1 /* $NetBSD: if_arp.c,v 1.151 2011/05/03 16:00:29 dyoung Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Public Access Networks Corporation ("Panix"). It was developed under 9 * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)if_ether.c 8.2 (Berkeley) 9/26/94 62 */ 63 64 /* 65 * Ethernet address resolution protocol. 66 * TODO: 67 * add "inuse/lock" bit (or ref. count) along with valid bit 68 */ 69 70 #include <sys/cdefs.h> 71 __KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.151 2011/05/03 16:00:29 dyoung Exp $"); 72 73 #include "opt_ddb.h" 74 #include "opt_inet.h" 75 76 #ifdef INET 77 78 #include "bridge.h" 79 80 #include <sys/param.h> 81 #include <sys/systm.h> 82 #include <sys/callout.h> 83 #include <sys/malloc.h> 84 #include <sys/mbuf.h> 85 #include <sys/socket.h> 86 #include <sys/time.h> 87 #include <sys/timetc.h> 88 #include <sys/kernel.h> 89 #include <sys/errno.h> 90 #include <sys/ioctl.h> 91 #include <sys/syslog.h> 92 #include <sys/proc.h> 93 #include <sys/protosw.h> 94 #include <sys/domain.h> 95 #include <sys/sysctl.h> 96 #include <sys/socketvar.h> 97 #include <sys/percpu.h> 98 99 #include <net/ethertypes.h> 100 #include <net/if.h> 101 #include <net/if_dl.h> 102 #include <net/if_token.h> 103 #include <net/if_types.h> 104 #include <net/if_ether.h> 105 #include <net/route.h> 106 #include <net/net_stats.h> 107 108 #include <netinet/in.h> 109 #include <netinet/in_systm.h> 110 #include <netinet/in_var.h> 111 #include <netinet/ip.h> 112 #include <netinet/if_inarp.h> 113 114 #include "arcnet.h" 115 #if NARCNET > 0 116 #include <net/if_arc.h> 117 #endif 118 #include "fddi.h" 119 #if NFDDI > 0 120 #include <net/if_fddi.h> 121 #endif 122 #include "token.h" 123 #include "carp.h" 124 #if NCARP > 0 125 #include <netinet/ip_carp.h> 126 #endif 127 128 #define SIN(s) ((struct sockaddr_in *)s) 129 #define SRP(s) ((struct sockaddr_inarp *)s) 130 131 /* 132 * ARP trailer negotiation. Trailer protocol is not IP specific, 133 * but ARP request/response use IP addresses. 134 */ 135 #define ETHERTYPE_IPTRAILERS ETHERTYPE_TRAIL 136 137 /* timer values */ 138 int arpt_prune = (5*60*1); /* walk list every 5 minutes */ 139 int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ 140 int arpt_down = 20; /* once declared down, don't send for 20 secs */ 141 int arpt_refresh = (5*60); /* time left before refreshing */ 142 #define rt_expire rt_rmx.rmx_expire 143 #define rt_pksent rt_rmx.rmx_pksent 144 145 static struct sockaddr *arp_setgate(struct rtentry *, struct sockaddr *, 146 const struct sockaddr *); 147 static void arptfree(struct llinfo_arp *); 148 static void arptimer(void *); 149 static struct llinfo_arp *arplookup1(struct mbuf *, const struct in_addr *, 150 int, int, struct rtentry *); 151 static struct llinfo_arp *arplookup(struct mbuf *, const struct in_addr *, 152 int, int); 153 static void in_arpinput(struct mbuf *); 154 static void arp_drainstub(void); 155 156 LIST_HEAD(, llinfo_arp) llinfo_arp; 157 struct ifqueue arpintrq = { 158 .ifq_head = NULL, 159 .ifq_tail = NULL, 160 .ifq_len = 0, 161 .ifq_maxlen = 50, 162 .ifq_drops = 0, 163 }; 164 int arp_inuse, arp_allocated, arp_intimer; 165 int arp_maxtries = 5; 166 int useloopback = 1; /* use loopback interface for local traffic */ 167 int arpinit_done = 0; 168 169 static percpu_t *arpstat_percpu; 170 171 #define ARP_STAT_GETREF() _NET_STAT_GETREF(arpstat_percpu) 172 #define ARP_STAT_PUTREF() _NET_STAT_PUTREF(arpstat_percpu) 173 174 #define ARP_STATINC(x) _NET_STATINC(arpstat_percpu, x) 175 #define ARP_STATADD(x, v) _NET_STATADD(arpstat_percpu, x, v) 176 177 struct callout arptimer_ch; 178 179 /* revarp state */ 180 struct in_addr myip, srv_ip; 181 int myip_initialized = 0; 182 int revarp_in_progress = 0; 183 struct ifnet *myip_ifp = NULL; 184 185 #ifdef DDB 186 static void db_print_sa(const struct sockaddr *); 187 static void db_print_ifa(struct ifaddr *); 188 static void db_print_llinfo(void *); 189 static int db_show_rtentry(struct rtentry *, void *); 190 #endif 191 192 static int arp_drainwanted; 193 194 /* 195 * this should be elsewhere. 196 */ 197 198 static char * 199 lla_snprintf(u_int8_t *, int); 200 201 static char * 202 lla_snprintf(u_int8_t *adrp, int len) 203 { 204 #define NUMBUFS 3 205 static char buf[NUMBUFS][16*3]; 206 static int bnum = 0; 207 208 int i; 209 char *p; 210 211 p = buf[bnum]; 212 213 *p++ = hexdigits[(*adrp)>>4]; 214 *p++ = hexdigits[(*adrp++)&0xf]; 215 216 for (i=1; i<len && i<16; i++) { 217 *p++ = ':'; 218 *p++ = hexdigits[(*adrp)>>4]; 219 *p++ = hexdigits[(*adrp++)&0xf]; 220 } 221 222 *p = 0; 223 p = buf[bnum]; 224 bnum = (bnum + 1) % NUMBUFS; 225 return p; 226 } 227 228 DOMAIN_DEFINE(arpdomain); /* forward declare and add to link set */ 229 230 static void 231 arp_fasttimo(void) 232 { 233 if (arp_drainwanted) { 234 arp_drain(); 235 arp_drainwanted = 0; 236 } 237 } 238 239 const struct protosw arpsw[] = { 240 { .pr_type = 0, 241 .pr_domain = &arpdomain, 242 .pr_protocol = 0, 243 .pr_flags = 0, 244 .pr_input = 0, 245 .pr_output = 0, 246 .pr_ctlinput = 0, 247 .pr_ctloutput = 0, 248 .pr_usrreq = 0, 249 .pr_init = arp_init, 250 .pr_fasttimo = arp_fasttimo, 251 .pr_slowtimo = 0, 252 .pr_drain = arp_drainstub, 253 } 254 }; 255 256 257 struct domain arpdomain = { 258 .dom_family = PF_ARP, 259 .dom_name = "arp", 260 .dom_protosw = arpsw, 261 .dom_protoswNPROTOSW = &arpsw[__arraycount(arpsw)], 262 }; 263 264 /* 265 * ARP table locking. 266 * 267 * to prevent lossage vs. the arp_drain routine (which may be called at 268 * any time, including in a device driver context), we do two things: 269 * 270 * 1) manipulation of la->la_hold is done at splnet() (for all of 271 * about two instructions). 272 * 273 * 2) manipulation of the arp table's linked list is done under the 274 * protection of the ARP_LOCK; if arp_drain() or arptimer is called 275 * while the arp table is locked, we punt and try again later. 276 */ 277 278 static int arp_locked; 279 static inline int arp_lock_try(int); 280 static inline void arp_unlock(void); 281 282 static inline int 283 arp_lock_try(int recurse) 284 { 285 int s; 286 287 /* 288 * Use splvm() -- we're blocking things that would cause 289 * mbuf allocation. 290 */ 291 s = splvm(); 292 if (!recurse && arp_locked) { 293 splx(s); 294 return 0; 295 } 296 arp_locked++; 297 splx(s); 298 return 1; 299 } 300 301 static inline void 302 arp_unlock(void) 303 { 304 int s; 305 306 s = splvm(); 307 arp_locked--; 308 splx(s); 309 } 310 311 #ifdef DIAGNOSTIC 312 #define ARP_LOCK(recurse) \ 313 do { \ 314 if (arp_lock_try(recurse) == 0) { \ 315 printf("%s:%d: arp already locked\n", __FILE__, __LINE__); \ 316 panic("arp_lock"); \ 317 } \ 318 } while (/*CONSTCOND*/ 0) 319 #define ARP_LOCK_CHECK() \ 320 do { \ 321 if (arp_locked == 0) { \ 322 printf("%s:%d: arp lock not held\n", __FILE__, __LINE__); \ 323 panic("arp lock check"); \ 324 } \ 325 } while (/*CONSTCOND*/ 0) 326 #else 327 #define ARP_LOCK(x) (void) arp_lock_try(x) 328 #define ARP_LOCK_CHECK() /* nothing */ 329 #endif 330 331 #define ARP_UNLOCK() arp_unlock() 332 333 static void sysctl_net_inet_arp_setup(struct sysctllog **); 334 335 void 336 arp_init(void) 337 { 338 339 sysctl_net_inet_arp_setup(NULL); 340 arpstat_percpu = percpu_alloc(sizeof(uint64_t) * ARP_NSTATS); 341 } 342 343 static void 344 arp_drainstub(void) 345 { 346 arp_drainwanted = 1; 347 } 348 349 /* 350 * ARP protocol drain routine. Called when memory is in short supply. 351 * Called at splvm(); don't acquire softnet_lock as can be called from 352 * hardware interrupt handlers. 353 */ 354 void 355 arp_drain(void) 356 { 357 struct llinfo_arp *la, *nla; 358 int count = 0; 359 struct mbuf *mold; 360 361 KERNEL_LOCK(1, NULL); 362 363 if (arp_lock_try(0) == 0) { 364 KERNEL_UNLOCK_ONE(NULL); 365 return; 366 } 367 368 for (la = LIST_FIRST(&llinfo_arp); la != NULL; la = nla) { 369 nla = LIST_NEXT(la, la_list); 370 371 mold = la->la_hold; 372 la->la_hold = 0; 373 374 if (mold) { 375 m_freem(mold); 376 count++; 377 } 378 } 379 ARP_UNLOCK(); 380 ARP_STATADD(ARP_STAT_DFRDROPPED, count); 381 KERNEL_UNLOCK_ONE(NULL); 382 } 383 384 385 /* 386 * Timeout routine. Age arp_tab entries periodically. 387 */ 388 /* ARGSUSED */ 389 static void 390 arptimer(void *arg) 391 { 392 struct llinfo_arp *la, *nla; 393 394 mutex_enter(softnet_lock); 395 KERNEL_LOCK(1, NULL); 396 397 if (arp_lock_try(0) == 0) { 398 /* get it later.. */ 399 KERNEL_UNLOCK_ONE(NULL); 400 mutex_exit(softnet_lock); 401 return; 402 } 403 404 callout_reset(&arptimer_ch, arpt_prune * hz, arptimer, NULL); 405 for (la = LIST_FIRST(&llinfo_arp); la != NULL; la = nla) { 406 struct rtentry *rt = la->la_rt; 407 408 nla = LIST_NEXT(la, la_list); 409 if (rt->rt_expire == 0) 410 continue; 411 if ((rt->rt_expire - time_second) < arpt_refresh && 412 rt->rt_pksent > (time_second - arpt_keep)) { 413 /* 414 * If the entry has been used during since last 415 * refresh, try to renew it before deleting. 416 */ 417 arprequest(rt->rt_ifp, 418 &satocsin(rt->rt_ifa->ifa_addr)->sin_addr, 419 &satocsin(rt_getkey(rt))->sin_addr, 420 CLLADDR(rt->rt_ifp->if_sadl)); 421 } else if (rt->rt_expire <= time_second) 422 arptfree(la); /* timer has expired; clear */ 423 } 424 425 ARP_UNLOCK(); 426 427 KERNEL_UNLOCK_ONE(NULL); 428 mutex_exit(softnet_lock); 429 } 430 431 /* 432 * We set the gateway for RTF_CLONING routes to a "prototype" 433 * link-layer sockaddr whose interface type (if_type) and interface 434 * index (if_index) fields are prepared. 435 */ 436 static struct sockaddr * 437 arp_setgate(struct rtentry *rt, struct sockaddr *gate, 438 const struct sockaddr *netmask) 439 { 440 const struct ifnet *ifp = rt->rt_ifp; 441 uint8_t namelen = strlen(ifp->if_xname); 442 uint8_t addrlen = ifp->if_addrlen; 443 444 /* 445 * XXX: If this is a manually added route to interface 446 * such as older version of routed or gated might provide, 447 * restore cloning bit. 448 */ 449 if ((rt->rt_flags & RTF_HOST) == 0 && netmask != NULL && 450 satocsin(netmask)->sin_addr.s_addr != 0xffffffff) 451 rt->rt_flags |= RTF_CLONING; 452 if (rt->rt_flags & RTF_CLONING) { 453 union { 454 struct sockaddr sa; 455 struct sockaddr_storage ss; 456 struct sockaddr_dl sdl; 457 } u; 458 /* 459 * Case 1: This route should come from a route to iface. 460 */ 461 sockaddr_dl_init(&u.sdl, sizeof(u.ss), 462 ifp->if_index, ifp->if_type, NULL, namelen, NULL, addrlen); 463 rt_setgate(rt, &u.sa); 464 gate = rt->rt_gateway; 465 } 466 return gate; 467 } 468 469 /* 470 * Parallel to llc_rtrequest. 471 */ 472 void 473 arp_rtrequest(int req, struct rtentry *rt, const struct rt_addrinfo *info) 474 { 475 struct sockaddr *gate = rt->rt_gateway; 476 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 477 size_t allocsize; 478 struct mbuf *mold; 479 int s; 480 struct in_ifaddr *ia; 481 struct ifaddr *ifa; 482 struct ifnet *ifp = rt->rt_ifp; 483 484 if (!arpinit_done) { 485 arpinit_done = 1; 486 /* 487 * We generate expiration times from time_second 488 * so avoid accidentally creating permanent routes. 489 */ 490 if (time_second == 0) { 491 struct timespec ts; 492 ts.tv_sec = 1; 493 ts.tv_nsec = 0; 494 tc_setclock(&ts); 495 } 496 callout_init(&arptimer_ch, CALLOUT_MPSAFE); 497 callout_reset(&arptimer_ch, hz, arptimer, NULL); 498 } 499 500 if (req == RTM_LLINFO_UPD) { 501 struct in_addr *in; 502 503 if ((ifa = info->rti_ifa) == NULL) 504 return; 505 506 in = &ifatoia(ifa)->ia_addr.sin_addr; 507 508 arprequest(ifa->ifa_ifp, in, in, 509 CLLADDR(ifa->ifa_ifp->if_sadl)); 510 return; 511 } 512 513 if ((rt->rt_flags & RTF_GATEWAY) != 0) { 514 if (req != RTM_ADD) 515 return; 516 517 /* 518 * linklayers with particular link MTU limitation. 519 */ 520 switch(ifp->if_type) { 521 #if NFDDI > 0 522 case IFT_FDDI: 523 if (ifp->if_mtu > FDDIIPMTU) 524 rt->rt_rmx.rmx_mtu = FDDIIPMTU; 525 break; 526 #endif 527 #if NARC > 0 528 case IFT_ARCNET: 529 { 530 int arcipifmtu; 531 532 if (ifp->if_flags & IFF_LINK0) 533 arcipifmtu = arc_ipmtu; 534 else 535 arcipifmtu = ARCMTU; 536 if (ifp->if_mtu > arcipifmtu) 537 rt->rt_rmx.rmx_mtu = arcipifmtu; 538 break; 539 } 540 #endif 541 } 542 return; 543 } 544 545 ARP_LOCK(1); /* we may already be locked here. */ 546 547 switch (req) { 548 case RTM_SETGATE: 549 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]); 550 break; 551 case RTM_ADD: 552 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]); 553 if (rt->rt_flags & RTF_CLONING) { 554 /* 555 * Give this route an expiration time, even though 556 * it's a "permanent" route, so that routes cloned 557 * from it do not need their expiration time set. 558 */ 559 rt->rt_expire = time_second; 560 /* 561 * linklayers with particular link MTU limitation. 562 */ 563 switch (ifp->if_type) { 564 #if NFDDI > 0 565 case IFT_FDDI: 566 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 && 567 (rt->rt_rmx.rmx_mtu > FDDIIPMTU || 568 (rt->rt_rmx.rmx_mtu == 0 && 569 ifp->if_mtu > FDDIIPMTU))) 570 rt->rt_rmx.rmx_mtu = FDDIIPMTU; 571 break; 572 #endif 573 #if NARC > 0 574 case IFT_ARCNET: 575 { 576 int arcipifmtu; 577 if (ifp->if_flags & IFF_LINK0) 578 arcipifmtu = arc_ipmtu; 579 else 580 arcipifmtu = ARCMTU; 581 582 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 && 583 (rt->rt_rmx.rmx_mtu > arcipifmtu || 584 (rt->rt_rmx.rmx_mtu == 0 && 585 ifp->if_mtu > arcipifmtu))) 586 rt->rt_rmx.rmx_mtu = arcipifmtu; 587 break; 588 } 589 #endif 590 } 591 break; 592 } 593 /* Announce a new entry if requested. */ 594 if (rt->rt_flags & RTF_ANNOUNCE) { 595 arprequest(ifp, 596 &satocsin(rt_getkey(rt))->sin_addr, 597 &satocsin(rt_getkey(rt))->sin_addr, 598 CLLADDR(satocsdl(gate))); 599 } 600 /*FALLTHROUGH*/ 601 case RTM_RESOLVE: 602 if (gate->sa_family != AF_LINK || 603 gate->sa_len < sockaddr_dl_measure(0, ifp->if_addrlen)) { 604 log(LOG_DEBUG, "arp_rtrequest: bad gateway value\n"); 605 break; 606 } 607 satosdl(gate)->sdl_type = ifp->if_type; 608 satosdl(gate)->sdl_index = ifp->if_index; 609 if (la != NULL) 610 break; /* This happens on a route change */ 611 /* 612 * Case 2: This route may come from cloning, or a manual route 613 * add with a LL address. 614 */ 615 switch (ifp->if_type) { 616 #if NTOKEN > 0 617 case IFT_ISO88025: 618 allocsize = sizeof(*la) + sizeof(struct token_rif); 619 break; 620 #endif /* NTOKEN > 0 */ 621 default: 622 allocsize = sizeof(*la); 623 } 624 R_Malloc(la, struct llinfo_arp *, allocsize); 625 rt->rt_llinfo = (void *)la; 626 if (la == NULL) { 627 log(LOG_DEBUG, "arp_rtrequest: malloc failed\n"); 628 break; 629 } 630 arp_inuse++, arp_allocated++; 631 memset(la, 0, allocsize); 632 la->la_rt = rt; 633 rt->rt_flags |= RTF_LLINFO; 634 LIST_INSERT_HEAD(&llinfo_arp, la, la_list); 635 636 INADDR_TO_IA(satocsin(rt_getkey(rt))->sin_addr, ia); 637 while (ia && ia->ia_ifp != ifp) 638 NEXT_IA_WITH_SAME_ADDR(ia); 639 if (ia) { 640 /* 641 * This test used to be 642 * if (lo0ifp->if_flags & IFF_UP) 643 * It allowed local traffic to be forced through 644 * the hardware by configuring the loopback down. 645 * However, it causes problems during network 646 * configuration for boards that can't receive 647 * packets they send. It is now necessary to clear 648 * "useloopback" and remove the route to force 649 * traffic out to the hardware. 650 * 651 * In 4.4BSD, the above "if" statement checked 652 * rt->rt_ifa against rt_getkey(rt). It was changed 653 * to the current form so that we can provide a 654 * better support for multiple IPv4 addresses on a 655 * interface. 656 */ 657 rt->rt_expire = 0; 658 if (sockaddr_dl_init(satosdl(gate), gate->sa_len, 659 ifp->if_index, ifp->if_type, NULL, 0, 660 CLLADDR(ifp->if_sadl), ifp->if_addrlen) == NULL) { 661 panic("%s(%s): sockaddr_dl_init cannot fail", 662 __func__, ifp->if_xname); 663 } 664 if (useloopback) 665 ifp = rt->rt_ifp = lo0ifp; 666 /* 667 * make sure to set rt->rt_ifa to the interface 668 * address we are using, otherwise we will have trouble 669 * with source address selection. 670 */ 671 ifa = &ia->ia_ifa; 672 if (ifa != rt->rt_ifa) 673 rt_replace_ifa(rt, ifa); 674 } 675 break; 676 677 case RTM_DELETE: 678 if (la == NULL) 679 break; 680 arp_inuse--; 681 LIST_REMOVE(la, la_list); 682 rt->rt_llinfo = NULL; 683 rt->rt_flags &= ~RTF_LLINFO; 684 685 s = splnet(); 686 mold = la->la_hold; 687 la->la_hold = 0; 688 splx(s); 689 690 if (mold) 691 m_freem(mold); 692 693 Free((void *)la); 694 } 695 ARP_UNLOCK(); 696 } 697 698 /* 699 * Broadcast an ARP request. Caller specifies: 700 * - arp header source ip address 701 * - arp header target ip address 702 * - arp header source ethernet address 703 */ 704 void 705 arprequest(struct ifnet *ifp, 706 const struct in_addr *sip, const struct in_addr *tip, 707 const u_int8_t *enaddr) 708 { 709 struct mbuf *m; 710 struct arphdr *ah; 711 struct sockaddr sa; 712 uint64_t *arps; 713 714 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 715 return; 716 MCLAIM(m, &arpdomain.dom_mowner); 717 switch (ifp->if_type) { 718 case IFT_IEEE1394: 719 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) + 720 ifp->if_addrlen; 721 break; 722 default: 723 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) + 724 2 * ifp->if_addrlen; 725 break; 726 } 727 m->m_pkthdr.len = m->m_len; 728 MH_ALIGN(m, m->m_len); 729 ah = mtod(m, struct arphdr *); 730 memset(ah, 0, m->m_len); 731 switch (ifp->if_type) { 732 case IFT_IEEE1394: /* RFC2734 */ 733 /* fill it now for ar_tpa computation */ 734 ah->ar_hrd = htons(ARPHRD_IEEE1394); 735 break; 736 default: 737 /* ifp->if_output will fill ar_hrd */ 738 break; 739 } 740 ah->ar_pro = htons(ETHERTYPE_IP); 741 ah->ar_hln = ifp->if_addrlen; /* hardware address length */ 742 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */ 743 ah->ar_op = htons(ARPOP_REQUEST); 744 memcpy(ar_sha(ah), enaddr, ah->ar_hln); 745 memcpy(ar_spa(ah), sip, ah->ar_pln); 746 memcpy(ar_tpa(ah), tip, ah->ar_pln); 747 sa.sa_family = AF_ARP; 748 sa.sa_len = 2; 749 m->m_flags |= M_BCAST; 750 arps = ARP_STAT_GETREF(); 751 arps[ARP_STAT_SNDTOTAL]++; 752 arps[ARP_STAT_SENDREQUEST]++; 753 ARP_STAT_PUTREF(); 754 (*ifp->if_output)(ifp, m, &sa, NULL); 755 } 756 757 /* 758 * Resolve an IP address into an ethernet address. If success, 759 * desten is filled in. If there is no entry in arptab, 760 * set one up and broadcast a request for the IP address. 761 * Hold onto this mbuf and resend it once the address 762 * is finally resolved. A return value of 1 indicates 763 * that desten has been filled in and the packet should be sent 764 * normally; a 0 return indicates that the packet has been 765 * taken over here, either now or for later transmission. 766 */ 767 int 768 arpresolve(struct ifnet *ifp, struct rtentry *rt, struct mbuf *m, 769 const struct sockaddr *dst, u_char *desten) 770 { 771 struct llinfo_arp *la; 772 const struct sockaddr_dl *sdl; 773 struct mbuf *mold; 774 int s; 775 776 if ((la = arplookup1(m, &satocsin(dst)->sin_addr, 1, 0, rt)) != NULL) 777 rt = la->la_rt; 778 779 if (la == NULL || rt == NULL) { 780 ARP_STATINC(ARP_STAT_ALLOCFAIL); 781 log(LOG_DEBUG, 782 "arpresolve: can't allocate llinfo on %s for %s\n", 783 ifp->if_xname, in_fmtaddr(satocsin(dst)->sin_addr)); 784 m_freem(m); 785 return 0; 786 } 787 sdl = satocsdl(rt->rt_gateway); 788 /* 789 * Check the address family and length is valid, the address 790 * is resolved; otherwise, try to resolve. 791 */ 792 if ((rt->rt_expire == 0 || rt->rt_expire > time_second) && 793 sdl->sdl_family == AF_LINK && sdl->sdl_alen != 0) { 794 memcpy(desten, CLLADDR(sdl), 795 min(sdl->sdl_alen, ifp->if_addrlen)); 796 rt->rt_pksent = time_second; /* Time for last pkt sent */ 797 return 1; 798 } 799 /* 800 * There is an arptab entry, but no ethernet address 801 * response yet. Replace the held mbuf with this 802 * latest one. 803 */ 804 805 ARP_STATINC(ARP_STAT_DFRTOTAL); 806 s = splnet(); 807 mold = la->la_hold; 808 la->la_hold = m; 809 splx(s); 810 811 if (mold) { 812 ARP_STATINC(ARP_STAT_DFRDROPPED); 813 m_freem(mold); 814 } 815 816 /* 817 * Re-send the ARP request when appropriate. 818 */ 819 #ifdef DIAGNOSTIC 820 if (rt->rt_expire == 0) { 821 /* This should never happen. (Should it? -gwr) */ 822 printf("arpresolve: unresolved and rt_expire == 0\n"); 823 /* Set expiration time to now (expired). */ 824 rt->rt_expire = time_second; 825 } 826 #endif 827 if (rt->rt_expire) { 828 rt->rt_flags &= ~RTF_REJECT; 829 if (la->la_asked == 0 || rt->rt_expire != time_second) { 830 rt->rt_expire = time_second; 831 if (la->la_asked++ < arp_maxtries) { 832 arprequest(ifp, 833 &satocsin(rt->rt_ifa->ifa_addr)->sin_addr, 834 &satocsin(dst)->sin_addr, 835 #if NCARP > 0 836 (rt->rt_ifp->if_type == IFT_CARP) ? 837 CLLADDR(rt->rt_ifp->if_sadl): 838 #endif 839 CLLADDR(ifp->if_sadl)); 840 } else { 841 rt->rt_flags |= RTF_REJECT; 842 rt->rt_expire += arpt_down; 843 la->la_asked = 0; 844 } 845 } 846 } 847 return 0; 848 } 849 850 /* 851 * Common length and type checks are done here, 852 * then the protocol-specific routine is called. 853 */ 854 void 855 arpintr(void) 856 { 857 struct mbuf *m; 858 struct arphdr *ar; 859 int s; 860 int arplen; 861 862 mutex_enter(softnet_lock); 863 KERNEL_LOCK(1, NULL); 864 while (arpintrq.ifq_head) { 865 s = splnet(); 866 IF_DEQUEUE(&arpintrq, m); 867 splx(s); 868 if (m == 0 || (m->m_flags & M_PKTHDR) == 0) 869 panic("arpintr"); 870 871 MCLAIM(m, &arpdomain.dom_mowner); 872 ARP_STATINC(ARP_STAT_RCVTOTAL); 873 874 /* 875 * First, make sure we have at least struct arphdr. 876 */ 877 if (m->m_len < sizeof(struct arphdr) || 878 (ar = mtod(m, struct arphdr *)) == NULL) 879 goto badlen; 880 881 switch (m->m_pkthdr.rcvif->if_type) { 882 case IFT_IEEE1394: 883 arplen = sizeof(struct arphdr) + 884 ar->ar_hln + 2 * ar->ar_pln; 885 break; 886 default: 887 arplen = sizeof(struct arphdr) + 888 2 * ar->ar_hln + 2 * ar->ar_pln; 889 break; 890 } 891 892 if (/* XXX ntohs(ar->ar_hrd) == ARPHRD_ETHER && */ 893 m->m_len >= arplen) 894 switch (ntohs(ar->ar_pro)) { 895 case ETHERTYPE_IP: 896 case ETHERTYPE_IPTRAILERS: 897 in_arpinput(m); 898 continue; 899 default: 900 ARP_STATINC(ARP_STAT_RCVBADPROTO); 901 } 902 else { 903 badlen: 904 ARP_STATINC(ARP_STAT_RCVBADLEN); 905 } 906 m_freem(m); 907 } 908 KERNEL_UNLOCK_ONE(NULL); 909 mutex_exit(softnet_lock); 910 } 911 912 /* 913 * ARP for Internet protocols on 10 Mb/s Ethernet. 914 * Algorithm is that given in RFC 826. 915 * In addition, a sanity check is performed on the sender 916 * protocol address, to catch impersonators. 917 * We no longer handle negotiations for use of trailer protocol: 918 * Formerly, ARP replied for protocol type ETHERTYPE_TRAIL sent 919 * along with IP replies if we wanted trailers sent to us, 920 * and also sent them in response to IP replies. 921 * This allowed either end to announce the desire to receive 922 * trailer packets. 923 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either, 924 * but formerly didn't normally send requests. 925 */ 926 static void 927 in_arpinput(struct mbuf *m) 928 { 929 struct arphdr *ah; 930 struct ifnet *ifp = m->m_pkthdr.rcvif; 931 struct llinfo_arp *la = NULL; 932 struct rtentry *rt; 933 struct in_ifaddr *ia; 934 #if NBRIDGE > 0 935 struct in_ifaddr *bridge_ia = NULL; 936 #endif 937 #if NCARP > 0 938 u_int32_t count = 0, index = 0; 939 #endif 940 struct sockaddr_dl *sdl; 941 struct sockaddr sa; 942 struct in_addr isaddr, itaddr, myaddr; 943 int op; 944 struct mbuf *mold; 945 void *tha; 946 int s; 947 uint64_t *arps; 948 949 if (__predict_false(m_makewritable(&m, 0, m->m_pkthdr.len, M_DONTWAIT))) 950 goto out; 951 ah = mtod(m, struct arphdr *); 952 op = ntohs(ah->ar_op); 953 954 /* 955 * Fix up ah->ar_hrd if necessary, before using ar_tha() or 956 * ar_tpa(). 957 */ 958 switch (ifp->if_type) { 959 case IFT_IEEE1394: 960 if (ntohs(ah->ar_hrd) == ARPHRD_IEEE1394) 961 ; 962 else { 963 /* XXX this is to make sure we compute ar_tha right */ 964 /* XXX check ar_hrd more strictly? */ 965 ah->ar_hrd = htons(ARPHRD_IEEE1394); 966 } 967 break; 968 default: 969 /* XXX check ar_hrd? */ 970 break; 971 } 972 973 memcpy(&isaddr, ar_spa(ah), sizeof (isaddr)); 974 memcpy(&itaddr, ar_tpa(ah), sizeof (itaddr)); 975 976 if (m->m_flags & (M_BCAST|M_MCAST)) 977 ARP_STATINC(ARP_STAT_RCVMCAST); 978 979 /* 980 * If the target IP address is zero, ignore the packet. 981 * This prevents the code below from tring to answer 982 * when we are using IP address zero (booting). 983 */ 984 if (in_nullhost(itaddr)) { 985 ARP_STATINC(ARP_STAT_RCVZEROTPA); 986 goto out; 987 } 988 989 990 /* 991 * Search for a matching interface address 992 * or any address on the interface to use 993 * as a dummy address in the rest of this function 994 */ 995 996 INADDR_TO_IA(itaddr, ia); 997 while (ia != NULL) { 998 #if NCARP > 0 999 if (ia->ia_ifp->if_type == IFT_CARP && 1000 ((ia->ia_ifp->if_flags & (IFF_UP|IFF_RUNNING)) == 1001 (IFF_UP|IFF_RUNNING))) { 1002 index++; 1003 if (ia->ia_ifp == m->m_pkthdr.rcvif && 1004 carp_iamatch(ia, ar_sha(ah), 1005 &count, index)) { 1006 break; 1007 } 1008 } else 1009 #endif 1010 if (ia->ia_ifp == m->m_pkthdr.rcvif) 1011 break; 1012 #if NBRIDGE > 0 1013 /* 1014 * If the interface we received the packet on 1015 * is part of a bridge, check to see if we need 1016 * to "bridge" the packet to ourselves at this 1017 * layer. Note we still prefer a perfect match, 1018 * but allow this weaker match if necessary. 1019 */ 1020 if (m->m_pkthdr.rcvif->if_bridge != NULL && 1021 m->m_pkthdr.rcvif->if_bridge == ia->ia_ifp->if_bridge) 1022 bridge_ia = ia; 1023 #endif /* NBRIDGE > 0 */ 1024 1025 NEXT_IA_WITH_SAME_ADDR(ia); 1026 } 1027 1028 #if NBRIDGE > 0 1029 if (ia == NULL && bridge_ia != NULL) { 1030 ia = bridge_ia; 1031 ifp = bridge_ia->ia_ifp; 1032 } 1033 #endif 1034 1035 if (ia == NULL) { 1036 INADDR_TO_IA(isaddr, ia); 1037 while ((ia != NULL) && ia->ia_ifp != m->m_pkthdr.rcvif) 1038 NEXT_IA_WITH_SAME_ADDR(ia); 1039 1040 if (ia == NULL) { 1041 IFP_TO_IA(ifp, ia); 1042 if (ia == NULL) { 1043 ARP_STATINC(ARP_STAT_RCVNOINT); 1044 goto out; 1045 } 1046 } 1047 } 1048 1049 myaddr = ia->ia_addr.sin_addr; 1050 1051 /* XXX checks for bridge case? */ 1052 if (!memcmp(ar_sha(ah), CLLADDR(ifp->if_sadl), ifp->if_addrlen)) { 1053 ARP_STATINC(ARP_STAT_RCVLOCALSHA); 1054 goto out; /* it's from me, ignore it. */ 1055 } 1056 1057 /* XXX checks for bridge case? */ 1058 if (!memcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) { 1059 ARP_STATINC(ARP_STAT_RCVBCASTSHA); 1060 log(LOG_ERR, 1061 "%s: arp: link address is broadcast for IP address %s!\n", 1062 ifp->if_xname, in_fmtaddr(isaddr)); 1063 goto out; 1064 } 1065 1066 /* 1067 * If the source IP address is zero, this is an RFC 5227 ARP probe 1068 */ 1069 if (in_nullhost(isaddr)) { 1070 ARP_STATINC(ARP_STAT_RCVZEROSPA); 1071 goto reply; 1072 } 1073 1074 if (in_hosteq(isaddr, myaddr)) { 1075 ARP_STATINC(ARP_STAT_RCVLOCALSPA); 1076 log(LOG_ERR, 1077 "duplicate IP address %s sent from link address %s\n", 1078 in_fmtaddr(isaddr), lla_snprintf(ar_sha(ah), ah->ar_hln)); 1079 itaddr = myaddr; 1080 goto reply; 1081 } 1082 la = arplookup(m, &isaddr, in_hosteq(itaddr, myaddr), 0); 1083 if (la != NULL && (rt = la->la_rt) && (sdl = satosdl(rt->rt_gateway))) { 1084 if (sdl->sdl_alen && 1085 memcmp(ar_sha(ah), CLLADDR(sdl), sdl->sdl_alen)) { 1086 if (rt->rt_flags & RTF_STATIC) { 1087 ARP_STATINC(ARP_STAT_RCVOVERPERM); 1088 log(LOG_INFO, 1089 "%s tried to overwrite permanent arp info" 1090 " for %s\n", 1091 lla_snprintf(ar_sha(ah), ah->ar_hln), 1092 in_fmtaddr(isaddr)); 1093 goto out; 1094 } else if (rt->rt_ifp != ifp) { 1095 ARP_STATINC(ARP_STAT_RCVOVERINT); 1096 log(LOG_INFO, 1097 "%s on %s tried to overwrite " 1098 "arp info for %s on %s\n", 1099 lla_snprintf(ar_sha(ah), ah->ar_hln), 1100 ifp->if_xname, in_fmtaddr(isaddr), 1101 rt->rt_ifp->if_xname); 1102 goto out; 1103 } else { 1104 ARP_STATINC(ARP_STAT_RCVOVER); 1105 log(LOG_INFO, 1106 "arp info overwritten for %s by %s\n", 1107 in_fmtaddr(isaddr), 1108 lla_snprintf(ar_sha(ah), ah->ar_hln)); 1109 } 1110 } 1111 /* 1112 * sanity check for the address length. 1113 * XXX this does not work for protocols with variable address 1114 * length. -is 1115 */ 1116 if (sdl->sdl_alen && 1117 sdl->sdl_alen != ah->ar_hln) { 1118 ARP_STATINC(ARP_STAT_RCVLENCHG); 1119 log(LOG_WARNING, 1120 "arp from %s: new addr len %d, was %d\n", 1121 in_fmtaddr(isaddr), ah->ar_hln, sdl->sdl_alen); 1122 } 1123 if (ifp->if_addrlen != ah->ar_hln) { 1124 ARP_STATINC(ARP_STAT_RCVBADLEN); 1125 log(LOG_WARNING, 1126 "arp from %s: addr len: new %d, i/f %d (ignored)\n", 1127 in_fmtaddr(isaddr), ah->ar_hln, 1128 ifp->if_addrlen); 1129 goto reply; 1130 } 1131 #if NTOKEN > 0 1132 /* 1133 * XXX uses m_data and assumes the complete answer including 1134 * XXX token-ring headers is in the same buf 1135 */ 1136 if (ifp->if_type == IFT_ISO88025) { 1137 struct token_header *trh; 1138 1139 trh = (struct token_header *)M_TRHSTART(m); 1140 if (trh->token_shost[0] & TOKEN_RI_PRESENT) { 1141 struct token_rif *rif; 1142 size_t riflen; 1143 1144 rif = TOKEN_RIF(trh); 1145 riflen = (ntohs(rif->tr_rcf) & 1146 TOKEN_RCF_LEN_MASK) >> 8; 1147 1148 if (riflen > 2 && 1149 riflen < sizeof(struct token_rif) && 1150 (riflen & 1) == 0) { 1151 rif->tr_rcf ^= htons(TOKEN_RCF_DIRECTION); 1152 rif->tr_rcf &= htons(~TOKEN_RCF_BROADCAST_MASK); 1153 memcpy(TOKEN_RIF(la), rif, riflen); 1154 } 1155 } 1156 } 1157 #endif /* NTOKEN > 0 */ 1158 (void)sockaddr_dl_setaddr(sdl, sdl->sdl_len, ar_sha(ah), 1159 ah->ar_hln); 1160 if (rt->rt_expire) 1161 rt->rt_expire = time_second + arpt_keep; 1162 rt->rt_flags &= ~RTF_REJECT; 1163 la->la_asked = 0; 1164 1165 s = splnet(); 1166 mold = la->la_hold; 1167 la->la_hold = 0; 1168 splx(s); 1169 1170 if (mold) { 1171 ARP_STATINC(ARP_STAT_DFRSENT); 1172 (*ifp->if_output)(ifp, mold, rt_getkey(rt), rt); 1173 } 1174 } 1175 reply: 1176 if (op != ARPOP_REQUEST) { 1177 if (op == ARPOP_REPLY) 1178 ARP_STATINC(ARP_STAT_RCVREPLY); 1179 out: 1180 m_freem(m); 1181 return; 1182 } 1183 ARP_STATINC(ARP_STAT_RCVREQUEST); 1184 if (in_hosteq(itaddr, myaddr)) { 1185 /* I am the target */ 1186 tha = ar_tha(ah); 1187 if (tha) 1188 memcpy(tha, ar_sha(ah), ah->ar_hln); 1189 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln); 1190 } else { 1191 la = arplookup(m, &itaddr, 0, SIN_PROXY); 1192 if (la == NULL) 1193 goto out; 1194 rt = la->la_rt; 1195 if (rt->rt_ifp->if_type == IFT_CARP && 1196 m->m_pkthdr.rcvif->if_type != IFT_CARP) 1197 goto out; 1198 tha = ar_tha(ah); 1199 if (tha) 1200 memcpy(tha, ar_sha(ah), ah->ar_hln); 1201 sdl = satosdl(rt->rt_gateway); 1202 memcpy(ar_sha(ah), CLLADDR(sdl), ah->ar_hln); 1203 } 1204 1205 memcpy(ar_tpa(ah), ar_spa(ah), ah->ar_pln); 1206 memcpy(ar_spa(ah), &itaddr, ah->ar_pln); 1207 ah->ar_op = htons(ARPOP_REPLY); 1208 ah->ar_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 1209 switch (ifp->if_type) { 1210 case IFT_IEEE1394: 1211 /* 1212 * ieee1394 arp reply is broadcast 1213 */ 1214 m->m_flags &= ~M_MCAST; 1215 m->m_flags |= M_BCAST; 1216 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + ah->ar_hln; 1217 break; 1218 1219 default: 1220 m->m_flags &= ~(M_BCAST|M_MCAST); /* never reply by broadcast */ 1221 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + (2 * ah->ar_hln); 1222 break; 1223 } 1224 m->m_pkthdr.len = m->m_len; 1225 sa.sa_family = AF_ARP; 1226 sa.sa_len = 2; 1227 arps = ARP_STAT_GETREF(); 1228 arps[ARP_STAT_SNDTOTAL]++; 1229 arps[ARP_STAT_SNDREPLY]++; 1230 ARP_STAT_PUTREF(); 1231 (*ifp->if_output)(ifp, m, &sa, (struct rtentry *)0); 1232 return; 1233 } 1234 1235 /* 1236 * Free an arp entry. 1237 */ 1238 static void arptfree(struct llinfo_arp *la) 1239 { 1240 struct rtentry *rt = la->la_rt; 1241 struct sockaddr_dl *sdl; 1242 1243 ARP_LOCK_CHECK(); 1244 1245 if (rt == NULL) 1246 panic("arptfree"); 1247 if (rt->rt_refcnt > 0 && (sdl = satosdl(rt->rt_gateway)) && 1248 sdl->sdl_family == AF_LINK) { 1249 sdl->sdl_alen = 0; 1250 la->la_asked = 0; 1251 rt->rt_flags &= ~RTF_REJECT; 1252 return; 1253 } 1254 rtrequest(RTM_DELETE, rt_getkey(rt), NULL, rt_mask(rt), 0, NULL); 1255 } 1256 1257 static struct llinfo_arp * 1258 arplookup(struct mbuf *m, const struct in_addr *addr, int create, int proxy) 1259 { 1260 return arplookup1(m, addr, create, proxy, NULL); 1261 } 1262 1263 /* 1264 * Lookup or enter a new address in arptab. 1265 */ 1266 static struct llinfo_arp * 1267 arplookup1(struct mbuf *m, const struct in_addr *addr, int create, int proxy, 1268 struct rtentry *rt0) 1269 { 1270 struct arphdr *ah; 1271 struct ifnet *ifp = m->m_pkthdr.rcvif; 1272 struct rtentry *rt; 1273 struct sockaddr_inarp sin; 1274 const char *why = NULL; 1275 1276 ah = mtod(m, struct arphdr *); 1277 if (rt0 == NULL) { 1278 memset(&sin, 0, sizeof(sin)); 1279 sin.sin_len = sizeof(sin); 1280 sin.sin_family = AF_INET; 1281 sin.sin_addr = *addr; 1282 sin.sin_other = proxy ? SIN_PROXY : 0; 1283 rt = rtalloc1(sintosa(&sin), create); 1284 if (rt == NULL) 1285 return NULL; 1286 rt->rt_refcnt--; 1287 } else 1288 rt = rt0; 1289 1290 #define IS_LLINFO(__rt) \ 1291 (((__rt)->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) == RTF_LLINFO && \ 1292 (__rt)->rt_gateway->sa_family == AF_LINK) 1293 1294 1295 if (IS_LLINFO(rt)) 1296 return (struct llinfo_arp *)rt->rt_llinfo; 1297 1298 if (create) { 1299 if (rt->rt_flags & RTF_GATEWAY) 1300 why = "host is not on local network"; 1301 else if ((rt->rt_flags & RTF_LLINFO) == 0) { 1302 ARP_STATINC(ARP_STAT_ALLOCFAIL); 1303 why = "could not allocate llinfo"; 1304 } else 1305 why = "gateway route is not ours"; 1306 log(LOG_DEBUG, "arplookup: unable to enter address" 1307 " for %s@%s on %s (%s)\n", 1308 in_fmtaddr(*addr), lla_snprintf(ar_sha(ah), ah->ar_hln), 1309 (ifp) ? ifp->if_xname : "null", why); 1310 if (rt->rt_refcnt <= 0 && (rt->rt_flags & RTF_CLONED) != 0) { 1311 rtrequest(RTM_DELETE, rt_getkey(rt), 1312 rt->rt_gateway, rt_mask(rt), rt->rt_flags, NULL); 1313 } 1314 } 1315 return NULL; 1316 } 1317 1318 int 1319 arpioctl(u_long cmd, void *data) 1320 { 1321 1322 return EOPNOTSUPP; 1323 } 1324 1325 void 1326 arp_ifinit(struct ifnet *ifp, struct ifaddr *ifa) 1327 { 1328 struct in_addr *ip; 1329 1330 /* 1331 * Warn the user if another station has this IP address, 1332 * but only if the interface IP address is not zero. 1333 */ 1334 ip = &IA_SIN(ifa)->sin_addr; 1335 if (!in_nullhost(*ip)) 1336 arprequest(ifp, ip, ip, CLLADDR(ifp->if_sadl)); 1337 1338 ifa->ifa_rtrequest = arp_rtrequest; 1339 ifa->ifa_flags |= RTF_CLONING; 1340 } 1341 1342 /* 1343 * Called from 10 Mb/s Ethernet interrupt handlers 1344 * when ether packet type ETHERTYPE_REVARP 1345 * is received. Common length and type checks are done here, 1346 * then the protocol-specific routine is called. 1347 */ 1348 void 1349 revarpinput(struct mbuf *m) 1350 { 1351 struct arphdr *ar; 1352 1353 if (m->m_len < sizeof(struct arphdr)) 1354 goto out; 1355 ar = mtod(m, struct arphdr *); 1356 #if 0 /* XXX I don't think we need this... and it will prevent other LL */ 1357 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) 1358 goto out; 1359 #endif 1360 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln)) 1361 goto out; 1362 switch (ntohs(ar->ar_pro)) { 1363 case ETHERTYPE_IP: 1364 case ETHERTYPE_IPTRAILERS: 1365 in_revarpinput(m); 1366 return; 1367 1368 default: 1369 break; 1370 } 1371 out: 1372 m_freem(m); 1373 } 1374 1375 /* 1376 * RARP for Internet protocols on 10 Mb/s Ethernet. 1377 * Algorithm is that given in RFC 903. 1378 * We are only using for bootstrap purposes to get an ip address for one of 1379 * our interfaces. Thus we support no user-interface. 1380 * 1381 * Since the contents of the RARP reply are specific to the interface that 1382 * sent the request, this code must ensure that they are properly associated. 1383 * 1384 * Note: also supports ARP via RARP packets, per the RFC. 1385 */ 1386 void 1387 in_revarpinput(struct mbuf *m) 1388 { 1389 struct ifnet *ifp; 1390 struct arphdr *ah; 1391 void *tha; 1392 int op; 1393 1394 ah = mtod(m, struct arphdr *); 1395 op = ntohs(ah->ar_op); 1396 1397 switch (m->m_pkthdr.rcvif->if_type) { 1398 case IFT_IEEE1394: 1399 /* ARP without target hardware address is not supported */ 1400 goto out; 1401 default: 1402 break; 1403 } 1404 1405 switch (op) { 1406 case ARPOP_REQUEST: 1407 case ARPOP_REPLY: /* per RFC */ 1408 in_arpinput(m); 1409 return; 1410 case ARPOP_REVREPLY: 1411 break; 1412 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 1413 default: 1414 goto out; 1415 } 1416 if (!revarp_in_progress) 1417 goto out; 1418 ifp = m->m_pkthdr.rcvif; 1419 if (ifp != myip_ifp) /* !same interface */ 1420 goto out; 1421 if (myip_initialized) 1422 goto wake; 1423 tha = ar_tha(ah); 1424 if (tha == NULL) 1425 goto out; 1426 if (memcmp(tha, CLLADDR(ifp->if_sadl), ifp->if_sadl->sdl_alen)) 1427 goto out; 1428 memcpy(&srv_ip, ar_spa(ah), sizeof(srv_ip)); 1429 memcpy(&myip, ar_tpa(ah), sizeof(myip)); 1430 myip_initialized = 1; 1431 wake: /* Do wakeup every time in case it was missed. */ 1432 wakeup((void *)&myip); 1433 1434 out: 1435 m_freem(m); 1436 } 1437 1438 /* 1439 * Send a RARP request for the ip address of the specified interface. 1440 * The request should be RFC 903-compliant. 1441 */ 1442 void 1443 revarprequest(struct ifnet *ifp) 1444 { 1445 struct sockaddr sa; 1446 struct mbuf *m; 1447 struct arphdr *ah; 1448 void *tha; 1449 1450 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 1451 return; 1452 MCLAIM(m, &arpdomain.dom_mowner); 1453 m->m_len = sizeof(*ah) + 2*sizeof(struct in_addr) + 1454 2*ifp->if_addrlen; 1455 m->m_pkthdr.len = m->m_len; 1456 MH_ALIGN(m, m->m_len); 1457 ah = mtod(m, struct arphdr *); 1458 memset(ah, 0, m->m_len); 1459 ah->ar_pro = htons(ETHERTYPE_IP); 1460 ah->ar_hln = ifp->if_addrlen; /* hardware address length */ 1461 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */ 1462 ah->ar_op = htons(ARPOP_REVREQUEST); 1463 1464 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln); 1465 tha = ar_tha(ah); 1466 if (tha == NULL) 1467 return; 1468 memcpy(tha, CLLADDR(ifp->if_sadl), ah->ar_hln); 1469 1470 sa.sa_family = AF_ARP; 1471 sa.sa_len = 2; 1472 m->m_flags |= M_BCAST; 1473 (*ifp->if_output)(ifp, m, &sa, NULL); 1474 1475 } 1476 1477 /* 1478 * RARP for the ip address of the specified interface, but also 1479 * save the ip address of the server that sent the answer. 1480 * Timeout if no response is received. 1481 */ 1482 int 1483 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 1484 struct in_addr *clnt_in) 1485 { 1486 int result, count = 20; 1487 1488 myip_initialized = 0; 1489 myip_ifp = ifp; 1490 1491 revarp_in_progress = 1; 1492 while (count--) { 1493 revarprequest(ifp); 1494 result = tsleep((void *)&myip, PSOCK, "revarp", hz/2); 1495 if (result != EWOULDBLOCK) 1496 break; 1497 } 1498 revarp_in_progress = 0; 1499 1500 if (!myip_initialized) 1501 return ENETUNREACH; 1502 1503 memcpy(serv_in, &srv_ip, sizeof(*serv_in)); 1504 memcpy(clnt_in, &myip, sizeof(*clnt_in)); 1505 return 0; 1506 } 1507 1508 1509 1510 #ifdef DDB 1511 1512 #include <machine/db_machdep.h> 1513 #include <ddb/db_interface.h> 1514 #include <ddb/db_output.h> 1515 1516 static void 1517 db_print_sa(const struct sockaddr *sa) 1518 { 1519 int len; 1520 const u_char *p; 1521 1522 if (sa == NULL) { 1523 db_printf("[NULL]"); 1524 return; 1525 } 1526 1527 p = (const u_char *)sa; 1528 len = sa->sa_len; 1529 db_printf("["); 1530 while (len > 0) { 1531 db_printf("%d", *p); 1532 p++; len--; 1533 if (len) db_printf(","); 1534 } 1535 db_printf("]\n"); 1536 } 1537 1538 static void 1539 db_print_ifa(struct ifaddr *ifa) 1540 { 1541 if (ifa == NULL) 1542 return; 1543 db_printf(" ifa_addr="); 1544 db_print_sa(ifa->ifa_addr); 1545 db_printf(" ifa_dsta="); 1546 db_print_sa(ifa->ifa_dstaddr); 1547 db_printf(" ifa_mask="); 1548 db_print_sa(ifa->ifa_netmask); 1549 db_printf(" flags=0x%x,refcnt=%d,metric=%d\n", 1550 ifa->ifa_flags, 1551 ifa->ifa_refcnt, 1552 ifa->ifa_metric); 1553 } 1554 1555 static void 1556 db_print_llinfo(void *li) 1557 { 1558 struct llinfo_arp *la; 1559 1560 if (li == NULL) 1561 return; 1562 la = (struct llinfo_arp *)li; 1563 db_printf(" la_rt=%p la_hold=%p, la_asked=0x%lx\n", 1564 la->la_rt, la->la_hold, la->la_asked); 1565 } 1566 1567 /* 1568 * Function to pass to rt_walktree(). 1569 * Return non-zero error to abort walk. 1570 */ 1571 static int 1572 db_show_rtentry(struct rtentry *rt, void *w) 1573 { 1574 db_printf("rtentry=%p", rt); 1575 1576 db_printf(" flags=0x%x refcnt=%d use=%"PRId64" expire=%"PRId64"\n", 1577 rt->rt_flags, rt->rt_refcnt, 1578 rt->rt_use, (uint64_t)rt->rt_expire); 1579 1580 db_printf(" key="); db_print_sa(rt_getkey(rt)); 1581 db_printf(" mask="); db_print_sa(rt_mask(rt)); 1582 db_printf(" gw="); db_print_sa(rt->rt_gateway); 1583 1584 db_printf(" ifp=%p ", rt->rt_ifp); 1585 if (rt->rt_ifp) 1586 db_printf("(%s)", rt->rt_ifp->if_xname); 1587 else 1588 db_printf("(NULL)"); 1589 1590 db_printf(" ifa=%p\n", rt->rt_ifa); 1591 db_print_ifa(rt->rt_ifa); 1592 1593 db_printf(" gwroute=%p llinfo=%p\n", 1594 rt->rt_gwroute, rt->rt_llinfo); 1595 db_print_llinfo(rt->rt_llinfo); 1596 1597 return 0; 1598 } 1599 1600 /* 1601 * Function to print all the route trees. 1602 * Use this from ddb: "show arptab" 1603 */ 1604 void 1605 db_show_arptab(db_expr_t addr, bool have_addr, 1606 db_expr_t count, const char *modif) 1607 { 1608 rt_walktree(AF_INET, db_show_rtentry, NULL); 1609 } 1610 #endif 1611 1612 static int 1613 sysctl_net_inet_arp_stats(SYSCTLFN_ARGS) 1614 { 1615 1616 return NETSTAT_SYSCTL(arpstat_percpu, ARP_NSTATS); 1617 } 1618 1619 static void 1620 sysctl_net_inet_arp_setup(struct sysctllog **clog) 1621 { 1622 const struct sysctlnode *node; 1623 1624 sysctl_createv(clog, 0, NULL, NULL, 1625 CTLFLAG_PERMANENT, 1626 CTLTYPE_NODE, "net", NULL, 1627 NULL, 0, NULL, 0, 1628 CTL_NET, CTL_EOL); 1629 sysctl_createv(clog, 0, NULL, NULL, 1630 CTLFLAG_PERMANENT, 1631 CTLTYPE_NODE, "inet", NULL, 1632 NULL, 0, NULL, 0, 1633 CTL_NET, PF_INET, CTL_EOL); 1634 sysctl_createv(clog, 0, NULL, &node, 1635 CTLFLAG_PERMANENT, 1636 CTLTYPE_NODE, "arp", 1637 SYSCTL_DESCR("Address Resolution Protocol"), 1638 NULL, 0, NULL, 0, 1639 CTL_NET, PF_INET, CTL_CREATE, CTL_EOL); 1640 1641 sysctl_createv(clog, 0, NULL, NULL, 1642 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1643 CTLTYPE_INT, "prune", 1644 SYSCTL_DESCR("ARP cache pruning interval"), 1645 NULL, 0, &arpt_prune, 0, 1646 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1647 1648 sysctl_createv(clog, 0, NULL, NULL, 1649 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1650 CTLTYPE_INT, "keep", 1651 SYSCTL_DESCR("Valid ARP entry lifetime"), 1652 NULL, 0, &arpt_keep, 0, 1653 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1654 1655 sysctl_createv(clog, 0, NULL, NULL, 1656 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1657 CTLTYPE_INT, "down", 1658 SYSCTL_DESCR("Failed ARP entry lifetime"), 1659 NULL, 0, &arpt_down, 0, 1660 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1661 1662 sysctl_createv(clog, 0, NULL, NULL, 1663 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1664 CTLTYPE_INT, "refresh", 1665 SYSCTL_DESCR("ARP entry refresh interval"), 1666 NULL, 0, &arpt_refresh, 0, 1667 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1668 1669 sysctl_createv(clog, 0, NULL, NULL, 1670 CTLFLAG_PERMANENT, 1671 CTLTYPE_STRUCT, "stats", 1672 SYSCTL_DESCR("ARP statistics"), 1673 sysctl_net_inet_arp_stats, 0, NULL, 0, 1674 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1675 } 1676 1677 #endif /* INET */ 1678