1/***************************************************************************** 2 * Linux PPP over L2TP (PPPoX/PPPoL2TP) Sockets 3 * 4 * PPPoX --- Generic PPP encapsulation socket family 5 * PPPoL2TP --- PPP over L2TP (RFC 2661) 6 * 7 * 8 * Version: 0.17.0 9 * 10 * 251003 : Copied from pppoe.c version 0.6.9. 11 * 12 * Authors: Martijn van Oosterhout <kleptog@svana.org> 13 * James Chapman (jchapman@katalix.com) 14 * Contributors: 15 * Michal Ostrowski <mostrows@speakeasy.net> 16 * Arnaldo Carvalho de Melo <acme@xconectiva.com.br> 17 * David S. Miller (davem@redhat.com) 18 * 19 * License: 20 * This program is free software; you can redistribute it and/or 21 * modify it under the terms of the GNU General Public License 22 * as published by the Free Software Foundation; either version 23 * 2 of the License, or (at your option) any later version. 24 * 25 */ 26 27/* This driver handles only L2TP data frames; control frames are handled by a 28 * userspace application. 29 * 30 * To send data in an L2TP session, userspace opens a PPPoL2TP socket and 31 * attaches it to a bound UDP socket with local tunnel_id / session_id and 32 * peer tunnel_id / session_id set. Data can then be sent or received using 33 * regular socket sendmsg() / recvmsg() calls. Kernel parameters of the socket 34 * can be read or modified using ioctl() or [gs]etsockopt() calls. 35 * 36 * When a PPPoL2TP socket is connected with local and peer session_id values 37 * zero, the socket is treated as a special tunnel management socket. 38 * 39 * Here's example userspace code to create a socket for sending/receiving data 40 * over an L2TP session:- 41 * 42 * struct sockaddr_pppol2tp sax; 43 * int fd; 44 * int session_fd; 45 * 46 * fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); 47 * 48 * sax.sa_family = AF_PPPOX; 49 * sax.sa_protocol = PX_PROTO_OL2TP; 50 * sax.pppol2tp.fd = tunnel_fd; // bound UDP socket 51 * sax.pppol2tp.pid = 0; // current pid owns UDP socket 52 * sax.pppol2tp.addr.sin_addr.s_addr = addr->sin_addr.s_addr; 53 * sax.pppol2tp.addr.sin_port = addr->sin_port; 54 * sax.pppol2tp.addr.sin_family = AF_INET; 55 * sax.pppol2tp.s_tunnel = tunnel_id; 56 * sax.pppol2tp.s_session = session_id; 57 * sax.pppol2tp.d_tunnel = peer_tunnel_id; 58 * sax.pppol2tp.d_session = peer_session_id; 59 * 60 * session_fd = connect(fd, (struct sockaddr *)&sax, sizeof(sax)); 61 * 62 */ 63 64#ifndef AUTOCONF_INCLUDED 65#include <linux/config.h> 66#endif 67#include <linux/module.h> 68#include <linux/version.h> 69#include <linux/string.h> 70#include <linux/list.h> 71#include <asm/uaccess.h> 72 73#include <linux/kernel.h> 74#include <linux/spinlock.h> 75#include <linux/kthread.h> 76#include <linux/sched.h> 77#include <linux/slab.h> 78#include <linux/seq_file.h> 79#include <linux/errno.h> 80 81#include <linux/netdevice.h> 82#include <linux/net.h> 83#include <linux/inetdevice.h> 84#include <linux/skbuff.h> 85#include <linux/init.h> 86#include <linux/udp.h> 87#include <linux/if_pppox.h> 88#include <linux/if_pppol2tp.h> 89#include <net/sock.h> 90#include <linux/ppp_channel.h> 91#include <linux/ppp_defs.h> 92#include <linux/if_ppp.h> 93#include <linux/file.h> 94#include <linux/hash.h> 95#include <linux/proc_fs.h> 96#include <net/dst.h> 97#include <net/ip.h> 98#include <net/udp.h> 99#include <net/xfrm.h> 100 101#include <asm/byteorder.h> 102#include <asm/atomic.h> 103#include <linux/netfilter_ipv4.h> 104#include <asm/checksum.h> 105 106 107#define PPPOL2TP_DRV_VERSION "V0.17" 108 109/* Developer debug code. */ 110/* #define DEBUG */ /* Define to compile in very verbose developer debug */ 111 112/* Timeouts are specified in milliseconds to/from userspace */ 113#define JIFFIES_TO_MS(t) ((t) * 1000 / HZ) 114#define MS_TO_JIFFIES(j) ((j * HZ) / 1000) 115 116/* L2TP header constants */ 117#define L2TP_HDRFLAG_T 0x8000 118#define L2TP_HDRFLAG_L 0x4000 119#define L2TP_HDRFLAG_S 0x0800 120#define L2TP_HDRFLAG_O 0x0200 121#define L2TP_HDRFLAG_P 0x0100 122 123#define L2TP_HDR_VER_MASK 0x000F 124#define L2TP_HDR_VER 0x0002 125 126/* Space for UDP, L2TP and PPP headers */ 127#define PPPOL2TP_HEADER_OVERHEAD 40 128 129/* Just some random numbers */ 130#define L2TP_TUNNEL_MAGIC 0x42114DDA 131#define L2TP_SESSION_MAGIC 0x0C04EB7D 132 133#define PPPOL2TP_HASH_BITS 4 134#define PPPOL2TP_HASH_SIZE (1 << PPPOL2TP_HASH_BITS) 135 136/* Default trace flags */ 137#ifdef DEBUG 138#define PPPOL2TP_DEFAULT_DEBUG_FLAGS -1 139#else 140#define PPPOL2TP_DEFAULT_DEBUG_FLAGS 0 141#endif 142 143 144/* Debug kernel message control. 145 * Verbose debug messages (L2TP_MSG_DEBUG flag) are optionally compiled in. 146 */ 147#ifdef DEBUG 148#define DPRINTK(_mask, _fmt, args...) \ 149 do { \ 150 if ((_mask) & PPPOL2TP_MSG_DEBUG) \ 151 printk(KERN_DEBUG "PPPOL2TP %s: " _fmt, \ 152 __FUNCTION__, ##args); \ 153 } while(0) 154#else 155#define DPRINTK(_mask, _fmt, args...) do { } while(0) 156#endif /* DEBUG */ 157 158#define PRINTK(_mask, _type, _lvl, _fmt, args...) \ 159 do { \ 160 if ((_mask) & (_type)) \ 161 printk(_lvl "PPPOL2TP: " _fmt, ##args); \ 162 } while(0) 163 164/* Extra driver debug. Should only be enabled by developers working on 165 * this driver. 166 */ 167#ifdef DEBUG 168#define ENTER_FUNCTION printk(KERN_DEBUG "PPPOL2TP: --> %s\n", __FUNCTION__) 169#define EXIT_FUNCTION printk(KERN_DEBUG "PPPOL2TP: <-- %s\n", __FUNCTION__) 170#else 171#define ENTER_FUNCTION do { } while(0) 172#define EXIT_FUNCTION do { } while(0) 173#endif 174 175/* Number of bytes to build transmit L2TP headers. 176 * Unfortunately the size is different depending on whether sequence numbers 177 * are enabled. 178 */ 179#define PPPOL2TP_L2TP_HDR_SIZE_SEQ 10 180#define PPPOL2TP_L2TP_HDR_SIZE_NOSEQ 6 181 182struct pppol2tp_send { 183 struct pppol2tp_session *session; 184 struct pppol2tp_tunnel *tunnel; 185 struct msghdr *msg; 186 struct sk_buff *skb; 187 struct sock *tunnel_sock; 188 struct iovec *iov; 189 struct work_struct send_task; 190 int total_len; 191 struct kiocb iocb; 192 struct sock_iocb siocb; 193 u8 hdr[PPPOL2TP_L2TP_HDR_SIZE_SEQ]; 194}; 195 196struct pppol2tp_tunnel; 197 198/* Describes a session. It is the sk_user_data field in the PPPoL2TP 199 * socket. Contains information to determine incoming packets and transmit 200 * outgoing ones. 201 */ 202struct pppol2tp_session 203{ 204 int magic; /* should be 205 * L2TP_SESSION_MAGIC */ 206 int owner; /* pid that opened the socket */ 207 208 struct sock *sock; /* Pointer to the session 209 * PPPoX socket */ 210 struct sock *tunnel_sock; /* Pointer to the tunnel UDP 211 * socket */ 212 213 struct pppol2tp_addr tunnel_addr; /* Description of tunnel */ 214 215 struct pppol2tp_tunnel *tunnel; /* back pointer to tunnel 216 * context */ 217 218 char name[20]; /* "sess xxxxx/yyyyy", where 219 * x=tunnel_id, y=session_id */ 220 int mtu; 221 int mru; 222 int flags; /* accessed by PPPIOCGFLAGS. 223 * Unused. */ 224 int recv_seq:1; /* expect receive packets with 225 * sequence numbers? */ 226 int send_seq:1; /* send packets with sequence 227 * numbers? */ 228 int lns_mode:1; /* behave as LNS? LAC enables 229 * sequence numbers under 230 * control of LNS. */ 231 int debug; /* bitmask of debug message 232 * categories */ 233 int reorder_timeout; /* configured reorder timeout 234 * (in jiffies) */ 235 u16 nr; /* session NR state (receive) */ 236 u16 ns; /* session NR state (send) */ 237 struct sk_buff_head reorder_q; /* receive reorder queue */ 238 struct pppol2tp_ioc_stats stats; 239 struct hlist_node hlist; /* Hash list node */ 240}; 241 242/* The sk_user_data field of the tunnel's UDP socket. It contains info to track 243 * all the associated sessions so incoming packets can be sorted out 244 */ 245struct pppol2tp_tunnel 246{ 247 int magic; /* Should be L2TP_TUNNEL_MAGIC */ 248 249 struct workqueue_struct *wq; /* Per-tunnel work queue */ 250 251 struct proto *old_proto; /* original proto */ 252 struct proto l2tp_proto; /* L2TP proto */ 253 rwlock_t hlist_lock; /* protect session_hlist */ 254 struct hlist_head session_hlist[PPPOL2TP_HASH_SIZE]; 255 /* hashed list of sessions, 256 * hashed by id */ 257 int debug; /* bitmask of debug message 258 * categories */ 259 char name[12]; /* "tunl xxxxx" */ 260 struct pppol2tp_ioc_stats stats; 261 262 void (*old_data_ready)(struct sock *, int); 263 void (*old_sk_destruct)(struct sock *); 264 265 struct sock *sock; /* Parent socket */ 266 struct list_head list; /* Keep a list of all open 267 * prepared sockets */ 268 269 atomic_t session_count; 270}; 271 272/* Private data stored for received packets in the skb. 273 */ 274struct pppol2tp_skb_cb { 275 u16 ns; 276 u16 nr; 277 int has_seq; 278 int length; 279 unsigned long expires; 280}; 281 282#define PPPOL2TP_SKB_CB(skb) ((struct pppol2tp_skb_cb *) &skb->cb[sizeof(struct inet_skb_parm)]) 283 284static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb); 285 286static struct ppp_channel_ops pppol2tp_chan_ops = { pppol2tp_xmit , NULL }; 287static struct proto_ops pppol2tp_ops; 288static LIST_HEAD(pppol2tp_tunnel_list); 289 290/* Macros to derive session/tunnel context pointers from a socket. */ 291#define SOCK_2_SESSION(sock, session, err, errval, label, quiet) \ 292 session = (struct pppol2tp_session *)((sock)->sk_user_data); \ 293 if (!session /*|| session->magic != L2TP_SESSION_MAGIC*/) { \ 294 if (!quiet) \ 295 printk(KERN_ERR "%s: %s:%d: BAD SESSION MAGIC " \ 296 "(" #sock "=%p) session=%p magic=%x\n", \ 297 __FUNCTION__, __FILE__, __LINE__, sock, \ 298 session, session ? session->magic : 0); \ 299 err = errval; \ 300 goto label; \ 301 } 302 303#define SOCK_2_TUNNEL(sock, tunnel, err, errval, label, quiet) \ 304 tunnel = (struct pppol2tp_tunnel *)((sock)->sk_user_data); \ 305 if (!tunnel || tunnel->magic != L2TP_TUNNEL_MAGIC) { \ 306 if (!quiet) \ 307 printk(KERN_ERR "%s: %s:%d: BAD TUNNEL MAGIC " \ 308 "(" #sock "=%p) tunnel=%p magic=%x\n", \ 309 __FUNCTION__, __FILE__, __LINE__, sock, \ 310 tunnel, tunnel ? tunnel->magic : 0); \ 311 err = errval; \ 312 goto label; \ 313 } 314 315/* Session hash list. 316 * The session_id SHOULD be random according to RFC2661, but several 317 * L2TP implementations (Cisco and Microsoft) use incrementing 318 * session_ids. So we do a real hash on the session_id, rather than a 319 * simple bitmask. 320 */ 321static inline struct hlist_head * 322pppol2tp_session_id_hash(struct pppol2tp_tunnel *tunnel, u16 session_id) 323{ 324 unsigned long hash_val = (unsigned long) session_id; 325 return &tunnel->session_hlist[hash_long(hash_val, PPPOL2TP_HASH_BITS)]; 326} 327 328/* Lookup a session by id 329 */ 330static struct pppol2tp_session * 331pppol2tp_session_find(struct pppol2tp_tunnel *tunnel, u16 session_id) 332{ 333 struct hlist_head *session_list = 334 pppol2tp_session_id_hash(tunnel, session_id); 335 struct hlist_node *tmp; 336 struct hlist_node *walk; 337 struct pppol2tp_session *session; 338 339 hlist_for_each_safe(walk, tmp, session_list) { 340 session = hlist_entry(walk, struct pppol2tp_session, hlist); 341 if (session->tunnel_addr.s_session == session_id) { 342 return session; 343 } 344 } 345 346 return NULL; 347} 348 349/***************************************************************************** 350 * Receive data handling 351 *****************************************************************************/ 352 353/* Queue a skb in order. If the skb has no sequence number, queue it 354 * at the tail. 355 */ 356static void pppol2tp_recv_queue_skb(struct pppol2tp_session *session, struct sk_buff *skb) 357{ 358 struct sk_buff *next; 359 struct sk_buff *prev; 360 u16 ns = PPPOL2TP_SKB_CB(skb)->ns; 361 362 ENTER_FUNCTION; 363 364 spin_lock(&session->reorder_q.lock); 365 366 prev = (struct sk_buff *) &session->reorder_q; 367 next = prev->next; 368 while (next != prev) { 369 if (PPPOL2TP_SKB_CB(next)->ns > ns) { 370 __skb_insert(skb, next->prev, next, &session->reorder_q); 371 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_DEBUG, 372 "%s: pkt %hu, inserted before %hu, reorder_q len=%d\n", 373 session->name, ns, PPPOL2TP_SKB_CB(next)->ns, 374 skb_queue_len(&session->reorder_q)); 375 session->stats.rx_oos_packets++; 376 goto out; 377 } 378 next = next->next; 379 } 380 381 __skb_queue_tail(&session->reorder_q, skb); 382 383out: 384 spin_unlock(&session->reorder_q.lock); 385 EXIT_FUNCTION; 386} 387 388/* Dequeue a single skb, passing it either to ppp or to userspace. 389 */ 390static void pppol2tp_recv_dequeue_skb(struct pppol2tp_session *session, struct sk_buff *skb) 391{ 392 struct pppol2tp_tunnel *tunnel = session->tunnel; 393 int length = PPPOL2TP_SKB_CB(skb)->length; 394 struct sock *session_sock = NULL; 395 396 ENTER_FUNCTION; 397 398 /* We're about to requeue the skb, so unlink it and return resources 399 * to its current owner (a socket receive buffer). 400 */ 401#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)) 402 skb_unlink(skb, &session->reorder_q); 403#else 404 skb_unlink(skb); 405#endif 406 skb_orphan(skb); 407 408 tunnel->stats.rx_packets++; 409 tunnel->stats.rx_bytes += length; 410 session->stats.rx_packets++; 411 session->stats.rx_bytes += length; 412 413 if (PPPOL2TP_SKB_CB(skb)->has_seq) { 414 /* Bump our Nr */ 415 session->nr++; 416 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_DEBUG, 417 "%s: updated nr to %hu\n", session->name, session->nr); 418 } 419 420 /* If the socket is bound, send it in to PPP's input queue. Otherwise 421 * queue it on the session socket. 422 */ 423 session_sock = session->sock; 424 if (session_sock->sk_state & PPPOX_BOUND) { 425#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 426 struct pppox_sock *po; 427#else 428 struct pppox_opt *po; 429#endif 430 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_DEBUG, 431 "%s: recv %d byte data frame, passing to ppp\n", 432 session->name, length); 433 434 /* We need to forget all info related to the L2TP packet 435 * gathered in the skb as we are going to reuse the same 436 * skb for the inner packet. 437 * Namely we need to: 438 * - reset xfrm (IPSec) information as it applies to 439 * the outer L2TP packet and not to the inner one 440 * - release the dst to force a route lookup on the inner 441 * IP packet since skb->dst currently points to the dst 442 * of the UDP tunnel 443 * - reset netfilter information as it doesn't apply 444 * to the inner packet either 445 */ 446 secpath_reset(skb); 447 dst_release(skb->dst); 448 skb->dst = NULL; 449 nf_reset(skb); 450 451 po = pppox_sk(session_sock); 452 /* Foxconn added start pling 09/15/2010 */ 453 /* Since this module uses cb to store info. 454 * Before we send the skb to ppp, we clear 455 * the cb buffer first to avoid 456 * un-wanted garbage in cb buffer. 457 */ 458 memset(skb->cb, 0, sizeof(skb->cb)); 459 /* Foxconn added end pling 09/15/2010 */ 460 ppp_input(&po->chan, skb); 461 } else { 462 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_INFO, 463 "%s: socket not bound\n", session->name); 464 /* Not bound. Queue it now */ 465 if (sock_queue_rcv_skb(session_sock, skb) < 0) { 466 session->stats.rx_errors++; 467 kfree_skb(skb); 468 if (!sock_flag(session_sock, SOCK_DEAD)) 469 session_sock->sk_data_ready(session_sock, 0); 470 } 471 } 472 473 DPRINTK(session->debug, "calling sock_put; refcnt=%d\n", 474 session->sock->sk_refcnt.counter); 475 sock_put(session->sock); 476 EXIT_FUNCTION; 477} 478 479/* Dequeue skbs from the session's reorder_q, subject to packet order. 480 * Skbs that have been in the queue for too long are simply discarded. 481 */ 482static void pppol2tp_recv_dequeue(struct pppol2tp_session *session) 483{ 484 struct sk_buff *next; 485 struct sk_buff *prev; 486 487 ENTER_FUNCTION; 488 489 prev = (struct sk_buff *) &session->reorder_q; 490 spin_lock(&session->reorder_q.lock); 491 next = prev->next; 492 493 /* If the pkt at the head of the queue has the nr that we 494 * expect to send up next, dequeue it and any other 495 * in-sequence packets behind it. 496 */ 497 while (next != prev) { 498 struct sk_buff *skb = next; 499 next = next->next; 500 spin_unlock(&session->reorder_q.lock); 501 502 if (time_after(jiffies, PPPOL2TP_SKB_CB(skb)->expires)) { 503 session->stats.rx_seq_discards++; 504 session->stats.rx_errors++; 505 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_DEBUG, 506 "%s: oos pkt %hu len %d discarded (too old), waiting for %hu, reorder_q_len=%d\n", 507 session->name, PPPOL2TP_SKB_CB(skb)->ns, 508 PPPOL2TP_SKB_CB(skb)->length, session->nr, 509 skb_queue_len(&session->reorder_q)); 510#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)) 511 skb_unlink(skb, &session->reorder_q); 512#else 513 skb_unlink(skb); 514#endif 515 kfree_skb(skb); 516 goto again; 517 } 518 519 if (PPPOL2TP_SKB_CB(skb)->has_seq) { 520 if (PPPOL2TP_SKB_CB(skb)->ns != session->nr) { 521 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_DEBUG, 522 "%s: holding oos pkt %hu len %d, waiting for %hu, reorder_q_len=%d\n", 523 session->name, PPPOL2TP_SKB_CB(skb)->ns, 524 PPPOL2TP_SKB_CB(skb)->length, session->nr, 525 skb_queue_len(&session->reorder_q)); 526 goto out; 527 } 528 } 529 pppol2tp_recv_dequeue_skb(session, skb); 530again: 531 spin_lock(&session->reorder_q.lock); 532 } 533 534 spin_unlock(&session->reorder_q.lock); 535out: 536 EXIT_FUNCTION; 537} 538 539/* Internal receive frame. Do the real work of receiving an L2TP data frame 540 * here. The skb is not on a list when we get here. 541 * Returns 0 if the packet was a data packet and was successfully passed on. 542 * Returns 1 if the packet was not a good data packet and could not be 543 * forwarded. All such packets are passed up to userspace to deal with. 544 */ 545static int pppol2tp_recv_core(struct sock *sock, struct sk_buff *skb) 546{ 547 struct pppol2tp_session *session = NULL; 548 int error = 0; 549 struct pppol2tp_tunnel *tunnel; 550 unsigned char *ptr; 551 u16 hdrflags; 552 u16 tunnel_id, session_id; 553 int length; 554#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)) 555 struct udphdr *uh; 556#endif 557 u16 proto_ppphdr; /* foxconn, add by MJ., protocol in PPP hdr.*/ 558 559 ENTER_FUNCTION; 560 561 SOCK_2_TUNNEL(sock, tunnel, error, 1, end, 0); 562 563 /* Short packet? */ 564 if (skb->len < sizeof(struct udphdr)) { 565 PRINTK(tunnel->debug, PPPOL2TP_MSG_DATA, KERN_INFO, 566 "%s: recv short packet (len=%d)\n", tunnel->name, skb->len); 567 goto end; 568 } 569 570 /* Point to L2TP header */ 571 ptr = skb->data + sizeof(struct udphdr); 572 573 /* Get L2TP header flags */ 574 hdrflags = ntohs(*(u16*)ptr); 575 576 /* Trace packet contents, if enabled */ 577 if (tunnel->debug & PPPOL2TP_MSG_DATA) { 578 printk(KERN_DEBUG "%s: recv: ", tunnel->name); 579 580 for (length = 0; length < 16; length++) 581 printk(" %02X", ptr[length]); 582 printk("\n"); 583 } 584 585 /* Get length of L2TP packet */ 586#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)) 587 uh = (struct udphdr *) skb_transport_header(skb); 588 length = ntohs(uh->len) - sizeof(struct udphdr); 589#else 590 length = ntohs(skb->h.uh->len) - sizeof(struct udphdr); 591#endif 592 593 /* Too short? */ 594 if (length < 12) { 595 PRINTK(tunnel->debug, PPPOL2TP_MSG_DATA, KERN_INFO, 596 "%s: recv short L2TP packet (len=%d)\n", tunnel->name, length); 597 goto end; 598 } 599 600 601 proto_ppphdr = ntohs(*(u16*)(ptr+10)); 602 603 /* If type is control packet, it is handled by userspace. */ 604 /* Foxconn, add by MJ. for changing the checking of control packets. 605 Only forward IP-packets(0x0021) to PPP device. */ 606 //if (hdrflags & L2TP_HDRFLAG_T) { //commented by MJ. 607 if ((hdrflags & L2TP_HDRFLAG_T) || (proto_ppphdr != 0x0021)) 608 { 609 PRINTK(tunnel->debug, PPPOL2TP_MSG_DATA, KERN_DEBUG, 610 "%s: recv control packet, len=%d\n", tunnel->name, length); 611 goto end; 612 } 613 614 /* Skip flags */ 615 ptr += 2; 616 617 /* If length is present, skip it */ 618 if (hdrflags & L2TP_HDRFLAG_L) 619 ptr += 2; 620 621 /* Extract tunnel and session ID */ 622 tunnel_id = ntohs(*(u16 *) ptr); 623 ptr += 2; 624 session_id = ntohs(*(u16 *) ptr); 625 ptr += 2; 626 627 /* Find the session context */ 628 session = pppol2tp_session_find(tunnel, session_id); 629 if (!session) { 630 /* Not found? Pass to userspace to deal with */ 631 PRINTK(tunnel->debug, PPPOL2TP_MSG_DATA, KERN_INFO, 632 "%s: no socket found (%hu/%hu). Passing up.\n", 633 tunnel->name, tunnel_id, session_id); 634 goto end; 635 } 636 sock_hold(session->sock); 637 638 DPRINTK(session->debug, "%s: socket rcvbuf alloc=%d\n", 639 session->name, atomic_read(&sock->sk_rmem_alloc)); 640 641 /* The ref count on the socket was increased by the above call since 642 * we now hold a pointer to the session. Take care to do sock_put() 643 * when exiting this function from now on... 644 */ 645 646 /* Handle the optional sequence numbers. If we are the LAC, 647 * enable/disable sequence numbers under the control of the LNS. If 648 * no sequence numbers present but we were expecting them, discard 649 * frame. 650 */ 651 if (hdrflags & L2TP_HDRFLAG_S) { 652 u16 ns, nr; 653 ns = ntohs(*(u16 *) ptr); 654 ptr += 2; 655 nr = ntohs(*(u16 *) ptr); 656 ptr += 2; 657 658 /* Received a packet with sequence numbers. If we're the LNS, 659 * check if we sre sending sequence numbers and if not, 660 * configure it so. 661 */ 662 if ((!session->lns_mode) && (!session->send_seq)) { 663 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_INFO, 664 "%s: requested to enable seq numbers by LNS\n", 665 session->name); 666 session->send_seq = -1; 667 } 668 669 /* Store L2TP info in the skb */ 670 PPPOL2TP_SKB_CB(skb)->ns = ns; 671 PPPOL2TP_SKB_CB(skb)->nr = nr; 672 PPPOL2TP_SKB_CB(skb)->has_seq = 1; 673 674 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_DEBUG, 675 "%s: recv data ns=%hu, nr=%hu, session nr=%hu\n", 676 session->name, ns, nr, session->nr); 677 } else { 678 /* No sequence numbers. 679 * If user has configured mandatory sequence numbers, discard. 680 */ 681 if (session->recv_seq) { 682 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_WARNING, 683 "%s: recv data has no seq numbers when required. " 684 "Discarding\n", session->name); 685 session->stats.rx_seq_discards++; 686 session->stats.rx_errors++; 687 goto discard; 688 } 689 690 /* If we're the LAC and we're sending sequence numbers, the 691 * LNS has requested that we no longer send sequence numbers. 692 * If we're the LNS and we're sending sequence numbers, the 693 * LAC is broken. Discard the frame. 694 */ 695 if ((!session->lns_mode) && (session->send_seq)) { 696 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_INFO, 697 "%s: requested to disable seq numbers by LNS\n", 698 session->name); 699 session->send_seq = 0; 700 } else if (session->send_seq) { 701 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_WARNING, 702 "%s: recv data has no seq numbers when required. " 703 "Discarding\n", session->name); 704 session->stats.rx_seq_discards++; 705 session->stats.rx_errors++; 706 goto discard; 707 } 708 709 /* Store L2TP info in the skb */ 710 PPPOL2TP_SKB_CB(skb)->has_seq = 0; 711 } 712 713 /* If offset bit set, skip it. */ 714 if (hdrflags & L2TP_HDRFLAG_O) 715 ptr += 2 + ntohs(*(u16 *) ptr); 716 717 skb_pull(skb, ptr - skb->data); 718 719 /* Skip PPP header, if present. In testing, Microsoft L2TP clients 720 * don't send the PPP header (PPP header compression enabled), but 721 * other clients can include the header. So we cope with both cases 722 * here. The PPP header is always FF03 when using L2TP. 723 * 724 * Note that skb->data[] isn't dereferenced from a u16 ptr here since 725 * the field may be unaligned. 726 */ 727 if ((skb->data[0] == 0xff) && (skb->data[1] == 0x03)) 728 skb_pull(skb, 2); 729 730 /* Prepare skb for adding to the session's reorder_q. Hold 731 * packets for max reorder_timeout or 1 second if not 732 * reordering. 733 */ 734 PPPOL2TP_SKB_CB(skb)->length = length; 735 PPPOL2TP_SKB_CB(skb)->expires = jiffies + 736 (session->reorder_timeout ? session->reorder_timeout : HZ); 737 738 /* Add packet to the session's receive queue. Reordering is done here, if 739 * enabled. Saved L2TP protocol info is stored in skb->sb[]. 740 */ 741 if (PPPOL2TP_SKB_CB(skb)->has_seq) { 742 if (session->reorder_timeout != 0) { 743 /* Packet reordering enabled. Add skb to session's 744 * reorder queue, in order of ns. 745 */ 746 pppol2tp_recv_queue_skb(session, skb); 747 } else { 748 /* Packet reordering disabled. Discard out-of-sequence 749 * packets 750 */ 751 if (PPPOL2TP_SKB_CB(skb)->ns != session->nr) { 752 session->stats.rx_seq_discards++; 753 session->stats.rx_errors++; 754 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_DEBUG, 755 "%s: oos pkt %hu len %d discarded, waiting for %hu, reorder_q_len=%d\n", 756 session->name, PPPOL2TP_SKB_CB(skb)->ns, 757 PPPOL2TP_SKB_CB(skb)->length, session->nr, 758 skb_queue_len(&session->reorder_q)); 759 goto discard; 760 } 761 skb_queue_tail(&session->reorder_q, skb); 762 } 763 } else { 764 /* No sequence numbers. Add the skb to the tail of the 765 * reorder queue. This ensures that it will be 766 * delivered after all previous sequenced skbs. 767 */ 768 skb_queue_tail(&session->reorder_q, skb); 769 } 770 771 /* Try to dequeue as many skbs from reorder_q as we can. */ 772 pppol2tp_recv_dequeue(session); 773 774 EXIT_FUNCTION; 775 return 0; 776 777discard: 778 DPRINTK(session->debug, "discarding skb, len=%d\n", skb->len); 779 kfree_skb(skb); 780 781 DPRINTK(session->debug, "calling sock_put; refcnt=%d\n", 782 session->sock->sk_refcnt.counter); 783 sock_put(session->sock); 784 EXIT_FUNCTION; 785 return 0; 786 787end: 788 EXIT_FUNCTION; 789 return 1; 790} 791 792/* The data_ready hook on the UDP socket. Scan the incoming packet list for 793 * packets to process. Only control or bad data packets are delivered to 794 * userspace. 795 */ 796static void pppol2tp_data_ready(struct sock *sk, int len) 797{ 798 int err; 799 struct pppol2tp_tunnel *tunnel; 800 struct sk_buff *skb; 801 802 ENTER_FUNCTION; 803 SOCK_2_TUNNEL(sk, tunnel, err, -EBADF, end, 0); 804 805 PRINTK(tunnel->debug, PPPOL2TP_MSG_DATA, KERN_DEBUG, 806 "%s: received %d bytes\n", tunnel->name, len); 807 808 skb = skb_dequeue(&sk->sk_receive_queue); 809 if (skb != NULL) { 810 if (pppol2tp_recv_core(sk, skb)) { 811 DPRINTK(tunnel->debug, "%s: packet passing to userspace\n", 812 tunnel->name); 813 skb_queue_head(&sk->sk_receive_queue, skb); 814 tunnel->old_data_ready(sk, len); 815 } else { 816 DPRINTK(tunnel->debug, "%s: data packet received\n", 817 tunnel->name); 818 } 819 } 820end: 821 EXIT_FUNCTION; 822 return; 823} 824 825/* Receive message. This is the recvmsg for the PPPoL2TP socket. 826 */ 827static int pppol2tp_recvmsg(struct kiocb *iocb, struct socket *sock, 828 struct msghdr *msg, size_t len, 829 int flags) 830{ 831 int err = 0; 832 struct sk_buff *skb = NULL; 833 struct sock *sk = sock->sk; 834 835 ENTER_FUNCTION; 836 837 err = -EIO; 838 if (sock->state & PPPOX_BOUND) 839 goto error; 840 841 msg->msg_namelen = 0; 842 843 skb=skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 844 flags & MSG_DONTWAIT, &err); 845 if (skb) { 846 err = memcpy_toiovec(msg->msg_iov, (unsigned char *) skb->data, 847 skb->len); 848 if (err < 0) 849 goto do_skb_free; 850 err = skb->len; 851 } 852do_skb_free: 853 if (skb) 854 kfree_skb(skb); 855error: 856 EXIT_FUNCTION; 857 return err; 858} 859 860/************************************************************************ 861 * Transmit handling 862 ***********************************************************************/ 863 864/* Internal UDP socket transmission 865 */ 866static int pppol2tp_udp_sock_send(struct kiocb *iocb, 867 struct pppol2tp_session *session, 868 struct pppol2tp_tunnel *tunnel, 869 struct msghdr *msg, int total_len) 870{ 871 mm_segment_t fs; 872 int error; 873 874 ENTER_FUNCTION; 875 876 DPRINTK(session->debug, "%s: udp_sendmsg call...\n", session->name); 877#ifdef DEBUG 878 /* Catch bad socket parameter errors */ 879 if (msg->msg_name) { 880 struct sockaddr_in * usin = (struct sockaddr_in*)msg->msg_name; 881 if (msg->msg_namelen < sizeof(*usin)) { 882 printk(KERN_ERR "msg->msg_namelen wrong, %d\n", msg->msg_namelen); 883 return -EINVAL; 884 } 885 if (usin->sin_family != AF_INET) { 886 if (usin->sin_family != AF_UNSPEC) { 887 printk(KERN_ERR "addr family wrong: %d\n", usin->sin_family); 888 return -EINVAL; 889 } 890 } 891 if ((usin->sin_addr.s_addr == 0) || (usin->sin_port == 0)) { 892 printk(KERN_ERR "udp addr=%x/%hu\n", usin->sin_addr.s_addr, usin->sin_port); 893 return -EINVAL; 894 } 895 } 896#endif /* DEBUG */ 897 898 /* Set to userspace data segment while we do a sendmsg() call. We're 899 * actually calling a userspace API from the kernel here... 900 */ 901 fs = get_fs(); 902 set_fs(get_ds()); 903 904 /* The actual sendmsg() call... */ 905 error = tunnel->old_proto->sendmsg(iocb, session->tunnel_sock, msg, total_len); 906 if (error == -EIOCBQUEUED) 907 error = wait_on_sync_kiocb(iocb); 908 909 /* Back to kernel space */ 910 set_fs(fs); 911 912 if (error >= 0) { 913 tunnel->stats.tx_packets++; 914 tunnel->stats.tx_bytes += error; 915 session->stats.tx_packets++; 916 session->stats.tx_bytes += error; 917 } else { 918 tunnel->stats.tx_errors++; 919 session->stats.tx_errors++; 920 } 921 922 DPRINTK(session->debug, "%s: %s: returning result %d\n", __FUNCTION__, 923 session->name, error); 924 kfree(msg->msg_iov); 925 kfree(msg); 926 927 EXIT_FUNCTION; 928 return error; 929} 930 931/* Build an L2TP header for the session into the buffer provided. 932 */ 933static int pppol2tp_build_l2tp_header(struct pppol2tp_session *session, 934 void *buf) 935{ 936 u16 *bufp = buf; 937 u16 flags = L2TP_HDR_VER; 938 939 if (session->send_seq) { 940 flags |= L2TP_HDRFLAG_S; 941 } 942 943 /* Setup L2TP header. 944 * FIXME: Can this ever be unaligned? Is direct dereferencing of 945 * 16-bit header fields safe here for all architectures? 946 */ 947 *bufp++ = htons(flags); 948 *bufp++ = htons(session->tunnel_addr.d_tunnel); 949 *bufp++ = htons(session->tunnel_addr.d_session); 950 if (session->send_seq) { 951 *bufp++ = htons(session->ns); 952 *bufp++ = 0; 953 session->ns++; 954 PRINTK(session->debug, PPPOL2TP_MSG_SEQ, KERN_DEBUG, 955 "%s: updated ns to %hu\n", session->name, session->ns); 956 } 957 /* This is the PPP header really */ 958 /* Foxconn removed start pling 09/15/2010 */ 959 /* This is not necessary and may overwrite buffers outside 'buf' 960 * since this is only 10 bytes long currently. 961 */ 962 //*bufp = htons(0xff03); 963 /* Foxconn removed end pling 09/15/2010 */ 964 965 return ((void *) bufp) - buf; 966} 967 968/* This is the sendmsg for the PPPoL2TP pppol2tp_session socket. We come here 969 * when a user application does a sendmsg() on the session socket. L2TP and 970 * PPP headers must be inserted into the user's data. 971 */ 972static int pppol2tp_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m, 973 size_t total_len) 974{ 975 static unsigned char ppph[2] = { 0xff, 0x03 }; 976 struct sock *sk = sock->sk; 977 int error = 0; 978 u8 hdr[PPPOL2TP_L2TP_HDR_SIZE_SEQ]; 979 int hdr_len; 980 struct msghdr *msg; 981 struct pppol2tp_session *session; 982 struct pppol2tp_tunnel *tunnel; 983 984 ENTER_FUNCTION; 985 986 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) { 987 error = -ENOTCONN; 988 goto end; 989 } 990 991 /* Get session and tunnel contexts */ 992 SOCK_2_SESSION(sk, session, error, -EBADF, end, 0); 993 SOCK_2_TUNNEL(session->tunnel_sock, tunnel, error, -EBADF, end, 0); 994 995 /* Setup L2TP header */ 996 hdr_len = pppol2tp_build_l2tp_header(session, &hdr); 997 998 if (session->send_seq) 999 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_DEBUG, 1000 "%s: send %d bytes, ns=%hu\n", session->name, 1001 total_len, session->ns - 1); 1002 else 1003 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_DEBUG, 1004 "%s: send %d bytes\n", session->name, total_len); 1005 1006 if (session->debug & PPPOL2TP_MSG_DATA) { 1007 int i, j, count; 1008 1009 printk(KERN_DEBUG "%s: xmit:", session->name); 1010 count = 0; 1011 for (i = 0; i < m->msg_iovlen; i++) { 1012 for (j = 0; j < m->msg_iov[i].iov_len; j++) { 1013 printk(" %02X", ((unsigned char *) m->msg_iov[i].iov_base)[j]); 1014 count++; 1015 if (count == 15) { 1016 printk(" ..."); 1017 break; 1018 } 1019 } 1020 } 1021 printk("\n"); 1022 } 1023 1024 /* Unfortunately, there is no direct way for us to pass an skb to the 1025 * UDP layer, we have to pretend to be sending ordinary data and use 1026 * sendmsg. 1027 * 1028 * We add the L2TP and PPP headers here. To do so, we create a new 1029 * struct msghdr and insert the headers as the first iovecs. 1030 */ 1031 msg = kmalloc(sizeof(struct msghdr), GFP_ATOMIC); 1032 if (msg == NULL) { 1033 error = -ENOBUFS; 1034 tunnel->stats.tx_errors++; 1035 session->stats.tx_errors++; 1036 goto end; 1037 } 1038 1039 msg->msg_iov = kmalloc((m->msg_iovlen + 2) * sizeof(struct iovec), 1040 GFP_ATOMIC); 1041 if (msg->msg_iov == NULL) { 1042 error = -ENOBUFS; 1043 tunnel->stats.tx_errors++; 1044 session->stats.tx_errors++; 1045 kfree(msg); 1046 goto end; 1047 } 1048 1049 msg->msg_iov[0].iov_base = &hdr; 1050 msg->msg_iov[0].iov_len = hdr_len; 1051 msg->msg_iov[1].iov_base = &ppph; 1052 msg->msg_iov[1].iov_len = sizeof(ppph); 1053 memcpy(&msg->msg_iov[2], &m->msg_iov[0], 1054 m->msg_iovlen * sizeof(struct iovec)); 1055 msg->msg_iovlen = m->msg_iovlen + 2; 1056 1057 /* If the user calls sendto() that's just too bad */ 1058 msg->msg_name = &session->tunnel_addr.addr; 1059 msg->msg_namelen = sizeof(session->tunnel_addr.addr); 1060 1061 msg->msg_control = m->msg_control; 1062 msg->msg_controllen = m->msg_controllen; 1063 msg->msg_flags = m->msg_flags; 1064 1065 /* Do the real work. This always frees msg, regardless of whether 1066 * there was an error 1067 */ 1068 error = pppol2tp_udp_sock_send(iocb, session, tunnel, msg, 1069 total_len + hdr_len + sizeof(ppph)); 1070 1071end: 1072 EXIT_FUNCTION; 1073 return error; 1074} 1075 1076/* Work queue handler for pppol2tp_xmit(). 1077 */ 1078#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)) 1079static void pppol2tp_wq_send(struct work_struct *work) 1080#else 1081static void pppol2tp_wq_send(void *data) 1082#endif 1083{ 1084#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)) 1085 struct pppol2tp_send *send = container_of(work, struct pppol2tp_send, send_task); 1086#else 1087 struct pppol2tp_send *send = (struct pppol2tp_send *) data; 1088#endif 1089 int error; 1090 mm_segment_t oldfs; 1091 1092 oldfs = get_fs(); 1093 set_fs(KERNEL_DS); 1094 1095 error = send->tunnel->old_proto->sendmsg(&send->iocb, 1096 send->session->tunnel_sock, 1097 send->msg, send->total_len); 1098 if (error == -EIOCBQUEUED) 1099 error = wait_on_sync_kiocb(&send->iocb); 1100 1101 set_fs(oldfs); 1102 1103 if (error >= 0) { 1104 send->tunnel->stats.tx_packets++; 1105 send->tunnel->stats.tx_bytes += error; 1106 send->session->stats.tx_packets++; 1107 send->session->stats.tx_bytes += error; 1108 } else { 1109 send->tunnel->stats.tx_errors++; 1110 send->session->stats.tx_errors++; 1111 } 1112 1113 kfree(send->iov); 1114 kfree(send->msg); 1115 kfree_skb(send->skb); 1116 kfree(send); 1117} 1118 1119const char iphdr4l2tp[] = {0x45, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1120 0xff, 0x11, 0x00, 0x00}; /* no sa & da */ 1121/* foxconn wklin added start, 08/04/2010 @l2tp throughput */ 1122static void pppol2tp_fill_ip_header(struct sock *sk, 1123 struct sk_buff *skb, 1124 struct iphdr *iphdr, 1125 int total_len) 1126{ 1127 struct rtable *rt = (struct rtable *)skb->dst; 1128 struct inet_sock *inet = inet_sk(sk); 1129 1130 memcpy((char *)iphdr, iphdr4l2tp, sizeof(iphdr4l2tp)); 1131 iphdr->saddr = inet->saddr; /* Source IP address */ 1132 iphdr->daddr = inet->daddr; /* Destination IP address */ 1133 iphdr->tot_len = htons(total_len); 1134 ip_select_ident((struct iphdr *)iphdr, &rt->u.dst, sk); 1135 /* Header checksum */ 1136 iphdr->check = ip_fast_csum((unsigned char *) iphdr, iphdr->ihl); 1137} 1138/* foxconn wklin added end, 08/04/2010 */ 1139 1140/* Transmit function called by generic PPP driver. Sends PPP frame over 1141 * PPPoL2TP socket. 1142 * 1143 * This is almost the same as pppol2tp_sendmsg(), but rather than being called 1144 * with a msghdr from userspace, it is called with a skb from the kernel. 1145 * Since this function cannot block, we must queue up the actual socket send 1146 * on a work queue. 1147 */ 1148/* foxconn wklin modified start, 04/14/2011 */ 1149static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb) 1150{ 1151 struct sock *sk = (struct sock *) chan->private; 1152 static unsigned char ppph[2] = { 0xff, 0x03 }; 1153 int error = 0; 1154 int hdr_len; 1155 struct msghdr *msg = NULL; 1156 struct pppol2tp_session *session; 1157 struct pppol2tp_tunnel *tunnel; 1158 struct pppol2tp_send *send = NULL; 1159 /* foxconn wklin added start, 08/04/2010 @l2tp throughput */ 1160 struct inet_sock *inet = NULL; 1161 struct dst_entry *dst; 1162 char *p; 1163 struct udphdr *uh, tmp_uh; 1164 struct iphdr *iph, tmp_iph; 1165 int headroom; 1166 /* foxconn wklin added end, 08/04/2010 */ 1167 1168 ENTER_FUNCTION; 1169 1170 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) { 1171 DPRINTK(-1, "dead=%d state=%x\n", sock_flag(sk, SOCK_DEAD), sk->sk_state); 1172 error = -ENOTCONN; 1173 goto end; 1174 } 1175 1176 /* Get session and tunnel contexts from the socket */ 1177 SOCK_2_SESSION(sk, session, error, -EBADF, keep_go_1, 0); 1178keep_go_1: 1179 SOCK_2_TUNNEL(session->tunnel_sock, tunnel, error, -EBADF, keep_go_2, 0); 1180keep_go_2: 1181 1182 send = kmalloc(sizeof(struct pppol2tp_send), GFP_ATOMIC); 1183 if (send == NULL) { 1184 error = -ENOBUFS; 1185 tunnel->stats.tx_errors++; 1186 session->stats.tx_errors++; 1187 goto end; 1188 } 1189 1190 /* Setup L2TP header */ 1191 hdr_len = pppol2tp_build_l2tp_header(session, &send->hdr); 1192#if 0 1193 if (session->send_seq) 1194 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_DEBUG, 1195 "%s: send %d bytes, ns=%hu\n", 1196 session->name, skb->len, session->ns - 1); 1197 else 1198 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_DEBUG, 1199 "%s: send %d bytes\n", session->name, skb->len); 1200 1201 if (session->debug & PPPOL2TP_MSG_DATA) { 1202 int i; 1203 1204 printk(KERN_DEBUG "%s: xmit:", session->name); 1205 for (i = 0; i < skb->len; i++) { 1206 printk(" %02X", skb->data[i]); 1207 if (i == 15) { 1208 printk(" ..."); 1209 break; 1210 } 1211 } 1212 printk("\n"); 1213 } 1214#endif 1215 1216 /* foxconn wklin added start, 08/04/2010 @l2tp throughput */ 1217#define ETHADDR 12 1218#define BCMTAG53115 4 1219#define VLANID 4 1220#define ETHTYPE 2 1221#define IPHDR 20 1222#define UDPHDR 8 1223#define L2TPHDR 8 1224#define PPPADDRCTRL 2 1225#define PPPPROTOCOL 2 1226#define HEADROOM_NEEDED (ETHADDR+BCMTAG53115+VLANID+ETHTYPE+IPHDR+UDPHDR+L2TPHDR+PPPADDRCTRL) 1227 headroom = skb_headroom(skb); 1228 if (headroom < HEADROOM_NEEDED) { 1229 /* printk("<0>go to slowpath, because of headroom %d (%d needed)\n", 1230 headroom, HEADROOM_NEEDED); */ 1231 goto slow_path; 1232 } 1233 1234 dst = sk_dst_check(session->tunnel_sock, 0); 1235 if (!dst) { 1236 /* printk("<0>goto slow_path because of null dst\n"); */ 1237 goto slow_path; 1238 } 1239 1240 dst_release(skb->dst); /* release dst if any */ 1241 skb->dst = dst; 1242 /* Foxconn modified start pling 09/15/2010 */ 1243 /* 1. no need to call 'dst_hold' again as 'sk_dst_check' already 1244 * called 'dst_hold'. 1245 * 2. For skb from IP stack, don't replace the original sk, 1246 * as might this might cause user-space apps to wrongly 1247 * terminate the tunnel socket in some cases. 1248 */ 1249 //dst_hold(dst); 1250 if (!skb->sk) 1251 skb->sk = session->tunnel_sock; 1252 /* Foxconn modified end pling 09/15/2010 */ 1253 1254 /* ppph */ 1255 p = skb_push(skb, sizeof(ppph)); 1256 memcpy(p, &ppph[0], sizeof(ppph)); 1257 /* l2tp header */ 1258 p = skb_push(skb, hdr_len); 1259 memcpy(p, &(send->hdr[0]), hdr_len); 1260 /* udp header */ 1261 inet = inet_sk(session->tunnel_sock); 1262 tmp_uh.source = inet->sport; 1263 tmp_uh.dest = inet->dport; 1264 tmp_uh.len = htons(skb->len); 1265 tmp_uh.check = 0; 1266 uh = (struct udphdr *)skb_push(skb, sizeof(struct udphdr)); 1267 tmp_uh.len = htons(skb->len); 1268 memcpy((char *)uh, (char *)&tmp_uh, sizeof(struct udphdr)); 1269#define ENABLE_UDP_CSUM 1270#ifdef ENABLE_UDP_CSUM 1271 uh->check = csum_tcpudp_magic(inet->saddr, inet->daddr, skb->len, 1272 IPPROTO_UDP, csum_partial(uh, skb->len, 0)); 1273 if (!uh->check) 1274 uh->check = CSUM_MANGLED_0; 1275#endif 1276 skb_reset_transport_header(skb); 1277 1278 /* fill ip hdr */ 1279 iph = (struct iphdr *)skb_push(skb, sizeof(struct iphdr)); 1280 /* Foxconn modified start pling 09/15/2010 */ 1281 /* 'pppol2tp_fill_ip_header' need to use sk to fill in some info. 1282 * Use the tunnel sock info instead. 1283 */ 1284 //pppol2tp_fill_ip_header(skb->sk, skb, &tmp_iph, skb->len); 1285 pppol2tp_fill_ip_header(session->tunnel_sock, skb, &tmp_iph, skb->len); 1286 /* Foxconn modified end pling 09/15/2010 */ 1287 memcpy((char *)iph, (char *)&tmp_iph, sizeof(tmp_iph)); 1288 skb_reset_network_header(skb); 1289 1290 if (send) 1291 kfree(send); 1292 1293 IPCB(skb)->flags |= IPSKB_REROUTED; 1294 dst_output(skb); 1295 return 1; 1296slow_path: 1297 /* foxconn wklin added end, 08/04/2010, @l2tp throughput */ 1298 /* Unfortunately there doesn't appear to be a way for us to pass an skb 1299 * to the UDP layer, we have to pretend to be sending ordinary data 1300 * and use sendmsg 1301 */ 1302 msg = kmalloc(sizeof(struct msghdr), GFP_ATOMIC); 1303 if (msg == NULL) { 1304 error = -ENOBUFS; 1305 tunnel->stats.tx_errors++; 1306 session->stats.tx_errors++; 1307 goto end; 1308 } 1309 1310 msg->msg_iov = kmalloc(3 * sizeof(struct iovec), GFP_ATOMIC); 1311 if (msg->msg_iov == NULL) { 1312 error = -ENOBUFS; 1313 tunnel->stats.tx_errors++; 1314 session->stats.tx_errors++; 1315 goto end; 1316 } 1317 msg->msg_iov[0].iov_base = &send->hdr; 1318 msg->msg_iov[0].iov_len = hdr_len; 1319 /* FIXME: do we need to handle skb fragments here? */ 1320 msg->msg_iov[1].iov_base = &ppph; 1321 msg->msg_iov[1].iov_len = sizeof(ppph); 1322 msg->msg_iov[2].iov_base = skb->data; 1323 msg->msg_iov[2].iov_len = skb->len; 1324 msg->msg_iovlen = 3; 1325 1326 /* If the user calls sendto() that's just too bad */ 1327 /* foxconn wklin modified start, 08/04/2010, 1328 * remove this so we will have a cached dst in sk 1329 * */ 1330 //msg->msg_name = &session->tunnel_addr.addr; 1331 //msg->msg_namelen = sizeof(session->tunnel_addr.addr); 1332 msg->msg_name = NULL; 1333 msg->msg_namelen = 0; 1334 /* foxconn wklin moified end, 08/04/2010 */ 1335 1336 msg->msg_control = NULL; 1337 msg->msg_controllen = 0; 1338 msg->msg_flags = MSG_DONTWAIT; /* Need this to prevent blocking */ 1339 1340 send->session = session; 1341 send->tunnel = tunnel; 1342 send->msg = msg; 1343 send->skb = skb; 1344 send->tunnel_sock = session->tunnel_sock; 1345 send->iov = msg->msg_iov; 1346 send->total_len = skb->len + hdr_len + sizeof(ppph); 1347 init_sync_kiocb(&send->iocb, NULL); 1348 send->iocb.private = &send->siocb; 1349 1350#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)) 1351 INIT_WORK(&send->send_task, pppol2tp_wq_send); 1352#else 1353 INIT_WORK(&send->send_task, pppol2tp_wq_send, send); 1354#endif 1355 queue_work(tunnel->wq, &send->send_task); 1356 return 1; 1357 1358end: 1359 if (msg != NULL) 1360 kfree(msg); 1361 if (send != NULL) 1362 kfree(send); 1363 1364 EXIT_FUNCTION; 1365 return error; 1366} 1367/* foxconn wklin modified end, 04/14/2011 */ 1368/***************************************************************************** 1369 * Session (and tunnel control) socket create/destroy. 1370 *****************************************************************************/ 1371 1372/* When the tunnel UDP socket is closed, all the attached sockets need to go 1373 * too. This handles that. 1374 */ 1375static void pppol2tp_tunnel_closeall(struct pppol2tp_tunnel *tunnel) 1376{ 1377 int hash; 1378 struct hlist_node *walk; 1379 struct hlist_node *tmp; 1380 struct pppol2tp_session *session; 1381 struct sock *sk; 1382 1383 ENTER_FUNCTION; 1384 1385 if (tunnel == NULL) 1386 BUG(); 1387 1388 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1389 "%s: closing all sessions...\n", tunnel->name); 1390 1391 for (hash = 0; hash < PPPOL2TP_HASH_SIZE; hash++) { 1392 hlist_for_each_safe(walk, tmp, &tunnel->session_hlist[hash]) { 1393 session = hlist_entry(walk, struct pppol2tp_session, hlist); 1394 1395 sk = session->sock; 1396 1397 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1398 "%s: closing session\n", session->name); 1399 1400 write_lock_bh(&tunnel->hlist_lock); 1401 hlist_del_init(&session->hlist); 1402 write_unlock_bh(&tunnel->hlist_lock); 1403 1404 sock_hold(sk); 1405 1406 lock_sock(sk); 1407 1408 if (sk->sk_state & (PPPOX_CONNECTED | PPPOX_BOUND)) { 1409 pppox_unbind_sock(sk); 1410 sk->sk_state = PPPOX_DEAD; 1411 sk->sk_state_change(sk); 1412 } 1413 1414 /* Purge any queued data */ 1415 skb_queue_purge(&sk->sk_receive_queue); 1416 skb_queue_purge(&sk->sk_write_queue); 1417 1418 release_sock(sk); 1419 1420 DPRINTK(session->debug, "calling sock_put; refcnt=%d\n", 1421 sk->sk_refcnt.counter); 1422 sock_put(sk); 1423 } 1424 } 1425 1426 EXIT_FUNCTION; 1427} 1428 1429/* Really kill the tunnel. 1430 * Come here only when all sessions have been cleared from the tunnel. 1431 */ 1432static void pppol2tp_tunnel_free(struct pppol2tp_tunnel *tunnel) 1433{ 1434 struct sock *sk = tunnel->sock; 1435 1436 ENTER_FUNCTION; 1437 1438 /* Remove from socket list */ 1439 list_del_init(&tunnel->list); 1440 1441 sk->sk_prot = tunnel->old_proto; 1442 sk->sk_data_ready = tunnel->old_data_ready; 1443 sk->sk_destruct = tunnel->old_sk_destruct; 1444 sk->sk_user_data = NULL; 1445 1446 flush_workqueue(tunnel->wq); 1447 destroy_workqueue(tunnel->wq); 1448 1449 DPRINTK(tunnel->debug, "%s: MOD_DEC_USE_COUNT\n", tunnel->name); 1450 kfree(tunnel); 1451 1452 EXIT_FUNCTION; 1453} 1454 1455/* Tunnel UDP socket destruct hook. 1456 * The tunnel context is deleted only when all session sockets have been 1457 * closed. 1458 */ 1459static void pppol2tp_tunnel_destruct(struct sock *sk) 1460{ 1461 struct pppol2tp_tunnel *tunnel; 1462 int error = 0; 1463 ENTER_FUNCTION; 1464 1465 SOCK_2_TUNNEL(sk, tunnel, error, -EBADF, end, 0); 1466 1467 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1468 "%s: closing...\n", tunnel->name); 1469 1470 pppol2tp_tunnel_closeall(tunnel); 1471 1472end: 1473 EXIT_FUNCTION; 1474 return; 1475} 1476 1477/* Really kill the socket. (Called from sock_put if refcnt == 0.) 1478 */ 1479static void pppol2tp_session_destruct(struct sock *sk) 1480{ 1481#if (LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,11)) 1482 struct pppox_opt *po = pppox_sk(sk); 1483#endif 1484 struct pppol2tp_session *session = NULL; 1485 int error = 0; 1486 1487 ENTER_FUNCTION; 1488 1489 if (sk->sk_user_data != NULL) { 1490 struct pppol2tp_tunnel *tunnel; 1491 1492 SOCK_2_SESSION(sk, session, error, -EBADF, out, 0); 1493 skb_queue_purge(&session->reorder_q); 1494 1495 /* Don't use SOCK_2_TUNNEL() here to get the tunnel context 1496 * because the tunnel socket might have already been closed 1497 * (its sk->sk_user_data will be NULL) so use the session's 1498 * private tunnel ptr instead. 1499 */ 1500 tunnel = session->tunnel; 1501 if (tunnel != NULL) { 1502 if (tunnel->magic != L2TP_TUNNEL_MAGIC) { 1503 printk(KERN_ERR "%s: %s:%d: BAD TUNNEL MAGIC " 1504 "( tunnel=%p magic=%x )\n", 1505 __FUNCTION__, __FILE__, __LINE__, 1506 tunnel, tunnel->magic); 1507 goto out; 1508 } 1509 } 1510 1511 /* Delete tunnel context if this was the last session on the 1512 * tunnel. This was allocated when the first session was 1513 * created on the tunnel. See 1514 * pppol2tp_prepare_tunnel_socket(). 1515 */ 1516 DPRINTK(tunnel->debug, "%s: session_count=%d\n", 1517 tunnel->name, atomic_read(&tunnel->session_count)); 1518 if (atomic_dec_and_test(&tunnel->session_count)) { 1519 pppol2tp_tunnel_free(tunnel); 1520 } 1521 } 1522 1523#if (LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,11)) 1524 if (po) 1525 kfree(po); 1526#endif 1527 1528 if (session != NULL) 1529 kfree(session); 1530 1531out: 1532 EXIT_FUNCTION; 1533} 1534 1535/* Called when the PPPoX socket (session) is closed. 1536 */ 1537static int pppol2tp_release(struct socket *sock) 1538{ 1539 struct sock *sk = sock->sk; 1540 struct pppol2tp_session *session = NULL; 1541 struct pppol2tp_tunnel *tunnel; 1542 int error = 0; 1543 ENTER_FUNCTION; 1544 1545 if (!sk) 1546 return 0; 1547 1548 if (sock_flag(sk, SOCK_DEAD) != 0) 1549 return -EBADF; 1550 1551 if (sk->sk_user_data) { /* Was this socket actually connected? */ 1552 SOCK_2_SESSION(sk, session, error, -EBADF, end, 0); 1553 1554 /* Don't use SOCK_2_TUNNEL() here to get the tunnel context 1555 * because the tunnel socket might have already been closed 1556 * (its sk->sk_user_data will be NULL) so use the session's 1557 * private tunnel ptr instead. 1558 */ 1559 tunnel = session->tunnel; 1560 if (tunnel != NULL) { 1561 if (tunnel->magic == L2TP_TUNNEL_MAGIC) { 1562 /* Delete the session socket from the hash */ 1563 write_lock_bh(&tunnel->hlist_lock); 1564 hlist_del_init(&session->hlist); 1565 write_unlock_bh(&tunnel->hlist_lock); 1566 } else { 1567 printk(KERN_ERR "%s: %s:%d: BAD TUNNEL MAGIC " 1568 "( tunnel=%p magic=%x )\n", 1569 __FUNCTION__, __FILE__, __LINE__, 1570 tunnel, tunnel->magic); 1571 goto end; 1572 } 1573 } 1574 } 1575 1576 lock_sock(sk); 1577 1578 pppox_unbind_sock(sk); 1579 1580 /* Signal the death of the socket. */ 1581 sk->sk_state = PPPOX_DEAD; 1582 sock_orphan(sk); 1583 sock->sk = NULL; 1584 1585 /* Purge any queued data */ 1586 skb_queue_purge(&sk->sk_receive_queue); 1587 skb_queue_purge(&sk->sk_write_queue); 1588 1589 release_sock(sk); 1590 1591 if (session != NULL) 1592 DPRINTK(session->debug, "calling sock_put; refcnt=%d\n", 1593 session->sock->sk_refcnt.counter); 1594 sock_put(sk); 1595 1596end: 1597 EXIT_FUNCTION; 1598 1599 return error; 1600} 1601 1602/* Copied from fget() in fs/file_table.c. 1603 * Allows caller to specify the pid that owns the fd. 1604 */ 1605static struct file *pppol2tp_fget(pid_t pid, unsigned int fd) 1606{ 1607 struct file *file; 1608 struct files_struct *files = current->files; 1609 1610 if (pid != 0) { 1611 struct task_struct *tsk = find_task_by_pid(pid); 1612 if (tsk == NULL) 1613 return NULL; 1614 files = tsk->files; 1615 } 1616 1617 spin_lock(&files->file_lock); 1618 file = fcheck_files(files, fd); 1619 if (file) 1620 get_file(file); 1621 spin_unlock(&files->file_lock); 1622 return file; 1623} 1624 1625/* Copied from sockfd_lookup() in net/socket.c. 1626 * Allows caller to specify the pid that owns the fd. 1627 */ 1628static struct socket *pppol2tp_sockfd_lookup(pid_t pid, int fd, int *err) 1629{ 1630 struct file *file; 1631 struct inode *inode; 1632 struct socket *sock; 1633 1634 if (!(file = pppol2tp_fget(pid, fd))) { 1635 *err = -EBADF; 1636 return NULL; 1637 } 1638 1639 inode = file->f_dentry->d_inode; 1640#if (LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,10)) 1641 if (!inode->i_sock || !(sock = SOCKET_I(inode))) { 1642#else 1643 if (!(sock = SOCKET_I(inode))) { 1644#endif 1645 *err = -ENOTSOCK; 1646 fput(file); 1647 return NULL; 1648 } 1649 1650 if (sock->file != file) { 1651 printk(KERN_ERR "socki_lookup: socket file changed!\n"); 1652 sock->file = file; 1653 } 1654 return sock; 1655} 1656 1657/* Internal function to prepare a tunnel (UDP) socket to have PPPoX sockets 1658 * attached to it 1659 */ 1660static struct sock *pppol2tp_prepare_tunnel_socket(pid_t pid, int fd, 1661 u16 tunnel_id, int *error) 1662{ 1663 int err; 1664 struct socket *sock = NULL; 1665 struct sock *sk; 1666 struct pppol2tp_tunnel *tunnel; 1667 struct sock *ret = NULL; 1668 1669 ENTER_FUNCTION; 1670 1671 /* Get the socket from the fd */ 1672 err = -EBADF; 1673 sock = pppol2tp_sockfd_lookup(pid, fd, &err); 1674 if (!sock) { 1675 PRINTK(-1, PPPOL2TP_MSG_CONTROL, KERN_ERR, 1676 "tunl %hu: sockfd_lookup(fd=%d) returned %d\n", 1677 tunnel_id, fd, err); 1678 goto err; 1679 } 1680 1681 /* Quick sanity checks */ 1682 err = -ESOCKTNOSUPPORT; 1683 if (sock->type != SOCK_DGRAM) { 1684 PRINTK(-1, PPPOL2TP_MSG_CONTROL, KERN_ERR, 1685 "tunl %hu: fd %d wrong type, got %d, expected %d\n", 1686 tunnel_id, fd, sock->type, SOCK_DGRAM); 1687 goto err; 1688 } 1689 err = -EAFNOSUPPORT; 1690 if (sock->ops->family!=AF_INET) { 1691 PRINTK(-1, PPPOL2TP_MSG_CONTROL, KERN_ERR, 1692 "tunl %hu: fd %d wrong family, got %d, expected %d\n", 1693 tunnel_id, fd, sock->ops->family, AF_INET); 1694 goto err; 1695 } 1696 1697 err = -ENOTCONN; 1698 sk = sock->sk; 1699 1700 /* Check if this socket has already been prepped */ 1701 tunnel = (struct pppol2tp_tunnel *)sk->sk_user_data; 1702 if (tunnel != NULL) { 1703 /* User-data field already set */ 1704 err = -EBUSY; 1705 if (tunnel->magic != L2TP_TUNNEL_MAGIC) { 1706 printk(KERN_ERR "%s: %s:%d: BAD TUNNEL MAGIC " 1707 "( tunnel=%p magic=%x )\n", 1708 __FUNCTION__, __FILE__, __LINE__, 1709 tunnel, tunnel->magic); 1710 goto err; 1711 } 1712 1713 /* This socket has already been prepped */ 1714 ret = tunnel->sock; 1715 goto out; 1716 } 1717 1718 /* This socket is available and needs prepping. Create a new tunnel 1719 * context and init it. 1720 */ 1721 sk->sk_user_data = tunnel = kmalloc(sizeof(struct pppol2tp_tunnel), GFP_KERNEL); 1722 if (sk->sk_user_data == NULL) { 1723 err = -ENOMEM; 1724 goto err; 1725 } 1726 1727 memset(tunnel, 0, sizeof(struct pppol2tp_tunnel)); 1728 1729 tunnel->magic = L2TP_TUNNEL_MAGIC; 1730 sprintf(&tunnel->name[0], "tunl %hu", tunnel_id); 1731 1732 tunnel->stats.tunnel_id = tunnel_id; 1733 1734 tunnel->debug = PPPOL2TP_DEFAULT_DEBUG_FLAGS; 1735 1736 DPRINTK(tunnel->debug, "tunl %hu: allocated tunnel=%p, sk=%p, sock=%p\n", 1737 tunnel_id, tunnel, sk, sock); 1738 1739 tunnel->wq = create_workqueue("kl2tpd"); 1740 if (!tunnel->wq) { 1741 err = -ENOMEM; 1742 goto err_free_tunnel; 1743 } 1744 1745 /* Setup the new protocol stuff */ 1746 tunnel->old_proto = sk->sk_prot; 1747 tunnel->l2tp_proto = *sk->sk_prot; 1748 1749 sk->sk_prot = &tunnel->l2tp_proto; 1750 1751 tunnel->old_data_ready = sk->sk_data_ready; 1752 sk->sk_data_ready = &pppol2tp_data_ready; 1753 1754 tunnel->old_sk_destruct = sk->sk_destruct; 1755 sk->sk_destruct = &pppol2tp_tunnel_destruct; 1756 1757 tunnel->sock = sk; 1758 sk->sk_allocation = GFP_ATOMIC; 1759 1760 rwlock_init(&tunnel->hlist_lock); 1761 1762 /* Add tunnel to our list */ 1763 INIT_LIST_HEAD(&tunnel->list); 1764 list_add(&tunnel->list, &pppol2tp_tunnel_list); 1765 1766 ret = tunnel->sock; 1767 1768 *error = 0; 1769out: 1770 if (sock) 1771 sockfd_put(sock); 1772 EXIT_FUNCTION; 1773 1774 return ret; 1775 1776err_free_tunnel: 1777 kfree(tunnel); 1778err: 1779 *error = err; 1780 goto out; 1781} 1782 1783#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 1784static struct proto pppol2tp_sk_proto = { 1785 .name = "PPPOL2TP", 1786 .owner = THIS_MODULE, 1787 .obj_size = sizeof(struct pppox_sock), 1788}; 1789#endif 1790 1791/* socket() handler. Initialize a new struct sock. 1792 */ 1793static int pppol2tp_create(struct socket *sock) 1794{ 1795 int error = -ENOMEM; 1796 struct sock *sk; 1797#if (LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,11)) 1798 struct pppox_opt *po; 1799#endif 1800 1801 ENTER_FUNCTION; 1802 DPRINTK(-1, "sock=%p\n", sock); 1803 1804 try_module_get(THIS_MODULE); 1805 1806#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 1807 sk = sk_alloc(PF_PPPOX, GFP_KERNEL, &pppol2tp_sk_proto, 1); 1808#else 1809 sk = sk_alloc(PF_PPPOX, GFP_KERNEL, 1, NULL); 1810#endif 1811 if (!sk) 1812 goto out; 1813 1814 sock_init_data(sock, sk); 1815 1816#if (LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,11)) 1817 sk_set_owner(sk, THIS_MODULE); 1818#endif 1819 1820 sock->state = SS_UNCONNECTED; 1821 sock->ops = &pppol2tp_ops; 1822 1823 sk->sk_backlog_rcv = pppol2tp_recv_core; 1824 sk->sk_protocol = PX_PROTO_OL2TP; 1825 sk->sk_family = PF_PPPOX; 1826 sk->sk_state = PPPOX_NONE; 1827 sk->sk_type = SOCK_STREAM; 1828 sk->sk_destruct = pppol2tp_session_destruct; 1829 1830#if (LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,11)) 1831 po = sk->sk_protinfo = kmalloc(sizeof(struct pppox_opt), GFP_KERNEL); 1832 if (!po) { 1833 error = -ENOMEM; 1834 sk_free(sk); 1835 goto out; 1836 } 1837 1838 memset((void *) po, 0, sizeof(*po)); 1839 po->sk = sk; 1840 1841 sock->sk = sk; 1842#endif 1843 error = 0; 1844 1845out: 1846 module_put(THIS_MODULE); 1847 1848 EXIT_FUNCTION; 1849 return error; 1850} 1851 1852/* connect() handler.. Attach a PPPoX socket to a tunnel UDP socket 1853 */ 1854int pppol2tp_connect(struct socket *sock, struct sockaddr *uservaddr, 1855 int sockaddr_len, int flags) 1856{ 1857 struct sock *sk = sock->sk; 1858 struct sockaddr_pppol2tp *sp = (struct sockaddr_pppol2tp *) uservaddr; 1859#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 1860 struct pppox_sock *po = pppox_sk(sk); 1861#else 1862 struct pppox_opt *po = pppox_sk(sk); 1863#endif 1864 struct sock *tunnel_sock = NULL; 1865 struct pppol2tp_session *session = NULL; 1866 struct pppol2tp_tunnel *tunnel; 1867 struct dst_entry *dst; 1868 int error = 0; 1869 1870 ENTER_FUNCTION; 1871 1872 DPRINTK(-1, "sock=%p, uservaddr=%p, sockaddr_len=%d, flags=%d, addr=%x/%hu\n", 1873 sock, uservaddr, sockaddr_len, flags, 1874 ntohl(sp->pppol2tp.addr.sin_addr.s_addr), ntohs(sp->pppol2tp.addr.sin_port)); 1875 lock_sock(sk); 1876 1877 error = -EINVAL; 1878 if (sp->sa_protocol != PX_PROTO_OL2TP) 1879 goto end; 1880 1881 /* Check for already bound sockets */ 1882 error = -EBUSY; 1883 if (sk->sk_state & PPPOX_CONNECTED) 1884 goto end; 1885 1886 /* We don't supporting rebinding anyway */ 1887 if (sk->sk_user_data) 1888 goto end; /* socket is already attached */ 1889 1890 /* Don't bind if s_tunnel is 0 */ 1891 error = -EINVAL; 1892 if (sp->pppol2tp.s_tunnel == 0) 1893 goto end; 1894 1895 /* Look up the tunnel socket and configure it if necessary */ 1896 tunnel_sock = pppol2tp_prepare_tunnel_socket(sp->pppol2tp.pid, 1897 sp->pppol2tp.fd, 1898 sp->pppol2tp.s_tunnel, 1899 &error); 1900 if (tunnel_sock == NULL) 1901 goto end; 1902 tunnel = tunnel_sock->sk_user_data; 1903 1904 /* Allocate and initialize a new session context. 1905 */ 1906 session = kmalloc(sizeof(struct pppol2tp_session), GFP_KERNEL); 1907 if (session == NULL) { 1908 error = -ENOMEM; 1909 goto end; 1910 } 1911 1912 memset(session, 0, sizeof(struct pppol2tp_session)); 1913 1914 skb_queue_head_init(&session->reorder_q); 1915 1916 session->magic = L2TP_SESSION_MAGIC; 1917 session->owner = current->pid; 1918 session->sock = sk; 1919 session->tunnel = tunnel; 1920 session->tunnel_sock = tunnel_sock; 1921 session->tunnel_addr = sp->pppol2tp; 1922 sprintf(&session->name[0], "sess %hu/%hu", 1923 session->tunnel_addr.s_tunnel, 1924 session->tunnel_addr.s_session); 1925 1926 session->stats.tunnel_id = session->tunnel_addr.s_tunnel; 1927 session->stats.session_id = session->tunnel_addr.s_session; 1928 1929 INIT_HLIST_NODE(&session->hlist); 1930 1931 session->debug = PPPOL2TP_DEFAULT_DEBUG_FLAGS; 1932 1933 /* Default MTU must allow space for UDP/L2TP/PPP 1934 * headers. Leave some slack. 1935 */ 1936 session->mtu = session->mru = 1500 - PPPOL2TP_HEADER_OVERHEAD; 1937 1938 /* If PMTU discovery was enabled, use the MTU that was discovered */ 1939 dst = sk_dst_get(sk); 1940 if (dst != NULL) { 1941#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 1942 u32 pmtu = dst_mtu(__sk_dst_get(sk)); 1943#else 1944 u32 pmtu = dst_pmtu(__sk_dst_get(sk)); 1945#endif 1946 if (pmtu != 0) { 1947 session->mtu = session->mru = pmtu - 1948 PPPOL2TP_HEADER_OVERHEAD; 1949 DPRINTK(session->debug, 1950 "%s: MTU set by Path MTU discovery: mtu=%d\n", 1951 session->name, session->mtu); 1952 } 1953 dst_release(dst); 1954 } 1955 1956 /* Special case: if source & dest session_id == 0x0000, this socket is 1957 * being created to manage the tunnel. Don't add the session to the 1958 * session hash list, just set up the internal context for use by 1959 * ioctl() and sockopt() handlers. 1960 */ 1961 if ((session->tunnel_addr.s_session == 0) && 1962 (session->tunnel_addr.d_session == 0)) { 1963 error = 0; 1964 DPRINTK(session->debug, 1965 "tunl %hu: socket created for tunnel mgmt ops\n", 1966 session->tunnel_addr.s_tunnel); 1967 sk->sk_user_data = session; 1968 goto out_no_ppp; 1969 } 1970 1971 DPRINTK(session->debug, "%s: allocated session=%p, sock=%p, owner=%d\n", 1972 session->name, session, sk, session->owner); 1973 1974 /* Add session to the tunnel's hash list */ 1975 SOCK_2_TUNNEL(tunnel_sock, tunnel, error, -EBADF, end, 0); 1976 write_lock_bh(&tunnel->hlist_lock); 1977 hlist_add_head(&session->hlist, 1978 pppol2tp_session_id_hash(tunnel, 1979 session->tunnel_addr.s_session)); 1980 write_unlock_bh(&tunnel->hlist_lock); 1981 1982 /* This is how we get the session context from the socket. */ 1983 sk->sk_user_data = session; 1984 1985#if (LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,11)) 1986 /* We don't store any more options in the pppox_opt, everything is in 1987 * user_data (struct pppol2tp_session) 1988 */ 1989 po->sk = sk; 1990#endif 1991 1992 /* Right now, because we don't have a way to push the incoming skb's 1993 * straight through the UDP layer, the only header we need to worry 1994 * about is the L2TP header. This size is different depending on 1995 * whether sequence numbers are enabled for the data channel. 1996 */ 1997 po->chan.hdrlen = PPPOL2TP_L2TP_HDR_SIZE_NOSEQ; 1998 1999 po->chan.private = sk; 2000 po->chan.ops = &pppol2tp_chan_ops; 2001 po->chan.mtu = session->mtu; 2002 2003 error = ppp_register_channel(&po->chan); 2004 if (error) 2005 goto end; 2006 2007out_no_ppp: 2008 atomic_inc(&tunnel->session_count); 2009 sk->sk_state = PPPOX_CONNECTED; 2010 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2011 "%s: created\n", session->name); 2012 2013end: 2014 release_sock(sk); 2015 2016 if (error != 0) 2017 PRINTK(session ? session->debug : -1, PPPOL2TP_MSG_CONTROL, KERN_WARNING, 2018 "%s: connect failed: %d\n", session->name, error); 2019 2020 EXIT_FUNCTION; 2021 2022 return error; 2023} 2024 2025/* getname() support. 2026 */ 2027static int pppol2tp_getname(struct socket *sock, struct sockaddr *uaddr, 2028 int *usockaddr_len, int peer) 2029{ 2030 int len = sizeof(struct sockaddr_pppol2tp); 2031 struct sockaddr_pppol2tp sp; 2032 int error = 0; 2033 struct pppol2tp_session *session; 2034 2035 ENTER_FUNCTION; 2036 2037 error = -ENOTCONN; 2038 if (sock->sk->sk_state != PPPOX_CONNECTED) 2039 goto end; 2040 2041 SOCK_2_SESSION(sock->sk, session, error, -EBADF, end, 0); 2042 2043 sp.sa_family = AF_PPPOX; 2044 sp.sa_protocol = PX_PROTO_OL2TP; 2045 memcpy(&sp.pppol2tp, &session->tunnel_addr, 2046 sizeof(struct pppol2tp_addr)); 2047 2048 memcpy(uaddr, &sp, len); 2049 2050 *usockaddr_len = len; 2051 2052 error = 0; 2053end: 2054 EXIT_FUNCTION; 2055 return error; 2056} 2057 2058/**************************************************************************** 2059 * ioctl() handlers. 2060 * 2061 * The PPPoX socket is created for L2TP sessions: tunnels have their own UDP 2062 * sockets. However, in order to control kernel tunnel features, we allow 2063 * userspace to create a special "tunnel" PPPoX socket which is used for 2064 * control only. Tunnel PPPoX sockets have session_id == 0 and simply allow 2065 * the user application to issue L2TP setsockopt(), getsockopt() and ioctl() 2066 * calls. 2067 ****************************************************************************/ 2068 2069/* Session ioctl helper. 2070 */ 2071static int pppol2tp_session_ioctl(struct pppol2tp_session *session, 2072 unsigned int cmd, unsigned long arg) 2073{ 2074 struct ifreq ifr; 2075 int err = 0; 2076 struct sock *sk = session->sock; 2077 int val = (int) arg; 2078 2079 sock_hold(sk); 2080 2081 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_DEBUG, 2082 "%s: pppol2tp_session_ioctl(cmd=%#x, arg=%#lx)\n", 2083 session->name, cmd, arg); 2084 2085 switch (cmd) { 2086#if (LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16)) 2087 /* From pppox_ioctl() in drivers/net/pppox.c */ 2088 case PPPIOCGCHAN: { 2089 int index; 2090#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 2091 struct pppox_sock *po = pppox_sk(sk); 2092#else 2093 struct pppox_opt *po = pppox_sk(sk); 2094#endif 2095 2096 err = -ENOTCONN; 2097 if (!(sk->sk_state & PPPOX_CONNECTED)) 2098 break; 2099 2100 err = -EINVAL; 2101 index = ppp_channel_index(&po->chan); 2102 if (put_user(index , (int __user *) arg)) 2103 break; 2104 2105 err = 0; 2106 sk->sk_state |= PPPOX_BOUND; 2107 break; 2108 } 2109#endif /* (LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16)) */ 2110 case SIOCGIFMTU: 2111 err = -ENXIO; 2112 if (!(sk->sk_state & PPPOX_CONNECTED)) 2113 break; 2114 2115 err = -EFAULT; 2116 if (copy_from_user(&ifr, (void __user *) arg, sizeof(struct ifreq))) 2117 break; 2118 ifr.ifr_mtu = session->mtu; 2119 if (copy_to_user((void __user *) arg, &ifr, sizeof(struct ifreq))) 2120 break; 2121 2122 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2123 "%s: get mtu=%d\n", session->name, session->mtu); 2124 err = 0; 2125 break; 2126 2127 case SIOCSIFMTU: 2128 err = -ENXIO; 2129 if (!(sk->sk_state & PPPOX_CONNECTED)) 2130 break; 2131 2132 err = -EFAULT; 2133 if (copy_from_user(&ifr, (void __user *) arg, sizeof(struct ifreq))) 2134 break; 2135 2136 session->mtu = ifr.ifr_mtu; 2137; 2138 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2139 "%s: set mtu=%d\n", session->name, session->mtu); 2140 err = 0; 2141 break; 2142 2143 case PPPIOCGMRU: 2144 err = -ENXIO; 2145 if (!(sk->sk_state & PPPOX_CONNECTED)) 2146 break; 2147 2148 err = -EFAULT; 2149 if (put_user(session->mru, (int __user *) arg)) 2150 break; 2151 2152 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2153 "%s: get mru=%d\n", session->name, session->mru); 2154 err = 0; 2155 break; 2156 2157 case PPPIOCSMRU: 2158 err = -ENXIO; 2159 if (!(sk->sk_state & PPPOX_CONNECTED)) 2160 break; 2161 2162 err = -EFAULT; 2163 if (get_user(val,(int __user *) arg)) 2164 break; 2165 2166 session->mru = val; 2167 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2168 "%s: set mru=%d\n", session->name, session->mru); 2169 err = 0; 2170 break; 2171 2172 case PPPIOCGFLAGS: 2173 err = -EFAULT; 2174 if (put_user(session->flags, (int __user *) arg)) 2175 break; 2176 2177 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2178 "%s: get flags=%d\n", session->name, session->flags); 2179 err = 0; 2180 break; 2181 2182 case PPPIOCSFLAGS: 2183 err = -EFAULT; 2184 if (get_user(val, (int __user *) arg)) 2185 break; 2186 session->flags = val; 2187 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2188 "%s: set flags=%d\n", session->name, session->flags); 2189 err = 0; 2190 break; 2191 2192 case PPPIOCGL2TPSTATS: 2193 err = -ENXIO; 2194 2195 if (!(sk->sk_state & PPPOX_CONNECTED)) 2196 break; 2197 2198 if (copy_to_user((void __user *) arg, &session->stats, 2199 sizeof(session->stats))) 2200 break; 2201 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2202 "%s: get L2TP stats\n", session->name); 2203 err = 0; 2204 break; 2205 2206 default: 2207 err = -ENOSYS; 2208 break; 2209 } 2210 2211 sock_put(sk); 2212 2213 return err; 2214} 2215 2216/* Tunnel ioctl helper. 2217 * 2218 * Note the special handling for PPPIOCGL2TPSTATS below. If the ioctl data 2219 * specifies a session_id, the session ioctl handler is called. This allows an 2220 * application to retrieve session stats via a tunnel socket. 2221 */ 2222static int pppol2tp_tunnel_ioctl(struct pppol2tp_tunnel *tunnel, 2223 unsigned int cmd, unsigned long arg) 2224{ 2225 int err = 0; 2226 struct sock *sk = tunnel->sock; 2227 struct pppol2tp_ioc_stats stats_req; 2228 2229 sock_hold(sk); 2230 2231 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_DEBUG, 2232 "%s: pppol2tp_tunnel_ioctl(cmd=%#x, arg=%#lx)\n", tunnel->name, 2233 cmd, arg); 2234 2235 switch (cmd) { 2236 case PPPIOCGL2TPSTATS: 2237 err = -ENXIO; 2238 2239 if (!(sk->sk_state & PPPOX_CONNECTED)) 2240 break; 2241 2242 if (copy_from_user(&stats_req, (void __user *) arg, 2243 sizeof(stats_req))) { 2244 err = -EFAULT; 2245 break; 2246 } 2247 if (stats_req.session_id != 0) { 2248 /* resend to session ioctl handler */ 2249 struct pppol2tp_session *session = 2250 pppol2tp_session_find(tunnel, stats_req.session_id); 2251 if (session != NULL) 2252 err = pppol2tp_session_ioctl(session, cmd, arg); 2253 else 2254 err = -EBADR; 2255 break; 2256 } 2257#ifdef CONFIG_XFRM 2258 tunnel->stats.using_ipsec = (sk->sk_policy[0] || sk->sk_policy[1]) ? 1 : 0; 2259#endif 2260 if (copy_to_user((void __user *) arg, &tunnel->stats, 2261 sizeof(tunnel->stats))) { 2262 err = -EFAULT; 2263 break; 2264 } 2265 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2266 "%s: get L2TP stats\n", tunnel->name); 2267 err = 0; 2268 break; 2269 2270 default: 2271 err = -ENOSYS; 2272 break; 2273 } 2274 2275 sock_put(sk); 2276 2277 return err; 2278} 2279 2280/* Main ioctl() handler. 2281 * Dispatch to tunnel or session helpers depending on the socket. 2282 */ 2283static int pppol2tp_ioctl(struct socket *sock, unsigned int cmd, 2284 unsigned long arg) 2285{ 2286 struct sock *sk = sock->sk; 2287 struct pppol2tp_session *session; 2288 struct pppol2tp_tunnel *tunnel; 2289 int err = 0; 2290 2291 ENTER_FUNCTION; 2292 2293 if (!sk) 2294 return 0; 2295 2296 if (sock_flag(sk, SOCK_DEAD) != 0) 2297 return -EBADF; 2298 2299 if ((sk->sk_user_data == NULL) || 2300 (!(sk->sk_state & (PPPOX_CONNECTED | PPPOX_BOUND)))) { 2301 err = -ENOTCONN; 2302 DPRINTK(-1, "ioctl: socket %p not connected.\n", sk); 2303 goto end; 2304 } 2305 2306 SOCK_2_SESSION(sk, session, err, -EBADF, end, 0); 2307 SOCK_2_TUNNEL(session->tunnel_sock, tunnel, err, -EBADF, end, 1); 2308 2309 /* Special case: if session's session_id is zero, treat ioctl as a 2310 * tunnel ioctl 2311 */ 2312 if ((session->tunnel_addr.s_session == 0) && 2313 (session->tunnel_addr.d_session == 0)) { 2314 err = pppol2tp_tunnel_ioctl(tunnel, cmd, arg); 2315 goto end; 2316 } 2317 2318 err = pppol2tp_session_ioctl(session, cmd, arg); 2319 2320end: 2321 EXIT_FUNCTION; 2322 return err; 2323} 2324 2325/***************************************************************************** 2326 * setsockopt() / getsockopt() support. 2327 * 2328 * The PPPoX socket is created for L2TP sessions: tunnels have their own UDP 2329 * sockets. In order to control kernel tunnel features, we allow userspace to 2330 * create a special "tunnel" PPPoX socket which is used for control only. 2331 * Tunnel PPPoX sockets have session_id == 0 and simply allow the user 2332 * application to issue L2TP setsockopt(), getsockopt() and ioctl() calls. 2333 *****************************************************************************/ 2334 2335/* Tunnel setsockopt() helper. 2336 */ 2337static int pppol2tp_tunnel_setsockopt(struct sock *sk, 2338 struct pppol2tp_tunnel *tunnel, 2339 int optname, int val) 2340{ 2341 int err = 0; 2342 2343 switch (optname) { 2344 case PPPOL2TP_SO_DEBUG: 2345 tunnel->debug = val; 2346 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2347 "%s: set debug=%x\n", tunnel->name, tunnel->debug); 2348 break; 2349 2350 default: 2351 err = -ENOPROTOOPT; 2352 break; 2353 } 2354 2355 return err; 2356} 2357 2358/* Session setsockopt helper. 2359 */ 2360static int pppol2tp_session_setsockopt(struct sock *sk, 2361 struct pppol2tp_session *session, 2362 int optname, int val) 2363{ 2364 int err = 0; 2365 2366 switch (optname) { 2367 case PPPOL2TP_SO_RECVSEQ: 2368 if ((val != 0) && (val != 1)) { 2369 err = -EINVAL; 2370 break; 2371 } 2372 session->recv_seq = val ? -1 : 0; 2373 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2374 "%s: set recv_seq=%d\n", session->name, 2375 session->recv_seq); 2376 break; 2377 2378 case PPPOL2TP_SO_SENDSEQ: 2379 if ((val != 0) && (val != 1)) { 2380 err = -EINVAL; 2381 break; 2382 } 2383 session->send_seq = val ? -1 : 0; 2384 { 2385 /* FIXME: is it safe to change the ppp channel's 2386 * hdrlen on the fly? 2387 */ 2388 struct sock *sk = session->sock; 2389#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 2390 struct pppox_sock *po = pppox_sk(sk); 2391#else 2392 struct pppox_opt *po = pppox_sk(sk); 2393#endif 2394 po->chan.hdrlen = val ? PPPOL2TP_L2TP_HDR_SIZE_SEQ : 2395 PPPOL2TP_L2TP_HDR_SIZE_NOSEQ; 2396 } 2397 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2398 "%s: set send_seq=%d\n", session->name, session->send_seq); 2399 break; 2400 2401 case PPPOL2TP_SO_LNSMODE: 2402 if ((val != 0) && (val != 1)) { 2403 err = -EINVAL; 2404 break; 2405 } 2406 session->lns_mode = val ? -1 : 0; 2407 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2408 "%s: set lns_mode=%d\n", session->name, 2409 session->lns_mode); 2410 break; 2411 2412 case PPPOL2TP_SO_DEBUG: 2413 session->debug = val; 2414 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2415 "%s: set debug=%x\n", session->name, session->debug); 2416 break; 2417 2418 case PPPOL2TP_SO_REORDERTO: 2419 session->reorder_timeout = MS_TO_JIFFIES(val); 2420 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2421 "%s: set reorder_timeout=%d\n", session->name, 2422 session->reorder_timeout); 2423 break; 2424 2425 default: 2426 err = -ENOPROTOOPT; 2427 break; 2428 } 2429 2430 return err; 2431} 2432 2433/* Main setsockopt() entry point. 2434 * Does API checks, then calls either the tunnel or session setsockopt 2435 * handler, according to whether the PPPoL2TP socket is a for a regular 2436 * session or the special tunnel type. 2437 */ 2438static int pppol2tp_setsockopt(struct socket *sock, int level, int optname, 2439 char *optval, int optlen) 2440{ 2441 struct sock *sk = sock->sk; 2442 struct pppol2tp_session *session = sk->sk_user_data; 2443 struct pppol2tp_tunnel *tunnel; 2444 int val; 2445 int err = 0; 2446 2447 if (level != SOL_PPPOL2TP) 2448 return -EINVAL; 2449 //return udp_prot.setsockopt(sk, level, optname, optval, optlen); 2450 2451 if (optlen<sizeof(int)) 2452 return -EINVAL; 2453 2454 if (get_user(val, (int __user *)optval)) 2455 return -EFAULT; 2456 2457 if (sk->sk_user_data == NULL) { 2458 err = -ENOTCONN; 2459 DPRINTK(-1, "setsockopt: socket %p not connected.\n", sk); 2460 goto end; 2461 } 2462 2463 SOCK_2_SESSION(sk, session, err, -EBADF, end, 0); 2464 SOCK_2_TUNNEL(session->tunnel_sock, tunnel, err, -EBADF, end, 1); 2465 2466 lock_sock(sk); 2467 2468 /* Special case: if session_id == 0x0000, treat as operation on tunnel 2469 */ 2470 if ((session->tunnel_addr.s_session == 0) && 2471 (session->tunnel_addr.d_session == 0)) 2472 err = pppol2tp_tunnel_setsockopt(sk, tunnel, optname, val); 2473 else 2474 err = pppol2tp_session_setsockopt(sk, session, optname, val); 2475 2476 release_sock(sk); 2477end: 2478 return err; 2479} 2480 2481/* Tunnel getsockopt helper. 2482 */ 2483static int pppol2tp_tunnel_getsockopt(struct sock *sk, 2484 struct pppol2tp_tunnel *tunnel, 2485 int optname, int *val) 2486{ 2487 int err = 0; 2488 2489 switch (optname) { 2490 case PPPOL2TP_SO_DEBUG: 2491 *val = tunnel->debug; 2492 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2493 "%s: get debug=%x\n", tunnel->name, tunnel->debug); 2494 break; 2495 2496 default: 2497 err = -ENOPROTOOPT; 2498 break; 2499 } 2500 2501 return err; 2502} 2503 2504/* Session getsockopt helper. 2505 */ 2506static int pppol2tp_session_getsockopt(struct sock *sk, 2507 struct pppol2tp_session *session, 2508 int optname, int *val) 2509{ 2510 int err = 0; 2511 2512 switch (optname) { 2513 case PPPOL2TP_SO_RECVSEQ: 2514 *val = session->recv_seq; 2515 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2516 "%s: get recv_seq=%d\n", session->name, *val); 2517 break; 2518 2519 case PPPOL2TP_SO_SENDSEQ: 2520 *val = session->send_seq; 2521 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2522 "%s: get send_seq=%d\n", session->name, *val); 2523 break; 2524 2525 case PPPOL2TP_SO_LNSMODE: 2526 *val = session->lns_mode; 2527 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2528 "%s: get lns_mode=%d\n", session->name, *val); 2529 break; 2530 2531 case PPPOL2TP_SO_DEBUG: 2532 *val = session->debug; 2533 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2534 "%s: get debug=%d\n", session->name, *val); 2535 break; 2536 2537 case PPPOL2TP_SO_REORDERTO: 2538 *val = JIFFIES_TO_MS(session->reorder_timeout); 2539 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 2540 "%s: get reorder_timeout=%d\n", session->name, *val); 2541 break; 2542 2543 default: 2544 err = -ENOPROTOOPT; 2545 } 2546 2547 return err; 2548} 2549 2550/* Main getsockopt() entry point. 2551 * Does API checks, then calls either the tunnel or session getsockopt 2552 * handler, according to whether the PPPoX socket is a for a regular session 2553 * or the special tunnel type. 2554 */ 2555static int pppol2tp_getsockopt(struct socket *sock, int level, 2556 int optname, char *optval, int *optlen) 2557{ 2558 struct sock *sk = sock->sk; 2559 struct pppol2tp_session *session = sk->sk_user_data; 2560 struct pppol2tp_tunnel *tunnel; 2561 int val, len; 2562 int err = 0; 2563 2564 if (level != SOL_PPPOL2TP) 2565 return -EINVAL; 2566 //return udp_prot.getsockopt(sk, level, optname, optval, optlen); 2567 2568 if (get_user(len, (int __user *) optlen)) 2569 return -EFAULT; 2570 2571 len = min_t(unsigned int, len, sizeof(int)); 2572 2573 if (len < 0) 2574 return -EINVAL; 2575 2576 if (sk->sk_user_data == NULL) { 2577 err = -ENOTCONN; 2578 DPRINTK(-1, "getsockopt: socket %p not connected.\n", sk); 2579 goto end; 2580 } 2581 2582 /* Get the session and tunnel contexts */ 2583 SOCK_2_SESSION(sk, session, err, -EBADF, end, 0); 2584 SOCK_2_TUNNEL(session->tunnel_sock, tunnel, err, -EBADF, end, 1); 2585 2586 /* Special case: if session_id == 0x0000, treat as operation on tunnel */ 2587 if ((session->tunnel_addr.s_session == 0) && 2588 (session->tunnel_addr.d_session == 0)) 2589 err = pppol2tp_tunnel_getsockopt(sk, tunnel, optname, &val); 2590 else 2591 err = pppol2tp_session_getsockopt(sk, session, optname, &val); 2592 2593 2594 if (put_user(len, (int __user *) optlen)) 2595 return -EFAULT; 2596 2597 if (copy_to_user((void __user *) optval, &val, len)) 2598 return -EFAULT; 2599 2600end: 2601 return err; 2602} 2603 2604/***************************************************************************** 2605 * /proc filesystem for debug 2606 *****************************************************************************/ 2607 2608#ifdef CONFIG_PROC_FS 2609 2610#include <linux/seq_file.h> 2611 2612static int pppol2tp_proc_open(struct inode *inode, struct file *file); 2613static void *pppol2tp_proc_start(struct seq_file *m, loff_t *_pos); 2614static void *pppol2tp_proc_next(struct seq_file *p, void *v, loff_t *pos); 2615static void pppol2tp_proc_stop(struct seq_file *p, void *v); 2616static int pppol2tp_proc_show(struct seq_file *m, void *v); 2617 2618static struct proc_dir_entry *pppol2tp_proc; 2619 2620static struct seq_operations pppol2tp_proc_ops = { 2621 .start = pppol2tp_proc_start, 2622 .next = pppol2tp_proc_next, 2623 .stop = pppol2tp_proc_stop, 2624 .show = pppol2tp_proc_show, 2625}; 2626 2627static struct file_operations pppol2tp_proc_fops = { 2628 .owner = THIS_MODULE, 2629 .open = pppol2tp_proc_open, 2630 .read = seq_read, 2631 .llseek = seq_lseek, 2632 .release = seq_release, 2633}; 2634 2635static int pppol2tp_proc_open(struct inode *inode, struct file *file) 2636{ 2637 struct seq_file *m; 2638 int ret = 0; 2639 2640 ENTER_FUNCTION; 2641 ret = seq_open(file, &pppol2tp_proc_ops); 2642 if (ret < 0) 2643 goto out; 2644 2645 m = file->private_data; 2646 m->private = PDE(inode)->data; 2647 2648out: 2649 EXIT_FUNCTION; 2650 return ret; 2651} 2652 2653static void *pppol2tp_proc_start(struct seq_file *m, loff_t *_pos) 2654{ 2655 struct pppol2tp_tunnel *tunnel = NULL; 2656 loff_t pos = *_pos; 2657 struct list_head *walk; 2658 struct list_head *tmp; 2659 2660 ENTER_FUNCTION; 2661 2662 /* allow for the header line */ 2663 if (!pos) { 2664 tunnel = (void *)1; 2665 goto out; 2666 } 2667 pos--; 2668 2669 /* find the n'th element in the list */ 2670 list_for_each_safe(walk, tmp, &pppol2tp_tunnel_list) { 2671 tunnel = list_entry(walk, struct pppol2tp_tunnel, list); 2672 if (!pos--) { 2673 sock_hold(tunnel->sock); 2674 goto out; 2675 } 2676 } 2677 tunnel = NULL; 2678 2679out: 2680 EXIT_FUNCTION; 2681 2682 return tunnel; 2683} 2684 2685static void *pppol2tp_proc_next(struct seq_file *p, void *v, loff_t *pos) 2686{ 2687 struct pppol2tp_tunnel *tunnel = v; 2688 struct list_head *tmp; 2689 struct list_head *list; 2690 2691 ENTER_FUNCTION; 2692 2693 (*pos)++; 2694 2695 if (v == (void *)1) 2696 list = &pppol2tp_tunnel_list; 2697 else 2698 list = &tunnel->list; 2699 2700 tmp = list->next; 2701 if (tmp == &pppol2tp_tunnel_list) 2702 tunnel = NULL; 2703 else 2704 tunnel = list_entry(tmp, struct pppol2tp_tunnel, list); 2705 2706 EXIT_FUNCTION; 2707 2708 return tunnel; 2709} 2710 2711static void pppol2tp_proc_stop(struct seq_file *p, void *v) 2712{ 2713 struct pppol2tp_tunnel *tunnel = v; 2714 2715 ENTER_FUNCTION; 2716 2717 if (tunnel != NULL) 2718 sock_put(tunnel->sock); 2719 2720 EXIT_FUNCTION; 2721} 2722 2723static int pppol2tp_proc_show(struct seq_file *m, void *v) 2724{ 2725 struct pppol2tp_tunnel *tunnel = v; 2726 struct pppol2tp_session *session; 2727 struct hlist_node *walk; 2728 struct hlist_node *tmp; 2729 int i; 2730 2731 ENTER_FUNCTION; 2732 2733 /* display header on line 1 */ 2734 if (v == (void *)1) { 2735 seq_puts(m, "PPPoL2TP driver info, " PPPOL2TP_DRV_VERSION "\n"); 2736 seq_puts(m, "TUNNEL name, user-data-ok " 2737 "session-count magic-ok\n"); 2738 seq_puts(m, " debug tx-pkts/bytes/errs rx-pkts/bytes/errs\n"); 2739 seq_puts(m, " SESSION name, addr/port src-tid/sid " 2740 "dest-tid/sid state user-data-ok magic-ok\n"); 2741 seq_puts(m, " mtu/mru/rcvseq/sendseq/lns debug reorderto\n"); 2742 seq_puts(m, " nr/ns tx-pkts/bytes/errs rx-pkts/bytes/errs\n"); 2743 goto out; 2744 } 2745 2746 seq_printf(m, "TUNNEL '%s', %c %d MAGIC %s\n", 2747 tunnel->name, 2748 (tunnel == tunnel->sock->sk_user_data) ? 'Y':'N', 2749 atomic_read(&tunnel->session_count), 2750 (tunnel->magic == L2TP_TUNNEL_MAGIC) ? "OK" : "BAD"); 2751 seq_printf(m, " %08x %llu/%llu/%llu %llu/%llu/%llu\n", 2752 tunnel->debug, 2753 tunnel->stats.tx_packets, tunnel->stats.tx_bytes, 2754 tunnel->stats.tx_errors, 2755 tunnel->stats.rx_packets, tunnel->stats.rx_bytes, 2756 tunnel->stats.rx_errors); 2757 2758 if (tunnel->magic != L2TP_TUNNEL_MAGIC) { 2759 seq_puts(m, "*** Aborting ***\n"); 2760 goto out; 2761 } 2762 2763 for (i = 0; i < PPPOL2TP_HASH_SIZE; i++) { 2764 hlist_for_each_safe(walk, tmp, &tunnel->session_hlist[i]) { 2765 session = hlist_entry(walk, struct pppol2tp_session, hlist); 2766 seq_printf(m, " SESSION '%s' %08X/%d %04X/%04X -> " 2767 "%04X/%04X %d %c MAGIC %s\n", 2768 session->name, 2769 htonl(session->tunnel_addr.addr.sin_addr.s_addr), 2770 htons(session->tunnel_addr.addr.sin_port), 2771 session->tunnel_addr.s_tunnel, 2772 session->tunnel_addr.s_session, 2773 session->tunnel_addr.d_tunnel, 2774 session->tunnel_addr.d_session, 2775 session->sock->sk_state, 2776 (session == session->sock->sk_user_data) ? 2777 'Y' : 'N', 2778 (session->magic == L2TP_SESSION_MAGIC) ? 2779 "OK" : "BAD"); 2780 2781 seq_printf(m, " %d/%d/%c/%c/%s %08x %d\n", 2782 session->mtu, session->mru, 2783 session->recv_seq ? 'R' : '-', 2784 session->send_seq ? 'S' : '-', 2785 session->lns_mode ? "LNS" : "LAC", 2786 session->debug, 2787 JIFFIES_TO_MS(session->reorder_timeout)); 2788 seq_printf(m, " %hu/%hu %llu/%llu/%llu %llu/%llu/%llu\n", 2789 session->nr, session->ns, 2790 session->stats.tx_packets, 2791 session->stats.tx_bytes, 2792 session->stats.tx_errors, 2793 session->stats.rx_packets, 2794 session->stats.rx_bytes, 2795 session->stats.rx_errors); 2796 2797 if (session->magic != L2TP_SESSION_MAGIC) { 2798 seq_puts(m, "*** Aborting ***\n"); 2799 goto out; 2800 } 2801 } 2802 } 2803out: 2804 seq_puts(m, "\n"); 2805 2806 EXIT_FUNCTION; 2807 2808 return 0; 2809} 2810 2811#endif /* CONFIG_PROC_FS */ 2812 2813/***************************************************************************** 2814 * Init and cleanup 2815 *****************************************************************************/ 2816 2817static struct proto_ops pppol2tp_ops = { 2818 .family = AF_PPPOX, 2819 .owner = THIS_MODULE, 2820 .release = pppol2tp_release, 2821 .bind = sock_no_bind, 2822 .connect = pppol2tp_connect, 2823 .socketpair = sock_no_socketpair, 2824 .accept = sock_no_accept, 2825 .getname = pppol2tp_getname, 2826 .poll = datagram_poll, 2827 .listen = sock_no_listen, 2828 .shutdown = sock_no_shutdown, 2829 .setsockopt = pppol2tp_setsockopt, 2830 .getsockopt = pppol2tp_getsockopt, 2831 .sendmsg = pppol2tp_sendmsg, 2832 .recvmsg = pppol2tp_recvmsg, 2833 .mmap = sock_no_mmap, 2834#if (LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16)) 2835 .ioctl = pppol2tp_ioctl, 2836#else 2837 .ioctl = pppox_ioctl, 2838#endif 2839}; 2840 2841struct pppox_proto pppol2tp_proto = { 2842 .create = pppol2tp_create, 2843 .ioctl = pppol2tp_ioctl 2844}; 2845 2846int __init pppol2tp_init(void) 2847{ 2848 int err; 2849 2850#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 2851 err = proto_register(&pppol2tp_sk_proto, 0); 2852 if (err) 2853 goto out; 2854#endif 2855 err = register_pppox_proto(PX_PROTO_OL2TP, &pppol2tp_proto); 2856 if (err) 2857 goto out_unregister_pppol2tp_proto; 2858 2859#ifdef CONFIG_PROC_FS 2860 pppol2tp_proc = create_proc_entry("pppol2tp", 0, proc_net); 2861 if (!pppol2tp_proc) { 2862 err = -ENOMEM; 2863 goto out_unregister_pppox_proto; 2864 } 2865 pppol2tp_proc->proc_fops = &pppol2tp_proc_fops; 2866#endif /* CONFIG_PROC_FS */ 2867 printk(KERN_INFO "PPPoL2TP kernel driver, %s\n", 2868 PPPOL2TP_DRV_VERSION); 2869 2870out: 2871 return err; 2872 2873out_unregister_pppox_proto: 2874 unregister_pppox_proto(PX_PROTO_OL2TP); 2875out_unregister_pppol2tp_proto: 2876#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 2877 proto_unregister(&pppol2tp_sk_proto); 2878#endif 2879 goto out; 2880} 2881 2882void __exit pppol2tp_exit(void) 2883{ 2884 unregister_pppox_proto(PX_PROTO_OL2TP); 2885 2886#ifdef CONFIG_PROC_FS 2887 remove_proc_entry("pppol2tp", proc_net); 2888#endif 2889#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)) 2890 proto_unregister(&pppol2tp_sk_proto); 2891#endif 2892} 2893 2894module_init(pppol2tp_init); 2895module_exit(pppol2tp_exit); 2896 2897MODULE_AUTHOR("Martijn van Oosterhout <kleptog@svana.org>"); 2898MODULE_DESCRIPTION("PPP over L2TP over UDP"); 2899MODULE_LICENSE("GPL"); 2900MODULE_VERSION(PPPOL2TP_DRV_VERSION); 2901