1 /* net/atm/pppoatm.c - RFC2364 PPP over ATM/AAL5 */
2 
3 /* Copyright 1999-2000 by Mitchell Blank Jr */
4 /* Based on clip.c; 1995-1999 by Werner Almesberger, EPFL LRC/ICA */
5 /* And on ppp_async.c; Copyright 1999 Paul Mackerras */
6 /* And help from Jens Axboe */
7 
8 /*
9  *  This program is free software; you can redistribute it and/or
10  *  modify it under the terms of the GNU General Public License
11  *  as published by the Free Software Foundation; either version
12  *  2 of the License, or (at your option) any later version.
13  *
14  * This driver provides the encapsulation and framing for sending
15  * and receiving PPP frames in ATM AAL5 PDUs.
16  */
17 
18 /*
19  * One shortcoming of this driver is that it does not comply with
20  * section 8 of RFC2364 - we are supposed to detect a change
21  * in encapsulation and immediately abort the connection (in order
22  * to avoid a black-hole being created if our peer loses state
23  * and changes encapsulation unilaterally.  However, since the
24  * ppp_generic layer actually does the decapsulation, we need
25  * a way of notifying it when we _think_ there might be a problem)
26  * There's two cases:
27  *   1.	LLC-encapsulation was missing when it was enabled.  In
28  *	this case, we should tell the upper layer "tear down
29  *	this session if this skb looks ok to you"
30  *   2.	LLC-encapsulation was present when it was disabled.  Then
31  *	we need to tell the upper layer "this packet may be
32  *	ok, but if its in error tear down the session"
33  * These hooks are not yet available in ppp_generic
34  */
35 
36 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
37 
38 #include <linux/module.h>
39 #include <linux/init.h>
40 #include <linux/skbuff.h>
41 #include <linux/slab.h>
42 #include <linux/atm.h>
43 #include <linux/atmdev.h>
44 #include <linux/capability.h>
45 #include <linux/ppp_defs.h>
46 #include <linux/if_ppp.h>
47 #include <linux/ppp_channel.h>
48 #include <linux/atmppp.h>
49 
50 #include "common.h"
51 
52 enum pppoatm_encaps {
53 	e_autodetect = PPPOATM_ENCAPS_AUTODETECT,
54 	e_vc = PPPOATM_ENCAPS_VC,
55 	e_llc = PPPOATM_ENCAPS_LLC,
56 };
57 
58 struct pppoatm_vcc {
59 	struct atm_vcc	*atmvcc;	/* VCC descriptor */
60 	void (*old_push)(struct atm_vcc *, struct sk_buff *);
61 	void (*old_pop)(struct atm_vcc *, struct sk_buff *);
62 					/* keep old push/pop for detaching */
63 	enum pppoatm_encaps encaps;
64 	int flags;			/* SC_COMP_PROT - compress protocol */
65 	struct ppp_channel chan;	/* interface to generic ppp layer */
66 	struct tasklet_struct wakeup_tasklet;
67 };
68 
69 /*
70  * Header used for LLC Encapsulated PPP (4 bytes) followed by the LCP protocol
71  * ID (0xC021) used in autodetection
72  */
73 static const unsigned char pppllc[6] = { 0xFE, 0xFE, 0x03, 0xCF, 0xC0, 0x21 };
74 #define LLC_LEN		(4)
75 
atmvcc_to_pvcc(const struct atm_vcc * atmvcc)76 static inline struct pppoatm_vcc *atmvcc_to_pvcc(const struct atm_vcc *atmvcc)
77 {
78 	return (struct pppoatm_vcc *) (atmvcc->user_back);
79 }
80 
chan_to_pvcc(const struct ppp_channel * chan)81 static inline struct pppoatm_vcc *chan_to_pvcc(const struct ppp_channel *chan)
82 {
83 	return (struct pppoatm_vcc *) (chan->private);
84 }
85 
86 /*
87  * We can't do this directly from our _pop handler, since the ppp code
88  * doesn't want to be called in interrupt context, so we do it from
89  * a tasklet
90  */
pppoatm_wakeup_sender(unsigned long arg)91 static void pppoatm_wakeup_sender(unsigned long arg)
92 {
93 	ppp_output_wakeup((struct ppp_channel *) arg);
94 }
95 
96 /*
97  * This gets called every time the ATM card has finished sending our
98  * skb.  The ->old_pop will take care up normal atm flow control,
99  * but we also need to wake up the device if we blocked it
100  */
pppoatm_pop(struct atm_vcc * atmvcc,struct sk_buff * skb)101 static void pppoatm_pop(struct atm_vcc *atmvcc, struct sk_buff *skb)
102 {
103 	struct pppoatm_vcc *pvcc = atmvcc_to_pvcc(atmvcc);
104 	pvcc->old_pop(atmvcc, skb);
105 	/*
106 	 * We don't really always want to do this since it's
107 	 * really inefficient - it would be much better if we could
108 	 * test if we had actually throttled the generic layer.
109 	 * Unfortunately then there would be a nasty SMP race where
110 	 * we could clear that flag just as we refuse another packet.
111 	 * For now we do the safe thing.
112 	 */
113 	tasklet_schedule(&pvcc->wakeup_tasklet);
114 }
115 
116 /*
117  * Unbind from PPP - currently we only do this when closing the socket,
118  * but we could put this into an ioctl if need be
119  */
pppoatm_unassign_vcc(struct atm_vcc * atmvcc)120 static void pppoatm_unassign_vcc(struct atm_vcc *atmvcc)
121 {
122 	struct pppoatm_vcc *pvcc;
123 	pvcc = atmvcc_to_pvcc(atmvcc);
124 	atmvcc->push = pvcc->old_push;
125 	atmvcc->pop = pvcc->old_pop;
126 	tasklet_kill(&pvcc->wakeup_tasklet);
127 	ppp_unregister_channel(&pvcc->chan);
128 	atmvcc->user_back = NULL;
129 	kfree(pvcc);
130 	/* Gee, I hope we have the big kernel lock here... */
131 	module_put(THIS_MODULE);
132 }
133 
134 /* Called when an AAL5 PDU comes in */
pppoatm_push(struct atm_vcc * atmvcc,struct sk_buff * skb)135 static void pppoatm_push(struct atm_vcc *atmvcc, struct sk_buff *skb)
136 {
137 	struct pppoatm_vcc *pvcc = atmvcc_to_pvcc(atmvcc);
138 	pr_debug("\n");
139 	if (skb == NULL) {			/* VCC was closed */
140 		pr_debug("removing ATMPPP VCC %p\n", pvcc);
141 		pppoatm_unassign_vcc(atmvcc);
142 		atmvcc->push(atmvcc, NULL);	/* Pass along bad news */
143 		return;
144 	}
145 	atm_return(atmvcc, skb->truesize);
146 	switch (pvcc->encaps) {
147 	case e_llc:
148 		if (skb->len < LLC_LEN ||
149 		    memcmp(skb->data, pppllc, LLC_LEN))
150 			goto error;
151 		skb_pull(skb, LLC_LEN);
152 		break;
153 	case e_autodetect:
154 		if (pvcc->chan.ppp == NULL) {	/* Not bound yet! */
155 			kfree_skb(skb);
156 			return;
157 		}
158 		if (skb->len >= sizeof(pppllc) &&
159 		    !memcmp(skb->data, pppllc, sizeof(pppllc))) {
160 			pvcc->encaps = e_llc;
161 			skb_pull(skb, LLC_LEN);
162 			break;
163 		}
164 		if (skb->len >= (sizeof(pppllc) - LLC_LEN) &&
165 		    !memcmp(skb->data, &pppllc[LLC_LEN],
166 		    sizeof(pppllc) - LLC_LEN)) {
167 			pvcc->encaps = e_vc;
168 			pvcc->chan.mtu += LLC_LEN;
169 			break;
170 		}
171 		pr_debug("Couldn't autodetect yet (skb: %02X %02X %02X %02X %02X %02X)\n",
172 			 skb->data[0], skb->data[1], skb->data[2],
173 			 skb->data[3], skb->data[4], skb->data[5]);
174 		goto error;
175 	case e_vc:
176 		break;
177 	}
178 	ppp_input(&pvcc->chan, skb);
179 	return;
180 
181 error:
182 	kfree_skb(skb);
183 	ppp_input_error(&pvcc->chan, 0);
184 }
185 
186 /*
187  * Called by the ppp_generic.c to send a packet - returns true if packet
188  * was accepted.  If we return false, then it's our job to call
189  * ppp_output_wakeup(chan) when we're feeling more up to it.
190  * Note that in the ENOMEM case (as opposed to the !atm_may_send case)
191  * we should really drop the packet, but the generic layer doesn't
192  * support this yet.  We just return 'DROP_PACKET' which we actually define
193  * as success, just to be clear what we're really doing.
194  */
195 #define DROP_PACKET 1
pppoatm_send(struct ppp_channel * chan,struct sk_buff * skb)196 static int pppoatm_send(struct ppp_channel *chan, struct sk_buff *skb)
197 {
198 	struct pppoatm_vcc *pvcc = chan_to_pvcc(chan);
199 	ATM_SKB(skb)->vcc = pvcc->atmvcc;
200 	pr_debug("(skb=0x%p, vcc=0x%p)\n", skb, pvcc->atmvcc);
201 	if (skb->data[0] == '\0' && (pvcc->flags & SC_COMP_PROT))
202 		(void) skb_pull(skb, 1);
203 	switch (pvcc->encaps) {		/* LLC encapsulation needed */
204 	case e_llc:
205 		if (skb_headroom(skb) < LLC_LEN) {
206 			struct sk_buff *n;
207 			n = skb_realloc_headroom(skb, LLC_LEN);
208 			if (n != NULL &&
209 			    !atm_may_send(pvcc->atmvcc, n->truesize)) {
210 				kfree_skb(n);
211 				goto nospace;
212 			}
213 			kfree_skb(skb);
214 			skb = n;
215 			if (skb == NULL)
216 				return DROP_PACKET;
217 		} else if (!atm_may_send(pvcc->atmvcc, skb->truesize))
218 			goto nospace;
219 		memcpy(skb_push(skb, LLC_LEN), pppllc, LLC_LEN);
220 		break;
221 	case e_vc:
222 		if (!atm_may_send(pvcc->atmvcc, skb->truesize))
223 			goto nospace;
224 		break;
225 	case e_autodetect:
226 		pr_debug("Trying to send without setting encaps!\n");
227 		kfree_skb(skb);
228 		return 1;
229 	}
230 
231 	atomic_add(skb->truesize, &sk_atm(ATM_SKB(skb)->vcc)->sk_wmem_alloc);
232 	ATM_SKB(skb)->atm_options = ATM_SKB(skb)->vcc->atm_options;
233 	pr_debug("atm_skb(%p)->vcc(%p)->dev(%p)\n",
234 		 skb, ATM_SKB(skb)->vcc, ATM_SKB(skb)->vcc->dev);
235 	return ATM_SKB(skb)->vcc->send(ATM_SKB(skb)->vcc, skb)
236 	    ? DROP_PACKET : 1;
237 nospace:
238 	/*
239 	 * We don't have space to send this SKB now, but we might have
240 	 * already applied SC_COMP_PROT compression, so may need to undo
241 	 */
242 	if ((pvcc->flags & SC_COMP_PROT) && skb_headroom(skb) > 0 &&
243 	    skb->data[-1] == '\0')
244 		(void) skb_push(skb, 1);
245 	return 0;
246 }
247 
248 /* This handles ioctls sent to the /dev/ppp interface */
pppoatm_devppp_ioctl(struct ppp_channel * chan,unsigned int cmd,unsigned long arg)249 static int pppoatm_devppp_ioctl(struct ppp_channel *chan, unsigned int cmd,
250 	unsigned long arg)
251 {
252 	switch (cmd) {
253 	case PPPIOCGFLAGS:
254 		return put_user(chan_to_pvcc(chan)->flags, (int __user *) arg)
255 		    ? -EFAULT : 0;
256 	case PPPIOCSFLAGS:
257 		return get_user(chan_to_pvcc(chan)->flags, (int __user *) arg)
258 		    ? -EFAULT : 0;
259 	}
260 	return -ENOTTY;
261 }
262 
263 static const struct ppp_channel_ops pppoatm_ops = {
264 	.start_xmit = pppoatm_send,
265 	.ioctl = pppoatm_devppp_ioctl,
266 };
267 
pppoatm_assign_vcc(struct atm_vcc * atmvcc,void __user * arg)268 static int pppoatm_assign_vcc(struct atm_vcc *atmvcc, void __user *arg)
269 {
270 	struct atm_backend_ppp be;
271 	struct pppoatm_vcc *pvcc;
272 	int err;
273 	/*
274 	 * Each PPPoATM instance has its own tasklet - this is just a
275 	 * prototypical one used to initialize them
276 	 */
277 	static const DECLARE_TASKLET(tasklet_proto, pppoatm_wakeup_sender, 0);
278 	if (copy_from_user(&be, arg, sizeof be))
279 		return -EFAULT;
280 	if (be.encaps != PPPOATM_ENCAPS_AUTODETECT &&
281 	    be.encaps != PPPOATM_ENCAPS_VC && be.encaps != PPPOATM_ENCAPS_LLC)
282 		return -EINVAL;
283 	pvcc = kzalloc(sizeof(*pvcc), GFP_KERNEL);
284 	if (pvcc == NULL)
285 		return -ENOMEM;
286 	pvcc->atmvcc = atmvcc;
287 	pvcc->old_push = atmvcc->push;
288 	pvcc->old_pop = atmvcc->pop;
289 	pvcc->encaps = (enum pppoatm_encaps) be.encaps;
290 	pvcc->chan.private = pvcc;
291 	pvcc->chan.ops = &pppoatm_ops;
292 	pvcc->chan.mtu = atmvcc->qos.txtp.max_sdu - PPP_HDRLEN -
293 	    (be.encaps == e_vc ? 0 : LLC_LEN);
294 	pvcc->wakeup_tasklet = tasklet_proto;
295 	pvcc->wakeup_tasklet.data = (unsigned long) &pvcc->chan;
296 	err = ppp_register_channel(&pvcc->chan);
297 	if (err != 0) {
298 		kfree(pvcc);
299 		return err;
300 	}
301 	atmvcc->user_back = pvcc;
302 	atmvcc->push = pppoatm_push;
303 	atmvcc->pop = pppoatm_pop;
304 	__module_get(THIS_MODULE);
305 	return 0;
306 }
307 
308 /*
309  * This handles ioctls actually performed on our vcc - we must return
310  * -ENOIOCTLCMD for any unrecognized ioctl
311  */
pppoatm_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)312 static int pppoatm_ioctl(struct socket *sock, unsigned int cmd,
313 	unsigned long arg)
314 {
315 	struct atm_vcc *atmvcc = ATM_SD(sock);
316 	void __user *argp = (void __user *)arg;
317 
318 	if (cmd != ATM_SETBACKEND && atmvcc->push != pppoatm_push)
319 		return -ENOIOCTLCMD;
320 	switch (cmd) {
321 	case ATM_SETBACKEND: {
322 		atm_backend_t b;
323 		if (get_user(b, (atm_backend_t __user *) argp))
324 			return -EFAULT;
325 		if (b != ATM_BACKEND_PPP)
326 			return -ENOIOCTLCMD;
327 		if (!capable(CAP_NET_ADMIN))
328 			return -EPERM;
329 		return pppoatm_assign_vcc(atmvcc, argp);
330 		}
331 	case PPPIOCGCHAN:
332 		return put_user(ppp_channel_index(&atmvcc_to_pvcc(atmvcc)->
333 		    chan), (int __user *) argp) ? -EFAULT : 0;
334 	case PPPIOCGUNIT:
335 		return put_user(ppp_unit_number(&atmvcc_to_pvcc(atmvcc)->
336 		    chan), (int __user *) argp) ? -EFAULT : 0;
337 	}
338 	return -ENOIOCTLCMD;
339 }
340 
341 static struct atm_ioctl pppoatm_ioctl_ops = {
342 	.owner	= THIS_MODULE,
343 	.ioctl	= pppoatm_ioctl,
344 };
345 
pppoatm_init(void)346 static int __init pppoatm_init(void)
347 {
348 	register_atm_ioctl(&pppoatm_ioctl_ops);
349 	return 0;
350 }
351 
pppoatm_exit(void)352 static void __exit pppoatm_exit(void)
353 {
354 	deregister_atm_ioctl(&pppoatm_ioctl_ops);
355 }
356 
357 module_init(pppoatm_init);
358 module_exit(pppoatm_exit);
359 
360 MODULE_AUTHOR("Mitchell Blank Jr <mitch@sfgoth.com>");
361 MODULE_DESCRIPTION("RFC2364 PPP over ATM/AAL5");
362 MODULE_LICENSE("GPL");
363