1 /* $NetBSD: if_pppoe.c,v 1.123 2016/12/27 01:31:06 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.123 2016/12/27 01:31:06 christos Exp $"); 34 35 #ifdef _KERNEL_OPT 36 #include "pppoe.h" 37 #include "opt_pppoe.h" 38 #include "opt_net_mpsafe.h" 39 #endif 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/callout.h> 45 #include <sys/malloc.h> 46 #include <sys/mbuf.h> 47 #include <sys/socket.h> 48 #include <sys/proc.h> 49 #include <sys/ioctl.h> 50 #include <sys/kauth.h> 51 #include <sys/intr.h> 52 #include <sys/socketvar.h> 53 #include <sys/device.h> 54 #include <sys/module.h> 55 #include <sys/sysctl.h> 56 #include <sys/rwlock.h> 57 #include <sys/mutex.h> 58 59 #include <net/if.h> 60 #include <net/if_types.h> 61 #include <net/if_ether.h> 62 #include <net/if_sppp.h> 63 #include <net/if_spppvar.h> 64 #include <net/if_pppoe.h> 65 66 #include <net/bpf.h> 67 68 #include "ioconf.h" 69 70 #ifdef NET_MPSAFE 71 #define PPPOE_MPSAFE 1 72 #endif 73 74 struct pppoehdr { 75 uint8_t vertype; 76 uint8_t code; 77 uint16_t session; 78 uint16_t plen; 79 } __packed; 80 81 struct pppoetag { 82 uint16_t tag; 83 uint16_t len; 84 } __packed; 85 86 #define PPPOE_HEADERLEN sizeof(struct pppoehdr) 87 #define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 88 #define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 89 90 #define PPPOE_TAG_EOL 0x0000 /* end of list */ 91 #define PPPOE_TAG_SNAME 0x0101 /* service name */ 92 #define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 93 #define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 94 #define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 95 #define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 96 #define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 97 #define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 98 #define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 99 #define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 100 #define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 101 102 #define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 103 #define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 104 #define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 105 #define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 106 #define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 107 108 /* two byte PPP protocol discriminator, then IP data */ 109 #define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 110 111 /* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 112 #define PPPOE_ADD_16(PTR, VAL) \ 113 *(PTR)++ = (VAL) / 256; \ 114 *(PTR)++ = (VAL) % 256 115 116 /* Add a complete PPPoE header to the buffer pointed to by PTR */ 117 #define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 118 *(PTR)++ = PPPOE_VERTYPE; \ 119 *(PTR)++ = (CODE); \ 120 PPPOE_ADD_16(PTR, SESS); \ 121 PPPOE_ADD_16(PTR, LEN) 122 123 #define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 124 #define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 125 #define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 126 #define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 127 #define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 128 #define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 129 130 #ifdef PPPOE_SERVER 131 /* from if_spppsubr.c */ 132 #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 133 #endif 134 135 #define PPPOE_SESSION_LOCK(_sc, _op) rw_enter(&(_sc)->sc_session_lock, (_op)) 136 #define PPPOE_SESSION_UNLOCK(_sc) rw_exit(&(_sc)->sc_session_lock) 137 #define PPPOE_SESSION_LOCKED(_sc) rw_lock_held(&(_sc)->sc_session_lock) 138 #define PPPOE_SESSION_WLOCKED(_sc) rw_write_held(&(_sc)->sc_session_lock) 139 #define PPPOE_SESSION_RLOCKED(_sc) rw_read_held(&(_sc)->sc_session_lock) 140 141 #define PPPOE_PARAM_LOCK(_sc) if ((_sc)->sc_lock) \ 142 mutex_enter((_sc)->sc_lock) 143 #define PPPOE_PARAM_UNLOCK(_sc) if ((_sc)->sc_lock) \ 144 mutex_exit((_sc)->sc_lock) 145 #define PPPOE_PARAM_LOCKED(_sc) (!(_sc)->sc_lock || \ 146 mutex_owned((_sc)->sc_lock)) 147 #ifdef PPPOE_MPSAFE 148 #define DECLARE_SPLNET_VARIABLE 149 #define ACQUIRE_SPLNET() do { } while (0) 150 #define RELEASE_SPLNET() do { } while (0) 151 #else 152 #define DECLARE_SPLNET_VARIABLE int __s 153 #define ACQUIRE_SPLNET() do { \ 154 __s = splnet(); \ 155 } while (0) 156 #define RELEASE_SPLNET() do { \ 157 splx(__s); \ 158 } while (0) 159 #endif 160 161 struct pppoe_softc { 162 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 163 LIST_ENTRY(pppoe_softc) sc_list; 164 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 165 166 int sc_state; /* discovery phase or session connected */ 167 bool sc_state_updating; /* state update in other components */ 168 struct ether_addr sc_dest; /* hardware address of concentrator */ 169 uint16_t sc_session; /* PPPoE session id */ 170 171 char *sc_service_name; /* if != NULL: requested name of service */ 172 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 173 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 174 size_t sc_ac_cookie_len; /* length of cookie data */ 175 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 176 size_t sc_relay_sid_len; /* length of relay SID data */ 177 #ifdef PPPOE_SERVER 178 uint8_t *sc_hunique; /* content of host unique we must echo back */ 179 size_t sc_hunique_len; /* length of host unique */ 180 #endif 181 callout_t sc_timeout; /* timeout while not in session state */ 182 int sc_padi_retried; /* number of PADI retries already done */ 183 int sc_padr_retried; /* number of PADR retries already done */ 184 krwlock_t sc_session_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 185 kmutex_t *sc_lock; /* lock of other parameters */ 186 }; 187 188 /* incoming traffic will be queued here */ 189 struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 190 struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 191 192 void *pppoe_softintr = NULL; 193 static void pppoe_softintr_handler(void *); 194 195 extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 196 197 /* input routines */ 198 static void pppoeintr(void); 199 static void pppoe_disc_input(struct mbuf *); 200 static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 201 static void pppoe_data_input(struct mbuf *); 202 static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 203 204 /* management routines */ 205 static int pppoe_connect(struct pppoe_softc *); 206 static int pppoe_disconnect(struct pppoe_softc *); 207 static void pppoe_abort_connect(struct pppoe_softc *); 208 static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 209 static void pppoe_tls(struct sppp *); 210 static void pppoe_tlf(struct sppp *); 211 static void pppoe_start(struct ifnet *); 212 #ifdef PPPOE_MPSAFE 213 static int pppoe_transmit(struct ifnet *, struct mbuf *); 214 #endif 215 static void pppoe_clear_softc(struct pppoe_softc *, const char *); 216 217 /* internal timeout handling */ 218 static void pppoe_timeout(void *); 219 220 /* sending actual protocol controll packets */ 221 static int pppoe_send_padi(struct pppoe_softc *); 222 static int pppoe_send_padr(struct pppoe_softc *); 223 #ifdef PPPOE_SERVER 224 static int pppoe_send_pado(struct pppoe_softc *); 225 static int pppoe_send_pads(struct pppoe_softc *); 226 #endif 227 static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 228 229 /* raw output */ 230 static int pppoe_output(struct pppoe_softc *, struct mbuf *); 231 232 /* internal helper functions */ 233 static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, krw_t); 234 static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 235 struct ifnet *, krw_t); 236 static struct mbuf *pppoe_get_mbuf(size_t len); 237 238 static void pppoe_ifattach_hook(void *, unsigned long, void *); 239 240 static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 241 static krwlock_t pppoe_softc_list_lock; 242 243 static int pppoe_clone_create(struct if_clone *, int); 244 static int pppoe_clone_destroy(struct ifnet *); 245 246 static bool pppoe_term_unknown = false; 247 248 static struct sysctllog *pppoe_sysctl_clog; 249 static void sysctl_net_pppoe_setup(struct sysctllog **); 250 251 static struct if_clone pppoe_cloner = 252 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 253 254 /* ARGSUSED */ 255 void 256 pppoeattach(int count) 257 { 258 259 /* 260 * Nothing to do here, initialization is handled by the 261 * module initialization code in pppoeinit() below). 262 */ 263 } 264 265 static void 266 pppoeinit(void) 267 { 268 269 LIST_INIT(&pppoe_softc_list); 270 rw_init(&pppoe_softc_list_lock); 271 if_clone_attach(&pppoe_cloner); 272 273 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 274 pppoe_softintr_handler, NULL); 275 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 276 277 IFQ_LOCK_INIT(&ppoediscinq); 278 IFQ_LOCK_INIT(&ppoeinq); 279 } 280 281 static int 282 pppoedetach(void) 283 { 284 int error = 0; 285 286 if (!LIST_EMPTY(&pppoe_softc_list)) 287 error = EBUSY; 288 289 if (error == 0) { 290 if_clone_detach(&pppoe_cloner); 291 softint_disestablish(pppoe_softintr); 292 /* Remove our sysctl sub-tree */ 293 sysctl_teardown(&pppoe_sysctl_clog); 294 } 295 296 return error; 297 } 298 299 static int 300 pppoe_clone_create(struct if_clone *ifc, int unit) 301 { 302 struct pppoe_softc *sc; 303 304 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 305 306 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 307 sc->sc_sppp.pp_if.if_softc = sc; 308 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 309 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 310 #ifdef PPPOE_MPSAFE 311 sc->sc_sppp.pp_if.if_extflags = IFEF_OUTPUT_MPSAFE; 312 #endif 313 sc->sc_sppp.pp_if.if_type = IFT_PPP; 314 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 315 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 316 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 317 PP_NOFRAMING; /* no serial encapsulation */ 318 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 319 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 320 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 321 322 /* changed to real address later */ 323 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 324 325 callout_init(&sc->sc_timeout, 0); 326 327 sc->sc_sppp.pp_if.if_start = pppoe_start; 328 #ifdef PPPOE_MPSAFE 329 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 330 #endif 331 sc->sc_sppp.pp_tls = pppoe_tls; 332 sc->sc_sppp.pp_tlf = pppoe_tlf; 333 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 334 335 if_initialize(&sc->sc_sppp.pp_if); 336 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 337 sppp_attach(&sc->sc_sppp.pp_if); 338 if_register(&sc->sc_sppp.pp_if); 339 340 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 341 if (LIST_EMPTY(&pppoe_softc_list)) { 342 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 343 } 344 345 sc->sc_lock = mutex_obj_alloc(MUTEX_DEFAULT, IPL_SOFTNET); 346 rw_init(&sc->sc_session_lock); 347 348 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 349 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 350 rw_exit(&pppoe_softc_list_lock); 351 return 0; 352 } 353 354 static int 355 pppoe_clone_destroy(struct ifnet *ifp) 356 { 357 struct pppoe_softc * sc = ifp->if_softc; 358 359 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 360 361 PPPOE_PARAM_LOCK(sc); 362 callout_halt(&sc->sc_timeout, NULL); 363 364 LIST_REMOVE(sc, sc_list); 365 366 if (LIST_EMPTY(&pppoe_softc_list)) { 367 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 368 } 369 rw_exit(&pppoe_softc_list_lock); 370 371 PPPOE_SESSION_LOCK(sc, RW_WRITER); 372 373 bpf_detach(ifp); 374 sppp_detach(&sc->sc_sppp.pp_if); 375 if_detach(ifp); 376 if (sc->sc_concentrator_name) 377 free(sc->sc_concentrator_name, M_DEVBUF); 378 if (sc->sc_service_name) 379 free(sc->sc_service_name, M_DEVBUF); 380 if (sc->sc_ac_cookie) 381 free(sc->sc_ac_cookie, M_DEVBUF); 382 if (sc->sc_relay_sid) 383 free(sc->sc_relay_sid, M_DEVBUF); 384 callout_destroy(&sc->sc_timeout); 385 386 PPPOE_PARAM_UNLOCK(sc); 387 if (sc->sc_lock) 388 mutex_obj_free(sc->sc_lock); 389 PPPOE_SESSION_UNLOCK(sc); 390 rw_destroy(&sc->sc_session_lock); 391 392 free(sc, M_DEVBUF); 393 394 return (0); 395 } 396 397 /* 398 * Find the interface handling the specified session. 399 * Note: O(number of sessions open), this is a client-side only, mean 400 * and lean implementation, so number of open sessions typically should 401 * be 1. 402 */ 403 static struct pppoe_softc * 404 pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 405 { 406 struct pppoe_softc *sc = NULL; 407 408 if (session == 0) 409 return NULL; 410 rw_enter(&pppoe_softc_list_lock, RW_READER); 411 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 412 PPPOE_SESSION_LOCK(sc, lock); 413 if (!sc->sc_state_updating 414 && sc->sc_state == PPPOE_STATE_SESSION 415 && sc->sc_session == session 416 && sc->sc_eth_if == rcvif) 417 break; 418 419 PPPOE_SESSION_UNLOCK(sc); 420 } 421 rw_exit(&pppoe_softc_list_lock); 422 return sc; 423 } 424 425 /* Check host unique token passed and return appropriate softc pointer, 426 * or NULL if token is bogus. */ 427 static struct pppoe_softc * 428 pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 429 struct ifnet *rcvif, krw_t lock) 430 { 431 struct pppoe_softc *sc, *t; 432 433 if (LIST_EMPTY(&pppoe_softc_list)) 434 return NULL; 435 436 if (len != sizeof sc) 437 return NULL; 438 memcpy(&t, token, len); 439 440 rw_enter(&pppoe_softc_list_lock, RW_READER); 441 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 442 if (sc == t) { 443 PPPOE_SESSION_LOCK(sc, lock); 444 break; 445 } 446 } 447 rw_exit(&pppoe_softc_list_lock); 448 449 if (sc == NULL) { 450 #ifdef PPPOE_DEBUG 451 printf("pppoe: alien host unique tag, no session found\n"); 452 #endif 453 return NULL; 454 } 455 456 if (sc->sc_state_updating) { 457 #ifdef PPPOE_DEBUG 458 printf("%s: host unique tag found, but its state is updating\n", 459 sc->sc_sppp.pp_if.if_xname); 460 #endif 461 PPPOE_SESSION_UNLOCK(sc); 462 return NULL; 463 } 464 465 /* should be safe to access *sc now */ 466 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 467 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 468 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 469 PPPOE_SESSION_UNLOCK(sc); 470 return NULL; 471 } 472 if (sc->sc_eth_if != rcvif) { 473 printf("%s: wrong interface, not accepting host unique\n", 474 sc->sc_sppp.pp_if.if_xname); 475 PPPOE_SESSION_UNLOCK(sc); 476 return NULL; 477 } 478 return sc; 479 } 480 481 static void 482 pppoe_softintr_handler(void *dummy) 483 { 484 /* called at splsoftnet() */ 485 pppoeintr(); 486 } 487 488 /* called at appropriate protection level */ 489 static void 490 pppoeintr(void) 491 { 492 struct mbuf *m; 493 int disc_done, data_done; 494 495 #ifndef PPPOE_MPSAFE 496 mutex_enter(softnet_lock); 497 #endif 498 499 do { 500 disc_done = 0; 501 data_done = 0; 502 for (;;) { 503 IFQ_LOCK(&ppoediscinq); 504 IF_DEQUEUE(&ppoediscinq, m); 505 IFQ_UNLOCK(&ppoediscinq); 506 if (m == NULL) break; 507 disc_done = 1; 508 pppoe_disc_input(m); 509 } 510 511 for (;;) { 512 IFQ_LOCK(&ppoeinq); 513 IF_DEQUEUE(&ppoeinq, m); 514 IFQ_UNLOCK(&ppoeinq); 515 if (m == NULL) break; 516 data_done = 1; 517 pppoe_data_input(m); 518 } 519 } while (disc_done || data_done); 520 #ifndef PPPOE_MPSAFE 521 mutex_exit(softnet_lock); 522 #endif 523 } 524 525 /* analyze and handle a single received packet while not in session state */ 526 static void 527 pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 528 { 529 uint16_t tag, len; 530 uint16_t session, plen; 531 struct pppoe_softc *sc; 532 const char *err_msg; 533 char devname[IF_NAMESIZE]; 534 char *error; 535 uint8_t *ac_cookie; 536 size_t ac_cookie_len; 537 uint8_t *relay_sid; 538 size_t relay_sid_len; 539 #ifdef PPPOE_SERVER 540 uint8_t *hunique; 541 size_t hunique_len; 542 #endif 543 struct pppoehdr *ph; 544 struct pppoetag *pt; 545 struct mbuf *n; 546 int noff, err, errortag; 547 struct ether_header *eh; 548 549 /* as long as we don't know which instance */ 550 strlcpy(devname, "pppoe", sizeof(devname)); 551 552 err_msg = NULL; 553 errortag = 0; 554 if (m->m_len < sizeof(*eh)) { 555 m = m_pullup(m, sizeof(*eh)); 556 if (!m) 557 goto done; 558 } 559 eh = mtod(m, struct ether_header *); 560 off += sizeof(*eh); 561 562 ac_cookie = NULL; 563 ac_cookie_len = 0; 564 relay_sid = NULL; 565 relay_sid_len = 0; 566 #ifdef PPPOE_SERVER 567 hunique = NULL; 568 hunique_len = 0; 569 #endif 570 session = 0; 571 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 572 printf("pppoe: packet too short: %d\n", m->m_pkthdr.len); 573 goto done; 574 } 575 576 n = m_pulldown(m, off, sizeof(*ph), &noff); 577 if (!n) { 578 printf("pppoe: could not get PPPoE header\n"); 579 m = NULL; 580 goto done; 581 } 582 ph = (struct pppoehdr *)(mtod(n, char *) + noff); 583 if (ph->vertype != PPPOE_VERTYPE) { 584 printf("pppoe: unknown version/type packet: 0x%x\n", 585 ph->vertype); 586 goto done; 587 } 588 session = ntohs(ph->session); 589 plen = ntohs(ph->plen); 590 off += sizeof(*ph); 591 592 if (plen + off > m->m_pkthdr.len) { 593 printf("pppoe: packet content does not fit: data available = %d, packet size = %u\n", 594 m->m_pkthdr.len - off, plen); 595 goto done; 596 } 597 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 598 tag = 0; 599 len = 0; 600 sc = NULL; 601 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 602 n = m_pulldown(m, off, sizeof(*pt), &noff); 603 if (!n) { 604 printf("%s: parse error\n", devname); 605 m = NULL; 606 goto done; 607 } 608 pt = (struct pppoetag *)(mtod(n, char *) + noff); 609 tag = ntohs(pt->tag); 610 len = ntohs(pt->len); 611 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 612 printf("pppoe: tag 0x%x len 0x%x is too long\n", 613 tag, len); 614 goto done; 615 } 616 switch (tag) { 617 case PPPOE_TAG_EOL: 618 goto breakbreak; 619 case PPPOE_TAG_SNAME: 620 break; /* ignored */ 621 case PPPOE_TAG_ACNAME: 622 error = NULL; 623 if (sc != NULL && len > 0) { 624 error = malloc(len+1, M_TEMP, M_NOWAIT); 625 if (error) { 626 n = m_pulldown(m, off + sizeof(*pt), 627 len, &noff); 628 if (n) { 629 strlcpy(error, 630 mtod(n, char*) + noff, 631 len); 632 } 633 printf("%s: connected to %s\n", 634 devname, error); 635 free(error, M_TEMP); 636 } 637 } 638 break; /* ignored */ 639 case PPPOE_TAG_HUNIQUE: { 640 struct ifnet *rcvif; 641 int s; 642 if (sc != NULL) 643 break; 644 n = m_pulldown(m, off + sizeof(*pt), len, &noff); 645 if (!n) { 646 m = NULL; 647 err_msg = "TAG HUNIQUE ERROR"; 648 break; 649 } 650 #ifdef PPPOE_SERVER 651 hunique = mtod(n, uint8_t *) + noff; 652 hunique_len = len; 653 #endif 654 rcvif = m_get_rcvif(m, &s); 655 sc = pppoe_find_softc_by_hunique(mtod(n, char *) + noff, 656 len, rcvif, RW_READER); 657 m_put_rcvif(rcvif, &s); 658 if (sc != NULL) { 659 strlcpy(devname, sc->sc_sppp.pp_if.if_xname, 660 sizeof(devname)); 661 PPPOE_SESSION_UNLOCK(sc); 662 } 663 break; 664 } 665 case PPPOE_TAG_ACCOOKIE: 666 if (ac_cookie == NULL) { 667 n = m_pulldown(m, off + sizeof(*pt), len, 668 &noff); 669 if (!n) { 670 err_msg = "TAG ACCOOKIE ERROR"; 671 m = NULL; 672 break; 673 } 674 ac_cookie = mtod(n, char *) + noff; 675 ac_cookie_len = len; 676 } 677 break; 678 case PPPOE_TAG_RELAYSID: 679 if (relay_sid == NULL) { 680 n = m_pulldown(m, off + sizeof(*pt), len, 681 &noff); 682 if (!n) { 683 err_msg = "TAG RELAYSID ERROR"; 684 m = NULL; 685 break; 686 } 687 relay_sid = mtod(n, char *) + noff; 688 relay_sid_len = len; 689 } 690 break; 691 case PPPOE_TAG_SNAME_ERR: 692 err_msg = "SERVICE NAME ERROR"; 693 errortag = 1; 694 break; 695 case PPPOE_TAG_ACSYS_ERR: 696 err_msg = "AC SYSTEM ERROR"; 697 errortag = 1; 698 break; 699 case PPPOE_TAG_GENERIC_ERR: 700 err_msg = "GENERIC ERROR"; 701 errortag = 1; 702 break; 703 } 704 if (err_msg) { 705 error = NULL; 706 if (errortag && len) { 707 error = malloc(len+1, M_TEMP, M_NOWAIT); 708 n = m_pulldown(m, off + sizeof(*pt), len, 709 &noff); 710 if (n && error) { 711 strlcpy(error, 712 mtod(n, char *) + noff, len); 713 } 714 } 715 if (error) { 716 printf("%s: %s: %s\n", devname, 717 err_msg, error); 718 free(error, M_TEMP); 719 } else 720 printf("%s: %s\n", devname, err_msg); 721 if (errortag || m == NULL) 722 goto done; 723 } 724 off += sizeof(*pt) + len; 725 } 726 breakbreak:; 727 switch (ph->code) { 728 case PPPOE_CODE_PADI: 729 #ifdef PPPOE_SERVER 730 /* 731 * got service name, concentrator name, and/or host unique. 732 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 733 */ 734 if (LIST_EMPTY(&pppoe_softc_list)) 735 goto done; 736 rw_enter(&pppoe_softc_list_lock, RW_READER); 737 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 738 PPPOE_SESSION_LOCK(sc, RW_WRITER); 739 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 740 PPPOE_SESSION_UNLOCK(sc); 741 continue; 742 } 743 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 744 PPPOE_SESSION_UNLOCK(sc); 745 continue; 746 } 747 748 if (!sc->sc_state_updating 749 && sc->sc_state == PPPOE_STATE_INITIAL) 750 break; 751 752 PPPOE_SESSION_UNLOCK(sc); 753 } 754 rw_exit(&pppoe_softc_list_lock); 755 756 if (sc == NULL) { 757 /* printf("pppoe: free passive interface is not found\n");*/ 758 goto done; 759 } 760 761 PPPOE_PARAM_LOCK(sc); 762 if (hunique) { 763 if (sc->sc_hunique) 764 free(sc->sc_hunique, M_DEVBUF); 765 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 766 M_DONTWAIT); 767 if (sc->sc_hunique == NULL) { 768 PPPOE_PARAM_UNLOCK(sc); 769 PPPOE_SESSION_UNLOCK(sc); 770 goto done; 771 } 772 sc->sc_hunique_len = hunique_len; 773 memcpy(sc->sc_hunique, hunique, hunique_len); 774 } 775 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 776 sc->sc_state = PPPOE_STATE_PADO_SENT; 777 pppoe_send_pado(sc); 778 PPPOE_PARAM_UNLOCK(sc); 779 PPPOE_SESSION_UNLOCK(sc); 780 break; 781 #endif /* PPPOE_SERVER */ 782 case PPPOE_CODE_PADR: 783 #ifdef PPPOE_SERVER 784 /* 785 * get sc from ac_cookie if IFF_PASSIVE 786 */ 787 if (ac_cookie == NULL) { 788 /* be quiet if there is not a single pppoe instance */ 789 printf("pppoe: received PADR but not includes ac_cookie\n"); 790 goto done; 791 } 792 sc = pppoe_find_softc_by_hunique(ac_cookie, 793 ac_cookie_len, 794 m_get_rcvif_NOMPSAFE(m), 795 RW_WRITER); 796 if (sc == NULL) { 797 /* be quiet if there is not a single pppoe instance */ 798 if (!LIST_EMPTY(&pppoe_softc_list)) 799 printf("pppoe: received PADR but could not find request for it\n"); 800 goto done; 801 } 802 803 if (sc->sc_state_updating 804 || sc->sc_state != PPPOE_STATE_PADO_SENT) { 805 printf("%s: received unexpected PADR\n", 806 sc->sc_sppp.pp_if.if_xname); 807 PPPOE_SESSION_UNLOCK(sc); 808 goto done; 809 } 810 PPPOE_PARAM_LOCK(sc); 811 if (hunique) { 812 if (sc->sc_hunique) 813 free(sc->sc_hunique, M_DEVBUF); 814 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 815 M_DONTWAIT); 816 if (sc->sc_hunique == NULL) { 817 PPPOE_PARAM_UNLOCK(sc); 818 PPPOE_SESSION_UNLOCK(sc); 819 goto done; 820 } 821 sc->sc_hunique_len = hunique_len; 822 memcpy(sc->sc_hunique, hunique, hunique_len); 823 } 824 pppoe_send_pads(sc); 825 sc->sc_state = PPPOE_STATE_SESSION; 826 PPPOE_PARAM_UNLOCK(sc); 827 PPPOE_SESSION_UNLOCK(sc); 828 829 sppp_lock_enter(&sc->sc_sppp); 830 sc->sc_sppp.pp_up(&sc->sc_sppp); 831 sppp_lock_exit(&sc->sc_sppp); 832 break; 833 #else 834 /* ignore, we are no access concentrator */ 835 goto done; 836 #endif /* PPPOE_SERVER */ 837 case PPPOE_CODE_PADO: 838 if (sc == NULL) { 839 /* be quiet if there is not a single pppoe instance */ 840 if (!LIST_EMPTY(&pppoe_softc_list)) 841 printf("pppoe: received PADO but could not find request for it\n"); 842 goto done; 843 } 844 845 PPPOE_SESSION_LOCK(sc, RW_WRITER); 846 847 if (sc->sc_state_updating 848 || sc->sc_state != PPPOE_STATE_PADI_SENT) { 849 printf("%s: received unexpected PADO\n", 850 sc->sc_sppp.pp_if.if_xname); 851 PPPOE_SESSION_UNLOCK(sc); 852 goto done; 853 } 854 855 PPPOE_PARAM_LOCK(sc); 856 if (ac_cookie) { 857 if (sc->sc_ac_cookie) 858 free(sc->sc_ac_cookie, M_DEVBUF); 859 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 860 M_DONTWAIT); 861 if (sc->sc_ac_cookie == NULL) { 862 printf("%s: FATAL: could not allocate memory " 863 "for AC cookie\n", 864 sc->sc_sppp.pp_if.if_xname); 865 PPPOE_PARAM_UNLOCK(sc); 866 PPPOE_SESSION_UNLOCK(sc); 867 goto done; 868 } 869 sc->sc_ac_cookie_len = ac_cookie_len; 870 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 871 } 872 if (relay_sid) { 873 if (sc->sc_relay_sid) 874 free(sc->sc_relay_sid, M_DEVBUF); 875 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 876 M_DONTWAIT); 877 if (sc->sc_relay_sid == NULL) { 878 printf("%s: FATAL: could not allocate memory " 879 "for relay SID\n", 880 sc->sc_sppp.pp_if.if_xname); 881 PPPOE_PARAM_UNLOCK(sc); 882 PPPOE_SESSION_UNLOCK(sc); 883 goto done; 884 } 885 sc->sc_relay_sid_len = relay_sid_len; 886 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 887 } 888 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 889 callout_stop(&sc->sc_timeout); 890 sc->sc_padr_retried = 0; 891 sc->sc_state = PPPOE_STATE_PADR_SENT; 892 if ((err = pppoe_send_padr(sc)) != 0) { 893 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 894 printf("%s: failed to send PADR, " 895 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 896 err); 897 } 898 callout_reset(&sc->sc_timeout, 899 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 900 pppoe_timeout, sc); 901 902 PPPOE_PARAM_UNLOCK(sc); 903 PPPOE_SESSION_UNLOCK(sc); 904 break; 905 case PPPOE_CODE_PADS: 906 if (sc == NULL) 907 goto done; 908 909 PPPOE_SESSION_LOCK(sc, RW_WRITER); 910 PPPOE_PARAM_LOCK(sc); 911 912 if (sc->sc_state_updating) { 913 PPPOE_PARAM_UNLOCK(sc); 914 PPPOE_SESSION_UNLOCK(sc); 915 goto done; 916 } 917 918 sc->sc_session = session; 919 callout_stop(&sc->sc_timeout); 920 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 921 printf("%s: session 0x%x connected\n", 922 sc->sc_sppp.pp_if.if_xname, session); 923 sc->sc_state = PPPOE_STATE_SESSION; 924 PPPOE_PARAM_UNLOCK(sc); 925 PPPOE_SESSION_UNLOCK(sc); 926 927 sppp_lock_enter(&sc->sc_sppp); 928 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 929 sppp_lock_exit(&sc->sc_sppp); 930 break; 931 case PPPOE_CODE_PADT: { 932 struct ifnet *rcvif; 933 int s; 934 935 rcvif = m_get_rcvif(m, &s); 936 sc = pppoe_find_softc_by_session(session, rcvif, RW_WRITER); 937 m_put_rcvif(rcvif, &s); 938 if (sc == NULL) 939 goto done; 940 941 PPPOE_PARAM_LOCK(sc); 942 pppoe_clear_softc(sc, "received PADT"); 943 PPPOE_PARAM_UNLOCK(sc); 944 PPPOE_SESSION_UNLOCK(sc); 945 break; 946 } 947 default: 948 if (sc != NULL) { 949 PPPOE_SESSION_LOCK(sc, RW_READER); 950 strlcpy(devname, sc->sc_sppp.pp_if.if_xname, 951 sizeof(devname)); 952 PPPOE_SESSION_UNLOCK(sc); 953 } else 954 strlcpy(devname, "pppoe", sizeof(devname)); 955 956 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 957 devname, ph->code, session); 958 break; 959 } 960 961 done: 962 if (m) 963 m_freem(m); 964 return; 965 } 966 967 static void 968 pppoe_disc_input(struct mbuf *m) 969 { 970 971 /* avoid error messages if there is not a single pppoe instance */ 972 if (!LIST_EMPTY(&pppoe_softc_list)) { 973 KASSERT(m->m_flags & M_PKTHDR); 974 pppoe_dispatch_disc_pkt(m, 0); 975 } else 976 m_freem(m); 977 } 978 979 static void 980 pppoe_data_input(struct mbuf *m) 981 { 982 uint16_t session, plen; 983 struct pppoe_softc *sc; 984 struct pppoehdr *ph; 985 struct ifnet *rcvif; 986 struct psref psref; 987 uint8_t shost[ETHER_ADDR_LEN]; 988 989 KASSERT(m->m_flags & M_PKTHDR); 990 991 if (pppoe_term_unknown) 992 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 993 ETHER_ADDR_LEN); 994 m_adj(m, sizeof(struct ether_header)); 995 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 996 printf("pppoe (data): dropping too short packet: %d bytes\n", 997 m->m_pkthdr.len); 998 goto drop; 999 } 1000 1001 if (m->m_len < sizeof(*ph)) { 1002 m = m_pullup(m, sizeof(*ph)); 1003 if (!m) { 1004 printf("pppoe: could not get PPPoE header\n"); 1005 return; 1006 } 1007 } 1008 ph = mtod(m, struct pppoehdr *); 1009 1010 if (ph->vertype != PPPOE_VERTYPE) { 1011 printf("pppoe (data): unknown version/type packet: 0x%x\n", 1012 ph->vertype); 1013 goto drop; 1014 } 1015 if (ph->code != 0) 1016 goto drop; 1017 1018 session = ntohs(ph->session); 1019 rcvif = m_get_rcvif_psref(m, &psref); 1020 if (__predict_false(rcvif == NULL)) 1021 goto drop; 1022 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1023 if (sc == NULL) { 1024 if (pppoe_term_unknown) { 1025 printf("pppoe: input for unknown session %#x, " 1026 "sending PADT\n", session); 1027 pppoe_send_padt(rcvif, session, shost); 1028 } 1029 m_put_rcvif_psref(rcvif, &psref); 1030 goto drop; 1031 } 1032 1033 m_put_rcvif_psref(rcvif, &psref); 1034 1035 plen = ntohs(ph->plen); 1036 1037 bpf_mtap(&sc->sc_sppp.pp_if, m); 1038 1039 m_adj(m, PPPOE_HEADERLEN); 1040 1041 #ifdef PPPOE_DEBUG 1042 { 1043 struct mbuf *p; 1044 1045 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1046 sc->sc_sppp.pp_if.if_xname, 1047 m->m_pkthdr.len, plen); 1048 p = m; 1049 while (p) { 1050 printf(" l=%d", p->m_len); 1051 p = p->m_next; 1052 } 1053 printf("\n"); 1054 } 1055 #endif 1056 PPPOE_SESSION_UNLOCK(sc); 1057 1058 if (m->m_pkthdr.len < plen) 1059 goto drop; 1060 1061 /* fix incoming interface pointer (not the raw ethernet interface anymore) */ 1062 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1063 1064 /* pass packet up and account for it */ 1065 sc->sc_sppp.pp_if.if_ipackets++; 1066 sppp_input(&sc->sc_sppp.pp_if, m); 1067 return; 1068 1069 drop: 1070 m_freem(m); 1071 } 1072 1073 static int 1074 pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1075 { 1076 struct sockaddr dst; 1077 struct ether_header *eh; 1078 uint16_t etype; 1079 1080 KASSERT(PPPOE_SESSION_LOCKED(sc)); 1081 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1082 1083 if (sc->sc_eth_if == NULL) { 1084 m_freem(m); 1085 return EIO; 1086 } 1087 1088 memset(&dst, 0, sizeof dst); 1089 dst.sa_family = AF_UNSPEC; 1090 eh = (struct ether_header*)&dst.sa_data; 1091 etype = sc->sc_state == PPPOE_STATE_SESSION ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1092 eh->ether_type = htons(etype); 1093 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1094 1095 #ifdef PPPOE_DEBUG 1096 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 1097 sc->sc_sppp.pp_if.if_xname, etype, 1098 sc->sc_state, sc->sc_session, 1099 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1100 #endif 1101 1102 m->m_flags &= ~(M_BCAST|M_MCAST); 1103 sc->sc_sppp.pp_if.if_opackets++; 1104 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1105 } 1106 1107 static int 1108 pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1109 { 1110 struct lwp *l = curlwp; /* XXX */ 1111 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1112 struct ifreq *ifr = data; 1113 int error = 0; 1114 1115 switch (cmd) { 1116 case PPPOESETPARMS: 1117 { 1118 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1119 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1120 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1121 NULL) != 0) 1122 return (EPERM); 1123 if (parms->eth_ifname[0] != 0) { 1124 struct ifnet *eth_if; 1125 1126 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1127 eth_if = ifunit(parms->eth_ifname); 1128 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1129 sc->sc_eth_if = NULL; 1130 PPPOE_SESSION_UNLOCK(sc); 1131 return ENXIO; 1132 } 1133 1134 if (sc->sc_sppp.pp_if.if_mtu != 1135 eth_if->if_mtu - PPPOE_OVERHEAD) { 1136 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1137 PPPOE_OVERHEAD; 1138 } 1139 sc->sc_eth_if = eth_if; 1140 PPPOE_SESSION_UNLOCK(sc); 1141 } 1142 if (parms->ac_name != NULL) { 1143 size_t s; 1144 char *b = malloc(parms->ac_name_len + 1, M_DEVBUF, 1145 M_WAITOK); 1146 if (b == NULL) 1147 return ENOMEM; 1148 error = copyinstr(parms->ac_name, b, 1149 parms->ac_name_len+1, &s); 1150 if (error != 0) { 1151 free(b, M_DEVBUF); 1152 return error; 1153 } 1154 if (s != parms->ac_name_len+1) { 1155 free(b, M_DEVBUF); 1156 return EINVAL; 1157 } 1158 1159 PPPOE_PARAM_LOCK(sc); 1160 if (sc->sc_concentrator_name) 1161 free(sc->sc_concentrator_name, M_DEVBUF); 1162 sc->sc_concentrator_name = b; 1163 PPPOE_PARAM_UNLOCK(sc); 1164 } 1165 if (parms->service_name != NULL) { 1166 size_t s; 1167 char *b = malloc(parms->service_name_len + 1, M_DEVBUF, 1168 M_WAITOK); 1169 if (b == NULL) 1170 return ENOMEM; 1171 error = copyinstr(parms->service_name, b, 1172 parms->service_name_len+1, &s); 1173 if (error != 0) { 1174 free(b, M_DEVBUF); 1175 return error; 1176 } 1177 if (s != parms->service_name_len+1) { 1178 free(b, M_DEVBUF); 1179 return EINVAL; 1180 } 1181 1182 PPPOE_PARAM_LOCK(sc); 1183 if (sc->sc_service_name) 1184 free(sc->sc_service_name, M_DEVBUF); 1185 sc->sc_service_name = b; 1186 PPPOE_PARAM_UNLOCK(sc); 1187 } 1188 return 0; 1189 } 1190 break; 1191 case PPPOEGETPARMS: 1192 { 1193 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1194 memset(parms, 0, sizeof *parms); 1195 PPPOE_SESSION_LOCK(sc, RW_READER); 1196 if (sc->sc_eth_if) 1197 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1198 sizeof(parms->ifname)); 1199 PPPOE_SESSION_UNLOCK(sc); 1200 return 0; 1201 } 1202 break; 1203 case PPPOEGETSESSION: 1204 { 1205 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1206 PPPOE_SESSION_LOCK(sc, RW_READER); 1207 PPPOE_PARAM_LOCK(sc); 1208 state->state = sc->sc_state; 1209 state->session_id = sc->sc_session; 1210 state->padi_retry_no = sc->sc_padi_retried; 1211 state->padr_retry_no = sc->sc_padr_retried; 1212 PPPOE_PARAM_UNLOCK(sc); 1213 PPPOE_SESSION_UNLOCK(sc); 1214 return 0; 1215 } 1216 break; 1217 case SIOCSIFFLAGS: 1218 /* 1219 * Prevent running re-establishment timers overriding 1220 * administrators choice. 1221 */ 1222 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1223 PPPOE_PARAM_LOCK(sc); 1224 1225 if ((ifr->ifr_flags & IFF_UP) == 0 1226 && sc->sc_state >= PPPOE_STATE_PADI_SENT 1227 && sc->sc_state < PPPOE_STATE_SESSION) { 1228 callout_stop(&sc->sc_timeout); 1229 sc->sc_state = PPPOE_STATE_INITIAL; 1230 sc->sc_padi_retried = 0; 1231 sc->sc_padr_retried = 0; 1232 memcpy(&sc->sc_dest, etherbroadcastaddr, 1233 sizeof(sc->sc_dest)); 1234 sc->sc_state_updating = 1; 1235 } 1236 1237 PPPOE_PARAM_UNLOCK(sc); 1238 PPPOE_SESSION_UNLOCK(sc); 1239 1240 error = sppp_ioctl(ifp, cmd, data); 1241 1242 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1243 sc->sc_state_updating = 0; 1244 PPPOE_SESSION_UNLOCK(sc); 1245 1246 return error; 1247 case SIOCSIFMTU: 1248 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1249 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1250 return EINVAL; 1251 } 1252 /*FALLTHROUGH*/ 1253 default: 1254 return sppp_ioctl(ifp, cmd, data); 1255 } 1256 return 0; 1257 } 1258 1259 /* 1260 * Allocate a mbuf/cluster with space to store the given data length 1261 * of payload, leaving space for prepending an ethernet header 1262 * in front. 1263 */ 1264 static struct mbuf * 1265 pppoe_get_mbuf(size_t len) 1266 { 1267 struct mbuf *m; 1268 1269 MGETHDR(m, M_DONTWAIT, MT_DATA); 1270 if (m == NULL) 1271 return NULL; 1272 if (len + sizeof(struct ether_header) > MHLEN) { 1273 MCLGET(m, M_DONTWAIT); 1274 if ((m->m_flags & M_EXT) == 0) { 1275 m_free(m); 1276 return NULL; 1277 } 1278 } 1279 m->m_data += sizeof(struct ether_header); 1280 m->m_len = len; 1281 m->m_pkthdr.len = len; 1282 m_reset_rcvif(m); 1283 1284 return m; 1285 } 1286 1287 static int 1288 pppoe_send_padi(struct pppoe_softc *sc) 1289 { 1290 struct mbuf *m0; 1291 int len, l1 = 0, l2 = 0; /* XXX: gcc */ 1292 uint8_t *p; 1293 1294 KASSERT(PPPOE_SESSION_LOCKED(sc)); 1295 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1296 1297 if (sc->sc_state >PPPOE_STATE_PADI_SENT) 1298 panic("pppoe_send_padi in state %d", sc->sc_state); 1299 1300 /* calculate length of frame (excluding ethernet header + pppoe header) */ 1301 len = 2 + 2 + 2 + 2 + sizeof sc; /* service name tag is required, host unique is send too */ 1302 if (sc->sc_service_name != NULL) { 1303 l1 = strlen(sc->sc_service_name); 1304 len += l1; 1305 } 1306 if (sc->sc_concentrator_name != NULL) { 1307 l2 = strlen(sc->sc_concentrator_name); 1308 len += 2 + 2 + l2; 1309 } 1310 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1311 len += 2 + 2 + 2; 1312 } 1313 1314 /* allocate a buffer */ 1315 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); /* header len + payload len */ 1316 if (!m0) 1317 return ENOBUFS; 1318 1319 /* fill in pkt */ 1320 p = mtod(m0, uint8_t *); 1321 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1322 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1323 if (sc->sc_service_name != NULL) { 1324 PPPOE_ADD_16(p, l1); 1325 memcpy(p, sc->sc_service_name, l1); 1326 p += l1; 1327 } else { 1328 PPPOE_ADD_16(p, 0); 1329 } 1330 if (sc->sc_concentrator_name != NULL) { 1331 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1332 PPPOE_ADD_16(p, l2); 1333 memcpy(p, sc->sc_concentrator_name, l2); 1334 p += l2; 1335 } 1336 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1337 PPPOE_ADD_16(p, sizeof(sc)); 1338 memcpy(p, &sc, sizeof sc); 1339 p += sizeof(sc); 1340 1341 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1342 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1343 PPPOE_ADD_16(p, 2); 1344 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1345 } 1346 1347 #ifdef PPPOE_DEBUG 1348 p += sizeof sc; 1349 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1350 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1351 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1352 #endif 1353 1354 /* send pkt */ 1355 return pppoe_output(sc, m0); 1356 } 1357 1358 static void 1359 pppoe_timeout(void *arg) 1360 { 1361 int retry_wait, err; 1362 struct pppoe_softc *sc = (struct pppoe_softc*)arg; 1363 DECLARE_SPLNET_VARIABLE; 1364 1365 #ifdef PPPOE_DEBUG 1366 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1367 #endif 1368 1369 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1370 PPPOE_PARAM_LOCK(sc); 1371 switch (sc->sc_state) { 1372 case PPPOE_STATE_INITIAL: 1373 /* delayed connect from pppoe_tls() */ 1374 pppoe_connect(sc); 1375 break; 1376 case PPPOE_STATE_PADI_SENT: 1377 /* 1378 * We have two basic ways of retrying: 1379 * - Quick retry mode: try a few times in short sequence 1380 * - Slow retry mode: we already had a connection successfully 1381 * established and will try infinitely (without user 1382 * intervention) 1383 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1384 * is not set. 1385 */ 1386 1387 /* initialize for quick retry mode */ 1388 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1389 1390 ACQUIRE_SPLNET(); 1391 sc->sc_padi_retried++; 1392 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1393 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1394 /* slow retry mode */ 1395 retry_wait = PPPOE_SLOW_RETRY; 1396 } else { 1397 pppoe_abort_connect(sc); 1398 RELEASE_SPLNET(); 1399 PPPOE_PARAM_UNLOCK(sc); 1400 PPPOE_SESSION_UNLOCK(sc); 1401 return; 1402 } 1403 } 1404 if ((err = pppoe_send_padi(sc)) != 0) { 1405 sc->sc_padi_retried--; 1406 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1407 printf("%s: failed to transmit PADI, " 1408 "error=%d\n", 1409 sc->sc_sppp.pp_if.if_xname, err); 1410 } 1411 callout_reset(&sc->sc_timeout, retry_wait, 1412 pppoe_timeout, sc); 1413 RELEASE_SPLNET(); 1414 break; 1415 1416 case PPPOE_STATE_PADR_SENT: 1417 ACQUIRE_SPLNET(); 1418 sc->sc_padr_retried++; 1419 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1420 memcpy(&sc->sc_dest, etherbroadcastaddr, 1421 sizeof(sc->sc_dest)); 1422 sc->sc_state = PPPOE_STATE_PADI_SENT; 1423 sc->sc_padr_retried = 0; 1424 if ((err = pppoe_send_padi(sc)) != 0) { 1425 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1426 printf("%s: failed to send PADI" 1427 ", error=%d\n", 1428 sc->sc_sppp.pp_if.if_xname, 1429 err); 1430 } 1431 callout_reset(&sc->sc_timeout, 1432 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried), 1433 pppoe_timeout, sc); 1434 RELEASE_SPLNET(); 1435 PPPOE_PARAM_UNLOCK(sc); 1436 PPPOE_SESSION_UNLOCK(sc); 1437 return; 1438 } 1439 if ((err = pppoe_send_padr(sc)) != 0) { 1440 sc->sc_padr_retried--; 1441 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1442 printf("%s: failed to send PADR, " 1443 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1444 err); 1445 } 1446 callout_reset(&sc->sc_timeout, 1447 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 1448 pppoe_timeout, sc); 1449 RELEASE_SPLNET(); 1450 break; 1451 case PPPOE_STATE_CLOSING: 1452 pppoe_disconnect(sc); 1453 break; 1454 default: 1455 PPPOE_PARAM_UNLOCK(sc); 1456 PPPOE_SESSION_UNLOCK(sc); 1457 return; /* all done, work in peace */ 1458 } 1459 PPPOE_PARAM_UNLOCK(sc); 1460 PPPOE_SESSION_UNLOCK(sc); 1461 } 1462 1463 /* Start a connection (i.e. initiate discovery phase) */ 1464 static int 1465 pppoe_connect(struct pppoe_softc *sc) 1466 { 1467 int err; 1468 DECLARE_SPLNET_VARIABLE; 1469 1470 KASSERT(PPPOE_SESSION_WLOCKED(sc)); 1471 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1472 1473 if (sc->sc_state != PPPOE_STATE_INITIAL) 1474 return EBUSY; 1475 1476 #ifdef PPPOE_SERVER 1477 /* wait PADI if IFF_PASSIVE */ 1478 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1479 return 0; 1480 #endif 1481 ACQUIRE_SPLNET(); 1482 /* save state, in case we fail to send PADI */ 1483 sc->sc_state = PPPOE_STATE_PADI_SENT; 1484 sc->sc_padr_retried = 0; 1485 err = pppoe_send_padi(sc); 1486 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1487 printf("%s: failed to send PADI, error=%d\n", 1488 sc->sc_sppp.pp_if.if_xname, err); 1489 callout_reset(&sc->sc_timeout, PPPOE_DISC_TIMEOUT, pppoe_timeout, sc); 1490 RELEASE_SPLNET(); 1491 return err; 1492 } 1493 1494 /* disconnect */ 1495 static int 1496 pppoe_disconnect(struct pppoe_softc *sc) 1497 { 1498 int err; 1499 DECLARE_SPLNET_VARIABLE; 1500 1501 KASSERT(PPPOE_SESSION_WLOCKED(sc)); 1502 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1503 1504 ACQUIRE_SPLNET(); 1505 1506 if (sc->sc_state < PPPOE_STATE_SESSION) 1507 err = EBUSY; 1508 else { 1509 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1510 printf("%s: disconnecting\n", 1511 sc->sc_sppp.pp_if.if_xname); 1512 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, (const uint8_t *)&sc->sc_dest); 1513 } 1514 1515 /* cleanup softc */ 1516 sc->sc_state = PPPOE_STATE_INITIAL; 1517 sc->sc_state_updating = 1; 1518 1519 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1520 if (sc->sc_ac_cookie) { 1521 free(sc->sc_ac_cookie, M_DEVBUF); 1522 sc->sc_ac_cookie = NULL; 1523 } 1524 sc->sc_ac_cookie_len = 0; 1525 if (sc->sc_relay_sid) { 1526 free(sc->sc_relay_sid, M_DEVBUF); 1527 sc->sc_relay_sid = NULL; 1528 } 1529 sc->sc_relay_sid_len = 0; 1530 #ifdef PPPOE_SERVER 1531 if (sc->sc_hunique) { 1532 free(sc->sc_hunique, M_DEVBUF); 1533 sc->sc_hunique = NULL; 1534 } 1535 sc->sc_hunique_len = 0; 1536 #endif 1537 sc->sc_session = 0; 1538 1539 PPPOE_PARAM_UNLOCK(sc); 1540 PPPOE_SESSION_UNLOCK(sc); 1541 1542 /* notify upper layer */ 1543 sppp_lock_enter(&sc->sc_sppp); 1544 sc->sc_sppp.pp_down(&sc->sc_sppp); 1545 sppp_lock_exit(&sc->sc_sppp); 1546 1547 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1548 PPPOE_PARAM_LOCK(sc); 1549 sc->sc_state_updating = 0; 1550 1551 RELEASE_SPLNET(); 1552 return err; 1553 } 1554 1555 /* Connection attempt aborted */ 1556 static void 1557 pppoe_abort_connect(struct pppoe_softc *sc) 1558 { 1559 KASSERT(PPPOE_SESSION_WLOCKED(sc)); 1560 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1561 1562 printf("%s: could not establish connection\n", 1563 sc->sc_sppp.pp_if.if_xname); 1564 sc->sc_state = PPPOE_STATE_CLOSING; 1565 sc->sc_state_updating = 1; 1566 1567 PPPOE_PARAM_UNLOCK(sc); 1568 PPPOE_SESSION_UNLOCK(sc); 1569 1570 /* notify upper layer */ 1571 sppp_lock_enter(&sc->sc_sppp); 1572 sc->sc_sppp.pp_down(&sc->sc_sppp); 1573 sppp_lock_exit(&sc->sc_sppp); 1574 1575 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1576 PPPOE_PARAM_LOCK(sc); 1577 1578 sc->sc_state_updating = 0; 1579 1580 /* clear connection state */ 1581 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1582 sc->sc_state = PPPOE_STATE_INITIAL; 1583 } 1584 1585 /* Send a PADR packet */ 1586 static int 1587 pppoe_send_padr(struct pppoe_softc *sc) 1588 { 1589 struct mbuf *m0; 1590 uint8_t *p; 1591 size_t len, l1 = 0; /* XXX: gcc */ 1592 1593 KASSERT(PPPOE_SESSION_LOCKED(sc)); 1594 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1595 1596 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1597 return EIO; 1598 1599 len = 2 + 2 + 2 + 2 + sizeof(sc); /* service name, host unique */ 1600 if (sc->sc_service_name != NULL) { /* service name tag maybe empty */ 1601 l1 = strlen(sc->sc_service_name); 1602 len += l1; 1603 } 1604 if (sc->sc_ac_cookie_len > 0) 1605 len += 2 + 2 + sc->sc_ac_cookie_len; /* AC cookie */ 1606 if (sc->sc_relay_sid_len > 0) 1607 len += 2 + 2 + sc->sc_relay_sid_len; /* Relay SID */ 1608 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1609 len += 2 + 2 + 2; 1610 } 1611 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1612 if (!m0) 1613 return ENOBUFS; 1614 p = mtod(m0, uint8_t *); 1615 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1616 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1617 if (sc->sc_service_name != NULL) { 1618 PPPOE_ADD_16(p, l1); 1619 memcpy(p, sc->sc_service_name, l1); 1620 p += l1; 1621 } else { 1622 PPPOE_ADD_16(p, 0); 1623 } 1624 if (sc->sc_ac_cookie_len > 0) { 1625 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1626 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1627 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1628 p += sc->sc_ac_cookie_len; 1629 } 1630 if (sc->sc_relay_sid_len > 0) { 1631 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1632 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1633 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1634 p += sc->sc_relay_sid_len; 1635 } 1636 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1637 PPPOE_ADD_16(p, sizeof(sc)); 1638 memcpy(p, &sc, sizeof sc); 1639 p += sizeof(sc); 1640 1641 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1642 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1643 PPPOE_ADD_16(p, 2); 1644 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1645 } 1646 1647 #ifdef PPPOE_DEBUG 1648 p += sizeof sc; 1649 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1650 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1651 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1652 #endif 1653 1654 return pppoe_output(sc, m0); 1655 } 1656 1657 /* send a PADT packet */ 1658 static int 1659 pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1660 { 1661 struct ether_header *eh; 1662 struct sockaddr dst; 1663 struct mbuf *m0; 1664 uint8_t *p; 1665 1666 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1667 if (!m0) 1668 return EIO; 1669 p = mtod(m0, uint8_t *); 1670 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1671 1672 memset(&dst, 0, sizeof dst); 1673 dst.sa_family = AF_UNSPEC; 1674 eh = (struct ether_header*)&dst.sa_data; 1675 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1676 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1677 1678 m0->m_flags &= ~(M_BCAST|M_MCAST); 1679 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1680 } 1681 1682 #ifdef PPPOE_SERVER 1683 static int 1684 pppoe_send_pado(struct pppoe_softc *sc) 1685 { 1686 struct mbuf *m0; 1687 uint8_t *p; 1688 size_t len; 1689 1690 KASSERT(PPPOE_SESSION_LOCKED(sc)); /* required by pppoe_output(). */ 1691 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1692 1693 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1694 return EIO; 1695 1696 /* calc length */ 1697 len = 0; 1698 /* include ac_cookie */ 1699 len += 2 + 2 + sizeof(sc); 1700 /* include hunique */ 1701 len += 2 + 2 + sc->sc_hunique_len; 1702 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1703 if (!m0) 1704 return EIO; 1705 p = mtod(m0, uint8_t *); 1706 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1707 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1708 PPPOE_ADD_16(p, sizeof(sc)); 1709 memcpy(p, &sc, sizeof(sc)); 1710 p += sizeof(sc); 1711 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1712 PPPOE_ADD_16(p, sc->sc_hunique_len); 1713 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1714 return pppoe_output(sc, m0); 1715 } 1716 1717 static int 1718 pppoe_send_pads(struct pppoe_softc *sc) 1719 { 1720 struct bintime bt; 1721 struct mbuf *m0; 1722 uint8_t *p; 1723 size_t len, l1 = 0; /* XXX: gcc */ 1724 1725 KASSERT(PPPOE_SESSION_WLOCKED(sc)); 1726 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1727 1728 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1729 return EIO; 1730 1731 getbinuptime(&bt); 1732 sc->sc_session = bt.sec % 0xff + 1; 1733 /* calc length */ 1734 len = 0; 1735 /* include hunique */ 1736 len += 2 + 2 + 2 + 2 + sc->sc_hunique_len; /* service name, host unique*/ 1737 if (sc->sc_service_name != NULL) { /* service name tag maybe empty */ 1738 l1 = strlen(sc->sc_service_name); 1739 len += l1; 1740 } 1741 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1742 if (!m0) 1743 return ENOBUFS; 1744 p = mtod(m0, uint8_t *); 1745 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1746 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1747 if (sc->sc_service_name != NULL) { 1748 PPPOE_ADD_16(p, l1); 1749 memcpy(p, sc->sc_service_name, l1); 1750 p += l1; 1751 } else { 1752 PPPOE_ADD_16(p, 0); 1753 } 1754 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1755 PPPOE_ADD_16(p, sc->sc_hunique_len); 1756 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1757 return pppoe_output(sc, m0); 1758 } 1759 #endif 1760 1761 static void 1762 pppoe_tls(struct sppp *sp) 1763 { 1764 struct pppoe_softc *sc = (void *)sp; 1765 int wtime; 1766 1767 KASSERT(!PPPOE_SESSION_LOCKED(sc)); 1768 KASSERT(!PPPOE_PARAM_LOCKED(sc)); 1769 1770 PPPOE_SESSION_LOCK(sc, RW_READER); 1771 1772 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1773 PPPOE_SESSION_UNLOCK(sc); 1774 return; 1775 } 1776 1777 PPPOE_PARAM_LOCK(sc); 1778 1779 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1780 sc->sc_sppp.pp_auth_failures > 0) { 1781 /* 1782 * Delay trying to reconnect a bit more - the peer 1783 * might have failed to contact its radius server. 1784 */ 1785 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1786 if (wtime > PPPOE_SLOW_RETRY) 1787 wtime = PPPOE_SLOW_RETRY; 1788 } else { 1789 wtime = PPPOE_RECON_IMMEDIATE; 1790 } 1791 callout_reset(&sc->sc_timeout, wtime, pppoe_timeout, sc); 1792 1793 PPPOE_PARAM_UNLOCK(sc); 1794 PPPOE_SESSION_UNLOCK(sc); 1795 } 1796 1797 static void 1798 pppoe_tlf(struct sppp *sp) 1799 { 1800 struct pppoe_softc *sc = (void *)sp; 1801 1802 KASSERT(!PPPOE_SESSION_LOCKED(sc)); 1803 KASSERT(!PPPOE_PARAM_LOCKED(sc)); 1804 1805 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1806 1807 if (sc->sc_state < PPPOE_STATE_SESSION) { 1808 PPPOE_SESSION_UNLOCK(sc); 1809 return; 1810 } 1811 /* 1812 * Do not call pppoe_disconnect here, the upper layer state 1813 * machine gets confused by this. We must return from this 1814 * function and defer disconnecting to the timeout handler. 1815 */ 1816 sc->sc_state = PPPOE_STATE_CLOSING; 1817 PPPOE_PARAM_LOCK(sc); 1818 1819 callout_reset(&sc->sc_timeout, hz/50, pppoe_timeout, sc); 1820 1821 PPPOE_PARAM_UNLOCK(sc); 1822 PPPOE_SESSION_UNLOCK(sc); 1823 } 1824 1825 static void 1826 pppoe_start(struct ifnet *ifp) 1827 { 1828 struct pppoe_softc *sc = (void *)ifp; 1829 struct mbuf *m; 1830 uint8_t *p; 1831 size_t len; 1832 1833 if (sppp_isempty(ifp)) 1834 return; 1835 1836 /* are we ready to process data yet? */ 1837 if (sc->sc_state < PPPOE_STATE_SESSION) { 1838 sppp_flush(&sc->sc_sppp.pp_if); 1839 return; 1840 } 1841 1842 while ((m = sppp_dequeue(ifp)) != NULL) { 1843 len = m->m_pkthdr.len; 1844 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1845 if (m == NULL) { 1846 ifp->if_oerrors++; 1847 continue; 1848 } 1849 p = mtod(m, uint8_t *); 1850 PPPOE_SESSION_LOCK(sc, RW_READER); 1851 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1852 1853 bpf_mtap(&sc->sc_sppp.pp_if, m); 1854 1855 PPPOE_PARAM_LOCK(sc); 1856 pppoe_output(sc, m); 1857 PPPOE_PARAM_UNLOCK(sc); 1858 PPPOE_SESSION_UNLOCK(sc); 1859 } 1860 } 1861 1862 #ifdef PPPOE_MPSAFE 1863 static int 1864 pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1865 { 1866 struct pppoe_softc *sc = (void *)ifp; 1867 uint8_t *p; 1868 size_t len; 1869 1870 if (m == NULL) 1871 return EINVAL; 1872 1873 /* are we ready to process data yet? */ 1874 PPPOE_SESSION_LOCK(sc, RW_READER); 1875 if (sc->sc_state < PPPOE_STATE_SESSION) { 1876 PPPOE_SESSION_UNLOCK(sc); 1877 m_free(m); 1878 return ENOBUFS; 1879 } 1880 1881 len = m->m_pkthdr.len; 1882 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1883 if (m == NULL) { 1884 PPPOE_SESSION_UNLOCK(sc); 1885 ifp->if_oerrors++; 1886 return ENETDOWN; 1887 } 1888 p = mtod(m, uint8_t *); 1889 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1890 1891 bpf_mtap(&sc->sc_sppp.pp_if, m); 1892 1893 PPPOE_PARAM_LOCK(sc); 1894 pppoe_output(sc, m); 1895 PPPOE_PARAM_UNLOCK(sc); 1896 PPPOE_SESSION_UNLOCK(sc); 1897 return 0; 1898 } 1899 #endif /* PPPOE_MPSAFE */ 1900 1901 static void 1902 pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 1903 { 1904 struct ifnet *ifp = arg2; 1905 struct pppoe_softc *sc; 1906 DECLARE_SPLNET_VARIABLE; 1907 1908 if (cmd != PFIL_IFNET_DETACH) 1909 return; 1910 1911 ACQUIRE_SPLNET(); 1912 rw_enter(&pppoe_softc_list_lock, RW_READER); 1913 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 1914 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1915 if (sc->sc_eth_if != ifp) { 1916 PPPOE_SESSION_UNLOCK(sc); 1917 continue; 1918 } 1919 sppp_lock_enter(&sc->sc_sppp); 1920 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 1921 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 1922 printf("%s: ethernet interface detached, going down\n", 1923 sc->sc_sppp.pp_if.if_xname); 1924 } 1925 sppp_lock_exit(&sc->sc_sppp); 1926 sc->sc_eth_if = NULL; 1927 PPPOE_PARAM_LOCK(sc); 1928 pppoe_clear_softc(sc, "ethernet interface detached"); 1929 PPPOE_PARAM_UNLOCK(sc); 1930 PPPOE_SESSION_UNLOCK(sc); 1931 } 1932 rw_exit(&pppoe_softc_list_lock); 1933 RELEASE_SPLNET(); 1934 } 1935 1936 static void 1937 pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 1938 { 1939 KASSERT(PPPOE_SESSION_WLOCKED(sc)); 1940 KASSERT(PPPOE_PARAM_LOCKED(sc)); 1941 1942 /* stop timer */ 1943 callout_stop(&sc->sc_timeout); 1944 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1945 printf("%s: session 0x%x terminated, %s\n", 1946 sc->sc_sppp.pp_if.if_xname, sc->sc_session, message); 1947 1948 /* fix our state */ 1949 sc->sc_state = PPPOE_STATE_INITIAL; 1950 sc->sc_state_updating = 1; 1951 1952 PPPOE_PARAM_UNLOCK(sc); 1953 PPPOE_SESSION_UNLOCK(sc); 1954 1955 /* signal upper layer */ 1956 sppp_lock_enter(&sc->sc_sppp); 1957 sc->sc_sppp.pp_down(&sc->sc_sppp); 1958 sppp_lock_exit(&sc->sc_sppp); 1959 1960 PPPOE_SESSION_LOCK(sc, RW_WRITER); 1961 PPPOE_PARAM_LOCK(sc); 1962 1963 sc->sc_state_updating = 0; 1964 1965 /* clean up softc */ 1966 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1967 if (sc->sc_ac_cookie) { 1968 free(sc->sc_ac_cookie, M_DEVBUF); 1969 sc->sc_ac_cookie = NULL; 1970 } 1971 if (sc->sc_relay_sid) { 1972 free(sc->sc_relay_sid, M_DEVBUF); 1973 sc->sc_relay_sid = NULL; 1974 } 1975 sc->sc_ac_cookie_len = 0; 1976 sc->sc_session = 0; 1977 } 1978 1979 static void 1980 pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 1981 { 1982 if (m->m_flags & M_PROMISC) { 1983 m_free(m); 1984 return; 1985 } 1986 1987 #ifndef PPPOE_SERVER 1988 if (m->m_flags & (M_MCAST | M_BCAST)) { 1989 m_free(m); 1990 return; 1991 } 1992 #endif 1993 1994 IFQ_LOCK(inq); 1995 if (IF_QFULL(inq)) { 1996 IF_DROP(inq); 1997 IFQ_UNLOCK(inq); 1998 m_freem(m); 1999 } else { 2000 IF_ENQUEUE(inq, m); 2001 IFQ_UNLOCK(inq); 2002 softint_schedule(pppoe_softintr); 2003 } 2004 return; 2005 } 2006 2007 void 2008 pppoe_input(struct ifnet *ifp, struct mbuf *m) 2009 { 2010 pppoe_enqueue(&ppoeinq, m); 2011 return; 2012 } 2013 2014 void 2015 pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2016 { 2017 pppoe_enqueue(&ppoediscinq, m); 2018 return; 2019 } 2020 2021 static void 2022 sysctl_net_pppoe_setup(struct sysctllog **clog) 2023 { 2024 const struct sysctlnode *node = NULL; 2025 2026 sysctl_createv(clog, 0, NULL, &node, 2027 CTLFLAG_PERMANENT, 2028 CTLTYPE_NODE, "pppoe", 2029 SYSCTL_DESCR("PPPOE protocol"), 2030 NULL, 0, NULL, 0, 2031 CTL_NET, CTL_CREATE, CTL_EOL); 2032 2033 if (node == NULL) 2034 return; 2035 2036 sysctl_createv(clog, 0, &node, NULL, 2037 CTLFLAG_PERMANENT | CTLFLAG_READONLY, 2038 CTLTYPE_BOOL, "term_unknown", 2039 SYSCTL_DESCR("Terminate unknown sessions"), 2040 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2041 CTL_CREATE, CTL_EOL); 2042 } 2043 2044 /* 2045 * Module infrastructure 2046 */ 2047 #include "if_module.h" 2048 2049 IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2050