Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Installation, configuration and troubleshooting of the Cisco VPN Client on Linux systems

Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby fetket » Thu Jul 02, 2009 11:25 pm

Hi all,

Trying to install vpnclient-linux-x86_64-4.8.02.0030-k9 with kernel 2.6.31-1 results in the following errors:

Code: Select all
Making module
make -C /lib/modules/2.6.31-1-generic/build SUBDIRS=/home/test/Downloads/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.31-1-generic'
  CC [M]  /home/test/Downloads/vpnclient/interceptor.o
/home/test/Downloads/vpnclient/interceptor.c: In function ‘interceptor_init’:
/home/test/Downloads/vpnclient/interceptor.c:132: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/test/Downloads/vpnclient/interceptor.c:133: error: ‘struct net_device’ has no member named ‘get_stats’
/home/test/Downloads/vpnclient/interceptor.c:134: error: ‘struct net_device’ has no member named ‘do_ioctl’
/home/test/Downloads/vpnclient/interceptor.c: In function ‘add_netdev’:
/home/test/Downloads/vpnclient/interceptor.c:271: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/test/Downloads/vpnclient/interceptor.c:272: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/test/Downloads/vpnclient/interceptor.c: In function ‘remove_netdev’:
/home/test/Downloads/vpnclient/interceptor.c:294: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
make[2]: *** [/home/test/Downloads/vpnclient/interceptor.o] Error 1
make[1]: *** [_module_/home/test/Downloads/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.31-1-generic'
make: *** [default] Error 2
Failed to make module "cisco_ipsec.ko".


I believe this is due to the 2.6.31 kernel removing backwards compatibility for the old network driver api - only the new net_driver_ops structure api is supported but am at a loss as to how to get it working, anyone who can assist?

Thanking you in advance!!!
fetket
Private
Private
 
Posts: 3
Joined: Thu Jul 02, 2009 11:18 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby nickloman » Fri Jul 24, 2009 9:33 am

Hey,

I too have the same problem with kernel 2.6.31-2.

I tried to patch the source of interceptor.c to use net_device_ops structure but I have to admit I have no idea what I'm doing. I got it compiling but it doesn't work. Perhaps someone who knows about such things could critique this patch.

Code: Select all
nick@ubuntu:~/vpn$ diff -u vpnclient/interceptor.c vpnclient_patch/interceptor.c
--- vpnclient/interceptor.c   2009-05-20 14:17:44.000000000 +0100
+++ vpnclient_patch/interceptor.c   2009-07-22 12:32:57.000000000 +0100
@@ -28,6 +28,10 @@
#include <linux/udp.h>
#include <net/protocol.h>

+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
+#include <net/net_namespace.h>
+#endif
+
#include "linux_os.h"

#include "vpn_ioctl_linux.h"
@@ -48,7 +52,7 @@
unsigned long rx_bytes;

/*methods of the cipsec network device*/
-static int interceptor_init(struct net_device *);
+static void interceptor_init(struct net_device *);
static struct net_device_stats *interceptor_stats(struct net_device *dev);
static int interceptor_ioctl(struct net_device *dev, struct ifreq *ifr,
                              int cmd);
@@ -107,34 +111,57 @@

BINDING Bindings[MAX_INTERFACES];

+/* 2.6.24 handles net_devices a little bit different
+ *
+ * by Alexander Griesser <work@tuxx-home.at>, 2008-01-11
+ */
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
+static struct net_device* interceptor_dev;
+#else
static struct net_device interceptor_dev = {
     .name = interceptor_name,
     .init = interceptor_init
};
+#endif
+
static struct notifier_block interceptor_notifier = {
     .notifier_call = handle_netdev_event,
};

+struct net_device_ops interceptorOps = {
+    .ndo_start_xmit = interceptor_tx,
+    .ndo_get_stats = interceptor_stats,
+    .ndo_do_ioctl = interceptor_ioctl,
+};
+
+struct net_device_ops otherInterceptorOps = {
+    .ndo_start_xmit = replacement_dev_xmit,
+    .ndo_get_stats = interceptor_stats,
+    .ndo_do_ioctl = interceptor_ioctl,
+};
+
+
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
-static int
+static void
#else
-static int __init
+static void __init
#endif
interceptor_init(struct net_device *dev)
{
     ether_setup(dev);

+    dev->netdev_ops = &interceptorOps;
+    /*
     dev->hard_start_xmit = interceptor_tx;
     dev->get_stats = interceptor_stats;
     dev->do_ioctl = interceptor_ioctl;
+    */

     dev->mtu = ETH_DATA_LEN-MTU_REDUCTION;
     kernel_memcpy(dev->dev_addr, interceptor_eth_addr,ETH_ALEN);
     dev->flags |= IFF_NOARP;
     dev->flags &= ~(IFF_BROADCAST | IFF_MULTICAST);
     kernel_memset(dev->broadcast, 0xFF, ETH_ALEN);
-
-    return 0;
}

static struct net_device_stats *
@@ -263,8 +290,8 @@
     Bindings[i].original_mtu = dev->mtu;

     /*replace the original send function with our send function */
-    Bindings[i].InjectSend = dev->hard_start_xmit;
-    dev->hard_start_xmit = replacement_dev_xmit;
+    Bindings[i].InjectSend = dev->netdev_ops->ndo_start_xmit;
+    dev->netdev_ops = &otherInterceptorOps;

     /*copy in the ip packet handler function and packet type struct */
     Bindings[i].InjectReceive = original_ip_handler.orig_handler_func;
@@ -286,7 +313,10 @@
     if (b)
     {   
         rc = 0;
-        dev->hard_start_xmit = b->InjectSend;
+        const struct net_device_ops revert_ops = {
+             .ndo_start_xmit = b->InjectSend,
+        };
+        dev->netdev_ops = &revert_ops;
         kernel_memset(b, 0, sizeof(BINDING));
     }
     else
@@ -362,8 +392,13 @@

     dp = NULL;
     num_target_devices = 0;
+
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
-    for_each_netdev(dp)
+    for_each_netdev(
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
+                    &init_net,
+#endif
+                    dp)
#else
     for (dp = dev_base; dp != NULL; dp = dp->next)
#endif
@@ -919,15 +954,29 @@

     rc = CniPluginLoad(&pcDeviceName, &PCNICallbackTable);

+/* 2.6.24 needs to allocate each netdevice before registering it, otherwise
+ * the kernel BUG()s.
+ *
+ * by Alexander Griesser <work@tuxx-home.at>, 2008-01-11
+ */
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
+    if(! (interceptor_dev = alloc_netdev(sizeof(struct net_device), interceptor_name, interceptor_init)))
+      return 0;
+#endif
+
     if (CNI_IS_SUCCESS(rc))
     {

         CNICallbackTable = *PCNICallbackTable;
         CniPluginDeviceCreated();
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
+   if ((status = register_netdev(interceptor_dev)) != 0)
+#else
         if ((status = register_netdev(&interceptor_dev)) != 0)
+#endif
         {
             printk(KERN_INFO "%s: error %d registering device \"%s\".\n",
-                   LINUX_VPN_IFNAME, status, interceptor_dev.name);
+                   LINUX_VPN_IFNAME, status, interceptor_name);
             CniPluginUnload();

         }
@@ -947,7 +996,11 @@
     cleanup_frag_queue();
     CniPluginUnload();

+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
+    unregister_netdev(interceptor_dev);
+#else
     unregister_netdev(&interceptor_dev);
+#endif
     unregister_netdevice_notifier(&interceptor_notifier);

     return;
nickloman
Private
Private
 
Posts: 1
Joined: Fri Jul 24, 2009 9:28 am

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby Xianfeng » Tue Sep 08, 2009 12:34 pm

It works fine with following patch:

--- interceptor.c.orig 2009-08-14 16:14:13.000000000 +0800
+++ interceptor.c 2009-09-08 18:31:29.000000000 +0800
@@ -120,6 +120,14 @@ static struct notifier_block interceptor
.notifier_call = handle_netdev_event,
};

+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+static const struct net_device_ops vpn_netdev_ops = {
+ .ndo_start_xmit = interceptor_tx,
+ .ndo_get_stats = interceptor_stats,
+ .ndo_do_ioctl = interceptor_ioctl,
+};
+#endif
+
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
static int
#else
@@ -129,9 +137,13 @@ interceptor_init(struct net_device *dev)
{
ether_setup(dev);

+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+ dev->netdev_ops = &vpn_netdev_ops;
+#else
dev->hard_start_xmit = interceptor_tx;
dev->get_stats = interceptor_stats;
dev->do_ioctl = interceptor_ioctl;
+#endif

dev->mtu = ETH_DATA_LEN-MTU_REDUCTION;
kernel_memcpy(dev->dev_addr, interceptor_eth_addr,ETH_ALEN);
@@ -274,9 +286,13 @@ add_netdev(struct net_device *dev)
Bindings[i].original_mtu = dev->mtu;

/*replace the original send function with our send function */
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+ Bindings[i].InjectSend = dev->netdev_ops->ndo_start_xmit;
+ dev->netdev_ops->ndo_start_xmit = replacement_dev_xmit;
+#else
Bindings[i].InjectSend = dev->hard_start_xmit;
dev->hard_start_xmit = replacement_dev_xmit;
-
+#endif
/*copy in the ip packet handler function and packet type struct */
Bindings[i].InjectReceive = original_ip_handler.orig_handler_func;
Bindings[i].pPT = original_ip_handler.pt;
@@ -297,7 +313,11 @@ remove_netdev(struct net_device *dev)
if (b)
{
rc = 0;
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+ dev->netdev_ops->ndo_start_xmit = b->InjectSend;
+#else
dev->hard_start_xmit = b->InjectSend;
+#endif
kernel_memset(b, 0, sizeof(BINDING));
}
else

===================
Also need to update head file linux-2.6.31-rc9/include/linux/netdevice.h, line 750 to this

struct net_device_ops *netdev_ops;

===================

Cisco Systems VPN Client Version 4.8.02 (0030)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.31-rc9 #2 SMP Tue Sep 8 17:25:42 HKT 2009 i686
Config file directory: /etc/opt/cisco-vpnclient

WARNING:
Using the "pwd" option may allow other users
on this computer to see your password.

Initializing the VPN connection.
Initiating TCP to 63.139.213.2, port 10000
Contacting the gateway at 63.139.213.2
Authenticating user.
Negotiating security policies.
Securing communication channel.

Your VPN connection is secure.

VPN tunnel information.
Client address: 10.50.20.131
Server address: 63.139.213.2
Encryption: 168-bit 3-DES
Authentication: HMAC-SHA
IP Compression: None
NAT passthrough is active on port TCP 10000
Local LAN Access is disabled

[xzeng@xzeng-desktop vpnclient]$ ifconfig
cipsec0 Link encap:Ethernet HWaddr 00:0B:FC:F8:01:8F
inet addr:10.50.20.131 Mask:255.255.255.0
inet6 addr: fe80::20b:fcff:fef8:18f/64 Scope:Link
UP RUNNING NOARP MTU:1332 Metric:1
RX packets:60 errors:0 dropped:15 overruns:0 frame:0
TX packets:44 errors:0 dropped:17 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:52627 (51.3 KiB) TX bytes:3739 (3.6 KiB)

eth0 Link encap:Ethernet HWaddr 00:1C:25:DD:FC:80
inet addr:10.67.7.100 Bcast:10.67.7.255 Mask:255.255.255.0
inet6 addr: fe80::21c:25ff:fedd:fc80/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11070 errors:0 dropped:0 overruns:0 frame:0
TX packets:3864 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3312767 (3.1 MiB) TX bytes:473926 (462.8 KiB)
Interrupt:16 Base address:0xc000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:333 errors:0 dropped:0 overruns:0 frame:0
TX packets:333 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:75992 (74.2 KiB) TX bytes:75992 (74.2 KiB)
Xianfeng
Private
Private
 
Posts: 1
Joined: Tue Sep 08, 2009 12:30 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby fetket » Tue Sep 08, 2009 1:24 pm

fantastic news!!! thanks very much, will test that out tonight!!!!
fetket
Private
Private
 
Posts: 3
Joined: Thu Jul 02, 2009 11:18 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby fetket » Tue Sep 08, 2009 6:46 pm

that patch doesnt work for me Im afraid:

missing header for unified diff at line 3 of patch
patching file interceptor.c
patch: **** malformed patch at line 4: .notifier_call = handle_netdev_event,
fetket
Private
Private
 
Posts: 3
Joined: Thu Jul 02, 2009 11:18 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby misterc » Thu Sep 10, 2009 7:05 am

Xianfeng wrote:+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+ Bindings[i].InjectSend = dev->netdev_ops->ndo_start_xmit;
+ dev->netdev_ops->ndo_start_xmit = replacement_dev_xmit;


Instead of the above, and the change to netdevice.h, I used:

((struct net_device_ops *) (&dev->netdev_ops))->ndo_start_xmit = replacement_dev_xmit;

===================
Also need to update head file linux-2.6.31-rc9/include/linux/netdevice.h, line 750 to this

struct net_device_ops *netdev_ops;

===================


Did you build the entire kernel with the above header file change?

Maybe that is my issue - modifying read-only data.

I am able to send but not receive any packets.

I really didn't want to manage and build my own kernels, I'm running Fedora, right now kernel is 2.6.30.5-43.fc11.i686.PAE (2.6.29 and up have the new netdev_ops).

-- Mister C.
misterc
Private
Private
 
Posts: 4
Joined: Sun Aug 02, 2009 8:34 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby goran'agar » Fri Sep 11, 2009 12:43 pm

Xianfeng wrote:It works fine with following patch:
<snip>


Hi. Many thanks for your work. I've applied you patch by hand and it works fine with 2.6.31 if I use my home wireless connection.

However it does not work with my HDSPA phone nor with my Huawei E220 HDSPA modem, using a ppp connection (kernel crashes in add_netdev):

[ 101.647705] BUG: unable to handle kernel paging request at c125bf18
[ 101.647723] IP: [<f875a89c>] add_netdev+0x5c/0x9b [cisco_ipsec]
[ 101.647794] *pde = 373bf063 *pte = 0125b161
[ 101.647805] Oops: 0003 [#1] PREEMPT
[ 101.647814] last sysfs file: /sys/devices/LNXSYSTM:00/device:00/PNP0A08:00/PNP0C0A:00/power_supply/BAT0/charge_full
[ 101.647825] Modules linked in: ppp_async crc_ccitt option usbserial nls_iso8859_1 nls_cp437 vfat fat snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm_oss snd_pcm cisco_ipsec(P) snd_mixer_oss usb_storage snd_timer battery uhci_hcd processor snd thermal ac button soundcore snd_page_alloc ehci_hcd
[ 101.647888]
[ 101.647899] Pid: 1058, comm: cvpnd Tainted: P (2.6.31-bfs211-900 #1) 900
[ 101.647908] EIP: 0060:[<f875a89c>] EFLAGS: 00210246 CPU: 0
[ 101.647963] EIP is at add_netdev+0x5c/0x9b [cisco_ipsec]
[ 101.647971] EAX: c125bf08 EBX: f69ea400 ECX: c11b1578 EDX: 0000002c
[ 101.647980] ESI: 00000001 EDI: f875aa22 EBP: 00000000 ESP: f6a65e94
[ 101.647988] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
[ 101.647997] Process cvpnd (pid: 1058, ti=f6a64000 task=f69fc990 task.ti=f6a64000)
[ 101.648004] Stack:
[ 101.648009] f875ab84 f6a65ee8 c143f048 f6a65ee8 c11eb812 000089f1 000089f1 f6a65ee8
[ 101.648026] <0> c11ebd8f 0825f200 00000000 c1389884 000200da 003fffff c1389e44 00200286
[ 101.648044] <0> c105871a f7015bd0 00001000 f6a65f04 f7015bc0 73706963 00306365 00000000
[ 101.648063] Call Trace:
[ 101.648122] [<f875ab84>] ? interceptor_ioctl+0x162/0x22f [cisco_ipsec]
[ 101.648140] [<c11eb812>] ? dev_ifsioc+0x250/0x269
[ 101.648151] [<c11ebd8f>] ? dev_ioctl+0x564/0x5c1
[ 101.648165] [<c105871a>] ? __alloc_pages_nodemask+0xc7/0x453
[ 101.648165] [<c11de17c>] ? sock_ioctl+0x0/0x1ca
[ 101.648165] [<c107cf8c>] ? vfs_ioctl+0x15/0x72
[ 101.648165] [<c107d524>] ? do_vfs_ioctl+0x47e/0x4be
[ 101.648165] [<c10654be>] ? handle_mm_fault+0x9da/0xb0d
[ 101.648165] [<c11df34e>] ? sys_socket+0x42/0x56
[ 101.648165] [<c107d591>] ? sys_ioctl+0x2d/0x44
[ 101.648165] [<c1002774>] ? sysenter_do_call+0x12/0x26
[ 101.648165] Code: 4c 6b d2 2c 89 82 a4 a0 7a f8 8b 88 cc 00 00 00 89 8a bc a0 7a f8 8b 88 b4 00 00 00 8b 49 10 89 8a b0 a0 7a f8 8b 80 b4 00 00 00 <c7> 40 10 ea b0 75 f8 a1 bc b4 7a f8 89 82 ac a0 7a f8 a1 b8 b4
[ 101.648165] EIP: [<f875a89c>] add_netdev+0x5c/0x9b [cisco_ipsec] SS:ESP 0068:f6a65e94
[ 101.648165] CR2: 00000000c125bf18
[ 101.648165] ---[ end trace b90dd651c1df94a6 ]---


Best wishes,
Fabio
goran'agar
Private
Private
 
Posts: 1
Joined: Fri Sep 11, 2009 12:23 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby J. Soete » Sat Sep 19, 2009 11:13 am

misterc wrote:
Xianfeng wrote:+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+ Bindings[i].InjectSend = dev->netdev_ops->ndo_start_xmit;
+ dev->netdev_ops->ndo_start_xmit = replacement_dev_xmit;


Instead of the above, and the change to netdevice.h, I used:

((struct net_device_ops *) (&dev->netdev_ops))->ndo_start_xmit = replacement_dev_xmit;

===================
Also need to update head file linux-2.6.31-rc9/include/linux/netdevice.h, line 750 to this

struct net_device_ops *netdev_ops;

===================


Did you build the entire kernel with the above header file change?

Maybe that is my issue - modifying read-only data.

I am able to send but not receive any packets.

I really didn't want to manage and build my own kernels, I'm running Fedora, right now kernel is 2.6.30.5-43.fc11.i686.PAE (2.6.29 and up have the new netdev_ops).

-- Mister C.


Dear Mister C.,

Based on your previous post <http://forum.tuxx-home.at/viewtopic.php?f=15&t=757&start=15#p5356> related to kernel 2.6.29 issue, I apply first the gentoo patch 4.8.02.0030-amd64.patch (<http://bugs.gentoo.org/attachment.cgi?id=170646>), I try to work on this other way to implement your idea (see below code).
This seems to work for me with my custom build kernel (no change in its src tree) and my adsl modem (not a wireless), I can again authenticate to cisco router and login with ssh to remote systems I have to manage :wink:

Tia for further testing,
J.

PS: same issue to attach patch, so here is a cut and past:
Code: Select all
diff -Naur vpnclient-linux-x86_64-4.8.02.0030-k9.gn2/GenDefs.h vpnclient-linux-x86_64-4.8.02.0030-k9.wrk/GenDefs.h
--- vpnclient-linux-x86_64-4.8.02.0030-k9.gn2/GenDefs.h   2008-06-23 16:59:12.000000000 +0000
+++ vpnclient-linux-x86_64-4.8.02.0030-k9.wrk/GenDefs.h   2009-09-12 22:55:40.000000000 +0000
@@ -105,6 +105,15 @@
#define _INTPTR_T_DEFINED
#endif

+/* uintptr_t has been defined in include/linux/types.h in 2.6.24.
+ * No need to define it here again (will only lead to compile errors)
+ *
+ * by Alexander Griesser <work@tuxx-home.at>, 2008-01-11
+ */
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
+#define _UINTPTR_T_DEFINED
+#endif
+
#ifndef _UINTPTR_T_DEFINED
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,24)
#if defined(_LP64)
diff -Naur vpnclient-linux-x86_64-4.8.02.0030-k9.gn2/interceptor.c vpnclient-linux-x86_64-4.8.02.0030-k9.wrk/interceptor.c
--- vpnclient-linux-x86_64-4.8.02.0030-k9.gn2/interceptor.c   2009-09-18 12:48:45.000000000 +0000
+++ vpnclient-linux-x86_64-4.8.02.0030-k9.wrk/interceptor.c   2009-09-18 13:27:06.000000000 +0000
@@ -28,6 +28,10 @@
#include <linux/udp.h>
#include <net/protocol.h>

+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
+#include <net/net_namespace.h>
+#endif
+
#include "linux_os.h"

#include "vpn_ioctl_linux.h"
@@ -48,7 +52,7 @@
unsigned long rx_bytes;

/*methods of the cipsec network device*/
-static int interceptor_init(struct net_device *);
+static void interceptor_init(struct net_device *);
static struct net_device_stats *interceptor_stats(struct net_device *dev);
static int interceptor_ioctl(struct net_device *dev, struct ifreq *ifr,
                              int cmd);
@@ -120,26 +124,43 @@
     .notifier_call = handle_netdev_event,
};

+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
+static const struct net_device_ops interceptor_netdev_ops = {
+    .ndo_start_xmit = interceptor_tx,
+    .ndo_get_stats = interceptor_stats,
+    .ndo_do_ioctl = interceptor_ioctl,
+};
+static const struct net_device_ops replacement_netdev_ops = {
+    .ndo_start_xmit = replacement_dev_xmit,
+    .ndo_get_stats = interceptor_stats,
+    .ndo_do_ioctl = interceptor_ioctl,
+};
+#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
-static int
+static void
#else
-static int __init
+static void __init
#endif
interceptor_init(struct net_device *dev)
{
     ether_setup(dev);

+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
+    /*
+     * The new netops have to be used.
+     */
+    dev->netdev_ops = &interceptor_netdev_ops;
+#else
     dev->hard_start_xmit = interceptor_tx;
     dev->get_stats = interceptor_stats;
     dev->do_ioctl = interceptor_ioctl;
+#endif

     dev->mtu = ETH_DATA_LEN-MTU_REDUCTION;
     kernel_memcpy(dev->dev_addr, interceptor_eth_addr,ETH_ALEN);
     dev->flags |= IFF_NOARP;
     dev->flags &= ~(IFF_BROADCAST | IFF_MULTICAST);
     kernel_memset(dev->broadcast, 0xFF, ETH_ALEN);
-
-    return 0;
}

static struct net_device_stats *
@@ -268,8 +289,13 @@
     Bindings[i].original_mtu = dev->mtu;

     /*replace the original send function with our send function */
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
+    Bindings[i].Inject_ops = dev->netdev_ops;
+    dev->netdev_ops = &replacement_netdev_ops;
+#else
     Bindings[i].InjectSend = dev->hard_start_xmit;
     dev->hard_start_xmit = replacement_dev_xmit;
+#endif

     /*copy in the ip packet handler function and packet type struct */
     Bindings[i].InjectReceive = original_ip_handler.orig_handler_func;
@@ -291,7 +317,12 @@
     if (b)
     {   
         rc = 0;
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
+        dev->netdev_ops = b->Inject_ops;
+        dev->mtu = b->original_mtu;
+#else
         dev->hard_start_xmit = b->InjectSend;
+#endif
         kernel_memset(b, 0, sizeof(BINDING));
     }
     else
@@ -653,11 +684,13 @@
#endif
         if ((hard_header_len < 0) || (hard_header_len > skb_headroom(skb)))
         {
-            printk(KERN_DEBUG "bad hh len %d\n", hard_header_len);
-
-            printk(KERN_DEBUG "bad hh len %d, mac: %d, data: %p, head: %p\n",
+            printk(KERN_DEBUG "bad hh len %d, mac: %p, data: %p, head: %p\n",
                 hard_header_len,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
                 skb->mac_header,    /* actualy ptr in 32-bit */
+#else
+                skb->mac.raw,
+#endif
                 skb->data,
                 skb->head);

@@ -860,7 +893,11 @@
         }
         break;
     case CNI_CHAIN:
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
+        rc2 = pBinding->Inject_ops->ndo_start_xmit(skb, dev);
+#else
         rc2 = pBinding->InjectSend(skb, dev);
+#endif
         break;
     default:
         printk(KERN_DEBUG "Unhandled case in %s rc was %x\n", __FUNCTION__,
@@ -911,7 +948,11 @@
     //only need to handle IP packets.
     if (skb->protocol != htons(ETH_P_IP))
     {
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
+        rc2 = pBinding->Inject_ops->ndo_start_xmit(skb, dev);
+#else
         rc2 = pBinding->InjectSend(skb, dev);
+#endif
         goto exit_gracefully;
     }

@@ -939,10 +980,17 @@
     PCNI_CHARACTERISTICS PCNICallbackTable;
     CNISTATUS rc = CNI_SUCCESS;

+    rc = CniPluginLoad(&pcDeviceName, &PCNICallbackTable);
+
+/* 2.6.24 needs to allocate each netdevice before registering it, otherwise
+ * the kernel BUG()s.
+ *
+ * by Alexander Griesser <work@tuxx-home.at>, 2008-01-11
+ */
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
-    interceptor_dev= alloc_netdev( 0, interceptor_name, (void *)interceptor_init);
+    if(! (interceptor_dev = alloc_netdev(sizeof(struct net_device), interceptor_name, interceptor_init)))
+      return 0;
#endif
-    rc = CniPluginLoad(&pcDeviceName, &PCNICallbackTable);

     if (CNI_IS_SUCCESS(rc))
     {
diff -Naur vpnclient-linux-x86_64-4.8.02.0030-k9.gn2/linuxcniapi.c vpnclient-linux-x86_64-4.8.02.0030-k9.wrk/linuxcniapi.c
--- vpnclient-linux-x86_64-4.8.02.0030-k9.gn2/linuxcniapi.c   2009-09-18 12:48:45.000000000 +0000
+++ vpnclient-linux-x86_64-4.8.02.0030-k9.wrk/linuxcniapi.c   2009-09-18 11:16:57.000000000 +0000
@@ -509,7 +509,11 @@

     /* send this packet up the NIC driver */
     // May need to call dev_queue_xmit(skb) instead
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
+    tmp_rc = pBinding->Inject_ops->ndo_start_xmit(skb, skb->dev);
+#else
     tmp_rc = pBinding->InjectSend(skb, skb->dev);
+#endif

#ifdef VIRTUAL_ADAPTER
     pVABinding = CniGetVABinding();
diff -Naur vpnclient-linux-x86_64-4.8.02.0030-k9.gn2/linuxcniapi.h vpnclient-linux-x86_64-4.8.02.0030-k9.wrk/linuxcniapi.h
--- vpnclient-linux-x86_64-4.8.02.0030-k9.gn2/linuxcniapi.h   2008-06-23 16:59:12.000000000 +0000
+++ vpnclient-linux-x86_64-4.8.02.0030-k9.wrk/linuxcniapi.h   2009-09-18 11:13:47.000000000 +0000
@@ -30,7 +30,11 @@
#else
                           struct packet_type *);
#endif
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
+    const struct net_device_ops *Inject_ops;
+#else
     int (*InjectSend) (struct sk_buff * skb, struct net_device * dev);
+#endif

     int recv_real_hh_len;
     int send_real_hh_len;
J. Soete
Private
Private
 
Posts: 3
Joined: Sat Sep 19, 2009 9:56 am

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby misterc » Wed Sep 23, 2009 2:08 am

J. Soete wrote:
Dear Mister C.,

Based on your previous post <http://forum.tuxx-home.at/viewtopic.php?f=15&t=757&start=15#p5356> related to kernel 2.6.29 issue, I apply first the gentoo patch 4.8.02.0030-amd64.patch (<http://bugs.gentoo.org/attachment.cgi?id=170646>), I try to work on this other way to implement your idea (see below code).
This seems to work for me with my custom build kernel (no change in its src tree) and my adsl modem (not a wireless), I can again authenticate to cisco router and login with ssh to remote systems I have to manage :wink:

Tia for further testing,
J.

PS: same issue to attach patch, so here is a cut and past:


Hi -

Thanks for that patch, I tried it out and it worked fine! Maybe cisco should pay us for the development and testing ;-)

Again, I'm using Fedora 11 with 2.6.30.5-43.fc11.i686.PAE kernel (the latest fedora 11 kernel at this time).

I had to modify the patch - the cut-and-paste must have messed up some of the white space, and then I did *not* apply the amd64 patch first, so (I assume that is why) I got some rejects.

This seems much safer than my method (overwriting read-only data, BTW my cast was wrong, that was one of my problems) and better than removing a const and (perhaps) rebuilding the entire kernel.

-- Mister C.
misterc
Private
Private
 
Posts: 4
Joined: Sun Aug 02, 2009 8:34 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby J. Soete » Thu Sep 24, 2009 8:58 pm

misterc wrote:Hi -

Thanks for that patch, I tried it out and it worked fine! Maybe cisco should pay us for the development and testing ;-)

Again, I'm using Fedora 11 with 2.6.30.5-43.fc11.i686.PAE kernel (the latest fedora 11 kernel at this time).

I had to modify the patch - the cut-and-paste must have messed up some of the white space, and then I did *not* apply the amd64 patch first, so (I assume that is why) I got some rejects.


Ok I would better have to apply tux patches, sorry.
Any way I was quite confident you will understand the idea and apply it by hand ;<)

This seems much safer than my method (overwriting read-only data, BTW my cast was wrong, that was one of my problems) and better than removing a const and (perhaps) rebuilding the entire kernel.

-- Mister C.


Please feel free to use this idea for all the best.

Tx for feedback,
J.
J. Soete
Private
Private
 
Posts: 3
Joined: Sat Sep 19, 2009 9:56 am

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby HuckinFappy » Mon Sep 28, 2009 6:44 pm

Thank you gentlemen.

I was able to finally get back to using the cisco-vpnclient for work. I took vpnclient-linux-x86_64-4.8.02.0030-k9, applied the vpnclient-linux-4.8.02-64bit.patch and the override-local-lan.patch, which worked fine, and the hand applied the patch above. I can confirm this works with 2.6.30.5-43_x86_64, which is the latest Fedora 11 kernel.
HuckinFappy
Private
Private
 
Posts: 2
Joined: Mon Jul 13, 2009 7:36 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby Akira Nonaka » Wed Sep 30, 2009 11:29 am

Hi,

I am looking for the override-local-lan.patch. Can someone tell me where can I get it?

Thanks in advance.

Akira Nonaka, Tokyo, Japan.
Akira Nonaka
Private
Private
 
Posts: 1
Joined: Wed Sep 30, 2009 11:21 am

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby Mactabilis » Thu Oct 15, 2009 12:52 pm

Can someone pls make a short step by step Tutorial on how to apply these patches ? I've never applied any patches and I need to get my vpn working ASAP for the university on my netbook whihc runs Moblin 2.1 (Kernel 2.6.31.3-7.1.moblin2)
Mactabilis
Private
Private
 
Posts: 1
Joined: Thu Oct 15, 2009 12:47 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby missingdroid » Sun Oct 18, 2009 2:17 pm

This is Xianfeng's patch, formatted to apply.

Code: Select all
--- interceptor.c   2009-05-20 14:16:34.000000000 +0100
+++ interceptor.c.new   2009-10-18 13:24:26.621647545 +0100
@@ -120,6 +120,14 @@
     .notifier_call = handle_netdev_event,
};

+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+static const struct net_device_ops vpn_netdev_ops = {
+    .ndo_start_xmit = interceptor_tx,
+    .ndo_get_stats = interceptor_stats,
+    .ndo_do_ioctl = interceptor_ioctl,
+};
+#endif
+
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
static int
#else
@@ -129,9 +137,13 @@
{
     ether_setup(dev);

-    dev->hard_start_xmit = interceptor_tx;
-    dev->get_stats = interceptor_stats;
-    dev->do_ioctl = interceptor_ioctl;
+    #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+        dev->netdev_ops = &vpn_netdev_ops;
+    #else
+        dev->hard_start_xmit = interceptor_tx;
+        dev->get_stats = interceptor_stats;
+        dev->do_ioctl = interceptor_ioctl;
+    #endif

     dev->mtu = ETH_DATA_LEN-MTU_REDUCTION;
     kernel_memcpy(dev->dev_addr, interceptor_eth_addr,ETH_ALEN);
@@ -268,8 +280,13 @@
     Bindings[i].original_mtu = dev->mtu;

     /*replace the original send function with our send function */
-    Bindings[i].InjectSend = dev->hard_start_xmit;
-    dev->hard_start_xmit = replacement_dev_xmit;
+    #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+        Bindings[i].InjectSend = dev->netdev_ops->ndo_start_xmit;
+        dev->netdev_ops->ndo_start_xmit = replacement_dev_xmit;
+    #else
+        Bindings[i].InjectSend = dev->hard_start_xmit;
+        dev->hard_start_xmit = replacement_dev_xmit;
+    #endif

     /*copy in the ip packet handler function and packet type struct */
     Bindings[i].InjectReceive = original_ip_handler.orig_handler_func;
@@ -291,7 +308,12 @@
     if (b)
     {   
         rc = 0;
-        dev->hard_start_xmit = b->InjectSend;
+        #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31)
+            dev->netdev_ops->ndo_start_xmit = b->InjectSend;
+        #else
+            dev->hard_start_xmit = b->InjectSend;
+        #endif
+
         kernel_memset(b, 0, sizeof(BINDING));
     }
     else

missingdroid
Private
Private
 
Posts: 1
Joined: Sun Oct 18, 2009 2:11 pm

Re: Kernel 2.6.31-1 and vpnclient-linux-x86_64-4.8.02.0030-k9

Postby mrmonkington » Thu Oct 22, 2009 1:40 pm

The previous patch didn't quite work for me, but here's a modified version that hacks out the constness of a couple of structs:

https://bugs.launchpad.net/ubuntu/+sour ... bug/441204

Seems to work fine for me so far though I draw your attention to the bug poster's report of his system hanging :)
mrmonkington
Private
Private
 
Posts: 1
Joined: Thu Oct 22, 2009 1:35 pm

Next

Return to Cisco VPN Client on Linux systems

Who is online

Users browsing this forum: No registered users and 4 guests

cron