drivers/net/ppp_async.c at 5fdbe44d033d059cc56c2803e6b4dbd8cb4e5e39

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / net / ppp_async.c
at 5fdbe44d033d059cc56c2803e6b4dbd8cb4e5e39 1027 lines 24 kB view raw
wrap content
   1/*
   2 * PPP async serial channel driver for Linux.
   3 *
   4 * Copyright 1999 Paul Mackerras.
   5 *
   6 *  This program is free software; you can redistribute it and/or
   7 *  modify it under the terms of the GNU General Public License
   8 *  as published by the Free Software Foundation; either version
   9 *  2 of the License, or (at your option) any later version.
  10 *
  11 * This driver provides the encapsulation and framing for sending
  12 * and receiving PPP frames over async serial lines.  It relies on
  13 * the generic PPP layer to give it frames to send and to process
  14 * received frames.  It implements the PPP line discipline.
  15 *
  16 * Part of the code in this driver was inspired by the old async-only
  17 * PPP driver, written by Michael Callahan and Al Longyear, and
  18 * subsequently hacked by Paul Mackerras.
  19 */
  20
  21#include <linux/module.h>
  22#include <linux/kernel.h>
  23#include <linux/skbuff.h>
  24#include <linux/tty.h>
  25#include <linux/netdevice.h>
  26#include <linux/poll.h>
  27#include <linux/crc-ccitt.h>
  28#include <linux/ppp_defs.h>
  29#include <linux/if_ppp.h>
  30#include <linux/ppp_channel.h>
  31#include <linux/spinlock.h>
  32#include <linux/init.h>
  33#include <linux/jiffies.h>
  34#include <linux/slab.h>
  35#include <asm/uaccess.h>
  36#include <asm/string.h>
  37
  38#define PPP_VERSION	"2.4.2"
  39
  40#define OBUFSIZE	4096
  41
  42/* Structure for storing local state. */
  43struct asyncppp {
  44	struct tty_struct *tty;
  45	unsigned int	flags;
  46	unsigned int	state;
  47	unsigned int	rbits;
  48	int		mru;
  49	spinlock_t	xmit_lock;
  50	spinlock_t	recv_lock;
  51	unsigned long	xmit_flags;
  52	u32		xaccm[8];
  53	u32		raccm;
  54	unsigned int	bytes_sent;
  55	unsigned int	bytes_rcvd;
  56
  57	struct sk_buff	*tpkt;
  58	int		tpkt_pos;
  59	u16		tfcs;
  60	unsigned char	*optr;
  61	unsigned char	*olim;
  62	unsigned long	last_xmit;
  63
  64	struct sk_buff	*rpkt;
  65	int		lcp_fcs;
  66	struct sk_buff_head rqueue;
  67
  68	struct tasklet_struct tsk;
  69
  70	atomic_t	refcnt;
  71	struct semaphore dead_sem;
  72	struct ppp_channel chan;	/* interface to generic ppp layer */
  73	unsigned char	obuf[OBUFSIZE];
  74};
  75
  76/* Bit numbers in xmit_flags */
  77#define XMIT_WAKEUP	0
  78#define XMIT_FULL	1
  79#define XMIT_BUSY	2
  80
  81/* State bits */
  82#define SC_TOSS		1
  83#define SC_ESCAPE	2
  84#define SC_PREV_ERROR	4
  85
  86/* Bits in rbits */
  87#define SC_RCV_BITS	(SC_RCV_B7_1|SC_RCV_B7_0|SC_RCV_ODDP|SC_RCV_EVNP)
  88
  89static int flag_time = HZ;
  90module_param(flag_time, int, 0);
  91MODULE_PARM_DESC(flag_time, "ppp_async: interval between flagged packets (in clock ticks)");
  92MODULE_LICENSE("GPL");
  93MODULE_ALIAS_LDISC(N_PPP);
  94
  95/*
  96 * Prototypes.
  97 */
  98static int ppp_async_encode(struct asyncppp *ap);
  99static int ppp_async_send(struct ppp_channel *chan, struct sk_buff *skb);
 100static int ppp_async_push(struct asyncppp *ap);
 101static void ppp_async_flush_output(struct asyncppp *ap);
 102static void ppp_async_input(struct asyncppp *ap, const unsigned char *buf,
 103			    char *flags, int count);
 104static int ppp_async_ioctl(struct ppp_channel *chan, unsigned int cmd,
 105			   unsigned long arg);
 106static void ppp_async_process(unsigned long arg);
 107
 108static void async_lcp_peek(struct asyncppp *ap, unsigned char *data,
 109			   int len, int inbound);
 110
 111static const struct ppp_channel_ops async_ops = {
 112	.start_xmit = ppp_async_send,
 113	.ioctl      = ppp_async_ioctl,
 114};
 115
 116/*
 117 * Routines implementing the PPP line discipline.
 118 */
 119
 120/*
 121 * We have a potential race on dereferencing tty->disc_data,
 122 * because the tty layer provides no locking at all - thus one
 123 * cpu could be running ppp_asynctty_receive while another
 124 * calls ppp_asynctty_close, which zeroes tty->disc_data and
 125 * frees the memory that ppp_asynctty_receive is using.  The best
 126 * way to fix this is to use a rwlock in the tty struct, but for now
 127 * we use a single global rwlock for all ttys in ppp line discipline.
 128 *
 129 * FIXME: this is no longer true. The _close path for the ldisc is
 130 * now guaranteed to be sane.
 131 */
 132static DEFINE_RWLOCK(disc_data_lock);
 133
 134static struct asyncppp *ap_get(struct tty_struct *tty)
 135{
 136	struct asyncppp *ap;
 137
 138	read_lock(&disc_data_lock);
 139	ap = tty->disc_data;
 140	if (ap != NULL)
 141		atomic_inc(&ap->refcnt);
 142	read_unlock(&disc_data_lock);
 143	return ap;
 144}
 145
 146static void ap_put(struct asyncppp *ap)
 147{
 148	if (atomic_dec_and_test(&ap->refcnt))
 149		up(&ap->dead_sem);
 150}
 151
 152/*
 153 * Called when a tty is put into PPP line discipline. Called in process
 154 * context.
 155 */
 156static int
 157ppp_asynctty_open(struct tty_struct *tty)
 158{
 159	struct asyncppp *ap;
 160	int err;
 161	int speed;
 162
 163	if (tty->ops->write == NULL)
 164		return -EOPNOTSUPP;
 165
 166	err = -ENOMEM;
 167	ap = kzalloc(sizeof(*ap), GFP_KERNEL);
 168	if (!ap)
 169		goto out;
 170
 171	/* initialize the asyncppp structure */
 172	ap->tty = tty;
 173	ap->mru = PPP_MRU;
 174	spin_lock_init(&ap->xmit_lock);
 175	spin_lock_init(&ap->recv_lock);
 176	ap->xaccm[0] = ~0U;
 177	ap->xaccm[3] = 0x60000000U;
 178	ap->raccm = ~0U;
 179	ap->optr = ap->obuf;
 180	ap->olim = ap->obuf;
 181	ap->lcp_fcs = -1;
 182
 183	skb_queue_head_init(&ap->rqueue);
 184	tasklet_init(&ap->tsk, ppp_async_process, (unsigned long) ap);
 185
 186	atomic_set(&ap->refcnt, 1);
 187	sema_init(&ap->dead_sem, 0);
 188
 189	ap->chan.private = ap;
 190	ap->chan.ops = &async_ops;
 191	ap->chan.mtu = PPP_MRU;
 192	speed = tty_get_baud_rate(tty);
 193	ap->chan.speed = speed;
 194	err = ppp_register_channel(&ap->chan);
 195	if (err)
 196		goto out_free;
 197
 198	tty->disc_data = ap;
 199	tty->receive_room = 65536;
 200	return 0;
 201
 202 out_free:
 203	kfree(ap);
 204 out:
 205	return err;
 206}
 207
 208/*
 209 * Called when the tty is put into another line discipline
 210 * or it hangs up.  We have to wait for any cpu currently
 211 * executing in any of the other ppp_asynctty_* routines to
 212 * finish before we can call ppp_unregister_channel and free
 213 * the asyncppp struct.  This routine must be called from
 214 * process context, not interrupt or softirq context.
 215 */
 216static void
 217ppp_asynctty_close(struct tty_struct *tty)
 218{
 219	struct asyncppp *ap;
 220
 221	write_lock_irq(&disc_data_lock);
 222	ap = tty->disc_data;
 223	tty->disc_data = NULL;
 224	write_unlock_irq(&disc_data_lock);
 225	if (!ap)
 226		return;
 227
 228	/*
 229	 * We have now ensured that nobody can start using ap from now
 230	 * on, but we have to wait for all existing users to finish.
 231	 * Note that ppp_unregister_channel ensures that no calls to
 232	 * our channel ops (i.e. ppp_async_send/ioctl) are in progress
 233	 * by the time it returns.
 234	 */
 235	if (!atomic_dec_and_test(&ap->refcnt))
 236		down(&ap->dead_sem);
 237	tasklet_kill(&ap->tsk);
 238
 239	ppp_unregister_channel(&ap->chan);
 240	kfree_skb(ap->rpkt);
 241	skb_queue_purge(&ap->rqueue);
 242	kfree_skb(ap->tpkt);
 243	kfree(ap);
 244}
 245
 246/*
 247 * Called on tty hangup in process context.
 248 *
 249 * Wait for I/O to driver to complete and unregister PPP channel.
 250 * This is already done by the close routine, so just call that.
 251 */
 252static int ppp_asynctty_hangup(struct tty_struct *tty)
 253{
 254	ppp_asynctty_close(tty);
 255	return 0;
 256}
 257
 258/*
 259 * Read does nothing - no data is ever available this way.
 260 * Pppd reads and writes packets via /dev/ppp instead.
 261 */
 262static ssize_t
 263ppp_asynctty_read(struct tty_struct *tty, struct file *file,
 264		  unsigned char __user *buf, size_t count)
 265{
 266	return -EAGAIN;
 267}
 268
 269/*
 270 * Write on the tty does nothing, the packets all come in
 271 * from the ppp generic stuff.
 272 */
 273static ssize_t
 274ppp_asynctty_write(struct tty_struct *tty, struct file *file,
 275		   const unsigned char *buf, size_t count)
 276{
 277	return -EAGAIN;
 278}
 279
 280/*
 281 * Called in process context only. May be re-entered by multiple
 282 * ioctl calling threads.
 283 */
 284
 285static int
 286ppp_asynctty_ioctl(struct tty_struct *tty, struct file *file,
 287		   unsigned int cmd, unsigned long arg)
 288{
 289	struct asyncppp *ap = ap_get(tty);
 290	int err, val;
 291	int __user *p = (int __user *)arg;
 292
 293	if (!ap)
 294		return -ENXIO;
 295	err = -EFAULT;
 296	switch (cmd) {
 297	case PPPIOCGCHAN:
 298		err = -EFAULT;
 299		if (put_user(ppp_channel_index(&ap->chan), p))
 300			break;
 301		err = 0;
 302		break;
 303
 304	case PPPIOCGUNIT:
 305		err = -EFAULT;
 306		if (put_user(ppp_unit_number(&ap->chan), p))
 307			break;
 308		err = 0;
 309		break;
 310
 311	case TCFLSH:
 312		/* flush our buffers and the serial port's buffer */
 313		if (arg == TCIOFLUSH || arg == TCOFLUSH)
 314			ppp_async_flush_output(ap);
 315		err = tty_perform_flush(tty, arg);
 316		break;
 317
 318	case FIONREAD:
 319		val = 0;
 320		if (put_user(val, p))
 321			break;
 322		err = 0;
 323		break;
 324
 325	default:
 326		/* Try the various mode ioctls */
 327		err = tty_mode_ioctl(tty, file, cmd, arg);
 328	}
 329
 330	ap_put(ap);
 331	return err;
 332}
 333
 334/* No kernel lock - fine */
 335static unsigned int
 336ppp_asynctty_poll(struct tty_struct *tty, struct file *file, poll_table *wait)
 337{
 338	return 0;
 339}
 340
 341/* May sleep, don't call from interrupt level or with interrupts disabled */
 342static void
 343ppp_asynctty_receive(struct tty_struct *tty, const unsigned char *buf,
 344		  char *cflags, int count)
 345{
 346	struct asyncppp *ap = ap_get(tty);
 347	unsigned long flags;
 348
 349	if (!ap)
 350		return;
 351	spin_lock_irqsave(&ap->recv_lock, flags);
 352	ppp_async_input(ap, buf, cflags, count);
 353	spin_unlock_irqrestore(&ap->recv_lock, flags);
 354	if (!skb_queue_empty(&ap->rqueue))
 355		tasklet_schedule(&ap->tsk);
 356	ap_put(ap);
 357	tty_unthrottle(tty);
 358}
 359
 360static void
 361ppp_asynctty_wakeup(struct tty_struct *tty)
 362{
 363	struct asyncppp *ap = ap_get(tty);
 364
 365	clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
 366	if (!ap)
 367		return;
 368	set_bit(XMIT_WAKEUP, &ap->xmit_flags);
 369	tasklet_schedule(&ap->tsk);
 370	ap_put(ap);
 371}
 372
 373
 374static struct tty_ldisc_ops ppp_ldisc = {
 375	.owner  = THIS_MODULE,
 376	.magic	= TTY_LDISC_MAGIC,
 377	.name	= "ppp",
 378	.open	= ppp_asynctty_open,
 379	.close	= ppp_asynctty_close,
 380	.hangup	= ppp_asynctty_hangup,
 381	.read	= ppp_asynctty_read,
 382	.write	= ppp_asynctty_write,
 383	.ioctl	= ppp_asynctty_ioctl,
 384	.poll	= ppp_asynctty_poll,
 385	.receive_buf = ppp_asynctty_receive,
 386	.write_wakeup = ppp_asynctty_wakeup,
 387};
 388
 389static int __init
 390ppp_async_init(void)
 391{
 392	int err;
 393
 394	err = tty_register_ldisc(N_PPP, &ppp_ldisc);
 395	if (err != 0)
 396		printk(KERN_ERR "PPP_async: error %d registering line disc.\n",
 397		       err);
 398	return err;
 399}
 400
 401/*
 402 * The following routines provide the PPP channel interface.
 403 */
 404static int
 405ppp_async_ioctl(struct ppp_channel *chan, unsigned int cmd, unsigned long arg)
 406{
 407	struct asyncppp *ap = chan->private;
 408	void __user *argp = (void __user *)arg;
 409	int __user *p = argp;
 410	int err, val;
 411	u32 accm[8];
 412
 413	err = -EFAULT;
 414	switch (cmd) {
 415	case PPPIOCGFLAGS:
 416		val = ap->flags | ap->rbits;
 417		if (put_user(val, p))
 418			break;
 419		err = 0;
 420		break;
 421	case PPPIOCSFLAGS:
 422		if (get_user(val, p))
 423			break;
 424		ap->flags = val & ~SC_RCV_BITS;
 425		spin_lock_irq(&ap->recv_lock);
 426		ap->rbits = val & SC_RCV_BITS;
 427		spin_unlock_irq(&ap->recv_lock);
 428		err = 0;
 429		break;
 430
 431	case PPPIOCGASYNCMAP:
 432		if (put_user(ap->xaccm[0], (u32 __user *)argp))
 433			break;
 434		err = 0;
 435		break;
 436	case PPPIOCSASYNCMAP:
 437		if (get_user(ap->xaccm[0], (u32 __user *)argp))
 438			break;
 439		err = 0;
 440		break;
 441
 442	case PPPIOCGRASYNCMAP:
 443		if (put_user(ap->raccm, (u32 __user *)argp))
 444			break;
 445		err = 0;
 446		break;
 447	case PPPIOCSRASYNCMAP:
 448		if (get_user(ap->raccm, (u32 __user *)argp))
 449			break;
 450		err = 0;
 451		break;
 452
 453	case PPPIOCGXASYNCMAP:
 454		if (copy_to_user(argp, ap->xaccm, sizeof(ap->xaccm)))
 455			break;
 456		err = 0;
 457		break;
 458	case PPPIOCSXASYNCMAP:
 459		if (copy_from_user(accm, argp, sizeof(accm)))
 460			break;
 461		accm[2] &= ~0x40000000U;	/* can't escape 0x5e */
 462		accm[3] |= 0x60000000U;		/* must escape 0x7d, 0x7e */
 463		memcpy(ap->xaccm, accm, sizeof(ap->xaccm));
 464		err = 0;
 465		break;
 466
 467	case PPPIOCGMRU:
 468		if (put_user(ap->mru, p))
 469			break;
 470		err = 0;
 471		break;
 472	case PPPIOCSMRU:
 473		if (get_user(val, p))
 474			break;
 475		if (val < PPP_MRU)
 476			val = PPP_MRU;
 477		ap->mru = val;
 478		err = 0;
 479		break;
 480
 481	default:
 482		err = -ENOTTY;
 483	}
 484
 485	return err;
 486}
 487
 488/*
 489 * This is called at softirq level to deliver received packets
 490 * to the ppp_generic code, and to tell the ppp_generic code
 491 * if we can accept more output now.
 492 */
 493static void ppp_async_process(unsigned long arg)
 494{
 495	struct asyncppp *ap = (struct asyncppp *) arg;
 496	struct sk_buff *skb;
 497
 498	/* process received packets */
 499	while ((skb = skb_dequeue(&ap->rqueue)) != NULL) {
 500		if (skb->cb[0])
 501			ppp_input_error(&ap->chan, 0);
 502		ppp_input(&ap->chan, skb);
 503	}
 504
 505	/* try to push more stuff out */
 506	if (test_bit(XMIT_WAKEUP, &ap->xmit_flags) && ppp_async_push(ap))
 507		ppp_output_wakeup(&ap->chan);
 508}
 509
 510/*
 511 * Procedures for encapsulation and framing.
 512 */
 513
 514/*
 515 * Procedure to encode the data for async serial transmission.
 516 * Does octet stuffing (escaping), puts the address/control bytes
 517 * on if A/C compression is disabled, and does protocol compression.
 518 * Assumes ap->tpkt != 0 on entry.
 519 * Returns 1 if we finished the current frame, 0 otherwise.
 520 */
 521
 522#define PUT_BYTE(ap, buf, c, islcp)	do {		\
 523	if ((islcp && c < 0x20) || (ap->xaccm[c >> 5] & (1 << (c & 0x1f)))) {\
 524		*buf++ = PPP_ESCAPE;			\
 525		*buf++ = c ^ 0x20;			\
 526	} else						\
 527		*buf++ = c;				\
 528} while (0)
 529
 530static int
 531ppp_async_encode(struct asyncppp *ap)
 532{
 533	int fcs, i, count, c, proto;
 534	unsigned char *buf, *buflim;
 535	unsigned char *data;
 536	int islcp;
 537
 538	buf = ap->obuf;
 539	ap->olim = buf;
 540	ap->optr = buf;
 541	i = ap->tpkt_pos;
 542	data = ap->tpkt->data;
 543	count = ap->tpkt->len;
 544	fcs = ap->tfcs;
 545	proto = (data[0] << 8) + data[1];
 546
 547	/*
 548	 * LCP packets with code values between 1 (configure-reqest)
 549	 * and 7 (code-reject) must be sent as though no options
 550	 * had been negotiated.
 551	 */
 552	islcp = proto == PPP_LCP && 1 <= data[2] && data[2] <= 7;
 553
 554	if (i == 0) {
 555		if (islcp)
 556			async_lcp_peek(ap, data, count, 0);
 557
 558		/*
 559		 * Start of a new packet - insert the leading FLAG
 560		 * character if necessary.
 561		 */
 562		if (islcp || flag_time == 0 ||
 563		    time_after_eq(jiffies, ap->last_xmit + flag_time))
 564			*buf++ = PPP_FLAG;
 565		ap->last_xmit = jiffies;
 566		fcs = PPP_INITFCS;
 567
 568		/*
 569		 * Put in the address/control bytes if necessary
 570		 */
 571		if ((ap->flags & SC_COMP_AC) == 0 || islcp) {
 572			PUT_BYTE(ap, buf, 0xff, islcp);
 573			fcs = PPP_FCS(fcs, 0xff);
 574			PUT_BYTE(ap, buf, 0x03, islcp);
 575			fcs = PPP_FCS(fcs, 0x03);
 576		}
 577	}
 578
 579	/*
 580	 * Once we put in the last byte, we need to put in the FCS
 581	 * and closing flag, so make sure there is at least 7 bytes
 582	 * of free space in the output buffer.
 583	 */
 584	buflim = ap->obuf + OBUFSIZE - 6;
 585	while (i < count && buf < buflim) {
 586		c = data[i++];
 587		if (i == 1 && c == 0 && (ap->flags & SC_COMP_PROT))
 588			continue;	/* compress protocol field */
 589		fcs = PPP_FCS(fcs, c);
 590		PUT_BYTE(ap, buf, c, islcp);
 591	}
 592
 593	if (i < count) {
 594		/*
 595		 * Remember where we are up to in this packet.
 596		 */
 597		ap->olim = buf;
 598		ap->tpkt_pos = i;
 599		ap->tfcs = fcs;
 600		return 0;
 601	}
 602
 603	/*
 604	 * We have finished the packet.  Add the FCS and flag.
 605	 */
 606	fcs = ~fcs;
 607	c = fcs & 0xff;
 608	PUT_BYTE(ap, buf, c, islcp);
 609	c = (fcs >> 8) & 0xff;
 610	PUT_BYTE(ap, buf, c, islcp);
 611	*buf++ = PPP_FLAG;
 612	ap->olim = buf;
 613
 614	kfree_skb(ap->tpkt);
 615	ap->tpkt = NULL;
 616	return 1;
 617}
 618
 619/*
 620 * Transmit-side routines.
 621 */
 622
 623/*
 624 * Send a packet to the peer over an async tty line.
 625 * Returns 1 iff the packet was accepted.
 626 * If the packet was not accepted, we will call ppp_output_wakeup
 627 * at some later time.
 628 */
 629static int
 630ppp_async_send(struct ppp_channel *chan, struct sk_buff *skb)
 631{
 632	struct asyncppp *ap = chan->private;
 633
 634	ppp_async_push(ap);
 635
 636	if (test_and_set_bit(XMIT_FULL, &ap->xmit_flags))
 637		return 0;	/* already full */
 638	ap->tpkt = skb;
 639	ap->tpkt_pos = 0;
 640
 641	ppp_async_push(ap);
 642	return 1;
 643}
 644
 645/*
 646 * Push as much data as possible out to the tty.
 647 */
 648static int
 649ppp_async_push(struct asyncppp *ap)
 650{
 651	int avail, sent, done = 0;
 652	struct tty_struct *tty = ap->tty;
 653	int tty_stuffed = 0;
 654
 655	/*
 656	 * We can get called recursively here if the tty write
 657	 * function calls our wakeup function.  This can happen
 658	 * for example on a pty with both the master and slave
 659	 * set to PPP line discipline.
 660	 * We use the XMIT_BUSY bit to detect this and get out,
 661	 * leaving the XMIT_WAKEUP bit set to tell the other
 662	 * instance that it may now be able to write more now.
 663	 */
 664	if (test_and_set_bit(XMIT_BUSY, &ap->xmit_flags))
 665		return 0;
 666	spin_lock_bh(&ap->xmit_lock);
 667	for (;;) {
 668		if (test_and_clear_bit(XMIT_WAKEUP, &ap->xmit_flags))
 669			tty_stuffed = 0;
 670		if (!tty_stuffed && ap->optr < ap->olim) {
 671			avail = ap->olim - ap->optr;
 672			set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
 673			sent = tty->ops->write(tty, ap->optr, avail);
 674			if (sent < 0)
 675				goto flush;	/* error, e.g. loss of CD */
 676			ap->optr += sent;
 677			if (sent < avail)
 678				tty_stuffed = 1;
 679			continue;
 680		}
 681		if (ap->optr >= ap->olim && ap->tpkt) {
 682			if (ppp_async_encode(ap)) {
 683				/* finished processing ap->tpkt */
 684				clear_bit(XMIT_FULL, &ap->xmit_flags);
 685				done = 1;
 686			}
 687			continue;
 688		}
 689		/*
 690		 * We haven't made any progress this time around.
 691		 * Clear XMIT_BUSY to let other callers in, but
 692		 * after doing so we have to check if anyone set
 693		 * XMIT_WAKEUP since we last checked it.  If they
 694		 * did, we should try again to set XMIT_BUSY and go
 695		 * around again in case XMIT_BUSY was still set when
 696		 * the other caller tried.
 697		 */
 698		clear_bit(XMIT_BUSY, &ap->xmit_flags);
 699		/* any more work to do? if not, exit the loop */
 700		if (!(test_bit(XMIT_WAKEUP, &ap->xmit_flags) ||
 701		      (!tty_stuffed && ap->tpkt)))
 702			break;
 703		/* more work to do, see if we can do it now */
 704		if (test_and_set_bit(XMIT_BUSY, &ap->xmit_flags))
 705			break;
 706	}
 707	spin_unlock_bh(&ap->xmit_lock);
 708	return done;
 709
 710flush:
 711	clear_bit(XMIT_BUSY, &ap->xmit_flags);
 712	if (ap->tpkt) {
 713		kfree_skb(ap->tpkt);
 714		ap->tpkt = NULL;
 715		clear_bit(XMIT_FULL, &ap->xmit_flags);
 716		done = 1;
 717	}
 718	ap->optr = ap->olim;
 719	spin_unlock_bh(&ap->xmit_lock);
 720	return done;
 721}
 722
 723/*
 724 * Flush output from our internal buffers.
 725 * Called for the TCFLSH ioctl. Can be entered in parallel
 726 * but this is covered by the xmit_lock.
 727 */
 728static void
 729ppp_async_flush_output(struct asyncppp *ap)
 730{
 731	int done = 0;
 732
 733	spin_lock_bh(&ap->xmit_lock);
 734	ap->optr = ap->olim;
 735	if (ap->tpkt != NULL) {
 736		kfree_skb(ap->tpkt);
 737		ap->tpkt = NULL;
 738		clear_bit(XMIT_FULL, &ap->xmit_flags);
 739		done = 1;
 740	}
 741	spin_unlock_bh(&ap->xmit_lock);
 742	if (done)
 743		ppp_output_wakeup(&ap->chan);
 744}
 745
 746/*
 747 * Receive-side routines.
 748 */
 749
 750/* see how many ordinary chars there are at the start of buf */
 751static inline int
 752scan_ordinary(struct asyncppp *ap, const unsigned char *buf, int count)
 753{
 754	int i, c;
 755
 756	for (i = 0; i < count; ++i) {
 757		c = buf[i];
 758		if (c == PPP_ESCAPE || c == PPP_FLAG ||
 759		    (c < 0x20 && (ap->raccm & (1 << c)) != 0))
 760			break;
 761	}
 762	return i;
 763}
 764
 765/* called when a flag is seen - do end-of-packet processing */
 766static void
 767process_input_packet(struct asyncppp *ap)
 768{
 769	struct sk_buff *skb;
 770	unsigned char *p;
 771	unsigned int len, fcs, proto;
 772
 773	skb = ap->rpkt;
 774	if (ap->state & (SC_TOSS | SC_ESCAPE))
 775		goto err;
 776
 777	if (skb == NULL)
 778		return;		/* 0-length packet */
 779
 780	/* check the FCS */
 781	p = skb->data;
 782	len = skb->len;
 783	if (len < 3)
 784		goto err;	/* too short */
 785	fcs = PPP_INITFCS;
 786	for (; len > 0; --len)
 787		fcs = PPP_FCS(fcs, *p++);
 788	if (fcs != PPP_GOODFCS)
 789		goto err;	/* bad FCS */
 790	skb_trim(skb, skb->len - 2);
 791
 792	/* check for address/control and protocol compression */
 793	p = skb->data;
 794	if (p[0] == PPP_ALLSTATIONS) {
 795		/* chop off address/control */
 796		if (p[1] != PPP_UI || skb->len < 3)
 797			goto err;
 798		p = skb_pull(skb, 2);
 799	}
 800	proto = p[0];
 801	if (proto & 1) {
 802		/* protocol is compressed */
 803		skb_push(skb, 1)[0] = 0;
 804	} else {
 805		if (skb->len < 2)
 806			goto err;
 807		proto = (proto << 8) + p[1];
 808		if (proto == PPP_LCP)
 809			async_lcp_peek(ap, p, skb->len, 1);
 810	}
 811
 812	/* queue the frame to be processed */
 813	skb->cb[0] = ap->state;
 814	skb_queue_tail(&ap->rqueue, skb);
 815	ap->rpkt = NULL;
 816	ap->state = 0;
 817	return;
 818
 819 err:
 820	/* frame had an error, remember that, reset SC_TOSS & SC_ESCAPE */
 821	ap->state = SC_PREV_ERROR;
 822	if (skb) {
 823		/* make skb appear as freshly allocated */
 824		skb_trim(skb, 0);
 825		skb_reserve(skb, - skb_headroom(skb));
 826	}
 827}
 828
 829/* Called when the tty driver has data for us. Runs parallel with the
 830   other ldisc functions but will not be re-entered */
 831
 832static void
 833ppp_async_input(struct asyncppp *ap, const unsigned char *buf,
 834		char *flags, int count)
 835{
 836	struct sk_buff *skb;
 837	int c, i, j, n, s, f;
 838	unsigned char *sp;
 839
 840	/* update bits used for 8-bit cleanness detection */
 841	if (~ap->rbits & SC_RCV_BITS) {
 842		s = 0;
 843		for (i = 0; i < count; ++i) {
 844			c = buf[i];
 845			if (flags && flags[i] != 0)
 846				continue;
 847			s |= (c & 0x80)? SC_RCV_B7_1: SC_RCV_B7_0;
 848			c = ((c >> 4) ^ c) & 0xf;
 849			s |= (0x6996 & (1 << c))? SC_RCV_ODDP: SC_RCV_EVNP;
 850		}
 851		ap->rbits |= s;
 852	}
 853
 854	while (count > 0) {
 855		/* scan through and see how many chars we can do in bulk */
 856		if ((ap->state & SC_ESCAPE) && buf[0] == PPP_ESCAPE)
 857			n = 1;
 858		else
 859			n = scan_ordinary(ap, buf, count);
 860
 861		f = 0;
 862		if (flags && (ap->state & SC_TOSS) == 0) {
 863			/* check the flags to see if any char had an error */
 864			for (j = 0; j < n; ++j)
 865				if ((f = flags[j]) != 0)
 866					break;
 867		}
 868		if (f != 0) {
 869			/* start tossing */
 870			ap->state |= SC_TOSS;
 871
 872		} else if (n > 0 && (ap->state & SC_TOSS) == 0) {
 873			/* stuff the chars in the skb */
 874			skb = ap->rpkt;
 875			if (!skb) {
 876				skb = dev_alloc_skb(ap->mru + PPP_HDRLEN + 2);
 877				if (!skb)
 878					goto nomem;
 879 				ap->rpkt = skb;
 880 			}
 881 			if (skb->len == 0) {
 882 				/* Try to get the payload 4-byte aligned.
 883 				 * This should match the
 884 				 * PPP_ALLSTATIONS/PPP_UI/compressed tests in
 885 				 * process_input_packet, but we do not have
 886 				 * enough chars here to test buf[1] and buf[2].
 887 				 */
 888				if (buf[0] != PPP_ALLSTATIONS)
 889					skb_reserve(skb, 2 + (buf[0] & 1));
 890			}
 891			if (n > skb_tailroom(skb)) {
 892				/* packet overflowed MRU */
 893				ap->state |= SC_TOSS;
 894			} else {
 895				sp = skb_put(skb, n);
 896				memcpy(sp, buf, n);
 897				if (ap->state & SC_ESCAPE) {
 898					sp[0] ^= 0x20;
 899					ap->state &= ~SC_ESCAPE;
 900				}
 901			}
 902		}
 903
 904		if (n >= count)
 905			break;
 906
 907		c = buf[n];
 908		if (flags != NULL && flags[n] != 0) {
 909			ap->state |= SC_TOSS;
 910		} else if (c == PPP_FLAG) {
 911			process_input_packet(ap);
 912		} else if (c == PPP_ESCAPE) {
 913			ap->state |= SC_ESCAPE;
 914		} else if (I_IXON(ap->tty)) {
 915			if (c == START_CHAR(ap->tty))
 916				start_tty(ap->tty);
 917			else if (c == STOP_CHAR(ap->tty))
 918				stop_tty(ap->tty);
 919		}
 920		/* otherwise it's a char in the recv ACCM */
 921		++n;
 922
 923		buf += n;
 924		if (flags)
 925			flags += n;
 926		count -= n;
 927	}
 928	return;
 929
 930 nomem:
 931	printk(KERN_ERR "PPPasync: no memory (input pkt)\n");
 932	ap->state |= SC_TOSS;
 933}
 934
 935/*
 936 * We look at LCP frames going past so that we can notice
 937 * and react to the LCP configure-ack from the peer.
 938 * In the situation where the peer has been sent a configure-ack
 939 * already, LCP is up once it has sent its configure-ack
 940 * so the immediately following packet can be sent with the
 941 * configured LCP options.  This allows us to process the following
 942 * packet correctly without pppd needing to respond quickly.
 943 *
 944 * We only respond to the received configure-ack if we have just
 945 * sent a configure-request, and the configure-ack contains the
 946 * same data (this is checked using a 16-bit crc of the data).
 947 */
 948#define CONFREQ		1	/* LCP code field values */
 949#define CONFACK		2
 950#define LCP_MRU		1	/* LCP option numbers */
 951#define LCP_ASYNCMAP	2
 952
 953static void async_lcp_peek(struct asyncppp *ap, unsigned char *data,
 954			   int len, int inbound)
 955{
 956	int dlen, fcs, i, code;
 957	u32 val;
 958
 959	data += 2;		/* skip protocol bytes */
 960	len -= 2;
 961	if (len < 4)		/* 4 = code, ID, length */
 962		return;
 963	code = data[0];
 964	if (code != CONFACK && code != CONFREQ)
 965		return;
 966	dlen = (data[2] << 8) + data[3];
 967	if (len < dlen)
 968		return;		/* packet got truncated or length is bogus */
 969
 970	if (code == (inbound? CONFACK: CONFREQ)) {
 971		/*
 972		 * sent confreq or received confack:
 973		 * calculate the crc of the data from the ID field on.
 974		 */
 975		fcs = PPP_INITFCS;
 976		for (i = 1; i < dlen; ++i)
 977			fcs = PPP_FCS(fcs, data[i]);
 978
 979		if (!inbound) {
 980			/* outbound confreq - remember the crc for later */
 981			ap->lcp_fcs = fcs;
 982			return;
 983		}
 984
 985		/* received confack, check the crc */
 986		fcs ^= ap->lcp_fcs;
 987		ap->lcp_fcs = -1;
 988		if (fcs != 0)
 989			return;
 990	} else if (inbound)
 991		return;	/* not interested in received confreq */
 992
 993	/* process the options in the confack */
 994	data += 4;
 995	dlen -= 4;
 996	/* data[0] is code, data[1] is length */
 997	while (dlen >= 2 && dlen >= data[1] && data[1] >= 2) {
 998		switch (data[0]) {
 999		case LCP_MRU:
1000			val = (data[2] << 8) + data[3];
1001			if (inbound)
1002				ap->mru = val;
1003			else
1004				ap->chan.mtu = val;
1005			break;
1006		case LCP_ASYNCMAP:
1007			val = (data[2] << 24) + (data[3] << 16)
1008				+ (data[4] << 8) + data[5];
1009			if (inbound)
1010				ap->raccm = val;
1011			else
1012				ap->xaccm[0] = val;
1013			break;
1014		}
1015		dlen -= data[1];
1016		data += data[1];
1017	}
1018}
1019
1020static void __exit ppp_async_cleanup(void)
1021{
1022	if (tty_unregister_ldisc(N_PPP) != 0)
1023		printk(KERN_ERR "failed to unregister PPP line discipline\n");
1024}
1025
1026module_init(ppp_async_init);
1027module_exit(ppp_async_cleanup);
Configure Feed

Configure Feed
