IB/srp: Fix FMR mapping for 32-bit kernels and addresses above 4G
[linux-2.6] / drivers / isdn / i4l / isdn_ppp.c
1 /* $Id: isdn_ppp.c,v 1.1.2.3 2004/02/10 01:07:13 keil Exp $
2  *
3  * Linux ISDN subsystem, functions for synchronous PPP (linklevel).
4  *
5  * Copyright 1995,96 by Michael Hipp (Michael.Hipp@student.uni-tuebingen.de)
6  *
7  * This software may be used and distributed according to the terms
8  * of the GNU General Public License, incorporated herein by reference.
9  *
10  */
11
12 #include <linux/isdn.h>
13 #include <linux/poll.h>
14 #include <linux/ppp-comp.h>
15 #ifdef CONFIG_IPPP_FILTER
16 #include <linux/filter.h>
17 #endif
18
19 #include "isdn_common.h"
20 #include "isdn_ppp.h"
21 #include "isdn_net.h"
22
23 #ifndef PPP_IPX
24 #define PPP_IPX 0x002b
25 #endif
26
27 /* Prototypes */
28 static int isdn_ppp_fill_rq(unsigned char *buf, int len, int proto, int slot);
29 static int isdn_ppp_closewait(int slot);
30 static void isdn_ppp_push_higher(isdn_net_dev * net_dev, isdn_net_local * lp,
31                                  struct sk_buff *skb, int proto);
32 static int isdn_ppp_if_get_unit(char *namebuf);
33 static int isdn_ppp_set_compressor(struct ippp_struct *is,struct isdn_ppp_comp_data *);
34 static struct sk_buff *isdn_ppp_decompress(struct sk_buff *,
35                                 struct ippp_struct *,struct ippp_struct *,int *proto);
36 static void isdn_ppp_receive_ccp(isdn_net_dev * net_dev, isdn_net_local * lp,
37                                 struct sk_buff *skb,int proto);
38 static struct sk_buff *isdn_ppp_compress(struct sk_buff *skb_in,int *proto,
39         struct ippp_struct *is,struct ippp_struct *master,int type);
40 static void isdn_ppp_send_ccp(isdn_net_dev *net_dev, isdn_net_local *lp,
41          struct sk_buff *skb);
42
43 /* New CCP stuff */
44 static void isdn_ppp_ccp_kickup(struct ippp_struct *is);
45 static void isdn_ppp_ccp_xmit_reset(struct ippp_struct *is, int proto,
46                                     unsigned char code, unsigned char id,
47                                     unsigned char *data, int len);
48 static struct ippp_ccp_reset *isdn_ppp_ccp_reset_alloc(struct ippp_struct *is);
49 static void isdn_ppp_ccp_reset_free(struct ippp_struct *is);
50 static void isdn_ppp_ccp_reset_free_state(struct ippp_struct *is,
51                                           unsigned char id);
52 static void isdn_ppp_ccp_timer_callback(unsigned long closure);
53 static struct ippp_ccp_reset_state *isdn_ppp_ccp_reset_alloc_state(struct ippp_struct *is,
54                                                       unsigned char id);
55 static void isdn_ppp_ccp_reset_trans(struct ippp_struct *is,
56                                      struct isdn_ppp_resetparams *rp);
57 static void isdn_ppp_ccp_reset_ack_rcvd(struct ippp_struct *is,
58                                         unsigned char id);
59
60
61
62 #ifdef CONFIG_ISDN_MPP
63 static ippp_bundle * isdn_ppp_bundle_arr = NULL;
64  
65 static int isdn_ppp_mp_bundle_array_init(void);
66 static int isdn_ppp_mp_init( isdn_net_local * lp, ippp_bundle * add_to );
67 static void isdn_ppp_mp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, 
68                                                         struct sk_buff *skb);
69 static void isdn_ppp_mp_cleanup( isdn_net_local * lp );
70
71 static int isdn_ppp_bundle(struct ippp_struct *, int unit);
72 #endif  /* CONFIG_ISDN_MPP */
73   
74 char *isdn_ppp_revision = "$Revision: 1.1.2.3 $";
75
76 static struct ippp_struct *ippp_table[ISDN_MAX_CHANNELS];
77
78 static struct isdn_ppp_compressor *ipc_head = NULL;
79
80 /*
81  * frame log (debug)
82  */
83 static void
84 isdn_ppp_frame_log(char *info, char *data, int len, int maxlen,int unit,int slot)
85 {
86         int cnt,
87          j,
88          i;
89         char buf[80];
90
91         if (len < maxlen)
92                 maxlen = len;
93
94         for (i = 0, cnt = 0; cnt < maxlen; i++) {
95                 for (j = 0; j < 16 && cnt < maxlen; j++, cnt++)
96                         sprintf(buf + j * 3, "%02x ", (unsigned char) data[cnt]);
97                 printk(KERN_DEBUG "[%d/%d].%s[%d]: %s\n",unit,slot, info, i, buf);
98         }
99 }
100
101 /*
102  * unbind isdn_net_local <=> ippp-device
103  * note: it can happen, that we hangup/free the master before the slaves
104  *       in this case we bind another lp to the master device
105  */
106 int
107 isdn_ppp_free(isdn_net_local * lp)
108 {
109         struct ippp_struct *is;
110
111         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
112                 printk(KERN_ERR "%s: ppp_slot(%d) out of range\n",
113                         __FUNCTION__, lp->ppp_slot);
114                 return 0;
115         }
116
117 #ifdef CONFIG_ISDN_MPP
118         spin_lock(&lp->netdev->pb->lock);
119 #endif
120         isdn_net_rm_from_bundle(lp);
121 #ifdef CONFIG_ISDN_MPP
122         if (lp->netdev->pb->ref_ct == 1)        /* last link in queue? */
123                 isdn_ppp_mp_cleanup(lp);
124
125         lp->netdev->pb->ref_ct--;
126         spin_unlock(&lp->netdev->pb->lock);
127 #endif /* CONFIG_ISDN_MPP */
128         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
129                 printk(KERN_ERR "%s: ppp_slot(%d) now invalid\n",
130                         __FUNCTION__, lp->ppp_slot);
131                 return 0;
132         }
133         is = ippp_table[lp->ppp_slot];
134         if ((is->state & IPPP_CONNECT))
135                 isdn_ppp_closewait(lp->ppp_slot);       /* force wakeup on ippp device */
136         else if (is->state & IPPP_ASSIGNED)
137                 is->state = IPPP_OPEN;  /* fallback to 'OPEN but not ASSIGNED' state */
138
139         if (is->debug & 0x1)
140                 printk(KERN_DEBUG "isdn_ppp_free %d %lx %lx\n", lp->ppp_slot, (long) lp, (long) is->lp);
141
142         is->lp = NULL;          /* link is down .. set lp to NULL */
143         lp->ppp_slot = -1;      /* is this OK ?? */
144
145         return 0;
146 }
147
148 /*
149  * bind isdn_net_local <=> ippp-device
150  *
151  * This function is allways called with holding dev->lock so
152  * no additional lock is needed
153  */
154 int
155 isdn_ppp_bind(isdn_net_local * lp)
156 {
157         int i;
158         int unit = 0;
159         struct ippp_struct *is;
160         int retval;
161
162         if (lp->pppbind < 0) {  /* device bounded to ippp device ? */
163                 isdn_net_dev *net_dev = dev->netdev;
164                 char exclusive[ISDN_MAX_CHANNELS];      /* exclusive flags */
165                 memset(exclusive, 0, ISDN_MAX_CHANNELS);
166                 while (net_dev) {       /* step through net devices to find exclusive minors */
167                         isdn_net_local *lp = net_dev->local;
168                         if (lp->pppbind >= 0)
169                                 exclusive[lp->pppbind] = 1;
170                         net_dev = net_dev->next;
171                 }
172                 /*
173                  * search a free device / slot
174                  */
175                 for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
176                         if (ippp_table[i]->state == IPPP_OPEN && !exclusive[ippp_table[i]->minor]) {    /* OPEN, but not connected! */
177                                 break;
178                         }
179                 }
180         } else {
181                 for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
182                         if (ippp_table[i]->minor == lp->pppbind &&
183                             (ippp_table[i]->state & IPPP_OPEN) == IPPP_OPEN)
184                                 break;
185                 }
186         }
187
188         if (i >= ISDN_MAX_CHANNELS) {
189                 printk(KERN_WARNING "isdn_ppp_bind: Can't find a (free) connection to the ipppd daemon.\n");
190                 retval = -1;
191                 goto out;
192         }
193         unit = isdn_ppp_if_get_unit(lp->name);  /* get unit number from interface name .. ugly! */
194         if (unit < 0) {
195                 printk(KERN_ERR "isdn_ppp_bind: illegal interface name %s.\n", lp->name);
196                 retval = -1;
197                 goto out;
198         }
199         
200         lp->ppp_slot = i;
201         is = ippp_table[i];
202         is->lp = lp;
203         is->unit = unit;
204         is->state = IPPP_OPEN | IPPP_ASSIGNED;  /* assigned to a netdevice but not connected */
205 #ifdef CONFIG_ISDN_MPP
206         retval = isdn_ppp_mp_init(lp, NULL);
207         if (retval < 0)
208                 goto out;
209 #endif /* CONFIG_ISDN_MPP */
210
211         retval = lp->ppp_slot;
212
213  out:
214         return retval;
215 }
216
217 /*
218  * kick the ipppd on the device
219  * (wakes up daemon after B-channel connect)
220  */
221
222 void
223 isdn_ppp_wakeup_daemon(isdn_net_local * lp)
224 {
225         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
226                 printk(KERN_ERR "%s: ppp_slot(%d) out of range\n",
227                         __FUNCTION__, lp->ppp_slot);
228                 return;
229         }
230         ippp_table[lp->ppp_slot]->state = IPPP_OPEN | IPPP_CONNECT | IPPP_NOBLOCK;
231         wake_up_interruptible(&ippp_table[lp->ppp_slot]->wq);
232 }
233
234 /*
235  * there was a hangup on the netdevice
236  * force wakeup of the ippp device
237  * go into 'device waits for release' state
238  */
239 static int
240 isdn_ppp_closewait(int slot)
241 {
242         struct ippp_struct *is;
243
244         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
245                 printk(KERN_ERR "%s: slot(%d) out of range\n",
246                         __FUNCTION__, slot);
247                 return 0;
248         }
249         is = ippp_table[slot];
250         if (is->state)
251                 wake_up_interruptible(&is->wq);
252         is->state = IPPP_CLOSEWAIT;
253         return 1;
254 }
255
256 /*
257  * isdn_ppp_find_slot / isdn_ppp_free_slot
258  */
259
260 static int
261 isdn_ppp_get_slot(void)
262 {
263         int i;
264         for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
265                 if (!ippp_table[i]->state)
266                         return i;
267         }
268         return -1;
269 }
270
271 /*
272  * isdn_ppp_open
273  */
274
275 int
276 isdn_ppp_open(int min, struct file *file)
277 {
278         int slot;
279         struct ippp_struct *is;
280
281         if (min < 0 || min >= ISDN_MAX_CHANNELS)
282                 return -ENODEV;
283
284         slot = isdn_ppp_get_slot();
285         if (slot < 0) {
286                 return -EBUSY;
287         }
288         is = file->private_data = ippp_table[slot];
289         
290         printk(KERN_DEBUG "ippp, open, slot: %d, minor: %d, state: %04x\n",
291                slot, min, is->state);
292
293         /* compression stuff */
294         is->link_compressor   = is->compressor = NULL;
295         is->link_decompressor = is->decompressor = NULL;
296         is->link_comp_stat    = is->comp_stat = NULL;
297         is->link_decomp_stat  = is->decomp_stat = NULL;
298         is->compflags = 0;
299
300         is->reset = isdn_ppp_ccp_reset_alloc(is);
301
302         is->lp = NULL;
303         is->mp_seqno = 0;       /* MP sequence number */
304         is->pppcfg = 0;         /* ppp configuration */
305         is->mpppcfg = 0;        /* mppp configuration */
306         is->last_link_seqno = -1;       /* MP: maybe set to Bundle-MIN, when joining a bundle ?? */
307         is->unit = -1;          /* set, when we have our interface */
308         is->mru = 1524;         /* MRU, default 1524 */
309         is->maxcid = 16;        /* VJ: maxcid */
310         is->tk = current;
311         init_waitqueue_head(&is->wq);
312         is->first = is->rq + NUM_RCV_BUFFS - 1; /* receive queue */
313         is->last = is->rq;
314         is->minor = min;
315 #ifdef CONFIG_ISDN_PPP_VJ
316         /*
317          * VJ header compression init
318          */
319         is->slcomp = slhc_init(16, 16); /* not necessary for 2. link in bundle */
320 #endif
321 #ifdef CONFIG_IPPP_FILTER
322         is->pass_filter = NULL;
323         is->active_filter = NULL;
324 #endif
325         is->state = IPPP_OPEN;
326
327         return 0;
328 }
329
330 /*
331  * release ippp device
332  */
333 void
334 isdn_ppp_release(int min, struct file *file)
335 {
336         int i;
337         struct ippp_struct *is;
338
339         if (min < 0 || min >= ISDN_MAX_CHANNELS)
340                 return;
341         is = file->private_data;
342
343         if (!is) {
344                 printk(KERN_ERR "%s: no file->private_data\n", __FUNCTION__);
345                 return;
346         }
347         if (is->debug & 0x1)
348                 printk(KERN_DEBUG "ippp: release, minor: %d %lx\n", min, (long) is->lp);
349
350         if (is->lp) {           /* a lp address says: this link is still up */
351                 isdn_net_dev *p = is->lp->netdev;
352
353                 if (!p) {
354                         printk(KERN_ERR "%s: no lp->netdev\n", __FUNCTION__);
355                         return;
356                 }
357                 is->state &= ~IPPP_CONNECT;     /* -> effect: no call of wakeup */
358                 /*
359                  * isdn_net_hangup() calls isdn_ppp_free()
360                  * isdn_ppp_free() sets is->lp to NULL and lp->ppp_slot to -1
361                  * removing the IPPP_CONNECT flag omits calling of isdn_ppp_wakeup_daemon()
362                  */
363                 isdn_net_hangup(&p->dev);
364         }
365         for (i = 0; i < NUM_RCV_BUFFS; i++) {
366                 kfree(is->rq[i].buf);
367                 is->rq[i].buf = NULL;
368         }
369         is->first = is->rq + NUM_RCV_BUFFS - 1; /* receive queue */
370         is->last = is->rq;
371
372 #ifdef CONFIG_ISDN_PPP_VJ
373 /* TODO: if this was the previous master: link the slcomp to the new master */
374         slhc_free(is->slcomp);
375         is->slcomp = NULL;
376 #endif
377 #ifdef CONFIG_IPPP_FILTER
378         kfree(is->pass_filter);
379         is->pass_filter = NULL;
380         kfree(is->active_filter);
381         is->active_filter = NULL;
382 #endif
383
384 /* TODO: if this was the previous master: link the stuff to the new master */
385         if(is->comp_stat)
386                 is->compressor->free(is->comp_stat);
387         if(is->link_comp_stat)
388                 is->link_compressor->free(is->link_comp_stat);
389         if(is->link_decomp_stat)
390                 is->link_decompressor->free(is->link_decomp_stat);
391         if(is->decomp_stat)
392                 is->decompressor->free(is->decomp_stat);
393         is->compressor   = is->link_compressor   = NULL;
394         is->decompressor = is->link_decompressor = NULL;
395         is->comp_stat    = is->link_comp_stat    = NULL;
396         is->decomp_stat  = is->link_decomp_stat  = NULL;
397
398         /* Clean up if necessary */
399         if(is->reset)
400                 isdn_ppp_ccp_reset_free(is);
401
402         /* this slot is ready for new connections */
403         is->state = 0;
404 }
405
406 /*
407  * get_arg .. ioctl helper
408  */
409 static int
410 get_arg(void __user *b, void *val, int len)
411 {
412         if (len <= 0)
413                 len = sizeof(void *);
414         if (copy_from_user(val, b, len))
415                 return -EFAULT;
416         return 0;
417 }
418
419 /*
420  * set arg .. ioctl helper
421  */
422 static int
423 set_arg(void __user *b, void *val,int len)
424 {
425         if(len <= 0)
426                 len = sizeof(void *);
427         if (copy_to_user(b, val, len))
428                 return -EFAULT;
429         return 0;
430 }
431
432 static int get_filter(void __user *arg, struct sock_filter **p)
433 {
434         struct sock_fprog uprog;
435         struct sock_filter *code = NULL;
436         int len, err;
437
438         if (copy_from_user(&uprog, arg, sizeof(uprog)))
439                 return -EFAULT;
440
441         if (!uprog.len) {
442                 *p = NULL;
443                 return 0;
444         }
445
446         /* uprog.len is unsigned short, so no overflow here */
447         len = uprog.len * sizeof(struct sock_filter);
448         code = kmalloc(len, GFP_KERNEL);
449         if (code == NULL)
450                 return -ENOMEM;
451
452         if (copy_from_user(code, uprog.filter, len)) {
453                 kfree(code);
454                 return -EFAULT;
455         }
456
457         err = sk_chk_filter(code, uprog.len);
458         if (err) {
459                 kfree(code);
460                 return err;
461         }
462
463         *p = code;
464         return uprog.len;
465 }
466
467 /*
468  * ippp device ioctl
469  */
470 int
471 isdn_ppp_ioctl(int min, struct file *file, unsigned int cmd, unsigned long arg)
472 {
473         unsigned long val;
474         int r,i,j;
475         struct ippp_struct *is;
476         isdn_net_local *lp;
477         struct isdn_ppp_comp_data data;
478         void __user *argp = (void __user *)arg;
479
480         is = (struct ippp_struct *) file->private_data;
481         lp = is->lp;
482
483         if (is->debug & 0x1)
484                 printk(KERN_DEBUG "isdn_ppp_ioctl: minor: %d cmd: %x state: %x\n", min, cmd, is->state);
485
486         if (!(is->state & IPPP_OPEN))
487                 return -EINVAL;
488
489         switch (cmd) {
490                 case PPPIOCBUNDLE:
491 #ifdef CONFIG_ISDN_MPP
492                         if (!(is->state & IPPP_CONNECT))
493                                 return -EINVAL;
494                         if ((r = get_arg(argp, &val, sizeof(val) )))
495                                 return r;
496                         printk(KERN_DEBUG "iPPP-bundle: minor: %d, slave unit: %d, master unit: %d\n",
497                                (int) min, (int) is->unit, (int) val);
498                         return isdn_ppp_bundle(is, val);
499 #else
500                         return -1;
501 #endif
502                         break;
503                 case PPPIOCGUNIT:       /* get ppp/isdn unit number */
504                         if ((r = set_arg(argp, &is->unit, sizeof(is->unit) )))
505                                 return r;
506                         break;
507                 case PPPIOCGIFNAME:
508                         if(!lp)
509                                 return -EINVAL;
510                         if ((r = set_arg(argp, lp->name, strlen(lp->name))))
511                                 return r;
512                         break;
513                 case PPPIOCGMPFLAGS:    /* get configuration flags */
514                         if ((r = set_arg(argp, &is->mpppcfg, sizeof(is->mpppcfg) )))
515                                 return r;
516                         break;
517                 case PPPIOCSMPFLAGS:    /* set configuration flags */
518                         if ((r = get_arg(argp, &val, sizeof(val) )))
519                                 return r;
520                         is->mpppcfg = val;
521                         break;
522                 case PPPIOCGFLAGS:      /* get configuration flags */
523                         if ((r = set_arg(argp, &is->pppcfg,sizeof(is->pppcfg) )))
524                                 return r;
525                         break;
526                 case PPPIOCSFLAGS:      /* set configuration flags */
527                         if ((r = get_arg(argp, &val, sizeof(val) ))) {
528                                 return r;
529                         }
530                         if (val & SC_ENABLE_IP && !(is->pppcfg & SC_ENABLE_IP) && (is->state & IPPP_CONNECT)) {
531                                 if (lp) {
532                                         /* OK .. we are ready to send buffers */
533                                         is->pppcfg = val; /* isdn_ppp_xmit test for SC_ENABLE_IP !!! */
534                                         netif_wake_queue(&lp->netdev->dev);
535                                         break;
536                                 }
537                         }
538                         is->pppcfg = val;
539                         break;
540                 case PPPIOCGIDLE:       /* get idle time information */
541                         if (lp) {
542                                 struct ppp_idle pidle;
543                                 pidle.xmit_idle = pidle.recv_idle = lp->huptimer;
544                                 if ((r = set_arg(argp, &pidle,sizeof(struct ppp_idle))))
545                                          return r;
546                         }
547                         break;
548                 case PPPIOCSMRU:        /* set receive unit size for PPP */
549                         if ((r = get_arg(argp, &val, sizeof(val) )))
550                                 return r;
551                         is->mru = val;
552                         break;
553                 case PPPIOCSMPMRU:
554                         break;
555                 case PPPIOCSMPMTU:
556                         break;
557                 case PPPIOCSMAXCID:     /* set the maximum compression slot id */
558                         if ((r = get_arg(argp, &val, sizeof(val) )))
559                                 return r;
560                         val++;
561                         if (is->maxcid != val) {
562 #ifdef CONFIG_ISDN_PPP_VJ
563                                 struct slcompress *sltmp;
564 #endif
565                                 if (is->debug & 0x1)
566                                         printk(KERN_DEBUG "ippp, ioctl: changed MAXCID to %ld\n", val);
567                                 is->maxcid = val;
568 #ifdef CONFIG_ISDN_PPP_VJ
569                                 sltmp = slhc_init(16, val);
570                                 if (!sltmp) {
571                                         printk(KERN_ERR "ippp, can't realloc slhc struct\n");
572                                         return -ENOMEM;
573                                 }
574                                 if (is->slcomp)
575                                         slhc_free(is->slcomp);
576                                 is->slcomp = sltmp;
577 #endif
578                         }
579                         break;
580                 case PPPIOCGDEBUG:
581                         if ((r = set_arg(argp, &is->debug, sizeof(is->debug) )))
582                                 return r;
583                         break;
584                 case PPPIOCSDEBUG:
585                         if ((r = get_arg(argp, &val, sizeof(val) )))
586                                 return r;
587                         is->debug = val;
588                         break;
589                 case PPPIOCGCOMPRESSORS:
590                         {
591                                 unsigned long protos[8] = {0,};
592                                 struct isdn_ppp_compressor *ipc = ipc_head;
593                                 while(ipc) {
594                                         j = ipc->num / (sizeof(long)*8);
595                                         i = ipc->num % (sizeof(long)*8);
596                                         if(j < 8)
597                                                 protos[j] |= (0x1<<i);
598                                         ipc = ipc->next;
599                                 }
600                                 if ((r = set_arg(argp,protos,8*sizeof(long) )))
601                                         return r;
602                         }
603                         break;
604                 case PPPIOCSCOMPRESSOR:
605                         if ((r = get_arg(argp, &data, sizeof(struct isdn_ppp_comp_data))))
606                                 return r;
607                         return isdn_ppp_set_compressor(is, &data);
608                 case PPPIOCGCALLINFO:
609                         {
610                                 struct pppcallinfo pci;
611                                 memset((char *) &pci,0,sizeof(struct pppcallinfo));
612                                 if(lp)
613                                 {
614                                         strncpy(pci.local_num,lp->msn,63);
615                                         if(lp->dial) {
616                                                 strncpy(pci.remote_num,lp->dial->num,63);
617                                         }
618                                         pci.charge_units = lp->charge;
619                                         if(lp->outgoing)
620                                                 pci.calltype = CALLTYPE_OUTGOING;
621                                         else
622                                                 pci.calltype = CALLTYPE_INCOMING;
623                                         if(lp->flags & ISDN_NET_CALLBACK)
624                                                 pci.calltype |= CALLTYPE_CALLBACK;
625                                 }
626                                 return set_arg(argp,&pci,sizeof(struct pppcallinfo));
627                         }
628 #ifdef CONFIG_IPPP_FILTER
629                 case PPPIOCSPASS:
630                         {
631                                 struct sock_filter *code;
632                                 int len = get_filter(argp, &code);
633                                 if (len < 0)
634                                         return len;
635                                 kfree(is->pass_filter);
636                                 is->pass_filter = code;
637                                 is->pass_len = len;
638                                 break;
639                         }
640                 case PPPIOCSACTIVE:
641                         {
642                                 struct sock_filter *code;
643                                 int len = get_filter(argp, &code);
644                                 if (len < 0)
645                                         return len;
646                                 kfree(is->active_filter);
647                                 is->active_filter = code;
648                                 is->active_len = len;
649                                 break;
650                         }
651 #endif /* CONFIG_IPPP_FILTER */
652                 default:
653                         break;
654         }
655         return 0;
656 }
657
658 unsigned int
659 isdn_ppp_poll(struct file *file, poll_table * wait)
660 {
661         u_int mask;
662         struct ippp_buf_queue *bf, *bl;
663         u_long flags;
664         struct ippp_struct *is;
665
666         is = file->private_data;
667
668         if (is->debug & 0x2)
669                 printk(KERN_DEBUG "isdn_ppp_poll: minor: %d\n",
670                                 iminor(file->f_path.dentry->d_inode));
671
672         /* just registers wait_queue hook. This doesn't really wait. */
673         poll_wait(file, &is->wq, wait);
674
675         if (!(is->state & IPPP_OPEN)) {
676                 if(is->state == IPPP_CLOSEWAIT)
677                         return POLLHUP;
678                 printk(KERN_DEBUG "isdn_ppp: device not open\n");
679                 return POLLERR;
680         }
681         /* we're always ready to send .. */
682         mask = POLLOUT | POLLWRNORM;
683
684         spin_lock_irqsave(&is->buflock, flags);
685         bl = is->last;
686         bf = is->first;
687         /*
688          * if IPPP_NOBLOCK is set we return even if we have nothing to read
689          */
690         if (bf->next != bl || (is->state & IPPP_NOBLOCK)) {
691                 is->state &= ~IPPP_NOBLOCK;
692                 mask |= POLLIN | POLLRDNORM;
693         }
694         spin_unlock_irqrestore(&is->buflock, flags);
695         return mask;
696 }
697
698 /*
699  *  fill up isdn_ppp_read() queue ..
700  */
701
702 static int
703 isdn_ppp_fill_rq(unsigned char *buf, int len, int proto, int slot)
704 {
705         struct ippp_buf_queue *bf, *bl;
706         u_long flags;
707         u_char *nbuf;
708         struct ippp_struct *is;
709
710         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
711                 printk(KERN_WARNING "ippp: illegal slot(%d).\n", slot);
712                 return 0;
713         }
714         is = ippp_table[slot];
715
716         if (!(is->state & IPPP_CONNECT)) {
717                 printk(KERN_DEBUG "ippp: device not activated.\n");
718                 return 0;
719         }
720         nbuf = kmalloc(len + 4, GFP_ATOMIC);
721         if (!nbuf) {
722                 printk(KERN_WARNING "ippp: Can't alloc buf\n");
723                 return 0;
724         }
725         nbuf[0] = PPP_ALLSTATIONS;
726         nbuf[1] = PPP_UI;
727         nbuf[2] = proto >> 8;
728         nbuf[3] = proto & 0xff;
729         memcpy(nbuf + 4, buf, len);
730
731         spin_lock_irqsave(&is->buflock, flags);
732         bf = is->first;
733         bl = is->last;
734
735         if (bf == bl) {
736                 printk(KERN_WARNING "ippp: Queue is full; discarding first buffer\n");
737                 bf = bf->next;
738                 kfree(bf->buf);
739                 is->first = bf;
740         }
741         bl->buf = (char *) nbuf;
742         bl->len = len + 4;
743
744         is->last = bl->next;
745         spin_unlock_irqrestore(&is->buflock, flags);
746         wake_up_interruptible(&is->wq);
747         return len;
748 }
749
750 /*
751  * read() .. non-blocking: ipppd calls it only after select()
752  *           reports, that there is data
753  */
754
755 int
756 isdn_ppp_read(int min, struct file *file, char __user *buf, int count)
757 {
758         struct ippp_struct *is;
759         struct ippp_buf_queue *b;
760         u_long flags;
761         u_char *save_buf;
762
763         is = file->private_data;
764
765         if (!(is->state & IPPP_OPEN))
766                 return 0;
767
768         if (!access_ok(VERIFY_WRITE, buf, count))
769                 return -EFAULT;
770
771         spin_lock_irqsave(&is->buflock, flags);
772         b = is->first->next;
773         save_buf = b->buf;
774         if (!save_buf) {
775                 spin_unlock_irqrestore(&is->buflock, flags);
776                 return -EAGAIN;
777         }
778         if (b->len < count)
779                 count = b->len;
780         b->buf = NULL;
781         is->first = b;
782
783         spin_unlock_irqrestore(&is->buflock, flags);
784         if (copy_to_user(buf, save_buf, count))
785                 count = -EFAULT;
786         kfree(save_buf);
787
788         return count;
789 }
790
791 /*
792  * ipppd wanna write a packet to the card .. non-blocking
793  */
794
795 int
796 isdn_ppp_write(int min, struct file *file, const char __user *buf, int count)
797 {
798         isdn_net_local *lp;
799         struct ippp_struct *is;
800         int proto;
801         unsigned char protobuf[4];
802
803         is = file->private_data;
804
805         if (!(is->state & IPPP_CONNECT))
806                 return 0;
807
808         lp = is->lp;
809
810         /* -> push it directly to the lowlevel interface */
811
812         if (!lp)
813                 printk(KERN_DEBUG "isdn_ppp_write: lp == NULL\n");
814         else {
815                 /*
816                  * Don't reset huptimer for
817                  * LCP packets. (Echo requests).
818                  */
819                 if (copy_from_user(protobuf, buf, 4))
820                         return -EFAULT;
821                 proto = PPP_PROTOCOL(protobuf);
822                 if (proto != PPP_LCP)
823                         lp->huptimer = 0;
824
825                 if (lp->isdn_device < 0 || lp->isdn_channel < 0)
826                         return 0;
827
828                 if ((dev->drv[lp->isdn_device]->flags & DRV_FLAG_RUNNING) &&
829                         lp->dialstate == 0 &&
830                     (lp->flags & ISDN_NET_CONNECTED)) {
831                         unsigned short hl;
832                         struct sk_buff *skb;
833                         /*
834                          * we need to reserve enought space in front of
835                          * sk_buff. old call to dev_alloc_skb only reserved
836                          * 16 bytes, now we are looking what the driver want
837                          */
838                         hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen;
839                         skb = alloc_skb(hl+count, GFP_ATOMIC);
840                         if (!skb) {
841                                 printk(KERN_WARNING "isdn_ppp_write: out of memory!\n");
842                                 return count;
843                         }
844                         skb_reserve(skb, hl);
845                         if (copy_from_user(skb_put(skb, count), buf, count))
846                         {
847                                 kfree_skb(skb);
848                                 return -EFAULT;
849                         }
850                         if (is->debug & 0x40) {
851                                 printk(KERN_DEBUG "ppp xmit: len %d\n", (int) skb->len);
852                                 isdn_ppp_frame_log("xmit", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
853                         }
854
855                         isdn_ppp_send_ccp(lp->netdev,lp,skb); /* keeps CCP/compression states in sync */
856
857                         isdn_net_write_super(lp, skb);
858                 }
859         }
860         return count;
861 }
862
863 /*
864  * init memory, structures etc.
865  */
866
867 int
868 isdn_ppp_init(void)
869 {
870         int i,
871          j;
872          
873 #ifdef CONFIG_ISDN_MPP
874         if( isdn_ppp_mp_bundle_array_init() < 0 )
875                 return -ENOMEM;
876 #endif /* CONFIG_ISDN_MPP */
877
878         for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
879                 if (!(ippp_table[i] = kzalloc(sizeof(struct ippp_struct), GFP_KERNEL))) {
880                         printk(KERN_WARNING "isdn_ppp_init: Could not alloc ippp_table\n");
881                         for (j = 0; j < i; j++)
882                                 kfree(ippp_table[j]);
883                         return -1;
884                 }
885                 spin_lock_init(&ippp_table[i]->buflock);
886                 ippp_table[i]->state = 0;
887                 ippp_table[i]->first = ippp_table[i]->rq + NUM_RCV_BUFFS - 1;
888                 ippp_table[i]->last = ippp_table[i]->rq;
889
890                 for (j = 0; j < NUM_RCV_BUFFS; j++) {
891                         ippp_table[i]->rq[j].buf = NULL;
892                         ippp_table[i]->rq[j].last = ippp_table[i]->rq +
893                             (NUM_RCV_BUFFS + j - 1) % NUM_RCV_BUFFS;
894                         ippp_table[i]->rq[j].next = ippp_table[i]->rq + (j + 1) % NUM_RCV_BUFFS;
895                 }
896         }
897         return 0;
898 }
899
900 void
901 isdn_ppp_cleanup(void)
902 {
903         int i;
904
905         for (i = 0; i < ISDN_MAX_CHANNELS; i++)
906                 kfree(ippp_table[i]);
907
908 #ifdef CONFIG_ISDN_MPP
909         kfree(isdn_ppp_bundle_arr);
910 #endif /* CONFIG_ISDN_MPP */
911
912 }
913
914 /*
915  * check for address/control field and skip if allowed
916  * retval != 0 -> discard packet silently
917  */
918 static int isdn_ppp_skip_ac(struct ippp_struct *is, struct sk_buff *skb) 
919 {
920         if (skb->len < 1)
921                 return -1;
922
923         if (skb->data[0] == 0xff) {
924                 if (skb->len < 2)
925                         return -1;
926
927                 if (skb->data[1] != 0x03)
928                         return -1;
929
930                 // skip address/control (AC) field
931                 skb_pull(skb, 2);
932         } else { 
933                 if (is->pppcfg & SC_REJ_COMP_AC)
934                         // if AC compression was not negotiated, but used, discard packet
935                         return -1;
936         }
937         return 0;
938 }
939
940 /*
941  * get the PPP protocol header and pull skb
942  * retval < 0 -> discard packet silently
943  */
944 static int isdn_ppp_strip_proto(struct sk_buff *skb) 
945 {
946         int proto;
947         
948         if (skb->len < 1)
949                 return -1;
950
951         if (skb->data[0] & 0x1) {
952                 // protocol field is compressed
953                 proto = skb->data[0];
954                 skb_pull(skb, 1);
955         } else {
956                 if (skb->len < 2)
957                         return -1;
958                 proto = ((int) skb->data[0] << 8) + skb->data[1];
959                 skb_pull(skb, 2);
960         }
961         return proto;
962 }
963
964
965 /*
966  * handler for incoming packets on a syncPPP interface
967  */
968 void isdn_ppp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, struct sk_buff *skb)
969 {
970         struct ippp_struct *is;
971         int slot;
972         int proto;
973
974         BUG_ON(net_dev->local->master); // we're called with the master device always
975
976         slot = lp->ppp_slot;
977         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
978                 printk(KERN_ERR "isdn_ppp_receive: lp->ppp_slot(%d)\n",
979                         lp->ppp_slot);
980                 kfree_skb(skb);
981                 return;
982         }
983         is = ippp_table[slot];
984
985         if (is->debug & 0x4) {
986                 printk(KERN_DEBUG "ippp_receive: is:%08lx lp:%08lx slot:%d unit:%d len:%d\n",
987                        (long)is,(long)lp,lp->ppp_slot,is->unit,(int) skb->len);
988                 isdn_ppp_frame_log("receive", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
989         }
990
991         if (isdn_ppp_skip_ac(is, skb) < 0) {
992                 kfree_skb(skb);
993                 return;
994         }
995         proto = isdn_ppp_strip_proto(skb);
996         if (proto < 0) {
997                 kfree_skb(skb);
998                 return;
999         }
1000   
1001 #ifdef CONFIG_ISDN_MPP
1002         if (is->compflags & SC_LINK_DECOMP_ON) {
1003                 skb = isdn_ppp_decompress(skb, is, NULL, &proto);
1004                 if (!skb) // decompression error
1005                         return;
1006         }
1007         
1008         if (!(is->mpppcfg & SC_REJ_MP_PROT)) { // we agreed to receive MPPP
1009                 if (proto == PPP_MP) {
1010                         isdn_ppp_mp_receive(net_dev, lp, skb);
1011                         return;
1012                 }
1013         } 
1014 #endif
1015         isdn_ppp_push_higher(net_dev, lp, skb, proto);
1016 }
1017
1018 /*
1019  * we receive a reassembled frame, MPPP has been taken care of before.
1020  * address/control and protocol have been stripped from the skb
1021  * note: net_dev has to be master net_dev
1022  */
1023 static void
1024 isdn_ppp_push_higher(isdn_net_dev * net_dev, isdn_net_local * lp, struct sk_buff *skb, int proto)
1025 {
1026         struct net_device *dev = &net_dev->dev;
1027         struct ippp_struct *is, *mis;
1028         isdn_net_local *mlp = NULL;
1029         int slot;
1030
1031         slot = lp->ppp_slot;
1032         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1033                 printk(KERN_ERR "isdn_ppp_push_higher: lp->ppp_slot(%d)\n",
1034                         lp->ppp_slot);
1035                 goto drop_packet;
1036         }
1037         is = ippp_table[slot];
1038         
1039         if (lp->master) { // FIXME?
1040                 mlp = (isdn_net_local *) lp->master->priv;
1041                 slot = mlp->ppp_slot;
1042                 if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1043                         printk(KERN_ERR "isdn_ppp_push_higher: master->ppp_slot(%d)\n",
1044                                 lp->ppp_slot);
1045                         goto drop_packet;
1046                 }
1047         }
1048         mis = ippp_table[slot];
1049
1050         if (is->debug & 0x10) {
1051                 printk(KERN_DEBUG "push, skb %d %04x\n", (int) skb->len, proto);
1052                 isdn_ppp_frame_log("rpush", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
1053         }
1054         if (mis->compflags & SC_DECOMP_ON) {
1055                 skb = isdn_ppp_decompress(skb, is, mis, &proto);
1056                 if (!skb) // decompression error
1057                         return;
1058         }
1059         switch (proto) {
1060                 case PPP_IPX:  /* untested */
1061                         if (is->debug & 0x20)
1062                                 printk(KERN_DEBUG "isdn_ppp: IPX\n");
1063                         skb->protocol = htons(ETH_P_IPX);
1064                         break;
1065                 case PPP_IP:
1066                         if (is->debug & 0x20)
1067                                 printk(KERN_DEBUG "isdn_ppp: IP\n");
1068                         skb->protocol = htons(ETH_P_IP);
1069                         break;
1070                 case PPP_COMP:
1071                 case PPP_COMPFRAG:
1072                         printk(KERN_INFO "isdn_ppp: unexpected compressed frame dropped\n");
1073                         goto drop_packet;
1074 #ifdef CONFIG_ISDN_PPP_VJ
1075                 case PPP_VJC_UNCOMP:
1076                         if (is->debug & 0x20)
1077                                 printk(KERN_DEBUG "isdn_ppp: VJC_UNCOMP\n");
1078                         if (net_dev->local->ppp_slot < 0) {
1079                                 printk(KERN_ERR "%s: net_dev->local->ppp_slot(%d) out of range\n",
1080                                         __FUNCTION__, net_dev->local->ppp_slot);
1081                                 goto drop_packet;
1082                         }
1083                         if (slhc_remember(ippp_table[net_dev->local->ppp_slot]->slcomp, skb->data, skb->len) <= 0) {
1084                                 printk(KERN_WARNING "isdn_ppp: received illegal VJC_UNCOMP frame!\n");
1085                                 goto drop_packet;
1086                         }
1087                         skb->protocol = htons(ETH_P_IP);
1088                         break;
1089                 case PPP_VJC_COMP:
1090                         if (is->debug & 0x20)
1091                                 printk(KERN_DEBUG "isdn_ppp: VJC_COMP\n");
1092                         {
1093                                 struct sk_buff *skb_old = skb;
1094                                 int pkt_len;
1095                                 skb = dev_alloc_skb(skb_old->len + 128);
1096
1097                                 if (!skb) {
1098                                         printk(KERN_WARNING "%s: Memory squeeze, dropping packet.\n", dev->name);
1099                                         skb = skb_old;
1100                                         goto drop_packet;
1101                                 }
1102                                 skb_put(skb, skb_old->len + 128);
1103                                 memcpy(skb->data, skb_old->data, skb_old->len);
1104                                 if (net_dev->local->ppp_slot < 0) {
1105                                         printk(KERN_ERR "%s: net_dev->local->ppp_slot(%d) out of range\n",
1106                                                 __FUNCTION__, net_dev->local->ppp_slot);
1107                                         goto drop_packet;
1108                                 }
1109                                 pkt_len = slhc_uncompress(ippp_table[net_dev->local->ppp_slot]->slcomp,
1110                                                 skb->data, skb_old->len);
1111                                 kfree_skb(skb_old);
1112                                 if (pkt_len < 0)
1113                                         goto drop_packet;
1114
1115                                 skb_trim(skb, pkt_len);
1116                                 skb->protocol = htons(ETH_P_IP);
1117                         }
1118                         break;
1119 #endif
1120                 case PPP_CCP:
1121                 case PPP_CCPFRAG:
1122                         isdn_ppp_receive_ccp(net_dev,lp,skb,proto);
1123                         /* Dont pop up ResetReq/Ack stuff to the daemon any
1124                            longer - the job is done already */
1125                         if(skb->data[0] == CCP_RESETREQ ||
1126                            skb->data[0] == CCP_RESETACK)
1127                                 break;
1128                         /* fall through */
1129                 default:
1130                         isdn_ppp_fill_rq(skb->data, skb->len, proto, lp->ppp_slot);     /* push data to pppd device */
1131                         kfree_skb(skb);
1132                         return;
1133         }
1134
1135 #ifdef CONFIG_IPPP_FILTER
1136         /* check if the packet passes the pass and active filters
1137          * the filter instructions are constructed assuming
1138          * a four-byte PPP header on each packet (which is still present) */
1139         skb_push(skb, 4);
1140
1141         {
1142                 u_int16_t *p = (u_int16_t *) skb->data;
1143
1144                 *p = 0; /* indicate inbound */
1145         }
1146
1147         if (is->pass_filter
1148             && sk_run_filter(skb, is->pass_filter, is->pass_len) == 0) {
1149                 if (is->debug & 0x2)
1150                         printk(KERN_DEBUG "IPPP: inbound frame filtered.\n");
1151                 kfree_skb(skb);
1152                 return;
1153         }
1154         if (!(is->active_filter
1155               && sk_run_filter(skb, is->active_filter,
1156                                is->active_len) == 0)) {
1157                 if (is->debug & 0x2)
1158                         printk(KERN_DEBUG "IPPP: link-active filter: reseting huptimer.\n");
1159                 lp->huptimer = 0;
1160                 if (mlp)
1161                         mlp->huptimer = 0;
1162         }
1163         skb_pull(skb, 4);
1164 #else /* CONFIG_IPPP_FILTER */
1165         lp->huptimer = 0;
1166         if (mlp)
1167                 mlp->huptimer = 0;
1168 #endif /* CONFIG_IPPP_FILTER */
1169         skb->dev = dev;
1170         skb->mac.raw = skb->data;
1171         netif_rx(skb);
1172         /* net_dev->local->stats.rx_packets++; done in isdn_net.c */
1173         return;
1174
1175  drop_packet:
1176         net_dev->local->stats.rx_dropped++;
1177         kfree_skb(skb);
1178 }
1179
1180 /*
1181  * isdn_ppp_skb_push ..
1182  * checks whether we have enough space at the beginning of the skb
1183  * and allocs a new SKB if necessary
1184  */
1185 static unsigned char *isdn_ppp_skb_push(struct sk_buff **skb_p,int len)
1186 {
1187         struct sk_buff *skb = *skb_p;
1188
1189         if(skb_headroom(skb) < len) {
1190                 struct sk_buff *nskb = skb_realloc_headroom(skb, len);
1191
1192                 if (!nskb) {
1193                         printk(KERN_ERR "isdn_ppp_skb_push: can't realloc headroom!\n");
1194                         dev_kfree_skb(skb);
1195                         return NULL;
1196                 }
1197                 printk(KERN_DEBUG "isdn_ppp_skb_push:under %d %d\n",skb_headroom(skb),len);
1198                 dev_kfree_skb(skb);
1199                 *skb_p = nskb;
1200                 return skb_push(nskb, len);
1201         }
1202         return skb_push(skb,len);
1203 }
1204
1205 /*
1206  * send ppp frame .. we expect a PIDCOMPressable proto --
1207  *  (here: currently always PPP_IP,PPP_VJC_COMP,PPP_VJC_UNCOMP)
1208  *
1209  * VJ compression may change skb pointer!!! .. requeue with old
1210  * skb isn't allowed!!
1211  */
1212
1213 int
1214 isdn_ppp_xmit(struct sk_buff *skb, struct net_device *netdev)
1215 {
1216         isdn_net_local *lp,*mlp;
1217         isdn_net_dev *nd;
1218         unsigned int proto = PPP_IP;     /* 0x21 */
1219         struct ippp_struct *ipt,*ipts;
1220         int slot, retval = 0;
1221
1222         mlp = (isdn_net_local *) (netdev->priv);
1223         nd = mlp->netdev;       /* get master lp */
1224
1225         slot = mlp->ppp_slot;
1226         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1227                 printk(KERN_ERR "isdn_ppp_xmit: lp->ppp_slot(%d)\n",
1228                         mlp->ppp_slot);
1229                 kfree_skb(skb);
1230                 goto out;
1231         }
1232         ipts = ippp_table[slot];
1233
1234         if (!(ipts->pppcfg & SC_ENABLE_IP)) {   /* PPP connected ? */
1235                 if (ipts->debug & 0x1)
1236                         printk(KERN_INFO "%s: IP frame delayed.\n", netdev->name);
1237                 retval = 1;
1238                 goto out;
1239         }
1240
1241         switch (ntohs(skb->protocol)) {
1242                 case ETH_P_IP:
1243                         proto = PPP_IP;
1244                         break;
1245                 case ETH_P_IPX:
1246                         proto = PPP_IPX;        /* untested */
1247                         break;
1248                 default:
1249                         printk(KERN_ERR "isdn_ppp: skipped unsupported protocol: %#x.\n", 
1250                                skb->protocol);
1251                         dev_kfree_skb(skb);
1252                         goto out;
1253         }
1254
1255         lp = isdn_net_get_locked_lp(nd);
1256         if (!lp) {
1257                 printk(KERN_WARNING "%s: all channels busy - requeuing!\n", netdev->name);
1258                 retval = 1;
1259                 goto out;
1260         }
1261         /* we have our lp locked from now on */
1262
1263         slot = lp->ppp_slot;
1264         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1265                 printk(KERN_ERR "isdn_ppp_xmit: lp->ppp_slot(%d)\n",
1266                         lp->ppp_slot);
1267                 kfree_skb(skb);
1268                 goto unlock;
1269         }
1270         ipt = ippp_table[slot];
1271
1272         /*
1273          * after this line .. requeueing in the device queue is no longer allowed!!!
1274          */
1275
1276         /* Pull off the fake header we stuck on earlier to keep
1277          * the fragmentation code happy.
1278          */
1279         skb_pull(skb,IPPP_MAX_HEADER);
1280
1281 #ifdef CONFIG_IPPP_FILTER
1282         /* check if we should pass this packet
1283          * the filter instructions are constructed assuming
1284          * a four-byte PPP header on each packet */
1285         *skb_push(skb, 4) = 1; /* indicate outbound */
1286
1287         {
1288                 u_int16_t *p = (u_int16_t *) skb->data;
1289
1290                 p++;
1291                 *p   = htons(proto);
1292         }
1293
1294         if (ipt->pass_filter
1295             && sk_run_filter(skb, ipt->pass_filter, ipt->pass_len) == 0) {
1296                 if (ipt->debug & 0x4)
1297                         printk(KERN_DEBUG "IPPP: outbound frame filtered.\n");
1298                 kfree_skb(skb);
1299                 goto unlock;
1300         }
1301         if (!(ipt->active_filter
1302               && sk_run_filter(skb, ipt->active_filter,
1303                                ipt->active_len) == 0)) {
1304                 if (ipt->debug & 0x4)
1305                         printk(KERN_DEBUG "IPPP: link-active filter: reseting huptimer.\n");
1306                 lp->huptimer = 0;
1307         }
1308         skb_pull(skb, 4);
1309 #else /* CONFIG_IPPP_FILTER */
1310         lp->huptimer = 0;
1311 #endif /* CONFIG_IPPP_FILTER */
1312
1313         if (ipt->debug & 0x4)
1314                 printk(KERN_DEBUG "xmit skb, len %d\n", (int) skb->len);
1315         if (ipts->debug & 0x40)
1316                 isdn_ppp_frame_log("xmit0", skb->data, skb->len, 32,ipts->unit,lp->ppp_slot);
1317
1318 #ifdef CONFIG_ISDN_PPP_VJ
1319         if (proto == PPP_IP && ipts->pppcfg & SC_COMP_TCP) {    /* ipts here? probably yes, but check this again */
1320                 struct sk_buff *new_skb;
1321                 unsigned short hl;
1322                 /*
1323                  * we need to reserve enought space in front of
1324                  * sk_buff. old call to dev_alloc_skb only reserved
1325                  * 16 bytes, now we are looking what the driver want.
1326                  */
1327                 hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen + IPPP_MAX_HEADER;
1328                 /* 
1329                  * Note: hl might still be insufficient because the method
1330                  * above does not account for a possibible MPPP slave channel
1331                  * which had larger HL header space requirements than the
1332                  * master.
1333                  */
1334                 new_skb = alloc_skb(hl+skb->len, GFP_ATOMIC);
1335                 if (new_skb) {
1336                         u_char *buf;
1337                         int pktlen;
1338
1339                         skb_reserve(new_skb, hl);
1340                         new_skb->dev = skb->dev;
1341                         skb_put(new_skb, skb->len);
1342                         buf = skb->data;
1343
1344                         pktlen = slhc_compress(ipts->slcomp, skb->data, skb->len, new_skb->data,
1345                                  &buf, !(ipts->pppcfg & SC_NO_TCP_CCID));
1346
1347                         if (buf != skb->data) { 
1348                                 if (new_skb->data != buf)
1349                                         printk(KERN_ERR "isdn_ppp: FATAL error after slhc_compress!!\n");
1350                                 dev_kfree_skb(skb);
1351                                 skb = new_skb;
1352                         } else {
1353                                 dev_kfree_skb(new_skb);
1354                         }
1355
1356                         skb_trim(skb, pktlen);
1357                         if (skb->data[0] & SL_TYPE_COMPRESSED_TCP) {    /* cslip? style -> PPP */
1358                                 proto = PPP_VJC_COMP;
1359                                 skb->data[0] ^= SL_TYPE_COMPRESSED_TCP;
1360                         } else {
1361                                 if (skb->data[0] >= SL_TYPE_UNCOMPRESSED_TCP)
1362                                         proto = PPP_VJC_UNCOMP;
1363                                 skb->data[0] = (skb->data[0] & 0x0f) | 0x40;
1364                         }
1365                 }
1366         }
1367 #endif
1368
1369         /*
1370          * normal (single link) or bundle compression
1371          */
1372         if(ipts->compflags & SC_COMP_ON) {
1373                 /* We send compressed only if both down- und upstream
1374                    compression is negotiated, that means, CCP is up */
1375                 if(ipts->compflags & SC_DECOMP_ON) {
1376                         skb = isdn_ppp_compress(skb,&proto,ipt,ipts,0);
1377                 } else {
1378                         printk(KERN_DEBUG "isdn_ppp: CCP not yet up - sending as-is\n");
1379                 }
1380         }
1381
1382         if (ipt->debug & 0x24)
1383                 printk(KERN_DEBUG "xmit2 skb, len %d, proto %04x\n", (int) skb->len, proto);
1384
1385 #ifdef CONFIG_ISDN_MPP
1386         if (ipt->mpppcfg & SC_MP_PROT) {
1387                 /* we get mp_seqno from static isdn_net_local */
1388                 long mp_seqno = ipts->mp_seqno;
1389                 ipts->mp_seqno++;
1390                 if (ipt->mpppcfg & SC_OUT_SHORT_SEQ) {
1391                         unsigned char *data = isdn_ppp_skb_push(&skb, 3);
1392                         if(!data)
1393                                 goto unlock;
1394                         mp_seqno &= 0xfff;
1395                         data[0] = MP_BEGIN_FRAG | MP_END_FRAG | ((mp_seqno >> 8) & 0xf);        /* (B)egin & (E)ndbit .. */
1396                         data[1] = mp_seqno & 0xff;
1397                         data[2] = proto;        /* PID compression */
1398                 } else {
1399                         unsigned char *data = isdn_ppp_skb_push(&skb, 5);
1400                         if(!data)
1401                                 goto unlock;
1402                         data[0] = MP_BEGIN_FRAG | MP_END_FRAG;  /* (B)egin & (E)ndbit .. */
1403                         data[1] = (mp_seqno >> 16) & 0xff;      /* sequence number: 24bit */
1404                         data[2] = (mp_seqno >> 8) & 0xff;
1405                         data[3] = (mp_seqno >> 0) & 0xff;
1406                         data[4] = proto;        /* PID compression */
1407                 }
1408                 proto = PPP_MP; /* MP Protocol, 0x003d */
1409         }
1410 #endif
1411
1412         /*
1413          * 'link in bundle' compression  ...
1414          */
1415         if(ipt->compflags & SC_LINK_COMP_ON)
1416                 skb = isdn_ppp_compress(skb,&proto,ipt,ipts,1);
1417
1418         if( (ipt->pppcfg & SC_COMP_PROT) && (proto <= 0xff) ) {
1419                 unsigned char *data = isdn_ppp_skb_push(&skb,1);
1420                 if(!data)
1421                         goto unlock;
1422                 data[0] = proto & 0xff;
1423         }
1424         else {
1425                 unsigned char *data = isdn_ppp_skb_push(&skb,2);
1426                 if(!data)
1427                         goto unlock;
1428                 data[0] = (proto >> 8) & 0xff;
1429                 data[1] = proto & 0xff;
1430         }
1431         if(!(ipt->pppcfg & SC_COMP_AC)) {
1432                 unsigned char *data = isdn_ppp_skb_push(&skb,2);
1433                 if(!data)
1434                         goto unlock;
1435                 data[0] = 0xff;    /* All Stations */
1436                 data[1] = 0x03;    /* Unnumbered information */
1437         }
1438
1439         /* tx-stats are now updated via BSENT-callback */
1440
1441         if (ipts->debug & 0x40) {
1442                 printk(KERN_DEBUG "skb xmit: len: %d\n", (int) skb->len);
1443                 isdn_ppp_frame_log("xmit", skb->data, skb->len, 32,ipt->unit,lp->ppp_slot);
1444         }
1445         
1446         isdn_net_writebuf_skb(lp, skb);
1447
1448  unlock:
1449         spin_unlock_bh(&lp->xmit_lock);
1450  out:
1451         return retval;
1452 }
1453
1454 #ifdef CONFIG_IPPP_FILTER
1455 /*
1456  * check if this packet may trigger auto-dial.
1457  */
1458
1459 int isdn_ppp_autodial_filter(struct sk_buff *skb, isdn_net_local *lp)
1460 {
1461         struct ippp_struct *is = ippp_table[lp->ppp_slot];
1462         u_int16_t proto;
1463         int drop = 0;
1464
1465         switch (ntohs(skb->protocol)) {
1466         case ETH_P_IP:
1467                 proto = PPP_IP;
1468                 break;
1469         case ETH_P_IPX:
1470                 proto = PPP_IPX;
1471                 break;
1472         default:
1473                 printk(KERN_ERR "isdn_ppp_autodial_filter: unsupported protocol 0x%x.\n",
1474                        skb->protocol);
1475                 return 1;
1476         }
1477
1478         /* the filter instructions are constructed assuming
1479          * a four-byte PPP header on each packet. we have to
1480          * temporarily remove part of the fake header stuck on
1481          * earlier.
1482          */
1483         *skb_pull(skb, IPPP_MAX_HEADER - 4) = 1; /* indicate outbound */
1484
1485         {
1486                 u_int16_t *p = (u_int16_t *) skb->data;
1487
1488                 p++;
1489                 *p   = htons(proto);
1490         }
1491         
1492         drop |= is->pass_filter
1493                 && sk_run_filter(skb, is->pass_filter, is->pass_len) == 0;
1494         drop |= is->active_filter
1495                 && sk_run_filter(skb, is->active_filter, is->active_len) == 0;
1496         
1497         skb_push(skb, IPPP_MAX_HEADER - 4);
1498         return drop;
1499 }
1500 #endif
1501 #ifdef CONFIG_ISDN_MPP
1502
1503 /* this is _not_ rfc1990 header, but something we convert both short and long
1504  * headers to for convinience's sake:
1505  *      byte 0 is flags as in rfc1990
1506  *      bytes 1...4 is 24-bit seqence number converted to host byte order 
1507  */
1508 #define MP_HEADER_LEN   5
1509
1510 #define MP_LONGSEQ_MASK         0x00ffffff
1511 #define MP_SHORTSEQ_MASK        0x00000fff
1512 #define MP_LONGSEQ_MAX          MP_LONGSEQ_MASK
1513 #define MP_SHORTSEQ_MAX         MP_SHORTSEQ_MASK
1514 #define MP_LONGSEQ_MAXBIT       ((MP_LONGSEQ_MASK+1)>>1)
1515 #define MP_SHORTSEQ_MAXBIT      ((MP_SHORTSEQ_MASK+1)>>1)
1516
1517 /* sequence-wrap safe comparisions (for long sequence)*/ 
1518 #define MP_LT(a,b)      ((a-b)&MP_LONGSEQ_MAXBIT)
1519 #define MP_LE(a,b)      !((b-a)&MP_LONGSEQ_MAXBIT)
1520 #define MP_GT(a,b)      ((b-a)&MP_LONGSEQ_MAXBIT)
1521 #define MP_GE(a,b)      !((a-b)&MP_LONGSEQ_MAXBIT)
1522
1523 #define MP_SEQ(f)       ((*(u32*)(f->data+1)))
1524 #define MP_FLAGS(f)     (f->data[0])
1525
1526 static int isdn_ppp_mp_bundle_array_init(void)
1527 {
1528         int i;
1529         int sz = ISDN_MAX_CHANNELS*sizeof(ippp_bundle);
1530         if( (isdn_ppp_bundle_arr = kzalloc(sz, GFP_KERNEL)) == NULL )
1531                 return -ENOMEM;
1532         for( i = 0; i < ISDN_MAX_CHANNELS; i++ )
1533                 spin_lock_init(&isdn_ppp_bundle_arr[i].lock);
1534         return 0;
1535 }
1536
1537 static ippp_bundle * isdn_ppp_mp_bundle_alloc(void)
1538 {
1539         int i;
1540         for( i = 0; i < ISDN_MAX_CHANNELS; i++ )
1541                 if (isdn_ppp_bundle_arr[i].ref_ct <= 0)
1542                         return (isdn_ppp_bundle_arr + i);
1543         return NULL;
1544 }
1545
1546 static int isdn_ppp_mp_init( isdn_net_local * lp, ippp_bundle * add_to )
1547 {
1548         struct ippp_struct * is;
1549
1550         if (lp->ppp_slot < 0) {
1551                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
1552                         __FUNCTION__, lp->ppp_slot);
1553                 return(-EINVAL);
1554         }
1555
1556         is = ippp_table[lp->ppp_slot];
1557         if (add_to) {
1558                 if( lp->netdev->pb )
1559                         lp->netdev->pb->ref_ct--;
1560                 lp->netdev->pb = add_to;
1561         } else {                /* first link in a bundle */
1562                 is->mp_seqno = 0;
1563                 if ((lp->netdev->pb = isdn_ppp_mp_bundle_alloc()) == NULL)
1564                         return -ENOMEM;
1565                 lp->next = lp->last = lp;       /* nobody else in a queue */
1566                 lp->netdev->pb->frags = NULL;
1567                 lp->netdev->pb->frames = 0;
1568                 lp->netdev->pb->seq = UINT_MAX;
1569         }
1570         lp->netdev->pb->ref_ct++;
1571         
1572         is->last_link_seqno = 0;
1573         return 0;
1574 }
1575
1576 static u32 isdn_ppp_mp_get_seq( int short_seq, 
1577                                         struct sk_buff * skb, u32 last_seq );
1578 static struct sk_buff * isdn_ppp_mp_discard( ippp_bundle * mp,
1579                         struct sk_buff * from, struct sk_buff * to );
1580 static void isdn_ppp_mp_reassembly( isdn_net_dev * net_dev, isdn_net_local * lp,
1581                                 struct sk_buff * from, struct sk_buff * to );
1582 static void isdn_ppp_mp_free_skb( ippp_bundle * mp, struct sk_buff * skb );
1583 static void isdn_ppp_mp_print_recv_pkt( int slot, struct sk_buff * skb );
1584
1585 static void isdn_ppp_mp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, 
1586                                                         struct sk_buff *skb)
1587 {
1588         struct ippp_struct *is;
1589         isdn_net_local * lpq;
1590         ippp_bundle * mp;
1591         isdn_mppp_stats * stats;
1592         struct sk_buff * newfrag, * frag, * start, *nextf;
1593         u32 newseq, minseq, thisseq;
1594         unsigned long flags;
1595         int slot;
1596
1597         spin_lock_irqsave(&net_dev->pb->lock, flags);
1598         mp = net_dev->pb;
1599         stats = &mp->stats;
1600         slot = lp->ppp_slot;
1601         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1602                 printk(KERN_ERR "%s: lp->ppp_slot(%d)\n",
1603                         __FUNCTION__, lp->ppp_slot);
1604                 stats->frame_drops++;
1605                 dev_kfree_skb(skb);
1606                 spin_unlock_irqrestore(&mp->lock, flags);
1607                 return;
1608         }
1609         is = ippp_table[slot];
1610         if( ++mp->frames > stats->max_queue_len )
1611                 stats->max_queue_len = mp->frames;
1612         
1613         if (is->debug & 0x8)
1614                 isdn_ppp_mp_print_recv_pkt(lp->ppp_slot, skb);
1615
1616         newseq = isdn_ppp_mp_get_seq(is->mpppcfg & SC_IN_SHORT_SEQ, 
1617                                                 skb, is->last_link_seqno);
1618
1619
1620         /* if this packet seq # is less than last already processed one,
1621          * toss it right away, but check for sequence start case first 
1622          */
1623         if( mp->seq > MP_LONGSEQ_MAX && (newseq & MP_LONGSEQ_MAXBIT) ) {
1624                 mp->seq = newseq;       /* the first packet: required for
1625                                          * rfc1990 non-compliant clients --
1626                                          * prevents constant packet toss */
1627         } else if( MP_LT(newseq, mp->seq) ) {
1628                 stats->frame_drops++;
1629                 isdn_ppp_mp_free_skb(mp, skb);
1630                 spin_unlock_irqrestore(&mp->lock, flags);
1631                 return;
1632         }
1633         
1634         /* find the minimum received sequence number over all links */
1635         is->last_link_seqno = minseq = newseq;
1636         for (lpq = net_dev->queue;;) {
1637                 slot = lpq->ppp_slot;
1638                 if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1639                         printk(KERN_ERR "%s: lpq->ppp_slot(%d)\n",
1640                                 __FUNCTION__, lpq->ppp_slot);
1641                 } else {
1642                         u32 lls = ippp_table[slot]->last_link_seqno;
1643                         if (MP_LT(lls, minseq))
1644                                 minseq = lls;
1645                 }
1646                 if ((lpq = lpq->next) == net_dev->queue)
1647                         break;
1648         }
1649         if (MP_LT(minseq, mp->seq))
1650                 minseq = mp->seq;       /* can't go beyond already processed
1651                                          * packets */
1652         newfrag = skb;
1653
1654         /* if this new fragment is before the first one, then enqueue it now. */
1655         if ((frag = mp->frags) == NULL || MP_LT(newseq, MP_SEQ(frag))) {
1656                 newfrag->next = frag;
1657                 mp->frags = frag = newfrag;
1658                 newfrag = NULL;
1659         }
1660
1661         start = MP_FLAGS(frag) & MP_BEGIN_FRAG &&
1662                                 MP_SEQ(frag) == mp->seq ? frag : NULL;
1663
1664         /* 
1665          * main fragment traversing loop
1666          *
1667          * try to accomplish several tasks:
1668          * - insert new fragment into the proper sequence slot (once that's done
1669          *   newfrag will be set to NULL)
1670          * - reassemble any complete fragment sequence (non-null 'start'
1671          *   indicates there is a continguous sequence present)
1672          * - discard any incomplete sequences that are below minseq -- due
1673          *   to the fact that sender always increment sequence number, if there
1674          *   is an incomplete sequence below minseq, no new fragments would
1675          *   come to complete such sequence and it should be discarded
1676          *
1677          * loop completes when we accomplished the following tasks:
1678          * - new fragment is inserted in the proper sequence ('newfrag' is 
1679          *   set to NULL)
1680          * - we hit a gap in the sequence, so no reassembly/processing is 
1681          *   possible ('start' would be set to NULL)
1682          *
1683          * algorightm for this code is derived from code in the book
1684          * 'PPP Design And Debugging' by James Carlson (Addison-Wesley)
1685          */
1686         while (start != NULL || newfrag != NULL) {
1687
1688                 thisseq = MP_SEQ(frag);
1689                 nextf = frag->next;
1690
1691                 /* drop any duplicate fragments */
1692                 if (newfrag != NULL && thisseq == newseq) {
1693                         isdn_ppp_mp_free_skb(mp, newfrag);
1694                         newfrag = NULL;
1695                 }
1696
1697                 /* insert new fragment before next element if possible. */
1698                 if (newfrag != NULL && (nextf == NULL || 
1699                                                 MP_LT(newseq, MP_SEQ(nextf)))) {
1700                         newfrag->next = nextf;
1701                         frag->next = nextf = newfrag;
1702                         newfrag = NULL;
1703                 }
1704
1705                 if (start != NULL) {
1706                         /* check for misplaced start */
1707                         if (start != frag && (MP_FLAGS(frag) & MP_BEGIN_FRAG)) {
1708                                 printk(KERN_WARNING"isdn_mppp(seq %d): new "
1709                                       "BEGIN flag with no prior END", thisseq);
1710                                 stats->seqerrs++;
1711                                 stats->frame_drops++;
1712                                 start = isdn_ppp_mp_discard(mp, start,frag);
1713                                 nextf = frag->next;
1714                         }
1715                 } else if (MP_LE(thisseq, minseq)) {            
1716                         if (MP_FLAGS(frag) & MP_BEGIN_FRAG)
1717                                 start = frag;
1718                         else {
1719                                 if (MP_FLAGS(frag) & MP_END_FRAG)
1720                                         stats->frame_drops++;
1721                                 if( mp->frags == frag )
1722                                         mp->frags = nextf;      
1723                                 isdn_ppp_mp_free_skb(mp, frag);
1724                                 frag = nextf;
1725                                 continue;
1726                         }
1727                 }
1728                 
1729                 /* if start is non-null and we have end fragment, then
1730                  * we have full reassembly sequence -- reassemble 
1731                  * and process packet now
1732                  */
1733                 if (start != NULL && (MP_FLAGS(frag) & MP_END_FRAG)) {
1734                         minseq = mp->seq = (thisseq+1) & MP_LONGSEQ_MASK;
1735                         /* Reassemble the packet then dispatch it */
1736                         isdn_ppp_mp_reassembly(net_dev, lp, start, nextf);
1737       
1738                         start = NULL;
1739                         frag = NULL;
1740
1741                         mp->frags = nextf;
1742                 }
1743
1744                 /* check if need to update start pointer: if we just
1745                  * reassembled the packet and sequence is contiguous
1746                  * then next fragment should be the start of new reassembly
1747                  * if sequence is contiguous, but we haven't reassembled yet,
1748                  * keep going.
1749                  * if sequence is not contiguous, either clear everyting
1750                  * below low watermark and set start to the next frag or
1751                  * clear start ptr.
1752                  */ 
1753                 if (nextf != NULL && 
1754                     ((thisseq+1) & MP_LONGSEQ_MASK) == MP_SEQ(nextf)) {
1755                         /* if we just reassembled and the next one is here, 
1756                          * then start another reassembly. */
1757
1758                         if (frag == NULL) {
1759                                 if (MP_FLAGS(nextf) & MP_BEGIN_FRAG)
1760                                         start = nextf;
1761                                 else
1762                                 {
1763                                         printk(KERN_WARNING"isdn_mppp(seq %d):"
1764                                                 " END flag with no following "
1765                                                 "BEGIN", thisseq);
1766                                         stats->seqerrs++;
1767                                 }
1768                         }
1769
1770                 } else {
1771                         if ( nextf != NULL && frag != NULL &&
1772                                                 MP_LT(thisseq, minseq)) {
1773                                 /* we've got a break in the sequence
1774                                  * and we not at the end yet
1775                                  * and we did not just reassembled
1776                                  *(if we did, there wouldn't be anything before)
1777                                  * and we below the low watermark 
1778                                  * discard all the frames below low watermark 
1779                                  * and start over */
1780                                 stats->frame_drops++;
1781                                 mp->frags = isdn_ppp_mp_discard(mp,start,nextf);
1782                         }
1783                         /* break in the sequence, no reassembly */
1784                         start = NULL;
1785                 }
1786                                 
1787                 frag = nextf;
1788         }       /* while -- main loop */
1789         
1790         if (mp->frags == NULL)
1791                 mp->frags = frag;
1792                 
1793         /* rather straighforward way to deal with (not very) possible 
1794          * queue overflow */
1795         if (mp->frames > MP_MAX_QUEUE_LEN) {
1796                 stats->overflows++;
1797                 while (mp->frames > MP_MAX_QUEUE_LEN) {
1798                         frag = mp->frags->next;
1799                         isdn_ppp_mp_free_skb(mp, mp->frags);
1800                         mp->frags = frag;
1801                 }
1802         }
1803         spin_unlock_irqrestore(&mp->lock, flags);
1804 }
1805
1806 static void isdn_ppp_mp_cleanup( isdn_net_local * lp )
1807 {
1808         struct sk_buff * frag = lp->netdev->pb->frags;
1809         struct sk_buff * nextfrag;
1810         while( frag ) {
1811                 nextfrag = frag->next;
1812                 isdn_ppp_mp_free_skb(lp->netdev->pb, frag);
1813                 frag = nextfrag;
1814         }
1815         lp->netdev->pb->frags = NULL;
1816 }
1817
1818 static u32 isdn_ppp_mp_get_seq( int short_seq, 
1819                                         struct sk_buff * skb, u32 last_seq )
1820 {
1821         u32 seq;
1822         int flags = skb->data[0] & (MP_BEGIN_FRAG | MP_END_FRAG);
1823    
1824         if( !short_seq )
1825         {
1826                 seq = ntohl(*(u32*)skb->data) & MP_LONGSEQ_MASK;
1827                 skb_push(skb,1);
1828         }
1829         else
1830         {
1831                 /* convert 12-bit short seq number to 24-bit long one 
1832                 */
1833                 seq = ntohs(*(u16*)skb->data) & MP_SHORTSEQ_MASK;
1834         
1835                 /* check for seqence wrap */
1836                 if( !(seq &  MP_SHORTSEQ_MAXBIT) && 
1837                      (last_seq &  MP_SHORTSEQ_MAXBIT) && 
1838                      (unsigned long)last_seq <= MP_LONGSEQ_MAX )
1839                         seq |= (last_seq + MP_SHORTSEQ_MAX+1) & 
1840                                         (~MP_SHORTSEQ_MASK & MP_LONGSEQ_MASK);
1841                 else
1842                         seq |= last_seq & (~MP_SHORTSEQ_MASK & MP_LONGSEQ_MASK);
1843                 
1844                 skb_push(skb, 3);       /* put converted seqence back in skb */
1845         }
1846         *(u32*)(skb->data+1) = seq;     /* put seqence back in _host_ byte
1847                                          * order */
1848         skb->data[0] = flags;           /* restore flags */
1849         return seq;
1850 }
1851
1852 struct sk_buff * isdn_ppp_mp_discard( ippp_bundle * mp,
1853                         struct sk_buff * from, struct sk_buff * to )
1854 {
1855         if( from )
1856                 while (from != to) {
1857                         struct sk_buff * next = from->next;
1858                         isdn_ppp_mp_free_skb(mp, from);
1859                         from = next;
1860                 }
1861         return from;
1862 }
1863
1864 void isdn_ppp_mp_reassembly( isdn_net_dev * net_dev, isdn_net_local * lp,
1865                                 struct sk_buff * from, struct sk_buff * to )
1866 {
1867         ippp_bundle * mp = net_dev->pb;
1868         int proto;
1869         struct sk_buff * skb;
1870         unsigned int tot_len;
1871
1872         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
1873                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
1874                         __FUNCTION__, lp->ppp_slot);
1875                 return;
1876         }
1877         if( MP_FLAGS(from) == (MP_BEGIN_FRAG | MP_END_FRAG) ) {
1878                 if( ippp_table[lp->ppp_slot]->debug & 0x40 )
1879                         printk(KERN_DEBUG "isdn_mppp: reassembly: frame %d, "
1880                                         "len %d\n", MP_SEQ(from), from->len );
1881                 skb = from;
1882                 skb_pull(skb, MP_HEADER_LEN);
1883                 mp->frames--;   
1884         } else {
1885                 struct sk_buff * frag;
1886                 int n;
1887
1888                 for(tot_len=n=0, frag=from; frag != to; frag=frag->next, n++)
1889                         tot_len += frag->len - MP_HEADER_LEN;
1890
1891                 if( ippp_table[lp->ppp_slot]->debug & 0x40 )
1892                         printk(KERN_DEBUG"isdn_mppp: reassembling frames %d "
1893                                 "to %d, len %d\n", MP_SEQ(from), 
1894                                 (MP_SEQ(from)+n-1) & MP_LONGSEQ_MASK, tot_len );
1895                 if( (skb = dev_alloc_skb(tot_len)) == NULL ) {
1896                         printk(KERN_ERR "isdn_mppp: cannot allocate sk buff "
1897                                         "of size %d\n", tot_len);
1898                         isdn_ppp_mp_discard(mp, from, to);
1899                         return;
1900                 }
1901
1902                 while( from != to ) {
1903                         unsigned int len = from->len - MP_HEADER_LEN;
1904
1905                         memcpy(skb_put(skb,len), from->data+MP_HEADER_LEN, len);
1906                         frag = from->next;
1907                         isdn_ppp_mp_free_skb(mp, from);
1908                         from = frag; 
1909                 }
1910         }
1911         proto = isdn_ppp_strip_proto(skb);
1912         isdn_ppp_push_higher(net_dev, lp, skb, proto);
1913 }
1914
1915 static void isdn_ppp_mp_free_skb(ippp_bundle * mp, struct sk_buff * skb)
1916 {
1917         dev_kfree_skb(skb);
1918         mp->frames--;
1919 }
1920
1921 static void isdn_ppp_mp_print_recv_pkt( int slot, struct sk_buff * skb )
1922 {
1923         printk(KERN_DEBUG "mp_recv: %d/%d -> %02x %02x %02x %02x %02x %02x\n", 
1924                 slot, (int) skb->len, 
1925                 (int) skb->data[0], (int) skb->data[1], (int) skb->data[2],
1926                 (int) skb->data[3], (int) skb->data[4], (int) skb->data[5]);
1927 }
1928
1929 static int
1930 isdn_ppp_bundle(struct ippp_struct *is, int unit)
1931 {
1932         char ifn[IFNAMSIZ + 1];
1933         isdn_net_dev *p;
1934         isdn_net_local *lp, *nlp;
1935         int rc;
1936         unsigned long flags;
1937
1938         sprintf(ifn, "ippp%d", unit);
1939         p = isdn_net_findif(ifn);
1940         if (!p) {
1941                 printk(KERN_ERR "ippp_bundle: cannot find %s\n", ifn);
1942                 return -EINVAL;
1943         }
1944
1945         spin_lock_irqsave(&p->pb->lock, flags);
1946
1947         nlp = is->lp;
1948         lp = p->queue;
1949         if( nlp->ppp_slot < 0 || nlp->ppp_slot >= ISDN_MAX_CHANNELS ||
1950                 lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS ) {
1951                 printk(KERN_ERR "ippp_bundle: binding to invalid slot %d\n",
1952                         nlp->ppp_slot < 0 || nlp->ppp_slot >= ISDN_MAX_CHANNELS ? 
1953                         nlp->ppp_slot : lp->ppp_slot );
1954                 rc = -EINVAL;
1955                 goto out;
1956         }
1957
1958         isdn_net_add_to_bundle(p, nlp);
1959
1960         ippp_table[nlp->ppp_slot]->unit = ippp_table[lp->ppp_slot]->unit;
1961
1962         /* maybe also SC_CCP stuff */
1963         ippp_table[nlp->ppp_slot]->pppcfg |= ippp_table[lp->ppp_slot]->pppcfg &
1964                 (SC_ENABLE_IP | SC_NO_TCP_CCID | SC_REJ_COMP_TCP);
1965         ippp_table[nlp->ppp_slot]->mpppcfg |= ippp_table[lp->ppp_slot]->mpppcfg &
1966                 (SC_MP_PROT | SC_REJ_MP_PROT | SC_OUT_SHORT_SEQ | SC_IN_SHORT_SEQ);
1967         rc = isdn_ppp_mp_init(nlp, p->pb);
1968 out:
1969         spin_unlock_irqrestore(&p->pb->lock, flags);
1970         return rc;
1971 }
1972   
1973 #endif /* CONFIG_ISDN_MPP */
1974   
1975 /*
1976  * network device ioctl handlers
1977  */
1978
1979 static int
1980 isdn_ppp_dev_ioctl_stats(int slot, struct ifreq *ifr, struct net_device *dev)
1981 {
1982         struct ppp_stats __user *res = ifr->ifr_data;
1983         struct ppp_stats t;
1984         isdn_net_local *lp = (isdn_net_local *) dev->priv;
1985
1986         if (!access_ok(VERIFY_WRITE, res, sizeof(struct ppp_stats)))
1987                 return -EFAULT;
1988
1989         /* build a temporary stat struct and copy it to user space */
1990
1991         memset(&t, 0, sizeof(struct ppp_stats));
1992         if (dev->flags & IFF_UP) {
1993                 t.p.ppp_ipackets = lp->stats.rx_packets;
1994                 t.p.ppp_ibytes = lp->stats.rx_bytes;
1995                 t.p.ppp_ierrors = lp->stats.rx_errors;
1996                 t.p.ppp_opackets = lp->stats.tx_packets;
1997                 t.p.ppp_obytes = lp->stats.tx_bytes;
1998                 t.p.ppp_oerrors = lp->stats.tx_errors;
1999 #ifdef CONFIG_ISDN_PPP_VJ
2000                 if (slot >= 0 && ippp_table[slot]->slcomp) {
2001                         struct slcompress *slcomp = ippp_table[slot]->slcomp;
2002                         t.vj.vjs_packets = slcomp->sls_o_compressed + slcomp->sls_o_uncompressed;
2003                         t.vj.vjs_compressed = slcomp->sls_o_compressed;
2004                         t.vj.vjs_searches = slcomp->sls_o_searches;
2005                         t.vj.vjs_misses = slcomp->sls_o_misses;
2006                         t.vj.vjs_errorin = slcomp->sls_i_error;
2007                         t.vj.vjs_tossed = slcomp->sls_i_tossed;
2008                         t.vj.vjs_uncompressedin = slcomp->sls_i_uncompressed;
2009                         t.vj.vjs_compressedin = slcomp->sls_i_compressed;
2010                 }
2011 #endif
2012         }
2013         if (copy_to_user(res, &t, sizeof(struct ppp_stats)))
2014                 return -EFAULT;
2015         return 0;
2016 }
2017
2018 int
2019 isdn_ppp_dev_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
2020 {
2021         int error=0;
2022         int len;
2023         isdn_net_local *lp = (isdn_net_local *) dev->priv;
2024
2025
2026         if (lp->p_encap != ISDN_NET_ENCAP_SYNCPPP)
2027                 return -EINVAL;
2028
2029         switch (cmd) {
2030 #define PPP_VERSION "2.3.7"
2031                 case SIOCGPPPVER:
2032                         len = strlen(PPP_VERSION) + 1;
2033                         if (copy_to_user(ifr->ifr_data, PPP_VERSION, len))
2034                                 error = -EFAULT;
2035                         break;
2036
2037                 case SIOCGPPPSTATS:
2038                         error = isdn_ppp_dev_ioctl_stats(lp->ppp_slot, ifr, dev);
2039                         break;
2040                 default:
2041                         error = -EINVAL;
2042                         break;
2043         }
2044         return error;
2045 }
2046
2047 static int
2048 isdn_ppp_if_get_unit(char *name)
2049 {
2050         int len,
2051          i,
2052          unit = 0,
2053          deci;
2054
2055         len = strlen(name);
2056
2057         if (strncmp("ippp", name, 4) || len > 8)
2058                 return -1;
2059
2060         for (i = 0, deci = 1; i < len; i++, deci *= 10) {
2061                 char a = name[len - i - 1];
2062                 if (a >= '0' && a <= '9')
2063                         unit += (a - '0') * deci;
2064                 else
2065                         break;
2066         }
2067         if (!i || len - i != 4)
2068                 unit = -1;
2069
2070         return unit;
2071 }
2072
2073
2074 int
2075 isdn_ppp_dial_slave(char *name)
2076 {
2077 #ifdef CONFIG_ISDN_MPP
2078         isdn_net_dev *ndev;
2079         isdn_net_local *lp;
2080         struct net_device *sdev;
2081
2082         if (!(ndev = isdn_net_findif(name)))
2083                 return 1;
2084         lp = ndev->local;
2085         if (!(lp->flags & ISDN_NET_CONNECTED))
2086                 return 5;
2087
2088         sdev = lp->slave;
2089         while (sdev) {
2090                 isdn_net_local *mlp = (isdn_net_local *) sdev->priv;
2091                 if (!(mlp->flags & ISDN_NET_CONNECTED))
2092                         break;
2093                 sdev = mlp->slave;
2094         }
2095         if (!sdev)
2096                 return 2;
2097
2098         isdn_net_dial_req((isdn_net_local *) sdev->priv);
2099         return 0;
2100 #else
2101         return -1;
2102 #endif
2103 }
2104
2105 int
2106 isdn_ppp_hangup_slave(char *name)
2107 {
2108 #ifdef CONFIG_ISDN_MPP
2109         isdn_net_dev *ndev;
2110         isdn_net_local *lp;
2111         struct net_device *sdev;
2112
2113         if (!(ndev = isdn_net_findif(name)))
2114                 return 1;
2115         lp = ndev->local;
2116         if (!(lp->flags & ISDN_NET_CONNECTED))
2117                 return 5;
2118
2119         sdev = lp->slave;
2120         while (sdev) {
2121                 isdn_net_local *mlp = (isdn_net_local *) sdev->priv;
2122
2123                 if (mlp->slave) { /* find last connected link in chain */
2124                         isdn_net_local *nlp = (isdn_net_local *) mlp->slave->priv;
2125
2126                         if (!(nlp->flags & ISDN_NET_CONNECTED))
2127                                 break;
2128                 } else if (mlp->flags & ISDN_NET_CONNECTED)
2129                         break;
2130                 
2131                 sdev = mlp->slave;
2132         }
2133         if (!sdev)
2134                 return 2;
2135
2136         isdn_net_hangup(sdev);
2137         return 0;
2138 #else
2139         return -1;
2140 #endif
2141 }
2142
2143 /*
2144  * PPP compression stuff
2145  */
2146
2147
2148 /* Push an empty CCP Data Frame up to the daemon to wake it up and let it
2149    generate a CCP Reset-Request or tear down CCP altogether */
2150
2151 static void isdn_ppp_ccp_kickup(struct ippp_struct *is)
2152 {
2153         isdn_ppp_fill_rq(NULL, 0, PPP_COMP, is->lp->ppp_slot);
2154 }
2155
2156 /* In-kernel handling of CCP Reset-Request and Reset-Ack is necessary,
2157    but absolutely nontrivial. The most abstruse problem we are facing is
2158    that the generation, reception and all the handling of timeouts and
2159    resends including proper request id management should be entirely left
2160    to the (de)compressor, but indeed is not covered by the current API to
2161    the (de)compressor. The API is a prototype version from PPP where only
2162    some (de)compressors have yet been implemented and all of them are
2163    rather simple in their reset handling. Especially, their is only one
2164    outstanding ResetAck at a time with all of them and ResetReq/-Acks do
2165    not have parameters. For this very special case it was sufficient to
2166    just return an error code from the decompressor and have a single
2167    reset() entry to communicate all the necessary information between
2168    the framework and the (de)compressor. Bad enough, LZS is different
2169    (and any other compressor may be different, too). It has multiple
2170    histories (eventually) and needs to Reset each of them independently
2171    and thus uses multiple outstanding Acks and history numbers as an
2172    additional parameter to Reqs/Acks.
2173    All that makes it harder to port the reset state engine into the
2174    kernel because it is not just the same simple one as in (i)pppd but
2175    it must be able to pass additional parameters and have multiple out-
2176    standing Acks. We are trying to achieve the impossible by handling
2177    reset transactions independent by their id. The id MUST change when
2178    the data portion changes, thus any (de)compressor who uses more than
2179    one resettable state must provide and recognize individual ids for
2180    each individual reset transaction. The framework itself does _only_
2181    differentiate them by id, because it has no other semantics like the
2182    (de)compressor might.
2183    This looks like a major redesign of the interface would be nice,
2184    but I don't have an idea how to do it better. */
2185
2186 /* Send a CCP Reset-Request or Reset-Ack directly from the kernel. This is
2187    getting that lengthy because there is no simple "send-this-frame-out"
2188    function above but every wrapper does a bit different. Hope I guess
2189    correct in this hack... */
2190
2191 static void isdn_ppp_ccp_xmit_reset(struct ippp_struct *is, int proto,
2192                                     unsigned char code, unsigned char id,
2193                                     unsigned char *data, int len)
2194 {
2195         struct sk_buff *skb;
2196         unsigned char *p;
2197         int hl;
2198         int cnt = 0;
2199         isdn_net_local *lp = is->lp;
2200
2201         /* Alloc large enough skb */
2202         hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen;
2203         skb = alloc_skb(len + hl + 16,GFP_ATOMIC);
2204         if(!skb) {
2205                 printk(KERN_WARNING
2206                        "ippp: CCP cannot send reset - out of memory\n");
2207                 return;
2208         }
2209         skb_reserve(skb, hl);
2210
2211         /* We may need to stuff an address and control field first */
2212         if(!(is->pppcfg & SC_COMP_AC)) {
2213                 p = skb_put(skb, 2);
2214                 *p++ = 0xff;
2215                 *p++ = 0x03;
2216         }
2217
2218         /* Stuff proto, code, id and length */
2219         p = skb_put(skb, 6);
2220         *p++ = (proto >> 8);
2221         *p++ = (proto & 0xff);
2222         *p++ = code;
2223         *p++ = id;
2224         cnt = 4 + len;
2225         *p++ = (cnt >> 8);
2226         *p++ = (cnt & 0xff);
2227
2228         /* Now stuff remaining bytes */
2229         if(len) {
2230                 p = skb_put(skb, len);
2231                 memcpy(p, data, len);
2232         }
2233
2234         /* skb is now ready for xmit */
2235         printk(KERN_DEBUG "Sending CCP Frame:\n");
2236         isdn_ppp_frame_log("ccp-xmit", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2237
2238         isdn_net_write_super(lp, skb);
2239 }
2240
2241 /* Allocate the reset state vector */
2242 static struct ippp_ccp_reset *isdn_ppp_ccp_reset_alloc(struct ippp_struct *is)
2243 {
2244         struct ippp_ccp_reset *r;
2245         r = kzalloc(sizeof(struct ippp_ccp_reset), GFP_KERNEL);
2246         if(!r) {
2247                 printk(KERN_ERR "ippp_ccp: failed to allocate reset data"
2248                        " structure - no mem\n");
2249                 return NULL;
2250         }
2251         printk(KERN_DEBUG "ippp_ccp: allocated reset data structure %p\n", r);
2252         is->reset = r;
2253         return r;
2254 }
2255
2256 /* Destroy the reset state vector. Kill all pending timers first. */
2257 static void isdn_ppp_ccp_reset_free(struct ippp_struct *is)
2258 {
2259         unsigned int id;
2260
2261         printk(KERN_DEBUG "ippp_ccp: freeing reset data structure %p\n",
2262                is->reset);
2263         for(id = 0; id < 256; id++) {
2264                 if(is->reset->rs[id]) {
2265                         isdn_ppp_ccp_reset_free_state(is, (unsigned char)id);
2266                 }
2267         }
2268         kfree(is->reset);
2269         is->reset = NULL;
2270 }
2271
2272 /* Free a given state and clear everything up for later reallocation */
2273 static void isdn_ppp_ccp_reset_free_state(struct ippp_struct *is,
2274                                           unsigned char id)
2275 {
2276         struct ippp_ccp_reset_state *rs;
2277
2278         if(is->reset->rs[id]) {
2279                 printk(KERN_DEBUG "ippp_ccp: freeing state for id %d\n", id);
2280                 rs = is->reset->rs[id];
2281                 /* Make sure the kernel will not call back later */
2282                 if(rs->ta)
2283                         del_timer(&rs->timer);
2284                 is->reset->rs[id] = NULL;
2285                 kfree(rs);
2286         } else {
2287                 printk(KERN_WARNING "ippp_ccp: id %d is not allocated\n", id);
2288         }
2289 }
2290
2291 /* The timer callback function which is called when a ResetReq has timed out,
2292    aka has never been answered by a ResetAck */
2293 static void isdn_ppp_ccp_timer_callback(unsigned long closure)
2294 {
2295         struct ippp_ccp_reset_state *rs =
2296                 (struct ippp_ccp_reset_state *)closure;
2297
2298         if(!rs) {
2299                 printk(KERN_ERR "ippp_ccp: timer cb with zero closure.\n");
2300                 return;
2301         }
2302         if(rs->ta && rs->state == CCPResetSentReq) {
2303                 /* We are correct here */
2304                 if(!rs->expra) {
2305                         /* Hmm, there is no Ack really expected. We can clean
2306                            up the state now, it will be reallocated if the
2307                            decompressor insists on another reset */
2308                         rs->ta = 0;
2309                         isdn_ppp_ccp_reset_free_state(rs->is, rs->id);
2310                         return;
2311                 }
2312                 printk(KERN_DEBUG "ippp_ccp: CCP Reset timed out for id %d\n",
2313                        rs->id);
2314                 /* Push it again */
2315                 isdn_ppp_ccp_xmit_reset(rs->is, PPP_CCP, CCP_RESETREQ, rs->id,
2316                                         rs->data, rs->dlen);
2317                 /* Restart timer */
2318                 rs->timer.expires = jiffies + HZ*5;
2319                 add_timer(&rs->timer);
2320         } else {
2321                 printk(KERN_WARNING "ippp_ccp: timer cb in wrong state %d\n",
2322                        rs->state);
2323         }
2324 }
2325
2326 /* Allocate a new reset transaction state */
2327 static struct ippp_ccp_reset_state *isdn_ppp_ccp_reset_alloc_state(struct ippp_struct *is,
2328                                                       unsigned char id)
2329 {
2330         struct ippp_ccp_reset_state *rs;
2331         if(is->reset->rs[id]) {
2332                 printk(KERN_WARNING "ippp_ccp: old state exists for id %d\n",
2333                        id);
2334                 return NULL;
2335         } else {
2336                 rs = kzalloc(sizeof(struct ippp_ccp_reset_state), GFP_KERNEL);
2337                 if(!rs)
2338                         return NULL;
2339                 rs->state = CCPResetIdle;
2340                 rs->is = is;
2341                 rs->id = id;
2342                 rs->timer.data = (unsigned long)rs;
2343                 rs->timer.function = isdn_ppp_ccp_timer_callback;
2344                 is->reset->rs[id] = rs;
2345         }
2346         return rs;
2347 }
2348
2349
2350 /* A decompressor wants a reset with a set of parameters - do what is
2351    necessary to fulfill it */
2352 static void isdn_ppp_ccp_reset_trans(struct ippp_struct *is,
2353                                      struct isdn_ppp_resetparams *rp)
2354 {
2355         struct ippp_ccp_reset_state *rs;
2356
2357         if(rp->valid) {
2358                 /* The decompressor defines parameters by itself */
2359                 if(rp->rsend) {
2360                         /* And he wants us to send a request */
2361                         if(!(rp->idval)) {
2362                                 printk(KERN_ERR "ippp_ccp: decompressor must"
2363                                        " specify reset id\n");
2364                                 return;
2365                         }
2366                         if(is->reset->rs[rp->id]) {
2367                                 /* There is already a transaction in existence
2368                                    for this id. May be still waiting for a
2369                                    Ack or may be wrong. */
2370                                 rs = is->reset->rs[rp->id];
2371                                 if(rs->state == CCPResetSentReq && rs->ta) {
2372                                         printk(KERN_DEBUG "ippp_ccp: reset"
2373                                                " trans still in progress"
2374                                                " for id %d\n", rp->id);
2375                                 } else {
2376                                         printk(KERN_WARNING "ippp_ccp: reset"
2377                                                " trans in wrong state %d for"
2378                                                " id %d\n", rs->state, rp->id);
2379                                 }
2380                         } else {
2381                                 /* Ok, this is a new transaction */
2382                                 printk(KERN_DEBUG "ippp_ccp: new trans for id"
2383                                        " %d to be started\n", rp->id);
2384                                 rs = isdn_ppp_ccp_reset_alloc_state(is, rp->id);
2385                                 if(!rs) {
2386                                         printk(KERN_ERR "ippp_ccp: out of mem"
2387                                                " allocing ccp trans\n");
2388                                         return;
2389                                 }
2390                                 rs->state = CCPResetSentReq;
2391                                 rs->expra = rp->expra;
2392                                 if(rp->dtval) {
2393                                         rs->dlen = rp->dlen;
2394                                         memcpy(rs->data, rp->data, rp->dlen);
2395                                 }
2396                                 /* HACK TODO - add link comp here */
2397                                 isdn_ppp_ccp_xmit_reset(is, PPP_CCP,
2398                                                         CCP_RESETREQ, rs->id,
2399                                                         rs->data, rs->dlen);
2400                                 /* Start the timer */
2401                                 rs->timer.expires = jiffies + 5*HZ;
2402                                 add_timer(&rs->timer);
2403                                 rs->ta = 1;
2404                         }
2405                 } else {
2406                         printk(KERN_DEBUG "ippp_ccp: no reset sent\n");
2407                 }
2408         } else {
2409                 /* The reset params are invalid. The decompressor does not
2410                    care about them, so we just send the minimal requests
2411                    and increase ids only when an Ack is received for a
2412                    given id */
2413                 if(is->reset->rs[is->reset->lastid]) {
2414                         /* There is already a transaction in existence
2415                            for this id. May be still waiting for a
2416                            Ack or may be wrong. */
2417                         rs = is->reset->rs[is->reset->lastid];
2418                         if(rs->state == CCPResetSentReq && rs->ta) {
2419                                 printk(KERN_DEBUG "ippp_ccp: reset"
2420                                        " trans still in progress"
2421                                        " for id %d\n", rp->id);
2422                         } else {
2423                                 printk(KERN_WARNING "ippp_ccp: reset"
2424                                        " trans in wrong state %d for"
2425                                        " id %d\n", rs->state, rp->id);
2426                         }
2427                 } else {
2428                         printk(KERN_DEBUG "ippp_ccp: new trans for id"
2429                                " %d to be started\n", is->reset->lastid);
2430                         rs = isdn_ppp_ccp_reset_alloc_state(is,
2431                                                             is->reset->lastid);
2432                         if(!rs) {
2433                                 printk(KERN_ERR "ippp_ccp: out of mem"
2434                                        " allocing ccp trans\n");
2435                                 return;
2436                         }
2437                         rs->state = CCPResetSentReq;
2438                         /* We always expect an Ack if the decompressor doesn't
2439                            know better */
2440                         rs->expra = 1;
2441                         rs->dlen = 0;
2442                         /* HACK TODO - add link comp here */
2443                         isdn_ppp_ccp_xmit_reset(is, PPP_CCP, CCP_RESETREQ,
2444                                                 rs->id, NULL, 0);
2445                         /* Start the timer */
2446                         rs->timer.expires = jiffies + 5*HZ;
2447                         add_timer(&rs->timer);
2448                         rs->ta = 1;
2449                 }
2450         }
2451 }
2452
2453 /* An Ack was received for this id. This means we stop the timer and clean
2454    up the state prior to calling the decompressors reset routine. */
2455 static void isdn_ppp_ccp_reset_ack_rcvd(struct ippp_struct *is,
2456                                         unsigned char id)
2457 {
2458         struct ippp_ccp_reset_state *rs = is->reset->rs[id];
2459
2460         if(rs) {
2461                 if(rs->ta && rs->state == CCPResetSentReq) {
2462                         /* Great, we are correct */
2463                         if(!rs->expra)
2464                                 printk(KERN_DEBUG "ippp_ccp: ResetAck received"
2465                                        " for id %d but not expected\n", id);
2466                 } else {
2467                         printk(KERN_INFO "ippp_ccp: ResetAck received out of"
2468                                "sync for id %d\n", id);
2469                 }
2470                 if(rs->ta) {
2471                         rs->ta = 0;
2472                         del_timer(&rs->timer);
2473                 }
2474                 isdn_ppp_ccp_reset_free_state(is, id);
2475         } else {
2476                 printk(KERN_INFO "ippp_ccp: ResetAck received for unknown id"
2477                        " %d\n", id);
2478         }
2479         /* Make sure the simple reset stuff uses a new id next time */
2480         is->reset->lastid++;
2481 }
2482
2483 /* 
2484  * decompress packet
2485  *
2486  * if master = 0, we're trying to uncompress an per-link compressed packet,
2487  * as opposed to an compressed reconstructed-from-MPPP packet.
2488  * proto is updated to protocol field of uncompressed packet.
2489  *
2490  * retval: decompressed packet,
2491  *         same packet if uncompressed,
2492  *         NULL if decompression error
2493  */
2494
2495 static struct sk_buff *isdn_ppp_decompress(struct sk_buff *skb,struct ippp_struct *is,struct ippp_struct *master,
2496         int *proto)
2497 {
2498         void *stat = NULL;
2499         struct isdn_ppp_compressor *ipc = NULL;
2500         struct sk_buff *skb_out;
2501         int len;
2502         struct ippp_struct *ri;
2503         struct isdn_ppp_resetparams rsparm;
2504         unsigned char rsdata[IPPP_RESET_MAXDATABYTES];
2505
2506         if(!master) {
2507                 // per-link decompression 
2508                 stat = is->link_decomp_stat;
2509                 ipc = is->link_decompressor;
2510                 ri = is;
2511         } else {
2512                 stat = master->decomp_stat;
2513                 ipc = master->decompressor;
2514                 ri = master;
2515         }
2516
2517         if (!ipc) {
2518                 // no decompressor -> we can't decompress.
2519                 printk(KERN_DEBUG "ippp: no decompressor defined!\n");
2520                 return skb;
2521         }
2522         BUG_ON(!stat); // if we have a compressor, stat has been set as well
2523
2524         if((master && *proto == PPP_COMP) || (!master && *proto == PPP_COMPFRAG) ) {
2525                 // compressed packets are compressed by their protocol type
2526
2527                 // Set up reset params for the decompressor
2528                 memset(&rsparm, 0, sizeof(rsparm));
2529                 rsparm.data = rsdata;
2530                 rsparm.maxdlen = IPPP_RESET_MAXDATABYTES;
2531   
2532                 skb_out = dev_alloc_skb(is->mru + PPP_HDRLEN);
2533                 if (!skb_out) {
2534                         kfree_skb(skb);
2535                         printk(KERN_ERR "ippp: decomp memory allocation failure\n");
2536                         return NULL;
2537                 }
2538                 len = ipc->decompress(stat, skb, skb_out, &rsparm);
2539                 kfree_skb(skb);
2540                 if (len <= 0) {
2541                         switch(len) {
2542                         case DECOMP_ERROR:
2543                                 printk(KERN_INFO "ippp: decomp wants reset %s params\n",
2544                                        rsparm.valid ? "with" : "without");
2545                                 
2546                                 isdn_ppp_ccp_reset_trans(ri, &rsparm);
2547                                 break;
2548                         case DECOMP_FATALERROR:
2549                                 ri->pppcfg |= SC_DC_FERROR;
2550                                 /* Kick ipppd to recognize the error */
2551                                 isdn_ppp_ccp_kickup(ri);
2552                                 break;
2553                         }
2554                         kfree_skb(skb_out);
2555                         return NULL;
2556                 }
2557                 *proto = isdn_ppp_strip_proto(skb_out);
2558                 if (*proto < 0) {
2559                         kfree_skb(skb_out);
2560                         return NULL;
2561                 }
2562                 return skb_out;
2563         } else { 
2564                 // uncompressed packets are fed through the decompressor to
2565                 // update the decompressor state
2566                 ipc->incomp(stat, skb, *proto);
2567                 return skb;
2568         }
2569 }
2570
2571 /*
2572  * compress a frame 
2573  *   type=0: normal/bundle compression
2574  *       =1: link compression
2575  * returns original skb if we haven't compressed the frame
2576  * and a new skb pointer if we've done it
2577  */
2578 static struct sk_buff *isdn_ppp_compress(struct sk_buff *skb_in,int *proto,
2579         struct ippp_struct *is,struct ippp_struct *master,int type)
2580 {
2581     int ret;
2582     int new_proto;
2583     struct isdn_ppp_compressor *compressor;
2584     void *stat;
2585     struct sk_buff *skb_out;
2586
2587         /* we do not compress control protocols */
2588     if(*proto < 0 || *proto > 0x3fff) {
2589             return skb_in;
2590     }
2591
2592         if(type) { /* type=1 => Link compression */
2593                 return skb_in;
2594         }
2595         else {
2596                 if(!master) {
2597                         compressor = is->compressor;
2598                         stat = is->comp_stat;
2599                 }
2600                 else {
2601                         compressor = master->compressor;
2602                         stat = master->comp_stat;
2603                 }
2604                 new_proto = PPP_COMP;
2605         }
2606
2607         if(!compressor) {
2608                 printk(KERN_ERR "isdn_ppp: No compressor set!\n");
2609                 return skb_in;
2610         }
2611         if(!stat) {
2612                 printk(KERN_ERR "isdn_ppp: Compressor not initialized?\n");
2613                 return skb_in;
2614         }
2615
2616         /* Allow for at least 150 % expansion (for now) */
2617         skb_out = alloc_skb(skb_in->len + skb_in->len/2 + 32 +
2618                 skb_headroom(skb_in), GFP_ATOMIC);
2619         if(!skb_out)
2620                 return skb_in;
2621         skb_reserve(skb_out, skb_headroom(skb_in));
2622
2623         ret = (compressor->compress)(stat,skb_in,skb_out,*proto);
2624         if(!ret) {
2625                 dev_kfree_skb(skb_out);
2626                 return skb_in;
2627         }
2628         
2629         dev_kfree_skb(skb_in);
2630         *proto = new_proto;
2631         return skb_out;
2632 }
2633
2634 /*
2635  * we received a CCP frame .. 
2636  * not a clean solution, but we MUST handle a few cases in the kernel
2637  */
2638 static void isdn_ppp_receive_ccp(isdn_net_dev *net_dev, isdn_net_local *lp,
2639          struct sk_buff *skb,int proto)
2640 {
2641         struct ippp_struct *is;
2642         struct ippp_struct *mis;
2643         int len;
2644         struct isdn_ppp_resetparams rsparm;
2645         unsigned char rsdata[IPPP_RESET_MAXDATABYTES];  
2646
2647         printk(KERN_DEBUG "Received CCP frame from peer slot(%d)\n",
2648                 lp->ppp_slot);
2649         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
2650                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
2651                         __FUNCTION__, lp->ppp_slot);
2652                 return;
2653         }
2654         is = ippp_table[lp->ppp_slot];
2655         isdn_ppp_frame_log("ccp-rcv", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2656
2657         if(lp->master) {
2658                 int slot = ((isdn_net_local *) (lp->master->priv))->ppp_slot;
2659                 if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
2660                         printk(KERN_ERR "%s: slot(%d) out of range\n",
2661                                 __FUNCTION__, slot);
2662                         return;
2663                 }       
2664                 mis = ippp_table[slot];
2665         } else
2666                 mis = is;
2667
2668         switch(skb->data[0]) {
2669         case CCP_CONFREQ:
2670                 if(is->debug & 0x10)
2671                         printk(KERN_DEBUG "Disable compression here!\n");
2672                 if(proto == PPP_CCP)
2673                         mis->compflags &= ~SC_COMP_ON;          
2674                 else
2675                         is->compflags &= ~SC_LINK_COMP_ON;              
2676                 break;
2677         case CCP_TERMREQ:
2678         case CCP_TERMACK:
2679                 if(is->debug & 0x10)
2680                         printk(KERN_DEBUG "Disable (de)compression here!\n");
2681                 if(proto == PPP_CCP)
2682                         mis->compflags &= ~(SC_DECOMP_ON|SC_COMP_ON);           
2683                 else
2684                         is->compflags &= ~(SC_LINK_DECOMP_ON|SC_LINK_COMP_ON);          
2685                 break;
2686         case CCP_CONFACK:
2687                 /* if we RECEIVE an ackowledge we enable the decompressor */
2688                 if(is->debug & 0x10)
2689                         printk(KERN_DEBUG "Enable decompression here!\n");
2690                 if(proto == PPP_CCP) {
2691                         if (!mis->decompressor)
2692                                 break;
2693                         mis->compflags |= SC_DECOMP_ON;
2694                 } else {
2695                         if (!is->decompressor)
2696                                 break;
2697                         is->compflags |= SC_LINK_DECOMP_ON;
2698                 }
2699                 break;
2700
2701         case CCP_RESETACK:
2702                 printk(KERN_DEBUG "Received ResetAck from peer\n");
2703                 len = (skb->data[2] << 8) | skb->data[3];
2704                 len -= 4;
2705
2706                 if(proto == PPP_CCP) {
2707                         /* If a reset Ack was outstanding for this id, then
2708                            clean up the state engine */
2709                         isdn_ppp_ccp_reset_ack_rcvd(mis, skb->data[1]);
2710                         if(mis->decompressor && mis->decomp_stat)
2711                                 mis->decompressor->
2712                                         reset(mis->decomp_stat,
2713                                               skb->data[0],
2714                                               skb->data[1],
2715                                               len ? &skb->data[4] : NULL,
2716                                               len, NULL);
2717                         /* TODO: This is not easy to decide here */
2718                         mis->compflags &= ~SC_DECOMP_DISCARD;
2719                 }
2720                 else {
2721                         isdn_ppp_ccp_reset_ack_rcvd(is, skb->data[1]);
2722                         if(is->link_decompressor && is->link_decomp_stat)
2723                                 is->link_decompressor->
2724                                         reset(is->link_decomp_stat,
2725                                               skb->data[0],
2726                                               skb->data[1],
2727                                               len ? &skb->data[4] : NULL,
2728                                               len, NULL);
2729                         /* TODO: neither here */
2730                         is->compflags &= ~SC_LINK_DECOMP_DISCARD;
2731                 }
2732                 break;
2733
2734         case CCP_RESETREQ:
2735                 printk(KERN_DEBUG "Received ResetReq from peer\n");
2736                 /* Receiving a ResetReq means we must reset our compressor */
2737                 /* Set up reset params for the reset entry */
2738                 memset(&rsparm, 0, sizeof(rsparm));
2739                 rsparm.data = rsdata;
2740                 rsparm.maxdlen = IPPP_RESET_MAXDATABYTES; 
2741                 /* Isolate data length */
2742                 len = (skb->data[2] << 8) | skb->data[3];
2743                 len -= 4;
2744                 if(proto == PPP_CCP) {
2745                         if(mis->compressor && mis->comp_stat)
2746                                 mis->compressor->
2747                                         reset(mis->comp_stat,
2748                                               skb->data[0],
2749                                               skb->data[1],
2750                                               len ? &skb->data[4] : NULL,
2751                                               len, &rsparm);
2752                 }
2753                 else {
2754                         if(is->link_compressor && is->link_comp_stat)
2755                                 is->link_compressor->
2756                                         reset(is->link_comp_stat,
2757                                               skb->data[0],
2758                                               skb->data[1],
2759                                               len ? &skb->data[4] : NULL,
2760                                               len, &rsparm);
2761                 }
2762                 /* Ack the Req as specified by rsparm */
2763                 if(rsparm.valid) {
2764                         /* Compressor reset handler decided how to answer */
2765                         if(rsparm.rsend) {
2766                                 /* We should send a Frame */
2767                                 isdn_ppp_ccp_xmit_reset(is, proto, CCP_RESETACK,
2768                                                         rsparm.idval ? rsparm.id
2769                                                         : skb->data[1],
2770                                                         rsparm.dtval ?
2771                                                         rsparm.data : NULL,
2772                                                         rsparm.dtval ?
2773                                                         rsparm.dlen : 0);
2774                         } else {
2775                                 printk(KERN_DEBUG "ResetAck suppressed\n");
2776                         }
2777                 } else {
2778                         /* We answer with a straight reflected Ack */
2779                         isdn_ppp_ccp_xmit_reset(is, proto, CCP_RESETACK,
2780                                                 skb->data[1],
2781                                                 len ? &skb->data[4] : NULL,
2782                                                 len);
2783                 }
2784                 break;
2785         }
2786 }
2787
2788
2789 /*
2790  * Daemon sends a CCP frame ...
2791  */
2792
2793 /* TODO: Clean this up with new Reset semantics */
2794
2795 /* I believe the CCP handling as-is is done wrong. Compressed frames
2796  * should only be sent/received after CCP reaches UP state, which means
2797  * both sides have sent CONF_ACK. Currently, we handle both directions
2798  * independently, which means we may accept compressed frames too early
2799  * (supposedly not a problem), but may also mean we send compressed frames
2800  * too early, which may turn out to be a problem.
2801  * This part of state machine should actually be handled by (i)pppd, but
2802  * that's too big of a change now. --kai
2803  */
2804
2805 /* Actually, we might turn this into an advantage: deal with the RFC in
2806  * the old tradition of beeing generous on what we accept, but beeing
2807  * strict on what we send. Thus we should just
2808  * - accept compressed frames as soon as decompression is negotiated
2809  * - send compressed frames only when decomp *and* comp are negotiated
2810  * - drop rx compressed frames if we cannot decomp (instead of pushing them
2811  *   up to ipppd)
2812  * and I tried to modify this file according to that. --abp
2813  */
2814
2815 static void isdn_ppp_send_ccp(isdn_net_dev *net_dev, isdn_net_local *lp, struct sk_buff *skb)
2816 {
2817         struct ippp_struct *mis,*is;
2818         int proto, slot = lp->ppp_slot;
2819         unsigned char *data;
2820
2821         if(!skb || skb->len < 3)
2822                 return;
2823         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
2824                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
2825                         __FUNCTION__, slot);
2826                 return;
2827         }       
2828         is = ippp_table[slot];
2829         /* Daemon may send with or without address and control field comp */
2830         data = skb->data;
2831         if(!(is->pppcfg & SC_COMP_AC) && data[0] == 0xff && data[1] == 0x03) {
2832                 data += 2;
2833                 if(skb->len < 5)
2834                         return;
2835         }
2836
2837         proto = ((int)data[0]<<8)+data[1];
2838         if(proto != PPP_CCP && proto != PPP_CCPFRAG)
2839                 return;
2840
2841         printk(KERN_DEBUG "Received CCP frame from daemon:\n");
2842         isdn_ppp_frame_log("ccp-xmit", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2843
2844         if (lp->master) {
2845                 slot = ((isdn_net_local *) (lp->master->priv))->ppp_slot;
2846                 if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
2847                         printk(KERN_ERR "%s: slot(%d) out of range\n",
2848                                 __FUNCTION__, slot);
2849                         return;
2850                 }       
2851                 mis = ippp_table[slot];
2852         } else
2853                 mis = is;
2854         if (mis != is)
2855                 printk(KERN_DEBUG "isdn_ppp: Ouch! Master CCP sends on slave slot!\n");
2856         
2857         switch(data[2]) {
2858         case CCP_CONFREQ:
2859                 if(is->debug & 0x10)
2860                         printk(KERN_DEBUG "Disable decompression here!\n");
2861                 if(proto == PPP_CCP)
2862                         is->compflags &= ~SC_DECOMP_ON;
2863                 else
2864                         is->compflags &= ~SC_LINK_DECOMP_ON;
2865                 break;
2866         case CCP_TERMREQ:
2867         case CCP_TERMACK:
2868                 if(is->debug & 0x10)
2869                         printk(KERN_DEBUG "Disable (de)compression here!\n");
2870                 if(proto == PPP_CCP)
2871                         is->compflags &= ~(SC_DECOMP_ON|SC_COMP_ON);
2872                 else
2873                         is->compflags &= ~(SC_LINK_DECOMP_ON|SC_LINK_COMP_ON);
2874                 break;
2875         case CCP_CONFACK:
2876                 /* if we SEND an ackowledge we can/must enable the compressor */
2877                 if(is->debug & 0x10)
2878                         printk(KERN_DEBUG "Enable compression here!\n");
2879                 if(proto == PPP_CCP) {
2880                         if (!is->compressor)
2881                                 break;
2882                         is->compflags |= SC_COMP_ON;
2883                 } else {
2884                         if (!is->compressor)
2885                                 break;
2886                         is->compflags |= SC_LINK_COMP_ON;
2887                 }
2888                 break;
2889         case CCP_RESETACK:
2890                 /* If we send a ACK we should reset our compressor */
2891                 if(is->debug & 0x10)
2892                         printk(KERN_DEBUG "Reset decompression state here!\n");
2893                 printk(KERN_DEBUG "ResetAck from daemon passed by\n");
2894                 if(proto == PPP_CCP) {
2895                         /* link to master? */
2896                         if(is->compressor && is->comp_stat)
2897                                 is->compressor->reset(is->comp_stat, 0, 0,
2898                                                       NULL, 0, NULL);
2899                         is->compflags &= ~SC_COMP_DISCARD;      
2900                 }
2901                 else {
2902                         if(is->link_compressor && is->link_comp_stat)
2903                                 is->link_compressor->reset(is->link_comp_stat,
2904                                                            0, 0, NULL, 0, NULL);
2905                         is->compflags &= ~SC_LINK_COMP_DISCARD; 
2906                 }
2907                 break;
2908         case CCP_RESETREQ:
2909                 /* Just let it pass by */
2910                 printk(KERN_DEBUG "ResetReq from daemon passed by\n");
2911                 break;
2912         }
2913 }
2914
2915 int isdn_ppp_register_compressor(struct isdn_ppp_compressor *ipc)
2916 {
2917         ipc->next = ipc_head;
2918         ipc->prev = NULL;
2919         if(ipc_head) {
2920                 ipc_head->prev = ipc;
2921         }
2922         ipc_head = ipc;
2923         return 0;
2924 }
2925
2926 int isdn_ppp_unregister_compressor(struct isdn_ppp_compressor *ipc)
2927 {
2928         if(ipc->prev)
2929                 ipc->prev->next = ipc->next;
2930         else
2931                 ipc_head = ipc->next;
2932         if(ipc->next)
2933                 ipc->next->prev = ipc->prev;
2934         ipc->prev = ipc->next = NULL;
2935         return 0;
2936 }
2937
2938 static int isdn_ppp_set_compressor(struct ippp_struct *is, struct isdn_ppp_comp_data *data)
2939 {
2940         struct isdn_ppp_compressor *ipc = ipc_head;
2941         int ret;
2942         void *stat;
2943         int num = data->num;
2944
2945         if(is->debug & 0x10)
2946                 printk(KERN_DEBUG "[%d] Set %s type %d\n",is->unit,
2947                         (data->flags&IPPP_COMP_FLAG_XMIT)?"compressor":"decompressor",num);
2948
2949         /* If is has no valid reset state vector, we cannot allocate a
2950            decompressor. The decompressor would cause reset transactions
2951            sooner or later, and they need that vector. */
2952
2953         if(!(data->flags & IPPP_COMP_FLAG_XMIT) && !is->reset) {
2954                 printk(KERN_ERR "ippp_ccp: no reset data structure - can't"
2955                        " allow decompression.\n");
2956                 return -ENOMEM;
2957         }
2958
2959         while(ipc) {
2960                 if(ipc->num == num) {
2961                         stat = ipc->alloc(data);
2962                         if(stat) {
2963                                 ret = ipc->init(stat,data,is->unit,0);
2964                                 if(!ret) {
2965                                         printk(KERN_ERR "Can't init (de)compression!\n");
2966                                         ipc->free(stat);
2967                                         stat = NULL;
2968                                         break;
2969                                 }
2970                         }
2971                         else {
2972                                 printk(KERN_ERR "Can't alloc (de)compression!\n");
2973                                 break;
2974                         }
2975
2976                         if(data->flags & IPPP_COMP_FLAG_XMIT) {
2977                                 if(data->flags & IPPP_COMP_FLAG_LINK) {
2978                                         if(is->link_comp_stat)
2979                                                 is->link_compressor->free(is->link_comp_stat);
2980                                         is->link_comp_stat = stat;
2981                                         is->link_compressor = ipc;
2982                                 }
2983                                 else {
2984                                         if(is->comp_stat)
2985                                                 is->compressor->free(is->comp_stat);
2986                                         is->comp_stat = stat;
2987                                         is->compressor = ipc;
2988                                 }
2989                         }
2990                         else {
2991                                 if(data->flags & IPPP_COMP_FLAG_LINK) {
2992                                         if(is->link_decomp_stat)
2993                                                 is->link_decompressor->free(is->link_decomp_stat);
2994                                         is->link_decomp_stat = stat;
2995                                         is->link_decompressor = ipc;
2996                                 }
2997                                 else {
2998                                         if(is->decomp_stat)
2999                                                 is->decompressor->free(is->decomp_stat);
3000                                         is->decomp_stat = stat;
3001                                         is->decompressor = ipc;
3002                                 }
3003                         }
3004                         return 0;
3005                 }
3006                 ipc = ipc->next;
3007         }
3008         return -EINVAL;
3009 }