1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 *
4 * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
5 */
6#include <linux/errno.h>
7#include <linux/types.h>
8#include <linux/socket.h>
9#include <linux/in.h>
10#include <linux/kernel.h>
11#include <linux/timer.h>
12#include <linux/string.h>
13#include <linux/sockios.h>
14#include <linux/net.h>
15#include <linux/slab.h>
16#include <net/ax25.h>
17#include <linux/inet.h>
18#include <linux/netdevice.h>
19#include <linux/skbuff.h>
20#include <net/sock.h>
21#include <net/tcp_states.h>
22#include <linux/fcntl.h>
23#include <linux/mm.h>
24#include <linux/interrupt.h>
25#include <net/rose.h>
26
27static int rose_create_facilities(unsigned char *buffer, struct rose_sock *rose);
28
29/*
30 * This routine purges all of the queues of frames.
31 */
32void rose_clear_queues(struct sock *sk)
33{
34 skb_queue_purge(list: &sk->sk_write_queue);
35 skb_queue_purge(list: &rose_sk(sk)->ack_queue);
36}
37
38/*
39 * This routine purges the input queue of those frames that have been
40 * acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the
41 * SDL diagram.
42 */
43void rose_frames_acked(struct sock *sk, unsigned short nr)
44{
45 struct sk_buff *skb;
46 struct rose_sock *rose = rose_sk(sk);
47
48 /*
49 * Remove all the ack-ed frames from the ack queue.
50 */
51 if (rose->va != nr) {
52 while (skb_peek(list_: &rose->ack_queue) != NULL && rose->va != nr) {
53 skb = skb_dequeue(list: &rose->ack_queue);
54 kfree_skb(skb);
55 rose->va = (rose->va + 1) % ROSE_MODULUS;
56 }
57 }
58}
59
60void rose_requeue_frames(struct sock *sk)
61{
62 struct sk_buff *skb, *skb_prev = NULL;
63
64 /*
65 * Requeue all the un-ack-ed frames on the output queue to be picked
66 * up by rose_kick. This arrangement handles the possibility of an
67 * empty output queue.
68 */
69 while ((skb = skb_dequeue(list: &rose_sk(sk)->ack_queue)) != NULL) {
70 if (skb_prev == NULL)
71 skb_queue_head(list: &sk->sk_write_queue, newsk: skb);
72 else
73 skb_append(old: skb_prev, newsk: skb, list: &sk->sk_write_queue);
74 skb_prev = skb;
75 }
76}
77
78/*
79 * Validate that the value of nr is between va and vs. Return true or
80 * false for testing.
81 */
82int rose_validate_nr(struct sock *sk, unsigned short nr)
83{
84 struct rose_sock *rose = rose_sk(sk);
85 unsigned short vc = rose->va;
86
87 while (vc != rose->vs) {
88 if (nr == vc) return 1;
89 vc = (vc + 1) % ROSE_MODULUS;
90 }
91
92 return nr == rose->vs;
93}
94
95/*
96 * This routine is called when the packet layer internally generates a
97 * control frame.
98 */
99void rose_write_internal(struct sock *sk, int frametype)
100{
101 struct rose_sock *rose = rose_sk(sk);
102 struct sk_buff *skb;
103 unsigned char *dptr;
104 unsigned char lci1, lci2;
105 int maxfaclen = 0;
106 int len, faclen;
107 int reserve;
108
109 reserve = AX25_BPQ_HEADER_LEN + AX25_MAX_HEADER_LEN + 1;
110 len = ROSE_MIN_LEN;
111
112 switch (frametype) {
113 case ROSE_CALL_REQUEST:
114 len += 1 + ROSE_ADDR_LEN + ROSE_ADDR_LEN;
115 maxfaclen = 256;
116 break;
117 case ROSE_CALL_ACCEPTED:
118 case ROSE_CLEAR_REQUEST:
119 case ROSE_RESET_REQUEST:
120 len += 2;
121 break;
122 }
123
124 skb = alloc_skb(size: reserve + len + maxfaclen, GFP_ATOMIC);
125 if (!skb)
126 return;
127
128 /*
129 * Space for AX.25 header and PID.
130 */
131 skb_reserve(skb, len: reserve);
132
133 dptr = skb_put(skb, len);
134
135 lci1 = (rose->lci >> 8) & 0x0F;
136 lci2 = (rose->lci >> 0) & 0xFF;
137
138 switch (frametype) {
139 case ROSE_CALL_REQUEST:
140 *dptr++ = ROSE_GFI | lci1;
141 *dptr++ = lci2;
142 *dptr++ = frametype;
143 *dptr++ = ROSE_CALL_REQ_ADDR_LEN_VAL;
144 memcpy(dptr, &rose->dest_addr, ROSE_ADDR_LEN);
145 dptr += ROSE_ADDR_LEN;
146 memcpy(dptr, &rose->source_addr, ROSE_ADDR_LEN);
147 dptr += ROSE_ADDR_LEN;
148 faclen = rose_create_facilities(buffer: dptr, rose);
149 skb_put(skb, len: faclen);
150 dptr += faclen;
151 break;
152
153 case ROSE_CALL_ACCEPTED:
154 *dptr++ = ROSE_GFI | lci1;
155 *dptr++ = lci2;
156 *dptr++ = frametype;
157 *dptr++ = 0x00; /* Address length */
158 *dptr++ = 0; /* Facilities length */
159 break;
160
161 case ROSE_CLEAR_REQUEST:
162 *dptr++ = ROSE_GFI | lci1;
163 *dptr++ = lci2;
164 *dptr++ = frametype;
165 *dptr++ = rose->cause;
166 *dptr++ = rose->diagnostic;
167 break;
168
169 case ROSE_RESET_REQUEST:
170 *dptr++ = ROSE_GFI | lci1;
171 *dptr++ = lci2;
172 *dptr++ = frametype;
173 *dptr++ = ROSE_DTE_ORIGINATED;
174 *dptr++ = 0;
175 break;
176
177 case ROSE_RR:
178 case ROSE_RNR:
179 *dptr++ = ROSE_GFI | lci1;
180 *dptr++ = lci2;
181 *dptr = frametype;
182 *dptr++ |= (rose->vr << 5) & 0xE0;
183 break;
184
185 case ROSE_CLEAR_CONFIRMATION:
186 case ROSE_RESET_CONFIRMATION:
187 *dptr++ = ROSE_GFI | lci1;
188 *dptr++ = lci2;
189 *dptr++ = frametype;
190 break;
191
192 default:
193 printk(KERN_ERR "ROSE: rose_write_internal - invalid frametype %02X\n", frametype);
194 kfree_skb(skb);
195 return;
196 }
197
198 rose_transmit_link(skb, rose->neighbour);
199}
200
201int rose_decode(struct sk_buff *skb, int *ns, int *nr, int *q, int *d, int *m)
202{
203 unsigned char *frame;
204
205 frame = skb->data;
206
207 *ns = *nr = *q = *d = *m = 0;
208
209 switch (frame[2]) {
210 case ROSE_CALL_REQUEST:
211 case ROSE_CALL_ACCEPTED:
212 case ROSE_CLEAR_REQUEST:
213 case ROSE_CLEAR_CONFIRMATION:
214 case ROSE_RESET_REQUEST:
215 case ROSE_RESET_CONFIRMATION:
216 return frame[2];
217 default:
218 break;
219 }
220
221 if ((frame[2] & 0x1F) == ROSE_RR ||
222 (frame[2] & 0x1F) == ROSE_RNR) {
223 *nr = (frame[2] >> 5) & 0x07;
224 return frame[2] & 0x1F;
225 }
226
227 if ((frame[2] & 0x01) == ROSE_DATA) {
228 *q = (frame[0] & ROSE_Q_BIT) == ROSE_Q_BIT;
229 *d = (frame[0] & ROSE_D_BIT) == ROSE_D_BIT;
230 *m = (frame[2] & ROSE_M_BIT) == ROSE_M_BIT;
231 *nr = (frame[2] >> 5) & 0x07;
232 *ns = (frame[2] >> 1) & 0x07;
233 return ROSE_DATA;
234 }
235
236 return ROSE_ILLEGAL;
237}
238
239static int rose_parse_national(unsigned char *p, struct rose_facilities_struct *facilities, int len)
240{
241 unsigned char *pt;
242 unsigned char l, lg, n = 0;
243 int fac_national_digis_received = 0;
244
245 do {
246 switch (*p & 0xC0) {
247 case 0x00:
248 if (len < 2)
249 return -1;
250 p += 2;
251 n += 2;
252 len -= 2;
253 break;
254
255 case 0x40:
256 if (len < 3)
257 return -1;
258 if (*p == FAC_NATIONAL_RAND)
259 facilities->rand = ((p[1] << 8) & 0xFF00) + ((p[2] << 0) & 0x00FF);
260 p += 3;
261 n += 3;
262 len -= 3;
263 break;
264
265 case 0x80:
266 if (len < 4)
267 return -1;
268 p += 4;
269 n += 4;
270 len -= 4;
271 break;
272
273 case 0xC0:
274 if (len < 2)
275 return -1;
276 l = p[1];
277 if (len < 2 + l)
278 return -1;
279 if (*p == FAC_NATIONAL_DEST_DIGI) {
280 if (!fac_national_digis_received) {
281 if (l < AX25_ADDR_LEN)
282 return -1;
283 memcpy(&facilities->source_digis[0], p + 2, AX25_ADDR_LEN);
284 facilities->source_ndigis = 1;
285 }
286 }
287 else if (*p == FAC_NATIONAL_SRC_DIGI) {
288 if (!fac_national_digis_received) {
289 if (l < AX25_ADDR_LEN)
290 return -1;
291 memcpy(&facilities->dest_digis[0], p + 2, AX25_ADDR_LEN);
292 facilities->dest_ndigis = 1;
293 }
294 }
295 else if (*p == FAC_NATIONAL_FAIL_CALL) {
296 if (l < AX25_ADDR_LEN)
297 return -1;
298 memcpy(&facilities->fail_call, p + 2, AX25_ADDR_LEN);
299 }
300 else if (*p == FAC_NATIONAL_FAIL_ADD) {
301 if (l < 1 + ROSE_ADDR_LEN)
302 return -1;
303 memcpy(&facilities->fail_addr, p + 3, ROSE_ADDR_LEN);
304 }
305 else if (*p == FAC_NATIONAL_DIGIS) {
306 if (l % AX25_ADDR_LEN)
307 return -1;
308 fac_national_digis_received = 1;
309 facilities->source_ndigis = 0;
310 facilities->dest_ndigis = 0;
311 for (pt = p + 2, lg = 0 ; lg < l ; pt += AX25_ADDR_LEN, lg += AX25_ADDR_LEN) {
312 if (pt[6] & AX25_HBIT) {
313 if (facilities->dest_ndigis >= ROSE_MAX_DIGIS)
314 return -1;
315 memcpy(&facilities->dest_digis[facilities->dest_ndigis++], pt, AX25_ADDR_LEN);
316 } else {
317 if (facilities->source_ndigis >= ROSE_MAX_DIGIS)
318 return -1;
319 memcpy(&facilities->source_digis[facilities->source_ndigis++], pt, AX25_ADDR_LEN);
320 }
321 }
322 }
323 p += l + 2;
324 n += l + 2;
325 len -= l + 2;
326 break;
327 }
328 } while (*p != 0x00 && len > 0);
329
330 return n;
331}
332
333static int rose_parse_ccitt(unsigned char *p, struct rose_facilities_struct *facilities, int len)
334{
335 unsigned char l, n = 0;
336 char callsign[11];
337
338 do {
339 switch (*p & 0xC0) {
340 case 0x00:
341 if (len < 2)
342 return -1;
343 p += 2;
344 n += 2;
345 len -= 2;
346 break;
347
348 case 0x40:
349 if (len < 3)
350 return -1;
351 p += 3;
352 n += 3;
353 len -= 3;
354 break;
355
356 case 0x80:
357 if (len < 4)
358 return -1;
359 p += 4;
360 n += 4;
361 len -= 4;
362 break;
363
364 case 0xC0:
365 if (len < 2)
366 return -1;
367 l = p[1];
368
369 /* Prevent overflows*/
370 if (l < 10 || l > 20)
371 return -1;
372
373 if (*p == FAC_CCITT_DEST_NSAP) {
374 memcpy(&facilities->source_addr, p + 7, ROSE_ADDR_LEN);
375 memcpy(callsign, p + 12, l - 10);
376 callsign[l - 10] = '\0';
377 asc2ax(addr: &facilities->source_call, callsign);
378 }
379 if (*p == FAC_CCITT_SRC_NSAP) {
380 memcpy(&facilities->dest_addr, p + 7, ROSE_ADDR_LEN);
381 memcpy(callsign, p + 12, l - 10);
382 callsign[l - 10] = '\0';
383 asc2ax(addr: &facilities->dest_call, callsign);
384 }
385 p += l + 2;
386 n += l + 2;
387 len -= l + 2;
388 break;
389 }
390 } while (*p != 0x00 && len > 0);
391
392 return n;
393}
394
395int rose_parse_facilities(unsigned char *p, unsigned packet_len,
396 struct rose_facilities_struct *facilities)
397{
398 int facilities_len, len;
399
400 facilities_len = *p++;
401
402 if (facilities_len == 0 || (unsigned int)facilities_len > packet_len)
403 return 0;
404
405 while (facilities_len >= 3 && *p == 0x00) {
406 facilities_len--;
407 p++;
408
409 switch (*p) {
410 case FAC_NATIONAL: /* National */
411 len = rose_parse_national(p: p + 1, facilities, len: facilities_len - 1);
412 break;
413
414 case FAC_CCITT: /* CCITT */
415 len = rose_parse_ccitt(p: p + 1, facilities, len: facilities_len - 1);
416 break;
417
418 default:
419 printk(KERN_DEBUG "ROSE: rose_parse_facilities - unknown facilities family %02X\n", *p);
420 len = 1;
421 break;
422 }
423
424 if (len < 0)
425 return 0;
426 if (WARN_ON(len >= facilities_len))
427 return 0;
428 facilities_len -= len + 1;
429 p += len + 1;
430 }
431
432 return facilities_len == 0;
433}
434
435static int rose_create_facilities(unsigned char *buffer, struct rose_sock *rose)
436{
437 unsigned char *p = buffer + 1;
438 char *callsign;
439 char buf[11];
440 int len, nb;
441
442 /* National Facilities */
443 if (rose->rand != 0 || rose->source_ndigis == 1 || rose->dest_ndigis == 1) {
444 *p++ = 0x00;
445 *p++ = FAC_NATIONAL;
446
447 if (rose->rand != 0) {
448 *p++ = FAC_NATIONAL_RAND;
449 *p++ = (rose->rand >> 8) & 0xFF;
450 *p++ = (rose->rand >> 0) & 0xFF;
451 }
452
453 /* Sent before older facilities */
454 if ((rose->source_ndigis > 0) || (rose->dest_ndigis > 0)) {
455 int maxdigi = 0;
456 *p++ = FAC_NATIONAL_DIGIS;
457 *p++ = AX25_ADDR_LEN * (rose->source_ndigis + rose->dest_ndigis);
458 for (nb = 0 ; nb < rose->source_ndigis ; nb++) {
459 if (++maxdigi >= ROSE_MAX_DIGIS)
460 break;
461 memcpy(p, &rose->source_digis[nb], AX25_ADDR_LEN);
462 p[6] |= AX25_HBIT;
463 p += AX25_ADDR_LEN;
464 }
465 for (nb = 0 ; nb < rose->dest_ndigis ; nb++) {
466 if (++maxdigi >= ROSE_MAX_DIGIS)
467 break;
468 memcpy(p, &rose->dest_digis[nb], AX25_ADDR_LEN);
469 p[6] &= ~AX25_HBIT;
470 p += AX25_ADDR_LEN;
471 }
472 }
473
474 /* For compatibility */
475 if (rose->source_ndigis > 0) {
476 *p++ = FAC_NATIONAL_SRC_DIGI;
477 *p++ = AX25_ADDR_LEN;
478 memcpy(p, &rose->source_digis[0], AX25_ADDR_LEN);
479 p += AX25_ADDR_LEN;
480 }
481
482 /* For compatibility */
483 if (rose->dest_ndigis > 0) {
484 *p++ = FAC_NATIONAL_DEST_DIGI;
485 *p++ = AX25_ADDR_LEN;
486 memcpy(p, &rose->dest_digis[0], AX25_ADDR_LEN);
487 p += AX25_ADDR_LEN;
488 }
489 }
490
491 *p++ = 0x00;
492 *p++ = FAC_CCITT;
493
494 *p++ = FAC_CCITT_DEST_NSAP;
495
496 callsign = ax2asc(buf, &rose->dest_call);
497
498 *p++ = strlen(callsign) + 10;
499 *p++ = (strlen(callsign) + 9) * 2; /* ??? */
500
501 *p++ = 0x47; *p++ = 0x00; *p++ = 0x11;
502 *p++ = ROSE_ADDR_LEN * 2;
503 memcpy(p, &rose->dest_addr, ROSE_ADDR_LEN);
504 p += ROSE_ADDR_LEN;
505
506 memcpy(p, callsign, strlen(callsign));
507 p += strlen(callsign);
508
509 *p++ = FAC_CCITT_SRC_NSAP;
510
511 callsign = ax2asc(buf, &rose->source_call);
512
513 *p++ = strlen(callsign) + 10;
514 *p++ = (strlen(callsign) + 9) * 2; /* ??? */
515
516 *p++ = 0x47; *p++ = 0x00; *p++ = 0x11;
517 *p++ = ROSE_ADDR_LEN * 2;
518 memcpy(p, &rose->source_addr, ROSE_ADDR_LEN);
519 p += ROSE_ADDR_LEN;
520
521 memcpy(p, callsign, strlen(callsign));
522 p += strlen(callsign);
523
524 len = p - buffer;
525 buffer[0] = len - 1;
526
527 return len;
528}
529
530void rose_disconnect(struct sock *sk, int reason, int cause, int diagnostic)
531{
532 struct rose_sock *rose = rose_sk(sk);
533
534 rose_stop_timer(sk);
535 rose_stop_idletimer(sk);
536
537 rose_clear_queues(sk);
538
539 rose->lci = 0;
540 rose->state = ROSE_STATE_0;
541
542 if (cause != -1)
543 rose->cause = cause;
544
545 if (diagnostic != -1)
546 rose->diagnostic = diagnostic;
547
548 sk->sk_state = TCP_CLOSE;
549 sk->sk_err = reason;
550 sk->sk_shutdown |= SEND_SHUTDOWN;
551
552 if (!sock_flag(sk, flag: SOCK_DEAD)) {
553 sk->sk_state_change(sk);
554 sock_set_flag(sk, flag: SOCK_DEAD);
555 }
556}
557

source code of linux/net/rose/rose_subr.c