if_pppoe.c revision 1.145
1/* $NetBSD: if_pppoe.c,v 1.145 2018/10/27 05:56:10 maxv Exp $ */ 2 3/* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32#include <sys/cdefs.h> 33__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.145 2018/10/27 05:56:10 maxv Exp $"); 34 35#ifdef _KERNEL_OPT 36#include "pppoe.h" 37#include "opt_pppoe.h" 38#include "opt_net_mpsafe.h" 39#endif 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/kernel.h> 44#include <sys/callout.h> 45#include <sys/malloc.h> 46#include <sys/mbuf.h> 47#include <sys/socket.h> 48#include <sys/proc.h> 49#include <sys/ioctl.h> 50#include <sys/kauth.h> 51#include <sys/intr.h> 52#include <sys/socketvar.h> 53#include <sys/device.h> 54#include <sys/module.h> 55#include <sys/sysctl.h> 56#include <sys/rwlock.h> 57#include <sys/mutex.h> 58#include <sys/psref.h> 59#include <sys/cprng.h> 60 61#include <net/if.h> 62#include <net/if_types.h> 63#include <net/if_ether.h> 64#include <net/if_sppp.h> 65#include <net/if_spppvar.h> 66#include <net/if_pppoe.h> 67#include <net/if_dl.h> 68 69#include <net/bpf.h> 70 71#include "ioconf.h" 72 73#ifdef NET_MPSAFE 74#define PPPOE_MPSAFE 1 75#endif 76 77struct pppoehdr { 78 uint8_t vertype; 79 uint8_t code; 80 uint16_t session; 81 uint16_t plen; 82} __packed; 83 84struct pppoetag { 85 uint16_t tag; 86 uint16_t len; 87} __packed; 88 89#define PPPOE_HEADERLEN sizeof(struct pppoehdr) 90#define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 91#define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 92 93#define PPPOE_TAG_EOL 0x0000 /* end of list */ 94#define PPPOE_TAG_SNAME 0x0101 /* service name */ 95#define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 96#define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 97#define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 98#define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 99#define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 100#define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 101#define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 102#define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 103#define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 104 105#define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 106#define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 107#define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 108#define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 109#define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 110 111/* two byte PPP protocol discriminator, then IP data */ 112#define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 113 114/* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 115#define PPPOE_ADD_16(PTR, VAL) \ 116 *(PTR)++ = (VAL) / 256; \ 117 *(PTR)++ = (VAL) % 256 118 119/* Add a complete PPPoE header to the buffer pointed to by PTR */ 120#define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 121 *(PTR)++ = PPPOE_VERTYPE; \ 122 *(PTR)++ = (CODE); \ 123 PPPOE_ADD_16(PTR, SESS); \ 124 PPPOE_ADD_16(PTR, LEN) 125 126#define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 127#define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 128#define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 129#define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 130#define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 131#define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 132 133#ifdef PPPOE_SERVER 134/* from if_spppsubr.c */ 135#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 136#endif 137 138#define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 139#define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 140#define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 141 142#ifdef PPPOE_MPSAFE 143#define DECLARE_SPLNET_VARIABLE 144#define ACQUIRE_SPLNET() do { } while (0) 145#define RELEASE_SPLNET() do { } while (0) 146#else 147#define DECLARE_SPLNET_VARIABLE int __s 148#define ACQUIRE_SPLNET() do { \ 149 __s = splnet(); \ 150 } while (0) 151#define RELEASE_SPLNET() do { \ 152 splx(__s); \ 153 } while (0) 154#endif 155 156struct pppoe_softc { 157 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 158 LIST_ENTRY(pppoe_softc) sc_list; 159 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 160 161 uint64_t sc_id; /* id of this softc, our hunique */ 162 int sc_state; /* discovery phase or session connected */ 163 struct ether_addr sc_dest; /* hardware address of concentrator */ 164 uint16_t sc_session; /* PPPoE session id */ 165 166 char *sc_service_name; /* if != NULL: requested name of service */ 167 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 168 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 169 size_t sc_ac_cookie_len; /* length of cookie data */ 170 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 171 size_t sc_relay_sid_len; /* length of relay SID data */ 172#ifdef PPPOE_SERVER 173 uint8_t *sc_hunique; /* content of host unique we must echo back */ 174 size_t sc_hunique_len; /* length of host unique */ 175#endif 176 callout_t sc_timeout; /* timeout while not in session state */ 177 int sc_padi_retried; /* number of PADI retries already done */ 178 int sc_padr_retried; /* number of PADR retries already done */ 179 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 180}; 181 182/* incoming traffic will be queued here */ 183struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 184struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 185 186void *pppoe_softintr = NULL; 187static void pppoe_softintr_handler(void *); 188 189extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 190 191/* input routines */ 192static void pppoeintr(void); 193static void pppoe_disc_input(struct mbuf *); 194static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 195static void pppoe_data_input(struct mbuf *); 196static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 197 198/* management routines */ 199static int pppoe_connect(struct pppoe_softc *); 200static int pppoe_disconnect(struct pppoe_softc *); 201static void pppoe_abort_connect(struct pppoe_softc *); 202static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 203static void pppoe_tls(struct sppp *); 204static void pppoe_tlf(struct sppp *); 205static void pppoe_start(struct ifnet *); 206#ifdef PPPOE_MPSAFE 207static int pppoe_transmit(struct ifnet *, struct mbuf *); 208#endif 209static void pppoe_clear_softc(struct pppoe_softc *, const char *); 210 211/* internal timeout handling */ 212static void pppoe_timeout(void *); 213 214/* sending actual protocol controll packets */ 215static int pppoe_send_padi(struct pppoe_softc *); 216static int pppoe_send_padr(struct pppoe_softc *); 217#ifdef PPPOE_SERVER 218static int pppoe_send_pado(struct pppoe_softc *); 219static int pppoe_send_pads(struct pppoe_softc *); 220#endif 221static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 222 223/* raw output */ 224static int pppoe_output(struct pppoe_softc *, struct mbuf *); 225 226/* internal helper functions */ 227static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 228 krw_t); 229static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 230 struct ifnet *, krw_t); 231static struct mbuf *pppoe_get_mbuf(size_t len); 232 233static void pppoe_ifattach_hook(void *, unsigned long, void *); 234 235static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 236static krwlock_t pppoe_softc_list_lock; 237 238static int pppoe_clone_create(struct if_clone *, int); 239static int pppoe_clone_destroy(struct ifnet *); 240 241static bool pppoe_term_unknown = false; 242static int pppoe_term_unknown_pps = 1; 243 244static struct sysctllog *pppoe_sysctl_clog; 245static void sysctl_net_pppoe_setup(struct sysctllog **); 246 247static struct if_clone pppoe_cloner = 248 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 249 250/* ARGSUSED */ 251void 252pppoeattach(int count) 253{ 254 255 /* 256 * Nothing to do here, initialization is handled by the 257 * module initialization code in pppoeinit() below). 258 */ 259} 260 261static void 262pppoeinit(void) 263{ 264 265 LIST_INIT(&pppoe_softc_list); 266 rw_init(&pppoe_softc_list_lock); 267 if_clone_attach(&pppoe_cloner); 268 269 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 270 pppoe_softintr_handler, NULL); 271 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 272 273 IFQ_LOCK_INIT(&ppoediscinq); 274 IFQ_LOCK_INIT(&ppoeinq); 275} 276 277static int 278pppoedetach(void) 279{ 280 int error = 0; 281 282 rw_enter(&pppoe_softc_list_lock, RW_READER); 283 if (!LIST_EMPTY(&pppoe_softc_list)) { 284 rw_exit(&pppoe_softc_list_lock); 285 error = EBUSY; 286 } 287 288 if (error == 0) { 289 if_clone_detach(&pppoe_cloner); 290 softint_disestablish(pppoe_softintr); 291 /* Remove our sysctl sub-tree */ 292 sysctl_teardown(&pppoe_sysctl_clog); 293 } 294 295 return error; 296} 297 298static void 299pppoe_softc_genid(uint64_t *id) 300{ 301 struct pppoe_softc *sc; 302 uint64_t rndid; 303 304 rw_enter(&pppoe_softc_list_lock, RW_READER); 305 306 while (1) { 307 rndid = cprng_strong64(); 308 309 sc = NULL; 310 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 311 if (sc->sc_id == rndid) 312 break; 313 } 314 if (sc == NULL) { 315 break; 316 } 317 } 318 319 rw_exit(&pppoe_softc_list_lock); 320 *id = rndid; 321} 322 323static int 324pppoe_clone_create(struct if_clone *ifc, int unit) 325{ 326 struct pppoe_softc *sc; 327 int rv; 328 329 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 330 331 pppoe_softc_genid(&sc->sc_id); 332 333 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 334 sc->sc_sppp.pp_if.if_softc = sc; 335 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 336 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 337#ifdef PPPOE_MPSAFE 338 sc->sc_sppp.pp_if.if_extflags = IFEF_MPSAFE; 339#endif 340 sc->sc_sppp.pp_if.if_type = IFT_PPP; 341 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 342 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 343 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 344 PP_NOFRAMING; /* no serial encapsulation */ 345 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 346 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 347 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 348 349 /* changed to real address later */ 350 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 351 352 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 353 354 sc->sc_sppp.pp_if.if_start = pppoe_start; 355#ifdef PPPOE_MPSAFE 356 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 357#endif 358 sc->sc_sppp.pp_tls = pppoe_tls; 359 sc->sc_sppp.pp_tlf = pppoe_tlf; 360 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 361 362 rv = if_initialize(&sc->sc_sppp.pp_if); 363 if (rv != 0) { 364 callout_halt(&sc->sc_timeout, NULL); 365 callout_destroy(&sc->sc_timeout); 366 free(sc, M_DEVBUF); 367 return rv; 368 } 369 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 370 sppp_attach(&sc->sc_sppp.pp_if); 371 372 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 373 rw_enter(&pppoe_softc_list_lock, RW_READER); 374 if (LIST_EMPTY(&pppoe_softc_list)) { 375 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 376 } 377 rw_exit(&pppoe_softc_list_lock); 378 379 if_register(&sc->sc_sppp.pp_if); 380 381 rw_init(&sc->sc_lock); 382 383 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 384 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 385 rw_exit(&pppoe_softc_list_lock); 386 return 0; 387} 388 389static int 390pppoe_clone_destroy(struct ifnet *ifp) 391{ 392 struct pppoe_softc * sc = ifp->if_softc; 393 394 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 395 396 PPPOE_LOCK(sc, RW_WRITER); 397 callout_halt(&sc->sc_timeout, NULL); 398 399 LIST_REMOVE(sc, sc_list); 400 401 if (LIST_EMPTY(&pppoe_softc_list)) { 402 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 403 } 404 rw_exit(&pppoe_softc_list_lock); 405 406 bpf_detach(ifp); 407 sppp_detach(&sc->sc_sppp.pp_if); 408 if_detach(ifp); 409 if (sc->sc_concentrator_name) 410 free(sc->sc_concentrator_name, M_DEVBUF); 411 if (sc->sc_service_name) 412 free(sc->sc_service_name, M_DEVBUF); 413 if (sc->sc_ac_cookie) 414 free(sc->sc_ac_cookie, M_DEVBUF); 415 if (sc->sc_relay_sid) 416 free(sc->sc_relay_sid, M_DEVBUF); 417 callout_destroy(&sc->sc_timeout); 418 419 PPPOE_UNLOCK(sc); 420 rw_destroy(&sc->sc_lock); 421 422 free(sc, M_DEVBUF); 423 424 return 0; 425} 426 427/* 428 * Find the interface handling the specified session. 429 * Note: O(number of sessions open), this is a client-side only, mean 430 * and lean implementation, so number of open sessions typically should 431 * be 1. 432 */ 433static struct pppoe_softc * 434pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 435{ 436 struct pppoe_softc *sc = NULL; 437 438 if (session == 0) 439 return NULL; 440 rw_enter(&pppoe_softc_list_lock, RW_READER); 441 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 442 PPPOE_LOCK(sc, lock); 443 if ( sc->sc_state == PPPOE_STATE_SESSION 444 && sc->sc_session == session 445 && sc->sc_eth_if == rcvif) 446 break; 447 448 PPPOE_UNLOCK(sc); 449 } 450 rw_exit(&pppoe_softc_list_lock); 451 return sc; 452} 453 454/* Check host unique token passed and return appropriate softc pointer, 455 * or NULL if token is bogus. */ 456static struct pppoe_softc * 457pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 458 struct ifnet *rcvif, krw_t lock) 459{ 460 struct pppoe_softc *sc; 461 uint64_t t; 462 463 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 464 465 rw_enter(&pppoe_softc_list_lock, RW_READER); 466 if (LIST_EMPTY(&pppoe_softc_list)) { 467 rw_exit(&pppoe_softc_list_lock); 468 return NULL; 469 } 470 471 if (len != sizeof(sc->sc_id)) { 472 rw_exit(&pppoe_softc_list_lock); 473 return NULL; 474 } 475 memcpy(&t, token, len); 476 477 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 478 if (sc->sc_id == t) { 479 PPPOE_LOCK(sc, lock); 480 break; 481 } 482 } 483 rw_exit(&pppoe_softc_list_lock); 484 485 if (sc == NULL) { 486#ifdef PPPOE_DEBUG 487 printf("pppoe: alien host unique tag, no session found\n"); 488#endif 489 return NULL; 490 } 491 492 /* should be safe to access *sc now */ 493 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 494 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 495 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 496 PPPOE_UNLOCK(sc); 497 return NULL; 498 } 499 if (sc->sc_eth_if != rcvif) { 500 printf("%s: wrong interface, not accepting host unique\n", 501 sc->sc_sppp.pp_if.if_xname); 502 PPPOE_UNLOCK(sc); 503 return NULL; 504 } 505 return sc; 506} 507 508static void 509pppoe_softintr_handler(void *dummy) 510{ 511 /* called at splsoftnet() */ 512 pppoeintr(); 513} 514 515/* called at appropriate protection level */ 516static void 517pppoeintr(void) 518{ 519 struct mbuf *m; 520 int disc_done, data_done; 521 522 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 523 524 do { 525 disc_done = 0; 526 data_done = 0; 527 for (;;) { 528 IFQ_LOCK(&ppoediscinq); 529 IF_DEQUEUE(&ppoediscinq, m); 530 IFQ_UNLOCK(&ppoediscinq); 531 if (m == NULL) 532 break; 533 disc_done = 1; 534 pppoe_disc_input(m); 535 } 536 537 for (;;) { 538 IFQ_LOCK(&ppoeinq); 539 IF_DEQUEUE(&ppoeinq, m); 540 IFQ_UNLOCK(&ppoeinq); 541 if (m == NULL) 542 break; 543 data_done = 1; 544 pppoe_data_input(m); 545 } 546 } while (disc_done || data_done); 547 548 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 549} 550 551/* analyze and handle a single received packet while not in session state */ 552static void 553pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 554{ 555 uint16_t tag, len; 556 uint16_t session, plen; 557 struct pppoe_softc *sc; 558 const char *err_msg; 559 char devname[IF_NAMESIZE]; 560 char *error; 561 uint8_t *ac_cookie; 562 size_t ac_cookie_len; 563 uint8_t *relay_sid; 564 size_t relay_sid_len; 565 uint8_t *hunique; 566 size_t hunique_len; 567 struct pppoehdr *ph; 568 struct pppoetag *pt; 569 struct mbuf *n; 570 int noff, err, errortag; 571 struct ether_header *eh; 572 struct ifnet *rcvif; 573 struct psref psref; 574 575 /* as long as we don't know which instance */ 576 strlcpy(devname, "pppoe", sizeof(devname)); 577 578 err_msg = NULL; 579 errortag = 0; 580 if (m->m_len < sizeof(*eh)) { 581 m = m_pullup(m, sizeof(*eh)); 582 if (m == NULL) 583 goto done; 584 } 585 eh = mtod(m, struct ether_header *); 586 off += sizeof(*eh); 587 588 ac_cookie = NULL; 589 ac_cookie_len = 0; 590 relay_sid = NULL; 591 relay_sid_len = 0; 592 hunique = NULL; 593 hunique_len = 0; 594 session = 0; 595 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 596 printf("pppoe: packet too short: %d\n", m->m_pkthdr.len); 597 goto done; 598 } 599 600 n = m_pulldown(m, off, sizeof(*ph), &noff); 601 if (!n) { 602 printf("pppoe: could not get PPPoE header\n"); 603 m = NULL; 604 goto done; 605 } 606 ph = (struct pppoehdr *)(mtod(n, char *) + noff); 607 if (ph->vertype != PPPOE_VERTYPE) { 608 printf("pppoe: unknown version/type packet: 0x%x\n", 609 ph->vertype); 610 goto done; 611 } 612 session = ntohs(ph->session); 613 plen = ntohs(ph->plen); 614 off += sizeof(*ph); 615 616 if (plen + off > m->m_pkthdr.len) { 617 printf("pppoe: packet content does not fit: data available = %d, packet size = %u\n", 618 m->m_pkthdr.len - off, plen); 619 goto done; 620 } 621 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 622 623 tag = 0; 624 len = 0; 625 sc = NULL; 626 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 627 n = m_pulldown(m, off, sizeof(*pt), &noff); 628 if (!n) { 629 printf("%s: parse error\n", devname); 630 m = NULL; 631 goto done; 632 } 633 pt = (struct pppoetag *)(mtod(n, char *) + noff); 634 tag = ntohs(pt->tag); 635 len = ntohs(pt->len); 636 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 637 printf("pppoe: tag 0x%x len 0x%x is too long\n", 638 tag, len); 639 goto done; 640 } 641 switch (tag) { 642 case PPPOE_TAG_EOL: 643 goto breakbreak; 644 case PPPOE_TAG_SNAME: 645 break; /* ignored */ 646 case PPPOE_TAG_ACNAME: 647 if (len > 0) { 648 error = malloc(len + 1, M_TEMP, M_NOWAIT); 649 if (error == NULL) 650 break; 651 652 n = m_pulldown(m, off + sizeof(*pt), len, 653 &noff); 654 if (!n) { 655 m = NULL; 656 free(error, M_TEMP); 657 goto done; 658 } 659 660 strlcpy(error, mtod(n, char*) + noff, len + 1); 661 printf("pppoe: connected to %s\n", error); 662 free(error, M_TEMP); 663 } 664 break; /* ignored */ 665 case PPPOE_TAG_HUNIQUE: 666 if (hunique == NULL) { 667 n = m_pulldown(m, off + sizeof(*pt), len, 668 &noff); 669 if (!n) { 670 m = NULL; 671 err_msg = "TAG HUNIQUE ERROR"; 672 break; 673 } 674 675 hunique = mtod(n, uint8_t *) + noff; 676 hunique_len = len; 677 } 678 break; 679 case PPPOE_TAG_ACCOOKIE: 680 if (ac_cookie == NULL) { 681 n = m_pulldown(m, off + sizeof(*pt), len, 682 &noff); 683 if (!n) { 684 err_msg = "TAG ACCOOKIE ERROR"; 685 m = NULL; 686 break; 687 } 688 ac_cookie = mtod(n, char *) + noff; 689 ac_cookie_len = len; 690 } 691 break; 692 case PPPOE_TAG_RELAYSID: 693 if (relay_sid == NULL) { 694 n = m_pulldown(m, off + sizeof(*pt), len, 695 &noff); 696 if (!n) { 697 err_msg = "TAG RELAYSID ERROR"; 698 m = NULL; 699 break; 700 } 701 relay_sid = mtod(n, char *) + noff; 702 relay_sid_len = len; 703 } 704 break; 705 case PPPOE_TAG_SNAME_ERR: 706 err_msg = "SERVICE NAME ERROR"; 707 errortag = 1; 708 break; 709 case PPPOE_TAG_ACSYS_ERR: 710 err_msg = "AC SYSTEM ERROR"; 711 errortag = 1; 712 break; 713 case PPPOE_TAG_GENERIC_ERR: 714 err_msg = "GENERIC ERROR"; 715 errortag = 1; 716 break; 717 } 718 if (err_msg) { 719 error = NULL; 720 if (errortag && len) { 721 error = malloc(len + 1, M_TEMP, 722 M_NOWAIT|M_ZERO); 723 n = m_pulldown(m, off + sizeof(*pt), len, 724 &noff); 725 if (!n) { 726 m = NULL; 727 } else if (error) { 728 strlcpy(error, mtod(n, char *) + noff, 729 len + 1); 730 } 731 } 732 if (error) { 733 printf("%s: %s: %s\n", devname, 734 err_msg, error); 735 free(error, M_TEMP); 736 } else 737 printf("%s: %s\n", devname, err_msg); 738 if (errortag || m == NULL) 739 goto done; 740 } 741 off += sizeof(*pt) + len; 742 } 743breakbreak:; 744 745 switch (ph->code) { 746 case PPPOE_CODE_PADI: 747#ifdef PPPOE_SERVER 748 /* 749 * got service name, concentrator name, and/or host unique. 750 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 751 */ 752 rw_enter(&pppoe_softc_list_lock, RW_READER); 753 if (LIST_EMPTY(&pppoe_softc_list)) { 754 rw_exit(&pppoe_softc_list_lock); 755 goto done; 756 } 757 758 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 759 PPPOE_LOCK(sc, RW_WRITER); 760 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 761 PPPOE_UNLOCK(sc); 762 continue; 763 } 764 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 765 PPPOE_UNLOCK(sc); 766 continue; 767 } 768 769 if (sc->sc_state == PPPOE_STATE_INITIAL) 770 break; 771 772 PPPOE_UNLOCK(sc); 773 } 774 rw_exit(&pppoe_softc_list_lock); 775 776 if (sc == NULL) { 777 goto done; 778 } 779 780 if (hunique) { 781 if (sc->sc_hunique) 782 free(sc->sc_hunique, M_DEVBUF); 783 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 784 M_DONTWAIT); 785 if (sc->sc_hunique == NULL) { 786 PPPOE_UNLOCK(sc); 787 goto done; 788 } 789 sc->sc_hunique_len = hunique_len; 790 memcpy(sc->sc_hunique, hunique, hunique_len); 791 } 792 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 793 sc->sc_state = PPPOE_STATE_PADO_SENT; 794 pppoe_send_pado(sc); 795 PPPOE_UNLOCK(sc); 796 break; 797#endif /* PPPOE_SERVER */ 798 799 case PPPOE_CODE_PADR: 800#ifdef PPPOE_SERVER 801 /* 802 * get sc from ac_cookie if IFF_PASSIVE 803 */ 804 if (ac_cookie == NULL) { 805 /* be quiet if there is not a single pppoe instance */ 806 printf("pppoe: received PADR but not includes ac_cookie\n"); 807 goto done; 808 } 809 810 rcvif = m_get_rcvif_psref(m, &psref); 811 if (__predict_true(rcvif != NULL)) { 812 sc = pppoe_find_softc_by_hunique(ac_cookie, 813 ac_cookie_len, rcvif, RW_WRITER); 814 } 815 m_put_rcvif_psref(rcvif, &psref); 816 if (sc == NULL) { 817 /* be quiet if there is not a single pppoe instance */ 818 rw_enter(&pppoe_softc_list_lock, RW_READER); 819 if (!LIST_EMPTY(&pppoe_softc_list)) { 820 printf("pppoe: received PADR" 821 " but could not find request for it\n"); 822 } 823 rw_exit(&pppoe_softc_list_lock); 824 goto done; 825 } 826 827 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 828 printf("%s: received unexpected PADR\n", 829 sc->sc_sppp.pp_if.if_xname); 830 PPPOE_UNLOCK(sc); 831 goto done; 832 } 833 834 if (hunique) { 835 if (sc->sc_hunique) 836 free(sc->sc_hunique, M_DEVBUF); 837 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 838 M_DONTWAIT); 839 if (sc->sc_hunique == NULL) { 840 PPPOE_UNLOCK(sc); 841 goto done; 842 } 843 sc->sc_hunique_len = hunique_len; 844 memcpy(sc->sc_hunique, hunique, hunique_len); 845 } 846 pppoe_send_pads(sc); 847 sc->sc_state = PPPOE_STATE_SESSION; 848 PPPOE_UNLOCK(sc); 849 850 sc->sc_sppp.pp_up(&sc->sc_sppp); 851 break; 852#else 853 /* ignore, we are no access concentrator */ 854 goto done; 855#endif /* PPPOE_SERVER */ 856 857 case PPPOE_CODE_PADO: 858 rcvif = m_get_rcvif_psref(m, &psref); 859 if (__predict_false(rcvif == NULL)) 860 goto done; 861 862 if (hunique != NULL) { 863 sc = pppoe_find_softc_by_hunique(hunique, 864 hunique_len, rcvif, RW_WRITER); 865 } 866 867 m_put_rcvif_psref(rcvif, &psref); 868 869 if (sc == NULL) { 870 /* be quiet if there is not a single pppoe instance */ 871 rw_enter(&pppoe_softc_list_lock, RW_READER); 872 if (!LIST_EMPTY(&pppoe_softc_list)) { 873 printf("pppoe: received PADO" 874 " but could not find request for it\n"); 875 } 876 rw_exit(&pppoe_softc_list_lock); 877 goto done; 878 } 879 880 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 881 printf("%s: received unexpected PADO\n", 882 sc->sc_sppp.pp_if.if_xname); 883 PPPOE_UNLOCK(sc); 884 goto done; 885 } 886 887 if (ac_cookie) { 888 if (sc->sc_ac_cookie) 889 free(sc->sc_ac_cookie, M_DEVBUF); 890 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 891 M_DONTWAIT); 892 if (sc->sc_ac_cookie == NULL) { 893 printf("%s: FATAL: could not allocate memory " 894 "for AC cookie\n", 895 sc->sc_sppp.pp_if.if_xname); 896 PPPOE_UNLOCK(sc); 897 goto done; 898 } 899 sc->sc_ac_cookie_len = ac_cookie_len; 900 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 901 } 902 if (relay_sid) { 903 if (sc->sc_relay_sid) 904 free(sc->sc_relay_sid, M_DEVBUF); 905 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 906 M_DONTWAIT); 907 if (sc->sc_relay_sid == NULL) { 908 printf("%s: FATAL: could not allocate memory " 909 "for relay SID\n", 910 sc->sc_sppp.pp_if.if_xname); 911 PPPOE_UNLOCK(sc); 912 goto done; 913 } 914 sc->sc_relay_sid_len = relay_sid_len; 915 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 916 } 917 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 918 callout_stop(&sc->sc_timeout); 919 sc->sc_padr_retried = 0; 920 sc->sc_state = PPPOE_STATE_PADR_SENT; 921 if ((err = pppoe_send_padr(sc)) != 0) { 922 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 923 printf("%s: failed to send PADR, " 924 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 925 err); 926 } 927 callout_reset(&sc->sc_timeout, 928 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 929 pppoe_timeout, sc); 930 931 PPPOE_UNLOCK(sc); 932 break; 933 934 case PPPOE_CODE_PADS: 935 rcvif = m_get_rcvif_psref(m, &psref); 936 if (__predict_false(rcvif == NULL)) 937 goto done; 938 939 if (hunique != NULL) { 940 sc = pppoe_find_softc_by_hunique(hunique, 941 hunique_len, rcvif, RW_WRITER); 942 } 943 944 m_put_rcvif_psref(rcvif, &psref); 945 946 if (sc == NULL) 947 goto done; 948 949 sc->sc_session = session; 950 callout_stop(&sc->sc_timeout); 951 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 952 printf("%s: session 0x%x connected\n", 953 sc->sc_sppp.pp_if.if_xname, session); 954 sc->sc_state = PPPOE_STATE_SESSION; 955 PPPOE_UNLOCK(sc); 956 957 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 958 break; 959 960 case PPPOE_CODE_PADT: 961 rcvif = m_get_rcvif_psref(m, &psref); 962 if (__predict_false(rcvif == NULL)) 963 goto done; 964 965 sc = pppoe_find_softc_by_session(session, rcvif, 966 RW_WRITER); 967 968 m_put_rcvif_psref(rcvif, &psref); 969 970 if (sc == NULL) 971 goto done; 972 973 pppoe_clear_softc(sc, "received PADT"); 974 PPPOE_UNLOCK(sc); 975 break; 976 977 default: 978 rcvif = m_get_rcvif_psref(m, &psref); 979 if (__predict_false(rcvif == NULL)) 980 goto done; 981 982 if (hunique != NULL) { 983 sc = pppoe_find_softc_by_hunique(hunique, 984 hunique_len, rcvif, RW_READER); 985 } 986 987 m_put_rcvif_psref(rcvif, &psref); 988 989 if (sc != NULL) { 990 strlcpy(devname, sc->sc_sppp.pp_if.if_xname, 991 sizeof(devname)); 992 PPPOE_UNLOCK(sc); 993 } else 994 strlcpy(devname, "pppoe", sizeof(devname)); 995 996 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 997 devname, ph->code, session); 998 break; 999 } 1000 1001done: 1002 if (m) 1003 m_freem(m); 1004 return; 1005} 1006 1007static void 1008pppoe_disc_input(struct mbuf *m) 1009{ 1010 KASSERT(m->m_flags & M_PKTHDR); 1011 1012 /* 1013 * Avoid error messages if there is not a single PPPoE instance. 1014 */ 1015 rw_enter(&pppoe_softc_list_lock, RW_READER); 1016 if (!LIST_EMPTY(&pppoe_softc_list)) { 1017 rw_exit(&pppoe_softc_list_lock); 1018 pppoe_dispatch_disc_pkt(m, 0); 1019 } else { 1020 rw_exit(&pppoe_softc_list_lock); 1021 m_freem(m); 1022 } 1023} 1024 1025static bool 1026pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1027{ 1028 1029 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1030 return true; 1031 1032 return false; 1033} 1034 1035static void 1036pppoe_data_input(struct mbuf *m) 1037{ 1038 uint16_t session, plen; 1039 struct pppoe_softc *sc; 1040 struct pppoehdr *ph; 1041 struct ifnet *rcvif; 1042 struct psref psref; 1043 uint8_t shost[ETHER_ADDR_LEN]; 1044 uint8_t dhost[ETHER_ADDR_LEN]; 1045 bool term_unknown = pppoe_term_unknown; 1046 1047 KASSERT(m->m_flags & M_PKTHDR); 1048 1049 /* 1050 * Avoid error messages if there is not a single PPPoE instance. 1051 */ 1052 rw_enter(&pppoe_softc_list_lock, RW_READER); 1053 if (LIST_EMPTY(&pppoe_softc_list)) { 1054 rw_exit(&pppoe_softc_list_lock); 1055 goto drop; 1056 } 1057 rw_exit(&pppoe_softc_list_lock); 1058 1059 if (term_unknown) { 1060 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1061 ETHER_ADDR_LEN); 1062 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1063 ETHER_ADDR_LEN); 1064 } 1065 m_adj(m, sizeof(struct ether_header)); 1066 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1067 printf("pppoe (data): dropping too short packet: %d bytes\n", 1068 m->m_pkthdr.len); 1069 goto drop; 1070 } 1071 1072 if (m->m_len < sizeof(*ph)) { 1073 m = m_pullup(m, sizeof(*ph)); 1074 if (m == NULL) { 1075 printf("pppoe: could not get PPPoE header\n"); 1076 return; 1077 } 1078 } 1079 ph = mtod(m, struct pppoehdr *); 1080 1081 if (ph->vertype != PPPOE_VERTYPE) { 1082 printf("pppoe (data): unknown version/type packet: 0x%x\n", 1083 ph->vertype); 1084 goto drop; 1085 } 1086 if (ph->code != 0) 1087 goto drop; 1088 1089 session = ntohs(ph->session); 1090 rcvif = m_get_rcvif_psref(m, &psref); 1091 if (__predict_false(rcvif == NULL)) 1092 goto drop; 1093 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1094 if (sc == NULL) { 1095 if (term_unknown) { 1096 static struct timeval lasttime = {0, 0}; 1097 static int curpps = 0; 1098 /* 1099 * avoid to send wrong PADT which is response from 1100 * session stage pakcets for other hosts when parent 1101 * ethernet is promiscuous mode. 1102 */ 1103 if (pppoe_is_my_frame(dhost, rcvif) && 1104 ppsratecheck(&lasttime, &curpps, 1105 pppoe_term_unknown_pps)) { 1106 printf("pppoe: input for unknown session %#x, " 1107 "sending PADT\n", session); 1108 pppoe_send_padt(rcvif, session, shost); 1109 } 1110 } 1111 m_put_rcvif_psref(rcvif, &psref); 1112 goto drop; 1113 } 1114 1115 m_put_rcvif_psref(rcvif, &psref); 1116 1117 plen = ntohs(ph->plen); 1118 1119 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1120 1121 m_adj(m, PPPOE_HEADERLEN); 1122 1123#ifdef PPPOE_DEBUG 1124 { 1125 struct mbuf *p; 1126 1127 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1128 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1129 p = m; 1130 while (p) { 1131 printf(" l=%d", p->m_len); 1132 p = p->m_next; 1133 } 1134 printf("\n"); 1135 } 1136#endif 1137 PPPOE_UNLOCK(sc); 1138 1139 if (m->m_pkthdr.len < plen) 1140 goto drop; 1141 1142 /* 1143 * Fix incoming interface pointer (not the raw ethernet interface 1144 * anymore) 1145 */ 1146 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1147 1148 /* pass packet up and account for it */ 1149 sc->sc_sppp.pp_if.if_ipackets++; 1150 sppp_input(&sc->sc_sppp.pp_if, m); 1151 return; 1152 1153drop: 1154 m_freem(m); 1155} 1156 1157static int 1158pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1159{ 1160 struct sockaddr dst; 1161 struct ether_header *eh; 1162 uint16_t etype; 1163 1164 if (sc->sc_eth_if == NULL) { 1165 m_freem(m); 1166 return EIO; 1167 } 1168 1169 memset(&dst, 0, sizeof dst); 1170 dst.sa_family = AF_UNSPEC; 1171 eh = (struct ether_header*)&dst.sa_data; 1172 etype = sc->sc_state == PPPOE_STATE_SESSION 1173 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1174 eh->ether_type = htons(etype); 1175 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1176 1177#ifdef PPPOE_DEBUG 1178 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 1179 sc->sc_sppp.pp_if.if_xname, etype, 1180 sc->sc_state, sc->sc_session, 1181 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1182#endif 1183 1184 m->m_flags &= ~(M_BCAST|M_MCAST); 1185 sc->sc_sppp.pp_if.if_opackets++; 1186 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1187} 1188 1189static int 1190pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1191{ 1192 struct lwp *l = curlwp; /* XXX */ 1193 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1194 struct ifreq *ifr = data; 1195 int error = 0; 1196 1197 switch (cmd) { 1198 case PPPOESETPARMS: 1199 { 1200 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1201 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1202 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1203 NULL) != 0) 1204 return EPERM; 1205 if (parms->eth_ifname[0] != 0) { 1206 struct ifnet *eth_if; 1207 1208 PPPOE_LOCK(sc, RW_WRITER); 1209 eth_if = ifunit(parms->eth_ifname); 1210 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1211 sc->sc_eth_if = NULL; 1212 PPPOE_UNLOCK(sc); 1213 return ENXIO; 1214 } 1215 1216 if (sc->sc_sppp.pp_if.if_mtu != 1217 eth_if->if_mtu - PPPOE_OVERHEAD) { 1218 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1219 PPPOE_OVERHEAD; 1220 } 1221 sc->sc_eth_if = eth_if; 1222 PPPOE_UNLOCK(sc); 1223 } 1224 if (parms->ac_name != NULL) { 1225 size_t s; 1226 char *b = malloc(parms->ac_name_len + 1, M_DEVBUF, 1227 M_WAITOK); 1228 if (b == NULL) 1229 return ENOMEM; 1230 error = copyinstr(parms->ac_name, b, 1231 parms->ac_name_len+1, &s); 1232 if (error != 0) { 1233 free(b, M_DEVBUF); 1234 return error; 1235 } 1236 if (s != parms->ac_name_len+1) { 1237 free(b, M_DEVBUF); 1238 return EINVAL; 1239 } 1240 1241 PPPOE_LOCK(sc, RW_WRITER); 1242 if (sc->sc_concentrator_name) 1243 free(sc->sc_concentrator_name, M_DEVBUF); 1244 sc->sc_concentrator_name = b; 1245 PPPOE_UNLOCK(sc); 1246 } 1247 if (parms->service_name != NULL) { 1248 size_t s; 1249 char *b = malloc(parms->service_name_len + 1, M_DEVBUF, 1250 M_WAITOK); 1251 if (b == NULL) 1252 return ENOMEM; 1253 error = copyinstr(parms->service_name, b, 1254 parms->service_name_len+1, &s); 1255 if (error != 0) { 1256 free(b, M_DEVBUF); 1257 return error; 1258 } 1259 if (s != parms->service_name_len+1) { 1260 free(b, M_DEVBUF); 1261 return EINVAL; 1262 } 1263 1264 PPPOE_LOCK(sc, RW_WRITER); 1265 if (sc->sc_service_name) 1266 free(sc->sc_service_name, M_DEVBUF); 1267 sc->sc_service_name = b; 1268 PPPOE_UNLOCK(sc); 1269 } 1270 return 0; 1271 } 1272 break; 1273 case PPPOEGETPARMS: 1274 { 1275 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1276 memset(parms, 0, sizeof *parms); 1277 PPPOE_LOCK(sc, RW_READER); 1278 if (sc->sc_eth_if) 1279 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1280 sizeof(parms->ifname)); 1281 PPPOE_UNLOCK(sc); 1282 return 0; 1283 } 1284 break; 1285 case PPPOEGETSESSION: 1286 { 1287 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1288 PPPOE_LOCK(sc, RW_READER); 1289 state->state = sc->sc_state; 1290 state->session_id = sc->sc_session; 1291 state->padi_retry_no = sc->sc_padi_retried; 1292 state->padr_retry_no = sc->sc_padr_retried; 1293 PPPOE_UNLOCK(sc); 1294 return 0; 1295 } 1296 break; 1297 case SIOCSIFFLAGS: 1298 /* 1299 * Prevent running re-establishment timers overriding 1300 * administrators choice. 1301 */ 1302 PPPOE_LOCK(sc, RW_WRITER); 1303 1304 if ((ifr->ifr_flags & IFF_UP) == 0 1305 && sc->sc_state >= PPPOE_STATE_PADI_SENT 1306 && sc->sc_state < PPPOE_STATE_SESSION) { 1307 callout_stop(&sc->sc_timeout); 1308 sc->sc_state = PPPOE_STATE_INITIAL; 1309 sc->sc_padi_retried = 0; 1310 sc->sc_padr_retried = 0; 1311 memcpy(&sc->sc_dest, etherbroadcastaddr, 1312 sizeof(sc->sc_dest)); 1313 } 1314 1315 PPPOE_UNLOCK(sc); 1316 1317 error = sppp_ioctl(ifp, cmd, data); 1318 1319 return error; 1320 case SIOCSIFMTU: 1321 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1322 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1323 return EINVAL; 1324 } 1325 /*FALLTHROUGH*/ 1326 default: 1327 return sppp_ioctl(ifp, cmd, data); 1328 } 1329 return 0; 1330} 1331 1332/* 1333 * Allocate a mbuf/cluster with space to store the given data length 1334 * of payload, leaving space for prepending an ethernet header 1335 * in front. 1336 */ 1337static struct mbuf * 1338pppoe_get_mbuf(size_t len) 1339{ 1340 struct mbuf *m; 1341 1342 MGETHDR(m, M_DONTWAIT, MT_DATA); 1343 if (m == NULL) 1344 return NULL; 1345 if (len + sizeof(struct ether_header) > MHLEN) { 1346 MCLGET(m, M_DONTWAIT); 1347 if ((m->m_flags & M_EXT) == 0) { 1348 m_free(m); 1349 return NULL; 1350 } 1351 } 1352 m->m_data += sizeof(struct ether_header); 1353 m->m_len = len; 1354 m->m_pkthdr.len = len; 1355 m_reset_rcvif(m); 1356 1357 return m; 1358} 1359 1360static int 1361pppoe_send_padi(struct pppoe_softc *sc) 1362{ 1363 struct mbuf *m0; 1364 int len, l1 = 0, l2 = 0; 1365 uint8_t *p; 1366 1367 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1368 panic("pppoe_send_padi in state %d", sc->sc_state); 1369 1370 /* Compute packet length. */ 1371 len = sizeof(struct pppoetag); 1372 if (sc->sc_service_name != NULL) { 1373 l1 = strlen(sc->sc_service_name); 1374 len += l1; 1375 } 1376 if (sc->sc_concentrator_name != NULL) { 1377 l2 = strlen(sc->sc_concentrator_name); 1378 len += sizeof(struct pppoetag) + l2; 1379 } 1380 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1381 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1382 len += sizeof(struct pppoetag) + 2; 1383 } 1384 1385 /* Allocate packet. */ 1386 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1387 if (m0 == NULL) 1388 return ENOBUFS; 1389 1390 /* Fill in packet. */ 1391 p = mtod(m0, uint8_t *); 1392 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1393 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1394 if (sc->sc_service_name != NULL) { 1395 PPPOE_ADD_16(p, l1); 1396 memcpy(p, sc->sc_service_name, l1); 1397 p += l1; 1398 } else { 1399 PPPOE_ADD_16(p, 0); 1400 } 1401 if (sc->sc_concentrator_name != NULL) { 1402 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1403 PPPOE_ADD_16(p, l2); 1404 memcpy(p, sc->sc_concentrator_name, l2); 1405 p += l2; 1406 } 1407 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1408 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1409 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1410 p += sizeof(sc->sc_id); 1411 1412 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1413 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1414 PPPOE_ADD_16(p, 2); 1415 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1416 } 1417 1418#ifdef PPPOE_DEBUG 1419 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1420 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1421 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1422#endif 1423 1424 /* Send packet. */ 1425 return pppoe_output(sc, m0); 1426} 1427 1428static void 1429pppoe_timeout(void *arg) 1430{ 1431 int retry_wait, err; 1432 struct pppoe_softc *sc = (struct pppoe_softc*)arg; 1433 DECLARE_SPLNET_VARIABLE; 1434 1435#ifdef PPPOE_DEBUG 1436 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1437#endif 1438 1439 PPPOE_LOCK(sc, RW_WRITER); 1440 switch (sc->sc_state) { 1441 case PPPOE_STATE_INITIAL: 1442 /* delayed connect from pppoe_tls() */ 1443 pppoe_connect(sc); 1444 break; 1445 case PPPOE_STATE_PADI_SENT: 1446 /* 1447 * We have two basic ways of retrying: 1448 * - Quick retry mode: try a few times in short sequence 1449 * - Slow retry mode: we already had a connection successfully 1450 * established and will try infinitely (without user 1451 * intervention) 1452 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1453 * is not set. 1454 */ 1455 1456 /* initialize for quick retry mode */ 1457 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1458 1459 ACQUIRE_SPLNET(); 1460 sc->sc_padi_retried++; 1461 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1462 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1463 /* slow retry mode */ 1464 retry_wait = PPPOE_SLOW_RETRY; 1465 } else { 1466 pppoe_abort_connect(sc); 1467 RELEASE_SPLNET(); 1468 PPPOE_UNLOCK(sc); 1469 return; 1470 } 1471 } 1472 if ((err = pppoe_send_padi(sc)) != 0) { 1473 sc->sc_padi_retried--; 1474 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1475 printf("%s: failed to transmit PADI, " 1476 "error=%d\n", 1477 sc->sc_sppp.pp_if.if_xname, err); 1478 } 1479 callout_reset(&sc->sc_timeout, retry_wait, 1480 pppoe_timeout, sc); 1481 RELEASE_SPLNET(); 1482 break; 1483 1484 case PPPOE_STATE_PADR_SENT: 1485 ACQUIRE_SPLNET(); 1486 sc->sc_padr_retried++; 1487 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1488 memcpy(&sc->sc_dest, etherbroadcastaddr, 1489 sizeof(sc->sc_dest)); 1490 sc->sc_state = PPPOE_STATE_PADI_SENT; 1491 sc->sc_padr_retried = 0; 1492 if ((err = pppoe_send_padi(sc)) != 0) { 1493 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1494 printf("%s: failed to send PADI" 1495 ", error=%d\n", 1496 sc->sc_sppp.pp_if.if_xname, err); 1497 } 1498 callout_reset(&sc->sc_timeout, 1499 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried), 1500 pppoe_timeout, sc); 1501 RELEASE_SPLNET(); 1502 PPPOE_UNLOCK(sc); 1503 return; 1504 } 1505 if ((err = pppoe_send_padr(sc)) != 0) { 1506 sc->sc_padr_retried--; 1507 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1508 printf("%s: failed to send PADR, " 1509 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1510 err); 1511 } 1512 callout_reset(&sc->sc_timeout, 1513 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 1514 pppoe_timeout, sc); 1515 RELEASE_SPLNET(); 1516 break; 1517 case PPPOE_STATE_CLOSING: 1518 pppoe_disconnect(sc); 1519 break; 1520 default: 1521 PPPOE_UNLOCK(sc); 1522 return; /* all done, work in peace */ 1523 } 1524 PPPOE_UNLOCK(sc); 1525} 1526 1527/* Start a connection (i.e. initiate discovery phase) */ 1528static int 1529pppoe_connect(struct pppoe_softc *sc) 1530{ 1531 int err; 1532 DECLARE_SPLNET_VARIABLE; 1533 1534 KASSERT(PPPOE_WLOCKED(sc)); 1535 1536 if (sc->sc_state != PPPOE_STATE_INITIAL) 1537 return EBUSY; 1538 1539#ifdef PPPOE_SERVER 1540 /* wait PADI if IFF_PASSIVE */ 1541 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1542 return 0; 1543#endif 1544 ACQUIRE_SPLNET(); 1545 /* save state, in case we fail to send PADI */ 1546 sc->sc_state = PPPOE_STATE_PADI_SENT; 1547 sc->sc_padr_retried = 0; 1548 err = pppoe_send_padi(sc); 1549 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1550 printf("%s: failed to send PADI, error=%d\n", 1551 sc->sc_sppp.pp_if.if_xname, err); 1552 callout_reset(&sc->sc_timeout, PPPOE_DISC_TIMEOUT, pppoe_timeout, sc); 1553 RELEASE_SPLNET(); 1554 return err; 1555} 1556 1557/* disconnect */ 1558static int 1559pppoe_disconnect(struct pppoe_softc *sc) 1560{ 1561 int err; 1562 DECLARE_SPLNET_VARIABLE; 1563 1564 KASSERT(PPPOE_WLOCKED(sc)); 1565 1566 ACQUIRE_SPLNET(); 1567 1568 if (sc->sc_state < PPPOE_STATE_SESSION) 1569 err = EBUSY; 1570 else { 1571 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1572 printf("%s: disconnecting\n", 1573 sc->sc_sppp.pp_if.if_xname); 1574 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1575 (const uint8_t *)&sc->sc_dest); 1576 } 1577 1578 /* cleanup softc */ 1579 sc->sc_state = PPPOE_STATE_INITIAL; 1580 1581 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1582 if (sc->sc_ac_cookie) { 1583 free(sc->sc_ac_cookie, M_DEVBUF); 1584 sc->sc_ac_cookie = NULL; 1585 } 1586 sc->sc_ac_cookie_len = 0; 1587 if (sc->sc_relay_sid) { 1588 free(sc->sc_relay_sid, M_DEVBUF); 1589 sc->sc_relay_sid = NULL; 1590 } 1591 sc->sc_relay_sid_len = 0; 1592#ifdef PPPOE_SERVER 1593 if (sc->sc_hunique) { 1594 free(sc->sc_hunique, M_DEVBUF); 1595 sc->sc_hunique = NULL; 1596 } 1597 sc->sc_hunique_len = 0; 1598#endif 1599 sc->sc_session = 0; 1600 1601 PPPOE_UNLOCK(sc); 1602 1603 /* notify upper layer */ 1604 sc->sc_sppp.pp_down(&sc->sc_sppp); 1605 1606 PPPOE_LOCK(sc, RW_WRITER); 1607 1608 RELEASE_SPLNET(); 1609 return err; 1610} 1611 1612/* Connection attempt aborted */ 1613static void 1614pppoe_abort_connect(struct pppoe_softc *sc) 1615{ 1616 KASSERT(PPPOE_WLOCKED(sc)); 1617 1618 printf("%s: could not establish connection\n", 1619 sc->sc_sppp.pp_if.if_xname); 1620 sc->sc_state = PPPOE_STATE_CLOSING; 1621 1622 PPPOE_UNLOCK(sc); 1623 1624 /* notify upper layer */ 1625 sc->sc_sppp.pp_down(&sc->sc_sppp); 1626 1627 PPPOE_LOCK(sc, RW_WRITER); 1628 1629 /* clear connection state */ 1630 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1631 sc->sc_state = PPPOE_STATE_INITIAL; 1632} 1633 1634static int 1635pppoe_send_padr(struct pppoe_softc *sc) 1636{ 1637 struct mbuf *m0; 1638 uint8_t *p; 1639 size_t len, l1 = 0; 1640 1641 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1642 return EIO; 1643 1644 /* Compute packet length. */ 1645 len = sizeof(struct pppoetag); 1646 if (sc->sc_service_name != NULL) { 1647 l1 = strlen(sc->sc_service_name); 1648 len += l1; 1649 } 1650 if (sc->sc_ac_cookie_len > 0) { 1651 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1652 } 1653 if (sc->sc_relay_sid_len > 0) { 1654 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1655 } 1656 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1657 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1658 len += sizeof(struct pppoetag) + 2; 1659 } 1660 1661 /* Allocate packet. */ 1662 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1663 if (m0 == NULL) 1664 return ENOBUFS; 1665 1666 /* Fill in packet. */ 1667 p = mtod(m0, uint8_t *); 1668 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1669 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1670 if (sc->sc_service_name != NULL) { 1671 PPPOE_ADD_16(p, l1); 1672 memcpy(p, sc->sc_service_name, l1); 1673 p += l1; 1674 } else { 1675 PPPOE_ADD_16(p, 0); 1676 } 1677 if (sc->sc_ac_cookie_len > 0) { 1678 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1679 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1680 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1681 p += sc->sc_ac_cookie_len; 1682 } 1683 if (sc->sc_relay_sid_len > 0) { 1684 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1685 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1686 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1687 p += sc->sc_relay_sid_len; 1688 } 1689 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1690 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1691 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1692 p += sizeof(sc->sc_id); 1693 1694 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1695 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1696 PPPOE_ADD_16(p, 2); 1697 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1698 } 1699 1700#ifdef PPPOE_DEBUG 1701 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1702 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1703 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1704#endif 1705 1706 /* Send packet. */ 1707 return pppoe_output(sc, m0); 1708} 1709 1710/* send a PADT packet */ 1711static int 1712pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1713{ 1714 struct ether_header *eh; 1715 struct sockaddr dst; 1716 struct mbuf *m0; 1717 uint8_t *p; 1718 1719 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1720 if (!m0) 1721 return EIO; 1722 p = mtod(m0, uint8_t *); 1723 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1724 1725 memset(&dst, 0, sizeof dst); 1726 dst.sa_family = AF_UNSPEC; 1727 eh = (struct ether_header*)&dst.sa_data; 1728 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1729 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1730 1731 m0->m_flags &= ~(M_BCAST|M_MCAST); 1732 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1733} 1734 1735#ifdef PPPOE_SERVER 1736static int 1737pppoe_send_pado(struct pppoe_softc *sc) 1738{ 1739 struct mbuf *m0; 1740 uint8_t *p; 1741 size_t len; 1742 1743 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1744 return EIO; 1745 1746 /* Include AC cookie. */ 1747 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1748 /* Include hunique. */ 1749 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1750 1751 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1752 if (!m0) 1753 return EIO; 1754 p = mtod(m0, uint8_t *); 1755 1756 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1757 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1758 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1759 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1760 p += sizeof(sc->sc_id); 1761 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1762 PPPOE_ADD_16(p, sc->sc_hunique_len); 1763 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1764 return pppoe_output(sc, m0); 1765} 1766 1767static int 1768pppoe_send_pads(struct pppoe_softc *sc) 1769{ 1770 struct bintime bt; 1771 struct mbuf *m0; 1772 uint8_t *p; 1773 size_t len, l1 = 0; /* XXX: gcc */ 1774 1775 KASSERT(PPPOE_WLOCKED(sc)); 1776 1777 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1778 return EIO; 1779 1780 getbinuptime(&bt); 1781 sc->sc_session = bt.sec % 0xff + 1; 1782 1783 /* Include service name. */ 1784 len = sizeof(struct pppoetag); 1785 if (sc->sc_service_name != NULL) { 1786 l1 = strlen(sc->sc_service_name); 1787 len += l1; 1788 } 1789 /* Include hunique. */ 1790 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1791 1792 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1793 if (!m0) 1794 return ENOBUFS; 1795 p = mtod(m0, uint8_t *); 1796 1797 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1798 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1799 if (sc->sc_service_name != NULL) { 1800 PPPOE_ADD_16(p, l1); 1801 memcpy(p, sc->sc_service_name, l1); 1802 p += l1; 1803 } else { 1804 PPPOE_ADD_16(p, 0); 1805 } 1806 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1807 PPPOE_ADD_16(p, sc->sc_hunique_len); 1808 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1809 return pppoe_output(sc, m0); 1810} 1811#endif 1812 1813static void 1814pppoe_tls(struct sppp *sp) 1815{ 1816 struct pppoe_softc *sc = (void *)sp; 1817 int wtime; 1818 1819 PPPOE_LOCK(sc, RW_READER); 1820 1821 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1822 PPPOE_UNLOCK(sc); 1823 return; 1824 } 1825 1826 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1827 sc->sc_sppp.pp_auth_failures > 0) { 1828 /* 1829 * Delay trying to reconnect a bit more - the peer 1830 * might have failed to contact its radius server. 1831 */ 1832 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1833 if (wtime > PPPOE_SLOW_RETRY) 1834 wtime = PPPOE_SLOW_RETRY; 1835 } else { 1836 wtime = PPPOE_RECON_IMMEDIATE; 1837 } 1838 callout_reset(&sc->sc_timeout, wtime, pppoe_timeout, sc); 1839 1840 PPPOE_UNLOCK(sc); 1841} 1842 1843static void 1844pppoe_tlf(struct sppp *sp) 1845{ 1846 struct pppoe_softc *sc = (void *)sp; 1847 1848 PPPOE_LOCK(sc, RW_WRITER); 1849 1850 if (sc->sc_state < PPPOE_STATE_SESSION) { 1851 PPPOE_UNLOCK(sc); 1852 return; 1853 } 1854 /* 1855 * Do not call pppoe_disconnect here, the upper layer state 1856 * machine gets confused by this. We must return from this 1857 * function and defer disconnecting to the timeout handler. 1858 */ 1859 sc->sc_state = PPPOE_STATE_CLOSING; 1860 1861 callout_reset(&sc->sc_timeout, hz/50, pppoe_timeout, sc); 1862 1863 PPPOE_UNLOCK(sc); 1864} 1865 1866static void 1867pppoe_start(struct ifnet *ifp) 1868{ 1869 struct pppoe_softc *sc = (void *)ifp; 1870 struct mbuf *m; 1871 uint8_t *p; 1872 size_t len; 1873 1874 if (sppp_isempty(ifp)) 1875 return; 1876 1877 /* are we ready to process data yet? */ 1878 PPPOE_LOCK(sc, RW_READER); 1879 if (sc->sc_state < PPPOE_STATE_SESSION) { 1880 sppp_flush(&sc->sc_sppp.pp_if); 1881 PPPOE_UNLOCK(sc); 1882 return; 1883 } 1884 1885 while ((m = sppp_dequeue(ifp)) != NULL) { 1886 len = m->m_pkthdr.len; 1887 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1888 if (m == NULL) { 1889 ifp->if_oerrors++; 1890 continue; 1891 } 1892 p = mtod(m, uint8_t *); 1893 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1894 1895 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1896 1897 pppoe_output(sc, m); 1898 } 1899 PPPOE_UNLOCK(sc); 1900} 1901 1902#ifdef PPPOE_MPSAFE 1903static int 1904pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1905{ 1906 struct pppoe_softc *sc = (void *)ifp; 1907 uint8_t *p; 1908 size_t len; 1909 1910 if (m == NULL) 1911 return EINVAL; 1912 1913 /* are we ready to process data yet? */ 1914 PPPOE_LOCK(sc, RW_READER); 1915 if (sc->sc_state < PPPOE_STATE_SESSION) { 1916 PPPOE_UNLOCK(sc); 1917 m_freem(m); 1918 return ENOBUFS; 1919 } 1920 1921 len = m->m_pkthdr.len; 1922 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1923 if (m == NULL) { 1924 PPPOE_UNLOCK(sc); 1925 ifp->if_oerrors++; 1926 return ENETDOWN; 1927 } 1928 p = mtod(m, uint8_t *); 1929 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1930 1931 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1932 1933 pppoe_output(sc, m); 1934 PPPOE_UNLOCK(sc); 1935 return 0; 1936} 1937#endif /* PPPOE_MPSAFE */ 1938 1939static void 1940pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 1941{ 1942 struct ifnet *ifp = arg2; 1943 struct pppoe_softc *sc; 1944 DECLARE_SPLNET_VARIABLE; 1945 1946 if (cmd != PFIL_IFNET_DETACH) 1947 return; 1948 1949 ACQUIRE_SPLNET(); 1950 rw_enter(&pppoe_softc_list_lock, RW_READER); 1951 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 1952 PPPOE_LOCK(sc, RW_WRITER); 1953 if (sc->sc_eth_if != ifp) { 1954 PPPOE_UNLOCK(sc); 1955 continue; 1956 } 1957 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 1958 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 1959 printf("%s: ethernet interface detached, going down\n", 1960 sc->sc_sppp.pp_if.if_xname); 1961 } 1962 sc->sc_eth_if = NULL; 1963 pppoe_clear_softc(sc, "ethernet interface detached"); 1964 PPPOE_UNLOCK(sc); 1965 } 1966 rw_exit(&pppoe_softc_list_lock); 1967 RELEASE_SPLNET(); 1968} 1969 1970static void 1971pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 1972{ 1973 KASSERT(PPPOE_WLOCKED(sc)); 1974 1975 /* stop timer */ 1976 callout_stop(&sc->sc_timeout); 1977 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1978 printf("%s: session 0x%x terminated, %s\n", 1979 sc->sc_sppp.pp_if.if_xname, sc->sc_session, message); 1980 1981 /* fix our state */ 1982 sc->sc_state = PPPOE_STATE_INITIAL; 1983 1984 PPPOE_UNLOCK(sc); 1985 1986 /* signal upper layer */ 1987 sc->sc_sppp.pp_down(&sc->sc_sppp); 1988 1989 PPPOE_LOCK(sc, RW_WRITER); 1990 1991 /* clean up softc */ 1992 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1993 if (sc->sc_ac_cookie) { 1994 free(sc->sc_ac_cookie, M_DEVBUF); 1995 sc->sc_ac_cookie = NULL; 1996 } 1997 if (sc->sc_relay_sid) { 1998 free(sc->sc_relay_sid, M_DEVBUF); 1999 sc->sc_relay_sid = NULL; 2000 } 2001 sc->sc_ac_cookie_len = 0; 2002 sc->sc_session = 0; 2003} 2004 2005static void 2006pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2007{ 2008 if (m->m_flags & M_PROMISC) { 2009 m_freem(m); 2010 return; 2011 } 2012 2013#ifndef PPPOE_SERVER 2014 if (m->m_flags & (M_MCAST | M_BCAST)) { 2015 m_freem(m); 2016 return; 2017 } 2018#endif 2019 2020 IFQ_LOCK(inq); 2021 if (IF_QFULL(inq)) { 2022 IF_DROP(inq); 2023 IFQ_UNLOCK(inq); 2024 m_freem(m); 2025 } else { 2026 IF_ENQUEUE(inq, m); 2027 IFQ_UNLOCK(inq); 2028 softint_schedule(pppoe_softintr); 2029 } 2030 return; 2031} 2032 2033void 2034pppoe_input(struct ifnet *ifp, struct mbuf *m) 2035{ 2036 pppoe_enqueue(&ppoeinq, m); 2037 return; 2038} 2039 2040void 2041pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2042{ 2043 pppoe_enqueue(&ppoediscinq, m); 2044 return; 2045} 2046 2047static void 2048sysctl_net_pppoe_setup(struct sysctllog **clog) 2049{ 2050 const struct sysctlnode *node = NULL; 2051 2052 sysctl_createv(clog, 0, NULL, &node, 2053 CTLFLAG_PERMANENT, 2054 CTLTYPE_NODE, "pppoe", 2055 SYSCTL_DESCR("PPPOE protocol"), 2056 NULL, 0, NULL, 0, 2057 CTL_NET, CTL_CREATE, CTL_EOL); 2058 2059 if (node == NULL) 2060 return; 2061 2062 sysctl_createv(clog, 0, &node, NULL, 2063 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2064 CTLTYPE_BOOL, "term_unknown", 2065 SYSCTL_DESCR("Terminate unknown sessions"), 2066 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2067 CTL_CREATE, CTL_EOL); 2068} 2069 2070/* 2071 * Module infrastructure 2072 */ 2073#include "if_module.h" 2074 2075IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2076