if_pppoe.c revision 1.164
1 /* $NetBSD: if_pppoe.c,v 1.164 2021/04/16 01:28:51 yamaguchi Exp $ */ 2 3 /* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin (at) NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.164 2021/04/16 01:28:51 yamaguchi Exp $"); 34 35 #ifdef _KERNEL_OPT 36 #include "pppoe.h" 37 #include "opt_pppoe.h" 38 #include "opt_net_mpsafe.h" 39 #endif 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/atomic.h> 45 #include <sys/callout.h> 46 #include <sys/malloc.h> 47 #include <sys/mbuf.h> 48 #include <sys/socket.h> 49 #include <sys/proc.h> 50 #include <sys/ioctl.h> 51 #include <sys/kauth.h> 52 #include <sys/intr.h> 53 #include <sys/socketvar.h> 54 #include <sys/device.h> 55 #include <sys/module.h> 56 #include <sys/sysctl.h> 57 #include <sys/rwlock.h> 58 #include <sys/mutex.h> 59 #include <sys/psref.h> 60 #include <sys/cprng.h> 61 #include <sys/workqueue.h> 62 63 #include <net/if.h> 64 #include <net/if_types.h> 65 #include <net/if_ether.h> 66 #include <net/if_sppp.h> 67 #include <net/if_spppvar.h> 68 #include <net/if_pppoe.h> 69 #include <net/if_dl.h> 70 71 #include <net/bpf.h> 72 73 #include "ioconf.h" 74 75 #ifdef NET_MPSAFE 76 #define PPPOE_MPSAFE 1 77 #endif 78 79 struct pppoehdr { 80 uint8_t vertype; 81 uint8_t code; 82 uint16_t session; 83 uint16_t plen; 84 } __packed; 85 86 struct pppoetag { 87 uint16_t tag; 88 uint16_t len; 89 } __packed; 90 91 #define PPPOE_HEADERLEN sizeof(struct pppoehdr) 92 #define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 93 #define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 94 95 #define PPPOE_TAG_EOL 0x0000 /* end of list */ 96 #define PPPOE_TAG_SNAME 0x0101 /* service name */ 97 #define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 98 #define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 99 #define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 100 #define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 101 #define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 102 #define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 103 #define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 104 #define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 105 #define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 106 107 #define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 108 #define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 109 #define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 110 #define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 111 #define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 112 113 /* two byte PPP protocol discriminator, then IP data */ 114 #define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 115 116 /* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 117 #define PPPOE_ADD_16(PTR, VAL) \ 118 *(PTR)++ = (VAL) / 256; \ 119 *(PTR)++ = (VAL) % 256 120 121 /* Add a complete PPPoE header to the buffer pointed to by PTR */ 122 #define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 123 *(PTR)++ = PPPOE_VERTYPE; \ 124 *(PTR)++ = (CODE); \ 125 PPPOE_ADD_16(PTR, SESS); \ 126 PPPOE_ADD_16(PTR, LEN) 127 128 #define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 129 #define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 130 #define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 131 #define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 132 #define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 133 #define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 134 135 #ifdef PPPOE_SERVER 136 /* from if_spppsubr.c */ 137 #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 138 #endif 139 140 #define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 141 #define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 142 #define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 143 144 #ifdef PPPOE_MPSAFE 145 #define DECLARE_SPLNET_VARIABLE 146 #define ACQUIRE_SPLNET() do { } while (0) 147 #define RELEASE_SPLNET() do { } while (0) 148 #else 149 #define DECLARE_SPLNET_VARIABLE int __s 150 #define ACQUIRE_SPLNET() do { \ 151 __s = splnet(); \ 152 } while (0) 153 #define RELEASE_SPLNET() do { \ 154 splx(__s); \ 155 } while (0) 156 #endif 157 158 #ifdef PPPOE_DEBUG 159 #define DPRINTF(_sc, _fmt, _arg...) pppoe_printf((_sc), (_fmt), ##_arg) 160 #else 161 #define DPRINTF(_sc, _fmt, _arg...) __nothing 162 #endif 163 164 struct pppoe_softc { 165 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 166 LIST_ENTRY(pppoe_softc) sc_list; 167 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 168 169 uint64_t sc_id; /* id of this softc, our hunique */ 170 int sc_state; /* discovery phase or session connected */ 171 struct ether_addr sc_dest; /* hardware address of concentrator */ 172 uint16_t sc_session; /* PPPoE session id */ 173 174 char *sc_service_name; /* if != NULL: requested name of service */ 175 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 176 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 177 size_t sc_ac_cookie_len; /* length of cookie data */ 178 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 179 size_t sc_relay_sid_len; /* length of relay SID data */ 180 #ifdef PPPOE_SERVER 181 uint8_t *sc_hunique; /* content of host unique we must echo back */ 182 size_t sc_hunique_len; /* length of host unique */ 183 #endif 184 callout_t sc_timeout; /* timeout while not in session state */ 185 struct workqueue *sc_timeout_wq; /* workqueue for timeout */ 186 struct work sc_timeout_wk; 187 u_int sc_timeout_scheduled; 188 int sc_padi_retried; /* number of PADI retries already done */ 189 int sc_padr_retried; /* number of PADR retries already done */ 190 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 191 }; 192 193 /* incoming traffic will be queued here */ 194 struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 195 struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 196 197 void *pppoe_softintr = NULL; 198 static void pppoe_softintr_handler(void *); 199 200 extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 201 202 /* input routines */ 203 static void pppoeintr(void); 204 static void pppoe_disc_input(struct mbuf *); 205 static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 206 static void pppoe_data_input(struct mbuf *); 207 static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 208 209 /* management routines */ 210 static int pppoe_connect(struct pppoe_softc *); 211 static int pppoe_disconnect(struct pppoe_softc *); 212 static void pppoe_abort_connect(struct pppoe_softc *); 213 static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 214 static void pppoe_tls(struct sppp *); 215 static void pppoe_tlf(struct sppp *); 216 static void pppoe_start(struct ifnet *); 217 #ifdef PPPOE_MPSAFE 218 static int pppoe_transmit(struct ifnet *, struct mbuf *); 219 #endif 220 static void pppoe_clear_softc(struct pppoe_softc *, const char *); 221 static void pppoe_printf(struct pppoe_softc *, const char *, ...); 222 223 /* internal timeout handling */ 224 static void pppoe_timeout_co(void *); 225 static void pppoe_timeout_co_halt(void *); 226 static void pppoe_timeout_wk(struct work *, void *); 227 static void pppoe_timeout(struct pppoe_softc *); 228 229 /* sending actual protocol controll packets */ 230 static int pppoe_send_padi(struct pppoe_softc *); 231 static int pppoe_send_padr(struct pppoe_softc *); 232 #ifdef PPPOE_SERVER 233 static int pppoe_send_pado(struct pppoe_softc *); 234 static int pppoe_send_pads(struct pppoe_softc *); 235 #endif 236 static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 237 238 /* raw output */ 239 static int pppoe_output(struct pppoe_softc *, struct mbuf *); 240 241 /* internal helper functions */ 242 static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 243 krw_t); 244 static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 245 struct ifnet *, krw_t); 246 static struct mbuf *pppoe_get_mbuf(size_t len); 247 248 static void pppoe_ifattach_hook(void *, unsigned long, void *); 249 250 static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 251 static krwlock_t pppoe_softc_list_lock; 252 253 static int pppoe_clone_create(struct if_clone *, int); 254 static int pppoe_clone_destroy(struct ifnet *); 255 256 static bool pppoe_term_unknown = false; 257 static int pppoe_term_unknown_pps = 1; 258 259 static struct sysctllog *pppoe_sysctl_clog; 260 static void sysctl_net_pppoe_setup(struct sysctllog **); 261 262 static struct if_clone pppoe_cloner = 263 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 264 265 /* ARGSUSED */ 266 void 267 pppoeattach(int count) 268 { 269 270 /* 271 * Nothing to do here, initialization is handled by the 272 * module initialization code in pppoeinit() below). 273 */ 274 } 275 276 static void 277 pppoeinit(void) 278 { 279 280 LIST_INIT(&pppoe_softc_list); 281 rw_init(&pppoe_softc_list_lock); 282 if_clone_attach(&pppoe_cloner); 283 284 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 285 pppoe_softintr_handler, NULL); 286 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 287 288 IFQ_LOCK_INIT(&ppoediscinq); 289 IFQ_LOCK_INIT(&ppoeinq); 290 } 291 292 static int 293 pppoedetach(void) 294 { 295 int error = 0; 296 297 rw_enter(&pppoe_softc_list_lock, RW_READER); 298 if (!LIST_EMPTY(&pppoe_softc_list)) { 299 rw_exit(&pppoe_softc_list_lock); 300 error = EBUSY; 301 } 302 303 if (error == 0) { 304 if_clone_detach(&pppoe_cloner); 305 softint_disestablish(pppoe_softintr); 306 /* Remove our sysctl sub-tree */ 307 sysctl_teardown(&pppoe_sysctl_clog); 308 } 309 310 return error; 311 } 312 313 static void 314 pppoe_softc_genid(uint64_t *id) 315 { 316 struct pppoe_softc *sc; 317 uint64_t rndid; 318 319 rw_enter(&pppoe_softc_list_lock, RW_READER); 320 321 while (1) { 322 rndid = cprng_strong64(); 323 324 sc = NULL; 325 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 326 if (sc->sc_id == rndid) 327 break; 328 } 329 if (sc == NULL) { 330 break; 331 } 332 } 333 334 rw_exit(&pppoe_softc_list_lock); 335 *id = rndid; 336 } 337 338 static int 339 pppoe_clone_create(struct if_clone *ifc, int unit) 340 { 341 struct pppoe_softc *sc; 342 int rv; 343 344 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 345 346 rw_init(&sc->sc_lock); 347 pppoe_softc_genid(&sc->sc_id); 348 349 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 350 sc->sc_sppp.pp_if.if_softc = sc; 351 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 352 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 353 #ifdef PPPOE_MPSAFE 354 sc->sc_sppp.pp_if.if_extflags = IFEF_MPSAFE; 355 #endif 356 sc->sc_sppp.pp_if.if_type = IFT_PPP; 357 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 358 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 359 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 360 PP_NOFRAMING; /* no serial encapsulation */ 361 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 362 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 363 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 364 365 /* changed to real address later */ 366 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 367 368 rv = workqueue_create(&sc->sc_timeout_wq, 369 sc->sc_sppp.pp_if.if_xname, pppoe_timeout_wk, sc, 370 PRI_SOFTNET, IPL_SOFTNET, 0); 371 if (rv != 0) 372 goto destroy_sclock; 373 374 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 375 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co, sc); 376 377 sc->sc_sppp.pp_if.if_start = pppoe_start; 378 #ifdef PPPOE_MPSAFE 379 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 380 #endif 381 sc->sc_sppp.pp_tls = pppoe_tls; 382 sc->sc_sppp.pp_tlf = pppoe_tlf; 383 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 384 385 rv = if_initialize(&sc->sc_sppp.pp_if); 386 if (rv != 0) 387 goto destroy_timeout; 388 389 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 390 sppp_attach(&sc->sc_sppp.pp_if); 391 392 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 393 rw_enter(&pppoe_softc_list_lock, RW_READER); 394 if (LIST_EMPTY(&pppoe_softc_list)) { 395 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 396 } 397 rw_exit(&pppoe_softc_list_lock); 398 399 if_register(&sc->sc_sppp.pp_if); 400 401 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 402 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 403 rw_exit(&pppoe_softc_list_lock); 404 return 0; 405 406 destroy_timeout: 407 callout_destroy(&sc->sc_timeout); 408 workqueue_destroy(sc->sc_timeout_wq); 409 destroy_sclock: 410 rw_destroy(&sc->sc_lock); 411 free(sc, M_DEVBUF); 412 413 return rv; 414 } 415 416 static int 417 pppoe_clone_destroy(struct ifnet *ifp) 418 { 419 struct pppoe_softc * sc = ifp->if_softc; 420 421 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 422 423 PPPOE_LOCK(sc, RW_WRITER); 424 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co_halt, sc); 425 workqueue_wait(sc->sc_timeout_wq, &sc->sc_timeout_wk); 426 callout_halt(&sc->sc_timeout, NULL); 427 428 LIST_REMOVE(sc, sc_list); 429 430 if (LIST_EMPTY(&pppoe_softc_list)) { 431 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 432 } 433 rw_exit(&pppoe_softc_list_lock); 434 435 bpf_detach(ifp); 436 sppp_detach(&sc->sc_sppp.pp_if); 437 if_detach(ifp); 438 if (sc->sc_concentrator_name) 439 free(sc->sc_concentrator_name, M_DEVBUF); 440 if (sc->sc_service_name) 441 free(sc->sc_service_name, M_DEVBUF); 442 if (sc->sc_ac_cookie) 443 free(sc->sc_ac_cookie, M_DEVBUF); 444 if (sc->sc_relay_sid) 445 free(sc->sc_relay_sid, M_DEVBUF); 446 callout_destroy(&sc->sc_timeout); 447 workqueue_destroy(sc->sc_timeout_wq); 448 449 PPPOE_UNLOCK(sc); 450 rw_destroy(&sc->sc_lock); 451 452 free(sc, M_DEVBUF); 453 454 return 0; 455 } 456 457 static void 458 pppoe_printf(struct pppoe_softc *sc, const char *fmt, ...) 459 { 460 va_list ap; 461 bool pppoe_debug; 462 463 #ifdef PPPOE_DEBUG 464 pppoe_debug = true; 465 #else 466 pppoe_debug = false; 467 #endif 468 469 if (sc == NULL) { 470 if (!pppoe_debug) 471 return; 472 473 printf("pppoe: "); 474 } else { 475 if (!ISSET(sc->sc_sppp.pp_if.if_flags, IFF_DEBUG)) 476 return; 477 478 printf("%s: ", sc->sc_sppp.pp_if.if_xname); 479 } 480 481 va_start(ap, fmt); 482 vprintf(fmt, ap); 483 va_end(ap); 484 } 485 486 /* 487 * Find the interface handling the specified session. 488 * Note: O(number of sessions open), this is a client-side only, mean 489 * and lean implementation, so number of open sessions typically should 490 * be 1. 491 */ 492 static struct pppoe_softc * 493 pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 494 { 495 struct pppoe_softc *sc = NULL; 496 497 if (session == 0) 498 return NULL; 499 rw_enter(&pppoe_softc_list_lock, RW_READER); 500 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 501 PPPOE_LOCK(sc, lock); 502 if ( sc->sc_state == PPPOE_STATE_SESSION 503 && sc->sc_session == session 504 && sc->sc_eth_if == rcvif) 505 break; 506 507 PPPOE_UNLOCK(sc); 508 } 509 rw_exit(&pppoe_softc_list_lock); 510 return sc; 511 } 512 513 /* Check host unique token passed and return appropriate softc pointer, 514 * or NULL if token is bogus. */ 515 static struct pppoe_softc * 516 pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 517 struct ifnet *rcvif, krw_t lock) 518 { 519 struct pppoe_softc *sc; 520 uint64_t t; 521 522 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 523 524 rw_enter(&pppoe_softc_list_lock, RW_READER); 525 if (LIST_EMPTY(&pppoe_softc_list)) { 526 rw_exit(&pppoe_softc_list_lock); 527 return NULL; 528 } 529 530 if (len != sizeof(sc->sc_id)) { 531 rw_exit(&pppoe_softc_list_lock); 532 return NULL; 533 } 534 memcpy(&t, token, len); 535 536 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 537 PPPOE_LOCK(sc, lock); 538 if (sc->sc_id == t && sc->sc_eth_if != NULL) { 539 break; 540 } 541 PPPOE_UNLOCK(sc); 542 } 543 rw_exit(&pppoe_softc_list_lock); 544 545 if (sc == NULL) { 546 pppoe_printf(NULL, "alien host unique tag" 547 ", no session found\n"); 548 return NULL; 549 } 550 551 /* should be safe to access *sc now */ 552 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 553 pppoe_printf(sc, "host unique tag found" 554 ", but it belongs to a connection in state %d\n", 555 sc->sc_state); 556 PPPOE_UNLOCK(sc); 557 return NULL; 558 } 559 if (sc->sc_eth_if != rcvif) { 560 pppoe_printf(sc, "wrong interface, not accepting host unique\n"); 561 PPPOE_UNLOCK(sc); 562 return NULL; 563 } 564 return sc; 565 } 566 567 static void 568 pppoe_softintr_handler(void *dummy) 569 { 570 /* called at splsoftnet() */ 571 pppoeintr(); 572 } 573 574 /* called at appropriate protection level */ 575 static void 576 pppoeintr(void) 577 { 578 struct mbuf *m; 579 int disc_done, data_done; 580 581 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 582 583 do { 584 disc_done = 0; 585 data_done = 0; 586 for (;;) { 587 IFQ_LOCK(&ppoediscinq); 588 IF_DEQUEUE(&ppoediscinq, m); 589 IFQ_UNLOCK(&ppoediscinq); 590 if (m == NULL) 591 break; 592 disc_done = 1; 593 pppoe_disc_input(m); 594 } 595 596 for (;;) { 597 IFQ_LOCK(&ppoeinq); 598 IF_DEQUEUE(&ppoeinq, m); 599 IFQ_UNLOCK(&ppoeinq); 600 if (m == NULL) 601 break; 602 data_done = 1; 603 pppoe_data_input(m); 604 } 605 } while (disc_done || data_done); 606 607 if (!IF_IS_EMPTY(&ppoediscinq) || !IF_IS_EMPTY(&ppoeinq)) 608 softint_schedule(pppoe_softintr); 609 610 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 611 } 612 613 /* analyze and handle a single received packet while not in session state */ 614 static void 615 pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 616 { 617 uint16_t tag, len; 618 uint16_t session, plen; 619 struct pppoe_softc *sc; 620 const char *err_msg; 621 char *error; 622 size_t dlen; 623 uint8_t *ac_cookie; 624 size_t ac_cookie_len; 625 uint8_t *relay_sid; 626 size_t relay_sid_len; 627 uint8_t *hunique; 628 size_t hunique_len; 629 struct pppoehdr *ph; 630 struct pppoetag *pt; 631 struct mbuf *n; 632 int noff, err, errortag; 633 struct ether_header *eh; 634 struct ifnet *rcvif; 635 struct psref psref; 636 637 if (m->m_len < sizeof(*eh)) { 638 m = m_pullup(m, sizeof(*eh)); 639 if (m == NULL) 640 goto done; 641 } 642 eh = mtod(m, struct ether_header *); 643 off += sizeof(*eh); 644 645 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 646 goto done; 647 } 648 649 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 650 if (ph == NULL) { 651 goto done; 652 } 653 if (ph->vertype != PPPOE_VERTYPE) { 654 goto done; 655 } 656 657 ac_cookie = NULL; 658 ac_cookie_len = 0; 659 relay_sid = NULL; 660 relay_sid_len = 0; 661 hunique = NULL; 662 hunique_len = 0; 663 664 session = ntohs(ph->session); 665 plen = ntohs(ph->plen); 666 off += sizeof(*ph); 667 668 if (plen + off > m->m_pkthdr.len) { 669 goto done; 670 } 671 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 672 673 tag = 0; 674 len = 0; 675 sc = NULL; 676 err_msg = NULL; 677 errortag = 0; 678 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 679 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 680 if (pt == NULL) { 681 goto done; 682 } 683 684 tag = ntohs(pt->tag); 685 len = ntohs(pt->len); 686 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 687 goto done; 688 } 689 switch (tag) { 690 case PPPOE_TAG_EOL: 691 goto breakbreak; 692 case PPPOE_TAG_SNAME: 693 break; /* ignored */ 694 case PPPOE_TAG_ACNAME: 695 if (len > 0) { 696 dlen = 4 * len + 1; 697 error = malloc(dlen, M_TEMP, M_NOWAIT); 698 if (error == NULL) 699 break; 700 701 n = m_pulldown(m, off + sizeof(*pt), len, 702 &noff); 703 if (!n) { 704 m = NULL; 705 free(error, M_TEMP); 706 goto done; 707 } 708 709 strnvisx(error, dlen, 710 mtod(n, char*) + noff, len, 711 VIS_SAFE | VIS_OCTAL); 712 pppoe_printf(NULL, "connected to %s\n", error); 713 free(error, M_TEMP); 714 } 715 break; /* ignored */ 716 case PPPOE_TAG_HUNIQUE: 717 if (hunique == NULL) { 718 n = m_pulldown(m, off + sizeof(*pt), len, 719 &noff); 720 if (!n) { 721 m = NULL; 722 err_msg = "TAG HUNIQUE ERROR"; 723 break; 724 } 725 726 hunique = mtod(n, uint8_t *) + noff; 727 hunique_len = len; 728 } 729 break; 730 case PPPOE_TAG_ACCOOKIE: 731 if (ac_cookie == NULL) { 732 n = m_pulldown(m, off + sizeof(*pt), len, 733 &noff); 734 if (!n) { 735 err_msg = "TAG ACCOOKIE ERROR"; 736 m = NULL; 737 break; 738 } 739 ac_cookie = mtod(n, char *) + noff; 740 ac_cookie_len = len; 741 } 742 break; 743 case PPPOE_TAG_RELAYSID: 744 if (relay_sid == NULL) { 745 n = m_pulldown(m, off + sizeof(*pt), len, 746 &noff); 747 if (!n) { 748 err_msg = "TAG RELAYSID ERROR"; 749 m = NULL; 750 break; 751 } 752 relay_sid = mtod(n, char *) + noff; 753 relay_sid_len = len; 754 } 755 break; 756 case PPPOE_TAG_SNAME_ERR: 757 err_msg = "SERVICE NAME ERROR"; 758 errortag = 1; 759 break; 760 case PPPOE_TAG_ACSYS_ERR: 761 err_msg = "AC SYSTEM ERROR"; 762 errortag = 1; 763 break; 764 case PPPOE_TAG_GENERIC_ERR: 765 err_msg = "GENERIC ERROR"; 766 errortag = 1; 767 break; 768 } 769 if (err_msg) { 770 error = NULL; 771 if (errortag && len) { 772 dlen = 4 * len + 1; 773 error = malloc(dlen, M_TEMP, 774 M_NOWAIT|M_ZERO); 775 n = m_pulldown(m, off + sizeof(*pt), len, 776 &noff); 777 if (!n) { 778 m = NULL; 779 } else if (error) { 780 strnvisx(error, dlen, 781 mtod(n, char*) + noff, len, 782 VIS_SAFE | VIS_OCTAL); 783 } 784 } 785 if (error) { 786 pppoe_printf(NULL, "%s: %s\n", err_msg, error); 787 free(error, M_TEMP); 788 } else 789 pppoe_printf(NULL, "%s\n", err_msg); 790 if (errortag || m == NULL) 791 goto done; 792 } 793 off += sizeof(*pt) + len; 794 } 795 breakbreak:; 796 797 switch (ph->code) { 798 case PPPOE_CODE_PADI: 799 #ifdef PPPOE_SERVER 800 /* 801 * got service name, concentrator name, and/or host unique. 802 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 803 */ 804 rw_enter(&pppoe_softc_list_lock, RW_READER); 805 if (LIST_EMPTY(&pppoe_softc_list)) { 806 rw_exit(&pppoe_softc_list_lock); 807 goto done; 808 } 809 810 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 811 PPPOE_LOCK(sc, RW_WRITER); 812 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 813 PPPOE_UNLOCK(sc); 814 continue; 815 } 816 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 817 PPPOE_UNLOCK(sc); 818 continue; 819 } 820 821 if (sc->sc_state == PPPOE_STATE_INITIAL) 822 break; 823 824 PPPOE_UNLOCK(sc); 825 } 826 rw_exit(&pppoe_softc_list_lock); 827 828 if (sc == NULL) { 829 goto done; 830 } 831 832 if (hunique) { 833 if (sc->sc_hunique) 834 free(sc->sc_hunique, M_DEVBUF); 835 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 836 M_DONTWAIT); 837 if (sc->sc_hunique == NULL) { 838 PPPOE_UNLOCK(sc); 839 goto done; 840 } 841 sc->sc_hunique_len = hunique_len; 842 memcpy(sc->sc_hunique, hunique, hunique_len); 843 } 844 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 845 sc->sc_state = PPPOE_STATE_PADO_SENT; 846 pppoe_send_pado(sc); 847 PPPOE_UNLOCK(sc); 848 break; 849 #endif /* PPPOE_SERVER */ 850 851 case PPPOE_CODE_PADR: 852 #ifdef PPPOE_SERVER 853 /* 854 * get sc from ac_cookie if IFF_PASSIVE 855 */ 856 if (ac_cookie == NULL) { 857 goto done; 858 } 859 860 rcvif = m_get_rcvif_psref(m, &psref); 861 if (__predict_true(rcvif != NULL)) { 862 sc = pppoe_find_softc_by_hunique(ac_cookie, 863 ac_cookie_len, rcvif, RW_WRITER); 864 } 865 m_put_rcvif_psref(rcvif, &psref); 866 if (sc == NULL) { 867 /* be quiet if there is not a single pppoe instance */ 868 rw_enter(&pppoe_softc_list_lock, RW_READER); 869 if (!LIST_EMPTY(&pppoe_softc_list)) { 870 pppoe_printf(NULL, "received PADR" 871 " but could not find request for it\n"); 872 } 873 rw_exit(&pppoe_softc_list_lock); 874 goto done; 875 } 876 877 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 878 pppoe_printf(sc, "received unexpected PADR\n"); 879 PPPOE_UNLOCK(sc); 880 goto done; 881 } 882 883 if (hunique) { 884 if (sc->sc_hunique) 885 free(sc->sc_hunique, M_DEVBUF); 886 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 887 M_DONTWAIT); 888 if (sc->sc_hunique == NULL) { 889 PPPOE_UNLOCK(sc); 890 goto done; 891 } 892 sc->sc_hunique_len = hunique_len; 893 memcpy(sc->sc_hunique, hunique, hunique_len); 894 } 895 pppoe_send_pads(sc); 896 sc->sc_state = PPPOE_STATE_SESSION; 897 PPPOE_UNLOCK(sc); 898 899 sc->sc_sppp.pp_up(&sc->sc_sppp); 900 break; 901 #else 902 /* ignore, we are no access concentrator */ 903 goto done; 904 #endif /* PPPOE_SERVER */ 905 906 case PPPOE_CODE_PADO: 907 rcvif = m_get_rcvif_psref(m, &psref); 908 if (__predict_false(rcvif == NULL)) 909 goto done; 910 911 if (hunique != NULL) { 912 sc = pppoe_find_softc_by_hunique(hunique, 913 hunique_len, rcvif, RW_WRITER); 914 } 915 916 m_put_rcvif_psref(rcvif, &psref); 917 918 if (sc == NULL) { 919 /* be quiet if there is not a single pppoe instance */ 920 rw_enter(&pppoe_softc_list_lock, RW_READER); 921 if (!LIST_EMPTY(&pppoe_softc_list)) { 922 pppoe_printf(NULL, "received PADO" 923 " but could not find request for it\n"); 924 } 925 rw_exit(&pppoe_softc_list_lock); 926 goto done; 927 } 928 929 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 930 pppoe_printf(sc, "received unexpected PADO\n"); 931 PPPOE_UNLOCK(sc); 932 goto done; 933 } 934 935 if (ac_cookie) { 936 if (sc->sc_ac_cookie) 937 free(sc->sc_ac_cookie, M_DEVBUF); 938 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 939 M_DONTWAIT); 940 if (sc->sc_ac_cookie == NULL) { 941 pppoe_printf(sc, "FATAL: could not allocate memory " 942 "for AC cookie\n"); 943 PPPOE_UNLOCK(sc); 944 goto done; 945 } 946 sc->sc_ac_cookie_len = ac_cookie_len; 947 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 948 } 949 if (relay_sid) { 950 if (sc->sc_relay_sid) 951 free(sc->sc_relay_sid, M_DEVBUF); 952 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 953 M_DONTWAIT); 954 if (sc->sc_relay_sid == NULL) { 955 pppoe_printf(sc, "FATAL: could not allocate memory " 956 "for relay SID\n"); 957 PPPOE_UNLOCK(sc); 958 goto done; 959 } 960 sc->sc_relay_sid_len = relay_sid_len; 961 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 962 } 963 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 964 callout_stop(&sc->sc_timeout); 965 sc->sc_padr_retried = 0; 966 sc->sc_state = PPPOE_STATE_PADR_SENT; 967 if ((err = pppoe_send_padr(sc)) != 0) { 968 pppoe_printf(sc, 969 "failed to send PADR, error=%d\n", err); 970 } 971 callout_schedule(&sc->sc_timeout, 972 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 973 974 PPPOE_UNLOCK(sc); 975 break; 976 977 case PPPOE_CODE_PADS: 978 rcvif = m_get_rcvif_psref(m, &psref); 979 if (__predict_false(rcvif == NULL)) 980 goto done; 981 982 if (hunique != NULL) { 983 sc = pppoe_find_softc_by_hunique(hunique, 984 hunique_len, rcvif, RW_WRITER); 985 } 986 987 m_put_rcvif_psref(rcvif, &psref); 988 989 if (sc == NULL) 990 goto done; 991 992 sc->sc_session = session; 993 callout_stop(&sc->sc_timeout); 994 pppoe_printf(sc, "session 0x%x connected\n", session); 995 sc->sc_state = PPPOE_STATE_SESSION; 996 PPPOE_UNLOCK(sc); 997 998 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 999 break; 1000 1001 case PPPOE_CODE_PADT: 1002 rcvif = m_get_rcvif_psref(m, &psref); 1003 if (__predict_false(rcvif == NULL)) 1004 goto done; 1005 1006 sc = pppoe_find_softc_by_session(session, rcvif, 1007 RW_WRITER); 1008 1009 m_put_rcvif_psref(rcvif, &psref); 1010 1011 if (sc == NULL) 1012 goto done; 1013 1014 pppoe_clear_softc(sc, "received PADT"); 1015 if (sc->sc_sppp.pp_if.if_flags & IFF_RUNNING) 1016 callout_schedule(&sc->sc_timeout, PPPOE_RECON_FAST); 1017 PPPOE_UNLOCK(sc); 1018 break; 1019 1020 default: 1021 rcvif = m_get_rcvif_psref(m, &psref); 1022 if (__predict_false(rcvif == NULL)) 1023 goto done; 1024 1025 if (hunique != NULL) { 1026 sc = pppoe_find_softc_by_hunique(hunique, 1027 hunique_len, rcvif, RW_READER); 1028 } 1029 1030 m_put_rcvif_psref(rcvif, &psref); 1031 1032 pppoe_printf(sc, "unknown code (0x%04x) session = 0x%04x\n", 1033 ph->code, session); 1034 if (sc == NULL) 1035 goto done; 1036 PPPOE_UNLOCK(sc); 1037 break; 1038 } 1039 1040 done: 1041 if (m) 1042 m_freem(m); 1043 return; 1044 } 1045 1046 static void 1047 pppoe_disc_input(struct mbuf *m) 1048 { 1049 KASSERT(m->m_flags & M_PKTHDR); 1050 1051 /* 1052 * Avoid error messages if there is not a single PPPoE instance. 1053 */ 1054 rw_enter(&pppoe_softc_list_lock, RW_READER); 1055 if (!LIST_EMPTY(&pppoe_softc_list)) { 1056 rw_exit(&pppoe_softc_list_lock); 1057 pppoe_dispatch_disc_pkt(m, 0); 1058 } else { 1059 rw_exit(&pppoe_softc_list_lock); 1060 m_freem(m); 1061 } 1062 } 1063 1064 static bool 1065 pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1066 { 1067 1068 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1069 return true; 1070 1071 return false; 1072 } 1073 1074 static void 1075 pppoe_data_input(struct mbuf *m) 1076 { 1077 uint16_t session, plen; 1078 struct pppoe_softc *sc; 1079 struct pppoehdr *ph; 1080 struct ifnet *rcvif; 1081 struct psref psref; 1082 uint8_t shost[ETHER_ADDR_LEN]; 1083 uint8_t dhost[ETHER_ADDR_LEN]; 1084 bool term_unknown = pppoe_term_unknown; 1085 1086 KASSERT(m->m_flags & M_PKTHDR); 1087 1088 /* 1089 * Avoid error messages if there is not a single PPPoE instance. 1090 */ 1091 rw_enter(&pppoe_softc_list_lock, RW_READER); 1092 if (LIST_EMPTY(&pppoe_softc_list)) { 1093 rw_exit(&pppoe_softc_list_lock); 1094 goto drop; 1095 } 1096 rw_exit(&pppoe_softc_list_lock); 1097 1098 if (term_unknown) { 1099 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1100 ETHER_ADDR_LEN); 1101 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1102 ETHER_ADDR_LEN); 1103 } 1104 m_adj(m, sizeof(struct ether_header)); 1105 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1106 goto drop; 1107 } 1108 1109 if (m->m_len < sizeof(*ph)) { 1110 m = m_pullup(m, sizeof(*ph)); 1111 if (m == NULL) { 1112 return; 1113 } 1114 } 1115 ph = mtod(m, struct pppoehdr *); 1116 1117 if (ph->vertype != PPPOE_VERTYPE) { 1118 goto drop; 1119 } 1120 if (ph->code != 0) { 1121 goto drop; 1122 } 1123 1124 session = ntohs(ph->session); 1125 rcvif = m_get_rcvif_psref(m, &psref); 1126 if (__predict_false(rcvif == NULL)) 1127 goto drop; 1128 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1129 if (sc == NULL) { 1130 if (term_unknown) { 1131 static struct timeval lasttime = {0, 0}; 1132 static int curpps = 0; 1133 /* 1134 * avoid to send wrong PADT which is response from 1135 * session stage packets for other hosts when parent 1136 * ethernet is promiscuous mode. 1137 */ 1138 if (pppoe_is_my_frame(dhost, rcvif) && 1139 ppsratecheck(&lasttime, &curpps, 1140 pppoe_term_unknown_pps)) { 1141 pppoe_printf(NULL, "input for unknown session %#x, " 1142 "sending PADT\n", session); 1143 pppoe_send_padt(rcvif, session, shost); 1144 } 1145 } 1146 m_put_rcvif_psref(rcvif, &psref); 1147 goto drop; 1148 } 1149 1150 m_put_rcvif_psref(rcvif, &psref); 1151 1152 plen = ntohs(ph->plen); 1153 1154 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1155 1156 m_adj(m, PPPOE_HEADERLEN); 1157 1158 #ifdef PPPOE_DEBUG 1159 { 1160 struct mbuf *p; 1161 1162 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1163 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1164 p = m; 1165 while (p) { 1166 printf(" l=%d", p->m_len); 1167 p = p->m_next; 1168 } 1169 printf("\n"); 1170 } 1171 #endif 1172 PPPOE_UNLOCK(sc); 1173 1174 if (m->m_pkthdr.len < plen) 1175 goto drop; 1176 1177 /* ignore trailing garbage */ 1178 m_adj(m, plen - m->m_pkthdr.len); 1179 /* 1180 * Fix incoming interface pointer (not the raw ethernet interface 1181 * anymore) 1182 */ 1183 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1184 1185 /* pass packet up and account for it */ 1186 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1187 sppp_input(&sc->sc_sppp.pp_if, m); 1188 return; 1189 1190 drop: 1191 m_freem(m); 1192 } 1193 1194 static int 1195 pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1196 { 1197 struct sockaddr dst; 1198 struct ether_header *eh; 1199 uint16_t etype; 1200 1201 if (sc->sc_eth_if == NULL) { 1202 m_freem(m); 1203 return EIO; 1204 } 1205 1206 memset(&dst, 0, sizeof dst); 1207 dst.sa_family = AF_UNSPEC; 1208 eh = (struct ether_header*)&dst.sa_data; 1209 etype = sc->sc_state == PPPOE_STATE_SESSION 1210 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1211 eh->ether_type = htons(etype); 1212 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1213 1214 DPRINTF(sc, "(%x) state=%d, session=0x%x output -> %s, len=%d\n", 1215 etype, sc->sc_state, sc->sc_session, 1216 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1217 1218 m->m_flags &= ~(M_BCAST|M_MCAST); 1219 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1220 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1221 } 1222 1223 static int 1224 pppoe_parm_cpyinstr(struct pppoe_softc *sc, 1225 char **dst, const void *src, size_t len) 1226 { 1227 int error = 0; 1228 char *next = NULL; 1229 size_t bufsiz, cpysiz, strsiz; 1230 1231 bufsiz = len + 1; 1232 1233 if (src == NULL) 1234 goto out; 1235 1236 bufsiz = len + 1; 1237 next = malloc(bufsiz, M_DEVBUF, M_WAITOK); 1238 if (next == NULL) 1239 return ENOMEM; 1240 1241 error = copyinstr(src, next, bufsiz, &cpysiz); 1242 if (error != 0) 1243 goto fail; 1244 if (cpysiz != bufsiz) { 1245 error = EINVAL; 1246 goto fail; 1247 } 1248 1249 strsiz = strnlen(next, bufsiz); 1250 if (strsiz == bufsiz) { 1251 error = EINVAL; 1252 goto fail; 1253 } 1254 1255 out: 1256 PPPOE_LOCK(sc, RW_WRITER); 1257 if (*dst != NULL) 1258 free(*dst, M_DEVBUF); 1259 *dst = next; 1260 next = NULL; 1261 PPPOE_UNLOCK(sc); 1262 fail: 1263 if (next != NULL) 1264 free(next, M_DEVBUF); 1265 1266 return error; 1267 } 1268 1269 static int 1270 pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1271 { 1272 struct lwp *l = curlwp; /* XXX */ 1273 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1274 struct ifreq *ifr = data; 1275 int error = 0; 1276 1277 switch (cmd) { 1278 case PPPOESETPARMS: 1279 { 1280 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1281 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1282 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1283 NULL) != 0) 1284 return EPERM; 1285 if (parms->eth_ifname[0] != 0) { 1286 struct ifnet *eth_if; 1287 1288 PPPOE_LOCK(sc, RW_WRITER); 1289 eth_if = ifunit(parms->eth_ifname); 1290 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1291 sc->sc_eth_if = NULL; 1292 PPPOE_UNLOCK(sc); 1293 return ENXIO; 1294 } 1295 1296 if (sc->sc_sppp.pp_if.if_mtu != 1297 eth_if->if_mtu - PPPOE_OVERHEAD) { 1298 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1299 PPPOE_OVERHEAD; 1300 } 1301 sc->sc_eth_if = eth_if; 1302 PPPOE_UNLOCK(sc); 1303 } 1304 1305 error = pppoe_parm_cpyinstr(sc, &sc->sc_concentrator_name, 1306 parms->ac_name, parms->ac_name_len); 1307 if (error != 0) 1308 return error; 1309 1310 error = pppoe_parm_cpyinstr(sc, &sc->sc_service_name, 1311 parms->service_name, parms->service_name_len); 1312 if (error != 0) 1313 return error; 1314 return 0; 1315 } 1316 break; 1317 case PPPOEGETPARMS: 1318 { 1319 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1320 memset(parms, 0, sizeof *parms); 1321 PPPOE_LOCK(sc, RW_READER); 1322 if (sc->sc_eth_if) 1323 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1324 sizeof(parms->ifname)); 1325 PPPOE_UNLOCK(sc); 1326 return 0; 1327 } 1328 break; 1329 case PPPOEGETSESSION: 1330 { 1331 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1332 PPPOE_LOCK(sc, RW_READER); 1333 state->state = sc->sc_state; 1334 state->session_id = sc->sc_session; 1335 state->padi_retry_no = sc->sc_padi_retried; 1336 state->padr_retry_no = sc->sc_padr_retried; 1337 PPPOE_UNLOCK(sc); 1338 return 0; 1339 } 1340 break; 1341 case SIOCSIFFLAGS: 1342 /* 1343 * Prevent running re-establishment timers overriding 1344 * administrators choice. 1345 */ 1346 PPPOE_LOCK(sc, RW_WRITER); 1347 1348 if ((ifr->ifr_flags & IFF_UP) == 0 1349 && sc->sc_state < PPPOE_STATE_SESSION) { 1350 callout_stop(&sc->sc_timeout); 1351 sc->sc_state = PPPOE_STATE_INITIAL; 1352 sc->sc_padi_retried = 0; 1353 sc->sc_padr_retried = 0; 1354 memcpy(&sc->sc_dest, etherbroadcastaddr, 1355 sizeof(sc->sc_dest)); 1356 } 1357 1358 PPPOE_UNLOCK(sc); 1359 1360 error = sppp_ioctl(ifp, cmd, data); 1361 1362 return error; 1363 case SIOCSIFMTU: 1364 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1365 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1366 return EINVAL; 1367 } 1368 /*FALLTHROUGH*/ 1369 default: 1370 return sppp_ioctl(ifp, cmd, data); 1371 } 1372 return 0; 1373 } 1374 1375 /* 1376 * Allocate a mbuf/cluster with space to store the given data length 1377 * of payload, leaving space for prepending an ethernet header 1378 * in front. 1379 */ 1380 static struct mbuf * 1381 pppoe_get_mbuf(size_t len) 1382 { 1383 struct mbuf *m; 1384 1385 MGETHDR(m, M_DONTWAIT, MT_DATA); 1386 if (m == NULL) 1387 return NULL; 1388 if (len + sizeof(struct ether_header) > MHLEN) { 1389 MCLGET(m, M_DONTWAIT); 1390 if ((m->m_flags & M_EXT) == 0) { 1391 m_free(m); 1392 return NULL; 1393 } 1394 } 1395 m->m_data += sizeof(struct ether_header); 1396 m->m_len = len; 1397 m->m_pkthdr.len = len; 1398 m_reset_rcvif(m); 1399 1400 return m; 1401 } 1402 1403 static int 1404 pppoe_send_padi(struct pppoe_softc *sc) 1405 { 1406 struct mbuf *m0; 1407 int len, l1 = 0, l2 = 0; 1408 uint8_t *p; 1409 1410 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1411 panic("pppoe_send_padi in state %d", sc->sc_state); 1412 1413 /* Compute packet length. */ 1414 len = sizeof(struct pppoetag); 1415 if (sc->sc_service_name != NULL) { 1416 l1 = strlen(sc->sc_service_name); 1417 len += l1; 1418 } 1419 if (sc->sc_concentrator_name != NULL) { 1420 l2 = strlen(sc->sc_concentrator_name); 1421 len += sizeof(struct pppoetag) + l2; 1422 } 1423 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1424 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1425 len += sizeof(struct pppoetag) + 2; 1426 } 1427 1428 /* Allocate packet. */ 1429 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1430 if (m0 == NULL) 1431 return ENOBUFS; 1432 1433 /* Fill in packet. */ 1434 p = mtod(m0, uint8_t *); 1435 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1436 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1437 if (sc->sc_service_name != NULL) { 1438 PPPOE_ADD_16(p, l1); 1439 memcpy(p, sc->sc_service_name, l1); 1440 p += l1; 1441 } else { 1442 PPPOE_ADD_16(p, 0); 1443 } 1444 if (sc->sc_concentrator_name != NULL) { 1445 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1446 PPPOE_ADD_16(p, l2); 1447 memcpy(p, sc->sc_concentrator_name, l2); 1448 p += l2; 1449 } 1450 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1451 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1452 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1453 p += sizeof(sc->sc_id); 1454 1455 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1456 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1457 PPPOE_ADD_16(p, 2); 1458 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1459 } 1460 1461 #ifdef PPPOE_DEBUG 1462 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1463 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1464 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1465 #endif 1466 1467 /* Send packet. */ 1468 return pppoe_output(sc, m0); 1469 } 1470 1471 static void 1472 pppoe_timeout_co(void *arg) 1473 { 1474 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1475 1476 if (atomic_swap_uint(&sc->sc_timeout_scheduled, 1) != 0) 1477 return; 1478 1479 workqueue_enqueue(sc->sc_timeout_wq, &sc->sc_timeout_wk, NULL); 1480 } 1481 1482 static void 1483 pppoe_timeout_co_halt(void *unused __unused) 1484 { 1485 1486 /* do nothing to halt callout safely */ 1487 } 1488 1489 static void 1490 pppoe_timeout_wk(struct work *wk __unused, void *arg) 1491 { 1492 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1493 1494 atomic_swap_uint(&sc->sc_timeout_scheduled, 0); 1495 pppoe_timeout(sc); 1496 } 1497 1498 static void 1499 pppoe_timeout(struct pppoe_softc *sc) 1500 { 1501 int retry_wait, err; 1502 DECLARE_SPLNET_VARIABLE; 1503 1504 pppoe_printf(sc, "timeout\n"); 1505 1506 PPPOE_LOCK(sc, RW_WRITER); 1507 switch (sc->sc_state) { 1508 case PPPOE_STATE_INITIAL: 1509 /* delayed connect from pppoe_tls() */ 1510 pppoe_connect(sc); 1511 break; 1512 case PPPOE_STATE_PADI_SENT: 1513 /* 1514 * We have two basic ways of retrying: 1515 * - Quick retry mode: try a few times in short sequence 1516 * - Slow retry mode: we already had a connection successfully 1517 * established and will try infinitely (without user 1518 * intervention) 1519 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1520 * is not set. 1521 */ 1522 1523 /* initialize for quick retry mode */ 1524 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1525 1526 ACQUIRE_SPLNET(); 1527 sc->sc_padi_retried++; 1528 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1529 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1530 /* slow retry mode */ 1531 retry_wait = PPPOE_SLOW_RETRY; 1532 } else { 1533 pppoe_abort_connect(sc); 1534 RELEASE_SPLNET(); 1535 PPPOE_UNLOCK(sc); 1536 return; 1537 } 1538 } 1539 if ((err = pppoe_send_padi(sc)) != 0) { 1540 sc->sc_padi_retried--; 1541 pppoe_printf(sc, 1542 "failed to transmit PADI, error=%d\n", err); 1543 } 1544 callout_schedule(&sc->sc_timeout,retry_wait); 1545 RELEASE_SPLNET(); 1546 break; 1547 1548 case PPPOE_STATE_PADR_SENT: 1549 ACQUIRE_SPLNET(); 1550 sc->sc_padr_retried++; 1551 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1552 memcpy(&sc->sc_dest, etherbroadcastaddr, 1553 sizeof(sc->sc_dest)); 1554 sc->sc_state = PPPOE_STATE_PADI_SENT; 1555 sc->sc_padi_retried = 0; 1556 sc->sc_padr_retried = 0; 1557 if ((err = pppoe_send_padi(sc)) != 0) { 1558 pppoe_printf(sc, 1559 "failed to send PADI, error=%d\n", err); 1560 } 1561 callout_schedule(&sc->sc_timeout, 1562 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1563 RELEASE_SPLNET(); 1564 PPPOE_UNLOCK(sc); 1565 return; 1566 } 1567 if ((err = pppoe_send_padr(sc)) != 0) { 1568 sc->sc_padr_retried--; 1569 pppoe_printf(sc,"failed to send PADR, error=%d", err); 1570 } 1571 callout_schedule(&sc->sc_timeout, 1572 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1573 RELEASE_SPLNET(); 1574 break; 1575 case PPPOE_STATE_CLOSING: 1576 pppoe_disconnect(sc); 1577 break; 1578 default: 1579 PPPOE_UNLOCK(sc); 1580 return; /* all done, work in peace */ 1581 } 1582 PPPOE_UNLOCK(sc); 1583 } 1584 1585 /* Start a connection (i.e. initiate discovery phase) */ 1586 static int 1587 pppoe_connect(struct pppoe_softc *sc) 1588 { 1589 int err; 1590 DECLARE_SPLNET_VARIABLE; 1591 1592 KASSERT(PPPOE_WLOCKED(sc)); 1593 1594 if (sc->sc_state != PPPOE_STATE_INITIAL) 1595 return EBUSY; 1596 1597 #ifdef PPPOE_SERVER 1598 /* wait PADI if IFF_PASSIVE */ 1599 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1600 return 0; 1601 #endif 1602 ACQUIRE_SPLNET(); 1603 /* save state, in case we fail to send PADI */ 1604 sc->sc_state = PPPOE_STATE_PADI_SENT; 1605 sc->sc_padi_retried = 0; 1606 sc->sc_padr_retried = 0; 1607 err = pppoe_send_padi(sc); 1608 if (err != 0) 1609 pppoe_printf(sc, "failed to send PADI, error=%d\n", err); 1610 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1611 RELEASE_SPLNET(); 1612 return err; 1613 } 1614 1615 /* disconnect */ 1616 static int 1617 pppoe_disconnect(struct pppoe_softc *sc) 1618 { 1619 int err; 1620 DECLARE_SPLNET_VARIABLE; 1621 1622 KASSERT(PPPOE_WLOCKED(sc)); 1623 1624 ACQUIRE_SPLNET(); 1625 1626 if (sc->sc_state < PPPOE_STATE_SESSION) 1627 err = EBUSY; 1628 else { 1629 pppoe_printf(sc, "disconnecting\n"); 1630 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1631 (const uint8_t *)&sc->sc_dest); 1632 } 1633 1634 /* cleanup softc */ 1635 sc->sc_state = PPPOE_STATE_INITIAL; 1636 1637 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1638 if (sc->sc_ac_cookie) { 1639 free(sc->sc_ac_cookie, M_DEVBUF); 1640 sc->sc_ac_cookie = NULL; 1641 } 1642 sc->sc_ac_cookie_len = 0; 1643 if (sc->sc_relay_sid) { 1644 free(sc->sc_relay_sid, M_DEVBUF); 1645 sc->sc_relay_sid = NULL; 1646 } 1647 sc->sc_relay_sid_len = 0; 1648 #ifdef PPPOE_SERVER 1649 if (sc->sc_hunique) { 1650 free(sc->sc_hunique, M_DEVBUF); 1651 sc->sc_hunique = NULL; 1652 } 1653 sc->sc_hunique_len = 0; 1654 #endif 1655 sc->sc_session = 0; 1656 1657 PPPOE_UNLOCK(sc); 1658 1659 /* notify upper layer */ 1660 sc->sc_sppp.pp_down(&sc->sc_sppp); 1661 1662 PPPOE_LOCK(sc, RW_WRITER); 1663 1664 RELEASE_SPLNET(); 1665 return err; 1666 } 1667 1668 /* Connection attempt aborted */ 1669 static void 1670 pppoe_abort_connect(struct pppoe_softc *sc) 1671 { 1672 KASSERT(PPPOE_WLOCKED(sc)); 1673 1674 pppoe_printf(sc, "could not establish connection\n"); 1675 sc->sc_state = PPPOE_STATE_CLOSING; 1676 1677 PPPOE_UNLOCK(sc); 1678 1679 /* notify upper layer */ 1680 sc->sc_sppp.pp_down(&sc->sc_sppp); 1681 1682 PPPOE_LOCK(sc, RW_WRITER); 1683 1684 /* clear connection state */ 1685 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1686 sc->sc_state = PPPOE_STATE_INITIAL; 1687 } 1688 1689 static int 1690 pppoe_send_padr(struct pppoe_softc *sc) 1691 { 1692 struct mbuf *m0; 1693 uint8_t *p; 1694 size_t len, l1 = 0; 1695 1696 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1697 return EIO; 1698 1699 /* Compute packet length. */ 1700 len = sizeof(struct pppoetag); 1701 if (sc->sc_service_name != NULL) { 1702 l1 = strlen(sc->sc_service_name); 1703 len += l1; 1704 } 1705 if (sc->sc_ac_cookie_len > 0) { 1706 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1707 } 1708 if (sc->sc_relay_sid_len > 0) { 1709 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1710 } 1711 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1712 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1713 len += sizeof(struct pppoetag) + 2; 1714 } 1715 1716 /* Allocate packet. */ 1717 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1718 if (m0 == NULL) 1719 return ENOBUFS; 1720 1721 /* Fill in packet. */ 1722 p = mtod(m0, uint8_t *); 1723 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1724 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1725 if (sc->sc_service_name != NULL) { 1726 PPPOE_ADD_16(p, l1); 1727 memcpy(p, sc->sc_service_name, l1); 1728 p += l1; 1729 } else { 1730 PPPOE_ADD_16(p, 0); 1731 } 1732 if (sc->sc_ac_cookie_len > 0) { 1733 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1734 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1735 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1736 p += sc->sc_ac_cookie_len; 1737 } 1738 if (sc->sc_relay_sid_len > 0) { 1739 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1740 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1741 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1742 p += sc->sc_relay_sid_len; 1743 } 1744 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1745 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1746 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1747 p += sizeof(sc->sc_id); 1748 1749 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1750 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1751 PPPOE_ADD_16(p, 2); 1752 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1753 } 1754 1755 #ifdef PPPOE_DEBUG 1756 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1757 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1758 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1759 #endif 1760 1761 /* Send packet. */ 1762 return pppoe_output(sc, m0); 1763 } 1764 1765 /* send a PADT packet */ 1766 static int 1767 pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1768 { 1769 struct ether_header *eh; 1770 struct sockaddr dst; 1771 struct mbuf *m0; 1772 uint8_t *p; 1773 1774 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1775 if (!m0) 1776 return EIO; 1777 p = mtod(m0, uint8_t *); 1778 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1779 1780 memset(&dst, 0, sizeof dst); 1781 dst.sa_family = AF_UNSPEC; 1782 eh = (struct ether_header*)&dst.sa_data; 1783 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1784 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1785 1786 m0->m_flags &= ~(M_BCAST|M_MCAST); 1787 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1788 } 1789 1790 #ifdef PPPOE_SERVER 1791 static int 1792 pppoe_send_pado(struct pppoe_softc *sc) 1793 { 1794 struct mbuf *m0; 1795 uint8_t *p; 1796 size_t len; 1797 1798 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1799 return EIO; 1800 1801 /* Include AC cookie. */ 1802 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1803 /* Include hunique. */ 1804 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1805 1806 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1807 if (!m0) 1808 return EIO; 1809 p = mtod(m0, uint8_t *); 1810 1811 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1812 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1813 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1814 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1815 p += sizeof(sc->sc_id); 1816 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1817 PPPOE_ADD_16(p, sc->sc_hunique_len); 1818 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1819 return pppoe_output(sc, m0); 1820 } 1821 1822 static int 1823 pppoe_send_pads(struct pppoe_softc *sc) 1824 { 1825 struct bintime bt; 1826 struct mbuf *m0; 1827 uint8_t *p; 1828 size_t len, l1 = 0; /* XXX: gcc */ 1829 1830 KASSERT(PPPOE_WLOCKED(sc)); 1831 1832 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1833 return EIO; 1834 1835 getbinuptime(&bt); 1836 sc->sc_session = bt.sec % 0xff + 1; 1837 1838 /* Include service name. */ 1839 len = sizeof(struct pppoetag); 1840 if (sc->sc_service_name != NULL) { 1841 l1 = strlen(sc->sc_service_name); 1842 len += l1; 1843 } 1844 /* Include hunique. */ 1845 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1846 1847 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1848 if (!m0) 1849 return ENOBUFS; 1850 p = mtod(m0, uint8_t *); 1851 1852 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1853 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1854 if (sc->sc_service_name != NULL) { 1855 PPPOE_ADD_16(p, l1); 1856 memcpy(p, sc->sc_service_name, l1); 1857 p += l1; 1858 } else { 1859 PPPOE_ADD_16(p, 0); 1860 } 1861 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1862 PPPOE_ADD_16(p, sc->sc_hunique_len); 1863 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1864 return pppoe_output(sc, m0); 1865 } 1866 #endif 1867 1868 static void 1869 pppoe_tls(struct sppp *sp) 1870 { 1871 struct pppoe_softc *sc = (void *)sp; 1872 int wtime; 1873 1874 PPPOE_LOCK(sc, RW_READER); 1875 1876 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1877 PPPOE_UNLOCK(sc); 1878 return; 1879 } 1880 1881 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1882 sc->sc_sppp.pp_auth_failures > 0) { 1883 /* 1884 * Delay trying to reconnect a bit more - the peer 1885 * might have failed to contact its radius server. 1886 */ 1887 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1888 if (wtime > PPPOE_SLOW_RETRY) 1889 wtime = PPPOE_SLOW_RETRY; 1890 } else { 1891 wtime = PPPOE_RECON_IMMEDIATE; 1892 } 1893 callout_schedule(&sc->sc_timeout, wtime); 1894 1895 PPPOE_UNLOCK(sc); 1896 } 1897 1898 static void 1899 pppoe_tlf(struct sppp *sp) 1900 { 1901 struct pppoe_softc *sc = (void *)sp; 1902 1903 PPPOE_LOCK(sc, RW_WRITER); 1904 1905 if (sc->sc_state < PPPOE_STATE_SESSION) { 1906 callout_stop(&sc->sc_timeout); 1907 sc->sc_state = PPPOE_STATE_INITIAL; 1908 sc->sc_padi_retried = 0; 1909 sc->sc_padr_retried = 0; 1910 memcpy(&sc->sc_dest, etherbroadcastaddr, 1911 sizeof(sc->sc_dest)); 1912 PPPOE_UNLOCK(sc); 1913 return; 1914 } 1915 1916 /* 1917 * Do not call pppoe_disconnect here, the upper layer state 1918 * machine gets confused by this. We must return from this 1919 * function and defer disconnecting to the timeout handler. 1920 */ 1921 sc->sc_state = PPPOE_STATE_CLOSING; 1922 1923 callout_schedule(&sc->sc_timeout, hz/50); 1924 1925 PPPOE_UNLOCK(sc); 1926 } 1927 1928 static void 1929 pppoe_start(struct ifnet *ifp) 1930 { 1931 struct pppoe_softc *sc = (void *)ifp; 1932 struct mbuf *m; 1933 uint8_t *p; 1934 size_t len; 1935 1936 if (sppp_isempty(ifp)) 1937 return; 1938 1939 /* are we ready to process data yet? */ 1940 PPPOE_LOCK(sc, RW_READER); 1941 if (sc->sc_state < PPPOE_STATE_SESSION) { 1942 sppp_flush(&sc->sc_sppp.pp_if); 1943 PPPOE_UNLOCK(sc); 1944 return; 1945 } 1946 1947 while ((m = sppp_dequeue(ifp)) != NULL) { 1948 len = m->m_pkthdr.len; 1949 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1950 if (m == NULL) { 1951 if_statinc(ifp, if_oerrors); 1952 continue; 1953 } 1954 p = mtod(m, uint8_t *); 1955 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1956 1957 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1958 1959 pppoe_output(sc, m); 1960 } 1961 PPPOE_UNLOCK(sc); 1962 } 1963 1964 #ifdef PPPOE_MPSAFE 1965 static int 1966 pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1967 { 1968 struct pppoe_softc *sc = (void *)ifp; 1969 uint8_t *p; 1970 size_t len; 1971 1972 if (m == NULL) 1973 return EINVAL; 1974 1975 /* are we ready to process data yet? */ 1976 PPPOE_LOCK(sc, RW_READER); 1977 if (sc->sc_state < PPPOE_STATE_SESSION) { 1978 PPPOE_UNLOCK(sc); 1979 m_freem(m); 1980 return ENOBUFS; 1981 } 1982 1983 len = m->m_pkthdr.len; 1984 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1985 if (m == NULL) { 1986 PPPOE_UNLOCK(sc); 1987 if_statinc(ifp, if_oerrors); 1988 return ENETDOWN; 1989 } 1990 p = mtod(m, uint8_t *); 1991 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1992 1993 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1994 1995 pppoe_output(sc, m); 1996 PPPOE_UNLOCK(sc); 1997 return 0; 1998 } 1999 #endif /* PPPOE_MPSAFE */ 2000 2001 static void 2002 pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 2003 { 2004 struct ifnet *ifp = arg2; 2005 struct pppoe_softc *sc; 2006 DECLARE_SPLNET_VARIABLE; 2007 2008 if (cmd != PFIL_IFNET_DETACH) 2009 return; 2010 2011 ACQUIRE_SPLNET(); 2012 rw_enter(&pppoe_softc_list_lock, RW_READER); 2013 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 2014 PPPOE_LOCK(sc, RW_WRITER); 2015 if (sc->sc_eth_if != ifp) { 2016 PPPOE_UNLOCK(sc); 2017 continue; 2018 } 2019 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 2020 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 2021 pppoe_printf(sc, 2022 "ethernet interface detached, going down\n"); 2023 } 2024 sc->sc_eth_if = NULL; 2025 pppoe_clear_softc(sc, "ethernet interface detached"); 2026 PPPOE_UNLOCK(sc); 2027 } 2028 rw_exit(&pppoe_softc_list_lock); 2029 RELEASE_SPLNET(); 2030 } 2031 2032 static void 2033 pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 2034 { 2035 KASSERT(PPPOE_WLOCKED(sc)); 2036 2037 /* stop timer */ 2038 callout_stop(&sc->sc_timeout); 2039 pppoe_printf(sc, "session 0x%x terminated, %s\n", 2040 sc->sc_session, message); 2041 2042 /* fix our state */ 2043 sc->sc_state = PPPOE_STATE_INITIAL; 2044 2045 PPPOE_UNLOCK(sc); 2046 2047 /* signal upper layer */ 2048 sc->sc_sppp.pp_down(&sc->sc_sppp); 2049 2050 PPPOE_LOCK(sc, RW_WRITER); 2051 2052 /* clean up softc */ 2053 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 2054 if (sc->sc_ac_cookie) { 2055 free(sc->sc_ac_cookie, M_DEVBUF); 2056 sc->sc_ac_cookie = NULL; 2057 } 2058 if (sc->sc_relay_sid) { 2059 free(sc->sc_relay_sid, M_DEVBUF); 2060 sc->sc_relay_sid = NULL; 2061 } 2062 sc->sc_ac_cookie_len = 0; 2063 sc->sc_session = 0; 2064 } 2065 2066 static void 2067 pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2068 { 2069 if (m->m_flags & M_PROMISC) { 2070 m_freem(m); 2071 return; 2072 } 2073 2074 #ifndef PPPOE_SERVER 2075 if (m->m_flags & (M_MCAST | M_BCAST)) { 2076 m_freem(m); 2077 return; 2078 } 2079 #endif 2080 2081 IFQ_LOCK(inq); 2082 if (IF_QFULL(inq)) { 2083 IF_DROP(inq); 2084 IFQ_UNLOCK(inq); 2085 m_freem(m); 2086 } else { 2087 IF_ENQUEUE(inq, m); 2088 IFQ_UNLOCK(inq); 2089 softint_schedule(pppoe_softintr); 2090 } 2091 return; 2092 } 2093 2094 void 2095 pppoe_input(struct ifnet *ifp, struct mbuf *m) 2096 { 2097 pppoe_enqueue(&ppoeinq, m); 2098 return; 2099 } 2100 2101 void 2102 pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2103 { 2104 pppoe_enqueue(&ppoediscinq, m); 2105 return; 2106 } 2107 2108 static void 2109 sysctl_net_pppoe_setup(struct sysctllog **clog) 2110 { 2111 const struct sysctlnode *node = NULL; 2112 2113 sysctl_createv(clog, 0, NULL, &node, 2114 CTLFLAG_PERMANENT, 2115 CTLTYPE_NODE, "pppoe", 2116 SYSCTL_DESCR("PPPOE protocol"), 2117 NULL, 0, NULL, 0, 2118 CTL_NET, CTL_CREATE, CTL_EOL); 2119 2120 if (node == NULL) 2121 return; 2122 2123 sysctl_createv(clog, 0, &node, NULL, 2124 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2125 CTLTYPE_BOOL, "term_unknown", 2126 SYSCTL_DESCR("Terminate unknown sessions"), 2127 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2128 CTL_CREATE, CTL_EOL); 2129 } 2130 2131 /* 2132 * Module infrastructure 2133 */ 2134 #include "if_module.h" 2135 2136 IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2137
Indexes created Mon Sep 29 21:09:56 GMT 2025