^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) * ppp_mppe.c - interface MPPE to the PPP code.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * This version is for use with Linux kernel 2.6.14+
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * By Frank Cusack <fcusack@fcusack.com>.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) * Copyright (c) 2002,2003,2004 Google, Inc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) * All rights reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) * License:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) * Permission to use, copy, modify, and distribute this software and its
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) * documentation is hereby granted, provided that the above copyright
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) * notice appears in all copies. This software is provided without any
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) * warranty, express or implied.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) * ALTERNATIVELY, provided that this notice is retained in full, this product
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) * may be distributed under the terms of the GNU General Public License (GPL),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) * in which case the provisions of the GPL apply INSTEAD OF those given above.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) * This program is free software; you can redistribute it and/or modify
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) * it under the terms of the GNU General Public License as published by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) * the Free Software Foundation; either version 2 of the License, or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) * (at your option) any later version.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) * This program is distributed in the hope that it will be useful,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) * but WITHOUT ANY WARRANTY; without even the implied warranty of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) * GNU General Public License for more details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) * You should have received a copy of the GNU General Public License
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) * along with this program; if not, see <http://www.gnu.org/licenses/>.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) * Changelog:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) * 08/12/05 - Matt Domsch <Matt_Domsch@dell.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) * Only need extra skb padding on transmit, not receive.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) * 06/18/04 - Matt Domsch <Matt_Domsch@dell.com>, Oleg Makarenko <mole@quadra.ru>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) * Use Linux kernel 2.6 arc4 and sha1 routines rather than
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) * providing our own.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) * 2/15/04 - TS: added #include <version.h> and testing for Kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) * version before using
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) * MOD_DEC_USAGE_COUNT/MOD_INC_USAGE_COUNT which are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) * deprecated in 2.6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) #include <crypto/arc4.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) #include <crypto/hash.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) #include <linux/err.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) #include <linux/fips.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) #include <linux/module.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) #include <linux/kernel.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) #include <linux/init.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) #include <linux/types.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) #include <linux/string.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) #include <linux/mm.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) #include <linux/ppp_defs.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) #include <linux/ppp-comp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) #include <linux/scatterlist.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) #include <asm/unaligned.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) #include "ppp_mppe.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) MODULE_AUTHOR("Frank Cusack <fcusack@fcusack.com>");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) MODULE_DESCRIPTION("Point-to-Point Protocol Microsoft Point-to-Point Encryption support");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) MODULE_LICENSE("Dual BSD/GPL");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) MODULE_VERSION("1.0.2");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) #define SHA1_PAD_SIZE 40
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) * kernel crypto API needs its arguments to be in kmalloc'd memory, not in the module
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) * static data area. That means sha_pad needs to be kmalloc'd.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) struct sha_pad {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) unsigned char sha_pad1[SHA1_PAD_SIZE];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) unsigned char sha_pad2[SHA1_PAD_SIZE];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) static struct sha_pad *sha_pad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) static inline void sha_pad_init(struct sha_pad *shapad)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) memset(shapad->sha_pad1, 0x00, sizeof(shapad->sha_pad1));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) memset(shapad->sha_pad2, 0xF2, sizeof(shapad->sha_pad2));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) * State for an MPPE (de)compressor.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) struct ppp_mppe_state {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) struct arc4_ctx arc4;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) struct shash_desc *sha1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) unsigned char *sha1_digest;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) unsigned char master_key[MPPE_MAX_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) unsigned char session_key[MPPE_MAX_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) unsigned keylen; /* key length in bytes */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) /* NB: 128-bit == 16, 40-bit == 8! */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) /* If we want to support 56-bit, */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) /* the unit has to change to bits */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) unsigned char bits; /* MPPE control bits */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) unsigned ccount; /* 12-bit coherency count (seqno) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) unsigned stateful; /* stateful mode flag */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) int discard; /* stateful mode packet loss flag */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) int sanity_errors; /* take down LCP if too many */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) int unit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) int debug;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) struct compstat stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) /* struct ppp_mppe_state.bits definitions */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) #define MPPE_BIT_A 0x80 /* Encryption table were (re)inititalized */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) #define MPPE_BIT_B 0x40 /* MPPC only (not implemented) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) #define MPPE_BIT_C 0x20 /* MPPC only (not implemented) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) #define MPPE_BIT_D 0x10 /* This is an encrypted frame */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) #define MPPE_BIT_FLUSHED MPPE_BIT_A
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) #define MPPE_BIT_ENCRYPTED MPPE_BIT_D
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) #define MPPE_BITS(p) ((p)[4] & 0xf0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) #define MPPE_CCOUNT(p) ((((p)[4] & 0x0f) << 8) + (p)[5])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) #define MPPE_CCOUNT_SPACE 0x1000 /* The size of the ccount space */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) #define MPPE_OVHD 2 /* MPPE overhead/packet */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) #define SANITY_MAX 1600 /* Max bogon factor we will tolerate */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) * Key Derivation, from RFC 3078, RFC 3079.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) static void get_new_key_from_sha(struct ppp_mppe_state * state)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) crypto_shash_init(state->sha1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) crypto_shash_update(state->sha1, state->master_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) state->keylen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) crypto_shash_update(state->sha1, sha_pad->sha_pad1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) sizeof(sha_pad->sha_pad1));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) crypto_shash_update(state->sha1, state->session_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) state->keylen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) crypto_shash_update(state->sha1, sha_pad->sha_pad2,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) sizeof(sha_pad->sha_pad2));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) crypto_shash_final(state->sha1, state->sha1_digest);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) * Perform the MPPE rekey algorithm, from RFC 3078, sec. 7.3.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) * Well, not what's written there, but rather what they meant.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) static void mppe_rekey(struct ppp_mppe_state * state, int initial_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) get_new_key_from_sha(state);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) if (!initial_key) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) arc4_setkey(&state->arc4, state->sha1_digest, state->keylen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) arc4_crypt(&state->arc4, state->session_key, state->sha1_digest,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) state->keylen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) memcpy(state->session_key, state->sha1_digest, state->keylen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) if (state->keylen == 8) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) /* See RFC 3078 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) state->session_key[0] = 0xd1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) state->session_key[1] = 0x26;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) state->session_key[2] = 0x9e;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) arc4_setkey(&state->arc4, state->session_key, state->keylen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) * Allocate space for a (de)compressor.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) static void *mppe_alloc(unsigned char *options, int optlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) struct ppp_mppe_state *state;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) struct crypto_shash *shash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) unsigned int digestsize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) if (optlen != CILEN_MPPE + sizeof(state->master_key) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) options[0] != CI_MPPE || options[1] != CILEN_MPPE ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) fips_enabled)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) state = kzalloc(sizeof(*state), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) if (state == NULL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) shash = crypto_alloc_shash("sha1", 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) if (IS_ERR(shash))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) goto out_free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) state->sha1 = kmalloc(sizeof(*state->sha1) +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) crypto_shash_descsize(shash),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) if (!state->sha1) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) crypto_free_shash(shash);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) goto out_free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) state->sha1->tfm = shash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) digestsize = crypto_shash_digestsize(shash);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) if (digestsize < MPPE_MAX_KEY_LEN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) goto out_free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) state->sha1_digest = kmalloc(digestsize, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) if (!state->sha1_digest)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) goto out_free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) /* Save keys. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) memcpy(state->master_key, &options[CILEN_MPPE],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) sizeof(state->master_key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) memcpy(state->session_key, state->master_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) sizeof(state->master_key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) * We defer initial key generation until mppe_init(), as mppe_alloc()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) * is called frequently during negotiation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) return (void *)state;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) out_free:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) kfree(state->sha1_digest);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) if (state->sha1) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) crypto_free_shash(state->sha1->tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) kfree_sensitive(state->sha1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) kfree(state);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) * Deallocate space for a (de)compressor.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) static void mppe_free(void *arg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) if (state) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) kfree(state->sha1_digest);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) crypto_free_shash(state->sha1->tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) kfree_sensitive(state->sha1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) kfree_sensitive(state);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) * Initialize (de)compressor state.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) static int
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) mppe_init(void *arg, unsigned char *options, int optlen, int unit, int debug,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) const char *debugstr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) unsigned char mppe_opts;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) if (optlen != CILEN_MPPE ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) options[0] != CI_MPPE || options[1] != CILEN_MPPE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) MPPE_CI_TO_OPTS(&options[2], mppe_opts);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) if (mppe_opts & MPPE_OPT_128)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) state->keylen = 16;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) else if (mppe_opts & MPPE_OPT_40)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) state->keylen = 8;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) printk(KERN_WARNING "%s[%d]: unknown key length\n", debugstr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) unit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) if (mppe_opts & MPPE_OPT_STATEFUL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) state->stateful = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) /* Generate the initial session key. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) mppe_rekey(state, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) if (debug) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) printk(KERN_DEBUG "%s[%d]: initialized with %d-bit %s mode\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) debugstr, unit, (state->keylen == 16) ? 128 : 40,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) (state->stateful) ? "stateful" : "stateless");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) printk(KERN_DEBUG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) "%s[%d]: keys: master: %*phN initial session: %*phN\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) debugstr, unit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) (int)sizeof(state->master_key), state->master_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) (int)sizeof(state->session_key), state->session_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) * Initialize the coherency count. The initial value is not specified
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) * in RFC 3078, but we can make a reasonable assumption that it will
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) * start at 0. Setting it to the max here makes the comp/decomp code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) * do the right thing (determined through experiment).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) state->ccount = MPPE_CCOUNT_SPACE - 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) * Note that even though we have initialized the key table, we don't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) * set the FLUSHED bit. This is contrary to RFC 3078, sec. 3.1.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) state->bits = MPPE_BIT_ENCRYPTED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) state->unit = unit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) state->debug = debug;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) static int
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) mppe_comp_init(void *arg, unsigned char *options, int optlen, int unit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) int hdrlen, int debug)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) /* ARGSUSED */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) return mppe_init(arg, options, optlen, unit, debug, "mppe_comp_init");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) * We received a CCP Reset-Request (actually, we are sending a Reset-Ack),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) * tell the compressor to rekey. Note that we MUST NOT rekey for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) * every CCP Reset-Request; we only rekey on the next xmit packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) * We might get multiple CCP Reset-Requests if our CCP Reset-Ack is lost.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) * So, rekeying for every CCP Reset-Request is broken as the peer will not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) * know how many times we've rekeyed. (If we rekey and THEN get another
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) * CCP Reset-Request, we must rekey again.)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) static void mppe_comp_reset(void *arg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) state->bits |= MPPE_BIT_FLUSHED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) * Compress (encrypt) a packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) * It's strange to call this a compressor, since the output is always
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) * MPPE_OVHD + 2 bytes larger than the input.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) static int
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) int isize, int osize)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) int proto;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) * Check that the protocol is in the range we handle.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) proto = PPP_PROTOCOL(ibuf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) if (proto < 0x0021 || proto > 0x00fa)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) /* Make sure we have enough room to generate an encrypted packet. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) if (osize < isize + MPPE_OVHD + 2) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) /* Drop the packet if we should encrypt it, but can't. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) printk(KERN_DEBUG "mppe_compress[%d]: osize too small! "
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) "(have: %d need: %d)\n", state->unit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) osize, osize + MPPE_OVHD + 2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) return -1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) osize = isize + MPPE_OVHD + 2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) * Copy over the PPP header and set control bits.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) obuf[0] = PPP_ADDRESS(ibuf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) obuf[1] = PPP_CONTROL(ibuf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) put_unaligned_be16(PPP_COMP, obuf + 2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) obuf += PPP_HDRLEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) if (state->debug >= 7)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) printk(KERN_DEBUG "mppe_compress[%d]: ccount %d\n", state->unit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) state->ccount);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) put_unaligned_be16(state->ccount, obuf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) if (!state->stateful || /* stateless mode */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) ((state->ccount & 0xff) == 0xff) || /* "flag" packet */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) (state->bits & MPPE_BIT_FLUSHED)) { /* CCP Reset-Request */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) /* We must rekey */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) if (state->debug && state->stateful)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) printk(KERN_DEBUG "mppe_compress[%d]: rekeying\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) state->unit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) mppe_rekey(state, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) state->bits |= MPPE_BIT_FLUSHED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) obuf[0] |= state->bits;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) state->bits &= ~MPPE_BIT_FLUSHED; /* reset for next xmit */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) obuf += MPPE_OVHD;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) ibuf += 2; /* skip to proto field */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) isize -= 2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) arc4_crypt(&state->arc4, obuf, ibuf, isize);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) state->stats.unc_bytes += isize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) state->stats.unc_packets++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) state->stats.comp_bytes += osize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) state->stats.comp_packets++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) return osize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) * Since every frame grows by MPPE_OVHD + 2 bytes, this is always going
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) * to look bad ... and the longer the link is up the worse it will get.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) static void mppe_comp_stats(void *arg, struct compstat *stats)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) *stats = state->stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) static int
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) mppe_decomp_init(void *arg, unsigned char *options, int optlen, int unit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) int hdrlen, int mru, int debug)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) /* ARGSUSED */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) return mppe_init(arg, options, optlen, unit, debug, "mppe_decomp_init");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) * We received a CCP Reset-Ack. Just ignore it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) static void mppe_decomp_reset(void *arg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) /* ARGSUSED */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) * Decompress (decrypt) an MPPE packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) static int
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) int osize)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) unsigned ccount;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) if (isize <= PPP_HDRLEN + MPPE_OVHD) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) if (state->debug)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443) printk(KERN_DEBUG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) "mppe_decompress[%d]: short pkt (%d)\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) state->unit, isize);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) return DECOMP_ERROR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) * Make sure we have enough room to decrypt the packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) * Note that for our test we only subtract 1 byte whereas in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) * mppe_compress() we added 2 bytes (+MPPE_OVHD);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) * this is to account for possible PFC.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) if (osize < isize - MPPE_OVHD - 1) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! "
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) "(have: %d need: %d)\n", state->unit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) osize, isize - MPPE_OVHD - 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) return DECOMP_ERROR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) osize = isize - MPPE_OVHD - 2; /* assume no PFC */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) ccount = MPPE_CCOUNT(ibuf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) if (state->debug >= 7)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465) printk(KERN_DEBUG "mppe_decompress[%d]: ccount %d\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) state->unit, ccount);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468) /* sanity checks -- terminate with extreme prejudice */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) if (!(MPPE_BITS(ibuf) & MPPE_BIT_ENCRYPTED)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470) printk(KERN_DEBUG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) "mppe_decompress[%d]: ENCRYPTED bit not set!\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) state->unit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) state->sanity_errors += 100;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) goto sanity_error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) if (!state->stateful && !flushed) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set in "
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) "stateless mode!\n", state->unit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) state->sanity_errors += 100;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) goto sanity_error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) if (state->stateful && ((ccount & 0xff) == 0xff) && !flushed) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) printk(KERN_DEBUG "mppe_decompress[%d]: FLUSHED bit not set on "
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) "flag packet!\n", state->unit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) state->sanity_errors += 100;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486) goto sanity_error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) * Check the coherency count.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) if (!state->stateful) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) /* Discard late packet */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) if ((ccount - state->ccount) % MPPE_CCOUNT_SPACE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) > MPPE_CCOUNT_SPACE / 2) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) state->sanity_errors++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) goto sanity_error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) /* RFC 3078, sec 8.1. Rekey for every packet. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) while (state->ccount != ccount) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) mppe_rekey(state, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) /* RFC 3078, sec 8.2. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) if (!state->discard) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) /* normal state */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) state->ccount = (state->ccount + 1) % MPPE_CCOUNT_SPACE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) if (ccount != state->ccount) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) * (ccount > state->ccount)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) * Packet loss detected, enter the discard state.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) * Signal the peer to rekey (by sending a CCP Reset-Request).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) state->discard = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) return DECOMP_ERROR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) /* discard state */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) if (!flushed) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523) /* ccp.c will be silent (no additional CCP Reset-Requests). */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) return DECOMP_ERROR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) /* Rekey for every missed "flag" packet. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) while ((ccount & ~0xff) !=
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528) (state->ccount & ~0xff)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) mppe_rekey(state, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530) state->ccount =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) (state->ccount +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) 256) % MPPE_CCOUNT_SPACE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) /* reset */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) state->discard = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537) state->ccount = ccount;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539) * Another problem with RFC 3078 here. It implies that the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) * peer need not send a Reset-Ack packet. But RFC 1962
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) * requires it. Hopefully, M$ does send a Reset-Ack; even
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) * though it isn't required for MPPE synchronization, it is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) * required to reset CCP state.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) if (flushed)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548) mppe_rekey(state, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) * Fill in the first part of the PPP header. The protocol field
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) * comes from the decrypted data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) obuf[0] = PPP_ADDRESS(ibuf); /* +1 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) obuf[1] = PPP_CONTROL(ibuf); /* +1 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) obuf += 2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) ibuf += PPP_HDRLEN + MPPE_OVHD;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) isize -= PPP_HDRLEN + MPPE_OVHD; /* -6 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) /* net osize: isize-4 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) * Decrypt the first byte in order to check if it is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) * a compressed or uncompressed protocol field.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) arc4_crypt(&state->arc4, obuf, ibuf, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) * Do PFC decompression.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) * This would be nicer if we were given the actual sk_buff
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) * instead of a char *.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) if ((obuf[0] & 0x01) != 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) obuf[1] = obuf[0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) obuf[0] = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) obuf++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) osize++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) /* And finally, decrypt the rest of the packet. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) arc4_crypt(&state->arc4, obuf + 1, ibuf + 1, isize - 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) state->stats.unc_bytes += osize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) state->stats.unc_packets++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) state->stats.comp_bytes += isize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) state->stats.comp_packets++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) /* good packet credit */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) state->sanity_errors >>= 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) return osize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) sanity_error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) if (state->sanity_errors < SANITY_MAX)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) return DECOMP_ERROR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) /* Take LCP down if the peer is sending too many bogons.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) * We don't want to do this for a single or just a few
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599) * instances since it could just be due to packet corruption.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) return DECOMP_FATALERROR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) * Incompressible data has arrived (this should never happen!).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) * We should probably drop the link if the protocol is in the range
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) * of what should be encrypted. At the least, we should drop this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) * packet. (How to do this?)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) static void mppe_incomp(void *arg, unsigned char *ibuf, int icnt)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) if (state->debug &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) (PPP_PROTOCOL(ibuf) >= 0x0021 && PPP_PROTOCOL(ibuf) <= 0x00fa))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) printk(KERN_DEBUG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) "mppe_incomp[%d]: incompressible (unencrypted) data! "
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) "(proto %04x)\n", state->unit, PPP_PROTOCOL(ibuf));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) state->stats.inc_bytes += icnt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) state->stats.inc_packets++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) state->stats.unc_bytes += icnt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) state->stats.unc_packets++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) /*************************************************************
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) * Module interface table
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) *************************************************************/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) * Procedures exported to if_ppp.c.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) static struct compressor ppp_mppe = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) .compress_proto = CI_MPPE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) .comp_alloc = mppe_alloc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) .comp_free = mppe_free,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) .comp_init = mppe_comp_init,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) .comp_reset = mppe_comp_reset,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) .compress = mppe_compress,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640) .comp_stat = mppe_comp_stats,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) .decomp_alloc = mppe_alloc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) .decomp_free = mppe_free,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) .decomp_init = mppe_decomp_init,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) .decomp_reset = mppe_decomp_reset,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) .decompress = mppe_decompress,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) .incomp = mppe_incomp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) .decomp_stat = mppe_comp_stats,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) .owner = THIS_MODULE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) .comp_extra = MPPE_PAD,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) * ppp_mppe_init()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) * Prior to allowing load, try to load the arc4 and sha1 crypto
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656) * libraries. The actual use will be allocated later, but
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) * this way the module will fail to insmod if they aren't available.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) static int __init ppp_mppe_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) int answer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) if (fips_enabled || !crypto_has_ahash("sha1", 0, CRYPTO_ALG_ASYNC))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) return -ENODEV;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667) if (!sha_pad)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) sha_pad_init(sha_pad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671) answer = ppp_register_compressor(&ppp_mppe);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) if (answer == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) printk(KERN_INFO "PPP MPPE Compression module registered\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) kfree(sha_pad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) return answer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) static void __exit ppp_mppe_cleanup(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) ppp_unregister_compressor(&ppp_mppe);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684) kfree(sha_pad);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) module_init(ppp_mppe_init);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688) module_exit(ppp_mppe_cleanup);
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags