2010-04-02 13:18:33 +07:00
|
|
|
/*
|
|
|
|
* L2TP core.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2008,2009,2010 Katalix Systems Ltd
|
|
|
|
*
|
|
|
|
* This file contains some code of the original L2TPv2 pppol2tp
|
|
|
|
* driver, which has the following copyright:
|
|
|
|
*
|
|
|
|
* Authors: Martijn van Oosterhout <kleptog@svana.org>
|
|
|
|
* James Chapman (jchapman@katalix.com)
|
|
|
|
* Contributors:
|
|
|
|
* Michal Ostrowski <mostrows@speakeasy.net>
|
|
|
|
* Arnaldo Carvalho de Melo <acme@xconectiva.com.br>
|
|
|
|
* David S. Miller (davem@redhat.com)
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
*/
|
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
#include <linux/module.h>
|
|
|
|
#include <linux/string.h>
|
|
|
|
#include <linux/list.h>
|
2010-04-02 13:19:16 +07:00
|
|
|
#include <linux/rculist.h>
|
2010-04-02 13:18:33 +07:00
|
|
|
#include <linux/uaccess.h>
|
|
|
|
|
|
|
|
#include <linux/kernel.h>
|
|
|
|
#include <linux/spinlock.h>
|
|
|
|
#include <linux/kthread.h>
|
|
|
|
#include <linux/sched.h>
|
|
|
|
#include <linux/slab.h>
|
|
|
|
#include <linux/errno.h>
|
|
|
|
#include <linux/jiffies.h>
|
|
|
|
|
|
|
|
#include <linux/netdevice.h>
|
|
|
|
#include <linux/net.h>
|
|
|
|
#include <linux/inetdevice.h>
|
|
|
|
#include <linux/skbuff.h>
|
|
|
|
#include <linux/init.h>
|
2010-04-02 13:19:00 +07:00
|
|
|
#include <linux/in.h>
|
2010-04-02 13:18:33 +07:00
|
|
|
#include <linux/ip.h>
|
|
|
|
#include <linux/udp.h>
|
2010-04-02 13:19:00 +07:00
|
|
|
#include <linux/l2tp.h>
|
2010-04-02 13:18:33 +07:00
|
|
|
#include <linux/hash.h>
|
|
|
|
#include <linux/sort.h>
|
|
|
|
#include <linux/file.h>
|
|
|
|
#include <linux/nsproxy.h>
|
|
|
|
#include <net/net_namespace.h>
|
|
|
|
#include <net/netns/generic.h>
|
|
|
|
#include <net/dst.h>
|
|
|
|
#include <net/ip.h>
|
|
|
|
#include <net/udp.h>
|
2014-07-14 09:49:48 +07:00
|
|
|
#include <net/udp_tunnel.h>
|
2010-04-02 13:19:10 +07:00
|
|
|
#include <net/inet_common.h>
|
2010-04-02 13:18:33 +07:00
|
|
|
#include <net/xfrm.h>
|
2010-04-02 13:19:00 +07:00
|
|
|
#include <net/protocol.h>
|
2012-04-27 15:24:18 +07:00
|
|
|
#include <net/inet6_connection_sock.h>
|
|
|
|
#include <net/inet_ecn.h>
|
|
|
|
#include <net/ip6_route.h>
|
2012-05-01 00:21:28 +07:00
|
|
|
#include <net/ip6_checksum.h>
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
#include <asm/byteorder.h>
|
2011-07-27 06:09:06 +07:00
|
|
|
#include <linux/atomic.h>
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
#include "l2tp_core.h"
|
|
|
|
|
|
|
|
#define L2TP_DRV_VERSION "V2.0"
|
|
|
|
|
|
|
|
/* L2TP header constants */
|
|
|
|
#define L2TP_HDRFLAG_T 0x8000
|
|
|
|
#define L2TP_HDRFLAG_L 0x4000
|
|
|
|
#define L2TP_HDRFLAG_S 0x0800
|
|
|
|
#define L2TP_HDRFLAG_O 0x0200
|
|
|
|
#define L2TP_HDRFLAG_P 0x0100
|
|
|
|
|
|
|
|
#define L2TP_HDR_VER_MASK 0x000F
|
|
|
|
#define L2TP_HDR_VER_2 0x0002
|
2010-04-02 13:18:49 +07:00
|
|
|
#define L2TP_HDR_VER_3 0x0003
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* L2TPv3 default L2-specific sublayer */
|
|
|
|
#define L2TP_SLFLAG_S 0x40000000
|
|
|
|
#define L2TP_SL_SEQ_MASK 0x00ffffff
|
|
|
|
|
|
|
|
#define L2TP_HDR_SIZE_SEQ 10
|
|
|
|
#define L2TP_HDR_SIZE_NOSEQ 6
|
|
|
|
|
|
|
|
/* Default trace flags */
|
|
|
|
#define L2TP_DEFAULT_DEBUG_FLAGS 0
|
|
|
|
|
|
|
|
/* Private data stored for received packets in the skb.
|
|
|
|
*/
|
|
|
|
struct l2tp_skb_cb {
|
2010-04-02 13:18:49 +07:00
|
|
|
u32 ns;
|
2010-04-02 13:18:33 +07:00
|
|
|
u16 has_seq;
|
|
|
|
u16 length;
|
|
|
|
unsigned long expires;
|
|
|
|
};
|
|
|
|
|
|
|
|
#define L2TP_SKB_CB(skb) ((struct l2tp_skb_cb *) &skb->cb[sizeof(struct inet_skb_parm)])
|
|
|
|
|
2013-02-01 06:43:00 +07:00
|
|
|
static struct workqueue_struct *l2tp_wq;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* per-net private data for this module */
|
|
|
|
static unsigned int l2tp_net_id;
|
|
|
|
struct l2tp_net {
|
|
|
|
struct list_head l2tp_tunnel_list;
|
2010-04-02 13:19:16 +07:00
|
|
|
spinlock_t l2tp_tunnel_list_lock;
|
2010-04-02 13:18:49 +07:00
|
|
|
struct hlist_head l2tp_session_hlist[L2TP_HASH_SIZE_2];
|
2010-04-02 13:19:16 +07:00
|
|
|
spinlock_t l2tp_session_hlist_lock;
|
2010-04-02 13:18:33 +07:00
|
|
|
};
|
|
|
|
|
2010-10-21 14:50:46 +07:00
|
|
|
|
2013-10-09 02:44:26 +07:00
|
|
|
static inline struct l2tp_tunnel *l2tp_tunnel(struct sock *sk)
|
|
|
|
{
|
|
|
|
return sk->sk_user_data;
|
|
|
|
}
|
|
|
|
|
2017-04-12 15:05:29 +07:00
|
|
|
static inline struct l2tp_net *l2tp_pernet(const struct net *net)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
|
|
|
BUG_ON(!net);
|
|
|
|
|
|
|
|
return net_generic(net, l2tp_net_id);
|
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Session hash global list for L2TPv3.
|
|
|
|
* The session_id SHOULD be random according to RFC3931, but several
|
|
|
|
* L2TP implementations use incrementing session_ids. So we do a real
|
|
|
|
* hash on the session_id, rather than a simple bitmask.
|
|
|
|
*/
|
|
|
|
static inline struct hlist_head *
|
|
|
|
l2tp_session_id_hash_2(struct l2tp_net *pn, u32 session_id)
|
|
|
|
{
|
|
|
|
return &pn->l2tp_session_hlist[hash_32(session_id, L2TP_HASH_BITS_2)];
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2013-01-22 12:13:48 +07:00
|
|
|
/* Lookup the tunnel socket, possibly involving the fs code if the socket is
|
|
|
|
* owned by userspace. A struct sock returned from this function must be
|
|
|
|
* released using l2tp_tunnel_sock_put once you're done with it.
|
|
|
|
*/
|
2014-01-10 13:22:27 +07:00
|
|
|
static struct sock *l2tp_tunnel_sock_lookup(struct l2tp_tunnel *tunnel)
|
2013-01-22 12:13:48 +07:00
|
|
|
{
|
|
|
|
int err = 0;
|
|
|
|
struct socket *sock = NULL;
|
|
|
|
struct sock *sk = NULL;
|
|
|
|
|
|
|
|
if (!tunnel)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (tunnel->fd >= 0) {
|
|
|
|
/* Socket is owned by userspace, who might be in the process
|
|
|
|
* of closing it. Look the socket up using the fd to ensure
|
|
|
|
* consistency.
|
|
|
|
*/
|
|
|
|
sock = sockfd_lookup(tunnel->fd, &err);
|
|
|
|
if (sock)
|
|
|
|
sk = sock->sk;
|
|
|
|
} else {
|
|
|
|
/* Socket is owned by kernelspace */
|
|
|
|
sk = tunnel->sock;
|
2013-03-19 13:11:17 +07:00
|
|
|
sock_hold(sk);
|
2013-01-22 12:13:48 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
return sk;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Drop a reference to a tunnel socket obtained via. l2tp_tunnel_sock_put */
|
2014-01-10 13:22:27 +07:00
|
|
|
static void l2tp_tunnel_sock_put(struct sock *sk)
|
2013-01-22 12:13:48 +07:00
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel = l2tp_sock_to_tunnel(sk);
|
|
|
|
if (tunnel) {
|
|
|
|
if (tunnel->fd >= 0) {
|
|
|
|
/* Socket is owned by userspace */
|
|
|
|
sockfd_put(sk->sk_socket);
|
|
|
|
}
|
|
|
|
sock_put(sk);
|
|
|
|
}
|
2013-03-19 13:11:17 +07:00
|
|
|
sock_put(sk);
|
2013-01-22 12:13:48 +07:00
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
/* Session hash list.
|
|
|
|
* The session_id SHOULD be random according to RFC2661, but several
|
|
|
|
* L2TP implementations (Cisco and Microsoft) use incrementing
|
|
|
|
* session_ids. So we do a real hash on the session_id, rather than a
|
|
|
|
* simple bitmask.
|
|
|
|
*/
|
|
|
|
static inline struct hlist_head *
|
|
|
|
l2tp_session_id_hash(struct l2tp_tunnel *tunnel, u32 session_id)
|
|
|
|
{
|
|
|
|
return &tunnel->session_hlist[hash_32(session_id, L2TP_HASH_BITS)];
|
|
|
|
}
|
|
|
|
|
2017-08-25 21:51:40 +07:00
|
|
|
/* Lookup a tunnel. A new reference is held on the returned tunnel. */
|
|
|
|
struct l2tp_tunnel *l2tp_tunnel_get(const struct net *net, u32 tunnel_id)
|
|
|
|
{
|
|
|
|
const struct l2tp_net *pn = l2tp_pernet(net);
|
|
|
|
struct l2tp_tunnel *tunnel;
|
|
|
|
|
|
|
|
rcu_read_lock_bh();
|
|
|
|
list_for_each_entry_rcu(tunnel, &pn->l2tp_tunnel_list, list) {
|
|
|
|
if (tunnel->tunnel_id == tunnel_id) {
|
|
|
|
l2tp_tunnel_inc_refcount(tunnel);
|
|
|
|
rcu_read_unlock_bh();
|
|
|
|
|
|
|
|
return tunnel;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
rcu_read_unlock_bh();
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_tunnel_get);
|
|
|
|
|
2017-10-31 23:36:42 +07:00
|
|
|
/* Lookup a session. A new reference is held on the returned session. */
|
2017-04-12 15:05:29 +07:00
|
|
|
struct l2tp_session *l2tp_session_get(const struct net *net,
|
2017-03-31 18:02:25 +07:00
|
|
|
struct l2tp_tunnel *tunnel,
|
2017-10-31 23:36:42 +07:00
|
|
|
u32 session_id)
|
2017-03-31 18:02:25 +07:00
|
|
|
{
|
|
|
|
struct hlist_head *session_list;
|
|
|
|
struct l2tp_session *session;
|
|
|
|
|
|
|
|
if (!tunnel) {
|
|
|
|
struct l2tp_net *pn = l2tp_pernet(net);
|
|
|
|
|
|
|
|
session_list = l2tp_session_id_hash_2(pn, session_id);
|
|
|
|
|
|
|
|
rcu_read_lock_bh();
|
|
|
|
hlist_for_each_entry_rcu(session, session_list, global_hlist) {
|
|
|
|
if (session->session_id == session_id) {
|
|
|
|
l2tp_session_inc_refcount(session);
|
|
|
|
rcu_read_unlock_bh();
|
|
|
|
|
|
|
|
return session;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
rcu_read_unlock_bh();
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
session_list = l2tp_session_id_hash(tunnel, session_id);
|
|
|
|
read_lock_bh(&tunnel->hlist_lock);
|
|
|
|
hlist_for_each_entry(session, session_list, hlist) {
|
|
|
|
if (session->session_id == session_id) {
|
|
|
|
l2tp_session_inc_refcount(session);
|
|
|
|
read_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
|
|
|
|
return session;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
read_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_get);
|
|
|
|
|
2017-10-31 23:36:42 +07:00
|
|
|
struct l2tp_session *l2tp_session_get_nth(struct l2tp_tunnel *tunnel, int nth)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
|
|
|
int hash;
|
|
|
|
struct l2tp_session *session;
|
|
|
|
int count = 0;
|
|
|
|
|
|
|
|
read_lock_bh(&tunnel->hlist_lock);
|
|
|
|
for (hash = 0; hash < L2TP_HASH_SIZE; hash++) {
|
hlist: drop the node parameter from iterators
I'm not sure why, but the hlist for each entry iterators were conceived
list_for_each_entry(pos, head, member)
The hlist ones were greedy and wanted an extra parameter:
hlist_for_each_entry(tpos, pos, head, member)
Why did they need an extra pos parameter? I'm not quite sure. Not only
they don't really need it, it also prevents the iterator from looking
exactly like the list iterator, which is unfortunate.
Besides the semantic patch, there was some manual work required:
- Fix up the actual hlist iterators in linux/list.h
- Fix up the declaration of other iterators based on the hlist ones.
- A very small amount of places were using the 'node' parameter, this
was modified to use 'obj->member' instead.
- Coccinelle didn't handle the hlist_for_each_entry_safe iterator
properly, so those had to be fixed up manually.
The semantic patch which is mostly the work of Peter Senna Tschudin is here:
@@
iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;
type T;
expression a,c,d,e;
identifier b;
statement S;
@@
-T b;
<+... when != b
(
hlist_for_each_entry(a,
- b,
c, d) S
|
hlist_for_each_entry_continue(a,
- b,
c) S
|
hlist_for_each_entry_from(a,
- b,
c) S
|
hlist_for_each_entry_rcu(a,
- b,
c, d) S
|
hlist_for_each_entry_rcu_bh(a,
- b,
c, d) S
|
hlist_for_each_entry_continue_rcu_bh(a,
- b,
c) S
|
for_each_busy_worker(a, c,
- b,
d) S
|
ax25_uid_for_each(a,
- b,
c) S
|
ax25_for_each(a,
- b,
c) S
|
inet_bind_bucket_for_each(a,
- b,
c) S
|
sctp_for_each_hentry(a,
- b,
c) S
|
sk_for_each(a,
- b,
c) S
|
sk_for_each_rcu(a,
- b,
c) S
|
sk_for_each_from
-(a, b)
+(a)
S
+ sk_for_each_from(a) S
|
sk_for_each_safe(a,
- b,
c, d) S
|
sk_for_each_bound(a,
- b,
c) S
|
hlist_for_each_entry_safe(a,
- b,
c, d, e) S
|
hlist_for_each_entry_continue_rcu(a,
- b,
c) S
|
nr_neigh_for_each(a,
- b,
c) S
|
nr_neigh_for_each_safe(a,
- b,
c, d) S
|
nr_node_for_each(a,
- b,
c) S
|
nr_node_for_each_safe(a,
- b,
c, d) S
|
- for_each_gfn_sp(a, c, d, b) S
+ for_each_gfn_sp(a, c, d) S
|
- for_each_gfn_indirect_valid_sp(a, c, d, b) S
+ for_each_gfn_indirect_valid_sp(a, c, d) S
|
for_each_host(a,
- b,
c) S
|
for_each_host_safe(a,
- b,
c, d) S
|
for_each_mesh_entry(a,
- b,
c, d) S
)
...+>
[akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
[akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
[akpm@linux-foundation.org: checkpatch fixes]
[akpm@linux-foundation.org: fix warnings]
[akpm@linux-foudnation.org: redo intrusive kvm changes]
Tested-by: Peter Senna Tschudin <peter.senna@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Cc: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 08:06:00 +07:00
|
|
|
hlist_for_each_entry(session, &tunnel->session_hlist[hash], hlist) {
|
2010-04-02 13:18:33 +07:00
|
|
|
if (++count > nth) {
|
2017-04-03 17:03:13 +07:00
|
|
|
l2tp_session_inc_refcount(session);
|
2010-04-02 13:18:33 +07:00
|
|
|
read_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
return session;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
read_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
2017-04-03 17:03:13 +07:00
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_get_nth);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2010-04-02 13:19:10 +07:00
|
|
|
/* Lookup a session by interface name.
|
|
|
|
* This is very inefficient but is only used by management interfaces.
|
|
|
|
*/
|
2017-04-12 15:05:29 +07:00
|
|
|
struct l2tp_session *l2tp_session_get_by_ifname(const struct net *net,
|
2017-10-31 23:36:42 +07:00
|
|
|
const char *ifname)
|
2010-04-02 13:19:10 +07:00
|
|
|
{
|
|
|
|
struct l2tp_net *pn = l2tp_pernet(net);
|
|
|
|
int hash;
|
|
|
|
struct l2tp_session *session;
|
|
|
|
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_lock_bh();
|
2010-04-02 13:19:10 +07:00
|
|
|
for (hash = 0; hash < L2TP_HASH_SIZE_2; hash++) {
|
hlist: drop the node parameter from iterators
I'm not sure why, but the hlist for each entry iterators were conceived
list_for_each_entry(pos, head, member)
The hlist ones were greedy and wanted an extra parameter:
hlist_for_each_entry(tpos, pos, head, member)
Why did they need an extra pos parameter? I'm not quite sure. Not only
they don't really need it, it also prevents the iterator from looking
exactly like the list iterator, which is unfortunate.
Besides the semantic patch, there was some manual work required:
- Fix up the actual hlist iterators in linux/list.h
- Fix up the declaration of other iterators based on the hlist ones.
- A very small amount of places were using the 'node' parameter, this
was modified to use 'obj->member' instead.
- Coccinelle didn't handle the hlist_for_each_entry_safe iterator
properly, so those had to be fixed up manually.
The semantic patch which is mostly the work of Peter Senna Tschudin is here:
@@
iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;
type T;
expression a,c,d,e;
identifier b;
statement S;
@@
-T b;
<+... when != b
(
hlist_for_each_entry(a,
- b,
c, d) S
|
hlist_for_each_entry_continue(a,
- b,
c) S
|
hlist_for_each_entry_from(a,
- b,
c) S
|
hlist_for_each_entry_rcu(a,
- b,
c, d) S
|
hlist_for_each_entry_rcu_bh(a,
- b,
c, d) S
|
hlist_for_each_entry_continue_rcu_bh(a,
- b,
c) S
|
for_each_busy_worker(a, c,
- b,
d) S
|
ax25_uid_for_each(a,
- b,
c) S
|
ax25_for_each(a,
- b,
c) S
|
inet_bind_bucket_for_each(a,
- b,
c) S
|
sctp_for_each_hentry(a,
- b,
c) S
|
sk_for_each(a,
- b,
c) S
|
sk_for_each_rcu(a,
- b,
c) S
|
sk_for_each_from
-(a, b)
+(a)
S
+ sk_for_each_from(a) S
|
sk_for_each_safe(a,
- b,
c, d) S
|
sk_for_each_bound(a,
- b,
c) S
|
hlist_for_each_entry_safe(a,
- b,
c, d, e) S
|
hlist_for_each_entry_continue_rcu(a,
- b,
c) S
|
nr_neigh_for_each(a,
- b,
c) S
|
nr_neigh_for_each_safe(a,
- b,
c, d) S
|
nr_node_for_each(a,
- b,
c) S
|
nr_node_for_each_safe(a,
- b,
c, d) S
|
- for_each_gfn_sp(a, c, d, b) S
+ for_each_gfn_sp(a, c, d) S
|
- for_each_gfn_indirect_valid_sp(a, c, d, b) S
+ for_each_gfn_indirect_valid_sp(a, c, d) S
|
for_each_host(a,
- b,
c) S
|
for_each_host_safe(a,
- b,
c, d) S
|
for_each_mesh_entry(a,
- b,
c, d) S
)
...+>
[akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
[akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
[akpm@linux-foundation.org: checkpatch fixes]
[akpm@linux-foundation.org: fix warnings]
[akpm@linux-foudnation.org: redo intrusive kvm changes]
Tested-by: Peter Senna Tschudin <peter.senna@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Cc: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 08:06:00 +07:00
|
|
|
hlist_for_each_entry_rcu(session, &pn->l2tp_session_hlist[hash], global_hlist) {
|
2010-04-02 13:19:10 +07:00
|
|
|
if (!strcmp(session->ifname, ifname)) {
|
2017-03-31 18:02:30 +07:00
|
|
|
l2tp_session_inc_refcount(session);
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_unlock_bh();
|
2017-03-31 18:02:30 +07:00
|
|
|
|
2010-04-02 13:19:10 +07:00
|
|
|
return session;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_unlock_bh();
|
2010-04-02 13:19:10 +07:00
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
2017-03-31 18:02:30 +07:00
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_get_by_ifname);
|
2010-04-02 13:19:10 +07:00
|
|
|
|
2017-10-27 21:51:50 +07:00
|
|
|
int l2tp_session_register(struct l2tp_session *session,
|
|
|
|
struct l2tp_tunnel *tunnel)
|
2017-03-31 18:02:27 +07:00
|
|
|
{
|
|
|
|
struct l2tp_session *session_walk;
|
|
|
|
struct hlist_head *g_head;
|
|
|
|
struct hlist_head *head;
|
|
|
|
struct l2tp_net *pn;
|
2017-09-01 22:58:48 +07:00
|
|
|
int err;
|
2017-03-31 18:02:27 +07:00
|
|
|
|
|
|
|
head = l2tp_session_id_hash(tunnel, session->session_id);
|
|
|
|
|
|
|
|
write_lock_bh(&tunnel->hlist_lock);
|
2017-09-01 22:58:48 +07:00
|
|
|
if (!tunnel->acpt_newsess) {
|
|
|
|
err = -ENODEV;
|
|
|
|
goto err_tlock;
|
|
|
|
}
|
|
|
|
|
2017-03-31 18:02:27 +07:00
|
|
|
hlist_for_each_entry(session_walk, head, hlist)
|
2017-09-01 22:58:48 +07:00
|
|
|
if (session_walk->session_id == session->session_id) {
|
|
|
|
err = -EEXIST;
|
|
|
|
goto err_tlock;
|
|
|
|
}
|
2017-03-31 18:02:27 +07:00
|
|
|
|
|
|
|
if (tunnel->version == L2TP_HDR_VER_3) {
|
|
|
|
pn = l2tp_pernet(tunnel->l2tp_net);
|
|
|
|
g_head = l2tp_session_id_hash_2(l2tp_pernet(tunnel->l2tp_net),
|
|
|
|
session->session_id);
|
|
|
|
|
|
|
|
spin_lock_bh(&pn->l2tp_session_hlist_lock);
|
2017-09-01 22:58:48 +07:00
|
|
|
|
2017-03-31 18:02:27 +07:00
|
|
|
hlist_for_each_entry(session_walk, g_head, global_hlist)
|
2017-09-01 22:58:48 +07:00
|
|
|
if (session_walk->session_id == session->session_id) {
|
|
|
|
err = -EEXIST;
|
|
|
|
goto err_tlock_pnlock;
|
|
|
|
}
|
2017-03-31 18:02:27 +07:00
|
|
|
|
2017-09-01 22:58:48 +07:00
|
|
|
l2tp_tunnel_inc_refcount(tunnel);
|
|
|
|
sock_hold(tunnel->sock);
|
2017-03-31 18:02:27 +07:00
|
|
|
hlist_add_head_rcu(&session->global_hlist, g_head);
|
2017-09-01 22:58:48 +07:00
|
|
|
|
2017-03-31 18:02:27 +07:00
|
|
|
spin_unlock_bh(&pn->l2tp_session_hlist_lock);
|
2017-09-01 22:58:48 +07:00
|
|
|
} else {
|
|
|
|
l2tp_tunnel_inc_refcount(tunnel);
|
|
|
|
sock_hold(tunnel->sock);
|
2017-03-31 18:02:27 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
hlist_add_head(&session->hlist, head);
|
|
|
|
write_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
2017-09-01 22:58:48 +07:00
|
|
|
err_tlock_pnlock:
|
2017-03-31 18:02:27 +07:00
|
|
|
spin_unlock_bh(&pn->l2tp_session_hlist_lock);
|
2017-09-01 22:58:48 +07:00
|
|
|
err_tlock:
|
2017-03-31 18:02:27 +07:00
|
|
|
write_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
|
2017-09-01 22:58:48 +07:00
|
|
|
return err;
|
2017-03-31 18:02:27 +07:00
|
|
|
}
|
2017-10-27 21:51:50 +07:00
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_register);
|
2017-03-31 18:02:27 +07:00
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
/* Lookup a tunnel by id
|
|
|
|
*/
|
2017-04-12 15:05:30 +07:00
|
|
|
struct l2tp_tunnel *l2tp_tunnel_find(const struct net *net, u32 tunnel_id)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel;
|
|
|
|
struct l2tp_net *pn = l2tp_pernet(net);
|
|
|
|
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_lock_bh();
|
|
|
|
list_for_each_entry_rcu(tunnel, &pn->l2tp_tunnel_list, list) {
|
2010-04-02 13:18:33 +07:00
|
|
|
if (tunnel->tunnel_id == tunnel_id) {
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_unlock_bh();
|
2010-04-02 13:18:33 +07:00
|
|
|
return tunnel;
|
|
|
|
}
|
|
|
|
}
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_unlock_bh();
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_tunnel_find);
|
|
|
|
|
2017-04-12 15:05:30 +07:00
|
|
|
struct l2tp_tunnel *l2tp_tunnel_find_nth(const struct net *net, int nth)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
|
|
|
struct l2tp_net *pn = l2tp_pernet(net);
|
|
|
|
struct l2tp_tunnel *tunnel;
|
|
|
|
int count = 0;
|
|
|
|
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_lock_bh();
|
|
|
|
list_for_each_entry_rcu(tunnel, &pn->l2tp_tunnel_list, list) {
|
2010-04-02 13:18:33 +07:00
|
|
|
if (++count > nth) {
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_unlock_bh();
|
2010-04-02 13:18:33 +07:00
|
|
|
return tunnel;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-04-02 13:19:16 +07:00
|
|
|
rcu_read_unlock_bh();
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_tunnel_find_nth);
|
|
|
|
|
|
|
|
/*****************************************************************************
|
|
|
|
* Receive data handling
|
|
|
|
*****************************************************************************/
|
|
|
|
|
|
|
|
/* Queue a skb in order. We come here only if the skb has an L2TP sequence
|
|
|
|
* number.
|
|
|
|
*/
|
|
|
|
static void l2tp_recv_queue_skb(struct l2tp_session *session, struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
struct sk_buff *skbp;
|
|
|
|
struct sk_buff *tmp;
|
2010-04-02 13:18:49 +07:00
|
|
|
u32 ns = L2TP_SKB_CB(skb)->ns;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
spin_lock_bh(&session->reorder_q.lock);
|
|
|
|
skb_queue_walk_safe(&session->reorder_q, skbp, tmp) {
|
|
|
|
if (L2TP_SKB_CB(skbp)->ns > ns) {
|
|
|
|
__skb_queue_before(&session->reorder_q, skbp, skb);
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: pkt %hu, inserted before %hu, reorder_q len=%d\n",
|
|
|
|
session->name, ns, L2TP_SKB_CB(skbp)->ns,
|
|
|
|
skb_queue_len(&session->reorder_q));
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&session->stats.rx_oos_packets);
|
2010-04-02 13:18:33 +07:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
__skb_queue_tail(&session->reorder_q, skb);
|
|
|
|
|
|
|
|
out:
|
|
|
|
spin_unlock_bh(&session->reorder_q.lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Dequeue a single skb.
|
|
|
|
*/
|
|
|
|
static void l2tp_recv_dequeue_skb(struct l2tp_session *session, struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel = session->tunnel;
|
|
|
|
int length = L2TP_SKB_CB(skb)->length;
|
|
|
|
|
|
|
|
/* We're about to requeue the skb, so return resources
|
|
|
|
* to its current owner (a socket receive buffer).
|
|
|
|
*/
|
|
|
|
skb_orphan(skb);
|
|
|
|
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&tunnel->stats.rx_packets);
|
|
|
|
atomic_long_add(length, &tunnel->stats.rx_bytes);
|
|
|
|
atomic_long_inc(&session->stats.rx_packets);
|
|
|
|
atomic_long_add(length, &session->stats.rx_bytes);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
if (L2TP_SKB_CB(skb)->has_seq) {
|
|
|
|
/* Bump our Nr */
|
|
|
|
session->nr++;
|
2013-07-03 02:28:59 +07:00
|
|
|
session->nr &= session->nr_max;
|
2010-04-02 13:18:49 +07:00
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ, "%s: updated nr to %hu\n",
|
|
|
|
session->name, session->nr);
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
/* call private receive handler */
|
|
|
|
if (session->recv_skb != NULL)
|
|
|
|
(*session->recv_skb)(session, skb, L2TP_SKB_CB(skb)->length);
|
|
|
|
else
|
|
|
|
kfree_skb(skb);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Dequeue skbs from the session's reorder_q, subject to packet order.
|
|
|
|
* Skbs that have been in the queue for too long are simply discarded.
|
|
|
|
*/
|
|
|
|
static void l2tp_recv_dequeue(struct l2tp_session *session)
|
|
|
|
{
|
|
|
|
struct sk_buff *skb;
|
|
|
|
struct sk_buff *tmp;
|
|
|
|
|
|
|
|
/* If the pkt at the head of the queue has the nr that we
|
|
|
|
* expect to send up next, dequeue it and any other
|
|
|
|
* in-sequence packets behind it.
|
|
|
|
*/
|
2011-11-03 05:47:44 +07:00
|
|
|
start:
|
2010-04-02 13:18:33 +07:00
|
|
|
spin_lock_bh(&session->reorder_q.lock);
|
|
|
|
skb_queue_walk_safe(&session->reorder_q, skb, tmp) {
|
|
|
|
if (time_after(jiffies, L2TP_SKB_CB(skb)->expires)) {
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&session->stats.rx_seq_discards);
|
|
|
|
atomic_long_inc(&session->stats.rx_errors);
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: oos pkt %u len %d discarded (too old), waiting for %u, reorder_q_len=%d\n",
|
|
|
|
session->name, L2TP_SKB_CB(skb)->ns,
|
|
|
|
L2TP_SKB_CB(skb)->length, session->nr,
|
|
|
|
skb_queue_len(&session->reorder_q));
|
2012-05-10 06:43:08 +07:00
|
|
|
session->reorder_skip = 1;
|
2010-04-02 13:18:33 +07:00
|
|
|
__skb_unlink(skb, &session->reorder_q);
|
|
|
|
kfree_skb(skb);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (L2TP_SKB_CB(skb)->has_seq) {
|
2012-05-10 06:43:08 +07:00
|
|
|
if (session->reorder_skip) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: advancing nr to next pkt: %u -> %u",
|
|
|
|
session->name, session->nr,
|
|
|
|
L2TP_SKB_CB(skb)->ns);
|
2012-05-10 06:43:08 +07:00
|
|
|
session->reorder_skip = 0;
|
|
|
|
session->nr = L2TP_SKB_CB(skb)->ns;
|
|
|
|
}
|
2010-04-02 13:18:33 +07:00
|
|
|
if (L2TP_SKB_CB(skb)->ns != session->nr) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: holding oos pkt %u len %d, waiting for %u, reorder_q_len=%d\n",
|
|
|
|
session->name, L2TP_SKB_CB(skb)->ns,
|
|
|
|
L2TP_SKB_CB(skb)->length, session->nr,
|
|
|
|
skb_queue_len(&session->reorder_q));
|
2010-04-02 13:18:33 +07:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
__skb_unlink(skb, &session->reorder_q);
|
|
|
|
|
|
|
|
/* Process the skb. We release the queue lock while we
|
|
|
|
* do so to let other contexts process the queue.
|
|
|
|
*/
|
|
|
|
spin_unlock_bh(&session->reorder_q.lock);
|
|
|
|
l2tp_recv_dequeue_skb(session, skb);
|
2011-11-03 05:47:44 +07:00
|
|
|
goto start;
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
spin_unlock_bh(&session->reorder_q.lock);
|
|
|
|
}
|
|
|
|
|
2013-07-03 02:28:59 +07:00
|
|
|
static int l2tp_seq_check_rx_window(struct l2tp_session *session, u32 nr)
|
|
|
|
{
|
|
|
|
u32 nws;
|
|
|
|
|
|
|
|
if (nr >= session->nr)
|
|
|
|
nws = nr - session->nr;
|
|
|
|
else
|
|
|
|
nws = (session->nr_max + 1) - (session->nr - nr);
|
|
|
|
|
|
|
|
return nws < session->nr_window_size;
|
|
|
|
}
|
|
|
|
|
2013-07-03 02:28:58 +07:00
|
|
|
/* If packet has sequence numbers, queue it if acceptable. Returns 0 if
|
|
|
|
* acceptable, else non-zero.
|
|
|
|
*/
|
|
|
|
static int l2tp_recv_data_seq(struct l2tp_session *session, struct sk_buff *skb)
|
|
|
|
{
|
2013-07-03 02:28:59 +07:00
|
|
|
if (!l2tp_seq_check_rx_window(session, L2TP_SKB_CB(skb)->ns)) {
|
|
|
|
/* Packet sequence number is outside allowed window.
|
|
|
|
* Discard it.
|
|
|
|
*/
|
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: pkt %u len %d discarded, outside window, nr=%u\n",
|
|
|
|
session->name, L2TP_SKB_CB(skb)->ns,
|
|
|
|
L2TP_SKB_CB(skb)->length, session->nr);
|
|
|
|
goto discard;
|
|
|
|
}
|
|
|
|
|
2013-07-03 02:28:58 +07:00
|
|
|
if (session->reorder_timeout != 0) {
|
|
|
|
/* Packet reordering enabled. Add skb to session's
|
|
|
|
* reorder queue, in order of ns.
|
|
|
|
*/
|
|
|
|
l2tp_recv_queue_skb(session, skb);
|
2013-07-03 02:29:00 +07:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Packet reordering disabled. Discard out-of-sequence packets, while
|
|
|
|
* tracking the number if in-sequence packets after the first OOS packet
|
|
|
|
* is seen. After nr_oos_count_max in-sequence packets, reset the
|
|
|
|
* sequence number to re-enable packet reception.
|
|
|
|
*/
|
|
|
|
if (L2TP_SKB_CB(skb)->ns == session->nr) {
|
|
|
|
skb_queue_tail(&session->reorder_q, skb);
|
2013-07-03 02:28:58 +07:00
|
|
|
} else {
|
2013-07-03 02:29:00 +07:00
|
|
|
u32 nr_oos = L2TP_SKB_CB(skb)->ns;
|
|
|
|
u32 nr_next = (session->nr_oos + 1) & session->nr_max;
|
|
|
|
|
|
|
|
if (nr_oos == nr_next)
|
|
|
|
session->nr_oos_count++;
|
|
|
|
else
|
|
|
|
session->nr_oos_count = 0;
|
|
|
|
|
|
|
|
session->nr_oos = nr_oos;
|
|
|
|
if (session->nr_oos_count > session->nr_oos_count_max) {
|
|
|
|
session->reorder_skip = 1;
|
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: %d oos packets received. Resetting sequence numbers\n",
|
|
|
|
session->name, session->nr_oos_count);
|
|
|
|
}
|
|
|
|
if (!session->reorder_skip) {
|
2013-07-03 02:28:58 +07:00
|
|
|
atomic_long_inc(&session->stats.rx_seq_discards);
|
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: oos pkt %u len %d discarded, waiting for %u, reorder_q_len=%d\n",
|
|
|
|
session->name, L2TP_SKB_CB(skb)->ns,
|
|
|
|
L2TP_SKB_CB(skb)->length, session->nr,
|
|
|
|
skb_queue_len(&session->reorder_q));
|
|
|
|
goto discard;
|
|
|
|
}
|
|
|
|
skb_queue_tail(&session->reorder_q, skb);
|
|
|
|
}
|
|
|
|
|
2013-07-03 02:29:00 +07:00
|
|
|
out:
|
2013-07-03 02:28:58 +07:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
discard:
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Do receive processing of L2TP data frames. We handle both L2TPv2
|
|
|
|
* and L2TPv3 data frames here.
|
|
|
|
*
|
|
|
|
* L2TPv2 Data Message Header
|
|
|
|
*
|
|
|
|
* 0 1 2 3
|
|
|
|
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* |T|L|x|x|S|x|O|P|x|x|x|x| Ver | Length (opt) |
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* | Tunnel ID | Session ID |
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* | Ns (opt) | Nr (opt) |
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* | Offset Size (opt) | Offset pad... (opt)
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
*
|
|
|
|
* Data frames are marked by T=0. All other fields are the same as
|
|
|
|
* those in L2TP control frames.
|
|
|
|
*
|
|
|
|
* L2TPv3 Data Message Header
|
|
|
|
*
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* | L2TP Session Header |
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* | L2-Specific Sublayer |
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* | Tunnel Payload ...
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
*
|
|
|
|
* L2TPv3 Session Header Over IP
|
|
|
|
*
|
|
|
|
* 0 1 2 3
|
|
|
|
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* | Session ID |
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* | Cookie (optional, maximum 64 bits)...
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* |
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
*
|
|
|
|
* L2TPv3 L2-Specific Sublayer Format
|
|
|
|
*
|
|
|
|
* 0 1 2 3
|
|
|
|
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
* |x|S|x|x|x|x|x|x| Sequence Number |
|
|
|
|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
*
|
|
|
|
* Cookie value, sublayer format and offset (pad) are negotiated with
|
|
|
|
* the peer when the session is set up. Unlike L2TPv2, we do not need
|
|
|
|
* to parse the packet header to determine if optional fields are
|
|
|
|
* present.
|
|
|
|
*
|
|
|
|
* Caller must already have parsed the frame and determined that it is
|
|
|
|
* a data (not control) frame before coming here. Fields up to the
|
|
|
|
* session-id have already been parsed and ptr points to the data
|
|
|
|
* after the session-id.
|
2010-04-02 13:18:33 +07:00
|
|
|
*/
|
2010-04-02 13:18:49 +07:00
|
|
|
void l2tp_recv_common(struct l2tp_session *session, struct sk_buff *skb,
|
|
|
|
unsigned char *ptr, unsigned char *optr, u16 hdrflags,
|
|
|
|
int length, int (*payload_hook)(struct sk_buff *skb))
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
2010-04-02 13:18:49 +07:00
|
|
|
struct l2tp_tunnel *tunnel = session->tunnel;
|
2010-04-02 13:18:33 +07:00
|
|
|
int offset;
|
2010-04-02 13:18:49 +07:00
|
|
|
u32 ns, nr;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Parse and check optional cookie */
|
|
|
|
if (session->peer_cookie_len > 0) {
|
|
|
|
if (memcmp(ptr, &session->peer_cookie[0], session->peer_cookie_len)) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(tunnel, L2TP_MSG_DATA,
|
|
|
|
"%s: cookie mismatch (%u/%u). Discarding.\n",
|
|
|
|
tunnel->name, tunnel->tunnel_id,
|
|
|
|
session->session_id);
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&session->stats.rx_cookie_discards);
|
2010-04-02 13:18:49 +07:00
|
|
|
goto discard;
|
|
|
|
}
|
|
|
|
ptr += session->peer_cookie_len;
|
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
/* Handle the optional sequence numbers. Sequence numbers are
|
|
|
|
* in different places for L2TPv2 and L2TPv3.
|
|
|
|
*
|
|
|
|
* If we are the LAC, enable/disable sequence numbers under
|
|
|
|
* the control of the LNS. If no sequence numbers present but
|
|
|
|
* we were expecting them, discard frame.
|
|
|
|
*/
|
|
|
|
ns = nr = 0;
|
|
|
|
L2TP_SKB_CB(skb)->has_seq = 0;
|
2010-04-02 13:18:49 +07:00
|
|
|
if (tunnel->version == L2TP_HDR_VER_2) {
|
|
|
|
if (hdrflags & L2TP_HDRFLAG_S) {
|
|
|
|
ns = ntohs(*(__be16 *) ptr);
|
|
|
|
ptr += 2;
|
|
|
|
nr = ntohs(*(__be16 *) ptr);
|
|
|
|
ptr += 2;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Store L2TP info in the skb */
|
|
|
|
L2TP_SKB_CB(skb)->ns = ns;
|
|
|
|
L2TP_SKB_CB(skb)->has_seq = 1;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: recv data ns=%u, nr=%u, session nr=%u\n",
|
|
|
|
session->name, ns, nr, session->nr);
|
2010-04-02 13:18:49 +07:00
|
|
|
}
|
|
|
|
} else if (session->l2specific_type == L2TP_L2SPECTYPE_DEFAULT) {
|
|
|
|
u32 l2h = ntohl(*(__be32 *) ptr);
|
|
|
|
|
|
|
|
if (l2h & 0x40000000) {
|
|
|
|
ns = l2h & 0x00ffffff;
|
|
|
|
|
|
|
|
/* Store L2TP info in the skb */
|
|
|
|
L2TP_SKB_CB(skb)->ns = ns;
|
|
|
|
L2TP_SKB_CB(skb)->has_seq = 1;
|
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: recv data ns=%u, session nr=%u\n",
|
|
|
|
session->name, ns, session->nr);
|
2010-04-02 13:18:49 +07:00
|
|
|
}
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Advance past L2-specific header, if present */
|
|
|
|
ptr += session->l2specific_len;
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
if (L2TP_SKB_CB(skb)->has_seq) {
|
|
|
|
/* Received a packet with sequence numbers. If we're the LNS,
|
|
|
|
* check if we sre sending sequence numbers and if not,
|
|
|
|
* configure it so.
|
|
|
|
*/
|
|
|
|
if ((!session->lns_mode) && (!session->send_seq)) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: requested to enable seq numbers by LNS\n",
|
|
|
|
session->name);
|
2016-11-08 03:39:28 +07:00
|
|
|
session->send_seq = 1;
|
2010-04-02 13:18:49 +07:00
|
|
|
l2tp_session_set_header_len(session, tunnel->version);
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
/* No sequence numbers.
|
|
|
|
* If user has configured mandatory sequence numbers, discard.
|
|
|
|
*/
|
|
|
|
if (session->recv_seq) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_warn(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: recv data has no seq numbers when required. Discarding.\n",
|
|
|
|
session->name);
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&session->stats.rx_seq_discards);
|
2010-04-02 13:18:33 +07:00
|
|
|
goto discard;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If we're the LAC and we're sending sequence numbers, the
|
|
|
|
* LNS has requested that we no longer send sequence numbers.
|
|
|
|
* If we're the LNS and we're sending sequence numbers, the
|
|
|
|
* LAC is broken. Discard the frame.
|
|
|
|
*/
|
|
|
|
if ((!session->lns_mode) && (session->send_seq)) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: requested to disable seq numbers by LNS\n",
|
|
|
|
session->name);
|
2010-04-02 13:18:33 +07:00
|
|
|
session->send_seq = 0;
|
2010-04-02 13:18:49 +07:00
|
|
|
l2tp_session_set_header_len(session, tunnel->version);
|
2010-04-02 13:18:33 +07:00
|
|
|
} else if (session->send_seq) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_warn(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: recv data has no seq numbers when required. Discarding.\n",
|
|
|
|
session->name);
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&session->stats.rx_seq_discards);
|
2010-04-02 13:18:33 +07:00
|
|
|
goto discard;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Session data offset is handled differently for L2TPv2 and
|
|
|
|
* L2TPv3. For L2TPv2, there is an optional 16-bit value in
|
|
|
|
* the header. For L2TPv3, the offset is negotiated using AVPs
|
|
|
|
* in the session setup control protocol.
|
|
|
|
*/
|
|
|
|
if (tunnel->version == L2TP_HDR_VER_2) {
|
|
|
|
/* If offset bit set, skip it. */
|
|
|
|
if (hdrflags & L2TP_HDRFLAG_O) {
|
|
|
|
offset = ntohs(*(__be16 *)ptr);
|
|
|
|
ptr += 2 + offset;
|
|
|
|
}
|
|
|
|
} else
|
|
|
|
ptr += session->offset;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
offset = ptr - optr;
|
|
|
|
if (!pskb_may_pull(skb, offset))
|
|
|
|
goto discard;
|
|
|
|
|
|
|
|
__skb_pull(skb, offset);
|
|
|
|
|
|
|
|
/* If caller wants to process the payload before we queue the
|
|
|
|
* packet, do so now.
|
|
|
|
*/
|
|
|
|
if (payload_hook)
|
|
|
|
if ((*payload_hook)(skb))
|
|
|
|
goto discard;
|
|
|
|
|
|
|
|
/* Prepare skb for adding to the session's reorder_q. Hold
|
|
|
|
* packets for max reorder_timeout or 1 second if not
|
|
|
|
* reordering.
|
|
|
|
*/
|
|
|
|
L2TP_SKB_CB(skb)->length = length;
|
|
|
|
L2TP_SKB_CB(skb)->expires = jiffies +
|
|
|
|
(session->reorder_timeout ? session->reorder_timeout : HZ);
|
|
|
|
|
|
|
|
/* Add packet to the session's receive queue. Reordering is done here, if
|
|
|
|
* enabled. Saved L2TP protocol info is stored in skb->sb[].
|
|
|
|
*/
|
|
|
|
if (L2TP_SKB_CB(skb)->has_seq) {
|
2013-07-03 02:28:58 +07:00
|
|
|
if (l2tp_recv_data_seq(session, skb))
|
|
|
|
goto discard;
|
2010-04-02 13:18:33 +07:00
|
|
|
} else {
|
|
|
|
/* No sequence numbers. Add the skb to the tail of the
|
|
|
|
* reorder queue. This ensures that it will be
|
|
|
|
* delivered after all previous sequenced skbs.
|
|
|
|
*/
|
|
|
|
skb_queue_tail(&session->reorder_q, skb);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Try to dequeue as many skbs from reorder_q as we can. */
|
|
|
|
l2tp_recv_dequeue(session);
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
return;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
discard:
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&session->stats.rx_errors);
|
2010-04-02 13:18:33 +07:00
|
|
|
kfree_skb(skb);
|
2010-04-02 13:18:49 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(l2tp_recv_common);
|
|
|
|
|
2013-03-19 13:11:19 +07:00
|
|
|
/* Drop skbs from the session's reorder_q
|
|
|
|
*/
|
|
|
|
int l2tp_session_queue_purge(struct l2tp_session *session)
|
|
|
|
{
|
|
|
|
struct sk_buff *skb = NULL;
|
|
|
|
BUG_ON(!session);
|
|
|
|
BUG_ON(session->magic != L2TP_SESSION_MAGIC);
|
|
|
|
while ((skb = skb_dequeue(&session->reorder_q))) {
|
|
|
|
atomic_long_inc(&session->stats.rx_errors);
|
|
|
|
kfree_skb(skb);
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_queue_purge);
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Internal UDP receive frame. Do the real work of receiving an L2TP data frame
|
|
|
|
* here. The skb is not on a list when we get here.
|
|
|
|
* Returns 0 if the packet was a data packet and was successfully passed on.
|
|
|
|
* Returns 1 if the packet was not a good data packet and could not be
|
|
|
|
* forwarded. All such packets are passed up to userspace to deal with.
|
|
|
|
*/
|
2010-10-21 14:50:46 +07:00
|
|
|
static int l2tp_udp_recv_core(struct l2tp_tunnel *tunnel, struct sk_buff *skb,
|
|
|
|
int (*payload_hook)(struct sk_buff *skb))
|
2010-04-02 13:18:49 +07:00
|
|
|
{
|
|
|
|
struct l2tp_session *session = NULL;
|
|
|
|
unsigned char *ptr, *optr;
|
|
|
|
u16 hdrflags;
|
|
|
|
u32 tunnel_id, session_id;
|
|
|
|
u16 version;
|
|
|
|
int length;
|
|
|
|
|
2014-05-08 06:52:48 +07:00
|
|
|
/* UDP has verifed checksum */
|
2010-04-02 13:18:49 +07:00
|
|
|
|
|
|
|
/* UDP always verifies the packet length. */
|
|
|
|
__skb_pull(skb, sizeof(struct udphdr));
|
|
|
|
|
|
|
|
/* Short packet? */
|
|
|
|
if (!pskb_may_pull(skb, L2TP_HDR_SIZE_SEQ)) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(tunnel, L2TP_MSG_DATA,
|
|
|
|
"%s: recv short packet (len=%d)\n",
|
|
|
|
tunnel->name, skb->len);
|
2010-04-02 13:18:49 +07:00
|
|
|
goto error;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Trace packet contents, if enabled */
|
|
|
|
if (tunnel->debug & L2TP_MSG_DATA) {
|
|
|
|
length = min(32u, skb->len);
|
|
|
|
if (!pskb_may_pull(skb, length))
|
|
|
|
goto error;
|
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
pr_debug("%s: recv\n", tunnel->name);
|
|
|
|
print_hex_dump_bytes("", DUMP_PREFIX_OFFSET, skb->data, length);
|
2010-04-02 13:18:49 +07:00
|
|
|
}
|
|
|
|
|
2011-11-09 01:59:44 +07:00
|
|
|
/* Point to L2TP header */
|
|
|
|
optr = ptr = skb->data;
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Get L2TP header flags */
|
|
|
|
hdrflags = ntohs(*(__be16 *) ptr);
|
|
|
|
|
|
|
|
/* Check protocol version */
|
|
|
|
version = hdrflags & L2TP_HDR_VER_MASK;
|
|
|
|
if (version != tunnel->version) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(tunnel, L2TP_MSG_DATA,
|
|
|
|
"%s: recv protocol version mismatch: got %d expected %d\n",
|
|
|
|
tunnel->name, version, tunnel->version);
|
2010-04-02 13:18:49 +07:00
|
|
|
goto error;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Get length of L2TP packet */
|
|
|
|
length = skb->len;
|
|
|
|
|
|
|
|
/* If type is control packet, it is handled by userspace. */
|
|
|
|
if (hdrflags & L2TP_HDRFLAG_T) {
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(tunnel, L2TP_MSG_DATA,
|
|
|
|
"%s: recv control packet, len=%d\n",
|
|
|
|
tunnel->name, length);
|
2010-04-02 13:18:49 +07:00
|
|
|
goto error;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Skip flags */
|
|
|
|
ptr += 2;
|
|
|
|
|
|
|
|
if (tunnel->version == L2TP_HDR_VER_2) {
|
|
|
|
/* If length is present, skip it */
|
|
|
|
if (hdrflags & L2TP_HDRFLAG_L)
|
|
|
|
ptr += 2;
|
|
|
|
|
|
|
|
/* Extract tunnel and session ID */
|
|
|
|
tunnel_id = ntohs(*(__be16 *) ptr);
|
|
|
|
ptr += 2;
|
|
|
|
session_id = ntohs(*(__be16 *) ptr);
|
|
|
|
ptr += 2;
|
|
|
|
} else {
|
|
|
|
ptr += 2; /* skip reserved bits */
|
|
|
|
tunnel_id = tunnel->tunnel_id;
|
|
|
|
session_id = ntohl(*(__be32 *) ptr);
|
|
|
|
ptr += 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Find the session context */
|
2017-10-31 23:36:42 +07:00
|
|
|
session = l2tp_session_get(tunnel->l2tp_net, tunnel, session_id);
|
2010-04-02 13:19:10 +07:00
|
|
|
if (!session || !session->recv_skb) {
|
2017-10-31 23:36:42 +07:00
|
|
|
if (session)
|
2017-03-31 18:02:25 +07:00
|
|
|
l2tp_session_dec_refcount(session);
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* Not found? Pass to userspace to deal with */
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(tunnel, L2TP_MSG_DATA,
|
|
|
|
"%s: no session found (%u/%u). Passing up.\n",
|
|
|
|
tunnel->name, tunnel_id, session_id);
|
2010-04-02 13:18:49 +07:00
|
|
|
goto error;
|
|
|
|
}
|
|
|
|
|
|
|
|
l2tp_recv_common(session, skb, ptr, optr, hdrflags, length, payload_hook);
|
2017-03-31 18:02:25 +07:00
|
|
|
l2tp_session_dec_refcount(session);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
error:
|
|
|
|
/* Put UDP header back */
|
|
|
|
__skb_push(skb, sizeof(struct udphdr));
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* UDP encapsulation receive handler. See net/ipv4/udp.c.
|
|
|
|
* Return codes:
|
|
|
|
* 0 : success.
|
|
|
|
* <0: error
|
|
|
|
* >0: skb should be passed up to userspace as UDP.
|
|
|
|
*/
|
|
|
|
int l2tp_udp_encap_recv(struct sock *sk, struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel;
|
|
|
|
|
|
|
|
tunnel = l2tp_sock_to_tunnel(sk);
|
|
|
|
if (tunnel == NULL)
|
|
|
|
goto pass_up;
|
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(tunnel, L2TP_MSG_DATA, "%s: received %d bytes\n",
|
|
|
|
tunnel->name, skb->len);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
if (l2tp_udp_recv_core(tunnel, skb, tunnel->recv_payload_hook))
|
|
|
|
goto pass_up_put;
|
|
|
|
|
|
|
|
sock_put(sk);
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
pass_up_put:
|
|
|
|
sock_put(sk);
|
|
|
|
pass_up:
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_udp_encap_recv);
|
|
|
|
|
|
|
|
/************************************************************************
|
|
|
|
* Transmit handling
|
|
|
|
***********************************************************************/
|
|
|
|
|
|
|
|
/* Build an L2TP header for the session into the buffer provided.
|
|
|
|
*/
|
2010-04-02 13:18:49 +07:00
|
|
|
static int l2tp_build_l2tpv2_header(struct l2tp_session *session, void *buf)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
2010-04-02 13:18:49 +07:00
|
|
|
struct l2tp_tunnel *tunnel = session->tunnel;
|
2010-04-02 13:18:33 +07:00
|
|
|
__be16 *bufp = buf;
|
2010-04-02 13:18:49 +07:00
|
|
|
__be16 *optr = buf;
|
2010-04-02 13:18:33 +07:00
|
|
|
u16 flags = L2TP_HDR_VER_2;
|
|
|
|
u32 tunnel_id = tunnel->peer_tunnel_id;
|
|
|
|
u32 session_id = session->peer_session_id;
|
|
|
|
|
|
|
|
if (session->send_seq)
|
|
|
|
flags |= L2TP_HDRFLAG_S;
|
|
|
|
|
|
|
|
/* Setup L2TP header. */
|
|
|
|
*bufp++ = htons(flags);
|
|
|
|
*bufp++ = htons(tunnel_id);
|
|
|
|
*bufp++ = htons(session_id);
|
|
|
|
if (session->send_seq) {
|
|
|
|
*bufp++ = htons(session->ns);
|
|
|
|
*bufp++ = 0;
|
|
|
|
session->ns++;
|
2010-04-02 13:18:49 +07:00
|
|
|
session->ns &= 0xffff;
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ, "%s: updated ns to %u\n",
|
|
|
|
session->name, session->ns);
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
2010-04-02 13:18:49 +07:00
|
|
|
|
|
|
|
return bufp - optr;
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
static int l2tp_build_l2tpv3_header(struct l2tp_session *session, void *buf)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
2010-04-02 13:19:00 +07:00
|
|
|
struct l2tp_tunnel *tunnel = session->tunnel;
|
2010-04-02 13:18:49 +07:00
|
|
|
char *bufp = buf;
|
|
|
|
char *optr = bufp;
|
|
|
|
|
2010-04-02 13:19:00 +07:00
|
|
|
/* Setup L2TP header. The header differs slightly for UDP and
|
|
|
|
* IP encapsulations. For UDP, there is 4 bytes of flags.
|
|
|
|
*/
|
|
|
|
if (tunnel->encap == L2TP_ENCAPTYPE_UDP) {
|
|
|
|
u16 flags = L2TP_HDR_VER_3;
|
|
|
|
*((__be16 *) bufp) = htons(flags);
|
|
|
|
bufp += 2;
|
|
|
|
*((__be16 *) bufp) = 0;
|
|
|
|
bufp += 2;
|
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
*((__be32 *) bufp) = htonl(session->peer_session_id);
|
|
|
|
bufp += 4;
|
|
|
|
if (session->cookie_len) {
|
|
|
|
memcpy(bufp, &session->cookie[0], session->cookie_len);
|
|
|
|
bufp += session->cookie_len;
|
|
|
|
}
|
|
|
|
if (session->l2specific_len) {
|
|
|
|
if (session->l2specific_type == L2TP_L2SPECTYPE_DEFAULT) {
|
|
|
|
u32 l2h = 0;
|
|
|
|
if (session->send_seq) {
|
|
|
|
l2h = 0x40000000 | session->ns;
|
|
|
|
session->ns++;
|
|
|
|
session->ns &= 0xffffff;
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_SEQ,
|
|
|
|
"%s: updated ns to %u\n",
|
|
|
|
session->name, session->ns);
|
2010-04-02 13:18:49 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
*((__be32 *) bufp) = htonl(l2h);
|
|
|
|
}
|
|
|
|
bufp += session->l2specific_len;
|
|
|
|
}
|
|
|
|
if (session->offset)
|
|
|
|
bufp += session->offset;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
return bufp - optr;
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
2010-10-21 14:50:46 +07:00
|
|
|
static int l2tp_xmit_core(struct l2tp_session *session, struct sk_buff *skb,
|
2011-05-07 12:23:20 +07:00
|
|
|
struct flowi *fl, size_t data_len)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel = session->tunnel;
|
|
|
|
unsigned int len = skb->len;
|
|
|
|
int error;
|
|
|
|
|
|
|
|
/* Debug */
|
|
|
|
if (session->send_seq)
|
2017-02-28 05:30:02 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_DATA, "%s: send %zd bytes, ns=%u\n",
|
2012-05-16 16:55:56 +07:00
|
|
|
session->name, data_len, session->ns - 1);
|
2010-04-02 13:18:33 +07:00
|
|
|
else
|
2017-02-28 05:30:02 +07:00
|
|
|
l2tp_dbg(session, L2TP_MSG_DATA, "%s: send %zd bytes\n",
|
2012-05-16 16:55:56 +07:00
|
|
|
session->name, data_len);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
if (session->debug & L2TP_MSG_DATA) {
|
2010-04-02 13:19:00 +07:00
|
|
|
int uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0;
|
|
|
|
unsigned char *datap = skb->data + uhlen;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
pr_debug("%s: xmit\n", session->name);
|
|
|
|
print_hex_dump_bytes("", DUMP_PREFIX_OFFSET,
|
|
|
|
datap, min_t(size_t, 32, len - uhlen));
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Queue the packet to IP for output */
|
2014-05-05 06:39:18 +07:00
|
|
|
skb->ignore_df = 1;
|
2012-04-27 15:24:18 +07:00
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
2014-03-08 05:57:43 +07:00
|
|
|
if (tunnel->sock->sk_family == PF_INET6 && !tunnel->v4mapped)
|
2014-04-15 23:58:34 +07:00
|
|
|
error = inet6_csk_xmit(tunnel->sock, skb, NULL);
|
2012-04-27 15:24:18 +07:00
|
|
|
else
|
|
|
|
#endif
|
2014-04-15 23:58:34 +07:00
|
|
|
error = ip_queue_xmit(tunnel->sock, skb, fl);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* Update stats */
|
|
|
|
if (error >= 0) {
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&tunnel->stats.tx_packets);
|
|
|
|
atomic_long_add(len, &tunnel->stats.tx_bytes);
|
|
|
|
atomic_long_inc(&session->stats.tx_packets);
|
|
|
|
atomic_long_add(len, &session->stats.tx_bytes);
|
2010-04-02 13:18:33 +07:00
|
|
|
} else {
|
2013-03-19 13:11:22 +07:00
|
|
|
atomic_long_inc(&tunnel->stats.tx_errors);
|
|
|
|
atomic_long_inc(&session->stats.tx_errors);
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If caller requires the skb to have a ppp header, the header must be
|
|
|
|
* inserted in the skb data before calling this function.
|
|
|
|
*/
|
|
|
|
int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len)
|
|
|
|
{
|
|
|
|
int data_len = skb->len;
|
2010-04-02 13:19:00 +07:00
|
|
|
struct l2tp_tunnel *tunnel = session->tunnel;
|
|
|
|
struct sock *sk = tunnel->sock;
|
2011-05-07 12:23:20 +07:00
|
|
|
struct flowi *fl;
|
2010-04-02 13:18:33 +07:00
|
|
|
struct udphdr *uh;
|
|
|
|
struct inet_sock *inet;
|
|
|
|
int headroom;
|
2010-04-02 13:19:00 +07:00
|
|
|
int uhlen = (tunnel->encap == L2TP_ENCAPTYPE_UDP) ? sizeof(struct udphdr) : 0;
|
|
|
|
int udp_len;
|
2012-06-29 03:15:13 +07:00
|
|
|
int ret = NET_XMIT_SUCCESS;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* Check that there's enough headroom in the skb to insert IP,
|
|
|
|
* UDP and L2TP headers. If not enough, expand it to
|
|
|
|
* make room. Adjust truesize.
|
|
|
|
*/
|
|
|
|
headroom = NET_SKB_PAD + sizeof(struct iphdr) +
|
2010-04-02 13:19:00 +07:00
|
|
|
uhlen + hdr_len;
|
2011-10-07 12:35:46 +07:00
|
|
|
if (skb_cow_head(skb, headroom)) {
|
2012-06-29 03:15:13 +07:00
|
|
|
kfree_skb(skb);
|
|
|
|
return NET_XMIT_DROP;
|
2011-10-07 12:35:46 +07:00
|
|
|
}
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* Setup L2TP header */
|
2010-04-02 13:18:49 +07:00
|
|
|
session->build_header(session, __skb_push(skb, hdr_len));
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2010-04-02 13:19:00 +07:00
|
|
|
/* Reset skb netfilter state */
|
2010-04-02 13:18:33 +07:00
|
|
|
memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
|
|
|
|
IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
|
|
|
|
IPSKB_REROUTED);
|
|
|
|
nf_reset(skb);
|
|
|
|
|
2011-05-09 03:45:20 +07:00
|
|
|
bh_lock_sock(sk);
|
|
|
|
if (sock_owned_by_user(sk)) {
|
2012-06-29 03:15:13 +07:00
|
|
|
kfree_skb(skb);
|
|
|
|
ret = NET_XMIT_DROP;
|
2011-05-09 03:45:20 +07:00
|
|
|
goto out_unlock;
|
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
/* Get routing info from the tunnel socket */
|
|
|
|
skb_dst_drop(skb);
|
2011-11-25 13:47:16 +07:00
|
|
|
skb_dst_set(skb, dst_clone(__sk_dst_check(sk, 0)));
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2011-05-07 12:23:20 +07:00
|
|
|
inet = inet_sk(sk);
|
|
|
|
fl = &inet->cork.fl;
|
2010-04-02 13:19:00 +07:00
|
|
|
switch (tunnel->encap) {
|
|
|
|
case L2TP_ENCAPTYPE_UDP:
|
|
|
|
/* Setup UDP header */
|
|
|
|
__skb_push(skb, sizeof(*uh));
|
|
|
|
skb_reset_transport_header(skb);
|
|
|
|
uh = udp_hdr(skb);
|
|
|
|
uh->source = inet->inet_sport;
|
|
|
|
uh->dest = inet->inet_dport;
|
|
|
|
udp_len = uhlen + hdr_len + data_len;
|
|
|
|
uh->len = htons(udp_len);
|
|
|
|
|
|
|
|
/* Calculate UDP checksum if configured to do so */
|
2012-04-27 15:24:18 +07:00
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
2013-10-02 15:16:02 +07:00
|
|
|
if (sk->sk_family == PF_INET6 && !tunnel->v4mapped)
|
2014-06-05 07:19:56 +07:00
|
|
|
udp6_set_csum(udp_get_no_check6_tx(sk),
|
|
|
|
skb, &inet6_sk(sk)->saddr,
|
|
|
|
&sk->sk_v6_daddr, udp_len);
|
2012-04-27 15:24:18 +07:00
|
|
|
else
|
|
|
|
#endif
|
2014-06-05 07:19:56 +07:00
|
|
|
udp_set_csum(sk->sk_no_check_tx, skb, inet->inet_saddr,
|
|
|
|
inet->inet_daddr, udp_len);
|
2010-04-02 13:19:00 +07:00
|
|
|
break;
|
|
|
|
|
|
|
|
case L2TP_ENCAPTYPE_IP:
|
|
|
|
break;
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
2011-05-07 12:23:20 +07:00
|
|
|
l2tp_xmit_core(session, skb, fl, data_len);
|
2011-05-09 03:45:20 +07:00
|
|
|
out_unlock:
|
|
|
|
bh_unlock_sock(sk);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2012-06-29 03:15:13 +07:00
|
|
|
return ret;
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_xmit_skb);
|
|
|
|
|
|
|
|
/*****************************************************************************
|
|
|
|
* Tinnel and session create/destroy.
|
|
|
|
*****************************************************************************/
|
|
|
|
|
|
|
|
/* Tunnel socket destruct hook.
|
|
|
|
* The tunnel context is deleted only when all session sockets have been
|
|
|
|
* closed.
|
|
|
|
*/
|
2010-10-21 14:50:46 +07:00
|
|
|
static void l2tp_tunnel_destruct(struct sock *sk)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
2013-10-09 02:44:26 +07:00
|
|
|
struct l2tp_tunnel *tunnel = l2tp_tunnel(sk);
|
2013-02-01 06:43:00 +07:00
|
|
|
struct l2tp_net *pn;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
if (tunnel == NULL)
|
|
|
|
goto end;
|
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: closing...\n", tunnel->name);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
|
2013-02-01 06:43:00 +07:00
|
|
|
/* Disable udp encapsulation */
|
2010-04-02 13:19:00 +07:00
|
|
|
switch (tunnel->encap) {
|
|
|
|
case L2TP_ENCAPTYPE_UDP:
|
|
|
|
/* No longer an encapsulation socket. See net/ipv4/udp.c */
|
|
|
|
(udp_sk(sk))->encap_type = 0;
|
|
|
|
(udp_sk(sk))->encap_rcv = NULL;
|
2013-03-19 13:11:13 +07:00
|
|
|
(udp_sk(sk))->encap_destroy = NULL;
|
2010-04-02 13:19:00 +07:00
|
|
|
break;
|
|
|
|
case L2TP_ENCAPTYPE_IP:
|
|
|
|
break;
|
|
|
|
}
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* Remove hooks into tunnel socket */
|
|
|
|
sk->sk_destruct = tunnel->old_sk_destruct;
|
|
|
|
sk->sk_user_data = NULL;
|
|
|
|
|
2013-02-01 06:43:00 +07:00
|
|
|
/* Remove the tunnel struct from the tunnel list */
|
|
|
|
pn = l2tp_pernet(tunnel->l2tp_net);
|
|
|
|
spin_lock_bh(&pn->l2tp_tunnel_list_lock);
|
|
|
|
list_del_rcu(&tunnel->list);
|
|
|
|
spin_unlock_bh(&pn->l2tp_tunnel_list_lock);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2017-09-01 22:58:48 +07:00
|
|
|
tunnel->sock = NULL;
|
2010-04-02 13:18:33 +07:00
|
|
|
l2tp_tunnel_dec_refcount(tunnel);
|
|
|
|
|
2013-02-01 06:43:00 +07:00
|
|
|
/* Call the original destructor */
|
|
|
|
if (sk->sk_destruct)
|
|
|
|
(*sk->sk_destruct)(sk);
|
2010-04-02 13:18:33 +07:00
|
|
|
end:
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* When the tunnel is closed, all the attached sessions need to go too.
|
|
|
|
*/
|
2013-03-19 13:11:14 +07:00
|
|
|
void l2tp_tunnel_closeall(struct l2tp_tunnel *tunnel)
|
2010-04-02 13:18:33 +07:00
|
|
|
{
|
|
|
|
int hash;
|
|
|
|
struct hlist_node *walk;
|
|
|
|
struct hlist_node *tmp;
|
|
|
|
struct l2tp_session *session;
|
|
|
|
|
|
|
|
BUG_ON(tunnel == NULL);
|
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: closing all sessions...\n",
|
|
|
|
tunnel->name);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
write_lock_bh(&tunnel->hlist_lock);
|
2017-09-01 22:58:48 +07:00
|
|
|
tunnel->acpt_newsess = false;
|
2010-04-02 13:18:33 +07:00
|
|
|
for (hash = 0; hash < L2TP_HASH_SIZE; hash++) {
|
|
|
|
again:
|
|
|
|
hlist_for_each_safe(walk, tmp, &tunnel->session_hlist[hash]) {
|
|
|
|
session = hlist_entry(walk, struct l2tp_session, hlist);
|
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
l2tp_info(session, L2TP_MSG_CONTROL,
|
|
|
|
"%s: closing session\n", session->name);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
hlist_del_init(&session->hlist);
|
|
|
|
|
l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()
There are several ways to remove L2TP sessions:
* deleting a session explicitly using the netlink interface (with
L2TP_CMD_SESSION_DELETE),
* deleting the session's parent tunnel (either by closing the
tunnel's file descriptor or using the netlink interface),
* closing the PPPOL2TP file descriptor of a PPP pseudo-wire.
In some cases, when these methods are used concurrently on the same
session, the session can be removed twice, leading to use-after-free
bugs.
This patch adds a 'dead' flag, used by l2tp_session_delete() and
l2tp_tunnel_closeall() to prevent them from stepping on each other's
toes.
The session deletion path used when closing a PPPOL2TP file descriptor
doesn't need to be adapted. It already has to ensure that a session
remains valid for the lifetime of its PPPOL2TP file descriptor.
So it takes an extra reference on the session in the ->session_close()
callback (pppol2tp_session_close()), which is eventually dropped
in the ->sk_destruct() callback of the PPPOL2TP socket
(pppol2tp_session_destruct()).
Still, __l2tp_session_unhash() and l2tp_session_queue_purge() can be
called twice and even concurrently for a given session, but thanks to
proper locking and re-initialisation of list fields, this is not an
issue.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-22 20:39:24 +07:00
|
|
|
if (test_and_set_bit(0, &session->dead))
|
|
|
|
goto again;
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
write_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
|
2013-03-19 13:11:23 +07:00
|
|
|
__l2tp_session_unhash(session);
|
2013-03-19 13:11:20 +07:00
|
|
|
l2tp_session_queue_purge(session);
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
if (session->session_close != NULL)
|
|
|
|
(*session->session_close)(session);
|
|
|
|
|
2013-03-19 13:11:13 +07:00
|
|
|
l2tp_session_dec_refcount(session);
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
write_lock_bh(&tunnel->hlist_lock);
|
|
|
|
|
|
|
|
/* Now restart from the beginning of this hash
|
|
|
|
* chain. We always remove a session from the
|
|
|
|
* list so we are guaranteed to make forward
|
|
|
|
* progress.
|
|
|
|
*/
|
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
write_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
}
|
2013-03-19 13:11:14 +07:00
|
|
|
EXPORT_SYMBOL_GPL(l2tp_tunnel_closeall);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2013-03-19 13:11:13 +07:00
|
|
|
/* Tunnel socket destroy hook for UDP encapsulation */
|
|
|
|
static void l2tp_udp_encap_destroy(struct sock *sk)
|
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel = l2tp_sock_to_tunnel(sk);
|
|
|
|
if (tunnel) {
|
|
|
|
l2tp_tunnel_closeall(tunnel);
|
|
|
|
sock_put(sk);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-02-01 06:43:00 +07:00
|
|
|
/* Workqueue tunnel deletion function */
|
|
|
|
static void l2tp_tunnel_del_work(struct work_struct *work)
|
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel = NULL;
|
|
|
|
struct socket *sock = NULL;
|
|
|
|
struct sock *sk = NULL;
|
|
|
|
|
|
|
|
tunnel = container_of(work, struct l2tp_tunnel, del_work);
|
2017-02-22 08:59:49 +07:00
|
|
|
|
|
|
|
l2tp_tunnel_closeall(tunnel);
|
|
|
|
|
2013-02-01 06:43:00 +07:00
|
|
|
sk = l2tp_tunnel_sock_lookup(tunnel);
|
|
|
|
if (!sk)
|
2015-09-28 16:32:42 +07:00
|
|
|
goto out;
|
2013-02-01 06:43:00 +07:00
|
|
|
|
|
|
|
sock = sk->sk_socket;
|
|
|
|
|
2013-03-19 13:11:18 +07:00
|
|
|
/* If the tunnel socket was created by userspace, then go through the
|
|
|
|
* inet layer to shut the socket down, and let userspace close it.
|
|
|
|
* Otherwise, if we created the socket directly within the kernel, use
|
|
|
|
* the sk API to release it here.
|
2013-02-01 06:43:03 +07:00
|
|
|
* In either case the tunnel resources are freed in the socket
|
|
|
|
* destructor when the tunnel socket goes away.
|
2013-02-01 06:43:00 +07:00
|
|
|
*/
|
2013-03-19 13:11:18 +07:00
|
|
|
if (tunnel->fd >= 0) {
|
|
|
|
if (sock)
|
|
|
|
inet_shutdown(sock, 2);
|
2013-02-01 06:43:03 +07:00
|
|
|
} else {
|
2015-05-09 09:10:31 +07:00
|
|
|
if (sock) {
|
2013-03-19 13:11:18 +07:00
|
|
|
kernel_sock_shutdown(sock, SHUT_RDWR);
|
2015-05-09 09:10:31 +07:00
|
|
|
sock_release(sock);
|
|
|
|
}
|
2013-02-01 06:43:03 +07:00
|
|
|
}
|
2013-02-01 06:43:00 +07:00
|
|
|
|
|
|
|
l2tp_tunnel_sock_put(sk);
|
2015-09-28 16:32:42 +07:00
|
|
|
out:
|
|
|
|
l2tp_tunnel_dec_refcount(tunnel);
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
2010-04-02 13:19:40 +07:00
|
|
|
/* Create a socket for the tunnel, if one isn't set up by
|
|
|
|
* userspace. This is used for static tunnels where there is no
|
|
|
|
* managing L2TP daemon.
|
2013-02-01 06:43:03 +07:00
|
|
|
*
|
|
|
|
* Since we don't want these sockets to keep a namespace alive by
|
|
|
|
* themselves, we drop the socket's namespace refcount after creation.
|
|
|
|
* These sockets are freed when the namespace exits using the pernet
|
|
|
|
* exit hook.
|
2010-04-02 13:19:40 +07:00
|
|
|
*/
|
2013-02-01 06:43:03 +07:00
|
|
|
static int l2tp_tunnel_sock_create(struct net *net,
|
|
|
|
u32 tunnel_id,
|
|
|
|
u32 peer_tunnel_id,
|
|
|
|
struct l2tp_tunnel_cfg *cfg,
|
|
|
|
struct socket **sockp)
|
2010-04-02 13:19:40 +07:00
|
|
|
{
|
|
|
|
int err = -EINVAL;
|
2013-02-01 06:43:03 +07:00
|
|
|
struct socket *sock = NULL;
|
2014-07-14 09:49:48 +07:00
|
|
|
struct udp_port_cfg udp_conf;
|
2010-04-02 13:19:40 +07:00
|
|
|
|
|
|
|
switch (cfg->encap) {
|
|
|
|
case L2TP_ENCAPTYPE_UDP:
|
2014-07-14 09:49:48 +07:00
|
|
|
memset(&udp_conf, 0, sizeof(udp_conf));
|
|
|
|
|
2012-04-30 04:48:52 +07:00
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
|
|
|
if (cfg->local_ip6 && cfg->peer_ip6) {
|
2014-07-14 09:49:48 +07:00
|
|
|
udp_conf.family = AF_INET6;
|
|
|
|
memcpy(&udp_conf.local_ip6, cfg->local_ip6,
|
|
|
|
sizeof(udp_conf.local_ip6));
|
|
|
|
memcpy(&udp_conf.peer_ip6, cfg->peer_ip6,
|
|
|
|
sizeof(udp_conf.peer_ip6));
|
|
|
|
udp_conf.use_udp6_tx_checksums =
|
2016-04-29 00:29:43 +07:00
|
|
|
! cfg->udp6_zero_tx_checksums;
|
2014-07-14 09:49:48 +07:00
|
|
|
udp_conf.use_udp6_rx_checksums =
|
2016-04-29 00:29:43 +07:00
|
|
|
! cfg->udp6_zero_rx_checksums;
|
2012-04-30 04:48:52 +07:00
|
|
|
} else
|
|
|
|
#endif
|
|
|
|
{
|
2014-07-14 09:49:48 +07:00
|
|
|
udp_conf.family = AF_INET;
|
|
|
|
udp_conf.local_ip = cfg->local_ip;
|
|
|
|
udp_conf.peer_ip = cfg->peer_ip;
|
|
|
|
udp_conf.use_udp_checksums = cfg->use_udp_checksums;
|
2012-04-30 04:48:52 +07:00
|
|
|
}
|
2010-04-02 13:19:40 +07:00
|
|
|
|
2014-07-14 09:49:48 +07:00
|
|
|
udp_conf.local_udp_port = htons(cfg->local_udp_port);
|
|
|
|
udp_conf.peer_udp_port = htons(cfg->peer_udp_port);
|
|
|
|
|
|
|
|
err = udp_sock_create(net, &udp_conf, &sock);
|
|
|
|
if (err < 0)
|
|
|
|
goto out;
|
2010-04-02 13:19:40 +07:00
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
case L2TP_ENCAPTYPE_IP:
|
2012-04-30 04:48:52 +07:00
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
|
|
|
if (cfg->local_ip6 && cfg->peer_ip6) {
|
2014-07-14 09:49:48 +07:00
|
|
|
struct sockaddr_l2tpip6 ip6_addr = {0};
|
|
|
|
|
2015-05-09 09:10:31 +07:00
|
|
|
err = sock_create_kern(net, AF_INET6, SOCK_DGRAM,
|
2013-02-01 06:43:03 +07:00
|
|
|
IPPROTO_L2TP, &sock);
|
2012-04-30 04:48:55 +07:00
|
|
|
if (err < 0)
|
|
|
|
goto out;
|
2010-04-02 13:19:40 +07:00
|
|
|
|
2012-04-30 04:48:55 +07:00
|
|
|
ip6_addr.l2tp_family = AF_INET6;
|
|
|
|
memcpy(&ip6_addr.l2tp_addr, cfg->local_ip6,
|
|
|
|
sizeof(ip6_addr.l2tp_addr));
|
|
|
|
ip6_addr.l2tp_conn_id = tunnel_id;
|
|
|
|
err = kernel_bind(sock, (struct sockaddr *) &ip6_addr,
|
|
|
|
sizeof(ip6_addr));
|
|
|
|
if (err < 0)
|
|
|
|
goto out;
|
2010-04-02 13:19:40 +07:00
|
|
|
|
2012-04-30 04:48:55 +07:00
|
|
|
ip6_addr.l2tp_family = AF_INET6;
|
|
|
|
memcpy(&ip6_addr.l2tp_addr, cfg->peer_ip6,
|
|
|
|
sizeof(ip6_addr.l2tp_addr));
|
|
|
|
ip6_addr.l2tp_conn_id = peer_tunnel_id;
|
|
|
|
err = kernel_connect(sock,
|
|
|
|
(struct sockaddr *) &ip6_addr,
|
|
|
|
sizeof(ip6_addr), 0);
|
|
|
|
if (err < 0)
|
|
|
|
goto out;
|
|
|
|
} else
|
|
|
|
#endif
|
|
|
|
{
|
2014-07-14 09:49:48 +07:00
|
|
|
struct sockaddr_l2tpip ip_addr = {0};
|
|
|
|
|
2015-05-09 09:10:31 +07:00
|
|
|
err = sock_create_kern(net, AF_INET, SOCK_DGRAM,
|
2013-02-01 06:43:03 +07:00
|
|
|
IPPROTO_L2TP, &sock);
|
2012-04-30 04:48:55 +07:00
|
|
|
if (err < 0)
|
|
|
|
goto out;
|
2010-04-02 13:19:40 +07:00
|
|
|
|
2012-04-30 04:48:55 +07:00
|
|
|
ip_addr.l2tp_family = AF_INET;
|
|
|
|
ip_addr.l2tp_addr = cfg->local_ip;
|
|
|
|
ip_addr.l2tp_conn_id = tunnel_id;
|
|
|
|
err = kernel_bind(sock, (struct sockaddr *) &ip_addr,
|
|
|
|
sizeof(ip_addr));
|
|
|
|
if (err < 0)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
ip_addr.l2tp_family = AF_INET;
|
|
|
|
ip_addr.l2tp_addr = cfg->peer_ip;
|
|
|
|
ip_addr.l2tp_conn_id = peer_tunnel_id;
|
|
|
|
err = kernel_connect(sock, (struct sockaddr *) &ip_addr,
|
|
|
|
sizeof(ip_addr), 0);
|
|
|
|
if (err < 0)
|
|
|
|
goto out;
|
|
|
|
}
|
2010-04-02 13:19:40 +07:00
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
2013-02-01 06:43:03 +07:00
|
|
|
*sockp = sock;
|
2010-04-02 13:19:40 +07:00
|
|
|
if ((err < 0) && sock) {
|
2013-02-01 06:43:03 +07:00
|
|
|
kernel_sock_shutdown(sock, SHUT_RDWR);
|
2015-05-09 09:10:31 +07:00
|
|
|
sock_release(sock);
|
2010-04-02 13:19:40 +07:00
|
|
|
*sockp = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
l2tp: fix a lockdep splat
Fixes following lockdep splat :
[ 1614.734896] =============================================
[ 1614.734898] [ INFO: possible recursive locking detected ]
[ 1614.734901] 3.6.0-rc3+ #782 Not tainted
[ 1614.734903] ---------------------------------------------
[ 1614.734905] swapper/11/0 is trying to acquire lock:
[ 1614.734907] (slock-AF_INET){+.-...}, at: [<ffffffffa0209d72>] l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
[ 1614.734920]
[ 1614.734920] but task is already holding lock:
[ 1614.734922] (slock-AF_INET){+.-...}, at: [<ffffffff815fce23>] tcp_v4_err+0x163/0x6b0
[ 1614.734932]
[ 1614.734932] other info that might help us debug this:
[ 1614.734935] Possible unsafe locking scenario:
[ 1614.734935]
[ 1614.734937] CPU0
[ 1614.734938] ----
[ 1614.734940] lock(slock-AF_INET);
[ 1614.734943] lock(slock-AF_INET);
[ 1614.734946]
[ 1614.734946] *** DEADLOCK ***
[ 1614.734946]
[ 1614.734949] May be due to missing lock nesting notation
[ 1614.734949]
[ 1614.734952] 7 locks held by swapper/11/0:
[ 1614.734954] #0: (rcu_read_lock){.+.+..}, at: [<ffffffff81592801>] __netif_receive_skb+0x251/0xd00
[ 1614.734964] #1: (rcu_read_lock){.+.+..}, at: [<ffffffff815d319c>] ip_local_deliver_finish+0x4c/0x4e0
[ 1614.734972] #2: (rcu_read_lock){.+.+..}, at: [<ffffffff8160d116>] icmp_socket_deliver+0x46/0x230
[ 1614.734982] #3: (slock-AF_INET){+.-...}, at: [<ffffffff815fce23>] tcp_v4_err+0x163/0x6b0
[ 1614.734989] #4: (rcu_read_lock){.+.+..}, at: [<ffffffff815da240>] ip_queue_xmit+0x0/0x680
[ 1614.734997] #5: (rcu_read_lock_bh){.+....}, at: [<ffffffff815d9925>] ip_finish_output+0x135/0x890
[ 1614.735004] #6: (rcu_read_lock_bh){.+....}, at: [<ffffffff81595680>] dev_queue_xmit+0x0/0xe00
[ 1614.735012]
[ 1614.735012] stack backtrace:
[ 1614.735016] Pid: 0, comm: swapper/11 Not tainted 3.6.0-rc3+ #782
[ 1614.735018] Call Trace:
[ 1614.735020] <IRQ> [<ffffffff810a50ac>] __lock_acquire+0x144c/0x1b10
[ 1614.735033] [<ffffffff810a334b>] ? check_usage+0x9b/0x4d0
[ 1614.735037] [<ffffffff810a6762>] ? mark_held_locks+0x82/0x130
[ 1614.735042] [<ffffffff810a5df0>] lock_acquire+0x90/0x200
[ 1614.735047] [<ffffffffa0209d72>] ? l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
[ 1614.735051] [<ffffffff810a69ad>] ? trace_hardirqs_on+0xd/0x10
[ 1614.735060] [<ffffffff81749b31>] _raw_spin_lock+0x41/0x50
[ 1614.735065] [<ffffffffa0209d72>] ? l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
[ 1614.735069] [<ffffffffa0209d72>] l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
[ 1614.735075] [<ffffffffa014f7f2>] l2tp_eth_dev_xmit+0x32/0x60 [l2tp_eth]
[ 1614.735079] [<ffffffff81595112>] dev_hard_start_xmit+0x502/0xa70
[ 1614.735083] [<ffffffff81594c6e>] ? dev_hard_start_xmit+0x5e/0xa70
[ 1614.735087] [<ffffffff815957c1>] ? dev_queue_xmit+0x141/0xe00
[ 1614.735093] [<ffffffff815b622e>] sch_direct_xmit+0xfe/0x290
[ 1614.735098] [<ffffffff81595865>] dev_queue_xmit+0x1e5/0xe00
[ 1614.735102] [<ffffffff81595680>] ? dev_hard_start_xmit+0xa70/0xa70
[ 1614.735106] [<ffffffff815b4daa>] ? eth_header+0x3a/0xf0
[ 1614.735111] [<ffffffff8161d33e>] ? fib_get_table+0x2e/0x280
[ 1614.735117] [<ffffffff8160a7e2>] arp_xmit+0x22/0x60
[ 1614.735121] [<ffffffff8160a863>] arp_send+0x43/0x50
[ 1614.735125] [<ffffffff8160b82f>] arp_solicit+0x18f/0x450
[ 1614.735132] [<ffffffff8159d9da>] neigh_probe+0x4a/0x70
[ 1614.735137] [<ffffffff815a191a>] __neigh_event_send+0xea/0x300
[ 1614.735141] [<ffffffff815a1c93>] neigh_resolve_output+0x163/0x260
[ 1614.735146] [<ffffffff815d9cf5>] ip_finish_output+0x505/0x890
[ 1614.735150] [<ffffffff815d9925>] ? ip_finish_output+0x135/0x890
[ 1614.735154] [<ffffffff815dae79>] ip_output+0x59/0xf0
[ 1614.735158] [<ffffffff815da1cd>] ip_local_out+0x2d/0xa0
[ 1614.735162] [<ffffffff815da403>] ip_queue_xmit+0x1c3/0x680
[ 1614.735165] [<ffffffff815da240>] ? ip_local_out+0xa0/0xa0
[ 1614.735172] [<ffffffff815f4402>] tcp_transmit_skb+0x402/0xa60
[ 1614.735177] [<ffffffff815f5a11>] tcp_retransmit_skb+0x1a1/0x620
[ 1614.735181] [<ffffffff815f7e93>] tcp_retransmit_timer+0x393/0x960
[ 1614.735185] [<ffffffff815fce23>] ? tcp_v4_err+0x163/0x6b0
[ 1614.735189] [<ffffffff815fd317>] tcp_v4_err+0x657/0x6b0
[ 1614.735194] [<ffffffff8160d116>] ? icmp_socket_deliver+0x46/0x230
[ 1614.735199] [<ffffffff8160d19e>] icmp_socket_deliver+0xce/0x230
[ 1614.735203] [<ffffffff8160d116>] ? icmp_socket_deliver+0x46/0x230
[ 1614.735208] [<ffffffff8160d464>] icmp_unreach+0xe4/0x2c0
[ 1614.735213] [<ffffffff8160e520>] icmp_rcv+0x350/0x4a0
[ 1614.735217] [<ffffffff815d3285>] ip_local_deliver_finish+0x135/0x4e0
[ 1614.735221] [<ffffffff815d319c>] ? ip_local_deliver_finish+0x4c/0x4e0
[ 1614.735225] [<ffffffff815d3ffa>] ip_local_deliver+0x4a/0x90
[ 1614.735229] [<ffffffff815d37b7>] ip_rcv_finish+0x187/0x730
[ 1614.735233] [<ffffffff815d425d>] ip_rcv+0x21d/0x300
[ 1614.735237] [<ffffffff81592a1b>] __netif_receive_skb+0x46b/0xd00
[ 1614.735241] [<ffffffff81592801>] ? __netif_receive_skb+0x251/0xd00
[ 1614.735245] [<ffffffff81593368>] process_backlog+0xb8/0x180
[ 1614.735249] [<ffffffff81593cf9>] net_rx_action+0x159/0x330
[ 1614.735257] [<ffffffff810491f0>] __do_softirq+0xd0/0x3e0
[ 1614.735264] [<ffffffff8109ed24>] ? tick_program_event+0x24/0x30
[ 1614.735270] [<ffffffff8175419c>] call_softirq+0x1c/0x30
[ 1614.735278] [<ffffffff8100425d>] do_softirq+0x8d/0xc0
[ 1614.735282] [<ffffffff8104983e>] irq_exit+0xae/0xe0
[ 1614.735287] [<ffffffff8175494e>] smp_apic_timer_interrupt+0x6e/0x99
[ 1614.735291] [<ffffffff81753a1c>] apic_timer_interrupt+0x6c/0x80
[ 1614.735293] <EOI> [<ffffffff810a14ad>] ? trace_hardirqs_off+0xd/0x10
[ 1614.735306] [<ffffffff81336f85>] ? intel_idle+0xf5/0x150
[ 1614.735310] [<ffffffff81336f7e>] ? intel_idle+0xee/0x150
[ 1614.735317] [<ffffffff814e6ea9>] cpuidle_enter+0x19/0x20
[ 1614.735321] [<ffffffff814e7538>] cpuidle_idle_call+0xa8/0x630
[ 1614.735327] [<ffffffff8100c1ba>] cpu_idle+0x8a/0xe0
[ 1614.735333] [<ffffffff8173762e>] start_secondary+0x220/0x222
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-04 14:18:57 +07:00
|
|
|
static struct lock_class_key l2tp_socket_class;
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32 peer_tunnel_id, struct l2tp_tunnel_cfg *cfg, struct l2tp_tunnel **tunnelp)
|
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel = NULL;
|
|
|
|
int err;
|
|
|
|
struct socket *sock = NULL;
|
|
|
|
struct sock *sk = NULL;
|
|
|
|
struct l2tp_net *pn;
|
2010-04-02 13:19:00 +07:00
|
|
|
enum l2tp_encap_type encap = L2TP_ENCAPTYPE_UDP;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* Get the tunnel socket from the fd, which was opened by
|
2010-04-02 13:19:40 +07:00
|
|
|
* the userspace L2TP daemon. If not specified, create a
|
|
|
|
* kernel socket.
|
2010-04-02 13:18:33 +07:00
|
|
|
*/
|
2010-04-02 13:19:40 +07:00
|
|
|
if (fd < 0) {
|
2013-02-01 06:43:03 +07:00
|
|
|
err = l2tp_tunnel_sock_create(net, tunnel_id, peer_tunnel_id,
|
|
|
|
cfg, &sock);
|
2010-04-02 13:19:40 +07:00
|
|
|
if (err < 0)
|
|
|
|
goto err;
|
|
|
|
} else {
|
|
|
|
sock = sockfd_lookup(fd, &err);
|
|
|
|
if (!sock) {
|
2013-02-01 06:43:02 +07:00
|
|
|
pr_err("tunl %u: sockfd_lookup(fd=%d) returned %d\n",
|
2010-04-02 13:19:40 +07:00
|
|
|
tunnel_id, fd, err);
|
2013-02-01 06:43:02 +07:00
|
|
|
err = -EBADF;
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Reject namespace mismatches */
|
|
|
|
if (!net_eq(sock_net(sock->sk), net)) {
|
|
|
|
pr_err("tunl %u: netns mismatch\n", tunnel_id);
|
|
|
|
err = -EINVAL;
|
2010-04-02 13:19:40 +07:00
|
|
|
goto err;
|
|
|
|
}
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
sk = sock->sk;
|
|
|
|
|
2010-04-02 13:19:00 +07:00
|
|
|
if (cfg != NULL)
|
|
|
|
encap = cfg->encap;
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
/* Quick sanity checks */
|
2010-04-02 13:19:00 +07:00
|
|
|
switch (encap) {
|
|
|
|
case L2TP_ENCAPTYPE_UDP:
|
|
|
|
err = -EPROTONOSUPPORT;
|
|
|
|
if (sk->sk_protocol != IPPROTO_UDP) {
|
2012-05-16 16:55:56 +07:00
|
|
|
pr_err("tunl %hu: fd %d wrong protocol, got %d, expected %d\n",
|
2010-04-02 13:19:00 +07:00
|
|
|
tunnel_id, fd, sk->sk_protocol, IPPROTO_UDP);
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case L2TP_ENCAPTYPE_IP:
|
|
|
|
err = -EPROTONOSUPPORT;
|
|
|
|
if (sk->sk_protocol != IPPROTO_L2TP) {
|
2012-05-16 16:55:56 +07:00
|
|
|
pr_err("tunl %hu: fd %d wrong protocol, got %d, expected %d\n",
|
2010-04-02 13:19:00 +07:00
|
|
|
tunnel_id, fd, sk->sk_protocol, IPPROTO_L2TP);
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
break;
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Check if this socket has already been prepped */
|
2013-10-09 02:44:26 +07:00
|
|
|
tunnel = l2tp_tunnel(sk);
|
2010-04-02 13:18:33 +07:00
|
|
|
if (tunnel != NULL) {
|
|
|
|
/* This socket has already been prepped */
|
|
|
|
err = -EBUSY;
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
tunnel = kzalloc(sizeof(struct l2tp_tunnel), GFP_KERNEL);
|
|
|
|
if (tunnel == NULL) {
|
|
|
|
err = -ENOMEM;
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
tunnel->version = version;
|
|
|
|
tunnel->tunnel_id = tunnel_id;
|
|
|
|
tunnel->peer_tunnel_id = peer_tunnel_id;
|
|
|
|
tunnel->debug = L2TP_DEFAULT_DEBUG_FLAGS;
|
|
|
|
|
|
|
|
tunnel->magic = L2TP_TUNNEL_MAGIC;
|
|
|
|
sprintf(&tunnel->name[0], "tunl %u", tunnel_id);
|
|
|
|
rwlock_init(&tunnel->hlist_lock);
|
2017-09-01 22:58:48 +07:00
|
|
|
tunnel->acpt_newsess = true;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* The net we belong to */
|
|
|
|
tunnel->l2tp_net = net;
|
|
|
|
pn = l2tp_pernet(net);
|
|
|
|
|
2010-04-02 13:19:00 +07:00
|
|
|
if (cfg != NULL)
|
2010-04-02 13:18:33 +07:00
|
|
|
tunnel->debug = cfg->debug;
|
|
|
|
|
2013-10-02 15:16:02 +07:00
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
|
|
|
if (sk->sk_family == PF_INET6) {
|
|
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
|
|
|
|
|
|
if (ipv6_addr_v4mapped(&np->saddr) &&
|
ipv6: make lookups simpler and faster
TCP listener refactoring, part 4 :
To speed up inet lookups, we moved IPv4 addresses from inet to struct
sock_common
Now is time to do the same for IPv6, because it permits us to have fast
lookups for all kind of sockets, including upcoming SYN_RECV.
Getting IPv6 addresses in TCP lookups currently requires two extra cache
lines, plus a dereference (and memory stall).
inet6_sk(sk) does the dereference of inet_sk(__sk)->pinet6
This patch is way bigger than its IPv4 counter part, because for IPv4,
we could add aliases (inet_daddr, inet_rcv_saddr), while on IPv6,
it's not doable easily.
inet6_sk(sk)->daddr becomes sk->sk_v6_daddr
inet6_sk(sk)->rcv_saddr becomes sk->sk_v6_rcv_saddr
And timewait socket also have tw->tw_v6_daddr & tw->tw_v6_rcv_saddr
at the same offset.
We get rid of INET6_TW_MATCH() as INET6_MATCH() is now the generic
macro.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-10-04 05:42:29 +07:00
|
|
|
ipv6_addr_v4mapped(&sk->sk_v6_daddr)) {
|
2013-10-02 15:16:02 +07:00
|
|
|
struct inet_sock *inet = inet_sk(sk);
|
|
|
|
|
|
|
|
tunnel->v4mapped = true;
|
|
|
|
inet->inet_saddr = np->saddr.s6_addr32[3];
|
ipv6: make lookups simpler and faster
TCP listener refactoring, part 4 :
To speed up inet lookups, we moved IPv4 addresses from inet to struct
sock_common
Now is time to do the same for IPv6, because it permits us to have fast
lookups for all kind of sockets, including upcoming SYN_RECV.
Getting IPv6 addresses in TCP lookups currently requires two extra cache
lines, plus a dereference (and memory stall).
inet6_sk(sk) does the dereference of inet_sk(__sk)->pinet6
This patch is way bigger than its IPv4 counter part, because for IPv4,
we could add aliases (inet_daddr, inet_rcv_saddr), while on IPv6,
it's not doable easily.
inet6_sk(sk)->daddr becomes sk->sk_v6_daddr
inet6_sk(sk)->rcv_saddr becomes sk->sk_v6_rcv_saddr
And timewait socket also have tw->tw_v6_daddr & tw->tw_v6_rcv_saddr
at the same offset.
We get rid of INET6_TW_MATCH() as INET6_MATCH() is now the generic
macro.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-10-04 05:42:29 +07:00
|
|
|
inet->inet_rcv_saddr = sk->sk_v6_rcv_saddr.s6_addr32[3];
|
|
|
|
inet->inet_daddr = sk->sk_v6_daddr.s6_addr32[3];
|
2013-10-02 15:16:02 +07:00
|
|
|
} else {
|
|
|
|
tunnel->v4mapped = false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
/* Mark socket as an encapsulation socket. See net/ipv4/udp.c */
|
2010-04-02 13:19:00 +07:00
|
|
|
tunnel->encap = encap;
|
|
|
|
if (encap == L2TP_ENCAPTYPE_UDP) {
|
2016-06-08 17:59:17 +07:00
|
|
|
struct udp_tunnel_sock_cfg udp_cfg = { };
|
2014-09-17 07:31:19 +07:00
|
|
|
|
|
|
|
udp_cfg.sk_user_data = tunnel;
|
|
|
|
udp_cfg.encap_type = UDP_ENCAP_L2TPINUDP;
|
|
|
|
udp_cfg.encap_rcv = l2tp_udp_encap_recv;
|
|
|
|
udp_cfg.encap_destroy = l2tp_udp_encap_destroy;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2014-09-17 07:31:19 +07:00
|
|
|
setup_udp_tunnel_sock(net, sock, &udp_cfg);
|
|
|
|
} else {
|
|
|
|
sk->sk_user_data = tunnel;
|
|
|
|
}
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* Hook on the tunnel socket destructor so that we can cleanup
|
|
|
|
* if the tunnel socket goes away.
|
|
|
|
*/
|
|
|
|
tunnel->old_sk_destruct = sk->sk_destruct;
|
|
|
|
sk->sk_destruct = &l2tp_tunnel_destruct;
|
|
|
|
tunnel->sock = sk;
|
2013-01-22 12:13:48 +07:00
|
|
|
tunnel->fd = fd;
|
l2tp: fix a lockdep splat
Fixes following lockdep splat :
[ 1614.734896] =============================================
[ 1614.734898] [ INFO: possible recursive locking detected ]
[ 1614.734901] 3.6.0-rc3+ #782 Not tainted
[ 1614.734903] ---------------------------------------------
[ 1614.734905] swapper/11/0 is trying to acquire lock:
[ 1614.734907] (slock-AF_INET){+.-...}, at: [<ffffffffa0209d72>] l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
[ 1614.734920]
[ 1614.734920] but task is already holding lock:
[ 1614.734922] (slock-AF_INET){+.-...}, at: [<ffffffff815fce23>] tcp_v4_err+0x163/0x6b0
[ 1614.734932]
[ 1614.734932] other info that might help us debug this:
[ 1614.734935] Possible unsafe locking scenario:
[ 1614.734935]
[ 1614.734937] CPU0
[ 1614.734938] ----
[ 1614.734940] lock(slock-AF_INET);
[ 1614.734943] lock(slock-AF_INET);
[ 1614.734946]
[ 1614.734946] *** DEADLOCK ***
[ 1614.734946]
[ 1614.734949] May be due to missing lock nesting notation
[ 1614.734949]
[ 1614.734952] 7 locks held by swapper/11/0:
[ 1614.734954] #0: (rcu_read_lock){.+.+..}, at: [<ffffffff81592801>] __netif_receive_skb+0x251/0xd00
[ 1614.734964] #1: (rcu_read_lock){.+.+..}, at: [<ffffffff815d319c>] ip_local_deliver_finish+0x4c/0x4e0
[ 1614.734972] #2: (rcu_read_lock){.+.+..}, at: [<ffffffff8160d116>] icmp_socket_deliver+0x46/0x230
[ 1614.734982] #3: (slock-AF_INET){+.-...}, at: [<ffffffff815fce23>] tcp_v4_err+0x163/0x6b0
[ 1614.734989] #4: (rcu_read_lock){.+.+..}, at: [<ffffffff815da240>] ip_queue_xmit+0x0/0x680
[ 1614.734997] #5: (rcu_read_lock_bh){.+....}, at: [<ffffffff815d9925>] ip_finish_output+0x135/0x890
[ 1614.735004] #6: (rcu_read_lock_bh){.+....}, at: [<ffffffff81595680>] dev_queue_xmit+0x0/0xe00
[ 1614.735012]
[ 1614.735012] stack backtrace:
[ 1614.735016] Pid: 0, comm: swapper/11 Not tainted 3.6.0-rc3+ #782
[ 1614.735018] Call Trace:
[ 1614.735020] <IRQ> [<ffffffff810a50ac>] __lock_acquire+0x144c/0x1b10
[ 1614.735033] [<ffffffff810a334b>] ? check_usage+0x9b/0x4d0
[ 1614.735037] [<ffffffff810a6762>] ? mark_held_locks+0x82/0x130
[ 1614.735042] [<ffffffff810a5df0>] lock_acquire+0x90/0x200
[ 1614.735047] [<ffffffffa0209d72>] ? l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
[ 1614.735051] [<ffffffff810a69ad>] ? trace_hardirqs_on+0xd/0x10
[ 1614.735060] [<ffffffff81749b31>] _raw_spin_lock+0x41/0x50
[ 1614.735065] [<ffffffffa0209d72>] ? l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
[ 1614.735069] [<ffffffffa0209d72>] l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
[ 1614.735075] [<ffffffffa014f7f2>] l2tp_eth_dev_xmit+0x32/0x60 [l2tp_eth]
[ 1614.735079] [<ffffffff81595112>] dev_hard_start_xmit+0x502/0xa70
[ 1614.735083] [<ffffffff81594c6e>] ? dev_hard_start_xmit+0x5e/0xa70
[ 1614.735087] [<ffffffff815957c1>] ? dev_queue_xmit+0x141/0xe00
[ 1614.735093] [<ffffffff815b622e>] sch_direct_xmit+0xfe/0x290
[ 1614.735098] [<ffffffff81595865>] dev_queue_xmit+0x1e5/0xe00
[ 1614.735102] [<ffffffff81595680>] ? dev_hard_start_xmit+0xa70/0xa70
[ 1614.735106] [<ffffffff815b4daa>] ? eth_header+0x3a/0xf0
[ 1614.735111] [<ffffffff8161d33e>] ? fib_get_table+0x2e/0x280
[ 1614.735117] [<ffffffff8160a7e2>] arp_xmit+0x22/0x60
[ 1614.735121] [<ffffffff8160a863>] arp_send+0x43/0x50
[ 1614.735125] [<ffffffff8160b82f>] arp_solicit+0x18f/0x450
[ 1614.735132] [<ffffffff8159d9da>] neigh_probe+0x4a/0x70
[ 1614.735137] [<ffffffff815a191a>] __neigh_event_send+0xea/0x300
[ 1614.735141] [<ffffffff815a1c93>] neigh_resolve_output+0x163/0x260
[ 1614.735146] [<ffffffff815d9cf5>] ip_finish_output+0x505/0x890
[ 1614.735150] [<ffffffff815d9925>] ? ip_finish_output+0x135/0x890
[ 1614.735154] [<ffffffff815dae79>] ip_output+0x59/0xf0
[ 1614.735158] [<ffffffff815da1cd>] ip_local_out+0x2d/0xa0
[ 1614.735162] [<ffffffff815da403>] ip_queue_xmit+0x1c3/0x680
[ 1614.735165] [<ffffffff815da240>] ? ip_local_out+0xa0/0xa0
[ 1614.735172] [<ffffffff815f4402>] tcp_transmit_skb+0x402/0xa60
[ 1614.735177] [<ffffffff815f5a11>] tcp_retransmit_skb+0x1a1/0x620
[ 1614.735181] [<ffffffff815f7e93>] tcp_retransmit_timer+0x393/0x960
[ 1614.735185] [<ffffffff815fce23>] ? tcp_v4_err+0x163/0x6b0
[ 1614.735189] [<ffffffff815fd317>] tcp_v4_err+0x657/0x6b0
[ 1614.735194] [<ffffffff8160d116>] ? icmp_socket_deliver+0x46/0x230
[ 1614.735199] [<ffffffff8160d19e>] icmp_socket_deliver+0xce/0x230
[ 1614.735203] [<ffffffff8160d116>] ? icmp_socket_deliver+0x46/0x230
[ 1614.735208] [<ffffffff8160d464>] icmp_unreach+0xe4/0x2c0
[ 1614.735213] [<ffffffff8160e520>] icmp_rcv+0x350/0x4a0
[ 1614.735217] [<ffffffff815d3285>] ip_local_deliver_finish+0x135/0x4e0
[ 1614.735221] [<ffffffff815d319c>] ? ip_local_deliver_finish+0x4c/0x4e0
[ 1614.735225] [<ffffffff815d3ffa>] ip_local_deliver+0x4a/0x90
[ 1614.735229] [<ffffffff815d37b7>] ip_rcv_finish+0x187/0x730
[ 1614.735233] [<ffffffff815d425d>] ip_rcv+0x21d/0x300
[ 1614.735237] [<ffffffff81592a1b>] __netif_receive_skb+0x46b/0xd00
[ 1614.735241] [<ffffffff81592801>] ? __netif_receive_skb+0x251/0xd00
[ 1614.735245] [<ffffffff81593368>] process_backlog+0xb8/0x180
[ 1614.735249] [<ffffffff81593cf9>] net_rx_action+0x159/0x330
[ 1614.735257] [<ffffffff810491f0>] __do_softirq+0xd0/0x3e0
[ 1614.735264] [<ffffffff8109ed24>] ? tick_program_event+0x24/0x30
[ 1614.735270] [<ffffffff8175419c>] call_softirq+0x1c/0x30
[ 1614.735278] [<ffffffff8100425d>] do_softirq+0x8d/0xc0
[ 1614.735282] [<ffffffff8104983e>] irq_exit+0xae/0xe0
[ 1614.735287] [<ffffffff8175494e>] smp_apic_timer_interrupt+0x6e/0x99
[ 1614.735291] [<ffffffff81753a1c>] apic_timer_interrupt+0x6c/0x80
[ 1614.735293] <EOI> [<ffffffff810a14ad>] ? trace_hardirqs_off+0xd/0x10
[ 1614.735306] [<ffffffff81336f85>] ? intel_idle+0xf5/0x150
[ 1614.735310] [<ffffffff81336f7e>] ? intel_idle+0xee/0x150
[ 1614.735317] [<ffffffff814e6ea9>] cpuidle_enter+0x19/0x20
[ 1614.735321] [<ffffffff814e7538>] cpuidle_idle_call+0xa8/0x630
[ 1614.735327] [<ffffffff8100c1ba>] cpu_idle+0x8a/0xe0
[ 1614.735333] [<ffffffff8173762e>] start_secondary+0x220/0x222
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-04 14:18:57 +07:00
|
|
|
lockdep_set_class_and_name(&sk->sk_lock.slock, &l2tp_socket_class, "l2tp_sock");
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
sk->sk_allocation = GFP_ATOMIC;
|
|
|
|
|
2013-02-01 06:43:00 +07:00
|
|
|
/* Init delete workqueue struct */
|
|
|
|
INIT_WORK(&tunnel->del_work, l2tp_tunnel_del_work);
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
/* Add tunnel to our list */
|
|
|
|
INIT_LIST_HEAD(&tunnel->list);
|
|
|
|
|
|
|
|
/* Bump the reference count. The tunnel context is deleted
|
2011-05-12 01:22:36 +07:00
|
|
|
* only when this drops to zero. Must be done before list insertion
|
2010-04-02 13:18:33 +07:00
|
|
|
*/
|
2017-07-04 19:52:57 +07:00
|
|
|
refcount_set(&tunnel->ref_count, 1);
|
2011-05-12 01:22:36 +07:00
|
|
|
spin_lock_bh(&pn->l2tp_tunnel_list_lock);
|
|
|
|
list_add_rcu(&tunnel->list, &pn->l2tp_tunnel_list);
|
|
|
|
spin_unlock_bh(&pn->l2tp_tunnel_list_lock);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
err = 0;
|
|
|
|
err:
|
|
|
|
if (tunnelp)
|
|
|
|
*tunnelp = tunnel;
|
|
|
|
|
2010-04-02 13:19:40 +07:00
|
|
|
/* If tunnel's socket was created by the kernel, it doesn't
|
|
|
|
* have a file.
|
|
|
|
*/
|
|
|
|
if (sock && sock->file)
|
2010-04-02 13:18:33 +07:00
|
|
|
sockfd_put(sock);
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_tunnel_create);
|
|
|
|
|
2010-04-02 13:19:10 +07:00
|
|
|
/* This function is used by the netlink TUNNEL_DELETE command.
|
|
|
|
*/
|
2017-09-26 21:16:43 +07:00
|
|
|
void l2tp_tunnel_delete(struct l2tp_tunnel *tunnel)
|
2010-04-02 13:19:10 +07:00
|
|
|
{
|
2017-09-26 21:16:43 +07:00
|
|
|
if (!test_and_set_bit(0, &tunnel->dead)) {
|
|
|
|
l2tp_tunnel_inc_refcount(tunnel);
|
|
|
|
queue_work(l2tp_wq, &tunnel->del_work);
|
2015-09-28 16:32:42 +07:00
|
|
|
}
|
2010-04-02 13:19:10 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_tunnel_delete);
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
/* Really kill the session.
|
|
|
|
*/
|
|
|
|
void l2tp_session_free(struct l2tp_session *session)
|
|
|
|
{
|
2013-03-19 13:11:23 +07:00
|
|
|
struct l2tp_tunnel *tunnel = session->tunnel;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2017-07-04 19:52:57 +07:00
|
|
|
BUG_ON(refcount_read(&session->ref_count) != 0);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2013-03-19 13:11:23 +07:00
|
|
|
if (tunnel) {
|
2010-04-02 13:18:33 +07:00
|
|
|
BUG_ON(tunnel->magic != L2TP_TUNNEL_MAGIC);
|
2013-03-19 13:11:23 +07:00
|
|
|
sock_put(tunnel->sock);
|
|
|
|
session->tunnel = NULL;
|
|
|
|
l2tp_tunnel_dec_refcount(tunnel);
|
|
|
|
}
|
|
|
|
|
|
|
|
kfree(session);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_free);
|
|
|
|
|
|
|
|
/* Remove an l2tp session from l2tp_core's hash lists.
|
|
|
|
* Provides a tidyup interface for pseudowire code which can't just route all
|
|
|
|
* shutdown via. l2tp_session_delete and a pseudowire-specific session_close
|
|
|
|
* callback.
|
|
|
|
*/
|
|
|
|
void __l2tp_session_unhash(struct l2tp_session *session)
|
|
|
|
{
|
|
|
|
struct l2tp_tunnel *tunnel = session->tunnel;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2013-03-19 13:11:23 +07:00
|
|
|
/* Remove the session from core hashes */
|
|
|
|
if (tunnel) {
|
|
|
|
/* Remove from the per-tunnel hash */
|
2010-04-02 13:18:33 +07:00
|
|
|
write_lock_bh(&tunnel->hlist_lock);
|
|
|
|
hlist_del_init(&session->hlist);
|
|
|
|
write_unlock_bh(&tunnel->hlist_lock);
|
|
|
|
|
2013-03-19 13:11:23 +07:00
|
|
|
/* For L2TPv3 we have a per-net hash: remove from there, too */
|
2010-04-02 13:18:49 +07:00
|
|
|
if (tunnel->version != L2TP_HDR_VER_2) {
|
|
|
|
struct l2tp_net *pn = l2tp_pernet(tunnel->l2tp_net);
|
2010-04-02 13:19:16 +07:00
|
|
|
spin_lock_bh(&pn->l2tp_session_hlist_lock);
|
|
|
|
hlist_del_init_rcu(&session->global_hlist);
|
|
|
|
spin_unlock_bh(&pn->l2tp_session_hlist_lock);
|
|
|
|
synchronize_rcu();
|
2010-04-02 13:18:49 +07:00
|
|
|
}
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
}
|
2013-03-19 13:11:23 +07:00
|
|
|
EXPORT_SYMBOL_GPL(__l2tp_session_unhash);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2010-04-02 13:19:10 +07:00
|
|
|
/* This function is used by the netlink SESSION_DELETE command and by
|
|
|
|
pseudowire modules.
|
|
|
|
*/
|
|
|
|
int l2tp_session_delete(struct l2tp_session *session)
|
|
|
|
{
|
l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()
There are several ways to remove L2TP sessions:
* deleting a session explicitly using the netlink interface (with
L2TP_CMD_SESSION_DELETE),
* deleting the session's parent tunnel (either by closing the
tunnel's file descriptor or using the netlink interface),
* closing the PPPOL2TP file descriptor of a PPP pseudo-wire.
In some cases, when these methods are used concurrently on the same
session, the session can be removed twice, leading to use-after-free
bugs.
This patch adds a 'dead' flag, used by l2tp_session_delete() and
l2tp_tunnel_closeall() to prevent them from stepping on each other's
toes.
The session deletion path used when closing a PPPOL2TP file descriptor
doesn't need to be adapted. It already has to ensure that a session
remains valid for the lifetime of its PPPOL2TP file descriptor.
So it takes an extra reference on the session in the ->session_close()
callback (pppol2tp_session_close()), which is eventually dropped
in the ->sk_destruct() callback of the PPPOL2TP socket
(pppol2tp_session_destruct()).
Still, __l2tp_session_unhash() and l2tp_session_queue_purge() can be
called twice and even concurrently for a given session, but thanks to
proper locking and re-initialisation of list fields, this is not an
issue.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-22 20:39:24 +07:00
|
|
|
if (test_and_set_bit(0, &session->dead))
|
|
|
|
return 0;
|
|
|
|
|
2013-03-19 13:11:23 +07:00
|
|
|
__l2tp_session_unhash(session);
|
2013-03-19 13:11:20 +07:00
|
|
|
l2tp_session_queue_purge(session);
|
2010-04-02 13:19:10 +07:00
|
|
|
if (session->session_close != NULL)
|
|
|
|
(*session->session_close)(session);
|
2017-10-31 23:36:42 +07:00
|
|
|
|
2010-04-02 13:19:10 +07:00
|
|
|
l2tp_session_dec_refcount(session);
|
2017-10-31 23:36:42 +07:00
|
|
|
|
2010-04-02 13:19:10 +07:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_delete);
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
/* We come here whenever a session's send_seq, cookie_len or
|
|
|
|
* l2specific_len parameters are set.
|
|
|
|
*/
|
2014-03-06 17:14:30 +07:00
|
|
|
void l2tp_session_set_header_len(struct l2tp_session *session, int version)
|
2010-04-02 13:18:49 +07:00
|
|
|
{
|
|
|
|
if (version == L2TP_HDR_VER_2) {
|
|
|
|
session->hdr_len = 6;
|
|
|
|
if (session->send_seq)
|
|
|
|
session->hdr_len += 4;
|
|
|
|
} else {
|
2010-04-02 13:19:00 +07:00
|
|
|
session->hdr_len = 4 + session->cookie_len + session->l2specific_len + session->offset;
|
|
|
|
if (session->tunnel->encap == L2TP_ENCAPTYPE_UDP)
|
|
|
|
session->hdr_len += 4;
|
2010-04-02 13:18:49 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|
2014-03-06 17:14:30 +07:00
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_set_header_len);
|
2010-04-02 13:18:49 +07:00
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
struct l2tp_session *l2tp_session_create(int priv_size, struct l2tp_tunnel *tunnel, u32 session_id, u32 peer_session_id, struct l2tp_session_cfg *cfg)
|
|
|
|
{
|
|
|
|
struct l2tp_session *session;
|
|
|
|
|
|
|
|
session = kzalloc(sizeof(struct l2tp_session) + priv_size, GFP_KERNEL);
|
|
|
|
if (session != NULL) {
|
|
|
|
session->magic = L2TP_SESSION_MAGIC;
|
|
|
|
session->tunnel = tunnel;
|
|
|
|
|
|
|
|
session->session_id = session_id;
|
|
|
|
session->peer_session_id = peer_session_id;
|
2012-05-10 06:43:09 +07:00
|
|
|
session->nr = 0;
|
2013-07-03 02:28:59 +07:00
|
|
|
if (tunnel->version == L2TP_HDR_VER_2)
|
|
|
|
session->nr_max = 0xffff;
|
|
|
|
else
|
|
|
|
session->nr_max = 0xffffff;
|
|
|
|
session->nr_window_size = session->nr_max / 2;
|
2013-07-03 02:29:00 +07:00
|
|
|
session->nr_oos_count_max = 4;
|
|
|
|
|
|
|
|
/* Use NR of first received packet */
|
|
|
|
session->reorder_skip = 1;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
sprintf(&session->name[0], "sess %u/%u",
|
|
|
|
tunnel->tunnel_id, session->session_id);
|
|
|
|
|
|
|
|
skb_queue_head_init(&session->reorder_q);
|
|
|
|
|
|
|
|
INIT_HLIST_NODE(&session->hlist);
|
2010-04-02 13:18:49 +07:00
|
|
|
INIT_HLIST_NODE(&session->global_hlist);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
/* Inherit debug options from tunnel */
|
|
|
|
session->debug = tunnel->debug;
|
|
|
|
|
|
|
|
if (cfg) {
|
2010-04-02 13:18:49 +07:00
|
|
|
session->pwtype = cfg->pw_type;
|
2010-04-02 13:18:33 +07:00
|
|
|
session->debug = cfg->debug;
|
|
|
|
session->mtu = cfg->mtu;
|
|
|
|
session->mru = cfg->mru;
|
|
|
|
session->send_seq = cfg->send_seq;
|
|
|
|
session->recv_seq = cfg->recv_seq;
|
|
|
|
session->lns_mode = cfg->lns_mode;
|
2010-04-02 13:18:49 +07:00
|
|
|
session->reorder_timeout = cfg->reorder_timeout;
|
|
|
|
session->offset = cfg->offset;
|
|
|
|
session->l2specific_type = cfg->l2specific_type;
|
|
|
|
session->l2specific_len = cfg->l2specific_len;
|
|
|
|
session->cookie_len = cfg->cookie_len;
|
|
|
|
memcpy(&session->cookie[0], &cfg->cookie[0], cfg->cookie_len);
|
|
|
|
session->peer_cookie_len = cfg->peer_cookie_len;
|
|
|
|
memcpy(&session->peer_cookie[0], &cfg->peer_cookie[0], cfg->peer_cookie_len);
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
if (tunnel->version == L2TP_HDR_VER_2)
|
|
|
|
session->build_header = l2tp_build_l2tpv2_header;
|
|
|
|
else
|
|
|
|
session->build_header = l2tp_build_l2tpv3_header;
|
|
|
|
|
|
|
|
l2tp_session_set_header_len(session, tunnel->version);
|
|
|
|
|
2017-08-25 21:22:17 +07:00
|
|
|
refcount_set(&session->ref_count, 1);
|
|
|
|
|
2017-03-31 18:02:27 +07:00
|
|
|
return session;
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
2017-03-31 18:02:27 +07:00
|
|
|
return ERR_PTR(-ENOMEM);
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(l2tp_session_create);
|
|
|
|
|
|
|
|
/*****************************************************************************
|
|
|
|
* Init and cleanup
|
|
|
|
*****************************************************************************/
|
|
|
|
|
|
|
|
static __net_init int l2tp_init_net(struct net *net)
|
|
|
|
{
|
2010-04-23 07:53:39 +07:00
|
|
|
struct l2tp_net *pn = net_generic(net, l2tp_net_id);
|
2010-04-02 13:18:49 +07:00
|
|
|
int hash;
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
INIT_LIST_HEAD(&pn->l2tp_tunnel_list);
|
2010-04-02 13:19:16 +07:00
|
|
|
spin_lock_init(&pn->l2tp_tunnel_list_lock);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
2010-04-02 13:18:49 +07:00
|
|
|
for (hash = 0; hash < L2TP_HASH_SIZE_2; hash++)
|
|
|
|
INIT_HLIST_HEAD(&pn->l2tp_session_hlist[hash]);
|
|
|
|
|
2010-04-02 13:19:16 +07:00
|
|
|
spin_lock_init(&pn->l2tp_session_hlist_lock);
|
2010-04-02 13:18:49 +07:00
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2013-02-01 06:43:03 +07:00
|
|
|
static __net_exit void l2tp_exit_net(struct net *net)
|
|
|
|
{
|
|
|
|
struct l2tp_net *pn = l2tp_pernet(net);
|
|
|
|
struct l2tp_tunnel *tunnel = NULL;
|
2017-11-13 02:30:31 +07:00
|
|
|
int hash;
|
2013-02-01 06:43:03 +07:00
|
|
|
|
|
|
|
rcu_read_lock_bh();
|
|
|
|
list_for_each_entry_rcu(tunnel, &pn->l2tp_tunnel_list, list) {
|
2017-10-25 20:57:55 +07:00
|
|
|
l2tp_tunnel_delete(tunnel);
|
2013-02-01 06:43:03 +07:00
|
|
|
}
|
|
|
|
rcu_read_unlock_bh();
|
2016-09-02 15:22:54 +07:00
|
|
|
|
|
|
|
flush_workqueue(l2tp_wq);
|
|
|
|
rcu_barrier();
|
2017-11-13 02:30:31 +07:00
|
|
|
|
|
|
|
for (hash = 0; hash < L2TP_HASH_SIZE_2; hash++)
|
|
|
|
WARN_ON_ONCE(!hlist_empty(&pn->l2tp_session_hlist[hash]));
|
2013-02-01 06:43:03 +07:00
|
|
|
}
|
|
|
|
|
2010-04-02 13:18:33 +07:00
|
|
|
static struct pernet_operations l2tp_net_ops = {
|
|
|
|
.init = l2tp_init_net,
|
2013-02-01 06:43:03 +07:00
|
|
|
.exit = l2tp_exit_net,
|
2010-04-02 13:18:33 +07:00
|
|
|
.id = &l2tp_net_id,
|
|
|
|
.size = sizeof(struct l2tp_net),
|
|
|
|
};
|
|
|
|
|
|
|
|
static int __init l2tp_init(void)
|
|
|
|
{
|
|
|
|
int rc = 0;
|
|
|
|
|
|
|
|
rc = register_pernet_device(&l2tp_net_ops);
|
|
|
|
if (rc)
|
|
|
|
goto out;
|
|
|
|
|
2014-03-27 08:41:47 +07:00
|
|
|
l2tp_wq = alloc_workqueue("l2tp", WQ_UNBOUND, 0);
|
2013-02-01 06:43:00 +07:00
|
|
|
if (!l2tp_wq) {
|
|
|
|
pr_err("alloc_workqueue failed\n");
|
2015-04-04 03:46:09 +07:00
|
|
|
unregister_pernet_device(&l2tp_net_ops);
|
2013-02-01 06:43:00 +07:00
|
|
|
rc = -ENOMEM;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2012-05-16 16:55:56 +07:00
|
|
|
pr_info("L2TP core driver, %s\n", L2TP_DRV_VERSION);
|
2010-04-02 13:18:33 +07:00
|
|
|
|
|
|
|
out:
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void __exit l2tp_exit(void)
|
|
|
|
{
|
|
|
|
unregister_pernet_device(&l2tp_net_ops);
|
2013-02-01 06:43:00 +07:00
|
|
|
if (l2tp_wq) {
|
|
|
|
destroy_workqueue(l2tp_wq);
|
|
|
|
l2tp_wq = NULL;
|
|
|
|
}
|
2010-04-02 13:18:33 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
module_init(l2tp_init);
|
|
|
|
module_exit(l2tp_exit);
|
|
|
|
|
|
|
|
MODULE_AUTHOR("James Chapman <jchapman@katalix.com>");
|
|
|
|
MODULE_DESCRIPTION("L2TP core");
|
|
|
|
MODULE_LICENSE("GPL");
|
|
|
|
MODULE_VERSION(L2TP_DRV_VERSION);
|
|
|
|
|