drivers/net/ppp_mppe.c at v2.6.21

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / net / ppp_mppe.c
at v2.6.21 739 lines 21 kB view raw
wrap content
  1/*
  2 * ppp_mppe.c - interface MPPE to the PPP code.
  3 * This version is for use with Linux kernel 2.6.14+
  4 *
  5 * By Frank Cusack <fcusack@fcusack.com>.
  6 * Copyright (c) 2002,2003,2004 Google, Inc.
  7 * All rights reserved.
  8 *
  9 * License:
 10 * Permission to use, copy, modify, and distribute this software and its
 11 * documentation is hereby granted, provided that the above copyright
 12 * notice appears in all copies.  This software is provided without any
 13 * warranty, express or implied.
 14 *
 15 * ALTERNATIVELY, provided that this notice is retained in full, this product
 16 * may be distributed under the terms of the GNU General Public License (GPL),
 17 * in which case the provisions of the GPL apply INSTEAD OF those given above.
 18 *
 19 *   This program is free software; you can redistribute it and/or modify
 20 *   it under the terms of the GNU General Public License as published by
 21 *   the Free Software Foundation; either version 2 of the License, or
 22 *   (at your option) any later version.
 23 *
 24 *   This program is distributed in the hope that it will be useful,
 25 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 26 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 27 *   GNU General Public License for more details.
 28 *
 29 *   You should have received a copy of the GNU General Public License
 30 *   along with this program; if not, write to the Free Software
 31 *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 32 *
 33 *
 34 * Changelog:
 35 *      08/12/05 - Matt Domsch <Matt_Domsch@dell.com>
 36 *                 Only need extra skb padding on transmit, not receive.
 37 *      06/18/04 - Matt Domsch <Matt_Domsch@dell.com>, Oleg Makarenko <mole@quadra.ru>
 38 *                 Use Linux kernel 2.6 arc4 and sha1 routines rather than
 39 *                 providing our own.
 40 *      2/15/04 - TS: added #include <version.h> and testing for Kernel
 41 *                    version before using
 42 *                    MOD_DEC_USAGE_COUNT/MOD_INC_USAGE_COUNT which are
 43 *                    deprecated in 2.6
 44 */
 45
 46#include <linux/err.h>
 47#include <linux/module.h>
 48#include <linux/kernel.h>
 49#include <linux/version.h>
 50#include <linux/init.h>
 51#include <linux/types.h>
 52#include <linux/slab.h>
 53#include <linux/string.h>
 54#include <linux/crypto.h>
 55#include <linux/mm.h>
 56#include <linux/ppp_defs.h>
 57#include <linux/ppp-comp.h>
 58#include <asm/scatterlist.h>
 59
 60#include "ppp_mppe.h"
 61
 62MODULE_AUTHOR("Frank Cusack <fcusack@fcusack.com>");
 63MODULE_DESCRIPTION("Point-to-Point Protocol Microsoft Point-to-Point Encryption support");
 64MODULE_LICENSE("Dual BSD/GPL");
 65MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE));
 66MODULE_VERSION("1.0.2");
 67
 68static unsigned int
 69setup_sg(struct scatterlist *sg, const void *address, unsigned int length)
 70{
 71	sg[0].page = virt_to_page(address);
 72	sg[0].offset = offset_in_page(address);
 73	sg[0].length = length;
 74	return length;
 75}
 76
 77#define SHA1_PAD_SIZE 40
 78
 79/*
 80 * kernel crypto API needs its arguments to be in kmalloc'd memory, not in the module
 81 * static data area.  That means sha_pad needs to be kmalloc'd.
 82 */
 83
 84struct sha_pad {
 85	unsigned char sha_pad1[SHA1_PAD_SIZE];
 86	unsigned char sha_pad2[SHA1_PAD_SIZE];
 87};
 88static struct sha_pad *sha_pad;
 89
 90static inline void sha_pad_init(struct sha_pad *shapad)
 91{
 92	memset(shapad->sha_pad1, 0x00, sizeof(shapad->sha_pad1));
 93	memset(shapad->sha_pad2, 0xF2, sizeof(shapad->sha_pad2));
 94}
 95
 96/*
 97 * State for an MPPE (de)compressor.
 98 */
 99struct ppp_mppe_state {
100	struct crypto_blkcipher *arc4;
101	struct crypto_hash *sha1;
102	unsigned char *sha1_digest;
103	unsigned char master_key[MPPE_MAX_KEY_LEN];
104	unsigned char session_key[MPPE_MAX_KEY_LEN];
105	unsigned keylen;	/* key length in bytes             */
106	/* NB: 128-bit == 16, 40-bit == 8! */
107	/* If we want to support 56-bit,   */
108	/* the unit has to change to bits  */
109	unsigned char bits;	/* MPPE control bits */
110	unsigned ccount;	/* 12-bit coherency count (seqno)  */
111	unsigned stateful;	/* stateful mode flag */
112	int discard;		/* stateful mode packet loss flag */
113	int sanity_errors;	/* take down LCP if too many */
114	int unit;
115	int debug;
116	struct compstat stats;
117};
118
119/* struct ppp_mppe_state.bits definitions */
120#define MPPE_BIT_A	0x80	/* Encryption table were (re)inititalized */
121#define MPPE_BIT_B	0x40	/* MPPC only (not implemented) */
122#define MPPE_BIT_C	0x20	/* MPPC only (not implemented) */
123#define MPPE_BIT_D	0x10	/* This is an encrypted frame */
124
125#define MPPE_BIT_FLUSHED	MPPE_BIT_A
126#define MPPE_BIT_ENCRYPTED	MPPE_BIT_D
127
128#define MPPE_BITS(p) ((p)[4] & 0xf0)
129#define MPPE_CCOUNT(p) ((((p)[4] & 0x0f) << 8) + (p)[5])
130#define MPPE_CCOUNT_SPACE 0x1000	/* The size of the ccount space */
131
132#define MPPE_OVHD	2	/* MPPE overhead/packet */
133#define SANITY_MAX	1600	/* Max bogon factor we will tolerate */
134
135/*
136 * Key Derivation, from RFC 3078, RFC 3079.
137 * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079.
138 */
139static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey)
140{
141	struct hash_desc desc;
142	struct scatterlist sg[4];
143	unsigned int nbytes;
144
145	nbytes = setup_sg(&sg[0], state->master_key, state->keylen);
146	nbytes += setup_sg(&sg[1], sha_pad->sha_pad1,
147			   sizeof(sha_pad->sha_pad1));
148	nbytes += setup_sg(&sg[2], state->session_key, state->keylen);
149	nbytes += setup_sg(&sg[3], sha_pad->sha_pad2,
150			   sizeof(sha_pad->sha_pad2));
151
152	desc.tfm = state->sha1;
153	desc.flags = 0;
154
155	crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest);
156
157	memcpy(InterimKey, state->sha1_digest, state->keylen);
158}
159
160/*
161 * Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3.
162 * Well, not what's written there, but rather what they meant.
163 */
164static void mppe_rekey(struct ppp_mppe_state * state, int initial_key)
165{
166	unsigned char InterimKey[MPPE_MAX_KEY_LEN];
167	struct scatterlist sg_in[1], sg_out[1];
168	struct blkcipher_desc desc = { .tfm = state->arc4 };
169
170	get_new_key_from_sha(state, InterimKey);
171	if (!initial_key) {
172		crypto_blkcipher_setkey(state->arc4, InterimKey, state->keylen);
173		setup_sg(sg_in, InterimKey, state->keylen);
174		setup_sg(sg_out, state->session_key, state->keylen);
175		if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
176					     state->keylen) != 0) {
177    		    printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n");
178		}
179	} else {
180		memcpy(state->session_key, InterimKey, state->keylen);
181	}
182	if (state->keylen == 8) {
183		/* See RFC 3078 */
184		state->session_key[0] = 0xd1;
185		state->session_key[1] = 0x26;
186		state->session_key[2] = 0x9e;
187	}
188	crypto_blkcipher_setkey(state->arc4, state->session_key, state->keylen);
189}
190
191/*
192 * Allocate space for a (de)compressor.
193 */
194static void *mppe_alloc(unsigned char *options, int optlen)
195{
196	struct ppp_mppe_state *state;
197	unsigned int digestsize;
198
199	if (optlen != CILEN_MPPE + sizeof(state->master_key)
200	    || options[0] != CI_MPPE || options[1] != CILEN_MPPE)
201		goto out;
202
203	state = kmalloc(sizeof(*state), GFP_KERNEL);
204	if (state == NULL)
205		goto out;
206
207	memset(state, 0, sizeof(*state));
208
209	state->arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
210	if (IS_ERR(state->arc4)) {
211		state->arc4 = NULL;
212		goto out_free;
213	}
214
215	state->sha1 = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC);
216	if (IS_ERR(state->sha1)) {
217		state->sha1 = NULL;
218		goto out_free;
219	}
220
221	digestsize = crypto_hash_digestsize(state->sha1);
222	if (digestsize < MPPE_MAX_KEY_LEN)
223		goto out_free;
224
225	state->sha1_digest = kmalloc(digestsize, GFP_KERNEL);
226	if (!state->sha1_digest)
227		goto out_free;
228
229	/* Save keys. */
230	memcpy(state->master_key, &options[CILEN_MPPE],
231	       sizeof(state->master_key));
232	memcpy(state->session_key, state->master_key,
233	       sizeof(state->master_key));
234
235	/*
236	 * We defer initial key generation until mppe_init(), as mppe_alloc()
237	 * is called frequently during negotiation.
238	 */
239
240	return (void *)state;
241
242	out_free:
243	    if (state->sha1_digest)
244		kfree(state->sha1_digest);
245	    if (state->sha1)
246		crypto_free_hash(state->sha1);
247	    if (state->arc4)
248		crypto_free_blkcipher(state->arc4);
249	    kfree(state);
250	out:
251	return NULL;
252}
253
254/*
255 * Deallocate space for a (de)compressor.
256 */
257static void mppe_free(void *arg)
258{
259	struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
260	if (state) {
261	    if (state->sha1_digest)
262		kfree(state->sha1_digest);
263	    if (state->sha1)
264		crypto_free_hash(state->sha1);
265	    if (state->arc4)
266		crypto_free_blkcipher(state->arc4);
267	    kfree(state);
268	}
269}
270
271/*
272 * Initialize (de)compressor state.
273 */
274static int
275mppe_init(void *arg, unsigned char *options, int optlen, int unit, int debug,
276	  const char *debugstr)
277{
278	struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
279	unsigned char mppe_opts;
280
281	if (optlen != CILEN_MPPE
282	    || options[0] != CI_MPPE || options[1] != CILEN_MPPE)
283		return 0;
284
285	MPPE_CI_TO_OPTS(&options[2], mppe_opts);
286	if (mppe_opts & MPPE_OPT_128)
287		state->keylen = 16;
288	else if (mppe_opts & MPPE_OPT_40)
289		state->keylen = 8;
290	else {
291		printk(KERN_WARNING "%s[%d]: unknown key length\n", debugstr,
292		       unit);
293		return 0;
294	}
295	if (mppe_opts & MPPE_OPT_STATEFUL)
296		state->stateful = 1;
297
298	/* Generate the initial session key. */
299	mppe_rekey(state, 1);
300
301	if (debug) {
302		int i;
303		char mkey[sizeof(state->master_key) * 2 + 1];
304		char skey[sizeof(state->session_key) * 2 + 1];
305
306		printk(KERN_DEBUG "%s[%d]: initialized with %d-bit %s mode\n",
307		       debugstr, unit, (state->keylen == 16) ? 128 : 40,
308		       (state->stateful) ? "stateful" : "stateless");
309
310		for (i = 0; i < sizeof(state->master_key); i++)
311			sprintf(mkey + i * 2, "%02x", state->master_key[i]);
312		for (i = 0; i < sizeof(state->session_key); i++)
313			sprintf(skey + i * 2, "%02x", state->session_key[i]);
314		printk(KERN_DEBUG
315		       "%s[%d]: keys: master: %s initial session: %s\n",
316		       debugstr, unit, mkey, skey);
317	}
318
319	/*
320	 * Initialize the coherency count.  The initial value is not specified
321	 * in RFC 3078, but we can make a reasonable assumption that it will
322	 * start at 0.  Setting it to the max here makes the comp/decomp code
323	 * do the right thing (determined through experiment).
324	 */
325	state->ccount = MPPE_CCOUNT_SPACE - 1;
326
327	/*
328	 * Note that even though we have initialized the key table, we don't
329	 * set the FLUSHED bit.  This is contrary to RFC 3078, sec. 3.1.
330	 */
331	state->bits = MPPE_BIT_ENCRYPTED;
332
333	state->unit = unit;
334	state->debug = debug;
335
336	return 1;
337}
338
339static int
340mppe_comp_init(void *arg, unsigned char *options, int optlen, int unit,
341	       int hdrlen, int debug)
342{
343	/* ARGSUSED */
344	return mppe_init(arg, options, optlen, unit, debug, "mppe_comp_init");
345}
346
347/*
348 * We received a CCP Reset-Request (actually, we are sending a Reset-Ack),
349 * tell the compressor to rekey.  Note that we MUST NOT rekey for
350 * every CCP Reset-Request; we only rekey on the next xmit packet.
351 * We might get multiple CCP Reset-Requests if our CCP Reset-Ack is lost.
352 * So, rekeying for every CCP Reset-Request is broken as the peer will not
353 * know how many times we've rekeyed.  (If we rekey and THEN get another
354 * CCP Reset-Request, we must rekey again.)
355 */
356static void mppe_comp_reset(void *arg)
357{
358	struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
359
360	state->bits |= MPPE_BIT_FLUSHED;
361}
362
363/*
364 * Compress (encrypt) a packet.
365 * It's strange to call this a compressor, since the output is always
366 * MPPE_OVHD + 2 bytes larger than the input.
367 */
368static int
369mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
370	      int isize, int osize)
371{
372	struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
373	struct blkcipher_desc desc = { .tfm = state->arc4 };
374	int proto;
375	struct scatterlist sg_in[1], sg_out[1];
376
377	/*
378	 * Check that the protocol is in the range we handle.
379	 */
380	proto = PPP_PROTOCOL(ibuf);
381	if (proto < 0x0021 || proto > 0x00fa)
382		return 0;
383
384	/* Make sure we have enough room to generate an encrypted packet. */
385	if (osize < isize + MPPE_OVHD + 2) {
386		/* Drop the packet if we should encrypt it, but can't. */
387		printk(KERN_DEBUG "mppe_compress[%d]: osize too small! "
388		       "(have: %d need: %d)\n", state->unit,
389		       osize, osize + MPPE_OVHD + 2);
390		return -1;
391	}
392
393	osize = isize + MPPE_OVHD + 2;
394
395	/*
396	 * Copy over the PPP header and set control bits.
397	 */
398	obuf[0] = PPP_ADDRESS(ibuf);
399	obuf[1] = PPP_CONTROL(ibuf);
400	obuf[2] = PPP_COMP >> 8;	/* isize + MPPE_OVHD + 1 */
401	obuf[3] = PPP_COMP;	/* isize + MPPE_OVHD + 2 */
402	obuf += PPP_HDRLEN;
403
404	state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
405	if (state->debug >= 7)
406		printk(KERN_DEBUG "mppe_compress[%d]: ccount %d\n", state->unit,
407		       state->ccount);
408	obuf[0] = state->ccount >> 8;
409	obuf[1] = state->ccount & 0xff;
410
411	if (!state->stateful ||	/* stateless mode     */
412	    ((state->ccount & 0xff) == 0xff) ||	/* "flag" packet      */
413	    (state->bits & MPPE_BIT_FLUSHED)) {	/* CCP Reset-Request  */
414		/* We must rekey */
415		if (state->debug && state->stateful)
416			printk(KERN_DEBUG "mppe_compress[%d]: rekeying\n",
417			       state->unit);
418		mppe_rekey(state, 0);
419		state->bits |= MPPE_BIT_FLUSHED;
420	}
421	obuf[0] |= state->bits;
422	state->bits &= ~MPPE_BIT_FLUSHED;	/* reset for next xmit */
423
424	obuf += MPPE_OVHD;
425	ibuf += 2;		/* skip to proto field */
426	isize -= 2;
427
428	/* Encrypt packet */
429	setup_sg(sg_in, ibuf, isize);
430	setup_sg(sg_out, obuf, osize);
431	if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, isize) != 0) {
432		printk(KERN_DEBUG "crypto_cypher_encrypt failed\n");
433		return -1;
434	}
435
436	state->stats.unc_bytes += isize;
437	state->stats.unc_packets++;
438	state->stats.comp_bytes += osize;
439	state->stats.comp_packets++;
440
441	return osize;
442}
443
444/*
445 * Since every frame grows by MPPE_OVHD + 2 bytes, this is always going
446 * to look bad ... and the longer the link is up the worse it will get.
447 */
448static void mppe_comp_stats(void *arg, struct compstat *stats)
449{
450	struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
451
452	*stats = state->stats;
453}
454
455static int
456mppe_decomp_init(void *arg, unsigned char *options, int optlen, int unit,
457		 int hdrlen, int mru, int debug)
458{
459	/* ARGSUSED */
460	return mppe_init(arg, options, optlen, unit, debug, "mppe_decomp_init");
461}
462
463/*
464 * We received a CCP Reset-Ack.  Just ignore it.
465 */
466static void mppe_decomp_reset(void *arg)
467{
468	/* ARGSUSED */
469	return;
470}
471
472/*
473 * Decompress (decrypt) an MPPE packet.
474 */
475static int
476mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
477		int osize)
478{
479	struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
480	struct blkcipher_desc desc = { .tfm = state->arc4 };
481	unsigned ccount;
482	int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED;
483	int sanity = 0;
484	struct scatterlist sg_in[1], sg_out[1];
485
486	if (isize <= PPP_HDRLEN + MPPE_OVHD) {
487		if (state->debug)
488			printk(KERN_DEBUG
489			       "mppe_decompress[%d]: short pkt (%d)\n",
490			       state->unit, isize);
491		return DECOMP_ERROR;
492	}
493
494	/*
495	 * Make sure we have enough room to decrypt the packet.
496	 * Note that for our test we only subtract 1 byte whereas in
497	 * mppe_compress() we added 2 bytes (+MPPE_OVHD);
498	 * this is to account for possible PFC.
499	 */
500	if (osize < isize - MPPE_OVHD - 1) {
501		printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! "
502		       "(have: %d need: %d)\n", state->unit,
503		       osize, isize - MPPE_OVHD - 1);
504		return DECOMP_ERROR;
505	}
506	osize = isize - MPPE_OVHD - 2;	/* assume no PFC */
507
508	ccount = MPPE_CCOUNT(ibuf);
509	if (state->debug >= 7)
510		printk(KERN_DEBUG "mppe_decompress[%d]: ccount %d\n",
511		       state->unit, ccount);
512
513	/* sanity checks -- terminate with extreme prejudice */
514	if (!(MPPE_BITS(ibuf) & MPPE_BIT_ENCRYPTED)) {
515		printk(KERN_DEBUG
516		       "mppe_decompress[%d]: ENCRYPTED bit not set!\n",
517		       state->unit);
518		state->sanity_errors += 100;
519		sanity = 1;
520	}
521	if (!state->stateful && !flushed) {
522		printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set in "
523		       "stateless mode!\n", state->unit);
524		state->sanity_errors += 100;
525		sanity = 1;
526	}
527	if (state->stateful && ((ccount & 0xff) == 0xff) && !flushed) {
528		printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set on "
529		       "flag packet!\n", state->unit);
530		state->sanity_errors += 100;
531		sanity = 1;
532	}
533
534	if (sanity) {
535		if (state->sanity_errors < SANITY_MAX)
536			return DECOMP_ERROR;
537		else
538			/*
539			 * Take LCP down if the peer is sending too many bogons.
540			 * We don't want to do this for a single or just a few
541			 * instances since it could just be due to packet corruption.
542			 */
543			return DECOMP_FATALERROR;
544	}
545
546	/*
547	 * Check the coherency count.
548	 */
549
550	if (!state->stateful) {
551		/* RFC 3078, sec 8.1.  Rekey for every packet. */
552		while (state->ccount != ccount) {
553			mppe_rekey(state, 0);
554			state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
555		}
556	} else {
557		/* RFC 3078, sec 8.2. */
558		if (!state->discard) {
559			/* normal state */
560			state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
561			if (ccount != state->ccount) {
562				/*
563				 * (ccount > state->ccount)
564				 * Packet loss detected, enter the discard state.
565				 * Signal the peer to rekey (by sending a CCP Reset-Request).
566				 */
567				state->discard = 1;
568				return DECOMP_ERROR;
569			}
570		} else {
571			/* discard state */
572			if (!flushed) {
573				/* ccp.c will be silent (no additional CCP Reset-Requests). */
574				return DECOMP_ERROR;
575			} else {
576				/* Rekey for every missed "flag" packet. */
577				while ((ccount & ~0xff) !=
578				       (state->ccount & ~0xff)) {
579					mppe_rekey(state, 0);
580					state->ccount =
581					    (state->ccount +
582					     256) % MPPE_CCOUNT_SPACE;
583				}
584
585				/* reset */
586				state->discard = 0;
587				state->ccount = ccount;
588				/*
589				 * Another problem with RFC 3078 here.  It implies that the
590				 * peer need not send a Reset-Ack packet.  But RFC 1962
591				 * requires it.  Hopefully, M$ does send a Reset-Ack; even
592				 * though it isn't required for MPPE synchronization, it is
593				 * required to reset CCP state.
594				 */
595			}
596		}
597		if (flushed)
598			mppe_rekey(state, 0);
599	}
600
601	/*
602	 * Fill in the first part of the PPP header.  The protocol field
603	 * comes from the decrypted data.
604	 */
605	obuf[0] = PPP_ADDRESS(ibuf);	/* +1 */
606	obuf[1] = PPP_CONTROL(ibuf);	/* +1 */
607	obuf += 2;
608	ibuf += PPP_HDRLEN + MPPE_OVHD;
609	isize -= PPP_HDRLEN + MPPE_OVHD;	/* -6 */
610	/* net osize: isize-4 */
611
612	/*
613	 * Decrypt the first byte in order to check if it is
614	 * a compressed or uncompressed protocol field.
615	 */
616	setup_sg(sg_in, ibuf, 1);
617	setup_sg(sg_out, obuf, 1);
618	if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, 1) != 0) {
619		printk(KERN_DEBUG "crypto_cypher_decrypt failed\n");
620		return DECOMP_ERROR;
621	}
622
623	/*
624	 * Do PFC decompression.
625	 * This would be nicer if we were given the actual sk_buff
626	 * instead of a char *.
627	 */
628	if ((obuf[0] & 0x01) != 0) {
629		obuf[1] = obuf[0];
630		obuf[0] = 0;
631		obuf++;
632		osize++;
633	}
634
635	/* And finally, decrypt the rest of the packet. */
636	setup_sg(sg_in, ibuf + 1, isize - 1);
637	setup_sg(sg_out, obuf + 1, osize - 1);
638	if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, isize - 1)) {
639		printk(KERN_DEBUG "crypto_cypher_decrypt failed\n");
640		return DECOMP_ERROR;
641	}
642
643	state->stats.unc_bytes += osize;
644	state->stats.unc_packets++;
645	state->stats.comp_bytes += isize;
646	state->stats.comp_packets++;
647
648	/* good packet credit */
649	state->sanity_errors >>= 1;
650
651	return osize;
652}
653
654/*
655 * Incompressible data has arrived (this should never happen!).
656 * We should probably drop the link if the protocol is in the range
657 * of what should be encrypted.  At the least, we should drop this
658 * packet.  (How to do this?)
659 */
660static void mppe_incomp(void *arg, unsigned char *ibuf, int icnt)
661{
662	struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
663
664	if (state->debug &&
665	    (PPP_PROTOCOL(ibuf) >= 0x0021 && PPP_PROTOCOL(ibuf) <= 0x00fa))
666		printk(KERN_DEBUG
667		       "mppe_incomp[%d]: incompressible (unencrypted) data! "
668		       "(proto %04x)\n", state->unit, PPP_PROTOCOL(ibuf));
669
670	state->stats.inc_bytes += icnt;
671	state->stats.inc_packets++;
672	state->stats.unc_bytes += icnt;
673	state->stats.unc_packets++;
674}
675
676/*************************************************************
677 * Module interface table
678 *************************************************************/
679
680/*
681 * Procedures exported to if_ppp.c.
682 */
683static struct compressor ppp_mppe = {
684	.compress_proto = CI_MPPE,
685	.comp_alloc     = mppe_alloc,
686	.comp_free      = mppe_free,
687	.comp_init      = mppe_comp_init,
688	.comp_reset     = mppe_comp_reset,
689	.compress       = mppe_compress,
690	.comp_stat      = mppe_comp_stats,
691	.decomp_alloc   = mppe_alloc,
692	.decomp_free    = mppe_free,
693	.decomp_init    = mppe_decomp_init,
694	.decomp_reset   = mppe_decomp_reset,
695	.decompress     = mppe_decompress,
696	.incomp         = mppe_incomp,
697	.decomp_stat    = mppe_comp_stats,
698	.owner          = THIS_MODULE,
699	.comp_extra     = MPPE_PAD,
700};
701
702/*
703 * ppp_mppe_init()
704 *
705 * Prior to allowing load, try to load the arc4 and sha1 crypto
706 * libraries.  The actual use will be allocated later, but
707 * this way the module will fail to insmod if they aren't available.
708 */
709
710static int __init ppp_mppe_init(void)
711{
712	int answer;
713	if (!(crypto_has_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) &&
714	      crypto_has_hash("sha1", 0, CRYPTO_ALG_ASYNC)))
715		return -ENODEV;
716
717	sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL);
718	if (!sha_pad)
719		return -ENOMEM;
720	sha_pad_init(sha_pad);
721
722	answer = ppp_register_compressor(&ppp_mppe);
723
724	if (answer == 0)
725		printk(KERN_INFO "PPP MPPE Compression module registered\n");
726	else
727		kfree(sha_pad);
728
729	return answer;
730}
731
732static void __exit ppp_mppe_cleanup(void)
733{
734	ppp_unregister_compressor(&ppp_mppe);
735	kfree(sha_pad);
736}
737
738module_init(ppp_mppe_init);
739module_exit(ppp_mppe_cleanup);
Configure Feed

Configure Feed
