l2tp_ppp.c (43368B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/***************************************************************************** 3 * Linux PPP over L2TP (PPPoX/PPPoL2TP) Sockets 4 * 5 * PPPoX --- Generic PPP encapsulation socket family 6 * PPPoL2TP --- PPP over L2TP (RFC 2661) 7 * 8 * Version: 2.0.0 9 * 10 * Authors: James Chapman (jchapman@katalix.com) 11 * 12 * Based on original work by Martijn van Oosterhout <kleptog@svana.org> 13 * 14 * License: 15 */ 16 17/* This driver handles only L2TP data frames; control frames are handled by a 18 * userspace application. 19 * 20 * To send data in an L2TP session, userspace opens a PPPoL2TP socket and 21 * attaches it to a bound UDP socket with local tunnel_id / session_id and 22 * peer tunnel_id / session_id set. Data can then be sent or received using 23 * regular socket sendmsg() / recvmsg() calls. Kernel parameters of the socket 24 * can be read or modified using ioctl() or [gs]etsockopt() calls. 25 * 26 * When a PPPoL2TP socket is connected with local and peer session_id values 27 * zero, the socket is treated as a special tunnel management socket. 28 * 29 * Here's example userspace code to create a socket for sending/receiving data 30 * over an L2TP session:- 31 * 32 * struct sockaddr_pppol2tp sax; 33 * int fd; 34 * int session_fd; 35 * 36 * fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); 37 * 38 * sax.sa_family = AF_PPPOX; 39 * sax.sa_protocol = PX_PROTO_OL2TP; 40 * sax.pppol2tp.fd = tunnel_fd; // bound UDP socket 41 * sax.pppol2tp.addr.sin_addr.s_addr = addr->sin_addr.s_addr; 42 * sax.pppol2tp.addr.sin_port = addr->sin_port; 43 * sax.pppol2tp.addr.sin_family = AF_INET; 44 * sax.pppol2tp.s_tunnel = tunnel_id; 45 * sax.pppol2tp.s_session = session_id; 46 * sax.pppol2tp.d_tunnel = peer_tunnel_id; 47 * sax.pppol2tp.d_session = peer_session_id; 48 * 49 * session_fd = connect(fd, (struct sockaddr *)&sax, sizeof(sax)); 50 * 51 * A pppd plugin that allows PPP traffic to be carried over L2TP using 52 * this driver is available from the OpenL2TP project at 53 * http://openl2tp.sourceforge.net. 54 */ 55 56#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 57 58#include <linux/module.h> 59#include <linux/string.h> 60#include <linux/list.h> 61#include <linux/uaccess.h> 62 63#include <linux/kernel.h> 64#include <linux/spinlock.h> 65#include <linux/kthread.h> 66#include <linux/sched.h> 67#include <linux/slab.h> 68#include <linux/errno.h> 69#include <linux/jiffies.h> 70 71#include <linux/netdevice.h> 72#include <linux/net.h> 73#include <linux/inetdevice.h> 74#include <linux/skbuff.h> 75#include <linux/init.h> 76#include <linux/ip.h> 77#include <linux/udp.h> 78#include <linux/if_pppox.h> 79#include <linux/if_pppol2tp.h> 80#include <net/sock.h> 81#include <linux/ppp_channel.h> 82#include <linux/ppp_defs.h> 83#include <linux/ppp-ioctl.h> 84#include <linux/file.h> 85#include <linux/hash.h> 86#include <linux/sort.h> 87#include <linux/proc_fs.h> 88#include <linux/l2tp.h> 89#include <linux/nsproxy.h> 90#include <net/net_namespace.h> 91#include <net/netns/generic.h> 92#include <net/ip.h> 93#include <net/udp.h> 94#include <net/inet_common.h> 95 96#include <asm/byteorder.h> 97#include <linux/atomic.h> 98 99#include "l2tp_core.h" 100 101#define PPPOL2TP_DRV_VERSION "V2.0" 102 103/* Space for UDP, L2TP and PPP headers */ 104#define PPPOL2TP_HEADER_OVERHEAD 40 105 106/* Number of bytes to build transmit L2TP headers. 107 * Unfortunately the size is different depending on whether sequence numbers 108 * are enabled. 109 */ 110#define PPPOL2TP_L2TP_HDR_SIZE_SEQ 10 111#define PPPOL2TP_L2TP_HDR_SIZE_NOSEQ 6 112 113/* Private data of each session. This data lives at the end of struct 114 * l2tp_session, referenced via session->priv[]. 115 */ 116struct pppol2tp_session { 117 int owner; /* pid that opened the socket */ 118 119 struct mutex sk_lock; /* Protects .sk */ 120 struct sock __rcu *sk; /* Pointer to the session PPPoX socket */ 121 struct sock *__sk; /* Copy of .sk, for cleanup */ 122 struct rcu_head rcu; /* For asynchronous release */ 123}; 124 125static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb); 126 127static const struct ppp_channel_ops pppol2tp_chan_ops = { 128 .start_xmit = pppol2tp_xmit, 129}; 130 131static const struct proto_ops pppol2tp_ops; 132 133/* Retrieves the pppol2tp socket associated to a session. 134 * A reference is held on the returned socket, so this function must be paired 135 * with sock_put(). 136 */ 137static struct sock *pppol2tp_session_get_sock(struct l2tp_session *session) 138{ 139 struct pppol2tp_session *ps = l2tp_session_priv(session); 140 struct sock *sk; 141 142 rcu_read_lock(); 143 sk = rcu_dereference(ps->sk); 144 if (sk) 145 sock_hold(sk); 146 rcu_read_unlock(); 147 148 return sk; 149} 150 151/* Helpers to obtain tunnel/session contexts from sockets. 152 */ 153static inline struct l2tp_session *pppol2tp_sock_to_session(struct sock *sk) 154{ 155 struct l2tp_session *session; 156 157 if (!sk) 158 return NULL; 159 160 sock_hold(sk); 161 session = (struct l2tp_session *)(sk->sk_user_data); 162 if (!session) { 163 sock_put(sk); 164 goto out; 165 } 166 if (WARN_ON(session->magic != L2TP_SESSION_MAGIC)) { 167 session = NULL; 168 sock_put(sk); 169 goto out; 170 } 171 172out: 173 return session; 174} 175 176/***************************************************************************** 177 * Receive data handling 178 *****************************************************************************/ 179 180/* Receive message. This is the recvmsg for the PPPoL2TP socket. 181 */ 182static int pppol2tp_recvmsg(struct socket *sock, struct msghdr *msg, 183 size_t len, int flags) 184{ 185 int err; 186 struct sk_buff *skb; 187 struct sock *sk = sock->sk; 188 189 err = -EIO; 190 if (sk->sk_state & PPPOX_BOUND) 191 goto end; 192 193 err = 0; 194 skb = skb_recv_datagram(sk, flags, &err); 195 if (!skb) 196 goto end; 197 198 if (len > skb->len) 199 len = skb->len; 200 else if (len < skb->len) 201 msg->msg_flags |= MSG_TRUNC; 202 203 err = skb_copy_datagram_msg(skb, 0, msg, len); 204 if (likely(err == 0)) 205 err = len; 206 207 kfree_skb(skb); 208end: 209 return err; 210} 211 212static void pppol2tp_recv(struct l2tp_session *session, struct sk_buff *skb, int data_len) 213{ 214 struct pppol2tp_session *ps = l2tp_session_priv(session); 215 struct sock *sk = NULL; 216 217 /* If the socket is bound, send it in to PPP's input queue. Otherwise 218 * queue it on the session socket. 219 */ 220 rcu_read_lock(); 221 sk = rcu_dereference(ps->sk); 222 if (!sk) 223 goto no_sock; 224 225 /* If the first two bytes are 0xFF03, consider that it is the PPP's 226 * Address and Control fields and skip them. The L2TP module has always 227 * worked this way, although, in theory, the use of these fields should 228 * be negotiated and handled at the PPP layer. These fields are 229 * constant: 0xFF is the All-Stations Address and 0x03 the Unnumbered 230 * Information command with Poll/Final bit set to zero (RFC 1662). 231 */ 232 if (pskb_may_pull(skb, 2) && skb->data[0] == PPP_ALLSTATIONS && 233 skb->data[1] == PPP_UI) 234 skb_pull(skb, 2); 235 236 if (sk->sk_state & PPPOX_BOUND) { 237 struct pppox_sock *po; 238 239 po = pppox_sk(sk); 240 ppp_input(&po->chan, skb); 241 } else { 242 if (sock_queue_rcv_skb(sk, skb) < 0) { 243 atomic_long_inc(&session->stats.rx_errors); 244 kfree_skb(skb); 245 } 246 } 247 rcu_read_unlock(); 248 249 return; 250 251no_sock: 252 rcu_read_unlock(); 253 pr_warn_ratelimited("%s: no socket in recv\n", session->name); 254 kfree_skb(skb); 255} 256 257/************************************************************************ 258 * Transmit handling 259 ***********************************************************************/ 260 261/* This is the sendmsg for the PPPoL2TP pppol2tp_session socket. We come here 262 * when a user application does a sendmsg() on the session socket. L2TP and 263 * PPP headers must be inserted into the user's data. 264 */ 265static int pppol2tp_sendmsg(struct socket *sock, struct msghdr *m, 266 size_t total_len) 267{ 268 struct sock *sk = sock->sk; 269 struct sk_buff *skb; 270 int error; 271 struct l2tp_session *session; 272 struct l2tp_tunnel *tunnel; 273 int uhlen; 274 275 error = -ENOTCONN; 276 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) 277 goto error; 278 279 /* Get session and tunnel contexts */ 280 error = -EBADF; 281 session = pppol2tp_sock_to_session(sk); 282 if (!session) 283 goto error; 284 285 tunnel = session->tunnel; 286 287 uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0; 288 289 /* Allocate a socket buffer */ 290 error = -ENOMEM; 291 skb = sock_wmalloc(sk, NET_SKB_PAD + sizeof(struct iphdr) + 292 uhlen + session->hdr_len + 293 2 + total_len, /* 2 bytes for PPP_ALLSTATIONS & PPP_UI */ 294 0, GFP_KERNEL); 295 if (!skb) 296 goto error_put_sess; 297 298 /* Reserve space for headers. */ 299 skb_reserve(skb, NET_SKB_PAD); 300 skb_reset_network_header(skb); 301 skb_reserve(skb, sizeof(struct iphdr)); 302 skb_reset_transport_header(skb); 303 skb_reserve(skb, uhlen); 304 305 /* Add PPP header */ 306 skb->data[0] = PPP_ALLSTATIONS; 307 skb->data[1] = PPP_UI; 308 skb_put(skb, 2); 309 310 /* Copy user data into skb */ 311 error = memcpy_from_msg(skb_put(skb, total_len), m, total_len); 312 if (error < 0) { 313 kfree_skb(skb); 314 goto error_put_sess; 315 } 316 317 local_bh_disable(); 318 l2tp_xmit_skb(session, skb); 319 local_bh_enable(); 320 321 sock_put(sk); 322 323 return total_len; 324 325error_put_sess: 326 sock_put(sk); 327error: 328 return error; 329} 330 331/* Transmit function called by generic PPP driver. Sends PPP frame 332 * over PPPoL2TP socket. 333 * 334 * This is almost the same as pppol2tp_sendmsg(), but rather than 335 * being called with a msghdr from userspace, it is called with a skb 336 * from the kernel. 337 * 338 * The supplied skb from ppp doesn't have enough headroom for the 339 * insertion of L2TP, UDP and IP headers so we need to allocate more 340 * headroom in the skb. This will create a cloned skb. But we must be 341 * careful in the error case because the caller will expect to free 342 * the skb it supplied, not our cloned skb. So we take care to always 343 * leave the original skb unfreed if we return an error. 344 */ 345static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb) 346{ 347 struct sock *sk = (struct sock *)chan->private; 348 struct l2tp_session *session; 349 struct l2tp_tunnel *tunnel; 350 int uhlen, headroom; 351 352 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) 353 goto abort; 354 355 /* Get session and tunnel contexts from the socket */ 356 session = pppol2tp_sock_to_session(sk); 357 if (!session) 358 goto abort; 359 360 tunnel = session->tunnel; 361 362 uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0; 363 headroom = NET_SKB_PAD + 364 sizeof(struct iphdr) + /* IP header */ 365 uhlen + /* UDP header (if L2TP_ENCAPTYPE_UDP) */ 366 session->hdr_len + /* L2TP header */ 367 2; /* 2 bytes for PPP_ALLSTATIONS & PPP_UI */ 368 if (skb_cow_head(skb, headroom)) 369 goto abort_put_sess; 370 371 /* Setup PPP header */ 372 __skb_push(skb, 2); 373 skb->data[0] = PPP_ALLSTATIONS; 374 skb->data[1] = PPP_UI; 375 376 local_bh_disable(); 377 l2tp_xmit_skb(session, skb); 378 local_bh_enable(); 379 380 sock_put(sk); 381 382 return 1; 383 384abort_put_sess: 385 sock_put(sk); 386abort: 387 /* Free the original skb */ 388 kfree_skb(skb); 389 return 1; 390} 391 392/***************************************************************************** 393 * Session (and tunnel control) socket create/destroy. 394 *****************************************************************************/ 395 396static void pppol2tp_put_sk(struct rcu_head *head) 397{ 398 struct pppol2tp_session *ps; 399 400 ps = container_of(head, typeof(*ps), rcu); 401 sock_put(ps->__sk); 402} 403 404/* Really kill the session socket. (Called from sock_put() if 405 * refcnt == 0.) 406 */ 407static void pppol2tp_session_destruct(struct sock *sk) 408{ 409 struct l2tp_session *session = sk->sk_user_data; 410 411 skb_queue_purge(&sk->sk_receive_queue); 412 skb_queue_purge(&sk->sk_write_queue); 413 414 if (session) { 415 sk->sk_user_data = NULL; 416 if (WARN_ON(session->magic != L2TP_SESSION_MAGIC)) 417 return; 418 l2tp_session_dec_refcount(session); 419 } 420} 421 422/* Called when the PPPoX socket (session) is closed. 423 */ 424static int pppol2tp_release(struct socket *sock) 425{ 426 struct sock *sk = sock->sk; 427 struct l2tp_session *session; 428 int error; 429 430 if (!sk) 431 return 0; 432 433 error = -EBADF; 434 lock_sock(sk); 435 if (sock_flag(sk, SOCK_DEAD) != 0) 436 goto error; 437 438 pppox_unbind_sock(sk); 439 440 /* Signal the death of the socket. */ 441 sk->sk_state = PPPOX_DEAD; 442 sock_orphan(sk); 443 sock->sk = NULL; 444 445 session = pppol2tp_sock_to_session(sk); 446 if (session) { 447 struct pppol2tp_session *ps; 448 449 l2tp_session_delete(session); 450 451 ps = l2tp_session_priv(session); 452 mutex_lock(&ps->sk_lock); 453 ps->__sk = rcu_dereference_protected(ps->sk, 454 lockdep_is_held(&ps->sk_lock)); 455 RCU_INIT_POINTER(ps->sk, NULL); 456 mutex_unlock(&ps->sk_lock); 457 call_rcu(&ps->rcu, pppol2tp_put_sk); 458 459 /* Rely on the sock_put() call at the end of the function for 460 * dropping the reference held by pppol2tp_sock_to_session(). 461 * The last reference will be dropped by pppol2tp_put_sk(). 462 */ 463 } 464 465 release_sock(sk); 466 467 /* This will delete the session context via 468 * pppol2tp_session_destruct() if the socket's refcnt drops to 469 * zero. 470 */ 471 sock_put(sk); 472 473 return 0; 474 475error: 476 release_sock(sk); 477 return error; 478} 479 480static struct proto pppol2tp_sk_proto = { 481 .name = "PPPOL2TP", 482 .owner = THIS_MODULE, 483 .obj_size = sizeof(struct pppox_sock), 484}; 485 486static int pppol2tp_backlog_recv(struct sock *sk, struct sk_buff *skb) 487{ 488 int rc; 489 490 rc = l2tp_udp_encap_recv(sk, skb); 491 if (rc) 492 kfree_skb(skb); 493 494 return NET_RX_SUCCESS; 495} 496 497/* socket() handler. Initialize a new struct sock. 498 */ 499static int pppol2tp_create(struct net *net, struct socket *sock, int kern) 500{ 501 int error = -ENOMEM; 502 struct sock *sk; 503 504 sk = sk_alloc(net, PF_PPPOX, GFP_KERNEL, &pppol2tp_sk_proto, kern); 505 if (!sk) 506 goto out; 507 508 sock_init_data(sock, sk); 509 510 sock->state = SS_UNCONNECTED; 511 sock->ops = &pppol2tp_ops; 512 513 sk->sk_backlog_rcv = pppol2tp_backlog_recv; 514 sk->sk_protocol = PX_PROTO_OL2TP; 515 sk->sk_family = PF_PPPOX; 516 sk->sk_state = PPPOX_NONE; 517 sk->sk_type = SOCK_STREAM; 518 sk->sk_destruct = pppol2tp_session_destruct; 519 520 error = 0; 521 522out: 523 return error; 524} 525 526static void pppol2tp_show(struct seq_file *m, void *arg) 527{ 528 struct l2tp_session *session = arg; 529 struct sock *sk; 530 531 sk = pppol2tp_session_get_sock(session); 532 if (sk) { 533 struct pppox_sock *po = pppox_sk(sk); 534 535 seq_printf(m, " interface %s\n", ppp_dev_name(&po->chan)); 536 sock_put(sk); 537 } 538} 539 540static void pppol2tp_session_init(struct l2tp_session *session) 541{ 542 struct pppol2tp_session *ps; 543 544 session->recv_skb = pppol2tp_recv; 545 if (IS_ENABLED(CONFIG_L2TP_DEBUGFS)) 546 session->show = pppol2tp_show; 547 548 ps = l2tp_session_priv(session); 549 mutex_init(&ps->sk_lock); 550 ps->owner = current->pid; 551} 552 553struct l2tp_connect_info { 554 u8 version; 555 int fd; 556 u32 tunnel_id; 557 u32 peer_tunnel_id; 558 u32 session_id; 559 u32 peer_session_id; 560}; 561 562static int pppol2tp_sockaddr_get_info(const void *sa, int sa_len, 563 struct l2tp_connect_info *info) 564{ 565 switch (sa_len) { 566 case sizeof(struct sockaddr_pppol2tp): 567 { 568 const struct sockaddr_pppol2tp *sa_v2in4 = sa; 569 570 if (sa_v2in4->sa_protocol != PX_PROTO_OL2TP) 571 return -EINVAL; 572 573 info->version = 2; 574 info->fd = sa_v2in4->pppol2tp.fd; 575 info->tunnel_id = sa_v2in4->pppol2tp.s_tunnel; 576 info->peer_tunnel_id = sa_v2in4->pppol2tp.d_tunnel; 577 info->session_id = sa_v2in4->pppol2tp.s_session; 578 info->peer_session_id = sa_v2in4->pppol2tp.d_session; 579 580 break; 581 } 582 case sizeof(struct sockaddr_pppol2tpv3): 583 { 584 const struct sockaddr_pppol2tpv3 *sa_v3in4 = sa; 585 586 if (sa_v3in4->sa_protocol != PX_PROTO_OL2TP) 587 return -EINVAL; 588 589 info->version = 3; 590 info->fd = sa_v3in4->pppol2tp.fd; 591 info->tunnel_id = sa_v3in4->pppol2tp.s_tunnel; 592 info->peer_tunnel_id = sa_v3in4->pppol2tp.d_tunnel; 593 info->session_id = sa_v3in4->pppol2tp.s_session; 594 info->peer_session_id = sa_v3in4->pppol2tp.d_session; 595 596 break; 597 } 598 case sizeof(struct sockaddr_pppol2tpin6): 599 { 600 const struct sockaddr_pppol2tpin6 *sa_v2in6 = sa; 601 602 if (sa_v2in6->sa_protocol != PX_PROTO_OL2TP) 603 return -EINVAL; 604 605 info->version = 2; 606 info->fd = sa_v2in6->pppol2tp.fd; 607 info->tunnel_id = sa_v2in6->pppol2tp.s_tunnel; 608 info->peer_tunnel_id = sa_v2in6->pppol2tp.d_tunnel; 609 info->session_id = sa_v2in6->pppol2tp.s_session; 610 info->peer_session_id = sa_v2in6->pppol2tp.d_session; 611 612 break; 613 } 614 case sizeof(struct sockaddr_pppol2tpv3in6): 615 { 616 const struct sockaddr_pppol2tpv3in6 *sa_v3in6 = sa; 617 618 if (sa_v3in6->sa_protocol != PX_PROTO_OL2TP) 619 return -EINVAL; 620 621 info->version = 3; 622 info->fd = sa_v3in6->pppol2tp.fd; 623 info->tunnel_id = sa_v3in6->pppol2tp.s_tunnel; 624 info->peer_tunnel_id = sa_v3in6->pppol2tp.d_tunnel; 625 info->session_id = sa_v3in6->pppol2tp.s_session; 626 info->peer_session_id = sa_v3in6->pppol2tp.d_session; 627 628 break; 629 } 630 default: 631 return -EINVAL; 632 } 633 634 return 0; 635} 636 637/* Rough estimation of the maximum payload size a tunnel can transmit without 638 * fragmenting at the lower IP layer. Assumes L2TPv2 with sequence 639 * numbers and no IP option. Not quite accurate, but the result is mostly 640 * unused anyway. 641 */ 642static int pppol2tp_tunnel_mtu(const struct l2tp_tunnel *tunnel) 643{ 644 int mtu; 645 646 mtu = l2tp_tunnel_dst_mtu(tunnel); 647 if (mtu <= PPPOL2TP_HEADER_OVERHEAD) 648 return 1500 - PPPOL2TP_HEADER_OVERHEAD; 649 650 return mtu - PPPOL2TP_HEADER_OVERHEAD; 651} 652 653/* connect() handler. Attach a PPPoX socket to a tunnel UDP socket 654 */ 655static int pppol2tp_connect(struct socket *sock, struct sockaddr *uservaddr, 656 int sockaddr_len, int flags) 657{ 658 struct sock *sk = sock->sk; 659 struct pppox_sock *po = pppox_sk(sk); 660 struct l2tp_session *session = NULL; 661 struct l2tp_connect_info info; 662 struct l2tp_tunnel *tunnel; 663 struct pppol2tp_session *ps; 664 struct l2tp_session_cfg cfg = { 0, }; 665 bool drop_refcnt = false; 666 bool drop_tunnel = false; 667 bool new_session = false; 668 bool new_tunnel = false; 669 int error; 670 671 error = pppol2tp_sockaddr_get_info(uservaddr, sockaddr_len, &info); 672 if (error < 0) 673 return error; 674 675 lock_sock(sk); 676 677 /* Check for already bound sockets */ 678 error = -EBUSY; 679 if (sk->sk_state & PPPOX_CONNECTED) 680 goto end; 681 682 /* We don't supporting rebinding anyway */ 683 error = -EALREADY; 684 if (sk->sk_user_data) 685 goto end; /* socket is already attached */ 686 687 /* Don't bind if tunnel_id is 0 */ 688 error = -EINVAL; 689 if (!info.tunnel_id) 690 goto end; 691 692 tunnel = l2tp_tunnel_get(sock_net(sk), info.tunnel_id); 693 if (tunnel) 694 drop_tunnel = true; 695 696 /* Special case: create tunnel context if session_id and 697 * peer_session_id is 0. Otherwise look up tunnel using supplied 698 * tunnel id. 699 */ 700 if (!info.session_id && !info.peer_session_id) { 701 if (!tunnel) { 702 struct l2tp_tunnel_cfg tcfg = { 703 .encap = L2TP_ENCAPTYPE_UDP, 704 }; 705 706 /* Prevent l2tp_tunnel_register() from trying to set up 707 * a kernel socket. 708 */ 709 if (info.fd < 0) { 710 error = -EBADF; 711 goto end; 712 } 713 714 error = l2tp_tunnel_create(info.fd, 715 info.version, 716 info.tunnel_id, 717 info.peer_tunnel_id, &tcfg, 718 &tunnel); 719 if (error < 0) 720 goto end; 721 722 l2tp_tunnel_inc_refcount(tunnel); 723 error = l2tp_tunnel_register(tunnel, sock_net(sk), 724 &tcfg); 725 if (error < 0) { 726 kfree(tunnel); 727 goto end; 728 } 729 drop_tunnel = true; 730 new_tunnel = true; 731 } 732 } else { 733 /* Error if we can't find the tunnel */ 734 error = -ENOENT; 735 if (!tunnel) 736 goto end; 737 738 /* Error if socket is not prepped */ 739 if (!tunnel->sock) 740 goto end; 741 } 742 743 if (tunnel->peer_tunnel_id == 0) 744 tunnel->peer_tunnel_id = info.peer_tunnel_id; 745 746 session = l2tp_tunnel_get_session(tunnel, info.session_id); 747 if (session) { 748 drop_refcnt = true; 749 750 if (session->pwtype != L2TP_PWTYPE_PPP) { 751 error = -EPROTOTYPE; 752 goto end; 753 } 754 755 ps = l2tp_session_priv(session); 756 757 /* Using a pre-existing session is fine as long as it hasn't 758 * been connected yet. 759 */ 760 mutex_lock(&ps->sk_lock); 761 if (rcu_dereference_protected(ps->sk, 762 lockdep_is_held(&ps->sk_lock)) || 763 ps->__sk) { 764 mutex_unlock(&ps->sk_lock); 765 error = -EEXIST; 766 goto end; 767 } 768 } else { 769 cfg.pw_type = L2TP_PWTYPE_PPP; 770 771 session = l2tp_session_create(sizeof(struct pppol2tp_session), 772 tunnel, info.session_id, 773 info.peer_session_id, &cfg); 774 if (IS_ERR(session)) { 775 error = PTR_ERR(session); 776 goto end; 777 } 778 779 pppol2tp_session_init(session); 780 ps = l2tp_session_priv(session); 781 l2tp_session_inc_refcount(session); 782 783 mutex_lock(&ps->sk_lock); 784 error = l2tp_session_register(session, tunnel); 785 if (error < 0) { 786 mutex_unlock(&ps->sk_lock); 787 kfree(session); 788 goto end; 789 } 790 drop_refcnt = true; 791 new_session = true; 792 } 793 794 /* Special case: if source & dest session_id == 0x0000, this 795 * socket is being created to manage the tunnel. Just set up 796 * the internal context for use by ioctl() and sockopt() 797 * handlers. 798 */ 799 if (session->session_id == 0 && session->peer_session_id == 0) { 800 error = 0; 801 goto out_no_ppp; 802 } 803 804 /* The only header we need to worry about is the L2TP 805 * header. This size is different depending on whether 806 * sequence numbers are enabled for the data channel. 807 */ 808 po->chan.hdrlen = PPPOL2TP_L2TP_HDR_SIZE_NOSEQ; 809 810 po->chan.private = sk; 811 po->chan.ops = &pppol2tp_chan_ops; 812 po->chan.mtu = pppol2tp_tunnel_mtu(tunnel); 813 814 error = ppp_register_net_channel(sock_net(sk), &po->chan); 815 if (error) { 816 mutex_unlock(&ps->sk_lock); 817 goto end; 818 } 819 820out_no_ppp: 821 /* This is how we get the session context from the socket. */ 822 sk->sk_user_data = session; 823 rcu_assign_pointer(ps->sk, sk); 824 mutex_unlock(&ps->sk_lock); 825 826 /* Keep the reference we've grabbed on the session: sk doesn't expect 827 * the session to disappear. pppol2tp_session_destruct() is responsible 828 * for dropping it. 829 */ 830 drop_refcnt = false; 831 832 sk->sk_state = PPPOX_CONNECTED; 833 834end: 835 if (error) { 836 if (new_session) 837 l2tp_session_delete(session); 838 if (new_tunnel) 839 l2tp_tunnel_delete(tunnel); 840 } 841 if (drop_refcnt) 842 l2tp_session_dec_refcount(session); 843 if (drop_tunnel) 844 l2tp_tunnel_dec_refcount(tunnel); 845 release_sock(sk); 846 847 return error; 848} 849 850#ifdef CONFIG_L2TP_V3 851 852/* Called when creating sessions via the netlink interface. */ 853static int pppol2tp_session_create(struct net *net, struct l2tp_tunnel *tunnel, 854 u32 session_id, u32 peer_session_id, 855 struct l2tp_session_cfg *cfg) 856{ 857 int error; 858 struct l2tp_session *session; 859 860 /* Error if tunnel socket is not prepped */ 861 if (!tunnel->sock) { 862 error = -ENOENT; 863 goto err; 864 } 865 866 /* Allocate and initialize a new session context. */ 867 session = l2tp_session_create(sizeof(struct pppol2tp_session), 868 tunnel, session_id, 869 peer_session_id, cfg); 870 if (IS_ERR(session)) { 871 error = PTR_ERR(session); 872 goto err; 873 } 874 875 pppol2tp_session_init(session); 876 877 error = l2tp_session_register(session, tunnel); 878 if (error < 0) 879 goto err_sess; 880 881 return 0; 882 883err_sess: 884 kfree(session); 885err: 886 return error; 887} 888 889#endif /* CONFIG_L2TP_V3 */ 890 891/* getname() support. 892 */ 893static int pppol2tp_getname(struct socket *sock, struct sockaddr *uaddr, 894 int peer) 895{ 896 int len = 0; 897 int error = 0; 898 struct l2tp_session *session; 899 struct l2tp_tunnel *tunnel; 900 struct sock *sk = sock->sk; 901 struct inet_sock *inet; 902 struct pppol2tp_session *pls; 903 904 error = -ENOTCONN; 905 if (!sk) 906 goto end; 907 if (!(sk->sk_state & PPPOX_CONNECTED)) 908 goto end; 909 910 error = -EBADF; 911 session = pppol2tp_sock_to_session(sk); 912 if (!session) 913 goto end; 914 915 pls = l2tp_session_priv(session); 916 tunnel = session->tunnel; 917 918 inet = inet_sk(tunnel->sock); 919 if (tunnel->version == 2 && tunnel->sock->sk_family == AF_INET) { 920 struct sockaddr_pppol2tp sp; 921 922 len = sizeof(sp); 923 memset(&sp, 0, len); 924 sp.sa_family = AF_PPPOX; 925 sp.sa_protocol = PX_PROTO_OL2TP; 926 sp.pppol2tp.fd = tunnel->fd; 927 sp.pppol2tp.pid = pls->owner; 928 sp.pppol2tp.s_tunnel = tunnel->tunnel_id; 929 sp.pppol2tp.d_tunnel = tunnel->peer_tunnel_id; 930 sp.pppol2tp.s_session = session->session_id; 931 sp.pppol2tp.d_session = session->peer_session_id; 932 sp.pppol2tp.addr.sin_family = AF_INET; 933 sp.pppol2tp.addr.sin_port = inet->inet_dport; 934 sp.pppol2tp.addr.sin_addr.s_addr = inet->inet_daddr; 935 memcpy(uaddr, &sp, len); 936#if IS_ENABLED(CONFIG_IPV6) 937 } else if (tunnel->version == 2 && tunnel->sock->sk_family == AF_INET6) { 938 struct sockaddr_pppol2tpin6 sp; 939 940 len = sizeof(sp); 941 memset(&sp, 0, len); 942 sp.sa_family = AF_PPPOX; 943 sp.sa_protocol = PX_PROTO_OL2TP; 944 sp.pppol2tp.fd = tunnel->fd; 945 sp.pppol2tp.pid = pls->owner; 946 sp.pppol2tp.s_tunnel = tunnel->tunnel_id; 947 sp.pppol2tp.d_tunnel = tunnel->peer_tunnel_id; 948 sp.pppol2tp.s_session = session->session_id; 949 sp.pppol2tp.d_session = session->peer_session_id; 950 sp.pppol2tp.addr.sin6_family = AF_INET6; 951 sp.pppol2tp.addr.sin6_port = inet->inet_dport; 952 memcpy(&sp.pppol2tp.addr.sin6_addr, &tunnel->sock->sk_v6_daddr, 953 sizeof(tunnel->sock->sk_v6_daddr)); 954 memcpy(uaddr, &sp, len); 955 } else if (tunnel->version == 3 && tunnel->sock->sk_family == AF_INET6) { 956 struct sockaddr_pppol2tpv3in6 sp; 957 958 len = sizeof(sp); 959 memset(&sp, 0, len); 960 sp.sa_family = AF_PPPOX; 961 sp.sa_protocol = PX_PROTO_OL2TP; 962 sp.pppol2tp.fd = tunnel->fd; 963 sp.pppol2tp.pid = pls->owner; 964 sp.pppol2tp.s_tunnel = tunnel->tunnel_id; 965 sp.pppol2tp.d_tunnel = tunnel->peer_tunnel_id; 966 sp.pppol2tp.s_session = session->session_id; 967 sp.pppol2tp.d_session = session->peer_session_id; 968 sp.pppol2tp.addr.sin6_family = AF_INET6; 969 sp.pppol2tp.addr.sin6_port = inet->inet_dport; 970 memcpy(&sp.pppol2tp.addr.sin6_addr, &tunnel->sock->sk_v6_daddr, 971 sizeof(tunnel->sock->sk_v6_daddr)); 972 memcpy(uaddr, &sp, len); 973#endif 974 } else if (tunnel->version == 3) { 975 struct sockaddr_pppol2tpv3 sp; 976 977 len = sizeof(sp); 978 memset(&sp, 0, len); 979 sp.sa_family = AF_PPPOX; 980 sp.sa_protocol = PX_PROTO_OL2TP; 981 sp.pppol2tp.fd = tunnel->fd; 982 sp.pppol2tp.pid = pls->owner; 983 sp.pppol2tp.s_tunnel = tunnel->tunnel_id; 984 sp.pppol2tp.d_tunnel = tunnel->peer_tunnel_id; 985 sp.pppol2tp.s_session = session->session_id; 986 sp.pppol2tp.d_session = session->peer_session_id; 987 sp.pppol2tp.addr.sin_family = AF_INET; 988 sp.pppol2tp.addr.sin_port = inet->inet_dport; 989 sp.pppol2tp.addr.sin_addr.s_addr = inet->inet_daddr; 990 memcpy(uaddr, &sp, len); 991 } 992 993 error = len; 994 995 sock_put(sk); 996end: 997 return error; 998} 999 1000/**************************************************************************** 1001 * ioctl() handlers. 1002 * 1003 * The PPPoX socket is created for L2TP sessions: tunnels have their own UDP 1004 * sockets. However, in order to control kernel tunnel features, we allow 1005 * userspace to create a special "tunnel" PPPoX socket which is used for 1006 * control only. Tunnel PPPoX sockets have session_id == 0 and simply allow 1007 * the user application to issue L2TP setsockopt(), getsockopt() and ioctl() 1008 * calls. 1009 ****************************************************************************/ 1010 1011static void pppol2tp_copy_stats(struct pppol2tp_ioc_stats *dest, 1012 const struct l2tp_stats *stats) 1013{ 1014 memset(dest, 0, sizeof(*dest)); 1015 1016 dest->tx_packets = atomic_long_read(&stats->tx_packets); 1017 dest->tx_bytes = atomic_long_read(&stats->tx_bytes); 1018 dest->tx_errors = atomic_long_read(&stats->tx_errors); 1019 dest->rx_packets = atomic_long_read(&stats->rx_packets); 1020 dest->rx_bytes = atomic_long_read(&stats->rx_bytes); 1021 dest->rx_seq_discards = atomic_long_read(&stats->rx_seq_discards); 1022 dest->rx_oos_packets = atomic_long_read(&stats->rx_oos_packets); 1023 dest->rx_errors = atomic_long_read(&stats->rx_errors); 1024} 1025 1026static int pppol2tp_tunnel_copy_stats(struct pppol2tp_ioc_stats *stats, 1027 struct l2tp_tunnel *tunnel) 1028{ 1029 struct l2tp_session *session; 1030 1031 if (!stats->session_id) { 1032 pppol2tp_copy_stats(stats, &tunnel->stats); 1033 return 0; 1034 } 1035 1036 /* If session_id is set, search the corresponding session in the 1037 * context of this tunnel and record the session's statistics. 1038 */ 1039 session = l2tp_tunnel_get_session(tunnel, stats->session_id); 1040 if (!session) 1041 return -EBADR; 1042 1043 if (session->pwtype != L2TP_PWTYPE_PPP) { 1044 l2tp_session_dec_refcount(session); 1045 return -EBADR; 1046 } 1047 1048 pppol2tp_copy_stats(stats, &session->stats); 1049 l2tp_session_dec_refcount(session); 1050 1051 return 0; 1052} 1053 1054static int pppol2tp_ioctl(struct socket *sock, unsigned int cmd, 1055 unsigned long arg) 1056{ 1057 struct pppol2tp_ioc_stats stats; 1058 struct l2tp_session *session; 1059 1060 switch (cmd) { 1061 case PPPIOCGMRU: 1062 case PPPIOCGFLAGS: 1063 session = sock->sk->sk_user_data; 1064 if (!session) 1065 return -ENOTCONN; 1066 1067 if (WARN_ON(session->magic != L2TP_SESSION_MAGIC)) 1068 return -EBADF; 1069 1070 /* Not defined for tunnels */ 1071 if (!session->session_id && !session->peer_session_id) 1072 return -ENOSYS; 1073 1074 if (put_user(0, (int __user *)arg)) 1075 return -EFAULT; 1076 break; 1077 1078 case PPPIOCSMRU: 1079 case PPPIOCSFLAGS: 1080 session = sock->sk->sk_user_data; 1081 if (!session) 1082 return -ENOTCONN; 1083 1084 if (WARN_ON(session->magic != L2TP_SESSION_MAGIC)) 1085 return -EBADF; 1086 1087 /* Not defined for tunnels */ 1088 if (!session->session_id && !session->peer_session_id) 1089 return -ENOSYS; 1090 1091 if (!access_ok((int __user *)arg, sizeof(int))) 1092 return -EFAULT; 1093 break; 1094 1095 case PPPIOCGL2TPSTATS: 1096 session = sock->sk->sk_user_data; 1097 if (!session) 1098 return -ENOTCONN; 1099 1100 if (WARN_ON(session->magic != L2TP_SESSION_MAGIC)) 1101 return -EBADF; 1102 1103 /* Session 0 represents the parent tunnel */ 1104 if (!session->session_id && !session->peer_session_id) { 1105 u32 session_id; 1106 int err; 1107 1108 if (copy_from_user(&stats, (void __user *)arg, 1109 sizeof(stats))) 1110 return -EFAULT; 1111 1112 session_id = stats.session_id; 1113 err = pppol2tp_tunnel_copy_stats(&stats, 1114 session->tunnel); 1115 if (err < 0) 1116 return err; 1117 1118 stats.session_id = session_id; 1119 } else { 1120 pppol2tp_copy_stats(&stats, &session->stats); 1121 stats.session_id = session->session_id; 1122 } 1123 stats.tunnel_id = session->tunnel->tunnel_id; 1124 stats.using_ipsec = l2tp_tunnel_uses_xfrm(session->tunnel); 1125 1126 if (copy_to_user((void __user *)arg, &stats, sizeof(stats))) 1127 return -EFAULT; 1128 break; 1129 1130 default: 1131 return -ENOIOCTLCMD; 1132 } 1133 1134 return 0; 1135} 1136 1137/***************************************************************************** 1138 * setsockopt() / getsockopt() support. 1139 * 1140 * The PPPoX socket is created for L2TP sessions: tunnels have their own UDP 1141 * sockets. In order to control kernel tunnel features, we allow userspace to 1142 * create a special "tunnel" PPPoX socket which is used for control only. 1143 * Tunnel PPPoX sockets have session_id == 0 and simply allow the user 1144 * application to issue L2TP setsockopt(), getsockopt() and ioctl() calls. 1145 *****************************************************************************/ 1146 1147/* Tunnel setsockopt() helper. 1148 */ 1149static int pppol2tp_tunnel_setsockopt(struct sock *sk, 1150 struct l2tp_tunnel *tunnel, 1151 int optname, int val) 1152{ 1153 int err = 0; 1154 1155 switch (optname) { 1156 case PPPOL2TP_SO_DEBUG: 1157 /* Tunnel debug flags option is deprecated */ 1158 break; 1159 1160 default: 1161 err = -ENOPROTOOPT; 1162 break; 1163 } 1164 1165 return err; 1166} 1167 1168/* Session setsockopt helper. 1169 */ 1170static int pppol2tp_session_setsockopt(struct sock *sk, 1171 struct l2tp_session *session, 1172 int optname, int val) 1173{ 1174 int err = 0; 1175 1176 switch (optname) { 1177 case PPPOL2TP_SO_RECVSEQ: 1178 if (val != 0 && val != 1) { 1179 err = -EINVAL; 1180 break; 1181 } 1182 session->recv_seq = !!val; 1183 break; 1184 1185 case PPPOL2TP_SO_SENDSEQ: 1186 if (val != 0 && val != 1) { 1187 err = -EINVAL; 1188 break; 1189 } 1190 session->send_seq = !!val; 1191 { 1192 struct pppox_sock *po = pppox_sk(sk); 1193 1194 po->chan.hdrlen = val ? PPPOL2TP_L2TP_HDR_SIZE_SEQ : 1195 PPPOL2TP_L2TP_HDR_SIZE_NOSEQ; 1196 } 1197 l2tp_session_set_header_len(session, session->tunnel->version); 1198 break; 1199 1200 case PPPOL2TP_SO_LNSMODE: 1201 if (val != 0 && val != 1) { 1202 err = -EINVAL; 1203 break; 1204 } 1205 session->lns_mode = !!val; 1206 break; 1207 1208 case PPPOL2TP_SO_DEBUG: 1209 /* Session debug flags option is deprecated */ 1210 break; 1211 1212 case PPPOL2TP_SO_REORDERTO: 1213 session->reorder_timeout = msecs_to_jiffies(val); 1214 break; 1215 1216 default: 1217 err = -ENOPROTOOPT; 1218 break; 1219 } 1220 1221 return err; 1222} 1223 1224/* Main setsockopt() entry point. 1225 * Does API checks, then calls either the tunnel or session setsockopt 1226 * handler, according to whether the PPPoL2TP socket is a for a regular 1227 * session or the special tunnel type. 1228 */ 1229static int pppol2tp_setsockopt(struct socket *sock, int level, int optname, 1230 sockptr_t optval, unsigned int optlen) 1231{ 1232 struct sock *sk = sock->sk; 1233 struct l2tp_session *session; 1234 struct l2tp_tunnel *tunnel; 1235 int val; 1236 int err; 1237 1238 if (level != SOL_PPPOL2TP) 1239 return -EINVAL; 1240 1241 if (optlen < sizeof(int)) 1242 return -EINVAL; 1243 1244 if (copy_from_sockptr(&val, optval, sizeof(int))) 1245 return -EFAULT; 1246 1247 err = -ENOTCONN; 1248 if (!sk->sk_user_data) 1249 goto end; 1250 1251 /* Get session context from the socket */ 1252 err = -EBADF; 1253 session = pppol2tp_sock_to_session(sk); 1254 if (!session) 1255 goto end; 1256 1257 /* Special case: if session_id == 0x0000, treat as operation on tunnel 1258 */ 1259 if (session->session_id == 0 && session->peer_session_id == 0) { 1260 tunnel = session->tunnel; 1261 err = pppol2tp_tunnel_setsockopt(sk, tunnel, optname, val); 1262 } else { 1263 err = pppol2tp_session_setsockopt(sk, session, optname, val); 1264 } 1265 1266 sock_put(sk); 1267end: 1268 return err; 1269} 1270 1271/* Tunnel getsockopt helper. Called with sock locked. 1272 */ 1273static int pppol2tp_tunnel_getsockopt(struct sock *sk, 1274 struct l2tp_tunnel *tunnel, 1275 int optname, int *val) 1276{ 1277 int err = 0; 1278 1279 switch (optname) { 1280 case PPPOL2TP_SO_DEBUG: 1281 /* Tunnel debug flags option is deprecated */ 1282 *val = 0; 1283 break; 1284 1285 default: 1286 err = -ENOPROTOOPT; 1287 break; 1288 } 1289 1290 return err; 1291} 1292 1293/* Session getsockopt helper. Called with sock locked. 1294 */ 1295static int pppol2tp_session_getsockopt(struct sock *sk, 1296 struct l2tp_session *session, 1297 int optname, int *val) 1298{ 1299 int err = 0; 1300 1301 switch (optname) { 1302 case PPPOL2TP_SO_RECVSEQ: 1303 *val = session->recv_seq; 1304 break; 1305 1306 case PPPOL2TP_SO_SENDSEQ: 1307 *val = session->send_seq; 1308 break; 1309 1310 case PPPOL2TP_SO_LNSMODE: 1311 *val = session->lns_mode; 1312 break; 1313 1314 case PPPOL2TP_SO_DEBUG: 1315 /* Session debug flags option is deprecated */ 1316 *val = 0; 1317 break; 1318 1319 case PPPOL2TP_SO_REORDERTO: 1320 *val = (int)jiffies_to_msecs(session->reorder_timeout); 1321 break; 1322 1323 default: 1324 err = -ENOPROTOOPT; 1325 } 1326 1327 return err; 1328} 1329 1330/* Main getsockopt() entry point. 1331 * Does API checks, then calls either the tunnel or session getsockopt 1332 * handler, according to whether the PPPoX socket is a for a regular session 1333 * or the special tunnel type. 1334 */ 1335static int pppol2tp_getsockopt(struct socket *sock, int level, int optname, 1336 char __user *optval, int __user *optlen) 1337{ 1338 struct sock *sk = sock->sk; 1339 struct l2tp_session *session; 1340 struct l2tp_tunnel *tunnel; 1341 int val, len; 1342 int err; 1343 1344 if (level != SOL_PPPOL2TP) 1345 return -EINVAL; 1346 1347 if (get_user(len, optlen)) 1348 return -EFAULT; 1349 1350 len = min_t(unsigned int, len, sizeof(int)); 1351 1352 if (len < 0) 1353 return -EINVAL; 1354 1355 err = -ENOTCONN; 1356 if (!sk->sk_user_data) 1357 goto end; 1358 1359 /* Get the session context */ 1360 err = -EBADF; 1361 session = pppol2tp_sock_to_session(sk); 1362 if (!session) 1363 goto end; 1364 1365 /* Special case: if session_id == 0x0000, treat as operation on tunnel */ 1366 if (session->session_id == 0 && session->peer_session_id == 0) { 1367 tunnel = session->tunnel; 1368 err = pppol2tp_tunnel_getsockopt(sk, tunnel, optname, &val); 1369 if (err) 1370 goto end_put_sess; 1371 } else { 1372 err = pppol2tp_session_getsockopt(sk, session, optname, &val); 1373 if (err) 1374 goto end_put_sess; 1375 } 1376 1377 err = -EFAULT; 1378 if (put_user(len, optlen)) 1379 goto end_put_sess; 1380 1381 if (copy_to_user((void __user *)optval, &val, len)) 1382 goto end_put_sess; 1383 1384 err = 0; 1385 1386end_put_sess: 1387 sock_put(sk); 1388end: 1389 return err; 1390} 1391 1392/***************************************************************************** 1393 * /proc filesystem for debug 1394 * Since the original pppol2tp driver provided /proc/net/pppol2tp for 1395 * L2TPv2, we dump only L2TPv2 tunnels and sessions here. 1396 *****************************************************************************/ 1397 1398static unsigned int pppol2tp_net_id; 1399 1400#ifdef CONFIG_PROC_FS 1401 1402struct pppol2tp_seq_data { 1403 struct seq_net_private p; 1404 int tunnel_idx; /* current tunnel */ 1405 int session_idx; /* index of session within current tunnel */ 1406 struct l2tp_tunnel *tunnel; 1407 struct l2tp_session *session; /* NULL means get next tunnel */ 1408}; 1409 1410static void pppol2tp_next_tunnel(struct net *net, struct pppol2tp_seq_data *pd) 1411{ 1412 /* Drop reference taken during previous invocation */ 1413 if (pd->tunnel) 1414 l2tp_tunnel_dec_refcount(pd->tunnel); 1415 1416 for (;;) { 1417 pd->tunnel = l2tp_tunnel_get_nth(net, pd->tunnel_idx); 1418 pd->tunnel_idx++; 1419 1420 /* Only accept L2TPv2 tunnels */ 1421 if (!pd->tunnel || pd->tunnel->version == 2) 1422 return; 1423 1424 l2tp_tunnel_dec_refcount(pd->tunnel); 1425 } 1426} 1427 1428static void pppol2tp_next_session(struct net *net, struct pppol2tp_seq_data *pd) 1429{ 1430 /* Drop reference taken during previous invocation */ 1431 if (pd->session) 1432 l2tp_session_dec_refcount(pd->session); 1433 1434 pd->session = l2tp_session_get_nth(pd->tunnel, pd->session_idx); 1435 pd->session_idx++; 1436 1437 if (!pd->session) { 1438 pd->session_idx = 0; 1439 pppol2tp_next_tunnel(net, pd); 1440 } 1441} 1442 1443static void *pppol2tp_seq_start(struct seq_file *m, loff_t *offs) 1444{ 1445 struct pppol2tp_seq_data *pd = SEQ_START_TOKEN; 1446 loff_t pos = *offs; 1447 struct net *net; 1448 1449 if (!pos) 1450 goto out; 1451 1452 if (WARN_ON(!m->private)) { 1453 pd = NULL; 1454 goto out; 1455 } 1456 1457 pd = m->private; 1458 net = seq_file_net(m); 1459 1460 if (!pd->tunnel) 1461 pppol2tp_next_tunnel(net, pd); 1462 else 1463 pppol2tp_next_session(net, pd); 1464 1465 /* NULL tunnel and session indicates end of list */ 1466 if (!pd->tunnel && !pd->session) 1467 pd = NULL; 1468 1469out: 1470 return pd; 1471} 1472 1473static void *pppol2tp_seq_next(struct seq_file *m, void *v, loff_t *pos) 1474{ 1475 (*pos)++; 1476 return NULL; 1477} 1478 1479static void pppol2tp_seq_stop(struct seq_file *p, void *v) 1480{ 1481 struct pppol2tp_seq_data *pd = v; 1482 1483 if (!pd || pd == SEQ_START_TOKEN) 1484 return; 1485 1486 /* Drop reference taken by last invocation of pppol2tp_next_session() 1487 * or pppol2tp_next_tunnel(). 1488 */ 1489 if (pd->session) { 1490 l2tp_session_dec_refcount(pd->session); 1491 pd->session = NULL; 1492 } 1493 if (pd->tunnel) { 1494 l2tp_tunnel_dec_refcount(pd->tunnel); 1495 pd->tunnel = NULL; 1496 } 1497} 1498 1499static void pppol2tp_seq_tunnel_show(struct seq_file *m, void *v) 1500{ 1501 struct l2tp_tunnel *tunnel = v; 1502 1503 seq_printf(m, "\nTUNNEL '%s', %c %d\n", 1504 tunnel->name, 1505 (tunnel == tunnel->sock->sk_user_data) ? 'Y' : 'N', 1506 refcount_read(&tunnel->ref_count) - 1); 1507 seq_printf(m, " %08x %ld/%ld/%ld %ld/%ld/%ld\n", 1508 0, 1509 atomic_long_read(&tunnel->stats.tx_packets), 1510 atomic_long_read(&tunnel->stats.tx_bytes), 1511 atomic_long_read(&tunnel->stats.tx_errors), 1512 atomic_long_read(&tunnel->stats.rx_packets), 1513 atomic_long_read(&tunnel->stats.rx_bytes), 1514 atomic_long_read(&tunnel->stats.rx_errors)); 1515} 1516 1517static void pppol2tp_seq_session_show(struct seq_file *m, void *v) 1518{ 1519 struct l2tp_session *session = v; 1520 struct l2tp_tunnel *tunnel = session->tunnel; 1521 unsigned char state; 1522 char user_data_ok; 1523 struct sock *sk; 1524 u32 ip = 0; 1525 u16 port = 0; 1526 1527 if (tunnel->sock) { 1528 struct inet_sock *inet = inet_sk(tunnel->sock); 1529 1530 ip = ntohl(inet->inet_saddr); 1531 port = ntohs(inet->inet_sport); 1532 } 1533 1534 sk = pppol2tp_session_get_sock(session); 1535 if (sk) { 1536 state = sk->sk_state; 1537 user_data_ok = (session == sk->sk_user_data) ? 'Y' : 'N'; 1538 } else { 1539 state = 0; 1540 user_data_ok = 'N'; 1541 } 1542 1543 seq_printf(m, " SESSION '%s' %08X/%d %04X/%04X -> %04X/%04X %d %c\n", 1544 session->name, ip, port, 1545 tunnel->tunnel_id, 1546 session->session_id, 1547 tunnel->peer_tunnel_id, 1548 session->peer_session_id, 1549 state, user_data_ok); 1550 seq_printf(m, " 0/0/%c/%c/%s %08x %u\n", 1551 session->recv_seq ? 'R' : '-', 1552 session->send_seq ? 'S' : '-', 1553 session->lns_mode ? "LNS" : "LAC", 1554 0, 1555 jiffies_to_msecs(session->reorder_timeout)); 1556 seq_printf(m, " %hu/%hu %ld/%ld/%ld %ld/%ld/%ld\n", 1557 session->nr, session->ns, 1558 atomic_long_read(&session->stats.tx_packets), 1559 atomic_long_read(&session->stats.tx_bytes), 1560 atomic_long_read(&session->stats.tx_errors), 1561 atomic_long_read(&session->stats.rx_packets), 1562 atomic_long_read(&session->stats.rx_bytes), 1563 atomic_long_read(&session->stats.rx_errors)); 1564 1565 if (sk) { 1566 struct pppox_sock *po = pppox_sk(sk); 1567 1568 seq_printf(m, " interface %s\n", ppp_dev_name(&po->chan)); 1569 sock_put(sk); 1570 } 1571} 1572 1573static int pppol2tp_seq_show(struct seq_file *m, void *v) 1574{ 1575 struct pppol2tp_seq_data *pd = v; 1576 1577 /* display header on line 1 */ 1578 if (v == SEQ_START_TOKEN) { 1579 seq_puts(m, "PPPoL2TP driver info, " PPPOL2TP_DRV_VERSION "\n"); 1580 seq_puts(m, "TUNNEL name, user-data-ok session-count\n"); 1581 seq_puts(m, " debug tx-pkts/bytes/errs rx-pkts/bytes/errs\n"); 1582 seq_puts(m, " SESSION name, addr/port src-tid/sid dest-tid/sid state user-data-ok\n"); 1583 seq_puts(m, " mtu/mru/rcvseq/sendseq/lns debug reorderto\n"); 1584 seq_puts(m, " nr/ns tx-pkts/bytes/errs rx-pkts/bytes/errs\n"); 1585 goto out; 1586 } 1587 1588 if (!pd->session) 1589 pppol2tp_seq_tunnel_show(m, pd->tunnel); 1590 else 1591 pppol2tp_seq_session_show(m, pd->session); 1592 1593out: 1594 return 0; 1595} 1596 1597static const struct seq_operations pppol2tp_seq_ops = { 1598 .start = pppol2tp_seq_start, 1599 .next = pppol2tp_seq_next, 1600 .stop = pppol2tp_seq_stop, 1601 .show = pppol2tp_seq_show, 1602}; 1603#endif /* CONFIG_PROC_FS */ 1604 1605/***************************************************************************** 1606 * Network namespace 1607 *****************************************************************************/ 1608 1609static __net_init int pppol2tp_init_net(struct net *net) 1610{ 1611 struct proc_dir_entry *pde; 1612 int err = 0; 1613 1614 pde = proc_create_net("pppol2tp", 0444, net->proc_net, 1615 &pppol2tp_seq_ops, sizeof(struct pppol2tp_seq_data)); 1616 if (!pde) { 1617 err = -ENOMEM; 1618 goto out; 1619 } 1620 1621out: 1622 return err; 1623} 1624 1625static __net_exit void pppol2tp_exit_net(struct net *net) 1626{ 1627 remove_proc_entry("pppol2tp", net->proc_net); 1628} 1629 1630static struct pernet_operations pppol2tp_net_ops = { 1631 .init = pppol2tp_init_net, 1632 .exit = pppol2tp_exit_net, 1633 .id = &pppol2tp_net_id, 1634}; 1635 1636/***************************************************************************** 1637 * Init and cleanup 1638 *****************************************************************************/ 1639 1640static const struct proto_ops pppol2tp_ops = { 1641 .family = AF_PPPOX, 1642 .owner = THIS_MODULE, 1643 .release = pppol2tp_release, 1644 .bind = sock_no_bind, 1645 .connect = pppol2tp_connect, 1646 .socketpair = sock_no_socketpair, 1647 .accept = sock_no_accept, 1648 .getname = pppol2tp_getname, 1649 .poll = datagram_poll, 1650 .listen = sock_no_listen, 1651 .shutdown = sock_no_shutdown, 1652 .setsockopt = pppol2tp_setsockopt, 1653 .getsockopt = pppol2tp_getsockopt, 1654 .sendmsg = pppol2tp_sendmsg, 1655 .recvmsg = pppol2tp_recvmsg, 1656 .mmap = sock_no_mmap, 1657 .ioctl = pppox_ioctl, 1658#ifdef CONFIG_COMPAT 1659 .compat_ioctl = pppox_compat_ioctl, 1660#endif 1661}; 1662 1663static const struct pppox_proto pppol2tp_proto = { 1664 .create = pppol2tp_create, 1665 .ioctl = pppol2tp_ioctl, 1666 .owner = THIS_MODULE, 1667}; 1668 1669#ifdef CONFIG_L2TP_V3 1670 1671static const struct l2tp_nl_cmd_ops pppol2tp_nl_cmd_ops = { 1672 .session_create = pppol2tp_session_create, 1673 .session_delete = l2tp_session_delete, 1674}; 1675 1676#endif /* CONFIG_L2TP_V3 */ 1677 1678static int __init pppol2tp_init(void) 1679{ 1680 int err; 1681 1682 err = register_pernet_device(&pppol2tp_net_ops); 1683 if (err) 1684 goto out; 1685 1686 err = proto_register(&pppol2tp_sk_proto, 0); 1687 if (err) 1688 goto out_unregister_pppol2tp_pernet; 1689 1690 err = register_pppox_proto(PX_PROTO_OL2TP, &pppol2tp_proto); 1691 if (err) 1692 goto out_unregister_pppol2tp_proto; 1693 1694#ifdef CONFIG_L2TP_V3 1695 err = l2tp_nl_register_ops(L2TP_PWTYPE_PPP, &pppol2tp_nl_cmd_ops); 1696 if (err) 1697 goto out_unregister_pppox; 1698#endif 1699 1700 pr_info("PPPoL2TP kernel driver, %s\n", PPPOL2TP_DRV_VERSION); 1701 1702out: 1703 return err; 1704 1705#ifdef CONFIG_L2TP_V3 1706out_unregister_pppox: 1707 unregister_pppox_proto(PX_PROTO_OL2TP); 1708#endif 1709out_unregister_pppol2tp_proto: 1710 proto_unregister(&pppol2tp_sk_proto); 1711out_unregister_pppol2tp_pernet: 1712 unregister_pernet_device(&pppol2tp_net_ops); 1713 goto out; 1714} 1715 1716static void __exit pppol2tp_exit(void) 1717{ 1718#ifdef CONFIG_L2TP_V3 1719 l2tp_nl_unregister_ops(L2TP_PWTYPE_PPP); 1720#endif 1721 unregister_pppox_proto(PX_PROTO_OL2TP); 1722 proto_unregister(&pppol2tp_sk_proto); 1723 unregister_pernet_device(&pppol2tp_net_ops); 1724} 1725 1726module_init(pppol2tp_init); 1727module_exit(pppol2tp_exit); 1728 1729MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); 1730MODULE_DESCRIPTION("PPP over L2TP over UDP"); 1731MODULE_LICENSE("GPL"); 1732MODULE_VERSION(PPPOL2TP_DRV_VERSION); 1733MODULE_ALIAS_NET_PF_PROTO(PF_PPPOX, PX_PROTO_OL2TP); 1734MODULE_ALIAS_L2TP_PWTYPE(7);