if_pppoe.c revision 1.171
1/* $NetBSD: if_pppoe.c,v 1.171 2021/05/13 01:01:10 yamaguchi Exp $ */ 2 3/* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32#include <sys/cdefs.h> 33__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.171 2021/05/13 01:01:10 yamaguchi Exp $"); 34 35#ifdef _KERNEL_OPT 36#include "pppoe.h" 37#include "opt_pppoe.h" 38#include "opt_net_mpsafe.h" 39#endif 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/kernel.h> 44#include <sys/atomic.h> 45#include <sys/callout.h> 46#include <sys/malloc.h> 47#include <sys/mbuf.h> 48#include <sys/socket.h> 49#include <sys/proc.h> 50#include <sys/ioctl.h> 51#include <sys/kauth.h> 52#include <sys/intr.h> 53#include <sys/socketvar.h> 54#include <sys/device.h> 55#include <sys/module.h> 56#include <sys/sysctl.h> 57#include <sys/rwlock.h> 58#include <sys/mutex.h> 59#include <sys/psref.h> 60#include <sys/cprng.h> 61#include <sys/workqueue.h> 62 63#include <net/if.h> 64#include <net/if_types.h> 65#include <net/if_ether.h> 66#include <net/if_sppp.h> 67#include <net/if_spppvar.h> 68#include <net/if_pppoe.h> 69#include <net/if_dl.h> 70 71#include <net/bpf.h> 72 73#include "ioconf.h" 74 75#ifdef NET_MPSAFE 76#define PPPOE_MPSAFE 1 77#endif 78 79struct pppoehdr { 80 uint8_t vertype; 81 uint8_t code; 82 uint16_t session; 83 uint16_t plen; 84} __packed; 85 86struct pppoetag { 87 uint16_t tag; 88 uint16_t len; 89} __packed; 90 91#define PPPOE_HEADERLEN sizeof(struct pppoehdr) 92#define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 93#define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 94 95#define PPPOE_TAG_EOL 0x0000 /* end of list */ 96#define PPPOE_TAG_SNAME 0x0101 /* service name */ 97#define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 98#define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 99#define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 100#define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 101#define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 102#define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 103#define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 104#define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 105#define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 106 107#define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 108#define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 109#define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 110#define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 111#define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 112 113/* two byte PPP protocol discriminator, then IP data */ 114#define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 115 116/* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 117#define PPPOE_ADD_16(PTR, VAL) \ 118 *(PTR)++ = (VAL) / 256; \ 119 *(PTR)++ = (VAL) % 256 120 121/* Add a complete PPPoE header to the buffer pointed to by PTR */ 122#define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 123 *(PTR)++ = PPPOE_VERTYPE; \ 124 *(PTR)++ = (CODE); \ 125 PPPOE_ADD_16(PTR, SESS); \ 126 PPPOE_ADD_16(PTR, LEN) 127 128#define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 129#define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 130#define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 131#define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 132#define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 133#define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 134 135#ifdef PPPOE_SERVER 136/* from if_spppsubr.c */ 137#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 138#endif 139 140#define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 141#define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 142#define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 143 144#ifdef PPPOE_MPSAFE 145#define DECLARE_SPLNET_VARIABLE 146#define ACQUIRE_SPLNET() do { } while (0) 147#define RELEASE_SPLNET() do { } while (0) 148#else 149#define DECLARE_SPLNET_VARIABLE int __s 150#define ACQUIRE_SPLNET() do { \ 151 __s = splnet(); \ 152 } while (0) 153#define RELEASE_SPLNET() do { \ 154 splx(__s); \ 155 } while (0) 156#endif 157 158#ifdef PPPOE_DEBUG 159#define DPRINTF(_sc, _fmt, _arg...) pppoe_printf((_sc), (_fmt), ##_arg) 160#else 161#define DPRINTF(_sc, _fmt, _arg...) __nothing 162#endif 163 164struct pppoe_softc { 165 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 166 LIST_ENTRY(pppoe_softc) sc_list; 167 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 168 169 uint64_t sc_id; /* id of this softc, our hunique */ 170 int sc_state; /* discovery phase or session connected */ 171 struct ether_addr sc_dest; /* hardware address of concentrator */ 172 uint16_t sc_session; /* PPPoE session id */ 173 174 char *sc_service_name; /* if != NULL: requested name of service */ 175 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 176 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 177 size_t sc_ac_cookie_len; /* length of cookie data */ 178 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 179 size_t sc_relay_sid_len; /* length of relay SID data */ 180#ifdef PPPOE_SERVER 181 uint8_t *sc_hunique; /* content of host unique we must echo back */ 182 size_t sc_hunique_len; /* length of host unique */ 183#endif 184 callout_t sc_timeout; /* timeout while not in session state */ 185 struct workqueue *sc_timeout_wq; /* workqueue for timeout */ 186 struct work sc_timeout_wk; 187 u_int sc_timeout_scheduled; 188 int sc_padi_retried; /* number of PADI retries already done */ 189 int sc_padr_retried; /* number of PADR retries already done */ 190 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 191 bool sc_detaching; 192}; 193 194/* incoming traffic will be queued here */ 195struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 196struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 197 198void *pppoe_softintr = NULL; 199static void pppoe_softintr_handler(void *); 200 201extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 202 203/* input routines */ 204static void pppoeintr(void); 205static void pppoe_disc_input(struct mbuf *); 206static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 207static void pppoe_data_input(struct mbuf *); 208static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 209 210/* management routines */ 211static int pppoe_connect(struct pppoe_softc *); 212static int pppoe_disconnect(struct pppoe_softc *); 213static void pppoe_abort_connect(struct pppoe_softc *); 214static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 215static void pppoe_tls(struct sppp *); 216static void pppoe_tlf(struct sppp *); 217static void pppoe_start(struct ifnet *); 218#ifdef PPPOE_MPSAFE 219static int pppoe_transmit(struct ifnet *, struct mbuf *); 220#endif 221static void pppoe_clear_softc(struct pppoe_softc *, const char *); 222static void pppoe_printf(struct pppoe_softc *, const char *, ...); 223 224/* internal timeout handling */ 225static void pppoe_timeout_co(void *); 226static void pppoe_timeout_co_halt(void *); 227static void pppoe_timeout_wk(struct work *, void *); 228static void pppoe_timeout(struct pppoe_softc *); 229 230/* sending actual protocol controll packets */ 231static int pppoe_send_padi(struct pppoe_softc *); 232static int pppoe_send_padr(struct pppoe_softc *); 233#ifdef PPPOE_SERVER 234static int pppoe_send_pado(struct pppoe_softc *); 235static int pppoe_send_pads(struct pppoe_softc *); 236#endif 237static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 238 239/* raw output */ 240static int pppoe_output(struct pppoe_softc *, struct mbuf *); 241 242/* internal helper functions */ 243static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 244 krw_t); 245static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 246 struct ifnet *, krw_t); 247static struct mbuf *pppoe_get_mbuf(size_t len); 248 249static void pppoe_ifattach_hook(void *, unsigned long, void *); 250 251static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 252static krwlock_t pppoe_softc_list_lock; 253 254static int pppoe_clone_create(struct if_clone *, int); 255static int pppoe_clone_destroy(struct ifnet *); 256 257static bool pppoe_term_unknown = false; 258static int pppoe_term_unknown_pps = 1; 259 260static struct sysctllog *pppoe_sysctl_clog; 261static void sysctl_net_pppoe_setup(struct sysctllog **); 262 263static struct if_clone pppoe_cloner = 264 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 265 266/* ARGSUSED */ 267void 268pppoeattach(int count) 269{ 270 271 /* 272 * Nothing to do here, initialization is handled by the 273 * module initialization code in pppoeinit() below). 274 */ 275} 276 277static void 278pppoeinit(void) 279{ 280 281 LIST_INIT(&pppoe_softc_list); 282 rw_init(&pppoe_softc_list_lock); 283 if_clone_attach(&pppoe_cloner); 284 285 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 286 pppoe_softintr_handler, NULL); 287 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 288 289 IFQ_LOCK_INIT(&ppoediscinq); 290 IFQ_LOCK_INIT(&ppoeinq); 291} 292 293static int 294pppoedetach(void) 295{ 296 int error = 0; 297 298 rw_enter(&pppoe_softc_list_lock, RW_READER); 299 if (!LIST_EMPTY(&pppoe_softc_list)) { 300 rw_exit(&pppoe_softc_list_lock); 301 error = EBUSY; 302 } 303 304 if (error == 0) { 305 if_clone_detach(&pppoe_cloner); 306 softint_disestablish(pppoe_softintr); 307 /* Remove our sysctl sub-tree */ 308 sysctl_teardown(&pppoe_sysctl_clog); 309 } 310 311 return error; 312} 313 314static void 315pppoe_softc_genid(uint64_t *id) 316{ 317 struct pppoe_softc *sc; 318 uint64_t rndid; 319 320 rw_enter(&pppoe_softc_list_lock, RW_READER); 321 322 while (1) { 323 rndid = cprng_strong64(); 324 325 sc = NULL; 326 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 327 if (sc->sc_id == rndid) 328 break; 329 } 330 if (sc == NULL) { 331 break; 332 } 333 } 334 335 rw_exit(&pppoe_softc_list_lock); 336 *id = rndid; 337} 338 339static int 340pppoe_clone_create(struct if_clone *ifc, int unit) 341{ 342 struct pppoe_softc *sc; 343 struct ifnet *ifp; 344 int rv; 345 346 sc = kmem_zalloc(sizeof(*sc), KM_SLEEP); 347 ifp = &sc->sc_sppp.pp_if; 348 349 rw_init(&sc->sc_lock); 350 pppoe_softc_genid(&sc->sc_id); 351 /* changed to real address later */ 352 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 353 354 if_initname(ifp, "pppoe", unit); 355 ifp->if_softc = sc; 356 ifp->if_mtu = PPPOE_MAXMTU; 357 ifp->if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 358#ifdef PPPOE_MPSAFE 359 ifp->if_extflags = IFEF_MPSAFE; 360#endif 361 ifp->if_type = IFT_PPP; 362 ifp->if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 363 ifp->if_dlt = DLT_PPP_ETHER; 364 ifp->if_ioctl = pppoe_ioctl; 365 ifp->if_start = pppoe_start; 366#ifdef PPPOE_MPSAFE 367 ifp->if_transmit = pppoe_transmit; 368#endif 369 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 370 IFQ_SET_READY(&ifp->if_snd); 371 372 sc->sc_sppp.pp_tls = pppoe_tls; 373 sc->sc_sppp.pp_tlf = pppoe_tlf; 374 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 375 PP_NOFRAMING; /* no serial encapsulation */ 376 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 377 378 rv = workqueue_create(&sc->sc_timeout_wq, 379 ifp->if_xname, pppoe_timeout_wk, sc, 380 PRI_SOFTNET, IPL_SOFTNET, 0); 381 if (rv != 0) 382 goto destroy_sclock; 383 384 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 385 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co, sc); 386 387 rv = if_initialize(ifp); 388 if (rv != 0) 389 goto destroy_timeout; 390 391 ifp->if_percpuq = if_percpuq_create(ifp); 392 393 rw_enter(&pppoe_softc_list_lock, RW_READER); 394 if (LIST_EMPTY(&pppoe_softc_list)) { 395 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 396 } 397 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 398 rw_exit(&pppoe_softc_list_lock); 399 400 sppp_attach(ifp); 401 bpf_attach(ifp, DLT_PPP_ETHER, 0); 402 if_register(ifp); 403 404 return 0; 405 406destroy_timeout: 407 callout_destroy(&sc->sc_timeout); 408 workqueue_destroy(sc->sc_timeout_wq); 409destroy_sclock: 410 rw_destroy(&sc->sc_lock); 411 kmem_free(sc, sizeof(*sc)); 412 413 return rv; 414} 415 416static int 417pppoe_clone_destroy(struct ifnet *ifp) 418{ 419 struct pppoe_softc * sc = ifp->if_softc; 420 421 PPPOE_LOCK(sc, RW_WRITER); 422 /* stop ioctls */ 423 sc->sc_detaching = true; 424 425 if (ifp->if_flags & IFF_RUNNING) { 426 pppoe_clear_softc(sc, "destroy interface"); 427 sc->sc_eth_if = NULL; 428 } 429 PPPOE_UNLOCK(sc); 430 431 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 432 LIST_REMOVE(sc, sc_list); 433 434 if (LIST_EMPTY(&pppoe_softc_list)) { 435 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 436 } 437 rw_exit(&pppoe_softc_list_lock); 438 439 bpf_detach(ifp); 440 sppp_detach(&sc->sc_sppp.pp_if); 441 if_detach(ifp); 442 443 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co_halt, sc); 444 445 workqueue_wait(sc->sc_timeout_wq, &sc->sc_timeout_wk); 446 workqueue_destroy(sc->sc_timeout_wq); 447 448 callout_halt(&sc->sc_timeout, NULL); 449 callout_destroy(&sc->sc_timeout); 450 451#ifdef PPPOE_SERVER 452 if (sc->sc_hunique) { 453 free(sc->sc_hunique, M_DEVBUF); 454 sc->sc_hunique = NULL; 455 sc->sc_hunique_len = 0; 456 } 457#endif 458 if (sc->sc_concentrator_name) 459 free(sc->sc_concentrator_name, M_DEVBUF); 460 if (sc->sc_service_name) 461 free(sc->sc_service_name, M_DEVBUF); 462 if (sc->sc_ac_cookie) 463 free(sc->sc_ac_cookie, M_DEVBUF); 464 if (sc->sc_relay_sid) 465 free(sc->sc_relay_sid, M_DEVBUF); 466 467 rw_destroy(&sc->sc_lock); 468 469 kmem_free(sc, sizeof(*sc)); 470 471 return 0; 472} 473 474static void 475pppoe_printf(struct pppoe_softc *sc, const char *fmt, ...) 476{ 477 va_list ap; 478 bool pppoe_debug; 479 480#ifdef PPPOE_DEBUG 481 pppoe_debug = true; 482#else 483 pppoe_debug = false; 484#endif 485 486 if (sc == NULL) { 487 if (!pppoe_debug) 488 return; 489 490 printf("pppoe: "); 491 } else { 492 if (!ISSET(sc->sc_sppp.pp_if.if_flags, IFF_DEBUG)) 493 return; 494 495 printf("%s: ", sc->sc_sppp.pp_if.if_xname); 496 } 497 498 va_start(ap, fmt); 499 vprintf(fmt, ap); 500 va_end(ap); 501} 502 503/* 504 * Find the interface handling the specified session. 505 * Note: O(number of sessions open), this is a client-side only, mean 506 * and lean implementation, so number of open sessions typically should 507 * be 1. 508 */ 509static struct pppoe_softc * 510pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 511{ 512 struct pppoe_softc *sc = NULL; 513 514 if (session == 0) 515 return NULL; 516 rw_enter(&pppoe_softc_list_lock, RW_READER); 517 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 518 PPPOE_LOCK(sc, lock); 519 if ( sc->sc_state == PPPOE_STATE_SESSION 520 && sc->sc_session == session 521 && sc->sc_eth_if == rcvif) 522 break; 523 524 PPPOE_UNLOCK(sc); 525 } 526 rw_exit(&pppoe_softc_list_lock); 527 return sc; 528} 529 530/* Check host unique token passed and return appropriate softc pointer, 531 * or NULL if token is bogus. */ 532static struct pppoe_softc * 533pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 534 struct ifnet *rcvif, krw_t lock) 535{ 536 struct pppoe_softc *sc; 537 uint64_t t; 538 539 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 540 541 rw_enter(&pppoe_softc_list_lock, RW_READER); 542 if (LIST_EMPTY(&pppoe_softc_list)) { 543 rw_exit(&pppoe_softc_list_lock); 544 return NULL; 545 } 546 547 if (len != sizeof(sc->sc_id)) { 548 rw_exit(&pppoe_softc_list_lock); 549 return NULL; 550 } 551 memcpy(&t, token, len); 552 553 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 554 PPPOE_LOCK(sc, lock); 555 if (sc->sc_id == t && sc->sc_eth_if != NULL) { 556 break; 557 } 558 PPPOE_UNLOCK(sc); 559 } 560 rw_exit(&pppoe_softc_list_lock); 561 562 if (sc == NULL) { 563 pppoe_printf(NULL, "alien host unique tag" 564 ", no session found\n"); 565 return NULL; 566 } 567 568 /* should be safe to access *sc now */ 569 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 570 pppoe_printf(sc, "host unique tag found" 571 ", but it belongs to a connection in state %d\n", 572 sc->sc_state); 573 PPPOE_UNLOCK(sc); 574 return NULL; 575 } 576 if (sc->sc_eth_if != rcvif) { 577 pppoe_printf(sc, "wrong interface, not accepting host unique\n"); 578 PPPOE_UNLOCK(sc); 579 return NULL; 580 } 581 return sc; 582} 583 584static void 585pppoe_softintr_handler(void *dummy) 586{ 587 /* called at splsoftnet() */ 588 pppoeintr(); 589} 590 591/* called at appropriate protection level */ 592static void 593pppoeintr(void) 594{ 595 struct mbuf *m; 596 int disc_done, data_done; 597 598 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 599 600 do { 601 disc_done = 0; 602 data_done = 0; 603 for (;;) { 604 IFQ_LOCK(&ppoediscinq); 605 IF_DEQUEUE(&ppoediscinq, m); 606 IFQ_UNLOCK(&ppoediscinq); 607 if (m == NULL) 608 break; 609 disc_done = 1; 610 pppoe_disc_input(m); 611 } 612 613 for (;;) { 614 IFQ_LOCK(&ppoeinq); 615 IF_DEQUEUE(&ppoeinq, m); 616 IFQ_UNLOCK(&ppoeinq); 617 if (m == NULL) 618 break; 619 data_done = 1; 620 pppoe_data_input(m); 621 } 622 } while (disc_done || data_done); 623 624 if (!IF_IS_EMPTY(&ppoediscinq) || !IF_IS_EMPTY(&ppoeinq)) 625 softint_schedule(pppoe_softintr); 626 627 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 628} 629 630/* analyze and handle a single received packet while not in session state */ 631static void 632pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 633{ 634 uint16_t tag, len; 635 uint16_t session, plen; 636 struct pppoe_softc *sc; 637 const char *err_msg; 638 char *error; 639 size_t dlen; 640 uint8_t *ac_cookie; 641 size_t ac_cookie_len; 642 uint8_t *relay_sid; 643 size_t relay_sid_len; 644 uint8_t *hunique; 645 size_t hunique_len; 646 struct pppoehdr *ph; 647 struct pppoetag *pt; 648 struct mbuf *n; 649 int noff, err, errortag; 650 struct ether_header *eh; 651 struct ifnet *rcvif; 652 struct psref psref; 653 654 if (m->m_len < sizeof(*eh)) { 655 m = m_pullup(m, sizeof(*eh)); 656 if (m == NULL) 657 goto done; 658 } 659 eh = mtod(m, struct ether_header *); 660 off += sizeof(*eh); 661 662 if (m->m_pkthdr.len - off < PPPOE_HEADERLEN) { 663 goto done; 664 } 665 666 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 667 if (ph == NULL) { 668 goto done; 669 } 670 if (ph->vertype != PPPOE_VERTYPE) { 671 goto done; 672 } 673 674 ac_cookie = NULL; 675 ac_cookie_len = 0; 676 relay_sid = NULL; 677 relay_sid_len = 0; 678 hunique = NULL; 679 hunique_len = 0; 680 681 session = ntohs(ph->session); 682 plen = ntohs(ph->plen); 683 off += sizeof(*ph); 684 685 if (plen + off > m->m_pkthdr.len) { 686 goto done; 687 } 688 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 689 690 tag = 0; 691 len = 0; 692 sc = NULL; 693 err_msg = NULL; 694 errortag = 0; 695 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 696 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 697 if (pt == NULL) { 698 goto done; 699 } 700 701 tag = ntohs(pt->tag); 702 len = ntohs(pt->len); 703 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 704 goto done; 705 } 706 switch (tag) { 707 case PPPOE_TAG_EOL: 708 goto breakbreak; 709 case PPPOE_TAG_SNAME: 710 break; /* ignored */ 711 case PPPOE_TAG_ACNAME: 712 if (len > 0) { 713 dlen = 4 * len + 1; 714 error = malloc(dlen, M_TEMP, M_NOWAIT); 715 if (error == NULL) 716 break; 717 718 n = m_pulldown(m, off + sizeof(*pt), len, 719 &noff); 720 if (!n) { 721 m = NULL; 722 free(error, M_TEMP); 723 goto done; 724 } 725 726 strnvisx(error, dlen, 727 mtod(n, char*) + noff, len, 728 VIS_SAFE | VIS_OCTAL); 729 pppoe_printf(NULL, "connected to %s\n", error); 730 free(error, M_TEMP); 731 } 732 break; /* ignored */ 733 case PPPOE_TAG_HUNIQUE: 734 if (hunique == NULL) { 735 n = m_pulldown(m, off + sizeof(*pt), len, 736 &noff); 737 if (!n) { 738 m = NULL; 739 err_msg = "TAG HUNIQUE ERROR"; 740 break; 741 } 742 743 hunique = mtod(n, uint8_t *) + noff; 744 hunique_len = len; 745 } 746 break; 747 case PPPOE_TAG_ACCOOKIE: 748 if (ac_cookie == NULL) { 749 n = m_pulldown(m, off + sizeof(*pt), len, 750 &noff); 751 if (!n) { 752 err_msg = "TAG ACCOOKIE ERROR"; 753 m = NULL; 754 break; 755 } 756 ac_cookie = mtod(n, char *) + noff; 757 ac_cookie_len = len; 758 } 759 break; 760 case PPPOE_TAG_RELAYSID: 761 if (relay_sid == NULL) { 762 n = m_pulldown(m, off + sizeof(*pt), len, 763 &noff); 764 if (!n) { 765 err_msg = "TAG RELAYSID ERROR"; 766 m = NULL; 767 break; 768 } 769 relay_sid = mtod(n, char *) + noff; 770 relay_sid_len = len; 771 } 772 break; 773 case PPPOE_TAG_SNAME_ERR: 774 err_msg = "SERVICE NAME ERROR"; 775 errortag = 1; 776 break; 777 case PPPOE_TAG_ACSYS_ERR: 778 err_msg = "AC SYSTEM ERROR"; 779 errortag = 1; 780 break; 781 case PPPOE_TAG_GENERIC_ERR: 782 err_msg = "GENERIC ERROR"; 783 errortag = 1; 784 break; 785 } 786 if (err_msg) { 787 error = NULL; 788 if (errortag && len) { 789 dlen = 4 * len + 1; 790 error = malloc(dlen, M_TEMP, 791 M_NOWAIT|M_ZERO); 792 n = m_pulldown(m, off + sizeof(*pt), len, 793 &noff); 794 if (!n) { 795 m = NULL; 796 } else if (error) { 797 strnvisx(error, dlen, 798 mtod(n, char*) + noff, len, 799 VIS_SAFE | VIS_OCTAL); 800 } 801 } 802 if (error) { 803 pppoe_printf(NULL, "%s: %s\n", err_msg, error); 804 free(error, M_TEMP); 805 } else 806 pppoe_printf(NULL, "%s\n", err_msg); 807 if (errortag || m == NULL) 808 goto done; 809 } 810 off += sizeof(*pt) + len; 811 } 812breakbreak:; 813 814 switch (ph->code) { 815 case PPPOE_CODE_PADI: 816#ifdef PPPOE_SERVER 817 /* 818 * got service name, concentrator name, and/or host unique. 819 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 820 */ 821 rw_enter(&pppoe_softc_list_lock, RW_READER); 822 if (LIST_EMPTY(&pppoe_softc_list)) { 823 rw_exit(&pppoe_softc_list_lock); 824 goto done; 825 } 826 827 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 828 PPPOE_LOCK(sc, RW_WRITER); 829 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 830 PPPOE_UNLOCK(sc); 831 continue; 832 } 833 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 834 PPPOE_UNLOCK(sc); 835 continue; 836 } 837 838 if (sc->sc_state == PPPOE_STATE_INITIAL) 839 break; 840 841 PPPOE_UNLOCK(sc); 842 } 843 rw_exit(&pppoe_softc_list_lock); 844 845 if (sc == NULL) { 846 goto done; 847 } 848 849 if (hunique) { 850 if (sc->sc_hunique) 851 free(sc->sc_hunique, M_DEVBUF); 852 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 853 M_DONTWAIT); 854 if (sc->sc_hunique == NULL) { 855 PPPOE_UNLOCK(sc); 856 goto done; 857 } 858 sc->sc_hunique_len = hunique_len; 859 memcpy(sc->sc_hunique, hunique, hunique_len); 860 } 861 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 862 sc->sc_state = PPPOE_STATE_PADO_SENT; 863 pppoe_send_pado(sc); 864 PPPOE_UNLOCK(sc); 865 break; 866#endif /* PPPOE_SERVER */ 867 868 case PPPOE_CODE_PADR: 869#ifdef PPPOE_SERVER 870 /* 871 * get sc from ac_cookie if IFF_PASSIVE 872 */ 873 if (ac_cookie == NULL) { 874 goto done; 875 } 876 877 rcvif = m_get_rcvif_psref(m, &psref); 878 if (__predict_true(rcvif != NULL)) { 879 sc = pppoe_find_softc_by_hunique(ac_cookie, 880 ac_cookie_len, rcvif, RW_WRITER); 881 } 882 m_put_rcvif_psref(rcvif, &psref); 883 if (sc == NULL) { 884 /* be quiet if there is not a single pppoe instance */ 885 rw_enter(&pppoe_softc_list_lock, RW_READER); 886 if (!LIST_EMPTY(&pppoe_softc_list)) { 887 pppoe_printf(NULL, "received PADR" 888 " but could not find request for it\n"); 889 } 890 rw_exit(&pppoe_softc_list_lock); 891 goto done; 892 } 893 894 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 895 pppoe_printf(sc, "received unexpected PADR\n"); 896 PPPOE_UNLOCK(sc); 897 goto done; 898 } 899 900 if (hunique) { 901 if (sc->sc_hunique) 902 free(sc->sc_hunique, M_DEVBUF); 903 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 904 M_DONTWAIT); 905 if (sc->sc_hunique == NULL) { 906 PPPOE_UNLOCK(sc); 907 goto done; 908 } 909 sc->sc_hunique_len = hunique_len; 910 memcpy(sc->sc_hunique, hunique, hunique_len); 911 } 912 pppoe_send_pads(sc); 913 sc->sc_state = PPPOE_STATE_SESSION; 914 PPPOE_UNLOCK(sc); 915 916 sc->sc_sppp.pp_up(&sc->sc_sppp); 917 break; 918#else 919 /* ignore, we are no access concentrator */ 920 goto done; 921#endif /* PPPOE_SERVER */ 922 923 case PPPOE_CODE_PADO: 924 rcvif = m_get_rcvif_psref(m, &psref); 925 if (__predict_false(rcvif == NULL)) 926 goto done; 927 928 if (hunique != NULL) { 929 sc = pppoe_find_softc_by_hunique(hunique, 930 hunique_len, rcvif, RW_WRITER); 931 } 932 933 m_put_rcvif_psref(rcvif, &psref); 934 935 if (sc == NULL) { 936 /* be quiet if there is not a single pppoe instance */ 937 rw_enter(&pppoe_softc_list_lock, RW_READER); 938 if (!LIST_EMPTY(&pppoe_softc_list)) { 939 pppoe_printf(NULL, "received PADO" 940 " but could not find request for it\n"); 941 } 942 rw_exit(&pppoe_softc_list_lock); 943 goto done; 944 } 945 946 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 947 pppoe_printf(sc, "received unexpected PADO\n"); 948 PPPOE_UNLOCK(sc); 949 goto done; 950 } 951 952 if (ac_cookie) { 953 if (sc->sc_ac_cookie) 954 free(sc->sc_ac_cookie, M_DEVBUF); 955 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 956 M_DONTWAIT); 957 if (sc->sc_ac_cookie == NULL) { 958 pppoe_printf(sc, "FATAL: could not allocate memory " 959 "for AC cookie\n"); 960 PPPOE_UNLOCK(sc); 961 goto done; 962 } 963 sc->sc_ac_cookie_len = ac_cookie_len; 964 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 965 } 966 if (relay_sid) { 967 if (sc->sc_relay_sid) 968 free(sc->sc_relay_sid, M_DEVBUF); 969 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 970 M_DONTWAIT); 971 if (sc->sc_relay_sid == NULL) { 972 pppoe_printf(sc, "FATAL: could not allocate memory " 973 "for relay SID\n"); 974 PPPOE_UNLOCK(sc); 975 goto done; 976 } 977 sc->sc_relay_sid_len = relay_sid_len; 978 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 979 } 980 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 981 callout_stop(&sc->sc_timeout); 982 sc->sc_padr_retried = 0; 983 sc->sc_state = PPPOE_STATE_PADR_SENT; 984 if ((err = pppoe_send_padr(sc)) != 0) { 985 pppoe_printf(sc, 986 "failed to send PADR, error=%d\n", err); 987 } 988 callout_schedule(&sc->sc_timeout, 989 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 990 991 PPPOE_UNLOCK(sc); 992 break; 993 994 case PPPOE_CODE_PADS: 995 rcvif = m_get_rcvif_psref(m, &psref); 996 if (__predict_false(rcvif == NULL)) 997 goto done; 998 999 if (hunique != NULL) { 1000 sc = pppoe_find_softc_by_hunique(hunique, 1001 hunique_len, rcvif, RW_WRITER); 1002 } 1003 1004 m_put_rcvif_psref(rcvif, &psref); 1005 1006 if (sc == NULL) 1007 goto done; 1008 1009 sc->sc_session = session; 1010 callout_stop(&sc->sc_timeout); 1011 pppoe_printf(sc, "session 0x%x connected\n", session); 1012 sc->sc_state = PPPOE_STATE_SESSION; 1013 PPPOE_UNLOCK(sc); 1014 1015 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 1016 break; 1017 1018 case PPPOE_CODE_PADT: 1019 rcvif = m_get_rcvif_psref(m, &psref); 1020 if (__predict_false(rcvif == NULL)) 1021 goto done; 1022 1023 sc = pppoe_find_softc_by_session(session, rcvif, 1024 RW_WRITER); 1025 1026 m_put_rcvif_psref(rcvif, &psref); 1027 1028 if (sc == NULL) 1029 goto done; 1030 1031 pppoe_clear_softc(sc, "received PADT"); 1032 if (sc->sc_sppp.pp_if.if_flags & IFF_RUNNING) 1033 callout_schedule(&sc->sc_timeout, PPPOE_RECON_FAST); 1034 PPPOE_UNLOCK(sc); 1035 break; 1036 1037 default: 1038 rcvif = m_get_rcvif_psref(m, &psref); 1039 if (__predict_false(rcvif == NULL)) 1040 goto done; 1041 1042 if (hunique != NULL) { 1043 sc = pppoe_find_softc_by_hunique(hunique, 1044 hunique_len, rcvif, RW_READER); 1045 } 1046 1047 m_put_rcvif_psref(rcvif, &psref); 1048 1049 pppoe_printf(sc, "unknown code (0x%04x) session = 0x%04x\n", 1050 ph->code, session); 1051 if (sc == NULL) 1052 goto done; 1053 PPPOE_UNLOCK(sc); 1054 break; 1055 } 1056 1057done: 1058 if (m) 1059 m_freem(m); 1060 return; 1061} 1062 1063static void 1064pppoe_disc_input(struct mbuf *m) 1065{ 1066 KASSERT(m->m_flags & M_PKTHDR); 1067 1068 /* 1069 * Avoid error messages if there is not a single PPPoE instance. 1070 */ 1071 rw_enter(&pppoe_softc_list_lock, RW_READER); 1072 if (!LIST_EMPTY(&pppoe_softc_list)) { 1073 rw_exit(&pppoe_softc_list_lock); 1074 pppoe_dispatch_disc_pkt(m, 0); 1075 } else { 1076 rw_exit(&pppoe_softc_list_lock); 1077 m_freem(m); 1078 } 1079} 1080 1081static bool 1082pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1083{ 1084 1085 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1086 return true; 1087 1088 return false; 1089} 1090 1091static void 1092pppoe_data_input(struct mbuf *m) 1093{ 1094 uint16_t session, plen; 1095 struct pppoe_softc *sc; 1096 struct pppoehdr *ph; 1097 struct ifnet *rcvif; 1098 struct psref psref; 1099 uint8_t shost[ETHER_ADDR_LEN]; 1100 uint8_t dhost[ETHER_ADDR_LEN]; 1101 bool term_unknown = pppoe_term_unknown; 1102 1103 KASSERT(m->m_flags & M_PKTHDR); 1104 1105 /* 1106 * Avoid error messages if there is not a single PPPoE instance. 1107 */ 1108 rw_enter(&pppoe_softc_list_lock, RW_READER); 1109 if (LIST_EMPTY(&pppoe_softc_list)) { 1110 rw_exit(&pppoe_softc_list_lock); 1111 goto drop; 1112 } 1113 rw_exit(&pppoe_softc_list_lock); 1114 1115 if (term_unknown) { 1116 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1117 ETHER_ADDR_LEN); 1118 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1119 ETHER_ADDR_LEN); 1120 } 1121 m_adj(m, sizeof(struct ether_header)); 1122 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1123 goto drop; 1124 } 1125 1126 if (m->m_len < sizeof(*ph)) { 1127 m = m_pullup(m, sizeof(*ph)); 1128 if (m == NULL) { 1129 return; 1130 } 1131 } 1132 ph = mtod(m, struct pppoehdr *); 1133 1134 if (ph->vertype != PPPOE_VERTYPE) { 1135 goto drop; 1136 } 1137 if (ph->code != 0) { 1138 goto drop; 1139 } 1140 1141 session = ntohs(ph->session); 1142 rcvif = m_get_rcvif_psref(m, &psref); 1143 if (__predict_false(rcvif == NULL)) 1144 goto drop; 1145 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1146 if (sc == NULL) { 1147 if (term_unknown) { 1148 static struct timeval lasttime = {0, 0}; 1149 static int curpps = 0; 1150 /* 1151 * avoid to send wrong PADT which is response from 1152 * session stage packets for other hosts when parent 1153 * ethernet is promiscuous mode. 1154 */ 1155 if (pppoe_is_my_frame(dhost, rcvif) && 1156 ppsratecheck(&lasttime, &curpps, 1157 pppoe_term_unknown_pps)) { 1158 pppoe_printf(NULL, "input for unknown session %#x, " 1159 "sending PADT\n", session); 1160 pppoe_send_padt(rcvif, session, shost); 1161 } 1162 } 1163 m_put_rcvif_psref(rcvif, &psref); 1164 goto drop; 1165 } 1166 1167 m_put_rcvif_psref(rcvif, &psref); 1168 1169 plen = ntohs(ph->plen); 1170 1171 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1172 1173 m_adj(m, PPPOE_HEADERLEN); 1174 1175#ifdef PPPOE_DEBUG 1176 { 1177 struct mbuf *p; 1178 1179 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1180 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1181 p = m; 1182 while (p) { 1183 printf(" l=%d", p->m_len); 1184 p = p->m_next; 1185 } 1186 printf("\n"); 1187 } 1188#endif 1189 PPPOE_UNLOCK(sc); 1190 1191 if (m->m_pkthdr.len < plen) 1192 goto drop; 1193 1194 /* ignore trailing garbage */ 1195 m_adj(m, plen - m->m_pkthdr.len); 1196 /* 1197 * Fix incoming interface pointer (not the raw ethernet interface 1198 * anymore) 1199 */ 1200 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1201 1202 /* pass packet up and account for it */ 1203 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1204 sppp_input(&sc->sc_sppp.pp_if, m); 1205 return; 1206 1207drop: 1208 m_freem(m); 1209} 1210 1211static int 1212pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1213{ 1214 struct sockaddr dst; 1215 struct ether_header *eh; 1216 uint16_t etype; 1217 1218 if (sc->sc_eth_if == NULL) { 1219 m_freem(m); 1220 return EIO; 1221 } 1222 1223 memset(&dst, 0, sizeof dst); 1224 dst.sa_family = AF_UNSPEC; 1225 eh = (struct ether_header*)&dst.sa_data; 1226 etype = sc->sc_state == PPPOE_STATE_SESSION 1227 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1228 eh->ether_type = htons(etype); 1229 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1230 1231 DPRINTF(sc, "(%x) state=%d, session=0x%x output -> %s, len=%d\n", 1232 etype, sc->sc_state, sc->sc_session, 1233 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1234 1235 m->m_flags &= ~(M_BCAST|M_MCAST); 1236 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1237 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1238} 1239 1240static int 1241pppoe_parm_cpyinstr(struct pppoe_softc *sc, 1242 char **dst, const void *src, size_t len) 1243{ 1244 int error = 0; 1245 char *next = NULL; 1246 size_t bufsiz, cpysiz, strsiz; 1247 1248 bufsiz = len + 1; 1249 1250 if (src == NULL) 1251 goto out; 1252 1253 bufsiz = len + 1; 1254 next = malloc(bufsiz, M_DEVBUF, M_WAITOK); 1255 if (next == NULL) 1256 return ENOMEM; 1257 1258 error = copyinstr(src, next, bufsiz, &cpysiz); 1259 if (error != 0) 1260 goto fail; 1261 if (cpysiz != bufsiz) { 1262 error = EINVAL; 1263 goto fail; 1264 } 1265 1266 strsiz = strnlen(next, bufsiz); 1267 if (strsiz == bufsiz) { 1268 error = EINVAL; 1269 goto fail; 1270 } 1271 1272out: 1273 PPPOE_LOCK(sc, RW_WRITER); 1274 if (*dst != NULL) 1275 free(*dst, M_DEVBUF); 1276 *dst = next; 1277 next = NULL; 1278 PPPOE_UNLOCK(sc); 1279fail: 1280 if (next != NULL) 1281 free(next, M_DEVBUF); 1282 1283 return error; 1284} 1285 1286static int 1287pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1288{ 1289 struct lwp *l = curlwp; /* XXX */ 1290 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1291 struct ifreq *ifr = data; 1292 int error = 0; 1293 1294 switch (cmd) { 1295 case PPPOESETPARMS: 1296 { 1297 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1298 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1299 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1300 NULL) != 0) 1301 return EPERM; 1302 if (parms->eth_ifname[0] != 0) { 1303 struct ifnet *eth_if; 1304 1305 PPPOE_LOCK(sc, RW_WRITER); 1306 if (sc->sc_detaching) { 1307 PPPOE_UNLOCK(sc); 1308 return ENXIO; 1309 } 1310 eth_if = ifunit(parms->eth_ifname); 1311 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1312 sc->sc_eth_if = NULL; 1313 PPPOE_UNLOCK(sc); 1314 return ENXIO; 1315 } 1316 1317 if (sc->sc_sppp.pp_if.if_mtu != 1318 eth_if->if_mtu - PPPOE_OVERHEAD) { 1319 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1320 PPPOE_OVERHEAD; 1321 } 1322 sc->sc_eth_if = eth_if; 1323 PPPOE_UNLOCK(sc); 1324 } 1325 1326 error = pppoe_parm_cpyinstr(sc, &sc->sc_concentrator_name, 1327 parms->ac_name, parms->ac_name_len); 1328 if (error != 0) 1329 return error; 1330 1331 error = pppoe_parm_cpyinstr(sc, &sc->sc_service_name, 1332 parms->service_name, parms->service_name_len); 1333 if (error != 0) 1334 return error; 1335 return 0; 1336 } 1337 break; 1338 case PPPOEGETPARMS: 1339 { 1340 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1341 memset(parms, 0, sizeof *parms); 1342 PPPOE_LOCK(sc, RW_READER); 1343 if (sc->sc_eth_if) 1344 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1345 sizeof(parms->ifname)); 1346 PPPOE_UNLOCK(sc); 1347 return 0; 1348 } 1349 break; 1350 case PPPOEGETSESSION: 1351 { 1352 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1353 PPPOE_LOCK(sc, RW_READER); 1354 state->state = sc->sc_state; 1355 state->session_id = sc->sc_session; 1356 state->padi_retry_no = sc->sc_padi_retried; 1357 state->padr_retry_no = sc->sc_padr_retried; 1358 PPPOE_UNLOCK(sc); 1359 return 0; 1360 } 1361 break; 1362 case SIOCSIFFLAGS: 1363 /* 1364 * Prevent running re-establishment timers overriding 1365 * administrators choice. 1366 */ 1367 PPPOE_LOCK(sc, RW_WRITER); 1368 if (sc->sc_detaching) { 1369 PPPOE_UNLOCK(sc); 1370 return ENXIO; 1371 } 1372 1373 if ((ifr->ifr_flags & IFF_UP) == 0 1374 && sc->sc_state < PPPOE_STATE_SESSION) { 1375 callout_stop(&sc->sc_timeout); 1376 sc->sc_state = PPPOE_STATE_INITIAL; 1377 sc->sc_padi_retried = 0; 1378 sc->sc_padr_retried = 0; 1379 memcpy(&sc->sc_dest, etherbroadcastaddr, 1380 sizeof(sc->sc_dest)); 1381 } 1382 1383 PPPOE_UNLOCK(sc); 1384 1385 error = sppp_ioctl(ifp, cmd, data); 1386 1387 return error; 1388 case SIOCSIFMTU: 1389 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1390 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1391 return EINVAL; 1392 } 1393 /*FALLTHROUGH*/ 1394 default: 1395 return sppp_ioctl(ifp, cmd, data); 1396 } 1397 return 0; 1398} 1399 1400/* 1401 * Allocate a mbuf/cluster with space to store the given data length 1402 * of payload, leaving space for prepending an ethernet header 1403 * in front. 1404 */ 1405static struct mbuf * 1406pppoe_get_mbuf(size_t len) 1407{ 1408 struct mbuf *m; 1409 1410 MGETHDR(m, M_DONTWAIT, MT_DATA); 1411 if (m == NULL) 1412 return NULL; 1413 if (len + sizeof(struct ether_header) > MHLEN) { 1414 MCLGET(m, M_DONTWAIT); 1415 if ((m->m_flags & M_EXT) == 0) { 1416 m_free(m); 1417 return NULL; 1418 } 1419 } 1420 m->m_data += sizeof(struct ether_header); 1421 m->m_len = len; 1422 m->m_pkthdr.len = len; 1423 m_reset_rcvif(m); 1424 1425 return m; 1426} 1427 1428static int 1429pppoe_send_padi(struct pppoe_softc *sc) 1430{ 1431 struct mbuf *m0; 1432 int len, l1 = 0, l2 = 0; 1433 uint8_t *p; 1434 1435 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1436 panic("pppoe_send_padi in state %d", sc->sc_state); 1437 1438 /* Compute packet length. */ 1439 len = sizeof(struct pppoetag); 1440 if (sc->sc_service_name != NULL) { 1441 l1 = strlen(sc->sc_service_name); 1442 len += l1; 1443 } 1444 if (sc->sc_concentrator_name != NULL) { 1445 l2 = strlen(sc->sc_concentrator_name); 1446 len += sizeof(struct pppoetag) + l2; 1447 } 1448 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1449 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1450 len += sizeof(struct pppoetag) + 2; 1451 } 1452 1453 /* Allocate packet. */ 1454 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1455 if (m0 == NULL) 1456 return ENOBUFS; 1457 1458 /* Fill in packet. */ 1459 p = mtod(m0, uint8_t *); 1460 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1461 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1462 if (sc->sc_service_name != NULL) { 1463 PPPOE_ADD_16(p, l1); 1464 memcpy(p, sc->sc_service_name, l1); 1465 p += l1; 1466 } else { 1467 PPPOE_ADD_16(p, 0); 1468 } 1469 if (sc->sc_concentrator_name != NULL) { 1470 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1471 PPPOE_ADD_16(p, l2); 1472 memcpy(p, sc->sc_concentrator_name, l2); 1473 p += l2; 1474 } 1475 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1476 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1477 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1478 p += sizeof(sc->sc_id); 1479 1480 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1481 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1482 PPPOE_ADD_16(p, 2); 1483 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1484 } 1485 1486#ifdef PPPOE_DEBUG 1487 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1488 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1489 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1490#endif 1491 1492 /* Send packet. */ 1493 return pppoe_output(sc, m0); 1494} 1495 1496static void 1497pppoe_timeout_co(void *arg) 1498{ 1499 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1500 1501 if (atomic_swap_uint(&sc->sc_timeout_scheduled, 1) != 0) 1502 return; 1503 1504 workqueue_enqueue(sc->sc_timeout_wq, &sc->sc_timeout_wk, NULL); 1505} 1506 1507static void 1508pppoe_timeout_co_halt(void *unused __unused) 1509{ 1510 1511 /* do nothing to halt callout safely */ 1512} 1513 1514static void 1515pppoe_timeout_wk(struct work *wk __unused, void *arg) 1516{ 1517 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1518 1519 atomic_swap_uint(&sc->sc_timeout_scheduled, 0); 1520 pppoe_timeout(sc); 1521} 1522 1523static void 1524pppoe_timeout(struct pppoe_softc *sc) 1525{ 1526 int retry_wait, err; 1527 DECLARE_SPLNET_VARIABLE; 1528 1529 pppoe_printf(sc, "timeout\n"); 1530 1531 PPPOE_LOCK(sc, RW_WRITER); 1532 switch (sc->sc_state) { 1533 case PPPOE_STATE_INITIAL: 1534 /* delayed connect from pppoe_tls() */ 1535 if (!sc->sc_detaching) 1536 pppoe_connect(sc); 1537 break; 1538 case PPPOE_STATE_PADI_SENT: 1539 /* 1540 * We have two basic ways of retrying: 1541 * - Quick retry mode: try a few times in short sequence 1542 * - Slow retry mode: we already had a connection successfully 1543 * established and will try infinitely (without user 1544 * intervention) 1545 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1546 * is not set. 1547 */ 1548 1549 /* initialize for quick retry mode */ 1550 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1551 1552 ACQUIRE_SPLNET(); 1553 sc->sc_padi_retried++; 1554 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1555 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1556 /* slow retry mode */ 1557 retry_wait = PPPOE_SLOW_RETRY; 1558 } else { 1559 pppoe_abort_connect(sc); 1560 RELEASE_SPLNET(); 1561 PPPOE_UNLOCK(sc); 1562 return; 1563 } 1564 } 1565 if ((err = pppoe_send_padi(sc)) != 0) { 1566 sc->sc_padi_retried--; 1567 pppoe_printf(sc, 1568 "failed to transmit PADI, error=%d\n", err); 1569 } 1570 callout_schedule(&sc->sc_timeout,retry_wait); 1571 RELEASE_SPLNET(); 1572 break; 1573 1574 case PPPOE_STATE_PADR_SENT: 1575 ACQUIRE_SPLNET(); 1576 sc->sc_padr_retried++; 1577 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1578 memcpy(&sc->sc_dest, etherbroadcastaddr, 1579 sizeof(sc->sc_dest)); 1580 sc->sc_state = PPPOE_STATE_PADI_SENT; 1581 sc->sc_padi_retried = 0; 1582 sc->sc_padr_retried = 0; 1583 if ((err = pppoe_send_padi(sc)) != 0) { 1584 pppoe_printf(sc, 1585 "failed to send PADI, error=%d\n", err); 1586 } 1587 callout_schedule(&sc->sc_timeout, 1588 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1589 RELEASE_SPLNET(); 1590 PPPOE_UNLOCK(sc); 1591 return; 1592 } 1593 if ((err = pppoe_send_padr(sc)) != 0) { 1594 sc->sc_padr_retried--; 1595 pppoe_printf(sc,"failed to send PADR, error=%d", err); 1596 } 1597 callout_schedule(&sc->sc_timeout, 1598 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1599 RELEASE_SPLNET(); 1600 break; 1601 case PPPOE_STATE_CLOSING: 1602 pppoe_disconnect(sc); 1603 break; 1604 default: 1605 PPPOE_UNLOCK(sc); 1606 return; /* all done, work in peace */ 1607 } 1608 PPPOE_UNLOCK(sc); 1609} 1610 1611/* Start a connection (i.e. initiate discovery phase) */ 1612static int 1613pppoe_connect(struct pppoe_softc *sc) 1614{ 1615 int err; 1616 DECLARE_SPLNET_VARIABLE; 1617 1618 KASSERT(PPPOE_WLOCKED(sc)); 1619 1620 if (sc->sc_state != PPPOE_STATE_INITIAL) 1621 return EBUSY; 1622 1623#ifdef PPPOE_SERVER 1624 /* wait PADI if IFF_PASSIVE */ 1625 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1626 return 0; 1627#endif 1628 ACQUIRE_SPLNET(); 1629 /* save state, in case we fail to send PADI */ 1630 sc->sc_state = PPPOE_STATE_PADI_SENT; 1631 sc->sc_padi_retried = 0; 1632 sc->sc_padr_retried = 0; 1633 err = pppoe_send_padi(sc); 1634 if (err != 0) 1635 pppoe_printf(sc, "failed to send PADI, error=%d\n", err); 1636 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1637 RELEASE_SPLNET(); 1638 return err; 1639} 1640 1641/* disconnect */ 1642static int 1643pppoe_disconnect(struct pppoe_softc *sc) 1644{ 1645 int err; 1646 DECLARE_SPLNET_VARIABLE; 1647 1648 KASSERT(PPPOE_WLOCKED(sc)); 1649 1650 ACQUIRE_SPLNET(); 1651 1652 if (sc->sc_state < PPPOE_STATE_SESSION) 1653 err = EBUSY; 1654 else { 1655 pppoe_printf(sc, "disconnecting\n"); 1656 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1657 (const uint8_t *)&sc->sc_dest); 1658 } 1659 1660 /* cleanup softc */ 1661 sc->sc_state = PPPOE_STATE_INITIAL; 1662 1663 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1664 if (sc->sc_ac_cookie) { 1665 free(sc->sc_ac_cookie, M_DEVBUF); 1666 sc->sc_ac_cookie = NULL; 1667 } 1668 sc->sc_ac_cookie_len = 0; 1669 if (sc->sc_relay_sid) { 1670 free(sc->sc_relay_sid, M_DEVBUF); 1671 sc->sc_relay_sid = NULL; 1672 } 1673 sc->sc_relay_sid_len = 0; 1674#ifdef PPPOE_SERVER 1675 if (sc->sc_hunique) { 1676 free(sc->sc_hunique, M_DEVBUF); 1677 sc->sc_hunique = NULL; 1678 } 1679 sc->sc_hunique_len = 0; 1680#endif 1681 sc->sc_session = 0; 1682 1683 PPPOE_UNLOCK(sc); 1684 1685 /* notify upper layer */ 1686 sc->sc_sppp.pp_down(&sc->sc_sppp); 1687 1688 PPPOE_LOCK(sc, RW_WRITER); 1689 1690 RELEASE_SPLNET(); 1691 return err; 1692} 1693 1694/* Connection attempt aborted */ 1695static void 1696pppoe_abort_connect(struct pppoe_softc *sc) 1697{ 1698 KASSERT(PPPOE_WLOCKED(sc)); 1699 1700 pppoe_printf(sc, "could not establish connection\n"); 1701 sc->sc_state = PPPOE_STATE_CLOSING; 1702 1703 PPPOE_UNLOCK(sc); 1704 1705 /* notify upper layer */ 1706 sc->sc_sppp.pp_down(&sc->sc_sppp); 1707 1708 PPPOE_LOCK(sc, RW_WRITER); 1709 1710 /* clear connection state */ 1711 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1712 sc->sc_state = PPPOE_STATE_INITIAL; 1713} 1714 1715static int 1716pppoe_send_padr(struct pppoe_softc *sc) 1717{ 1718 struct mbuf *m0; 1719 uint8_t *p; 1720 size_t len, l1 = 0; 1721 1722 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1723 return EIO; 1724 1725 /* Compute packet length. */ 1726 len = sizeof(struct pppoetag); 1727 if (sc->sc_service_name != NULL) { 1728 l1 = strlen(sc->sc_service_name); 1729 len += l1; 1730 } 1731 if (sc->sc_ac_cookie_len > 0) { 1732 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1733 } 1734 if (sc->sc_relay_sid_len > 0) { 1735 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1736 } 1737 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1738 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1739 len += sizeof(struct pppoetag) + 2; 1740 } 1741 1742 /* Allocate packet. */ 1743 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1744 if (m0 == NULL) 1745 return ENOBUFS; 1746 1747 /* Fill in packet. */ 1748 p = mtod(m0, uint8_t *); 1749 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1750 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1751 if (sc->sc_service_name != NULL) { 1752 PPPOE_ADD_16(p, l1); 1753 memcpy(p, sc->sc_service_name, l1); 1754 p += l1; 1755 } else { 1756 PPPOE_ADD_16(p, 0); 1757 } 1758 if (sc->sc_ac_cookie_len > 0) { 1759 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1760 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1761 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1762 p += sc->sc_ac_cookie_len; 1763 } 1764 if (sc->sc_relay_sid_len > 0) { 1765 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1766 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1767 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1768 p += sc->sc_relay_sid_len; 1769 } 1770 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1771 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1772 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1773 p += sizeof(sc->sc_id); 1774 1775 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1776 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1777 PPPOE_ADD_16(p, 2); 1778 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1779 } 1780 1781#ifdef PPPOE_DEBUG 1782 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1783 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1784 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1785#endif 1786 1787 /* Send packet. */ 1788 return pppoe_output(sc, m0); 1789} 1790 1791/* send a PADT packet */ 1792static int 1793pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1794{ 1795 struct ether_header *eh; 1796 struct sockaddr dst; 1797 struct mbuf *m0; 1798 uint8_t *p; 1799 1800 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1801 if (!m0) 1802 return EIO; 1803 p = mtod(m0, uint8_t *); 1804 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1805 1806 memset(&dst, 0, sizeof dst); 1807 dst.sa_family = AF_UNSPEC; 1808 eh = (struct ether_header*)&dst.sa_data; 1809 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1810 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1811 1812 m0->m_flags &= ~(M_BCAST|M_MCAST); 1813 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1814} 1815 1816#ifdef PPPOE_SERVER 1817static int 1818pppoe_send_pado(struct pppoe_softc *sc) 1819{ 1820 struct mbuf *m0; 1821 uint8_t *p; 1822 size_t len; 1823 1824 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1825 return EIO; 1826 1827 /* Include AC cookie. */ 1828 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1829 /* Include hunique. */ 1830 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1831 1832 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1833 if (!m0) 1834 return EIO; 1835 p = mtod(m0, uint8_t *); 1836 1837 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1838 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1839 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1840 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1841 p += sizeof(sc->sc_id); 1842 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1843 PPPOE_ADD_16(p, sc->sc_hunique_len); 1844 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1845 return pppoe_output(sc, m0); 1846} 1847 1848static int 1849pppoe_send_pads(struct pppoe_softc *sc) 1850{ 1851 struct bintime bt; 1852 struct mbuf *m0; 1853 uint8_t *p; 1854 size_t len, l1 = 0; /* XXX: gcc */ 1855 1856 KASSERT(PPPOE_WLOCKED(sc)); 1857 1858 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1859 return EIO; 1860 1861 getbinuptime(&bt); 1862 sc->sc_session = bt.sec % 0xff + 1; 1863 1864 /* Include service name. */ 1865 len = sizeof(struct pppoetag); 1866 if (sc->sc_service_name != NULL) { 1867 l1 = strlen(sc->sc_service_name); 1868 len += l1; 1869 } 1870 /* Include hunique. */ 1871 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1872 1873 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1874 if (!m0) 1875 return ENOBUFS; 1876 p = mtod(m0, uint8_t *); 1877 1878 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1879 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1880 if (sc->sc_service_name != NULL) { 1881 PPPOE_ADD_16(p, l1); 1882 memcpy(p, sc->sc_service_name, l1); 1883 p += l1; 1884 } else { 1885 PPPOE_ADD_16(p, 0); 1886 } 1887 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1888 PPPOE_ADD_16(p, sc->sc_hunique_len); 1889 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1890 return pppoe_output(sc, m0); 1891} 1892#endif 1893 1894static void 1895pppoe_tls(struct sppp *sp) 1896{ 1897 struct pppoe_softc *sc = (void *)sp; 1898 int wtime; 1899 1900 PPPOE_LOCK(sc, RW_READER); 1901 1902 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1903 PPPOE_UNLOCK(sc); 1904 return; 1905 } 1906 1907 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1908 sc->sc_sppp.pp_auth_failures > 0) { 1909 /* 1910 * Delay trying to reconnect a bit more - the peer 1911 * might have failed to contact its radius server. 1912 */ 1913 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1914 if (wtime > PPPOE_SLOW_RETRY) 1915 wtime = PPPOE_SLOW_RETRY; 1916 } else { 1917 wtime = PPPOE_RECON_IMMEDIATE; 1918 } 1919 callout_schedule(&sc->sc_timeout, wtime); 1920 1921 PPPOE_UNLOCK(sc); 1922} 1923 1924static void 1925pppoe_tlf(struct sppp *sp) 1926{ 1927 struct pppoe_softc *sc = (void *)sp; 1928 1929 PPPOE_LOCK(sc, RW_WRITER); 1930 1931 if (sc->sc_state < PPPOE_STATE_SESSION) { 1932 callout_stop(&sc->sc_timeout); 1933 sc->sc_state = PPPOE_STATE_INITIAL; 1934 sc->sc_padi_retried = 0; 1935 sc->sc_padr_retried = 0; 1936 memcpy(&sc->sc_dest, etherbroadcastaddr, 1937 sizeof(sc->sc_dest)); 1938 PPPOE_UNLOCK(sc); 1939 return; 1940 } 1941 1942 /* 1943 * Do not call pppoe_disconnect here, the upper layer state 1944 * machine gets confused by this. We must return from this 1945 * function and defer disconnecting to the timeout handler. 1946 */ 1947 sc->sc_state = PPPOE_STATE_CLOSING; 1948 1949 callout_schedule(&sc->sc_timeout, hz/50); 1950 1951 PPPOE_UNLOCK(sc); 1952} 1953 1954static void 1955pppoe_start(struct ifnet *ifp) 1956{ 1957 struct pppoe_softc *sc = (void *)ifp; 1958 struct mbuf *m; 1959 uint8_t *p; 1960 size_t len; 1961 1962 if (sppp_isempty(ifp)) 1963 return; 1964 1965 /* are we ready to process data yet? */ 1966 PPPOE_LOCK(sc, RW_READER); 1967 if (sc->sc_state < PPPOE_STATE_SESSION) { 1968 sppp_flush(&sc->sc_sppp.pp_if); 1969 PPPOE_UNLOCK(sc); 1970 return; 1971 } 1972 1973 while ((m = sppp_dequeue(ifp)) != NULL) { 1974 len = m->m_pkthdr.len; 1975 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1976 if (m == NULL) { 1977 if_statinc(ifp, if_oerrors); 1978 continue; 1979 } 1980 p = mtod(m, uint8_t *); 1981 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1982 1983 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1984 1985 pppoe_output(sc, m); 1986 } 1987 PPPOE_UNLOCK(sc); 1988} 1989 1990#ifdef PPPOE_MPSAFE 1991static int 1992pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1993{ 1994 struct pppoe_softc *sc = (void *)ifp; 1995 uint8_t *p; 1996 size_t len; 1997 1998 if (m == NULL) 1999 return EINVAL; 2000 2001 /* are we ready to process data yet? */ 2002 PPPOE_LOCK(sc, RW_READER); 2003 if (sc->sc_state < PPPOE_STATE_SESSION) { 2004 PPPOE_UNLOCK(sc); 2005 m_freem(m); 2006 return ENOBUFS; 2007 } 2008 2009 len = m->m_pkthdr.len; 2010 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 2011 if (m == NULL) { 2012 PPPOE_UNLOCK(sc); 2013 if_statinc(ifp, if_oerrors); 2014 return ENETDOWN; 2015 } 2016 p = mtod(m, uint8_t *); 2017 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 2018 2019 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 2020 2021 pppoe_output(sc, m); 2022 PPPOE_UNLOCK(sc); 2023 return 0; 2024} 2025#endif /* PPPOE_MPSAFE */ 2026 2027static void 2028pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 2029{ 2030 struct ifnet *ifp = arg2; 2031 struct pppoe_softc *sc; 2032 DECLARE_SPLNET_VARIABLE; 2033 2034 if (cmd != PFIL_IFNET_DETACH) 2035 return; 2036 2037 ACQUIRE_SPLNET(); 2038 rw_enter(&pppoe_softc_list_lock, RW_READER); 2039 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 2040 PPPOE_LOCK(sc, RW_WRITER); 2041 if (sc->sc_eth_if != ifp) { 2042 PPPOE_UNLOCK(sc); 2043 continue; 2044 } 2045 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 2046 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 2047 pppoe_printf(sc, 2048 "ethernet interface detached, going down\n"); 2049 } 2050 sc->sc_eth_if = NULL; 2051 pppoe_clear_softc(sc, "ethernet interface detached"); 2052 PPPOE_UNLOCK(sc); 2053 } 2054 rw_exit(&pppoe_softc_list_lock); 2055 RELEASE_SPLNET(); 2056} 2057 2058static void 2059pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 2060{ 2061 KASSERT(PPPOE_WLOCKED(sc)); 2062 2063 /* stop timer */ 2064 callout_stop(&sc->sc_timeout); 2065 pppoe_printf(sc, "session 0x%x terminated, %s\n", 2066 sc->sc_session, message); 2067 2068 /* fix our state */ 2069 sc->sc_state = PPPOE_STATE_INITIAL; 2070 2071 PPPOE_UNLOCK(sc); 2072 2073 /* signal upper layer */ 2074 sc->sc_sppp.pp_down(&sc->sc_sppp); 2075 2076 PPPOE_LOCK(sc, RW_WRITER); 2077 2078 /* clean up softc */ 2079 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 2080 if (sc->sc_ac_cookie) { 2081 free(sc->sc_ac_cookie, M_DEVBUF); 2082 sc->sc_ac_cookie = NULL; 2083 } 2084 if (sc->sc_relay_sid) { 2085 free(sc->sc_relay_sid, M_DEVBUF); 2086 sc->sc_relay_sid = NULL; 2087 } 2088 sc->sc_ac_cookie_len = 0; 2089 sc->sc_session = 0; 2090} 2091 2092static void 2093pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2094{ 2095 if (m->m_flags & M_PROMISC) { 2096 m_freem(m); 2097 return; 2098 } 2099 2100#ifndef PPPOE_SERVER 2101 if (m->m_flags & (M_MCAST | M_BCAST)) { 2102 m_freem(m); 2103 return; 2104 } 2105#endif 2106 2107 IFQ_LOCK(inq); 2108 if (IF_QFULL(inq)) { 2109 IF_DROP(inq); 2110 IFQ_UNLOCK(inq); 2111 m_freem(m); 2112 } else { 2113 IF_ENQUEUE(inq, m); 2114 IFQ_UNLOCK(inq); 2115 softint_schedule(pppoe_softintr); 2116 } 2117 return; 2118} 2119 2120void 2121pppoe_input(struct ifnet *ifp, struct mbuf *m) 2122{ 2123 pppoe_enqueue(&ppoeinq, m); 2124 return; 2125} 2126 2127void 2128pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2129{ 2130 pppoe_enqueue(&ppoediscinq, m); 2131 return; 2132} 2133 2134static void 2135sysctl_net_pppoe_setup(struct sysctllog **clog) 2136{ 2137 const struct sysctlnode *node = NULL; 2138 2139 sysctl_createv(clog, 0, NULL, &node, 2140 CTLFLAG_PERMANENT, 2141 CTLTYPE_NODE, "pppoe", 2142 SYSCTL_DESCR("PPPOE protocol"), 2143 NULL, 0, NULL, 0, 2144 CTL_NET, CTL_CREATE, CTL_EOL); 2145 2146 if (node == NULL) 2147 return; 2148 2149 sysctl_createv(clog, 0, &node, NULL, 2150 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2151 CTLTYPE_BOOL, "term_unknown", 2152 SYSCTL_DESCR("Terminate unknown sessions"), 2153 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2154 CTL_CREATE, CTL_EOL); 2155} 2156 2157/* 2158 * Module infrastructure 2159 */ 2160#include "if_module.h" 2161 2162IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2163