Back to home page

OSCL-LXR
 
 

     

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /** -*- linux-c -*- ***********************************************************
0003  * Linux PPP over Ethernet (PPPoX/PPPoE) Sockets
0004  *
0005  * PPPoX --- Generic PPP encapsulation socket family
0006  * PPPoE --- PPP over Ethernet (RFC 2516)
0007  *
0008  * Version: 0.7.0
0009  *
0010  * 070228 : Fix to allow multiple sessions with same remote MAC and same
0011  *      session id by including the local device ifindex in the
0012  *      tuple identifying a session. This also ensures packets can't
0013  *      be injected into a session from interfaces other than the one
0014  *      specified by userspace. Florian Zumbiehl <florz@florz.de>
0015  *      (Oh, BTW, this one is YYMMDD, in case you were wondering ...)
0016  * 220102 : Fix module use count on failure in pppoe_create, pppox_sk -acme
0017  * 030700 : Fixed connect logic to allow for disconnect.
0018  * 270700 : Fixed potential SMP problems; we must protect against
0019  *      simultaneous invocation of ppp_input
0020  *      and ppp_unregister_channel.
0021  * 040800 : Respect reference count mechanisms on net-devices.
0022  * 200800 : fix kfree(skb) in pppoe_rcv (acme)
0023  *      Module reference count is decremented in the right spot now,
0024  *      guards against sock_put not actually freeing the sk
0025  *      in pppoe_release.
0026  * 051000 : Initialization cleanup.
0027  * 111100 : Fix recvmsg.
0028  * 050101 : Fix PADT processing.
0029  * 140501 : Use pppoe_rcv_core to handle all backlog. (Alexey)
0030  * 170701 : Do not lock_sock with rwlock held. (DaveM)
0031  *      Ignore discovery frames if user has socket
0032  *      locked. (DaveM)
0033  *      Ignore return value of dev_queue_xmit in __pppoe_xmit
0034  *      or else we may kfree an SKB twice. (DaveM)
0035  * 190701 : When doing copies of skb's in __pppoe_xmit, always delete
0036  *      the original skb that was passed in on success, never on
0037  *      failure.  Delete the copy of the skb on failure to avoid
0038  *      a memory leak.
0039  * 081001 : Misc. cleanup (licence string, non-blocking, prevent
0040  *      reference of device on close).
0041  * 121301 : New ppp channels interface; cannot unregister a channel
0042  *      from interrupts.  Thus, we mark the socket as a ZOMBIE
0043  *      and do the unregistration later.
0044  * 081002 : seq_file support for proc stuff -acme
0045  * 111602 : Merge all 2.4 fixes into 2.5/2.6 tree.  Label 2.5/2.6
0046  *      as version 0.7.  Spacing cleanup.
0047  * Author:  Michal Ostrowski <mostrows@speakeasy.net>
0048  * Contributors:
0049  *      Arnaldo Carvalho de Melo <acme@conectiva.com.br>
0050  *      David S. Miller (davem@redhat.com)
0051  *
0052  * License:
0053  */
0054 
0055 #include <linux/string.h>
0056 #include <linux/module.h>
0057 #include <linux/kernel.h>
0058 #include <linux/slab.h>
0059 #include <linux/errno.h>
0060 #include <linux/netdevice.h>
0061 #include <linux/net.h>
0062 #include <linux/inetdevice.h>
0063 #include <linux/etherdevice.h>
0064 #include <linux/skbuff.h>
0065 #include <linux/init.h>
0066 #include <linux/if_ether.h>
0067 #include <linux/if_pppox.h>
0068 #include <linux/ppp_channel.h>
0069 #include <linux/ppp_defs.h>
0070 #include <linux/ppp-ioctl.h>
0071 #include <linux/notifier.h>
0072 #include <linux/file.h>
0073 #include <linux/proc_fs.h>
0074 #include <linux/seq_file.h>
0075 
0076 #include <linux/nsproxy.h>
0077 #include <net/net_namespace.h>
0078 #include <net/netns/generic.h>
0079 #include <net/sock.h>
0080 
0081 #include <linux/uaccess.h>
0082 
0083 #define PPPOE_HASH_BITS 4
0084 #define PPPOE_HASH_SIZE (1 << PPPOE_HASH_BITS)
0085 #define PPPOE_HASH_MASK (PPPOE_HASH_SIZE - 1)
0086 
0087 static int __pppoe_xmit(struct sock *sk, struct sk_buff *skb);
0088 
0089 static const struct proto_ops pppoe_ops;
0090 static const struct ppp_channel_ops pppoe_chan_ops;
0091 
0092 /* per-net private data for this module */
0093 static unsigned int pppoe_net_id __read_mostly;
0094 struct pppoe_net {
0095     /*
0096      * we could use _single_ hash table for all
0097      * nets by injecting net id into the hash but
0098      * it would increase hash chains and add
0099      * a few additional math comparisons messy
0100      * as well, moreover in case of SMP less locking
0101      * controversy here
0102      */
0103     struct pppox_sock *hash_table[PPPOE_HASH_SIZE];
0104     rwlock_t hash_lock;
0105 };
0106 
0107 /*
0108  * PPPoE could be in the following stages:
0109  * 1) Discovery stage (to obtain remote MAC and Session ID)
0110  * 2) Session stage (MAC and SID are known)
0111  *
0112  * Ethernet frames have a special tag for this but
0113  * we use simpler approach based on session id
0114  */
0115 static inline bool stage_session(__be16 sid)
0116 {
0117     return sid != 0;
0118 }
0119 
0120 static inline struct pppoe_net *pppoe_pernet(struct net *net)
0121 {
0122     return net_generic(net, pppoe_net_id);
0123 }
0124 
0125 static inline int cmp_2_addr(struct pppoe_addr *a, struct pppoe_addr *b)
0126 {
0127     return a->sid == b->sid && ether_addr_equal(a->remote, b->remote);
0128 }
0129 
0130 static inline int cmp_addr(struct pppoe_addr *a, __be16 sid, char *addr)
0131 {
0132     return a->sid == sid && ether_addr_equal(a->remote, addr);
0133 }
0134 
0135 #if 8 % PPPOE_HASH_BITS
0136 #error 8 must be a multiple of PPPOE_HASH_BITS
0137 #endif
0138 
0139 static int hash_item(__be16 sid, unsigned char *addr)
0140 {
0141     unsigned char hash = 0;
0142     unsigned int i;
0143 
0144     for (i = 0; i < ETH_ALEN; i++)
0145         hash ^= addr[i];
0146     for (i = 0; i < sizeof(sid_t) * 8; i += 8)
0147         hash ^= (__force __u32)sid >> i;
0148     for (i = 8; (i >>= 1) >= PPPOE_HASH_BITS;)
0149         hash ^= hash >> i;
0150 
0151     return hash & PPPOE_HASH_MASK;
0152 }
0153 
0154 /**********************************************************************
0155  *
0156  *  Set/get/delete/rehash items  (internal versions)
0157  *
0158  **********************************************************************/
0159 static struct pppox_sock *__get_item(struct pppoe_net *pn, __be16 sid,
0160                 unsigned char *addr, int ifindex)
0161 {
0162     int hash = hash_item(sid, addr);
0163     struct pppox_sock *ret;
0164 
0165     ret = pn->hash_table[hash];
0166     while (ret) {
0167         if (cmp_addr(&ret->pppoe_pa, sid, addr) &&
0168             ret->pppoe_ifindex == ifindex)
0169             return ret;
0170 
0171         ret = ret->next;
0172     }
0173 
0174     return NULL;
0175 }
0176 
0177 static int __set_item(struct pppoe_net *pn, struct pppox_sock *po)
0178 {
0179     int hash = hash_item(po->pppoe_pa.sid, po->pppoe_pa.remote);
0180     struct pppox_sock *ret;
0181 
0182     ret = pn->hash_table[hash];
0183     while (ret) {
0184         if (cmp_2_addr(&ret->pppoe_pa, &po->pppoe_pa) &&
0185             ret->pppoe_ifindex == po->pppoe_ifindex)
0186             return -EALREADY;
0187 
0188         ret = ret->next;
0189     }
0190 
0191     po->next = pn->hash_table[hash];
0192     pn->hash_table[hash] = po;
0193 
0194     return 0;
0195 }
0196 
0197 static void __delete_item(struct pppoe_net *pn, __be16 sid,
0198                     char *addr, int ifindex)
0199 {
0200     int hash = hash_item(sid, addr);
0201     struct pppox_sock *ret, **src;
0202 
0203     ret = pn->hash_table[hash];
0204     src = &pn->hash_table[hash];
0205 
0206     while (ret) {
0207         if (cmp_addr(&ret->pppoe_pa, sid, addr) &&
0208             ret->pppoe_ifindex == ifindex) {
0209             *src = ret->next;
0210             break;
0211         }
0212 
0213         src = &ret->next;
0214         ret = ret->next;
0215     }
0216 }
0217 
0218 /**********************************************************************
0219  *
0220  *  Set/get/delete/rehash items
0221  *
0222  **********************************************************************/
0223 static inline struct pppox_sock *get_item(struct pppoe_net *pn, __be16 sid,
0224                     unsigned char *addr, int ifindex)
0225 {
0226     struct pppox_sock *po;
0227 
0228     read_lock_bh(&pn->hash_lock);
0229     po = __get_item(pn, sid, addr, ifindex);
0230     if (po)
0231         sock_hold(sk_pppox(po));
0232     read_unlock_bh(&pn->hash_lock);
0233 
0234     return po;
0235 }
0236 
0237 static inline struct pppox_sock *get_item_by_addr(struct net *net,
0238                         struct sockaddr_pppox *sp)
0239 {
0240     struct net_device *dev;
0241     struct pppoe_net *pn;
0242     struct pppox_sock *pppox_sock = NULL;
0243 
0244     int ifindex;
0245 
0246     rcu_read_lock();
0247     dev = dev_get_by_name_rcu(net, sp->sa_addr.pppoe.dev);
0248     if (dev) {
0249         ifindex = dev->ifindex;
0250         pn = pppoe_pernet(net);
0251         pppox_sock = get_item(pn, sp->sa_addr.pppoe.sid,
0252                 sp->sa_addr.pppoe.remote, ifindex);
0253     }
0254     rcu_read_unlock();
0255     return pppox_sock;
0256 }
0257 
0258 static inline void delete_item(struct pppoe_net *pn, __be16 sid,
0259                     char *addr, int ifindex)
0260 {
0261     write_lock_bh(&pn->hash_lock);
0262     __delete_item(pn, sid, addr, ifindex);
0263     write_unlock_bh(&pn->hash_lock);
0264 }
0265 
0266 /***************************************************************************
0267  *
0268  *  Handler for device events.
0269  *  Certain device events require that sockets be unconnected.
0270  *
0271  **************************************************************************/
0272 
0273 static void pppoe_flush_dev(struct net_device *dev)
0274 {
0275     struct pppoe_net *pn;
0276     int i;
0277 
0278     pn = pppoe_pernet(dev_net(dev));
0279     write_lock_bh(&pn->hash_lock);
0280     for (i = 0; i < PPPOE_HASH_SIZE; i++) {
0281         struct pppox_sock *po = pn->hash_table[i];
0282         struct sock *sk;
0283 
0284         while (po) {
0285             while (po && po->pppoe_dev != dev) {
0286                 po = po->next;
0287             }
0288 
0289             if (!po)
0290                 break;
0291 
0292             sk = sk_pppox(po);
0293 
0294             /* We always grab the socket lock, followed by the
0295              * hash_lock, in that order.  Since we should hold the
0296              * sock lock while doing any unbinding, we need to
0297              * release the lock we're holding.  Hold a reference to
0298              * the sock so it doesn't disappear as we're jumping
0299              * between locks.
0300              */
0301 
0302             sock_hold(sk);
0303             write_unlock_bh(&pn->hash_lock);
0304             lock_sock(sk);
0305 
0306             if (po->pppoe_dev == dev &&
0307                 sk->sk_state & (PPPOX_CONNECTED | PPPOX_BOUND)) {
0308                 pppox_unbind_sock(sk);
0309                 sk->sk_state_change(sk);
0310                 po->pppoe_dev = NULL;
0311                 dev_put(dev);
0312             }
0313 
0314             release_sock(sk);
0315             sock_put(sk);
0316 
0317             /* Restart the process from the start of the current
0318              * hash chain. We dropped locks so the world may have
0319              * change from underneath us.
0320              */
0321 
0322             BUG_ON(pppoe_pernet(dev_net(dev)) == NULL);
0323             write_lock_bh(&pn->hash_lock);
0324             po = pn->hash_table[i];
0325         }
0326     }
0327     write_unlock_bh(&pn->hash_lock);
0328 }
0329 
0330 static int pppoe_device_event(struct notifier_block *this,
0331                   unsigned long event, void *ptr)
0332 {
0333     struct net_device *dev = netdev_notifier_info_to_dev(ptr);
0334 
0335     /* Only look at sockets that are using this specific device. */
0336     switch (event) {
0337     case NETDEV_CHANGEADDR:
0338     case NETDEV_CHANGEMTU:
0339         /* A change in mtu or address is a bad thing, requiring
0340          * LCP re-negotiation.
0341          */
0342 
0343     case NETDEV_GOING_DOWN:
0344     case NETDEV_DOWN:
0345         /* Find every socket on this device and kill it. */
0346         pppoe_flush_dev(dev);
0347         break;
0348 
0349     default:
0350         break;
0351     }
0352 
0353     return NOTIFY_DONE;
0354 }
0355 
0356 static struct notifier_block pppoe_notifier = {
0357     .notifier_call = pppoe_device_event,
0358 };
0359 
0360 /************************************************************************
0361  *
0362  * Do the real work of receiving a PPPoE Session frame.
0363  *
0364  ***********************************************************************/
0365 static int pppoe_rcv_core(struct sock *sk, struct sk_buff *skb)
0366 {
0367     struct pppox_sock *po = pppox_sk(sk);
0368     struct pppox_sock *relay_po;
0369 
0370     /* Backlog receive. Semantics of backlog rcv preclude any code from
0371      * executing in lock_sock()/release_sock() bounds; meaning sk->sk_state
0372      * can't change.
0373      */
0374 
0375     if (skb->pkt_type == PACKET_OTHERHOST)
0376         goto abort_kfree;
0377 
0378     if (sk->sk_state & PPPOX_BOUND) {
0379         ppp_input(&po->chan, skb);
0380     } else if (sk->sk_state & PPPOX_RELAY) {
0381         relay_po = get_item_by_addr(sock_net(sk),
0382                         &po->pppoe_relay);
0383         if (relay_po == NULL)
0384             goto abort_kfree;
0385 
0386         if ((sk_pppox(relay_po)->sk_state & PPPOX_CONNECTED) == 0)
0387             goto abort_put;
0388 
0389         if (!__pppoe_xmit(sk_pppox(relay_po), skb))
0390             goto abort_put;
0391 
0392         sock_put(sk_pppox(relay_po));
0393     } else {
0394         if (sock_queue_rcv_skb(sk, skb))
0395             goto abort_kfree;
0396     }
0397 
0398     return NET_RX_SUCCESS;
0399 
0400 abort_put:
0401     sock_put(sk_pppox(relay_po));
0402 
0403 abort_kfree:
0404     kfree_skb(skb);
0405     return NET_RX_DROP;
0406 }
0407 
0408 /************************************************************************
0409  *
0410  * Receive wrapper called in BH context.
0411  *
0412  ***********************************************************************/
0413 static int pppoe_rcv(struct sk_buff *skb, struct net_device *dev,
0414              struct packet_type *pt, struct net_device *orig_dev)
0415 {
0416     struct pppoe_hdr *ph;
0417     struct pppox_sock *po;
0418     struct pppoe_net *pn;
0419     int len;
0420 
0421     skb = skb_share_check(skb, GFP_ATOMIC);
0422     if (!skb)
0423         goto out;
0424 
0425     if (skb_mac_header_len(skb) < ETH_HLEN)
0426         goto drop;
0427 
0428     if (!pskb_may_pull(skb, sizeof(struct pppoe_hdr)))
0429         goto drop;
0430 
0431     ph = pppoe_hdr(skb);
0432     len = ntohs(ph->length);
0433 
0434     skb_pull_rcsum(skb, sizeof(*ph));
0435     if (skb->len < len)
0436         goto drop;
0437 
0438     if (pskb_trim_rcsum(skb, len))
0439         goto drop;
0440 
0441     ph = pppoe_hdr(skb);
0442     pn = pppoe_pernet(dev_net(dev));
0443 
0444     /* Note that get_item does a sock_hold(), so sk_pppox(po)
0445      * is known to be safe.
0446      */
0447     po = get_item(pn, ph->sid, eth_hdr(skb)->h_source, dev->ifindex);
0448     if (!po)
0449         goto drop;
0450 
0451     return sk_receive_skb(sk_pppox(po), skb, 0);
0452 
0453 drop:
0454     kfree_skb(skb);
0455 out:
0456     return NET_RX_DROP;
0457 }
0458 
0459 static void pppoe_unbind_sock_work(struct work_struct *work)
0460 {
0461     struct pppox_sock *po = container_of(work, struct pppox_sock,
0462                          proto.pppoe.padt_work);
0463     struct sock *sk = sk_pppox(po);
0464 
0465     lock_sock(sk);
0466     if (po->pppoe_dev) {
0467         dev_put(po->pppoe_dev);
0468         po->pppoe_dev = NULL;
0469     }
0470     pppox_unbind_sock(sk);
0471     release_sock(sk);
0472     sock_put(sk);
0473 }
0474 
0475 /************************************************************************
0476  *
0477  * Receive a PPPoE Discovery frame.
0478  * This is solely for detection of PADT frames
0479  *
0480  ***********************************************************************/
0481 static int pppoe_disc_rcv(struct sk_buff *skb, struct net_device *dev,
0482               struct packet_type *pt, struct net_device *orig_dev)
0483 
0484 {
0485     struct pppoe_hdr *ph;
0486     struct pppox_sock *po;
0487     struct pppoe_net *pn;
0488 
0489     skb = skb_share_check(skb, GFP_ATOMIC);
0490     if (!skb)
0491         goto out;
0492 
0493     if (skb->pkt_type != PACKET_HOST)
0494         goto abort;
0495 
0496     if (!pskb_may_pull(skb, sizeof(struct pppoe_hdr)))
0497         goto abort;
0498 
0499     ph = pppoe_hdr(skb);
0500     if (ph->code != PADT_CODE)
0501         goto abort;
0502 
0503     pn = pppoe_pernet(dev_net(dev));
0504     po = get_item(pn, ph->sid, eth_hdr(skb)->h_source, dev->ifindex);
0505     if (po)
0506         if (!schedule_work(&po->proto.pppoe.padt_work))
0507             sock_put(sk_pppox(po));
0508 
0509 abort:
0510     kfree_skb(skb);
0511 out:
0512     return NET_RX_SUCCESS; /* Lies... :-) */
0513 }
0514 
0515 static struct packet_type pppoes_ptype __read_mostly = {
0516     .type   = cpu_to_be16(ETH_P_PPP_SES),
0517     .func   = pppoe_rcv,
0518 };
0519 
0520 static struct packet_type pppoed_ptype __read_mostly = {
0521     .type   = cpu_to_be16(ETH_P_PPP_DISC),
0522     .func   = pppoe_disc_rcv,
0523 };
0524 
0525 static struct proto pppoe_sk_proto __read_mostly = {
0526     .name     = "PPPOE",
0527     .owner    = THIS_MODULE,
0528     .obj_size = sizeof(struct pppox_sock),
0529 };
0530 
0531 /***********************************************************************
0532  *
0533  * Initialize a new struct sock.
0534  *
0535  **********************************************************************/
0536 static int pppoe_create(struct net *net, struct socket *sock, int kern)
0537 {
0538     struct sock *sk;
0539 
0540     sk = sk_alloc(net, PF_PPPOX, GFP_KERNEL, &pppoe_sk_proto, kern);
0541     if (!sk)
0542         return -ENOMEM;
0543 
0544     sock_init_data(sock, sk);
0545 
0546     sock->state = SS_UNCONNECTED;
0547     sock->ops   = &pppoe_ops;
0548 
0549     sk->sk_backlog_rcv  = pppoe_rcv_core;
0550     sk->sk_state        = PPPOX_NONE;
0551     sk->sk_type     = SOCK_STREAM;
0552     sk->sk_family       = PF_PPPOX;
0553     sk->sk_protocol     = PX_PROTO_OE;
0554 
0555     INIT_WORK(&pppox_sk(sk)->proto.pppoe.padt_work,
0556           pppoe_unbind_sock_work);
0557 
0558     return 0;
0559 }
0560 
0561 static int pppoe_release(struct socket *sock)
0562 {
0563     struct sock *sk = sock->sk;
0564     struct pppox_sock *po;
0565     struct pppoe_net *pn;
0566     struct net *net = NULL;
0567 
0568     if (!sk)
0569         return 0;
0570 
0571     lock_sock(sk);
0572     if (sock_flag(sk, SOCK_DEAD)) {
0573         release_sock(sk);
0574         return -EBADF;
0575     }
0576 
0577     po = pppox_sk(sk);
0578 
0579     if (po->pppoe_dev) {
0580         dev_put(po->pppoe_dev);
0581         po->pppoe_dev = NULL;
0582     }
0583 
0584     pppox_unbind_sock(sk);
0585 
0586     /* Signal the death of the socket. */
0587     sk->sk_state = PPPOX_DEAD;
0588 
0589     net = sock_net(sk);
0590     pn = pppoe_pernet(net);
0591 
0592     /*
0593      * protect "po" from concurrent updates
0594      * on pppoe_flush_dev
0595      */
0596     delete_item(pn, po->pppoe_pa.sid, po->pppoe_pa.remote,
0597             po->pppoe_ifindex);
0598 
0599     sock_orphan(sk);
0600     sock->sk = NULL;
0601 
0602     skb_queue_purge(&sk->sk_receive_queue);
0603     release_sock(sk);
0604     sock_put(sk);
0605 
0606     return 0;
0607 }
0608 
0609 static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
0610           int sockaddr_len, int flags)
0611 {
0612     struct sock *sk = sock->sk;
0613     struct sockaddr_pppox *sp = (struct sockaddr_pppox *)uservaddr;
0614     struct pppox_sock *po = pppox_sk(sk);
0615     struct net_device *dev = NULL;
0616     struct pppoe_net *pn;
0617     struct net *net = NULL;
0618     int error;
0619 
0620     lock_sock(sk);
0621 
0622     error = -EINVAL;
0623 
0624     if (sockaddr_len != sizeof(struct sockaddr_pppox))
0625         goto end;
0626 
0627     if (sp->sa_protocol != PX_PROTO_OE)
0628         goto end;
0629 
0630     /* Check for already bound sockets */
0631     error = -EBUSY;
0632     if ((sk->sk_state & PPPOX_CONNECTED) &&
0633          stage_session(sp->sa_addr.pppoe.sid))
0634         goto end;
0635 
0636     /* Check for already disconnected sockets, on attempts to disconnect */
0637     error = -EALREADY;
0638     if ((sk->sk_state & PPPOX_DEAD) &&
0639          !stage_session(sp->sa_addr.pppoe.sid))
0640         goto end;
0641 
0642     error = 0;
0643 
0644     /* Delete the old binding */
0645     if (stage_session(po->pppoe_pa.sid)) {
0646         pppox_unbind_sock(sk);
0647         pn = pppoe_pernet(sock_net(sk));
0648         delete_item(pn, po->pppoe_pa.sid,
0649                 po->pppoe_pa.remote, po->pppoe_ifindex);
0650         if (po->pppoe_dev) {
0651             dev_put(po->pppoe_dev);
0652             po->pppoe_dev = NULL;
0653         }
0654 
0655         po->pppoe_ifindex = 0;
0656         memset(&po->pppoe_pa, 0, sizeof(po->pppoe_pa));
0657         memset(&po->pppoe_relay, 0, sizeof(po->pppoe_relay));
0658         memset(&po->chan, 0, sizeof(po->chan));
0659         po->next = NULL;
0660         po->num = 0;
0661 
0662         sk->sk_state = PPPOX_NONE;
0663     }
0664 
0665     /* Re-bind in session stage only */
0666     if (stage_session(sp->sa_addr.pppoe.sid)) {
0667         error = -ENODEV;
0668         net = sock_net(sk);
0669         dev = dev_get_by_name(net, sp->sa_addr.pppoe.dev);
0670         if (!dev)
0671             goto err_put;
0672 
0673         po->pppoe_dev = dev;
0674         po->pppoe_ifindex = dev->ifindex;
0675         pn = pppoe_pernet(net);
0676         if (!(dev->flags & IFF_UP)) {
0677             goto err_put;
0678         }
0679 
0680         memcpy(&po->pppoe_pa,
0681                &sp->sa_addr.pppoe,
0682                sizeof(struct pppoe_addr));
0683 
0684         write_lock_bh(&pn->hash_lock);
0685         error = __set_item(pn, po);
0686         write_unlock_bh(&pn->hash_lock);
0687         if (error < 0)
0688             goto err_put;
0689 
0690         po->chan.hdrlen = (sizeof(struct pppoe_hdr) +
0691                    dev->hard_header_len);
0692 
0693         po->chan.mtu = dev->mtu - sizeof(struct pppoe_hdr) - 2;
0694         po->chan.private = sk;
0695         po->chan.ops = &pppoe_chan_ops;
0696 
0697         error = ppp_register_net_channel(dev_net(dev), &po->chan);
0698         if (error) {
0699             delete_item(pn, po->pppoe_pa.sid,
0700                     po->pppoe_pa.remote, po->pppoe_ifindex);
0701             goto err_put;
0702         }
0703 
0704         sk->sk_state = PPPOX_CONNECTED;
0705     }
0706 
0707     po->num = sp->sa_addr.pppoe.sid;
0708 
0709 end:
0710     release_sock(sk);
0711     return error;
0712 err_put:
0713     if (po->pppoe_dev) {
0714         dev_put(po->pppoe_dev);
0715         po->pppoe_dev = NULL;
0716     }
0717     goto end;
0718 }
0719 
0720 static int pppoe_getname(struct socket *sock, struct sockaddr *uaddr,
0721           int peer)
0722 {
0723     int len = sizeof(struct sockaddr_pppox);
0724     struct sockaddr_pppox sp;
0725 
0726     sp.sa_family    = AF_PPPOX;
0727     sp.sa_protocol  = PX_PROTO_OE;
0728     memcpy(&sp.sa_addr.pppoe, &pppox_sk(sock->sk)->pppoe_pa,
0729            sizeof(struct pppoe_addr));
0730 
0731     memcpy(uaddr, &sp, len);
0732 
0733     return len;
0734 }
0735 
0736 static int pppoe_ioctl(struct socket *sock, unsigned int cmd,
0737         unsigned long arg)
0738 {
0739     struct sock *sk = sock->sk;
0740     struct pppox_sock *po = pppox_sk(sk);
0741     int val;
0742     int err;
0743 
0744     switch (cmd) {
0745     case PPPIOCGMRU:
0746         err = -ENXIO;
0747         if (!(sk->sk_state & PPPOX_CONNECTED))
0748             break;
0749 
0750         err = -EFAULT;
0751         if (put_user(po->pppoe_dev->mtu -
0752                  sizeof(struct pppoe_hdr) -
0753                  PPP_HDRLEN,
0754                  (int __user *)arg))
0755             break;
0756         err = 0;
0757         break;
0758 
0759     case PPPIOCSMRU:
0760         err = -ENXIO;
0761         if (!(sk->sk_state & PPPOX_CONNECTED))
0762             break;
0763 
0764         err = -EFAULT;
0765         if (get_user(val, (int __user *)arg))
0766             break;
0767 
0768         if (val < (po->pppoe_dev->mtu
0769                - sizeof(struct pppoe_hdr)
0770                - PPP_HDRLEN))
0771             err = 0;
0772         else
0773             err = -EINVAL;
0774         break;
0775 
0776     case PPPIOCSFLAGS:
0777         err = -EFAULT;
0778         if (get_user(val, (int __user *)arg))
0779             break;
0780         err = 0;
0781         break;
0782 
0783     case PPPOEIOCSFWD:
0784     {
0785         struct pppox_sock *relay_po;
0786 
0787         err = -EBUSY;
0788         if (sk->sk_state & (PPPOX_BOUND | PPPOX_DEAD))
0789             break;
0790 
0791         err = -ENOTCONN;
0792         if (!(sk->sk_state & PPPOX_CONNECTED))
0793             break;
0794 
0795         /* PPPoE address from the user specifies an outbound
0796            PPPoE address which frames are forwarded to */
0797         err = -EFAULT;
0798         if (copy_from_user(&po->pppoe_relay,
0799                    (void __user *)arg,
0800                    sizeof(struct sockaddr_pppox)))
0801             break;
0802 
0803         err = -EINVAL;
0804         if (po->pppoe_relay.sa_family != AF_PPPOX ||
0805             po->pppoe_relay.sa_protocol != PX_PROTO_OE)
0806             break;
0807 
0808         /* Check that the socket referenced by the address
0809            actually exists. */
0810         relay_po = get_item_by_addr(sock_net(sk), &po->pppoe_relay);
0811         if (!relay_po)
0812             break;
0813 
0814         sock_put(sk_pppox(relay_po));
0815         sk->sk_state |= PPPOX_RELAY;
0816         err = 0;
0817         break;
0818     }
0819 
0820     case PPPOEIOCDFWD:
0821         err = -EALREADY;
0822         if (!(sk->sk_state & PPPOX_RELAY))
0823             break;
0824 
0825         sk->sk_state &= ~PPPOX_RELAY;
0826         err = 0;
0827         break;
0828 
0829     default:
0830         err = -ENOTTY;
0831     }
0832 
0833     return err;
0834 }
0835 
0836 static int pppoe_sendmsg(struct socket *sock, struct msghdr *m,
0837              size_t total_len)
0838 {
0839     struct sk_buff *skb;
0840     struct sock *sk = sock->sk;
0841     struct pppox_sock *po = pppox_sk(sk);
0842     int error;
0843     struct pppoe_hdr hdr;
0844     struct pppoe_hdr *ph;
0845     struct net_device *dev;
0846     char *start;
0847     int hlen;
0848 
0849     lock_sock(sk);
0850     if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) {
0851         error = -ENOTCONN;
0852         goto end;
0853     }
0854 
0855     hdr.ver = 1;
0856     hdr.type = 1;
0857     hdr.code = 0;
0858     hdr.sid = po->num;
0859 
0860     dev = po->pppoe_dev;
0861 
0862     error = -EMSGSIZE;
0863     if (total_len > (dev->mtu + dev->hard_header_len))
0864         goto end;
0865 
0866     hlen = LL_RESERVED_SPACE(dev);
0867     skb = sock_wmalloc(sk, hlen + sizeof(*ph) + total_len +
0868                dev->needed_tailroom, 0, GFP_KERNEL);
0869     if (!skb) {
0870         error = -ENOMEM;
0871         goto end;
0872     }
0873 
0874     /* Reserve space for headers. */
0875     skb_reserve(skb, hlen);
0876     skb_reset_network_header(skb);
0877 
0878     skb->dev = dev;
0879 
0880     skb->priority = sk->sk_priority;
0881     skb->protocol = cpu_to_be16(ETH_P_PPP_SES);
0882 
0883     ph = skb_put(skb, total_len + sizeof(struct pppoe_hdr));
0884     start = (char *)&ph->tag[0];
0885 
0886     error = memcpy_from_msg(start, m, total_len);
0887     if (error < 0) {
0888         kfree_skb(skb);
0889         goto end;
0890     }
0891 
0892     error = total_len;
0893     dev_hard_header(skb, dev, ETH_P_PPP_SES,
0894             po->pppoe_pa.remote, NULL, total_len);
0895 
0896     memcpy(ph, &hdr, sizeof(struct pppoe_hdr));
0897 
0898     ph->length = htons(total_len);
0899 
0900     dev_queue_xmit(skb);
0901 
0902 end:
0903     release_sock(sk);
0904     return error;
0905 }
0906 
0907 /************************************************************************
0908  *
0909  * xmit function for internal use.
0910  *
0911  ***********************************************************************/
0912 static int __pppoe_xmit(struct sock *sk, struct sk_buff *skb)
0913 {
0914     struct pppox_sock *po = pppox_sk(sk);
0915     struct net_device *dev = po->pppoe_dev;
0916     struct pppoe_hdr *ph;
0917     int data_len = skb->len;
0918 
0919     /* The higher-level PPP code (ppp_unregister_channel()) ensures the PPP
0920      * xmit operations conclude prior to an unregistration call.  Thus
0921      * sk->sk_state cannot change, so we don't need to do lock_sock().
0922      * But, we also can't do a lock_sock since that introduces a potential
0923      * deadlock as we'd reverse the lock ordering used when calling
0924      * ppp_unregister_channel().
0925      */
0926 
0927     if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED))
0928         goto abort;
0929 
0930     if (!dev)
0931         goto abort;
0932 
0933     /* Copy the data if there is no space for the header or if it's
0934      * read-only.
0935      */
0936     if (skb_cow_head(skb, LL_RESERVED_SPACE(dev) + sizeof(*ph)))
0937         goto abort;
0938 
0939     __skb_push(skb, sizeof(*ph));
0940     skb_reset_network_header(skb);
0941 
0942     ph = pppoe_hdr(skb);
0943     ph->ver = 1;
0944     ph->type = 1;
0945     ph->code = 0;
0946     ph->sid = po->num;
0947     ph->length = htons(data_len);
0948 
0949     skb->protocol = cpu_to_be16(ETH_P_PPP_SES);
0950     skb->dev = dev;
0951 
0952     dev_hard_header(skb, dev, ETH_P_PPP_SES,
0953             po->pppoe_pa.remote, NULL, data_len);
0954 
0955     dev_queue_xmit(skb);
0956     return 1;
0957 
0958 abort:
0959     kfree_skb(skb);
0960     return 1;
0961 }
0962 
0963 /************************************************************************
0964  *
0965  * xmit function called by generic PPP driver
0966  * sends PPP frame over PPPoE socket
0967  *
0968  ***********************************************************************/
0969 static int pppoe_xmit(struct ppp_channel *chan, struct sk_buff *skb)
0970 {
0971     struct sock *sk = (struct sock *)chan->private;
0972     return __pppoe_xmit(sk, skb);
0973 }
0974 
0975 static int pppoe_fill_forward_path(struct net_device_path_ctx *ctx,
0976                    struct net_device_path *path,
0977                    const struct ppp_channel *chan)
0978 {
0979     struct sock *sk = (struct sock *)chan->private;
0980     struct pppox_sock *po = pppox_sk(sk);
0981     struct net_device *dev = po->pppoe_dev;
0982 
0983     if (sock_flag(sk, SOCK_DEAD) ||
0984         !(sk->sk_state & PPPOX_CONNECTED) || !dev)
0985         return -1;
0986 
0987     path->type = DEV_PATH_PPPOE;
0988     path->encap.proto = htons(ETH_P_PPP_SES);
0989     path->encap.id = be16_to_cpu(po->num);
0990     memcpy(path->encap.h_dest, po->pppoe_pa.remote, ETH_ALEN);
0991     memcpy(ctx->daddr, po->pppoe_pa.remote, ETH_ALEN);
0992     path->dev = ctx->dev;
0993     ctx->dev = dev;
0994 
0995     return 0;
0996 }
0997 
0998 static const struct ppp_channel_ops pppoe_chan_ops = {
0999     .start_xmit = pppoe_xmit,
1000     .fill_forward_path = pppoe_fill_forward_path,
1001 };
1002 
1003 static int pppoe_recvmsg(struct socket *sock, struct msghdr *m,
1004              size_t total_len, int flags)
1005 {
1006     struct sock *sk = sock->sk;
1007     struct sk_buff *skb;
1008     int error = 0;
1009 
1010     if (sk->sk_state & PPPOX_BOUND) {
1011         error = -EIO;
1012         goto end;
1013     }
1014 
1015     skb = skb_recv_datagram(sk, flags, &error);
1016     if (error < 0)
1017         goto end;
1018 
1019     if (skb) {
1020         total_len = min_t(size_t, total_len, skb->len);
1021         error = skb_copy_datagram_msg(skb, 0, m, total_len);
1022         if (error == 0) {
1023             consume_skb(skb);
1024             return total_len;
1025         }
1026     }
1027 
1028     kfree_skb(skb);
1029 end:
1030     return error;
1031 }
1032 
1033 #ifdef CONFIG_PROC_FS
1034 static int pppoe_seq_show(struct seq_file *seq, void *v)
1035 {
1036     struct pppox_sock *po;
1037     char *dev_name;
1038 
1039     if (v == SEQ_START_TOKEN) {
1040         seq_puts(seq, "Id       Address              Device\n");
1041         goto out;
1042     }
1043 
1044     po = v;
1045     dev_name = po->pppoe_pa.dev;
1046 
1047     seq_printf(seq, "%08X %pM %8s\n",
1048         po->pppoe_pa.sid, po->pppoe_pa.remote, dev_name);
1049 out:
1050     return 0;
1051 }
1052 
1053 static inline struct pppox_sock *pppoe_get_idx(struct pppoe_net *pn, loff_t pos)
1054 {
1055     struct pppox_sock *po;
1056     int i;
1057 
1058     for (i = 0; i < PPPOE_HASH_SIZE; i++) {
1059         po = pn->hash_table[i];
1060         while (po) {
1061             if (!pos--)
1062                 goto out;
1063             po = po->next;
1064         }
1065     }
1066 
1067 out:
1068     return po;
1069 }
1070 
1071 static void *pppoe_seq_start(struct seq_file *seq, loff_t *pos)
1072     __acquires(pn->hash_lock)
1073 {
1074     struct pppoe_net *pn = pppoe_pernet(seq_file_net(seq));
1075     loff_t l = *pos;
1076 
1077     read_lock_bh(&pn->hash_lock);
1078     return l ? pppoe_get_idx(pn, --l) : SEQ_START_TOKEN;
1079 }
1080 
1081 static void *pppoe_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1082 {
1083     struct pppoe_net *pn = pppoe_pernet(seq_file_net(seq));
1084     struct pppox_sock *po;
1085 
1086     ++*pos;
1087     if (v == SEQ_START_TOKEN) {
1088         po = pppoe_get_idx(pn, 0);
1089         goto out;
1090     }
1091     po = v;
1092     if (po->next)
1093         po = po->next;
1094     else {
1095         int hash = hash_item(po->pppoe_pa.sid, po->pppoe_pa.remote);
1096 
1097         po = NULL;
1098         while (++hash < PPPOE_HASH_SIZE) {
1099             po = pn->hash_table[hash];
1100             if (po)
1101                 break;
1102         }
1103     }
1104 
1105 out:
1106     return po;
1107 }
1108 
1109 static void pppoe_seq_stop(struct seq_file *seq, void *v)
1110     __releases(pn->hash_lock)
1111 {
1112     struct pppoe_net *pn = pppoe_pernet(seq_file_net(seq));
1113     read_unlock_bh(&pn->hash_lock);
1114 }
1115 
1116 static const struct seq_operations pppoe_seq_ops = {
1117     .start      = pppoe_seq_start,
1118     .next       = pppoe_seq_next,
1119     .stop       = pppoe_seq_stop,
1120     .show       = pppoe_seq_show,
1121 };
1122 #endif /* CONFIG_PROC_FS */
1123 
1124 static const struct proto_ops pppoe_ops = {
1125     .family     = AF_PPPOX,
1126     .owner      = THIS_MODULE,
1127     .release    = pppoe_release,
1128     .bind       = sock_no_bind,
1129     .connect    = pppoe_connect,
1130     .socketpair = sock_no_socketpair,
1131     .accept     = sock_no_accept,
1132     .getname    = pppoe_getname,
1133     .poll       = datagram_poll,
1134     .listen     = sock_no_listen,
1135     .shutdown   = sock_no_shutdown,
1136     .sendmsg    = pppoe_sendmsg,
1137     .recvmsg    = pppoe_recvmsg,
1138     .mmap       = sock_no_mmap,
1139     .ioctl      = pppox_ioctl,
1140 #ifdef CONFIG_COMPAT
1141     .compat_ioctl   = pppox_compat_ioctl,
1142 #endif
1143 };
1144 
1145 static const struct pppox_proto pppoe_proto = {
1146     .create = pppoe_create,
1147     .ioctl  = pppoe_ioctl,
1148     .owner  = THIS_MODULE,
1149 };
1150 
1151 static __net_init int pppoe_init_net(struct net *net)
1152 {
1153     struct pppoe_net *pn = pppoe_pernet(net);
1154     struct proc_dir_entry *pde;
1155 
1156     rwlock_init(&pn->hash_lock);
1157 
1158     pde = proc_create_net("pppoe", 0444, net->proc_net,
1159             &pppoe_seq_ops, sizeof(struct seq_net_private));
1160 #ifdef CONFIG_PROC_FS
1161     if (!pde)
1162         return -ENOMEM;
1163 #endif
1164 
1165     return 0;
1166 }
1167 
1168 static __net_exit void pppoe_exit_net(struct net *net)
1169 {
1170     remove_proc_entry("pppoe", net->proc_net);
1171 }
1172 
1173 static struct pernet_operations pppoe_net_ops = {
1174     .init = pppoe_init_net,
1175     .exit = pppoe_exit_net,
1176     .id   = &pppoe_net_id,
1177     .size = sizeof(struct pppoe_net),
1178 };
1179 
1180 static int __init pppoe_init(void)
1181 {
1182     int err;
1183 
1184     err = register_pernet_device(&pppoe_net_ops);
1185     if (err)
1186         goto out;
1187 
1188     err = proto_register(&pppoe_sk_proto, 0);
1189     if (err)
1190         goto out_unregister_net_ops;
1191 
1192     err = register_pppox_proto(PX_PROTO_OE, &pppoe_proto);
1193     if (err)
1194         goto out_unregister_pppoe_proto;
1195 
1196     dev_add_pack(&pppoes_ptype);
1197     dev_add_pack(&pppoed_ptype);
1198     register_netdevice_notifier(&pppoe_notifier);
1199 
1200     return 0;
1201 
1202 out_unregister_pppoe_proto:
1203     proto_unregister(&pppoe_sk_proto);
1204 out_unregister_net_ops:
1205     unregister_pernet_device(&pppoe_net_ops);
1206 out:
1207     return err;
1208 }
1209 
1210 static void __exit pppoe_exit(void)
1211 {
1212     unregister_netdevice_notifier(&pppoe_notifier);
1213     dev_remove_pack(&pppoed_ptype);
1214     dev_remove_pack(&pppoes_ptype);
1215     unregister_pppox_proto(PX_PROTO_OE);
1216     proto_unregister(&pppoe_sk_proto);
1217     unregister_pernet_device(&pppoe_net_ops);
1218 }
1219 
1220 module_init(pppoe_init);
1221 module_exit(pppoe_exit);
1222 
1223 MODULE_AUTHOR("Michal Ostrowski <mostrows@speakeasy.net>");
1224 MODULE_DESCRIPTION("PPP over Ethernet driver");
1225 MODULE_LICENSE("GPL");
1226 MODULE_ALIAS_NET_PF_PROTO(PF_PPPOX, PX_PROTO_OE);
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!