blob: 676bc2644f1a88113d1a3c16f2b0408814ca6926 [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -07001/*
2 * ppp.c - STREAMS multiplexing pseudo-device driver for PPP.
3 *
4 * Copyright (c) 1994 Paul Mackerras. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. The name(s) of the authors of this software must not be used to
19 * endorse or promote products derived from this software without
20 * prior written permission.
21 *
22 * 4. Redistributions of any form whatsoever must retain the following
23 * acknowledgment:
24 * "This product includes software developed by Paul Mackerras
25 * <paulus@samba.org>".
26 *
27 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
28 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
29 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
30 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
31 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
32 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
33 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
34 *
35 * $Id: ppp.c,v 1.4 2005/06/27 00:59:57 carlsonj Exp $
36 */
37
38/*
39 * This file is used under Solaris 2, SVR4, SunOS 4, and Digital UNIX.
40 */
41
42#include <sys/types.h>
43#include <sys/param.h>
44#include <sys/stat.h>
45#include <sys/stream.h>
46#include <sys/stropts.h>
47#include <sys/errno.h>
48#ifdef __osf__
49#include <sys/ioctl.h>
50#include <sys/cmn_err.h>
51#define queclass(mp) ((mp)->b_band & QPCTL)
52#else
53#include <sys/ioccom.h>
54#endif
55#include <sys/time.h>
56#ifdef SVR4
57#include <sys/cmn_err.h>
58#include <sys/conf.h>
59#include <sys/dlpi.h>
60#include <sys/ddi.h>
61#ifdef SOL2
62#include <sys/ksynch.h>
63#include <sys/kstat.h>
64#include <sys/sunddi.h>
65#include <sys/ethernet.h>
66#else
67#include <sys/socket.h>
68#include <sys/sockio.h>
69#include <net/if.h>
70#include <netinet/in.h>
71#endif /* SOL2 */
72#else /* not SVR4 */
73#include <sys/user.h>
74#endif /* SVR4 */
75#include <net/ppp_defs.h>
76#include <net/pppio.h>
77#include "ppp_mod.h"
78
79/*
80 * Modifications marked with #ifdef PRIOQ are for priority queueing of
81 * interactive traffic, and are due to Marko Zec <zec@japa.tel.fer.hr>.
82 */
83#ifdef PRIOQ
84#endif /* PRIOQ */
85
86#include <netinet/in.h> /* leave this outside of PRIOQ for htons */
87
88#ifdef __STDC__
89#define __P(x) x
90#else
91#define __P(x) ()
92#endif
93
94/*
95 * The IP module may use this SAP value for IP packets.
96 */
97#ifndef ETHERTYPE_IP
98#define ETHERTYPE_IP 0x800
99#endif
100
101#if !defined(ETHERTYPE_IPV6)
102#define ETHERTYPE_IPV6 0x86dd
103#endif /* !defined(ETHERTYPE_IPV6) */
104
105#if !defined(ETHERTYPE_ALLSAP) && defined(SOL2)
106#define ETHERTYPE_ALLSAP 0
107#endif /* !defined(ETHERTYPE_ALLSAP) && defined(SOL2) */
108
109#if !defined(PPP_ALLSAP) && defined(SOL2)
110#define PPP_ALLSAP PPP_ALLSTATIONS
111#endif /* !defined(PPP_ALLSAP) && defined(SOL2) */
112
113extern time_t time;
114
115#ifdef SOL2
116/*
117 * We use this reader-writer lock to ensure that the lower streams
118 * stay connected to the upper streams while the lower-side put and
119 * service procedures are running. Essentially it is an existence
120 * lock for the upper stream associated with each lower stream.
121 */
122krwlock_t ppp_lower_lock;
123#define LOCK_LOWER_W rw_enter(&ppp_lower_lock, RW_WRITER)
124#define LOCK_LOWER_R rw_enter(&ppp_lower_lock, RW_READER)
125#define TRYLOCK_LOWER_R rw_tryenter(&ppp_lower_lock, RW_READER)
126#define UNLOCK_LOWER rw_exit(&ppp_lower_lock)
127
128#define MT_ENTER(x) mutex_enter(x)
129#define MT_EXIT(x) mutex_exit(x)
130
131/*
132 * Notes on multithreaded implementation for Solaris 2:
133 *
134 * We use an inner perimeter around each queue pair and an outer
135 * perimeter around the whole driver. The inner perimeter is
136 * entered exclusively for all entry points (open, close, put,
137 * service). The outer perimeter is entered exclusively for open
138 * and close and shared for put and service. This is all done for
139 * us by the streams framework.
140 *
141 * I used to think that the perimeters were entered for the lower
142 * streams' put and service routines as well as for the upper streams'.
143 * Because of problems experienced by people, and after reading the
144 * documentation more closely, I now don't think that is true. So we
145 * now use ppp_lower_lock to give us an existence guarantee on the
146 * upper stream controlling each lower stream.
147 *
148 * Shared entry to the outer perimeter protects the existence of all
149 * the upper streams and their upperstr_t structures, and guarantees
150 * that the following fields of any upperstr_t won't change:
151 * nextmn, next, nextppa. It guarantees that the lowerq field of an
152 * upperstr_t won't go from non-zero to zero, that the global `ppas'
153 * won't change and that the no lower stream will get unlinked.
154 *
155 * Shared (reader) access to ppa_lower_lock guarantees that no lower
156 * stream will be unlinked and that the lowerq field of all upperstr_t
157 * structures won't change.
158 */
159
160#else /* SOL2 */
161#define LOCK_LOWER_W 0
162#define LOCK_LOWER_R 0
163#define TRYLOCK_LOWER_R 1
164#define UNLOCK_LOWER 0
165#define MT_ENTER(x) 0
166#define MT_EXIT(x) 0
167
168#endif /* SOL2 */
169
170/*
171 * Private information; one per upper stream.
172 */
173typedef struct upperstr {
174 minor_t mn; /* minor device number */
175 struct upperstr *nextmn; /* next minor device */
176 queue_t *q; /* read q associated with this upper stream */
177 int flags; /* flag bits, see below */
178 int state; /* current DLPI state */
179 int sap; /* service access point */
180 int req_sap; /* which SAP the DLPI client requested */
181 struct upperstr *ppa; /* control stream for our ppa */
182 struct upperstr *next; /* next stream for this ppa */
183 uint ioc_id; /* last ioctl ID for this stream */
184 enum NPmode npmode; /* what to do with packets on this SAP */
185 unsigned char rblocked; /* flow control has blocked upper read strm */
186 /* N.B. rblocked is only changed by control stream's put/srv procs */
187 /*
188 * There is exactly one control stream for each PPA.
189 * The following fields are only used for control streams.
190 */
191 int ppa_id;
192 queue_t *lowerq; /* write queue attached below this PPA */
193 struct upperstr *nextppa; /* next control stream */
194 int mru;
195 int mtu;
196 struct pppstat stats; /* statistics */
197 time_t last_sent; /* time last NP packet sent */
198 time_t last_recv; /* time last NP packet rcvd */
199#ifdef SOL2
200 kmutex_t stats_lock; /* lock for stats updates */
201 kstat_t *kstats; /* stats for netstat */
202#endif /* SOL2 */
203#ifdef LACHTCP
204 int ifflags;
205 char ifname[IFNAMSIZ];
206 struct ifstats ifstats;
207#endif /* LACHTCP */
208} upperstr_t;
209
210/* Values for flags */
211#define US_PRIV 1 /* stream was opened by superuser */
212#define US_CONTROL 2 /* stream is a control stream */
213#define US_BLOCKED 4 /* flow ctrl has blocked lower write stream */
214#define US_LASTMOD 8 /* no PPP modules below us */
215#define US_DBGLOG 0x10 /* log various occurrences */
216#define US_RBLOCKED 0x20 /* flow ctrl has blocked upper read stream */
217
218#if defined(SOL2)
219#if DL_CURRENT_VERSION >= 2
220#define US_PROMISC 0x40 /* stream is promiscuous */
221#endif /* DL_CURRENT_VERSION >= 2 */
222#define US_RAWDATA 0x80 /* raw M_DATA, no DLPI header */
223#endif /* defined(SOL2) */
224
225#ifdef PRIOQ
226static u_char max_band=0;
227static u_char def_band=0;
228
229#define IPPORT_DEFAULT 65535
230
231/*
232 * Port priority table
233 * Highest priority ports are listed first, lowest are listed last.
234 * ICMP & packets using unlisted ports will be treated as "default".
235 * If IPPORT_DEFAULT is not listed here, "default" packets will be
236 * assigned lowest priority.
237 * Each line should be terminated with "0".
238 * Line containing only "0" marks the end of the list.
239 */
240
241static u_short prioq_table[]= {
242 113, 53, 0,
243 22, 23, 513, 517, 518, 0,
244 514, 21, 79, 111, 0,
245 25, 109, 110, 0,
246 IPPORT_DEFAULT, 0,
247 20, 70, 80, 8001, 8008, 8080, 0, /* 8001,8008,8080 - common proxy ports */
2480 };
249
250#endif /* PRIOQ */
251
252
253static upperstr_t *minor_devs = NULL;
254static upperstr_t *ppas = NULL;
255
256#ifdef SVR4
257static int pppopen __P((queue_t *, dev_t *, int, int, cred_t *));
258static int pppclose __P((queue_t *, int, cred_t *));
259#else
260static int pppopen __P((queue_t *, int, int, int));
261static int pppclose __P((queue_t *, int));
262#endif /* SVR4 */
263static int pppurput __P((queue_t *, mblk_t *));
264static int pppuwput __P((queue_t *, mblk_t *));
265static int pppursrv __P((queue_t *));
266static int pppuwsrv __P((queue_t *));
267static int ppplrput __P((queue_t *, mblk_t *));
268static int ppplwput __P((queue_t *, mblk_t *));
269static int ppplrsrv __P((queue_t *));
270static int ppplwsrv __P((queue_t *));
271#ifndef NO_DLPI
272static void dlpi_request __P((queue_t *, mblk_t *, upperstr_t *));
273static void dlpi_error __P((queue_t *, upperstr_t *, int, int, int));
274static void dlpi_ok __P((queue_t *, int));
275#endif
276static int send_data __P((mblk_t *, upperstr_t *));
277static void new_ppa __P((queue_t *, mblk_t *));
278static void attach_ppa __P((queue_t *, mblk_t *));
279#ifndef NO_DLPI
280static void detach_ppa __P((queue_t *, mblk_t *));
281#endif
282static void detach_lower __P((queue_t *, mblk_t *));
283static void debug_dump __P((queue_t *, mblk_t *));
284static upperstr_t *find_dest __P((upperstr_t *, int));
285#if defined(SOL2)
286static upperstr_t *find_promisc __P((upperstr_t *, int));
287static mblk_t *prepend_ether __P((upperstr_t *, mblk_t *, int));
288static mblk_t *prepend_udind __P((upperstr_t *, mblk_t *, int));
289static void promisc_sendup __P((upperstr_t *, mblk_t *, int, int));
290#endif /* defined(SOL2) */
291static int putctl2 __P((queue_t *, int, int, int));
292static int putctl4 __P((queue_t *, int, int, int));
293static int pass_packet __P((upperstr_t *ppa, mblk_t *mp, int outbound));
294#ifdef FILTER_PACKETS
295static int ip_hard_filter __P((upperstr_t *ppa, mblk_t *mp, int outbound));
296#endif /* FILTER_PACKETS */
297
298#define PPP_ID 0xb1a6
299static struct module_info ppp_info = {
300#ifdef PRIOQ
301 PPP_ID, "ppp", 0, 512, 512, 384
302#else
303 PPP_ID, "ppp", 0, 512, 512, 128
304#endif /* PRIOQ */
305};
306
307static struct qinit pppurint = {
308 pppurput, pppursrv, pppopen, pppclose, NULL, &ppp_info, NULL
309};
310
311static struct qinit pppuwint = {
312 pppuwput, pppuwsrv, NULL, NULL, NULL, &ppp_info, NULL
313};
314
315static struct qinit ppplrint = {
316 ppplrput, ppplrsrv, NULL, NULL, NULL, &ppp_info, NULL
317};
318
319static struct qinit ppplwint = {
320 ppplwput, ppplwsrv, NULL, NULL, NULL, &ppp_info, NULL
321};
322
323#ifdef LACHTCP
324extern struct ifstats *ifstats;
325int pppdevflag = 0;
326#endif
327
328struct streamtab pppinfo = {
329 &pppurint, &pppuwint,
330 &ppplrint, &ppplwint
331};
332
333int ppp_count;
334
335/*
336 * How we maintain statistics.
337 */
338#ifdef SOL2
339#define INCR_IPACKETS(ppa) \
340 if (ppa->kstats != 0) { \
341 KSTAT_NAMED_PTR(ppa->kstats)[0].value.ul++; \
342 }
343#define INCR_IERRORS(ppa) \
344 if (ppa->kstats != 0) { \
345 KSTAT_NAMED_PTR(ppa->kstats)[1].value.ul++; \
346 }
347#define INCR_OPACKETS(ppa) \
348 if (ppa->kstats != 0) { \
349 KSTAT_NAMED_PTR(ppa->kstats)[2].value.ul++; \
350 }
351#define INCR_OERRORS(ppa) \
352 if (ppa->kstats != 0) { \
353 KSTAT_NAMED_PTR(ppa->kstats)[3].value.ul++; \
354 }
355#endif
356
357#ifdef LACHTCP
358#define INCR_IPACKETS(ppa) ppa->ifstats.ifs_ipackets++;
359#define INCR_IERRORS(ppa) ppa->ifstats.ifs_ierrors++;
360#define INCR_OPACKETS(ppa) ppa->ifstats.ifs_opackets++;
361#define INCR_OERRORS(ppa) ppa->ifstats.ifs_oerrors++;
362#endif
363
364/*
365 * STREAMS driver entry points.
366 */
367static int
368#ifdef SVR4
369pppopen(q, devp, oflag, sflag, credp)
370 queue_t *q;
371 dev_t *devp;
372 int oflag, sflag;
373 cred_t *credp;
374#else
375pppopen(q, dev, oflag, sflag)
376 queue_t *q;
377 int dev; /* really dev_t */
378 int oflag, sflag;
379#endif
380{
381 upperstr_t *up;
382 upperstr_t **prevp;
383 minor_t mn;
384#ifdef PRIOQ
385 u_short *ptr;
386 u_char new_band;
387#endif /* PRIOQ */
388
389 if (q->q_ptr)
390 DRV_OPEN_OK(dev); /* device is already open */
391
392#ifdef PRIOQ
393 /* Calculate max_bband & def_band from definitions in prioq.h
394 This colud be done at some more approtiate time (less often)
395 but this way it works well so I'll just leave it here */
396
397 max_band = 1;
398 def_band = 0;
399 ptr = prioq_table;
400 while (*ptr) {
401 new_band = 1;
402 while (*ptr)
403 if (*ptr++ == IPPORT_DEFAULT) {
404 new_band = 0;
405 def_band = max_band;
406 }
407 max_band += new_band;
408 ptr++;
409 }
410 if (def_band)
411 def_band = max_band - def_band;
412 --max_band;
413#endif /* PRIOQ */
414
415 if (sflag == CLONEOPEN) {
416 mn = 0;
417 for (prevp = &minor_devs; (up = *prevp) != 0; prevp = &up->nextmn) {
418 if (up->mn != mn)
419 break;
420 ++mn;
421 }
422 } else {
423#ifdef SVR4
424 mn = getminor(*devp);
425#else
426 mn = minor(dev);
427#endif
428 for (prevp = &minor_devs; (up = *prevp) != 0; prevp = &up->nextmn) {
429 if (up->mn >= mn)
430 break;
431 }
432 if (up->mn == mn) {
433 /* this can't happen */
434 q->q_ptr = WR(q)->q_ptr = (caddr_t) up;
435 DRV_OPEN_OK(dev);
436 }
437 }
438
439 /*
440 * Construct a new minor node.
441 */
442 up = (upperstr_t *) ALLOC_SLEEP(sizeof(upperstr_t));
443 bzero((caddr_t) up, sizeof(upperstr_t));
444 if (up == 0) {
445 DPRINT("pppopen: out of kernel memory\n");
446 OPEN_ERROR(ENXIO);
447 }
448 up->nextmn = *prevp;
449 *prevp = up;
450 up->mn = mn;
451#ifdef SVR4
452 *devp = makedevice(getmajor(*devp), mn);
453#endif
454 up->q = q;
455 if (NOTSUSER() == 0)
456 up->flags |= US_PRIV;
457#ifndef NO_DLPI
458 up->state = DL_UNATTACHED;
459#endif
460#ifdef LACHTCP
461 up->ifflags = IFF_UP | IFF_POINTOPOINT;
462#endif
463 up->sap = -1;
464 up->last_sent = up->last_recv = time;
465 up->npmode = NPMODE_DROP;
466 q->q_ptr = (caddr_t) up;
467 WR(q)->q_ptr = (caddr_t) up;
468 noenable(WR(q));
469#ifdef SOL2
470 mutex_init(&up->stats_lock, NULL, MUTEX_DRIVER, NULL);
471#endif
472 ++ppp_count;
473
474 qprocson(q);
475 DRV_OPEN_OK(makedev(major(dev), mn));
476}
477
478static int
479#ifdef SVR4
480pppclose(q, flag, credp)
481 queue_t *q;
482 int flag;
483 cred_t *credp;
484#else
485pppclose(q, flag)
486 queue_t *q;
487 int flag;
488#endif
489{
490 upperstr_t *up, **upp;
491 upperstr_t *as, *asnext;
492 upperstr_t **prevp;
493
494 qprocsoff(q);
495
496 up = (upperstr_t *) q->q_ptr;
497 if (up == 0) {
498 DPRINT("pppclose: q_ptr = 0\n");
499 return 0;
500 }
501 if (up->flags & US_DBGLOG)
502 DPRINT2("ppp/%d: close, flags=%x\n", up->mn, up->flags);
503 if (up->flags & US_CONTROL) {
504#ifdef LACHTCP
505 struct ifstats *ifp, *pifp;
506#endif
507 if (up->lowerq != 0) {
508 /* Gack! the lower stream should have be unlinked earlier! */
509 DPRINT1("ppp%d: lower stream still connected on close?\n",
510 up->mn);
511 LOCK_LOWER_W;
512 up->lowerq->q_ptr = 0;
513 RD(up->lowerq)->q_ptr = 0;
514 up->lowerq = 0;
515 UNLOCK_LOWER;
516 }
517
518 /*
519 * This stream represents a PPA:
520 * For all streams attached to the PPA, clear their
521 * references to this PPA.
522 * Then remove this PPA from the list of PPAs.
523 */
524 for (as = up->next; as != 0; as = asnext) {
525 asnext = as->next;
526 as->next = 0;
527 as->ppa = 0;
528 if (as->flags & US_BLOCKED) {
529 as->flags &= ~US_BLOCKED;
530 flushq(WR(as->q), FLUSHDATA);
531 }
532 }
533 for (upp = &ppas; *upp != 0; upp = &(*upp)->nextppa)
534 if (*upp == up) {
535 *upp = up->nextppa;
536 break;
537 }
538#ifdef LACHTCP
539 /* Remove the statistics from the active list. */
540 for (ifp = ifstats, pifp = 0; ifp; ifp = ifp->ifs_next) {
541 if (ifp == &up->ifstats) {
542 if (pifp)
543 pifp->ifs_next = ifp->ifs_next;
544 else
545 ifstats = ifp->ifs_next;
546 break;
547 }
548 pifp = ifp;
549 }
550#endif
551 } else {
552 /*
553 * If this stream is attached to a PPA,
554 * remove it from the PPA's list.
555 */
556 if ((as = up->ppa) != 0) {
557 for (; as->next != 0; as = as->next)
558 if (as->next == up) {
559 as->next = up->next;
560 break;
561 }
562 }
563 }
564
565#ifdef SOL2
566 if (up->kstats)
567 kstat_delete(up->kstats);
568 mutex_destroy(&up->stats_lock);
569#endif
570
571 q->q_ptr = NULL;
572 WR(q)->q_ptr = NULL;
573
574 for (prevp = &minor_devs; *prevp != 0; prevp = &(*prevp)->nextmn) {
575 if (*prevp == up) {
576 *prevp = up->nextmn;
577 break;
578 }
579 }
580 FREE(up, sizeof(upperstr_t));
581 --ppp_count;
582
583 return 0;
584}
585
586/*
587 * A message from on high. We do one of three things:
588 * - qreply()
589 * - put the message on the lower write stream
590 * - queue it for our service routine
591 */
592static int
593pppuwput(q, mp)
594 queue_t *q;
595 mblk_t *mp;
596{
597 upperstr_t *us, *ppa, *nps;
598 struct iocblk *iop;
599 struct linkblk *lb;
600#ifdef LACHTCP
601 struct ifreq *ifr;
602 int i;
603#endif
604 queue_t *lq;
605 int error, n, sap;
606 mblk_t *mq;
607 struct ppp_idle *pip;
608#ifdef PRIOQ
609 queue_t *tlq;
610#endif /* PRIOQ */
611#ifdef NO_DLPI
612 upperstr_t *os;
613#endif
614
615 us = (upperstr_t *) q->q_ptr;
616 if (us == 0) {
617 DPRINT("pppuwput: q_ptr = 0!\n");
618 return 0;
619 }
620 if (mp == 0) {
621 DPRINT1("pppuwput/%d: mp = 0!\n", us->mn);
622 return 0;
623 }
624 if (mp->b_datap == 0) {
625 DPRINT1("pppuwput/%d: mp->b_datap = 0!\n", us->mn);
626 return 0;
627 }
628 switch (mp->b_datap->db_type) {
629#ifndef NO_DLPI
630 case M_PCPROTO:
631 case M_PROTO:
632 dlpi_request(q, mp, us);
633 break;
634#endif /* NO_DLPI */
635
636 case M_DATA:
637 if (us->flags & US_DBGLOG)
638 DPRINT3("ppp/%d: uwput M_DATA len=%d flags=%x\n",
639 us->mn, msgdsize(mp), us->flags);
640 if (us->ppa == 0 || msgdsize(mp) > us->ppa->mtu + PPP_HDRLEN
641#ifndef NO_DLPI
642 || (us->flags & US_CONTROL) == 0
643#endif /* NO_DLPI */
644 ) {
645 DPRINT1("pppuwput: junk data len=%d\n", msgdsize(mp));
646 freemsg(mp);
647 break;
648 }
649#ifdef NO_DLPI
650 /* pass_packet frees the packet on returning 0 */
651 if ((us->flags & US_CONTROL) == 0 && !pass_packet(us, mp, 1))
652 break;
653#endif
654 if (!send_data(mp, us) && !putq(q, mp))
655 freemsg(mp);
656 break;
657
658 case M_IOCTL:
659 iop = (struct iocblk *) mp->b_rptr;
660 error = EINVAL;
661 if (us->flags & US_DBGLOG)
662 DPRINT3("ppp/%d: ioctl %x count=%d\n",
663 us->mn, iop->ioc_cmd, iop->ioc_count);
664 switch (iop->ioc_cmd) {
665#if defined(SOL2)
666 case DLIOCRAW: /* raw M_DATA mode */
667 us->flags |= US_RAWDATA;
668 error = 0;
669 break;
670#endif /* defined(SOL2) */
671 case I_LINK:
672 if ((us->flags & US_CONTROL) == 0 || us->lowerq != 0)
673 break;
674 if (mp->b_cont == 0) {
675 DPRINT1("pppuwput/%d: ioctl I_LINK b_cont = 0!\n", us->mn);
676 break;
677 }
678 lb = (struct linkblk *) mp->b_cont->b_rptr;
679 lq = lb->l_qbot;
680 if (lq == 0) {
681 DPRINT1("pppuwput/%d: ioctl I_LINK l_qbot = 0!\n", us->mn);
682 break;
683 }
684 LOCK_LOWER_W;
685 us->lowerq = lq;
686 lq->q_ptr = (caddr_t) q;
687 RD(lq)->q_ptr = (caddr_t) us->q;
688 UNLOCK_LOWER;
689 iop->ioc_count = 0;
690 error = 0;
691 us->flags &= ~US_LASTMOD;
692 /* Unblock upper streams which now feed this lower stream. */
693 qenable(q);
694 /* Send useful information down to the modules which
695 are now linked below us. */
696 putctl2(lq, M_CTL, PPPCTL_UNIT, us->ppa_id);
697 putctl4(lq, M_CTL, PPPCTL_MRU, us->mru);
698 putctl4(lq, M_CTL, PPPCTL_MTU, us->mtu);
699#ifdef PRIOQ
700 /* Lower tty driver's queue hiwat/lowat from default 4096/128
701 to 256/128 since we don't want queueing of data on
702 output to physical device */
703
704 freezestr(lq);
705 for (tlq = lq; tlq->q_next != NULL; tlq = tlq->q_next)
706 ;
707 strqset(tlq, QHIWAT, 0, 256);
708 strqset(tlq, QLOWAT, 0, 128);
709 unfreezestr(lq);
710#endif /* PRIOQ */
711 break;
712
713 case I_UNLINK:
714 if (mp->b_cont == 0) {
715 DPRINT1("pppuwput/%d: ioctl I_UNLINK b_cont = 0!\n", us->mn);
716 break;
717 }
718 lb = (struct linkblk *) mp->b_cont->b_rptr;
719#if DEBUG
720 if (us->lowerq != lb->l_qbot) {
721 DPRINT2("ppp unlink: lowerq=%x qbot=%x\n",
722 us->lowerq, lb->l_qbot);
723 break;
724 }
725#endif
726 iop->ioc_count = 0;
727 qwriter(q, mp, detach_lower, PERIM_OUTER);
728 /* mp is now gone */
729 error = -1;
730 break;
731
732 case PPPIO_NEWPPA:
733 if (us->flags & US_CONTROL)
734 break;
735 if ((us->flags & US_PRIV) == 0) {
736 error = EPERM;
737 break;
738 }
739 /* Arrange to return an int */
740 if ((mq = mp->b_cont) == 0
741 || mq->b_datap->db_lim - mq->b_rptr < sizeof(int)) {
742 mq = allocb(sizeof(int), BPRI_HI);
743 if (mq == 0) {
744 error = ENOSR;
745 break;
746 }
747 if (mp->b_cont != 0)
748 freemsg(mp->b_cont);
749 mp->b_cont = mq;
750 mq->b_cont = 0;
751 }
752 iop->ioc_count = sizeof(int);
753 mq->b_wptr = mq->b_rptr + sizeof(int);
754 qwriter(q, mp, new_ppa, PERIM_OUTER);
755 /* mp is now gone */
756 error = -1;
757 break;
758
759 case PPPIO_ATTACH:
760 /* like dlpi_attach, for programs which can't write to
761 the stream (like pppstats) */
762 if (iop->ioc_count != sizeof(int) || us->ppa != 0)
763 break;
764 if (mp->b_cont == 0) {
765 DPRINT1("pppuwput/%d: ioctl PPPIO_ATTACH b_cont = 0!\n", us->mn);
766 break;
767 }
768 n = *(int *)mp->b_cont->b_rptr;
769 for (ppa = ppas; ppa != 0; ppa = ppa->nextppa)
770 if (ppa->ppa_id == n)
771 break;
772 if (ppa == 0)
773 break;
774 us->ppa = ppa;
775 iop->ioc_count = 0;
776 qwriter(q, mp, attach_ppa, PERIM_OUTER);
777 /* mp is now gone */
778 error = -1;
779 break;
780
781#ifdef NO_DLPI
782 case PPPIO_BIND:
783 /* Attach to a given SAP. */
784 if (iop->ioc_count != sizeof(int) || us->ppa == 0)
785 break;
786 if (mp->b_cont == 0) {
787 DPRINT1("pppuwput/%d: ioctl PPPIO_BIND b_cont = 0!\n", us->mn);
788 break;
789 }
790 n = *(int *)mp->b_cont->b_rptr;
791 /* n must be a valid PPP network protocol number. */
792 if (n < 0x21 || n > 0x3fff || (n & 0x101) != 1)
793 break;
794 /* check that no other stream is bound to this sap already. */
795 for (os = us->ppa; os != 0; os = os->next)
796 if (os->sap == n)
797 break;
798 if (os != 0)
799 break;
800 us->sap = n;
801 iop->ioc_count = 0;
802 error = 0;
803 break;
804#endif /* NO_DLPI */
805
806 case PPPIO_MRU:
807 if (iop->ioc_count != sizeof(int) || (us->flags & US_CONTROL) == 0)
808 break;
809 if (mp->b_cont == 0) {
810 DPRINT1("pppuwput/%d: ioctl PPPIO_MRU b_cont = 0!\n", us->mn);
811 break;
812 }
813 n = *(int *)mp->b_cont->b_rptr;
814 if (n <= 0 || n > PPP_MAXMRU)
815 break;
816 if (n < PPP_MRU)
817 n = PPP_MRU;
818 us->mru = n;
819 if (us->lowerq)
820 putctl4(us->lowerq, M_CTL, PPPCTL_MRU, n);
821 error = 0;
822 iop->ioc_count = 0;
823 break;
824
825 case PPPIO_MTU:
826 if (iop->ioc_count != sizeof(int) || (us->flags & US_CONTROL) == 0)
827 break;
828 if (mp->b_cont == 0) {
829 DPRINT1("pppuwput/%d: ioctl PPPIO_MTU b_cont = 0!\n", us->mn);
830 break;
831 }
832 n = *(int *)mp->b_cont->b_rptr;
833 if (n <= 0 || n > PPP_MAXMTU)
834 break;
835 us->mtu = n;
836#ifdef LACHTCP
837 /* The MTU reported in netstat, not used as IP max packet size! */
838 us->ifstats.ifs_mtu = n;
839#endif
840 if (us->lowerq)
841 putctl4(us->lowerq, M_CTL, PPPCTL_MTU, n);
842 error = 0;
843 iop->ioc_count = 0;
844 break;
845
846 case PPPIO_LASTMOD:
847 us->flags |= US_LASTMOD;
848 error = 0;
849 break;
850
851 case PPPIO_DEBUG:
852 if (iop->ioc_count != sizeof(int))
853 break;
854 if (mp->b_cont == 0) {
855 DPRINT1("pppuwput/%d: ioctl PPPIO_DEBUG b_cont = 0!\n", us->mn);
856 break;
857 }
858 n = *(int *)mp->b_cont->b_rptr;
859 if (n == PPPDBG_DUMP + PPPDBG_DRIVER) {
860 qwriter(q, mp, debug_dump, PERIM_OUTER);
861 /* mp is now gone */
862 error = -1;
863 } else if (n == PPPDBG_LOG + PPPDBG_DRIVER) {
864 DPRINT1("ppp/%d: debug log enabled\n", us->mn);
865 us->flags |= US_DBGLOG;
866 iop->ioc_count = 0;
867 error = 0;
868 } else {
869 if (us->ppa == 0 || us->ppa->lowerq == 0)
870 break;
871 putnext(us->ppa->lowerq, mp);
872 /* mp is now gone */
873 error = -1;
874 }
875 break;
876
877 case PPPIO_NPMODE:
878 if (iop->ioc_count != 2 * sizeof(int))
879 break;
880 if ((us->flags & US_CONTROL) == 0)
881 break;
882 if (mp->b_cont == 0) {
883 DPRINT1("pppuwput/%d: ioctl PPPIO_NPMODE b_cont = 0!\n", us->mn);
884 break;
885 }
886 sap = ((int *)mp->b_cont->b_rptr)[0];
887 for (nps = us->next; nps != 0; nps = nps->next) {
888 if (us->flags & US_DBGLOG)
889 DPRINT2("us = 0x%x, us->next->sap = 0x%x\n", nps, nps->sap);
890 if (nps->sap == sap)
891 break;
892 }
893 if (nps == 0) {
894 if (us->flags & US_DBGLOG)
895 DPRINT2("ppp/%d: no stream for sap %x\n", us->mn, sap);
896 break;
897 }
898 /* XXX possibly should use qwriter here */
899 nps->npmode = (enum NPmode) ((int *)mp->b_cont->b_rptr)[1];
900 if (nps->npmode != NPMODE_QUEUE && (nps->flags & US_BLOCKED) != 0)
901 qenable(WR(nps->q));
902 iop->ioc_count = 0;
903 error = 0;
904 break;
905
906 case PPPIO_GIDLE:
907 if ((ppa = us->ppa) == 0)
908 break;
909 mq = allocb(sizeof(struct ppp_idle), BPRI_HI);
910 if (mq == 0) {
911 error = ENOSR;
912 break;
913 }
914 if (mp->b_cont != 0)
915 freemsg(mp->b_cont);
916 mp->b_cont = mq;
917 mq->b_cont = 0;
918 pip = (struct ppp_idle *) mq->b_wptr;
919 pip->xmit_idle = time - ppa->last_sent;
920 pip->recv_idle = time - ppa->last_recv;
921 mq->b_wptr += sizeof(struct ppp_idle);
922 iop->ioc_count = sizeof(struct ppp_idle);
923 error = 0;
924 break;
925
926#ifdef LACHTCP
927 case SIOCSIFNAME:
928 /* Sent from IP down to us. Attach the ifstats structure. */
929 if (iop->ioc_count != sizeof(struct ifreq) || us->ppa == 0)
930 break;
931 ifr = (struct ifreq *)mp->b_cont->b_rptr;
932 /* Find the unit number in the interface name. */
933 for (i = 0; i < IFNAMSIZ; i++) {
934 if (ifr->ifr_name[i] == 0 ||
935 (ifr->ifr_name[i] >= '0' &&
936 ifr->ifr_name[i] <= '9'))
937 break;
938 else
939 us->ifname[i] = ifr->ifr_name[i];
940 }
941 us->ifname[i] = 0;
942
943 /* Convert the unit number to binary. */
944 for (n = 0; i < IFNAMSIZ; i++) {
945 if (ifr->ifr_name[i] == 0) {
946 break;
947 }
948 else {
949 n = n * 10 + ifr->ifr_name[i] - '0';
950 }
951 }
952
953 /* Verify the ppa. */
954 if (us->ppa->ppa_id != n)
955 break;
956 ppa = us->ppa;
957
958 /* Set up the netstat block. */
959 strncpy (ppa->ifname, us->ifname, IFNAMSIZ);
960
961 ppa->ifstats.ifs_name = ppa->ifname;
962 ppa->ifstats.ifs_unit = n;
963 ppa->ifstats.ifs_active = us->state != DL_UNBOUND;
964 ppa->ifstats.ifs_mtu = ppa->mtu;
965
966 /* Link in statistics used by netstat. */
967 ppa->ifstats.ifs_next = ifstats;
968 ifstats = &ppa->ifstats;
969
970 iop->ioc_count = 0;
971 error = 0;
972 break;
973
974 case SIOCGIFFLAGS:
975 if (!(us->flags & US_CONTROL)) {
976 if (us->ppa)
977 us = us->ppa;
978 else
979 break;
980 }
981 ((struct iocblk_in *)iop)->ioc_ifflags = us->ifflags;
982 error = 0;
983 break;
984
985 case SIOCSIFFLAGS:
986 if (!(us->flags & US_CONTROL)) {
987 if (us->ppa)
988 us = us->ppa;
989 else
990 break;
991 }
992 us->ifflags = ((struct iocblk_in *)iop)->ioc_ifflags;
993 error = 0;
994 break;
995
996 case SIOCSIFADDR:
997 if (!(us->flags & US_CONTROL)) {
998 if (us->ppa)
999 us = us->ppa;
1000 else
1001 break;
1002 }
1003 us->ifflags |= IFF_RUNNING;
1004 ((struct iocblk_in *)iop)->ioc_ifflags |= IFF_RUNNING;
1005 error = 0;
1006 break;
1007
1008 case SIOCSIFMTU:
1009 /*
1010 * Vanilla SVR4 systems don't handle SIOCSIFMTU, rather
1011 * they take the MTU from the DL_INFO_ACK we sent in response
1012 * to their DL_INFO_REQ. Fortunately, they will update the
1013 * MTU if we send an unsolicited DL_INFO_ACK up.
1014 */
1015 if ((mq = allocb(sizeof(dl_info_req_t), BPRI_HI)) == 0)
1016 break; /* should do bufcall */
1017 ((union DL_primitives *)mq->b_rptr)->dl_primitive = DL_INFO_REQ;
1018 mq->b_wptr = mq->b_rptr + sizeof(dl_info_req_t);
1019 dlpi_request(q, mq, us);
1020 /* mp is now gone */
1021 error = -1;
1022 break;
1023
1024 case SIOCGIFNETMASK:
1025 case SIOCSIFNETMASK:
1026 case SIOCGIFADDR:
1027 case SIOCGIFDSTADDR:
1028 case SIOCSIFDSTADDR:
1029 case SIOCGIFMETRIC:
1030 error = 0;
1031 break;
1032#endif /* LACHTCP */
1033
1034 default:
1035 if (us->ppa == 0 || us->ppa->lowerq == 0)
1036 break;
1037 us->ioc_id = iop->ioc_id;
1038 error = -1;
1039 switch (iop->ioc_cmd) {
1040 case PPPIO_GETSTAT:
1041 case PPPIO_GETCSTAT:
1042 if (us->flags & US_LASTMOD) {
1043 error = EINVAL;
1044 break;
1045 }
1046 putnext(us->ppa->lowerq, mp);
1047 break;
1048 default:
1049 if (us->flags & US_PRIV)
1050 putnext(us->ppa->lowerq, mp);
1051 else {
1052 DPRINT1("ppp ioctl %x rejected\n", iop->ioc_cmd);
1053 error = EPERM;
1054 }
1055 break;
1056 }
1057 break;
1058 }
1059
1060 if (error > 0) {
1061 iop->ioc_error = error;
1062 mp->b_datap->db_type = M_IOCNAK;
1063 qreply(q, mp);
1064 } else if (error == 0) {
1065 mp->b_datap->db_type = M_IOCACK;
1066 qreply(q, mp);
1067 }
1068 break;
1069
1070 case M_FLUSH:
1071 if (us->flags & US_DBGLOG)
1072 DPRINT2("ppp/%d: flush %x\n", us->mn, *mp->b_rptr);
1073 if (*mp->b_rptr & FLUSHW)
1074 flushq(q, FLUSHDATA);
1075 if (*mp->b_rptr & FLUSHR) {
1076 *mp->b_rptr &= ~FLUSHW;
1077 qreply(q, mp);
1078 } else
1079 freemsg(mp);
1080 break;
1081
1082 default:
1083 freemsg(mp);
1084 break;
1085 }
1086 return 0;
1087}
1088
1089#ifndef NO_DLPI
1090static void
1091dlpi_request(q, mp, us)
1092 queue_t *q;
1093 mblk_t *mp;
1094 upperstr_t *us;
1095{
1096 union DL_primitives *d = (union DL_primitives *) mp->b_rptr;
1097 int size = mp->b_wptr - mp->b_rptr;
1098 mblk_t *reply, *np;
1099 upperstr_t *ppa, *os;
1100 int sap, len;
1101 dl_info_ack_t *info;
1102 dl_bind_ack_t *ackp;
1103#if DL_CURRENT_VERSION >= 2
1104 dl_phys_addr_ack_t *paddrack;
1105 static struct ether_addr eaddr = {0};
1106#endif
1107
1108 if (us->flags & US_DBGLOG)
1109 DPRINT3("ppp/%d: dlpi prim %x len=%d\n", us->mn,
1110 d->dl_primitive, size);
1111 switch (d->dl_primitive) {
1112 case DL_INFO_REQ:
1113 if (size < sizeof(dl_info_req_t))
1114 goto badprim;
1115 if ((reply = allocb(sizeof(dl_info_ack_t), BPRI_HI)) == 0)
1116 break; /* should do bufcall */
1117 reply->b_datap->db_type = M_PCPROTO;
1118 info = (dl_info_ack_t *) reply->b_wptr;
1119 reply->b_wptr += sizeof(dl_info_ack_t);
1120 bzero((caddr_t) info, sizeof(dl_info_ack_t));
1121 info->dl_primitive = DL_INFO_ACK;
1122 info->dl_max_sdu = us->ppa? us->ppa->mtu: PPP_MAXMTU;
1123 info->dl_min_sdu = 1;
1124 info->dl_addr_length = sizeof(uint);
1125 info->dl_mac_type = DL_ETHER; /* a bigger lie */
1126 info->dl_current_state = us->state;
1127 info->dl_service_mode = DL_CLDLS;
1128 info->dl_provider_style = DL_STYLE2;
1129#if DL_CURRENT_VERSION >= 2
1130 info->dl_sap_length = sizeof(uint);
1131 info->dl_version = DL_CURRENT_VERSION;
1132#endif
1133 qreply(q, reply);
1134 break;
1135
1136 case DL_ATTACH_REQ:
1137 if (size < sizeof(dl_attach_req_t))
1138 goto badprim;
1139 if (us->state != DL_UNATTACHED || us->ppa != 0) {
1140 dlpi_error(q, us, DL_ATTACH_REQ, DL_OUTSTATE, 0);
1141 break;
1142 }
1143 for (ppa = ppas; ppa != 0; ppa = ppa->nextppa)
1144 if (ppa->ppa_id == d->attach_req.dl_ppa)
1145 break;
1146 if (ppa == 0) {
1147 dlpi_error(q, us, DL_ATTACH_REQ, DL_BADPPA, 0);
1148 break;
1149 }
1150 us->ppa = ppa;
1151 qwriter(q, mp, attach_ppa, PERIM_OUTER);
1152 return;
1153
1154 case DL_DETACH_REQ:
1155 if (size < sizeof(dl_detach_req_t))
1156 goto badprim;
1157 if (us->state != DL_UNBOUND || us->ppa == 0) {
1158 dlpi_error(q, us, DL_DETACH_REQ, DL_OUTSTATE, 0);
1159 break;
1160 }
1161 qwriter(q, mp, detach_ppa, PERIM_OUTER);
1162 return;
1163
1164 case DL_BIND_REQ:
1165 if (size < sizeof(dl_bind_req_t))
1166 goto badprim;
1167 if (us->state != DL_UNBOUND || us->ppa == 0) {
1168 dlpi_error(q, us, DL_BIND_REQ, DL_OUTSTATE, 0);
1169 break;
1170 }
1171#if 0
1172 /* apparently this test fails (unnecessarily?) on some systems */
1173 if (d->bind_req.dl_service_mode != DL_CLDLS) {
1174 dlpi_error(q, us, DL_BIND_REQ, DL_UNSUPPORTED, 0);
1175 break;
1176 }
1177#endif
1178
1179 /* saps must be valid PPP network protocol numbers,
1180 except that we accept ETHERTYPE_IP in place of PPP_IP. */
1181 sap = d->bind_req.dl_sap;
1182 us->req_sap = sap;
1183
1184#if defined(SOL2)
1185 if (us->flags & US_DBGLOG)
1186 DPRINT2("DL_BIND_REQ: ip gives sap = 0x%x, us = 0x%x", sap, us);
1187
1188 if (sap == ETHERTYPE_IP) /* normal IFF_IPV4 */
1189 sap = PPP_IP;
1190 else if (sap == ETHERTYPE_IPV6) /* when IFF_IPV6 is set */
1191 sap = PPP_IPV6;
1192 else if (sap == ETHERTYPE_ALLSAP) /* snoop gives sap of 0 */
1193 sap = PPP_ALLSAP;
1194 else {
1195 DPRINT2("DL_BIND_REQ: unrecognized sap = 0x%x, us = 0x%x", sap, us);
1196 dlpi_error(q, us, DL_BIND_REQ, DL_BADADDR, 0);
1197 break;
1198 }
1199#else
1200 if (sap == ETHERTYPE_IP)
1201 sap = PPP_IP;
1202 if (sap < 0x21 || sap > 0x3fff || (sap & 0x101) != 1) {
1203 dlpi_error(q, us, DL_BIND_REQ, DL_BADADDR, 0);
1204 break;
1205 }
1206#endif /* defined(SOL2) */
1207
1208 /* check that no other stream is bound to this sap already. */
1209 for (os = us->ppa; os != 0; os = os->next)
1210 if (os->sap == sap)
1211 break;
1212 if (os != 0) {
1213 dlpi_error(q, us, DL_BIND_REQ, DL_NOADDR, 0);
1214 break;
1215 }
1216
1217 us->sap = sap;
1218 us->state = DL_IDLE;
1219
1220 if ((reply = allocb(sizeof(dl_bind_ack_t) + sizeof(uint),
1221 BPRI_HI)) == 0)
1222 break; /* should do bufcall */
1223 ackp = (dl_bind_ack_t *) reply->b_wptr;
1224 reply->b_wptr += sizeof(dl_bind_ack_t) + sizeof(uint);
1225 reply->b_datap->db_type = M_PCPROTO;
1226 bzero((caddr_t) ackp, sizeof(dl_bind_ack_t));
1227 ackp->dl_primitive = DL_BIND_ACK;
1228 ackp->dl_sap = sap;
1229 ackp->dl_addr_length = sizeof(uint);
1230 ackp->dl_addr_offset = sizeof(dl_bind_ack_t);
1231 *(uint *)(ackp+1) = sap;
1232 qreply(q, reply);
1233 break;
1234
1235 case DL_UNBIND_REQ:
1236 if (size < sizeof(dl_unbind_req_t))
1237 goto badprim;
1238 if (us->state != DL_IDLE) {
1239 dlpi_error(q, us, DL_UNBIND_REQ, DL_OUTSTATE, 0);
1240 break;
1241 }
1242 us->sap = -1;
1243 us->state = DL_UNBOUND;
1244#ifdef LACHTCP
1245 us->ppa->ifstats.ifs_active = 0;
1246#endif
1247 dlpi_ok(q, DL_UNBIND_REQ);
1248 break;
1249
1250 case DL_UNITDATA_REQ:
1251 if (size < sizeof(dl_unitdata_req_t))
1252 goto badprim;
1253 if (us->state != DL_IDLE) {
1254 dlpi_error(q, us, DL_UNITDATA_REQ, DL_OUTSTATE, 0);
1255 break;
1256 }
1257 if ((ppa = us->ppa) == 0) {
1258 cmn_err(CE_CONT, "ppp: in state dl_idle but ppa == 0?\n");
1259 break;
1260 }
1261 len = mp->b_cont == 0? 0: msgdsize(mp->b_cont);
1262 if (len > ppa->mtu) {
1263 DPRINT2("dlpi data too large (%d > %d)\n", len, ppa->mtu);
1264 break;
1265 }
1266
1267#if defined(SOL2)
1268 /*
1269 * Should there be any promiscuous stream(s), send the data
1270 * up for each promiscuous stream that we recognize.
1271 */
1272 if (mp->b_cont)
1273 promisc_sendup(ppa, mp->b_cont, us->sap, 0);
1274#endif /* defined(SOL2) */
1275
1276 mp->b_band = 0;
1277#ifdef PRIOQ
1278 /* Extract s_port & d_port from IP-packet, the code is a bit
1279 dirty here, but so am I, too... */
1280 if (mp->b_datap->db_type == M_PROTO && us->sap == PPP_IP
1281 && mp->b_cont != 0) {
1282 u_char *bb, *tlh;
1283 int iphlen, len;
1284 u_short *ptr;
1285 u_char band_unset, cur_band, syn;
1286 u_short s_port, d_port;
1287
1288 bb = mp->b_cont->b_rptr; /* bb points to IP-header*/
1289 len = mp->b_cont->b_wptr - mp->b_cont->b_rptr;
1290 syn = 0;
1291 s_port = IPPORT_DEFAULT;
1292 d_port = IPPORT_DEFAULT;
1293 if (len >= 20) { /* 20 = minimum length of IP header */
1294 iphlen = (bb[0] & 0x0f) * 4;
1295 tlh = bb + iphlen;
1296 len -= iphlen;
1297 switch (bb[9]) {
1298 case IPPROTO_TCP:
1299 if (len >= 20) { /* min length of TCP header */
1300 s_port = (tlh[0] << 8) + tlh[1];
1301 d_port = (tlh[2] << 8) + tlh[3];
1302 syn = tlh[13] & 0x02;
1303 }
1304 break;
1305 case IPPROTO_UDP:
1306 if (len >= 8) { /* min length of UDP header */
1307 s_port = (tlh[0] << 8) + tlh[1];
1308 d_port = (tlh[2] << 8) + tlh[3];
1309 }
1310 break;
1311 }
1312 }
1313
1314 /*
1315 * Now calculate b_band for this packet from the
1316 * port-priority table.
1317 */
1318 ptr = prioq_table;
1319 cur_band = max_band;
1320 band_unset = 1;
1321 while (*ptr) {
1322 while (*ptr && band_unset)
1323 if (s_port == *ptr || d_port == *ptr++) {
1324 mp->b_band = cur_band;
1325 band_unset = 0;
1326 break;
1327 }
1328 ptr++;
1329 cur_band--;
1330 }
1331 if (band_unset)
1332 mp->b_band = def_band;
1333 /* It may be usable to urge SYN packets a bit */
1334 if (syn)
1335 mp->b_band++;
1336 }
1337#endif /* PRIOQ */
1338 /* this assumes PPP_HDRLEN <= sizeof(dl_unitdata_req_t) */
1339 if (mp->b_datap->db_ref > 1) {
1340 np = allocb(PPP_HDRLEN, BPRI_HI);
1341 if (np == 0)
1342 break; /* gak! */
1343 np->b_cont = mp->b_cont;
1344 mp->b_cont = 0;
1345 freeb(mp);
1346 mp = np;
1347 } else
1348 mp->b_datap->db_type = M_DATA;
1349 /* XXX should use dl_dest_addr_offset/length here,
1350 but we would have to translate ETHERTYPE_IP -> PPP_IP */
1351 mp->b_wptr = mp->b_rptr + PPP_HDRLEN;
1352 mp->b_rptr[0] = PPP_ALLSTATIONS;
1353 mp->b_rptr[1] = PPP_UI;
1354 mp->b_rptr[2] = us->sap >> 8;
1355 mp->b_rptr[3] = us->sap;
1356 /* pass_packet frees the packet on returning 0 */
1357 if (pass_packet(us, mp, 1)) {
1358 if (!send_data(mp, us) && !putq(q, mp))
1359 freemsg(mp);
1360 }
1361 return;
1362
1363#if DL_CURRENT_VERSION >= 2
1364 case DL_PHYS_ADDR_REQ:
1365 if (size < sizeof(dl_phys_addr_req_t))
1366 goto badprim;
1367
1368 /*
1369 * Don't check state because ifconfig sends this one down too
1370 */
1371
1372 if ((reply = allocb(sizeof(dl_phys_addr_ack_t)+ETHERADDRL,
1373 BPRI_HI)) == 0)
1374 break; /* should do bufcall */
1375 reply->b_datap->db_type = M_PCPROTO;
1376 paddrack = (dl_phys_addr_ack_t *) reply->b_wptr;
1377 reply->b_wptr += sizeof(dl_phys_addr_ack_t);
1378 bzero((caddr_t) paddrack, sizeof(dl_phys_addr_ack_t)+ETHERADDRL);
1379 paddrack->dl_primitive = DL_PHYS_ADDR_ACK;
1380 paddrack->dl_addr_length = ETHERADDRL;
1381 paddrack->dl_addr_offset = sizeof(dl_phys_addr_ack_t);
1382 bcopy(&eaddr, reply->b_wptr, ETHERADDRL);
1383 reply->b_wptr += ETHERADDRL;
1384 qreply(q, reply);
1385 break;
1386
1387#if defined(SOL2)
1388 case DL_PROMISCON_REQ:
1389 if (size < sizeof(dl_promiscon_req_t))
1390 goto badprim;
1391 us->flags |= US_PROMISC;
1392 dlpi_ok(q, DL_PROMISCON_REQ);
1393 break;
1394
1395 case DL_PROMISCOFF_REQ:
1396 if (size < sizeof(dl_promiscoff_req_t))
1397 goto badprim;
1398 us->flags &= ~US_PROMISC;
1399 dlpi_ok(q, DL_PROMISCOFF_REQ);
1400 break;
1401#else
1402 case DL_PROMISCON_REQ: /* fall thru */
1403 case DL_PROMISCOFF_REQ: /* fall thru */
1404#endif /* defined(SOL2) */
1405#endif /* DL_CURRENT_VERSION >= 2 */
1406
1407#if DL_CURRENT_VERSION >= 2
1408 case DL_SET_PHYS_ADDR_REQ:
1409 case DL_SUBS_BIND_REQ:
1410 case DL_SUBS_UNBIND_REQ:
1411 case DL_ENABMULTI_REQ:
1412 case DL_DISABMULTI_REQ:
1413 case DL_XID_REQ:
1414 case DL_TEST_REQ:
1415 case DL_REPLY_UPDATE_REQ:
1416 case DL_REPLY_REQ:
1417 case DL_DATA_ACK_REQ:
1418#endif
1419 case DL_CONNECT_REQ:
1420 case DL_TOKEN_REQ:
1421 dlpi_error(q, us, d->dl_primitive, DL_NOTSUPPORTED, 0);
1422 break;
1423
1424 case DL_CONNECT_RES:
1425 case DL_DISCONNECT_REQ:
1426 case DL_RESET_REQ:
1427 case DL_RESET_RES:
1428 dlpi_error(q, us, d->dl_primitive, DL_OUTSTATE, 0);
1429 break;
1430
1431 case DL_UDQOS_REQ:
1432 dlpi_error(q, us, d->dl_primitive, DL_BADQOSTYPE, 0);
1433 break;
1434
1435#if DL_CURRENT_VERSION >= 2
1436 case DL_TEST_RES:
1437 case DL_XID_RES:
1438 break;
1439#endif
1440
1441 default:
1442 if (us->flags & US_DBGLOG)
1443 DPRINT1("ppp: unknown dlpi prim 0x%x\n", d->dl_primitive);
1444 /* fall through */
1445 badprim:
1446 dlpi_error(q, us, d->dl_primitive, DL_BADPRIM, 0);
1447 break;
1448 }
1449 freemsg(mp);
1450}
1451
1452static void
1453dlpi_error(q, us, prim, err, uerr)
1454 queue_t *q;
1455 upperstr_t *us;
1456 int prim, err, uerr;
1457{
1458 mblk_t *reply;
1459 dl_error_ack_t *errp;
1460
1461 if (us->flags & US_DBGLOG)
1462 DPRINT3("ppp/%d: dlpi error, prim=%x, err=%x\n", us->mn, prim, err);
1463 reply = allocb(sizeof(dl_error_ack_t), BPRI_HI);
1464 if (reply == 0)
1465 return; /* XXX should do bufcall */
1466 reply->b_datap->db_type = M_PCPROTO;
1467 errp = (dl_error_ack_t *) reply->b_wptr;
1468 reply->b_wptr += sizeof(dl_error_ack_t);
1469 errp->dl_primitive = DL_ERROR_ACK;
1470 errp->dl_error_primitive = prim;
1471 errp->dl_errno = err;
1472 errp->dl_unix_errno = uerr;
1473 qreply(q, reply);
1474}
1475
1476static void
1477dlpi_ok(q, prim)
1478 queue_t *q;
1479 int prim;
1480{
1481 mblk_t *reply;
1482 dl_ok_ack_t *okp;
1483
1484 reply = allocb(sizeof(dl_ok_ack_t), BPRI_HI);
1485 if (reply == 0)
1486 return; /* XXX should do bufcall */
1487 reply->b_datap->db_type = M_PCPROTO;
1488 okp = (dl_ok_ack_t *) reply->b_wptr;
1489 reply->b_wptr += sizeof(dl_ok_ack_t);
1490 okp->dl_primitive = DL_OK_ACK;
1491 okp->dl_correct_primitive = prim;
1492 qreply(q, reply);
1493}
1494#endif /* NO_DLPI */
1495
1496/*
1497 * If return value is 0, then the packet has already been freed.
1498 */
1499static int
1500pass_packet(us, mp, outbound)
1501 upperstr_t *us;
1502 mblk_t *mp;
1503 int outbound;
1504{
1505 int pass;
1506 upperstr_t *ppa;
1507
1508 if ((ppa = us->ppa) == 0) {
1509 freemsg(mp);
1510 return 0;
1511 }
1512
1513#ifdef FILTER_PACKETS
1514 pass = ip_hard_filter(us, mp, outbound);
1515#else
1516 /*
1517 * Here is where we might, in future, decide whether to pass
1518 * or drop the packet, and whether it counts as link activity.
1519 */
1520 pass = 1;
1521#endif /* FILTER_PACKETS */
1522
1523 if (pass < 0) {
1524 /* pass only if link already up, and don't update time */
1525 if (ppa->lowerq == 0) {
1526 freemsg(mp);
1527 return 0;
1528 }
1529 pass = 1;
1530 } else if (pass) {
1531 if (outbound)
1532 ppa->last_sent = time;
1533 else
1534 ppa->last_recv = time;
1535 }
1536
1537 return pass;
1538}
1539
1540/*
1541 * We have some data to send down to the lower stream (or up the
1542 * control stream, if we don't have a lower stream attached).
1543 * Returns 1 if the message was dealt with, 0 if it wasn't able
1544 * to be sent on and should therefore be queued up.
1545 */
1546static int
1547send_data(mp, us)
1548 mblk_t *mp;
1549 upperstr_t *us;
1550{
1551 upperstr_t *ppa;
1552
1553 if ((us->flags & US_BLOCKED) || us->npmode == NPMODE_QUEUE)
1554 return 0;
1555 ppa = us->ppa;
1556 if (ppa == 0 || us->npmode == NPMODE_DROP || us->npmode == NPMODE_ERROR) {
1557 if (us->flags & US_DBGLOG)
1558 DPRINT2("ppp/%d: dropping pkt (npmode=%d)\n", us->mn, us->npmode);
1559 freemsg(mp);
1560 return 1;
1561 }
1562 if (ppa->lowerq == 0) {
1563 /* try to send it up the control stream */
1564 if (bcanputnext(ppa->q, mp->b_band)) {
1565 /*
1566 * The message seems to get corrupted for some reason if
1567 * we just send the message up as it is, so we send a copy.
1568 */
1569 mblk_t *np = copymsg(mp);
1570 freemsg(mp);
1571 if (np != 0)
1572 putnext(ppa->q, np);
1573 return 1;
1574 }
1575 } else {
1576 if (bcanputnext(ppa->lowerq, mp->b_band)) {
1577 MT_ENTER(&ppa->stats_lock);
1578 ppa->stats.ppp_opackets++;
1579 ppa->stats.ppp_obytes += msgdsize(mp);
1580#ifdef INCR_OPACKETS
1581 INCR_OPACKETS(ppa);
1582#endif
1583 MT_EXIT(&ppa->stats_lock);
1584 /*
1585 * The lower queue is only ever detached while holding an
1586 * exclusive lock on the whole driver. So we can be confident
1587 * that the lower queue is still there.
1588 */
1589 putnext(ppa->lowerq, mp);
1590 return 1;
1591 }
1592 }
1593 us->flags |= US_BLOCKED;
1594 return 0;
1595}
1596
1597/*
1598 * Allocate a new PPA id and link this stream into the list of PPAs.
1599 * This procedure is called with an exclusive lock on all queues in
1600 * this driver.
1601 */
1602static void
1603new_ppa(q, mp)
1604 queue_t *q;
1605 mblk_t *mp;
1606{
1607 upperstr_t *us, *up, **usp;
1608 int ppa_id;
1609
1610 us = (upperstr_t *) q->q_ptr;
1611 if (us == 0) {
1612 DPRINT("new_ppa: q_ptr = 0!\n");
1613 return;
1614 }
1615
1616 usp = &ppas;
1617 ppa_id = 0;
1618 while ((up = *usp) != 0 && ppa_id == up->ppa_id) {
1619 ++ppa_id;
1620 usp = &up->nextppa;
1621 }
1622 us->ppa_id = ppa_id;
1623 us->ppa = us;
1624 us->next = 0;
1625 us->nextppa = *usp;
1626 *usp = us;
1627 us->flags |= US_CONTROL;
1628 us->npmode = NPMODE_PASS;
1629
1630 us->mtu = PPP_MTU;
1631 us->mru = PPP_MRU;
1632
1633#ifdef SOL2
1634 /*
1635 * Create a kstats record for our statistics, so netstat -i works.
1636 */
1637 if (us->kstats == 0) {
1638 char unit[32];
1639
1640 sprintf(unit, "ppp%d", us->ppa->ppa_id);
1641 us->kstats = kstat_create("ppp", us->ppa->ppa_id, unit,
1642 "net", KSTAT_TYPE_NAMED, 4, 0);
1643 if (us->kstats != 0) {
1644 kstat_named_t *kn = KSTAT_NAMED_PTR(us->kstats);
1645
1646 strcpy(kn[0].name, "ipackets");
1647 kn[0].data_type = KSTAT_DATA_ULONG;
1648 strcpy(kn[1].name, "ierrors");
1649 kn[1].data_type = KSTAT_DATA_ULONG;
1650 strcpy(kn[2].name, "opackets");
1651 kn[2].data_type = KSTAT_DATA_ULONG;
1652 strcpy(kn[3].name, "oerrors");
1653 kn[3].data_type = KSTAT_DATA_ULONG;
1654 kstat_install(us->kstats);
1655 }
1656 }
1657#endif /* SOL2 */
1658
1659 *(int *)mp->b_cont->b_rptr = ppa_id;
1660 mp->b_datap->db_type = M_IOCACK;
1661 qreply(q, mp);
1662}
1663
1664static void
1665attach_ppa(q, mp)
1666 queue_t *q;
1667 mblk_t *mp;
1668{
1669 upperstr_t *us, *t;
1670
1671 us = (upperstr_t *) q->q_ptr;
1672 if (us == 0) {
1673 DPRINT("attach_ppa: q_ptr = 0!\n");
1674 return;
1675 }
1676
1677#ifndef NO_DLPI
1678 us->state = DL_UNBOUND;
1679#endif
1680 for (t = us->ppa; t->next != 0; t = t->next)
1681 ;
1682 t->next = us;
1683 us->next = 0;
1684 if (mp->b_datap->db_type == M_IOCTL) {
1685 mp->b_datap->db_type = M_IOCACK;
1686 qreply(q, mp);
1687 } else {
1688#ifndef NO_DLPI
1689 dlpi_ok(q, DL_ATTACH_REQ);
1690#endif
1691 freemsg(mp);
1692 }
1693}
1694
1695#ifndef NO_DLPI
1696static void
1697detach_ppa(q, mp)
1698 queue_t *q;
1699 mblk_t *mp;
1700{
1701 upperstr_t *us, *t;
1702
1703 us = (upperstr_t *) q->q_ptr;
1704 if (us == 0) {
1705 DPRINT("detach_ppa: q_ptr = 0!\n");
1706 return;
1707 }
1708
1709 for (t = us->ppa; t->next != 0; t = t->next)
1710 if (t->next == us) {
1711 t->next = us->next;
1712 break;
1713 }
1714 us->next = 0;
1715 us->ppa = 0;
1716 us->state = DL_UNATTACHED;
1717 dlpi_ok(q, DL_DETACH_REQ);
1718 freemsg(mp);
1719}
1720#endif
1721
1722/*
1723 * We call this with qwriter in order to give the upper queue procedures
1724 * the guarantee that the lower queue is not going to go away while
1725 * they are executing.
1726 */
1727static void
1728detach_lower(q, mp)
1729 queue_t *q;
1730 mblk_t *mp;
1731{
1732 upperstr_t *us;
1733
1734 us = (upperstr_t *) q->q_ptr;
1735 if (us == 0) {
1736 DPRINT("detach_lower: q_ptr = 0!\n");
1737 return;
1738 }
1739
1740 LOCK_LOWER_W;
1741 us->lowerq->q_ptr = 0;
1742 RD(us->lowerq)->q_ptr = 0;
1743 us->lowerq = 0;
1744 UNLOCK_LOWER;
1745
1746 /* Unblock streams which now feed back up the control stream. */
1747 qenable(us->q);
1748
1749 mp->b_datap->db_type = M_IOCACK;
1750 qreply(q, mp);
1751}
1752
1753static int
1754pppuwsrv(q)
1755 queue_t *q;
1756{
1757 upperstr_t *us, *as;
1758 mblk_t *mp;
1759
1760 us = (upperstr_t *) q->q_ptr;
1761 if (us == 0) {
1762 DPRINT("pppuwsrv: q_ptr = 0!\n");
1763 return 0;
1764 }
1765
1766 /*
1767 * If this is a control stream, then this service procedure
1768 * probably got enabled because of flow control in the lower
1769 * stream being enabled (or because of the lower stream going
1770 * away). Therefore we enable the service procedure of all
1771 * attached upper streams.
1772 */
1773 if (us->flags & US_CONTROL) {
1774 for (as = us->next; as != 0; as = as->next)
1775 qenable(WR(as->q));
1776 }
1777
1778 /* Try to send on any data queued here. */
1779 us->flags &= ~US_BLOCKED;
1780 while ((mp = getq(q)) != 0) {
1781 if (!send_data(mp, us)) {
1782 putbq(q, mp);
1783 break;
1784 }
1785 }
1786
1787 return 0;
1788}
1789
1790/* should never get called... */
1791static int
1792ppplwput(q, mp)
1793 queue_t *q;
1794 mblk_t *mp;
1795{
1796 putnext(q, mp);
1797 return 0;
1798}
1799
1800static int
1801ppplwsrv(q)
1802 queue_t *q;
1803{
1804 queue_t *uq;
1805
1806 /*
1807 * Flow control has back-enabled this stream:
1808 * enable the upper write service procedure for
1809 * the upper control stream for this lower stream.
1810 */
1811 LOCK_LOWER_R;
1812 uq = (queue_t *) q->q_ptr;
1813 if (uq != 0)
1814 qenable(uq);
1815 UNLOCK_LOWER;
1816 return 0;
1817}
1818
1819/*
1820 * This should only get called for control streams.
1821 */
1822static int
1823pppurput(q, mp)
1824 queue_t *q;
1825 mblk_t *mp;
1826{
1827 upperstr_t *ppa, *us;
1828 int proto, len;
1829 struct iocblk *iop;
1830
1831 ppa = (upperstr_t *) q->q_ptr;
1832 if (ppa == 0) {
1833 DPRINT("pppurput: q_ptr = 0!\n");
1834 return 0;
1835 }
1836
1837 switch (mp->b_datap->db_type) {
1838 case M_CTL:
1839 MT_ENTER(&ppa->stats_lock);
1840 switch (*mp->b_rptr) {
1841 case PPPCTL_IERROR:
1842#ifdef INCR_IERRORS
1843 INCR_IERRORS(ppa);
1844#endif
1845 ppa->stats.ppp_ierrors++;
1846 break;
1847 case PPPCTL_OERROR:
1848#ifdef INCR_OERRORS
1849 INCR_OERRORS(ppa);
1850#endif
1851 ppa->stats.ppp_oerrors++;
1852 break;
1853 }
1854 MT_EXIT(&ppa->stats_lock);
1855 freemsg(mp);
1856 break;
1857
1858 case M_IOCACK:
1859 case M_IOCNAK:
1860 /*
1861 * Attempt to match up the response with the stream
1862 * that the request came from.
1863 */
1864 iop = (struct iocblk *) mp->b_rptr;
1865 for (us = ppa; us != 0; us = us->next)
1866 if (us->ioc_id == iop->ioc_id)
1867 break;
1868 if (us == 0)
1869 freemsg(mp);
1870 else
1871 putnext(us->q, mp);
1872 break;
1873
1874 case M_HANGUP:
1875 /*
1876 * The serial device has hung up. We don't want to send
1877 * the M_HANGUP message up to pppd because that will stop
1878 * us from using the control stream any more. Instead we
1879 * send a zero-length message as an end-of-file indication.
1880 */
1881 freemsg(mp);
1882 mp = allocb(1, BPRI_HI);
1883 if (mp == 0) {
1884 DPRINT1("ppp/%d: couldn't allocate eof message!\n", ppa->mn);
1885 break;
1886 }
1887 putnext(ppa->q, mp);
1888 break;
1889
1890 case M_DATA:
1891 len = msgdsize(mp);
1892 if (mp->b_wptr - mp->b_rptr < PPP_HDRLEN) {
1893 PULLUP(mp, PPP_HDRLEN);
1894 if (mp == 0) {
1895 DPRINT1("ppp_urput: msgpullup failed (len=%d)\n", len);
1896 break;
1897 }
1898 }
1899 MT_ENTER(&ppa->stats_lock);
1900 ppa->stats.ppp_ipackets++;
1901 ppa->stats.ppp_ibytes += len;
1902#ifdef INCR_IPACKETS
1903 INCR_IPACKETS(ppa);
1904#endif
1905 MT_EXIT(&ppa->stats_lock);
1906
1907 proto = PPP_PROTOCOL(mp->b_rptr);
1908
1909#if defined(SOL2)
1910 /*
1911 * Should there be any promiscuous stream(s), send the data
1912 * up for each promiscuous stream that we recognize.
1913 */
1914 promisc_sendup(ppa, mp, proto, 1);
1915#endif /* defined(SOL2) */
1916
1917 if (proto < 0x8000 && (us = find_dest(ppa, proto)) != 0) {
1918 /*
1919 * A data packet for some network protocol.
1920 * Queue it on the upper stream for that protocol.
1921 * XXX could we just putnext it? (would require thought)
1922 * The rblocked flag is there to ensure that we keep
1923 * messages in order for each network protocol.
1924 */
1925 /* pass_packet frees the packet on returning 0 */
1926 if (!pass_packet(us, mp, 0))
1927 break;
1928 if (!us->rblocked && !canput(us->q))
1929 us->rblocked = 1;
1930 if (!putq(us->rblocked ? q : us->q, mp))
1931 freemsg(mp);
1932 break;
1933 }
1934
1935 /* FALLTHROUGH */
1936
1937 default:
1938 /*
1939 * A control frame, a frame for an unknown protocol,
1940 * or some other message type.
1941 * Send it up to pppd via the control stream.
1942 */
1943 if (queclass(mp) == QPCTL || canputnext(ppa->q))
1944 putnext(ppa->q, mp);
1945 else if (!putq(q, mp))
1946 freemsg(mp);
1947 break;
1948 }
1949
1950 return 0;
1951}
1952
1953static int
1954pppursrv(q)
1955 queue_t *q;
1956{
1957 upperstr_t *us, *as;
1958 mblk_t *mp, *hdr;
1959#ifndef NO_DLPI
1960 dl_unitdata_ind_t *ud;
1961#endif
1962 int proto;
1963
1964 us = (upperstr_t *) q->q_ptr;
1965 if (us == 0) {
1966 DPRINT("pppursrv: q_ptr = 0!\n");
1967 return 0;
1968 }
1969
1970 if (us->flags & US_CONTROL) {
1971 /*
1972 * A control stream.
1973 * If there is no lower queue attached, run the write service
1974 * routines of other upper streams attached to this PPA.
1975 */
1976 if (us->lowerq == 0) {
1977 as = us;
1978 do {
1979 if (as->flags & US_BLOCKED)
1980 qenable(WR(as->q));
1981 as = as->next;
1982 } while (as != 0);
1983 }
1984
1985 /*
1986 * Messages get queued on this stream's read queue if they
1987 * can't be queued on the read queue of the attached stream
1988 * that they are destined for. This is for flow control -
1989 * when this queue fills up, the lower read put procedure will
1990 * queue messages there and the flow control will propagate
1991 * down from there.
1992 */
1993 while ((mp = getq(q)) != 0) {
1994 proto = PPP_PROTOCOL(mp->b_rptr);
1995 if (proto < 0x8000 && (as = find_dest(us, proto)) != 0) {
1996 if (!canput(as->q))
1997 break;
1998 if (!putq(as->q, mp))
1999 freemsg(mp);
2000 } else {
2001 if (!canputnext(q))
2002 break;
2003 putnext(q, mp);
2004 }
2005 }
2006 if (mp) {
2007 putbq(q, mp);
2008 } else {
2009 /* can now put stuff directly on network protocol streams again */
2010 for (as = us->next; as != 0; as = as->next)
2011 as->rblocked = 0;
2012 }
2013
2014 /*
2015 * If this stream has a lower stream attached,
2016 * enable the read queue's service routine.
2017 * XXX we should really only do this if the queue length
2018 * has dropped below the low-water mark.
2019 */
2020 if (us->lowerq != 0)
2021 qenable(RD(us->lowerq));
2022
2023 } else {
2024 /*
2025 * A network protocol stream. Put a DLPI header on each
2026 * packet and send it on.
2027 * (Actually, it seems that the IP module will happily
2028 * accept M_DATA messages without the DL_UNITDATA_IND header.)
2029 */
2030 while ((mp = getq(q)) != 0) {
2031 if (!canputnext(q)) {
2032 putbq(q, mp);
2033 break;
2034 }
2035#ifndef NO_DLPI
2036 proto = PPP_PROTOCOL(mp->b_rptr);
2037 mp->b_rptr += PPP_HDRLEN;
2038 hdr = allocb(sizeof(dl_unitdata_ind_t) + 2 * sizeof(uint),
2039 BPRI_MED);
2040 if (hdr == 0) {
2041 /* XXX should put it back and use bufcall */
2042 freemsg(mp);
2043 continue;
2044 }
2045 hdr->b_datap->db_type = M_PROTO;
2046 ud = (dl_unitdata_ind_t *) hdr->b_wptr;
2047 hdr->b_wptr += sizeof(dl_unitdata_ind_t) + 2 * sizeof(uint);
2048 hdr->b_cont = mp;
2049 ud->dl_primitive = DL_UNITDATA_IND;
2050 ud->dl_dest_addr_length = sizeof(uint);
2051 ud->dl_dest_addr_offset = sizeof(dl_unitdata_ind_t);
2052 ud->dl_src_addr_length = sizeof(uint);
2053 ud->dl_src_addr_offset = ud->dl_dest_addr_offset + sizeof(uint);
2054#if DL_CURRENT_VERSION >= 2
2055 ud->dl_group_address = 0;
2056#endif
2057 /* Send the DLPI client the data with the SAP they requested,
2058 (e.g. ETHERTYPE_IP) rather than the PPP protocol number
2059 (e.g. PPP_IP) */
2060 ((uint *)(ud + 1))[0] = us->req_sap; /* dest SAP */
2061 ((uint *)(ud + 1))[1] = us->req_sap; /* src SAP */
2062 putnext(q, hdr);
2063#else /* NO_DLPI */
2064 putnext(q, mp);
2065#endif /* NO_DLPI */
2066 }
2067 /*
2068 * Now that we have consumed some packets from this queue,
2069 * enable the control stream's read service routine so that we
2070 * can process any packets for us that might have got queued
2071 * there for flow control reasons.
2072 */
2073 if (us->ppa)
2074 qenable(us->ppa->q);
2075 }
2076
2077 return 0;
2078}
2079
2080static upperstr_t *
2081find_dest(ppa, proto)
2082 upperstr_t *ppa;
2083 int proto;
2084{
2085 upperstr_t *us;
2086
2087 for (us = ppa->next; us != 0; us = us->next)
2088 if (proto == us->sap)
2089 break;
2090 return us;
2091}
2092
2093#if defined (SOL2)
2094/*
2095 * Test upstream promiscuous conditions. As of now, only pass IPv4 and
2096 * Ipv6 packets upstream (let PPP packets be decoded elsewhere).
2097 */
2098static upperstr_t *
2099find_promisc(us, proto)
2100 upperstr_t *us;
2101 int proto;
2102{
2103
2104 if ((proto != PPP_IP) && (proto != PPP_IPV6))
2105 return (upperstr_t *)0;
2106
2107 for ( ; us; us = us->next) {
2108 if ((us->flags & US_PROMISC) && (us->state == DL_IDLE))
2109 return us;
2110 }
2111
2112 return (upperstr_t *)0;
2113}
2114
2115/*
2116 * Prepend an empty Ethernet header to msg for snoop, et al.
2117 */
2118static mblk_t *
2119prepend_ether(us, mp, proto)
2120 upperstr_t *us;
2121 mblk_t *mp;
2122 int proto;
2123{
2124 mblk_t *eh;
2125 int type;
2126
2127 if ((eh = allocb(sizeof(struct ether_header), BPRI_HI)) == 0) {
2128 freemsg(mp);
2129 return (mblk_t *)0;
2130 }
2131
2132 if (proto == PPP_IP)
2133 type = ETHERTYPE_IP;
2134 else if (proto == PPP_IPV6)
2135 type = ETHERTYPE_IPV6;
2136 else
2137 type = proto; /* What else? Let decoder decide */
2138
2139 eh->b_wptr += sizeof(struct ether_header);
2140 bzero((caddr_t)eh->b_rptr, sizeof(struct ether_header));
2141 ((struct ether_header *)eh->b_rptr)->ether_type = htons((short)type);
2142 eh->b_cont = mp;
2143 return (eh);
2144}
2145
2146/*
2147 * Prepend DL_UNITDATA_IND mblk to msg
2148 */
2149static mblk_t *
2150prepend_udind(us, mp, proto)
2151 upperstr_t *us;
2152 mblk_t *mp;
2153 int proto;
2154{
2155 dl_unitdata_ind_t *dlu;
2156 mblk_t *dh;
2157 size_t size;
2158
2159 size = sizeof(dl_unitdata_ind_t);
2160 if ((dh = allocb(size, BPRI_MED)) == 0) {
2161 freemsg(mp);
2162 return (mblk_t *)0;
2163 }
2164
2165 dh->b_datap->db_type = M_PROTO;
2166 dh->b_wptr = dh->b_datap->db_lim;
2167 dh->b_rptr = dh->b_wptr - size;
2168
2169 dlu = (dl_unitdata_ind_t *)dh->b_rptr;
2170 dlu->dl_primitive = DL_UNITDATA_IND;
2171 dlu->dl_dest_addr_length = 0;
2172 dlu->dl_dest_addr_offset = sizeof(dl_unitdata_ind_t);
2173 dlu->dl_src_addr_length = 0;
2174 dlu->dl_src_addr_offset = sizeof(dl_unitdata_ind_t);
2175 dlu->dl_group_address = 0;
2176
2177 dh->b_cont = mp;
2178 return (dh);
2179}
2180
2181/*
2182 * For any recognized promiscuous streams, send data upstream
2183 */
2184static void
2185promisc_sendup(ppa, mp, proto, skip)
2186 upperstr_t *ppa;
2187 mblk_t *mp;
2188 int proto, skip;
2189{
2190 mblk_t *dup_mp, *dup_dup_mp;
2191 upperstr_t *prus, *nprus;
2192
2193 if ((prus = find_promisc(ppa, proto)) != 0) {
2194 if (dup_mp = dupmsg(mp)) {
2195
2196 if (skip)
2197 dup_mp->b_rptr += PPP_HDRLEN;
2198
2199 for ( ; nprus = find_promisc(prus->next, proto);
2200 prus = nprus) {
2201
2202 if (dup_dup_mp = dupmsg(dup_mp)) {
2203 if (canputnext(prus->q)) {
2204 if (prus->flags & US_RAWDATA) {
2205 dup_dup_mp = prepend_ether(prus, dup_dup_mp, proto);
2206 } else {
2207 dup_dup_mp = prepend_udind(prus, dup_dup_mp, proto);
2208 }
2209 if (dup_dup_mp == 0)
2210 continue;
2211 putnext(prus->q, dup_dup_mp);
2212 } else {
2213 DPRINT("ppp_urput: data to promisc q dropped\n");
2214 freemsg(dup_dup_mp);
2215 }
2216 }
2217 }
2218
2219 if (canputnext(prus->q)) {
2220 if (prus->flags & US_RAWDATA) {
2221 dup_mp = prepend_ether(prus, dup_mp, proto);
2222 } else {
2223 dup_mp = prepend_udind(prus, dup_mp, proto);
2224 }
2225 if (dup_mp != 0)
2226 putnext(prus->q, dup_mp);
2227 } else {
2228 DPRINT("ppp_urput: data to promisc q dropped\n");
2229 freemsg(dup_mp);
2230 }
2231 }
2232 }
2233}
2234#endif /* defined(SOL2) */
2235
2236/*
2237 * We simply put the message on to the associated upper control stream
2238 * (either here or in ppplrsrv). That way we enter the perimeters
2239 * before looking through the list of attached streams to decide which
2240 * stream it should go up.
2241 */
2242static int
2243ppplrput(q, mp)
2244 queue_t *q;
2245 mblk_t *mp;
2246{
2247 queue_t *uq;
2248 struct iocblk *iop;
2249
2250 switch (mp->b_datap->db_type) {
2251 case M_IOCTL:
2252 iop = (struct iocblk *) mp->b_rptr;
2253 iop->ioc_error = EINVAL;
2254 mp->b_datap->db_type = M_IOCNAK;
2255 qreply(q, mp);
2256 return 0;
2257 case M_FLUSH:
2258 if (*mp->b_rptr & FLUSHR)
2259 flushq(q, FLUSHDATA);
2260 if (*mp->b_rptr & FLUSHW) {
2261 *mp->b_rptr &= ~FLUSHR;
2262 qreply(q, mp);
2263 } else
2264 freemsg(mp);
2265 return 0;
2266 }
2267
2268 /*
2269 * If we can't get the lower lock straight away, queue this one
2270 * rather than blocking, to avoid the possibility of deadlock.
2271 */
2272 if (!TRYLOCK_LOWER_R) {
2273 if (!putq(q, mp))
2274 freemsg(mp);
2275 return 0;
2276 }
2277
2278 /*
2279 * Check that we're still connected to the driver.
2280 */
2281 uq = (queue_t *) q->q_ptr;
2282 if (uq == 0) {
2283 UNLOCK_LOWER;
2284 DPRINT1("ppplrput: q = %x, uq = 0??\n", q);
2285 freemsg(mp);
2286 return 0;
2287 }
2288
2289 /*
2290 * Try to forward the message to the put routine for the upper
2291 * control stream for this lower stream.
2292 * If there are already messages queued here, queue this one so
2293 * they don't get out of order.
2294 */
2295 if (queclass(mp) == QPCTL || (qsize(q) == 0 && canput(uq)))
2296 put(uq, mp);
2297 else if (!putq(q, mp))
2298 freemsg(mp);
2299
2300 UNLOCK_LOWER;
2301 return 0;
2302}
2303
2304static int
2305ppplrsrv(q)
2306 queue_t *q;
2307{
2308 mblk_t *mp;
2309 queue_t *uq;
2310
2311 /*
2312 * Packets get queued here for flow control reasons
2313 * or if the lrput routine couldn't get the lower lock
2314 * without blocking.
2315 */
2316 LOCK_LOWER_R;
2317 uq = (queue_t *) q->q_ptr;
2318 if (uq == 0) {
2319 UNLOCK_LOWER;
2320 flushq(q, FLUSHALL);
2321 DPRINT1("ppplrsrv: q = %x, uq = 0??\n", q);
2322 return 0;
2323 }
2324 while ((mp = getq(q)) != 0) {
2325 if (queclass(mp) == QPCTL || canput(uq))
2326 put(uq, mp);
2327 else {
2328 putbq(q, mp);
2329 break;
2330 }
2331 }
2332 UNLOCK_LOWER;
2333 return 0;
2334}
2335
2336static int
2337putctl2(q, type, code, val)
2338 queue_t *q;
2339 int type, code, val;
2340{
2341 mblk_t *mp;
2342
2343 mp = allocb(2, BPRI_HI);
2344 if (mp == 0)
2345 return 0;
2346 mp->b_datap->db_type = type;
2347 mp->b_wptr[0] = code;
2348 mp->b_wptr[1] = val;
2349 mp->b_wptr += 2;
2350 putnext(q, mp);
2351 return 1;
2352}
2353
2354static int
2355putctl4(q, type, code, val)
2356 queue_t *q;
2357 int type, code, val;
2358{
2359 mblk_t *mp;
2360
2361 mp = allocb(4, BPRI_HI);
2362 if (mp == 0)
2363 return 0;
2364 mp->b_datap->db_type = type;
2365 mp->b_wptr[0] = code;
2366 ((short *)mp->b_wptr)[1] = val;
2367 mp->b_wptr += 4;
2368 putnext(q, mp);
2369 return 1;
2370}
2371
2372static void
2373debug_dump(q, mp)
2374 queue_t *q;
2375 mblk_t *mp;
2376{
2377 upperstr_t *us;
2378 queue_t *uq, *lq;
2379
2380 DPRINT("ppp upper streams:\n");
2381 for (us = minor_devs; us != 0; us = us->nextmn) {
2382 uq = us->q;
2383 DPRINT3(" %d: q=%x rlev=%d",
2384 us->mn, uq, (uq? qsize(uq): 0));
2385 DPRINT3(" wlev=%d flags=0x%b", (uq? qsize(WR(uq)): 0),
2386 us->flags, "\020\1priv\2control\3blocked\4last");
2387 DPRINT3(" state=%x sap=%x req_sap=%x", us->state, us->sap,
2388 us->req_sap);
2389 if (us->ppa == 0)
2390 DPRINT(" ppa=?\n");
2391 else
2392 DPRINT1(" ppa=%d\n", us->ppa->ppa_id);
2393 if (us->flags & US_CONTROL) {
2394 lq = us->lowerq;
2395 DPRINT3(" control for %d lq=%x rlev=%d",
2396 us->ppa_id, lq, (lq? qsize(RD(lq)): 0));
2397 DPRINT3(" wlev=%d mru=%d mtu=%d\n",
2398 (lq? qsize(lq): 0), us->mru, us->mtu);
2399 }
2400 }
2401 mp->b_datap->db_type = M_IOCACK;
2402 qreply(q, mp);
2403}
2404
2405#ifdef FILTER_PACKETS
2406#include <netinet/in_systm.h>
2407#include <netinet/ip.h>
2408#include <netinet/udp.h>
2409#include <netinet/tcp.h>
2410
2411#define MAX_IPHDR 128 /* max TCP/IP header size */
2412
2413
2414/* The following table contains a hard-coded list of protocol/port pairs.
2415 * Any matching packets are either discarded unconditionally, or,
2416 * if ok_if_link_up is non-zero when a connection does not currently exist
2417 * (i.e., they go through if the connection is present, but never initiate
2418 * a dial-out).
2419 * This idea came from a post by dm@garage.uun.org (David Mazieres)
2420 */
2421static struct pktfilt_tab {
2422 int proto;
2423 u_short port;
2424 u_short ok_if_link_up;
2425} pktfilt_tab[] = {
2426 { IPPROTO_UDP, 520, 1 }, /* RIP, ok to pass if link is up */
2427 { IPPROTO_UDP, 123, 1 }, /* NTP, don't keep up the link for it */
2428 { -1, 0, 0 } /* terminator entry has port == -1 */
2429};
2430
2431
2432/*
2433 * Packet has already been freed if return value is 0.
2434 */
2435static int
2436ip_hard_filter(us, mp, outbound)
2437 upperstr_t *us;
2438 mblk_t *mp;
2439 int outbound;
2440{
2441 struct ip *ip;
2442 struct pktfilt_tab *pft;
2443 mblk_t *temp_mp;
2444 int proto;
2445 int len, hlen;
2446
2447
2448 /* Note, the PPP header has already been pulled up in all cases */
2449 proto = PPP_PROTOCOL(mp->b_rptr);
2450 if (us->flags & US_DBGLOG)
2451 DPRINT3("ppp/%d: filter, proto=0x%x, out=%d\n", us->mn, proto, outbound);
2452
2453 switch (proto)
2454 {
2455 case PPP_IP:
2456 if ((mp->b_wptr - mp->b_rptr) == PPP_HDRLEN && mp->b_cont != 0) {
2457 temp_mp = mp->b_cont;
2458 len = msgdsize(temp_mp);
2459 hlen = (len < MAX_IPHDR) ? len : MAX_IPHDR;
2460 PULLUP(temp_mp, hlen);
2461 if (temp_mp == 0) {
2462 DPRINT2("ppp/%d: filter, pullup next failed, len=%d\n",
2463 us->mn, hlen);
2464 mp->b_cont = 0; /* PULLUP() freed the rest */
2465 freemsg(mp);
2466 return 0;
2467 }
2468 ip = (struct ip *)mp->b_cont->b_rptr;
2469 }
2470 else {
2471 len = msgdsize(mp);
2472 hlen = (len < (PPP_HDRLEN+MAX_IPHDR)) ? len : (PPP_HDRLEN+MAX_IPHDR);
2473 PULLUP(mp, hlen);
2474 if (mp == 0) {
2475 DPRINT2("ppp/%d: filter, pullup failed, len=%d\n",
2476 us->mn, hlen);
2477 return 0;
2478 }
2479 ip = (struct ip *)(mp->b_rptr + PPP_HDRLEN);
2480 }
2481
2482 /* For IP traffic, certain packets (e.g., RIP) may be either
2483 * 1. ignored - dropped completely
2484 * 2. will not initiate a connection, but
2485 * will be passed if a connection is currently up.
2486 */
2487 for (pft=pktfilt_tab; pft->proto != -1; pft++) {
2488 if (ip->ip_p == pft->proto) {
2489 switch(pft->proto) {
2490 case IPPROTO_UDP:
2491 if (((struct udphdr *) &((int *)ip)[ip->ip_hl])->uh_dport
2492 == htons(pft->port)) goto endfor;
2493 break;
2494 case IPPROTO_TCP:
2495 if (((struct tcphdr *) &((int *)ip)[ip->ip_hl])->th_dport
2496 == htons(pft->port)) goto endfor;
2497 break;
2498 }
2499 }
2500 }
2501 endfor:
2502 if (pft->proto != -1) {
2503 if (us->flags & US_DBGLOG)
2504 DPRINT3("ppp/%d: found IP pkt, proto=0x%x (%d)\n",
2505 us->mn, pft->proto, pft->port);
2506 /* Discard if not connected, or if not pass_with_link_up */
2507 /* else, if link is up let go by, but don't update time */
2508 if (pft->ok_if_link_up)
2509 return -1;
2510 freemsg(mp);
2511 return 0;
2512 }
2513 break;
2514 } /* end switch (proto) */
2515
2516 return 1;
2517}
2518#endif /* FILTER_PACKETS */
2519