1 /* $NetBSD: if_pppoe.c,v 1.184 2024/07/05 04:31:53 rin Exp $ */ 2 3 /* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin (at) NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.184 2024/07/05 04:31:53 rin Exp $"); 34 35 #ifdef _KERNEL_OPT 36 #include "pppoe.h" 37 #include "opt_pppoe.h" 38 #include "opt_net_mpsafe.h" 39 #endif 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/atomic.h> 45 #include <sys/callout.h> 46 #include <sys/malloc.h> 47 #include <sys/mbuf.h> 48 #include <sys/socket.h> 49 #include <sys/proc.h> 50 #include <sys/ioctl.h> 51 #include <sys/kauth.h> 52 #include <sys/intr.h> 53 #include <sys/socketvar.h> 54 #include <sys/device.h> 55 #include <sys/module.h> 56 #include <sys/sysctl.h> 57 #include <sys/rwlock.h> 58 #include <sys/mutex.h> 59 #include <sys/psref.h> 60 #include <sys/cprng.h> 61 #include <sys/workqueue.h> 62 63 #include <net/if.h> 64 #include <net/if_types.h> 65 #include <net/if_ether.h> 66 #include <net/if_sppp.h> 67 #include <net/if_spppvar.h> 68 #include <net/if_pppoe.h> 69 #include <net/if_dl.h> 70 71 #include <net/bpf.h> 72 73 #include "ioconf.h" 74 75 #ifdef NET_MPSAFE 76 #define PPPOE_MPSAFE 1 77 #endif 78 79 #ifndef PPPOE_DEQUEUE_MAXLEN 80 #define PPPOE_DEQUEUE_MAXLEN IFQ_MAXLEN 81 #endif 82 83 struct pppoehdr { 84 uint8_t vertype; 85 uint8_t code; 86 uint16_t session; 87 uint16_t plen; 88 } __packed; 89 90 struct pppoetag { 91 uint16_t tag; 92 uint16_t len; 93 } __packed; 94 95 #define PPPOE_HEADERLEN sizeof(struct pppoehdr) 96 #define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 97 #define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 98 99 #define PPPOE_TAG_EOL 0x0000 /* end of list */ 100 #define PPPOE_TAG_SNAME 0x0101 /* service name */ 101 #define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 102 #define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 103 #define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 104 #define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 105 #define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 106 #define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 107 #define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 108 #define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 109 #define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 110 111 #define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 112 #define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 113 #define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 114 #define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 115 #define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 116 117 /* two byte PPP protocol discriminator, then IP data */ 118 #define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 119 120 /* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 121 #define PPPOE_ADD_16(PTR, VAL) \ 122 *(PTR)++ = (VAL) / 256; \ 123 *(PTR)++ = (VAL) % 256 124 125 /* Add a complete PPPoE header to the buffer pointed to by PTR */ 126 #define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 127 *(PTR)++ = PPPOE_VERTYPE; \ 128 *(PTR)++ = (CODE); \ 129 PPPOE_ADD_16(PTR, SESS); \ 130 PPPOE_ADD_16(PTR, LEN) 131 132 #define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 133 #define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 134 #define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 135 #define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 136 #define PPPOE_RECON_PADTRCVD (hz*5) /* reconnect delay after PADT received */ 137 #define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 138 #define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 139 140 #ifdef PPPOE_SERVER 141 /* from if_spppsubr.c */ 142 #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 143 #endif 144 145 #define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 146 #define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 147 #define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 148 149 #ifdef PPPOE_MPSAFE 150 #define DECLARE_SPLNET_VARIABLE 151 #define ACQUIRE_SPLNET() do { } while (0) 152 #define RELEASE_SPLNET() do { } while (0) 153 #else 154 #define DECLARE_SPLNET_VARIABLE int __s 155 #define ACQUIRE_SPLNET() do { \ 156 __s = splnet(); \ 157 } while (0) 158 #define RELEASE_SPLNET() do { \ 159 splx(__s); \ 160 } while (0) 161 #endif 162 163 #ifdef PPPOE_DEBUG 164 #define DPRINTF(_sc, _fmt, _arg...) pppoe_printf((_sc), (_fmt), ##_arg) 165 #else 166 #define DPRINTF(_sc, _fmt, _arg...) __nothing 167 #endif 168 169 struct pppoe_softc { 170 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 171 LIST_ENTRY(pppoe_softc) sc_list; 172 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 173 174 uint64_t sc_id; /* id of this softc, our hunique */ 175 int sc_state; /* discovery phase or session connected */ 176 struct ether_addr sc_dest; /* hardware address of concentrator */ 177 uint16_t sc_session; /* PPPoE session id */ 178 179 char *sc_service_name; /* if != NULL: requested name of service */ 180 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 181 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 182 size_t sc_ac_cookie_len; /* length of cookie data */ 183 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 184 size_t sc_relay_sid_len; /* length of relay SID data */ 185 #ifdef PPPOE_SERVER 186 uint8_t *sc_hunique; /* content of host unique we must echo back */ 187 size_t sc_hunique_len; /* length of host unique */ 188 #endif 189 callout_t sc_timeout; /* timeout while not in session state */ 190 struct workqueue *sc_timeout_wq; /* workqueue for timeout */ 191 struct work sc_timeout_wk; 192 u_int sc_timeout_scheduled; 193 int sc_padi_retried; /* number of PADI retries already done */ 194 int sc_padr_retried; /* number of PADR retries already done */ 195 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 196 bool sc_detaching; 197 }; 198 199 /* incoming traffic will be queued here */ 200 struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 201 struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 202 203 void *pppoe_softintr = NULL; 204 static void pppoe_softintr_handler(void *); 205 206 extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 207 208 /* input routines */ 209 static void pppoeintr(void); 210 static void pppoe_disc_input(struct mbuf *); 211 static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 212 static void pppoe_data_input(struct mbuf *); 213 static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 214 215 /* management routines */ 216 static int pppoe_connect(struct pppoe_softc *); 217 static int pppoe_disconnect(struct pppoe_softc *); 218 static void pppoe_abort_connect(struct pppoe_softc *); 219 static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 220 static void pppoe_tls(struct sppp *); 221 static void pppoe_tlf(struct sppp *); 222 static void pppoe_start(struct ifnet *); 223 #ifdef PPPOE_MPSAFE 224 static int pppoe_transmit(struct ifnet *, struct mbuf *); 225 #endif 226 static void pppoe_clear_softc(struct pppoe_softc *, const char *); 227 static void pppoe_printf(struct pppoe_softc *, const char *, ...); 228 229 /* internal timeout handling */ 230 static void pppoe_timeout_co(void *); 231 static void pppoe_timeout_co_halt(void *); 232 static void pppoe_timeout_wk(struct work *, void *); 233 static void pppoe_timeout(struct pppoe_softc *); 234 235 /* sending actual protocol control packets */ 236 static int pppoe_send_padi(struct pppoe_softc *); 237 static int pppoe_send_padr(struct pppoe_softc *); 238 #ifdef PPPOE_SERVER 239 static int pppoe_send_pado(struct pppoe_softc *); 240 static int pppoe_send_pads(struct pppoe_softc *); 241 #endif 242 static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 243 244 /* raw output */ 245 static int pppoe_output(struct pppoe_softc *, struct mbuf *); 246 247 /* internal helper functions */ 248 static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 249 krw_t); 250 static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 251 struct ifnet *, krw_t); 252 static struct mbuf *pppoe_get_mbuf(size_t len); 253 254 static void pppoe_ifattach_hook(void *, unsigned long, void *); 255 256 static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 257 static krwlock_t pppoe_softc_list_lock; 258 259 static int pppoe_clone_create(struct if_clone *, int); 260 static int pppoe_clone_destroy(struct ifnet *); 261 262 static bool pppoe_term_unknown = false; 263 static int pppoe_term_unknown_pps = 1; 264 265 static struct sysctllog *pppoe_sysctl_clog; 266 static void sysctl_net_pppoe_setup(struct sysctllog **); 267 268 static struct if_clone pppoe_cloner = 269 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 270 271 /* ARGSUSED */ 272 void 273 pppoeattach(int count) 274 { 275 276 /* 277 * Nothing to do here, initialization is handled by the 278 * module initialization code in pppoeinit() below). 279 */ 280 } 281 282 static void 283 pppoeinit(void) 284 { 285 286 LIST_INIT(&pppoe_softc_list); 287 rw_init(&pppoe_softc_list_lock); 288 if_clone_attach(&pppoe_cloner); 289 290 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 291 pppoe_softintr_handler, NULL); 292 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 293 294 IFQ_LOCK_INIT(&ppoediscinq); 295 IFQ_LOCK_INIT(&ppoeinq); 296 } 297 298 static int 299 pppoedetach(void) 300 { 301 int error = 0; 302 303 rw_enter(&pppoe_softc_list_lock, RW_READER); 304 if (!LIST_EMPTY(&pppoe_softc_list)) { 305 rw_exit(&pppoe_softc_list_lock); 306 error = EBUSY; 307 } 308 309 if (error == 0) { 310 if_clone_detach(&pppoe_cloner); 311 softint_disestablish(pppoe_softintr); 312 /* Remove our sysctl sub-tree */ 313 sysctl_teardown(&pppoe_sysctl_clog); 314 } 315 316 return error; 317 } 318 319 static void 320 pppoe_softc_genid(uint64_t *id) 321 { 322 struct pppoe_softc *sc; 323 uint64_t rndid; 324 325 rw_enter(&pppoe_softc_list_lock, RW_READER); 326 327 while (1) { 328 rndid = cprng_strong64(); 329 330 sc = NULL; 331 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 332 if (sc->sc_id == rndid) 333 break; 334 } 335 if (sc == NULL) { 336 break; 337 } 338 } 339 340 rw_exit(&pppoe_softc_list_lock); 341 *id = rndid; 342 } 343 344 static int 345 pppoe_clone_create(struct if_clone *ifc, int unit) 346 { 347 struct pppoe_softc *sc; 348 struct ifnet *ifp; 349 int rv; 350 351 sc = kmem_zalloc(sizeof(*sc), KM_SLEEP); 352 ifp = &sc->sc_sppp.pp_if; 353 354 rw_init(&sc->sc_lock); 355 pppoe_softc_genid(&sc->sc_id); 356 /* changed to real address later */ 357 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 358 359 if_initname(ifp, "pppoe", unit); 360 ifp->if_softc = sc; 361 ifp->if_mtu = PPPOE_MAXMTU; 362 ifp->if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 363 #ifdef PPPOE_MPSAFE 364 ifp->if_extflags = IFEF_MPSAFE; 365 #endif 366 ifp->if_type = IFT_PPP; 367 ifp->if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 368 ifp->if_dlt = DLT_PPP_ETHER; 369 ifp->if_ioctl = pppoe_ioctl; 370 ifp->if_start = pppoe_start; 371 #ifdef PPPOE_MPSAFE 372 ifp->if_transmit = pppoe_transmit; 373 #endif 374 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 375 IFQ_SET_READY(&ifp->if_snd); 376 377 sc->sc_sppp.pp_tls = pppoe_tls; 378 sc->sc_sppp.pp_tlf = pppoe_tlf; 379 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 380 PP_NOFRAMING; /* no serial encapsulation */ 381 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 382 383 rv = workqueue_create(&sc->sc_timeout_wq, 384 ifp->if_xname, pppoe_timeout_wk, sc, 385 PRI_SOFTNET, IPL_SOFTNET, 0); 386 if (rv != 0) 387 goto destroy_sclock; 388 389 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 390 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co, sc); 391 392 if_initialize(ifp); 393 394 ifp->if_percpuq = if_percpuq_create(ifp); 395 396 rw_enter(&pppoe_softc_list_lock, RW_READER); 397 if (LIST_EMPTY(&pppoe_softc_list)) { 398 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 399 } 400 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 401 rw_exit(&pppoe_softc_list_lock); 402 403 sppp_attach(ifp); 404 bpf_attach(ifp, DLT_PPP_ETHER, 0); 405 if_register(ifp); 406 407 return 0; 408 409 destroy_sclock: 410 rw_destroy(&sc->sc_lock); 411 kmem_free(sc, sizeof(*sc)); 412 413 return rv; 414 } 415 416 static int 417 pppoe_clone_destroy(struct ifnet *ifp) 418 { 419 struct pppoe_softc * sc = ifp->if_softc; 420 421 PPPOE_LOCK(sc, RW_WRITER); 422 /* stop ioctls */ 423 sc->sc_detaching = true; 424 425 if (ifp->if_flags & IFF_RUNNING) { 426 pppoe_clear_softc(sc, "destroy interface"); 427 sc->sc_eth_if = NULL; 428 } 429 PPPOE_UNLOCK(sc); 430 431 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 432 LIST_REMOVE(sc, sc_list); 433 434 if (LIST_EMPTY(&pppoe_softc_list)) { 435 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 436 } 437 rw_exit(&pppoe_softc_list_lock); 438 439 bpf_detach(ifp); 440 sppp_detach(&sc->sc_sppp.pp_if); 441 if_detach(ifp); 442 443 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co_halt, sc); 444 445 workqueue_wait(sc->sc_timeout_wq, &sc->sc_timeout_wk); 446 workqueue_destroy(sc->sc_timeout_wq); 447 448 callout_halt(&sc->sc_timeout, NULL); 449 callout_destroy(&sc->sc_timeout); 450 451 #ifdef PPPOE_SERVER 452 if (sc->sc_hunique) { 453 free(sc->sc_hunique, M_DEVBUF); 454 sc->sc_hunique = NULL; 455 sc->sc_hunique_len = 0; 456 } 457 #endif 458 if (sc->sc_concentrator_name) 459 free(sc->sc_concentrator_name, M_DEVBUF); 460 if (sc->sc_service_name) 461 free(sc->sc_service_name, M_DEVBUF); 462 if (sc->sc_ac_cookie) 463 free(sc->sc_ac_cookie, M_DEVBUF); 464 if (sc->sc_relay_sid) 465 free(sc->sc_relay_sid, M_DEVBUF); 466 467 rw_destroy(&sc->sc_lock); 468 469 kmem_free(sc, sizeof(*sc)); 470 471 return 0; 472 } 473 474 static void 475 pppoe_printf(struct pppoe_softc *sc, const char *fmt, ...) 476 { 477 va_list ap; 478 bool pppoe_debug; 479 480 #ifdef PPPOE_DEBUG 481 pppoe_debug = true; 482 #else 483 pppoe_debug = false; 484 #endif 485 486 if (sc == NULL) { 487 if (!pppoe_debug) 488 return; 489 490 printf("pppoe: "); 491 } else { 492 if (!ISSET(sc->sc_sppp.pp_if.if_flags, IFF_DEBUG)) 493 return; 494 495 printf("%s: ", sc->sc_sppp.pp_if.if_xname); 496 } 497 498 va_start(ap, fmt); 499 vprintf(fmt, ap); 500 va_end(ap); 501 } 502 503 /* 504 * Find the interface handling the specified session. 505 * Note: O(number of sessions open), this is a client-side only, mean 506 * and lean implementation, so number of open sessions typically should 507 * be 1. 508 */ 509 static struct pppoe_softc * 510 pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 511 { 512 struct pppoe_softc *sc = NULL; 513 514 if (session == 0) 515 return NULL; 516 rw_enter(&pppoe_softc_list_lock, RW_READER); 517 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 518 PPPOE_LOCK(sc, lock); 519 if ( sc->sc_state == PPPOE_STATE_SESSION 520 && sc->sc_session == session 521 && sc->sc_eth_if == rcvif) 522 break; 523 524 PPPOE_UNLOCK(sc); 525 } 526 rw_exit(&pppoe_softc_list_lock); 527 return sc; 528 } 529 530 /* Check host unique token passed and return appropriate softc pointer, 531 * or NULL if token is bogus. */ 532 static struct pppoe_softc * 533 pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 534 struct ifnet *rcvif, krw_t lock) 535 { 536 struct pppoe_softc *sc; 537 uint64_t t; 538 539 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 540 541 rw_enter(&pppoe_softc_list_lock, RW_READER); 542 if (LIST_EMPTY(&pppoe_softc_list)) { 543 rw_exit(&pppoe_softc_list_lock); 544 return NULL; 545 } 546 547 if (len != sizeof(sc->sc_id)) { 548 rw_exit(&pppoe_softc_list_lock); 549 return NULL; 550 } 551 memcpy(&t, token, len); 552 553 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 554 PPPOE_LOCK(sc, lock); 555 if (sc->sc_id == t && sc->sc_eth_if != NULL) { 556 break; 557 } 558 PPPOE_UNLOCK(sc); 559 } 560 rw_exit(&pppoe_softc_list_lock); 561 562 if (sc == NULL) { 563 pppoe_printf(NULL, "alien host unique tag" 564 ", no session found\n"); 565 return NULL; 566 } 567 568 /* should be safe to access *sc now */ 569 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 570 pppoe_printf(sc, "host unique tag found" 571 ", but it belongs to a connection in state %d\n", 572 sc->sc_state); 573 PPPOE_UNLOCK(sc); 574 return NULL; 575 } 576 if (sc->sc_eth_if != rcvif) { 577 pppoe_printf(sc, "wrong interface, not accepting host unique\n"); 578 PPPOE_UNLOCK(sc); 579 return NULL; 580 } 581 return sc; 582 } 583 584 static void 585 pppoe_softintr_handler(void *dummy) 586 { 587 /* called at splsoftnet() */ 588 pppoeintr(); 589 } 590 591 /* called at appropriate protection level */ 592 static void 593 pppoeintr(void) 594 { 595 struct mbuf *m; 596 int i; 597 598 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 599 600 for (i = 0; i < PPPOE_DEQUEUE_MAXLEN; i++) { 601 IFQ_LOCK(&ppoediscinq); 602 IF_DEQUEUE(&ppoediscinq, m); 603 IFQ_UNLOCK(&ppoediscinq); 604 if (m == NULL) 605 break; 606 pppoe_disc_input(m); 607 } 608 609 for (i = 0; i < PPPOE_DEQUEUE_MAXLEN; i++) { 610 IFQ_LOCK(&ppoeinq); 611 IF_DEQUEUE(&ppoeinq, m); 612 IFQ_UNLOCK(&ppoeinq); 613 if (m == NULL) 614 break; 615 pppoe_data_input(m); 616 } 617 618 #if PPPOE_DEQUEUE_MAXLEN < IFQ_MAXLEN 619 if (!IF_IS_EMPTY(&ppoediscinq) || !IF_IS_EMPTY(&ppoeinq)) 620 softint_schedule(pppoe_softintr); 621 #endif 622 623 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 624 } 625 626 /* analyze and handle a single received packet while not in session state */ 627 static void 628 pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 629 { 630 uint16_t tag, len; 631 uint16_t session, plen; 632 struct pppoe_softc *sc; 633 const char *err_msg; 634 char *error; 635 size_t dlen; 636 uint8_t *ac_cookie; 637 size_t ac_cookie_len; 638 uint8_t *relay_sid; 639 size_t relay_sid_len; 640 uint8_t *hunique; 641 size_t hunique_len; 642 struct pppoehdr *ph; 643 struct pppoetag *pt; 644 struct mbuf *n; 645 int noff, err, errortag; 646 struct ether_header *eh; 647 struct ifnet *rcvif; 648 struct psref psref; 649 650 if (m->m_len < sizeof(*eh)) { 651 m = m_pullup(m, sizeof(*eh)); 652 if (m == NULL) 653 goto done; 654 } 655 eh = mtod(m, struct ether_header *); 656 off += sizeof(*eh); 657 658 if (m->m_pkthdr.len - off < PPPOE_HEADERLEN) { 659 goto done; 660 } 661 662 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 663 if (ph == NULL) { 664 goto done; 665 } 666 if (ph->vertype != PPPOE_VERTYPE) { 667 goto done; 668 } 669 670 ac_cookie = NULL; 671 ac_cookie_len = 0; 672 relay_sid = NULL; 673 relay_sid_len = 0; 674 hunique = NULL; 675 hunique_len = 0; 676 677 session = ntohs(ph->session); 678 plen = ntohs(ph->plen); 679 off += sizeof(*ph); 680 681 if (plen + off > m->m_pkthdr.len) { 682 goto done; 683 } 684 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 685 686 tag = 0; 687 len = 0; 688 sc = NULL; 689 err_msg = NULL; 690 errortag = 0; 691 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 692 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 693 if (pt == NULL) { 694 goto done; 695 } 696 697 tag = ntohs(pt->tag); 698 len = ntohs(pt->len); 699 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 700 goto done; 701 } 702 switch (tag) { 703 case PPPOE_TAG_EOL: 704 goto breakbreak; 705 case PPPOE_TAG_SNAME: 706 break; /* ignored */ 707 case PPPOE_TAG_ACNAME: 708 if (len > 0) { 709 dlen = 4 * len + 1; 710 error = malloc(dlen, M_TEMP, M_NOWAIT); 711 if (error == NULL) 712 break; 713 714 n = m_pulldown(m, off + sizeof(*pt), len, 715 &noff); 716 if (!n) { 717 m = NULL; 718 free(error, M_TEMP); 719 goto done; 720 } 721 722 strnvisx(error, dlen, 723 mtod(n, char*) + noff, len, 724 VIS_SAFE | VIS_OCTAL); 725 pppoe_printf(NULL, "connected to %s\n", error); 726 free(error, M_TEMP); 727 } 728 break; /* ignored */ 729 case PPPOE_TAG_HUNIQUE: 730 if (hunique == NULL) { 731 n = m_pulldown(m, off + sizeof(*pt), len, 732 &noff); 733 if (!n) { 734 m = NULL; 735 err_msg = "TAG HUNIQUE ERROR"; 736 break; 737 } 738 739 hunique = mtod(n, uint8_t *) + noff; 740 hunique_len = len; 741 } 742 break; 743 case PPPOE_TAG_ACCOOKIE: 744 if (ac_cookie == NULL) { 745 n = m_pulldown(m, off + sizeof(*pt), len, 746 &noff); 747 if (!n) { 748 err_msg = "TAG ACCOOKIE ERROR"; 749 m = NULL; 750 break; 751 } 752 ac_cookie = mtod(n, char *) + noff; 753 ac_cookie_len = len; 754 } 755 break; 756 case PPPOE_TAG_RELAYSID: 757 if (relay_sid == NULL) { 758 n = m_pulldown(m, off + sizeof(*pt), len, 759 &noff); 760 if (!n) { 761 err_msg = "TAG RELAYSID ERROR"; 762 m = NULL; 763 break; 764 } 765 relay_sid = mtod(n, char *) + noff; 766 relay_sid_len = len; 767 } 768 break; 769 case PPPOE_TAG_SNAME_ERR: 770 err_msg = "SERVICE NAME ERROR"; 771 errortag = 1; 772 break; 773 case PPPOE_TAG_ACSYS_ERR: 774 err_msg = "AC SYSTEM ERROR"; 775 errortag = 1; 776 break; 777 case PPPOE_TAG_GENERIC_ERR: 778 err_msg = "GENERIC ERROR"; 779 errortag = 1; 780 break; 781 } 782 if (err_msg) { 783 error = NULL; 784 if (errortag && len) { 785 dlen = 4 * len + 1; 786 error = malloc(dlen, M_TEMP, 787 M_NOWAIT|M_ZERO); 788 n = m_pulldown(m, off + sizeof(*pt), len, 789 &noff); 790 if (!n) { 791 m = NULL; 792 } else if (error) { 793 strnvisx(error, dlen, 794 mtod(n, char*) + noff, len, 795 VIS_SAFE | VIS_OCTAL); 796 } 797 } 798 if (error) { 799 pppoe_printf(NULL, "%s: %s\n", err_msg, error); 800 free(error, M_TEMP); 801 } else 802 pppoe_printf(NULL, "%s\n", err_msg); 803 if (errortag || m == NULL) 804 goto done; 805 } 806 off += sizeof(*pt) + len; 807 } 808 breakbreak:; 809 810 switch (ph->code) { 811 case PPPOE_CODE_PADI: 812 #ifdef PPPOE_SERVER 813 /* 814 * got service name, concentrator name, and/or host unique. 815 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 816 */ 817 rw_enter(&pppoe_softc_list_lock, RW_READER); 818 if (LIST_EMPTY(&pppoe_softc_list)) { 819 rw_exit(&pppoe_softc_list_lock); 820 goto done; 821 } 822 823 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 824 PPPOE_LOCK(sc, RW_WRITER); 825 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 826 PPPOE_UNLOCK(sc); 827 continue; 828 } 829 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 830 PPPOE_UNLOCK(sc); 831 continue; 832 } 833 834 if (sc->sc_state == PPPOE_STATE_INITIAL) 835 break; 836 837 PPPOE_UNLOCK(sc); 838 } 839 rw_exit(&pppoe_softc_list_lock); 840 841 if (sc == NULL) { 842 goto done; 843 } 844 845 if (hunique) { 846 if (sc->sc_hunique) 847 free(sc->sc_hunique, M_DEVBUF); 848 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 849 M_DONTWAIT); 850 if (sc->sc_hunique == NULL) { 851 PPPOE_UNLOCK(sc); 852 goto done; 853 } 854 sc->sc_hunique_len = hunique_len; 855 memcpy(sc->sc_hunique, hunique, hunique_len); 856 } 857 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 858 sc->sc_state = PPPOE_STATE_PADO_SENT; 859 pppoe_send_pado(sc); 860 PPPOE_UNLOCK(sc); 861 break; 862 #endif /* PPPOE_SERVER */ 863 864 case PPPOE_CODE_PADR: 865 #ifdef PPPOE_SERVER 866 /* 867 * get sc from ac_cookie if IFF_PASSIVE 868 */ 869 if (ac_cookie == NULL) { 870 goto done; 871 } 872 873 rcvif = m_get_rcvif_psref(m, &psref); 874 if (__predict_true(rcvif != NULL)) { 875 sc = pppoe_find_softc_by_hunique(ac_cookie, 876 ac_cookie_len, rcvif, RW_WRITER); 877 } 878 m_put_rcvif_psref(rcvif, &psref); 879 if (sc == NULL) { 880 /* be quiet if there is not a single pppoe instance */ 881 rw_enter(&pppoe_softc_list_lock, RW_READER); 882 if (!LIST_EMPTY(&pppoe_softc_list)) { 883 pppoe_printf(NULL, "received PADR" 884 " but could not find request for it\n"); 885 } 886 rw_exit(&pppoe_softc_list_lock); 887 goto done; 888 } 889 890 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 891 pppoe_printf(sc, "received unexpected PADR\n"); 892 PPPOE_UNLOCK(sc); 893 goto done; 894 } 895 896 if (hunique) { 897 if (sc->sc_hunique) 898 free(sc->sc_hunique, M_DEVBUF); 899 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 900 M_DONTWAIT); 901 if (sc->sc_hunique == NULL) { 902 PPPOE_UNLOCK(sc); 903 goto done; 904 } 905 sc->sc_hunique_len = hunique_len; 906 memcpy(sc->sc_hunique, hunique, hunique_len); 907 } 908 pppoe_send_pads(sc); 909 sc->sc_state = PPPOE_STATE_SESSION; 910 PPPOE_UNLOCK(sc); 911 912 sc->sc_sppp.pp_up(&sc->sc_sppp); 913 break; 914 #else 915 /* ignore, we are no access concentrator */ 916 goto done; 917 #endif /* PPPOE_SERVER */ 918 919 case PPPOE_CODE_PADO: 920 rcvif = m_get_rcvif_psref(m, &psref); 921 if (__predict_false(rcvif == NULL)) 922 goto done; 923 924 if (hunique != NULL) { 925 sc = pppoe_find_softc_by_hunique(hunique, 926 hunique_len, rcvif, RW_WRITER); 927 } 928 929 m_put_rcvif_psref(rcvif, &psref); 930 931 if (sc == NULL) { 932 /* be quiet if there is not a single pppoe instance */ 933 rw_enter(&pppoe_softc_list_lock, RW_READER); 934 if (!LIST_EMPTY(&pppoe_softc_list)) { 935 pppoe_printf(NULL, "received PADO" 936 " but could not find request for it\n"); 937 } 938 rw_exit(&pppoe_softc_list_lock); 939 goto done; 940 } 941 942 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 943 pppoe_printf(sc, "received unexpected PADO\n"); 944 PPPOE_UNLOCK(sc); 945 goto done; 946 } 947 948 if (ac_cookie) { 949 if (sc->sc_ac_cookie) 950 free(sc->sc_ac_cookie, M_DEVBUF); 951 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 952 M_DONTWAIT); 953 if (sc->sc_ac_cookie == NULL) { 954 pppoe_printf(sc, "FATAL: could not allocate memory " 955 "for AC cookie\n"); 956 sc->sc_ac_cookie_len = 0; 957 PPPOE_UNLOCK(sc); 958 goto done; 959 } 960 sc->sc_ac_cookie_len = ac_cookie_len; 961 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 962 } else if (sc->sc_ac_cookie) { 963 free(sc->sc_ac_cookie, M_DEVBUF); 964 sc->sc_ac_cookie = NULL; 965 sc->sc_ac_cookie_len = 0; 966 } 967 if (relay_sid) { 968 if (sc->sc_relay_sid) 969 free(sc->sc_relay_sid, M_DEVBUF); 970 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 971 M_DONTWAIT); 972 if (sc->sc_relay_sid == NULL) { 973 pppoe_printf(sc, "FATAL: could not allocate memory " 974 "for relay SID\n"); 975 sc->sc_relay_sid_len = 0; 976 PPPOE_UNLOCK(sc); 977 goto done; 978 } 979 sc->sc_relay_sid_len = relay_sid_len; 980 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 981 } else if (sc->sc_relay_sid) { 982 free(sc->sc_relay_sid, M_DEVBUF); 983 sc->sc_relay_sid = NULL; 984 sc->sc_relay_sid_len = 0; 985 } 986 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 987 callout_stop(&sc->sc_timeout); 988 sc->sc_padr_retried = 0; 989 sc->sc_state = PPPOE_STATE_PADR_SENT; 990 if ((err = pppoe_send_padr(sc)) != 0) { 991 if (err == ENOBUFS) { 992 pppoe_printf(sc, "PADO is too large, drop it\n"); 993 /* 994 * Cannot send PADR generated by received PADO, 995 * so restart from sending PAD*I*. 996 */ 997 sc->sc_state = PPPOE_STATE_PADI_SENT; 998 callout_schedule(&sc->sc_timeout, 999 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1000 PPPOE_UNLOCK(sc); 1001 goto done; 1002 } 1003 1004 pppoe_printf(sc, 1005 "failed to send PADR, error=%d\n", err); 1006 } 1007 callout_schedule(&sc->sc_timeout, 1008 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1009 1010 PPPOE_UNLOCK(sc); 1011 break; 1012 1013 case PPPOE_CODE_PADS: 1014 rcvif = m_get_rcvif_psref(m, &psref); 1015 if (__predict_false(rcvif == NULL)) 1016 goto done; 1017 1018 if (hunique != NULL) { 1019 sc = pppoe_find_softc_by_hunique(hunique, 1020 hunique_len, rcvif, RW_WRITER); 1021 } 1022 1023 m_put_rcvif_psref(rcvif, &psref); 1024 1025 if (sc == NULL) 1026 goto done; 1027 1028 if (memcmp(&sc->sc_dest, eh->ether_shost, 1029 sizeof sc->sc_dest) != 0) { 1030 PPPOE_UNLOCK(sc); 1031 goto done; 1032 } 1033 1034 sc->sc_session = session; 1035 callout_stop(&sc->sc_timeout); 1036 pppoe_printf(sc, "session 0x%x connected\n", session); 1037 sc->sc_state = PPPOE_STATE_SESSION; 1038 PPPOE_UNLOCK(sc); 1039 1040 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 1041 break; 1042 1043 case PPPOE_CODE_PADT: 1044 rcvif = m_get_rcvif_psref(m, &psref); 1045 if (__predict_false(rcvif == NULL)) 1046 goto done; 1047 1048 sc = pppoe_find_softc_by_session(session, rcvif, 1049 RW_WRITER); 1050 1051 m_put_rcvif_psref(rcvif, &psref); 1052 1053 if (sc == NULL) 1054 goto done; 1055 1056 if (memcmp(&sc->sc_dest, eh->ether_shost, 1057 sizeof sc->sc_dest) != 0) { 1058 PPPOE_UNLOCK(sc); 1059 goto done; 1060 } 1061 1062 pppoe_clear_softc(sc, "received PADT"); 1063 if (sc->sc_sppp.pp_if.if_flags & IFF_RUNNING) { 1064 pppoe_printf(sc, "wait for reconnect\n"); 1065 callout_schedule(&sc->sc_timeout, 1066 PPPOE_RECON_PADTRCVD); 1067 } 1068 PPPOE_UNLOCK(sc); 1069 break; 1070 1071 default: 1072 rcvif = m_get_rcvif_psref(m, &psref); 1073 if (__predict_false(rcvif == NULL)) 1074 goto done; 1075 1076 if (hunique != NULL) { 1077 sc = pppoe_find_softc_by_hunique(hunique, 1078 hunique_len, rcvif, RW_READER); 1079 } 1080 1081 m_put_rcvif_psref(rcvif, &psref); 1082 1083 pppoe_printf(sc, "unknown code (0x%04x) session = 0x%04x\n", 1084 ph->code, session); 1085 if (sc == NULL) 1086 goto done; 1087 PPPOE_UNLOCK(sc); 1088 break; 1089 } 1090 1091 done: 1092 m_freem(m); 1093 return; 1094 } 1095 1096 static void 1097 pppoe_disc_input(struct mbuf *m) 1098 { 1099 KASSERT(m->m_flags & M_PKTHDR); 1100 1101 /* 1102 * Avoid error messages if there is not a single PPPoE instance. 1103 */ 1104 rw_enter(&pppoe_softc_list_lock, RW_READER); 1105 if (!LIST_EMPTY(&pppoe_softc_list)) { 1106 rw_exit(&pppoe_softc_list_lock); 1107 pppoe_dispatch_disc_pkt(m, 0); 1108 } else { 1109 rw_exit(&pppoe_softc_list_lock); 1110 m_freem(m); 1111 } 1112 } 1113 1114 static bool 1115 pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1116 { 1117 1118 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1119 return true; 1120 1121 return false; 1122 } 1123 1124 static void 1125 pppoe_data_input(struct mbuf *m) 1126 { 1127 uint16_t session, plen; 1128 struct pppoe_softc *sc; 1129 struct pppoehdr *ph; 1130 struct ifnet *rcvif; 1131 struct psref psref; 1132 uint8_t shost[ETHER_ADDR_LEN]; 1133 uint8_t dhost[ETHER_ADDR_LEN]; 1134 bool term_unknown = pppoe_term_unknown; 1135 1136 KASSERT(m->m_flags & M_PKTHDR); 1137 1138 /* 1139 * Avoid error messages if there is not a single PPPoE instance. 1140 */ 1141 rw_enter(&pppoe_softc_list_lock, RW_READER); 1142 if (LIST_EMPTY(&pppoe_softc_list)) { 1143 rw_exit(&pppoe_softc_list_lock); 1144 goto drop; 1145 } 1146 rw_exit(&pppoe_softc_list_lock); 1147 1148 if (term_unknown) { 1149 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1150 ETHER_ADDR_LEN); 1151 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1152 ETHER_ADDR_LEN); 1153 } 1154 m_adj(m, sizeof(struct ether_header)); 1155 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1156 goto drop; 1157 } 1158 1159 if (m->m_len < sizeof(*ph)) { 1160 m = m_pullup(m, sizeof(*ph)); 1161 if (m == NULL) { 1162 return; 1163 } 1164 } 1165 ph = mtod(m, struct pppoehdr *); 1166 1167 if (ph->vertype != PPPOE_VERTYPE) { 1168 goto drop; 1169 } 1170 if (ph->code != 0) { 1171 goto drop; 1172 } 1173 1174 session = ntohs(ph->session); 1175 rcvif = m_get_rcvif_psref(m, &psref); 1176 if (__predict_false(rcvif == NULL)) 1177 goto drop; 1178 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1179 if (sc == NULL) { 1180 if (term_unknown) { 1181 static struct timeval lasttime = {0, 0}; 1182 static int curpps = 0; 1183 /* 1184 * avoid to send wrong PADT which is response from 1185 * session stage packets for other hosts when parent 1186 * ethernet is promiscuous mode. 1187 */ 1188 if (pppoe_is_my_frame(dhost, rcvif) && 1189 ppsratecheck(&lasttime, &curpps, 1190 pppoe_term_unknown_pps)) { 1191 pppoe_printf(NULL, "input for unknown session %#x, " 1192 "sending PADT\n", session); 1193 pppoe_send_padt(rcvif, session, shost); 1194 } 1195 } 1196 m_put_rcvif_psref(rcvif, &psref); 1197 goto drop; 1198 } 1199 1200 m_put_rcvif_psref(rcvif, &psref); 1201 1202 plen = ntohs(ph->plen); 1203 1204 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1205 1206 m_adj(m, PPPOE_HEADERLEN); 1207 1208 #ifdef PPPOE_DEBUG 1209 { 1210 struct mbuf *p; 1211 1212 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1213 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1214 p = m; 1215 while (p) { 1216 printf(" l=%d", p->m_len); 1217 p = p->m_next; 1218 } 1219 printf("\n"); 1220 } 1221 #endif 1222 PPPOE_UNLOCK(sc); 1223 1224 if (m->m_pkthdr.len < plen) 1225 goto drop; 1226 1227 /* ignore trailing garbage */ 1228 m_adj(m, plen - m->m_pkthdr.len); 1229 /* 1230 * Fix incoming interface pointer (not the raw ethernet interface 1231 * anymore) 1232 */ 1233 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1234 1235 /* pass packet up and account for it */ 1236 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1237 sppp_input(&sc->sc_sppp.pp_if, m); 1238 return; 1239 1240 drop: 1241 m_freem(m); 1242 } 1243 1244 static int 1245 pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1246 { 1247 struct sockaddr dst; 1248 struct ether_header *eh; 1249 uint16_t etype; 1250 1251 if (sc->sc_eth_if == NULL) { 1252 m_freem(m); 1253 return EIO; 1254 } 1255 1256 memset(&dst, 0, sizeof dst); 1257 dst.sa_family = AF_UNSPEC; 1258 eh = (struct ether_header*)&dst.sa_data; 1259 etype = sc->sc_state == PPPOE_STATE_SESSION 1260 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1261 eh->ether_type = htons(etype); 1262 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1263 1264 DPRINTF(sc, "(%x) state=%d, session=0x%x output -> %s, len=%d\n", 1265 etype, sc->sc_state, sc->sc_session, 1266 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1267 1268 m->m_flags &= ~(M_BCAST|M_MCAST); 1269 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1270 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1271 } 1272 1273 static int 1274 pppoe_parm_cpyinstr(struct pppoe_softc *sc, 1275 char **dst, const void *src, size_t len) 1276 { 1277 int error = 0; 1278 char *next = NULL; 1279 size_t bufsiz, cpysiz, strsiz; 1280 1281 bufsiz = len + 1; 1282 1283 if (src == NULL) 1284 goto out; 1285 1286 bufsiz = len + 1; 1287 next = malloc(bufsiz, M_DEVBUF, M_WAITOK); 1288 if (next == NULL) 1289 return ENOMEM; 1290 1291 error = copyinstr(src, next, bufsiz, &cpysiz); 1292 if (error != 0) 1293 goto fail; 1294 if (cpysiz != bufsiz) { 1295 error = EINVAL; 1296 goto fail; 1297 } 1298 1299 strsiz = strnlen(next, bufsiz); 1300 if (strsiz == bufsiz) { 1301 error = EINVAL; 1302 goto fail; 1303 } 1304 1305 out: 1306 PPPOE_LOCK(sc, RW_WRITER); 1307 if (*dst != NULL) 1308 free(*dst, M_DEVBUF); 1309 *dst = next; 1310 next = NULL; 1311 PPPOE_UNLOCK(sc); 1312 fail: 1313 if (next != NULL) 1314 free(next, M_DEVBUF); 1315 1316 return error; 1317 } 1318 1319 static int 1320 pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1321 { 1322 struct lwp *l = curlwp; /* XXX */ 1323 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1324 struct ifreq *ifr = data; 1325 int error = 0; 1326 1327 switch (cmd) { 1328 case PPPOESETPARMS: 1329 { 1330 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1331 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1332 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1333 NULL) != 0) 1334 return EPERM; 1335 if (parms->eth_ifname[0] != 0) { 1336 struct ifnet *eth_if; 1337 1338 PPPOE_LOCK(sc, RW_WRITER); 1339 if (sc->sc_detaching) { 1340 PPPOE_UNLOCK(sc); 1341 return ENXIO; 1342 } 1343 eth_if = ifunit(parms->eth_ifname); 1344 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1345 sc->sc_eth_if = NULL; 1346 PPPOE_UNLOCK(sc); 1347 return ENXIO; 1348 } 1349 1350 if (sc->sc_sppp.pp_if.if_mtu != 1351 eth_if->if_mtu - PPPOE_OVERHEAD) { 1352 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1353 PPPOE_OVERHEAD; 1354 } 1355 sc->sc_eth_if = eth_if; 1356 PPPOE_UNLOCK(sc); 1357 } 1358 1359 error = pppoe_parm_cpyinstr(sc, &sc->sc_concentrator_name, 1360 parms->ac_name, parms->ac_name_len); 1361 if (error != 0) 1362 return error; 1363 1364 error = pppoe_parm_cpyinstr(sc, &sc->sc_service_name, 1365 parms->service_name, parms->service_name_len); 1366 if (error != 0) 1367 return error; 1368 return 0; 1369 } 1370 break; 1371 case PPPOEGETPARMS: 1372 { 1373 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1374 memset(parms, 0, sizeof *parms); 1375 PPPOE_LOCK(sc, RW_READER); 1376 if (sc->sc_eth_if) 1377 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1378 sizeof(parms->ifname)); 1379 PPPOE_UNLOCK(sc); 1380 return 0; 1381 } 1382 break; 1383 case PPPOEGETSESSION: 1384 { 1385 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1386 PPPOE_LOCK(sc, RW_READER); 1387 state->state = sc->sc_state; 1388 state->session_id = sc->sc_session; 1389 state->padi_retry_no = sc->sc_padi_retried; 1390 state->padr_retry_no = sc->sc_padr_retried; 1391 PPPOE_UNLOCK(sc); 1392 return 0; 1393 } 1394 break; 1395 case SIOCSIFFLAGS: 1396 /* 1397 * Prevent running re-establishment timers overriding 1398 * administrators choice. 1399 */ 1400 PPPOE_LOCK(sc, RW_WRITER); 1401 if (sc->sc_detaching) { 1402 PPPOE_UNLOCK(sc); 1403 return ENXIO; 1404 } 1405 1406 if ((ifr->ifr_flags & IFF_UP) == 0 1407 && sc->sc_state < PPPOE_STATE_SESSION) { 1408 callout_stop(&sc->sc_timeout); 1409 sc->sc_state = PPPOE_STATE_INITIAL; 1410 sc->sc_padi_retried = 0; 1411 sc->sc_padr_retried = 0; 1412 memcpy(&sc->sc_dest, etherbroadcastaddr, 1413 sizeof(sc->sc_dest)); 1414 } 1415 1416 PPPOE_UNLOCK(sc); 1417 1418 error = sppp_ioctl(ifp, cmd, data); 1419 1420 return error; 1421 case SIOCSIFMTU: 1422 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1423 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1424 return EINVAL; 1425 } 1426 /*FALLTHROUGH*/ 1427 default: 1428 return sppp_ioctl(ifp, cmd, data); 1429 } 1430 return 0; 1431 } 1432 1433 /* 1434 * Allocate a mbuf/cluster with space to store the given data length 1435 * of payload, leaving space for prepending an ethernet header 1436 * in front. 1437 */ 1438 static struct mbuf * 1439 pppoe_get_mbuf(size_t len) 1440 { 1441 struct mbuf *m; 1442 1443 if (len + sizeof(struct ether_header) > MCLBYTES) 1444 return NULL; 1445 1446 MGETHDR(m, M_DONTWAIT, MT_DATA); 1447 if (m == NULL) 1448 return NULL; 1449 if (len + sizeof(struct ether_header) > MHLEN) { 1450 MCLGET(m, M_DONTWAIT); 1451 if ((m->m_flags & M_EXT) == 0) { 1452 m_free(m); 1453 return NULL; 1454 } 1455 } 1456 m->m_data += sizeof(struct ether_header); 1457 m->m_len = len; 1458 m->m_pkthdr.len = len; 1459 m_reset_rcvif(m); 1460 1461 return m; 1462 } 1463 1464 static int 1465 pppoe_send_padi(struct pppoe_softc *sc) 1466 { 1467 struct mbuf *m0; 1468 int len, l1 = 0, l2 = 0; 1469 uint8_t *p; 1470 1471 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1472 panic("pppoe_send_padi in state %d", sc->sc_state); 1473 1474 /* Compute packet length. */ 1475 len = sizeof(struct pppoetag); 1476 if (sc->sc_service_name != NULL) { 1477 l1 = strlen(sc->sc_service_name); 1478 len += l1; 1479 } 1480 if (sc->sc_concentrator_name != NULL) { 1481 l2 = strlen(sc->sc_concentrator_name); 1482 len += sizeof(struct pppoetag) + l2; 1483 } 1484 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1485 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1486 len += sizeof(struct pppoetag) + 2; 1487 } 1488 1489 /* Allocate packet. */ 1490 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1491 if (m0 == NULL) 1492 return ENOBUFS; 1493 1494 /* Fill in packet. */ 1495 p = mtod(m0, uint8_t *); 1496 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1497 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1498 if (sc->sc_service_name != NULL) { 1499 PPPOE_ADD_16(p, l1); 1500 memcpy(p, sc->sc_service_name, l1); 1501 p += l1; 1502 } else { 1503 PPPOE_ADD_16(p, 0); 1504 } 1505 if (sc->sc_concentrator_name != NULL) { 1506 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1507 PPPOE_ADD_16(p, l2); 1508 memcpy(p, sc->sc_concentrator_name, l2); 1509 p += l2; 1510 } 1511 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1512 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1513 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1514 p += sizeof(sc->sc_id); 1515 1516 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1517 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1518 PPPOE_ADD_16(p, 2); 1519 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1520 } 1521 1522 #ifdef PPPOE_DEBUG 1523 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1524 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1525 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1526 #endif 1527 1528 /* Send packet. */ 1529 return pppoe_output(sc, m0); 1530 } 1531 1532 static void 1533 pppoe_timeout_co(void *arg) 1534 { 1535 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1536 1537 if (atomic_swap_uint(&sc->sc_timeout_scheduled, 1) != 0) 1538 return; 1539 1540 workqueue_enqueue(sc->sc_timeout_wq, &sc->sc_timeout_wk, NULL); 1541 } 1542 1543 static void 1544 pppoe_timeout_co_halt(void *unused __unused) 1545 { 1546 1547 /* do nothing to halt callout safely */ 1548 } 1549 1550 static void 1551 pppoe_timeout_wk(struct work *wk __unused, void *arg) 1552 { 1553 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1554 1555 atomic_swap_uint(&sc->sc_timeout_scheduled, 0); 1556 pppoe_timeout(sc); 1557 } 1558 1559 static void 1560 pppoe_timeout(struct pppoe_softc *sc) 1561 { 1562 int retry_wait, err; 1563 DECLARE_SPLNET_VARIABLE; 1564 1565 pppoe_printf(sc, "timeout\n"); 1566 1567 PPPOE_LOCK(sc, RW_WRITER); 1568 switch (sc->sc_state) { 1569 case PPPOE_STATE_INITIAL: 1570 /* delayed connect from pppoe_tls() */ 1571 if (!sc->sc_detaching) 1572 pppoe_connect(sc); 1573 break; 1574 case PPPOE_STATE_PADI_SENT: 1575 /* 1576 * We have two basic ways of retrying: 1577 * - Quick retry mode: try a few times in short sequence 1578 * - Slow retry mode: we already had a connection successfully 1579 * established and will try infinitely (without user 1580 * intervention) 1581 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1582 * is not set. 1583 */ 1584 1585 /* initialize for quick retry mode */ 1586 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1587 1588 ACQUIRE_SPLNET(); 1589 sc->sc_padi_retried++; 1590 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1591 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1592 /* slow retry mode */ 1593 retry_wait = PPPOE_SLOW_RETRY; 1594 } else { 1595 pppoe_abort_connect(sc); 1596 RELEASE_SPLNET(); 1597 PPPOE_UNLOCK(sc); 1598 return; 1599 } 1600 } 1601 if ((err = pppoe_send_padi(sc)) != 0) { 1602 sc->sc_padi_retried--; 1603 pppoe_printf(sc, 1604 "failed to transmit PADI, error=%d\n", err); 1605 } 1606 callout_schedule(&sc->sc_timeout,retry_wait); 1607 RELEASE_SPLNET(); 1608 break; 1609 1610 case PPPOE_STATE_PADR_SENT: 1611 ACQUIRE_SPLNET(); 1612 sc->sc_padr_retried++; 1613 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1614 memcpy(&sc->sc_dest, etherbroadcastaddr, 1615 sizeof(sc->sc_dest)); 1616 sc->sc_state = PPPOE_STATE_PADI_SENT; 1617 sc->sc_padi_retried = 0; 1618 sc->sc_padr_retried = 0; 1619 if ((err = pppoe_send_padi(sc)) != 0) { 1620 pppoe_printf(sc, 1621 "failed to send PADI, error=%d\n", err); 1622 } 1623 callout_schedule(&sc->sc_timeout, 1624 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1625 RELEASE_SPLNET(); 1626 PPPOE_UNLOCK(sc); 1627 return; 1628 } 1629 if ((err = pppoe_send_padr(sc)) != 0) { 1630 pppoe_printf(sc,"failed to send PADR, error=%d", err); 1631 } 1632 callout_schedule(&sc->sc_timeout, 1633 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1634 RELEASE_SPLNET(); 1635 break; 1636 case PPPOE_STATE_CLOSING: 1637 pppoe_disconnect(sc); 1638 break; 1639 default: 1640 PPPOE_UNLOCK(sc); 1641 return; /* all done, work in peace */ 1642 } 1643 PPPOE_UNLOCK(sc); 1644 } 1645 1646 /* Start a connection (i.e. initiate discovery phase) */ 1647 static int 1648 pppoe_connect(struct pppoe_softc *sc) 1649 { 1650 int err; 1651 DECLARE_SPLNET_VARIABLE; 1652 1653 KASSERT(PPPOE_WLOCKED(sc)); 1654 1655 if (sc->sc_state != PPPOE_STATE_INITIAL) 1656 return EBUSY; 1657 1658 #ifdef PPPOE_SERVER 1659 /* wait PADI if IFF_PASSIVE */ 1660 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1661 return 0; 1662 #endif 1663 ACQUIRE_SPLNET(); 1664 /* save state, in case we fail to send PADI */ 1665 sc->sc_state = PPPOE_STATE_PADI_SENT; 1666 sc->sc_padi_retried = 0; 1667 sc->sc_padr_retried = 0; 1668 err = pppoe_send_padi(sc); 1669 if (err != 0) 1670 pppoe_printf(sc, "failed to send PADI, error=%d\n", err); 1671 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1672 RELEASE_SPLNET(); 1673 return err; 1674 } 1675 1676 /* disconnect */ 1677 static int 1678 pppoe_disconnect(struct pppoe_softc *sc) 1679 { 1680 int err; 1681 DECLARE_SPLNET_VARIABLE; 1682 1683 KASSERT(PPPOE_WLOCKED(sc)); 1684 1685 ACQUIRE_SPLNET(); 1686 1687 if (sc->sc_state < PPPOE_STATE_SESSION) 1688 err = EBUSY; 1689 else { 1690 pppoe_printf(sc, "disconnecting\n"); 1691 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1692 (const uint8_t *)&sc->sc_dest); 1693 } 1694 1695 /* cleanup softc */ 1696 sc->sc_state = PPPOE_STATE_INITIAL; 1697 1698 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1699 if (sc->sc_ac_cookie) { 1700 free(sc->sc_ac_cookie, M_DEVBUF); 1701 sc->sc_ac_cookie = NULL; 1702 } 1703 sc->sc_ac_cookie_len = 0; 1704 if (sc->sc_relay_sid) { 1705 free(sc->sc_relay_sid, M_DEVBUF); 1706 sc->sc_relay_sid = NULL; 1707 } 1708 sc->sc_relay_sid_len = 0; 1709 #ifdef PPPOE_SERVER 1710 if (sc->sc_hunique) { 1711 free(sc->sc_hunique, M_DEVBUF); 1712 sc->sc_hunique = NULL; 1713 } 1714 sc->sc_hunique_len = 0; 1715 #endif 1716 sc->sc_session = 0; 1717 1718 PPPOE_UNLOCK(sc); 1719 1720 /* notify upper layer */ 1721 sc->sc_sppp.pp_down(&sc->sc_sppp); 1722 1723 PPPOE_LOCK(sc, RW_WRITER); 1724 1725 RELEASE_SPLNET(); 1726 return err; 1727 } 1728 1729 /* Connection attempt aborted */ 1730 static void 1731 pppoe_abort_connect(struct pppoe_softc *sc) 1732 { 1733 KASSERT(PPPOE_WLOCKED(sc)); 1734 1735 pppoe_printf(sc, "could not establish connection\n"); 1736 sc->sc_state = PPPOE_STATE_CLOSING; 1737 1738 PPPOE_UNLOCK(sc); 1739 1740 /* notify upper layer */ 1741 sc->sc_sppp.pp_down(&sc->sc_sppp); 1742 1743 PPPOE_LOCK(sc, RW_WRITER); 1744 1745 /* clear connection state */ 1746 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1747 sc->sc_state = PPPOE_STATE_INITIAL; 1748 } 1749 1750 static int 1751 pppoe_send_padr(struct pppoe_softc *sc) 1752 { 1753 struct mbuf *m0; 1754 uint8_t *p; 1755 size_t len, l1 = 0; 1756 1757 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1758 return EIO; 1759 1760 /* Compute packet length. */ 1761 len = sizeof(struct pppoetag); 1762 if (sc->sc_service_name != NULL) { 1763 l1 = strlen(sc->sc_service_name); 1764 len += l1; 1765 } 1766 if (sc->sc_ac_cookie_len > 0) { 1767 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1768 } 1769 if (sc->sc_relay_sid_len > 0) { 1770 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1771 } 1772 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1773 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1774 len += sizeof(struct pppoetag) + 2; 1775 } 1776 1777 /* Allocate packet. */ 1778 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1779 if (m0 == NULL) 1780 return ENOBUFS; 1781 1782 /* Fill in packet. */ 1783 p = mtod(m0, uint8_t *); 1784 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1785 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1786 if (sc->sc_service_name != NULL) { 1787 PPPOE_ADD_16(p, l1); 1788 memcpy(p, sc->sc_service_name, l1); 1789 p += l1; 1790 } else { 1791 PPPOE_ADD_16(p, 0); 1792 } 1793 if (sc->sc_ac_cookie_len > 0) { 1794 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1795 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1796 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1797 p += sc->sc_ac_cookie_len; 1798 } 1799 if (sc->sc_relay_sid_len > 0) { 1800 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1801 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1802 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1803 p += sc->sc_relay_sid_len; 1804 } 1805 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1806 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1807 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1808 p += sizeof(sc->sc_id); 1809 1810 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1811 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1812 PPPOE_ADD_16(p, 2); 1813 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1814 } 1815 1816 #ifdef PPPOE_DEBUG 1817 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1818 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1819 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1820 #endif 1821 1822 /* Send packet. */ 1823 return pppoe_output(sc, m0); 1824 } 1825 1826 /* send a PADT packet */ 1827 static int 1828 pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1829 { 1830 struct ether_header *eh; 1831 struct sockaddr dst; 1832 struct mbuf *m0; 1833 uint8_t *p; 1834 1835 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1836 if (!m0) 1837 return EIO; 1838 p = mtod(m0, uint8_t *); 1839 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1840 1841 memset(&dst, 0, sizeof dst); 1842 dst.sa_family = AF_UNSPEC; 1843 eh = (struct ether_header*)&dst.sa_data; 1844 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1845 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1846 1847 m0->m_flags &= ~(M_BCAST|M_MCAST); 1848 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1849 } 1850 1851 #ifdef PPPOE_SERVER 1852 static int 1853 pppoe_send_pado(struct pppoe_softc *sc) 1854 { 1855 struct mbuf *m0; 1856 uint8_t *p; 1857 size_t len; 1858 1859 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1860 return EIO; 1861 1862 /* Include AC cookie. */ 1863 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1864 /* Include hunique. */ 1865 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1866 1867 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1868 if (!m0) 1869 return EIO; 1870 p = mtod(m0, uint8_t *); 1871 1872 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1873 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1874 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1875 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1876 p += sizeof(sc->sc_id); 1877 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1878 PPPOE_ADD_16(p, sc->sc_hunique_len); 1879 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1880 return pppoe_output(sc, m0); 1881 } 1882 1883 static int 1884 pppoe_send_pads(struct pppoe_softc *sc) 1885 { 1886 struct bintime bt; 1887 struct mbuf *m0; 1888 uint8_t *p; 1889 size_t len, l1 = 0; /* XXX: gcc */ 1890 1891 KASSERT(PPPOE_WLOCKED(sc)); 1892 1893 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1894 return EIO; 1895 1896 getbinuptime(&bt); 1897 sc->sc_session = bt.sec % 0xff + 1; 1898 1899 /* Include service name. */ 1900 len = sizeof(struct pppoetag); 1901 if (sc->sc_service_name != NULL) { 1902 l1 = strlen(sc->sc_service_name); 1903 len += l1; 1904 } 1905 /* Include hunique. */ 1906 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1907 1908 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1909 if (!m0) 1910 return ENOBUFS; 1911 p = mtod(m0, uint8_t *); 1912 1913 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1914 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1915 if (sc->sc_service_name != NULL) { 1916 PPPOE_ADD_16(p, l1); 1917 memcpy(p, sc->sc_service_name, l1); 1918 p += l1; 1919 } else { 1920 PPPOE_ADD_16(p, 0); 1921 } 1922 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1923 PPPOE_ADD_16(p, sc->sc_hunique_len); 1924 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1925 return pppoe_output(sc, m0); 1926 } 1927 #endif 1928 1929 static void 1930 pppoe_tls(struct sppp *sp) 1931 { 1932 struct pppoe_softc *sc = (void *)sp; 1933 int wtime; 1934 1935 PPPOE_LOCK(sc, RW_READER); 1936 1937 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1938 PPPOE_UNLOCK(sc); 1939 return; 1940 } 1941 1942 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1943 sc->sc_sppp.pp_auth_failures > 0) { 1944 /* 1945 * Delay trying to reconnect a bit more - the peer 1946 * might have failed to contact its radius server. 1947 */ 1948 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1949 if (wtime > PPPOE_SLOW_RETRY) 1950 wtime = PPPOE_SLOW_RETRY; 1951 } else { 1952 wtime = PPPOE_RECON_IMMEDIATE; 1953 } 1954 callout_schedule(&sc->sc_timeout, wtime); 1955 1956 PPPOE_UNLOCK(sc); 1957 } 1958 1959 static void 1960 pppoe_tlf(struct sppp *sp) 1961 { 1962 struct pppoe_softc *sc = (void *)sp; 1963 1964 PPPOE_LOCK(sc, RW_WRITER); 1965 1966 if (sc->sc_state < PPPOE_STATE_SESSION) { 1967 callout_stop(&sc->sc_timeout); 1968 sc->sc_state = PPPOE_STATE_INITIAL; 1969 sc->sc_padi_retried = 0; 1970 sc->sc_padr_retried = 0; 1971 memcpy(&sc->sc_dest, etherbroadcastaddr, 1972 sizeof(sc->sc_dest)); 1973 PPPOE_UNLOCK(sc); 1974 return; 1975 } 1976 1977 /* 1978 * Do not call pppoe_disconnect here, the upper layer state 1979 * machine gets confused by this. We must return from this 1980 * function and defer disconnecting to the timeout handler. 1981 */ 1982 sc->sc_state = PPPOE_STATE_CLOSING; 1983 1984 callout_schedule(&sc->sc_timeout, hz/50); 1985 1986 PPPOE_UNLOCK(sc); 1987 } 1988 1989 static void 1990 pppoe_start(struct ifnet *ifp) 1991 { 1992 struct pppoe_softc *sc = (void *)ifp; 1993 struct mbuf *m; 1994 uint8_t *p; 1995 size_t len; 1996 1997 if (sppp_isempty(ifp)) 1998 return; 1999 2000 /* are we ready to process data yet? */ 2001 PPPOE_LOCK(sc, RW_READER); 2002 if (sc->sc_state < PPPOE_STATE_SESSION) { 2003 sppp_flush(&sc->sc_sppp.pp_if); 2004 PPPOE_UNLOCK(sc); 2005 return; 2006 } 2007 2008 while ((m = sppp_dequeue(ifp)) != NULL) { 2009 len = m->m_pkthdr.len; 2010 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 2011 if (m == NULL) { 2012 if_statinc(ifp, if_oerrors); 2013 continue; 2014 } 2015 p = mtod(m, uint8_t *); 2016 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 2017 2018 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 2019 2020 pppoe_output(sc, m); 2021 } 2022 PPPOE_UNLOCK(sc); 2023 } 2024 2025 #ifdef PPPOE_MPSAFE 2026 static int 2027 pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 2028 { 2029 struct pppoe_softc *sc = (void *)ifp; 2030 uint8_t *p; 2031 size_t len; 2032 2033 if (m == NULL) 2034 return EINVAL; 2035 2036 /* are we ready to process data yet? */ 2037 PPPOE_LOCK(sc, RW_READER); 2038 if (sc->sc_state < PPPOE_STATE_SESSION) { 2039 PPPOE_UNLOCK(sc); 2040 m_freem(m); 2041 return ENOBUFS; 2042 } 2043 2044 len = m->m_pkthdr.len; 2045 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 2046 if (m == NULL) { 2047 PPPOE_UNLOCK(sc); 2048 if_statinc(ifp, if_oerrors); 2049 return ENETDOWN; 2050 } 2051 p = mtod(m, uint8_t *); 2052 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 2053 2054 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 2055 2056 pppoe_output(sc, m); 2057 PPPOE_UNLOCK(sc); 2058 return 0; 2059 } 2060 #endif /* PPPOE_MPSAFE */ 2061 2062 static void 2063 pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 2064 { 2065 struct ifnet *ifp = arg2; 2066 struct pppoe_softc *sc; 2067 DECLARE_SPLNET_VARIABLE; 2068 2069 if (cmd != PFIL_IFNET_DETACH) 2070 return; 2071 2072 ACQUIRE_SPLNET(); 2073 rw_enter(&pppoe_softc_list_lock, RW_READER); 2074 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 2075 PPPOE_LOCK(sc, RW_WRITER); 2076 if (sc->sc_eth_if != ifp) { 2077 PPPOE_UNLOCK(sc); 2078 continue; 2079 } 2080 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 2081 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 2082 pppoe_printf(sc, 2083 "ethernet interface detached, going down\n"); 2084 } 2085 sc->sc_eth_if = NULL; 2086 pppoe_clear_softc(sc, "ethernet interface detached"); 2087 PPPOE_UNLOCK(sc); 2088 } 2089 rw_exit(&pppoe_softc_list_lock); 2090 RELEASE_SPLNET(); 2091 } 2092 2093 static void 2094 pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 2095 { 2096 KASSERT(PPPOE_WLOCKED(sc)); 2097 2098 /* stop timer */ 2099 callout_stop(&sc->sc_timeout); 2100 pppoe_printf(sc, "session 0x%x terminated, %s\n", 2101 sc->sc_session, message); 2102 2103 /* fix our state */ 2104 sc->sc_state = PPPOE_STATE_INITIAL; 2105 2106 PPPOE_UNLOCK(sc); 2107 2108 /* signal upper layer */ 2109 sc->sc_sppp.pp_down(&sc->sc_sppp); 2110 2111 PPPOE_LOCK(sc, RW_WRITER); 2112 2113 /* clean up softc */ 2114 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 2115 if (sc->sc_ac_cookie) { 2116 free(sc->sc_ac_cookie, M_DEVBUF); 2117 sc->sc_ac_cookie = NULL; 2118 } 2119 if (sc->sc_relay_sid) { 2120 free(sc->sc_relay_sid, M_DEVBUF); 2121 sc->sc_relay_sid = NULL; 2122 } 2123 sc->sc_ac_cookie_len = 0; 2124 sc->sc_session = 0; 2125 } 2126 2127 static void 2128 pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2129 { 2130 if (m->m_flags & M_PROMISC) { 2131 m_freem(m); 2132 return; 2133 } 2134 2135 #ifndef PPPOE_SERVER 2136 if (m->m_flags & (M_MCAST | M_BCAST)) { 2137 m_freem(m); 2138 return; 2139 } 2140 #endif 2141 2142 IFQ_LOCK(inq); 2143 if (IF_QFULL(inq)) { 2144 IF_DROP(inq); 2145 IFQ_UNLOCK(inq); 2146 m_freem(m); 2147 } else { 2148 IF_ENQUEUE(inq, m); 2149 IFQ_UNLOCK(inq); 2150 softint_schedule(pppoe_softintr); 2151 } 2152 return; 2153 } 2154 2155 void 2156 pppoe_input(struct ifnet *ifp, struct mbuf *m) 2157 { 2158 pppoe_enqueue(&ppoeinq, m); 2159 return; 2160 } 2161 2162 void 2163 pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2164 { 2165 pppoe_enqueue(&ppoediscinq, m); 2166 return; 2167 } 2168 2169 static void 2170 sysctl_net_pppoe_setup(struct sysctllog **clog) 2171 { 2172 const struct sysctlnode *node = NULL; 2173 extern pktq_rps_hash_func_t sppp_pktq_rps_hash_p; 2174 2175 sppp_pktq_rps_hash_p = pktq_rps_hash_default; 2176 2177 sysctl_createv(clog, 0, NULL, &node, 2178 CTLFLAG_PERMANENT, 2179 CTLTYPE_NODE, "pppoe", 2180 SYSCTL_DESCR("PPPOE protocol"), 2181 NULL, 0, NULL, 0, 2182 CTL_NET, CTL_CREATE, CTL_EOL); 2183 2184 if (node == NULL) 2185 return; 2186 2187 sysctl_createv(clog, 0, &node, NULL, 2188 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2189 CTLTYPE_BOOL, "term_unknown", 2190 SYSCTL_DESCR("Terminate unknown sessions"), 2191 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2192 CTL_CREATE, CTL_EOL); 2193 2194 sysctl_createv(clog, 0, &node, NULL, 2195 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2196 CTLTYPE_STRING, "rps_hash", 2197 SYSCTL_DESCR("Interface rps hash function control"), 2198 sysctl_pktq_rps_hash_handler, 0, (void *)&sppp_pktq_rps_hash_p, 2199 PKTQ_RPS_HASH_NAME_LEN, 2200 CTL_CREATE, CTL_EOL); 2201 } 2202 2203 /* 2204 * Module infrastructure 2205 */ 2206 #include "if_module.h" 2207 2208 IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2209
Indexes created Sat Sep 20 22:09:52 GMT 2025