| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Apr 2023 10:34:03 +0200
From: Guillaume Nault <gnault@...hat.com>
To: Samuel Thibault <samuel.thibault@...-lyon.org>,
James Chapman <jchapman@...alix.com>, tparkin@...alix.com,
edumazet@...gle.com, davem@...emloft.net, kuba@...nel.org,
pabeni@...hat.com, corbet@....net, netdev@...r.kernel.org,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] PPPoL2TP: Add more code snippets
On Mon, Apr 17, 2023 at 12:07:04AM +0200, Samuel Thibault wrote:
> The existing documentation was not telling that one has to create a PPP
> channel and a PPP interface to get PPPoL2TP data offloading working.
>
> Also, tunnel switching was not described, so that people were thinking
> it was not supported, while it actually is.
>
> Signed-off-by: Samuel Thibault <samuel.thibault@...-lyon.org>
>
> ---
> Documentation/networking/l2tp.rst | 59 ++++++++++++++++++++++++++++++++++++--
> 1 file changed, 56 insertions(+), 3 deletions(-)
>
> --- a/Documentation/networking/l2tp.rst
> +++ b/Documentation/networking/l2tp.rst
> @@ -387,11 +387,12 @@ Sample userspace code:
> - Create session PPPoX data socket::
>
> struct sockaddr_pppol2tp sax;
> - int fd;
> + int ret;
>
> /* Note, the tunnel socket must be bound already, else it
> * will not be ready
> */
> + int session_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);
Please declare session_fd with the other variables.
Also, check the return value of the socket() call.
> sax.sa_family = AF_PPPOX;
> sax.sa_protocol = PX_PROTO_OL2TP;
> sax.pppol2tp.fd = tunnel_fd;
> @@ -406,12 +407,64 @@ Sample userspace code:
> /* session_fd is the fd of the session's PPPoL2TP socket.
> * tunnel_fd is the fd of the tunnel UDP / L2TPIP socket.
> */
> - fd = connect(session_fd, (struct sockaddr *)&sax, sizeof(sax));
> - if (fd < 0 ) {
> + ret = connect(session_fd, (struct sockaddr *)&sax, sizeof(sax));
> + if (ret < 0 ) {
Now you also need to close session_fd.
> return -errno;
> }
> return 0;
>
> + - Create PPP channel::
> +
> + int chindx;
> + ret = ioctl(session_fd, PPPIOCGCHAN, &chindx);
> + if (ret < 0)
> + return -errno;
> +
> + int ppp_chan_fd = open("/dev/ppp", O_RDWR);
> +
> + ret = ioctl(ppp_chan_fd, PPPIOCATTCHAN, &chindx);
> + if (ret < 0)
> + return -errno;
> +
> +Non-data PPP frames will be available for read on `ppp_chan_fd`.
> +
> + - Create PPP interface::
> +
> + int ppp_if_fd = open("/dev/ppp", O_RDWR);
Check for errors please.
> +
> + int ifunit;
Also, keep kernel style formatting:
* All variable declarations in one block (ordered from longest to
shortest line).
* New line between variable declarations and code.
> + ret = ioctl(ppp_if_fd, PPPIOCNEWUNIT, &ifunit);
You need to initialise ifunit first.
Use -1 to let the kernel pick a free unit index.
> + if (ret < 0)
> + return -errno;
> +
> + ret = ioctl(ppp_chan_fd, PPPIOCCONNECT, ifunit);
> + if (ret < 0)
> + return -errno;
> +
> +The ppp<ifunit> interface can then be configured as usual with SIOCSIFMTU,
> +SIOCSIFADDR, SIOCSIFDSTADDR, SIOCSIFNETMASK, and activated by setting IFF_UP
> +with SIOCSIFFLAGS
> +
> + - Tunnel switching is supported by bridging channels::
This is a PPP feature not an L2TP one. PPPIOCBRIDGECHAN's description
belongs to Documentation/networking/ppp_generic.rst, where it's already
documented. If documentation needs to be improved, that should be done
there.
If necessary, you can link to ppp_generic.rst here.
Also, calling this feature 'tunnel switching' is misleading. Switching
happens between L2TP sessions (or more generally between any PPP
transports), not between L2TP tunnels (which are just L2TP session
multiplexers).
Powered by blists - more mailing lists