if_pppoe.c revision 1.168
1/* $NetBSD: if_pppoe.c,v 1.168 2021/04/16 02:12:00 yamaguchi Exp $ */ 2 3/* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32#include <sys/cdefs.h> 33__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.168 2021/04/16 02:12:00 yamaguchi Exp $"); 34 35#ifdef _KERNEL_OPT 36#include "pppoe.h" 37#include "opt_pppoe.h" 38#include "opt_net_mpsafe.h" 39#endif 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/kernel.h> 44#include <sys/atomic.h> 45#include <sys/callout.h> 46#include <sys/malloc.h> 47#include <sys/mbuf.h> 48#include <sys/socket.h> 49#include <sys/proc.h> 50#include <sys/ioctl.h> 51#include <sys/kauth.h> 52#include <sys/intr.h> 53#include <sys/socketvar.h> 54#include <sys/device.h> 55#include <sys/module.h> 56#include <sys/sysctl.h> 57#include <sys/rwlock.h> 58#include <sys/mutex.h> 59#include <sys/psref.h> 60#include <sys/cprng.h> 61#include <sys/workqueue.h> 62 63#include <net/if.h> 64#include <net/if_types.h> 65#include <net/if_ether.h> 66#include <net/if_sppp.h> 67#include <net/if_spppvar.h> 68#include <net/if_pppoe.h> 69#include <net/if_dl.h> 70 71#include <net/bpf.h> 72 73#include "ioconf.h" 74 75#ifdef NET_MPSAFE 76#define PPPOE_MPSAFE 1 77#endif 78 79struct pppoehdr { 80 uint8_t vertype; 81 uint8_t code; 82 uint16_t session; 83 uint16_t plen; 84} __packed; 85 86struct pppoetag { 87 uint16_t tag; 88 uint16_t len; 89} __packed; 90 91#define PPPOE_HEADERLEN sizeof(struct pppoehdr) 92#define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 93#define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 94 95#define PPPOE_TAG_EOL 0x0000 /* end of list */ 96#define PPPOE_TAG_SNAME 0x0101 /* service name */ 97#define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 98#define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 99#define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 100#define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 101#define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 102#define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 103#define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 104#define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 105#define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 106 107#define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 108#define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 109#define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 110#define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 111#define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 112 113/* two byte PPP protocol discriminator, then IP data */ 114#define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 115 116/* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 117#define PPPOE_ADD_16(PTR, VAL) \ 118 *(PTR)++ = (VAL) / 256; \ 119 *(PTR)++ = (VAL) % 256 120 121/* Add a complete PPPoE header to the buffer pointed to by PTR */ 122#define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 123 *(PTR)++ = PPPOE_VERTYPE; \ 124 *(PTR)++ = (CODE); \ 125 PPPOE_ADD_16(PTR, SESS); \ 126 PPPOE_ADD_16(PTR, LEN) 127 128#define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 129#define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 130#define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 131#define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 132#define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 133#define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 134 135#ifdef PPPOE_SERVER 136/* from if_spppsubr.c */ 137#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 138#endif 139 140#define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 141#define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 142#define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 143 144#ifdef PPPOE_MPSAFE 145#define DECLARE_SPLNET_VARIABLE 146#define ACQUIRE_SPLNET() do { } while (0) 147#define RELEASE_SPLNET() do { } while (0) 148#else 149#define DECLARE_SPLNET_VARIABLE int __s 150#define ACQUIRE_SPLNET() do { \ 151 __s = splnet(); \ 152 } while (0) 153#define RELEASE_SPLNET() do { \ 154 splx(__s); \ 155 } while (0) 156#endif 157 158#ifdef PPPOE_DEBUG 159#define DPRINTF(_sc, _fmt, _arg...) pppoe_printf((_sc), (_fmt), ##_arg) 160#else 161#define DPRINTF(_sc, _fmt, _arg...) __nothing 162#endif 163 164struct pppoe_softc { 165 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 166 LIST_ENTRY(pppoe_softc) sc_list; 167 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 168 169 uint64_t sc_id; /* id of this softc, our hunique */ 170 int sc_state; /* discovery phase or session connected */ 171 struct ether_addr sc_dest; /* hardware address of concentrator */ 172 uint16_t sc_session; /* PPPoE session id */ 173 174 char *sc_service_name; /* if != NULL: requested name of service */ 175 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 176 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 177 size_t sc_ac_cookie_len; /* length of cookie data */ 178 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 179 size_t sc_relay_sid_len; /* length of relay SID data */ 180#ifdef PPPOE_SERVER 181 uint8_t *sc_hunique; /* content of host unique we must echo back */ 182 size_t sc_hunique_len; /* length of host unique */ 183#endif 184 callout_t sc_timeout; /* timeout while not in session state */ 185 struct workqueue *sc_timeout_wq; /* workqueue for timeout */ 186 struct work sc_timeout_wk; 187 u_int sc_timeout_scheduled; 188 int sc_padi_retried; /* number of PADI retries already done */ 189 int sc_padr_retried; /* number of PADR retries already done */ 190 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 191 bool sc_detaching; 192}; 193 194/* incoming traffic will be queued here */ 195struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 196struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 197 198void *pppoe_softintr = NULL; 199static void pppoe_softintr_handler(void *); 200 201extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 202 203/* input routines */ 204static void pppoeintr(void); 205static void pppoe_disc_input(struct mbuf *); 206static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 207static void pppoe_data_input(struct mbuf *); 208static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 209 210/* management routines */ 211static int pppoe_connect(struct pppoe_softc *); 212static int pppoe_disconnect(struct pppoe_softc *); 213static void pppoe_abort_connect(struct pppoe_softc *); 214static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 215static void pppoe_tls(struct sppp *); 216static void pppoe_tlf(struct sppp *); 217static void pppoe_start(struct ifnet *); 218#ifdef PPPOE_MPSAFE 219static int pppoe_transmit(struct ifnet *, struct mbuf *); 220#endif 221static void pppoe_clear_softc(struct pppoe_softc *, const char *); 222static void pppoe_printf(struct pppoe_softc *, const char *, ...); 223 224/* internal timeout handling */ 225static void pppoe_timeout_co(void *); 226static void pppoe_timeout_co_halt(void *); 227static void pppoe_timeout_wk(struct work *, void *); 228static void pppoe_timeout(struct pppoe_softc *); 229 230/* sending actual protocol controll packets */ 231static int pppoe_send_padi(struct pppoe_softc *); 232static int pppoe_send_padr(struct pppoe_softc *); 233#ifdef PPPOE_SERVER 234static int pppoe_send_pado(struct pppoe_softc *); 235static int pppoe_send_pads(struct pppoe_softc *); 236#endif 237static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 238 239/* raw output */ 240static int pppoe_output(struct pppoe_softc *, struct mbuf *); 241 242/* internal helper functions */ 243static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 244 krw_t); 245static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 246 struct ifnet *, krw_t); 247static struct mbuf *pppoe_get_mbuf(size_t len); 248 249static void pppoe_ifattach_hook(void *, unsigned long, void *); 250 251static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 252static krwlock_t pppoe_softc_list_lock; 253 254static int pppoe_clone_create(struct if_clone *, int); 255static int pppoe_clone_destroy(struct ifnet *); 256 257static bool pppoe_term_unknown = false; 258static int pppoe_term_unknown_pps = 1; 259 260static struct sysctllog *pppoe_sysctl_clog; 261static void sysctl_net_pppoe_setup(struct sysctllog **); 262 263static struct if_clone pppoe_cloner = 264 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 265 266/* ARGSUSED */ 267void 268pppoeattach(int count) 269{ 270 271 /* 272 * Nothing to do here, initialization is handled by the 273 * module initialization code in pppoeinit() below). 274 */ 275} 276 277static void 278pppoeinit(void) 279{ 280 281 LIST_INIT(&pppoe_softc_list); 282 rw_init(&pppoe_softc_list_lock); 283 if_clone_attach(&pppoe_cloner); 284 285 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 286 pppoe_softintr_handler, NULL); 287 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 288 289 IFQ_LOCK_INIT(&ppoediscinq); 290 IFQ_LOCK_INIT(&ppoeinq); 291} 292 293static int 294pppoedetach(void) 295{ 296 int error = 0; 297 298 rw_enter(&pppoe_softc_list_lock, RW_READER); 299 if (!LIST_EMPTY(&pppoe_softc_list)) { 300 rw_exit(&pppoe_softc_list_lock); 301 error = EBUSY; 302 } 303 304 if (error == 0) { 305 if_clone_detach(&pppoe_cloner); 306 softint_disestablish(pppoe_softintr); 307 /* Remove our sysctl sub-tree */ 308 sysctl_teardown(&pppoe_sysctl_clog); 309 } 310 311 return error; 312} 313 314static void 315pppoe_softc_genid(uint64_t *id) 316{ 317 struct pppoe_softc *sc; 318 uint64_t rndid; 319 320 rw_enter(&pppoe_softc_list_lock, RW_READER); 321 322 while (1) { 323 rndid = cprng_strong64(); 324 325 sc = NULL; 326 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 327 if (sc->sc_id == rndid) 328 break; 329 } 330 if (sc == NULL) { 331 break; 332 } 333 } 334 335 rw_exit(&pppoe_softc_list_lock); 336 *id = rndid; 337} 338 339static int 340pppoe_clone_create(struct if_clone *ifc, int unit) 341{ 342 struct pppoe_softc *sc; 343 struct ifnet *ifp; 344 int rv; 345 346 sc = kmem_zalloc(sizeof(*sc), KM_SLEEP); 347 ifp = &sc->sc_sppp.pp_if; 348 349 rw_init(&sc->sc_lock); 350 pppoe_softc_genid(&sc->sc_id); 351 /* changed to real address later */ 352 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 353 354 if_initname(ifp, "pppoe", unit); 355 ifp->if_softc = sc; 356 ifp->if_mtu = PPPOE_MAXMTU; 357 ifp->if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 358#ifdef PPPOE_MPSAFE 359 ifp->if_extflags = IFEF_MPSAFE; 360#endif 361 ifp->if_type = IFT_PPP; 362 ifp->if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 363 ifp->if_dlt = DLT_PPP_ETHER; 364 ifp->if_ioctl = pppoe_ioctl; 365 ifp->if_start = pppoe_start; 366#ifdef PPPOE_MPSAFE 367 ifp->if_transmit = pppoe_transmit; 368#endif 369 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 370 IFQ_SET_READY(&ifp->if_snd); 371 372 sc->sc_sppp.pp_tls = pppoe_tls; 373 sc->sc_sppp.pp_tlf = pppoe_tlf; 374 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 375 PP_NOFRAMING; /* no serial encapsulation */ 376 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 377 378 rv = workqueue_create(&sc->sc_timeout_wq, 379 ifp->if_xname, pppoe_timeout_wk, sc, 380 PRI_SOFTNET, IPL_SOFTNET, 0); 381 if (rv != 0) 382 goto destroy_sclock; 383 384 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 385 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co, sc); 386 387 rv = if_initialize(ifp); 388 if (rv != 0) 389 goto destroy_timeout; 390 391 ifp->if_percpuq = if_percpuq_create(ifp); 392 393 rw_enter(&pppoe_softc_list_lock, RW_READER); 394 if (LIST_EMPTY(&pppoe_softc_list)) { 395 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 396 } 397 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 398 rw_exit(&pppoe_softc_list_lock); 399 400 sppp_attach(ifp); 401 bpf_attach(ifp, DLT_PPP_ETHER, 0); 402 if_register(ifp); 403 404 return 0; 405 406destroy_timeout: 407 callout_destroy(&sc->sc_timeout); 408 workqueue_destroy(sc->sc_timeout_wq); 409destroy_sclock: 410 rw_destroy(&sc->sc_lock); 411 kmem_free(sc, sizeof(*sc)); 412 413 return rv; 414} 415 416static int 417pppoe_clone_destroy(struct ifnet *ifp) 418{ 419 struct pppoe_softc * sc = ifp->if_softc; 420 421 PPPOE_LOCK(sc, RW_WRITER); 422 /* stop ioctls */ 423 sc->sc_detaching = true; 424 425 if (ifp->if_flags & IFF_RUNNING) { 426 pppoe_clear_softc(sc, "destroy interface"); 427 sc->sc_eth_if = NULL; 428 } 429 PPPOE_UNLOCK(sc); 430 431 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 432 LIST_REMOVE(sc, sc_list); 433 434 if (LIST_EMPTY(&pppoe_softc_list)) { 435 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 436 } 437 rw_exit(&pppoe_softc_list_lock); 438 439 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co_halt, sc); 440 workqueue_wait(sc->sc_timeout_wq, &sc->sc_timeout_wk); 441 callout_halt(&sc->sc_timeout, NULL); 442 443 bpf_detach(ifp); 444 sppp_detach(&sc->sc_sppp.pp_if); 445 if_detach(ifp); 446 if (sc->sc_concentrator_name) 447 free(sc->sc_concentrator_name, M_DEVBUF); 448 if (sc->sc_service_name) 449 free(sc->sc_service_name, M_DEVBUF); 450 if (sc->sc_ac_cookie) 451 free(sc->sc_ac_cookie, M_DEVBUF); 452 if (sc->sc_relay_sid) 453 free(sc->sc_relay_sid, M_DEVBUF); 454 callout_destroy(&sc->sc_timeout); 455 workqueue_destroy(sc->sc_timeout_wq); 456 457 rw_destroy(&sc->sc_lock); 458 459 kmem_free(sc, sizeof(*sc)); 460 461 return 0; 462} 463 464static void 465pppoe_printf(struct pppoe_softc *sc, const char *fmt, ...) 466{ 467 va_list ap; 468 bool pppoe_debug; 469 470#ifdef PPPOE_DEBUG 471 pppoe_debug = true; 472#else 473 pppoe_debug = false; 474#endif 475 476 if (sc == NULL) { 477 if (!pppoe_debug) 478 return; 479 480 printf("pppoe: "); 481 } else { 482 if (!ISSET(sc->sc_sppp.pp_if.if_flags, IFF_DEBUG)) 483 return; 484 485 printf("%s: ", sc->sc_sppp.pp_if.if_xname); 486 } 487 488 va_start(ap, fmt); 489 vprintf(fmt, ap); 490 va_end(ap); 491} 492 493/* 494 * Find the interface handling the specified session. 495 * Note: O(number of sessions open), this is a client-side only, mean 496 * and lean implementation, so number of open sessions typically should 497 * be 1. 498 */ 499static struct pppoe_softc * 500pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 501{ 502 struct pppoe_softc *sc = NULL; 503 504 if (session == 0) 505 return NULL; 506 rw_enter(&pppoe_softc_list_lock, RW_READER); 507 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 508 PPPOE_LOCK(sc, lock); 509 if ( sc->sc_state == PPPOE_STATE_SESSION 510 && sc->sc_session == session 511 && sc->sc_eth_if == rcvif) 512 break; 513 514 PPPOE_UNLOCK(sc); 515 } 516 rw_exit(&pppoe_softc_list_lock); 517 return sc; 518} 519 520/* Check host unique token passed and return appropriate softc pointer, 521 * or NULL if token is bogus. */ 522static struct pppoe_softc * 523pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 524 struct ifnet *rcvif, krw_t lock) 525{ 526 struct pppoe_softc *sc; 527 uint64_t t; 528 529 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 530 531 rw_enter(&pppoe_softc_list_lock, RW_READER); 532 if (LIST_EMPTY(&pppoe_softc_list)) { 533 rw_exit(&pppoe_softc_list_lock); 534 return NULL; 535 } 536 537 if (len != sizeof(sc->sc_id)) { 538 rw_exit(&pppoe_softc_list_lock); 539 return NULL; 540 } 541 memcpy(&t, token, len); 542 543 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 544 PPPOE_LOCK(sc, lock); 545 if (sc->sc_id == t && sc->sc_eth_if != NULL) { 546 break; 547 } 548 PPPOE_UNLOCK(sc); 549 } 550 rw_exit(&pppoe_softc_list_lock); 551 552 if (sc == NULL) { 553 pppoe_printf(NULL, "alien host unique tag" 554 ", no session found\n"); 555 return NULL; 556 } 557 558 /* should be safe to access *sc now */ 559 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 560 pppoe_printf(sc, "host unique tag found" 561 ", but it belongs to a connection in state %d\n", 562 sc->sc_state); 563 PPPOE_UNLOCK(sc); 564 return NULL; 565 } 566 if (sc->sc_eth_if != rcvif) { 567 pppoe_printf(sc, "wrong interface, not accepting host unique\n"); 568 PPPOE_UNLOCK(sc); 569 return NULL; 570 } 571 return sc; 572} 573 574static void 575pppoe_softintr_handler(void *dummy) 576{ 577 /* called at splsoftnet() */ 578 pppoeintr(); 579} 580 581/* called at appropriate protection level */ 582static void 583pppoeintr(void) 584{ 585 struct mbuf *m; 586 int disc_done, data_done; 587 588 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 589 590 do { 591 disc_done = 0; 592 data_done = 0; 593 for (;;) { 594 IFQ_LOCK(&ppoediscinq); 595 IF_DEQUEUE(&ppoediscinq, m); 596 IFQ_UNLOCK(&ppoediscinq); 597 if (m == NULL) 598 break; 599 disc_done = 1; 600 pppoe_disc_input(m); 601 } 602 603 for (;;) { 604 IFQ_LOCK(&ppoeinq); 605 IF_DEQUEUE(&ppoeinq, m); 606 IFQ_UNLOCK(&ppoeinq); 607 if (m == NULL) 608 break; 609 data_done = 1; 610 pppoe_data_input(m); 611 } 612 } while (disc_done || data_done); 613 614 if (!IF_IS_EMPTY(&ppoediscinq) || !IF_IS_EMPTY(&ppoeinq)) 615 softint_schedule(pppoe_softintr); 616 617 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 618} 619 620/* analyze and handle a single received packet while not in session state */ 621static void 622pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 623{ 624 uint16_t tag, len; 625 uint16_t session, plen; 626 struct pppoe_softc *sc; 627 const char *err_msg; 628 char *error; 629 size_t dlen; 630 uint8_t *ac_cookie; 631 size_t ac_cookie_len; 632 uint8_t *relay_sid; 633 size_t relay_sid_len; 634 uint8_t *hunique; 635 size_t hunique_len; 636 struct pppoehdr *ph; 637 struct pppoetag *pt; 638 struct mbuf *n; 639 int noff, err, errortag; 640 struct ether_header *eh; 641 struct ifnet *rcvif; 642 struct psref psref; 643 644 if (m->m_len < sizeof(*eh)) { 645 m = m_pullup(m, sizeof(*eh)); 646 if (m == NULL) 647 goto done; 648 } 649 eh = mtod(m, struct ether_header *); 650 off += sizeof(*eh); 651 652 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 653 goto done; 654 } 655 656 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 657 if (ph == NULL) { 658 goto done; 659 } 660 if (ph->vertype != PPPOE_VERTYPE) { 661 goto done; 662 } 663 664 ac_cookie = NULL; 665 ac_cookie_len = 0; 666 relay_sid = NULL; 667 relay_sid_len = 0; 668 hunique = NULL; 669 hunique_len = 0; 670 671 session = ntohs(ph->session); 672 plen = ntohs(ph->plen); 673 off += sizeof(*ph); 674 675 if (plen + off > m->m_pkthdr.len) { 676 goto done; 677 } 678 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 679 680 tag = 0; 681 len = 0; 682 sc = NULL; 683 err_msg = NULL; 684 errortag = 0; 685 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 686 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 687 if (pt == NULL) { 688 goto done; 689 } 690 691 tag = ntohs(pt->tag); 692 len = ntohs(pt->len); 693 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 694 goto done; 695 } 696 switch (tag) { 697 case PPPOE_TAG_EOL: 698 goto breakbreak; 699 case PPPOE_TAG_SNAME: 700 break; /* ignored */ 701 case PPPOE_TAG_ACNAME: 702 if (len > 0) { 703 dlen = 4 * len + 1; 704 error = malloc(dlen, M_TEMP, M_NOWAIT); 705 if (error == NULL) 706 break; 707 708 n = m_pulldown(m, off + sizeof(*pt), len, 709 &noff); 710 if (!n) { 711 m = NULL; 712 free(error, M_TEMP); 713 goto done; 714 } 715 716 strnvisx(error, dlen, 717 mtod(n, char*) + noff, len, 718 VIS_SAFE | VIS_OCTAL); 719 pppoe_printf(NULL, "connected to %s\n", error); 720 free(error, M_TEMP); 721 } 722 break; /* ignored */ 723 case PPPOE_TAG_HUNIQUE: 724 if (hunique == NULL) { 725 n = m_pulldown(m, off + sizeof(*pt), len, 726 &noff); 727 if (!n) { 728 m = NULL; 729 err_msg = "TAG HUNIQUE ERROR"; 730 break; 731 } 732 733 hunique = mtod(n, uint8_t *) + noff; 734 hunique_len = len; 735 } 736 break; 737 case PPPOE_TAG_ACCOOKIE: 738 if (ac_cookie == NULL) { 739 n = m_pulldown(m, off + sizeof(*pt), len, 740 &noff); 741 if (!n) { 742 err_msg = "TAG ACCOOKIE ERROR"; 743 m = NULL; 744 break; 745 } 746 ac_cookie = mtod(n, char *) + noff; 747 ac_cookie_len = len; 748 } 749 break; 750 case PPPOE_TAG_RELAYSID: 751 if (relay_sid == NULL) { 752 n = m_pulldown(m, off + sizeof(*pt), len, 753 &noff); 754 if (!n) { 755 err_msg = "TAG RELAYSID ERROR"; 756 m = NULL; 757 break; 758 } 759 relay_sid = mtod(n, char *) + noff; 760 relay_sid_len = len; 761 } 762 break; 763 case PPPOE_TAG_SNAME_ERR: 764 err_msg = "SERVICE NAME ERROR"; 765 errortag = 1; 766 break; 767 case PPPOE_TAG_ACSYS_ERR: 768 err_msg = "AC SYSTEM ERROR"; 769 errortag = 1; 770 break; 771 case PPPOE_TAG_GENERIC_ERR: 772 err_msg = "GENERIC ERROR"; 773 errortag = 1; 774 break; 775 } 776 if (err_msg) { 777 error = NULL; 778 if (errortag && len) { 779 dlen = 4 * len + 1; 780 error = malloc(dlen, M_TEMP, 781 M_NOWAIT|M_ZERO); 782 n = m_pulldown(m, off + sizeof(*pt), len, 783 &noff); 784 if (!n) { 785 m = NULL; 786 } else if (error) { 787 strnvisx(error, dlen, 788 mtod(n, char*) + noff, len, 789 VIS_SAFE | VIS_OCTAL); 790 } 791 } 792 if (error) { 793 pppoe_printf(NULL, "%s: %s\n", err_msg, error); 794 free(error, M_TEMP); 795 } else 796 pppoe_printf(NULL, "%s\n", err_msg); 797 if (errortag || m == NULL) 798 goto done; 799 } 800 off += sizeof(*pt) + len; 801 } 802breakbreak:; 803 804 switch (ph->code) { 805 case PPPOE_CODE_PADI: 806#ifdef PPPOE_SERVER 807 /* 808 * got service name, concentrator name, and/or host unique. 809 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 810 */ 811 rw_enter(&pppoe_softc_list_lock, RW_READER); 812 if (LIST_EMPTY(&pppoe_softc_list)) { 813 rw_exit(&pppoe_softc_list_lock); 814 goto done; 815 } 816 817 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 818 PPPOE_LOCK(sc, RW_WRITER); 819 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 820 PPPOE_UNLOCK(sc); 821 continue; 822 } 823 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 824 PPPOE_UNLOCK(sc); 825 continue; 826 } 827 828 if (sc->sc_state == PPPOE_STATE_INITIAL) 829 break; 830 831 PPPOE_UNLOCK(sc); 832 } 833 rw_exit(&pppoe_softc_list_lock); 834 835 if (sc == NULL) { 836 goto done; 837 } 838 839 if (hunique) { 840 if (sc->sc_hunique) 841 free(sc->sc_hunique, M_DEVBUF); 842 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 843 M_DONTWAIT); 844 if (sc->sc_hunique == NULL) { 845 PPPOE_UNLOCK(sc); 846 goto done; 847 } 848 sc->sc_hunique_len = hunique_len; 849 memcpy(sc->sc_hunique, hunique, hunique_len); 850 } 851 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 852 sc->sc_state = PPPOE_STATE_PADO_SENT; 853 pppoe_send_pado(sc); 854 PPPOE_UNLOCK(sc); 855 break; 856#endif /* PPPOE_SERVER */ 857 858 case PPPOE_CODE_PADR: 859#ifdef PPPOE_SERVER 860 /* 861 * get sc from ac_cookie if IFF_PASSIVE 862 */ 863 if (ac_cookie == NULL) { 864 goto done; 865 } 866 867 rcvif = m_get_rcvif_psref(m, &psref); 868 if (__predict_true(rcvif != NULL)) { 869 sc = pppoe_find_softc_by_hunique(ac_cookie, 870 ac_cookie_len, rcvif, RW_WRITER); 871 } 872 m_put_rcvif_psref(rcvif, &psref); 873 if (sc == NULL) { 874 /* be quiet if there is not a single pppoe instance */ 875 rw_enter(&pppoe_softc_list_lock, RW_READER); 876 if (!LIST_EMPTY(&pppoe_softc_list)) { 877 pppoe_printf(NULL, "received PADR" 878 " but could not find request for it\n"); 879 } 880 rw_exit(&pppoe_softc_list_lock); 881 goto done; 882 } 883 884 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 885 pppoe_printf(sc, "received unexpected PADR\n"); 886 PPPOE_UNLOCK(sc); 887 goto done; 888 } 889 890 if (hunique) { 891 if (sc->sc_hunique) 892 free(sc->sc_hunique, M_DEVBUF); 893 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 894 M_DONTWAIT); 895 if (sc->sc_hunique == NULL) { 896 PPPOE_UNLOCK(sc); 897 goto done; 898 } 899 sc->sc_hunique_len = hunique_len; 900 memcpy(sc->sc_hunique, hunique, hunique_len); 901 } 902 pppoe_send_pads(sc); 903 sc->sc_state = PPPOE_STATE_SESSION; 904 PPPOE_UNLOCK(sc); 905 906 sc->sc_sppp.pp_up(&sc->sc_sppp); 907 break; 908#else 909 /* ignore, we are no access concentrator */ 910 goto done; 911#endif /* PPPOE_SERVER */ 912 913 case PPPOE_CODE_PADO: 914 rcvif = m_get_rcvif_psref(m, &psref); 915 if (__predict_false(rcvif == NULL)) 916 goto done; 917 918 if (hunique != NULL) { 919 sc = pppoe_find_softc_by_hunique(hunique, 920 hunique_len, rcvif, RW_WRITER); 921 } 922 923 m_put_rcvif_psref(rcvif, &psref); 924 925 if (sc == NULL) { 926 /* be quiet if there is not a single pppoe instance */ 927 rw_enter(&pppoe_softc_list_lock, RW_READER); 928 if (!LIST_EMPTY(&pppoe_softc_list)) { 929 pppoe_printf(NULL, "received PADO" 930 " but could not find request for it\n"); 931 } 932 rw_exit(&pppoe_softc_list_lock); 933 goto done; 934 } 935 936 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 937 pppoe_printf(sc, "received unexpected PADO\n"); 938 PPPOE_UNLOCK(sc); 939 goto done; 940 } 941 942 if (ac_cookie) { 943 if (sc->sc_ac_cookie) 944 free(sc->sc_ac_cookie, M_DEVBUF); 945 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 946 M_DONTWAIT); 947 if (sc->sc_ac_cookie == NULL) { 948 pppoe_printf(sc, "FATAL: could not allocate memory " 949 "for AC cookie\n"); 950 PPPOE_UNLOCK(sc); 951 goto done; 952 } 953 sc->sc_ac_cookie_len = ac_cookie_len; 954 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 955 } 956 if (relay_sid) { 957 if (sc->sc_relay_sid) 958 free(sc->sc_relay_sid, M_DEVBUF); 959 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 960 M_DONTWAIT); 961 if (sc->sc_relay_sid == NULL) { 962 pppoe_printf(sc, "FATAL: could not allocate memory " 963 "for relay SID\n"); 964 PPPOE_UNLOCK(sc); 965 goto done; 966 } 967 sc->sc_relay_sid_len = relay_sid_len; 968 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 969 } 970 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 971 callout_stop(&sc->sc_timeout); 972 sc->sc_padr_retried = 0; 973 sc->sc_state = PPPOE_STATE_PADR_SENT; 974 if ((err = pppoe_send_padr(sc)) != 0) { 975 pppoe_printf(sc, 976 "failed to send PADR, error=%d\n", err); 977 } 978 callout_schedule(&sc->sc_timeout, 979 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 980 981 PPPOE_UNLOCK(sc); 982 break; 983 984 case PPPOE_CODE_PADS: 985 rcvif = m_get_rcvif_psref(m, &psref); 986 if (__predict_false(rcvif == NULL)) 987 goto done; 988 989 if (hunique != NULL) { 990 sc = pppoe_find_softc_by_hunique(hunique, 991 hunique_len, rcvif, RW_WRITER); 992 } 993 994 m_put_rcvif_psref(rcvif, &psref); 995 996 if (sc == NULL) 997 goto done; 998 999 sc->sc_session = session; 1000 callout_stop(&sc->sc_timeout); 1001 pppoe_printf(sc, "session 0x%x connected\n", session); 1002 sc->sc_state = PPPOE_STATE_SESSION; 1003 PPPOE_UNLOCK(sc); 1004 1005 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 1006 break; 1007 1008 case PPPOE_CODE_PADT: 1009 rcvif = m_get_rcvif_psref(m, &psref); 1010 if (__predict_false(rcvif == NULL)) 1011 goto done; 1012 1013 sc = pppoe_find_softc_by_session(session, rcvif, 1014 RW_WRITER); 1015 1016 m_put_rcvif_psref(rcvif, &psref); 1017 1018 if (sc == NULL) 1019 goto done; 1020 1021 pppoe_clear_softc(sc, "received PADT"); 1022 if (sc->sc_sppp.pp_if.if_flags & IFF_RUNNING) 1023 callout_schedule(&sc->sc_timeout, PPPOE_RECON_FAST); 1024 PPPOE_UNLOCK(sc); 1025 break; 1026 1027 default: 1028 rcvif = m_get_rcvif_psref(m, &psref); 1029 if (__predict_false(rcvif == NULL)) 1030 goto done; 1031 1032 if (hunique != NULL) { 1033 sc = pppoe_find_softc_by_hunique(hunique, 1034 hunique_len, rcvif, RW_READER); 1035 } 1036 1037 m_put_rcvif_psref(rcvif, &psref); 1038 1039 pppoe_printf(sc, "unknown code (0x%04x) session = 0x%04x\n", 1040 ph->code, session); 1041 if (sc == NULL) 1042 goto done; 1043 PPPOE_UNLOCK(sc); 1044 break; 1045 } 1046 1047done: 1048 if (m) 1049 m_freem(m); 1050 return; 1051} 1052 1053static void 1054pppoe_disc_input(struct mbuf *m) 1055{ 1056 KASSERT(m->m_flags & M_PKTHDR); 1057 1058 /* 1059 * Avoid error messages if there is not a single PPPoE instance. 1060 */ 1061 rw_enter(&pppoe_softc_list_lock, RW_READER); 1062 if (!LIST_EMPTY(&pppoe_softc_list)) { 1063 rw_exit(&pppoe_softc_list_lock); 1064 pppoe_dispatch_disc_pkt(m, 0); 1065 } else { 1066 rw_exit(&pppoe_softc_list_lock); 1067 m_freem(m); 1068 } 1069} 1070 1071static bool 1072pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1073{ 1074 1075 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1076 return true; 1077 1078 return false; 1079} 1080 1081static void 1082pppoe_data_input(struct mbuf *m) 1083{ 1084 uint16_t session, plen; 1085 struct pppoe_softc *sc; 1086 struct pppoehdr *ph; 1087 struct ifnet *rcvif; 1088 struct psref psref; 1089 uint8_t shost[ETHER_ADDR_LEN]; 1090 uint8_t dhost[ETHER_ADDR_LEN]; 1091 bool term_unknown = pppoe_term_unknown; 1092 1093 KASSERT(m->m_flags & M_PKTHDR); 1094 1095 /* 1096 * Avoid error messages if there is not a single PPPoE instance. 1097 */ 1098 rw_enter(&pppoe_softc_list_lock, RW_READER); 1099 if (LIST_EMPTY(&pppoe_softc_list)) { 1100 rw_exit(&pppoe_softc_list_lock); 1101 goto drop; 1102 } 1103 rw_exit(&pppoe_softc_list_lock); 1104 1105 if (term_unknown) { 1106 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1107 ETHER_ADDR_LEN); 1108 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1109 ETHER_ADDR_LEN); 1110 } 1111 m_adj(m, sizeof(struct ether_header)); 1112 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1113 goto drop; 1114 } 1115 1116 if (m->m_len < sizeof(*ph)) { 1117 m = m_pullup(m, sizeof(*ph)); 1118 if (m == NULL) { 1119 return; 1120 } 1121 } 1122 ph = mtod(m, struct pppoehdr *); 1123 1124 if (ph->vertype != PPPOE_VERTYPE) { 1125 goto drop; 1126 } 1127 if (ph->code != 0) { 1128 goto drop; 1129 } 1130 1131 session = ntohs(ph->session); 1132 rcvif = m_get_rcvif_psref(m, &psref); 1133 if (__predict_false(rcvif == NULL)) 1134 goto drop; 1135 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1136 if (sc == NULL) { 1137 if (term_unknown) { 1138 static struct timeval lasttime = {0, 0}; 1139 static int curpps = 0; 1140 /* 1141 * avoid to send wrong PADT which is response from 1142 * session stage packets for other hosts when parent 1143 * ethernet is promiscuous mode. 1144 */ 1145 if (pppoe_is_my_frame(dhost, rcvif) && 1146 ppsratecheck(&lasttime, &curpps, 1147 pppoe_term_unknown_pps)) { 1148 pppoe_printf(NULL, "input for unknown session %#x, " 1149 "sending PADT\n", session); 1150 pppoe_send_padt(rcvif, session, shost); 1151 } 1152 } 1153 m_put_rcvif_psref(rcvif, &psref); 1154 goto drop; 1155 } 1156 1157 m_put_rcvif_psref(rcvif, &psref); 1158 1159 plen = ntohs(ph->plen); 1160 1161 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1162 1163 m_adj(m, PPPOE_HEADERLEN); 1164 1165#ifdef PPPOE_DEBUG 1166 { 1167 struct mbuf *p; 1168 1169 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1170 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1171 p = m; 1172 while (p) { 1173 printf(" l=%d", p->m_len); 1174 p = p->m_next; 1175 } 1176 printf("\n"); 1177 } 1178#endif 1179 PPPOE_UNLOCK(sc); 1180 1181 if (m->m_pkthdr.len < plen) 1182 goto drop; 1183 1184 /* ignore trailing garbage */ 1185 m_adj(m, plen - m->m_pkthdr.len); 1186 /* 1187 * Fix incoming interface pointer (not the raw ethernet interface 1188 * anymore) 1189 */ 1190 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1191 1192 /* pass packet up and account for it */ 1193 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1194 sppp_input(&sc->sc_sppp.pp_if, m); 1195 return; 1196 1197drop: 1198 m_freem(m); 1199} 1200 1201static int 1202pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1203{ 1204 struct sockaddr dst; 1205 struct ether_header *eh; 1206 uint16_t etype; 1207 1208 if (sc->sc_eth_if == NULL) { 1209 m_freem(m); 1210 return EIO; 1211 } 1212 1213 memset(&dst, 0, sizeof dst); 1214 dst.sa_family = AF_UNSPEC; 1215 eh = (struct ether_header*)&dst.sa_data; 1216 etype = sc->sc_state == PPPOE_STATE_SESSION 1217 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1218 eh->ether_type = htons(etype); 1219 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1220 1221 DPRINTF(sc, "(%x) state=%d, session=0x%x output -> %s, len=%d\n", 1222 etype, sc->sc_state, sc->sc_session, 1223 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1224 1225 m->m_flags &= ~(M_BCAST|M_MCAST); 1226 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1227 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1228} 1229 1230static int 1231pppoe_parm_cpyinstr(struct pppoe_softc *sc, 1232 char **dst, const void *src, size_t len) 1233{ 1234 int error = 0; 1235 char *next = NULL; 1236 size_t bufsiz, cpysiz, strsiz; 1237 1238 bufsiz = len + 1; 1239 1240 if (src == NULL) 1241 goto out; 1242 1243 bufsiz = len + 1; 1244 next = malloc(bufsiz, M_DEVBUF, M_WAITOK); 1245 if (next == NULL) 1246 return ENOMEM; 1247 1248 error = copyinstr(src, next, bufsiz, &cpysiz); 1249 if (error != 0) 1250 goto fail; 1251 if (cpysiz != bufsiz) { 1252 error = EINVAL; 1253 goto fail; 1254 } 1255 1256 strsiz = strnlen(next, bufsiz); 1257 if (strsiz == bufsiz) { 1258 error = EINVAL; 1259 goto fail; 1260 } 1261 1262out: 1263 PPPOE_LOCK(sc, RW_WRITER); 1264 if (*dst != NULL) 1265 free(*dst, M_DEVBUF); 1266 *dst = next; 1267 next = NULL; 1268 PPPOE_UNLOCK(sc); 1269fail: 1270 if (next != NULL) 1271 free(next, M_DEVBUF); 1272 1273 return error; 1274} 1275 1276static int 1277pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1278{ 1279 struct lwp *l = curlwp; /* XXX */ 1280 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1281 struct ifreq *ifr = data; 1282 int error = 0; 1283 1284 switch (cmd) { 1285 case PPPOESETPARMS: 1286 { 1287 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1288 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1289 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1290 NULL) != 0) 1291 return EPERM; 1292 if (parms->eth_ifname[0] != 0) { 1293 struct ifnet *eth_if; 1294 1295 PPPOE_LOCK(sc, RW_WRITER); 1296 if (sc->sc_detaching) { 1297 PPPOE_UNLOCK(sc); 1298 return ENXIO; 1299 } 1300 eth_if = ifunit(parms->eth_ifname); 1301 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1302 sc->sc_eth_if = NULL; 1303 PPPOE_UNLOCK(sc); 1304 return ENXIO; 1305 } 1306 1307 if (sc->sc_sppp.pp_if.if_mtu != 1308 eth_if->if_mtu - PPPOE_OVERHEAD) { 1309 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1310 PPPOE_OVERHEAD; 1311 } 1312 sc->sc_eth_if = eth_if; 1313 PPPOE_UNLOCK(sc); 1314 } 1315 1316 error = pppoe_parm_cpyinstr(sc, &sc->sc_concentrator_name, 1317 parms->ac_name, parms->ac_name_len); 1318 if (error != 0) 1319 return error; 1320 1321 error = pppoe_parm_cpyinstr(sc, &sc->sc_service_name, 1322 parms->service_name, parms->service_name_len); 1323 if (error != 0) 1324 return error; 1325 return 0; 1326 } 1327 break; 1328 case PPPOEGETPARMS: 1329 { 1330 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1331 memset(parms, 0, sizeof *parms); 1332 PPPOE_LOCK(sc, RW_READER); 1333 if (sc->sc_eth_if) 1334 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1335 sizeof(parms->ifname)); 1336 PPPOE_UNLOCK(sc); 1337 return 0; 1338 } 1339 break; 1340 case PPPOEGETSESSION: 1341 { 1342 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1343 PPPOE_LOCK(sc, RW_READER); 1344 state->state = sc->sc_state; 1345 state->session_id = sc->sc_session; 1346 state->padi_retry_no = sc->sc_padi_retried; 1347 state->padr_retry_no = sc->sc_padr_retried; 1348 PPPOE_UNLOCK(sc); 1349 return 0; 1350 } 1351 break; 1352 case SIOCSIFFLAGS: 1353 /* 1354 * Prevent running re-establishment timers overriding 1355 * administrators choice. 1356 */ 1357 PPPOE_LOCK(sc, RW_WRITER); 1358 if (sc->sc_detaching) { 1359 PPPOE_UNLOCK(sc); 1360 return ENXIO; 1361 } 1362 1363 if ((ifr->ifr_flags & IFF_UP) == 0 1364 && sc->sc_state < PPPOE_STATE_SESSION) { 1365 callout_stop(&sc->sc_timeout); 1366 sc->sc_state = PPPOE_STATE_INITIAL; 1367 sc->sc_padi_retried = 0; 1368 sc->sc_padr_retried = 0; 1369 memcpy(&sc->sc_dest, etherbroadcastaddr, 1370 sizeof(sc->sc_dest)); 1371 } 1372 1373 PPPOE_UNLOCK(sc); 1374 1375 error = sppp_ioctl(ifp, cmd, data); 1376 1377 return error; 1378 case SIOCSIFMTU: 1379 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1380 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1381 return EINVAL; 1382 } 1383 /*FALLTHROUGH*/ 1384 default: 1385 return sppp_ioctl(ifp, cmd, data); 1386 } 1387 return 0; 1388} 1389 1390/* 1391 * Allocate a mbuf/cluster with space to store the given data length 1392 * of payload, leaving space for prepending an ethernet header 1393 * in front. 1394 */ 1395static struct mbuf * 1396pppoe_get_mbuf(size_t len) 1397{ 1398 struct mbuf *m; 1399 1400 MGETHDR(m, M_DONTWAIT, MT_DATA); 1401 if (m == NULL) 1402 return NULL; 1403 if (len + sizeof(struct ether_header) > MHLEN) { 1404 MCLGET(m, M_DONTWAIT); 1405 if ((m->m_flags & M_EXT) == 0) { 1406 m_free(m); 1407 return NULL; 1408 } 1409 } 1410 m->m_data += sizeof(struct ether_header); 1411 m->m_len = len; 1412 m->m_pkthdr.len = len; 1413 m_reset_rcvif(m); 1414 1415 return m; 1416} 1417 1418static int 1419pppoe_send_padi(struct pppoe_softc *sc) 1420{ 1421 struct mbuf *m0; 1422 int len, l1 = 0, l2 = 0; 1423 uint8_t *p; 1424 1425 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1426 panic("pppoe_send_padi in state %d", sc->sc_state); 1427 1428 /* Compute packet length. */ 1429 len = sizeof(struct pppoetag); 1430 if (sc->sc_service_name != NULL) { 1431 l1 = strlen(sc->sc_service_name); 1432 len += l1; 1433 } 1434 if (sc->sc_concentrator_name != NULL) { 1435 l2 = strlen(sc->sc_concentrator_name); 1436 len += sizeof(struct pppoetag) + l2; 1437 } 1438 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1439 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1440 len += sizeof(struct pppoetag) + 2; 1441 } 1442 1443 /* Allocate packet. */ 1444 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1445 if (m0 == NULL) 1446 return ENOBUFS; 1447 1448 /* Fill in packet. */ 1449 p = mtod(m0, uint8_t *); 1450 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1451 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1452 if (sc->sc_service_name != NULL) { 1453 PPPOE_ADD_16(p, l1); 1454 memcpy(p, sc->sc_service_name, l1); 1455 p += l1; 1456 } else { 1457 PPPOE_ADD_16(p, 0); 1458 } 1459 if (sc->sc_concentrator_name != NULL) { 1460 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1461 PPPOE_ADD_16(p, l2); 1462 memcpy(p, sc->sc_concentrator_name, l2); 1463 p += l2; 1464 } 1465 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1466 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1467 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1468 p += sizeof(sc->sc_id); 1469 1470 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1471 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1472 PPPOE_ADD_16(p, 2); 1473 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1474 } 1475 1476#ifdef PPPOE_DEBUG 1477 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1478 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1479 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1480#endif 1481 1482 /* Send packet. */ 1483 return pppoe_output(sc, m0); 1484} 1485 1486static void 1487pppoe_timeout_co(void *arg) 1488{ 1489 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1490 1491 if (atomic_swap_uint(&sc->sc_timeout_scheduled, 1) != 0) 1492 return; 1493 1494 workqueue_enqueue(sc->sc_timeout_wq, &sc->sc_timeout_wk, NULL); 1495} 1496 1497static void 1498pppoe_timeout_co_halt(void *unused __unused) 1499{ 1500 1501 /* do nothing to halt callout safely */ 1502} 1503 1504static void 1505pppoe_timeout_wk(struct work *wk __unused, void *arg) 1506{ 1507 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1508 1509 atomic_swap_uint(&sc->sc_timeout_scheduled, 0); 1510 pppoe_timeout(sc); 1511} 1512 1513static void 1514pppoe_timeout(struct pppoe_softc *sc) 1515{ 1516 int retry_wait, err; 1517 DECLARE_SPLNET_VARIABLE; 1518 1519 pppoe_printf(sc, "timeout\n"); 1520 1521 PPPOE_LOCK(sc, RW_WRITER); 1522 switch (sc->sc_state) { 1523 case PPPOE_STATE_INITIAL: 1524 /* delayed connect from pppoe_tls() */ 1525 if (!sc->sc_detaching) 1526 pppoe_connect(sc); 1527 break; 1528 case PPPOE_STATE_PADI_SENT: 1529 /* 1530 * We have two basic ways of retrying: 1531 * - Quick retry mode: try a few times in short sequence 1532 * - Slow retry mode: we already had a connection successfully 1533 * established and will try infinitely (without user 1534 * intervention) 1535 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1536 * is not set. 1537 */ 1538 1539 /* initialize for quick retry mode */ 1540 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1541 1542 ACQUIRE_SPLNET(); 1543 sc->sc_padi_retried++; 1544 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1545 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1546 /* slow retry mode */ 1547 retry_wait = PPPOE_SLOW_RETRY; 1548 } else { 1549 pppoe_abort_connect(sc); 1550 RELEASE_SPLNET(); 1551 PPPOE_UNLOCK(sc); 1552 return; 1553 } 1554 } 1555 if ((err = pppoe_send_padi(sc)) != 0) { 1556 sc->sc_padi_retried--; 1557 pppoe_printf(sc, 1558 "failed to transmit PADI, error=%d\n", err); 1559 } 1560 callout_schedule(&sc->sc_timeout,retry_wait); 1561 RELEASE_SPLNET(); 1562 break; 1563 1564 case PPPOE_STATE_PADR_SENT: 1565 ACQUIRE_SPLNET(); 1566 sc->sc_padr_retried++; 1567 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1568 memcpy(&sc->sc_dest, etherbroadcastaddr, 1569 sizeof(sc->sc_dest)); 1570 sc->sc_state = PPPOE_STATE_PADI_SENT; 1571 sc->sc_padi_retried = 0; 1572 sc->sc_padr_retried = 0; 1573 if ((err = pppoe_send_padi(sc)) != 0) { 1574 pppoe_printf(sc, 1575 "failed to send PADI, error=%d\n", err); 1576 } 1577 callout_schedule(&sc->sc_timeout, 1578 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1579 RELEASE_SPLNET(); 1580 PPPOE_UNLOCK(sc); 1581 return; 1582 } 1583 if ((err = pppoe_send_padr(sc)) != 0) { 1584 sc->sc_padr_retried--; 1585 pppoe_printf(sc,"failed to send PADR, error=%d", err); 1586 } 1587 callout_schedule(&sc->sc_timeout, 1588 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1589 RELEASE_SPLNET(); 1590 break; 1591 case PPPOE_STATE_CLOSING: 1592 pppoe_disconnect(sc); 1593 break; 1594 default: 1595 PPPOE_UNLOCK(sc); 1596 return; /* all done, work in peace */ 1597 } 1598 PPPOE_UNLOCK(sc); 1599} 1600 1601/* Start a connection (i.e. initiate discovery phase) */ 1602static int 1603pppoe_connect(struct pppoe_softc *sc) 1604{ 1605 int err; 1606 DECLARE_SPLNET_VARIABLE; 1607 1608 KASSERT(PPPOE_WLOCKED(sc)); 1609 1610 if (sc->sc_state != PPPOE_STATE_INITIAL) 1611 return EBUSY; 1612 1613#ifdef PPPOE_SERVER 1614 /* wait PADI if IFF_PASSIVE */ 1615 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1616 return 0; 1617#endif 1618 ACQUIRE_SPLNET(); 1619 /* save state, in case we fail to send PADI */ 1620 sc->sc_state = PPPOE_STATE_PADI_SENT; 1621 sc->sc_padi_retried = 0; 1622 sc->sc_padr_retried = 0; 1623 err = pppoe_send_padi(sc); 1624 if (err != 0) 1625 pppoe_printf(sc, "failed to send PADI, error=%d\n", err); 1626 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1627 RELEASE_SPLNET(); 1628 return err; 1629} 1630 1631/* disconnect */ 1632static int 1633pppoe_disconnect(struct pppoe_softc *sc) 1634{ 1635 int err; 1636 DECLARE_SPLNET_VARIABLE; 1637 1638 KASSERT(PPPOE_WLOCKED(sc)); 1639 1640 ACQUIRE_SPLNET(); 1641 1642 if (sc->sc_state < PPPOE_STATE_SESSION) 1643 err = EBUSY; 1644 else { 1645 pppoe_printf(sc, "disconnecting\n"); 1646 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1647 (const uint8_t *)&sc->sc_dest); 1648 } 1649 1650 /* cleanup softc */ 1651 sc->sc_state = PPPOE_STATE_INITIAL; 1652 1653 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1654 if (sc->sc_ac_cookie) { 1655 free(sc->sc_ac_cookie, M_DEVBUF); 1656 sc->sc_ac_cookie = NULL; 1657 } 1658 sc->sc_ac_cookie_len = 0; 1659 if (sc->sc_relay_sid) { 1660 free(sc->sc_relay_sid, M_DEVBUF); 1661 sc->sc_relay_sid = NULL; 1662 } 1663 sc->sc_relay_sid_len = 0; 1664#ifdef PPPOE_SERVER 1665 if (sc->sc_hunique) { 1666 free(sc->sc_hunique, M_DEVBUF); 1667 sc->sc_hunique = NULL; 1668 } 1669 sc->sc_hunique_len = 0; 1670#endif 1671 sc->sc_session = 0; 1672 1673 PPPOE_UNLOCK(sc); 1674 1675 /* notify upper layer */ 1676 sc->sc_sppp.pp_down(&sc->sc_sppp); 1677 1678 PPPOE_LOCK(sc, RW_WRITER); 1679 1680 RELEASE_SPLNET(); 1681 return err; 1682} 1683 1684/* Connection attempt aborted */ 1685static void 1686pppoe_abort_connect(struct pppoe_softc *sc) 1687{ 1688 KASSERT(PPPOE_WLOCKED(sc)); 1689 1690 pppoe_printf(sc, "could not establish connection\n"); 1691 sc->sc_state = PPPOE_STATE_CLOSING; 1692 1693 PPPOE_UNLOCK(sc); 1694 1695 /* notify upper layer */ 1696 sc->sc_sppp.pp_down(&sc->sc_sppp); 1697 1698 PPPOE_LOCK(sc, RW_WRITER); 1699 1700 /* clear connection state */ 1701 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1702 sc->sc_state = PPPOE_STATE_INITIAL; 1703} 1704 1705static int 1706pppoe_send_padr(struct pppoe_softc *sc) 1707{ 1708 struct mbuf *m0; 1709 uint8_t *p; 1710 size_t len, l1 = 0; 1711 1712 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1713 return EIO; 1714 1715 /* Compute packet length. */ 1716 len = sizeof(struct pppoetag); 1717 if (sc->sc_service_name != NULL) { 1718 l1 = strlen(sc->sc_service_name); 1719 len += l1; 1720 } 1721 if (sc->sc_ac_cookie_len > 0) { 1722 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1723 } 1724 if (sc->sc_relay_sid_len > 0) { 1725 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1726 } 1727 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1728 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1729 len += sizeof(struct pppoetag) + 2; 1730 } 1731 1732 /* Allocate packet. */ 1733 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1734 if (m0 == NULL) 1735 return ENOBUFS; 1736 1737 /* Fill in packet. */ 1738 p = mtod(m0, uint8_t *); 1739 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1740 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1741 if (sc->sc_service_name != NULL) { 1742 PPPOE_ADD_16(p, l1); 1743 memcpy(p, sc->sc_service_name, l1); 1744 p += l1; 1745 } else { 1746 PPPOE_ADD_16(p, 0); 1747 } 1748 if (sc->sc_ac_cookie_len > 0) { 1749 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1750 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1751 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1752 p += sc->sc_ac_cookie_len; 1753 } 1754 if (sc->sc_relay_sid_len > 0) { 1755 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1756 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1757 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1758 p += sc->sc_relay_sid_len; 1759 } 1760 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1761 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1762 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1763 p += sizeof(sc->sc_id); 1764 1765 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1766 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1767 PPPOE_ADD_16(p, 2); 1768 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1769 } 1770 1771#ifdef PPPOE_DEBUG 1772 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1773 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1774 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1775#endif 1776 1777 /* Send packet. */ 1778 return pppoe_output(sc, m0); 1779} 1780 1781/* send a PADT packet */ 1782static int 1783pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1784{ 1785 struct ether_header *eh; 1786 struct sockaddr dst; 1787 struct mbuf *m0; 1788 uint8_t *p; 1789 1790 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1791 if (!m0) 1792 return EIO; 1793 p = mtod(m0, uint8_t *); 1794 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1795 1796 memset(&dst, 0, sizeof dst); 1797 dst.sa_family = AF_UNSPEC; 1798 eh = (struct ether_header*)&dst.sa_data; 1799 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1800 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1801 1802 m0->m_flags &= ~(M_BCAST|M_MCAST); 1803 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1804} 1805 1806#ifdef PPPOE_SERVER 1807static int 1808pppoe_send_pado(struct pppoe_softc *sc) 1809{ 1810 struct mbuf *m0; 1811 uint8_t *p; 1812 size_t len; 1813 1814 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1815 return EIO; 1816 1817 /* Include AC cookie. */ 1818 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1819 /* Include hunique. */ 1820 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1821 1822 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1823 if (!m0) 1824 return EIO; 1825 p = mtod(m0, uint8_t *); 1826 1827 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1828 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1829 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1830 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1831 p += sizeof(sc->sc_id); 1832 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1833 PPPOE_ADD_16(p, sc->sc_hunique_len); 1834 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1835 return pppoe_output(sc, m0); 1836} 1837 1838static int 1839pppoe_send_pads(struct pppoe_softc *sc) 1840{ 1841 struct bintime bt; 1842 struct mbuf *m0; 1843 uint8_t *p; 1844 size_t len, l1 = 0; /* XXX: gcc */ 1845 1846 KASSERT(PPPOE_WLOCKED(sc)); 1847 1848 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1849 return EIO; 1850 1851 getbinuptime(&bt); 1852 sc->sc_session = bt.sec % 0xff + 1; 1853 1854 /* Include service name. */ 1855 len = sizeof(struct pppoetag); 1856 if (sc->sc_service_name != NULL) { 1857 l1 = strlen(sc->sc_service_name); 1858 len += l1; 1859 } 1860 /* Include hunique. */ 1861 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1862 1863 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1864 if (!m0) 1865 return ENOBUFS; 1866 p = mtod(m0, uint8_t *); 1867 1868 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1869 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1870 if (sc->sc_service_name != NULL) { 1871 PPPOE_ADD_16(p, l1); 1872 memcpy(p, sc->sc_service_name, l1); 1873 p += l1; 1874 } else { 1875 PPPOE_ADD_16(p, 0); 1876 } 1877 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1878 PPPOE_ADD_16(p, sc->sc_hunique_len); 1879 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1880 return pppoe_output(sc, m0); 1881} 1882#endif 1883 1884static void 1885pppoe_tls(struct sppp *sp) 1886{ 1887 struct pppoe_softc *sc = (void *)sp; 1888 int wtime; 1889 1890 PPPOE_LOCK(sc, RW_READER); 1891 1892 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1893 PPPOE_UNLOCK(sc); 1894 return; 1895 } 1896 1897 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1898 sc->sc_sppp.pp_auth_failures > 0) { 1899 /* 1900 * Delay trying to reconnect a bit more - the peer 1901 * might have failed to contact its radius server. 1902 */ 1903 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1904 if (wtime > PPPOE_SLOW_RETRY) 1905 wtime = PPPOE_SLOW_RETRY; 1906 } else { 1907 wtime = PPPOE_RECON_IMMEDIATE; 1908 } 1909 callout_schedule(&sc->sc_timeout, wtime); 1910 1911 PPPOE_UNLOCK(sc); 1912} 1913 1914static void 1915pppoe_tlf(struct sppp *sp) 1916{ 1917 struct pppoe_softc *sc = (void *)sp; 1918 1919 PPPOE_LOCK(sc, RW_WRITER); 1920 1921 if (sc->sc_state < PPPOE_STATE_SESSION) { 1922 callout_stop(&sc->sc_timeout); 1923 sc->sc_state = PPPOE_STATE_INITIAL; 1924 sc->sc_padi_retried = 0; 1925 sc->sc_padr_retried = 0; 1926 memcpy(&sc->sc_dest, etherbroadcastaddr, 1927 sizeof(sc->sc_dest)); 1928 PPPOE_UNLOCK(sc); 1929 return; 1930 } 1931 1932 /* 1933 * Do not call pppoe_disconnect here, the upper layer state 1934 * machine gets confused by this. We must return from this 1935 * function and defer disconnecting to the timeout handler. 1936 */ 1937 sc->sc_state = PPPOE_STATE_CLOSING; 1938 1939 callout_schedule(&sc->sc_timeout, hz/50); 1940 1941 PPPOE_UNLOCK(sc); 1942} 1943 1944static void 1945pppoe_start(struct ifnet *ifp) 1946{ 1947 struct pppoe_softc *sc = (void *)ifp; 1948 struct mbuf *m; 1949 uint8_t *p; 1950 size_t len; 1951 1952 if (sppp_isempty(ifp)) 1953 return; 1954 1955 /* are we ready to process data yet? */ 1956 PPPOE_LOCK(sc, RW_READER); 1957 if (sc->sc_state < PPPOE_STATE_SESSION) { 1958 sppp_flush(&sc->sc_sppp.pp_if); 1959 PPPOE_UNLOCK(sc); 1960 return; 1961 } 1962 1963 while ((m = sppp_dequeue(ifp)) != NULL) { 1964 len = m->m_pkthdr.len; 1965 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1966 if (m == NULL) { 1967 if_statinc(ifp, if_oerrors); 1968 continue; 1969 } 1970 p = mtod(m, uint8_t *); 1971 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1972 1973 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1974 1975 pppoe_output(sc, m); 1976 } 1977 PPPOE_UNLOCK(sc); 1978} 1979 1980#ifdef PPPOE_MPSAFE 1981static int 1982pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1983{ 1984 struct pppoe_softc *sc = (void *)ifp; 1985 uint8_t *p; 1986 size_t len; 1987 1988 if (m == NULL) 1989 return EINVAL; 1990 1991 /* are we ready to process data yet? */ 1992 PPPOE_LOCK(sc, RW_READER); 1993 if (sc->sc_state < PPPOE_STATE_SESSION) { 1994 PPPOE_UNLOCK(sc); 1995 m_freem(m); 1996 return ENOBUFS; 1997 } 1998 1999 len = m->m_pkthdr.len; 2000 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 2001 if (m == NULL) { 2002 PPPOE_UNLOCK(sc); 2003 if_statinc(ifp, if_oerrors); 2004 return ENETDOWN; 2005 } 2006 p = mtod(m, uint8_t *); 2007 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 2008 2009 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 2010 2011 pppoe_output(sc, m); 2012 PPPOE_UNLOCK(sc); 2013 return 0; 2014} 2015#endif /* PPPOE_MPSAFE */ 2016 2017static void 2018pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 2019{ 2020 struct ifnet *ifp = arg2; 2021 struct pppoe_softc *sc; 2022 DECLARE_SPLNET_VARIABLE; 2023 2024 if (cmd != PFIL_IFNET_DETACH) 2025 return; 2026 2027 ACQUIRE_SPLNET(); 2028 rw_enter(&pppoe_softc_list_lock, RW_READER); 2029 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 2030 PPPOE_LOCK(sc, RW_WRITER); 2031 if (sc->sc_eth_if != ifp) { 2032 PPPOE_UNLOCK(sc); 2033 continue; 2034 } 2035 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 2036 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 2037 pppoe_printf(sc, 2038 "ethernet interface detached, going down\n"); 2039 } 2040 sc->sc_eth_if = NULL; 2041 pppoe_clear_softc(sc, "ethernet interface detached"); 2042 PPPOE_UNLOCK(sc); 2043 } 2044 rw_exit(&pppoe_softc_list_lock); 2045 RELEASE_SPLNET(); 2046} 2047 2048static void 2049pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 2050{ 2051 KASSERT(PPPOE_WLOCKED(sc)); 2052 2053 /* stop timer */ 2054 callout_stop(&sc->sc_timeout); 2055 pppoe_printf(sc, "session 0x%x terminated, %s\n", 2056 sc->sc_session, message); 2057 2058 /* fix our state */ 2059 sc->sc_state = PPPOE_STATE_INITIAL; 2060 2061 PPPOE_UNLOCK(sc); 2062 2063 /* signal upper layer */ 2064 sc->sc_sppp.pp_down(&sc->sc_sppp); 2065 2066 PPPOE_LOCK(sc, RW_WRITER); 2067 2068 /* clean up softc */ 2069 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 2070 if (sc->sc_ac_cookie) { 2071 free(sc->sc_ac_cookie, M_DEVBUF); 2072 sc->sc_ac_cookie = NULL; 2073 } 2074 if (sc->sc_relay_sid) { 2075 free(sc->sc_relay_sid, M_DEVBUF); 2076 sc->sc_relay_sid = NULL; 2077 } 2078 sc->sc_ac_cookie_len = 0; 2079 sc->sc_session = 0; 2080} 2081 2082static void 2083pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2084{ 2085 if (m->m_flags & M_PROMISC) { 2086 m_freem(m); 2087 return; 2088 } 2089 2090#ifndef PPPOE_SERVER 2091 if (m->m_flags & (M_MCAST | M_BCAST)) { 2092 m_freem(m); 2093 return; 2094 } 2095#endif 2096 2097 IFQ_LOCK(inq); 2098 if (IF_QFULL(inq)) { 2099 IF_DROP(inq); 2100 IFQ_UNLOCK(inq); 2101 m_freem(m); 2102 } else { 2103 IF_ENQUEUE(inq, m); 2104 IFQ_UNLOCK(inq); 2105 softint_schedule(pppoe_softintr); 2106 } 2107 return; 2108} 2109 2110void 2111pppoe_input(struct ifnet *ifp, struct mbuf *m) 2112{ 2113 pppoe_enqueue(&ppoeinq, m); 2114 return; 2115} 2116 2117void 2118pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2119{ 2120 pppoe_enqueue(&ppoediscinq, m); 2121 return; 2122} 2123 2124static void 2125sysctl_net_pppoe_setup(struct sysctllog **clog) 2126{ 2127 const struct sysctlnode *node = NULL; 2128 2129 sysctl_createv(clog, 0, NULL, &node, 2130 CTLFLAG_PERMANENT, 2131 CTLTYPE_NODE, "pppoe", 2132 SYSCTL_DESCR("PPPOE protocol"), 2133 NULL, 0, NULL, 0, 2134 CTL_NET, CTL_CREATE, CTL_EOL); 2135 2136 if (node == NULL) 2137 return; 2138 2139 sysctl_createv(clog, 0, &node, NULL, 2140 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2141 CTLTYPE_BOOL, "term_unknown", 2142 SYSCTL_DESCR("Terminate unknown sessions"), 2143 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2144 CTL_CREATE, CTL_EOL); 2145} 2146 2147/* 2148 * Module infrastructure 2149 */ 2150#include "if_module.h" 2151 2152IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2153