aboutsummaryrefslogtreecommitdiffstats
path: root/net/l2tp
diff options
context:
space:
mode:
Diffstat (limited to 'net/l2tp')
-rw-r--r--net/l2tp/Kconfig4
-rw-r--r--net/l2tp/l2tp_core.c223
-rw-r--r--net/l2tp/l2tp_core.h7
-rw-r--r--net/l2tp/l2tp_ip.c16
-rw-r--r--net/l2tp/l2tp_ip6.c10
-rw-r--r--net/l2tp/l2tp_netlink.c1
-rw-r--r--net/l2tp/l2tp_ppp.c11
7 files changed, 184 insertions, 88 deletions
diff --git a/net/l2tp/Kconfig b/net/l2tp/Kconfig
index 147a8fd47a17..adb9843dd7cf 100644
--- a/net/l2tp/Kconfig
+++ b/net/l2tp/Kconfig
@@ -46,8 +46,8 @@ config L2TP_DEBUGFS
46 will be called l2tp_debugfs. 46 will be called l2tp_debugfs.
47 47
48config L2TP_V3 48config L2TP_V3
49 bool "L2TPv3 support (EXPERIMENTAL)" 49 bool "L2TPv3 support"
50 depends on EXPERIMENTAL && L2TP 50 depends on L2TP
51 help 51 help
52 Layer Two Tunneling Protocol Version 3 52 Layer Two Tunneling Protocol Version 3
53 53
diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
index 1a9f3723c13c..dcfd64e83ab7 100644
--- a/net/l2tp/l2tp_core.c
+++ b/net/l2tp/l2tp_core.c
@@ -101,6 +101,7 @@ struct l2tp_skb_cb {
101 101
102static atomic_t l2tp_tunnel_count; 102static atomic_t l2tp_tunnel_count;
103static atomic_t l2tp_session_count; 103static atomic_t l2tp_session_count;
104static struct workqueue_struct *l2tp_wq;
104 105
105/* per-net private data for this module */ 106/* per-net private data for this module */
106static unsigned int l2tp_net_id; 107static unsigned int l2tp_net_id;
@@ -122,7 +123,6 @@ static inline struct l2tp_net *l2tp_pernet(struct net *net)
122 return net_generic(net, l2tp_net_id); 123 return net_generic(net, l2tp_net_id);
123} 124}
124 125
125
126/* Tunnel reference counts. Incremented per session that is added to 126/* Tunnel reference counts. Incremented per session that is added to
127 * the tunnel. 127 * the tunnel.
128 */ 128 */
@@ -168,6 +168,51 @@ l2tp_session_id_hash_2(struct l2tp_net *pn, u32 session_id)
168 168
169} 169}
170 170
171/* Lookup the tunnel socket, possibly involving the fs code if the socket is
172 * owned by userspace. A struct sock returned from this function must be
173 * released using l2tp_tunnel_sock_put once you're done with it.
174 */
175struct sock *l2tp_tunnel_sock_lookup(struct l2tp_tunnel *tunnel)
176{
177 int err = 0;
178 struct socket *sock = NULL;
179 struct sock *sk = NULL;
180
181 if (!tunnel)
182 goto out;
183
184 if (tunnel->fd >= 0) {
185 /* Socket is owned by userspace, who might be in the process
186 * of closing it. Look the socket up using the fd to ensure
187 * consistency.
188 */
189 sock = sockfd_lookup(tunnel->fd, &err);
190 if (sock)
191 sk = sock->sk;
192 } else {
193 /* Socket is owned by kernelspace */
194 sk = tunnel->sock;
195 }
196
197out:
198 return sk;
199}
200EXPORT_SYMBOL_GPL(l2tp_tunnel_sock_lookup);
201
202/* Drop a reference to a tunnel socket obtained via. l2tp_tunnel_sock_put */
203void l2tp_tunnel_sock_put(struct sock *sk)
204{
205 struct l2tp_tunnel *tunnel = l2tp_sock_to_tunnel(sk);
206 if (tunnel) {
207 if (tunnel->fd >= 0) {
208 /* Socket is owned by userspace */
209 sockfd_put(sk->sk_socket);
210 }
211 sock_put(sk);
212 }
213}
214EXPORT_SYMBOL_GPL(l2tp_tunnel_sock_put);
215
171/* Lookup a session by id in the global session list 216/* Lookup a session by id in the global session list
172 */ 217 */
173static struct l2tp_session *l2tp_session_find_2(struct net *net, u32 session_id) 218static struct l2tp_session *l2tp_session_find_2(struct net *net, u32 session_id)
@@ -1123,8 +1168,6 @@ int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len
1123 struct udphdr *uh; 1168 struct udphdr *uh;
1124 struct inet_sock *inet; 1169 struct inet_sock *inet;
1125 __wsum csum; 1170 __wsum csum;
1126 int old_headroom;
1127 int new_headroom;
1128 int headroom; 1171 int headroom;
1129 int uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0; 1172 int uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0;
1130 int udp_len; 1173 int udp_len;
@@ -1136,16 +1179,12 @@ int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len
1136 */ 1179 */
1137 headroom = NET_SKB_PAD + sizeof(struct iphdr) + 1180 headroom = NET_SKB_PAD + sizeof(struct iphdr) +
1138 uhlen + hdr_len; 1181 uhlen + hdr_len;
1139 old_headroom = skb_headroom(skb);
1140 if (skb_cow_head(skb, headroom)) { 1182 if (skb_cow_head(skb, headroom)) {
1141 kfree_skb(skb); 1183 kfree_skb(skb);
1142 return NET_XMIT_DROP; 1184 return NET_XMIT_DROP;
1143 } 1185 }
1144 1186
1145 new_headroom = skb_headroom(skb);
1146 skb_orphan(skb); 1187 skb_orphan(skb);
1147 skb->truesize += new_headroom - old_headroom;
1148
1149 /* Setup L2TP header */ 1188 /* Setup L2TP header */
1150 session->build_header(session, __skb_push(skb, hdr_len)); 1189 session->build_header(session, __skb_push(skb, hdr_len));
1151 1190
@@ -1232,6 +1271,7 @@ EXPORT_SYMBOL_GPL(l2tp_xmit_skb);
1232static void l2tp_tunnel_destruct(struct sock *sk) 1271static void l2tp_tunnel_destruct(struct sock *sk)
1233{ 1272{
1234 struct l2tp_tunnel *tunnel; 1273 struct l2tp_tunnel *tunnel;
1274 struct l2tp_net *pn;
1235 1275
1236 tunnel = sk->sk_user_data; 1276 tunnel = sk->sk_user_data;
1237 if (tunnel == NULL) 1277 if (tunnel == NULL)
@@ -1239,9 +1279,8 @@ static void l2tp_tunnel_destruct(struct sock *sk)
1239 1279
1240 l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: closing...\n", tunnel->name); 1280 l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: closing...\n", tunnel->name);
1241 1281
1242 /* Close all sessions */
1243 l2tp_tunnel_closeall(tunnel);
1244 1282
1283 /* Disable udp encapsulation */
1245 switch (tunnel->encap) { 1284 switch (tunnel->encap) {
1246 case L2TP_ENCAPTYPE_UDP: 1285 case L2TP_ENCAPTYPE_UDP:
1247 /* No longer an encapsulation socket. See net/ipv4/udp.c */ 1286 /* No longer an encapsulation socket. See net/ipv4/udp.c */
@@ -1253,17 +1292,23 @@ static void l2tp_tunnel_destruct(struct sock *sk)
1253 } 1292 }
1254 1293
1255 /* Remove hooks into tunnel socket */ 1294 /* Remove hooks into tunnel socket */
1256 tunnel->sock = NULL;
1257 sk->sk_destruct = tunnel->old_sk_destruct; 1295 sk->sk_destruct = tunnel->old_sk_destruct;
1258 sk->sk_user_data = NULL; 1296 sk->sk_user_data = NULL;
1297 tunnel->sock = NULL;
1259 1298
1260 /* Call the original destructor */ 1299 /* Remove the tunnel struct from the tunnel list */
1261 if (sk->sk_destruct) 1300 pn = l2tp_pernet(tunnel->l2tp_net);
1262 (*sk->sk_destruct)(sk); 1301 spin_lock_bh(&pn->l2tp_tunnel_list_lock);
1302 list_del_rcu(&tunnel->list);
1303 spin_unlock_bh(&pn->l2tp_tunnel_list_lock);
1304 atomic_dec(&l2tp_tunnel_count);
1263 1305
1264 /* We're finished with the socket */ 1306 l2tp_tunnel_closeall(tunnel);
1265 l2tp_tunnel_dec_refcount(tunnel); 1307 l2tp_tunnel_dec_refcount(tunnel);
1266 1308
1309 /* Call the original destructor */
1310 if (sk->sk_destruct)
1311 (*sk->sk_destruct)(sk);
1267end: 1312end:
1268 return; 1313 return;
1269} 1314}
@@ -1337,48 +1382,77 @@ again:
1337 */ 1382 */
1338static void l2tp_tunnel_free(struct l2tp_tunnel *tunnel) 1383static void l2tp_tunnel_free(struct l2tp_tunnel *tunnel)
1339{ 1384{
1340 struct l2tp_net *pn = l2tp_pernet(tunnel->l2tp_net);
1341
1342 BUG_ON(atomic_read(&tunnel->ref_count) != 0); 1385 BUG_ON(atomic_read(&tunnel->ref_count) != 0);
1343 BUG_ON(tunnel->sock != NULL); 1386 BUG_ON(tunnel->sock != NULL);
1344
1345 l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: free...\n", tunnel->name); 1387 l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: free...\n", tunnel->name);
1346
1347 /* Remove from tunnel list */
1348 spin_lock_bh(&pn->l2tp_tunnel_list_lock);
1349 list_del_rcu(&tunnel->list);
1350 kfree_rcu(tunnel, rcu); 1388 kfree_rcu(tunnel, rcu);
1351 spin_unlock_bh(&pn->l2tp_tunnel_list_lock); 1389}
1352 1390
1353 atomic_dec(&l2tp_tunnel_count); 1391/* Workqueue tunnel deletion function */
1392static void l2tp_tunnel_del_work(struct work_struct *work)
1393{
1394 struct l2tp_tunnel *tunnel = NULL;
1395 struct socket *sock = NULL;
1396 struct sock *sk = NULL;
1397
1398 tunnel = container_of(work, struct l2tp_tunnel, del_work);
1399 sk = l2tp_tunnel_sock_lookup(tunnel);
1400 if (!sk)
1401 return;
1402
1403 sock = sk->sk_socket;
1404 BUG_ON(!sock);
1405
1406 /* If the tunnel socket was created directly by the kernel, use the
1407 * sk_* API to release the socket now. Otherwise go through the
1408 * inet_* layer to shut the socket down, and let userspace close it.
1409 * In either case the tunnel resources are freed in the socket
1410 * destructor when the tunnel socket goes away.
1411 */
1412 if (sock->file == NULL) {
1413 kernel_sock_shutdown(sock, SHUT_RDWR);
1414 sk_release_kernel(sk);
1415 } else {
1416 inet_shutdown(sock, 2);
1417 }
1418
1419 l2tp_tunnel_sock_put(sk);
1354} 1420}
1355 1421
1356/* Create a socket for the tunnel, if one isn't set up by 1422/* Create a socket for the tunnel, if one isn't set up by
1357 * userspace. This is used for static tunnels where there is no 1423 * userspace. This is used for static tunnels where there is no
1358 * managing L2TP daemon. 1424 * managing L2TP daemon.
1425 *
1426 * Since we don't want these sockets to keep a namespace alive by
1427 * themselves, we drop the socket's namespace refcount after creation.
1428 * These sockets are freed when the namespace exits using the pernet
1429 * exit hook.
1359 */ 1430 */
1360static int l2tp_tunnel_sock_create(u32 tunnel_id, u32 peer_tunnel_id, struct l2tp_tunnel_cfg *cfg, struct socket **sockp) 1431static int l2tp_tunnel_sock_create(struct net *net,
1432 u32 tunnel_id,
1433 u32 peer_tunnel_id,
1434 struct l2tp_tunnel_cfg *cfg,
1435 struct socket **sockp)
1361{ 1436{
1362 int err = -EINVAL; 1437 int err = -EINVAL;
1363 struct sockaddr_in udp_addr; 1438 struct socket *sock = NULL;
1439 struct sockaddr_in udp_addr = {0};
1440 struct sockaddr_l2tpip ip_addr = {0};
1364#if IS_ENABLED(CONFIG_IPV6) 1441#if IS_ENABLED(CONFIG_IPV6)
1365 struct sockaddr_in6 udp6_addr; 1442 struct sockaddr_in6 udp6_addr = {0};
1366 struct sockaddr_l2tpip6 ip6_addr; 1443 struct sockaddr_l2tpip6 ip6_addr = {0};
1367#endif 1444#endif
1368 struct sockaddr_l2tpip ip_addr;
1369 struct socket *sock = NULL;
1370 1445
1371 switch (cfg->encap) { 1446 switch (cfg->encap) {
1372 case L2TP_ENCAPTYPE_UDP: 1447 case L2TP_ENCAPTYPE_UDP:
1373#if IS_ENABLED(CONFIG_IPV6) 1448#if IS_ENABLED(CONFIG_IPV6)
1374 if (cfg->local_ip6 && cfg->peer_ip6) { 1449 if (cfg->local_ip6 && cfg->peer_ip6) {
1375 err = sock_create(AF_INET6, SOCK_DGRAM, 0, sockp); 1450 err = sock_create_kern(AF_INET6, SOCK_DGRAM, 0, &sock);
1376 if (err < 0) 1451 if (err < 0)
1377 goto out; 1452 goto out;
1378 1453
1379 sock = *sockp; 1454 sk_change_net(sock->sk, net);
1380 1455
1381 memset(&udp6_addr, 0, sizeof(udp6_addr));
1382 udp6_addr.sin6_family = AF_INET6; 1456 udp6_addr.sin6_family = AF_INET6;
1383 memcpy(&udp6_addr.sin6_addr, cfg->local_ip6, 1457 memcpy(&udp6_addr.sin6_addr, cfg->local_ip6,
1384 sizeof(udp6_addr.sin6_addr)); 1458 sizeof(udp6_addr.sin6_addr));
@@ -1400,13 +1474,12 @@ static int l2tp_tunnel_sock_create(u32 tunnel_id, u32 peer_tunnel_id, struct l2t
1400 } else 1474 } else
1401#endif 1475#endif
1402 { 1476 {
1403 err = sock_create(AF_INET, SOCK_DGRAM, 0, sockp); 1477 err = sock_create_kern(AF_INET, SOCK_DGRAM, 0, &sock);
1404 if (err < 0) 1478 if (err < 0)
1405 goto out; 1479 goto out;
1406 1480
1407 sock = *sockp; 1481 sk_change_net(sock->sk, net);
1408 1482
1409 memset(&udp_addr, 0, sizeof(udp_addr));
1410 udp_addr.sin_family = AF_INET; 1483 udp_addr.sin_family = AF_INET;
1411 udp_addr.sin_addr = cfg->local_ip; 1484 udp_addr.sin_addr = cfg->local_ip;
1412 udp_addr.sin_port = htons(cfg->local_udp_port); 1485 udp_addr.sin_port = htons(cfg->local_udp_port);
@@ -1433,14 +1506,13 @@ static int l2tp_tunnel_sock_create(u32 tunnel_id, u32 peer_tunnel_id, struct l2t
1433 case L2TP_ENCAPTYPE_IP: 1506 case L2TP_ENCAPTYPE_IP:
1434#if IS_ENABLED(CONFIG_IPV6) 1507#if IS_ENABLED(CONFIG_IPV6)
1435 if (cfg->local_ip6 && cfg->peer_ip6) { 1508 if (cfg->local_ip6 && cfg->peer_ip6) {
1436 err = sock_create(AF_INET6, SOCK_DGRAM, IPPROTO_L2TP, 1509 err = sock_create_kern(AF_INET6, SOCK_DGRAM,
1437 sockp); 1510 IPPROTO_L2TP, &sock);
1438 if (err < 0) 1511 if (err < 0)
1439 goto out; 1512 goto out;
1440 1513
1441 sock = *sockp; 1514 sk_change_net(sock->sk, net);
1442 1515
1443 memset(&ip6_addr, 0, sizeof(ip6_addr));
1444 ip6_addr.l2tp_family = AF_INET6; 1516 ip6_addr.l2tp_family = AF_INET6;
1445 memcpy(&ip6_addr.l2tp_addr, cfg->local_ip6, 1517 memcpy(&ip6_addr.l2tp_addr, cfg->local_ip6,
1446 sizeof(ip6_addr.l2tp_addr)); 1518 sizeof(ip6_addr.l2tp_addr));
@@ -1462,14 +1534,13 @@ static int l2tp_tunnel_sock_create(u32 tunnel_id, u32 peer_tunnel_id, struct l2t
1462 } else 1534 } else
1463#endif 1535#endif
1464 { 1536 {
1465 err = sock_create(AF_INET, SOCK_DGRAM, IPPROTO_L2TP, 1537 err = sock_create_kern(AF_INET, SOCK_DGRAM,
1466 sockp); 1538 IPPROTO_L2TP, &sock);
1467 if (err < 0) 1539 if (err < 0)
1468 goto out; 1540 goto out;
1469 1541
1470 sock = *sockp; 1542 sk_change_net(sock->sk, net);
1471 1543
1472 memset(&ip_addr, 0, sizeof(ip_addr));
1473 ip_addr.l2tp_family = AF_INET; 1544 ip_addr.l2tp_family = AF_INET;
1474 ip_addr.l2tp_addr = cfg->local_ip; 1545 ip_addr.l2tp_addr = cfg->local_ip;
1475 ip_addr.l2tp_conn_id = tunnel_id; 1546 ip_addr.l2tp_conn_id = tunnel_id;
@@ -1493,8 +1564,10 @@ static int l2tp_tunnel_sock_create(u32 tunnel_id, u32 peer_tunnel_id, struct l2t
1493 } 1564 }
1494 1565
1495out: 1566out:
1567 *sockp = sock;
1496 if ((err < 0) && sock) { 1568 if ((err < 0) && sock) {
1497 sock_release(sock); 1569 kernel_sock_shutdown(sock, SHUT_RDWR);
1570 sk_release_kernel(sock->sk);
1498 *sockp = NULL; 1571 *sockp = NULL;
1499 } 1572 }
1500 1573
@@ -1517,15 +1590,23 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32
1517 * kernel socket. 1590 * kernel socket.
1518 */ 1591 */
1519 if (fd < 0) { 1592 if (fd < 0) {
1520 err = l2tp_tunnel_sock_create(tunnel_id, peer_tunnel_id, cfg, &sock); 1593 err = l2tp_tunnel_sock_create(net, tunnel_id, peer_tunnel_id,
1594 cfg, &sock);
1521 if (err < 0) 1595 if (err < 0)
1522 goto err; 1596 goto err;
1523 } else { 1597 } else {
1524 err = -EBADF;
1525 sock = sockfd_lookup(fd, &err); 1598 sock = sockfd_lookup(fd, &err);
1526 if (!sock) { 1599 if (!sock) {
1527 pr_err("tunl %hu: sockfd_lookup(fd=%d) returned %d\n", 1600 pr_err("tunl %u: sockfd_lookup(fd=%d) returned %d\n",
1528 tunnel_id, fd, err); 1601 tunnel_id, fd, err);
1602 err = -EBADF;
1603 goto err;
1604 }
1605
1606 /* Reject namespace mismatches */
1607 if (!net_eq(sock_net(sock->sk), net)) {
1608 pr_err("tunl %u: netns mismatch\n", tunnel_id);
1609 err = -EINVAL;
1529 goto err; 1610 goto err;
1530 } 1611 }
1531 } 1612 }
@@ -1607,10 +1688,14 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32
1607 tunnel->old_sk_destruct = sk->sk_destruct; 1688 tunnel->old_sk_destruct = sk->sk_destruct;
1608 sk->sk_destruct = &l2tp_tunnel_destruct; 1689 sk->sk_destruct = &l2tp_tunnel_destruct;
1609 tunnel->sock = sk; 1690 tunnel->sock = sk;
1691 tunnel->fd = fd;
1610 lockdep_set_class_and_name(&sk->sk_lock.slock, &l2tp_socket_class, "l2tp_sock"); 1692 lockdep_set_class_and_name(&sk->sk_lock.slock, &l2tp_socket_class, "l2tp_sock");
1611 1693
1612 sk->sk_allocation = GFP_ATOMIC; 1694 sk->sk_allocation = GFP_ATOMIC;
1613 1695
1696 /* Init delete workqueue struct */
1697 INIT_WORK(&tunnel->del_work, l2tp_tunnel_del_work);
1698
1614 /* Add tunnel to our list */ 1699 /* Add tunnel to our list */
1615 INIT_LIST_HEAD(&tunnel->list); 1700 INIT_LIST_HEAD(&tunnel->list);
1616 atomic_inc(&l2tp_tunnel_count); 1701 atomic_inc(&l2tp_tunnel_count);
@@ -1642,25 +1727,7 @@ EXPORT_SYMBOL_GPL(l2tp_tunnel_create);
1642 */ 1727 */
1643int l2tp_tunnel_delete(struct l2tp_tunnel *tunnel) 1728int l2tp_tunnel_delete(struct l2tp_tunnel *tunnel)
1644{ 1729{
1645 int err = 0; 1730 return (false == queue_work(l2tp_wq, &tunnel->del_work));
1646 struct socket *sock = tunnel->sock ? tunnel->sock->sk_socket : NULL;
1647
1648 /* Force the tunnel socket to close. This will eventually
1649 * cause the tunnel to be deleted via the normal socket close
1650 * mechanisms when userspace closes the tunnel socket.
1651 */
1652 if (sock != NULL) {
1653 err = inet_shutdown(sock, 2);
1654
1655 /* If the tunnel's socket was created by the kernel,
1656 * close the socket here since the socket was not
1657 * created by userspace.
1658 */
1659 if (sock->file == NULL)
1660 err = inet_release(sock);
1661 }
1662
1663 return err;
1664} 1731}
1665EXPORT_SYMBOL_GPL(l2tp_tunnel_delete); 1732EXPORT_SYMBOL_GPL(l2tp_tunnel_delete);
1666 1733
@@ -1844,8 +1911,21 @@ static __net_init int l2tp_init_net(struct net *net)
1844 return 0; 1911 return 0;
1845} 1912}
1846 1913
1914static __net_exit void l2tp_exit_net(struct net *net)
1915{
1916 struct l2tp_net *pn = l2tp_pernet(net);
1917 struct l2tp_tunnel *tunnel = NULL;
1918
1919 rcu_read_lock_bh();
1920 list_for_each_entry_rcu(tunnel, &pn->l2tp_tunnel_list, list) {
1921 (void)l2tp_tunnel_delete(tunnel);
1922 }
1923 rcu_read_unlock_bh();
1924}
1925
1847static struct pernet_operations l2tp_net_ops = { 1926static struct pernet_operations l2tp_net_ops = {
1848 .init = l2tp_init_net, 1927 .init = l2tp_init_net,
1928 .exit = l2tp_exit_net,
1849 .id = &l2tp_net_id, 1929 .id = &l2tp_net_id,
1850 .size = sizeof(struct l2tp_net), 1930 .size = sizeof(struct l2tp_net),
1851}; 1931};
@@ -1858,6 +1938,13 @@ static int __init l2tp_init(void)
1858 if (rc) 1938 if (rc)
1859 goto out; 1939 goto out;
1860 1940
1941 l2tp_wq = alloc_workqueue("l2tp", WQ_NON_REENTRANT | WQ_UNBOUND, 0);
1942 if (!l2tp_wq) {
1943 pr_err("alloc_workqueue failed\n");
1944 rc = -ENOMEM;
1945 goto out;
1946 }
1947
1861 pr_info("L2TP core driver, %s\n", L2TP_DRV_VERSION); 1948 pr_info("L2TP core driver, %s\n", L2TP_DRV_VERSION);
1862 1949
1863out: 1950out:
@@ -1867,6 +1954,10 @@ out:
1867static void __exit l2tp_exit(void) 1954static void __exit l2tp_exit(void)
1868{ 1955{
1869 unregister_pernet_device(&l2tp_net_ops); 1956 unregister_pernet_device(&l2tp_net_ops);
1957 if (l2tp_wq) {
1958 destroy_workqueue(l2tp_wq);
1959 l2tp_wq = NULL;
1960 }
1870} 1961}
1871 1962
1872module_init(l2tp_init); 1963module_init(l2tp_init);
diff --git a/net/l2tp/l2tp_core.h b/net/l2tp/l2tp_core.h
index 56d583e083a7..8eb8f1d47f3a 100644
--- a/net/l2tp/l2tp_core.h
+++ b/net/l2tp/l2tp_core.h
@@ -188,7 +188,10 @@ struct l2tp_tunnel {
188 int (*recv_payload_hook)(struct sk_buff *skb); 188 int (*recv_payload_hook)(struct sk_buff *skb);
189 void (*old_sk_destruct)(struct sock *); 189 void (*old_sk_destruct)(struct sock *);
190 struct sock *sock; /* Parent socket */ 190 struct sock *sock; /* Parent socket */
191 int fd; 191 int fd; /* Parent fd, if tunnel socket
192 * was created by userspace */
193
194 struct work_struct del_work;
192 195
193 uint8_t priv[0]; /* private data */ 196 uint8_t priv[0]; /* private data */
194}; 197};
@@ -228,6 +231,8 @@ out:
228 return tunnel; 231 return tunnel;
229} 232}
230 233
234extern struct sock *l2tp_tunnel_sock_lookup(struct l2tp_tunnel *tunnel);
235extern void l2tp_tunnel_sock_put(struct sock *sk);
231extern struct l2tp_session *l2tp_session_find(struct net *net, struct l2tp_tunnel *tunnel, u32 session_id); 236extern struct l2tp_session *l2tp_session_find(struct net *net, struct l2tp_tunnel *tunnel, u32 session_id);
232extern struct l2tp_session *l2tp_session_find_nth(struct l2tp_tunnel *tunnel, int nth); 237extern struct l2tp_session *l2tp_session_find_nth(struct l2tp_tunnel *tunnel, int nth);
233extern struct l2tp_session *l2tp_session_find_by_ifname(struct net *net, char *ifname); 238extern struct l2tp_session *l2tp_session_find_by_ifname(struct net *net, char *ifname);
diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c
index 61d8b75d2686..f7ac8f42fee2 100644
--- a/net/l2tp/l2tp_ip.c
+++ b/net/l2tp/l2tp_ip.c
@@ -115,6 +115,7 @@ static inline struct sock *l2tp_ip_bind_lookup(struct net *net, __be32 laddr, in
115 */ 115 */
116static int l2tp_ip_recv(struct sk_buff *skb) 116static int l2tp_ip_recv(struct sk_buff *skb)
117{ 117{
118 struct net *net = dev_net(skb->dev);
118 struct sock *sk; 119 struct sock *sk;
119 u32 session_id; 120 u32 session_id;
120 u32 tunnel_id; 121 u32 tunnel_id;
@@ -142,7 +143,7 @@ static int l2tp_ip_recv(struct sk_buff *skb)
142 } 143 }
143 144
144 /* Ok, this is a data packet. Lookup the session. */ 145 /* Ok, this is a data packet. Lookup the session. */
145 session = l2tp_session_find(&init_net, NULL, session_id); 146 session = l2tp_session_find(net, NULL, session_id);
146 if (session == NULL) 147 if (session == NULL)
147 goto discard; 148 goto discard;
148 149
@@ -173,14 +174,14 @@ pass_up:
173 goto discard; 174 goto discard;
174 175
175 tunnel_id = ntohl(*(__be32 *) &skb->data[4]); 176 tunnel_id = ntohl(*(__be32 *) &skb->data[4]);
176 tunnel = l2tp_tunnel_find(&init_net, tunnel_id); 177 tunnel = l2tp_tunnel_find(net, tunnel_id);
177 if (tunnel != NULL) 178 if (tunnel != NULL)
178 sk = tunnel->sock; 179 sk = tunnel->sock;
179 else { 180 else {
180 struct iphdr *iph = (struct iphdr *) skb_network_header(skb); 181 struct iphdr *iph = (struct iphdr *) skb_network_header(skb);
181 182
182 read_lock_bh(&l2tp_ip_lock); 183 read_lock_bh(&l2tp_ip_lock);
183 sk = __l2tp_ip_bind_lookup(&init_net, iph->daddr, 0, tunnel_id); 184 sk = __l2tp_ip_bind_lookup(net, iph->daddr, 0, tunnel_id);
184 read_unlock_bh(&l2tp_ip_lock); 185 read_unlock_bh(&l2tp_ip_lock);
185 } 186 }
186 187
@@ -239,6 +240,7 @@ static int l2tp_ip_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
239{ 240{
240 struct inet_sock *inet = inet_sk(sk); 241 struct inet_sock *inet = inet_sk(sk);
241 struct sockaddr_l2tpip *addr = (struct sockaddr_l2tpip *) uaddr; 242 struct sockaddr_l2tpip *addr = (struct sockaddr_l2tpip *) uaddr;
243 struct net *net = sock_net(sk);
242 int ret; 244 int ret;
243 int chk_addr_ret; 245 int chk_addr_ret;
244 246
@@ -251,7 +253,8 @@ static int l2tp_ip_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
251 253
252 ret = -EADDRINUSE; 254 ret = -EADDRINUSE;
253 read_lock_bh(&l2tp_ip_lock); 255 read_lock_bh(&l2tp_ip_lock);
254 if (__l2tp_ip_bind_lookup(&init_net, addr->l2tp_addr.s_addr, sk->sk_bound_dev_if, addr->l2tp_conn_id)) 256 if (__l2tp_ip_bind_lookup(net, addr->l2tp_addr.s_addr,
257 sk->sk_bound_dev_if, addr->l2tp_conn_id))
255 goto out_in_use; 258 goto out_in_use;
256 259
257 read_unlock_bh(&l2tp_ip_lock); 260 read_unlock_bh(&l2tp_ip_lock);
@@ -260,7 +263,7 @@ static int l2tp_ip_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
260 if (sk->sk_state != TCP_CLOSE || addr_len < sizeof(struct sockaddr_l2tpip)) 263 if (sk->sk_state != TCP_CLOSE || addr_len < sizeof(struct sockaddr_l2tpip))
261 goto out; 264 goto out;
262 265
263 chk_addr_ret = inet_addr_type(&init_net, addr->l2tp_addr.s_addr); 266 chk_addr_ret = inet_addr_type(net, addr->l2tp_addr.s_addr);
264 ret = -EADDRNOTAVAIL; 267 ret = -EADDRNOTAVAIL;
265 if (addr->l2tp_addr.s_addr && chk_addr_ret != RTN_LOCAL && 268 if (addr->l2tp_addr.s_addr && chk_addr_ret != RTN_LOCAL &&
266 chk_addr_ret != RTN_MULTICAST && chk_addr_ret != RTN_BROADCAST) 269 chk_addr_ret != RTN_MULTICAST && chk_addr_ret != RTN_BROADCAST)
@@ -369,7 +372,7 @@ static int l2tp_ip_backlog_recv(struct sock *sk, struct sk_buff *skb)
369 return 0; 372 return 0;
370 373
371drop: 374drop:
372 IP_INC_STATS(&init_net, IPSTATS_MIB_INDISCARDS); 375 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_INDISCARDS);
373 kfree_skb(skb); 376 kfree_skb(skb);
374 return -1; 377 return -1;
375} 378}
@@ -605,6 +608,7 @@ static struct inet_protosw l2tp_ip_protosw = {
605 608
606static struct net_protocol l2tp_ip_protocol __read_mostly = { 609static struct net_protocol l2tp_ip_protocol __read_mostly = {
607 .handler = l2tp_ip_recv, 610 .handler = l2tp_ip_recv,
611 .netns_ok = 1,
608}; 612};
609 613
610static int __init l2tp_ip_init(void) 614static int __init l2tp_ip_init(void)
diff --git a/net/l2tp/l2tp_ip6.c b/net/l2tp/l2tp_ip6.c
index 927547171bc7..8ee4a86ae996 100644
--- a/net/l2tp/l2tp_ip6.c
+++ b/net/l2tp/l2tp_ip6.c
@@ -554,8 +554,8 @@ static int l2tp_ip6_sendmsg(struct kiocb *iocb, struct sock *sk,
554 memset(opt, 0, sizeof(struct ipv6_txoptions)); 554 memset(opt, 0, sizeof(struct ipv6_txoptions));
555 opt->tot_len = sizeof(struct ipv6_txoptions); 555 opt->tot_len = sizeof(struct ipv6_txoptions);
556 556
557 err = datagram_send_ctl(sock_net(sk), sk, msg, &fl6, opt, 557 err = ip6_datagram_send_ctl(sock_net(sk), sk, msg, &fl6, opt,
558 &hlimit, &tclass, &dontfrag); 558 &hlimit, &tclass, &dontfrag);
559 if (err < 0) { 559 if (err < 0) {
560 fl6_sock_release(flowlabel); 560 fl6_sock_release(flowlabel);
561 return err; 561 return err;
@@ -646,7 +646,7 @@ static int l2tp_ip6_recvmsg(struct kiocb *iocb, struct sock *sk,
646 struct msghdr *msg, size_t len, int noblock, 646 struct msghdr *msg, size_t len, int noblock,
647 int flags, int *addr_len) 647 int flags, int *addr_len)
648{ 648{
649 struct inet_sock *inet = inet_sk(sk); 649 struct ipv6_pinfo *np = inet6_sk(sk);
650 struct sockaddr_l2tpip6 *lsa = (struct sockaddr_l2tpip6 *)msg->msg_name; 650 struct sockaddr_l2tpip6 *lsa = (struct sockaddr_l2tpip6 *)msg->msg_name;
651 size_t copied = 0; 651 size_t copied = 0;
652 int err = -EOPNOTSUPP; 652 int err = -EOPNOTSUPP;
@@ -688,8 +688,8 @@ static int l2tp_ip6_recvmsg(struct kiocb *iocb, struct sock *sk,
688 lsa->l2tp_scope_id = IP6CB(skb)->iif; 688 lsa->l2tp_scope_id = IP6CB(skb)->iif;
689 } 689 }
690 690
691 if (inet->cmsg_flags) 691 if (np->rxopt.all)
692 ip_cmsg_recv(msg, skb); 692 ip6_datagram_recv_ctl(sk, msg, skb);
693 693
694 if (flags & MSG_TRUNC) 694 if (flags & MSG_TRUNC)
695 copied = skb->len; 695 copied = skb->len;
diff --git a/net/l2tp/l2tp_netlink.c b/net/l2tp/l2tp_netlink.c
index bbba3a19e944..c1bab22db85e 100644
--- a/net/l2tp/l2tp_netlink.c
+++ b/net/l2tp/l2tp_netlink.c
@@ -37,6 +37,7 @@ static struct genl_family l2tp_nl_family = {
37 .version = L2TP_GENL_VERSION, 37 .version = L2TP_GENL_VERSION,
38 .hdrsize = 0, 38 .hdrsize = 0,
39 .maxattr = L2TP_ATTR_MAX, 39 .maxattr = L2TP_ATTR_MAX,
40 .netnsok = true,
40}; 41};
41 42
42/* Accessed under genl lock */ 43/* Accessed under genl lock */
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index 286366ef8930..3f4e3afc191a 100644
--- a/net/l2tp/l2tp_ppp.c
+++ b/net/l2tp/l2tp_ppp.c
@@ -388,8 +388,6 @@ static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb)
388 struct l2tp_session *session; 388 struct l2tp_session *session;
389 struct l2tp_tunnel *tunnel; 389 struct l2tp_tunnel *tunnel;
390 struct pppol2tp_session *ps; 390 struct pppol2tp_session *ps;
391 int old_headroom;
392 int new_headroom;
393 int uhlen, headroom; 391 int uhlen, headroom;
394 392
395 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) 393 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED))
@@ -408,7 +406,6 @@ static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb)
408 if (tunnel == NULL) 406 if (tunnel == NULL)
409 goto abort_put_sess; 407 goto abort_put_sess;
410 408
411 old_headroom = skb_headroom(skb);
412 uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0; 409 uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0;
413 headroom = NET_SKB_PAD + 410 headroom = NET_SKB_PAD +
414 sizeof(struct iphdr) + /* IP header */ 411 sizeof(struct iphdr) + /* IP header */
@@ -418,9 +415,6 @@ static int pppol2tp_xmit(struct ppp_channel *chan, struct sk_buff *skb)
418 if (skb_cow_head(skb, headroom)) 415 if (skb_cow_head(skb, headroom))
419 goto abort_put_sess_tun; 416 goto abort_put_sess_tun;
420 417
421 new_headroom = skb_headroom(skb);
422 skb->truesize += new_headroom - old_headroom;
423
424 /* Setup PPP header */ 418 /* Setup PPP header */
425 __skb_push(skb, sizeof(ppph)); 419 __skb_push(skb, sizeof(ppph));
426 skb->data[0] = ppph[0]; 420 skb->data[0] = ppph[0];
@@ -1789,7 +1783,8 @@ static __net_init int pppol2tp_init_net(struct net *net)
1789 struct proc_dir_entry *pde; 1783 struct proc_dir_entry *pde;
1790 int err = 0; 1784 int err = 0;
1791 1785
1792 pde = proc_net_fops_create(net, "pppol2tp", S_IRUGO, &pppol2tp_proc_fops); 1786 pde = proc_create("pppol2tp", S_IRUGO, net->proc_net,
1787 &pppol2tp_proc_fops);
1793 if (!pde) { 1788 if (!pde) {
1794 err = -ENOMEM; 1789 err = -ENOMEM;
1795 goto out; 1790 goto out;
@@ -1801,7 +1796,7 @@ out:
1801 1796
1802static __net_exit void pppol2tp_exit_net(struct net *net) 1797static __net_exit void pppol2tp_exit_net(struct net *net)
1803{ 1798{
1804 proc_net_remove(net, "pppol2tp"); 1799 remove_proc_entry("pppol2tp", net->proc_net);
1805} 1800}
1806 1801
1807static struct pernet_operations pppol2tp_net_ops = { 1802static struct pernet_operations pppol2tp_net_ops = {
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-04 22:31:37 -0400