aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/l2tp/Kconfig17
-rw-r--r--net/l2tp/Makefile1
-rw-r--r--net/l2tp/l2tp_core.c163
-rw-r--r--net/l2tp/l2tp_core.h7
-rw-r--r--net/l2tp/l2tp_ip.c679
-rw-r--r--net/l2tp/l2tp_ppp.c7
6 files changed, 812 insertions, 62 deletions
diff --git a/net/l2tp/Kconfig b/net/l2tp/Kconfig
index d60758d60478..0a11ccf2d95b 100644
--- a/net/l2tp/Kconfig
+++ b/net/l2tp/Kconfig
@@ -51,3 +51,20 @@ config L2TP_V3
51 If you are connecting to L2TPv3 equipment, or you want to 51 If you are connecting to L2TPv3 equipment, or you want to
52 tunnel raw ethernet frames using L2TP, say Y here. If 52 tunnel raw ethernet frames using L2TP, say Y here. If
53 unsure, say N. 53 unsure, say N.
54
55config L2TP_IP
56 tristate "L2TP IP encapsulation for L2TPv3"
57 depends on L2TP_V3
58 help
59 Support for L2TP-over-IP socket family.
60
61 The L2TPv3 protocol defines two possible encapsulations for
62 L2TP frames, namely UDP and plain IP (without UDP). This
63 driver provides a new L2TPIP socket family with which
64 userspace L2TPv3 daemons may create L2TP/IP tunnel sockets
65 when UDP encapsulation is not required. When L2TP is carried
66 in IP packets, it used IP protocol number 115, so this port
67 must be enabled in firewalls.
68
69 To compile this driver as a module, choose M here. The module
70 will be called l2tp_ip.
diff --git a/net/l2tp/Makefile b/net/l2tp/Makefile
index c91f208b1693..ef28b16f7d6a 100644
--- a/net/l2tp/Makefile
+++ b/net/l2tp/Makefile
@@ -6,3 +6,4 @@ obj-$(CONFIG_L2TP) += l2tp_core.o
6 6
7# Build l2tp as modules if L2TP is M 7# Build l2tp as modules if L2TP is M
8obj-$(subst y,$(CONFIG_L2TP),$(CONFIG_PPPOL2TP)) += l2tp_ppp.o 8obj-$(subst y,$(CONFIG_L2TP),$(CONFIG_PPPOL2TP)) += l2tp_ppp.o
9obj-$(subst y,$(CONFIG_L2TP),$(CONFIG_L2TP_IP)) += l2tp_ip.o
diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
index 0eee1a65f1b1..1739d04367e4 100644
--- a/net/l2tp/l2tp_core.c
+++ b/net/l2tp/l2tp_core.c
@@ -36,8 +36,10 @@
36#include <linux/inetdevice.h> 36#include <linux/inetdevice.h>
37#include <linux/skbuff.h> 37#include <linux/skbuff.h>
38#include <linux/init.h> 38#include <linux/init.h>
39#include <linux/in.h>
39#include <linux/ip.h> 40#include <linux/ip.h>
40#include <linux/udp.h> 41#include <linux/udp.h>
42#include <linux/l2tp.h>
41#include <linux/hash.h> 43#include <linux/hash.h>
42#include <linux/sort.h> 44#include <linux/sort.h>
43#include <linux/file.h> 45#include <linux/file.h>
@@ -48,6 +50,7 @@
48#include <net/ip.h> 50#include <net/ip.h>
49#include <net/udp.h> 51#include <net/udp.h>
50#include <net/xfrm.h> 52#include <net/xfrm.h>
53#include <net/protocol.h>
51 54
52#include <asm/byteorder.h> 55#include <asm/byteorder.h>
53#include <asm/atomic.h> 56#include <asm/atomic.h>
@@ -849,15 +852,21 @@ static int l2tp_build_l2tpv2_header(struct l2tp_session *session, void *buf)
849 852
850static int l2tp_build_l2tpv3_header(struct l2tp_session *session, void *buf) 853static int l2tp_build_l2tpv3_header(struct l2tp_session *session, void *buf)
851{ 854{
855 struct l2tp_tunnel *tunnel = session->tunnel;
852 char *bufp = buf; 856 char *bufp = buf;
853 char *optr = bufp; 857 char *optr = bufp;
854 u16 flags = L2TP_HDR_VER_3;
855 858
856 /* Setup L2TP header. */ 859 /* Setup L2TP header. The header differs slightly for UDP and
857 *((__be16 *) bufp) = htons(flags); 860 * IP encapsulations. For UDP, there is 4 bytes of flags.
858 bufp += 2; 861 */
859 *((__be16 *) bufp) = 0; 862 if (tunnel->encap == L2TP_ENCAPTYPE_UDP) {
860 bufp += 2; 863 u16 flags = L2TP_HDR_VER_3;
864 *((__be16 *) bufp) = htons(flags);
865 bufp += 2;
866 *((__be16 *) bufp) = 0;
867 bufp += 2;
868 }
869
861 *((__be32 *) bufp) = htonl(session->peer_session_id); 870 *((__be32 *) bufp) = htonl(session->peer_session_id);
862 bufp += 4; 871 bufp += 4;
863 if (session->cookie_len) { 872 if (session->cookie_len) {
@@ -902,10 +911,11 @@ int l2tp_xmit_core(struct l2tp_session *session, struct sk_buff *skb, size_t dat
902 911
903 if (session->debug & L2TP_MSG_DATA) { 912 if (session->debug & L2TP_MSG_DATA) {
904 int i; 913 int i;
905 unsigned char *datap = skb->data + sizeof(struct udphdr); 914 int uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0;
915 unsigned char *datap = skb->data + uhlen;
906 916
907 printk(KERN_DEBUG "%s: xmit:", session->name); 917 printk(KERN_DEBUG "%s: xmit:", session->name);
908 for (i = 0; i < (len - sizeof(struct udphdr)); i++) { 918 for (i = 0; i < (len - uhlen); i++) {
909 printk(" %02X", *datap++); 919 printk(" %02X", *datap++);
910 if (i == 31) { 920 if (i == 31) {
911 printk(" ..."); 921 printk(" ...");
@@ -956,21 +966,23 @@ static inline void l2tp_skb_set_owner_w(struct sk_buff *skb, struct sock *sk)
956int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len) 966int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len)
957{ 967{
958 int data_len = skb->len; 968 int data_len = skb->len;
959 struct sock *sk = session->tunnel->sock; 969 struct l2tp_tunnel *tunnel = session->tunnel;
970 struct sock *sk = tunnel->sock;
960 struct udphdr *uh; 971 struct udphdr *uh;
961 unsigned int udp_len;
962 struct inet_sock *inet; 972 struct inet_sock *inet;
963 __wsum csum; 973 __wsum csum;
964 int old_headroom; 974 int old_headroom;
965 int new_headroom; 975 int new_headroom;
966 int headroom; 976 int headroom;
977 int uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0;
978 int udp_len;
967 979
968 /* Check that there's enough headroom in the skb to insert IP, 980 /* Check that there's enough headroom in the skb to insert IP,
969 * UDP and L2TP headers. If not enough, expand it to 981 * UDP and L2TP headers. If not enough, expand it to
970 * make room. Adjust truesize. 982 * make room. Adjust truesize.
971 */ 983 */
972 headroom = NET_SKB_PAD + sizeof(struct iphdr) + 984 headroom = NET_SKB_PAD + sizeof(struct iphdr) +
973 sizeof(struct udphdr) + hdr_len; 985 uhlen + hdr_len;
974 old_headroom = skb_headroom(skb); 986 old_headroom = skb_headroom(skb);
975 if (skb_cow_head(skb, headroom)) 987 if (skb_cow_head(skb, headroom))
976 goto abort; 988 goto abort;
@@ -981,18 +993,8 @@ int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len
981 993
982 /* Setup L2TP header */ 994 /* Setup L2TP header */
983 session->build_header(session, __skb_push(skb, hdr_len)); 995 session->build_header(session, __skb_push(skb, hdr_len));
984 udp_len = sizeof(struct udphdr) + hdr_len + data_len;
985
986 /* Setup UDP header */
987 inet = inet_sk(sk);
988 __skb_push(skb, sizeof(*uh));
989 skb_reset_transport_header(skb);
990 uh = udp_hdr(skb);
991 uh->source = inet->inet_sport;
992 uh->dest = inet->inet_dport;
993 uh->len = htons(udp_len);
994 uh->check = 0;
995 996
997 /* Reset skb netfilter state */
996 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 998 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
997 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED | 999 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
998 IPSKB_REROUTED); 1000 IPSKB_REROUTED);
@@ -1001,29 +1003,48 @@ int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len
1001 /* Get routing info from the tunnel socket */ 1003 /* Get routing info from the tunnel socket */
1002 skb_dst_drop(skb); 1004 skb_dst_drop(skb);
1003 skb_dst_set(skb, dst_clone(__sk_dst_get(sk))); 1005 skb_dst_set(skb, dst_clone(__sk_dst_get(sk)));
1004 l2tp_skb_set_owner_w(skb, sk);
1005 1006
1006 /* Calculate UDP checksum if configured to do so */ 1007 switch (tunnel->encap) {
1007 if (sk->sk_no_check == UDP_CSUM_NOXMIT) 1008 case L2TP_ENCAPTYPE_UDP:
1008 skb->ip_summed = CHECKSUM_NONE; 1009 /* Setup UDP header */
1009 else if ((skb_dst(skb) && skb_dst(skb)->dev) && 1010 inet = inet_sk(sk);
1010 (!(skb_dst(skb)->dev->features & NETIF_F_V4_CSUM))) { 1011 __skb_push(skb, sizeof(*uh));
1011 skb->ip_summed = CHECKSUM_COMPLETE; 1012 skb_reset_transport_header(skb);
1012 csum = skb_checksum(skb, 0, udp_len, 0); 1013 uh = udp_hdr(skb);
1013 uh->check = csum_tcpudp_magic(inet->inet_saddr, 1014 uh->source = inet->inet_sport;
1014 inet->inet_daddr, 1015 uh->dest = inet->inet_dport;
1015 udp_len, IPPROTO_UDP, csum); 1016 udp_len = uhlen + hdr_len + data_len;
1016 if (uh->check == 0) 1017 uh->len = htons(udp_len);
1017 uh->check = CSUM_MANGLED_0; 1018 uh->check = 0;
1018 } else { 1019
1019 skb->ip_summed = CHECKSUM_PARTIAL; 1020 /* Calculate UDP checksum if configured to do so */
1020 skb->csum_start = skb_transport_header(skb) - skb->head; 1021 if (sk->sk_no_check == UDP_CSUM_NOXMIT)
1021 skb->csum_offset = offsetof(struct udphdr, check); 1022 skb->ip_summed = CHECKSUM_NONE;
1022 uh->check = ~csum_tcpudp_magic(inet->inet_saddr, 1023 else if ((skb_dst(skb) && skb_dst(skb)->dev) &&
1023 inet->inet_daddr, 1024 (!(skb_dst(skb)->dev->features & NETIF_F_V4_CSUM))) {
1024 udp_len, IPPROTO_UDP, 0); 1025 skb->ip_summed = CHECKSUM_COMPLETE;
1026 csum = skb_checksum(skb, 0, udp_len, 0);
1027 uh->check = csum_tcpudp_magic(inet->inet_saddr,
1028 inet->inet_daddr,
1029 udp_len, IPPROTO_UDP, csum);
1030 if (uh->check == 0)
1031 uh->check = CSUM_MANGLED_0;
1032 } else {
1033 skb->ip_summed = CHECKSUM_PARTIAL;
1034 skb->csum_start = skb_transport_header(skb) - skb->head;
1035 skb->csum_offset = offsetof(struct udphdr, check);
1036 uh->check = ~csum_tcpudp_magic(inet->inet_saddr,
1037 inet->inet_daddr,
1038 udp_len, IPPROTO_UDP, 0);
1039 }
1040 break;
1041
1042 case L2TP_ENCAPTYPE_IP:
1043 break;
1025 } 1044 }
1026 1045
1046 l2tp_skb_set_owner_w(skb, sk);
1047
1027 l2tp_xmit_core(session, skb, data_len); 1048 l2tp_xmit_core(session, skb, data_len);
1028 1049
1029abort: 1050abort:
@@ -1053,9 +1074,15 @@ void l2tp_tunnel_destruct(struct sock *sk)
1053 /* Close all sessions */ 1074 /* Close all sessions */
1054 l2tp_tunnel_closeall(tunnel); 1075 l2tp_tunnel_closeall(tunnel);
1055 1076
1056 /* No longer an encapsulation socket. See net/ipv4/udp.c */ 1077 switch (tunnel->encap) {
1057 (udp_sk(sk))->encap_type = 0; 1078 case L2TP_ENCAPTYPE_UDP:
1058 (udp_sk(sk))->encap_rcv = NULL; 1079 /* No longer an encapsulation socket. See net/ipv4/udp.c */
1080 (udp_sk(sk))->encap_type = 0;
1081 (udp_sk(sk))->encap_rcv = NULL;
1082 break;
1083 case L2TP_ENCAPTYPE_IP:
1084 break;
1085 }
1059 1086
1060 /* Remove hooks into tunnel socket */ 1087 /* Remove hooks into tunnel socket */
1061 tunnel->sock = NULL; 1088 tunnel->sock = NULL;
@@ -1168,6 +1195,7 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32
1168 struct socket *sock = NULL; 1195 struct socket *sock = NULL;
1169 struct sock *sk = NULL; 1196 struct sock *sk = NULL;
1170 struct l2tp_net *pn; 1197 struct l2tp_net *pn;
1198 enum l2tp_encap_type encap = L2TP_ENCAPTYPE_UDP;
1171 1199
1172 /* Get the tunnel socket from the fd, which was opened by 1200 /* Get the tunnel socket from the fd, which was opened by
1173 * the userspace L2TP daemon. 1201 * the userspace L2TP daemon.
@@ -1182,18 +1210,27 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32
1182 1210
1183 sk = sock->sk; 1211 sk = sock->sk;
1184 1212
1213 if (cfg != NULL)
1214 encap = cfg->encap;
1215
1185 /* Quick sanity checks */ 1216 /* Quick sanity checks */
1186 err = -EPROTONOSUPPORT; 1217 switch (encap) {
1187 if (sk->sk_protocol != IPPROTO_UDP) { 1218 case L2TP_ENCAPTYPE_UDP:
1188 printk(KERN_ERR "tunl %hu: fd %d wrong protocol, got %d, expected %d\n", 1219 err = -EPROTONOSUPPORT;
1189 tunnel_id, fd, sk->sk_protocol, IPPROTO_UDP); 1220 if (sk->sk_protocol != IPPROTO_UDP) {
1190 goto err; 1221 printk(KERN_ERR "tunl %hu: fd %d wrong protocol, got %d, expected %d\n",
1191 } 1222 tunnel_id, fd, sk->sk_protocol, IPPROTO_UDP);
1192 err = -EAFNOSUPPORT; 1223 goto err;
1193 if (sock->ops->family != AF_INET) { 1224 }
1194 printk(KERN_ERR "tunl %hu: fd %d wrong family, got %d, expected %d\n", 1225 break;
1195 tunnel_id, fd, sock->ops->family, AF_INET); 1226 case L2TP_ENCAPTYPE_IP:
1196 goto err; 1227 err = -EPROTONOSUPPORT;
1228 if (sk->sk_protocol != IPPROTO_L2TP) {
1229 printk(KERN_ERR "tunl %hu: fd %d wrong protocol, got %d, expected %d\n",
1230 tunnel_id, fd, sk->sk_protocol, IPPROTO_L2TP);
1231 goto err;
1232 }
1233 break;
1197 } 1234 }
1198 1235
1199 /* Check if this socket has already been prepped */ 1236 /* Check if this socket has already been prepped */
@@ -1223,12 +1260,16 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32
1223 tunnel->l2tp_net = net; 1260 tunnel->l2tp_net = net;
1224 pn = l2tp_pernet(net); 1261 pn = l2tp_pernet(net);
1225 1262
1226 if (cfg) 1263 if (cfg != NULL)
1227 tunnel->debug = cfg->debug; 1264 tunnel->debug = cfg->debug;
1228 1265
1229 /* Mark socket as an encapsulation socket. See net/ipv4/udp.c */ 1266 /* Mark socket as an encapsulation socket. See net/ipv4/udp.c */
1230 udp_sk(sk)->encap_type = UDP_ENCAP_L2TPINUDP; 1267 tunnel->encap = encap;
1231 udp_sk(sk)->encap_rcv = l2tp_udp_encap_recv; 1268 if (encap == L2TP_ENCAPTYPE_UDP) {
1269 /* Mark socket as an encapsulation socket. See net/ipv4/udp.c */
1270 udp_sk(sk)->encap_type = UDP_ENCAP_L2TPINUDP;
1271 udp_sk(sk)->encap_rcv = l2tp_udp_encap_recv;
1272 }
1232 1273
1233 sk->sk_user_data = tunnel; 1274 sk->sk_user_data = tunnel;
1234 1275
@@ -1318,7 +1359,9 @@ void l2tp_session_set_header_len(struct l2tp_session *session, int version)
1318 if (session->send_seq) 1359 if (session->send_seq)
1319 session->hdr_len += 4; 1360 session->hdr_len += 4;
1320 } else { 1361 } else {
1321 session->hdr_len = 8 + session->cookie_len + session->l2specific_len + session->offset; 1362 session->hdr_len = 4 + session->cookie_len + session->l2specific_len + session->offset;
1363 if (session->tunnel->encap == L2TP_ENCAPTYPE_UDP)
1364 session->hdr_len += 4;
1322 } 1365 }
1323 1366
1324} 1367}
diff --git a/net/l2tp/l2tp_core.h b/net/l2tp/l2tp_core.h
index 5c53eb2a8ad9..d2395984645e 100644
--- a/net/l2tp/l2tp_core.h
+++ b/net/l2tp/l2tp_core.h
@@ -48,6 +48,11 @@ enum l2tp_l2spec_type {
48 L2TP_L2SPECTYPE_DEFAULT, 48 L2TP_L2SPECTYPE_DEFAULT,
49}; 49};
50 50
51enum l2tp_encap_type {
52 L2TP_ENCAPTYPE_UDP,
53 L2TP_ENCAPTYPE_IP,
54};
55
51struct sk_buff; 56struct sk_buff;
52 57
53struct l2tp_stats { 58struct l2tp_stats {
@@ -155,6 +160,7 @@ struct l2tp_session {
155struct l2tp_tunnel_cfg { 160struct l2tp_tunnel_cfg {
156 int debug; /* bitmask of debug message 161 int debug; /* bitmask of debug message
157 * categories */ 162 * categories */
163 enum l2tp_encap_type encap;
158}; 164};
159 165
160struct l2tp_tunnel { 166struct l2tp_tunnel {
@@ -170,6 +176,7 @@ struct l2tp_tunnel {
170 char name[20]; /* for logging */ 176 char name[20]; /* for logging */
171 int debug; /* bitmask of debug message 177 int debug; /* bitmask of debug message
172 * categories */ 178 * categories */
179 enum l2tp_encap_type encap;
173 struct l2tp_stats stats; 180 struct l2tp_stats stats;
174 181
175 struct list_head list; /* Keep a list of all tunnels */ 182 struct list_head list; /* Keep a list of all tunnels */
diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c
new file mode 100644
index 000000000000..75bf784ba18d
--- /dev/null
+++ b/net/l2tp/l2tp_ip.c
@@ -0,0 +1,679 @@
1/*
2 * L2TPv3 IP encapsulation support
3 *
4 * Copyright (c) 2008,2009,2010 Katalix Systems Ltd
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12#include <linux/icmp.h>
13#include <linux/module.h>
14#include <linux/skbuff.h>
15#include <linux/random.h>
16#include <linux/socket.h>
17#include <linux/l2tp.h>
18#include <linux/in.h>
19#include <net/sock.h>
20#include <net/ip.h>
21#include <net/icmp.h>
22#include <net/udp.h>
23#include <net/inet_common.h>
24#include <net/inet_hashtables.h>
25#include <net/tcp_states.h>
26#include <net/protocol.h>
27#include <net/xfrm.h>
28
29#include "l2tp_core.h"
30
31struct l2tp_ip_sock {
32 /* inet_sock has to be the first member of l2tp_ip_sock */
33 struct inet_sock inet;
34
35 __u32 conn_id;
36 __u32 peer_conn_id;
37
38 __u64 tx_packets;
39 __u64 tx_bytes;
40 __u64 tx_errors;
41 __u64 rx_packets;
42 __u64 rx_bytes;
43 __u64 rx_errors;
44};
45
46static DEFINE_RWLOCK(l2tp_ip_lock);
47static struct hlist_head l2tp_ip_table;
48static struct hlist_head l2tp_ip_bind_table;
49
50static inline struct l2tp_ip_sock *l2tp_ip_sk(const struct sock *sk)
51{
52 return (struct l2tp_ip_sock *)sk;
53}
54
55static struct sock *__l2tp_ip_bind_lookup(struct net *net, __be32 laddr, int dif, u32 tunnel_id)
56{
57 struct hlist_node *node;
58 struct sock *sk;
59
60 sk_for_each_bound(sk, node, &l2tp_ip_bind_table) {
61 struct inet_sock *inet = inet_sk(sk);
62 struct l2tp_ip_sock *l2tp = l2tp_ip_sk(sk);
63
64 if (l2tp == NULL)
65 continue;
66
67 if ((l2tp->conn_id == tunnel_id) &&
68#ifdef CONFIG_NET_NS
69 (sk->sk_net == net) &&
70#endif
71 !(inet->inet_rcv_saddr && inet->inet_rcv_saddr != laddr) &&
72 !(sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif))
73 goto found;
74 }
75
76 sk = NULL;
77found:
78 return sk;
79}
80
81static inline struct sock *l2tp_ip_bind_lookup(struct net *net, __be32 laddr, int dif, u32 tunnel_id)
82{
83 struct sock *sk = __l2tp_ip_bind_lookup(net, laddr, dif, tunnel_id);
84 if (sk)
85 sock_hold(sk);
86
87 return sk;
88}
89
90/* When processing receive frames, there are two cases to
91 * consider. Data frames consist of a non-zero session-id and an
92 * optional cookie. Control frames consist of a regular L2TP header
93 * preceded by 32-bits of zeros.
94 *
95 * L2TPv3 Session Header Over IP
96 *
97 * 0 1 2 3
98 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
99 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
100 * | Session ID |
101 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
102 * | Cookie (optional, maximum 64 bits)...
103 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
104 * |
105 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
106 *
107 * L2TPv3 Control Message Header Over IP
108 *
109 * 0 1 2 3
110 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
111 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
112 * | (32 bits of zeros) |
113 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
114 * |T|L|x|x|S|x|x|x|x|x|x|x| Ver | Length |
115 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
116 * | Control Connection ID |
117 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
118 * | Ns | Nr |
119 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
120 *
121 * All control frames are passed to userspace.
122 */
123static int l2tp_ip_recv(struct sk_buff *skb)
124{
125 struct sock *sk;
126 u32 session_id;
127 u32 tunnel_id;
128 unsigned char *ptr, *optr;
129 struct l2tp_session *session;
130 struct l2tp_tunnel *tunnel = NULL;
131 int length;
132 int offset;
133
134 /* Point to L2TP header */
135 optr = ptr = skb->data;
136
137 if (!pskb_may_pull(skb, 4))
138 goto discard;
139
140 session_id = ntohl(*((__be32 *) ptr));
141 ptr += 4;
142
143 /* RFC3931: L2TP/IP packets have the first 4 bytes containing
144 * the session_id. If it is 0, the packet is a L2TP control
145 * frame and the session_id value can be discarded.
146 */
147 if (session_id == 0) {
148 __skb_pull(skb, 4);
149 goto pass_up;
150 }
151
152 /* Ok, this is a data packet. Lookup the session. */
153 session = l2tp_session_find(&init_net, NULL, session_id);
154 if (session == NULL)
155 goto discard;
156
157 tunnel = session->tunnel;
158 if (tunnel == NULL)
159 goto discard;
160
161 /* Trace packet contents, if enabled */
162 if (tunnel->debug & L2TP_MSG_DATA) {
163 length = min(32u, skb->len);
164 if (!pskb_may_pull(skb, length))
165 goto discard;
166
167 printk(KERN_DEBUG "%s: ip recv: ", tunnel->name);
168
169 offset = 0;
170 do {
171 printk(" %02X", ptr[offset]);
172 } while (++offset < length);
173
174 printk("\n");
175 }
176
177 l2tp_recv_common(session, skb, ptr, optr, 0, skb->len, tunnel->recv_payload_hook);
178
179 return 0;
180
181pass_up:
182 /* Get the tunnel_id from the L2TP header */
183 if (!pskb_may_pull(skb, 12))
184 goto discard;
185
186 if ((skb->data[0] & 0xc0) != 0xc0)
187 goto discard;
188
189 tunnel_id = ntohl(*(__be32 *) &skb->data[4]);
190 tunnel = l2tp_tunnel_find(&init_net, tunnel_id);
191 if (tunnel != NULL)
192 sk = tunnel->sock;
193 else {
194 struct iphdr *iph = (struct iphdr *) skb_network_header(skb);
195
196 read_lock_bh(&l2tp_ip_lock);
197 sk = __l2tp_ip_bind_lookup(&init_net, iph->daddr, 0, tunnel_id);
198 read_unlock_bh(&l2tp_ip_lock);
199 }
200
201 if (sk == NULL)
202 goto discard;
203
204 sock_hold(sk);
205
206 if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
207 goto discard_put;
208
209 nf_reset(skb);
210
211 return sk_receive_skb(sk, skb, 1);
212
213discard_put:
214 sock_put(sk);
215
216discard:
217 kfree_skb(skb);
218 return 0;
219}
220
221static int l2tp_ip_open(struct sock *sk)
222{
223 /* Prevent autobind. We don't have ports. */
224 inet_sk(sk)->inet_num = IPPROTO_L2TP;
225
226 write_lock_bh(&l2tp_ip_lock);
227 sk_add_node(sk, &l2tp_ip_table);
228 write_unlock_bh(&l2tp_ip_lock);
229
230 return 0;
231}
232
233static void l2tp_ip_close(struct sock *sk, long timeout)
234{
235 write_lock_bh(&l2tp_ip_lock);
236 hlist_del_init(&sk->sk_bind_node);
237 hlist_del_init(&sk->sk_node);
238 write_unlock_bh(&l2tp_ip_lock);
239 sk_common_release(sk);
240}
241
242static void l2tp_ip_destroy_sock(struct sock *sk)
243{
244 struct sk_buff *skb;
245
246 while ((skb = __skb_dequeue_tail(&sk->sk_write_queue)) != NULL)
247 kfree_skb(skb);
248
249 sk_refcnt_debug_dec(sk);
250}
251
252static int l2tp_ip_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
253{
254 struct inet_sock *inet = inet_sk(sk);
255 struct sockaddr_l2tpip *addr = (struct sockaddr_l2tpip *) uaddr;
256 int ret = -EINVAL;
257 int chk_addr_ret;
258
259 ret = -EADDRINUSE;
260 read_lock_bh(&l2tp_ip_lock);
261 if (__l2tp_ip_bind_lookup(&init_net, addr->l2tp_addr.s_addr, sk->sk_bound_dev_if, addr->l2tp_conn_id))
262 goto out_in_use;
263
264 read_unlock_bh(&l2tp_ip_lock);
265
266 lock_sock(sk);
267 if (sk->sk_state != TCP_CLOSE || addr_len < sizeof(struct sockaddr_l2tpip))
268 goto out;
269
270 chk_addr_ret = inet_addr_type(&init_net, addr->l2tp_addr.s_addr);
271 ret = -EADDRNOTAVAIL;
272 if (addr->l2tp_addr.s_addr && chk_addr_ret != RTN_LOCAL &&
273 chk_addr_ret != RTN_MULTICAST && chk_addr_ret != RTN_BROADCAST)
274 goto out;
275
276 inet->inet_rcv_saddr = inet->inet_saddr = addr->l2tp_addr.s_addr;
277 if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
278 inet->inet_saddr = 0; /* Use device */
279 sk_dst_reset(sk);
280
281 l2tp_ip_sk(sk)->conn_id = addr->l2tp_conn_id;
282
283 write_lock_bh(&l2tp_ip_lock);
284 sk_add_bind_node(sk, &l2tp_ip_bind_table);
285 sk_del_node_init(sk);
286 write_unlock_bh(&l2tp_ip_lock);
287 ret = 0;
288out:
289 release_sock(sk);
290
291 return ret;
292
293out_in_use:
294 read_unlock_bh(&l2tp_ip_lock);
295
296 return ret;
297}
298
299static int l2tp_ip_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
300{
301 int rc;
302 struct inet_sock *inet = inet_sk(sk);
303 struct sockaddr_l2tpip *lsa = (struct sockaddr_l2tpip *) uaddr;
304 struct rtable *rt;
305 __be32 saddr;
306 int oif;
307
308 rc = -EINVAL;
309 if (addr_len < sizeof(*lsa))
310 goto out;
311
312 rc = -EAFNOSUPPORT;
313 if (lsa->l2tp_family != AF_INET)
314 goto out;
315
316 sk_dst_reset(sk);
317
318 oif = sk->sk_bound_dev_if;
319 saddr = inet->inet_saddr;
320
321 rc = -EINVAL;
322 if (ipv4_is_multicast(lsa->l2tp_addr.s_addr))
323 goto out;
324
325 rc = ip_route_connect(&rt, lsa->l2tp_addr.s_addr, saddr,
326 RT_CONN_FLAGS(sk), oif,
327 IPPROTO_L2TP,
328 0, 0, sk, 1);
329 if (rc) {
330 if (rc == -ENETUNREACH)
331 IP_INC_STATS_BH(&init_net, IPSTATS_MIB_OUTNOROUTES);
332 goto out;
333 }
334
335 rc = -ENETUNREACH;
336 if (rt->rt_flags & (RTCF_MULTICAST | RTCF_BROADCAST)) {
337 ip_rt_put(rt);
338 goto out;
339 }
340
341 l2tp_ip_sk(sk)->peer_conn_id = lsa->l2tp_conn_id;
342
343 if (!inet->inet_saddr)
344 inet->inet_saddr = rt->rt_src;
345 if (!inet->inet_rcv_saddr)
346 inet->inet_rcv_saddr = rt->rt_src;
347 inet->inet_daddr = rt->rt_dst;
348 sk->sk_state = TCP_ESTABLISHED;
349 inet->inet_id = jiffies;
350
351 sk_dst_set(sk, &rt->u.dst);
352
353 write_lock_bh(&l2tp_ip_lock);
354 hlist_del_init(&sk->sk_bind_node);
355 sk_add_bind_node(sk, &l2tp_ip_bind_table);
356 write_unlock_bh(&l2tp_ip_lock);
357
358 rc = 0;
359out:
360 return rc;
361}
362
363static int l2tp_ip_getname(struct socket *sock, struct sockaddr *uaddr,
364 int *uaddr_len, int peer)
365{
366 struct sock *sk = sock->sk;
367 struct inet_sock *inet = inet_sk(sk);
368 struct l2tp_ip_sock *lsk = l2tp_ip_sk(sk);
369 struct sockaddr_l2tpip *lsa = (struct sockaddr_l2tpip *)uaddr;
370
371 memset(lsa, 0, sizeof(*lsa));
372 lsa->l2tp_family = AF_INET;
373 if (peer) {
374 if (!inet->inet_dport)
375 return -ENOTCONN;
376 lsa->l2tp_conn_id = lsk->peer_conn_id;
377 lsa->l2tp_addr.s_addr = inet->inet_daddr;
378 } else {
379 __be32 addr = inet->inet_rcv_saddr;
380 if (!addr)
381 addr = inet->inet_saddr;
382 lsa->l2tp_conn_id = lsk->conn_id;
383 lsa->l2tp_addr.s_addr = addr;
384 }
385 *uaddr_len = sizeof(*lsa);
386 return 0;
387}
388
389static int l2tp_ip_backlog_recv(struct sock *sk, struct sk_buff *skb)
390{
391 int rc;
392
393 if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
394 goto drop;
395
396 nf_reset(skb);
397
398 /* Charge it to the socket, dropping if the queue is full. */
399 rc = sock_queue_rcv_skb(sk, skb);
400 if (rc < 0)
401 goto drop;
402
403 return 0;
404
405drop:
406 IP_INC_STATS(&init_net, IPSTATS_MIB_INDISCARDS);
407 kfree_skb(skb);
408 return -1;
409}
410
411/* Userspace will call sendmsg() on the tunnel socket to send L2TP
412 * control frames.
413 */
414static int l2tp_ip_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, size_t len)
415{
416 struct sk_buff *skb;
417 int rc;
418 struct l2tp_ip_sock *lsa = l2tp_ip_sk(sk);
419 struct inet_sock *inet = inet_sk(sk);
420 struct ip_options *opt = inet->opt;
421 struct rtable *rt = NULL;
422 int connected = 0;
423 __be32 daddr;
424
425 if (sock_flag(sk, SOCK_DEAD))
426 return -ENOTCONN;
427
428 /* Get and verify the address. */
429 if (msg->msg_name) {
430 struct sockaddr_l2tpip *lip = (struct sockaddr_l2tpip *) msg->msg_name;
431 if (msg->msg_namelen < sizeof(*lip))
432 return -EINVAL;
433
434 if (lip->l2tp_family != AF_INET) {
435 if (lip->l2tp_family != AF_UNSPEC)
436 return -EAFNOSUPPORT;
437 }
438
439 daddr = lip->l2tp_addr.s_addr;
440 } else {
441 if (sk->sk_state != TCP_ESTABLISHED)
442 return -EDESTADDRREQ;
443
444 daddr = inet->inet_daddr;
445 connected = 1;
446 }
447
448 /* Allocate a socket buffer */
449 rc = -ENOMEM;
450 skb = sock_wmalloc(sk, 2 + NET_SKB_PAD + sizeof(struct iphdr) +
451 4 + len, 0, GFP_KERNEL);
452 if (!skb)
453 goto error;
454
455 /* Reserve space for headers, putting IP header on 4-byte boundary. */
456 skb_reserve(skb, 2 + NET_SKB_PAD);
457 skb_reset_network_header(skb);
458 skb_reserve(skb, sizeof(struct iphdr));
459 skb_reset_transport_header(skb);
460
461 /* Insert 0 session_id */
462 *((__be32 *) skb_put(skb, 4)) = 0;
463
464 /* Copy user data into skb */
465 rc = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
466 if (rc < 0) {
467 kfree_skb(skb);
468 goto error;
469 }
470
471 if (connected)
472 rt = (struct rtable *) __sk_dst_check(sk, 0);
473
474 if (rt == NULL) {
475 /* Use correct destination address if we have options. */
476 if (opt && opt->srr)
477 daddr = opt->faddr;
478
479 {
480 struct flowi fl = { .oif = sk->sk_bound_dev_if,
481 .nl_u = { .ip4_u = {
482 .daddr = daddr,
483 .saddr = inet->inet_saddr,
484 .tos = RT_CONN_FLAGS(sk) } },
485 .proto = sk->sk_protocol,
486 .flags = inet_sk_flowi_flags(sk),
487 .uli_u = { .ports = {
488 .sport = inet->inet_sport,
489 .dport = inet->inet_dport } } };
490
491 /* If this fails, retransmit mechanism of transport layer will
492 * keep trying until route appears or the connection times
493 * itself out.
494 */
495 security_sk_classify_flow(sk, &fl);
496 if (ip_route_output_flow(sock_net(sk), &rt, &fl, sk, 0))
497 goto no_route;
498 }
499 sk_setup_caps(sk, &rt->u.dst);
500 }
501 skb_dst_set(skb, dst_clone(&rt->u.dst));
502
503 /* Queue the packet to IP for output */
504 rc = ip_queue_xmit(skb, 0);
505
506error:
507 /* Update stats */
508 if (rc >= 0) {
509 lsa->tx_packets++;
510 lsa->tx_bytes += len;
511 rc = len;
512 } else {
513 lsa->tx_errors++;
514 }
515
516 return rc;
517
518no_route:
519 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTNOROUTES);
520 kfree_skb(skb);
521 return -EHOSTUNREACH;
522}
523
524static int l2tp_ip_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
525 size_t len, int noblock, int flags, int *addr_len)
526{
527 struct inet_sock *inet = inet_sk(sk);
528 struct l2tp_ip_sock *lsk = l2tp_ip_sk(sk);
529 size_t copied = 0;
530 int err = -EOPNOTSUPP;
531 struct sockaddr_in *sin = (struct sockaddr_in *)msg->msg_name;
532 struct sk_buff *skb;
533
534 if (flags & MSG_OOB)
535 goto out;
536
537 if (addr_len)
538 *addr_len = sizeof(*sin);
539
540 skb = skb_recv_datagram(sk, flags, noblock, &err);
541 if (!skb)
542 goto out;
543
544 copied = skb->len;
545 if (len < copied) {
546 msg->msg_flags |= MSG_TRUNC;
547 copied = len;
548 }
549
550 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
551 if (err)
552 goto done;
553
554 sock_recv_timestamp(msg, sk, skb);
555
556 /* Copy the address. */
557 if (sin) {
558 sin->sin_family = AF_INET;
559 sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
560 sin->sin_port = 0;
561 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
562 }
563 if (inet->cmsg_flags)
564 ip_cmsg_recv(msg, skb);
565 if (flags & MSG_TRUNC)
566 copied = skb->len;
567done:
568 skb_free_datagram(sk, skb);
569out:
570 if (err) {
571 lsk->rx_errors++;
572 return err;
573 }
574
575 lsk->rx_packets++;
576 lsk->rx_bytes += copied;
577
578 return copied;
579}
580
581struct proto l2tp_ip_prot = {
582 .name = "L2TP/IP",
583 .owner = THIS_MODULE,
584 .init = l2tp_ip_open,
585 .close = l2tp_ip_close,
586 .bind = l2tp_ip_bind,
587 .connect = l2tp_ip_connect,
588 .disconnect = udp_disconnect,
589 .ioctl = udp_ioctl,
590 .destroy = l2tp_ip_destroy_sock,
591 .setsockopt = ip_setsockopt,
592 .getsockopt = ip_getsockopt,
593 .sendmsg = l2tp_ip_sendmsg,
594 .recvmsg = l2tp_ip_recvmsg,
595 .backlog_rcv = l2tp_ip_backlog_recv,
596 .hash = inet_hash,
597 .unhash = inet_unhash,
598 .obj_size = sizeof(struct l2tp_ip_sock),
599#ifdef CONFIG_COMPAT
600 .compat_setsockopt = compat_ip_setsockopt,
601 .compat_getsockopt = compat_ip_getsockopt,
602#endif
603};
604
605static const struct proto_ops l2tp_ip_ops = {
606 .family = PF_INET,
607 .owner = THIS_MODULE,
608 .release = inet_release,
609 .bind = inet_bind,
610 .connect = inet_dgram_connect,
611 .socketpair = sock_no_socketpair,
612 .accept = sock_no_accept,
613 .getname = l2tp_ip_getname,
614 .poll = datagram_poll,
615 .ioctl = inet_ioctl,
616 .listen = sock_no_listen,
617 .shutdown = inet_shutdown,
618 .setsockopt = sock_common_setsockopt,
619 .getsockopt = sock_common_getsockopt,
620 .sendmsg = inet_sendmsg,
621 .recvmsg = sock_common_recvmsg,
622 .mmap = sock_no_mmap,
623 .sendpage = sock_no_sendpage,
624#ifdef CONFIG_COMPAT
625 .compat_setsockopt = compat_sock_common_setsockopt,
626 .compat_getsockopt = compat_sock_common_getsockopt,
627#endif
628};
629
630static struct inet_protosw l2tp_ip_protosw = {
631 .type = SOCK_DGRAM,
632 .protocol = IPPROTO_L2TP,
633 .prot = &l2tp_ip_prot,
634 .ops = &l2tp_ip_ops,
635 .no_check = 0,
636};
637
638static struct net_protocol l2tp_ip_protocol __read_mostly = {
639 .handler = l2tp_ip_recv,
640};
641
642static int __init l2tp_ip_init(void)
643{
644 int err;
645
646 printk(KERN_INFO "L2TP IP encapsulation support (L2TPv3)\n");
647
648 err = proto_register(&l2tp_ip_prot, 1);
649 if (err != 0)
650 goto out;
651
652 err = inet_add_protocol(&l2tp_ip_protocol, IPPROTO_L2TP);
653 if (err)
654 goto out1;
655
656 inet_register_protosw(&l2tp_ip_protosw);
657 return 0;
658
659out1:
660 proto_unregister(&l2tp_ip_prot);
661out:
662 return err;
663}
664
665static void __exit l2tp_ip_exit(void)
666{
667 inet_unregister_protosw(&l2tp_ip_protosw);
668 inet_del_protocol(&l2tp_ip_protocol, IPPROTO_L2TP);
669 proto_unregister(&l2tp_ip_prot);
670}
671
672module_init(l2tp_ip_init);
673module_exit(l2tp_ip_exit);
674
675MODULE_LICENSE("GPL");
676MODULE_AUTHOR("James Chapman <jchapman@katalix.com>");
677MODULE_DESCRIPTION("L2TP over IP");
678MODULE_VERSION("1.0");
679MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET, SOCK_DGRAM, IPPROTO_L2TP);
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index e5b531266541..63fc62baeeb9 100644
--- a/net/l2tp/l2tp_ppp.c
+++ b/net/l2tp/l2tp_ppp.c
@@ -305,6 +305,7 @@ static int pppol2tp_sendmsg(struct kiocb *iocb, struct socket *sock, struct msgh
305 struct l2tp_session *session; 305 struct l2tp_session *session;
306 struct l2tp_tunnel *tunnel; 306 struct l2tp_tunnel *tunnel;
307 struct pppol2tp_session *ps; 307 struct pppol2tp_session *ps;
308 int uhlen;
308 309
309 error = -ENOTCONN; 310 error = -ENOTCONN;
310 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED)) 311 if (sock_flag(sk, SOCK_DEAD) || !(sk->sk_state & PPPOX_CONNECTED))
@@ -321,10 +322,12 @@ static int pppol2tp_sendmsg(struct kiocb *iocb, struct socket *sock, struct msgh
321 if (tunnel == NULL) 322 if (tunnel == NULL)
322 goto error_put_sess; 323 goto error_put_sess;
323 324
325 uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0;
326
324 /* Allocate a socket buffer */ 327 /* Allocate a socket buffer */
325 error = -ENOMEM; 328 error = -ENOMEM;
326 skb = sock_wmalloc(sk, NET_SKB_PAD + sizeof(struct iphdr) + 329 skb = sock_wmalloc(sk, NET_SKB_PAD + sizeof(struct iphdr) +
327 sizeof(struct udphdr) + session->hdr_len + 330 uhlen + session->hdr_len +
328 sizeof(ppph) + total_len, 331 sizeof(ppph) + total_len,
329 0, GFP_KERNEL); 332 0, GFP_KERNEL);
330 if (!skb) 333 if (!skb)
@@ -335,7 +338,7 @@ static int pppol2tp_sendmsg(struct kiocb *iocb, struct socket *sock, struct msgh
335 skb_reset_network_header(skb); 338 skb_reset_network_header(skb);
336 skb_reserve(skb, sizeof(struct iphdr)); 339 skb_reserve(skb, sizeof(struct iphdr));
337 skb_reset_transport_header(skb); 340 skb_reset_transport_header(skb);
338 skb_reserve(skb, sizeof(struct udphdr)); 341 skb_reserve(skb, uhlen);
339 342
340 /* Add PPP header */ 343 /* Add PPP header */
341 skb->data[0] = ppph[0]; 344 skb->data[0] = ppph[0];