if_pppoe.c revision 1.147
1/* $NetBSD: if_pppoe.c,v 1.147 2019/03/18 11:38:03 msaitoh Exp $ */ 2 3/* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32#include <sys/cdefs.h> 33__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.147 2019/03/18 11:38:03 msaitoh Exp $"); 34 35#ifdef _KERNEL_OPT 36#include "pppoe.h" 37#include "opt_pppoe.h" 38#include "opt_net_mpsafe.h" 39#endif 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/kernel.h> 44#include <sys/callout.h> 45#include <sys/malloc.h> 46#include <sys/mbuf.h> 47#include <sys/socket.h> 48#include <sys/proc.h> 49#include <sys/ioctl.h> 50#include <sys/kauth.h> 51#include <sys/intr.h> 52#include <sys/socketvar.h> 53#include <sys/device.h> 54#include <sys/module.h> 55#include <sys/sysctl.h> 56#include <sys/rwlock.h> 57#include <sys/mutex.h> 58#include <sys/psref.h> 59#include <sys/cprng.h> 60 61#include <net/if.h> 62#include <net/if_types.h> 63#include <net/if_ether.h> 64#include <net/if_sppp.h> 65#include <net/if_spppvar.h> 66#include <net/if_pppoe.h> 67#include <net/if_dl.h> 68 69#include <net/bpf.h> 70 71#include "ioconf.h" 72 73#ifdef NET_MPSAFE 74#define PPPOE_MPSAFE 1 75#endif 76 77struct pppoehdr { 78 uint8_t vertype; 79 uint8_t code; 80 uint16_t session; 81 uint16_t plen; 82} __packed; 83 84struct pppoetag { 85 uint16_t tag; 86 uint16_t len; 87} __packed; 88 89#define PPPOE_HEADERLEN sizeof(struct pppoehdr) 90#define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 91#define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 92 93#define PPPOE_TAG_EOL 0x0000 /* end of list */ 94#define PPPOE_TAG_SNAME 0x0101 /* service name */ 95#define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 96#define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 97#define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 98#define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 99#define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 100#define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 101#define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 102#define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 103#define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 104 105#define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 106#define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 107#define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 108#define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 109#define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 110 111/* two byte PPP protocol discriminator, then IP data */ 112#define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 113 114/* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 115#define PPPOE_ADD_16(PTR, VAL) \ 116 *(PTR)++ = (VAL) / 256; \ 117 *(PTR)++ = (VAL) % 256 118 119/* Add a complete PPPoE header to the buffer pointed to by PTR */ 120#define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 121 *(PTR)++ = PPPOE_VERTYPE; \ 122 *(PTR)++ = (CODE); \ 123 PPPOE_ADD_16(PTR, SESS); \ 124 PPPOE_ADD_16(PTR, LEN) 125 126#define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 127#define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 128#define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 129#define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 130#define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 131#define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 132 133#ifdef PPPOE_SERVER 134/* from if_spppsubr.c */ 135#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 136#endif 137 138#define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 139#define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 140#define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 141 142#ifdef PPPOE_MPSAFE 143#define DECLARE_SPLNET_VARIABLE 144#define ACQUIRE_SPLNET() do { } while (0) 145#define RELEASE_SPLNET() do { } while (0) 146#else 147#define DECLARE_SPLNET_VARIABLE int __s 148#define ACQUIRE_SPLNET() do { \ 149 __s = splnet(); \ 150 } while (0) 151#define RELEASE_SPLNET() do { \ 152 splx(__s); \ 153 } while (0) 154#endif 155 156struct pppoe_softc { 157 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 158 LIST_ENTRY(pppoe_softc) sc_list; 159 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 160 161 uint64_t sc_id; /* id of this softc, our hunique */ 162 int sc_state; /* discovery phase or session connected */ 163 struct ether_addr sc_dest; /* hardware address of concentrator */ 164 uint16_t sc_session; /* PPPoE session id */ 165 166 char *sc_service_name; /* if != NULL: requested name of service */ 167 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 168 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 169 size_t sc_ac_cookie_len; /* length of cookie data */ 170 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 171 size_t sc_relay_sid_len; /* length of relay SID data */ 172#ifdef PPPOE_SERVER 173 uint8_t *sc_hunique; /* content of host unique we must echo back */ 174 size_t sc_hunique_len; /* length of host unique */ 175#endif 176 callout_t sc_timeout; /* timeout while not in session state */ 177 int sc_padi_retried; /* number of PADI retries already done */ 178 int sc_padr_retried; /* number of PADR retries already done */ 179 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 180}; 181 182/* incoming traffic will be queued here */ 183struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 184struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 185 186void *pppoe_softintr = NULL; 187static void pppoe_softintr_handler(void *); 188 189extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 190 191/* input routines */ 192static void pppoeintr(void); 193static void pppoe_disc_input(struct mbuf *); 194static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 195static void pppoe_data_input(struct mbuf *); 196static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 197 198/* management routines */ 199static int pppoe_connect(struct pppoe_softc *); 200static int pppoe_disconnect(struct pppoe_softc *); 201static void pppoe_abort_connect(struct pppoe_softc *); 202static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 203static void pppoe_tls(struct sppp *); 204static void pppoe_tlf(struct sppp *); 205static void pppoe_start(struct ifnet *); 206#ifdef PPPOE_MPSAFE 207static int pppoe_transmit(struct ifnet *, struct mbuf *); 208#endif 209static void pppoe_clear_softc(struct pppoe_softc *, const char *); 210 211/* internal timeout handling */ 212static void pppoe_timeout(void *); 213 214/* sending actual protocol controll packets */ 215static int pppoe_send_padi(struct pppoe_softc *); 216static int pppoe_send_padr(struct pppoe_softc *); 217#ifdef PPPOE_SERVER 218static int pppoe_send_pado(struct pppoe_softc *); 219static int pppoe_send_pads(struct pppoe_softc *); 220#endif 221static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 222 223/* raw output */ 224static int pppoe_output(struct pppoe_softc *, struct mbuf *); 225 226/* internal helper functions */ 227static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 228 krw_t); 229static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 230 struct ifnet *, krw_t); 231static struct mbuf *pppoe_get_mbuf(size_t len); 232 233static void pppoe_ifattach_hook(void *, unsigned long, void *); 234 235static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 236static krwlock_t pppoe_softc_list_lock; 237 238static int pppoe_clone_create(struct if_clone *, int); 239static int pppoe_clone_destroy(struct ifnet *); 240 241static bool pppoe_term_unknown = false; 242static int pppoe_term_unknown_pps = 1; 243 244static struct sysctllog *pppoe_sysctl_clog; 245static void sysctl_net_pppoe_setup(struct sysctllog **); 246 247static struct if_clone pppoe_cloner = 248 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 249 250/* ARGSUSED */ 251void 252pppoeattach(int count) 253{ 254 255 /* 256 * Nothing to do here, initialization is handled by the 257 * module initialization code in pppoeinit() below). 258 */ 259} 260 261static void 262pppoeinit(void) 263{ 264 265 LIST_INIT(&pppoe_softc_list); 266 rw_init(&pppoe_softc_list_lock); 267 if_clone_attach(&pppoe_cloner); 268 269 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 270 pppoe_softintr_handler, NULL); 271 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 272 273 IFQ_LOCK_INIT(&ppoediscinq); 274 IFQ_LOCK_INIT(&ppoeinq); 275} 276 277static int 278pppoedetach(void) 279{ 280 int error = 0; 281 282 rw_enter(&pppoe_softc_list_lock, RW_READER); 283 if (!LIST_EMPTY(&pppoe_softc_list)) { 284 rw_exit(&pppoe_softc_list_lock); 285 error = EBUSY; 286 } 287 288 if (error == 0) { 289 if_clone_detach(&pppoe_cloner); 290 softint_disestablish(pppoe_softintr); 291 /* Remove our sysctl sub-tree */ 292 sysctl_teardown(&pppoe_sysctl_clog); 293 } 294 295 return error; 296} 297 298static void 299pppoe_softc_genid(uint64_t *id) 300{ 301 struct pppoe_softc *sc; 302 uint64_t rndid; 303 304 rw_enter(&pppoe_softc_list_lock, RW_READER); 305 306 while (1) { 307 rndid = cprng_strong64(); 308 309 sc = NULL; 310 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 311 if (sc->sc_id == rndid) 312 break; 313 } 314 if (sc == NULL) { 315 break; 316 } 317 } 318 319 rw_exit(&pppoe_softc_list_lock); 320 *id = rndid; 321} 322 323static int 324pppoe_clone_create(struct if_clone *ifc, int unit) 325{ 326 struct pppoe_softc *sc; 327 int rv; 328 329 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 330 331 pppoe_softc_genid(&sc->sc_id); 332 333 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 334 sc->sc_sppp.pp_if.if_softc = sc; 335 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 336 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 337#ifdef PPPOE_MPSAFE 338 sc->sc_sppp.pp_if.if_extflags = IFEF_MPSAFE; 339#endif 340 sc->sc_sppp.pp_if.if_type = IFT_PPP; 341 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 342 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 343 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 344 PP_NOFRAMING; /* no serial encapsulation */ 345 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 346 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 347 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 348 349 /* changed to real address later */ 350 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 351 352 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 353 354 sc->sc_sppp.pp_if.if_start = pppoe_start; 355#ifdef PPPOE_MPSAFE 356 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 357#endif 358 sc->sc_sppp.pp_tls = pppoe_tls; 359 sc->sc_sppp.pp_tlf = pppoe_tlf; 360 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 361 362 rv = if_initialize(&sc->sc_sppp.pp_if); 363 if (rv != 0) { 364 callout_halt(&sc->sc_timeout, NULL); 365 callout_destroy(&sc->sc_timeout); 366 free(sc, M_DEVBUF); 367 return rv; 368 } 369 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 370 sppp_attach(&sc->sc_sppp.pp_if); 371 372 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 373 rw_enter(&pppoe_softc_list_lock, RW_READER); 374 if (LIST_EMPTY(&pppoe_softc_list)) { 375 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 376 } 377 rw_exit(&pppoe_softc_list_lock); 378 379 if_register(&sc->sc_sppp.pp_if); 380 381 rw_init(&sc->sc_lock); 382 383 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 384 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 385 rw_exit(&pppoe_softc_list_lock); 386 return 0; 387} 388 389static int 390pppoe_clone_destroy(struct ifnet *ifp) 391{ 392 struct pppoe_softc * sc = ifp->if_softc; 393 394 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 395 396 PPPOE_LOCK(sc, RW_WRITER); 397 callout_halt(&sc->sc_timeout, NULL); 398 399 LIST_REMOVE(sc, sc_list); 400 401 if (LIST_EMPTY(&pppoe_softc_list)) { 402 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 403 } 404 rw_exit(&pppoe_softc_list_lock); 405 406 bpf_detach(ifp); 407 sppp_detach(&sc->sc_sppp.pp_if); 408 if_detach(ifp); 409 if (sc->sc_concentrator_name) 410 free(sc->sc_concentrator_name, M_DEVBUF); 411 if (sc->sc_service_name) 412 free(sc->sc_service_name, M_DEVBUF); 413 if (sc->sc_ac_cookie) 414 free(sc->sc_ac_cookie, M_DEVBUF); 415 if (sc->sc_relay_sid) 416 free(sc->sc_relay_sid, M_DEVBUF); 417 callout_destroy(&sc->sc_timeout); 418 419 PPPOE_UNLOCK(sc); 420 rw_destroy(&sc->sc_lock); 421 422 free(sc, M_DEVBUF); 423 424 return 0; 425} 426 427/* 428 * Find the interface handling the specified session. 429 * Note: O(number of sessions open), this is a client-side only, mean 430 * and lean implementation, so number of open sessions typically should 431 * be 1. 432 */ 433static struct pppoe_softc * 434pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 435{ 436 struct pppoe_softc *sc = NULL; 437 438 if (session == 0) 439 return NULL; 440 rw_enter(&pppoe_softc_list_lock, RW_READER); 441 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 442 PPPOE_LOCK(sc, lock); 443 if ( sc->sc_state == PPPOE_STATE_SESSION 444 && sc->sc_session == session 445 && sc->sc_eth_if == rcvif) 446 break; 447 448 PPPOE_UNLOCK(sc); 449 } 450 rw_exit(&pppoe_softc_list_lock); 451 return sc; 452} 453 454/* Check host unique token passed and return appropriate softc pointer, 455 * or NULL if token is bogus. */ 456static struct pppoe_softc * 457pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 458 struct ifnet *rcvif, krw_t lock) 459{ 460 struct pppoe_softc *sc; 461 uint64_t t; 462 463 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 464 465 rw_enter(&pppoe_softc_list_lock, RW_READER); 466 if (LIST_EMPTY(&pppoe_softc_list)) { 467 rw_exit(&pppoe_softc_list_lock); 468 return NULL; 469 } 470 471 if (len != sizeof(sc->sc_id)) { 472 rw_exit(&pppoe_softc_list_lock); 473 return NULL; 474 } 475 memcpy(&t, token, len); 476 477 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 478 if (sc->sc_id == t) { 479 PPPOE_LOCK(sc, lock); 480 break; 481 } 482 } 483 rw_exit(&pppoe_softc_list_lock); 484 485 if (sc == NULL) { 486#ifdef PPPOE_DEBUG 487 printf("pppoe: alien host unique tag, no session found\n"); 488#endif 489 return NULL; 490 } 491 492 /* should be safe to access *sc now */ 493 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 494 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 495 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 496 PPPOE_UNLOCK(sc); 497 return NULL; 498 } 499 if (sc->sc_eth_if != rcvif) { 500 printf("%s: wrong interface, not accepting host unique\n", 501 sc->sc_sppp.pp_if.if_xname); 502 PPPOE_UNLOCK(sc); 503 return NULL; 504 } 505 return sc; 506} 507 508static void 509pppoe_softintr_handler(void *dummy) 510{ 511 /* called at splsoftnet() */ 512 pppoeintr(); 513} 514 515/* called at appropriate protection level */ 516static void 517pppoeintr(void) 518{ 519 struct mbuf *m; 520 int disc_done, data_done; 521 522 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 523 524 do { 525 disc_done = 0; 526 data_done = 0; 527 for (;;) { 528 IFQ_LOCK(&ppoediscinq); 529 IF_DEQUEUE(&ppoediscinq, m); 530 IFQ_UNLOCK(&ppoediscinq); 531 if (m == NULL) 532 break; 533 disc_done = 1; 534 pppoe_disc_input(m); 535 } 536 537 for (;;) { 538 IFQ_LOCK(&ppoeinq); 539 IF_DEQUEUE(&ppoeinq, m); 540 IFQ_UNLOCK(&ppoeinq); 541 if (m == NULL) 542 break; 543 data_done = 1; 544 pppoe_data_input(m); 545 } 546 } while (disc_done || data_done); 547 548 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 549} 550 551/* analyze and handle a single received packet while not in session state */ 552static void 553pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 554{ 555 uint16_t tag, len; 556 uint16_t session, plen; 557 struct pppoe_softc *sc; 558 const char *err_msg; 559 char devname[IF_NAMESIZE]; 560 char *error; 561 uint8_t *ac_cookie; 562 size_t ac_cookie_len; 563 uint8_t *relay_sid; 564 size_t relay_sid_len; 565 uint8_t *hunique; 566 size_t hunique_len; 567 struct pppoehdr *ph; 568 struct pppoetag *pt; 569 struct mbuf *n; 570 int noff, err, errortag; 571 struct ether_header *eh; 572 struct ifnet *rcvif; 573 struct psref psref; 574 575 if (m->m_len < sizeof(*eh)) { 576 m = m_pullup(m, sizeof(*eh)); 577 if (m == NULL) 578 goto done; 579 } 580 eh = mtod(m, struct ether_header *); 581 off += sizeof(*eh); 582 583 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 584 goto done; 585 } 586 587 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 588 if (ph == NULL) { 589 goto done; 590 } 591 if (ph->vertype != PPPOE_VERTYPE) { 592 goto done; 593 } 594 595 ac_cookie = NULL; 596 ac_cookie_len = 0; 597 relay_sid = NULL; 598 relay_sid_len = 0; 599 hunique = NULL; 600 hunique_len = 0; 601 602 session = ntohs(ph->session); 603 plen = ntohs(ph->plen); 604 off += sizeof(*ph); 605 606 if (plen + off > m->m_pkthdr.len) { 607 goto done; 608 } 609 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 610 611 tag = 0; 612 len = 0; 613 sc = NULL; 614 err_msg = NULL; 615 errortag = 0; 616 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 617 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 618 if (pt == NULL) { 619 goto done; 620 } 621 622 tag = ntohs(pt->tag); 623 len = ntohs(pt->len); 624 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 625 goto done; 626 } 627 switch (tag) { 628 case PPPOE_TAG_EOL: 629 goto breakbreak; 630 case PPPOE_TAG_SNAME: 631 break; /* ignored */ 632 case PPPOE_TAG_ACNAME: 633 if (len > 0) { 634 error = malloc(len + 1, M_TEMP, M_NOWAIT); 635 if (error == NULL) 636 break; 637 638 n = m_pulldown(m, off + sizeof(*pt), len, 639 &noff); 640 if (!n) { 641 m = NULL; 642 free(error, M_TEMP); 643 goto done; 644 } 645 646 strlcpy(error, mtod(n, char*) + noff, len + 1); 647 printf("pppoe: connected to %s\n", error); 648 free(error, M_TEMP); 649 } 650 break; /* ignored */ 651 case PPPOE_TAG_HUNIQUE: 652 if (hunique == NULL) { 653 n = m_pulldown(m, off + sizeof(*pt), len, 654 &noff); 655 if (!n) { 656 m = NULL; 657 err_msg = "TAG HUNIQUE ERROR"; 658 break; 659 } 660 661 hunique = mtod(n, uint8_t *) + noff; 662 hunique_len = len; 663 } 664 break; 665 case PPPOE_TAG_ACCOOKIE: 666 if (ac_cookie == NULL) { 667 n = m_pulldown(m, off + sizeof(*pt), len, 668 &noff); 669 if (!n) { 670 err_msg = "TAG ACCOOKIE ERROR"; 671 m = NULL; 672 break; 673 } 674 ac_cookie = mtod(n, char *) + noff; 675 ac_cookie_len = len; 676 } 677 break; 678 case PPPOE_TAG_RELAYSID: 679 if (relay_sid == NULL) { 680 n = m_pulldown(m, off + sizeof(*pt), len, 681 &noff); 682 if (!n) { 683 err_msg = "TAG RELAYSID ERROR"; 684 m = NULL; 685 break; 686 } 687 relay_sid = mtod(n, char *) + noff; 688 relay_sid_len = len; 689 } 690 break; 691 case PPPOE_TAG_SNAME_ERR: 692 err_msg = "SERVICE NAME ERROR"; 693 errortag = 1; 694 break; 695 case PPPOE_TAG_ACSYS_ERR: 696 err_msg = "AC SYSTEM ERROR"; 697 errortag = 1; 698 break; 699 case PPPOE_TAG_GENERIC_ERR: 700 err_msg = "GENERIC ERROR"; 701 errortag = 1; 702 break; 703 } 704 if (err_msg) { 705 error = NULL; 706 if (errortag && len) { 707 error = malloc(len + 1, M_TEMP, 708 M_NOWAIT|M_ZERO); 709 n = m_pulldown(m, off + sizeof(*pt), len, 710 &noff); 711 if (!n) { 712 m = NULL; 713 } else if (error) { 714 strlcpy(error, mtod(n, char *) + noff, 715 len + 1); 716 } 717 } 718 if (error) { 719 printf("pppoe: %s: %s\n", err_msg, error); 720 free(error, M_TEMP); 721 } else 722 printf("pppoe: %s\n", err_msg); 723 if (errortag || m == NULL) 724 goto done; 725 } 726 off += sizeof(*pt) + len; 727 } 728breakbreak:; 729 730 switch (ph->code) { 731 case PPPOE_CODE_PADI: 732#ifdef PPPOE_SERVER 733 /* 734 * got service name, concentrator name, and/or host unique. 735 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 736 */ 737 rw_enter(&pppoe_softc_list_lock, RW_READER); 738 if (LIST_EMPTY(&pppoe_softc_list)) { 739 rw_exit(&pppoe_softc_list_lock); 740 goto done; 741 } 742 743 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 744 PPPOE_LOCK(sc, RW_WRITER); 745 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 746 PPPOE_UNLOCK(sc); 747 continue; 748 } 749 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 750 PPPOE_UNLOCK(sc); 751 continue; 752 } 753 754 if (sc->sc_state == PPPOE_STATE_INITIAL) 755 break; 756 757 PPPOE_UNLOCK(sc); 758 } 759 rw_exit(&pppoe_softc_list_lock); 760 761 if (sc == NULL) { 762 goto done; 763 } 764 765 if (hunique) { 766 if (sc->sc_hunique) 767 free(sc->sc_hunique, M_DEVBUF); 768 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 769 M_DONTWAIT); 770 if (sc->sc_hunique == NULL) { 771 PPPOE_UNLOCK(sc); 772 goto done; 773 } 774 sc->sc_hunique_len = hunique_len; 775 memcpy(sc->sc_hunique, hunique, hunique_len); 776 } 777 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 778 sc->sc_state = PPPOE_STATE_PADO_SENT; 779 pppoe_send_pado(sc); 780 PPPOE_UNLOCK(sc); 781 break; 782#endif /* PPPOE_SERVER */ 783 784 case PPPOE_CODE_PADR: 785#ifdef PPPOE_SERVER 786 /* 787 * get sc from ac_cookie if IFF_PASSIVE 788 */ 789 if (ac_cookie == NULL) { 790 goto done; 791 } 792 793 rcvif = m_get_rcvif_psref(m, &psref); 794 if (__predict_true(rcvif != NULL)) { 795 sc = pppoe_find_softc_by_hunique(ac_cookie, 796 ac_cookie_len, rcvif, RW_WRITER); 797 } 798 m_put_rcvif_psref(rcvif, &psref); 799 if (sc == NULL) { 800 /* be quiet if there is not a single pppoe instance */ 801 rw_enter(&pppoe_softc_list_lock, RW_READER); 802 if (!LIST_EMPTY(&pppoe_softc_list)) { 803 printf("pppoe: received PADR" 804 " but could not find request for it\n"); 805 } 806 rw_exit(&pppoe_softc_list_lock); 807 goto done; 808 } 809 810 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 811 printf("%s: received unexpected PADR\n", 812 sc->sc_sppp.pp_if.if_xname); 813 PPPOE_UNLOCK(sc); 814 goto done; 815 } 816 817 if (hunique) { 818 if (sc->sc_hunique) 819 free(sc->sc_hunique, M_DEVBUF); 820 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 821 M_DONTWAIT); 822 if (sc->sc_hunique == NULL) { 823 PPPOE_UNLOCK(sc); 824 goto done; 825 } 826 sc->sc_hunique_len = hunique_len; 827 memcpy(sc->sc_hunique, hunique, hunique_len); 828 } 829 pppoe_send_pads(sc); 830 sc->sc_state = PPPOE_STATE_SESSION; 831 PPPOE_UNLOCK(sc); 832 833 sc->sc_sppp.pp_up(&sc->sc_sppp); 834 break; 835#else 836 /* ignore, we are no access concentrator */ 837 goto done; 838#endif /* PPPOE_SERVER */ 839 840 case PPPOE_CODE_PADO: 841 rcvif = m_get_rcvif_psref(m, &psref); 842 if (__predict_false(rcvif == NULL)) 843 goto done; 844 845 if (hunique != NULL) { 846 sc = pppoe_find_softc_by_hunique(hunique, 847 hunique_len, rcvif, RW_WRITER); 848 } 849 850 m_put_rcvif_psref(rcvif, &psref); 851 852 if (sc == NULL) { 853 /* be quiet if there is not a single pppoe instance */ 854 rw_enter(&pppoe_softc_list_lock, RW_READER); 855 if (!LIST_EMPTY(&pppoe_softc_list)) { 856 printf("pppoe: received PADO" 857 " but could not find request for it\n"); 858 } 859 rw_exit(&pppoe_softc_list_lock); 860 goto done; 861 } 862 863 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 864 printf("%s: received unexpected PADO\n", 865 sc->sc_sppp.pp_if.if_xname); 866 PPPOE_UNLOCK(sc); 867 goto done; 868 } 869 870 if (ac_cookie) { 871 if (sc->sc_ac_cookie) 872 free(sc->sc_ac_cookie, M_DEVBUF); 873 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 874 M_DONTWAIT); 875 if (sc->sc_ac_cookie == NULL) { 876 printf("%s: FATAL: could not allocate memory " 877 "for AC cookie\n", 878 sc->sc_sppp.pp_if.if_xname); 879 PPPOE_UNLOCK(sc); 880 goto done; 881 } 882 sc->sc_ac_cookie_len = ac_cookie_len; 883 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 884 } 885 if (relay_sid) { 886 if (sc->sc_relay_sid) 887 free(sc->sc_relay_sid, M_DEVBUF); 888 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 889 M_DONTWAIT); 890 if (sc->sc_relay_sid == NULL) { 891 printf("%s: FATAL: could not allocate memory " 892 "for relay SID\n", 893 sc->sc_sppp.pp_if.if_xname); 894 PPPOE_UNLOCK(sc); 895 goto done; 896 } 897 sc->sc_relay_sid_len = relay_sid_len; 898 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 899 } 900 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 901 callout_stop(&sc->sc_timeout); 902 sc->sc_padr_retried = 0; 903 sc->sc_state = PPPOE_STATE_PADR_SENT; 904 if ((err = pppoe_send_padr(sc)) != 0) { 905 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 906 printf("%s: failed to send PADR, " 907 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 908 err); 909 } 910 callout_reset(&sc->sc_timeout, 911 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 912 pppoe_timeout, sc); 913 914 PPPOE_UNLOCK(sc); 915 break; 916 917 case PPPOE_CODE_PADS: 918 rcvif = m_get_rcvif_psref(m, &psref); 919 if (__predict_false(rcvif == NULL)) 920 goto done; 921 922 if (hunique != NULL) { 923 sc = pppoe_find_softc_by_hunique(hunique, 924 hunique_len, rcvif, RW_WRITER); 925 } 926 927 m_put_rcvif_psref(rcvif, &psref); 928 929 if (sc == NULL) 930 goto done; 931 932 sc->sc_session = session; 933 callout_stop(&sc->sc_timeout); 934 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 935 printf("%s: session 0x%x connected\n", 936 sc->sc_sppp.pp_if.if_xname, session); 937 sc->sc_state = PPPOE_STATE_SESSION; 938 PPPOE_UNLOCK(sc); 939 940 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 941 break; 942 943 case PPPOE_CODE_PADT: 944 rcvif = m_get_rcvif_psref(m, &psref); 945 if (__predict_false(rcvif == NULL)) 946 goto done; 947 948 sc = pppoe_find_softc_by_session(session, rcvif, 949 RW_WRITER); 950 951 m_put_rcvif_psref(rcvif, &psref); 952 953 if (sc == NULL) 954 goto done; 955 956 pppoe_clear_softc(sc, "received PADT"); 957 PPPOE_UNLOCK(sc); 958 break; 959 960 default: 961 rcvif = m_get_rcvif_psref(m, &psref); 962 if (__predict_false(rcvif == NULL)) 963 goto done; 964 965 if (hunique != NULL) { 966 sc = pppoe_find_softc_by_hunique(hunique, 967 hunique_len, rcvif, RW_READER); 968 } 969 970 m_put_rcvif_psref(rcvif, &psref); 971 972 if (sc != NULL) { 973 strlcpy(devname, sc->sc_sppp.pp_if.if_xname, 974 sizeof(devname)); 975 PPPOE_UNLOCK(sc); 976 } else 977 strlcpy(devname, "pppoe", sizeof(devname)); 978 979 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 980 devname, ph->code, session); 981 break; 982 } 983 984done: 985 if (m) 986 m_freem(m); 987 return; 988} 989 990static void 991pppoe_disc_input(struct mbuf *m) 992{ 993 KASSERT(m->m_flags & M_PKTHDR); 994 995 /* 996 * Avoid error messages if there is not a single PPPoE instance. 997 */ 998 rw_enter(&pppoe_softc_list_lock, RW_READER); 999 if (!LIST_EMPTY(&pppoe_softc_list)) { 1000 rw_exit(&pppoe_softc_list_lock); 1001 pppoe_dispatch_disc_pkt(m, 0); 1002 } else { 1003 rw_exit(&pppoe_softc_list_lock); 1004 m_freem(m); 1005 } 1006} 1007 1008static bool 1009pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1010{ 1011 1012 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1013 return true; 1014 1015 return false; 1016} 1017 1018static void 1019pppoe_data_input(struct mbuf *m) 1020{ 1021 uint16_t session, plen; 1022 struct pppoe_softc *sc; 1023 struct pppoehdr *ph; 1024 struct ifnet *rcvif; 1025 struct psref psref; 1026 uint8_t shost[ETHER_ADDR_LEN]; 1027 uint8_t dhost[ETHER_ADDR_LEN]; 1028 bool term_unknown = pppoe_term_unknown; 1029 1030 KASSERT(m->m_flags & M_PKTHDR); 1031 1032 /* 1033 * Avoid error messages if there is not a single PPPoE instance. 1034 */ 1035 rw_enter(&pppoe_softc_list_lock, RW_READER); 1036 if (LIST_EMPTY(&pppoe_softc_list)) { 1037 rw_exit(&pppoe_softc_list_lock); 1038 goto drop; 1039 } 1040 rw_exit(&pppoe_softc_list_lock); 1041 1042 if (term_unknown) { 1043 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1044 ETHER_ADDR_LEN); 1045 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1046 ETHER_ADDR_LEN); 1047 } 1048 m_adj(m, sizeof(struct ether_header)); 1049 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1050 goto drop; 1051 } 1052 1053 if (m->m_len < sizeof(*ph)) { 1054 m = m_pullup(m, sizeof(*ph)); 1055 if (m == NULL) { 1056 return; 1057 } 1058 } 1059 ph = mtod(m, struct pppoehdr *); 1060 1061 if (ph->vertype != PPPOE_VERTYPE) { 1062 goto drop; 1063 } 1064 if (ph->code != 0) { 1065 goto drop; 1066 } 1067 1068 session = ntohs(ph->session); 1069 rcvif = m_get_rcvif_psref(m, &psref); 1070 if (__predict_false(rcvif == NULL)) 1071 goto drop; 1072 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1073 if (sc == NULL) { 1074 if (term_unknown) { 1075 static struct timeval lasttime = {0, 0}; 1076 static int curpps = 0; 1077 /* 1078 * avoid to send wrong PADT which is response from 1079 * session stage packets for other hosts when parent 1080 * ethernet is promiscuous mode. 1081 */ 1082 if (pppoe_is_my_frame(dhost, rcvif) && 1083 ppsratecheck(&lasttime, &curpps, 1084 pppoe_term_unknown_pps)) { 1085 printf("pppoe: input for unknown session %#x, " 1086 "sending PADT\n", session); 1087 pppoe_send_padt(rcvif, session, shost); 1088 } 1089 } 1090 m_put_rcvif_psref(rcvif, &psref); 1091 goto drop; 1092 } 1093 1094 m_put_rcvif_psref(rcvif, &psref); 1095 1096 plen = ntohs(ph->plen); 1097 1098 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1099 1100 m_adj(m, PPPOE_HEADERLEN); 1101 1102#ifdef PPPOE_DEBUG 1103 { 1104 struct mbuf *p; 1105 1106 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1107 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1108 p = m; 1109 while (p) { 1110 printf(" l=%d", p->m_len); 1111 p = p->m_next; 1112 } 1113 printf("\n"); 1114 } 1115#endif 1116 PPPOE_UNLOCK(sc); 1117 1118 if (m->m_pkthdr.len < plen) 1119 goto drop; 1120 1121 /* 1122 * Fix incoming interface pointer (not the raw ethernet interface 1123 * anymore) 1124 */ 1125 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1126 1127 /* pass packet up and account for it */ 1128 sc->sc_sppp.pp_if.if_ipackets++; 1129 sppp_input(&sc->sc_sppp.pp_if, m); 1130 return; 1131 1132drop: 1133 m_freem(m); 1134} 1135 1136static int 1137pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1138{ 1139 struct sockaddr dst; 1140 struct ether_header *eh; 1141 uint16_t etype; 1142 1143 if (sc->sc_eth_if == NULL) { 1144 m_freem(m); 1145 return EIO; 1146 } 1147 1148 memset(&dst, 0, sizeof dst); 1149 dst.sa_family = AF_UNSPEC; 1150 eh = (struct ether_header*)&dst.sa_data; 1151 etype = sc->sc_state == PPPOE_STATE_SESSION 1152 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1153 eh->ether_type = htons(etype); 1154 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1155 1156#ifdef PPPOE_DEBUG 1157 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 1158 sc->sc_sppp.pp_if.if_xname, etype, 1159 sc->sc_state, sc->sc_session, 1160 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1161#endif 1162 1163 m->m_flags &= ~(M_BCAST|M_MCAST); 1164 sc->sc_sppp.pp_if.if_opackets++; 1165 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1166} 1167 1168static int 1169pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1170{ 1171 struct lwp *l = curlwp; /* XXX */ 1172 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1173 struct ifreq *ifr = data; 1174 int error = 0; 1175 1176 switch (cmd) { 1177 case PPPOESETPARMS: 1178 { 1179 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1180 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1181 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1182 NULL) != 0) 1183 return EPERM; 1184 if (parms->eth_ifname[0] != 0) { 1185 struct ifnet *eth_if; 1186 1187 PPPOE_LOCK(sc, RW_WRITER); 1188 eth_if = ifunit(parms->eth_ifname); 1189 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1190 sc->sc_eth_if = NULL; 1191 PPPOE_UNLOCK(sc); 1192 return ENXIO; 1193 } 1194 1195 if (sc->sc_sppp.pp_if.if_mtu != 1196 eth_if->if_mtu - PPPOE_OVERHEAD) { 1197 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1198 PPPOE_OVERHEAD; 1199 } 1200 sc->sc_eth_if = eth_if; 1201 PPPOE_UNLOCK(sc); 1202 } 1203 if (parms->ac_name != NULL) { 1204 size_t s; 1205 char *b = malloc(parms->ac_name_len + 1, M_DEVBUF, 1206 M_WAITOK); 1207 if (b == NULL) 1208 return ENOMEM; 1209 error = copyinstr(parms->ac_name, b, 1210 parms->ac_name_len+1, &s); 1211 if (error != 0) { 1212 free(b, M_DEVBUF); 1213 return error; 1214 } 1215 if (s != parms->ac_name_len+1) { 1216 free(b, M_DEVBUF); 1217 return EINVAL; 1218 } 1219 1220 PPPOE_LOCK(sc, RW_WRITER); 1221 if (sc->sc_concentrator_name) 1222 free(sc->sc_concentrator_name, M_DEVBUF); 1223 sc->sc_concentrator_name = b; 1224 PPPOE_UNLOCK(sc); 1225 } 1226 if (parms->service_name != NULL) { 1227 size_t s; 1228 char *b = malloc(parms->service_name_len + 1, M_DEVBUF, 1229 M_WAITOK); 1230 if (b == NULL) 1231 return ENOMEM; 1232 error = copyinstr(parms->service_name, b, 1233 parms->service_name_len+1, &s); 1234 if (error != 0) { 1235 free(b, M_DEVBUF); 1236 return error; 1237 } 1238 if (s != parms->service_name_len+1) { 1239 free(b, M_DEVBUF); 1240 return EINVAL; 1241 } 1242 1243 PPPOE_LOCK(sc, RW_WRITER); 1244 if (sc->sc_service_name) 1245 free(sc->sc_service_name, M_DEVBUF); 1246 sc->sc_service_name = b; 1247 PPPOE_UNLOCK(sc); 1248 } 1249 return 0; 1250 } 1251 break; 1252 case PPPOEGETPARMS: 1253 { 1254 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1255 memset(parms, 0, sizeof *parms); 1256 PPPOE_LOCK(sc, RW_READER); 1257 if (sc->sc_eth_if) 1258 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1259 sizeof(parms->ifname)); 1260 PPPOE_UNLOCK(sc); 1261 return 0; 1262 } 1263 break; 1264 case PPPOEGETSESSION: 1265 { 1266 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1267 PPPOE_LOCK(sc, RW_READER); 1268 state->state = sc->sc_state; 1269 state->session_id = sc->sc_session; 1270 state->padi_retry_no = sc->sc_padi_retried; 1271 state->padr_retry_no = sc->sc_padr_retried; 1272 PPPOE_UNLOCK(sc); 1273 return 0; 1274 } 1275 break; 1276 case SIOCSIFFLAGS: 1277 /* 1278 * Prevent running re-establishment timers overriding 1279 * administrators choice. 1280 */ 1281 PPPOE_LOCK(sc, RW_WRITER); 1282 1283 if ((ifr->ifr_flags & IFF_UP) == 0 1284 && sc->sc_state >= PPPOE_STATE_PADI_SENT 1285 && sc->sc_state < PPPOE_STATE_SESSION) { 1286 callout_stop(&sc->sc_timeout); 1287 sc->sc_state = PPPOE_STATE_INITIAL; 1288 sc->sc_padi_retried = 0; 1289 sc->sc_padr_retried = 0; 1290 memcpy(&sc->sc_dest, etherbroadcastaddr, 1291 sizeof(sc->sc_dest)); 1292 } 1293 1294 PPPOE_UNLOCK(sc); 1295 1296 error = sppp_ioctl(ifp, cmd, data); 1297 1298 return error; 1299 case SIOCSIFMTU: 1300 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1301 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1302 return EINVAL; 1303 } 1304 /*FALLTHROUGH*/ 1305 default: 1306 return sppp_ioctl(ifp, cmd, data); 1307 } 1308 return 0; 1309} 1310 1311/* 1312 * Allocate a mbuf/cluster with space to store the given data length 1313 * of payload, leaving space for prepending an ethernet header 1314 * in front. 1315 */ 1316static struct mbuf * 1317pppoe_get_mbuf(size_t len) 1318{ 1319 struct mbuf *m; 1320 1321 MGETHDR(m, M_DONTWAIT, MT_DATA); 1322 if (m == NULL) 1323 return NULL; 1324 if (len + sizeof(struct ether_header) > MHLEN) { 1325 MCLGET(m, M_DONTWAIT); 1326 if ((m->m_flags & M_EXT) == 0) { 1327 m_free(m); 1328 return NULL; 1329 } 1330 } 1331 m->m_data += sizeof(struct ether_header); 1332 m->m_len = len; 1333 m->m_pkthdr.len = len; 1334 m_reset_rcvif(m); 1335 1336 return m; 1337} 1338 1339static int 1340pppoe_send_padi(struct pppoe_softc *sc) 1341{ 1342 struct mbuf *m0; 1343 int len, l1 = 0, l2 = 0; 1344 uint8_t *p; 1345 1346 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1347 panic("pppoe_send_padi in state %d", sc->sc_state); 1348 1349 /* Compute packet length. */ 1350 len = sizeof(struct pppoetag); 1351 if (sc->sc_service_name != NULL) { 1352 l1 = strlen(sc->sc_service_name); 1353 len += l1; 1354 } 1355 if (sc->sc_concentrator_name != NULL) { 1356 l2 = strlen(sc->sc_concentrator_name); 1357 len += sizeof(struct pppoetag) + l2; 1358 } 1359 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1360 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1361 len += sizeof(struct pppoetag) + 2; 1362 } 1363 1364 /* Allocate packet. */ 1365 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1366 if (m0 == NULL) 1367 return ENOBUFS; 1368 1369 /* Fill in packet. */ 1370 p = mtod(m0, uint8_t *); 1371 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1372 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1373 if (sc->sc_service_name != NULL) { 1374 PPPOE_ADD_16(p, l1); 1375 memcpy(p, sc->sc_service_name, l1); 1376 p += l1; 1377 } else { 1378 PPPOE_ADD_16(p, 0); 1379 } 1380 if (sc->sc_concentrator_name != NULL) { 1381 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1382 PPPOE_ADD_16(p, l2); 1383 memcpy(p, sc->sc_concentrator_name, l2); 1384 p += l2; 1385 } 1386 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1387 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1388 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1389 p += sizeof(sc->sc_id); 1390 1391 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1392 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1393 PPPOE_ADD_16(p, 2); 1394 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1395 } 1396 1397#ifdef PPPOE_DEBUG 1398 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1399 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1400 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1401#endif 1402 1403 /* Send packet. */ 1404 return pppoe_output(sc, m0); 1405} 1406 1407static void 1408pppoe_timeout(void *arg) 1409{ 1410 int retry_wait, err; 1411 struct pppoe_softc *sc = (struct pppoe_softc*)arg; 1412 DECLARE_SPLNET_VARIABLE; 1413 1414#ifdef PPPOE_DEBUG 1415 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1416#endif 1417 1418 PPPOE_LOCK(sc, RW_WRITER); 1419 switch (sc->sc_state) { 1420 case PPPOE_STATE_INITIAL: 1421 /* delayed connect from pppoe_tls() */ 1422 pppoe_connect(sc); 1423 break; 1424 case PPPOE_STATE_PADI_SENT: 1425 /* 1426 * We have two basic ways of retrying: 1427 * - Quick retry mode: try a few times in short sequence 1428 * - Slow retry mode: we already had a connection successfully 1429 * established and will try infinitely (without user 1430 * intervention) 1431 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1432 * is not set. 1433 */ 1434 1435 /* initialize for quick retry mode */ 1436 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1437 1438 ACQUIRE_SPLNET(); 1439 sc->sc_padi_retried++; 1440 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1441 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1442 /* slow retry mode */ 1443 retry_wait = PPPOE_SLOW_RETRY; 1444 } else { 1445 pppoe_abort_connect(sc); 1446 RELEASE_SPLNET(); 1447 PPPOE_UNLOCK(sc); 1448 return; 1449 } 1450 } 1451 if ((err = pppoe_send_padi(sc)) != 0) { 1452 sc->sc_padi_retried--; 1453 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1454 printf("%s: failed to transmit PADI, " 1455 "error=%d\n", 1456 sc->sc_sppp.pp_if.if_xname, err); 1457 } 1458 callout_reset(&sc->sc_timeout, retry_wait, 1459 pppoe_timeout, sc); 1460 RELEASE_SPLNET(); 1461 break; 1462 1463 case PPPOE_STATE_PADR_SENT: 1464 ACQUIRE_SPLNET(); 1465 sc->sc_padr_retried++; 1466 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1467 memcpy(&sc->sc_dest, etherbroadcastaddr, 1468 sizeof(sc->sc_dest)); 1469 sc->sc_state = PPPOE_STATE_PADI_SENT; 1470 sc->sc_padr_retried = 0; 1471 if ((err = pppoe_send_padi(sc)) != 0) { 1472 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1473 printf("%s: failed to send PADI" 1474 ", error=%d\n", 1475 sc->sc_sppp.pp_if.if_xname, err); 1476 } 1477 callout_reset(&sc->sc_timeout, 1478 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried), 1479 pppoe_timeout, sc); 1480 RELEASE_SPLNET(); 1481 PPPOE_UNLOCK(sc); 1482 return; 1483 } 1484 if ((err = pppoe_send_padr(sc)) != 0) { 1485 sc->sc_padr_retried--; 1486 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1487 printf("%s: failed to send PADR, " 1488 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1489 err); 1490 } 1491 callout_reset(&sc->sc_timeout, 1492 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 1493 pppoe_timeout, sc); 1494 RELEASE_SPLNET(); 1495 break; 1496 case PPPOE_STATE_CLOSING: 1497 pppoe_disconnect(sc); 1498 break; 1499 default: 1500 PPPOE_UNLOCK(sc); 1501 return; /* all done, work in peace */ 1502 } 1503 PPPOE_UNLOCK(sc); 1504} 1505 1506/* Start a connection (i.e. initiate discovery phase) */ 1507static int 1508pppoe_connect(struct pppoe_softc *sc) 1509{ 1510 int err; 1511 DECLARE_SPLNET_VARIABLE; 1512 1513 KASSERT(PPPOE_WLOCKED(sc)); 1514 1515 if (sc->sc_state != PPPOE_STATE_INITIAL) 1516 return EBUSY; 1517 1518#ifdef PPPOE_SERVER 1519 /* wait PADI if IFF_PASSIVE */ 1520 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1521 return 0; 1522#endif 1523 ACQUIRE_SPLNET(); 1524 /* save state, in case we fail to send PADI */ 1525 sc->sc_state = PPPOE_STATE_PADI_SENT; 1526 sc->sc_padr_retried = 0; 1527 err = pppoe_send_padi(sc); 1528 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1529 printf("%s: failed to send PADI, error=%d\n", 1530 sc->sc_sppp.pp_if.if_xname, err); 1531 callout_reset(&sc->sc_timeout, PPPOE_DISC_TIMEOUT, pppoe_timeout, sc); 1532 RELEASE_SPLNET(); 1533 return err; 1534} 1535 1536/* disconnect */ 1537static int 1538pppoe_disconnect(struct pppoe_softc *sc) 1539{ 1540 int err; 1541 DECLARE_SPLNET_VARIABLE; 1542 1543 KASSERT(PPPOE_WLOCKED(sc)); 1544 1545 ACQUIRE_SPLNET(); 1546 1547 if (sc->sc_state < PPPOE_STATE_SESSION) 1548 err = EBUSY; 1549 else { 1550 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1551 printf("%s: disconnecting\n", 1552 sc->sc_sppp.pp_if.if_xname); 1553 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1554 (const uint8_t *)&sc->sc_dest); 1555 } 1556 1557 /* cleanup softc */ 1558 sc->sc_state = PPPOE_STATE_INITIAL; 1559 1560 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1561 if (sc->sc_ac_cookie) { 1562 free(sc->sc_ac_cookie, M_DEVBUF); 1563 sc->sc_ac_cookie = NULL; 1564 } 1565 sc->sc_ac_cookie_len = 0; 1566 if (sc->sc_relay_sid) { 1567 free(sc->sc_relay_sid, M_DEVBUF); 1568 sc->sc_relay_sid = NULL; 1569 } 1570 sc->sc_relay_sid_len = 0; 1571#ifdef PPPOE_SERVER 1572 if (sc->sc_hunique) { 1573 free(sc->sc_hunique, M_DEVBUF); 1574 sc->sc_hunique = NULL; 1575 } 1576 sc->sc_hunique_len = 0; 1577#endif 1578 sc->sc_session = 0; 1579 1580 PPPOE_UNLOCK(sc); 1581 1582 /* notify upper layer */ 1583 sc->sc_sppp.pp_down(&sc->sc_sppp); 1584 1585 PPPOE_LOCK(sc, RW_WRITER); 1586 1587 RELEASE_SPLNET(); 1588 return err; 1589} 1590 1591/* Connection attempt aborted */ 1592static void 1593pppoe_abort_connect(struct pppoe_softc *sc) 1594{ 1595 KASSERT(PPPOE_WLOCKED(sc)); 1596 1597 printf("%s: could not establish connection\n", 1598 sc->sc_sppp.pp_if.if_xname); 1599 sc->sc_state = PPPOE_STATE_CLOSING; 1600 1601 PPPOE_UNLOCK(sc); 1602 1603 /* notify upper layer */ 1604 sc->sc_sppp.pp_down(&sc->sc_sppp); 1605 1606 PPPOE_LOCK(sc, RW_WRITER); 1607 1608 /* clear connection state */ 1609 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1610 sc->sc_state = PPPOE_STATE_INITIAL; 1611} 1612 1613static int 1614pppoe_send_padr(struct pppoe_softc *sc) 1615{ 1616 struct mbuf *m0; 1617 uint8_t *p; 1618 size_t len, l1 = 0; 1619 1620 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1621 return EIO; 1622 1623 /* Compute packet length. */ 1624 len = sizeof(struct pppoetag); 1625 if (sc->sc_service_name != NULL) { 1626 l1 = strlen(sc->sc_service_name); 1627 len += l1; 1628 } 1629 if (sc->sc_ac_cookie_len > 0) { 1630 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1631 } 1632 if (sc->sc_relay_sid_len > 0) { 1633 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1634 } 1635 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1636 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1637 len += sizeof(struct pppoetag) + 2; 1638 } 1639 1640 /* Allocate packet. */ 1641 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1642 if (m0 == NULL) 1643 return ENOBUFS; 1644 1645 /* Fill in packet. */ 1646 p = mtod(m0, uint8_t *); 1647 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1648 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1649 if (sc->sc_service_name != NULL) { 1650 PPPOE_ADD_16(p, l1); 1651 memcpy(p, sc->sc_service_name, l1); 1652 p += l1; 1653 } else { 1654 PPPOE_ADD_16(p, 0); 1655 } 1656 if (sc->sc_ac_cookie_len > 0) { 1657 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1658 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1659 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1660 p += sc->sc_ac_cookie_len; 1661 } 1662 if (sc->sc_relay_sid_len > 0) { 1663 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1664 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1665 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1666 p += sc->sc_relay_sid_len; 1667 } 1668 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1669 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1670 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1671 p += sizeof(sc->sc_id); 1672 1673 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1674 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1675 PPPOE_ADD_16(p, 2); 1676 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1677 } 1678 1679#ifdef PPPOE_DEBUG 1680 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1681 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1682 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1683#endif 1684 1685 /* Send packet. */ 1686 return pppoe_output(sc, m0); 1687} 1688 1689/* send a PADT packet */ 1690static int 1691pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1692{ 1693 struct ether_header *eh; 1694 struct sockaddr dst; 1695 struct mbuf *m0; 1696 uint8_t *p; 1697 1698 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1699 if (!m0) 1700 return EIO; 1701 p = mtod(m0, uint8_t *); 1702 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1703 1704 memset(&dst, 0, sizeof dst); 1705 dst.sa_family = AF_UNSPEC; 1706 eh = (struct ether_header*)&dst.sa_data; 1707 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1708 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1709 1710 m0->m_flags &= ~(M_BCAST|M_MCAST); 1711 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1712} 1713 1714#ifdef PPPOE_SERVER 1715static int 1716pppoe_send_pado(struct pppoe_softc *sc) 1717{ 1718 struct mbuf *m0; 1719 uint8_t *p; 1720 size_t len; 1721 1722 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1723 return EIO; 1724 1725 /* Include AC cookie. */ 1726 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1727 /* Include hunique. */ 1728 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1729 1730 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1731 if (!m0) 1732 return EIO; 1733 p = mtod(m0, uint8_t *); 1734 1735 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1736 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1737 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1738 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1739 p += sizeof(sc->sc_id); 1740 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1741 PPPOE_ADD_16(p, sc->sc_hunique_len); 1742 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1743 return pppoe_output(sc, m0); 1744} 1745 1746static int 1747pppoe_send_pads(struct pppoe_softc *sc) 1748{ 1749 struct bintime bt; 1750 struct mbuf *m0; 1751 uint8_t *p; 1752 size_t len, l1 = 0; /* XXX: gcc */ 1753 1754 KASSERT(PPPOE_WLOCKED(sc)); 1755 1756 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1757 return EIO; 1758 1759 getbinuptime(&bt); 1760 sc->sc_session = bt.sec % 0xff + 1; 1761 1762 /* Include service name. */ 1763 len = sizeof(struct pppoetag); 1764 if (sc->sc_service_name != NULL) { 1765 l1 = strlen(sc->sc_service_name); 1766 len += l1; 1767 } 1768 /* Include hunique. */ 1769 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1770 1771 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1772 if (!m0) 1773 return ENOBUFS; 1774 p = mtod(m0, uint8_t *); 1775 1776 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1777 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1778 if (sc->sc_service_name != NULL) { 1779 PPPOE_ADD_16(p, l1); 1780 memcpy(p, sc->sc_service_name, l1); 1781 p += l1; 1782 } else { 1783 PPPOE_ADD_16(p, 0); 1784 } 1785 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1786 PPPOE_ADD_16(p, sc->sc_hunique_len); 1787 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1788 return pppoe_output(sc, m0); 1789} 1790#endif 1791 1792static void 1793pppoe_tls(struct sppp *sp) 1794{ 1795 struct pppoe_softc *sc = (void *)sp; 1796 int wtime; 1797 1798 PPPOE_LOCK(sc, RW_READER); 1799 1800 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1801 PPPOE_UNLOCK(sc); 1802 return; 1803 } 1804 1805 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1806 sc->sc_sppp.pp_auth_failures > 0) { 1807 /* 1808 * Delay trying to reconnect a bit more - the peer 1809 * might have failed to contact its radius server. 1810 */ 1811 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1812 if (wtime > PPPOE_SLOW_RETRY) 1813 wtime = PPPOE_SLOW_RETRY; 1814 } else { 1815 wtime = PPPOE_RECON_IMMEDIATE; 1816 } 1817 callout_reset(&sc->sc_timeout, wtime, pppoe_timeout, sc); 1818 1819 PPPOE_UNLOCK(sc); 1820} 1821 1822static void 1823pppoe_tlf(struct sppp *sp) 1824{ 1825 struct pppoe_softc *sc = (void *)sp; 1826 1827 PPPOE_LOCK(sc, RW_WRITER); 1828 1829 if (sc->sc_state < PPPOE_STATE_SESSION) { 1830 PPPOE_UNLOCK(sc); 1831 return; 1832 } 1833 /* 1834 * Do not call pppoe_disconnect here, the upper layer state 1835 * machine gets confused by this. We must return from this 1836 * function and defer disconnecting to the timeout handler. 1837 */ 1838 sc->sc_state = PPPOE_STATE_CLOSING; 1839 1840 callout_reset(&sc->sc_timeout, hz/50, pppoe_timeout, sc); 1841 1842 PPPOE_UNLOCK(sc); 1843} 1844 1845static void 1846pppoe_start(struct ifnet *ifp) 1847{ 1848 struct pppoe_softc *sc = (void *)ifp; 1849 struct mbuf *m; 1850 uint8_t *p; 1851 size_t len; 1852 1853 if (sppp_isempty(ifp)) 1854 return; 1855 1856 /* are we ready to process data yet? */ 1857 PPPOE_LOCK(sc, RW_READER); 1858 if (sc->sc_state < PPPOE_STATE_SESSION) { 1859 sppp_flush(&sc->sc_sppp.pp_if); 1860 PPPOE_UNLOCK(sc); 1861 return; 1862 } 1863 1864 while ((m = sppp_dequeue(ifp)) != NULL) { 1865 len = m->m_pkthdr.len; 1866 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1867 if (m == NULL) { 1868 ifp->if_oerrors++; 1869 continue; 1870 } 1871 p = mtod(m, uint8_t *); 1872 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1873 1874 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1875 1876 pppoe_output(sc, m); 1877 } 1878 PPPOE_UNLOCK(sc); 1879} 1880 1881#ifdef PPPOE_MPSAFE 1882static int 1883pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1884{ 1885 struct pppoe_softc *sc = (void *)ifp; 1886 uint8_t *p; 1887 size_t len; 1888 1889 if (m == NULL) 1890 return EINVAL; 1891 1892 /* are we ready to process data yet? */ 1893 PPPOE_LOCK(sc, RW_READER); 1894 if (sc->sc_state < PPPOE_STATE_SESSION) { 1895 PPPOE_UNLOCK(sc); 1896 m_freem(m); 1897 return ENOBUFS; 1898 } 1899 1900 len = m->m_pkthdr.len; 1901 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1902 if (m == NULL) { 1903 PPPOE_UNLOCK(sc); 1904 ifp->if_oerrors++; 1905 return ENETDOWN; 1906 } 1907 p = mtod(m, uint8_t *); 1908 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1909 1910 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1911 1912 pppoe_output(sc, m); 1913 PPPOE_UNLOCK(sc); 1914 return 0; 1915} 1916#endif /* PPPOE_MPSAFE */ 1917 1918static void 1919pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 1920{ 1921 struct ifnet *ifp = arg2; 1922 struct pppoe_softc *sc; 1923 DECLARE_SPLNET_VARIABLE; 1924 1925 if (cmd != PFIL_IFNET_DETACH) 1926 return; 1927 1928 ACQUIRE_SPLNET(); 1929 rw_enter(&pppoe_softc_list_lock, RW_READER); 1930 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 1931 PPPOE_LOCK(sc, RW_WRITER); 1932 if (sc->sc_eth_if != ifp) { 1933 PPPOE_UNLOCK(sc); 1934 continue; 1935 } 1936 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 1937 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 1938 printf("%s: ethernet interface detached, going down\n", 1939 sc->sc_sppp.pp_if.if_xname); 1940 } 1941 sc->sc_eth_if = NULL; 1942 pppoe_clear_softc(sc, "ethernet interface detached"); 1943 PPPOE_UNLOCK(sc); 1944 } 1945 rw_exit(&pppoe_softc_list_lock); 1946 RELEASE_SPLNET(); 1947} 1948 1949static void 1950pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 1951{ 1952 KASSERT(PPPOE_WLOCKED(sc)); 1953 1954 /* stop timer */ 1955 callout_stop(&sc->sc_timeout); 1956 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1957 printf("%s: session 0x%x terminated, %s\n", 1958 sc->sc_sppp.pp_if.if_xname, sc->sc_session, message); 1959 1960 /* fix our state */ 1961 sc->sc_state = PPPOE_STATE_INITIAL; 1962 1963 PPPOE_UNLOCK(sc); 1964 1965 /* signal upper layer */ 1966 sc->sc_sppp.pp_down(&sc->sc_sppp); 1967 1968 PPPOE_LOCK(sc, RW_WRITER); 1969 1970 /* clean up softc */ 1971 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1972 if (sc->sc_ac_cookie) { 1973 free(sc->sc_ac_cookie, M_DEVBUF); 1974 sc->sc_ac_cookie = NULL; 1975 } 1976 if (sc->sc_relay_sid) { 1977 free(sc->sc_relay_sid, M_DEVBUF); 1978 sc->sc_relay_sid = NULL; 1979 } 1980 sc->sc_ac_cookie_len = 0; 1981 sc->sc_session = 0; 1982} 1983 1984static void 1985pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 1986{ 1987 if (m->m_flags & M_PROMISC) { 1988 m_freem(m); 1989 return; 1990 } 1991 1992#ifndef PPPOE_SERVER 1993 if (m->m_flags & (M_MCAST | M_BCAST)) { 1994 m_freem(m); 1995 return; 1996 } 1997#endif 1998 1999 IFQ_LOCK(inq); 2000 if (IF_QFULL(inq)) { 2001 IF_DROP(inq); 2002 IFQ_UNLOCK(inq); 2003 m_freem(m); 2004 } else { 2005 IF_ENQUEUE(inq, m); 2006 IFQ_UNLOCK(inq); 2007 softint_schedule(pppoe_softintr); 2008 } 2009 return; 2010} 2011 2012void 2013pppoe_input(struct ifnet *ifp, struct mbuf *m) 2014{ 2015 pppoe_enqueue(&ppoeinq, m); 2016 return; 2017} 2018 2019void 2020pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2021{ 2022 pppoe_enqueue(&ppoediscinq, m); 2023 return; 2024} 2025 2026static void 2027sysctl_net_pppoe_setup(struct sysctllog **clog) 2028{ 2029 const struct sysctlnode *node = NULL; 2030 2031 sysctl_createv(clog, 0, NULL, &node, 2032 CTLFLAG_PERMANENT, 2033 CTLTYPE_NODE, "pppoe", 2034 SYSCTL_DESCR("PPPOE protocol"), 2035 NULL, 0, NULL, 0, 2036 CTL_NET, CTL_CREATE, CTL_EOL); 2037 2038 if (node == NULL) 2039 return; 2040 2041 sysctl_createv(clog, 0, &node, NULL, 2042 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2043 CTLTYPE_BOOL, "term_unknown", 2044 SYSCTL_DESCR("Terminate unknown sessions"), 2045 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2046 CTL_CREATE, CTL_EOL); 2047} 2048 2049/* 2050 * Module infrastructure 2051 */ 2052#include "if_module.h" 2053 2054IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2055