if_pppoe.c revision 1.176
1/* $NetBSD: if_pppoe.c,v 1.176 2021/05/19 03:44:46 yamaguchi Exp $ */ 2 3/* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32#include <sys/cdefs.h> 33__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.176 2021/05/19 03:44:46 yamaguchi Exp $"); 34 35#ifdef _KERNEL_OPT 36#include "pppoe.h" 37#include "opt_pppoe.h" 38#include "opt_net_mpsafe.h" 39#endif 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/kernel.h> 44#include <sys/atomic.h> 45#include <sys/callout.h> 46#include <sys/malloc.h> 47#include <sys/mbuf.h> 48#include <sys/socket.h> 49#include <sys/proc.h> 50#include <sys/ioctl.h> 51#include <sys/kauth.h> 52#include <sys/intr.h> 53#include <sys/socketvar.h> 54#include <sys/device.h> 55#include <sys/module.h> 56#include <sys/sysctl.h> 57#include <sys/rwlock.h> 58#include <sys/mutex.h> 59#include <sys/psref.h> 60#include <sys/cprng.h> 61#include <sys/workqueue.h> 62 63#include <net/if.h> 64#include <net/if_types.h> 65#include <net/if_ether.h> 66#include <net/if_sppp.h> 67#include <net/if_spppvar.h> 68#include <net/if_pppoe.h> 69#include <net/if_dl.h> 70 71#include <net/bpf.h> 72 73#include "ioconf.h" 74 75#ifdef NET_MPSAFE 76#define PPPOE_MPSAFE 1 77#endif 78 79#ifndef PPPOE_DEQUEUE_MAXLEN 80#define PPPOE_DEQUEUE_MAXLEN IFQ_MAXLEN 81#endif 82 83struct pppoehdr { 84 uint8_t vertype; 85 uint8_t code; 86 uint16_t session; 87 uint16_t plen; 88} __packed; 89 90struct pppoetag { 91 uint16_t tag; 92 uint16_t len; 93} __packed; 94 95#define PPPOE_HEADERLEN sizeof(struct pppoehdr) 96#define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 97#define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 98 99#define PPPOE_TAG_EOL 0x0000 /* end of list */ 100#define PPPOE_TAG_SNAME 0x0101 /* service name */ 101#define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 102#define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 103#define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 104#define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 105#define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 106#define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 107#define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 108#define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 109#define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 110 111#define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 112#define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 113#define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 114#define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 115#define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 116 117/* two byte PPP protocol discriminator, then IP data */ 118#define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 119 120/* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 121#define PPPOE_ADD_16(PTR, VAL) \ 122 *(PTR)++ = (VAL) / 256; \ 123 *(PTR)++ = (VAL) % 256 124 125/* Add a complete PPPoE header to the buffer pointed to by PTR */ 126#define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 127 *(PTR)++ = PPPOE_VERTYPE; \ 128 *(PTR)++ = (CODE); \ 129 PPPOE_ADD_16(PTR, SESS); \ 130 PPPOE_ADD_16(PTR, LEN) 131 132#define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 133#define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 134#define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 135#define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 136#define PPPOE_RECON_PADTRCVD (hz*5) /* reconnect delay after PADT received */ 137#define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 138#define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 139 140#ifdef PPPOE_SERVER 141/* from if_spppsubr.c */ 142#define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 143#endif 144 145#define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 146#define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 147#define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 148 149#ifdef PPPOE_MPSAFE 150#define DECLARE_SPLNET_VARIABLE 151#define ACQUIRE_SPLNET() do { } while (0) 152#define RELEASE_SPLNET() do { } while (0) 153#else 154#define DECLARE_SPLNET_VARIABLE int __s 155#define ACQUIRE_SPLNET() do { \ 156 __s = splnet(); \ 157 } while (0) 158#define RELEASE_SPLNET() do { \ 159 splx(__s); \ 160 } while (0) 161#endif 162 163#ifdef PPPOE_DEBUG 164#define DPRINTF(_sc, _fmt, _arg...) pppoe_printf((_sc), (_fmt), ##_arg) 165#else 166#define DPRINTF(_sc, _fmt, _arg...) __nothing 167#endif 168 169struct pppoe_softc { 170 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 171 LIST_ENTRY(pppoe_softc) sc_list; 172 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 173 174 uint64_t sc_id; /* id of this softc, our hunique */ 175 int sc_state; /* discovery phase or session connected */ 176 struct ether_addr sc_dest; /* hardware address of concentrator */ 177 uint16_t sc_session; /* PPPoE session id */ 178 179 char *sc_service_name; /* if != NULL: requested name of service */ 180 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 181 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 182 size_t sc_ac_cookie_len; /* length of cookie data */ 183 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 184 size_t sc_relay_sid_len; /* length of relay SID data */ 185#ifdef PPPOE_SERVER 186 uint8_t *sc_hunique; /* content of host unique we must echo back */ 187 size_t sc_hunique_len; /* length of host unique */ 188#endif 189 callout_t sc_timeout; /* timeout while not in session state */ 190 struct workqueue *sc_timeout_wq; /* workqueue for timeout */ 191 struct work sc_timeout_wk; 192 u_int sc_timeout_scheduled; 193 int sc_padi_retried; /* number of PADI retries already done */ 194 int sc_padr_retried; /* number of PADR retries already done */ 195 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 196 bool sc_detaching; 197}; 198 199/* incoming traffic will be queued here */ 200struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 201struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 202 203void *pppoe_softintr = NULL; 204static void pppoe_softintr_handler(void *); 205 206extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 207 208/* input routines */ 209static void pppoeintr(void); 210static void pppoe_disc_input(struct mbuf *); 211static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 212static void pppoe_data_input(struct mbuf *); 213static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 214 215/* management routines */ 216static int pppoe_connect(struct pppoe_softc *); 217static int pppoe_disconnect(struct pppoe_softc *); 218static void pppoe_abort_connect(struct pppoe_softc *); 219static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 220static void pppoe_tls(struct sppp *); 221static void pppoe_tlf(struct sppp *); 222static void pppoe_start(struct ifnet *); 223#ifdef PPPOE_MPSAFE 224static int pppoe_transmit(struct ifnet *, struct mbuf *); 225#endif 226static void pppoe_clear_softc(struct pppoe_softc *, const char *); 227static void pppoe_printf(struct pppoe_softc *, const char *, ...); 228 229/* internal timeout handling */ 230static void pppoe_timeout_co(void *); 231static void pppoe_timeout_co_halt(void *); 232static void pppoe_timeout_wk(struct work *, void *); 233static void pppoe_timeout(struct pppoe_softc *); 234 235/* sending actual protocol controll packets */ 236static int pppoe_send_padi(struct pppoe_softc *); 237static int pppoe_send_padr(struct pppoe_softc *); 238#ifdef PPPOE_SERVER 239static int pppoe_send_pado(struct pppoe_softc *); 240static int pppoe_send_pads(struct pppoe_softc *); 241#endif 242static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 243 244/* raw output */ 245static int pppoe_output(struct pppoe_softc *, struct mbuf *); 246 247/* internal helper functions */ 248static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 249 krw_t); 250static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 251 struct ifnet *, krw_t); 252static struct mbuf *pppoe_get_mbuf(size_t len); 253 254static void pppoe_ifattach_hook(void *, unsigned long, void *); 255 256static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 257static krwlock_t pppoe_softc_list_lock; 258 259static int pppoe_clone_create(struct if_clone *, int); 260static int pppoe_clone_destroy(struct ifnet *); 261 262static bool pppoe_term_unknown = false; 263static int pppoe_term_unknown_pps = 1; 264 265static struct sysctllog *pppoe_sysctl_clog; 266static void sysctl_net_pppoe_setup(struct sysctllog **); 267 268static struct if_clone pppoe_cloner = 269 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 270 271/* ARGSUSED */ 272void 273pppoeattach(int count) 274{ 275 276 /* 277 * Nothing to do here, initialization is handled by the 278 * module initialization code in pppoeinit() below). 279 */ 280} 281 282static void 283pppoeinit(void) 284{ 285 286 LIST_INIT(&pppoe_softc_list); 287 rw_init(&pppoe_softc_list_lock); 288 if_clone_attach(&pppoe_cloner); 289 290 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 291 pppoe_softintr_handler, NULL); 292 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 293 294 IFQ_LOCK_INIT(&ppoediscinq); 295 IFQ_LOCK_INIT(&ppoeinq); 296} 297 298static int 299pppoedetach(void) 300{ 301 int error = 0; 302 303 rw_enter(&pppoe_softc_list_lock, RW_READER); 304 if (!LIST_EMPTY(&pppoe_softc_list)) { 305 rw_exit(&pppoe_softc_list_lock); 306 error = EBUSY; 307 } 308 309 if (error == 0) { 310 if_clone_detach(&pppoe_cloner); 311 softint_disestablish(pppoe_softintr); 312 /* Remove our sysctl sub-tree */ 313 sysctl_teardown(&pppoe_sysctl_clog); 314 } 315 316 return error; 317} 318 319static void 320pppoe_softc_genid(uint64_t *id) 321{ 322 struct pppoe_softc *sc; 323 uint64_t rndid; 324 325 rw_enter(&pppoe_softc_list_lock, RW_READER); 326 327 while (1) { 328 rndid = cprng_strong64(); 329 330 sc = NULL; 331 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 332 if (sc->sc_id == rndid) 333 break; 334 } 335 if (sc == NULL) { 336 break; 337 } 338 } 339 340 rw_exit(&pppoe_softc_list_lock); 341 *id = rndid; 342} 343 344static int 345pppoe_clone_create(struct if_clone *ifc, int unit) 346{ 347 struct pppoe_softc *sc; 348 struct ifnet *ifp; 349 int rv; 350 351 sc = kmem_zalloc(sizeof(*sc), KM_SLEEP); 352 ifp = &sc->sc_sppp.pp_if; 353 354 rw_init(&sc->sc_lock); 355 pppoe_softc_genid(&sc->sc_id); 356 /* changed to real address later */ 357 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 358 359 if_initname(ifp, "pppoe", unit); 360 ifp->if_softc = sc; 361 ifp->if_mtu = PPPOE_MAXMTU; 362 ifp->if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 363#ifdef PPPOE_MPSAFE 364 ifp->if_extflags = IFEF_MPSAFE; 365#endif 366 ifp->if_type = IFT_PPP; 367 ifp->if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 368 ifp->if_dlt = DLT_PPP_ETHER; 369 ifp->if_ioctl = pppoe_ioctl; 370 ifp->if_start = pppoe_start; 371#ifdef PPPOE_MPSAFE 372 ifp->if_transmit = pppoe_transmit; 373#endif 374 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 375 IFQ_SET_READY(&ifp->if_snd); 376 377 sc->sc_sppp.pp_tls = pppoe_tls; 378 sc->sc_sppp.pp_tlf = pppoe_tlf; 379 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 380 PP_NOFRAMING; /* no serial encapsulation */ 381 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 382 383 rv = workqueue_create(&sc->sc_timeout_wq, 384 ifp->if_xname, pppoe_timeout_wk, sc, 385 PRI_SOFTNET, IPL_SOFTNET, 0); 386 if (rv != 0) 387 goto destroy_sclock; 388 389 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 390 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co, sc); 391 392 rv = if_initialize(ifp); 393 if (rv != 0) 394 goto destroy_timeout; 395 396 ifp->if_percpuq = if_percpuq_create(ifp); 397 398 rw_enter(&pppoe_softc_list_lock, RW_READER); 399 if (LIST_EMPTY(&pppoe_softc_list)) { 400 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 401 } 402 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 403 rw_exit(&pppoe_softc_list_lock); 404 405 sppp_attach(ifp); 406 bpf_attach(ifp, DLT_PPP_ETHER, 0); 407 if_register(ifp); 408 409 return 0; 410 411destroy_timeout: 412 callout_destroy(&sc->sc_timeout); 413 workqueue_destroy(sc->sc_timeout_wq); 414destroy_sclock: 415 rw_destroy(&sc->sc_lock); 416 kmem_free(sc, sizeof(*sc)); 417 418 return rv; 419} 420 421static int 422pppoe_clone_destroy(struct ifnet *ifp) 423{ 424 struct pppoe_softc * sc = ifp->if_softc; 425 426 PPPOE_LOCK(sc, RW_WRITER); 427 /* stop ioctls */ 428 sc->sc_detaching = true; 429 430 if (ifp->if_flags & IFF_RUNNING) { 431 pppoe_clear_softc(sc, "destroy interface"); 432 sc->sc_eth_if = NULL; 433 } 434 PPPOE_UNLOCK(sc); 435 436 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 437 LIST_REMOVE(sc, sc_list); 438 439 if (LIST_EMPTY(&pppoe_softc_list)) { 440 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 441 } 442 rw_exit(&pppoe_softc_list_lock); 443 444 bpf_detach(ifp); 445 sppp_detach(&sc->sc_sppp.pp_if); 446 if_detach(ifp); 447 448 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co_halt, sc); 449 450 workqueue_wait(sc->sc_timeout_wq, &sc->sc_timeout_wk); 451 workqueue_destroy(sc->sc_timeout_wq); 452 453 callout_halt(&sc->sc_timeout, NULL); 454 callout_destroy(&sc->sc_timeout); 455 456#ifdef PPPOE_SERVER 457 if (sc->sc_hunique) { 458 free(sc->sc_hunique, M_DEVBUF); 459 sc->sc_hunique = NULL; 460 sc->sc_hunique_len = 0; 461 } 462#endif 463 if (sc->sc_concentrator_name) 464 free(sc->sc_concentrator_name, M_DEVBUF); 465 if (sc->sc_service_name) 466 free(sc->sc_service_name, M_DEVBUF); 467 if (sc->sc_ac_cookie) 468 free(sc->sc_ac_cookie, M_DEVBUF); 469 if (sc->sc_relay_sid) 470 free(sc->sc_relay_sid, M_DEVBUF); 471 472 rw_destroy(&sc->sc_lock); 473 474 kmem_free(sc, sizeof(*sc)); 475 476 return 0; 477} 478 479static void 480pppoe_printf(struct pppoe_softc *sc, const char *fmt, ...) 481{ 482 va_list ap; 483 bool pppoe_debug; 484 485#ifdef PPPOE_DEBUG 486 pppoe_debug = true; 487#else 488 pppoe_debug = false; 489#endif 490 491 if (sc == NULL) { 492 if (!pppoe_debug) 493 return; 494 495 printf("pppoe: "); 496 } else { 497 if (!ISSET(sc->sc_sppp.pp_if.if_flags, IFF_DEBUG)) 498 return; 499 500 printf("%s: ", sc->sc_sppp.pp_if.if_xname); 501 } 502 503 va_start(ap, fmt); 504 vprintf(fmt, ap); 505 va_end(ap); 506} 507 508/* 509 * Find the interface handling the specified session. 510 * Note: O(number of sessions open), this is a client-side only, mean 511 * and lean implementation, so number of open sessions typically should 512 * be 1. 513 */ 514static struct pppoe_softc * 515pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 516{ 517 struct pppoe_softc *sc = NULL; 518 519 if (session == 0) 520 return NULL; 521 rw_enter(&pppoe_softc_list_lock, RW_READER); 522 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 523 PPPOE_LOCK(sc, lock); 524 if ( sc->sc_state == PPPOE_STATE_SESSION 525 && sc->sc_session == session 526 && sc->sc_eth_if == rcvif) 527 break; 528 529 PPPOE_UNLOCK(sc); 530 } 531 rw_exit(&pppoe_softc_list_lock); 532 return sc; 533} 534 535/* Check host unique token passed and return appropriate softc pointer, 536 * or NULL if token is bogus. */ 537static struct pppoe_softc * 538pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 539 struct ifnet *rcvif, krw_t lock) 540{ 541 struct pppoe_softc *sc; 542 uint64_t t; 543 544 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 545 546 rw_enter(&pppoe_softc_list_lock, RW_READER); 547 if (LIST_EMPTY(&pppoe_softc_list)) { 548 rw_exit(&pppoe_softc_list_lock); 549 return NULL; 550 } 551 552 if (len != sizeof(sc->sc_id)) { 553 rw_exit(&pppoe_softc_list_lock); 554 return NULL; 555 } 556 memcpy(&t, token, len); 557 558 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 559 PPPOE_LOCK(sc, lock); 560 if (sc->sc_id == t && sc->sc_eth_if != NULL) { 561 break; 562 } 563 PPPOE_UNLOCK(sc); 564 } 565 rw_exit(&pppoe_softc_list_lock); 566 567 if (sc == NULL) { 568 pppoe_printf(NULL, "alien host unique tag" 569 ", no session found\n"); 570 return NULL; 571 } 572 573 /* should be safe to access *sc now */ 574 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 575 pppoe_printf(sc, "host unique tag found" 576 ", but it belongs to a connection in state %d\n", 577 sc->sc_state); 578 PPPOE_UNLOCK(sc); 579 return NULL; 580 } 581 if (sc->sc_eth_if != rcvif) { 582 pppoe_printf(sc, "wrong interface, not accepting host unique\n"); 583 PPPOE_UNLOCK(sc); 584 return NULL; 585 } 586 return sc; 587} 588 589static void 590pppoe_softintr_handler(void *dummy) 591{ 592 /* called at splsoftnet() */ 593 pppoeintr(); 594} 595 596/* called at appropriate protection level */ 597static void 598pppoeintr(void) 599{ 600 struct mbuf *m; 601 int i; 602 603 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 604 605 for (i = 0; i < PPPOE_DEQUEUE_MAXLEN; i++) { 606 IFQ_LOCK(&ppoediscinq); 607 IF_DEQUEUE(&ppoediscinq, m); 608 IFQ_UNLOCK(&ppoediscinq); 609 if (m == NULL) 610 break; 611 pppoe_disc_input(m); 612 } 613 614 for (i = 0; i < PPPOE_DEQUEUE_MAXLEN; i++) { 615 IFQ_LOCK(&ppoeinq); 616 IF_DEQUEUE(&ppoeinq, m); 617 IFQ_UNLOCK(&ppoeinq); 618 if (m == NULL) 619 break; 620 pppoe_data_input(m); 621 } 622 623#if PPPOE_DEQUEUE_MAXLEN < IFQ_MAXLEN 624 if (!IF_IS_EMPTY(&ppoediscinq) || !IF_IS_EMPTY(&ppoeinq)) 625 softint_schedule(pppoe_softintr); 626#endif 627 628 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 629} 630 631/* analyze and handle a single received packet while not in session state */ 632static void 633pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 634{ 635 uint16_t tag, len; 636 uint16_t session, plen; 637 struct pppoe_softc *sc; 638 const char *err_msg; 639 char *error; 640 size_t dlen; 641 uint8_t *ac_cookie; 642 size_t ac_cookie_len; 643 uint8_t *relay_sid; 644 size_t relay_sid_len; 645 uint8_t *hunique; 646 size_t hunique_len; 647 struct pppoehdr *ph; 648 struct pppoetag *pt; 649 struct mbuf *n; 650 int noff, err, errortag; 651 struct ether_header *eh; 652 struct ifnet *rcvif; 653 struct psref psref; 654 655 if (m->m_len < sizeof(*eh)) { 656 m = m_pullup(m, sizeof(*eh)); 657 if (m == NULL) 658 goto done; 659 } 660 eh = mtod(m, struct ether_header *); 661 off += sizeof(*eh); 662 663 if (m->m_pkthdr.len - off < PPPOE_HEADERLEN) { 664 goto done; 665 } 666 667 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 668 if (ph == NULL) { 669 goto done; 670 } 671 if (ph->vertype != PPPOE_VERTYPE) { 672 goto done; 673 } 674 675 ac_cookie = NULL; 676 ac_cookie_len = 0; 677 relay_sid = NULL; 678 relay_sid_len = 0; 679 hunique = NULL; 680 hunique_len = 0; 681 682 session = ntohs(ph->session); 683 plen = ntohs(ph->plen); 684 off += sizeof(*ph); 685 686 if (plen + off > m->m_pkthdr.len) { 687 goto done; 688 } 689 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 690 691 tag = 0; 692 len = 0; 693 sc = NULL; 694 err_msg = NULL; 695 errortag = 0; 696 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 697 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 698 if (pt == NULL) { 699 goto done; 700 } 701 702 tag = ntohs(pt->tag); 703 len = ntohs(pt->len); 704 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 705 goto done; 706 } 707 switch (tag) { 708 case PPPOE_TAG_EOL: 709 goto breakbreak; 710 case PPPOE_TAG_SNAME: 711 break; /* ignored */ 712 case PPPOE_TAG_ACNAME: 713 if (len > 0) { 714 dlen = 4 * len + 1; 715 error = malloc(dlen, M_TEMP, M_NOWAIT); 716 if (error == NULL) 717 break; 718 719 n = m_pulldown(m, off + sizeof(*pt), len, 720 &noff); 721 if (!n) { 722 m = NULL; 723 free(error, M_TEMP); 724 goto done; 725 } 726 727 strnvisx(error, dlen, 728 mtod(n, char*) + noff, len, 729 VIS_SAFE | VIS_OCTAL); 730 pppoe_printf(NULL, "connected to %s\n", error); 731 free(error, M_TEMP); 732 } 733 break; /* ignored */ 734 case PPPOE_TAG_HUNIQUE: 735 if (hunique == NULL) { 736 n = m_pulldown(m, off + sizeof(*pt), len, 737 &noff); 738 if (!n) { 739 m = NULL; 740 err_msg = "TAG HUNIQUE ERROR"; 741 break; 742 } 743 744 hunique = mtod(n, uint8_t *) + noff; 745 hunique_len = len; 746 } 747 break; 748 case PPPOE_TAG_ACCOOKIE: 749 if (ac_cookie == NULL) { 750 n = m_pulldown(m, off + sizeof(*pt), len, 751 &noff); 752 if (!n) { 753 err_msg = "TAG ACCOOKIE ERROR"; 754 m = NULL; 755 break; 756 } 757 ac_cookie = mtod(n, char *) + noff; 758 ac_cookie_len = len; 759 } 760 break; 761 case PPPOE_TAG_RELAYSID: 762 if (relay_sid == NULL) { 763 n = m_pulldown(m, off + sizeof(*pt), len, 764 &noff); 765 if (!n) { 766 err_msg = "TAG RELAYSID ERROR"; 767 m = NULL; 768 break; 769 } 770 relay_sid = mtod(n, char *) + noff; 771 relay_sid_len = len; 772 } 773 break; 774 case PPPOE_TAG_SNAME_ERR: 775 err_msg = "SERVICE NAME ERROR"; 776 errortag = 1; 777 break; 778 case PPPOE_TAG_ACSYS_ERR: 779 err_msg = "AC SYSTEM ERROR"; 780 errortag = 1; 781 break; 782 case PPPOE_TAG_GENERIC_ERR: 783 err_msg = "GENERIC ERROR"; 784 errortag = 1; 785 break; 786 } 787 if (err_msg) { 788 error = NULL; 789 if (errortag && len) { 790 dlen = 4 * len + 1; 791 error = malloc(dlen, M_TEMP, 792 M_NOWAIT|M_ZERO); 793 n = m_pulldown(m, off + sizeof(*pt), len, 794 &noff); 795 if (!n) { 796 m = NULL; 797 } else if (error) { 798 strnvisx(error, dlen, 799 mtod(n, char*) + noff, len, 800 VIS_SAFE | VIS_OCTAL); 801 } 802 } 803 if (error) { 804 pppoe_printf(NULL, "%s: %s\n", err_msg, error); 805 free(error, M_TEMP); 806 } else 807 pppoe_printf(NULL, "%s\n", err_msg); 808 if (errortag || m == NULL) 809 goto done; 810 } 811 off += sizeof(*pt) + len; 812 } 813breakbreak:; 814 815 switch (ph->code) { 816 case PPPOE_CODE_PADI: 817#ifdef PPPOE_SERVER 818 /* 819 * got service name, concentrator name, and/or host unique. 820 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 821 */ 822 rw_enter(&pppoe_softc_list_lock, RW_READER); 823 if (LIST_EMPTY(&pppoe_softc_list)) { 824 rw_exit(&pppoe_softc_list_lock); 825 goto done; 826 } 827 828 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 829 PPPOE_LOCK(sc, RW_WRITER); 830 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 831 PPPOE_UNLOCK(sc); 832 continue; 833 } 834 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 835 PPPOE_UNLOCK(sc); 836 continue; 837 } 838 839 if (sc->sc_state == PPPOE_STATE_INITIAL) 840 break; 841 842 PPPOE_UNLOCK(sc); 843 } 844 rw_exit(&pppoe_softc_list_lock); 845 846 if (sc == NULL) { 847 goto done; 848 } 849 850 if (hunique) { 851 if (sc->sc_hunique) 852 free(sc->sc_hunique, M_DEVBUF); 853 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 854 M_DONTWAIT); 855 if (sc->sc_hunique == NULL) { 856 PPPOE_UNLOCK(sc); 857 goto done; 858 } 859 sc->sc_hunique_len = hunique_len; 860 memcpy(sc->sc_hunique, hunique, hunique_len); 861 } 862 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 863 sc->sc_state = PPPOE_STATE_PADO_SENT; 864 pppoe_send_pado(sc); 865 PPPOE_UNLOCK(sc); 866 break; 867#endif /* PPPOE_SERVER */ 868 869 case PPPOE_CODE_PADR: 870#ifdef PPPOE_SERVER 871 /* 872 * get sc from ac_cookie if IFF_PASSIVE 873 */ 874 if (ac_cookie == NULL) { 875 goto done; 876 } 877 878 rcvif = m_get_rcvif_psref(m, &psref); 879 if (__predict_true(rcvif != NULL)) { 880 sc = pppoe_find_softc_by_hunique(ac_cookie, 881 ac_cookie_len, rcvif, RW_WRITER); 882 } 883 m_put_rcvif_psref(rcvif, &psref); 884 if (sc == NULL) { 885 /* be quiet if there is not a single pppoe instance */ 886 rw_enter(&pppoe_softc_list_lock, RW_READER); 887 if (!LIST_EMPTY(&pppoe_softc_list)) { 888 pppoe_printf(NULL, "received PADR" 889 " but could not find request for it\n"); 890 } 891 rw_exit(&pppoe_softc_list_lock); 892 goto done; 893 } 894 895 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 896 pppoe_printf(sc, "received unexpected PADR\n"); 897 PPPOE_UNLOCK(sc); 898 goto done; 899 } 900 901 if (hunique) { 902 if (sc->sc_hunique) 903 free(sc->sc_hunique, M_DEVBUF); 904 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 905 M_DONTWAIT); 906 if (sc->sc_hunique == NULL) { 907 PPPOE_UNLOCK(sc); 908 goto done; 909 } 910 sc->sc_hunique_len = hunique_len; 911 memcpy(sc->sc_hunique, hunique, hunique_len); 912 } 913 pppoe_send_pads(sc); 914 sc->sc_state = PPPOE_STATE_SESSION; 915 PPPOE_UNLOCK(sc); 916 917 sc->sc_sppp.pp_up(&sc->sc_sppp); 918 break; 919#else 920 /* ignore, we are no access concentrator */ 921 goto done; 922#endif /* PPPOE_SERVER */ 923 924 case PPPOE_CODE_PADO: 925 rcvif = m_get_rcvif_psref(m, &psref); 926 if (__predict_false(rcvif == NULL)) 927 goto done; 928 929 if (hunique != NULL) { 930 sc = pppoe_find_softc_by_hunique(hunique, 931 hunique_len, rcvif, RW_WRITER); 932 } 933 934 m_put_rcvif_psref(rcvif, &psref); 935 936 if (sc == NULL) { 937 /* be quiet if there is not a single pppoe instance */ 938 rw_enter(&pppoe_softc_list_lock, RW_READER); 939 if (!LIST_EMPTY(&pppoe_softc_list)) { 940 pppoe_printf(NULL, "received PADO" 941 " but could not find request for it\n"); 942 } 943 rw_exit(&pppoe_softc_list_lock); 944 goto done; 945 } 946 947 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 948 pppoe_printf(sc, "received unexpected PADO\n"); 949 PPPOE_UNLOCK(sc); 950 goto done; 951 } 952 953 if (ac_cookie) { 954 if (sc->sc_ac_cookie) 955 free(sc->sc_ac_cookie, M_DEVBUF); 956 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 957 M_DONTWAIT); 958 if (sc->sc_ac_cookie == NULL) { 959 pppoe_printf(sc, "FATAL: could not allocate memory " 960 "for AC cookie\n"); 961 PPPOE_UNLOCK(sc); 962 goto done; 963 } 964 sc->sc_ac_cookie_len = ac_cookie_len; 965 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 966 } 967 if (relay_sid) { 968 if (sc->sc_relay_sid) 969 free(sc->sc_relay_sid, M_DEVBUF); 970 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 971 M_DONTWAIT); 972 if (sc->sc_relay_sid == NULL) { 973 pppoe_printf(sc, "FATAL: could not allocate memory " 974 "for relay SID\n"); 975 PPPOE_UNLOCK(sc); 976 goto done; 977 } 978 sc->sc_relay_sid_len = relay_sid_len; 979 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 980 } 981 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 982 callout_stop(&sc->sc_timeout); 983 sc->sc_padr_retried = 0; 984 sc->sc_state = PPPOE_STATE_PADR_SENT; 985 if ((err = pppoe_send_padr(sc)) != 0) { 986 pppoe_printf(sc, 987 "failed to send PADR, error=%d\n", err); 988 } 989 callout_schedule(&sc->sc_timeout, 990 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 991 992 PPPOE_UNLOCK(sc); 993 break; 994 995 case PPPOE_CODE_PADS: 996 rcvif = m_get_rcvif_psref(m, &psref); 997 if (__predict_false(rcvif == NULL)) 998 goto done; 999 1000 if (hunique != NULL) { 1001 sc = pppoe_find_softc_by_hunique(hunique, 1002 hunique_len, rcvif, RW_WRITER); 1003 } 1004 1005 m_put_rcvif_psref(rcvif, &psref); 1006 1007 if (sc == NULL) 1008 goto done; 1009 1010 if (memcmp(&sc->sc_dest, eh->ether_shost, 1011 sizeof sc->sc_dest) != 0) { 1012 PPPOE_UNLOCK(sc); 1013 goto done; 1014 } 1015 1016 sc->sc_session = session; 1017 callout_stop(&sc->sc_timeout); 1018 pppoe_printf(sc, "session 0x%x connected\n", session); 1019 sc->sc_state = PPPOE_STATE_SESSION; 1020 PPPOE_UNLOCK(sc); 1021 1022 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 1023 break; 1024 1025 case PPPOE_CODE_PADT: 1026 rcvif = m_get_rcvif_psref(m, &psref); 1027 if (__predict_false(rcvif == NULL)) 1028 goto done; 1029 1030 sc = pppoe_find_softc_by_session(session, rcvif, 1031 RW_WRITER); 1032 1033 m_put_rcvif_psref(rcvif, &psref); 1034 1035 if (sc == NULL) 1036 goto done; 1037 1038 if (memcmp(&sc->sc_dest, eh->ether_shost, 1039 sizeof sc->sc_dest) != 0) { 1040 PPPOE_UNLOCK(sc); 1041 goto done; 1042 } 1043 1044 pppoe_clear_softc(sc, "received PADT"); 1045 if (sc->sc_sppp.pp_if.if_flags & IFF_RUNNING) { 1046 pppoe_printf(sc, "wait for reconnect\n"); 1047 callout_schedule(&sc->sc_timeout, 1048 PPPOE_RECON_PADTRCVD); 1049 } 1050 PPPOE_UNLOCK(sc); 1051 break; 1052 1053 default: 1054 rcvif = m_get_rcvif_psref(m, &psref); 1055 if (__predict_false(rcvif == NULL)) 1056 goto done; 1057 1058 if (hunique != NULL) { 1059 sc = pppoe_find_softc_by_hunique(hunique, 1060 hunique_len, rcvif, RW_READER); 1061 } 1062 1063 m_put_rcvif_psref(rcvif, &psref); 1064 1065 pppoe_printf(sc, "unknown code (0x%04x) session = 0x%04x\n", 1066 ph->code, session); 1067 if (sc == NULL) 1068 goto done; 1069 PPPOE_UNLOCK(sc); 1070 break; 1071 } 1072 1073done: 1074 if (m) 1075 m_freem(m); 1076 return; 1077} 1078 1079static void 1080pppoe_disc_input(struct mbuf *m) 1081{ 1082 KASSERT(m->m_flags & M_PKTHDR); 1083 1084 /* 1085 * Avoid error messages if there is not a single PPPoE instance. 1086 */ 1087 rw_enter(&pppoe_softc_list_lock, RW_READER); 1088 if (!LIST_EMPTY(&pppoe_softc_list)) { 1089 rw_exit(&pppoe_softc_list_lock); 1090 pppoe_dispatch_disc_pkt(m, 0); 1091 } else { 1092 rw_exit(&pppoe_softc_list_lock); 1093 m_freem(m); 1094 } 1095} 1096 1097static bool 1098pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1099{ 1100 1101 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1102 return true; 1103 1104 return false; 1105} 1106 1107static void 1108pppoe_data_input(struct mbuf *m) 1109{ 1110 uint16_t session, plen; 1111 struct pppoe_softc *sc; 1112 struct pppoehdr *ph; 1113 struct ifnet *rcvif; 1114 struct psref psref; 1115 uint8_t shost[ETHER_ADDR_LEN]; 1116 uint8_t dhost[ETHER_ADDR_LEN]; 1117 bool term_unknown = pppoe_term_unknown; 1118 1119 KASSERT(m->m_flags & M_PKTHDR); 1120 1121 /* 1122 * Avoid error messages if there is not a single PPPoE instance. 1123 */ 1124 rw_enter(&pppoe_softc_list_lock, RW_READER); 1125 if (LIST_EMPTY(&pppoe_softc_list)) { 1126 rw_exit(&pppoe_softc_list_lock); 1127 goto drop; 1128 } 1129 rw_exit(&pppoe_softc_list_lock); 1130 1131 if (term_unknown) { 1132 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1133 ETHER_ADDR_LEN); 1134 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1135 ETHER_ADDR_LEN); 1136 } 1137 m_adj(m, sizeof(struct ether_header)); 1138 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1139 goto drop; 1140 } 1141 1142 if (m->m_len < sizeof(*ph)) { 1143 m = m_pullup(m, sizeof(*ph)); 1144 if (m == NULL) { 1145 return; 1146 } 1147 } 1148 ph = mtod(m, struct pppoehdr *); 1149 1150 if (ph->vertype != PPPOE_VERTYPE) { 1151 goto drop; 1152 } 1153 if (ph->code != 0) { 1154 goto drop; 1155 } 1156 1157 session = ntohs(ph->session); 1158 rcvif = m_get_rcvif_psref(m, &psref); 1159 if (__predict_false(rcvif == NULL)) 1160 goto drop; 1161 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1162 if (sc == NULL) { 1163 if (term_unknown) { 1164 static struct timeval lasttime = {0, 0}; 1165 static int curpps = 0; 1166 /* 1167 * avoid to send wrong PADT which is response from 1168 * session stage packets for other hosts when parent 1169 * ethernet is promiscuous mode. 1170 */ 1171 if (pppoe_is_my_frame(dhost, rcvif) && 1172 ppsratecheck(&lasttime, &curpps, 1173 pppoe_term_unknown_pps)) { 1174 pppoe_printf(NULL, "input for unknown session %#x, " 1175 "sending PADT\n", session); 1176 pppoe_send_padt(rcvif, session, shost); 1177 } 1178 } 1179 m_put_rcvif_psref(rcvif, &psref); 1180 goto drop; 1181 } 1182 1183 m_put_rcvif_psref(rcvif, &psref); 1184 1185 plen = ntohs(ph->plen); 1186 1187 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1188 1189 m_adj(m, PPPOE_HEADERLEN); 1190 1191#ifdef PPPOE_DEBUG 1192 { 1193 struct mbuf *p; 1194 1195 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1196 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1197 p = m; 1198 while (p) { 1199 printf(" l=%d", p->m_len); 1200 p = p->m_next; 1201 } 1202 printf("\n"); 1203 } 1204#endif 1205 PPPOE_UNLOCK(sc); 1206 1207 if (m->m_pkthdr.len < plen) 1208 goto drop; 1209 1210 /* ignore trailing garbage */ 1211 m_adj(m, plen - m->m_pkthdr.len); 1212 /* 1213 * Fix incoming interface pointer (not the raw ethernet interface 1214 * anymore) 1215 */ 1216 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1217 1218 /* pass packet up and account for it */ 1219 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1220 sppp_input(&sc->sc_sppp.pp_if, m); 1221 return; 1222 1223drop: 1224 m_freem(m); 1225} 1226 1227static int 1228pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1229{ 1230 struct sockaddr dst; 1231 struct ether_header *eh; 1232 uint16_t etype; 1233 1234 if (sc->sc_eth_if == NULL) { 1235 m_freem(m); 1236 return EIO; 1237 } 1238 1239 memset(&dst, 0, sizeof dst); 1240 dst.sa_family = AF_UNSPEC; 1241 eh = (struct ether_header*)&dst.sa_data; 1242 etype = sc->sc_state == PPPOE_STATE_SESSION 1243 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1244 eh->ether_type = htons(etype); 1245 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1246 1247 DPRINTF(sc, "(%x) state=%d, session=0x%x output -> %s, len=%d\n", 1248 etype, sc->sc_state, sc->sc_session, 1249 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1250 1251 m->m_flags &= ~(M_BCAST|M_MCAST); 1252 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1253 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1254} 1255 1256static int 1257pppoe_parm_cpyinstr(struct pppoe_softc *sc, 1258 char **dst, const void *src, size_t len) 1259{ 1260 int error = 0; 1261 char *next = NULL; 1262 size_t bufsiz, cpysiz, strsiz; 1263 1264 bufsiz = len + 1; 1265 1266 if (src == NULL) 1267 goto out; 1268 1269 bufsiz = len + 1; 1270 next = malloc(bufsiz, M_DEVBUF, M_WAITOK); 1271 if (next == NULL) 1272 return ENOMEM; 1273 1274 error = copyinstr(src, next, bufsiz, &cpysiz); 1275 if (error != 0) 1276 goto fail; 1277 if (cpysiz != bufsiz) { 1278 error = EINVAL; 1279 goto fail; 1280 } 1281 1282 strsiz = strnlen(next, bufsiz); 1283 if (strsiz == bufsiz) { 1284 error = EINVAL; 1285 goto fail; 1286 } 1287 1288out: 1289 PPPOE_LOCK(sc, RW_WRITER); 1290 if (*dst != NULL) 1291 free(*dst, M_DEVBUF); 1292 *dst = next; 1293 next = NULL; 1294 PPPOE_UNLOCK(sc); 1295fail: 1296 if (next != NULL) 1297 free(next, M_DEVBUF); 1298 1299 return error; 1300} 1301 1302static int 1303pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1304{ 1305 struct lwp *l = curlwp; /* XXX */ 1306 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1307 struct ifreq *ifr = data; 1308 int error = 0; 1309 1310 switch (cmd) { 1311 case PPPOESETPARMS: 1312 { 1313 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1314 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1315 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1316 NULL) != 0) 1317 return EPERM; 1318 if (parms->eth_ifname[0] != 0) { 1319 struct ifnet *eth_if; 1320 1321 PPPOE_LOCK(sc, RW_WRITER); 1322 if (sc->sc_detaching) { 1323 PPPOE_UNLOCK(sc); 1324 return ENXIO; 1325 } 1326 eth_if = ifunit(parms->eth_ifname); 1327 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1328 sc->sc_eth_if = NULL; 1329 PPPOE_UNLOCK(sc); 1330 return ENXIO; 1331 } 1332 1333 if (sc->sc_sppp.pp_if.if_mtu != 1334 eth_if->if_mtu - PPPOE_OVERHEAD) { 1335 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1336 PPPOE_OVERHEAD; 1337 } 1338 sc->sc_eth_if = eth_if; 1339 PPPOE_UNLOCK(sc); 1340 } 1341 1342 error = pppoe_parm_cpyinstr(sc, &sc->sc_concentrator_name, 1343 parms->ac_name, parms->ac_name_len); 1344 if (error != 0) 1345 return error; 1346 1347 error = pppoe_parm_cpyinstr(sc, &sc->sc_service_name, 1348 parms->service_name, parms->service_name_len); 1349 if (error != 0) 1350 return error; 1351 return 0; 1352 } 1353 break; 1354 case PPPOEGETPARMS: 1355 { 1356 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1357 memset(parms, 0, sizeof *parms); 1358 PPPOE_LOCK(sc, RW_READER); 1359 if (sc->sc_eth_if) 1360 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1361 sizeof(parms->ifname)); 1362 PPPOE_UNLOCK(sc); 1363 return 0; 1364 } 1365 break; 1366 case PPPOEGETSESSION: 1367 { 1368 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1369 PPPOE_LOCK(sc, RW_READER); 1370 state->state = sc->sc_state; 1371 state->session_id = sc->sc_session; 1372 state->padi_retry_no = sc->sc_padi_retried; 1373 state->padr_retry_no = sc->sc_padr_retried; 1374 PPPOE_UNLOCK(sc); 1375 return 0; 1376 } 1377 break; 1378 case SIOCSIFFLAGS: 1379 /* 1380 * Prevent running re-establishment timers overriding 1381 * administrators choice. 1382 */ 1383 PPPOE_LOCK(sc, RW_WRITER); 1384 if (sc->sc_detaching) { 1385 PPPOE_UNLOCK(sc); 1386 return ENXIO; 1387 } 1388 1389 if ((ifr->ifr_flags & IFF_UP) == 0 1390 && sc->sc_state < PPPOE_STATE_SESSION) { 1391 callout_stop(&sc->sc_timeout); 1392 sc->sc_state = PPPOE_STATE_INITIAL; 1393 sc->sc_padi_retried = 0; 1394 sc->sc_padr_retried = 0; 1395 memcpy(&sc->sc_dest, etherbroadcastaddr, 1396 sizeof(sc->sc_dest)); 1397 } 1398 1399 PPPOE_UNLOCK(sc); 1400 1401 error = sppp_ioctl(ifp, cmd, data); 1402 1403 return error; 1404 case SIOCSIFMTU: 1405 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1406 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1407 return EINVAL; 1408 } 1409 /*FALLTHROUGH*/ 1410 default: 1411 return sppp_ioctl(ifp, cmd, data); 1412 } 1413 return 0; 1414} 1415 1416/* 1417 * Allocate a mbuf/cluster with space to store the given data length 1418 * of payload, leaving space for prepending an ethernet header 1419 * in front. 1420 */ 1421static struct mbuf * 1422pppoe_get_mbuf(size_t len) 1423{ 1424 struct mbuf *m; 1425 1426 MGETHDR(m, M_DONTWAIT, MT_DATA); 1427 if (m == NULL) 1428 return NULL; 1429 if (len + sizeof(struct ether_header) > MHLEN) { 1430 MCLGET(m, M_DONTWAIT); 1431 if ((m->m_flags & M_EXT) == 0) { 1432 m_free(m); 1433 return NULL; 1434 } 1435 } 1436 m->m_data += sizeof(struct ether_header); 1437 m->m_len = len; 1438 m->m_pkthdr.len = len; 1439 m_reset_rcvif(m); 1440 1441 return m; 1442} 1443 1444static int 1445pppoe_send_padi(struct pppoe_softc *sc) 1446{ 1447 struct mbuf *m0; 1448 int len, l1 = 0, l2 = 0; 1449 uint8_t *p; 1450 1451 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1452 panic("pppoe_send_padi in state %d", sc->sc_state); 1453 1454 /* Compute packet length. */ 1455 len = sizeof(struct pppoetag); 1456 if (sc->sc_service_name != NULL) { 1457 l1 = strlen(sc->sc_service_name); 1458 len += l1; 1459 } 1460 if (sc->sc_concentrator_name != NULL) { 1461 l2 = strlen(sc->sc_concentrator_name); 1462 len += sizeof(struct pppoetag) + l2; 1463 } 1464 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1465 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1466 len += sizeof(struct pppoetag) + 2; 1467 } 1468 1469 /* Allocate packet. */ 1470 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1471 if (m0 == NULL) 1472 return ENOBUFS; 1473 1474 /* Fill in packet. */ 1475 p = mtod(m0, uint8_t *); 1476 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1477 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1478 if (sc->sc_service_name != NULL) { 1479 PPPOE_ADD_16(p, l1); 1480 memcpy(p, sc->sc_service_name, l1); 1481 p += l1; 1482 } else { 1483 PPPOE_ADD_16(p, 0); 1484 } 1485 if (sc->sc_concentrator_name != NULL) { 1486 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1487 PPPOE_ADD_16(p, l2); 1488 memcpy(p, sc->sc_concentrator_name, l2); 1489 p += l2; 1490 } 1491 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1492 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1493 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1494 p += sizeof(sc->sc_id); 1495 1496 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1497 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1498 PPPOE_ADD_16(p, 2); 1499 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1500 } 1501 1502#ifdef PPPOE_DEBUG 1503 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1504 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1505 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1506#endif 1507 1508 /* Send packet. */ 1509 return pppoe_output(sc, m0); 1510} 1511 1512static void 1513pppoe_timeout_co(void *arg) 1514{ 1515 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1516 1517 if (atomic_swap_uint(&sc->sc_timeout_scheduled, 1) != 0) 1518 return; 1519 1520 workqueue_enqueue(sc->sc_timeout_wq, &sc->sc_timeout_wk, NULL); 1521} 1522 1523static void 1524pppoe_timeout_co_halt(void *unused __unused) 1525{ 1526 1527 /* do nothing to halt callout safely */ 1528} 1529 1530static void 1531pppoe_timeout_wk(struct work *wk __unused, void *arg) 1532{ 1533 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1534 1535 atomic_swap_uint(&sc->sc_timeout_scheduled, 0); 1536 pppoe_timeout(sc); 1537} 1538 1539static void 1540pppoe_timeout(struct pppoe_softc *sc) 1541{ 1542 int retry_wait, err; 1543 DECLARE_SPLNET_VARIABLE; 1544 1545 pppoe_printf(sc, "timeout\n"); 1546 1547 PPPOE_LOCK(sc, RW_WRITER); 1548 switch (sc->sc_state) { 1549 case PPPOE_STATE_INITIAL: 1550 /* delayed connect from pppoe_tls() */ 1551 if (!sc->sc_detaching) 1552 pppoe_connect(sc); 1553 break; 1554 case PPPOE_STATE_PADI_SENT: 1555 /* 1556 * We have two basic ways of retrying: 1557 * - Quick retry mode: try a few times in short sequence 1558 * - Slow retry mode: we already had a connection successfully 1559 * established and will try infinitely (without user 1560 * intervention) 1561 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1562 * is not set. 1563 */ 1564 1565 /* initialize for quick retry mode */ 1566 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1567 1568 ACQUIRE_SPLNET(); 1569 sc->sc_padi_retried++; 1570 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1571 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1572 /* slow retry mode */ 1573 retry_wait = PPPOE_SLOW_RETRY; 1574 } else { 1575 pppoe_abort_connect(sc); 1576 RELEASE_SPLNET(); 1577 PPPOE_UNLOCK(sc); 1578 return; 1579 } 1580 } 1581 if ((err = pppoe_send_padi(sc)) != 0) { 1582 sc->sc_padi_retried--; 1583 pppoe_printf(sc, 1584 "failed to transmit PADI, error=%d\n", err); 1585 } 1586 callout_schedule(&sc->sc_timeout,retry_wait); 1587 RELEASE_SPLNET(); 1588 break; 1589 1590 case PPPOE_STATE_PADR_SENT: 1591 ACQUIRE_SPLNET(); 1592 sc->sc_padr_retried++; 1593 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1594 memcpy(&sc->sc_dest, etherbroadcastaddr, 1595 sizeof(sc->sc_dest)); 1596 sc->sc_state = PPPOE_STATE_PADI_SENT; 1597 sc->sc_padi_retried = 0; 1598 sc->sc_padr_retried = 0; 1599 if ((err = pppoe_send_padi(sc)) != 0) { 1600 pppoe_printf(sc, 1601 "failed to send PADI, error=%d\n", err); 1602 } 1603 callout_schedule(&sc->sc_timeout, 1604 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1605 RELEASE_SPLNET(); 1606 PPPOE_UNLOCK(sc); 1607 return; 1608 } 1609 if ((err = pppoe_send_padr(sc)) != 0) { 1610 sc->sc_padr_retried--; 1611 pppoe_printf(sc,"failed to send PADR, error=%d", err); 1612 } 1613 callout_schedule(&sc->sc_timeout, 1614 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1615 RELEASE_SPLNET(); 1616 break; 1617 case PPPOE_STATE_CLOSING: 1618 pppoe_disconnect(sc); 1619 break; 1620 default: 1621 PPPOE_UNLOCK(sc); 1622 return; /* all done, work in peace */ 1623 } 1624 PPPOE_UNLOCK(sc); 1625} 1626 1627/* Start a connection (i.e. initiate discovery phase) */ 1628static int 1629pppoe_connect(struct pppoe_softc *sc) 1630{ 1631 int err; 1632 DECLARE_SPLNET_VARIABLE; 1633 1634 KASSERT(PPPOE_WLOCKED(sc)); 1635 1636 if (sc->sc_state != PPPOE_STATE_INITIAL) 1637 return EBUSY; 1638 1639#ifdef PPPOE_SERVER 1640 /* wait PADI if IFF_PASSIVE */ 1641 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1642 return 0; 1643#endif 1644 ACQUIRE_SPLNET(); 1645 /* save state, in case we fail to send PADI */ 1646 sc->sc_state = PPPOE_STATE_PADI_SENT; 1647 sc->sc_padi_retried = 0; 1648 sc->sc_padr_retried = 0; 1649 err = pppoe_send_padi(sc); 1650 if (err != 0) 1651 pppoe_printf(sc, "failed to send PADI, error=%d\n", err); 1652 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1653 RELEASE_SPLNET(); 1654 return err; 1655} 1656 1657/* disconnect */ 1658static int 1659pppoe_disconnect(struct pppoe_softc *sc) 1660{ 1661 int err; 1662 DECLARE_SPLNET_VARIABLE; 1663 1664 KASSERT(PPPOE_WLOCKED(sc)); 1665 1666 ACQUIRE_SPLNET(); 1667 1668 if (sc->sc_state < PPPOE_STATE_SESSION) 1669 err = EBUSY; 1670 else { 1671 pppoe_printf(sc, "disconnecting\n"); 1672 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1673 (const uint8_t *)&sc->sc_dest); 1674 } 1675 1676 /* cleanup softc */ 1677 sc->sc_state = PPPOE_STATE_INITIAL; 1678 1679 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1680 if (sc->sc_ac_cookie) { 1681 free(sc->sc_ac_cookie, M_DEVBUF); 1682 sc->sc_ac_cookie = NULL; 1683 } 1684 sc->sc_ac_cookie_len = 0; 1685 if (sc->sc_relay_sid) { 1686 free(sc->sc_relay_sid, M_DEVBUF); 1687 sc->sc_relay_sid = NULL; 1688 } 1689 sc->sc_relay_sid_len = 0; 1690#ifdef PPPOE_SERVER 1691 if (sc->sc_hunique) { 1692 free(sc->sc_hunique, M_DEVBUF); 1693 sc->sc_hunique = NULL; 1694 } 1695 sc->sc_hunique_len = 0; 1696#endif 1697 sc->sc_session = 0; 1698 1699 PPPOE_UNLOCK(sc); 1700 1701 /* notify upper layer */ 1702 sc->sc_sppp.pp_down(&sc->sc_sppp); 1703 1704 PPPOE_LOCK(sc, RW_WRITER); 1705 1706 RELEASE_SPLNET(); 1707 return err; 1708} 1709 1710/* Connection attempt aborted */ 1711static void 1712pppoe_abort_connect(struct pppoe_softc *sc) 1713{ 1714 KASSERT(PPPOE_WLOCKED(sc)); 1715 1716 pppoe_printf(sc, "could not establish connection\n"); 1717 sc->sc_state = PPPOE_STATE_CLOSING; 1718 1719 PPPOE_UNLOCK(sc); 1720 1721 /* notify upper layer */ 1722 sc->sc_sppp.pp_down(&sc->sc_sppp); 1723 1724 PPPOE_LOCK(sc, RW_WRITER); 1725 1726 /* clear connection state */ 1727 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1728 sc->sc_state = PPPOE_STATE_INITIAL; 1729} 1730 1731static int 1732pppoe_send_padr(struct pppoe_softc *sc) 1733{ 1734 struct mbuf *m0; 1735 uint8_t *p; 1736 size_t len, l1 = 0; 1737 1738 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1739 return EIO; 1740 1741 /* Compute packet length. */ 1742 len = sizeof(struct pppoetag); 1743 if (sc->sc_service_name != NULL) { 1744 l1 = strlen(sc->sc_service_name); 1745 len += l1; 1746 } 1747 if (sc->sc_ac_cookie_len > 0) { 1748 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1749 } 1750 if (sc->sc_relay_sid_len > 0) { 1751 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1752 } 1753 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1754 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1755 len += sizeof(struct pppoetag) + 2; 1756 } 1757 1758 /* Allocate packet. */ 1759 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1760 if (m0 == NULL) 1761 return ENOBUFS; 1762 1763 /* Fill in packet. */ 1764 p = mtod(m0, uint8_t *); 1765 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1766 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1767 if (sc->sc_service_name != NULL) { 1768 PPPOE_ADD_16(p, l1); 1769 memcpy(p, sc->sc_service_name, l1); 1770 p += l1; 1771 } else { 1772 PPPOE_ADD_16(p, 0); 1773 } 1774 if (sc->sc_ac_cookie_len > 0) { 1775 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1776 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1777 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1778 p += sc->sc_ac_cookie_len; 1779 } 1780 if (sc->sc_relay_sid_len > 0) { 1781 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1782 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1783 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1784 p += sc->sc_relay_sid_len; 1785 } 1786 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1787 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1788 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1789 p += sizeof(sc->sc_id); 1790 1791 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1792 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1793 PPPOE_ADD_16(p, 2); 1794 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1795 } 1796 1797#ifdef PPPOE_DEBUG 1798 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1799 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1800 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1801#endif 1802 1803 /* Send packet. */ 1804 return pppoe_output(sc, m0); 1805} 1806 1807/* send a PADT packet */ 1808static int 1809pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1810{ 1811 struct ether_header *eh; 1812 struct sockaddr dst; 1813 struct mbuf *m0; 1814 uint8_t *p; 1815 1816 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1817 if (!m0) 1818 return EIO; 1819 p = mtod(m0, uint8_t *); 1820 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1821 1822 memset(&dst, 0, sizeof dst); 1823 dst.sa_family = AF_UNSPEC; 1824 eh = (struct ether_header*)&dst.sa_data; 1825 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1826 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1827 1828 m0->m_flags &= ~(M_BCAST|M_MCAST); 1829 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1830} 1831 1832#ifdef PPPOE_SERVER 1833static int 1834pppoe_send_pado(struct pppoe_softc *sc) 1835{ 1836 struct mbuf *m0; 1837 uint8_t *p; 1838 size_t len; 1839 1840 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1841 return EIO; 1842 1843 /* Include AC cookie. */ 1844 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1845 /* Include hunique. */ 1846 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1847 1848 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1849 if (!m0) 1850 return EIO; 1851 p = mtod(m0, uint8_t *); 1852 1853 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1854 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1855 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1856 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1857 p += sizeof(sc->sc_id); 1858 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1859 PPPOE_ADD_16(p, sc->sc_hunique_len); 1860 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1861 return pppoe_output(sc, m0); 1862} 1863 1864static int 1865pppoe_send_pads(struct pppoe_softc *sc) 1866{ 1867 struct bintime bt; 1868 struct mbuf *m0; 1869 uint8_t *p; 1870 size_t len, l1 = 0; /* XXX: gcc */ 1871 1872 KASSERT(PPPOE_WLOCKED(sc)); 1873 1874 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1875 return EIO; 1876 1877 getbinuptime(&bt); 1878 sc->sc_session = bt.sec % 0xff + 1; 1879 1880 /* Include service name. */ 1881 len = sizeof(struct pppoetag); 1882 if (sc->sc_service_name != NULL) { 1883 l1 = strlen(sc->sc_service_name); 1884 len += l1; 1885 } 1886 /* Include hunique. */ 1887 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1888 1889 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1890 if (!m0) 1891 return ENOBUFS; 1892 p = mtod(m0, uint8_t *); 1893 1894 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1895 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1896 if (sc->sc_service_name != NULL) { 1897 PPPOE_ADD_16(p, l1); 1898 memcpy(p, sc->sc_service_name, l1); 1899 p += l1; 1900 } else { 1901 PPPOE_ADD_16(p, 0); 1902 } 1903 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1904 PPPOE_ADD_16(p, sc->sc_hunique_len); 1905 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1906 return pppoe_output(sc, m0); 1907} 1908#endif 1909 1910static void 1911pppoe_tls(struct sppp *sp) 1912{ 1913 struct pppoe_softc *sc = (void *)sp; 1914 int wtime; 1915 1916 PPPOE_LOCK(sc, RW_READER); 1917 1918 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1919 PPPOE_UNLOCK(sc); 1920 return; 1921 } 1922 1923 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1924 sc->sc_sppp.pp_auth_failures > 0) { 1925 /* 1926 * Delay trying to reconnect a bit more - the peer 1927 * might have failed to contact its radius server. 1928 */ 1929 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1930 if (wtime > PPPOE_SLOW_RETRY) 1931 wtime = PPPOE_SLOW_RETRY; 1932 } else { 1933 wtime = PPPOE_RECON_IMMEDIATE; 1934 } 1935 callout_schedule(&sc->sc_timeout, wtime); 1936 1937 PPPOE_UNLOCK(sc); 1938} 1939 1940static void 1941pppoe_tlf(struct sppp *sp) 1942{ 1943 struct pppoe_softc *sc = (void *)sp; 1944 1945 PPPOE_LOCK(sc, RW_WRITER); 1946 1947 if (sc->sc_state < PPPOE_STATE_SESSION) { 1948 callout_stop(&sc->sc_timeout); 1949 sc->sc_state = PPPOE_STATE_INITIAL; 1950 sc->sc_padi_retried = 0; 1951 sc->sc_padr_retried = 0; 1952 memcpy(&sc->sc_dest, etherbroadcastaddr, 1953 sizeof(sc->sc_dest)); 1954 PPPOE_UNLOCK(sc); 1955 return; 1956 } 1957 1958 /* 1959 * Do not call pppoe_disconnect here, the upper layer state 1960 * machine gets confused by this. We must return from this 1961 * function and defer disconnecting to the timeout handler. 1962 */ 1963 sc->sc_state = PPPOE_STATE_CLOSING; 1964 1965 callout_schedule(&sc->sc_timeout, hz/50); 1966 1967 PPPOE_UNLOCK(sc); 1968} 1969 1970static void 1971pppoe_start(struct ifnet *ifp) 1972{ 1973 struct pppoe_softc *sc = (void *)ifp; 1974 struct mbuf *m; 1975 uint8_t *p; 1976 size_t len; 1977 1978 if (sppp_isempty(ifp)) 1979 return; 1980 1981 /* are we ready to process data yet? */ 1982 PPPOE_LOCK(sc, RW_READER); 1983 if (sc->sc_state < PPPOE_STATE_SESSION) { 1984 sppp_flush(&sc->sc_sppp.pp_if); 1985 PPPOE_UNLOCK(sc); 1986 return; 1987 } 1988 1989 while ((m = sppp_dequeue(ifp)) != NULL) { 1990 len = m->m_pkthdr.len; 1991 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1992 if (m == NULL) { 1993 if_statinc(ifp, if_oerrors); 1994 continue; 1995 } 1996 p = mtod(m, uint8_t *); 1997 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1998 1999 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 2000 2001 pppoe_output(sc, m); 2002 } 2003 PPPOE_UNLOCK(sc); 2004} 2005 2006#ifdef PPPOE_MPSAFE 2007static int 2008pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 2009{ 2010 struct pppoe_softc *sc = (void *)ifp; 2011 uint8_t *p; 2012 size_t len; 2013 2014 if (m == NULL) 2015 return EINVAL; 2016 2017 /* are we ready to process data yet? */ 2018 PPPOE_LOCK(sc, RW_READER); 2019 if (sc->sc_state < PPPOE_STATE_SESSION) { 2020 PPPOE_UNLOCK(sc); 2021 m_freem(m); 2022 return ENOBUFS; 2023 } 2024 2025 len = m->m_pkthdr.len; 2026 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 2027 if (m == NULL) { 2028 PPPOE_UNLOCK(sc); 2029 if_statinc(ifp, if_oerrors); 2030 return ENETDOWN; 2031 } 2032 p = mtod(m, uint8_t *); 2033 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 2034 2035 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 2036 2037 pppoe_output(sc, m); 2038 PPPOE_UNLOCK(sc); 2039 return 0; 2040} 2041#endif /* PPPOE_MPSAFE */ 2042 2043static void 2044pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 2045{ 2046 struct ifnet *ifp = arg2; 2047 struct pppoe_softc *sc; 2048 DECLARE_SPLNET_VARIABLE; 2049 2050 if (cmd != PFIL_IFNET_DETACH) 2051 return; 2052 2053 ACQUIRE_SPLNET(); 2054 rw_enter(&pppoe_softc_list_lock, RW_READER); 2055 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 2056 PPPOE_LOCK(sc, RW_WRITER); 2057 if (sc->sc_eth_if != ifp) { 2058 PPPOE_UNLOCK(sc); 2059 continue; 2060 } 2061 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 2062 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 2063 pppoe_printf(sc, 2064 "ethernet interface detached, going down\n"); 2065 } 2066 sc->sc_eth_if = NULL; 2067 pppoe_clear_softc(sc, "ethernet interface detached"); 2068 PPPOE_UNLOCK(sc); 2069 } 2070 rw_exit(&pppoe_softc_list_lock); 2071 RELEASE_SPLNET(); 2072} 2073 2074static void 2075pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 2076{ 2077 KASSERT(PPPOE_WLOCKED(sc)); 2078 2079 /* stop timer */ 2080 callout_stop(&sc->sc_timeout); 2081 pppoe_printf(sc, "session 0x%x terminated, %s\n", 2082 sc->sc_session, message); 2083 2084 /* fix our state */ 2085 sc->sc_state = PPPOE_STATE_INITIAL; 2086 2087 PPPOE_UNLOCK(sc); 2088 2089 /* signal upper layer */ 2090 sc->sc_sppp.pp_down(&sc->sc_sppp); 2091 2092 PPPOE_LOCK(sc, RW_WRITER); 2093 2094 /* clean up softc */ 2095 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 2096 if (sc->sc_ac_cookie) { 2097 free(sc->sc_ac_cookie, M_DEVBUF); 2098 sc->sc_ac_cookie = NULL; 2099 } 2100 if (sc->sc_relay_sid) { 2101 free(sc->sc_relay_sid, M_DEVBUF); 2102 sc->sc_relay_sid = NULL; 2103 } 2104 sc->sc_ac_cookie_len = 0; 2105 sc->sc_session = 0; 2106} 2107 2108static void 2109pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2110{ 2111 if (m->m_flags & M_PROMISC) { 2112 m_freem(m); 2113 return; 2114 } 2115 2116#ifndef PPPOE_SERVER 2117 if (m->m_flags & (M_MCAST | M_BCAST)) { 2118 m_freem(m); 2119 return; 2120 } 2121#endif 2122 2123 IFQ_LOCK(inq); 2124 if (IF_QFULL(inq)) { 2125 IF_DROP(inq); 2126 IFQ_UNLOCK(inq); 2127 m_freem(m); 2128 } else { 2129 IF_ENQUEUE(inq, m); 2130 IFQ_UNLOCK(inq); 2131 softint_schedule(pppoe_softintr); 2132 } 2133 return; 2134} 2135 2136void 2137pppoe_input(struct ifnet *ifp, struct mbuf *m) 2138{ 2139 pppoe_enqueue(&ppoeinq, m); 2140 return; 2141} 2142 2143void 2144pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2145{ 2146 pppoe_enqueue(&ppoediscinq, m); 2147 return; 2148} 2149 2150static void 2151sysctl_net_pppoe_setup(struct sysctllog **clog) 2152{ 2153 const struct sysctlnode *node = NULL; 2154 2155 sysctl_createv(clog, 0, NULL, &node, 2156 CTLFLAG_PERMANENT, 2157 CTLTYPE_NODE, "pppoe", 2158 SYSCTL_DESCR("PPPOE protocol"), 2159 NULL, 0, NULL, 0, 2160 CTL_NET, CTL_CREATE, CTL_EOL); 2161 2162 if (node == NULL) 2163 return; 2164 2165 sysctl_createv(clog, 0, &node, NULL, 2166 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2167 CTLTYPE_BOOL, "term_unknown", 2168 SYSCTL_DESCR("Terminate unknown sessions"), 2169 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2170 CTL_CREATE, CTL_EOL); 2171} 2172 2173/* 2174 * Module infrastructure 2175 */ 2176#include "if_module.h" 2177 2178IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2179