if_pppoe.c revision 1.150
1 /* $NetBSD: if_pppoe.c,v 1.150 2020/09/18 09:48:56 yamaguchi Exp $ */ 2 3 /* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin (at) NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.150 2020/09/18 09:48:56 yamaguchi Exp $"); 34 35 #ifdef _KERNEL_OPT 36 #include "pppoe.h" 37 #include "opt_pppoe.h" 38 #include "opt_net_mpsafe.h" 39 #endif 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/callout.h> 45 #include <sys/malloc.h> 46 #include <sys/mbuf.h> 47 #include <sys/socket.h> 48 #include <sys/proc.h> 49 #include <sys/ioctl.h> 50 #include <sys/kauth.h> 51 #include <sys/intr.h> 52 #include <sys/socketvar.h> 53 #include <sys/device.h> 54 #include <sys/module.h> 55 #include <sys/sysctl.h> 56 #include <sys/rwlock.h> 57 #include <sys/mutex.h> 58 #include <sys/psref.h> 59 #include <sys/cprng.h> 60 61 #include <net/if.h> 62 #include <net/if_types.h> 63 #include <net/if_ether.h> 64 #include <net/if_sppp.h> 65 #include <net/if_spppvar.h> 66 #include <net/if_pppoe.h> 67 #include <net/if_dl.h> 68 69 #include <net/bpf.h> 70 71 #include "ioconf.h" 72 73 #ifdef NET_MPSAFE 74 #define PPPOE_MPSAFE 1 75 #endif 76 77 struct pppoehdr { 78 uint8_t vertype; 79 uint8_t code; 80 uint16_t session; 81 uint16_t plen; 82 } __packed; 83 84 struct pppoetag { 85 uint16_t tag; 86 uint16_t len; 87 } __packed; 88 89 #define PPPOE_HEADERLEN sizeof(struct pppoehdr) 90 #define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 91 #define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 92 93 #define PPPOE_TAG_EOL 0x0000 /* end of list */ 94 #define PPPOE_TAG_SNAME 0x0101 /* service name */ 95 #define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 96 #define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 97 #define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 98 #define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 99 #define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 100 #define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 101 #define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 102 #define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 103 #define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 104 105 #define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 106 #define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 107 #define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 108 #define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 109 #define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 110 111 /* two byte PPP protocol discriminator, then IP data */ 112 #define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 113 114 /* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 115 #define PPPOE_ADD_16(PTR, VAL) \ 116 *(PTR)++ = (VAL) / 256; \ 117 *(PTR)++ = (VAL) % 256 118 119 /* Add a complete PPPoE header to the buffer pointed to by PTR */ 120 #define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 121 *(PTR)++ = PPPOE_VERTYPE; \ 122 *(PTR)++ = (CODE); \ 123 PPPOE_ADD_16(PTR, SESS); \ 124 PPPOE_ADD_16(PTR, LEN) 125 126 #define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 127 #define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 128 #define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 129 #define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 130 #define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 131 #define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 132 133 #ifdef PPPOE_SERVER 134 /* from if_spppsubr.c */ 135 #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 136 #endif 137 138 #define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 139 #define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 140 #define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 141 142 #ifdef PPPOE_MPSAFE 143 #define DECLARE_SPLNET_VARIABLE 144 #define ACQUIRE_SPLNET() do { } while (0) 145 #define RELEASE_SPLNET() do { } while (0) 146 #else 147 #define DECLARE_SPLNET_VARIABLE int __s 148 #define ACQUIRE_SPLNET() do { \ 149 __s = splnet(); \ 150 } while (0) 151 #define RELEASE_SPLNET() do { \ 152 splx(__s); \ 153 } while (0) 154 #endif 155 156 struct pppoe_softc { 157 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 158 LIST_ENTRY(pppoe_softc) sc_list; 159 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 160 161 uint64_t sc_id; /* id of this softc, our hunique */ 162 int sc_state; /* discovery phase or session connected */ 163 struct ether_addr sc_dest; /* hardware address of concentrator */ 164 uint16_t sc_session; /* PPPoE session id */ 165 166 char *sc_service_name; /* if != NULL: requested name of service */ 167 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 168 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 169 size_t sc_ac_cookie_len; /* length of cookie data */ 170 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 171 size_t sc_relay_sid_len; /* length of relay SID data */ 172 #ifdef PPPOE_SERVER 173 uint8_t *sc_hunique; /* content of host unique we must echo back */ 174 size_t sc_hunique_len; /* length of host unique */ 175 #endif 176 callout_t sc_timeout; /* timeout while not in session state */ 177 int sc_padi_retried; /* number of PADI retries already done */ 178 int sc_padr_retried; /* number of PADR retries already done */ 179 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 180 }; 181 182 /* incoming traffic will be queued here */ 183 struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 184 struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 185 186 void *pppoe_softintr = NULL; 187 static void pppoe_softintr_handler(void *); 188 189 extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 190 191 /* input routines */ 192 static void pppoeintr(void); 193 static void pppoe_disc_input(struct mbuf *); 194 static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 195 static void pppoe_data_input(struct mbuf *); 196 static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 197 198 /* management routines */ 199 static int pppoe_connect(struct pppoe_softc *); 200 static int pppoe_disconnect(struct pppoe_softc *); 201 static void pppoe_abort_connect(struct pppoe_softc *); 202 static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 203 static void pppoe_tls(struct sppp *); 204 static void pppoe_tlf(struct sppp *); 205 static void pppoe_start(struct ifnet *); 206 #ifdef PPPOE_MPSAFE 207 static int pppoe_transmit(struct ifnet *, struct mbuf *); 208 #endif 209 static void pppoe_clear_softc(struct pppoe_softc *, const char *); 210 211 /* internal timeout handling */ 212 static void pppoe_timeout(void *); 213 214 /* sending actual protocol controll packets */ 215 static int pppoe_send_padi(struct pppoe_softc *); 216 static int pppoe_send_padr(struct pppoe_softc *); 217 #ifdef PPPOE_SERVER 218 static int pppoe_send_pado(struct pppoe_softc *); 219 static int pppoe_send_pads(struct pppoe_softc *); 220 #endif 221 static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 222 223 /* raw output */ 224 static int pppoe_output(struct pppoe_softc *, struct mbuf *); 225 226 /* internal helper functions */ 227 static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 228 krw_t); 229 static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 230 struct ifnet *, krw_t); 231 static struct mbuf *pppoe_get_mbuf(size_t len); 232 233 static void pppoe_ifattach_hook(void *, unsigned long, void *); 234 235 static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 236 static krwlock_t pppoe_softc_list_lock; 237 238 static int pppoe_clone_create(struct if_clone *, int); 239 static int pppoe_clone_destroy(struct ifnet *); 240 241 static bool pppoe_term_unknown = false; 242 static int pppoe_term_unknown_pps = 1; 243 244 static struct sysctllog *pppoe_sysctl_clog; 245 static void sysctl_net_pppoe_setup(struct sysctllog **); 246 247 static struct if_clone pppoe_cloner = 248 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 249 250 /* ARGSUSED */ 251 void 252 pppoeattach(int count) 253 { 254 255 /* 256 * Nothing to do here, initialization is handled by the 257 * module initialization code in pppoeinit() below). 258 */ 259 } 260 261 static void 262 pppoeinit(void) 263 { 264 265 LIST_INIT(&pppoe_softc_list); 266 rw_init(&pppoe_softc_list_lock); 267 if_clone_attach(&pppoe_cloner); 268 269 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 270 pppoe_softintr_handler, NULL); 271 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 272 273 IFQ_LOCK_INIT(&ppoediscinq); 274 IFQ_LOCK_INIT(&ppoeinq); 275 } 276 277 static int 278 pppoedetach(void) 279 { 280 int error = 0; 281 282 rw_enter(&pppoe_softc_list_lock, RW_READER); 283 if (!LIST_EMPTY(&pppoe_softc_list)) { 284 rw_exit(&pppoe_softc_list_lock); 285 error = EBUSY; 286 } 287 288 if (error == 0) { 289 if_clone_detach(&pppoe_cloner); 290 softint_disestablish(pppoe_softintr); 291 /* Remove our sysctl sub-tree */ 292 sysctl_teardown(&pppoe_sysctl_clog); 293 } 294 295 return error; 296 } 297 298 static void 299 pppoe_softc_genid(uint64_t *id) 300 { 301 struct pppoe_softc *sc; 302 uint64_t rndid; 303 304 rw_enter(&pppoe_softc_list_lock, RW_READER); 305 306 while (1) { 307 rndid = cprng_strong64(); 308 309 sc = NULL; 310 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 311 if (sc->sc_id == rndid) 312 break; 313 } 314 if (sc == NULL) { 315 break; 316 } 317 } 318 319 rw_exit(&pppoe_softc_list_lock); 320 *id = rndid; 321 } 322 323 static int 324 pppoe_clone_create(struct if_clone *ifc, int unit) 325 { 326 struct pppoe_softc *sc; 327 int rv; 328 329 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 330 331 pppoe_softc_genid(&sc->sc_id); 332 333 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 334 sc->sc_sppp.pp_if.if_softc = sc; 335 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 336 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 337 #ifdef PPPOE_MPSAFE 338 sc->sc_sppp.pp_if.if_extflags = IFEF_MPSAFE; 339 #endif 340 sc->sc_sppp.pp_if.if_type = IFT_PPP; 341 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 342 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 343 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 344 PP_NOFRAMING; /* no serial encapsulation */ 345 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 346 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 347 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 348 349 /* changed to real address later */ 350 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 351 352 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 353 callout_setfunc(&sc->sc_timeout, pppoe_timeout, sc); 354 355 sc->sc_sppp.pp_if.if_start = pppoe_start; 356 #ifdef PPPOE_MPSAFE 357 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 358 #endif 359 sc->sc_sppp.pp_tls = pppoe_tls; 360 sc->sc_sppp.pp_tlf = pppoe_tlf; 361 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 362 363 rv = if_initialize(&sc->sc_sppp.pp_if); 364 if (rv != 0) { 365 callout_halt(&sc->sc_timeout, NULL); 366 callout_destroy(&sc->sc_timeout); 367 free(sc, M_DEVBUF); 368 return rv; 369 } 370 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 371 sppp_attach(&sc->sc_sppp.pp_if); 372 373 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 374 rw_enter(&pppoe_softc_list_lock, RW_READER); 375 if (LIST_EMPTY(&pppoe_softc_list)) { 376 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 377 } 378 rw_exit(&pppoe_softc_list_lock); 379 380 if_register(&sc->sc_sppp.pp_if); 381 382 rw_init(&sc->sc_lock); 383 384 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 385 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 386 rw_exit(&pppoe_softc_list_lock); 387 return 0; 388 } 389 390 static int 391 pppoe_clone_destroy(struct ifnet *ifp) 392 { 393 struct pppoe_softc * sc = ifp->if_softc; 394 395 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 396 397 PPPOE_LOCK(sc, RW_WRITER); 398 callout_halt(&sc->sc_timeout, NULL); 399 400 LIST_REMOVE(sc, sc_list); 401 402 if (LIST_EMPTY(&pppoe_softc_list)) { 403 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 404 } 405 rw_exit(&pppoe_softc_list_lock); 406 407 bpf_detach(ifp); 408 sppp_detach(&sc->sc_sppp.pp_if); 409 if_detach(ifp); 410 if (sc->sc_concentrator_name) 411 free(sc->sc_concentrator_name, M_DEVBUF); 412 if (sc->sc_service_name) 413 free(sc->sc_service_name, M_DEVBUF); 414 if (sc->sc_ac_cookie) 415 free(sc->sc_ac_cookie, M_DEVBUF); 416 if (sc->sc_relay_sid) 417 free(sc->sc_relay_sid, M_DEVBUF); 418 callout_destroy(&sc->sc_timeout); 419 420 PPPOE_UNLOCK(sc); 421 rw_destroy(&sc->sc_lock); 422 423 free(sc, M_DEVBUF); 424 425 return 0; 426 } 427 428 /* 429 * Find the interface handling the specified session. 430 * Note: O(number of sessions open), this is a client-side only, mean 431 * and lean implementation, so number of open sessions typically should 432 * be 1. 433 */ 434 static struct pppoe_softc * 435 pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 436 { 437 struct pppoe_softc *sc = NULL; 438 439 if (session == 0) 440 return NULL; 441 rw_enter(&pppoe_softc_list_lock, RW_READER); 442 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 443 PPPOE_LOCK(sc, lock); 444 if ( sc->sc_state == PPPOE_STATE_SESSION 445 && sc->sc_session == session 446 && sc->sc_eth_if == rcvif) 447 break; 448 449 PPPOE_UNLOCK(sc); 450 } 451 rw_exit(&pppoe_softc_list_lock); 452 return sc; 453 } 454 455 /* Check host unique token passed and return appropriate softc pointer, 456 * or NULL if token is bogus. */ 457 static struct pppoe_softc * 458 pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 459 struct ifnet *rcvif, krw_t lock) 460 { 461 struct pppoe_softc *sc; 462 uint64_t t; 463 464 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 465 466 rw_enter(&pppoe_softc_list_lock, RW_READER); 467 if (LIST_EMPTY(&pppoe_softc_list)) { 468 rw_exit(&pppoe_softc_list_lock); 469 return NULL; 470 } 471 472 if (len != sizeof(sc->sc_id)) { 473 rw_exit(&pppoe_softc_list_lock); 474 return NULL; 475 } 476 memcpy(&t, token, len); 477 478 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 479 if (sc->sc_id == t) { 480 PPPOE_LOCK(sc, lock); 481 break; 482 } 483 } 484 rw_exit(&pppoe_softc_list_lock); 485 486 if (sc == NULL) { 487 #ifdef PPPOE_DEBUG 488 printf("pppoe: alien host unique tag, no session found\n"); 489 #endif 490 return NULL; 491 } 492 493 /* should be safe to access *sc now */ 494 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 495 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 496 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 497 PPPOE_UNLOCK(sc); 498 return NULL; 499 } 500 if (sc->sc_eth_if != rcvif) { 501 printf("%s: wrong interface, not accepting host unique\n", 502 sc->sc_sppp.pp_if.if_xname); 503 PPPOE_UNLOCK(sc); 504 return NULL; 505 } 506 return sc; 507 } 508 509 static void 510 pppoe_softintr_handler(void *dummy) 511 { 512 /* called at splsoftnet() */ 513 pppoeintr(); 514 } 515 516 /* called at appropriate protection level */ 517 static void 518 pppoeintr(void) 519 { 520 struct mbuf *m; 521 int disc_done, data_done; 522 523 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 524 525 do { 526 disc_done = 0; 527 data_done = 0; 528 for (;;) { 529 IFQ_LOCK(&ppoediscinq); 530 IF_DEQUEUE(&ppoediscinq, m); 531 IFQ_UNLOCK(&ppoediscinq); 532 if (m == NULL) 533 break; 534 disc_done = 1; 535 pppoe_disc_input(m); 536 } 537 538 for (;;) { 539 IFQ_LOCK(&ppoeinq); 540 IF_DEQUEUE(&ppoeinq, m); 541 IFQ_UNLOCK(&ppoeinq); 542 if (m == NULL) 543 break; 544 data_done = 1; 545 pppoe_data_input(m); 546 } 547 } while (disc_done || data_done); 548 549 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 550 } 551 552 /* analyze and handle a single received packet while not in session state */ 553 static void 554 pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 555 { 556 uint16_t tag, len; 557 uint16_t session, plen; 558 struct pppoe_softc *sc; 559 const char *err_msg; 560 char devname[IF_NAMESIZE]; 561 char *error; 562 size_t dlen; 563 uint8_t *ac_cookie; 564 size_t ac_cookie_len; 565 uint8_t *relay_sid; 566 size_t relay_sid_len; 567 uint8_t *hunique; 568 size_t hunique_len; 569 struct pppoehdr *ph; 570 struct pppoetag *pt; 571 struct mbuf *n; 572 int noff, err, errortag; 573 struct ether_header *eh; 574 struct ifnet *rcvif; 575 struct psref psref; 576 577 if (m->m_len < sizeof(*eh)) { 578 m = m_pullup(m, sizeof(*eh)); 579 if (m == NULL) 580 goto done; 581 } 582 eh = mtod(m, struct ether_header *); 583 off += sizeof(*eh); 584 585 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 586 goto done; 587 } 588 589 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 590 if (ph == NULL) { 591 goto done; 592 } 593 if (ph->vertype != PPPOE_VERTYPE) { 594 goto done; 595 } 596 597 ac_cookie = NULL; 598 ac_cookie_len = 0; 599 relay_sid = NULL; 600 relay_sid_len = 0; 601 hunique = NULL; 602 hunique_len = 0; 603 604 session = ntohs(ph->session); 605 plen = ntohs(ph->plen); 606 off += sizeof(*ph); 607 608 if (plen + off > m->m_pkthdr.len) { 609 goto done; 610 } 611 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 612 613 tag = 0; 614 len = 0; 615 sc = NULL; 616 err_msg = NULL; 617 errortag = 0; 618 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 619 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 620 if (pt == NULL) { 621 goto done; 622 } 623 624 tag = ntohs(pt->tag); 625 len = ntohs(pt->len); 626 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 627 goto done; 628 } 629 switch (tag) { 630 case PPPOE_TAG_EOL: 631 goto breakbreak; 632 case PPPOE_TAG_SNAME: 633 break; /* ignored */ 634 case PPPOE_TAG_ACNAME: 635 if (len > 0) { 636 dlen = 4 * len + 1; 637 error = malloc(dlen, M_TEMP, M_NOWAIT); 638 if (error == NULL) 639 break; 640 641 n = m_pulldown(m, off + sizeof(*pt), len, 642 &noff); 643 if (!n) { 644 m = NULL; 645 free(error, M_TEMP); 646 goto done; 647 } 648 649 strnvisx(error, dlen, 650 mtod(n, char*) + noff, len, 651 VIS_SAFE | VIS_OCTAL); 652 printf("pppoe: connected to %s\n", error); 653 free(error, M_TEMP); 654 } 655 break; /* ignored */ 656 case PPPOE_TAG_HUNIQUE: 657 if (hunique == NULL) { 658 n = m_pulldown(m, off + sizeof(*pt), len, 659 &noff); 660 if (!n) { 661 m = NULL; 662 err_msg = "TAG HUNIQUE ERROR"; 663 break; 664 } 665 666 hunique = mtod(n, uint8_t *) + noff; 667 hunique_len = len; 668 } 669 break; 670 case PPPOE_TAG_ACCOOKIE: 671 if (ac_cookie == NULL) { 672 n = m_pulldown(m, off + sizeof(*pt), len, 673 &noff); 674 if (!n) { 675 err_msg = "TAG ACCOOKIE ERROR"; 676 m = NULL; 677 break; 678 } 679 ac_cookie = mtod(n, char *) + noff; 680 ac_cookie_len = len; 681 } 682 break; 683 case PPPOE_TAG_RELAYSID: 684 if (relay_sid == NULL) { 685 n = m_pulldown(m, off + sizeof(*pt), len, 686 &noff); 687 if (!n) { 688 err_msg = "TAG RELAYSID ERROR"; 689 m = NULL; 690 break; 691 } 692 relay_sid = mtod(n, char *) + noff; 693 relay_sid_len = len; 694 } 695 break; 696 case PPPOE_TAG_SNAME_ERR: 697 err_msg = "SERVICE NAME ERROR"; 698 errortag = 1; 699 break; 700 case PPPOE_TAG_ACSYS_ERR: 701 err_msg = "AC SYSTEM ERROR"; 702 errortag = 1; 703 break; 704 case PPPOE_TAG_GENERIC_ERR: 705 err_msg = "GENERIC ERROR"; 706 errortag = 1; 707 break; 708 } 709 if (err_msg) { 710 error = NULL; 711 if (errortag && len) { 712 dlen = 4 * len + 1; 713 error = malloc(dlen, M_TEMP, 714 M_NOWAIT|M_ZERO); 715 n = m_pulldown(m, off + sizeof(*pt), len, 716 &noff); 717 if (!n) { 718 m = NULL; 719 } else if (error) { 720 strnvisx(error, dlen, 721 mtod(n, char*) + noff, len, 722 VIS_SAFE | VIS_OCTAL); 723 } 724 } 725 if (error) { 726 printf("pppoe: %s: %s\n", err_msg, error); 727 free(error, M_TEMP); 728 } else 729 printf("pppoe: %s\n", err_msg); 730 if (errortag || m == NULL) 731 goto done; 732 } 733 off += sizeof(*pt) + len; 734 } 735 breakbreak:; 736 737 switch (ph->code) { 738 case PPPOE_CODE_PADI: 739 #ifdef PPPOE_SERVER 740 /* 741 * got service name, concentrator name, and/or host unique. 742 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 743 */ 744 rw_enter(&pppoe_softc_list_lock, RW_READER); 745 if (LIST_EMPTY(&pppoe_softc_list)) { 746 rw_exit(&pppoe_softc_list_lock); 747 goto done; 748 } 749 750 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 751 PPPOE_LOCK(sc, RW_WRITER); 752 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 753 PPPOE_UNLOCK(sc); 754 continue; 755 } 756 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 757 PPPOE_UNLOCK(sc); 758 continue; 759 } 760 761 if (sc->sc_state == PPPOE_STATE_INITIAL) 762 break; 763 764 PPPOE_UNLOCK(sc); 765 } 766 rw_exit(&pppoe_softc_list_lock); 767 768 if (sc == NULL) { 769 goto done; 770 } 771 772 if (hunique) { 773 if (sc->sc_hunique) 774 free(sc->sc_hunique, M_DEVBUF); 775 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 776 M_DONTWAIT); 777 if (sc->sc_hunique == NULL) { 778 PPPOE_UNLOCK(sc); 779 goto done; 780 } 781 sc->sc_hunique_len = hunique_len; 782 memcpy(sc->sc_hunique, hunique, hunique_len); 783 } 784 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 785 sc->sc_state = PPPOE_STATE_PADO_SENT; 786 pppoe_send_pado(sc); 787 PPPOE_UNLOCK(sc); 788 break; 789 #endif /* PPPOE_SERVER */ 790 791 case PPPOE_CODE_PADR: 792 #ifdef PPPOE_SERVER 793 /* 794 * get sc from ac_cookie if IFF_PASSIVE 795 */ 796 if (ac_cookie == NULL) { 797 goto done; 798 } 799 800 rcvif = m_get_rcvif_psref(m, &psref); 801 if (__predict_true(rcvif != NULL)) { 802 sc = pppoe_find_softc_by_hunique(ac_cookie, 803 ac_cookie_len, rcvif, RW_WRITER); 804 } 805 m_put_rcvif_psref(rcvif, &psref); 806 if (sc == NULL) { 807 /* be quiet if there is not a single pppoe instance */ 808 rw_enter(&pppoe_softc_list_lock, RW_READER); 809 if (!LIST_EMPTY(&pppoe_softc_list)) { 810 printf("pppoe: received PADR" 811 " but could not find request for it\n"); 812 } 813 rw_exit(&pppoe_softc_list_lock); 814 goto done; 815 } 816 817 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 818 printf("%s: received unexpected PADR\n", 819 sc->sc_sppp.pp_if.if_xname); 820 PPPOE_UNLOCK(sc); 821 goto done; 822 } 823 824 if (hunique) { 825 if (sc->sc_hunique) 826 free(sc->sc_hunique, M_DEVBUF); 827 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 828 M_DONTWAIT); 829 if (sc->sc_hunique == NULL) { 830 PPPOE_UNLOCK(sc); 831 goto done; 832 } 833 sc->sc_hunique_len = hunique_len; 834 memcpy(sc->sc_hunique, hunique, hunique_len); 835 } 836 pppoe_send_pads(sc); 837 sc->sc_state = PPPOE_STATE_SESSION; 838 PPPOE_UNLOCK(sc); 839 840 sc->sc_sppp.pp_up(&sc->sc_sppp); 841 break; 842 #else 843 /* ignore, we are no access concentrator */ 844 goto done; 845 #endif /* PPPOE_SERVER */ 846 847 case PPPOE_CODE_PADO: 848 rcvif = m_get_rcvif_psref(m, &psref); 849 if (__predict_false(rcvif == NULL)) 850 goto done; 851 852 if (hunique != NULL) { 853 sc = pppoe_find_softc_by_hunique(hunique, 854 hunique_len, rcvif, RW_WRITER); 855 } 856 857 m_put_rcvif_psref(rcvif, &psref); 858 859 if (sc == NULL) { 860 /* be quiet if there is not a single pppoe instance */ 861 rw_enter(&pppoe_softc_list_lock, RW_READER); 862 if (!LIST_EMPTY(&pppoe_softc_list)) { 863 printf("pppoe: received PADO" 864 " but could not find request for it\n"); 865 } 866 rw_exit(&pppoe_softc_list_lock); 867 goto done; 868 } 869 870 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 871 printf("%s: received unexpected PADO\n", 872 sc->sc_sppp.pp_if.if_xname); 873 PPPOE_UNLOCK(sc); 874 goto done; 875 } 876 877 if (ac_cookie) { 878 if (sc->sc_ac_cookie) 879 free(sc->sc_ac_cookie, M_DEVBUF); 880 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 881 M_DONTWAIT); 882 if (sc->sc_ac_cookie == NULL) { 883 printf("%s: FATAL: could not allocate memory " 884 "for AC cookie\n", 885 sc->sc_sppp.pp_if.if_xname); 886 PPPOE_UNLOCK(sc); 887 goto done; 888 } 889 sc->sc_ac_cookie_len = ac_cookie_len; 890 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 891 } 892 if (relay_sid) { 893 if (sc->sc_relay_sid) 894 free(sc->sc_relay_sid, M_DEVBUF); 895 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 896 M_DONTWAIT); 897 if (sc->sc_relay_sid == NULL) { 898 printf("%s: FATAL: could not allocate memory " 899 "for relay SID\n", 900 sc->sc_sppp.pp_if.if_xname); 901 PPPOE_UNLOCK(sc); 902 goto done; 903 } 904 sc->sc_relay_sid_len = relay_sid_len; 905 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 906 } 907 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 908 callout_stop(&sc->sc_timeout); 909 sc->sc_padr_retried = 0; 910 sc->sc_state = PPPOE_STATE_PADR_SENT; 911 if ((err = pppoe_send_padr(sc)) != 0) { 912 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 913 printf("%s: failed to send PADR, " 914 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 915 err); 916 } 917 callout_schedule(&sc->sc_timeout, 918 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 919 920 PPPOE_UNLOCK(sc); 921 break; 922 923 case PPPOE_CODE_PADS: 924 rcvif = m_get_rcvif_psref(m, &psref); 925 if (__predict_false(rcvif == NULL)) 926 goto done; 927 928 if (hunique != NULL) { 929 sc = pppoe_find_softc_by_hunique(hunique, 930 hunique_len, rcvif, RW_WRITER); 931 } 932 933 m_put_rcvif_psref(rcvif, &psref); 934 935 if (sc == NULL) 936 goto done; 937 938 sc->sc_session = session; 939 callout_stop(&sc->sc_timeout); 940 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 941 printf("%s: session 0x%x connected\n", 942 sc->sc_sppp.pp_if.if_xname, session); 943 sc->sc_state = PPPOE_STATE_SESSION; 944 PPPOE_UNLOCK(sc); 945 946 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 947 break; 948 949 case PPPOE_CODE_PADT: 950 rcvif = m_get_rcvif_psref(m, &psref); 951 if (__predict_false(rcvif == NULL)) 952 goto done; 953 954 sc = pppoe_find_softc_by_session(session, rcvif, 955 RW_WRITER); 956 957 m_put_rcvif_psref(rcvif, &psref); 958 959 if (sc == NULL) 960 goto done; 961 962 pppoe_clear_softc(sc, "received PADT"); 963 PPPOE_UNLOCK(sc); 964 break; 965 966 default: 967 rcvif = m_get_rcvif_psref(m, &psref); 968 if (__predict_false(rcvif == NULL)) 969 goto done; 970 971 if (hunique != NULL) { 972 sc = pppoe_find_softc_by_hunique(hunique, 973 hunique_len, rcvif, RW_READER); 974 } 975 976 m_put_rcvif_psref(rcvif, &psref); 977 978 if (sc != NULL) { 979 strlcpy(devname, sc->sc_sppp.pp_if.if_xname, 980 sizeof(devname)); 981 PPPOE_UNLOCK(sc); 982 } else 983 strlcpy(devname, "pppoe", sizeof(devname)); 984 985 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 986 devname, ph->code, session); 987 break; 988 } 989 990 done: 991 if (m) 992 m_freem(m); 993 return; 994 } 995 996 static void 997 pppoe_disc_input(struct mbuf *m) 998 { 999 KASSERT(m->m_flags & M_PKTHDR); 1000 1001 /* 1002 * Avoid error messages if there is not a single PPPoE instance. 1003 */ 1004 rw_enter(&pppoe_softc_list_lock, RW_READER); 1005 if (!LIST_EMPTY(&pppoe_softc_list)) { 1006 rw_exit(&pppoe_softc_list_lock); 1007 pppoe_dispatch_disc_pkt(m, 0); 1008 } else { 1009 rw_exit(&pppoe_softc_list_lock); 1010 m_freem(m); 1011 } 1012 } 1013 1014 static bool 1015 pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1016 { 1017 1018 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1019 return true; 1020 1021 return false; 1022 } 1023 1024 static void 1025 pppoe_data_input(struct mbuf *m) 1026 { 1027 uint16_t session, plen; 1028 struct pppoe_softc *sc; 1029 struct pppoehdr *ph; 1030 struct ifnet *rcvif; 1031 struct psref psref; 1032 uint8_t shost[ETHER_ADDR_LEN]; 1033 uint8_t dhost[ETHER_ADDR_LEN]; 1034 bool term_unknown = pppoe_term_unknown; 1035 1036 KASSERT(m->m_flags & M_PKTHDR); 1037 1038 /* 1039 * Avoid error messages if there is not a single PPPoE instance. 1040 */ 1041 rw_enter(&pppoe_softc_list_lock, RW_READER); 1042 if (LIST_EMPTY(&pppoe_softc_list)) { 1043 rw_exit(&pppoe_softc_list_lock); 1044 goto drop; 1045 } 1046 rw_exit(&pppoe_softc_list_lock); 1047 1048 if (term_unknown) { 1049 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1050 ETHER_ADDR_LEN); 1051 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1052 ETHER_ADDR_LEN); 1053 } 1054 m_adj(m, sizeof(struct ether_header)); 1055 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1056 goto drop; 1057 } 1058 1059 if (m->m_len < sizeof(*ph)) { 1060 m = m_pullup(m, sizeof(*ph)); 1061 if (m == NULL) { 1062 return; 1063 } 1064 } 1065 ph = mtod(m, struct pppoehdr *); 1066 1067 if (ph->vertype != PPPOE_VERTYPE) { 1068 goto drop; 1069 } 1070 if (ph->code != 0) { 1071 goto drop; 1072 } 1073 1074 session = ntohs(ph->session); 1075 rcvif = m_get_rcvif_psref(m, &psref); 1076 if (__predict_false(rcvif == NULL)) 1077 goto drop; 1078 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1079 if (sc == NULL) { 1080 if (term_unknown) { 1081 static struct timeval lasttime = {0, 0}; 1082 static int curpps = 0; 1083 /* 1084 * avoid to send wrong PADT which is response from 1085 * session stage packets for other hosts when parent 1086 * ethernet is promiscuous mode. 1087 */ 1088 if (pppoe_is_my_frame(dhost, rcvif) && 1089 ppsratecheck(&lasttime, &curpps, 1090 pppoe_term_unknown_pps)) { 1091 printf("pppoe: input for unknown session %#x, " 1092 "sending PADT\n", session); 1093 pppoe_send_padt(rcvif, session, shost); 1094 } 1095 } 1096 m_put_rcvif_psref(rcvif, &psref); 1097 goto drop; 1098 } 1099 1100 m_put_rcvif_psref(rcvif, &psref); 1101 1102 plen = ntohs(ph->plen); 1103 1104 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1105 1106 m_adj(m, PPPOE_HEADERLEN); 1107 1108 #ifdef PPPOE_DEBUG 1109 { 1110 struct mbuf *p; 1111 1112 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1113 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1114 p = m; 1115 while (p) { 1116 printf(" l=%d", p->m_len); 1117 p = p->m_next; 1118 } 1119 printf("\n"); 1120 } 1121 #endif 1122 PPPOE_UNLOCK(sc); 1123 1124 if (m->m_pkthdr.len < plen) 1125 goto drop; 1126 1127 /* 1128 * Fix incoming interface pointer (not the raw ethernet interface 1129 * anymore) 1130 */ 1131 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1132 1133 /* pass packet up and account for it */ 1134 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1135 sppp_input(&sc->sc_sppp.pp_if, m); 1136 return; 1137 1138 drop: 1139 m_freem(m); 1140 } 1141 1142 static int 1143 pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1144 { 1145 struct sockaddr dst; 1146 struct ether_header *eh; 1147 uint16_t etype; 1148 1149 if (sc->sc_eth_if == NULL) { 1150 m_freem(m); 1151 return EIO; 1152 } 1153 1154 memset(&dst, 0, sizeof dst); 1155 dst.sa_family = AF_UNSPEC; 1156 eh = (struct ether_header*)&dst.sa_data; 1157 etype = sc->sc_state == PPPOE_STATE_SESSION 1158 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1159 eh->ether_type = htons(etype); 1160 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1161 1162 #ifdef PPPOE_DEBUG 1163 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 1164 sc->sc_sppp.pp_if.if_xname, etype, 1165 sc->sc_state, sc->sc_session, 1166 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1167 #endif 1168 1169 m->m_flags &= ~(M_BCAST|M_MCAST); 1170 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1171 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1172 } 1173 1174 static int 1175 pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1176 { 1177 struct lwp *l = curlwp; /* XXX */ 1178 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1179 struct ifreq *ifr = data; 1180 int error = 0; 1181 1182 switch (cmd) { 1183 case PPPOESETPARMS: 1184 { 1185 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1186 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1187 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1188 NULL) != 0) 1189 return EPERM; 1190 if (parms->eth_ifname[0] != 0) { 1191 struct ifnet *eth_if; 1192 1193 PPPOE_LOCK(sc, RW_WRITER); 1194 eth_if = ifunit(parms->eth_ifname); 1195 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1196 sc->sc_eth_if = NULL; 1197 PPPOE_UNLOCK(sc); 1198 return ENXIO; 1199 } 1200 1201 if (sc->sc_sppp.pp_if.if_mtu != 1202 eth_if->if_mtu - PPPOE_OVERHEAD) { 1203 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1204 PPPOE_OVERHEAD; 1205 } 1206 sc->sc_eth_if = eth_if; 1207 PPPOE_UNLOCK(sc); 1208 } 1209 if (parms->ac_name != NULL) { 1210 size_t s; 1211 char *b = malloc(parms->ac_name_len + 1, M_DEVBUF, 1212 M_WAITOK); 1213 if (b == NULL) 1214 return ENOMEM; 1215 error = copyinstr(parms->ac_name, b, 1216 parms->ac_name_len+1, &s); 1217 if (error != 0) { 1218 free(b, M_DEVBUF); 1219 return error; 1220 } 1221 if (s != parms->ac_name_len+1) { 1222 free(b, M_DEVBUF); 1223 return EINVAL; 1224 } 1225 1226 PPPOE_LOCK(sc, RW_WRITER); 1227 if (sc->sc_concentrator_name) 1228 free(sc->sc_concentrator_name, M_DEVBUF); 1229 sc->sc_concentrator_name = b; 1230 PPPOE_UNLOCK(sc); 1231 } 1232 if (parms->service_name != NULL) { 1233 size_t s; 1234 char *b = malloc(parms->service_name_len + 1, M_DEVBUF, 1235 M_WAITOK); 1236 if (b == NULL) 1237 return ENOMEM; 1238 error = copyinstr(parms->service_name, b, 1239 parms->service_name_len+1, &s); 1240 if (error != 0) { 1241 free(b, M_DEVBUF); 1242 return error; 1243 } 1244 if (s != parms->service_name_len+1) { 1245 free(b, M_DEVBUF); 1246 return EINVAL; 1247 } 1248 1249 PPPOE_LOCK(sc, RW_WRITER); 1250 if (sc->sc_service_name) 1251 free(sc->sc_service_name, M_DEVBUF); 1252 sc->sc_service_name = b; 1253 PPPOE_UNLOCK(sc); 1254 } 1255 return 0; 1256 } 1257 break; 1258 case PPPOEGETPARMS: 1259 { 1260 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1261 memset(parms, 0, sizeof *parms); 1262 PPPOE_LOCK(sc, RW_READER); 1263 if (sc->sc_eth_if) 1264 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1265 sizeof(parms->ifname)); 1266 PPPOE_UNLOCK(sc); 1267 return 0; 1268 } 1269 break; 1270 case PPPOEGETSESSION: 1271 { 1272 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1273 PPPOE_LOCK(sc, RW_READER); 1274 state->state = sc->sc_state; 1275 state->session_id = sc->sc_session; 1276 state->padi_retry_no = sc->sc_padi_retried; 1277 state->padr_retry_no = sc->sc_padr_retried; 1278 PPPOE_UNLOCK(sc); 1279 return 0; 1280 } 1281 break; 1282 case SIOCSIFFLAGS: 1283 /* 1284 * Prevent running re-establishment timers overriding 1285 * administrators choice. 1286 */ 1287 PPPOE_LOCK(sc, RW_WRITER); 1288 1289 if ((ifr->ifr_flags & IFF_UP) == 0 1290 && sc->sc_state >= PPPOE_STATE_PADI_SENT 1291 && sc->sc_state < PPPOE_STATE_SESSION) { 1292 callout_stop(&sc->sc_timeout); 1293 sc->sc_state = PPPOE_STATE_INITIAL; 1294 sc->sc_padi_retried = 0; 1295 sc->sc_padr_retried = 0; 1296 memcpy(&sc->sc_dest, etherbroadcastaddr, 1297 sizeof(sc->sc_dest)); 1298 } 1299 1300 PPPOE_UNLOCK(sc); 1301 1302 error = sppp_ioctl(ifp, cmd, data); 1303 1304 return error; 1305 case SIOCSIFMTU: 1306 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1307 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1308 return EINVAL; 1309 } 1310 /*FALLTHROUGH*/ 1311 default: 1312 return sppp_ioctl(ifp, cmd, data); 1313 } 1314 return 0; 1315 } 1316 1317 /* 1318 * Allocate a mbuf/cluster with space to store the given data length 1319 * of payload, leaving space for prepending an ethernet header 1320 * in front. 1321 */ 1322 static struct mbuf * 1323 pppoe_get_mbuf(size_t len) 1324 { 1325 struct mbuf *m; 1326 1327 MGETHDR(m, M_DONTWAIT, MT_DATA); 1328 if (m == NULL) 1329 return NULL; 1330 if (len + sizeof(struct ether_header) > MHLEN) { 1331 MCLGET(m, M_DONTWAIT); 1332 if ((m->m_flags & M_EXT) == 0) { 1333 m_free(m); 1334 return NULL; 1335 } 1336 } 1337 m->m_data += sizeof(struct ether_header); 1338 m->m_len = len; 1339 m->m_pkthdr.len = len; 1340 m_reset_rcvif(m); 1341 1342 return m; 1343 } 1344 1345 static int 1346 pppoe_send_padi(struct pppoe_softc *sc) 1347 { 1348 struct mbuf *m0; 1349 int len, l1 = 0, l2 = 0; 1350 uint8_t *p; 1351 1352 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1353 panic("pppoe_send_padi in state %d", sc->sc_state); 1354 1355 /* Compute packet length. */ 1356 len = sizeof(struct pppoetag); 1357 if (sc->sc_service_name != NULL) { 1358 l1 = strlen(sc->sc_service_name); 1359 len += l1; 1360 } 1361 if (sc->sc_concentrator_name != NULL) { 1362 l2 = strlen(sc->sc_concentrator_name); 1363 len += sizeof(struct pppoetag) + l2; 1364 } 1365 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1366 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1367 len += sizeof(struct pppoetag) + 2; 1368 } 1369 1370 /* Allocate packet. */ 1371 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1372 if (m0 == NULL) 1373 return ENOBUFS; 1374 1375 /* Fill in packet. */ 1376 p = mtod(m0, uint8_t *); 1377 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1378 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1379 if (sc->sc_service_name != NULL) { 1380 PPPOE_ADD_16(p, l1); 1381 memcpy(p, sc->sc_service_name, l1); 1382 p += l1; 1383 } else { 1384 PPPOE_ADD_16(p, 0); 1385 } 1386 if (sc->sc_concentrator_name != NULL) { 1387 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1388 PPPOE_ADD_16(p, l2); 1389 memcpy(p, sc->sc_concentrator_name, l2); 1390 p += l2; 1391 } 1392 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1393 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1394 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1395 p += sizeof(sc->sc_id); 1396 1397 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1398 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1399 PPPOE_ADD_16(p, 2); 1400 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1401 } 1402 1403 #ifdef PPPOE_DEBUG 1404 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1405 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1406 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1407 #endif 1408 1409 /* Send packet. */ 1410 return pppoe_output(sc, m0); 1411 } 1412 1413 static void 1414 pppoe_timeout(void *arg) 1415 { 1416 int retry_wait, err; 1417 struct pppoe_softc *sc = (struct pppoe_softc*)arg; 1418 DECLARE_SPLNET_VARIABLE; 1419 1420 #ifdef PPPOE_DEBUG 1421 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1422 #endif 1423 1424 PPPOE_LOCK(sc, RW_WRITER); 1425 switch (sc->sc_state) { 1426 case PPPOE_STATE_INITIAL: 1427 /* delayed connect from pppoe_tls() */ 1428 pppoe_connect(sc); 1429 break; 1430 case PPPOE_STATE_PADI_SENT: 1431 /* 1432 * We have two basic ways of retrying: 1433 * - Quick retry mode: try a few times in short sequence 1434 * - Slow retry mode: we already had a connection successfully 1435 * established and will try infinitely (without user 1436 * intervention) 1437 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1438 * is not set. 1439 */ 1440 1441 /* initialize for quick retry mode */ 1442 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1443 1444 ACQUIRE_SPLNET(); 1445 sc->sc_padi_retried++; 1446 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1447 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1448 /* slow retry mode */ 1449 retry_wait = PPPOE_SLOW_RETRY; 1450 } else { 1451 pppoe_abort_connect(sc); 1452 RELEASE_SPLNET(); 1453 PPPOE_UNLOCK(sc); 1454 return; 1455 } 1456 } 1457 if ((err = pppoe_send_padi(sc)) != 0) { 1458 sc->sc_padi_retried--; 1459 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1460 printf("%s: failed to transmit PADI, " 1461 "error=%d\n", 1462 sc->sc_sppp.pp_if.if_xname, err); 1463 } 1464 callout_schedule(&sc->sc_timeout,retry_wait); 1465 RELEASE_SPLNET(); 1466 break; 1467 1468 case PPPOE_STATE_PADR_SENT: 1469 ACQUIRE_SPLNET(); 1470 sc->sc_padr_retried++; 1471 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1472 memcpy(&sc->sc_dest, etherbroadcastaddr, 1473 sizeof(sc->sc_dest)); 1474 sc->sc_state = PPPOE_STATE_PADI_SENT; 1475 sc->sc_padr_retried = 0; 1476 if ((err = pppoe_send_padi(sc)) != 0) { 1477 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1478 printf("%s: failed to send PADI" 1479 ", error=%d\n", 1480 sc->sc_sppp.pp_if.if_xname, err); 1481 } 1482 callout_schedule(&sc->sc_timeout, 1483 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1484 RELEASE_SPLNET(); 1485 PPPOE_UNLOCK(sc); 1486 return; 1487 } 1488 if ((err = pppoe_send_padr(sc)) != 0) { 1489 sc->sc_padr_retried--; 1490 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1491 printf("%s: failed to send PADR, " 1492 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1493 err); 1494 } 1495 callout_schedule(&sc->sc_timeout, 1496 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1497 RELEASE_SPLNET(); 1498 break; 1499 case PPPOE_STATE_CLOSING: 1500 pppoe_disconnect(sc); 1501 break; 1502 default: 1503 PPPOE_UNLOCK(sc); 1504 return; /* all done, work in peace */ 1505 } 1506 PPPOE_UNLOCK(sc); 1507 } 1508 1509 /* Start a connection (i.e. initiate discovery phase) */ 1510 static int 1511 pppoe_connect(struct pppoe_softc *sc) 1512 { 1513 int err; 1514 DECLARE_SPLNET_VARIABLE; 1515 1516 KASSERT(PPPOE_WLOCKED(sc)); 1517 1518 if (sc->sc_state != PPPOE_STATE_INITIAL) 1519 return EBUSY; 1520 1521 #ifdef PPPOE_SERVER 1522 /* wait PADI if IFF_PASSIVE */ 1523 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1524 return 0; 1525 #endif 1526 ACQUIRE_SPLNET(); 1527 /* save state, in case we fail to send PADI */ 1528 sc->sc_state = PPPOE_STATE_PADI_SENT; 1529 sc->sc_padr_retried = 0; 1530 err = pppoe_send_padi(sc); 1531 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1532 printf("%s: failed to send PADI, error=%d\n", 1533 sc->sc_sppp.pp_if.if_xname, err); 1534 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1535 RELEASE_SPLNET(); 1536 return err; 1537 } 1538 1539 /* disconnect */ 1540 static int 1541 pppoe_disconnect(struct pppoe_softc *sc) 1542 { 1543 int err; 1544 DECLARE_SPLNET_VARIABLE; 1545 1546 KASSERT(PPPOE_WLOCKED(sc)); 1547 1548 ACQUIRE_SPLNET(); 1549 1550 if (sc->sc_state < PPPOE_STATE_SESSION) 1551 err = EBUSY; 1552 else { 1553 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1554 printf("%s: disconnecting\n", 1555 sc->sc_sppp.pp_if.if_xname); 1556 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1557 (const uint8_t *)&sc->sc_dest); 1558 } 1559 1560 /* cleanup softc */ 1561 sc->sc_state = PPPOE_STATE_INITIAL; 1562 1563 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1564 if (sc->sc_ac_cookie) { 1565 free(sc->sc_ac_cookie, M_DEVBUF); 1566 sc->sc_ac_cookie = NULL; 1567 } 1568 sc->sc_ac_cookie_len = 0; 1569 if (sc->sc_relay_sid) { 1570 free(sc->sc_relay_sid, M_DEVBUF); 1571 sc->sc_relay_sid = NULL; 1572 } 1573 sc->sc_relay_sid_len = 0; 1574 #ifdef PPPOE_SERVER 1575 if (sc->sc_hunique) { 1576 free(sc->sc_hunique, M_DEVBUF); 1577 sc->sc_hunique = NULL; 1578 } 1579 sc->sc_hunique_len = 0; 1580 #endif 1581 sc->sc_session = 0; 1582 1583 PPPOE_UNLOCK(sc); 1584 1585 /* notify upper layer */ 1586 sc->sc_sppp.pp_down(&sc->sc_sppp); 1587 1588 PPPOE_LOCK(sc, RW_WRITER); 1589 1590 RELEASE_SPLNET(); 1591 return err; 1592 } 1593 1594 /* Connection attempt aborted */ 1595 static void 1596 pppoe_abort_connect(struct pppoe_softc *sc) 1597 { 1598 KASSERT(PPPOE_WLOCKED(sc)); 1599 1600 printf("%s: could not establish connection\n", 1601 sc->sc_sppp.pp_if.if_xname); 1602 sc->sc_state = PPPOE_STATE_CLOSING; 1603 1604 PPPOE_UNLOCK(sc); 1605 1606 /* notify upper layer */ 1607 sc->sc_sppp.pp_down(&sc->sc_sppp); 1608 1609 PPPOE_LOCK(sc, RW_WRITER); 1610 1611 /* clear connection state */ 1612 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1613 sc->sc_state = PPPOE_STATE_INITIAL; 1614 } 1615 1616 static int 1617 pppoe_send_padr(struct pppoe_softc *sc) 1618 { 1619 struct mbuf *m0; 1620 uint8_t *p; 1621 size_t len, l1 = 0; 1622 1623 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1624 return EIO; 1625 1626 /* Compute packet length. */ 1627 len = sizeof(struct pppoetag); 1628 if (sc->sc_service_name != NULL) { 1629 l1 = strlen(sc->sc_service_name); 1630 len += l1; 1631 } 1632 if (sc->sc_ac_cookie_len > 0) { 1633 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1634 } 1635 if (sc->sc_relay_sid_len > 0) { 1636 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1637 } 1638 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1639 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1640 len += sizeof(struct pppoetag) + 2; 1641 } 1642 1643 /* Allocate packet. */ 1644 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1645 if (m0 == NULL) 1646 return ENOBUFS; 1647 1648 /* Fill in packet. */ 1649 p = mtod(m0, uint8_t *); 1650 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1651 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1652 if (sc->sc_service_name != NULL) { 1653 PPPOE_ADD_16(p, l1); 1654 memcpy(p, sc->sc_service_name, l1); 1655 p += l1; 1656 } else { 1657 PPPOE_ADD_16(p, 0); 1658 } 1659 if (sc->sc_ac_cookie_len > 0) { 1660 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1661 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1662 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1663 p += sc->sc_ac_cookie_len; 1664 } 1665 if (sc->sc_relay_sid_len > 0) { 1666 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1667 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1668 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1669 p += sc->sc_relay_sid_len; 1670 } 1671 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1672 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1673 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1674 p += sizeof(sc->sc_id); 1675 1676 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1677 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1678 PPPOE_ADD_16(p, 2); 1679 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1680 } 1681 1682 #ifdef PPPOE_DEBUG 1683 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1684 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1685 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1686 #endif 1687 1688 /* Send packet. */ 1689 return pppoe_output(sc, m0); 1690 } 1691 1692 /* send a PADT packet */ 1693 static int 1694 pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1695 { 1696 struct ether_header *eh; 1697 struct sockaddr dst; 1698 struct mbuf *m0; 1699 uint8_t *p; 1700 1701 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1702 if (!m0) 1703 return EIO; 1704 p = mtod(m0, uint8_t *); 1705 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1706 1707 memset(&dst, 0, sizeof dst); 1708 dst.sa_family = AF_UNSPEC; 1709 eh = (struct ether_header*)&dst.sa_data; 1710 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1711 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1712 1713 m0->m_flags &= ~(M_BCAST|M_MCAST); 1714 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1715 } 1716 1717 #ifdef PPPOE_SERVER 1718 static int 1719 pppoe_send_pado(struct pppoe_softc *sc) 1720 { 1721 struct mbuf *m0; 1722 uint8_t *p; 1723 size_t len; 1724 1725 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1726 return EIO; 1727 1728 /* Include AC cookie. */ 1729 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1730 /* Include hunique. */ 1731 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1732 1733 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1734 if (!m0) 1735 return EIO; 1736 p = mtod(m0, uint8_t *); 1737 1738 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1739 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1740 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1741 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1742 p += sizeof(sc->sc_id); 1743 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1744 PPPOE_ADD_16(p, sc->sc_hunique_len); 1745 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1746 return pppoe_output(sc, m0); 1747 } 1748 1749 static int 1750 pppoe_send_pads(struct pppoe_softc *sc) 1751 { 1752 struct bintime bt; 1753 struct mbuf *m0; 1754 uint8_t *p; 1755 size_t len, l1 = 0; /* XXX: gcc */ 1756 1757 KASSERT(PPPOE_WLOCKED(sc)); 1758 1759 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1760 return EIO; 1761 1762 getbinuptime(&bt); 1763 sc->sc_session = bt.sec % 0xff + 1; 1764 1765 /* Include service name. */ 1766 len = sizeof(struct pppoetag); 1767 if (sc->sc_service_name != NULL) { 1768 l1 = strlen(sc->sc_service_name); 1769 len += l1; 1770 } 1771 /* Include hunique. */ 1772 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1773 1774 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1775 if (!m0) 1776 return ENOBUFS; 1777 p = mtod(m0, uint8_t *); 1778 1779 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1780 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1781 if (sc->sc_service_name != NULL) { 1782 PPPOE_ADD_16(p, l1); 1783 memcpy(p, sc->sc_service_name, l1); 1784 p += l1; 1785 } else { 1786 PPPOE_ADD_16(p, 0); 1787 } 1788 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1789 PPPOE_ADD_16(p, sc->sc_hunique_len); 1790 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1791 return pppoe_output(sc, m0); 1792 } 1793 #endif 1794 1795 static void 1796 pppoe_tls(struct sppp *sp) 1797 { 1798 struct pppoe_softc *sc = (void *)sp; 1799 int wtime; 1800 1801 PPPOE_LOCK(sc, RW_READER); 1802 1803 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1804 PPPOE_UNLOCK(sc); 1805 return; 1806 } 1807 1808 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1809 sc->sc_sppp.pp_auth_failures > 0) { 1810 /* 1811 * Delay trying to reconnect a bit more - the peer 1812 * might have failed to contact its radius server. 1813 */ 1814 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1815 if (wtime > PPPOE_SLOW_RETRY) 1816 wtime = PPPOE_SLOW_RETRY; 1817 } else { 1818 wtime = PPPOE_RECON_IMMEDIATE; 1819 } 1820 callout_schedule(&sc->sc_timeout, wtime); 1821 1822 PPPOE_UNLOCK(sc); 1823 } 1824 1825 static void 1826 pppoe_tlf(struct sppp *sp) 1827 { 1828 struct pppoe_softc *sc = (void *)sp; 1829 1830 PPPOE_LOCK(sc, RW_WRITER); 1831 1832 if (sc->sc_state < PPPOE_STATE_SESSION) { 1833 PPPOE_UNLOCK(sc); 1834 return; 1835 } 1836 /* 1837 * Do not call pppoe_disconnect here, the upper layer state 1838 * machine gets confused by this. We must return from this 1839 * function and defer disconnecting to the timeout handler. 1840 */ 1841 sc->sc_state = PPPOE_STATE_CLOSING; 1842 1843 callout_schedule(&sc->sc_timeout, hz/50); 1844 1845 PPPOE_UNLOCK(sc); 1846 } 1847 1848 static void 1849 pppoe_start(struct ifnet *ifp) 1850 { 1851 struct pppoe_softc *sc = (void *)ifp; 1852 struct mbuf *m; 1853 uint8_t *p; 1854 size_t len; 1855 1856 if (sppp_isempty(ifp)) 1857 return; 1858 1859 /* are we ready to process data yet? */ 1860 PPPOE_LOCK(sc, RW_READER); 1861 if (sc->sc_state < PPPOE_STATE_SESSION) { 1862 sppp_flush(&sc->sc_sppp.pp_if); 1863 PPPOE_UNLOCK(sc); 1864 return; 1865 } 1866 1867 while ((m = sppp_dequeue(ifp)) != NULL) { 1868 len = m->m_pkthdr.len; 1869 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1870 if (m == NULL) { 1871 if_statinc(ifp, if_oerrors); 1872 continue; 1873 } 1874 p = mtod(m, uint8_t *); 1875 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1876 1877 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1878 1879 pppoe_output(sc, m); 1880 } 1881 PPPOE_UNLOCK(sc); 1882 } 1883 1884 #ifdef PPPOE_MPSAFE 1885 static int 1886 pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1887 { 1888 struct pppoe_softc *sc = (void *)ifp; 1889 uint8_t *p; 1890 size_t len; 1891 1892 if (m == NULL) 1893 return EINVAL; 1894 1895 /* are we ready to process data yet? */ 1896 PPPOE_LOCK(sc, RW_READER); 1897 if (sc->sc_state < PPPOE_STATE_SESSION) { 1898 PPPOE_UNLOCK(sc); 1899 m_freem(m); 1900 return ENOBUFS; 1901 } 1902 1903 len = m->m_pkthdr.len; 1904 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1905 if (m == NULL) { 1906 PPPOE_UNLOCK(sc); 1907 if_statinc(ifp, if_oerrors); 1908 return ENETDOWN; 1909 } 1910 p = mtod(m, uint8_t *); 1911 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1912 1913 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1914 1915 pppoe_output(sc, m); 1916 PPPOE_UNLOCK(sc); 1917 return 0; 1918 } 1919 #endif /* PPPOE_MPSAFE */ 1920 1921 static void 1922 pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 1923 { 1924 struct ifnet *ifp = arg2; 1925 struct pppoe_softc *sc; 1926 DECLARE_SPLNET_VARIABLE; 1927 1928 if (cmd != PFIL_IFNET_DETACH) 1929 return; 1930 1931 ACQUIRE_SPLNET(); 1932 rw_enter(&pppoe_softc_list_lock, RW_READER); 1933 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 1934 PPPOE_LOCK(sc, RW_WRITER); 1935 if (sc->sc_eth_if != ifp) { 1936 PPPOE_UNLOCK(sc); 1937 continue; 1938 } 1939 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 1940 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 1941 printf("%s: ethernet interface detached, going down\n", 1942 sc->sc_sppp.pp_if.if_xname); 1943 } 1944 sc->sc_eth_if = NULL; 1945 pppoe_clear_softc(sc, "ethernet interface detached"); 1946 PPPOE_UNLOCK(sc); 1947 } 1948 rw_exit(&pppoe_softc_list_lock); 1949 RELEASE_SPLNET(); 1950 } 1951 1952 static void 1953 pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 1954 { 1955 KASSERT(PPPOE_WLOCKED(sc)); 1956 1957 /* stop timer */ 1958 callout_stop(&sc->sc_timeout); 1959 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1960 printf("%s: session 0x%x terminated, %s\n", 1961 sc->sc_sppp.pp_if.if_xname, sc->sc_session, message); 1962 1963 /* fix our state */ 1964 sc->sc_state = PPPOE_STATE_INITIAL; 1965 1966 PPPOE_UNLOCK(sc); 1967 1968 /* signal upper layer */ 1969 sc->sc_sppp.pp_down(&sc->sc_sppp); 1970 1971 PPPOE_LOCK(sc, RW_WRITER); 1972 1973 /* clean up softc */ 1974 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1975 if (sc->sc_ac_cookie) { 1976 free(sc->sc_ac_cookie, M_DEVBUF); 1977 sc->sc_ac_cookie = NULL; 1978 } 1979 if (sc->sc_relay_sid) { 1980 free(sc->sc_relay_sid, M_DEVBUF); 1981 sc->sc_relay_sid = NULL; 1982 } 1983 sc->sc_ac_cookie_len = 0; 1984 sc->sc_session = 0; 1985 } 1986 1987 static void 1988 pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 1989 { 1990 if (m->m_flags & M_PROMISC) { 1991 m_freem(m); 1992 return; 1993 } 1994 1995 #ifndef PPPOE_SERVER 1996 if (m->m_flags & (M_MCAST | M_BCAST)) { 1997 m_freem(m); 1998 return; 1999 } 2000 #endif 2001 2002 IFQ_LOCK(inq); 2003 if (IF_QFULL(inq)) { 2004 IF_DROP(inq); 2005 IFQ_UNLOCK(inq); 2006 m_freem(m); 2007 } else { 2008 IF_ENQUEUE(inq, m); 2009 IFQ_UNLOCK(inq); 2010 softint_schedule(pppoe_softintr); 2011 } 2012 return; 2013 } 2014 2015 void 2016 pppoe_input(struct ifnet *ifp, struct mbuf *m) 2017 { 2018 pppoe_enqueue(&ppoeinq, m); 2019 return; 2020 } 2021 2022 void 2023 pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2024 { 2025 pppoe_enqueue(&ppoediscinq, m); 2026 return; 2027 } 2028 2029 static void 2030 sysctl_net_pppoe_setup(struct sysctllog **clog) 2031 { 2032 const struct sysctlnode *node = NULL; 2033 2034 sysctl_createv(clog, 0, NULL, &node, 2035 CTLFLAG_PERMANENT, 2036 CTLTYPE_NODE, "pppoe", 2037 SYSCTL_DESCR("PPPOE protocol"), 2038 NULL, 0, NULL, 0, 2039 CTL_NET, CTL_CREATE, CTL_EOL); 2040 2041 if (node == NULL) 2042 return; 2043 2044 sysctl_createv(clog, 0, &node, NULL, 2045 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2046 CTLTYPE_BOOL, "term_unknown", 2047 SYSCTL_DESCR("Terminate unknown sessions"), 2048 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2049 CTL_CREATE, CTL_EOL); 2050 } 2051 2052 /* 2053 * Module infrastructure 2054 */ 2055 #include "if_module.h" 2056 2057 IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2058
Indexes created Tue Sep 30 17:09:57 GMT 2025