1/* 2 * Generic PPP layer for Linux. 3 * 4 * Copyright 1999-2002 Paul Mackerras. 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 * The generic PPP layer handles the PPP network interfaces, the 12 * /dev/ppp device, packet and VJ compression, and multilink. 13 * It talks to PPP `channels' via the interface defined in 14 * include/linux/ppp_channel.h. Channels provide the basic means for 15 * sending and receiving PPP frames on some kind of communications 16 * channel. 17 * 18 * Part of the code in this driver was inspired by the old async-only 19 * PPP driver, written by Michael Callahan and Al Longyear, and 20 * subsequently hacked by Paul Mackerras. 21 * 22 * ==FILEVERSION 20041108== 23 */ 24 25#include <linux/module.h> 26#include <linux/kernel.h> 27#include <linux/kmod.h> 28#include <linux/init.h> 29#include <linux/list.h> 30#include <linux/idr.h> 31#include <linux/netdevice.h> 32#include <linux/poll.h> 33#include <linux/ppp_defs.h> 34#include <linux/filter.h> 35#include <linux/if_ppp.h> 36#include <linux/ppp_channel.h> 37#include <linux/ppp-comp.h> 38#include <linux/skbuff.h> 39#include <linux/rtnetlink.h> 40#include <linux/if_arp.h> 41#include <linux/ip.h> 42#include <linux/tcp.h> 43#include <linux/spinlock.h> 44#include <linux/rwsem.h> 45#include <linux/stddef.h> 46#include <linux/device.h> 47#include <linux/mutex.h> 48#include <linux/slab.h> 49#include <net/slhc_vj.h> 50#include <asm/atomic.h> 51 52#include <linux/nsproxy.h> 53#include <net/net_namespace.h> 54#include <net/netns/generic.h> 55 56#ifdef HNDCTF 57#define TYPEDEF_INT32 58#include <ctf/hndctf.h> 59#endif 60 61#define PPP_VERSION "2.4.2" 62 63/* 64 * Network protocols we support. 65 */ 66#define NP_IP 0 /* Internet Protocol V4 */ 67#define NP_IPV6 1 /* Internet Protocol V6 */ 68#define NP_IPX 2 /* IPX protocol */ 69#define NP_AT 3 /* Appletalk protocol */ 70#define NP_MPLS_UC 4 /* MPLS unicast */ 71#define NP_MPLS_MC 5 /* MPLS multicast */ 72#define NUM_NP 6 /* Number of NPs. */ 73 74#define MPHDRLEN 6 /* multilink protocol header length */ 75#define MPHDRLEN_SSN 4 /* ditto with short sequence numbers */ 76 77/* 78 * An instance of /dev/ppp can be associated with either a ppp 79 * interface unit or a ppp channel. In both cases, file->private_data 80 * points to one of these. 81 */ 82struct ppp_file { 83 enum { 84 INTERFACE=1, CHANNEL 85 } kind; 86 struct sk_buff_head xq; /* pppd transmit queue */ 87 struct sk_buff_head rq; /* receive queue for pppd */ 88 wait_queue_head_t rwait; /* for poll on reading /dev/ppp */ 89 atomic_t refcnt; /* # refs (incl /dev/ppp attached) */ 90 int hdrlen; /* space to leave for headers */ 91 int index; /* interface unit / channel number */ 92 int dead; /* unit/channel has been shut down */ 93}; 94 95#define PF_TO_X(pf, X) container_of(pf, X, file) 96 97#define PF_TO_PPP(pf) PF_TO_X(pf, struct ppp) 98#define PF_TO_CHANNEL(pf) PF_TO_X(pf, struct channel) 99 100/* 101 * Data structure describing one ppp unit. 102 * A ppp unit corresponds to a ppp network interface device 103 * and represents a multilink bundle. 104 * It can have 0 or more ppp channels connected to it. 105 */ 106struct ppp { 107 struct ppp_file file; /* stuff for read/write/poll 0 */ 108 struct file *owner; /* file that owns this unit 48 */ 109 struct list_head channels; /* list of attached channels 4c */ 110 int n_channels; /* how many channels are attached 54 */ 111 spinlock_t rlock; /* lock for receive side 58 */ 112 spinlock_t wlock; /* lock for transmit side 5c */ 113 int mru; /* max receive unit 60 */ 114 unsigned int flags; /* control bits 64 */ 115 unsigned int xstate; /* transmit state bits 68 */ 116 unsigned int rstate; /* receive state bits 6c */ 117 int debug; /* debug flags 70 */ 118 struct slcompress *vj; /* state for VJ header compression */ 119 enum NPmode npmode[NUM_NP]; /* what to do with each net proto 78 */ 120 struct sk_buff *xmit_pending; /* a packet ready to go out 88 */ 121 struct compressor *xcomp; /* transmit packet compressor 8c */ 122 void *xc_state; /* its internal state 90 */ 123 struct compressor *rcomp; /* receive decompressor 94 */ 124 void *rc_state; /* its internal state 98 */ 125 unsigned long last_xmit; /* jiffies when last pkt sent 9c */ 126 unsigned long last_recv; /* jiffies when last pkt rcvd a0 */ 127 struct net_device *dev; /* network interface device a4 */ 128 int closing; /* is device closing down? a8 */ 129#ifdef CONFIG_PPP_MULTILINK 130 int nxchan; /* next channel to send something on */ 131 u32 nxseq; /* next sequence number to send */ 132 int mrru; /* MP: max reconst. receive unit */ 133 u32 nextseq; /* MP: seq no of next packet */ 134 u32 minseq; /* MP: min of most recent seqnos */ 135 struct sk_buff_head mrq; /* MP: receive reconstruction queue */ 136#endif /* CONFIG_PPP_MULTILINK */ 137#ifdef CONFIG_PPP_FILTER 138 struct sock_filter *pass_filter; /* filter for packets to pass */ 139 struct sock_filter *active_filter;/* filter for pkts to reset idle */ 140 unsigned pass_len, active_len; 141#endif /* CONFIG_PPP_FILTER */ 142 struct net *ppp_net; /* the net we belong to */ 143}; 144 145/* 146 * Bits in flags: SC_NO_TCP_CCID, SC_CCP_OPEN, SC_CCP_UP, SC_LOOP_TRAFFIC, 147 * SC_MULTILINK, SC_MP_SHORTSEQ, SC_MP_XSHORTSEQ, SC_COMP_TCP, SC_REJ_COMP_TCP, 148 * SC_MUST_COMP 149 * Bits in rstate: SC_DECOMP_RUN, SC_DC_ERROR, SC_DC_FERROR. 150 * Bits in xstate: SC_COMP_RUN 151 */ 152#define SC_FLAG_BITS (SC_NO_TCP_CCID|SC_CCP_OPEN|SC_CCP_UP|SC_LOOP_TRAFFIC \ 153 |SC_MULTILINK|SC_MP_SHORTSEQ|SC_MP_XSHORTSEQ \ 154 |SC_COMP_TCP|SC_REJ_COMP_TCP|SC_MUST_COMP) 155 156/* 157 * Private data structure for each channel. 158 * This includes the data structure used for multilink. 159 */ 160struct channel { 161 struct ppp_file file; /* stuff for read/write/poll */ 162 struct list_head list; /* link in all/new_channels list */ 163 struct ppp_channel *chan; /* public channel data structure */ 164 struct rw_semaphore chan_sem; /* protects `chan' during chan ioctl */ 165 spinlock_t downl; /* protects `chan', file.xq dequeue */ 166 struct ppp *ppp; /* ppp unit we're connected to */ 167 struct net *chan_net; /* the net channel belongs to */ 168 struct list_head clist; /* link in list of channels per unit */ 169 rwlock_t upl; /* protects `ppp' */ 170#ifdef CONFIG_PPP_MULTILINK 171 u8 avail; /* flag used in multilink stuff */ 172 u8 had_frag; /* >= 1 fragments have been sent */ 173 u32 lastseq; /* MP: last sequence # received */ 174 int speed; /* speed of the corresponding ppp channel*/ 175#endif /* CONFIG_PPP_MULTILINK */ 176}; 177 178/* 179 * SMP locking issues: 180 * Both the ppp.rlock and ppp.wlock locks protect the ppp.channels 181 * list and the ppp.n_channels field, you need to take both locks 182 * before you modify them. 183 * The lock ordering is: channel.upl -> ppp.wlock -> ppp.rlock -> 184 * channel.downl. 185 */ 186 187static DEFINE_MUTEX(ppp_mutex); 188static atomic_t ppp_unit_count = ATOMIC_INIT(0); 189static atomic_t channel_count = ATOMIC_INIT(0); 190 191/* per-net private data for this module */ 192static int ppp_net_id __read_mostly; 193struct ppp_net { 194 /* units to ppp mapping */ 195 struct idr units_idr; 196 197 /* 198 * all_ppp_mutex protects the units_idr mapping. 199 * It also ensures that finding a ppp unit in the units_idr 200 * map and updating its file.refcnt field is atomic. 201 */ 202 struct mutex all_ppp_mutex; 203 204 /* channels */ 205 struct list_head all_channels; 206 struct list_head new_channels; 207 int last_channel_index; 208 209 /* 210 * all_channels_lock protects all_channels and 211 * last_channel_index, and the atomicity of find 212 * a channel and updating its file.refcnt field. 213 */ 214 spinlock_t all_channels_lock; 215}; 216 217/* Get the PPP protocol number from a skb */ 218#define PPP_PROTO(skb) (((skb)->data[0] << 8) + (skb)->data[1]) 219 220/* We limit the length of ppp->file.rq to this (arbitrary) value */ 221#define PPP_MAX_RQLEN 32 222 223/* 224 * Maximum number of multilink fragments queued up. 225 * This has to be large enough to cope with the maximum latency of 226 * the slowest channel relative to the others. Strictly it should 227 * depend on the number of channels and their characteristics. 228 */ 229#define PPP_MP_MAX_QLEN 128 230 231/* Multilink header bits. */ 232#define B 0x80 /* this fragment begins a packet */ 233#define E 0x40 /* this fragment ends a packet */ 234 235/* Compare multilink sequence numbers (assumed to be 32 bits wide) */ 236#define seq_before(a, b) ((s32)((a) - (b)) < 0) 237#define seq_after(a, b) ((s32)((a) - (b)) > 0) 238 239/* Prototypes. */ 240static int ppp_unattached_ioctl(struct net *net, struct ppp_file *pf, 241 struct file *file, unsigned int cmd, unsigned long arg); 242static void ppp_xmit_process(struct ppp *ppp); 243static void ppp_send_frame(struct ppp *ppp, struct sk_buff *skb); 244static void ppp_push(struct ppp *ppp); 245static void ppp_channel_push(struct channel *pch); 246static void ppp_receive_frame(struct ppp *ppp, struct sk_buff *skb, 247 struct channel *pch); 248static void ppp_receive_error(struct ppp *ppp); 249static void ppp_receive_nonmp_frame(struct ppp *ppp, struct sk_buff *skb); 250static struct sk_buff *ppp_decompress_frame(struct ppp *ppp, 251 struct sk_buff *skb); 252#ifdef CONFIG_PPP_MULTILINK 253static void ppp_receive_mp_frame(struct ppp *ppp, struct sk_buff *skb, 254 struct channel *pch); 255static void ppp_mp_insert(struct ppp *ppp, struct sk_buff *skb); 256static struct sk_buff *ppp_mp_reconstruct(struct ppp *ppp); 257static int ppp_mp_explode(struct ppp *ppp, struct sk_buff *skb); 258#endif /* CONFIG_PPP_MULTILINK */ 259static int ppp_set_compress(struct ppp *ppp, unsigned long arg); 260static void ppp_ccp_peek(struct ppp *ppp, struct sk_buff *skb, int inbound); 261static void ppp_ccp_closed(struct ppp *ppp); 262static struct compressor *find_compressor(int type); 263static void ppp_get_stats(struct ppp *ppp, struct ppp_stats *st); 264static struct ppp *ppp_create_interface(struct net *net, int unit, int *retp); 265static void init_ppp_file(struct ppp_file *pf, int kind); 266static void ppp_shutdown_interface(struct ppp *ppp); 267static void ppp_destroy_interface(struct ppp *ppp); 268static struct ppp *ppp_find_unit(struct ppp_net *pn, int unit); 269static struct channel *ppp_find_channel(struct ppp_net *pn, int unit); 270static int ppp_connect_channel(struct channel *pch, int unit); 271static int ppp_disconnect_channel(struct channel *pch); 272static void ppp_destroy_channel(struct channel *pch); 273static int unit_get(struct idr *p, void *ptr); 274static int unit_set(struct idr *p, void *ptr, int n); 275static void unit_put(struct idr *p, int n); 276static void *unit_find(struct idr *p, int n); 277 278/* Foxconn added start pling 03/28/2006 */ 279/********************************************************************** 280* FUNCTION: computeTCPChecksum 281* ARGUMENTS: 282* ipHdr -- pointer to IP header 283* tcpHdr -- pointer to TCP header 284* RETURNS: 285* The computed TCP checksum 286***********************************************************************/ 287#define UINT16 unsigned short 288#define UINT32 unsigned long 289static UINT16 computeTCPChecksum(unsigned char *ipHdr, unsigned char *tcpHdr) 290{ 291 UINT32 sum = 0; 292 UINT16 count = ipHdr[2] * 256 + ipHdr[3]; 293 unsigned char *addr = tcpHdr; 294 unsigned char pseudoHeader[12]; 295 296 /* Count number of bytes in TCP header and data */ 297 count -= (ipHdr[0] & 0x0F) * 4; 298 299 memcpy(pseudoHeader, ipHdr+12, 8); 300 pseudoHeader[8] = 0; 301 pseudoHeader[9] = ipHdr[9]; 302 pseudoHeader[10] = (count >> 8) & 0xFF; 303 pseudoHeader[11] = (count & 0xFF); 304 305 /* Checksum the pseudo-header */ 306 sum += * (UINT16 *) pseudoHeader; 307 sum += * ((UINT16 *) (pseudoHeader+2)); 308 sum += * ((UINT16 *) (pseudoHeader+4)); 309 sum += * ((UINT16 *) (pseudoHeader+6)); 310 sum += * ((UINT16 *) (pseudoHeader+8)); 311 sum += * ((UINT16 *) (pseudoHeader+10)); 312 313 /* Checksum the TCP header and data */ 314 while (count > 1) { 315 sum += * (UINT16 *) addr; 316 addr += 2; 317 count -= 2; 318 } 319 320 if (count > 0) { 321 sum += *addr; 322 } 323 324 while(sum >> 16) { 325 sum = (sum & 0xffff) + (sum >> 16); 326 } 327 328 return (UINT16) (~sum & 0xFFFF); 329} 330 331/********************************************************************** 332* FUNCTION: ppp_modify_tcp_mss 333* ARGUMENTS: 334* payload -- IP packet 335* payload_len -- either "incoming" or "outgoing" 336* clampMss -- clamp value 337* RETURNS: 338* Nothing 339* DESCRIPTION: 340* Clamps MSS option if TCP SYN flag is set. 341***********************************************************************/ 342void ppp_modify_tcp_mss(unsigned char *payload, int clampMss) 343{ 344 unsigned char *tcpHdr; 345 unsigned char *ipHdr; 346 unsigned char *opt; 347 unsigned char *endHdr; 348 unsigned char *mssopt = NULL; 349 UINT16 csum; 350 351 /* Make sure this is IP packet */ 352 if (payload[0] != 0x00 || payload[1] != 0x21) { 353 return; 354 } 355 356 ipHdr = &payload[2]; 357 358 /* Verify once more that it's IPv4 */ 359 if ((ipHdr[0] & 0xF0) != 0x40) { 360 return; 361 } 362 363 /* Is it a fragment that's not at the beginning of the packet? */ 364 if ((ipHdr[6] & 0x1F) || ipHdr[7]) { 365 /* Yup, don't touch! */ 366 return; 367 } 368 369 /* Is it TCP? */ 370 if (ipHdr[9] != 0x06) { 371 return; 372 } 373 374 /* Get start of TCP header */ 375 tcpHdr = ipHdr + (ipHdr[0] & 0x0F) * 4; 376 377 /* Is SYN set? */ 378 if (!(tcpHdr[13] & 0x02)) { 379 return; 380 } 381 382 /* Compute and verify TCP checksum -- do not touch a packet with a bad 383 checksum */ 384 csum = computeTCPChecksum(ipHdr, tcpHdr); 385 if (csum) { 386 /* printk("Bad TCP checksum %x", (unsigned int) csum);*/ 387 388 /* Upper layers will drop it */ 389 return; 390 } 391 392 /* Look for existing MSS option */ 393 endHdr = tcpHdr + ((tcpHdr[12] & 0xF0) >> 2); 394 opt = tcpHdr + 20; 395 while (opt < endHdr) { 396 if (!*opt) 397 break; /* End of options */ 398 399 switch(*opt) { 400 case 1: 401 opt++; 402 break; 403 404 case 2: 405 if (opt[1] != 4) { 406 /* Something fishy about MSS option length. */ 407 printk("Bogus length for MSS option (%u) from %u.%u.%u.%u", 408 (unsigned int) opt[1], 409 (unsigned int) ipHdr[12], 410 (unsigned int) ipHdr[13], 411 (unsigned int) ipHdr[14], 412 (unsigned int) ipHdr[15]); 413 return; 414 } 415 mssopt = opt; 416 break; 417 418 default: 419 if (opt[1] < 2) { 420 /* Someone's trying to attack us? */ 421 printk("Bogus TCP option length (%u) from %u.%u.%u.%u", 422 (unsigned int) opt[1], 423 (unsigned int) ipHdr[12], 424 (unsigned int) ipHdr[13], 425 (unsigned int) ipHdr[14], 426 (unsigned int) ipHdr[15]); 427 return; 428 } 429 opt += (opt[1]); 430 break; 431 } 432 433 /* Found existing MSS option? */ 434 if (mssopt) { 435 break; 436 } 437 } 438 439 /* If MSS exists and it's low enough, do nothing */ 440 if (mssopt) { 441 unsigned mss = mssopt[2] * 256 + mssopt[3]; 442 if (mss <= clampMss) { 443 return; 444 } 445 446 mssopt[2] = (((unsigned) clampMss) >> 8) & 0xFF; 447 mssopt[3] = ((unsigned) clampMss) & 0xFF; 448 449 /*printk("%s: Modified MSS value to %d\n", __FUNCTION__, clampMss);*/ 450 } else { 451 /* No MSS option. Don't add one; we'll have to use 536. */ 452 return; 453 } 454 455 /* Recompute TCP checksum */ 456 tcpHdr[16] = 0; 457 tcpHdr[17] = 0; 458 csum = computeTCPChecksum(ipHdr, tcpHdr); 459 (* (UINT16 *) (tcpHdr+16)) = csum; 460} 461#undef UINT16 462#undef UINT32 463/* Foxconn added end pling 03/28/2006 */ 464 465static struct class *ppp_class; 466 467/* per net-namespace data */ 468static inline struct ppp_net *ppp_pernet(struct net *net) 469{ 470 BUG_ON(!net); 471 472 return net_generic(net, ppp_net_id); 473} 474 475/* Translates a PPP protocol number to a NP index (NP == network protocol) */ 476static inline int proto_to_npindex(int proto) 477{ 478 switch (proto) { 479 case PPP_IP: 480 return NP_IP; 481 case PPP_IPV6: 482 return NP_IPV6; 483 case PPP_IPX: 484 return NP_IPX; 485 case PPP_AT: 486 return NP_AT; 487 case PPP_MPLS_UC: 488 return NP_MPLS_UC; 489 case PPP_MPLS_MC: 490 return NP_MPLS_MC; 491 } 492 return -EINVAL; 493} 494 495/* Translates an NP index into a PPP protocol number */ 496static const int npindex_to_proto[NUM_NP] = { 497 PPP_IP, 498 PPP_IPV6, 499 PPP_IPX, 500 PPP_AT, 501 PPP_MPLS_UC, 502 PPP_MPLS_MC, 503}; 504 505/* Translates an ethertype into an NP index */ 506static inline int ethertype_to_npindex(int ethertype) 507{ 508 switch (ethertype) { 509 case ETH_P_IP: 510 return NP_IP; 511 case ETH_P_IPV6: 512 return NP_IPV6; 513 case ETH_P_IPX: 514 return NP_IPX; 515 case ETH_P_PPPTALK: 516 case ETH_P_ATALK: 517 return NP_AT; 518 case ETH_P_MPLS_UC: 519 return NP_MPLS_UC; 520 case ETH_P_MPLS_MC: 521 return NP_MPLS_MC; 522 } 523 return -1; 524} 525 526/* Translates an NP index into an ethertype */ 527static const int npindex_to_ethertype[NUM_NP] = { 528 ETH_P_IP, 529 ETH_P_IPV6, 530 ETH_P_IPX, 531 ETH_P_PPPTALK, 532 ETH_P_MPLS_UC, 533 ETH_P_MPLS_MC, 534}; 535 536/* 537 * Locking shorthand. 538 */ 539#define ppp_xmit_lock(ppp) spin_lock_bh(&(ppp)->wlock) 540#define ppp_xmit_unlock(ppp) spin_unlock_bh(&(ppp)->wlock) 541#define ppp_recv_lock(ppp) spin_lock_bh(&(ppp)->rlock) 542#define ppp_recv_unlock(ppp) spin_unlock_bh(&(ppp)->rlock) 543#define ppp_lock(ppp) do { ppp_xmit_lock(ppp); \ 544 ppp_recv_lock(ppp); } while (0) 545#define ppp_unlock(ppp) do { ppp_recv_unlock(ppp); \ 546 ppp_xmit_unlock(ppp); } while (0) 547 548/* 549 * /dev/ppp device routines. 550 * The /dev/ppp device is used by pppd to control the ppp unit. 551 * It supports the read, write, ioctl and poll functions. 552 * Open instances of /dev/ppp can be in one of three states: 553 * unattached, attached to a ppp unit, or attached to a ppp channel. 554 */ 555static int ppp_open(struct inode *inode, struct file *file) 556{ 557 /* 558 * This could (should?) be enforced by the permissions on /dev/ppp. 559 */ 560 if (!capable(CAP_NET_ADMIN)) 561 return -EPERM; 562 return 0; 563} 564 565static int ppp_release(struct inode *unused, struct file *file) 566{ 567 struct ppp_file *pf = file->private_data; 568 struct ppp *ppp; 569 570 if (pf) { 571 file->private_data = NULL; 572 if (pf->kind == INTERFACE) { 573 ppp = PF_TO_PPP(pf); 574 if (file == ppp->owner) 575 ppp_shutdown_interface(ppp); 576 } 577 if (atomic_dec_and_test(&pf->refcnt)) { 578 switch (pf->kind) { 579 case INTERFACE: 580 ppp_destroy_interface(PF_TO_PPP(pf)); 581 break; 582 case CHANNEL: 583 ppp_destroy_channel(PF_TO_CHANNEL(pf)); 584 break; 585 } 586 } 587 } 588 return 0; 589} 590 591static ssize_t ppp_read(struct file *file, char __user *buf, 592 size_t count, loff_t *ppos) 593{ 594 struct ppp_file *pf = file->private_data; 595 DECLARE_WAITQUEUE(wait, current); 596 ssize_t ret; 597 struct sk_buff *skb = NULL; 598 struct iovec iov; 599 600 ret = count; 601 602 if (!pf) 603 return -ENXIO; 604 add_wait_queue(&pf->rwait, &wait); 605 for (;;) { 606 set_current_state(TASK_INTERRUPTIBLE); 607 skb = skb_dequeue(&pf->rq); 608 if (skb) 609 break; 610 ret = 0; 611 if (pf->dead) 612 break; 613 if (pf->kind == INTERFACE) { 614 /* 615 * Return 0 (EOF) on an interface that has no 616 * channels connected, unless it is looping 617 * network traffic (demand mode). 618 */ 619 struct ppp *ppp = PF_TO_PPP(pf); 620 if (ppp->n_channels == 0 && 621 (ppp->flags & SC_LOOP_TRAFFIC) == 0) 622 break; 623 } 624 ret = -EAGAIN; 625 if (file->f_flags & O_NONBLOCK) 626 break; 627 ret = -ERESTARTSYS; 628 if (signal_pending(current)) 629 break; 630 schedule(); 631 } 632 set_current_state(TASK_RUNNING); 633 remove_wait_queue(&pf->rwait, &wait); 634 635 if (!skb) 636 goto out; 637 638 ret = -EOVERFLOW; 639 if (skb->len > count) 640 goto outf; 641 ret = -EFAULT; 642 iov.iov_base = buf; 643 iov.iov_len = count; 644 if (skb_copy_datagram_iovec(skb, 0, &iov, skb->len)) 645 goto outf; 646 ret = skb->len; 647 648 outf: 649 kfree_skb(skb); 650 out: 651 return ret; 652} 653 654static ssize_t ppp_write(struct file *file, const char __user *buf, 655 size_t count, loff_t *ppos) 656{ 657 struct ppp_file *pf = file->private_data; 658 struct sk_buff *skb; 659 ssize_t ret; 660 661 if (!pf) 662 return -ENXIO; 663 ret = -ENOMEM; 664 skb = alloc_skb(count + pf->hdrlen, GFP_KERNEL); 665 if (!skb) 666 goto out; 667 skb_reserve(skb, pf->hdrlen); 668 ret = -EFAULT; 669 if (copy_from_user(skb_put(skb, count), buf, count)) { 670 kfree_skb(skb); 671 goto out; 672 } 673 674 skb_queue_tail(&pf->xq, skb); 675 676 switch (pf->kind) { 677 case INTERFACE: 678 ppp_xmit_process(PF_TO_PPP(pf)); 679 break; 680 case CHANNEL: 681 ppp_channel_push(PF_TO_CHANNEL(pf)); 682 break; 683 } 684 685 ret = count; 686 687 out: 688 return ret; 689} 690 691/* No kernel lock - fine */ 692static unsigned int ppp_poll(struct file *file, poll_table *wait) 693{ 694 struct ppp_file *pf = file->private_data; 695 unsigned int mask; 696 697 if (!pf) 698 return 0; 699 poll_wait(file, &pf->rwait, wait); 700 mask = POLLOUT | POLLWRNORM; 701 if (skb_peek(&pf->rq)) 702 mask |= POLLIN | POLLRDNORM; 703 if (pf->dead) 704 mask |= POLLHUP; 705 else if (pf->kind == INTERFACE) { 706 /* see comment in ppp_read */ 707 struct ppp *ppp = PF_TO_PPP(pf); 708 if (ppp->n_channels == 0 && 709 (ppp->flags & SC_LOOP_TRAFFIC) == 0) 710 mask |= POLLIN | POLLRDNORM; 711 } 712 713 return mask; 714} 715 716#ifdef CONFIG_PPP_FILTER 717static int get_filter(void __user *arg, struct sock_filter **p) 718{ 719 struct sock_fprog uprog; 720 struct sock_filter *code = NULL; 721 int len, err; 722 723 if (copy_from_user(&uprog, arg, sizeof(uprog))) 724 return -EFAULT; 725 726 if (!uprog.len) { 727 *p = NULL; 728 return 0; 729 } 730 731 len = uprog.len * sizeof(struct sock_filter); 732 code = memdup_user(uprog.filter, len); 733 if (IS_ERR(code)) 734 return PTR_ERR(code); 735 736 err = sk_chk_filter(code, uprog.len); 737 if (err) { 738 kfree(code); 739 return err; 740 } 741 742 *p = code; 743 return uprog.len; 744} 745#endif /* CONFIG_PPP_FILTER */ 746 747static long ppp_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 748{ 749 struct ppp_file *pf = file->private_data; 750 struct ppp *ppp; 751 int err = -EFAULT, val, val2, i; 752 struct ppp_idle idle; 753 struct npioctl npi; 754 int unit, cflags; 755 struct slcompress *vj; 756 void __user *argp = (void __user *)arg; 757 int __user *p = argp; 758 759 if (!pf) 760 return ppp_unattached_ioctl(current->nsproxy->net_ns, 761 pf, file, cmd, arg); 762 763 if (cmd == PPPIOCDETACH) { 764 /* 765 * We have to be careful here... if the file descriptor 766 * has been dup'd, we could have another process in the 767 * middle of a poll using the same file *, so we had 768 * better not free the interface data structures - 769 * instead we fail the ioctl. Even in this case, we 770 * shut down the interface if we are the owner of it. 771 * Actually, we should get rid of PPPIOCDETACH, userland 772 * (i.e. pppd) could achieve the same effect by closing 773 * this fd and reopening /dev/ppp. 774 */ 775 err = -EINVAL; 776 mutex_lock(&ppp_mutex); 777 if (pf->kind == INTERFACE) { 778 ppp = PF_TO_PPP(pf); 779 if (file == ppp->owner) 780 ppp_shutdown_interface(ppp); 781 } 782 if (atomic_long_read(&file->f_count) <= 2) { 783 ppp_release(NULL, file); 784 err = 0; 785 } else 786 printk(KERN_DEBUG "PPPIOCDETACH file->f_count=%ld\n", 787 atomic_long_read(&file->f_count)); 788 mutex_unlock(&ppp_mutex); 789 return err; 790 } 791 792 if (pf->kind == CHANNEL) { 793 struct channel *pch; 794 struct ppp_channel *chan; 795 796 mutex_lock(&ppp_mutex); 797 pch = PF_TO_CHANNEL(pf); 798 799 switch (cmd) { 800 case PPPIOCCONNECT: 801 if (get_user(unit, p)) 802 break; 803 err = ppp_connect_channel(pch, unit); 804 break; 805 806 case PPPIOCDISCONN: 807 err = ppp_disconnect_channel(pch); 808 break; 809 810 default: 811 down_read(&pch->chan_sem); 812 chan = pch->chan; 813 err = -ENOTTY; 814 if (chan && chan->ops->ioctl) 815 err = chan->ops->ioctl(chan, cmd, arg); 816 up_read(&pch->chan_sem); 817 } 818 mutex_unlock(&ppp_mutex); 819 return err; 820 } 821 822 if (pf->kind != INTERFACE) { 823 /* can't happen */ 824 printk(KERN_ERR "PPP: not interface or channel??\n"); 825 return -EINVAL; 826 } 827 828 mutex_lock(&ppp_mutex); 829 ppp = PF_TO_PPP(pf); 830 switch (cmd) { 831 case PPPIOCSMRU: 832 if (get_user(val, p)) 833 break; 834 ppp->mru = val; 835 err = 0; 836 break; 837 838 case PPPIOCSFLAGS: 839 if (get_user(val, p)) 840 break; 841 ppp_lock(ppp); 842 cflags = ppp->flags & ~val; 843 ppp->flags = val & SC_FLAG_BITS; 844 ppp_unlock(ppp); 845 if (cflags & SC_CCP_OPEN) 846 ppp_ccp_closed(ppp); 847 err = 0; 848 break; 849 850 case PPPIOCGFLAGS: 851 val = ppp->flags | ppp->xstate | ppp->rstate; 852 if (put_user(val, p)) 853 break; 854 err = 0; 855 break; 856 857 case PPPIOCSCOMPRESS: 858 err = ppp_set_compress(ppp, arg); 859 break; 860 861 case PPPIOCGUNIT: 862 if (put_user(ppp->file.index, p)) 863 break; 864 err = 0; 865 break; 866 867 case PPPIOCSDEBUG: 868 if (get_user(val, p)) 869 break; 870 ppp->debug = val; 871 err = 0; 872 break; 873 874 case PPPIOCGDEBUG: 875 if (put_user(ppp->debug, p)) 876 break; 877 err = 0; 878 break; 879 880 case PPPIOCGIDLE: 881 /*foxconn modified start, water, 11/27/09, @pppoe/pptp idle time not correct issue*/ 882 if (jiffies >= ppp->last_xmit) /* wklin modified from > to >=*/ 883 idle.xmit_idle = (jiffies - ppp->last_xmit) / HZ; 884 else 885 idle.xmit_idle = (0xFFFFFFFF - ppp->last_xmit + jiffies) / HZ; 886 idle.recv_idle = idle.xmit_idle; 887 /* 888 idle.xmit_idle = (jiffies - ppp->last_xmit) / HZ; 889 idle.recv_idle = (jiffies - ppp->last_recv) / HZ; 890 */ 891 /*foxconn modified end, water, 11/27/09*/ 892 if (copy_to_user(argp, &idle, sizeof(idle))) 893 break; 894 err = 0; 895 break; 896 897 case PPPIOCSMAXCID: 898 if (get_user(val, p)) 899 break; 900 val2 = 15; 901 if ((val >> 16) != 0) { 902 val2 = val >> 16; 903 val &= 0xffff; 904 } 905 vj = slhc_init(val2+1, val+1); 906 if (!vj) { 907 printk(KERN_ERR "PPP: no memory (VJ compressor)\n"); 908 err = -ENOMEM; 909 break; 910 } 911 ppp_lock(ppp); 912 if (ppp->vj) 913 slhc_free(ppp->vj); 914 ppp->vj = vj; 915 ppp_unlock(ppp); 916 err = 0; 917 break; 918 919 case PPPIOCGNPMODE: 920 case PPPIOCSNPMODE: 921 if (copy_from_user(&npi, argp, sizeof(npi))) 922 break; 923 err = proto_to_npindex(npi.protocol); 924 if (err < 0) 925 break; 926 i = err; 927 if (cmd == PPPIOCGNPMODE) { 928 err = -EFAULT; 929 npi.mode = ppp->npmode[i]; 930 if (copy_to_user(argp, &npi, sizeof(npi))) 931 break; 932 } else { 933 ppp->npmode[i] = npi.mode; 934 /* we may be able to transmit more packets now (??) */ 935 netif_wake_queue(ppp->dev); 936 } 937 err = 0; 938 break; 939 940#ifdef CONFIG_PPP_FILTER 941 case PPPIOCSPASS: 942 { 943 struct sock_filter *code; 944 err = get_filter(argp, &code); 945 if (err >= 0) { 946 ppp_lock(ppp); 947 kfree(ppp->pass_filter); 948 ppp->pass_filter = code; 949 ppp->pass_len = err; 950 ppp_unlock(ppp); 951 err = 0; 952 } 953 break; 954 } 955 case PPPIOCSACTIVE: 956 { 957 struct sock_filter *code; 958 err = get_filter(argp, &code); 959 if (err >= 0) { 960 ppp_lock(ppp); 961 kfree(ppp->active_filter); 962 ppp->active_filter = code; 963 ppp->active_len = err; 964 ppp_unlock(ppp); 965 err = 0; 966 } 967 break; 968 } 969#endif /* CONFIG_PPP_FILTER */ 970 971#ifdef CONFIG_PPP_MULTILINK 972 case PPPIOCSMRRU: 973 if (get_user(val, p)) 974 break; 975 ppp_recv_lock(ppp); 976 ppp->mrru = val; 977 ppp_recv_unlock(ppp); 978 err = 0; 979 break; 980#endif /* CONFIG_PPP_MULTILINK */ 981 982 default: 983 err = -ENOTTY; 984 } 985 mutex_unlock(&ppp_mutex); 986 return err; 987} 988 989static int ppp_unattached_ioctl(struct net *net, struct ppp_file *pf, 990 struct file *file, unsigned int cmd, unsigned long arg) 991{ 992 int unit, err = -EFAULT; 993 struct ppp *ppp; 994 struct channel *chan; 995 struct ppp_net *pn; 996 int __user *p = (int __user *)arg; 997 998 mutex_lock(&ppp_mutex); 999 switch (cmd) { 1000 case PPPIOCNEWUNIT: 1001 /* Create a new ppp unit */ 1002 if (get_user(unit, p)) 1003 break; 1004 ppp = ppp_create_interface(net, unit, &err); 1005 if (!ppp) 1006 break; 1007 file->private_data = &ppp->file; 1008 ppp->owner = file; 1009 err = -EFAULT; 1010 if (put_user(ppp->file.index, p)) 1011 break; 1012 err = 0; 1013 break; 1014 1015 case PPPIOCATTACH: 1016 /* Attach to an existing ppp unit */ 1017 if (get_user(unit, p)) 1018 break; 1019 err = -ENXIO; 1020 pn = ppp_pernet(net); 1021 mutex_lock(&pn->all_ppp_mutex); 1022 ppp = ppp_find_unit(pn, unit); 1023 if (ppp) { 1024 atomic_inc(&ppp->file.refcnt); 1025 file->private_data = &ppp->file; 1026 err = 0; 1027 } 1028 mutex_unlock(&pn->all_ppp_mutex); 1029 break; 1030 1031 case PPPIOCATTCHAN: 1032 if (get_user(unit, p)) 1033 break; 1034 err = -ENXIO; 1035 pn = ppp_pernet(net); 1036 spin_lock_bh(&pn->all_channels_lock); 1037 chan = ppp_find_channel(pn, unit); 1038 if (chan) { 1039 atomic_inc(&chan->file.refcnt); 1040 file->private_data = &chan->file; 1041 err = 0; 1042 } 1043 spin_unlock_bh(&pn->all_channels_lock); 1044 break; 1045 1046 default: 1047 err = -ENOTTY; 1048 } 1049 mutex_unlock(&ppp_mutex); 1050 return err; 1051} 1052 1053static const struct file_operations ppp_device_fops = { 1054 .owner = THIS_MODULE, 1055 .read = ppp_read, 1056 .write = ppp_write, 1057 .poll = ppp_poll, 1058 .unlocked_ioctl = ppp_ioctl, 1059 .open = ppp_open, 1060 .release = ppp_release 1061}; 1062 1063static __net_init int ppp_init_net(struct net *net) 1064{ 1065 struct ppp_net *pn = net_generic(net, ppp_net_id); 1066 1067 idr_init(&pn->units_idr); 1068 mutex_init(&pn->all_ppp_mutex); 1069 1070 INIT_LIST_HEAD(&pn->all_channels); 1071 INIT_LIST_HEAD(&pn->new_channels); 1072 1073 spin_lock_init(&pn->all_channels_lock); 1074 1075 return 0; 1076} 1077 1078static __net_exit void ppp_exit_net(struct net *net) 1079{ 1080 struct ppp_net *pn = net_generic(net, ppp_net_id); 1081 1082 idr_destroy(&pn->units_idr); 1083} 1084 1085static struct pernet_operations ppp_net_ops = { 1086 .init = ppp_init_net, 1087 .exit = ppp_exit_net, 1088 .id = &ppp_net_id, 1089 .size = sizeof(struct ppp_net), 1090}; 1091 1092#define PPP_MAJOR 108 1093 1094/* Called at boot time if ppp is compiled into the kernel, 1095 or at module load time (from init_module) if compiled as a module. */ 1096static int __init ppp_init(void) 1097{ 1098 int err; 1099 1100 printk(KERN_INFO "PPP generic driver version " PPP_VERSION "\n"); 1101 1102 err = register_pernet_device(&ppp_net_ops); 1103 if (err) { 1104 printk(KERN_ERR "failed to register PPP pernet device (%d)\n", err); 1105 goto out; 1106 } 1107 1108 err = register_chrdev(PPP_MAJOR, "ppp", &ppp_device_fops); 1109 if (err) { 1110 printk(KERN_ERR "failed to register PPP device (%d)\n", err); 1111 goto out_net; 1112 } 1113 1114 ppp_class = class_create(THIS_MODULE, "ppp"); 1115 if (IS_ERR(ppp_class)) { 1116 err = PTR_ERR(ppp_class); 1117 goto out_chrdev; 1118 } 1119 1120 /* not a big deal if we fail here :-) */ 1121 device_create(ppp_class, NULL, MKDEV(PPP_MAJOR, 0), NULL, "ppp"); 1122 1123 return 0; 1124 1125out_chrdev: 1126 unregister_chrdev(PPP_MAJOR, "ppp"); 1127out_net: 1128 unregister_pernet_device(&ppp_net_ops); 1129out: 1130 return err; 1131} 1132 1133/* 1134 * Network interface unit routines. 1135 */ 1136static netdev_tx_t 1137ppp_start_xmit(struct sk_buff *skb, struct net_device *dev) 1138{ 1139 struct ppp *ppp = netdev_priv(dev); 1140 int npi, proto; 1141 unsigned char *pp; 1142 1143 npi = ethertype_to_npindex(ntohs(skb->protocol)); 1144 if (npi < 0) 1145 goto outf; 1146 1147 /* Drop, accept or reject the packet */ 1148 switch (ppp->npmode[npi]) { 1149 case NPMODE_PASS: 1150 break; 1151 case NPMODE_QUEUE: 1152 /* it would be nice to have a way to tell the network 1153 system to queue this one up for later. */ 1154 goto outf; 1155 case NPMODE_DROP: 1156 case NPMODE_ERROR: 1157 goto outf; 1158 } 1159 1160 /* Put the 2-byte PPP protocol number on the front, 1161 making sure there is room for the address and control fields. */ 1162 if (skb_cow_head(skb, PPP_HDRLEN)) 1163 goto outf; 1164 1165 pp = skb_push(skb, 2); 1166 proto = npindex_to_proto[npi]; 1167 pp[0] = proto >> 8; 1168 pp[1] = proto; 1169 1170 netif_stop_queue(dev); 1171 skb_queue_tail(&ppp->file.xq, skb); 1172 ppp_xmit_process(ppp); 1173 return NETDEV_TX_OK; 1174 1175 outf: 1176 kfree_skb(skb); 1177 ++dev->stats.tx_dropped; 1178 return NETDEV_TX_OK; 1179} 1180 1181/*Foxconn add start by Eric Huang 12/04/2012*/ 1182/*add get ppp interface status function*/ 1183static struct net_device_stats * ppp_dev_collect_stats(struct net_device *dev_p) 1184{ 1185 struct ppp *ppp = netdev_priv(dev_p); 1186 1187 return &ppp->dev->stats; 1188} 1189/*Foxconn add end by Eric Huang 12/04/2012*/ 1190 1191static int 1192ppp_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) 1193{ 1194 struct ppp *ppp = netdev_priv(dev); 1195 int err = -EFAULT; 1196 void __user *addr = (void __user *) ifr->ifr_ifru.ifru_data; 1197 struct ppp_stats stats; 1198 struct ppp_comp_stats cstats; 1199 char *vers; 1200 1201 switch (cmd) { 1202 case SIOCGPPPSTATS: 1203 ppp_get_stats(ppp, &stats); 1204 if (copy_to_user(addr, &stats, sizeof(stats))) 1205 break; 1206 err = 0; 1207 break; 1208 1209 case SIOCGPPPCSTATS: 1210 memset(&cstats, 0, sizeof(cstats)); 1211 if (ppp->xc_state) 1212 ppp->xcomp->comp_stat(ppp->xc_state, &cstats.c); 1213 if (ppp->rc_state) 1214 ppp->rcomp->decomp_stat(ppp->rc_state, &cstats.d); 1215 if (copy_to_user(addr, &cstats, sizeof(cstats))) 1216 break; 1217 err = 0; 1218 break; 1219 1220 case SIOCGPPPVER: 1221 vers = PPP_VERSION; 1222 if (copy_to_user(addr, vers, strlen(vers) + 1)) 1223 break; 1224 err = 0; 1225 break; 1226 1227 default: 1228 err = -EINVAL; 1229 } 1230 1231 return err; 1232} 1233 1234static const struct net_device_ops ppp_netdev_ops = { 1235 .ndo_start_xmit = ppp_start_xmit, 1236 .ndo_do_ioctl = ppp_net_ioctl, 1237 /*Foxconn add start by Eric Huang 12/04/2012*/ 1238 /*add get ppp interface status function*/ 1239 .ndo_get_stats = ppp_dev_collect_stats, 1240 /*Foxconn add end by Eric Huang 12/04/2012*/ 1241}; 1242 1243static void ppp_setup(struct net_device *dev) 1244{ 1245 dev->netdev_ops = &ppp_netdev_ops; 1246 dev->hard_header_len = PPP_HDRLEN; 1247 dev->mtu = PPP_MTU; 1248 dev->addr_len = 0; 1249 dev->tx_queue_len = 3; 1250 dev->type = ARPHRD_PPP; 1251 dev->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; 1252 dev->features |= NETIF_F_NETNS_LOCAL; 1253 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE; 1254} 1255 1256/* 1257 * Transmit-side routines. 1258 */ 1259 1260/* 1261 * Called to do any work queued up on the transmit side 1262 * that can now be done. 1263 */ 1264static void 1265ppp_xmit_process(struct ppp *ppp) 1266{ 1267 struct sk_buff *skb; 1268 1269 ppp_xmit_lock(ppp); 1270 if (!ppp->closing) { 1271 ppp_push(ppp); 1272 while (!ppp->xmit_pending && 1273 (skb = skb_dequeue(&ppp->file.xq))) 1274 ppp_send_frame(ppp, skb); 1275 /* If there's no work left to do, tell the core net 1276 code that we can accept some more. */ 1277 if (!ppp->xmit_pending && !skb_peek(&ppp->file.xq)) 1278 netif_wake_queue(ppp->dev); 1279 } 1280 ppp_xmit_unlock(ppp); 1281} 1282 1283static inline struct sk_buff * 1284pad_compress_skb(struct ppp *ppp, struct sk_buff *skb) 1285{ 1286 struct sk_buff *new_skb; 1287 int len; 1288 int new_skb_size = ppp->dev->mtu + 1289 ppp->xcomp->comp_extra + ppp->dev->hard_header_len; 1290 int compressor_skb_size = ppp->dev->mtu + 1291 ppp->xcomp->comp_extra + PPP_HDRLEN; 1292 new_skb = alloc_skb(new_skb_size, GFP_ATOMIC); 1293 if (!new_skb) { 1294 if (net_ratelimit()) 1295 printk(KERN_ERR "PPP: no memory (comp pkt)\n"); 1296 return NULL; 1297 } 1298 if (ppp->dev->hard_header_len > PPP_HDRLEN) 1299 skb_reserve(new_skb, 1300 ppp->dev->hard_header_len - PPP_HDRLEN); 1301 1302 /* compressor still expects A/C bytes in hdr */ 1303 len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2, 1304 new_skb->data, skb->len + 2, 1305 compressor_skb_size); 1306 if (len > 0 && (ppp->flags & SC_CCP_UP)) { 1307 kfree_skb(skb); 1308 skb = new_skb; 1309 skb_put(skb, len); 1310 skb_pull(skb, 2); /* pull off A/C bytes */ 1311 } else if (len == 0) { 1312 /* didn't compress, or CCP not up yet */ 1313 kfree_skb(new_skb); 1314 new_skb = skb; 1315 } else { 1316 /* 1317 * (len < 0) 1318 * MPPE requires that we do not send unencrypted 1319 * frames. The compressor will return -1 if we 1320 * should drop the frame. We cannot simply test 1321 * the compress_proto because MPPE and MPPC share 1322 * the same number. 1323 */ 1324 if (net_ratelimit()) 1325 printk(KERN_ERR "ppp: compressor dropped pkt\n"); 1326 kfree_skb(skb); 1327 kfree_skb(new_skb); 1328 new_skb = NULL; 1329 } 1330 return new_skb; 1331} 1332 1333/* 1334 * Compress and send a frame. 1335 * The caller should have locked the xmit path, 1336 * and xmit_pending should be 0. 1337 */ 1338static void 1339ppp_send_frame(struct ppp *ppp, struct sk_buff *skb) 1340{ 1341 int proto = PPP_PROTO(skb); 1342 struct sk_buff *new_skb; 1343 int len; 1344 unsigned char *cp; 1345 1346 if (proto < 0x8000) { 1347#ifdef CONFIG_PPP_FILTER 1348 /* check if we should pass this packet */ 1349 /* the filter instructions are constructed assuming 1350 a four-byte PPP header on each packet */ 1351 *skb_push(skb, 2) = 1; 1352 if (ppp->pass_filter && 1353 sk_run_filter(skb, ppp->pass_filter, 1354 ppp->pass_len) == 0) { 1355 if (ppp->debug & 1) 1356 printk(KERN_DEBUG "PPP: outbound frame not passed\n"); 1357 kfree_skb(skb); 1358 return; 1359 } 1360 /* if this packet passes the active filter, record the time */ 1361 if (!(ppp->active_filter && 1362 sk_run_filter(skb, ppp->active_filter, 1363 ppp->active_len) == 0)) 1364 ppp->last_xmit = jiffies; 1365 skb_pull(skb, 2); 1366#else 1367 /* for data packets, record the time */ 1368 //ppp->last_xmit = jiffies; 1369 /* foxconn wklin modified start, 01/18/2007 */ 1370 /* Foxconn modified start pling 08/26/2013 */ 1371 /* skb->sk seems can't use to identify whether packet is from IP stack 1372 * or not. Use skb->skb_iif instead (==0 means it come from "lo") */ 1373 //if (!skb->sk) /* record the time if not from IP stack */ 1374 if (skb->skb_iif ) 1375 /* Foxconn modified end pling 08/26/2013 */ ppp->last_xmit = jiffies; 1376 /* foxconn wklin modified end, 01/02/2007 */ 1377#endif /* CONFIG_PPP_FILTER */ 1378 } 1379 1380 ++ppp->dev->stats.tx_packets; 1381 ppp->dev->stats.tx_bytes += skb->len - 2; 1382 1383 switch (proto) { 1384 case PPP_IP: 1385 if (!ppp->vj || (ppp->flags & SC_COMP_TCP) == 0) 1386 break; 1387 /* try to do VJ TCP header compression */ 1388 new_skb = alloc_skb(skb->len + ppp->dev->hard_header_len - 2, 1389 GFP_ATOMIC); 1390 if (!new_skb) { 1391 printk(KERN_ERR "PPP: no memory (VJ comp pkt)\n"); 1392 goto drop; 1393 } 1394 skb_reserve(new_skb, ppp->dev->hard_header_len - 2); 1395 cp = skb->data + 2; 1396 len = slhc_compress(ppp->vj, cp, skb->len - 2, 1397 new_skb->data + 2, &cp, 1398 !(ppp->flags & SC_NO_TCP_CCID)); 1399 if (cp == skb->data + 2) { 1400 /* didn't compress */ 1401 kfree_skb(new_skb); 1402 } else { 1403 if (cp[0] & SL_TYPE_COMPRESSED_TCP) { 1404 proto = PPP_VJC_COMP; 1405 cp[0] &= ~SL_TYPE_COMPRESSED_TCP; 1406 } else { 1407 proto = PPP_VJC_UNCOMP; 1408 cp[0] = skb->data[2]; 1409 } 1410 kfree_skb(skb); 1411 skb = new_skb; 1412 cp = skb_put(skb, len + 2); 1413 cp[0] = 0; 1414 cp[1] = proto; 1415 } 1416 break; 1417 1418 case PPP_CCP: 1419 /* peek at outbound CCP frames */ 1420 ppp_ccp_peek(ppp, skb, 0); 1421 break; 1422 } 1423 1424 /* try to do packet compression */ 1425 if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state && 1426 proto != PPP_LCP && proto != PPP_CCP) { 1427 if (!(ppp->flags & SC_CCP_UP) && (ppp->flags & SC_MUST_COMP)) { 1428 if (net_ratelimit()) 1429 printk(KERN_ERR "ppp: compression required but down - pkt dropped.\n"); 1430 goto drop; 1431 } 1432 skb = pad_compress_skb(ppp, skb); 1433 if (!skb) 1434 goto drop; 1435 } 1436 1437 /* 1438 * If we are waiting for traffic (demand dialling), 1439 * queue it up for pppd to receive. 1440 */ 1441 if (ppp->flags & SC_LOOP_TRAFFIC) { 1442 if (ppp->file.rq.qlen > PPP_MAX_RQLEN) 1443 goto drop; 1444 /* Foxconn added start, Winster Chan, 01/02/2007 */ 1445 /* Foxconn modified start pling 08/26/2013 */ 1446 /* skb->sk seems can't use to identify whether packet is from IP stack 1447 * or not. Use skb->skb_iif instead (==0 means it come from "lo") */ 1448 //if (skb->sk) { 1449 if (!skb->skb_iif ) { 1450 /* Foxconn modified end pling 08/26/2013 */ if (skb->data[0]==0x00 && skb->data[1]==0x21 && 1451 skb->data[11]==0x01 && skb->data[18]==0xFF) 1452 { 1453 printk("PPP: Received triggerring packet.\n"); 1454 /*foxconn added start, water, 04/16/10*/ 1455 /*add michael's patch, @3500L BTS-A201001425: 1456 Internet PPPoE/PPTP idle time is not precise 1457 at the first time.*/ 1458 ppp->last_xmit = jiffies; 1459 /*foxconn added end, water, 04/16/10*/ 1460 } 1461 else 1462 goto drop; 1463 } 1464 printk("PPP: DoD triggered.\n"); 1465 /* Foxconn added end, Winster Chan, 01/02/2007 */ 1466 skb_queue_tail(&ppp->file.rq, skb); 1467 wake_up_interruptible(&ppp->file.rwait); 1468 return; 1469 } 1470 1471 ppp->xmit_pending = skb; 1472 ppp_push(ppp); 1473 return; 1474 1475 drop: 1476 kfree_skb(skb); 1477 ++ppp->dev->stats.tx_errors; 1478} 1479 1480/* 1481 * Try to send the frame in xmit_pending. 1482 * The caller should have the xmit path locked. 1483 */ 1484static void 1485ppp_push(struct ppp *ppp) 1486{ 1487 struct list_head *list; 1488 struct channel *pch; 1489 struct sk_buff *skb = ppp->xmit_pending; 1490 1491 if (!skb) 1492 return; 1493 1494 list = &ppp->channels; 1495 if (list_empty(list)) { 1496 /* nowhere to send the packet, just drop it */ 1497 ppp->xmit_pending = NULL; 1498 kfree_skb(skb); 1499 return; 1500 } 1501 1502 if ((ppp->flags & SC_MULTILINK) == 0) { 1503 /* foxconn wklin added start, 12/09/2010 */ 1504#define PPP_SHORTCUT 1505#ifdef PPP_SHORTCUT 1506 extern struct ppp_channel_ops async_ops; 1507#endif 1508 /* foxconn wklin added end, 12/09/2010 */ 1509 /* not doing multilink: send it down the first channel */ 1510 list = list->next; 1511 pch = list_entry(list, struct channel, clist); 1512 1513 /* foxconn wklin added start, 12/09/2010 */ 1514#ifdef PPP_SHORTCUT 1515 /* we bound two channels to ppp interface, make sure the we send to the 1516 * short-cut chanel (!&async_ops). 1517 */ 1518 if (pch->chan->ops == &async_ops && ppp->n_channels == 2) { 1519 list = list->next; 1520 pch = list_entry(list, struct channel, clist); 1521 } 1522#endif 1523 /* foxconn wklin added end, 12/09/2010 */ 1524 spin_lock_bh(&pch->downl); 1525 if (pch->chan) { 1526 if (pch->chan->ops->start_xmit(pch->chan, skb)) 1527 ppp->xmit_pending = NULL; 1528 } else { 1529 /* channel got unregistered */ 1530 kfree_skb(skb); 1531 ppp->xmit_pending = NULL; 1532 } 1533 spin_unlock_bh(&pch->downl); 1534 return; 1535 } 1536 1537#ifdef CONFIG_PPP_MULTILINK 1538 /* Multilink: fragment the packet over as many links 1539 as can take the packet at the moment. */ 1540 if (!ppp_mp_explode(ppp, skb)) 1541 return; 1542#endif /* CONFIG_PPP_MULTILINK */ 1543 1544 ppp->xmit_pending = NULL; 1545 kfree_skb(skb); 1546} 1547 1548#ifdef CONFIG_PPP_MULTILINK 1549/* 1550 * Divide a packet to be transmitted into fragments and 1551 * send them out the individual links. 1552 */ 1553static int ppp_mp_explode(struct ppp *ppp, struct sk_buff *skb) 1554{ 1555 int len, totlen; 1556 int i, bits, hdrlen, mtu; 1557 int flen; 1558 int navail, nfree, nzero; 1559 int nbigger; 1560 int totspeed; 1561 int totfree; 1562 unsigned char *p, *q; 1563 struct list_head *list; 1564 struct channel *pch; 1565 struct sk_buff *frag; 1566 struct ppp_channel *chan; 1567 1568 totspeed = 0; /*total bitrate of the bundle*/ 1569 nfree = 0; /* # channels which have no packet already queued */ 1570 navail = 0; /* total # of usable channels (not deregistered) */ 1571 nzero = 0; /* number of channels with zero speed associated*/ 1572 totfree = 0; /*total # of channels available and 1573 *having no queued packets before 1574 *starting the fragmentation*/ 1575 1576 hdrlen = (ppp->flags & SC_MP_XSHORTSEQ)? MPHDRLEN_SSN: MPHDRLEN; 1577 i = 0; 1578 list_for_each_entry(pch, &ppp->channels, clist) { 1579 if (pch->chan) { 1580 pch->avail = 1; 1581 navail++; 1582 pch->speed = pch->chan->speed; 1583 } else { 1584 pch->avail = 0; 1585 } 1586 if (pch->avail) { 1587 if (skb_queue_empty(&pch->file.xq) || 1588 !pch->had_frag) { 1589 if (pch->speed == 0) 1590 nzero++; 1591 else 1592 totspeed += pch->speed; 1593 1594 pch->avail = 2; 1595 ++nfree; 1596 ++totfree; 1597 } 1598 if (!pch->had_frag && i < ppp->nxchan) 1599 ppp->nxchan = i; 1600 } 1601 ++i; 1602 } 1603 /* 1604 * Don't start sending this packet unless at least half of 1605 * the channels are free. This gives much better TCP 1606 * performance if we have a lot of channels. 1607 */ 1608 if (nfree == 0 || nfree < navail / 2) 1609 return 0; /* can't take now, leave it in xmit_pending */ 1610 1611 p = skb->data; 1612 len = skb->len; 1613 if (*p == 0) { 1614 ++p; 1615 --len; 1616 } 1617 1618 totlen = len; 1619 nbigger = len % nfree; 1620 1621 /* skip to the channel after the one we last used 1622 and start at that one */ 1623 list = &ppp->channels; 1624 for (i = 0; i < ppp->nxchan; ++i) { 1625 list = list->next; 1626 if (list == &ppp->channels) { 1627 i = 0; 1628 break; 1629 } 1630 } 1631 1632 /* create a fragment for each channel */ 1633 bits = B; 1634 while (len > 0) { 1635 list = list->next; 1636 if (list == &ppp->channels) { 1637 i = 0; 1638 continue; 1639 } 1640 pch = list_entry(list, struct channel, clist); 1641 ++i; 1642 if (!pch->avail) 1643 continue; 1644 1645 /* 1646 * Skip this channel if it has a fragment pending already and 1647 * we haven't given a fragment to all of the free channels. 1648 */ 1649 if (pch->avail == 1) { 1650 if (nfree > 0) 1651 continue; 1652 } else { 1653 pch->avail = 1; 1654 } 1655 1656 /* check the channel's mtu and whether it is still attached. */ 1657 spin_lock_bh(&pch->downl); 1658 if (pch->chan == NULL) { 1659 /* can't use this channel, it's being deregistered */ 1660 if (pch->speed == 0) 1661 nzero--; 1662 else 1663 totspeed -= pch->speed; 1664 1665 spin_unlock_bh(&pch->downl); 1666 pch->avail = 0; 1667 totlen = len; 1668 totfree--; 1669 nfree--; 1670 if (--navail == 0) 1671 break; 1672 continue; 1673 } 1674 1675 /* 1676 *if the channel speed is not set divide 1677 *the packet evenly among the free channels; 1678 *otherwise divide it according to the speed 1679 *of the channel we are going to transmit on 1680 */ 1681 flen = len; 1682 if (nfree > 0) { 1683 if (pch->speed == 0) { 1684 flen = len/nfree; 1685 if (nbigger > 0) { 1686 flen++; 1687 nbigger--; 1688 } 1689 } else { 1690 flen = (((totfree - nzero)*(totlen + hdrlen*totfree)) / 1691 ((totspeed*totfree)/pch->speed)) - hdrlen; 1692 if (nbigger > 0) { 1693 flen += ((totfree - nzero)*pch->speed)/totspeed; 1694 nbigger -= ((totfree - nzero)*pch->speed)/ 1695 totspeed; 1696 } 1697 } 1698 nfree--; 1699 } 1700 1701 /* 1702 *check if we are on the last channel or 1703 *we exceded the lenght of the data to 1704 *fragment 1705 */ 1706 if ((nfree <= 0) || (flen > len)) 1707 flen = len; 1708 /* 1709 *it is not worth to tx on slow channels: 1710 *in that case from the resulting flen according to the 1711 *above formula will be equal or less than zero. 1712 *Skip the channel in this case 1713 */ 1714 if (flen <= 0) { 1715 pch->avail = 2; 1716 spin_unlock_bh(&pch->downl); 1717 continue; 1718 } 1719 1720 mtu = pch->chan->mtu - hdrlen; 1721 if (mtu < 4) 1722 mtu = 4; 1723 if (flen > mtu) 1724 flen = mtu; 1725 if (flen == len) 1726 bits |= E; 1727 frag = alloc_skb(flen + hdrlen + (flen == 0), GFP_ATOMIC); 1728 if (!frag) 1729 goto noskb; 1730 q = skb_put(frag, flen + hdrlen); 1731 1732 /* make the MP header */ 1733 q[0] = PPP_MP >> 8; 1734 q[1] = PPP_MP; 1735 if (ppp->flags & SC_MP_XSHORTSEQ) { 1736 q[2] = bits + ((ppp->nxseq >> 8) & 0xf); 1737 q[3] = ppp->nxseq; 1738 } else { 1739 q[2] = bits; 1740 q[3] = ppp->nxseq >> 16; 1741 q[4] = ppp->nxseq >> 8; 1742 q[5] = ppp->nxseq; 1743 } 1744 1745 memcpy(q + hdrlen, p, flen); 1746 1747 /* try to send it down the channel */ 1748 chan = pch->chan; 1749 if (!skb_queue_empty(&pch->file.xq) || 1750 !chan->ops->start_xmit(chan, frag)) 1751 skb_queue_tail(&pch->file.xq, frag); 1752 pch->had_frag = 1; 1753 p += flen; 1754 len -= flen; 1755 ++ppp->nxseq; 1756 bits = 0; 1757 spin_unlock_bh(&pch->downl); 1758 } 1759 ppp->nxchan = i; 1760 1761 return 1; 1762 1763 noskb: 1764 spin_unlock_bh(&pch->downl); 1765 if (ppp->debug & 1) 1766 printk(KERN_ERR "PPP: no memory (fragment)\n"); 1767 ++ppp->dev->stats.tx_errors; 1768 ++ppp->nxseq; 1769 return 1; /* abandon the frame */ 1770} 1771#endif /* CONFIG_PPP_MULTILINK */ 1772 1773/* 1774 * Try to send data out on a channel. 1775 */ 1776static void 1777ppp_channel_push(struct channel *pch) 1778{ 1779 struct sk_buff *skb; 1780 struct ppp *ppp; 1781 1782 spin_lock_bh(&pch->downl); 1783 if (pch->chan) { 1784 while (!skb_queue_empty(&pch->file.xq)) { 1785 skb = skb_dequeue(&pch->file.xq); 1786 if (!pch->chan->ops->start_xmit(pch->chan, skb)) { 1787 /* put the packet back and try again later */ 1788 skb_queue_head(&pch->file.xq, skb); 1789 break; 1790 } 1791 } 1792 } else { 1793 /* channel got deregistered */ 1794 skb_queue_purge(&pch->file.xq); 1795 } 1796 spin_unlock_bh(&pch->downl); 1797 /* see if there is anything from the attached unit to be sent */ 1798 if (skb_queue_empty(&pch->file.xq)) { 1799 read_lock_bh(&pch->upl); 1800 ppp = pch->ppp; 1801 if (ppp) 1802 ppp_xmit_process(ppp); 1803 read_unlock_bh(&pch->upl); 1804 } 1805} 1806 1807/* 1808 * Receive-side routines. 1809 */ 1810 1811/* misuse a few fields of the skb for MP reconstruction */ 1812#define sequence priority 1813#define BEbits cb[0] 1814 1815static inline void 1816ppp_do_recv(struct ppp *ppp, struct sk_buff *skb, struct channel *pch) 1817{ 1818 ppp_recv_lock(ppp); 1819 if (!ppp->closing) 1820 ppp_receive_frame(ppp, skb, pch); 1821 else 1822 kfree_skb(skb); 1823 ppp_recv_unlock(ppp); 1824} 1825 1826void 1827ppp_input(struct ppp_channel *chan, struct sk_buff *skb) 1828{ 1829 struct channel *pch = chan->ppp; 1830 int proto; 1831 1832 if (!pch) { 1833 kfree_skb(skb); 1834 return; 1835 } 1836 1837 read_lock_bh(&pch->upl); 1838 if (!pskb_may_pull(skb, 2)) { 1839 kfree_skb(skb); 1840 if (pch->ppp) { 1841 ++pch->ppp->dev->stats.rx_length_errors; 1842 ppp_receive_error(pch->ppp); 1843 } 1844 goto done; 1845 } 1846 1847 proto = PPP_PROTO(skb); 1848 if (!pch->ppp || proto >= 0xc000 || proto == PPP_CCPFRAG) { 1849 /* put it on the channel queue */ 1850 skb_queue_tail(&pch->file.rq, skb); 1851 /* drop old frames if queue too long */ 1852 while (pch->file.rq.qlen > PPP_MAX_RQLEN && 1853 (skb = skb_dequeue(&pch->file.rq))) 1854 kfree_skb(skb); 1855 wake_up_interruptible(&pch->file.rwait); 1856 } else { 1857 ppp_do_recv(pch->ppp, skb, pch); 1858 } 1859 1860done: 1861 read_unlock_bh(&pch->upl); 1862} 1863 1864/* Put a 0-length skb in the receive queue as an error indication */ 1865void 1866ppp_input_error(struct ppp_channel *chan, int code) 1867{ 1868 struct channel *pch = chan->ppp; 1869 struct sk_buff *skb; 1870 1871 if (!pch) 1872 return; 1873 1874 read_lock_bh(&pch->upl); 1875 if (pch->ppp) { 1876 skb = alloc_skb(0, GFP_ATOMIC); 1877 if (skb) { 1878 skb->len = 0; /* probably unnecessary */ 1879 skb->cb[0] = code; 1880 ppp_do_recv(pch->ppp, skb, pch); 1881 } 1882 } 1883 read_unlock_bh(&pch->upl); 1884} 1885 1886/* 1887 * We come in here to process a received frame. 1888 * The receive side of the ppp unit is locked. 1889 */ 1890static void 1891ppp_receive_frame(struct ppp *ppp, struct sk_buff *skb, struct channel *pch) 1892{ 1893 /* note: a 0-length skb is used as an error indication */ 1894 if (skb->len > 0) { 1895#ifdef CONFIG_PPP_MULTILINK 1896 if (PPP_PROTO(skb) == PPP_MP) 1897 ppp_receive_mp_frame(ppp, skb, pch); 1898 else 1899#endif /* CONFIG_PPP_MULTILINK */ 1900 ppp_receive_nonmp_frame(ppp, skb); 1901 } else { 1902 kfree_skb(skb); 1903 ppp_receive_error(ppp); 1904 } 1905} 1906 1907static void 1908ppp_receive_error(struct ppp *ppp) 1909{ 1910 ++ppp->dev->stats.rx_errors; 1911 if (ppp->vj) 1912 slhc_toss(ppp->vj); 1913} 1914 1915static void 1916ppp_receive_nonmp_frame(struct ppp *ppp, struct sk_buff *skb) 1917{ 1918 struct sk_buff *ns; 1919 int proto, len, npi; 1920 1921 /* 1922 * Decompress the frame, if compressed. 1923 * Note that some decompressors need to see uncompressed frames 1924 * that come in as well as compressed frames. 1925 */ 1926 if (ppp->rc_state && (ppp->rstate & SC_DECOMP_RUN) && 1927 (ppp->rstate & (SC_DC_FERROR | SC_DC_ERROR)) == 0) 1928 skb = ppp_decompress_frame(ppp, skb); 1929 1930 if (ppp->flags & SC_MUST_COMP && ppp->rstate & SC_DC_FERROR) 1931 goto err; 1932 1933 proto = PPP_PROTO(skb); 1934 switch (proto) { 1935 case PPP_VJC_COMP: 1936 /* decompress VJ compressed packets */ 1937 if (!ppp->vj || (ppp->flags & SC_REJ_COMP_TCP)) 1938 goto err; 1939 1940 if (skb_tailroom(skb) < 124 || skb_cloned(skb)) { 1941 /* copy to a new sk_buff with more tailroom */ 1942 ns = dev_alloc_skb(skb->len + 128); 1943 if (!ns) { 1944 printk(KERN_ERR "PPP: no memory (VJ decomp)\n"); 1945 goto err; 1946 } 1947 skb_reserve(ns, 2); 1948 skb_copy_bits(skb, 0, skb_put(ns, skb->len), skb->len); 1949 kfree_skb(skb); 1950 skb = ns; 1951 } 1952 else 1953 skb->ip_summed = CHECKSUM_NONE; 1954 1955 len = slhc_uncompress(ppp->vj, skb->data + 2, skb->len - 2); 1956 if (len <= 0) { 1957 printk(KERN_DEBUG "PPP: VJ decompression error\n"); 1958 goto err; 1959 } 1960 len += 2; 1961 if (len > skb->len) 1962 skb_put(skb, len - skb->len); 1963 else if (len < skb->len) 1964 skb_trim(skb, len); 1965 proto = PPP_IP; 1966 break; 1967 1968 case PPP_VJC_UNCOMP: 1969 if (!ppp->vj || (ppp->flags & SC_REJ_COMP_TCP)) 1970 goto err; 1971 1972 /* Until we fix the decompressor need to make sure 1973 * data portion is linear. 1974 */ 1975 if (!pskb_may_pull(skb, skb->len)) 1976 goto err; 1977 1978 if (slhc_remember(ppp->vj, skb->data + 2, skb->len - 2) <= 0) { 1979 printk(KERN_ERR "PPP: VJ uncompressed error\n"); 1980 goto err; 1981 } 1982 proto = PPP_IP; 1983 break; 1984 1985 case PPP_CCP: 1986 ppp_ccp_peek(ppp, skb, 1); 1987 break; 1988 } 1989 1990 ++ppp->dev->stats.rx_packets; 1991 ppp->dev->stats.rx_bytes += skb->len - 2; 1992 1993 npi = proto_to_npindex(proto); 1994 if (npi < 0) { 1995 /* control or unknown frame - pass it to pppd */ 1996 skb_queue_tail(&ppp->file.rq, skb); 1997 /* limit queue length by dropping old frames */ 1998 while (ppp->file.rq.qlen > PPP_MAX_RQLEN && 1999 (skb = skb_dequeue(&ppp->file.rq))) 2000 kfree_skb(skb); 2001 /* wake up any process polling or blocking on read */ 2002 wake_up_interruptible(&ppp->file.rwait); 2003 2004 } else { 2005 /* network protocol frame - give it to the kernel */ 2006 2007#ifdef CONFIG_PPP_FILTER 2008 /* check if the packet passes the pass and active filters */ 2009 /* the filter instructions are constructed assuming 2010 a four-byte PPP header on each packet */ 2011 if (ppp->pass_filter || ppp->active_filter) { 2012 if (skb_cloned(skb) && 2013 pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) 2014 goto err; 2015 2016 *skb_push(skb, 2) = 0; 2017 if (ppp->pass_filter && 2018 sk_run_filter(skb, ppp->pass_filter, 2019 ppp->pass_len) == 0) { 2020 if (ppp->debug & 1) 2021 printk(KERN_DEBUG "PPP: inbound frame " 2022 "not passed\n"); 2023 kfree_skb(skb); 2024 return; 2025 } 2026 if (!(ppp->active_filter && 2027 sk_run_filter(skb, ppp->active_filter, 2028 ppp->active_len) == 0)) 2029 ppp->last_recv = jiffies; 2030 __skb_pull(skb, 2); 2031 } else 2032#endif /* CONFIG_PPP_FILTER */ 2033 //ppp->last_recv = jiffies; 2034 /* Foxconn removed start, Winster Chan, 01/12/2007 */ 2035 ; /* ppp->last_recv = jiffies; */ 2036 /* Foxconn removed end, Winster Chan, 01/12/2007 */ 2037 2038 if ((ppp->dev->flags & IFF_UP) == 0 || 2039 ppp->npmode[npi] != NPMODE_PASS) { 2040 kfree_skb(skb); 2041 } else { 2042 /* chop off protocol */ 2043 skb_pull_rcsum(skb, 2); 2044 skb->dev = ppp->dev; 2045 skb->protocol = htons(npindex_to_ethertype[npi]); 2046 skb_reset_mac_header(skb); 2047 netif_rx(skb); 2048 } 2049 } 2050 return; 2051 2052 err: 2053 kfree_skb(skb); 2054 ppp_receive_error(ppp); 2055} 2056 2057static struct sk_buff * 2058ppp_decompress_frame(struct ppp *ppp, struct sk_buff *skb) 2059{ 2060 int proto = PPP_PROTO(skb); 2061 struct sk_buff *ns; 2062 int len; 2063 2064 /* Until we fix all the decompressor's need to make sure 2065 * data portion is linear. 2066 */ 2067 if (!pskb_may_pull(skb, skb->len)) 2068 goto err; 2069 2070 if (proto == PPP_COMP) { 2071 int obuff_size; 2072 2073 switch(ppp->rcomp->compress_proto) { 2074 case CI_MPPE: 2075 obuff_size = ppp->mru + PPP_HDRLEN + 1; 2076 break; 2077 default: 2078 obuff_size = ppp->mru + PPP_HDRLEN; 2079 break; 2080 } 2081 2082 ns = dev_alloc_skb(obuff_size); 2083 if (!ns) { 2084 printk(KERN_ERR "ppp_decompress_frame: no memory\n"); 2085 goto err; 2086 } 2087 /* the decompressor still expects the A/C bytes in the hdr */ 2088 len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2, 2089 skb->len + 2, ns->data, obuff_size); 2090 if (len < 0) { 2091 /* Pass the compressed frame to pppd as an 2092 error indication. */ 2093 if (len == DECOMP_FATALERROR) 2094 ppp->rstate |= SC_DC_FERROR; 2095 kfree_skb(ns); 2096 goto err; 2097 } 2098 2099 kfree_skb(skb); 2100 skb = ns; 2101 skb_put(skb, len); 2102 skb_pull(skb, 2); /* pull off the A/C bytes */ 2103 2104 } else { 2105 /* Uncompressed frame - pass to decompressor so it 2106 can update its dictionary if necessary. */ 2107 if (ppp->rcomp->incomp) 2108 ppp->rcomp->incomp(ppp->rc_state, skb->data - 2, 2109 skb->len + 2); 2110 } 2111 2112 return skb; 2113 2114 err: 2115 ppp->rstate |= SC_DC_ERROR; 2116 ppp_receive_error(ppp); 2117 return skb; 2118} 2119 2120#ifdef CONFIG_PPP_MULTILINK 2121/* 2122 * Receive a multilink frame. 2123 * We put it on the reconstruction queue and then pull off 2124 * as many completed frames as we can. 2125 */ 2126static void 2127ppp_receive_mp_frame(struct ppp *ppp, struct sk_buff *skb, struct channel *pch) 2128{ 2129 u32 mask, seq; 2130 struct channel *ch; 2131 int mphdrlen = (ppp->flags & SC_MP_SHORTSEQ)? MPHDRLEN_SSN: MPHDRLEN; 2132 2133 if (!pskb_may_pull(skb, mphdrlen + 1) || ppp->mrru == 0) 2134 goto err; /* no good, throw it away */ 2135 2136 /* Decode sequence number and begin/end bits */ 2137 if (ppp->flags & SC_MP_SHORTSEQ) { 2138 seq = ((skb->data[2] & 0x0f) << 8) | skb->data[3]; 2139 mask = 0xfff; 2140 } else { 2141 seq = (skb->data[3] << 16) | (skb->data[4] << 8)| skb->data[5]; 2142 mask = 0xffffff; 2143 } 2144 skb->BEbits = skb->data[2]; 2145 skb_pull(skb, mphdrlen); /* pull off PPP and MP headers */ 2146 2147 /* 2148 * Do protocol ID decompression on the first fragment of each packet. 2149 */ 2150 if ((skb->BEbits & B) && (skb->data[0] & 1)) 2151 *skb_push(skb, 1) = 0; 2152 2153 /* 2154 * Expand sequence number to 32 bits, making it as close 2155 * as possible to ppp->minseq. 2156 */ 2157 seq |= ppp->minseq & ~mask; 2158 if ((int)(ppp->minseq - seq) > (int)(mask >> 1)) 2159 seq += mask + 1; 2160 else if ((int)(seq - ppp->minseq) > (int)(mask >> 1)) 2161 seq -= mask + 1; /* should never happen */ 2162 skb->sequence = seq; 2163 pch->lastseq = seq; 2164 2165 /* 2166 * If this packet comes before the next one we were expecting, 2167 * drop it. 2168 */ 2169 if (seq_before(seq, ppp->nextseq)) { 2170 kfree_skb(skb); 2171 ++ppp->dev->stats.rx_dropped; 2172 ppp_receive_error(ppp); 2173 return; 2174 } 2175 2176 /* 2177 * Reevaluate minseq, the minimum over all channels of the 2178 * last sequence number received on each channel. Because of 2179 * the increasing sequence number rule, we know that any fragment 2180 * before `minseq' which hasn't arrived is never going to arrive. 2181 * The list of channels can't change because we have the receive 2182 * side of the ppp unit locked. 2183 */ 2184 list_for_each_entry(ch, &ppp->channels, clist) { 2185 if (seq_before(ch->lastseq, seq)) 2186 seq = ch->lastseq; 2187 } 2188 if (seq_before(ppp->minseq, seq)) 2189 ppp->minseq = seq; 2190 2191 /* Put the fragment on the reconstruction queue */ 2192 ppp_mp_insert(ppp, skb); 2193 2194 /* If the queue is getting long, don't wait any longer for packets 2195 before the start of the queue. */ 2196 if (skb_queue_len(&ppp->mrq) >= PPP_MP_MAX_QLEN) { 2197 struct sk_buff *mskb = skb_peek(&ppp->mrq); 2198 if (seq_before(ppp->minseq, mskb->sequence)) 2199 ppp->minseq = mskb->sequence; 2200 } 2201 2202 /* Pull completed packets off the queue and receive them. */ 2203 while ((skb = ppp_mp_reconstruct(ppp))) { 2204 if (pskb_may_pull(skb, 2)) 2205 ppp_receive_nonmp_frame(ppp, skb); 2206 else { 2207 ++ppp->dev->stats.rx_length_errors; 2208 kfree_skb(skb); 2209 ppp_receive_error(ppp); 2210 } 2211 } 2212 2213 return; 2214 2215 err: 2216 kfree_skb(skb); 2217 ppp_receive_error(ppp); 2218} 2219 2220/* 2221 * Insert a fragment on the MP reconstruction queue. 2222 * The queue is ordered by increasing sequence number. 2223 */ 2224static void 2225ppp_mp_insert(struct ppp *ppp, struct sk_buff *skb) 2226{ 2227 struct sk_buff *p; 2228 struct sk_buff_head *list = &ppp->mrq; 2229 u32 seq = skb->sequence; 2230 2231 /* N.B. we don't need to lock the list lock because we have the 2232 ppp unit receive-side lock. */ 2233 skb_queue_walk(list, p) { 2234 if (seq_before(seq, p->sequence)) 2235 break; 2236 } 2237 __skb_queue_before(list, p, skb); 2238} 2239 2240/* 2241 * Reconstruct a packet from the MP fragment queue. 2242 * We go through increasing sequence numbers until we find a 2243 * complete packet, or we get to the sequence number for a fragment 2244 * which hasn't arrived but might still do so. 2245 */ 2246static struct sk_buff * 2247ppp_mp_reconstruct(struct ppp *ppp) 2248{ 2249 u32 seq = ppp->nextseq; 2250 u32 minseq = ppp->minseq; 2251 struct sk_buff_head *list = &ppp->mrq; 2252 struct sk_buff *p, *next; 2253 struct sk_buff *head, *tail; 2254 struct sk_buff *skb = NULL; 2255 int lost = 0, len = 0; 2256 2257 if (ppp->mrru == 0) /* do nothing until mrru is set */ 2258 return NULL; 2259 head = list->next; 2260 tail = NULL; 2261 for (p = head; p != (struct sk_buff *) list; p = next) { 2262 next = p->next; 2263 if (seq_before(p->sequence, seq)) { 2264 /* this can't happen, anyway ignore the skb */ 2265 printk(KERN_ERR "ppp_mp_reconstruct bad seq %u < %u\n", 2266 p->sequence, seq); 2267 head = next; 2268 continue; 2269 } 2270 if (p->sequence != seq) { 2271 /* Fragment `seq' is missing. If it is after 2272 minseq, it might arrive later, so stop here. */ 2273 if (seq_after(seq, minseq)) 2274 break; 2275 /* Fragment `seq' is lost, keep going. */ 2276 lost = 1; 2277 seq = seq_before(minseq, p->sequence)? 2278 minseq + 1: p->sequence; 2279 next = p; 2280 continue; 2281 } 2282 2283 /* 2284 * At this point we know that all the fragments from 2285 * ppp->nextseq to seq are either present or lost. 2286 * Also, there are no complete packets in the queue 2287 * that have no missing fragments and end before this 2288 * fragment. 2289 */ 2290 2291 /* B bit set indicates this fragment starts a packet */ 2292 if (p->BEbits & B) { 2293 head = p; 2294 lost = 0; 2295 len = 0; 2296 } 2297 2298 len += p->len; 2299 2300 /* Got a complete packet yet? */ 2301 if (lost == 0 && (p->BEbits & E) && (head->BEbits & B)) { 2302 if (len > ppp->mrru + 2) { 2303 ++ppp->dev->stats.rx_length_errors; 2304 printk(KERN_DEBUG "PPP: reconstructed packet" 2305 " is too long (%d)\n", len); 2306 } else if (p == head) { 2307 /* fragment is complete packet - reuse skb */ 2308 tail = p; 2309 skb = skb_get(p); 2310 break; 2311 } else if ((skb = dev_alloc_skb(len)) == NULL) { 2312 ++ppp->dev->stats.rx_missed_errors; 2313 printk(KERN_DEBUG "PPP: no memory for " 2314 "reconstructed packet"); 2315 } else { 2316 tail = p; 2317 break; 2318 } 2319 ppp->nextseq = seq + 1; 2320 } 2321 2322 /* 2323 * If this is the ending fragment of a packet, 2324 * and we haven't found a complete valid packet yet, 2325 * we can discard up to and including this fragment. 2326 */ 2327 if (p->BEbits & E) 2328 head = next; 2329 2330 ++seq; 2331 } 2332 2333 /* If we have a complete packet, copy it all into one skb. */ 2334 if (tail != NULL) { 2335 /* If we have discarded any fragments, 2336 signal a receive error. */ 2337 if (head->sequence != ppp->nextseq) { 2338 if (ppp->debug & 1) 2339 printk(KERN_DEBUG " missed pkts %u..%u\n", 2340 ppp->nextseq, head->sequence-1); 2341 ++ppp->dev->stats.rx_dropped; 2342 ppp_receive_error(ppp); 2343 } 2344 2345 if (head != tail) 2346 /* copy to a single skb */ 2347 for (p = head; p != tail->next; p = p->next) 2348 skb_copy_bits(p, 0, skb_put(skb, p->len), p->len); 2349 ppp->nextseq = tail->sequence + 1; 2350 head = tail->next; 2351 } 2352 2353 /* Discard all the skbuffs that we have copied the data out of 2354 or that we can't use. */ 2355 while ((p = list->next) != head) { 2356 __skb_unlink(p, list); 2357 kfree_skb(p); 2358 } 2359 2360 return skb; 2361} 2362#endif /* CONFIG_PPP_MULTILINK */ 2363 2364/* 2365 * Channel interface. 2366 */ 2367 2368/* Create a new, unattached ppp channel. */ 2369int ppp_register_channel(struct ppp_channel *chan) 2370{ 2371 return ppp_register_net_channel(current->nsproxy->net_ns, chan); 2372} 2373 2374/* Create a new, unattached ppp channel for specified net. */ 2375int ppp_register_net_channel(struct net *net, struct ppp_channel *chan) 2376{ 2377 struct channel *pch; 2378 struct ppp_net *pn; 2379 2380 pch = kzalloc(sizeof(struct channel), GFP_KERNEL); 2381 if (!pch) 2382 return -ENOMEM; 2383 2384 pn = ppp_pernet(net); 2385 2386 pch->ppp = NULL; 2387 pch->chan = chan; 2388 pch->chan_net = net; 2389 chan->ppp = pch; 2390 init_ppp_file(&pch->file, CHANNEL); 2391 pch->file.hdrlen = chan->hdrlen; 2392#ifdef CONFIG_PPP_MULTILINK 2393 pch->lastseq = -1; 2394#endif /* CONFIG_PPP_MULTILINK */ 2395 init_rwsem(&pch->chan_sem); 2396 spin_lock_init(&pch->downl); 2397 rwlock_init(&pch->upl); 2398 2399 spin_lock_bh(&pn->all_channels_lock); 2400 pch->file.index = ++pn->last_channel_index; 2401 list_add(&pch->list, &pn->new_channels); 2402 atomic_inc(&channel_count); 2403 spin_unlock_bh(&pn->all_channels_lock); 2404 2405 return 0; 2406} 2407 2408/* 2409 * Return the index of a channel. 2410 */ 2411int ppp_channel_index(struct ppp_channel *chan) 2412{ 2413 struct channel *pch = chan->ppp; 2414 2415 if (pch) 2416 return pch->file.index; 2417 return -1; 2418} 2419 2420/* 2421 * Return the PPP unit number to which a channel is connected. 2422 */ 2423int ppp_unit_number(struct ppp_channel *chan) 2424{ 2425 struct channel *pch = chan->ppp; 2426 int unit = -1; 2427 2428 if (pch) { 2429 read_lock_bh(&pch->upl); 2430 if (pch->ppp) 2431 unit = pch->ppp->file.index; 2432 read_unlock_bh(&pch->upl); 2433 } 2434 return unit; 2435} 2436 2437/* 2438 * Return the PPP device interface name of a channel. 2439 */ 2440char *ppp_dev_name(struct ppp_channel *chan) 2441{ 2442 struct channel *pch = chan->ppp; 2443 char *name = NULL; 2444 2445 if (pch) { 2446 read_lock_bh(&pch->upl); 2447 if (pch->ppp && pch->ppp->dev) 2448 name = pch->ppp->dev->name; 2449 read_unlock_bh(&pch->upl); 2450 } 2451 return name; 2452} 2453 2454 2455/* 2456 * Disconnect a channel from the generic layer. 2457 * This must be called in process context. 2458 */ 2459void 2460ppp_unregister_channel(struct ppp_channel *chan) 2461{ 2462 struct channel *pch = chan->ppp; 2463 struct ppp_net *pn; 2464 2465 if (!pch) 2466 return; /* should never happen */ 2467 2468 chan->ppp = NULL; 2469 2470 /* 2471 * This ensures that we have returned from any calls into the 2472 * the channel's start_xmit or ioctl routine before we proceed. 2473 */ 2474 down_write(&pch->chan_sem); 2475 spin_lock_bh(&pch->downl); 2476 pch->chan = NULL; 2477 spin_unlock_bh(&pch->downl); 2478 up_write(&pch->chan_sem); 2479 ppp_disconnect_channel(pch); 2480 2481 pn = ppp_pernet(pch->chan_net); 2482 spin_lock_bh(&pn->all_channels_lock); 2483 list_del(&pch->list); 2484 spin_unlock_bh(&pn->all_channels_lock); 2485 2486 pch->file.dead = 1; 2487 wake_up_interruptible(&pch->file.rwait); 2488 if (atomic_dec_and_test(&pch->file.refcnt)) 2489 ppp_destroy_channel(pch); 2490} 2491 2492/* 2493 * Callback from a channel when it can accept more to transmit. 2494 * This should be called at BH/softirq level, not interrupt level. 2495 */ 2496void 2497ppp_output_wakeup(struct ppp_channel *chan) 2498{ 2499 struct channel *pch = chan->ppp; 2500 2501 if (!pch) 2502 return; 2503 ppp_channel_push(pch); 2504} 2505 2506/* 2507 * Compression control. 2508 */ 2509 2510/* Process the PPPIOCSCOMPRESS ioctl. */ 2511static int 2512ppp_set_compress(struct ppp *ppp, unsigned long arg) 2513{ 2514 int err; 2515 struct compressor *cp, *ocomp; 2516 struct ppp_option_data data; 2517 void *state, *ostate; 2518 unsigned char ccp_option[CCP_MAX_OPTION_LENGTH]; 2519 2520 err = -EFAULT; 2521 if (copy_from_user(&data, (void __user *) arg, sizeof(data)) || 2522 (data.length <= CCP_MAX_OPTION_LENGTH && 2523 copy_from_user(ccp_option, (void __user *) data.ptr, data.length))) 2524 goto out; 2525 err = -EINVAL; 2526 if (data.length > CCP_MAX_OPTION_LENGTH || 2527 ccp_option[1] < 2 || ccp_option[1] > data.length) 2528 goto out; 2529 2530 cp = try_then_request_module( 2531 find_compressor(ccp_option[0]), 2532 "ppp-compress-%d", ccp_option[0]); 2533 if (!cp) 2534 goto out; 2535 2536 err = -ENOBUFS; 2537 if (data.transmit) { 2538 state = cp->comp_alloc(ccp_option, data.length); 2539 if (state) { 2540 ppp_xmit_lock(ppp); 2541 ppp->xstate &= ~SC_COMP_RUN; 2542 ocomp = ppp->xcomp; 2543 ostate = ppp->xc_state; 2544 ppp->xcomp = cp; 2545 ppp->xc_state = state; 2546 ppp_xmit_unlock(ppp); 2547 if (ostate) { 2548 ocomp->comp_free(ostate); 2549 module_put(ocomp->owner); 2550 } 2551 err = 0; 2552 } else 2553 module_put(cp->owner); 2554 2555 } else { 2556 state = cp->decomp_alloc(ccp_option, data.length); 2557 if (state) { 2558 ppp_recv_lock(ppp); 2559 ppp->rstate &= ~SC_DECOMP_RUN; 2560 ocomp = ppp->rcomp; 2561 ostate = ppp->rc_state; 2562 ppp->rcomp = cp; 2563 ppp->rc_state = state; 2564 ppp_recv_unlock(ppp); 2565 if (ostate) { 2566 ocomp->decomp_free(ostate); 2567 module_put(ocomp->owner); 2568 } 2569 err = 0; 2570 } else 2571 module_put(cp->owner); 2572 } 2573 2574 out: 2575 return err; 2576} 2577 2578/* 2579 * Look at a CCP packet and update our state accordingly. 2580 * We assume the caller has the xmit or recv path locked. 2581 */ 2582static void 2583ppp_ccp_peek(struct ppp *ppp, struct sk_buff *skb, int inbound) 2584{ 2585 unsigned char *dp; 2586 int len; 2587 2588 if (!pskb_may_pull(skb, CCP_HDRLEN + 2)) 2589 return; /* no header */ 2590 dp = skb->data + 2; 2591 2592 switch (CCP_CODE(dp)) { 2593 case CCP_CONFREQ: 2594 2595 /* A ConfReq starts negotiation of compression 2596 * in one direction of transmission, 2597 * and hence brings it down...but which way? 2598 * 2599 * Remember: 2600 * A ConfReq indicates what the sender would like to receive 2601 */ 2602 if(inbound) 2603 /* He is proposing what I should send */ 2604 ppp->xstate &= ~SC_COMP_RUN; 2605 else 2606 /* I am proposing to what he should send */ 2607 ppp->rstate &= ~SC_DECOMP_RUN; 2608 2609 break; 2610 2611 case CCP_TERMREQ: 2612 case CCP_TERMACK: 2613 /* 2614 * CCP is going down, both directions of transmission 2615 */ 2616 ppp->rstate &= ~SC_DECOMP_RUN; 2617 ppp->xstate &= ~SC_COMP_RUN; 2618 break; 2619 2620 case CCP_CONFACK: 2621 if ((ppp->flags & (SC_CCP_OPEN | SC_CCP_UP)) != SC_CCP_OPEN) 2622 break; 2623 len = CCP_LENGTH(dp); 2624 if (!pskb_may_pull(skb, len + 2)) 2625 return; /* too short */ 2626 dp += CCP_HDRLEN; 2627 len -= CCP_HDRLEN; 2628 if (len < CCP_OPT_MINLEN || len < CCP_OPT_LENGTH(dp)) 2629 break; 2630 if (inbound) { 2631 /* we will start receiving compressed packets */ 2632 if (!ppp->rc_state) 2633 break; 2634 if (ppp->rcomp->decomp_init(ppp->rc_state, dp, len, 2635 ppp->file.index, 0, ppp->mru, ppp->debug)) { 2636 ppp->rstate |= SC_DECOMP_RUN; 2637 ppp->rstate &= ~(SC_DC_ERROR | SC_DC_FERROR); 2638 } 2639 } else { 2640 /* we will soon start sending compressed packets */ 2641 if (!ppp->xc_state) 2642 break; 2643 if (ppp->xcomp->comp_init(ppp->xc_state, dp, len, 2644 ppp->file.index, 0, ppp->debug)) 2645 ppp->xstate |= SC_COMP_RUN; 2646 } 2647 break; 2648 2649 case CCP_RESETACK: 2650 /* reset the [de]compressor */ 2651 if ((ppp->flags & SC_CCP_UP) == 0) 2652 break; 2653 if (inbound) { 2654 if (ppp->rc_state && (ppp->rstate & SC_DECOMP_RUN)) { 2655 ppp->rcomp->decomp_reset(ppp->rc_state); 2656 ppp->rstate &= ~SC_DC_ERROR; 2657 } 2658 } else { 2659 if (ppp->xc_state && (ppp->xstate & SC_COMP_RUN)) 2660 ppp->xcomp->comp_reset(ppp->xc_state); 2661 } 2662 break; 2663 } 2664} 2665 2666/* Free up compression resources. */ 2667static void 2668ppp_ccp_closed(struct ppp *ppp) 2669{ 2670 void *xstate, *rstate; 2671 struct compressor *xcomp, *rcomp; 2672 2673 ppp_lock(ppp); 2674 ppp->flags &= ~(SC_CCP_OPEN | SC_CCP_UP); 2675 ppp->xstate = 0; 2676 xcomp = ppp->xcomp; 2677 xstate = ppp->xc_state; 2678 ppp->xc_state = NULL; 2679 ppp->rstate = 0; 2680 rcomp = ppp->rcomp; 2681 rstate = ppp->rc_state; 2682 ppp->rc_state = NULL; 2683 ppp_unlock(ppp); 2684 2685 if (xstate) { 2686 xcomp->comp_free(xstate); 2687 module_put(xcomp->owner); 2688 } 2689 if (rstate) { 2690 rcomp->decomp_free(rstate); 2691 module_put(rcomp->owner); 2692 } 2693} 2694 2695/* List of compressors. */ 2696static LIST_HEAD(compressor_list); 2697static DEFINE_SPINLOCK(compressor_list_lock); 2698 2699struct compressor_entry { 2700 struct list_head list; 2701 struct compressor *comp; 2702}; 2703 2704static struct compressor_entry * 2705find_comp_entry(int proto) 2706{ 2707 struct compressor_entry *ce; 2708 2709 list_for_each_entry(ce, &compressor_list, list) { 2710 if (ce->comp->compress_proto == proto) 2711 return ce; 2712 } 2713 return NULL; 2714} 2715 2716/* Register a compressor */ 2717int 2718ppp_register_compressor(struct compressor *cp) 2719{ 2720 struct compressor_entry *ce; 2721 int ret; 2722 spin_lock(&compressor_list_lock); 2723 ret = -EEXIST; 2724 if (find_comp_entry(cp->compress_proto)) 2725 goto out; 2726 ret = -ENOMEM; 2727 ce = kmalloc(sizeof(struct compressor_entry), GFP_ATOMIC); 2728 if (!ce) 2729 goto out; 2730 ret = 0; 2731 ce->comp = cp; 2732 list_add(&ce->list, &compressor_list); 2733 out: 2734 spin_unlock(&compressor_list_lock); 2735 return ret; 2736} 2737 2738/* Unregister a compressor */ 2739void 2740ppp_unregister_compressor(struct compressor *cp) 2741{ 2742 struct compressor_entry *ce; 2743 2744 spin_lock(&compressor_list_lock); 2745 ce = find_comp_entry(cp->compress_proto); 2746 if (ce && ce->comp == cp) { 2747 list_del(&ce->list); 2748 kfree(ce); 2749 } 2750 spin_unlock(&compressor_list_lock); 2751} 2752 2753/* Find a compressor. */ 2754static struct compressor * 2755find_compressor(int type) 2756{ 2757 struct compressor_entry *ce; 2758 struct compressor *cp = NULL; 2759 2760 spin_lock(&compressor_list_lock); 2761 ce = find_comp_entry(type); 2762 if (ce) { 2763 cp = ce->comp; 2764 if (!try_module_get(cp->owner)) 2765 cp = NULL; 2766 } 2767 spin_unlock(&compressor_list_lock); 2768 return cp; 2769} 2770 2771/* 2772 * Miscelleneous stuff. 2773 */ 2774 2775static void 2776ppp_get_stats(struct ppp *ppp, struct ppp_stats *st) 2777{ 2778 struct slcompress *vj = ppp->vj; 2779 2780 memset(st, 0, sizeof(*st)); 2781 st->p.ppp_ipackets = ppp->dev->stats.rx_packets; 2782 st->p.ppp_ierrors = ppp->dev->stats.rx_errors; 2783 st->p.ppp_ibytes = ppp->dev->stats.rx_bytes; 2784 st->p.ppp_opackets = ppp->dev->stats.tx_packets; 2785 st->p.ppp_oerrors = ppp->dev->stats.tx_errors; 2786 st->p.ppp_obytes = ppp->dev->stats.tx_bytes; 2787 if (!vj) 2788 return; 2789 st->vj.vjs_packets = vj->sls_o_compressed + vj->sls_o_uncompressed; 2790 st->vj.vjs_compressed = vj->sls_o_compressed; 2791 st->vj.vjs_searches = vj->sls_o_searches; 2792 st->vj.vjs_misses = vj->sls_o_misses; 2793 st->vj.vjs_errorin = vj->sls_i_error; 2794 st->vj.vjs_tossed = vj->sls_i_tossed; 2795 st->vj.vjs_uncompressedin = vj->sls_i_uncompressed; 2796 st->vj.vjs_compressedin = vj->sls_i_compressed; 2797} 2798 2799/* 2800 * Stuff for handling the lists of ppp units and channels 2801 * and for initialization. 2802 */ 2803 2804/* 2805 * Create a new ppp interface unit. Fails if it can't allocate memory 2806 * or if there is already a unit with the requested number. 2807 * unit == -1 means allocate a new number. 2808 */ 2809/*Foxconn modify start by Hank 08/10/2012 */ 2810/*change function definition*/ 2811extern char *nvram_get(const char *name); 2812/*Foxconn modify end by Hank 08/10/2012 */ 2813static struct ppp * 2814ppp_create_interface(struct net *net, int unit, int *retp) 2815{ 2816 struct ppp *ppp; 2817 struct ppp_net *pn; 2818 struct net_device *dev = NULL; 2819 int ret = -ENOMEM; 2820 int i; 2821 2822 dev = alloc_netdev(sizeof(struct ppp), "", ppp_setup); 2823 if (!dev) 2824 goto out1; 2825 2826 pn = ppp_pernet(net); 2827 2828 ppp = netdev_priv(dev); 2829 ppp->dev = dev; 2830 ppp->mru = PPP_MRU; 2831 init_ppp_file(&ppp->file, INTERFACE); 2832 ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */ 2833 for (i = 0; i < NUM_NP; ++i) 2834 ppp->npmode[i] = NPMODE_PASS; 2835 INIT_LIST_HEAD(&ppp->channels); 2836 spin_lock_init(&ppp->rlock); 2837 spin_lock_init(&ppp->wlock); 2838#ifdef CONFIG_PPP_MULTILINK 2839 ppp->minseq = -1; 2840 skb_queue_head_init(&ppp->mrq); 2841#endif /* CONFIG_PPP_MULTILINK */ 2842 2843 /* 2844 * drum roll: don't forget to set 2845 * the net device is belong to 2846 */ 2847 dev_net_set(dev, net); 2848 /* foxconn wklin added start, 11/06/2008 */ 2849 { 2850#define nvram_safe_get(name) (nvram_get(name) ? : "") 2851 char *value = nvram_safe_get("wan_proto"); 2852 if(!strcmp(value, "pppoe")) 2853 dev->acos_flags |= NETIF_ACOSFLAGS_PPPOE; 2854 if(!strcmp(value, "pptp")) 2855 dev->acos_flags |= NETIF_ACOSFLAGS_PPTP; 2856 } 2857 ret = -EEXIST; 2858 mutex_lock(&pn->all_ppp_mutex); 2859 2860 if (unit < 0) { 2861 unit = unit_get(&pn->units_idr, ppp); 2862 if (unit < 0) { 2863 *retp = unit; 2864 goto out2; 2865 } 2866 } else { 2867 if (unit_find(&pn->units_idr, unit)) 2868 goto out2; /* unit already exists */ 2869 /* 2870 * if caller need a specified unit number 2871 * lets try to satisfy him, otherwise -- 2872 * he should better ask us for new unit number 2873 * 2874 * NOTE: yes I know that returning EEXIST it's not 2875 * fair but at least pppd will ask us to allocate 2876 * new unit in this case so user is happy :) 2877 */ 2878 unit = unit_set(&pn->units_idr, ppp, unit); 2879 if (unit < 0) 2880 goto out2; 2881 } 2882 2883 /* Initialize the new ppp unit */ 2884 ppp->file.index = unit; 2885 sprintf(dev->name, "ppp%d", unit); 2886 2887 ret = register_netdev(dev); 2888 if (ret != 0) { 2889 unit_put(&pn->units_idr, unit); 2890 printk(KERN_ERR "PPP: couldn't register device %s (%d)\n", 2891 dev->name, ret); 2892 goto out2; 2893 } 2894 2895 ppp->ppp_net = net; 2896 2897#ifdef HNDCTF 2898 if ((ctf_dev_register(kcih, dev, FALSE) != BCME_OK) || 2899 (ctf_enable(kcih, dev, TRUE, NULL) != BCME_OK)) 2900 ctf_dev_unregister(kcih, dev); 2901#endif 2902 2903 atomic_inc(&ppp_unit_count); 2904 mutex_unlock(&pn->all_ppp_mutex); 2905 2906 *retp = 0; 2907 return ppp; 2908 2909out2: 2910 mutex_unlock(&pn->all_ppp_mutex); 2911 free_netdev(dev); 2912out1: 2913 *retp = ret; 2914 return NULL; 2915} 2916 2917/* 2918 * Initialize a ppp_file structure. 2919 */ 2920static void 2921init_ppp_file(struct ppp_file *pf, int kind) 2922{ 2923 pf->kind = kind; 2924 skb_queue_head_init(&pf->xq); 2925 skb_queue_head_init(&pf->rq); 2926 atomic_set(&pf->refcnt, 1); 2927 init_waitqueue_head(&pf->rwait); 2928} 2929 2930/* 2931 * Take down a ppp interface unit - called when the owning file 2932 * (the one that created the unit) is closed or detached. 2933 */ 2934static void ppp_shutdown_interface(struct ppp *ppp) 2935{ 2936 struct ppp_net *pn; 2937 2938 pn = ppp_pernet(ppp->ppp_net); 2939 mutex_lock(&pn->all_ppp_mutex); 2940 2941 /* This will call dev_close() for us. */ 2942 ppp_lock(ppp); 2943 if (!ppp->closing) { 2944 ppp->closing = 1; 2945 ppp_unlock(ppp); 2946#ifdef HNDCTF 2947 ctf_dev_unregister(kcih, ppp->dev); 2948#endif 2949 unregister_netdev(ppp->dev); 2950 } else 2951 ppp_unlock(ppp); 2952 2953 unit_put(&pn->units_idr, ppp->file.index); 2954 ppp->file.dead = 1; 2955 ppp->owner = NULL; 2956 wake_up_interruptible(&ppp->file.rwait); 2957 2958 mutex_unlock(&pn->all_ppp_mutex); 2959} 2960 2961/* 2962 * Free the memory used by a ppp unit. This is only called once 2963 * there are no channels connected to the unit and no file structs 2964 * that reference the unit. 2965 */ 2966static void ppp_destroy_interface(struct ppp *ppp) 2967{ 2968 atomic_dec(&ppp_unit_count); 2969 2970 if (!ppp->file.dead || ppp->n_channels) { 2971 /* "can't happen" */ 2972 printk(KERN_ERR "ppp: destroying ppp struct %p but dead=%d " 2973 "n_channels=%d !\n", ppp, ppp->file.dead, 2974 ppp->n_channels); 2975 return; 2976 } 2977 2978 ppp_ccp_closed(ppp); 2979 if (ppp->vj) { 2980 slhc_free(ppp->vj); 2981 ppp->vj = NULL; 2982 } 2983 skb_queue_purge(&ppp->file.xq); 2984 skb_queue_purge(&ppp->file.rq); 2985#ifdef CONFIG_PPP_MULTILINK 2986 skb_queue_purge(&ppp->mrq); 2987#endif /* CONFIG_PPP_MULTILINK */ 2988#ifdef CONFIG_PPP_FILTER 2989 kfree(ppp->pass_filter); 2990 ppp->pass_filter = NULL; 2991 kfree(ppp->active_filter); 2992 ppp->active_filter = NULL; 2993#endif /* CONFIG_PPP_FILTER */ 2994 2995 kfree_skb(ppp->xmit_pending); 2996 2997 free_netdev(ppp->dev); 2998} 2999 3000/* 3001 * Locate an existing ppp unit. 3002 * The caller should have locked the all_ppp_mutex. 3003 */ 3004static struct ppp * 3005ppp_find_unit(struct ppp_net *pn, int unit) 3006{ 3007 return unit_find(&pn->units_idr, unit); 3008} 3009 3010/* 3011 * Locate an existing ppp channel. 3012 * The caller should have locked the all_channels_lock. 3013 * First we look in the new_channels list, then in the 3014 * all_channels list. If found in the new_channels list, 3015 * we move it to the all_channels list. This is for speed 3016 * when we have a lot of channels in use. 3017 */ 3018static struct channel * 3019ppp_find_channel(struct ppp_net *pn, int unit) 3020{ 3021 struct channel *pch; 3022 3023 list_for_each_entry(pch, &pn->new_channels, list) { 3024 if (pch->file.index == unit) { 3025 list_move(&pch->list, &pn->all_channels); 3026 return pch; 3027 } 3028 } 3029 3030 list_for_each_entry(pch, &pn->all_channels, list) { 3031 if (pch->file.index == unit) 3032 return pch; 3033 } 3034 3035 return NULL; 3036} 3037 3038/* 3039 * Connect a PPP channel to a PPP interface unit. 3040 */ 3041static int 3042ppp_connect_channel(struct channel *pch, int unit) 3043{ 3044 struct ppp *ppp; 3045 struct ppp_net *pn; 3046 int ret = -ENXIO; 3047 int hdrlen; 3048 3049 pn = ppp_pernet(pch->chan_net); 3050 3051 mutex_lock(&pn->all_ppp_mutex); 3052 ppp = ppp_find_unit(pn, unit); 3053 if (!ppp) 3054 goto out; 3055 write_lock_bh(&pch->upl); 3056 ret = -EINVAL; 3057 if (pch->ppp) 3058 goto outl; 3059 3060 ppp_lock(ppp); 3061 if (pch->file.hdrlen > ppp->file.hdrlen) 3062 ppp->file.hdrlen = pch->file.hdrlen; 3063 hdrlen = pch->file.hdrlen + 2; /* for protocol bytes */ 3064 if (hdrlen > ppp->dev->hard_header_len) 3065 ppp->dev->hard_header_len = hdrlen; 3066 list_add_tail(&pch->clist, &ppp->channels); 3067 ++ppp->n_channels; 3068 pch->ppp = ppp; 3069 atomic_inc(&ppp->file.refcnt); 3070 ppp_unlock(ppp); 3071 ret = 0; 3072 3073 outl: 3074 write_unlock_bh(&pch->upl); 3075 out: 3076 mutex_unlock(&pn->all_ppp_mutex); 3077 return ret; 3078} 3079 3080/* 3081 * Disconnect a channel from its ppp unit. 3082 */ 3083static int 3084ppp_disconnect_channel(struct channel *pch) 3085{ 3086 struct ppp *ppp; 3087 int err = -EINVAL; 3088 3089 write_lock_bh(&pch->upl); 3090 ppp = pch->ppp; 3091 pch->ppp = NULL; 3092 write_unlock_bh(&pch->upl); 3093 if (ppp) { 3094 /* remove it from the ppp unit's list */ 3095 ppp_lock(ppp); 3096 list_del(&pch->clist); 3097 if (--ppp->n_channels == 0) 3098 wake_up_interruptible(&ppp->file.rwait); 3099 ppp_unlock(ppp); 3100 if (atomic_dec_and_test(&ppp->file.refcnt)) 3101 ppp_destroy_interface(ppp); 3102 err = 0; 3103 } 3104 return err; 3105} 3106 3107/* 3108 * Free up the resources used by a ppp channel. 3109 */ 3110static void ppp_destroy_channel(struct channel *pch) 3111{ 3112 atomic_dec(&channel_count); 3113 3114 if (!pch->file.dead) { 3115 /* "can't happen" */ 3116 printk(KERN_ERR "ppp: destroying undead channel %p !\n", 3117 pch); 3118 return; 3119 } 3120 skb_queue_purge(&pch->file.xq); 3121 skb_queue_purge(&pch->file.rq); 3122 kfree(pch); 3123} 3124 3125static void __exit ppp_cleanup(void) 3126{ 3127 /* should never happen */ 3128 if (atomic_read(&ppp_unit_count) || atomic_read(&channel_count)) 3129 printk(KERN_ERR "PPP: removing module but units remain!\n"); 3130 unregister_chrdev(PPP_MAJOR, "ppp"); 3131 device_destroy(ppp_class, MKDEV(PPP_MAJOR, 0)); 3132 class_destroy(ppp_class); 3133 unregister_pernet_device(&ppp_net_ops); 3134} 3135 3136/* 3137 * Units handling. Caller must protect concurrent access 3138 * by holding all_ppp_mutex 3139 */ 3140 3141/* associate pointer with specified number */ 3142static int unit_set(struct idr *p, void *ptr, int n) 3143{ 3144 int unit, err; 3145 3146again: 3147 if (!idr_pre_get(p, GFP_KERNEL)) { 3148 printk(KERN_ERR "PPP: No free memory for idr\n"); 3149 return -ENOMEM; 3150 } 3151 3152 err = idr_get_new_above(p, ptr, n, &unit); 3153 if (err == -EAGAIN) 3154 goto again; 3155 3156 if (unit != n) { 3157 idr_remove(p, unit); 3158 return -EINVAL; 3159 } 3160 3161 return unit; 3162} 3163 3164/* get new free unit number and associate pointer with it */ 3165static int unit_get(struct idr *p, void *ptr) 3166{ 3167 int unit, err; 3168 3169again: 3170 if (!idr_pre_get(p, GFP_KERNEL)) { 3171 printk(KERN_ERR "PPP: No free memory for idr\n"); 3172 return -ENOMEM; 3173 } 3174 3175 err = idr_get_new_above(p, ptr, 0, &unit); 3176 if (err == -EAGAIN) 3177 goto again; 3178 3179 return unit; 3180} 3181 3182/* put unit number back to a pool */ 3183static void unit_put(struct idr *p, int n) 3184{ 3185 idr_remove(p, n); 3186} 3187 3188/* get pointer associated with the number */ 3189static void *unit_find(struct idr *p, int n) 3190{ 3191 return idr_find(p, n); 3192} 3193 3194#ifdef CTF_PPPOE 3195void 3196ppp_rxstats_upd(void *pppif, struct sk_buff *skb) 3197{ 3198 struct ppp *ppp = netdev_priv((const struct net_device *)pppif); 3199 ++ppp->dev->stats.rx_packets; 3200 ppp->dev->stats.rx_bytes += skb->len; 3201 ppp->last_recv = jiffies; 3202} 3203 3204void 3205ppp_txstats_upd(void *pppif, struct sk_buff *skb) 3206{ 3207 struct ppp *ppp = netdev_priv((const struct net_device *)pppif); 3208 ++ppp->dev->stats.tx_packets; 3209 ppp->dev->stats.tx_bytes += skb->len; 3210 ppp->last_xmit = jiffies; 3211} 3212 3213EXPORT_SYMBOL(ppp_rxstats_upd); 3214EXPORT_SYMBOL(ppp_txstats_upd); 3215#endif /* CTF_PPPOE */ 3216 3217/* Module/initialization stuff */ 3218 3219module_init(ppp_init); 3220module_exit(ppp_cleanup); 3221 3222EXPORT_SYMBOL(ppp_register_net_channel); 3223EXPORT_SYMBOL(ppp_register_channel); 3224EXPORT_SYMBOL(ppp_unregister_channel); 3225EXPORT_SYMBOL(ppp_channel_index); 3226EXPORT_SYMBOL(ppp_unit_number); 3227EXPORT_SYMBOL(ppp_dev_name); 3228EXPORT_SYMBOL(ppp_input); 3229EXPORT_SYMBOL(ppp_input_error); 3230EXPORT_SYMBOL(ppp_output_wakeup); 3231EXPORT_SYMBOL(ppp_register_compressor); 3232EXPORT_SYMBOL(ppp_unregister_compressor); 3233MODULE_LICENSE("GPL"); 3234MODULE_ALIAS_CHARDEV(PPP_MAJOR, 0); 3235MODULE_ALIAS("devname:ppp"); 3236