if_pppoe.c revision 1.149
1/* $NetBSD: if_pppoe.c,v 1.149 2020/02/10 22:38:10 mlelstv Exp $ */ 2 3/* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32#include <sys/cdefs.h> 33__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.149 2020/02/10 22:38:10 mlelstv Exp $"); 34 35#ifdef _KERNEL_OPT 36#include "pppoe.h" 37#include "opt_pppoe.h" 38#include "opt_net_mpsafe.h" 39#endif 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/kernel.h> 44#include <sys/callout.h> 45#include <sys/malloc.h> 46#include <sys/mbuf.h> 47#include <sys/socket.h> 48#include <sys/proc.h> 49#include <sys/ioctl.h> 50#include <sys/kauth.h> 51#include <sys/intr.h> 52#include <sys/socketvar.h> 53#include <sys/device.h> 54#include <sys/module.h> 55#include <sys/sysctl.h> 56#include <sys/rwlock.h> 57#include <sys/mutex.h> 58#include <sys/psref.h> 59#include <sys/cprng.h> 60 61#include <net/if.h> 62#include <net/if_types.h> 63#include <net/if_ether.h> 64#include <net/if_sppp.h> 65#include <net/if_spppvar.h> 66#include <net/if_pppoe.h> 67#include <net/if_dl.h> 68 69#include <net/bpf.h> 70 71#include "ioconf.h" 72 73#ifdef NET_MPSAFE 74#define PPPOE_MPSAFE 1 75#endif 76 77struct pppoehdr { 78 uint8_t vertype; 79 uint8_t code; 80 uint16_t session; 81 uint16_t plen; 82} __packed; 83 84struct pppoetag { 85 uint16_t tag; 86 uint16_t len; 87} __packed; 88 89#define PPPOE_HEADERLEN sizeof(struct pppoehdr) 90#define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 91#define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 92 93#define PPPOE_TAG_EOL 0x0000 /* end of list */ 94#define PPPOE_TAG_SNAME 0x0101 /* service name */ 95#define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 96#define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 97#define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 98#define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 99#define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 100#define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 101#define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 102#define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 103#define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 104 105#define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 106#define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 107#define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 108#define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 109#define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 110 111/* two byte PPP protocol discriminator, then IP data */ 112#define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 113 114/* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 115#define PPPOE_ADD_16(PTR, VAL) \ 116 *(PTR)++ = (VAL) / 256; \ 117 *(PTR)++ = (VAL) % 256 118 119/* Add a complete PPPoE header to the buffer pointed to by PTR */ 120#define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 121 *(PTR)++ = PPPOE_VERTYPE; \ 122 *(PTR)++ = (CODE); \ 123 PPPOE_ADD_16(PTR, SESS); \ 124 PPPOE_ADD_16(PTR, LEN) 125 126#define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 127#define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 128#define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 129#define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 130#define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 131#define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 132 133#ifdef PPPOE_SERVER 134/* from if_spppsubr.c */ 135#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 136#endif 137 138#define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 139#define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 140#define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 141 142#ifdef PPPOE_MPSAFE 143#define DECLARE_SPLNET_VARIABLE 144#define ACQUIRE_SPLNET() do { } while (0) 145#define RELEASE_SPLNET() do { } while (0) 146#else 147#define DECLARE_SPLNET_VARIABLE int __s 148#define ACQUIRE_SPLNET() do { \ 149 __s = splnet(); \ 150 } while (0) 151#define RELEASE_SPLNET() do { \ 152 splx(__s); \ 153 } while (0) 154#endif 155 156struct pppoe_softc { 157 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 158 LIST_ENTRY(pppoe_softc) sc_list; 159 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 160 161 uint64_t sc_id; /* id of this softc, our hunique */ 162 int sc_state; /* discovery phase or session connected */ 163 struct ether_addr sc_dest; /* hardware address of concentrator */ 164 uint16_t sc_session; /* PPPoE session id */ 165 166 char *sc_service_name; /* if != NULL: requested name of service */ 167 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 168 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 169 size_t sc_ac_cookie_len; /* length of cookie data */ 170 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 171 size_t sc_relay_sid_len; /* length of relay SID data */ 172#ifdef PPPOE_SERVER 173 uint8_t *sc_hunique; /* content of host unique we must echo back */ 174 size_t sc_hunique_len; /* length of host unique */ 175#endif 176 callout_t sc_timeout; /* timeout while not in session state */ 177 int sc_padi_retried; /* number of PADI retries already done */ 178 int sc_padr_retried; /* number of PADR retries already done */ 179 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 180}; 181 182/* incoming traffic will be queued here */ 183struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 184struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 185 186void *pppoe_softintr = NULL; 187static void pppoe_softintr_handler(void *); 188 189extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 190 191/* input routines */ 192static void pppoeintr(void); 193static void pppoe_disc_input(struct mbuf *); 194static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 195static void pppoe_data_input(struct mbuf *); 196static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 197 198/* management routines */ 199static int pppoe_connect(struct pppoe_softc *); 200static int pppoe_disconnect(struct pppoe_softc *); 201static void pppoe_abort_connect(struct pppoe_softc *); 202static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 203static void pppoe_tls(struct sppp *); 204static void pppoe_tlf(struct sppp *); 205static void pppoe_start(struct ifnet *); 206#ifdef PPPOE_MPSAFE 207static int pppoe_transmit(struct ifnet *, struct mbuf *); 208#endif 209static void pppoe_clear_softc(struct pppoe_softc *, const char *); 210 211/* internal timeout handling */ 212static void pppoe_timeout(void *); 213 214/* sending actual protocol controll packets */ 215static int pppoe_send_padi(struct pppoe_softc *); 216static int pppoe_send_padr(struct pppoe_softc *); 217#ifdef PPPOE_SERVER 218static int pppoe_send_pado(struct pppoe_softc *); 219static int pppoe_send_pads(struct pppoe_softc *); 220#endif 221static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 222 223/* raw output */ 224static int pppoe_output(struct pppoe_softc *, struct mbuf *); 225 226/* internal helper functions */ 227static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 228 krw_t); 229static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 230 struct ifnet *, krw_t); 231static struct mbuf *pppoe_get_mbuf(size_t len); 232 233static void pppoe_ifattach_hook(void *, unsigned long, void *); 234 235static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 236static krwlock_t pppoe_softc_list_lock; 237 238static int pppoe_clone_create(struct if_clone *, int); 239static int pppoe_clone_destroy(struct ifnet *); 240 241static bool pppoe_term_unknown = false; 242static int pppoe_term_unknown_pps = 1; 243 244static struct sysctllog *pppoe_sysctl_clog; 245static void sysctl_net_pppoe_setup(struct sysctllog **); 246 247static struct if_clone pppoe_cloner = 248 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 249 250/* ARGSUSED */ 251void 252pppoeattach(int count) 253{ 254 255 /* 256 * Nothing to do here, initialization is handled by the 257 * module initialization code in pppoeinit() below). 258 */ 259} 260 261static void 262pppoeinit(void) 263{ 264 265 LIST_INIT(&pppoe_softc_list); 266 rw_init(&pppoe_softc_list_lock); 267 if_clone_attach(&pppoe_cloner); 268 269 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 270 pppoe_softintr_handler, NULL); 271 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 272 273 IFQ_LOCK_INIT(&ppoediscinq); 274 IFQ_LOCK_INIT(&ppoeinq); 275} 276 277static int 278pppoedetach(void) 279{ 280 int error = 0; 281 282 rw_enter(&pppoe_softc_list_lock, RW_READER); 283 if (!LIST_EMPTY(&pppoe_softc_list)) { 284 rw_exit(&pppoe_softc_list_lock); 285 error = EBUSY; 286 } 287 288 if (error == 0) { 289 if_clone_detach(&pppoe_cloner); 290 softint_disestablish(pppoe_softintr); 291 /* Remove our sysctl sub-tree */ 292 sysctl_teardown(&pppoe_sysctl_clog); 293 } 294 295 return error; 296} 297 298static void 299pppoe_softc_genid(uint64_t *id) 300{ 301 struct pppoe_softc *sc; 302 uint64_t rndid; 303 304 rw_enter(&pppoe_softc_list_lock, RW_READER); 305 306 while (1) { 307 rndid = cprng_strong64(); 308 309 sc = NULL; 310 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 311 if (sc->sc_id == rndid) 312 break; 313 } 314 if (sc == NULL) { 315 break; 316 } 317 } 318 319 rw_exit(&pppoe_softc_list_lock); 320 *id = rndid; 321} 322 323static int 324pppoe_clone_create(struct if_clone *ifc, int unit) 325{ 326 struct pppoe_softc *sc; 327 int rv; 328 329 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 330 331 pppoe_softc_genid(&sc->sc_id); 332 333 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 334 sc->sc_sppp.pp_if.if_softc = sc; 335 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 336 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 337#ifdef PPPOE_MPSAFE 338 sc->sc_sppp.pp_if.if_extflags = IFEF_MPSAFE; 339#endif 340 sc->sc_sppp.pp_if.if_type = IFT_PPP; 341 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 342 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 343 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 344 PP_NOFRAMING; /* no serial encapsulation */ 345 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 346 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 347 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 348 349 /* changed to real address later */ 350 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 351 352 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 353 354 sc->sc_sppp.pp_if.if_start = pppoe_start; 355#ifdef PPPOE_MPSAFE 356 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 357#endif 358 sc->sc_sppp.pp_tls = pppoe_tls; 359 sc->sc_sppp.pp_tlf = pppoe_tlf; 360 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 361 362 rv = if_initialize(&sc->sc_sppp.pp_if); 363 if (rv != 0) { 364 callout_halt(&sc->sc_timeout, NULL); 365 callout_destroy(&sc->sc_timeout); 366 free(sc, M_DEVBUF); 367 return rv; 368 } 369 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 370 sppp_attach(&sc->sc_sppp.pp_if); 371 372 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 373 rw_enter(&pppoe_softc_list_lock, RW_READER); 374 if (LIST_EMPTY(&pppoe_softc_list)) { 375 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 376 } 377 rw_exit(&pppoe_softc_list_lock); 378 379 if_register(&sc->sc_sppp.pp_if); 380 381 rw_init(&sc->sc_lock); 382 383 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 384 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 385 rw_exit(&pppoe_softc_list_lock); 386 return 0; 387} 388 389static int 390pppoe_clone_destroy(struct ifnet *ifp) 391{ 392 struct pppoe_softc * sc = ifp->if_softc; 393 394 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 395 396 PPPOE_LOCK(sc, RW_WRITER); 397 callout_halt(&sc->sc_timeout, NULL); 398 399 LIST_REMOVE(sc, sc_list); 400 401 if (LIST_EMPTY(&pppoe_softc_list)) { 402 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 403 } 404 rw_exit(&pppoe_softc_list_lock); 405 406 bpf_detach(ifp); 407 sppp_detach(&sc->sc_sppp.pp_if); 408 if_detach(ifp); 409 if (sc->sc_concentrator_name) 410 free(sc->sc_concentrator_name, M_DEVBUF); 411 if (sc->sc_service_name) 412 free(sc->sc_service_name, M_DEVBUF); 413 if (sc->sc_ac_cookie) 414 free(sc->sc_ac_cookie, M_DEVBUF); 415 if (sc->sc_relay_sid) 416 free(sc->sc_relay_sid, M_DEVBUF); 417 callout_destroy(&sc->sc_timeout); 418 419 PPPOE_UNLOCK(sc); 420 rw_destroy(&sc->sc_lock); 421 422 free(sc, M_DEVBUF); 423 424 return 0; 425} 426 427/* 428 * Find the interface handling the specified session. 429 * Note: O(number of sessions open), this is a client-side only, mean 430 * and lean implementation, so number of open sessions typically should 431 * be 1. 432 */ 433static struct pppoe_softc * 434pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 435{ 436 struct pppoe_softc *sc = NULL; 437 438 if (session == 0) 439 return NULL; 440 rw_enter(&pppoe_softc_list_lock, RW_READER); 441 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 442 PPPOE_LOCK(sc, lock); 443 if ( sc->sc_state == PPPOE_STATE_SESSION 444 && sc->sc_session == session 445 && sc->sc_eth_if == rcvif) 446 break; 447 448 PPPOE_UNLOCK(sc); 449 } 450 rw_exit(&pppoe_softc_list_lock); 451 return sc; 452} 453 454/* Check host unique token passed and return appropriate softc pointer, 455 * or NULL if token is bogus. */ 456static struct pppoe_softc * 457pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 458 struct ifnet *rcvif, krw_t lock) 459{ 460 struct pppoe_softc *sc; 461 uint64_t t; 462 463 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 464 465 rw_enter(&pppoe_softc_list_lock, RW_READER); 466 if (LIST_EMPTY(&pppoe_softc_list)) { 467 rw_exit(&pppoe_softc_list_lock); 468 return NULL; 469 } 470 471 if (len != sizeof(sc->sc_id)) { 472 rw_exit(&pppoe_softc_list_lock); 473 return NULL; 474 } 475 memcpy(&t, token, len); 476 477 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 478 if (sc->sc_id == t) { 479 PPPOE_LOCK(sc, lock); 480 break; 481 } 482 } 483 rw_exit(&pppoe_softc_list_lock); 484 485 if (sc == NULL) { 486#ifdef PPPOE_DEBUG 487 printf("pppoe: alien host unique tag, no session found\n"); 488#endif 489 return NULL; 490 } 491 492 /* should be safe to access *sc now */ 493 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 494 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 495 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 496 PPPOE_UNLOCK(sc); 497 return NULL; 498 } 499 if (sc->sc_eth_if != rcvif) { 500 printf("%s: wrong interface, not accepting host unique\n", 501 sc->sc_sppp.pp_if.if_xname); 502 PPPOE_UNLOCK(sc); 503 return NULL; 504 } 505 return sc; 506} 507 508static void 509pppoe_softintr_handler(void *dummy) 510{ 511 /* called at splsoftnet() */ 512 pppoeintr(); 513} 514 515/* called at appropriate protection level */ 516static void 517pppoeintr(void) 518{ 519 struct mbuf *m; 520 int disc_done, data_done; 521 522 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 523 524 do { 525 disc_done = 0; 526 data_done = 0; 527 for (;;) { 528 IFQ_LOCK(&ppoediscinq); 529 IF_DEQUEUE(&ppoediscinq, m); 530 IFQ_UNLOCK(&ppoediscinq); 531 if (m == NULL) 532 break; 533 disc_done = 1; 534 pppoe_disc_input(m); 535 } 536 537 for (;;) { 538 IFQ_LOCK(&ppoeinq); 539 IF_DEQUEUE(&ppoeinq, m); 540 IFQ_UNLOCK(&ppoeinq); 541 if (m == NULL) 542 break; 543 data_done = 1; 544 pppoe_data_input(m); 545 } 546 } while (disc_done || data_done); 547 548 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 549} 550 551/* analyze and handle a single received packet while not in session state */ 552static void 553pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 554{ 555 uint16_t tag, len; 556 uint16_t session, plen; 557 struct pppoe_softc *sc; 558 const char *err_msg; 559 char devname[IF_NAMESIZE]; 560 char *error; 561 size_t dlen; 562 uint8_t *ac_cookie; 563 size_t ac_cookie_len; 564 uint8_t *relay_sid; 565 size_t relay_sid_len; 566 uint8_t *hunique; 567 size_t hunique_len; 568 struct pppoehdr *ph; 569 struct pppoetag *pt; 570 struct mbuf *n; 571 int noff, err, errortag; 572 struct ether_header *eh; 573 struct ifnet *rcvif; 574 struct psref psref; 575 576 if (m->m_len < sizeof(*eh)) { 577 m = m_pullup(m, sizeof(*eh)); 578 if (m == NULL) 579 goto done; 580 } 581 eh = mtod(m, struct ether_header *); 582 off += sizeof(*eh); 583 584 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 585 goto done; 586 } 587 588 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 589 if (ph == NULL) { 590 goto done; 591 } 592 if (ph->vertype != PPPOE_VERTYPE) { 593 goto done; 594 } 595 596 ac_cookie = NULL; 597 ac_cookie_len = 0; 598 relay_sid = NULL; 599 relay_sid_len = 0; 600 hunique = NULL; 601 hunique_len = 0; 602 603 session = ntohs(ph->session); 604 plen = ntohs(ph->plen); 605 off += sizeof(*ph); 606 607 if (plen + off > m->m_pkthdr.len) { 608 goto done; 609 } 610 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 611 612 tag = 0; 613 len = 0; 614 sc = NULL; 615 err_msg = NULL; 616 errortag = 0; 617 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 618 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 619 if (pt == NULL) { 620 goto done; 621 } 622 623 tag = ntohs(pt->tag); 624 len = ntohs(pt->len); 625 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 626 goto done; 627 } 628 switch (tag) { 629 case PPPOE_TAG_EOL: 630 goto breakbreak; 631 case PPPOE_TAG_SNAME: 632 break; /* ignored */ 633 case PPPOE_TAG_ACNAME: 634 if (len > 0) { 635 dlen = 4 * len + 1; 636 error = malloc(dlen, M_TEMP, M_NOWAIT); 637 if (error == NULL) 638 break; 639 640 n = m_pulldown(m, off + sizeof(*pt), len, 641 &noff); 642 if (!n) { 643 m = NULL; 644 free(error, M_TEMP); 645 goto done; 646 } 647 648 strnvisx(error, dlen, 649 mtod(n, char*) + noff, len, 650 VIS_SAFE | VIS_OCTAL); 651 printf("pppoe: connected to %s\n", error); 652 free(error, M_TEMP); 653 } 654 break; /* ignored */ 655 case PPPOE_TAG_HUNIQUE: 656 if (hunique == NULL) { 657 n = m_pulldown(m, off + sizeof(*pt), len, 658 &noff); 659 if (!n) { 660 m = NULL; 661 err_msg = "TAG HUNIQUE ERROR"; 662 break; 663 } 664 665 hunique = mtod(n, uint8_t *) + noff; 666 hunique_len = len; 667 } 668 break; 669 case PPPOE_TAG_ACCOOKIE: 670 if (ac_cookie == NULL) { 671 n = m_pulldown(m, off + sizeof(*pt), len, 672 &noff); 673 if (!n) { 674 err_msg = "TAG ACCOOKIE ERROR"; 675 m = NULL; 676 break; 677 } 678 ac_cookie = mtod(n, char *) + noff; 679 ac_cookie_len = len; 680 } 681 break; 682 case PPPOE_TAG_RELAYSID: 683 if (relay_sid == NULL) { 684 n = m_pulldown(m, off + sizeof(*pt), len, 685 &noff); 686 if (!n) { 687 err_msg = "TAG RELAYSID ERROR"; 688 m = NULL; 689 break; 690 } 691 relay_sid = mtod(n, char *) + noff; 692 relay_sid_len = len; 693 } 694 break; 695 case PPPOE_TAG_SNAME_ERR: 696 err_msg = "SERVICE NAME ERROR"; 697 errortag = 1; 698 break; 699 case PPPOE_TAG_ACSYS_ERR: 700 err_msg = "AC SYSTEM ERROR"; 701 errortag = 1; 702 break; 703 case PPPOE_TAG_GENERIC_ERR: 704 err_msg = "GENERIC ERROR"; 705 errortag = 1; 706 break; 707 } 708 if (err_msg) { 709 error = NULL; 710 if (errortag && len) { 711 dlen = 4 * len + 1; 712 error = malloc(dlen, M_TEMP, 713 M_NOWAIT|M_ZERO); 714 n = m_pulldown(m, off + sizeof(*pt), len, 715 &noff); 716 if (!n) { 717 m = NULL; 718 } else if (error) { 719 strnvisx(error, dlen, 720 mtod(n, char*) + noff, len, 721 VIS_SAFE | VIS_OCTAL); 722 } 723 } 724 if (error) { 725 printf("pppoe: %s: %s\n", err_msg, error); 726 free(error, M_TEMP); 727 } else 728 printf("pppoe: %s\n", err_msg); 729 if (errortag || m == NULL) 730 goto done; 731 } 732 off += sizeof(*pt) + len; 733 } 734breakbreak:; 735 736 switch (ph->code) { 737 case PPPOE_CODE_PADI: 738#ifdef PPPOE_SERVER 739 /* 740 * got service name, concentrator name, and/or host unique. 741 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 742 */ 743 rw_enter(&pppoe_softc_list_lock, RW_READER); 744 if (LIST_EMPTY(&pppoe_softc_list)) { 745 rw_exit(&pppoe_softc_list_lock); 746 goto done; 747 } 748 749 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 750 PPPOE_LOCK(sc, RW_WRITER); 751 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 752 PPPOE_UNLOCK(sc); 753 continue; 754 } 755 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 756 PPPOE_UNLOCK(sc); 757 continue; 758 } 759 760 if (sc->sc_state == PPPOE_STATE_INITIAL) 761 break; 762 763 PPPOE_UNLOCK(sc); 764 } 765 rw_exit(&pppoe_softc_list_lock); 766 767 if (sc == NULL) { 768 goto done; 769 } 770 771 if (hunique) { 772 if (sc->sc_hunique) 773 free(sc->sc_hunique, M_DEVBUF); 774 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 775 M_DONTWAIT); 776 if (sc->sc_hunique == NULL) { 777 PPPOE_UNLOCK(sc); 778 goto done; 779 } 780 sc->sc_hunique_len = hunique_len; 781 memcpy(sc->sc_hunique, hunique, hunique_len); 782 } 783 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 784 sc->sc_state = PPPOE_STATE_PADO_SENT; 785 pppoe_send_pado(sc); 786 PPPOE_UNLOCK(sc); 787 break; 788#endif /* PPPOE_SERVER */ 789 790 case PPPOE_CODE_PADR: 791#ifdef PPPOE_SERVER 792 /* 793 * get sc from ac_cookie if IFF_PASSIVE 794 */ 795 if (ac_cookie == NULL) { 796 goto done; 797 } 798 799 rcvif = m_get_rcvif_psref(m, &psref); 800 if (__predict_true(rcvif != NULL)) { 801 sc = pppoe_find_softc_by_hunique(ac_cookie, 802 ac_cookie_len, rcvif, RW_WRITER); 803 } 804 m_put_rcvif_psref(rcvif, &psref); 805 if (sc == NULL) { 806 /* be quiet if there is not a single pppoe instance */ 807 rw_enter(&pppoe_softc_list_lock, RW_READER); 808 if (!LIST_EMPTY(&pppoe_softc_list)) { 809 printf("pppoe: received PADR" 810 " but could not find request for it\n"); 811 } 812 rw_exit(&pppoe_softc_list_lock); 813 goto done; 814 } 815 816 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 817 printf("%s: received unexpected PADR\n", 818 sc->sc_sppp.pp_if.if_xname); 819 PPPOE_UNLOCK(sc); 820 goto done; 821 } 822 823 if (hunique) { 824 if (sc->sc_hunique) 825 free(sc->sc_hunique, M_DEVBUF); 826 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 827 M_DONTWAIT); 828 if (sc->sc_hunique == NULL) { 829 PPPOE_UNLOCK(sc); 830 goto done; 831 } 832 sc->sc_hunique_len = hunique_len; 833 memcpy(sc->sc_hunique, hunique, hunique_len); 834 } 835 pppoe_send_pads(sc); 836 sc->sc_state = PPPOE_STATE_SESSION; 837 PPPOE_UNLOCK(sc); 838 839 sc->sc_sppp.pp_up(&sc->sc_sppp); 840 break; 841#else 842 /* ignore, we are no access concentrator */ 843 goto done; 844#endif /* PPPOE_SERVER */ 845 846 case PPPOE_CODE_PADO: 847 rcvif = m_get_rcvif_psref(m, &psref); 848 if (__predict_false(rcvif == NULL)) 849 goto done; 850 851 if (hunique != NULL) { 852 sc = pppoe_find_softc_by_hunique(hunique, 853 hunique_len, rcvif, RW_WRITER); 854 } 855 856 m_put_rcvif_psref(rcvif, &psref); 857 858 if (sc == NULL) { 859 /* be quiet if there is not a single pppoe instance */ 860 rw_enter(&pppoe_softc_list_lock, RW_READER); 861 if (!LIST_EMPTY(&pppoe_softc_list)) { 862 printf("pppoe: received PADO" 863 " but could not find request for it\n"); 864 } 865 rw_exit(&pppoe_softc_list_lock); 866 goto done; 867 } 868 869 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 870 printf("%s: received unexpected PADO\n", 871 sc->sc_sppp.pp_if.if_xname); 872 PPPOE_UNLOCK(sc); 873 goto done; 874 } 875 876 if (ac_cookie) { 877 if (sc->sc_ac_cookie) 878 free(sc->sc_ac_cookie, M_DEVBUF); 879 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 880 M_DONTWAIT); 881 if (sc->sc_ac_cookie == NULL) { 882 printf("%s: FATAL: could not allocate memory " 883 "for AC cookie\n", 884 sc->sc_sppp.pp_if.if_xname); 885 PPPOE_UNLOCK(sc); 886 goto done; 887 } 888 sc->sc_ac_cookie_len = ac_cookie_len; 889 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 890 } 891 if (relay_sid) { 892 if (sc->sc_relay_sid) 893 free(sc->sc_relay_sid, M_DEVBUF); 894 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 895 M_DONTWAIT); 896 if (sc->sc_relay_sid == NULL) { 897 printf("%s: FATAL: could not allocate memory " 898 "for relay SID\n", 899 sc->sc_sppp.pp_if.if_xname); 900 PPPOE_UNLOCK(sc); 901 goto done; 902 } 903 sc->sc_relay_sid_len = relay_sid_len; 904 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 905 } 906 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 907 callout_stop(&sc->sc_timeout); 908 sc->sc_padr_retried = 0; 909 sc->sc_state = PPPOE_STATE_PADR_SENT; 910 if ((err = pppoe_send_padr(sc)) != 0) { 911 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 912 printf("%s: failed to send PADR, " 913 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 914 err); 915 } 916 callout_reset(&sc->sc_timeout, 917 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 918 pppoe_timeout, sc); 919 920 PPPOE_UNLOCK(sc); 921 break; 922 923 case PPPOE_CODE_PADS: 924 rcvif = m_get_rcvif_psref(m, &psref); 925 if (__predict_false(rcvif == NULL)) 926 goto done; 927 928 if (hunique != NULL) { 929 sc = pppoe_find_softc_by_hunique(hunique, 930 hunique_len, rcvif, RW_WRITER); 931 } 932 933 m_put_rcvif_psref(rcvif, &psref); 934 935 if (sc == NULL) 936 goto done; 937 938 sc->sc_session = session; 939 callout_stop(&sc->sc_timeout); 940 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 941 printf("%s: session 0x%x connected\n", 942 sc->sc_sppp.pp_if.if_xname, session); 943 sc->sc_state = PPPOE_STATE_SESSION; 944 PPPOE_UNLOCK(sc); 945 946 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 947 break; 948 949 case PPPOE_CODE_PADT: 950 rcvif = m_get_rcvif_psref(m, &psref); 951 if (__predict_false(rcvif == NULL)) 952 goto done; 953 954 sc = pppoe_find_softc_by_session(session, rcvif, 955 RW_WRITER); 956 957 m_put_rcvif_psref(rcvif, &psref); 958 959 if (sc == NULL) 960 goto done; 961 962 pppoe_clear_softc(sc, "received PADT"); 963 PPPOE_UNLOCK(sc); 964 break; 965 966 default: 967 rcvif = m_get_rcvif_psref(m, &psref); 968 if (__predict_false(rcvif == NULL)) 969 goto done; 970 971 if (hunique != NULL) { 972 sc = pppoe_find_softc_by_hunique(hunique, 973 hunique_len, rcvif, RW_READER); 974 } 975 976 m_put_rcvif_psref(rcvif, &psref); 977 978 if (sc != NULL) { 979 strlcpy(devname, sc->sc_sppp.pp_if.if_xname, 980 sizeof(devname)); 981 PPPOE_UNLOCK(sc); 982 } else 983 strlcpy(devname, "pppoe", sizeof(devname)); 984 985 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 986 devname, ph->code, session); 987 break; 988 } 989 990done: 991 if (m) 992 m_freem(m); 993 return; 994} 995 996static void 997pppoe_disc_input(struct mbuf *m) 998{ 999 KASSERT(m->m_flags & M_PKTHDR); 1000 1001 /* 1002 * Avoid error messages if there is not a single PPPoE instance. 1003 */ 1004 rw_enter(&pppoe_softc_list_lock, RW_READER); 1005 if (!LIST_EMPTY(&pppoe_softc_list)) { 1006 rw_exit(&pppoe_softc_list_lock); 1007 pppoe_dispatch_disc_pkt(m, 0); 1008 } else { 1009 rw_exit(&pppoe_softc_list_lock); 1010 m_freem(m); 1011 } 1012} 1013 1014static bool 1015pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1016{ 1017 1018 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1019 return true; 1020 1021 return false; 1022} 1023 1024static void 1025pppoe_data_input(struct mbuf *m) 1026{ 1027 uint16_t session, plen; 1028 struct pppoe_softc *sc; 1029 struct pppoehdr *ph; 1030 struct ifnet *rcvif; 1031 struct psref psref; 1032 uint8_t shost[ETHER_ADDR_LEN]; 1033 uint8_t dhost[ETHER_ADDR_LEN]; 1034 bool term_unknown = pppoe_term_unknown; 1035 1036 KASSERT(m->m_flags & M_PKTHDR); 1037 1038 /* 1039 * Avoid error messages if there is not a single PPPoE instance. 1040 */ 1041 rw_enter(&pppoe_softc_list_lock, RW_READER); 1042 if (LIST_EMPTY(&pppoe_softc_list)) { 1043 rw_exit(&pppoe_softc_list_lock); 1044 goto drop; 1045 } 1046 rw_exit(&pppoe_softc_list_lock); 1047 1048 if (term_unknown) { 1049 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1050 ETHER_ADDR_LEN); 1051 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1052 ETHER_ADDR_LEN); 1053 } 1054 m_adj(m, sizeof(struct ether_header)); 1055 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1056 goto drop; 1057 } 1058 1059 if (m->m_len < sizeof(*ph)) { 1060 m = m_pullup(m, sizeof(*ph)); 1061 if (m == NULL) { 1062 return; 1063 } 1064 } 1065 ph = mtod(m, struct pppoehdr *); 1066 1067 if (ph->vertype != PPPOE_VERTYPE) { 1068 goto drop; 1069 } 1070 if (ph->code != 0) { 1071 goto drop; 1072 } 1073 1074 session = ntohs(ph->session); 1075 rcvif = m_get_rcvif_psref(m, &psref); 1076 if (__predict_false(rcvif == NULL)) 1077 goto drop; 1078 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1079 if (sc == NULL) { 1080 if (term_unknown) { 1081 static struct timeval lasttime = {0, 0}; 1082 static int curpps = 0; 1083 /* 1084 * avoid to send wrong PADT which is response from 1085 * session stage packets for other hosts when parent 1086 * ethernet is promiscuous mode. 1087 */ 1088 if (pppoe_is_my_frame(dhost, rcvif) && 1089 ppsratecheck(&lasttime, &curpps, 1090 pppoe_term_unknown_pps)) { 1091 printf("pppoe: input for unknown session %#x, " 1092 "sending PADT\n", session); 1093 pppoe_send_padt(rcvif, session, shost); 1094 } 1095 } 1096 m_put_rcvif_psref(rcvif, &psref); 1097 goto drop; 1098 } 1099 1100 m_put_rcvif_psref(rcvif, &psref); 1101 1102 plen = ntohs(ph->plen); 1103 1104 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1105 1106 m_adj(m, PPPOE_HEADERLEN); 1107 1108#ifdef PPPOE_DEBUG 1109 { 1110 struct mbuf *p; 1111 1112 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1113 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1114 p = m; 1115 while (p) { 1116 printf(" l=%d", p->m_len); 1117 p = p->m_next; 1118 } 1119 printf("\n"); 1120 } 1121#endif 1122 PPPOE_UNLOCK(sc); 1123 1124 if (m->m_pkthdr.len < plen) 1125 goto drop; 1126 1127 /* 1128 * Fix incoming interface pointer (not the raw ethernet interface 1129 * anymore) 1130 */ 1131 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1132 1133 /* pass packet up and account for it */ 1134 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1135 sppp_input(&sc->sc_sppp.pp_if, m); 1136 return; 1137 1138drop: 1139 m_freem(m); 1140} 1141 1142static int 1143pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1144{ 1145 struct sockaddr dst; 1146 struct ether_header *eh; 1147 uint16_t etype; 1148 1149 if (sc->sc_eth_if == NULL) { 1150 m_freem(m); 1151 return EIO; 1152 } 1153 1154 memset(&dst, 0, sizeof dst); 1155 dst.sa_family = AF_UNSPEC; 1156 eh = (struct ether_header*)&dst.sa_data; 1157 etype = sc->sc_state == PPPOE_STATE_SESSION 1158 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1159 eh->ether_type = htons(etype); 1160 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1161 1162#ifdef PPPOE_DEBUG 1163 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 1164 sc->sc_sppp.pp_if.if_xname, etype, 1165 sc->sc_state, sc->sc_session, 1166 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1167#endif 1168 1169 m->m_flags &= ~(M_BCAST|M_MCAST); 1170 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1171 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1172} 1173 1174static int 1175pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1176{ 1177 struct lwp *l = curlwp; /* XXX */ 1178 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1179 struct ifreq *ifr = data; 1180 int error = 0; 1181 1182 switch (cmd) { 1183 case PPPOESETPARMS: 1184 { 1185 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1186 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1187 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1188 NULL) != 0) 1189 return EPERM; 1190 if (parms->eth_ifname[0] != 0) { 1191 struct ifnet *eth_if; 1192 1193 PPPOE_LOCK(sc, RW_WRITER); 1194 eth_if = ifunit(parms->eth_ifname); 1195 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1196 sc->sc_eth_if = NULL; 1197 PPPOE_UNLOCK(sc); 1198 return ENXIO; 1199 } 1200 1201 if (sc->sc_sppp.pp_if.if_mtu != 1202 eth_if->if_mtu - PPPOE_OVERHEAD) { 1203 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1204 PPPOE_OVERHEAD; 1205 } 1206 sc->sc_eth_if = eth_if; 1207 PPPOE_UNLOCK(sc); 1208 } 1209 if (parms->ac_name != NULL) { 1210 size_t s; 1211 char *b = malloc(parms->ac_name_len + 1, M_DEVBUF, 1212 M_WAITOK); 1213 if (b == NULL) 1214 return ENOMEM; 1215 error = copyinstr(parms->ac_name, b, 1216 parms->ac_name_len+1, &s); 1217 if (error != 0) { 1218 free(b, M_DEVBUF); 1219 return error; 1220 } 1221 if (s != parms->ac_name_len+1) { 1222 free(b, M_DEVBUF); 1223 return EINVAL; 1224 } 1225 1226 PPPOE_LOCK(sc, RW_WRITER); 1227 if (sc->sc_concentrator_name) 1228 free(sc->sc_concentrator_name, M_DEVBUF); 1229 sc->sc_concentrator_name = b; 1230 PPPOE_UNLOCK(sc); 1231 } 1232 if (parms->service_name != NULL) { 1233 size_t s; 1234 char *b = malloc(parms->service_name_len + 1, M_DEVBUF, 1235 M_WAITOK); 1236 if (b == NULL) 1237 return ENOMEM; 1238 error = copyinstr(parms->service_name, b, 1239 parms->service_name_len+1, &s); 1240 if (error != 0) { 1241 free(b, M_DEVBUF); 1242 return error; 1243 } 1244 if (s != parms->service_name_len+1) { 1245 free(b, M_DEVBUF); 1246 return EINVAL; 1247 } 1248 1249 PPPOE_LOCK(sc, RW_WRITER); 1250 if (sc->sc_service_name) 1251 free(sc->sc_service_name, M_DEVBUF); 1252 sc->sc_service_name = b; 1253 PPPOE_UNLOCK(sc); 1254 } 1255 return 0; 1256 } 1257 break; 1258 case PPPOEGETPARMS: 1259 { 1260 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1261 memset(parms, 0, sizeof *parms); 1262 PPPOE_LOCK(sc, RW_READER); 1263 if (sc->sc_eth_if) 1264 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1265 sizeof(parms->ifname)); 1266 PPPOE_UNLOCK(sc); 1267 return 0; 1268 } 1269 break; 1270 case PPPOEGETSESSION: 1271 { 1272 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1273 PPPOE_LOCK(sc, RW_READER); 1274 state->state = sc->sc_state; 1275 state->session_id = sc->sc_session; 1276 state->padi_retry_no = sc->sc_padi_retried; 1277 state->padr_retry_no = sc->sc_padr_retried; 1278 PPPOE_UNLOCK(sc); 1279 return 0; 1280 } 1281 break; 1282 case SIOCSIFFLAGS: 1283 /* 1284 * Prevent running re-establishment timers overriding 1285 * administrators choice. 1286 */ 1287 PPPOE_LOCK(sc, RW_WRITER); 1288 1289 if ((ifr->ifr_flags & IFF_UP) == 0 1290 && sc->sc_state >= PPPOE_STATE_PADI_SENT 1291 && sc->sc_state < PPPOE_STATE_SESSION) { 1292 callout_stop(&sc->sc_timeout); 1293 sc->sc_state = PPPOE_STATE_INITIAL; 1294 sc->sc_padi_retried = 0; 1295 sc->sc_padr_retried = 0; 1296 memcpy(&sc->sc_dest, etherbroadcastaddr, 1297 sizeof(sc->sc_dest)); 1298 } 1299 1300 PPPOE_UNLOCK(sc); 1301 1302 error = sppp_ioctl(ifp, cmd, data); 1303 1304 return error; 1305 case SIOCSIFMTU: 1306 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1307 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1308 return EINVAL; 1309 } 1310 /*FALLTHROUGH*/ 1311 default: 1312 return sppp_ioctl(ifp, cmd, data); 1313 } 1314 return 0; 1315} 1316 1317/* 1318 * Allocate a mbuf/cluster with space to store the given data length 1319 * of payload, leaving space for prepending an ethernet header 1320 * in front. 1321 */ 1322static struct mbuf * 1323pppoe_get_mbuf(size_t len) 1324{ 1325 struct mbuf *m; 1326 1327 MGETHDR(m, M_DONTWAIT, MT_DATA); 1328 if (m == NULL) 1329 return NULL; 1330 if (len + sizeof(struct ether_header) > MHLEN) { 1331 MCLGET(m, M_DONTWAIT); 1332 if ((m->m_flags & M_EXT) == 0) { 1333 m_free(m); 1334 return NULL; 1335 } 1336 } 1337 m->m_data += sizeof(struct ether_header); 1338 m->m_len = len; 1339 m->m_pkthdr.len = len; 1340 m_reset_rcvif(m); 1341 1342 return m; 1343} 1344 1345static int 1346pppoe_send_padi(struct pppoe_softc *sc) 1347{ 1348 struct mbuf *m0; 1349 int len, l1 = 0, l2 = 0; 1350 uint8_t *p; 1351 1352 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1353 panic("pppoe_send_padi in state %d", sc->sc_state); 1354 1355 /* Compute packet length. */ 1356 len = sizeof(struct pppoetag); 1357 if (sc->sc_service_name != NULL) { 1358 l1 = strlen(sc->sc_service_name); 1359 len += l1; 1360 } 1361 if (sc->sc_concentrator_name != NULL) { 1362 l2 = strlen(sc->sc_concentrator_name); 1363 len += sizeof(struct pppoetag) + l2; 1364 } 1365 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1366 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1367 len += sizeof(struct pppoetag) + 2; 1368 } 1369 1370 /* Allocate packet. */ 1371 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1372 if (m0 == NULL) 1373 return ENOBUFS; 1374 1375 /* Fill in packet. */ 1376 p = mtod(m0, uint8_t *); 1377 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1378 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1379 if (sc->sc_service_name != NULL) { 1380 PPPOE_ADD_16(p, l1); 1381 memcpy(p, sc->sc_service_name, l1); 1382 p += l1; 1383 } else { 1384 PPPOE_ADD_16(p, 0); 1385 } 1386 if (sc->sc_concentrator_name != NULL) { 1387 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1388 PPPOE_ADD_16(p, l2); 1389 memcpy(p, sc->sc_concentrator_name, l2); 1390 p += l2; 1391 } 1392 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1393 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1394 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1395 p += sizeof(sc->sc_id); 1396 1397 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1398 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1399 PPPOE_ADD_16(p, 2); 1400 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1401 } 1402 1403#ifdef PPPOE_DEBUG 1404 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1405 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1406 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1407#endif 1408 1409 /* Send packet. */ 1410 return pppoe_output(sc, m0); 1411} 1412 1413static void 1414pppoe_timeout(void *arg) 1415{ 1416 int retry_wait, err; 1417 struct pppoe_softc *sc = (struct pppoe_softc*)arg; 1418 DECLARE_SPLNET_VARIABLE; 1419 1420#ifdef PPPOE_DEBUG 1421 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1422#endif 1423 1424 PPPOE_LOCK(sc, RW_WRITER); 1425 switch (sc->sc_state) { 1426 case PPPOE_STATE_INITIAL: 1427 /* delayed connect from pppoe_tls() */ 1428 pppoe_connect(sc); 1429 break; 1430 case PPPOE_STATE_PADI_SENT: 1431 /* 1432 * We have two basic ways of retrying: 1433 * - Quick retry mode: try a few times in short sequence 1434 * - Slow retry mode: we already had a connection successfully 1435 * established and will try infinitely (without user 1436 * intervention) 1437 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1438 * is not set. 1439 */ 1440 1441 /* initialize for quick retry mode */ 1442 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1443 1444 ACQUIRE_SPLNET(); 1445 sc->sc_padi_retried++; 1446 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1447 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1448 /* slow retry mode */ 1449 retry_wait = PPPOE_SLOW_RETRY; 1450 } else { 1451 pppoe_abort_connect(sc); 1452 RELEASE_SPLNET(); 1453 PPPOE_UNLOCK(sc); 1454 return; 1455 } 1456 } 1457 if ((err = pppoe_send_padi(sc)) != 0) { 1458 sc->sc_padi_retried--; 1459 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1460 printf("%s: failed to transmit PADI, " 1461 "error=%d\n", 1462 sc->sc_sppp.pp_if.if_xname, err); 1463 } 1464 callout_reset(&sc->sc_timeout, retry_wait, 1465 pppoe_timeout, sc); 1466 RELEASE_SPLNET(); 1467 break; 1468 1469 case PPPOE_STATE_PADR_SENT: 1470 ACQUIRE_SPLNET(); 1471 sc->sc_padr_retried++; 1472 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1473 memcpy(&sc->sc_dest, etherbroadcastaddr, 1474 sizeof(sc->sc_dest)); 1475 sc->sc_state = PPPOE_STATE_PADI_SENT; 1476 sc->sc_padr_retried = 0; 1477 if ((err = pppoe_send_padi(sc)) != 0) { 1478 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1479 printf("%s: failed to send PADI" 1480 ", error=%d\n", 1481 sc->sc_sppp.pp_if.if_xname, err); 1482 } 1483 callout_reset(&sc->sc_timeout, 1484 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried), 1485 pppoe_timeout, sc); 1486 RELEASE_SPLNET(); 1487 PPPOE_UNLOCK(sc); 1488 return; 1489 } 1490 if ((err = pppoe_send_padr(sc)) != 0) { 1491 sc->sc_padr_retried--; 1492 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1493 printf("%s: failed to send PADR, " 1494 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1495 err); 1496 } 1497 callout_reset(&sc->sc_timeout, 1498 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried), 1499 pppoe_timeout, sc); 1500 RELEASE_SPLNET(); 1501 break; 1502 case PPPOE_STATE_CLOSING: 1503 pppoe_disconnect(sc); 1504 break; 1505 default: 1506 PPPOE_UNLOCK(sc); 1507 return; /* all done, work in peace */ 1508 } 1509 PPPOE_UNLOCK(sc); 1510} 1511 1512/* Start a connection (i.e. initiate discovery phase) */ 1513static int 1514pppoe_connect(struct pppoe_softc *sc) 1515{ 1516 int err; 1517 DECLARE_SPLNET_VARIABLE; 1518 1519 KASSERT(PPPOE_WLOCKED(sc)); 1520 1521 if (sc->sc_state != PPPOE_STATE_INITIAL) 1522 return EBUSY; 1523 1524#ifdef PPPOE_SERVER 1525 /* wait PADI if IFF_PASSIVE */ 1526 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1527 return 0; 1528#endif 1529 ACQUIRE_SPLNET(); 1530 /* save state, in case we fail to send PADI */ 1531 sc->sc_state = PPPOE_STATE_PADI_SENT; 1532 sc->sc_padr_retried = 0; 1533 err = pppoe_send_padi(sc); 1534 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1535 printf("%s: failed to send PADI, error=%d\n", 1536 sc->sc_sppp.pp_if.if_xname, err); 1537 callout_reset(&sc->sc_timeout, PPPOE_DISC_TIMEOUT, pppoe_timeout, sc); 1538 RELEASE_SPLNET(); 1539 return err; 1540} 1541 1542/* disconnect */ 1543static int 1544pppoe_disconnect(struct pppoe_softc *sc) 1545{ 1546 int err; 1547 DECLARE_SPLNET_VARIABLE; 1548 1549 KASSERT(PPPOE_WLOCKED(sc)); 1550 1551 ACQUIRE_SPLNET(); 1552 1553 if (sc->sc_state < PPPOE_STATE_SESSION) 1554 err = EBUSY; 1555 else { 1556 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1557 printf("%s: disconnecting\n", 1558 sc->sc_sppp.pp_if.if_xname); 1559 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1560 (const uint8_t *)&sc->sc_dest); 1561 } 1562 1563 /* cleanup softc */ 1564 sc->sc_state = PPPOE_STATE_INITIAL; 1565 1566 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1567 if (sc->sc_ac_cookie) { 1568 free(sc->sc_ac_cookie, M_DEVBUF); 1569 sc->sc_ac_cookie = NULL; 1570 } 1571 sc->sc_ac_cookie_len = 0; 1572 if (sc->sc_relay_sid) { 1573 free(sc->sc_relay_sid, M_DEVBUF); 1574 sc->sc_relay_sid = NULL; 1575 } 1576 sc->sc_relay_sid_len = 0; 1577#ifdef PPPOE_SERVER 1578 if (sc->sc_hunique) { 1579 free(sc->sc_hunique, M_DEVBUF); 1580 sc->sc_hunique = NULL; 1581 } 1582 sc->sc_hunique_len = 0; 1583#endif 1584 sc->sc_session = 0; 1585 1586 PPPOE_UNLOCK(sc); 1587 1588 /* notify upper layer */ 1589 sc->sc_sppp.pp_down(&sc->sc_sppp); 1590 1591 PPPOE_LOCK(sc, RW_WRITER); 1592 1593 RELEASE_SPLNET(); 1594 return err; 1595} 1596 1597/* Connection attempt aborted */ 1598static void 1599pppoe_abort_connect(struct pppoe_softc *sc) 1600{ 1601 KASSERT(PPPOE_WLOCKED(sc)); 1602 1603 printf("%s: could not establish connection\n", 1604 sc->sc_sppp.pp_if.if_xname); 1605 sc->sc_state = PPPOE_STATE_CLOSING; 1606 1607 PPPOE_UNLOCK(sc); 1608 1609 /* notify upper layer */ 1610 sc->sc_sppp.pp_down(&sc->sc_sppp); 1611 1612 PPPOE_LOCK(sc, RW_WRITER); 1613 1614 /* clear connection state */ 1615 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1616 sc->sc_state = PPPOE_STATE_INITIAL; 1617} 1618 1619static int 1620pppoe_send_padr(struct pppoe_softc *sc) 1621{ 1622 struct mbuf *m0; 1623 uint8_t *p; 1624 size_t len, l1 = 0; 1625 1626 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1627 return EIO; 1628 1629 /* Compute packet length. */ 1630 len = sizeof(struct pppoetag); 1631 if (sc->sc_service_name != NULL) { 1632 l1 = strlen(sc->sc_service_name); 1633 len += l1; 1634 } 1635 if (sc->sc_ac_cookie_len > 0) { 1636 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1637 } 1638 if (sc->sc_relay_sid_len > 0) { 1639 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1640 } 1641 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1642 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1643 len += sizeof(struct pppoetag) + 2; 1644 } 1645 1646 /* Allocate packet. */ 1647 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1648 if (m0 == NULL) 1649 return ENOBUFS; 1650 1651 /* Fill in packet. */ 1652 p = mtod(m0, uint8_t *); 1653 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1654 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1655 if (sc->sc_service_name != NULL) { 1656 PPPOE_ADD_16(p, l1); 1657 memcpy(p, sc->sc_service_name, l1); 1658 p += l1; 1659 } else { 1660 PPPOE_ADD_16(p, 0); 1661 } 1662 if (sc->sc_ac_cookie_len > 0) { 1663 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1664 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1665 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1666 p += sc->sc_ac_cookie_len; 1667 } 1668 if (sc->sc_relay_sid_len > 0) { 1669 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1670 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1671 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1672 p += sc->sc_relay_sid_len; 1673 } 1674 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1675 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1676 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1677 p += sizeof(sc->sc_id); 1678 1679 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1680 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1681 PPPOE_ADD_16(p, 2); 1682 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1683 } 1684 1685#ifdef PPPOE_DEBUG 1686 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1687 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1688 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1689#endif 1690 1691 /* Send packet. */ 1692 return pppoe_output(sc, m0); 1693} 1694 1695/* send a PADT packet */ 1696static int 1697pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1698{ 1699 struct ether_header *eh; 1700 struct sockaddr dst; 1701 struct mbuf *m0; 1702 uint8_t *p; 1703 1704 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1705 if (!m0) 1706 return EIO; 1707 p = mtod(m0, uint8_t *); 1708 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1709 1710 memset(&dst, 0, sizeof dst); 1711 dst.sa_family = AF_UNSPEC; 1712 eh = (struct ether_header*)&dst.sa_data; 1713 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1714 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1715 1716 m0->m_flags &= ~(M_BCAST|M_MCAST); 1717 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1718} 1719 1720#ifdef PPPOE_SERVER 1721static int 1722pppoe_send_pado(struct pppoe_softc *sc) 1723{ 1724 struct mbuf *m0; 1725 uint8_t *p; 1726 size_t len; 1727 1728 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1729 return EIO; 1730 1731 /* Include AC cookie. */ 1732 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1733 /* Include hunique. */ 1734 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1735 1736 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1737 if (!m0) 1738 return EIO; 1739 p = mtod(m0, uint8_t *); 1740 1741 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1742 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1743 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1744 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1745 p += sizeof(sc->sc_id); 1746 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1747 PPPOE_ADD_16(p, sc->sc_hunique_len); 1748 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1749 return pppoe_output(sc, m0); 1750} 1751 1752static int 1753pppoe_send_pads(struct pppoe_softc *sc) 1754{ 1755 struct bintime bt; 1756 struct mbuf *m0; 1757 uint8_t *p; 1758 size_t len, l1 = 0; /* XXX: gcc */ 1759 1760 KASSERT(PPPOE_WLOCKED(sc)); 1761 1762 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1763 return EIO; 1764 1765 getbinuptime(&bt); 1766 sc->sc_session = bt.sec % 0xff + 1; 1767 1768 /* Include service name. */ 1769 len = sizeof(struct pppoetag); 1770 if (sc->sc_service_name != NULL) { 1771 l1 = strlen(sc->sc_service_name); 1772 len += l1; 1773 } 1774 /* Include hunique. */ 1775 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1776 1777 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1778 if (!m0) 1779 return ENOBUFS; 1780 p = mtod(m0, uint8_t *); 1781 1782 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1783 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1784 if (sc->sc_service_name != NULL) { 1785 PPPOE_ADD_16(p, l1); 1786 memcpy(p, sc->sc_service_name, l1); 1787 p += l1; 1788 } else { 1789 PPPOE_ADD_16(p, 0); 1790 } 1791 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1792 PPPOE_ADD_16(p, sc->sc_hunique_len); 1793 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1794 return pppoe_output(sc, m0); 1795} 1796#endif 1797 1798static void 1799pppoe_tls(struct sppp *sp) 1800{ 1801 struct pppoe_softc *sc = (void *)sp; 1802 int wtime; 1803 1804 PPPOE_LOCK(sc, RW_READER); 1805 1806 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1807 PPPOE_UNLOCK(sc); 1808 return; 1809 } 1810 1811 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1812 sc->sc_sppp.pp_auth_failures > 0) { 1813 /* 1814 * Delay trying to reconnect a bit more - the peer 1815 * might have failed to contact its radius server. 1816 */ 1817 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1818 if (wtime > PPPOE_SLOW_RETRY) 1819 wtime = PPPOE_SLOW_RETRY; 1820 } else { 1821 wtime = PPPOE_RECON_IMMEDIATE; 1822 } 1823 callout_reset(&sc->sc_timeout, wtime, pppoe_timeout, sc); 1824 1825 PPPOE_UNLOCK(sc); 1826} 1827 1828static void 1829pppoe_tlf(struct sppp *sp) 1830{ 1831 struct pppoe_softc *sc = (void *)sp; 1832 1833 PPPOE_LOCK(sc, RW_WRITER); 1834 1835 if (sc->sc_state < PPPOE_STATE_SESSION) { 1836 PPPOE_UNLOCK(sc); 1837 return; 1838 } 1839 /* 1840 * Do not call pppoe_disconnect here, the upper layer state 1841 * machine gets confused by this. We must return from this 1842 * function and defer disconnecting to the timeout handler. 1843 */ 1844 sc->sc_state = PPPOE_STATE_CLOSING; 1845 1846 callout_reset(&sc->sc_timeout, hz/50, pppoe_timeout, sc); 1847 1848 PPPOE_UNLOCK(sc); 1849} 1850 1851static void 1852pppoe_start(struct ifnet *ifp) 1853{ 1854 struct pppoe_softc *sc = (void *)ifp; 1855 struct mbuf *m; 1856 uint8_t *p; 1857 size_t len; 1858 1859 if (sppp_isempty(ifp)) 1860 return; 1861 1862 /* are we ready to process data yet? */ 1863 PPPOE_LOCK(sc, RW_READER); 1864 if (sc->sc_state < PPPOE_STATE_SESSION) { 1865 sppp_flush(&sc->sc_sppp.pp_if); 1866 PPPOE_UNLOCK(sc); 1867 return; 1868 } 1869 1870 while ((m = sppp_dequeue(ifp)) != NULL) { 1871 len = m->m_pkthdr.len; 1872 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1873 if (m == NULL) { 1874 if_statinc(ifp, if_oerrors); 1875 continue; 1876 } 1877 p = mtod(m, uint8_t *); 1878 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1879 1880 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1881 1882 pppoe_output(sc, m); 1883 } 1884 PPPOE_UNLOCK(sc); 1885} 1886 1887#ifdef PPPOE_MPSAFE 1888static int 1889pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1890{ 1891 struct pppoe_softc *sc = (void *)ifp; 1892 uint8_t *p; 1893 size_t len; 1894 1895 if (m == NULL) 1896 return EINVAL; 1897 1898 /* are we ready to process data yet? */ 1899 PPPOE_LOCK(sc, RW_READER); 1900 if (sc->sc_state < PPPOE_STATE_SESSION) { 1901 PPPOE_UNLOCK(sc); 1902 m_freem(m); 1903 return ENOBUFS; 1904 } 1905 1906 len = m->m_pkthdr.len; 1907 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1908 if (m == NULL) { 1909 PPPOE_UNLOCK(sc); 1910 if_statinc(ifp, if_oerrors); 1911 return ENETDOWN; 1912 } 1913 p = mtod(m, uint8_t *); 1914 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1915 1916 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1917 1918 pppoe_output(sc, m); 1919 PPPOE_UNLOCK(sc); 1920 return 0; 1921} 1922#endif /* PPPOE_MPSAFE */ 1923 1924static void 1925pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 1926{ 1927 struct ifnet *ifp = arg2; 1928 struct pppoe_softc *sc; 1929 DECLARE_SPLNET_VARIABLE; 1930 1931 if (cmd != PFIL_IFNET_DETACH) 1932 return; 1933 1934 ACQUIRE_SPLNET(); 1935 rw_enter(&pppoe_softc_list_lock, RW_READER); 1936 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 1937 PPPOE_LOCK(sc, RW_WRITER); 1938 if (sc->sc_eth_if != ifp) { 1939 PPPOE_UNLOCK(sc); 1940 continue; 1941 } 1942 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 1943 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 1944 printf("%s: ethernet interface detached, going down\n", 1945 sc->sc_sppp.pp_if.if_xname); 1946 } 1947 sc->sc_eth_if = NULL; 1948 pppoe_clear_softc(sc, "ethernet interface detached"); 1949 PPPOE_UNLOCK(sc); 1950 } 1951 rw_exit(&pppoe_softc_list_lock); 1952 RELEASE_SPLNET(); 1953} 1954 1955static void 1956pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 1957{ 1958 KASSERT(PPPOE_WLOCKED(sc)); 1959 1960 /* stop timer */ 1961 callout_stop(&sc->sc_timeout); 1962 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1963 printf("%s: session 0x%x terminated, %s\n", 1964 sc->sc_sppp.pp_if.if_xname, sc->sc_session, message); 1965 1966 /* fix our state */ 1967 sc->sc_state = PPPOE_STATE_INITIAL; 1968 1969 PPPOE_UNLOCK(sc); 1970 1971 /* signal upper layer */ 1972 sc->sc_sppp.pp_down(&sc->sc_sppp); 1973 1974 PPPOE_LOCK(sc, RW_WRITER); 1975 1976 /* clean up softc */ 1977 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1978 if (sc->sc_ac_cookie) { 1979 free(sc->sc_ac_cookie, M_DEVBUF); 1980 sc->sc_ac_cookie = NULL; 1981 } 1982 if (sc->sc_relay_sid) { 1983 free(sc->sc_relay_sid, M_DEVBUF); 1984 sc->sc_relay_sid = NULL; 1985 } 1986 sc->sc_ac_cookie_len = 0; 1987 sc->sc_session = 0; 1988} 1989 1990static void 1991pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 1992{ 1993 if (m->m_flags & M_PROMISC) { 1994 m_freem(m); 1995 return; 1996 } 1997 1998#ifndef PPPOE_SERVER 1999 if (m->m_flags & (M_MCAST | M_BCAST)) { 2000 m_freem(m); 2001 return; 2002 } 2003#endif 2004 2005 IFQ_LOCK(inq); 2006 if (IF_QFULL(inq)) { 2007 IF_DROP(inq); 2008 IFQ_UNLOCK(inq); 2009 m_freem(m); 2010 } else { 2011 IF_ENQUEUE(inq, m); 2012 IFQ_UNLOCK(inq); 2013 softint_schedule(pppoe_softintr); 2014 } 2015 return; 2016} 2017 2018void 2019pppoe_input(struct ifnet *ifp, struct mbuf *m) 2020{ 2021 pppoe_enqueue(&ppoeinq, m); 2022 return; 2023} 2024 2025void 2026pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2027{ 2028 pppoe_enqueue(&ppoediscinq, m); 2029 return; 2030} 2031 2032static void 2033sysctl_net_pppoe_setup(struct sysctllog **clog) 2034{ 2035 const struct sysctlnode *node = NULL; 2036 2037 sysctl_createv(clog, 0, NULL, &node, 2038 CTLFLAG_PERMANENT, 2039 CTLTYPE_NODE, "pppoe", 2040 SYSCTL_DESCR("PPPOE protocol"), 2041 NULL, 0, NULL, 0, 2042 CTL_NET, CTL_CREATE, CTL_EOL); 2043 2044 if (node == NULL) 2045 return; 2046 2047 sysctl_createv(clog, 0, &node, NULL, 2048 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2049 CTLTYPE_BOOL, "term_unknown", 2050 SYSCTL_DESCR("Terminate unknown sessions"), 2051 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2052 CTL_CREATE, CTL_EOL); 2053} 2054 2055/* 2056 * Module infrastructure 2057 */ 2058#include "if_module.h" 2059 2060IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2061