31642e7089
Simon Kapadia reported the following issue:
<quote>
The Online Amateur Radio Community (OARC) has recently been experimenting
with building a nationwide packet network in the UK.
As part of our experimentation, we have been testing out packet on 300bps HF,
and playing with net/rom. For HF packet at this baud rate you really need
to make sure that your MTU is relatively low; AX.25 suggests a PACLEN of 60,
and a net/rom PACLEN of 40 to go with that.
However the Linux net/rom support didn't work with a low PACLEN;
the mkiss module would truncate packets if you set the PACLEN below about 200 or so, e.g.:
Apr 19 14:00:51 radio kernel: [12985.747310] mkiss: ax1: truncating oversized transmit packet!
This didn't make any sense to me (if the packets are smaller why would they
be truncated?) so I started investigating.
I looked at the packets using ethereal, and found that many were just huge
compared to what I would expect.
A simple net/rom connection request packet had the request and then a bunch
of what appeared to be random data following it:
</quote>
Simon provided a patch that I slightly revised:
Not only we must not use skb_tailroom(), we also do
not want to count NR_NETWORK_LEN twice.
Fixes: 1da177e4c3
("Linux-2.6.12-rc2")
Co-Developed-by: Simon Kapadia <szymon@kapadia.pl>
Signed-off-by: Simon Kapadia <szymon@kapadia.pl>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Tested-by: Simon Kapadia <szymon@kapadia.pl>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Link: https://lore.kernel.org/r/20230524141456.1045467-1-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
280 lines
5.8 KiB
C
280 lines
5.8 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/*
|
|
*
|
|
* Copyright Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk)
|
|
*/
|
|
#include <linux/errno.h>
|
|
#include <linux/types.h>
|
|
#include <linux/socket.h>
|
|
#include <linux/in.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/timer.h>
|
|
#include <linux/string.h>
|
|
#include <linux/sockios.h>
|
|
#include <linux/net.h>
|
|
#include <linux/slab.h>
|
|
#include <net/ax25.h>
|
|
#include <linux/inet.h>
|
|
#include <linux/netdevice.h>
|
|
#include <linux/skbuff.h>
|
|
#include <net/sock.h>
|
|
#include <net/tcp_states.h>
|
|
#include <linux/uaccess.h>
|
|
#include <linux/fcntl.h>
|
|
#include <linux/mm.h>
|
|
#include <linux/interrupt.h>
|
|
#include <net/netrom.h>
|
|
|
|
/*
|
|
* This routine purges all of the queues of frames.
|
|
*/
|
|
void nr_clear_queues(struct sock *sk)
|
|
{
|
|
struct nr_sock *nr = nr_sk(sk);
|
|
|
|
skb_queue_purge(&sk->sk_write_queue);
|
|
skb_queue_purge(&nr->ack_queue);
|
|
skb_queue_purge(&nr->reseq_queue);
|
|
skb_queue_purge(&nr->frag_queue);
|
|
}
|
|
|
|
/*
|
|
* This routine purges the input queue of those frames that have been
|
|
* acknowledged. This replaces the boxes labelled "V(a) <- N(r)" on the
|
|
* SDL diagram.
|
|
*/
|
|
void nr_frames_acked(struct sock *sk, unsigned short nr)
|
|
{
|
|
struct nr_sock *nrom = nr_sk(sk);
|
|
struct sk_buff *skb;
|
|
|
|
/*
|
|
* Remove all the ack-ed frames from the ack queue.
|
|
*/
|
|
if (nrom->va != nr) {
|
|
while (skb_peek(&nrom->ack_queue) != NULL && nrom->va != nr) {
|
|
skb = skb_dequeue(&nrom->ack_queue);
|
|
kfree_skb(skb);
|
|
nrom->va = (nrom->va + 1) % NR_MODULUS;
|
|
}
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Requeue all the un-ack-ed frames on the output queue to be picked
|
|
* up by nr_kick called from the timer. This arrangement handles the
|
|
* possibility of an empty output queue.
|
|
*/
|
|
void nr_requeue_frames(struct sock *sk)
|
|
{
|
|
struct sk_buff *skb, *skb_prev = NULL;
|
|
|
|
while ((skb = skb_dequeue(&nr_sk(sk)->ack_queue)) != NULL) {
|
|
if (skb_prev == NULL)
|
|
skb_queue_head(&sk->sk_write_queue, skb);
|
|
else
|
|
skb_append(skb_prev, skb, &sk->sk_write_queue);
|
|
skb_prev = skb;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Validate that the value of nr is between va and vs. Return true or
|
|
* false for testing.
|
|
*/
|
|
int nr_validate_nr(struct sock *sk, unsigned short nr)
|
|
{
|
|
struct nr_sock *nrom = nr_sk(sk);
|
|
unsigned short vc = nrom->va;
|
|
|
|
while (vc != nrom->vs) {
|
|
if (nr == vc) return 1;
|
|
vc = (vc + 1) % NR_MODULUS;
|
|
}
|
|
|
|
return nr == nrom->vs;
|
|
}
|
|
|
|
/*
|
|
* Check that ns is within the receive window.
|
|
*/
|
|
int nr_in_rx_window(struct sock *sk, unsigned short ns)
|
|
{
|
|
struct nr_sock *nr = nr_sk(sk);
|
|
unsigned short vc = nr->vr;
|
|
unsigned short vt = (nr->vl + nr->window) % NR_MODULUS;
|
|
|
|
while (vc != vt) {
|
|
if (ns == vc) return 1;
|
|
vc = (vc + 1) % NR_MODULUS;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* This routine is called when the HDLC layer internally generates a
|
|
* control frame.
|
|
*/
|
|
void nr_write_internal(struct sock *sk, int frametype)
|
|
{
|
|
struct nr_sock *nr = nr_sk(sk);
|
|
struct sk_buff *skb;
|
|
unsigned char *dptr;
|
|
int len, timeout;
|
|
|
|
len = NR_TRANSPORT_LEN;
|
|
|
|
switch (frametype & 0x0F) {
|
|
case NR_CONNREQ:
|
|
len += 17;
|
|
break;
|
|
case NR_CONNACK:
|
|
len += (nr->bpqext) ? 2 : 1;
|
|
break;
|
|
case NR_DISCREQ:
|
|
case NR_DISCACK:
|
|
case NR_INFOACK:
|
|
break;
|
|
default:
|
|
printk(KERN_ERR "NET/ROM: nr_write_internal - invalid frame type %d\n", frametype);
|
|
return;
|
|
}
|
|
|
|
skb = alloc_skb(NR_NETWORK_LEN + len, GFP_ATOMIC);
|
|
if (!skb)
|
|
return;
|
|
|
|
/*
|
|
* Space for AX.25 and NET/ROM network header
|
|
*/
|
|
skb_reserve(skb, NR_NETWORK_LEN);
|
|
|
|
dptr = skb_put(skb, len);
|
|
|
|
switch (frametype & 0x0F) {
|
|
case NR_CONNREQ:
|
|
timeout = nr->t1 / HZ;
|
|
*dptr++ = nr->my_index;
|
|
*dptr++ = nr->my_id;
|
|
*dptr++ = 0;
|
|
*dptr++ = 0;
|
|
*dptr++ = frametype;
|
|
*dptr++ = nr->window;
|
|
memcpy(dptr, &nr->user_addr, AX25_ADDR_LEN);
|
|
dptr[6] &= ~AX25_CBIT;
|
|
dptr[6] &= ~AX25_EBIT;
|
|
dptr[6] |= AX25_SSSID_SPARE;
|
|
dptr += AX25_ADDR_LEN;
|
|
memcpy(dptr, &nr->source_addr, AX25_ADDR_LEN);
|
|
dptr[6] &= ~AX25_CBIT;
|
|
dptr[6] &= ~AX25_EBIT;
|
|
dptr[6] |= AX25_SSSID_SPARE;
|
|
dptr += AX25_ADDR_LEN;
|
|
*dptr++ = timeout % 256;
|
|
*dptr++ = timeout / 256;
|
|
break;
|
|
|
|
case NR_CONNACK:
|
|
*dptr++ = nr->your_index;
|
|
*dptr++ = nr->your_id;
|
|
*dptr++ = nr->my_index;
|
|
*dptr++ = nr->my_id;
|
|
*dptr++ = frametype;
|
|
*dptr++ = nr->window;
|
|
if (nr->bpqext) *dptr++ = sysctl_netrom_network_ttl_initialiser;
|
|
break;
|
|
|
|
case NR_DISCREQ:
|
|
case NR_DISCACK:
|
|
*dptr++ = nr->your_index;
|
|
*dptr++ = nr->your_id;
|
|
*dptr++ = 0;
|
|
*dptr++ = 0;
|
|
*dptr++ = frametype;
|
|
break;
|
|
|
|
case NR_INFOACK:
|
|
*dptr++ = nr->your_index;
|
|
*dptr++ = nr->your_id;
|
|
*dptr++ = 0;
|
|
*dptr++ = nr->vr;
|
|
*dptr++ = frametype;
|
|
break;
|
|
}
|
|
|
|
nr_transmit_buffer(sk, skb);
|
|
}
|
|
|
|
/*
|
|
* This routine is called to send an error reply.
|
|
*/
|
|
void __nr_transmit_reply(struct sk_buff *skb, int mine, unsigned char cmdflags)
|
|
{
|
|
struct sk_buff *skbn;
|
|
unsigned char *dptr;
|
|
int len;
|
|
|
|
len = NR_NETWORK_LEN + NR_TRANSPORT_LEN + 1;
|
|
|
|
if ((skbn = alloc_skb(len, GFP_ATOMIC)) == NULL)
|
|
return;
|
|
|
|
skb_reserve(skbn, 0);
|
|
|
|
dptr = skb_put(skbn, NR_NETWORK_LEN + NR_TRANSPORT_LEN);
|
|
|
|
skb_copy_from_linear_data_offset(skb, 7, dptr, AX25_ADDR_LEN);
|
|
dptr[6] &= ~AX25_CBIT;
|
|
dptr[6] &= ~AX25_EBIT;
|
|
dptr[6] |= AX25_SSSID_SPARE;
|
|
dptr += AX25_ADDR_LEN;
|
|
|
|
skb_copy_from_linear_data(skb, dptr, AX25_ADDR_LEN);
|
|
dptr[6] &= ~AX25_CBIT;
|
|
dptr[6] |= AX25_EBIT;
|
|
dptr[6] |= AX25_SSSID_SPARE;
|
|
dptr += AX25_ADDR_LEN;
|
|
|
|
*dptr++ = sysctl_netrom_network_ttl_initialiser;
|
|
|
|
if (mine) {
|
|
*dptr++ = 0;
|
|
*dptr++ = 0;
|
|
*dptr++ = skb->data[15];
|
|
*dptr++ = skb->data[16];
|
|
} else {
|
|
*dptr++ = skb->data[15];
|
|
*dptr++ = skb->data[16];
|
|
*dptr++ = 0;
|
|
*dptr++ = 0;
|
|
}
|
|
|
|
*dptr++ = cmdflags;
|
|
*dptr++ = 0;
|
|
|
|
if (!nr_route_frame(skbn, NULL))
|
|
kfree_skb(skbn);
|
|
}
|
|
|
|
void nr_disconnect(struct sock *sk, int reason)
|
|
{
|
|
nr_stop_t1timer(sk);
|
|
nr_stop_t2timer(sk);
|
|
nr_stop_t4timer(sk);
|
|
nr_stop_idletimer(sk);
|
|
|
|
nr_clear_queues(sk);
|
|
|
|
nr_sk(sk)->state = NR_STATE_0;
|
|
|
|
sk->sk_state = TCP_CLOSE;
|
|
sk->sk_err = reason;
|
|
sk->sk_shutdown |= SEND_SHUTDOWN;
|
|
|
|
if (!sock_flag(sk, SOCK_DEAD)) {
|
|
sk->sk_state_change(sk);
|
|
sock_set_flag(sk, SOCK_DEAD);
|
|
}
|
|
}
|