search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 4.19.133
[linux/fpc-iii.git] / drivers / net / ppp / pppoe.c
blobb8342162f3a04f4d13668c0fc5ed84c759d91da2
1 /** -*- linux-c -*- ***********************************************************
2 * Linux PPP over Ethernet (PPPoX/PPPoE) Sockets
3 *
4 * PPPoX --- Generic PPP encapsulation socket family
5 * PPPoE --- PPP over Ethernet (RFC 2516)
6 *
7 *
8 * Version: 0.7.0
9 *
10 * 070228 : Fix to allow multiple sessions with same remote MAC and same
11 * session id by including the local device ifindex in the
12 * tuple identifying a session. This also ensures packets can't
13 * be injected into a session from interfaces other than the one
14 * specified by userspace. Florian Zumbiehl <florz@florz.de>
15 * (Oh, BTW, this one is YYMMDD, in case you were wondering ...)
16 * 220102 : Fix module use count on failure in pppoe_create, pppox_sk -acme
17 * 030700 : Fixed connect logic to allow for disconnect.
18 * 270700 : Fixed potential SMP problems; we must protect against
19 * simultaneous invocation of ppp_input
20 * and ppp_unregister_channel.
21 * 040800 : Respect reference count mechanisms on net-devices.
22 * 200800 : fix kfree(skb) in pppoe_rcv (acme)
23 * Module reference count is decremented in the right spot now,
24 * guards against sock_put not actually freeing the sk
25 * in pppoe_release.
26 * 051000 : Initialization cleanup.
27 * 111100 : Fix recvmsg.
28 * 050101 : Fix PADT procesing.
29 * 140501 : Use pppoe_rcv_core to handle all backlog. (Alexey)
30 * 170701 : Do not lock_sock with rwlock held. (DaveM)
31 * Ignore discovery frames if user has socket
32 * locked. (DaveM)
33 * Ignore return value of dev_queue_xmit in __pppoe_xmit
34 * or else we may kfree an SKB twice. (DaveM)
35 * 190701 : When doing copies of skb's in __pppoe_xmit, always delete
36 * the original skb that was passed in on success, never on
37 * failure. Delete the copy of the skb on failure to avoid
38 * a memory leak.
39 * 081001 : Misc. cleanup (licence string, non-blocking, prevent
40 * reference of device on close).
41 * 121301 : New ppp channels interface; cannot unregister a channel
42 * from interrupts. Thus, we mark the socket as a ZOMBIE
43 * and do the unregistration later.
44 * 081002 : seq_file support for proc stuff -acme
45 * 111602 : Merge all 2.4 fixes into 2.5/2.6 tree. Label 2.5/2.6
46 * as version 0.7. Spacing cleanup.
47 * Author: Michal Ostrowski <mostrows@speakeasy.net>
48 * Contributors:
49 * Arnaldo Carvalho de Melo <acme@conectiva.com.br>
50 * David S. Miller (davem@redhat.com)
51 *
52 * License:
53 * This program is free software; you can redistribute it and/or
54 * modify it under the terms of the GNU General Public License
55 * as published by the Free Software Foundation; either version
56 * 2 of the License, or (at your option) any later version.
57 *
58 */
59
60 #include <linux/string.h>
61 #include <linux/module.h>
62 #include <linux/kernel.h>
63 #include <linux/slab.h>
64 #include <linux/errno.h>
65 #include <linux/netdevice.h>
66 #include <linux/net.h>
67 #include <linux/inetdevice.h>
68 #include <linux/etherdevice.h>
69 #include <linux/skbuff.h>
70 #include <linux/init.h>
71 #include <linux/if_ether.h>
72 #include <linux/if_pppox.h>
73 #include <linux/ppp_channel.h>
74 #include <linux/ppp_defs.h>
75 #include <linux/ppp-ioctl.h>
76 #include <linux/notifier.h>
77 #include <linux/file.h>
78 #include <linux/proc_fs.h>
79 #include <linux/seq_file.h>
80
81 #include <linux/nsproxy.h>
82 #include <net/net_namespace.h>
83 #include <net/netns/generic.h>
84 #include <net/sock.h>
85
86 #include <linux/uaccess.h>
87
88 #define PPPOE_HASH_BITS 4
89 #define PPPOE_HASH_SIZE (1 << PPPOE_HASH_BITS)
90 #define PPPOE_HASH_MASK (PPPOE_HASH_SIZE - 1)
91
92 static int __pppoe_xmit(struct sock *sk, struct sk_buff *skb);
93
94 static const struct proto_ops pppoe_ops;
95 static const struct ppp_channel_ops pppoe_chan_ops;
96
97 /* per-net private data for this module */
98 static unsigned int pppoe_net_id __read_mostly;
99 struct pppoe_net {
100 /*
101 * we could use _single_ hash table for all
102 * nets by injecting net id into the hash but
103 * it would increase hash chains and add
104 * a few additional math comparations messy
105 * as well, moreover in case of SMP less locking
106 * controversy here
107 */
108 struct pppox_sock *hash_table[PPPOE_HASH_SIZE];
109 rwlock_t hash_lock;
110 };
111
112 /*
113 * PPPoE could be in the following stages:
114 * 1) Discovery stage (to obtain remote MAC and Session ID)
115 * 2) Session stage (MAC and SID are known)
116 *
117 * Ethernet frames have a special tag for this but
118 * we use simpler approach based on session id
119 */
120 static inline bool stage_session(__be16 sid)
121 {
122 return sid != 0;
123 }
124
125 static inline struct pppoe_net *pppoe_pernet(struct net *net)
126 {
127 BUG_ON(!net);
128
129 return net_generic(net, pppoe_net_id);
130 }
131
132 static inline int cmp_2_addr(struct pppoe_addr *a, struct pppoe_addr *b)
133 {
134 return a->sid == b->sid && ether_addr_equal(a->remote, b->remote);
135 }
136
137 static inline int cmp_addr(struct pppoe_addr *a, __be16 sid, char *addr)
138 {
139 return a->sid == sid && ether_addr_equal(a->remote, addr);
140 }
141
142 #if 8 % PPPOE_HASH_BITS
143 #error 8 must be a multiple of PPPOE_HASH_BITS
144 #endif
145
146 static int hash_item(__be16 sid, unsigned char *addr)
147 {
148 unsigned char hash = 0;
149 unsigned int i;
150
151 for (i = 0; i < ETH_ALEN; i++)
152 hash ^= addr[i];
153 for (i = 0; i < sizeof(sid_t) * 8; i += 8)
154 hash ^= (__force __u32)sid >> i;
155 for (i = 8; (i >>= 1) >= PPPOE_HASH_BITS;)
156 hash ^= hash >> i;
157
158 return hash & PPPOE_HASH_MASK;
159 }
160
161 /**********************************************************************
162 *
163 * Set/get/delete/rehash items (internal versions)
164 *
165 **********************************************************************/
166 static struct pppox_sock *__get_item(struct pppoe_net *pn, __be16 sid,
167 unsigned char *addr, int ifindex)
168 {
169 int hash = hash_item(sid, addr);
170 struct pppox_sock *ret;
171
172 ret = pn->hash_table[hash];
173 while (ret) {
174 if (cmp_addr(&ret->pppoe_pa, sid, addr) &&
175 ret->pppoe_ifindex == ifindex)
176 return ret;
177
178 ret = ret->next;
179 }
180
181 return NULL;
182 }
183
184 static int __set_item(struct pppoe_net *pn, struct pppox_sock *po)
185 {
186 int hash = hash_item(po->pppoe_pa.sid, po->pppoe_pa.remote);
187 struct pppox_sock *ret;
188
189 ret = pn->hash_table[hash];
190 while (ret) {
191 if (cmp_2_addr(&ret->pppoe_pa, &po->pppoe_pa) &&
192 ret->pppoe_ifindex == po->pppoe_ifindex)
193 return -EALREADY;
194
195 ret = ret->next;
196 }
197
198 po->next = pn->hash_table[hash];
199 pn->hash_table[hash] = po;
200
201 return 0;
202 }
203
204 static void __delete_item(struct pppoe_net *pn, __be16 sid,
205 char *addr, int ifindex)
206 {
207 int hash = hash_item(sid, addr);
208 struct pppox_sock *ret, **src;
209
210 ret = pn->hash_table[hash];
211 src = &pn->hash_table[hash];
212
213 while (ret) {
214 if (cmp_addr(&ret->pppoe_pa, sid, addr) &&
215 ret->pppoe_ifindex == ifindex) {
216 *src = ret->next;
217 break;
218 }
219
220 src = &ret->next;
221 ret = ret->next;
222 }
223 }
224
225 /**********************************************************************
226 *
227 * Set/get/delete/rehash items
228 *
229 **********************************************************************/
230 static inline struct pppox_sock *get_item(struct pppoe_net *pn, __be16 sid,
231 unsigned char *addr, int ifindex)
232 {
233 struct pppox_sock *po;
234
235 read_lock_bh(&pn->hash_lock);
236 po = __get_item(pn, sid, addr, ifindex);
237 if (po)
238 sock_hold(sk_pppox(po));
239 read_unlock_bh(&pn->hash_lock);
240
241 return po;
242 }
243
244 static inline struct pppox_sock *get_item_by_addr(struct net *net,
245 struct sockaddr_pppox *sp)
246 {
247 struct net_device *dev;
248 struct pppoe_net *pn;
249 struct pppox_sock *pppox_sock = NULL;
250
251 int ifindex;
252
253 rcu_read_lock();
254 dev = dev_get_by_name_rcu(net, sp->sa_addr.pppoe.dev);
255 if (dev) {
256 ifindex = dev->ifindex;
257 pn = pppoe_pernet(net);
258 pppox_sock = get_item(pn, sp->sa_addr.pppoe.sid,
259 sp->sa_addr.pppoe.remote, ifindex);
260 }
261 rcu_read_unlock();
262 return pppox_sock;
263 }
264
265 static inline void delete_item(struct pppoe_net *pn, __be16 sid,
266 char *addr, int ifindex)
267 {
268 write_lock_bh(&pn->hash_lock);
269 __delete_item(pn, sid, addr, ifindex);
270 write_unlock_bh(&pn->hash_lock);
271 }
272
273 /***************************************************************************
274 *
275 * Handler for device events.
276 * Certain device events require that sockets be unconnected.
277 *
278 **************************************************************************/
279
280 static void pppoe_flush_dev(struct net_device *dev)
281 {
282 struct pppoe_net *pn;
283 int i;
284
285 pn = pppoe_pernet(dev_net(dev));
286 write_lock_bh(&pn->hash_lock);
287 for (i = 0; i < PPPOE_HASH_SIZE; i++) {
288 struct pppox_sock *po = pn->hash_table[i];
289 struct sock *sk;
290
291 while (po) {
292 while (po && po->pppoe_dev != dev) {
293 po = po->next;
294 }
295
296 if (!po)
297 break;
298
299 sk = sk_pppox(po);
300
301 /* We always grab the socket lock, followed by the
302 * hash_lock, in that order. Since we should hold the
303 * sock lock while doing any unbinding, we need to
304 * release the lock we're holding. Hold a reference to
305 * the sock so it doesn't disappear as we're jumping
306 * between locks.
307 */
308
309 sock_hold(sk);
310 write_unlock_bh(&pn->hash_lock);
311 lock_sock(sk);
312
313 if (po->pppoe_dev == dev &&
314 sk->sk_state & (PPPOX_CONNECTED | PPPOX_BOUND)) {
315 pppox_unbind_sock(sk);
316 sk->sk_state_change(sk);
317 po->pppoe_dev = NULL;
318 dev_put(dev);
319 }
320
321 release_sock(sk);
322 sock_put(sk);
323
324 /* Restart the process from the start of the current
325 * hash chain. We dropped locks so the world may have
326 * change from underneath us.
327 */
328
329 BUG_ON(pppoe_pernet(dev_net(dev)) == NULL);
330 write_lock_bh(&pn->hash_lock);
331 po = pn->hash_table[i];
332 }
333 }
334 write_unlock_bh(&pn->hash_lock);
335 }
336
337 static int pppoe_device_event(struct notifier_block *this,
338 unsigned long event, void *ptr)
339 {
340 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
341
342 /* Only look at sockets that are using this specific device. */
343 switch (event) {
344 case NETDEV_CHANGEADDR:
345 case NETDEV_CHANGEMTU:
346 /* A change in mtu or address is a bad thing, requiring
347 * LCP re-negotiation.
348 */
349
350 case NETDEV_GOING_DOWN:
351 case NETDEV_DOWN:
352 /* Find every socket on this device and kill it. */
353 pppoe_flush_dev(dev);
354 break;
355
356 default:
357 break;
358 }
359
360 return NOTIFY_DONE;
361 }
362
363 static struct notifier_block pppoe_notifier = {
364 .notifier_call = pppoe_device_event,
365 };
366
367 /************************************************************************
368 *
369 * Do the real work of receiving a PPPoE Session frame.
370 *
371 ***********************************************************************/
372 static int pppoe_rcv_core(struct sock *sk, struct sk_buff *skb)
373 {
374 struct pppox_sock *po = pppox_sk(sk);
375 struct pppox_sock *relay_po;
376
377 /* Backlog receive. Semantics of backlog rcv preclude any code from
378 * executing in lock_sock()/release_sock() bounds; meaning sk->sk_state
379 * can't change.
380 */
381
382 if (skb->pkt_type == PACKET_OTHERHOST)
383 goto abort_kfree;
384
385 if (sk->sk_state & PPPOX_BOUND) {
386 ppp_input(&po->chan, skb);
387 } else if (sk->sk_state & PPPOX_RELAY) {
388 relay_po = get_item_by_addr(sock_net(sk),
389 &po->pppoe_relay);
390 if (relay_po == NULL)
391 goto abort_kfree;
392
393 if ((sk_pppox(relay_po)->sk_state & PPPOX_CONNECTED) == 0)
394 goto abort_put;
395
396 if (!__pppoe_xmit(sk_pppox(relay_po), skb))
397 goto abort_put;
398
399 sock_put(sk_pppox(relay_po));
400 } else {
401 if (sock_queue_rcv_skb(sk, skb))
402 goto abort_kfree;
403 }
404
405 return NET_RX_SUCCESS;
406
407 abort_put:
408 sock_put(sk_pppox(relay_po));
409
410 abort_kfree:
411 kfree_skb(skb);
412 return NET_RX_DROP;
413 }
414
415 /************************************************************************
416 *
417 * Receive wrapper called in BH context.
418 *
419 ***********************************************************************/
420 static int pppoe_rcv(struct sk_buff *skb, struct net_device *dev,
421 struct packet_type *pt, struct net_device *orig_dev)
422 {
423 struct pppoe_hdr *ph;
424 struct pppox_sock *po;
425 struct pppoe_net *pn;
426 int len;
427
428 skb = skb_share_check(skb, GFP_ATOMIC);
429 if (!skb)
430 goto out;
431
432 if (skb_mac_header_len(skb) < ETH_HLEN)
433 goto drop;
434
435 if (!pskb_may_pull(skb, sizeof(struct pppoe_hdr)))
436 goto drop;
437
438 ph = pppoe_hdr(skb);
439 len = ntohs(ph->length);
440
441 skb_pull_rcsum(skb, sizeof(*ph));
442 if (skb->len < len)
443 goto drop;
444
445 if (pskb_trim_rcsum(skb, len))
446 goto drop;
447
448 ph = pppoe_hdr(skb);
449 pn = pppoe_pernet(dev_net(dev));
450
451 /* Note that get_item does a sock_hold(), so sk_pppox(po)
452 * is known to be safe.
453 */
454 po = get_item(pn, ph->sid, eth_hdr(skb)->h_source, dev->ifindex);
455 if (!po)
456 goto drop;
457
458 return sk_receive_skb(sk_pppox(po), skb, 0);
459
460 drop:
461 kfree_skb(skb);
462 out:
463 return NET_RX_DROP;
464 }
465
466 static void pppoe_unbind_sock_work(struct work_struct *work)
467 {
468 struct pppox_sock *po = container_of(work, struct pppox_sock,
469 proto.pppoe.padt_work);
470 struct sock *sk = sk_pppox(po);
471
472 lock_sock(sk);
473 if (po->pppoe_dev) {
474 dev_put(po->pppoe_dev);
475 po->pppoe_dev = NULL;
476 }
477 pppox_unbind_sock(sk);
478 release_sock(sk);
479 sock_put(sk);
480 }
481
482 /************************************************************************
483 *
484 * Receive a PPPoE Discovery frame.
485 * This is solely for detection of PADT frames
486 *
487 ***********************************************************************/
488 static int pppoe_disc_rcv(struct sk_buff *skb, struct net_device *dev,
489 struct packet_type *pt, struct net_device *orig_dev)
490
491 {
492 struct pppoe_hdr *ph;
493 struct pppox_sock *po;
494 struct pppoe_net *pn;
495
496 skb = skb_share_check(skb, GFP_ATOMIC);
497 if (!skb)
498 goto out;
499
500 if (skb->pkt_type != PACKET_HOST)
501 goto abort;
502
503 if (!pskb_may_pull(skb, sizeof(struct pppoe_hdr)))
504 goto abort;
505
506 ph = pppoe_hdr(skb);
507 if (ph->code != PADT_CODE)
508 goto abort;
509
510 pn = pppoe_pernet(dev_net(dev));
511 po = get_item(pn, ph->sid, eth_hdr(skb)->h_source, dev->ifindex);
512 if (po)
513 if (!schedule_work(&po->proto.pppoe.padt_work))
514 sock_put(sk_pppox(po));
515
516 abort:
517 kfree_skb(skb);
518 out:
519 return NET_RX_SUCCESS; /* Lies... :-) */
520 }
521
522 static struct packet_type pppoes_ptype __read_mostly = {
523 .type = cpu_to_be16(ETH_P_PPP_SES),
524 .func = pppoe_rcv,
525 };
526
527 static struct packet_type pppoed_ptype __read_mostly = {
528 .type = cpu_to_be16(ETH_P_PPP_DISC),
529 .func = pppoe_disc_rcv,
530 };
531
532 static struct proto pppoe_sk_proto __read_mostly = {
533 .name = "PPPOE",
534 .owner = THIS_MODULE,
535 .obj_size = sizeof(struct pppox_sock),
536 };
537
538 /***********************************************************************
539 *
540 * Initialize a new struct sock.
541 *
542 **********************************************************************/
543 static int pppoe_create(struct net *net, struct socket *sock, int kern)
544 {
545 struct sock *sk;
546
547 sk = sk_alloc(net, PF_PPPOX, GFP_KERNEL, &pppoe_sk_proto, kern);
548 if (!sk)
549 return -ENOMEM;
550
551 sock_init_data(sock, sk);
552
553 sock->state = SS_UNCONNECTED;
554 sock->ops = &pppoe_ops;
555
556 sk->sk_backlog_rcv = pppoe_rcv_core;
557 sk->sk_state = PPPOX_NONE;
558 sk->sk_type = SOCK_STREAM;
559 sk->sk_family = PF_PPPOX;
560 sk->sk_protocol = PX_PROTO_OE;
561
562 INIT_WORK(&pppox_sk(sk)->proto.pppoe.padt_work,
563 pppoe_unbind_sock_work);
564
565 return 0;
566 }
567
568 static int pppoe_release(struct socket *sock)
569 {
570 struct sock *sk = sock->sk;
571 struct pppox_sock *po;
572 struct pppoe_net *pn;
573 struct net *net = NULL;
574
575 if (!sk)
576 return 0;
577
578 lock_sock(sk);
579 if (sock_flag(sk, SOCK_DEAD)) {
580 release_sock(sk);
581 return -EBADF;
582 }
583
584 po = pppox_sk(sk);
585
586 if (po->pppoe_dev) {
587 dev_put(po->pppoe_dev);
588 po->pppoe_dev = NULL;
589 }
590
591 pppox_unbind_sock(sk);
592
593 /* Signal the death of the socket. */
594 sk->sk_state = PPPOX_DEAD;
595
596 net = sock_net(sk);
597 pn = pppoe_pernet(net);
598
599 /*
600 * protect "po" from concurrent updates
601 * on pppoe_flush_dev
602 */
603 delete_item(pn, po->pppoe_pa.sid, po->pppoe_pa.remote,
604 po->pppoe_ifindex);
605
606 sock_orphan(sk);
607 sock->sk = NULL;
608
609 skb_queue_purge(&sk->sk_receive_queue);
610 release_sock(sk);
611 sock_put(sk);
612
613 return 0;
614 }
615
616 static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
617 int sockaddr_len, int flags)
618 {
619 struct sock *sk = sock->sk;
620 struct sockaddr_pppox *sp = (struct sockaddr_pppox *)uservaddr;
621 struct pppox_sock *po = pppox_sk(sk);
622 struct net_device *dev = NULL;
623 struct pppoe_net *pn;
624 struct net *net = NULL;
625 int error;
626
627 lock_sock(sk);
628
629 error = -EINVAL;
630
631 if (sockaddr_len != sizeof(struct sockaddr_pppox))
632 goto end;
633
634 if (sp->sa_protocol != PX_PROTO_OE)
635 goto end;
636
637 /* Check for already bound sockets */
638 error = -EBUSY;
639 if ((sk->sk_state & PPPOX_CONNECTED) &&
640 stage_session(sp->sa_addr.pppoe.sid))
641 goto end;
642
643 /* Check for already disconnected sockets, on attempts to disconnect */
644 error = -EALREADY;
645 if ((sk->sk_state & PPPOX_DEAD) &&
646 !stage_session(sp->sa_addr.pppoe.sid))
647 goto end;
648
649 error = 0;
650
651 /* Delete the old binding */
652 if (stage_session(po->pppoe_pa.sid)) {
653 pppox_unbind_sock(sk);
654 pn = pppoe_pernet(sock_net(sk));
655 delete_item(pn, po->pppoe_pa.sid,
656 po->pppoe_pa.remote, po->pppoe_ifindex);
657 if (po->pppoe_dev) {
658 dev_put(po->pppoe_dev);
659 po->pppoe_dev = NULL;
660 }
661
662 po->pppoe_ifindex = 0;
663 memset(&po->pppoe_pa, 0, sizeof(po->pppoe_pa));
664 memset(&po->pppoe_relay, 0, sizeof(po->pppoe_relay));
665 memset(&po->chan, 0, sizeof(po->chan));
666 po->next = NULL;
667 po->num = 0;
668
669 sk->sk_state = PPPOX_NONE;
670 }
671
672 /* Re-bind in session stage only */
673 if (stage_session(sp->sa_addr.pppoe.sid)) {
674 error = -ENODEV;
675 net = sock_net(sk);
676 dev = dev_get_by_name(net, sp->sa_addr.pppoe.dev);
677 if (!dev)
678 goto err_put;
679
680 po->pppoe_dev = dev;
681 po->pppoe_ifindex = dev->ifindex;
682 pn = pppoe_pernet(net);
683 if (!(dev->flags & IFF_UP)) {
684 goto err_put;
685 }
686
687 memcpy(&po->pppoe_pa,
688 &sp->sa_addr.pppoe,
689 sizeof(struct pppoe_addr));
690
691 write_lock_bh(&pn->hash_lock);
692 error = __set_item(pn, po);
693 write_unlock_bh(&pn->hash_lock);
694 if (error < 0)
695 goto err_put;
696
697 po->chan.hdrlen = (sizeof(struct pppoe_hdr) +
698 dev->hard_header_len);
699
700 po->chan.mtu = dev->mtu - sizeof(struct pppoe_hdr) - 2;
701 po->chan.private = sk;
702 po->chan.ops = &pppoe_chan_ops;
703
704 error = ppp_register_net_channel(dev_net(dev), &po->chan);
705 if (error) {
706 delete_item(pn, po->pppoe_pa.sid,
707 po->pppoe_pa.remote, po->pppoe_ifindex);
708 goto err_put;
709 }
710
711 sk->sk_state = PPPOX_CONNECTED;
712 }
713
714 po->num = sp->sa_addr.pppoe.sid;
715
716 end:
717 release_sock(sk);
718 return error;
719 err_put:
720 if (po->pppoe_dev) {
721 dev_put(po->pppoe_dev);
722 po->pppoe_dev = NULL;
723 }
724 goto end;
725 }
726
727 static int pppoe_getname(struct socket *sock, struct sockaddr *uaddr,
728 int peer)
729 {
730 int len = sizeof(struct sockaddr_pppox);
731 struct sockaddr_pppox sp;
732
733 sp.sa_family = AF_PPPOX;
734 sp.sa_protocol = PX_PROTO_OE;
735 memcpy(&sp.sa_addr.pppoe, &pppox_sk(sock->sk)->pppoe_pa,
736 sizeof(struct pppoe_addr));
737
738 memcpy(uaddr, &sp, len);
739
740 return len;
741 }
742
743 static int pppoe_ioctl(struct socket *sock, unsigned int cmd,
744 unsigned long arg)
745 {
746 struct sock *sk = sock->sk;
747 struct pppox_sock *po = pppox_sk(sk);
748 int val;
749 int err;
750
751 switch (cmd) {
752 case PPPIOCGMRU:
753 err = -ENXIO;
754 if (!(sk->sk_state & PPPOX_CONNECTED))
755 break;
756
757 err = -EFAULT;
758 if (put_user(po->pppoe_dev->mtu -
759 sizeof(struct pppoe_hdr) -
760 PPP_HDRLEN,
761 (int __user *)arg))
762 break;
763 err = 0;
764 break;
765
766 case PPPIOCSMRU:
767 err = -ENXIO;
768 if (!(sk->sk_state & PPPOX_CONNECTED))
769 break;
770
771 err = -EFAULT;
772 if (get_user(val, (int __user *)arg))
773 break;
774
775 if (val < (po->pppoe_dev->mtu
776 - sizeof(struct pppoe_hdr)
777 - PPP_HDRLEN))
778 err = 0;
779 else
780 err = -EINVAL;
781 break;
782
783 case PPPIOCSFLAGS:
784 err = -EFAULT;
785 if (get_user(val, (int __user *)arg))
786 break;
787 err = 0;
788 break;
789
790 case PPPOEIOCSFWD:
791 {
792 struct pppox_sock *relay_po;
793
794 err = -EBUSY;
795 if (sk->sk_state & (PPPOX_BOUND | PPPOX_DEAD))
796 break;
797
798 err = -ENOTCONN;
799 if (!(sk->sk_state & PPPOX_CONNECTED))
800 break;
801
802 /* PPPoE address from the user specifies an outbound
803 PPPoE address which frames are forwarded to */
804 err = -EFAULT;
805 if (copy_from_user(&po->pppoe_relay,
806 (void __user *)arg,
807 sizeof(struct sockaddr_pppox)))
808 break;
809
810 err = -EINVAL;
811 if (po->pppoe_relay.sa_family != AF_PPPOX ||
812 po->pppoe_relay.sa_protocol != PX_PROTO_OE)
813 break;
814
815 /* Check that the socket referenced by the address
816 actually exists. */
817 relay_po = get_item_by_addr(sock_net(sk), &po->pppoe_relay);
818 if (!relay_po)
819 break;
820
821 sock_put(sk_pppox(relay_po));
822 sk->sk_state |= PPPOX_RELAY;
823 err = 0;
824 break;
825 }
826
827 case PPPOEIOCDFWD:
828 err = -EALREADY;
829 if (!(sk->sk_state & PPPOX_RELAY))
830 break;
831
832 sk->sk_state &= ~PPPOX_RELAY;
833 err = 0;
834 break;
835
836 default:
837 err = -ENOTTY;
838 }
839
840 return err;
841 }
842
843 static int pppoe_sendmsg(struct socket *sock, struct msghdr *m,
844 size_t total_len)
845 {
846 struct sk_buff *skb;
847 struct sock *sk = sock->sk;
848 struct pppox_sock *po = pppox_sk(sk);
849 int error;
850 struct pppoe_hdr hdr;
851 struct pppoe_hdr *ph;
852 struct net_device *dev;
853 char *start;
854 int hlen;
855
856 lock_sock(sk);
857 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) {
858 error = -ENOTCONN;
859 goto end;
860 }
861
862 hdr.ver = 1;
863 hdr.type = 1;
864 hdr.code = 0;
865 hdr.sid = po->num;
866
867 dev = po->pppoe_dev;
868
869 error = -EMSGSIZE;
870 if (total_len > (dev->mtu + dev->hard_header_len))
871 goto end;
872
873 hlen = LL_RESERVED_SPACE(dev);
874 skb = sock_wmalloc(sk, hlen + sizeof(*ph) + total_len +
875 dev->needed_tailroom, 0, GFP_KERNEL);
876 if (!skb) {
877 error = -ENOMEM;
878 goto end;
879 }
880
881 /* Reserve space for headers. */
882 skb_reserve(skb, hlen);
883 skb_reset_network_header(skb);
884
885 skb->dev = dev;
886
887 skb->priority = sk->sk_priority;
888 skb->protocol = cpu_to_be16(ETH_P_PPP_SES);
889
890 ph = skb_put(skb, total_len + sizeof(struct pppoe_hdr));
891 start = (char *)&ph->tag[0];
892
893 error = memcpy_from_msg(start, m, total_len);
894 if (error < 0) {
895 kfree_skb(skb);
896 goto end;
897 }
898
899 error = total_len;
900 dev_hard_header(skb, dev, ETH_P_PPP_SES,
901 po->pppoe_pa.remote, NULL, total_len);
902
903 memcpy(ph, &hdr, sizeof(struct pppoe_hdr));
904
905 ph->length = htons(total_len);
906
907 dev_queue_xmit(skb);
908
909 end:
910 release_sock(sk);
911 return error;
912 }
913
914 /************************************************************************
915 *
916 * xmit function for internal use.
917 *
918 ***********************************************************************/
919 static int __pppoe_xmit(struct sock *sk, struct sk_buff *skb)
920 {
921 struct pppox_sock *po = pppox_sk(sk);
922 struct net_device *dev = po->pppoe_dev;
923 struct pppoe_hdr *ph;
924 int data_len = skb->len;
925
926 /* The higher-level PPP code (ppp_unregister_channel()) ensures the PPP
927 * xmit operations conclude prior to an unregistration call. Thus
928 * sk->sk_state cannot change, so we don't need to do lock_sock().
929 * But, we also can't do a lock_sock since that introduces a potential
930 * deadlock as we'd reverse the lock ordering used when calling
931 * ppp_unregister_channel().
932 */
933
934 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED))
935 goto abort;
936
937 if (!dev)
938 goto abort;
939
940 /* Copy the data if there is no space for the header or if it's
941 * read-only.
942 */
943 if (skb_cow_head(skb, LL_RESERVED_SPACE(dev) + sizeof(*ph)))
944 goto abort;
945
946 __skb_push(skb, sizeof(*ph));
947 skb_reset_network_header(skb);
948
949 ph = pppoe_hdr(skb);
950 ph->ver = 1;
951 ph->type = 1;
952 ph->code = 0;
953 ph->sid = po->num;
954 ph->length = htons(data_len);
955
956 skb->protocol = cpu_to_be16(ETH_P_PPP_SES);
957 skb->dev = dev;
958
959 dev_hard_header(skb, dev, ETH_P_PPP_SES,
960 po->pppoe_pa.remote, NULL, data_len);
961
962 dev_queue_xmit(skb);
963 return 1;
964
965 abort:
966 kfree_skb(skb);
967 return 1;
968 }
969
970 /************************************************************************
971 *
972 * xmit function called by generic PPP driver
973 * sends PPP frame over PPPoE socket
974 *
975 ***********************************************************************/
976 static int pppoe_xmit(struct ppp_channel *chan, struct sk_buff *skb)
977 {
978 struct sock *sk = (struct sock *)chan->private;
979 return __pppoe_xmit(sk, skb);
980 }
981
982 static const struct ppp_channel_ops pppoe_chan_ops = {
983 .start_xmit = pppoe_xmit,
984 };
985
986 static int pppoe_recvmsg(struct socket *sock, struct msghdr *m,
987 size_t total_len, int flags)
988 {
989 struct sock *sk = sock->sk;
990 struct sk_buff *skb;
991 int error = 0;
992
993 if (sk->sk_state & PPPOX_BOUND) {
994 error = -EIO;
995 goto end;
996 }
997
998 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
999 flags & MSG_DONTWAIT, &error);
1000 if (error < 0)
1001 goto end;
1002
1003 if (skb) {
1004 total_len = min_t(size_t, total_len, skb->len);
1005 error = skb_copy_datagram_msg(skb, 0, m, total_len);
1006 if (error == 0) {
1007 consume_skb(skb);
1008 return total_len;
1009 }
1010 }
1011
1012 kfree_skb(skb);
1013 end:
1014 return error;
1015 }
1016
1017 #ifdef CONFIG_PROC_FS
1018 static int pppoe_seq_show(struct seq_file *seq, void *v)
1019 {
1020 struct pppox_sock *po;
1021 char *dev_name;
1022
1023 if (v == SEQ_START_TOKEN) {
1024 seq_puts(seq, "Id Address Device\n");
1025 goto out;
1026 }
1027
1028 po = v;
1029 dev_name = po->pppoe_pa.dev;
1030
1031 seq_printf(seq, "%08X %pM %8s\n",
1032 po->pppoe_pa.sid, po->pppoe_pa.remote, dev_name);
1033 out:
1034 return 0;
1035 }
1036
1037 static inline struct pppox_sock *pppoe_get_idx(struct pppoe_net *pn, loff_t pos)
1038 {
1039 struct pppox_sock *po;
1040 int i;
1041
1042 for (i = 0; i < PPPOE_HASH_SIZE; i++) {
1043 po = pn->hash_table[i];
1044 while (po) {
1045 if (!pos--)
1046 goto out;
1047 po = po->next;
1048 }
1049 }
1050
1051 out:
1052 return po;
1053 }
1054
1055 static void *pppoe_seq_start(struct seq_file *seq, loff_t *pos)
1056 __acquires(pn->hash_lock)
1057 {
1058 struct pppoe_net *pn = pppoe_pernet(seq_file_net(seq));
1059 loff_t l = *pos;
1060
1061 read_lock_bh(&pn->hash_lock);
1062 return l ? pppoe_get_idx(pn, --l) : SEQ_START_TOKEN;
1063 }
1064
1065 static void *pppoe_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1066 {
1067 struct pppoe_net *pn = pppoe_pernet(seq_file_net(seq));
1068 struct pppox_sock *po;
1069
1070 ++*pos;
1071 if (v == SEQ_START_TOKEN) {
1072 po = pppoe_get_idx(pn, 0);
1073 goto out;
1074 }
1075 po = v;
1076 if (po->next)
1077 po = po->next;
1078 else {
1079 int hash = hash_item(po->pppoe_pa.sid, po->pppoe_pa.remote);
1080
1081 po = NULL;
1082 while (++hash < PPPOE_HASH_SIZE) {
1083 po = pn->hash_table[hash];
1084 if (po)
1085 break;
1086 }
1087 }
1088
1089 out:
1090 return po;
1091 }
1092
1093 static void pppoe_seq_stop(struct seq_file *seq, void *v)
1094 __releases(pn->hash_lock)
1095 {
1096 struct pppoe_net *pn = pppoe_pernet(seq_file_net(seq));
1097 read_unlock_bh(&pn->hash_lock);
1098 }
1099
1100 static const struct seq_operations pppoe_seq_ops = {
1101 .start = pppoe_seq_start,
1102 .next = pppoe_seq_next,
1103 .stop = pppoe_seq_stop,
1104 .show = pppoe_seq_show,
1105 };
1106 #endif /* CONFIG_PROC_FS */
1107
1108 static const struct proto_ops pppoe_ops = {
1109 .family = AF_PPPOX,
1110 .owner = THIS_MODULE,
1111 .release = pppoe_release,
1112 .bind = sock_no_bind,
1113 .connect = pppoe_connect,
1114 .socketpair = sock_no_socketpair,
1115 .accept = sock_no_accept,
1116 .getname = pppoe_getname,
1117 .poll = datagram_poll,
1118 .listen = sock_no_listen,
1119 .shutdown = sock_no_shutdown,
1120 .setsockopt = sock_no_setsockopt,
1121 .getsockopt = sock_no_getsockopt,
1122 .sendmsg = pppoe_sendmsg,
1123 .recvmsg = pppoe_recvmsg,
1124 .mmap = sock_no_mmap,
1125 .ioctl = pppox_ioctl,
1126 #ifdef CONFIG_COMPAT
1127 .compat_ioctl = pppox_compat_ioctl,
1128 #endif
1129 };
1130
1131 static const struct pppox_proto pppoe_proto = {
1132 .create = pppoe_create,
1133 .ioctl = pppoe_ioctl,
1134 .owner = THIS_MODULE,
1135 };
1136
1137 static __net_init int pppoe_init_net(struct net *net)
1138 {
1139 struct pppoe_net *pn = pppoe_pernet(net);
1140 struct proc_dir_entry *pde;
1141
1142 rwlock_init(&pn->hash_lock);
1143
1144 pde = proc_create_net("pppoe", 0444, net->proc_net,
1145 &pppoe_seq_ops, sizeof(struct seq_net_private));
1146 #ifdef CONFIG_PROC_FS
1147 if (!pde)
1148 return -ENOMEM;
1149 #endif
1150
1151 return 0;
1152 }
1153
1154 static __net_exit void pppoe_exit_net(struct net *net)
1155 {
1156 remove_proc_entry("pppoe", net->proc_net);
1157 }
1158
1159 static struct pernet_operations pppoe_net_ops = {
1160 .init = pppoe_init_net,
1161 .exit = pppoe_exit_net,
1162 .id = &pppoe_net_id,
1163 .size = sizeof(struct pppoe_net),
1164 };
1165
1166 static int __init pppoe_init(void)
1167 {
1168 int err;
1169
1170 err = register_pernet_device(&pppoe_net_ops);
1171 if (err)
1172 goto out;
1173
1174 err = proto_register(&pppoe_sk_proto, 0);
1175 if (err)
1176 goto out_unregister_net_ops;
1177
1178 err = register_pppox_proto(PX_PROTO_OE, &pppoe_proto);
1179 if (err)
1180 goto out_unregister_pppoe_proto;
1181
1182 dev_add_pack(&pppoes_ptype);
1183 dev_add_pack(&pppoed_ptype);
1184 register_netdevice_notifier(&pppoe_notifier);
1185
1186 return 0;
1187
1188 out_unregister_pppoe_proto:
1189 proto_unregister(&pppoe_sk_proto);
1190 out_unregister_net_ops:
1191 unregister_pernet_device(&pppoe_net_ops);
1192 out:
1193 return err;
1194 }
1195
1196 static void __exit pppoe_exit(void)
1197 {
1198 unregister_netdevice_notifier(&pppoe_notifier);
1199 dev_remove_pack(&pppoed_ptype);
1200 dev_remove_pack(&pppoes_ptype);
1201 unregister_pppox_proto(PX_PROTO_OE);
1202 proto_unregister(&pppoe_sk_proto);
1203 unregister_pernet_device(&pppoe_net_ops);
1204 }
1205
1206 module_init(pppoe_init);
1207 module_exit(pppoe_exit);
1208
1209 MODULE_AUTHOR("Michal Ostrowski <mostrows@speakeasy.net>");
1210 MODULE_DESCRIPTION("PPP over Ethernet driver");
1211 MODULE_LICENSE("GPL");
1212 MODULE_ALIAS_NET_PF_PROTO(PF_PPPOX, PX_PROTO_OE);
Linux with added FPC-III support