blob: 6e92f7b44b1aa6d315d84898ce6a990b96ed3a0a [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * NET3: A (fairly minimal) implementation of synchronous PPP for Linux
3 * as well as a CISCO HDLC implementation. See the copyright
4 * message below for the original source.
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the license, or (at your option) any later version.
10 *
11 * Note however. This code is also used in a different form by FreeBSD.
12 * Therefore when making any non OS specific change please consider
13 * contributing it back to the original author under the terms
14 * below in addition.
15 * -- Alan
16 *
17 * Port for Linux-2.1 by Jan "Yenya" Kasprzak <kas@fi.muni.cz>
18 */
19
20/*
21 * Synchronous PPP/Cisco link level subroutines.
22 * Keepalive protocol implemented in both Cisco and PPP modes.
23 *
24 * Copyright (C) 1994 Cronyx Ltd.
25 * Author: Serge Vakulenko, <vak@zebub.msk.su>
26 *
27 * This software is distributed with NO WARRANTIES, not even the implied
28 * warranties for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
29 *
30 * Authors grant any other persons or organisations permission to use
31 * or modify this software as long as this message is kept with the software,
32 * all derivative works or modified versions.
33 *
34 * Version 1.9, Wed Oct 4 18:58:15 MSK 1995
35 *
36 * $Id: syncppp.c,v 1.18 2000/04/11 05:25:31 asj Exp $
37 */
38#undef DEBUG
39
Linus Torvalds1da177e2005-04-16 15:20:36 -070040#include <linux/module.h>
41#include <linux/kernel.h>
42#include <linux/errno.h>
43#include <linux/init.h>
44#include <linux/if_arp.h>
45#include <linux/skbuff.h>
46#include <linux/route.h>
47#include <linux/netdevice.h>
48#include <linux/inetdevice.h>
49#include <linux/random.h>
50#include <linux/pkt_sched.h>
51#include <linux/spinlock.h>
52#include <linux/rcupdate.h>
53
Eric W. Biedermane730c152007-09-17 11:53:39 -070054#include <net/net_namespace.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070055#include <net/syncppp.h>
56
57#include <asm/byteorder.h>
58#include <asm/uaccess.h>
59
60#define MAXALIVECNT 6 /* max. alive packets */
61
62#define PPP_ALLSTATIONS 0xff /* All-Stations broadcast address */
63#define PPP_UI 0x03 /* Unnumbered Information */
64#define PPP_IP 0x0021 /* Internet Protocol */
65#define PPP_ISO 0x0023 /* ISO OSI Protocol */
66#define PPP_XNS 0x0025 /* Xerox NS Protocol */
67#define PPP_IPX 0x002b /* Novell IPX Protocol */
68#define PPP_LCP 0xc021 /* Link Control Protocol */
69#define PPP_IPCP 0x8021 /* Internet Protocol Control Protocol */
70
71#define LCP_CONF_REQ 1 /* PPP LCP configure request */
72#define LCP_CONF_ACK 2 /* PPP LCP configure acknowledge */
73#define LCP_CONF_NAK 3 /* PPP LCP configure negative ack */
74#define LCP_CONF_REJ 4 /* PPP LCP configure reject */
75#define LCP_TERM_REQ 5 /* PPP LCP terminate request */
76#define LCP_TERM_ACK 6 /* PPP LCP terminate acknowledge */
77#define LCP_CODE_REJ 7 /* PPP LCP code reject */
78#define LCP_PROTO_REJ 8 /* PPP LCP protocol reject */
79#define LCP_ECHO_REQ 9 /* PPP LCP echo request */
80#define LCP_ECHO_REPLY 10 /* PPP LCP echo reply */
81#define LCP_DISC_REQ 11 /* PPP LCP discard request */
82
83#define LCP_OPT_MRU 1 /* maximum receive unit */
84#define LCP_OPT_ASYNC_MAP 2 /* async control character map */
85#define LCP_OPT_AUTH_PROTO 3 /* authentication protocol */
86#define LCP_OPT_QUAL_PROTO 4 /* quality protocol */
87#define LCP_OPT_MAGIC 5 /* magic number */
88#define LCP_OPT_RESERVED 6 /* reserved */
89#define LCP_OPT_PROTO_COMP 7 /* protocol field compression */
90#define LCP_OPT_ADDR_COMP 8 /* address/control field compression */
91
92#define IPCP_CONF_REQ LCP_CONF_REQ /* PPP IPCP configure request */
93#define IPCP_CONF_ACK LCP_CONF_ACK /* PPP IPCP configure acknowledge */
94#define IPCP_CONF_NAK LCP_CONF_NAK /* PPP IPCP configure negative ack */
95#define IPCP_CONF_REJ LCP_CONF_REJ /* PPP IPCP configure reject */
96#define IPCP_TERM_REQ LCP_TERM_REQ /* PPP IPCP terminate request */
97#define IPCP_TERM_ACK LCP_TERM_ACK /* PPP IPCP terminate acknowledge */
98#define IPCP_CODE_REJ LCP_CODE_REJ /* PPP IPCP code reject */
99
100#define CISCO_MULTICAST 0x8f /* Cisco multicast address */
101#define CISCO_UNICAST 0x0f /* Cisco unicast address */
102#define CISCO_KEEPALIVE 0x8035 /* Cisco keepalive protocol */
103#define CISCO_ADDR_REQ 0 /* Cisco address request */
104#define CISCO_ADDR_REPLY 1 /* Cisco address reply */
105#define CISCO_KEEPALIVE_REQ 2 /* Cisco keepalive request */
106
107struct ppp_header {
108 u8 address;
109 u8 control;
Al Viro6f229d72007-12-12 18:50:18 -0800110 __be16 protocol;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700111};
112#define PPP_HEADER_LEN sizeof (struct ppp_header)
113
114struct lcp_header {
115 u8 type;
116 u8 ident;
Al Viro6f229d72007-12-12 18:50:18 -0800117 __be16 len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700118};
119#define LCP_HEADER_LEN sizeof (struct lcp_header)
120
121struct cisco_packet {
Al Viro6f229d72007-12-12 18:50:18 -0800122 __be32 type;
123 __be32 par1;
124 __be32 par2;
125 __be16 rel;
126 __be16 time0;
127 __be16 time1;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700128};
129#define CISCO_PACKET_LEN 18
130#define CISCO_BIG_PACKET_LEN 20
131
132static struct sppp *spppq;
133static struct timer_list sppp_keepalive_timer;
134static DEFINE_SPINLOCK(spppq_lock);
135
136/* global xmit queue for sending packets while spinlock is held */
137static struct sk_buff_head tx_queue;
138
139static void sppp_keepalive (unsigned long dummy);
140static void sppp_cp_send (struct sppp *sp, u16 proto, u8 type,
141 u8 ident, u16 len, void *data);
Al Viro6f229d72007-12-12 18:50:18 -0800142static void sppp_cisco_send (struct sppp *sp, int type, u32 par1, u32 par2);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700143static void sppp_lcp_input (struct sppp *sp, struct sk_buff *m);
144static void sppp_cisco_input (struct sppp *sp, struct sk_buff *m);
145static void sppp_ipcp_input (struct sppp *sp, struct sk_buff *m);
146static void sppp_lcp_open (struct sppp *sp);
147static void sppp_ipcp_open (struct sppp *sp);
148static int sppp_lcp_conf_parse_options (struct sppp *sp, struct lcp_header *h,
149 int len, u32 *magic);
150static void sppp_cp_timeout (unsigned long arg);
151static char *sppp_lcp_type_name (u8 type);
152static char *sppp_ipcp_type_name (u8 type);
153static void sppp_print_bytes (u8 *p, u16 len);
154
155static int debug;
156
157/* Flush global outgoing packet queue to dev_queue_xmit().
158 *
159 * dev_queue_xmit() must be called with interrupts enabled
160 * which means it can't be called with spinlocks held.
161 * If a packet needs to be sent while a spinlock is held,
162 * then put the packet into tx_queue, and call sppp_flush_xmit()
163 * after spinlock is released.
164 */
165static void sppp_flush_xmit(void)
166{
167 struct sk_buff *skb;
168 while ((skb = skb_dequeue(&tx_queue)) != NULL)
169 dev_queue_xmit(skb);
170}
171
172/*
173 * Interface down stub
174 */
175
176static void if_down(struct net_device *dev)
177{
178 struct sppp *sp = (struct sppp *)sppp_of(dev);
179
180 sp->pp_link_state=SPPP_LINK_DOWN;
181}
182
183/*
184 * Timeout routine activations.
185 */
186
187static void sppp_set_timeout(struct sppp *p,int s)
188{
189 if (! (p->pp_flags & PP_TIMO))
190 {
191 init_timer(&p->pp_timer);
192 p->pp_timer.function=sppp_cp_timeout;
193 p->pp_timer.expires=jiffies+s*HZ;
194 p->pp_timer.data=(unsigned long)p;
195 p->pp_flags |= PP_TIMO;
196 add_timer(&p->pp_timer);
197 }
198}
199
200static void sppp_clear_timeout(struct sppp *p)
201{
202 if (p->pp_flags & PP_TIMO)
203 {
204 del_timer(&p->pp_timer);
205 p->pp_flags &= ~PP_TIMO;
206 }
207}
208
209/**
210 * sppp_input - receive and process a WAN PPP frame
211 * @skb: The buffer to process
212 * @dev: The device it arrived on
213 *
214 * This can be called directly by cards that do not have
215 * timing constraints but is normally called from the network layer
216 * after interrupt servicing to process frames queued via netif_rx().
217 *
218 * We process the options in the card. If the frame is destined for
219 * the protocol stacks then it requeues the frame for the upper level
220 * protocol. If it is a control from it is processed and discarded
221 * here.
222 */
223
Adrian Bunk7665a082005-09-09 23:17:28 -0700224static void sppp_input (struct net_device *dev, struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700225{
226 struct ppp_header *h;
227 struct sppp *sp = (struct sppp *)sppp_of(dev);
228 unsigned long flags;
229
230 skb->dev=dev;
Arnaldo Carvalho de Melo98e399f2007-03-19 15:33:04 -0700231 skb_reset_mac_header(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700232
Linus Torvalds1da177e2005-04-16 15:20:36 -0700233 if (!pskb_may_pull(skb, PPP_HEADER_LEN)) {
234 /* Too small packet, drop it. */
235 if (sp->pp_flags & PP_DEBUG)
236 printk (KERN_DEBUG "%s: input packet is too small, %d bytes\n",
237 dev->name, skb->len);
238 kfree_skb(skb);
239 return;
240 }
241
242 /* Get PPP header. */
243 h = (struct ppp_header *)skb->data;
244 skb_pull(skb,sizeof(struct ppp_header));
245
246 spin_lock_irqsave(&sp->lock, flags);
247
248 switch (h->address) {
249 default: /* Invalid PPP packet. */
250 goto invalid;
251 case PPP_ALLSTATIONS:
252 if (h->control != PPP_UI)
253 goto invalid;
254 if (sp->pp_flags & PP_CISCO) {
255 if (sp->pp_flags & PP_DEBUG)
256 printk (KERN_WARNING "%s: PPP packet in Cisco mode <0x%x 0x%x 0x%x>\n",
257 dev->name,
258 h->address, h->control, ntohs (h->protocol));
259 goto drop;
260 }
261 switch (ntohs (h->protocol)) {
262 default:
263 if (sp->lcp.state == LCP_STATE_OPENED)
264 sppp_cp_send (sp, PPP_LCP, LCP_PROTO_REJ,
265 ++sp->pp_seq, skb->len + 2,
266 &h->protocol);
267 if (sp->pp_flags & PP_DEBUG)
268 printk (KERN_WARNING "%s: invalid input protocol <0x%x 0x%x 0x%x>\n",
269 dev->name,
270 h->address, h->control, ntohs (h->protocol));
271 goto drop;
272 case PPP_LCP:
273 sppp_lcp_input (sp, skb);
274 goto drop;
275 case PPP_IPCP:
276 if (sp->lcp.state == LCP_STATE_OPENED)
277 sppp_ipcp_input (sp, skb);
278 else
279 printk(KERN_DEBUG "IPCP when still waiting LCP finish.\n");
280 goto drop;
281 case PPP_IP:
282 if (sp->ipcp.state == IPCP_STATE_OPENED) {
283 if(sp->pp_flags&PP_DEBUG)
284 printk(KERN_DEBUG "Yow an IP frame.\n");
285 skb->protocol=htons(ETH_P_IP);
286 netif_rx(skb);
287 dev->last_rx = jiffies;
288 goto done;
289 }
290 break;
291#ifdef IPX
292 case PPP_IPX:
293 /* IPX IPXCP not implemented yet */
294 if (sp->lcp.state == LCP_STATE_OPENED) {
295 skb->protocol=htons(ETH_P_IPX);
296 netif_rx(skb);
297 dev->last_rx = jiffies;
298 goto done;
299 }
300 break;
301#endif
302 }
303 break;
304 case CISCO_MULTICAST:
305 case CISCO_UNICAST:
306 /* Don't check the control field here (RFC 1547). */
307 if (! (sp->pp_flags & PP_CISCO)) {
308 if (sp->pp_flags & PP_DEBUG)
309 printk (KERN_WARNING "%s: Cisco packet in PPP mode <0x%x 0x%x 0x%x>\n",
310 dev->name,
311 h->address, h->control, ntohs (h->protocol));
312 goto drop;
313 }
314 switch (ntohs (h->protocol)) {
315 default:
316 goto invalid;
317 case CISCO_KEEPALIVE:
318 sppp_cisco_input (sp, skb);
319 goto drop;
320#ifdef CONFIG_INET
321 case ETH_P_IP:
322 skb->protocol=htons(ETH_P_IP);
323 netif_rx(skb);
324 dev->last_rx = jiffies;
325 goto done;
326#endif
327#ifdef CONFIG_IPX
328 case ETH_P_IPX:
329 skb->protocol=htons(ETH_P_IPX);
330 netif_rx(skb);
331 dev->last_rx = jiffies;
332 goto done;
333#endif
334 }
335 break;
336 }
337 goto drop;
338
339invalid:
340 if (sp->pp_flags & PP_DEBUG)
341 printk (KERN_WARNING "%s: invalid input packet <0x%x 0x%x 0x%x>\n",
342 dev->name, h->address, h->control, ntohs (h->protocol));
343drop:
344 kfree_skb(skb);
345done:
346 spin_unlock_irqrestore(&sp->lock, flags);
347 sppp_flush_xmit();
348 return;
349}
350
Linus Torvalds1da177e2005-04-16 15:20:36 -0700351/*
352 * Handle transmit packets.
353 */
354
Stephen Hemminger3b04ddd2007-10-09 01:40:57 -0700355static int sppp_hard_header(struct sk_buff *skb,
356 struct net_device *dev, __u16 type,
357 const void *daddr, const void *saddr,
358 unsigned int len)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700359{
360 struct sppp *sp = (struct sppp *)sppp_of(dev);
361 struct ppp_header *h;
362 skb_push(skb,sizeof(struct ppp_header));
363 h=(struct ppp_header *)skb->data;
364 if(sp->pp_flags&PP_CISCO)
365 {
366 h->address = CISCO_UNICAST;
367 h->control = 0;
368 }
369 else
370 {
371 h->address = PPP_ALLSTATIONS;
372 h->control = PPP_UI;
373 }
374 if(sp->pp_flags & PP_CISCO)
375 {
376 h->protocol = htons(type);
377 }
378 else switch(type)
379 {
380 case ETH_P_IP:
381 h->protocol = htons(PPP_IP);
382 break;
383 case ETH_P_IPX:
384 h->protocol = htons(PPP_IPX);
385 break;
386 }
387 return sizeof(struct ppp_header);
388}
389
Stephen Hemminger3b04ddd2007-10-09 01:40:57 -0700390static const struct header_ops sppp_header_ops = {
391 .create = sppp_hard_header,
392};
Linus Torvalds1da177e2005-04-16 15:20:36 -0700393
394/*
395 * Send keepalive packets, every 10 seconds.
396 */
397
398static void sppp_keepalive (unsigned long dummy)
399{
400 struct sppp *sp;
401 unsigned long flags;
402
403 spin_lock_irqsave(&spppq_lock, flags);
404
405 for (sp=spppq; sp; sp=sp->pp_next)
406 {
407 struct net_device *dev = sp->pp_if;
408
409 /* Keepalive mode disabled or channel down? */
410 if (! (sp->pp_flags & PP_KEEPALIVE) ||
411 ! (dev->flags & IFF_UP))
412 continue;
413
414 spin_lock(&sp->lock);
415
416 /* No keepalive in PPP mode if LCP not opened yet. */
417 if (! (sp->pp_flags & PP_CISCO) &&
418 sp->lcp.state != LCP_STATE_OPENED) {
419 spin_unlock(&sp->lock);
420 continue;
421 }
422
423 if (sp->pp_alivecnt == MAXALIVECNT) {
424 /* No keepalive packets got. Stop the interface. */
425 printk (KERN_WARNING "%s: protocol down\n", dev->name);
426 if_down (dev);
427 if (! (sp->pp_flags & PP_CISCO)) {
428 /* Shut down the PPP link. */
429 sp->lcp.magic = jiffies;
430 sp->lcp.state = LCP_STATE_CLOSED;
431 sp->ipcp.state = IPCP_STATE_CLOSED;
432 sppp_clear_timeout (sp);
433 /* Initiate negotiation. */
434 sppp_lcp_open (sp);
435 }
436 }
437 if (sp->pp_alivecnt <= MAXALIVECNT)
438 ++sp->pp_alivecnt;
439 if (sp->pp_flags & PP_CISCO)
440 sppp_cisco_send (sp, CISCO_KEEPALIVE_REQ, ++sp->pp_seq,
441 sp->pp_rseq);
442 else if (sp->lcp.state == LCP_STATE_OPENED) {
Al Viro6f229d72007-12-12 18:50:18 -0800443 __be32 nmagic = htonl (sp->lcp.magic);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700444 sp->lcp.echoid = ++sp->pp_seq;
445 sppp_cp_send (sp, PPP_LCP, LCP_ECHO_REQ,
446 sp->lcp.echoid, 4, &nmagic);
447 }
448
449 spin_unlock(&sp->lock);
450 }
451 spin_unlock_irqrestore(&spppq_lock, flags);
452 sppp_flush_xmit();
453 sppp_keepalive_timer.expires=jiffies+10*HZ;
454 add_timer(&sppp_keepalive_timer);
455}
456
457/*
458 * Handle incoming PPP Link Control Protocol packets.
459 */
460
461static void sppp_lcp_input (struct sppp *sp, struct sk_buff *skb)
462{
463 struct lcp_header *h;
464 struct net_device *dev = sp->pp_if;
465 int len = skb->len;
466 u8 *p, opt[6];
Eric Sesterhenn8c6ba512006-09-29 02:01:32 -0700467 u32 rmagic = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700468
469 if (!pskb_may_pull(skb, sizeof(struct lcp_header))) {
470 if (sp->pp_flags & PP_DEBUG)
471 printk (KERN_WARNING "%s: invalid lcp packet length: %d bytes\n",
472 dev->name, len);
473 return;
474 }
475 h = (struct lcp_header *)skb->data;
476 skb_pull(skb,sizeof(struct lcp_header *));
477
478 if (sp->pp_flags & PP_DEBUG)
479 {
480 char state = '?';
481 switch (sp->lcp.state) {
482 case LCP_STATE_CLOSED: state = 'C'; break;
483 case LCP_STATE_ACK_RCVD: state = 'R'; break;
484 case LCP_STATE_ACK_SENT: state = 'S'; break;
485 case LCP_STATE_OPENED: state = 'O'; break;
486 }
487 printk (KERN_WARNING "%s: lcp input(%c): %d bytes <%s id=%xh len=%xh",
488 dev->name, state, len,
489 sppp_lcp_type_name (h->type), h->ident, ntohs (h->len));
490 if (len > 4)
491 sppp_print_bytes ((u8*) (h+1), len-4);
492 printk (">\n");
493 }
494 if (len > ntohs (h->len))
495 len = ntohs (h->len);
496 switch (h->type) {
497 default:
498 /* Unknown packet type -- send Code-Reject packet. */
499 sppp_cp_send (sp, PPP_LCP, LCP_CODE_REJ, ++sp->pp_seq,
500 skb->len, h);
501 break;
502 case LCP_CONF_REQ:
503 if (len < 4) {
504 if (sp->pp_flags & PP_DEBUG)
505 printk (KERN_DEBUG"%s: invalid lcp configure request packet length: %d bytes\n",
506 dev->name, len);
507 break;
508 }
509 if (len>4 && !sppp_lcp_conf_parse_options (sp, h, len, &rmagic))
510 goto badreq;
511 if (rmagic == sp->lcp.magic) {
512 /* Local and remote magics equal -- loopback? */
513 if (sp->pp_loopcnt >= MAXALIVECNT*5) {
514 printk (KERN_WARNING "%s: loopback\n",
515 dev->name);
516 sp->pp_loopcnt = 0;
517 if (dev->flags & IFF_UP) {
518 if_down (dev);
519 }
520 } else if (sp->pp_flags & PP_DEBUG)
521 printk (KERN_DEBUG "%s: conf req: magic glitch\n",
522 dev->name);
523 ++sp->pp_loopcnt;
524
525 /* MUST send Conf-Nack packet. */
526 rmagic = ~sp->lcp.magic;
527 opt[0] = LCP_OPT_MAGIC;
528 opt[1] = sizeof (opt);
529 opt[2] = rmagic >> 24;
530 opt[3] = rmagic >> 16;
531 opt[4] = rmagic >> 8;
532 opt[5] = rmagic;
533 sppp_cp_send (sp, PPP_LCP, LCP_CONF_NAK,
534 h->ident, sizeof (opt), &opt);
535badreq:
536 switch (sp->lcp.state) {
537 case LCP_STATE_OPENED:
538 /* Initiate renegotiation. */
539 sppp_lcp_open (sp);
540 /* fall through... */
541 case LCP_STATE_ACK_SENT:
542 /* Go to closed state. */
543 sp->lcp.state = LCP_STATE_CLOSED;
544 sp->ipcp.state = IPCP_STATE_CLOSED;
545 }
546 break;
547 }
548 /* Send Configure-Ack packet. */
549 sp->pp_loopcnt = 0;
550 if (sp->lcp.state != LCP_STATE_OPENED) {
551 sppp_cp_send (sp, PPP_LCP, LCP_CONF_ACK,
552 h->ident, len-4, h+1);
553 }
554 /* Change the state. */
555 switch (sp->lcp.state) {
556 case LCP_STATE_CLOSED:
557 sp->lcp.state = LCP_STATE_ACK_SENT;
558 break;
559 case LCP_STATE_ACK_RCVD:
560 sp->lcp.state = LCP_STATE_OPENED;
561 sppp_ipcp_open (sp);
562 break;
563 case LCP_STATE_OPENED:
564 /* Remote magic changed -- close session. */
565 sp->lcp.state = LCP_STATE_CLOSED;
566 sp->ipcp.state = IPCP_STATE_CLOSED;
567 /* Initiate renegotiation. */
568 sppp_lcp_open (sp);
569 /* Send ACK after our REQ in attempt to break loop */
570 sppp_cp_send (sp, PPP_LCP, LCP_CONF_ACK,
571 h->ident, len-4, h+1);
572 sp->lcp.state = LCP_STATE_ACK_SENT;
573 break;
574 }
575 break;
576 case LCP_CONF_ACK:
577 if (h->ident != sp->lcp.confid)
578 break;
579 sppp_clear_timeout (sp);
580 if ((sp->pp_link_state != SPPP_LINK_UP) &&
581 (dev->flags & IFF_UP)) {
582 /* Coming out of loopback mode. */
583 sp->pp_link_state=SPPP_LINK_UP;
584 printk (KERN_INFO "%s: protocol up\n", dev->name);
585 }
586 switch (sp->lcp.state) {
587 case LCP_STATE_CLOSED:
588 sp->lcp.state = LCP_STATE_ACK_RCVD;
589 sppp_set_timeout (sp, 5);
590 break;
591 case LCP_STATE_ACK_SENT:
592 sp->lcp.state = LCP_STATE_OPENED;
593 sppp_ipcp_open (sp);
594 break;
595 }
596 break;
597 case LCP_CONF_NAK:
598 if (h->ident != sp->lcp.confid)
599 break;
600 p = (u8*) (h+1);
601 if (len>=10 && p[0] == LCP_OPT_MAGIC && p[1] >= 4) {
602 rmagic = (u32)p[2] << 24 |
603 (u32)p[3] << 16 | p[4] << 8 | p[5];
604 if (rmagic == ~sp->lcp.magic) {
605 int newmagic;
606 if (sp->pp_flags & PP_DEBUG)
607 printk (KERN_DEBUG "%s: conf nak: magic glitch\n",
608 dev->name);
609 get_random_bytes(&newmagic, sizeof(newmagic));
610 sp->lcp.magic += newmagic;
611 } else
612 sp->lcp.magic = rmagic;
613 }
614 if (sp->lcp.state != LCP_STATE_ACK_SENT) {
615 /* Go to closed state. */
616 sp->lcp.state = LCP_STATE_CLOSED;
617 sp->ipcp.state = IPCP_STATE_CLOSED;
618 }
619 /* The link will be renegotiated after timeout,
620 * to avoid endless req-nack loop. */
621 sppp_clear_timeout (sp);
622 sppp_set_timeout (sp, 2);
623 break;
624 case LCP_CONF_REJ:
625 if (h->ident != sp->lcp.confid)
626 break;
627 sppp_clear_timeout (sp);
628 /* Initiate renegotiation. */
629 sppp_lcp_open (sp);
630 if (sp->lcp.state != LCP_STATE_ACK_SENT) {
631 /* Go to closed state. */
632 sp->lcp.state = LCP_STATE_CLOSED;
633 sp->ipcp.state = IPCP_STATE_CLOSED;
634 }
635 break;
636 case LCP_TERM_REQ:
637 sppp_clear_timeout (sp);
638 /* Send Terminate-Ack packet. */
639 sppp_cp_send (sp, PPP_LCP, LCP_TERM_ACK, h->ident, 0, NULL);
640 /* Go to closed state. */
641 sp->lcp.state = LCP_STATE_CLOSED;
642 sp->ipcp.state = IPCP_STATE_CLOSED;
643 /* Initiate renegotiation. */
644 sppp_lcp_open (sp);
645 break;
646 case LCP_TERM_ACK:
647 case LCP_CODE_REJ:
648 case LCP_PROTO_REJ:
649 /* Ignore for now. */
650 break;
651 case LCP_DISC_REQ:
652 /* Discard the packet. */
653 break;
654 case LCP_ECHO_REQ:
655 if (sp->lcp.state != LCP_STATE_OPENED)
656 break;
657 if (len < 8) {
658 if (sp->pp_flags & PP_DEBUG)
659 printk (KERN_WARNING "%s: invalid lcp echo request packet length: %d bytes\n",
660 dev->name, len);
661 break;
662 }
Al Viro6f229d72007-12-12 18:50:18 -0800663 if (ntohl (*(__be32*)(h+1)) == sp->lcp.magic) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700664 /* Line loopback mode detected. */
665 printk (KERN_WARNING "%s: loopback\n", dev->name);
666 if_down (dev);
667
668 /* Shut down the PPP link. */
669 sp->lcp.state = LCP_STATE_CLOSED;
670 sp->ipcp.state = IPCP_STATE_CLOSED;
671 sppp_clear_timeout (sp);
672 /* Initiate negotiation. */
673 sppp_lcp_open (sp);
674 break;
675 }
Al Viro6f229d72007-12-12 18:50:18 -0800676 *(__be32 *)(h+1) = htonl (sp->lcp.magic);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700677 sppp_cp_send (sp, PPP_LCP, LCP_ECHO_REPLY, h->ident, len-4, h+1);
678 break;
679 case LCP_ECHO_REPLY:
680 if (h->ident != sp->lcp.echoid)
681 break;
682 if (len < 8) {
683 if (sp->pp_flags & PP_DEBUG)
684 printk (KERN_WARNING "%s: invalid lcp echo reply packet length: %d bytes\n",
685 dev->name, len);
686 break;
687 }
Al Viro6f229d72007-12-12 18:50:18 -0800688 if (ntohl(*(__be32 *)(h+1)) != sp->lcp.magic)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700689 sp->pp_alivecnt = 0;
690 break;
691 }
692}
693
694/*
695 * Handle incoming Cisco keepalive protocol packets.
696 */
697
698static void sppp_cisco_input (struct sppp *sp, struct sk_buff *skb)
699{
700 struct cisco_packet *h;
701 struct net_device *dev = sp->pp_if;
702
703 if (!pskb_may_pull(skb, sizeof(struct cisco_packet))
704 || (skb->len != CISCO_PACKET_LEN
705 && skb->len != CISCO_BIG_PACKET_LEN)) {
706 if (sp->pp_flags & PP_DEBUG)
707 printk (KERN_WARNING "%s: invalid cisco packet length: %d bytes\n",
708 dev->name, skb->len);
709 return;
710 }
711 h = (struct cisco_packet *)skb->data;
712 skb_pull(skb, sizeof(struct cisco_packet*));
713 if (sp->pp_flags & PP_DEBUG)
714 printk (KERN_WARNING "%s: cisco input: %d bytes <%xh %xh %xh %xh %xh-%xh>\n",
715 dev->name, skb->len,
716 ntohl (h->type), h->par1, h->par2, h->rel,
717 h->time0, h->time1);
718 switch (ntohl (h->type)) {
719 default:
720 if (sp->pp_flags & PP_DEBUG)
721 printk (KERN_WARNING "%s: unknown cisco packet type: 0x%x\n",
722 dev->name, ntohl (h->type));
723 break;
724 case CISCO_ADDR_REPLY:
725 /* Reply on address request, ignore */
726 break;
727 case CISCO_KEEPALIVE_REQ:
728 sp->pp_alivecnt = 0;
729 sp->pp_rseq = ntohl (h->par1);
730 if (sp->pp_seq == sp->pp_rseq) {
731 /* Local and remote sequence numbers are equal.
732 * Probably, the line is in loopback mode. */
733 int newseq;
734 if (sp->pp_loopcnt >= MAXALIVECNT) {
735 printk (KERN_WARNING "%s: loopback\n",
736 dev->name);
737 sp->pp_loopcnt = 0;
738 if (dev->flags & IFF_UP) {
739 if_down (dev);
740 }
741 }
742 ++sp->pp_loopcnt;
743
744 /* Generate new local sequence number */
745 get_random_bytes(&newseq, sizeof(newseq));
746 sp->pp_seq ^= newseq;
747 break;
748 }
749 sp->pp_loopcnt = 0;
750 if (sp->pp_link_state==SPPP_LINK_DOWN &&
751 (dev->flags & IFF_UP)) {
752 sp->pp_link_state=SPPP_LINK_UP;
753 printk (KERN_INFO "%s: protocol up\n", dev->name);
754 }
755 break;
756 case CISCO_ADDR_REQ:
757 /* Stolen from net/ipv4/devinet.c -- SIOCGIFADDR ioctl */
758 {
Al Viro6f229d72007-12-12 18:50:18 -0800759 __be32 addr = 0, mask = htonl(~0U); /* FIXME: is the mask correct? */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700760#ifdef CONFIG_INET
Jeff Garzik404b12c2008-10-27 15:06:51 -0400761 struct in_device *in_dev;
762 struct in_ifaddr *ifa;
763
Linus Torvalds1da177e2005-04-16 15:20:36 -0700764 rcu_read_lock();
Herbert Xue5ed6392005-10-03 14:35:55 -0700765 if ((in_dev = __in_dev_get_rcu(dev)) != NULL)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700766 {
767 for (ifa=in_dev->ifa_list; ifa != NULL;
768 ifa=ifa->ifa_next) {
769 if (strcmp(dev->name, ifa->ifa_label) == 0)
770 {
771 addr = ifa->ifa_local;
772 mask = ifa->ifa_mask;
773 break;
774 }
775 }
776 }
777 rcu_read_unlock();
778#endif
Al Viro6f229d72007-12-12 18:50:18 -0800779 sppp_cisco_send (sp, CISCO_ADDR_REPLY, ntohl(addr), ntohl(mask));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700780 break;
781 }
782 }
783}
784
785
786/*
787 * Send PPP LCP packet.
788 */
789
790static void sppp_cp_send (struct sppp *sp, u16 proto, u8 type,
791 u8 ident, u16 len, void *data)
792{
793 struct ppp_header *h;
794 struct lcp_header *lh;
795 struct sk_buff *skb;
796 struct net_device *dev = sp->pp_if;
797
798 skb=alloc_skb(dev->hard_header_len+PPP_HEADER_LEN+LCP_HEADER_LEN+len,
799 GFP_ATOMIC);
800 if (skb==NULL)
801 return;
802
803 skb_reserve(skb,dev->hard_header_len);
804
805 h = (struct ppp_header *)skb_put(skb, sizeof(struct ppp_header));
806 h->address = PPP_ALLSTATIONS; /* broadcast address */
807 h->control = PPP_UI; /* Unnumbered Info */
808 h->protocol = htons (proto); /* Link Control Protocol */
809
810 lh = (struct lcp_header *)skb_put(skb, sizeof(struct lcp_header));
811 lh->type = type;
812 lh->ident = ident;
813 lh->len = htons (LCP_HEADER_LEN + len);
814
815 if (len)
816 memcpy(skb_put(skb,len),data, len);
817
818 if (sp->pp_flags & PP_DEBUG) {
819 printk (KERN_WARNING "%s: %s output <%s id=%xh len=%xh",
820 dev->name,
821 proto==PPP_LCP ? "lcp" : "ipcp",
822 proto==PPP_LCP ? sppp_lcp_type_name (lh->type) :
823 sppp_ipcp_type_name (lh->type), lh->ident,
824 ntohs (lh->len));
825 if (len)
826 sppp_print_bytes ((u8*) (lh+1), len);
827 printk (">\n");
828 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700829 /* Control is high priority so it doesn't get queued behind data */
830 skb->priority=TC_PRIO_CONTROL;
831 skb->dev = dev;
832 skb_queue_tail(&tx_queue, skb);
833}
834
835/*
836 * Send Cisco keepalive packet.
837 */
838
Al Viro6f229d72007-12-12 18:50:18 -0800839static void sppp_cisco_send (struct sppp *sp, int type, u32 par1, u32 par2)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700840{
841 struct ppp_header *h;
842 struct cisco_packet *ch;
843 struct sk_buff *skb;
844 struct net_device *dev = sp->pp_if;
845 u32 t = jiffies * 1000/HZ;
846
847 skb=alloc_skb(dev->hard_header_len+PPP_HEADER_LEN+CISCO_PACKET_LEN,
848 GFP_ATOMIC);
849
850 if(skb==NULL)
851 return;
852
853 skb_reserve(skb, dev->hard_header_len);
854 h = (struct ppp_header *)skb_put (skb, sizeof(struct ppp_header));
855 h->address = CISCO_MULTICAST;
856 h->control = 0;
857 h->protocol = htons (CISCO_KEEPALIVE);
858
859 ch = (struct cisco_packet*)skb_put(skb, CISCO_PACKET_LEN);
860 ch->type = htonl (type);
861 ch->par1 = htonl (par1);
862 ch->par2 = htonl (par2);
Al Viro6f229d72007-12-12 18:50:18 -0800863 ch->rel = htons(0xffff);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700864 ch->time0 = htons ((u16) (t >> 16));
865 ch->time1 = htons ((u16) t);
866
867 if (sp->pp_flags & PP_DEBUG)
868 printk (KERN_WARNING "%s: cisco output: <%xh %xh %xh %xh %xh-%xh>\n",
869 dev->name, ntohl (ch->type), ch->par1,
870 ch->par2, ch->rel, ch->time0, ch->time1);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700871 skb->priority=TC_PRIO_CONTROL;
872 skb->dev = dev;
873 skb_queue_tail(&tx_queue, skb);
874}
875
876/**
877 * sppp_close - close down a synchronous PPP or Cisco HDLC link
878 * @dev: The network device to drop the link of
879 *
880 * This drops the logical interface to the channel. It is not
881 * done politely as we assume we will also be dropping DTR. Any
882 * timeouts are killed.
883 */
884
885int sppp_close (struct net_device *dev)
886{
887 struct sppp *sp = (struct sppp *)sppp_of(dev);
888 unsigned long flags;
889
890 spin_lock_irqsave(&sp->lock, flags);
891 sp->pp_link_state = SPPP_LINK_DOWN;
892 sp->lcp.state = LCP_STATE_CLOSED;
893 sp->ipcp.state = IPCP_STATE_CLOSED;
894 sppp_clear_timeout (sp);
895 spin_unlock_irqrestore(&sp->lock, flags);
896
897 return 0;
898}
899
900EXPORT_SYMBOL(sppp_close);
901
902/**
903 * sppp_open - open a synchronous PPP or Cisco HDLC link
904 * @dev: Network device to activate
905 *
906 * Close down any existing synchronous session and commence
907 * from scratch. In the PPP case this means negotiating LCP/IPCP
908 * and friends, while for Cisco HDLC we simply need to start sending
909 * keepalives
910 */
911
912int sppp_open (struct net_device *dev)
913{
914 struct sppp *sp = (struct sppp *)sppp_of(dev);
915 unsigned long flags;
916
917 sppp_close(dev);
918
919 spin_lock_irqsave(&sp->lock, flags);
920 if (!(sp->pp_flags & PP_CISCO)) {
921 sppp_lcp_open (sp);
922 }
923 sp->pp_link_state = SPPP_LINK_DOWN;
924 spin_unlock_irqrestore(&sp->lock, flags);
925 sppp_flush_xmit();
926
927 return 0;
928}
929
930EXPORT_SYMBOL(sppp_open);
931
932/**
933 * sppp_reopen - notify of physical link loss
934 * @dev: Device that lost the link
935 *
936 * This function informs the synchronous protocol code that
937 * the underlying link died (for example a carrier drop on X.21)
938 *
939 * We increment the magic numbers to ensure that if the other end
940 * failed to notice we will correctly start a new session. It happens
941 * do to the nature of telco circuits is that you can lose carrier on
942 * one endonly.
943 *
944 * Having done this we go back to negotiating. This function may
945 * be called from an interrupt context.
946 */
947
948int sppp_reopen (struct net_device *dev)
949{
950 struct sppp *sp = (struct sppp *)sppp_of(dev);
951 unsigned long flags;
952
953 sppp_close(dev);
954
955 spin_lock_irqsave(&sp->lock, flags);
956 if (!(sp->pp_flags & PP_CISCO))
957 {
958 sp->lcp.magic = jiffies;
959 ++sp->pp_seq;
960 sp->lcp.state = LCP_STATE_CLOSED;
961 sp->ipcp.state = IPCP_STATE_CLOSED;
962 /* Give it a moment for the line to settle then go */
963 sppp_set_timeout (sp, 1);
964 }
965 sp->pp_link_state=SPPP_LINK_DOWN;
966 spin_unlock_irqrestore(&sp->lock, flags);
967
968 return 0;
969}
970
971EXPORT_SYMBOL(sppp_reopen);
972
973/**
974 * sppp_change_mtu - Change the link MTU
975 * @dev: Device to change MTU on
976 * @new_mtu: New MTU
977 *
978 * Change the MTU on the link. This can only be called with
979 * the link down. It returns an error if the link is up or
980 * the mtu is out of range.
981 */
982
Adrian Bunk7665a082005-09-09 23:17:28 -0700983static int sppp_change_mtu(struct net_device *dev, int new_mtu)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700984{
985 if(new_mtu<128||new_mtu>PPP_MTU||(dev->flags&IFF_UP))
986 return -EINVAL;
987 dev->mtu=new_mtu;
988 return 0;
989}
990
Linus Torvalds1da177e2005-04-16 15:20:36 -0700991/**
992 * sppp_do_ioctl - Ioctl handler for ppp/hdlc
993 * @dev: Device subject to ioctl
994 * @ifr: Interface request block from the user
995 * @cmd: Command that is being issued
996 *
997 * This function handles the ioctls that may be issued by the user
998 * to control the settings of a PPP/HDLC link. It does both busy
999 * and security checks. This function is intended to be wrapped by
1000 * callers who wish to add additional ioctl calls of their own.
1001 */
1002
1003int sppp_do_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
1004{
1005 struct sppp *sp = (struct sppp *)sppp_of(dev);
1006
1007 if(dev->flags&IFF_UP)
1008 return -EBUSY;
1009
1010 if(!capable(CAP_NET_ADMIN))
1011 return -EPERM;
1012
1013 switch(cmd)
1014 {
1015 case SPPPIOCCISCO:
1016 sp->pp_flags|=PP_CISCO;
1017 dev->type = ARPHRD_HDLC;
1018 break;
1019 case SPPPIOCPPP:
1020 sp->pp_flags&=~PP_CISCO;
1021 dev->type = ARPHRD_PPP;
1022 break;
1023 case SPPPIOCDEBUG:
1024 sp->pp_flags&=~PP_DEBUG;
1025 if(ifr->ifr_flags)
1026 sp->pp_flags|=PP_DEBUG;
1027 break;
1028 case SPPPIOCGFLAGS:
1029 if(copy_to_user(ifr->ifr_data, &sp->pp_flags, sizeof(sp->pp_flags)))
1030 return -EFAULT;
1031 break;
1032 case SPPPIOCSFLAGS:
1033 if(copy_from_user(&sp->pp_flags, ifr->ifr_data, sizeof(sp->pp_flags)))
1034 return -EFAULT;
1035 break;
1036 default:
1037 return -EINVAL;
1038 }
1039 return 0;
1040}
1041
1042EXPORT_SYMBOL(sppp_do_ioctl);
1043
1044/**
1045 * sppp_attach - attach synchronous PPP/HDLC to a device
1046 * @pd: PPP device to initialise
1047 *
1048 * This initialises the PPP/HDLC support on an interface. At the
1049 * time of calling the dev element must point to the network device
1050 * that this interface is attached to. The interface should not yet
1051 * be registered.
1052 */
1053
1054void sppp_attach(struct ppp_device *pd)
1055{
1056 struct net_device *dev = pd->dev;
1057 struct sppp *sp = &pd->sppp;
1058 unsigned long flags;
1059
1060 /* Make sure embedding is safe for sppp_of */
1061 BUG_ON(sppp_of(dev) != sp);
1062
1063 spin_lock_irqsave(&spppq_lock, flags);
1064 /* Initialize keepalive handler. */
1065 if (! spppq)
1066 {
1067 init_timer(&sppp_keepalive_timer);
1068 sppp_keepalive_timer.expires=jiffies+10*HZ;
1069 sppp_keepalive_timer.function=sppp_keepalive;
1070 add_timer(&sppp_keepalive_timer);
1071 }
1072 /* Insert new entry into the keepalive list. */
1073 sp->pp_next = spppq;
1074 spppq = sp;
1075 spin_unlock_irqrestore(&spppq_lock, flags);
1076
1077 sp->pp_loopcnt = 0;
1078 sp->pp_alivecnt = 0;
1079 sp->pp_seq = 0;
1080 sp->pp_rseq = 0;
1081 sp->pp_flags = PP_KEEPALIVE|PP_CISCO|debug;/*PP_DEBUG;*/
1082 sp->lcp.magic = 0;
1083 sp->lcp.state = LCP_STATE_CLOSED;
1084 sp->ipcp.state = IPCP_STATE_CLOSED;
1085 sp->pp_if = dev;
1086 spin_lock_init(&sp->lock);
1087
1088 /*
1089 * Device specific setup. All but interrupt handler and
1090 * hard_start_xmit.
1091 */
1092
Stephen Hemminger3b04ddd2007-10-09 01:40:57 -07001093 dev->header_ops = &sppp_header_ops;
1094
Linus Torvalds1da177e2005-04-16 15:20:36 -07001095 dev->tx_queue_len = 10;
1096 dev->type = ARPHRD_HDLC;
1097 dev->addr_len = 0;
1098 dev->hard_header_len = sizeof(struct ppp_header);
1099 dev->mtu = PPP_MTU;
1100 /*
1101 * These 4 are callers but MUST also call sppp_ functions
1102 */
1103 dev->do_ioctl = sppp_do_ioctl;
1104#if 0
1105 dev->get_stats = NULL; /* Let the driver override these */
1106 dev->open = sppp_open;
1107 dev->stop = sppp_close;
1108#endif
1109 dev->change_mtu = sppp_change_mtu;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001110 dev->flags = IFF_MULTICAST|IFF_POINTOPOINT|IFF_NOARP;
1111}
1112
1113EXPORT_SYMBOL(sppp_attach);
1114
1115/**
1116 * sppp_detach - release PPP resources from a device
1117 * @dev: Network device to release
1118 *
1119 * Stop and free up any PPP/HDLC resources used by this
1120 * interface. This must be called before the device is
1121 * freed.
1122 */
1123
1124void sppp_detach (struct net_device *dev)
1125{
1126 struct sppp **q, *p, *sp = (struct sppp *)sppp_of(dev);
1127 unsigned long flags;
1128
1129 spin_lock_irqsave(&spppq_lock, flags);
1130 /* Remove the entry from the keepalive list. */
1131 for (q = &spppq; (p = *q); q = &p->pp_next)
1132 if (p == sp) {
1133 *q = p->pp_next;
1134 break;
1135 }
1136
1137 /* Stop keepalive handler. */
1138 if (! spppq)
1139 del_timer(&sppp_keepalive_timer);
1140 sppp_clear_timeout (sp);
1141 spin_unlock_irqrestore(&spppq_lock, flags);
1142}
1143
1144EXPORT_SYMBOL(sppp_detach);
1145
1146/*
1147 * Analyze the LCP Configure-Request options list
1148 * for the presence of unknown options.
1149 * If the request contains unknown options, build and
1150 * send Configure-reject packet, containing only unknown options.
1151 */
1152static int
1153sppp_lcp_conf_parse_options (struct sppp *sp, struct lcp_header *h,
1154 int len, u32 *magic)
1155{
1156 u8 *buf, *r, *p;
1157 int rlen;
1158
1159 len -= 4;
1160 buf = r = kmalloc (len, GFP_ATOMIC);
1161 if (! buf)
1162 return (0);
1163
1164 p = (void*) (h+1);
1165 for (rlen=0; len>1 && p[1]; len-=p[1], p+=p[1]) {
1166 switch (*p) {
1167 case LCP_OPT_MAGIC:
1168 /* Magic number -- extract. */
1169 if (len >= 6 && p[1] == 6) {
1170 *magic = (u32)p[2] << 24 |
1171 (u32)p[3] << 16 | p[4] << 8 | p[5];
1172 continue;
1173 }
1174 break;
1175 case LCP_OPT_ASYNC_MAP:
1176 /* Async control character map -- check to be zero. */
1177 if (len >= 6 && p[1] == 6 && ! p[2] && ! p[3] &&
1178 ! p[4] && ! p[5])
1179 continue;
1180 break;
1181 case LCP_OPT_MRU:
1182 /* Maximum receive unit -- always OK. */
1183 continue;
1184 default:
1185 /* Others not supported. */
1186 break;
1187 }
1188 /* Add the option to rejected list. */
1189 memcpy(r, p, p[1]);
1190 r += p[1];
1191 rlen += p[1];
1192 }
1193 if (rlen)
1194 sppp_cp_send (sp, PPP_LCP, LCP_CONF_REJ, h->ident, rlen, buf);
1195 kfree(buf);
1196 return (rlen == 0);
1197}
1198
1199static void sppp_ipcp_input (struct sppp *sp, struct sk_buff *skb)
1200{
1201 struct lcp_header *h;
1202 struct net_device *dev = sp->pp_if;
1203 int len = skb->len;
1204
1205 if (!pskb_may_pull(skb, sizeof(struct lcp_header))) {
1206 if (sp->pp_flags & PP_DEBUG)
1207 printk (KERN_WARNING "%s: invalid ipcp packet length: %d bytes\n",
1208 dev->name, len);
1209 return;
1210 }
1211 h = (struct lcp_header *)skb->data;
1212 skb_pull(skb,sizeof(struct lcp_header));
1213 if (sp->pp_flags & PP_DEBUG) {
1214 printk (KERN_WARNING "%s: ipcp input: %d bytes <%s id=%xh len=%xh",
1215 dev->name, len,
1216 sppp_ipcp_type_name (h->type), h->ident, ntohs (h->len));
1217 if (len > 4)
1218 sppp_print_bytes ((u8*) (h+1), len-4);
1219 printk (">\n");
1220 }
1221 if (len > ntohs (h->len))
1222 len = ntohs (h->len);
1223 switch (h->type) {
1224 default:
1225 /* Unknown packet type -- send Code-Reject packet. */
1226 sppp_cp_send (sp, PPP_IPCP, IPCP_CODE_REJ, ++sp->pp_seq, len, h);
1227 break;
1228 case IPCP_CONF_REQ:
1229 if (len < 4) {
1230 if (sp->pp_flags & PP_DEBUG)
1231 printk (KERN_WARNING "%s: invalid ipcp configure request packet length: %d bytes\n",
1232 dev->name, len);
1233 return;
1234 }
1235 if (len > 4) {
1236 sppp_cp_send (sp, PPP_IPCP, LCP_CONF_REJ, h->ident,
1237 len-4, h+1);
1238
1239 switch (sp->ipcp.state) {
1240 case IPCP_STATE_OPENED:
1241 /* Initiate renegotiation. */
1242 sppp_ipcp_open (sp);
1243 /* fall through... */
1244 case IPCP_STATE_ACK_SENT:
1245 /* Go to closed state. */
1246 sp->ipcp.state = IPCP_STATE_CLOSED;
1247 }
1248 } else {
1249 /* Send Configure-Ack packet. */
1250 sppp_cp_send (sp, PPP_IPCP, IPCP_CONF_ACK, h->ident,
1251 0, NULL);
1252 /* Change the state. */
1253 if (sp->ipcp.state == IPCP_STATE_ACK_RCVD)
1254 sp->ipcp.state = IPCP_STATE_OPENED;
1255 else
1256 sp->ipcp.state = IPCP_STATE_ACK_SENT;
1257 }
1258 break;
1259 case IPCP_CONF_ACK:
1260 if (h->ident != sp->ipcp.confid)
1261 break;
1262 sppp_clear_timeout (sp);
1263 switch (sp->ipcp.state) {
1264 case IPCP_STATE_CLOSED:
1265 sp->ipcp.state = IPCP_STATE_ACK_RCVD;
1266 sppp_set_timeout (sp, 5);
1267 break;
1268 case IPCP_STATE_ACK_SENT:
1269 sp->ipcp.state = IPCP_STATE_OPENED;
1270 break;
1271 }
1272 break;
1273 case IPCP_CONF_NAK:
1274 case IPCP_CONF_REJ:
1275 if (h->ident != sp->ipcp.confid)
1276 break;
1277 sppp_clear_timeout (sp);
1278 /* Initiate renegotiation. */
1279 sppp_ipcp_open (sp);
1280 if (sp->ipcp.state != IPCP_STATE_ACK_SENT)
1281 /* Go to closed state. */
1282 sp->ipcp.state = IPCP_STATE_CLOSED;
1283 break;
1284 case IPCP_TERM_REQ:
1285 /* Send Terminate-Ack packet. */
1286 sppp_cp_send (sp, PPP_IPCP, IPCP_TERM_ACK, h->ident, 0, NULL);
1287 /* Go to closed state. */
1288 sp->ipcp.state = IPCP_STATE_CLOSED;
1289 /* Initiate renegotiation. */
1290 sppp_ipcp_open (sp);
1291 break;
1292 case IPCP_TERM_ACK:
1293 /* Ignore for now. */
1294 case IPCP_CODE_REJ:
1295 /* Ignore for now. */
1296 break;
1297 }
1298}
1299
1300static void sppp_lcp_open (struct sppp *sp)
1301{
1302 char opt[6];
1303
1304 if (! sp->lcp.magic)
1305 sp->lcp.magic = jiffies;
1306 opt[0] = LCP_OPT_MAGIC;
1307 opt[1] = sizeof (opt);
1308 opt[2] = sp->lcp.magic >> 24;
1309 opt[3] = sp->lcp.magic >> 16;
1310 opt[4] = sp->lcp.magic >> 8;
1311 opt[5] = sp->lcp.magic;
1312 sp->lcp.confid = ++sp->pp_seq;
1313 sppp_cp_send (sp, PPP_LCP, LCP_CONF_REQ, sp->lcp.confid,
1314 sizeof (opt), &opt);
1315 sppp_set_timeout (sp, 2);
1316}
1317
1318static void sppp_ipcp_open (struct sppp *sp)
1319{
1320 sp->ipcp.confid = ++sp->pp_seq;
1321 sppp_cp_send (sp, PPP_IPCP, IPCP_CONF_REQ, sp->ipcp.confid, 0, NULL);
1322 sppp_set_timeout (sp, 2);
1323}
1324
1325/*
1326 * Process PPP control protocol timeouts.
1327 */
1328
1329static void sppp_cp_timeout (unsigned long arg)
1330{
1331 struct sppp *sp = (struct sppp*) arg;
1332 unsigned long flags;
1333
1334 spin_lock_irqsave(&sp->lock, flags);
1335
1336 sp->pp_flags &= ~PP_TIMO;
1337 if (! (sp->pp_if->flags & IFF_UP) || (sp->pp_flags & PP_CISCO)) {
1338 spin_unlock_irqrestore(&sp->lock, flags);
1339 return;
1340 }
1341 switch (sp->lcp.state) {
1342 case LCP_STATE_CLOSED:
1343 /* No ACK for Configure-Request, retry. */
1344 sppp_lcp_open (sp);
1345 break;
1346 case LCP_STATE_ACK_RCVD:
1347 /* ACK got, but no Configure-Request for peer, retry. */
1348 sppp_lcp_open (sp);
1349 sp->lcp.state = LCP_STATE_CLOSED;
1350 break;
1351 case LCP_STATE_ACK_SENT:
1352 /* ACK sent but no ACK for Configure-Request, retry. */
1353 sppp_lcp_open (sp);
1354 break;
1355 case LCP_STATE_OPENED:
1356 /* LCP is already OK, try IPCP. */
1357 switch (sp->ipcp.state) {
1358 case IPCP_STATE_CLOSED:
1359 /* No ACK for Configure-Request, retry. */
1360 sppp_ipcp_open (sp);
1361 break;
1362 case IPCP_STATE_ACK_RCVD:
1363 /* ACK got, but no Configure-Request for peer, retry. */
1364 sppp_ipcp_open (sp);
1365 sp->ipcp.state = IPCP_STATE_CLOSED;
1366 break;
1367 case IPCP_STATE_ACK_SENT:
1368 /* ACK sent but no ACK for Configure-Request, retry. */
1369 sppp_ipcp_open (sp);
1370 break;
1371 case IPCP_STATE_OPENED:
1372 /* IPCP is OK. */
1373 break;
1374 }
1375 break;
1376 }
1377 spin_unlock_irqrestore(&sp->lock, flags);
1378 sppp_flush_xmit();
1379}
1380
1381static char *sppp_lcp_type_name (u8 type)
1382{
1383 static char buf [8];
1384 switch (type) {
1385 case LCP_CONF_REQ: return ("conf-req");
1386 case LCP_CONF_ACK: return ("conf-ack");
1387 case LCP_CONF_NAK: return ("conf-nack");
1388 case LCP_CONF_REJ: return ("conf-rej");
1389 case LCP_TERM_REQ: return ("term-req");
1390 case LCP_TERM_ACK: return ("term-ack");
1391 case LCP_CODE_REJ: return ("code-rej");
1392 case LCP_PROTO_REJ: return ("proto-rej");
1393 case LCP_ECHO_REQ: return ("echo-req");
1394 case LCP_ECHO_REPLY: return ("echo-reply");
1395 case LCP_DISC_REQ: return ("discard-req");
1396 }
1397 sprintf (buf, "%xh", type);
1398 return (buf);
1399}
1400
1401static char *sppp_ipcp_type_name (u8 type)
1402{
1403 static char buf [8];
1404 switch (type) {
1405 case IPCP_CONF_REQ: return ("conf-req");
1406 case IPCP_CONF_ACK: return ("conf-ack");
1407 case IPCP_CONF_NAK: return ("conf-nack");
1408 case IPCP_CONF_REJ: return ("conf-rej");
1409 case IPCP_TERM_REQ: return ("term-req");
1410 case IPCP_TERM_ACK: return ("term-ack");
1411 case IPCP_CODE_REJ: return ("code-rej");
1412 }
1413 sprintf (buf, "%xh", type);
1414 return (buf);
1415}
1416
1417static void sppp_print_bytes (u_char *p, u16 len)
1418{
1419 printk (" %x", *p++);
1420 while (--len > 0)
1421 printk ("-%x", *p++);
1422}
1423
1424/**
1425 * sppp_rcv - receive and process a WAN PPP frame
1426 * @skb: The buffer to process
1427 * @dev: The device it arrived on
1428 * @p: Unused
Jeff Garzik344baba2005-09-07 01:15:17 -04001429 * @orig_dev: Unused
Linus Torvalds1da177e2005-04-16 15:20:36 -07001430 *
1431 * Protocol glue. This drives the deferred processing mode the poorer
1432 * cards use. This can be called directly by cards that do not have
1433 * timing constraints but is normally called from the network layer
1434 * after interrupt servicing to process frames queued via netif_rx.
1435 */
1436
David S. Millerf2ccd8f2005-08-09 19:34:12 -07001437static int sppp_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *p, struct net_device *orig_dev)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001438{
YOSHIFUJI Hideakic346dca2008-03-25 21:47:49 +09001439 if (dev_net(dev) != &init_net) {
Eric W. Biedermane730c152007-09-17 11:53:39 -07001440 kfree_skb(skb);
1441 return 0;
1442 }
1443
Linus Torvalds1da177e2005-04-16 15:20:36 -07001444 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)
1445 return NET_RX_DROP;
1446 sppp_input(dev,skb);
1447 return 0;
1448}
1449
Adrian Bunk7665a082005-09-09 23:17:28 -07001450static struct packet_type sppp_packet_type = {
Linus Torvalds1da177e2005-04-16 15:20:36 -07001451 .type = __constant_htons(ETH_P_WAN_PPP),
1452 .func = sppp_rcv,
1453};
1454
1455static char banner[] __initdata =
1456 KERN_INFO "Cronyx Ltd, Synchronous PPP and CISCO HDLC (c) 1994\n"
1457 KERN_INFO "Linux port (c) 1998 Building Number Three Ltd & "
1458 "Jan \"Yenya\" Kasprzak.\n";
1459
1460static int __init sync_ppp_init(void)
1461{
1462 if(debug)
1463 debug=PP_DEBUG;
1464 printk(banner);
1465 skb_queue_head_init(&tx_queue);
1466 dev_add_pack(&sppp_packet_type);
1467 return 0;
1468}
1469
1470
1471static void __exit sync_ppp_cleanup(void)
1472{
1473 dev_remove_pack(&sppp_packet_type);
1474}
1475
1476module_init(sync_ppp_init);
1477module_exit(sync_ppp_cleanup);
1478module_param(debug, int, 0);
1479MODULE_LICENSE("GPL");
1480