[PATCH] ipc: headers_check fix
[linux-2.6] / net / x25 / x25_in.c
1 /*
2  *      X.25 Packet Layer release 002
3  *
4  *      This is ALPHA test software. This code may break your machine,
5  *      randomly fail to work with new releases, misbehave and/or generally
6  *      screw up. It might even work. 
7  *
8  *      This code REQUIRES 2.1.15 or higher
9  *
10  *      This module:
11  *              This module is free software; you can redistribute it and/or
12  *              modify it under the terms of the GNU General Public License
13  *              as published by the Free Software Foundation; either version
14  *              2 of the License, or (at your option) any later version.
15  *
16  *      History
17  *      X.25 001        Jonathan Naylor   Started coding.
18  *      X.25 002        Jonathan Naylor   Centralised disconnection code.
19  *                                        New timer architecture.
20  *      2000-03-20      Daniela Squassoni Disabling/enabling of facilities 
21  *                                        negotiation.
22  *      2000-11-10      Henner Eisen      Check and reset for out-of-sequence
23  *                                        i-frames.
24  */
25
26 #include <linux/errno.h>
27 #include <linux/kernel.h>
28 #include <linux/string.h>
29 #include <linux/skbuff.h>
30 #include <net/sock.h>
31 #include <net/tcp_states.h>
32 #include <net/x25.h>
33
34 static int x25_queue_rx_frame(struct sock *sk, struct sk_buff *skb, int more)
35 {
36         struct sk_buff *skbo, *skbn = skb;
37         struct x25_sock *x25 = x25_sk(sk);
38
39         if (more) {
40                 x25->fraglen += skb->len;
41                 skb_queue_tail(&x25->fragment_queue, skb);
42                 skb_set_owner_r(skb, sk);
43                 return 0;
44         }
45
46         if (!more && x25->fraglen > 0) {        /* End of fragment */
47                 int len = x25->fraglen + skb->len;
48
49                 if ((skbn = alloc_skb(len, GFP_ATOMIC)) == NULL){
50                         kfree_skb(skb);
51                         return 1;
52                 }
53
54                 skb_queue_tail(&x25->fragment_queue, skb);
55
56                 skbn->h.raw = skbn->data;
57
58                 skbo = skb_dequeue(&x25->fragment_queue);
59                 memcpy(skb_put(skbn, skbo->len), skbo->data, skbo->len);
60                 kfree_skb(skbo);
61
62                 while ((skbo =
63                         skb_dequeue(&x25->fragment_queue)) != NULL) {
64                         skb_pull(skbo, (x25->neighbour->extended) ?
65                                         X25_EXT_MIN_LEN : X25_STD_MIN_LEN);
66                         memcpy(skb_put(skbn, skbo->len), skbo->data, skbo->len);
67                         kfree_skb(skbo);
68                 }
69
70                 x25->fraglen = 0;               
71         }
72
73         skb_set_owner_r(skbn, sk);
74         skb_queue_tail(&sk->sk_receive_queue, skbn);
75         if (!sock_flag(sk, SOCK_DEAD))
76                 sk->sk_data_ready(sk, skbn->len);
77
78         return 0;
79 }
80
81 /*
82  * State machine for state 1, Awaiting Call Accepted State.
83  * The handling of the timer(s) is in file x25_timer.c.
84  * Handling of state 0 and connection release is in af_x25.c.
85  */
86 static int x25_state1_machine(struct sock *sk, struct sk_buff *skb, int frametype)
87 {
88         struct x25_address source_addr, dest_addr;
89
90         switch (frametype) {
91                 case X25_CALL_ACCEPTED: {
92                         struct x25_sock *x25 = x25_sk(sk);
93
94                         x25_stop_timer(sk);
95                         x25->condition = 0x00;
96                         x25->vs        = 0;
97                         x25->va        = 0;
98                         x25->vr        = 0;
99                         x25->vl        = 0;
100                         x25->state     = X25_STATE_3;
101                         sk->sk_state   = TCP_ESTABLISHED;
102                         /*
103                          *      Parse the data in the frame.
104                          */
105                         skb_pull(skb, X25_STD_MIN_LEN);
106                         skb_pull(skb, x25_addr_ntoa(skb->data, &source_addr, &dest_addr));
107                         skb_pull(skb,
108                                  x25_parse_facilities(skb, &x25->facilities,
109                                                 &x25->dte_facilities,
110                                                 &x25->vc_facil_mask));
111                         /*
112                          *      Copy any Call User Data.
113                          */
114                         if (skb->len >= 0) {
115                                 memcpy(x25->calluserdata.cuddata, skb->data,
116                                        skb->len);
117                                 x25->calluserdata.cudlength = skb->len;
118                         }
119                         if (!sock_flag(sk, SOCK_DEAD))
120                                 sk->sk_state_change(sk);
121                         break;
122                 }
123                 case X25_CLEAR_REQUEST:
124                         x25_write_internal(sk, X25_CLEAR_CONFIRMATION);
125                         x25_disconnect(sk, ECONNREFUSED, skb->data[3], skb->data[4]);
126                         break;
127
128                 default:
129                         break;
130         }
131
132         return 0;
133 }
134
135 /*
136  * State machine for state 2, Awaiting Clear Confirmation State.
137  * The handling of the timer(s) is in file x25_timer.c
138  * Handling of state 0 and connection release is in af_x25.c.
139  */
140 static int x25_state2_machine(struct sock *sk, struct sk_buff *skb, int frametype)
141 {
142         switch (frametype) {
143
144                 case X25_CLEAR_REQUEST:
145                         x25_write_internal(sk, X25_CLEAR_CONFIRMATION);
146                         x25_disconnect(sk, 0, skb->data[3], skb->data[4]);
147                         break;
148
149                 case X25_CLEAR_CONFIRMATION:
150                         x25_disconnect(sk, 0, 0, 0);
151                         break;
152
153                 default:
154                         break;
155         }
156
157         return 0;
158 }
159
160 /*
161  * State machine for state 3, Connected State.
162  * The handling of the timer(s) is in file x25_timer.c
163  * Handling of state 0 and connection release is in af_x25.c.
164  */
165 static int x25_state3_machine(struct sock *sk, struct sk_buff *skb, int frametype, int ns, int nr, int q, int d, int m)
166 {
167         int queued = 0;
168         int modulus;
169         struct x25_sock *x25 = x25_sk(sk);
170         
171         modulus = (x25->neighbour->extended) ? X25_EMODULUS : X25_SMODULUS;
172
173         switch (frametype) {
174
175                 case X25_RESET_REQUEST:
176                         x25_write_internal(sk, X25_RESET_CONFIRMATION);
177                         x25_stop_timer(sk);
178                         x25->condition = 0x00;
179                         x25->vs        = 0;
180                         x25->vr        = 0;
181                         x25->va        = 0;
182                         x25->vl        = 0;
183                         x25_requeue_frames(sk);
184                         break;
185
186                 case X25_CLEAR_REQUEST:
187                         x25_write_internal(sk, X25_CLEAR_CONFIRMATION);
188                         x25_disconnect(sk, 0, skb->data[3], skb->data[4]);
189                         break;
190
191                 case X25_RR:
192                 case X25_RNR:
193                         if (!x25_validate_nr(sk, nr)) {
194                                 x25_clear_queues(sk);
195                                 x25_write_internal(sk, X25_RESET_REQUEST);
196                                 x25_start_t22timer(sk);
197                                 x25->condition = 0x00;
198                                 x25->vs        = 0;
199                                 x25->vr        = 0;
200                                 x25->va        = 0;
201                                 x25->vl        = 0;
202                                 x25->state     = X25_STATE_4;
203                         } else {
204                                 x25_frames_acked(sk, nr);
205                                 if (frametype == X25_RNR) {
206                                         x25->condition |= X25_COND_PEER_RX_BUSY;
207                                 } else {
208                                         x25->condition &= ~X25_COND_PEER_RX_BUSY;
209                                 }
210                         }
211                         break;
212
213                 case X25_DATA:  /* XXX */
214                         x25->condition &= ~X25_COND_PEER_RX_BUSY;
215                         if ((ns != x25->vr) || !x25_validate_nr(sk, nr)) {
216                                 x25_clear_queues(sk);
217                                 x25_write_internal(sk, X25_RESET_REQUEST);
218                                 x25_start_t22timer(sk);
219                                 x25->condition = 0x00;
220                                 x25->vs        = 0;
221                                 x25->vr        = 0;
222                                 x25->va        = 0;
223                                 x25->vl        = 0;
224                                 x25->state     = X25_STATE_4;
225                                 break;
226                         }
227                         x25_frames_acked(sk, nr);
228                         if (ns == x25->vr) {
229                                 if (x25_queue_rx_frame(sk, skb, m) == 0) {
230                                         x25->vr = (x25->vr + 1) % modulus;
231                                         queued = 1;
232                                 } else {
233                                         /* Should never happen */
234                                         x25_clear_queues(sk);
235                                         x25_write_internal(sk, X25_RESET_REQUEST);
236                                         x25_start_t22timer(sk);
237                                         x25->condition = 0x00;
238                                         x25->vs        = 0;
239                                         x25->vr        = 0;
240                                         x25->va        = 0;
241                                         x25->vl        = 0;
242                                         x25->state     = X25_STATE_4;
243                                         break;
244                                 }
245                                 if (atomic_read(&sk->sk_rmem_alloc) >
246                                     (sk->sk_rcvbuf / 2))
247                                         x25->condition |= X25_COND_OWN_RX_BUSY;
248                         }
249                         /*
250                          *      If the window is full Ack it immediately, else
251                          *      start the holdback timer.
252                          */
253                         if (((x25->vl + x25->facilities.winsize_in) % modulus) == x25->vr) {
254                                 x25->condition &= ~X25_COND_ACK_PENDING;
255                                 x25_stop_timer(sk);
256                                 x25_enquiry_response(sk);
257                         } else {
258                                 x25->condition |= X25_COND_ACK_PENDING;
259                                 x25_start_t2timer(sk);
260                         }
261                         break;
262
263                 case X25_INTERRUPT_CONFIRMATION:
264                         x25->intflag = 0;
265                         break;
266
267                 case X25_INTERRUPT:
268                         if (sock_flag(sk, SOCK_URGINLINE))
269                                 queued = !sock_queue_rcv_skb(sk, skb);
270                         else {
271                                 skb_set_owner_r(skb, sk);
272                                 skb_queue_tail(&x25->interrupt_in_queue, skb);
273                                 queued = 1;
274                         }
275                         sk_send_sigurg(sk);
276                         x25_write_internal(sk, X25_INTERRUPT_CONFIRMATION);
277                         break;
278
279                 default:
280                         printk(KERN_WARNING "x25: unknown %02X in state 3\n", frametype);
281                         break;
282         }
283
284         return queued;
285 }
286
287 /*
288  * State machine for state 4, Awaiting Reset Confirmation State.
289  * The handling of the timer(s) is in file x25_timer.c
290  * Handling of state 0 and connection release is in af_x25.c.
291  */
292 static int x25_state4_machine(struct sock *sk, struct sk_buff *skb, int frametype)
293 {
294         switch (frametype) {
295
296                 case X25_RESET_REQUEST:
297                         x25_write_internal(sk, X25_RESET_CONFIRMATION);
298                 case X25_RESET_CONFIRMATION: {
299                         struct x25_sock *x25 = x25_sk(sk);
300
301                         x25_stop_timer(sk);
302                         x25->condition = 0x00;
303                         x25->va        = 0;
304                         x25->vr        = 0;
305                         x25->vs        = 0;
306                         x25->vl        = 0;
307                         x25->state     = X25_STATE_3;
308                         x25_requeue_frames(sk);
309                         break;
310                 }
311                 case X25_CLEAR_REQUEST:
312                         x25_write_internal(sk, X25_CLEAR_CONFIRMATION);
313                         x25_disconnect(sk, 0, skb->data[3], skb->data[4]);
314                         break;
315
316                 default:
317                         break;
318         }
319
320         return 0;
321 }
322
323 /* Higher level upcall for a LAPB frame */
324 int x25_process_rx_frame(struct sock *sk, struct sk_buff *skb)
325 {
326         struct x25_sock *x25 = x25_sk(sk);
327         int queued = 0, frametype, ns, nr, q, d, m;
328
329         if (x25->state == X25_STATE_0)
330                 return 0;
331
332         frametype = x25_decode(sk, skb, &ns, &nr, &q, &d, &m);
333
334         switch (x25->state) {
335                 case X25_STATE_1:
336                         queued = x25_state1_machine(sk, skb, frametype);
337                         break;
338                 case X25_STATE_2:
339                         queued = x25_state2_machine(sk, skb, frametype);
340                         break;
341                 case X25_STATE_3:
342                         queued = x25_state3_machine(sk, skb, frametype, ns, nr, q, d, m);
343                         break;
344                 case X25_STATE_4:
345                         queued = x25_state4_machine(sk, skb, frametype);
346                         break;
347         }
348
349         x25_kick(sk);
350
351         return queued;
352 }
353
354 int x25_backlog_rcv(struct sock *sk, struct sk_buff *skb)
355 {
356         int queued = x25_process_rx_frame(sk, skb);
357
358         if (!queued)
359                 kfree_skb(skb);
360
361         return 0;
362 }