drivers/net/pppoe.c at v2.6.21-rc3

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / net / pppoe.c
at v2.6.21-rc3 1152 lines 26 kB view raw
wrap content
   1/** -*- linux-c -*- ***********************************************************
   2 * Linux PPP over Ethernet (PPPoX/PPPoE) Sockets
   3 *
   4 * PPPoX --- Generic PPP encapsulation socket family
   5 * PPPoE --- PPP over Ethernet (RFC 2516)
   6 *
   7 *
   8 * Version:	0.7.0
   9 *
  10 * 070228 :	Fix to allow multiple sessions with same remote MAC and same
  11 *		session id by including the local device ifindex in the
  12 *		tuple identifying a session. This also ensures packets can't
  13 *		be injected into a session from interfaces other than the one
  14 *		specified by userspace. Florian Zumbiehl <florz@florz.de>
  15 *		(Oh, BTW, this one is YYMMDD, in case you were wondering ...)
  16 * 220102 :	Fix module use count on failure in pppoe_create, pppox_sk -acme
  17 * 030700 :	Fixed connect logic to allow for disconnect.
  18 * 270700 :	Fixed potential SMP problems; we must protect against
  19 *		simultaneous invocation of ppp_input
  20 *		and ppp_unregister_channel.
  21 * 040800 :	Respect reference count mechanisms on net-devices.
  22 * 200800 :	fix kfree(skb) in pppoe_rcv (acme)
  23 *		Module reference count is decremented in the right spot now,
  24 *		guards against sock_put not actually freeing the sk
  25 *		in pppoe_release.
  26 * 051000 :	Initialization cleanup.
  27 * 111100 :	Fix recvmsg.
  28 * 050101 :	Fix PADT procesing.
  29 * 140501 :	Use pppoe_rcv_core to handle all backlog. (Alexey)
  30 * 170701 :	Do not lock_sock with rwlock held. (DaveM)
  31 *		Ignore discovery frames if user has socket
  32 *		locked. (DaveM)
  33 *		Ignore return value of dev_queue_xmit in __pppoe_xmit
  34 *		or else we may kfree an SKB twice. (DaveM)
  35 * 190701 :	When doing copies of skb's in __pppoe_xmit, always delete
  36 *		the original skb that was passed in on success, never on
  37 *		failure.  Delete the copy of the skb on failure to avoid
  38 *		a memory leak.
  39 * 081001 :	Misc. cleanup (licence string, non-blocking, prevent
  40 *		reference of device on close).
  41 * 121301 :	New ppp channels interface; cannot unregister a channel
  42 *		from interrupts.  Thus, we mark the socket as a ZOMBIE
  43 *		and do the unregistration later.
  44 * 081002 :	seq_file support for proc stuff -acme
  45 * 111602 :	Merge all 2.4 fixes into 2.5/2.6 tree.  Label 2.5/2.6
  46 *		as version 0.7.  Spacing cleanup.
  47 * Author:	Michal Ostrowski <mostrows@speakeasy.net>
  48 * Contributors:
  49 * 		Arnaldo Carvalho de Melo <acme@conectiva.com.br>
  50 *		David S. Miller (davem@redhat.com)
  51 *
  52 * License:
  53 *		This program is free software; you can redistribute it and/or
  54 *		modify it under the terms of the GNU General Public License
  55 *		as published by the Free Software Foundation; either version
  56 *		2 of the License, or (at your option) any later version.
  57 *
  58 */
  59
  60#include <linux/string.h>
  61#include <linux/module.h>
  62#include <linux/kernel.h>
  63#include <linux/slab.h>
  64#include <linux/errno.h>
  65#include <linux/netdevice.h>
  66#include <linux/net.h>
  67#include <linux/inetdevice.h>
  68#include <linux/etherdevice.h>
  69#include <linux/skbuff.h>
  70#include <linux/init.h>
  71#include <linux/if_ether.h>
  72#include <linux/if_pppox.h>
  73#include <linux/ppp_channel.h>
  74#include <linux/ppp_defs.h>
  75#include <linux/if_ppp.h>
  76#include <linux/notifier.h>
  77#include <linux/file.h>
  78#include <linux/proc_fs.h>
  79#include <linux/seq_file.h>
  80
  81#include <net/sock.h>
  82
  83#include <asm/uaccess.h>
  84
  85#define PPPOE_HASH_BITS 4
  86#define PPPOE_HASH_SIZE (1<<PPPOE_HASH_BITS)
  87
  88static struct ppp_channel_ops pppoe_chan_ops;
  89
  90static int pppoe_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg);
  91static int pppoe_xmit(struct ppp_channel *chan, struct sk_buff *skb);
  92static int __pppoe_xmit(struct sock *sk, struct sk_buff *skb);
  93
  94static const struct proto_ops pppoe_ops;
  95static DEFINE_RWLOCK(pppoe_hash_lock);
  96
  97static struct ppp_channel_ops pppoe_chan_ops;
  98
  99static inline int cmp_2_addr(struct pppoe_addr *a, struct pppoe_addr *b)
 100{
 101	return (a->sid == b->sid &&
 102		(memcmp(a->remote, b->remote, ETH_ALEN) == 0));
 103}
 104
 105static inline int cmp_addr(struct pppoe_addr *a, unsigned long sid, char *addr)
 106{
 107	return (a->sid == sid &&
 108		(memcmp(a->remote,addr,ETH_ALEN) == 0));
 109}
 110
 111static int hash_item(unsigned long sid, unsigned char *addr)
 112{
 113	char hash = 0;
 114	int i, j;
 115
 116	for (i = 0; i < ETH_ALEN ; ++i) {
 117		for (j = 0; j < 8/PPPOE_HASH_BITS ; ++j) {
 118			hash ^= addr[i] >> ( j * PPPOE_HASH_BITS );
 119		}
 120	}
 121
 122	for (i = 0; i < (sizeof(unsigned long)*8) / PPPOE_HASH_BITS ; ++i)
 123		hash ^= sid >> (i*PPPOE_HASH_BITS);
 124
 125	return hash & ( PPPOE_HASH_SIZE - 1 );
 126}
 127
 128/* zeroed because its in .bss */
 129static struct pppox_sock *item_hash_table[PPPOE_HASH_SIZE];
 130
 131/**********************************************************************
 132 *
 133 *  Set/get/delete/rehash items  (internal versions)
 134 *
 135 **********************************************************************/
 136static struct pppox_sock *__get_item(unsigned long sid, unsigned char *addr, int ifindex)
 137{
 138	int hash = hash_item(sid, addr);
 139	struct pppox_sock *ret;
 140
 141	ret = item_hash_table[hash];
 142
 143	while (ret && !(cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_ifindex == ifindex))
 144		ret = ret->next;
 145
 146	return ret;
 147}
 148
 149static int __set_item(struct pppox_sock *po)
 150{
 151	int hash = hash_item(po->pppoe_pa.sid, po->pppoe_pa.remote);
 152	struct pppox_sock *ret;
 153
 154	ret = item_hash_table[hash];
 155	while (ret) {
 156		if (cmp_2_addr(&ret->pppoe_pa, &po->pppoe_pa) && ret->pppoe_ifindex == po->pppoe_ifindex)
 157			return -EALREADY;
 158
 159		ret = ret->next;
 160	}
 161
 162	po->next = item_hash_table[hash];
 163	item_hash_table[hash] = po;
 164
 165	return 0;
 166}
 167
 168static struct pppox_sock *__delete_item(unsigned long sid, char *addr, int ifindex)
 169{
 170	int hash = hash_item(sid, addr);
 171	struct pppox_sock *ret, **src;
 172
 173	ret = item_hash_table[hash];
 174	src = &item_hash_table[hash];
 175
 176	while (ret) {
 177		if (cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_ifindex == ifindex) {
 178			*src = ret->next;
 179			break;
 180		}
 181
 182		src = &ret->next;
 183		ret = ret->next;
 184	}
 185
 186	return ret;
 187}
 188
 189/**********************************************************************
 190 *
 191 *  Set/get/delete/rehash items
 192 *
 193 **********************************************************************/
 194static inline struct pppox_sock *get_item(unsigned long sid,
 195					 unsigned char *addr, int ifindex)
 196{
 197	struct pppox_sock *po;
 198
 199	read_lock_bh(&pppoe_hash_lock);
 200	po = __get_item(sid, addr, ifindex);
 201	if (po)
 202		sock_hold(sk_pppox(po));
 203	read_unlock_bh(&pppoe_hash_lock);
 204
 205	return po;
 206}
 207
 208static inline struct pppox_sock *get_item_by_addr(struct sockaddr_pppox *sp)
 209{
 210	struct net_device *dev = NULL;
 211	int ifindex;
 212
 213	dev = dev_get_by_name(sp->sa_addr.pppoe.dev);
 214	if(!dev)
 215		return NULL;
 216	ifindex = dev->ifindex;
 217	dev_put(dev);
 218	return get_item(sp->sa_addr.pppoe.sid, sp->sa_addr.pppoe.remote, ifindex);
 219}
 220
 221static inline int set_item(struct pppox_sock *po)
 222{
 223	int i;
 224
 225	if (!po)
 226		return -EINVAL;
 227
 228	write_lock_bh(&pppoe_hash_lock);
 229	i = __set_item(po);
 230	write_unlock_bh(&pppoe_hash_lock);
 231
 232	return i;
 233}
 234
 235static inline struct pppox_sock *delete_item(unsigned long sid, char *addr, int ifindex)
 236{
 237	struct pppox_sock *ret;
 238
 239	write_lock_bh(&pppoe_hash_lock);
 240	ret = __delete_item(sid, addr, ifindex);
 241	write_unlock_bh(&pppoe_hash_lock);
 242
 243	return ret;
 244}
 245
 246
 247
 248/***************************************************************************
 249 *
 250 *  Handler for device events.
 251 *  Certain device events require that sockets be unconnected.
 252 *
 253 **************************************************************************/
 254
 255static void pppoe_flush_dev(struct net_device *dev)
 256{
 257	int hash;
 258
 259	BUG_ON(dev == NULL);
 260
 261	read_lock_bh(&pppoe_hash_lock);
 262	for (hash = 0; hash < PPPOE_HASH_SIZE; hash++) {
 263		struct pppox_sock *po = item_hash_table[hash];
 264
 265		while (po != NULL) {
 266			if (po->pppoe_dev == dev) {
 267				struct sock *sk = sk_pppox(po);
 268
 269				sock_hold(sk);
 270				po->pppoe_dev = NULL;
 271
 272				/* We hold a reference to SK, now drop the
 273				 * hash table lock so that we may attempt
 274				 * to lock the socket (which can sleep).
 275				 */
 276				read_unlock_bh(&pppoe_hash_lock);
 277
 278				lock_sock(sk);
 279
 280				if (sk->sk_state &
 281				    (PPPOX_CONNECTED | PPPOX_BOUND)) {
 282					pppox_unbind_sock(sk);
 283					dev_put(dev);
 284					sk->sk_state = PPPOX_ZOMBIE;
 285					sk->sk_state_change(sk);
 286				}
 287
 288				release_sock(sk);
 289
 290				sock_put(sk);
 291
 292				read_lock_bh(&pppoe_hash_lock);
 293
 294				/* Now restart from the beginning of this
 295				 * hash chain.  We always NULL out pppoe_dev
 296				 * so we are guaranteed to make forward
 297				 * progress.
 298				 */
 299				po = item_hash_table[hash];
 300				continue;
 301			}
 302			po = po->next;
 303		}
 304	}
 305	read_unlock_bh(&pppoe_hash_lock);
 306}
 307
 308static int pppoe_device_event(struct notifier_block *this,
 309			      unsigned long event, void *ptr)
 310{
 311	struct net_device *dev = (struct net_device *) ptr;
 312
 313	/* Only look at sockets that are using this specific device. */
 314	switch (event) {
 315	case NETDEV_CHANGEMTU:
 316		/* A change in mtu is a bad thing, requiring
 317		 * LCP re-negotiation.
 318		 */
 319
 320	case NETDEV_GOING_DOWN:
 321	case NETDEV_DOWN:
 322		/* Find every socket on this device and kill it. */
 323		pppoe_flush_dev(dev);
 324		break;
 325
 326	default:
 327		break;
 328	};
 329
 330	return NOTIFY_DONE;
 331}
 332
 333
 334static struct notifier_block pppoe_notifier = {
 335	.notifier_call = pppoe_device_event,
 336};
 337
 338
 339/************************************************************************
 340 *
 341 * Do the real work of receiving a PPPoE Session frame.
 342 *
 343 ***********************************************************************/
 344static int pppoe_rcv_core(struct sock *sk, struct sk_buff *skb)
 345{
 346	struct pppox_sock *po = pppox_sk(sk);
 347	struct pppox_sock *relay_po = NULL;
 348
 349	if (sk->sk_state & PPPOX_BOUND) {
 350		struct pppoe_hdr *ph = (struct pppoe_hdr *) skb->nh.raw;
 351		int len = ntohs(ph->length);
 352		skb_pull_rcsum(skb, sizeof(struct pppoe_hdr));
 353		if (pskb_trim_rcsum(skb, len))
 354			goto abort_kfree;
 355
 356		ppp_input(&po->chan, skb);
 357	} else if (sk->sk_state & PPPOX_RELAY) {
 358		relay_po = get_item_by_addr(&po->pppoe_relay);
 359
 360		if (relay_po == NULL)
 361			goto abort_kfree;
 362
 363		if ((sk_pppox(relay_po)->sk_state & PPPOX_CONNECTED) == 0)
 364			goto abort_put;
 365
 366		skb_pull(skb, sizeof(struct pppoe_hdr));
 367		if (!__pppoe_xmit(sk_pppox(relay_po), skb))
 368			goto abort_put;
 369	} else {
 370		if (sock_queue_rcv_skb(sk, skb))
 371			goto abort_kfree;
 372	}
 373
 374	return NET_RX_SUCCESS;
 375
 376abort_put:
 377	sock_put(sk_pppox(relay_po));
 378
 379abort_kfree:
 380	kfree_skb(skb);
 381	return NET_RX_DROP;
 382}
 383
 384/************************************************************************
 385 *
 386 * Receive wrapper called in BH context.
 387 *
 388 ***********************************************************************/
 389static int pppoe_rcv(struct sk_buff *skb,
 390		     struct net_device *dev,
 391		     struct packet_type *pt,
 392		     struct net_device *orig_dev)
 393
 394{
 395	struct pppoe_hdr *ph;
 396	struct pppox_sock *po;
 397
 398	if (!pskb_may_pull(skb, sizeof(struct pppoe_hdr)))
 399		goto drop;
 400
 401	if (!(skb = skb_share_check(skb, GFP_ATOMIC)))
 402		goto out;
 403
 404	ph = (struct pppoe_hdr *) skb->nh.raw;
 405
 406	po = get_item((unsigned long) ph->sid, eth_hdr(skb)->h_source, dev->ifindex);
 407	if (po != NULL)
 408		return sk_receive_skb(sk_pppox(po), skb, 0);
 409drop:
 410	kfree_skb(skb);
 411out:
 412	return NET_RX_DROP;
 413}
 414
 415/************************************************************************
 416 *
 417 * Receive a PPPoE Discovery frame.
 418 * This is solely for detection of PADT frames
 419 *
 420 ***********************************************************************/
 421static int pppoe_disc_rcv(struct sk_buff *skb,
 422			  struct net_device *dev,
 423			  struct packet_type *pt,
 424			  struct net_device *orig_dev)
 425
 426{
 427	struct pppoe_hdr *ph;
 428	struct pppox_sock *po;
 429
 430	if (!pskb_may_pull(skb, sizeof(struct pppoe_hdr)))
 431		goto abort;
 432
 433	if (!(skb = skb_share_check(skb, GFP_ATOMIC)))
 434		goto out;
 435
 436	ph = (struct pppoe_hdr *) skb->nh.raw;
 437	if (ph->code != PADT_CODE)
 438		goto abort;
 439
 440	po = get_item((unsigned long) ph->sid, eth_hdr(skb)->h_source, dev->ifindex);
 441	if (po) {
 442		struct sock *sk = sk_pppox(po);
 443
 444		bh_lock_sock(sk);
 445
 446		/* If the user has locked the socket, just ignore
 447		 * the packet.  With the way two rcv protocols hook into
 448		 * one socket family type, we cannot (easily) distinguish
 449		 * what kind of SKB it is during backlog rcv.
 450		 */
 451		if (sock_owned_by_user(sk) == 0) {
 452			/* We're no longer connect at the PPPOE layer,
 453			 * and must wait for ppp channel to disconnect us.
 454			 */
 455			sk->sk_state = PPPOX_ZOMBIE;
 456		}
 457
 458		bh_unlock_sock(sk);
 459		sock_put(sk);
 460	}
 461
 462abort:
 463	kfree_skb(skb);
 464out:
 465	return NET_RX_SUCCESS; /* Lies... :-) */
 466}
 467
 468static struct packet_type pppoes_ptype = {
 469	.type	= __constant_htons(ETH_P_PPP_SES),
 470	.func	= pppoe_rcv,
 471};
 472
 473static struct packet_type pppoed_ptype = {
 474	.type	= __constant_htons(ETH_P_PPP_DISC),
 475	.func	= pppoe_disc_rcv,
 476};
 477
 478static struct proto pppoe_sk_proto = {
 479	.name	  = "PPPOE",
 480	.owner	  = THIS_MODULE,
 481	.obj_size = sizeof(struct pppox_sock),
 482};
 483
 484/***********************************************************************
 485 *
 486 * Initialize a new struct sock.
 487 *
 488 **********************************************************************/
 489static int pppoe_create(struct socket *sock)
 490{
 491	int error = -ENOMEM;
 492	struct sock *sk;
 493
 494	sk = sk_alloc(PF_PPPOX, GFP_KERNEL, &pppoe_sk_proto, 1);
 495	if (!sk)
 496		goto out;
 497
 498	sock_init_data(sock, sk);
 499
 500	sock->state = SS_UNCONNECTED;
 501	sock->ops   = &pppoe_ops;
 502
 503	sk->sk_backlog_rcv = pppoe_rcv_core;
 504	sk->sk_state	   = PPPOX_NONE;
 505	sk->sk_type	   = SOCK_STREAM;
 506	sk->sk_family	   = PF_PPPOX;
 507	sk->sk_protocol	   = PX_PROTO_OE;
 508
 509	error = 0;
 510out:	return error;
 511}
 512
 513static int pppoe_release(struct socket *sock)
 514{
 515	struct sock *sk = sock->sk;
 516	struct pppox_sock *po;
 517	int error = 0;
 518
 519	if (!sk)
 520		return 0;
 521
 522	if (sock_flag(sk, SOCK_DEAD))
 523		return -EBADF;
 524
 525	pppox_unbind_sock(sk);
 526
 527	/* Signal the death of the socket. */
 528	sk->sk_state = PPPOX_DEAD;
 529
 530	po = pppox_sk(sk);
 531	if (po->pppoe_pa.sid) {
 532		delete_item(po->pppoe_pa.sid, po->pppoe_pa.remote, po->pppoe_ifindex);
 533	}
 534
 535	if (po->pppoe_dev)
 536		dev_put(po->pppoe_dev);
 537
 538	po->pppoe_dev = NULL;
 539
 540	sock_orphan(sk);
 541	sock->sk = NULL;
 542
 543	skb_queue_purge(&sk->sk_receive_queue);
 544	sock_put(sk);
 545
 546	return error;
 547}
 548
 549
 550static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
 551		  int sockaddr_len, int flags)
 552{
 553	struct sock *sk = sock->sk;
 554	struct net_device *dev;
 555	struct sockaddr_pppox *sp = (struct sockaddr_pppox *) uservaddr;
 556	struct pppox_sock *po = pppox_sk(sk);
 557	int error;
 558
 559	lock_sock(sk);
 560
 561	error = -EINVAL;
 562	if (sp->sa_protocol != PX_PROTO_OE)
 563		goto end;
 564
 565	/* Check for already bound sockets */
 566	error = -EBUSY;
 567	if ((sk->sk_state & PPPOX_CONNECTED) && sp->sa_addr.pppoe.sid)
 568		goto end;
 569
 570	/* Check for already disconnected sockets, on attempts to disconnect */
 571	error = -EALREADY;
 572	if ((sk->sk_state & PPPOX_DEAD) && !sp->sa_addr.pppoe.sid )
 573		goto end;
 574
 575	error = 0;
 576	if (po->pppoe_pa.sid) {
 577		pppox_unbind_sock(sk);
 578
 579		/* Delete the old binding */
 580		delete_item(po->pppoe_pa.sid,po->pppoe_pa.remote,po->pppoe_ifindex);
 581
 582		if(po->pppoe_dev)
 583			dev_put(po->pppoe_dev);
 584
 585		memset(sk_pppox(po) + 1, 0,
 586		       sizeof(struct pppox_sock) - sizeof(struct sock));
 587
 588		sk->sk_state = PPPOX_NONE;
 589	}
 590
 591	/* Don't re-bind if sid==0 */
 592	if (sp->sa_addr.pppoe.sid != 0) {
 593		dev = dev_get_by_name(sp->sa_addr.pppoe.dev);
 594
 595		error = -ENODEV;
 596		if (!dev)
 597			goto end;
 598
 599		po->pppoe_dev = dev;
 600		po->pppoe_ifindex = dev->ifindex;
 601
 602		if (!(dev->flags & IFF_UP))
 603			goto err_put;
 604
 605		memcpy(&po->pppoe_pa,
 606		       &sp->sa_addr.pppoe,
 607		       sizeof(struct pppoe_addr));
 608
 609		error = set_item(po);
 610		if (error < 0)
 611			goto err_put;
 612
 613		po->chan.hdrlen = (sizeof(struct pppoe_hdr) +
 614				   dev->hard_header_len);
 615
 616		po->chan.mtu = dev->mtu - sizeof(struct pppoe_hdr);
 617		po->chan.private = sk;
 618		po->chan.ops = &pppoe_chan_ops;
 619
 620		error = ppp_register_channel(&po->chan);
 621		if (error)
 622			goto err_put;
 623
 624		sk->sk_state = PPPOX_CONNECTED;
 625	}
 626
 627	po->num = sp->sa_addr.pppoe.sid;
 628
 629 end:
 630	release_sock(sk);
 631	return error;
 632err_put:
 633	if (po->pppoe_dev) {
 634		dev_put(po->pppoe_dev);
 635		po->pppoe_dev = NULL;
 636	}
 637	goto end;
 638}
 639
 640
 641static int pppoe_getname(struct socket *sock, struct sockaddr *uaddr,
 642		  int *usockaddr_len, int peer)
 643{
 644	int len = sizeof(struct sockaddr_pppox);
 645	struct sockaddr_pppox sp;
 646
 647	sp.sa_family	= AF_PPPOX;
 648	sp.sa_protocol	= PX_PROTO_OE;
 649	memcpy(&sp.sa_addr.pppoe, &pppox_sk(sock->sk)->pppoe_pa,
 650	       sizeof(struct pppoe_addr));
 651
 652	memcpy(uaddr, &sp, len);
 653
 654	*usockaddr_len = len;
 655
 656	return 0;
 657}
 658
 659
 660static int pppoe_ioctl(struct socket *sock, unsigned int cmd,
 661		unsigned long arg)
 662{
 663	struct sock *sk = sock->sk;
 664	struct pppox_sock *po = pppox_sk(sk);
 665	int val = 0;
 666	int err = 0;
 667
 668	switch (cmd) {
 669	case PPPIOCGMRU:
 670		err = -ENXIO;
 671
 672		if (!(sk->sk_state & PPPOX_CONNECTED))
 673			break;
 674
 675		err = -EFAULT;
 676		if (put_user(po->pppoe_dev->mtu -
 677			     sizeof(struct pppoe_hdr) -
 678			     PPP_HDRLEN,
 679			     (int __user *) arg))
 680			break;
 681		err = 0;
 682		break;
 683
 684	case PPPIOCSMRU:
 685		err = -ENXIO;
 686		if (!(sk->sk_state & PPPOX_CONNECTED))
 687			break;
 688
 689		err = -EFAULT;
 690		if (get_user(val,(int __user *) arg))
 691			break;
 692
 693		if (val < (po->pppoe_dev->mtu
 694			   - sizeof(struct pppoe_hdr)
 695			   - PPP_HDRLEN))
 696			err = 0;
 697		else
 698			err = -EINVAL;
 699		break;
 700
 701	case PPPIOCSFLAGS:
 702		err = -EFAULT;
 703		if (get_user(val, (int __user *) arg))
 704			break;
 705		err = 0;
 706		break;
 707
 708	case PPPOEIOCSFWD:
 709	{
 710		struct pppox_sock *relay_po;
 711
 712		err = -EBUSY;
 713		if (sk->sk_state & (PPPOX_BOUND | PPPOX_ZOMBIE | PPPOX_DEAD))
 714			break;
 715
 716		err = -ENOTCONN;
 717		if (!(sk->sk_state & PPPOX_CONNECTED))
 718			break;
 719
 720		/* PPPoE address from the user specifies an outbound
 721		   PPPoE address which frames are forwarded to */
 722		err = -EFAULT;
 723		if (copy_from_user(&po->pppoe_relay,
 724				   (void __user *)arg,
 725				   sizeof(struct sockaddr_pppox)))
 726			break;
 727
 728		err = -EINVAL;
 729		if (po->pppoe_relay.sa_family != AF_PPPOX ||
 730		    po->pppoe_relay.sa_protocol!= PX_PROTO_OE)
 731			break;
 732
 733		/* Check that the socket referenced by the address
 734		   actually exists. */
 735		relay_po = get_item_by_addr(&po->pppoe_relay);
 736
 737		if (!relay_po)
 738			break;
 739
 740		sock_put(sk_pppox(relay_po));
 741		sk->sk_state |= PPPOX_RELAY;
 742		err = 0;
 743		break;
 744	}
 745
 746	case PPPOEIOCDFWD:
 747		err = -EALREADY;
 748		if (!(sk->sk_state & PPPOX_RELAY))
 749			break;
 750
 751		sk->sk_state &= ~PPPOX_RELAY;
 752		err = 0;
 753		break;
 754
 755	default:;
 756	};
 757
 758	return err;
 759}
 760
 761
 762static int pppoe_sendmsg(struct kiocb *iocb, struct socket *sock,
 763		  struct msghdr *m, size_t total_len)
 764{
 765	struct sk_buff *skb = NULL;
 766	struct sock *sk = sock->sk;
 767	struct pppox_sock *po = pppox_sk(sk);
 768	int error = 0;
 769	struct pppoe_hdr hdr;
 770	struct pppoe_hdr *ph;
 771	struct net_device *dev;
 772	char *start;
 773
 774	if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) {
 775		error = -ENOTCONN;
 776		goto end;
 777	}
 778
 779	hdr.ver = 1;
 780	hdr.type = 1;
 781	hdr.code = 0;
 782	hdr.sid = po->num;
 783
 784	lock_sock(sk);
 785
 786	dev = po->pppoe_dev;
 787
 788	error = -EMSGSIZE;
 789 	if (total_len > (dev->mtu + dev->hard_header_len))
 790		goto end;
 791
 792
 793	skb = sock_wmalloc(sk, total_len + dev->hard_header_len + 32,
 794			   0, GFP_KERNEL);
 795	if (!skb) {
 796		error = -ENOMEM;
 797		goto end;
 798	}
 799
 800	/* Reserve space for headers. */
 801	skb_reserve(skb, dev->hard_header_len);
 802	skb->nh.raw = skb->data;
 803
 804	skb->dev = dev;
 805
 806	skb->priority = sk->sk_priority;
 807	skb->protocol = __constant_htons(ETH_P_PPP_SES);
 808
 809	ph = (struct pppoe_hdr *) skb_put(skb, total_len + sizeof(struct pppoe_hdr));
 810	start = (char *) &ph->tag[0];
 811
 812	error = memcpy_fromiovec(start, m->msg_iov, total_len);
 813
 814	if (error < 0) {
 815		kfree_skb(skb);
 816		goto end;
 817	}
 818
 819	error = total_len;
 820	dev->hard_header(skb, dev, ETH_P_PPP_SES,
 821			 po->pppoe_pa.remote, NULL, total_len);
 822
 823	memcpy(ph, &hdr, sizeof(struct pppoe_hdr));
 824
 825	ph->length = htons(total_len);
 826
 827	dev_queue_xmit(skb);
 828
 829end:
 830	release_sock(sk);
 831	return error;
 832}
 833
 834
 835/************************************************************************
 836 *
 837 * xmit function for internal use.
 838 *
 839 ***********************************************************************/
 840static int __pppoe_xmit(struct sock *sk, struct sk_buff *skb)
 841{
 842	struct pppox_sock *po = pppox_sk(sk);
 843	struct net_device *dev = po->pppoe_dev;
 844	struct pppoe_hdr hdr;
 845	struct pppoe_hdr *ph;
 846	int headroom = skb_headroom(skb);
 847	int data_len = skb->len;
 848	struct sk_buff *skb2;
 849
 850	if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED))
 851		goto abort;
 852
 853	hdr.ver	= 1;
 854	hdr.type = 1;
 855	hdr.code = 0;
 856	hdr.sid	= po->num;
 857	hdr.length = htons(skb->len);
 858
 859	if (!dev)
 860		goto abort;
 861
 862	/* Copy the skb if there is no space for the header. */
 863	if (headroom < (sizeof(struct pppoe_hdr) + dev->hard_header_len)) {
 864		skb2 = dev_alloc_skb(32+skb->len +
 865				     sizeof(struct pppoe_hdr) +
 866				     dev->hard_header_len);
 867
 868		if (skb2 == NULL)
 869			goto abort;
 870
 871		skb_reserve(skb2, dev->hard_header_len + sizeof(struct pppoe_hdr));
 872		memcpy(skb_put(skb2, skb->len), skb->data, skb->len);
 873	} else {
 874		/* Make a clone so as to not disturb the original skb,
 875		 * give dev_queue_xmit something it can free.
 876		 */
 877		skb2 = skb_clone(skb, GFP_ATOMIC);
 878
 879		if (skb2 == NULL)
 880			goto abort;
 881	}
 882
 883	ph = (struct pppoe_hdr *) skb_push(skb2, sizeof(struct pppoe_hdr));
 884	memcpy(ph, &hdr, sizeof(struct pppoe_hdr));
 885	skb2->protocol = __constant_htons(ETH_P_PPP_SES);
 886
 887	skb2->nh.raw = skb2->data;
 888
 889	skb2->dev = dev;
 890
 891	dev->hard_header(skb2, dev, ETH_P_PPP_SES,
 892			 po->pppoe_pa.remote, NULL, data_len);
 893
 894	/* We're transmitting skb2, and assuming that dev_queue_xmit
 895	 * will free it.  The generic ppp layer however, is expecting
 896	 * that we give back 'skb' (not 'skb2') in case of failure,
 897	 * but free it in case of success.
 898	 */
 899
 900	if (dev_queue_xmit(skb2) < 0)
 901		goto abort;
 902
 903	kfree_skb(skb);
 904	return 1;
 905
 906abort:
 907	return 0;
 908}
 909
 910
 911/************************************************************************
 912 *
 913 * xmit function called by generic PPP driver
 914 * sends PPP frame over PPPoE socket
 915 *
 916 ***********************************************************************/
 917static int pppoe_xmit(struct ppp_channel *chan, struct sk_buff *skb)
 918{
 919	struct sock *sk = (struct sock *) chan->private;
 920	return __pppoe_xmit(sk, skb);
 921}
 922
 923
 924static struct ppp_channel_ops pppoe_chan_ops = {
 925	.start_xmit = pppoe_xmit,
 926};
 927
 928static int pppoe_recvmsg(struct kiocb *iocb, struct socket *sock,
 929		  struct msghdr *m, size_t total_len, int flags)
 930{
 931	struct sock *sk = sock->sk;
 932	struct sk_buff *skb = NULL;
 933	int error = 0;
 934	int len;
 935	struct pppoe_hdr *ph = NULL;
 936
 937	if (sk->sk_state & PPPOX_BOUND) {
 938		error = -EIO;
 939		goto end;
 940	}
 941
 942	skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
 943				flags & MSG_DONTWAIT, &error);
 944
 945	if (error < 0) {
 946		goto end;
 947	}
 948
 949	m->msg_namelen = 0;
 950
 951	if (skb) {
 952		error = 0;
 953		ph = (struct pppoe_hdr *) skb->nh.raw;
 954		len = ntohs(ph->length);
 955
 956		error = memcpy_toiovec(m->msg_iov, (unsigned char *) &ph->tag[0], len);
 957		if (error < 0)
 958			goto do_skb_free;
 959		error = len;
 960	}
 961
 962do_skb_free:
 963	if (skb)
 964		kfree_skb(skb);
 965end:
 966	return error;
 967}
 968
 969#ifdef CONFIG_PROC_FS
 970static int pppoe_seq_show(struct seq_file *seq, void *v)
 971{
 972	struct pppox_sock *po;
 973	char *dev_name;
 974
 975	if (v == SEQ_START_TOKEN) {
 976		seq_puts(seq, "Id       Address              Device\n");
 977		goto out;
 978	}
 979
 980	po = v;
 981	dev_name = po->pppoe_pa.dev;
 982
 983	seq_printf(seq, "%08X %02X:%02X:%02X:%02X:%02X:%02X %8s\n",
 984		   po->pppoe_pa.sid,
 985		   po->pppoe_pa.remote[0], po->pppoe_pa.remote[1],
 986		   po->pppoe_pa.remote[2], po->pppoe_pa.remote[3],
 987		   po->pppoe_pa.remote[4], po->pppoe_pa.remote[5], dev_name);
 988out:
 989	return 0;
 990}
 991
 992static __inline__ struct pppox_sock *pppoe_get_idx(loff_t pos)
 993{
 994	struct pppox_sock *po = NULL;
 995	int i = 0;
 996
 997	for (; i < PPPOE_HASH_SIZE; i++) {
 998		po = item_hash_table[i];
 999		while (po) {
1000			if (!pos--)
1001				goto out;
1002			po = po->next;
1003		}
1004	}
1005out:
1006	return po;
1007}
1008
1009static void *pppoe_seq_start(struct seq_file *seq, loff_t *pos)
1010{
1011	loff_t l = *pos;
1012
1013	read_lock_bh(&pppoe_hash_lock);
1014	return l ? pppoe_get_idx(--l) : SEQ_START_TOKEN;
1015}
1016
1017static void *pppoe_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1018{
1019	struct pppox_sock *po;
1020
1021	++*pos;
1022	if (v == SEQ_START_TOKEN) {
1023		po = pppoe_get_idx(0);
1024		goto out;
1025	}
1026	po = v;
1027	if (po->next)
1028		po = po->next;
1029	else {
1030		int hash = hash_item(po->pppoe_pa.sid, po->pppoe_pa.remote);
1031
1032		while (++hash < PPPOE_HASH_SIZE) {
1033			po = item_hash_table[hash];
1034			if (po)
1035				break;
1036		}
1037	}
1038out:
1039	return po;
1040}
1041
1042static void pppoe_seq_stop(struct seq_file *seq, void *v)
1043{
1044	read_unlock_bh(&pppoe_hash_lock);
1045}
1046
1047static struct seq_operations pppoe_seq_ops = {
1048	.start		= pppoe_seq_start,
1049	.next		= pppoe_seq_next,
1050	.stop		= pppoe_seq_stop,
1051	.show		= pppoe_seq_show,
1052};
1053
1054static int pppoe_seq_open(struct inode *inode, struct file *file)
1055{
1056	return seq_open(file, &pppoe_seq_ops);
1057}
1058
1059static const struct file_operations pppoe_seq_fops = {
1060	.owner		= THIS_MODULE,
1061	.open		= pppoe_seq_open,
1062	.read		= seq_read,
1063	.llseek		= seq_lseek,
1064	.release	= seq_release,
1065};
1066
1067static int __init pppoe_proc_init(void)
1068{
1069	struct proc_dir_entry *p;
1070
1071	p = create_proc_entry("net/pppoe", S_IRUGO, NULL);
1072	if (!p)
1073		return -ENOMEM;
1074
1075	p->proc_fops = &pppoe_seq_fops;
1076	return 0;
1077}
1078#else /* CONFIG_PROC_FS */
1079static inline int pppoe_proc_init(void) { return 0; }
1080#endif /* CONFIG_PROC_FS */
1081
1082static const struct proto_ops pppoe_ops = {
1083    .family		= AF_PPPOX,
1084    .owner		= THIS_MODULE,
1085    .release		= pppoe_release,
1086    .bind		= sock_no_bind,
1087    .connect		= pppoe_connect,
1088    .socketpair		= sock_no_socketpair,
1089    .accept		= sock_no_accept,
1090    .getname		= pppoe_getname,
1091    .poll		= datagram_poll,
1092    .listen		= sock_no_listen,
1093    .shutdown		= sock_no_shutdown,
1094    .setsockopt		= sock_no_setsockopt,
1095    .getsockopt		= sock_no_getsockopt,
1096    .sendmsg		= pppoe_sendmsg,
1097    .recvmsg		= pppoe_recvmsg,
1098    .mmap		= sock_no_mmap,
1099    .ioctl		= pppox_ioctl,
1100};
1101
1102static struct pppox_proto pppoe_proto = {
1103    .create	= pppoe_create,
1104    .ioctl	= pppoe_ioctl,
1105    .owner	= THIS_MODULE,
1106};
1107
1108
1109static int __init pppoe_init(void)
1110{
1111	int err = proto_register(&pppoe_sk_proto, 0);
1112
1113	if (err)
1114		goto out;
1115
1116 	err = register_pppox_proto(PX_PROTO_OE, &pppoe_proto);
1117	if (err)
1118		goto out_unregister_pppoe_proto;
1119
1120	err = pppoe_proc_init();
1121	if (err)
1122		goto out_unregister_pppox_proto;
1123
1124	dev_add_pack(&pppoes_ptype);
1125	dev_add_pack(&pppoed_ptype);
1126	register_netdevice_notifier(&pppoe_notifier);
1127out:
1128	return err;
1129out_unregister_pppox_proto:
1130	unregister_pppox_proto(PX_PROTO_OE);
1131out_unregister_pppoe_proto:
1132	proto_unregister(&pppoe_sk_proto);
1133	goto out;
1134}
1135
1136static void __exit pppoe_exit(void)
1137{
1138	unregister_pppox_proto(PX_PROTO_OE);
1139	dev_remove_pack(&pppoes_ptype);
1140	dev_remove_pack(&pppoed_ptype);
1141	unregister_netdevice_notifier(&pppoe_notifier);
1142	remove_proc_entry("net/pppoe", NULL);
1143	proto_unregister(&pppoe_sk_proto);
1144}
1145
1146module_init(pppoe_init);
1147module_exit(pppoe_exit);
1148
1149MODULE_AUTHOR("Michal Ostrowski <mostrows@speakeasy.net>");
1150MODULE_DESCRIPTION("PPP over Ethernet driver");
1151MODULE_LICENSE("GPL");
1152MODULE_ALIAS_NETPROTO(PF_PPPOX);
Configure Feed

Configure Feed
