/*
* Incompressible data has arrived (this should never happen!).
* We should probably drop the link if the protocol is in the range
* of what should be encrypted. At the least, we should drop this
* packet. (How to do this?)
*/
static void mppe_incomp(void *arg, unsigned char *ibuf, int icnt)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
if (state->debug &&
(PPP_PROTOCOL(ibuf) >= 0x0021 && PPP_PROTOCOL(ibuf) <= 0x00fa))
printk(KERN_DEBUG
"mppe_incomp[%d]: incompressible (unencrypted) data! "
"(proto %04x)\n", state->unit, PPP_PROTOCOL(ibuf));
state->stats.inc_bytes += icnt;
state->stats.inc_packets++;
state->stats.unc_bytes += icnt;
state->stats.unc_packets++;
}
/*
* Scan a packet to decide whether it is an "active" packet,
* that is, whether it is worth bringing up the link for.
*/
static int
active_packet(unsigned char *p, int len)
{
int proto, i;
struct protent *protp;
if (len < PPP_HDRLEN)
return 0;
proto = PPP_PROTOCOL(p);
#ifdef PPP_FILTER
if (active_filter.bf_len != 0
&& bpf_filter(active_filter.bf_insns, frame, len, len) == 0)
return 0;
#endif
for (i = 0; (protp = protocols[i]) != NULL; ++i) {
if (protp->protocol < 0xC000 && (protp->protocol & ~0x8000) == proto) {
if (!protp->enabled_flag)
return 0;
if (protp->active_pkt == NULL)
return 1;
return (*protp->active_pkt)(p, len);
}
}
return 0; /* not a supported protocol !!?? */
}
/*
* loop_frame - given a frame obtained from the loopback,
* decide whether to bring up the link or not, and, if we want
* to transmit this frame later, put it on the pending queue.
* Return value is 1 if we need to bring up the link, 0 otherwise.
* We assume that the kernel driver has already applied the
* pass_filter, so we won't get packets it rejected.
* We apply the active_filter to see if we want this packet to
* bring up the link.
*/
int
loop_frame(unsigned char *frame, int len)
{
struct packet *pkt;
/* log_packet(frame, len, "from loop: ", LOG_DEBUG); */
if (len < PPP_HDRLEN)
return 0;
if ((PPP_PROTOCOL(frame) & 0x8000) != 0)
return 0; /* shouldn't get any of these anyway */
if (!active_packet(frame, len))
return 0;
pkt = (struct packet *) malloc(sizeof(struct packet) + len);
if (pkt != NULL) {
pkt->length = len;
pkt->next = NULL;
memcpy(pkt->data, frame, len);
if (pend_q == NULL)
pend_q = pkt;
else
pend_qtail->next = pkt;
pend_qtail = pkt;
}
return 1;
}
/*
* demand_rexmit - Resend all those frames which we got via the
* loopback, now that the real serial link is up.
*/
void
demand_rexmit(int proto)
{
struct packet *pkt, *prev, *nextpkt;
prev = NULL;
pkt = pend_q;
pend_q = NULL;
for (; pkt != NULL; pkt = nextpkt) {
nextpkt = pkt->next;
if (PPP_PROTOCOL(pkt->data) == proto) {
output(0, pkt->data, pkt->length);
free(pkt);
} else {
if (prev == NULL)
pend_q = pkt;
else
prev->next = pkt;
prev = pkt;
}
}
pend_qtail = prev;
if (prev != NULL)
prev->next = NULL;
}
static void
dl_ppp(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
{
switch (PPP_PROTOCOL(p)) {
case PPP_IP:
case ETHERTYPE_IP:
collect(AF_INET, p + PPP_HDRLEN);
break;
}
}
static void
parse_ppp (const struct pcap_pkthdr *header,
const u_char *packet)
{
const u_char *payload = packet + PPP_HDRLEN;
switch (PPP_PROTOCOL (packet))
{
case (PPP_IP):
parse_ip (header, payload);
break;
case (PPP_IPV6):
parse_ip6 (header, payload);
break;
default:
break;
}
}
/**
* z_incomp - add incompressible input data to the history.
* @arg: pointer to private state for the decompressor
* @ibuf: pointer to input packet data
* @icnt: length of input data.
*/
static void z_incomp(void *arg, unsigned char *ibuf, int icnt)
{
struct ppp_deflate_state *state = (struct ppp_deflate_state *) arg;
int proto, r;
/*
* Check that the protocol is one we handle.
*/
proto = PPP_PROTOCOL(ibuf);
if (proto > 0x3fff || proto == 0xfd || proto == 0xfb)
return;
++state->seqno;
/*
* We start at the either the 1st or 2nd byte of the protocol field,
* depending on whether the protocol value is compressible.
*/
state->strm.next_in = ibuf + 3;
state->strm.avail_in = icnt - 3;
if (proto > 0xff) {
--state->strm.next_in;
++state->strm.avail_in;
}
r = zlib_inflateIncomp(&state->strm);
if (r != Z_OK) {
/* gak! */
if (state->debug) {
printk(KERN_DEBUG "z_incomp%d: inflateIncomp returned %d (%s)\n",
state->unit, r, (state->strm.msg? state->strm.msg: ""));
}
return;
}
/*
* Update stats.
*/
state->stats.inc_bytes += icnt;
state->stats.inc_packets++;
state->stats.unc_bytes += icnt;
state->stats.unc_packets++;
}
static void z_incomp(void *arg, unsigned char *ibuf, int icnt)
{
struct ppp_deflate_state *state = (struct ppp_deflate_state *) arg;
int proto, r;
/*
*/
proto = PPP_PROTOCOL(ibuf);
if (proto > 0x3fff || proto == 0xfd || proto == 0xfb)
return;
++state->seqno;
/*
*/
state->strm.next_in = ibuf + 3;
state->strm.avail_in = icnt - 3;
if (proto > 0xff) {
--state->strm.next_in;
++state->strm.avail_in;
}
r = zlib_inflateIncomp(&state->strm);
if (r != Z_OK) {
/* */
if (state->debug) {
printk(KERN_DEBUG "z_incomp%d: inflateIncomp returned %d (%s)\n",
state->unit, r, (state->strm.msg? state->strm.msg: ""));
}
return;
}
/*
*/
state->stats.inc_bytes += icnt;
state->stats.inc_packets++;
state->stats.unc_bytes += icnt;
state->stats.unc_packets++;
}
/*
* Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3.
* Well, not what's written there, but rather what they meant.
*/
static void mppe_rekey(struct ppp_mppe_state * state, int initial_key)
{
struct scatterlist sg_in[1], sg_out[1];
struct blkcipher_desc desc = { .tfm = state->arc4 };
get_new_key_from_sha(state);
if (!initial_key) {
crypto_blkcipher_setkey(state->arc4, state->sha1_digest,
state->keylen);
sg_init_table(sg_in, 1);
sg_init_table(sg_out, 1);
setup_sg(sg_in, state->sha1_digest, state->keylen);
setup_sg(sg_out, state->session_key, state->keylen);
if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
state->keylen) != 0) {
printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n");
}
} else {
memcpy(state->session_key, state->sha1_digest, state->keylen);
}
if (state->keylen == 8) {
/* See RFC 3078 */
state->session_key[0] = 0xd1;
state->session_key[1] = 0x26;
state->session_key[2] = 0x9e;
}
crypto_blkcipher_setkey(state->arc4, state->session_key, state->keylen);
}
/*
* Allocate space for a (de)compressor.
*/
static void *mppe_alloc(unsigned char *options, int optlen)
{
struct ppp_mppe_state *state;
unsigned int digestsize;
if (optlen != CILEN_MPPE + sizeof(state->master_key)
|| options[0] != CI_MPPE || options[1] != CILEN_MPPE)
goto out;
state = kzalloc(sizeof(*state), GFP_KERNEL);
if (state == NULL)
goto out;
state->arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(state->arc4)) {
state->arc4 = NULL;
goto out_free;
}
state->sha1 = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(state->sha1)) {
state->sha1 = NULL;
goto out_free;
}
digestsize = crypto_hash_digestsize(state->sha1);
if (digestsize < MPPE_MAX_KEY_LEN)
goto out_free;
state->sha1_digest = kmalloc(digestsize, GFP_KERNEL);
if (!state->sha1_digest)
goto out_free;
/* Save keys. */
memcpy(state->master_key, &options[CILEN_MPPE],
sizeof(state->master_key));
memcpy(state->session_key, state->master_key,
sizeof(state->master_key));
/*
* We defer initial key generation until mppe_init(), as mppe_alloc()
* is called frequently during negotiation.
*/
return (void *)state;
out_free:
if (state->sha1_digest)
kfree(state->sha1_digest);
if (state->sha1)
crypto_free_hash(state->sha1);
if (state->arc4)
crypto_free_blkcipher(state->arc4);
kfree(state);
out:
return NULL;
}
/*
* Deallocate space for a (de)compressor.
*/
static void mppe_free(void *arg)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
if (state) {
if (state->sha1_digest)
kfree(state->sha1_digest);
if (state->sha1)
crypto_free_hash(state->sha1);
if (state->arc4)
crypto_free_blkcipher(state->arc4);
kfree(state);
}
}
/*
* Initialize (de)compressor state.
*/
static int
mppe_init(void *arg, unsigned char *options, int optlen, int unit, int debug,
const char *debugstr)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
unsigned char mppe_opts;
if (optlen != CILEN_MPPE
|| options[0] != CI_MPPE || options[1] != CILEN_MPPE)
return 0;
MPPE_CI_TO_OPTS(&options[2], mppe_opts);
if (mppe_opts & MPPE_OPT_128)
state->keylen = 16;
else if (mppe_opts & MPPE_OPT_40)
state->keylen = 8;
else {
printk(KERN_WARNING "%s[%d]: unknown key length\n", debugstr,
unit);
return 0;
}
if (mppe_opts & MPPE_OPT_STATEFUL)
state->stateful = 1;
/* Generate the initial session key. */
mppe_rekey(state, 1);
if (debug) {
int i;
char mkey[sizeof(state->master_key) * 2 + 1];
char skey[sizeof(state->session_key) * 2 + 1];
printk(KERN_DEBUG "%s[%d]: initialized with %d-bit %s mode\n",
debugstr, unit, (state->keylen == 16) ? 128 : 40,
(state->stateful) ? "stateful" : "stateless");
for (i = 0; i < sizeof(state->master_key); i++)
sprintf(mkey + i * 2, "%02x", state->master_key[i]);
for (i = 0; i < sizeof(state->session_key); i++)
sprintf(skey + i * 2, "%02x", state->session_key[i]);
printk(KERN_DEBUG
"%s[%d]: keys: master: %s initial session: %s\n",
debugstr, unit, mkey, skey);
}
/*
* Initialize the coherency count. The initial value is not specified
* in RFC 3078, but we can make a reasonable assumption that it will
* start at 0. Setting it to the max here makes the comp/decomp code
* do the right thing (determined through experiment).
*/
state->ccount = MPPE_CCOUNT_SPACE - 1;
/*
* Note that even though we have initialized the key table, we don't
* set the FLUSHED bit. This is contrary to RFC 3078, sec. 3.1.
*/
state->bits = MPPE_BIT_ENCRYPTED;
state->unit = unit;
state->debug = debug;
return 1;
}
static int
mppe_comp_init(void *arg, unsigned char *options, int optlen, int unit,
int hdrlen, int debug)
{
/* ARGSUSED */
return mppe_init(arg, options, optlen, unit, debug, "mppe_comp_init");
}
/*
* We received a CCP Reset-Request (actually, we are sending a Reset-Ack),
* tell the compressor to rekey. Note that we MUST NOT rekey for
* every CCP Reset-Request; we only rekey on the next xmit packet.
* We might get multiple CCP Reset-Requests if our CCP Reset-Ack is lost.
* So, rekeying for every CCP Reset-Request is broken as the peer will not
* know how many times we've rekeyed. (If we rekey and THEN get another
* CCP Reset-Request, we must rekey again.)
*/
static void mppe_comp_reset(void *arg)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
state->bits |= MPPE_BIT_FLUSHED;
}
/*
* Compress (encrypt) a packet.
* It's strange to call this a compressor, since the output is always
* MPPE_OVHD + 2 bytes larger than the input.
*/
static int
mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
int isize, int osize)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
struct blkcipher_desc desc = { .tfm = state->arc4 };
int proto;
struct scatterlist sg_in[1], sg_out[1];
/*
* Check that the protocol is in the range we handle.
*/
proto = PPP_PROTOCOL(ibuf);
if (proto < 0x0021 || proto > 0x00fa)
return 0;
/* Make sure we have enough room to generate an encrypted packet. */
if (osize < isize + MPPE_OVHD + 2) {
/* Drop the packet if we should encrypt it, but can't. */
printk(KERN_DEBUG "mppe_compress[%d]: osize too small! "
"(have: %d need: %d)\n", state->unit,
osize, osize + MPPE_OVHD + 2);
return -1;
}
osize = isize + MPPE_OVHD + 2;
/*
* Copy over the PPP header and set control bits.
*/
obuf[0] = PPP_ADDRESS(ibuf);
obuf[1] = PPP_CONTROL(ibuf);
obuf[2] = PPP_COMP >> 8; /* isize + MPPE_OVHD + 1 */
obuf[3] = PPP_COMP; /* isize + MPPE_OVHD + 2 */
obuf += PPP_HDRLEN;
state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
if (state->debug >= 7)
printk(KERN_DEBUG "mppe_compress[%d]: ccount %d\n", state->unit,
state->ccount);
obuf[0] = state->ccount >> 8;
obuf[1] = state->ccount & 0xff;
if (!state->stateful || /* stateless mode */
((state->ccount & 0xff) == 0xff) || /* "flag" packet */
(state->bits & MPPE_BIT_FLUSHED)) { /* CCP Reset-Request */
/* We must rekey */
if (state->debug && state->stateful)
printk(KERN_DEBUG "mppe_compress[%d]: rekeying\n",
state->unit);
mppe_rekey(state, 0);
state->bits |= MPPE_BIT_FLUSHED;
}
obuf[0] |= state->bits;
state->bits &= ~MPPE_BIT_FLUSHED; /* reset for next xmit */
obuf += MPPE_OVHD;
ibuf += 2; /* skip to proto field */
isize -= 2;
/* Encrypt packet */
sg_init_table(sg_in, 1);
sg_init_table(sg_out, 1);
setup_sg(sg_in, ibuf, isize);
setup_sg(sg_out, obuf, osize);
if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, isize) != 0) {
printk(KERN_DEBUG "crypto_cypher_encrypt failed\n");
return -1;
}
state->stats.unc_bytes += isize;
state->stats.unc_packets++;
state->stats.comp_bytes += osize;
state->stats.comp_packets++;
return osize;
}
/*
* Since every frame grows by MPPE_OVHD + 2 bytes, this is always going
* to look bad ... and the longer the link is up the worse it will get.
*/
static void mppe_comp_stats(void *arg, struct compstat *stats)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
*stats = state->stats;
}
static int
mppe_decomp_init(void *arg, unsigned char *options, int optlen, int unit,
int hdrlen, int mru, int debug)
{
/* ARGSUSED */
return mppe_init(arg, options, optlen, unit, debug, "mppe_decomp_init");
}
/*
* We received a CCP Reset-Ack. Just ignore it.
*/
static void mppe_decomp_reset(void *arg)
{
/* ARGSUSED */
return;
}
/*
* Decompress (decrypt) an MPPE packet.
*/
static int
mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
int osize)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
struct blkcipher_desc desc = { .tfm = state->arc4 };
unsigned ccount;
int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED;
int sanity = 0;
struct scatterlist sg_in[1], sg_out[1];
if (isize <= PPP_HDRLEN + MPPE_OVHD) {
if (state->debug)
printk(KERN_DEBUG
"mppe_decompress[%d]: short pkt (%d)\n",
state->unit, isize);
return DECOMP_ERROR;
}
/*
* Make sure we have enough room to decrypt the packet.
* Note that for our test we only subtract 1 byte whereas in
* mppe_compress() we added 2 bytes (+MPPE_OVHD);
* this is to account for possible PFC.
*/
if (osize < isize - MPPE_OVHD - 1) {
printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! "
"(have: %d need: %d)\n", state->unit,
osize, isize - MPPE_OVHD - 1);
return DECOMP_ERROR;
}
osize = isize - MPPE_OVHD - 2; /* assume no PFC */
ccount = MPPE_CCOUNT(ibuf);
if (state->debug >= 7)
printk(KERN_DEBUG "mppe_decompress[%d]: ccount %d\n",
state->unit, ccount);
/* sanity checks -- terminate with extreme prejudice */
if (!(MPPE_BITS(ibuf) & MPPE_BIT_ENCRYPTED)) {
printk(KERN_DEBUG
"mppe_decompress[%d]: ENCRYPTED bit not set!\n",
state->unit);
state->sanity_errors += 100;
sanity = 1;
}
if (!state->stateful && !flushed) {
printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set in "
"stateless mode!\n", state->unit);
state->sanity_errors += 100;
sanity = 1;
}
if (state->stateful && ((ccount & 0xff) == 0xff) && !flushed) {
printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set on "
"flag packet!\n", state->unit);
state->sanity_errors += 100;
sanity = 1;
}
if (sanity) {
if (state->sanity_errors < SANITY_MAX)
return DECOMP_ERROR;
else
/*
* Take LCP down if the peer is sending too many bogons.
* We don't want to do this for a single or just a few
* instances since it could just be due to packet corruption.
*/
return DECOMP_FATALERROR;
}
/*
* Check the coherency count.
*/
if (!state->stateful) {
/* RFC 3078, sec 8.1. Rekey for every packet. */
while (state->ccount != ccount) {
mppe_rekey(state, 0);
state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
}
} else {
/* RFC 3078, sec 8.2. */
if (!state->discard) {
/* normal state */
state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
if (ccount != state->ccount) {
/*
* (ccount > state->ccount)
* Packet loss detected, enter the discard state.
* Signal the peer to rekey (by sending a CCP Reset-Request).
*/
state->discard = 1;
return DECOMP_ERROR;
}
} else {
/* discard state */
if (!flushed) {
/* ccp.c will be silent (no additional CCP Reset-Requests). */
return DECOMP_ERROR;
} else {
/* Rekey for every missed "flag" packet. */
while ((ccount & ~0xff) !=
(state->ccount & ~0xff)) {
mppe_rekey(state, 0);
state->ccount =
(state->ccount +
256) % MPPE_CCOUNT_SPACE;
}
/* reset */
state->discard = 0;
state->ccount = ccount;
/*
* Another problem with RFC 3078 here. It implies that the
* peer need not send a Reset-Ack packet. But RFC 1962
* requires it. Hopefully, M$ does send a Reset-Ack; even
* though it isn't required for MPPE synchronization, it is
* required to reset CCP state.
*/
}
}
if (flushed)
mppe_rekey(state, 0);
}
/*
* Fill in the first part of the PPP header. The protocol field
* comes from the decrypted data.
*/
obuf[0] = PPP_ADDRESS(ibuf); /* +1 */
obuf[1] = PPP_CONTROL(ibuf); /* +1 */
obuf += 2;
ibuf += PPP_HDRLEN + MPPE_OVHD;
isize -= PPP_HDRLEN + MPPE_OVHD; /* -6 */
/* net osize: isize-4 */
/*
* Decrypt the first byte in order to check if it is
* a compressed or uncompressed protocol field.
*/
sg_init_table(sg_in, 1);
sg_init_table(sg_out, 1);
setup_sg(sg_in, ibuf, 1);
setup_sg(sg_out, obuf, 1);
if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, 1) != 0) {
printk(KERN_DEBUG "crypto_cypher_decrypt failed\n");
return DECOMP_ERROR;
}
/*
* Do PFC decompression.
* This would be nicer if we were given the actual sk_buff
* instead of a char *.
*/
if ((obuf[0] & 0x01) != 0) {
obuf[1] = obuf[0];
obuf[0] = 0;
obuf++;
osize++;
}
/* And finally, decrypt the rest of the packet. */
setup_sg(sg_in, ibuf + 1, isize - 1);
setup_sg(sg_out, obuf + 1, osize - 1);
if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, isize - 1)) {
printk(KERN_DEBUG "crypto_cypher_decrypt failed\n");
return DECOMP_ERROR;
}
state->stats.unc_bytes += osize;
state->stats.unc_packets++;
state->stats.comp_bytes += isize;
state->stats.comp_packets++;
/* good packet credit */
state->sanity_errors >>= 1;
return osize;
}
/*
* Incompressible data has arrived (this should never happen!).
* We should probably drop the link if the protocol is in the range
* of what should be encrypted. At the least, we should drop this
* packet. (How to do this?)
*/
static void mppe_incomp(void *arg, unsigned char *ibuf, int icnt)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
if (state->debug &&
(PPP_PROTOCOL(ibuf) >= 0x0021 && PPP_PROTOCOL(ibuf) <= 0x00fa))
printk(KERN_DEBUG
"mppe_incomp[%d]: incompressible (unencrypted) data! "
"(proto %04x)\n", state->unit, PPP_PROTOCOL(ibuf));
state->stats.inc_bytes += icnt;
state->stats.inc_packets++;
state->stats.unc_bytes += icnt;
state->stats.unc_packets++;
}
/*************************************************************
* Module interface table
*************************************************************/
/*
* Procedures exported to if_ppp.c.
*/
static struct compressor ppp_mppe = {
.compress_proto = CI_MPPE,
.comp_alloc = mppe_alloc,
.comp_free = mppe_free,
.comp_init = mppe_comp_init,
.comp_reset = mppe_comp_reset,
.compress = mppe_compress,
.comp_stat = mppe_comp_stats,
.decomp_alloc = mppe_alloc,
.decomp_free = mppe_free,
.decomp_init = mppe_decomp_init,
.decomp_reset = mppe_decomp_reset,
.decompress = mppe_decompress,
.incomp = mppe_incomp,
.decomp_stat = mppe_comp_stats,
.owner = THIS_MODULE,
.comp_extra = MPPE_PAD,
};
/*
* ppp_mppe_init()
*
* Prior to allowing load, try to load the arc4 and sha1 crypto
* libraries. The actual use will be allocated later, but
* this way the module will fail to insmod if they aren't available.
*/
static int __init ppp_mppe_init(void)
{
int answer;
if (!(crypto_has_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) &&
crypto_has_hash("sha1", 0, CRYPTO_ALG_ASYNC)))
return -ENODEV;
sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL);
if (!sha_pad)
return -ENOMEM;
sha_pad_init(sha_pad);
answer = ppp_register_compressor(&ppp_mppe);
if (answer == 0)
printk(KERN_INFO "PPP MPPE Compression module registered\n");
else
kfree(sha_pad);
return answer;
}
static void __exit ppp_mppe_cleanup(void)
{
ppp_unregister_compressor(&ppp_mppe);
kfree(sha_pad);
}
module_init(ppp_mppe_init);
module_exit(ppp_mppe_cleanup);
/*
* Get a packet to send. This procedure is intended to be called at
* splsoftnet, since it may involve time-consuming operations such as
* applying VJ compression, packet compression, address/control and/or
* protocol field compression to the packet.
*/
struct mbuf *
ppp_dequeue(struct ppp_softc *sc)
{
struct mbuf *m, *mp;
u_char *cp;
int address, control, protocol;
/*
* Grab a packet to send: first try the fast queue, then the
* normal queue.
*/
IF_DEQUEUE(&sc->sc_fastq, m);
if (m == NULL)
m = ifsq_dequeue(ifq_get_subq_default(&sc->sc_if.if_snd));
if (m == NULL)
return NULL;
++sc->sc_stats.ppp_opackets;
/*
* Extract the ppp header of the new packet.
* The ppp header will be in one mbuf.
*/
cp = mtod(m, u_char *);
address = PPP_ADDRESS(cp);
control = PPP_CONTROL(cp);
protocol = PPP_PROTOCOL(cp);
switch (protocol) {
case PPP_IP:
#ifdef VJC
/*
* If the packet is a TCP/IP packet, see if we can compress it.
*/
if ((sc->sc_flags & SC_COMP_TCP) && sc->sc_comp != NULL) {
struct ip *ip;
int type;
mp = m;
ip = (struct ip *) (cp + PPP_HDRLEN);
if (mp->m_len <= PPP_HDRLEN) {
mp = mp->m_next;
if (mp == NULL)
break;
ip = mtod(mp, struct ip *);
}
/* this code assumes the IP/TCP header is in one non-shared mbuf */
if (ip->ip_p == IPPROTO_TCP) {
type = sl_compress_tcp(mp, ip, sc->sc_comp,
!(sc->sc_flags & SC_NO_TCP_CCID));
switch (type) {
case TYPE_UNCOMPRESSED_TCP:
protocol = PPP_VJC_UNCOMP;
break;
case TYPE_COMPRESSED_TCP:
protocol = PPP_VJC_COMP;
cp = mtod(m, u_char *);
cp[0] = address; /* header has moved */
cp[1] = control;
cp[2] = 0;
break;
}
cp[3] = protocol; /* update protocol in PPP header */
}
}
/*
* Queue a packet. Start transmission if not active.
* Packet is placed in Information field of PPP frame.
* Called at splnet as the if->if_output handler.
* Called at splnet from pppwrite().
*/
static int
pppoutput_serialized(struct ifnet *ifp, struct ifaltq_subque *ifsq,
struct mbuf *m0, struct sockaddr *dst, struct rtentry *rtp)
{
struct ppp_softc *sc = &ppp_softc[ifp->if_dunit];
int protocol, address, control;
u_char *cp;
int error;
#ifdef INET
struct ip *ip;
#endif
struct ifqueue *ifq;
enum NPmode mode;
int len;
struct mbuf *m;
struct altq_pktattr pktattr;
if (sc->sc_devp == NULL || (ifp->if_flags & IFF_RUNNING) == 0
|| ((ifp->if_flags & IFF_UP) == 0 && dst->sa_family != AF_UNSPEC)) {
error = ENETDOWN; /* sort of */
goto bad;
}
ifq_classify(&ifp->if_snd, m0, dst->sa_family, &pktattr);
/*
* Compute PPP header.
*/
m0->m_flags &= ~M_HIGHPRI;
switch (dst->sa_family) {
#ifdef INET
case AF_INET:
address = PPP_ALLSTATIONS;
control = PPP_UI;
protocol = PPP_IP;
mode = sc->sc_npmode[NP_IP];
/*
* If this packet has the "low delay" bit set in the IP header,
* put it on the fastq instead.
*/
ip = mtod(m0, struct ip *);
if (ip->ip_tos & IPTOS_LOWDELAY)
m0->m_flags |= M_HIGHPRI;
break;
#endif
#ifdef IPX
case AF_IPX:
/*
* This is pretty bogus.. We dont have an ipxcp module in pppd
* yet to configure the link parameters. Sigh. I guess a
* manual ifconfig would do.... -Peter
*/
address = PPP_ALLSTATIONS;
control = PPP_UI;
protocol = PPP_IPX;
mode = NPMODE_PASS;
break;
#endif
case AF_UNSPEC:
address = PPP_ADDRESS(dst->sa_data);
control = PPP_CONTROL(dst->sa_data);
protocol = PPP_PROTOCOL(dst->sa_data);
mode = NPMODE_PASS;
break;
default:
kprintf("%s: af%d not supported\n", ifp->if_xname, dst->sa_family);
error = EAFNOSUPPORT;
goto bad;
}
/*
* Drop this packet, or return an error, if necessary.
*/
if (mode == NPMODE_ERROR) {
error = ENETDOWN;
goto bad;
}
if (mode == NPMODE_DROP) {
error = 0;
goto bad;
}
/*
* Add PPP header. If no space in first mbuf, allocate another.
* (This assumes M_LEADINGSPACE is always 0 for a cluster mbuf.)
*/
if (M_LEADINGSPACE(m0) < PPP_HDRLEN) {
m0 = m_prepend(m0, PPP_HDRLEN, MB_DONTWAIT);
if (m0 == NULL) {
error = ENOBUFS;
goto bad;
}
m0->m_len = 0;
} else
m0->m_data -= PPP_HDRLEN;
cp = mtod(m0, u_char *);
*cp++ = address;
*cp++ = control;
*cp++ = protocol >> 8;
*cp++ = protocol & 0xff;
m0->m_len += PPP_HDRLEN;
len = 0;
for (m = m0; m != NULL; m = m->m_next)
len += m->m_len;
if (sc->sc_flags & SC_LOG_OUTPKT) {
kprintf("%s output: ", ifp->if_xname);
pppdumpm(m0);
}
if ((protocol & 0x8000) == 0) {
#ifdef PPP_FILTER
/*
* Apply the pass and active filters to the packet,
* but only if it is a data packet.
*/
*mtod(m0, u_char *) = 1; /* indicates outbound */
if (sc->sc_pass_filt.bf_insns != NULL
&& bpf_filter(sc->sc_pass_filt.bf_insns, (u_char *) m0,
len, 0) == 0) {
error = 0; /* drop this packet */
goto bad;
}
/*
* Update the time we sent the most recent packet.
*/
if (sc->sc_active_filt.bf_insns == NULL
|| bpf_filter(sc->sc_active_filt.bf_insns, (u_char *) m0, len, 0))
sc->sc_last_sent = time_uptime;
*mtod(m0, u_char *) = address;
#else
/*
* Update the time we sent the most recent data packet.
*/
sc->sc_last_sent = time_uptime;
#endif /* PPP_FILTER */
}
BPF_MTAP(ifp, m0);
/*
* Put the packet on the appropriate queue.
*/
crit_enter();
if (mode == NPMODE_QUEUE) {
/* XXX we should limit the number of packets on this queue */
*sc->sc_npqtail = m0;
m0->m_nextpkt = NULL;
sc->sc_npqtail = &m0->m_nextpkt;
} else {
/* fastq and if_snd are emptied at spl[soft]net now */
if ((m0->m_flags & M_HIGHPRI) && !ifq_is_enabled(&sc->sc_if.if_snd)) {
ifq = &sc->sc_fastq;
if (IF_QFULL(ifq) && dst->sa_family != AF_UNSPEC) {
IF_DROP(ifq);
m_freem(m0);
error = ENOBUFS;
} else {
IF_ENQUEUE(ifq, m0);
error = 0;
}
} else {
ASSERT_ALTQ_SQ_SERIALIZED_HW(ifsq);
error = ifsq_enqueue(ifsq, m0, &pktattr);
}
if (error) {
crit_exit();
IFNET_STAT_INC(&sc->sc_if, oerrors, 1);
sc->sc_stats.ppp_oerrors++;
return (error);
}
(*sc->sc_start)(sc);
}
getmicrotime(&ifp->if_lastchange);
IFNET_STAT_INC(ifp, opackets, 1);
IFNET_STAT_INC(ifp, obytes, len);
crit_exit();
return (0);
bad:
m_freem(m0);
return (error);
}
/**
* z_compress - compress a PPP packet with Deflate compression.
* @arg: pointer to private state for the compressor
* @rptr: uncompressed packet (input)
* @obuf: compressed packet (output)
* @isize: size of uncompressed packet
* @osize: space available at @obuf
*
* Returns the length of the compressed packet, or 0 if the
* packet is incompressible.
*/
static int z_compress(void *arg, unsigned char *rptr, unsigned char *obuf,
int isize, int osize)
{
struct ppp_deflate_state *state = (struct ppp_deflate_state *) arg;
int r, proto, off, olen, oavail;
unsigned char *wptr;
/*
* Check that the protocol is in the range we handle.
*/
proto = PPP_PROTOCOL(rptr);
if (proto > 0x3fff || proto == 0xfd || proto == 0xfb)
return 0;
/* Don't generate compressed packets which are larger than
the uncompressed packet. */
if (osize > isize)
osize = isize;
wptr = obuf;
/*
* Copy over the PPP header and store the 2-byte sequence number.
*/
wptr[0] = PPP_ADDRESS(rptr);
wptr[1] = PPP_CONTROL(rptr);
wptr[2] = PPP_COMP >> 8;
wptr[3] = PPP_COMP;
wptr += PPP_HDRLEN;
wptr[0] = state->seqno >> 8;
wptr[1] = state->seqno;
wptr += DEFLATE_OVHD;
olen = PPP_HDRLEN + DEFLATE_OVHD;
state->strm.next_out = wptr;
state->strm.avail_out = oavail = osize - olen;
++state->seqno;
off = (proto > 0xff) ? 2 : 3; /* skip 1st proto byte if 0 */
rptr += off;
state->strm.next_in = rptr;
state->strm.avail_in = (isize - off);
for (;;) {
r = zlib_deflate(&state->strm, Z_PACKET_FLUSH);
if (r != Z_OK) {
if (state->debug)
printk(KERN_ERR
"z_compress: deflate returned %d\n", r);
break;
}
if (state->strm.avail_out == 0) {
olen += oavail;
state->strm.next_out = NULL;
state->strm.avail_out = oavail = 1000000;
} else {
break; /* all done */
}
}
olen += oavail - state->strm.avail_out;
/*
* See if we managed to reduce the size of the packet.
*/
if (olen < isize) {
state->stats.comp_bytes += olen;
state->stats.comp_packets++;
} else {
state->stats.inc_bytes += isize;
state->stats.inc_packets++;
olen = 0;
}
state->stats.unc_bytes += isize;
state->stats.unc_packets++;
return olen;
}
/*
* Queue a packet. Start transmission if not active.
* Packet is placed in Information field of PPP frame.
*/
int
pppoutput(struct ifnet *ifp, struct mbuf *m0, struct sockaddr *dst,
struct rtentry *rtp)
{
struct ppp_softc *sc = ifp->if_softc;
int protocol, address, control;
u_char *cp;
int s, error;
struct ip *ip;
struct ifqueue *ifq;
enum NPmode mode;
int len;
if (sc->sc_devp == NULL || (ifp->if_flags & IFF_RUNNING) == 0
|| ((ifp->if_flags & IFF_UP) == 0 && dst->sa_family != AF_UNSPEC)) {
error = ENETDOWN; /* sort of */
goto bad;
}
#ifdef DIAGNOSTIC
if (ifp->if_rdomain != rtable_l2(m0->m_pkthdr.ph_rtableid)) {
printf("%s: trying to send packet on wrong domain. "
"if %d vs. mbuf %d, AF %d\n", ifp->if_xname, ifp->if_rdomain,
rtable_l2(m0->m_pkthdr.ph_rtableid), dst->sa_family);
}
#endif
/*
* Compute PPP header.
*/
m0->m_flags &= ~M_HIGHPRI;
switch (dst->sa_family) {
#ifdef INET
case AF_INET:
address = PPP_ALLSTATIONS;
control = PPP_UI;
protocol = PPP_IP;
mode = sc->sc_npmode[NP_IP];
/*
* If this packet has the "low delay" bit set in the IP header,
* put it on the fastq instead.
*/
ip = mtod(m0, struct ip *);
if (ip->ip_tos & IPTOS_LOWDELAY)
m0->m_flags |= M_HIGHPRI;
break;
#endif
case AF_UNSPEC:
address = PPP_ADDRESS(dst->sa_data);
control = PPP_CONTROL(dst->sa_data);
protocol = PPP_PROTOCOL(dst->sa_data);
mode = NPMODE_PASS;
break;
default:
printf("%s: af%d not supported\n", ifp->if_xname, dst->sa_family);
error = EAFNOSUPPORT;
goto bad;
}
/*
* Drop this packet, or return an error, if necessary.
*/
if (mode == NPMODE_ERROR) {
error = ENETDOWN;
goto bad;
}
if (mode == NPMODE_DROP) {
error = 0;
goto bad;
}
/*
* Add PPP header. If no space in first mbuf, allocate another.
* (This assumes M_LEADINGSPACE is always 0 for a cluster mbuf.)
*/
M_PREPEND(m0, PPP_HDRLEN, M_DONTWAIT);
if (m0 == 0) {
error = ENOBUFS;
goto bad;
}
cp = mtod(m0, u_char *);
*cp++ = address;
*cp++ = control;
*cp++ = protocol >> 8;
*cp++ = protocol & 0xff;
if ((m0->m_flags & M_PKTHDR) == 0)
panic("mbuf packet without packet header!");
len = m0->m_pkthdr.len;
if (sc->sc_flags & SC_LOG_OUTPKT) {
printf("%s output: ", ifp->if_xname);
pppdumpm(m0);
}
if ((protocol & 0x8000) == 0) {
#if NBPFILTER > 0
/*
* Apply the pass and active filters to the packet,
* but only if it is a data packet.
*/
*mtod(m0, u_char *) = 1; /* indicates outbound */
if (sc->sc_pass_filt.bf_insns != 0
&& bpf_filter(sc->sc_pass_filt.bf_insns, (u_char *) m0,
len, 0) == 0) {
error = 0; /* drop this packet */
goto bad;
}
/*
* Update the time we sent the most recent packet.
*/
if (sc->sc_active_filt.bf_insns == 0
|| bpf_filter(sc->sc_active_filt.bf_insns, (u_char *) m0, len, 0))
sc->sc_last_sent = time_second;
*mtod(m0, u_char *) = address;
#else
/*
* Update the time we sent the most recent packet.
*/
sc->sc_last_sent = time_second;
#endif
}
#if NBPFILTER > 0
/*
* See if bpf wants to look at the packet.
*/
if (sc->sc_bpf)
bpf_mtap(sc->sc_bpf, m0, BPF_DIRECTION_OUT);
#endif
/*
* Put the packet on the appropriate queue.
*/
s = splsoftnet();
if (mode == NPMODE_QUEUE) {
/* XXX we should limit the number of packets on this queue */
*sc->sc_npqtail = m0;
m0->m_nextpkt = NULL;
sc->sc_npqtail = &m0->m_nextpkt;
} else {
if (m0->m_flags & M_HIGHPRI) {
ifq = &sc->sc_fastq;
if (IF_QFULL(ifq) && dst->sa_family != AF_UNSPEC) {
IF_DROP(ifq);
m_freem(m0);
error = ENOBUFS;
}
else {
IF_ENQUEUE(ifq, m0);
error = 0;
}
} else
IFQ_ENQUEUE(&sc->sc_if.if_snd, m0, NULL, error);
if (error) {
splx(s);
sc->sc_if.if_oerrors++;
sc->sc_stats.ppp_oerrors++;
return (error);
}
(*sc->sc_start)(sc);
}
ifp->if_opackets++;
ifp->if_obytes += len;
splx(s);
return (0);
bad:
m_freem(m0);
return (error);
}
/*
* Compress (encrypt) a packet.
* It's strange to call this a compressor, since the output is always
* MPPE_OVHD + 2 bytes larger than the input.
*/
static int
mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
int isize, int osize)
{
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
int proto;
struct scatterlist sg_in[1], sg_out[1];
/*
* Check that the protocol is in the range we handle.
*/
proto = PPP_PROTOCOL(ibuf);
if (proto < 0x0021 || proto > 0x00fa)
return 0;
/* Make sure we have enough room to generate an encrypted packet. */
if (osize < isize + MPPE_OVHD + 2) {
/* Drop the packet if we should encrypt it, but can't. */
printk(KERN_DEBUG "mppe_compress[%d]: osize too small! "
"(have: %d need: %d)\n", state->unit,
osize, osize + MPPE_OVHD + 2);
return -1;
}
osize = isize + MPPE_OVHD + 2;
/*
* Copy over the PPP header and set control bits.
*/
obuf[0] = PPP_ADDRESS(ibuf);
obuf[1] = PPP_CONTROL(ibuf);
obuf[2] = PPP_COMP >> 8; /* isize + MPPE_OVHD + 1 */
obuf[3] = PPP_COMP; /* isize + MPPE_OVHD + 2 */
obuf += PPP_HDRLEN;
state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
if (state->debug >= 7)
printk(KERN_DEBUG "mppe_compress[%d]: ccount %d\n", state->unit,
state->ccount);
obuf[0] = state->ccount >> 8;
obuf[1] = state->ccount & 0xff;
if (!state->stateful || /* stateless mode */
((state->ccount & 0xff) == 0xff) || /* "flag" packet */
(state->bits & MPPE_BIT_FLUSHED)) { /* CCP Reset-Request */
/* We must rekey */
if (state->debug && state->stateful)
printk(KERN_DEBUG "mppe_compress[%d]: rekeying\n",
state->unit);
mppe_rekey(state, 0);
state->bits |= MPPE_BIT_FLUSHED;
}
obuf[0] |= state->bits;
state->bits &= ~MPPE_BIT_FLUSHED; /* reset for next xmit */
obuf += MPPE_OVHD;
ibuf += 2; /* skip to proto field */
isize -= 2;
/* Encrypt packet */
setup_sg(sg_in, ibuf, isize);
setup_sg(sg_out, obuf, osize);
if (crypto_cipher_encrypt(state->arc4, sg_out, sg_in, isize) != 0) {
printk(KERN_DEBUG "crypto_cypher_encrypt failed\n");
return -1;
}
state->stats.unc_bytes += isize;
state->stats.unc_packets++;
state->stats.comp_bytes += osize;
state->stats.comp_packets++;
return osize;
}
static int z_compress(void *arg, unsigned char *rptr, unsigned char *obuf,
int isize, int osize)
{
struct ppp_deflate_state *state = (struct ppp_deflate_state *) arg;
int r, proto, off, olen, oavail;
unsigned char *wptr;
/*
*/
proto = PPP_PROTOCOL(rptr);
if (proto > 0x3fff || proto == 0xfd || proto == 0xfb)
return 0;
/*
*/
if (osize > isize)
osize = isize;
wptr = obuf;
/*
*/
wptr[0] = PPP_ADDRESS(rptr);
wptr[1] = PPP_CONTROL(rptr);
put_unaligned_be16(PPP_COMP, wptr + 2);
wptr += PPP_HDRLEN;
put_unaligned_be16(state->seqno, wptr);
wptr += DEFLATE_OVHD;
olen = PPP_HDRLEN + DEFLATE_OVHD;
state->strm.next_out = wptr;
state->strm.avail_out = oavail = osize - olen;
++state->seqno;
off = (proto > 0xff) ? 2 : 3; /* */
rptr += off;
state->strm.next_in = rptr;
state->strm.avail_in = (isize - off);
for (;;) {
r = zlib_deflate(&state->strm, Z_PACKET_FLUSH);
if (r != Z_OK) {
if (state->debug)
printk(KERN_ERR
"z_compress: deflate returned %d\n", r);
break;
}
if (state->strm.avail_out == 0) {
olen += oavail;
state->strm.next_out = NULL;
state->strm.avail_out = oavail = 1000000;
} else {
break; /* */
}
}
olen += oavail - state->strm.avail_out;
/*
*/
if (olen < isize) {
state->stats.comp_bytes += olen;
state->stats.comp_packets++;
} else {
state->stats.inc_bytes += isize;
state->stats.inc_packets++;
olen = 0;
}
state->stats.unc_bytes += isize;
state->stats.unc_packets++;
return olen;
}
static enum flow_dissect_ret
__skb_flow_dissect_gre(const struct sk_buff *skb,
struct flow_dissector_key_control *key_control,
struct flow_dissector *flow_dissector,
void *target_container, void *data,
__be16 *p_proto, int *p_nhoff, int *p_hlen,
unsigned int flags)
{
struct flow_dissector_key_keyid *key_keyid;
struct gre_base_hdr *hdr, _hdr;
int offset = 0;
u16 gre_ver;
hdr = __skb_header_pointer(skb, *p_nhoff, sizeof(_hdr),
data, *p_hlen, &_hdr);
if (!hdr)
return FLOW_DISSECT_RET_OUT_BAD;
/* Only look inside GRE without routing */
if (hdr->flags & GRE_ROUTING)
return FLOW_DISSECT_RET_OUT_GOOD;
/* Only look inside GRE for version 0 and 1 */
gre_ver = ntohs(hdr->flags & GRE_VERSION);
if (gre_ver > 1)
return FLOW_DISSECT_RET_OUT_GOOD;
*p_proto = hdr->protocol;
if (gre_ver) {
/* Version1 must be PPTP, and check the flags */
if (!(*p_proto == GRE_PROTO_PPP && (hdr->flags & GRE_KEY)))
return FLOW_DISSECT_RET_OUT_GOOD;
}
offset += sizeof(struct gre_base_hdr);
if (hdr->flags & GRE_CSUM)
offset += sizeof(((struct gre_full_hdr *) 0)->csum) +
sizeof(((struct gre_full_hdr *) 0)->reserved1);
if (hdr->flags & GRE_KEY) {
const __be32 *keyid;
__be32 _keyid;
keyid = __skb_header_pointer(skb, *p_nhoff + offset,
sizeof(_keyid),
data, *p_hlen, &_keyid);
if (!keyid)
return FLOW_DISSECT_RET_OUT_BAD;
if (dissector_uses_key(flow_dissector,
FLOW_DISSECTOR_KEY_GRE_KEYID)) {
key_keyid = skb_flow_dissector_target(flow_dissector,
FLOW_DISSECTOR_KEY_GRE_KEYID,
target_container);
if (gre_ver == 0)
key_keyid->keyid = *keyid;
else
key_keyid->keyid = *keyid & GRE_PPTP_KEY_MASK;
}
offset += sizeof(((struct gre_full_hdr *) 0)->key);
}
if (hdr->flags & GRE_SEQ)
offset += sizeof(((struct pptp_gre_header *) 0)->seq);
if (gre_ver == 0) {
if (*p_proto == htons(ETH_P_TEB)) {
const struct ethhdr *eth;
struct ethhdr _eth;
eth = __skb_header_pointer(skb, *p_nhoff + offset,
sizeof(_eth),
data, *p_hlen, &_eth);
if (!eth)
return FLOW_DISSECT_RET_OUT_BAD;
*p_proto = eth->h_proto;
offset += sizeof(*eth);
/* Cap headers that we access via pointers at the
* end of the Ethernet header as our maximum alignment
* at that point is only 2 bytes.
*/
if (NET_IP_ALIGN)
*p_hlen = *p_nhoff + offset;
}
} else { /* version 1, must be PPTP */
u8 _ppp_hdr[PPP_HDRLEN];
u8 *ppp_hdr;
if (hdr->flags & GRE_ACK)
offset += sizeof(((struct pptp_gre_header *) 0)->ack);
ppp_hdr = __skb_header_pointer(skb, *p_nhoff + offset,
sizeof(_ppp_hdr),
data, *p_hlen, _ppp_hdr);
if (!ppp_hdr)
return FLOW_DISSECT_RET_OUT_BAD;
switch (PPP_PROTOCOL(ppp_hdr)) {
case PPP_IP:
*p_proto = htons(ETH_P_IP);
break;
case PPP_IPV6:
*p_proto = htons(ETH_P_IPV6);
break;
default:
/* Could probably catch some more like MPLS */
break;
}
offset += PPP_HDRLEN;
}
*p_nhoff += offset;
key_control->flags |= FLOW_DIS_ENCAPSULATION;
if (flags & FLOW_DISSECTOR_F_STOP_AT_ENCAP)
return FLOW_DISSECT_RET_OUT_GOOD;
return FLOW_DISSECT_RET_OUT_PROTO_AGAIN;
}