OMAPDSS: VENC: fix NULL pointer dereference in DSS2 VENC sysfs debug attr on OMAP4
[zen-stable.git] / drivers / net / wan / hdlc_cisco.c
blob3f20808b5ff8260441eb441cdf4c3f7a8a9ee165
1 /*
2 * Generic HDLC support routines for Linux
3 * Cisco HDLC support
5 * Copyright (C) 2000 - 2006 Krzysztof Halasa <khc@pm.waw.pl>
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of version 2 of the GNU General Public License
9 * as published by the Free Software Foundation.
12 #include <linux/errno.h>
13 #include <linux/hdlc.h>
14 #include <linux/if_arp.h>
15 #include <linux/inetdevice.h>
16 #include <linux/init.h>
17 #include <linux/kernel.h>
18 #include <linux/module.h>
19 #include <linux/pkt_sched.h>
20 #include <linux/poll.h>
21 #include <linux/rtnetlink.h>
22 #include <linux/skbuff.h>
24 #undef DEBUG_HARD_HEADER
26 #define CISCO_MULTICAST 0x8F /* Cisco multicast address */
27 #define CISCO_UNICAST 0x0F /* Cisco unicast address */
28 #define CISCO_KEEPALIVE 0x8035 /* Cisco keepalive protocol */
29 #define CISCO_SYS_INFO 0x2000 /* Cisco interface/system info */
30 #define CISCO_ADDR_REQ 0 /* Cisco address request */
31 #define CISCO_ADDR_REPLY 1 /* Cisco address reply */
32 #define CISCO_KEEPALIVE_REQ 2 /* Cisco keepalive request */
35 struct hdlc_header {
36 u8 address;
37 u8 control;
38 __be16 protocol;
39 }__packed;
42 struct cisco_packet {
43 __be32 type; /* code */
44 __be32 par1;
45 __be32 par2;
46 __be16 rel; /* reliability */
47 __be32 time;
48 }__packed;
49 #define CISCO_PACKET_LEN 18
50 #define CISCO_BIG_PACKET_LEN 20
53 struct cisco_state {
54 cisco_proto settings;
56 struct timer_list timer;
57 spinlock_t lock;
58 unsigned long last_poll;
59 int up;
60 u32 txseq; /* TX sequence number, 0 = none */
61 u32 rxseq; /* RX sequence number */
65 static int cisco_ioctl(struct net_device *dev, struct ifreq *ifr);
68 static inline struct cisco_state* state(hdlc_device *hdlc)
70 return (struct cisco_state *)hdlc->state;
74 static int cisco_hard_header(struct sk_buff *skb, struct net_device *dev,
75 u16 type, const void *daddr, const void *saddr,
76 unsigned int len)
78 struct hdlc_header *data;
79 #ifdef DEBUG_HARD_HEADER
80 printk(KERN_DEBUG "%s: cisco_hard_header called\n", dev->name);
81 #endif
83 skb_push(skb, sizeof(struct hdlc_header));
84 data = (struct hdlc_header*)skb->data;
85 if (type == CISCO_KEEPALIVE)
86 data->address = CISCO_MULTICAST;
87 else
88 data->address = CISCO_UNICAST;
89 data->control = 0;
90 data->protocol = htons(type);
92 return sizeof(struct hdlc_header);
97 static void cisco_keepalive_send(struct net_device *dev, u32 type,
98 __be32 par1, __be32 par2)
100 struct sk_buff *skb;
101 struct cisco_packet *data;
103 skb = dev_alloc_skb(sizeof(struct hdlc_header) +
104 sizeof(struct cisco_packet));
105 if (!skb) {
106 netdev_warn(dev, "Memory squeeze on cisco_keepalive_send()\n");
107 return;
109 skb_reserve(skb, 4);
110 cisco_hard_header(skb, dev, CISCO_KEEPALIVE, NULL, NULL, 0);
111 data = (struct cisco_packet*)(skb->data + 4);
113 data->type = htonl(type);
114 data->par1 = par1;
115 data->par2 = par2;
116 data->rel = cpu_to_be16(0xFFFF);
117 /* we will need do_div here if 1000 % HZ != 0 */
118 data->time = htonl((jiffies - INITIAL_JIFFIES) * (1000 / HZ));
120 skb_put(skb, sizeof(struct cisco_packet));
121 skb->priority = TC_PRIO_CONTROL;
122 skb->dev = dev;
123 skb_reset_network_header(skb);
125 dev_queue_xmit(skb);
130 static __be16 cisco_type_trans(struct sk_buff *skb, struct net_device *dev)
132 struct hdlc_header *data = (struct hdlc_header*)skb->data;
134 if (skb->len < sizeof(struct hdlc_header))
135 return cpu_to_be16(ETH_P_HDLC);
137 if (data->address != CISCO_MULTICAST &&
138 data->address != CISCO_UNICAST)
139 return cpu_to_be16(ETH_P_HDLC);
141 switch (data->protocol) {
142 case cpu_to_be16(ETH_P_IP):
143 case cpu_to_be16(ETH_P_IPX):
144 case cpu_to_be16(ETH_P_IPV6):
145 skb_pull(skb, sizeof(struct hdlc_header));
146 return data->protocol;
147 default:
148 return cpu_to_be16(ETH_P_HDLC);
153 static int cisco_rx(struct sk_buff *skb)
155 struct net_device *dev = skb->dev;
156 hdlc_device *hdlc = dev_to_hdlc(dev);
157 struct cisco_state *st = state(hdlc);
158 struct hdlc_header *data = (struct hdlc_header*)skb->data;
159 struct cisco_packet *cisco_data;
160 struct in_device *in_dev;
161 __be32 addr, mask;
162 u32 ack;
164 if (skb->len < sizeof(struct hdlc_header))
165 goto rx_error;
167 if (data->address != CISCO_MULTICAST &&
168 data->address != CISCO_UNICAST)
169 goto rx_error;
171 switch (ntohs(data->protocol)) {
172 case CISCO_SYS_INFO:
173 /* Packet is not needed, drop it. */
174 dev_kfree_skb_any(skb);
175 return NET_RX_SUCCESS;
177 case CISCO_KEEPALIVE:
178 if ((skb->len != sizeof(struct hdlc_header) +
179 CISCO_PACKET_LEN) &&
180 (skb->len != sizeof(struct hdlc_header) +
181 CISCO_BIG_PACKET_LEN)) {
182 netdev_info(dev, "Invalid length of Cisco control packet (%d bytes)\n",
183 skb->len);
184 goto rx_error;
187 cisco_data = (struct cisco_packet*)(skb->data + sizeof
188 (struct hdlc_header));
190 switch (ntohl (cisco_data->type)) {
191 case CISCO_ADDR_REQ: /* Stolen from syncppp.c :-) */
192 rcu_read_lock();
193 in_dev = __in_dev_get_rcu(dev);
194 addr = 0;
195 mask = ~cpu_to_be32(0); /* is the mask correct? */
197 if (in_dev != NULL) {
198 struct in_ifaddr **ifap = &in_dev->ifa_list;
200 while (*ifap != NULL) {
201 if (strcmp(dev->name,
202 (*ifap)->ifa_label) == 0) {
203 addr = (*ifap)->ifa_local;
204 mask = (*ifap)->ifa_mask;
205 break;
207 ifap = &(*ifap)->ifa_next;
210 cisco_keepalive_send(dev, CISCO_ADDR_REPLY,
211 addr, mask);
213 rcu_read_unlock();
214 dev_kfree_skb_any(skb);
215 return NET_RX_SUCCESS;
217 case CISCO_ADDR_REPLY:
218 netdev_info(dev, "Unexpected Cisco IP address reply\n");
219 goto rx_error;
221 case CISCO_KEEPALIVE_REQ:
222 spin_lock(&st->lock);
223 st->rxseq = ntohl(cisco_data->par1);
224 ack = ntohl(cisco_data->par2);
225 if (ack && (ack == st->txseq ||
226 /* our current REQ may be in transit */
227 ack == st->txseq - 1)) {
228 st->last_poll = jiffies;
229 if (!st->up) {
230 u32 sec, min, hrs, days;
231 sec = ntohl(cisco_data->time) / 1000;
232 min = sec / 60; sec -= min * 60;
233 hrs = min / 60; min -= hrs * 60;
234 days = hrs / 24; hrs -= days * 24;
235 netdev_info(dev, "Link up (peer uptime %ud%uh%um%us)\n",
236 days, hrs, min, sec);
237 netif_dormant_off(dev);
238 st->up = 1;
241 spin_unlock(&st->lock);
243 dev_kfree_skb_any(skb);
244 return NET_RX_SUCCESS;
245 } /* switch (keepalive type) */
246 } /* switch (protocol) */
248 netdev_info(dev, "Unsupported protocol %x\n", ntohs(data->protocol));
249 dev_kfree_skb_any(skb);
250 return NET_RX_DROP;
252 rx_error:
253 dev->stats.rx_errors++; /* Mark error */
254 dev_kfree_skb_any(skb);
255 return NET_RX_DROP;
260 static void cisco_timer(unsigned long arg)
262 struct net_device *dev = (struct net_device *)arg;
263 hdlc_device *hdlc = dev_to_hdlc(dev);
264 struct cisco_state *st = state(hdlc);
266 spin_lock(&st->lock);
267 if (st->up &&
268 time_after(jiffies, st->last_poll + st->settings.timeout * HZ)) {
269 st->up = 0;
270 netdev_info(dev, "Link down\n");
271 netif_dormant_on(dev);
274 cisco_keepalive_send(dev, CISCO_KEEPALIVE_REQ, htonl(++st->txseq),
275 htonl(st->rxseq));
276 spin_unlock(&st->lock);
278 st->timer.expires = jiffies + st->settings.interval * HZ;
279 st->timer.function = cisco_timer;
280 st->timer.data = arg;
281 add_timer(&st->timer);
286 static void cisco_start(struct net_device *dev)
288 hdlc_device *hdlc = dev_to_hdlc(dev);
289 struct cisco_state *st = state(hdlc);
290 unsigned long flags;
292 spin_lock_irqsave(&st->lock, flags);
293 st->up = st->txseq = st->rxseq = 0;
294 spin_unlock_irqrestore(&st->lock, flags);
296 init_timer(&st->timer);
297 st->timer.expires = jiffies + HZ; /* First poll after 1 s */
298 st->timer.function = cisco_timer;
299 st->timer.data = (unsigned long)dev;
300 add_timer(&st->timer);
305 static void cisco_stop(struct net_device *dev)
307 hdlc_device *hdlc = dev_to_hdlc(dev);
308 struct cisco_state *st = state(hdlc);
309 unsigned long flags;
311 del_timer_sync(&st->timer);
313 spin_lock_irqsave(&st->lock, flags);
314 netif_dormant_on(dev);
315 st->up = st->txseq = 0;
316 spin_unlock_irqrestore(&st->lock, flags);
320 static struct hdlc_proto proto = {
321 .start = cisco_start,
322 .stop = cisco_stop,
323 .type_trans = cisco_type_trans,
324 .ioctl = cisco_ioctl,
325 .netif_rx = cisco_rx,
326 .module = THIS_MODULE,
329 static const struct header_ops cisco_header_ops = {
330 .create = cisco_hard_header,
333 static int cisco_ioctl(struct net_device *dev, struct ifreq *ifr)
335 cisco_proto __user *cisco_s = ifr->ifr_settings.ifs_ifsu.cisco;
336 const size_t size = sizeof(cisco_proto);
337 cisco_proto new_settings;
338 hdlc_device *hdlc = dev_to_hdlc(dev);
339 int result;
341 switch (ifr->ifr_settings.type) {
342 case IF_GET_PROTO:
343 if (dev_to_hdlc(dev)->proto != &proto)
344 return -EINVAL;
345 ifr->ifr_settings.type = IF_PROTO_CISCO;
346 if (ifr->ifr_settings.size < size) {
347 ifr->ifr_settings.size = size; /* data size wanted */
348 return -ENOBUFS;
350 if (copy_to_user(cisco_s, &state(hdlc)->settings, size))
351 return -EFAULT;
352 return 0;
354 case IF_PROTO_CISCO:
355 if (!capable(CAP_NET_ADMIN))
356 return -EPERM;
358 if (dev->flags & IFF_UP)
359 return -EBUSY;
361 if (copy_from_user(&new_settings, cisco_s, size))
362 return -EFAULT;
364 if (new_settings.interval < 1 ||
365 new_settings.timeout < 2)
366 return -EINVAL;
368 result = hdlc->attach(dev, ENCODING_NRZ,PARITY_CRC16_PR1_CCITT);
369 if (result)
370 return result;
372 result = attach_hdlc_protocol(dev, &proto,
373 sizeof(struct cisco_state));
374 if (result)
375 return result;
377 memcpy(&state(hdlc)->settings, &new_settings, size);
378 spin_lock_init(&state(hdlc)->lock);
379 dev->header_ops = &cisco_header_ops;
380 dev->type = ARPHRD_CISCO;
381 netif_dormant_on(dev);
382 return 0;
385 return -EINVAL;
389 static int __init mod_init(void)
391 register_hdlc_protocol(&proto);
392 return 0;
397 static void __exit mod_exit(void)
399 unregister_hdlc_protocol(&proto);
403 module_init(mod_init);
404 module_exit(mod_exit);
406 MODULE_AUTHOR("Krzysztof Halasa <khc@pm.waw.pl>");
407 MODULE_DESCRIPTION("Cisco HDLC protocol support for generic HDLC");
408 MODULE_LICENSE("GPL v2");