1 /* $NetBSD: if_pppoe.c,v 1.141 2018/06/26 06:48:02 msaitoh Exp $ */ 2 3 /*- 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.141 2018/06/26 06:48:02 msaitoh Exp $"); 34 35 #ifdef _KERNEL_OPT 36 #include "pppoe.h" 37 #include "opt_pppoe.h" 38 #include "opt_net_mpsafe.h" 39 #endif 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/callout.h> 45 #include <sys/malloc.h> 46 #include <sys/mbuf.h> 47 #include <sys/socket.h> 48 #include <sys/proc.h> 49 #include <sys/ioctl.h> 50 #include <sys/kauth.h> 51 #include <sys/intr.h> 52 #include <sys/socketvar.h> 53 #include <sys/device.h> 54 #include <sys/module.h> 55 #include <sys/sysctl.h> 56 #include <sys/rwlock.h> 57 #include <sys/mutex.h> 58 #include <sys/psref.h> 59 60 #include <net/if.h> 61 #include <net/if_types.h> 62 #include <net/if_ether.h> 63 #include <net/if_sppp.h> 64 #include <net/if_spppvar.h> 65 #include <net/if_pppoe.h> 66 #include <net/if_dl.h> 67 68 #include <net/bpf.h> 69 70 #include "ioconf.h" 71 72 #ifdef NET_MPSAFE 73 #define PPPOE_MPSAFE 1 74 #endif 75 76 struct pppoehdr { 77 uint8_t vertype; 78 uint8_t code; 79 uint16_t session; 80 uint16_t plen; 81 } __packed; 82 83 struct pppoetag { 84 uint16_t tag; 85 uint16_t len; 86 } __packed; 87 88 #define PPPOE_HEADERLEN sizeof(struct pppoehdr) 89 #define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 90 #define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 91 92 #define PPPOE_TAG_EOL 0x0000 /* end of list */ 93 #define PPPOE_TAG_SNAME 0x0101 /* service name */ 94 #define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 95 #define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 96 #define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 97 #define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 98 #define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 99 #define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 100 #define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 101 #define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 102 #define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 103 104 #define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 105 #define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 106 #define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 107 #define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 108 #define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 109 110 /* two byte PPP protocol discriminator, then IP data */ 111 #define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 112 113 /* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 114 #define PPPOE_ADD_16(PTR, VAL) \ 115 *(PTR)++ = (VAL) / 256; \ 116 *(PTR)++ = (VAL) % 256 117 118 /* Add a complete PPPoE header to the buffer pointed to by PTR */ 119 #define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 120 *(PTR)++ = PPPOE_VERTYPE; \ 121 *(PTR)++ = (CODE); \ 122 PPPOE_ADD_16(PTR, SESS); \ 123 PPPOE_ADD_16(PTR, LEN) 124 125 #define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 126 #define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 127 #define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 128 #define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 129 #define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 130 #define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 131 132 #ifdef PPPOE_SERVER 133 /* from if_spppsubr.c */ 134 #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 135 #endif 136 137 #define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 138 #define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 139 #define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 140 141 #ifdef PPPOE_MPSAFE 142 #define DECLARE_SPLNET_VARIABLE 143 #define ACQUIRE_SPLNET() do { } while (0) 144 #define RELEASE_SPLNET() do { } while (0) 145 #else 146 #define DECLARE_SPLNET_VARIABLE int __s 147 #define ACQUIRE_SPLNET() do { \ 148 __s = splnet(); \ 149 } while (0) 150 #define RELEASE_SPLNET() do { \ 151 splx(__s); \ 152 } while (0) 153 #endif 154 155 struct pppoe_softc { 156 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 157 LIST_ENTRY(pppoe_softc) sc_list; 158 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 159 160 int sc_state; /* discovery phase or session connected */ 161 struct ether_addr sc_dest; /* hardware address of concentrator */ 162 uint16_t sc_session; /* PPPoE session id */ 163 164 char *sc_service_name; /* if != NULL: requested name of service */ 165 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 166 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 167 size_t sc_ac_cookie_len; /* length of cookie data */ 168 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 169 size_t sc_relay_sid_len; /* length of relay SID data */ 170 #ifdef PPPOE_SERVER 171 uint8_t *sc_hunique; /* content of host unique we must echo back */ 172 size_t sc_hunique_len; /* length of host unique */ 173 #endif 174 callout_t sc_timeout; /* timeout while not in session state */ 175 int sc_padi_retried; /* number of PADI retries already done */ 176 int sc_padr_retried; /* number of PADR retries already done */ 177 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 178 }; 179 180 /* incoming traffic will be queued here */ 181 struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 182 struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 183 184 void *pppoe_softintr = NULL; 185 static void pppoe_softintr_handler(void *); 186 187 extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 188 189 /* input routines */ 190 static void pppoeintr(void); 191 static void pppoe_disc_input(struct mbuf *); 192 static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 193 static void pppoe_data_input(struct mbuf *); 194 static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 195 196 /* management routines */ 197 static int pppoe_connect(struct pppoe_softc *); 198 static int pppoe_disconnect(struct pppoe_softc *); 199 static void pppoe_abort_connect(struct pppoe_softc *); 200 static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 201 static void pppoe_tls(struct sppp *); 202 static void pppoe_tlf(struct sppp *); 203 static void pppoe_start(struct ifnet *); 204 #ifdef PPPOE_MPSAFE 205 static int pppoe_transmit(struct ifnet *, struct mbuf *); 206 #endif 207 static void pppoe_clear_softc(struct pppoe_softc *, const char *); 208 209 /* internal timeout handling */ 210 static void pppoe_timeout(void *); 211 212 /* sending actual protocol controll packets */ 213 static int pppoe_send_padi(struct pppoe_softc *); 214 static int pppoe_send_padr(struct pppoe_softc *); 215 #ifdef PPPOE_SERVER 216 static int pppoe_send_pado(struct pppoe_softc *); 217 static int pppoe_send_pads(struct pppoe_softc *); 218 #endif 219 static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 220 221 /* raw output */ 222 static int pppoe_output(struct pppoe_softc *, struct mbuf *); 223 224 /* internal helper functions */ 225 static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 226 krw_t); 227 static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 228 struct ifnet *, krw_t); 229 static struct mbuf *pppoe_get_mbuf(size_t len); 230 231 static void pppoe_ifattach_hook(void *, unsigned long, void *); 232 233 static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 234 static krwlock_t pppoe_softc_list_lock; 235 236 static int pppoe_clone_create(struct if_clone *, int); 237 static int pppoe_clone_destroy(struct ifnet *); 238 239 static bool pppoe_term_unknown = false; 240 static int pppoe_term_unknown_pps = 1; 241 242 static struct sysctllog *pppoe_sysctl_clog; 243 static void sysctl_net_pppoe_setup(struct sysctllog **); 244 245 static struct if_clone pppoe_cloner = 246 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 247 248 /* ARGSUSED */ 249 void 250 pppoeattach(int count) 251 { 252 253 /* 254 * Nothing to do here, initialization is handled by the 255 * module initialization code in pppoeinit() below). 256 */ 257 } 258 259 static void 260 pppoeinit(void) 261 { 262 263 LIST_INIT(&pppoe_softc_list); 264 rw_init(&pppoe_softc_list_lock); 265 if_clone_attach(&pppoe_cloner); 266 267 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 268 pppoe_softintr_handler, NULL); 269 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 270 271 IFQ_LOCK_INIT(&ppoediscinq); 272 IFQ_LOCK_INIT(&ppoeinq); 273 } 274 275 static int 276 pppoedetach(void) 277 { 278 int error = 0; 279 280 rw_enter(&pppoe_softc_list_lock, RW_READER); 281 if (!LIST_EMPTY(&pppoe_softc_list)) { 282 rw_exit(&pppoe_softc_list_lock); 283 error = EBUSY; 284 } 285 286 if (error == 0) { 287 if_clone_detach(&pppoe_cloner); 288 softint_disestablish(pppoe_softintr); 289 /* Remove our sysctl sub-tree */ 290 sysctl_teardown(&pppoe_sysctl_clog); 291 } 292 293 return error; 294 } 295 296 static int 297 pppoe_clone_create(struct if_clone *ifc, int unit) 298 { 299 struct pppoe_softc *sc; 300 int rv; 301 302 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 303 304 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 305 sc->sc_sppp.pp_if.if_softc = sc; 306 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 307 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 308 #ifdef PPPOE_MPSAFE 309 sc->sc_sppp.pp_if.if_extflags = IFEF_MPSAFE; 310 #endif 311 sc->sc_sppp.pp_if.if_type = IFT_PPP; 312 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 313 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 314 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 315 PP_NOFRAMING; /* no serial encapsulation */ 316 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 317 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 318 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 319 320 /* changed to real address later */ 321 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 322 323 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 324 325 sc->sc_sppp.pp_if.if_start = pppoe_start; 326 #ifdef PPPOE_MPSAFE 327 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 328 #endif 329 sc->sc_sppp.pp_tls = pppoe_tls; 330 sc->sc_sppp.pp_tlf = pppoe_tlf; 331 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 332 333 rv = if_initialize(&sc->sc_sppp.pp_if); 334 if (rv != 0) { 335 callout_halt(&sc->sc_timeout, NULL); 336 callout_destroy(&sc->sc_timeout); 337 free(sc, M_DEVBUF); 338 return rv; 339 } 340 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 341 sppp_attach(&sc->sc_sppp.pp_if); 342 343 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 344 rw_enter(&pppoe_softc_list_lock, RW_READER); 345 if (LIST_EMPTY(&pppoe_softc_list)) { 346 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 347 } 348 rw_exit(&pppoe_softc_list_lock); 349 350 if_register(&sc->sc_sppp.pp_if); 351 352 rw_init(&sc->sc_lock); 353 354 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 355 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 356 rw_exit(&pppoe_softc_list_lock); 357 return 0; 358 } 359 360 static int 361 pppoe_clone_destroy(struct ifnet *ifp) 362 { 363 struct pppoe_softc * sc = ifp->if_softc; 364 365 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 366 367 PPPOE_LOCK(sc, RW_WRITER); 368 callout_halt(&sc->sc_timeout, NULL); 369 370 LIST_REMOVE(sc, sc_list); 371 372 if (LIST_EMPTY(&pppoe_softc_list)) { 373 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 374 } 375 rw_exit(&pppoe_softc_list_lock); 376 377 bpf_detach(ifp); 378 sppp_detach(&sc->sc_sppp.pp_if); 379 if_detach(ifp); 380 if (sc->sc_concentrator_name) 381 free(sc->sc_concentrator_name, M_DEVBUF); 382 if (sc->sc_service_name) 383 free(sc->sc_service_name, M_DEVBUF); 384 if (sc->sc_ac_cookie) 385 free(sc->sc_ac_cookie, M_DEVBUF); 386 if (sc->sc_relay_sid) 387 free(sc->sc_relay_sid, M_DEVBUF); 388 callout_destroy(&sc->sc_timeout); 389 390 PPPOE_UNLOCK(sc); 391 rw_destroy(&sc->sc_lock); 392 393 free(sc, M_DEVBUF); 394 395 return 0; 396 } 397 398 /* 399 * Find the interface handling the specified session. 400 * Note: O(number of sessions open), this is a client-side only, mean 401 * and lean implementation, so number of open sessions typically should 402 * be 1. 403 */ 404 static struct pppoe_softc * 405 pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 406 { 407 struct pppoe_softc *sc = NULL; 408 409 if (session == 0) 410 return NULL; 411 rw_enter(&pppoe_softc_list_lock, RW_READER); 412 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 413 PPPOE_LOCK(sc, lock); 414 if ( sc->sc_state == PPPOE_STATE_SESSION 415 && sc->sc_session == session 416 && sc->sc_eth_if == rcvif) 417 break; 418 419 PPPOE_UNLOCK(sc); 420 } 421 rw_exit(&pppoe_softc_list_lock); 422 return sc; 423 } 424 425 /* Check host unique token passed and return appropriate softc pointer, 426 * or NULL if token is bogus. */ 427 static struct pppoe_softc * 428 pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 429 struct ifnet *rcvif, krw_t lock) 430 { 431 struct pppoe_softc *sc, *t; 432 433 rw_enter(&pppoe_softc_list_lock, RW_READER); 434 if (LIST_EMPTY(&pppoe_softc_list)) { 435 rw_exit(&pppoe_softc_list_lock); 436 return NULL; 437 } 438 439 if (len != sizeof sc) { 440 rw_exit(&pppoe_softc_list_lock); 441 return NULL; 442 } 443 memcpy(&t, token, len); 444 445 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 446 if (sc == t) { 447 PPPOE_LOCK(sc, lock); 448 break; 449 } 450 } 451 rw_exit(&pppoe_softc_list_lock); 452 453 if (sc == NULL) { 454 #ifdef PPPOE_DEBUG 455 printf("pppoe: alien host unique tag, no session found\n"); 456 #endif 457 return NULL; 458 } 459 460 /* should be safe to access *sc now */ 461 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 462 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 463 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 464 PPPOE_UNLOCK(sc); 465 return NULL; 466 } 467 if (sc->sc_eth_if != rcvif) { 468 printf("%s: wrong interface, not accepting host unique\n", 469 sc->sc_sppp.pp_if.if_xname); 470 PPPOE_UNLOCK(sc); 471 return NULL; 472 } 473 return sc; 474 } 475 476 static void 477 pppoe_softintr_handler(void *dummy) 478 { 479 /* called at splsoftnet() */ 480 pppoeintr(); 481 } 482 483 /* called at appropriate protection level */ 484 static void 485 pppoeintr(void) 486 { 487 struct mbuf *m; 488 int disc_done, data_done; 489 490 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 491 492 do { 493 disc_done = 0; 494 data_done = 0; 495 for (;;) { 496 IFQ_LOCK(&ppoediscinq); 497 IF_DEQUEUE(&ppoediscinq, m); 498 IFQ_UNLOCK(&ppoediscinq); 499 if (m == NULL) break; 500 disc_done = 1; 501 pppoe_disc_input(m); 502 } 503 504 for (;;) { 505 IFQ_LOCK(&ppoeinq); 506 IF_DEQUEUE(&ppoeinq, m); 507 IFQ_UNLOCK(&ppoeinq); 508 if (m == NULL) break; 509 data_done = 1; 510 pppoe_data_input(m); 511 } 512 } while (disc_done || data_done); 513 514 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 515 } 516 517 /* analyze and handle a single received packet while not in session state */ 518 static void 519 pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 520 { 521 uint16_t tag, len; 522 uint16_t session, plen; 523 struct pppoe_softc *sc; 524 const char *err_msg; 525 char devname[IF_NAMESIZE]; 526 char *error; 527 uint8_t *ac_cookie; 528 size_t ac_cookie_len; 529 uint8_t *relay_sid; 530 size_t relay_sid_len; 531 uint8_t *hunique; 532 size_t hunique_len; 533 struct pppoehdr *ph; 534 struct pppoetag *pt; 535 struct mbuf *n; 536 int noff, err, errortag; 537 struct ether_header *eh; 538 struct ifnet *rcvif; 539 struct psref psref; 540 541 /* as long as we don't know which instance */ 542 strlcpy(devname, "pppoe", sizeof(devname)); 543 544 err_msg = NULL; 545 errortag = 0; 546 if (m->m_len < sizeof(*eh)) { 547 m = m_pullup(m, sizeof(*eh)); 548 if (!m) 549 goto done; 550 } 551 eh = mtod(m, struct ether_header *); 552 off += sizeof(*eh); 553 554 ac_cookie = NULL; 555 ac_cookie_len = 0; 556 relay_sid = NULL; 557 relay_sid_len = 0; 558 hunique = NULL; 559 hunique_len = 0; 560 session = 0; 561 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 562 printf("pppoe: packet too short: %d\n", m->m_pkthdr.len); 563 goto done; 564 } 565 566 n = m_pulldown(m, off, sizeof(*ph), &noff); 567 if (!n) { 568 printf("pppoe: could not get PPPoE header\n"); 569 m = NULL; 570 goto done; 571 } 572 ph = (struct pppoehdr *)(mtod(n, char *) + noff); 573 if (ph->vertype != PPPOE_VERTYPE) { 574 printf("pppoe: unknown version/type packet: 0x%x\n", 575 ph->vertype); 576 goto done; 577 } 578 session = ntohs(ph->session); 579 plen = ntohs(ph->plen); 580 off += sizeof(*ph); 581 582 if (plen + off > m->m_pkthdr.len) { 583 printf("pppoe: packet content does not fit: data available = %d, packet size = %u\n", 584 m->m_pkthdr.len - off, plen); 585 goto done; 586 } 587 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 588 tag = 0; 589 len = 0; 590 sc = NULL; 591 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 592 n = m_pulldown(m, off, sizeof(*pt), &noff); 593 if (!n) { 594 printf("%s: parse error\n", devname); 595 m = NULL; 596 goto done; 597 } 598 pt = (struct pppoetag *)(mtod(n, char *) + noff); 599 tag = ntohs(pt->tag); 600 len = ntohs(pt->len); 601 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 602 printf("pppoe: tag 0x%x len 0x%x is too long\n", 603 tag, len); 604 goto done; 605 } 606 switch (tag) { 607 case PPPOE_TAG_EOL: 608 goto breakbreak; 609 case PPPOE_TAG_SNAME: 610 break; /* ignored */ 611 case PPPOE_TAG_ACNAME: 612 if (len > 0) { 613 error = malloc(len + 1, M_TEMP, M_NOWAIT); 614 if (error == NULL) 615 break; 616 617 n = m_pulldown(m, off + sizeof(*pt), len, 618 &noff); 619 if (!n) { 620 m = NULL; 621 free(error, M_TEMP); 622 goto done; 623 } 624 625 strlcpy(error, mtod(n, char*) + noff, len + 1); 626 printf("pppoe: connected to %s\n", error); 627 free(error, M_TEMP); 628 } 629 break; /* ignored */ 630 case PPPOE_TAG_HUNIQUE: 631 if (hunique == NULL) { 632 n = m_pulldown(m, off + sizeof(*pt), len, 633 &noff); 634 if (!n) { 635 m = NULL; 636 err_msg = "TAG HUNIQUE ERROR"; 637 break; 638 } 639 640 hunique = mtod(n, uint8_t *) + noff; 641 hunique_len = len; 642 } 643 break; 644 case PPPOE_TAG_ACCOOKIE: 645 if (ac_cookie == NULL) { 646 n = m_pulldown(m, off + sizeof(*pt), len, 647 &noff); 648 if (!n) { 649 err_msg = "TAG ACCOOKIE ERROR"; 650 m = NULL; 651 break; 652 } 653 ac_cookie = mtod(n, char *) + noff; 654 ac_cookie_len = len; 655 } 656 break; 657 case PPPOE_TAG_RELAYSID: 658 if (relay_sid == NULL) { 659 n = m_pulldown(m, off + sizeof(*pt), len, 660 &noff); 661 if (!n) { 662 err_msg = "TAG RELAYSID ERROR"; 663 m = NULL; 664 break; 665 } 666 relay_sid = mtod(n, char *) + noff; 667 relay_sid_len = len; 668 } 669 break; 670 case PPPOE_TAG_SNAME_ERR: 671 err_msg = "SERVICE NAME ERROR"; 672 errortag = 1; 673 break; 674 case PPPOE_TAG_ACSYS_ERR: 675 err_msg = "AC SYSTEM ERROR"; 676 errortag = 1; 677 break; 678 case PPPOE_TAG_GENERIC_ERR: 679 err_msg = "GENERIC ERROR"; 680 errortag = 1; 681 break; 682 } 683 if (err_msg) { 684 error = NULL; 685 if (errortag && len) { 686 error = malloc(len + 1, M_TEMP, 687 M_NOWAIT|M_ZERO); 688 n = m_pulldown(m, off + sizeof(*pt), len, 689 &noff); 690 if (!n) { 691 m = NULL; 692 } else if (error) { 693 strlcpy(error, mtod(n, char *) + noff, 694 len + 1); 695 } 696 } 697 if (error) { 698 printf("%s: %s: %s\n", devname, 699 err_msg, error); 700 free(error, M_TEMP); 701 } else 702 printf("%s: %s\n", devname, err_msg); 703 if (errortag || m == NULL) 704 goto done; 705 } 706 off += sizeof(*pt) + len; 707 } 708 breakbreak:; 709 switch (ph->code) { 710 case PPPOE_CODE_PADI: 711 #ifdef PPPOE_SERVER 712 /* 713 * got service name, concentrator name, and/or host unique. 714 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 715 */ 716 rw_enter(&pppoe_softc_list_lock, RW_READER); 717 if (LIST_EMPTY(&pppoe_softc_list)) { 718 rw_exit(&pppoe_softc_list_lock); 719 goto done; 720 } 721 722 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 723 PPPOE_LOCK(sc, RW_WRITER); 724 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 725 PPPOE_UNLOCK(sc); 726 continue; 727 } 728 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 729 PPPOE_UNLOCK(sc); 730 continue; 731 } 732 733 if (sc->sc_state == PPPOE_STATE_INITIAL) 734 break; 735 736 PPPOE_UNLOCK(sc); 737 } 738 rw_exit(&pppoe_softc_list_lock); 739 740 if (sc == NULL) { 741 /* printf("pppoe: free passive interface is not found\n");*/ 742 goto done; 743 } 744 745 if (hunique) { 746 if (sc->sc_hunique) 747 free(sc->sc_hunique, M_DEVBUF); 748 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 749 M_DONTWAIT); 750 if (sc->sc_hunique == NULL) { 751 PPPOE_UNLOCK(sc); 752 goto done; 753 } 754 sc->sc_hunique_len = hunique_len; 755 memcpy(sc->sc_hunique, hunique, hunique_len); 756 } 757 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 758 sc->sc_state = PPPOE_STATE_PADO_SENT; 759 pppoe_send_pado(sc); 760 PPPOE_UNLOCK(sc); 761 break; 762 #endif /* PPPOE_SERVER */ 763 case PPPOE_CODE_PADR: 764 #ifdef PPPOE_SERVER 765 /* 766 * get sc from ac_cookie if IFF_PASSIVE 767 */ 768 if (ac_cookie == NULL) { 769 /* be quiet if there is not a single pppoe instance */ 770 printf("pppoe: received PADR but not includes ac_cookie\n"); 771 goto done; 772 } 773 774 rcvif = m_get_rcvif_psref(m, &psref); 775 if (__predict_true(rcvif != NULL)) { 776 sc = pppoe_find_softc_by_hunique(ac_cookie, 777 ac_cookie_len, 778 rcvif, 779 RW_WRITER); 780 } 781 m_put_rcvif_psref(rcvif, &psref); 782 if (sc == NULL) { 783 /* be quiet if there is not a single pppoe instance */ 784 rw_enter(&pppoe_softc_list_lock, RW_READER); 785 if (!LIST_EMPTY(&pppoe_softc_list)) { 786 printf("pppoe: received PADR" 787 " but could not find request for it\n"); 788 } 789 rw_exit(&pppoe_softc_list_lock); 790 goto done; 791 } 792 793 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 794 printf("%s: received unexpected PADR\n", 795 sc->sc_sppp.pp_if.if_xname); 796 PPPOE_UNLOCK(sc); 797 goto done; 798 } 799 800 if (hunique) { 801 if (sc->sc_hunique) 802 free(sc->sc_hunique, M_DEVBUF); 803 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 804 M_DONTWAIT); 805 if (sc->sc_hunique == NULL) { 806 PPPOE_UNLOCK(sc); 807 goto done; 808 } 809 sc->sc_hunique_len = hunique_len; 810 memcpy(sc->sc_hunique, hunique, hunique_len); 811 } 812 pppoe_send_pads(sc); 813 sc->sc_state = PPPOE_STATE_SESSION; 814 PPPOE_UNLOCK(sc); 815 816 sc->sc_sppp.pp_up(&sc->sc_sppp); 817 break; 818 #else 819 /* ignore, we are no access concentrator */ 820 goto done; 821 #endif /* PPPOE_SERVER */ 822 case PPPOE_CODE_PADO: 823 rcvif = m_get_rcvif_psref(m, &psref); 824 if (__predict_false(rcvif == NULL)) 825 goto done; 826 827 if (hunique != NULL) { 828 sc = pppoe_find_softc_by_hunique(hunique, 829 hunique_len, 830 rcvif, 831 RW_WRITER); 832 } 833 834 m_put_rcvif_psref(rcvif, &psref); 835 836 if (sc == NULL) { 837 /* be quiet if there is not a single pppoe instance */ 838 rw_enter(&pppoe_softc_list_lock, RW_READER); 839 if (!LIST_EMPTY(&pppoe_softc_list)) { 840 printf("pppoe: received PADO" 841 " but could not find request for it\n"); 842 } 843 rw_exit(&pppoe_softc_list_lock); 844 goto done; 845 } 846 847 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 848 printf("%s: received unexpected PADO\n", 849 sc->sc_sppp.pp_if.if_xname); 850 PPPOE_UNLOCK(sc); 851 goto done; 852 } 853 854 if (ac_cookie) { 855 if (sc->sc_ac_cookie) 856 free(sc->sc_ac_cookie, M_DEVBUF); 857 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 858 M_DONTWAIT); 859 if (sc->sc_ac_cookie == NULL) { 860 printf("%s: FATAL: could not allocate memory " 861 "for AC cookie\n", 862 sc->sc_sppp.pp_if.if_xname); 863 PPPOE_UNLOCK(sc); 864 goto done; 865 } 866 sc->sc_ac_cookie_len = ac_cookie_len; 867 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 868 } 869 if (relay_sid) { 870 if (sc->sc_relay_sid) 871 free(sc->sc_relay_sid, M_DEVBUF); 872 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 873 M_DONTWAIT); 874 if (sc->sc_relay_sid == NULL) { 875 printf("%s: FATAL: could not allocate memory " 876 "for relay SID\n", 877 sc->sc_sppp.pp_if.if_xname); 878 PPPOE_UNLOCK(sc); 879 goto done; 880 } 881 sc->sc_relay_sid_len = relay_sid_len; 882 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 883 } 884 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 885 callout_stop(&sc->sc_timeout); 886 sc->sc_padr_retried = 0; 887 sc->sc_state = PPPOE_STATE_PADR_SENT; 888 if ((err = pppoe_send_padr(sc)) != 0) { 889 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 890 printf("%s: failed to send PADR, " 891 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 892 err); 893 } 894 callout_reset(&sc->sc_timeout, 895 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 896 pppoe_timeout, sc); 897 898 PPPOE_UNLOCK(sc); 899 break; 900 case PPPOE_CODE_PADS: 901 rcvif = m_get_rcvif_psref(m, &psref); 902 if (__predict_false(rcvif == NULL)) 903 goto done; 904 905 if (hunique != NULL) { 906 sc = pppoe_find_softc_by_hunique(hunique, 907 hunique_len, 908 rcvif, 909 RW_WRITER); 910 } 911 912 m_put_rcvif_psref(rcvif, &psref); 913 914 if (sc == NULL) 915 goto done; 916 917 sc->sc_session = session; 918 callout_stop(&sc->sc_timeout); 919 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 920 printf("%s: session 0x%x connected\n", 921 sc->sc_sppp.pp_if.if_xname, session); 922 sc->sc_state = PPPOE_STATE_SESSION; 923 PPPOE_UNLOCK(sc); 924 925 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 926 break; 927 case PPPOE_CODE_PADT: 928 rcvif = m_get_rcvif_psref(m, &psref); 929 if (__predict_false(rcvif == NULL)) 930 goto done; 931 932 sc = pppoe_find_softc_by_session(session, rcvif, 933 RW_WRITER); 934 935 m_put_rcvif_psref(rcvif, &psref); 936 937 if (sc == NULL) 938 goto done; 939 940 pppoe_clear_softc(sc, "received PADT"); 941 PPPOE_UNLOCK(sc); 942 break; 943 default: 944 rcvif = m_get_rcvif_psref(m, &psref); 945 if (__predict_false(rcvif == NULL)) 946 goto done; 947 948 if (hunique != NULL) { 949 sc = pppoe_find_softc_by_hunique(hunique, 950 hunique_len, 951 rcvif, 952 RW_READER); 953 } 954 955 m_put_rcvif_psref(rcvif, &psref); 956 957 if (sc != NULL) { 958 strlcpy(devname, sc->sc_sppp.pp_if.if_xname, 959 sizeof(devname)); 960 PPPOE_UNLOCK(sc); 961 } else 962 strlcpy(devname, "pppoe", sizeof(devname)); 963 964 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 965 devname, ph->code, session); 966 break; 967 } 968 969 done: 970 if (m) 971 m_freem(m); 972 return; 973 } 974 975 static void 976 pppoe_disc_input(struct mbuf *m) 977 { 978 KASSERT(m->m_flags & M_PKTHDR); 979 980 /* 981 * Avoid error messages if there is not a single PPPoE instance. 982 */ 983 rw_enter(&pppoe_softc_list_lock, RW_READER); 984 if (!LIST_EMPTY(&pppoe_softc_list)) { 985 rw_exit(&pppoe_softc_list_lock); 986 pppoe_dispatch_disc_pkt(m, 0); 987 } else { 988 rw_exit(&pppoe_softc_list_lock); 989 m_freem(m); 990 } 991 } 992 993 static bool 994 pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 995 { 996 997 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 998 return true; 999 1000 return false; 1001 } 1002 1003 static void 1004 pppoe_data_input(struct mbuf *m) 1005 { 1006 uint16_t session, plen; 1007 struct pppoe_softc *sc; 1008 struct pppoehdr *ph; 1009 struct ifnet *rcvif; 1010 struct psref psref; 1011 uint8_t shost[ETHER_ADDR_LEN]; 1012 uint8_t dhost[ETHER_ADDR_LEN]; 1013 bool term_unknown = pppoe_term_unknown; 1014 1015 KASSERT(m->m_flags & M_PKTHDR); 1016 1017 /* 1018 * Avoid error messages if there is not a single PPPoE instance. 1019 */ 1020 rw_enter(&pppoe_softc_list_lock, RW_READER); 1021 if (LIST_EMPTY(&pppoe_softc_list)) { 1022 rw_exit(&pppoe_softc_list_lock); 1023 goto drop; 1024 } 1025 rw_exit(&pppoe_softc_list_lock); 1026 1027 if (term_unknown) { 1028 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1029 ETHER_ADDR_LEN); 1030 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1031 ETHER_ADDR_LEN); 1032 } 1033 m_adj(m, sizeof(struct ether_header)); 1034 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1035 printf("pppoe (data): dropping too short packet: %d bytes\n", 1036 m->m_pkthdr.len); 1037 goto drop; 1038 } 1039 1040 if (m->m_len < sizeof(*ph)) { 1041 m = m_pullup(m, sizeof(*ph)); 1042 if (!m) { 1043 printf("pppoe: could not get PPPoE header\n"); 1044 return; 1045 } 1046 } 1047 ph = mtod(m, struct pppoehdr *); 1048 1049 if (ph->vertype != PPPOE_VERTYPE) { 1050 printf("pppoe (data): unknown version/type packet: 0x%x\n", 1051 ph->vertype); 1052 goto drop; 1053 } 1054 if (ph->code != 0) 1055 goto drop; 1056 1057 session = ntohs(ph->session); 1058 rcvif = m_get_rcvif_psref(m, &psref); 1059 if (__predict_false(rcvif == NULL)) 1060 goto drop; 1061 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1062 if (sc == NULL) { 1063 if (term_unknown) { 1064 static struct timeval lasttime = {0, 0}; 1065 static int curpps = 0; 1066 /* 1067 * avoid to send wrong PADT which is response from 1068 * session stage pakcets for other hosts when parent 1069 * ethernet is promiscuous mode. 1070 */ 1071 if (pppoe_is_my_frame(dhost, rcvif) 1072 && ppsratecheck(&lasttime, &curpps, 1073 pppoe_term_unknown_pps)) { 1074 printf("pppoe: input for unknown session %#x, " 1075 "sending PADT\n", session); 1076 pppoe_send_padt(rcvif, session, shost); 1077 } 1078 } 1079 m_put_rcvif_psref(rcvif, &psref); 1080 goto drop; 1081 } 1082 1083 m_put_rcvif_psref(rcvif, &psref); 1084 1085 plen = ntohs(ph->plen); 1086 1087 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1088 1089 m_adj(m, PPPOE_HEADERLEN); 1090 1091 #ifdef PPPOE_DEBUG 1092 { 1093 struct mbuf *p; 1094 1095 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1096 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1097 p = m; 1098 while (p) { 1099 printf(" l=%d", p->m_len); 1100 p = p->m_next; 1101 } 1102 printf("\n"); 1103 } 1104 #endif 1105 PPPOE_UNLOCK(sc); 1106 1107 if (m->m_pkthdr.len < plen) 1108 goto drop; 1109 1110 /* 1111 * Fix incoming interface pointer (not the raw ethernet interface 1112 * anymore) 1113 */ 1114 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1115 1116 /* pass packet up and account for it */ 1117 sc->sc_sppp.pp_if.if_ipackets++; 1118 sppp_input(&sc->sc_sppp.pp_if, m); 1119 return; 1120 1121 drop: 1122 m_freem(m); 1123 } 1124 1125 static int 1126 pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1127 { 1128 struct sockaddr dst; 1129 struct ether_header *eh; 1130 uint16_t etype; 1131 1132 if (sc->sc_eth_if == NULL) { 1133 m_freem(m); 1134 return EIO; 1135 } 1136 1137 memset(&dst, 0, sizeof dst); 1138 dst.sa_family = AF_UNSPEC; 1139 eh = (struct ether_header*)&dst.sa_data; 1140 etype = sc->sc_state == PPPOE_STATE_SESSION 1141 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1142 eh->ether_type = htons(etype); 1143 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1144 1145 #ifdef PPPOE_DEBUG 1146 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 1147 sc->sc_sppp.pp_if.if_xname, etype, 1148 sc->sc_state, sc->sc_session, 1149 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1150 #endif 1151 1152 m->m_flags &= ~(M_BCAST|M_MCAST); 1153 sc->sc_sppp.pp_if.if_opackets++; 1154 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1155 } 1156 1157 static int 1158 pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1159 { 1160 struct lwp *l = curlwp; /* XXX */ 1161 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1162 struct ifreq *ifr = data; 1163 int error = 0; 1164 1165 switch (cmd) { 1166 case PPPOESETPARMS: 1167 { 1168 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1169 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1170 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1171 NULL) != 0) 1172 return EPERM; 1173 if (parms->eth_ifname[0] != 0) { 1174 struct ifnet *eth_if; 1175 1176 PPPOE_LOCK(sc, RW_WRITER); 1177 eth_if = ifunit(parms->eth_ifname); 1178 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1179 sc->sc_eth_if = NULL; 1180 PPPOE_UNLOCK(sc); 1181 return ENXIO; 1182 } 1183 1184 if (sc->sc_sppp.pp_if.if_mtu != 1185 eth_if->if_mtu - PPPOE_OVERHEAD) { 1186 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1187 PPPOE_OVERHEAD; 1188 } 1189 sc->sc_eth_if = eth_if; 1190 PPPOE_UNLOCK(sc); 1191 } 1192 if (parms->ac_name != NULL) { 1193 size_t s; 1194 char *b = malloc(parms->ac_name_len + 1, M_DEVBUF, 1195 M_WAITOK); 1196 if (b == NULL) 1197 return ENOMEM; 1198 error = copyinstr(parms->ac_name, b, 1199 parms->ac_name_len+1, &s); 1200 if (error != 0) { 1201 free(b, M_DEVBUF); 1202 return error; 1203 } 1204 if (s != parms->ac_name_len+1) { 1205 free(b, M_DEVBUF); 1206 return EINVAL; 1207 } 1208 1209 PPPOE_LOCK(sc, RW_WRITER); 1210 if (sc->sc_concentrator_name) 1211 free(sc->sc_concentrator_name, M_DEVBUF); 1212 sc->sc_concentrator_name = b; 1213 PPPOE_UNLOCK(sc); 1214 } 1215 if (parms->service_name != NULL) { 1216 size_t s; 1217 char *b = malloc(parms->service_name_len + 1, M_DEVBUF, 1218 M_WAITOK); 1219 if (b == NULL) 1220 return ENOMEM; 1221 error = copyinstr(parms->service_name, b, 1222 parms->service_name_len+1, &s); 1223 if (error != 0) { 1224 free(b, M_DEVBUF); 1225 return error; 1226 } 1227 if (s != parms->service_name_len+1) { 1228 free(b, M_DEVBUF); 1229 return EINVAL; 1230 } 1231 1232 PPPOE_LOCK(sc, RW_WRITER); 1233 if (sc->sc_service_name) 1234 free(sc->sc_service_name, M_DEVBUF); 1235 sc->sc_service_name = b; 1236 PPPOE_UNLOCK(sc); 1237 } 1238 return 0; 1239 } 1240 break; 1241 case PPPOEGETPARMS: 1242 { 1243 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1244 memset(parms, 0, sizeof *parms); 1245 PPPOE_LOCK(sc, RW_READER); 1246 if (sc->sc_eth_if) 1247 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1248 sizeof(parms->ifname)); 1249 PPPOE_UNLOCK(sc); 1250 return 0; 1251 } 1252 break; 1253 case PPPOEGETSESSION: 1254 { 1255 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1256 PPPOE_LOCK(sc, RW_READER); 1257 state->state = sc->sc_state; 1258 state->session_id = sc->sc_session; 1259 state->padi_retry_no = sc->sc_padi_retried; 1260 state->padr_retry_no = sc->sc_padr_retried; 1261 PPPOE_UNLOCK(sc); 1262 return 0; 1263 } 1264 break; 1265 case SIOCSIFFLAGS: 1266 /* 1267 * Prevent running re-establishment timers overriding 1268 * administrators choice. 1269 */ 1270 PPPOE_LOCK(sc, RW_WRITER); 1271 1272 if ((ifr->ifr_flags & IFF_UP) == 0 1273 && sc->sc_state >= PPPOE_STATE_PADI_SENT 1274 && sc->sc_state < PPPOE_STATE_SESSION) { 1275 callout_stop(&sc->sc_timeout); 1276 sc->sc_state = PPPOE_STATE_INITIAL; 1277 sc->sc_padi_retried = 0; 1278 sc->sc_padr_retried = 0; 1279 memcpy(&sc->sc_dest, etherbroadcastaddr, 1280 sizeof(sc->sc_dest)); 1281 } 1282 1283 PPPOE_UNLOCK(sc); 1284 1285 error = sppp_ioctl(ifp, cmd, data); 1286 1287 return error; 1288 case SIOCSIFMTU: 1289 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1290 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1291 return EINVAL; 1292 } 1293 /*FALLTHROUGH*/ 1294 default: 1295 return sppp_ioctl(ifp, cmd, data); 1296 } 1297 return 0; 1298 } 1299 1300 /* 1301 * Allocate a mbuf/cluster with space to store the given data length 1302 * of payload, leaving space for prepending an ethernet header 1303 * in front. 1304 */ 1305 static struct mbuf * 1306 pppoe_get_mbuf(size_t len) 1307 { 1308 struct mbuf *m; 1309 1310 MGETHDR(m, M_DONTWAIT, MT_DATA); 1311 if (m == NULL) 1312 return NULL; 1313 if (len + sizeof(struct ether_header) > MHLEN) { 1314 MCLGET(m, M_DONTWAIT); 1315 if ((m->m_flags & M_EXT) == 0) { 1316 m_free(m); 1317 return NULL; 1318 } 1319 } 1320 m->m_data += sizeof(struct ether_header); 1321 m->m_len = len; 1322 m->m_pkthdr.len = len; 1323 m_reset_rcvif(m); 1324 1325 return m; 1326 } 1327 1328 static int 1329 pppoe_send_padi(struct pppoe_softc *sc) 1330 { 1331 struct mbuf *m0; 1332 int len, l1 = 0, l2 = 0; /* XXX: gcc */ 1333 uint8_t *p; 1334 1335 if (sc->sc_state >PPPOE_STATE_PADI_SENT) 1336 panic("pppoe_send_padi in state %d", sc->sc_state); 1337 1338 /* calculate length of frame (excluding ethernet header + pppoe header) */ 1339 len = 2 + 2 + 2 + 2 + sizeof sc; /* service name tag is required, host unique is send too */ 1340 if (sc->sc_service_name != NULL) { 1341 l1 = strlen(sc->sc_service_name); 1342 len += l1; 1343 } 1344 if (sc->sc_concentrator_name != NULL) { 1345 l2 = strlen(sc->sc_concentrator_name); 1346 len += 2 + 2 + l2; 1347 } 1348 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1349 len += 2 + 2 + 2; 1350 } 1351 1352 /* allocate a buffer */ 1353 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); /* header len + payload len */ 1354 if (!m0) 1355 return ENOBUFS; 1356 1357 /* fill in pkt */ 1358 p = mtod(m0, uint8_t *); 1359 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1360 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1361 if (sc->sc_service_name != NULL) { 1362 PPPOE_ADD_16(p, l1); 1363 memcpy(p, sc->sc_service_name, l1); 1364 p += l1; 1365 } else { 1366 PPPOE_ADD_16(p, 0); 1367 } 1368 if (sc->sc_concentrator_name != NULL) { 1369 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1370 PPPOE_ADD_16(p, l2); 1371 memcpy(p, sc->sc_concentrator_name, l2); 1372 p += l2; 1373 } 1374 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1375 PPPOE_ADD_16(p, sizeof(sc)); 1376 memcpy(p, &sc, sizeof sc); 1377 p += sizeof(sc); 1378 1379 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1380 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1381 PPPOE_ADD_16(p, 2); 1382 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1383 } 1384 1385 #ifdef PPPOE_DEBUG 1386 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1387 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1388 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1389 #endif 1390 1391 /* send pkt */ 1392 return pppoe_output(sc, m0); 1393 } 1394 1395 static void 1396 pppoe_timeout(void *arg) 1397 { 1398 int retry_wait, err; 1399 struct pppoe_softc *sc = (struct pppoe_softc*)arg; 1400 DECLARE_SPLNET_VARIABLE; 1401 1402 #ifdef PPPOE_DEBUG 1403 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1404 #endif 1405 1406 PPPOE_LOCK(sc, RW_WRITER); 1407 switch (sc->sc_state) { 1408 case PPPOE_STATE_INITIAL: 1409 /* delayed connect from pppoe_tls() */ 1410 pppoe_connect(sc); 1411 break; 1412 case PPPOE_STATE_PADI_SENT: 1413 /* 1414 * We have two basic ways of retrying: 1415 * - Quick retry mode: try a few times in short sequence 1416 * - Slow retry mode: we already had a connection successfully 1417 * established and will try infinitely (without user 1418 * intervention) 1419 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1420 * is not set. 1421 */ 1422 1423 /* initialize for quick retry mode */ 1424 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1425 1426 ACQUIRE_SPLNET(); 1427 sc->sc_padi_retried++; 1428 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1429 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1430 /* slow retry mode */ 1431 retry_wait = PPPOE_SLOW_RETRY; 1432 } else { 1433 pppoe_abort_connect(sc); 1434 RELEASE_SPLNET(); 1435 PPPOE_UNLOCK(sc); 1436 return; 1437 } 1438 } 1439 if ((err = pppoe_send_padi(sc)) != 0) { 1440 sc->sc_padi_retried--; 1441 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1442 printf("%s: failed to transmit PADI, " 1443 "error=%d\n", 1444 sc->sc_sppp.pp_if.if_xname, err); 1445 } 1446 callout_reset(&sc->sc_timeout, retry_wait, 1447 pppoe_timeout, sc); 1448 RELEASE_SPLNET(); 1449 break; 1450 1451 case PPPOE_STATE_PADR_SENT: 1452 ACQUIRE_SPLNET(); 1453 sc->sc_padr_retried++; 1454 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1455 memcpy(&sc->sc_dest, etherbroadcastaddr, 1456 sizeof(sc->sc_dest)); 1457 sc->sc_state = PPPOE_STATE_PADI_SENT; 1458 sc->sc_padr_retried = 0; 1459 if ((err = pppoe_send_padi(sc)) != 0) { 1460 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1461 printf("%s: failed to send PADI" 1462 ", error=%d\n", 1463 sc->sc_sppp.pp_if.if_xname, err); 1464 } 1465 callout_reset(&sc->sc_timeout, 1466 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried), 1467 pppoe_timeout, sc); 1468 RELEASE_SPLNET(); 1469 PPPOE_UNLOCK(sc); 1470 return; 1471 } 1472 if ((err = pppoe_send_padr(sc)) != 0) { 1473 sc->sc_padr_retried--; 1474 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1475 printf("%s: failed to send PADR, " 1476 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1477 err); 1478 } 1479 callout_reset(&sc->sc_timeout, 1480 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 1481 pppoe_timeout, sc); 1482 RELEASE_SPLNET(); 1483 break; 1484 case PPPOE_STATE_CLOSING: 1485 pppoe_disconnect(sc); 1486 break; 1487 default: 1488 PPPOE_UNLOCK(sc); 1489 return; /* all done, work in peace */ 1490 } 1491 PPPOE_UNLOCK(sc); 1492 } 1493 1494 /* Start a connection (i.e. initiate discovery phase) */ 1495 static int 1496 pppoe_connect(struct pppoe_softc *sc) 1497 { 1498 int err; 1499 DECLARE_SPLNET_VARIABLE; 1500 1501 KASSERT(PPPOE_WLOCKED(sc)); 1502 1503 if (sc->sc_state != PPPOE_STATE_INITIAL) 1504 return EBUSY; 1505 1506 #ifdef PPPOE_SERVER 1507 /* wait PADI if IFF_PASSIVE */ 1508 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1509 return 0; 1510 #endif 1511 ACQUIRE_SPLNET(); 1512 /* save state, in case we fail to send PADI */ 1513 sc->sc_state = PPPOE_STATE_PADI_SENT; 1514 sc->sc_padr_retried = 0; 1515 err = pppoe_send_padi(sc); 1516 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1517 printf("%s: failed to send PADI, error=%d\n", 1518 sc->sc_sppp.pp_if.if_xname, err); 1519 callout_reset(&sc->sc_timeout, PPPOE_DISC_TIMEOUT, pppoe_timeout, sc); 1520 RELEASE_SPLNET(); 1521 return err; 1522 } 1523 1524 /* disconnect */ 1525 static int 1526 pppoe_disconnect(struct pppoe_softc *sc) 1527 { 1528 int err; 1529 DECLARE_SPLNET_VARIABLE; 1530 1531 KASSERT(PPPOE_WLOCKED(sc)); 1532 1533 ACQUIRE_SPLNET(); 1534 1535 if (sc->sc_state < PPPOE_STATE_SESSION) 1536 err = EBUSY; 1537 else { 1538 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1539 printf("%s: disconnecting\n", 1540 sc->sc_sppp.pp_if.if_xname); 1541 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1542 (const uint8_t *)&sc->sc_dest); 1543 } 1544 1545 /* cleanup softc */ 1546 sc->sc_state = PPPOE_STATE_INITIAL; 1547 1548 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1549 if (sc->sc_ac_cookie) { 1550 free(sc->sc_ac_cookie, M_DEVBUF); 1551 sc->sc_ac_cookie = NULL; 1552 } 1553 sc->sc_ac_cookie_len = 0; 1554 if (sc->sc_relay_sid) { 1555 free(sc->sc_relay_sid, M_DEVBUF); 1556 sc->sc_relay_sid = NULL; 1557 } 1558 sc->sc_relay_sid_len = 0; 1559 #ifdef PPPOE_SERVER 1560 if (sc->sc_hunique) { 1561 free(sc->sc_hunique, M_DEVBUF); 1562 sc->sc_hunique = NULL; 1563 } 1564 sc->sc_hunique_len = 0; 1565 #endif 1566 sc->sc_session = 0; 1567 1568 PPPOE_UNLOCK(sc); 1569 1570 /* notify upper layer */ 1571 sc->sc_sppp.pp_down(&sc->sc_sppp); 1572 1573 PPPOE_LOCK(sc, RW_WRITER); 1574 1575 RELEASE_SPLNET(); 1576 return err; 1577 } 1578 1579 /* Connection attempt aborted */ 1580 static void 1581 pppoe_abort_connect(struct pppoe_softc *sc) 1582 { 1583 KASSERT(PPPOE_WLOCKED(sc)); 1584 1585 printf("%s: could not establish connection\n", 1586 sc->sc_sppp.pp_if.if_xname); 1587 sc->sc_state = PPPOE_STATE_CLOSING; 1588 1589 PPPOE_UNLOCK(sc); 1590 1591 /* notify upper layer */ 1592 sc->sc_sppp.pp_down(&sc->sc_sppp); 1593 1594 PPPOE_LOCK(sc, RW_WRITER); 1595 1596 /* clear connection state */ 1597 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1598 sc->sc_state = PPPOE_STATE_INITIAL; 1599 } 1600 1601 /* Send a PADR packet */ 1602 static int 1603 pppoe_send_padr(struct pppoe_softc *sc) 1604 { 1605 struct mbuf *m0; 1606 uint8_t *p; 1607 size_t len, l1 = 0; /* XXX: gcc */ 1608 1609 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1610 return EIO; 1611 1612 len = 2 + 2 + 2 + 2 + sizeof(sc); /* service name, host unique */ 1613 if (sc->sc_service_name != NULL) { /* service name tag maybe empty */ 1614 l1 = strlen(sc->sc_service_name); 1615 len += l1; 1616 } 1617 if (sc->sc_ac_cookie_len > 0) 1618 len += 2 + 2 + sc->sc_ac_cookie_len; /* AC cookie */ 1619 if (sc->sc_relay_sid_len > 0) 1620 len += 2 + 2 + sc->sc_relay_sid_len; /* Relay SID */ 1621 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1622 len += 2 + 2 + 2; 1623 } 1624 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1625 if (!m0) 1626 return ENOBUFS; 1627 p = mtod(m0, uint8_t *); 1628 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1629 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1630 if (sc->sc_service_name != NULL) { 1631 PPPOE_ADD_16(p, l1); 1632 memcpy(p, sc->sc_service_name, l1); 1633 p += l1; 1634 } else { 1635 PPPOE_ADD_16(p, 0); 1636 } 1637 if (sc->sc_ac_cookie_len > 0) { 1638 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1639 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1640 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1641 p += sc->sc_ac_cookie_len; 1642 } 1643 if (sc->sc_relay_sid_len > 0) { 1644 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1645 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1646 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1647 p += sc->sc_relay_sid_len; 1648 } 1649 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1650 PPPOE_ADD_16(p, sizeof(sc)); 1651 memcpy(p, &sc, sizeof sc); 1652 p += sizeof(sc); 1653 1654 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1655 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1656 PPPOE_ADD_16(p, 2); 1657 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1658 } 1659 1660 #ifdef PPPOE_DEBUG 1661 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1662 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1663 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1664 #endif 1665 1666 return pppoe_output(sc, m0); 1667 } 1668 1669 /* send a PADT packet */ 1670 static int 1671 pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1672 { 1673 struct ether_header *eh; 1674 struct sockaddr dst; 1675 struct mbuf *m0; 1676 uint8_t *p; 1677 1678 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1679 if (!m0) 1680 return EIO; 1681 p = mtod(m0, uint8_t *); 1682 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1683 1684 memset(&dst, 0, sizeof dst); 1685 dst.sa_family = AF_UNSPEC; 1686 eh = (struct ether_header*)&dst.sa_data; 1687 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1688 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1689 1690 m0->m_flags &= ~(M_BCAST|M_MCAST); 1691 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1692 } 1693 1694 #ifdef PPPOE_SERVER 1695 static int 1696 pppoe_send_pado(struct pppoe_softc *sc) 1697 { 1698 struct mbuf *m0; 1699 uint8_t *p; 1700 size_t len; 1701 1702 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1703 return EIO; 1704 1705 /* calc length */ 1706 len = 0; 1707 /* include ac_cookie */ 1708 len += 2 + 2 + sizeof(sc); 1709 /* include hunique */ 1710 len += 2 + 2 + sc->sc_hunique_len; 1711 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1712 if (!m0) 1713 return EIO; 1714 p = mtod(m0, uint8_t *); 1715 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1716 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1717 PPPOE_ADD_16(p, sizeof(sc)); 1718 memcpy(p, &sc, sizeof(sc)); 1719 p += sizeof(sc); 1720 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1721 PPPOE_ADD_16(p, sc->sc_hunique_len); 1722 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1723 return pppoe_output(sc, m0); 1724 } 1725 1726 static int 1727 pppoe_send_pads(struct pppoe_softc *sc) 1728 { 1729 struct bintime bt; 1730 struct mbuf *m0; 1731 uint8_t *p; 1732 size_t len, l1 = 0; /* XXX: gcc */ 1733 1734 KASSERT(PPPOE_WLOCKED(sc)); 1735 1736 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1737 return EIO; 1738 1739 getbinuptime(&bt); 1740 sc->sc_session = bt.sec % 0xff + 1; 1741 /* calc length */ 1742 len = 0; 1743 /* include hunique */ 1744 len += 2 + 2 + 2 + 2 + sc->sc_hunique_len; /* service name, host unique*/ 1745 if (sc->sc_service_name != NULL) { /* service name tag maybe empty */ 1746 l1 = strlen(sc->sc_service_name); 1747 len += l1; 1748 } 1749 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1750 if (!m0) 1751 return ENOBUFS; 1752 p = mtod(m0, uint8_t *); 1753 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1754 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1755 if (sc->sc_service_name != NULL) { 1756 PPPOE_ADD_16(p, l1); 1757 memcpy(p, sc->sc_service_name, l1); 1758 p += l1; 1759 } else { 1760 PPPOE_ADD_16(p, 0); 1761 } 1762 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1763 PPPOE_ADD_16(p, sc->sc_hunique_len); 1764 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1765 return pppoe_output(sc, m0); 1766 } 1767 #endif 1768 1769 static void 1770 pppoe_tls(struct sppp *sp) 1771 { 1772 struct pppoe_softc *sc = (void *)sp; 1773 int wtime; 1774 1775 PPPOE_LOCK(sc, RW_READER); 1776 1777 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1778 PPPOE_UNLOCK(sc); 1779 return; 1780 } 1781 1782 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1783 sc->sc_sppp.pp_auth_failures > 0) { 1784 /* 1785 * Delay trying to reconnect a bit more - the peer 1786 * might have failed to contact its radius server. 1787 */ 1788 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1789 if (wtime > PPPOE_SLOW_RETRY) 1790 wtime = PPPOE_SLOW_RETRY; 1791 } else { 1792 wtime = PPPOE_RECON_IMMEDIATE; 1793 } 1794 callout_reset(&sc->sc_timeout, wtime, pppoe_timeout, sc); 1795 1796 PPPOE_UNLOCK(sc); 1797 } 1798 1799 static void 1800 pppoe_tlf(struct sppp *sp) 1801 { 1802 struct pppoe_softc *sc = (void *)sp; 1803 1804 PPPOE_LOCK(sc, RW_WRITER); 1805 1806 if (sc->sc_state < PPPOE_STATE_SESSION) { 1807 PPPOE_UNLOCK(sc); 1808 return; 1809 } 1810 /* 1811 * Do not call pppoe_disconnect here, the upper layer state 1812 * machine gets confused by this. We must return from this 1813 * function and defer disconnecting to the timeout handler. 1814 */ 1815 sc->sc_state = PPPOE_STATE_CLOSING; 1816 1817 callout_reset(&sc->sc_timeout, hz/50, pppoe_timeout, sc); 1818 1819 PPPOE_UNLOCK(sc); 1820 } 1821 1822 static void 1823 pppoe_start(struct ifnet *ifp) 1824 { 1825 struct pppoe_softc *sc = (void *)ifp; 1826 struct mbuf *m; 1827 uint8_t *p; 1828 size_t len; 1829 1830 if (sppp_isempty(ifp)) 1831 return; 1832 1833 /* are we ready to process data yet? */ 1834 PPPOE_LOCK(sc, RW_READER); 1835 if (sc->sc_state < PPPOE_STATE_SESSION) { 1836 sppp_flush(&sc->sc_sppp.pp_if); 1837 PPPOE_UNLOCK(sc); 1838 return; 1839 } 1840 1841 while ((m = sppp_dequeue(ifp)) != NULL) { 1842 len = m->m_pkthdr.len; 1843 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1844 if (m == NULL) { 1845 ifp->if_oerrors++; 1846 continue; 1847 } 1848 p = mtod(m, uint8_t *); 1849 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1850 1851 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1852 1853 pppoe_output(sc, m); 1854 } 1855 PPPOE_UNLOCK(sc); 1856 } 1857 1858 #ifdef PPPOE_MPSAFE 1859 static int 1860 pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1861 { 1862 struct pppoe_softc *sc = (void *)ifp; 1863 uint8_t *p; 1864 size_t len; 1865 1866 if (m == NULL) 1867 return EINVAL; 1868 1869 /* are we ready to process data yet? */ 1870 PPPOE_LOCK(sc, RW_READER); 1871 if (sc->sc_state < PPPOE_STATE_SESSION) { 1872 PPPOE_UNLOCK(sc); 1873 m_freem(m); 1874 return ENOBUFS; 1875 } 1876 1877 len = m->m_pkthdr.len; 1878 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1879 if (m == NULL) { 1880 PPPOE_UNLOCK(sc); 1881 ifp->if_oerrors++; 1882 return ENETDOWN; 1883 } 1884 p = mtod(m, uint8_t *); 1885 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1886 1887 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1888 1889 pppoe_output(sc, m); 1890 PPPOE_UNLOCK(sc); 1891 return 0; 1892 } 1893 #endif /* PPPOE_MPSAFE */ 1894 1895 static void 1896 pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 1897 { 1898 struct ifnet *ifp = arg2; 1899 struct pppoe_softc *sc; 1900 DECLARE_SPLNET_VARIABLE; 1901 1902 if (cmd != PFIL_IFNET_DETACH) 1903 return; 1904 1905 ACQUIRE_SPLNET(); 1906 rw_enter(&pppoe_softc_list_lock, RW_READER); 1907 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 1908 PPPOE_LOCK(sc, RW_WRITER); 1909 if (sc->sc_eth_if != ifp) { 1910 PPPOE_UNLOCK(sc); 1911 continue; 1912 } 1913 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 1914 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 1915 printf("%s: ethernet interface detached, going down\n", 1916 sc->sc_sppp.pp_if.if_xname); 1917 } 1918 sc->sc_eth_if = NULL; 1919 pppoe_clear_softc(sc, "ethernet interface detached"); 1920 PPPOE_UNLOCK(sc); 1921 } 1922 rw_exit(&pppoe_softc_list_lock); 1923 RELEASE_SPLNET(); 1924 } 1925 1926 static void 1927 pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 1928 { 1929 KASSERT(PPPOE_WLOCKED(sc)); 1930 1931 /* stop timer */ 1932 callout_stop(&sc->sc_timeout); 1933 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1934 printf("%s: session 0x%x terminated, %s\n", 1935 sc->sc_sppp.pp_if.if_xname, sc->sc_session, message); 1936 1937 /* fix our state */ 1938 sc->sc_state = PPPOE_STATE_INITIAL; 1939 1940 PPPOE_UNLOCK(sc); 1941 1942 /* signal upper layer */ 1943 sc->sc_sppp.pp_down(&sc->sc_sppp); 1944 1945 PPPOE_LOCK(sc, RW_WRITER); 1946 1947 /* clean up softc */ 1948 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1949 if (sc->sc_ac_cookie) { 1950 free(sc->sc_ac_cookie, M_DEVBUF); 1951 sc->sc_ac_cookie = NULL; 1952 } 1953 if (sc->sc_relay_sid) { 1954 free(sc->sc_relay_sid, M_DEVBUF); 1955 sc->sc_relay_sid = NULL; 1956 } 1957 sc->sc_ac_cookie_len = 0; 1958 sc->sc_session = 0; 1959 } 1960 1961 static void 1962 pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 1963 { 1964 if (m->m_flags & M_PROMISC) { 1965 m_freem(m); 1966 return; 1967 } 1968 1969 #ifndef PPPOE_SERVER 1970 if (m->m_flags & (M_MCAST | M_BCAST)) { 1971 m_freem(m); 1972 return; 1973 } 1974 #endif 1975 1976 IFQ_LOCK(inq); 1977 if (IF_QFULL(inq)) { 1978 IF_DROP(inq); 1979 IFQ_UNLOCK(inq); 1980 m_freem(m); 1981 } else { 1982 IF_ENQUEUE(inq, m); 1983 IFQ_UNLOCK(inq); 1984 softint_schedule(pppoe_softintr); 1985 } 1986 return; 1987 } 1988 1989 void 1990 pppoe_input(struct ifnet *ifp, struct mbuf *m) 1991 { 1992 pppoe_enqueue(&ppoeinq, m); 1993 return; 1994 } 1995 1996 void 1997 pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 1998 { 1999 pppoe_enqueue(&ppoediscinq, m); 2000 return; 2001 } 2002 2003 static void 2004 sysctl_net_pppoe_setup(struct sysctllog **clog) 2005 { 2006 const struct sysctlnode *node = NULL; 2007 2008 sysctl_createv(clog, 0, NULL, &node, 2009 CTLFLAG_PERMANENT, 2010 CTLTYPE_NODE, "pppoe", 2011 SYSCTL_DESCR("PPPOE protocol"), 2012 NULL, 0, NULL, 0, 2013 CTL_NET, CTL_CREATE, CTL_EOL); 2014 2015 if (node == NULL) 2016 return; 2017 2018 sysctl_createv(clog, 0, &node, NULL, 2019 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2020 CTLTYPE_BOOL, "term_unknown", 2021 SYSCTL_DESCR("Terminate unknown sessions"), 2022 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2023 CTL_CREATE, CTL_EOL); 2024 } 2025 2026 /* 2027 * Module infrastructure 2028 */ 2029 #include "if_module.h" 2030 2031 IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2032