1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-or-later
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun *
4*4882a593Smuzhiyun * Copyright Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
5*4882a593Smuzhiyun */
6*4882a593Smuzhiyun #include <linux/errno.h>
7*4882a593Smuzhiyun #include <linux/types.h>
8*4882a593Smuzhiyun #include <linux/socket.h>
9*4882a593Smuzhiyun #include <linux/in.h>
10*4882a593Smuzhiyun #include <linux/kernel.h>
11*4882a593Smuzhiyun #include <linux/timer.h>
12*4882a593Smuzhiyun #include <linux/string.h>
13*4882a593Smuzhiyun #include <linux/sockios.h>
14*4882a593Smuzhiyun #include <linux/net.h>
15*4882a593Smuzhiyun #include <linux/slab.h>
16*4882a593Smuzhiyun #include <net/ax25.h>
17*4882a593Smuzhiyun #include <linux/inet.h>
18*4882a593Smuzhiyun #include <linux/netdevice.h>
19*4882a593Smuzhiyun #include <linux/skbuff.h>
20*4882a593Smuzhiyun #include <net/sock.h>
21*4882a593Smuzhiyun #include <net/tcp_states.h>
22*4882a593Smuzhiyun #include <linux/uaccess.h>
23*4882a593Smuzhiyun #include <linux/fcntl.h>
24*4882a593Smuzhiyun #include <linux/mm.h>
25*4882a593Smuzhiyun #include <linux/interrupt.h>
26*4882a593Smuzhiyun #include <net/netrom.h>
27*4882a593Smuzhiyun
28*4882a593Smuzhiyun /*
29*4882a593Smuzhiyun * This routine purges all of the queues of frames.
30*4882a593Smuzhiyun */
nr_clear_queues(struct sock * sk)31*4882a593Smuzhiyun void nr_clear_queues(struct sock *sk)
32*4882a593Smuzhiyun {
33*4882a593Smuzhiyun struct nr_sock *nr = nr_sk(sk);
34*4882a593Smuzhiyun
35*4882a593Smuzhiyun skb_queue_purge(&sk->sk_write_queue);
36*4882a593Smuzhiyun skb_queue_purge(&nr->ack_queue);
37*4882a593Smuzhiyun skb_queue_purge(&nr->reseq_queue);
38*4882a593Smuzhiyun skb_queue_purge(&nr->frag_queue);
39*4882a593Smuzhiyun }
40*4882a593Smuzhiyun
41*4882a593Smuzhiyun /*
42*4882a593Smuzhiyun * This routine purges the input queue of those frames that have been
43*4882a593Smuzhiyun * acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the
44*4882a593Smuzhiyun * SDL diagram.
45*4882a593Smuzhiyun */
nr_frames_acked(struct sock * sk,unsigned short nr)46*4882a593Smuzhiyun void nr_frames_acked(struct sock *sk, unsigned short nr)
47*4882a593Smuzhiyun {
48*4882a593Smuzhiyun struct nr_sock *nrom = nr_sk(sk);
49*4882a593Smuzhiyun struct sk_buff *skb;
50*4882a593Smuzhiyun
51*4882a593Smuzhiyun /*
52*4882a593Smuzhiyun * Remove all the ack-ed frames from the ack queue.
53*4882a593Smuzhiyun */
54*4882a593Smuzhiyun if (nrom->va != nr) {
55*4882a593Smuzhiyun while (skb_peek(&nrom->ack_queue) != NULL && nrom->va != nr) {
56*4882a593Smuzhiyun skb = skb_dequeue(&nrom->ack_queue);
57*4882a593Smuzhiyun kfree_skb(skb);
58*4882a593Smuzhiyun nrom->va = (nrom->va + 1) % NR_MODULUS;
59*4882a593Smuzhiyun }
60*4882a593Smuzhiyun }
61*4882a593Smuzhiyun }
62*4882a593Smuzhiyun
63*4882a593Smuzhiyun /*
64*4882a593Smuzhiyun * Requeue all the un-ack-ed frames on the output queue to be picked
65*4882a593Smuzhiyun * up by nr_kick called from the timer. This arrangement handles the
66*4882a593Smuzhiyun * possibility of an empty output queue.
67*4882a593Smuzhiyun */
nr_requeue_frames(struct sock * sk)68*4882a593Smuzhiyun void nr_requeue_frames(struct sock *sk)
69*4882a593Smuzhiyun {
70*4882a593Smuzhiyun struct sk_buff *skb, *skb_prev = NULL;
71*4882a593Smuzhiyun
72*4882a593Smuzhiyun while ((skb = skb_dequeue(&nr_sk(sk)->ack_queue)) != NULL) {
73*4882a593Smuzhiyun if (skb_prev == NULL)
74*4882a593Smuzhiyun skb_queue_head(&sk->sk_write_queue, skb);
75*4882a593Smuzhiyun else
76*4882a593Smuzhiyun skb_append(skb_prev, skb, &sk->sk_write_queue);
77*4882a593Smuzhiyun skb_prev = skb;
78*4882a593Smuzhiyun }
79*4882a593Smuzhiyun }
80*4882a593Smuzhiyun
81*4882a593Smuzhiyun /*
82*4882a593Smuzhiyun * Validate that the value of nr is between va and vs. Return true or
83*4882a593Smuzhiyun * false for testing.
84*4882a593Smuzhiyun */
nr_validate_nr(struct sock * sk,unsigned short nr)85*4882a593Smuzhiyun int nr_validate_nr(struct sock *sk, unsigned short nr)
86*4882a593Smuzhiyun {
87*4882a593Smuzhiyun struct nr_sock *nrom = nr_sk(sk);
88*4882a593Smuzhiyun unsigned short vc = nrom->va;
89*4882a593Smuzhiyun
90*4882a593Smuzhiyun while (vc != nrom->vs) {
91*4882a593Smuzhiyun if (nr == vc) return 1;
92*4882a593Smuzhiyun vc = (vc + 1) % NR_MODULUS;
93*4882a593Smuzhiyun }
94*4882a593Smuzhiyun
95*4882a593Smuzhiyun return nr == nrom->vs;
96*4882a593Smuzhiyun }
97*4882a593Smuzhiyun
98*4882a593Smuzhiyun /*
99*4882a593Smuzhiyun * Check that ns is within the receive window.
100*4882a593Smuzhiyun */
nr_in_rx_window(struct sock * sk,unsigned short ns)101*4882a593Smuzhiyun int nr_in_rx_window(struct sock *sk, unsigned short ns)
102*4882a593Smuzhiyun {
103*4882a593Smuzhiyun struct nr_sock *nr = nr_sk(sk);
104*4882a593Smuzhiyun unsigned short vc = nr->vr;
105*4882a593Smuzhiyun unsigned short vt = (nr->vl + nr->window) % NR_MODULUS;
106*4882a593Smuzhiyun
107*4882a593Smuzhiyun while (vc != vt) {
108*4882a593Smuzhiyun if (ns == vc) return 1;
109*4882a593Smuzhiyun vc = (vc + 1) % NR_MODULUS;
110*4882a593Smuzhiyun }
111*4882a593Smuzhiyun
112*4882a593Smuzhiyun return 0;
113*4882a593Smuzhiyun }
114*4882a593Smuzhiyun
115*4882a593Smuzhiyun /*
116*4882a593Smuzhiyun * This routine is called when the HDLC layer internally generates a
117*4882a593Smuzhiyun * control frame.
118*4882a593Smuzhiyun */
nr_write_internal(struct sock * sk,int frametype)119*4882a593Smuzhiyun void nr_write_internal(struct sock *sk, int frametype)
120*4882a593Smuzhiyun {
121*4882a593Smuzhiyun struct nr_sock *nr = nr_sk(sk);
122*4882a593Smuzhiyun struct sk_buff *skb;
123*4882a593Smuzhiyun unsigned char *dptr;
124*4882a593Smuzhiyun int len, timeout;
125*4882a593Smuzhiyun
126*4882a593Smuzhiyun len = NR_NETWORK_LEN + NR_TRANSPORT_LEN;
127*4882a593Smuzhiyun
128*4882a593Smuzhiyun switch (frametype & 0x0F) {
129*4882a593Smuzhiyun case NR_CONNREQ:
130*4882a593Smuzhiyun len += 17;
131*4882a593Smuzhiyun break;
132*4882a593Smuzhiyun case NR_CONNACK:
133*4882a593Smuzhiyun len += (nr->bpqext) ? 2 : 1;
134*4882a593Smuzhiyun break;
135*4882a593Smuzhiyun case NR_DISCREQ:
136*4882a593Smuzhiyun case NR_DISCACK:
137*4882a593Smuzhiyun case NR_INFOACK:
138*4882a593Smuzhiyun break;
139*4882a593Smuzhiyun default:
140*4882a593Smuzhiyun printk(KERN_ERR "NET/ROM: nr_write_internal - invalid frame type %d\n", frametype);
141*4882a593Smuzhiyun return;
142*4882a593Smuzhiyun }
143*4882a593Smuzhiyun
144*4882a593Smuzhiyun if ((skb = alloc_skb(len, GFP_ATOMIC)) == NULL)
145*4882a593Smuzhiyun return;
146*4882a593Smuzhiyun
147*4882a593Smuzhiyun /*
148*4882a593Smuzhiyun * Space for AX.25 and NET/ROM network header
149*4882a593Smuzhiyun */
150*4882a593Smuzhiyun skb_reserve(skb, NR_NETWORK_LEN);
151*4882a593Smuzhiyun
152*4882a593Smuzhiyun dptr = skb_put(skb, skb_tailroom(skb));
153*4882a593Smuzhiyun
154*4882a593Smuzhiyun switch (frametype & 0x0F) {
155*4882a593Smuzhiyun case NR_CONNREQ:
156*4882a593Smuzhiyun timeout = nr->t1 / HZ;
157*4882a593Smuzhiyun *dptr++ = nr->my_index;
158*4882a593Smuzhiyun *dptr++ = nr->my_id;
159*4882a593Smuzhiyun *dptr++ = 0;
160*4882a593Smuzhiyun *dptr++ = 0;
161*4882a593Smuzhiyun *dptr++ = frametype;
162*4882a593Smuzhiyun *dptr++ = nr->window;
163*4882a593Smuzhiyun memcpy(dptr, &nr->user_addr, AX25_ADDR_LEN);
164*4882a593Smuzhiyun dptr[6] &= ~AX25_CBIT;
165*4882a593Smuzhiyun dptr[6] &= ~AX25_EBIT;
166*4882a593Smuzhiyun dptr[6] |= AX25_SSSID_SPARE;
167*4882a593Smuzhiyun dptr += AX25_ADDR_LEN;
168*4882a593Smuzhiyun memcpy(dptr, &nr->source_addr, AX25_ADDR_LEN);
169*4882a593Smuzhiyun dptr[6] &= ~AX25_CBIT;
170*4882a593Smuzhiyun dptr[6] &= ~AX25_EBIT;
171*4882a593Smuzhiyun dptr[6] |= AX25_SSSID_SPARE;
172*4882a593Smuzhiyun dptr += AX25_ADDR_LEN;
173*4882a593Smuzhiyun *dptr++ = timeout % 256;
174*4882a593Smuzhiyun *dptr++ = timeout / 256;
175*4882a593Smuzhiyun break;
176*4882a593Smuzhiyun
177*4882a593Smuzhiyun case NR_CONNACK:
178*4882a593Smuzhiyun *dptr++ = nr->your_index;
179*4882a593Smuzhiyun *dptr++ = nr->your_id;
180*4882a593Smuzhiyun *dptr++ = nr->my_index;
181*4882a593Smuzhiyun *dptr++ = nr->my_id;
182*4882a593Smuzhiyun *dptr++ = frametype;
183*4882a593Smuzhiyun *dptr++ = nr->window;
184*4882a593Smuzhiyun if (nr->bpqext) *dptr++ = sysctl_netrom_network_ttl_initialiser;
185*4882a593Smuzhiyun break;
186*4882a593Smuzhiyun
187*4882a593Smuzhiyun case NR_DISCREQ:
188*4882a593Smuzhiyun case NR_DISCACK:
189*4882a593Smuzhiyun *dptr++ = nr->your_index;
190*4882a593Smuzhiyun *dptr++ = nr->your_id;
191*4882a593Smuzhiyun *dptr++ = 0;
192*4882a593Smuzhiyun *dptr++ = 0;
193*4882a593Smuzhiyun *dptr++ = frametype;
194*4882a593Smuzhiyun break;
195*4882a593Smuzhiyun
196*4882a593Smuzhiyun case NR_INFOACK:
197*4882a593Smuzhiyun *dptr++ = nr->your_index;
198*4882a593Smuzhiyun *dptr++ = nr->your_id;
199*4882a593Smuzhiyun *dptr++ = 0;
200*4882a593Smuzhiyun *dptr++ = nr->vr;
201*4882a593Smuzhiyun *dptr++ = frametype;
202*4882a593Smuzhiyun break;
203*4882a593Smuzhiyun }
204*4882a593Smuzhiyun
205*4882a593Smuzhiyun nr_transmit_buffer(sk, skb);
206*4882a593Smuzhiyun }
207*4882a593Smuzhiyun
208*4882a593Smuzhiyun /*
209*4882a593Smuzhiyun * This routine is called to send an error reply.
210*4882a593Smuzhiyun */
__nr_transmit_reply(struct sk_buff * skb,int mine,unsigned char cmdflags)211*4882a593Smuzhiyun void __nr_transmit_reply(struct sk_buff *skb, int mine, unsigned char cmdflags)
212*4882a593Smuzhiyun {
213*4882a593Smuzhiyun struct sk_buff *skbn;
214*4882a593Smuzhiyun unsigned char *dptr;
215*4882a593Smuzhiyun int len;
216*4882a593Smuzhiyun
217*4882a593Smuzhiyun len = NR_NETWORK_LEN + NR_TRANSPORT_LEN + 1;
218*4882a593Smuzhiyun
219*4882a593Smuzhiyun if ((skbn = alloc_skb(len, GFP_ATOMIC)) == NULL)
220*4882a593Smuzhiyun return;
221*4882a593Smuzhiyun
222*4882a593Smuzhiyun skb_reserve(skbn, 0);
223*4882a593Smuzhiyun
224*4882a593Smuzhiyun dptr = skb_put(skbn, NR_NETWORK_LEN + NR_TRANSPORT_LEN);
225*4882a593Smuzhiyun
226*4882a593Smuzhiyun skb_copy_from_linear_data_offset(skb, 7, dptr, AX25_ADDR_LEN);
227*4882a593Smuzhiyun dptr[6] &= ~AX25_CBIT;
228*4882a593Smuzhiyun dptr[6] &= ~AX25_EBIT;
229*4882a593Smuzhiyun dptr[6] |= AX25_SSSID_SPARE;
230*4882a593Smuzhiyun dptr += AX25_ADDR_LEN;
231*4882a593Smuzhiyun
232*4882a593Smuzhiyun skb_copy_from_linear_data(skb, dptr, AX25_ADDR_LEN);
233*4882a593Smuzhiyun dptr[6] &= ~AX25_CBIT;
234*4882a593Smuzhiyun dptr[6] |= AX25_EBIT;
235*4882a593Smuzhiyun dptr[6] |= AX25_SSSID_SPARE;
236*4882a593Smuzhiyun dptr += AX25_ADDR_LEN;
237*4882a593Smuzhiyun
238*4882a593Smuzhiyun *dptr++ = sysctl_netrom_network_ttl_initialiser;
239*4882a593Smuzhiyun
240*4882a593Smuzhiyun if (mine) {
241*4882a593Smuzhiyun *dptr++ = 0;
242*4882a593Smuzhiyun *dptr++ = 0;
243*4882a593Smuzhiyun *dptr++ = skb->data[15];
244*4882a593Smuzhiyun *dptr++ = skb->data[16];
245*4882a593Smuzhiyun } else {
246*4882a593Smuzhiyun *dptr++ = skb->data[15];
247*4882a593Smuzhiyun *dptr++ = skb->data[16];
248*4882a593Smuzhiyun *dptr++ = 0;
249*4882a593Smuzhiyun *dptr++ = 0;
250*4882a593Smuzhiyun }
251*4882a593Smuzhiyun
252*4882a593Smuzhiyun *dptr++ = cmdflags;
253*4882a593Smuzhiyun *dptr++ = 0;
254*4882a593Smuzhiyun
255*4882a593Smuzhiyun if (!nr_route_frame(skbn, NULL))
256*4882a593Smuzhiyun kfree_skb(skbn);
257*4882a593Smuzhiyun }
258*4882a593Smuzhiyun
nr_disconnect(struct sock * sk,int reason)259*4882a593Smuzhiyun void nr_disconnect(struct sock *sk, int reason)
260*4882a593Smuzhiyun {
261*4882a593Smuzhiyun nr_stop_t1timer(sk);
262*4882a593Smuzhiyun nr_stop_t2timer(sk);
263*4882a593Smuzhiyun nr_stop_t4timer(sk);
264*4882a593Smuzhiyun nr_stop_idletimer(sk);
265*4882a593Smuzhiyun
266*4882a593Smuzhiyun nr_clear_queues(sk);
267*4882a593Smuzhiyun
268*4882a593Smuzhiyun nr_sk(sk)->state = NR_STATE_0;
269*4882a593Smuzhiyun
270*4882a593Smuzhiyun sk->sk_state = TCP_CLOSE;
271*4882a593Smuzhiyun sk->sk_err = reason;
272*4882a593Smuzhiyun sk->sk_shutdown |= SEND_SHUTDOWN;
273*4882a593Smuzhiyun
274*4882a593Smuzhiyun if (!sock_flag(sk, SOCK_DEAD)) {
275*4882a593Smuzhiyun sk->sk_state_change(sk);
276*4882a593Smuzhiyun sock_set_flag(sk, SOCK_DEAD);
277*4882a593Smuzhiyun }
278*4882a593Smuzhiyun }
279