[PATCH] hostap: replace kmalloc+memset with kzalloc
[linux-2.6] / drivers / isdn / i4l / isdn_ppp.c
1 /* $Id: isdn_ppp.c,v 1.1.2.3 2004/02/10 01:07:13 keil Exp $
2  *
3  * Linux ISDN subsystem, functions for synchronous PPP (linklevel).
4  *
5  * Copyright 1995,96 by Michael Hipp (Michael.Hipp@student.uni-tuebingen.de)
6  *
7  * This software may be used and distributed according to the terms
8  * of the GNU General Public License, incorporated herein by reference.
9  *
10  */
11
12 #include <linux/isdn.h>
13 #include <linux/poll.h>
14 #include <linux/ppp-comp.h>
15 #ifdef CONFIG_IPPP_FILTER
16 #include <linux/filter.h>
17 #endif
18
19 #include "isdn_common.h"
20 #include "isdn_ppp.h"
21 #include "isdn_net.h"
22
23 #ifndef PPP_IPX
24 #define PPP_IPX 0x002b
25 #endif
26
27 /* Prototypes */
28 static int isdn_ppp_fill_rq(unsigned char *buf, int len, int proto, int slot);
29 static int isdn_ppp_closewait(int slot);
30 static void isdn_ppp_push_higher(isdn_net_dev * net_dev, isdn_net_local * lp,
31                                  struct sk_buff *skb, int proto);
32 static int isdn_ppp_if_get_unit(char *namebuf);
33 static int isdn_ppp_set_compressor(struct ippp_struct *is,struct isdn_ppp_comp_data *);
34 static struct sk_buff *isdn_ppp_decompress(struct sk_buff *,
35                                 struct ippp_struct *,struct ippp_struct *,int *proto);
36 static void isdn_ppp_receive_ccp(isdn_net_dev * net_dev, isdn_net_local * lp,
37                                 struct sk_buff *skb,int proto);
38 static struct sk_buff *isdn_ppp_compress(struct sk_buff *skb_in,int *proto,
39         struct ippp_struct *is,struct ippp_struct *master,int type);
40 static void isdn_ppp_send_ccp(isdn_net_dev *net_dev, isdn_net_local *lp,
41          struct sk_buff *skb);
42
43 /* New CCP stuff */
44 static void isdn_ppp_ccp_kickup(struct ippp_struct *is);
45 static void isdn_ppp_ccp_xmit_reset(struct ippp_struct *is, int proto,
46                                     unsigned char code, unsigned char id,
47                                     unsigned char *data, int len);
48 static struct ippp_ccp_reset *isdn_ppp_ccp_reset_alloc(struct ippp_struct *is);
49 static void isdn_ppp_ccp_reset_free(struct ippp_struct *is);
50 static void isdn_ppp_ccp_reset_free_state(struct ippp_struct *is,
51                                           unsigned char id);
52 static void isdn_ppp_ccp_timer_callback(unsigned long closure);
53 static struct ippp_ccp_reset_state *isdn_ppp_ccp_reset_alloc_state(struct ippp_struct *is,
54                                                       unsigned char id);
55 static void isdn_ppp_ccp_reset_trans(struct ippp_struct *is,
56                                      struct isdn_ppp_resetparams *rp);
57 static void isdn_ppp_ccp_reset_ack_rcvd(struct ippp_struct *is,
58                                         unsigned char id);
59
60
61
62 #ifdef CONFIG_ISDN_MPP
63 static ippp_bundle * isdn_ppp_bundle_arr = NULL;
64  
65 static int isdn_ppp_mp_bundle_array_init(void);
66 static int isdn_ppp_mp_init( isdn_net_local * lp, ippp_bundle * add_to );
67 static void isdn_ppp_mp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, 
68                                                         struct sk_buff *skb);
69 static void isdn_ppp_mp_cleanup( isdn_net_local * lp );
70
71 static int isdn_ppp_bundle(struct ippp_struct *, int unit);
72 #endif  /* CONFIG_ISDN_MPP */
73   
74 char *isdn_ppp_revision = "$Revision: 1.1.2.3 $";
75
76 static struct ippp_struct *ippp_table[ISDN_MAX_CHANNELS];
77
78 static struct isdn_ppp_compressor *ipc_head = NULL;
79
80 /*
81  * frame log (debug)
82  */
83 static void
84 isdn_ppp_frame_log(char *info, char *data, int len, int maxlen,int unit,int slot)
85 {
86         int cnt,
87          j,
88          i;
89         char buf[80];
90
91         if (len < maxlen)
92                 maxlen = len;
93
94         for (i = 0, cnt = 0; cnt < maxlen; i++) {
95                 for (j = 0; j < 16 && cnt < maxlen; j++, cnt++)
96                         sprintf(buf + j * 3, "%02x ", (unsigned char) data[cnt]);
97                 printk(KERN_DEBUG "[%d/%d].%s[%d]: %s\n",unit,slot, info, i, buf);
98         }
99 }
100
101 /*
102  * unbind isdn_net_local <=> ippp-device
103  * note: it can happen, that we hangup/free the master before the slaves
104  *       in this case we bind another lp to the master device
105  */
106 int
107 isdn_ppp_free(isdn_net_local * lp)
108 {
109         struct ippp_struct *is;
110
111         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
112                 printk(KERN_ERR "%s: ppp_slot(%d) out of range\n",
113                         __FUNCTION__, lp->ppp_slot);
114                 return 0;
115         }
116
117 #ifdef CONFIG_ISDN_MPP
118         spin_lock(&lp->netdev->pb->lock);
119 #endif
120         isdn_net_rm_from_bundle(lp);
121 #ifdef CONFIG_ISDN_MPP
122         if (lp->netdev->pb->ref_ct == 1)        /* last link in queue? */
123                 isdn_ppp_mp_cleanup(lp);
124
125         lp->netdev->pb->ref_ct--;
126         spin_unlock(&lp->netdev->pb->lock);
127 #endif /* CONFIG_ISDN_MPP */
128         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
129                 printk(KERN_ERR "%s: ppp_slot(%d) now invalid\n",
130                         __FUNCTION__, lp->ppp_slot);
131                 return 0;
132         }
133         is = ippp_table[lp->ppp_slot];
134         if ((is->state & IPPP_CONNECT))
135                 isdn_ppp_closewait(lp->ppp_slot);       /* force wakeup on ippp device */
136         else if (is->state & IPPP_ASSIGNED)
137                 is->state = IPPP_OPEN;  /* fallback to 'OPEN but not ASSIGNED' state */
138
139         if (is->debug & 0x1)
140                 printk(KERN_DEBUG "isdn_ppp_free %d %lx %lx\n", lp->ppp_slot, (long) lp, (long) is->lp);
141
142         is->lp = NULL;          /* link is down .. set lp to NULL */
143         lp->ppp_slot = -1;      /* is this OK ?? */
144
145         return 0;
146 }
147
148 /*
149  * bind isdn_net_local <=> ippp-device
150  *
151  * This function is allways called with holding dev->lock so
152  * no additional lock is needed
153  */
154 int
155 isdn_ppp_bind(isdn_net_local * lp)
156 {
157         int i;
158         int unit = 0;
159         struct ippp_struct *is;
160         int retval;
161
162         if (lp->pppbind < 0) {  /* device bounded to ippp device ? */
163                 isdn_net_dev *net_dev = dev->netdev;
164                 char exclusive[ISDN_MAX_CHANNELS];      /* exclusive flags */
165                 memset(exclusive, 0, ISDN_MAX_CHANNELS);
166                 while (net_dev) {       /* step through net devices to find exclusive minors */
167                         isdn_net_local *lp = net_dev->local;
168                         if (lp->pppbind >= 0)
169                                 exclusive[lp->pppbind] = 1;
170                         net_dev = net_dev->next;
171                 }
172                 /*
173                  * search a free device / slot
174                  */
175                 for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
176                         if (ippp_table[i]->state == IPPP_OPEN && !exclusive[ippp_table[i]->minor]) {    /* OPEN, but not connected! */
177                                 break;
178                         }
179                 }
180         } else {
181                 for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
182                         if (ippp_table[i]->minor == lp->pppbind &&
183                             (ippp_table[i]->state & IPPP_OPEN) == IPPP_OPEN)
184                                 break;
185                 }
186         }
187
188         if (i >= ISDN_MAX_CHANNELS) {
189                 printk(KERN_WARNING "isdn_ppp_bind: Can't find a (free) connection to the ipppd daemon.\n");
190                 retval = -1;
191                 goto out;
192         }
193         unit = isdn_ppp_if_get_unit(lp->name);  /* get unit number from interface name .. ugly! */
194         if (unit < 0) {
195                 printk(KERN_ERR "isdn_ppp_bind: illegal interface name %s.\n", lp->name);
196                 retval = -1;
197                 goto out;
198         }
199         
200         lp->ppp_slot = i;
201         is = ippp_table[i];
202         is->lp = lp;
203         is->unit = unit;
204         is->state = IPPP_OPEN | IPPP_ASSIGNED;  /* assigned to a netdevice but not connected */
205 #ifdef CONFIG_ISDN_MPP
206         retval = isdn_ppp_mp_init(lp, NULL);
207         if (retval < 0)
208                 goto out;
209 #endif /* CONFIG_ISDN_MPP */
210
211         retval = lp->ppp_slot;
212
213  out:
214         return retval;
215 }
216
217 /*
218  * kick the ipppd on the device
219  * (wakes up daemon after B-channel connect)
220  */
221
222 void
223 isdn_ppp_wakeup_daemon(isdn_net_local * lp)
224 {
225         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
226                 printk(KERN_ERR "%s: ppp_slot(%d) out of range\n",
227                         __FUNCTION__, lp->ppp_slot);
228                 return;
229         }
230         ippp_table[lp->ppp_slot]->state = IPPP_OPEN | IPPP_CONNECT | IPPP_NOBLOCK;
231         wake_up_interruptible(&ippp_table[lp->ppp_slot]->wq);
232 }
233
234 /*
235  * there was a hangup on the netdevice
236  * force wakeup of the ippp device
237  * go into 'device waits for release' state
238  */
239 static int
240 isdn_ppp_closewait(int slot)
241 {
242         struct ippp_struct *is;
243
244         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
245                 printk(KERN_ERR "%s: slot(%d) out of range\n",
246                         __FUNCTION__, slot);
247                 return 0;
248         }
249         is = ippp_table[slot];
250         if (is->state)
251                 wake_up_interruptible(&is->wq);
252         is->state = IPPP_CLOSEWAIT;
253         return 1;
254 }
255
256 /*
257  * isdn_ppp_find_slot / isdn_ppp_free_slot
258  */
259
260 static int
261 isdn_ppp_get_slot(void)
262 {
263         int i;
264         for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
265                 if (!ippp_table[i]->state)
266                         return i;
267         }
268         return -1;
269 }
270
271 /*
272  * isdn_ppp_open
273  */
274
275 int
276 isdn_ppp_open(int min, struct file *file)
277 {
278         int slot;
279         struct ippp_struct *is;
280
281         if (min < 0 || min >= ISDN_MAX_CHANNELS)
282                 return -ENODEV;
283
284         slot = isdn_ppp_get_slot();
285         if (slot < 0) {
286                 return -EBUSY;
287         }
288         is = file->private_data = ippp_table[slot];
289         
290         printk(KERN_DEBUG "ippp, open, slot: %d, minor: %d, state: %04x\n",
291                slot, min, is->state);
292
293         /* compression stuff */
294         is->link_compressor   = is->compressor = NULL;
295         is->link_decompressor = is->decompressor = NULL;
296         is->link_comp_stat    = is->comp_stat = NULL;
297         is->link_decomp_stat  = is->decomp_stat = NULL;
298         is->compflags = 0;
299
300         is->reset = isdn_ppp_ccp_reset_alloc(is);
301
302         is->lp = NULL;
303         is->mp_seqno = 0;       /* MP sequence number */
304         is->pppcfg = 0;         /* ppp configuration */
305         is->mpppcfg = 0;        /* mppp configuration */
306         is->last_link_seqno = -1;       /* MP: maybe set to Bundle-MIN, when joining a bundle ?? */
307         is->unit = -1;          /* set, when we have our interface */
308         is->mru = 1524;         /* MRU, default 1524 */
309         is->maxcid = 16;        /* VJ: maxcid */
310         is->tk = current;
311         init_waitqueue_head(&is->wq);
312         is->first = is->rq + NUM_RCV_BUFFS - 1; /* receive queue */
313         is->last = is->rq;
314         is->minor = min;
315 #ifdef CONFIG_ISDN_PPP_VJ
316         /*
317          * VJ header compression init
318          */
319         is->slcomp = slhc_init(16, 16); /* not necessary for 2. link in bundle */
320 #endif
321 #ifdef CONFIG_IPPP_FILTER
322         is->pass_filter = NULL;
323         is->active_filter = NULL;
324 #endif
325         is->state = IPPP_OPEN;
326
327         return 0;
328 }
329
330 /*
331  * release ippp device
332  */
333 void
334 isdn_ppp_release(int min, struct file *file)
335 {
336         int i;
337         struct ippp_struct *is;
338
339         if (min < 0 || min >= ISDN_MAX_CHANNELS)
340                 return;
341         is = file->private_data;
342
343         if (!is) {
344                 printk(KERN_ERR "%s: no file->private_data\n", __FUNCTION__);
345                 return;
346         }
347         if (is->debug & 0x1)
348                 printk(KERN_DEBUG "ippp: release, minor: %d %lx\n", min, (long) is->lp);
349
350         if (is->lp) {           /* a lp address says: this link is still up */
351                 isdn_net_dev *p = is->lp->netdev;
352
353                 if (!p) {
354                         printk(KERN_ERR "%s: no lp->netdev\n", __FUNCTION__);
355                         return;
356                 }
357                 is->state &= ~IPPP_CONNECT;     /* -> effect: no call of wakeup */
358                 /*
359                  * isdn_net_hangup() calls isdn_ppp_free()
360                  * isdn_ppp_free() sets is->lp to NULL and lp->ppp_slot to -1
361                  * removing the IPPP_CONNECT flag omits calling of isdn_ppp_wakeup_daemon()
362                  */
363                 isdn_net_hangup(&p->dev);
364         }
365         for (i = 0; i < NUM_RCV_BUFFS; i++) {
366                 kfree(is->rq[i].buf);
367                 is->rq[i].buf = NULL;
368         }
369         is->first = is->rq + NUM_RCV_BUFFS - 1; /* receive queue */
370         is->last = is->rq;
371
372 #ifdef CONFIG_ISDN_PPP_VJ
373 /* TODO: if this was the previous master: link the slcomp to the new master */
374         slhc_free(is->slcomp);
375         is->slcomp = NULL;
376 #endif
377 #ifdef CONFIG_IPPP_FILTER
378         kfree(is->pass_filter);
379         is->pass_filter = NULL;
380         kfree(is->active_filter);
381         is->active_filter = NULL;
382 #endif
383
384 /* TODO: if this was the previous master: link the stuff to the new master */
385         if(is->comp_stat)
386                 is->compressor->free(is->comp_stat);
387         if(is->link_comp_stat)
388                 is->link_compressor->free(is->link_comp_stat);
389         if(is->link_decomp_stat)
390                 is->link_decompressor->free(is->link_decomp_stat);
391         if(is->decomp_stat)
392                 is->decompressor->free(is->decomp_stat);
393         is->compressor   = is->link_compressor   = NULL;
394         is->decompressor = is->link_decompressor = NULL;
395         is->comp_stat    = is->link_comp_stat    = NULL;
396         is->decomp_stat  = is->link_decomp_stat  = NULL;
397
398         /* Clean up if necessary */
399         if(is->reset)
400                 isdn_ppp_ccp_reset_free(is);
401
402         /* this slot is ready for new connections */
403         is->state = 0;
404 }
405
406 /*
407  * get_arg .. ioctl helper
408  */
409 static int
410 get_arg(void __user *b, void *val, int len)
411 {
412         if (len <= 0)
413                 len = sizeof(void *);
414         if (copy_from_user(val, b, len))
415                 return -EFAULT;
416         return 0;
417 }
418
419 /*
420  * set arg .. ioctl helper
421  */
422 static int
423 set_arg(void __user *b, void *val,int len)
424 {
425         if(len <= 0)
426                 len = sizeof(void *);
427         if (copy_to_user(b, val, len))
428                 return -EFAULT;
429         return 0;
430 }
431
432 static int get_filter(void __user *arg, struct sock_filter **p)
433 {
434         struct sock_fprog uprog;
435         struct sock_filter *code = NULL;
436         int len, err;
437
438         if (copy_from_user(&uprog, arg, sizeof(uprog)))
439                 return -EFAULT;
440
441         if (!uprog.len) {
442                 *p = NULL;
443                 return 0;
444         }
445
446         /* uprog.len is unsigned short, so no overflow here */
447         len = uprog.len * sizeof(struct sock_filter);
448         code = kmalloc(len, GFP_KERNEL);
449         if (code == NULL)
450                 return -ENOMEM;
451
452         if (copy_from_user(code, uprog.filter, len)) {
453                 kfree(code);
454                 return -EFAULT;
455         }
456
457         err = sk_chk_filter(code, uprog.len);
458         if (err) {
459                 kfree(code);
460                 return err;
461         }
462
463         *p = code;
464         return uprog.len;
465 }
466
467 /*
468  * ippp device ioctl
469  */
470 int
471 isdn_ppp_ioctl(int min, struct file *file, unsigned int cmd, unsigned long arg)
472 {
473         unsigned long val;
474         int r,i,j;
475         struct ippp_struct *is;
476         isdn_net_local *lp;
477         struct isdn_ppp_comp_data data;
478         void __user *argp = (void __user *)arg;
479
480         is = (struct ippp_struct *) file->private_data;
481         lp = is->lp;
482
483         if (is->debug & 0x1)
484                 printk(KERN_DEBUG "isdn_ppp_ioctl: minor: %d cmd: %x state: %x\n", min, cmd, is->state);
485
486         if (!(is->state & IPPP_OPEN))
487                 return -EINVAL;
488
489         switch (cmd) {
490                 case PPPIOCBUNDLE:
491 #ifdef CONFIG_ISDN_MPP
492                         if (!(is->state & IPPP_CONNECT))
493                                 return -EINVAL;
494                         if ((r = get_arg(argp, &val, sizeof(val) )))
495                                 return r;
496                         printk(KERN_DEBUG "iPPP-bundle: minor: %d, slave unit: %d, master unit: %d\n",
497                                (int) min, (int) is->unit, (int) val);
498                         return isdn_ppp_bundle(is, val);
499 #else
500                         return -1;
501 #endif
502                         break;
503                 case PPPIOCGUNIT:       /* get ppp/isdn unit number */
504                         if ((r = set_arg(argp, &is->unit, sizeof(is->unit) )))
505                                 return r;
506                         break;
507                 case PPPIOCGIFNAME:
508                         if(!lp)
509                                 return -EINVAL;
510                         if ((r = set_arg(argp, lp->name, strlen(lp->name))))
511                                 return r;
512                         break;
513                 case PPPIOCGMPFLAGS:    /* get configuration flags */
514                         if ((r = set_arg(argp, &is->mpppcfg, sizeof(is->mpppcfg) )))
515                                 return r;
516                         break;
517                 case PPPIOCSMPFLAGS:    /* set configuration flags */
518                         if ((r = get_arg(argp, &val, sizeof(val) )))
519                                 return r;
520                         is->mpppcfg = val;
521                         break;
522                 case PPPIOCGFLAGS:      /* get configuration flags */
523                         if ((r = set_arg(argp, &is->pppcfg,sizeof(is->pppcfg) )))
524                                 return r;
525                         break;
526                 case PPPIOCSFLAGS:      /* set configuration flags */
527                         if ((r = get_arg(argp, &val, sizeof(val) ))) {
528                                 return r;
529                         }
530                         if (val & SC_ENABLE_IP && !(is->pppcfg & SC_ENABLE_IP) && (is->state & IPPP_CONNECT)) {
531                                 if (lp) {
532                                         /* OK .. we are ready to send buffers */
533                                         is->pppcfg = val; /* isdn_ppp_xmit test for SC_ENABLE_IP !!! */
534                                         netif_wake_queue(&lp->netdev->dev);
535                                         break;
536                                 }
537                         }
538                         is->pppcfg = val;
539                         break;
540                 case PPPIOCGIDLE:       /* get idle time information */
541                         if (lp) {
542                                 struct ppp_idle pidle;
543                                 pidle.xmit_idle = pidle.recv_idle = lp->huptimer;
544                                 if ((r = set_arg(argp, &pidle,sizeof(struct ppp_idle))))
545                                          return r;
546                         }
547                         break;
548                 case PPPIOCSMRU:        /* set receive unit size for PPP */
549                         if ((r = get_arg(argp, &val, sizeof(val) )))
550                                 return r;
551                         is->mru = val;
552                         break;
553                 case PPPIOCSMPMRU:
554                         break;
555                 case PPPIOCSMPMTU:
556                         break;
557                 case PPPIOCSMAXCID:     /* set the maximum compression slot id */
558                         if ((r = get_arg(argp, &val, sizeof(val) )))
559                                 return r;
560                         val++;
561                         if (is->maxcid != val) {
562 #ifdef CONFIG_ISDN_PPP_VJ
563                                 struct slcompress *sltmp;
564 #endif
565                                 if (is->debug & 0x1)
566                                         printk(KERN_DEBUG "ippp, ioctl: changed MAXCID to %ld\n", val);
567                                 is->maxcid = val;
568 #ifdef CONFIG_ISDN_PPP_VJ
569                                 sltmp = slhc_init(16, val);
570                                 if (!sltmp) {
571                                         printk(KERN_ERR "ippp, can't realloc slhc struct\n");
572                                         return -ENOMEM;
573                                 }
574                                 if (is->slcomp)
575                                         slhc_free(is->slcomp);
576                                 is->slcomp = sltmp;
577 #endif
578                         }
579                         break;
580                 case PPPIOCGDEBUG:
581                         if ((r = set_arg(argp, &is->debug, sizeof(is->debug) )))
582                                 return r;
583                         break;
584                 case PPPIOCSDEBUG:
585                         if ((r = get_arg(argp, &val, sizeof(val) )))
586                                 return r;
587                         is->debug = val;
588                         break;
589                 case PPPIOCGCOMPRESSORS:
590                         {
591                                 unsigned long protos[8] = {0,};
592                                 struct isdn_ppp_compressor *ipc = ipc_head;
593                                 while(ipc) {
594                                         j = ipc->num / (sizeof(long)*8);
595                                         i = ipc->num % (sizeof(long)*8);
596                                         if(j < 8)
597                                                 protos[j] |= (0x1<<i);
598                                         ipc = ipc->next;
599                                 }
600                                 if ((r = set_arg(argp,protos,8*sizeof(long) )))
601                                         return r;
602                         }
603                         break;
604                 case PPPIOCSCOMPRESSOR:
605                         if ((r = get_arg(argp, &data, sizeof(struct isdn_ppp_comp_data))))
606                                 return r;
607                         return isdn_ppp_set_compressor(is, &data);
608                 case PPPIOCGCALLINFO:
609                         {
610                                 struct pppcallinfo pci;
611                                 memset((char *) &pci,0,sizeof(struct pppcallinfo));
612                                 if(lp)
613                                 {
614                                         strncpy(pci.local_num,lp->msn,63);
615                                         if(lp->dial) {
616                                                 strncpy(pci.remote_num,lp->dial->num,63);
617                                         }
618                                         pci.charge_units = lp->charge;
619                                         if(lp->outgoing)
620                                                 pci.calltype = CALLTYPE_OUTGOING;
621                                         else
622                                                 pci.calltype = CALLTYPE_INCOMING;
623                                         if(lp->flags & ISDN_NET_CALLBACK)
624                                                 pci.calltype |= CALLTYPE_CALLBACK;
625                                 }
626                                 return set_arg(argp,&pci,sizeof(struct pppcallinfo));
627                         }
628 #ifdef CONFIG_IPPP_FILTER
629                 case PPPIOCSPASS:
630                         {
631                                 struct sock_filter *code;
632                                 int len = get_filter(argp, &code);
633                                 if (len < 0)
634                                         return len;
635                                 kfree(is->pass_filter);
636                                 is->pass_filter = code;
637                                 is->pass_len = len;
638                                 break;
639                         }
640                 case PPPIOCSACTIVE:
641                         {
642                                 struct sock_filter *code;
643                                 int len = get_filter(argp, &code);
644                                 if (len < 0)
645                                         return len;
646                                 kfree(is->active_filter);
647                                 is->active_filter = code;
648                                 is->active_len = len;
649                                 break;
650                         }
651 #endif /* CONFIG_IPPP_FILTER */
652                 default:
653                         break;
654         }
655         return 0;
656 }
657
658 unsigned int
659 isdn_ppp_poll(struct file *file, poll_table * wait)
660 {
661         u_int mask;
662         struct ippp_buf_queue *bf, *bl;
663         u_long flags;
664         struct ippp_struct *is;
665
666         is = file->private_data;
667
668         if (is->debug & 0x2)
669                 printk(KERN_DEBUG "isdn_ppp_poll: minor: %d\n",
670                                 iminor(file->f_dentry->d_inode));
671
672         /* just registers wait_queue hook. This doesn't really wait. */
673         poll_wait(file, &is->wq, wait);
674
675         if (!(is->state & IPPP_OPEN)) {
676                 if(is->state == IPPP_CLOSEWAIT)
677                         return POLLHUP;
678                 printk(KERN_DEBUG "isdn_ppp: device not open\n");
679                 return POLLERR;
680         }
681         /* we're always ready to send .. */
682         mask = POLLOUT | POLLWRNORM;
683
684         spin_lock_irqsave(&is->buflock, flags);
685         bl = is->last;
686         bf = is->first;
687         /*
688          * if IPPP_NOBLOCK is set we return even if we have nothing to read
689          */
690         if (bf->next != bl || (is->state & IPPP_NOBLOCK)) {
691                 is->state &= ~IPPP_NOBLOCK;
692                 mask |= POLLIN | POLLRDNORM;
693         }
694         spin_unlock_irqrestore(&is->buflock, flags);
695         return mask;
696 }
697
698 /*
699  *  fill up isdn_ppp_read() queue ..
700  */
701
702 static int
703 isdn_ppp_fill_rq(unsigned char *buf, int len, int proto, int slot)
704 {
705         struct ippp_buf_queue *bf, *bl;
706         u_long flags;
707         u_char *nbuf;
708         struct ippp_struct *is;
709
710         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
711                 printk(KERN_WARNING "ippp: illegal slot(%d).\n", slot);
712                 return 0;
713         }
714         is = ippp_table[slot];
715
716         if (!(is->state & IPPP_CONNECT)) {
717                 printk(KERN_DEBUG "ippp: device not activated.\n");
718                 return 0;
719         }
720         nbuf = (unsigned char *) kmalloc(len + 4, GFP_ATOMIC);
721         if (!nbuf) {
722                 printk(KERN_WARNING "ippp: Can't alloc buf\n");
723                 return 0;
724         }
725         nbuf[0] = PPP_ALLSTATIONS;
726         nbuf[1] = PPP_UI;
727         nbuf[2] = proto >> 8;
728         nbuf[3] = proto & 0xff;
729         memcpy(nbuf + 4, buf, len);
730
731         spin_lock_irqsave(&is->buflock, flags);
732         bf = is->first;
733         bl = is->last;
734
735         if (bf == bl) {
736                 printk(KERN_WARNING "ippp: Queue is full; discarding first buffer\n");
737                 bf = bf->next;
738                 kfree(bf->buf);
739                 is->first = bf;
740         }
741         bl->buf = (char *) nbuf;
742         bl->len = len + 4;
743
744         is->last = bl->next;
745         spin_unlock_irqrestore(&is->buflock, flags);
746         wake_up_interruptible(&is->wq);
747         return len;
748 }
749
750 /*
751  * read() .. non-blocking: ipppd calls it only after select()
752  *           reports, that there is data
753  */
754
755 int
756 isdn_ppp_read(int min, struct file *file, char __user *buf, int count)
757 {
758         struct ippp_struct *is;
759         struct ippp_buf_queue *b;
760         u_long flags;
761         u_char *save_buf;
762
763         is = file->private_data;
764
765         if (!(is->state & IPPP_OPEN))
766                 return 0;
767
768         if (!access_ok(VERIFY_WRITE, buf, count))
769                 return -EFAULT;
770
771         spin_lock_irqsave(&is->buflock, flags);
772         b = is->first->next;
773         save_buf = b->buf;
774         if (!save_buf) {
775                 spin_unlock_irqrestore(&is->buflock, flags);
776                 return -EAGAIN;
777         }
778         if (b->len < count)
779                 count = b->len;
780         b->buf = NULL;
781         is->first = b;
782
783         spin_unlock_irqrestore(&is->buflock, flags);
784         if (copy_to_user(buf, save_buf, count))
785                 count = -EFAULT;
786         kfree(save_buf);
787
788         return count;
789 }
790
791 /*
792  * ipppd wanna write a packet to the card .. non-blocking
793  */
794
795 int
796 isdn_ppp_write(int min, struct file *file, const char __user *buf, int count)
797 {
798         isdn_net_local *lp;
799         struct ippp_struct *is;
800         int proto;
801         unsigned char protobuf[4];
802
803         is = file->private_data;
804
805         if (!(is->state & IPPP_CONNECT))
806                 return 0;
807
808         lp = is->lp;
809
810         /* -> push it directly to the lowlevel interface */
811
812         if (!lp)
813                 printk(KERN_DEBUG "isdn_ppp_write: lp == NULL\n");
814         else {
815                 /*
816                  * Don't reset huptimer for
817                  * LCP packets. (Echo requests).
818                  */
819                 if (copy_from_user(protobuf, buf, 4))
820                         return -EFAULT;
821                 proto = PPP_PROTOCOL(protobuf);
822                 if (proto != PPP_LCP)
823                         lp->huptimer = 0;
824
825                 if (lp->isdn_device < 0 || lp->isdn_channel < 0)
826                         return 0;
827
828                 if ((dev->drv[lp->isdn_device]->flags & DRV_FLAG_RUNNING) &&
829                         lp->dialstate == 0 &&
830                     (lp->flags & ISDN_NET_CONNECTED)) {
831                         unsigned short hl;
832                         struct sk_buff *skb;
833                         /*
834                          * we need to reserve enought space in front of
835                          * sk_buff. old call to dev_alloc_skb only reserved
836                          * 16 bytes, now we are looking what the driver want
837                          */
838                         hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen;
839                         skb = alloc_skb(hl+count, GFP_ATOMIC);
840                         if (!skb) {
841                                 printk(KERN_WARNING "isdn_ppp_write: out of memory!\n");
842                                 return count;
843                         }
844                         skb_reserve(skb, hl);
845                         if (copy_from_user(skb_put(skb, count), buf, count))
846                         {
847                                 kfree_skb(skb);
848                                 return -EFAULT;
849                         }
850                         if (is->debug & 0x40) {
851                                 printk(KERN_DEBUG "ppp xmit: len %d\n", (int) skb->len);
852                                 isdn_ppp_frame_log("xmit", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
853                         }
854
855                         isdn_ppp_send_ccp(lp->netdev,lp,skb); /* keeps CCP/compression states in sync */
856
857                         isdn_net_write_super(lp, skb);
858                 }
859         }
860         return count;
861 }
862
863 /*
864  * init memory, structures etc.
865  */
866
867 int
868 isdn_ppp_init(void)
869 {
870         int i,
871          j;
872          
873 #ifdef CONFIG_ISDN_MPP
874         if( isdn_ppp_mp_bundle_array_init() < 0 )
875                 return -ENOMEM;
876 #endif /* CONFIG_ISDN_MPP */
877
878         for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
879                 if (!(ippp_table[i] = (struct ippp_struct *)
880                       kmalloc(sizeof(struct ippp_struct), GFP_KERNEL))) {
881                         printk(KERN_WARNING "isdn_ppp_init: Could not alloc ippp_table\n");
882                         for (j = 0; j < i; j++)
883                                 kfree(ippp_table[j]);
884                         return -1;
885                 }
886                 memset((char *) ippp_table[i], 0, sizeof(struct ippp_struct));
887                 spin_lock_init(&ippp_table[i]->buflock);
888                 ippp_table[i]->state = 0;
889                 ippp_table[i]->first = ippp_table[i]->rq + NUM_RCV_BUFFS - 1;
890                 ippp_table[i]->last = ippp_table[i]->rq;
891
892                 for (j = 0; j < NUM_RCV_BUFFS; j++) {
893                         ippp_table[i]->rq[j].buf = NULL;
894                         ippp_table[i]->rq[j].last = ippp_table[i]->rq +
895                             (NUM_RCV_BUFFS + j - 1) % NUM_RCV_BUFFS;
896                         ippp_table[i]->rq[j].next = ippp_table[i]->rq + (j + 1) % NUM_RCV_BUFFS;
897                 }
898         }
899         return 0;
900 }
901
902 void
903 isdn_ppp_cleanup(void)
904 {
905         int i;
906
907         for (i = 0; i < ISDN_MAX_CHANNELS; i++)
908                 kfree(ippp_table[i]);
909
910 #ifdef CONFIG_ISDN_MPP
911         kfree(isdn_ppp_bundle_arr);
912 #endif /* CONFIG_ISDN_MPP */
913
914 }
915
916 /*
917  * check for address/control field and skip if allowed
918  * retval != 0 -> discard packet silently
919  */
920 static int isdn_ppp_skip_ac(struct ippp_struct *is, struct sk_buff *skb) 
921 {
922         if (skb->len < 1)
923                 return -1;
924
925         if (skb->data[0] == 0xff) {
926                 if (skb->len < 2)
927                         return -1;
928
929                 if (skb->data[1] != 0x03)
930                         return -1;
931
932                 // skip address/control (AC) field
933                 skb_pull(skb, 2);
934         } else { 
935                 if (is->pppcfg & SC_REJ_COMP_AC)
936                         // if AC compression was not negotiated, but used, discard packet
937                         return -1;
938         }
939         return 0;
940 }
941
942 /*
943  * get the PPP protocol header and pull skb
944  * retval < 0 -> discard packet silently
945  */
946 static int isdn_ppp_strip_proto(struct sk_buff *skb) 
947 {
948         int proto;
949         
950         if (skb->len < 1)
951                 return -1;
952
953         if (skb->data[0] & 0x1) {
954                 // protocol field is compressed
955                 proto = skb->data[0];
956                 skb_pull(skb, 1);
957         } else {
958                 if (skb->len < 2)
959                         return -1;
960                 proto = ((int) skb->data[0] << 8) + skb->data[1];
961                 skb_pull(skb, 2);
962         }
963         return proto;
964 }
965
966
967 /*
968  * handler for incoming packets on a syncPPP interface
969  */
970 void isdn_ppp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, struct sk_buff *skb)
971 {
972         struct ippp_struct *is;
973         int slot;
974         int proto;
975
976         BUG_ON(net_dev->local->master); // we're called with the master device always
977
978         slot = lp->ppp_slot;
979         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
980                 printk(KERN_ERR "isdn_ppp_receive: lp->ppp_slot(%d)\n",
981                         lp->ppp_slot);
982                 kfree_skb(skb);
983                 return;
984         }
985         is = ippp_table[slot];
986
987         if (is->debug & 0x4) {
988                 printk(KERN_DEBUG "ippp_receive: is:%08lx lp:%08lx slot:%d unit:%d len:%d\n",
989                        (long)is,(long)lp,lp->ppp_slot,is->unit,(int) skb->len);
990                 isdn_ppp_frame_log("receive", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
991         }
992
993         if (isdn_ppp_skip_ac(is, skb) < 0) {
994                 kfree_skb(skb);
995                 return;
996         }
997         proto = isdn_ppp_strip_proto(skb);
998         if (proto < 0) {
999                 kfree_skb(skb);
1000                 return;
1001         }
1002   
1003 #ifdef CONFIG_ISDN_MPP
1004         if (is->compflags & SC_LINK_DECOMP_ON) {
1005                 skb = isdn_ppp_decompress(skb, is, NULL, &proto);
1006                 if (!skb) // decompression error
1007                         return;
1008         }
1009         
1010         if (!(is->mpppcfg & SC_REJ_MP_PROT)) { // we agreed to receive MPPP
1011                 if (proto == PPP_MP) {
1012                         isdn_ppp_mp_receive(net_dev, lp, skb);
1013                         return;
1014                 }
1015         } 
1016 #endif
1017         isdn_ppp_push_higher(net_dev, lp, skb, proto);
1018 }
1019
1020 /*
1021  * we receive a reassembled frame, MPPP has been taken care of before.
1022  * address/control and protocol have been stripped from the skb
1023  * note: net_dev has to be master net_dev
1024  */
1025 static void
1026 isdn_ppp_push_higher(isdn_net_dev * net_dev, isdn_net_local * lp, struct sk_buff *skb, int proto)
1027 {
1028         struct net_device *dev = &net_dev->dev;
1029         struct ippp_struct *is, *mis;
1030         isdn_net_local *mlp = NULL;
1031         int slot;
1032
1033         slot = lp->ppp_slot;
1034         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1035                 printk(KERN_ERR "isdn_ppp_push_higher: lp->ppp_slot(%d)\n",
1036                         lp->ppp_slot);
1037                 goto drop_packet;
1038         }
1039         is = ippp_table[slot];
1040         
1041         if (lp->master) { // FIXME?
1042                 mlp = (isdn_net_local *) lp->master->priv;
1043                 slot = mlp->ppp_slot;
1044                 if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1045                         printk(KERN_ERR "isdn_ppp_push_higher: master->ppp_slot(%d)\n",
1046                                 lp->ppp_slot);
1047                         goto drop_packet;
1048                 }
1049         }
1050         mis = ippp_table[slot];
1051
1052         if (is->debug & 0x10) {
1053                 printk(KERN_DEBUG "push, skb %d %04x\n", (int) skb->len, proto);
1054                 isdn_ppp_frame_log("rpush", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
1055         }
1056         if (mis->compflags & SC_DECOMP_ON) {
1057                 skb = isdn_ppp_decompress(skb, is, mis, &proto);
1058                 if (!skb) // decompression error
1059                         return;
1060         }
1061         switch (proto) {
1062                 case PPP_IPX:  /* untested */
1063                         if (is->debug & 0x20)
1064                                 printk(KERN_DEBUG "isdn_ppp: IPX\n");
1065                         skb->protocol = htons(ETH_P_IPX);
1066                         break;
1067                 case PPP_IP:
1068                         if (is->debug & 0x20)
1069                                 printk(KERN_DEBUG "isdn_ppp: IP\n");
1070                         skb->protocol = htons(ETH_P_IP);
1071                         break;
1072                 case PPP_COMP:
1073                 case PPP_COMPFRAG:
1074                         printk(KERN_INFO "isdn_ppp: unexpected compressed frame dropped\n");
1075                         goto drop_packet;
1076 #ifdef CONFIG_ISDN_PPP_VJ
1077                 case PPP_VJC_UNCOMP:
1078                         if (is->debug & 0x20)
1079                                 printk(KERN_DEBUG "isdn_ppp: VJC_UNCOMP\n");
1080                         if (net_dev->local->ppp_slot < 0) {
1081                                 printk(KERN_ERR "%s: net_dev->local->ppp_slot(%d) out of range\n",
1082                                         __FUNCTION__, net_dev->local->ppp_slot);
1083                                 goto drop_packet;
1084                         }
1085                         if (slhc_remember(ippp_table[net_dev->local->ppp_slot]->slcomp, skb->data, skb->len) <= 0) {
1086                                 printk(KERN_WARNING "isdn_ppp: received illegal VJC_UNCOMP frame!\n");
1087                                 goto drop_packet;
1088                         }
1089                         skb->protocol = htons(ETH_P_IP);
1090                         break;
1091                 case PPP_VJC_COMP:
1092                         if (is->debug & 0x20)
1093                                 printk(KERN_DEBUG "isdn_ppp: VJC_COMP\n");
1094                         {
1095                                 struct sk_buff *skb_old = skb;
1096                                 int pkt_len;
1097                                 skb = dev_alloc_skb(skb_old->len + 128);
1098
1099                                 if (!skb) {
1100                                         printk(KERN_WARNING "%s: Memory squeeze, dropping packet.\n", dev->name);
1101                                         skb = skb_old;
1102                                         goto drop_packet;
1103                                 }
1104                                 skb_put(skb, skb_old->len + 128);
1105                                 memcpy(skb->data, skb_old->data, skb_old->len);
1106                                 if (net_dev->local->ppp_slot < 0) {
1107                                         printk(KERN_ERR "%s: net_dev->local->ppp_slot(%d) out of range\n",
1108                                                 __FUNCTION__, net_dev->local->ppp_slot);
1109                                         goto drop_packet;
1110                                 }
1111                                 pkt_len = slhc_uncompress(ippp_table[net_dev->local->ppp_slot]->slcomp,
1112                                                 skb->data, skb_old->len);
1113                                 kfree_skb(skb_old);
1114                                 if (pkt_len < 0)
1115                                         goto drop_packet;
1116
1117                                 skb_trim(skb, pkt_len);
1118                                 skb->protocol = htons(ETH_P_IP);
1119                         }
1120                         break;
1121 #endif
1122                 case PPP_CCP:
1123                 case PPP_CCPFRAG:
1124                         isdn_ppp_receive_ccp(net_dev,lp,skb,proto);
1125                         /* Dont pop up ResetReq/Ack stuff to the daemon any
1126                            longer - the job is done already */
1127                         if(skb->data[0] == CCP_RESETREQ ||
1128                            skb->data[0] == CCP_RESETACK)
1129                                 break;
1130                         /* fall through */
1131                 default:
1132                         isdn_ppp_fill_rq(skb->data, skb->len, proto, lp->ppp_slot);     /* push data to pppd device */
1133                         kfree_skb(skb);
1134                         return;
1135         }
1136
1137 #ifdef CONFIG_IPPP_FILTER
1138         /* check if the packet passes the pass and active filters
1139          * the filter instructions are constructed assuming
1140          * a four-byte PPP header on each packet (which is still present) */
1141         skb_push(skb, 4);
1142
1143         {
1144                 u_int16_t *p = (u_int16_t *) skb->data;
1145
1146                 *p = 0; /* indicate inbound */
1147         }
1148
1149         if (is->pass_filter
1150             && sk_run_filter(skb, is->pass_filter, is->pass_len) == 0) {
1151                 if (is->debug & 0x2)
1152                         printk(KERN_DEBUG "IPPP: inbound frame filtered.\n");
1153                 kfree_skb(skb);
1154                 return;
1155         }
1156         if (!(is->active_filter
1157               && sk_run_filter(skb, is->active_filter,
1158                                is->active_len) == 0)) {
1159                 if (is->debug & 0x2)
1160                         printk(KERN_DEBUG "IPPP: link-active filter: reseting huptimer.\n");
1161                 lp->huptimer = 0;
1162                 if (mlp)
1163                         mlp->huptimer = 0;
1164         }
1165         skb_pull(skb, 4);
1166 #else /* CONFIG_IPPP_FILTER */
1167         lp->huptimer = 0;
1168         if (mlp)
1169                 mlp->huptimer = 0;
1170 #endif /* CONFIG_IPPP_FILTER */
1171         skb->dev = dev;
1172         skb->mac.raw = skb->data;
1173         netif_rx(skb);
1174         /* net_dev->local->stats.rx_packets++; done in isdn_net.c */
1175         return;
1176
1177  drop_packet:
1178         net_dev->local->stats.rx_dropped++;
1179         kfree_skb(skb);
1180 }
1181
1182 /*
1183  * isdn_ppp_skb_push ..
1184  * checks whether we have enough space at the beginning of the skb
1185  * and allocs a new SKB if necessary
1186  */
1187 static unsigned char *isdn_ppp_skb_push(struct sk_buff **skb_p,int len)
1188 {
1189         struct sk_buff *skb = *skb_p;
1190
1191         if(skb_headroom(skb) < len) {
1192                 struct sk_buff *nskb = skb_realloc_headroom(skb, len);
1193
1194                 if (!nskb) {
1195                         printk(KERN_ERR "isdn_ppp_skb_push: can't realloc headroom!\n");
1196                         dev_kfree_skb(skb);
1197                         return NULL;
1198                 }
1199                 printk(KERN_DEBUG "isdn_ppp_skb_push:under %d %d\n",skb_headroom(skb),len);
1200                 dev_kfree_skb(skb);
1201                 *skb_p = nskb;
1202                 return skb_push(nskb, len);
1203         }
1204         return skb_push(skb,len);
1205 }
1206
1207 /*
1208  * send ppp frame .. we expect a PIDCOMPressable proto --
1209  *  (here: currently always PPP_IP,PPP_VJC_COMP,PPP_VJC_UNCOMP)
1210  *
1211  * VJ compression may change skb pointer!!! .. requeue with old
1212  * skb isn't allowed!!
1213  */
1214
1215 int
1216 isdn_ppp_xmit(struct sk_buff *skb, struct net_device *netdev)
1217 {
1218         isdn_net_local *lp,*mlp;
1219         isdn_net_dev *nd;
1220         unsigned int proto = PPP_IP;     /* 0x21 */
1221         struct ippp_struct *ipt,*ipts;
1222         int slot, retval = 0;
1223
1224         mlp = (isdn_net_local *) (netdev->priv);
1225         nd = mlp->netdev;       /* get master lp */
1226
1227         slot = mlp->ppp_slot;
1228         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1229                 printk(KERN_ERR "isdn_ppp_xmit: lp->ppp_slot(%d)\n",
1230                         mlp->ppp_slot);
1231                 kfree_skb(skb);
1232                 goto out;
1233         }
1234         ipts = ippp_table[slot];
1235
1236         if (!(ipts->pppcfg & SC_ENABLE_IP)) {   /* PPP connected ? */
1237                 if (ipts->debug & 0x1)
1238                         printk(KERN_INFO "%s: IP frame delayed.\n", netdev->name);
1239                 retval = 1;
1240                 goto out;
1241         }
1242
1243         switch (ntohs(skb->protocol)) {
1244                 case ETH_P_IP:
1245                         proto = PPP_IP;
1246                         break;
1247                 case ETH_P_IPX:
1248                         proto = PPP_IPX;        /* untested */
1249                         break;
1250                 default:
1251                         printk(KERN_ERR "isdn_ppp: skipped unsupported protocol: %#x.\n", 
1252                                skb->protocol);
1253                         dev_kfree_skb(skb);
1254                         goto out;
1255         }
1256
1257         lp = isdn_net_get_locked_lp(nd);
1258         if (!lp) {
1259                 printk(KERN_WARNING "%s: all channels busy - requeuing!\n", netdev->name);
1260                 retval = 1;
1261                 goto out;
1262         }
1263         /* we have our lp locked from now on */
1264
1265         slot = lp->ppp_slot;
1266         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1267                 printk(KERN_ERR "isdn_ppp_xmit: lp->ppp_slot(%d)\n",
1268                         lp->ppp_slot);
1269                 kfree_skb(skb);
1270                 goto unlock;
1271         }
1272         ipt = ippp_table[slot];
1273
1274         /*
1275          * after this line .. requeueing in the device queue is no longer allowed!!!
1276          */
1277
1278         /* Pull off the fake header we stuck on earlier to keep
1279          * the fragmentation code happy.
1280          */
1281         skb_pull(skb,IPPP_MAX_HEADER);
1282
1283 #ifdef CONFIG_IPPP_FILTER
1284         /* check if we should pass this packet
1285          * the filter instructions are constructed assuming
1286          * a four-byte PPP header on each packet */
1287         *skb_push(skb, 4) = 1; /* indicate outbound */
1288
1289         {
1290                 u_int16_t *p = (u_int16_t *) skb->data;
1291
1292                 p++;
1293                 *p   = htons(proto);
1294         }
1295
1296         if (ipt->pass_filter
1297             && sk_run_filter(skb, ipt->pass_filter, ipt->pass_len) == 0) {
1298                 if (ipt->debug & 0x4)
1299                         printk(KERN_DEBUG "IPPP: outbound frame filtered.\n");
1300                 kfree_skb(skb);
1301                 goto unlock;
1302         }
1303         if (!(ipt->active_filter
1304               && sk_run_filter(skb, ipt->active_filter,
1305                                ipt->active_len) == 0)) {
1306                 if (ipt->debug & 0x4)
1307                         printk(KERN_DEBUG "IPPP: link-active filter: reseting huptimer.\n");
1308                 lp->huptimer = 0;
1309         }
1310         skb_pull(skb, 4);
1311 #else /* CONFIG_IPPP_FILTER */
1312         lp->huptimer = 0;
1313 #endif /* CONFIG_IPPP_FILTER */
1314
1315         if (ipt->debug & 0x4)
1316                 printk(KERN_DEBUG "xmit skb, len %d\n", (int) skb->len);
1317         if (ipts->debug & 0x40)
1318                 isdn_ppp_frame_log("xmit0", skb->data, skb->len, 32,ipts->unit,lp->ppp_slot);
1319
1320 #ifdef CONFIG_ISDN_PPP_VJ
1321         if (proto == PPP_IP && ipts->pppcfg & SC_COMP_TCP) {    /* ipts here? probably yes, but check this again */
1322                 struct sk_buff *new_skb;
1323                 unsigned short hl;
1324                 /*
1325                  * we need to reserve enought space in front of
1326                  * sk_buff. old call to dev_alloc_skb only reserved
1327                  * 16 bytes, now we are looking what the driver want.
1328                  */
1329                 hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen + IPPP_MAX_HEADER;
1330                 /* 
1331                  * Note: hl might still be insufficient because the method
1332                  * above does not account for a possibible MPPP slave channel
1333                  * which had larger HL header space requirements than the
1334                  * master.
1335                  */
1336                 new_skb = alloc_skb(hl+skb->len, GFP_ATOMIC);
1337                 if (new_skb) {
1338                         u_char *buf;
1339                         int pktlen;
1340
1341                         skb_reserve(new_skb, hl);
1342                         new_skb->dev = skb->dev;
1343                         skb_put(new_skb, skb->len);
1344                         buf = skb->data;
1345
1346                         pktlen = slhc_compress(ipts->slcomp, skb->data, skb->len, new_skb->data,
1347                                  &buf, !(ipts->pppcfg & SC_NO_TCP_CCID));
1348
1349                         if (buf != skb->data) { 
1350                                 if (new_skb->data != buf)
1351                                         printk(KERN_ERR "isdn_ppp: FATAL error after slhc_compress!!\n");
1352                                 dev_kfree_skb(skb);
1353                                 skb = new_skb;
1354                         } else {
1355                                 dev_kfree_skb(new_skb);
1356                         }
1357
1358                         skb_trim(skb, pktlen);
1359                         if (skb->data[0] & SL_TYPE_COMPRESSED_TCP) {    /* cslip? style -> PPP */
1360                                 proto = PPP_VJC_COMP;
1361                                 skb->data[0] ^= SL_TYPE_COMPRESSED_TCP;
1362                         } else {
1363                                 if (skb->data[0] >= SL_TYPE_UNCOMPRESSED_TCP)
1364                                         proto = PPP_VJC_UNCOMP;
1365                                 skb->data[0] = (skb->data[0] & 0x0f) | 0x40;
1366                         }
1367                 }
1368         }
1369 #endif
1370
1371         /*
1372          * normal (single link) or bundle compression
1373          */
1374         if(ipts->compflags & SC_COMP_ON) {
1375                 /* We send compressed only if both down- und upstream
1376                    compression is negotiated, that means, CCP is up */
1377                 if(ipts->compflags & SC_DECOMP_ON) {
1378                         skb = isdn_ppp_compress(skb,&proto,ipt,ipts,0);
1379                 } else {
1380                         printk(KERN_DEBUG "isdn_ppp: CCP not yet up - sending as-is\n");
1381                 }
1382         }
1383
1384         if (ipt->debug & 0x24)
1385                 printk(KERN_DEBUG "xmit2 skb, len %d, proto %04x\n", (int) skb->len, proto);
1386
1387 #ifdef CONFIG_ISDN_MPP
1388         if (ipt->mpppcfg & SC_MP_PROT) {
1389                 /* we get mp_seqno from static isdn_net_local */
1390                 long mp_seqno = ipts->mp_seqno;
1391                 ipts->mp_seqno++;
1392                 if (ipt->mpppcfg & SC_OUT_SHORT_SEQ) {
1393                         unsigned char *data = isdn_ppp_skb_push(&skb, 3);
1394                         if(!data)
1395                                 goto unlock;
1396                         mp_seqno &= 0xfff;
1397                         data[0] = MP_BEGIN_FRAG | MP_END_FRAG | ((mp_seqno >> 8) & 0xf);        /* (B)egin & (E)ndbit .. */
1398                         data[1] = mp_seqno & 0xff;
1399                         data[2] = proto;        /* PID compression */
1400                 } else {
1401                         unsigned char *data = isdn_ppp_skb_push(&skb, 5);
1402                         if(!data)
1403                                 goto unlock;
1404                         data[0] = MP_BEGIN_FRAG | MP_END_FRAG;  /* (B)egin & (E)ndbit .. */
1405                         data[1] = (mp_seqno >> 16) & 0xff;      /* sequence number: 24bit */
1406                         data[2] = (mp_seqno >> 8) & 0xff;
1407                         data[3] = (mp_seqno >> 0) & 0xff;
1408                         data[4] = proto;        /* PID compression */
1409                 }
1410                 proto = PPP_MP; /* MP Protocol, 0x003d */
1411         }
1412 #endif
1413
1414         /*
1415          * 'link in bundle' compression  ...
1416          */
1417         if(ipt->compflags & SC_LINK_COMP_ON)
1418                 skb = isdn_ppp_compress(skb,&proto,ipt,ipts,1);
1419
1420         if( (ipt->pppcfg & SC_COMP_PROT) && (proto <= 0xff) ) {
1421                 unsigned char *data = isdn_ppp_skb_push(&skb,1);
1422                 if(!data)
1423                         goto unlock;
1424                 data[0] = proto & 0xff;
1425         }
1426         else {
1427                 unsigned char *data = isdn_ppp_skb_push(&skb,2);
1428                 if(!data)
1429                         goto unlock;
1430                 data[0] = (proto >> 8) & 0xff;
1431                 data[1] = proto & 0xff;
1432         }
1433         if(!(ipt->pppcfg & SC_COMP_AC)) {
1434                 unsigned char *data = isdn_ppp_skb_push(&skb,2);
1435                 if(!data)
1436                         goto unlock;
1437                 data[0] = 0xff;    /* All Stations */
1438                 data[1] = 0x03;    /* Unnumbered information */
1439         }
1440
1441         /* tx-stats are now updated via BSENT-callback */
1442
1443         if (ipts->debug & 0x40) {
1444                 printk(KERN_DEBUG "skb xmit: len: %d\n", (int) skb->len);
1445                 isdn_ppp_frame_log("xmit", skb->data, skb->len, 32,ipt->unit,lp->ppp_slot);
1446         }
1447         
1448         isdn_net_writebuf_skb(lp, skb);
1449
1450  unlock:
1451         spin_unlock_bh(&lp->xmit_lock);
1452  out:
1453         return retval;
1454 }
1455
1456 #ifdef CONFIG_IPPP_FILTER
1457 /*
1458  * check if this packet may trigger auto-dial.
1459  */
1460
1461 int isdn_ppp_autodial_filter(struct sk_buff *skb, isdn_net_local *lp)
1462 {
1463         struct ippp_struct *is = ippp_table[lp->ppp_slot];
1464         u_int16_t proto;
1465         int drop = 0;
1466
1467         switch (ntohs(skb->protocol)) {
1468         case ETH_P_IP:
1469                 proto = PPP_IP;
1470                 break;
1471         case ETH_P_IPX:
1472                 proto = PPP_IPX;
1473                 break;
1474         default:
1475                 printk(KERN_ERR "isdn_ppp_autodial_filter: unsupported protocol 0x%x.\n",
1476                        skb->protocol);
1477                 return 1;
1478         }
1479
1480         /* the filter instructions are constructed assuming
1481          * a four-byte PPP header on each packet. we have to
1482          * temporarily remove part of the fake header stuck on
1483          * earlier.
1484          */
1485         *skb_pull(skb, IPPP_MAX_HEADER - 4) = 1; /* indicate outbound */
1486
1487         {
1488                 u_int16_t *p = (u_int16_t *) skb->data;
1489
1490                 p++;
1491                 *p   = htons(proto);
1492         }
1493         
1494         drop |= is->pass_filter
1495                 && sk_run_filter(skb, is->pass_filter, is->pass_len) == 0;
1496         drop |= is->active_filter
1497                 && sk_run_filter(skb, is->active_filter, is->active_len) == 0;
1498         
1499         skb_push(skb, IPPP_MAX_HEADER - 4);
1500         return drop;
1501 }
1502 #endif
1503 #ifdef CONFIG_ISDN_MPP
1504
1505 /* this is _not_ rfc1990 header, but something we convert both short and long
1506  * headers to for convinience's sake:
1507  *      byte 0 is flags as in rfc1990
1508  *      bytes 1...4 is 24-bit seqence number converted to host byte order 
1509  */
1510 #define MP_HEADER_LEN   5
1511
1512 #define MP_LONGSEQ_MASK         0x00ffffff
1513 #define MP_SHORTSEQ_MASK        0x00000fff
1514 #define MP_LONGSEQ_MAX          MP_LONGSEQ_MASK
1515 #define MP_SHORTSEQ_MAX         MP_SHORTSEQ_MASK
1516 #define MP_LONGSEQ_MAXBIT       ((MP_LONGSEQ_MASK+1)>>1)
1517 #define MP_SHORTSEQ_MAXBIT      ((MP_SHORTSEQ_MASK+1)>>1)
1518
1519 /* sequence-wrap safe comparisions (for long sequence)*/ 
1520 #define MP_LT(a,b)      ((a-b)&MP_LONGSEQ_MAXBIT)
1521 #define MP_LE(a,b)      !((b-a)&MP_LONGSEQ_MAXBIT)
1522 #define MP_GT(a,b)      ((b-a)&MP_LONGSEQ_MAXBIT)
1523 #define MP_GE(a,b)      !((a-b)&MP_LONGSEQ_MAXBIT)
1524
1525 #define MP_SEQ(f)       ((*(u32*)(f->data+1)))
1526 #define MP_FLAGS(f)     (f->data[0])
1527
1528 static int isdn_ppp_mp_bundle_array_init(void)
1529 {
1530         int i;
1531         int sz = ISDN_MAX_CHANNELS*sizeof(ippp_bundle);
1532         if( (isdn_ppp_bundle_arr = (ippp_bundle*)kmalloc(sz, 
1533                                                         GFP_KERNEL)) == NULL )
1534                 return -ENOMEM;
1535         memset(isdn_ppp_bundle_arr, 0, sz);
1536         for( i = 0; i < ISDN_MAX_CHANNELS; i++ )
1537                 spin_lock_init(&isdn_ppp_bundle_arr[i].lock);
1538         return 0;
1539 }
1540
1541 static ippp_bundle * isdn_ppp_mp_bundle_alloc(void)
1542 {
1543         int i;
1544         for( i = 0; i < ISDN_MAX_CHANNELS; i++ )
1545                 if (isdn_ppp_bundle_arr[i].ref_ct <= 0)
1546                         return (isdn_ppp_bundle_arr + i);
1547         return NULL;
1548 }
1549
1550 static int isdn_ppp_mp_init( isdn_net_local * lp, ippp_bundle * add_to )
1551 {
1552         struct ippp_struct * is;
1553
1554         if (lp->ppp_slot < 0) {
1555                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
1556                         __FUNCTION__, lp->ppp_slot);
1557                 return(-EINVAL);
1558         }
1559
1560         is = ippp_table[lp->ppp_slot];
1561         if (add_to) {
1562                 if( lp->netdev->pb )
1563                         lp->netdev->pb->ref_ct--;
1564                 lp->netdev->pb = add_to;
1565         } else {                /* first link in a bundle */
1566                 is->mp_seqno = 0;
1567                 if ((lp->netdev->pb = isdn_ppp_mp_bundle_alloc()) == NULL)
1568                         return -ENOMEM;
1569                 lp->next = lp->last = lp;       /* nobody else in a queue */
1570                 lp->netdev->pb->frags = NULL;
1571                 lp->netdev->pb->frames = 0;
1572                 lp->netdev->pb->seq = UINT_MAX;
1573         }
1574         lp->netdev->pb->ref_ct++;
1575         
1576         is->last_link_seqno = 0;
1577         return 0;
1578 }
1579
1580 static u32 isdn_ppp_mp_get_seq( int short_seq, 
1581                                         struct sk_buff * skb, u32 last_seq );
1582 static struct sk_buff * isdn_ppp_mp_discard( ippp_bundle * mp,
1583                         struct sk_buff * from, struct sk_buff * to );
1584 static void isdn_ppp_mp_reassembly( isdn_net_dev * net_dev, isdn_net_local * lp,
1585                                 struct sk_buff * from, struct sk_buff * to );
1586 static void isdn_ppp_mp_free_skb( ippp_bundle * mp, struct sk_buff * skb );
1587 static void isdn_ppp_mp_print_recv_pkt( int slot, struct sk_buff * skb );
1588
1589 static void isdn_ppp_mp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, 
1590                                                         struct sk_buff *skb)
1591 {
1592         struct ippp_struct *is;
1593         isdn_net_local * lpq;
1594         ippp_bundle * mp;
1595         isdn_mppp_stats * stats;
1596         struct sk_buff * newfrag, * frag, * start, *nextf;
1597         u32 newseq, minseq, thisseq;
1598         unsigned long flags;
1599         int slot;
1600
1601         spin_lock_irqsave(&net_dev->pb->lock, flags);
1602         mp = net_dev->pb;
1603         stats = &mp->stats;
1604         slot = lp->ppp_slot;
1605         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1606                 printk(KERN_ERR "%s: lp->ppp_slot(%d)\n",
1607                         __FUNCTION__, lp->ppp_slot);
1608                 stats->frame_drops++;
1609                 dev_kfree_skb(skb);
1610                 spin_unlock_irqrestore(&mp->lock, flags);
1611                 return;
1612         }
1613         is = ippp_table[slot];
1614         if( ++mp->frames > stats->max_queue_len )
1615                 stats->max_queue_len = mp->frames;
1616         
1617         if (is->debug & 0x8)
1618                 isdn_ppp_mp_print_recv_pkt(lp->ppp_slot, skb);
1619
1620         newseq = isdn_ppp_mp_get_seq(is->mpppcfg & SC_IN_SHORT_SEQ, 
1621                                                 skb, is->last_link_seqno);
1622
1623
1624         /* if this packet seq # is less than last already processed one,
1625          * toss it right away, but check for sequence start case first 
1626          */
1627         if( mp->seq > MP_LONGSEQ_MAX && (newseq & MP_LONGSEQ_MAXBIT) ) {
1628                 mp->seq = newseq;       /* the first packet: required for
1629                                          * rfc1990 non-compliant clients --
1630                                          * prevents constant packet toss */
1631         } else if( MP_LT(newseq, mp->seq) ) {
1632                 stats->frame_drops++;
1633                 isdn_ppp_mp_free_skb(mp, skb);
1634                 spin_unlock_irqrestore(&mp->lock, flags);
1635                 return;
1636         }
1637         
1638         /* find the minimum received sequence number over all links */
1639         is->last_link_seqno = minseq = newseq;
1640         for (lpq = net_dev->queue;;) {
1641                 slot = lpq->ppp_slot;
1642                 if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1643                         printk(KERN_ERR "%s: lpq->ppp_slot(%d)\n",
1644                                 __FUNCTION__, lpq->ppp_slot);
1645                 } else {
1646                         u32 lls = ippp_table[slot]->last_link_seqno;
1647                         if (MP_LT(lls, minseq))
1648                                 minseq = lls;
1649                 }
1650                 if ((lpq = lpq->next) == net_dev->queue)
1651                         break;
1652         }
1653         if (MP_LT(minseq, mp->seq))
1654                 minseq = mp->seq;       /* can't go beyond already processed
1655                                          * packets */
1656         newfrag = skb;
1657
1658         /* if this new fragment is before the first one, then enqueue it now. */
1659         if ((frag = mp->frags) == NULL || MP_LT(newseq, MP_SEQ(frag))) {
1660                 newfrag->next = frag;
1661                 mp->frags = frag = newfrag;
1662                 newfrag = NULL;
1663         }
1664
1665         start = MP_FLAGS(frag) & MP_BEGIN_FRAG &&
1666                                 MP_SEQ(frag) == mp->seq ? frag : NULL;
1667
1668         /* 
1669          * main fragment traversing loop
1670          *
1671          * try to accomplish several tasks:
1672          * - insert new fragment into the proper sequence slot (once that's done
1673          *   newfrag will be set to NULL)
1674          * - reassemble any complete fragment sequence (non-null 'start'
1675          *   indicates there is a continguous sequence present)
1676          * - discard any incomplete sequences that are below minseq -- due
1677          *   to the fact that sender always increment sequence number, if there
1678          *   is an incomplete sequence below minseq, no new fragments would
1679          *   come to complete such sequence and it should be discarded
1680          *
1681          * loop completes when we accomplished the following tasks:
1682          * - new fragment is inserted in the proper sequence ('newfrag' is 
1683          *   set to NULL)
1684          * - we hit a gap in the sequence, so no reassembly/processing is 
1685          *   possible ('start' would be set to NULL)
1686          *
1687          * algorightm for this code is derived from code in the book
1688          * 'PPP Design And Debugging' by James Carlson (Addison-Wesley)
1689          */
1690         while (start != NULL || newfrag != NULL) {
1691
1692                 thisseq = MP_SEQ(frag);
1693                 nextf = frag->next;
1694
1695                 /* drop any duplicate fragments */
1696                 if (newfrag != NULL && thisseq == newseq) {
1697                         isdn_ppp_mp_free_skb(mp, newfrag);
1698                         newfrag = NULL;
1699                 }
1700
1701                 /* insert new fragment before next element if possible. */
1702                 if (newfrag != NULL && (nextf == NULL || 
1703                                                 MP_LT(newseq, MP_SEQ(nextf)))) {
1704                         newfrag->next = nextf;
1705                         frag->next = nextf = newfrag;
1706                         newfrag = NULL;
1707                 }
1708
1709                 if (start != NULL) {
1710                         /* check for misplaced start */
1711                         if (start != frag && (MP_FLAGS(frag) & MP_BEGIN_FRAG)) {
1712                                 printk(KERN_WARNING"isdn_mppp(seq %d): new "
1713                                       "BEGIN flag with no prior END", thisseq);
1714                                 stats->seqerrs++;
1715                                 stats->frame_drops++;
1716                                 start = isdn_ppp_mp_discard(mp, start,frag);
1717                                 nextf = frag->next;
1718                         }
1719                 } else if (MP_LE(thisseq, minseq)) {            
1720                         if (MP_FLAGS(frag) & MP_BEGIN_FRAG)
1721                                 start = frag;
1722                         else {
1723                                 if (MP_FLAGS(frag) & MP_END_FRAG)
1724                                         stats->frame_drops++;
1725                                 if( mp->frags == frag )
1726                                         mp->frags = nextf;      
1727                                 isdn_ppp_mp_free_skb(mp, frag);
1728                                 frag = nextf;
1729                                 continue;
1730                         }
1731                 }
1732                 
1733                 /* if start is non-null and we have end fragment, then
1734                  * we have full reassembly sequence -- reassemble 
1735                  * and process packet now
1736                  */
1737                 if (start != NULL && (MP_FLAGS(frag) & MP_END_FRAG)) {
1738                         minseq = mp->seq = (thisseq+1) & MP_LONGSEQ_MASK;
1739                         /* Reassemble the packet then dispatch it */
1740                         isdn_ppp_mp_reassembly(net_dev, lp, start, nextf);
1741       
1742                         start = NULL;
1743                         frag = NULL;
1744
1745                         mp->frags = nextf;
1746                 }
1747
1748                 /* check if need to update start pointer: if we just
1749                  * reassembled the packet and sequence is contiguous
1750                  * then next fragment should be the start of new reassembly
1751                  * if sequence is contiguous, but we haven't reassembled yet,
1752                  * keep going.
1753                  * if sequence is not contiguous, either clear everyting
1754                  * below low watermark and set start to the next frag or
1755                  * clear start ptr.
1756                  */ 
1757                 if (nextf != NULL && 
1758                     ((thisseq+1) & MP_LONGSEQ_MASK) == MP_SEQ(nextf)) {
1759                         /* if we just reassembled and the next one is here, 
1760                          * then start another reassembly. */
1761
1762                         if (frag == NULL) {
1763                                 if (MP_FLAGS(nextf) & MP_BEGIN_FRAG)
1764                                         start = nextf;
1765                                 else
1766                                 {
1767                                         printk(KERN_WARNING"isdn_mppp(seq %d):"
1768                                                 " END flag with no following "
1769                                                 "BEGIN", thisseq);
1770                                         stats->seqerrs++;
1771                                 }
1772                         }
1773
1774                 } else {
1775                         if ( nextf != NULL && frag != NULL &&
1776                                                 MP_LT(thisseq, minseq)) {
1777                                 /* we've got a break in the sequence
1778                                  * and we not at the end yet
1779                                  * and we did not just reassembled
1780                                  *(if we did, there wouldn't be anything before)
1781                                  * and we below the low watermark 
1782                                  * discard all the frames below low watermark 
1783                                  * and start over */
1784                                 stats->frame_drops++;
1785                                 mp->frags = isdn_ppp_mp_discard(mp,start,nextf);
1786                         }
1787                         /* break in the sequence, no reassembly */
1788                         start = NULL;
1789                 }
1790                                 
1791                 frag = nextf;
1792         }       /* while -- main loop */
1793         
1794         if (mp->frags == NULL)
1795                 mp->frags = frag;
1796                 
1797         /* rather straighforward way to deal with (not very) possible 
1798          * queue overflow */
1799         if (mp->frames > MP_MAX_QUEUE_LEN) {
1800                 stats->overflows++;
1801                 while (mp->frames > MP_MAX_QUEUE_LEN) {
1802                         frag = mp->frags->next;
1803                         isdn_ppp_mp_free_skb(mp, mp->frags);
1804                         mp->frags = frag;
1805                 }
1806         }
1807         spin_unlock_irqrestore(&mp->lock, flags);
1808 }
1809
1810 static void isdn_ppp_mp_cleanup( isdn_net_local * lp )
1811 {
1812         struct sk_buff * frag = lp->netdev->pb->frags;
1813         struct sk_buff * nextfrag;
1814         while( frag ) {
1815                 nextfrag = frag->next;
1816                 isdn_ppp_mp_free_skb(lp->netdev->pb, frag);
1817                 frag = nextfrag;
1818         }
1819         lp->netdev->pb->frags = NULL;
1820 }
1821
1822 static u32 isdn_ppp_mp_get_seq( int short_seq, 
1823                                         struct sk_buff * skb, u32 last_seq )
1824 {
1825         u32 seq;
1826         int flags = skb->data[0] & (MP_BEGIN_FRAG | MP_END_FRAG);
1827    
1828         if( !short_seq )
1829         {
1830                 seq = ntohl(*(u32*)skb->data) & MP_LONGSEQ_MASK;
1831                 skb_push(skb,1);
1832         }
1833         else
1834         {
1835                 /* convert 12-bit short seq number to 24-bit long one 
1836                 */
1837                 seq = ntohs(*(u16*)skb->data) & MP_SHORTSEQ_MASK;
1838         
1839                 /* check for seqence wrap */
1840                 if( !(seq &  MP_SHORTSEQ_MAXBIT) && 
1841                      (last_seq &  MP_SHORTSEQ_MAXBIT) && 
1842                      (unsigned long)last_seq <= MP_LONGSEQ_MAX )
1843                         seq |= (last_seq + MP_SHORTSEQ_MAX+1) & 
1844                                         (~MP_SHORTSEQ_MASK & MP_LONGSEQ_MASK);
1845                 else
1846                         seq |= last_seq & (~MP_SHORTSEQ_MASK & MP_LONGSEQ_MASK);
1847                 
1848                 skb_push(skb, 3);       /* put converted seqence back in skb */
1849         }
1850         *(u32*)(skb->data+1) = seq;     /* put seqence back in _host_ byte
1851                                          * order */
1852         skb->data[0] = flags;           /* restore flags */
1853         return seq;
1854 }
1855
1856 struct sk_buff * isdn_ppp_mp_discard( ippp_bundle * mp,
1857                         struct sk_buff * from, struct sk_buff * to )
1858 {
1859         if( from )
1860                 while (from != to) {
1861                         struct sk_buff * next = from->next;
1862                         isdn_ppp_mp_free_skb(mp, from);
1863                         from = next;
1864                 }
1865         return from;
1866 }
1867
1868 void isdn_ppp_mp_reassembly( isdn_net_dev * net_dev, isdn_net_local * lp,
1869                                 struct sk_buff * from, struct sk_buff * to )
1870 {
1871         ippp_bundle * mp = net_dev->pb;
1872         int proto;
1873         struct sk_buff * skb;
1874         unsigned int tot_len;
1875
1876         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
1877                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
1878                         __FUNCTION__, lp->ppp_slot);
1879                 return;
1880         }
1881         if( MP_FLAGS(from) == (MP_BEGIN_FRAG | MP_END_FRAG) ) {
1882                 if( ippp_table[lp->ppp_slot]->debug & 0x40 )
1883                         printk(KERN_DEBUG "isdn_mppp: reassembly: frame %d, "
1884                                         "len %d\n", MP_SEQ(from), from->len );
1885                 skb = from;
1886                 skb_pull(skb, MP_HEADER_LEN);
1887                 mp->frames--;   
1888         } else {
1889                 struct sk_buff * frag;
1890                 int n;
1891
1892                 for(tot_len=n=0, frag=from; frag != to; frag=frag->next, n++)
1893                         tot_len += frag->len - MP_HEADER_LEN;
1894
1895                 if( ippp_table[lp->ppp_slot]->debug & 0x40 )
1896                         printk(KERN_DEBUG"isdn_mppp: reassembling frames %d "
1897                                 "to %d, len %d\n", MP_SEQ(from), 
1898                                 (MP_SEQ(from)+n-1) & MP_LONGSEQ_MASK, tot_len );
1899                 if( (skb = dev_alloc_skb(tot_len)) == NULL ) {
1900                         printk(KERN_ERR "isdn_mppp: cannot allocate sk buff "
1901                                         "of size %d\n", tot_len);
1902                         isdn_ppp_mp_discard(mp, from, to);
1903                         return;
1904                 }
1905
1906                 while( from != to ) {
1907                         unsigned int len = from->len - MP_HEADER_LEN;
1908
1909                         memcpy(skb_put(skb,len), from->data+MP_HEADER_LEN, len);
1910                         frag = from->next;
1911                         isdn_ppp_mp_free_skb(mp, from);
1912                         from = frag; 
1913                 }
1914         }
1915         proto = isdn_ppp_strip_proto(skb);
1916         isdn_ppp_push_higher(net_dev, lp, skb, proto);
1917 }
1918
1919 static void isdn_ppp_mp_free_skb(ippp_bundle * mp, struct sk_buff * skb)
1920 {
1921         dev_kfree_skb(skb);
1922         mp->frames--;
1923 }
1924
1925 static void isdn_ppp_mp_print_recv_pkt( int slot, struct sk_buff * skb )
1926 {
1927         printk(KERN_DEBUG "mp_recv: %d/%d -> %02x %02x %02x %02x %02x %02x\n", 
1928                 slot, (int) skb->len, 
1929                 (int) skb->data[0], (int) skb->data[1], (int) skb->data[2],
1930                 (int) skb->data[3], (int) skb->data[4], (int) skb->data[5]);
1931 }
1932
1933 static int
1934 isdn_ppp_bundle(struct ippp_struct *is, int unit)
1935 {
1936         char ifn[IFNAMSIZ + 1];
1937         isdn_net_dev *p;
1938         isdn_net_local *lp, *nlp;
1939         int rc;
1940         unsigned long flags;
1941
1942         sprintf(ifn, "ippp%d", unit);
1943         p = isdn_net_findif(ifn);
1944         if (!p) {
1945                 printk(KERN_ERR "ippp_bundle: cannot find %s\n", ifn);
1946                 return -EINVAL;
1947         }
1948
1949         spin_lock_irqsave(&p->pb->lock, flags);
1950
1951         nlp = is->lp;
1952         lp = p->queue;
1953         if( nlp->ppp_slot < 0 || nlp->ppp_slot >= ISDN_MAX_CHANNELS ||
1954                 lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS ) {
1955                 printk(KERN_ERR "ippp_bundle: binding to invalid slot %d\n",
1956                         nlp->ppp_slot < 0 || nlp->ppp_slot >= ISDN_MAX_CHANNELS ? 
1957                         nlp->ppp_slot : lp->ppp_slot );
1958                 rc = -EINVAL;
1959                 goto out;
1960         }
1961
1962         isdn_net_add_to_bundle(p, nlp);
1963
1964         ippp_table[nlp->ppp_slot]->unit = ippp_table[lp->ppp_slot]->unit;
1965
1966         /* maybe also SC_CCP stuff */
1967         ippp_table[nlp->ppp_slot]->pppcfg |= ippp_table[lp->ppp_slot]->pppcfg &
1968                 (SC_ENABLE_IP | SC_NO_TCP_CCID | SC_REJ_COMP_TCP);
1969         ippp_table[nlp->ppp_slot]->mpppcfg |= ippp_table[lp->ppp_slot]->mpppcfg &
1970                 (SC_MP_PROT | SC_REJ_MP_PROT | SC_OUT_SHORT_SEQ | SC_IN_SHORT_SEQ);
1971         rc = isdn_ppp_mp_init(nlp, p->pb);
1972 out:
1973         spin_unlock_irqrestore(&p->pb->lock, flags);
1974         return rc;
1975 }
1976   
1977 #endif /* CONFIG_ISDN_MPP */
1978   
1979 /*
1980  * network device ioctl handlers
1981  */
1982
1983 static int
1984 isdn_ppp_dev_ioctl_stats(int slot, struct ifreq *ifr, struct net_device *dev)
1985 {
1986         struct ppp_stats __user *res = ifr->ifr_data;
1987         struct ppp_stats t;
1988         isdn_net_local *lp = (isdn_net_local *) dev->priv;
1989
1990         if (!access_ok(VERIFY_WRITE, res, sizeof(struct ppp_stats)))
1991                 return -EFAULT;
1992
1993         /* build a temporary stat struct and copy it to user space */
1994
1995         memset(&t, 0, sizeof(struct ppp_stats));
1996         if (dev->flags & IFF_UP) {
1997                 t.p.ppp_ipackets = lp->stats.rx_packets;
1998                 t.p.ppp_ibytes = lp->stats.rx_bytes;
1999                 t.p.ppp_ierrors = lp->stats.rx_errors;
2000                 t.p.ppp_opackets = lp->stats.tx_packets;
2001                 t.p.ppp_obytes = lp->stats.tx_bytes;
2002                 t.p.ppp_oerrors = lp->stats.tx_errors;
2003 #ifdef CONFIG_ISDN_PPP_VJ
2004                 if (slot >= 0 && ippp_table[slot]->slcomp) {
2005                         struct slcompress *slcomp = ippp_table[slot]->slcomp;
2006                         t.vj.vjs_packets = slcomp->sls_o_compressed + slcomp->sls_o_uncompressed;
2007                         t.vj.vjs_compressed = slcomp->sls_o_compressed;
2008                         t.vj.vjs_searches = slcomp->sls_o_searches;
2009                         t.vj.vjs_misses = slcomp->sls_o_misses;
2010                         t.vj.vjs_errorin = slcomp->sls_i_error;
2011                         t.vj.vjs_tossed = slcomp->sls_i_tossed;
2012                         t.vj.vjs_uncompressedin = slcomp->sls_i_uncompressed;
2013                         t.vj.vjs_compressedin = slcomp->sls_i_compressed;
2014                 }
2015 #endif
2016         }
2017         if (copy_to_user(res, &t, sizeof(struct ppp_stats)))
2018                 return -EFAULT;
2019         return 0;
2020 }
2021
2022 int
2023 isdn_ppp_dev_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
2024 {
2025         int error=0;
2026         int len;
2027         isdn_net_local *lp = (isdn_net_local *) dev->priv;
2028
2029
2030         if (lp->p_encap != ISDN_NET_ENCAP_SYNCPPP)
2031                 return -EINVAL;
2032
2033         switch (cmd) {
2034 #define PPP_VERSION "2.3.7"
2035                 case SIOCGPPPVER:
2036                         len = strlen(PPP_VERSION) + 1;
2037                         if (copy_to_user(ifr->ifr_data, PPP_VERSION, len))
2038                                 error = -EFAULT;
2039                         break;
2040
2041                 case SIOCGPPPSTATS:
2042                         error = isdn_ppp_dev_ioctl_stats(lp->ppp_slot, ifr, dev);
2043                         break;
2044                 default:
2045                         error = -EINVAL;
2046                         break;
2047         }
2048         return error;
2049 }
2050
2051 static int
2052 isdn_ppp_if_get_unit(char *name)
2053 {
2054         int len,
2055          i,
2056          unit = 0,
2057          deci;
2058
2059         len = strlen(name);
2060
2061         if (strncmp("ippp", name, 4) || len > 8)
2062                 return -1;
2063
2064         for (i = 0, deci = 1; i < len; i++, deci *= 10) {
2065                 char a = name[len - i - 1];
2066                 if (a >= '0' && a <= '9')
2067                         unit += (a - '0') * deci;
2068                 else
2069                         break;
2070         }
2071         if (!i || len - i != 4)
2072                 unit = -1;
2073
2074         return unit;
2075 }
2076
2077
2078 int
2079 isdn_ppp_dial_slave(char *name)
2080 {
2081 #ifdef CONFIG_ISDN_MPP
2082         isdn_net_dev *ndev;
2083         isdn_net_local *lp;
2084         struct net_device *sdev;
2085
2086         if (!(ndev = isdn_net_findif(name)))
2087                 return 1;
2088         lp = ndev->local;
2089         if (!(lp->flags & ISDN_NET_CONNECTED))
2090                 return 5;
2091
2092         sdev = lp->slave;
2093         while (sdev) {
2094                 isdn_net_local *mlp = (isdn_net_local *) sdev->priv;
2095                 if (!(mlp->flags & ISDN_NET_CONNECTED))
2096                         break;
2097                 sdev = mlp->slave;
2098         }
2099         if (!sdev)
2100                 return 2;
2101
2102         isdn_net_dial_req((isdn_net_local *) sdev->priv);
2103         return 0;
2104 #else
2105         return -1;
2106 #endif
2107 }
2108
2109 int
2110 isdn_ppp_hangup_slave(char *name)
2111 {
2112 #ifdef CONFIG_ISDN_MPP
2113         isdn_net_dev *ndev;
2114         isdn_net_local *lp;
2115         struct net_device *sdev;
2116
2117         if (!(ndev = isdn_net_findif(name)))
2118                 return 1;
2119         lp = ndev->local;
2120         if (!(lp->flags & ISDN_NET_CONNECTED))
2121                 return 5;
2122
2123         sdev = lp->slave;
2124         while (sdev) {
2125                 isdn_net_local *mlp = (isdn_net_local *) sdev->priv;
2126
2127                 if (mlp->slave) { /* find last connected link in chain */
2128                         isdn_net_local *nlp = (isdn_net_local *) mlp->slave->priv;
2129
2130                         if (!(nlp->flags & ISDN_NET_CONNECTED))
2131                                 break;
2132                 } else if (mlp->flags & ISDN_NET_CONNECTED)
2133                         break;
2134                 
2135                 sdev = mlp->slave;
2136         }
2137         if (!sdev)
2138                 return 2;
2139
2140         isdn_net_hangup(sdev);
2141         return 0;
2142 #else
2143         return -1;
2144 #endif
2145 }
2146
2147 /*
2148  * PPP compression stuff
2149  */
2150
2151
2152 /* Push an empty CCP Data Frame up to the daemon to wake it up and let it
2153    generate a CCP Reset-Request or tear down CCP altogether */
2154
2155 static void isdn_ppp_ccp_kickup(struct ippp_struct *is)
2156 {
2157         isdn_ppp_fill_rq(NULL, 0, PPP_COMP, is->lp->ppp_slot);
2158 }
2159
2160 /* In-kernel handling of CCP Reset-Request and Reset-Ack is necessary,
2161    but absolutely nontrivial. The most abstruse problem we are facing is
2162    that the generation, reception and all the handling of timeouts and
2163    resends including proper request id management should be entirely left
2164    to the (de)compressor, but indeed is not covered by the current API to
2165    the (de)compressor. The API is a prototype version from PPP where only
2166    some (de)compressors have yet been implemented and all of them are
2167    rather simple in their reset handling. Especially, their is only one
2168    outstanding ResetAck at a time with all of them and ResetReq/-Acks do
2169    not have parameters. For this very special case it was sufficient to
2170    just return an error code from the decompressor and have a single
2171    reset() entry to communicate all the necessary information between
2172    the framework and the (de)compressor. Bad enough, LZS is different
2173    (and any other compressor may be different, too). It has multiple
2174    histories (eventually) and needs to Reset each of them independently
2175    and thus uses multiple outstanding Acks and history numbers as an
2176    additional parameter to Reqs/Acks.
2177    All that makes it harder to port the reset state engine into the
2178    kernel because it is not just the same simple one as in (i)pppd but
2179    it must be able to pass additional parameters and have multiple out-
2180    standing Acks. We are trying to achieve the impossible by handling
2181    reset transactions independent by their id. The id MUST change when
2182    the data portion changes, thus any (de)compressor who uses more than
2183    one resettable state must provide and recognize individual ids for
2184    each individual reset transaction. The framework itself does _only_
2185    differentiate them by id, because it has no other semantics like the
2186    (de)compressor might.
2187    This looks like a major redesign of the interface would be nice,
2188    but I don't have an idea how to do it better. */
2189
2190 /* Send a CCP Reset-Request or Reset-Ack directly from the kernel. This is
2191    getting that lengthy because there is no simple "send-this-frame-out"
2192    function above but every wrapper does a bit different. Hope I guess
2193    correct in this hack... */
2194
2195 static void isdn_ppp_ccp_xmit_reset(struct ippp_struct *is, int proto,
2196                                     unsigned char code, unsigned char id,
2197                                     unsigned char *data, int len)
2198 {
2199         struct sk_buff *skb;
2200         unsigned char *p;
2201         int hl;
2202         int cnt = 0;
2203         isdn_net_local *lp = is->lp;
2204
2205         /* Alloc large enough skb */
2206         hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen;
2207         skb = alloc_skb(len + hl + 16,GFP_ATOMIC);
2208         if(!skb) {
2209                 printk(KERN_WARNING
2210                        "ippp: CCP cannot send reset - out of memory\n");
2211                 return;
2212         }
2213         skb_reserve(skb, hl);
2214
2215         /* We may need to stuff an address and control field first */
2216         if(!(is->pppcfg & SC_COMP_AC)) {
2217                 p = skb_put(skb, 2);
2218                 *p++ = 0xff;
2219                 *p++ = 0x03;
2220         }
2221
2222         /* Stuff proto, code, id and length */
2223         p = skb_put(skb, 6);
2224         *p++ = (proto >> 8);
2225         *p++ = (proto & 0xff);
2226         *p++ = code;
2227         *p++ = id;
2228         cnt = 4 + len;
2229         *p++ = (cnt >> 8);
2230         *p++ = (cnt & 0xff);
2231
2232         /* Now stuff remaining bytes */
2233         if(len) {
2234                 p = skb_put(skb, len);
2235                 memcpy(p, data, len);
2236         }
2237
2238         /* skb is now ready for xmit */
2239         printk(KERN_DEBUG "Sending CCP Frame:\n");
2240         isdn_ppp_frame_log("ccp-xmit", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2241
2242         isdn_net_write_super(lp, skb);
2243 }
2244
2245 /* Allocate the reset state vector */
2246 static struct ippp_ccp_reset *isdn_ppp_ccp_reset_alloc(struct ippp_struct *is)
2247 {
2248         struct ippp_ccp_reset *r;
2249         r = kmalloc(sizeof(struct ippp_ccp_reset), GFP_KERNEL);
2250         if(!r) {
2251                 printk(KERN_ERR "ippp_ccp: failed to allocate reset data"
2252                        " structure - no mem\n");
2253                 return NULL;
2254         }
2255         memset(r, 0, sizeof(struct ippp_ccp_reset));
2256         printk(KERN_DEBUG "ippp_ccp: allocated reset data structure %p\n", r);
2257         is->reset = r;
2258         return r;
2259 }
2260
2261 /* Destroy the reset state vector. Kill all pending timers first. */
2262 static void isdn_ppp_ccp_reset_free(struct ippp_struct *is)
2263 {
2264         unsigned int id;
2265
2266         printk(KERN_DEBUG "ippp_ccp: freeing reset data structure %p\n",
2267                is->reset);
2268         for(id = 0; id < 256; id++) {
2269                 if(is->reset->rs[id]) {
2270                         isdn_ppp_ccp_reset_free_state(is, (unsigned char)id);
2271                 }
2272         }
2273         kfree(is->reset);
2274         is->reset = NULL;
2275 }
2276
2277 /* Free a given state and clear everything up for later reallocation */
2278 static void isdn_ppp_ccp_reset_free_state(struct ippp_struct *is,
2279                                           unsigned char id)
2280 {
2281         struct ippp_ccp_reset_state *rs;
2282
2283         if(is->reset->rs[id]) {
2284                 printk(KERN_DEBUG "ippp_ccp: freeing state for id %d\n", id);
2285                 rs = is->reset->rs[id];
2286                 /* Make sure the kernel will not call back later */
2287                 if(rs->ta)
2288                         del_timer(&rs->timer);
2289                 is->reset->rs[id] = NULL;
2290                 kfree(rs);
2291         } else {
2292                 printk(KERN_WARNING "ippp_ccp: id %d is not allocated\n", id);
2293         }
2294 }
2295
2296 /* The timer callback function which is called when a ResetReq has timed out,
2297    aka has never been answered by a ResetAck */
2298 static void isdn_ppp_ccp_timer_callback(unsigned long closure)
2299 {
2300         struct ippp_ccp_reset_state *rs =
2301                 (struct ippp_ccp_reset_state *)closure;
2302
2303         if(!rs) {
2304                 printk(KERN_ERR "ippp_ccp: timer cb with zero closure.\n");
2305                 return;
2306         }
2307         if(rs->ta && rs->state == CCPResetSentReq) {
2308                 /* We are correct here */
2309                 if(!rs->expra) {
2310                         /* Hmm, there is no Ack really expected. We can clean
2311                            up the state now, it will be reallocated if the
2312                            decompressor insists on another reset */
2313                         rs->ta = 0;
2314                         isdn_ppp_ccp_reset_free_state(rs->is, rs->id);
2315                         return;
2316                 }
2317                 printk(KERN_DEBUG "ippp_ccp: CCP Reset timed out for id %d\n",
2318                        rs->id);
2319                 /* Push it again */
2320                 isdn_ppp_ccp_xmit_reset(rs->is, PPP_CCP, CCP_RESETREQ, rs->id,
2321                                         rs->data, rs->dlen);
2322                 /* Restart timer */
2323                 rs->timer.expires = jiffies + HZ*5;
2324                 add_timer(&rs->timer);
2325         } else {
2326                 printk(KERN_WARNING "ippp_ccp: timer cb in wrong state %d\n",
2327                        rs->state);
2328         }
2329 }
2330
2331 /* Allocate a new reset transaction state */
2332 static struct ippp_ccp_reset_state *isdn_ppp_ccp_reset_alloc_state(struct ippp_struct *is,
2333                                                       unsigned char id)
2334 {
2335         struct ippp_ccp_reset_state *rs;
2336         if(is->reset->rs[id]) {
2337                 printk(KERN_WARNING "ippp_ccp: old state exists for id %d\n",
2338                        id);
2339                 return NULL;
2340         } else {
2341                 rs = kmalloc(sizeof(struct ippp_ccp_reset_state), GFP_KERNEL);
2342                 if(!rs)
2343                         return NULL;
2344                 memset(rs, 0, sizeof(struct ippp_ccp_reset_state));
2345                 rs->state = CCPResetIdle;
2346                 rs->is = is;
2347                 rs->id = id;
2348                 rs->timer.data = (unsigned long)rs;
2349                 rs->timer.function = isdn_ppp_ccp_timer_callback;
2350                 is->reset->rs[id] = rs;
2351         }
2352         return rs;
2353 }
2354
2355
2356 /* A decompressor wants a reset with a set of parameters - do what is
2357    necessary to fulfill it */
2358 static void isdn_ppp_ccp_reset_trans(struct ippp_struct *is,
2359                                      struct isdn_ppp_resetparams *rp)
2360 {
2361         struct ippp_ccp_reset_state *rs;
2362
2363         if(rp->valid) {
2364                 /* The decompressor defines parameters by itself */
2365                 if(rp->rsend) {
2366                         /* And he wants us to send a request */
2367                         if(!(rp->idval)) {
2368                                 printk(KERN_ERR "ippp_ccp: decompressor must"
2369                                        " specify reset id\n");
2370                                 return;
2371                         }
2372                         if(is->reset->rs[rp->id]) {
2373                                 /* There is already a transaction in existence
2374                                    for this id. May be still waiting for a
2375                                    Ack or may be wrong. */
2376                                 rs = is->reset->rs[rp->id];
2377                                 if(rs->state == CCPResetSentReq && rs->ta) {
2378                                         printk(KERN_DEBUG "ippp_ccp: reset"
2379                                                " trans still in progress"
2380                                                " for id %d\n", rp->id);
2381                                 } else {
2382                                         printk(KERN_WARNING "ippp_ccp: reset"
2383                                                " trans in wrong state %d for"
2384                                                " id %d\n", rs->state, rp->id);
2385                                 }
2386                         } else {
2387                                 /* Ok, this is a new transaction */
2388                                 printk(KERN_DEBUG "ippp_ccp: new trans for id"
2389                                        " %d to be started\n", rp->id);
2390                                 rs = isdn_ppp_ccp_reset_alloc_state(is, rp->id);
2391                                 if(!rs) {
2392                                         printk(KERN_ERR "ippp_ccp: out of mem"
2393                                                " allocing ccp trans\n");
2394                                         return;
2395                                 }
2396                                 rs->state = CCPResetSentReq;
2397                                 rs->expra = rp->expra;
2398                                 if(rp->dtval) {
2399                                         rs->dlen = rp->dlen;
2400                                         memcpy(rs->data, rp->data, rp->dlen);
2401                                 }
2402                                 /* HACK TODO - add link comp here */
2403                                 isdn_ppp_ccp_xmit_reset(is, PPP_CCP,
2404                                                         CCP_RESETREQ, rs->id,
2405                                                         rs->data, rs->dlen);
2406                                 /* Start the timer */
2407                                 rs->timer.expires = jiffies + 5*HZ;
2408                                 add_timer(&rs->timer);
2409                                 rs->ta = 1;
2410                         }
2411                 } else {
2412                         printk(KERN_DEBUG "ippp_ccp: no reset sent\n");
2413                 }
2414         } else {
2415                 /* The reset params are invalid. The decompressor does not
2416                    care about them, so we just send the minimal requests
2417                    and increase ids only when an Ack is received for a
2418                    given id */
2419                 if(is->reset->rs[is->reset->lastid]) {
2420                         /* There is already a transaction in existence
2421                            for this id. May be still waiting for a
2422                            Ack or may be wrong. */
2423                         rs = is->reset->rs[is->reset->lastid];
2424                         if(rs->state == CCPResetSentReq && rs->ta) {
2425                                 printk(KERN_DEBUG "ippp_ccp: reset"
2426                                        " trans still in progress"
2427                                        " for id %d\n", rp->id);
2428                         } else {
2429                                 printk(KERN_WARNING "ippp_ccp: reset"
2430                                        " trans in wrong state %d for"
2431                                        " id %d\n", rs->state, rp->id);
2432                         }
2433                 } else {
2434                         printk(KERN_DEBUG "ippp_ccp: new trans for id"
2435                                " %d to be started\n", is->reset->lastid);
2436                         rs = isdn_ppp_ccp_reset_alloc_state(is,
2437                                                             is->reset->lastid);
2438                         if(!rs) {
2439                                 printk(KERN_ERR "ippp_ccp: out of mem"
2440                                        " allocing ccp trans\n");
2441                                 return;
2442                         }
2443                         rs->state = CCPResetSentReq;
2444                         /* We always expect an Ack if the decompressor doesn't
2445                            know better */
2446                         rs->expra = 1;
2447                         rs->dlen = 0;
2448                         /* HACK TODO - add link comp here */
2449                         isdn_ppp_ccp_xmit_reset(is, PPP_CCP, CCP_RESETREQ,
2450                                                 rs->id, NULL, 0);
2451                         /* Start the timer */
2452                         rs->timer.expires = jiffies + 5*HZ;
2453                         add_timer(&rs->timer);
2454                         rs->ta = 1;
2455                 }
2456         }
2457 }
2458
2459 /* An Ack was received for this id. This means we stop the timer and clean
2460    up the state prior to calling the decompressors reset routine. */
2461 static void isdn_ppp_ccp_reset_ack_rcvd(struct ippp_struct *is,
2462                                         unsigned char id)
2463 {
2464         struct ippp_ccp_reset_state *rs = is->reset->rs[id];
2465
2466         if(rs) {
2467                 if(rs->ta && rs->state == CCPResetSentReq) {
2468                         /* Great, we are correct */
2469                         if(!rs->expra)
2470                                 printk(KERN_DEBUG "ippp_ccp: ResetAck received"
2471                                        " for id %d but not expected\n", id);
2472                 } else {
2473                         printk(KERN_INFO "ippp_ccp: ResetAck received out of"
2474                                "sync for id %d\n", id);
2475                 }
2476                 if(rs->ta) {
2477                         rs->ta = 0;
2478                         del_timer(&rs->timer);
2479                 }
2480                 isdn_ppp_ccp_reset_free_state(is, id);
2481         } else {
2482                 printk(KERN_INFO "ippp_ccp: ResetAck received for unknown id"
2483                        " %d\n", id);
2484         }
2485         /* Make sure the simple reset stuff uses a new id next time */
2486         is->reset->lastid++;
2487 }
2488
2489 /* 
2490  * decompress packet
2491  *
2492  * if master = 0, we're trying to uncompress an per-link compressed packet,
2493  * as opposed to an compressed reconstructed-from-MPPP packet.
2494  * proto is updated to protocol field of uncompressed packet.
2495  *
2496  * retval: decompressed packet,
2497  *         same packet if uncompressed,
2498  *         NULL if decompression error
2499  */
2500
2501 static struct sk_buff *isdn_ppp_decompress(struct sk_buff *skb,struct ippp_struct *is,struct ippp_struct *master,
2502         int *proto)
2503 {
2504         void *stat = NULL;
2505         struct isdn_ppp_compressor *ipc = NULL;
2506         struct sk_buff *skb_out;
2507         int len;
2508         struct ippp_struct *ri;
2509         struct isdn_ppp_resetparams rsparm;
2510         unsigned char rsdata[IPPP_RESET_MAXDATABYTES];
2511
2512         if(!master) {
2513                 // per-link decompression 
2514                 stat = is->link_decomp_stat;
2515                 ipc = is->link_decompressor;
2516                 ri = is;
2517         } else {
2518                 stat = master->decomp_stat;
2519                 ipc = master->decompressor;
2520                 ri = master;
2521         }
2522
2523         if (!ipc) {
2524                 // no decompressor -> we can't decompress.
2525                 printk(KERN_DEBUG "ippp: no decompressor defined!\n");
2526                 return skb;
2527         }
2528         BUG_ON(!stat); // if we have a compressor, stat has been set as well
2529
2530         if((master && *proto == PPP_COMP) || (!master && *proto == PPP_COMPFRAG) ) {
2531                 // compressed packets are compressed by their protocol type
2532
2533                 // Set up reset params for the decompressor
2534                 memset(&rsparm, 0, sizeof(rsparm));
2535                 rsparm.data = rsdata;
2536                 rsparm.maxdlen = IPPP_RESET_MAXDATABYTES;
2537   
2538                 skb_out = dev_alloc_skb(is->mru + PPP_HDRLEN);
2539                 len = ipc->decompress(stat, skb, skb_out, &rsparm);
2540                 kfree_skb(skb);
2541                 if (len <= 0) {
2542                         switch(len) {
2543                         case DECOMP_ERROR:
2544                                 printk(KERN_INFO "ippp: decomp wants reset %s params\n",
2545                                        rsparm.valid ? "with" : "without");
2546                                 
2547                                 isdn_ppp_ccp_reset_trans(ri, &rsparm);
2548                                 break;
2549                         case DECOMP_FATALERROR:
2550                                 ri->pppcfg |= SC_DC_FERROR;
2551                                 /* Kick ipppd to recognize the error */
2552                                 isdn_ppp_ccp_kickup(ri);
2553                                 break;
2554                         }
2555                         kfree_skb(skb_out);
2556                         return NULL;
2557                 }
2558                 *proto = isdn_ppp_strip_proto(skb_out);
2559                 if (*proto < 0) {
2560                         kfree_skb(skb_out);
2561                         return NULL;
2562                 }
2563                 return skb_out;
2564         } else { 
2565                 // uncompressed packets are fed through the decompressor to
2566                 // update the decompressor state
2567                 ipc->incomp(stat, skb, *proto);
2568                 return skb;
2569         }
2570 }
2571
2572 /*
2573  * compress a frame 
2574  *   type=0: normal/bundle compression
2575  *       =1: link compression
2576  * returns original skb if we haven't compressed the frame
2577  * and a new skb pointer if we've done it
2578  */
2579 static struct sk_buff *isdn_ppp_compress(struct sk_buff *skb_in,int *proto,
2580         struct ippp_struct *is,struct ippp_struct *master,int type)
2581 {
2582     int ret;
2583     int new_proto;
2584     struct isdn_ppp_compressor *compressor;
2585     void *stat;
2586     struct sk_buff *skb_out;
2587
2588         /* we do not compress control protocols */
2589     if(*proto < 0 || *proto > 0x3fff) {
2590             return skb_in;
2591     }
2592
2593         if(type) { /* type=1 => Link compression */
2594                 return skb_in;
2595         }
2596         else {
2597                 if(!master) {
2598                         compressor = is->compressor;
2599                         stat = is->comp_stat;
2600                 }
2601                 else {
2602                         compressor = master->compressor;
2603                         stat = master->comp_stat;
2604                 }
2605                 new_proto = PPP_COMP;
2606         }
2607
2608         if(!compressor) {
2609                 printk(KERN_ERR "isdn_ppp: No compressor set!\n");
2610                 return skb_in;
2611         }
2612         if(!stat) {
2613                 printk(KERN_ERR "isdn_ppp: Compressor not initialized?\n");
2614                 return skb_in;
2615         }
2616
2617         /* Allow for at least 150 % expansion (for now) */
2618         skb_out = alloc_skb(skb_in->len + skb_in->len/2 + 32 +
2619                 skb_headroom(skb_in), GFP_ATOMIC);
2620         if(!skb_out)
2621                 return skb_in;
2622         skb_reserve(skb_out, skb_headroom(skb_in));
2623
2624         ret = (compressor->compress)(stat,skb_in,skb_out,*proto);
2625         if(!ret) {
2626                 dev_kfree_skb(skb_out);
2627                 return skb_in;
2628         }
2629         
2630         dev_kfree_skb(skb_in);
2631         *proto = new_proto;
2632         return skb_out;
2633 }
2634
2635 /*
2636  * we received a CCP frame .. 
2637  * not a clean solution, but we MUST handle a few cases in the kernel
2638  */
2639 static void isdn_ppp_receive_ccp(isdn_net_dev *net_dev, isdn_net_local *lp,
2640          struct sk_buff *skb,int proto)
2641 {
2642         struct ippp_struct *is;
2643         struct ippp_struct *mis;
2644         int len;
2645         struct isdn_ppp_resetparams rsparm;
2646         unsigned char rsdata[IPPP_RESET_MAXDATABYTES];  
2647
2648         printk(KERN_DEBUG "Received CCP frame from peer slot(%d)\n",
2649                 lp->ppp_slot);
2650         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
2651                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
2652                         __FUNCTION__, lp->ppp_slot);
2653                 return;
2654         }
2655         is = ippp_table[lp->ppp_slot];
2656         isdn_ppp_frame_log("ccp-rcv", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2657
2658         if(lp->master) {
2659                 int slot = ((isdn_net_local *) (lp->master->priv))->ppp_slot;
2660                 if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
2661                         printk(KERN_ERR "%s: slot(%d) out of range\n",
2662                                 __FUNCTION__, slot);
2663                         return;
2664                 }       
2665                 mis = ippp_table[slot];
2666         } else
2667                 mis = is;
2668
2669         switch(skb->data[0]) {
2670         case CCP_CONFREQ:
2671                 if(is->debug & 0x10)
2672                         printk(KERN_DEBUG "Disable compression here!\n");
2673                 if(proto == PPP_CCP)
2674                         mis->compflags &= ~SC_COMP_ON;          
2675                 else
2676                         is->compflags &= ~SC_LINK_COMP_ON;              
2677                 break;
2678         case CCP_TERMREQ:
2679         case CCP_TERMACK:
2680                 if(is->debug & 0x10)
2681                         printk(KERN_DEBUG "Disable (de)compression here!\n");
2682                 if(proto == PPP_CCP)
2683                         mis->compflags &= ~(SC_DECOMP_ON|SC_COMP_ON);           
2684                 else
2685                         is->compflags &= ~(SC_LINK_DECOMP_ON|SC_LINK_COMP_ON);          
2686                 break;
2687         case CCP_CONFACK:
2688                 /* if we RECEIVE an ackowledge we enable the decompressor */
2689                 if(is->debug & 0x10)
2690                         printk(KERN_DEBUG "Enable decompression here!\n");
2691                 if(proto == PPP_CCP) {
2692                         if (!mis->decompressor)
2693                                 break;
2694                         mis->compflags |= SC_DECOMP_ON;
2695                 } else {
2696                         if (!is->decompressor)
2697                                 break;
2698                         is->compflags |= SC_LINK_DECOMP_ON;
2699                 }
2700                 break;
2701
2702         case CCP_RESETACK:
2703                 printk(KERN_DEBUG "Received ResetAck from peer\n");
2704                 len = (skb->data[2] << 8) | skb->data[3];
2705                 len -= 4;
2706
2707                 if(proto == PPP_CCP) {
2708                         /* If a reset Ack was outstanding for this id, then
2709                            clean up the state engine */
2710                         isdn_ppp_ccp_reset_ack_rcvd(mis, skb->data[1]);
2711                         if(mis->decompressor && mis->decomp_stat)
2712                                 mis->decompressor->
2713                                         reset(mis->decomp_stat,
2714                                               skb->data[0],
2715                                               skb->data[1],
2716                                               len ? &skb->data[4] : NULL,
2717                                               len, NULL);
2718                         /* TODO: This is not easy to decide here */
2719                         mis->compflags &= ~SC_DECOMP_DISCARD;
2720                 }
2721                 else {
2722                         isdn_ppp_ccp_reset_ack_rcvd(is, skb->data[1]);
2723                         if(is->link_decompressor && is->link_decomp_stat)
2724                                 is->link_decompressor->
2725                                         reset(is->link_decomp_stat,
2726                                               skb->data[0],
2727                                               skb->data[1],
2728                                               len ? &skb->data[4] : NULL,
2729                                               len, NULL);
2730                         /* TODO: neither here */
2731                         is->compflags &= ~SC_LINK_DECOMP_DISCARD;
2732                 }
2733                 break;
2734
2735         case CCP_RESETREQ:
2736                 printk(KERN_DEBUG "Received ResetReq from peer\n");
2737                 /* Receiving a ResetReq means we must reset our compressor */
2738                 /* Set up reset params for the reset entry */
2739                 memset(&rsparm, 0, sizeof(rsparm));
2740                 rsparm.data = rsdata;
2741                 rsparm.maxdlen = IPPP_RESET_MAXDATABYTES; 
2742                 /* Isolate data length */
2743                 len = (skb->data[2] << 8) | skb->data[3];
2744                 len -= 4;
2745                 if(proto == PPP_CCP) {
2746                         if(mis->compressor && mis->comp_stat)
2747                                 mis->compressor->
2748                                         reset(mis->comp_stat,
2749                                               skb->data[0],
2750                                               skb->data[1],
2751                                               len ? &skb->data[4] : NULL,
2752                                               len, &rsparm);
2753                 }
2754                 else {
2755                         if(is->link_compressor && is->link_comp_stat)
2756                                 is->link_compressor->
2757                                         reset(is->link_comp_stat,
2758                                               skb->data[0],
2759                                               skb->data[1],
2760                                               len ? &skb->data[4] : NULL,
2761                                               len, &rsparm);
2762                 }
2763                 /* Ack the Req as specified by rsparm */
2764                 if(rsparm.valid) {
2765                         /* Compressor reset handler decided how to answer */
2766                         if(rsparm.rsend) {
2767                                 /* We should send a Frame */
2768                                 isdn_ppp_ccp_xmit_reset(is, proto, CCP_RESETACK,
2769                                                         rsparm.idval ? rsparm.id
2770                                                         : skb->data[1],
2771                                                         rsparm.dtval ?
2772                                                         rsparm.data : NULL,
2773                                                         rsparm.dtval ?
2774                                                         rsparm.dlen : 0);
2775                         } else {
2776                                 printk(KERN_DEBUG "ResetAck suppressed\n");
2777                         }
2778                 } else {
2779                         /* We answer with a straight reflected Ack */
2780                         isdn_ppp_ccp_xmit_reset(is, proto, CCP_RESETACK,
2781                                                 skb->data[1],
2782                                                 len ? &skb->data[4] : NULL,
2783                                                 len);
2784                 }
2785                 break;
2786         }
2787 }
2788
2789
2790 /*
2791  * Daemon sends a CCP frame ...
2792  */
2793
2794 /* TODO: Clean this up with new Reset semantics */
2795
2796 /* I believe the CCP handling as-is is done wrong. Compressed frames
2797  * should only be sent/received after CCP reaches UP state, which means
2798  * both sides have sent CONF_ACK. Currently, we handle both directions
2799  * independently, which means we may accept compressed frames too early
2800  * (supposedly not a problem), but may also mean we send compressed frames
2801  * too early, which may turn out to be a problem.
2802  * This part of state machine should actually be handled by (i)pppd, but
2803  * that's too big of a change now. --kai
2804  */
2805
2806 /* Actually, we might turn this into an advantage: deal with the RFC in
2807  * the old tradition of beeing generous on what we accept, but beeing
2808  * strict on what we send. Thus we should just
2809  * - accept compressed frames as soon as decompression is negotiated
2810  * - send compressed frames only when decomp *and* comp are negotiated
2811  * - drop rx compressed frames if we cannot decomp (instead of pushing them
2812  *   up to ipppd)
2813  * and I tried to modify this file according to that. --abp
2814  */
2815
2816 static void isdn_ppp_send_ccp(isdn_net_dev *net_dev, isdn_net_local *lp, struct sk_buff *skb)
2817 {
2818         struct ippp_struct *mis,*is;
2819         int proto, slot = lp->ppp_slot;
2820         unsigned char *data;
2821
2822         if(!skb || skb->len < 3)
2823                 return;
2824         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
2825                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
2826                         __FUNCTION__, slot);
2827                 return;
2828         }       
2829         is = ippp_table[slot];
2830         /* Daemon may send with or without address and control field comp */
2831         data = skb->data;
2832         if(!(is->pppcfg & SC_COMP_AC) && data[0] == 0xff && data[1] == 0x03) {
2833                 data += 2;
2834                 if(skb->len < 5)
2835                         return;
2836         }
2837
2838         proto = ((int)data[0]<<8)+data[1];
2839         if(proto != PPP_CCP && proto != PPP_CCPFRAG)
2840                 return;
2841
2842         printk(KERN_DEBUG "Received CCP frame from daemon:\n");
2843         isdn_ppp_frame_log("ccp-xmit", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2844
2845         if (lp->master) {
2846                 slot = ((isdn_net_local *) (lp->master->priv))->ppp_slot;
2847                 if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
2848                         printk(KERN_ERR "%s: slot(%d) out of range\n",
2849                                 __FUNCTION__, slot);
2850                         return;
2851                 }       
2852                 mis = ippp_table[slot];
2853         } else
2854                 mis = is;
2855         if (mis != is)
2856                 printk(KERN_DEBUG "isdn_ppp: Ouch! Master CCP sends on slave slot!\n");
2857         
2858         switch(data[2]) {
2859         case CCP_CONFREQ:
2860                 if(is->debug & 0x10)
2861                         printk(KERN_DEBUG "Disable decompression here!\n");
2862                 if(proto == PPP_CCP)
2863                         is->compflags &= ~SC_DECOMP_ON;
2864                 else
2865                         is->compflags &= ~SC_LINK_DECOMP_ON;
2866                 break;
2867         case CCP_TERMREQ:
2868         case CCP_TERMACK:
2869                 if(is->debug & 0x10)
2870                         printk(KERN_DEBUG "Disable (de)compression here!\n");
2871                 if(proto == PPP_CCP)
2872                         is->compflags &= ~(SC_DECOMP_ON|SC_COMP_ON);
2873                 else
2874                         is->compflags &= ~(SC_LINK_DECOMP_ON|SC_LINK_COMP_ON);
2875                 break;
2876         case CCP_CONFACK:
2877                 /* if we SEND an ackowledge we can/must enable the compressor */
2878                 if(is->debug & 0x10)
2879                         printk(KERN_DEBUG "Enable compression here!\n");
2880                 if(proto == PPP_CCP) {
2881                         if (!is->compressor)
2882                                 break;
2883                         is->compflags |= SC_COMP_ON;
2884                 } else {
2885                         if (!is->compressor)
2886                                 break;
2887                         is->compflags |= SC_LINK_COMP_ON;
2888                 }
2889                 break;
2890         case CCP_RESETACK:
2891                 /* If we send a ACK we should reset our compressor */
2892                 if(is->debug & 0x10)
2893                         printk(KERN_DEBUG "Reset decompression state here!\n");
2894                 printk(KERN_DEBUG "ResetAck from daemon passed by\n");
2895                 if(proto == PPP_CCP) {
2896                         /* link to master? */
2897                         if(is->compressor && is->comp_stat)
2898                                 is->compressor->reset(is->comp_stat, 0, 0,
2899                                                       NULL, 0, NULL);
2900                         is->compflags &= ~SC_COMP_DISCARD;      
2901                 }
2902                 else {
2903                         if(is->link_compressor && is->link_comp_stat)
2904                                 is->link_compressor->reset(is->link_comp_stat,
2905                                                            0, 0, NULL, 0, NULL);
2906                         is->compflags &= ~SC_LINK_COMP_DISCARD; 
2907                 }
2908                 break;
2909         case CCP_RESETREQ:
2910                 /* Just let it pass by */
2911                 printk(KERN_DEBUG "ResetReq from daemon passed by\n");
2912                 break;
2913         }
2914 }
2915
2916 int isdn_ppp_register_compressor(struct isdn_ppp_compressor *ipc)
2917 {
2918         ipc->next = ipc_head;
2919         ipc->prev = NULL;
2920         if(ipc_head) {
2921                 ipc_head->prev = ipc;
2922         }
2923         ipc_head = ipc;
2924         return 0;
2925 }
2926
2927 int isdn_ppp_unregister_compressor(struct isdn_ppp_compressor *ipc)
2928 {
2929         if(ipc->prev)
2930                 ipc->prev->next = ipc->next;
2931         else
2932                 ipc_head = ipc->next;
2933         if(ipc->next)
2934                 ipc->next->prev = ipc->prev;
2935         ipc->prev = ipc->next = NULL;
2936         return 0;
2937 }
2938
2939 static int isdn_ppp_set_compressor(struct ippp_struct *is, struct isdn_ppp_comp_data *data)
2940 {
2941         struct isdn_ppp_compressor *ipc = ipc_head;
2942         int ret;
2943         void *stat;
2944         int num = data->num;
2945
2946         if(is->debug & 0x10)
2947                 printk(KERN_DEBUG "[%d] Set %s type %d\n",is->unit,
2948                         (data->flags&IPPP_COMP_FLAG_XMIT)?"compressor":"decompressor",num);
2949
2950         /* If is has no valid reset state vector, we cannot allocate a
2951            decompressor. The decompressor would cause reset transactions
2952            sooner or later, and they need that vector. */
2953
2954         if(!(data->flags & IPPP_COMP_FLAG_XMIT) && !is->reset) {
2955                 printk(KERN_ERR "ippp_ccp: no reset data structure - can't"
2956                        " allow decompression.\n");
2957                 return -ENOMEM;
2958         }
2959
2960         while(ipc) {
2961                 if(ipc->num == num) {
2962                         stat = ipc->alloc(data);
2963                         if(stat) {
2964                                 ret = ipc->init(stat,data,is->unit,0);
2965                                 if(!ret) {
2966                                         printk(KERN_ERR "Can't init (de)compression!\n");
2967                                         ipc->free(stat);
2968                                         stat = NULL;
2969                                         break;
2970                                 }
2971                         }
2972                         else {
2973                                 printk(KERN_ERR "Can't alloc (de)compression!\n");
2974                                 break;
2975                         }
2976
2977                         if(data->flags & IPPP_COMP_FLAG_XMIT) {
2978                                 if(data->flags & IPPP_COMP_FLAG_LINK) {
2979                                         if(is->link_comp_stat)
2980                                                 is->link_compressor->free(is->link_comp_stat);
2981                                         is->link_comp_stat = stat;
2982                                         is->link_compressor = ipc;
2983                                 }
2984                                 else {
2985                                         if(is->comp_stat)
2986                                                 is->compressor->free(is->comp_stat);
2987                                         is->comp_stat = stat;
2988                                         is->compressor = ipc;
2989                                 }
2990                         }
2991                         else {
2992                                 if(data->flags & IPPP_COMP_FLAG_LINK) {
2993                                         if(is->link_decomp_stat)
2994                                                 is->link_decompressor->free(is->link_decomp_stat);
2995                                         is->link_decomp_stat = stat;
2996                                         is->link_decompressor = ipc;
2997                                 }
2998                                 else {
2999                                         if(is->decomp_stat)
3000                                                 is->decompressor->free(is->decomp_stat);
3001                                         is->decomp_stat = stat;
3002                                         is->decompressor = ipc;
3003                                 }
3004                         }
3005                         return 0;
3006                 }
3007                 ipc = ipc->next;
3008         }
3009         return -EINVAL;
3010 }