1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * X.25 Packet Layer release 002 4 * 5 * This is ALPHA test software. This code may break your machine, 6 * randomly fail to work with new releases, misbehave and/or generally 7 * screw up. It might even work. 8 * 9 * This code REQUIRES 2.1.15 or higher 10 * 11 * History 12 * X.25 001 Jonathan Naylor Started coding. 13 * X.25 002 Jonathan Naylor Centralised disconnection processing. 14 * mar/20/00 Daniela Squassoni Disabling/enabling of facilities 15 * negotiation. 16 * jun/24/01 Arnaldo C. Melo use skb_queue_purge, cleanups 17 * apr/04/15 Shaun Pereira Fast select with no 18 * restriction on response. 19 */ 20 21 #define pr_fmt(fmt) "X25: " fmt 22 23 #include <linux/slab.h> 24 #include <linux/kernel.h> 25 #include <linux/string.h> 26 #include <linux/skbuff.h> 27 #include <net/sock.h> 28 #include <net/tcp_states.h> 29 #include <net/x25.h> 30 31 /* 32 * This routine purges all of the queues of frames. 33 */ 34 void x25_clear_queues(struct sock *sk) 35 { 36 struct x25_sock *x25 = x25_sk(sk); 37 38 skb_queue_purge(&sk->sk_write_queue); 39 skb_queue_purge(&x25->ack_queue); 40 skb_queue_purge(&x25->interrupt_in_queue); 41 skb_queue_purge(&x25->interrupt_out_queue); 42 skb_queue_purge(&x25->fragment_queue); 43 x25->fraglen = 0; 44 } 45 46 47 /* 48 * This routine purges the input queue of those frames that have been 49 * acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the 50 * SDL diagram. 51 */ 52 void x25_frames_acked(struct sock *sk, unsigned short nr) 53 { 54 struct sk_buff *skb; 55 struct x25_sock *x25 = x25_sk(sk); 56 int modulus = x25->neighbour->extended ? X25_EMODULUS : X25_SMODULUS; 57 58 /* 59 * Remove all the ack-ed frames from the ack queue. 60 */ 61 if (x25->va != nr) 62 while (skb_peek(&x25->ack_queue) && x25->va != nr) { 63 skb = skb_dequeue(&x25->ack_queue); 64 kfree_skb(skb); 65 x25->va = (x25->va + 1) % modulus; 66 } 67 } 68 69 void x25_requeue_frames(struct sock *sk) 70 { 71 struct sk_buff *skb, *skb_prev = NULL; 72 73 /* 74 * Requeue all the un-ack-ed frames on the output queue to be picked 75 * up by x25_kick. This arrangement handles the possibility of an empty 76 * output queue. 77 */ 78 while ((skb = skb_dequeue(&x25_sk(sk)->ack_queue)) != NULL) { 79 if (!skb_prev) 80 skb_queue_head(&sk->sk_write_queue, skb); 81 else 82 skb_append(skb_prev, skb, &sk->sk_write_queue); 83 skb_prev = skb; 84 } 85 } 86 87 /* 88 * Validate that the value of nr is between va and vs. Return true or 89 * false for testing. 90 */ 91 int x25_validate_nr(struct sock *sk, unsigned short nr) 92 { 93 struct x25_sock *x25 = x25_sk(sk); 94 unsigned short vc = x25->va; 95 int modulus = x25->neighbour->extended ? X25_EMODULUS : X25_SMODULUS; 96 97 while (vc != x25->vs) { 98 if (nr == vc) 99 return 1; 100 vc = (vc + 1) % modulus; 101 } 102 103 return nr == x25->vs ? 1 : 0; 104 } 105 106 /* 107 * This routine is called when the packet layer internally generates a 108 * control frame. 109 */ 110 void x25_write_internal(struct sock *sk, int frametype) 111 { 112 struct x25_sock *x25 = x25_sk(sk); 113 struct sk_buff *skb; 114 unsigned char *dptr; 115 unsigned char facilities[X25_MAX_FAC_LEN]; 116 unsigned char addresses[1 + X25_ADDR_LEN]; 117 unsigned char lci1, lci2; 118 /* 119 * Default safe frame size. 120 */ 121 int len = X25_MAX_L2_LEN + X25_EXT_MIN_LEN; 122 123 /* 124 * Adjust frame size. 125 */ 126 switch (frametype) { 127 case X25_CALL_REQUEST: 128 len += 1 + X25_ADDR_LEN + X25_MAX_FAC_LEN + X25_MAX_CUD_LEN; 129 break; 130 case X25_CALL_ACCEPTED: /* fast sel with no restr on resp */ 131 if (x25->facilities.reverse & 0x80) { 132 len += 1 + X25_MAX_FAC_LEN + X25_MAX_CUD_LEN; 133 } else { 134 len += 1 + X25_MAX_FAC_LEN; 135 } 136 break; 137 case X25_CLEAR_REQUEST: 138 case X25_RESET_REQUEST: 139 len += 2; 140 break; 141 case X25_RR: 142 case X25_RNR: 143 case X25_REJ: 144 case X25_CLEAR_CONFIRMATION: 145 case X25_INTERRUPT_CONFIRMATION: 146 case X25_RESET_CONFIRMATION: 147 break; 148 default: 149 pr_err("invalid frame type %02X\n", frametype); 150 return; 151 } 152 153 if ((skb = alloc_skb(len, GFP_ATOMIC)) == NULL) 154 return; 155 156 /* 157 * Space for Ethernet and 802.2 LLC headers. 158 */ 159 skb_reserve(skb, X25_MAX_L2_LEN); 160 161 /* 162 * Make space for the GFI and LCI, and fill them in. 163 */ 164 dptr = skb_put(skb, 2); 165 166 lci1 = (x25->lci >> 8) & 0x0F; 167 lci2 = (x25->lci >> 0) & 0xFF; 168 169 if (x25->neighbour->extended) { 170 *dptr++ = lci1 | X25_GFI_EXTSEQ; 171 *dptr++ = lci2; 172 } else { 173 *dptr++ = lci1 | X25_GFI_STDSEQ; 174 *dptr++ = lci2; 175 } 176 177 /* 178 * Now fill in the frame type specific information. 179 */ 180 switch (frametype) { 181 182 case X25_CALL_REQUEST: 183 dptr = skb_put(skb, 1); 184 *dptr++ = X25_CALL_REQUEST; 185 len = x25_addr_aton(addresses, &x25->dest_addr, 186 &x25->source_addr); 187 skb_put_data(skb, addresses, len); 188 len = x25_create_facilities(facilities, 189 &x25->facilities, 190 &x25->dte_facilities, 191 x25->neighbour->global_facil_mask); 192 skb_put_data(skb, facilities, len); 193 skb_put_data(skb, x25->calluserdata.cuddata, 194 x25->calluserdata.cudlength); 195 x25->calluserdata.cudlength = 0; 196 break; 197 198 case X25_CALL_ACCEPTED: 199 dptr = skb_put(skb, 2); 200 *dptr++ = X25_CALL_ACCEPTED; 201 *dptr++ = 0x00; /* Address lengths */ 202 len = x25_create_facilities(facilities, 203 &x25->facilities, 204 &x25->dte_facilities, 205 x25->vc_facil_mask); 206 skb_put_data(skb, facilities, len); 207 208 /* fast select with no restriction on response 209 allows call user data. Userland must 210 ensure it is ours and not theirs */ 211 if(x25->facilities.reverse & 0x80) { 212 skb_put_data(skb, 213 x25->calluserdata.cuddata, 214 x25->calluserdata.cudlength); 215 } 216 x25->calluserdata.cudlength = 0; 217 break; 218 219 case X25_CLEAR_REQUEST: 220 dptr = skb_put(skb, 3); 221 *dptr++ = frametype; 222 *dptr++ = x25->causediag.cause; 223 *dptr++ = x25->causediag.diagnostic; 224 break; 225 226 case X25_RESET_REQUEST: 227 dptr = skb_put(skb, 3); 228 *dptr++ = frametype; 229 *dptr++ = 0x00; /* XXX */ 230 *dptr++ = 0x00; /* XXX */ 231 break; 232 233 case X25_RR: 234 case X25_RNR: 235 case X25_REJ: 236 if (x25->neighbour->extended) { 237 dptr = skb_put(skb, 2); 238 *dptr++ = frametype; 239 *dptr++ = (x25->vr << 1) & 0xFE; 240 } else { 241 dptr = skb_put(skb, 1); 242 *dptr = frametype; 243 *dptr++ |= (x25->vr << 5) & 0xE0; 244 } 245 break; 246 247 case X25_CLEAR_CONFIRMATION: 248 case X25_INTERRUPT_CONFIRMATION: 249 case X25_RESET_CONFIRMATION: 250 dptr = skb_put(skb, 1); 251 *dptr = frametype; 252 break; 253 } 254 255 x25_transmit_link(skb, x25->neighbour); 256 } 257 258 /* 259 * Unpick the contents of the passed X.25 Packet Layer frame. 260 */ 261 int x25_decode(struct sock *sk, struct sk_buff *skb, int *ns, int *nr, int *q, 262 int *d, int *m) 263 { 264 struct x25_sock *x25 = x25_sk(sk); 265 unsigned char *frame; 266 267 if (!pskb_may_pull(skb, X25_STD_MIN_LEN)) 268 return X25_ILLEGAL; 269 frame = skb->data; 270 271 *ns = *nr = *q = *d = *m = 0; 272 273 switch (frame[2]) { 274 case X25_CALL_REQUEST: 275 case X25_CALL_ACCEPTED: 276 case X25_CLEAR_REQUEST: 277 case X25_CLEAR_CONFIRMATION: 278 case X25_INTERRUPT: 279 case X25_INTERRUPT_CONFIRMATION: 280 case X25_RESET_REQUEST: 281 case X25_RESET_CONFIRMATION: 282 case X25_RESTART_REQUEST: 283 case X25_RESTART_CONFIRMATION: 284 case X25_REGISTRATION_REQUEST: 285 case X25_REGISTRATION_CONFIRMATION: 286 case X25_DIAGNOSTIC: 287 return frame[2]; 288 } 289 290 if (x25->neighbour->extended) { 291 if (frame[2] == X25_RR || 292 frame[2] == X25_RNR || 293 frame[2] == X25_REJ) { 294 if (!pskb_may_pull(skb, X25_EXT_MIN_LEN)) 295 return X25_ILLEGAL; 296 frame = skb->data; 297 298 *nr = (frame[3] >> 1) & 0x7F; 299 return frame[2]; 300 } 301 } else { 302 if ((frame[2] & 0x1F) == X25_RR || 303 (frame[2] & 0x1F) == X25_RNR || 304 (frame[2] & 0x1F) == X25_REJ) { 305 *nr = (frame[2] >> 5) & 0x07; 306 return frame[2] & 0x1F; 307 } 308 } 309 310 if (x25->neighbour->extended) { 311 if ((frame[2] & 0x01) == X25_DATA) { 312 if (!pskb_may_pull(skb, X25_EXT_MIN_LEN)) 313 return X25_ILLEGAL; 314 frame = skb->data; 315 316 *q = (frame[0] & X25_Q_BIT) == X25_Q_BIT; 317 *d = (frame[0] & X25_D_BIT) == X25_D_BIT; 318 *m = (frame[3] & X25_EXT_M_BIT) == X25_EXT_M_BIT; 319 *nr = (frame[3] >> 1) & 0x7F; 320 *ns = (frame[2] >> 1) & 0x7F; 321 return X25_DATA; 322 } 323 } else { 324 if ((frame[2] & 0x01) == X25_DATA) { 325 *q = (frame[0] & X25_Q_BIT) == X25_Q_BIT; 326 *d = (frame[0] & X25_D_BIT) == X25_D_BIT; 327 *m = (frame[2] & X25_STD_M_BIT) == X25_STD_M_BIT; 328 *nr = (frame[2] >> 5) & 0x07; 329 *ns = (frame[2] >> 1) & 0x07; 330 return X25_DATA; 331 } 332 } 333 334 pr_debug("invalid PLP frame %3ph\n", frame); 335 336 return X25_ILLEGAL; 337 } 338 339 void x25_disconnect(struct sock *sk, int reason, unsigned char cause, 340 unsigned char diagnostic) 341 { 342 struct x25_sock *x25 = x25_sk(sk); 343 344 x25_clear_queues(sk); 345 x25_stop_timer(sk); 346 347 x25->lci = 0; 348 x25->state = X25_STATE_0; 349 350 x25->causediag.cause = cause; 351 x25->causediag.diagnostic = diagnostic; 352 353 sk->sk_state = TCP_CLOSE; 354 sk->sk_err = reason; 355 sk->sk_shutdown |= SEND_SHUTDOWN; 356 357 if (!sock_flag(sk, SOCK_DEAD)) { 358 sk->sk_state_change(sk); 359 sock_set_flag(sk, SOCK_DEAD); 360 } 361 if (x25->neighbour) { 362 read_lock_bh(&x25_list_lock); 363 x25_neigh_put(x25->neighbour); 364 x25->neighbour = NULL; 365 read_unlock_bh(&x25_list_lock); 366 } 367 } 368 369 /* 370 * Clear an own-rx-busy condition and tell the peer about this, provided 371 * that there is a significant amount of free receive buffer space available. 372 */ 373 void x25_check_rbuf(struct sock *sk) 374 { 375 struct x25_sock *x25 = x25_sk(sk); 376 377 if (atomic_read(&sk->sk_rmem_alloc) < (sk->sk_rcvbuf >> 1) && 378 (x25->condition & X25_COND_OWN_RX_BUSY)) { 379 x25->condition &= ~X25_COND_OWN_RX_BUSY; 380 x25->condition &= ~X25_COND_ACK_PENDING; 381 x25->vl = x25->vr; 382 x25_write_internal(sk, X25_RR); 383 x25_stop_timer(sk); 384 } 385 } 386