INET kernel and device ioctls in AX.25
  38  *      AX.25 020       Jonathan(G4KLX)         /proc support and other changes.
  39  *      AX.25 021       Alan(GW4PTS)            Added AX25_T1, AX25_N2, AX25_T3 as requested.
  40  *      AX.25 022       Jonathan(G4KLX)         More work on the ax25 auto router and /proc improved (again)!
  41  *                      Alan(GW4PTS)            Added TIOCINQ/OUTQ
  42  *      AX.25 023       Alan(GW4PTS)            Fixed shutdown bug
  43  *      AX.25 023       Alan(GW4PTS)            Linus changed timers
  44  *      AX.25 024       Alan(GW4PTS)            Small bug fixes
  45  *      AX.25 025       Alan(GW4PTS)            More fixes, Linux 1.1.51 compatibility stuff, timers again!
  46  *      AX.25 026       Alan(GW4PTS)            Small state fix.
  47  *      AX.25 027       Alan(GW4PTS)            Socket close crash fixes.
  48  *      AX.25 028       Alan(GW4PTS)            Callsign control including settings per uid.
  49  *                                              Small bug fixes.
  50  *                                              Protocol set by sockets only.
  51  *                                              Small changes to allow for start of NET/ROM layer.
  52  *      AX.25 028a      Jonathan(G4KLX)         Changes to state machine.
  53  *      AX.25 028b      Jonathan(G4KLX)         Extracted ax25 control block
  54  *                                              from sock structure.
  55  *      AX.25 029       Alan(GW4PTS)            Combined 028b and some KA9Q code
  56  *                      Jonathan(G4KLX)         and removed all the old Berkeley, added IP mode registration.
  57  *                      Darryl(G7LED)           stuff. Cross-port digipeating. Minor fixes and enhancements.
  58  *                      Alan(GW4PTS)            Missed suser() on axassociate checks
  59  *      AX.25 030       Alan(GW4PTS)            Added variable length headers.
  60  *                      Jonathan(G4KLX)         Added BPQ Ethernet interface.
  61  *                      Steven(GW7RRM)          Added digi-peating control ioctl.
  62  *                                              Added extended AX.25 support.
  63  *                                              Added AX.25 frame segmentation.
  64  *                      Darryl(G7LED)           Changed connect(), recvfrom(), sendto() sockaddr/addrlen to
  65  *                                              fall inline with bind() and new policy.
  66  *                                              Moved digipeating ctl to new ax25_dev structs.
  67  *                                              Fixed ax25_release(), set TCP_CLOSE, wakeup app
  68  *                                              context, THEN make the sock dead.
  69  *                      Alan(GW4PTS)            Cleaned up for single recvmsg methods.
  70  *                      Alan(GW4PTS)            Fixed not clearing error on connect failure.
  71  *      AX.25 031       Jonathan(G4KLX)         Added binding to any device.
  72  *                      Joerg(DL1BKE)           Added DAMA support, fixed (?) digipeating, fixed buffer locking
  73  *                                              for "virtual connect" mode... Result: Probably the
  74  *                                              "Most Buggiest Code You've Ever Seen" (TM)
  75  *
  76  *      To do:
  77  *              Restructure the ax25_rcv code to be cleaner/faster and
  78  *              copy only when needed.
  79  *              Consider better arbitary protocol support.
  80  */
  81  
  82 #include <linux/config.h>
  83 #ifdef CONFIG_AX25
  84 #include <linux/errno.h>
  85 #include <linux/types.h>
  86 #include <linux/socket.h>
  87 #include <linux/in.h>
  88 #include <linux/kernel.h>
  89 #include <linux/sched.h>
  90 #include <linux/timer.h>
  91 #include <linux/string.h>
  92 #include <linux/sockios.h>
  93 #include <linux/net.h>
  94 #include <net/ax25.h>
  95 #include <linux/inet.h>
  96 #include <linux/netdevice.h>
  97 #include <linux/if_arp.h>
  98 #include <linux/skbuff.h>
  99 #include <net/sock.h>
 100 #include <asm/segment.h>
 101 #include <asm/system.h>
 102 #include <linux/fcntl.h>
 103 #include <linux/termios.h>      /* For TIOCINQ/OUTQ */
 104 #include <linux/mm.h>
 105 #include <linux/interrupt.h>
 106 #include <linux/notifier.h>
 107 #include <linux/proc_fs.h>
 108 #include <linux/stat.h>
 109 #include <linux/firewall.h>
 110 
 111 #include <net/ip.h>
 112 #include <net/arp.h>
 113 
 114 /*
 115  *      The null address is defined as a callsign of all spaces with an
 116  *      SSID of zero.
 117  */
 118 ax25_address null_ax25_address = {{0x40,0x40,0x40,0x40,0x40,0x40,0x00}};
 119 
 120 ax25_cb *volatile ax25_list = NULL;
 121 
 122 /*
 123  *      ax25 -> ascii conversion
 124  */
 125 char *ax2asc(ax25_address *a)
     /* [previous][next][first][last][top][bottom][index][help] */
 126 {
 127         static char buf[11];
 128         char c, *s;
 129         int n;
 130 
 131         for (n = 0, s = buf; n < 6; n++)
 132         {
 133                 c = (a->ax25_call[n] >> 1) & 0x7F;
 134 
 135                 if (c != ' ') *s++ = c;
 136         }
 137         
 138         *s++ = '-';
 139 
 140         if ((n = ((a->ax25_call[6] >> 1) & 0x0F)) > 9)
 141         {
 142                 *s++ = '1';
 143                 n -= 10;
 144         }
 145         
 146         *s++ = n + '0';
 147         *s++ = '\0';
 148 
 149         if (*buf == '\0' || *buf == '-')
 150            return "*";
 151 
 152         return buf;
 153 
 154 }
 155 
 156 /*
 157  *      Compare two ax.25 addresses
 158  */
 159 int ax25cmp(ax25_address *a, ax25_address *b)
     /* [previous][next][first][last][top][bottom][index][help] */
 160 {
 161         int ct = 0;
 162 
 163         while (ct < 6) {
 164                 if ((a->ax25_call[ct] & 0xFE) != (b->ax25_call[ct] & 0xFE))     /* Clean off repeater bits */
 165                         return 1;
 166                 ct++;
 167         }
 168 
 169         if ((a->ax25_call[ct] & 0x1E) == (b->ax25_call[ct] & 0x1E))     /* SSID without control bit */
 170                 return 0;
 171 
 172         return 2;                       /* Partial match */
 173 }
 174 
 175 /*
 176  *      Socket removal during an interrupt is now safe.
 177  */
 178 static void ax25_remove_socket(ax25_cb *ax25)
     /* [previous][next][first][last][top][bottom][index][help] */
 179 {
 180         ax25_cb *s;
 181         unsigned long flags;
 182         
 183         save_flags(flags);
 184         cli();
 185 
 186         if ((s = ax25_list) == ax25) {
 187                 ax25_list = s->next;
 188                 restore_flags(flags);
 189                 return;
 190         }
 191 
 192         while (s != NULL && s->next != NULL) {
 193                 if (s->next == ax25) {
 194                         s->next = ax25->next;
 195                         restore_flags(flags);
 196                         return;
 197                 }
 198 
 199                 s = s->next;
 200         }
 201 
 202         restore_flags(flags);
 203 }
 204 
 205 /*
 206  *      Kill all bound sockets on a dropped device.
 207  */
 208 static void ax25_kill_by_device(struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 209 {
 210         ax25_cb *s;
 211         
 212         for (s = ax25_list; s != NULL; s = s->next) {
 213                 if (s->device == dev) {
 214                         s->state  = AX25_STATE_0;
 215                         s->device = NULL;
 216                         if (s->sk != NULL) {
 217                                 s->sk->state = TCP_CLOSE;
 218                                 s->sk->err   = ENETUNREACH;
 219                                 if (!s->sk->dead)
 220                                         s->sk->state_change(s->sk);
 221                                 s->sk->dead  = 1;
 222                         }
 223                 }
 224         }
 225 }
 226 
 227 /*
 228  *      Handle device status changes.
 229  */
 230 static int ax25_device_event(struct notifier_block *this,unsigned long event, void *ptr)
     /* [previous][next][first][last][top][bottom][index][help] */
 231 {
 232         struct device *dev = (struct device *)ptr;
 233 
 234         switch (event) {
 235                 case NETDEV_UP:
 236                         ax25_dev_device_up(dev);
 237                         break;
 238                 case NETDEV_DOWN:
 239                         ax25_kill_by_device(dev);
 240                         ax25_rt_device_down(dev);
 241                         ax25_dev_device_down(dev);
 242                         break;
 243                 default:
 244                         break;
 245         }
 246 
 247         return NOTIFY_DONE;
 248 }
 249 
 250 /*
 251  *      Add a socket to the bound sockets list.
 252  */
 253 static void ax25_insert_socket(ax25_cb *ax25)
     /* [previous][next][first][last][top][bottom][index][help] */
 254 {
 255         unsigned long flags;
 256 
 257         save_flags(flags);
 258         cli();
 259 
 260         ax25->next = ax25_list;
 261         ax25_list  = ax25;
 262 
 263         restore_flags(flags);
 264 }
 265 
 266 /*
 267  *      Find a socket that wants to accept the SABM we have just
 268  *      received.
 269  */
 270 static struct sock *ax25_find_listener(ax25_address *addr, struct device *dev, int type)
     /* [previous][next][first][last][top][bottom][index][help] */
 271 {
 272         unsigned long flags;
 273         ax25_cb *s;
 274 
 275         save_flags(flags);
 276         cli();
 277 
 278         for (s = ax25_list; s != NULL; s = s->next) {
 279                 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && s->sk->type == type && s->sk->state == TCP_LISTEN) {
 280                         /* If device is null we match any device */
 281                         if (s->device == NULL || s->device == dev) {
 282                                 restore_flags(flags);
 283                                 return s->sk;
 284                         }
 285                 }
 286         }
 287 
 288         restore_flags(flags);
 289         return NULL;
 290 }
 291 
 292 /*
 293  *      Find an AX.25 socket given both ends.
 294  */
 295 static struct sock *ax25_find_socket(ax25_address *my_addr, ax25_address *dest_addr, int type)
     /* [previous][next][first][last][top][bottom][index][help] */
 296 {
 297         ax25_cb *s;
 298         unsigned long flags;
 299 
 300         save_flags(flags);
 301         cli();
 302 
 303         for (s = ax25_list; s != NULL; s = s->next) {
 304                 if (s->sk != NULL && ax25cmp(&s->source_addr, my_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->sk->type == type) {
 305                         restore_flags(flags);
 306                         return s->sk;
 307                 }
 308         }
 309 
 310         restore_flags(flags);
 311 
 312         return NULL;
 313 }
 314 
 315 /*
 316  *      Find an AX.25 control block given both ends. It will only pick up
 317  *      floating AX.25 control blocks or non Raw socket bound control blocks.
 318  */
 319 static ax25_cb *ax25_find_cb(ax25_address *my_addr, ax25_address *dest_addr, struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 320 {
 321         ax25_cb *s;
 322         unsigned long flags;
 323 
 324         save_flags(flags);
 325         cli();
 326 
 327         for (s = ax25_list; s != NULL; s = s->next) {
 328                 if (s->sk != NULL && s->sk->type != SOCK_SEQPACKET)
 329                         continue;
 330                 if (ax25cmp(&s->source_addr, my_addr) == 0 && ax25cmp(&s->dest_addr, dest_addr) == 0 && s->device == dev) {
 331                         restore_flags(flags);
 332                         return s;
 333                 }
 334         }
 335 
 336         restore_flags(flags);
 337 
 338         return NULL;
 339 }
 340 
 341 /*
 342  *      Look for any matching address - RAW sockets can bind to arbitary names
 343  */
 344 static struct sock *ax25_addr_match(ax25_address *addr)
     /* [previous][next][first][last][top][bottom][index][help] */
 345 {
 346         unsigned long flags;
 347         ax25_cb *s;
 348 
 349         save_flags(flags);
 350         cli();
 351 
 352         for (s = ax25_list; s != NULL; s = s->next) {
 353                 if (s->sk != NULL && ax25cmp(&s->source_addr, addr) == 0 && s->sk->type == SOCK_RAW) {
 354                         restore_flags(flags);
 355                         return s->sk;
 356                 }
 357         }
 358 
 359         restore_flags(flags);
 360 
 361         return NULL;
 362 }
 363 
 364 static void ax25_send_to_raw(struct sock *sk, struct sk_buff *skb, int proto)
     /* [previous][next][first][last][top][bottom][index][help] */
 365 {
 366         struct sk_buff *copy;
 367         
 368         while (sk != NULL) {
 369                 if (sk->type == SOCK_RAW && sk->protocol == proto && sk->rmem_alloc <= sk->rcvbuf) {
 370                         if ((copy = skb_clone(skb, GFP_ATOMIC)) == NULL)
 371                                 return;
 372 
 373                         copy->sk = sk;
 374                         sk->rmem_alloc += copy->truesize;
 375                         skb_queue_tail(&sk->receive_queue, copy);
 376                         if (!sk->dead)
 377                                 sk->data_ready(sk, skb->len);
 378                 }
 379 
 380                 sk = sk->next;
 381         }
 382 }       
 383 
 384 /*
 385  *      Deferred destroy.
 386  */
 387 void ax25_destory_socket(ax25_cb *);
 388 
 389 /*
 390  *      Handler for deferred kills.
 391  */
 392 static void ax25_destroy_timer(unsigned long data)
     /* [previous][next][first][last][top][bottom][index][help] */
 393 {
 394         ax25_destroy_socket((ax25_cb *)data);
 395 }
 396 
 397 /*
 398  *      This is called from user mode and the timers. Thus it protects itself against
 399  *      interrupt users but doesn't worry about being called during work.
 400  *      Once it is removed from the queue no interrupt or bottom half will
 401  *      touch it and we are (fairly 8-) ) safe.
 402  */
 403 void ax25_destroy_socket(ax25_cb *ax25) /* Not static as its used by the timer */
     /* [previous][next][first][last][top][bottom][index][help] */
 404 {
 405         struct sk_buff *skb;
 406         unsigned long flags;
 407         
 408         save_flags(flags);
 409         cli();
 410         
 411         del_timer(&ax25->timer);
 412         
 413         ax25_remove_socket(ax25);
 414         ax25_clear_queues(ax25);        /* Flush the queues */
 415         
 416         if (ax25->sk != NULL) {
 417                 while ((skb = skb_dequeue(&ax25->sk->receive_queue)) != NULL) {
 418                         if (skb->sk != ax25->sk) {                      /* A pending connection */
 419                                 skb->sk->dead = 1;      /* Queue the unaccepted socket for death */
 420                                 ax25_set_timer(skb->sk->ax25);
 421                                 skb->sk->ax25->state = AX25_STATE_0;
 422                         }
 423 
 424                         kfree_skb(skb, FREE_READ);
 425                 }
 426         }
 427         
 428         if (ax25->sk != NULL) {
 429                 if (ax25->sk->wmem_alloc || ax25->sk->rmem_alloc) { /* Defer: outstanding buffers */
 430                         init_timer(&ax25->timer);
 431                         ax25->timer.expires  = jiffies + 10 * HZ;
 432                         ax25->timer.function = ax25_destroy_timer;
 433                         ax25->timer.data     = (unsigned long)ax25;
 434                         add_timer(&ax25->timer);
 435                 } else {
 436                         if (ax25->digipeat != NULL) {
 437                                 kfree_s(ax25->digipeat, sizeof(ax25_digi));
 438                                 ax25->digipeat = NULL;
 439                         }
 440                 
 441                         kfree_s(ax25->sk, sizeof(*ax25->sk));
 442                         kfree_s(ax25, sizeof(*ax25));
 443                 }
 444         } else {
 445                 if (ax25->digipeat != NULL) {
 446                         kfree_s(ax25->digipeat, sizeof(ax25_digi));
 447                         ax25->digipeat = NULL;
 448                 }       
 449                 kfree_s(ax25, sizeof(*ax25));
 450         }
 451 
 452         restore_flags(flags);
 453 }
 454 
 455 /*
 456  *      Callsign/UID mapper. This is in kernel space for security on multi-amateur machines.
 457  */
 458 
 459 ax25_uid_assoc *ax25_uid_list;
 460 
 461 int ax25_uid_policy = 0;
 462 
 463 ax25_address *ax25_findbyuid(uid_t uid)
     /* [previous][next][first][last][top][bottom][index][help] */
 464 {
 465         ax25_uid_assoc *a;
 466         
 467         for (a = ax25_uid_list; a != NULL; a = a->next) {
 468                 if (a->uid == uid)
 469                         return &a->call;
 470         }
 471 
 472         return NULL;
 473 }
 474 
 475 static int ax25_uid_ioctl(int cmd, struct sockaddr_ax25 *sax)
     /* [previous][next][first][last][top][bottom][index][help] */
 476 {
 477         ax25_uid_assoc *a;
 478         
 479         switch (cmd) {
 480                 case SIOCAX25GETUID:
 481                         for (a = ax25_uid_list; a != NULL; a = a->next) {
 482                                 if (ax25cmp(&sax->sax25_call, &a->call) == 0)
 483                                         return a->uid;
 484                         }
 485                         return -ENOENT;
 486                 case SIOCAX25ADDUID:
 487                         if(!suser())
 488                                 return -EPERM;
 489                         if (ax25_findbyuid(sax->sax25_uid))
 490                                 return -EEXIST;
 491                         a = (ax25_uid_assoc *)kmalloc(sizeof(*a), GFP_KERNEL);
 492                         if (a == NULL)
 493                                 return -ENOMEM;
 494                         a->uid  = sax->sax25_uid;
 495                         a->call = sax->sax25_call;
 496                         a->next = ax25_uid_list;
 497                         ax25_uid_list = a;
 498                         return 0;
 499                 case SIOCAX25DELUID:
 500                 {
 501                         ax25_uid_assoc **l;
 502                         
 503                         if(!suser())
 504                                 return -EPERM;
 505                         l = &ax25_uid_list;
 506                         while ((*l) != NULL) {
 507                                 if (ax25cmp(&((*l)->call), &(sax->sax25_call)) == 0) {
 508                                         a = *l;
 509                                         *l = (*l)->next;
 510                                         kfree_s(a, sizeof(*a));
 511                                         return 0;
 512                                 }
 513                                 
 514                                 l = &((*l)->next);
 515                         }
 516                         return -ENOENT;
 517                 }
 518         }
 519 
 520         return -EINVAL; /*NOTREACHED */
 521 }       
 522 
 523 /*
 524  * Create an empty AX.25 control block.
 525  */
 526 static ax25_cb *ax25_create_cb(void)
     /* [previous][next][first][last][top][bottom][index][help] */
 527 {
 528         ax25_cb *ax25;
 529 
 530         if ((ax25 = (ax25_cb *)kmalloc(sizeof(*ax25), GFP_ATOMIC)) == NULL)
 531                 return NULL;
 532 
 533         skb_queue_head_init(&ax25->write_queue);
 534         skb_queue_head_init(&ax25->frag_queue);
 535         skb_queue_head_init(&ax25->ack_queue);
 536         skb_queue_head_init(&ax25->reseq_queue);
 537 
 538         init_timer(&ax25->timer);
 539 
 540         ax25->dama_slave = 0;   /* dl1bke 951121 */
 541 
 542         ax25->rtt     = (AX25_DEF_T1 * PR_SLOWHZ) / 2;
 543         ax25->t1      = AX25_DEF_T1 * PR_SLOWHZ;
 544         ax25->t2      = AX25_DEF_T2 * PR_SLOWHZ;
 545         ax25->t3      = AX25_DEF_T3 * PR_SLOWHZ;
 546         ax25->n2      = AX25_DEF_N2;
 547 
 548         ax25->modulus   = AX25_DEF_AXDEFMODE;
 549         ax25->fragno    = 0;
 550         ax25->fraglen   = 0;
 551         ax25->hdrincl   = 0;
 552         ax25->backoff   = AX25_DEF_BACKOFF == 'E';
 553         ax25->condition = 0x00;
 554         ax25->t1timer   = 0;
 555         ax25->t2timer   = 0;
 556         ax25->t3timer   = 0;
 557         ax25->n2count   = 0;
 558 
 559         ax25->va      = 0;
 560         ax25->vr      = 0;
 561         ax25->vs      = 0;
 562 
 563         if (AX25_DEF_AXDEFMODE == EMODULUS) {
 564                 ax25->window = AX25_DEF_EWINDOW;
 565         } else {
 566                 ax25->window = AX25_DEF_WINDOW;
 567         }
 568         ax25->device   = NULL;
 569         ax25->digipeat = NULL;
 570         ax25->sk       = NULL;
 571 
 572         ax25->state    = AX25_STATE_0;
 573 
 574         memset(&ax25->dest_addr,   '\0', sizeof(ax25_address));
 575         memset(&ax25->source_addr, '\0', sizeof(ax25_address));
 576 
 577         return ax25;
 578 }
 579 
 580 /*
 581  *      Find out if we are a DAMA slave for this device and count the
 582  *      number of connections.
 583  *
 584  *      dl1bke 951121
 585  */
 586  
 587 int ax25_dev_is_dama_slave(struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 588 {
 589         ax25_cb * ax25;
 590         int count = 0;
 591         
 592         for (ax25=ax25_list; ax25 ; ax25 = ax25->next)
 593                 if ( (ax25->device == dev) && ax25->dama_slave )
 594                 {
 595                         count++;
 596                         break;
 597                 }
 598                 
 599         return count;
 600 }
 601 
 602 /*
 603  *      Fill in a created AX.25 created control block with the default
 604  *      values for a particular device.
 605  */
 606 static void ax25_fillin_cb(ax25_cb *ax25, struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 607 {
 608         ax25->device = dev;
 609 
 610         ax25->rtt = ax25_dev_get_value(dev, AX25_VALUES_T1);
 611         ax25->t1  = ax25_dev_get_value(dev, AX25_VALUES_T1);
 612         ax25->t2  = ax25_dev_get_value(dev, AX25_VALUES_T2);
 613         ax25->t3  = ax25_dev_get_value(dev, AX25_VALUES_T3);
 614         ax25->n2  = ax25_dev_get_value(dev, AX25_VALUES_N2);
 615 
 616         ax25->dama_slave = 0;
 617 
 618         ax25->modulus = ax25_dev_get_value(dev, AX25_VALUES_AXDEFMODE);
 619 
 620         if (ax25->modulus == MODULUS) {
 621                 ax25->window = ax25_dev_get_value(dev, AX25_VALUES_WINDOW);
 622         } else {
 623                 ax25->window = ax25_dev_get_value(dev, AX25_VALUES_EWINDOW);
 624         }
 625 
 626         ax25->backoff = ax25_dev_get_value(dev, AX25_VALUES_BACKOFF) == 'E';
 627 }
 628 
 629 int ax25_send_frame(struct sk_buff *skb, ax25_address *src, ax25_address *dest,
     /* [previous][next][first][last][top][bottom][index][help] */
 630         ax25_digi *digi, struct device *dev)
 631 {
 632         ax25_cb *ax25;
 633 
 634         if (skb == NULL)
 635                 return 0;
 636 
 637         /*
 638          * Look for an existing connection.
 639          */
 640         for (ax25 = ax25_list; ax25 != NULL; ax25 = ax25->next) {
 641                 if (ax25->sk != NULL && ax25->sk->type != SOCK_SEQPACKET)
 642                         continue;
 643 
 644                 if (ax25cmp(&ax25->source_addr, src) == 0 && ax25cmp(&ax25->dest_addr, dest) == 0 && ax25->device == dev) {
 645                         ax25_output(ax25, skb);
 646                         return 1;               /* It already existed */
 647                 }
 648         }
 649 
 650         if ((ax25 = ax25_create_cb()) == NULL)
 651                 return 0;
 652 
 653         ax25_fillin_cb(ax25, dev);
 654 
 655         memcpy(&ax25->source_addr, src,  sizeof(ax25_address));
 656         memcpy(&ax25->dest_addr,   dest, sizeof(ax25_address));
 657 
 658         if (digi != NULL) {
 659                 if ((ax25->digipeat = kmalloc(sizeof(ax25_digi), GFP_ATOMIC)) == NULL) {
 660                         kfree_s(ax25, sizeof(ax25));
 661                         return 0;
 662                 }
 663                 memcpy(ax25->digipeat, digi, sizeof(ax25_digi));
 664         } else {
 665                 ax25_rt_build_path(ax25, dest);
 666         }
 667 
 668         if (ax25_dev_is_dama_slave(ax25->device))       /* dl1bke 960116 */
 669                 dama_establish_data_link(ax25);
 670         else
 671         ax25_establish_data_link(ax25);
 672                 
 673         ax25_insert_socket(ax25);
 674 
 675         ax25->state = AX25_STATE_1;
 676 
 677         ax25_set_timer(ax25);
 678 
 679         ax25_output(ax25, skb);
 680                         
 681         return 1;                       /* We had to create it */       
 682 }
 683 
 684 /*
 685  *      Find the AX.25 device that matches the hardware address supplied.
 686  */
 687 struct device *ax25rtr_get_dev(ax25_address *addr)
     /* [previous][next][first][last][top][bottom][index][help] */
 688 {
 689         struct device *dev;
 690         
 691         for (dev = dev_base; dev != NULL; dev = dev->next) {
 692                 if (dev->flags & IFF_UP) {
 693                         switch (dev->type) {
 694                                 case ARPHRD_AX25: /* Active kiss ax25 mode */ 
 695                                         if (ax25cmp(addr, (ax25_address *)dev->dev_addr) == 0)
 696                                                 return dev;
 697                                         break;
 698 #ifdef CONFIG_BPQETHER
 699                                 case ARPHRD_ETHER: {
 700                                                 ax25_address *dev_addr;
 701 
 702                                                 if ((dev_addr = ax25_bpq_get_addr(dev)) != NULL)
 703                                                         if (ax25cmp(addr, dev_addr) == 0)
 704                                                                 return dev;
 705                                         }
 706                                         break;
 707 #endif
 708                                 default:
 709                                         break;
 710                         }
 711                 }
 712         }
 713 
 714         return NULL;
 715 }
 716 
 717 /*
 718  *      Handling for system calls applied via the various interfaces to an
 719  *      AX25 socket object
 720  */
 721  
 722 static int ax25_fcntl(struct socket *sock, unsigned int cmd, unsigned long arg)
     /* [previous][next][first][last][top][bottom][index][help] */
 723 {
 724         return -EINVAL;
 725 }
 726 
 727 static int ax25_setsockopt(struct socket *sock, int level, int optname,
     /* [previous][next][first][last][top][bottom][index][help] */
 728         char *optval, int optlen)
 729 {
 730         struct sock *sk;
 731         int err, opt;
 732 
 733         sk = (struct sock *)sock->data;
 734         
 735         if (level == SOL_SOCKET)
 736                 return sock_setsockopt(sk, level, optname, optval, optlen);
 737 
 738         if (level != SOL_AX25)
 739                 return -EOPNOTSUPP;
 740 
 741         if (optval == NULL)
 742                 return -EINVAL;
 743 
 744         if ((err = verify_area(VERIFY_READ, optval, sizeof(int))) != 0)
 745                 return err;
 746 
 747         opt = get_fs_long((unsigned long *)optval);
 748 
 749         switch (optname) {
 750                 case AX25_WINDOW:
 751                         if (sk->ax25->modulus == MODULUS) {
 752                                 if (opt < 1 || opt > 7)
 753                                         return -EINVAL;
 754                         } else {
 755                                 if (opt < 1 || opt > 63)
 756                                         return -EINVAL;
 757                         }
 758                         sk->ax25->window = opt;
 759                         return 0;
 760 
 761                 case AX25_T1:
 762                         if (opt < 1)
 763                                 return -EINVAL;
 764                         sk->ax25->rtt = (opt * PR_SLOWHZ) / 2;
 765                         return 0;
 766 
 767                 case AX25_T2:
 768                         if (opt < 1)
 769                                 return -EINVAL;
 770                         sk->ax25->t2 = opt * PR_SLOWHZ;
 771                         return 0;
 772 
 773                 case AX25_N2:
 774                         if (opt < 1 || opt > 31)
 775                                 return -EINVAL;
 776                         sk->ax25->n2 = opt;
 777                         return 0;
 778 
 779                 case AX25_T3:
 780                         if (opt < 1)
 781                                 return -EINVAL;
 782                         sk->ax25->t3 = opt * PR_SLOWHZ;
 783                         return 0;
 784 
 785                 case AX25_BACKOFF:
 786                         sk->ax25->backoff = opt ? 1 : 0;
 787                         return 0;
 788 
 789                 case AX25_EXTSEQ:
 790                         sk->ax25->modulus = opt ? EMODULUS : MODULUS;
 791                         return 0;
 792 
 793                 case AX25_HDRINCL:
 794                         sk->ax25->hdrincl = opt ? 1 : 0;
 795                         return 0;
 796 
 797                 default:
 798                         return -ENOPROTOOPT;
 799         }
 800 }
 801 
 802 static int ax25_getsockopt(struct socket *sock, int level, int optname,
     /* [previous][next][first][last][top][bottom][index][help] */
 803         char *optval, int *optlen)
 804 {
 805         struct sock *sk;
 806         int val = 0;
 807         int err; 
 808 
 809         sk = (struct sock *)sock->data;
 810         
 811         if (level == SOL_SOCKET)
 812                 return sock_getsockopt(sk, level, optname, optval, optlen);
 813         
 814         if (level != SOL_AX25)
 815                 return -EOPNOTSUPP;
 816 
 817         switch (optname) {
 818                 case AX25_WINDOW:
 819                         val = sk->ax25->window;
 820                         break;
 821 
 822                 case AX25_T1:
 823                         val = (sk->ax25->t1 * 2) / PR_SLOWHZ;
 824                         break;
 825 
 826                 case AX25_T2:
 827                         val = sk->ax25->t2 / PR_SLOWHZ;
 828                         break;
 829 
 830                 case AX25_N2:
 831                         val = sk->ax25->n2;
 832                         break;
 833 
 834                 case AX25_T3:
 835                         val = sk->ax25->t3 / PR_SLOWHZ;
 836                         break;
 837 
 838                 case AX25_BACKOFF:
 839                         val = sk->ax25->backoff;
 840                         break;
 841 
 842                 case AX25_EXTSEQ:
 843                         val = (sk->ax25->modulus == EMODULUS);
 844                         break;
 845 
 846                 case AX25_HDRINCL:
 847                         val = sk->ax25->hdrincl;
 848                         break;
 849 
 850                 default:
 851                         return -ENOPROTOOPT;
 852         }
 853 
 854         if ((err = verify_area(VERIFY_WRITE, optlen, sizeof(int))) != 0)
 855                 return err;
 856 
 857         put_user(sizeof(int), optlen);
 858 
 859         if ((err = verify_area(VERIFY_WRITE, optval, sizeof(int))) != 0)
 860                 return err;
 861 
 862         put_user(val, optval);
 863 
 864         return 0;
 865 }
 866 
 867 static int ax25_listen(struct socket *sock, int backlog)
     /* [previous][next][first][last][top][bottom][index][help] */
 868 {
 869         struct sock *sk = (struct sock *)sock->data;
 870 
 871         if (sk->type == SOCK_SEQPACKET && sk->state != TCP_LISTEN) {
 872                 sk->max_ack_backlog = backlog;
 873                 sk->state           = TCP_LISTEN;
 874                 return 0;
 875         }
 876 
 877         return -EOPNOTSUPP;
 878 }
 879 
 880 static void def_callback1(struct sock *sk)
     /* [previous][next][first][last][top][bottom][index][help] */
 881 {
 882         if (!sk->dead)
 883                 wake_up_interruptible(sk->sleep);
 884 }
 885 
 886 static void def_callback2(struct sock *sk, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 887 {
 888         if (!sk->dead)
 889                 wake_up_interruptible(sk->sleep);
 890 }
 891 
 892 static int ax25_create(struct socket *sock, int protocol)
     /* [previous][next][first][last][top][bottom][index][help] */
 893 {
 894         struct sock *sk;
 895         ax25_cb *ax25;
 896 
 897         switch (sock->type) {
 898                 case SOCK_DGRAM:
 899                         if (protocol == 0 || protocol == AF_AX25)
 900                                 protocol = AX25_P_TEXT;
 901                         break;
 902                 case SOCK_SEQPACKET:
 903                         switch (protocol) {
 904                                 case 0:
 905                                 case AF_AX25:   /* For CLX */
 906                                         protocol = AX25_P_TEXT;
 907                                         break;
 908                                 case AX25_P_SEGMENT:
 909 #ifdef CONFIG_INET
 910                                 case AX25_P_ARP:
 911                                 case AX25_P_IP:
 912 #endif
 913 #ifdef CONFIG_NETROM
 914                                 case AX25_P_NETROM:
 915 #endif
 916                                         return -ESOCKTNOSUPPORT;
 917                                 default:
 918                                         break;
 919                         }
 920                         break;
 921                 case SOCK_RAW:
 922                         break;
 923                 default:
 924                         return -ESOCKTNOSUPPORT;
 925         }
 926 
 927         if ((sk = (struct sock *)kmalloc(sizeof(*sk), GFP_ATOMIC)) == NULL)
 928                 return -ENOMEM;
 929 
 930         if ((ax25 = ax25_create_cb()) == NULL) {
 931                 kfree_s(sk, sizeof(*sk));
 932                 return -ENOMEM;
 933         }
 934 
 935         skb_queue_head_init(&sk->receive_queue);
 936         skb_queue_head_init(&sk->write_queue);
 937         skb_queue_head_init(&sk->back_log);
 938 
 939         sk->socket        = sock;
 940         sk->type          = sock->type;
 941         sk->protocol      = protocol;
 942         sk->dead          = 0;
 943         sk->next          = NULL;
 944         sk->broadcast     = 0;
 945         sk->allocation    = GFP_KERNEL;
 946         sk->rcvbuf        = SK_RMEM_MAX;
 947         sk->sndbuf        = SK_WMEM_MAX;
 948         sk->wmem_alloc    = 0;
 949         sk->rmem_alloc    = 0;
 950         sk->users         = 0;
 951         sk->debug         = 0;
 952         sk->destroy       = 0;
 953         sk->prot          = NULL;       /* So we use default free mechanisms */
 954         sk->err           = 0;
 955         sk->localroute    = 0;
 956         sk->send_head     = NULL;
 957         sk->state         = TCP_CLOSE;
 958         sk->shutdown      = 0;
 959         sk->priority      = SOPRI_NORMAL;
 960         sk->ack_backlog   = 0;
 961         sk->mtu           = AX25_MTU;   /* 256 */
 962         sk->zapped        = 1;
 963 
 964         sk->state_change = def_callback1;
 965         sk->data_ready   = def_callback2;
 966         sk->write_space  = def_callback1;
 967         sk->error_report = def_callback1;
 968 
 969         if (sock != NULL) {
 970                 sock->data = (void *)sk;
 971                 sk->sleep  = sock->wait;
 972         }
 973 
 974         ax25->sk = sk;
 975         sk->ax25 = ax25;
 976         
 977         return 0;
 978 }
 979 
 980 static struct sock *ax25_make_new(struct sock *osk, struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 981 {
 982         struct sock *sk;
 983         ax25_cb *ax25;
 984 
 985         if ((sk = (struct sock *)kmalloc(sizeof(*sk), GFP_ATOMIC)) == NULL)
 986                 return NULL;
 987 
 988         if ((ax25 = ax25_create_cb()) == NULL) {
 989                 kfree_s(sk, sizeof(*sk));
 990                 return NULL;
 991         }
 992 
 993         ax25_fillin_cb(ax25, dev);
 994 
 995         sk->type   = osk->type;
 996         sk->socket = osk->socket;
 997 
 998         switch(osk->type)
 999         {
1000                 case SOCK_DGRAM:
1001                         break;
1002                 case SOCK_SEQPACKET:
1003                         break;
1004                 default:
1005                         kfree_s((void *)sk, sizeof(*sk));
1006                         kfree_s((void *)ax25, sizeof(*ax25));
1007                         return NULL;
1008         }
1009 
1010         skb_queue_head_init(&sk->receive_queue);
1011         skb_queue_head_init(&sk->write_queue);
1012         skb_queue_head_init(&sk->back_log);
1013 
1014         sk->dead        = 0;
1015         sk->next        = NULL;
1016         sk->priority    = osk->priority;
1017         sk->broadcast   = 0;
1018         sk->protocol    = osk->protocol;
1019         sk->rcvbuf      = osk->rcvbuf;
1020         sk->sndbuf      = osk->sndbuf;
1021         sk->wmem_alloc  = 0;
1022         sk->rmem_alloc  = 0;
1023         sk->users       = 0;
1024         sk->ack_backlog = 0;
1025         sk->destroy     = 0;
1026         sk->prot        = NULL; /* So we use default free mechanisms */
1027         sk->err         = 0;
1028         sk->localroute  = 0;
1029         sk->send_head   = NULL;
1030         sk->debug       = osk->debug;
1031         sk->state       = TCP_ESTABLISHED;
1032         sk->window      = osk->window;
1033         sk->shutdown    = 0;
1034         sk->mtu         = osk->mtu;
1035         sk->sleep       = osk->sleep;
1036         sk->zapped      = osk->zapped;
1037 
1038         sk->state_change = def_callback1;
1039         sk->data_ready   = def_callback2;
1040         sk->write_space  = def_callback1;
1041         sk->error_report = def_callback1;
1042 
1043         ax25->modulus = osk->ax25->modulus;
1044         ax25->backoff = osk->ax25->backoff;
1045         ax25->hdrincl = osk->ax25->hdrincl;
1046         ax25->rtt     = osk->ax25->rtt;
1047         ax25->t1      = osk->ax25->t1;
1048         ax25->t2      = osk->ax25->t2;
1049         ax25->t3      = osk->ax25->t3;
1050         ax25->n2      = osk->ax25->n2;
1051 
1052         ax25->window  = osk->ax25->window;
1053 
1054         memcpy(&ax25->source_addr, &osk->ax25->source_addr, sizeof(ax25_address));
1055         
1056         if (osk->ax25->digipeat != NULL) {
1057                 if ((ax25->digipeat = (ax25_digi *)kmalloc(sizeof(ax25_digi), GFP_ATOMIC)) == NULL) {
1058                         kfree_s(sk, sizeof(*sk));
1059                         kfree_s(ax25, sizeof(*ax25));
1060                         return NULL;
1061                 }
1062                 
1063                 /* dl1bke 960119: we have to copy the old digipeater list! */
1064                 memcpy(ax25->digipeat, osk->ax25->digipeat, sizeof(ax25_digi));
1065         }
1066 
1067         sk->ax25 = ax25;
1068         ax25->sk = sk;
1069 
1070         return sk;
1071 }
1072 
1073 static int ax25_dup(struct socket *newsock, struct socket *oldsock)
     /* [previous][next][first][last][top][bottom][index][help] */
1074 {
1075         struct sock *sk = (struct sock *)oldsock->data;
1076 
1077         return ax25_create(newsock, sk->protocol);
1078 }
1079 
1080 static int ax25_release(struct socket *sock, struct socket *peer)
     /* [previous][next][first][last][top][bottom][index][help] */
1081 {
1082         struct sock *sk = (struct sock *)sock->data;
1083 
1084         if (sk == NULL) return 0;
1085 
1086         if (sk->type == SOCK_SEQPACKET) {
1087                 switch (sk->ax25->state) {
1088                         case AX25_STATE_0:
1089                                 sk->state       = TCP_CLOSE;
1090                                 sk->state_change(sk);
1091                                 sk->dead        = 1;
1092                                 ax25_destroy_socket(sk->ax25);
1093                                 break;
1094 
1095                         case AX25_STATE_1:
1096                                 ax25_send_control(sk->ax25, DISC, POLLON, C_COMMAND);
1097                                 sk->ax25->state = AX25_STATE_0;
1098                                 sk->state       = TCP_CLOSE;
1099                                 sk->state_change(sk);
1100                                 sk->dead        = 1;
1101                                 ax25_destroy_socket(sk->ax25);
1102                                 break;
1103 
1104                         case AX25_STATE_2:
1105                                 if (sk->ax25->dama_slave)
1106                                         ax25_send_control(sk->ax25, DISC, POLLON, C_COMMAND);
1107                                 else
1108                                 ax25_send_control(sk->ax25, DM, POLLON, C_RESPONSE);
1109                                 sk->ax25->state = AX25_STATE_0;
1110                                 sk->state       = TCP_CLOSE;
1111                                 sk->state_change(sk);
1112                                 sk->dead        = 1;
1113                                 ax25_destroy_socket(sk->ax25);
1114                                 break;                  
1115 
1116                         case AX25_STATE_3:
1117                         case AX25_STATE_4:
1118                                 ax25_clear_queues(sk->ax25);
1119                                 sk->ax25->n2count = 0;
1120                                 if (!sk->ax25->dama_slave)
1121                                 ax25_send_control(sk->ax25, DISC, POLLON, C_COMMAND);
1122                                 sk->ax25->t3timer = 0;
1123                                 sk->ax25->t1timer = sk->ax25->t1 = ax25_calculate_t1(sk->ax25);
1124                                 sk->ax25->state   = AX25_STATE_2;
1125                                 sk->state         = TCP_CLOSE;
1126                                 sk->state_change(sk);
1127                                 sk->dead          = 1;
1128                                 sk->destroy       = 1;
1129                                 break;
1130 
1131                         default:
1132                                 break;
1133                 }
1134         } else {
1135                 sk->state       = TCP_CLOSE;
1136                 sk->state_change(sk);
1137                 sk->dead = 1;
1138                 ax25_destroy_socket(sk->ax25);
1139         }
1140 
1141         sock->data = NULL;      
1142         sk->socket = NULL;      /* Not used, but we should do this. **/
1143 
1144         return 0;
1145 }
1146 
1147 /*
1148  *      We support a funny extension here so you can (as root) give any callsign
1149  *      digipeated via a local address as source. This is a hack until we add
1150  *      BSD 4.4 ADDIFADDR type support. It is however small and trivially backward
1151  *      compatible 8)
1152  */
1153 static int ax25_bind(struct socket *sock, struct sockaddr *uaddr,int addr_len)
     /* [previous][next][first][last][top][bottom][index][help] */
1154 {
1155         struct sock *sk;
1156         struct full_sockaddr_ax25 *addr = (struct full_sockaddr_ax25 *)uaddr;
1157         struct device *dev;
1158         ax25_address *call;
1159         
1160         sk = (struct sock *)sock->data;
1161         
1162         if (sk->zapped == 0)
1163                 return -EIO;
1164                 
1165         if (addr_len != sizeof(struct sockaddr_ax25) && addr_len != sizeof(struct full_sockaddr_ax25))
1166                 return -EINVAL;
1167 
1168         call = ax25_findbyuid(current->euid);
1169         if (call == NULL && ax25_uid_policy && !suser())
1170                 return -EPERM;
1171                 
1172         if (call == NULL)
1173                 memcpy(&sk->ax25->source_addr, &addr->fsa_ax25.sax25_call, sizeof(ax25_address));
1174         else
1175                 memcpy(&sk->ax25->source_addr, call, sizeof(ax25_address));
1176 
1177         if (sk->debug)
1178                 printk("AX25: source address set to %s\n", ax2asc(&sk->ax25->source_addr));
1179 
1180         if (addr_len == sizeof(struct full_sockaddr_ax25) && addr->fsa_ax25.sax25_ndigis == 1) {
1181                 if (ax25cmp(&addr->fsa_digipeater[0], &null_ax25_address) == 0) {
1182                         dev = NULL;
1183                         if (sk->debug)
1184                                 printk("AX25: bound to any device\n");
1185                 } else {
1186                         if ((dev = ax25rtr_get_dev(&addr->fsa_digipeater[0])) == NULL) {
1187                                 if (sk->debug)
1188                                         printk("AX25: bind failed - no device\n");
1189                                 return -EADDRNOTAVAIL;
1190                         }
1191                         if (sk->debug)
1192                                 printk("AX25: bound to device %s\n", dev->name);
1193                 }
1194         } else {
1195                 if ((dev = ax25rtr_get_dev(&addr->fsa_ax25.sax25_call)) == NULL) {
1196                         if (sk->debug)
1197                                 printk("AX25: bind failed - no device\n");
1198                         return -EADDRNOTAVAIL;
1199                 }
1200                 if (sk->debug)
1201                         printk("AX25: bound to device %s\n", dev->name);
1202         }
1203 
1204         ax25_fillin_cb(sk->ax25, dev);
1205         ax25_insert_socket(sk->ax25);
1206 
1207         sk->zapped = 0;
1208 
1209         if (sk->debug)
1210                 printk("AX25: socket is bound\n");
1211 
1212         return 0;
1213 }
1214 
1215 static int ax25_connect(struct socket *sock, struct sockaddr *uaddr,
     /* [previous][next][first][last][top][bottom][index][help] */
1216         int addr_len, int flags)
1217 {
1218         struct sock *sk = (struct sock *)sock->data;
1219         struct sockaddr_ax25 *addr = (struct sockaddr_ax25 *)uaddr;
1220         int err;
1221         
1222         if (sk->state == TCP_ESTABLISHED && sock->state == SS_CONNECTING) {
1223                 sock->state = SS_CONNECTED;
1224                 return 0;       /* Connect completed during a ERESTARTSYS event */
1225         }
1226         
1227         if (sk->state == TCP_CLOSE && sock->state == SS_CONNECTING) {
1228                 sock->state = SS_UNCONNECTED;
1229                 return -ECONNREFUSED;
1230         }
1231         
1232         if (sk->state == TCP_ESTABLISHED && sk->type == SOCK_SEQPACKET)
1233                 return -EISCONN;        /* No reconnect on a seqpacket socket */
1234                 
1235         sk->state   = TCP_CLOSE;        
1236         sock->state = SS_UNCONNECTED;
1237 
1238         if (addr_len != sizeof(struct sockaddr_ax25) && addr_len != sizeof(struct full_sockaddr_ax25))
1239                 return -EINVAL;
1240 
1241         /*
1242          *      Handle digi-peaters to be used.
1243          */
1244         if (addr_len == sizeof(struct full_sockaddr_ax25) && addr->sax25_ndigis != 0) {
1245                 int ct           = 0;
1246                 struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)addr;
1247 
1248                 /* Valid number of digipeaters ? */
1249                 if (addr->sax25_ndigis < 1 || addr->sax25_ndigis > AX25_MAX_DIGIS)
1250                         return -EINVAL;
1251 
1252                 if (sk->ax25->digipeat == NULL) {
1253                         if ((sk->ax25->digipeat = (ax25_digi *)kmalloc(sizeof(ax25_digi), GFP_KERNEL)) == NULL)
1254                                 return -ENOMEM;
1255                 }
1256 
1257                 sk->ax25->digipeat->ndigi = addr->sax25_ndigis;
1258 
1259                 while (ct < addr->sax25_ndigis) {
1260                         sk->ax25->digipeat->repeated[ct] = 0;
1261                         memcpy(&sk->ax25->digipeat->calls[ct], &fsa->fsa_digipeater[ct], sizeof(ax25_address));
1262                         ct++;
1263                 }
1264 
1265                 sk->ax25->digipeat->lastrepeat = 0;
1266         }
1267         else
1268         { /* dl1bke 960117 */
1269                 if (sk->debug)
1270                         printk("building digipeater path\n");
1271                 ax25_rt_build_path(sk->ax25, &addr->sax25_call);
1272         }
1273 
1274         /*
1275          *      Must bind first - autobinding in this may or may not work. If
1276          *      the socket is already bound, check to see if the device has
1277          *      been filled in, error if it hasn't.
1278          */
1279         if (sk->zapped) {
1280                 if ((err = ax25_rt_autobind(sk->ax25, &addr->sax25_call)) < 0)
1281                         return err;
1282                 ax25_fillin_cb(sk->ax25, sk->ax25->device);
1283                 ax25_insert_socket(sk->ax25);
1284         } else {
1285                 if (sk->ax25->device == NULL)
1286                         return -EHOSTUNREACH;
1287         }
1288                 
1289         if (sk->type == SOCK_SEQPACKET && ax25_find_cb(&sk->ax25->source_addr, &addr->sax25_call, sk->ax25->device) != NULL)
1290                 return -EBUSY;                          /* Already such a connection */
1291 
1292         memcpy(&sk->ax25->dest_addr, &addr->sax25_call, sizeof(ax25_address));
1293         
1294         /* First the easy one */
1295         if (sk->type != SOCK_SEQPACKET) {
1296                 sock->state = SS_CONNECTED;
1297                 sk->state   = TCP_ESTABLISHED;
1298                 return 0;
1299         }
1300         
1301         /* Move to connecting socket, ax.25 lapb WAIT_UA.. */   
1302         sock->state        = SS_CONNECTING;
1303         sk->state          = TCP_SYN_SENT;
1304         
1305         if (ax25_dev_is_dama_slave(sk->ax25->device))
1306                 dama_establish_data_link(sk->ax25);
1307         else
1308         ax25_establish_data_link(sk->ax25);
1309                 
1310         sk->ax25->state     = AX25_STATE_1;
1311         ax25_set_timer(sk->ax25);               /* Start going SABM SABM until a UA or a give up and DM */
1312         
1313         /* Now the loop */
1314         if (sk->state != TCP_ESTABLISHED && (flags & O_NONBLOCK))
1315                 return -EINPROGRESS;
1316                 
1317         cli();  /* To avoid races on the sleep */
1318 
1319         /* A DM or timeout will go to closed, a UA will go to ABM */
1320         while (sk->state == TCP_SYN_SENT) {
1321                 interruptible_sleep_on(sk->sleep);
1322                 if (current->signal & ~current->blocked) {
1323                         sti();
1324                         return -ERESTARTSYS;
1325                 }
1326         }
1327 
1328         if (sk->state != TCP_ESTABLISHED) 
1329         {
1330                 /* Not in ABM, not in WAIT_UA -> failed */
1331                 sti();
1332                 sock->state = SS_UNCONNECTED;
1333                 return sock_error(sk);  /* Always set at this point */
1334         }
1335         
1336         sock->state = SS_CONNECTED;
1337 
1338         sti();
1339         
1340         return 0;
1341 }
1342         
1343 static int ax25_socketpair(struct socket *sock1, struct socket *sock2)
     /* [previous][next][first][last][top][bottom][index][help] */
1344 {
1345         return -EOPNOTSUPP;
1346 }
1347 
1348 static int ax25_accept(struct socket *sock, struct socket *newsock, int flags)
     /* [previous][next][first][last][top][bottom][index][help] */
1349 {
1350         struct sock *sk;
1351         struct sock *newsk;
1352         struct sk_buff *skb;
1353 
1354         if (newsock->data)
1355                 kfree_s(newsock->data, sizeof(struct sock));
1356 
1357         newsock->data = NULL;
1358         
1359         sk = (struct sock *)sock->data;
1360 
1361         if (sk->type != SOCK_SEQPACKET)
1362                 return -EOPNOTSUPP;
1363         
1364         if (sk->state != TCP_LISTEN)
1365                 return -EINVAL;
1366                 
1367         /*
1368          *      The write queue this time is holding sockets ready to use
1369          *      hooked into the SABM we saved
1370          */
1371         do {
1372                 cli();
1373                 if ((skb = skb_dequeue(&sk->receive_queue)) == NULL) {
1374                         if (flags & O_NONBLOCK) {
1375                                 sti();
1376                                 return 0;
1377                         }
1378                         interruptible_sleep_on(sk->sleep);
1379                         if (current->signal & ~current->blocked) {
1380                                 sti();
1381                                 return -ERESTARTSYS;
1382                         }
1383                 }
1384         } while (skb == NULL);
1385 
1386         newsk = skb->sk;
1387         newsk->pair = NULL;
1388         sti();
1389 
1390         /* Now attach up the new socket */
1391         skb->sk = NULL;
1392         kfree_skb(skb, FREE_READ);
1393         sk->ack_backlog--;
1394         newsock->data = newsk;
1395 
1396         return 0;
1397 }
1398 
1399 static int ax25_getname(struct socket *sock, struct sockaddr *uaddr,
     /* [previous][next][first][last][top][bottom][index][help] */
1400         int *uaddr_len, int peer)
1401 {
1402         ax25_address *addr;
1403         struct full_sockaddr_ax25 *sax = (struct full_sockaddr_ax25 *)uaddr;
1404         struct sock *sk;
1405         unsigned char ndigi, i;
1406         
1407         sk = (struct sock *)sock->data;
1408         
1409         if (peer != 0) {
1410                 if (sk->state != TCP_ESTABLISHED)
1411                         return -ENOTCONN;
1412                 addr = &sk->ax25->dest_addr;
1413         } else {
1414                 addr = &sk->ax25->source_addr;
1415         }
1416                 
1417         sax->fsa_ax25.sax25_family = AF_AX25;
1418         memcpy(&sax->fsa_ax25.sax25_call, addr, sizeof(ax25_address));
1419         sax->fsa_ax25.sax25_ndigis = 0;
1420         *uaddr_len = sizeof(struct sockaddr_ax25);
1421 
1422         /* This will supply digipeat path on both getpeername() and getsockname() */
1423         if (sk->ax25->digipeat != NULL) {
1424                 ndigi = sk->ax25->digipeat->ndigi;
1425                 sax->fsa_ax25.sax25_ndigis = ndigi;
1426                 *uaddr_len += sizeof(ax25_address) * ndigi;
1427                 for (i = 0; i < ndigi; i++)
1428                         memcpy(&sax->fsa_digipeater[i], &sk->ax25->digipeat->calls[i], sizeof(ax25_address));
1429         }
1430 
1431         return 0;
1432 }
1433  
1434 static int ax25_rcv(struct sk_buff *skb, struct device *dev, ax25_address *dev_addr, struct packet_type *ptype)
     /* [previous][next][first][last][top][bottom][index][help] */
1435 {
1436         struct sock *make;
1437         struct sock *sk;
1438         int type = 0;
1439         ax25_digi dp;
1440         ax25_cb *ax25;
1441         ax25_address src, dest;
1442         struct sock *raw;
1443         int mine = 0;
1444         int dama;
1445 
1446         /*
1447          *      Process the AX.25/LAPB frame.
1448          */
1449          
1450         skb->h.raw = skb->data;
1451         
1452 #ifdef CONFIG_FIREWALL
1453         
1454         if(call_in_firewall(PF_AX25, skb, skb->h.raw)!=FW_ACCEPT)
1455         {
1456                 kfree_skb(skb, FREE_READ);
1457                 return 0;
1458         }
1459 #endif  
1460 
1461         /*
1462          *      Parse the address header.
1463          */
1464          
1465         if (ax25_parse_addr(skb->data, skb->len, &src, &dest, &dp, &type, &dama) == NULL) {
1466                 kfree_skb(skb, FREE_READ);
1467                 return 0;
1468         }
1469 
1470         /*
1471          *      Send the frame to the AX.25 auto-router
1472          */
1473         ax25_rt_rx_frame(&src, dev, &dp);
1474         
1475         /*
1476          *      Ours perhaps ?
1477          */
1478         if (dp.lastrepeat + 1 < dp.ndigi) {             /* Not yet digipeated completely */
1479                 if (ax25cmp(&dp.calls[dp.lastrepeat + 1], dev_addr) == 0) 
1480                 {
1481                         struct device *dev_out = dev;
1482 
1483                         /* We are the digipeater. Mark ourselves as repeated
1484                            and throw the packet back out of the same device */
1485                         dp.lastrepeat++;
1486                         dp.repeated[(int)dp.lastrepeat] = 1;
1487 
1488                         if (ax25_dev_get_value(dev, AX25_VALUES_DIGI) & AX25_DIGI_XBAND) 
1489                         {
1490                                 while (dp.lastrepeat + 1 < dp.ndigi) 
1491                                 {
1492                                         struct device *dev_scan;
1493                                         if ((dev_scan = ax25rtr_get_dev(&dp.calls[dp.lastrepeat + 1])) == NULL)
1494                                                 break;
1495                                         dp.lastrepeat++;
1496                                         dp.repeated[(int)dp.lastrepeat] = 1;
1497                                         dev_out = dev_scan;
1498                                 }
1499                                 if (dev != dev_out && (ax25_dev_get_value(dev_out, AX25_VALUES_DIGI) & AX25_DIGI_XBAND) == 0)
1500                                 {
1501                                         kfree_skb(skb, FREE_READ);
1502                                         return 0;
1503                                 }
1504                         }
1505 
1506                         if (dev == dev_out && (ax25_dev_get_value(dev, AX25_VALUES_DIGI) & AX25_DIGI_INBAND) == 0)
1507                         {
1508                                 kfree_skb(skb, FREE_READ);
1509                                 return 0;       /* Hey, Alan: look what you're doing below! You forgot this return! */
1510                         }
1511 
1512                         build_ax25_addr(skb->data, &src, &dest, &dp, type, MODULUS);
1513 #ifdef CONFIG_FIREWALL
1514                         if(call_fw_firewall(PF_AX25, skb,skb->data)!=FW_ACCEPT)
1515                         {
1516                                 kfree_skb(skb, FREE_READ);
1517                                 return 0;
1518                         }
1519 #endif                                          
1520                         skb->arp = 1;
1521                         ax25_queue_xmit(skb, dev_out, SOPRI_NORMAL);
1522                 } else {
1523                         kfree_skb(skb, FREE_READ);
1524                 }
1525 
1526                 return 0;
1527         }
1528 
1529         /*
1530          *      Pull of the AX.25 headers leaving the CTRL/PID bytes
1531          */
1532         skb_pull(skb, size_ax25_addr(&dp));
1533 
1534         /* For our port addreses ? */
1535         if (ax25cmp(&dest, dev_addr) == 0)
1536                 mine = 1;
1537 
1538 #ifdef CONFIG_NETROM
1539         /* Also match on any NET/ROM callsign */
1540         if (!mine && nr_dev_get(&dest) != NULL)
1541                 mine = 1;
1542 #endif  
1543         
1544         if ((*skb->data & ~0x10) == LAPB_UI) {  /* UI frame - bypass LAPB processing */
1545                 skb->h.raw = skb->data + 2;             /* skip control and pid */
1546 
1547                 if ((raw = ax25_addr_match(&dest)) != NULL)
1548                         ax25_send_to_raw(raw, skb, skb->data[1]);
1549 
1550                 if (!mine && ax25cmp(&dest, (ax25_address *)dev->broadcast) != 0) {
1551                         kfree_skb(skb, FREE_READ);
1552                         return 0;
1553                 }
1554 
1555                 /* Now we are pointing at the pid byte */
1556                 switch (skb->data[1]) {
1557 #ifdef CONFIG_INET              
1558                         case AX25_P_IP:
1559                                 skb_pull(skb,2);                /* drop PID/CTRL */
1560                                 ax25_ip_mode_set(&src, dev, 'D');
1561                                 ip_rcv(skb, dev, ptype);        /* Note ptype here is the wrong one, fix me later */
1562                                 break;
1563 
1564                         case AX25_P_ARP:
1565                                 skb_pull(skb,2);
1566                                 arp_rcv(skb, dev, ptype);       /* Note ptype here is wrong... */
1567                                 break;
1568 #endif                          
1569                         case AX25_P_TEXT:
1570                                 /* Now find a suitable dgram socket */
1571                                 if ((sk = ax25_find_socket(&dest, &src, SOCK_DGRAM)) != NULL) {
1572                                         if (sk->rmem_alloc >= sk->rcvbuf) {
1573                                                 kfree_skb(skb, FREE_READ);
1574                                         } else {
1575                                                 /*
1576                                                  *      Remove the control and PID.
1577                                                  */
1578                                                 skb_pull(skb, 2);
1579                                                 skb_queue_tail(&sk->receive_queue, skb);
1580                                                 skb->sk = sk;
1581                                                 sk->rmem_alloc += skb->truesize;
1582                                                 if (!sk->dead)
1583                                                         sk->data_ready(sk, skb->len);
1584                                         }
1585                                 } else {
1586                                         kfree_skb(skb, FREE_READ);
1587                                 }
1588                                 break;  
1589 
1590                         default:
1591                                 kfree_skb(skb, FREE_READ);      /* Will scan SOCK_AX25 RAW sockets */
1592                                 break;
1593                 }
1594 
1595                 return 0;
1596         }
1597 
1598         /*
1599          *      Is connected mode supported on this device ?
1600          *      If not, should we DM the incoming frame (except DMs) or
1601          *      silently ignore them. For now we stay quiet.
1602          */
1603         if (!ax25_dev_get_value(dev, AX25_VALUES_CONMODE)) {
1604                 kfree_skb(skb, FREE_READ);
1605                 return 0;
1606         }
1607         
1608         /* LAPB */
1609         
1610         /* AX.25 state 1-4 */
1611         
1612         if ((ax25 = ax25_find_cb(&dest, &src, dev)) != NULL) {
1613                 /*
1614                  *      Process the frame. If it is queued up internally it returns one otherwise we 
1615                  *      free it immediately. This routine itself wakes the user context layers so we
1616                  *      do no further work
1617                  */
1618                 if (ax25_process_rx_frame(ax25, skb, type, dama) == 0)
1619                         kfree_skb(skb, FREE_READ);
1620 
1621                 return 0;
1622         }
1623 
1624         /* AX.25 state 0 (disconnected) */
1625 
1626         /* a) received not a SABM(E) */
1627         
1628         if ((*skb->data & ~PF) != SABM && (*skb->data & ~PF) != SABME) {
1629                 /*
1630                  *      Never reply to a DM. Also ignore any connects for
1631                  *      addresses that are not our interfaces and not a socket.
1632                  */
1633                 if ((*skb->data & ~PF) != DM && mine)
1634                         ax25_return_dm(dev, &src, &dest, &dp);
1635 
1636                 kfree_skb(skb, FREE_READ);
1637                 return 0;
1638         }
1639 
1640         /* b) received SABM(E) */
1641         
1642         if ((sk = ax25_find_listener(&dest, dev, SOCK_SEQPACKET)) != NULL) {
1643                 if (sk->ack_backlog == sk->max_ack_backlog || (make = ax25_make_new(sk, dev)) == NULL) {
1644                         if (mine)
1645                                 ax25_return_dm(dev, &src, &dest, &dp);
1646 
1647                         kfree_skb(skb, FREE_READ);
1648                         return 0;
1649                 }
1650                 
1651                 ax25 = make->ax25;
1652 
1653                 skb_queue_head(&sk->receive_queue, skb);
1654 
1655                 skb->sk     = make;
1656                 make->state = TCP_ESTABLISHED;
1657                 make->pair  = sk;
1658 
1659                 sk->ack_backlog++;
1660         } else {
1661 #ifdef CONFIG_NETROM
1662                 if (!mine) {
1663                         kfree_skb(skb, FREE_READ);
1664                         return 0;
1665                 }
1666 
1667                 if ((ax25 = ax25_create_cb()) == NULL) {
1668                         ax25_return_dm(dev, &src, &dest, &dp);
1669                         kfree_skb(skb, FREE_READ);
1670                         return 0;
1671                 }
1672 
1673                 ax25_fillin_cb(ax25, dev);
1674 #else
1675                 if (mine)
1676                         ax25_return_dm(dev, &src, &dest, &dp);
1677 
1678                 kfree_skb(skb, FREE_READ);
1679                 return 0;
1680 #endif
1681         }
1682 
1683         memcpy(&ax25->source_addr, &dest, sizeof(ax25_address));
1684         memcpy(&ax25->dest_addr,   &src,  sizeof(ax25_address));
1685 
1686         /*
1687          *      Sort out any digipeated paths.
1688          */
1689         if (dp.ndigi != 0 && ax25->digipeat == NULL && (ax25->digipeat = kmalloc(sizeof(ax25_digi), GFP_ATOMIC)) == NULL) {
1690                 kfree_skb(skb, FREE_READ);
1691                 ax25_destroy_socket(ax25);
1692                 return 0;
1693         }
1694 
1695         if (dp.ndigi == 0) {
1696                 if (ax25->digipeat != NULL) {
1697                         kfree_s(ax25->digipeat, sizeof(ax25_digi));
1698                         ax25->digipeat = NULL;
1699                 }
1700         } else {
1701                 /* Reverse the source SABM's path */
1702                 ax25_digi_invert(&dp, ax25->digipeat);
1703         }
1704 
1705         if ((*skb->data & ~PF) == SABME) {
1706                 ax25->modulus = EMODULUS;
1707                 ax25->window  = ax25_dev_get_value(dev, AX25_VALUES_EWINDOW);
1708         } else {
1709                 ax25->modulus = MODULUS;
1710                 ax25->window  = ax25_dev_get_value(dev, AX25_VALUES_WINDOW);
1711         }
1712 
1713         ax25->device = dev;
1714         
1715         ax25_send_control(ax25, UA, POLLON, C_RESPONSE);
1716 
1717         if (dama) ax25_dama_on(ax25);   /* bke 951121 */
1718 
1719         ax25->dama_slave = dama;
1720         ax25->t3timer = ax25->t3;
1721         ax25->state   = AX25_STATE_3;
1722 
1723         ax25_insert_socket(ax25);
1724 
1725         ax25_set_timer(ax25);
1726 
1727         if (sk != NULL) {
1728                 if (!sk->dead)
1729                         sk->data_ready(sk, skb->len );
1730         } else {
1731                 kfree_skb(skb, FREE_READ);
1732         }
1733 
1734         return 0;
1735 }
1736 
1737 /*
1738  *      Receive an AX.25 frame via a SLIP interface.
1739  */
1740 static int kiss_rcv(struct sk_buff *skb, struct device *dev, struct packet_type *ptype)
     /* [previous][next][first][last][top][bottom][index][help] */
1741 {
1742         skb->sk = NULL;         /* Initially we don't know who its for */
1743 
1744         if ((*skb->data & 0x0F) != 0) {
1745                 kfree_skb(skb, FREE_READ);      /* Not a KISS data frame */
1746                 return 0;
1747         }
1748 
1749         skb_pull(skb, AX25_KISS_HEADER_LEN);    /* Remove the KISS byte */
1750 
1751         return ax25_rcv(skb, dev, (ax25_address *)dev->dev_addr, ptype);
1752 }
1753 
1754 #ifdef CONFIG_BPQETHER
1755 /*
1756  *      Receive an AX.25 frame via an Ethernet interface.
1757  */
1758 static int bpq_rcv(struct sk_buff *skb, struct device *dev, struct packet_type *ptype)
     /* [previous][next][first][last][top][bottom][index][help] */
1759 {
1760         ax25_address *port_call;
1761         int len;
1762 
1763         skb->sk = NULL;         /* Initially we don't know who its for */
1764 
1765         if ((port_call = ax25_bpq_get_addr(dev)) == NULL) {
1766                 kfree_skb(skb, FREE_READ);      /* We have no port callsign */
1767                 return 0;
1768         }
1769 
1770         len = skb->data[0] + skb->data[1] * 256 - 5;
1771 
1772         skb_pull(skb, 2);       /* Remove the length bytes */
1773         skb_trim(skb, len);     /* Set the length of the data */
1774 
1775         return ax25_rcv(skb, dev, port_call, ptype);
1776 }
1777 #endif
1778 
1779 static int ax25_sendmsg(struct socket *sock, struct msghdr *msg, int len, int noblock, int flags)
     /* [previous][next][first][last][top][bottom][index][help] */
1780 {
1781         struct sock *sk = (struct sock *)sock->data;
1782         struct sockaddr_ax25 *usax = (struct sockaddr_ax25 *)msg->msg_name;
1783         int err;
1784         struct sockaddr_ax25 sax;
1785         struct sk_buff *skb;
1786         unsigned char *asmptr;
1787         int size;
1788         ax25_digi *dp;
1789         ax25_digi dtmp;
1790         int lv;
1791         int addr_len=msg->msg_namelen;
1792         
1793         if (sk->err) {
1794                 return sock_error(sk);
1795         }
1796 
1797         if (flags|| msg->msg_accrights)
1798                 return -EINVAL;
1799 
1800         if (sk->zapped)
1801                 return -EADDRNOTAVAIL;
1802                 
1803         if (sk->ax25->device == NULL)
1804                 return -ENETUNREACH;
1805                 
1806         if (usax) {
1807                 if (addr_len != sizeof(struct sockaddr_ax25) && addr_len != sizeof(struct full_sockaddr_ax25))
1808                         return -EINVAL;
1809                 if (usax->sax25_family != AF_AX25)
1810                         return -EINVAL;
1811                 if (addr_len == sizeof(struct full_sockaddr_ax25) && usax->sax25_ndigis != 0) {
1812                         int ct           = 0;
1813                         struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)usax;
1814 
1815                         /* Valid number of digipeaters ? */
1816                         if (usax->sax25_ndigis < 1 || usax->sax25_ndigis > AX25_MAX_DIGIS)
1817                                 return -EINVAL;
1818 
1819                         dtmp.ndigi      = usax->sax25_ndigis;
1820 
1821                         while (ct < usax->sax25_ndigis) {
1822                                 dtmp.repeated[ct] = 0;
1823                                 memcpy(&dtmp.calls[ct], &fsa->fsa_digipeater[ct], sizeof(ax25_address));
1824                                 ct++;
1825                         }
1826 
1827                         dtmp.lastrepeat = 0;
1828                 }
1829 
1830                 memcpy(&sax, usax, sizeof(sax));
1831                 if (sk->type == SOCK_SEQPACKET && memcmp(&sk->ax25->dest_addr, &sax.sax25_call, sizeof(ax25_address)) != 0)
1832                         return -EISCONN;
1833                 if (usax->sax25_ndigis == 0)
1834                 {
1835                         dp = NULL;
1836                 }
1837                 else
1838                         dp = &dtmp;
1839         } else {
1840                 if (sk->state != TCP_ESTABLISHED)
1841                         return -ENOTCONN;
1842                 sax.sax25_family = AF_AX25;
1843                 memcpy(&sax.sax25_call, &sk->ax25->dest_addr, sizeof(ax25_address));
1844                 dp = sk->ax25->digipeat;
1845         }
1846         
1847         if (sk->debug)
1848                 printk("AX.25: sendto: Addresses built.\n");
1849 
1850         /* Build a packet */
1851         if (sk->debug)
1852                 printk("AX.25: sendto: building packet.\n");
1853 
1854         /* Assume the worst case */
1855         size = len + 3 + size_ax25_addr(dp) + AX25_BPQ_HEADER_LEN;
1856 
1857         if ((skb = sock_alloc_send_skb(sk, size, 0, 0, &err)) == NULL)
1858                 return err;
1859 
1860         skb->sk   = sk;
1861         skb->free = 1;
1862         skb->arp  = 1;
1863 
1864         skb_reserve(skb, size - len);
1865 
1866         if (sk->debug)
1867                 printk("AX.25: Appending user data\n");
1868 
1869         /* User data follows immediately after the AX.25 data */
1870         memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
1871 
1872         /* Add the PID, usually AX25_TEXT */
1873         asmptr  = skb_push(skb, 1);
1874         *asmptr = sk->protocol;
1875 
1876         if (sk->debug)
1877                 printk("AX.25: Transmitting buffer\n");
1878 
1879         if (sk->type == SOCK_SEQPACKET) {
1880                 /* Connected mode sockets go via the LAPB machine */
1881                 if (sk->state != TCP_ESTABLISHED) {
1882                         kfree_skb(skb, FREE_WRITE);
1883                         return -ENOTCONN;
1884                 }
1885 
1886                 ax25_output(sk->ax25, skb);     /* Shove it onto the queue and kick */
1887 
1888                 return len;
1889         } else {
1890                 asmptr = skb_push(skb, 1 + size_ax25_addr(dp));
1891 
1892                 if (sk->debug) {
1893                         printk("Building AX.25 Header (dp=%p).\n", dp);
1894                         if (dp != 0)
1895                                 printk("Num digipeaters=%d\n", dp->ndigi);
1896                 }
1897 
1898                 /* Build an AX.25 header */
1899                 asmptr += (lv = build_ax25_addr(asmptr, &sk->ax25->source_addr, &sax.sax25_call, dp, C_COMMAND, MODULUS));
1900 
1901                 if (sk->debug)
1902                         printk("Built header (%d bytes)\n",lv);
1903 
1904                 skb->h.raw = asmptr;
1905         
1906                 if (sk->debug)
1907                         printk("base=%p pos=%p\n", skb->data, asmptr);
1908 
1909                 *asmptr = LAPB_UI;
1910 
1911                 /* Datagram frames go straight out of the door as UI */
1912                 ax25_queue_xmit(skb, sk->ax25->device, SOPRI_NORMAL);
1913 
1914                 return len;
1915         }
1916                 
1917 }
1918 
1919 static int ax25_recvmsg(struct socket *sock, struct msghdr *msg, int size, int noblock, int flags, int *addr_len)
     /* [previous][next][first][last][top][bottom][index][help] */
1920 {
1921         struct sock *sk = (struct sock *)sock->data;
1922         struct sockaddr_ax25 *sax = (struct sockaddr_ax25 *)msg->msg_name;
1923         int copied, length;
1924         struct sk_buff *skb;
1925         int er;
1926         int dama;
1927 
1928         if (sk->err) {
1929                 return sock_error(sk);
1930         }
1931         
1932         if (addr_len != NULL)
1933                 *addr_len = sizeof(*sax);
1934 
1935         /*
1936          *      This works for seqpacket too. The receiver has ordered the
1937          *      queue for us! We do one quick check first though
1938          */
1939         if (sk->type == SOCK_SEQPACKET && sk->state != TCP_ESTABLISHED)
1940                 return -ENOTCONN;
1941 
1942         /* Now we can treat all alike */
1943         if ((skb = skb_recv_datagram(sk, flags, noblock, &er)) == NULL)
1944                 return er;
1945 
1946         if (sk->ax25->hdrincl) {
1947                 length = skb->len + (skb->data - skb->h.raw);
1948         } else {
1949                 if (sk->type == SOCK_SEQPACKET)
1950                         skb_pull(skb, 1);               /* Remove PID */
1951                 length     = skb->len;
1952                 skb->h.raw = skb->data;
1953         }
1954 
1955         copied = (size < length) ? size : length;
1956         skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1957         
1958         if (sax) {
1959                 ax25_digi digi;
1960                 ax25_address dest;
1961 
1962                 if (addr_len == (int *)0)
1963                         return -EINVAL;
1964                 if (*addr_len != sizeof(struct sockaddr_ax25) && *addr_len != sizeof(struct full_sockaddr_ax25))
1965                         return -EINVAL;
1966 
1967                 ax25_parse_addr(skb->data, skb->len, NULL, &dest, &digi, NULL, &dama);
1968 
1969                 sax->sax25_family = AF_AX25;
1970                 /* We set this correctly, even though we may not let the
1971                    application know the digi calls further down (because it
1972                    did NOT ask to know them).  This could get political... **/
1973                 sax->sax25_ndigis = digi.ndigi;
1974                 memcpy(&sax->sax25_call, &dest, sizeof(ax25_address));
1975 
1976                 *addr_len = sizeof(struct sockaddr_ax25);
1977 
1978                 if (*addr_len == sizeof(struct full_sockaddr_ax25) && sax->sax25_ndigis != 0) {
1979                         int ct           = 0;
1980                         struct full_sockaddr_ax25 *fsa = (struct full_sockaddr_ax25 *)sax;
1981 
1982                         while (ct < digi.ndigi) {
1983                                 memcpy(&fsa->fsa_digipeater[ct], &digi.calls[ct], sizeof(ax25_address));
1984                                 ct++;
1985                         }
1986 
1987                         *addr_len = sizeof(struct full_sockaddr_ax25);
1988                 }
1989         }
1990 
1991         skb_free_datagram(sk, skb);
1992 
1993         return copied;
1994 }               
1995 
1996 static int ax25_shutdown(struct socket *sk, int how)
     /* [previous][next][first][last][top][bottom][index][help] */
1997 {
1998         /* FIXME - generate DM and RNR states */
1999         return -EOPNOTSUPP;
2000 }
2001 
2002 static int ax25_select(struct socket *sock , int sel_type, select_table *wait)
     /* [previous][next][first][last][top][bottom][index][help] */
2003 {
2004         struct sock *sk = (struct sock *)sock->data;
2005 
2006         return datagram_select(sk, sel_type, wait);
2007 }
2008 
2009 static int ax25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
     /* [previous][next][first][last][top][bottom][index][help] */
2010 {
2011         struct sock *sk = (struct sock *)sock->data;
2012         int err;
2013         long amount = 0;
2014 
2015         switch (cmd) {
2016                 case TIOCOUTQ:
2017                         if ((err = verify_area(VERIFY_WRITE, (void *)arg, sizeof(unsigned long))) != 0)
2018                                 return err;
2019                         amount = sk->sndbuf - sk->wmem_alloc;
2020                         if (amount < 0)
2021                                 amount = 0;
2022                         put_fs_long(amount, (unsigned long *)arg);
2023                         return 0;
2024 
2025                 case TIOCINQ:
2026                 {
2027                         struct sk_buff *skb;
2028                         /* These two are safe on a single CPU system as only user tasks fiddle here */
2029                         if ((skb = skb_peek(&sk->receive_queue)) != NULL)
2030                                 amount = skb->len;
2031                         if ((err = verify_area(VERIFY_WRITE, (void *)arg, sizeof(unsigned long))) != 0)
2032                                 return err;
2033                         put_fs_long(amount, (unsigned long *)arg);
2034                         return 0;
2035                 }
2036 
2037                 case SIOCGSTAMP:
2038                         if (sk != NULL) {
2039                                 if (sk->stamp.tv_sec==0)
2040                                         return -ENOENT;
2041                                 if ((err = verify_area(VERIFY_WRITE,(void *)arg,sizeof(struct timeval))) != 0)
2042                                         return err;
2043                                 memcpy_tofs((void *)arg, &sk->stamp, sizeof(struct timeval));
2044                                 return 0;
2045                         }
2046                         return -EINVAL;
2047 
2048                 case SIOCAX25ADDUID:    /* Add a uid to the uid/call map table */
2049                 case SIOCAX25DELUID:    /* Delete a uid from the uid/call map table */
2050                 case SIOCAX25GETUID:
2051                 {
2052                         struct sockaddr_ax25 sax25;
2053                         if ((err = verify_area(VERIFY_READ, (void *)arg, sizeof(struct sockaddr_ax25))) != 0)
2054                                 return err;
2055                         memcpy_fromfs(&sax25, (void *)arg, sizeof(sax25));
2056                         return ax25_uid_ioctl(cmd, &sax25);
2057                 }
2058 
2059                 case SIOCAX25NOUID:     /* Set the default policy (default/bar) */
2060                         if ((err = verify_area(VERIFY_READ, (void *)arg, sizeof(unsigned long))) != 0)
2061                                 return err;
2062                         if(!suser())
2063                                 return -EPERM;
2064                         amount = get_fs_long((void *)arg);
2065                         if (amount > AX25_NOUID_BLOCK)
2066                                 return -EINVAL;
2067                         ax25_uid_policy = amount;
2068                         return 0;
2069 
2070 #ifdef CONFIG_BPQETHER
2071                 case SIOCAX25BPQADDR:
2072                         if (!suser())
2073                                 return -EPERM;
2074                         return ax25_bpq_ioctl(cmd, (void *)arg);
2075 #endif
2076 
2077                 case SIOCAX25GETPARMS:
2078                 case SIOCAX25SETPARMS:
2079                         return ax25_dev_ioctl(cmd, (void *)arg);
2080 
2081                 case SIOCADDRT:
2082                 case SIOCDELRT:
2083                         if (!suser())
2084                                 return -EPERM;
2085                         return ax25_rt_ioctl(cmd, (void *)arg);
2086 
2087                 case SIOCGIFADDR:
2088                 case SIOCSIFADDR:
2089                 case SIOCGIFDSTADDR:
2090                 case SIOCSIFDSTADDR:
2091                 case SIOCGIFBRDADDR:
2092                 case SIOCSIFBRDADDR:
2093                 case SIOCGIFNETMASK:
2094                 case SIOCSIFNETMASK:
2095                 case SIOCGIFMETRIC:
2096                 case SIOCSIFMETRIC:
2097                         return -EINVAL;
2098 
2099                 default:
2100                         return(dev_ioctl(cmd, (void *)arg));
2101         }
2102 
2103         /*NOTREACHED*/
2104         return(0);
2105 }
2106 
2107 static int ax25_get_info(char *buffer, char **start, off_t offset, int length, int dummy)
     /* [previous][next][first][last][top][bottom][index][help] */
2108 {
2109         ax25_cb *ax25;
2110         struct device *dev;
2111         const char *devname;
2112         int len = 0;
2113         off_t pos = 0;
2114         off_t begin = 0;
2115   
2116         cli();
2117 
2118         len += sprintf(buffer, "dest_addr src_addr  dev  st  vs  vr  va    t1     t2     t3     n2  rtt wnd Snd-Q Rcv-Q\n");
2119 
2120         for (ax25 = ax25_list; ax25 != NULL; ax25 = ax25->next) {
2121                 if ((dev = ax25->device) == NULL)
2122                         devname = "???";
2123                 else
2124                         devname = dev->name;
2125 
2126                 len += sprintf(buffer + len, "%-9s ",
2127                         ax2asc(&ax25->dest_addr));
2128                 len += sprintf(buffer + len, "%-9s %-4s %2d %3d %3d %3d %3d/%03d %2d/%02d %3d/%03d %2d/%02d %3d %3d",
2129                         ax2asc(&ax25->source_addr), devname,
2130                         ax25->state,
2131                         ax25->vs, ax25->vr, ax25->va,
2132                         ax25->t1timer / PR_SLOWHZ,
2133                         ax25->t1      / PR_SLOWHZ,
2134                         ax25->t2timer / PR_SLOWHZ,
2135                         ax25->t2      / PR_SLOWHZ,
2136                         ax25->t3timer / PR_SLOWHZ,
2137                         ax25->t3      / PR_SLOWHZ,
2138                         ax25->n2count, ax25->n2,
2139                         ax25->rtt     / PR_SLOWHZ,
2140                         ax25->window);
2141 
2142                 if (ax25->sk != NULL) {
2143                         len += sprintf(buffer + len, " %5ld %5ld\n",
2144                                 ax25->sk->wmem_alloc,
2145                                 ax25->sk->rmem_alloc);
2146                 } else {
2147                         len += sprintf(buffer + len, "\n");
2148                 }
2149                 
2150                 pos = begin + len;
2151 
2152                 if (pos < offset) {
2153                         len   = 0;
2154                         begin = pos;
2155                 }
2156                 
2157                 if (pos > offset + length)
2158                         break;
2159         }
2160 
2161         sti();
2162 
2163         *start = buffer + (offset - begin);
2164         len   -= (offset - begin);
2165 
2166         if (len > length) len = length;
2167 
2168         return(len);
2169 } 
2170 
2171 static struct proto_ops ax25_proto_ops = {
2172         AF_AX25,
2173         
2174         ax25_create,
2175         ax25_dup,
2176         ax25_release,
2177         ax25_bind,
2178         ax25_connect,
2179         ax25_socketpair,
2180         ax25_accept,
2181         ax25_getname,
2182         ax25_select,
2183         ax25_ioctl,
2184         ax25_listen,
2185         ax25_shutdown,
2186         ax25_setsockopt,
2187         ax25_getsockopt,
2188         ax25_fcntl,
2189         ax25_sendmsg,
2190         ax25_recvmsg
2191 };
2192 
2193 /*
2194  *      Called by socket.c on kernel start up
2195  */
2196 
2197 static struct packet_type ax25_packet_type = 
2198 {
2199         0,      /* MUTTER ntohs(ETH_P_AX25),*/
2200         0,              /* copy */
2201         kiss_rcv,
2202         NULL,
2203         NULL,
2204 };
2205 
2206 #ifdef CONFIG_BPQETHER
2207 static struct packet_type bpq_packet_type = 
2208 {
2209         0,      /* MUTTER ntohs(ETH_P_BPQ),*/
2210         0,              /* copy */
2211         bpq_rcv,
2212         NULL,
2213         NULL,
2214 };
2215 #endif
2216 
2217 static struct notifier_block ax25_dev_notifier = {
2218         ax25_device_event,
2219         0
2220 };
2221 
2222 void ax25_proto_init(struct net_proto *pro)
     /* [previous][next][first][last][top][bottom][index][help] */
2223 {
2224         sock_register(ax25_proto_ops.family, &ax25_proto_ops);
2225         ax25_packet_type.type = htons(ETH_P_AX25);
2226         dev_add_pack(&ax25_packet_type);        
2227 #ifdef CONFIG_BPQETHER
2228         bpq_packet_type.type  = htons(ETH_P_BPQ);
2229         dev_add_pack(&bpq_packet_type);
2230 #endif
2231         register_netdevice_notifier(&ax25_dev_notifier);
2232                           
2233         proc_net_register(&(struct proc_dir_entry) {
2234                 PROC_NET_AX25_ROUTE, 10, "ax25_route",
2235                 S_IFREG | S_IRUGO, 1, 0, 0,
2236                 0, &proc_net_inode_operations,
2237                 ax25_rt_get_info
2238         });
2239         proc_net_register(&(struct proc_dir_entry) {
2240                 PROC_NET_AX25, 4, "ax25",
2241                 S_IFREG | S_IRUGO, 1, 0, 0,
2242                 0, &proc_net_inode_operations,
2243                 ax25_get_info
2244         });
2245         proc_net_register(&(struct proc_dir_entry) {
2246                 PROC_NET_AX25_CALLS, 10, "ax25_calls",
2247                 S_IFREG | S_IRUGO, 1, 0, 0,
2248                 0, &proc_net_inode_operations,
2249                 ax25_cs_get_info
2250         });
2251 
2252         printk("G4KLX/GW4PTS AX.25 for Linux. Version 0.31 BETA for Linux NET3.032 (Linux 1.3.53)\n");
2253 
2254 #ifdef CONFIG_BPQETHER
2255         proc_net_register(&(struct proc_dir_entry) {
2256                 PROC_NET_AX25_BPQETHER, 13, "ax25_bpqether",
2257                 S_IFREG | S_IRUGO, 1, 0, 0,
2258                 0, &proc_net_inode_operations,
2259                 ax25_bpq_get_info
2260         });
2261 
2262         printk("G8BPQ Encapsulation of AX.25 frames enabled\n");
2263 #endif
2264 }
2265 
2266 /*
2267  *      A small shim to dev_queue_xmit to handle the difference between
2268  *      KISS AX.25 and BPQ AX.25.
2269  */
2270 
2271 void ax25_queue_xmit(struct sk_buff *skb, struct device *dev, int pri)
     /* [previous][next][first][last][top][bottom][index][help] */
2272 {
2273         unsigned char *ptr;
2274         int was_locked;
2275         
2276 #ifdef CONFIG_FIREWALL
2277         if(call_out_firewall(PF_AX25, skb, skb->data)!=FW_ACCEPT)
2278         {
2279                 kfree_skb(skb, FREE_WRITE);
2280                 return;
2281         }
2282 #endif  
2283 
2284         skb->protocol = htons (ETH_P_AX25);
2285 
2286 #ifdef CONFIG_BPQETHER
2287         if(dev->type == ARPHRD_ETHER)
2288         {
2289                 static char bcast_addr[6]={0xFF,0xFF,0xFF,0xFF,0xFF,0xFF};
2290                 int size;
2291                 if(skb_headroom(skb) < AX25_BPQ_HEADER_LEN)
2292                 {
2293                         printk("ax25_queue_xmit: not enough space to add BPQ Ether header\n");
2294                         skb->free = 1;
2295                         kfree_skb(skb, FREE_WRITE);
2296                         return;
2297                 }
2298 
2299                 size = skb->len;
2300         
2301                 ptr = skb_push(skb, 2);
2302 
2303                 *ptr++ = (size + 5) % 256;
2304                 *ptr++ = (size + 5) / 256;
2305 
2306                 dev->hard_header(skb, dev, ETH_P_BPQ, bcast_addr, NULL, 0);
2307 
2308                 /* dl1bke 960201: see below. Note that the device driver should 
2309                  *                copy the data into its own buffers, or strange
2310                  *                things will happen again.
2311                  */
2312 
2313                 was_locked = skb_device_locked(skb);
2314                 dev_queue_xmit(skb, dev, pri);
2315                 if (was_locked) skb_device_unlock(skb);
2316 
2317                 return;
2318         } 
2319 #endif
2320 
2321         ptr = skb_push(skb, 1);
2322         *ptr++ = 0;                     /* KISS */
2323 
2324 /* dl1bke 960201: dev_queue_xmit() will free the skb if it's not locked, so
2325  *                we need an additional variable to store its status.
2326  *                sl_xmit() copies the data before returning, we can
2327  *                remove the lock savely.
2328  */
2329 
2330         was_locked = skb_device_locked(skb);
2331         dev_queue_xmit(skb, dev, pri);
2332         if (was_locked) skb_device_unlock(skb);
2333 }
2334 
2335 /*
2336  *      IP over AX.25 encapsulation.
2337  */
2338 
2339 /*
2340  *      Shove an AX.25 UI header on an IP packet and handle ARP
2341  */
2342 
2343 #ifdef CONFIG_INET
2344  
2345 int ax25_encapsulate(struct sk_buff *skb, struct device *dev, unsigned short type, void *daddr,
     /* [previous][next][first][last][top][bottom][index][help] */
2346                 void *saddr, unsigned len)
2347 {
2348         /* header is an AX.25 UI frame from us to them */
2349         unsigned char *buff = skb_push(skb, AX25_HEADER_LEN);
2350 
2351         *buff++ = 0;    /* KISS DATA */
2352         
2353         if (daddr != NULL)
2354                 memcpy(buff, daddr, dev->addr_len);     /* Address specified */
2355 
2356         buff[6] &= ~LAPB_C;
2357         buff[6] &= ~LAPB_E;
2358         buff[6] |= SSSID_SPARE;
2359         buff += AX25_ADDR_LEN;
2360 
2361         if (saddr != NULL)
2362                 memcpy(buff, saddr, dev->addr_len);
2363         else
2364                 memcpy(buff, dev->dev_addr, dev->addr_len);
2365 
2366         buff[6] &= ~LAPB_C;
2367         buff[6] |= LAPB_E;
2368         buff[6] |= SSSID_SPARE;
2369         buff   += AX25_ADDR_LEN;
2370 
2371         *buff++ = LAPB_UI;      /* UI */
2372 
2373         /* Append a suitable AX.25 PID */
2374         switch (type) {
2375                 case ETH_P_IP:
2376                         *buff++ = AX25_P_IP;
2377                         break;
2378 
2379                 case ETH_P_ARP:
2380                         *buff++ = AX25_P_ARP;
2381                         break;
2382                 default:
2383                         printk("wrong protocol type 0x%x2.2\n", type);
2384                         *buff++ = 0;
2385                         break;
2386         }
2387         
2388         if (daddr != NULL)
2389                 return AX25_HEADER_LEN;
2390 
2391         return -AX25_HEADER_LEN;        /* Unfinished header */
2392 }
2393 
2394 int ax25_rebuild_header(unsigned char *bp, struct device *dev, unsigned long dest, struct sk_buff *skb)
     /* [previous][next][first][last][top][bottom][index][help] */
2395 {
2396         int mode;
2397 
2398         if (arp_find(bp + 1, dest, dev, dev->pa_addr, skb))
2399                 return 1;
2400 
2401         if (bp[16] == AX25_P_IP) 
2402         {
2403                 mode = ax25_ip_mode_get((ax25_address *)(bp + 1), dev);
2404                 if (mode == 'V' || mode == 'v' || (mode == ' ' && ax25_dev_get_value(dev, AX25_VALUES_IPDEFMODE) == 'V')) 
2405                 {
2406 /*                      skb_device_unlock(skb); *//* Don't unlock - it might vanish.. TCP will respond correctly to this lock holding */
2407                         skb_pull(skb, AX25_HEADER_LEN - 1);     /* Keep PID */
2408 #ifdef HUNTING_FOR_ENCAP_BUG
2409                 /* dl1bke 960131: This is a weird bug: the AX.25 frame is encapsulated */
2410                 /*                twice... We'll try a work-around here and hope for   */
2411                 /*                the best.                                            */
2412 
2413                         if ( !(ax25cmp((ax25_address *) (bp + 8), (ax25_address *) (skb->data + 8)) ||
2414                                ax25cmp((ax25_address *) (bp + 1), (ax25_address *) (skb->data + 1)) ) )
2415                         {
2416                                 printk("ax25_rebuild_header(): encap bug...\n");
2417                                 skb_pull(skb, AX25_HEADER_LEN);
2418                         } else
2419                                 if (!*skb->data)
2420                                         printk("ax25_rebuild_header(): probably encap bug...\n");
2421 #endif
2422                         ax25_send_frame(skb, (ax25_address *)(bp + 8), (ax25_address *)(bp + 1), NULL, dev);
2423                         return 1;
2424                 }
2425         }
2426 
2427         bp[7]  &= ~LAPB_C;
2428         bp[7]  &= ~LAPB_E;
2429         bp[7]  |= SSSID_SPARE;
2430 
2431         bp[14] &= ~LAPB_C;
2432         bp[14] |= LAPB_E;
2433         bp[14] |= SSSID_SPARE;
2434 
2435         return 0;
2436 }       
2437 
2438 #endif
2439 
2440 #endif

/* [previous][next][first][last][top][bottom][index][help] */