1/* 2 * ppp.c - STREAMS multiplexing pseudo-device driver for PPP. 3 * 4 * Copyright (c) 1994 Paul Mackerras. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in 15 * the documentation and/or other materials provided with the 16 * distribution. 17 * 18 * 3. The name(s) of the authors of this software must not be used to 19 * endorse or promote products derived from this software without 20 * prior written permission. 21 * 22 * 4. Redistributions of any form whatsoever must retain the following 23 * acknowledgment: 24 * "This product includes software developed by Paul Mackerras 25 * <paulus@samba.org>". 26 * 27 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO 28 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 29 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY 30 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 31 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 32 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 33 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 34 * 35 * $Id: ppp.c,v 1.4 2005/06/27 00:59:57 carlsonj Exp $ 36 */ 37 38/* 39 * This file is used under Solaris 2, SVR4, SunOS 4, and Digital UNIX. 40 */ 41 42#include <sys/types.h> 43#include <sys/param.h> 44#include <sys/stat.h> 45#include <sys/stream.h> 46#include <sys/stropts.h> 47#include <sys/errno.h> 48#ifdef __osf__ 49#include <sys/ioctl.h> 50#include <sys/cmn_err.h> 51#define queclass(mp) ((mp)->b_band & QPCTL) 52#else 53#include <sys/ioccom.h> 54#endif 55#include <sys/time.h> 56#ifdef SVR4 57#include <sys/cmn_err.h> 58#include <sys/conf.h> 59#include <sys/dlpi.h> 60#include <sys/ddi.h> 61#ifdef SOL2 62#include <sys/ksynch.h> 63#include <sys/kstat.h> 64#include <sys/sunddi.h> 65#include <sys/ethernet.h> 66#else 67#include <sys/socket.h> 68#include <sys/sockio.h> 69#include <net/if.h> 70#include <netinet/in.h> 71#endif /* SOL2 */ 72#else /* not SVR4 */ 73#include <sys/user.h> 74#endif /* SVR4 */ 75#include <net/ppp_defs.h> 76#include <net/pppio.h> 77#include "ppp_mod.h" 78 79/* 80 * Modifications marked with #ifdef PRIOQ are for priority queueing of 81 * interactive traffic, and are due to Marko Zec <zec@japa.tel.fer.hr>. 82 */ 83#ifdef PRIOQ 84#endif /* PRIOQ */ 85 86#include <netinet/in.h> /* leave this outside of PRIOQ for htons */ 87 88#ifdef __STDC__ 89#define __P(x) x 90#else 91#define __P(x) () 92#endif 93 94/* 95 * The IP module may use this SAP value for IP packets. 96 */ 97#ifndef ETHERTYPE_IP 98#define ETHERTYPE_IP 0x800 99#endif 100 101#if !defined(ETHERTYPE_IPV6) 102#define ETHERTYPE_IPV6 0x86dd 103#endif /* !defined(ETHERTYPE_IPV6) */ 104 105#if !defined(ETHERTYPE_ALLSAP) && defined(SOL2) 106#define ETHERTYPE_ALLSAP 0 107#endif /* !defined(ETHERTYPE_ALLSAP) && defined(SOL2) */ 108 109#if !defined(PPP_ALLSAP) && defined(SOL2) 110#define PPP_ALLSAP PPP_ALLSTATIONS 111#endif /* !defined(PPP_ALLSAP) && defined(SOL2) */ 112 113extern time_t time; 114 115#ifdef SOL2 116/* 117 * We use this reader-writer lock to ensure that the lower streams 118 * stay connected to the upper streams while the lower-side put and 119 * service procedures are running. Essentially it is an existence 120 * lock for the upper stream associated with each lower stream. 121 */ 122krwlock_t ppp_lower_lock; 123#define LOCK_LOWER_W rw_enter(&ppp_lower_lock, RW_WRITER) 124#define LOCK_LOWER_R rw_enter(&ppp_lower_lock, RW_READER) 125#define TRYLOCK_LOWER_R rw_tryenter(&ppp_lower_lock, RW_READER) 126#define UNLOCK_LOWER rw_exit(&ppp_lower_lock) 127 128#define MT_ENTER(x) mutex_enter(x) 129#define MT_EXIT(x) mutex_exit(x) 130 131/* 132 * Notes on multithreaded implementation for Solaris 2: 133 * 134 * We use an inner perimeter around each queue pair and an outer 135 * perimeter around the whole driver. The inner perimeter is 136 * entered exclusively for all entry points (open, close, put, 137 * service). The outer perimeter is entered exclusively for open 138 * and close and shared for put and service. This is all done for 139 * us by the streams framework. 140 * 141 * I used to think that the perimeters were entered for the lower 142 * streams' put and service routines as well as for the upper streams'. 143 * Because of problems experienced by people, and after reading the 144 * documentation more closely, I now don't think that is true. So we 145 * now use ppp_lower_lock to give us an existence guarantee on the 146 * upper stream controlling each lower stream. 147 * 148 * Shared entry to the outer perimeter protects the existence of all 149 * the upper streams and their upperstr_t structures, and guarantees 150 * that the following fields of any upperstr_t won't change: 151 * nextmn, next, nextppa. It guarantees that the lowerq field of an 152 * upperstr_t won't go from non-zero to zero, that the global `ppas' 153 * won't change and that the no lower stream will get unlinked. 154 * 155 * Shared (reader) access to ppa_lower_lock guarantees that no lower 156 * stream will be unlinked and that the lowerq field of all upperstr_t 157 * structures won't change. 158 */ 159 160#else /* SOL2 */ 161#define LOCK_LOWER_W 0 162#define LOCK_LOWER_R 0 163#define TRYLOCK_LOWER_R 1 164#define UNLOCK_LOWER 0 165#define MT_ENTER(x) 0 166#define MT_EXIT(x) 0 167 168#endif /* SOL2 */ 169 170/* 171 * Private information; one per upper stream. 172 */ 173typedef struct upperstr { 174 minor_t mn; /* minor device number */ 175 struct upperstr *nextmn; /* next minor device */ 176 queue_t *q; /* read q associated with this upper stream */ 177 int flags; /* flag bits, see below */ 178 int state; /* current DLPI state */ 179 int sap; /* service access point */ 180 int req_sap; /* which SAP the DLPI client requested */ 181 struct upperstr *ppa; /* control stream for our ppa */ 182 struct upperstr *next; /* next stream for this ppa */ 183 uint ioc_id; /* last ioctl ID for this stream */ 184 enum NPmode npmode; /* what to do with packets on this SAP */ 185 unsigned char rblocked; /* flow control has blocked upper read strm */ 186 /* N.B. rblocked is only changed by control stream's put/srv procs */ 187 /* 188 * There is exactly one control stream for each PPA. 189 * The following fields are only used for control streams. 190 */ 191 int ppa_id; 192 queue_t *lowerq; /* write queue attached below this PPA */ 193 struct upperstr *nextppa; /* next control stream */ 194 int mru; 195 int mtu; 196 struct pppstat stats; /* statistics */ 197 time_t last_sent; /* time last NP packet sent */ 198 time_t last_recv; /* time last NP packet rcvd */ 199#ifdef SOL2 200 kmutex_t stats_lock; /* lock for stats updates */ 201 kstat_t *kstats; /* stats for netstat */ 202#endif /* SOL2 */ 203#ifdef LACHTCP 204 int ifflags; 205 char ifname[IFNAMSIZ]; 206 struct ifstats ifstats; 207#endif /* LACHTCP */ 208} upperstr_t; 209 210/* Values for flags */ 211#define US_PRIV 1 /* stream was opened by superuser */ 212#define US_CONTROL 2 /* stream is a control stream */ 213#define US_BLOCKED 4 /* flow ctrl has blocked lower write stream */ 214#define US_LASTMOD 8 /* no PPP modules below us */ 215#define US_DBGLOG 0x10 /* log various occurrences */ 216#define US_RBLOCKED 0x20 /* flow ctrl has blocked upper read stream */ 217 218#if defined(SOL2) 219#if DL_CURRENT_VERSION >= 2 220#define US_PROMISC 0x40 /* stream is promiscuous */ 221#endif /* DL_CURRENT_VERSION >= 2 */ 222#define US_RAWDATA 0x80 /* raw M_DATA, no DLPI header */ 223#endif /* defined(SOL2) */ 224 225#ifdef PRIOQ 226static u_char max_band=0; 227static u_char def_band=0; 228 229#define IPPORT_DEFAULT 65535 230 231/* 232 * Port priority table 233 * Highest priority ports are listed first, lowest are listed last. 234 * ICMP & packets using unlisted ports will be treated as "default". 235 * If IPPORT_DEFAULT is not listed here, "default" packets will be 236 * assigned lowest priority. 237 * Each line should be terminated with "0". 238 * Line containing only "0" marks the end of the list. 239 */ 240 241static u_short prioq_table[]= { 242 113, 53, 0, 243 22, 23, 513, 517, 518, 0, 244 514, 21, 79, 111, 0, 245 25, 109, 110, 0, 246 IPPORT_DEFAULT, 0, 247 20, 70, 80, 8001, 8008, 8080, 0, /* 8001,8008,8080 - common proxy ports */ 2480 }; 249 250#endif /* PRIOQ */ 251 252 253static upperstr_t *minor_devs = NULL; 254static upperstr_t *ppas = NULL; 255 256#ifdef SVR4 257static int pppopen __P((queue_t *, dev_t *, int, int, cred_t *)); 258static int pppclose __P((queue_t *, int, cred_t *)); 259#else 260static int pppopen __P((queue_t *, int, int, int)); 261static int pppclose __P((queue_t *, int)); 262#endif /* SVR4 */ 263static int pppurput __P((queue_t *, mblk_t *)); 264static int pppuwput __P((queue_t *, mblk_t *)); 265static int pppursrv __P((queue_t *)); 266static int pppuwsrv __P((queue_t *)); 267static int ppplrput __P((queue_t *, mblk_t *)); 268static int ppplwput __P((queue_t *, mblk_t *)); 269static int ppplrsrv __P((queue_t *)); 270static int ppplwsrv __P((queue_t *)); 271#ifndef NO_DLPI 272static void dlpi_request __P((queue_t *, mblk_t *, upperstr_t *)); 273static void dlpi_error __P((queue_t *, upperstr_t *, int, int, int)); 274static void dlpi_ok __P((queue_t *, int)); 275#endif 276static int send_data __P((mblk_t *, upperstr_t *)); 277static void new_ppa __P((queue_t *, mblk_t *)); 278static void attach_ppa __P((queue_t *, mblk_t *)); 279#ifndef NO_DLPI 280static void detach_ppa __P((queue_t *, mblk_t *)); 281#endif 282static void detach_lower __P((queue_t *, mblk_t *)); 283static void debug_dump __P((queue_t *, mblk_t *)); 284static upperstr_t *find_dest __P((upperstr_t *, int)); 285#if defined(SOL2) 286static upperstr_t *find_promisc __P((upperstr_t *, int)); 287static mblk_t *prepend_ether __P((upperstr_t *, mblk_t *, int)); 288static mblk_t *prepend_udind __P((upperstr_t *, mblk_t *, int)); 289static void promisc_sendup __P((upperstr_t *, mblk_t *, int, int)); 290#endif /* defined(SOL2) */ 291static int putctl2 __P((queue_t *, int, int, int)); 292static int putctl4 __P((queue_t *, int, int, int)); 293static int pass_packet __P((upperstr_t *ppa, mblk_t *mp, int outbound)); 294#ifdef FILTER_PACKETS 295static int ip_hard_filter __P((upperstr_t *ppa, mblk_t *mp, int outbound)); 296#endif /* FILTER_PACKETS */ 297 298#define PPP_ID 0xb1a6 299static struct module_info ppp_info = { 300#ifdef PRIOQ 301 PPP_ID, "ppp", 0, 512, 512, 384 302#else 303 PPP_ID, "ppp", 0, 512, 512, 128 304#endif /* PRIOQ */ 305}; 306 307static struct qinit pppurint = { 308 pppurput, pppursrv, pppopen, pppclose, NULL, &ppp_info, NULL 309}; 310 311static struct qinit pppuwint = { 312 pppuwput, pppuwsrv, NULL, NULL, NULL, &ppp_info, NULL 313}; 314 315static struct qinit ppplrint = { 316 ppplrput, ppplrsrv, NULL, NULL, NULL, &ppp_info, NULL 317}; 318 319static struct qinit ppplwint = { 320 ppplwput, ppplwsrv, NULL, NULL, NULL, &ppp_info, NULL 321}; 322 323#ifdef LACHTCP 324extern struct ifstats *ifstats; 325int pppdevflag = 0; 326#endif 327 328struct streamtab pppinfo = { 329 &pppurint, &pppuwint, 330 &ppplrint, &ppplwint 331}; 332 333int ppp_count; 334 335/* 336 * How we maintain statistics. 337 */ 338#ifdef SOL2 339#define INCR_IPACKETS(ppa) \ 340 if (ppa->kstats != 0) { \ 341 KSTAT_NAMED_PTR(ppa->kstats)[0].value.ul++; \ 342 } 343#define INCR_IERRORS(ppa) \ 344 if (ppa->kstats != 0) { \ 345 KSTAT_NAMED_PTR(ppa->kstats)[1].value.ul++; \ 346 } 347#define INCR_OPACKETS(ppa) \ 348 if (ppa->kstats != 0) { \ 349 KSTAT_NAMED_PTR(ppa->kstats)[2].value.ul++; \ 350 } 351#define INCR_OERRORS(ppa) \ 352 if (ppa->kstats != 0) { \ 353 KSTAT_NAMED_PTR(ppa->kstats)[3].value.ul++; \ 354 } 355#endif 356 357#ifdef LACHTCP 358#define INCR_IPACKETS(ppa) ppa->ifstats.ifs_ipackets++; 359#define INCR_IERRORS(ppa) ppa->ifstats.ifs_ierrors++; 360#define INCR_OPACKETS(ppa) ppa->ifstats.ifs_opackets++; 361#define INCR_OERRORS(ppa) ppa->ifstats.ifs_oerrors++; 362#endif 363 364/* 365 * STREAMS driver entry points. 366 */ 367static int 368#ifdef SVR4 369pppopen(q, devp, oflag, sflag, credp) 370 queue_t *q; 371 dev_t *devp; 372 int oflag, sflag; 373 cred_t *credp; 374#else 375pppopen(q, dev, oflag, sflag) 376 queue_t *q; 377 int dev; /* really dev_t */ 378 int oflag, sflag; 379#endif 380{ 381 upperstr_t *up; 382 upperstr_t **prevp; 383 minor_t mn; 384#ifdef PRIOQ 385 u_short *ptr; 386 u_char new_band; 387#endif /* PRIOQ */ 388 389 if (q->q_ptr) 390 DRV_OPEN_OK(dev); /* device is already open */ 391 392#ifdef PRIOQ 393 /* Calculate max_bband & def_band from definitions in prioq.h 394 This colud be done at some more approtiate time (less often) 395 but this way it works well so I'll just leave it here */ 396 397 max_band = 1; 398 def_band = 0; 399 ptr = prioq_table; 400 while (*ptr) { 401 new_band = 1; 402 while (*ptr) 403 if (*ptr++ == IPPORT_DEFAULT) { 404 new_band = 0; 405 def_band = max_band; 406 } 407 max_band += new_band; 408 ptr++; 409 } 410 if (def_band) 411 def_band = max_band - def_band; 412 --max_band; 413#endif /* PRIOQ */ 414 415 if (sflag == CLONEOPEN) { 416 mn = 0; 417 for (prevp = &minor_devs; (up = *prevp) != 0; prevp = &up->nextmn) { 418 if (up->mn != mn) 419 break; 420 ++mn; 421 } 422 } else { 423#ifdef SVR4 424 mn = getminor(*devp); 425#else 426 mn = minor(dev); 427#endif 428 for (prevp = &minor_devs; (up = *prevp) != 0; prevp = &up->nextmn) { 429 if (up->mn >= mn) 430 break; 431 } 432 if (up->mn == mn) { 433 /* this can't happen */ 434 q->q_ptr = WR(q)->q_ptr = (caddr_t) up; 435 DRV_OPEN_OK(dev); 436 } 437 } 438 439 /* 440 * Construct a new minor node. 441 */ 442 up = (upperstr_t *) ALLOC_SLEEP(sizeof(upperstr_t)); 443 bzero((caddr_t) up, sizeof(upperstr_t)); 444 if (up == 0) { 445 DPRINT("pppopen: out of kernel memory\n"); 446 OPEN_ERROR(ENXIO); 447 } 448 up->nextmn = *prevp; 449 *prevp = up; 450 up->mn = mn; 451#ifdef SVR4 452 *devp = makedevice(getmajor(*devp), mn); 453#endif 454 up->q = q; 455 if (NOTSUSER() == 0) 456 up->flags |= US_PRIV; 457#ifndef NO_DLPI 458 up->state = DL_UNATTACHED; 459#endif 460#ifdef LACHTCP 461 up->ifflags = IFF_UP | IFF_POINTOPOINT; 462#endif 463 up->sap = -1; 464 up->last_sent = up->last_recv = time; 465 up->npmode = NPMODE_DROP; 466 q->q_ptr = (caddr_t) up; 467 WR(q)->q_ptr = (caddr_t) up; 468 noenable(WR(q)); 469#ifdef SOL2 470 mutex_init(&up->stats_lock, NULL, MUTEX_DRIVER, NULL); 471#endif 472 ++ppp_count; 473 474 qprocson(q); 475 DRV_OPEN_OK(makedev(major(dev), mn)); 476} 477 478static int 479#ifdef SVR4 480pppclose(q, flag, credp) 481 queue_t *q; 482 int flag; 483 cred_t *credp; 484#else 485pppclose(q, flag) 486 queue_t *q; 487 int flag; 488#endif 489{ 490 upperstr_t *up, **upp; 491 upperstr_t *as, *asnext; 492 upperstr_t **prevp; 493 494 qprocsoff(q); 495 496 up = (upperstr_t *) q->q_ptr; 497 if (up == 0) { 498 DPRINT("pppclose: q_ptr = 0\n"); 499 return 0; 500 } 501 if (up->flags & US_DBGLOG) 502 DPRINT2("ppp/%d: close, flags=%x\n", up->mn, up->flags); 503 if (up->flags & US_CONTROL) { 504#ifdef LACHTCP 505 struct ifstats *ifp, *pifp; 506#endif 507 if (up->lowerq != 0) { 508 /* Gack! the lower stream should have be unlinked earlier! */ 509 DPRINT1("ppp%d: lower stream still connected on close?\n", 510 up->mn); 511 LOCK_LOWER_W; 512 up->lowerq->q_ptr = 0; 513 RD(up->lowerq)->q_ptr = 0; 514 up->lowerq = 0; 515 UNLOCK_LOWER; 516 } 517 518 /* 519 * This stream represents a PPA: 520 * For all streams attached to the PPA, clear their 521 * references to this PPA. 522 * Then remove this PPA from the list of PPAs. 523 */ 524 for (as = up->next; as != 0; as = asnext) { 525 asnext = as->next; 526 as->next = 0; 527 as->ppa = 0; 528 if (as->flags & US_BLOCKED) { 529 as->flags &= ~US_BLOCKED; 530 flushq(WR(as->q), FLUSHDATA); 531 } 532 } 533 for (upp = &ppas; *upp != 0; upp = &(*upp)->nextppa) 534 if (*upp == up) { 535 *upp = up->nextppa; 536 break; 537 } 538#ifdef LACHTCP 539 /* Remove the statistics from the active list. */ 540 for (ifp = ifstats, pifp = 0; ifp; ifp = ifp->ifs_next) { 541 if (ifp == &up->ifstats) { 542 if (pifp) 543 pifp->ifs_next = ifp->ifs_next; 544 else 545 ifstats = ifp->ifs_next; 546 break; 547 } 548 pifp = ifp; 549 } 550#endif 551 } else { 552 /* 553 * If this stream is attached to a PPA, 554 * remove it from the PPA's list. 555 */ 556 if ((as = up->ppa) != 0) { 557 for (; as->next != 0; as = as->next) 558 if (as->next == up) { 559 as->next = up->next; 560 break; 561 } 562 } 563 } 564 565#ifdef SOL2 566 if (up->kstats) 567 kstat_delete(up->kstats); 568 mutex_destroy(&up->stats_lock); 569#endif 570 571 q->q_ptr = NULL; 572 WR(q)->q_ptr = NULL; 573 574 for (prevp = &minor_devs; *prevp != 0; prevp = &(*prevp)->nextmn) { 575 if (*prevp == up) { 576 *prevp = up->nextmn; 577 break; 578 } 579 } 580 FREE(up, sizeof(upperstr_t)); 581 --ppp_count; 582 583 return 0; 584} 585 586/* 587 * A message from on high. We do one of three things: 588 * - qreply() 589 * - put the message on the lower write stream 590 * - queue it for our service routine 591 */ 592static int 593pppuwput(q, mp) 594 queue_t *q; 595 mblk_t *mp; 596{ 597 upperstr_t *us, *ppa, *nps; 598 struct iocblk *iop; 599 struct linkblk *lb; 600#ifdef LACHTCP 601 struct ifreq *ifr; 602 int i; 603#endif 604 queue_t *lq; 605 int error, n, sap; 606 mblk_t *mq; 607 struct ppp_idle *pip; 608#ifdef PRIOQ 609 queue_t *tlq; 610#endif /* PRIOQ */ 611#ifdef NO_DLPI 612 upperstr_t *os; 613#endif 614 615 us = (upperstr_t *) q->q_ptr; 616 if (us == 0) { 617 DPRINT("pppuwput: q_ptr = 0!\n"); 618 return 0; 619 } 620 if (mp == 0) { 621 DPRINT1("pppuwput/%d: mp = 0!\n", us->mn); 622 return 0; 623 } 624 if (mp->b_datap == 0) { 625 DPRINT1("pppuwput/%d: mp->b_datap = 0!\n", us->mn); 626 return 0; 627 } 628 switch (mp->b_datap->db_type) { 629#ifndef NO_DLPI 630 case M_PCPROTO: 631 case M_PROTO: 632 dlpi_request(q, mp, us); 633 break; 634#endif /* NO_DLPI */ 635 636 case M_DATA: 637 if (us->flags & US_DBGLOG) 638 DPRINT3("ppp/%d: uwput M_DATA len=%d flags=%x\n", 639 us->mn, msgdsize(mp), us->flags); 640 if (us->ppa == 0 || msgdsize(mp) > us->ppa->mtu + PPP_HDRLEN 641#ifndef NO_DLPI 642 || (us->flags & US_CONTROL) == 0 643#endif /* NO_DLPI */ 644 ) { 645 DPRINT1("pppuwput: junk data len=%d\n", msgdsize(mp)); 646 freemsg(mp); 647 break; 648 } 649#ifdef NO_DLPI 650 /* pass_packet frees the packet on returning 0 */ 651 if ((us->flags & US_CONTROL) == 0 && !pass_packet(us, mp, 1)) 652 break; 653#endif 654 if (!send_data(mp, us) && !putq(q, mp)) 655 freemsg(mp); 656 break; 657 658 case M_IOCTL: 659 iop = (struct iocblk *) mp->b_rptr; 660 error = EINVAL; 661 if (us->flags & US_DBGLOG) 662 DPRINT3("ppp/%d: ioctl %x count=%d\n", 663 us->mn, iop->ioc_cmd, iop->ioc_count); 664 switch (iop->ioc_cmd) { 665#if defined(SOL2) 666 case DLIOCRAW: /* raw M_DATA mode */ 667 us->flags |= US_RAWDATA; 668 error = 0; 669 break; 670#endif /* defined(SOL2) */ 671 case I_LINK: 672 if ((us->flags & US_CONTROL) == 0 || us->lowerq != 0) 673 break; 674 if (mp->b_cont == 0) { 675 DPRINT1("pppuwput/%d: ioctl I_LINK b_cont = 0!\n", us->mn); 676 break; 677 } 678 lb = (struct linkblk *) mp->b_cont->b_rptr; 679 lq = lb->l_qbot; 680 if (lq == 0) { 681 DPRINT1("pppuwput/%d: ioctl I_LINK l_qbot = 0!\n", us->mn); 682 break; 683 } 684 LOCK_LOWER_W; 685 us->lowerq = lq; 686 lq->q_ptr = (caddr_t) q; 687 RD(lq)->q_ptr = (caddr_t) us->q; 688 UNLOCK_LOWER; 689 iop->ioc_count = 0; 690 error = 0; 691 us->flags &= ~US_LASTMOD; 692 /* Unblock upper streams which now feed this lower stream. */ 693 qenable(q); 694 /* Send useful information down to the modules which 695 are now linked below us. */ 696 putctl2(lq, M_CTL, PPPCTL_UNIT, us->ppa_id); 697 putctl4(lq, M_CTL, PPPCTL_MRU, us->mru); 698 putctl4(lq, M_CTL, PPPCTL_MTU, us->mtu); 699#ifdef PRIOQ 700 /* Lower tty driver's queue hiwat/lowat from default 4096/128 701 to 256/128 since we don't want queueing of data on 702 output to physical device */ 703 704 freezestr(lq); 705 for (tlq = lq; tlq->q_next != NULL; tlq = tlq->q_next) 706 ; 707 strqset(tlq, QHIWAT, 0, 256); 708 strqset(tlq, QLOWAT, 0, 128); 709 unfreezestr(lq); 710#endif /* PRIOQ */ 711 break; 712 713 case I_UNLINK: 714 if (mp->b_cont == 0) { 715 DPRINT1("pppuwput/%d: ioctl I_UNLINK b_cont = 0!\n", us->mn); 716 break; 717 } 718 lb = (struct linkblk *) mp->b_cont->b_rptr; 719#if DEBUG 720 if (us->lowerq != lb->l_qbot) { 721 DPRINT2("ppp unlink: lowerq=%x qbot=%x\n", 722 us->lowerq, lb->l_qbot); 723 break; 724 } 725#endif 726 iop->ioc_count = 0; 727 qwriter(q, mp, detach_lower, PERIM_OUTER); 728 /* mp is now gone */ 729 error = -1; 730 break; 731 732 case PPPIO_NEWPPA: 733 if (us->flags & US_CONTROL) 734 break; 735 if ((us->flags & US_PRIV) == 0) { 736 error = EPERM; 737 break; 738 } 739 /* Arrange to return an int */ 740 if ((mq = mp->b_cont) == 0 741 || mq->b_datap->db_lim - mq->b_rptr < sizeof(int)) { 742 mq = allocb(sizeof(int), BPRI_HI); 743 if (mq == 0) { 744 error = ENOSR; 745 break; 746 } 747 if (mp->b_cont != 0) 748 freemsg(mp->b_cont); 749 mp->b_cont = mq; 750 mq->b_cont = 0; 751 } 752 iop->ioc_count = sizeof(int); 753 mq->b_wptr = mq->b_rptr + sizeof(int); 754 qwriter(q, mp, new_ppa, PERIM_OUTER); 755 /* mp is now gone */ 756 error = -1; 757 break; 758 759 case PPPIO_ATTACH: 760 /* like dlpi_attach, for programs which can't write to 761 the stream (like pppstats) */ 762 if (iop->ioc_count != sizeof(int) || us->ppa != 0) 763 break; 764 if (mp->b_cont == 0) { 765 DPRINT1("pppuwput/%d: ioctl PPPIO_ATTACH b_cont = 0!\n", us->mn); 766 break; 767 } 768 n = *(int *)mp->b_cont->b_rptr; 769 for (ppa = ppas; ppa != 0; ppa = ppa->nextppa) 770 if (ppa->ppa_id == n) 771 break; 772 if (ppa == 0) 773 break; 774 us->ppa = ppa; 775 iop->ioc_count = 0; 776 qwriter(q, mp, attach_ppa, PERIM_OUTER); 777 /* mp is now gone */ 778 error = -1; 779 break; 780 781#ifdef NO_DLPI 782 case PPPIO_BIND: 783 /* Attach to a given SAP. */ 784 if (iop->ioc_count != sizeof(int) || us->ppa == 0) 785 break; 786 if (mp->b_cont == 0) { 787 DPRINT1("pppuwput/%d: ioctl PPPIO_BIND b_cont = 0!\n", us->mn); 788 break; 789 } 790 n = *(int *)mp->b_cont->b_rptr; 791 /* n must be a valid PPP network protocol number. */ 792 if (n < 0x21 || n > 0x3fff || (n & 0x101) != 1) 793 break; 794 /* check that no other stream is bound to this sap already. */ 795 for (os = us->ppa; os != 0; os = os->next) 796 if (os->sap == n) 797 break; 798 if (os != 0) 799 break; 800 us->sap = n; 801 iop->ioc_count = 0; 802 error = 0; 803 break; 804#endif /* NO_DLPI */ 805 806 case PPPIO_MRU: 807 if (iop->ioc_count != sizeof(int) || (us->flags & US_CONTROL) == 0) 808 break; 809 if (mp->b_cont == 0) { 810 DPRINT1("pppuwput/%d: ioctl PPPIO_MRU b_cont = 0!\n", us->mn); 811 break; 812 } 813 n = *(int *)mp->b_cont->b_rptr; 814 if (n <= 0 || n > PPP_MAXMRU) 815 break; 816 if (n < PPP_MRU) 817 n = PPP_MRU; 818 us->mru = n; 819 if (us->lowerq) 820 putctl4(us->lowerq, M_CTL, PPPCTL_MRU, n); 821 error = 0; 822 iop->ioc_count = 0; 823 break; 824 825 case PPPIO_MTU: 826 if (iop->ioc_count != sizeof(int) || (us->flags & US_CONTROL) == 0) 827 break; 828 if (mp->b_cont == 0) { 829 DPRINT1("pppuwput/%d: ioctl PPPIO_MTU b_cont = 0!\n", us->mn); 830 break; 831 } 832 n = *(int *)mp->b_cont->b_rptr; 833 if (n <= 0 || n > PPP_MAXMTU) 834 break; 835 us->mtu = n; 836#ifdef LACHTCP 837 /* The MTU reported in netstat, not used as IP max packet size! */ 838 us->ifstats.ifs_mtu = n; 839#endif 840 if (us->lowerq) 841 putctl4(us->lowerq, M_CTL, PPPCTL_MTU, n); 842 error = 0; 843 iop->ioc_count = 0; 844 break; 845 846 case PPPIO_LASTMOD: 847 us->flags |= US_LASTMOD; 848 error = 0; 849 break; 850 851 case PPPIO_DEBUG: 852 if (iop->ioc_count != sizeof(int)) 853 break; 854 if (mp->b_cont == 0) { 855 DPRINT1("pppuwput/%d: ioctl PPPIO_DEBUG b_cont = 0!\n", us->mn); 856 break; 857 } 858 n = *(int *)mp->b_cont->b_rptr; 859 if (n == PPPDBG_DUMP + PPPDBG_DRIVER) { 860 qwriter(q, mp, debug_dump, PERIM_OUTER); 861 /* mp is now gone */ 862 error = -1; 863 } else if (n == PPPDBG_LOG + PPPDBG_DRIVER) { 864 DPRINT1("ppp/%d: debug log enabled\n", us->mn); 865 us->flags |= US_DBGLOG; 866 iop->ioc_count = 0; 867 error = 0; 868 } else { 869 if (us->ppa == 0 || us->ppa->lowerq == 0) 870 break; 871 putnext(us->ppa->lowerq, mp); 872 /* mp is now gone */ 873 error = -1; 874 } 875 break; 876 877 case PPPIO_NPMODE: 878 if (iop->ioc_count != 2 * sizeof(int)) 879 break; 880 if ((us->flags & US_CONTROL) == 0) 881 break; 882 if (mp->b_cont == 0) { 883 DPRINT1("pppuwput/%d: ioctl PPPIO_NPMODE b_cont = 0!\n", us->mn); 884 break; 885 } 886 sap = ((int *)mp->b_cont->b_rptr)[0]; 887 for (nps = us->next; nps != 0; nps = nps->next) { 888 if (us->flags & US_DBGLOG) 889 DPRINT2("us = 0x%x, us->next->sap = 0x%x\n", nps, nps->sap); 890 if (nps->sap == sap) 891 break; 892 } 893 if (nps == 0) { 894 if (us->flags & US_DBGLOG) 895 DPRINT2("ppp/%d: no stream for sap %x\n", us->mn, sap); 896 break; 897 } 898 /* XXX possibly should use qwriter here */ 899 nps->npmode = (enum NPmode) ((int *)mp->b_cont->b_rptr)[1]; 900 if (nps->npmode != NPMODE_QUEUE && (nps->flags & US_BLOCKED) != 0) 901 qenable(WR(nps->q)); 902 iop->ioc_count = 0; 903 error = 0; 904 break; 905 906 case PPPIO_GIDLE: 907 if ((ppa = us->ppa) == 0) 908 break; 909 mq = allocb(sizeof(struct ppp_idle), BPRI_HI); 910 if (mq == 0) { 911 error = ENOSR; 912 break; 913 } 914 if (mp->b_cont != 0) 915 freemsg(mp->b_cont); 916 mp->b_cont = mq; 917 mq->b_cont = 0; 918 pip = (struct ppp_idle *) mq->b_wptr; 919 pip->xmit_idle = time - ppa->last_sent; 920 pip->recv_idle = time - ppa->last_recv; 921 mq->b_wptr += sizeof(struct ppp_idle); 922 iop->ioc_count = sizeof(struct ppp_idle); 923 error = 0; 924 break; 925 926#ifdef LACHTCP 927 case SIOCSIFNAME: 928 /* Sent from IP down to us. Attach the ifstats structure. */ 929 if (iop->ioc_count != sizeof(struct ifreq) || us->ppa == 0) 930 break; 931 ifr = (struct ifreq *)mp->b_cont->b_rptr; 932 /* Find the unit number in the interface name. */ 933 for (i = 0; i < IFNAMSIZ; i++) { 934 if (ifr->ifr_name[i] == 0 || 935 (ifr->ifr_name[i] >= '0' && 936 ifr->ifr_name[i] <= '9')) 937 break; 938 else 939 us->ifname[i] = ifr->ifr_name[i]; 940 } 941 us->ifname[i] = 0; 942 943 /* Convert the unit number to binary. */ 944 for (n = 0; i < IFNAMSIZ; i++) { 945 if (ifr->ifr_name[i] == 0) { 946 break; 947 } 948 else { 949 n = n * 10 + ifr->ifr_name[i] - '0'; 950 } 951 } 952 953 /* Verify the ppa. */ 954 if (us->ppa->ppa_id != n) 955 break; 956 ppa = us->ppa; 957 958 /* Set up the netstat block. */ 959 strncpy (ppa->ifname, us->ifname, IFNAMSIZ); 960 961 ppa->ifstats.ifs_name = ppa->ifname; 962 ppa->ifstats.ifs_unit = n; 963 ppa->ifstats.ifs_active = us->state != DL_UNBOUND; 964 ppa->ifstats.ifs_mtu = ppa->mtu; 965 966 /* Link in statistics used by netstat. */ 967 ppa->ifstats.ifs_next = ifstats; 968 ifstats = &ppa->ifstats; 969 970 iop->ioc_count = 0; 971 error = 0; 972 break; 973 974 case SIOCGIFFLAGS: 975 if (!(us->flags & US_CONTROL)) { 976 if (us->ppa) 977 us = us->ppa; 978 else 979 break; 980 } 981 ((struct iocblk_in *)iop)->ioc_ifflags = us->ifflags; 982 error = 0; 983 break; 984 985 case SIOCSIFFLAGS: 986 if (!(us->flags & US_CONTROL)) { 987 if (us->ppa) 988 us = us->ppa; 989 else 990 break; 991 } 992 us->ifflags = ((struct iocblk_in *)iop)->ioc_ifflags; 993 error = 0; 994 break; 995 996 case SIOCSIFADDR: 997 if (!(us->flags & US_CONTROL)) { 998 if (us->ppa) 999 us = us->ppa; 1000 else 1001 break; 1002 } 1003 us->ifflags |= IFF_RUNNING; 1004 ((struct iocblk_in *)iop)->ioc_ifflags |= IFF_RUNNING; 1005 error = 0; 1006 break; 1007 1008 case SIOCSIFMTU: 1009 /* 1010 * Vanilla SVR4 systems don't handle SIOCSIFMTU, rather 1011 * they take the MTU from the DL_INFO_ACK we sent in response 1012 * to their DL_INFO_REQ. Fortunately, they will update the 1013 * MTU if we send an unsolicited DL_INFO_ACK up. 1014 */ 1015 if ((mq = allocb(sizeof(dl_info_req_t), BPRI_HI)) == 0) 1016 break; /* should do bufcall */ 1017 ((union DL_primitives *)mq->b_rptr)->dl_primitive = DL_INFO_REQ; 1018 mq->b_wptr = mq->b_rptr + sizeof(dl_info_req_t); 1019 dlpi_request(q, mq, us); 1020 /* mp is now gone */ 1021 error = -1; 1022 break; 1023 1024 case SIOCGIFNETMASK: 1025 case SIOCSIFNETMASK: 1026 case SIOCGIFADDR: 1027 case SIOCGIFDSTADDR: 1028 case SIOCSIFDSTADDR: 1029 case SIOCGIFMETRIC: 1030 error = 0; 1031 break; 1032#endif /* LACHTCP */ 1033 1034 default: 1035 if (us->ppa == 0 || us->ppa->lowerq == 0) 1036 break; 1037 us->ioc_id = iop->ioc_id; 1038 error = -1; 1039 switch (iop->ioc_cmd) { 1040 case PPPIO_GETSTAT: 1041 case PPPIO_GETCSTAT: 1042 if (us->flags & US_LASTMOD) { 1043 error = EINVAL; 1044 break; 1045 } 1046 putnext(us->ppa->lowerq, mp); 1047 break; 1048 default: 1049 if (us->flags & US_PRIV) 1050 putnext(us->ppa->lowerq, mp); 1051 else { 1052 DPRINT1("ppp ioctl %x rejected\n", iop->ioc_cmd); 1053 error = EPERM; 1054 } 1055 break; 1056 } 1057 break; 1058 } 1059 1060 if (error > 0) { 1061 iop->ioc_error = error; 1062 mp->b_datap->db_type = M_IOCNAK; 1063 qreply(q, mp); 1064 } else if (error == 0) { 1065 mp->b_datap->db_type = M_IOCACK; 1066 qreply(q, mp); 1067 } 1068 break; 1069 1070 case M_FLUSH: 1071 if (us->flags & US_DBGLOG) 1072 DPRINT2("ppp/%d: flush %x\n", us->mn, *mp->b_rptr); 1073 if (*mp->b_rptr & FLUSHW) 1074 flushq(q, FLUSHDATA); 1075 if (*mp->b_rptr & FLUSHR) { 1076 *mp->b_rptr &= ~FLUSHW; 1077 qreply(q, mp); 1078 } else 1079 freemsg(mp); 1080 break; 1081 1082 default: 1083 freemsg(mp); 1084 break; 1085 } 1086 return 0; 1087} 1088 1089#ifndef NO_DLPI 1090static void 1091dlpi_request(q, mp, us) 1092 queue_t *q; 1093 mblk_t *mp; 1094 upperstr_t *us; 1095{ 1096 union DL_primitives *d = (union DL_primitives *) mp->b_rptr; 1097 int size = mp->b_wptr - mp->b_rptr; 1098 mblk_t *reply, *np; 1099 upperstr_t *ppa, *os; 1100 int sap, len; 1101 dl_info_ack_t *info; 1102 dl_bind_ack_t *ackp; 1103#if DL_CURRENT_VERSION >= 2 1104 dl_phys_addr_ack_t *paddrack; 1105 static struct ether_addr eaddr = {0}; 1106#endif 1107 1108 if (us->flags & US_DBGLOG) 1109 DPRINT3("ppp/%d: dlpi prim %x len=%d\n", us->mn, 1110 d->dl_primitive, size); 1111 switch (d->dl_primitive) { 1112 case DL_INFO_REQ: 1113 if (size < sizeof(dl_info_req_t)) 1114 goto badprim; 1115 if ((reply = allocb(sizeof(dl_info_ack_t), BPRI_HI)) == 0) 1116 break; /* should do bufcall */ 1117 reply->b_datap->db_type = M_PCPROTO; 1118 info = (dl_info_ack_t *) reply->b_wptr; 1119 reply->b_wptr += sizeof(dl_info_ack_t); 1120 bzero((caddr_t) info, sizeof(dl_info_ack_t)); 1121 info->dl_primitive = DL_INFO_ACK; 1122 info->dl_max_sdu = us->ppa? us->ppa->mtu: PPP_MAXMTU; 1123 info->dl_min_sdu = 1; 1124 info->dl_addr_length = sizeof(uint); 1125 info->dl_mac_type = DL_ETHER; /* a bigger lie */ 1126 info->dl_current_state = us->state; 1127 info->dl_service_mode = DL_CLDLS; 1128 info->dl_provider_style = DL_STYLE2; 1129#if DL_CURRENT_VERSION >= 2 1130 info->dl_sap_length = sizeof(uint); 1131 info->dl_version = DL_CURRENT_VERSION; 1132#endif 1133 qreply(q, reply); 1134 break; 1135 1136 case DL_ATTACH_REQ: 1137 if (size < sizeof(dl_attach_req_t)) 1138 goto badprim; 1139 if (us->state != DL_UNATTACHED || us->ppa != 0) { 1140 dlpi_error(q, us, DL_ATTACH_REQ, DL_OUTSTATE, 0); 1141 break; 1142 } 1143 for (ppa = ppas; ppa != 0; ppa = ppa->nextppa) 1144 if (ppa->ppa_id == d->attach_req.dl_ppa) 1145 break; 1146 if (ppa == 0) { 1147 dlpi_error(q, us, DL_ATTACH_REQ, DL_BADPPA, 0); 1148 break; 1149 } 1150 us->ppa = ppa; 1151 qwriter(q, mp, attach_ppa, PERIM_OUTER); 1152 return; 1153 1154 case DL_DETACH_REQ: 1155 if (size < sizeof(dl_detach_req_t)) 1156 goto badprim; 1157 if (us->state != DL_UNBOUND || us->ppa == 0) { 1158 dlpi_error(q, us, DL_DETACH_REQ, DL_OUTSTATE, 0); 1159 break; 1160 } 1161 qwriter(q, mp, detach_ppa, PERIM_OUTER); 1162 return; 1163 1164 case DL_BIND_REQ: 1165 if (size < sizeof(dl_bind_req_t)) 1166 goto badprim; 1167 if (us->state != DL_UNBOUND || us->ppa == 0) { 1168 dlpi_error(q, us, DL_BIND_REQ, DL_OUTSTATE, 0); 1169 break; 1170 } 1171#if 0 1172 /* apparently this test fails (unnecessarily?) on some systems */ 1173 if (d->bind_req.dl_service_mode != DL_CLDLS) { 1174 dlpi_error(q, us, DL_BIND_REQ, DL_UNSUPPORTED, 0); 1175 break; 1176 } 1177#endif 1178 1179 /* saps must be valid PPP network protocol numbers, 1180 except that we accept ETHERTYPE_IP in place of PPP_IP. */ 1181 sap = d->bind_req.dl_sap; 1182 us->req_sap = sap; 1183 1184#if defined(SOL2) 1185 if (us->flags & US_DBGLOG) 1186 DPRINT2("DL_BIND_REQ: ip gives sap = 0x%x, us = 0x%x", sap, us); 1187 1188 if (sap == ETHERTYPE_IP) /* normal IFF_IPV4 */ 1189 sap = PPP_IP; 1190 else if (sap == ETHERTYPE_IPV6) /* when IFF_IPV6 is set */ 1191 sap = PPP_IPV6; 1192 else if (sap == ETHERTYPE_ALLSAP) /* snoop gives sap of 0 */ 1193 sap = PPP_ALLSAP; 1194 else { 1195 DPRINT2("DL_BIND_REQ: unrecognized sap = 0x%x, us = 0x%x", sap, us); 1196 dlpi_error(q, us, DL_BIND_REQ, DL_BADADDR, 0); 1197 break; 1198 } 1199#else 1200 if (sap == ETHERTYPE_IP) 1201 sap = PPP_IP; 1202 if (sap < 0x21 || sap > 0x3fff || (sap & 0x101) != 1) { 1203 dlpi_error(q, us, DL_BIND_REQ, DL_BADADDR, 0); 1204 break; 1205 } 1206#endif /* defined(SOL2) */ 1207 1208 /* check that no other stream is bound to this sap already. */ 1209 for (os = us->ppa; os != 0; os = os->next) 1210 if (os->sap == sap) 1211 break; 1212 if (os != 0) { 1213 dlpi_error(q, us, DL_BIND_REQ, DL_NOADDR, 0); 1214 break; 1215 } 1216 1217 us->sap = sap; 1218 us->state = DL_IDLE; 1219 1220 if ((reply = allocb(sizeof(dl_bind_ack_t) + sizeof(uint), 1221 BPRI_HI)) == 0) 1222 break; /* should do bufcall */ 1223 ackp = (dl_bind_ack_t *) reply->b_wptr; 1224 reply->b_wptr += sizeof(dl_bind_ack_t) + sizeof(uint); 1225 reply->b_datap->db_type = M_PCPROTO; 1226 bzero((caddr_t) ackp, sizeof(dl_bind_ack_t)); 1227 ackp->dl_primitive = DL_BIND_ACK; 1228 ackp->dl_sap = sap; 1229 ackp->dl_addr_length = sizeof(uint); 1230 ackp->dl_addr_offset = sizeof(dl_bind_ack_t); 1231 *(uint *)(ackp+1) = sap; 1232 qreply(q, reply); 1233 break; 1234 1235 case DL_UNBIND_REQ: 1236 if (size < sizeof(dl_unbind_req_t)) 1237 goto badprim; 1238 if (us->state != DL_IDLE) { 1239 dlpi_error(q, us, DL_UNBIND_REQ, DL_OUTSTATE, 0); 1240 break; 1241 } 1242 us->sap = -1; 1243 us->state = DL_UNBOUND; 1244#ifdef LACHTCP 1245 us->ppa->ifstats.ifs_active = 0; 1246#endif 1247 dlpi_ok(q, DL_UNBIND_REQ); 1248 break; 1249 1250 case DL_UNITDATA_REQ: 1251 if (size < sizeof(dl_unitdata_req_t)) 1252 goto badprim; 1253 if (us->state != DL_IDLE) { 1254 dlpi_error(q, us, DL_UNITDATA_REQ, DL_OUTSTATE, 0); 1255 break; 1256 } 1257 if ((ppa = us->ppa) == 0) { 1258 cmn_err(CE_CONT, "ppp: in state dl_idle but ppa == 0?\n"); 1259 break; 1260 } 1261 len = mp->b_cont == 0? 0: msgdsize(mp->b_cont); 1262 if (len > ppa->mtu) { 1263 DPRINT2("dlpi data too large (%d > %d)\n", len, ppa->mtu); 1264 break; 1265 } 1266 1267#if defined(SOL2) 1268 /* 1269 * Should there be any promiscuous stream(s), send the data 1270 * up for each promiscuous stream that we recognize. 1271 */ 1272 if (mp->b_cont) 1273 promisc_sendup(ppa, mp->b_cont, us->sap, 0); 1274#endif /* defined(SOL2) */ 1275 1276 mp->b_band = 0; 1277#ifdef PRIOQ 1278 /* Extract s_port & d_port from IP-packet, the code is a bit 1279 dirty here, but so am I, too... */ 1280 if (mp->b_datap->db_type == M_PROTO && us->sap == PPP_IP 1281 && mp->b_cont != 0) { 1282 u_char *bb, *tlh; 1283 int iphlen, len; 1284 u_short *ptr; 1285 u_char band_unset, cur_band, syn; 1286 u_short s_port, d_port; 1287 1288 bb = mp->b_cont->b_rptr; /* bb points to IP-header*/ 1289 len = mp->b_cont->b_wptr - mp->b_cont->b_rptr; 1290 syn = 0; 1291 s_port = IPPORT_DEFAULT; 1292 d_port = IPPORT_DEFAULT; 1293 if (len >= 20) { /* 20 = minimum length of IP header */ 1294 iphlen = (bb[0] & 0x0f) * 4; 1295 tlh = bb + iphlen; 1296 len -= iphlen; 1297 switch (bb[9]) { 1298 case IPPROTO_TCP: 1299 if (len >= 20) { /* min length of TCP header */ 1300 s_port = (tlh[0] << 8) + tlh[1]; 1301 d_port = (tlh[2] << 8) + tlh[3]; 1302 syn = tlh[13] & 0x02; 1303 } 1304 break; 1305 case IPPROTO_UDP: 1306 if (len >= 8) { /* min length of UDP header */ 1307 s_port = (tlh[0] << 8) + tlh[1]; 1308 d_port = (tlh[2] << 8) + tlh[3]; 1309 } 1310 break; 1311 } 1312 } 1313 1314 /* 1315 * Now calculate b_band for this packet from the 1316 * port-priority table. 1317 */ 1318 ptr = prioq_table; 1319 cur_band = max_band; 1320 band_unset = 1; 1321 while (*ptr) { 1322 while (*ptr && band_unset) 1323 if (s_port == *ptr || d_port == *ptr++) { 1324 mp->b_band = cur_band; 1325 band_unset = 0; 1326 break; 1327 } 1328 ptr++; 1329 cur_band--; 1330 } 1331 if (band_unset) 1332 mp->b_band = def_band; 1333 /* It may be usable to urge SYN packets a bit */ 1334 if (syn) 1335 mp->b_band++; 1336 } 1337#endif /* PRIOQ */ 1338 /* this assumes PPP_HDRLEN <= sizeof(dl_unitdata_req_t) */ 1339 if (mp->b_datap->db_ref > 1) { 1340 np = allocb(PPP_HDRLEN, BPRI_HI); 1341 if (np == 0) 1342 break; /* gak! */ 1343 np->b_cont = mp->b_cont; 1344 mp->b_cont = 0; 1345 freeb(mp); 1346 mp = np; 1347 } else 1348 mp->b_datap->db_type = M_DATA; 1349 /* XXX should use dl_dest_addr_offset/length here, 1350 but we would have to translate ETHERTYPE_IP -> PPP_IP */ 1351 mp->b_wptr = mp->b_rptr + PPP_HDRLEN; 1352 mp->b_rptr[0] = PPP_ALLSTATIONS; 1353 mp->b_rptr[1] = PPP_UI; 1354 mp->b_rptr[2] = us->sap >> 8; 1355 mp->b_rptr[3] = us->sap; 1356 /* pass_packet frees the packet on returning 0 */ 1357 if (pass_packet(us, mp, 1)) { 1358 if (!send_data(mp, us) && !putq(q, mp)) 1359 freemsg(mp); 1360 } 1361 return; 1362 1363#if DL_CURRENT_VERSION >= 2 1364 case DL_PHYS_ADDR_REQ: 1365 if (size < sizeof(dl_phys_addr_req_t)) 1366 goto badprim; 1367 1368 /* 1369 * Don't check state because ifconfig sends this one down too 1370 */ 1371 1372 if ((reply = allocb(sizeof(dl_phys_addr_ack_t)+ETHERADDRL, 1373 BPRI_HI)) == 0) 1374 break; /* should do bufcall */ 1375 reply->b_datap->db_type = M_PCPROTO; 1376 paddrack = (dl_phys_addr_ack_t *) reply->b_wptr; 1377 reply->b_wptr += sizeof(dl_phys_addr_ack_t); 1378 bzero((caddr_t) paddrack, sizeof(dl_phys_addr_ack_t)+ETHERADDRL); 1379 paddrack->dl_primitive = DL_PHYS_ADDR_ACK; 1380 paddrack->dl_addr_length = ETHERADDRL; 1381 paddrack->dl_addr_offset = sizeof(dl_phys_addr_ack_t); 1382 bcopy(&eaddr, reply->b_wptr, ETHERADDRL); 1383 reply->b_wptr += ETHERADDRL; 1384 qreply(q, reply); 1385 break; 1386 1387#if defined(SOL2) 1388 case DL_PROMISCON_REQ: 1389 if (size < sizeof(dl_promiscon_req_t)) 1390 goto badprim; 1391 us->flags |= US_PROMISC; 1392 dlpi_ok(q, DL_PROMISCON_REQ); 1393 break; 1394 1395 case DL_PROMISCOFF_REQ: 1396 if (size < sizeof(dl_promiscoff_req_t)) 1397 goto badprim; 1398 us->flags &= ~US_PROMISC; 1399 dlpi_ok(q, DL_PROMISCOFF_REQ); 1400 break; 1401#else 1402 case DL_PROMISCON_REQ: /* fall thru */ 1403 case DL_PROMISCOFF_REQ: /* fall thru */ 1404#endif /* defined(SOL2) */ 1405#endif /* DL_CURRENT_VERSION >= 2 */ 1406 1407#if DL_CURRENT_VERSION >= 2 1408 case DL_SET_PHYS_ADDR_REQ: 1409 case DL_SUBS_BIND_REQ: 1410 case DL_SUBS_UNBIND_REQ: 1411 case DL_ENABMULTI_REQ: 1412 case DL_DISABMULTI_REQ: 1413 case DL_XID_REQ: 1414 case DL_TEST_REQ: 1415 case DL_REPLY_UPDATE_REQ: 1416 case DL_REPLY_REQ: 1417 case DL_DATA_ACK_REQ: 1418#endif 1419 case DL_CONNECT_REQ: 1420 case DL_TOKEN_REQ: 1421 dlpi_error(q, us, d->dl_primitive, DL_NOTSUPPORTED, 0); 1422 break; 1423 1424 case DL_CONNECT_RES: 1425 case DL_DISCONNECT_REQ: 1426 case DL_RESET_REQ: 1427 case DL_RESET_RES: 1428 dlpi_error(q, us, d->dl_primitive, DL_OUTSTATE, 0); 1429 break; 1430 1431 case DL_UDQOS_REQ: 1432 dlpi_error(q, us, d->dl_primitive, DL_BADQOSTYPE, 0); 1433 break; 1434 1435#if DL_CURRENT_VERSION >= 2 1436 case DL_TEST_RES: 1437 case DL_XID_RES: 1438 break; 1439#endif 1440 1441 default: 1442 if (us->flags & US_DBGLOG) 1443 DPRINT1("ppp: unknown dlpi prim 0x%x\n", d->dl_primitive); 1444 /* fall through */ 1445 badprim: 1446 dlpi_error(q, us, d->dl_primitive, DL_BADPRIM, 0); 1447 break; 1448 } 1449 freemsg(mp); 1450} 1451 1452static void 1453dlpi_error(q, us, prim, err, uerr) 1454 queue_t *q; 1455 upperstr_t *us; 1456 int prim, err, uerr; 1457{ 1458 mblk_t *reply; 1459 dl_error_ack_t *errp; 1460 1461 if (us->flags & US_DBGLOG) 1462 DPRINT3("ppp/%d: dlpi error, prim=%x, err=%x\n", us->mn, prim, err); 1463 reply = allocb(sizeof(dl_error_ack_t), BPRI_HI); 1464 if (reply == 0) 1465 return; /* XXX should do bufcall */ 1466 reply->b_datap->db_type = M_PCPROTO; 1467 errp = (dl_error_ack_t *) reply->b_wptr; 1468 reply->b_wptr += sizeof(dl_error_ack_t); 1469 errp->dl_primitive = DL_ERROR_ACK; 1470 errp->dl_error_primitive = prim; 1471 errp->dl_errno = err; 1472 errp->dl_unix_errno = uerr; 1473 qreply(q, reply); 1474} 1475 1476static void 1477dlpi_ok(q, prim) 1478 queue_t *q; 1479 int prim; 1480{ 1481 mblk_t *reply; 1482 dl_ok_ack_t *okp; 1483 1484 reply = allocb(sizeof(dl_ok_ack_t), BPRI_HI); 1485 if (reply == 0) 1486 return; /* XXX should do bufcall */ 1487 reply->b_datap->db_type = M_PCPROTO; 1488 okp = (dl_ok_ack_t *) reply->b_wptr; 1489 reply->b_wptr += sizeof(dl_ok_ack_t); 1490 okp->dl_primitive = DL_OK_ACK; 1491 okp->dl_correct_primitive = prim; 1492 qreply(q, reply); 1493} 1494#endif /* NO_DLPI */ 1495 1496/* 1497 * If return value is 0, then the packet has already been freed. 1498 */ 1499static int 1500pass_packet(us, mp, outbound) 1501 upperstr_t *us; 1502 mblk_t *mp; 1503 int outbound; 1504{ 1505 int pass; 1506 upperstr_t *ppa; 1507 1508 if ((ppa = us->ppa) == 0) { 1509 freemsg(mp); 1510 return 0; 1511 } 1512 1513#ifdef FILTER_PACKETS 1514 pass = ip_hard_filter(us, mp, outbound); 1515#else 1516 /* 1517 * Here is where we might, in future, decide whether to pass 1518 * or drop the packet, and whether it counts as link activity. 1519 */ 1520 pass = 1; 1521#endif /* FILTER_PACKETS */ 1522 1523 if (pass < 0) { 1524 /* pass only if link already up, and don't update time */ 1525 if (ppa->lowerq == 0) { 1526 freemsg(mp); 1527 return 0; 1528 } 1529 pass = 1; 1530 } else if (pass) { 1531 if (outbound) 1532 ppa->last_sent = time; 1533 else 1534 ppa->last_recv = time; 1535 } 1536 1537 return pass; 1538} 1539 1540/* 1541 * We have some data to send down to the lower stream (or up the 1542 * control stream, if we don't have a lower stream attached). 1543 * Returns 1 if the message was dealt with, 0 if it wasn't able 1544 * to be sent on and should therefore be queued up. 1545 */ 1546static int 1547send_data(mp, us) 1548 mblk_t *mp; 1549 upperstr_t *us; 1550{ 1551 upperstr_t *ppa; 1552 1553 if ((us->flags & US_BLOCKED) || us->npmode == NPMODE_QUEUE) 1554 return 0; 1555 ppa = us->ppa; 1556 if (ppa == 0 || us->npmode == NPMODE_DROP || us->npmode == NPMODE_ERROR) { 1557 if (us->flags & US_DBGLOG) 1558 DPRINT2("ppp/%d: dropping pkt (npmode=%d)\n", us->mn, us->npmode); 1559 freemsg(mp); 1560 return 1; 1561 } 1562 if (ppa->lowerq == 0) { 1563 /* try to send it up the control stream */ 1564 if (bcanputnext(ppa->q, mp->b_band)) { 1565 /* 1566 * The message seems to get corrupted for some reason if 1567 * we just send the message up as it is, so we send a copy. 1568 */ 1569 mblk_t *np = copymsg(mp); 1570 freemsg(mp); 1571 if (np != 0) 1572 putnext(ppa->q, np); 1573 return 1; 1574 } 1575 } else { 1576 if (bcanputnext(ppa->lowerq, mp->b_band)) { 1577 MT_ENTER(&ppa->stats_lock); 1578 ppa->stats.ppp_opackets++; 1579 ppa->stats.ppp_obytes += msgdsize(mp); 1580#ifdef INCR_OPACKETS 1581 INCR_OPACKETS(ppa); 1582#endif 1583 MT_EXIT(&ppa->stats_lock); 1584 /* 1585 * The lower queue is only ever detached while holding an 1586 * exclusive lock on the whole driver. So we can be confident 1587 * that the lower queue is still there. 1588 */ 1589 putnext(ppa->lowerq, mp); 1590 return 1; 1591 } 1592 } 1593 us->flags |= US_BLOCKED; 1594 return 0; 1595} 1596 1597/* 1598 * Allocate a new PPA id and link this stream into the list of PPAs. 1599 * This procedure is called with an exclusive lock on all queues in 1600 * this driver. 1601 */ 1602static void 1603new_ppa(q, mp) 1604 queue_t *q; 1605 mblk_t *mp; 1606{ 1607 upperstr_t *us, *up, **usp; 1608 int ppa_id; 1609 1610 us = (upperstr_t *) q->q_ptr; 1611 if (us == 0) { 1612 DPRINT("new_ppa: q_ptr = 0!\n"); 1613 return; 1614 } 1615 1616 usp = &ppas; 1617 ppa_id = 0; 1618 while ((up = *usp) != 0 && ppa_id == up->ppa_id) { 1619 ++ppa_id; 1620 usp = &up->nextppa; 1621 } 1622 us->ppa_id = ppa_id; 1623 us->ppa = us; 1624 us->next = 0; 1625 us->nextppa = *usp; 1626 *usp = us; 1627 us->flags |= US_CONTROL; 1628 us->npmode = NPMODE_PASS; 1629 1630 us->mtu = PPP_MTU; 1631 us->mru = PPP_MRU; 1632 1633#ifdef SOL2 1634 /* 1635 * Create a kstats record for our statistics, so netstat -i works. 1636 */ 1637 if (us->kstats == 0) { 1638 char unit[32]; 1639 1640 sprintf(unit, "ppp%d", us->ppa->ppa_id); 1641 us->kstats = kstat_create("ppp", us->ppa->ppa_id, unit, 1642 "net", KSTAT_TYPE_NAMED, 4, 0); 1643 if (us->kstats != 0) { 1644 kstat_named_t *kn = KSTAT_NAMED_PTR(us->kstats); 1645 1646 strcpy(kn[0].name, "ipackets"); 1647 kn[0].data_type = KSTAT_DATA_ULONG; 1648 strcpy(kn[1].name, "ierrors"); 1649 kn[1].data_type = KSTAT_DATA_ULONG; 1650 strcpy(kn[2].name, "opackets"); 1651 kn[2].data_type = KSTAT_DATA_ULONG; 1652 strcpy(kn[3].name, "oerrors"); 1653 kn[3].data_type = KSTAT_DATA_ULONG; 1654 kstat_install(us->kstats); 1655 } 1656 } 1657#endif /* SOL2 */ 1658 1659 *(int *)mp->b_cont->b_rptr = ppa_id; 1660 mp->b_datap->db_type = M_IOCACK; 1661 qreply(q, mp); 1662} 1663 1664static void 1665attach_ppa(q, mp) 1666 queue_t *q; 1667 mblk_t *mp; 1668{ 1669 upperstr_t *us, *t; 1670 1671 us = (upperstr_t *) q->q_ptr; 1672 if (us == 0) { 1673 DPRINT("attach_ppa: q_ptr = 0!\n"); 1674 return; 1675 } 1676 1677#ifndef NO_DLPI 1678 us->state = DL_UNBOUND; 1679#endif 1680 for (t = us->ppa; t->next != 0; t = t->next) 1681 ; 1682 t->next = us; 1683 us->next = 0; 1684 if (mp->b_datap->db_type == M_IOCTL) { 1685 mp->b_datap->db_type = M_IOCACK; 1686 qreply(q, mp); 1687 } else { 1688#ifndef NO_DLPI 1689 dlpi_ok(q, DL_ATTACH_REQ); 1690#endif 1691 freemsg(mp); 1692 } 1693} 1694 1695#ifndef NO_DLPI 1696static void 1697detach_ppa(q, mp) 1698 queue_t *q; 1699 mblk_t *mp; 1700{ 1701 upperstr_t *us, *t; 1702 1703 us = (upperstr_t *) q->q_ptr; 1704 if (us == 0) { 1705 DPRINT("detach_ppa: q_ptr = 0!\n"); 1706 return; 1707 } 1708 1709 for (t = us->ppa; t->next != 0; t = t->next) 1710 if (t->next == us) { 1711 t->next = us->next; 1712 break; 1713 } 1714 us->next = 0; 1715 us->ppa = 0; 1716 us->state = DL_UNATTACHED; 1717 dlpi_ok(q, DL_DETACH_REQ); 1718 freemsg(mp); 1719} 1720#endif 1721 1722/* 1723 * We call this with qwriter in order to give the upper queue procedures 1724 * the guarantee that the lower queue is not going to go away while 1725 * they are executing. 1726 */ 1727static void 1728detach_lower(q, mp) 1729 queue_t *q; 1730 mblk_t *mp; 1731{ 1732 upperstr_t *us; 1733 1734 us = (upperstr_t *) q->q_ptr; 1735 if (us == 0) { 1736 DPRINT("detach_lower: q_ptr = 0!\n"); 1737 return; 1738 } 1739 1740 LOCK_LOWER_W; 1741 us->lowerq->q_ptr = 0; 1742 RD(us->lowerq)->q_ptr = 0; 1743 us->lowerq = 0; 1744 UNLOCK_LOWER; 1745 1746 /* Unblock streams which now feed back up the control stream. */ 1747 qenable(us->q); 1748 1749 mp->b_datap->db_type = M_IOCACK; 1750 qreply(q, mp); 1751} 1752 1753static int 1754pppuwsrv(q) 1755 queue_t *q; 1756{ 1757 upperstr_t *us, *as; 1758 mblk_t *mp; 1759 1760 us = (upperstr_t *) q->q_ptr; 1761 if (us == 0) { 1762 DPRINT("pppuwsrv: q_ptr = 0!\n"); 1763 return 0; 1764 } 1765 1766 /* 1767 * If this is a control stream, then this service procedure 1768 * probably got enabled because of flow control in the lower 1769 * stream being enabled (or because of the lower stream going 1770 * away). Therefore we enable the service procedure of all 1771 * attached upper streams. 1772 */ 1773 if (us->flags & US_CONTROL) { 1774 for (as = us->next; as != 0; as = as->next) 1775 qenable(WR(as->q)); 1776 } 1777 1778 /* Try to send on any data queued here. */ 1779 us->flags &= ~US_BLOCKED; 1780 while ((mp = getq(q)) != 0) { 1781 if (!send_data(mp, us)) { 1782 putbq(q, mp); 1783 break; 1784 } 1785 } 1786 1787 return 0; 1788} 1789 1790/* should never get called... */ 1791static int 1792ppplwput(q, mp) 1793 queue_t *q; 1794 mblk_t *mp; 1795{ 1796 putnext(q, mp); 1797 return 0; 1798} 1799 1800static int 1801ppplwsrv(q) 1802 queue_t *q; 1803{ 1804 queue_t *uq; 1805 1806 /* 1807 * Flow control has back-enabled this stream: 1808 * enable the upper write service procedure for 1809 * the upper control stream for this lower stream. 1810 */ 1811 LOCK_LOWER_R; 1812 uq = (queue_t *) q->q_ptr; 1813 if (uq != 0) 1814 qenable(uq); 1815 UNLOCK_LOWER; 1816 return 0; 1817} 1818 1819/* 1820 * This should only get called for control streams. 1821 */ 1822static int 1823pppurput(q, mp) 1824 queue_t *q; 1825 mblk_t *mp; 1826{ 1827 upperstr_t *ppa, *us; 1828 int proto, len; 1829 struct iocblk *iop; 1830 1831 ppa = (upperstr_t *) q->q_ptr; 1832 if (ppa == 0) { 1833 DPRINT("pppurput: q_ptr = 0!\n"); 1834 return 0; 1835 } 1836 1837 switch (mp->b_datap->db_type) { 1838 case M_CTL: 1839 MT_ENTER(&ppa->stats_lock); 1840 switch (*mp->b_rptr) { 1841 case PPPCTL_IERROR: 1842#ifdef INCR_IERRORS 1843 INCR_IERRORS(ppa); 1844#endif 1845 ppa->stats.ppp_ierrors++; 1846 break; 1847 case PPPCTL_OERROR: 1848#ifdef INCR_OERRORS 1849 INCR_OERRORS(ppa); 1850#endif 1851 ppa->stats.ppp_oerrors++; 1852 break; 1853 } 1854 MT_EXIT(&ppa->stats_lock); 1855 freemsg(mp); 1856 break; 1857 1858 case M_IOCACK: 1859 case M_IOCNAK: 1860 /* 1861 * Attempt to match up the response with the stream 1862 * that the request came from. 1863 */ 1864 iop = (struct iocblk *) mp->b_rptr; 1865 for (us = ppa; us != 0; us = us->next) 1866 if (us->ioc_id == iop->ioc_id) 1867 break; 1868 if (us == 0) 1869 freemsg(mp); 1870 else 1871 putnext(us->q, mp); 1872 break; 1873 1874 case M_HANGUP: 1875 /* 1876 * The serial device has hung up. We don't want to send 1877 * the M_HANGUP message up to pppd because that will stop 1878 * us from using the control stream any more. Instead we 1879 * send a zero-length message as an end-of-file indication. 1880 */ 1881 freemsg(mp); 1882 mp = allocb(1, BPRI_HI); 1883 if (mp == 0) { 1884 DPRINT1("ppp/%d: couldn't allocate eof message!\n", ppa->mn); 1885 break; 1886 } 1887 putnext(ppa->q, mp); 1888 break; 1889 1890 case M_DATA: 1891 len = msgdsize(mp); 1892 if (mp->b_wptr - mp->b_rptr < PPP_HDRLEN) { 1893 PULLUP(mp, PPP_HDRLEN); 1894 if (mp == 0) { 1895 DPRINT1("ppp_urput: msgpullup failed (len=%d)\n", len); 1896 break; 1897 } 1898 } 1899 MT_ENTER(&ppa->stats_lock); 1900 ppa->stats.ppp_ipackets++; 1901 ppa->stats.ppp_ibytes += len; 1902#ifdef INCR_IPACKETS 1903 INCR_IPACKETS(ppa); 1904#endif 1905 MT_EXIT(&ppa->stats_lock); 1906 1907 proto = PPP_PROTOCOL(mp->b_rptr); 1908 1909#if defined(SOL2) 1910 /* 1911 * Should there be any promiscuous stream(s), send the data 1912 * up for each promiscuous stream that we recognize. 1913 */ 1914 promisc_sendup(ppa, mp, proto, 1); 1915#endif /* defined(SOL2) */ 1916 1917 if (proto < 0x8000 && (us = find_dest(ppa, proto)) != 0) { 1918 /* 1919 * A data packet for some network protocol. 1920 * Queue it on the upper stream for that protocol. 1921 * XXX could we just putnext it? (would require thought) 1922 * The rblocked flag is there to ensure that we keep 1923 * messages in order for each network protocol. 1924 */ 1925 /* pass_packet frees the packet on returning 0 */ 1926 if (!pass_packet(us, mp, 0)) 1927 break; 1928 if (!us->rblocked && !canput(us->q)) 1929 us->rblocked = 1; 1930 if (!putq(us->rblocked ? q : us->q, mp)) 1931 freemsg(mp); 1932 break; 1933 } 1934 1935 /* FALLTHROUGH */ 1936 1937 default: 1938 /* 1939 * A control frame, a frame for an unknown protocol, 1940 * or some other message type. 1941 * Send it up to pppd via the control stream. 1942 */ 1943 if (queclass(mp) == QPCTL || canputnext(ppa->q)) 1944 putnext(ppa->q, mp); 1945 else if (!putq(q, mp)) 1946 freemsg(mp); 1947 break; 1948 } 1949 1950 return 0; 1951} 1952 1953static int 1954pppursrv(q) 1955 queue_t *q; 1956{ 1957 upperstr_t *us, *as; 1958 mblk_t *mp, *hdr; 1959#ifndef NO_DLPI 1960 dl_unitdata_ind_t *ud; 1961#endif 1962 int proto; 1963 1964 us = (upperstr_t *) q->q_ptr; 1965 if (us == 0) { 1966 DPRINT("pppursrv: q_ptr = 0!\n"); 1967 return 0; 1968 } 1969 1970 if (us->flags & US_CONTROL) { 1971 /* 1972 * A control stream. 1973 * If there is no lower queue attached, run the write service 1974 * routines of other upper streams attached to this PPA. 1975 */ 1976 if (us->lowerq == 0) { 1977 as = us; 1978 do { 1979 if (as->flags & US_BLOCKED) 1980 qenable(WR(as->q)); 1981 as = as->next; 1982 } while (as != 0); 1983 } 1984 1985 /* 1986 * Messages get queued on this stream's read queue if they 1987 * can't be queued on the read queue of the attached stream 1988 * that they are destined for. This is for flow control - 1989 * when this queue fills up, the lower read put procedure will 1990 * queue messages there and the flow control will propagate 1991 * down from there. 1992 */ 1993 while ((mp = getq(q)) != 0) { 1994 proto = PPP_PROTOCOL(mp->b_rptr); 1995 if (proto < 0x8000 && (as = find_dest(us, proto)) != 0) { 1996 if (!canput(as->q)) 1997 break; 1998 if (!putq(as->q, mp)) 1999 freemsg(mp); 2000 } else { 2001 if (!canputnext(q)) 2002 break; 2003 putnext(q, mp); 2004 } 2005 } 2006 if (mp) { 2007 putbq(q, mp); 2008 } else { 2009 /* can now put stuff directly on network protocol streams again */ 2010 for (as = us->next; as != 0; as = as->next) 2011 as->rblocked = 0; 2012 } 2013 2014 /* 2015 * If this stream has a lower stream attached, 2016 * enable the read queue's service routine. 2017 * XXX we should really only do this if the queue length 2018 * has dropped below the low-water mark. 2019 */ 2020 if (us->lowerq != 0) 2021 qenable(RD(us->lowerq)); 2022 2023 } else { 2024 /* 2025 * A network protocol stream. Put a DLPI header on each 2026 * packet and send it on. 2027 * (Actually, it seems that the IP module will happily 2028 * accept M_DATA messages without the DL_UNITDATA_IND header.) 2029 */ 2030 while ((mp = getq(q)) != 0) { 2031 if (!canputnext(q)) { 2032 putbq(q, mp); 2033 break; 2034 } 2035#ifndef NO_DLPI 2036 proto = PPP_PROTOCOL(mp->b_rptr); 2037 mp->b_rptr += PPP_HDRLEN; 2038 hdr = allocb(sizeof(dl_unitdata_ind_t) + 2 * sizeof(uint), 2039 BPRI_MED); 2040 if (hdr == 0) { 2041 /* XXX should put it back and use bufcall */ 2042 freemsg(mp); 2043 continue; 2044 } 2045 hdr->b_datap->db_type = M_PROTO; 2046 ud = (dl_unitdata_ind_t *) hdr->b_wptr; 2047 hdr->b_wptr += sizeof(dl_unitdata_ind_t) + 2 * sizeof(uint); 2048 hdr->b_cont = mp; 2049 ud->dl_primitive = DL_UNITDATA_IND; 2050 ud->dl_dest_addr_length = sizeof(uint); 2051 ud->dl_dest_addr_offset = sizeof(dl_unitdata_ind_t); 2052 ud->dl_src_addr_length = sizeof(uint); 2053 ud->dl_src_addr_offset = ud->dl_dest_addr_offset + sizeof(uint); 2054#if DL_CURRENT_VERSION >= 2 2055 ud->dl_group_address = 0; 2056#endif 2057 /* Send the DLPI client the data with the SAP they requested, 2058 (e.g. ETHERTYPE_IP) rather than the PPP protocol number 2059 (e.g. PPP_IP) */ 2060 ((uint *)(ud + 1))[0] = us->req_sap; /* dest SAP */ 2061 ((uint *)(ud + 1))[1] = us->req_sap; /* src SAP */ 2062 putnext(q, hdr); 2063#else /* NO_DLPI */ 2064 putnext(q, mp); 2065#endif /* NO_DLPI */ 2066 } 2067 /* 2068 * Now that we have consumed some packets from this queue, 2069 * enable the control stream's read service routine so that we 2070 * can process any packets for us that might have got queued 2071 * there for flow control reasons. 2072 */ 2073 if (us->ppa) 2074 qenable(us->ppa->q); 2075 } 2076 2077 return 0; 2078} 2079 2080static upperstr_t * 2081find_dest(ppa, proto) 2082 upperstr_t *ppa; 2083 int proto; 2084{ 2085 upperstr_t *us; 2086 2087 for (us = ppa->next; us != 0; us = us->next) 2088 if (proto == us->sap) 2089 break; 2090 return us; 2091} 2092 2093#if defined (SOL2) 2094/* 2095 * Test upstream promiscuous conditions. As of now, only pass IPv4 and 2096 * Ipv6 packets upstream (let PPP packets be decoded elsewhere). 2097 */ 2098static upperstr_t * 2099find_promisc(us, proto) 2100 upperstr_t *us; 2101 int proto; 2102{ 2103 2104 if ((proto != PPP_IP) && (proto != PPP_IPV6)) 2105 return (upperstr_t *)0; 2106 2107 for ( ; us; us = us->next) { 2108 if ((us->flags & US_PROMISC) && (us->state == DL_IDLE)) 2109 return us; 2110 } 2111 2112 return (upperstr_t *)0; 2113} 2114 2115/* 2116 * Prepend an empty Ethernet header to msg for snoop, et al. 2117 */ 2118static mblk_t * 2119prepend_ether(us, mp, proto) 2120 upperstr_t *us; 2121 mblk_t *mp; 2122 int proto; 2123{ 2124 mblk_t *eh; 2125 int type; 2126 2127 if ((eh = allocb(sizeof(struct ether_header), BPRI_HI)) == 0) { 2128 freemsg(mp); 2129 return (mblk_t *)0; 2130 } 2131 2132 if (proto == PPP_IP) 2133 type = ETHERTYPE_IP; 2134 else if (proto == PPP_IPV6) 2135 type = ETHERTYPE_IPV6; 2136 else 2137 type = proto; /* What else? Let decoder decide */ 2138 2139 eh->b_wptr += sizeof(struct ether_header); 2140 bzero((caddr_t)eh->b_rptr, sizeof(struct ether_header)); 2141 ((struct ether_header *)eh->b_rptr)->ether_type = htons((short)type); 2142 eh->b_cont = mp; 2143 return (eh); 2144} 2145 2146/* 2147 * Prepend DL_UNITDATA_IND mblk to msg 2148 */ 2149static mblk_t * 2150prepend_udind(us, mp, proto) 2151 upperstr_t *us; 2152 mblk_t *mp; 2153 int proto; 2154{ 2155 dl_unitdata_ind_t *dlu; 2156 mblk_t *dh; 2157 size_t size; 2158 2159 size = sizeof(dl_unitdata_ind_t); 2160 if ((dh = allocb(size, BPRI_MED)) == 0) { 2161 freemsg(mp); 2162 return (mblk_t *)0; 2163 } 2164 2165 dh->b_datap->db_type = M_PROTO; 2166 dh->b_wptr = dh->b_datap->db_lim; 2167 dh->b_rptr = dh->b_wptr - size; 2168 2169 dlu = (dl_unitdata_ind_t *)dh->b_rptr; 2170 dlu->dl_primitive = DL_UNITDATA_IND; 2171 dlu->dl_dest_addr_length = 0; 2172 dlu->dl_dest_addr_offset = sizeof(dl_unitdata_ind_t); 2173 dlu->dl_src_addr_length = 0; 2174 dlu->dl_src_addr_offset = sizeof(dl_unitdata_ind_t); 2175 dlu->dl_group_address = 0; 2176 2177 dh->b_cont = mp; 2178 return (dh); 2179} 2180 2181/* 2182 * For any recognized promiscuous streams, send data upstream 2183 */ 2184static void 2185promisc_sendup(ppa, mp, proto, skip) 2186 upperstr_t *ppa; 2187 mblk_t *mp; 2188 int proto, skip; 2189{ 2190 mblk_t *dup_mp, *dup_dup_mp; 2191 upperstr_t *prus, *nprus; 2192 2193 if ((prus = find_promisc(ppa, proto)) != 0) { 2194 if (dup_mp = dupmsg(mp)) { 2195 2196 if (skip) 2197 dup_mp->b_rptr += PPP_HDRLEN; 2198 2199 for ( ; nprus = find_promisc(prus->next, proto); 2200 prus = nprus) { 2201 2202 if (dup_dup_mp = dupmsg(dup_mp)) { 2203 if (canputnext(prus->q)) { 2204 if (prus->flags & US_RAWDATA) { 2205 dup_dup_mp = prepend_ether(prus, dup_dup_mp, proto); 2206 } else { 2207 dup_dup_mp = prepend_udind(prus, dup_dup_mp, proto); 2208 } 2209 if (dup_dup_mp == 0) 2210 continue; 2211 putnext(prus->q, dup_dup_mp); 2212 } else { 2213 DPRINT("ppp_urput: data to promisc q dropped\n"); 2214 freemsg(dup_dup_mp); 2215 } 2216 } 2217 } 2218 2219 if (canputnext(prus->q)) { 2220 if (prus->flags & US_RAWDATA) { 2221 dup_mp = prepend_ether(prus, dup_mp, proto); 2222 } else { 2223 dup_mp = prepend_udind(prus, dup_mp, proto); 2224 } 2225 if (dup_mp != 0) 2226 putnext(prus->q, dup_mp); 2227 } else { 2228 DPRINT("ppp_urput: data to promisc q dropped\n"); 2229 freemsg(dup_mp); 2230 } 2231 } 2232 } 2233} 2234#endif /* defined(SOL2) */ 2235 2236/* 2237 * We simply put the message on to the associated upper control stream 2238 * (either here or in ppplrsrv). That way we enter the perimeters 2239 * before looking through the list of attached streams to decide which 2240 * stream it should go up. 2241 */ 2242static int 2243ppplrput(q, mp) 2244 queue_t *q; 2245 mblk_t *mp; 2246{ 2247 queue_t *uq; 2248 struct iocblk *iop; 2249 2250 switch (mp->b_datap->db_type) { 2251 case M_IOCTL: 2252 iop = (struct iocblk *) mp->b_rptr; 2253 iop->ioc_error = EINVAL; 2254 mp->b_datap->db_type = M_IOCNAK; 2255 qreply(q, mp); 2256 return 0; 2257 case M_FLUSH: 2258 if (*mp->b_rptr & FLUSHR) 2259 flushq(q, FLUSHDATA); 2260 if (*mp->b_rptr & FLUSHW) { 2261 *mp->b_rptr &= ~FLUSHR; 2262 qreply(q, mp); 2263 } else 2264 freemsg(mp); 2265 return 0; 2266 } 2267 2268 /* 2269 * If we can't get the lower lock straight away, queue this one 2270 * rather than blocking, to avoid the possibility of deadlock. 2271 */ 2272 if (!TRYLOCK_LOWER_R) { 2273 if (!putq(q, mp)) 2274 freemsg(mp); 2275 return 0; 2276 } 2277 2278 /* 2279 * Check that we're still connected to the driver. 2280 */ 2281 uq = (queue_t *) q->q_ptr; 2282 if (uq == 0) { 2283 UNLOCK_LOWER; 2284 DPRINT1("ppplrput: q = %x, uq = 0??\n", q); 2285 freemsg(mp); 2286 return 0; 2287 } 2288 2289 /* 2290 * Try to forward the message to the put routine for the upper 2291 * control stream for this lower stream. 2292 * If there are already messages queued here, queue this one so 2293 * they don't get out of order. 2294 */ 2295 if (queclass(mp) == QPCTL || (qsize(q) == 0 && canput(uq))) 2296 put(uq, mp); 2297 else if (!putq(q, mp)) 2298 freemsg(mp); 2299 2300 UNLOCK_LOWER; 2301 return 0; 2302} 2303 2304static int 2305ppplrsrv(q) 2306 queue_t *q; 2307{ 2308 mblk_t *mp; 2309 queue_t *uq; 2310 2311 /* 2312 * Packets get queued here for flow control reasons 2313 * or if the lrput routine couldn't get the lower lock 2314 * without blocking. 2315 */ 2316 LOCK_LOWER_R; 2317 uq = (queue_t *) q->q_ptr; 2318 if (uq == 0) { 2319 UNLOCK_LOWER; 2320 flushq(q, FLUSHALL); 2321 DPRINT1("ppplrsrv: q = %x, uq = 0??\n", q); 2322 return 0; 2323 } 2324 while ((mp = getq(q)) != 0) { 2325 if (queclass(mp) == QPCTL || canput(uq)) 2326 put(uq, mp); 2327 else { 2328 putbq(q, mp); 2329 break; 2330 } 2331 } 2332 UNLOCK_LOWER; 2333 return 0; 2334} 2335 2336static int 2337putctl2(q, type, code, val) 2338 queue_t *q; 2339 int type, code, val; 2340{ 2341 mblk_t *mp; 2342 2343 mp = allocb(2, BPRI_HI); 2344 if (mp == 0) 2345 return 0; 2346 mp->b_datap->db_type = type; 2347 mp->b_wptr[0] = code; 2348 mp->b_wptr[1] = val; 2349 mp->b_wptr += 2; 2350 putnext(q, mp); 2351 return 1; 2352} 2353 2354static int 2355putctl4(q, type, code, val) 2356 queue_t *q; 2357 int type, code, val; 2358{ 2359 mblk_t *mp; 2360 2361 mp = allocb(4, BPRI_HI); 2362 if (mp == 0) 2363 return 0; 2364 mp->b_datap->db_type = type; 2365 mp->b_wptr[0] = code; 2366 ((short *)mp->b_wptr)[1] = val; 2367 mp->b_wptr += 4; 2368 putnext(q, mp); 2369 return 1; 2370} 2371 2372static void 2373debug_dump(q, mp) 2374 queue_t *q; 2375 mblk_t *mp; 2376{ 2377 upperstr_t *us; 2378 queue_t *uq, *lq; 2379 2380 DPRINT("ppp upper streams:\n"); 2381 for (us = minor_devs; us != 0; us = us->nextmn) { 2382 uq = us->q; 2383 DPRINT3(" %d: q=%x rlev=%d", 2384 us->mn, uq, (uq? qsize(uq): 0)); 2385 DPRINT3(" wlev=%d flags=0x%b", (uq? qsize(WR(uq)): 0), 2386 us->flags, "\020\1priv\2control\3blocked\4last"); 2387 DPRINT3(" state=%x sap=%x req_sap=%x", us->state, us->sap, 2388 us->req_sap); 2389 if (us->ppa == 0) 2390 DPRINT(" ppa=?\n"); 2391 else 2392 DPRINT1(" ppa=%d\n", us->ppa->ppa_id); 2393 if (us->flags & US_CONTROL) { 2394 lq = us->lowerq; 2395 DPRINT3(" control for %d lq=%x rlev=%d", 2396 us->ppa_id, lq, (lq? qsize(RD(lq)): 0)); 2397 DPRINT3(" wlev=%d mru=%d mtu=%d\n", 2398 (lq? qsize(lq): 0), us->mru, us->mtu); 2399 } 2400 } 2401 mp->b_datap->db_type = M_IOCACK; 2402 qreply(q, mp); 2403} 2404 2405#ifdef FILTER_PACKETS 2406#include <netinet/in_systm.h> 2407#include <netinet/ip.h> 2408#include <netinet/udp.h> 2409#include <netinet/tcp.h> 2410 2411#define MAX_IPHDR 128 /* max TCP/IP header size */ 2412 2413 2414/* The following table contains a hard-coded list of protocol/port pairs. 2415 * Any matching packets are either discarded unconditionally, or, 2416 * if ok_if_link_up is non-zero when a connection does not currently exist 2417 * (i.e., they go through if the connection is present, but never initiate 2418 * a dial-out). 2419 * This idea came from a post by dm@garage.uun.org (David Mazieres) 2420 */ 2421static struct pktfilt_tab { 2422 int proto; 2423 u_short port; 2424 u_short ok_if_link_up; 2425} pktfilt_tab[] = { 2426 { IPPROTO_UDP, 520, 1 }, /* RIP, ok to pass if link is up */ 2427 { IPPROTO_UDP, 123, 1 }, /* NTP, don't keep up the link for it */ 2428 { -1, 0, 0 } /* terminator entry has port == -1 */ 2429}; 2430 2431 2432/* 2433 * Packet has already been freed if return value is 0. 2434 */ 2435static int 2436ip_hard_filter(us, mp, outbound) 2437 upperstr_t *us; 2438 mblk_t *mp; 2439 int outbound; 2440{ 2441 struct ip *ip; 2442 struct pktfilt_tab *pft; 2443 mblk_t *temp_mp; 2444 int proto; 2445 int len, hlen; 2446 2447 2448 /* Note, the PPP header has already been pulled up in all cases */ 2449 proto = PPP_PROTOCOL(mp->b_rptr); 2450 if (us->flags & US_DBGLOG) 2451 DPRINT3("ppp/%d: filter, proto=0x%x, out=%d\n", us->mn, proto, outbound); 2452 2453 switch (proto) 2454 { 2455 case PPP_IP: 2456 if ((mp->b_wptr - mp->b_rptr) == PPP_HDRLEN && mp->b_cont != 0) { 2457 temp_mp = mp->b_cont; 2458 len = msgdsize(temp_mp); 2459 hlen = (len < MAX_IPHDR) ? len : MAX_IPHDR; 2460 PULLUP(temp_mp, hlen); 2461 if (temp_mp == 0) { 2462 DPRINT2("ppp/%d: filter, pullup next failed, len=%d\n", 2463 us->mn, hlen); 2464 mp->b_cont = 0; /* PULLUP() freed the rest */ 2465 freemsg(mp); 2466 return 0; 2467 } 2468 ip = (struct ip *)mp->b_cont->b_rptr; 2469 } 2470 else { 2471 len = msgdsize(mp); 2472 hlen = (len < (PPP_HDRLEN+MAX_IPHDR)) ? len : (PPP_HDRLEN+MAX_IPHDR); 2473 PULLUP(mp, hlen); 2474 if (mp == 0) { 2475 DPRINT2("ppp/%d: filter, pullup failed, len=%d\n", 2476 us->mn, hlen); 2477 return 0; 2478 } 2479 ip = (struct ip *)(mp->b_rptr + PPP_HDRLEN); 2480 } 2481 2482 /* For IP traffic, certain packets (e.g., RIP) may be either 2483 * 1. ignored - dropped completely 2484 * 2. will not initiate a connection, but 2485 * will be passed if a connection is currently up. 2486 */ 2487 for (pft=pktfilt_tab; pft->proto != -1; pft++) { 2488 if (ip->ip_p == pft->proto) { 2489 switch(pft->proto) { 2490 case IPPROTO_UDP: 2491 if (((struct udphdr *) &((int *)ip)[ip->ip_hl])->uh_dport 2492 == htons(pft->port)) goto endfor; 2493 break; 2494 case IPPROTO_TCP: 2495 if (((struct tcphdr *) &((int *)ip)[ip->ip_hl])->th_dport 2496 == htons(pft->port)) goto endfor; 2497 break; 2498 } 2499 } 2500 } 2501 endfor: 2502 if (pft->proto != -1) { 2503 if (us->flags & US_DBGLOG) 2504 DPRINT3("ppp/%d: found IP pkt, proto=0x%x (%d)\n", 2505 us->mn, pft->proto, pft->port); 2506 /* Discard if not connected, or if not pass_with_link_up */ 2507 /* else, if link is up let go by, but don't update time */ 2508 if (pft->ok_if_link_up) 2509 return -1; 2510 freemsg(mp); 2511 return 0; 2512 } 2513 break; 2514 } /* end switch (proto) */ 2515 2516 return 1; 2517} 2518#endif /* FILTER_PACKETS */ 2519 2520