PageRenderTime 124ms CodeModel.GetById 16ms app.highlight 92ms RepoModel.GetById 1ms app.codeStats 1ms

/drivers/isdn/i4l/isdn_ppp.c

http://github.com/mirrors/linux
C | 3041 lines | 2305 code | 331 blank | 405 comment | 545 complexity | 84c300f5e583d04c0595ce8c1adceca5 MD5 | raw file

Large files files are truncated, but you can click here to view the full file

   1/* $Id: isdn_ppp.c,v 1.1.2.3 2004/02/10 01:07:13 keil Exp $
   2 *
   3 * Linux ISDN subsystem, functions for synchronous PPP (linklevel).
   4 *
   5 * Copyright 1995,96 by Michael Hipp (Michael.Hipp@student.uni-tuebingen.de)
   6 *
   7 * This software may be used and distributed according to the terms
   8 * of the GNU General Public License, incorporated herein by reference.
   9 *
  10 */
  11
  12#include <linux/isdn.h>
  13#include <linux/poll.h>
  14#include <linux/ppp-comp.h>
  15#include <linux/slab.h>
  16#ifdef CONFIG_IPPP_FILTER
  17#include <linux/filter.h>
  18#endif
  19
  20#include "isdn_common.h"
  21#include "isdn_ppp.h"
  22#include "isdn_net.h"
  23
  24#ifndef PPP_IPX
  25#define PPP_IPX 0x002b
  26#endif
  27
  28/* Prototypes */
  29static int isdn_ppp_fill_rq(unsigned char *buf, int len, int proto, int slot);
  30static int isdn_ppp_closewait(int slot);
  31static void isdn_ppp_push_higher(isdn_net_dev *net_dev, isdn_net_local *lp,
  32				 struct sk_buff *skb, int proto);
  33static int isdn_ppp_if_get_unit(char *namebuf);
  34static int isdn_ppp_set_compressor(struct ippp_struct *is, struct isdn_ppp_comp_data *);
  35static struct sk_buff *isdn_ppp_decompress(struct sk_buff *,
  36					   struct ippp_struct *, struct ippp_struct *, int *proto);
  37static void isdn_ppp_receive_ccp(isdn_net_dev *net_dev, isdn_net_local *lp,
  38				 struct sk_buff *skb, int proto);
  39static struct sk_buff *isdn_ppp_compress(struct sk_buff *skb_in, int *proto,
  40					 struct ippp_struct *is, struct ippp_struct *master, int type);
  41static void isdn_ppp_send_ccp(isdn_net_dev *net_dev, isdn_net_local *lp,
  42			      struct sk_buff *skb);
  43
  44/* New CCP stuff */
  45static void isdn_ppp_ccp_kickup(struct ippp_struct *is);
  46static void isdn_ppp_ccp_xmit_reset(struct ippp_struct *is, int proto,
  47				    unsigned char code, unsigned char id,
  48				    unsigned char *data, int len);
  49static struct ippp_ccp_reset *isdn_ppp_ccp_reset_alloc(struct ippp_struct *is);
  50static void isdn_ppp_ccp_reset_free(struct ippp_struct *is);
  51static void isdn_ppp_ccp_reset_free_state(struct ippp_struct *is,
  52					  unsigned char id);
  53static void isdn_ppp_ccp_timer_callback(unsigned long closure);
  54static struct ippp_ccp_reset_state *isdn_ppp_ccp_reset_alloc_state(struct ippp_struct *is,
  55								   unsigned char id);
  56static void isdn_ppp_ccp_reset_trans(struct ippp_struct *is,
  57				     struct isdn_ppp_resetparams *rp);
  58static void isdn_ppp_ccp_reset_ack_rcvd(struct ippp_struct *is,
  59					unsigned char id);
  60
  61
  62
  63#ifdef CONFIG_ISDN_MPP
  64static ippp_bundle *isdn_ppp_bundle_arr = NULL;
  65
  66static int isdn_ppp_mp_bundle_array_init(void);
  67static int isdn_ppp_mp_init(isdn_net_local *lp, ippp_bundle *add_to);
  68static void isdn_ppp_mp_receive(isdn_net_dev *net_dev, isdn_net_local *lp,
  69				struct sk_buff *skb);
  70static void isdn_ppp_mp_cleanup(isdn_net_local *lp);
  71
  72static int isdn_ppp_bundle(struct ippp_struct *, int unit);
  73#endif	/* CONFIG_ISDN_MPP */
  74
  75char *isdn_ppp_revision = "$Revision: 1.1.2.3 $";
  76
  77static struct ippp_struct *ippp_table[ISDN_MAX_CHANNELS];
  78
  79static struct isdn_ppp_compressor *ipc_head = NULL;
  80
  81/*
  82 * frame log (debug)
  83 */
  84static void
  85isdn_ppp_frame_log(char *info, char *data, int len, int maxlen, int unit, int slot)
  86{
  87	int cnt,
  88		j,
  89		i;
  90	char buf[80];
  91
  92	if (len < maxlen)
  93		maxlen = len;
  94
  95	for (i = 0, cnt = 0; cnt < maxlen; i++) {
  96		for (j = 0; j < 16 && cnt < maxlen; j++, cnt++)
  97			sprintf(buf + j * 3, "%02x ", (unsigned char)data[cnt]);
  98		printk(KERN_DEBUG "[%d/%d].%s[%d]: %s\n", unit, slot, info, i, buf);
  99	}
 100}
 101
 102/*
 103 * unbind isdn_net_local <=> ippp-device
 104 * note: it can happen, that we hangup/free the master before the slaves
 105 *       in this case we bind another lp to the master device
 106 */
 107int
 108isdn_ppp_free(isdn_net_local *lp)
 109{
 110	struct ippp_struct *is;
 111
 112	if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
 113		printk(KERN_ERR "%s: ppp_slot(%d) out of range\n",
 114		       __func__, lp->ppp_slot);
 115		return 0;
 116	}
 117
 118#ifdef CONFIG_ISDN_MPP
 119	spin_lock(&lp->netdev->pb->lock);
 120#endif
 121	isdn_net_rm_from_bundle(lp);
 122#ifdef CONFIG_ISDN_MPP
 123	if (lp->netdev->pb->ref_ct == 1)	/* last link in queue? */
 124		isdn_ppp_mp_cleanup(lp);
 125
 126	lp->netdev->pb->ref_ct--;
 127	spin_unlock(&lp->netdev->pb->lock);
 128#endif /* CONFIG_ISDN_MPP */
 129	if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
 130		printk(KERN_ERR "%s: ppp_slot(%d) now invalid\n",
 131		       __func__, lp->ppp_slot);
 132		return 0;
 133	}
 134	is = ippp_table[lp->ppp_slot];
 135	if ((is->state & IPPP_CONNECT))
 136		isdn_ppp_closewait(lp->ppp_slot);	/* force wakeup on ippp device */
 137	else if (is->state & IPPP_ASSIGNED)
 138		is->state = IPPP_OPEN;	/* fallback to 'OPEN but not ASSIGNED' state */
 139
 140	if (is->debug & 0x1)
 141		printk(KERN_DEBUG "isdn_ppp_free %d %lx %lx\n", lp->ppp_slot, (long) lp, (long) is->lp);
 142
 143	is->lp = NULL;          /* link is down .. set lp to NULL */
 144	lp->ppp_slot = -1;      /* is this OK ?? */
 145
 146	return 0;
 147}
 148
 149/*
 150 * bind isdn_net_local <=> ippp-device
 151 *
 152 * This function is allways called with holding dev->lock so
 153 * no additional lock is needed
 154 */
 155int
 156isdn_ppp_bind(isdn_net_local *lp)
 157{
 158	int i;
 159	int unit = 0;
 160	struct ippp_struct *is;
 161	int retval;
 162
 163	if (lp->pppbind < 0) {  /* device bounded to ippp device ? */
 164		isdn_net_dev *net_dev = dev->netdev;
 165		char exclusive[ISDN_MAX_CHANNELS];	/* exclusive flags */
 166		memset(exclusive, 0, ISDN_MAX_CHANNELS);
 167		while (net_dev) {	/* step through net devices to find exclusive minors */
 168			isdn_net_local *lp = net_dev->local;
 169			if (lp->pppbind >= 0)
 170				exclusive[lp->pppbind] = 1;
 171			net_dev = net_dev->next;
 172		}
 173		/*
 174		 * search a free device / slot
 175		 */
 176		for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
 177			if (ippp_table[i]->state == IPPP_OPEN && !exclusive[ippp_table[i]->minor]) {	/* OPEN, but not connected! */
 178				break;
 179			}
 180		}
 181	} else {
 182		for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
 183			if (ippp_table[i]->minor == lp->pppbind &&
 184			    (ippp_table[i]->state & IPPP_OPEN) == IPPP_OPEN)
 185				break;
 186		}
 187	}
 188
 189	if (i >= ISDN_MAX_CHANNELS) {
 190		printk(KERN_WARNING "isdn_ppp_bind: Can't find a (free) connection to the ipppd daemon.\n");
 191		retval = -1;
 192		goto out;
 193	}
 194	/* get unit number from interface name .. ugly! */
 195	unit = isdn_ppp_if_get_unit(lp->netdev->dev->name);
 196	if (unit < 0) {
 197		printk(KERN_ERR "isdn_ppp_bind: illegal interface name %s.\n",
 198		       lp->netdev->dev->name);
 199		retval = -1;
 200		goto out;
 201	}
 202
 203	lp->ppp_slot = i;
 204	is = ippp_table[i];
 205	is->lp = lp;
 206	is->unit = unit;
 207	is->state = IPPP_OPEN | IPPP_ASSIGNED;	/* assigned to a netdevice but not connected */
 208#ifdef CONFIG_ISDN_MPP
 209	retval = isdn_ppp_mp_init(lp, NULL);
 210	if (retval < 0)
 211		goto out;
 212#endif /* CONFIG_ISDN_MPP */
 213
 214	retval = lp->ppp_slot;
 215
 216out:
 217	return retval;
 218}
 219
 220/*
 221 * kick the ipppd on the device
 222 * (wakes up daemon after B-channel connect)
 223 */
 224
 225void
 226isdn_ppp_wakeup_daemon(isdn_net_local *lp)
 227{
 228	if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
 229		printk(KERN_ERR "%s: ppp_slot(%d) out of range\n",
 230		       __func__, lp->ppp_slot);
 231		return;
 232	}
 233	ippp_table[lp->ppp_slot]->state = IPPP_OPEN | IPPP_CONNECT | IPPP_NOBLOCK;
 234	wake_up_interruptible(&ippp_table[lp->ppp_slot]->wq);
 235}
 236
 237/*
 238 * there was a hangup on the netdevice
 239 * force wakeup of the ippp device
 240 * go into 'device waits for release' state
 241 */
 242static int
 243isdn_ppp_closewait(int slot)
 244{
 245	struct ippp_struct *is;
 246
 247	if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
 248		printk(KERN_ERR "%s: slot(%d) out of range\n",
 249		       __func__, slot);
 250		return 0;
 251	}
 252	is = ippp_table[slot];
 253	if (is->state)
 254		wake_up_interruptible(&is->wq);
 255	is->state = IPPP_CLOSEWAIT;
 256	return 1;
 257}
 258
 259/*
 260 * isdn_ppp_find_slot / isdn_ppp_free_slot
 261 */
 262
 263static int
 264isdn_ppp_get_slot(void)
 265{
 266	int i;
 267	for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
 268		if (!ippp_table[i]->state)
 269			return i;
 270	}
 271	return -1;
 272}
 273
 274/*
 275 * isdn_ppp_open
 276 */
 277
 278int
 279isdn_ppp_open(int min, struct file *file)
 280{
 281	int slot;
 282	struct ippp_struct *is;
 283
 284	if (min < 0 || min >= ISDN_MAX_CHANNELS)
 285		return -ENODEV;
 286
 287	slot = isdn_ppp_get_slot();
 288	if (slot < 0) {
 289		return -EBUSY;
 290	}
 291	is = file->private_data = ippp_table[slot];
 292
 293	printk(KERN_DEBUG "ippp, open, slot: %d, minor: %d, state: %04x\n",
 294	       slot, min, is->state);
 295
 296	/* compression stuff */
 297	is->link_compressor   = is->compressor = NULL;
 298	is->link_decompressor = is->decompressor = NULL;
 299	is->link_comp_stat    = is->comp_stat = NULL;
 300	is->link_decomp_stat  = is->decomp_stat = NULL;
 301	is->compflags = 0;
 302
 303	is->reset = isdn_ppp_ccp_reset_alloc(is);
 304	if (!is->reset)
 305		return -ENOMEM;
 306
 307	is->lp = NULL;
 308	is->mp_seqno = 0;       /* MP sequence number */
 309	is->pppcfg = 0;         /* ppp configuration */
 310	is->mpppcfg = 0;        /* mppp configuration */
 311	is->last_link_seqno = -1;	/* MP: maybe set to Bundle-MIN, when joining a bundle ?? */
 312	is->unit = -1;          /* set, when we have our interface */
 313	is->mru = 1524;         /* MRU, default 1524 */
 314	is->maxcid = 16;        /* VJ: maxcid */
 315	is->tk = current;
 316	init_waitqueue_head(&is->wq);
 317	is->first = is->rq + NUM_RCV_BUFFS - 1;	/* receive queue */
 318	is->last = is->rq;
 319	is->minor = min;
 320#ifdef CONFIG_ISDN_PPP_VJ
 321	/*
 322	 * VJ header compression init
 323	 */
 324	is->slcomp = slhc_init(16, 16);	/* not necessary for 2. link in bundle */
 325	if (IS_ERR(is->slcomp)) {
 326		isdn_ppp_ccp_reset_free(is);
 327		return PTR_ERR(is->slcomp);
 328	}
 329#endif
 330#ifdef CONFIG_IPPP_FILTER
 331	is->pass_filter = NULL;
 332	is->active_filter = NULL;
 333#endif
 334	is->state = IPPP_OPEN;
 335
 336	return 0;
 337}
 338
 339/*
 340 * release ippp device
 341 */
 342void
 343isdn_ppp_release(int min, struct file *file)
 344{
 345	int i;
 346	struct ippp_struct *is;
 347
 348	if (min < 0 || min >= ISDN_MAX_CHANNELS)
 349		return;
 350	is = file->private_data;
 351
 352	if (!is) {
 353		printk(KERN_ERR "%s: no file->private_data\n", __func__);
 354		return;
 355	}
 356	if (is->debug & 0x1)
 357		printk(KERN_DEBUG "ippp: release, minor: %d %lx\n", min, (long) is->lp);
 358
 359	if (is->lp) {           /* a lp address says: this link is still up */
 360		isdn_net_dev *p = is->lp->netdev;
 361
 362		if (!p) {
 363			printk(KERN_ERR "%s: no lp->netdev\n", __func__);
 364			return;
 365		}
 366		is->state &= ~IPPP_CONNECT;	/* -> effect: no call of wakeup */
 367		/*
 368		 * isdn_net_hangup() calls isdn_ppp_free()
 369		 * isdn_ppp_free() sets is->lp to NULL and lp->ppp_slot to -1
 370		 * removing the IPPP_CONNECT flag omits calling of isdn_ppp_wakeup_daemon()
 371		 */
 372		isdn_net_hangup(p->dev);
 373	}
 374	for (i = 0; i < NUM_RCV_BUFFS; i++) {
 375		kfree(is->rq[i].buf);
 376		is->rq[i].buf = NULL;
 377	}
 378	is->first = is->rq + NUM_RCV_BUFFS - 1;	/* receive queue */
 379	is->last = is->rq;
 380
 381#ifdef CONFIG_ISDN_PPP_VJ
 382/* TODO: if this was the previous master: link the slcomp to the new master */
 383	slhc_free(is->slcomp);
 384	is->slcomp = NULL;
 385#endif
 386#ifdef CONFIG_IPPP_FILTER
 387	if (is->pass_filter) {
 388		bpf_prog_destroy(is->pass_filter);
 389		is->pass_filter = NULL;
 390	}
 391
 392	if (is->active_filter) {
 393		bpf_prog_destroy(is->active_filter);
 394		is->active_filter = NULL;
 395	}
 396#endif
 397
 398/* TODO: if this was the previous master: link the stuff to the new master */
 399	if (is->comp_stat)
 400		is->compressor->free(is->comp_stat);
 401	if (is->link_comp_stat)
 402		is->link_compressor->free(is->link_comp_stat);
 403	if (is->link_decomp_stat)
 404		is->link_decompressor->free(is->link_decomp_stat);
 405	if (is->decomp_stat)
 406		is->decompressor->free(is->decomp_stat);
 407	is->compressor   = is->link_compressor   = NULL;
 408	is->decompressor = is->link_decompressor = NULL;
 409	is->comp_stat    = is->link_comp_stat    = NULL;
 410	is->decomp_stat  = is->link_decomp_stat  = NULL;
 411
 412	/* Clean up if necessary */
 413	if (is->reset)
 414		isdn_ppp_ccp_reset_free(is);
 415
 416	/* this slot is ready for new connections */
 417	is->state = 0;
 418}
 419
 420/*
 421 * get_arg .. ioctl helper
 422 */
 423static int
 424get_arg(void __user *b, void *val, int len)
 425{
 426	if (len <= 0)
 427		len = sizeof(void *);
 428	if (copy_from_user(val, b, len))
 429		return -EFAULT;
 430	return 0;
 431}
 432
 433/*
 434 * set arg .. ioctl helper
 435 */
 436static int
 437set_arg(void __user *b, void *val, int len)
 438{
 439	if (len <= 0)
 440		len = sizeof(void *);
 441	if (copy_to_user(b, val, len))
 442		return -EFAULT;
 443	return 0;
 444}
 445
 446#ifdef CONFIG_IPPP_FILTER
 447static int get_filter(void __user *arg, struct sock_filter **p)
 448{
 449	struct sock_fprog uprog;
 450	struct sock_filter *code = NULL;
 451	int len;
 452
 453	if (copy_from_user(&uprog, arg, sizeof(uprog)))
 454		return -EFAULT;
 455
 456	if (!uprog.len) {
 457		*p = NULL;
 458		return 0;
 459	}
 460
 461	/* uprog.len is unsigned short, so no overflow here */
 462	len = uprog.len * sizeof(struct sock_filter);
 463	code = memdup_user(uprog.filter, len);
 464	if (IS_ERR(code))
 465		return PTR_ERR(code);
 466
 467	*p = code;
 468	return uprog.len;
 469}
 470#endif /* CONFIG_IPPP_FILTER */
 471
 472/*
 473 * ippp device ioctl
 474 */
 475int
 476isdn_ppp_ioctl(int min, struct file *file, unsigned int cmd, unsigned long arg)
 477{
 478	unsigned long val;
 479	int r, i, j;
 480	struct ippp_struct *is;
 481	isdn_net_local *lp;
 482	struct isdn_ppp_comp_data data;
 483	void __user *argp = (void __user *)arg;
 484
 485	is = file->private_data;
 486	lp = is->lp;
 487
 488	if (is->debug & 0x1)
 489		printk(KERN_DEBUG "isdn_ppp_ioctl: minor: %d cmd: %x state: %x\n", min, cmd, is->state);
 490
 491	if (!(is->state & IPPP_OPEN))
 492		return -EINVAL;
 493
 494	switch (cmd) {
 495	case PPPIOCBUNDLE:
 496#ifdef CONFIG_ISDN_MPP
 497		if (!(is->state & IPPP_CONNECT))
 498			return -EINVAL;
 499		if ((r = get_arg(argp, &val, sizeof(val))))
 500			return r;
 501		printk(KERN_DEBUG "iPPP-bundle: minor: %d, slave unit: %d, master unit: %d\n",
 502		       (int) min, (int) is->unit, (int) val);
 503		return isdn_ppp_bundle(is, val);
 504#else
 505		return -1;
 506#endif
 507		break;
 508	case PPPIOCGUNIT:	/* get ppp/isdn unit number */
 509		if ((r = set_arg(argp, &is->unit, sizeof(is->unit))))
 510			return r;
 511		break;
 512	case PPPIOCGIFNAME:
 513		if (!lp)
 514			return -EINVAL;
 515		if ((r = set_arg(argp, lp->netdev->dev->name,
 516				 strlen(lp->netdev->dev->name))))
 517			return r;
 518		break;
 519	case PPPIOCGMPFLAGS:	/* get configuration flags */
 520		if ((r = set_arg(argp, &is->mpppcfg, sizeof(is->mpppcfg))))
 521			return r;
 522		break;
 523	case PPPIOCSMPFLAGS:	/* set configuration flags */
 524		if ((r = get_arg(argp, &val, sizeof(val))))
 525			return r;
 526		is->mpppcfg = val;
 527		break;
 528	case PPPIOCGFLAGS:	/* get configuration flags */
 529		if ((r = set_arg(argp, &is->pppcfg, sizeof(is->pppcfg))))
 530			return r;
 531		break;
 532	case PPPIOCSFLAGS:	/* set configuration flags */
 533		if ((r = get_arg(argp, &val, sizeof(val)))) {
 534			return r;
 535		}
 536		if (val & SC_ENABLE_IP && !(is->pppcfg & SC_ENABLE_IP) && (is->state & IPPP_CONNECT)) {
 537			if (lp) {
 538				/* OK .. we are ready to send buffers */
 539				is->pppcfg = val; /* isdn_ppp_xmit test for SC_ENABLE_IP !!! */
 540				netif_wake_queue(lp->netdev->dev);
 541				break;
 542			}
 543		}
 544		is->pppcfg = val;
 545		break;
 546	case PPPIOCGIDLE:	/* get idle time information */
 547		if (lp) {
 548			struct ppp_idle pidle;
 549			pidle.xmit_idle = pidle.recv_idle = lp->huptimer;
 550			if ((r = set_arg(argp, &pidle, sizeof(struct ppp_idle))))
 551				return r;
 552		}
 553		break;
 554	case PPPIOCSMRU:	/* set receive unit size for PPP */
 555		if ((r = get_arg(argp, &val, sizeof(val))))
 556			return r;
 557		is->mru = val;
 558		break;
 559	case PPPIOCSMPMRU:
 560		break;
 561	case PPPIOCSMPMTU:
 562		break;
 563	case PPPIOCSMAXCID:	/* set the maximum compression slot id */
 564		if ((r = get_arg(argp, &val, sizeof(val))))
 565			return r;
 566		val++;
 567		if (is->maxcid != val) {
 568#ifdef CONFIG_ISDN_PPP_VJ
 569			struct slcompress *sltmp;
 570#endif
 571			if (is->debug & 0x1)
 572				printk(KERN_DEBUG "ippp, ioctl: changed MAXCID to %ld\n", val);
 573			is->maxcid = val;
 574#ifdef CONFIG_ISDN_PPP_VJ
 575			sltmp = slhc_init(16, val);
 576			if (IS_ERR(sltmp))
 577				return PTR_ERR(sltmp);
 578			if (is->slcomp)
 579				slhc_free(is->slcomp);
 580			is->slcomp = sltmp;
 581#endif
 582		}
 583		break;
 584	case PPPIOCGDEBUG:
 585		if ((r = set_arg(argp, &is->debug, sizeof(is->debug))))
 586			return r;
 587		break;
 588	case PPPIOCSDEBUG:
 589		if ((r = get_arg(argp, &val, sizeof(val))))
 590			return r;
 591		is->debug = val;
 592		break;
 593	case PPPIOCGCOMPRESSORS:
 594	{
 595		unsigned long protos[8] = {0,};
 596		struct isdn_ppp_compressor *ipc = ipc_head;
 597		while (ipc) {
 598			j = ipc->num / (sizeof(long) * 8);
 599			i = ipc->num % (sizeof(long) * 8);
 600			if (j < 8)
 601				protos[j] |= (1UL << i);
 602			ipc = ipc->next;
 603		}
 604		if ((r = set_arg(argp, protos, 8 * sizeof(long))))
 605			return r;
 606	}
 607	break;
 608	case PPPIOCSCOMPRESSOR:
 609		if ((r = get_arg(argp, &data, sizeof(struct isdn_ppp_comp_data))))
 610			return r;
 611		return isdn_ppp_set_compressor(is, &data);
 612	case PPPIOCGCALLINFO:
 613	{
 614		struct pppcallinfo pci;
 615		memset((char *)&pci, 0, sizeof(struct pppcallinfo));
 616		if (lp)
 617		{
 618			strncpy(pci.local_num, lp->msn, 63);
 619			if (lp->dial) {
 620				strncpy(pci.remote_num, lp->dial->num, 63);
 621			}
 622			pci.charge_units = lp->charge;
 623			if (lp->outgoing)
 624				pci.calltype = CALLTYPE_OUTGOING;
 625			else
 626				pci.calltype = CALLTYPE_INCOMING;
 627			if (lp->flags & ISDN_NET_CALLBACK)
 628				pci.calltype |= CALLTYPE_CALLBACK;
 629		}
 630		return set_arg(argp, &pci, sizeof(struct pppcallinfo));
 631	}
 632#ifdef CONFIG_IPPP_FILTER
 633	case PPPIOCSPASS:
 634	{
 635		struct sock_fprog_kern fprog;
 636		struct sock_filter *code;
 637		int err, len = get_filter(argp, &code);
 638
 639		if (len < 0)
 640			return len;
 641
 642		fprog.len = len;
 643		fprog.filter = code;
 644
 645		if (is->pass_filter) {
 646			bpf_prog_destroy(is->pass_filter);
 647			is->pass_filter = NULL;
 648		}
 649		if (fprog.filter != NULL)
 650			err = bpf_prog_create(&is->pass_filter, &fprog);
 651		else
 652			err = 0;
 653		kfree(code);
 654
 655		return err;
 656	}
 657	case PPPIOCSACTIVE:
 658	{
 659		struct sock_fprog_kern fprog;
 660		struct sock_filter *code;
 661		int err, len = get_filter(argp, &code);
 662
 663		if (len < 0)
 664			return len;
 665
 666		fprog.len = len;
 667		fprog.filter = code;
 668
 669		if (is->active_filter) {
 670			bpf_prog_destroy(is->active_filter);
 671			is->active_filter = NULL;
 672		}
 673		if (fprog.filter != NULL)
 674			err = bpf_prog_create(&is->active_filter, &fprog);
 675		else
 676			err = 0;
 677		kfree(code);
 678
 679		return err;
 680	}
 681#endif /* CONFIG_IPPP_FILTER */
 682	default:
 683		break;
 684	}
 685	return 0;
 686}
 687
 688unsigned int
 689isdn_ppp_poll(struct file *file, poll_table *wait)
 690{
 691	u_int mask;
 692	struct ippp_buf_queue *bf, *bl;
 693	u_long flags;
 694	struct ippp_struct *is;
 695
 696	is = file->private_data;
 697
 698	if (is->debug & 0x2)
 699		printk(KERN_DEBUG "isdn_ppp_poll: minor: %d\n",
 700		       iminor(file_inode(file)));
 701
 702	/* just registers wait_queue hook. This doesn't really wait. */
 703	poll_wait(file, &is->wq, wait);
 704
 705	if (!(is->state & IPPP_OPEN)) {
 706		if (is->state == IPPP_CLOSEWAIT)
 707			return POLLHUP;
 708		printk(KERN_DEBUG "isdn_ppp: device not open\n");
 709		return POLLERR;
 710	}
 711	/* we're always ready to send .. */
 712	mask = POLLOUT | POLLWRNORM;
 713
 714	spin_lock_irqsave(&is->buflock, flags);
 715	bl = is->last;
 716	bf = is->first;
 717	/*
 718	 * if IPPP_NOBLOCK is set we return even if we have nothing to read
 719	 */
 720	if (bf->next != bl || (is->state & IPPP_NOBLOCK)) {
 721		is->state &= ~IPPP_NOBLOCK;
 722		mask |= POLLIN | POLLRDNORM;
 723	}
 724	spin_unlock_irqrestore(&is->buflock, flags);
 725	return mask;
 726}
 727
 728/*
 729 *  fill up isdn_ppp_read() queue ..
 730 */
 731
 732static int
 733isdn_ppp_fill_rq(unsigned char *buf, int len, int proto, int slot)
 734{
 735	struct ippp_buf_queue *bf, *bl;
 736	u_long flags;
 737	u_char *nbuf;
 738	struct ippp_struct *is;
 739
 740	if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
 741		printk(KERN_WARNING "ippp: illegal slot(%d).\n", slot);
 742		return 0;
 743	}
 744	is = ippp_table[slot];
 745
 746	if (!(is->state & IPPP_CONNECT)) {
 747		printk(KERN_DEBUG "ippp: device not activated.\n");
 748		return 0;
 749	}
 750	nbuf = kmalloc(len + 4, GFP_ATOMIC);
 751	if (!nbuf) {
 752		printk(KERN_WARNING "ippp: Can't alloc buf\n");
 753		return 0;
 754	}
 755	nbuf[0] = PPP_ALLSTATIONS;
 756	nbuf[1] = PPP_UI;
 757	nbuf[2] = proto >> 8;
 758	nbuf[3] = proto & 0xff;
 759	memcpy(nbuf + 4, buf, len);
 760
 761	spin_lock_irqsave(&is->buflock, flags);
 762	bf = is->first;
 763	bl = is->last;
 764
 765	if (bf == bl) {
 766		printk(KERN_WARNING "ippp: Queue is full; discarding first buffer\n");
 767		bf = bf->next;
 768		kfree(bf->buf);
 769		is->first = bf;
 770	}
 771	bl->buf = (char *) nbuf;
 772	bl->len = len + 4;
 773
 774	is->last = bl->next;
 775	spin_unlock_irqrestore(&is->buflock, flags);
 776	wake_up_interruptible(&is->wq);
 777	return len;
 778}
 779
 780/*
 781 * read() .. non-blocking: ipppd calls it only after select()
 782 *           reports, that there is data
 783 */
 784
 785int
 786isdn_ppp_read(int min, struct file *file, char __user *buf, int count)
 787{
 788	struct ippp_struct *is;
 789	struct ippp_buf_queue *b;
 790	u_long flags;
 791	u_char *save_buf;
 792
 793	is = file->private_data;
 794
 795	if (!(is->state & IPPP_OPEN))
 796		return 0;
 797
 798	if (!access_ok(VERIFY_WRITE, buf, count))
 799		return -EFAULT;
 800
 801	spin_lock_irqsave(&is->buflock, flags);
 802	b = is->first->next;
 803	save_buf = b->buf;
 804	if (!save_buf) {
 805		spin_unlock_irqrestore(&is->buflock, flags);
 806		return -EAGAIN;
 807	}
 808	if (b->len < count)
 809		count = b->len;
 810	b->buf = NULL;
 811	is->first = b;
 812
 813	spin_unlock_irqrestore(&is->buflock, flags);
 814	if (copy_to_user(buf, save_buf, count))
 815		count = -EFAULT;
 816	kfree(save_buf);
 817
 818	return count;
 819}
 820
 821/*
 822 * ipppd wanna write a packet to the card .. non-blocking
 823 */
 824
 825int
 826isdn_ppp_write(int min, struct file *file, const char __user *buf, int count)
 827{
 828	isdn_net_local *lp;
 829	struct ippp_struct *is;
 830	int proto;
 831	unsigned char protobuf[4];
 832
 833	is = file->private_data;
 834
 835	if (!(is->state & IPPP_CONNECT))
 836		return 0;
 837
 838	lp = is->lp;
 839
 840	/* -> push it directly to the lowlevel interface */
 841
 842	if (!lp)
 843		printk(KERN_DEBUG "isdn_ppp_write: lp == NULL\n");
 844	else {
 845		/*
 846		 * Don't reset huptimer for
 847		 * LCP packets. (Echo requests).
 848		 */
 849		if (copy_from_user(protobuf, buf, 4))
 850			return -EFAULT;
 851		proto = PPP_PROTOCOL(protobuf);
 852		if (proto != PPP_LCP)
 853			lp->huptimer = 0;
 854
 855		if (lp->isdn_device < 0 || lp->isdn_channel < 0)
 856			return 0;
 857
 858		if ((dev->drv[lp->isdn_device]->flags & DRV_FLAG_RUNNING) &&
 859		    lp->dialstate == 0 &&
 860		    (lp->flags & ISDN_NET_CONNECTED)) {
 861			unsigned short hl;
 862			struct sk_buff *skb;
 863			/*
 864			 * we need to reserve enough space in front of
 865			 * sk_buff. old call to dev_alloc_skb only reserved
 866			 * 16 bytes, now we are looking what the driver want
 867			 */
 868			hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen;
 869			skb = alloc_skb(hl + count, GFP_ATOMIC);
 870			if (!skb) {
 871				printk(KERN_WARNING "isdn_ppp_write: out of memory!\n");
 872				return count;
 873			}
 874			skb_reserve(skb, hl);
 875			if (copy_from_user(skb_put(skb, count), buf, count))
 876			{
 877				kfree_skb(skb);
 878				return -EFAULT;
 879			}
 880			if (is->debug & 0x40) {
 881				printk(KERN_DEBUG "ppp xmit: len %d\n", (int) skb->len);
 882				isdn_ppp_frame_log("xmit", skb->data, skb->len, 32, is->unit, lp->ppp_slot);
 883			}
 884
 885			isdn_ppp_send_ccp(lp->netdev, lp, skb); /* keeps CCP/compression states in sync */
 886
 887			isdn_net_write_super(lp, skb);
 888		}
 889	}
 890	return count;
 891}
 892
 893/*
 894 * init memory, structures etc.
 895 */
 896
 897int
 898isdn_ppp_init(void)
 899{
 900	int i,
 901		j;
 902
 903#ifdef CONFIG_ISDN_MPP
 904	if (isdn_ppp_mp_bundle_array_init() < 0)
 905		return -ENOMEM;
 906#endif /* CONFIG_ISDN_MPP */
 907
 908	for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
 909		if (!(ippp_table[i] = kzalloc(sizeof(struct ippp_struct), GFP_KERNEL))) {
 910			printk(KERN_WARNING "isdn_ppp_init: Could not alloc ippp_table\n");
 911			for (j = 0; j < i; j++)
 912				kfree(ippp_table[j]);
 913			return -1;
 914		}
 915		spin_lock_init(&ippp_table[i]->buflock);
 916		ippp_table[i]->state = 0;
 917		ippp_table[i]->first = ippp_table[i]->rq + NUM_RCV_BUFFS - 1;
 918		ippp_table[i]->last = ippp_table[i]->rq;
 919
 920		for (j = 0; j < NUM_RCV_BUFFS; j++) {
 921			ippp_table[i]->rq[j].buf = NULL;
 922			ippp_table[i]->rq[j].last = ippp_table[i]->rq +
 923				(NUM_RCV_BUFFS + j - 1) % NUM_RCV_BUFFS;
 924			ippp_table[i]->rq[j].next = ippp_table[i]->rq + (j + 1) % NUM_RCV_BUFFS;
 925		}
 926	}
 927	return 0;
 928}
 929
 930void
 931isdn_ppp_cleanup(void)
 932{
 933	int i;
 934
 935	for (i = 0; i < ISDN_MAX_CHANNELS; i++)
 936		kfree(ippp_table[i]);
 937
 938#ifdef CONFIG_ISDN_MPP
 939	kfree(isdn_ppp_bundle_arr);
 940#endif /* CONFIG_ISDN_MPP */
 941
 942}
 943
 944/*
 945 * check for address/control field and skip if allowed
 946 * retval != 0 -> discard packet silently
 947 */
 948static int isdn_ppp_skip_ac(struct ippp_struct *is, struct sk_buff *skb)
 949{
 950	if (skb->len < 1)
 951		return -1;
 952
 953	if (skb->data[0] == 0xff) {
 954		if (skb->len < 2)
 955			return -1;
 956
 957		if (skb->data[1] != 0x03)
 958			return -1;
 959
 960		// skip address/control (AC) field
 961		skb_pull(skb, 2);
 962	} else {
 963		if (is->pppcfg & SC_REJ_COMP_AC)
 964			// if AC compression was not negotiated, but used, discard packet
 965			return -1;
 966	}
 967	return 0;
 968}
 969
 970/*
 971 * get the PPP protocol header and pull skb
 972 * retval < 0 -> discard packet silently
 973 */
 974static int isdn_ppp_strip_proto(struct sk_buff *skb)
 975{
 976	int proto;
 977
 978	if (skb->len < 1)
 979		return -1;
 980
 981	if (skb->data[0] & 0x1) {
 982		// protocol field is compressed
 983		proto = skb->data[0];
 984		skb_pull(skb, 1);
 985	} else {
 986		if (skb->len < 2)
 987			return -1;
 988		proto = ((int) skb->data[0] << 8) + skb->data[1];
 989		skb_pull(skb, 2);
 990	}
 991	return proto;
 992}
 993
 994
 995/*
 996 * handler for incoming packets on a syncPPP interface
 997 */
 998void isdn_ppp_receive(isdn_net_dev *net_dev, isdn_net_local *lp, struct sk_buff *skb)
 999{
1000	struct ippp_struct *is;
1001	int slot;
1002	int proto;
1003
1004	BUG_ON(net_dev->local->master); // we're called with the master device always
1005
1006	slot = lp->ppp_slot;
1007	if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1008		printk(KERN_ERR "isdn_ppp_receive: lp->ppp_slot(%d)\n",
1009		       lp->ppp_slot);
1010		kfree_skb(skb);
1011		return;
1012	}
1013	is = ippp_table[slot];
1014
1015	if (is->debug & 0x4) {
1016		printk(KERN_DEBUG "ippp_receive: is:%08lx lp:%08lx slot:%d unit:%d len:%d\n",
1017		       (long)is, (long)lp, lp->ppp_slot, is->unit, (int)skb->len);
1018		isdn_ppp_frame_log("receive", skb->data, skb->len, 32, is->unit, lp->ppp_slot);
1019	}
1020
1021	if (isdn_ppp_skip_ac(is, skb) < 0) {
1022		kfree_skb(skb);
1023		return;
1024	}
1025	proto = isdn_ppp_strip_proto(skb);
1026	if (proto < 0) {
1027		kfree_skb(skb);
1028		return;
1029	}
1030
1031#ifdef CONFIG_ISDN_MPP
1032	if (is->compflags & SC_LINK_DECOMP_ON) {
1033		skb = isdn_ppp_decompress(skb, is, NULL, &proto);
1034		if (!skb) // decompression error
1035			return;
1036	}
1037
1038	if (!(is->mpppcfg & SC_REJ_MP_PROT)) { // we agreed to receive MPPP
1039		if (proto == PPP_MP) {
1040			isdn_ppp_mp_receive(net_dev, lp, skb);
1041			return;
1042		}
1043	}
1044#endif
1045	isdn_ppp_push_higher(net_dev, lp, skb, proto);
1046}
1047
1048/*
1049 * we receive a reassembled frame, MPPP has been taken care of before.
1050 * address/control and protocol have been stripped from the skb
1051 * note: net_dev has to be master net_dev
1052 */
1053static void
1054isdn_ppp_push_higher(isdn_net_dev *net_dev, isdn_net_local *lp, struct sk_buff *skb, int proto)
1055{
1056	struct net_device *dev = net_dev->dev;
1057	struct ippp_struct *is, *mis;
1058	isdn_net_local *mlp = NULL;
1059	int slot;
1060
1061	slot = lp->ppp_slot;
1062	if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1063		printk(KERN_ERR "isdn_ppp_push_higher: lp->ppp_slot(%d)\n",
1064		       lp->ppp_slot);
1065		goto drop_packet;
1066	}
1067	is = ippp_table[slot];
1068
1069	if (lp->master) { // FIXME?
1070		mlp = ISDN_MASTER_PRIV(lp);
1071		slot = mlp->ppp_slot;
1072		if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1073			printk(KERN_ERR "isdn_ppp_push_higher: master->ppp_slot(%d)\n",
1074			       lp->ppp_slot);
1075			goto drop_packet;
1076		}
1077	}
1078	mis = ippp_table[slot];
1079
1080	if (is->debug & 0x10) {
1081		printk(KERN_DEBUG "push, skb %d %04x\n", (int) skb->len, proto);
1082		isdn_ppp_frame_log("rpush", skb->data, skb->len, 32, is->unit, lp->ppp_slot);
1083	}
1084	if (mis->compflags & SC_DECOMP_ON) {
1085		skb = isdn_ppp_decompress(skb, is, mis, &proto);
1086		if (!skb) // decompression error
1087			return;
1088	}
1089	switch (proto) {
1090	case PPP_IPX:  /* untested */
1091		if (is->debug & 0x20)
1092			printk(KERN_DEBUG "isdn_ppp: IPX\n");
1093		skb->protocol = htons(ETH_P_IPX);
1094		break;
1095	case PPP_IP:
1096		if (is->debug & 0x20)
1097			printk(KERN_DEBUG "isdn_ppp: IP\n");
1098		skb->protocol = htons(ETH_P_IP);
1099		break;
1100	case PPP_COMP:
1101	case PPP_COMPFRAG:
1102		printk(KERN_INFO "isdn_ppp: unexpected compressed frame dropped\n");
1103		goto drop_packet;
1104#ifdef CONFIG_ISDN_PPP_VJ
1105	case PPP_VJC_UNCOMP:
1106		if (is->debug & 0x20)
1107			printk(KERN_DEBUG "isdn_ppp: VJC_UNCOMP\n");
1108		if (net_dev->local->ppp_slot < 0) {
1109			printk(KERN_ERR "%s: net_dev->local->ppp_slot(%d) out of range\n",
1110			       __func__, net_dev->local->ppp_slot);
1111			goto drop_packet;
1112		}
1113		if (slhc_remember(ippp_table[net_dev->local->ppp_slot]->slcomp, skb->data, skb->len) <= 0) {
1114			printk(KERN_WARNING "isdn_ppp: received illegal VJC_UNCOMP frame!\n");
1115			goto drop_packet;
1116		}
1117		skb->protocol = htons(ETH_P_IP);
1118		break;
1119	case PPP_VJC_COMP:
1120		if (is->debug & 0x20)
1121			printk(KERN_DEBUG "isdn_ppp: VJC_COMP\n");
1122		{
1123			struct sk_buff *skb_old = skb;
1124			int pkt_len;
1125			skb = dev_alloc_skb(skb_old->len + 128);
1126
1127			if (!skb) {
1128				printk(KERN_WARNING "%s: Memory squeeze, dropping packet.\n", dev->name);
1129				skb = skb_old;
1130				goto drop_packet;
1131			}
1132			skb_put(skb, skb_old->len + 128);
1133			skb_copy_from_linear_data(skb_old, skb->data,
1134						  skb_old->len);
1135			if (net_dev->local->ppp_slot < 0) {
1136				printk(KERN_ERR "%s: net_dev->local->ppp_slot(%d) out of range\n",
1137				       __func__, net_dev->local->ppp_slot);
1138				goto drop_packet;
1139			}
1140			pkt_len = slhc_uncompress(ippp_table[net_dev->local->ppp_slot]->slcomp,
1141						  skb->data, skb_old->len);
1142			kfree_skb(skb_old);
1143			if (pkt_len < 0)
1144				goto drop_packet;
1145
1146			skb_trim(skb, pkt_len);
1147			skb->protocol = htons(ETH_P_IP);
1148		}
1149		break;
1150#endif
1151	case PPP_CCP:
1152	case PPP_CCPFRAG:
1153		isdn_ppp_receive_ccp(net_dev, lp, skb, proto);
1154		/* Dont pop up ResetReq/Ack stuff to the daemon any
1155		   longer - the job is done already */
1156		if (skb->data[0] == CCP_RESETREQ ||
1157		    skb->data[0] == CCP_RESETACK)
1158			break;
1159		/* fall through */
1160	default:
1161		isdn_ppp_fill_rq(skb->data, skb->len, proto, lp->ppp_slot);	/* push data to pppd device */
1162		kfree_skb(skb);
1163		return;
1164	}
1165
1166#ifdef CONFIG_IPPP_FILTER
1167	/* check if the packet passes the pass and active filters
1168	 * the filter instructions are constructed assuming
1169	 * a four-byte PPP header on each packet (which is still present) */
1170	skb_push(skb, 4);
1171
1172	{
1173		u_int16_t *p = (u_int16_t *) skb->data;
1174
1175		*p = 0;	/* indicate inbound */
1176	}
1177
1178	if (is->pass_filter
1179	    && BPF_PROG_RUN(is->pass_filter, skb) == 0) {
1180		if (is->debug & 0x2)
1181			printk(KERN_DEBUG "IPPP: inbound frame filtered.\n");
1182		kfree_skb(skb);
1183		return;
1184	}
1185	if (!(is->active_filter
1186	      && BPF_PROG_RUN(is->active_filter, skb) == 0)) {
1187		if (is->debug & 0x2)
1188			printk(KERN_DEBUG "IPPP: link-active filter: resetting huptimer.\n");
1189		lp->huptimer = 0;
1190		if (mlp)
1191			mlp->huptimer = 0;
1192	}
1193	skb_pull(skb, 4);
1194#else /* CONFIG_IPPP_FILTER */
1195	lp->huptimer = 0;
1196	if (mlp)
1197		mlp->huptimer = 0;
1198#endif /* CONFIG_IPPP_FILTER */
1199	skb->dev = dev;
1200	skb_reset_mac_header(skb);
1201	netif_rx(skb);
1202	/* net_dev->local->stats.rx_packets++; done in isdn_net.c */
1203	return;
1204
1205drop_packet:
1206	net_dev->local->stats.rx_dropped++;
1207	kfree_skb(skb);
1208}
1209
1210/*
1211 * isdn_ppp_skb_push ..
1212 * checks whether we have enough space at the beginning of the skb
1213 * and allocs a new SKB if necessary
1214 */
1215static unsigned char *isdn_ppp_skb_push(struct sk_buff **skb_p, int len)
1216{
1217	struct sk_buff *skb = *skb_p;
1218
1219	if (skb_headroom(skb) < len) {
1220		struct sk_buff *nskb = skb_realloc_headroom(skb, len);
1221
1222		if (!nskb) {
1223			printk(KERN_ERR "isdn_ppp_skb_push: can't realloc headroom!\n");
1224			dev_kfree_skb(skb);
1225			return NULL;
1226		}
1227		printk(KERN_DEBUG "isdn_ppp_skb_push:under %d %d\n", skb_headroom(skb), len);
1228		dev_kfree_skb(skb);
1229		*skb_p = nskb;
1230		return skb_push(nskb, len);
1231	}
1232	return skb_push(skb, len);
1233}
1234
1235/*
1236 * send ppp frame .. we expect a PIDCOMPressable proto --
1237 *  (here: currently always PPP_IP,PPP_VJC_COMP,PPP_VJC_UNCOMP)
1238 *
1239 * VJ compression may change skb pointer!!! .. requeue with old
1240 * skb isn't allowed!!
1241 */
1242
1243int
1244isdn_ppp_xmit(struct sk_buff *skb, struct net_device *netdev)
1245{
1246	isdn_net_local *lp, *mlp;
1247	isdn_net_dev *nd;
1248	unsigned int proto = PPP_IP;     /* 0x21 */
1249	struct ippp_struct *ipt, *ipts;
1250	int slot, retval = NETDEV_TX_OK;
1251
1252	mlp = netdev_priv(netdev);
1253	nd = mlp->netdev;       /* get master lp */
1254
1255	slot = mlp->ppp_slot;
1256	if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1257		printk(KERN_ERR "isdn_ppp_xmit: lp->ppp_slot(%d)\n",
1258		       mlp->ppp_slot);
1259		kfree_skb(skb);
1260		goto out;
1261	}
1262	ipts = ippp_table[slot];
1263
1264	if (!(ipts->pppcfg & SC_ENABLE_IP)) {	/* PPP connected ? */
1265		if (ipts->debug & 0x1)
1266			printk(KERN_INFO "%s: IP frame delayed.\n", netdev->name);
1267		retval = NETDEV_TX_BUSY;
1268		goto out;
1269	}
1270
1271	switch (ntohs(skb->protocol)) {
1272	case ETH_P_IP:
1273		proto = PPP_IP;
1274		break;
1275	case ETH_P_IPX:
1276		proto = PPP_IPX;	/* untested */
1277		break;
1278	default:
1279		printk(KERN_ERR "isdn_ppp: skipped unsupported protocol: %#x.\n",
1280		       skb->protocol);
1281		dev_kfree_skb(skb);
1282		goto out;
1283	}
1284
1285	lp = isdn_net_get_locked_lp(nd);
1286	if (!lp) {
1287		printk(KERN_WARNING "%s: all channels busy - requeuing!\n", netdev->name);
1288		retval = NETDEV_TX_BUSY;
1289		goto out;
1290	}
1291	/* we have our lp locked from now on */
1292
1293	slot = lp->ppp_slot;
1294	if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1295		printk(KERN_ERR "isdn_ppp_xmit: lp->ppp_slot(%d)\n",
1296		       lp->ppp_slot);
1297		kfree_skb(skb);
1298		goto unlock;
1299	}
1300	ipt = ippp_table[slot];
1301
1302	/*
1303	 * after this line .. requeueing in the device queue is no longer allowed!!!
1304	 */
1305
1306	/* Pull off the fake header we stuck on earlier to keep
1307	 * the fragmentation code happy.
1308	 */
1309	skb_pull(skb, IPPP_MAX_HEADER);
1310
1311#ifdef CONFIG_IPPP_FILTER
1312	/* check if we should pass this packet
1313	 * the filter instructions are constructed assuming
1314	 * a four-byte PPP header on each packet */
1315	*skb_push(skb, 4) = 1; /* indicate outbound */
1316
1317	{
1318		__be16 *p = (__be16 *)skb->data;
1319
1320		p++;
1321		*p = htons(proto);
1322	}
1323
1324	if (ipt->pass_filter
1325	    && BPF_PROG_RUN(ipt->pass_filter, skb) == 0) {
1326		if (ipt->debug & 0x4)
1327			printk(KERN_DEBUG "IPPP: outbound frame filtered.\n");
1328		kfree_skb(skb);
1329		goto unlock;
1330	}
1331	if (!(ipt->active_filter
1332	      && BPF_PROG_RUN(ipt->active_filter, skb) == 0)) {
1333		if (ipt->debug & 0x4)
1334			printk(KERN_DEBUG "IPPP: link-active filter: resetting huptimer.\n");
1335		lp->huptimer = 0;
1336	}
1337	skb_pull(skb, 4);
1338#else /* CONFIG_IPPP_FILTER */
1339	lp->huptimer = 0;
1340#endif /* CONFIG_IPPP_FILTER */
1341
1342	if (ipt->debug & 0x4)
1343		printk(KERN_DEBUG "xmit skb, len %d\n", (int) skb->len);
1344	if (ipts->debug & 0x40)
1345		isdn_ppp_frame_log("xmit0", skb->data, skb->len, 32, ipts->unit, lp->ppp_slot);
1346
1347#ifdef CONFIG_ISDN_PPP_VJ
1348	if (proto == PPP_IP && ipts->pppcfg & SC_COMP_TCP) {	/* ipts here? probably yes, but check this again */
1349		struct sk_buff *new_skb;
1350		unsigned short hl;
1351		/*
1352		 * we need to reserve enough space in front of
1353		 * sk_buff. old call to dev_alloc_skb only reserved
1354		 * 16 bytes, now we are looking what the driver want.
1355		 */
1356		hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen + IPPP_MAX_HEADER;
1357		/*
1358		 * Note: hl might still be insufficient because the method
1359		 * above does not account for a possibible MPPP slave channel
1360		 * which had larger HL header space requirements than the
1361		 * master.
1362		 */
1363		new_skb = alloc_skb(hl + skb->len, GFP_ATOMIC);
1364		if (new_skb) {
1365			u_char *buf;
1366			int pktlen;
1367
1368			skb_reserve(new_skb, hl);
1369			new_skb->dev = skb->dev;
1370			skb_put(new_skb, skb->len);
1371			buf = skb->data;
1372
1373			pktlen = slhc_compress(ipts->slcomp, skb->data, skb->len, new_skb->data,
1374					       &buf, !(ipts->pppcfg & SC_NO_TCP_CCID));
1375
1376			if (buf != skb->data) {
1377				if (new_skb->data != buf)
1378					printk(KERN_ERR "isdn_ppp: FATAL error after slhc_compress!!\n");
1379				dev_kfree_skb(skb);
1380				skb = new_skb;
1381			} else {
1382				dev_kfree_skb(new_skb);
1383			}
1384
1385			skb_trim(skb, pktlen);
1386			if (skb->data[0] & SL_TYPE_COMPRESSED_TCP) {	/* cslip? style -> PPP */
1387				proto = PPP_VJC_COMP;
1388				skb->data[0] ^= SL_TYPE_COMPRESSED_TCP;
1389			} else {
1390				if (skb->data[0] >= SL_TYPE_UNCOMPRESSED_TCP)
1391					proto = PPP_VJC_UNCOMP;
1392				skb->data[0] = (skb->data[0] & 0x0f) | 0x40;
1393			}
1394		}
1395	}
1396#endif
1397
1398	/*
1399	 * normal (single link) or bundle compression
1400	 */
1401	if (ipts->compflags & SC_COMP_ON) {
1402		/* We send compressed only if both down- und upstream
1403		   compression is negotiated, that means, CCP is up */
1404		if (ipts->compflags & SC_DECOMP_ON) {
1405			skb = isdn_ppp_compress(skb, &proto, ipt, ipts, 0);
1406		} else {
1407			printk(KERN_DEBUG "isdn_ppp: CCP not yet up - sending as-is\n");
1408		}
1409	}
1410
1411	if (ipt->debug & 0x24)
1412		printk(KERN_DEBUG "xmit2 skb, len %d, proto %04x\n", (int) skb->len, proto);
1413
1414#ifdef CONFIG_ISDN_MPP
1415	if (ipt->mpppcfg & SC_MP_PROT) {
1416		/* we get mp_seqno from static isdn_net_local */
1417		long mp_seqno = ipts->mp_seqno;
1418		ipts->mp_seqno++;
1419		if (ipt->mpppcfg & SC_OUT_SHORT_SEQ) {
1420			unsigned char *data = isdn_ppp_skb_push(&skb, 3);
1421			if (!data)
1422				goto unlock;
1423			mp_seqno &= 0xfff;
1424			data[0] = MP_BEGIN_FRAG | MP_END_FRAG | ((mp_seqno >> 8) & 0xf);	/* (B)egin & (E)ndbit .. */
1425			data[1] = mp_seqno & 0xff;
1426			data[2] = proto;	/* PID compression */
1427		} else {
1428			unsigned char *data = isdn_ppp_skb_push(&skb, 5);
1429			if (!data)
1430				goto unlock;
1431			data[0] = MP_BEGIN_FRAG | MP_END_FRAG;	/* (B)egin & (E)ndbit .. */
1432			data[1] = (mp_seqno >> 16) & 0xff;	/* sequence number: 24bit */
1433			data[2] = (mp_seqno >> 8) & 0xff;
1434			data[3] = (mp_seqno >> 0) & 0xff;
1435			data[4] = proto;	/* PID compression */
1436		}
1437		proto = PPP_MP; /* MP Protocol, 0x003d */
1438	}
1439#endif
1440
1441	/*
1442	 * 'link in bundle' compression  ...
1443	 */
1444	if (ipt->compflags & SC_LINK_COMP_ON)
1445		skb = isdn_ppp_compress(skb, &proto, ipt, ipts, 1);
1446
1447	if ((ipt->pppcfg & SC_COMP_PROT) && (proto <= 0xff)) {
1448		unsigned char *data = isdn_ppp_skb_push(&skb, 1);
1449		if (!data)
1450			goto unlock;
1451		data[0] = proto & 0xff;
1452	}
1453	else {
1454		unsigned char *data = isdn_ppp_skb_push(&skb, 2);
1455		if (!data)
1456			goto unlock;
1457		data[0] = (proto >> 8) & 0xff;
1458		data[1] = proto & 0xff;
1459	}
1460	if (!(ipt->pppcfg & SC_COMP_AC)) {
1461		unsigned char *data = isdn_ppp_skb_push(&skb, 2);
1462		if (!data)
1463			goto unlock;
1464		data[0] = 0xff;    /* All Stations */
1465		data[1] = 0x03;    /* Unnumbered information */
1466	}
1467
1468	/* tx-stats are now updated via BSENT-callback */
1469
1470	if (ipts->debug & 0x40) {
1471		printk(KERN_DEBUG "skb xmit: len: %d\n", (int) skb->len);
1472		isdn_ppp_frame_log("xmit", skb->data, skb->len, 32, ipt->unit, lp->ppp_slot);
1473	}
1474
1475	isdn_net_writebuf_skb(lp, skb);
1476
1477unlock:
1478	spin_unlock_bh(&lp->xmit_lock);
1479out:
1480	return retval;
1481}
1482
1483#ifdef CONFIG_IPPP_FILTER
1484/*
1485 * check if this packet may trigger auto-dial.
1486 */
1487
1488int isdn_ppp_autodial_filter(struct sk_buff *skb, isdn_net_local *lp)
1489{
1490	struct ippp_struct *is = ippp_table[lp->ppp_slot];
1491	u_int16_t proto;
1492	int drop = 0;
1493
1494	switch (ntohs(skb->protocol)) {
1495	case ETH_P_IP:
1496		proto = PPP_IP;
1497		break;
1498	case ETH_P_IPX:
1499		proto = PPP_IPX;
1500		break;
1501	default:
1502		printk(KERN_ERR "isdn_ppp_autodial_filter: unsupported protocol 0x%x.\n",
1503		       skb->protocol);
1504		return 1;
1505	}
1506
1507	/* the filter instructions are constructed assuming
1508	 * a four-byte PPP header on each packet. we have to
1509	 * temporarily remove part of the fake header stuck on
1510	 * earlier.
1511	 */
1512	*skb_pull(skb, IPPP_MAX_HEADER - 4) = 1; /* indicate outbound */
1513
1514	{
1515		__be16 *p = (__be16 *)skb->data;
1516
1517		p++;
1518		*p = htons(proto);
1519	}
1520
1521	drop |= is->pass_filter
1522		&& BPF_PROG_RUN(is->pass_filter, skb) == 0;
1523	drop |= is->active_filter
1524		&& BPF_PROG_RUN(is->active_filter, skb) == 0;
1525
1526	skb_push(skb, IPPP_MAX_HEADER - 4);
1527	return drop;
1528}
1529#endif
1530#ifdef CONFIG_ISDN_MPP
1531
1532/* this is _not_ rfc1990 header, but something we convert both short and long
1533 * headers to for convinience's sake:
1534 *	byte 0 is flags as in rfc1990
1535 *	bytes 1...4 is 24-bit seqence number converted to host byte order
1536 */
1537#define MP_HEADER_LEN	5
1538
1539#define MP_LONGSEQ_MASK		0x00ffffff
1540#define MP_SHORTSEQ_MASK	0x00000fff
1541#define MP_LONGSEQ_MAX		MP_LONGSEQ_MASK
1542#define MP_SHORTSEQ_MAX		MP_SHORTSEQ_MASK
1543#define MP_LONGSEQ_MAXBIT	((MP_LONGSEQ_MASK + 1) >> 1)
1544#define MP_SHORTSEQ_MAXBIT	((MP_SHORTSEQ_MASK + 1) >> 1)
1545
1546/* sequence-wrap safe comparisons (for long sequence)*/
1547#define MP_LT(a, b)	((a - b) & MP_LONGSEQ_MAXBIT)
1548#define MP_LE(a, b)	!((b - a) & MP_LONGSEQ_MAXBIT)
1549#define MP_GT(a, b)	((b - a) & MP_LONGSEQ_MAXBIT)
1550#define MP_GE(a, b)	!((a - b) & MP_LONGSEQ_MAXBIT)
1551
1552#define MP_SEQ(f)	((*(u32 *)(f->data + 1)))
1553#define MP_FLAGS(f)	(f->data[0])
1554
1555static int isdn_ppp_mp_bundle_array_init(void)
1556{
1557	int i;
1558	int sz = ISDN_MAX_CHANNELS * sizeof(ippp_bundle);
1559	if ((isdn_ppp_bundle_arr = kzalloc(sz, GFP_KERNEL)) == NULL)
1560		return -ENOMEM;
1561	for (i = 0; i < ISDN_MAX_CHANNELS; i++)
1562		spin_lock_init(&isdn_ppp_bundle_arr[i].lock);
1563	return 0;
1564}
1565
1566static ippp_bundle *isdn_ppp_mp_bundle_alloc(void)
1567{
1568	int i;
1569	for (i = 0; i < ISDN_MAX_CHANNELS; i++)
1570		if (isdn_ppp_bundle_arr[i].ref_ct <= 0)
1571			return (isdn_ppp_bundle_arr + i);
1572	return NULL;
1573}
1574
1575static int isdn_ppp_mp_init(isdn_net_local *lp, ippp_bundle *add_to)
1576{
1577	struct ippp_struct *is;
1578
1579	if (lp->ppp_slot < 0) {
1580		printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
1581		       __func__, lp->ppp_slot);
1582		return (-EINVAL);
1583	}
1584
1585	is = ippp_table[lp->ppp_slot];
1586	if (add_to) {
1587		if (lp->netdev->pb)
1588			lp->netdev->pb->ref_ct--;
1589		lp->netdev->pb = add_to;
1590	} else {		/* first link in a bundle */
1591		is->mp_seqno = 0;
1592		if ((lp->netdev->pb = isdn_ppp_mp_bundle_alloc()) == NULL)
1593			return -ENOMEM;
1594		lp->next = lp->last = lp;	/* nobody else in a queue */
1595		lp->netdev->pb->frags = NULL;
1596		lp->netdev->pb->frames = 0;
1597		lp->netdev->pb->seq = UINT_MAX;
1598	}
1599	lp->netdev->pb->ref_ct++;
1600
1601	is->last_link_seqno = 0;
1602	return 0;
1603}
1604
1605static u32 isdn_ppp_mp_get_seq(int short_seq,
1606			       struct sk_buff *skb, u32 last_seq);
1607static struct sk_buff *isdn_ppp_mp_discard(ippp_bundle *mp,
1608					   struct sk_buff *from, struct sk_buff *to);
1609static void isdn_ppp_mp_reassembly(isdn_net_dev *net_dev, isdn_net_local *lp,
1610				   struct sk_buff *from, struct sk_buff *to);
1611static void isdn_ppp_mp_free_skb(ippp_bundle *mp, struct sk_buff *skb);
1612static void isdn_ppp_mp_print_recv_pkt(int slot, struct sk_buff *skb);
1613
1614static void isdn_ppp_mp_receive(isdn_net_dev *net_dev, isdn_net_local *lp,
1615				struct sk_buff *skb)
1616{
1617	struct ippp_struct *is;
1618	isdn_net_local *lpq;
1619	ippp_bundle *mp;
1620	isdn_mppp_stats *stats;
1621	struct sk_buff *newfrag, *frag, *start, *nextf;
1622	u32 newseq, minseq, thisseq;
1623	unsigned long flags;
1624	int slot;
1625
1626	spin_lock_irqsave(&net_dev->pb->lock, flags);
1627	mp = net_dev->pb;
1628	stats = &mp->stats;
1629	slot = lp->ppp_slot;
1630	if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1631		printk(KERN_ERR "%s: lp->ppp_slot(%d)\n",
1632		       __func__, lp->ppp_slot);
1633		stats->frame_drops++;
1634		dev_kfree_skb(skb);
1635		spin_unlock_irqrestore(&mp->lock, flags);
1636		return;
1637	}
1638	is = ippp_table[slot];
1639	if (++mp->frames > stats->max_queue_len)
1640		stats->max_queue_len = mp->frames;
1641
1642	if (is->debug & 0x8)
1643		isdn_ppp_mp_print_recv_pkt(lp->ppp_slot, skb);
1644
1645	newseq = isdn_ppp_mp_get_seq(is->mpppcfg & SC_IN_SHORT_SEQ,
1646				     skb, is->last_link_seqno);
1647
1648
1649	/* if this packet seq # is less than last already processed one,
1650	 * toss it right away, but check for sequence start case first
1651	 */
1652	if (mp->seq > MP_LONGSEQ_MAX && (newseq & MP_LONGSEQ_MAXBIT)) {
1653		mp->seq = newseq;	/* the first packet: required for
1654					 * rfc1990 non-compliant clients --
1655					 * prevents constant packet toss */
1656	} else if (MP_LT(newseq, mp->seq)) {
1657		stats->frame_drops++;
1658		isdn_ppp_mp_free_skb(mp, skb);
1659		spin_unlock_irqrestore(&mp->lock, flags);
1660		return;
1661	}
1662
1663	/* find the minimum received sequence number over all links */
1664	is->last_link_seqno = minseq = newseq;
1665	for (lpq = net_dev->queue;;) {
1666		slot = lpq->ppp_slot;
1667		if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1668			printk(KERN_ERR "%s: lpq->ppp_slot(%d)\n",
1669			       __func__, lpq->ppp_slot);
1670		} else {
1671			u32 lls = ippp_table[slot]->last_link_seqno;
1672			if (MP_LT(lls, minseq))
1673				minseq = lls;
1674		}
1675		if ((lpq = lpq->next) == net_dev->queue)
1676			break;
1677	}
1678	if (MP_LT(minseq, mp->seq))
1679		minseq = mp->seq;	/* can't go beyond already processed
1680					 * packets */
1681	newfrag = skb;
1682
1683	/* if this new fragment is before the first one, then enqueue it now. */
1684	if ((frag = mp->frags) == NULL || MP_LT(newseq, MP_SEQ(frag))) {
1685		newfrag->next = frag;
1686		mp->frags = frag = newfrag;
1687		newfrag = NULL;
1688	}
1689
1690	start = MP_FLAGS(frag) & MP_BEGIN_FRAG &&
1691		MP_SEQ(frag) == mp->seq ? frag : NULL;
1692
1693	/*
1694	 * main fragment traversing loop
1695	 *
1696	 * try to accomplish several tasks:
1697	 * - insert new fragment into the proper sequence slot (once that's done
1698	 *   newfrag will be set to NULL)
1699	 * - reassemble any complete fragment sequence (non-null 'start'
1700	 *   indicates there is a contiguous sequence present)
1701	 * - discard any incomplete sequences that are below minseq -- due
1702	 *   to the fact that sender always increment sequence number, if there
1703	 *   is an incomplete sequence below minseq, no new fragments would
1704	 *   come to complete such sequence and it should be discarded
1705	 *
1706	 * loop completes when we accomplished the following tasks:
1707	 * - new fragment is inserted in the proper sequence ('newfrag' is
1708	 *   set to NULL)
1709	 * - we hit a gap in the sequence, so no reassembly/processing is
1710	 *   possible ('start' would be set to NULL)
1711	 *
1712	 * algorithm for this code is derived from code in the book
1713	 * 'PPP Design And Debugging' by James Carlson (Addison-Wesley)
1714	 */
1715	while (start != NULL || newfrag != NULL) {
1716
1717		thisseq = MP_SEQ(frag);
1718		nextf = frag->next;
1719
1720		/* drop any duplicate fragments */
1721		if (newfrag != NULL && thisseq == newseq) {
1722			isdn_ppp_mp_free_skb(mp, newfrag);
1723			newfrag = NULL;
1724		}
1725
1726		/* insert new fragment before next element if possible. */
1727		if (newfrag != NULL && (nextf == NULL ||
1728					MP_LT(newseq, MP_SEQ(nextf)))) {
1729			newfrag->next = nextf;
1730			frag->next = nextf = newfrag;
1731			newfrag = NULL;
1732		}
1733
1734		if (start != NULL) {
1735			/* check for misplaced start */
1736			if (start != frag && (MP_FLAGS(frag) & MP_BEGIN_FRAG)) {
1737				printk(KERN_WARNING"isdn_mppp(seq %d): new "
1738				       "BEGIN flag with no prior END", thisseq);
1739				stats->seqerrs++;
1740				stats->frame_drops++;
1741				start = isdn_ppp_mp_discard(mp, start, frag);
1742				nextf = frag->next;
1743			}
1744		} else if (MP_LE(thisseq, minseq)) {
1745			if (MP_FLAGS(frag) & MP_BEGIN_FRAG)
1746				start = frag;
1747			else {
1748				if (MP_FLAGS(frag) & MP_END_FRAG)
1749					stats->frame_drops++;
1750				if (mp->frags == frag)
1751					mp->frags = nextf;
1752				isdn_ppp_mp_free_skb(mp, frag);
1753				frag = nextf;
1754				continue;
1755			}
1756		}
1757
1758		/* if start is non-null and we have end fragment, then
1759		 * we have full reassembly sequence -- reassemble
1760		 * and process packet now
1761		 */
1762		if (start != NULL && (MP_FLAGS(frag) & MP_END_FRAG)) {
1763			minseq = mp->seq = (thisseq + 1) & MP_LONGSEQ_MASK;
1764			/* Reassemble the packet then dispatch it */
1765			isdn_ppp_mp_reassembly(net_dev, lp, start, nextf);
1766
1767			start = NULL;
1768			frag = NULL;
1769
1770			mp->frags = nextf;
1771		}
1772
1773		/* check if need to update start pointer: if we just
1774		 * reassembled the packet and sequence is contiguous
1775		 * then next fragment should be the start of new reassembly
1776		 * if sequence is contiguous, but we haven't reassembled yet,
1777		 * keep going.
1778		 * if sequence is not contiguous, either clear everything
1779		 * below low watermark and set start to the next frag or
1780		 * clear start ptr.
1781		 */
1782		if (nextf != NULL &&
1783		    ((thisseq + 1) & MP_LONGSEQ_MASK) == MP_SEQ(nextf)) {
1784			/* if we just reassembled and the next one is here,
1785			 * then start another reassembly. */
1786
1787			if (frag == NULL) {
1788				if (MP_FLAGS(nextf) & MP_BEGIN_FRAG)
1789					start = nextf;
1790				else
1791				{
1792					printk(KERN_WARNING"isdn_mppp(seq %d):"
1793					       " END flag with no following "
1794					       "BEGIN", thisseq);
1795					stats->seqerrs++;
1796				}
1797			}
1798
1799		} else {
1800			if (nextf != NULL && frag != NULL &&
1801			    MP_LT(thisseq, minseq)) {
1802				/* we've got a break in the sequence
1803				 * and we not at the end yet
1804				 * and we did not just reassembled
1805				 *(if we did, there wouldn't be anything before)
1806				 * and we below the low watermark
1807				 * discard all the frames below low watermark
1808				 * and start over */
1809				stats->frame_drops++;
1810				mp->frags = isdn_ppp_mp_discard(mp, start, nextf);
1811			}
1812			/* break in the sequence, no reassembly */
1813			start = NULL;
1814		}
1815
1816		frag = nextf;
1817	}	/* while -- main loop */
1818
1819	if (mp->frags == NULL)
1820		mp->frags = frag;
1821
1822	/* rather straighforward way to deal with (not very) possible
1823	 * queue overflow */
1824	if (mp->frames > MP_MAX_QUEUE_LEN) {
1825		stats->overflows++;
1826		while (mp->frames > MP_MAX_QUEUE_LEN) {
1827			frag = mp->frags->next;
1828			isdn_ppp_mp_free_skb(mp, mp->frags);
1829			mp->frags = frag;
1830		}
1831	}
1832	spin_unlock_irqrestore(&mp->lock, flags);
1833}
1834
1835static void isdn_ppp_mp_cleanup(isdn_net_local *lp)
1836{
1837	struct sk_buff *frag = lp->netdev->pb->frags;
1838	struct sk_buff *nextfrag;
1839	while (frag) {
1840		nextfrag = frag->next;
1841		isdn_ppp_mp_free_skb(lp->netdev->pb, frag);
1842		frag = nextfrag;
1843	}
1844	lp->netdev->pb->frags = NULL;
1845}
1846
1847static u32 isdn_ppp_mp_get_seq(int short_seq,
1848			       struct sk_buff *skb, u32 last_seq)
1849{
1850	u32 seq;
1851	int flags = skb->data[0] & (MP_BEGIN_FRAG | MP_END_FRAG);
1852
1853	if (!short_seq)
1854	{
1855		seq = ntohl(*(__be32 *)skb->data) & MP_LONGSEQ_MASK;
1856		skb_push(skb, 1);
1857	}
1858	else
1859	{
1860		/* convert 12-bit short seq number to 24-bit long one
1861		 */
1862		seq = ntohs(*(__be16 *)skb->data) & MP_SHORTSEQ_MASK;
1863
1864		/* check for seqence wrap */
1865		if (!(seq &  MP_SHORTSEQ_MAXBIT) &&
1866		    (last_seq &  MP_SHORTSEQ_MAXBIT) &&
1867		    (unsigned long)last_seq <= MP_LONGSEQ_MAX)
1868			seq |= (last_seq + MP_SHORTSEQ_MAX + 1) &
1869				(~MP_SHORTSEQ_MASK & MP_LONGSEQ_MASK);
1870		else
1871			seq |= last_seq & (~MP_SHORTSEQ_MASK & MP_LONGSEQ_MASK);
1872
1873		skb_push(skb, 3);	/* put converted seqence back in skb */
1874	}
1875	*(u32 *)(skb->data + 1) = seq;	/* put seqence back in _host_ byte
1876					 * order */
1877	skb->data[0] = flags;	        /* restore flags */
1878	return seq;
1879}
1880
1881struct sk_buff *isdn_ppp_mp_discard(ippp_bundle *mp,
1882				    struct sk_buff *from, struct sk_buff *to)
1883{
1884	if (from)
1885		while (from != to) {
1886			struct sk_buff *next = from->next;
1887			isdn_ppp_mp_free_skb(mp, from);
1888			from = next;
1889		}
1890	return from;
1891}
1892
1893void isdn_ppp_mp_reassembly(isdn_net_dev *net_dev, isdn_net_local *lp,
1894			    struct sk_buff *from, struct sk_buff *to)
1895{
1896	ippp_bundle *mp = net_dev->pb;
1897	int proto;
1898	struct sk_buff *skb;
1899	unsigned int tot_len;
1900
1901	if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
1902		printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
1903		       __func__, lp->ppp_slot);
1904		return;
1905	}
1906	if (MP_FLAGS(from) == (MP_BEGIN_FRAG | MP_END_FRAG)) {
1907		if (ippp_table[lp->ppp_slot]->debug & 0x40)
1908			printk(KERN_DEBUG "isdn_mppp: reassembly: frame %d, "
1909			       "len %d\n", MP_SEQ(from), from->len);
1910		skb = from;
1911		skb_pull(skb, MP_HEADER_LEN);
1912		mp->frames--;
1913	} else {
1914		struct sk_buff *frag;
1915		int n;
1916
1917		for (tot_len = n = 0, frag = from; frag != to; frag = frag->next, n++)
1918			tot_len += frag->len - MP_HEADER_LEN;
1919
1920		if (ippp_table[lp->ppp_slot]->debug & 0x40)
1921			printk(KERN_DEBUG"isdn_mppp: reassembling frames %d "
1922			       "to %d, len %d\n", MP_SEQ(from),
1923			       (MP_SEQ(from) + n - 1) & MP_LONGSEQ_MASK, tot_len);
1924		if ((skb = dev_alloc_skb(tot_len)) == NULL) {
1925			printk(KERN_ERR "isdn_mppp: cannot allocate sk buff "
1926			       "of size %d\n", tot_len);
1927			isdn_ppp_mp_discard(mp, from, to);
1928			return;
1929		}
1930
1931		while (from != to) {
1932			unsigned int len = from->len - MP_HEADER_LEN;
1933
1934			skb_copy_from_linear_data_offset(from, MP_HEADER_LEN,
1935							 skb_

Large files files are truncated, but you can click here to view the full file