Apply patch for sync serial support from Paul Fulghum.
[ppp.git] / linux / ppp.c
1 /*  PPP for Linux
2  *
3  *  Michael Callahan <callahan@maths.ox.ac.uk>
4  *  Al Longyear <longyear@netcom.com>
5  *  Extensively rewritten by Paul Mackerras <paulus@cs.anu.edu.au>
6  *
7  *  ==FILEVERSION 990325==
8  *
9  *  NOTE TO MAINTAINERS:
10  *     If you modify this file at all, please set the number above to the
11  *     date of the modification as YYMMDD (year month day).
12  *     ppp.c is shipped with a PPP distribution as well as with the kernel;
13  *     if everyone increases the FILEVERSION number above, then scripts
14  *     can do the right thing when deciding whether to install a new ppp.c
15  *     file.  Don't change the format of that line otherwise, so the
16  *     installation script can recognize it.
17  */
18
19 /*
20    Sources:
21
22    slip.c
23
24    RFC1331: The Point-to-Point Protocol (PPP) for the Transmission of
25    Multi-protocol Datagrams over Point-to-Point Links
26
27    RFC1332: IPCP
28
29    ppp-2.0
30
31    Flags for this module (any combination is acceptable for testing.):
32
33    OPTIMIZE_FLAG_TIME - Number of jiffies to force sending of leading flag
34                         character. This is normally set to ((HZ * 3) / 2).
35                         This is 1.5 seconds. If zero then the leading
36                         flag is always sent.
37
38    CHECK_CHARACTERS   - Enable the checking on all received characters for
39                         8 data bits, no parity. This adds a small amount of
40                         processing for each received character.
41 */
42
43 #define OPTIMIZE_FLAG_TIME      ((HZ * 3)/2)
44 #define CHECK_CHARACTERS        1
45
46 #define PPP_MAX_RCV_QLEN        32      /* max # frames we queue up for pppd */
47
48 /* $Id: ppp.c,v 1.22 1999/03/30 06:33:07 paulus Exp $ */
49
50 #include <linux/version.h>
51 #include <linux/config.h>
52 #include <linux/module.h>
53 #include <linux/kernel.h>
54 #include <linux/sched.h>
55 #include <linux/types.h>
56 #include <linux/fcntl.h>
57 #include <linux/interrupt.h>
58 #include <linux/ptrace.h>
59
60 /* a macro to generate linux version number codes */
61 #define VERSION(major,minor,patch) (((((major)<<8)+(minor))<<8)+(patch))
62
63 #if LINUX_VERSION_CODE < VERSION(2,1,14)
64 #include <linux/ioport.h>
65 #endif
66
67 #if LINUX_VERSION_CODE >= VERSION(2,1,23)
68 #include <linux/poll.h>
69 #endif
70
71 #include <linux/in.h>
72 #include <linux/malloc.h>
73 #include <linux/tty.h>
74 #include <linux/errno.h>
75 #include <linux/sched.h>        /* to get the struct task_struct */
76 #include <linux/string.h>       /* used in new tty drivers */
77 #include <linux/signal.h>       /* used in new tty drivers */
78 #include <asm/system.h>
79 #include <asm/bitops.h>
80 #include <linux/if.h>
81 #include <linux/if_ether.h>
82 #include <linux/netdevice.h>
83 #include <linux/skbuff.h>
84 #include <linux/inet.h>
85 #include <linux/ioctl.h>
86 #include <linux/ip.h>
87 #include <linux/tcp.h>
88 #include <linux/if_arp.h>
89 #include <net/slhc_vj.h>
90
91 #define fcstab  ppp_crc16_table         /* Name of the table in the kernel */
92 #include <linux/ppp_defs.h>
93
94 #include <linux/socket.h>
95 #include <linux/if_ppp.h>
96 #include <linux/if_pppvar.h>
97 #include <linux/ppp-comp.h>
98
99 #ifdef CONFIG_KMOD
100 #include <linux/kmod.h>
101 #endif
102 #ifdef CONFIG_KERNELD
103 #include <linux/kerneld.h>
104 #endif
105
106 #undef PPP_VERSION
107 #define PPP_VERSION     "2.3.6"
108
109 #if LINUX_VERSION_CODE >= VERSION(2,1,4)
110
111 #if LINUX_VERSION_CODE >= VERSION(2,1,5)
112 #include <asm/uaccess.h>
113 #else
114 #include <asm/segment.h>
115 #endif
116
117 #define GET_USER        get_user
118 #define PUT_USER        put_user
119 #define COPY_FROM_USER  copy_from_user
120 #define COPY_TO_USER    copy_to_user
121
122 #else  /* 2.0.x and 2.1.x before 2.1.4 */
123
124 #define GET_USER(val, src)      \
125         (verify_area(VERIFY_READ, src, sizeof(*src))? -EFAULT: \
126          ((val) = get_user(src), 0))
127 #define PUT_USER(val, dst)      \
128         (verify_area(VERIFY_WRITE, dst, sizeof(*dst))? -EFAULT: \
129          (put_user(val, dst), 0))
130 #define COPY_FROM_USER(dst, src, size)  \
131         (verify_area(VERIFY_READ, src, size)? -EFAULT: \
132          (memcpy_fromfs(dst, src, size), 0))
133 #define COPY_TO_USER(dst, src, size)    \
134         (verify_area(VERIFY_WRITE, dst, size)? -EFAULT: \
135          (memcpy_tofs(dst, src, size), 0))
136
137 #endif /* < 2.1.4 */
138
139 #if LINUX_VERSION_CODE < VERSION(2,1,37)
140 #define test_and_set_bit(nr, addr)      set_bit(nr, addr)
141 #endif
142
143 #if LINUX_VERSION_CODE < VERSION(2,1,25)
144 #define net_device_stats        enet_statistics
145 #endif
146
147 #if LINUX_VERSION_CODE < VERSION(2,1,57)
148 #define signal_pending(tsk)     ((tsk)->signal & ~(tsk)->blocked)
149 #endif
150
151 #if LINUX_VERSION_CODE < VERSION(2,1,60)
152 typedef int             rw_ret_t;
153 typedef unsigned int    rw_count_t;
154 #else
155 typedef ssize_t         rw_ret_t;
156 typedef size_t          rw_count_t;
157 #endif
158
159 #if LINUX_VERSION_CODE < VERSION(2,1,86)
160 #define KFREE_SKB(s)    dev_kfree_skb((s), FREE_WRITE)
161 #else
162 #define KFREE_SKB(s)    kfree_skb(s)
163 #endif
164
165 #if LINUX_VERSION_CODE < VERSION(2,1,15)
166 #define LIBERATE_SKB(s) ((s)->free = 1)
167 #else
168 #define LIBERATE_SKB(s) do { } while (0)
169 #endif
170
171 #if LINUX_VERSION_CODE < VERSION(2,1,95)
172 #define SUSER()         suser()
173 #else
174 #define SUSER()         capable(CAP_NET_ADMIN)
175 #endif
176
177 /*
178  * Local functions
179  */
180
181 #ifdef CONFIG_MODULES
182 static int ppp_register_compressor (struct compressor *cp);
183 static void ppp_unregister_compressor (struct compressor *cp);
184 #endif
185
186 static void ppp_async_init(struct ppp *ppp);
187 static void ppp_async_release(struct ppp *ppp);
188 static int ppp_tty_sync_push(struct ppp *ppp);
189 static int ppp_tty_push(struct ppp *ppp);
190 static int ppp_async_encode(struct ppp *ppp);
191 static int ppp_async_send(struct ppp *, struct sk_buff *);
192 static int ppp_sync_send(struct ppp *, struct sk_buff *);
193
194 static int ppp_ioctl(struct ppp *, unsigned int, unsigned long);
195 static int ppp_set_compression (struct ppp *ppp, struct ppp_option_data *odp);
196 static void ppp_proto_ccp(struct ppp *ppp, __u8 *dp, int len, int rcvd);
197 static void ppp_ccp_closed(struct ppp *ppp);
198 static int ppp_receive_frame(struct ppp *, struct sk_buff *);
199 static void ppp_receive_error(struct ppp *ppp);
200 static void ppp_output_wakeup(struct ppp *ppp);
201 static void ppp_send_ctrl(struct ppp *ppp, struct sk_buff *skb);
202 static void ppp_send_frame(struct ppp *ppp, struct sk_buff *skb);
203 static void ppp_send_frames(struct ppp *ppp);
204 static struct sk_buff *ppp_vj_compress(struct ppp *ppp, struct sk_buff *skb);
205
206 static struct ppp *ppp_find (int pid_value);
207 static struct ppp *ppp_alloc (void);
208 static void ppp_generic_init(struct ppp *ppp);
209 static void ppp_release(struct ppp *ppp);
210 static void ppp_print_buffer (const char *, const __u8 *, int);
211 static struct compressor *find_compressor (int type);
212
213 #ifndef OPTIMIZE_FLAG_TIME
214 #define OPTIMIZE_FLAG_TIME      0
215 #endif
216
217 /*
218  * Parameters which may be changed via insmod.
219  */
220
221 static int  flag_time = OPTIMIZE_FLAG_TIME;
222 #if LINUX_VERSION_CODE >= VERSION(2,1,19) 
223 MODULE_PARM(flag_time, "i");
224 #endif
225
226 #define CHECK_PPP_MAGIC(ppp)    do { \
227         if (ppp->magic != PPP_MAGIC) { \
228                 printk(ppp_magic_warn, ppp, __FILE__, __LINE__); \
229         } \
230 } while (0)
231 #define CHECK_PPP(a)    do { \
232         CHECK_PPP_MAGIC(ppp); \
233         if (!ppp->inuse) { \
234                 printk(ppp_warning, __LINE__); \
235                 return a; \
236         } \
237 } while (0)
238 #define CHECK_PPP_VOID() do { \
239         CHECK_PPP_MAGIC(ppp); \
240         if (!ppp->inuse) { \
241                 printk(ppp_warning, __LINE__); \
242                 return; \
243         } \
244 } while (0)
245
246 #define tty2ppp(tty)    ((struct ppp *) ((tty)->disc_data))
247 #define dev2ppp(dev)    ((struct ppp *) ((dev)->priv))
248 #define ppp2tty(ppp)    ((ppp)->tty)
249 #define ppp2dev(ppp)    (&(ppp)->dev)
250
251 static struct ppp *ppp_list = NULL;
252 static struct ppp *ppp_last = NULL;
253
254 /* Define these strings only once for all macro invocations */
255 static char ppp_warning[] = KERN_WARNING "PPP: ALERT! not INUSE! %d\n";
256 static char ppp_magic_warn[] = KERN_WARNING "bad magic for ppp %p at %s:%d\n";
257
258 static char szVersion[]         = PPP_VERSION;
259
260 #if LINUX_VERSION_CODE < VERSION(2,1,18)
261 static struct symbol_table ppp_syms = {
262 #include <linux/symtab_begin.h>
263         X(ppp_register_compressor),
264         X(ppp_unregister_compressor),
265 #include <linux/symtab_end.h>
266 };
267 #else
268 EXPORT_SYMBOL(ppp_register_compressor);
269 EXPORT_SYMBOL(ppp_unregister_compressor);
270 #endif
271
272 /*************************************************************
273  * LINE DISCIPLINE SUPPORT
274  *    The following code implements the PPP line discipline
275  *    and supports using PPP on an async serial line.
276  *************************************************************/
277
278 #define in_xmap(ppp,c)  (ppp->xmit_async_map[(c) >> 5] & (1 << ((c) & 0x1f)))
279 #define in_rmap(ppp,c)  ((((unsigned int) (__u8) (c)) < 0x20) && \
280                         ppp->recv_async_map & (1 << (c)))
281
282 /*
283  * TTY callbacks
284  */
285
286 static rw_ret_t ppp_tty_read(struct tty_struct *, struct file *, __u8 *,
287                              rw_count_t);
288 static rw_ret_t ppp_tty_write(struct tty_struct *, struct file *, const __u8 *,
289                               rw_count_t);
290 static int ppp_tty_ioctl(struct tty_struct *, struct file *, unsigned int,
291                          unsigned long);
292 #if LINUX_VERSION_CODE < VERSION(2,1,23)
293 static int ppp_tty_select(struct tty_struct *tty, struct inode *inode,
294                         struct file *filp, int sel_type, select_table * wait);
295 #else
296 static unsigned int ppp_tty_poll(struct tty_struct *tty, struct file *filp,
297                                  poll_table * wait);
298 #endif
299 static int ppp_tty_open (struct tty_struct *);
300 static void ppp_tty_close (struct tty_struct *);
301 static int ppp_tty_room (struct tty_struct *tty);
302 static void ppp_tty_receive (struct tty_struct *tty, const __u8 * cp,
303                              char *fp, int count);
304 static void ppp_tty_wakeup (struct tty_struct *tty);
305
306 __u16 ppp_crc16_table[256] =
307 {
308         0x0000, 0x1189, 0x2312, 0x329b, 0x4624, 0x57ad, 0x6536, 0x74bf,
309         0x8c48, 0x9dc1, 0xaf5a, 0xbed3, 0xca6c, 0xdbe5, 0xe97e, 0xf8f7,
310         0x1081, 0x0108, 0x3393, 0x221a, 0x56a5, 0x472c, 0x75b7, 0x643e,
311         0x9cc9, 0x8d40, 0xbfdb, 0xae52, 0xdaed, 0xcb64, 0xf9ff, 0xe876,
312         0x2102, 0x308b, 0x0210, 0x1399, 0x6726, 0x76af, 0x4434, 0x55bd,
313         0xad4a, 0xbcc3, 0x8e58, 0x9fd1, 0xeb6e, 0xfae7, 0xc87c, 0xd9f5,
314         0x3183, 0x200a, 0x1291, 0x0318, 0x77a7, 0x662e, 0x54b5, 0x453c,
315         0xbdcb, 0xac42, 0x9ed9, 0x8f50, 0xfbef, 0xea66, 0xd8fd, 0xc974,
316         0x4204, 0x538d, 0x6116, 0x709f, 0x0420, 0x15a9, 0x2732, 0x36bb,
317         0xce4c, 0xdfc5, 0xed5e, 0xfcd7, 0x8868, 0x99e1, 0xab7a, 0xbaf3,
318         0x5285, 0x430c, 0x7197, 0x601e, 0x14a1, 0x0528, 0x37b3, 0x263a,
319         0xdecd, 0xcf44, 0xfddf, 0xec56, 0x98e9, 0x8960, 0xbbfb, 0xaa72,
320         0x6306, 0x728f, 0x4014, 0x519d, 0x2522, 0x34ab, 0x0630, 0x17b9,
321         0xef4e, 0xfec7, 0xcc5c, 0xddd5, 0xa96a, 0xb8e3, 0x8a78, 0x9bf1,
322         0x7387, 0x620e, 0x5095, 0x411c, 0x35a3, 0x242a, 0x16b1, 0x0738,
323         0xffcf, 0xee46, 0xdcdd, 0xcd54, 0xb9eb, 0xa862, 0x9af9, 0x8b70,
324         0x8408, 0x9581, 0xa71a, 0xb693, 0xc22c, 0xd3a5, 0xe13e, 0xf0b7,
325         0x0840, 0x19c9, 0x2b52, 0x3adb, 0x4e64, 0x5fed, 0x6d76, 0x7cff,
326         0x9489, 0x8500, 0xb79b, 0xa612, 0xd2ad, 0xc324, 0xf1bf, 0xe036,
327         0x18c1, 0x0948, 0x3bd3, 0x2a5a, 0x5ee5, 0x4f6c, 0x7df7, 0x6c7e,
328         0xa50a, 0xb483, 0x8618, 0x9791, 0xe32e, 0xf2a7, 0xc03c, 0xd1b5,
329         0x2942, 0x38cb, 0x0a50, 0x1bd9, 0x6f66, 0x7eef, 0x4c74, 0x5dfd,
330         0xb58b, 0xa402, 0x9699, 0x8710, 0xf3af, 0xe226, 0xd0bd, 0xc134,
331         0x39c3, 0x284a, 0x1ad1, 0x0b58, 0x7fe7, 0x6e6e, 0x5cf5, 0x4d7c,
332         0xc60c, 0xd785, 0xe51e, 0xf497, 0x8028, 0x91a1, 0xa33a, 0xb2b3,
333         0x4a44, 0x5bcd, 0x6956, 0x78df, 0x0c60, 0x1de9, 0x2f72, 0x3efb,
334         0xd68d, 0xc704, 0xf59f, 0xe416, 0x90a9, 0x8120, 0xb3bb, 0xa232,
335         0x5ac5, 0x4b4c, 0x79d7, 0x685e, 0x1ce1, 0x0d68, 0x3ff3, 0x2e7a,
336         0xe70e, 0xf687, 0xc41c, 0xd595, 0xa12a, 0xb0a3, 0x8238, 0x93b1,
337         0x6b46, 0x7acf, 0x4854, 0x59dd, 0x2d62, 0x3ceb, 0x0e70, 0x1ff9,
338         0xf78f, 0xe606, 0xd49d, 0xc514, 0xb1ab, 0xa022, 0x92b9, 0x8330,
339         0x7bc7, 0x6a4e, 0x58d5, 0x495c, 0x3de3, 0x2c6a, 0x1ef1, 0x0f78
340 };
341
342 #ifdef CHECK_CHARACTERS
343 static __u32 paritytab[8] =
344 {
345         0x96696996, 0x69969669, 0x69969669, 0x96696996,
346         0x69969669, 0x96696996, 0x96696996, 0x69969669
347 };
348 #endif
349
350 /*
351  * This procedure is called at initialization time to register
352  * the PPP line discipline.
353  */
354 static int
355 ppp_first_time(void)
356 {
357         static struct tty_ldisc ppp_ldisc;
358         int    status;
359
360         printk(KERN_INFO
361                "PPP: version %s (demand dialling)"
362                "\n", szVersion);
363
364 #ifndef MODULE /* slhc module logic has its own copyright announcement */
365         printk(KERN_INFO
366                "TCP compression code copyright 1989 Regents of the "
367                "University of California\n");
368 #endif
369
370         /*
371          * Register the tty discipline
372          */
373         (void) memset (&ppp_ldisc, 0, sizeof (ppp_ldisc));
374         ppp_ldisc.magic         = TTY_LDISC_MAGIC;
375 #if LINUX_VERSION_CODE >= VERSION(2,1,28)
376         ppp_ldisc.name          = "ppp";
377 #endif
378         ppp_ldisc.open          = ppp_tty_open;
379         ppp_ldisc.close         = ppp_tty_close;
380         ppp_ldisc.read          = ppp_tty_read;
381         ppp_ldisc.write         = ppp_tty_write;
382         ppp_ldisc.ioctl         = ppp_tty_ioctl;
383 #if LINUX_VERSION_CODE < VERSION(2,1,23)
384         ppp_ldisc.select        = ppp_tty_select;
385 #else
386         ppp_ldisc.poll          = ppp_tty_poll;
387 #endif
388         ppp_ldisc.receive_room  = ppp_tty_room;
389         ppp_ldisc.receive_buf   = ppp_tty_receive;
390         ppp_ldisc.write_wakeup  = ppp_tty_wakeup;
391
392         status = tty_register_ldisc (N_PPP, &ppp_ldisc);
393         if (status == 0)
394                 printk(KERN_INFO "PPP line discipline registered.\n");
395         else
396                 printk(KERN_ERR "error registering line discipline: %d\n",
397                        status);
398         return status;
399 }
400
401
402 #ifndef MODULE
403 /*
404  * Called at boot time if the PPP driver is compiled into the kernel.
405  */
406 int
407 ppp_init(struct device *dev)
408 {
409         static int first_time = 1;
410         int    answer = 0;
411
412         if (first_time) {
413                 first_time = 0;
414                 answer     = ppp_first_time();
415 #if LINUX_VERSION_CODE < VERSION(2,1,18)
416                 if (answer == 0)
417                         (void) register_symtab(&ppp_syms);
418 #endif
419         }
420         if (answer == 0)
421                 answer = -ENODEV;
422         return answer;
423 }
424 #endif
425
426 /*
427  * Initialize the async-specific parts of the ppp structure.
428  */
429 static void
430 ppp_async_init(struct ppp *ppp)
431 {
432         ppp->escape = 0;
433         ppp->toss   = 0xE0;
434         ppp->tty_pushing = 0;
435
436         memset (ppp->xmit_async_map, 0, sizeof (ppp->xmit_async_map));
437         ppp->xmit_async_map[0] = 0xffffffff;
438         ppp->xmit_async_map[3] = 0x60000000;
439         ppp->recv_async_map    = 0xffffffff;
440
441         ppp->tpkt = NULL;
442         ppp->tfcs = PPP_INITFCS;
443         ppp->optr = ppp->obuf;
444         ppp->olim = ppp->obuf;
445
446         ppp->rpkt = NULL;
447         ppp->rfcs = PPP_INITFCS;
448
449         ppp->tty  = NULL;
450         ppp->backup_tty = NULL;
451
452         ppp->bytes_sent = 0;
453         ppp->bytes_rcvd = 0;
454 }
455
456 /*
457  * Clean up the async-specific parts of the ppp structure.
458  */
459 static void
460 ppp_async_release(struct ppp *ppp)
461 {
462         struct sk_buff *skb;
463
464         if ((skb = ppp->rpkt) != NULL)
465                 KFREE_SKB(skb);
466         ppp->rpkt = NULL;
467         if ((skb = ppp->tpkt) != NULL)
468                 KFREE_SKB(skb);
469         ppp->tpkt = NULL;
470 }
471
472 /*
473  * TTY callback.
474  *
475  * Called when the tty discipline is switched to PPP.
476  */
477
478 static int
479 ppp_tty_open (struct tty_struct *tty)
480 {
481         struct ppp *ppp;
482
483         /*
484          * Allocate a ppp structure to use.
485          */
486         tty->disc_data = NULL;
487         ppp = ppp_find(current->pid);
488         if (ppp != NULL) {
489                 /*
490                  * If we are taking over a ppp unit which is currently
491                  * connected to a loopback pty, there's not much to do.
492                  */
493                 CHECK_PPP(-EINVAL);
494
495         } else {
496                 ppp = ppp_alloc();
497                 if (ppp == NULL) {
498                         printk(KERN_ERR "ppp_alloc failed\n");
499                         return -ENFILE;
500                 }
501
502                 /*
503                  * Initialize the control block
504                  */
505                 ppp_generic_init(ppp);
506                 ppp_async_init(ppp);
507
508                 MOD_INC_USE_COUNT;
509         }
510
511         tty->disc_data = ppp;
512         ppp->tty       = tty;
513
514         /*
515          * Flush any pending characters in the driver
516          */
517         if (tty->driver.flush_buffer)
518                 tty->driver.flush_buffer (tty);
519
520         return ppp->line;
521 }
522
523 /*
524  * TTY callback.
525  *
526  * Called when the line discipline is changed to something
527  * else, the tty is closed, or the tty detects a hangup.
528  */
529
530 static void
531 ppp_tty_close (struct tty_struct *tty)
532 {
533         struct ppp *ppp = tty2ppp(tty);
534
535         if (ppp == NULL)
536                 return;
537         tty->disc_data = NULL;
538         if (ppp->magic != PPP_MAGIC) {
539                 printk(KERN_WARNING "ppp_tty_close: bogus\n");
540                 return;
541         }
542         if (!ppp->inuse) {
543                 printk(KERN_WARNING "ppp_tty_close: not inuse\n");
544                 ppp->tty = ppp->backup_tty = 0;
545                 return;
546         }
547         if (tty == ppp->backup_tty)
548                 ppp->backup_tty = 0;
549         if (tty != ppp->tty)
550                 return;
551         if (ppp->backup_tty) {
552                 ppp->tty = ppp->backup_tty;
553                 if (ppp_tty_push(ppp))
554                         ppp_output_wakeup(ppp);
555         } else {
556                 ppp->tty = 0;
557                 ppp->sc_xfer = 0;
558                 if (ppp->flags & SC_DEBUG)
559                         printk(KERN_INFO "ppp: channel %s closing.\n",
560                                ppp2dev(ppp)->name);
561
562                 ppp_async_release(ppp);
563                 ppp_release(ppp);
564                 MOD_DEC_USE_COUNT;
565         }
566 }
567
568 /*
569  * Read a PPP frame from the rcv_q list,
570  * waiting if necessary
571  */
572 static rw_ret_t
573 ppp_tty_read(struct tty_struct *tty, struct file *file, __u8 * buf,
574              rw_count_t nr)
575 {
576         struct ppp *ppp = tty2ppp (tty);
577         struct sk_buff *skb;
578         rw_ret_t len, err;
579
580         /*
581          * Validate the pointers
582          */
583         if (!ppp)
584                 return -EIO;
585         CHECK_PPP(-ENXIO);
586
587         /*
588          * Before we attempt to write the frame to the user, ensure that the
589          * user has access to the pages for the total buffer length.
590          */
591         err = verify_area(VERIFY_WRITE, buf, nr);
592         if (err != 0)
593                 return (err);
594
595         /*
596          * Wait for a frame to arrive if necessary.
597          * We increment the module use count so that the module
598          * can't go away while we're sleeping.
599          */
600         MOD_INC_USE_COUNT;
601         skb = NULL;
602         for (;;) {
603                 ppp = tty2ppp(tty);
604                 err = 0;
605                 if (!ppp || ppp->magic != PPP_MAGIC || !ppp->inuse
606                     || tty != ppp->tty)
607                         break;
608
609                 skb = skb_dequeue(&ppp->rcv_q);
610                 if (skb != 0)
611                         break;
612
613                 /*
614                  * If no frame is available, return -EAGAIN or wait.
615                  */
616                 err = -EAGAIN;
617                 if (file->f_flags & O_NONBLOCK)
618                         break;
619
620                 interruptible_sleep_on(&ppp->read_wait);
621                 err = -EINTR;
622                 if (signal_pending(current))
623                         break;
624         }
625         MOD_DEC_USE_COUNT;
626         if (skb == 0)
627                 return err;
628
629         /*
630          * Ensure that the frame will fit within the caller's buffer.
631          * If not, just discard the frame.
632          */
633         len = skb->len;
634         if (len > nr) {
635                 if (ppp->flags & SC_DEBUG)
636                         printk(KERN_DEBUG
637                                "ppp: read of %lu bytes too small for %ld "
638                                "frame\n", (unsigned long) nr, (long) len);
639                 ppp->stats.ppp_ierrors++;
640                 err = -EOVERFLOW;
641                 goto out;
642         }
643
644         /*
645          * Copy the received data from the buffer to the caller's area.
646          */
647         err = len;
648         if (COPY_TO_USER(buf, skb->data, len))
649                 err = -EFAULT;
650
651 out:
652         KFREE_SKB(skb);
653         return err;
654 }
655
656 /*
657  * Writing to a tty in ppp line discipline sends a PPP frame.
658  * Used by pppd to send control packets (LCP, etc.).
659  */
660 static rw_ret_t
661 ppp_tty_write(struct tty_struct *tty, struct file *file, const __u8 * data,
662               rw_count_t count)
663 {
664         struct ppp *ppp = tty2ppp (tty);
665         __u8 *new_data;
666         struct sk_buff *skb;
667
668         /*
669          * Verify the pointers.
670          */
671         if (!ppp)
672                 return -EIO;
673
674         if (ppp->magic != PPP_MAGIC)
675                 return -EIO;
676
677         CHECK_PPP(-ENXIO);
678
679         /*
680          * Ensure that the caller does not wish to send too much.
681          */
682         if (count > PPP_MTU + PPP_HDRLEN) {
683                 if (ppp->flags & SC_DEBUG)
684                         printk(KERN_WARNING
685                                "ppp_tty_write: truncating user packet "
686                                "from %lu to mtu %d\n", (unsigned long) count,
687                                PPP_MTU + PPP_HDRLEN);
688                 count = PPP_MTU + PPP_HDRLEN;
689         }
690
691         /*
692          * Allocate a buffer for the data and fetch it from the user space.
693          */
694         skb = alloc_skb(count, GFP_KERNEL);
695         if (skb == NULL) {
696                 printk(KERN_ERR "ppp_tty_write: no memory\n");
697                 return 0;
698         }
699         LIBERATE_SKB(skb);
700         new_data = skb_put(skb, count);
701
702         /*
703          * Retrieve the user's buffer
704          */
705         if (COPY_FROM_USER(new_data, data, count)) {
706                 KFREE_SKB(skb);
707                 return -EFAULT;
708         }
709
710         /*
711          * Send the frame
712          */
713         ppp_send_ctrl(ppp, skb);
714
715         return (rw_ret_t) count;
716 }
717
718 /*
719  * Process the IOCTL call for the tty device.
720  * Only the ioctls that relate to using ppp on async serial lines
721  * are processed here; the rest are handled by ppp_ioctl.
722  */
723 static int
724 ppp_tty_ioctl (struct tty_struct *tty, struct file * file,
725                unsigned int param2, unsigned long param3)
726 {
727         struct ppp *ppp = tty2ppp (tty);
728         register int temp_i = 0;
729         int error = -EFAULT;
730
731         /*
732          * Verify the status of the PPP device.
733          */
734         if (!ppp || ppp->magic != PPP_MAGIC || !ppp->inuse)
735                 return -ENXIO;
736
737         /*
738          * The user must have an euid of root to do these requests.
739          */
740         if (!SUSER())
741                 return -EPERM;
742
743         switch (param2) {
744         case PPPIOCGASYNCMAP:
745                 /*
746                  * Retrieve the transmit async map
747                  */
748                 if (PUT_USER(ppp->xmit_async_map[0], (int *) param3))
749                         break;
750                 error = 0;
751                 break;
752
753         case PPPIOCSASYNCMAP:
754                 /*
755                  * Set the transmit async map
756                  */
757                 if (GET_USER(temp_i, (int *) param3))
758                         break;
759                 ppp->xmit_async_map[0] = temp_i;
760                 if (ppp->flags & SC_DEBUG)
761                         printk(KERN_INFO
762                                "ppp_tty_ioctl: set xmit asyncmap %x\n",
763                                ppp->xmit_async_map[0]);
764                 error = 0;
765                 break;
766
767         case PPPIOCSRASYNCMAP:
768                 /*
769                  * Set the receive async map
770                  */
771                 if (GET_USER(temp_i, (int *) param3))
772                         break;
773                 ppp->recv_async_map = temp_i;
774                 if (ppp->flags & SC_DEBUG)
775                         printk(KERN_INFO
776                                "ppp_tty_ioctl: set rcv asyncmap %x\n",
777                                ppp->recv_async_map);
778                 error = 0;
779                 break;
780
781         case PPPIOCGXASYNCMAP:
782                 /*
783                  * Get the map of characters to be escaped on transmission.
784                  */
785                 if (COPY_TO_USER((void *) param3, ppp->xmit_async_map,
786                                  sizeof (ppp->xmit_async_map)))
787                         break;
788                 error = 0;
789                 break;
790
791         case PPPIOCSXASYNCMAP:
792                 /*
793                  * Set the map of characters to be escaped on transmission.
794                  */
795                 {
796                         __u32 temp_tbl[8];
797
798                         if (COPY_FROM_USER(temp_tbl, (void *) param3,
799                                            sizeof (temp_tbl)))
800                                 break;
801
802                         temp_tbl[1]  =  0x00000000;
803                         temp_tbl[2] &= ~0x40000000;
804                         temp_tbl[3] |=  0x60000000;
805
806                         memcpy(ppp->xmit_async_map, temp_tbl,
807                                sizeof (ppp->xmit_async_map));
808
809                         if (ppp->flags & SC_DEBUG)
810                                 printk(KERN_INFO
811                                        "ppp_tty_ioctl: set xasyncmap\n");
812                         error = 0;
813                 }
814                 break;
815
816         case PPPIOCXFERUNIT:
817                 /*
818                  * Set up this PPP unit to be used next time this
819                  * process sets a tty to PPP line discipline.
820                  */
821                 ppp->backup_tty = tty;
822                 ppp->sc_xfer = current->pid;
823                 error = 0;
824                 break;
825
826         case TCGETS:
827         case TCGETA:
828                 /*
829                  * Allow users to read, but not set, the serial port parameters
830                  */
831                 error = n_tty_ioctl (tty, file, param2, param3);
832                 break;
833
834         case FIONREAD:
835                 /*
836                  * Returns how many bytes are available for a read().
837                  */
838                 {
839                         unsigned long flags;
840                         struct sk_buff *skb;
841                         int count = 0;
842
843                         save_flags(flags);
844                         cli();
845                         skb = skb_peek(&ppp->rcv_q);
846                         if (skb != 0)
847                                 count = skb->len;
848                         restore_flags(flags);
849                         if (PUT_USER(count, (int *) param3))
850                                 break;
851                         error = 0;
852                 }
853                 break;
854
855         default:
856                 /*
857                  *  All other ioctl() events will come here.
858                  */
859                 error = ppp_ioctl(ppp, param2, param3);
860                 break;
861         }
862         return error;
863 }
864
865 /*
866  * TTY callback.
867  *
868  * Process the select() or poll() statement for the PPP device.
869  */
870
871 #if LINUX_VERSION_CODE < VERSION(2,1,23)
872 static int
873 ppp_tty_select(struct tty_struct *tty, struct inode *inode,
874                struct file *filp, int sel_type, select_table * wait)
875 {
876         struct ppp *ppp = tty2ppp(tty);
877         int result = 1;
878
879         /*
880          * Verify the status of the PPP device.
881          */
882         if (!ppp || tty != ppp->tty)
883                 return -EBADF;
884
885         CHECK_PPP(-EBADF);
886
887         switch (sel_type) {
888         case SEL_IN:
889                 /* The fd is readable if the receive queue isn't empty. */
890                 if (skb_peek(&ppp->rcv_q) != NULL)
891                         break;
892                 /* fall through */
893         case SEL_EX:
894                 /* Check for exceptions or read errors. */
895                 /* Is this a pty link and the remote disconnected? */
896                 if (tty->flags & (1 << TTY_OTHER_CLOSED))
897                         break;
898
899                 /* Is this a local link and the modem disconnected? */
900                 if (tty_hung_up_p (filp))
901                         break;
902
903                 select_wait(&ppp->read_wait, wait);
904                 result = 0;
905                 break;
906
907         case SEL_OUT:
908                 /* The fd is always writable. */
909                 break;
910         }
911         return result;
912 }
913
914 #else   /* 2.1.23 or later */
915
916 static unsigned int
917 ppp_tty_poll(struct tty_struct *tty, struct file *filp, poll_table * wait)
918 {
919         struct ppp *ppp = tty2ppp(tty);
920         unsigned int mask = 0;
921
922         if (ppp && ppp->magic == PPP_MAGIC && tty == ppp->tty) {
923                 CHECK_PPP(0);
924
925                 poll_wait(filp, &ppp->read_wait, wait);
926
927                 if (skb_peek(&ppp->rcv_q) != NULL)
928                         mask |= POLLIN | POLLRDNORM;
929                 if (tty->flags & (1 << TTY_OTHER_CLOSED)
930                     || tty_hung_up_p(filp))
931                         mask |= POLLHUP;
932                 mask |= POLLOUT | POLLWRNORM;
933         }
934         return mask;
935 }
936 #endif  /* >= 2.1.23 */
937
938 /*
939  * This function is called by the tty driver when the transmit buffer has
940  * additional space. It is used by the ppp code to continue to transmit
941  * the current buffer should the buffer have been partially sent.
942  */
943 static void
944 ppp_tty_wakeup (struct tty_struct *tty)
945 {
946         struct ppp *ppp = tty2ppp (tty);
947
948         tty->flags &= ~(1 << TTY_DO_WRITE_WAKEUP);
949         if (!ppp)
950                 return;
951         CHECK_PPP_VOID();
952         if (tty != ppp->tty)
953                 return;
954
955         if (ppp_tty_push(ppp))
956                 ppp_output_wakeup(ppp);
957 }
958
959 /*
960  * Send a packet to the peer over a synchronous tty line.
961  * All encoding and FCS are handled by hardware.
962  * Addr/Ctrl and Protocol field compression implemented.
963  * Returns -1 iff the packet could not be accepted at present,
964  * 0 if the packet was accepted but we can't accept another yet, or
965  * 1 if we can accept another packet immediately.
966  * If this procedure returns 0, ppp_output_wakeup will be called
967  * exactly once.
968  */
969 static int
970 ppp_sync_send(struct ppp *ppp, struct sk_buff *skb)
971 {
972         unsigned char *data;
973         int islcp;
974         
975         CHECK_PPP(0);
976
977         if (ppp->tpkt != NULL)
978                 return -1;
979         ppp->tpkt = skb;
980
981         data = ppp->tpkt->data;
982         
983         /*
984          * LCP packets with code values between 1 (configure-reqest)
985          * and 7 (code-reject) must be sent as though no options
986          * had been negotiated.
987          */
988         islcp = PPP_PROTOCOL(data) == PPP_LCP
989                 && 1 <= data[PPP_HDRLEN] && data[PPP_HDRLEN] <= 7;
990
991         /* only reset idle time for data packets */
992         if (PPP_PROTOCOL(data) < 0x8000)
993                 ppp->last_xmit = jiffies;
994         ++ppp->stats.ppp_opackets;
995         ppp->stats.ppp_ooctects += ppp->tpkt->len;
996
997         if ( !(data[2]) && (ppp->flags & SC_COMP_PROT) ) {
998                 /* compress protocol field */
999                 data[2] = data[1];
1000                 data[1] = data[0];
1001                 skb_pull(ppp->tpkt,1);
1002                 data = ppp->tpkt->data;
1003         }
1004         
1005         /*
1006          * Do address/control compression
1007          */
1008         if ((ppp->flags & SC_COMP_AC) && !islcp
1009             && PPP_ADDRESS(data) == PPP_ALLSTATIONS
1010             && PPP_CONTROL(data) == PPP_UI) {
1011                 /* strip addr and control field */
1012                 skb_pull(ppp->tpkt,2);
1013         }
1014
1015         return ppp_tty_sync_push(ppp);
1016 }
1017
1018 /*
1019  * Push a synchronous frame out to the tty.
1020  * Returns 1 if frame accepted (or discarded), 0 otherwise.
1021  */
1022 static int
1023 ppp_tty_sync_push(struct ppp *ppp)
1024 {
1025         int sent;
1026         struct tty_struct *tty = ppp2tty(ppp);
1027         unsigned long flags;
1028                 
1029         CHECK_PPP(0);
1030
1031         if (ppp->tpkt == NULL)
1032                 return 0;
1033                 
1034         /* prevent reentrancy with tty_pushing flag */          
1035         save_flags(flags);
1036         cli();
1037         if (ppp->tty_pushing) {
1038                 /* record wakeup attempt so we don't loose */
1039                 /* a wakeup call while doing push processing */
1040                 ppp->woke_up=1;
1041                 restore_flags(flags);
1042                 return 0;
1043         }
1044         ppp->tty_pushing = 1;
1045         restore_flags(flags);
1046         
1047         if (tty == NULL || tty->disc_data != (void *) ppp)
1048                 goto flush;
1049                 
1050         for(;;){
1051                 ppp->woke_up=0;
1052                 
1053                 /* Note: Sync driver accepts complete frame or nothing */
1054                 tty->flags |= (1 << TTY_DO_WRITE_WAKEUP);
1055                 sent = tty->driver.write(tty, 0, ppp->tpkt->data, ppp->tpkt->len);
1056                 if (sent < 0) {
1057                         /* write error (possible loss of CD) */
1058                         /* record error and discard current packet */
1059                         ppp->stats.ppp_oerrors++;
1060                         break;
1061                 }
1062                 ppp->stats.ppp_obytes += sent;
1063                 if (sent < ppp->tpkt->len) {
1064                         /* driver unable to accept frame just yet */
1065                         save_flags(flags);
1066                         cli();
1067                         if (ppp->woke_up) {
1068                                 /* wake up called while processing */
1069                                 /* try to send the frame again */
1070                                 restore_flags(flags);
1071                                 continue;
1072                         }
1073                         /* wait for wakeup callback to try send again */
1074                         ppp->tty_pushing = 0;
1075                         restore_flags(flags);
1076                         return 0;
1077                 }
1078                 break;
1079         }
1080 flush:  
1081         /* done with current packet (sent or discarded) */
1082         KFREE_SKB(ppp->tpkt);
1083         ppp->tpkt = 0;
1084         ppp->tty_pushing = 0;
1085         return 1;
1086 }
1087
1088 /*
1089  * Send a packet to the peer over an async tty line.
1090  * Returns -1 iff the packet could not be accepted at present,
1091  * 0 if the packet was accepted but we can't accept another yet, or
1092  * 1 if we can accept another packet immediately.
1093  * If this procedure returns 0, ppp_output_wakeup will be called
1094  * exactly once.
1095  */
1096 static int
1097 ppp_async_send(struct ppp *ppp, struct sk_buff *skb)
1098 {
1099         CHECK_PPP(0);
1100
1101         ppp_tty_push(ppp);
1102
1103         if (ppp->tpkt != NULL)
1104                 return -1;
1105         ppp->tpkt = skb;
1106         ppp->tpkt_pos = 0;
1107
1108         return ppp_tty_push(ppp);
1109 }
1110
1111 /*
1112  * Push as much data as possible out to the tty.
1113  * Returns 1 if we finished encoding the current frame, 0 otherwise.
1114  */
1115 static int
1116 ppp_tty_push(struct ppp *ppp)
1117 {
1118         int avail, sent, done = 0;
1119         struct tty_struct *tty = ppp2tty(ppp);
1120         
1121         if ( ppp->flags & SC_SYNC ) 
1122                 return ppp_tty_sync_push(ppp);
1123
1124         CHECK_PPP(0);
1125         if (ppp->tty_pushing)
1126                 return 0;
1127         if (tty == NULL || tty->disc_data != (void *) ppp)
1128                 goto flush;
1129         while (ppp->optr < ppp->olim || ppp->tpkt != 0) {
1130                 ppp->tty_pushing = 1;
1131                 avail = ppp->olim - ppp->optr;
1132                 if (avail > 0) {
1133                         tty->flags |= (1 << TTY_DO_WRITE_WAKEUP);
1134                         sent = tty->driver.write(tty, 0, ppp->optr, avail);
1135                         if (sent < 0)
1136                                 goto flush;     /* error, e.g. loss of CD */
1137                         ppp->stats.ppp_obytes += sent;
1138                         ppp->optr += sent;
1139                         if (sent < avail) {
1140                                 ppp->tty_pushing = 0;
1141                                 return done;
1142                         }
1143                 }
1144                 if (ppp->tpkt != 0)
1145                         done = ppp_async_encode(ppp);
1146                 ppp->tty_pushing = 0;
1147         }
1148         return done;
1149
1150 flush:
1151         ppp->tty_pushing = 1;
1152         ppp->stats.ppp_oerrors++;
1153         if (ppp->tpkt != 0) {
1154                 KFREE_SKB(ppp->tpkt);
1155                 ppp->tpkt = 0;
1156                 done = 1;
1157         }
1158         ppp->optr = ppp->olim;
1159         ppp->tty_pushing = 0;
1160         return done;
1161 }
1162
1163 /*
1164  * Procedure to encode the data for async serial transmission.
1165  * Does octet stuffing (escaping) and address/control
1166  * and protocol compression.
1167  * Assumes ppp->opkt != 0 on entry.
1168  * Returns 1 if we finished the current frame, 0 otherwise.
1169  */
1170 static int
1171 ppp_async_encode(struct ppp *ppp)
1172 {
1173         int fcs, i, count, c;
1174         unsigned char *buf, *buflim;
1175         unsigned char *data;
1176         int islcp;
1177
1178         CHECK_PPP(0);
1179
1180         buf = ppp->obuf;
1181         ppp->olim = buf;
1182         ppp->optr = buf;
1183         i = ppp->tpkt_pos;
1184         data = ppp->tpkt->data;
1185         count = ppp->tpkt->len;
1186         fcs = ppp->tfcs;
1187
1188         /*
1189          * LCP packets with code values between 1 (configure-reqest)
1190          * and 7 (code-reject) must be sent as though no options
1191          * had been negotiated.
1192          */
1193         islcp = PPP_PROTOCOL(data) == PPP_LCP
1194                 && 1 <= data[PPP_HDRLEN] && data[PPP_HDRLEN] <= 7;
1195
1196         if (i == 0) {
1197                 /*
1198                  * Start of a new packet - insert the leading FLAG
1199                  * character if necessary.
1200                  */
1201                 if (islcp || flag_time == 0
1202                     || jiffies - ppp->last_xmit >= flag_time)
1203                         *buf++ = PPP_FLAG;
1204                 /* only reset idle time for data packets */
1205                 if (PPP_PROTOCOL(data) < 0x8000)
1206                         ppp->last_xmit = jiffies;
1207                 fcs = PPP_INITFCS;
1208                 ++ppp->stats.ppp_opackets;
1209                 ppp->stats.ppp_ooctects += count;
1210
1211                 /*
1212                  * Do address/control compression
1213                  */
1214                 if ((ppp->flags & SC_COMP_AC) != 0 && !islcp
1215                     && PPP_ADDRESS(data) == PPP_ALLSTATIONS
1216                     && PPP_CONTROL(data) == PPP_UI)
1217                         i += 2;
1218         }
1219
1220         /*
1221          * Once we put in the last byte, we need to put in the FCS
1222          * and closing flag, so make sure there is at least 7 bytes
1223          * of free space in the output buffer.
1224          */
1225         buflim = buf + OBUFSIZE - 6;
1226         while (i < count && buf < buflim) {
1227                 c = data[i++];
1228                 if (i == 3 && c == 0 && (ppp->flags & SC_COMP_PROT))
1229                         continue;       /* compress protocol field */
1230                 fcs = PPP_FCS(fcs, c);
1231                 if (in_xmap(ppp, c) || (islcp && c < 0x20)) {
1232                         *buf++ = PPP_ESCAPE;
1233                         c ^= 0x20;
1234                 }
1235                 *buf++ = c;
1236         }
1237
1238         if (i == count) {
1239                 /*
1240                  * We have finished the packet.  Add the FCS and flag.
1241                  */
1242                 fcs = ~fcs;
1243                 c = fcs & 0xff;
1244                 if (in_xmap(ppp, c) || (islcp && c < 0x20)) {
1245                         *buf++ = PPP_ESCAPE;
1246                         c ^= 0x20;
1247                 }
1248                 *buf++ = c;
1249                 c = (fcs >> 8) & 0xff;
1250                 if (in_xmap(ppp, c) || (islcp && c < 0x20)) {
1251                         *buf++ = PPP_ESCAPE;
1252                         c ^= 0x20;
1253                 }
1254                 *buf++ = c;
1255                 *buf++ = PPP_FLAG;
1256                 ppp->olim = buf;
1257
1258                 KFREE_SKB(ppp->tpkt);
1259                 ppp->tpkt = 0;
1260                 return 1;
1261         }
1262
1263         /*
1264          * Remember where we are up to in this packet.
1265          */
1266         ppp->olim = buf;
1267         ppp->tpkt_pos = i;
1268         ppp->tfcs = fcs;
1269         return 0;
1270 }
1271
1272 /*
1273  * Callback function from tty driver. Return the amount of space left
1274  * in the receiver's buffer to decide if remote transmitter is to be
1275  * throttled.
1276  */
1277 static int
1278 ppp_tty_room (struct tty_struct *tty)
1279 {
1280         return 65536;       /* We can handle an infinite amount of data. :-) */
1281 }
1282
1283 /*
1284  * Callback function when data is available at the tty driver.
1285  */
1286 static void
1287 ppp_tty_receive (struct tty_struct *tty, const __u8 * data,
1288                  char *flags, int count)
1289 {
1290         register struct ppp *ppp = tty2ppp (tty);
1291         struct sk_buff *skb;
1292         int chr, flg;
1293         unsigned char *p;
1294
1295         if (ppp != 0)
1296                 CHECK_PPP_VOID();
1297         /*
1298          * This can happen if stuff comes in on the backup tty.
1299          */
1300         if (ppp == 0 || tty != ppp->tty)
1301                 return;
1302         /*
1303          * Verify the table pointer and ensure that the line is
1304          * still in PPP discipline.
1305          */
1306         if (ppp->magic != PPP_MAGIC) {
1307                 if (ppp->flags & SC_DEBUG)
1308                         printk(KERN_DEBUG
1309                                "PPP: tty_receive called but couldn't find "
1310                                "PPP struct.\n");
1311                 return;
1312         }
1313         /*
1314          * Print the buffer if desired
1315          */
1316         if (ppp->flags & SC_LOG_RAWIN)
1317                 ppp_print_buffer ("receive buffer", data, count);
1318
1319         ppp->stats.ppp_ibytes += count;
1320         skb = ppp->rpkt;
1321         
1322         if ( ppp->flags & SC_SYNC ) {
1323                 /* synchronous mode */
1324                 
1325                 if (ppp->toss==0xE0) {
1326                         /* this is the 1st frame, reset vj comp */
1327                         ppp_receive_error(ppp);
1328                         ppp->toss = 0;
1329                 }
1330                 
1331                 /*
1332                  * Allocate an skbuff for frame.
1333                  * The 128 is room for VJ header expansion.
1334                  */
1335                 
1336                 if (skb == NULL)
1337                         skb = dev_alloc_skb(ppp->mru + 128 + PPP_HDRLEN);
1338                         
1339                 if (skb == NULL) {
1340                         if (ppp->flags & SC_DEBUG)
1341                                 printk(KERN_DEBUG "couldn't "
1342                                        "alloc skb for recv\n");
1343                 } else {
1344                         LIBERATE_SKB(skb);
1345                         /*
1346                          * Decompress A/C and protocol compression here.
1347                          */
1348                         p = skb_put(skb, 2);
1349                         p[0] = PPP_ALLSTATIONS;
1350                         p[1] = PPP_UI;
1351                         if (*data == PPP_ALLSTATIONS) {
1352                                 data += 2;
1353                                 count -= 2;
1354                         }
1355                         if ((*data & 1) != 0) {
1356                                 p = skb_put(skb, 1);
1357                                 p[0] = 0;
1358                         }
1359
1360                         /* copy frame to socket buffer */
1361                         p = skb_put(skb, count);
1362                         memcpy(p,data,count);
1363                         
1364                         /*
1365                          * Check if we've overflowed the MRU
1366                          */
1367                         if (skb->len >= ppp->mru + PPP_HDRLEN + 2
1368                             || skb_tailroom(skb) <= 0) {
1369                                 ++ppp->estats.rx_length_errors;
1370                                 if (ppp->flags & SC_DEBUG)
1371                                         printk(KERN_DEBUG "rcv frame too long: "
1372                                                "len=%d mru=%d hroom=%d troom=%d\n",
1373                                                skb->len, ppp->mru, skb_headroom(skb),
1374                                                skb_tailroom(skb));
1375                         } else {
1376                                 if (!ppp_receive_frame(ppp, skb)) {
1377                                         KFREE_SKB(skb);
1378                                         ppp_receive_error(ppp);
1379                                 }
1380                         }
1381                 
1382                         /* Reset for the next frame */
1383                         skb = NULL;
1384                 }
1385                 ppp->rpkt = skb;
1386                 return;
1387         }
1388         
1389         while (count-- > 0) {
1390                 /*
1391                  * Collect the character and error condition for the character.
1392                  * Set the toss flag for the first character error.
1393                  */
1394                 chr = *data++;
1395                 if (flags) {
1396                         flg = *flags++;
1397                         if (flg) {
1398                                 if (ppp->toss == 0)
1399                                         ppp->toss = flg;
1400                                 switch (flg) {
1401                                 case TTY_OVERRUN:
1402                                         ++ppp->estats.rx_fifo_errors;
1403                                         break;
1404                                 case TTY_FRAME:
1405                                 case TTY_BREAK:
1406                                         ++ppp->estats.rx_frame_errors;
1407                                         break;
1408                                 }
1409                                 continue;
1410                         }
1411                 }
1412
1413                 /*
1414                  * Set the flags for d7 being 0/1 and parity being
1415                  * even/odd so that the normal processing would have
1416                  * all flags set at the end of the session.  A
1417                  * missing flag bit indicates an error condition.
1418                  */
1419
1420 #ifdef CHECK_CHARACTERS
1421                 if (chr & 0x80)
1422                         ppp->flags |= SC_RCV_B7_1;
1423                 else
1424                         ppp->flags |= SC_RCV_B7_0;
1425
1426                 if (paritytab[chr >> 5] & (1 << (chr & 0x1F)))
1427                         ppp->flags |= SC_RCV_ODDP;
1428                 else
1429                         ppp->flags |= SC_RCV_EVNP;
1430 #endif
1431
1432                 if (chr == PPP_FLAG) {
1433                         /*
1434                          * FLAG. This is the end of the block. If the block
1435                          * ends with ESC FLAG, then the block is to be ignored.
1436                          */
1437                         if (ppp->escape)
1438                                 ppp->toss |= 0x80;
1439                         /*
1440                          * Process the frame if it was received correctly.
1441                          * If there was an error, let the VJ decompressor know.
1442                          * There are 4 cases here:
1443                          * skb != NULL, toss != 0: error in frame
1444                          * skb != NULL, toss == 0: frame ok
1445                          * skb == NULL, toss != 0: very first frame,
1446                          *      error on 1st char, or alloc_skb failed
1447                          * skb == NULL, toss == 0: empty frame (~~)
1448                          */
1449                         if (ppp->toss || !ppp_receive_frame(ppp, skb)) {
1450                                 if (ppp->toss && (ppp->flags & SC_DEBUG))
1451                                         printk(KERN_DEBUG
1452                                                "ppp: tossing frame (%x)\n",
1453                                                ppp->toss);
1454                                 if (skb != NULL)
1455                                         KFREE_SKB(skb);
1456                                 if (!(ppp->toss == 0xE0 || ppp->toss == 0x80))
1457                                         ++ppp->stats.ppp_ierrors;
1458                                 ppp_receive_error(ppp);
1459                         }
1460                         /*
1461                          * Reset for the next frame.
1462                          */
1463                         skb = NULL;
1464                         ppp->rfcs = PPP_INITFCS;
1465                         ppp->escape = 0;
1466                         ppp->toss = 0;
1467                         continue;
1468                 }
1469
1470                 /* If we're tossing, look no further. */
1471                 if (ppp->toss != 0)
1472                         continue;
1473
1474                 /* If this is a control char to be ignored, do so */
1475                 if (in_rmap(ppp, chr))
1476                         continue;
1477
1478                 /*
1479                  * Modify the next character if preceded by escape.
1480                  * The escape character (0x7d) could be an escaped
1481                  * 0x5d, if it follows an escape :-)
1482                  */
1483                 if (ppp->escape) {
1484                         chr ^= PPP_TRANS;
1485                         ppp->escape = 0;
1486                 } else if (chr == PPP_ESCAPE) {
1487                         ppp->escape = PPP_TRANS;
1488                         continue;
1489                 }
1490
1491                 /*
1492                  * Allocate an skbuff on the first character received.
1493                  * The 128 is room for VJ header expansion and FCS.
1494                  */
1495                 if (skb == NULL) {
1496                         skb = dev_alloc_skb(ppp->mru + 128 + PPP_HDRLEN);
1497                         if (skb == NULL) {
1498                                 if (ppp->flags & SC_DEBUG)
1499                                         printk(KERN_DEBUG "couldn't "
1500                                                "alloc skb for recv\n");
1501                                 ppp->toss = 1;
1502                                 continue;
1503                         }
1504                         LIBERATE_SKB(skb);
1505                 }
1506
1507                 /*
1508                  * Decompress A/C and protocol compression here.
1509                  */
1510                 if (skb->len == 0 && chr != PPP_ALLSTATIONS) {
1511                         p = skb_put(skb, 2);
1512                         p[0] = PPP_ALLSTATIONS;
1513                         p[1] = PPP_UI;
1514                 }
1515                 if (skb->len == 2 && (chr & 1) != 0) {
1516                         p = skb_put(skb, 1);
1517                         p[0] = 0;
1518                 }
1519
1520                 /*
1521                  * Check if we've overflowed the MRU
1522                  */
1523                 if (skb->len >= ppp->mru + PPP_HDRLEN + 2
1524                     || skb_tailroom(skb) <= 0) {
1525                         ++ppp->estats.rx_length_errors;
1526                         ppp->toss = 0xC0;
1527                         if (ppp->flags & SC_DEBUG)
1528                                 printk(KERN_DEBUG "rcv frame too long: "
1529                                        "len=%ld mru=%d hroom=%d troom=%d\n",
1530                                        skb->len, ppp->mru, skb_headroom(skb),
1531                                        skb_tailroom(skb));
1532                         continue;
1533                 }
1534
1535                 /*
1536                  * Store the character and update the FCS.
1537                  */
1538                 p = skb_put(skb, 1);
1539                 *p = chr;
1540                 ppp->rfcs = PPP_FCS(ppp->rfcs, chr);
1541         }
1542         ppp->rpkt = skb;
1543 }
1544
1545 /*************************************************************
1546  * PPP NETWORK INTERFACE SUPPORT
1547  *      The following code implements the PPP network
1548  *      interface device and handles those parts of
1549  *      the PPP processing which are independent of the
1550  *      type of hardware link being used, including
1551  *      VJ and packet compression.
1552  *************************************************************/
1553
1554 /*
1555  * Network device driver callback routines
1556  */
1557
1558 static int ppp_init_dev(struct device *dev);
1559 static int ppp_dev_open(struct device *);
1560 static int ppp_dev_ioctl(struct device *dev, struct ifreq *ifr, int cmd);
1561 static int ppp_dev_close(struct device *);
1562 static int ppp_dev_xmit(struct sk_buff *, struct device *);
1563 static struct net_device_stats *ppp_dev_stats (struct device *);
1564
1565 #if LINUX_VERSION_CODE < VERSION(2,1,15)
1566 static int ppp_dev_header(struct sk_buff *, struct device *, __u16,
1567                           void *, void *, unsigned int);
1568 static int ppp_dev_rebuild(void *eth, struct device *dev,
1569                            unsigned long raddr, struct sk_buff *skb);
1570 #endif
1571
1572 /*
1573  * Information for the protocol decoder
1574  */
1575
1576 typedef int (*pfn_proto)  (struct ppp *, struct sk_buff *);
1577
1578 typedef struct ppp_proto_struct {
1579         int             proto;
1580         pfn_proto       func;
1581 } ppp_proto_type;
1582
1583 static int rcv_proto_ip         (struct ppp *, struct sk_buff *);
1584 static int rcv_proto_ipv6       (struct ppp *, struct sk_buff *);
1585 static int rcv_proto_ipx        (struct ppp *, struct sk_buff *);
1586 static int rcv_proto_at         (struct ppp *, struct sk_buff *);
1587 static int rcv_proto_vjc_comp   (struct ppp *, struct sk_buff *);
1588 static int rcv_proto_vjc_uncomp (struct ppp *, struct sk_buff *);
1589 static int rcv_proto_ccp        (struct ppp *, struct sk_buff *);
1590 static int rcv_proto_unknown    (struct ppp *, struct sk_buff *);
1591
1592 static
1593 ppp_proto_type proto_list[] = {
1594         { PPP_IP,         rcv_proto_ip         },
1595         { PPP_IPV6,       rcv_proto_ipv6       },
1596         { PPP_IPX,        rcv_proto_ipx        },
1597         { PPP_AT,         rcv_proto_at         },
1598         { PPP_VJC_COMP,   rcv_proto_vjc_comp   },
1599         { PPP_VJC_UNCOMP, rcv_proto_vjc_uncomp },
1600         { PPP_CCP,        rcv_proto_ccp        },
1601         { 0,              rcv_proto_unknown    }  /* !!! MUST BE LAST !!! */
1602 };
1603
1604 /*
1605  * Called when the PPP network interface device is actually created.
1606  */
1607 static int
1608 ppp_init_dev (struct device *dev)
1609 {
1610         dev->hard_header_len  = PPP_HDRLEN;
1611 #if LINUX_VERSION_CODE < VERSION(2,1,15)
1612         dev->hard_header      = ppp_dev_header;
1613         dev->rebuild_header   = ppp_dev_rebuild;
1614 #endif
1615
1616         /* device INFO */
1617         dev->mtu              = PPP_MTU;
1618         dev->hard_start_xmit  = ppp_dev_xmit;
1619         dev->open             = ppp_dev_open;
1620         dev->stop             = ppp_dev_close;
1621         dev->get_stats        = ppp_dev_stats;
1622         dev->do_ioctl         = ppp_dev_ioctl;
1623         dev->addr_len         = 0;
1624         dev->tx_queue_len     = 10;
1625         dev->type             = ARPHRD_PPP;
1626
1627 #if LINUX_VERSION_CODE < VERSION(2,1,20)
1628         {
1629                 int    indx;
1630
1631                 for (indx = 0; indx < DEV_NUMBUFFS; indx++)
1632                         skb_queue_head_init (&dev->buffs[indx]);
1633         }
1634 #else
1635         dev_init_buffers(dev);
1636 #endif
1637
1638         dev->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
1639
1640         return 0;
1641 }
1642
1643 /*
1644  * Callback from the network layer when the device goes up.
1645  */
1646
1647 static int
1648 ppp_dev_open (struct device *dev)
1649 {
1650         struct ppp *ppp = dev2ppp(dev);
1651
1652         if (!ppp->inuse || ppp2tty(ppp) == NULL) {
1653                 printk(KERN_ERR "ppp: %s not active\n", dev->name);
1654                 return -ENXIO;
1655         }
1656
1657         MOD_INC_USE_COUNT;
1658
1659         return 0;
1660 }
1661
1662 /*
1663  * Callback from the network layer when the ppp device goes down.
1664  */
1665
1666 static int
1667 ppp_dev_close (struct device *dev)
1668 {
1669         struct ppp *ppp = dev2ppp (dev);
1670
1671         CHECK_PPP_MAGIC(ppp);
1672
1673         MOD_DEC_USE_COUNT;
1674
1675         return 0;
1676 }
1677
1678 static inline void
1679 get_vj_stats(struct vjstat *vj, struct slcompress *slc)
1680 {
1681         vj->vjs_packets    = slc->sls_o_compressed + slc->sls_o_uncompressed;
1682         vj->vjs_compressed = slc->sls_o_compressed;
1683         vj->vjs_searches   = slc->sls_o_searches;
1684         vj->vjs_misses     = slc->sls_o_misses;
1685         vj->vjs_errorin    = slc->sls_i_error;
1686         vj->vjs_tossed     = slc->sls_i_tossed;
1687         vj->vjs_uncompressedin = slc->sls_i_uncompressed;
1688         vj->vjs_compressedin   = slc->sls_i_compressed;
1689 }
1690
1691 /*
1692  * Callback from the network layer to process the sockioctl functions.
1693  */
1694 static int
1695 ppp_dev_ioctl (struct device *dev, struct ifreq *ifr, int cmd)
1696 {
1697         struct ppp *ppp = dev2ppp(dev);
1698         int nb;
1699         union {
1700                 struct ppp_stats stats;
1701                 struct ppp_comp_stats cstats;
1702                 char vers[32];
1703         } u;
1704
1705         CHECK_PPP_MAGIC(ppp);
1706
1707         memset(&u, 0, sizeof(u));
1708         switch (cmd) {
1709         case SIOCGPPPSTATS:
1710                 u.stats.p = ppp->stats;
1711                 if (ppp->slcomp != NULL)
1712                         get_vj_stats(&u.stats.vj, ppp->slcomp);
1713                 nb = sizeof(u.stats);
1714                 break;
1715
1716         case SIOCGPPPCSTATS:
1717                 if (ppp->sc_xc_state != NULL)
1718                         (*ppp->sc_xcomp->comp_stat)
1719                                 (ppp->sc_xc_state, &u.cstats.c);
1720                 if (ppp->sc_rc_state != NULL)
1721                         (*ppp->sc_rcomp->decomp_stat)
1722                                 (ppp->sc_rc_state, &u.cstats.d);
1723                 nb = sizeof(u.cstats);
1724                 break;
1725
1726         case SIOCGPPPVER:
1727                 strcpy(u.vers, szVersion);
1728                 nb = strlen(u.vers) + 1;
1729                 break;
1730
1731         default:
1732                 return -EINVAL;
1733         }
1734
1735         if (COPY_TO_USER((void *) ifr->ifr_ifru.ifru_data, &u, nb))
1736                 return -EFAULT;
1737         return 0;
1738 }
1739
1740 /*
1741  * Process the generic PPP ioctls, i.e. those which are not specific
1742  * to any particular type of hardware link.
1743  */
1744 static int
1745 ppp_ioctl(struct ppp *ppp, unsigned int param2, unsigned long param3)
1746 {
1747         register int temp_i = 0, oldflags;
1748         int error = -EFAULT;
1749         unsigned long flags;
1750         struct ppp_idle cur_ddinfo;
1751         struct npioctl npi;
1752
1753         CHECK_PPP(-ENXIO);
1754
1755         /*
1756          * The user must have an euid of root to do these requests.
1757          */
1758         if (!SUSER())
1759                 return -EPERM;
1760
1761         switch (param2) {
1762         case PPPIOCSMRU:
1763                 /*
1764                  * Set the MRU value
1765                  */
1766                 if (GET_USER(temp_i, (int *) param3))
1767                         break;
1768                 if (temp_i < PPP_MRU)
1769                         temp_i = PPP_MRU;
1770                 ppp->mru = temp_i;
1771                 if (ppp->flags & SC_DEBUG)
1772                         printk(KERN_INFO
1773                                "ppp_ioctl: set mru to %x\n", temp_i);
1774                 error = 0;
1775                 break;
1776
1777         case PPPIOCGFLAGS:
1778                 /*
1779                  * Fetch the current flags
1780                  */
1781                 temp_i = ppp->flags & SC_MASK;
1782 #ifndef CHECK_CHARACTERS /* Don't generate errors if we don't check chars. */
1783                 temp_i |= SC_RCV_B7_1 | SC_RCV_B7_0 |
1784                           SC_RCV_ODDP | SC_RCV_EVNP;
1785 #endif
1786                 if (PUT_USER(temp_i, (int *) param3))
1787                         break;
1788                 error = 0;
1789                 break;
1790
1791         case PPPIOCSFLAGS:
1792                 /*
1793                  * Set the flags for the various options
1794                  */
1795                 if (GET_USER(temp_i, (int *) param3))
1796                         break;
1797
1798                 if (ppp->flags & ~temp_i & SC_CCP_OPEN)
1799                         ppp_ccp_closed(ppp);
1800
1801                 save_flags(flags);
1802                 cli();
1803                 oldflags = ppp->flags;
1804                 temp_i = (temp_i & SC_MASK) | (oldflags & ~SC_MASK);
1805                 ppp->flags = temp_i;
1806                 restore_flags(flags);
1807
1808                 if ((oldflags | temp_i) & SC_DEBUG)
1809                         printk(KERN_INFO
1810                                "ppp_ioctl: set flags to %x\n", temp_i);
1811                 error = 0;
1812                 break;
1813
1814         case PPPIOCSCOMPRESS:
1815                 /*
1816                  * Set the compression mode
1817                  */
1818                 error = ppp_set_compression
1819                         (ppp, (struct ppp_option_data *) param3);
1820                 break;
1821
1822         case PPPIOCGUNIT:
1823                 /*
1824                  * Obtain the unit number for this device.
1825                  */
1826                 if (PUT_USER(ppp->line, (int *) param3))
1827                         break;
1828                 if (ppp->flags & SC_DEBUG)
1829                         printk(KERN_INFO
1830                                "ppp_ioctl: get unit: %d\n", ppp->line);
1831                 error = 0;
1832                 break;
1833
1834         case PPPIOCSDEBUG:
1835                 /*
1836                  * Set the debug level
1837                  */
1838                 if (GET_USER(temp_i, (int *) param3))
1839                         break;
1840                 temp_i = (temp_i & 0x1F) << 16;
1841
1842                 if ((ppp->flags | temp_i) & SC_DEBUG)
1843                         printk(KERN_INFO
1844                                "ppp_ioctl: set dbg flags to %x\n", temp_i);
1845
1846                 save_flags(flags);
1847                 cli();
1848                 ppp->flags = (ppp->flags & ~0x1F0000) | temp_i;
1849                 restore_flags(flags);
1850                 error = 0;
1851                 break;
1852
1853         case PPPIOCGDEBUG:
1854                 /*
1855                  * Get the debug level
1856                  */
1857                 temp_i = (ppp->flags >> 16) & 0x1F;
1858                 if (PUT_USER(temp_i, (int *) param3))
1859                         break;
1860                 error = 0;
1861                 break;
1862
1863         case PPPIOCGIDLE:
1864                 /*
1865                  * Get the times since the last send/receive frame operation
1866                  */
1867                 /* change absolute times to relative times. */
1868                 cur_ddinfo.xmit_idle = (jiffies - ppp->last_xmit) / HZ;
1869                 cur_ddinfo.recv_idle = (jiffies - ppp->last_recv) / HZ;
1870                 if (COPY_TO_USER((void *) param3, &cur_ddinfo,
1871                                  sizeof (cur_ddinfo)))
1872                         break;
1873                 error = 0;
1874                 break;
1875
1876         case PPPIOCSMAXCID:
1877                 /*
1878                  * Set the maximum VJ header compression slot number.
1879                  */
1880                 if (GET_USER(temp_i, (int *) param3))
1881                         break;
1882                 error = -EINVAL;
1883                 if (temp_i < 2 || temp_i > 255)
1884                         break;
1885                 ++temp_i;
1886                 if (ppp->flags & SC_DEBUG)
1887                         printk(KERN_INFO "ppp_ioctl: set maxcid to %d\n",
1888                                temp_i);
1889                 if (ppp->slcomp != NULL)
1890                         slhc_free(ppp->slcomp);
1891                 ppp->slcomp = slhc_init(16, temp_i);
1892
1893                 error = -ENOMEM;
1894                 if (ppp->slcomp == NULL) {
1895                         printk(KERN_ERR "ppp: no memory for VJ compression\n");
1896                         break;
1897                 }
1898                 error = 0;
1899                 break;
1900
1901         case PPPIOCGNPMODE:
1902         case PPPIOCSNPMODE:
1903                 if (COPY_FROM_USER(&npi, (void *) param3, sizeof(npi)))
1904                         break;
1905
1906                 switch (npi.protocol) {
1907                 case PPP_IP:
1908                         npi.protocol = NP_IP;
1909                         break;
1910                 case PPP_IPX:
1911                         npi.protocol = NP_IPX;
1912                         break;
1913                 case PPP_AT:
1914                         npi.protocol = NP_AT;
1915                         break;
1916                 default:
1917                         if (ppp->flags & SC_DEBUG)
1918                                 printk(KERN_DEBUG "pppioc[gs]npmode: "
1919                                        "invalid proto %d\n", npi.protocol);
1920                         error = -EINVAL;
1921                         goto out;
1922                 }
1923
1924                 if (param2 == PPPIOCGNPMODE) {
1925                         npi.mode = ppp->sc_npmode[npi.protocol];
1926                         if (COPY_TO_USER((void *) param3, &npi, sizeof(npi)))
1927                                 break;
1928                 } else {
1929                         ppp->sc_npmode[npi.protocol] = npi.mode;
1930                         if (ppp->flags & SC_DEBUG)
1931                                 printk(KERN_DEBUG "ppp: set np %d to %d\n",
1932                                        npi.protocol, npi.mode);
1933                         mark_bh(NET_BH);
1934                 }
1935                 error = 0;
1936                 break;
1937
1938         default:
1939                 /*
1940                  *  All other ioctl() events will come here.
1941                  */
1942                 if (ppp->flags & SC_DEBUG)
1943                         printk(KERN_ERR
1944                                "ppp_ioctl: invalid ioctl: %x, addr %lx\n",
1945                                param2, param3);
1946
1947                 error = -ENOIOCTLCMD;
1948                 break;
1949         }
1950 out:
1951         return error;
1952 }
1953
1954 /*
1955  * Process the set-compression ioctl.
1956  */
1957 static int
1958 ppp_set_compression (struct ppp *ppp, struct ppp_option_data *odp)
1959 {
1960         struct compressor *cp;
1961         int error, nb;
1962         unsigned long flags;
1963         __u8 *ptr;
1964         __u8 ccp_option[CCP_MAX_OPTION_LENGTH];
1965         struct ppp_option_data data;
1966
1967         /*
1968          * Fetch the compression parameters
1969          */
1970         error = -EFAULT;
1971         if (COPY_FROM_USER(&data, odp, sizeof (data)))
1972                 goto out;
1973
1974         nb  = data.length;
1975         ptr = data.ptr;
1976         if ((unsigned) nb >= CCP_MAX_OPTION_LENGTH)
1977                 nb = CCP_MAX_OPTION_LENGTH;
1978
1979         if (COPY_FROM_USER(ccp_option, ptr, nb))
1980                 goto out;
1981
1982         error = -EINVAL;
1983         if (ccp_option[1] < 2)  /* preliminary check on the length byte */
1984                 goto out;
1985
1986         save_flags(flags);
1987         cli();
1988         ppp->flags &= ~(data.transmit? SC_COMP_RUN: SC_DECOMP_RUN);
1989         restore_flags(flags);
1990
1991         cp = find_compressor (ccp_option[0]);
1992 #if defined(CONFIG_KMOD) || defined(CONFIG_KERNELD)
1993         if (cp == NULL) {
1994                 char modname[32];
1995                 sprintf(modname, "ppp-compress-%d", ccp_option[0]);
1996                 request_module(modname);
1997                 cp = find_compressor(ccp_option[0]);
1998         }
1999 #endif /* CONFIG_KMOD */
2000
2001         if (cp == NULL) {
2002                 if (ppp->flags & SC_DEBUG)
2003                         printk(KERN_DEBUG
2004                                "%s: no compressor for [%x %x %x], %x\n",
2005                                ppp->name, ccp_option[0], ccp_option[1],
2006                                ccp_option[2], nb);
2007                 goto out;               /* compressor not loaded */
2008         }
2009
2010         /*
2011          * Found a handler for the protocol - try to allocate
2012          * a compressor or decompressor.
2013          */
2014         error = 0;
2015         if (data.transmit) {
2016                 if (ppp->sc_xc_state != NULL)
2017                         (*ppp->sc_xcomp->comp_free)(ppp->sc_xc_state);
2018                 ppp->sc_xc_state = NULL;
2019
2020                 ppp->sc_xcomp    = cp;
2021                 ppp->sc_xc_state = cp->comp_alloc(ccp_option, nb);
2022                 if (ppp->sc_xc_state == NULL) {
2023                         if (ppp->flags & SC_DEBUG)
2024                                 printk(KERN_DEBUG "%s: comp_alloc failed\n",
2025                                        ppp->name);
2026                         error = -ENOBUFS;
2027                 }
2028         } else {
2029                 if (ppp->sc_rc_state != NULL)
2030                         (*ppp->sc_rcomp->decomp_free)(ppp->sc_rc_state);
2031                 ppp->sc_rc_state = NULL;
2032
2033                 ppp->sc_rcomp    = cp;
2034                 ppp->sc_rc_state = cp->decomp_alloc(ccp_option, nb);
2035                 if (ppp->sc_rc_state == NULL) {
2036                         if (ppp->flags & SC_DEBUG)
2037                                 printk(KERN_DEBUG "%s: decomp_alloc failed\n",
2038                                        ppp->name);
2039                         error = -ENOBUFS;
2040                 }
2041         }
2042 out:
2043         return error;
2044 }
2045
2046 /*
2047  * Handle a CCP packet.
2048  *
2049  * The CCP packet is passed along to the pppd process just like any
2050  * other PPP frame. The difference is that some processing needs to be
2051  * immediate or the compressors will become confused on the peer.
2052  */
2053
2054 static void ppp_proto_ccp(struct ppp *ppp, __u8 *dp, int len, int rcvd)
2055 {
2056         int slen    = CCP_LENGTH(dp);
2057         __u8 *opt = dp   + CCP_HDRLEN;
2058         int opt_len = slen - CCP_HDRLEN;
2059         unsigned long flags;
2060
2061         if (slen > len)
2062                 return;
2063
2064         if (ppp->flags & SC_DEBUG)
2065                 printk(KERN_DEBUG "ppp_proto_ccp rcvd=%d code=%x flags=%x\n",
2066                        rcvd, CCP_CODE(dp), ppp->flags);
2067         save_flags(flags);
2068         switch (CCP_CODE(dp)) {
2069         case CCP_CONFREQ:
2070         case CCP_TERMREQ:
2071         case CCP_TERMACK:
2072                 /*
2073                  * CCP must be going down - disable compression
2074                  */
2075                 if (ppp->flags & SC_CCP_UP) {
2076                         cli();
2077                         ppp->flags &= ~(SC_CCP_UP   |
2078                                         SC_COMP_RUN |
2079                                         SC_DECOMP_RUN);
2080                 }
2081                 break;
2082
2083         case CCP_CONFACK:
2084                 if ((ppp->flags & SC_CCP_OPEN) == 0)
2085                         break;
2086                 if (ppp->flags & SC_CCP_UP)
2087                         break;
2088                 if (slen < (CCP_HDRLEN + CCP_OPT_MINLEN))
2089                         break;
2090                 if (slen < (CCP_OPT_LENGTH (opt) + CCP_HDRLEN))
2091                         break;
2092                 if (!rcvd) {
2093                         /*
2094                          * we're agreeing to send compressed packets.
2095                          */
2096                         if (ppp->sc_xc_state == NULL)
2097                                 break;
2098
2099                         if ((*ppp->sc_xcomp->comp_init)
2100                             (ppp->sc_xc_state,
2101                              opt, opt_len,
2102                              ppp->line, 0, ppp->flags & SC_DEBUG)) {
2103                                 if (ppp->flags & SC_DEBUG)
2104                                         printk(KERN_DEBUG "%s: comp running\n",
2105                                                ppp->name);
2106                                 cli();
2107                                 ppp->flags |= SC_COMP_RUN;
2108                         }
2109                         break;
2110                 }
2111
2112                 /*
2113                  * peer is agreeing to send compressed packets.
2114                  */
2115                 if (ppp->sc_rc_state == NULL)
2116                         break;
2117
2118                 if ((*ppp->sc_rcomp->decomp_init)
2119                     (ppp->sc_rc_state,
2120                      opt, opt_len,
2121                      ppp->line, 0, ppp->mru, ppp->flags & SC_DEBUG)) {
2122                         if (ppp->flags & SC_DEBUG)
2123                                 printk(KERN_DEBUG "%s: decomp running\n",
2124                                        ppp->name);
2125                         cli();
2126                         ppp->flags |= SC_DECOMP_RUN;
2127                         ppp->flags &= ~(SC_DC_ERROR | SC_DC_FERROR);
2128                 }
2129                 break;
2130
2131         case CCP_RESETACK:
2132                 /*
2133                  * CCP Reset-ack resets compressors and decompressors
2134                  * as it passes through.
2135                  */
2136                 if ((ppp->flags & SC_CCP_UP) == 0)
2137                         break;
2138
2139                 if (!rcvd) {
2140                         if (ppp->sc_xc_state && (ppp->flags & SC_COMP_RUN)) {
2141                                 (*ppp->sc_xcomp->comp_reset)(ppp->sc_xc_state);
2142                                 if (ppp->flags & SC_DEBUG)
2143                                         printk(KERN_DEBUG "%s: comp reset\n",
2144                                                ppp->name);
2145                         }
2146                 } else {
2147                         if (ppp->sc_rc_state && (ppp->flags & SC_DECOMP_RUN)) {
2148                               (*ppp->sc_rcomp->decomp_reset)(ppp->sc_rc_state);
2149                               if (ppp->flags & SC_DEBUG)
2150                                         printk(KERN_DEBUG "%s: decomp reset\n",
2151                                                ppp->name);
2152                               cli();
2153                               ppp->flags &= ~SC_DC_ERROR;
2154                         }
2155                 }
2156                 break;
2157         }
2158         restore_flags(flags);
2159 }
2160
2161 /*
2162  * CCP is down; free (de)compressor state if necessary.
2163  */
2164
2165 static void
2166 ppp_ccp_closed(struct ppp *ppp)
2167 {
2168         unsigned long flags;
2169
2170         save_flags(flags);
2171         cli();
2172         ppp->flags &= ~(SC_CCP_OPEN | SC_CCP_UP | SC_COMP_RUN | SC_DECOMP_RUN);
2173         restore_flags(flags);
2174         if (ppp->flags & SC_DEBUG)
2175                 printk(KERN_DEBUG "%s: ccp closed\n", ppp->name);
2176         if (ppp->sc_xc_state) {
2177                 (*ppp->sc_xcomp->comp_free) (ppp->sc_xc_state);
2178                 ppp->sc_xc_state = NULL;
2179         }
2180
2181         if (ppp->sc_rc_state) {
2182                 (*ppp->sc_rcomp->decomp_free) (ppp->sc_rc_state);
2183                 ppp->sc_rc_state = NULL;
2184         }
2185 }
2186
2187 /*************************************************************
2188  * RECEIVE-SIDE ROUTINES
2189  *************************************************************/
2190
2191 /*
2192  * On entry, a received frame is in skb.
2193  * Check it and dispose as appropriate.
2194  */
2195 static int
2196 ppp_receive_frame(struct ppp *ppp, struct sk_buff *skb)
2197 {
2198         __u8    *data;
2199         int     count;
2200         int     proto;
2201         int     new_count;
2202         struct sk_buff *new_skb;
2203         ppp_proto_type  *proto_ptr;
2204
2205         /*
2206          * An empty frame is ignored. This occurs if the FLAG sequence
2207          * precedes and follows each frame.
2208          */
2209         if (skb == NULL)
2210                 return 1;
2211         if (skb->len == 0) {
2212                 KFREE_SKB(skb);
2213                 return 1;
2214         }
2215         data = skb->data;
2216         count = skb->len;
2217
2218         /*
2219          * Generate an error if the frame is too small.
2220          */
2221         if (count < PPP_HDRLEN + 2) {
2222                 if (ppp->flags & SC_DEBUG)
2223                         printk(KERN_DEBUG
2224                                "ppp: got runt ppp frame, %d chars\n", count);
2225                 ++ppp->estats.rx_length_errors;
2226                 return 0;
2227         }
2228
2229         if ( !(ppp->flags & SC_SYNC) ) { 
2230                 /*
2231                  * Verify the FCS of the frame and discard the FCS characters
2232                  * from the end of the buffer.
2233                  */
2234                 if (ppp->rfcs != PPP_GOODFCS) {
2235                         if (ppp->flags & SC_DEBUG) {
2236                                 printk(KERN_DEBUG
2237                                        "ppp: frame with bad fcs, length = %d\n",
2238                                        count);
2239                                 ppp_print_buffer("bad frame", data, count);
2240                         }
2241                         ++ppp->estats.rx_crc_errors;
2242                         return 0;
2243                 }
2244                 count -= 2;             /* ignore the fcs characters */
2245                 skb_trim(skb, count);
2246         }
2247         
2248         /*
2249          * Process the active decompressor.
2250          */
2251         if (ppp->sc_rc_state != NULL &&
2252             (ppp->flags & SC_DECOMP_RUN) &&
2253             ((ppp->flags & (SC_DC_FERROR | SC_DC_ERROR)) == 0)) {
2254                 if (PPP_PROTOCOL(data) == PPP_COMP) {
2255                         /*
2256                          * If the frame is compressed then decompress it.
2257                          */
2258                         new_skb = dev_alloc_skb(ppp->mru + 128 + PPP_HDRLEN);
2259                         if (new_skb == NULL) {
2260                                 printk(KERN_ERR "ppp_recv_frame: no memory\n");
2261                                 new_count = DECOMP_ERROR;
2262                         } else {
2263                                 LIBERATE_SKB(new_skb);
2264                                 new_count = (*ppp->sc_rcomp->decompress)
2265                                         (ppp->sc_rc_state, data, count,
2266                                          new_skb->data, ppp->mru + PPP_HDRLEN);
2267                         }
2268                         if (new_count > 0) {
2269                                 /* Frame was decompressed OK */
2270                                 KFREE_SKB(skb);
2271                                 skb = new_skb;
2272                                 count = new_count;
2273                                 data = skb_put(skb, count);
2274
2275                         } else {
2276                                 /*
2277                                  * On a decompression error, we pass the
2278                                  * compressed frame up to pppd as an
2279                                  * error indication.
2280                                  */
2281                                 if (ppp->flags & SC_DEBUG)
2282                                         printk(KERN_INFO "%s: decomp err %d\n",
2283                                                ppp->name, new_count);
2284                                 if (new_skb != 0)
2285                                         KFREE_SKB(new_skb);
2286                                 if (ppp->slcomp != 0)
2287                                         slhc_toss(ppp->slcomp);
2288                                 ++ppp->stats.ppp_ierrors;
2289                                 if (new_count == DECOMP_FATALERROR) {
2290                                         ppp->flags |= SC_DC_FERROR;
2291                                 } else {
2292                                         ppp->flags |= SC_DC_ERROR;
2293                                 }
2294                         }
2295
2296
2297                 } else {
2298                         /*
2299                          * The frame is not compressed. Pass it to the
2300                          * decompression code so it can update its
2301                          * dictionary if necessary.
2302                          */
2303                         (*ppp->sc_rcomp->incomp)(ppp->sc_rc_state,
2304                                                  data, count);
2305                 }
2306         }
2307         else if (PPP_PROTOCOL(data) == PPP_COMP && (ppp->flags & SC_DEBUG))
2308                 printk(KERN_INFO "%s: not decomp, rc_state=%p flags=%x\n",
2309                        ppp->name, ppp->sc_rc_state, ppp->flags);
2310
2311         /*
2312          * Count the frame and print it
2313          */
2314         ++ppp->stats.ppp_ipackets;
2315         ppp->stats.ppp_ioctects += count;
2316         if (ppp->flags & SC_LOG_INPKT)
2317                 ppp_print_buffer ("receive frame", data, count);
2318
2319         /*
2320          * Find the procedure to handle this protocol.
2321          * The last one is marked as protocol 0 which is the 'catch-all'
2322          * to feed it to the pppd daemon.
2323          */
2324         proto = PPP_PROTOCOL(data);
2325         proto_ptr = proto_list;
2326         while (proto_ptr->proto != 0 && proto_ptr->proto != proto)
2327                 ++proto_ptr;
2328
2329         /*
2330          * Update the appropriate statistic counter.
2331          */
2332         if (!(*proto_ptr->func)(ppp, skb)) {
2333                 KFREE_SKB(skb);
2334                 ++ppp->stats.ppp_discards;
2335         }
2336
2337         return 1;
2338 }
2339
2340 /*
2341  * An input error has been detected, so we need to inform
2342  * the VJ decompressor.
2343  */
2344 static void
2345 ppp_receive_error(struct ppp *ppp)
2346 {
2347         CHECK_PPP_VOID();
2348
2349         if (ppp->slcomp != 0)
2350                 slhc_toss(ppp->slcomp);
2351 }
2352
2353 /*
2354  * Put the input frame into the networking system for the indicated protocol
2355  */
2356 static int
2357 ppp_rcv_rx(struct ppp *ppp, __u16 proto, struct sk_buff *skb)
2358 {
2359
2360         /*
2361          * Fill in a few fields of the skb and give it to netif_rx().
2362          */
2363         skb->dev      = ppp2dev(ppp);   /* We are the device */
2364         skb->protocol = htons(proto);
2365         skb_pull(skb, PPP_HDRLEN);      /* pull off ppp header */
2366         skb->mac.raw   = skb->data;
2367         ppp->last_recv = jiffies;
2368         netif_rx (skb);
2369         return 1;
2370 }
2371
2372 /*
2373  * Process the receipt of an IP frame
2374  */
2375 static int
2376 rcv_proto_ip(struct ppp *ppp, struct sk_buff *skb)
2377 {
2378         CHECK_PPP(0);
2379         if ((ppp2dev(ppp)->flags & IFF_UP) && (skb->len > 0)
2380             && ppp->sc_npmode[NP_IP] == NPMODE_PASS)
2381                 return ppp_rcv_rx(ppp, ETH_P_IP, skb);
2382         return 0;
2383 }
2384
2385 /*
2386  * Process the receipt of an IPv6 frame
2387  */
2388 static int
2389 rcv_proto_ipv6(struct ppp *ppp, struct sk_buff *skb)
2390 {
2391         CHECK_PPP(0);
2392         if ((ppp2dev(ppp)->flags & IFF_UP) && (skb->len > 0)
2393             && ppp->sc_npmode[NP_IPV6] == NPMODE_PASS)
2394                 return ppp_rcv_rx(ppp, ETH_P_IPV6, skb);
2395         return 0;
2396 }
2397
2398 /*
2399  * Process the receipt of an IPX frame
2400  */
2401 static int
2402 rcv_proto_ipx(struct ppp *ppp, struct sk_buff *skb)
2403 {
2404         CHECK_PPP(0);
2405         if (((ppp2dev(ppp)->flags & IFF_UP) != 0) && (skb->len > 0)
2406             && ppp->sc_npmode[NP_IPX] == NPMODE_PASS)
2407                 return ppp_rcv_rx(ppp, ETH_P_IPX, skb);
2408         return 0;
2409 }
2410
2411 /*
2412  * Process the receipt of an Appletalk frame
2413  */
2414 static int
2415 rcv_proto_at(struct ppp *ppp, struct sk_buff *skb)
2416 {
2417         CHECK_PPP(0);
2418         if ((ppp2dev(ppp)->flags & IFF_UP) && (skb->len > 0)
2419             && ppp->sc_npmode[NP_AT] == NPMODE_PASS)
2420                 return ppp_rcv_rx(ppp, ETH_P_PPPTALK, skb);
2421         return 0;
2422 }
2423
2424 /*
2425  * Process the receipt of an VJ Compressed frame
2426  */
2427 static int
2428 rcv_proto_vjc_comp(struct ppp *ppp, struct sk_buff *skb)
2429 {
2430         int new_count;
2431
2432         CHECK_PPP(0);
2433         if ((ppp->flags & SC_REJ_COMP_TCP) || ppp->slcomp == NULL)
2434                 return 0;
2435         new_count = slhc_uncompress(ppp->slcomp, skb->data + PPP_HDRLEN,
2436                                     skb->len - PPP_HDRLEN);
2437         if (new_count <= 0) {
2438                 if (ppp->flags & SC_DEBUG)
2439                         printk(KERN_NOTICE
2440                                "ppp: error in VJ decompression\n");
2441                 return 0;
2442         }
2443         new_count += PPP_HDRLEN;
2444         if (new_count > skb->len)
2445                 skb_put(skb, new_count - skb->len);
2446         else
2447                 skb_trim(skb, new_count);
2448         return rcv_proto_ip(ppp, skb);
2449 }
2450
2451 /*
2452  * Process the receipt of an VJ Un-compressed frame
2453  */
2454 static int
2455 rcv_proto_vjc_uncomp(struct ppp *ppp, struct sk_buff *skb)
2456 {
2457         CHECK_PPP(0);
2458         if ((ppp->flags & SC_REJ_COMP_TCP) || ppp->slcomp == NULL)
2459                 return 0;
2460         if (slhc_remember(ppp->slcomp, skb->data + PPP_HDRLEN,
2461                           skb->len - PPP_HDRLEN) <= 0) {
2462                 if (ppp->flags & SC_DEBUG)
2463                         printk(KERN_NOTICE "ppp: error in VJ memorizing\n");
2464                 return 0;
2465         }
2466         return rcv_proto_ip(ppp, skb);
2467 }
2468
2469 static int
2470 rcv_proto_ccp(struct ppp *ppp, struct sk_buff *skb)
2471 {
2472         CHECK_PPP(0);
2473         ppp_proto_ccp (ppp, skb->data + PPP_HDRLEN, skb->len - PPP_HDRLEN, 1);
2474         return rcv_proto_unknown(ppp, skb);
2475 }
2476
2477 /*
2478  * Receive all unclassified protocols.
2479  */
2480 static int
2481 rcv_proto_unknown(struct ppp *ppp, struct sk_buff *skb)
2482 {
2483         CHECK_PPP(0);
2484
2485         /*
2486          * Limit queue length by dropping old frames.
2487          */
2488         skb_queue_tail(&ppp->rcv_q, skb);
2489         while (ppp->rcv_q.qlen > PPP_MAX_RCV_QLEN) {
2490                 struct sk_buff *skb = skb_dequeue(&ppp->rcv_q);
2491                 if (skb)
2492                         KFREE_SKB(skb);
2493         }
2494
2495         wake_up_interruptible (&ppp->read_wait);
2496         if (ppp->tty->fasync != NULL)
2497                 kill_fasync (ppp->tty->fasync, SIGIO);
2498
2499         return 1;
2500 }
2501
2502 /*************************************************************
2503  * TRANSMIT-SIDE ROUTINES
2504  *************************************************************/
2505
2506 /* local function to store a value into the LQR frame */
2507 extern inline __u8 * store_long (register __u8 *p, register int value) {
2508         *p++ = (__u8) (value >> 24);
2509         *p++ = (__u8) (value >> 16);
2510         *p++ = (__u8) (value >>  8);
2511         *p++ = (__u8) value;
2512         return p;
2513 }
2514
2515 /*
2516  * Compress and send an frame to the peer.
2517  * Should be called with xmit_busy == 1, having been set by the caller.
2518  * That is, we use xmit_busy as a lock to prevent reentry of this
2519  * procedure.
2520  */
2521 static void
2522 ppp_send_frame(struct ppp *ppp, struct sk_buff *skb)
2523 {
2524         int     proto;
2525         __u8    *data;
2526         int     count;
2527         __u8    *p;
2528         int     ret;
2529
2530         CHECK_PPP_VOID();
2531         data = skb->data;
2532         count = skb->len;
2533
2534         /* dump the buffer */
2535         if (ppp->flags & SC_LOG_OUTPKT)
2536                 ppp_print_buffer ("write frame", data, count);
2537
2538         /*
2539          * Handle various types of protocol-specific compression
2540          * and other processing, including:
2541          * - VJ TCP header compression
2542          * - updating LQR packets
2543          * - updating CCP state on CCP packets
2544          */
2545         proto = PPP_PROTOCOL(data);
2546         switch (proto) {
2547         case PPP_IP:
2548                 if ((ppp->flags & SC_COMP_TCP) && ppp->slcomp != NULL)
2549                         skb = ppp_vj_compress(ppp, skb);
2550                 break;
2551
2552         case PPP_LQR:
2553                 /*
2554                  * Update the LQR frame with the current MIB information.
2555                  * This way the information is accurate and up-to-date.
2556                  */
2557                 if (count < 48)
2558                         break;
2559                 p = data + 40;  /* Point to last two items. */
2560                 p = store_long(p, ppp->stats.ppp_opackets + 1);
2561                 p = store_long(p, ppp->stats.ppp_ooctects + count);
2562                 ++ppp->stats.ppp_olqrs;
2563                 break;
2564
2565         case PPP_CCP:
2566                 /*
2567                  * Outbound compression control frames
2568                  */
2569                 ppp_proto_ccp(ppp, data + PPP_HDRLEN, count - PPP_HDRLEN, 0);
2570                 break;
2571         }
2572         data = skb->data;
2573         count = skb->len;
2574
2575         /*
2576          * Compress the whole frame if possible.
2577          */
2578         if (((ppp->flags & SC_COMP_RUN) != 0)   &&
2579             (ppp->sc_xc_state != (void *) 0)    &&
2580             (proto != PPP_LCP)                  &&
2581             (proto != PPP_CCP)) {
2582                 struct sk_buff *new_skb;
2583                 int new_count;
2584
2585                 /* Allocate an skb for the compressed frame. */
2586                 new_skb = alloc_skb(ppp->mtu + PPP_HDRLEN, GFP_ATOMIC);
2587                 if (new_skb == NULL) {
2588                         printk(KERN_ERR "ppp_send_frame: no memory\n");
2589                         KFREE_SKB(skb);
2590                         ppp->xmit_busy = 0;
2591                         return;
2592                 }
2593                 LIBERATE_SKB(new_skb);
2594
2595                 /* Compress the frame. */
2596                 new_count = (*ppp->sc_xcomp->compress)
2597                         (ppp->sc_xc_state, data, new_skb->data,
2598                          count, ppp->mtu + PPP_HDRLEN);
2599
2600                 /* Did it compress? */
2601                 if (new_count > 0 && (ppp->flags & SC_CCP_UP)) {
2602                         skb_put(new_skb, new_count);
2603                         KFREE_SKB(skb);
2604                         skb = new_skb;
2605                 } else {
2606                         /*
2607                          * The frame could not be compressed, or it could not
2608                          * be sent in compressed form because CCP is down.
2609                          */
2610                         KFREE_SKB(new_skb);
2611                 }
2612         }
2613
2614         /*
2615          * Send the frame
2616          */
2617         if ( ppp->flags & SC_SYNC ) 
2618                 ret = ppp_sync_send(ppp, skb);
2619         else
2620                 ret = ppp_async_send(ppp, skb);
2621         if (ret > 0) {
2622                 /* we can release the lock */
2623                 ppp->xmit_busy = 0;
2624         } else if (ret < 0) {
2625                 /* can't happen, since the caller got the xmit_busy lock */
2626                 printk(KERN_ERR "ppp: ppp_async_send didn't accept pkt\n");
2627         }
2628 }
2629
2630 /*
2631  * Apply VJ TCP header compression to a packet.
2632  */
2633 static struct sk_buff *
2634 ppp_vj_compress(struct ppp *ppp, struct sk_buff *skb)
2635 {
2636         __u8 *orig_data, *data;
2637         struct sk_buff *new_skb;
2638         int len, proto;
2639
2640         new_skb = alloc_skb(skb->len, GFP_ATOMIC);
2641         if (new_skb == NULL) {
2642                 printk(KERN_ERR "ppp: no memory for vj compression\n");
2643                 return skb;
2644         }
2645         LIBERATE_SKB(new_skb);
2646
2647         orig_data = data = skb->data + PPP_HDRLEN;
2648         len = slhc_compress(ppp->slcomp, data, skb->len - PPP_HDRLEN,
2649                             new_skb->data + PPP_HDRLEN, &data,
2650                             (ppp->flags & SC_NO_TCP_CCID) == 0);
2651
2652         if (data == orig_data) {
2653                 /* Couldn't compress the data */
2654                 KFREE_SKB(new_skb);
2655                 return skb;
2656         }
2657
2658         /* The data has been changed */
2659         if (data[0] & SL_TYPE_COMPRESSED_TCP) {
2660                 proto = PPP_VJC_COMP;
2661                 data[0] ^= SL_TYPE_COMPRESSED_TCP;
2662         } else {
2663                 if (data[0] >= SL_TYPE_UNCOMPRESSED_TCP)
2664                         proto = PPP_VJC_UNCOMP;
2665                 else
2666                         proto = PPP_IP;
2667                 data[0] = orig_data[0];
2668         }
2669
2670         data = skb_put(new_skb, len + PPP_HDRLEN);
2671         data[0] = PPP_ALLSTATIONS;
2672         data[1] = PPP_UI;
2673         data[2] = 0;
2674         data[3] = proto;
2675
2676         KFREE_SKB(skb);
2677         return new_skb;
2678 }
2679
2680 static inline void
2681 ppp_send_frames(struct ppp *ppp)
2682 {
2683         struct sk_buff *skb;
2684
2685         while (!test_and_set_bit(0, &ppp->xmit_busy)) {
2686                 skb = skb_dequeue(&ppp->xmt_q);
2687                 if (skb == NULL) {
2688                         ppp->xmit_busy = 0;
2689                         break;
2690                 }
2691                 ppp_send_frame(ppp, skb);
2692         }
2693         if (!ppp->xmit_busy && ppp->dev.tbusy) {
2694                 ppp->dev.tbusy = 0;
2695                 mark_bh(NET_BH);
2696         }
2697 }
2698
2699 /*
2700  * Called from the hardware (tty) layer when it can accept
2701  * another packet.
2702  */
2703 static void
2704 ppp_output_wakeup(struct ppp *ppp)
2705 {
2706         CHECK_PPP_VOID();
2707
2708         if (!ppp->xmit_busy) {
2709                 printk(KERN_ERR "ppp_output_wakeup called but xmit_busy==0\n");
2710                 return;
2711         }
2712         ppp->xmit_busy = 0;
2713         ppp_send_frames(ppp);
2714 }
2715
2716 /*
2717  * Send a control frame (from pppd).
2718  */
2719 static void
2720 ppp_send_ctrl(struct ppp *ppp, struct sk_buff *skb)
2721 {
2722         CHECK_PPP_VOID();
2723
2724         /*
2725          * Put the packet on the queue, then send as many as we can.
2726          */
2727         skb_queue_tail(&ppp->xmt_q, skb);
2728         ppp_send_frames(ppp);
2729 }
2730
2731
2732 /*************************************************************
2733  * NETWORK OUTPUT
2734  *    This routine accepts requests from the network layer
2735  *    and attempts to deliver the packets.
2736  *************************************************************/
2737 /*
2738  * Send a frame to the peer.
2739  * Returns 1 iff the frame was not accepted.
2740  */
2741 static int
2742 ppp_dev_xmit(struct sk_buff *skb, struct device *dev)
2743 {
2744         struct ppp *ppp = dev2ppp(dev);
2745         struct tty_struct *tty = ppp2tty(ppp);
2746         enum NPmode npmode;
2747         int proto;
2748         unsigned char *hdr;
2749
2750         /* just a little sanity check. */
2751         if (skb == NULL)
2752                 return 0;
2753         if (skb->data == NULL) {
2754                 KFREE_SKB(skb);
2755                 return 0;
2756         }
2757
2758         /*
2759          * Avoid timing problem should tty hangup while data is
2760          * queued to be sent.
2761          */
2762         if (!ppp->inuse) {
2763                 KFREE_SKB(skb);
2764                 return 0;
2765         }
2766
2767         /*
2768          * Validate the tty interface
2769          */
2770         if (tty == NULL) {
2771                 if (ppp->flags & SC_DEBUG)
2772                         printk(KERN_ERR
2773                                "ppp_dev_xmit: %s not connected to a TTY!\n",
2774                                dev->name);
2775                 KFREE_SKB(skb);
2776                 return 0;
2777         }
2778
2779         /*
2780          * Work out the appropriate network-protocol mode for this packet.
2781          */
2782         npmode = NPMODE_PASS;   /* default */
2783         switch (ntohs(skb->protocol)) {
2784         case ETH_P_IP:
2785                 proto = PPP_IP;
2786                 npmode = ppp->sc_npmode[NP_IP];
2787                 break;
2788         case ETH_P_IPV6:
2789                 proto = PPP_IPV6;
2790                 npmode = ppp->sc_npmode[NP_IPV6];
2791                 break;
2792         case ETH_P_IPX:
2793                 proto = PPP_IPX;
2794                 npmode = ppp->sc_npmode[NP_IPX];
2795                 break;
2796         case ETH_P_PPPTALK:
2797         case ETH_P_ATALK:
2798                 proto = PPP_AT;
2799                 npmode = ppp->sc_npmode[NP_AT];
2800                 break;
2801         default:
2802                 if (ppp->flags & SC_DEBUG)
2803                         printk(KERN_INFO "%s: packet for unknown proto %x\n",
2804                                ppp->name, ntohs(skb->protocol));
2805                 KFREE_SKB(skb);
2806                 return 0;
2807         }
2808
2809         /*
2810          * Drop, accept or reject the packet depending on the mode.
2811          */
2812         switch (npmode) {
2813         case NPMODE_PASS:
2814                 break;
2815
2816         case NPMODE_QUEUE:
2817                 /*
2818                  * We may not send the packet now, so drop it.
2819                  * XXX It would be nice to be able to return it to the
2820                  * network system to be queued and retransmitted later.
2821                  */
2822                 if (ppp->flags & SC_DEBUG)
2823                         printk(KERN_DEBUG "%s: returning frame\n", ppp->name);
2824                 KFREE_SKB(skb);
2825                 return 0;
2826
2827         case NPMODE_ERROR:
2828         case NPMODE_DROP:
2829                 if (ppp->flags & SC_DEBUG)
2830                         printk(KERN_DEBUG
2831                                "ppp_dev_xmit: dropping (npmode = %d) on %s\n",
2832                                npmode, ppp->name);
2833                 KFREE_SKB(skb);
2834                 return 0;
2835         }
2836
2837         /*
2838          * The dev->tbusy field acts as a lock to allow only
2839          * one packet to be processed at a time.  If we can't
2840          * get the lock, try again later.
2841          * We deliberately queue as little as possible inside
2842          * the ppp driver in order to minimize the latency
2843          * for high-priority packets.
2844          */
2845         if (test_and_set_bit(0, &ppp->xmit_busy)) {
2846                 dev->tbusy = 1; /* can't take it now */
2847                 return 1;
2848         }
2849         dev->tbusy = 0;
2850
2851         /*
2852          * Put the 4-byte PPP header on the packet.
2853          * If there isn't room for it, we have to copy the packet.
2854          */
2855         if (skb_headroom(skb) < PPP_HDRLEN) {
2856                 struct sk_buff *new_skb;
2857
2858                 new_skb = alloc_skb(skb->len + PPP_HDRLEN, GFP_ATOMIC);
2859                 if (new_skb == NULL) {
2860                         printk(KERN_ERR "%s: skb hdr alloc failed\n",
2861                                ppp->name);
2862                         KFREE_SKB(skb);
2863                         ppp->xmit_busy = 0;
2864                         ppp_send_frames(ppp);
2865                         return 0;
2866                 }
2867                 LIBERATE_SKB(new_skb);
2868                 skb_reserve(new_skb, PPP_HDRLEN);
2869                 memcpy(skb_put(new_skb, skb->len), skb->data, skb->len);
2870                 KFREE_SKB(skb);
2871                 skb = new_skb;
2872         }
2873
2874         hdr = skb_push(skb, PPP_HDRLEN);
2875         hdr[0] = PPP_ALLSTATIONS;
2876         hdr[1] = PPP_UI;
2877         hdr[2] = proto >> 8;
2878         hdr[3] = proto;
2879
2880         ppp_send_frame(ppp, skb);
2881         if (!ppp->xmit_busy)
2882                 ppp_send_frames(ppp);
2883         return 0;
2884 }
2885
2886 #if LINUX_VERSION_CODE < VERSION(2,1,15)
2887 /*
2888  * Null hard_header and header_rebuild routines.
2889  */
2890 static int ppp_dev_header(struct sk_buff *skb, struct device *dev,
2891                           unsigned short type, void *daddr,
2892                           void *saddr, unsigned int len)
2893 {
2894         return 0;
2895 }
2896
2897 static int ppp_dev_rebuild(void *eth, struct device *dev,
2898                            unsigned long raddr, struct sk_buff *skb)
2899 {
2900         return 0;
2901 }
2902 #endif /* < 2.1.15 */
2903
2904 /*
2905  * Generate the statistic information for the /proc/net/dev listing.
2906  */
2907 static struct net_device_stats *
2908 ppp_dev_stats (struct device *dev)
2909 {
2910         struct ppp *ppp = dev2ppp (dev);
2911
2912         ppp->estats.rx_packets = ppp->stats.ppp_ipackets;
2913         ppp->estats.rx_errors  = ppp->stats.ppp_ierrors;
2914         ppp->estats.tx_packets = ppp->stats.ppp_opackets;
2915         ppp->estats.tx_errors  = ppp->stats.ppp_oerrors;
2916 #if LINUX_VERSION_CODE >= VERSION(2,1,25)
2917         ppp->estats.rx_bytes   = ppp->stats.ppp_ibytes;
2918         ppp->estats.tx_bytes   = ppp->stats.ppp_obytes;
2919 #endif
2920
2921         return &ppp->estats;
2922 }
2923
2924 /*************************************************************
2925  * UTILITIES
2926  *    Miscellany called by various functions above.
2927  *************************************************************/
2928
2929 /* Locate the previous instance of the PPP channel */
2930 static struct ppp *
2931 ppp_find(int pid_value)
2932 {
2933         struct ppp      *ppp;
2934
2935         /* try to find the device which this pid is already using */
2936         for (ppp = ppp_list; ppp != 0; ppp = ppp->next) {
2937                 if (ppp->inuse && ppp->sc_xfer == pid_value) {
2938                         ppp->sc_xfer = 0;
2939                         break;
2940                 }
2941         }
2942         return ppp;
2943 }
2944
2945 /* allocate or create a PPP channel */
2946 static struct ppp *
2947 ppp_alloc(void)
2948 {
2949         int             if_num;
2950         int             status;
2951         struct device   *dev;
2952         struct ppp      *ppp;
2953
2954         /* try to find an free device */
2955         for (ppp = ppp_list; ppp != 0; ppp = ppp->next) {
2956                 if (!test_and_set_bit(0, &ppp->inuse)) {
2957                         dev = ppp2dev(ppp);
2958                         if (dev->flags & IFF_UP) {
2959                                 clear_bit(0, &ppp->inuse);
2960                                 continue;
2961                         }
2962                         /* Reregister device */
2963                         unregister_netdev(dev);
2964                         if (register_netdev(dev) == 0)
2965                                 return ppp;
2966                         printk(KERN_DEBUG "could not reregister ppp device\n");
2967                         /* leave inuse set in this case */
2968                 }
2969         }
2970
2971         /*
2972          * There are no available units, so make a new one.
2973          */
2974         ppp = (struct ppp *) kmalloc(sizeof(struct ppp), GFP_KERNEL);
2975         if (ppp == 0) {
2976                 printk(KERN_ERR "ppp: struct ppp allocation failed\n");
2977                 return 0;
2978         }
2979         memset(ppp, 0, sizeof(*ppp));
2980
2981         /* initialize channel control data */
2982         ppp->magic = PPP_MAGIC;
2983         ppp->next = NULL;
2984         ppp->inuse = 1;
2985         ppp->read_wait = NULL;
2986
2987         /*
2988          * Make up a suitable name for this device
2989          */
2990         dev = ppp2dev(ppp);
2991         dev->name = ppp->name;
2992 #if LINUX_VERSION_CODE < VERSION(2,1,31)
2993         if_num = (ppp_list == 0)? 0: ppp_last->line + 1;
2994         sprintf(ppp->name, "ppp%d", if_num);
2995 #else
2996         if_num = dev_alloc_name(dev, "ppp%d");
2997 #endif
2998         if (if_num < 0) {
2999                 printk(KERN_ERR "ppp: dev_alloc_name failed (%d)\n", if_num);
3000                 kfree(ppp);
3001                 return 0;
3002         }
3003         ppp->line = if_num;
3004         ppp->slcomp = NULL;
3005
3006         dev->next = NULL;
3007         dev->init = ppp_init_dev;
3008         dev->name = ppp->name;
3009         dev->priv = (void *) ppp;
3010
3011         /* register device so that we can be ifconfig'd */
3012         /* ppp_init_dev() will be called as a side-effect */
3013         status = register_netdev (dev);
3014         if (status == 0) {
3015                 printk(KERN_INFO "registered device %s\n", dev->name);
3016         } else {
3017                 printk(KERN_ERR
3018                        "ppp_alloc - register_netdev(%s) = %d failure.\n",
3019                        dev->name, status);
3020                 kfree(ppp);
3021                 ppp = NULL;
3022         }
3023
3024         /* link this unit into our list */
3025         if (ppp_list == 0)
3026                 ppp_list = ppp;
3027         else
3028                 ppp_last->next = ppp;
3029         ppp_last = ppp;
3030
3031         return ppp;
3032 }
3033
3034 /*
3035  * Initialize the generic parts of the ppp structure.
3036  */
3037 static void
3038 ppp_generic_init(struct ppp *ppp)
3039 {
3040         int indx;
3041
3042         ppp->flags  = 0;
3043         ppp->mtu    = PPP_MTU;
3044         ppp->mru    = PPP_MRU;
3045
3046         skb_queue_head_init(&ppp->xmt_q);
3047         skb_queue_head_init(&ppp->rcv_q);
3048
3049         ppp->last_xmit  = jiffies;
3050         ppp->last_recv  = jiffies;
3051         ppp->xmit_busy  = 0;
3052
3053         /* clear statistics */
3054         memset(&ppp->stats, 0, sizeof (struct pppstat));
3055         memset(&ppp->estats, 0, sizeof(struct net_device_stats));
3056
3057         /* PPP compression data */
3058         ppp->sc_xc_state = NULL;
3059         ppp->sc_rc_state = NULL;
3060
3061         for (indx = 0; indx < NUM_NP; ++indx)
3062                 ppp->sc_npmode[indx] = NPMODE_PASS;
3063 }
3064
3065 /*
3066  * Called to clean up the generic parts of the ppp structure.
3067  */
3068 static void
3069 ppp_release(struct ppp *ppp)
3070 {
3071         struct sk_buff *skb;
3072
3073         CHECK_PPP_MAGIC(ppp);
3074
3075         if (ppp->flags & SC_DEBUG)
3076                 printk(KERN_DEBUG "%s released\n", ppp->name);
3077
3078         ppp_ccp_closed(ppp);
3079
3080         /* Ensure that the pppd process is not hanging on select()/poll() */
3081         wake_up_interruptible(&ppp->read_wait);
3082
3083         if (ppp->slcomp) {
3084                 slhc_free(ppp->slcomp);
3085                 ppp->slcomp = NULL;
3086         }
3087
3088         while ((skb = skb_dequeue(&ppp->rcv_q)) != NULL)
3089                 KFREE_SKB(skb);
3090         while ((skb = skb_dequeue(&ppp->xmt_q)) != NULL)
3091                 KFREE_SKB(skb);
3092
3093         ppp->inuse = 0;
3094         if (ppp->dev.tbusy) {
3095                 ppp->dev.tbusy = 0;
3096                 mark_bh(NET_BH);
3097         }
3098 }
3099
3100 /*
3101  * Utility procedures to print a buffer in hex/ascii
3102  */
3103 static void
3104 ppp_print_hex (register __u8 * out, const __u8 * in, int count)
3105 {
3106         register __u8 next_ch;
3107         static char hex[] = "0123456789ABCDEF";
3108
3109         while (count-- > 0) {
3110                 next_ch = *in++;
3111                 *out++ = hex[(next_ch >> 4) & 0x0F];
3112                 *out++ = hex[next_ch & 0x0F];
3113                 ++out;
3114         }
3115 }
3116
3117 static void
3118 ppp_print_char (register __u8 * out, const __u8 * in, int count)
3119 {
3120         register __u8 next_ch;
3121
3122         while (count-- > 0) {
3123                 next_ch = *in++;
3124
3125                 if (next_ch < 0x20 || next_ch > 0x7e)
3126                         *out++ = '.';
3127                 else {
3128                         *out++ = next_ch;
3129                         if (next_ch == '%')   /* printk/syslogd has a bug !! */
3130                                 *out++ = '%';
3131                 }
3132         }
3133         *out = '\0';
3134 }
3135
3136 static void
3137 ppp_print_buffer (const char *name, const __u8 *buf, int count)
3138 {
3139         __u8 line[44];
3140
3141         if (name != NULL)
3142                 printk(KERN_DEBUG "ppp: %s, count = %d\n", name, count);
3143
3144         while (count > 8) {
3145                 memset (line, 32, 44);
3146                 ppp_print_hex (line, buf, 8);
3147                 ppp_print_char (&line[8 * 3], buf, 8);
3148                 printk(KERN_DEBUG "%s\n", line);
3149                 count -= 8;
3150                 buf += 8;
3151         }
3152
3153         if (count > 0) {
3154                 memset (line, 32, 44);
3155                 ppp_print_hex (line, buf, count);
3156                 ppp_print_char (&line[8 * 3], buf, count);
3157                 printk(KERN_DEBUG "%s\n", line);
3158         }
3159 }
3160
3161 /*************************************************************
3162  * Compressor module interface
3163  *************************************************************/
3164
3165 struct compressor_link {
3166         struct compressor_link  *next;
3167         struct compressor       *comp;
3168 };
3169
3170 static struct compressor_link *ppp_compressors = (struct compressor_link *) 0;
3171
3172 static struct compressor *find_compressor (int type)
3173 {
3174         struct compressor_link *lnk;
3175         unsigned long flags;
3176
3177         save_flags(flags);
3178         cli();
3179
3180         lnk = ppp_compressors;
3181         while (lnk != (struct compressor_link *) 0) {
3182                 if ((int) (__u8) lnk->comp->compress_proto == type) {
3183                         restore_flags(flags);
3184                         return lnk->comp;
3185                 }
3186                 lnk = lnk->next;
3187         }
3188
3189         restore_flags(flags);
3190         return (struct compressor *) 0;
3191 }
3192
3193 #ifdef CONFIG_MODULES
3194 static int ppp_register_compressor (struct compressor *cp)
3195 {
3196         struct compressor_link *new;
3197         unsigned long flags;
3198
3199         new = (struct compressor_link *)
3200                 kmalloc (sizeof (struct compressor_link), GFP_KERNEL);
3201
3202         if (new == (struct compressor_link *) 0)
3203                 return 1;
3204
3205         save_flags(flags);
3206         cli();
3207
3208         if (find_compressor (cp->compress_proto)) {
3209                 restore_flags(flags);
3210                 kfree (new);
3211                 return 0;
3212         }
3213
3214         new->next       = ppp_compressors;
3215         new->comp       = cp;
3216         ppp_compressors = new;
3217
3218         restore_flags(flags);
3219         return 0;
3220 }
3221
3222 static void ppp_unregister_compressor (struct compressor *cp)
3223 {
3224         struct compressor_link *prev = (struct compressor_link *) 0;
3225         struct compressor_link *lnk;
3226         unsigned long flags;
3227
3228         save_flags(flags);
3229         cli();
3230
3231         lnk  = ppp_compressors;
3232         while (lnk != (struct compressor_link *) 0) {
3233                 if (lnk->comp == cp) {
3234                         if (prev)
3235                                 prev->next = lnk->next;
3236                         else
3237                                 ppp_compressors = lnk->next;
3238                         kfree (lnk);
3239                         break;
3240                 }
3241                 prev = lnk;
3242                 lnk  = lnk->next;
3243         }
3244         restore_flags(flags);
3245 }
3246 #endif
3247
3248 /*************************************************************
3249  * Module support routines
3250  *************************************************************/
3251
3252 #ifdef MODULE
3253 int
3254 init_module(void)
3255 {
3256         int status;
3257
3258         /* register our line disciplines */
3259         status = ppp_first_time();
3260         if (status != 0)
3261                 printk(KERN_INFO "PPP: ppp_init() failure %d\n", status);
3262 #if LINUX_VERSION_CODE < VERSION(2,1,18)
3263         else
3264                 (void) register_symtab (&ppp_syms);
3265 #endif
3266
3267         return status;
3268 }
3269
3270 void
3271 cleanup_module(void)
3272 {
3273         int status;
3274         struct ppp *ppp, *next_ppp;
3275         int busy = 0;
3276
3277         /*
3278          * Ensure that the devices are not in operation.
3279          */
3280         for (ppp = ppp_list; ppp != 0; ppp = ppp->next) {
3281                 CHECK_PPP_MAGIC(ppp);
3282                 if (ppp->inuse || (ppp->dev.flags & IFF_UP))
3283                         ++busy;
3284         }
3285         if (busy)
3286                 printk(KERN_CRIT "PPP: removing despite %d units in use!\n",
3287                        busy);
3288
3289         /*
3290          * Release the tty registration of the line discipline so that
3291          * ttys can no longer be put into PPP line discipline.
3292          */
3293         status = tty_register_ldisc (N_PPP, NULL);
3294         if (status != 0)
3295                 printk(KERN_ERR
3296                        "PPP: Unable to unregister ppp line discipline "
3297                        "(err = %d)\n", status);
3298         else
3299                 printk(KERN_INFO
3300                        "PPP: ppp line discipline successfully unregistered\n");
3301
3302         /*
3303          * De-register the devices so that there is no problem with them
3304          */
3305         for (ppp = ppp_list; ppp != 0; ppp = next_ppp) {
3306                 next_ppp = ppp->next;
3307                 unregister_netdev(&ppp->dev);
3308                 kfree (ppp);
3309         }
3310 }
3311 #endif