1 /***************************************************************************** 2 * Linux PPP over L2TP (PPPoX/PPPoL2TP) Sockets 3 * 4 * PPPoX --- Generic PPP encapsulation socket family 5 * PPPoL2TP --- PPP over L2TP (RFC 2661) 6 * 7 * Version: 2.0.0 8 * 9 * Authors: James Chapman (jchapman@katalix.com) 10 * 11 * Based on original work by Martijn van Oosterhout <kleptog@svana.org> 12 * 13 * License: 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 * 19 */ 20 21 /* This driver handles only L2TP data frames; control frames are handled by a 22 * userspace application. 23 * 24 * To send data in an L2TP session, userspace opens a PPPoL2TP socket and 25 * attaches it to a bound UDP socket with local tunnel_id / session_id and 26 * peer tunnel_id / session_id set. Data can then be sent or received using 27 * regular socket sendmsg() / recvmsg() calls. Kernel parameters of the socket 28 * can be read or modified using ioctl() or [gs]etsockopt() calls. 29 * 30 * When a PPPoL2TP socket is connected with local and peer session_id values 31 * zero, the socket is treated as a special tunnel management socket. 32 * 33 * Here's example userspace code to create a socket for sending/receiving data 34 * over an L2TP session:- 35 * 36 * struct sockaddr_pppol2tp sax; 37 * int fd; 38 * int session_fd; 39 * 40 * fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); 41 * 42 * sax.sa_family = AF_PPPOX; 43 * sax.sa_protocol = PX_PROTO_OL2TP; 44 * sax.pppol2tp.fd = tunnel_fd; // bound UDP socket 45 * sax.pppol2tp.addr.sin_addr.s_addr = addr->sin_addr.s_addr; 46 * sax.pppol2tp.addr.sin_port = addr->sin_port; 47 * sax.pppol2tp.addr.sin_family = AF_INET; 48 * sax.pppol2tp.s_tunnel = tunnel_id; 49 * sax.pppol2tp.s_session = session_id; 50 * sax.pppol2tp.d_tunnel = peer_tunnel_id; 51 * sax.pppol2tp.d_session = peer_session_id; 52 * 53 * session_fd = connect(fd, (struct sockaddr *)&sax, sizeof(sax)); 54 * 55 * A pppd plugin that allows PPP traffic to be carried over L2TP using 56 * this driver is available from the OpenL2TP project at 57 * http://openl2tp.sourceforge.net. 58 */ 59 60 #include <linux/module.h> 61 #include <linux/string.h> 62 #include <linux/list.h> 63 #include <linux/uaccess.h> 64 65 #include <linux/kernel.h> 66 #include <linux/spinlock.h> 67 #include <linux/kthread.h> 68 #include <linux/sched.h> 69 #include <linux/slab.h> 70 #include <linux/errno.h> 71 #include <linux/jiffies.h> 72 73 #include <linux/netdevice.h> 74 #include <linux/net.h> 75 #include <linux/inetdevice.h> 76 #include <linux/skbuff.h> 77 #include <linux/init.h> 78 #include <linux/ip.h> 79 #include <linux/udp.h> 80 #include <linux/if_pppox.h> 81 #include <linux/if_pppol2tp.h> 82 #include <net/sock.h> 83 #include <linux/ppp_channel.h> 84 #include <linux/ppp_defs.h> 85 #include <linux/if_ppp.h> 86 #include <linux/file.h> 87 #include <linux/hash.h> 88 #include <linux/sort.h> 89 #include <linux/proc_fs.h> 90 #include <linux/l2tp.h> 91 #include <linux/nsproxy.h> 92 #include <net/net_namespace.h> 93 #include <net/netns/generic.h> 94 #include <net/dst.h> 95 #include <net/ip.h> 96 #include <net/udp.h> 97 #include <net/xfrm.h> 98 99 #include <asm/byteorder.h> 100 #include <asm/atomic.h> 101 102 #include "l2tp_core.h" 103 104 #define PPPOL2TP_DRV_VERSION "V2.0" 105 106 /* Space for UDP, L2TP and PPP headers */ 107 #define PPPOL2TP_HEADER_OVERHEAD 40 108 109 #define PRINTK(_mask, _type, _lvl, _fmt, args...) \ 110 do { \ 111 if ((_mask) & (_type)) \ 112 printk(_lvl "PPPOL2TP: " _fmt, ##args); \ 113 } while (0) 114 115 /* Number of bytes to build transmit L2TP headers. 116 * Unfortunately the size is different depending on whether sequence numbers 117 * are enabled. 118 */ 119 #define PPPOL2TP_L2TP_HDR_SIZE_SEQ 10 120 #define PPPOL2TP_L2TP_HDR_SIZE_NOSEQ 6 121 122 /* Private data of each session. This data lives at the end of struct 123 * l2tp_session, referenced via session->priv[]. 124 */ 125 struct pppol2tp_session { 126 int owner; /* pid that opened the socket */ 127 128 struct sock *sock; /* Pointer to the session 129 * PPPoX socket */ 130 struct sock *tunnel_sock; /* Pointer to the tunnel UDP 131 * socket */ 132 int flags; /* accessed by PPPIOCGFLAGS. 133 * Unused. */ 134 }; 135 136 static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb); 137 138 static struct ppp_channel_ops pppol2tp_chan_ops = { pppol2tp_xmit , NULL }; 139 static const struct proto_ops pppol2tp_ops; 140 141 /* Helpers to obtain tunnel/session contexts from sockets. 142 */ 143 static inline struct l2tp_session *pppol2tp_sock_to_session(struct sock *sk) 144 { 145 struct l2tp_session *session; 146 147 if (sk == NULL) 148 return NULL; 149 150 sock_hold(sk); 151 session = (struct l2tp_session *)(sk->sk_user_data); 152 if (session == NULL) { 153 sock_put(sk); 154 goto out; 155 } 156 157 BUG_ON(session->magic != L2TP_SESSION_MAGIC); 158 159 out: 160 return session; 161 } 162 163 /***************************************************************************** 164 * Receive data handling 165 *****************************************************************************/ 166 167 static int pppol2tp_recv_payload_hook(struct sk_buff *skb) 168 { 169 /* Skip PPP header, if present. In testing, Microsoft L2TP clients 170 * don't send the PPP header (PPP header compression enabled), but 171 * other clients can include the header. So we cope with both cases 172 * here. The PPP header is always FF03 when using L2TP. 173 * 174 * Note that skb->data[] isn't dereferenced from a u16 ptr here since 175 * the field may be unaligned. 176 */ 177 if (!pskb_may_pull(skb, 2)) 178 return 1; 179 180 if ((skb->data[0] == 0xff) && (skb->data[1] == 0x03)) 181 skb_pull(skb, 2); 182 183 return 0; 184 } 185 186 /* Receive message. This is the recvmsg for the PPPoL2TP socket. 187 */ 188 static int pppol2tp_recvmsg(struct kiocb *iocb, struct socket *sock, 189 struct msghdr *msg, size_t len, 190 int flags) 191 { 192 int err; 193 struct sk_buff *skb; 194 struct sock *sk = sock->sk; 195 196 err = -EIO; 197 if (sk->sk_state & PPPOX_BOUND) 198 goto end; 199 200 msg->msg_namelen = 0; 201 202 err = 0; 203 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 204 flags & MSG_DONTWAIT, &err); 205 if (!skb) 206 goto end; 207 208 if (len > skb->len) 209 len = skb->len; 210 else if (len < skb->len) 211 msg->msg_flags |= MSG_TRUNC; 212 213 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, len); 214 if (likely(err == 0)) 215 err = len; 216 217 kfree_skb(skb); 218 end: 219 return err; 220 } 221 222 static void pppol2tp_recv(struct l2tp_session *session, struct sk_buff *skb, int data_len) 223 { 224 struct pppol2tp_session *ps = l2tp_session_priv(session); 225 struct sock *sk = NULL; 226 227 /* If the socket is bound, send it in to PPP's input queue. Otherwise 228 * queue it on the session socket. 229 */ 230 sk = ps->sock; 231 if (sk == NULL) 232 goto no_sock; 233 234 if (sk->sk_state & PPPOX_BOUND) { 235 struct pppox_sock *po; 236 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_DEBUG, 237 "%s: recv %d byte data frame, passing to ppp\n", 238 session->name, data_len); 239 240 /* We need to forget all info related to the L2TP packet 241 * gathered in the skb as we are going to reuse the same 242 * skb for the inner packet. 243 * Namely we need to: 244 * - reset xfrm (IPSec) information as it applies to 245 * the outer L2TP packet and not to the inner one 246 * - release the dst to force a route lookup on the inner 247 * IP packet since skb->dst currently points to the dst 248 * of the UDP tunnel 249 * - reset netfilter information as it doesn't apply 250 * to the inner packet either 251 */ 252 secpath_reset(skb); 253 skb_dst_drop(skb); 254 nf_reset(skb); 255 256 po = pppox_sk(sk); 257 ppp_input(&po->chan, skb); 258 } else { 259 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_INFO, 260 "%s: socket not bound\n", session->name); 261 262 /* Not bound. Nothing we can do, so discard. */ 263 session->stats.rx_errors++; 264 kfree_skb(skb); 265 } 266 267 return; 268 269 no_sock: 270 PRINTK(session->debug, PPPOL2TP_MSG_DATA, KERN_INFO, 271 "%s: no socket\n", session->name); 272 kfree_skb(skb); 273 } 274 275 static void pppol2tp_session_sock_hold(struct l2tp_session *session) 276 { 277 struct pppol2tp_session *ps = l2tp_session_priv(session); 278 279 if (ps->sock) 280 sock_hold(ps->sock); 281 } 282 283 static void pppol2tp_session_sock_put(struct l2tp_session *session) 284 { 285 struct pppol2tp_session *ps = l2tp_session_priv(session); 286 287 if (ps->sock) 288 sock_put(ps->sock); 289 } 290 291 /************************************************************************ 292 * Transmit handling 293 ***********************************************************************/ 294 295 /* This is the sendmsg for the PPPoL2TP pppol2tp_session socket. We come here 296 * when a user application does a sendmsg() on the session socket. L2TP and 297 * PPP headers must be inserted into the user's data. 298 */ 299 static int pppol2tp_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *m, 300 size_t total_len) 301 { 302 static const unsigned char ppph[2] = { 0xff, 0x03 }; 303 struct sock *sk = sock->sk; 304 struct sk_buff *skb; 305 int error; 306 struct l2tp_session *session; 307 struct l2tp_tunnel *tunnel; 308 struct pppol2tp_session *ps; 309 int uhlen; 310 311 error = -ENOTCONN; 312 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) 313 goto error; 314 315 /* Get session and tunnel contexts */ 316 error = -EBADF; 317 session = pppol2tp_sock_to_session(sk); 318 if (session == NULL) 319 goto error; 320 321 ps = l2tp_session_priv(session); 322 tunnel = l2tp_sock_to_tunnel(ps->tunnel_sock); 323 if (tunnel == NULL) 324 goto error_put_sess; 325 326 uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0; 327 328 /* Allocate a socket buffer */ 329 error = -ENOMEM; 330 skb = sock_wmalloc(sk, NET_SKB_PAD + sizeof(struct iphdr) + 331 uhlen + session->hdr_len + 332 sizeof(ppph) + total_len, 333 0, GFP_KERNEL); 334 if (!skb) 335 goto error_put_sess_tun; 336 337 /* Reserve space for headers. */ 338 skb_reserve(skb, NET_SKB_PAD); 339 skb_reset_network_header(skb); 340 skb_reserve(skb, sizeof(struct iphdr)); 341 skb_reset_transport_header(skb); 342 skb_reserve(skb, uhlen); 343 344 /* Add PPP header */ 345 skb->data[0] = ppph[0]; 346 skb->data[1] = ppph[1]; 347 skb_put(skb, 2); 348 349 /* Copy user data into skb */ 350 error = memcpy_fromiovec(skb->data, m->msg_iov, total_len); 351 if (error < 0) { 352 kfree_skb(skb); 353 goto error_put_sess_tun; 354 } 355 skb_put(skb, total_len); 356 357 l2tp_xmit_skb(session, skb, session->hdr_len); 358 359 sock_put(ps->tunnel_sock); 360 361 return error; 362 363 error_put_sess_tun: 364 sock_put(ps->tunnel_sock); 365 error_put_sess: 366 sock_put(sk); 367 error: 368 return error; 369 } 370 371 /* Transmit function called by generic PPP driver. Sends PPP frame 372 * over PPPoL2TP socket. 373 * 374 * This is almost the same as pppol2tp_sendmsg(), but rather than 375 * being called with a msghdr from userspace, it is called with a skb 376 * from the kernel. 377 * 378 * The supplied skb from ppp doesn't have enough headroom for the 379 * insertion of L2TP, UDP and IP headers so we need to allocate more 380 * headroom in the skb. This will create a cloned skb. But we must be 381 * careful in the error case because the caller will expect to free 382 * the skb it supplied, not our cloned skb. So we take care to always 383 * leave the original skb unfreed if we return an error. 384 */ 385 static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb) 386 { 387 static const u8 ppph[2] = { 0xff, 0x03 }; 388 struct sock *sk = (struct sock *) chan->private; 389 struct sock *sk_tun; 390 struct l2tp_session *session; 391 struct l2tp_tunnel *tunnel; 392 struct pppol2tp_session *ps; 393 int old_headroom; 394 int new_headroom; 395 396 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) 397 goto abort; 398 399 /* Get session and tunnel contexts from the socket */ 400 session = pppol2tp_sock_to_session(sk); 401 if (session == NULL) 402 goto abort; 403 404 ps = l2tp_session_priv(session); 405 sk_tun = ps->tunnel_sock; 406 if (sk_tun == NULL) 407 goto abort_put_sess; 408 tunnel = l2tp_sock_to_tunnel(sk_tun); 409 if (tunnel == NULL) 410 goto abort_put_sess; 411 412 old_headroom = skb_headroom(skb); 413 if (skb_cow_head(skb, sizeof(ppph))) 414 goto abort_put_sess_tun; 415 416 new_headroom = skb_headroom(skb); 417 skb->truesize += new_headroom - old_headroom; 418 419 /* Setup PPP header */ 420 __skb_push(skb, sizeof(ppph)); 421 skb->data[0] = ppph[0]; 422 skb->data[1] = ppph[1]; 423 424 l2tp_xmit_skb(session, skb, session->hdr_len); 425 426 sock_put(sk_tun); 427 sock_put(sk); 428 return 1; 429 430 abort_put_sess_tun: 431 sock_put(sk_tun); 432 abort_put_sess: 433 sock_put(sk); 434 abort: 435 /* Free the original skb */ 436 kfree_skb(skb); 437 return 1; 438 } 439 440 /***************************************************************************** 441 * Session (and tunnel control) socket create/destroy. 442 *****************************************************************************/ 443 444 /* Called by l2tp_core when a session socket is being closed. 445 */ 446 static void pppol2tp_session_close(struct l2tp_session *session) 447 { 448 struct pppol2tp_session *ps = l2tp_session_priv(session); 449 struct sock *sk = ps->sock; 450 struct sk_buff *skb; 451 452 BUG_ON(session->magic != L2TP_SESSION_MAGIC); 453 454 if (session->session_id == 0) 455 goto out; 456 457 if (sk != NULL) { 458 lock_sock(sk); 459 460 if (sk->sk_state & (PPPOX_CONNECTED | PPPOX_BOUND)) { 461 pppox_unbind_sock(sk); 462 sk->sk_state = PPPOX_DEAD; 463 sk->sk_state_change(sk); 464 } 465 466 /* Purge any queued data */ 467 skb_queue_purge(&sk->sk_receive_queue); 468 skb_queue_purge(&sk->sk_write_queue); 469 while ((skb = skb_dequeue(&session->reorder_q))) { 470 kfree_skb(skb); 471 sock_put(sk); 472 } 473 474 release_sock(sk); 475 } 476 477 out: 478 return; 479 } 480 481 /* Really kill the session socket. (Called from sock_put() if 482 * refcnt == 0.) 483 */ 484 static void pppol2tp_session_destruct(struct sock *sk) 485 { 486 struct l2tp_session *session; 487 488 if (sk->sk_user_data != NULL) { 489 session = sk->sk_user_data; 490 if (session == NULL) 491 goto out; 492 493 sk->sk_user_data = NULL; 494 BUG_ON(session->magic != L2TP_SESSION_MAGIC); 495 l2tp_session_dec_refcount(session); 496 } 497 498 out: 499 return; 500 } 501 502 /* Called when the PPPoX socket (session) is closed. 503 */ 504 static int pppol2tp_release(struct socket *sock) 505 { 506 struct sock *sk = sock->sk; 507 struct l2tp_session *session; 508 int error; 509 510 if (!sk) 511 return 0; 512 513 error = -EBADF; 514 lock_sock(sk); 515 if (sock_flag(sk, SOCK_DEAD) != 0) 516 goto error; 517 518 pppox_unbind_sock(sk); 519 520 /* Signal the death of the socket. */ 521 sk->sk_state = PPPOX_DEAD; 522 sock_orphan(sk); 523 sock->sk = NULL; 524 525 session = pppol2tp_sock_to_session(sk); 526 527 /* Purge any queued data */ 528 skb_queue_purge(&sk->sk_receive_queue); 529 skb_queue_purge(&sk->sk_write_queue); 530 if (session != NULL) { 531 struct sk_buff *skb; 532 while ((skb = skb_dequeue(&session->reorder_q))) { 533 kfree_skb(skb); 534 sock_put(sk); 535 } 536 sock_put(sk); 537 } 538 539 release_sock(sk); 540 541 /* This will delete the session context via 542 * pppol2tp_session_destruct() if the socket's refcnt drops to 543 * zero. 544 */ 545 sock_put(sk); 546 547 return 0; 548 549 error: 550 release_sock(sk); 551 return error; 552 } 553 554 static struct proto pppol2tp_sk_proto = { 555 .name = "PPPOL2TP", 556 .owner = THIS_MODULE, 557 .obj_size = sizeof(struct pppox_sock), 558 }; 559 560 static int pppol2tp_backlog_recv(struct sock *sk, struct sk_buff *skb) 561 { 562 int rc; 563 564 rc = l2tp_udp_encap_recv(sk, skb); 565 if (rc) 566 kfree_skb(skb); 567 568 return NET_RX_SUCCESS; 569 } 570 571 /* socket() handler. Initialize a new struct sock. 572 */ 573 static int pppol2tp_create(struct net *net, struct socket *sock) 574 { 575 int error = -ENOMEM; 576 struct sock *sk; 577 578 sk = sk_alloc(net, PF_PPPOX, GFP_KERNEL, &pppol2tp_sk_proto); 579 if (!sk) 580 goto out; 581 582 sock_init_data(sock, sk); 583 584 sock->state = SS_UNCONNECTED; 585 sock->ops = &pppol2tp_ops; 586 587 sk->sk_backlog_rcv = pppol2tp_backlog_recv; 588 sk->sk_protocol = PX_PROTO_OL2TP; 589 sk->sk_family = PF_PPPOX; 590 sk->sk_state = PPPOX_NONE; 591 sk->sk_type = SOCK_STREAM; 592 sk->sk_destruct = pppol2tp_session_destruct; 593 594 error = 0; 595 596 out: 597 return error; 598 } 599 600 #if defined(CONFIG_L2TP_DEBUGFS) || defined(CONFIG_L2TP_DEBUGFS_MODULE) 601 static void pppol2tp_show(struct seq_file *m, void *arg) 602 { 603 struct l2tp_session *session = arg; 604 struct pppol2tp_session *ps = l2tp_session_priv(session); 605 606 if (ps) { 607 struct pppox_sock *po = pppox_sk(ps->sock); 608 if (po) 609 seq_printf(m, " interface %s\n", ppp_dev_name(&po->chan)); 610 } 611 } 612 #endif 613 614 /* connect() handler. Attach a PPPoX socket to a tunnel UDP socket 615 */ 616 static int pppol2tp_connect(struct socket *sock, struct sockaddr *uservaddr, 617 int sockaddr_len, int flags) 618 { 619 struct sock *sk = sock->sk; 620 struct sockaddr_pppol2tp *sp = (struct sockaddr_pppol2tp *) uservaddr; 621 struct sockaddr_pppol2tpv3 *sp3 = (struct sockaddr_pppol2tpv3 *) uservaddr; 622 struct pppox_sock *po = pppox_sk(sk); 623 struct l2tp_session *session = NULL; 624 struct l2tp_tunnel *tunnel; 625 struct pppol2tp_session *ps; 626 struct dst_entry *dst; 627 struct l2tp_session_cfg cfg = { 0, }; 628 int error = 0; 629 u32 tunnel_id, peer_tunnel_id; 630 u32 session_id, peer_session_id; 631 int ver = 2; 632 int fd; 633 634 lock_sock(sk); 635 636 error = -EINVAL; 637 if (sp->sa_protocol != PX_PROTO_OL2TP) 638 goto end; 639 640 /* Check for already bound sockets */ 641 error = -EBUSY; 642 if (sk->sk_state & PPPOX_CONNECTED) 643 goto end; 644 645 /* We don't supporting rebinding anyway */ 646 error = -EALREADY; 647 if (sk->sk_user_data) 648 goto end; /* socket is already attached */ 649 650 /* Get params from socket address. Handle L2TPv2 and L2TPv3 */ 651 if (sockaddr_len == sizeof(struct sockaddr_pppol2tp)) { 652 fd = sp->pppol2tp.fd; 653 tunnel_id = sp->pppol2tp.s_tunnel; 654 peer_tunnel_id = sp->pppol2tp.d_tunnel; 655 session_id = sp->pppol2tp.s_session; 656 peer_session_id = sp->pppol2tp.d_session; 657 } else if (sockaddr_len == sizeof(struct sockaddr_pppol2tpv3)) { 658 ver = 3; 659 fd = sp3->pppol2tp.fd; 660 tunnel_id = sp3->pppol2tp.s_tunnel; 661 peer_tunnel_id = sp3->pppol2tp.d_tunnel; 662 session_id = sp3->pppol2tp.s_session; 663 peer_session_id = sp3->pppol2tp.d_session; 664 } else { 665 error = -EINVAL; 666 goto end; /* bad socket address */ 667 } 668 669 /* Don't bind if tunnel_id is 0 */ 670 error = -EINVAL; 671 if (tunnel_id == 0) 672 goto end; 673 674 tunnel = l2tp_tunnel_find(sock_net(sk), tunnel_id); 675 676 /* Special case: create tunnel context if session_id and 677 * peer_session_id is 0. Otherwise look up tunnel using supplied 678 * tunnel id. 679 */ 680 if ((session_id == 0) && (peer_session_id == 0)) { 681 if (tunnel == NULL) { 682 struct l2tp_tunnel_cfg tcfg = { 683 .encap = L2TP_ENCAPTYPE_UDP, 684 .debug = 0, 685 }; 686 error = l2tp_tunnel_create(sock_net(sk), fd, ver, tunnel_id, peer_tunnel_id, &tcfg, &tunnel); 687 if (error < 0) 688 goto end; 689 } 690 } else { 691 /* Error if we can't find the tunnel */ 692 error = -ENOENT; 693 if (tunnel == NULL) 694 goto end; 695 696 /* Error if socket is not prepped */ 697 if (tunnel->sock == NULL) 698 goto end; 699 } 700 701 if (tunnel->recv_payload_hook == NULL) 702 tunnel->recv_payload_hook = pppol2tp_recv_payload_hook; 703 704 if (tunnel->peer_tunnel_id == 0) { 705 if (ver == 2) 706 tunnel->peer_tunnel_id = sp->pppol2tp.d_tunnel; 707 else 708 tunnel->peer_tunnel_id = sp3->pppol2tp.d_tunnel; 709 } 710 711 /* Create session if it doesn't already exist. We handle the 712 * case where a session was previously created by the netlink 713 * interface by checking that the session doesn't already have 714 * a socket and its tunnel socket are what we expect. If any 715 * of those checks fail, return EEXIST to the caller. 716 */ 717 session = l2tp_session_find(sock_net(sk), tunnel, session_id); 718 if (session == NULL) { 719 /* Default MTU must allow space for UDP/L2TP/PPP 720 * headers. 721 */ 722 cfg.mtu = cfg.mru = 1500 - PPPOL2TP_HEADER_OVERHEAD; 723 724 /* Allocate and initialize a new session context. */ 725 session = l2tp_session_create(sizeof(struct pppol2tp_session), 726 tunnel, session_id, 727 peer_session_id, &cfg); 728 if (session == NULL) { 729 error = -ENOMEM; 730 goto end; 731 } 732 } else { 733 ps = l2tp_session_priv(session); 734 error = -EEXIST; 735 if (ps->sock != NULL) 736 goto end; 737 738 /* consistency checks */ 739 if (ps->tunnel_sock != tunnel->sock) 740 goto end; 741 } 742 743 /* Associate session with its PPPoL2TP socket */ 744 ps = l2tp_session_priv(session); 745 ps->owner = current->pid; 746 ps->sock = sk; 747 ps->tunnel_sock = tunnel->sock; 748 749 session->recv_skb = pppol2tp_recv; 750 session->session_close = pppol2tp_session_close; 751 #if defined(CONFIG_L2TP_DEBUGFS) || defined(CONFIG_L2TP_DEBUGFS_MODULE) 752 session->show = pppol2tp_show; 753 #endif 754 755 /* We need to know each time a skb is dropped from the reorder 756 * queue. 757 */ 758 session->ref = pppol2tp_session_sock_hold; 759 session->deref = pppol2tp_session_sock_put; 760 761 /* If PMTU discovery was enabled, use the MTU that was discovered */ 762 dst = sk_dst_get(sk); 763 if (dst != NULL) { 764 u32 pmtu = dst_mtu(__sk_dst_get(sk)); 765 if (pmtu != 0) 766 session->mtu = session->mru = pmtu - 767 PPPOL2TP_HEADER_OVERHEAD; 768 dst_release(dst); 769 } 770 771 /* Special case: if source & dest session_id == 0x0000, this 772 * socket is being created to manage the tunnel. Just set up 773 * the internal context for use by ioctl() and sockopt() 774 * handlers. 775 */ 776 if ((session->session_id == 0) && 777 (session->peer_session_id == 0)) { 778 error = 0; 779 goto out_no_ppp; 780 } 781 782 /* The only header we need to worry about is the L2TP 783 * header. This size is different depending on whether 784 * sequence numbers are enabled for the data channel. 785 */ 786 po->chan.hdrlen = PPPOL2TP_L2TP_HDR_SIZE_NOSEQ; 787 788 po->chan.private = sk; 789 po->chan.ops = &pppol2tp_chan_ops; 790 po->chan.mtu = session->mtu; 791 792 error = ppp_register_net_channel(sock_net(sk), &po->chan); 793 if (error) 794 goto end; 795 796 out_no_ppp: 797 /* This is how we get the session context from the socket. */ 798 sk->sk_user_data = session; 799 sk->sk_state = PPPOX_CONNECTED; 800 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 801 "%s: created\n", session->name); 802 803 end: 804 release_sock(sk); 805 806 return error; 807 } 808 809 #ifdef CONFIG_L2TP_V3 810 811 /* Called when creating sessions via the netlink interface. 812 */ 813 static int pppol2tp_session_create(struct net *net, u32 tunnel_id, u32 session_id, u32 peer_session_id, struct l2tp_session_cfg *cfg) 814 { 815 int error; 816 struct l2tp_tunnel *tunnel; 817 struct l2tp_session *session; 818 struct pppol2tp_session *ps; 819 820 tunnel = l2tp_tunnel_find(net, tunnel_id); 821 822 /* Error if we can't find the tunnel */ 823 error = -ENOENT; 824 if (tunnel == NULL) 825 goto out; 826 827 /* Error if tunnel socket is not prepped */ 828 if (tunnel->sock == NULL) 829 goto out; 830 831 /* Check that this session doesn't already exist */ 832 error = -EEXIST; 833 session = l2tp_session_find(net, tunnel, session_id); 834 if (session != NULL) 835 goto out; 836 837 /* Default MTU values. */ 838 if (cfg->mtu == 0) 839 cfg->mtu = 1500 - PPPOL2TP_HEADER_OVERHEAD; 840 if (cfg->mru == 0) 841 cfg->mru = cfg->mtu; 842 843 /* Allocate and initialize a new session context. */ 844 error = -ENOMEM; 845 session = l2tp_session_create(sizeof(struct pppol2tp_session), 846 tunnel, session_id, 847 peer_session_id, cfg); 848 if (session == NULL) 849 goto out; 850 851 ps = l2tp_session_priv(session); 852 ps->tunnel_sock = tunnel->sock; 853 854 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 855 "%s: created\n", session->name); 856 857 error = 0; 858 859 out: 860 return error; 861 } 862 863 /* Called when deleting sessions via the netlink interface. 864 */ 865 static int pppol2tp_session_delete(struct l2tp_session *session) 866 { 867 struct pppol2tp_session *ps = l2tp_session_priv(session); 868 869 if (ps->sock == NULL) 870 l2tp_session_dec_refcount(session); 871 872 return 0; 873 } 874 875 #endif /* CONFIG_L2TP_V3 */ 876 877 /* getname() support. 878 */ 879 static int pppol2tp_getname(struct socket *sock, struct sockaddr *uaddr, 880 int *usockaddr_len, int peer) 881 { 882 int len = 0; 883 int error = 0; 884 struct l2tp_session *session; 885 struct l2tp_tunnel *tunnel; 886 struct sock *sk = sock->sk; 887 struct inet_sock *inet; 888 struct pppol2tp_session *pls; 889 890 error = -ENOTCONN; 891 if (sk == NULL) 892 goto end; 893 if (sk->sk_state != PPPOX_CONNECTED) 894 goto end; 895 896 error = -EBADF; 897 session = pppol2tp_sock_to_session(sk); 898 if (session == NULL) 899 goto end; 900 901 pls = l2tp_session_priv(session); 902 tunnel = l2tp_sock_to_tunnel(pls->tunnel_sock); 903 if (tunnel == NULL) { 904 error = -EBADF; 905 goto end_put_sess; 906 } 907 908 inet = inet_sk(sk); 909 if (tunnel->version == 2) { 910 struct sockaddr_pppol2tp sp; 911 len = sizeof(sp); 912 memset(&sp, 0, len); 913 sp.sa_family = AF_PPPOX; 914 sp.sa_protocol = PX_PROTO_OL2TP; 915 sp.pppol2tp.fd = tunnel->fd; 916 sp.pppol2tp.pid = pls->owner; 917 sp.pppol2tp.s_tunnel = tunnel->tunnel_id; 918 sp.pppol2tp.d_tunnel = tunnel->peer_tunnel_id; 919 sp.pppol2tp.s_session = session->session_id; 920 sp.pppol2tp.d_session = session->peer_session_id; 921 sp.pppol2tp.addr.sin_family = AF_INET; 922 sp.pppol2tp.addr.sin_port = inet->inet_dport; 923 sp.pppol2tp.addr.sin_addr.s_addr = inet->inet_daddr; 924 memcpy(uaddr, &sp, len); 925 } else if (tunnel->version == 3) { 926 struct sockaddr_pppol2tpv3 sp; 927 len = sizeof(sp); 928 memset(&sp, 0, len); 929 sp.sa_family = AF_PPPOX; 930 sp.sa_protocol = PX_PROTO_OL2TP; 931 sp.pppol2tp.fd = tunnel->fd; 932 sp.pppol2tp.pid = pls->owner; 933 sp.pppol2tp.s_tunnel = tunnel->tunnel_id; 934 sp.pppol2tp.d_tunnel = tunnel->peer_tunnel_id; 935 sp.pppol2tp.s_session = session->session_id; 936 sp.pppol2tp.d_session = session->peer_session_id; 937 sp.pppol2tp.addr.sin_family = AF_INET; 938 sp.pppol2tp.addr.sin_port = inet->inet_dport; 939 sp.pppol2tp.addr.sin_addr.s_addr = inet->inet_daddr; 940 memcpy(uaddr, &sp, len); 941 } 942 943 *usockaddr_len = len; 944 945 sock_put(pls->tunnel_sock); 946 end_put_sess: 947 sock_put(sk); 948 error = 0; 949 950 end: 951 return error; 952 } 953 954 /**************************************************************************** 955 * ioctl() handlers. 956 * 957 * The PPPoX socket is created for L2TP sessions: tunnels have their own UDP 958 * sockets. However, in order to control kernel tunnel features, we allow 959 * userspace to create a special "tunnel" PPPoX socket which is used for 960 * control only. Tunnel PPPoX sockets have session_id == 0 and simply allow 961 * the user application to issue L2TP setsockopt(), getsockopt() and ioctl() 962 * calls. 963 ****************************************************************************/ 964 965 static void pppol2tp_copy_stats(struct pppol2tp_ioc_stats *dest, 966 struct l2tp_stats *stats) 967 { 968 dest->tx_packets = stats->tx_packets; 969 dest->tx_bytes = stats->tx_bytes; 970 dest->tx_errors = stats->tx_errors; 971 dest->rx_packets = stats->rx_packets; 972 dest->rx_bytes = stats->rx_bytes; 973 dest->rx_seq_discards = stats->rx_seq_discards; 974 dest->rx_oos_packets = stats->rx_oos_packets; 975 dest->rx_errors = stats->rx_errors; 976 } 977 978 /* Session ioctl helper. 979 */ 980 static int pppol2tp_session_ioctl(struct l2tp_session *session, 981 unsigned int cmd, unsigned long arg) 982 { 983 struct ifreq ifr; 984 int err = 0; 985 struct sock *sk; 986 int val = (int) arg; 987 struct pppol2tp_session *ps = l2tp_session_priv(session); 988 struct l2tp_tunnel *tunnel = session->tunnel; 989 struct pppol2tp_ioc_stats stats; 990 991 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_DEBUG, 992 "%s: pppol2tp_session_ioctl(cmd=%#x, arg=%#lx)\n", 993 session->name, cmd, arg); 994 995 sk = ps->sock; 996 sock_hold(sk); 997 998 switch (cmd) { 999 case SIOCGIFMTU: 1000 err = -ENXIO; 1001 if (!(sk->sk_state & PPPOX_CONNECTED)) 1002 break; 1003 1004 err = -EFAULT; 1005 if (copy_from_user(&ifr, (void __user *) arg, sizeof(struct ifreq))) 1006 break; 1007 ifr.ifr_mtu = session->mtu; 1008 if (copy_to_user((void __user *) arg, &ifr, sizeof(struct ifreq))) 1009 break; 1010 1011 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1012 "%s: get mtu=%d\n", session->name, session->mtu); 1013 err = 0; 1014 break; 1015 1016 case SIOCSIFMTU: 1017 err = -ENXIO; 1018 if (!(sk->sk_state & PPPOX_CONNECTED)) 1019 break; 1020 1021 err = -EFAULT; 1022 if (copy_from_user(&ifr, (void __user *) arg, sizeof(struct ifreq))) 1023 break; 1024 1025 session->mtu = ifr.ifr_mtu; 1026 1027 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1028 "%s: set mtu=%d\n", session->name, session->mtu); 1029 err = 0; 1030 break; 1031 1032 case PPPIOCGMRU: 1033 err = -ENXIO; 1034 if (!(sk->sk_state & PPPOX_CONNECTED)) 1035 break; 1036 1037 err = -EFAULT; 1038 if (put_user(session->mru, (int __user *) arg)) 1039 break; 1040 1041 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1042 "%s: get mru=%d\n", session->name, session->mru); 1043 err = 0; 1044 break; 1045 1046 case PPPIOCSMRU: 1047 err = -ENXIO; 1048 if (!(sk->sk_state & PPPOX_CONNECTED)) 1049 break; 1050 1051 err = -EFAULT; 1052 if (get_user(val, (int __user *) arg)) 1053 break; 1054 1055 session->mru = val; 1056 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1057 "%s: set mru=%d\n", session->name, session->mru); 1058 err = 0; 1059 break; 1060 1061 case PPPIOCGFLAGS: 1062 err = -EFAULT; 1063 if (put_user(ps->flags, (int __user *) arg)) 1064 break; 1065 1066 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1067 "%s: get flags=%d\n", session->name, ps->flags); 1068 err = 0; 1069 break; 1070 1071 case PPPIOCSFLAGS: 1072 err = -EFAULT; 1073 if (get_user(val, (int __user *) arg)) 1074 break; 1075 ps->flags = val; 1076 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1077 "%s: set flags=%d\n", session->name, ps->flags); 1078 err = 0; 1079 break; 1080 1081 case PPPIOCGL2TPSTATS: 1082 err = -ENXIO; 1083 if (!(sk->sk_state & PPPOX_CONNECTED)) 1084 break; 1085 1086 memset(&stats, 0, sizeof(stats)); 1087 stats.tunnel_id = tunnel->tunnel_id; 1088 stats.session_id = session->session_id; 1089 pppol2tp_copy_stats(&stats, &session->stats); 1090 if (copy_to_user((void __user *) arg, &stats, 1091 sizeof(stats))) 1092 break; 1093 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1094 "%s: get L2TP stats\n", session->name); 1095 err = 0; 1096 break; 1097 1098 default: 1099 err = -ENOSYS; 1100 break; 1101 } 1102 1103 sock_put(sk); 1104 1105 return err; 1106 } 1107 1108 /* Tunnel ioctl helper. 1109 * 1110 * Note the special handling for PPPIOCGL2TPSTATS below. If the ioctl data 1111 * specifies a session_id, the session ioctl handler is called. This allows an 1112 * application to retrieve session stats via a tunnel socket. 1113 */ 1114 static int pppol2tp_tunnel_ioctl(struct l2tp_tunnel *tunnel, 1115 unsigned int cmd, unsigned long arg) 1116 { 1117 int err = 0; 1118 struct sock *sk; 1119 struct pppol2tp_ioc_stats stats; 1120 1121 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_DEBUG, 1122 "%s: pppol2tp_tunnel_ioctl(cmd=%#x, arg=%#lx)\n", 1123 tunnel->name, cmd, arg); 1124 1125 sk = tunnel->sock; 1126 sock_hold(sk); 1127 1128 switch (cmd) { 1129 case PPPIOCGL2TPSTATS: 1130 err = -ENXIO; 1131 if (!(sk->sk_state & PPPOX_CONNECTED)) 1132 break; 1133 1134 if (copy_from_user(&stats, (void __user *) arg, 1135 sizeof(stats))) { 1136 err = -EFAULT; 1137 break; 1138 } 1139 if (stats.session_id != 0) { 1140 /* resend to session ioctl handler */ 1141 struct l2tp_session *session = 1142 l2tp_session_find(sock_net(sk), tunnel, stats.session_id); 1143 if (session != NULL) 1144 err = pppol2tp_session_ioctl(session, cmd, arg); 1145 else 1146 err = -EBADR; 1147 break; 1148 } 1149 #ifdef CONFIG_XFRM 1150 stats.using_ipsec = (sk->sk_policy[0] || sk->sk_policy[1]) ? 1 : 0; 1151 #endif 1152 pppol2tp_copy_stats(&stats, &tunnel->stats); 1153 if (copy_to_user((void __user *) arg, &stats, sizeof(stats))) { 1154 err = -EFAULT; 1155 break; 1156 } 1157 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1158 "%s: get L2TP stats\n", tunnel->name); 1159 err = 0; 1160 break; 1161 1162 default: 1163 err = -ENOSYS; 1164 break; 1165 } 1166 1167 sock_put(sk); 1168 1169 return err; 1170 } 1171 1172 /* Main ioctl() handler. 1173 * Dispatch to tunnel or session helpers depending on the socket. 1174 */ 1175 static int pppol2tp_ioctl(struct socket *sock, unsigned int cmd, 1176 unsigned long arg) 1177 { 1178 struct sock *sk = sock->sk; 1179 struct l2tp_session *session; 1180 struct l2tp_tunnel *tunnel; 1181 struct pppol2tp_session *ps; 1182 int err; 1183 1184 if (!sk) 1185 return 0; 1186 1187 err = -EBADF; 1188 if (sock_flag(sk, SOCK_DEAD) != 0) 1189 goto end; 1190 1191 err = -ENOTCONN; 1192 if ((sk->sk_user_data == NULL) || 1193 (!(sk->sk_state & (PPPOX_CONNECTED | PPPOX_BOUND)))) 1194 goto end; 1195 1196 /* Get session context from the socket */ 1197 err = -EBADF; 1198 session = pppol2tp_sock_to_session(sk); 1199 if (session == NULL) 1200 goto end; 1201 1202 /* Special case: if session's session_id is zero, treat ioctl as a 1203 * tunnel ioctl 1204 */ 1205 ps = l2tp_session_priv(session); 1206 if ((session->session_id == 0) && 1207 (session->peer_session_id == 0)) { 1208 err = -EBADF; 1209 tunnel = l2tp_sock_to_tunnel(ps->tunnel_sock); 1210 if (tunnel == NULL) 1211 goto end_put_sess; 1212 1213 err = pppol2tp_tunnel_ioctl(tunnel, cmd, arg); 1214 sock_put(ps->tunnel_sock); 1215 goto end_put_sess; 1216 } 1217 1218 err = pppol2tp_session_ioctl(session, cmd, arg); 1219 1220 end_put_sess: 1221 sock_put(sk); 1222 end: 1223 return err; 1224 } 1225 1226 /***************************************************************************** 1227 * setsockopt() / getsockopt() support. 1228 * 1229 * The PPPoX socket is created for L2TP sessions: tunnels have their own UDP 1230 * sockets. In order to control kernel tunnel features, we allow userspace to 1231 * create a special "tunnel" PPPoX socket which is used for control only. 1232 * Tunnel PPPoX sockets have session_id == 0 and simply allow the user 1233 * application to issue L2TP setsockopt(), getsockopt() and ioctl() calls. 1234 *****************************************************************************/ 1235 1236 /* Tunnel setsockopt() helper. 1237 */ 1238 static int pppol2tp_tunnel_setsockopt(struct sock *sk, 1239 struct l2tp_tunnel *tunnel, 1240 int optname, int val) 1241 { 1242 int err = 0; 1243 1244 switch (optname) { 1245 case PPPOL2TP_SO_DEBUG: 1246 tunnel->debug = val; 1247 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1248 "%s: set debug=%x\n", tunnel->name, tunnel->debug); 1249 break; 1250 1251 default: 1252 err = -ENOPROTOOPT; 1253 break; 1254 } 1255 1256 return err; 1257 } 1258 1259 /* Session setsockopt helper. 1260 */ 1261 static int pppol2tp_session_setsockopt(struct sock *sk, 1262 struct l2tp_session *session, 1263 int optname, int val) 1264 { 1265 int err = 0; 1266 struct pppol2tp_session *ps = l2tp_session_priv(session); 1267 1268 switch (optname) { 1269 case PPPOL2TP_SO_RECVSEQ: 1270 if ((val != 0) && (val != 1)) { 1271 err = -EINVAL; 1272 break; 1273 } 1274 session->recv_seq = val ? -1 : 0; 1275 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1276 "%s: set recv_seq=%d\n", session->name, session->recv_seq); 1277 break; 1278 1279 case PPPOL2TP_SO_SENDSEQ: 1280 if ((val != 0) && (val != 1)) { 1281 err = -EINVAL; 1282 break; 1283 } 1284 session->send_seq = val ? -1 : 0; 1285 { 1286 struct sock *ssk = ps->sock; 1287 struct pppox_sock *po = pppox_sk(ssk); 1288 po->chan.hdrlen = val ? PPPOL2TP_L2TP_HDR_SIZE_SEQ : 1289 PPPOL2TP_L2TP_HDR_SIZE_NOSEQ; 1290 } 1291 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1292 "%s: set send_seq=%d\n", session->name, session->send_seq); 1293 break; 1294 1295 case PPPOL2TP_SO_LNSMODE: 1296 if ((val != 0) && (val != 1)) { 1297 err = -EINVAL; 1298 break; 1299 } 1300 session->lns_mode = val ? -1 : 0; 1301 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1302 "%s: set lns_mode=%d\n", session->name, session->lns_mode); 1303 break; 1304 1305 case PPPOL2TP_SO_DEBUG: 1306 session->debug = val; 1307 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1308 "%s: set debug=%x\n", session->name, session->debug); 1309 break; 1310 1311 case PPPOL2TP_SO_REORDERTO: 1312 session->reorder_timeout = msecs_to_jiffies(val); 1313 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1314 "%s: set reorder_timeout=%d\n", session->name, session->reorder_timeout); 1315 break; 1316 1317 default: 1318 err = -ENOPROTOOPT; 1319 break; 1320 } 1321 1322 return err; 1323 } 1324 1325 /* Main setsockopt() entry point. 1326 * Does API checks, then calls either the tunnel or session setsockopt 1327 * handler, according to whether the PPPoL2TP socket is a for a regular 1328 * session or the special tunnel type. 1329 */ 1330 static int pppol2tp_setsockopt(struct socket *sock, int level, int optname, 1331 char __user *optval, unsigned int optlen) 1332 { 1333 struct sock *sk = sock->sk; 1334 struct l2tp_session *session; 1335 struct l2tp_tunnel *tunnel; 1336 struct pppol2tp_session *ps; 1337 int val; 1338 int err; 1339 1340 if (level != SOL_PPPOL2TP) 1341 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 1342 1343 if (optlen < sizeof(int)) 1344 return -EINVAL; 1345 1346 if (get_user(val, (int __user *)optval)) 1347 return -EFAULT; 1348 1349 err = -ENOTCONN; 1350 if (sk->sk_user_data == NULL) 1351 goto end; 1352 1353 /* Get session context from the socket */ 1354 err = -EBADF; 1355 session = pppol2tp_sock_to_session(sk); 1356 if (session == NULL) 1357 goto end; 1358 1359 /* Special case: if session_id == 0x0000, treat as operation on tunnel 1360 */ 1361 ps = l2tp_session_priv(session); 1362 if ((session->session_id == 0) && 1363 (session->peer_session_id == 0)) { 1364 err = -EBADF; 1365 tunnel = l2tp_sock_to_tunnel(ps->tunnel_sock); 1366 if (tunnel == NULL) 1367 goto end_put_sess; 1368 1369 err = pppol2tp_tunnel_setsockopt(sk, tunnel, optname, val); 1370 sock_put(ps->tunnel_sock); 1371 } else 1372 err = pppol2tp_session_setsockopt(sk, session, optname, val); 1373 1374 err = 0; 1375 1376 end_put_sess: 1377 sock_put(sk); 1378 end: 1379 return err; 1380 } 1381 1382 /* Tunnel getsockopt helper. Called with sock locked. 1383 */ 1384 static int pppol2tp_tunnel_getsockopt(struct sock *sk, 1385 struct l2tp_tunnel *tunnel, 1386 int optname, int *val) 1387 { 1388 int err = 0; 1389 1390 switch (optname) { 1391 case PPPOL2TP_SO_DEBUG: 1392 *val = tunnel->debug; 1393 PRINTK(tunnel->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1394 "%s: get debug=%x\n", tunnel->name, tunnel->debug); 1395 break; 1396 1397 default: 1398 err = -ENOPROTOOPT; 1399 break; 1400 } 1401 1402 return err; 1403 } 1404 1405 /* Session getsockopt helper. Called with sock locked. 1406 */ 1407 static int pppol2tp_session_getsockopt(struct sock *sk, 1408 struct l2tp_session *session, 1409 int optname, int *val) 1410 { 1411 int err = 0; 1412 1413 switch (optname) { 1414 case PPPOL2TP_SO_RECVSEQ: 1415 *val = session->recv_seq; 1416 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1417 "%s: get recv_seq=%d\n", session->name, *val); 1418 break; 1419 1420 case PPPOL2TP_SO_SENDSEQ: 1421 *val = session->send_seq; 1422 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1423 "%s: get send_seq=%d\n", session->name, *val); 1424 break; 1425 1426 case PPPOL2TP_SO_LNSMODE: 1427 *val = session->lns_mode; 1428 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1429 "%s: get lns_mode=%d\n", session->name, *val); 1430 break; 1431 1432 case PPPOL2TP_SO_DEBUG: 1433 *val = session->debug; 1434 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1435 "%s: get debug=%d\n", session->name, *val); 1436 break; 1437 1438 case PPPOL2TP_SO_REORDERTO: 1439 *val = (int) jiffies_to_msecs(session->reorder_timeout); 1440 PRINTK(session->debug, PPPOL2TP_MSG_CONTROL, KERN_INFO, 1441 "%s: get reorder_timeout=%d\n", session->name, *val); 1442 break; 1443 1444 default: 1445 err = -ENOPROTOOPT; 1446 } 1447 1448 return err; 1449 } 1450 1451 /* Main getsockopt() entry point. 1452 * Does API checks, then calls either the tunnel or session getsockopt 1453 * handler, according to whether the PPPoX socket is a for a regular session 1454 * or the special tunnel type. 1455 */ 1456 static int pppol2tp_getsockopt(struct socket *sock, int level, 1457 int optname, char __user *optval, int __user *optlen) 1458 { 1459 struct sock *sk = sock->sk; 1460 struct l2tp_session *session; 1461 struct l2tp_tunnel *tunnel; 1462 int val, len; 1463 int err; 1464 struct pppol2tp_session *ps; 1465 1466 if (level != SOL_PPPOL2TP) 1467 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1468 1469 if (get_user(len, (int __user *) optlen)) 1470 return -EFAULT; 1471 1472 len = min_t(unsigned int, len, sizeof(int)); 1473 1474 if (len < 0) 1475 return -EINVAL; 1476 1477 err = -ENOTCONN; 1478 if (sk->sk_user_data == NULL) 1479 goto end; 1480 1481 /* Get the session context */ 1482 err = -EBADF; 1483 session = pppol2tp_sock_to_session(sk); 1484 if (session == NULL) 1485 goto end; 1486 1487 /* Special case: if session_id == 0x0000, treat as operation on tunnel */ 1488 ps = l2tp_session_priv(session); 1489 if ((session->session_id == 0) && 1490 (session->peer_session_id == 0)) { 1491 err = -EBADF; 1492 tunnel = l2tp_sock_to_tunnel(ps->tunnel_sock); 1493 if (tunnel == NULL) 1494 goto end_put_sess; 1495 1496 err = pppol2tp_tunnel_getsockopt(sk, tunnel, optname, &val); 1497 sock_put(ps->tunnel_sock); 1498 } else 1499 err = pppol2tp_session_getsockopt(sk, session, optname, &val); 1500 1501 err = -EFAULT; 1502 if (put_user(len, (int __user *) optlen)) 1503 goto end_put_sess; 1504 1505 if (copy_to_user((void __user *) optval, &val, len)) 1506 goto end_put_sess; 1507 1508 err = 0; 1509 1510 end_put_sess: 1511 sock_put(sk); 1512 end: 1513 return err; 1514 } 1515 1516 /***************************************************************************** 1517 * /proc filesystem for debug 1518 * Since the original pppol2tp driver provided /proc/net/pppol2tp for 1519 * L2TPv2, we dump only L2TPv2 tunnels and sessions here. 1520 *****************************************************************************/ 1521 1522 static unsigned int pppol2tp_net_id; 1523 1524 #ifdef CONFIG_PROC_FS 1525 1526 struct pppol2tp_seq_data { 1527 struct seq_net_private p; 1528 int tunnel_idx; /* current tunnel */ 1529 int session_idx; /* index of session within current tunnel */ 1530 struct l2tp_tunnel *tunnel; 1531 struct l2tp_session *session; /* NULL means get next tunnel */ 1532 }; 1533 1534 static void pppol2tp_next_tunnel(struct net *net, struct pppol2tp_seq_data *pd) 1535 { 1536 for (;;) { 1537 pd->tunnel = l2tp_tunnel_find_nth(net, pd->tunnel_idx); 1538 pd->tunnel_idx++; 1539 1540 if (pd->tunnel == NULL) 1541 break; 1542 1543 /* Ignore L2TPv3 tunnels */ 1544 if (pd->tunnel->version < 3) 1545 break; 1546 } 1547 } 1548 1549 static void pppol2tp_next_session(struct net *net, struct pppol2tp_seq_data *pd) 1550 { 1551 pd->session = l2tp_session_find_nth(pd->tunnel, pd->session_idx); 1552 pd->session_idx++; 1553 1554 if (pd->session == NULL) { 1555 pd->session_idx = 0; 1556 pppol2tp_next_tunnel(net, pd); 1557 } 1558 } 1559 1560 static void *pppol2tp_seq_start(struct seq_file *m, loff_t *offs) 1561 { 1562 struct pppol2tp_seq_data *pd = SEQ_START_TOKEN; 1563 loff_t pos = *offs; 1564 struct net *net; 1565 1566 if (!pos) 1567 goto out; 1568 1569 BUG_ON(m->private == NULL); 1570 pd = m->private; 1571 net = seq_file_net(m); 1572 1573 if (pd->tunnel == NULL) 1574 pppol2tp_next_tunnel(net, pd); 1575 else 1576 pppol2tp_next_session(net, pd); 1577 1578 /* NULL tunnel and session indicates end of list */ 1579 if ((pd->tunnel == NULL) && (pd->session == NULL)) 1580 pd = NULL; 1581 1582 out: 1583 return pd; 1584 } 1585 1586 static void *pppol2tp_seq_next(struct seq_file *m, void *v, loff_t *pos) 1587 { 1588 (*pos)++; 1589 return NULL; 1590 } 1591 1592 static void pppol2tp_seq_stop(struct seq_file *p, void *v) 1593 { 1594 /* nothing to do */ 1595 } 1596 1597 static void pppol2tp_seq_tunnel_show(struct seq_file *m, void *v) 1598 { 1599 struct l2tp_tunnel *tunnel = v; 1600 1601 seq_printf(m, "\nTUNNEL '%s', %c %d\n", 1602 tunnel->name, 1603 (tunnel == tunnel->sock->sk_user_data) ? 'Y' : 'N', 1604 atomic_read(&tunnel->ref_count) - 1); 1605 seq_printf(m, " %08x %llu/%llu/%llu %llu/%llu/%llu\n", 1606 tunnel->debug, 1607 (unsigned long long)tunnel->stats.tx_packets, 1608 (unsigned long long)tunnel->stats.tx_bytes, 1609 (unsigned long long)tunnel->stats.tx_errors, 1610 (unsigned long long)tunnel->stats.rx_packets, 1611 (unsigned long long)tunnel->stats.rx_bytes, 1612 (unsigned long long)tunnel->stats.rx_errors); 1613 } 1614 1615 static void pppol2tp_seq_session_show(struct seq_file *m, void *v) 1616 { 1617 struct l2tp_session *session = v; 1618 struct l2tp_tunnel *tunnel = session->tunnel; 1619 struct pppol2tp_session *ps = l2tp_session_priv(session); 1620 struct pppox_sock *po = pppox_sk(ps->sock); 1621 u32 ip = 0; 1622 u16 port = 0; 1623 1624 if (tunnel->sock) { 1625 struct inet_sock *inet = inet_sk(tunnel->sock); 1626 ip = ntohl(inet->inet_saddr); 1627 port = ntohs(inet->inet_sport); 1628 } 1629 1630 seq_printf(m, " SESSION '%s' %08X/%d %04X/%04X -> " 1631 "%04X/%04X %d %c\n", 1632 session->name, ip, port, 1633 tunnel->tunnel_id, 1634 session->session_id, 1635 tunnel->peer_tunnel_id, 1636 session->peer_session_id, 1637 ps->sock->sk_state, 1638 (session == ps->sock->sk_user_data) ? 1639 'Y' : 'N'); 1640 seq_printf(m, " %d/%d/%c/%c/%s %08x %u\n", 1641 session->mtu, session->mru, 1642 session->recv_seq ? 'R' : '-', 1643 session->send_seq ? 'S' : '-', 1644 session->lns_mode ? "LNS" : "LAC", 1645 session->debug, 1646 jiffies_to_msecs(session->reorder_timeout)); 1647 seq_printf(m, " %hu/%hu %llu/%llu/%llu %llu/%llu/%llu\n", 1648 session->nr, session->ns, 1649 (unsigned long long)session->stats.tx_packets, 1650 (unsigned long long)session->stats.tx_bytes, 1651 (unsigned long long)session->stats.tx_errors, 1652 (unsigned long long)session->stats.rx_packets, 1653 (unsigned long long)session->stats.rx_bytes, 1654 (unsigned long long)session->stats.rx_errors); 1655 1656 if (po) 1657 seq_printf(m, " interface %s\n", ppp_dev_name(&po->chan)); 1658 } 1659 1660 static int pppol2tp_seq_show(struct seq_file *m, void *v) 1661 { 1662 struct pppol2tp_seq_data *pd = v; 1663 1664 /* display header on line 1 */ 1665 if (v == SEQ_START_TOKEN) { 1666 seq_puts(m, "PPPoL2TP driver info, " PPPOL2TP_DRV_VERSION "\n"); 1667 seq_puts(m, "TUNNEL name, user-data-ok session-count\n"); 1668 seq_puts(m, " debug tx-pkts/bytes/errs rx-pkts/bytes/errs\n"); 1669 seq_puts(m, " SESSION name, addr/port src-tid/sid " 1670 "dest-tid/sid state user-data-ok\n"); 1671 seq_puts(m, " mtu/mru/rcvseq/sendseq/lns debug reorderto\n"); 1672 seq_puts(m, " nr/ns tx-pkts/bytes/errs rx-pkts/bytes/errs\n"); 1673 goto out; 1674 } 1675 1676 /* Show the tunnel or session context. 1677 */ 1678 if (pd->session == NULL) 1679 pppol2tp_seq_tunnel_show(m, pd->tunnel); 1680 else 1681 pppol2tp_seq_session_show(m, pd->session); 1682 1683 out: 1684 return 0; 1685 } 1686 1687 static const struct seq_operations pppol2tp_seq_ops = { 1688 .start = pppol2tp_seq_start, 1689 .next = pppol2tp_seq_next, 1690 .stop = pppol2tp_seq_stop, 1691 .show = pppol2tp_seq_show, 1692 }; 1693 1694 /* Called when our /proc file is opened. We allocate data for use when 1695 * iterating our tunnel / session contexts and store it in the private 1696 * data of the seq_file. 1697 */ 1698 static int pppol2tp_proc_open(struct inode *inode, struct file *file) 1699 { 1700 return seq_open_net(inode, file, &pppol2tp_seq_ops, 1701 sizeof(struct pppol2tp_seq_data)); 1702 } 1703 1704 static const struct file_operations pppol2tp_proc_fops = { 1705 .owner = THIS_MODULE, 1706 .open = pppol2tp_proc_open, 1707 .read = seq_read, 1708 .llseek = seq_lseek, 1709 .release = seq_release_net, 1710 }; 1711 1712 #endif /* CONFIG_PROC_FS */ 1713 1714 /***************************************************************************** 1715 * Network namespace 1716 *****************************************************************************/ 1717 1718 static __net_init int pppol2tp_init_net(struct net *net) 1719 { 1720 struct proc_dir_entry *pde; 1721 int err = 0; 1722 1723 pde = proc_net_fops_create(net, "pppol2tp", S_IRUGO, &pppol2tp_proc_fops); 1724 if (!pde) { 1725 err = -ENOMEM; 1726 goto out; 1727 } 1728 1729 out: 1730 return err; 1731 } 1732 1733 static __net_exit void pppol2tp_exit_net(struct net *net) 1734 { 1735 proc_net_remove(net, "pppol2tp"); 1736 } 1737 1738 static struct pernet_operations pppol2tp_net_ops = { 1739 .init = pppol2tp_init_net, 1740 .exit = pppol2tp_exit_net, 1741 .id = &pppol2tp_net_id, 1742 }; 1743 1744 /***************************************************************************** 1745 * Init and cleanup 1746 *****************************************************************************/ 1747 1748 static const struct proto_ops pppol2tp_ops = { 1749 .family = AF_PPPOX, 1750 .owner = THIS_MODULE, 1751 .release = pppol2tp_release, 1752 .bind = sock_no_bind, 1753 .connect = pppol2tp_connect, 1754 .socketpair = sock_no_socketpair, 1755 .accept = sock_no_accept, 1756 .getname = pppol2tp_getname, 1757 .poll = datagram_poll, 1758 .listen = sock_no_listen, 1759 .shutdown = sock_no_shutdown, 1760 .setsockopt = pppol2tp_setsockopt, 1761 .getsockopt = pppol2tp_getsockopt, 1762 .sendmsg = pppol2tp_sendmsg, 1763 .recvmsg = pppol2tp_recvmsg, 1764 .mmap = sock_no_mmap, 1765 .ioctl = pppox_ioctl, 1766 }; 1767 1768 static struct pppox_proto pppol2tp_proto = { 1769 .create = pppol2tp_create, 1770 .ioctl = pppol2tp_ioctl 1771 }; 1772 1773 #ifdef CONFIG_L2TP_V3 1774 1775 static const struct l2tp_nl_cmd_ops pppol2tp_nl_cmd_ops = { 1776 .session_create = pppol2tp_session_create, 1777 .session_delete = pppol2tp_session_delete, 1778 }; 1779 1780 #endif /* CONFIG_L2TP_V3 */ 1781 1782 static int __init pppol2tp_init(void) 1783 { 1784 int err; 1785 1786 err = register_pernet_device(&pppol2tp_net_ops); 1787 if (err) 1788 goto out; 1789 1790 err = proto_register(&pppol2tp_sk_proto, 0); 1791 if (err) 1792 goto out_unregister_pppol2tp_pernet; 1793 1794 err = register_pppox_proto(PX_PROTO_OL2TP, &pppol2tp_proto); 1795 if (err) 1796 goto out_unregister_pppol2tp_proto; 1797 1798 #ifdef CONFIG_L2TP_V3 1799 err = l2tp_nl_register_ops(L2TP_PWTYPE_PPP, &pppol2tp_nl_cmd_ops); 1800 if (err) 1801 goto out_unregister_pppox; 1802 #endif 1803 1804 printk(KERN_INFO "PPPoL2TP kernel driver, %s\n", 1805 PPPOL2TP_DRV_VERSION); 1806 1807 out: 1808 return err; 1809 1810 #ifdef CONFIG_L2TP_V3 1811 out_unregister_pppox: 1812 unregister_pppox_proto(PX_PROTO_OL2TP); 1813 #endif 1814 out_unregister_pppol2tp_proto: 1815 proto_unregister(&pppol2tp_sk_proto); 1816 out_unregister_pppol2tp_pernet: 1817 unregister_pernet_device(&pppol2tp_net_ops); 1818 goto out; 1819 } 1820 1821 static void __exit pppol2tp_exit(void) 1822 { 1823 #ifdef CONFIG_L2TP_V3 1824 l2tp_nl_unregister_ops(L2TP_PWTYPE_PPP); 1825 #endif 1826 unregister_pppox_proto(PX_PROTO_OL2TP); 1827 proto_unregister(&pppol2tp_sk_proto); 1828 unregister_pernet_device(&pppol2tp_net_ops); 1829 } 1830 1831 module_init(pppol2tp_init); 1832 module_exit(pppol2tp_exit); 1833 1834 MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1835 MODULE_DESCRIPTION("PPP over L2TP over UDP"); 1836 MODULE_LICENSE("GPL"); 1837 MODULE_VERSION(PPPOL2TP_DRV_VERSION); 1838