]> bbs.cooldavid.org Git - net-next-2.6.git/blame - drivers/net/ppp_generic.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
net/llc: make opt unsigned in llc_ui_setsockopt()
[net-next-2.6.git] / drivers / net / ppp_generic.c
CommitLineData
1da177e4
LT		 1/*
2 * Generic PPP layer for Linux.
3 *
4 * Copyright 1999-2002 Paul Mackerras.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 * The generic PPP layer handles the PPP network interfaces, the
12 * /dev/ppp device, packet and VJ compression, and multilink.
13 * It talks to PPP `channels' via the interface defined in
14 * include/linux/ppp_channel.h. Channels provide the basic means for
15 * sending and receiving PPP frames on some kind of communications
16 * channel.
17 *
18 * Part of the code in this driver was inspired by the old async-only
19 * PPP driver, written by Michael Callahan and Al Longyear, and
20 * subsequently hacked by Paul Mackerras.
21 *
22 * ==FILEVERSION 20041108==
23 */
24
1da177e4
LT		 25#include <linux/module.h>
26#include <linux/kernel.h>
27#include <linux/kmod.h>
28#include <linux/init.h>
29#include <linux/list.h>
7a95d267 30#include <linux/idr.h>
1da177e4
LT		 31#include <linux/netdevice.h>
32#include <linux/poll.h>
33#include <linux/ppp_defs.h>
34#include <linux/filter.h>
35#include <linux/if_ppp.h>
36#include <linux/ppp_channel.h>
37#include <linux/ppp-comp.h>
38#include <linux/skbuff.h>
39#include <linux/rtnetlink.h>
40#include <linux/if_arp.h>
41#include <linux/ip.h>
42#include <linux/tcp.h>
43#include <linux/spinlock.h>
1da177e4
LT		 44#include <linux/rwsem.h>
45#include <linux/stddef.h>
46#include <linux/device.h>
8ed965d6 47#include <linux/mutex.h>
5a0e3ad6 48#include <linux/slab.h>
1da177e4
LT		 49#include <net/slhc_vj.h>
50#include <asm/atomic.h>
51
273ec51d
CG		 52#include <linux/nsproxy.h>
53#include <net/net_namespace.h>
54#include <net/netns/generic.h>
55
1da177e4
LT		 56#define PPP_VERSION "2.4.2"
57
58/*
59 * Network protocols we support.
60 */
61#define NP_IP 0 /* Internet Protocol V4 */
62#define NP_IPV6 1 /* Internet Protocol V6 */
63#define NP_IPX 2 /* IPX protocol */
64#define NP_AT 3 /* Appletalk protocol */
65#define NP_MPLS_UC 4 /* MPLS unicast */
66#define NP_MPLS_MC 5 /* MPLS multicast */
67#define NUM_NP 6 /* Number of NPs. */
68
69#define MPHDRLEN 6 /* multilink protocol header length */
70#define MPHDRLEN_SSN 4 /* ditto with short sequence numbers */
1da177e4
LT		 71
72/*
73 * An instance of /dev/ppp can be associated with either a ppp
74 * interface unit or a ppp channel. In both cases, file->private_data
75 * points to one of these.
76 */
77struct ppp_file {
78 enum {
79 INTERFACE=1, CHANNEL
80 } kind;
81 struct sk_buff_head xq; /* pppd transmit queue */
82 struct sk_buff_head rq; /* receive queue for pppd */
83 wait_queue_head_t rwait; /* for poll on reading /dev/ppp */
84 atomic_t refcnt; /* # refs (incl /dev/ppp attached) */
85 int hdrlen; /* space to leave for headers */
86 int index; /* interface unit / channel number */
87 int dead; /* unit/channel has been shut down */
88};
89
b385a144 90#define PF_TO_X(pf, X) container_of(pf, X, file)
1da177e4
LT		 91
92#define PF_TO_PPP(pf) PF_TO_X(pf, struct ppp)
93#define PF_TO_CHANNEL(pf) PF_TO_X(pf, struct channel)
94
1da177e4
LT		 95/*
96 * Data structure describing one ppp unit.
97 * A ppp unit corresponds to a ppp network interface device
98 * and represents a multilink bundle.
99 * It can have 0 or more ppp channels connected to it.
100 */
101struct ppp {
102 struct ppp_file file; /* stuff for read/write/poll 0 */
103 struct file *owner; /* file that owns this unit 48 */
104 struct list_head channels; /* list of attached channels 4c */
105 int n_channels; /* how many channels are attached 54 */
106 spinlock_t rlock; /* lock for receive side 58 */
107 spinlock_t wlock; /* lock for transmit side 5c */
108 int mru; /* max receive unit 60 */
109 unsigned int flags; /* control bits 64 */
110 unsigned int xstate; /* transmit state bits 68 */
111 unsigned int rstate; /* receive state bits 6c */
112 int debug; /* debug flags 70 */
113 struct slcompress *vj; /* state for VJ header compression */
114 enum NPmode npmode[NUM_NP]; /* what to do with each net proto 78 */
115 struct sk_buff *xmit_pending; /* a packet ready to go out 88 */
116 struct compressor *xcomp; /* transmit packet compressor 8c */
117 void *xc_state; /* its internal state 90 */
118 struct compressor *rcomp; /* receive decompressor 94 */
119 void *rc_state; /* its internal state 98 */
120 unsigned long last_xmit; /* jiffies when last pkt sent 9c */
121 unsigned long last_recv; /* jiffies when last pkt rcvd a0 */
122 struct net_device *dev; /* network interface device a4 */
739840d5 123 int closing; /* is device closing down? a8 */
1da177e4
LT		 124#ifdef CONFIG_PPP_MULTILINK
125 int nxchan; /* next channel to send something on */
126 u32 nxseq; /* next sequence number to send */
127 int mrru; /* MP: max reconst. receive unit */
128 u32 nextseq; /* MP: seq no of next packet */
129 u32 minseq; /* MP: min of most recent seqnos */
130 struct sk_buff_head mrq; /* MP: receive reconstruction queue */
131#endif /* CONFIG_PPP_MULTILINK */
1da177e4
LT		 132#ifdef CONFIG_PPP_FILTER
133 struct sock_filter *pass_filter; /* filter for packets to pass */
134 struct sock_filter *active_filter;/* filter for pkts to reset idle */
135 unsigned pass_len, active_len;
136#endif /* CONFIG_PPP_FILTER */
273ec51d 137 struct net *ppp_net; /* the net we belong to */
1da177e4
LT		 138};
139
140/*
141 * Bits in flags: SC_NO_TCP_CCID, SC_CCP_OPEN, SC_CCP_UP, SC_LOOP_TRAFFIC,
b3f9b92a
MD		 142 * SC_MULTILINK, SC_MP_SHORTSEQ, SC_MP_XSHORTSEQ, SC_COMP_TCP, SC_REJ_COMP_TCP,
143 * SC_MUST_COMP
1da177e4
LT		 144 * Bits in rstate: SC_DECOMP_RUN, SC_DC_ERROR, SC_DC_FERROR.
145 * Bits in xstate: SC_COMP_RUN
146 */
147#define SC_FLAG_BITS (SC_NO_TCP_CCID|SC_CCP_OPEN|SC_CCP_UP|SC_LOOP_TRAFFIC \
148 |SC_MULTILINK|SC_MP_SHORTSEQ|SC_MP_XSHORTSEQ \
b3f9b92a 149 |SC_COMP_TCP|SC_REJ_COMP_TCP|SC_MUST_COMP)
1da177e4
LT		 150
151/*
152 * Private data structure for each channel.
153 * This includes the data structure used for multilink.
154 */
155struct channel {
156 struct ppp_file file; /* stuff for read/write/poll */
157 struct list_head list; /* link in all/new_channels list */
158 struct ppp_channel *chan; /* public channel data structure */
159 struct rw_semaphore chan_sem; /* protects `chan' during chan ioctl */
160 spinlock_t downl; /* protects `chan', file.xq dequeue */
161 struct ppp *ppp; /* ppp unit we're connected to */
273ec51d 162 struct net *chan_net; /* the net channel belongs to */
1da177e4
LT		 163 struct list_head clist; /* link in list of channels per unit */
164 rwlock_t upl; /* protects `ppp' */
165#ifdef CONFIG_PPP_MULTILINK
166 u8 avail; /* flag used in multilink stuff */
167 u8 had_frag; /* >= 1 fragments have been sent */
168 u32 lastseq; /* MP: last sequence # received */
fa44a73c 169 int speed; /* speed of the corresponding ppp channel*/
1da177e4
LT		 170#endif /* CONFIG_PPP_MULTILINK */
171};
172
173/*
174 * SMP locking issues:
175 * Both the ppp.rlock and ppp.wlock locks protect the ppp.channels
176 * list and the ppp.n_channels field, you need to take both locks
177 * before you modify them.
178 * The lock ordering is: channel.upl -> ppp.wlock -> ppp.rlock ->
179 * channel.downl.
180 */
181
15fd0cd9 182static DEFINE_MUTEX(ppp_mutex);
1da177e4 183static atomic_t ppp_unit_count = ATOMIC_INIT(0);
1da177e4
LT		 184static atomic_t channel_count = ATOMIC_INIT(0);
185
273ec51d 186/* per-net private data for this module */
f99189b1 187static int ppp_net_id __read_mostly;
273ec51d
CG		 188struct ppp_net {
189 /* units to ppp mapping */
190 struct idr units_idr;
191
192 /*
193 * all_ppp_mutex protects the units_idr mapping.
194 * It also ensures that finding a ppp unit in the units_idr
195 * map and updating its file.refcnt field is atomic.
196 */
197 struct mutex all_ppp_mutex;
198
199 /* channels */
200 struct list_head all_channels;
201 struct list_head new_channels;
202 int last_channel_index;
203
204 /*
205 * all_channels_lock protects all_channels and
206 * last_channel_index, and the atomicity of find
207 * a channel and updating its file.refcnt field.
208 */
209 spinlock_t all_channels_lock;
210};
211
1da177e4
LT		 212/* Get the PPP protocol number from a skb */
213#define PPP_PROTO(skb) (((skb)->data[0] << 8) + (skb)->data[1])
214
215/* We limit the length of ppp->file.rq to this (arbitrary) value */
216#define PPP_MAX_RQLEN 32
217
218/*
219 * Maximum number of multilink fragments queued up.
220 * This has to be large enough to cope with the maximum latency of
221 * the slowest channel relative to the others. Strictly it should
222 * depend on the number of channels and their characteristics.
223 */
224#define PPP_MP_MAX_QLEN 128
225
226/* Multilink header bits. */
227#define B 0x80 /* this fragment begins a packet */
228#define E 0x40 /* this fragment ends a packet */
229
230/* Compare multilink sequence numbers (assumed to be 32 bits wide) */
231#define seq_before(a, b) ((s32)((a) - (b)) < 0)
232#define seq_after(a, b) ((s32)((a) - (b)) > 0)
233
234/* Prototypes. */
273ec51d
CG		 235static int ppp_unattached_ioctl(struct net *net, struct ppp_file *pf,
236 struct file *file, unsigned int cmd, unsigned long arg);
1da177e4
LT		 237static void ppp_xmit_process(struct ppp *ppp);
238static void ppp_send_frame(struct ppp *ppp, struct sk_buff *skb);
239static void ppp_push(struct ppp *ppp);
240static void ppp_channel_push(struct channel *pch);
241static void ppp_receive_frame(struct ppp *ppp, struct sk_buff *skb,
242 struct channel *pch);
243static void ppp_receive_error(struct ppp *ppp);
244static void ppp_receive_nonmp_frame(struct ppp *ppp, struct sk_buff *skb);
245static struct sk_buff *ppp_decompress_frame(struct ppp *ppp,
246 struct sk_buff *skb);
247#ifdef CONFIG_PPP_MULTILINK
248static void ppp_receive_mp_frame(struct ppp *ppp, struct sk_buff *skb,
249 struct channel *pch);
250static void ppp_mp_insert(struct ppp *ppp, struct sk_buff *skb);
251static struct sk_buff *ppp_mp_reconstruct(struct ppp *ppp);
252static int ppp_mp_explode(struct ppp *ppp, struct sk_buff *skb);
253#endif /* CONFIG_PPP_MULTILINK */
254static int ppp_set_compress(struct ppp *ppp, unsigned long arg);
255static void ppp_ccp_peek(struct ppp *ppp, struct sk_buff *skb, int inbound);
256static void ppp_ccp_closed(struct ppp *ppp);
257static struct compressor *find_compressor(int type);
258static void ppp_get_stats(struct ppp *ppp, struct ppp_stats *st);
273ec51d 259static struct ppp *ppp_create_interface(struct net *net, int unit, int *retp);
1da177e4
LT		 260static void init_ppp_file(struct ppp_file *pf, int kind);
261static void ppp_shutdown_interface(struct ppp *ppp);
262static void ppp_destroy_interface(struct ppp *ppp);
273ec51d
CG		 263static struct ppp *ppp_find_unit(struct ppp_net *pn, int unit);
264static struct channel *ppp_find_channel(struct ppp_net *pn, int unit);
1da177e4
LT		 265static int ppp_connect_channel(struct channel *pch, int unit);
266static int ppp_disconnect_channel(struct channel *pch);
267static void ppp_destroy_channel(struct channel *pch);
7a95d267 268static int unit_get(struct idr *p, void *ptr);
85997576 269static int unit_set(struct idr *p, void *ptr, int n);
7a95d267
CG		 270static void unit_put(struct idr *p, int n);
271static void *unit_find(struct idr *p, int n);
1da177e4 272
56b22935 273static struct class *ppp_class;
1da177e4 274
273ec51d
CG		 275/* per net-namespace data */
276static inline struct ppp_net *ppp_pernet(struct net *net)
277{
278 BUG_ON(!net);
279
280 return net_generic(net, ppp_net_id);
281}
282
1da177e4
LT		 283/* Translates a PPP protocol number to a NP index (NP == network protocol) */
284static inline int proto_to_npindex(int proto)
285{
286 switch (proto) {
287 case PPP_IP:
288 return NP_IP;
289 case PPP_IPV6:
290 return NP_IPV6;
291 case PPP_IPX:
292 return NP_IPX;
293 case PPP_AT:
294 return NP_AT;
295 case PPP_MPLS_UC:
296 return NP_MPLS_UC;
297 case PPP_MPLS_MC:
298 return NP_MPLS_MC;
299 }
300 return -EINVAL;
301}
302
303/* Translates an NP index into a PPP protocol number */
304static const int npindex_to_proto[NUM_NP] = {
305 PPP_IP,
306 PPP_IPV6,
307 PPP_IPX,
308 PPP_AT,
309 PPP_MPLS_UC,
310 PPP_MPLS_MC,
311};
6aa20a22 312
1da177e4
LT		 313/* Translates an ethertype into an NP index */
314static inline int ethertype_to_npindex(int ethertype)
315{
316 switch (ethertype) {
317 case ETH_P_IP:
318 return NP_IP;
319 case ETH_P_IPV6:
320 return NP_IPV6;
321 case ETH_P_IPX:
322 return NP_IPX;
323 case ETH_P_PPPTALK:
324 case ETH_P_ATALK:
325 return NP_AT;
326 case ETH_P_MPLS_UC:
327 return NP_MPLS_UC;
328 case ETH_P_MPLS_MC:
329 return NP_MPLS_MC;
330 }
331 return -1;
332}
333
334/* Translates an NP index into an ethertype */
335static const int npindex_to_ethertype[NUM_NP] = {
336 ETH_P_IP,
337 ETH_P_IPV6,
338 ETH_P_IPX,
339 ETH_P_PPPTALK,
340 ETH_P_MPLS_UC,
341 ETH_P_MPLS_MC,
342};
343
344/*
345 * Locking shorthand.
346 */
347#define ppp_xmit_lock(ppp) spin_lock_bh(&(ppp)->wlock)
348#define ppp_xmit_unlock(ppp) spin_unlock_bh(&(ppp)->wlock)
349#define ppp_recv_lock(ppp) spin_lock_bh(&(ppp)->rlock)
350#define ppp_recv_unlock(ppp) spin_unlock_bh(&(ppp)->rlock)
351#define ppp_lock(ppp) do { ppp_xmit_lock(ppp); \
352 ppp_recv_lock(ppp); } while (0)
353#define ppp_unlock(ppp) do { ppp_recv_unlock(ppp); \
354 ppp_xmit_unlock(ppp); } while (0)
355
356/*
357 * /dev/ppp device routines.
358 * The /dev/ppp device is used by pppd to control the ppp unit.
359 * It supports the read, write, ioctl and poll functions.
360 * Open instances of /dev/ppp can be in one of three states:
361 * unattached, attached to a ppp unit, or attached to a ppp channel.
362 */
363static int ppp_open(struct inode *inode, struct file *file)
364{
365 /*
366 * This could (should?) be enforced by the permissions on /dev/ppp.
367 */
368 if (!capable(CAP_NET_ADMIN))
369 return -EPERM;
370 return 0;
371}
372
f3ff8a4d 373static int ppp_release(struct inode *unused, struct file *file)
1da177e4
LT		 374{
375 struct ppp_file *pf = file->private_data;
376 struct ppp *ppp;
377
cd228d54 378 if (pf) {
1da177e4
LT		 379 file->private_data = NULL;
380 if (pf->kind == INTERFACE) {
381 ppp = PF_TO_PPP(pf);
382 if (file == ppp->owner)
383 ppp_shutdown_interface(ppp);
384 }
385 if (atomic_dec_and_test(&pf->refcnt)) {
386 switch (pf->kind) {
387 case INTERFACE:
388 ppp_destroy_interface(PF_TO_PPP(pf));
389 break;
390 case CHANNEL:
391 ppp_destroy_channel(PF_TO_CHANNEL(pf));
392 break;
393 }
394 }
395 }
396 return 0;
397}
398
399static ssize_t ppp_read(struct file *file, char __user *buf,
400 size_t count, loff_t *ppos)
401{
402 struct ppp_file *pf = file->private_data;
403 DECLARE_WAITQUEUE(wait, current);
404 ssize_t ret;
405 struct sk_buff *skb = NULL;
19937d04 406 struct iovec iov;
1da177e4
LT		 407
408 ret = count;
409
cd228d54 410 if (!pf)
1da177e4
LT		 411 return -ENXIO;
412 add_wait_queue(&pf->rwait, &wait);
413 for (;;) {
414 set_current_state(TASK_INTERRUPTIBLE);
415 skb = skb_dequeue(&pf->rq);
416 if (skb)
417 break;
418 ret = 0;
419 if (pf->dead)
420 break;
421 if (pf->kind == INTERFACE) {
422 /*
423 * Return 0 (EOF) on an interface that has no
424 * channels connected, unless it is looping
425 * network traffic (demand mode).
426 */
427 struct ppp *ppp = PF_TO_PPP(pf);
8e95a202
JP		 428 if (ppp->n_channels == 0 &&
429 (ppp->flags & SC_LOOP_TRAFFIC) == 0)
1da177e4
LT		 430 break;
431 }
432 ret = -EAGAIN;
433 if (file->f_flags & O_NONBLOCK)
434 break;
435 ret = -ERESTARTSYS;
436 if (signal_pending(current))
437 break;
438 schedule();
439 }
440 set_current_state(TASK_RUNNING);
441 remove_wait_queue(&pf->rwait, &wait);
442
cd228d54 443 if (!skb)
1da177e4
LT		 444 goto out;
445
446 ret = -EOVERFLOW;
447 if (skb->len > count)
448 goto outf;
449 ret = -EFAULT;
19937d04
SA		 450 iov.iov_base = buf;
451 iov.iov_len = count;
452 if (skb_copy_datagram_iovec(skb, 0, &iov, skb->len))
1da177e4
LT		 453 goto outf;
454 ret = skb->len;
455
456 outf:
457 kfree_skb(skb);
458 out:
459 return ret;
460}
461
462static ssize_t ppp_write(struct file *file, const char __user *buf,
463 size_t count, loff_t *ppos)
464{
465 struct ppp_file *pf = file->private_data;
466 struct sk_buff *skb;
467 ssize_t ret;
468
cd228d54 469 if (!pf)
1da177e4
LT		 470 return -ENXIO;
471 ret = -ENOMEM;
472 skb = alloc_skb(count + pf->hdrlen, GFP_KERNEL);
cd228d54 473 if (!skb)
1da177e4
LT		 474 goto out;
475 skb_reserve(skb, pf->hdrlen);
476 ret = -EFAULT;
477 if (copy_from_user(skb_put(skb, count), buf, count)) {
478 kfree_skb(skb);
479 goto out;
480 }
481
482 skb_queue_tail(&pf->xq, skb);
483
484 switch (pf->kind) {
485 case INTERFACE:
486 ppp_xmit_process(PF_TO_PPP(pf));
487 break;
488 case CHANNEL:
489 ppp_channel_push(PF_TO_CHANNEL(pf));
490 break;
491 }
492
493 ret = count;
494
495 out:
496 return ret;
497}
498
499/* No kernel lock - fine */
500static unsigned int ppp_poll(struct file *file, poll_table *wait)
501{
502 struct ppp_file *pf = file->private_data;
503 unsigned int mask;
504
cd228d54 505 if (!pf)
1da177e4
LT		 506 return 0;
507 poll_wait(file, &pf->rwait, wait);
508 mask = POLLOUT | POLLWRNORM;
cd228d54 509 if (skb_peek(&pf->rq))
1da177e4
LT		 510 mask |= POLLIN | POLLRDNORM;
511 if (pf->dead)
512 mask |= POLLHUP;
513 else if (pf->kind == INTERFACE) {
514 /* see comment in ppp_read */
515 struct ppp *ppp = PF_TO_PPP(pf);
8e95a202
JP		 516 if (ppp->n_channels == 0 &&
517 (ppp->flags & SC_LOOP_TRAFFIC) == 0)
1da177e4
LT		 518 mask |= POLLIN | POLLRDNORM;
519 }
520
521 return mask;
522}
523
524#ifdef CONFIG_PPP_FILTER
525static int get_filter(void __user *arg, struct sock_filter **p)
526{
527 struct sock_fprog uprog;
528 struct sock_filter *code = NULL;
529 int len, err;
530
531 if (copy_from_user(&uprog, arg, sizeof(uprog)))
532 return -EFAULT;
533
1da177e4
LT		 534 if (!uprog.len) {
535 *p = NULL;
536 return 0;
537 }
538
539 len = uprog.len * sizeof(struct sock_filter);
b23d00e9
JL		 540 code = memdup_user(uprog.filter, len);
541 if (IS_ERR(code))
542 return PTR_ERR(code);
1da177e4
LT		 543
544 err = sk_chk_filter(code, uprog.len);
545 if (err) {
546 kfree(code);
547 return err;
548 }
549
550 *p = code;
551 return uprog.len;
552}
553#endif /* CONFIG_PPP_FILTER */
554
f3ff8a4d 555static long ppp_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1da177e4
LT		 556{
557 struct ppp_file *pf = file->private_data;
558 struct ppp *ppp;
559 int err = -EFAULT, val, val2, i;
560 struct ppp_idle idle;
561 struct npioctl npi;
562 int unit, cflags;
563 struct slcompress *vj;
564 void __user *argp = (void __user *)arg;
565 int __user *p = argp;
566
cd228d54 567 if (!pf)
273ec51d
CG		 568 return ppp_unattached_ioctl(current->nsproxy->net_ns,
569 pf, file, cmd, arg);
1da177e4
LT		 570
571 if (cmd == PPPIOCDETACH) {
572 /*
573 * We have to be careful here... if the file descriptor
574 * has been dup'd, we could have another process in the
575 * middle of a poll using the same file *, so we had
576 * better not free the interface data structures -
577 * instead we fail the ioctl. Even in this case, we
578 * shut down the interface if we are the owner of it.
579 * Actually, we should get rid of PPPIOCDETACH, userland
580 * (i.e. pppd) could achieve the same effect by closing
581 * this fd and reopening /dev/ppp.
582 */
583 err = -EINVAL;
15fd0cd9 584 mutex_lock(&ppp_mutex);
1da177e4
LT		 585 if (pf->kind == INTERFACE) {
586 ppp = PF_TO_PPP(pf);
587 if (file == ppp->owner)
588 ppp_shutdown_interface(ppp);
589 }
516e0cc5 590 if (atomic_long_read(&file->f_count) <= 2) {
f3ff8a4d 591 ppp_release(NULL, file);
1da177e4
LT		 592 err = 0;
593 } else
516e0cc5
AV		 594 printk(KERN_DEBUG "PPPIOCDETACH file->f_count=%ld\n",
595 atomic_long_read(&file->f_count));
15fd0cd9 596 mutex_unlock(&ppp_mutex);
1da177e4
LT		 597 return err;
598 }
599
600 if (pf->kind == CHANNEL) {
f3ff8a4d 601 struct channel *pch;
1da177e4
LT		 602 struct ppp_channel *chan;
603
15fd0cd9 604 mutex_lock(&ppp_mutex);
f3ff8a4d
AC		 605 pch = PF_TO_CHANNEL(pf);
606
1da177e4
LT		 607 switch (cmd) {
608 case PPPIOCCONNECT:
609 if (get_user(unit, p))
610 break;
611 err = ppp_connect_channel(pch, unit);
612 break;
613
614 case PPPIOCDISCONN:
615 err = ppp_disconnect_channel(pch);
616 break;
617
618 default:
619 down_read(&pch->chan_sem);
620 chan = pch->chan;
621 err = -ENOTTY;
622 if (chan && chan->ops->ioctl)
623 err = chan->ops->ioctl(chan, cmd, arg);
624 up_read(&pch->chan_sem);
625 }
15fd0cd9 626 mutex_unlock(&ppp_mutex);
1da177e4
LT		 627 return err;
628 }
629
630 if (pf->kind != INTERFACE) {
631 /* can't happen */
632 printk(KERN_ERR "PPP: not interface or channel??\n");
633 return -EINVAL;
634 }
635
15fd0cd9 636 mutex_lock(&ppp_mutex);
1da177e4
LT		 637 ppp = PF_TO_PPP(pf);
638 switch (cmd) {
639 case PPPIOCSMRU:
640 if (get_user(val, p))
641 break;
642 ppp->mru = val;
643 err = 0;
644 break;
645
646 case PPPIOCSFLAGS:
647 if (get_user(val, p))
648 break;
649 ppp_lock(ppp);
650 cflags = ppp->flags & ~val;
651 ppp->flags = val & SC_FLAG_BITS;
652 ppp_unlock(ppp);
653 if (cflags & SC_CCP_OPEN)
654 ppp_ccp_closed(ppp);
655 err = 0;
656 break;
657
658 case PPPIOCGFLAGS:
659 val = ppp->flags | ppp->xstate | ppp->rstate;
660 if (put_user(val, p))
661 break;
662 err = 0;
663 break;
664
665 case PPPIOCSCOMPRESS:
666 err = ppp_set_compress(ppp, arg);
667 break;
668
669 case PPPIOCGUNIT:
670 if (put_user(ppp->file.index, p))
671 break;
672 err = 0;
673 break;
674
675 case PPPIOCSDEBUG:
676 if (get_user(val, p))
677 break;
678 ppp->debug = val;
679 err = 0;
680 break;
681
682 case PPPIOCGDEBUG:
683 if (put_user(ppp->debug, p))
684 break;
685 err = 0;
686 break;
687
688 case PPPIOCGIDLE:
689 idle.xmit_idle = (jiffies - ppp->last_xmit) / HZ;
690 idle.recv_idle = (jiffies - ppp->last_recv) / HZ;
691 if (copy_to_user(argp, &idle, sizeof(idle)))
692 break;
693 err = 0;
694 break;
695
696 case PPPIOCSMAXCID:
697 if (get_user(val, p))
698 break;
699 val2 = 15;
700 if ((val >> 16) != 0) {
701 val2 = val >> 16;
702 val &= 0xffff;
703 }
704 vj = slhc_init(val2+1, val+1);
cd228d54 705 if (!vj) {
1da177e4
LT		 706 printk(KERN_ERR "PPP: no memory (VJ compressor)\n");
707 err = -ENOMEM;
708 break;
709 }
710 ppp_lock(ppp);
cd228d54 711 if (ppp->vj)
1da177e4
LT		 712 slhc_free(ppp->vj);
713 ppp->vj = vj;
714 ppp_unlock(ppp);
715 err = 0;
716 break;
717
718 case PPPIOCGNPMODE:
719 case PPPIOCSNPMODE:
720 if (copy_from_user(&npi, argp, sizeof(npi)))
721 break;
722 err = proto_to_npindex(npi.protocol);
723 if (err < 0)
724 break;
725 i = err;
726 if (cmd == PPPIOCGNPMODE) {
727 err = -EFAULT;
728 npi.mode = ppp->npmode[i];
729 if (copy_to_user(argp, &npi, sizeof(npi)))
730 break;
731 } else {
732 ppp->npmode[i] = npi.mode;
733 /* we may be able to transmit more packets now (??) */
734 netif_wake_queue(ppp->dev);
735 }
736 err = 0;
737 break;
738
739#ifdef CONFIG_PPP_FILTER
740 case PPPIOCSPASS:
741 {
742 struct sock_filter *code;
743 err = get_filter(argp, &code);
744 if (err >= 0) {
745 ppp_lock(ppp);
746 kfree(ppp->pass_filter);
747 ppp->pass_filter = code;
748 ppp->pass_len = err;
749 ppp_unlock(ppp);
750 err = 0;
751 }
752 break;
753 }
754 case PPPIOCSACTIVE:
755 {
756 struct sock_filter *code;
757 err = get_filter(argp, &code);
758 if (err >= 0) {
759 ppp_lock(ppp);
760 kfree(ppp->active_filter);
761 ppp->active_filter = code;
762 ppp->active_len = err;
763 ppp_unlock(ppp);
764 err = 0;
765 }
766 break;
767 }
768#endif /* CONFIG_PPP_FILTER */
769
770#ifdef CONFIG_PPP_MULTILINK
771 case PPPIOCSMRRU:
772 if (get_user(val, p))
773 break;
774 ppp_recv_lock(ppp);
775 ppp->mrru = val;
776 ppp_recv_unlock(ppp);
777 err = 0;
778 break;
779#endif /* CONFIG_PPP_MULTILINK */
780
781 default:
782 err = -ENOTTY;
783 }
15fd0cd9 784 mutex_unlock(&ppp_mutex);
1da177e4
LT		 785 return err;
786}
787
273ec51d
CG		 788static int ppp_unattached_ioctl(struct net *net, struct ppp_file *pf,
789 struct file *file, unsigned int cmd, unsigned long arg)
1da177e4
LT		 790{
791 int unit, err = -EFAULT;
792 struct ppp *ppp;
793 struct channel *chan;
273ec51d 794 struct ppp_net *pn;
1da177e4
LT		 795 int __user *p = (int __user *)arg;
796
15fd0cd9 797 mutex_lock(&ppp_mutex);
1da177e4
LT		 798 switch (cmd) {
799 case PPPIOCNEWUNIT:
800 /* Create a new ppp unit */
801 if (get_user(unit, p))
802 break;
273ec51d 803 ppp = ppp_create_interface(net, unit, &err);
cd228d54 804 if (!ppp)
1da177e4
LT		 805 break;
806 file->private_data = &ppp->file;
807 ppp->owner = file;
808 err = -EFAULT;
809 if (put_user(ppp->file.index, p))
810 break;
811 err = 0;
812 break;
813
814 case PPPIOCATTACH:
815 /* Attach to an existing ppp unit */
816 if (get_user(unit, p))
817 break;
1da177e4 818 err = -ENXIO;
273ec51d
CG		 819 pn = ppp_pernet(net);
820 mutex_lock(&pn->all_ppp_mutex);
821 ppp = ppp_find_unit(pn, unit);
cd228d54 822 if (ppp) {
1da177e4
LT		 823 atomic_inc(&ppp->file.refcnt);
824 file->private_data = &ppp->file;
825 err = 0;
826 }
273ec51d 827 mutex_unlock(&pn->all_ppp_mutex);
1da177e4
LT		 828 break;
829
830 case PPPIOCATTCHAN:
831 if (get_user(unit, p))
832 break;
1da177e4 833 err = -ENXIO;
273ec51d
CG		 834 pn = ppp_pernet(net);
835 spin_lock_bh(&pn->all_channels_lock);
836 chan = ppp_find_channel(pn, unit);
cd228d54 837 if (chan) {
1da177e4
LT		 838 atomic_inc(&chan->file.refcnt);
839 file->private_data = &chan->file;
840 err = 0;
841 }
273ec51d 842 spin_unlock_bh(&pn->all_channels_lock);
1da177e4
LT		 843 break;
844
845 default:
846 err = -ENOTTY;
847 }
15fd0cd9 848 mutex_unlock(&ppp_mutex);
1da177e4
LT		 849 return err;
850}
851
d54b1fdb 852static const struct file_operations ppp_device_fops = {
1da177e4
LT		 853 .owner = THIS_MODULE,
854 .read = ppp_read,
855 .write = ppp_write,
856 .poll = ppp_poll,
f3ff8a4d 857 .unlocked_ioctl = ppp_ioctl,
1da177e4
LT		 858 .open = ppp_open,
859 .release = ppp_release
860};
861
273ec51d
CG		 862static __net_init int ppp_init_net(struct net *net)
863{
741a6fa2 864 struct ppp_net *pn = net_generic(net, ppp_net_id);
273ec51d
CG		 865
866 idr_init(&pn->units_idr);
867 mutex_init(&pn->all_ppp_mutex);
868
869 INIT_LIST_HEAD(&pn->all_channels);
870 INIT_LIST_HEAD(&pn->new_channels);
871
872 spin_lock_init(&pn->all_channels_lock);
873
273ec51d
CG		 874 return 0;
875}
876
877static __net_exit void ppp_exit_net(struct net *net)
878{
741a6fa2 879 struct ppp_net *pn = net_generic(net, ppp_net_id);
273ec51d 880
273ec51d 881 idr_destroy(&pn->units_idr);
273ec51d
CG		 882}
883
0012985d 884static struct pernet_operations ppp_net_ops = {
273ec51d
CG		 885 .init = ppp_init_net,
886 .exit = ppp_exit_net,
741a6fa2
EB		 887 .id = &ppp_net_id,
888 .size = sizeof(struct ppp_net),
273ec51d
CG		 889};
890
1da177e4
LT		 891#define PPP_MAJOR 108
892
893/* Called at boot time if ppp is compiled into the kernel,
894 or at module load time (from init_module) if compiled as a module. */
895static int __init ppp_init(void)
896{
897 int err;
898
899 printk(KERN_INFO "PPP generic driver version " PPP_VERSION "\n");
273ec51d 900
741a6fa2 901 err = register_pernet_device(&ppp_net_ops);
273ec51d
CG		 902 if (err) {
903 printk(KERN_ERR "failed to register PPP pernet device (%d)\n", err);
904 goto out;
1da177e4
LT		 905 }
906
273ec51d
CG		 907 err = register_chrdev(PPP_MAJOR, "ppp", &ppp_device_fops);
908 if (err) {
1da177e4 909 printk(KERN_ERR "failed to register PPP device (%d)\n", err);
273ec51d
CG		 910 goto out_net;
911 }
912
913 ppp_class = class_create(THIS_MODULE, "ppp");
914 if (IS_ERR(ppp_class)) {
915 err = PTR_ERR(ppp_class);
916 goto out_chrdev;
917 }
918
919 /* not a big deal if we fail here :-) */
920 device_create(ppp_class, NULL, MKDEV(PPP_MAJOR, 0), NULL, "ppp");
921
922 return 0;
1da177e4 923
1da177e4
LT		 924out_chrdev:
925 unregister_chrdev(PPP_MAJOR, "ppp");
273ec51d 926out_net:
741a6fa2 927 unregister_pernet_device(&ppp_net_ops);
273ec51d
CG		 928out:
929 return err;
1da177e4
LT		 930}
931
932/*
933 * Network interface unit routines.
934 */
424efe9c 935static netdev_tx_t
1da177e4
LT		 936ppp_start_xmit(struct sk_buff *skb, struct net_device *dev)
937{
c8019bf3 938 struct ppp *ppp = netdev_priv(dev);
1da177e4
LT		 939 int npi, proto;
940 unsigned char *pp;
941
942 npi = ethertype_to_npindex(ntohs(skb->protocol));
943 if (npi < 0)
944 goto outf;
945
946 /* Drop, accept or reject the packet */
947 switch (ppp->npmode[npi]) {
948 case NPMODE_PASS:
949 break;
950 case NPMODE_QUEUE:
951 /* it would be nice to have a way to tell the network
952 system to queue this one up for later. */
953 goto outf;
954 case NPMODE_DROP:
955 case NPMODE_ERROR:
956 goto outf;
957 }
958
959 /* Put the 2-byte PPP protocol number on the front,
960 making sure there is room for the address and control fields. */
7b797d5b
HX		 961 if (skb_cow_head(skb, PPP_HDRLEN))
962 goto outf;
963
1da177e4
LT		 964 pp = skb_push(skb, 2);
965 proto = npindex_to_proto[npi];
966 pp[0] = proto >> 8;
967 pp[1] = proto;
968
969 netif_stop_queue(dev);
970 skb_queue_tail(&ppp->file.xq, skb);
971 ppp_xmit_process(ppp);
6ed10654 972 return NETDEV_TX_OK;
1da177e4
LT		 973
974 outf:
975 kfree_skb(skb);
6ceffd47 976 ++dev->stats.tx_dropped;
6ed10654 977 return NETDEV_TX_OK;
1da177e4
LT		 978}
979
1da177e4
LT		 980static int
981ppp_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
982{
c8019bf3 983 struct ppp *ppp = netdev_priv(dev);
1da177e4
LT		 984 int err = -EFAULT;
985 void __user *addr = (void __user *) ifr->ifr_ifru.ifru_data;
986 struct ppp_stats stats;
987 struct ppp_comp_stats cstats;
988 char *vers;
989
990 switch (cmd) {
991 case SIOCGPPPSTATS:
992 ppp_get_stats(ppp, &stats);
993 if (copy_to_user(addr, &stats, sizeof(stats)))
994 break;
995 err = 0;
996 break;
997
998 case SIOCGPPPCSTATS:
999 memset(&cstats, 0, sizeof(cstats));
cd228d54 1000 if (ppp->xc_state)
1da177e4 1001 ppp->xcomp->comp_stat(ppp->xc_state, &cstats.c);
cd228d54 1002 if (ppp->rc_state)
1da177e4
LT		 1003 ppp->rcomp->decomp_stat(ppp->rc_state, &cstats.d);
1004 if (copy_to_user(addr, &cstats, sizeof(cstats)))
1005 break;
1006 err = 0;
1007 break;
1008
1009 case SIOCGPPPVER:
1010 vers = PPP_VERSION;
1011 if (copy_to_user(addr, vers, strlen(vers) + 1))
1012 break;
1013 err = 0;
1014 break;
1015
1016 default:
1017 err = -EINVAL;
1018 }
1019
1020 return err;
1021}
1022
52256cfc 1023static const struct net_device_ops ppp_netdev_ops = {
00829823
SH		 1024 .ndo_start_xmit = ppp_start_xmit,
1025 .ndo_do_ioctl = ppp_net_ioctl,
52256cfc
SH		 1026};
1027
1da177e4
LT		 1028static void ppp_setup(struct net_device *dev)
1029{
52256cfc 1030 dev->netdev_ops = &ppp_netdev_ops;
1da177e4
LT		 1031 dev->hard_header_len = PPP_HDRLEN;
1032 dev->mtu = PPP_MTU;
1033 dev->addr_len = 0;
1034 dev->tx_queue_len = 3;
1035 dev->type = ARPHRD_PPP;
1036 dev->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
273ec51d 1037 dev->features |= NETIF_F_NETNS_LOCAL;
8b2d850d 1038 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
1da177e4
LT		 1039}
1040
1041/*
1042 * Transmit-side routines.
1043 */
1044
1045/*
1046 * Called to do any work queued up on the transmit side
1047 * that can now be done.
1048 */
1049static void
1050ppp_xmit_process(struct ppp *ppp)
1051{
1052 struct sk_buff *skb;
1053
1054 ppp_xmit_lock(ppp);
739840d5 1055 if (!ppp->closing) {
1da177e4 1056 ppp_push(ppp);
8e95a202
JP		 1057 while (!ppp->xmit_pending &&
1058 (skb = skb_dequeue(&ppp->file.xq)))
1da177e4
LT		 1059 ppp_send_frame(ppp, skb);
1060 /* If there's no work left to do, tell the core net
1061 code that we can accept some more. */
cd228d54 1062 if (!ppp->xmit_pending && !skb_peek(&ppp->file.xq))
1da177e4
LT		 1063 netif_wake_queue(ppp->dev);
1064 }
1065 ppp_xmit_unlock(ppp);
1066}
1067
b3f9b92a
MD		 1068static inline struct sk_buff *
1069pad_compress_skb(struct ppp *ppp, struct sk_buff *skb)
1070{
1071 struct sk_buff *new_skb;
1072 int len;
1073 int new_skb_size = ppp->dev->mtu +
1074 ppp->xcomp->comp_extra + ppp->dev->hard_header_len;
1075 int compressor_skb_size = ppp->dev->mtu +
1076 ppp->xcomp->comp_extra + PPP_HDRLEN;
1077 new_skb = alloc_skb(new_skb_size, GFP_ATOMIC);
1078 if (!new_skb) {
1079 if (net_ratelimit())
1080 printk(KERN_ERR "PPP: no memory (comp pkt)\n");
1081 return NULL;
1082 }
1083 if (ppp->dev->hard_header_len > PPP_HDRLEN)
1084 skb_reserve(new_skb,
1085 ppp->dev->hard_header_len - PPP_HDRLEN);
1086
1087 /* compressor still expects A/C bytes in hdr */
1088 len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2,
1089 new_skb->data, skb->len + 2,
1090 compressor_skb_size);
1091 if (len > 0 && (ppp->flags & SC_CCP_UP)) {
1092 kfree_skb(skb);
1093 skb = new_skb;
1094 skb_put(skb, len);
1095 skb_pull(skb, 2); /* pull off A/C bytes */
1096 } else if (len == 0) {
1097 /* didn't compress, or CCP not up yet */
1098 kfree_skb(new_skb);
1099 new_skb = skb;
1100 } else {
1101 /*
1102 * (len < 0)
1103 * MPPE requires that we do not send unencrypted
1104 * frames. The compressor will return -1 if we
1105 * should drop the frame. We cannot simply test
1106 * the compress_proto because MPPE and MPPC share
1107 * the same number.
1108 */
1109 if (net_ratelimit())
1110 printk(KERN_ERR "ppp: compressor dropped pkt\n");
1111 kfree_skb(skb);
1112 kfree_skb(new_skb);
1113 new_skb = NULL;
1114 }
1115 return new_skb;
1116}
1117
1da177e4
LT		 1118/*
1119 * Compress and send a frame.
1120 * The caller should have locked the xmit path,
1121 * and xmit_pending should be 0.
1122 */
1123static void
1124ppp_send_frame(struct ppp *ppp, struct sk_buff *skb)
1125{
1126 int proto = PPP_PROTO(skb);
1127 struct sk_buff *new_skb;
1128 int len;
1129 unsigned char *cp;
1130
1131 if (proto < 0x8000) {
1132#ifdef CONFIG_PPP_FILTER
1133 /* check if we should pass this packet */
1134 /* the filter instructions are constructed assuming
1135 a four-byte PPP header on each packet */
1136 *skb_push(skb, 2) = 1;
8e95a202
JP		 1137 if (ppp->pass_filter &&
1138 sk_run_filter(skb, ppp->pass_filter,
1139 ppp->pass_len) == 0) {
1da177e4
LT		 1140 if (ppp->debug & 1)
1141 printk(KERN_DEBUG "PPP: outbound frame not passed\n");
1142 kfree_skb(skb);
1143 return;
1144 }
1145 /* if this packet passes the active filter, record the time */
8e95a202
JP		 1146 if (!(ppp->active_filter &&
1147 sk_run_filter(skb, ppp->active_filter,
1148 ppp->active_len) == 0))
1da177e4
LT		 1149 ppp->last_xmit = jiffies;
1150 skb_pull(skb, 2);
1151#else
1152 /* for data packets, record the time */
1153 ppp->last_xmit = jiffies;
1154#endif /* CONFIG_PPP_FILTER */
1155 }
1156
8c0469cd
PZ		 1157 ++ppp->dev->stats.tx_packets;
1158 ppp->dev->stats.tx_bytes += skb->len - 2;
1da177e4
LT		 1159
1160 switch (proto) {
1161 case PPP_IP:
cd228d54 1162 if (!ppp->vj || (ppp->flags & SC_COMP_TCP) == 0)
1da177e4
LT		 1163 break;
1164 /* try to do VJ TCP header compression */
1165 new_skb = alloc_skb(skb->len + ppp->dev->hard_header_len - 2,
1166 GFP_ATOMIC);
cd228d54 1167 if (!new_skb) {
1da177e4
LT		 1168 printk(KERN_ERR "PPP: no memory (VJ comp pkt)\n");
1169 goto drop;
1170 }
1171 skb_reserve(new_skb, ppp->dev->hard_header_len - 2);
1172 cp = skb->data + 2;
1173 len = slhc_compress(ppp->vj, cp, skb->len - 2,
1174 new_skb->data + 2, &cp,
1175 !(ppp->flags & SC_NO_TCP_CCID));
1176 if (cp == skb->data + 2) {
1177 /* didn't compress */
1178 kfree_skb(new_skb);
1179 } else {
1180 if (cp[0] & SL_TYPE_COMPRESSED_TCP) {
1181 proto = PPP_VJC_COMP;
1182 cp[0] &= ~SL_TYPE_COMPRESSED_TCP;
1183 } else {
1184 proto = PPP_VJC_UNCOMP;
1185 cp[0] = skb->data[2];
1186 }
1187 kfree_skb(skb);
1188 skb = new_skb;
1189 cp = skb_put(skb, len + 2);
1190 cp[0] = 0;
1191 cp[1] = proto;
1192 }
1193 break;
1194
1195 case PPP_CCP:
1196 /* peek at outbound CCP frames */
1197 ppp_ccp_peek(ppp, skb, 0);
1198 break;
1199 }
1200
1201 /* try to do packet compression */
8e95a202
JP		 1202 if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state &&
1203 proto != PPP_LCP && proto != PPP_CCP) {
b3f9b92a
MD		 1204 if (!(ppp->flags & SC_CCP_UP) && (ppp->flags & SC_MUST_COMP)) {
1205 if (net_ratelimit())
1206 printk(KERN_ERR "ppp: compression required but down - pkt dropped.\n");
1da177e4
LT		 1207 goto drop;
1208 }
b3f9b92a
MD		 1209 skb = pad_compress_skb(ppp, skb);
1210 if (!skb)
1211 goto drop;
1da177e4
LT		 1212 }
1213
1214 /*
1215 * If we are waiting for traffic (demand dialling),
1216 * queue it up for pppd to receive.
1217 */
1218 if (ppp->flags & SC_LOOP_TRAFFIC) {
1219 if (ppp->file.rq.qlen > PPP_MAX_RQLEN)
1220 goto drop;
1221 skb_queue_tail(&ppp->file.rq, skb);
1222 wake_up_interruptible(&ppp->file.rwait);
1223 return;
1224 }
1225
1226 ppp->xmit_pending = skb;
1227 ppp_push(ppp);
1228 return;
1229
1230 drop:
1d2f8c95 1231 kfree_skb(skb);
8c0469cd 1232 ++ppp->dev->stats.tx_errors;
1da177e4
LT		 1233}
1234
1235/*
1236 * Try to send the frame in xmit_pending.
1237 * The caller should have the xmit path locked.
1238 */
1239static void
1240ppp_push(struct ppp *ppp)
1241{
1242 struct list_head *list;
1243 struct channel *pch;
1244 struct sk_buff *skb = ppp->xmit_pending;
1245
cd228d54 1246 if (!skb)
1da177e4
LT		 1247 return;
1248
1249 list = &ppp->channels;
1250 if (list_empty(list)) {
1251 /* nowhere to send the packet, just drop it */
1252 ppp->xmit_pending = NULL;
1253 kfree_skb(skb);
1254 return;
1255 }
1256
1257 if ((ppp->flags & SC_MULTILINK) == 0) {
1258 /* not doing multilink: send it down the first channel */
1259 list = list->next;
1260 pch = list_entry(list, struct channel, clist);
1261
1262 spin_lock_bh(&pch->downl);
1263 if (pch->chan) {
1264 if (pch->chan->ops->start_xmit(pch->chan, skb))
1265 ppp->xmit_pending = NULL;
1266 } else {
1267 /* channel got unregistered */
1268 kfree_skb(skb);
1269 ppp->xmit_pending = NULL;
1270 }
1271 spin_unlock_bh(&pch->downl);
1272 return;
1273 }
1274
1275#ifdef CONFIG_PPP_MULTILINK
1276 /* Multilink: fragment the packet over as many links
1277 as can take the packet at the moment. */
1278 if (!ppp_mp_explode(ppp, skb))
1279 return;
1280#endif /* CONFIG_PPP_MULTILINK */
1281
1282 ppp->xmit_pending = NULL;
1283 kfree_skb(skb);
1284}
1285
1286#ifdef CONFIG_PPP_MULTILINK
1287/*
1288 * Divide a packet to be transmitted into fragments and
1289 * send them out the individual links.
1290 */
1291static int ppp_mp_explode(struct ppp *ppp, struct sk_buff *skb)
1292{
fa44a73c
LS		 1293 int len, totlen;
1294 int i, bits, hdrlen, mtu;
1295 int flen;
1296 int navail, nfree, nzero;
1297 int nbigger;
1298 int totspeed;
1299 int totfree;
1da177e4
LT		 1300 unsigned char *p, *q;
1301 struct list_head *list;
1302 struct channel *pch;
1303 struct sk_buff *frag;
1304 struct ppp_channel *chan;
1305
9c705260 1306 totspeed = 0; /*total bitrate of the bundle*/
fa44a73c
LS		 1307 nfree = 0; /* # channels which have no packet already queued */
1308 navail = 0; /* total # of usable channels (not deregistered) */
1309 nzero = 0; /* number of channels with zero speed associated*/
1310 totfree = 0; /*total # of channels available and
9c705260
GP		 1311 *having no queued packets before
1312 *starting the fragmentation*/
1313
1da177e4 1314 hdrlen = (ppp->flags & SC_MP_XSHORTSEQ)? MPHDRLEN_SSN: MPHDRLEN;
fa44a73c
LS		 1315 i = 0;
1316 list_for_each_entry(pch, &ppp->channels, clist) {
516cd15f 1317 navail += pch->avail = (pch->chan != NULL);
9c705260 1318 pch->speed = pch->chan->speed;
fa44a73c 1319 if (pch->avail) {
b03efcfb 1320 if (skb_queue_empty(&pch->file.xq) ||
fa44a73c 1321 !pch->had_frag) {
9c705260
GP		 1322 if (pch->speed == 0)
1323 nzero++;
1324 else
1325 totspeed += pch->speed;
1326
1327 pch->avail = 2;
1328 ++nfree;
1329 ++totfree;
1330 }
fa44a73c
LS		 1331 if (!pch->had_frag && i < ppp->nxchan)
1332 ppp->nxchan = i;
1da177e4 1333 }
516cd15f 1334 ++i;
1da177e4 1335 }
516cd15f 1336 /*
fa44a73c
LS		 1337 * Don't start sending this packet unless at least half of
1338 * the channels are free. This gives much better TCP
1339 * performance if we have a lot of channels.
516cd15f 1340 */
fa44a73c
LS		 1341 if (nfree == 0 || nfree < navail / 2)
1342 return 0; /* can't take now, leave it in xmit_pending */
1da177e4
LT		 1343
1344 /* Do protocol field compression (XXX this should be optional) */
fa44a73c
LS		 1345 p = skb->data;
1346 len = skb->len;
1da177e4
LT		 1347 if (*p == 0) {
1348 ++p;
1349 --len;
1350 }
1351
9c705260 1352 totlen = len;
fa44a73c 1353 nbigger = len % nfree;
9c705260 1354
fa44a73c
LS		 1355 /* skip to the channel after the one we last used
1356 and start at that one */
81616c5a 1357 list = &ppp->channels;
fa44a73c 1358 for (i = 0; i < ppp->nxchan; ++i) {
1da177e4 1359 list = list->next;
fa44a73c
LS		 1360 if (list == &ppp->channels) {
1361 i = 0;
1da177e4
LT		 1362 break;
1363 }
1364 }
1365
fa44a73c 1366 /* create a fragment for each channel */
1da177e4 1367 bits = B;
fa44a73c 1368 while (len > 0) {
1da177e4 1369 list = list->next;
fa44a73c
LS		 1370 if (list == &ppp->channels) {
1371 i = 0;
1da177e4
LT		 1372 continue;
1373 }
fa44a73c 1374 pch = list_entry(list, struct channel, clist);
1da177e4
LT		 1375 ++i;
1376 if (!pch->avail)
1377 continue;
1378
516cd15f 1379 /*
fa44a73c
LS		 1380 * Skip this channel if it has a fragment pending already and
1381 * we haven't given a fragment to all of the free channels.
516cd15f
PM		 1382 */
1383 if (pch->avail == 1) {
fa44a73c 1384 if (nfree > 0)
516cd15f
PM		 1385 continue;
1386 } else {
516cd15f
PM		 1387 pch->avail = 1;
1388 }
1389
1da177e4
LT		 1390 /* check the channel's mtu and whether it is still attached. */
1391 spin_lock_bh(&pch->downl);
516cd15f 1392 if (pch->chan == NULL) {
fa44a73c 1393 /* can't use this channel, it's being deregistered */
9c705260
GP		 1394 if (pch->speed == 0)
1395 nzero--;
1396 else
fa44a73c 1397 totspeed -= pch->speed;
9c705260 1398
1da177e4
LT		 1399 spin_unlock_bh(&pch->downl);
1400 pch->avail = 0;
9c705260
GP		 1401 totlen = len;
1402 totfree--;
1403 nfree--;
fa44a73c 1404 if (--navail == 0)
1da177e4
LT		 1405 break;
1406 continue;
1407 }
1408
1409 /*
9c705260 1410 *if the channel speed is not set divide
fa44a73c 1411 *the packet evenly among the free channels;
9c705260
GP		 1412 *otherwise divide it according to the speed
1413 *of the channel we are going to transmit on
1414 */
886f9fe6 1415 flen = len;
a53a8b56
BM		 1416 if (nfree > 0) {
1417 if (pch->speed == 0) {
536e00e5 1418 flen = len/nfree;
a53a8b56
BM		 1419 if (nbigger > 0) {
1420 flen++;
1421 nbigger--;
1422 }
1423 } else {
1424 flen = (((totfree - nzero)*(totlen + hdrlen*totfree)) /
1425 ((totspeed*totfree)/pch->speed)) - hdrlen;
1426 if (nbigger > 0) {
1427 flen += ((totfree - nzero)*pch->speed)/totspeed;
1428 nbigger -= ((totfree - nzero)*pch->speed)/
9c705260 1429 totspeed;
a53a8b56 1430 }
9c705260 1431 }
a53a8b56 1432 nfree--;
9c705260 1433 }
9c705260
GP		 1434
1435 /*
fa44a73c
LS		 1436 *check if we are on the last channel or
1437 *we exceded the lenght of the data to
9c705260
GP		 1438 *fragment
1439 */
a53a8b56 1440 if ((nfree <= 0) || (flen > len))
9c705260
GP		 1441 flen = len;
1442 /*
1443 *it is not worth to tx on slow channels:
1444 *in that case from the resulting flen according to the
1445 *above formula will be equal or less than zero.
1446 *Skip the channel in this case
1da177e4 1447 */
fa44a73c 1448 if (flen <= 0) {
9c705260
GP		 1449 pch->avail = 2;
1450 spin_unlock_bh(&pch->downl);
1451 continue;
1452 }
1453
fa44a73c
LS		 1454 mtu = pch->chan->mtu - hdrlen;
1455 if (mtu < 4)
1456 mtu = 4;
516cd15f
PM		 1457 if (flen > mtu)
1458 flen = mtu;
fa44a73c
LS		 1459 if (flen == len)
1460 bits |= E;
1461 frag = alloc_skb(flen + hdrlen + (flen == 0), GFP_ATOMIC);
cd228d54 1462 if (!frag)
516cd15f 1463 goto noskb;
fa44a73c 1464 q = skb_put(frag, flen + hdrlen);
516cd15f 1465
fa44a73c 1466 /* make the MP header */
516cd15f
PM		 1467 q[0] = PPP_MP >> 8;
1468 q[1] = PPP_MP;
1469 if (ppp->flags & SC_MP_XSHORTSEQ) {
fa44a73c 1470 q[2] = bits + ((ppp->nxseq >> 8) & 0xf);
516cd15f
PM		 1471 q[3] = ppp->nxseq;
1472 } else {
1473 q[2] = bits;
1474 q[3] = ppp->nxseq >> 16;
1475 q[4] = ppp->nxseq >> 8;
1476 q[5] = ppp->nxseq;
1da177e4 1477 }
516cd15f 1478
9c705260 1479 memcpy(q + hdrlen, p, flen);
516cd15f
PM		 1480
1481 /* try to send it down the channel */
1482 chan = pch->chan;
fa44a73c 1483 if (!skb_queue_empty(&pch->file.xq) ||
9c705260 1484 !chan->ops->start_xmit(chan, frag))
516cd15f 1485 skb_queue_tail(&pch->file.xq, frag);
fa44a73c 1486 pch->had_frag = 1;
516cd15f 1487 p += flen;
fa44a73c 1488 len -= flen;
516cd15f
PM		 1489 ++ppp->nxseq;
1490 bits = 0;
1da177e4 1491 spin_unlock_bh(&pch->downl);
516cd15f 1492 }
fa44a73c 1493 ppp->nxchan = i;
1da177e4
LT		 1494
1495 return 1;
1496
1497 noskb:
1498 spin_unlock_bh(&pch->downl);
1499 if (ppp->debug & 1)
fa44a73c 1500 printk(KERN_ERR "PPP: no memory (fragment)\n");
8c0469cd 1501 ++ppp->dev->stats.tx_errors;
1da177e4
LT		 1502 ++ppp->nxseq;
1503 return 1; /* abandon the frame */
1504}
1505#endif /* CONFIG_PPP_MULTILINK */
1506
1507/*
1508 * Try to send data out on a channel.
1509 */
1510static void
1511ppp_channel_push(struct channel *pch)
1512{
1513 struct sk_buff *skb;
1514 struct ppp *ppp;
1515
1516 spin_lock_bh(&pch->downl);
cd228d54 1517 if (pch->chan) {
b03efcfb 1518 while (!skb_queue_empty(&pch->file.xq)) {
1da177e4
LT		 1519 skb = skb_dequeue(&pch->file.xq);
1520 if (!pch->chan->ops->start_xmit(pch->chan, skb)) {
1521 /* put the packet back and try again later */
1522 skb_queue_head(&pch->file.xq, skb);
1523 break;
1524 }
1525 }
1526 } else {
1527 /* channel got deregistered */
1528 skb_queue_purge(&pch->file.xq);
1529 }
1530 spin_unlock_bh(&pch->downl);
1531 /* see if there is anything from the attached unit to be sent */
b03efcfb 1532 if (skb_queue_empty(&pch->file.xq)) {
1da177e4
LT		 1533 read_lock_bh(&pch->upl);
1534 ppp = pch->ppp;
cd228d54 1535 if (ppp)
1da177e4
LT		 1536 ppp_xmit_process(ppp);
1537 read_unlock_bh(&pch->upl);
1538 }
1539}
1540
1541/*
1542 * Receive-side routines.
1543 */
1544
1545/* misuse a few fields of the skb for MP reconstruction */
1546#define sequence priority
1547#define BEbits cb[0]
1548
1549static inline void
1550ppp_do_recv(struct ppp *ppp, struct sk_buff *skb, struct channel *pch)
1551{
1552 ppp_recv_lock(ppp);
739840d5 1553 if (!ppp->closing)
1da177e4
LT		 1554 ppp_receive_frame(ppp, skb, pch);
1555 else
1556 kfree_skb(skb);
1557 ppp_recv_unlock(ppp);
1558}
1559
1560void
1561ppp_input(struct ppp_channel *chan, struct sk_buff *skb)
1562{
1563 struct channel *pch = chan->ppp;
1564 int proto;
1565
ea8420e9 1566 if (!pch) {
1da177e4
LT		 1567 kfree_skb(skb);
1568 return;
1569 }
516cd15f 1570
1da177e4 1571 read_lock_bh(&pch->upl);
ea8420e9
SA		 1572 if (!pskb_may_pull(skb, 2)) {
1573 kfree_skb(skb);
1574 if (pch->ppp) {
1575 ++pch->ppp->dev->stats.rx_length_errors;
1576 ppp_receive_error(pch->ppp);
1577 }
1578 goto done;
1579 }
1580
1581 proto = PPP_PROTO(skb);
cd228d54 1582 if (!pch->ppp || proto >= 0xc000 || proto == PPP_CCPFRAG) {
1da177e4
LT		 1583 /* put it on the channel queue */
1584 skb_queue_tail(&pch->file.rq, skb);
1585 /* drop old frames if queue too long */
8e95a202
JP		 1586 while (pch->file.rq.qlen > PPP_MAX_RQLEN &&
1587 (skb = skb_dequeue(&pch->file.rq)))
1da177e4
LT		 1588 kfree_skb(skb);
1589 wake_up_interruptible(&pch->file.rwait);
1590 } else {
1591 ppp_do_recv(pch->ppp, skb, pch);
1592 }
ea8420e9
SA		 1593
1594done:
1da177e4
LT		 1595 read_unlock_bh(&pch->upl);
1596}
1597
1598/* Put a 0-length skb in the receive queue as an error indication */
1599void
1600ppp_input_error(struct ppp_channel *chan, int code)
1601{
1602 struct channel *pch = chan->ppp;
1603 struct sk_buff *skb;
1604
cd228d54 1605 if (!pch)
1da177e4
LT		 1606 return;
1607
1608 read_lock_bh(&pch->upl);
cd228d54 1609 if (pch->ppp) {
1da177e4 1610 skb = alloc_skb(0, GFP_ATOMIC);
cd228d54 1611 if (skb) {
1da177e4
LT		 1612 skb->len = 0; /* probably unnecessary */
1613 skb->cb[0] = code;
1614 ppp_do_recv(pch->ppp, skb, pch);
1615 }
1616 }
1617 read_unlock_bh(&pch->upl);
1618}
1619
1620/*
1621 * We come in here to process a received frame.
1622 * The receive side of the ppp unit is locked.
1623 */
1624static void
1625ppp_receive_frame(struct ppp *ppp, struct sk_buff *skb, struct channel *pch)
1626{
ea8420e9
SA		 1627 /* note: a 0-length skb is used as an error indication */
1628 if (skb->len > 0) {
1da177e4
LT		 1629#ifdef CONFIG_PPP_MULTILINK
1630 /* XXX do channel-level decompression here */
1631 if (PPP_PROTO(skb) == PPP_MP)
1632 ppp_receive_mp_frame(ppp, skb, pch);
1633 else
1634#endif /* CONFIG_PPP_MULTILINK */
1635 ppp_receive_nonmp_frame(ppp, skb);
ea8420e9
SA		 1636 } else {
1637 kfree_skb(skb);
1638 ppp_receive_error(ppp);
1da177e4 1639 }
1da177e4
LT		 1640}
1641
1642static void
1643ppp_receive_error(struct ppp *ppp)
1644{
8c0469cd 1645 ++ppp->dev->stats.rx_errors;
cd228d54 1646 if (ppp->vj)
1da177e4
LT		 1647 slhc_toss(ppp->vj);
1648}
1649
1650static void
1651ppp_receive_nonmp_frame(struct ppp *ppp, struct sk_buff *skb)
1652{
1653 struct sk_buff *ns;
1654 int proto, len, npi;
1655
1656 /*
1657 * Decompress the frame, if compressed.
1658 * Note that some decompressors need to see uncompressed frames
1659 * that come in as well as compressed frames.
1660 */
8e95a202
JP		 1661 if (ppp->rc_state && (ppp->rstate & SC_DECOMP_RUN) &&
1662 (ppp->rstate & (SC_DC_FERROR | SC_DC_ERROR)) == 0)
1da177e4
LT		 1663 skb = ppp_decompress_frame(ppp, skb);
1664
b3f9b92a
MD		 1665 if (ppp->flags & SC_MUST_COMP && ppp->rstate & SC_DC_FERROR)
1666 goto err;
1667
1da177e4
LT		 1668 proto = PPP_PROTO(skb);
1669 switch (proto) {
1670 case PPP_VJC_COMP:
1671 /* decompress VJ compressed packets */
cd228d54 1672 if (!ppp->vj || (ppp->flags & SC_REJ_COMP_TCP))
1da177e4
LT		 1673 goto err;
1674
2a38b775 1675 if (skb_tailroom(skb) < 124 || skb_cloned(skb)) {
1da177e4
LT		 1676 /* copy to a new sk_buff with more tailroom */
1677 ns = dev_alloc_skb(skb->len + 128);
cd228d54 1678 if (!ns) {
1da177e4
LT		 1679 printk(KERN_ERR"PPP: no memory (VJ decomp)\n");
1680 goto err;
1681 }
1682 skb_reserve(ns, 2);
1683 skb_copy_bits(skb, 0, skb_put(ns, skb->len), skb->len);
1684 kfree_skb(skb);
1685 skb = ns;
1686 }
e3f749c4
HX		 1687 else
1688 skb->ip_summed = CHECKSUM_NONE;
1da177e4
LT		 1689
1690 len = slhc_uncompress(ppp->vj, skb->data + 2, skb->len - 2);
1691 if (len <= 0) {
1692 printk(KERN_DEBUG "PPP: VJ decompression error\n");
1693 goto err;
1694 }
1695 len += 2;
1696 if (len > skb->len)
1697 skb_put(skb, len - skb->len);
1698 else if (len < skb->len)
1699 skb_trim(skb, len);
1700 proto = PPP_IP;
1701 break;
1702
1703 case PPP_VJC_UNCOMP:
cd228d54 1704 if (!ppp->vj || (ppp->flags & SC_REJ_COMP_TCP))
1da177e4 1705 goto err;
6aa20a22 1706
1da177e4
LT		 1707 /* Until we fix the decompressor need to make sure
1708 * data portion is linear.
1709 */
6aa20a22 1710 if (!pskb_may_pull(skb, skb->len))
1da177e4
LT		 1711 goto err;
1712
1713 if (slhc_remember(ppp->vj, skb->data + 2, skb->len - 2) <= 0) {
1714 printk(KERN_ERR "PPP: VJ uncompressed error\n");
1715 goto err;
1716 }
1717 proto = PPP_IP;
1718 break;
1719
1720 case PPP_CCP:
1721 ppp_ccp_peek(ppp, skb, 1);
1722 break;
1723 }
1724
8c0469cd
PZ		 1725 ++ppp->dev->stats.rx_packets;
1726 ppp->dev->stats.rx_bytes += skb->len - 2;
1da177e4
LT		 1727
1728 npi = proto_to_npindex(proto);
1729 if (npi < 0) {
1730 /* control or unknown frame - pass it to pppd */
1731 skb_queue_tail(&ppp->file.rq, skb);
1732 /* limit queue length by dropping old frames */
8e95a202
JP		 1733 while (ppp->file.rq.qlen > PPP_MAX_RQLEN &&
1734 (skb = skb_dequeue(&ppp->file.rq)))
1da177e4
LT		 1735 kfree_skb(skb);
1736 /* wake up any process polling or blocking on read */
1737 wake_up_interruptible(&ppp->file.rwait);
1738
1739 } else {
1740 /* network protocol frame - give it to the kernel */
1741
1742#ifdef CONFIG_PPP_FILTER
1743 /* check if the packet passes the pass and active filters */
1744 /* the filter instructions are constructed assuming
1745 a four-byte PPP header on each packet */
2a38b775
HX		 1746 if (ppp->pass_filter || ppp->active_filter) {
1747 if (skb_cloned(skb) &&
1748 pskb_expand_head(skb, 0, 0, GFP_ATOMIC))
1749 goto err;
1750
1751 *skb_push(skb, 2) = 0;
8e95a202
JP		 1752 if (ppp->pass_filter &&
1753 sk_run_filter(skb, ppp->pass_filter,
1754 ppp->pass_len) == 0) {
2a38b775
HX		 1755 if (ppp->debug & 1)
1756 printk(KERN_DEBUG "PPP: inbound frame "
1757 "not passed\n");
1758 kfree_skb(skb);
1759 return;
1760 }
8e95a202
JP		 1761 if (!(ppp->active_filter &&
1762 sk_run_filter(skb, ppp->active_filter,
1763 ppp->active_len) == 0))
2a38b775
HX		 1764 ppp->last_recv = jiffies;
1765 __skb_pull(skb, 2);
1766 } else
1da177e4 1767#endif /* CONFIG_PPP_FILTER */
2a38b775 1768 ppp->last_recv = jiffies;
1da177e4 1769
8e95a202
JP		 1770 if ((ppp->dev->flags & IFF_UP) == 0 ||
1771 ppp->npmode[npi] != NPMODE_PASS) {
1da177e4
LT		 1772 kfree_skb(skb);
1773 } else {
cbb042f9
HX		 1774 /* chop off protocol */
1775 skb_pull_rcsum(skb, 2);
1da177e4
LT		 1776 skb->dev = ppp->dev;
1777 skb->protocol = htons(npindex_to_ethertype[npi]);
459a98ed 1778 skb_reset_mac_header(skb);
1da177e4 1779 netif_rx(skb);
1da177e4
LT		 1780 }
1781 }
1782 return;
1783
1784 err:
1785 kfree_skb(skb);
1786 ppp_receive_error(ppp);
1787}
1788
1789static struct sk_buff *
1790ppp_decompress_frame(struct ppp *ppp, struct sk_buff *skb)
1791{
1792 int proto = PPP_PROTO(skb);
1793 struct sk_buff *ns;
1794 int len;
1795
1796 /* Until we fix all the decompressor's need to make sure
1797 * data portion is linear.
1798 */
1799 if (!pskb_may_pull(skb, skb->len))
1800 goto err;
1801
1802 if (proto == PPP_COMP) {
4b2a8fb3
KS		 1803 int obuff_size;
1804
1805 switch(ppp->rcomp->compress_proto) {
1806 case CI_MPPE:
1807 obuff_size = ppp->mru + PPP_HDRLEN + 1;
1808 break;
1809 default:
1810 obuff_size = ppp->mru + PPP_HDRLEN;
1811 break;
1812 }
1813
1814 ns = dev_alloc_skb(obuff_size);
cd228d54 1815 if (!ns) {
1da177e4
LT		 1816 printk(KERN_ERR "ppp_decompress_frame: no memory\n");
1817 goto err;
1818 }
1819 /* the decompressor still expects the A/C bytes in the hdr */
1820 len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2,
06c7af56 1821 skb->len + 2, ns->data, obuff_size);
1da177e4
LT		 1822 if (len < 0) {
1823 /* Pass the compressed frame to pppd as an
1824 error indication. */
1825 if (len == DECOMP_FATALERROR)
1826 ppp->rstate |= SC_DC_FERROR;
1827 kfree_skb(ns);
1828 goto err;
1829 }
1830
1831 kfree_skb(skb);
1832 skb = ns;
1833 skb_put(skb, len);
1834 skb_pull(skb, 2); /* pull off the A/C bytes */
1835
1836 } else {
1837 /* Uncompressed frame - pass to decompressor so it
1838 can update its dictionary if necessary. */
1839 if (ppp->rcomp->incomp)
1840 ppp->rcomp->incomp(ppp->rc_state, skb->data - 2,
1841 skb->len + 2);
1842 }
1843
1844 return skb;
1845
1846 err:
1847 ppp->rstate |= SC_DC_ERROR;
1848 ppp_receive_error(ppp);
1849 return skb;
1850}
1851
1852#ifdef CONFIG_PPP_MULTILINK
1853/*
1854 * Receive a multilink frame.
1855 * We put it on the reconstruction queue and then pull off
1856 * as many completed frames as we can.
1857 */
1858static void
1859ppp_receive_mp_frame(struct ppp *ppp, struct sk_buff *skb, struct channel *pch)
1860{
1861 u32 mask, seq;
81616c5a 1862 struct channel *ch;
1da177e4
LT		 1863 int mphdrlen = (ppp->flags & SC_MP_SHORTSEQ)? MPHDRLEN_SSN: MPHDRLEN;
1864
2a38b775 1865 if (!pskb_may_pull(skb, mphdrlen + 1) || ppp->mrru == 0)
1da177e4
LT		 1866 goto err; /* no good, throw it away */
1867
1868 /* Decode sequence number and begin/end bits */
1869 if (ppp->flags & SC_MP_SHORTSEQ) {
1870 seq = ((skb->data[2] & 0x0f) << 8) | skb->data[3];
1871 mask = 0xfff;
1872 } else {
1873 seq = (skb->data[3] << 16) | (skb->data[4] << 8)| skb->data[5];
1874 mask = 0xffffff;
1875 }
1876 skb->BEbits = skb->data[2];
1877 skb_pull(skb, mphdrlen); /* pull off PPP and MP headers */
1878
1879 /*
1880 * Do protocol ID decompression on the first fragment of each packet.
1881 */
1882 if ((skb->BEbits & B) && (skb->data[0] & 1))
1883 *skb_push(skb, 1) = 0;
1884
1885 /*
1886 * Expand sequence number to 32 bits, making it as close
1887 * as possible to ppp->minseq.
1888 */
1889 seq |= ppp->minseq & ~mask;
1890 if ((int)(ppp->minseq - seq) > (int)(mask >> 1))
1891 seq += mask + 1;
1892 else if ((int)(seq - ppp->minseq) > (int)(mask >> 1))
1893 seq -= mask + 1; /* should never happen */
1894 skb->sequence = seq;
1895 pch->lastseq = seq;
1896
1897 /*
1898 * If this packet comes before the next one we were expecting,
1899 * drop it.
1900 */
1901 if (seq_before(seq, ppp->nextseq)) {
1902 kfree_skb(skb);
8c0469cd 1903 ++ppp->dev->stats.rx_dropped;
1da177e4
LT		 1904 ppp_receive_error(ppp);
1905 return;
1906 }
1907
1908 /*
1909 * Reevaluate minseq, the minimum over all channels of the
1910 * last sequence number received on each channel. Because of
1911 * the increasing sequence number rule, we know that any fragment
1912 * before `minseq' which hasn't arrived is never going to arrive.
1913 * The list of channels can't change because we have the receive
1914 * side of the ppp unit locked.
1915 */
81616c5a 1916 list_for_each_entry(ch, &ppp->channels, clist) {
1da177e4
LT		 1917 if (seq_before(ch->lastseq, seq))
1918 seq = ch->lastseq;
1919 }
1920 if (seq_before(ppp->minseq, seq))
1921 ppp->minseq = seq;
1922
1923 /* Put the fragment on the reconstruction queue */
1924 ppp_mp_insert(ppp, skb);
1925
1926 /* If the queue is getting long, don't wait any longer for packets
1927 before the start of the queue. */
38ce7c73 1928 if (skb_queue_len(&ppp->mrq) >= PPP_MP_MAX_QLEN) {
c6b20d94 1929 struct sk_buff *mskb = skb_peek(&ppp->mrq);
1930 if (seq_before(ppp->minseq, mskb->sequence))
1931 ppp->minseq = mskb->sequence;
38ce7c73 1932 }
1da177e4
LT		 1933
1934 /* Pull completed packets off the queue and receive them. */
82b3cc1a
BM		 1935 while ((skb = ppp_mp_reconstruct(ppp))) {
1936 if (pskb_may_pull(skb, 2))
1937 ppp_receive_nonmp_frame(ppp, skb);
1938 else {
1939 ++ppp->dev->stats.rx_length_errors;
1940 kfree_skb(skb);
1941 ppp_receive_error(ppp);
1942 }
1943 }
1da177e4
LT		 1944
1945 return;
1946
1947 err:
1948 kfree_skb(skb);
1949 ppp_receive_error(ppp);
1950}
1951
1952/*
1953 * Insert a fragment on the MP reconstruction queue.
1954 * The queue is ordered by increasing sequence number.
1955 */
1956static void
1957ppp_mp_insert(struct ppp *ppp, struct sk_buff *skb)
1958{
1959 struct sk_buff *p;
1960 struct sk_buff_head *list = &ppp->mrq;
1961 u32 seq = skb->sequence;
1962
1963 /* N.B. we don't need to lock the list lock because we have the
1964 ppp unit receive-side lock. */
13c9821e 1965 skb_queue_walk(list, p) {
1da177e4
LT		 1966 if (seq_before(seq, p->sequence))
1967 break;
13c9821e 1968 }
43f59c89 1969 __skb_queue_before(list, p, skb);
1da177e4
LT		 1970}
1971
1972/*
1973 * Reconstruct a packet from the MP fragment queue.
1974 * We go through increasing sequence numbers until we find a
1975 * complete packet, or we get to the sequence number for a fragment
1976 * which hasn't arrived but might still do so.
1977 */
3c582b30 1978static struct sk_buff *
1da177e4
LT		 1979ppp_mp_reconstruct(struct ppp *ppp)
1980{
1981 u32 seq = ppp->nextseq;
1982 u32 minseq = ppp->minseq;
1983 struct sk_buff_head *list = &ppp->mrq;
1984 struct sk_buff *p, *next;
1985 struct sk_buff *head, *tail;
1986 struct sk_buff *skb = NULL;
1987 int lost = 0, len = 0;
1988
1989 if (ppp->mrru == 0) /* do nothing until mrru is set */
1990 return NULL;
1991 head = list->next;
1992 tail = NULL;
1993 for (p = head; p != (struct sk_buff *) list; p = next) {
1994 next = p->next;
1995 if (seq_before(p->sequence, seq)) {
1996 /* this can't happen, anyway ignore the skb */
1997 printk(KERN_ERR "ppp_mp_reconstruct bad seq %u < %u\n",
1998 p->sequence, seq);
1999 head = next;
2000 continue;
2001 }
2002 if (p->sequence != seq) {
2003 /* Fragment `seq' is missing. If it is after
2004 minseq, it might arrive later, so stop here. */
2005 if (seq_after(seq, minseq))
2006 break;
2007 /* Fragment `seq' is lost, keep going. */
2008 lost = 1;
2009 seq = seq_before(minseq, p->sequence)?
2010 minseq + 1: p->sequence;
2011 next = p;
2012 continue;
2013 }
2014
2015 /*
2016 * At this point we know that all the fragments from
2017 * ppp->nextseq to seq are either present or lost.
2018 * Also, there are no complete packets in the queue
2019 * that have no missing fragments and end before this
2020 * fragment.
2021 */
2022
2023 /* B bit set indicates this fragment starts a packet */
2024 if (p->BEbits & B) {
2025 head = p;
2026 lost = 0;
2027 len = 0;
2028 }
2029
2030 len += p->len;
2031
2032 /* Got a complete packet yet? */
2033 if (lost == 0 && (p->BEbits & E) && (head->BEbits & B)) {
2034 if (len > ppp->mrru + 2) {
8c0469cd 2035 ++ppp->dev->stats.rx_length_errors;
1da177e4
LT		 2036 printk(KERN_DEBUG "PPP: reconstructed packet"
2037 " is too long (%d)\n", len);
2038 } else if (p == head) {
2039 /* fragment is complete packet - reuse skb */
2040 tail = p;
2041 skb = skb_get(p);
2042 break;
2043 } else if ((skb = dev_alloc_skb(len)) == NULL) {
8c0469cd 2044 ++ppp->dev->stats.rx_missed_errors;
1da177e4
LT		 2045 printk(KERN_DEBUG "PPP: no memory for "
2046 "reconstructed packet");
2047 } else {
2048 tail = p;
2049 break;
2050 }
2051 ppp->nextseq = seq + 1;
2052 }
2053
2054 /*
2055 * If this is the ending fragment of a packet,
2056 * and we haven't found a complete valid packet yet,
2057 * we can discard up to and including this fragment.
2058 */
2059 if (p->BEbits & E)
2060 head = next;
2061
2062 ++seq;
2063 }
2064
2065 /* If we have a complete packet, copy it all into one skb. */
2066 if (tail != NULL) {
2067 /* If we have discarded any fragments,
2068 signal a receive error. */
2069 if (head->sequence != ppp->nextseq) {
2070 if (ppp->debug & 1)
2071 printk(KERN_DEBUG " missed pkts %u..%u\n",
2072 ppp->nextseq, head->sequence-1);
8c0469cd 2073 ++ppp->dev->stats.rx_dropped;
1da177e4
LT		 2074 ppp_receive_error(ppp);
2075 }
2076
2077 if (head != tail)
2078 /* copy to a single skb */
2079 for (p = head; p != tail->next; p = p->next)
2080 skb_copy_bits(p, 0, skb_put(skb, p->len), p->len);
2081 ppp->nextseq = tail->sequence + 1;
2082 head = tail->next;
2083 }
2084
2085 /* Discard all the skbuffs that we have copied the data out of
2086 or that we can't use. */
2087 while ((p = list->next) != head) {
2088 __skb_unlink(p, list);
2089 kfree_skb(p);
2090 }
2091
2092 return skb;
2093}
2094#endif /* CONFIG_PPP_MULTILINK */
2095
2096/*
2097 * Channel interface.
2098 */
2099
273ec51d
CG		 2100/* Create a new, unattached ppp channel. */
2101int ppp_register_channel(struct ppp_channel *chan)
2102{
2103 return ppp_register_net_channel(current->nsproxy->net_ns, chan);
2104}
2105
2106/* Create a new, unattached ppp channel for specified net. */
2107int ppp_register_net_channel(struct net *net, struct ppp_channel *chan)
1da177e4
LT		 2108{
2109 struct channel *pch;
273ec51d 2110 struct ppp_net *pn;
1da177e4 2111
d4274b51 2112 pch = kzalloc(sizeof(struct channel), GFP_KERNEL);
cd228d54 2113 if (!pch)
1da177e4 2114 return -ENOMEM;
273ec51d
CG		 2115
2116 pn = ppp_pernet(net);
2117
1da177e4
LT		 2118 pch->ppp = NULL;
2119 pch->chan = chan;
273ec51d 2120 pch->chan_net = net;
1da177e4
LT		 2121 chan->ppp = pch;
2122 init_ppp_file(&pch->file, CHANNEL);
2123 pch->file.hdrlen = chan->hdrlen;
2124#ifdef CONFIG_PPP_MULTILINK
2125 pch->lastseq = -1;
2126#endif /* CONFIG_PPP_MULTILINK */
2127 init_rwsem(&pch->chan_sem);
2128 spin_lock_init(&pch->downl);
2129 rwlock_init(&pch->upl);
273ec51d
CG		 2130
2131 spin_lock_bh(&pn->all_channels_lock);
2132 pch->file.index = ++pn->last_channel_index;
2133 list_add(&pch->list, &pn->new_channels);
1da177e4 2134 atomic_inc(&channel_count);
273ec51d
CG		 2135 spin_unlock_bh(&pn->all_channels_lock);
2136
1da177e4
LT		 2137 return 0;
2138}
2139
2140/*
2141 * Return the index of a channel.
2142 */
2143int ppp_channel_index(struct ppp_channel *chan)
2144{
2145 struct channel *pch = chan->ppp;
2146
cd228d54 2147 if (pch)
1da177e4
LT		 2148 return pch->file.index;
2149 return -1;
2150}
2151
2152/*
2153 * Return the PPP unit number to which a channel is connected.
2154 */
2155int ppp_unit_number(struct ppp_channel *chan)
2156{
2157 struct channel *pch = chan->ppp;
2158 int unit = -1;
2159
cd228d54 2160 if (pch) {
1da177e4 2161 read_lock_bh(&pch->upl);
cd228d54 2162 if (pch->ppp)
1da177e4
LT		 2163 unit = pch->ppp->file.index;
2164 read_unlock_bh(&pch->upl);
2165 }
2166 return unit;
2167}
2168
63f96072
JC		 2169/*
2170 * Return the PPP device interface name of a channel.
2171 */
2172char *ppp_dev_name(struct ppp_channel *chan)
2173{
2174 struct channel *pch = chan->ppp;
2175 char *name = NULL;
2176
2177 if (pch) {
2178 read_lock_bh(&pch->upl);
2179 if (pch->ppp && pch->ppp->dev)
2180 name = pch->ppp->dev->name;
2181 read_unlock_bh(&pch->upl);
2182 }
2183 return name;
2184}
2185
2186
1da177e4
LT		 2187/*
2188 * Disconnect a channel from the generic layer.
2189 * This must be called in process context.
2190 */
2191void
2192ppp_unregister_channel(struct ppp_channel *chan)
2193{
2194 struct channel *pch = chan->ppp;
273ec51d 2195 struct ppp_net *pn;
1da177e4 2196
cd228d54 2197 if (!pch)
1da177e4 2198 return; /* should never happen */
273ec51d 2199
1da177e4
LT		 2200 chan->ppp = NULL;
2201
2202 /*
2203 * This ensures that we have returned from any calls into the
2204 * the channel's start_xmit or ioctl routine before we proceed.
2205 */
2206 down_write(&pch->chan_sem);
2207 spin_lock_bh(&pch->downl);
2208 pch->chan = NULL;
2209 spin_unlock_bh(&pch->downl);
2210 up_write(&pch->chan_sem);
2211 ppp_disconnect_channel(pch);
273ec51d
CG		 2212
2213 pn = ppp_pernet(pch->chan_net);
2214 spin_lock_bh(&pn->all_channels_lock);
1da177e4 2215 list_del(&pch->list);
273ec51d
CG		 2216 spin_unlock_bh(&pn->all_channels_lock);
2217
1da177e4
LT		 2218 pch->file.dead = 1;
2219 wake_up_interruptible(&pch->file.rwait);
2220 if (atomic_dec_and_test(&pch->file.refcnt))
2221 ppp_destroy_channel(pch);
2222}
2223
2224/*
2225 * Callback from a channel when it can accept more to transmit.
2226 * This should be called at BH/softirq level, not interrupt level.
2227 */
2228void
2229ppp_output_wakeup(struct ppp_channel *chan)
2230{
2231 struct channel *pch = chan->ppp;
2232
cd228d54 2233 if (!pch)
1da177e4
LT		 2234 return;
2235 ppp_channel_push(pch);
2236}
2237
2238/*
2239 * Compression control.
2240 */
2241
2242/* Process the PPPIOCSCOMPRESS ioctl. */
2243static int
2244ppp_set_compress(struct ppp *ppp, unsigned long arg)
2245{
2246 int err;
2247 struct compressor *cp, *ocomp;
2248 struct ppp_option_data data;
2249 void *state, *ostate;
2250 unsigned char ccp_option[CCP_MAX_OPTION_LENGTH];
2251
2252 err = -EFAULT;
8e95a202
JP		 2253 if (copy_from_user(&data, (void __user *) arg, sizeof(data)) ||
2254 (data.length <= CCP_MAX_OPTION_LENGTH &&
2255 copy_from_user(ccp_option, (void __user *) data.ptr, data.length)))
1da177e4
LT		 2256 goto out;
2257 err = -EINVAL;
8e95a202
JP		 2258 if (data.length > CCP_MAX_OPTION_LENGTH ||
2259 ccp_option[1] < 2 || ccp_option[1] > data.length)
1da177e4
LT		 2260 goto out;
2261
a65e5d78
JB		 2262 cp = try_then_request_module(
2263 find_compressor(ccp_option[0]),
2264 "ppp-compress-%d", ccp_option[0]);
cd228d54 2265 if (!cp)
1da177e4
LT		 2266 goto out;
2267
2268 err = -ENOBUFS;
2269 if (data.transmit) {
2270 state = cp->comp_alloc(ccp_option, data.length);
cd228d54 2271 if (state) {
1da177e4
LT		 2272 ppp_xmit_lock(ppp);
2273 ppp->xstate &= ~SC_COMP_RUN;
2274 ocomp = ppp->xcomp;
2275 ostate = ppp->xc_state;
2276 ppp->xcomp = cp;
2277 ppp->xc_state = state;
2278 ppp_xmit_unlock(ppp);
cd228d54 2279 if (ostate) {
1da177e4
LT		 2280 ocomp->comp_free(ostate);
2281 module_put(ocomp->owner);
2282 }
2283 err = 0;
2284 } else
2285 module_put(cp->owner);
2286
2287 } else {
2288 state = cp->decomp_alloc(ccp_option, data.length);
cd228d54 2289 if (state) {
1da177e4
LT		 2290 ppp_recv_lock(ppp);
2291 ppp->rstate &= ~SC_DECOMP_RUN;
2292 ocomp = ppp->rcomp;
2293 ostate = ppp->rc_state;
2294 ppp->rcomp = cp;
2295 ppp->rc_state = state;
2296 ppp_recv_unlock(ppp);
cd228d54 2297 if (ostate) {
1da177e4
LT		 2298 ocomp->decomp_free(ostate);
2299 module_put(ocomp->owner);
2300 }
2301 err = 0;
2302 } else
2303 module_put(cp->owner);
2304 }
2305
2306 out:
2307 return err;
2308}
2309
2310/*
2311 * Look at a CCP packet and update our state accordingly.
2312 * We assume the caller has the xmit or recv path locked.
2313 */
2314static void
2315ppp_ccp_peek(struct ppp *ppp, struct sk_buff *skb, int inbound)
2316{
2317 unsigned char *dp;
2318 int len;
2319
2320 if (!pskb_may_pull(skb, CCP_HDRLEN + 2))
2321 return; /* no header */
2322 dp = skb->data + 2;
2323
2324 switch (CCP_CODE(dp)) {
2325 case CCP_CONFREQ:
2326
6aa20a22 2327 /* A ConfReq starts negotiation of compression
1da177e4
LT		 2328 * in one direction of transmission,
2329 * and hence brings it down...but which way?
2330 *
2331 * Remember:
2332 * A ConfReq indicates what the sender would like to receive
2333 */
2334 if(inbound)
2335 /* He is proposing what I should send */
2336 ppp->xstate &= ~SC_COMP_RUN;
6aa20a22 2337 else
1da177e4
LT		 2338 /* I am proposing to what he should send */
2339 ppp->rstate &= ~SC_DECOMP_RUN;
6aa20a22 2340
1da177e4 2341 break;
6aa20a22 2342
1da177e4
LT		 2343 case CCP_TERMREQ:
2344 case CCP_TERMACK:
2345 /*
6aa20a22 2346 * CCP is going down, both directions of transmission
1da177e4
LT		 2347 */
2348 ppp->rstate &= ~SC_DECOMP_RUN;
2349 ppp->xstate &= ~SC_COMP_RUN;
2350 break;
2351
2352 case CCP_CONFACK:
2353 if ((ppp->flags & (SC_CCP_OPEN | SC_CCP_UP)) != SC_CCP_OPEN)
2354 break;
2355 len = CCP_LENGTH(dp);
2356 if (!pskb_may_pull(skb, len + 2))
2357 return; /* too short */
2358 dp += CCP_HDRLEN;
2359 len -= CCP_HDRLEN;
2360 if (len < CCP_OPT_MINLEN || len < CCP_OPT_LENGTH(dp))
2361 break;
2362 if (inbound) {
2363 /* we will start receiving compressed packets */
cd228d54 2364 if (!ppp->rc_state)
1da177e4
LT		 2365 break;
2366 if (ppp->rcomp->decomp_init(ppp->rc_state, dp, len,
2367 ppp->file.index, 0, ppp->mru, ppp->debug)) {
2368 ppp->rstate |= SC_DECOMP_RUN;
2369 ppp->rstate &= ~(SC_DC_ERROR | SC_DC_FERROR);
2370 }
2371 } else {
2372 /* we will soon start sending compressed packets */
cd228d54 2373 if (!ppp->xc_state)
1da177e4
LT		 2374 break;
2375 if (ppp->xcomp->comp_init(ppp->xc_state, dp, len,
2376 ppp->file.index, 0, ppp->debug))
2377 ppp->xstate |= SC_COMP_RUN;
2378 }
2379 break;
2380
2381 case CCP_RESETACK:
2382 /* reset the [de]compressor */
2383 if ((ppp->flags & SC_CCP_UP) == 0)
2384 break;
2385 if (inbound) {
2386 if (ppp->rc_state && (ppp->rstate & SC_DECOMP_RUN)) {
2387 ppp->rcomp->decomp_reset(ppp->rc_state);
2388 ppp->rstate &= ~SC_DC_ERROR;
2389 }
2390 } else {
2391 if (ppp->xc_state && (ppp->xstate & SC_COMP_RUN))
2392 ppp->xcomp->comp_reset(ppp->xc_state);
2393 }
2394 break;
2395 }
2396}
2397
2398/* Free up compression resources. */
2399static void
2400ppp_ccp_closed(struct ppp *ppp)
2401{
2402 void *xstate, *rstate;
2403 struct compressor *xcomp, *rcomp;
2404
2405 ppp_lock(ppp);
2406 ppp->flags &= ~(SC_CCP_OPEN | SC_CCP_UP);
2407 ppp->xstate = 0;
2408 xcomp = ppp->xcomp;
2409 xstate = ppp->xc_state;
2410 ppp->xc_state = NULL;
2411 ppp->rstate = 0;
2412 rcomp = ppp->rcomp;
2413 rstate = ppp->rc_state;
2414 ppp->rc_state = NULL;
2415 ppp_unlock(ppp);
2416
2417 if (xstate) {
2418 xcomp->comp_free(xstate);
2419 module_put(xcomp->owner);
2420 }
2421 if (rstate) {
2422 rcomp->decomp_free(rstate);
2423 module_put(rcomp->owner);
2424 }
2425}
2426
2427/* List of compressors. */
2428static LIST_HEAD(compressor_list);
2429static DEFINE_SPINLOCK(compressor_list_lock);
2430
2431struct compressor_entry {
2432 struct list_head list;
2433 struct compressor *comp;
2434};
2435
2436static struct compressor_entry *
2437find_comp_entry(int proto)
2438{
2439 struct compressor_entry *ce;
1da177e4 2440
81616c5a 2441 list_for_each_entry(ce, &compressor_list, list) {
1da177e4
LT		 2442 if (ce->comp->compress_proto == proto)
2443 return ce;
2444 }
2445 return NULL;
2446}
2447
2448/* Register a compressor */
2449int
2450ppp_register_compressor(struct compressor *cp)
2451{
2452 struct compressor_entry *ce;
2453 int ret;
2454 spin_lock(&compressor_list_lock);
2455 ret = -EEXIST;
cd228d54 2456 if (find_comp_entry(cp->compress_proto))
1da177e4
LT		 2457 goto out;
2458 ret = -ENOMEM;
2459 ce = kmalloc(sizeof(struct compressor_entry), GFP_ATOMIC);
cd228d54 2460 if (!ce)
1da177e4
LT		 2461 goto out;
2462 ret = 0;
2463 ce->comp = cp;
2464 list_add(&ce->list, &compressor_list);
2465 out:
2466 spin_unlock(&compressor_list_lock);
2467 return ret;
2468}
2469
2470/* Unregister a compressor */
2471void
2472ppp_unregister_compressor(struct compressor *cp)
2473{
2474 struct compressor_entry *ce;
2475
2476 spin_lock(&compressor_list_lock);
2477 ce = find_comp_entry(cp->compress_proto);
cd228d54 2478 if (ce && ce->comp == cp) {
1da177e4
LT		 2479 list_del(&ce->list);
2480 kfree(ce);
2481 }
2482 spin_unlock(&compressor_list_lock);
2483}
2484
2485/* Find a compressor. */
2486static struct compressor *
2487find_compressor(int type)
2488{
2489 struct compressor_entry *ce;
2490 struct compressor *cp = NULL;
2491
2492 spin_lock(&compressor_list_lock);
2493 ce = find_comp_entry(type);
cd228d54 2494 if (ce) {
1da177e4
LT		 2495 cp = ce->comp;
2496 if (!try_module_get(cp->owner))
2497 cp = NULL;
2498 }
2499 spin_unlock(&compressor_list_lock);
2500 return cp;
2501}
2502
2503/*
2504 * Miscelleneous stuff.
2505 */
2506
2507static void
2508ppp_get_stats(struct ppp *ppp, struct ppp_stats *st)
2509{
2510 struct slcompress *vj = ppp->vj;
2511
2512 memset(st, 0, sizeof(*st));
8c0469cd
PZ		 2513 st->p.ppp_ipackets = ppp->dev->stats.rx_packets;
2514 st->p.ppp_ierrors = ppp->dev->stats.rx_errors;
2515 st->p.ppp_ibytes = ppp->dev->stats.rx_bytes;
2516 st->p.ppp_opackets = ppp->dev->stats.tx_packets;
2517 st->p.ppp_oerrors = ppp->dev->stats.tx_errors;
2518 st->p.ppp_obytes = ppp->dev->stats.tx_bytes;
cd228d54 2519 if (!vj)
1da177e4
LT		 2520 return;
2521 st->vj.vjs_packets = vj->sls_o_compressed + vj->sls_o_uncompressed;
2522 st->vj.vjs_compressed = vj->sls_o_compressed;
2523 st->vj.vjs_searches = vj->sls_o_searches;
2524 st->vj.vjs_misses = vj->sls_o_misses;
2525 st->vj.vjs_errorin = vj->sls_i_error;
2526 st->vj.vjs_tossed = vj->sls_i_tossed;
2527 st->vj.vjs_uncompressedin = vj->sls_i_uncompressed;
2528 st->vj.vjs_compressedin = vj->sls_i_compressed;
2529}
2530
2531/*
2532 * Stuff for handling the lists of ppp units and channels
2533 * and for initialization.
2534 */
2535
2536/*
2537 * Create a new ppp interface unit. Fails if it can't allocate memory
2538 * or if there is already a unit with the requested number.
2539 * unit == -1 means allocate a new number.
2540 */
2541static struct ppp *
273ec51d 2542ppp_create_interface(struct net *net, int unit, int *retp)
1da177e4
LT		 2543{
2544 struct ppp *ppp;
273ec51d 2545 struct ppp_net *pn;
1da177e4
LT		 2546 struct net_device *dev = NULL;
2547 int ret = -ENOMEM;
2548 int i;
2549
c8019bf3 2550 dev = alloc_netdev(sizeof(struct ppp), "", ppp_setup);
1da177e4
LT		 2551 if (!dev)
2552 goto out1;
1da177e4 2553
273ec51d
CG		 2554 pn = ppp_pernet(net);
2555
c8019bf3
WC		 2556 ppp = netdev_priv(dev);
2557 ppp->dev = dev;
1da177e4
LT		 2558 ppp->mru = PPP_MRU;
2559 init_ppp_file(&ppp->file, INTERFACE);
2560 ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */
2561 for (i = 0; i < NUM_NP; ++i)
2562 ppp->npmode[i] = NPMODE_PASS;
2563 INIT_LIST_HEAD(&ppp->channels);
2564 spin_lock_init(&ppp->rlock);
2565 spin_lock_init(&ppp->wlock);
2566#ifdef CONFIG_PPP_MULTILINK
2567 ppp->minseq = -1;
2568 skb_queue_head_init(&ppp->mrq);
2569#endif /* CONFIG_PPP_MULTILINK */
1da177e4 2570
273ec51d
CG		 2571 /*
2572 * drum roll: don't forget to set
2573 * the net device is belong to
2574 */
2575 dev_net_set(dev, net);
2576
1da177e4 2577 ret = -EEXIST;
273ec51d 2578 mutex_lock(&pn->all_ppp_mutex);
7a95d267
CG		 2579
2580 if (unit < 0) {
273ec51d 2581 unit = unit_get(&pn->units_idr, ppp);
7a95d267
CG		 2582 if (unit < 0) {
2583 *retp = unit;
2584 goto out2;
2585 }
2586 } else {
273ec51d 2587 if (unit_find(&pn->units_idr, unit))
7a95d267 2588 goto out2; /* unit already exists */
85997576
CG		 2589 /*
2590 * if caller need a specified unit number
2591 * lets try to satisfy him, otherwise --
2592 * he should better ask us for new unit number
2593 *
2594 * NOTE: yes I know that returning EEXIST it's not
2595 * fair but at least pppd will ask us to allocate
2596 * new unit in this case so user is happy :)
2597 */
273ec51d 2598 unit = unit_set(&pn->units_idr, ppp, unit);
85997576 2599 if (unit < 0)
7a95d267 2600 goto out2;
7a95d267 2601 }
1da177e4
LT		 2602
2603 /* Initialize the new ppp unit */
2604 ppp->file.index = unit;
2605 sprintf(dev->name, "ppp%d", unit);
2606
2607 ret = register_netdev(dev);
2608 if (ret != 0) {
273ec51d 2609 unit_put(&pn->units_idr, unit);
1da177e4
LT		 2610 printk(KERN_ERR "PPP: couldn't register device %s (%d)\n",
2611 dev->name, ret);
2612 goto out2;
2613 }
2614
273ec51d
CG		 2615 ppp->ppp_net = net;
2616
1da177e4 2617 atomic_inc(&ppp_unit_count);
273ec51d 2618 mutex_unlock(&pn->all_ppp_mutex);
7a95d267 2619
1da177e4
LT		 2620 *retp = 0;
2621 return ppp;
2622
2623out2:
273ec51d 2624 mutex_unlock(&pn->all_ppp_mutex);
1da177e4
LT		 2625 free_netdev(dev);
2626out1:
1da177e4
LT		 2627 *retp = ret;
2628 return NULL;
2629}
2630
2631/*
2632 * Initialize a ppp_file structure.
2633 */
2634static void
2635init_ppp_file(struct ppp_file *pf, int kind)
2636{
2637 pf->kind = kind;
2638 skb_queue_head_init(&pf->xq);
2639 skb_queue_head_init(&pf->rq);
2640 atomic_set(&pf->refcnt, 1);
2641 init_waitqueue_head(&pf->rwait);
2642}
2643
2644/*
2645 * Take down a ppp interface unit - called when the owning file
2646 * (the one that created the unit) is closed or detached.
2647 */
2648static void ppp_shutdown_interface(struct ppp *ppp)
2649{
273ec51d
CG		 2650 struct ppp_net *pn;
2651
2652 pn = ppp_pernet(ppp->ppp_net);
2653 mutex_lock(&pn->all_ppp_mutex);
2654
1da177e4 2655 /* This will call dev_close() for us. */
739840d5
JC		 2656 ppp_lock(ppp);
2657 if (!ppp->closing) {
2658 ppp->closing = 1;
2659 ppp_unlock(ppp);
2660 unregister_netdev(ppp->dev);
2661 } else
2662 ppp_unlock(ppp);
2663
273ec51d 2664 unit_put(&pn->units_idr, ppp->file.index);
1da177e4
LT		 2665 ppp->file.dead = 1;
2666 ppp->owner = NULL;
2667 wake_up_interruptible(&ppp->file.rwait);
273ec51d
CG		 2668
2669 mutex_unlock(&pn->all_ppp_mutex);
1da177e4
LT		 2670}
2671
2672/*
2673 * Free the memory used by a ppp unit. This is only called once
2674 * there are no channels connected to the unit and no file structs
2675 * that reference the unit.
2676 */
2677static void ppp_destroy_interface(struct ppp *ppp)
2678{
2679 atomic_dec(&ppp_unit_count);
2680
2681 if (!ppp->file.dead || ppp->n_channels) {
2682 /* "can't happen" */
2683 printk(KERN_ERR "ppp: destroying ppp struct %p but dead=%d "
2684 "n_channels=%d !\n", ppp, ppp->file.dead,
2685 ppp->n_channels);
2686 return;
2687 }
2688
2689 ppp_ccp_closed(ppp);
2690 if (ppp->vj) {
2691 slhc_free(ppp->vj);
2692 ppp->vj = NULL;
2693 }
2694 skb_queue_purge(&ppp->file.xq);
2695 skb_queue_purge(&ppp->file.rq);
2696#ifdef CONFIG_PPP_MULTILINK
2697 skb_queue_purge(&ppp->mrq);
2698#endif /* CONFIG_PPP_MULTILINK */
2699#ifdef CONFIG_PPP_FILTER
96edf83c
JJ		 2700 kfree(ppp->pass_filter);
2701 ppp->pass_filter = NULL;
2702 kfree(ppp->active_filter);
2703 ppp->active_filter = NULL;
1da177e4
LT		 2704#endif /* CONFIG_PPP_FILTER */
2705
1d2f8c95 2706 kfree_skb(ppp->xmit_pending);
165de5b7 2707
739840d5 2708 free_netdev(ppp->dev);
1da177e4
LT		 2709}
2710
2711/*
2712 * Locate an existing ppp unit.
8ed965d6 2713 * The caller should have locked the all_ppp_mutex.
1da177e4
LT		 2714 */
2715static struct ppp *
273ec51d 2716ppp_find_unit(struct ppp_net *pn, int unit)
1da177e4 2717{
273ec51d 2718 return unit_find(&pn->units_idr, unit);
1da177e4
LT		 2719}
2720
2721/*
2722 * Locate an existing ppp channel.
2723 * The caller should have locked the all_channels_lock.
2724 * First we look in the new_channels list, then in the
2725 * all_channels list. If found in the new_channels list,
2726 * we move it to the all_channels list. This is for speed
2727 * when we have a lot of channels in use.
2728 */
2729static struct channel *
273ec51d 2730ppp_find_channel(struct ppp_net *pn, int unit)
1da177e4
LT		 2731{
2732 struct channel *pch;
1da177e4 2733
273ec51d 2734 list_for_each_entry(pch, &pn->new_channels, list) {
1da177e4 2735 if (pch->file.index == unit) {
273ec51d 2736 list_move(&pch->list, &pn->all_channels);
1da177e4
LT		 2737 return pch;
2738 }
2739 }
273ec51d
CG		 2740
2741 list_for_each_entry(pch, &pn->all_channels, list) {
1da177e4
LT		 2742 if (pch->file.index == unit)
2743 return pch;
2744 }
273ec51d 2745
1da177e4
LT		 2746 return NULL;
2747}
2748
2749/*
2750 * Connect a PPP channel to a PPP interface unit.
2751 */
2752static int
2753ppp_connect_channel(struct channel *pch, int unit)
2754{
2755 struct ppp *ppp;
273ec51d 2756 struct ppp_net *pn;
1da177e4
LT		 2757 int ret = -ENXIO;
2758 int hdrlen;
2759
273ec51d
CG		 2760 pn = ppp_pernet(pch->chan_net);
2761
2762 mutex_lock(&pn->all_ppp_mutex);
2763 ppp = ppp_find_unit(pn, unit);
cd228d54 2764 if (!ppp)
1da177e4
LT		 2765 goto out;
2766 write_lock_bh(&pch->upl);
2767 ret = -EINVAL;
cd228d54 2768 if (pch->ppp)
1da177e4
LT		 2769 goto outl;
2770
2771 ppp_lock(ppp);
2772 if (pch->file.hdrlen > ppp->file.hdrlen)
2773 ppp->file.hdrlen = pch->file.hdrlen;
2774 hdrlen = pch->file.hdrlen + 2; /* for protocol bytes */
739840d5 2775 if (hdrlen > ppp->dev->hard_header_len)
1da177e4
LT		 2776 ppp->dev->hard_header_len = hdrlen;
2777 list_add_tail(&pch->clist, &ppp->channels);
2778 ++ppp->n_channels;
2779 pch->ppp = ppp;
2780 atomic_inc(&ppp->file.refcnt);
2781 ppp_unlock(ppp);
2782 ret = 0;
2783
2784 outl:
2785 write_unlock_bh(&pch->upl);
2786 out:
273ec51d 2787 mutex_unlock(&pn->all_ppp_mutex);
1da177e4
LT		 2788 return ret;
2789}
2790
2791/*
2792 * Disconnect a channel from its ppp unit.
2793 */
2794static int
2795ppp_disconnect_channel(struct channel *pch)
2796{
2797 struct ppp *ppp;
2798 int err = -EINVAL;
2799
2800 write_lock_bh(&pch->upl);
2801 ppp = pch->ppp;
2802 pch->ppp = NULL;
2803 write_unlock_bh(&pch->upl);
cd228d54 2804 if (ppp) {
1da177e4
LT		 2805 /* remove it from the ppp unit's list */
2806 ppp_lock(ppp);
2807 list_del(&pch->clist);
2808 if (--ppp->n_channels == 0)
2809 wake_up_interruptible(&ppp->file.rwait);
2810 ppp_unlock(ppp);
2811 if (atomic_dec_and_test(&ppp->file.refcnt))
2812 ppp_destroy_interface(ppp);
2813 err = 0;
2814 }
2815 return err;
2816}
2817
2818/*
2819 * Free up the resources used by a ppp channel.
2820 */
2821static void ppp_destroy_channel(struct channel *pch)
2822{
2823 atomic_dec(&channel_count);
2824
2825 if (!pch->file.dead) {
2826 /* "can't happen" */
2827 printk(KERN_ERR "ppp: destroying undead channel %p !\n",
2828 pch);
2829 return;
2830 }
2831 skb_queue_purge(&pch->file.xq);
2832 skb_queue_purge(&pch->file.rq);
2833 kfree(pch);
2834}
2835
2836static void __exit ppp_cleanup(void)
2837{
2838 /* should never happen */
2839 if (atomic_read(&ppp_unit_count) || atomic_read(&channel_count))
2840 printk(KERN_ERR "PPP: removing module but units remain!\n");
68fc4fab 2841 unregister_chrdev(PPP_MAJOR, "ppp");
9a6a2a5e 2842 device_destroy(ppp_class, MKDEV(PPP_MAJOR, 0));
56b22935 2843 class_destroy(ppp_class);
741a6fa2 2844 unregister_pernet_device(&ppp_net_ops);
1da177e4
LT		 2845}
2846
2847/*
7a95d267
CG		 2848 * Units handling. Caller must protect concurrent access
2849 * by holding all_ppp_mutex
1da177e4 2850 */
7a95d267 2851
85997576
CG		 2852/* associate pointer with specified number */
2853static int unit_set(struct idr *p, void *ptr, int n)
2854{
2855 int unit, err;
2856
2857again:
2858 if (!idr_pre_get(p, GFP_KERNEL)) {
2859 printk(KERN_ERR "PPP: No free memory for idr\n");
2860 return -ENOMEM;
2861 }
2862
2863 err = idr_get_new_above(p, ptr, n, &unit);
2864 if (err == -EAGAIN)
2865 goto again;
2866
2867 if (unit != n) {
2868 idr_remove(p, unit);
2869 return -EINVAL;
2870 }
2871
2872 return unit;
2873}
2874
7a95d267
CG		 2875/* get new free unit number and associate pointer with it */
2876static int unit_get(struct idr *p, void *ptr)
1da177e4 2877{
7a95d267 2878 int unit, err;
1da177e4 2879
7a95d267 2880again:
85997576
CG		 2881 if (!idr_pre_get(p, GFP_KERNEL)) {
2882 printk(KERN_ERR "PPP: No free memory for idr\n");
7a95d267 2883 return -ENOMEM;
1da177e4 2884 }
1da177e4 2885
7a95d267
CG		 2886 err = idr_get_new_above(p, ptr, 0, &unit);
2887 if (err == -EAGAIN)
2888 goto again;
1da177e4 2889
7a95d267 2890 return unit;
1da177e4
LT		 2891}
2892
7a95d267
CG		 2893/* put unit number back to a pool */
2894static void unit_put(struct idr *p, int n)
1da177e4 2895{
7a95d267 2896 idr_remove(p, n);
1da177e4
LT		 2897}
2898
7a95d267
CG		 2899/* get pointer associated with the number */
2900static void *unit_find(struct idr *p, int n)
1da177e4 2901{
7a95d267 2902 return idr_find(p, n);
1da177e4
LT		 2903}
2904
2905/* Module/initialization stuff */
2906
2907module_init(ppp_init);
2908module_exit(ppp_cleanup);
2909
273ec51d 2910EXPORT_SYMBOL(ppp_register_net_channel);
1da177e4
LT		 2911EXPORT_SYMBOL(ppp_register_channel);
2912EXPORT_SYMBOL(ppp_unregister_channel);
2913EXPORT_SYMBOL(ppp_channel_index);
2914EXPORT_SYMBOL(ppp_unit_number);
63f96072 2915EXPORT_SYMBOL(ppp_dev_name);
1da177e4
LT		 2916EXPORT_SYMBOL(ppp_input);
2917EXPORT_SYMBOL(ppp_input_error);
2918EXPORT_SYMBOL(ppp_output_wakeup);
2919EXPORT_SYMBOL(ppp_register_compressor);
2920EXPORT_SYMBOL(ppp_unregister_compressor);
2921MODULE_LICENSE("GPL");
578454ff
KS		 2922MODULE_ALIAS_CHARDEV(PPP_MAJOR, 0);
2923MODULE_ALIAS("devname:ppp");
Clone of davem's net-next-2.6 tree