if_pppoe.c revision 1.152
1/* $NetBSD: if_pppoe.c,v 1.152 2020/09/25 06:12:33 yamaguchi Exp $ */ 2 3/* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32#include <sys/cdefs.h> 33__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.152 2020/09/25 06:12:33 yamaguchi Exp $"); 34 35#ifdef _KERNEL_OPT 36#include "pppoe.h" 37#include "opt_pppoe.h" 38#include "opt_net_mpsafe.h" 39#endif 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/kernel.h> 44#include <sys/atomic.h> 45#include <sys/callout.h> 46#include <sys/malloc.h> 47#include <sys/mbuf.h> 48#include <sys/socket.h> 49#include <sys/proc.h> 50#include <sys/ioctl.h> 51#include <sys/kauth.h> 52#include <sys/intr.h> 53#include <sys/socketvar.h> 54#include <sys/device.h> 55#include <sys/module.h> 56#include <sys/sysctl.h> 57#include <sys/rwlock.h> 58#include <sys/mutex.h> 59#include <sys/psref.h> 60#include <sys/cprng.h> 61#include <sys/workqueue.h> 62 63#include <net/if.h> 64#include <net/if_types.h> 65#include <net/if_ether.h> 66#include <net/if_sppp.h> 67#include <net/if_spppvar.h> 68#include <net/if_pppoe.h> 69#include <net/if_dl.h> 70 71#include <net/bpf.h> 72 73#include "ioconf.h" 74 75#ifdef NET_MPSAFE 76#define PPPOE_MPSAFE 1 77#endif 78 79struct pppoehdr { 80 uint8_t vertype; 81 uint8_t code; 82 uint16_t session; 83 uint16_t plen; 84} __packed; 85 86struct pppoetag { 87 uint16_t tag; 88 uint16_t len; 89} __packed; 90 91#define PPPOE_HEADERLEN sizeof(struct pppoehdr) 92#define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 93#define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 94 95#define PPPOE_TAG_EOL 0x0000 /* end of list */ 96#define PPPOE_TAG_SNAME 0x0101 /* service name */ 97#define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 98#define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 99#define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 100#define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 101#define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 102#define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 103#define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 104#define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 105#define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 106 107#define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 108#define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 109#define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 110#define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 111#define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 112 113/* two byte PPP protocol discriminator, then IP data */ 114#define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 115 116/* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 117#define PPPOE_ADD_16(PTR, VAL) \ 118 *(PTR)++ = (VAL) / 256; \ 119 *(PTR)++ = (VAL) % 256 120 121/* Add a complete PPPoE header to the buffer pointed to by PTR */ 122#define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 123 *(PTR)++ = PPPOE_VERTYPE; \ 124 *(PTR)++ = (CODE); \ 125 PPPOE_ADD_16(PTR, SESS); \ 126 PPPOE_ADD_16(PTR, LEN) 127 128#define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 129#define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 130#define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 131#define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 132#define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 133#define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 134 135#ifdef PPPOE_SERVER 136/* from if_spppsubr.c */ 137#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 138#endif 139 140#define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 141#define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 142#define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 143 144#ifdef PPPOE_MPSAFE 145#define DECLARE_SPLNET_VARIABLE 146#define ACQUIRE_SPLNET() do { } while (0) 147#define RELEASE_SPLNET() do { } while (0) 148#else 149#define DECLARE_SPLNET_VARIABLE int __s 150#define ACQUIRE_SPLNET() do { \ 151 __s = splnet(); \ 152 } while (0) 153#define RELEASE_SPLNET() do { \ 154 splx(__s); \ 155 } while (0) 156#endif 157 158struct pppoe_softc { 159 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 160 LIST_ENTRY(pppoe_softc) sc_list; 161 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 162 163 uint64_t sc_id; /* id of this softc, our hunique */ 164 int sc_state; /* discovery phase or session connected */ 165 struct ether_addr sc_dest; /* hardware address of concentrator */ 166 uint16_t sc_session; /* PPPoE session id */ 167 168 char *sc_service_name; /* if != NULL: requested name of service */ 169 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 170 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 171 size_t sc_ac_cookie_len; /* length of cookie data */ 172 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 173 size_t sc_relay_sid_len; /* length of relay SID data */ 174#ifdef PPPOE_SERVER 175 uint8_t *sc_hunique; /* content of host unique we must echo back */ 176 size_t sc_hunique_len; /* length of host unique */ 177#endif 178 callout_t sc_timeout; /* timeout while not in session state */ 179 struct workqueue *sc_timeout_wq; /* workqueue for timeout */ 180 struct work sc_timeout_wk; 181 u_int sc_timeout_scheduled; 182 int sc_padi_retried; /* number of PADI retries already done */ 183 int sc_padr_retried; /* number of PADR retries already done */ 184 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 185}; 186 187/* incoming traffic will be queued here */ 188struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 189struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 190 191void *pppoe_softintr = NULL; 192static void pppoe_softintr_handler(void *); 193 194extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 195 196/* input routines */ 197static void pppoeintr(void); 198static void pppoe_disc_input(struct mbuf *); 199static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 200static void pppoe_data_input(struct mbuf *); 201static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 202 203/* management routines */ 204static int pppoe_connect(struct pppoe_softc *); 205static int pppoe_disconnect(struct pppoe_softc *); 206static void pppoe_abort_connect(struct pppoe_softc *); 207static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 208static void pppoe_tls(struct sppp *); 209static void pppoe_tlf(struct sppp *); 210static void pppoe_start(struct ifnet *); 211#ifdef PPPOE_MPSAFE 212static int pppoe_transmit(struct ifnet *, struct mbuf *); 213#endif 214static void pppoe_clear_softc(struct pppoe_softc *, const char *); 215 216/* internal timeout handling */ 217static void pppoe_timeout_co(void *); 218static void pppoe_timeout_co_halt(void *); 219static void pppoe_timeout_wk(struct work *, void *); 220static void pppoe_timeout(struct pppoe_softc *); 221 222/* sending actual protocol controll packets */ 223static int pppoe_send_padi(struct pppoe_softc *); 224static int pppoe_send_padr(struct pppoe_softc *); 225#ifdef PPPOE_SERVER 226static int pppoe_send_pado(struct pppoe_softc *); 227static int pppoe_send_pads(struct pppoe_softc *); 228#endif 229static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 230 231/* raw output */ 232static int pppoe_output(struct pppoe_softc *, struct mbuf *); 233 234/* internal helper functions */ 235static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 236 krw_t); 237static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 238 struct ifnet *, krw_t); 239static struct mbuf *pppoe_get_mbuf(size_t len); 240 241static void pppoe_ifattach_hook(void *, unsigned long, void *); 242 243static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 244static krwlock_t pppoe_softc_list_lock; 245 246static int pppoe_clone_create(struct if_clone *, int); 247static int pppoe_clone_destroy(struct ifnet *); 248 249static bool pppoe_term_unknown = false; 250static int pppoe_term_unknown_pps = 1; 251 252static struct sysctllog *pppoe_sysctl_clog; 253static void sysctl_net_pppoe_setup(struct sysctllog **); 254 255static struct if_clone pppoe_cloner = 256 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 257 258/* ARGSUSED */ 259void 260pppoeattach(int count) 261{ 262 263 /* 264 * Nothing to do here, initialization is handled by the 265 * module initialization code in pppoeinit() below). 266 */ 267} 268 269static void 270pppoeinit(void) 271{ 272 273 LIST_INIT(&pppoe_softc_list); 274 rw_init(&pppoe_softc_list_lock); 275 if_clone_attach(&pppoe_cloner); 276 277 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 278 pppoe_softintr_handler, NULL); 279 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 280 281 IFQ_LOCK_INIT(&ppoediscinq); 282 IFQ_LOCK_INIT(&ppoeinq); 283} 284 285static int 286pppoedetach(void) 287{ 288 int error = 0; 289 290 rw_enter(&pppoe_softc_list_lock, RW_READER); 291 if (!LIST_EMPTY(&pppoe_softc_list)) { 292 rw_exit(&pppoe_softc_list_lock); 293 error = EBUSY; 294 } 295 296 if (error == 0) { 297 if_clone_detach(&pppoe_cloner); 298 softint_disestablish(pppoe_softintr); 299 /* Remove our sysctl sub-tree */ 300 sysctl_teardown(&pppoe_sysctl_clog); 301 } 302 303 return error; 304} 305 306static void 307pppoe_softc_genid(uint64_t *id) 308{ 309 struct pppoe_softc *sc; 310 uint64_t rndid; 311 312 rw_enter(&pppoe_softc_list_lock, RW_READER); 313 314 while (1) { 315 rndid = cprng_strong64(); 316 317 sc = NULL; 318 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 319 if (sc->sc_id == rndid) 320 break; 321 } 322 if (sc == NULL) { 323 break; 324 } 325 } 326 327 rw_exit(&pppoe_softc_list_lock); 328 *id = rndid; 329} 330 331static int 332pppoe_clone_create(struct if_clone *ifc, int unit) 333{ 334 struct pppoe_softc *sc; 335 int rv; 336 337 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 338 339 pppoe_softc_genid(&sc->sc_id); 340 341 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 342 sc->sc_sppp.pp_if.if_softc = sc; 343 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 344 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 345#ifdef PPPOE_MPSAFE 346 sc->sc_sppp.pp_if.if_extflags = IFEF_MPSAFE; 347#endif 348 sc->sc_sppp.pp_if.if_type = IFT_PPP; 349 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 350 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 351 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 352 PP_NOFRAMING; /* no serial encapsulation */ 353 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 354 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 355 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 356 357 /* changed to real address later */ 358 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 359 360 rv = workqueue_create(&sc->sc_timeout_wq, 361 sc->sc_sppp.pp_if.if_xname, pppoe_timeout_wk, sc, 362 PRI_SOFTNET, IPL_SOFTNET, 0); 363 if (rv != 0) { 364 free(sc, M_DEVBUF); 365 return rv; 366 } 367 368 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 369 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co, sc); 370 371 sc->sc_sppp.pp_if.if_start = pppoe_start; 372#ifdef PPPOE_MPSAFE 373 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 374#endif 375 sc->sc_sppp.pp_tls = pppoe_tls; 376 sc->sc_sppp.pp_tlf = pppoe_tlf; 377 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 378 379 rv = if_initialize(&sc->sc_sppp.pp_if); 380 if (rv != 0) { 381 workqueue_destroy(sc->sc_timeout_wq); 382 callout_halt(&sc->sc_timeout, NULL); 383 callout_destroy(&sc->sc_timeout); 384 free(sc, M_DEVBUF); 385 return rv; 386 } 387 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 388 sppp_attach(&sc->sc_sppp.pp_if); 389 390 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 391 rw_enter(&pppoe_softc_list_lock, RW_READER); 392 if (LIST_EMPTY(&pppoe_softc_list)) { 393 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 394 } 395 rw_exit(&pppoe_softc_list_lock); 396 397 if_register(&sc->sc_sppp.pp_if); 398 399 rw_init(&sc->sc_lock); 400 401 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 402 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 403 rw_exit(&pppoe_softc_list_lock); 404 return 0; 405} 406 407static int 408pppoe_clone_destroy(struct ifnet *ifp) 409{ 410 struct pppoe_softc * sc = ifp->if_softc; 411 412 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 413 414 PPPOE_LOCK(sc, RW_WRITER); 415 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co_halt, sc); 416 workqueue_wait(sc->sc_timeout_wq, &sc->sc_timeout_wk); 417 callout_halt(&sc->sc_timeout, NULL); 418 419 LIST_REMOVE(sc, sc_list); 420 421 if (LIST_EMPTY(&pppoe_softc_list)) { 422 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 423 } 424 rw_exit(&pppoe_softc_list_lock); 425 426 bpf_detach(ifp); 427 sppp_detach(&sc->sc_sppp.pp_if); 428 if_detach(ifp); 429 if (sc->sc_concentrator_name) 430 free(sc->sc_concentrator_name, M_DEVBUF); 431 if (sc->sc_service_name) 432 free(sc->sc_service_name, M_DEVBUF); 433 if (sc->sc_ac_cookie) 434 free(sc->sc_ac_cookie, M_DEVBUF); 435 if (sc->sc_relay_sid) 436 free(sc->sc_relay_sid, M_DEVBUF); 437 callout_destroy(&sc->sc_timeout); 438 workqueue_destroy(sc->sc_timeout_wq); 439 440 PPPOE_UNLOCK(sc); 441 rw_destroy(&sc->sc_lock); 442 443 free(sc, M_DEVBUF); 444 445 return 0; 446} 447 448/* 449 * Find the interface handling the specified session. 450 * Note: O(number of sessions open), this is a client-side only, mean 451 * and lean implementation, so number of open sessions typically should 452 * be 1. 453 */ 454static struct pppoe_softc * 455pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 456{ 457 struct pppoe_softc *sc = NULL; 458 459 if (session == 0) 460 return NULL; 461 rw_enter(&pppoe_softc_list_lock, RW_READER); 462 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 463 PPPOE_LOCK(sc, lock); 464 if ( sc->sc_state == PPPOE_STATE_SESSION 465 && sc->sc_session == session 466 && sc->sc_eth_if == rcvif) 467 break; 468 469 PPPOE_UNLOCK(sc); 470 } 471 rw_exit(&pppoe_softc_list_lock); 472 return sc; 473} 474 475/* Check host unique token passed and return appropriate softc pointer, 476 * or NULL if token is bogus. */ 477static struct pppoe_softc * 478pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 479 struct ifnet *rcvif, krw_t lock) 480{ 481 struct pppoe_softc *sc; 482 uint64_t t; 483 484 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 485 486 rw_enter(&pppoe_softc_list_lock, RW_READER); 487 if (LIST_EMPTY(&pppoe_softc_list)) { 488 rw_exit(&pppoe_softc_list_lock); 489 return NULL; 490 } 491 492 if (len != sizeof(sc->sc_id)) { 493 rw_exit(&pppoe_softc_list_lock); 494 return NULL; 495 } 496 memcpy(&t, token, len); 497 498 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 499 if (sc->sc_id == t) { 500 PPPOE_LOCK(sc, lock); 501 break; 502 } 503 } 504 rw_exit(&pppoe_softc_list_lock); 505 506 if (sc == NULL) { 507#ifdef PPPOE_DEBUG 508 printf("pppoe: alien host unique tag, no session found\n"); 509#endif 510 return NULL; 511 } 512 513 /* should be safe to access *sc now */ 514 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 515 printf("%s: host unique tag found, but it belongs to a connection in state %d\n", 516 sc->sc_sppp.pp_if.if_xname, sc->sc_state); 517 PPPOE_UNLOCK(sc); 518 return NULL; 519 } 520 if (sc->sc_eth_if != rcvif) { 521 printf("%s: wrong interface, not accepting host unique\n", 522 sc->sc_sppp.pp_if.if_xname); 523 PPPOE_UNLOCK(sc); 524 return NULL; 525 } 526 return sc; 527} 528 529static void 530pppoe_softintr_handler(void *dummy) 531{ 532 /* called at splsoftnet() */ 533 pppoeintr(); 534} 535 536/* called at appropriate protection level */ 537static void 538pppoeintr(void) 539{ 540 struct mbuf *m; 541 int disc_done, data_done; 542 543 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 544 545 do { 546 disc_done = 0; 547 data_done = 0; 548 for (;;) { 549 IFQ_LOCK(&ppoediscinq); 550 IF_DEQUEUE(&ppoediscinq, m); 551 IFQ_UNLOCK(&ppoediscinq); 552 if (m == NULL) 553 break; 554 disc_done = 1; 555 pppoe_disc_input(m); 556 } 557 558 for (;;) { 559 IFQ_LOCK(&ppoeinq); 560 IF_DEQUEUE(&ppoeinq, m); 561 IFQ_UNLOCK(&ppoeinq); 562 if (m == NULL) 563 break; 564 data_done = 1; 565 pppoe_data_input(m); 566 } 567 } while (disc_done || data_done); 568 569 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 570} 571 572/* analyze and handle a single received packet while not in session state */ 573static void 574pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 575{ 576 uint16_t tag, len; 577 uint16_t session, plen; 578 struct pppoe_softc *sc; 579 const char *err_msg; 580 char devname[IF_NAMESIZE]; 581 char *error; 582 size_t dlen; 583 uint8_t *ac_cookie; 584 size_t ac_cookie_len; 585 uint8_t *relay_sid; 586 size_t relay_sid_len; 587 uint8_t *hunique; 588 size_t hunique_len; 589 struct pppoehdr *ph; 590 struct pppoetag *pt; 591 struct mbuf *n; 592 int noff, err, errortag; 593 struct ether_header *eh; 594 struct ifnet *rcvif; 595 struct psref psref; 596 597 if (m->m_len < sizeof(*eh)) { 598 m = m_pullup(m, sizeof(*eh)); 599 if (m == NULL) 600 goto done; 601 } 602 eh = mtod(m, struct ether_header *); 603 off += sizeof(*eh); 604 605 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 606 goto done; 607 } 608 609 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 610 if (ph == NULL) { 611 goto done; 612 } 613 if (ph->vertype != PPPOE_VERTYPE) { 614 goto done; 615 } 616 617 ac_cookie = NULL; 618 ac_cookie_len = 0; 619 relay_sid = NULL; 620 relay_sid_len = 0; 621 hunique = NULL; 622 hunique_len = 0; 623 624 session = ntohs(ph->session); 625 plen = ntohs(ph->plen); 626 off += sizeof(*ph); 627 628 if (plen + off > m->m_pkthdr.len) { 629 goto done; 630 } 631 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 632 633 tag = 0; 634 len = 0; 635 sc = NULL; 636 err_msg = NULL; 637 errortag = 0; 638 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 639 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 640 if (pt == NULL) { 641 goto done; 642 } 643 644 tag = ntohs(pt->tag); 645 len = ntohs(pt->len); 646 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 647 goto done; 648 } 649 switch (tag) { 650 case PPPOE_TAG_EOL: 651 goto breakbreak; 652 case PPPOE_TAG_SNAME: 653 break; /* ignored */ 654 case PPPOE_TAG_ACNAME: 655 if (len > 0) { 656 dlen = 4 * len + 1; 657 error = malloc(dlen, M_TEMP, M_NOWAIT); 658 if (error == NULL) 659 break; 660 661 n = m_pulldown(m, off + sizeof(*pt), len, 662 &noff); 663 if (!n) { 664 m = NULL; 665 free(error, M_TEMP); 666 goto done; 667 } 668 669 strnvisx(error, dlen, 670 mtod(n, char*) + noff, len, 671 VIS_SAFE | VIS_OCTAL); 672 printf("pppoe: connected to %s\n", error); 673 free(error, M_TEMP); 674 } 675 break; /* ignored */ 676 case PPPOE_TAG_HUNIQUE: 677 if (hunique == NULL) { 678 n = m_pulldown(m, off + sizeof(*pt), len, 679 &noff); 680 if (!n) { 681 m = NULL; 682 err_msg = "TAG HUNIQUE ERROR"; 683 break; 684 } 685 686 hunique = mtod(n, uint8_t *) + noff; 687 hunique_len = len; 688 } 689 break; 690 case PPPOE_TAG_ACCOOKIE: 691 if (ac_cookie == NULL) { 692 n = m_pulldown(m, off + sizeof(*pt), len, 693 &noff); 694 if (!n) { 695 err_msg = "TAG ACCOOKIE ERROR"; 696 m = NULL; 697 break; 698 } 699 ac_cookie = mtod(n, char *) + noff; 700 ac_cookie_len = len; 701 } 702 break; 703 case PPPOE_TAG_RELAYSID: 704 if (relay_sid == NULL) { 705 n = m_pulldown(m, off + sizeof(*pt), len, 706 &noff); 707 if (!n) { 708 err_msg = "TAG RELAYSID ERROR"; 709 m = NULL; 710 break; 711 } 712 relay_sid = mtod(n, char *) + noff; 713 relay_sid_len = len; 714 } 715 break; 716 case PPPOE_TAG_SNAME_ERR: 717 err_msg = "SERVICE NAME ERROR"; 718 errortag = 1; 719 break; 720 case PPPOE_TAG_ACSYS_ERR: 721 err_msg = "AC SYSTEM ERROR"; 722 errortag = 1; 723 break; 724 case PPPOE_TAG_GENERIC_ERR: 725 err_msg = "GENERIC ERROR"; 726 errortag = 1; 727 break; 728 } 729 if (err_msg) { 730 error = NULL; 731 if (errortag && len) { 732 dlen = 4 * len + 1; 733 error = malloc(dlen, M_TEMP, 734 M_NOWAIT|M_ZERO); 735 n = m_pulldown(m, off + sizeof(*pt), len, 736 &noff); 737 if (!n) { 738 m = NULL; 739 } else if (error) { 740 strnvisx(error, dlen, 741 mtod(n, char*) + noff, len, 742 VIS_SAFE | VIS_OCTAL); 743 } 744 } 745 if (error) { 746 printf("pppoe: %s: %s\n", err_msg, error); 747 free(error, M_TEMP); 748 } else 749 printf("pppoe: %s\n", err_msg); 750 if (errortag || m == NULL) 751 goto done; 752 } 753 off += sizeof(*pt) + len; 754 } 755breakbreak:; 756 757 switch (ph->code) { 758 case PPPOE_CODE_PADI: 759#ifdef PPPOE_SERVER 760 /* 761 * got service name, concentrator name, and/or host unique. 762 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 763 */ 764 rw_enter(&pppoe_softc_list_lock, RW_READER); 765 if (LIST_EMPTY(&pppoe_softc_list)) { 766 rw_exit(&pppoe_softc_list_lock); 767 goto done; 768 } 769 770 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 771 PPPOE_LOCK(sc, RW_WRITER); 772 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 773 PPPOE_UNLOCK(sc); 774 continue; 775 } 776 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 777 PPPOE_UNLOCK(sc); 778 continue; 779 } 780 781 if (sc->sc_state == PPPOE_STATE_INITIAL) 782 break; 783 784 PPPOE_UNLOCK(sc); 785 } 786 rw_exit(&pppoe_softc_list_lock); 787 788 if (sc == NULL) { 789 goto done; 790 } 791 792 if (hunique) { 793 if (sc->sc_hunique) 794 free(sc->sc_hunique, M_DEVBUF); 795 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 796 M_DONTWAIT); 797 if (sc->sc_hunique == NULL) { 798 PPPOE_UNLOCK(sc); 799 goto done; 800 } 801 sc->sc_hunique_len = hunique_len; 802 memcpy(sc->sc_hunique, hunique, hunique_len); 803 } 804 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 805 sc->sc_state = PPPOE_STATE_PADO_SENT; 806 pppoe_send_pado(sc); 807 PPPOE_UNLOCK(sc); 808 break; 809#endif /* PPPOE_SERVER */ 810 811 case PPPOE_CODE_PADR: 812#ifdef PPPOE_SERVER 813 /* 814 * get sc from ac_cookie if IFF_PASSIVE 815 */ 816 if (ac_cookie == NULL) { 817 goto done; 818 } 819 820 rcvif = m_get_rcvif_psref(m, &psref); 821 if (__predict_true(rcvif != NULL)) { 822 sc = pppoe_find_softc_by_hunique(ac_cookie, 823 ac_cookie_len, rcvif, RW_WRITER); 824 } 825 m_put_rcvif_psref(rcvif, &psref); 826 if (sc == NULL) { 827 /* be quiet if there is not a single pppoe instance */ 828 rw_enter(&pppoe_softc_list_lock, RW_READER); 829 if (!LIST_EMPTY(&pppoe_softc_list)) { 830 printf("pppoe: received PADR" 831 " but could not find request for it\n"); 832 } 833 rw_exit(&pppoe_softc_list_lock); 834 goto done; 835 } 836 837 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 838 printf("%s: received unexpected PADR\n", 839 sc->sc_sppp.pp_if.if_xname); 840 PPPOE_UNLOCK(sc); 841 goto done; 842 } 843 844 if (hunique) { 845 if (sc->sc_hunique) 846 free(sc->sc_hunique, M_DEVBUF); 847 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 848 M_DONTWAIT); 849 if (sc->sc_hunique == NULL) { 850 PPPOE_UNLOCK(sc); 851 goto done; 852 } 853 sc->sc_hunique_len = hunique_len; 854 memcpy(sc->sc_hunique, hunique, hunique_len); 855 } 856 pppoe_send_pads(sc); 857 sc->sc_state = PPPOE_STATE_SESSION; 858 PPPOE_UNLOCK(sc); 859 860 sc->sc_sppp.pp_up(&sc->sc_sppp); 861 break; 862#else 863 /* ignore, we are no access concentrator */ 864 goto done; 865#endif /* PPPOE_SERVER */ 866 867 case PPPOE_CODE_PADO: 868 rcvif = m_get_rcvif_psref(m, &psref); 869 if (__predict_false(rcvif == NULL)) 870 goto done; 871 872 if (hunique != NULL) { 873 sc = pppoe_find_softc_by_hunique(hunique, 874 hunique_len, rcvif, RW_WRITER); 875 } 876 877 m_put_rcvif_psref(rcvif, &psref); 878 879 if (sc == NULL) { 880 /* be quiet if there is not a single pppoe instance */ 881 rw_enter(&pppoe_softc_list_lock, RW_READER); 882 if (!LIST_EMPTY(&pppoe_softc_list)) { 883 printf("pppoe: received PADO" 884 " but could not find request for it\n"); 885 } 886 rw_exit(&pppoe_softc_list_lock); 887 goto done; 888 } 889 890 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 891 printf("%s: received unexpected PADO\n", 892 sc->sc_sppp.pp_if.if_xname); 893 PPPOE_UNLOCK(sc); 894 goto done; 895 } 896 897 if (ac_cookie) { 898 if (sc->sc_ac_cookie) 899 free(sc->sc_ac_cookie, M_DEVBUF); 900 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 901 M_DONTWAIT); 902 if (sc->sc_ac_cookie == NULL) { 903 printf("%s: FATAL: could not allocate memory " 904 "for AC cookie\n", 905 sc->sc_sppp.pp_if.if_xname); 906 PPPOE_UNLOCK(sc); 907 goto done; 908 } 909 sc->sc_ac_cookie_len = ac_cookie_len; 910 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 911 } 912 if (relay_sid) { 913 if (sc->sc_relay_sid) 914 free(sc->sc_relay_sid, M_DEVBUF); 915 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 916 M_DONTWAIT); 917 if (sc->sc_relay_sid == NULL) { 918 printf("%s: FATAL: could not allocate memory " 919 "for relay SID\n", 920 sc->sc_sppp.pp_if.if_xname); 921 PPPOE_UNLOCK(sc); 922 goto done; 923 } 924 sc->sc_relay_sid_len = relay_sid_len; 925 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 926 } 927 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 928 callout_stop(&sc->sc_timeout); 929 sc->sc_padr_retried = 0; 930 sc->sc_state = PPPOE_STATE_PADR_SENT; 931 if ((err = pppoe_send_padr(sc)) != 0) { 932 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 933 printf("%s: failed to send PADR, " 934 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 935 err); 936 } 937 callout_schedule(&sc->sc_timeout, 938 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 939 940 PPPOE_UNLOCK(sc); 941 break; 942 943 case PPPOE_CODE_PADS: 944 rcvif = m_get_rcvif_psref(m, &psref); 945 if (__predict_false(rcvif == NULL)) 946 goto done; 947 948 if (hunique != NULL) { 949 sc = pppoe_find_softc_by_hunique(hunique, 950 hunique_len, rcvif, RW_WRITER); 951 } 952 953 m_put_rcvif_psref(rcvif, &psref); 954 955 if (sc == NULL) 956 goto done; 957 958 sc->sc_session = session; 959 callout_stop(&sc->sc_timeout); 960 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 961 printf("%s: session 0x%x connected\n", 962 sc->sc_sppp.pp_if.if_xname, session); 963 sc->sc_state = PPPOE_STATE_SESSION; 964 PPPOE_UNLOCK(sc); 965 966 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 967 break; 968 969 case PPPOE_CODE_PADT: 970 rcvif = m_get_rcvif_psref(m, &psref); 971 if (__predict_false(rcvif == NULL)) 972 goto done; 973 974 sc = pppoe_find_softc_by_session(session, rcvif, 975 RW_WRITER); 976 977 m_put_rcvif_psref(rcvif, &psref); 978 979 if (sc == NULL) 980 goto done; 981 982 pppoe_clear_softc(sc, "received PADT"); 983 PPPOE_UNLOCK(sc); 984 break; 985 986 default: 987 rcvif = m_get_rcvif_psref(m, &psref); 988 if (__predict_false(rcvif == NULL)) 989 goto done; 990 991 if (hunique != NULL) { 992 sc = pppoe_find_softc_by_hunique(hunique, 993 hunique_len, rcvif, RW_READER); 994 } 995 996 m_put_rcvif_psref(rcvif, &psref); 997 998 if (sc != NULL) { 999 strlcpy(devname, sc->sc_sppp.pp_if.if_xname, 1000 sizeof(devname)); 1001 PPPOE_UNLOCK(sc); 1002 } else 1003 strlcpy(devname, "pppoe", sizeof(devname)); 1004 1005 printf("%s: unknown code (0x%04x) session = 0x%04x\n", 1006 devname, ph->code, session); 1007 break; 1008 } 1009 1010done: 1011 if (m) 1012 m_freem(m); 1013 return; 1014} 1015 1016static void 1017pppoe_disc_input(struct mbuf *m) 1018{ 1019 KASSERT(m->m_flags & M_PKTHDR); 1020 1021 /* 1022 * Avoid error messages if there is not a single PPPoE instance. 1023 */ 1024 rw_enter(&pppoe_softc_list_lock, RW_READER); 1025 if (!LIST_EMPTY(&pppoe_softc_list)) { 1026 rw_exit(&pppoe_softc_list_lock); 1027 pppoe_dispatch_disc_pkt(m, 0); 1028 } else { 1029 rw_exit(&pppoe_softc_list_lock); 1030 m_freem(m); 1031 } 1032} 1033 1034static bool 1035pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1036{ 1037 1038 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1039 return true; 1040 1041 return false; 1042} 1043 1044static void 1045pppoe_data_input(struct mbuf *m) 1046{ 1047 uint16_t session, plen; 1048 struct pppoe_softc *sc; 1049 struct pppoehdr *ph; 1050 struct ifnet *rcvif; 1051 struct psref psref; 1052 uint8_t shost[ETHER_ADDR_LEN]; 1053 uint8_t dhost[ETHER_ADDR_LEN]; 1054 bool term_unknown = pppoe_term_unknown; 1055 1056 KASSERT(m->m_flags & M_PKTHDR); 1057 1058 /* 1059 * Avoid error messages if there is not a single PPPoE instance. 1060 */ 1061 rw_enter(&pppoe_softc_list_lock, RW_READER); 1062 if (LIST_EMPTY(&pppoe_softc_list)) { 1063 rw_exit(&pppoe_softc_list_lock); 1064 goto drop; 1065 } 1066 rw_exit(&pppoe_softc_list_lock); 1067 1068 if (term_unknown) { 1069 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1070 ETHER_ADDR_LEN); 1071 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1072 ETHER_ADDR_LEN); 1073 } 1074 m_adj(m, sizeof(struct ether_header)); 1075 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1076 goto drop; 1077 } 1078 1079 if (m->m_len < sizeof(*ph)) { 1080 m = m_pullup(m, sizeof(*ph)); 1081 if (m == NULL) { 1082 return; 1083 } 1084 } 1085 ph = mtod(m, struct pppoehdr *); 1086 1087 if (ph->vertype != PPPOE_VERTYPE) { 1088 goto drop; 1089 } 1090 if (ph->code != 0) { 1091 goto drop; 1092 } 1093 1094 session = ntohs(ph->session); 1095 rcvif = m_get_rcvif_psref(m, &psref); 1096 if (__predict_false(rcvif == NULL)) 1097 goto drop; 1098 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1099 if (sc == NULL) { 1100 if (term_unknown) { 1101 static struct timeval lasttime = {0, 0}; 1102 static int curpps = 0; 1103 /* 1104 * avoid to send wrong PADT which is response from 1105 * session stage packets for other hosts when parent 1106 * ethernet is promiscuous mode. 1107 */ 1108 if (pppoe_is_my_frame(dhost, rcvif) && 1109 ppsratecheck(&lasttime, &curpps, 1110 pppoe_term_unknown_pps)) { 1111 printf("pppoe: input for unknown session %#x, " 1112 "sending PADT\n", session); 1113 pppoe_send_padt(rcvif, session, shost); 1114 } 1115 } 1116 m_put_rcvif_psref(rcvif, &psref); 1117 goto drop; 1118 } 1119 1120 m_put_rcvif_psref(rcvif, &psref); 1121 1122 plen = ntohs(ph->plen); 1123 1124 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1125 1126 m_adj(m, PPPOE_HEADERLEN); 1127 1128#ifdef PPPOE_DEBUG 1129 { 1130 struct mbuf *p; 1131 1132 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1133 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1134 p = m; 1135 while (p) { 1136 printf(" l=%d", p->m_len); 1137 p = p->m_next; 1138 } 1139 printf("\n"); 1140 } 1141#endif 1142 PPPOE_UNLOCK(sc); 1143 1144 if (m->m_pkthdr.len < plen) 1145 goto drop; 1146 1147 /* 1148 * Fix incoming interface pointer (not the raw ethernet interface 1149 * anymore) 1150 */ 1151 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1152 1153 /* pass packet up and account for it */ 1154 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1155 sppp_input(&sc->sc_sppp.pp_if, m); 1156 return; 1157 1158drop: 1159 m_freem(m); 1160} 1161 1162static int 1163pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1164{ 1165 struct sockaddr dst; 1166 struct ether_header *eh; 1167 uint16_t etype; 1168 1169 if (sc->sc_eth_if == NULL) { 1170 m_freem(m); 1171 return EIO; 1172 } 1173 1174 memset(&dst, 0, sizeof dst); 1175 dst.sa_family = AF_UNSPEC; 1176 eh = (struct ether_header*)&dst.sa_data; 1177 etype = sc->sc_state == PPPOE_STATE_SESSION 1178 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1179 eh->ether_type = htons(etype); 1180 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1181 1182#ifdef PPPOE_DEBUG 1183 printf("%s (%x) state=%d, session=0x%x output -> %s, len=%d\n", 1184 sc->sc_sppp.pp_if.if_xname, etype, 1185 sc->sc_state, sc->sc_session, 1186 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1187#endif 1188 1189 m->m_flags &= ~(M_BCAST|M_MCAST); 1190 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1191 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1192} 1193 1194static int 1195pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1196{ 1197 struct lwp *l = curlwp; /* XXX */ 1198 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1199 struct ifreq *ifr = data; 1200 int error = 0; 1201 1202 switch (cmd) { 1203 case PPPOESETPARMS: 1204 { 1205 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1206 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1207 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1208 NULL) != 0) 1209 return EPERM; 1210 if (parms->eth_ifname[0] != 0) { 1211 struct ifnet *eth_if; 1212 1213 PPPOE_LOCK(sc, RW_WRITER); 1214 eth_if = ifunit(parms->eth_ifname); 1215 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1216 sc->sc_eth_if = NULL; 1217 PPPOE_UNLOCK(sc); 1218 return ENXIO; 1219 } 1220 1221 if (sc->sc_sppp.pp_if.if_mtu != 1222 eth_if->if_mtu - PPPOE_OVERHEAD) { 1223 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1224 PPPOE_OVERHEAD; 1225 } 1226 sc->sc_eth_if = eth_if; 1227 PPPOE_UNLOCK(sc); 1228 } 1229 if (parms->ac_name != NULL) { 1230 size_t s; 1231 char *b = malloc(parms->ac_name_len + 1, M_DEVBUF, 1232 M_WAITOK); 1233 if (b == NULL) 1234 return ENOMEM; 1235 error = copyinstr(parms->ac_name, b, 1236 parms->ac_name_len+1, &s); 1237 if (error != 0) { 1238 free(b, M_DEVBUF); 1239 return error; 1240 } 1241 if (s != parms->ac_name_len+1) { 1242 free(b, M_DEVBUF); 1243 return EINVAL; 1244 } 1245 1246 PPPOE_LOCK(sc, RW_WRITER); 1247 if (sc->sc_concentrator_name) 1248 free(sc->sc_concentrator_name, M_DEVBUF); 1249 sc->sc_concentrator_name = b; 1250 PPPOE_UNLOCK(sc); 1251 } else { 1252 if (sc->sc_concentrator_name) 1253 free(sc->sc_concentrator_name, M_DEVBUF); 1254 sc->sc_concentrator_name = NULL; 1255 } 1256 if (parms->service_name != NULL) { 1257 size_t s; 1258 char *b = malloc(parms->service_name_len + 1, M_DEVBUF, 1259 M_WAITOK); 1260 if (b == NULL) 1261 return ENOMEM; 1262 error = copyinstr(parms->service_name, b, 1263 parms->service_name_len+1, &s); 1264 if (error != 0) { 1265 free(b, M_DEVBUF); 1266 return error; 1267 } 1268 if (s != parms->service_name_len+1) { 1269 free(b, M_DEVBUF); 1270 return EINVAL; 1271 } 1272 1273 PPPOE_LOCK(sc, RW_WRITER); 1274 if (sc->sc_service_name) 1275 free(sc->sc_service_name, M_DEVBUF); 1276 sc->sc_service_name = b; 1277 PPPOE_UNLOCK(sc); 1278 } else { 1279 if (sc->sc_service_name) 1280 free(sc->sc_service_name, M_DEVBUF); 1281 sc->sc_service_name = NULL; 1282 } 1283 return 0; 1284 } 1285 break; 1286 case PPPOEGETPARMS: 1287 { 1288 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1289 memset(parms, 0, sizeof *parms); 1290 PPPOE_LOCK(sc, RW_READER); 1291 if (sc->sc_eth_if) 1292 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1293 sizeof(parms->ifname)); 1294 PPPOE_UNLOCK(sc); 1295 return 0; 1296 } 1297 break; 1298 case PPPOEGETSESSION: 1299 { 1300 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1301 PPPOE_LOCK(sc, RW_READER); 1302 state->state = sc->sc_state; 1303 state->session_id = sc->sc_session; 1304 state->padi_retry_no = sc->sc_padi_retried; 1305 state->padr_retry_no = sc->sc_padr_retried; 1306 PPPOE_UNLOCK(sc); 1307 return 0; 1308 } 1309 break; 1310 case SIOCSIFFLAGS: 1311 /* 1312 * Prevent running re-establishment timers overriding 1313 * administrators choice. 1314 */ 1315 PPPOE_LOCK(sc, RW_WRITER); 1316 1317 if ((ifr->ifr_flags & IFF_UP) == 0 1318 && sc->sc_state >= PPPOE_STATE_PADI_SENT 1319 && sc->sc_state < PPPOE_STATE_SESSION) { 1320 callout_stop(&sc->sc_timeout); 1321 sc->sc_state = PPPOE_STATE_INITIAL; 1322 sc->sc_padi_retried = 0; 1323 sc->sc_padr_retried = 0; 1324 memcpy(&sc->sc_dest, etherbroadcastaddr, 1325 sizeof(sc->sc_dest)); 1326 } 1327 1328 PPPOE_UNLOCK(sc); 1329 1330 error = sppp_ioctl(ifp, cmd, data); 1331 1332 return error; 1333 case SIOCSIFMTU: 1334 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1335 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1336 return EINVAL; 1337 } 1338 /*FALLTHROUGH*/ 1339 default: 1340 return sppp_ioctl(ifp, cmd, data); 1341 } 1342 return 0; 1343} 1344 1345/* 1346 * Allocate a mbuf/cluster with space to store the given data length 1347 * of payload, leaving space for prepending an ethernet header 1348 * in front. 1349 */ 1350static struct mbuf * 1351pppoe_get_mbuf(size_t len) 1352{ 1353 struct mbuf *m; 1354 1355 MGETHDR(m, M_DONTWAIT, MT_DATA); 1356 if (m == NULL) 1357 return NULL; 1358 if (len + sizeof(struct ether_header) > MHLEN) { 1359 MCLGET(m, M_DONTWAIT); 1360 if ((m->m_flags & M_EXT) == 0) { 1361 m_free(m); 1362 return NULL; 1363 } 1364 } 1365 m->m_data += sizeof(struct ether_header); 1366 m->m_len = len; 1367 m->m_pkthdr.len = len; 1368 m_reset_rcvif(m); 1369 1370 return m; 1371} 1372 1373static int 1374pppoe_send_padi(struct pppoe_softc *sc) 1375{ 1376 struct mbuf *m0; 1377 int len, l1 = 0, l2 = 0; 1378 uint8_t *p; 1379 1380 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1381 panic("pppoe_send_padi in state %d", sc->sc_state); 1382 1383 /* Compute packet length. */ 1384 len = sizeof(struct pppoetag); 1385 if (sc->sc_service_name != NULL) { 1386 l1 = strlen(sc->sc_service_name); 1387 len += l1; 1388 } 1389 if (sc->sc_concentrator_name != NULL) { 1390 l2 = strlen(sc->sc_concentrator_name); 1391 len += sizeof(struct pppoetag) + l2; 1392 } 1393 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1394 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1395 len += sizeof(struct pppoetag) + 2; 1396 } 1397 1398 /* Allocate packet. */ 1399 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1400 if (m0 == NULL) 1401 return ENOBUFS; 1402 1403 /* Fill in packet. */ 1404 p = mtod(m0, uint8_t *); 1405 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1406 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1407 if (sc->sc_service_name != NULL) { 1408 PPPOE_ADD_16(p, l1); 1409 memcpy(p, sc->sc_service_name, l1); 1410 p += l1; 1411 } else { 1412 PPPOE_ADD_16(p, 0); 1413 } 1414 if (sc->sc_concentrator_name != NULL) { 1415 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1416 PPPOE_ADD_16(p, l2); 1417 memcpy(p, sc->sc_concentrator_name, l2); 1418 p += l2; 1419 } 1420 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1421 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1422 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1423 p += sizeof(sc->sc_id); 1424 1425 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1426 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1427 PPPOE_ADD_16(p, 2); 1428 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1429 } 1430 1431#ifdef PPPOE_DEBUG 1432 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1433 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1434 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1435#endif 1436 1437 /* Send packet. */ 1438 return pppoe_output(sc, m0); 1439} 1440 1441static void 1442pppoe_timeout_co(void *arg) 1443{ 1444 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1445 1446 if (atomic_swap_uint(&sc->sc_timeout_scheduled, 1) != 0) 1447 return; 1448 1449 workqueue_enqueue(sc->sc_timeout_wq, &sc->sc_timeout_wk, NULL); 1450} 1451 1452static void 1453pppoe_timeout_co_halt(void *unused __unused) 1454{ 1455 1456 /* do nothing to halt callout safely */ 1457} 1458 1459static void 1460pppoe_timeout_wk(struct work *wk __unused, void *arg) 1461{ 1462 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1463 1464 atomic_swap_uint(&sc->sc_timeout_scheduled, 0); 1465 pppoe_timeout(sc); 1466} 1467 1468static void 1469pppoe_timeout(struct pppoe_softc *sc) 1470{ 1471 int retry_wait, err; 1472 DECLARE_SPLNET_VARIABLE; 1473 1474#ifdef PPPOE_DEBUG 1475 printf("%s: timeout\n", sc->sc_sppp.pp_if.if_xname); 1476#endif 1477 1478 PPPOE_LOCK(sc, RW_WRITER); 1479 switch (sc->sc_state) { 1480 case PPPOE_STATE_INITIAL: 1481 /* delayed connect from pppoe_tls() */ 1482 pppoe_connect(sc); 1483 break; 1484 case PPPOE_STATE_PADI_SENT: 1485 /* 1486 * We have two basic ways of retrying: 1487 * - Quick retry mode: try a few times in short sequence 1488 * - Slow retry mode: we already had a connection successfully 1489 * established and will try infinitely (without user 1490 * intervention) 1491 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1492 * is not set. 1493 */ 1494 1495 /* initialize for quick retry mode */ 1496 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1497 1498 ACQUIRE_SPLNET(); 1499 sc->sc_padi_retried++; 1500 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1501 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1502 /* slow retry mode */ 1503 retry_wait = PPPOE_SLOW_RETRY; 1504 } else { 1505 pppoe_abort_connect(sc); 1506 RELEASE_SPLNET(); 1507 PPPOE_UNLOCK(sc); 1508 return; 1509 } 1510 } 1511 if ((err = pppoe_send_padi(sc)) != 0) { 1512 sc->sc_padi_retried--; 1513 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1514 printf("%s: failed to transmit PADI, " 1515 "error=%d\n", 1516 sc->sc_sppp.pp_if.if_xname, err); 1517 } 1518 callout_schedule(&sc->sc_timeout,retry_wait); 1519 RELEASE_SPLNET(); 1520 break; 1521 1522 case PPPOE_STATE_PADR_SENT: 1523 ACQUIRE_SPLNET(); 1524 sc->sc_padr_retried++; 1525 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1526 memcpy(&sc->sc_dest, etherbroadcastaddr, 1527 sizeof(sc->sc_dest)); 1528 sc->sc_state = PPPOE_STATE_PADI_SENT; 1529 sc->sc_padr_retried = 0; 1530 if ((err = pppoe_send_padi(sc)) != 0) { 1531 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1532 printf("%s: failed to send PADI" 1533 ", error=%d\n", 1534 sc->sc_sppp.pp_if.if_xname, err); 1535 } 1536 callout_schedule(&sc->sc_timeout, 1537 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1538 RELEASE_SPLNET(); 1539 PPPOE_UNLOCK(sc); 1540 return; 1541 } 1542 if ((err = pppoe_send_padr(sc)) != 0) { 1543 sc->sc_padr_retried--; 1544 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1545 printf("%s: failed to send PADR, " 1546 "error=%d\n", sc->sc_sppp.pp_if.if_xname, 1547 err); 1548 } 1549 callout_schedule(&sc->sc_timeout, 1550 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1551 RELEASE_SPLNET(); 1552 break; 1553 case PPPOE_STATE_CLOSING: 1554 pppoe_disconnect(sc); 1555 break; 1556 default: 1557 PPPOE_UNLOCK(sc); 1558 return; /* all done, work in peace */ 1559 } 1560 PPPOE_UNLOCK(sc); 1561} 1562 1563/* Start a connection (i.e. initiate discovery phase) */ 1564static int 1565pppoe_connect(struct pppoe_softc *sc) 1566{ 1567 int err; 1568 DECLARE_SPLNET_VARIABLE; 1569 1570 KASSERT(PPPOE_WLOCKED(sc)); 1571 1572 if (sc->sc_state != PPPOE_STATE_INITIAL) 1573 return EBUSY; 1574 1575#ifdef PPPOE_SERVER 1576 /* wait PADI if IFF_PASSIVE */ 1577 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1578 return 0; 1579#endif 1580 ACQUIRE_SPLNET(); 1581 /* save state, in case we fail to send PADI */ 1582 sc->sc_state = PPPOE_STATE_PADI_SENT; 1583 sc->sc_padr_retried = 0; 1584 err = pppoe_send_padi(sc); 1585 if (err != 0 && sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1586 printf("%s: failed to send PADI, error=%d\n", 1587 sc->sc_sppp.pp_if.if_xname, err); 1588 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1589 RELEASE_SPLNET(); 1590 return err; 1591} 1592 1593/* disconnect */ 1594static int 1595pppoe_disconnect(struct pppoe_softc *sc) 1596{ 1597 int err; 1598 DECLARE_SPLNET_VARIABLE; 1599 1600 KASSERT(PPPOE_WLOCKED(sc)); 1601 1602 ACQUIRE_SPLNET(); 1603 1604 if (sc->sc_state < PPPOE_STATE_SESSION) 1605 err = EBUSY; 1606 else { 1607 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 1608 printf("%s: disconnecting\n", 1609 sc->sc_sppp.pp_if.if_xname); 1610 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1611 (const uint8_t *)&sc->sc_dest); 1612 } 1613 1614 /* cleanup softc */ 1615 sc->sc_state = PPPOE_STATE_INITIAL; 1616 1617 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1618 if (sc->sc_ac_cookie) { 1619 free(sc->sc_ac_cookie, M_DEVBUF); 1620 sc->sc_ac_cookie = NULL; 1621 } 1622 sc->sc_ac_cookie_len = 0; 1623 if (sc->sc_relay_sid) { 1624 free(sc->sc_relay_sid, M_DEVBUF); 1625 sc->sc_relay_sid = NULL; 1626 } 1627 sc->sc_relay_sid_len = 0; 1628#ifdef PPPOE_SERVER 1629 if (sc->sc_hunique) { 1630 free(sc->sc_hunique, M_DEVBUF); 1631 sc->sc_hunique = NULL; 1632 } 1633 sc->sc_hunique_len = 0; 1634#endif 1635 sc->sc_session = 0; 1636 1637 PPPOE_UNLOCK(sc); 1638 1639 /* notify upper layer */ 1640 sc->sc_sppp.pp_down(&sc->sc_sppp); 1641 1642 PPPOE_LOCK(sc, RW_WRITER); 1643 1644 RELEASE_SPLNET(); 1645 return err; 1646} 1647 1648/* Connection attempt aborted */ 1649static void 1650pppoe_abort_connect(struct pppoe_softc *sc) 1651{ 1652 KASSERT(PPPOE_WLOCKED(sc)); 1653 1654 printf("%s: could not establish connection\n", 1655 sc->sc_sppp.pp_if.if_xname); 1656 sc->sc_state = PPPOE_STATE_CLOSING; 1657 1658 PPPOE_UNLOCK(sc); 1659 1660 /* notify upper layer */ 1661 sc->sc_sppp.pp_down(&sc->sc_sppp); 1662 1663 PPPOE_LOCK(sc, RW_WRITER); 1664 1665 /* clear connection state */ 1666 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1667 sc->sc_state = PPPOE_STATE_INITIAL; 1668} 1669 1670static int 1671pppoe_send_padr(struct pppoe_softc *sc) 1672{ 1673 struct mbuf *m0; 1674 uint8_t *p; 1675 size_t len, l1 = 0; 1676 1677 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1678 return EIO; 1679 1680 /* Compute packet length. */ 1681 len = sizeof(struct pppoetag); 1682 if (sc->sc_service_name != NULL) { 1683 l1 = strlen(sc->sc_service_name); 1684 len += l1; 1685 } 1686 if (sc->sc_ac_cookie_len > 0) { 1687 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1688 } 1689 if (sc->sc_relay_sid_len > 0) { 1690 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1691 } 1692 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1693 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1694 len += sizeof(struct pppoetag) + 2; 1695 } 1696 1697 /* Allocate packet. */ 1698 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1699 if (m0 == NULL) 1700 return ENOBUFS; 1701 1702 /* Fill in packet. */ 1703 p = mtod(m0, uint8_t *); 1704 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1705 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1706 if (sc->sc_service_name != NULL) { 1707 PPPOE_ADD_16(p, l1); 1708 memcpy(p, sc->sc_service_name, l1); 1709 p += l1; 1710 } else { 1711 PPPOE_ADD_16(p, 0); 1712 } 1713 if (sc->sc_ac_cookie_len > 0) { 1714 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1715 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1716 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1717 p += sc->sc_ac_cookie_len; 1718 } 1719 if (sc->sc_relay_sid_len > 0) { 1720 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1721 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1722 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1723 p += sc->sc_relay_sid_len; 1724 } 1725 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1726 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1727 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1728 p += sizeof(sc->sc_id); 1729 1730 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1731 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1732 PPPOE_ADD_16(p, 2); 1733 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1734 } 1735 1736#ifdef PPPOE_DEBUG 1737 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1738 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1739 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1740#endif 1741 1742 /* Send packet. */ 1743 return pppoe_output(sc, m0); 1744} 1745 1746/* send a PADT packet */ 1747static int 1748pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1749{ 1750 struct ether_header *eh; 1751 struct sockaddr dst; 1752 struct mbuf *m0; 1753 uint8_t *p; 1754 1755 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1756 if (!m0) 1757 return EIO; 1758 p = mtod(m0, uint8_t *); 1759 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1760 1761 memset(&dst, 0, sizeof dst); 1762 dst.sa_family = AF_UNSPEC; 1763 eh = (struct ether_header*)&dst.sa_data; 1764 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1765 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1766 1767 m0->m_flags &= ~(M_BCAST|M_MCAST); 1768 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1769} 1770 1771#ifdef PPPOE_SERVER 1772static int 1773pppoe_send_pado(struct pppoe_softc *sc) 1774{ 1775 struct mbuf *m0; 1776 uint8_t *p; 1777 size_t len; 1778 1779 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1780 return EIO; 1781 1782 /* Include AC cookie. */ 1783 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1784 /* Include hunique. */ 1785 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1786 1787 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1788 if (!m0) 1789 return EIO; 1790 p = mtod(m0, uint8_t *); 1791 1792 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1793 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1794 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1795 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1796 p += sizeof(sc->sc_id); 1797 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1798 PPPOE_ADD_16(p, sc->sc_hunique_len); 1799 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1800 return pppoe_output(sc, m0); 1801} 1802 1803static int 1804pppoe_send_pads(struct pppoe_softc *sc) 1805{ 1806 struct bintime bt; 1807 struct mbuf *m0; 1808 uint8_t *p; 1809 size_t len, l1 = 0; /* XXX: gcc */ 1810 1811 KASSERT(PPPOE_WLOCKED(sc)); 1812 1813 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1814 return EIO; 1815 1816 getbinuptime(&bt); 1817 sc->sc_session = bt.sec % 0xff + 1; 1818 1819 /* Include service name. */ 1820 len = sizeof(struct pppoetag); 1821 if (sc->sc_service_name != NULL) { 1822 l1 = strlen(sc->sc_service_name); 1823 len += l1; 1824 } 1825 /* Include hunique. */ 1826 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1827 1828 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1829 if (!m0) 1830 return ENOBUFS; 1831 p = mtod(m0, uint8_t *); 1832 1833 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1834 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1835 if (sc->sc_service_name != NULL) { 1836 PPPOE_ADD_16(p, l1); 1837 memcpy(p, sc->sc_service_name, l1); 1838 p += l1; 1839 } else { 1840 PPPOE_ADD_16(p, 0); 1841 } 1842 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1843 PPPOE_ADD_16(p, sc->sc_hunique_len); 1844 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1845 return pppoe_output(sc, m0); 1846} 1847#endif 1848 1849static void 1850pppoe_tls(struct sppp *sp) 1851{ 1852 struct pppoe_softc *sc = (void *)sp; 1853 int wtime; 1854 1855 PPPOE_LOCK(sc, RW_READER); 1856 1857 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1858 PPPOE_UNLOCK(sc); 1859 return; 1860 } 1861 1862 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1863 sc->sc_sppp.pp_auth_failures > 0) { 1864 /* 1865 * Delay trying to reconnect a bit more - the peer 1866 * might have failed to contact its radius server. 1867 */ 1868 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1869 if (wtime > PPPOE_SLOW_RETRY) 1870 wtime = PPPOE_SLOW_RETRY; 1871 } else { 1872 wtime = PPPOE_RECON_IMMEDIATE; 1873 } 1874 callout_schedule(&sc->sc_timeout, wtime); 1875 1876 PPPOE_UNLOCK(sc); 1877} 1878 1879static void 1880pppoe_tlf(struct sppp *sp) 1881{ 1882 struct pppoe_softc *sc = (void *)sp; 1883 1884 PPPOE_LOCK(sc, RW_WRITER); 1885 1886 if (sc->sc_state < PPPOE_STATE_SESSION) { 1887 PPPOE_UNLOCK(sc); 1888 return; 1889 } 1890 /* 1891 * Do not call pppoe_disconnect here, the upper layer state 1892 * machine gets confused by this. We must return from this 1893 * function and defer disconnecting to the timeout handler. 1894 */ 1895 sc->sc_state = PPPOE_STATE_CLOSING; 1896 1897 callout_schedule(&sc->sc_timeout, hz/50); 1898 1899 PPPOE_UNLOCK(sc); 1900} 1901 1902static void 1903pppoe_start(struct ifnet *ifp) 1904{ 1905 struct pppoe_softc *sc = (void *)ifp; 1906 struct mbuf *m; 1907 uint8_t *p; 1908 size_t len; 1909 1910 if (sppp_isempty(ifp)) 1911 return; 1912 1913 /* are we ready to process data yet? */ 1914 PPPOE_LOCK(sc, RW_READER); 1915 if (sc->sc_state < PPPOE_STATE_SESSION) { 1916 sppp_flush(&sc->sc_sppp.pp_if); 1917 PPPOE_UNLOCK(sc); 1918 return; 1919 } 1920 1921 while ((m = sppp_dequeue(ifp)) != NULL) { 1922 len = m->m_pkthdr.len; 1923 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1924 if (m == NULL) { 1925 if_statinc(ifp, if_oerrors); 1926 continue; 1927 } 1928 p = mtod(m, uint8_t *); 1929 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1930 1931 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1932 1933 pppoe_output(sc, m); 1934 } 1935 PPPOE_UNLOCK(sc); 1936} 1937 1938#ifdef PPPOE_MPSAFE 1939static int 1940pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1941{ 1942 struct pppoe_softc *sc = (void *)ifp; 1943 uint8_t *p; 1944 size_t len; 1945 1946 if (m == NULL) 1947 return EINVAL; 1948 1949 /* are we ready to process data yet? */ 1950 PPPOE_LOCK(sc, RW_READER); 1951 if (sc->sc_state < PPPOE_STATE_SESSION) { 1952 PPPOE_UNLOCK(sc); 1953 m_freem(m); 1954 return ENOBUFS; 1955 } 1956 1957 len = m->m_pkthdr.len; 1958 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1959 if (m == NULL) { 1960 PPPOE_UNLOCK(sc); 1961 if_statinc(ifp, if_oerrors); 1962 return ENETDOWN; 1963 } 1964 p = mtod(m, uint8_t *); 1965 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1966 1967 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1968 1969 pppoe_output(sc, m); 1970 PPPOE_UNLOCK(sc); 1971 return 0; 1972} 1973#endif /* PPPOE_MPSAFE */ 1974 1975static void 1976pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 1977{ 1978 struct ifnet *ifp = arg2; 1979 struct pppoe_softc *sc; 1980 DECLARE_SPLNET_VARIABLE; 1981 1982 if (cmd != PFIL_IFNET_DETACH) 1983 return; 1984 1985 ACQUIRE_SPLNET(); 1986 rw_enter(&pppoe_softc_list_lock, RW_READER); 1987 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 1988 PPPOE_LOCK(sc, RW_WRITER); 1989 if (sc->sc_eth_if != ifp) { 1990 PPPOE_UNLOCK(sc); 1991 continue; 1992 } 1993 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 1994 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 1995 printf("%s: ethernet interface detached, going down\n", 1996 sc->sc_sppp.pp_if.if_xname); 1997 } 1998 sc->sc_eth_if = NULL; 1999 pppoe_clear_softc(sc, "ethernet interface detached"); 2000 PPPOE_UNLOCK(sc); 2001 } 2002 rw_exit(&pppoe_softc_list_lock); 2003 RELEASE_SPLNET(); 2004} 2005 2006static void 2007pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 2008{ 2009 KASSERT(PPPOE_WLOCKED(sc)); 2010 2011 /* stop timer */ 2012 callout_stop(&sc->sc_timeout); 2013 if (sc->sc_sppp.pp_if.if_flags & IFF_DEBUG) 2014 printf("%s: session 0x%x terminated, %s\n", 2015 sc->sc_sppp.pp_if.if_xname, sc->sc_session, message); 2016 2017 /* fix our state */ 2018 sc->sc_state = PPPOE_STATE_INITIAL; 2019 2020 PPPOE_UNLOCK(sc); 2021 2022 /* signal upper layer */ 2023 sc->sc_sppp.pp_down(&sc->sc_sppp); 2024 2025 PPPOE_LOCK(sc, RW_WRITER); 2026 2027 /* clean up softc */ 2028 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 2029 if (sc->sc_ac_cookie) { 2030 free(sc->sc_ac_cookie, M_DEVBUF); 2031 sc->sc_ac_cookie = NULL; 2032 } 2033 if (sc->sc_relay_sid) { 2034 free(sc->sc_relay_sid, M_DEVBUF); 2035 sc->sc_relay_sid = NULL; 2036 } 2037 sc->sc_ac_cookie_len = 0; 2038 sc->sc_session = 0; 2039} 2040 2041static void 2042pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2043{ 2044 if (m->m_flags & M_PROMISC) { 2045 m_freem(m); 2046 return; 2047 } 2048 2049#ifndef PPPOE_SERVER 2050 if (m->m_flags & (M_MCAST | M_BCAST)) { 2051 m_freem(m); 2052 return; 2053 } 2054#endif 2055 2056 IFQ_LOCK(inq); 2057 if (IF_QFULL(inq)) { 2058 IF_DROP(inq); 2059 IFQ_UNLOCK(inq); 2060 m_freem(m); 2061 } else { 2062 IF_ENQUEUE(inq, m); 2063 IFQ_UNLOCK(inq); 2064 softint_schedule(pppoe_softintr); 2065 } 2066 return; 2067} 2068 2069void 2070pppoe_input(struct ifnet *ifp, struct mbuf *m) 2071{ 2072 pppoe_enqueue(&ppoeinq, m); 2073 return; 2074} 2075 2076void 2077pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2078{ 2079 pppoe_enqueue(&ppoediscinq, m); 2080 return; 2081} 2082 2083static void 2084sysctl_net_pppoe_setup(struct sysctllog **clog) 2085{ 2086 const struct sysctlnode *node = NULL; 2087 2088 sysctl_createv(clog, 0, NULL, &node, 2089 CTLFLAG_PERMANENT, 2090 CTLTYPE_NODE, "pppoe", 2091 SYSCTL_DESCR("PPPOE protocol"), 2092 NULL, 0, NULL, 0, 2093 CTL_NET, CTL_CREATE, CTL_EOL); 2094 2095 if (node == NULL) 2096 return; 2097 2098 sysctl_createv(clog, 0, &node, NULL, 2099 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2100 CTLTYPE_BOOL, "term_unknown", 2101 SYSCTL_DESCR("Terminate unknown sessions"), 2102 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2103 CTL_CREATE, CTL_EOL); 2104} 2105 2106/* 2107 * Module infrastructure 2108 */ 2109#include "if_module.h" 2110 2111IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2112