[SCSI] fusion - memory leak, and initializing fields
[linux-2.6] / net / ax25 / ax25_route.c
1 /*
2  * This program is free software; you can redistribute it and/or modify
3  * it under the terms of the GNU General Public License as published by
4  * the Free Software Foundation; either version 2 of the License, or
5  * (at your option) any later version.
6  *
7  * Copyright (C) Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk)
8  * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
9  * Copyright (C) Steven Whitehouse GW7RRM (stevew@acm.org)
10  * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de)
11  * Copyright (C) Hans-Joachim Hetscher DD8NE (dd8ne@bnv-bamberg.de)
12  * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr)
13  */
14
15 #include <linux/capability.h>
16 #include <linux/errno.h>
17 #include <linux/types.h>
18 #include <linux/socket.h>
19 #include <linux/timer.h>
20 #include <linux/in.h>
21 #include <linux/kernel.h>
22 #include <linux/sched.h>
23 #include <linux/string.h>
24 #include <linux/sockios.h>
25 #include <linux/net.h>
26 #include <net/ax25.h>
27 #include <linux/inet.h>
28 #include <linux/netdevice.h>
29 #include <linux/if_arp.h>
30 #include <linux/skbuff.h>
31 #include <linux/spinlock.h>
32 #include <net/sock.h>
33 #include <asm/uaccess.h>
34 #include <asm/system.h>
35 #include <linux/fcntl.h>
36 #include <linux/mm.h>
37 #include <linux/interrupt.h>
38 #include <linux/init.h>
39 #include <linux/seq_file.h>
40
41 static ax25_route *ax25_route_list;
42 static DEFINE_RWLOCK(ax25_route_lock);
43
44 static ax25_route *ax25_get_route(ax25_address *, struct net_device *);
45
46 void ax25_rt_device_down(struct net_device *dev)
47 {
48         ax25_route *s, *t, *ax25_rt;
49
50         write_lock(&ax25_route_lock);
51         ax25_rt = ax25_route_list;
52         while (ax25_rt != NULL) {
53                 s       = ax25_rt;
54                 ax25_rt = ax25_rt->next;
55
56                 if (s->dev == dev) {
57                         if (ax25_route_list == s) {
58                                 ax25_route_list = s->next;
59                                 kfree(s->digipeat);
60                                 kfree(s);
61                         } else {
62                                 for (t = ax25_route_list; t != NULL; t = t->next) {
63                                         if (t->next == s) {
64                                                 t->next = s->next;
65                                                 kfree(s->digipeat);
66                                                 kfree(s);
67                                                 break;
68                                         }
69                                 }
70                         }
71                 }
72         }
73         write_unlock(&ax25_route_lock);
74 }
75
76 static int ax25_rt_add(struct ax25_routes_struct *route)
77 {
78         ax25_route *ax25_rt;
79         ax25_dev *ax25_dev;
80         int i;
81
82         if ((ax25_dev = ax25_addr_ax25dev(&route->port_addr)) == NULL)
83                 return -EINVAL;
84         if (route->digi_count > AX25_MAX_DIGIS)
85                 return -EINVAL;
86
87         write_lock(&ax25_route_lock);
88
89         ax25_rt = ax25_route_list;
90         while (ax25_rt != NULL) {
91                 if (ax25cmp(&ax25_rt->callsign, &route->dest_addr) == 0 &&
92                             ax25_rt->dev == ax25_dev->dev) {
93                         kfree(ax25_rt->digipeat);
94                         ax25_rt->digipeat = NULL;
95                         if (route->digi_count != 0) {
96                                 if ((ax25_rt->digipeat = kmalloc(sizeof(ax25_digi), GFP_ATOMIC)) == NULL) {
97                                         write_unlock(&ax25_route_lock);
98                                         return -ENOMEM;
99                                 }
100                                 ax25_rt->digipeat->lastrepeat = -1;
101                                 ax25_rt->digipeat->ndigi      = route->digi_count;
102                                 for (i = 0; i < route->digi_count; i++) {
103                                         ax25_rt->digipeat->repeated[i] = 0;
104                                         ax25_rt->digipeat->calls[i]    = route->digi_addr[i];
105                                 }
106                         }
107                         write_unlock(&ax25_route_lock);
108                         return 0;
109                 }
110                 ax25_rt = ax25_rt->next;
111         }
112
113         if ((ax25_rt = kmalloc(sizeof(ax25_route), GFP_ATOMIC)) == NULL) {
114                 write_unlock(&ax25_route_lock);
115                 return -ENOMEM;
116         }
117
118         atomic_set(&ax25_rt->ref, 0);
119         ax25_rt->callsign     = route->dest_addr;
120         ax25_rt->dev          = ax25_dev->dev;
121         ax25_rt->digipeat     = NULL;
122         ax25_rt->ip_mode      = ' ';
123         if (route->digi_count != 0) {
124                 if ((ax25_rt->digipeat = kmalloc(sizeof(ax25_digi), GFP_ATOMIC)) == NULL) {
125                         write_unlock(&ax25_route_lock);
126                         kfree(ax25_rt);
127                         return -ENOMEM;
128                 }
129                 ax25_rt->digipeat->lastrepeat = -1;
130                 ax25_rt->digipeat->ndigi      = route->digi_count;
131                 for (i = 0; i < route->digi_count; i++) {
132                         ax25_rt->digipeat->repeated[i] = 0;
133                         ax25_rt->digipeat->calls[i]    = route->digi_addr[i];
134                 }
135         }
136         ax25_rt->next   = ax25_route_list;
137         ax25_route_list = ax25_rt;
138         write_unlock(&ax25_route_lock);
139
140         return 0;
141 }
142
143 static void ax25_rt_destroy(ax25_route *ax25_rt)
144 {
145         if (atomic_read(&ax25_rt->ref) == 0) {
146                 kfree(ax25_rt->digipeat);
147                 kfree(ax25_rt);
148                 return;
149         }
150
151         /*
152          * Uh...  Route is still in use; we can't yet destroy it.  Retry later.
153          */
154         init_timer(&ax25_rt->timer);
155         ax25_rt->timer.data     = (unsigned long) ax25_rt;
156         ax25_rt->timer.function = (void *) ax25_rt_destroy;
157         ax25_rt->timer.expires  = jiffies + 5 * HZ;
158
159         add_timer(&ax25_rt->timer);
160 }
161
162 static int ax25_rt_del(struct ax25_routes_struct *route)
163 {
164         ax25_route *s, *t, *ax25_rt;
165         ax25_dev *ax25_dev;
166
167         if ((ax25_dev = ax25_addr_ax25dev(&route->port_addr)) == NULL)
168                 return -EINVAL;
169
170         write_lock(&ax25_route_lock);
171
172         ax25_rt = ax25_route_list;
173         while (ax25_rt != NULL) {
174                 s       = ax25_rt;
175                 ax25_rt = ax25_rt->next;
176                 if (s->dev == ax25_dev->dev &&
177                     ax25cmp(&route->dest_addr, &s->callsign) == 0) {
178                         if (ax25_route_list == s) {
179                                 ax25_route_list = s->next;
180                                 ax25_rt_destroy(s);
181                         } else {
182                                 for (t = ax25_route_list; t != NULL; t = t->next) {
183                                         if (t->next == s) {
184                                                 t->next = s->next;
185                                                 ax25_rt_destroy(s);
186                                                 break;
187                                         }
188                                 }
189                         }
190                 }
191         }
192         write_unlock(&ax25_route_lock);
193
194         return 0;
195 }
196
197 static int ax25_rt_opt(struct ax25_route_opt_struct *rt_option)
198 {
199         ax25_route *ax25_rt;
200         ax25_dev *ax25_dev;
201         int err = 0;
202
203         if ((ax25_dev = ax25_addr_ax25dev(&rt_option->port_addr)) == NULL)
204                 return -EINVAL;
205
206         write_lock(&ax25_route_lock);
207
208         ax25_rt = ax25_route_list;
209         while (ax25_rt != NULL) {
210                 if (ax25_rt->dev == ax25_dev->dev &&
211                     ax25cmp(&rt_option->dest_addr, &ax25_rt->callsign) == 0) {
212                         switch (rt_option->cmd) {
213                         case AX25_SET_RT_IPMODE:
214                                 switch (rt_option->arg) {
215                                 case ' ':
216                                 case 'D':
217                                 case 'V':
218                                         ax25_rt->ip_mode = rt_option->arg;
219                                         break;
220                                 default:
221                                         err = -EINVAL;
222                                         goto out;
223                                 }
224                                 break;
225                         default:
226                                 err = -EINVAL;
227                                 goto out;
228                         }
229                 }
230                 ax25_rt = ax25_rt->next;
231         }
232
233 out:
234         write_unlock(&ax25_route_lock);
235         return err;
236 }
237
238 int ax25_rt_ioctl(unsigned int cmd, void __user *arg)
239 {
240         struct ax25_route_opt_struct rt_option;
241         struct ax25_routes_struct route;
242
243         switch (cmd) {
244         case SIOCADDRT:
245                 if (copy_from_user(&route, arg, sizeof(route)))
246                         return -EFAULT;
247                 return ax25_rt_add(&route);
248
249         case SIOCDELRT:
250                 if (copy_from_user(&route, arg, sizeof(route)))
251                         return -EFAULT;
252                 return ax25_rt_del(&route);
253
254         case SIOCAX25OPTRT:
255                 if (copy_from_user(&rt_option, arg, sizeof(rt_option)))
256                         return -EFAULT;
257                 return ax25_rt_opt(&rt_option);
258
259         default:
260                 return -EINVAL;
261         }
262 }
263
264 #ifdef CONFIG_PROC_FS
265
266 static void *ax25_rt_seq_start(struct seq_file *seq, loff_t *pos)
267 {
268         struct ax25_route *ax25_rt;
269         int i = 1;
270  
271         read_lock(&ax25_route_lock);
272         if (*pos == 0)
273                 return SEQ_START_TOKEN;
274
275         for (ax25_rt = ax25_route_list; ax25_rt != NULL; ax25_rt = ax25_rt->next) {
276                 if (i == *pos)
277                         return ax25_rt;
278                 ++i;
279         }
280
281         return NULL;
282 }
283
284 static void *ax25_rt_seq_next(struct seq_file *seq, void *v, loff_t *pos)
285 {
286         ++*pos;
287         return (v == SEQ_START_TOKEN) ? ax25_route_list : 
288                 ((struct ax25_route *) v)->next;
289 }
290
291 static void ax25_rt_seq_stop(struct seq_file *seq, void *v)
292 {
293         read_unlock(&ax25_route_lock);
294 }
295
296 static int ax25_rt_seq_show(struct seq_file *seq, void *v)
297 {
298         char buf[11];
299
300         if (v == SEQ_START_TOKEN)
301                 seq_puts(seq, "callsign  dev  mode digipeaters\n");
302         else {
303                 struct ax25_route *ax25_rt = v;
304                 const char *callsign;
305                 int i;
306
307                 if (ax25cmp(&ax25_rt->callsign, &null_ax25_address) == 0)
308                         callsign = "default";
309                 else
310                         callsign = ax2asc(buf, &ax25_rt->callsign);
311
312                 seq_printf(seq, "%-9s %-4s",
313                         callsign,
314                         ax25_rt->dev ? ax25_rt->dev->name : "???");
315
316                 switch (ax25_rt->ip_mode) {
317                 case 'V':
318                         seq_puts(seq, "   vc");
319                         break;
320                 case 'D':
321                         seq_puts(seq, "   dg");
322                         break;
323                 default:
324                         seq_puts(seq, "    *");
325                         break;
326                 }
327
328                 if (ax25_rt->digipeat != NULL)
329                         for (i = 0; i < ax25_rt->digipeat->ndigi; i++)
330                                 seq_printf(seq, " %s",
331                                      ax2asc(buf, &ax25_rt->digipeat->calls[i]));
332
333                 seq_puts(seq, "\n");
334         }
335         return 0;
336 }
337
338 static struct seq_operations ax25_rt_seqops = {
339         .start = ax25_rt_seq_start,
340         .next = ax25_rt_seq_next,
341         .stop = ax25_rt_seq_stop,
342         .show = ax25_rt_seq_show,
343 };
344
345 static int ax25_rt_info_open(struct inode *inode, struct file *file)
346 {
347         return seq_open(file, &ax25_rt_seqops);
348 }
349
350 struct file_operations ax25_route_fops = {
351         .owner = THIS_MODULE,
352         .open = ax25_rt_info_open,
353         .read = seq_read,
354         .llseek = seq_lseek,
355         .release = seq_release,
356 };
357
358 #endif
359
360 /*
361  *      Find AX.25 route
362  *
363  *      Only routes with a refernce rout of zero can be destroyed.
364  */
365 static ax25_route *ax25_get_route(ax25_address *addr, struct net_device *dev)
366 {
367         ax25_route *ax25_spe_rt = NULL;
368         ax25_route *ax25_def_rt = NULL;
369         ax25_route *ax25_rt;
370
371         read_lock(&ax25_route_lock);
372         /*
373          *      Bind to the physical interface we heard them on, or the default
374          *      route if none is found;
375          */
376         for (ax25_rt = ax25_route_list; ax25_rt != NULL; ax25_rt = ax25_rt->next) {
377                 if (dev == NULL) {
378                         if (ax25cmp(&ax25_rt->callsign, addr) == 0 && ax25_rt->dev != NULL)
379                                 ax25_spe_rt = ax25_rt;
380                         if (ax25cmp(&ax25_rt->callsign, &null_ax25_address) == 0 && ax25_rt->dev != NULL)
381                                 ax25_def_rt = ax25_rt;
382                 } else {
383                         if (ax25cmp(&ax25_rt->callsign, addr) == 0 && ax25_rt->dev == dev)
384                                 ax25_spe_rt = ax25_rt;
385                         if (ax25cmp(&ax25_rt->callsign, &null_ax25_address) == 0 && ax25_rt->dev == dev)
386                                 ax25_def_rt = ax25_rt;
387                 }
388         }
389
390         ax25_rt = ax25_def_rt;
391         if (ax25_spe_rt != NULL)
392                 ax25_rt = ax25_spe_rt;
393
394         if (ax25_rt != NULL)
395                 atomic_inc(&ax25_rt->ref);
396
397         read_unlock(&ax25_route_lock);
398
399         return ax25_rt;
400 }
401
402 /*
403  *      Adjust path: If you specify a default route and want to connect
404  *      a target on the digipeater path but w/o having a special route
405  *      set before, the path has to be truncated from your target on.
406  */
407 static inline void ax25_adjust_path(ax25_address *addr, ax25_digi *digipeat)
408 {
409         int k;
410
411         for (k = 0; k < digipeat->ndigi; k++) {
412                 if (ax25cmp(addr, &digipeat->calls[k]) == 0)
413                         break;
414         }
415
416         digipeat->ndigi = k;
417 }
418
419
420 /*
421  *      Find which interface to use.
422  */
423 int ax25_rt_autobind(ax25_cb *ax25, ax25_address *addr)
424 {
425         ax25_uid_assoc *user;
426         ax25_route *ax25_rt;
427         int err;
428
429         if ((ax25_rt = ax25_get_route(addr, NULL)) == NULL)
430                 return -EHOSTUNREACH;
431
432         if ((ax25->ax25_dev = ax25_dev_ax25dev(ax25_rt->dev)) == NULL) {
433                 err = -EHOSTUNREACH;
434                 goto put;
435         }
436
437         user = ax25_findbyuid(current->euid);
438         if (user) {
439                 ax25->source_addr = user->call;
440                 ax25_uid_put(user);
441         } else {
442                 if (ax25_uid_policy && !capable(CAP_NET_BIND_SERVICE)) {
443                         err = -EPERM;
444                         goto put;
445                 }
446                 ax25->source_addr = *(ax25_address *)ax25->ax25_dev->dev->dev_addr;
447         }
448
449         if (ax25_rt->digipeat != NULL) {
450                 if ((ax25->digipeat = kmalloc(sizeof(ax25_digi), GFP_ATOMIC)) == NULL) {
451                         err = -ENOMEM;
452                         goto put;
453                 }
454                 memcpy(ax25->digipeat, ax25_rt->digipeat, sizeof(ax25_digi));
455                 ax25_adjust_path(addr, ax25->digipeat);
456         }
457
458         if (ax25->sk != NULL) {
459                 bh_lock_sock(ax25->sk);
460                 sock_reset_flag(ax25->sk, SOCK_ZAPPED);
461                 bh_unlock_sock(ax25->sk);
462         }
463
464 put:
465         ax25_put_route(ax25_rt);
466
467         return 0;
468 }
469
470 ax25_route *ax25_rt_find_route(ax25_route * route, ax25_address *addr,
471         struct net_device *dev)
472 {
473         ax25_route *ax25_rt;
474
475         if ((ax25_rt = ax25_get_route(addr, dev)))
476                 return ax25_rt;
477
478         route->next     = NULL;
479         atomic_set(&route->ref, 1);
480         route->callsign = *addr;
481         route->dev      = dev;
482         route->digipeat = NULL;
483         route->ip_mode  = ' ';
484
485         return route;
486 }
487
488 struct sk_buff *ax25_rt_build_path(struct sk_buff *skb, ax25_address *src,
489         ax25_address *dest, ax25_digi *digi)
490 {
491         struct sk_buff *skbn;
492         unsigned char *bp;
493         int len;
494
495         len = digi->ndigi * AX25_ADDR_LEN;
496
497         if (skb_headroom(skb) < len) {
498                 if ((skbn = skb_realloc_headroom(skb, len)) == NULL) {
499                         printk(KERN_CRIT "AX.25: ax25_dg_build_path - out of memory\n");
500                         return NULL;
501                 }
502
503                 if (skb->sk != NULL)
504                         skb_set_owner_w(skbn, skb->sk);
505
506                 kfree_skb(skb);
507
508                 skb = skbn;
509         }
510
511         bp = skb_push(skb, len);
512
513         ax25_addr_build(bp, src, dest, digi, AX25_COMMAND, AX25_MODULUS);
514
515         return skb;
516 }
517
518 /*
519  *      Free all memory associated with routing structures.
520  */
521 void __exit ax25_rt_free(void)
522 {
523         ax25_route *s, *ax25_rt = ax25_route_list;
524
525         write_lock(&ax25_route_lock);
526         while (ax25_rt != NULL) {
527                 s       = ax25_rt;
528                 ax25_rt = ax25_rt->next;
529
530                 kfree(s->digipeat);
531                 kfree(s);
532         }
533         write_unlock(&ax25_route_lock);
534 }