1 /*
2 * ng_lmi.c
3 */
4
5 /*-
6 * Copyright (c) 1996-1999 Whistle Communications, Inc.
7 * All rights reserved.
8 *
9 * Subject to the following obligations and disclaimer of warranty, use and
10 * redistribution of this software, in source or object code forms, with or
11 * without modifications are expressly permitted by Whistle Communications;
12 * provided, however, that:
13 * 1. Any and all reproductions of the source or object code must include the
14 * copyright notice above and the following disclaimer of warranties; and
15 * 2. No rights are granted, in any manner or form, to use Whistle
16 * Communications, Inc. trademarks, including the mark "WHISTLE
17 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as
18 * such appears in the above copyright notice or in the software.
19 *
20 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
21 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
22 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
23 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
24 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
25 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY
26 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
27 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
28 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
29 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
30 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
31 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
32 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
36 * OF SUCH DAMAGE.
37 *
38 * Author: Julian Elischer <julian@freebsd.org>
39 *
40 * $FreeBSD: src/sys/netgraph/ng_lmi.c,v 1.25 2006/01/14 14:17:27 glebius Exp $
41 * $Whistle: ng_lmi.c,v 1.38 1999/11/01 09:24:52 julian Exp $
42 */
43
44 /*
45 * This node performs the frame relay LMI protocol. It knows how
46 * to do ITU Annex A, ANSI Annex D, and "Group-of-Four" variants
47 * of the protocol.
48 *
49 * A specific protocol can be forced by connecting the corresponding
50 * hook to DLCI 0 or 1023 (as appropriate) of a frame relay link.
51 *
52 * Alternately, this node can do auto-detection of the LMI protocol
53 * by connecting hook "auto0" to DLCI 0 and "auto1023" to DLCI 1023.
54 */
55
56 #include <sys/param.h>
57 #include <sys/systm.h>
58 #include <sys/errno.h>
59 #include <sys/kernel.h>
60 #include <sys/malloc.h>
61 #include <sys/mbuf.h>
62 #include <sys/syslog.h>
63 #include <netgraph7/ng_message.h>
64 #include <netgraph7/netgraph.h>
65 #include "ng_lmi.h"
66
67 /*
68 * Human readable names for LMI
69 */
70 #define NAME_ANNEXA NG_LMI_HOOK_ANNEXA
71 #define NAME_ANNEXD NG_LMI_HOOK_ANNEXD
72 #define NAME_GROUP4 NG_LMI_HOOK_GROUPOF4
73 #define NAME_NONE "None"
74
75 #define MAX_DLCIS 128
76 #define MAXDLCI 1023
77
78 /*
79 * DLCI states
80 */
81 #define DLCI_NULL 0
82 #define DLCI_UP 1
83 #define DLCI_DOWN 2
84
85 /*
86 * Any received LMI frame should be at least this long
87 */
88 #define LMI_MIN_LENGTH 8 /* XXX verify */
89
90 /*
91 * Netgraph node methods and type descriptor
92 */
93 static ng_constructor_t nglmi_constructor;
94 static ng_rcvmsg_t nglmi_rcvmsg;
95 static ng_shutdown_t nglmi_shutdown;
96 static ng_newhook_t nglmi_newhook;
97 static ng_rcvdata_t nglmi_rcvdata;
98 static ng_disconnect_t nglmi_disconnect;
99 static int nglmi_checkdata(hook_p hook, struct mbuf *m);
100
101 static struct ng_type typestruct = {
102 .version = NG_ABI_VERSION,
103 .name = NG_LMI_NODE_TYPE,
104 .constructor = nglmi_constructor,
105 .rcvmsg = nglmi_rcvmsg,
106 .shutdown = nglmi_shutdown,
107 .newhook = nglmi_newhook,
108 .rcvdata = nglmi_rcvdata,
109 .disconnect = nglmi_disconnect,
110 };
111 NETGRAPH_INIT(lmi, &typestruct);
112
113 /*
114 * Info and status per node
115 */
116 struct nglmi_softc {
117 node_p node; /* netgraph node */
118 int flags; /* state */
119 int poll_count; /* the count of times for autolmi */
120 int poll_state; /* state of auto detect machine */
121 u_char remote_seq; /* sequence number the remote sent */
122 u_char local_seq; /* last sequence number we sent */
123 u_char protoID; /* 9 for group of 4, 8 otherwise */
124 u_long seq_retries; /* sent this how many time so far */
125 struct callout handle; /* see timeout(9) */
126 int liv_per_full;
127 int liv_rate;
128 int livs;
129 int need_full;
130 hook_p lmi_channel; /* whatever we ended up using */
131 hook_p lmi_annexA;
132 hook_p lmi_annexD;
133 hook_p lmi_group4;
134 hook_p lmi_channel0; /* auto-detect on DLCI 0 */
135 hook_p lmi_channel1023;/* auto-detect on DLCI 1023 */
136 char *protoname; /* cache protocol name */
137 u_char dlci_state[MAXDLCI + 1];
138 int invalidx; /* next dlci's to invalidate */
139 };
140 typedef struct nglmi_softc *sc_p;
141
142 /*
143 * Other internal functions
144 */
145 static void LMI_ticker(node_p node, hook_p hook, void *arg1, int arg2);
146 static void nglmi_startup_fixed(sc_p sc, hook_p hook);
147 static void nglmi_startup_auto(sc_p sc);
148 static void nglmi_startup(sc_p sc);
149 static void nglmi_inquire(sc_p sc, int full);
150 static void ngauto_state_machine(sc_p sc);
151
152 /*
153 * Values for 'flags' field
154 * NB: the SCF_CONNECTED flag is set if and only if the timer is running.
155 */
156 #define SCF_CONNECTED 0x01 /* connected to something */
157 #define SCF_AUTO 0x02 /* we are auto-detecting */
158 #define SCF_FIXED 0x04 /* we are fixed from the start */
159
160 #define SCF_LMITYPE 0x18 /* mask for determining Annex mode */
161 #define SCF_NOLMI 0x00 /* no LMI type selected yet */
162 #define SCF_ANNEX_A 0x08 /* running annex A mode */
163 #define SCF_ANNEX_D 0x10 /* running annex D mode */
164 #define SCF_GROUP4 0x18 /* running group of 4 */
165
166 #define SETLMITYPE(sc, annex) \
167 do { \
168 (sc)->flags &= ~SCF_LMITYPE; \
169 (sc)->flags |= (annex); \
170 } while (0)
171
172 #define NOPROTO(sc) (((sc)->flags & SCF_LMITYPE) == SCF_NOLMI)
173 #define ANNEXA(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_A)
174 #define ANNEXD(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_D)
175 #define GROUP4(sc) (((sc)->flags & SCF_LMITYPE) == SCF_GROUP4)
176
177 #define LMIPOLLSIZE 3
178 #define LMI_PATIENCE 8 /* declare all DLCI DOWN after N LMI failures */
179
180 /*
181 * Node constructor
182 */
183 static int
nglmi_constructor(node_p node)184 nglmi_constructor(node_p node)
185 {
186 sc_p sc;
187
188 sc = kmalloc(sizeof(*sc), M_NETGRAPH, M_WAITOK | M_NULLOK | M_ZERO);
189 if (sc == NULL)
190 return (ENOMEM);
191
192 NG_NODE_SET_PRIVATE(node, sc);
193 sc->node = node;
194
195 ng_callout_init(&sc->handle);
196 sc->protoname = NAME_NONE;
197 sc->liv_per_full = NG_LMI_SEQ_PER_FULL; /* make this dynamic */
198 sc->liv_rate = NG_LMI_KEEPALIVE_RATE;
199 return (0);
200 }
201
202 /*
203 * The LMI channel has a private pointer which is the same as the
204 * node private pointer. The debug channel has a NULL private pointer.
205 */
206 static int
nglmi_newhook(node_p node,hook_p hook,const char * name)207 nglmi_newhook(node_p node, hook_p hook, const char *name)
208 {
209 sc_p sc = NG_NODE_PRIVATE(node);
210
211 if (strcmp(name, NG_LMI_HOOK_DEBUG) == 0) {
212 NG_HOOK_SET_PRIVATE(hook, NULL);
213 return (0);
214 }
215 if (sc->flags & SCF_CONNECTED) {
216 /* already connected, return an error */
217 return (EINVAL);
218 }
219 if (strcmp(name, NG_LMI_HOOK_ANNEXA) == 0) {
220 sc->lmi_annexA = hook;
221 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
222 sc->protoID = 8;
223 SETLMITYPE(sc, SCF_ANNEX_A);
224 sc->protoname = NAME_ANNEXA;
225 nglmi_startup_fixed(sc, hook);
226 } else if (strcmp(name, NG_LMI_HOOK_ANNEXD) == 0) {
227 sc->lmi_annexD = hook;
228 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
229 sc->protoID = 8;
230 SETLMITYPE(sc, SCF_ANNEX_D);
231 sc->protoname = NAME_ANNEXD;
232 nglmi_startup_fixed(sc, hook);
233 } else if (strcmp(name, NG_LMI_HOOK_GROUPOF4) == 0) {
234 sc->lmi_group4 = hook;
235 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
236 sc->protoID = 9;
237 SETLMITYPE(sc, SCF_GROUP4);
238 sc->protoname = NAME_GROUP4;
239 nglmi_startup_fixed(sc, hook);
240 } else if (strcmp(name, NG_LMI_HOOK_AUTO0) == 0) {
241 /* Note this, and if B is already installed, we're complete */
242 sc->lmi_channel0 = hook;
243 sc->protoname = NAME_NONE;
244 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
245 if (sc->lmi_channel1023)
246 nglmi_startup_auto(sc);
247 } else if (strcmp(name, NG_LMI_HOOK_AUTO1023) == 0) {
248 /* Note this, and if A is already installed, we're complete */
249 sc->lmi_channel1023 = hook;
250 sc->protoname = NAME_NONE;
251 NG_HOOK_SET_PRIVATE(hook, NG_NODE_PRIVATE(node));
252 if (sc->lmi_channel0)
253 nglmi_startup_auto(sc);
254 } else
255 return (EINVAL); /* unknown hook */
256 return (0);
257 }
258
259 /*
260 * We have just attached to a live (we hope) node.
261 * Fire out a LMI inquiry, and then start up the timers.
262 */
263 static void
LMI_ticker(node_p node,hook_p hook,void * arg1,int arg2)264 LMI_ticker(node_p node, hook_p hook, void *arg1, int arg2)
265 {
266 sc_p sc = NG_NODE_PRIVATE(node);
267
268 if (sc->flags & SCF_AUTO) {
269 ngauto_state_machine(sc);
270 ng_callout(&sc->handle, node, NULL, NG_LMI_POLL_RATE * hz,
271 LMI_ticker, NULL, 0);
272 } else {
273 if (sc->livs++ >= sc->liv_per_full) {
274 nglmi_inquire(sc, 1);
275 /* sc->livs = 0; *//* do this when we get the answer! */
276 } else {
277 nglmi_inquire(sc, 0);
278 }
279 ng_callout(&sc->handle, node, NULL, sc->liv_rate * hz,
280 LMI_ticker, NULL, 0);
281 }
282 }
283
284 static void
nglmi_startup_fixed(sc_p sc,hook_p hook)285 nglmi_startup_fixed(sc_p sc, hook_p hook)
286 {
287 sc->flags |= (SCF_FIXED | SCF_CONNECTED);
288 sc->lmi_channel = hook;
289 nglmi_startup(sc);
290 }
291
292 static void
nglmi_startup_auto(sc_p sc)293 nglmi_startup_auto(sc_p sc)
294 {
295 sc->flags |= (SCF_AUTO | SCF_CONNECTED);
296 sc->poll_state = 0; /* reset state machine */
297 sc->poll_count = 0;
298 nglmi_startup(sc);
299 }
300
301 static void
nglmi_startup(sc_p sc)302 nglmi_startup(sc_p sc)
303 {
304 sc->remote_seq = 0;
305 sc->local_seq = 1;
306 sc->seq_retries = 0;
307 sc->livs = sc->liv_per_full - 1;
308 /* start off the ticker in 1 sec */
309 ng_callout(&sc->handle, sc->node, NULL, hz, LMI_ticker, NULL, 0);
310 }
311
312 static void
nglmi_inquire(sc_p sc,int full)313 nglmi_inquire(sc_p sc, int full)
314 {
315 struct mbuf *m;
316 struct ng_tag_prio *ptag;
317 char *cptr, *start;
318 int error;
319
320 if (sc->lmi_channel == NULL)
321 return;
322 MGETHDR(m, M_NOWAIT, MT_DATA);
323 if (m == NULL) {
324 log(LOG_ERR, "nglmi: unable to start up LMI processing\n");
325 return;
326 }
327 m->m_pkthdr.rcvif = NULL;
328
329 /* Attach a tag to packet, marking it of link level state priority, so
330 * that device driver would put it in the beginning of queue */
331
332 ptag = (struct ng_tag_prio *)m_tag_alloc(NGM_GENERIC_COOKIE, NG_TAG_PRIO,
333 (sizeof(struct ng_tag_prio) - sizeof(struct m_tag)), M_NOWAIT);
334 if (ptag != NULL) { /* if it failed, well, it was optional anyhow */
335 ptag->priority = NG_PRIO_LINKSTATE;
336 ptag->discardability = -1;
337 m_tag_prepend(m, &ptag->tag);
338 }
339
340 m->m_data += 4; /* leave some room for a header */
341 cptr = start = mtod(m, char *);
342 /* add in the header for an LMI inquiry. */
343 *cptr++ = 0x03; /* UI frame */
344 if (GROUP4(sc))
345 *cptr++ = 0x09; /* proto discriminator */
346 else
347 *cptr++ = 0x08; /* proto discriminator */
348 *cptr++ = 0x00; /* call reference */
349 *cptr++ = 0x75; /* inquiry */
350
351 /* If we are Annex-D, add locking shift to codeset 5. */
352 if (ANNEXD(sc))
353 *cptr++ = 0x95; /* locking shift */
354 /* Add a request type */
355 if (ANNEXA(sc))
356 *cptr++ = 0x51; /* report type */
357 else
358 *cptr++ = 0x01; /* report type */
359 *cptr++ = 0x01; /* size = 1 */
360 if (full)
361 *cptr++ = 0x00; /* full */
362 else
363 *cptr++ = 0x01; /* partial */
364
365 /* Add a link verification IE */
366 if (ANNEXA(sc))
367 *cptr++ = 0x53; /* verification IE */
368 else
369 *cptr++ = 0x03; /* verification IE */
370 *cptr++ = 0x02; /* 2 extra bytes */
371 *cptr++ = sc->local_seq;
372 *cptr++ = sc->remote_seq;
373 sc->seq_retries++;
374
375 /* Send it */
376 m->m_len = m->m_pkthdr.len = cptr - start;
377 NG_SEND_DATA_ONLY(error, sc->lmi_channel, m);
378
379 /* If we've been sending requests for long enough, and there has
380 * been no response, then mark as DOWN, any DLCIs that are UP. */
381 if (sc->seq_retries == LMI_PATIENCE) {
382 int count;
383
384 for (count = 0; count < MAXDLCI; count++)
385 if (sc->dlci_state[count] == DLCI_UP)
386 sc->dlci_state[count] = DLCI_DOWN;
387 }
388 }
389
390 /*
391 * State machine for LMI auto-detect. The transitions are ordered
392 * to try the more likely possibilities first.
393 */
394 static void
ngauto_state_machine(sc_p sc)395 ngauto_state_machine(sc_p sc)
396 {
397 if ((sc->poll_count <= 0) || (sc->poll_count > LMIPOLLSIZE)) {
398 /* time to change states in the auto probe machine */
399 /* capture wild values of poll_count while we are at it */
400 sc->poll_count = LMIPOLLSIZE;
401 sc->poll_state++;
402 }
403 switch (sc->poll_state) {
404 case 7:
405 log(LOG_WARNING, "nglmi: no response from exchange\n");
406 default: /* capture bad states */
407 sc->poll_state = 1;
408 case 1:
409 sc->lmi_channel = sc->lmi_channel0;
410 SETLMITYPE(sc, SCF_ANNEX_D);
411 break;
412 case 2:
413 sc->lmi_channel = sc->lmi_channel1023;
414 SETLMITYPE(sc, SCF_ANNEX_D);
415 break;
416 case 3:
417 sc->lmi_channel = sc->lmi_channel0;
418 SETLMITYPE(sc, SCF_ANNEX_A);
419 break;
420 case 4:
421 sc->lmi_channel = sc->lmi_channel1023;
422 SETLMITYPE(sc, SCF_GROUP4);
423 break;
424 case 5:
425 sc->lmi_channel = sc->lmi_channel1023;
426 SETLMITYPE(sc, SCF_ANNEX_A);
427 break;
428 case 6:
429 sc->lmi_channel = sc->lmi_channel0;
430 SETLMITYPE(sc, SCF_GROUP4);
431 break;
432 }
433
434 /* send an inquirey encoded appropriatly */
435 nglmi_inquire(sc, 0);
436 sc->poll_count--;
437 }
438
439 /*
440 * Receive a netgraph control message.
441 */
442 static int
nglmi_rcvmsg(node_p node,item_p item,hook_p lasthook)443 nglmi_rcvmsg(node_p node, item_p item, hook_p lasthook)
444 {
445 sc_p sc = NG_NODE_PRIVATE(node);
446 struct ng_mesg *resp = NULL;
447 int error = 0;
448 struct ng_mesg *msg;
449
450 NGI_GET_MSG(item, msg);
451 switch (msg->header.typecookie) {
452 case NGM_GENERIC_COOKIE:
453 switch (msg->header.cmd) {
454 case NGM_TEXT_STATUS:
455 {
456 char *arg;
457 int pos, count;
458
459 NG_MKRESPONSE(resp, msg, NG_TEXTRESPONSE, M_WAITOK | M_NULLOK);
460 if (resp == NULL) {
461 error = ENOMEM;
462 break;
463 }
464 arg = resp->data;
465 pos = ksprintf(arg, "protocol %s ", sc->protoname);
466 if (sc->flags & SCF_FIXED)
467 pos += ksprintf(arg + pos, "fixed\n");
468 else if (sc->flags & SCF_AUTO)
469 pos += ksprintf(arg + pos, "auto-detecting\n");
470 else
471 pos += ksprintf(arg + pos, "auto on dlci %d\n",
472 (sc->lmi_channel == sc->lmi_channel0) ?
473 0 : 1023);
474 pos += ksprintf(arg + pos,
475 "keepalive period: %d seconds\n", sc->liv_rate);
476 pos += ksprintf(arg + pos,
477 "unacknowledged keepalives: %ld\n",
478 sc->seq_retries);
479 for (count = 0;
480 ((count <= MAXDLCI)
481 && (pos < (NG_TEXTRESPONSE - 20)));
482 count++) {
483 if (sc->dlci_state[count]) {
484 pos += ksprintf(arg + pos,
485 "dlci %d %s\n", count,
486 (sc->dlci_state[count]
487 == DLCI_UP) ? "up" : "down");
488 }
489 }
490 resp->header.arglen = pos + 1;
491 break;
492 }
493 default:
494 error = EINVAL;
495 break;
496 }
497 break;
498 case NGM_LMI_COOKIE:
499 switch (msg->header.cmd) {
500 case NGM_LMI_GET_STATUS:
501 {
502 struct nglmistat *stat;
503 int k;
504
505 NG_MKRESPONSE(resp, msg, sizeof(*stat), M_WAITOK | M_NULLOK);
506 if (!resp) {
507 error = ENOMEM;
508 break;
509 }
510 stat = (struct nglmistat *) resp->data;
511 strncpy(stat->proto,
512 sc->protoname, sizeof(stat->proto) - 1);
513 strncpy(stat->hook,
514 sc->protoname, sizeof(stat->hook) - 1);
515 stat->autod = !!(sc->flags & SCF_AUTO);
516 stat->fixed = !!(sc->flags & SCF_FIXED);
517 for (k = 0; k <= MAXDLCI; k++) {
518 switch (sc->dlci_state[k]) {
519 case DLCI_UP:
520 stat->up[k / 8] |= (1 << (k % 8));
521 /* fall through */
522 case DLCI_DOWN:
523 stat->seen[k / 8] |= (1 << (k % 8));
524 break;
525 }
526 }
527 break;
528 }
529 default:
530 error = EINVAL;
531 break;
532 }
533 break;
534 default:
535 error = EINVAL;
536 break;
537 }
538
539 NG_RESPOND_MSG(error, node, item, resp);
540 NG_FREE_MSG(msg);
541 return (error);
542 }
543
544 #define STEPBY(stepsize) \
545 do { \
546 packetlen -= (stepsize); \
547 data += (stepsize); \
548 } while (0)
549
550 /*
551 * receive data, and use it to update our status.
552 * Anything coming in on the debug port is discarded.
553 */
554 static int
nglmi_rcvdata(hook_p hook,item_p item)555 nglmi_rcvdata(hook_p hook, item_p item)
556 {
557 sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
558 const u_char *data;
559 unsigned short dlci;
560 u_short packetlen;
561 int resptype_seen = 0;
562 struct mbuf *m;
563
564 NGI_GET_M(item, m);
565 NG_FREE_ITEM(item);
566 if (NG_HOOK_PRIVATE(hook) == NULL) {
567 goto drop;
568 }
569 packetlen = m->m_len;
570
571 /* XXX what if it's more than 1 mbuf? */
572 if ((packetlen > MHLEN) && !(m->m_flags & M_EXT)) {
573 log(LOG_WARNING, "nglmi: packetlen (%d) too big\n", packetlen);
574 goto drop;
575 }
576 if (m->m_len < packetlen && (m = m_pullup(m, packetlen)) == NULL) {
577 log(LOG_WARNING,
578 "nglmi: m_pullup failed for %d bytes\n", packetlen);
579 return (0);
580 }
581 if (nglmi_checkdata(hook, m) == 0)
582 return (0);
583
584 /* pass the first 4 bytes (already checked in the nglmi_checkdata()) */
585 data = mtod(m, const u_char *);
586 STEPBY(4);
587
588 /* Now check if there is a 'locking shift'. This is only seen in
589 * Annex D frames. don't bother checking, we already did that. Don't
590 * increment immediatly as it might not be there. */
591 if (ANNEXD(sc))
592 STEPBY(1);
593
594 /* If we get this far we should consider that it is a legitimate
595 * frame and we know what it is. */
596 if (sc->flags & SCF_AUTO) {
597 /* note the hook that this valid channel came from and drop
598 * out of auto probe mode. */
599 if (ANNEXA(sc))
600 sc->protoname = NAME_ANNEXA;
601 else if (ANNEXD(sc))
602 sc->protoname = NAME_ANNEXD;
603 else if (GROUP4(sc))
604 sc->protoname = NAME_GROUP4;
605 else {
606 log(LOG_ERR, "nglmi: No known type\n");
607 goto drop;
608 }
609 sc->lmi_channel = hook;
610 sc->flags &= ~SCF_AUTO;
611 log(LOG_INFO, "nglmi: auto-detected %s LMI on DLCI %d\n",
612 sc->protoname, hook == sc->lmi_channel0 ? 0 : 1023);
613 }
614
615 /* While there is more data in the status packet, keep processing
616 * status items. First make sure there is enough data for the
617 * segment descriptor's length field. */
618 while (packetlen >= 2) {
619 u_int segtype = data[0];
620 u_int segsize = data[1];
621
622 /* Now that we know how long it claims to be, make sure
623 * there is enough data for the next seg. */
624 if (packetlen < segsize + 2)
625 break;
626 switch (segtype) {
627 case 0x01:
628 case 0x51:
629 if (resptype_seen) {
630 log(LOG_WARNING, "nglmi: dup MSGTYPE\n");
631 goto nextIE;
632 }
633 resptype_seen++;
634 /* The remote end tells us what kind of response
635 * this is. Only expect a type 0 or 1. if we are a
636 * full status, invalidate a few DLCIs just to see
637 * that they are still ok. */
638 if (segsize != 1)
639 goto nextIE;
640 switch (data[2]) {
641 case 1:
642 /* partial status, do no extra processing */
643 break;
644 case 0:
645 {
646 int count = 0;
647 int idx = sc->invalidx;
648
649 for (count = 0; count < 10; count++) {
650 if (idx > MAXDLCI)
651 idx = 0;
652 if (sc->dlci_state[idx] == DLCI_UP)
653 sc->dlci_state[idx] = DLCI_DOWN;
654 idx++;
655 }
656 sc->invalidx = idx;
657 /* we got and we wanted one. relax
658 * now.. but don't reset to 0 if it
659 * was unrequested. */
660 if (sc->livs > sc->liv_per_full)
661 sc->livs = 0;
662 break;
663 }
664 }
665 break;
666 case 0x03:
667 case 0x53:
668 /* The remote tells us what it thinks the sequence
669 * numbers are. If it's not size 2, it must be a
670 * duplicate to have gotten this far, skip it. */
671 if (segsize != 2)
672 goto nextIE;
673 sc->remote_seq = data[2];
674 if (sc->local_seq == data[3]) {
675 sc->local_seq++;
676 sc->seq_retries = 0;
677 /* Note that all 3 Frame protocols seem to
678 * not like 0 as a sequence number. */
679 if (sc->local_seq == 0)
680 sc->local_seq = 1;
681 }
682 break;
683 case 0x07:
684 case 0x57:
685 /* The remote tells us about a DLCI that it knows
686 * about. There may be many of these in a single
687 * status response */
688 switch (segsize) {
689 case 6:/* only on 'group of 4' */
690 dlci = ((u_short) data[2] & 0xff) << 8;
691 dlci |= (data[3] & 0xff);
692 if ((dlci < 1024) && (dlci > 0)) {
693 /* XXX */
694 }
695 break;
696 case 3:
697 dlci = ((u_short) data[2] & 0x3f) << 4;
698 dlci |= ((data[3] & 0x78) >> 3);
699 if ((dlci < 1024) && (dlci > 0)) {
700 /* set up the bottom half of the
701 * support for that dlci if it's not
702 * already been done */
703 /* store this information somewhere */
704 }
705 break;
706 default:
707 goto nextIE;
708 }
709 if (sc->dlci_state[dlci] != DLCI_UP) {
710 /* bring new DLCI to life */
711 /* may do more here some day */
712 if (sc->dlci_state[dlci] != DLCI_DOWN)
713 log(LOG_INFO,
714 "nglmi: DLCI %d became active\n",
715 dlci);
716 sc->dlci_state[dlci] = DLCI_UP;
717 }
718 break;
719 }
720 nextIE:
721 STEPBY(segsize + 2);
722 }
723 NG_FREE_M(m);
724 return (0);
725
726 drop:
727 NG_FREE_M(m);
728 return (EINVAL);
729 }
730
731 /*
732 * Check that a packet is entirely kosha.
733 * return 1 of ok, and 0 if not.
734 * All data is discarded if a 0 is returned.
735 */
736 static int
nglmi_checkdata(hook_p hook,struct mbuf * m)737 nglmi_checkdata(hook_p hook, struct mbuf *m)
738 {
739 sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
740 const u_char *data;
741 u_short packetlen;
742 unsigned short dlci;
743 u_char type;
744 u_char nextbyte;
745 int seq_seen = 0;
746 int resptype_seen = 0; /* 0 , 1 (partial) or 2 (full) */
747 #if 0
748 int highest_dlci = 0;
749 #endif
750
751 packetlen = m->m_len;
752 data = mtod(m, const u_char *);
753 if (*data != 0x03) {
754 log(LOG_WARNING, "nglmi: unexpected value in LMI(%d)\n", 1);
755 goto reject;
756 }
757 STEPBY(1);
758
759 /* look at the protocol ID */
760 nextbyte = *data;
761 if (sc->flags & SCF_AUTO) {
762 SETLMITYPE(sc, SCF_NOLMI); /* start with a clean slate */
763 switch (nextbyte) {
764 case 0x8:
765 sc->protoID = 8;
766 break;
767 case 0x9:
768 SETLMITYPE(sc, SCF_GROUP4);
769 sc->protoID = 9;
770 break;
771 default:
772 log(LOG_WARNING, "nglmi: bad Protocol ID(%d)\n",
773 (int) nextbyte);
774 goto reject;
775 }
776 } else {
777 if (nextbyte != sc->protoID) {
778 log(LOG_WARNING, "nglmi: unexpected Protocol ID(%d)\n",
779 (int) nextbyte);
780 goto reject;
781 }
782 }
783 STEPBY(1);
784
785 /* check call reference (always null in non ISDN frame relay) */
786 if (*data != 0x00) {
787 log(LOG_WARNING, "nglmi: unexpected Call Reference (0x%x)\n",
788 data[-1]);
789 goto reject;
790 }
791 STEPBY(1);
792
793 /* check message type */
794 switch ((type = *data)) {
795 case 0x75: /* Status enquiry */
796 log(LOG_WARNING, "nglmi: unexpected message type(0x%x)\n",
797 data[-1]);
798 goto reject;
799 case 0x7D: /* Status message */
800 break;
801 default:
802 log(LOG_WARNING,
803 "nglmi: unexpected msg type(0x%x) \n", (int) type);
804 goto reject;
805 }
806 STEPBY(1);
807
808 /* Now check if there is a 'locking shift'. This is only seen in
809 * Annex D frames. Don't increment immediately as it might not be
810 * there. */
811 nextbyte = *data;
812 if (sc->flags & SCF_AUTO) {
813 if (!(GROUP4(sc))) {
814 if (nextbyte == 0x95) {
815 SETLMITYPE(sc, SCF_ANNEX_D);
816 STEPBY(1);
817 } else
818 SETLMITYPE(sc, SCF_ANNEX_A);
819 } else if (nextbyte == 0x95) {
820 log(LOG_WARNING, "nglmi: locking shift seen in G4\n");
821 goto reject;
822 }
823 } else {
824 if (ANNEXD(sc)) {
825 if (*data == 0x95)
826 STEPBY(1);
827 else {
828 log(LOG_WARNING,
829 "nglmi: locking shift missing\n");
830 goto reject;
831 }
832 } else if (*data == 0x95) {
833 log(LOG_WARNING, "nglmi: locking shift seen\n");
834 goto reject;
835 }
836 }
837
838 /* While there is more data in the status packet, keep processing
839 * status items. First make sure there is enough data for the
840 * segment descriptor's length field. */
841 while (packetlen >= 2) {
842 u_int segtype = data[0];
843 u_int segsize = data[1];
844
845 /* Now that we know how long it claims to be, make sure
846 * there is enough data for the next seg. */
847 if (packetlen < (segsize + 2)) {
848 log(LOG_WARNING, "nglmi: IE longer than packet\n");
849 break;
850 }
851 switch (segtype) {
852 case 0x01:
853 case 0x51:
854 /* According to MCI's HP analyser, we should just
855 * ignore if there is mor ethan one of these (?). */
856 if (resptype_seen) {
857 log(LOG_WARNING, "nglmi: dup MSGTYPE\n");
858 goto nextIE;
859 }
860 if (segsize != 1) {
861 log(LOG_WARNING, "nglmi: MSGTYPE wrong size\n");
862 goto reject;
863 }
864 /* The remote end tells us what kind of response
865 * this is. Only expect a type 0 or 1. if it was a
866 * full (type 0) check we just asked for a type
867 * full. */
868 switch (data[2]) {
869 case 1:/* partial */
870 if (sc->livs > sc->liv_per_full) {
871 log(LOG_WARNING,
872 "nglmi: LIV when FULL expected\n");
873 goto reject; /* need full */
874 }
875 resptype_seen = 1;
876 break;
877 case 0:/* full */
878 /* Full response is always acceptable */
879 resptype_seen = 2;
880 break;
881 default:
882 log(LOG_WARNING,
883 "nglmi: Unknown report type %d\n", data[2]);
884 goto reject;
885 }
886 break;
887 case 0x03:
888 case 0x53:
889 /* The remote tells us what it thinks the sequence
890 * numbers are. I would have thought that there
891 * needs to be one and only one of these, but MCI
892 * want us to just ignore extras. (?) */
893 if (resptype_seen == 0) {
894 log(LOG_WARNING, "nglmi: no TYPE before SEQ\n");
895 goto reject;
896 }
897 if (seq_seen != 0) /* already seen seq numbers */
898 goto nextIE;
899 if (segsize != 2) {
900 log(LOG_WARNING, "nglmi: bad SEQ sts size\n");
901 goto reject;
902 }
903 if (sc->local_seq != data[3]) {
904 log(LOG_WARNING, "nglmi: unexpected SEQ\n");
905 goto reject;
906 }
907 seq_seen = 1;
908 break;
909 case 0x07:
910 case 0x57:
911 /* The remote tells us about a DLCI that it knows
912 * about. There may be many of these in a single
913 * status response */
914 if (seq_seen != 1) { /* already seen seq numbers? */
915 log(LOG_WARNING,
916 "nglmi: No sequence before DLCI\n");
917 goto reject;
918 }
919 if (resptype_seen != 2) { /* must be full */
920 log(LOG_WARNING,
921 "nglmi: No resp type before DLCI\n");
922 goto reject;
923 }
924 if (GROUP4(sc)) {
925 if (segsize != 6) {
926 log(LOG_WARNING,
927 "nglmi: wrong IE segsize\n");
928 goto reject;
929 }
930 dlci = ((u_short) data[2] & 0xff) << 8;
931 dlci |= (data[3] & 0xff);
932 } else {
933 if (segsize != 3) {
934 log(LOG_WARNING,
935 "nglmi: DLCI headersize of %d"
936 " not supported\n", segsize - 1);
937 goto reject;
938 }
939 dlci = ((u_short) data[2] & 0x3f) << 4;
940 dlci |= ((data[3] & 0x78) >> 3);
941 }
942 /* async can only have one of these */
943 #if 0 /* async not yet accepted */
944 if (async && highest_dlci) {
945 log(LOG_WARNING,
946 "nglmi: Async with > 1 DLCI\n");
947 goto reject;
948 }
949 #endif
950 /* Annex D says these will always be Ascending, but
951 * the HP test for G4 says we should accept
952 * duplicates, so for now allow that. ( <= vs. < ) */
953 #if 0
954 /* MCI tests want us to accept out of order for AnxD */
955 if ((!GROUP4(sc)) && (dlci < highest_dlci)) {
956 /* duplicate or mis-ordered dlci */
957 /* (spec says they will increase in number) */
958 log(LOG_WARNING, "nglmi: DLCI out of order\n");
959 goto reject;
960 }
961 #endif
962 if (dlci > 1023) {
963 log(LOG_WARNING, "nglmi: DLCI out of range\n");
964 goto reject;
965 }
966 #if 0
967 highest_dlci = dlci;
968 #endif
969 break;
970 default:
971 log(LOG_WARNING,
972 "nglmi: unknown LMI segment type %d\n", segtype);
973 }
974 nextIE:
975 STEPBY(segsize + 2);
976 }
977 if (packetlen != 0) { /* partial junk at end? */
978 log(LOG_WARNING,
979 "nglmi: %d bytes extra at end of packet\n", packetlen);
980 goto print;
981 }
982 if (resptype_seen == 0) {
983 log(LOG_WARNING, "nglmi: No response type seen\n");
984 goto reject; /* had no response type */
985 }
986 if (seq_seen == 0) {
987 log(LOG_WARNING, "nglmi: No sequence numbers seen\n");
988 goto reject; /* had no sequence numbers */
989 }
990 return (1);
991
992 print:
993 {
994 int i, j, k, pos;
995 char buf[100];
996 int loc;
997 const u_char *bp = mtod(m, const u_char *);
998
999 k = i = 0;
1000 loc = (m->m_len - packetlen);
1001 log(LOG_WARNING, "nglmi: error at location %d\n", loc);
1002 while (k < m->m_len) {
1003 pos = 0;
1004 j = 0;
1005 while ((j++ < 16) && k < m->m_len) {
1006 pos += ksprintf(buf + pos, "%c%02x",
1007 ((loc == k) ? '>' : ' '),
1008 bp[k]);
1009 k++;
1010 }
1011 if (i == 0)
1012 log(LOG_WARNING, "nglmi: packet data:%s\n", buf);
1013 else
1014 log(LOG_WARNING, "%04d :%s\n", k, buf);
1015 i++;
1016 }
1017 }
1018 return (1);
1019 reject:
1020 {
1021 int i, j, k, pos;
1022 char buf[100];
1023 int loc;
1024 const u_char *bp = mtod(m, const u_char *);
1025
1026 k = i = 0;
1027 loc = (m->m_len - packetlen);
1028 log(LOG_WARNING, "nglmi: error at location %d\n", loc);
1029 while (k < m->m_len) {
1030 pos = 0;
1031 j = 0;
1032 while ((j++ < 16) && k < m->m_len) {
1033 pos += ksprintf(buf + pos, "%c%02x",
1034 ((loc == k) ? '>' : ' '),
1035 bp[k]);
1036 k++;
1037 }
1038 if (i == 0)
1039 log(LOG_WARNING, "nglmi: packet data:%s\n", buf);
1040 else
1041 log(LOG_WARNING, "%04d :%s\n", k, buf);
1042 i++;
1043 }
1044 }
1045 NG_FREE_M(m);
1046 return (0);
1047 }
1048
1049 /*
1050 * Do local shutdown processing..
1051 * Cut any remaining links and free our local resources.
1052 */
1053 static int
nglmi_shutdown(node_p node)1054 nglmi_shutdown(node_p node)
1055 {
1056 const sc_p sc = NG_NODE_PRIVATE(node);
1057
1058 NG_NODE_SET_PRIVATE(node, NULL);
1059 NG_NODE_UNREF(sc->node);
1060 kfree(sc, M_NETGRAPH);
1061 return (0);
1062 }
1063
1064 /*
1065 * Hook disconnection
1066 * For this type, removal of any link except "debug" destroys the node.
1067 */
1068 static int
nglmi_disconnect(hook_p hook)1069 nglmi_disconnect(hook_p hook)
1070 {
1071 const sc_p sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1072
1073 /* OK to remove debug hook(s) */
1074 if (NG_HOOK_PRIVATE(hook) == NULL)
1075 return (0);
1076
1077 /* Stop timer if it's currently active */
1078 if (sc->flags & SCF_CONNECTED)
1079 ng_uncallout(&sc->handle, sc->node);
1080
1081 /* Self-destruct */
1082 if (NG_NODE_IS_VALID(NG_HOOK_NODE(hook)))
1083 ng_rmnode_self(NG_HOOK_NODE(hook));
1084 return (0);
1085 }
1086
1087