1 2 /* 3 * ng_lmi.c 4 * 5 * Copyright (c) 1996-1999 Whistle Communications, Inc. 6 * All rights reserved. 7 * 8 * Subject to the following obligations and disclaimer of warranty, use and 9 * redistribution of this software, in source or object code forms, with or 10 * without modifications are expressly permitted by Whistle Communications; 11 * provided, however, that: 12 * 1. Any and all reproductions of the source or object code must include the 13 * copyright notice above and the following disclaimer of warranties; and 14 * 2. No rights are granted, in any manner or form, to use Whistle 15 * Communications, Inc. trademarks, including the mark "WHISTLE 16 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as 17 * such appears in the above copyright notice or in the software. 18 * 19 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND 20 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO 21 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE, 22 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF 23 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. 24 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY 25 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS 26 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE. 27 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES 28 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING 29 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 30 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR 31 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY 32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY 35 * OF SUCH DAMAGE. 36 * 37 * Author: Julian Elischer <julian@freebsd.org> 38 * 39 * $FreeBSD: src/sys/netgraph/ng_lmi.c,v 1.5.2.3 2002/07/02 22:17:18 archie Exp $ 40 * $Whistle: ng_lmi.c,v 1.38 1999/11/01 09:24:52 julian Exp $ 41 */ 42 43 /* 44 * This node performs the frame relay LMI protocol. It knows how 45 * to do ITU Annex A, ANSI Annex D, and "Group-of-Four" variants 46 * of the protocol. 47 * 48 * A specific protocol can be forced by connecting the corresponding 49 * hook to DLCI 0 or 1023 (as appropriate) of a frame relay link. 50 * 51 * Alternately, this node can do auto-detection of the LMI protocol 52 * by connecting hook "auto0" to DLCI 0 and "auto1023" to DLCI 1023. 53 */ 54 55 #include <sys/param.h> 56 #include <sys/systm.h> 57 #include <sys/errno.h> 58 #include <sys/kernel.h> 59 #include <sys/malloc.h> 60 #include <sys/mbuf.h> 61 #include <sys/syslog.h> 62 #include <sys/thread2.h> 63 #include <netgraph/ng_message.h> 64 #include <netgraph/netgraph.h> 65 #include "ng_lmi.h" 66 67 /* 68 * Human readable names for LMI 69 */ 70 #define NAME_ANNEXA NG_LMI_HOOK_ANNEXA 71 #define NAME_ANNEXD NG_LMI_HOOK_ANNEXD 72 #define NAME_GROUP4 NG_LMI_HOOK_GROUPOF4 73 #define NAME_NONE "None" 74 75 #define MAX_DLCIS 128 76 #define MAXDLCI 1023 77 78 /* 79 * DLCI states 80 */ 81 #define DLCI_NULL 0 82 #define DLCI_UP 1 83 #define DLCI_DOWN 2 84 85 /* 86 * Any received LMI frame should be at least this long 87 */ 88 #define LMI_MIN_LENGTH 8 /* XXX verify */ 89 90 /* 91 * Netgraph node methods and type descriptor 92 */ 93 static ng_constructor_t nglmi_constructor; 94 static ng_rcvmsg_t nglmi_rcvmsg; 95 static ng_shutdown_t nglmi_rmnode; 96 static ng_newhook_t nglmi_newhook; 97 static ng_rcvdata_t nglmi_rcvdata; 98 static ng_disconnect_t nglmi_disconnect; 99 static int nglmi_checkdata(hook_p hook, struct mbuf *m, meta_p meta); 100 101 static struct ng_type typestruct = { 102 NG_VERSION, 103 NG_LMI_NODE_TYPE, 104 NULL, 105 nglmi_constructor, 106 nglmi_rcvmsg, 107 nglmi_rmnode, 108 nglmi_newhook, 109 NULL, 110 NULL, 111 nglmi_rcvdata, 112 nglmi_rcvdata, 113 nglmi_disconnect, 114 NULL 115 }; 116 NETGRAPH_INIT(lmi, &typestruct); 117 118 /* 119 * Info and status per node 120 */ 121 struct nglmi_softc { 122 node_p node; /* netgraph node */ 123 int flags; /* state */ 124 int poll_count; /* the count of times for autolmi */ 125 int poll_state; /* state of auto detect machine */ 126 u_char remote_seq; /* sequence number the remote sent */ 127 u_char local_seq; /* last sequence number we sent */ 128 u_char protoID; /* 9 for group of 4, 8 otherwise */ 129 u_long seq_retries; /* sent this how many time so far */ 130 struct callout timeout; /* see timeout(9) */ 131 int liv_per_full; 132 int liv_rate; 133 int livs; 134 int need_full; 135 hook_p lmi_channel; /* whatever we ended up using */ 136 hook_p lmi_annexA; 137 hook_p lmi_annexD; 138 hook_p lmi_group4; 139 hook_p lmi_channel0; /* auto-detect on DLCI 0 */ 140 hook_p lmi_channel1023;/* auto-detect on DLCI 1023 */ 141 char *protoname; /* cache protocol name */ 142 u_char dlci_state[MAXDLCI + 1]; 143 int invalidx; /* next dlci's to invalidate */ 144 }; 145 typedef struct nglmi_softc *sc_p; 146 147 /* 148 * Other internal functions 149 */ 150 static void LMI_ticker(void *arg); 151 static void nglmi_startup_fixed(sc_p sc, hook_p hook); 152 static void nglmi_startup_auto(sc_p sc); 153 static void nglmi_startup(sc_p sc); 154 static void nglmi_inquire(sc_p sc, int full); 155 static void ngauto_state_machine(sc_p sc); 156 157 /* 158 * Values for 'flags' field 159 * NB: the SCF_CONNECTED flag is set if and only if the timer is running. 160 */ 161 #define SCF_CONNECTED 0x01 /* connected to something */ 162 #define SCF_AUTO 0x02 /* we are auto-detecting */ 163 #define SCF_FIXED 0x04 /* we are fixed from the start */ 164 165 #define SCF_LMITYPE 0x18 /* mask for determining Annex mode */ 166 #define SCF_NOLMI 0x00 /* no LMI type selected yet */ 167 #define SCF_ANNEX_A 0x08 /* running annex A mode */ 168 #define SCF_ANNEX_D 0x10 /* running annex D mode */ 169 #define SCF_GROUP4 0x18 /* running group of 4 */ 170 171 #define SETLMITYPE(sc, annex) \ 172 do { \ 173 (sc)->flags &= ~SCF_LMITYPE; \ 174 (sc)->flags |= (annex); \ 175 } while (0) 176 177 #define NOPROTO(sc) (((sc)->flags & SCF_LMITYPE) == SCF_NOLMI) 178 #define ANNEXA(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_A) 179 #define ANNEXD(sc) (((sc)->flags & SCF_LMITYPE) == SCF_ANNEX_D) 180 #define GROUP4(sc) (((sc)->flags & SCF_LMITYPE) == SCF_GROUP4) 181 182 #define LMIPOLLSIZE 3 183 #define LMI_PATIENCE 8 /* declare all DLCI DOWN after N LMI failures */ 184 185 /* 186 * Node constructor 187 */ 188 static int 189 nglmi_constructor(node_p *nodep) 190 { 191 sc_p sc; 192 int error = 0; 193 194 sc = kmalloc(sizeof(*sc), M_NETGRAPH, M_NOWAIT | M_ZERO); 195 if (sc == NULL) 196 return (ENOMEM); 197 198 callout_init(&sc->timeout); 199 if ((error = ng_make_node_common(&typestruct, nodep))) { 200 kfree(sc, M_NETGRAPH); 201 return (error); 202 } 203 (*nodep)->private = sc; 204 sc->protoname = NAME_NONE; 205 sc->node = *nodep; 206 sc->liv_per_full = NG_LMI_SEQ_PER_FULL; /* make this dynamic */ 207 sc->liv_rate = NG_LMI_KEEPALIVE_RATE; 208 return (0); 209 } 210 211 /* 212 * The LMI channel has a private pointer which is the same as the 213 * node private pointer. The debug channel has a NULL private pointer. 214 */ 215 static int 216 nglmi_newhook(node_p node, hook_p hook, const char *name) 217 { 218 sc_p sc = node->private; 219 220 if (strcmp(name, NG_LMI_HOOK_DEBUG) == 0) { 221 hook->private = NULL; 222 return (0); 223 } 224 if (sc->flags & SCF_CONNECTED) { 225 /* already connected, return an error */ 226 return (EINVAL); 227 } 228 if (strcmp(name, NG_LMI_HOOK_ANNEXA) == 0) { 229 sc->lmi_annexA = hook; 230 hook->private = node->private; 231 sc->protoID = 8; 232 SETLMITYPE(sc, SCF_ANNEX_A); 233 sc->protoname = NAME_ANNEXA; 234 nglmi_startup_fixed(sc, hook); 235 } else if (strcmp(name, NG_LMI_HOOK_ANNEXD) == 0) { 236 sc->lmi_annexD = hook; 237 hook->private = node->private; 238 sc->protoID = 8; 239 SETLMITYPE(sc, SCF_ANNEX_D); 240 sc->protoname = NAME_ANNEXD; 241 nglmi_startup_fixed(sc, hook); 242 } else if (strcmp(name, NG_LMI_HOOK_GROUPOF4) == 0) { 243 sc->lmi_group4 = hook; 244 hook->private = node->private; 245 sc->protoID = 9; 246 SETLMITYPE(sc, SCF_GROUP4); 247 sc->protoname = NAME_GROUP4; 248 nglmi_startup_fixed(sc, hook); 249 } else if (strcmp(name, NG_LMI_HOOK_AUTO0) == 0) { 250 /* Note this, and if B is already installed, we're complete */ 251 sc->lmi_channel0 = hook; 252 sc->protoname = NAME_NONE; 253 hook->private = node->private; 254 if (sc->lmi_channel1023) 255 nglmi_startup_auto(sc); 256 } else if (strcmp(name, NG_LMI_HOOK_AUTO1023) == 0) { 257 /* Note this, and if A is already installed, we're complete */ 258 sc->lmi_channel1023 = hook; 259 sc->protoname = NAME_NONE; 260 hook->private = node->private; 261 if (sc->lmi_channel0) 262 nglmi_startup_auto(sc); 263 } else 264 return (EINVAL); /* unknown hook */ 265 return (0); 266 } 267 268 /* 269 * We have just attached to a live (we hope) node. 270 * Fire out a LMI inquiry, and then start up the timers. 271 */ 272 static void 273 LMI_ticker(void *arg) 274 { 275 sc_p sc = arg; 276 277 crit_enter(); 278 if (sc->flags & SCF_AUTO) { 279 ngauto_state_machine(sc); 280 callout_reset(&sc->timeout, NG_LMI_POLL_RATE * hz, 281 LMI_ticker, sc); 282 } else { 283 if (sc->livs++ >= sc->liv_per_full) { 284 nglmi_inquire(sc, 1); 285 /* sc->livs = 0; *//* do this when we get the answer! */ 286 } else { 287 nglmi_inquire(sc, 0); 288 } 289 callout_reset(&sc->timeout, sc->liv_rate * hz, LMI_ticker, sc); 290 } 291 crit_exit(); 292 } 293 294 static void 295 nglmi_startup_fixed(sc_p sc, hook_p hook) 296 { 297 sc->flags |= (SCF_FIXED | SCF_CONNECTED); 298 sc->lmi_channel = hook; 299 nglmi_startup(sc); 300 } 301 302 static void 303 nglmi_startup_auto(sc_p sc) 304 { 305 sc->flags |= (SCF_AUTO | SCF_CONNECTED); 306 sc->poll_state = 0; /* reset state machine */ 307 sc->poll_count = 0; 308 nglmi_startup(sc); 309 } 310 311 static void 312 nglmi_startup(sc_p sc) 313 { 314 sc->remote_seq = 0; 315 sc->local_seq = 1; 316 sc->seq_retries = 0; 317 sc->livs = sc->liv_per_full - 1; 318 /* start off the ticker in 1 sec */ 319 callout_reset(&sc->timeout, hz, LMI_ticker, sc); 320 } 321 322 #define META_PAD 16 323 static void 324 nglmi_inquire(sc_p sc, int full) 325 { 326 struct mbuf *m; 327 char *cptr, *start; 328 int error; 329 meta_p meta = NULL; 330 331 if (sc->lmi_channel == NULL) 332 return; 333 MGETHDR(m, MB_DONTWAIT, MT_DATA); 334 if (m == NULL) { 335 log(LOG_ERR, "nglmi: unable to start up LMI processing\n"); 336 return; 337 } 338 m->m_pkthdr.rcvif = NULL; 339 /* Allocate a meta struct (and leave some slop for options to be 340 * added by other modules). */ 341 /* MALLOC(meta, meta_p, sizeof( struct ng_meta) + META_PAD, 342 * M_NETGRAPH, M_NOWAIT); */ 343 meta = kmalloc(sizeof(*meta) + META_PAD, M_NETGRAPH, M_NOWAIT); 344 if (meta != NULL) { /* if it failed, well, it was optional anyhow */ 345 meta->used_len = (u_short) sizeof(struct ng_meta); 346 meta->allocated_len 347 = (u_short) sizeof(struct ng_meta) + META_PAD; 348 meta->flags = 0; 349 meta->priority = NG_LMI_LMI_PRIORITY; 350 meta->discardability = -1; 351 } 352 m->m_data += 4; /* leave some room for a header */ 353 cptr = start = mtod(m, char *); 354 /* add in the header for an LMI inquiry. */ 355 *cptr++ = 0x03; /* UI frame */ 356 if (GROUP4(sc)) 357 *cptr++ = 0x09; /* proto discriminator */ 358 else 359 *cptr++ = 0x08; /* proto discriminator */ 360 *cptr++ = 0x00; /* call reference */ 361 *cptr++ = 0x75; /* inquiry */ 362 363 /* If we are Annex-D, there is this extra thing.. */ 364 if (ANNEXD(sc)) 365 *cptr++ = 0x95; /* ??? */ 366 /* Add a request type */ 367 if (ANNEXA(sc)) 368 *cptr++ = 0x51; /* report type */ 369 else 370 *cptr++ = 0x01; /* report type */ 371 *cptr++ = 0x01; /* size = 1 */ 372 if (full) 373 *cptr++ = 0x00; /* full */ 374 else 375 *cptr++ = 0x01; /* partial */ 376 377 /* Add a link verification IE */ 378 if (ANNEXA(sc)) 379 *cptr++ = 0x53; /* verification IE */ 380 else 381 *cptr++ = 0x03; /* verification IE */ 382 *cptr++ = 0x02; /* 2 extra bytes */ 383 *cptr++ = sc->local_seq; 384 *cptr++ = sc->remote_seq; 385 sc->seq_retries++; 386 387 /* Send it */ 388 m->m_len = m->m_pkthdr.len = cptr - start; 389 NG_SEND_DATA(error, sc->lmi_channel, m, meta); 390 391 /* If we've been sending requests for long enough, and there has 392 * been no response, then mark as DOWN, any DLCIs that are UP. */ 393 if (sc->seq_retries == LMI_PATIENCE) { 394 int count; 395 396 for (count = 0; count < MAXDLCI; count++) 397 if (sc->dlci_state[count] == DLCI_UP) 398 sc->dlci_state[count] = DLCI_DOWN; 399 } 400 } 401 402 /* 403 * State machine for LMI auto-detect. The transitions are ordered 404 * to try the more likely possibilities first. 405 */ 406 static void 407 ngauto_state_machine(sc_p sc) 408 { 409 if ((sc->poll_count <= 0) || (sc->poll_count > LMIPOLLSIZE)) { 410 /* time to change states in the auto probe machine */ 411 /* capture wild values of poll_count while we are at it */ 412 sc->poll_count = LMIPOLLSIZE; 413 sc->poll_state++; 414 } 415 switch (sc->poll_state) { 416 case 7: 417 log(LOG_WARNING, "nglmi: no response from exchange\n"); 418 default: /* capture bad states */ 419 sc->poll_state = 1; 420 case 1: 421 sc->lmi_channel = sc->lmi_channel0; 422 SETLMITYPE(sc, SCF_ANNEX_D); 423 break; 424 case 2: 425 sc->lmi_channel = sc->lmi_channel1023; 426 SETLMITYPE(sc, SCF_ANNEX_D); 427 break; 428 case 3: 429 sc->lmi_channel = sc->lmi_channel0; 430 SETLMITYPE(sc, SCF_ANNEX_A); 431 break; 432 case 4: 433 sc->lmi_channel = sc->lmi_channel1023; 434 SETLMITYPE(sc, SCF_GROUP4); 435 break; 436 case 5: 437 sc->lmi_channel = sc->lmi_channel1023; 438 SETLMITYPE(sc, SCF_ANNEX_A); 439 break; 440 case 6: 441 sc->lmi_channel = sc->lmi_channel0; 442 SETLMITYPE(sc, SCF_GROUP4); 443 break; 444 } 445 446 /* send an inquirey encoded appropriatly */ 447 nglmi_inquire(sc, 0); 448 sc->poll_count--; 449 } 450 451 /* 452 * Receive a netgraph control message. 453 */ 454 static int 455 nglmi_rcvmsg(node_p node, struct ng_mesg *msg, const char *retaddr, 456 struct ng_mesg **resp) 457 { 458 int error = 0; 459 sc_p sc = node->private; 460 461 switch (msg->header.typecookie) { 462 case NGM_GENERIC_COOKIE: 463 switch (msg->header.cmd) { 464 case NGM_TEXT_STATUS: 465 { 466 char *arg; 467 int pos, count; 468 469 NG_MKRESPONSE(*resp, msg, NG_TEXTRESPONSE, M_NOWAIT); 470 if (*resp == NULL) { 471 error = ENOMEM; 472 break; 473 } 474 arg = (*resp)->data; 475 pos = ksprintf(arg, "protocol %s ", sc->protoname); 476 if (sc->flags & SCF_FIXED) 477 pos += ksprintf(arg + pos, "fixed\n"); 478 else if (sc->flags & SCF_AUTO) 479 pos += ksprintf(arg + pos, "auto-detecting\n"); 480 else 481 pos += ksprintf(arg + pos, "auto on dlci %d\n", 482 (sc->lmi_channel == sc->lmi_channel0) ? 483 0 : 1023); 484 pos += ksprintf(arg + pos, 485 "keepalive period: %d seconds\n", sc->liv_rate); 486 pos += ksprintf(arg + pos, 487 "unacknowledged keepalives: %ld\n", 488 sc->seq_retries); 489 for (count = 0; 490 ((count <= MAXDLCI) 491 && (pos < (NG_TEXTRESPONSE - 20))); 492 count++) { 493 if (sc->dlci_state[count]) { 494 pos += ksprintf(arg + pos, 495 "dlci %d %s\n", count, 496 (sc->dlci_state[count] 497 == DLCI_UP) ? "up" : "down"); 498 } 499 } 500 (*resp)->header.arglen = pos + 1; 501 break; 502 } 503 default: 504 error = EINVAL; 505 break; 506 } 507 break; 508 case NGM_LMI_COOKIE: 509 switch (msg->header.cmd) { 510 case NGM_LMI_GET_STATUS: 511 { 512 struct nglmistat *stat; 513 int k; 514 515 NG_MKRESPONSE(*resp, msg, sizeof(*stat), M_NOWAIT); 516 if (!*resp) { 517 error = ENOMEM; 518 break; 519 } 520 stat = (struct nglmistat *) (*resp)->data; 521 strncpy(stat->proto, 522 sc->protoname, sizeof(stat->proto) - 1); 523 strncpy(stat->hook, 524 sc->protoname, sizeof(stat->hook) - 1); 525 stat->autod = !!(sc->flags & SCF_AUTO); 526 stat->fixed = !!(sc->flags & SCF_FIXED); 527 for (k = 0; k <= MAXDLCI; k++) { 528 switch (sc->dlci_state[k]) { 529 case DLCI_UP: 530 stat->up[k / 8] |= (1 << (k % 8)); 531 /* fall through */ 532 case DLCI_DOWN: 533 stat->seen[k / 8] |= (1 << (k % 8)); 534 break; 535 } 536 } 537 break; 538 } 539 default: 540 error = EINVAL; 541 break; 542 } 543 break; 544 default: 545 error = EINVAL; 546 break; 547 } 548 kfree(msg, M_NETGRAPH); 549 return (error); 550 } 551 552 #define STEPBY(stepsize) \ 553 do { \ 554 packetlen -= (stepsize); \ 555 data += (stepsize); \ 556 } while (0) 557 558 /* 559 * receive data, and use it to update our status. 560 * Anything coming in on the debug port is discarded. 561 */ 562 static int 563 nglmi_rcvdata(hook_p hook, struct mbuf *m, meta_p meta) 564 { 565 sc_p sc = hook->node->private; 566 const u_char *data; 567 unsigned short dlci; 568 u_short packetlen; 569 int resptype_seen = 0; 570 int seq_seen = 0; 571 572 if (hook->private == NULL) { 573 goto drop; 574 } 575 packetlen = m->m_hdr.mh_len; 576 577 /* XXX what if it's more than 1 mbuf? */ 578 if ((packetlen > MHLEN) && !(m->m_flags & M_EXT)) { 579 log(LOG_WARNING, "nglmi: packetlen (%d) too big\n", packetlen); 580 goto drop; 581 } 582 if (m->m_len < packetlen && (m = m_pullup(m, packetlen)) == NULL) { 583 log(LOG_WARNING, 584 "nglmi: m_pullup failed for %d bytes\n", packetlen); 585 NG_FREE_META(meta); 586 return (0); 587 } 588 if (nglmi_checkdata(hook, m, meta) == 0) 589 return (0); 590 591 /* pass the first 4 bytes (already checked in the nglmi_checkdata()) */ 592 data = mtod(m, const u_char *); 593 STEPBY(4); 594 595 /* Now check if there is a 'locking shift'. This is only seen in 596 * Annex D frames. don't bother checking, we already did that. Don't 597 * increment immediatly as it might not be there. */ 598 if (ANNEXD(sc)) 599 STEPBY(1); 600 601 /* If we get this far we should consider that it is a legitimate 602 * frame and we know what it is. */ 603 if (sc->flags & SCF_AUTO) { 604 /* note the hook that this valid channel came from and drop 605 * out of auto probe mode. */ 606 if (ANNEXA(sc)) 607 sc->protoname = NAME_ANNEXA; 608 else if (ANNEXD(sc)) 609 sc->protoname = NAME_ANNEXD; 610 else if (GROUP4(sc)) 611 sc->protoname = NAME_GROUP4; 612 else { 613 log(LOG_ERR, "nglmi: No known type\n"); 614 goto drop; 615 } 616 sc->lmi_channel = hook; 617 sc->flags &= ~SCF_AUTO; 618 log(LOG_INFO, "nglmi: auto-detected %s LMI on DLCI %d\n", 619 sc->protoname, hook == sc->lmi_channel0 ? 0 : 1023); 620 } 621 622 /* While there is more data in the status packet, keep processing 623 * status items. First make sure there is enough data for the 624 * segment descriptor's length field. */ 625 while (packetlen >= 2) { 626 u_int segtype = data[0]; 627 u_int segsize = data[1]; 628 629 /* Now that we know how long it claims to be, make sure 630 * there is enough data for the next seg. */ 631 if (packetlen < segsize + 2) 632 break; 633 switch (segtype) { 634 case 0x01: 635 case 0x51: 636 if (resptype_seen) { 637 log(LOG_WARNING, "nglmi: dup MSGTYPE\n"); 638 goto nextIE; 639 } 640 resptype_seen++; 641 /* The remote end tells us what kind of response 642 * this is. Only expect a type 0 or 1. if we are a 643 * full status, invalidate a few DLCIs just to see 644 * that they are still ok. */ 645 if (segsize != 1) 646 goto nextIE; 647 switch (data[2]) { 648 case 1: 649 /* partial status, do no extra processing */ 650 break; 651 case 0: 652 { 653 int count = 0; 654 int idx = sc->invalidx; 655 656 for (count = 0; count < 10; count++) { 657 if (idx > MAXDLCI) 658 idx = 0; 659 if (sc->dlci_state[idx] == DLCI_UP) 660 sc->dlci_state[idx] = DLCI_DOWN; 661 idx++; 662 } 663 sc->invalidx = idx; 664 /* we got and we wanted one. relax 665 * now.. but don't reset to 0 if it 666 * was unrequested. */ 667 if (sc->livs > sc->liv_per_full) 668 sc->livs = 0; 669 break; 670 } 671 } 672 break; 673 case 0x03: 674 case 0x53: 675 /* The remote tells us what it thinks the sequence 676 * numbers are. If it's not size 2, it must be a 677 * duplicate to have gotten this far, skip it. */ 678 if (seq_seen != 0) /* already seen seq numbers */ 679 goto nextIE; 680 if (segsize != 2) 681 goto nextIE; 682 sc->remote_seq = data[2]; 683 if (sc->local_seq == data[3]) { 684 sc->local_seq++; 685 sc->seq_retries = 0; 686 /* Note that all 3 Frame protocols seem to 687 * not like 0 as a sequence number. */ 688 if (sc->local_seq == 0) 689 sc->local_seq = 1; 690 } 691 break; 692 case 0x07: 693 case 0x57: 694 /* The remote tells us about a DLCI that it knows 695 * about. There may be many of these in a single 696 * status response */ 697 switch (segsize) { 698 case 6:/* only on 'group of 4' */ 699 dlci = ((u_short) data[2] & 0xff) << 8; 700 dlci |= (data[3] & 0xff); 701 if ((dlci < 1024) && (dlci > 0)) { 702 /* XXX */ 703 } 704 break; 705 case 3: 706 dlci = ((u_short) data[2] & 0x3f) << 4; 707 dlci |= ((data[3] & 0x78) >> 3); 708 if ((dlci < 1024) && (dlci > 0)) { 709 /* set up the bottom half of the 710 * support for that dlci if it's not 711 * already been done */ 712 /* store this information somewhere */ 713 } 714 break; 715 default: 716 goto nextIE; 717 } 718 if (sc->dlci_state[dlci] != DLCI_UP) { 719 /* bring new DLCI to life */ 720 /* may do more here some day */ 721 if (sc->dlci_state[dlci] != DLCI_DOWN) 722 log(LOG_INFO, 723 "nglmi: DLCI %d became active\n", 724 dlci); 725 sc->dlci_state[dlci] = DLCI_UP; 726 } 727 break; 728 } 729 nextIE: 730 STEPBY(segsize + 2); 731 } 732 NG_FREE_DATA(m, meta); 733 return (0); 734 735 drop: 736 NG_FREE_DATA(m, meta); 737 return (EINVAL); 738 } 739 740 /* 741 * Check that a packet is entirely kosha. 742 * return 1 of ok, and 0 if not. 743 * All data is discarded if a 0 is returned. 744 */ 745 static int 746 nglmi_checkdata(hook_p hook, struct mbuf *m, meta_p meta) 747 { 748 sc_p sc = hook->node->private; 749 const u_char *data; 750 u_short packetlen; 751 unsigned short dlci; 752 u_char type; 753 u_char nextbyte; 754 int seq_seen = 0; 755 int resptype_seen = 0; /* 0 , 1 (partial) or 2 (full) */ 756 int highest_dlci = 0; 757 758 packetlen = m->m_hdr.mh_len; 759 data = mtod(m, const u_char *); 760 if (*data != 0x03) { 761 log(LOG_WARNING, "nglmi: unexpected value in LMI(%d)\n", 1); 762 goto reject; 763 } 764 STEPBY(1); 765 766 /* look at the protocol ID */ 767 nextbyte = *data; 768 if (sc->flags & SCF_AUTO) { 769 SETLMITYPE(sc, SCF_NOLMI); /* start with a clean slate */ 770 switch (nextbyte) { 771 case 0x8: 772 sc->protoID = 8; 773 break; 774 case 0x9: 775 SETLMITYPE(sc, SCF_GROUP4); 776 sc->protoID = 9; 777 break; 778 default: 779 log(LOG_WARNING, "nglmi: bad Protocol ID(%d)\n", 780 (int) nextbyte); 781 goto reject; 782 } 783 } else { 784 if (nextbyte != sc->protoID) { 785 log(LOG_WARNING, "nglmi: unexpected Protocol ID(%d)\n", 786 (int) nextbyte); 787 goto reject; 788 } 789 } 790 STEPBY(1); 791 792 /* check call reference (always null in non ISDN frame relay) */ 793 if (*data != 0x00) { 794 log(LOG_WARNING, "nglmi: unexpected Call Reference (0x%x)\n", 795 data[-1]); 796 goto reject; 797 } 798 STEPBY(1); 799 800 /* check message type */ 801 switch ((type = *data)) { 802 case 0x75: /* Status enquiry */ 803 log(LOG_WARNING, "nglmi: unexpected message type(0x%x)\n", 804 data[-1]); 805 goto reject; 806 case 0x7D: /* Status message */ 807 break; 808 default: 809 log(LOG_WARNING, 810 "nglmi: unexpected msg type(0x%x) \n", (int) type); 811 goto reject; 812 } 813 STEPBY(1); 814 815 /* Now check if there is a 'locking shift'. This is only seen in 816 * Annex D frames. Don't increment immediately as it might not be 817 * there. */ 818 nextbyte = *data; 819 if (sc->flags & SCF_AUTO) { 820 if (!(GROUP4(sc))) { 821 if (nextbyte == 0x95) { 822 SETLMITYPE(sc, SCF_ANNEX_D); 823 STEPBY(1); 824 } else 825 SETLMITYPE(sc, SCF_ANNEX_A); 826 } else if (nextbyte == 0x95) { 827 log(LOG_WARNING, "nglmi: locking shift seen in G4\n"); 828 goto reject; 829 } 830 } else { 831 if (ANNEXD(sc)) { 832 if (*data == 0x95) 833 STEPBY(1); 834 else { 835 log(LOG_WARNING, 836 "nglmi: locking shift missing\n"); 837 goto reject; 838 } 839 } else if (*data == 0x95) { 840 log(LOG_WARNING, "nglmi: locking shift seen\n"); 841 goto reject; 842 } 843 } 844 845 /* While there is more data in the status packet, keep processing 846 * status items. First make sure there is enough data for the 847 * segment descriptor's length field. */ 848 while (packetlen >= 2) { 849 u_int segtype = data[0]; 850 u_int segsize = data[1]; 851 852 /* Now that we know how long it claims to be, make sure 853 * there is enough data for the next seg. */ 854 if (packetlen < (segsize + 2)) { 855 log(LOG_WARNING, "nglmi: IE longer than packet\n"); 856 break; 857 } 858 switch (segtype) { 859 case 0x01: 860 case 0x51: 861 /* According to MCI's HP analyser, we should just 862 * ignore if there is mor ethan one of these (?). */ 863 if (resptype_seen) { 864 log(LOG_WARNING, "nglmi: dup MSGTYPE\n"); 865 goto nextIE; 866 } 867 if (segsize != 1) { 868 log(LOG_WARNING, "nglmi: MSGTYPE wrong size\n"); 869 goto reject; 870 } 871 /* The remote end tells us what kind of response 872 * this is. Only expect a type 0 or 1. if it was a 873 * full (type 0) check we just asked for a type 874 * full. */ 875 switch (data[2]) { 876 case 1:/* partial */ 877 if (sc->livs > sc->liv_per_full) { 878 log(LOG_WARNING, 879 "nglmi: LIV when FULL expected\n"); 880 goto reject; /* need full */ 881 } 882 resptype_seen = 1; 883 break; 884 case 0:/* full */ 885 /* Full response is always acceptable */ 886 resptype_seen = 2; 887 break; 888 default: 889 log(LOG_WARNING, 890 "nglmi: Unknown report type %d\n", data[2]); 891 goto reject; 892 } 893 break; 894 case 0x03: 895 case 0x53: 896 /* The remote tells us what it thinks the sequence 897 * numbers are. I would have thought that there 898 * needs to be one and only one of these, but MCI 899 * want us to just ignore extras. (?) */ 900 if (resptype_seen == 0) { 901 log(LOG_WARNING, "nglmi: no TYPE before SEQ\n"); 902 goto reject; 903 } 904 if (seq_seen != 0) /* already seen seq numbers */ 905 goto nextIE; 906 if (segsize != 2) { 907 log(LOG_WARNING, "nglmi: bad SEQ sts size\n"); 908 goto reject; 909 } 910 if (sc->local_seq != data[3]) { 911 log(LOG_WARNING, "nglmi: unexpected SEQ\n"); 912 goto reject; 913 } 914 seq_seen = 1; 915 break; 916 case 0x07: 917 case 0x57: 918 /* The remote tells us about a DLCI that it knows 919 * about. There may be many of these in a single 920 * status response */ 921 if (seq_seen != 1) { /* already seen seq numbers? */ 922 log(LOG_WARNING, 923 "nglmi: No sequence before DLCI\n"); 924 goto reject; 925 } 926 if (resptype_seen != 2) { /* must be full */ 927 log(LOG_WARNING, 928 "nglmi: No resp type before DLCI\n"); 929 goto reject; 930 } 931 if (GROUP4(sc)) { 932 if (segsize != 6) { 933 log(LOG_WARNING, 934 "nglmi: wrong IE segsize\n"); 935 goto reject; 936 } 937 dlci = ((u_short) data[2] & 0xff) << 8; 938 dlci |= (data[3] & 0xff); 939 } else { 940 if (segsize != 3) { 941 log(LOG_WARNING, 942 "nglmi: DLCI headersize of %d" 943 " not supported\n", segsize - 1); 944 goto reject; 945 } 946 dlci = ((u_short) data[2] & 0x3f) << 4; 947 dlci |= ((data[3] & 0x78) >> 3); 948 } 949 /* async can only have one of these */ 950 #if 0 /* async not yet accepted */ 951 if (async && highest_dlci) { 952 log(LOG_WARNING, 953 "nglmi: Async with > 1 DLCI\n"); 954 goto reject; 955 } 956 #endif 957 /* Annex D says these will always be Ascending, but 958 * the HP test for G4 says we should accept 959 * duplicates, so for now allow that. ( <= vs. < ) */ 960 #if 0 961 /* MCI tests want us to accept out of order for AnxD */ 962 if ((!GROUP4(sc)) && (dlci < highest_dlci)) { 963 /* duplicate or mis-ordered dlci */ 964 /* (spec says they will increase in number) */ 965 log(LOG_WARNING, "nglmi: DLCI out of order\n"); 966 goto reject; 967 } 968 #endif 969 if (dlci > 1023) { 970 log(LOG_WARNING, "nglmi: DLCI out of range\n"); 971 goto reject; 972 } 973 highest_dlci = dlci; 974 break; 975 default: 976 log(LOG_WARNING, 977 "nglmi: unknown LMI segment type %d\n", segtype); 978 } 979 nextIE: 980 STEPBY(segsize + 2); 981 } 982 if (packetlen != 0) { /* partial junk at end? */ 983 log(LOG_WARNING, 984 "nglmi: %d bytes extra at end of packet\n", packetlen); 985 goto print; 986 } 987 if (resptype_seen == 0) { 988 log(LOG_WARNING, "nglmi: No response type seen\n"); 989 goto reject; /* had no response type */ 990 } 991 if (seq_seen == 0) { 992 log(LOG_WARNING, "nglmi: No sequence numbers seen\n"); 993 goto reject; /* had no sequence numbers */ 994 } 995 return (1); 996 997 print: 998 { 999 int i, j, k, pos; 1000 char buf[100]; 1001 int loc; 1002 const u_char *bp = mtod(m, const u_char *); 1003 1004 k = i = 0; 1005 loc = (m->m_hdr.mh_len - packetlen); 1006 log(LOG_WARNING, "nglmi: error at location %d\n", loc); 1007 while (k < m->m_hdr.mh_len) { 1008 pos = 0; 1009 j = 0; 1010 while ((j++ < 16) && k < m->m_hdr.mh_len) { 1011 pos += ksprintf(buf + pos, "%c%02x", 1012 ((loc == k) ? '>' : ' '), 1013 bp[k]); 1014 k++; 1015 } 1016 if (i == 0) 1017 log(LOG_WARNING, "nglmi: packet data:%s\n", buf); 1018 else 1019 log(LOG_WARNING, "%04d :%s\n", k, buf); 1020 i++; 1021 } 1022 } 1023 return (1); 1024 reject: 1025 { 1026 int i, j, k, pos; 1027 char buf[100]; 1028 int loc; 1029 const u_char *bp = mtod(m, const u_char *); 1030 1031 k = i = 0; 1032 loc = (m->m_hdr.mh_len - packetlen); 1033 log(LOG_WARNING, "nglmi: error at location %d\n", loc); 1034 while (k < m->m_hdr.mh_len) { 1035 pos = 0; 1036 j = 0; 1037 while ((j++ < 16) && k < m->m_hdr.mh_len) { 1038 pos += ksprintf(buf + pos, "%c%02x", 1039 ((loc == k) ? '>' : ' '), 1040 bp[k]); 1041 k++; 1042 } 1043 if (i == 0) 1044 log(LOG_WARNING, "nglmi: packet data:%s\n", buf); 1045 else 1046 log(LOG_WARNING, "%04d :%s\n", k, buf); 1047 i++; 1048 } 1049 } 1050 NG_FREE_DATA(m, meta); 1051 return (0); 1052 } 1053 1054 /* 1055 * Do local shutdown processing.. 1056 * Cut any remaining links and free our local resources. 1057 */ 1058 static int 1059 nglmi_rmnode(node_p node) 1060 { 1061 const sc_p sc = node->private; 1062 1063 node->flags |= NG_INVALID; 1064 ng_cutlinks(node); 1065 ng_unname(node); 1066 node->private = NULL; 1067 ng_unref(sc->node); 1068 kfree(sc, M_NETGRAPH); 1069 return (0); 1070 } 1071 1072 /* 1073 * Hook disconnection 1074 * For this type, removal of any link except "debug" destroys the node. 1075 */ 1076 static int 1077 nglmi_disconnect(hook_p hook) 1078 { 1079 const sc_p sc = hook->node->private; 1080 1081 /* OK to remove debug hook(s) */ 1082 if (hook->private == NULL) 1083 return (0); 1084 1085 /* Stop timer if it's currently active */ 1086 if (sc->flags & SCF_CONNECTED) 1087 callout_stop(&sc->timeout); 1088 1089 /* Self-destruct */ 1090 ng_rmnode(hook->node); 1091 return (0); 1092 } 1093 1094