Merge HEAD from /spare/repo/linux-2.6/.git
[linux-2.6] / drivers / isdn / i4l / isdn_ppp.c
1 /* $Id: isdn_ppp.c,v 1.1.2.3 2004/02/10 01:07:13 keil Exp $
2  *
3  * Linux ISDN subsystem, functions for synchronous PPP (linklevel).
4  *
5  * Copyright 1995,96 by Michael Hipp (Michael.Hipp@student.uni-tuebingen.de)
6  *
7  * This software may be used and distributed according to the terms
8  * of the GNU General Public License, incorporated herein by reference.
9  *
10  */
11
12 #include <linux/config.h>
13 #include <linux/isdn.h>
14 #include <linux/poll.h>
15 #include <linux/ppp-comp.h>
16 #ifdef CONFIG_IPPP_FILTER
17 #include <linux/filter.h>
18 #endif
19
20 #include "isdn_common.h"
21 #include "isdn_ppp.h"
22 #include "isdn_net.h"
23
24 #ifndef PPP_IPX
25 #define PPP_IPX 0x002b
26 #endif
27
28 /* Prototypes */
29 static int isdn_ppp_fill_rq(unsigned char *buf, int len, int proto, int slot);
30 static int isdn_ppp_closewait(int slot);
31 static void isdn_ppp_push_higher(isdn_net_dev * net_dev, isdn_net_local * lp,
32                                  struct sk_buff *skb, int proto);
33 static int isdn_ppp_if_get_unit(char *namebuf);
34 static int isdn_ppp_set_compressor(struct ippp_struct *is,struct isdn_ppp_comp_data *);
35 static struct sk_buff *isdn_ppp_decompress(struct sk_buff *,
36                                 struct ippp_struct *,struct ippp_struct *,int *proto);
37 static void isdn_ppp_receive_ccp(isdn_net_dev * net_dev, isdn_net_local * lp,
38                                 struct sk_buff *skb,int proto);
39 static struct sk_buff *isdn_ppp_compress(struct sk_buff *skb_in,int *proto,
40         struct ippp_struct *is,struct ippp_struct *master,int type);
41 static void isdn_ppp_send_ccp(isdn_net_dev *net_dev, isdn_net_local *lp,
42          struct sk_buff *skb);
43
44 /* New CCP stuff */
45 static void isdn_ppp_ccp_kickup(struct ippp_struct *is);
46 static void isdn_ppp_ccp_xmit_reset(struct ippp_struct *is, int proto,
47                                     unsigned char code, unsigned char id,
48                                     unsigned char *data, int len);
49 static struct ippp_ccp_reset *isdn_ppp_ccp_reset_alloc(struct ippp_struct *is);
50 static void isdn_ppp_ccp_reset_free(struct ippp_struct *is);
51 static void isdn_ppp_ccp_reset_free_state(struct ippp_struct *is,
52                                           unsigned char id);
53 static void isdn_ppp_ccp_timer_callback(unsigned long closure);
54 static struct ippp_ccp_reset_state *isdn_ppp_ccp_reset_alloc_state(struct ippp_struct *is,
55                                                       unsigned char id);
56 static void isdn_ppp_ccp_reset_trans(struct ippp_struct *is,
57                                      struct isdn_ppp_resetparams *rp);
58 static void isdn_ppp_ccp_reset_ack_rcvd(struct ippp_struct *is,
59                                         unsigned char id);
60
61
62
63 #ifdef CONFIG_ISDN_MPP
64 static ippp_bundle * isdn_ppp_bundle_arr = NULL;
65  
66 static int isdn_ppp_mp_bundle_array_init(void);
67 static int isdn_ppp_mp_init( isdn_net_local * lp, ippp_bundle * add_to );
68 static void isdn_ppp_mp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, 
69                                                         struct sk_buff *skb);
70 static void isdn_ppp_mp_cleanup( isdn_net_local * lp );
71
72 static int isdn_ppp_bundle(struct ippp_struct *, int unit);
73 #endif  /* CONFIG_ISDN_MPP */
74   
75 char *isdn_ppp_revision = "$Revision: 1.1.2.3 $";
76
77 static struct ippp_struct *ippp_table[ISDN_MAX_CHANNELS];
78
79 static struct isdn_ppp_compressor *ipc_head = NULL;
80
81 /*
82  * frame log (debug)
83  */
84 static void
85 isdn_ppp_frame_log(char *info, char *data, int len, int maxlen,int unit,int slot)
86 {
87         int cnt,
88          j,
89          i;
90         char buf[80];
91
92         if (len < maxlen)
93                 maxlen = len;
94
95         for (i = 0, cnt = 0; cnt < maxlen; i++) {
96                 for (j = 0; j < 16 && cnt < maxlen; j++, cnt++)
97                         sprintf(buf + j * 3, "%02x ", (unsigned char) data[cnt]);
98                 printk(KERN_DEBUG "[%d/%d].%s[%d]: %s\n",unit,slot, info, i, buf);
99         }
100 }
101
102 /*
103  * unbind isdn_net_local <=> ippp-device
104  * note: it can happen, that we hangup/free the master before the slaves
105  *       in this case we bind another lp to the master device
106  */
107 int
108 isdn_ppp_free(isdn_net_local * lp)
109 {
110         struct ippp_struct *is;
111
112         if (lp->ppp_slot < 0 || lp->ppp_slot > ISDN_MAX_CHANNELS) {
113                 printk(KERN_ERR "%s: ppp_slot(%d) out of range\n",
114                         __FUNCTION__, lp->ppp_slot);
115                 return 0;
116         }
117
118 #ifdef CONFIG_ISDN_MPP
119         spin_lock(&lp->netdev->pb->lock);
120 #endif
121         isdn_net_rm_from_bundle(lp);
122 #ifdef CONFIG_ISDN_MPP
123         if (lp->netdev->pb->ref_ct == 1)        /* last link in queue? */
124                 isdn_ppp_mp_cleanup(lp);
125
126         lp->netdev->pb->ref_ct--;
127         spin_unlock(&lp->netdev->pb->lock);
128 #endif /* CONFIG_ISDN_MPP */
129         if (lp->ppp_slot < 0 || lp->ppp_slot > ISDN_MAX_CHANNELS) {
130                 printk(KERN_ERR "%s: ppp_slot(%d) now invalid\n",
131                         __FUNCTION__, lp->ppp_slot);
132                 return 0;
133         }
134         is = ippp_table[lp->ppp_slot];
135         if ((is->state & IPPP_CONNECT))
136                 isdn_ppp_closewait(lp->ppp_slot);       /* force wakeup on ippp device */
137         else if (is->state & IPPP_ASSIGNED)
138                 is->state = IPPP_OPEN;  /* fallback to 'OPEN but not ASSIGNED' state */
139
140         if (is->debug & 0x1)
141                 printk(KERN_DEBUG "isdn_ppp_free %d %lx %lx\n", lp->ppp_slot, (long) lp, (long) is->lp);
142
143         is->lp = NULL;          /* link is down .. set lp to NULL */
144         lp->ppp_slot = -1;      /* is this OK ?? */
145
146         return 0;
147 }
148
149 /*
150  * bind isdn_net_local <=> ippp-device
151  *
152  * This function is allways called with holding dev->lock so
153  * no additional lock is needed
154  */
155 int
156 isdn_ppp_bind(isdn_net_local * lp)
157 {
158         int i;
159         int unit = 0;
160         struct ippp_struct *is;
161         int retval;
162
163         if (lp->pppbind < 0) {  /* device bounded to ippp device ? */
164                 isdn_net_dev *net_dev = dev->netdev;
165                 char exclusive[ISDN_MAX_CHANNELS];      /* exclusive flags */
166                 memset(exclusive, 0, ISDN_MAX_CHANNELS);
167                 while (net_dev) {       /* step through net devices to find exclusive minors */
168                         isdn_net_local *lp = net_dev->local;
169                         if (lp->pppbind >= 0)
170                                 exclusive[lp->pppbind] = 1;
171                         net_dev = net_dev->next;
172                 }
173                 /*
174                  * search a free device / slot
175                  */
176                 for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
177                         if (ippp_table[i]->state == IPPP_OPEN && !exclusive[ippp_table[i]->minor]) {    /* OPEN, but not connected! */
178                                 break;
179                         }
180                 }
181         } else {
182                 for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
183                         if (ippp_table[i]->minor == lp->pppbind &&
184                             (ippp_table[i]->state & IPPP_OPEN) == IPPP_OPEN)
185                                 break;
186                 }
187         }
188
189         if (i >= ISDN_MAX_CHANNELS) {
190                 printk(KERN_WARNING "isdn_ppp_bind: Can't find a (free) connection to the ipppd daemon.\n");
191                 retval = -1;
192                 goto out;
193         }
194         unit = isdn_ppp_if_get_unit(lp->name);  /* get unit number from interface name .. ugly! */
195         if (unit < 0) {
196                 printk(KERN_ERR "isdn_ppp_bind: illegal interface name %s.\n", lp->name);
197                 retval = -1;
198                 goto out;
199         }
200         
201         lp->ppp_slot = i;
202         is = ippp_table[i];
203         is->lp = lp;
204         is->unit = unit;
205         is->state = IPPP_OPEN | IPPP_ASSIGNED;  /* assigned to a netdevice but not connected */
206 #ifdef CONFIG_ISDN_MPP
207         retval = isdn_ppp_mp_init(lp, NULL);
208         if (retval < 0)
209                 goto out;
210 #endif /* CONFIG_ISDN_MPP */
211
212         retval = lp->ppp_slot;
213
214  out:
215         return retval;
216 }
217
218 /*
219  * kick the ipppd on the device
220  * (wakes up daemon after B-channel connect)
221  */
222
223 void
224 isdn_ppp_wakeup_daemon(isdn_net_local * lp)
225 {
226         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
227                 printk(KERN_ERR "%s: ppp_slot(%d) out of range\n",
228                         __FUNCTION__, lp->ppp_slot);
229                 return;
230         }
231         ippp_table[lp->ppp_slot]->state = IPPP_OPEN | IPPP_CONNECT | IPPP_NOBLOCK;
232         wake_up_interruptible(&ippp_table[lp->ppp_slot]->wq);
233 }
234
235 /*
236  * there was a hangup on the netdevice
237  * force wakeup of the ippp device
238  * go into 'device waits for release' state
239  */
240 static int
241 isdn_ppp_closewait(int slot)
242 {
243         struct ippp_struct *is;
244
245         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
246                 printk(KERN_ERR "%s: slot(%d) out of range\n",
247                         __FUNCTION__, slot);
248                 return 0;
249         }
250         is = ippp_table[slot];
251         if (is->state)
252                 wake_up_interruptible(&is->wq);
253         is->state = IPPP_CLOSEWAIT;
254         return 1;
255 }
256
257 /*
258  * isdn_ppp_find_slot / isdn_ppp_free_slot
259  */
260
261 static int
262 isdn_ppp_get_slot(void)
263 {
264         int i;
265         for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
266                 if (!ippp_table[i]->state)
267                         return i;
268         }
269         return -1;
270 }
271
272 /*
273  * isdn_ppp_open
274  */
275
276 int
277 isdn_ppp_open(int min, struct file *file)
278 {
279         int slot;
280         struct ippp_struct *is;
281
282         if (min < 0 || min > ISDN_MAX_CHANNELS)
283                 return -ENODEV;
284
285         slot = isdn_ppp_get_slot();
286         if (slot < 0) {
287                 return -EBUSY;
288         }
289         is = file->private_data = ippp_table[slot];
290         
291         printk(KERN_DEBUG "ippp, open, slot: %d, minor: %d, state: %04x\n",
292                slot, min, is->state);
293
294         /* compression stuff */
295         is->link_compressor   = is->compressor = NULL;
296         is->link_decompressor = is->decompressor = NULL;
297         is->link_comp_stat    = is->comp_stat = NULL;
298         is->link_decomp_stat  = is->decomp_stat = NULL;
299         is->compflags = 0;
300
301         is->reset = isdn_ppp_ccp_reset_alloc(is);
302
303         is->lp = NULL;
304         is->mp_seqno = 0;       /* MP sequence number */
305         is->pppcfg = 0;         /* ppp configuration */
306         is->mpppcfg = 0;        /* mppp configuration */
307         is->last_link_seqno = -1;       /* MP: maybe set to Bundle-MIN, when joining a bundle ?? */
308         is->unit = -1;          /* set, when we have our interface */
309         is->mru = 1524;         /* MRU, default 1524 */
310         is->maxcid = 16;        /* VJ: maxcid */
311         is->tk = current;
312         init_waitqueue_head(&is->wq);
313         is->first = is->rq + NUM_RCV_BUFFS - 1; /* receive queue */
314         is->last = is->rq;
315         is->minor = min;
316 #ifdef CONFIG_ISDN_PPP_VJ
317         /*
318          * VJ header compression init
319          */
320         is->slcomp = slhc_init(16, 16); /* not necessary for 2. link in bundle */
321 #endif
322 #ifdef CONFIG_IPPP_FILTER
323         is->pass_filter = NULL;
324         is->active_filter = NULL;
325 #endif
326         is->state = IPPP_OPEN;
327
328         return 0;
329 }
330
331 /*
332  * release ippp device
333  */
334 void
335 isdn_ppp_release(int min, struct file *file)
336 {
337         int i;
338         struct ippp_struct *is;
339
340         if (min < 0 || min >= ISDN_MAX_CHANNELS)
341                 return;
342         is = file->private_data;
343
344         if (!is) {
345                 printk(KERN_ERR "%s: no file->private_data\n", __FUNCTION__);
346                 return;
347         }
348         if (is->debug & 0x1)
349                 printk(KERN_DEBUG "ippp: release, minor: %d %lx\n", min, (long) is->lp);
350
351         if (is->lp) {           /* a lp address says: this link is still up */
352                 isdn_net_dev *p = is->lp->netdev;
353
354                 if (!p) {
355                         printk(KERN_ERR "%s: no lp->netdev\n", __FUNCTION__);
356                         return;
357                 }
358                 is->state &= ~IPPP_CONNECT;     /* -> effect: no call of wakeup */
359                 /*
360                  * isdn_net_hangup() calls isdn_ppp_free()
361                  * isdn_ppp_free() sets is->lp to NULL and lp->ppp_slot to -1
362                  * removing the IPPP_CONNECT flag omits calling of isdn_ppp_wakeup_daemon()
363                  */
364                 isdn_net_hangup(&p->dev);
365         }
366         for (i = 0; i < NUM_RCV_BUFFS; i++) {
367                 if (is->rq[i].buf) {
368                         kfree(is->rq[i].buf);
369                         is->rq[i].buf = NULL;
370                 }
371         }
372         is->first = is->rq + NUM_RCV_BUFFS - 1; /* receive queue */
373         is->last = is->rq;
374
375 #ifdef CONFIG_ISDN_PPP_VJ
376 /* TODO: if this was the previous master: link the slcomp to the new master */
377         slhc_free(is->slcomp);
378         is->slcomp = NULL;
379 #endif
380 #ifdef CONFIG_IPPP_FILTER
381         if (is->pass_filter) {
382                 kfree(is->pass_filter);
383                 is->pass_filter = NULL;
384         }
385         if (is->active_filter) {
386                 kfree(is->active_filter);
387                 is->active_filter = NULL;
388         }
389 #endif
390
391 /* TODO: if this was the previous master: link the stuff to the new master */
392         if(is->comp_stat)
393                 is->compressor->free(is->comp_stat);
394         if(is->link_comp_stat)
395                 is->link_compressor->free(is->link_comp_stat);
396         if(is->link_decomp_stat)
397                 is->link_decompressor->free(is->link_decomp_stat);
398         if(is->decomp_stat)
399                 is->decompressor->free(is->decomp_stat);
400         is->compressor   = is->link_compressor   = NULL;
401         is->decompressor = is->link_decompressor = NULL;
402         is->comp_stat    = is->link_comp_stat    = NULL;
403         is->decomp_stat  = is->link_decomp_stat  = NULL;
404
405         /* Clean up if necessary */
406         if(is->reset)
407                 isdn_ppp_ccp_reset_free(is);
408
409         /* this slot is ready for new connections */
410         is->state = 0;
411 }
412
413 /*
414  * get_arg .. ioctl helper
415  */
416 static int
417 get_arg(void __user *b, void *val, int len)
418 {
419         if (len <= 0)
420                 len = sizeof(void *);
421         if (copy_from_user(val, b, len))
422                 return -EFAULT;
423         return 0;
424 }
425
426 /*
427  * set arg .. ioctl helper
428  */
429 static int
430 set_arg(void __user *b, void *val,int len)
431 {
432         if(len <= 0)
433                 len = sizeof(void *);
434         if (copy_to_user(b, val, len))
435                 return -EFAULT;
436         return 0;
437 }
438
439 static int get_filter(void __user *arg, struct sock_filter **p)
440 {
441         struct sock_fprog uprog;
442         struct sock_filter *code = NULL;
443         int len, err;
444
445         if (copy_from_user(&uprog, arg, sizeof(uprog)))
446                 return -EFAULT;
447
448         if (!uprog.len) {
449                 *p = NULL;
450                 return 0;
451         }
452
453         /* uprog.len is unsigned short, so no overflow here */
454         len = uprog.len * sizeof(struct sock_filter);
455         code = kmalloc(len, GFP_KERNEL);
456         if (code == NULL)
457                 return -ENOMEM;
458
459         if (copy_from_user(code, uprog.filter, len)) {
460                 kfree(code);
461                 return -EFAULT;
462         }
463
464         err = sk_chk_filter(code, uprog.len);
465         if (err) {
466                 kfree(code);
467                 return err;
468         }
469
470         *p = code;
471         return uprog.len;
472 }
473
474 /*
475  * ippp device ioctl
476  */
477 int
478 isdn_ppp_ioctl(int min, struct file *file, unsigned int cmd, unsigned long arg)
479 {
480         unsigned long val;
481         int r,i,j;
482         struct ippp_struct *is;
483         isdn_net_local *lp;
484         struct isdn_ppp_comp_data data;
485         void __user *argp = (void __user *)arg;
486
487         is = (struct ippp_struct *) file->private_data;
488         lp = is->lp;
489
490         if (is->debug & 0x1)
491                 printk(KERN_DEBUG "isdn_ppp_ioctl: minor: %d cmd: %x state: %x\n", min, cmd, is->state);
492
493         if (!(is->state & IPPP_OPEN))
494                 return -EINVAL;
495
496         switch (cmd) {
497                 case PPPIOCBUNDLE:
498 #ifdef CONFIG_ISDN_MPP
499                         if (!(is->state & IPPP_CONNECT))
500                                 return -EINVAL;
501                         if ((r = get_arg(argp, &val, sizeof(val) )))
502                                 return r;
503                         printk(KERN_DEBUG "iPPP-bundle: minor: %d, slave unit: %d, master unit: %d\n",
504                                (int) min, (int) is->unit, (int) val);
505                         return isdn_ppp_bundle(is, val);
506 #else
507                         return -1;
508 #endif
509                         break;
510                 case PPPIOCGUNIT:       /* get ppp/isdn unit number */
511                         if ((r = set_arg(argp, &is->unit, sizeof(is->unit) )))
512                                 return r;
513                         break;
514                 case PPPIOCGIFNAME:
515                         if(!lp)
516                                 return -EINVAL;
517                         if ((r = set_arg(argp, lp->name, strlen(lp->name))))
518                                 return r;
519                         break;
520                 case PPPIOCGMPFLAGS:    /* get configuration flags */
521                         if ((r = set_arg(argp, &is->mpppcfg, sizeof(is->mpppcfg) )))
522                                 return r;
523                         break;
524                 case PPPIOCSMPFLAGS:    /* set configuration flags */
525                         if ((r = get_arg(argp, &val, sizeof(val) )))
526                                 return r;
527                         is->mpppcfg = val;
528                         break;
529                 case PPPIOCGFLAGS:      /* get configuration flags */
530                         if ((r = set_arg(argp, &is->pppcfg,sizeof(is->pppcfg) )))
531                                 return r;
532                         break;
533                 case PPPIOCSFLAGS:      /* set configuration flags */
534                         if ((r = get_arg(argp, &val, sizeof(val) ))) {
535                                 return r;
536                         }
537                         if (val & SC_ENABLE_IP && !(is->pppcfg & SC_ENABLE_IP) && (is->state & IPPP_CONNECT)) {
538                                 if (lp) {
539                                         /* OK .. we are ready to send buffers */
540                                         is->pppcfg = val; /* isdn_ppp_xmit test for SC_ENABLE_IP !!! */
541                                         netif_wake_queue(&lp->netdev->dev);
542                                         break;
543                                 }
544                         }
545                         is->pppcfg = val;
546                         break;
547                 case PPPIOCGIDLE:       /* get idle time information */
548                         if (lp) {
549                                 struct ppp_idle pidle;
550                                 pidle.xmit_idle = pidle.recv_idle = lp->huptimer;
551                                 if ((r = set_arg(argp, &pidle,sizeof(struct ppp_idle))))
552                                          return r;
553                         }
554                         break;
555                 case PPPIOCSMRU:        /* set receive unit size for PPP */
556                         if ((r = get_arg(argp, &val, sizeof(val) )))
557                                 return r;
558                         is->mru = val;
559                         break;
560                 case PPPIOCSMPMRU:
561                         break;
562                 case PPPIOCSMPMTU:
563                         break;
564                 case PPPIOCSMAXCID:     /* set the maximum compression slot id */
565                         if ((r = get_arg(argp, &val, sizeof(val) )))
566                                 return r;
567                         val++;
568                         if (is->maxcid != val) {
569 #ifdef CONFIG_ISDN_PPP_VJ
570                                 struct slcompress *sltmp;
571 #endif
572                                 if (is->debug & 0x1)
573                                         printk(KERN_DEBUG "ippp, ioctl: changed MAXCID to %ld\n", val);
574                                 is->maxcid = val;
575 #ifdef CONFIG_ISDN_PPP_VJ
576                                 sltmp = slhc_init(16, val);
577                                 if (!sltmp) {
578                                         printk(KERN_ERR "ippp, can't realloc slhc struct\n");
579                                         return -ENOMEM;
580                                 }
581                                 if (is->slcomp)
582                                         slhc_free(is->slcomp);
583                                 is->slcomp = sltmp;
584 #endif
585                         }
586                         break;
587                 case PPPIOCGDEBUG:
588                         if ((r = set_arg(argp, &is->debug, sizeof(is->debug) )))
589                                 return r;
590                         break;
591                 case PPPIOCSDEBUG:
592                         if ((r = get_arg(argp, &val, sizeof(val) )))
593                                 return r;
594                         is->debug = val;
595                         break;
596                 case PPPIOCGCOMPRESSORS:
597                         {
598                                 unsigned long protos[8] = {0,};
599                                 struct isdn_ppp_compressor *ipc = ipc_head;
600                                 while(ipc) {
601                                         j = ipc->num / (sizeof(long)*8);
602                                         i = ipc->num % (sizeof(long)*8);
603                                         if(j < 8)
604                                                 protos[j] |= (0x1<<i);
605                                         ipc = ipc->next;
606                                 }
607                                 if ((r = set_arg(argp,protos,8*sizeof(long) )))
608                                         return r;
609                         }
610                         break;
611                 case PPPIOCSCOMPRESSOR:
612                         if ((r = get_arg(argp, &data, sizeof(struct isdn_ppp_comp_data))))
613                                 return r;
614                         return isdn_ppp_set_compressor(is, &data);
615                 case PPPIOCGCALLINFO:
616                         {
617                                 struct pppcallinfo pci;
618                                 memset((char *) &pci,0,sizeof(struct pppcallinfo));
619                                 if(lp)
620                                 {
621                                         strncpy(pci.local_num,lp->msn,63);
622                                         if(lp->dial) {
623                                                 strncpy(pci.remote_num,lp->dial->num,63);
624                                         }
625                                         pci.charge_units = lp->charge;
626                                         if(lp->outgoing)
627                                                 pci.calltype = CALLTYPE_OUTGOING;
628                                         else
629                                                 pci.calltype = CALLTYPE_INCOMING;
630                                         if(lp->flags & ISDN_NET_CALLBACK)
631                                                 pci.calltype |= CALLTYPE_CALLBACK;
632                                 }
633                                 return set_arg(argp,&pci,sizeof(struct pppcallinfo));
634                         }
635 #ifdef CONFIG_IPPP_FILTER
636                 case PPPIOCSPASS:
637                         {
638                                 struct sock_filter *code;
639                                 int len = get_filter(argp, &code);
640                                 if (len < 0)
641                                         return len;
642                                 kfree(is->pass_filter);
643                                 is->pass_filter = code;
644                                 is->pass_len = len;
645                                 break;
646                         }
647                 case PPPIOCSACTIVE:
648                         {
649                                 struct sock_filter *code;
650                                 int len = get_filter(argp, &code);
651                                 if (len < 0)
652                                         return len;
653                                 kfree(is->active_filter);
654                                 is->active_filter = code;
655                                 is->active_len = len;
656                                 break;
657                         }
658 #endif /* CONFIG_IPPP_FILTER */
659                 default:
660                         break;
661         }
662         return 0;
663 }
664
665 unsigned int
666 isdn_ppp_poll(struct file *file, poll_table * wait)
667 {
668         u_int mask;
669         struct ippp_buf_queue *bf, *bl;
670         u_long flags;
671         struct ippp_struct *is;
672
673         is = file->private_data;
674
675         if (is->debug & 0x2)
676                 printk(KERN_DEBUG "isdn_ppp_poll: minor: %d\n",
677                                 MINOR(file->f_dentry->d_inode->i_rdev));
678
679         /* just registers wait_queue hook. This doesn't really wait. */
680         poll_wait(file, &is->wq, wait);
681
682         if (!(is->state & IPPP_OPEN)) {
683                 if(is->state == IPPP_CLOSEWAIT)
684                         return POLLHUP;
685                 printk(KERN_DEBUG "isdn_ppp: device not open\n");
686                 return POLLERR;
687         }
688         /* we're always ready to send .. */
689         mask = POLLOUT | POLLWRNORM;
690
691         spin_lock_irqsave(&is->buflock, flags);
692         bl = is->last;
693         bf = is->first;
694         /*
695          * if IPPP_NOBLOCK is set we return even if we have nothing to read
696          */
697         if (bf->next != bl || (is->state & IPPP_NOBLOCK)) {
698                 is->state &= ~IPPP_NOBLOCK;
699                 mask |= POLLIN | POLLRDNORM;
700         }
701         spin_unlock_irqrestore(&is->buflock, flags);
702         return mask;
703 }
704
705 /*
706  *  fill up isdn_ppp_read() queue ..
707  */
708
709 static int
710 isdn_ppp_fill_rq(unsigned char *buf, int len, int proto, int slot)
711 {
712         struct ippp_buf_queue *bf, *bl;
713         u_long flags;
714         u_char *nbuf;
715         struct ippp_struct *is;
716
717         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
718                 printk(KERN_WARNING "ippp: illegal slot(%d).\n", slot);
719                 return 0;
720         }
721         is = ippp_table[slot];
722
723         if (!(is->state & IPPP_CONNECT)) {
724                 printk(KERN_DEBUG "ippp: device not activated.\n");
725                 return 0;
726         }
727         nbuf = (unsigned char *) kmalloc(len + 4, GFP_ATOMIC);
728         if (!nbuf) {
729                 printk(KERN_WARNING "ippp: Can't alloc buf\n");
730                 return 0;
731         }
732         nbuf[0] = PPP_ALLSTATIONS;
733         nbuf[1] = PPP_UI;
734         nbuf[2] = proto >> 8;
735         nbuf[3] = proto & 0xff;
736         memcpy(nbuf + 4, buf, len);
737
738         spin_lock_irqsave(&is->buflock, flags);
739         bf = is->first;
740         bl = is->last;
741
742         if (bf == bl) {
743                 printk(KERN_WARNING "ippp: Queue is full; discarding first buffer\n");
744                 bf = bf->next;
745                 kfree(bf->buf);
746                 is->first = bf;
747         }
748         bl->buf = (char *) nbuf;
749         bl->len = len + 4;
750
751         is->last = bl->next;
752         spin_unlock_irqrestore(&is->buflock, flags);
753         wake_up_interruptible(&is->wq);
754         return len;
755 }
756
757 /*
758  * read() .. non-blocking: ipppd calls it only after select()
759  *           reports, that there is data
760  */
761
762 int
763 isdn_ppp_read(int min, struct file *file, char __user *buf, int count)
764 {
765         struct ippp_struct *is;
766         struct ippp_buf_queue *b;
767         u_long flags;
768         u_char *save_buf;
769
770         is = file->private_data;
771
772         if (!(is->state & IPPP_OPEN))
773                 return 0;
774
775         if (!access_ok(VERIFY_WRITE, buf, count))
776                 return -EFAULT;
777
778         spin_lock_irqsave(&is->buflock, flags);
779         b = is->first->next;
780         save_buf = b->buf;
781         if (!save_buf) {
782                 spin_unlock_irqrestore(&is->buflock, flags);
783                 return -EAGAIN;
784         }
785         if (b->len < count)
786                 count = b->len;
787         b->buf = NULL;
788         is->first = b;
789
790         spin_unlock_irqrestore(&is->buflock, flags);
791         copy_to_user(buf, save_buf, count);
792         kfree(save_buf);
793
794         return count;
795 }
796
797 /*
798  * ipppd wanna write a packet to the card .. non-blocking
799  */
800
801 int
802 isdn_ppp_write(int min, struct file *file, const char __user *buf, int count)
803 {
804         isdn_net_local *lp;
805         struct ippp_struct *is;
806         int proto;
807         unsigned char protobuf[4];
808
809         is = file->private_data;
810
811         if (!(is->state & IPPP_CONNECT))
812                 return 0;
813
814         lp = is->lp;
815
816         /* -> push it directly to the lowlevel interface */
817
818         if (!lp)
819                 printk(KERN_DEBUG "isdn_ppp_write: lp == NULL\n");
820         else {
821                 /*
822                  * Don't reset huptimer for
823                  * LCP packets. (Echo requests).
824                  */
825                 if (copy_from_user(protobuf, buf, 4))
826                         return -EFAULT;
827                 proto = PPP_PROTOCOL(protobuf);
828                 if (proto != PPP_LCP)
829                         lp->huptimer = 0;
830
831                 if (lp->isdn_device < 0 || lp->isdn_channel < 0)
832                         return 0;
833
834                 if ((dev->drv[lp->isdn_device]->flags & DRV_FLAG_RUNNING) &&
835                         lp->dialstate == 0 &&
836                     (lp->flags & ISDN_NET_CONNECTED)) {
837                         unsigned short hl;
838                         struct sk_buff *skb;
839                         /*
840                          * we need to reserve enought space in front of
841                          * sk_buff. old call to dev_alloc_skb only reserved
842                          * 16 bytes, now we are looking what the driver want
843                          */
844                         hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen;
845                         skb = alloc_skb(hl+count, GFP_ATOMIC);
846                         if (!skb) {
847                                 printk(KERN_WARNING "isdn_ppp_write: out of memory!\n");
848                                 return count;
849                         }
850                         skb_reserve(skb, hl);
851                         if (copy_from_user(skb_put(skb, count), buf, count))
852                         {
853                                 kfree_skb(skb);
854                                 return -EFAULT;
855                         }
856                         if (is->debug & 0x40) {
857                                 printk(KERN_DEBUG "ppp xmit: len %d\n", (int) skb->len);
858                                 isdn_ppp_frame_log("xmit", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
859                         }
860
861                         isdn_ppp_send_ccp(lp->netdev,lp,skb); /* keeps CCP/compression states in sync */
862
863                         isdn_net_write_super(lp, skb);
864                 }
865         }
866         return count;
867 }
868
869 /*
870  * init memory, structures etc.
871  */
872
873 int
874 isdn_ppp_init(void)
875 {
876         int i,
877          j;
878          
879 #ifdef CONFIG_ISDN_MPP
880         if( isdn_ppp_mp_bundle_array_init() < 0 )
881                 return -ENOMEM;
882 #endif /* CONFIG_ISDN_MPP */
883
884         for (i = 0; i < ISDN_MAX_CHANNELS; i++) {
885                 if (!(ippp_table[i] = (struct ippp_struct *)
886                       kmalloc(sizeof(struct ippp_struct), GFP_KERNEL))) {
887                         printk(KERN_WARNING "isdn_ppp_init: Could not alloc ippp_table\n");
888                         for (j = 0; j < i; j++)
889                                 kfree(ippp_table[j]);
890                         return -1;
891                 }
892                 memset((char *) ippp_table[i], 0, sizeof(struct ippp_struct));
893                 spin_lock_init(&ippp_table[i]->buflock);
894                 ippp_table[i]->state = 0;
895                 ippp_table[i]->first = ippp_table[i]->rq + NUM_RCV_BUFFS - 1;
896                 ippp_table[i]->last = ippp_table[i]->rq;
897
898                 for (j = 0; j < NUM_RCV_BUFFS; j++) {
899                         ippp_table[i]->rq[j].buf = NULL;
900                         ippp_table[i]->rq[j].last = ippp_table[i]->rq +
901                             (NUM_RCV_BUFFS + j - 1) % NUM_RCV_BUFFS;
902                         ippp_table[i]->rq[j].next = ippp_table[i]->rq + (j + 1) % NUM_RCV_BUFFS;
903                 }
904         }
905         return 0;
906 }
907
908 void
909 isdn_ppp_cleanup(void)
910 {
911         int i;
912
913         for (i = 0; i < ISDN_MAX_CHANNELS; i++)
914                 kfree(ippp_table[i]);
915
916 #ifdef CONFIG_ISDN_MPP
917         if (isdn_ppp_bundle_arr)
918                 kfree(isdn_ppp_bundle_arr);
919 #endif /* CONFIG_ISDN_MPP */
920
921 }
922
923 /*
924  * check for address/control field and skip if allowed
925  * retval != 0 -> discard packet silently
926  */
927 static int isdn_ppp_skip_ac(struct ippp_struct *is, struct sk_buff *skb) 
928 {
929         if (skb->len < 1)
930                 return -1;
931
932         if (skb->data[0] == 0xff) {
933                 if (skb->len < 2)
934                         return -1;
935
936                 if (skb->data[1] != 0x03)
937                         return -1;
938
939                 // skip address/control (AC) field
940                 skb_pull(skb, 2);
941         } else { 
942                 if (is->pppcfg & SC_REJ_COMP_AC)
943                         // if AC compression was not negotiated, but used, discard packet
944                         return -1;
945         }
946         return 0;
947 }
948
949 /*
950  * get the PPP protocol header and pull skb
951  * retval < 0 -> discard packet silently
952  */
953 static int isdn_ppp_strip_proto(struct sk_buff *skb) 
954 {
955         int proto;
956         
957         if (skb->len < 1)
958                 return -1;
959
960         if (skb->data[0] & 0x1) {
961                 // protocol field is compressed
962                 proto = skb->data[0];
963                 skb_pull(skb, 1);
964         } else {
965                 if (skb->len < 2)
966                         return -1;
967                 proto = ((int) skb->data[0] << 8) + skb->data[1];
968                 skb_pull(skb, 2);
969         }
970         return proto;
971 }
972
973
974 /*
975  * handler for incoming packets on a syncPPP interface
976  */
977 void isdn_ppp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, struct sk_buff *skb)
978 {
979         struct ippp_struct *is;
980         int slot;
981         int proto;
982
983         if (net_dev->local->master)
984                 BUG(); // we're called with the master device always
985
986         slot = lp->ppp_slot;
987         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
988                 printk(KERN_ERR "isdn_ppp_receive: lp->ppp_slot(%d)\n",
989                         lp->ppp_slot);
990                 kfree_skb(skb);
991                 return;
992         }
993         is = ippp_table[slot];
994
995         if (is->debug & 0x4) {
996                 printk(KERN_DEBUG "ippp_receive: is:%08lx lp:%08lx slot:%d unit:%d len:%d\n",
997                        (long)is,(long)lp,lp->ppp_slot,is->unit,(int) skb->len);
998                 isdn_ppp_frame_log("receive", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
999         }
1000
1001         if (isdn_ppp_skip_ac(is, skb) < 0) {
1002                 kfree_skb(skb);
1003                 return;
1004         }
1005         proto = isdn_ppp_strip_proto(skb);
1006         if (proto < 0) {
1007                 kfree_skb(skb);
1008                 return;
1009         }
1010   
1011 #ifdef CONFIG_ISDN_MPP
1012         if (is->compflags & SC_LINK_DECOMP_ON) {
1013                 skb = isdn_ppp_decompress(skb, is, NULL, &proto);
1014                 if (!skb) // decompression error
1015                         return;
1016         }
1017         
1018         if (!(is->mpppcfg & SC_REJ_MP_PROT)) { // we agreed to receive MPPP
1019                 if (proto == PPP_MP) {
1020                         isdn_ppp_mp_receive(net_dev, lp, skb);
1021                         return;
1022                 }
1023         } 
1024 #endif
1025         isdn_ppp_push_higher(net_dev, lp, skb, proto);
1026 }
1027
1028 /*
1029  * we receive a reassembled frame, MPPP has been taken care of before.
1030  * address/control and protocol have been stripped from the skb
1031  * note: net_dev has to be master net_dev
1032  */
1033 static void
1034 isdn_ppp_push_higher(isdn_net_dev * net_dev, isdn_net_local * lp, struct sk_buff *skb, int proto)
1035 {
1036         struct net_device *dev = &net_dev->dev;
1037         struct ippp_struct *is, *mis;
1038         isdn_net_local *mlp = NULL;
1039         int slot;
1040
1041         slot = lp->ppp_slot;
1042         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1043                 printk(KERN_ERR "isdn_ppp_push_higher: lp->ppp_slot(%d)\n",
1044                         lp->ppp_slot);
1045                 goto drop_packet;
1046         }
1047         is = ippp_table[slot];
1048         
1049         if (lp->master) { // FIXME?
1050                 mlp = (isdn_net_local *) lp->master->priv;
1051                 slot = mlp->ppp_slot;
1052                 if (slot < 0 || slot > ISDN_MAX_CHANNELS) {
1053                         printk(KERN_ERR "isdn_ppp_push_higher: master->ppp_slot(%d)\n",
1054                                 lp->ppp_slot);
1055                         goto drop_packet;
1056                 }
1057         }
1058         mis = ippp_table[slot];
1059
1060         if (is->debug & 0x10) {
1061                 printk(KERN_DEBUG "push, skb %d %04x\n", (int) skb->len, proto);
1062                 isdn_ppp_frame_log("rpush", skb->data, skb->len, 32,is->unit,lp->ppp_slot);
1063         }
1064         if (mis->compflags & SC_DECOMP_ON) {
1065                 skb = isdn_ppp_decompress(skb, is, mis, &proto);
1066                 if (!skb) // decompression error
1067                         return;
1068         }
1069         switch (proto) {
1070                 case PPP_IPX:  /* untested */
1071                         if (is->debug & 0x20)
1072                                 printk(KERN_DEBUG "isdn_ppp: IPX\n");
1073                         skb->protocol = htons(ETH_P_IPX);
1074                         break;
1075                 case PPP_IP:
1076                         if (is->debug & 0x20)
1077                                 printk(KERN_DEBUG "isdn_ppp: IP\n");
1078                         skb->protocol = htons(ETH_P_IP);
1079                         break;
1080                 case PPP_COMP:
1081                 case PPP_COMPFRAG:
1082                         printk(KERN_INFO "isdn_ppp: unexpected compressed frame dropped\n");
1083                         goto drop_packet;
1084 #ifdef CONFIG_ISDN_PPP_VJ
1085                 case PPP_VJC_UNCOMP:
1086                         if (is->debug & 0x20)
1087                                 printk(KERN_DEBUG "isdn_ppp: VJC_UNCOMP\n");
1088                         if (net_dev->local->ppp_slot < 0) {
1089                                 printk(KERN_ERR "%s: net_dev->local->ppp_slot(%d) out of range\n",
1090                                         __FUNCTION__, net_dev->local->ppp_slot);
1091                                 goto drop_packet;
1092                         }
1093                         if (slhc_remember(ippp_table[net_dev->local->ppp_slot]->slcomp, skb->data, skb->len) <= 0) {
1094                                 printk(KERN_WARNING "isdn_ppp: received illegal VJC_UNCOMP frame!\n");
1095                                 goto drop_packet;
1096                         }
1097                         skb->protocol = htons(ETH_P_IP);
1098                         break;
1099                 case PPP_VJC_COMP:
1100                         if (is->debug & 0x20)
1101                                 printk(KERN_DEBUG "isdn_ppp: VJC_COMP\n");
1102                         {
1103                                 struct sk_buff *skb_old = skb;
1104                                 int pkt_len;
1105                                 skb = dev_alloc_skb(skb_old->len + 128);
1106
1107                                 if (!skb) {
1108                                         printk(KERN_WARNING "%s: Memory squeeze, dropping packet.\n", dev->name);
1109                                         skb = skb_old;
1110                                         goto drop_packet;
1111                                 }
1112                                 skb_put(skb, skb_old->len + 128);
1113                                 memcpy(skb->data, skb_old->data, skb_old->len);
1114                                 if (net_dev->local->ppp_slot < 0) {
1115                                         printk(KERN_ERR "%s: net_dev->local->ppp_slot(%d) out of range\n",
1116                                                 __FUNCTION__, net_dev->local->ppp_slot);
1117                                         goto drop_packet;
1118                                 }
1119                                 pkt_len = slhc_uncompress(ippp_table[net_dev->local->ppp_slot]->slcomp,
1120                                                 skb->data, skb_old->len);
1121                                 kfree_skb(skb_old);
1122                                 if (pkt_len < 0)
1123                                         goto drop_packet;
1124
1125                                 skb_trim(skb, pkt_len);
1126                                 skb->protocol = htons(ETH_P_IP);
1127                         }
1128                         break;
1129 #endif
1130                 case PPP_CCP:
1131                 case PPP_CCPFRAG:
1132                         isdn_ppp_receive_ccp(net_dev,lp,skb,proto);
1133                         /* Dont pop up ResetReq/Ack stuff to the daemon any
1134                            longer - the job is done already */
1135                         if(skb->data[0] == CCP_RESETREQ ||
1136                            skb->data[0] == CCP_RESETACK)
1137                                 break;
1138                         /* fall through */
1139                 default:
1140                         isdn_ppp_fill_rq(skb->data, skb->len, proto, lp->ppp_slot);     /* push data to pppd device */
1141                         kfree_skb(skb);
1142                         return;
1143         }
1144
1145 #ifdef CONFIG_IPPP_FILTER
1146         /* check if the packet passes the pass and active filters
1147          * the filter instructions are constructed assuming
1148          * a four-byte PPP header on each packet (which is still present) */
1149         skb_push(skb, 4);
1150
1151         {
1152                 u_int16_t *p = (u_int16_t *) skb->data;
1153
1154                 *p = 0; /* indicate inbound */
1155         }
1156
1157         if (is->pass_filter
1158             && sk_run_filter(skb, is->pass_filter, is->pass_len) == 0) {
1159                 if (is->debug & 0x2)
1160                         printk(KERN_DEBUG "IPPP: inbound frame filtered.\n");
1161                 kfree_skb(skb);
1162                 return;
1163         }
1164         if (!(is->active_filter
1165               && sk_run_filter(skb, is->active_filter,
1166                                is->active_len) == 0)) {
1167                 if (is->debug & 0x2)
1168                         printk(KERN_DEBUG "IPPP: link-active filter: reseting huptimer.\n");
1169                 lp->huptimer = 0;
1170                 if (mlp)
1171                         mlp->huptimer = 0;
1172         }
1173         skb_pull(skb, 4);
1174 #else /* CONFIG_IPPP_FILTER */
1175         lp->huptimer = 0;
1176         if (mlp)
1177                 mlp->huptimer = 0;
1178 #endif /* CONFIG_IPPP_FILTER */
1179         skb->dev = dev;
1180         skb->mac.raw = skb->data;
1181         netif_rx(skb);
1182         /* net_dev->local->stats.rx_packets++; done in isdn_net.c */
1183         return;
1184
1185  drop_packet:
1186         net_dev->local->stats.rx_dropped++;
1187         kfree_skb(skb);
1188 }
1189
1190 /*
1191  * isdn_ppp_skb_push ..
1192  * checks whether we have enough space at the beginning of the skb
1193  * and allocs a new SKB if necessary
1194  */
1195 static unsigned char *isdn_ppp_skb_push(struct sk_buff **skb_p,int len)
1196 {
1197         struct sk_buff *skb = *skb_p;
1198
1199         if(skb_headroom(skb) < len) {
1200                 struct sk_buff *nskb = skb_realloc_headroom(skb, len);
1201
1202                 if (!nskb) {
1203                         printk(KERN_ERR "isdn_ppp_skb_push: can't realloc headroom!\n");
1204                         dev_kfree_skb(skb);
1205                         return NULL;
1206                 }
1207                 printk(KERN_DEBUG "isdn_ppp_skb_push:under %d %d\n",skb_headroom(skb),len);
1208                 dev_kfree_skb(skb);
1209                 *skb_p = nskb;
1210                 return skb_push(nskb, len);
1211         }
1212         return skb_push(skb,len);
1213 }
1214
1215 /*
1216  * send ppp frame .. we expect a PIDCOMPressable proto --
1217  *  (here: currently always PPP_IP,PPP_VJC_COMP,PPP_VJC_UNCOMP)
1218  *
1219  * VJ compression may change skb pointer!!! .. requeue with old
1220  * skb isn't allowed!!
1221  */
1222
1223 int
1224 isdn_ppp_xmit(struct sk_buff *skb, struct net_device *netdev)
1225 {
1226         isdn_net_local *lp,*mlp;
1227         isdn_net_dev *nd;
1228         unsigned int proto = PPP_IP;     /* 0x21 */
1229         struct ippp_struct *ipt,*ipts;
1230         int slot, retval = 0;
1231
1232         mlp = (isdn_net_local *) (netdev->priv);
1233         nd = mlp->netdev;       /* get master lp */
1234
1235         slot = mlp->ppp_slot;
1236         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
1237                 printk(KERN_ERR "isdn_ppp_xmit: lp->ppp_slot(%d)\n",
1238                         mlp->ppp_slot);
1239                 kfree_skb(skb);
1240                 goto out;
1241         }
1242         ipts = ippp_table[slot];
1243
1244         if (!(ipts->pppcfg & SC_ENABLE_IP)) {   /* PPP connected ? */
1245                 if (ipts->debug & 0x1)
1246                         printk(KERN_INFO "%s: IP frame delayed.\n", netdev->name);
1247                 retval = 1;
1248                 goto out;
1249         }
1250
1251         switch (ntohs(skb->protocol)) {
1252                 case ETH_P_IP:
1253                         proto = PPP_IP;
1254                         break;
1255                 case ETH_P_IPX:
1256                         proto = PPP_IPX;        /* untested */
1257                         break;
1258                 default:
1259                         printk(KERN_ERR "isdn_ppp: skipped unsupported protocol: %#x.\n", 
1260                                skb->protocol);
1261                         dev_kfree_skb(skb);
1262                         goto out;
1263         }
1264
1265         lp = isdn_net_get_locked_lp(nd);
1266         if (!lp) {
1267                 printk(KERN_WARNING "%s: all channels busy - requeuing!\n", netdev->name);
1268                 retval = 1;
1269                 goto out;
1270         }
1271         /* we have our lp locked from now on */
1272
1273         slot = lp->ppp_slot;
1274         if (slot < 0 || slot > ISDN_MAX_CHANNELS) {
1275                 printk(KERN_ERR "isdn_ppp_xmit: lp->ppp_slot(%d)\n",
1276                         lp->ppp_slot);
1277                 kfree_skb(skb);
1278                 goto unlock;
1279         }
1280         ipt = ippp_table[slot];
1281
1282         /*
1283          * after this line .. requeueing in the device queue is no longer allowed!!!
1284          */
1285
1286         /* Pull off the fake header we stuck on earlier to keep
1287          * the fragmentation code happy.
1288          */
1289         skb_pull(skb,IPPP_MAX_HEADER);
1290
1291 #ifdef CONFIG_IPPP_FILTER
1292         /* check if we should pass this packet
1293          * the filter instructions are constructed assuming
1294          * a four-byte PPP header on each packet */
1295         *skb_push(skb, 4) = 1; /* indicate outbound */
1296
1297         {
1298                 u_int16_t *p = (u_int16_t *) skb->data;
1299
1300                 p++;
1301                 *p   = htons(proto);
1302         }
1303
1304         if (ipt->pass_filter
1305             && sk_run_filter(skb, ipt->pass_filter, ipt->pass_len) == 0) {
1306                 if (ipt->debug & 0x4)
1307                         printk(KERN_DEBUG "IPPP: outbound frame filtered.\n");
1308                 kfree_skb(skb);
1309                 goto unlock;
1310         }
1311         if (!(ipt->active_filter
1312               && sk_run_filter(skb, ipt->active_filter,
1313                                ipt->active_len) == 0)) {
1314                 if (ipt->debug & 0x4)
1315                         printk(KERN_DEBUG "IPPP: link-active filter: reseting huptimer.\n");
1316                 lp->huptimer = 0;
1317         }
1318         skb_pull(skb, 4);
1319 #else /* CONFIG_IPPP_FILTER */
1320         lp->huptimer = 0;
1321 #endif /* CONFIG_IPPP_FILTER */
1322
1323         if (ipt->debug & 0x4)
1324                 printk(KERN_DEBUG "xmit skb, len %d\n", (int) skb->len);
1325         if (ipts->debug & 0x40)
1326                 isdn_ppp_frame_log("xmit0", skb->data, skb->len, 32,ipts->unit,lp->ppp_slot);
1327
1328 #ifdef CONFIG_ISDN_PPP_VJ
1329         if (proto == PPP_IP && ipts->pppcfg & SC_COMP_TCP) {    /* ipts here? probably yes, but check this again */
1330                 struct sk_buff *new_skb;
1331                 unsigned short hl;
1332                 /*
1333                  * we need to reserve enought space in front of
1334                  * sk_buff. old call to dev_alloc_skb only reserved
1335                  * 16 bytes, now we are looking what the driver want.
1336                  */
1337                 hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen + IPPP_MAX_HEADER;
1338                 /* 
1339                  * Note: hl might still be insufficient because the method
1340                  * above does not account for a possibible MPPP slave channel
1341                  * which had larger HL header space requirements than the
1342                  * master.
1343                  */
1344                 new_skb = alloc_skb(hl+skb->len, GFP_ATOMIC);
1345                 if (new_skb) {
1346                         u_char *buf;
1347                         int pktlen;
1348
1349                         skb_reserve(new_skb, hl);
1350                         new_skb->dev = skb->dev;
1351                         skb_put(new_skb, skb->len);
1352                         buf = skb->data;
1353
1354                         pktlen = slhc_compress(ipts->slcomp, skb->data, skb->len, new_skb->data,
1355                                  &buf, !(ipts->pppcfg & SC_NO_TCP_CCID));
1356
1357                         if (buf != skb->data) { 
1358                                 if (new_skb->data != buf)
1359                                         printk(KERN_ERR "isdn_ppp: FATAL error after slhc_compress!!\n");
1360                                 dev_kfree_skb(skb);
1361                                 skb = new_skb;
1362                         } else {
1363                                 dev_kfree_skb(new_skb);
1364                         }
1365
1366                         skb_trim(skb, pktlen);
1367                         if (skb->data[0] & SL_TYPE_COMPRESSED_TCP) {    /* cslip? style -> PPP */
1368                                 proto = PPP_VJC_COMP;
1369                                 skb->data[0] ^= SL_TYPE_COMPRESSED_TCP;
1370                         } else {
1371                                 if (skb->data[0] >= SL_TYPE_UNCOMPRESSED_TCP)
1372                                         proto = PPP_VJC_UNCOMP;
1373                                 skb->data[0] = (skb->data[0] & 0x0f) | 0x40;
1374                         }
1375                 }
1376         }
1377 #endif
1378
1379         /*
1380          * normal (single link) or bundle compression
1381          */
1382         if(ipts->compflags & SC_COMP_ON) {
1383                 /* We send compressed only if both down- und upstream
1384                    compression is negotiated, that means, CCP is up */
1385                 if(ipts->compflags & SC_DECOMP_ON) {
1386                         skb = isdn_ppp_compress(skb,&proto,ipt,ipts,0);
1387                 } else {
1388                         printk(KERN_DEBUG "isdn_ppp: CCP not yet up - sending as-is\n");
1389                 }
1390         }
1391
1392         if (ipt->debug & 0x24)
1393                 printk(KERN_DEBUG "xmit2 skb, len %d, proto %04x\n", (int) skb->len, proto);
1394
1395 #ifdef CONFIG_ISDN_MPP
1396         if (ipt->mpppcfg & SC_MP_PROT) {
1397                 /* we get mp_seqno from static isdn_net_local */
1398                 long mp_seqno = ipts->mp_seqno;
1399                 ipts->mp_seqno++;
1400                 if (ipt->mpppcfg & SC_OUT_SHORT_SEQ) {
1401                         unsigned char *data = isdn_ppp_skb_push(&skb, 3);
1402                         if(!data)
1403                                 goto unlock;
1404                         mp_seqno &= 0xfff;
1405                         data[0] = MP_BEGIN_FRAG | MP_END_FRAG | ((mp_seqno >> 8) & 0xf);        /* (B)egin & (E)ndbit .. */
1406                         data[1] = mp_seqno & 0xff;
1407                         data[2] = proto;        /* PID compression */
1408                 } else {
1409                         unsigned char *data = isdn_ppp_skb_push(&skb, 5);
1410                         if(!data)
1411                                 goto unlock;
1412                         data[0] = MP_BEGIN_FRAG | MP_END_FRAG;  /* (B)egin & (E)ndbit .. */
1413                         data[1] = (mp_seqno >> 16) & 0xff;      /* sequence number: 24bit */
1414                         data[2] = (mp_seqno >> 8) & 0xff;
1415                         data[3] = (mp_seqno >> 0) & 0xff;
1416                         data[4] = proto;        /* PID compression */
1417                 }
1418                 proto = PPP_MP; /* MP Protocol, 0x003d */
1419         }
1420 #endif
1421
1422         /*
1423          * 'link in bundle' compression  ...
1424          */
1425         if(ipt->compflags & SC_LINK_COMP_ON)
1426                 skb = isdn_ppp_compress(skb,&proto,ipt,ipts,1);
1427
1428         if( (ipt->pppcfg & SC_COMP_PROT) && (proto <= 0xff) ) {
1429                 unsigned char *data = isdn_ppp_skb_push(&skb,1);
1430                 if(!data)
1431                         goto unlock;
1432                 data[0] = proto & 0xff;
1433         }
1434         else {
1435                 unsigned char *data = isdn_ppp_skb_push(&skb,2);
1436                 if(!data)
1437                         goto unlock;
1438                 data[0] = (proto >> 8) & 0xff;
1439                 data[1] = proto & 0xff;
1440         }
1441         if(!(ipt->pppcfg & SC_COMP_AC)) {
1442                 unsigned char *data = isdn_ppp_skb_push(&skb,2);
1443                 if(!data)
1444                         goto unlock;
1445                 data[0] = 0xff;    /* All Stations */
1446                 data[1] = 0x03;    /* Unnumbered information */
1447         }
1448
1449         /* tx-stats are now updated via BSENT-callback */
1450
1451         if (ipts->debug & 0x40) {
1452                 printk(KERN_DEBUG "skb xmit: len: %d\n", (int) skb->len);
1453                 isdn_ppp_frame_log("xmit", skb->data, skb->len, 32,ipt->unit,lp->ppp_slot);
1454         }
1455         
1456         isdn_net_writebuf_skb(lp, skb);
1457
1458  unlock:
1459         spin_unlock_bh(&lp->xmit_lock);
1460  out:
1461         return retval;
1462 }
1463
1464 #ifdef CONFIG_IPPP_FILTER
1465 /*
1466  * check if this packet may trigger auto-dial.
1467  */
1468
1469 int isdn_ppp_autodial_filter(struct sk_buff *skb, isdn_net_local *lp)
1470 {
1471         struct ippp_struct *is = ippp_table[lp->ppp_slot];
1472         u_int16_t proto;
1473         int drop = 0;
1474
1475         switch (ntohs(skb->protocol)) {
1476         case ETH_P_IP:
1477                 proto = PPP_IP;
1478                 break;
1479         case ETH_P_IPX:
1480                 proto = PPP_IPX;
1481                 break;
1482         default:
1483                 printk(KERN_ERR "isdn_ppp_autodial_filter: unsupported protocol 0x%x.\n",
1484                        skb->protocol);
1485                 return 1;
1486         }
1487
1488         /* the filter instructions are constructed assuming
1489          * a four-byte PPP header on each packet. we have to
1490          * temporarily remove part of the fake header stuck on
1491          * earlier.
1492          */
1493         *skb_pull(skb, IPPP_MAX_HEADER - 4) = 1; /* indicate outbound */
1494
1495         {
1496                 u_int16_t *p = (u_int16_t *) skb->data;
1497
1498                 p++;
1499                 *p   = htons(proto);
1500         }
1501         
1502         drop |= is->pass_filter
1503                 && sk_run_filter(skb, is->pass_filter, is->pass_len) == 0;
1504         drop |= is->active_filter
1505                 && sk_run_filter(skb, is->active_filter, is->active_len) == 0;
1506         
1507         skb_push(skb, IPPP_MAX_HEADER - 4);
1508         return drop;
1509 }
1510 #endif
1511 #ifdef CONFIG_ISDN_MPP
1512
1513 /* this is _not_ rfc1990 header, but something we convert both short and long
1514  * headers to for convinience's sake:
1515  *      byte 0 is flags as in rfc1990
1516  *      bytes 1...4 is 24-bit seqence number converted to host byte order 
1517  */
1518 #define MP_HEADER_LEN   5
1519
1520 #define MP_LONGSEQ_MASK         0x00ffffff
1521 #define MP_SHORTSEQ_MASK        0x00000fff
1522 #define MP_LONGSEQ_MAX          MP_LONGSEQ_MASK
1523 #define MP_SHORTSEQ_MAX         MP_SHORTSEQ_MASK
1524 #define MP_LONGSEQ_MAXBIT       ((MP_LONGSEQ_MASK+1)>>1)
1525 #define MP_SHORTSEQ_MAXBIT      ((MP_SHORTSEQ_MASK+1)>>1)
1526
1527 /* sequence-wrap safe comparisions (for long sequence)*/ 
1528 #define MP_LT(a,b)      ((a-b)&MP_LONGSEQ_MAXBIT)
1529 #define MP_LE(a,b)      !((b-a)&MP_LONGSEQ_MAXBIT)
1530 #define MP_GT(a,b)      ((b-a)&MP_LONGSEQ_MAXBIT)
1531 #define MP_GE(a,b)      !((a-b)&MP_LONGSEQ_MAXBIT)
1532
1533 #define MP_SEQ(f)       ((*(u32*)(f->data+1)))
1534 #define MP_FLAGS(f)     (f->data[0])
1535
1536 static int isdn_ppp_mp_bundle_array_init(void)
1537 {
1538         int i;
1539         int sz = ISDN_MAX_CHANNELS*sizeof(ippp_bundle);
1540         if( (isdn_ppp_bundle_arr = (ippp_bundle*)kmalloc(sz, 
1541                                                         GFP_KERNEL)) == NULL )
1542                 return -ENOMEM;
1543         memset(isdn_ppp_bundle_arr, 0, sz);
1544         for( i = 0; i < ISDN_MAX_CHANNELS; i++ )
1545                 spin_lock_init(&isdn_ppp_bundle_arr[i].lock);
1546         return 0;
1547 }
1548
1549 static ippp_bundle * isdn_ppp_mp_bundle_alloc(void)
1550 {
1551         int i;
1552         for( i = 0; i < ISDN_MAX_CHANNELS; i++ )
1553                 if (isdn_ppp_bundle_arr[i].ref_ct <= 0)
1554                         return (isdn_ppp_bundle_arr + i);
1555         return NULL;
1556 }
1557
1558 static int isdn_ppp_mp_init( isdn_net_local * lp, ippp_bundle * add_to )
1559 {
1560         struct ippp_struct * is;
1561
1562         if (lp->ppp_slot < 0) {
1563                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
1564                         __FUNCTION__, lp->ppp_slot);
1565                 return(-EINVAL);
1566         }
1567
1568         is = ippp_table[lp->ppp_slot];
1569         if (add_to) {
1570                 if( lp->netdev->pb )
1571                         lp->netdev->pb->ref_ct--;
1572                 lp->netdev->pb = add_to;
1573         } else {                /* first link in a bundle */
1574                 is->mp_seqno = 0;
1575                 if ((lp->netdev->pb = isdn_ppp_mp_bundle_alloc()) == NULL)
1576                         return -ENOMEM;
1577                 lp->next = lp->last = lp;       /* nobody else in a queue */
1578                 lp->netdev->pb->frags = NULL;
1579                 lp->netdev->pb->frames = 0;
1580                 lp->netdev->pb->seq = UINT_MAX;
1581         }
1582         lp->netdev->pb->ref_ct++;
1583         
1584         is->last_link_seqno = 0;
1585         return 0;
1586 }
1587
1588 static u32 isdn_ppp_mp_get_seq( int short_seq, 
1589                                         struct sk_buff * skb, u32 last_seq );
1590 static struct sk_buff * isdn_ppp_mp_discard( ippp_bundle * mp,
1591                         struct sk_buff * from, struct sk_buff * to );
1592 static void isdn_ppp_mp_reassembly( isdn_net_dev * net_dev, isdn_net_local * lp,
1593                                 struct sk_buff * from, struct sk_buff * to );
1594 static void isdn_ppp_mp_free_skb( ippp_bundle * mp, struct sk_buff * skb );
1595 static void isdn_ppp_mp_print_recv_pkt( int slot, struct sk_buff * skb );
1596
1597 static void isdn_ppp_mp_receive(isdn_net_dev * net_dev, isdn_net_local * lp, 
1598                                                         struct sk_buff *skb)
1599 {
1600         struct ippp_struct *is;
1601         isdn_net_local * lpq;
1602         ippp_bundle * mp;
1603         isdn_mppp_stats * stats;
1604         struct sk_buff * newfrag, * frag, * start, *nextf;
1605         u32 newseq, minseq, thisseq;
1606         unsigned long flags;
1607         int slot;
1608
1609         spin_lock_irqsave(&net_dev->pb->lock, flags);
1610         mp = net_dev->pb;
1611         stats = &mp->stats;
1612         slot = lp->ppp_slot;
1613         if (slot < 0 || slot > ISDN_MAX_CHANNELS) {
1614                 printk(KERN_ERR "%s: lp->ppp_slot(%d)\n",
1615                         __FUNCTION__, lp->ppp_slot);
1616                 stats->frame_drops++;
1617                 dev_kfree_skb(skb);
1618                 spin_unlock_irqrestore(&mp->lock, flags);
1619                 return;
1620         }
1621         is = ippp_table[slot];
1622         if( ++mp->frames > stats->max_queue_len )
1623                 stats->max_queue_len = mp->frames;
1624         
1625         if (is->debug & 0x8)
1626                 isdn_ppp_mp_print_recv_pkt(lp->ppp_slot, skb);
1627
1628         newseq = isdn_ppp_mp_get_seq(is->mpppcfg & SC_IN_SHORT_SEQ, 
1629                                                 skb, is->last_link_seqno);
1630
1631
1632         /* if this packet seq # is less than last already processed one,
1633          * toss it right away, but check for sequence start case first 
1634          */
1635         if( mp->seq > MP_LONGSEQ_MAX && (newseq & MP_LONGSEQ_MAXBIT) ) {
1636                 mp->seq = newseq;       /* the first packet: required for
1637                                          * rfc1990 non-compliant clients --
1638                                          * prevents constant packet toss */
1639         } else if( MP_LT(newseq, mp->seq) ) {
1640                 stats->frame_drops++;
1641                 isdn_ppp_mp_free_skb(mp, skb);
1642                 spin_unlock_irqrestore(&mp->lock, flags);
1643                 return;
1644         }
1645         
1646         /* find the minimum received sequence number over all links */
1647         is->last_link_seqno = minseq = newseq;
1648         for (lpq = net_dev->queue;;) {
1649                 slot = lpq->ppp_slot;
1650                 if (slot < 0 || slot > ISDN_MAX_CHANNELS) {
1651                         printk(KERN_ERR "%s: lpq->ppp_slot(%d)\n",
1652                                 __FUNCTION__, lpq->ppp_slot);
1653                 } else {
1654                         u32 lls = ippp_table[slot]->last_link_seqno;
1655                         if (MP_LT(lls, minseq))
1656                                 minseq = lls;
1657                 }
1658                 if ((lpq = lpq->next) == net_dev->queue)
1659                         break;
1660         }
1661         if (MP_LT(minseq, mp->seq))
1662                 minseq = mp->seq;       /* can't go beyond already processed
1663                                          * packets */
1664         newfrag = skb;
1665
1666         /* if this new fragment is before the first one, then enqueue it now. */
1667         if ((frag = mp->frags) == NULL || MP_LT(newseq, MP_SEQ(frag))) {
1668                 newfrag->next = frag;
1669                 mp->frags = frag = newfrag;
1670                 newfrag = NULL;
1671         }
1672
1673         start = MP_FLAGS(frag) & MP_BEGIN_FRAG &&
1674                                 MP_SEQ(frag) == mp->seq ? frag : NULL;
1675
1676         /* 
1677          * main fragment traversing loop
1678          *
1679          * try to accomplish several tasks:
1680          * - insert new fragment into the proper sequence slot (once that's done
1681          *   newfrag will be set to NULL)
1682          * - reassemble any complete fragment sequence (non-null 'start'
1683          *   indicates there is a continguous sequence present)
1684          * - discard any incomplete sequences that are below minseq -- due
1685          *   to the fact that sender always increment sequence number, if there
1686          *   is an incomplete sequence below minseq, no new fragments would
1687          *   come to complete such sequence and it should be discarded
1688          *
1689          * loop completes when we accomplished the following tasks:
1690          * - new fragment is inserted in the proper sequence ('newfrag' is 
1691          *   set to NULL)
1692          * - we hit a gap in the sequence, so no reassembly/processing is 
1693          *   possible ('start' would be set to NULL)
1694          *
1695          * algorightm for this code is derived from code in the book
1696          * 'PPP Design And Debugging' by James Carlson (Addison-Wesley)
1697          */
1698         while (start != NULL || newfrag != NULL) {
1699
1700                 thisseq = MP_SEQ(frag);
1701                 nextf = frag->next;
1702
1703                 /* drop any duplicate fragments */
1704                 if (newfrag != NULL && thisseq == newseq) {
1705                         isdn_ppp_mp_free_skb(mp, newfrag);
1706                         newfrag = NULL;
1707                 }
1708
1709                 /* insert new fragment before next element if possible. */
1710                 if (newfrag != NULL && (nextf == NULL || 
1711                                                 MP_LT(newseq, MP_SEQ(nextf)))) {
1712                         newfrag->next = nextf;
1713                         frag->next = nextf = newfrag;
1714                         newfrag = NULL;
1715                 }
1716
1717                 if (start != NULL) {
1718                         /* check for misplaced start */
1719                         if (start != frag && (MP_FLAGS(frag) & MP_BEGIN_FRAG)) {
1720                                 printk(KERN_WARNING"isdn_mppp(seq %d): new "
1721                                       "BEGIN flag with no prior END", thisseq);
1722                                 stats->seqerrs++;
1723                                 stats->frame_drops++;
1724                                 start = isdn_ppp_mp_discard(mp, start,frag);
1725                                 nextf = frag->next;
1726                         }
1727                 } else if (MP_LE(thisseq, minseq)) {            
1728                         if (MP_FLAGS(frag) & MP_BEGIN_FRAG)
1729                                 start = frag;
1730                         else {
1731                                 if (MP_FLAGS(frag) & MP_END_FRAG)
1732                                         stats->frame_drops++;
1733                                 if( mp->frags == frag )
1734                                         mp->frags = nextf;      
1735                                 isdn_ppp_mp_free_skb(mp, frag);
1736                                 frag = nextf;
1737                                 continue;
1738                         }
1739                 }
1740                 
1741                 /* if start is non-null and we have end fragment, then
1742                  * we have full reassembly sequence -- reassemble 
1743                  * and process packet now
1744                  */
1745                 if (start != NULL && (MP_FLAGS(frag) & MP_END_FRAG)) {
1746                         minseq = mp->seq = (thisseq+1) & MP_LONGSEQ_MASK;
1747                         /* Reassemble the packet then dispatch it */
1748                         isdn_ppp_mp_reassembly(net_dev, lp, start, nextf);
1749       
1750                         start = NULL;
1751                         frag = NULL;
1752
1753                         mp->frags = nextf;
1754                 }
1755
1756                 /* check if need to update start pointer: if we just
1757                  * reassembled the packet and sequence is contiguous
1758                  * then next fragment should be the start of new reassembly
1759                  * if sequence is contiguous, but we haven't reassembled yet,
1760                  * keep going.
1761                  * if sequence is not contiguous, either clear everyting
1762                  * below low watermark and set start to the next frag or
1763                  * clear start ptr.
1764                  */ 
1765                 if (nextf != NULL && 
1766                     ((thisseq+1) & MP_LONGSEQ_MASK) == MP_SEQ(nextf)) {
1767                         /* if we just reassembled and the next one is here, 
1768                          * then start another reassembly. */
1769
1770                         if (frag == NULL) {
1771                                 if (MP_FLAGS(nextf) & MP_BEGIN_FRAG)
1772                                         start = nextf;
1773                                 else
1774                                 {
1775                                         printk(KERN_WARNING"isdn_mppp(seq %d):"
1776                                                 " END flag with no following "
1777                                                 "BEGIN", thisseq);
1778                                         stats->seqerrs++;
1779                                 }
1780                         }
1781
1782                 } else {
1783                         if ( nextf != NULL && frag != NULL &&
1784                                                 MP_LT(thisseq, minseq)) {
1785                                 /* we've got a break in the sequence
1786                                  * and we not at the end yet
1787                                  * and we did not just reassembled
1788                                  *(if we did, there wouldn't be anything before)
1789                                  * and we below the low watermark 
1790                                  * discard all the frames below low watermark 
1791                                  * and start over */
1792                                 stats->frame_drops++;
1793                                 mp->frags = isdn_ppp_mp_discard(mp,start,nextf);
1794                         }
1795                         /* break in the sequence, no reassembly */
1796                         start = NULL;
1797                 }
1798                                 
1799                 frag = nextf;
1800         }       /* while -- main loop */
1801         
1802         if (mp->frags == NULL)
1803                 mp->frags = frag;
1804                 
1805         /* rather straighforward way to deal with (not very) possible 
1806          * queue overflow */
1807         if (mp->frames > MP_MAX_QUEUE_LEN) {
1808                 stats->overflows++;
1809                 while (mp->frames > MP_MAX_QUEUE_LEN) {
1810                         frag = mp->frags->next;
1811                         isdn_ppp_mp_free_skb(mp, mp->frags);
1812                         mp->frags = frag;
1813                 }
1814         }
1815         spin_unlock_irqrestore(&mp->lock, flags);
1816 }
1817
1818 static void isdn_ppp_mp_cleanup( isdn_net_local * lp )
1819 {
1820         struct sk_buff * frag = lp->netdev->pb->frags;
1821         struct sk_buff * nextfrag;
1822         while( frag ) {
1823                 nextfrag = frag->next;
1824                 isdn_ppp_mp_free_skb(lp->netdev->pb, frag);
1825                 frag = nextfrag;
1826         }
1827         lp->netdev->pb->frags = NULL;
1828 }
1829
1830 static u32 isdn_ppp_mp_get_seq( int short_seq, 
1831                                         struct sk_buff * skb, u32 last_seq )
1832 {
1833         u32 seq;
1834         int flags = skb->data[0] & (MP_BEGIN_FRAG | MP_END_FRAG);
1835    
1836         if( !short_seq )
1837         {
1838                 seq = ntohl(*(u32*)skb->data) & MP_LONGSEQ_MASK;
1839                 skb_push(skb,1);
1840         }
1841         else
1842         {
1843                 /* convert 12-bit short seq number to 24-bit long one 
1844                 */
1845                 seq = ntohs(*(u16*)skb->data) & MP_SHORTSEQ_MASK;
1846         
1847                 /* check for seqence wrap */
1848                 if( !(seq &  MP_SHORTSEQ_MAXBIT) && 
1849                      (last_seq &  MP_SHORTSEQ_MAXBIT) && 
1850                      (unsigned long)last_seq <= MP_LONGSEQ_MAX )
1851                         seq |= (last_seq + MP_SHORTSEQ_MAX+1) & 
1852                                         (~MP_SHORTSEQ_MASK & MP_LONGSEQ_MASK);
1853                 else
1854                         seq |= last_seq & (~MP_SHORTSEQ_MASK & MP_LONGSEQ_MASK);
1855                 
1856                 skb_push(skb, 3);       /* put converted seqence back in skb */
1857         }
1858         *(u32*)(skb->data+1) = seq;     /* put seqence back in _host_ byte
1859                                          * order */
1860         skb->data[0] = flags;           /* restore flags */
1861         return seq;
1862 }
1863
1864 struct sk_buff * isdn_ppp_mp_discard( ippp_bundle * mp,
1865                         struct sk_buff * from, struct sk_buff * to )
1866 {
1867         if( from )
1868                 while (from != to) {
1869                         struct sk_buff * next = from->next;
1870                         isdn_ppp_mp_free_skb(mp, from);
1871                         from = next;
1872                 }
1873         return from;
1874 }
1875
1876 void isdn_ppp_mp_reassembly( isdn_net_dev * net_dev, isdn_net_local * lp,
1877                                 struct sk_buff * from, struct sk_buff * to )
1878 {
1879         ippp_bundle * mp = net_dev->pb;
1880         int proto;
1881         struct sk_buff * skb;
1882         unsigned int tot_len;
1883
1884         if (lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS) {
1885                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
1886                         __FUNCTION__, lp->ppp_slot);
1887                 return;
1888         }
1889         if( MP_FLAGS(from) == (MP_BEGIN_FRAG | MP_END_FRAG) ) {
1890                 if( ippp_table[lp->ppp_slot]->debug & 0x40 )
1891                         printk(KERN_DEBUG "isdn_mppp: reassembly: frame %d, "
1892                                         "len %d\n", MP_SEQ(from), from->len );
1893                 skb = from;
1894                 skb_pull(skb, MP_HEADER_LEN);
1895                 mp->frames--;   
1896         } else {
1897                 struct sk_buff * frag;
1898                 int n;
1899
1900                 for(tot_len=n=0, frag=from; frag != to; frag=frag->next, n++)
1901                         tot_len += frag->len - MP_HEADER_LEN;
1902
1903                 if( ippp_table[lp->ppp_slot]->debug & 0x40 )
1904                         printk(KERN_DEBUG"isdn_mppp: reassembling frames %d "
1905                                 "to %d, len %d\n", MP_SEQ(from), 
1906                                 (MP_SEQ(from)+n-1) & MP_LONGSEQ_MASK, tot_len );
1907                 if( (skb = dev_alloc_skb(tot_len)) == NULL ) {
1908                         printk(KERN_ERR "isdn_mppp: cannot allocate sk buff "
1909                                         "of size %d\n", tot_len);
1910                         isdn_ppp_mp_discard(mp, from, to);
1911                         return;
1912                 }
1913
1914                 while( from != to ) {
1915                         unsigned int len = from->len - MP_HEADER_LEN;
1916
1917                         memcpy(skb_put(skb,len), from->data+MP_HEADER_LEN, len);
1918                         frag = from->next;
1919                         isdn_ppp_mp_free_skb(mp, from);
1920                         from = frag; 
1921                 }
1922         }
1923         proto = isdn_ppp_strip_proto(skb);
1924         isdn_ppp_push_higher(net_dev, lp, skb, proto);
1925 }
1926
1927 static void isdn_ppp_mp_free_skb(ippp_bundle * mp, struct sk_buff * skb)
1928 {
1929         dev_kfree_skb(skb);
1930         mp->frames--;
1931 }
1932
1933 static void isdn_ppp_mp_print_recv_pkt( int slot, struct sk_buff * skb )
1934 {
1935         printk(KERN_DEBUG "mp_recv: %d/%d -> %02x %02x %02x %02x %02x %02x\n", 
1936                 slot, (int) skb->len, 
1937                 (int) skb->data[0], (int) skb->data[1], (int) skb->data[2],
1938                 (int) skb->data[3], (int) skb->data[4], (int) skb->data[5]);
1939 }
1940
1941 static int
1942 isdn_ppp_bundle(struct ippp_struct *is, int unit)
1943 {
1944         char ifn[IFNAMSIZ + 1];
1945         isdn_net_dev *p;
1946         isdn_net_local *lp, *nlp;
1947         int rc;
1948         unsigned long flags;
1949
1950         sprintf(ifn, "ippp%d", unit);
1951         p = isdn_net_findif(ifn);
1952         if (!p) {
1953                 printk(KERN_ERR "ippp_bundle: cannot find %s\n", ifn);
1954                 return -EINVAL;
1955         }
1956
1957         spin_lock_irqsave(&p->pb->lock, flags);
1958
1959         nlp = is->lp;
1960         lp = p->queue;
1961         if( nlp->ppp_slot < 0 || nlp->ppp_slot >= ISDN_MAX_CHANNELS ||
1962                 lp->ppp_slot < 0 || lp->ppp_slot >= ISDN_MAX_CHANNELS ) {
1963                 printk(KERN_ERR "ippp_bundle: binding to invalid slot %d\n",
1964                         nlp->ppp_slot < 0 || nlp->ppp_slot >= ISDN_MAX_CHANNELS ? 
1965                         nlp->ppp_slot : lp->ppp_slot );
1966                 rc = -EINVAL;
1967                 goto out;
1968         }
1969
1970         isdn_net_add_to_bundle(p, nlp);
1971
1972         ippp_table[nlp->ppp_slot]->unit = ippp_table[lp->ppp_slot]->unit;
1973
1974         /* maybe also SC_CCP stuff */
1975         ippp_table[nlp->ppp_slot]->pppcfg |= ippp_table[lp->ppp_slot]->pppcfg &
1976                 (SC_ENABLE_IP | SC_NO_TCP_CCID | SC_REJ_COMP_TCP);
1977         ippp_table[nlp->ppp_slot]->mpppcfg |= ippp_table[lp->ppp_slot]->mpppcfg &
1978                 (SC_MP_PROT | SC_REJ_MP_PROT | SC_OUT_SHORT_SEQ | SC_IN_SHORT_SEQ);
1979         rc = isdn_ppp_mp_init(nlp, p->pb);
1980 out:
1981         spin_unlock_irqrestore(&p->pb->lock, flags);
1982         return rc;
1983 }
1984   
1985 #endif /* CONFIG_ISDN_MPP */
1986   
1987 /*
1988  * network device ioctl handlers
1989  */
1990
1991 static int
1992 isdn_ppp_dev_ioctl_stats(int slot, struct ifreq *ifr, struct net_device *dev)
1993 {
1994         struct ppp_stats __user *res = ifr->ifr_data;
1995         struct ppp_stats t;
1996         isdn_net_local *lp = (isdn_net_local *) dev->priv;
1997
1998         if (!access_ok(VERIFY_WRITE, res, sizeof(struct ppp_stats)))
1999                 return -EFAULT;
2000
2001         /* build a temporary stat struct and copy it to user space */
2002
2003         memset(&t, 0, sizeof(struct ppp_stats));
2004         if (dev->flags & IFF_UP) {
2005                 t.p.ppp_ipackets = lp->stats.rx_packets;
2006                 t.p.ppp_ibytes = lp->stats.rx_bytes;
2007                 t.p.ppp_ierrors = lp->stats.rx_errors;
2008                 t.p.ppp_opackets = lp->stats.tx_packets;
2009                 t.p.ppp_obytes = lp->stats.tx_bytes;
2010                 t.p.ppp_oerrors = lp->stats.tx_errors;
2011 #ifdef CONFIG_ISDN_PPP_VJ
2012                 if (slot >= 0 && ippp_table[slot]->slcomp) {
2013                         struct slcompress *slcomp = ippp_table[slot]->slcomp;
2014                         t.vj.vjs_packets = slcomp->sls_o_compressed + slcomp->sls_o_uncompressed;
2015                         t.vj.vjs_compressed = slcomp->sls_o_compressed;
2016                         t.vj.vjs_searches = slcomp->sls_o_searches;
2017                         t.vj.vjs_misses = slcomp->sls_o_misses;
2018                         t.vj.vjs_errorin = slcomp->sls_i_error;
2019                         t.vj.vjs_tossed = slcomp->sls_i_tossed;
2020                         t.vj.vjs_uncompressedin = slcomp->sls_i_uncompressed;
2021                         t.vj.vjs_compressedin = slcomp->sls_i_compressed;
2022                 }
2023 #endif
2024         }
2025         if (copy_to_user(res, &t, sizeof(struct ppp_stats)))
2026                 return -EFAULT;
2027         return 0;
2028 }
2029
2030 int
2031 isdn_ppp_dev_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
2032 {
2033         int error=0;
2034         int len;
2035         isdn_net_local *lp = (isdn_net_local *) dev->priv;
2036
2037
2038         if (lp->p_encap != ISDN_NET_ENCAP_SYNCPPP)
2039                 return -EINVAL;
2040
2041         switch (cmd) {
2042 #define PPP_VERSION "2.3.7"
2043                 case SIOCGPPPVER:
2044                         len = strlen(PPP_VERSION) + 1;
2045                         if (copy_to_user(ifr->ifr_data, PPP_VERSION, len))
2046                                 error = -EFAULT;
2047                         break;
2048
2049                 case SIOCGPPPSTATS:
2050                         error = isdn_ppp_dev_ioctl_stats(lp->ppp_slot, ifr, dev);
2051                         break;
2052                 default:
2053                         error = -EINVAL;
2054                         break;
2055         }
2056         return error;
2057 }
2058
2059 static int
2060 isdn_ppp_if_get_unit(char *name)
2061 {
2062         int len,
2063          i,
2064          unit = 0,
2065          deci;
2066
2067         len = strlen(name);
2068
2069         if (strncmp("ippp", name, 4) || len > 8)
2070                 return -1;
2071
2072         for (i = 0, deci = 1; i < len; i++, deci *= 10) {
2073                 char a = name[len - i - 1];
2074                 if (a >= '0' && a <= '9')
2075                         unit += (a - '0') * deci;
2076                 else
2077                         break;
2078         }
2079         if (!i || len - i != 4)
2080                 unit = -1;
2081
2082         return unit;
2083 }
2084
2085
2086 int
2087 isdn_ppp_dial_slave(char *name)
2088 {
2089 #ifdef CONFIG_ISDN_MPP
2090         isdn_net_dev *ndev;
2091         isdn_net_local *lp;
2092         struct net_device *sdev;
2093
2094         if (!(ndev = isdn_net_findif(name)))
2095                 return 1;
2096         lp = ndev->local;
2097         if (!(lp->flags & ISDN_NET_CONNECTED))
2098                 return 5;
2099
2100         sdev = lp->slave;
2101         while (sdev) {
2102                 isdn_net_local *mlp = (isdn_net_local *) sdev->priv;
2103                 if (!(mlp->flags & ISDN_NET_CONNECTED))
2104                         break;
2105                 sdev = mlp->slave;
2106         }
2107         if (!sdev)
2108                 return 2;
2109
2110         isdn_net_dial_req((isdn_net_local *) sdev->priv);
2111         return 0;
2112 #else
2113         return -1;
2114 #endif
2115 }
2116
2117 int
2118 isdn_ppp_hangup_slave(char *name)
2119 {
2120 #ifdef CONFIG_ISDN_MPP
2121         isdn_net_dev *ndev;
2122         isdn_net_local *lp;
2123         struct net_device *sdev;
2124
2125         if (!(ndev = isdn_net_findif(name)))
2126                 return 1;
2127         lp = ndev->local;
2128         if (!(lp->flags & ISDN_NET_CONNECTED))
2129                 return 5;
2130
2131         sdev = lp->slave;
2132         while (sdev) {
2133                 isdn_net_local *mlp = (isdn_net_local *) sdev->priv;
2134
2135                 if (mlp->slave) { /* find last connected link in chain */
2136                         isdn_net_local *nlp = (isdn_net_local *) mlp->slave->priv;
2137
2138                         if (!(nlp->flags & ISDN_NET_CONNECTED))
2139                                 break;
2140                 } else if (mlp->flags & ISDN_NET_CONNECTED)
2141                         break;
2142                 
2143                 sdev = mlp->slave;
2144         }
2145         if (!sdev)
2146                 return 2;
2147
2148         isdn_net_hangup(sdev);
2149         return 0;
2150 #else
2151         return -1;
2152 #endif
2153 }
2154
2155 /*
2156  * PPP compression stuff
2157  */
2158
2159
2160 /* Push an empty CCP Data Frame up to the daemon to wake it up and let it
2161    generate a CCP Reset-Request or tear down CCP altogether */
2162
2163 static void isdn_ppp_ccp_kickup(struct ippp_struct *is)
2164 {
2165         isdn_ppp_fill_rq(NULL, 0, PPP_COMP, is->lp->ppp_slot);
2166 }
2167
2168 /* In-kernel handling of CCP Reset-Request and Reset-Ack is necessary,
2169    but absolutely nontrivial. The most abstruse problem we are facing is
2170    that the generation, reception and all the handling of timeouts and
2171    resends including proper request id management should be entirely left
2172    to the (de)compressor, but indeed is not covered by the current API to
2173    the (de)compressor. The API is a prototype version from PPP where only
2174    some (de)compressors have yet been implemented and all of them are
2175    rather simple in their reset handling. Especially, their is only one
2176    outstanding ResetAck at a time with all of them and ResetReq/-Acks do
2177    not have parameters. For this very special case it was sufficient to
2178    just return an error code from the decompressor and have a single
2179    reset() entry to communicate all the necessary information between
2180    the framework and the (de)compressor. Bad enough, LZS is different
2181    (and any other compressor may be different, too). It has multiple
2182    histories (eventually) and needs to Reset each of them independently
2183    and thus uses multiple outstanding Acks and history numbers as an
2184    additional parameter to Reqs/Acks.
2185    All that makes it harder to port the reset state engine into the
2186    kernel because it is not just the same simple one as in (i)pppd but
2187    it must be able to pass additional parameters and have multiple out-
2188    standing Acks. We are trying to achieve the impossible by handling
2189    reset transactions independent by their id. The id MUST change when
2190    the data portion changes, thus any (de)compressor who uses more than
2191    one resettable state must provide and recognize individual ids for
2192    each individual reset transaction. The framework itself does _only_
2193    differentiate them by id, because it has no other semantics like the
2194    (de)compressor might.
2195    This looks like a major redesign of the interface would be nice,
2196    but I don't have an idea how to do it better. */
2197
2198 /* Send a CCP Reset-Request or Reset-Ack directly from the kernel. This is
2199    getting that lengthy because there is no simple "send-this-frame-out"
2200    function above but every wrapper does a bit different. Hope I guess
2201    correct in this hack... */
2202
2203 static void isdn_ppp_ccp_xmit_reset(struct ippp_struct *is, int proto,
2204                                     unsigned char code, unsigned char id,
2205                                     unsigned char *data, int len)
2206 {
2207         struct sk_buff *skb;
2208         unsigned char *p;
2209         int hl;
2210         int cnt = 0;
2211         isdn_net_local *lp = is->lp;
2212
2213         /* Alloc large enough skb */
2214         hl = dev->drv[lp->isdn_device]->interface->hl_hdrlen;
2215         skb = alloc_skb(len + hl + 16,GFP_ATOMIC);
2216         if(!skb) {
2217                 printk(KERN_WARNING
2218                        "ippp: CCP cannot send reset - out of memory\n");
2219                 return;
2220         }
2221         skb_reserve(skb, hl);
2222
2223         /* We may need to stuff an address and control field first */
2224         if(!(is->pppcfg & SC_COMP_AC)) {
2225                 p = skb_put(skb, 2);
2226                 *p++ = 0xff;
2227                 *p++ = 0x03;
2228         }
2229
2230         /* Stuff proto, code, id and length */
2231         p = skb_put(skb, 6);
2232         *p++ = (proto >> 8);
2233         *p++ = (proto & 0xff);
2234         *p++ = code;
2235         *p++ = id;
2236         cnt = 4 + len;
2237         *p++ = (cnt >> 8);
2238         *p++ = (cnt & 0xff);
2239
2240         /* Now stuff remaining bytes */
2241         if(len) {
2242                 p = skb_put(skb, len);
2243                 memcpy(p, data, len);
2244         }
2245
2246         /* skb is now ready for xmit */
2247         printk(KERN_DEBUG "Sending CCP Frame:\n");
2248         isdn_ppp_frame_log("ccp-xmit", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2249
2250         isdn_net_write_super(lp, skb);
2251 }
2252
2253 /* Allocate the reset state vector */
2254 static struct ippp_ccp_reset *isdn_ppp_ccp_reset_alloc(struct ippp_struct *is)
2255 {
2256         struct ippp_ccp_reset *r;
2257         r = kmalloc(sizeof(struct ippp_ccp_reset), GFP_KERNEL);
2258         if(!r) {
2259                 printk(KERN_ERR "ippp_ccp: failed to allocate reset data"
2260                        " structure - no mem\n");
2261                 return NULL;
2262         }
2263         memset(r, 0, sizeof(struct ippp_ccp_reset));
2264         printk(KERN_DEBUG "ippp_ccp: allocated reset data structure %p\n", r);
2265         is->reset = r;
2266         return r;
2267 }
2268
2269 /* Destroy the reset state vector. Kill all pending timers first. */
2270 static void isdn_ppp_ccp_reset_free(struct ippp_struct *is)
2271 {
2272         unsigned int id;
2273
2274         printk(KERN_DEBUG "ippp_ccp: freeing reset data structure %p\n",
2275                is->reset);
2276         for(id = 0; id < 256; id++) {
2277                 if(is->reset->rs[id]) {
2278                         isdn_ppp_ccp_reset_free_state(is, (unsigned char)id);
2279                 }
2280         }
2281         kfree(is->reset);
2282         is->reset = NULL;
2283 }
2284
2285 /* Free a given state and clear everything up for later reallocation */
2286 static void isdn_ppp_ccp_reset_free_state(struct ippp_struct *is,
2287                                           unsigned char id)
2288 {
2289         struct ippp_ccp_reset_state *rs;
2290
2291         if(is->reset->rs[id]) {
2292                 printk(KERN_DEBUG "ippp_ccp: freeing state for id %d\n", id);
2293                 rs = is->reset->rs[id];
2294                 /* Make sure the kernel will not call back later */
2295                 if(rs->ta)
2296                         del_timer(&rs->timer);
2297                 is->reset->rs[id] = NULL;
2298                 kfree(rs);
2299         } else {
2300                 printk(KERN_WARNING "ippp_ccp: id %d is not allocated\n", id);
2301         }
2302 }
2303
2304 /* The timer callback function which is called when a ResetReq has timed out,
2305    aka has never been answered by a ResetAck */
2306 static void isdn_ppp_ccp_timer_callback(unsigned long closure)
2307 {
2308         struct ippp_ccp_reset_state *rs =
2309                 (struct ippp_ccp_reset_state *)closure;
2310
2311         if(!rs) {
2312                 printk(KERN_ERR "ippp_ccp: timer cb with zero closure.\n");
2313                 return;
2314         }
2315         if(rs->ta && rs->state == CCPResetSentReq) {
2316                 /* We are correct here */
2317                 if(!rs->expra) {
2318                         /* Hmm, there is no Ack really expected. We can clean
2319                            up the state now, it will be reallocated if the
2320                            decompressor insists on another reset */
2321                         rs->ta = 0;
2322                         isdn_ppp_ccp_reset_free_state(rs->is, rs->id);
2323                         return;
2324                 }
2325                 printk(KERN_DEBUG "ippp_ccp: CCP Reset timed out for id %d\n",
2326                        rs->id);
2327                 /* Push it again */
2328                 isdn_ppp_ccp_xmit_reset(rs->is, PPP_CCP, CCP_RESETREQ, rs->id,
2329                                         rs->data, rs->dlen);
2330                 /* Restart timer */
2331                 rs->timer.expires = jiffies + HZ*5;
2332                 add_timer(&rs->timer);
2333         } else {
2334                 printk(KERN_WARNING "ippp_ccp: timer cb in wrong state %d\n",
2335                        rs->state);
2336         }
2337 }
2338
2339 /* Allocate a new reset transaction state */
2340 static struct ippp_ccp_reset_state *isdn_ppp_ccp_reset_alloc_state(struct ippp_struct *is,
2341                                                       unsigned char id)
2342 {
2343         struct ippp_ccp_reset_state *rs;
2344         if(is->reset->rs[id]) {
2345                 printk(KERN_WARNING "ippp_ccp: old state exists for id %d\n",
2346                        id);
2347                 return NULL;
2348         } else {
2349                 rs = kmalloc(sizeof(struct ippp_ccp_reset_state), GFP_KERNEL);
2350                 if(!rs)
2351                         return NULL;
2352                 memset(rs, 0, sizeof(struct ippp_ccp_reset_state));
2353                 rs->state = CCPResetIdle;
2354                 rs->is = is;
2355                 rs->id = id;
2356                 rs->timer.data = (unsigned long)rs;
2357                 rs->timer.function = isdn_ppp_ccp_timer_callback;
2358                 is->reset->rs[id] = rs;
2359         }
2360         return rs;
2361 }
2362
2363
2364 /* A decompressor wants a reset with a set of parameters - do what is
2365    necessary to fulfill it */
2366 static void isdn_ppp_ccp_reset_trans(struct ippp_struct *is,
2367                                      struct isdn_ppp_resetparams *rp)
2368 {
2369         struct ippp_ccp_reset_state *rs;
2370
2371         if(rp->valid) {
2372                 /* The decompressor defines parameters by itself */
2373                 if(rp->rsend) {
2374                         /* And he wants us to send a request */
2375                         if(!(rp->idval)) {
2376                                 printk(KERN_ERR "ippp_ccp: decompressor must"
2377                                        " specify reset id\n");
2378                                 return;
2379                         }
2380                         if(is->reset->rs[rp->id]) {
2381                                 /* There is already a transaction in existence
2382                                    for this id. May be still waiting for a
2383                                    Ack or may be wrong. */
2384                                 rs = is->reset->rs[rp->id];
2385                                 if(rs->state == CCPResetSentReq && rs->ta) {
2386                                         printk(KERN_DEBUG "ippp_ccp: reset"
2387                                                " trans still in progress"
2388                                                " for id %d\n", rp->id);
2389                                 } else {
2390                                         printk(KERN_WARNING "ippp_ccp: reset"
2391                                                " trans in wrong state %d for"
2392                                                " id %d\n", rs->state, rp->id);
2393                                 }
2394                         } else {
2395                                 /* Ok, this is a new transaction */
2396                                 printk(KERN_DEBUG "ippp_ccp: new trans for id"
2397                                        " %d to be started\n", rp->id);
2398                                 rs = isdn_ppp_ccp_reset_alloc_state(is, rp->id);
2399                                 if(!rs) {
2400                                         printk(KERN_ERR "ippp_ccp: out of mem"
2401                                                " allocing ccp trans\n");
2402                                         return;
2403                                 }
2404                                 rs->state = CCPResetSentReq;
2405                                 rs->expra = rp->expra;
2406                                 if(rp->dtval) {
2407                                         rs->dlen = rp->dlen;
2408                                         memcpy(rs->data, rp->data, rp->dlen);
2409                                 }
2410                                 /* HACK TODO - add link comp here */
2411                                 isdn_ppp_ccp_xmit_reset(is, PPP_CCP,
2412                                                         CCP_RESETREQ, rs->id,
2413                                                         rs->data, rs->dlen);
2414                                 /* Start the timer */
2415                                 rs->timer.expires = jiffies + 5*HZ;
2416                                 add_timer(&rs->timer);
2417                                 rs->ta = 1;
2418                         }
2419                 } else {
2420                         printk(KERN_DEBUG "ippp_ccp: no reset sent\n");
2421                 }
2422         } else {
2423                 /* The reset params are invalid. The decompressor does not
2424                    care about them, so we just send the minimal requests
2425                    and increase ids only when an Ack is received for a
2426                    given id */
2427                 if(is->reset->rs[is->reset->lastid]) {
2428                         /* There is already a transaction in existence
2429                            for this id. May be still waiting for a
2430                            Ack or may be wrong. */
2431                         rs = is->reset->rs[is->reset->lastid];
2432                         if(rs->state == CCPResetSentReq && rs->ta) {
2433                                 printk(KERN_DEBUG "ippp_ccp: reset"
2434                                        " trans still in progress"
2435                                        " for id %d\n", rp->id);
2436                         } else {
2437                                 printk(KERN_WARNING "ippp_ccp: reset"
2438                                        " trans in wrong state %d for"
2439                                        " id %d\n", rs->state, rp->id);
2440                         }
2441                 } else {
2442                         printk(KERN_DEBUG "ippp_ccp: new trans for id"
2443                                " %d to be started\n", is->reset->lastid);
2444                         rs = isdn_ppp_ccp_reset_alloc_state(is,
2445                                                             is->reset->lastid);
2446                         if(!rs) {
2447                                 printk(KERN_ERR "ippp_ccp: out of mem"
2448                                        " allocing ccp trans\n");
2449                                 return;
2450                         }
2451                         rs->state = CCPResetSentReq;
2452                         /* We always expect an Ack if the decompressor doesn't
2453                            know better */
2454                         rs->expra = 1;
2455                         rs->dlen = 0;
2456                         /* HACK TODO - add link comp here */
2457                         isdn_ppp_ccp_xmit_reset(is, PPP_CCP, CCP_RESETREQ,
2458                                                 rs->id, NULL, 0);
2459                         /* Start the timer */
2460                         rs->timer.expires = jiffies + 5*HZ;
2461                         add_timer(&rs->timer);
2462                         rs->ta = 1;
2463                 }
2464         }
2465 }
2466
2467 /* An Ack was received for this id. This means we stop the timer and clean
2468    up the state prior to calling the decompressors reset routine. */
2469 static void isdn_ppp_ccp_reset_ack_rcvd(struct ippp_struct *is,
2470                                         unsigned char id)
2471 {
2472         struct ippp_ccp_reset_state *rs = is->reset->rs[id];
2473
2474         if(rs) {
2475                 if(rs->ta && rs->state == CCPResetSentReq) {
2476                         /* Great, we are correct */
2477                         if(!rs->expra)
2478                                 printk(KERN_DEBUG "ippp_ccp: ResetAck received"
2479                                        " for id %d but not expected\n", id);
2480                 } else {
2481                         printk(KERN_INFO "ippp_ccp: ResetAck received out of"
2482                                "sync for id %d\n", id);
2483                 }
2484                 if(rs->ta) {
2485                         rs->ta = 0;
2486                         del_timer(&rs->timer);
2487                 }
2488                 isdn_ppp_ccp_reset_free_state(is, id);
2489         } else {
2490                 printk(KERN_INFO "ippp_ccp: ResetAck received for unknown id"
2491                        " %d\n", id);
2492         }
2493         /* Make sure the simple reset stuff uses a new id next time */
2494         is->reset->lastid++;
2495 }
2496
2497 /* 
2498  * decompress packet
2499  *
2500  * if master = 0, we're trying to uncompress an per-link compressed packet,
2501  * as opposed to an compressed reconstructed-from-MPPP packet.
2502  * proto is updated to protocol field of uncompressed packet.
2503  *
2504  * retval: decompressed packet,
2505  *         same packet if uncompressed,
2506  *         NULL if decompression error
2507  */
2508
2509 static struct sk_buff *isdn_ppp_decompress(struct sk_buff *skb,struct ippp_struct *is,struct ippp_struct *master,
2510         int *proto)
2511 {
2512         void *stat = NULL;
2513         struct isdn_ppp_compressor *ipc = NULL;
2514         struct sk_buff *skb_out;
2515         int len;
2516         struct ippp_struct *ri;
2517         struct isdn_ppp_resetparams rsparm;
2518         unsigned char rsdata[IPPP_RESET_MAXDATABYTES];
2519
2520         if(!master) {
2521                 // per-link decompression 
2522                 stat = is->link_decomp_stat;
2523                 ipc = is->link_decompressor;
2524                 ri = is;
2525         } else {
2526                 stat = master->decomp_stat;
2527                 ipc = master->decompressor;
2528                 ri = master;
2529         }
2530
2531         if (!ipc) {
2532                 // no decompressor -> we can't decompress.
2533                 printk(KERN_DEBUG "ippp: no decompressor defined!\n");
2534                 return skb;
2535         }
2536         if (!stat) // if we have a compressor, stat has been set as well
2537                 BUG();
2538
2539         if((master && *proto == PPP_COMP) || (!master && *proto == PPP_COMPFRAG) ) {
2540                 // compressed packets are compressed by their protocol type
2541
2542                 // Set up reset params for the decompressor
2543                 memset(&rsparm, 0, sizeof(rsparm));
2544                 rsparm.data = rsdata;
2545                 rsparm.maxdlen = IPPP_RESET_MAXDATABYTES;
2546   
2547                 skb_out = dev_alloc_skb(is->mru + PPP_HDRLEN);
2548                 len = ipc->decompress(stat, skb, skb_out, &rsparm);
2549                 kfree_skb(skb);
2550                 if (len <= 0) {
2551                         switch(len) {
2552                         case DECOMP_ERROR:
2553                                 printk(KERN_INFO "ippp: decomp wants reset %s params\n",
2554                                        rsparm.valid ? "with" : "without");
2555                                 
2556                                 isdn_ppp_ccp_reset_trans(ri, &rsparm);
2557                                 break;
2558                         case DECOMP_FATALERROR:
2559                                 ri->pppcfg |= SC_DC_FERROR;
2560                                 /* Kick ipppd to recognize the error */
2561                                 isdn_ppp_ccp_kickup(ri);
2562                                 break;
2563                         }
2564                         kfree_skb(skb_out);
2565                         return NULL;
2566                 }
2567                 *proto = isdn_ppp_strip_proto(skb_out);
2568                 if (*proto < 0) {
2569                         kfree_skb(skb_out);
2570                         return NULL;
2571                 }
2572                 return skb_out;
2573         } else { 
2574                 // uncompressed packets are fed through the decompressor to
2575                 // update the decompressor state
2576                 ipc->incomp(stat, skb, *proto);
2577                 return skb;
2578         }
2579 }
2580
2581 /*
2582  * compress a frame 
2583  *   type=0: normal/bundle compression
2584  *       =1: link compression
2585  * returns original skb if we haven't compressed the frame
2586  * and a new skb pointer if we've done it
2587  */
2588 static struct sk_buff *isdn_ppp_compress(struct sk_buff *skb_in,int *proto,
2589         struct ippp_struct *is,struct ippp_struct *master,int type)
2590 {
2591     int ret;
2592     int new_proto;
2593     struct isdn_ppp_compressor *compressor;
2594     void *stat;
2595     struct sk_buff *skb_out;
2596
2597         /* we do not compress control protocols */
2598     if(*proto < 0 || *proto > 0x3fff) {
2599             return skb_in;
2600     }
2601
2602         if(type) { /* type=1 => Link compression */
2603                 return skb_in;
2604         }
2605         else {
2606                 if(!master) {
2607                         compressor = is->compressor;
2608                         stat = is->comp_stat;
2609                 }
2610                 else {
2611                         compressor = master->compressor;
2612                         stat = master->comp_stat;
2613                 }
2614                 new_proto = PPP_COMP;
2615         }
2616
2617         if(!compressor) {
2618                 printk(KERN_ERR "isdn_ppp: No compressor set!\n");
2619                 return skb_in;
2620         }
2621         if(!stat) {
2622                 printk(KERN_ERR "isdn_ppp: Compressor not initialized?\n");
2623                 return skb_in;
2624         }
2625
2626         /* Allow for at least 150 % expansion (for now) */
2627         skb_out = alloc_skb(skb_in->len + skb_in->len/2 + 32 +
2628                 skb_headroom(skb_in), GFP_ATOMIC);
2629         if(!skb_out)
2630                 return skb_in;
2631         skb_reserve(skb_out, skb_headroom(skb_in));
2632
2633         ret = (compressor->compress)(stat,skb_in,skb_out,*proto);
2634         if(!ret) {
2635                 dev_kfree_skb(skb_out);
2636                 return skb_in;
2637         }
2638         
2639         dev_kfree_skb(skb_in);
2640         *proto = new_proto;
2641         return skb_out;
2642 }
2643
2644 /*
2645  * we received a CCP frame .. 
2646  * not a clean solution, but we MUST handle a few cases in the kernel
2647  */
2648 static void isdn_ppp_receive_ccp(isdn_net_dev *net_dev, isdn_net_local *lp,
2649          struct sk_buff *skb,int proto)
2650 {
2651         struct ippp_struct *is;
2652         struct ippp_struct *mis;
2653         int len;
2654         struct isdn_ppp_resetparams rsparm;
2655         unsigned char rsdata[IPPP_RESET_MAXDATABYTES];  
2656
2657         printk(KERN_DEBUG "Received CCP frame from peer slot(%d)\n",
2658                 lp->ppp_slot);
2659         if (lp->ppp_slot < 0 || lp->ppp_slot > ISDN_MAX_CHANNELS) {
2660                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
2661                         __FUNCTION__, lp->ppp_slot);
2662                 return;
2663         }
2664         is = ippp_table[lp->ppp_slot];
2665         isdn_ppp_frame_log("ccp-rcv", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2666
2667         if(lp->master) {
2668                 int slot = ((isdn_net_local *) (lp->master->priv))->ppp_slot;
2669                 if (slot < 0 || slot > ISDN_MAX_CHANNELS) {
2670                         printk(KERN_ERR "%s: slot(%d) out of range\n",
2671                                 __FUNCTION__, slot);
2672                         return;
2673                 }       
2674                 mis = ippp_table[slot];
2675         } else
2676                 mis = is;
2677
2678         switch(skb->data[0]) {
2679         case CCP_CONFREQ:
2680                 if(is->debug & 0x10)
2681                         printk(KERN_DEBUG "Disable compression here!\n");
2682                 if(proto == PPP_CCP)
2683                         mis->compflags &= ~SC_COMP_ON;          
2684                 else
2685                         is->compflags &= ~SC_LINK_COMP_ON;              
2686                 break;
2687         case CCP_TERMREQ:
2688         case CCP_TERMACK:
2689                 if(is->debug & 0x10)
2690                         printk(KERN_DEBUG "Disable (de)compression here!\n");
2691                 if(proto == PPP_CCP)
2692                         mis->compflags &= ~(SC_DECOMP_ON|SC_COMP_ON);           
2693                 else
2694                         is->compflags &= ~(SC_LINK_DECOMP_ON|SC_LINK_COMP_ON);          
2695                 break;
2696         case CCP_CONFACK:
2697                 /* if we RECEIVE an ackowledge we enable the decompressor */
2698                 if(is->debug & 0x10)
2699                         printk(KERN_DEBUG "Enable decompression here!\n");
2700                 if(proto == PPP_CCP) {
2701                         if (!mis->decompressor)
2702                                 break;
2703                         mis->compflags |= SC_DECOMP_ON;
2704                 } else {
2705                         if (!is->decompressor)
2706                                 break;
2707                         is->compflags |= SC_LINK_DECOMP_ON;
2708                 }
2709                 break;
2710
2711         case CCP_RESETACK:
2712                 printk(KERN_DEBUG "Received ResetAck from peer\n");
2713                 len = (skb->data[2] << 8) | skb->data[3];
2714                 len -= 4;
2715
2716                 if(proto == PPP_CCP) {
2717                         /* If a reset Ack was outstanding for this id, then
2718                            clean up the state engine */
2719                         isdn_ppp_ccp_reset_ack_rcvd(mis, skb->data[1]);
2720                         if(mis->decompressor && mis->decomp_stat)
2721                                 mis->decompressor->
2722                                         reset(mis->decomp_stat,
2723                                               skb->data[0],
2724                                               skb->data[1],
2725                                               len ? &skb->data[4] : NULL,
2726                                               len, NULL);
2727                         /* TODO: This is not easy to decide here */
2728                         mis->compflags &= ~SC_DECOMP_DISCARD;
2729                 }
2730                 else {
2731                         isdn_ppp_ccp_reset_ack_rcvd(is, skb->data[1]);
2732                         if(is->link_decompressor && is->link_decomp_stat)
2733                                 is->link_decompressor->
2734                                         reset(is->link_decomp_stat,
2735                                               skb->data[0],
2736                                               skb->data[1],
2737                                               len ? &skb->data[4] : NULL,
2738                                               len, NULL);
2739                         /* TODO: neither here */
2740                         is->compflags &= ~SC_LINK_DECOMP_DISCARD;
2741                 }
2742                 break;
2743
2744         case CCP_RESETREQ:
2745                 printk(KERN_DEBUG "Received ResetReq from peer\n");
2746                 /* Receiving a ResetReq means we must reset our compressor */
2747                 /* Set up reset params for the reset entry */
2748                 memset(&rsparm, 0, sizeof(rsparm));
2749                 rsparm.data = rsdata;
2750                 rsparm.maxdlen = IPPP_RESET_MAXDATABYTES; 
2751                 /* Isolate data length */
2752                 len = (skb->data[2] << 8) | skb->data[3];
2753                 len -= 4;
2754                 if(proto == PPP_CCP) {
2755                         if(mis->compressor && mis->comp_stat)
2756                                 mis->compressor->
2757                                         reset(mis->comp_stat,
2758                                               skb->data[0],
2759                                               skb->data[1],
2760                                               len ? &skb->data[4] : NULL,
2761                                               len, &rsparm);
2762                 }
2763                 else {
2764                         if(is->link_compressor && is->link_comp_stat)
2765                                 is->link_compressor->
2766                                         reset(is->link_comp_stat,
2767                                               skb->data[0],
2768                                               skb->data[1],
2769                                               len ? &skb->data[4] : NULL,
2770                                               len, &rsparm);
2771                 }
2772                 /* Ack the Req as specified by rsparm */
2773                 if(rsparm.valid) {
2774                         /* Compressor reset handler decided how to answer */
2775                         if(rsparm.rsend) {
2776                                 /* We should send a Frame */
2777                                 isdn_ppp_ccp_xmit_reset(is, proto, CCP_RESETACK,
2778                                                         rsparm.idval ? rsparm.id
2779                                                         : skb->data[1],
2780                                                         rsparm.dtval ?
2781                                                         rsparm.data : NULL,
2782                                                         rsparm.dtval ?
2783                                                         rsparm.dlen : 0);
2784                         } else {
2785                                 printk(KERN_DEBUG "ResetAck suppressed\n");
2786                         }
2787                 } else {
2788                         /* We answer with a straight reflected Ack */
2789                         isdn_ppp_ccp_xmit_reset(is, proto, CCP_RESETACK,
2790                                                 skb->data[1],
2791                                                 len ? &skb->data[4] : NULL,
2792                                                 len);
2793                 }
2794                 break;
2795         }
2796 }
2797
2798
2799 /*
2800  * Daemon sends a CCP frame ...
2801  */
2802
2803 /* TODO: Clean this up with new Reset semantics */
2804
2805 /* I believe the CCP handling as-is is done wrong. Compressed frames
2806  * should only be sent/received after CCP reaches UP state, which means
2807  * both sides have sent CONF_ACK. Currently, we handle both directions
2808  * independently, which means we may accept compressed frames too early
2809  * (supposedly not a problem), but may also mean we send compressed frames
2810  * too early, which may turn out to be a problem.
2811  * This part of state machine should actually be handled by (i)pppd, but
2812  * that's too big of a change now. --kai
2813  */
2814
2815 /* Actually, we might turn this into an advantage: deal with the RFC in
2816  * the old tradition of beeing generous on what we accept, but beeing
2817  * strict on what we send. Thus we should just
2818  * - accept compressed frames as soon as decompression is negotiated
2819  * - send compressed frames only when decomp *and* comp are negotiated
2820  * - drop rx compressed frames if we cannot decomp (instead of pushing them
2821  *   up to ipppd)
2822  * and I tried to modify this file according to that. --abp
2823  */
2824
2825 static void isdn_ppp_send_ccp(isdn_net_dev *net_dev, isdn_net_local *lp, struct sk_buff *skb)
2826 {
2827         struct ippp_struct *mis,*is;
2828         int proto, slot = lp->ppp_slot;
2829         unsigned char *data;
2830
2831         if(!skb || skb->len < 3)
2832                 return;
2833         if (slot < 0 || slot >= ISDN_MAX_CHANNELS) {
2834                 printk(KERN_ERR "%s: lp->ppp_slot(%d) out of range\n",
2835                         __FUNCTION__, slot);
2836                 return;
2837         }       
2838         is = ippp_table[slot];
2839         /* Daemon may send with or without address and control field comp */
2840         data = skb->data;
2841         if(!(is->pppcfg & SC_COMP_AC) && data[0] == 0xff && data[1] == 0x03) {
2842                 data += 2;
2843                 if(skb->len < 5)
2844                         return;
2845         }
2846
2847         proto = ((int)data[0]<<8)+data[1];
2848         if(proto != PPP_CCP && proto != PPP_CCPFRAG)
2849                 return;
2850
2851         printk(KERN_DEBUG "Received CCP frame from daemon:\n");
2852         isdn_ppp_frame_log("ccp-xmit", skb->data, skb->len, 32, is->unit,lp->ppp_slot);
2853
2854         if (lp->master) {
2855                 slot = ((isdn_net_local *) (lp->master->priv))->ppp_slot;
2856                 if (slot < 0 || slot > ISDN_MAX_CHANNELS) {
2857                         printk(KERN_ERR "%s: slot(%d) out of range\n",
2858                                 __FUNCTION__, slot);
2859                         return;
2860                 }       
2861                 mis = ippp_table[slot];
2862         } else
2863                 mis = is;
2864         if (mis != is)
2865                 printk(KERN_DEBUG "isdn_ppp: Ouch! Master CCP sends on slave slot!\n");
2866         
2867         switch(data[2]) {
2868         case CCP_CONFREQ:
2869                 if(is->debug & 0x10)
2870                         printk(KERN_DEBUG "Disable decompression here!\n");
2871                 if(proto == PPP_CCP)
2872                         is->compflags &= ~SC_DECOMP_ON;
2873                 else
2874                         is->compflags &= ~SC_LINK_DECOMP_ON;
2875                 break;
2876         case CCP_TERMREQ:
2877         case CCP_TERMACK:
2878                 if(is->debug & 0x10)
2879                         printk(KERN_DEBUG "Disable (de)compression here!\n");
2880                 if(proto == PPP_CCP)
2881                         is->compflags &= ~(SC_DECOMP_ON|SC_COMP_ON);
2882                 else
2883                         is->compflags &= ~(SC_LINK_DECOMP_ON|SC_LINK_COMP_ON);
2884                 break;
2885         case CCP_CONFACK:
2886                 /* if we SEND an ackowledge we can/must enable the compressor */
2887                 if(is->debug & 0x10)
2888                         printk(KERN_DEBUG "Enable compression here!\n");
2889                 if(proto == PPP_CCP) {
2890                         if (!is->compressor)
2891                                 break;
2892                         is->compflags |= SC_COMP_ON;
2893                 } else {
2894                         if (!is->compressor)
2895                                 break;
2896                         is->compflags |= SC_LINK_COMP_ON;
2897                 }
2898                 break;
2899         case CCP_RESETACK:
2900                 /* If we send a ACK we should reset our compressor */
2901                 if(is->debug & 0x10)
2902                         printk(KERN_DEBUG "Reset decompression state here!\n");
2903                 printk(KERN_DEBUG "ResetAck from daemon passed by\n");
2904                 if(proto == PPP_CCP) {
2905                         /* link to master? */
2906                         if(is->compressor && is->comp_stat)
2907                                 is->compressor->reset(is->comp_stat, 0, 0,
2908                                                       NULL, 0, NULL);
2909                         is->compflags &= ~SC_COMP_DISCARD;      
2910                 }
2911                 else {
2912                         if(is->link_compressor && is->link_comp_stat)
2913                                 is->link_compressor->reset(is->link_comp_stat,
2914                                                            0, 0, NULL, 0, NULL);
2915                         is->compflags &= ~SC_LINK_COMP_DISCARD; 
2916                 }
2917                 break;
2918         case CCP_RESETREQ:
2919                 /* Just let it pass by */
2920                 printk(KERN_DEBUG "ResetReq from daemon passed by\n");
2921                 break;
2922         }
2923 }
2924
2925 int isdn_ppp_register_compressor(struct isdn_ppp_compressor *ipc)
2926 {
2927         ipc->next = ipc_head;
2928         ipc->prev = NULL;
2929         if(ipc_head) {
2930                 ipc_head->prev = ipc;
2931         }
2932         ipc_head = ipc;
2933         return 0;
2934 }
2935
2936 int isdn_ppp_unregister_compressor(struct isdn_ppp_compressor *ipc)
2937 {
2938         if(ipc->prev)
2939                 ipc->prev->next = ipc->next;
2940         else
2941                 ipc_head = ipc->next;
2942         if(ipc->next)
2943                 ipc->next->prev = ipc->prev;
2944         ipc->prev = ipc->next = NULL;
2945         return 0;
2946 }
2947
2948 static int isdn_ppp_set_compressor(struct ippp_struct *is, struct isdn_ppp_comp_data *data)
2949 {
2950         struct isdn_ppp_compressor *ipc = ipc_head;
2951         int ret;
2952         void *stat;
2953         int num = data->num;
2954
2955         if(is->debug & 0x10)
2956                 printk(KERN_DEBUG "[%d] Set %s type %d\n",is->unit,
2957                         (data->flags&IPPP_COMP_FLAG_XMIT)?"compressor":"decompressor",num);
2958
2959         /* If is has no valid reset state vector, we cannot allocate a
2960            decompressor. The decompressor would cause reset transactions
2961            sooner or later, and they need that vector. */
2962
2963         if(!(data->flags & IPPP_COMP_FLAG_XMIT) && !is->reset) {
2964                 printk(KERN_ERR "ippp_ccp: no reset data structure - can't"
2965                        " allow decompression.\n");
2966                 return -ENOMEM;
2967         }
2968
2969         while(ipc) {
2970                 if(ipc->num == num) {
2971                         stat = ipc->alloc(data);
2972                         if(stat) {
2973                                 ret = ipc->init(stat,data,is->unit,0);
2974                                 if(!ret) {
2975                                         printk(KERN_ERR "Can't init (de)compression!\n");
2976                                         ipc->free(stat);
2977                                         stat = NULL;
2978                                         break;
2979                                 }
2980                         }
2981                         else {
2982                                 printk(KERN_ERR "Can't alloc (de)compression!\n");
2983                                 break;
2984                         }
2985
2986                         if(data->flags & IPPP_COMP_FLAG_XMIT) {
2987                                 if(data->flags & IPPP_COMP_FLAG_LINK) {
2988                                         if(is->link_comp_stat)
2989                                                 is->link_compressor->free(is->link_comp_stat);
2990                                         is->link_comp_stat = stat;
2991                                         is->link_compressor = ipc;
2992                                 }
2993                                 else {
2994                                         if(is->comp_stat)
2995                                                 is->compressor->free(is->comp_stat);
2996                                         is->comp_stat = stat;
2997                                         is->compressor = ipc;
2998                                 }
2999                         }
3000                         else {
3001                                 if(data->flags & IPPP_COMP_FLAG_LINK) {
3002                                         if(is->link_decomp_stat)
3003                                                 is->link_decompressor->free(is->link_decomp_stat);
3004                                         is->link_decomp_stat = stat;
3005                                         is->link_decompressor = ipc;
3006                                 }
3007                                 else {
3008                                         if(is->decomp_stat)
3009                                                 is->decompressor->free(is->decomp_stat);
3010                                         is->decomp_stat = stat;
3011                                         is->decompressor = ipc;
3012                                 }
3013                         }
3014                         return 0;
3015                 }
3016                 ipc = ipc->next;
3017         }
3018         return -EINVAL;
3019 }