Merge branch 'add-ppp_generic-ioctls-to-bridge-channels'
Tom Parkin says: ==================== add ppp_generic ioctl(s) to bridge channels Following on from my previous RFC[1], this series adds two ioctl calls to the ppp code to implement "channel bridging". When two ppp channels are bridged, frames presented to ppp_input() on one channel are passed to the other channel's ->start_xmit function for transmission. The primary use-case for this functionality is in an L2TP Access Concentrator where PPP frames are typically presented in a PPPoE session (e.g. from a home broadband user) and are forwarded to the ISP network in a PPPoL2TP session. The two new ioctls, PPPIOCBRIDGECHAN and PPPIOCUNBRIDGECHAN form a symmetric pair. Userspace code testing and illustrating use of the ioctl calls is available in the go-l2tp[2] and l2tp-ktest[3] repositories. [1]. Previous RFC series: https://lore.kernel.org/netdev/20201106181647.16358-1-tparkin@katalix.com/ [2]. go-l2tp: a Go library for building L2TP applications on Linux systems. Support for the PPPIOCBRIDGECHAN ioctl is on a branch: https://github.com/katalix/go-l2tp/tree/tp_002_pppoe_2 [3]. l2tp-ktest: a test suite for the Linux Kernel L2TP subsystem. Support for the PPPIOCBRIDGECHAN ioctl is on a branch: https://github.com/katalix/l2tp-ktest/tree/tp_ac_pppoe_tests_2 Changelog: v4: * Fix NULL-pointer access in PPPIOCBRIDGECHAN in the case that the ID of the channel to be bridged wasn't found. * Add comment in ppp_unbridge_channels to better document the unbridge process. v3: * Use rcu_dereference_protected for accessing struct channel 'bridge' field during updates with lock 'upl' held. * Avoid race in ppp_unbridge_channels by ensuring that each channel in the bridge points to it's peer before decrementing refcounts. v2: * Add missing __rcu annotation to struct channel 'bridge' field in order to squash a sparse warning from a C=1 build * Integrate review comments from gnault@redhat.com * Have ppp_unbridge_channels return -EINVAL if the channel isn't part of a bridge: this better aligns with the return code from ppp_disconnect_channel. * Improve docs update by including information on ioctl arguments and error return codes. ==================== Reviewed-by: Guillaume Nault <gnault@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
commit
91163f8214
|
@ -314,6 +314,22 @@ channel are:
|
|||
it is connected to. It will return an EINVAL error if the channel
|
||||
is not connected to an interface.
|
||||
|
||||
* PPPIOCBRIDGECHAN bridges a channel with another. The argument should
|
||||
point to an int containing the channel number of the channel to bridge
|
||||
to. Once two channels are bridged, frames presented to one channel by
|
||||
ppp_input() are passed to the bridge instance for onward transmission.
|
||||
This allows frames to be switched from one channel into another: for
|
||||
example, to pass PPPoE frames into a PPPoL2TP session. Since channel
|
||||
bridging interrupts the normal ppp_input() path, a given channel may
|
||||
not be part of a bridge at the same time as being part of a unit.
|
||||
This ioctl will return an EALREADY error if the channel is already
|
||||
part of a bridge or unit, or ENXIO if the requested channel does not
|
||||
exist.
|
||||
|
||||
* PPPIOCUNBRIDGECHAN performs the inverse of PPPIOCBRIDGECHAN, unbridging
|
||||
a channel pair. This ioctl will return an EINVAL error if the channel
|
||||
does not form part of a bridge.
|
||||
|
||||
* All other ioctl commands are passed to the channel ioctl() function.
|
||||
|
||||
The ioctl calls that are available on an instance that is attached to
|
||||
|
|
|
@ -174,7 +174,8 @@ struct channel {
|
|||
struct ppp *ppp; /* ppp unit we're connected to */
|
||||
struct net *chan_net; /* the net channel belongs to */
|
||||
struct list_head clist; /* link in list of channels per unit */
|
||||
rwlock_t upl; /* protects `ppp' */
|
||||
rwlock_t upl; /* protects `ppp' and 'bridge' */
|
||||
struct channel __rcu *bridge; /* "bridged" ppp channel */
|
||||
#ifdef CONFIG_PPP_MULTILINK
|
||||
u8 avail; /* flag used in multilink stuff */
|
||||
u8 had_frag; /* >= 1 fragments have been sent */
|
||||
|
@ -606,6 +607,83 @@ static struct bpf_prog *compat_ppp_get_filter(struct sock_fprog32 __user *p)
|
|||
#endif
|
||||
#endif
|
||||
|
||||
/* Bridge one PPP channel to another.
|
||||
* When two channels are bridged, ppp_input on one channel is redirected to
|
||||
* the other's ops->start_xmit handler.
|
||||
* In order to safely bridge channels we must reject channels which are already
|
||||
* part of a bridge instance, or which form part of an existing unit.
|
||||
* Once successfully bridged, each channel holds a reference on the other
|
||||
* to prevent it being freed while the bridge is extant.
|
||||
*/
|
||||
static int ppp_bridge_channels(struct channel *pch, struct channel *pchb)
|
||||
{
|
||||
write_lock_bh(&pch->upl);
|
||||
if (pch->ppp ||
|
||||
rcu_dereference_protected(pch->bridge, lockdep_is_held(&pch->upl))) {
|
||||
write_unlock_bh(&pch->upl);
|
||||
return -EALREADY;
|
||||
}
|
||||
rcu_assign_pointer(pch->bridge, pchb);
|
||||
write_unlock_bh(&pch->upl);
|
||||
|
||||
write_lock_bh(&pchb->upl);
|
||||
if (pchb->ppp ||
|
||||
rcu_dereference_protected(pchb->bridge, lockdep_is_held(&pchb->upl))) {
|
||||
write_unlock_bh(&pchb->upl);
|
||||
goto err_unset;
|
||||
}
|
||||
rcu_assign_pointer(pchb->bridge, pch);
|
||||
write_unlock_bh(&pchb->upl);
|
||||
|
||||
refcount_inc(&pch->file.refcnt);
|
||||
refcount_inc(&pchb->file.refcnt);
|
||||
|
||||
return 0;
|
||||
|
||||
err_unset:
|
||||
write_lock_bh(&pch->upl);
|
||||
RCU_INIT_POINTER(pch->bridge, NULL);
|
||||
write_unlock_bh(&pch->upl);
|
||||
synchronize_rcu();
|
||||
return -EALREADY;
|
||||
}
|
||||
|
||||
static int ppp_unbridge_channels(struct channel *pch)
|
||||
{
|
||||
struct channel *pchb, *pchbb;
|
||||
|
||||
write_lock_bh(&pch->upl);
|
||||
pchb = rcu_dereference_protected(pch->bridge, lockdep_is_held(&pch->upl));
|
||||
if (!pchb) {
|
||||
write_unlock_bh(&pch->upl);
|
||||
return -EINVAL;
|
||||
}
|
||||
RCU_INIT_POINTER(pch->bridge, NULL);
|
||||
write_unlock_bh(&pch->upl);
|
||||
|
||||
/* Only modify pchb if phcb->bridge points back to pch.
|
||||
* If not, it implies that there has been a race unbridging (and possibly
|
||||
* even rebridging) pchb. We should leave pchb alone to avoid either a
|
||||
* refcount underflow, or breaking another established bridge instance.
|
||||
*/
|
||||
write_lock_bh(&pchb->upl);
|
||||
pchbb = rcu_dereference_protected(pchb->bridge, lockdep_is_held(&pchb->upl));
|
||||
if (pchbb == pch)
|
||||
RCU_INIT_POINTER(pchb->bridge, NULL);
|
||||
write_unlock_bh(&pchb->upl);
|
||||
|
||||
synchronize_rcu();
|
||||
|
||||
if (pchbb == pch)
|
||||
if (refcount_dec_and_test(&pch->file.refcnt))
|
||||
ppp_destroy_channel(pch);
|
||||
|
||||
if (refcount_dec_and_test(&pchb->file.refcnt))
|
||||
ppp_destroy_channel(pchb);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static long ppp_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
|
||||
{
|
||||
struct ppp_file *pf;
|
||||
|
@ -641,8 +719,9 @@ static long ppp_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
|
|||
}
|
||||
|
||||
if (pf->kind == CHANNEL) {
|
||||
struct channel *pch;
|
||||
struct channel *pch, *pchb;
|
||||
struct ppp_channel *chan;
|
||||
struct ppp_net *pn;
|
||||
|
||||
pch = PF_TO_CHANNEL(pf);
|
||||
|
||||
|
@ -657,6 +736,31 @@ static long ppp_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
|
|||
err = ppp_disconnect_channel(pch);
|
||||
break;
|
||||
|
||||
case PPPIOCBRIDGECHAN:
|
||||
if (get_user(unit, p))
|
||||
break;
|
||||
err = -ENXIO;
|
||||
pn = ppp_pernet(current->nsproxy->net_ns);
|
||||
spin_lock_bh(&pn->all_channels_lock);
|
||||
pchb = ppp_find_channel(pn, unit);
|
||||
/* Hold a reference to prevent pchb being freed while
|
||||
* we establish the bridge.
|
||||
*/
|
||||
if (pchb)
|
||||
refcount_inc(&pchb->file.refcnt);
|
||||
spin_unlock_bh(&pn->all_channels_lock);
|
||||
if (!pchb)
|
||||
break;
|
||||
err = ppp_bridge_channels(pch, pchb);
|
||||
/* Drop earlier refcount now bridge establishment is complete */
|
||||
if (refcount_dec_and_test(&pchb->file.refcnt))
|
||||
ppp_destroy_channel(pchb);
|
||||
break;
|
||||
|
||||
case PPPIOCUNBRIDGECHAN:
|
||||
err = ppp_unbridge_channels(pch);
|
||||
break;
|
||||
|
||||
default:
|
||||
down_read(&pch->chan_sem);
|
||||
chan = pch->chan;
|
||||
|
@ -2089,6 +2193,40 @@ static bool ppp_decompress_proto(struct sk_buff *skb)
|
|||
return pskb_may_pull(skb, 2);
|
||||
}
|
||||
|
||||
/* Attempt to handle a frame via. a bridged channel, if one exists.
|
||||
* If the channel is bridged, the frame is consumed by the bridge.
|
||||
* If not, the caller must handle the frame by normal recv mechanisms.
|
||||
* Returns true if the frame is consumed, false otherwise.
|
||||
*/
|
||||
static bool ppp_channel_bridge_input(struct channel *pch, struct sk_buff *skb)
|
||||
{
|
||||
struct channel *pchb;
|
||||
|
||||
rcu_read_lock();
|
||||
pchb = rcu_dereference(pch->bridge);
|
||||
if (!pchb)
|
||||
goto out_rcu;
|
||||
|
||||
spin_lock(&pchb->downl);
|
||||
if (!pchb->chan) {
|
||||
/* channel got unregistered */
|
||||
kfree_skb(skb);
|
||||
goto outl;
|
||||
}
|
||||
|
||||
skb_scrub_packet(skb, !net_eq(pch->chan_net, pchb->chan_net));
|
||||
if (!pchb->chan->ops->start_xmit(pchb->chan, skb))
|
||||
kfree_skb(skb);
|
||||
|
||||
outl:
|
||||
spin_unlock(&pchb->downl);
|
||||
out_rcu:
|
||||
rcu_read_unlock();
|
||||
|
||||
/* If pchb is set then we've consumed the packet */
|
||||
return !!pchb;
|
||||
}
|
||||
|
||||
void
|
||||
ppp_input(struct ppp_channel *chan, struct sk_buff *skb)
|
||||
{
|
||||
|
@ -2100,6 +2238,10 @@ ppp_input(struct ppp_channel *chan, struct sk_buff *skb)
|
|||
return;
|
||||
}
|
||||
|
||||
/* If the channel is bridged, transmit via. bridge */
|
||||
if (ppp_channel_bridge_input(pch, skb))
|
||||
return;
|
||||
|
||||
read_lock_bh(&pch->upl);
|
||||
if (!ppp_decompress_proto(skb)) {
|
||||
kfree_skb(skb);
|
||||
|
@ -2796,8 +2938,11 @@ ppp_unregister_channel(struct ppp_channel *chan)
|
|||
list_del(&pch->list);
|
||||
spin_unlock_bh(&pn->all_channels_lock);
|
||||
|
||||
ppp_unbridge_channels(pch);
|
||||
|
||||
pch->file.dead = 1;
|
||||
wake_up_interruptible(&pch->file.rwait);
|
||||
|
||||
if (refcount_dec_and_test(&pch->file.refcnt))
|
||||
ppp_destroy_channel(pch);
|
||||
}
|
||||
|
@ -3270,7 +3415,8 @@ ppp_connect_channel(struct channel *pch, int unit)
|
|||
goto out;
|
||||
write_lock_bh(&pch->upl);
|
||||
ret = -EINVAL;
|
||||
if (pch->ppp)
|
||||
if (pch->ppp ||
|
||||
rcu_dereference_protected(pch->bridge, lockdep_is_held(&pch->upl)))
|
||||
goto outl;
|
||||
|
||||
ppp_lock(ppp);
|
||||
|
|
|
@ -115,6 +115,8 @@ struct pppol2tp_ioc_stats {
|
|||
#define PPPIOCATTCHAN _IOW('t', 56, int) /* attach to ppp channel */
|
||||
#define PPPIOCGCHAN _IOR('t', 55, int) /* get ppp channel number */
|
||||
#define PPPIOCGL2TPSTATS _IOR('t', 54, struct pppol2tp_ioc_stats)
|
||||
#define PPPIOCBRIDGECHAN _IOW('t', 53, int) /* bridge one channel to another */
|
||||
#define PPPIOCUNBRIDGECHAN _IO('t', 54) /* unbridge channel */
|
||||
|
||||
#define SIOCGPPPSTATS (SIOCDEVPRIVATE + 0)
|
||||
#define SIOCGPPPVER (SIOCDEVPRIVATE + 1) /* NEVER change this!! */
|
||||
|
|
Loading…
Reference in New Issue