if_pppoe.c revision 1.173
1 /* $NetBSD: if_pppoe.c,v 1.173 2021/05/13 03:48:55 yamaguchi Exp $ */ 2 3 /* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin (at) NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.173 2021/05/13 03:48:55 yamaguchi Exp $"); 34 35 #ifdef _KERNEL_OPT 36 #include "pppoe.h" 37 #include "opt_pppoe.h" 38 #include "opt_net_mpsafe.h" 39 #endif 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/atomic.h> 45 #include <sys/callout.h> 46 #include <sys/malloc.h> 47 #include <sys/mbuf.h> 48 #include <sys/socket.h> 49 #include <sys/proc.h> 50 #include <sys/ioctl.h> 51 #include <sys/kauth.h> 52 #include <sys/intr.h> 53 #include <sys/socketvar.h> 54 #include <sys/device.h> 55 #include <sys/module.h> 56 #include <sys/sysctl.h> 57 #include <sys/rwlock.h> 58 #include <sys/mutex.h> 59 #include <sys/psref.h> 60 #include <sys/cprng.h> 61 #include <sys/workqueue.h> 62 63 #include <net/if.h> 64 #include <net/if_types.h> 65 #include <net/if_ether.h> 66 #include <net/if_sppp.h> 67 #include <net/if_spppvar.h> 68 #include <net/if_pppoe.h> 69 #include <net/if_dl.h> 70 71 #include <net/bpf.h> 72 73 #include "ioconf.h" 74 75 #ifdef NET_MPSAFE 76 #define PPPOE_MPSAFE 1 77 #endif 78 79 struct pppoehdr { 80 uint8_t vertype; 81 uint8_t code; 82 uint16_t session; 83 uint16_t plen; 84 } __packed; 85 86 struct pppoetag { 87 uint16_t tag; 88 uint16_t len; 89 } __packed; 90 91 #define PPPOE_HEADERLEN sizeof(struct pppoehdr) 92 #define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 93 #define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 94 95 #define PPPOE_TAG_EOL 0x0000 /* end of list */ 96 #define PPPOE_TAG_SNAME 0x0101 /* service name */ 97 #define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 98 #define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 99 #define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 100 #define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 101 #define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 102 #define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 103 #define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 104 #define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 105 #define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 106 107 #define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 108 #define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 109 #define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 110 #define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 111 #define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 112 113 /* two byte PPP protocol discriminator, then IP data */ 114 #define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 115 116 /* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 117 #define PPPOE_ADD_16(PTR, VAL) \ 118 *(PTR)++ = (VAL) / 256; \ 119 *(PTR)++ = (VAL) % 256 120 121 /* Add a complete PPPoE header to the buffer pointed to by PTR */ 122 #define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 123 *(PTR)++ = PPPOE_VERTYPE; \ 124 *(PTR)++ = (CODE); \ 125 PPPOE_ADD_16(PTR, SESS); \ 126 PPPOE_ADD_16(PTR, LEN) 127 128 #define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 129 #define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 130 #define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 131 #define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 132 #define PPPOE_RECON_PADTRCVD (hz*5) /* reconnect delay after PADT received */ 133 #define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 134 #define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 135 136 #ifdef PPPOE_SERVER 137 /* from if_spppsubr.c */ 138 #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 139 #endif 140 141 #define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 142 #define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 143 #define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 144 145 #ifdef PPPOE_MPSAFE 146 #define DECLARE_SPLNET_VARIABLE 147 #define ACQUIRE_SPLNET() do { } while (0) 148 #define RELEASE_SPLNET() do { } while (0) 149 #else 150 #define DECLARE_SPLNET_VARIABLE int __s 151 #define ACQUIRE_SPLNET() do { \ 152 __s = splnet(); \ 153 } while (0) 154 #define RELEASE_SPLNET() do { \ 155 splx(__s); \ 156 } while (0) 157 #endif 158 159 #ifdef PPPOE_DEBUG 160 #define DPRINTF(_sc, _fmt, _arg...) pppoe_printf((_sc), (_fmt), ##_arg) 161 #else 162 #define DPRINTF(_sc, _fmt, _arg...) __nothing 163 #endif 164 165 struct pppoe_softc { 166 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 167 LIST_ENTRY(pppoe_softc) sc_list; 168 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 169 170 uint64_t sc_id; /* id of this softc, our hunique */ 171 int sc_state; /* discovery phase or session connected */ 172 struct ether_addr sc_dest; /* hardware address of concentrator */ 173 uint16_t sc_session; /* PPPoE session id */ 174 175 char *sc_service_name; /* if != NULL: requested name of service */ 176 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 177 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 178 size_t sc_ac_cookie_len; /* length of cookie data */ 179 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 180 size_t sc_relay_sid_len; /* length of relay SID data */ 181 #ifdef PPPOE_SERVER 182 uint8_t *sc_hunique; /* content of host unique we must echo back */ 183 size_t sc_hunique_len; /* length of host unique */ 184 #endif 185 callout_t sc_timeout; /* timeout while not in session state */ 186 struct workqueue *sc_timeout_wq; /* workqueue for timeout */ 187 struct work sc_timeout_wk; 188 u_int sc_timeout_scheduled; 189 int sc_padi_retried; /* number of PADI retries already done */ 190 int sc_padr_retried; /* number of PADR retries already done */ 191 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 192 bool sc_detaching; 193 }; 194 195 /* incoming traffic will be queued here */ 196 struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 197 struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 198 199 void *pppoe_softintr = NULL; 200 static void pppoe_softintr_handler(void *); 201 202 extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 203 204 /* input routines */ 205 static void pppoeintr(void); 206 static void pppoe_disc_input(struct mbuf *); 207 static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 208 static void pppoe_data_input(struct mbuf *); 209 static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 210 211 /* management routines */ 212 static int pppoe_connect(struct pppoe_softc *); 213 static int pppoe_disconnect(struct pppoe_softc *); 214 static void pppoe_abort_connect(struct pppoe_softc *); 215 static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 216 static void pppoe_tls(struct sppp *); 217 static void pppoe_tlf(struct sppp *); 218 static void pppoe_start(struct ifnet *); 219 #ifdef PPPOE_MPSAFE 220 static int pppoe_transmit(struct ifnet *, struct mbuf *); 221 #endif 222 static void pppoe_clear_softc(struct pppoe_softc *, const char *); 223 static void pppoe_printf(struct pppoe_softc *, const char *, ...); 224 225 /* internal timeout handling */ 226 static void pppoe_timeout_co(void *); 227 static void pppoe_timeout_co_halt(void *); 228 static void pppoe_timeout_wk(struct work *, void *); 229 static void pppoe_timeout(struct pppoe_softc *); 230 231 /* sending actual protocol controll packets */ 232 static int pppoe_send_padi(struct pppoe_softc *); 233 static int pppoe_send_padr(struct pppoe_softc *); 234 #ifdef PPPOE_SERVER 235 static int pppoe_send_pado(struct pppoe_softc *); 236 static int pppoe_send_pads(struct pppoe_softc *); 237 #endif 238 static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 239 240 /* raw output */ 241 static int pppoe_output(struct pppoe_softc *, struct mbuf *); 242 243 /* internal helper functions */ 244 static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 245 krw_t); 246 static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 247 struct ifnet *, krw_t); 248 static struct mbuf *pppoe_get_mbuf(size_t len); 249 250 static void pppoe_ifattach_hook(void *, unsigned long, void *); 251 252 static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 253 static krwlock_t pppoe_softc_list_lock; 254 255 static int pppoe_clone_create(struct if_clone *, int); 256 static int pppoe_clone_destroy(struct ifnet *); 257 258 static bool pppoe_term_unknown = false; 259 static int pppoe_term_unknown_pps = 1; 260 261 static struct sysctllog *pppoe_sysctl_clog; 262 static void sysctl_net_pppoe_setup(struct sysctllog **); 263 264 static struct if_clone pppoe_cloner = 265 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 266 267 /* ARGSUSED */ 268 void 269 pppoeattach(int count) 270 { 271 272 /* 273 * Nothing to do here, initialization is handled by the 274 * module initialization code in pppoeinit() below). 275 */ 276 } 277 278 static void 279 pppoeinit(void) 280 { 281 282 LIST_INIT(&pppoe_softc_list); 283 rw_init(&pppoe_softc_list_lock); 284 if_clone_attach(&pppoe_cloner); 285 286 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 287 pppoe_softintr_handler, NULL); 288 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 289 290 IFQ_LOCK_INIT(&ppoediscinq); 291 IFQ_LOCK_INIT(&ppoeinq); 292 } 293 294 static int 295 pppoedetach(void) 296 { 297 int error = 0; 298 299 rw_enter(&pppoe_softc_list_lock, RW_READER); 300 if (!LIST_EMPTY(&pppoe_softc_list)) { 301 rw_exit(&pppoe_softc_list_lock); 302 error = EBUSY; 303 } 304 305 if (error == 0) { 306 if_clone_detach(&pppoe_cloner); 307 softint_disestablish(pppoe_softintr); 308 /* Remove our sysctl sub-tree */ 309 sysctl_teardown(&pppoe_sysctl_clog); 310 } 311 312 return error; 313 } 314 315 static void 316 pppoe_softc_genid(uint64_t *id) 317 { 318 struct pppoe_softc *sc; 319 uint64_t rndid; 320 321 rw_enter(&pppoe_softc_list_lock, RW_READER); 322 323 while (1) { 324 rndid = cprng_strong64(); 325 326 sc = NULL; 327 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 328 if (sc->sc_id == rndid) 329 break; 330 } 331 if (sc == NULL) { 332 break; 333 } 334 } 335 336 rw_exit(&pppoe_softc_list_lock); 337 *id = rndid; 338 } 339 340 static int 341 pppoe_clone_create(struct if_clone *ifc, int unit) 342 { 343 struct pppoe_softc *sc; 344 struct ifnet *ifp; 345 int rv; 346 347 sc = kmem_zalloc(sizeof(*sc), KM_SLEEP); 348 ifp = &sc->sc_sppp.pp_if; 349 350 rw_init(&sc->sc_lock); 351 pppoe_softc_genid(&sc->sc_id); 352 /* changed to real address later */ 353 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 354 355 if_initname(ifp, "pppoe", unit); 356 ifp->if_softc = sc; 357 ifp->if_mtu = PPPOE_MAXMTU; 358 ifp->if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 359 #ifdef PPPOE_MPSAFE 360 ifp->if_extflags = IFEF_MPSAFE; 361 #endif 362 ifp->if_type = IFT_PPP; 363 ifp->if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 364 ifp->if_dlt = DLT_PPP_ETHER; 365 ifp->if_ioctl = pppoe_ioctl; 366 ifp->if_start = pppoe_start; 367 #ifdef PPPOE_MPSAFE 368 ifp->if_transmit = pppoe_transmit; 369 #endif 370 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 371 IFQ_SET_READY(&ifp->if_snd); 372 373 sc->sc_sppp.pp_tls = pppoe_tls; 374 sc->sc_sppp.pp_tlf = pppoe_tlf; 375 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 376 PP_NOFRAMING; /* no serial encapsulation */ 377 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 378 379 rv = workqueue_create(&sc->sc_timeout_wq, 380 ifp->if_xname, pppoe_timeout_wk, sc, 381 PRI_SOFTNET, IPL_SOFTNET, 0); 382 if (rv != 0) 383 goto destroy_sclock; 384 385 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 386 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co, sc); 387 388 rv = if_initialize(ifp); 389 if (rv != 0) 390 goto destroy_timeout; 391 392 ifp->if_percpuq = if_percpuq_create(ifp); 393 394 rw_enter(&pppoe_softc_list_lock, RW_READER); 395 if (LIST_EMPTY(&pppoe_softc_list)) { 396 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 397 } 398 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 399 rw_exit(&pppoe_softc_list_lock); 400 401 sppp_attach(ifp); 402 bpf_attach(ifp, DLT_PPP_ETHER, 0); 403 if_register(ifp); 404 405 return 0; 406 407 destroy_timeout: 408 callout_destroy(&sc->sc_timeout); 409 workqueue_destroy(sc->sc_timeout_wq); 410 destroy_sclock: 411 rw_destroy(&sc->sc_lock); 412 kmem_free(sc, sizeof(*sc)); 413 414 return rv; 415 } 416 417 static int 418 pppoe_clone_destroy(struct ifnet *ifp) 419 { 420 struct pppoe_softc * sc = ifp->if_softc; 421 422 PPPOE_LOCK(sc, RW_WRITER); 423 /* stop ioctls */ 424 sc->sc_detaching = true; 425 426 if (ifp->if_flags & IFF_RUNNING) { 427 pppoe_clear_softc(sc, "destroy interface"); 428 sc->sc_eth_if = NULL; 429 } 430 PPPOE_UNLOCK(sc); 431 432 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 433 LIST_REMOVE(sc, sc_list); 434 435 if (LIST_EMPTY(&pppoe_softc_list)) { 436 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 437 } 438 rw_exit(&pppoe_softc_list_lock); 439 440 bpf_detach(ifp); 441 sppp_detach(&sc->sc_sppp.pp_if); 442 if_detach(ifp); 443 444 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co_halt, sc); 445 446 workqueue_wait(sc->sc_timeout_wq, &sc->sc_timeout_wk); 447 workqueue_destroy(sc->sc_timeout_wq); 448 449 callout_halt(&sc->sc_timeout, NULL); 450 callout_destroy(&sc->sc_timeout); 451 452 #ifdef PPPOE_SERVER 453 if (sc->sc_hunique) { 454 free(sc->sc_hunique, M_DEVBUF); 455 sc->sc_hunique = NULL; 456 sc->sc_hunique_len = 0; 457 } 458 #endif 459 if (sc->sc_concentrator_name) 460 free(sc->sc_concentrator_name, M_DEVBUF); 461 if (sc->sc_service_name) 462 free(sc->sc_service_name, M_DEVBUF); 463 if (sc->sc_ac_cookie) 464 free(sc->sc_ac_cookie, M_DEVBUF); 465 if (sc->sc_relay_sid) 466 free(sc->sc_relay_sid, M_DEVBUF); 467 468 rw_destroy(&sc->sc_lock); 469 470 kmem_free(sc, sizeof(*sc)); 471 472 return 0; 473 } 474 475 static void 476 pppoe_printf(struct pppoe_softc *sc, const char *fmt, ...) 477 { 478 va_list ap; 479 bool pppoe_debug; 480 481 #ifdef PPPOE_DEBUG 482 pppoe_debug = true; 483 #else 484 pppoe_debug = false; 485 #endif 486 487 if (sc == NULL) { 488 if (!pppoe_debug) 489 return; 490 491 printf("pppoe: "); 492 } else { 493 if (!ISSET(sc->sc_sppp.pp_if.if_flags, IFF_DEBUG)) 494 return; 495 496 printf("%s: ", sc->sc_sppp.pp_if.if_xname); 497 } 498 499 va_start(ap, fmt); 500 vprintf(fmt, ap); 501 va_end(ap); 502 } 503 504 /* 505 * Find the interface handling the specified session. 506 * Note: O(number of sessions open), this is a client-side only, mean 507 * and lean implementation, so number of open sessions typically should 508 * be 1. 509 */ 510 static struct pppoe_softc * 511 pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 512 { 513 struct pppoe_softc *sc = NULL; 514 515 if (session == 0) 516 return NULL; 517 rw_enter(&pppoe_softc_list_lock, RW_READER); 518 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 519 PPPOE_LOCK(sc, lock); 520 if ( sc->sc_state == PPPOE_STATE_SESSION 521 && sc->sc_session == session 522 && sc->sc_eth_if == rcvif) 523 break; 524 525 PPPOE_UNLOCK(sc); 526 } 527 rw_exit(&pppoe_softc_list_lock); 528 return sc; 529 } 530 531 /* Check host unique token passed and return appropriate softc pointer, 532 * or NULL if token is bogus. */ 533 static struct pppoe_softc * 534 pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 535 struct ifnet *rcvif, krw_t lock) 536 { 537 struct pppoe_softc *sc; 538 uint64_t t; 539 540 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 541 542 rw_enter(&pppoe_softc_list_lock, RW_READER); 543 if (LIST_EMPTY(&pppoe_softc_list)) { 544 rw_exit(&pppoe_softc_list_lock); 545 return NULL; 546 } 547 548 if (len != sizeof(sc->sc_id)) { 549 rw_exit(&pppoe_softc_list_lock); 550 return NULL; 551 } 552 memcpy(&t, token, len); 553 554 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 555 PPPOE_LOCK(sc, lock); 556 if (sc->sc_id == t && sc->sc_eth_if != NULL) { 557 break; 558 } 559 PPPOE_UNLOCK(sc); 560 } 561 rw_exit(&pppoe_softc_list_lock); 562 563 if (sc == NULL) { 564 pppoe_printf(NULL, "alien host unique tag" 565 ", no session found\n"); 566 return NULL; 567 } 568 569 /* should be safe to access *sc now */ 570 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 571 pppoe_printf(sc, "host unique tag found" 572 ", but it belongs to a connection in state %d\n", 573 sc->sc_state); 574 PPPOE_UNLOCK(sc); 575 return NULL; 576 } 577 if (sc->sc_eth_if != rcvif) { 578 pppoe_printf(sc, "wrong interface, not accepting host unique\n"); 579 PPPOE_UNLOCK(sc); 580 return NULL; 581 } 582 return sc; 583 } 584 585 static void 586 pppoe_softintr_handler(void *dummy) 587 { 588 /* called at splsoftnet() */ 589 pppoeintr(); 590 } 591 592 /* called at appropriate protection level */ 593 static void 594 pppoeintr(void) 595 { 596 struct mbuf *m; 597 int disc_done, data_done; 598 599 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 600 601 do { 602 disc_done = 0; 603 data_done = 0; 604 for (;;) { 605 IFQ_LOCK(&ppoediscinq); 606 IF_DEQUEUE(&ppoediscinq, m); 607 IFQ_UNLOCK(&ppoediscinq); 608 if (m == NULL) 609 break; 610 disc_done = 1; 611 pppoe_disc_input(m); 612 } 613 614 for (;;) { 615 IFQ_LOCK(&ppoeinq); 616 IF_DEQUEUE(&ppoeinq, m); 617 IFQ_UNLOCK(&ppoeinq); 618 if (m == NULL) 619 break; 620 data_done = 1; 621 pppoe_data_input(m); 622 } 623 } while (disc_done || data_done); 624 625 if (!IF_IS_EMPTY(&ppoediscinq) || !IF_IS_EMPTY(&ppoeinq)) 626 softint_schedule(pppoe_softintr); 627 628 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 629 } 630 631 /* analyze and handle a single received packet while not in session state */ 632 static void 633 pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 634 { 635 uint16_t tag, len; 636 uint16_t session, plen; 637 struct pppoe_softc *sc; 638 const char *err_msg; 639 char *error; 640 size_t dlen; 641 uint8_t *ac_cookie; 642 size_t ac_cookie_len; 643 uint8_t *relay_sid; 644 size_t relay_sid_len; 645 uint8_t *hunique; 646 size_t hunique_len; 647 struct pppoehdr *ph; 648 struct pppoetag *pt; 649 struct mbuf *n; 650 int noff, err, errortag; 651 struct ether_header *eh; 652 struct ifnet *rcvif; 653 struct psref psref; 654 655 if (m->m_len < sizeof(*eh)) { 656 m = m_pullup(m, sizeof(*eh)); 657 if (m == NULL) 658 goto done; 659 } 660 eh = mtod(m, struct ether_header *); 661 off += sizeof(*eh); 662 663 if (m->m_pkthdr.len - off < PPPOE_HEADERLEN) { 664 goto done; 665 } 666 667 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 668 if (ph == NULL) { 669 goto done; 670 } 671 if (ph->vertype != PPPOE_VERTYPE) { 672 goto done; 673 } 674 675 ac_cookie = NULL; 676 ac_cookie_len = 0; 677 relay_sid = NULL; 678 relay_sid_len = 0; 679 hunique = NULL; 680 hunique_len = 0; 681 682 session = ntohs(ph->session); 683 plen = ntohs(ph->plen); 684 off += sizeof(*ph); 685 686 if (plen + off > m->m_pkthdr.len) { 687 goto done; 688 } 689 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 690 691 tag = 0; 692 len = 0; 693 sc = NULL; 694 err_msg = NULL; 695 errortag = 0; 696 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 697 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 698 if (pt == NULL) { 699 goto done; 700 } 701 702 tag = ntohs(pt->tag); 703 len = ntohs(pt->len); 704 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 705 goto done; 706 } 707 switch (tag) { 708 case PPPOE_TAG_EOL: 709 goto breakbreak; 710 case PPPOE_TAG_SNAME: 711 break; /* ignored */ 712 case PPPOE_TAG_ACNAME: 713 if (len > 0) { 714 dlen = 4 * len + 1; 715 error = malloc(dlen, M_TEMP, M_NOWAIT); 716 if (error == NULL) 717 break; 718 719 n = m_pulldown(m, off + sizeof(*pt), len, 720 &noff); 721 if (!n) { 722 m = NULL; 723 free(error, M_TEMP); 724 goto done; 725 } 726 727 strnvisx(error, dlen, 728 mtod(n, char*) + noff, len, 729 VIS_SAFE | VIS_OCTAL); 730 pppoe_printf(NULL, "connected to %s\n", error); 731 free(error, M_TEMP); 732 } 733 break; /* ignored */ 734 case PPPOE_TAG_HUNIQUE: 735 if (hunique == NULL) { 736 n = m_pulldown(m, off + sizeof(*pt), len, 737 &noff); 738 if (!n) { 739 m = NULL; 740 err_msg = "TAG HUNIQUE ERROR"; 741 break; 742 } 743 744 hunique = mtod(n, uint8_t *) + noff; 745 hunique_len = len; 746 } 747 break; 748 case PPPOE_TAG_ACCOOKIE: 749 if (ac_cookie == NULL) { 750 n = m_pulldown(m, off + sizeof(*pt), len, 751 &noff); 752 if (!n) { 753 err_msg = "TAG ACCOOKIE ERROR"; 754 m = NULL; 755 break; 756 } 757 ac_cookie = mtod(n, char *) + noff; 758 ac_cookie_len = len; 759 } 760 break; 761 case PPPOE_TAG_RELAYSID: 762 if (relay_sid == NULL) { 763 n = m_pulldown(m, off + sizeof(*pt), len, 764 &noff); 765 if (!n) { 766 err_msg = "TAG RELAYSID ERROR"; 767 m = NULL; 768 break; 769 } 770 relay_sid = mtod(n, char *) + noff; 771 relay_sid_len = len; 772 } 773 break; 774 case PPPOE_TAG_SNAME_ERR: 775 err_msg = "SERVICE NAME ERROR"; 776 errortag = 1; 777 break; 778 case PPPOE_TAG_ACSYS_ERR: 779 err_msg = "AC SYSTEM ERROR"; 780 errortag = 1; 781 break; 782 case PPPOE_TAG_GENERIC_ERR: 783 err_msg = "GENERIC ERROR"; 784 errortag = 1; 785 break; 786 } 787 if (err_msg) { 788 error = NULL; 789 if (errortag && len) { 790 dlen = 4 * len + 1; 791 error = malloc(dlen, M_TEMP, 792 M_NOWAIT|M_ZERO); 793 n = m_pulldown(m, off + sizeof(*pt), len, 794 &noff); 795 if (!n) { 796 m = NULL; 797 } else if (error) { 798 strnvisx(error, dlen, 799 mtod(n, char*) + noff, len, 800 VIS_SAFE | VIS_OCTAL); 801 } 802 } 803 if (error) { 804 pppoe_printf(NULL, "%s: %s\n", err_msg, error); 805 free(error, M_TEMP); 806 } else 807 pppoe_printf(NULL, "%s\n", err_msg); 808 if (errortag || m == NULL) 809 goto done; 810 } 811 off += sizeof(*pt) + len; 812 } 813 breakbreak:; 814 815 switch (ph->code) { 816 case PPPOE_CODE_PADI: 817 #ifdef PPPOE_SERVER 818 /* 819 * got service name, concentrator name, and/or host unique. 820 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 821 */ 822 rw_enter(&pppoe_softc_list_lock, RW_READER); 823 if (LIST_EMPTY(&pppoe_softc_list)) { 824 rw_exit(&pppoe_softc_list_lock); 825 goto done; 826 } 827 828 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 829 PPPOE_LOCK(sc, RW_WRITER); 830 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 831 PPPOE_UNLOCK(sc); 832 continue; 833 } 834 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 835 PPPOE_UNLOCK(sc); 836 continue; 837 } 838 839 if (sc->sc_state == PPPOE_STATE_INITIAL) 840 break; 841 842 PPPOE_UNLOCK(sc); 843 } 844 rw_exit(&pppoe_softc_list_lock); 845 846 if (sc == NULL) { 847 goto done; 848 } 849 850 if (hunique) { 851 if (sc->sc_hunique) 852 free(sc->sc_hunique, M_DEVBUF); 853 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 854 M_DONTWAIT); 855 if (sc->sc_hunique == NULL) { 856 PPPOE_UNLOCK(sc); 857 goto done; 858 } 859 sc->sc_hunique_len = hunique_len; 860 memcpy(sc->sc_hunique, hunique, hunique_len); 861 } 862 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 863 sc->sc_state = PPPOE_STATE_PADO_SENT; 864 pppoe_send_pado(sc); 865 PPPOE_UNLOCK(sc); 866 break; 867 #endif /* PPPOE_SERVER */ 868 869 case PPPOE_CODE_PADR: 870 #ifdef PPPOE_SERVER 871 /* 872 * get sc from ac_cookie if IFF_PASSIVE 873 */ 874 if (ac_cookie == NULL) { 875 goto done; 876 } 877 878 rcvif = m_get_rcvif_psref(m, &psref); 879 if (__predict_true(rcvif != NULL)) { 880 sc = pppoe_find_softc_by_hunique(ac_cookie, 881 ac_cookie_len, rcvif, RW_WRITER); 882 } 883 m_put_rcvif_psref(rcvif, &psref); 884 if (sc == NULL) { 885 /* be quiet if there is not a single pppoe instance */ 886 rw_enter(&pppoe_softc_list_lock, RW_READER); 887 if (!LIST_EMPTY(&pppoe_softc_list)) { 888 pppoe_printf(NULL, "received PADR" 889 " but could not find request for it\n"); 890 } 891 rw_exit(&pppoe_softc_list_lock); 892 goto done; 893 } 894 895 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 896 pppoe_printf(sc, "received unexpected PADR\n"); 897 PPPOE_UNLOCK(sc); 898 goto done; 899 } 900 901 if (hunique) { 902 if (sc->sc_hunique) 903 free(sc->sc_hunique, M_DEVBUF); 904 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 905 M_DONTWAIT); 906 if (sc->sc_hunique == NULL) { 907 PPPOE_UNLOCK(sc); 908 goto done; 909 } 910 sc->sc_hunique_len = hunique_len; 911 memcpy(sc->sc_hunique, hunique, hunique_len); 912 } 913 pppoe_send_pads(sc); 914 sc->sc_state = PPPOE_STATE_SESSION; 915 PPPOE_UNLOCK(sc); 916 917 sc->sc_sppp.pp_up(&sc->sc_sppp); 918 break; 919 #else 920 /* ignore, we are no access concentrator */ 921 goto done; 922 #endif /* PPPOE_SERVER */ 923 924 case PPPOE_CODE_PADO: 925 rcvif = m_get_rcvif_psref(m, &psref); 926 if (__predict_false(rcvif == NULL)) 927 goto done; 928 929 if (hunique != NULL) { 930 sc = pppoe_find_softc_by_hunique(hunique, 931 hunique_len, rcvif, RW_WRITER); 932 } 933 934 m_put_rcvif_psref(rcvif, &psref); 935 936 if (sc == NULL) { 937 /* be quiet if there is not a single pppoe instance */ 938 rw_enter(&pppoe_softc_list_lock, RW_READER); 939 if (!LIST_EMPTY(&pppoe_softc_list)) { 940 pppoe_printf(NULL, "received PADO" 941 " but could not find request for it\n"); 942 } 943 rw_exit(&pppoe_softc_list_lock); 944 goto done; 945 } 946 947 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 948 pppoe_printf(sc, "received unexpected PADO\n"); 949 PPPOE_UNLOCK(sc); 950 goto done; 951 } 952 953 if (ac_cookie) { 954 if (sc->sc_ac_cookie) 955 free(sc->sc_ac_cookie, M_DEVBUF); 956 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 957 M_DONTWAIT); 958 if (sc->sc_ac_cookie == NULL) { 959 pppoe_printf(sc, "FATAL: could not allocate memory " 960 "for AC cookie\n"); 961 PPPOE_UNLOCK(sc); 962 goto done; 963 } 964 sc->sc_ac_cookie_len = ac_cookie_len; 965 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 966 } 967 if (relay_sid) { 968 if (sc->sc_relay_sid) 969 free(sc->sc_relay_sid, M_DEVBUF); 970 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 971 M_DONTWAIT); 972 if (sc->sc_relay_sid == NULL) { 973 pppoe_printf(sc, "FATAL: could not allocate memory " 974 "for relay SID\n"); 975 PPPOE_UNLOCK(sc); 976 goto done; 977 } 978 sc->sc_relay_sid_len = relay_sid_len; 979 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 980 } 981 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 982 callout_stop(&sc->sc_timeout); 983 sc->sc_padr_retried = 0; 984 sc->sc_state = PPPOE_STATE_PADR_SENT; 985 if ((err = pppoe_send_padr(sc)) != 0) { 986 pppoe_printf(sc, 987 "failed to send PADR, error=%d\n", err); 988 } 989 callout_schedule(&sc->sc_timeout, 990 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 991 992 PPPOE_UNLOCK(sc); 993 break; 994 995 case PPPOE_CODE_PADS: 996 rcvif = m_get_rcvif_psref(m, &psref); 997 if (__predict_false(rcvif == NULL)) 998 goto done; 999 1000 if (hunique != NULL) { 1001 sc = pppoe_find_softc_by_hunique(hunique, 1002 hunique_len, rcvif, RW_WRITER); 1003 } 1004 1005 m_put_rcvif_psref(rcvif, &psref); 1006 1007 if (sc == NULL) 1008 goto done; 1009 1010 if (memcmp(&sc->sc_dest, eh->ether_shost, 1011 sizeof sc->sc_dest) != 0) { 1012 goto done; 1013 } 1014 1015 sc->sc_session = session; 1016 callout_stop(&sc->sc_timeout); 1017 pppoe_printf(sc, "session 0x%x connected\n", session); 1018 sc->sc_state = PPPOE_STATE_SESSION; 1019 PPPOE_UNLOCK(sc); 1020 1021 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 1022 break; 1023 1024 case PPPOE_CODE_PADT: 1025 rcvif = m_get_rcvif_psref(m, &psref); 1026 if (__predict_false(rcvif == NULL)) 1027 goto done; 1028 1029 sc = pppoe_find_softc_by_session(session, rcvif, 1030 RW_WRITER); 1031 1032 m_put_rcvif_psref(rcvif, &psref); 1033 1034 if (sc == NULL) 1035 goto done; 1036 1037 if (memcmp(&sc->sc_dest, eh->ether_shost, 1038 sizeof sc->sc_dest) != 0) { 1039 goto done; 1040 } 1041 1042 pppoe_clear_softc(sc, "received PADT"); 1043 if (sc->sc_sppp.pp_if.if_flags & IFF_RUNNING) { 1044 pppoe_printf(sc, "wait for reconnect\n"); 1045 callout_schedule(&sc->sc_timeout, 1046 PPPOE_RECON_PADTRCVD); 1047 } 1048 PPPOE_UNLOCK(sc); 1049 break; 1050 1051 default: 1052 rcvif = m_get_rcvif_psref(m, &psref); 1053 if (__predict_false(rcvif == NULL)) 1054 goto done; 1055 1056 if (hunique != NULL) { 1057 sc = pppoe_find_softc_by_hunique(hunique, 1058 hunique_len, rcvif, RW_READER); 1059 } 1060 1061 m_put_rcvif_psref(rcvif, &psref); 1062 1063 pppoe_printf(sc, "unknown code (0x%04x) session = 0x%04x\n", 1064 ph->code, session); 1065 if (sc == NULL) 1066 goto done; 1067 PPPOE_UNLOCK(sc); 1068 break; 1069 } 1070 1071 done: 1072 if (m) 1073 m_freem(m); 1074 return; 1075 } 1076 1077 static void 1078 pppoe_disc_input(struct mbuf *m) 1079 { 1080 KASSERT(m->m_flags & M_PKTHDR); 1081 1082 /* 1083 * Avoid error messages if there is not a single PPPoE instance. 1084 */ 1085 rw_enter(&pppoe_softc_list_lock, RW_READER); 1086 if (!LIST_EMPTY(&pppoe_softc_list)) { 1087 rw_exit(&pppoe_softc_list_lock); 1088 pppoe_dispatch_disc_pkt(m, 0); 1089 } else { 1090 rw_exit(&pppoe_softc_list_lock); 1091 m_freem(m); 1092 } 1093 } 1094 1095 static bool 1096 pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1097 { 1098 1099 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1100 return true; 1101 1102 return false; 1103 } 1104 1105 static void 1106 pppoe_data_input(struct mbuf *m) 1107 { 1108 uint16_t session, plen; 1109 struct pppoe_softc *sc; 1110 struct pppoehdr *ph; 1111 struct ifnet *rcvif; 1112 struct psref psref; 1113 uint8_t shost[ETHER_ADDR_LEN]; 1114 uint8_t dhost[ETHER_ADDR_LEN]; 1115 bool term_unknown = pppoe_term_unknown; 1116 1117 KASSERT(m->m_flags & M_PKTHDR); 1118 1119 /* 1120 * Avoid error messages if there is not a single PPPoE instance. 1121 */ 1122 rw_enter(&pppoe_softc_list_lock, RW_READER); 1123 if (LIST_EMPTY(&pppoe_softc_list)) { 1124 rw_exit(&pppoe_softc_list_lock); 1125 goto drop; 1126 } 1127 rw_exit(&pppoe_softc_list_lock); 1128 1129 if (term_unknown) { 1130 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1131 ETHER_ADDR_LEN); 1132 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1133 ETHER_ADDR_LEN); 1134 } 1135 m_adj(m, sizeof(struct ether_header)); 1136 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1137 goto drop; 1138 } 1139 1140 if (m->m_len < sizeof(*ph)) { 1141 m = m_pullup(m, sizeof(*ph)); 1142 if (m == NULL) { 1143 return; 1144 } 1145 } 1146 ph = mtod(m, struct pppoehdr *); 1147 1148 if (ph->vertype != PPPOE_VERTYPE) { 1149 goto drop; 1150 } 1151 if (ph->code != 0) { 1152 goto drop; 1153 } 1154 1155 session = ntohs(ph->session); 1156 rcvif = m_get_rcvif_psref(m, &psref); 1157 if (__predict_false(rcvif == NULL)) 1158 goto drop; 1159 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1160 if (sc == NULL) { 1161 if (term_unknown) { 1162 static struct timeval lasttime = {0, 0}; 1163 static int curpps = 0; 1164 /* 1165 * avoid to send wrong PADT which is response from 1166 * session stage packets for other hosts when parent 1167 * ethernet is promiscuous mode. 1168 */ 1169 if (pppoe_is_my_frame(dhost, rcvif) && 1170 ppsratecheck(&lasttime, &curpps, 1171 pppoe_term_unknown_pps)) { 1172 pppoe_printf(NULL, "input for unknown session %#x, " 1173 "sending PADT\n", session); 1174 pppoe_send_padt(rcvif, session, shost); 1175 } 1176 } 1177 m_put_rcvif_psref(rcvif, &psref); 1178 goto drop; 1179 } 1180 1181 m_put_rcvif_psref(rcvif, &psref); 1182 1183 plen = ntohs(ph->plen); 1184 1185 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1186 1187 m_adj(m, PPPOE_HEADERLEN); 1188 1189 #ifdef PPPOE_DEBUG 1190 { 1191 struct mbuf *p; 1192 1193 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1194 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1195 p = m; 1196 while (p) { 1197 printf(" l=%d", p->m_len); 1198 p = p->m_next; 1199 } 1200 printf("\n"); 1201 } 1202 #endif 1203 PPPOE_UNLOCK(sc); 1204 1205 if (m->m_pkthdr.len < plen) 1206 goto drop; 1207 1208 /* ignore trailing garbage */ 1209 m_adj(m, plen - m->m_pkthdr.len); 1210 /* 1211 * Fix incoming interface pointer (not the raw ethernet interface 1212 * anymore) 1213 */ 1214 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1215 1216 /* pass packet up and account for it */ 1217 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1218 sppp_input(&sc->sc_sppp.pp_if, m); 1219 return; 1220 1221 drop: 1222 m_freem(m); 1223 } 1224 1225 static int 1226 pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1227 { 1228 struct sockaddr dst; 1229 struct ether_header *eh; 1230 uint16_t etype; 1231 1232 if (sc->sc_eth_if == NULL) { 1233 m_freem(m); 1234 return EIO; 1235 } 1236 1237 memset(&dst, 0, sizeof dst); 1238 dst.sa_family = AF_UNSPEC; 1239 eh = (struct ether_header*)&dst.sa_data; 1240 etype = sc->sc_state == PPPOE_STATE_SESSION 1241 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1242 eh->ether_type = htons(etype); 1243 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1244 1245 DPRINTF(sc, "(%x) state=%d, session=0x%x output -> %s, len=%d\n", 1246 etype, sc->sc_state, sc->sc_session, 1247 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1248 1249 m->m_flags &= ~(M_BCAST|M_MCAST); 1250 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1251 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1252 } 1253 1254 static int 1255 pppoe_parm_cpyinstr(struct pppoe_softc *sc, 1256 char **dst, const void *src, size_t len) 1257 { 1258 int error = 0; 1259 char *next = NULL; 1260 size_t bufsiz, cpysiz, strsiz; 1261 1262 bufsiz = len + 1; 1263 1264 if (src == NULL) 1265 goto out; 1266 1267 bufsiz = len + 1; 1268 next = malloc(bufsiz, M_DEVBUF, M_WAITOK); 1269 if (next == NULL) 1270 return ENOMEM; 1271 1272 error = copyinstr(src, next, bufsiz, &cpysiz); 1273 if (error != 0) 1274 goto fail; 1275 if (cpysiz != bufsiz) { 1276 error = EINVAL; 1277 goto fail; 1278 } 1279 1280 strsiz = strnlen(next, bufsiz); 1281 if (strsiz == bufsiz) { 1282 error = EINVAL; 1283 goto fail; 1284 } 1285 1286 out: 1287 PPPOE_LOCK(sc, RW_WRITER); 1288 if (*dst != NULL) 1289 free(*dst, M_DEVBUF); 1290 *dst = next; 1291 next = NULL; 1292 PPPOE_UNLOCK(sc); 1293 fail: 1294 if (next != NULL) 1295 free(next, M_DEVBUF); 1296 1297 return error; 1298 } 1299 1300 static int 1301 pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1302 { 1303 struct lwp *l = curlwp; /* XXX */ 1304 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1305 struct ifreq *ifr = data; 1306 int error = 0; 1307 1308 switch (cmd) { 1309 case PPPOESETPARMS: 1310 { 1311 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1312 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1313 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1314 NULL) != 0) 1315 return EPERM; 1316 if (parms->eth_ifname[0] != 0) { 1317 struct ifnet *eth_if; 1318 1319 PPPOE_LOCK(sc, RW_WRITER); 1320 if (sc->sc_detaching) { 1321 PPPOE_UNLOCK(sc); 1322 return ENXIO; 1323 } 1324 eth_if = ifunit(parms->eth_ifname); 1325 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1326 sc->sc_eth_if = NULL; 1327 PPPOE_UNLOCK(sc); 1328 return ENXIO; 1329 } 1330 1331 if (sc->sc_sppp.pp_if.if_mtu != 1332 eth_if->if_mtu - PPPOE_OVERHEAD) { 1333 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1334 PPPOE_OVERHEAD; 1335 } 1336 sc->sc_eth_if = eth_if; 1337 PPPOE_UNLOCK(sc); 1338 } 1339 1340 error = pppoe_parm_cpyinstr(sc, &sc->sc_concentrator_name, 1341 parms->ac_name, parms->ac_name_len); 1342 if (error != 0) 1343 return error; 1344 1345 error = pppoe_parm_cpyinstr(sc, &sc->sc_service_name, 1346 parms->service_name, parms->service_name_len); 1347 if (error != 0) 1348 return error; 1349 return 0; 1350 } 1351 break; 1352 case PPPOEGETPARMS: 1353 { 1354 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1355 memset(parms, 0, sizeof *parms); 1356 PPPOE_LOCK(sc, RW_READER); 1357 if (sc->sc_eth_if) 1358 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1359 sizeof(parms->ifname)); 1360 PPPOE_UNLOCK(sc); 1361 return 0; 1362 } 1363 break; 1364 case PPPOEGETSESSION: 1365 { 1366 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1367 PPPOE_LOCK(sc, RW_READER); 1368 state->state = sc->sc_state; 1369 state->session_id = sc->sc_session; 1370 state->padi_retry_no = sc->sc_padi_retried; 1371 state->padr_retry_no = sc->sc_padr_retried; 1372 PPPOE_UNLOCK(sc); 1373 return 0; 1374 } 1375 break; 1376 case SIOCSIFFLAGS: 1377 /* 1378 * Prevent running re-establishment timers overriding 1379 * administrators choice. 1380 */ 1381 PPPOE_LOCK(sc, RW_WRITER); 1382 if (sc->sc_detaching) { 1383 PPPOE_UNLOCK(sc); 1384 return ENXIO; 1385 } 1386 1387 if ((ifr->ifr_flags & IFF_UP) == 0 1388 && sc->sc_state < PPPOE_STATE_SESSION) { 1389 callout_stop(&sc->sc_timeout); 1390 sc->sc_state = PPPOE_STATE_INITIAL; 1391 sc->sc_padi_retried = 0; 1392 sc->sc_padr_retried = 0; 1393 memcpy(&sc->sc_dest, etherbroadcastaddr, 1394 sizeof(sc->sc_dest)); 1395 } 1396 1397 PPPOE_UNLOCK(sc); 1398 1399 error = sppp_ioctl(ifp, cmd, data); 1400 1401 return error; 1402 case SIOCSIFMTU: 1403 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1404 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1405 return EINVAL; 1406 } 1407 /*FALLTHROUGH*/ 1408 default: 1409 return sppp_ioctl(ifp, cmd, data); 1410 } 1411 return 0; 1412 } 1413 1414 /* 1415 * Allocate a mbuf/cluster with space to store the given data length 1416 * of payload, leaving space for prepending an ethernet header 1417 * in front. 1418 */ 1419 static struct mbuf * 1420 pppoe_get_mbuf(size_t len) 1421 { 1422 struct mbuf *m; 1423 1424 MGETHDR(m, M_DONTWAIT, MT_DATA); 1425 if (m == NULL) 1426 return NULL; 1427 if (len + sizeof(struct ether_header) > MHLEN) { 1428 MCLGET(m, M_DONTWAIT); 1429 if ((m->m_flags & M_EXT) == 0) { 1430 m_free(m); 1431 return NULL; 1432 } 1433 } 1434 m->m_data += sizeof(struct ether_header); 1435 m->m_len = len; 1436 m->m_pkthdr.len = len; 1437 m_reset_rcvif(m); 1438 1439 return m; 1440 } 1441 1442 static int 1443 pppoe_send_padi(struct pppoe_softc *sc) 1444 { 1445 struct mbuf *m0; 1446 int len, l1 = 0, l2 = 0; 1447 uint8_t *p; 1448 1449 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1450 panic("pppoe_send_padi in state %d", sc->sc_state); 1451 1452 /* Compute packet length. */ 1453 len = sizeof(struct pppoetag); 1454 if (sc->sc_service_name != NULL) { 1455 l1 = strlen(sc->sc_service_name); 1456 len += l1; 1457 } 1458 if (sc->sc_concentrator_name != NULL) { 1459 l2 = strlen(sc->sc_concentrator_name); 1460 len += sizeof(struct pppoetag) + l2; 1461 } 1462 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1463 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1464 len += sizeof(struct pppoetag) + 2; 1465 } 1466 1467 /* Allocate packet. */ 1468 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1469 if (m0 == NULL) 1470 return ENOBUFS; 1471 1472 /* Fill in packet. */ 1473 p = mtod(m0, uint8_t *); 1474 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1475 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1476 if (sc->sc_service_name != NULL) { 1477 PPPOE_ADD_16(p, l1); 1478 memcpy(p, sc->sc_service_name, l1); 1479 p += l1; 1480 } else { 1481 PPPOE_ADD_16(p, 0); 1482 } 1483 if (sc->sc_concentrator_name != NULL) { 1484 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1485 PPPOE_ADD_16(p, l2); 1486 memcpy(p, sc->sc_concentrator_name, l2); 1487 p += l2; 1488 } 1489 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1490 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1491 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1492 p += sizeof(sc->sc_id); 1493 1494 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1495 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1496 PPPOE_ADD_16(p, 2); 1497 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1498 } 1499 1500 #ifdef PPPOE_DEBUG 1501 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1502 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1503 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1504 #endif 1505 1506 /* Send packet. */ 1507 return pppoe_output(sc, m0); 1508 } 1509 1510 static void 1511 pppoe_timeout_co(void *arg) 1512 { 1513 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1514 1515 if (atomic_swap_uint(&sc->sc_timeout_scheduled, 1) != 0) 1516 return; 1517 1518 workqueue_enqueue(sc->sc_timeout_wq, &sc->sc_timeout_wk, NULL); 1519 } 1520 1521 static void 1522 pppoe_timeout_co_halt(void *unused __unused) 1523 { 1524 1525 /* do nothing to halt callout safely */ 1526 } 1527 1528 static void 1529 pppoe_timeout_wk(struct work *wk __unused, void *arg) 1530 { 1531 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1532 1533 atomic_swap_uint(&sc->sc_timeout_scheduled, 0); 1534 pppoe_timeout(sc); 1535 } 1536 1537 static void 1538 pppoe_timeout(struct pppoe_softc *sc) 1539 { 1540 int retry_wait, err; 1541 DECLARE_SPLNET_VARIABLE; 1542 1543 pppoe_printf(sc, "timeout\n"); 1544 1545 PPPOE_LOCK(sc, RW_WRITER); 1546 switch (sc->sc_state) { 1547 case PPPOE_STATE_INITIAL: 1548 /* delayed connect from pppoe_tls() */ 1549 if (!sc->sc_detaching) 1550 pppoe_connect(sc); 1551 break; 1552 case PPPOE_STATE_PADI_SENT: 1553 /* 1554 * We have two basic ways of retrying: 1555 * - Quick retry mode: try a few times in short sequence 1556 * - Slow retry mode: we already had a connection successfully 1557 * established and will try infinitely (without user 1558 * intervention) 1559 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1560 * is not set. 1561 */ 1562 1563 /* initialize for quick retry mode */ 1564 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1565 1566 ACQUIRE_SPLNET(); 1567 sc->sc_padi_retried++; 1568 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1569 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1570 /* slow retry mode */ 1571 retry_wait = PPPOE_SLOW_RETRY; 1572 } else { 1573 pppoe_abort_connect(sc); 1574 RELEASE_SPLNET(); 1575 PPPOE_UNLOCK(sc); 1576 return; 1577 } 1578 } 1579 if ((err = pppoe_send_padi(sc)) != 0) { 1580 sc->sc_padi_retried--; 1581 pppoe_printf(sc, 1582 "failed to transmit PADI, error=%d\n", err); 1583 } 1584 callout_schedule(&sc->sc_timeout,retry_wait); 1585 RELEASE_SPLNET(); 1586 break; 1587 1588 case PPPOE_STATE_PADR_SENT: 1589 ACQUIRE_SPLNET(); 1590 sc->sc_padr_retried++; 1591 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1592 memcpy(&sc->sc_dest, etherbroadcastaddr, 1593 sizeof(sc->sc_dest)); 1594 sc->sc_state = PPPOE_STATE_PADI_SENT; 1595 sc->sc_padi_retried = 0; 1596 sc->sc_padr_retried = 0; 1597 if ((err = pppoe_send_padi(sc)) != 0) { 1598 pppoe_printf(sc, 1599 "failed to send PADI, error=%d\n", err); 1600 } 1601 callout_schedule(&sc->sc_timeout, 1602 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1603 RELEASE_SPLNET(); 1604 PPPOE_UNLOCK(sc); 1605 return; 1606 } 1607 if ((err = pppoe_send_padr(sc)) != 0) { 1608 sc->sc_padr_retried--; 1609 pppoe_printf(sc,"failed to send PADR, error=%d", err); 1610 } 1611 callout_schedule(&sc->sc_timeout, 1612 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1613 RELEASE_SPLNET(); 1614 break; 1615 case PPPOE_STATE_CLOSING: 1616 pppoe_disconnect(sc); 1617 break; 1618 default: 1619 PPPOE_UNLOCK(sc); 1620 return; /* all done, work in peace */ 1621 } 1622 PPPOE_UNLOCK(sc); 1623 } 1624 1625 /* Start a connection (i.e. initiate discovery phase) */ 1626 static int 1627 pppoe_connect(struct pppoe_softc *sc) 1628 { 1629 int err; 1630 DECLARE_SPLNET_VARIABLE; 1631 1632 KASSERT(PPPOE_WLOCKED(sc)); 1633 1634 if (sc->sc_state != PPPOE_STATE_INITIAL) 1635 return EBUSY; 1636 1637 #ifdef PPPOE_SERVER 1638 /* wait PADI if IFF_PASSIVE */ 1639 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1640 return 0; 1641 #endif 1642 ACQUIRE_SPLNET(); 1643 /* save state, in case we fail to send PADI */ 1644 sc->sc_state = PPPOE_STATE_PADI_SENT; 1645 sc->sc_padi_retried = 0; 1646 sc->sc_padr_retried = 0; 1647 err = pppoe_send_padi(sc); 1648 if (err != 0) 1649 pppoe_printf(sc, "failed to send PADI, error=%d\n", err); 1650 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1651 RELEASE_SPLNET(); 1652 return err; 1653 } 1654 1655 /* disconnect */ 1656 static int 1657 pppoe_disconnect(struct pppoe_softc *sc) 1658 { 1659 int err; 1660 DECLARE_SPLNET_VARIABLE; 1661 1662 KASSERT(PPPOE_WLOCKED(sc)); 1663 1664 ACQUIRE_SPLNET(); 1665 1666 if (sc->sc_state < PPPOE_STATE_SESSION) 1667 err = EBUSY; 1668 else { 1669 pppoe_printf(sc, "disconnecting\n"); 1670 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1671 (const uint8_t *)&sc->sc_dest); 1672 } 1673 1674 /* cleanup softc */ 1675 sc->sc_state = PPPOE_STATE_INITIAL; 1676 1677 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1678 if (sc->sc_ac_cookie) { 1679 free(sc->sc_ac_cookie, M_DEVBUF); 1680 sc->sc_ac_cookie = NULL; 1681 } 1682 sc->sc_ac_cookie_len = 0; 1683 if (sc->sc_relay_sid) { 1684 free(sc->sc_relay_sid, M_DEVBUF); 1685 sc->sc_relay_sid = NULL; 1686 } 1687 sc->sc_relay_sid_len = 0; 1688 #ifdef PPPOE_SERVER 1689 if (sc->sc_hunique) { 1690 free(sc->sc_hunique, M_DEVBUF); 1691 sc->sc_hunique = NULL; 1692 } 1693 sc->sc_hunique_len = 0; 1694 #endif 1695 sc->sc_session = 0; 1696 1697 PPPOE_UNLOCK(sc); 1698 1699 /* notify upper layer */ 1700 sc->sc_sppp.pp_down(&sc->sc_sppp); 1701 1702 PPPOE_LOCK(sc, RW_WRITER); 1703 1704 RELEASE_SPLNET(); 1705 return err; 1706 } 1707 1708 /* Connection attempt aborted */ 1709 static void 1710 pppoe_abort_connect(struct pppoe_softc *sc) 1711 { 1712 KASSERT(PPPOE_WLOCKED(sc)); 1713 1714 pppoe_printf(sc, "could not establish connection\n"); 1715 sc->sc_state = PPPOE_STATE_CLOSING; 1716 1717 PPPOE_UNLOCK(sc); 1718 1719 /* notify upper layer */ 1720 sc->sc_sppp.pp_down(&sc->sc_sppp); 1721 1722 PPPOE_LOCK(sc, RW_WRITER); 1723 1724 /* clear connection state */ 1725 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1726 sc->sc_state = PPPOE_STATE_INITIAL; 1727 } 1728 1729 static int 1730 pppoe_send_padr(struct pppoe_softc *sc) 1731 { 1732 struct mbuf *m0; 1733 uint8_t *p; 1734 size_t len, l1 = 0; 1735 1736 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1737 return EIO; 1738 1739 /* Compute packet length. */ 1740 len = sizeof(struct pppoetag); 1741 if (sc->sc_service_name != NULL) { 1742 l1 = strlen(sc->sc_service_name); 1743 len += l1; 1744 } 1745 if (sc->sc_ac_cookie_len > 0) { 1746 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1747 } 1748 if (sc->sc_relay_sid_len > 0) { 1749 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1750 } 1751 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1752 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1753 len += sizeof(struct pppoetag) + 2; 1754 } 1755 1756 /* Allocate packet. */ 1757 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1758 if (m0 == NULL) 1759 return ENOBUFS; 1760 1761 /* Fill in packet. */ 1762 p = mtod(m0, uint8_t *); 1763 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1764 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1765 if (sc->sc_service_name != NULL) { 1766 PPPOE_ADD_16(p, l1); 1767 memcpy(p, sc->sc_service_name, l1); 1768 p += l1; 1769 } else { 1770 PPPOE_ADD_16(p, 0); 1771 } 1772 if (sc->sc_ac_cookie_len > 0) { 1773 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1774 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1775 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1776 p += sc->sc_ac_cookie_len; 1777 } 1778 if (sc->sc_relay_sid_len > 0) { 1779 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1780 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1781 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1782 p += sc->sc_relay_sid_len; 1783 } 1784 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1785 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1786 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1787 p += sizeof(sc->sc_id); 1788 1789 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1790 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1791 PPPOE_ADD_16(p, 2); 1792 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1793 } 1794 1795 #ifdef PPPOE_DEBUG 1796 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1797 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1798 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1799 #endif 1800 1801 /* Send packet. */ 1802 return pppoe_output(sc, m0); 1803 } 1804 1805 /* send a PADT packet */ 1806 static int 1807 pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1808 { 1809 struct ether_header *eh; 1810 struct sockaddr dst; 1811 struct mbuf *m0; 1812 uint8_t *p; 1813 1814 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1815 if (!m0) 1816 return EIO; 1817 p = mtod(m0, uint8_t *); 1818 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1819 1820 memset(&dst, 0, sizeof dst); 1821 dst.sa_family = AF_UNSPEC; 1822 eh = (struct ether_header*)&dst.sa_data; 1823 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1824 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1825 1826 m0->m_flags &= ~(M_BCAST|M_MCAST); 1827 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1828 } 1829 1830 #ifdef PPPOE_SERVER 1831 static int 1832 pppoe_send_pado(struct pppoe_softc *sc) 1833 { 1834 struct mbuf *m0; 1835 uint8_t *p; 1836 size_t len; 1837 1838 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1839 return EIO; 1840 1841 /* Include AC cookie. */ 1842 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1843 /* Include hunique. */ 1844 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1845 1846 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1847 if (!m0) 1848 return EIO; 1849 p = mtod(m0, uint8_t *); 1850 1851 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1852 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1853 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1854 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1855 p += sizeof(sc->sc_id); 1856 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1857 PPPOE_ADD_16(p, sc->sc_hunique_len); 1858 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1859 return pppoe_output(sc, m0); 1860 } 1861 1862 static int 1863 pppoe_send_pads(struct pppoe_softc *sc) 1864 { 1865 struct bintime bt; 1866 struct mbuf *m0; 1867 uint8_t *p; 1868 size_t len, l1 = 0; /* XXX: gcc */ 1869 1870 KASSERT(PPPOE_WLOCKED(sc)); 1871 1872 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1873 return EIO; 1874 1875 getbinuptime(&bt); 1876 sc->sc_session = bt.sec % 0xff + 1; 1877 1878 /* Include service name. */ 1879 len = sizeof(struct pppoetag); 1880 if (sc->sc_service_name != NULL) { 1881 l1 = strlen(sc->sc_service_name); 1882 len += l1; 1883 } 1884 /* Include hunique. */ 1885 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1886 1887 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1888 if (!m0) 1889 return ENOBUFS; 1890 p = mtod(m0, uint8_t *); 1891 1892 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1893 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1894 if (sc->sc_service_name != NULL) { 1895 PPPOE_ADD_16(p, l1); 1896 memcpy(p, sc->sc_service_name, l1); 1897 p += l1; 1898 } else { 1899 PPPOE_ADD_16(p, 0); 1900 } 1901 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1902 PPPOE_ADD_16(p, sc->sc_hunique_len); 1903 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1904 return pppoe_output(sc, m0); 1905 } 1906 #endif 1907 1908 static void 1909 pppoe_tls(struct sppp *sp) 1910 { 1911 struct pppoe_softc *sc = (void *)sp; 1912 int wtime; 1913 1914 PPPOE_LOCK(sc, RW_READER); 1915 1916 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1917 PPPOE_UNLOCK(sc); 1918 return; 1919 } 1920 1921 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1922 sc->sc_sppp.pp_auth_failures > 0) { 1923 /* 1924 * Delay trying to reconnect a bit more - the peer 1925 * might have failed to contact its radius server. 1926 */ 1927 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1928 if (wtime > PPPOE_SLOW_RETRY) 1929 wtime = PPPOE_SLOW_RETRY; 1930 } else { 1931 wtime = PPPOE_RECON_IMMEDIATE; 1932 } 1933 callout_schedule(&sc->sc_timeout, wtime); 1934 1935 PPPOE_UNLOCK(sc); 1936 } 1937 1938 static void 1939 pppoe_tlf(struct sppp *sp) 1940 { 1941 struct pppoe_softc *sc = (void *)sp; 1942 1943 PPPOE_LOCK(sc, RW_WRITER); 1944 1945 if (sc->sc_state < PPPOE_STATE_SESSION) { 1946 callout_stop(&sc->sc_timeout); 1947 sc->sc_state = PPPOE_STATE_INITIAL; 1948 sc->sc_padi_retried = 0; 1949 sc->sc_padr_retried = 0; 1950 memcpy(&sc->sc_dest, etherbroadcastaddr, 1951 sizeof(sc->sc_dest)); 1952 PPPOE_UNLOCK(sc); 1953 return; 1954 } 1955 1956 /* 1957 * Do not call pppoe_disconnect here, the upper layer state 1958 * machine gets confused by this. We must return from this 1959 * function and defer disconnecting to the timeout handler. 1960 */ 1961 sc->sc_state = PPPOE_STATE_CLOSING; 1962 1963 callout_schedule(&sc->sc_timeout, hz/50); 1964 1965 PPPOE_UNLOCK(sc); 1966 } 1967 1968 static void 1969 pppoe_start(struct ifnet *ifp) 1970 { 1971 struct pppoe_softc *sc = (void *)ifp; 1972 struct mbuf *m; 1973 uint8_t *p; 1974 size_t len; 1975 1976 if (sppp_isempty(ifp)) 1977 return; 1978 1979 /* are we ready to process data yet? */ 1980 PPPOE_LOCK(sc, RW_READER); 1981 if (sc->sc_state < PPPOE_STATE_SESSION) { 1982 sppp_flush(&sc->sc_sppp.pp_if); 1983 PPPOE_UNLOCK(sc); 1984 return; 1985 } 1986 1987 while ((m = sppp_dequeue(ifp)) != NULL) { 1988 len = m->m_pkthdr.len; 1989 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1990 if (m == NULL) { 1991 if_statinc(ifp, if_oerrors); 1992 continue; 1993 } 1994 p = mtod(m, uint8_t *); 1995 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1996 1997 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1998 1999 pppoe_output(sc, m); 2000 } 2001 PPPOE_UNLOCK(sc); 2002 } 2003 2004 #ifdef PPPOE_MPSAFE 2005 static int 2006 pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 2007 { 2008 struct pppoe_softc *sc = (void *)ifp; 2009 uint8_t *p; 2010 size_t len; 2011 2012 if (m == NULL) 2013 return EINVAL; 2014 2015 /* are we ready to process data yet? */ 2016 PPPOE_LOCK(sc, RW_READER); 2017 if (sc->sc_state < PPPOE_STATE_SESSION) { 2018 PPPOE_UNLOCK(sc); 2019 m_freem(m); 2020 return ENOBUFS; 2021 } 2022 2023 len = m->m_pkthdr.len; 2024 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 2025 if (m == NULL) { 2026 PPPOE_UNLOCK(sc); 2027 if_statinc(ifp, if_oerrors); 2028 return ENETDOWN; 2029 } 2030 p = mtod(m, uint8_t *); 2031 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 2032 2033 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 2034 2035 pppoe_output(sc, m); 2036 PPPOE_UNLOCK(sc); 2037 return 0; 2038 } 2039 #endif /* PPPOE_MPSAFE */ 2040 2041 static void 2042 pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 2043 { 2044 struct ifnet *ifp = arg2; 2045 struct pppoe_softc *sc; 2046 DECLARE_SPLNET_VARIABLE; 2047 2048 if (cmd != PFIL_IFNET_DETACH) 2049 return; 2050 2051 ACQUIRE_SPLNET(); 2052 rw_enter(&pppoe_softc_list_lock, RW_READER); 2053 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 2054 PPPOE_LOCK(sc, RW_WRITER); 2055 if (sc->sc_eth_if != ifp) { 2056 PPPOE_UNLOCK(sc); 2057 continue; 2058 } 2059 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 2060 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 2061 pppoe_printf(sc, 2062 "ethernet interface detached, going down\n"); 2063 } 2064 sc->sc_eth_if = NULL; 2065 pppoe_clear_softc(sc, "ethernet interface detached"); 2066 PPPOE_UNLOCK(sc); 2067 } 2068 rw_exit(&pppoe_softc_list_lock); 2069 RELEASE_SPLNET(); 2070 } 2071 2072 static void 2073 pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 2074 { 2075 KASSERT(PPPOE_WLOCKED(sc)); 2076 2077 /* stop timer */ 2078 callout_stop(&sc->sc_timeout); 2079 pppoe_printf(sc, "session 0x%x terminated, %s\n", 2080 sc->sc_session, message); 2081 2082 /* fix our state */ 2083 sc->sc_state = PPPOE_STATE_INITIAL; 2084 2085 PPPOE_UNLOCK(sc); 2086 2087 /* signal upper layer */ 2088 sc->sc_sppp.pp_down(&sc->sc_sppp); 2089 2090 PPPOE_LOCK(sc, RW_WRITER); 2091 2092 /* clean up softc */ 2093 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 2094 if (sc->sc_ac_cookie) { 2095 free(sc->sc_ac_cookie, M_DEVBUF); 2096 sc->sc_ac_cookie = NULL; 2097 } 2098 if (sc->sc_relay_sid) { 2099 free(sc->sc_relay_sid, M_DEVBUF); 2100 sc->sc_relay_sid = NULL; 2101 } 2102 sc->sc_ac_cookie_len = 0; 2103 sc->sc_session = 0; 2104 } 2105 2106 static void 2107 pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2108 { 2109 if (m->m_flags & M_PROMISC) { 2110 m_freem(m); 2111 return; 2112 } 2113 2114 #ifndef PPPOE_SERVER 2115 if (m->m_flags & (M_MCAST | M_BCAST)) { 2116 m_freem(m); 2117 return; 2118 } 2119 #endif 2120 2121 IFQ_LOCK(inq); 2122 if (IF_QFULL(inq)) { 2123 IF_DROP(inq); 2124 IFQ_UNLOCK(inq); 2125 m_freem(m); 2126 } else { 2127 IF_ENQUEUE(inq, m); 2128 IFQ_UNLOCK(inq); 2129 softint_schedule(pppoe_softintr); 2130 } 2131 return; 2132 } 2133 2134 void 2135 pppoe_input(struct ifnet *ifp, struct mbuf *m) 2136 { 2137 pppoe_enqueue(&ppoeinq, m); 2138 return; 2139 } 2140 2141 void 2142 pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2143 { 2144 pppoe_enqueue(&ppoediscinq, m); 2145 return; 2146 } 2147 2148 static void 2149 sysctl_net_pppoe_setup(struct sysctllog **clog) 2150 { 2151 const struct sysctlnode *node = NULL; 2152 2153 sysctl_createv(clog, 0, NULL, &node, 2154 CTLFLAG_PERMANENT, 2155 CTLTYPE_NODE, "pppoe", 2156 SYSCTL_DESCR("PPPOE protocol"), 2157 NULL, 0, NULL, 0, 2158 CTL_NET, CTL_CREATE, CTL_EOL); 2159 2160 if (node == NULL) 2161 return; 2162 2163 sysctl_createv(clog, 0, &node, NULL, 2164 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2165 CTLTYPE_BOOL, "term_unknown", 2166 SYSCTL_DESCR("Terminate unknown sessions"), 2167 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2168 CTL_CREATE, CTL_EOL); 2169 } 2170 2171 /* 2172 * Module infrastructure 2173 */ 2174 #include "if_module.h" 2175 2176 IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2177
Indexes created Mon Sep 29 21:09:56 GMT 2025