1/* 2 * Copyright (c) 2002 Apple Computer, Inc. All rights reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25#include <sys/systm.h> 26#include <sys/malloc.h> 27#include <sys/mbuf.h> 28#include <sys/socket.h> 29#include <sys/syslog.h> 30#include <sys/protosw.h> 31#include <kern/locks.h> 32 33#include <net/if_types.h> 34#include <net/dlil.h> 35 36#include "../../../Family/ppp_defs.h" 37#include "../../../Family/if_ppplink.h" 38#include "../../../Family/if_ppp.h" 39#include "../../../Family/ppp_domain.h" 40 41 42#include "l2tpk.h" 43#include "l2tp_proto.h" 44#include "l2tp_rfc.h" 45#include "l2tp_wan.h" 46 47 48/* ----------------------------------------------------------------------------- 49Definitions 50----------------------------------------------------------------------------- */ 51/* Wcast-align fix - cast away alignment warning when buffer is aligned */ 52#define ALIGNED_CAST(type) (type)(void *) 53 54 55/* ----------------------------------------------------------------------------- 56Declarations 57----------------------------------------------------------------------------- */ 58 59void l2tp_init(); 60int l2tp_ctloutput(struct socket *so, struct sockopt *sopt); 61int l2tp_usrreq(); 62 63int l2tp_attach(struct socket *, int, struct proc *); 64int l2tp_detach(struct socket *); 65int l2tp_control(struct socket *so, u_long cmd, caddr_t data, 66 struct ifnet *ifp, struct proc *p); 67 68int l2tp_send(struct socket *so, int flags, mbuf_t m, struct sockaddr *addr, 69 mbuf_t control, struct proc *p); 70 71// callback from rfc layer 72int l2tp_input(void *data, mbuf_t m, struct sockaddr *from, int more); 73void l2tp_event(void *data, u_int32_t event, void *msg); 74 75/* ----------------------------------------------------------------------------- 76Globals 77----------------------------------------------------------------------------- */ 78struct pr_usrreqs l2tp_usr; /* pr_usrreqs extension to the protosw */ 79struct protosw l2tp; /* describe the protocol switch */ 80 81extern lck_mtx_t *ppp_domain_mutex; 82 83/* ----------------------------------------------------------------------------- 84-------------------------------------------------------------------------------- 85-------------------------------------------------------------------------------- 86----------- Admistrative functions, called by ppp_domain ----------------------- 87-------------------------------------------------------------------------------- 88-------------------------------------------------------------------------------- 89----------------------------------------------------------------------------- */ 90 91/* ----------------------------------------------------------------------------- 92 L2TP Timer, at 500 ms. Replaces l2tp_slowtimo, which is deprecated. 93 ----------------------------------------------------------------------------- */ 94static uint8_t l2tp_timer_thread_is_dying = 0; /* > 0 if dying */ 95static uint8_t l2tp_timer_thread_is_dead = 0; /* > 0 if dead */ 96static void l2tp_timer() 97{ 98 struct timespec ts = {0}; 99 100 /* timeout of 500 ms */ 101 ts.tv_nsec = 500 * 1000 * 1000; 102 ts.tv_sec = 0; 103 104 lck_mtx_lock(ppp_domain_mutex); 105 while (TRUE) { 106 if (l2tp_timer_thread_is_dying > 0) { 107 break; 108 } 109 110 l2tp_rfc_slowtimer(); 111 112 msleep(&l2tp_timer_thread_is_dying, ppp_domain_mutex, PSOCK, "l2tp_timer_sleep", &ts); 113 } 114 115 l2tp_timer_thread_is_dead++; 116 wakeup(&l2tp_timer_thread_is_dead); 117 lck_mtx_unlock(ppp_domain_mutex); 118 119 thread_terminate(current_thread()); 120} 121 122/* ----------------------------------------------------------------------------- 123Called when we need to add the L2TP protocol to the domain 124Typically, ppp_add is called by ppp_domain when we add the domain, 125but we can add the protocol anytime later, if the domain is present 126----------------------------------------------------------------------------- */ 127int l2tp_add(struct domain *domain) 128{ 129 int err; 130 thread_t l2tp_timer_thread = NULL; 131 132 bzero(&l2tp_usr, sizeof(struct pr_usrreqs)); 133 l2tp_usr.pru_abort = pru_abort_notsupp; 134 l2tp_usr.pru_accept = pru_accept_notsupp; 135 l2tp_usr.pru_attach = l2tp_attach; 136 l2tp_usr.pru_bind = pru_bind_notsupp; 137 l2tp_usr.pru_connect = pru_connect_notsupp; 138 l2tp_usr.pru_connect2 = pru_connect2_notsupp; 139 l2tp_usr.pru_control = l2tp_control; 140 l2tp_usr.pru_detach = l2tp_detach; 141 l2tp_usr.pru_disconnect = pru_disconnect_notsupp; 142 l2tp_usr.pru_listen = pru_listen_notsupp; 143 l2tp_usr.pru_peeraddr = pru_peeraddr_notsupp; 144 l2tp_usr.pru_rcvd = pru_rcvd_notsupp; 145 l2tp_usr.pru_rcvoob = pru_rcvoob_notsupp; 146 l2tp_usr.pru_send = (int (*)(struct socket *, int, struct mbuf *, 147 struct sockaddr *, struct mbuf *, struct proc *))l2tp_send; 148 l2tp_usr.pru_sense = pru_sense_null; 149 l2tp_usr.pru_shutdown = pru_shutdown_notsupp; 150 l2tp_usr.pru_sockaddr = pru_sockaddr_notsupp; 151 l2tp_usr.pru_sosend = sosend; 152 l2tp_usr.pru_soreceive = soreceive; 153 l2tp_usr.pru_sopoll = pru_sopoll_notsupp; 154 155 156 bzero(&l2tp, sizeof(struct protosw)); 157 l2tp.pr_type = SOCK_DGRAM; 158 l2tp.pr_domain = domain; 159 l2tp.pr_protocol = PPPPROTO_L2TP; 160 l2tp.pr_flags = PR_ATOMIC | PR_ADDR | PR_PROTOLOCK; 161 l2tp.pr_ctloutput = l2tp_ctloutput; 162 l2tp.pr_init = l2tp_init; 163 164 l2tp.pr_usrreqs = &l2tp_usr; 165 166 /* Start timer thread */ 167 l2tp_timer_thread_is_dying = 0; 168 if (kernel_thread_start((thread_continue_t)l2tp_timer, NULL, &l2tp_timer_thread) == KERN_SUCCESS) { 169 thread_deallocate(l2tp_timer_thread); 170 } 171 172 err = net_add_proto(&l2tp, domain); 173 if (err) 174 return err; 175 176 return KERN_SUCCESS; 177} 178 179/* ----------------------------------------------------------------------------- 180Called when we need to remove the L2TP protocol from the domain 181----------------------------------------------------------------------------- */ 182int l2tp_remove(struct domain *domain) 183{ 184 int err; 185 186 lck_mtx_assert(ppp_domain_mutex, LCK_MTX_ASSERT_OWNED); 187 188 /* Cleanup timer thread */ 189 if (l2tp_timer_thread_is_dead == 0) { 190 l2tp_timer_thread_is_dying++; /* Tell thread to die */ 191 wakeup(&l2tp_timer_thread_is_dying); /* Wake thread */ 192 msleep(&l2tp_timer_thread_is_dead, ppp_domain_mutex, PSOCK, "l2tp_timer_sleep", 0); 193 } 194 195 err = net_del_proto(l2tp.pr_type, l2tp.pr_protocol, domain); 196 if (err) 197 return err; 198 199 // shall we test that all the pcbs have been freed ? 200 201 return KERN_SUCCESS; 202} 203 204/* ----------------------------------------------------------------------------- 205-------------------------------------------------------------------------------- 206-------------------------------------------------------------------------------- 207--------------------------- protosw functions ---------------------------------- 208-------------------------------------------------------------------------------- 209-------------------------------------------------------------------------------- 210----------------------------------------------------------------------------- */ 211 212/* ----------------------------------------------------------------------------- 213This function is called by socket layer when the protocol is added 214----------------------------------------------------------------------------- */ 215void l2tp_init() 216{ 217 //IOLog("l2tp_init\n"); 218} 219 220/* ----------------------------------------------------------------------------- 221This function is called by socket layer to handle get/set-socketoption 222----------------------------------------------------------------------------- */ 223int l2tp_ctloutput(struct socket *so, struct sockopt *sopt) 224{ 225 int error, optval; 226 u_int32_t lval, cmd = 0; 227 u_int16_t val; 228 u_char *addr; 229 230 lck_mtx_assert(ppp_domain_mutex, LCK_MTX_ASSERT_OWNED); 231 232 //IOLog("l2tp_ctloutput, so = %p\n", so); 233 234 error = optval = 0; 235 if (sopt->sopt_level != PPPPROTO_L2TP) { 236 return EINVAL; 237 } 238 239 switch (sopt->sopt_dir) { 240 case SOPT_SET: 241 switch (sopt->sopt_name) { 242 case L2TP_OPT_FLAGS: 243 case L2TP_OPT_BAUDRATE: 244 if (sopt->sopt_valsize != 4) 245 error = EMSGSIZE; 246 else if ((error = sooptcopyin(sopt, &lval, 4, 4)) == 0) { 247 switch (sopt->sopt_name) { 248 case L2TP_OPT_BAUDRATE: cmd = L2TP_CMD_SETBAUDRATE; break; 249 case L2TP_OPT_FLAGS: cmd = L2TP_CMD_SETFLAGS; break; 250 } 251 l2tp_rfc_command(so->so_pcb, cmd, &lval); 252 } 253 break; 254 case L2TP_OPT_ACCEPT: 255 if (sopt->sopt_valsize != 0) 256 error = EMSGSIZE; 257 else 258 l2tp_rfc_command(so->so_pcb, L2TP_CMD_ACCEPT, 0); 259 break; 260 case L2TP_OPT_OURADDRESS: 261 case L2TP_OPT_PEERADDRESS: 262 if (sopt->sopt_valsize < sizeof(struct sockaddr)) 263 error = EMSGSIZE; 264 else { 265 if ((addr = _MALLOC(sopt->sopt_valsize, M_TEMP, M_WAITOK)) == 0) 266 error = ENOMEM; 267 else { 268 if ((error = sooptcopyin(sopt, addr, sopt->sopt_valsize, sopt->sopt_valsize)) == 0) 269 error = l2tp_rfc_command(so->so_pcb, 270 sopt->sopt_name == L2TP_OPT_OURADDRESS ? L2TP_CMD_SETOURADDR : L2TP_CMD_SETPEERADDR, 271 addr); 272 _FREE(addr, M_TEMP); 273 } 274 } 275 break; 276 case L2TP_OPT_TUNNEL_ID: 277 case L2TP_OPT_PEER_TUNNEL_ID: 278 case L2TP_OPT_SESSION_ID: 279 case L2TP_OPT_PEER_SESSION_ID: 280 case L2TP_OPT_WINDOW: 281 case L2TP_OPT_PEER_WINDOW: 282 case L2TP_OPT_INITIAL_TIMEOUT: 283 case L2TP_OPT_TIMEOUT_CAP: 284 case L2TP_OPT_MAX_RETRIES: 285 case L2TP_OPT_RELIABILITY: 286 if (sopt->sopt_valsize != 2) 287 error = EMSGSIZE; 288 else if ((error = sooptcopyin(sopt, &val, 2, 2)) == 0) { 289 switch (sopt->sopt_name) { 290 case L2TP_OPT_TUNNEL_ID: cmd = L2TP_CMD_SETTUNNELID; break; 291 case L2TP_OPT_PEER_TUNNEL_ID: cmd = L2TP_CMD_SETPEERTUNNELID; break; 292 case L2TP_OPT_SESSION_ID: cmd = L2TP_CMD_SETSESSIONID; break; 293 case L2TP_OPT_PEER_SESSION_ID: cmd = L2TP_CMD_SETPEERSESSIONID; break; 294 case L2TP_OPT_WINDOW: cmd = L2TP_CMD_SETWINDOW; break; 295 case L2TP_OPT_PEER_WINDOW: cmd = L2TP_CMD_SETPEERWINDOW; break; 296 case L2TP_OPT_INITIAL_TIMEOUT: cmd = L2TP_CMD_SETTIMEOUT; break; 297 case L2TP_OPT_TIMEOUT_CAP: cmd = L2TP_CMD_SETTIMEOUTCAP; break; 298 case L2TP_OPT_MAX_RETRIES: cmd = L2TP_CMD_SETMAXRETRIES; break; 299 case L2TP_OPT_RELIABILITY: cmd = L2TP_CMD_SETRELIABILITY; break; 300 } 301 l2tp_rfc_command(so->so_pcb, cmd, &val); 302 } 303 break; 304 305 case L2TP_OPT_SETDELEGATEDPID: 306 if (sopt->sopt_valsize != 4) 307 error = EMSGSIZE; 308 else if ((error = sooptcopyin(sopt, &lval, 4, 4)) == 0) 309 l2tp_rfc_command(so->so_pcb, L2TP_CMD_SETDELEGATEDPID, &lval); 310 break; 311 312 default: 313 error = ENOPROTOOPT; 314 } 315 break; 316 317 case SOPT_GET: 318 switch (sopt->sopt_name) { 319 case L2TP_OPT_NEW_TUNNEL_ID: 320 case L2TP_OPT_TUNNEL_ID: 321 case L2TP_OPT_SESSION_ID: 322 if (sopt->sopt_valsize != 2) 323 error = EMSGSIZE; 324 else { 325 switch (sopt->sopt_name) { 326 case L2TP_OPT_NEW_TUNNEL_ID: cmd = L2TP_CMD_GETNEWTUNNELID; break; 327 case L2TP_OPT_TUNNEL_ID: cmd = L2TP_CMD_GETTUNNELID; break; 328 case L2TP_OPT_SESSION_ID: cmd = L2TP_CMD_GETSESSIONID; break; 329 } 330 l2tp_rfc_command(so->so_pcb, cmd, &val); 331 error = sooptcopyout(sopt, &val, 2); 332 } 333 break; 334 case L2TP_OPT_FLAGS: 335 if (sopt->sopt_valsize != 4) 336 error = EMSGSIZE; 337 else { 338 l2tp_rfc_command(so->so_pcb, L2TP_CMD_GETFLAGS, &lval); 339 error = sooptcopyout(sopt, &lval, 4); 340 } 341 break; 342 case L2TP_OPT_OURADDRESS: 343 case L2TP_OPT_PEERADDRESS: 344 if ((addr = _MALLOC(sopt->sopt_valsize, M_TEMP, M_WAITOK)) == 0) 345 error = ENOMEM; 346 else { 347 *addr = sopt->sopt_valsize; /* max size */ 348 if ((error = l2tp_rfc_command(so->so_pcb, 349 sopt->sopt_name == L2TP_OPT_OURADDRESS ? L2TP_CMD_GETOURADDR : L2TP_CMD_GETPEERADDR, 350 addr)) == 0) { 351 error = sooptcopyout(sopt, addr, sopt->sopt_valsize); 352 _FREE(addr, M_TEMP); 353 } 354 } 355 break; 356 357 default: 358 error = ENOPROTOOPT; 359 break; 360 } 361 break; 362 } 363 return error; 364} 365 366/* ----------------------------------------------------------------------------- 367-------------------------------------------------------------------------------- 368-------------------------------------------------------------------------------- 369------------------------- pr_usrreqs functions --------------------------------- 370-------------------------------------------------------------------------------- 371-------------------------------------------------------------------------------- 372----------------------------------------------------------------------------- */ 373 374/* ----------------------------------------------------------------------------- 375Called by socket layer when a new socket is created 376Should create all the structures and prepare for L2TP dialog 377----------------------------------------------------------------------------- */ 378int l2tp_attach (struct socket *so, int proto, struct proc *p) 379{ 380 int error; 381 382 //IOLog("l2tp_attach, so = %p, dom_ref = %d\n", so, so->so_proto->pr_domain->dom_refs); 383 if (so->so_pcb) 384 return EINVAL; 385 386 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) { 387 error = soreserve(so, 8192, 8192); 388 if (error) 389 return error; 390 } 391 392 // call l2tp init with the rfc specific structure 393 lck_mtx_lock(ppp_domain_mutex); 394 if (l2tp_rfc_new_client(so, (void**)&(so->so_pcb), l2tp_input, l2tp_event)) { 395 lck_mtx_unlock(ppp_domain_mutex); 396 return ENOMEM; 397 } 398 399 lck_mtx_unlock(ppp_domain_mutex); 400 return 0; 401} 402 403/* ----------------------------------------------------------------------------- 404Called by socket layer when the socket is closed 405Should free all the L2TP structures 406----------------------------------------------------------------------------- */ 407int l2tp_detach(struct socket *so) 408{ 409 410 lck_mtx_assert(ppp_domain_mutex, LCK_MTX_ASSERT_OWNED); 411 412 //IOLog("l2tp_detach, so = %p, dom_ref = %d\n", so, so->so_proto->pr_domain->dom_refs); 413 414 if (so->so_tpcb) { 415 l2tp_wan_detach(ALIGNED_CAST(struct ppp_link *)so->so_tpcb); 416 so->so_tpcb = 0; 417 } 418 if (so->so_pcb) { 419 l2tp_rfc_free_client(so->so_pcb); 420 so->so_pcb = 0; 421 } 422 so->so_flags |= SOF_PCBCLEARING; 423 return 0; 424} 425 426/* ----------------------------------------------------------------------------- 427Called by socket layer to handle ioctl 428----------------------------------------------------------------------------- */ 429int l2tp_control(struct socket *so, u_long cmd, caddr_t data, 430 struct ifnet *ifp, struct proc *p) 431{ 432 int error = 0; 433 u_int32_t aligned_data; 434 435 //IOLog("l2tp_control : so = %p, cmd = %d\n", so, cmd); 436 437 lck_mtx_assert(ppp_domain_mutex, LCK_MTX_ASSERT_OWNED); 438 439 switch (cmd) { 440 case PPPIOCGCHAN: 441 //IOLog("l2tp_control : PPPIOCGCHAN\n"); 442 if (!so->so_tpcb) 443 return EINVAL;// not attached 444 aligned_data = (ALIGNED_CAST(struct ppp_link *)so->so_tpcb)->lk_index; // Wcast-align fix - we malloc so->so_tpcb - lk_index is u_int16_t being copied to u_int32_t 445 memcpy(data, &aligned_data, sizeof(u_int32_t)); // Wcast-align fix - memcpy for unaligned move 446 break; 447 case PPPIOCATTACH: 448 //IOLog("l2tp_control : PPPIOCATTACH\n"); 449 if (so->so_tpcb) 450 return EINVAL;// already attached 451 error = l2tp_wan_attach(so->so_pcb, ALIGNED_CAST(struct ppp_link **)&so->so_tpcb); // Wcast-align fix - we malloc so->so_tpcb 452 break; 453 case PPPIOCDETACH: 454 //IOLog("l2tp_control : PPPIOCDETACH\n"); 455 if (!so->so_tpcb) 456 return EINVAL;// already detached 457 l2tp_wan_detach(ALIGNED_CAST(struct ppp_link *)so->so_tpcb); // Wcast-align fix - we malloc so->so_tpcb 458 so->so_tpcb = 0; 459 break; 460 default: 461 ; 462 } 463 464 return error; 465} 466 467/* ----------------------------------------------------------------------------- 468Called by socket layer to send a packet 469----------------------------------------------------------------------------- */ 470int l2tp_send(struct socket *so, int flags, mbuf_t m, struct sockaddr *to, 471 mbuf_t control, struct proc *p) 472{ 473 474 if (control) 475 mbuf_freem(control); 476 if (mbuf_len(m) == 0) { 477 mbuf_freem(m); 478 return 0; 479 } 480 481 return l2tp_rfc_output(so->so_pcb, m, to); 482} 483 484 485/* ----------------------------------------------------------------------------- 486-------------------------------------------------------------------------------- 487-------------------------------------------------------------------------------- 488------------------------- callbacks from L2TP rfc or from dlil ---------------- 489-------------------------------------------------------------------------------- 490-------------------------------------------------------------------------------- 491----------------------------------------------------------------------------- */ 492 493 494/* ----------------------------------------------------------------------------- 495called from l2tp_rfc when data are present 496----------------------------------------------------------------------------- */ 497int l2tp_input(void *data, mbuf_t m, struct sockaddr *from, int more) 498{ 499 struct socket *so = (struct socket *)data; 500 int err; 501 502 lck_mtx_assert(ppp_domain_mutex, LCK_MTX_ASSERT_OWNED); 503 504 if (so->so_tpcb) { 505 // we are hooked to ppp 506 return l2tp_wan_input(ALIGNED_CAST(struct ppp_link *)so->so_tpcb, m); // Wcast-align fix - we malloc so->so_tpcb 507 } 508 509 if (m) { 510 if (from == 0) { 511 // no from address, just free the buffer 512 mbuf_freem(m); 513 return 1; 514 } 515 516 if (sbappendaddr(&so->so_rcv, from, (struct mbuf *)m, 0, &err) == 0) { 517 //IOLog("l2tp_input no space, so = %p\n", so); 518 return 1; 519 } 520 } 521 522 if (!more) 523 sorwakeup(so); 524 525 return 0; 526} 527 528/* ----------------------------------------------------------------------------- 529----------------------------------------------------------------------------- */ 530void l2tp_event(void *data, u_int32_t event, void *msg) 531{ 532 struct socket *so = (struct socket *)data; 533 534 lck_mtx_assert(ppp_domain_mutex, LCK_MTX_ASSERT_OWNED); 535 536 if (so->so_tpcb) { 537 switch (event) { 538 case L2TP_EVT_XMIT_FULL: 539 l2tp_wan_xmit_full(ALIGNED_CAST(struct ppp_link *)so->so_tpcb); // Wcast-align fix - we malloc so->so_tpcb 540 break; 541 case L2TP_EVT_XMIT_OK: 542 l2tp_wan_xmit_ok(ALIGNED_CAST(struct ppp_link *)so->so_tpcb); 543 break; 544 case L2TP_EVT_INPUTERROR: 545 l2tp_wan_input_error(ALIGNED_CAST(struct ppp_link *)so->so_tpcb); 546 break; 547 } 548 } 549 else { 550 switch (event) { 551 case L2TP_EVT_RELIABLE_FAILED: 552 /* wake up the client with no data */ 553 socantrcvmore(so); 554 break; 555 } 556 } 557} 558