1 /* $NetBSD: if_arp.c,v 1.170 2015/07/15 08:49:15 ozaki-r Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Public Access Networks Corporation ("Panix"). It was developed under 9 * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)if_ether.c 8.2 (Berkeley) 9/26/94 62 */ 63 64 /* 65 * Ethernet address resolution protocol. 66 * TODO: 67 * add "inuse/lock" bit (or ref. count) along with valid bit 68 */ 69 70 #include <sys/cdefs.h> 71 __KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.170 2015/07/15 08:49:15 ozaki-r Exp $"); 72 73 #include "opt_ddb.h" 74 #include "opt_inet.h" 75 76 #ifdef INET 77 78 #include "bridge.h" 79 80 #include <sys/param.h> 81 #include <sys/systm.h> 82 #include <sys/callout.h> 83 #include <sys/malloc.h> 84 #include <sys/mbuf.h> 85 #include <sys/socket.h> 86 #include <sys/time.h> 87 #include <sys/timetc.h> 88 #include <sys/kernel.h> 89 #include <sys/errno.h> 90 #include <sys/ioctl.h> 91 #include <sys/syslog.h> 92 #include <sys/proc.h> 93 #include <sys/protosw.h> 94 #include <sys/domain.h> 95 #include <sys/sysctl.h> 96 #include <sys/socketvar.h> 97 #include <sys/percpu.h> 98 #include <sys/cprng.h> 99 100 #include <net/ethertypes.h> 101 #include <net/if.h> 102 #include <net/if_dl.h> 103 #include <net/if_token.h> 104 #include <net/if_types.h> 105 #include <net/if_ether.h> 106 #include <net/net_osdep.h> 107 #include <net/route.h> 108 #include <net/net_stats.h> 109 110 #include <netinet/in.h> 111 #include <netinet/in_systm.h> 112 #include <netinet/in_var.h> 113 #include <netinet/ip.h> 114 #include <netinet/if_inarp.h> 115 116 #include "arcnet.h" 117 #if NARCNET > 0 118 #include <net/if_arc.h> 119 #endif 120 #include "fddi.h" 121 #if NFDDI > 0 122 #include <net/if_fddi.h> 123 #endif 124 #include "token.h" 125 #include "carp.h" 126 #if NCARP > 0 127 #include <netinet/ip_carp.h> 128 #endif 129 130 #define SIN(s) ((struct sockaddr_in *)s) 131 #define SRP(s) ((struct sockaddr_inarp *)s) 132 133 /* 134 * ARP trailer negotiation. Trailer protocol is not IP specific, 135 * but ARP request/response use IP addresses. 136 */ 137 #define ETHERTYPE_IPTRAILERS ETHERTYPE_TRAIL 138 139 /* timer values */ 140 static int arpt_prune = (5*60*1); /* walk list every 5 minutes */ 141 static int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ 142 static int arpt_down = 20; /* once declared down, don't send for 20 secs */ 143 static int arpt_refresh = (5*60); /* time left before refreshing */ 144 #define rt_expire rt_rmx.rmx_expire 145 #define rt_pksent rt_rmx.rmx_pksent 146 147 int ip_dad_count = PROBE_NUM; 148 #ifdef ARP_DEBUG 149 static int arp_debug = 1; 150 #else 151 static int arp_debug = 0; 152 #endif 153 #define arplog(x) do { if (arp_debug) log x; } while (/*CONSTCOND*/ 0) 154 155 static void arp_init(void); 156 157 static struct sockaddr *arp_setgate(struct rtentry *, struct sockaddr *, 158 const struct sockaddr *); 159 static void arptfree(struct llinfo_arp *); 160 static void arptimer(void *); 161 static struct llinfo_arp *arplookup1(struct mbuf *, const struct in_addr *, 162 int, int, struct rtentry *); 163 static struct llinfo_arp *arplookup(struct mbuf *, const struct in_addr *, 164 int, int); 165 static void in_arpinput(struct mbuf *); 166 static void in_revarpinput(struct mbuf *); 167 static void revarprequest(struct ifnet *); 168 169 static void arp_drainstub(void); 170 171 static void arp_dad_timer(struct ifaddr *); 172 static void arp_dad_start(struct ifaddr *); 173 static void arp_dad_stop(struct ifaddr *); 174 static void arp_dad_duplicated(struct ifaddr *); 175 176 LIST_HEAD(llinfo_arpq, llinfo_arp) llinfo_arp; 177 struct ifqueue arpintrq = { 178 .ifq_head = NULL, 179 .ifq_tail = NULL, 180 .ifq_len = 0, 181 .ifq_maxlen = 50, 182 .ifq_drops = 0, 183 }; 184 static int arp_inuse, arp_allocated; 185 static int arp_maxtries = 5; 186 static int useloopback = 1; /* use loopback interface for local traffic */ 187 static int arpinit_done = 0; 188 189 static percpu_t *arpstat_percpu; 190 191 #define ARP_STAT_GETREF() _NET_STAT_GETREF(arpstat_percpu) 192 #define ARP_STAT_PUTREF() _NET_STAT_PUTREF(arpstat_percpu) 193 194 #define ARP_STATINC(x) _NET_STATINC(arpstat_percpu, x) 195 #define ARP_STATADD(x, v) _NET_STATADD(arpstat_percpu, x, v) 196 197 struct callout arptimer_ch; 198 199 /* revarp state */ 200 static struct in_addr myip, srv_ip; 201 static int myip_initialized = 0; 202 static int revarp_in_progress = 0; 203 static struct ifnet *myip_ifp = NULL; 204 205 #ifdef DDB 206 static void db_print_sa(const struct sockaddr *); 207 static void db_print_ifa(struct ifaddr *); 208 static void db_print_llinfo(void *); 209 static int db_show_rtentry(struct rtentry *, void *); 210 #endif 211 212 static int arp_drainwanted; 213 214 static int log_movements = 1; 215 static int log_permanent_modify = 1; 216 static int log_wrong_iface = 1; 217 static int log_unknown_network = 1; 218 219 /* 220 * this should be elsewhere. 221 */ 222 223 static char * 224 lla_snprintf(u_int8_t *, int); 225 226 static char * 227 lla_snprintf(u_int8_t *adrp, int len) 228 { 229 #define NUMBUFS 3 230 static char buf[NUMBUFS][16*3]; 231 static int bnum = 0; 232 233 int i; 234 char *p; 235 236 p = buf[bnum]; 237 238 *p++ = hexdigits[(*adrp)>>4]; 239 *p++ = hexdigits[(*adrp++)&0xf]; 240 241 for (i=1; i<len && i<16; i++) { 242 *p++ = ':'; 243 *p++ = hexdigits[(*adrp)>>4]; 244 *p++ = hexdigits[(*adrp++)&0xf]; 245 } 246 247 *p = 0; 248 p = buf[bnum]; 249 bnum = (bnum + 1) % NUMBUFS; 250 return p; 251 } 252 253 DOMAIN_DEFINE(arpdomain); /* forward declare and add to link set */ 254 255 static void 256 arp_fasttimo(void) 257 { 258 if (arp_drainwanted) { 259 arp_drain(); 260 arp_drainwanted = 0; 261 } 262 } 263 264 const struct protosw arpsw[] = { 265 { .pr_type = 0, 266 .pr_domain = &arpdomain, 267 .pr_protocol = 0, 268 .pr_flags = 0, 269 .pr_input = 0, 270 .pr_output = 0, 271 .pr_ctlinput = 0, 272 .pr_ctloutput = 0, 273 .pr_usrreqs = 0, 274 .pr_init = arp_init, 275 .pr_fasttimo = arp_fasttimo, 276 .pr_slowtimo = 0, 277 .pr_drain = arp_drainstub, 278 } 279 }; 280 281 struct domain arpdomain = { 282 .dom_family = PF_ARP, 283 .dom_name = "arp", 284 .dom_protosw = arpsw, 285 .dom_protoswNPROTOSW = &arpsw[__arraycount(arpsw)], 286 }; 287 288 /* 289 * ARP table locking. 290 * 291 * to prevent lossage vs. the arp_drain routine (which may be called at 292 * any time, including in a device driver context), we do two things: 293 * 294 * 1) manipulation of la->la_hold is done at splnet() (for all of 295 * about two instructions). 296 * 297 * 2) manipulation of the arp table's linked list is done under the 298 * protection of the ARP_LOCK; if arp_drain() or arptimer is called 299 * while the arp table is locked, we punt and try again later. 300 */ 301 302 static int arp_locked; 303 static inline int arp_lock_try(int); 304 static inline void arp_unlock(void); 305 306 static inline int 307 arp_lock_try(int recurse) 308 { 309 int s; 310 311 /* 312 * Use splvm() -- we're blocking things that would cause 313 * mbuf allocation. 314 */ 315 s = splvm(); 316 if (!recurse && arp_locked) { 317 splx(s); 318 return 0; 319 } 320 arp_locked++; 321 splx(s); 322 return 1; 323 } 324 325 static inline void 326 arp_unlock(void) 327 { 328 int s; 329 330 s = splvm(); 331 arp_locked--; 332 splx(s); 333 } 334 335 #ifdef DIAGNOSTIC 336 #define ARP_LOCK(recurse) \ 337 do { \ 338 if (arp_lock_try(recurse) == 0) { \ 339 printf("%s:%d: arp already locked\n", __FILE__, __LINE__); \ 340 panic("arp_lock"); \ 341 } \ 342 } while (/*CONSTCOND*/ 0) 343 #define ARP_LOCK_CHECK() \ 344 do { \ 345 if (arp_locked == 0) { \ 346 printf("%s:%d: arp lock not held\n", __FILE__, __LINE__); \ 347 panic("arp lock check"); \ 348 } \ 349 } while (/*CONSTCOND*/ 0) 350 #else 351 #define ARP_LOCK(x) (void) arp_lock_try(x) 352 #define ARP_LOCK_CHECK() /* nothing */ 353 #endif 354 355 #define ARP_UNLOCK() arp_unlock() 356 357 static void sysctl_net_inet_arp_setup(struct sysctllog **); 358 359 void 360 arp_init(void) 361 { 362 363 sysctl_net_inet_arp_setup(NULL); 364 arpstat_percpu = percpu_alloc(sizeof(uint64_t) * ARP_NSTATS); 365 } 366 367 static void 368 arp_drainstub(void) 369 { 370 arp_drainwanted = 1; 371 } 372 373 /* 374 * ARP protocol drain routine. Called when memory is in short supply. 375 * Called at splvm(); don't acquire softnet_lock as can be called from 376 * hardware interrupt handlers. 377 */ 378 void 379 arp_drain(void) 380 { 381 struct llinfo_arp *la; 382 int count = 0; 383 struct mbuf *mold; 384 385 KERNEL_LOCK(1, NULL); 386 387 if (arp_lock_try(0) == 0) { 388 KERNEL_UNLOCK_ONE(NULL); 389 return; 390 } 391 392 LIST_FOREACH(la, &llinfo_arp, la_list) { 393 mold = la->la_hold; 394 la->la_hold = NULL; 395 396 if (mold) { 397 m_freem(mold); 398 count++; 399 } 400 } 401 ARP_UNLOCK(); 402 ARP_STATADD(ARP_STAT_DFRDROPPED, count); 403 KERNEL_UNLOCK_ONE(NULL); 404 } 405 406 407 /* 408 * Timeout routine. Age arp_tab entries periodically. 409 */ 410 /* ARGSUSED */ 411 static void 412 arptimer(void *arg) 413 { 414 struct llinfo_arp *la, *nla; 415 416 mutex_enter(softnet_lock); 417 KERNEL_LOCK(1, NULL); 418 419 if (arp_lock_try(0) == 0) { 420 /* get it later.. */ 421 KERNEL_UNLOCK_ONE(NULL); 422 mutex_exit(softnet_lock); 423 return; 424 } 425 426 callout_reset(&arptimer_ch, arpt_prune * hz, arptimer, NULL); 427 LIST_FOREACH_SAFE(la, &llinfo_arp, la_list, nla) { 428 struct rtentry *rt = la->la_rt; 429 430 if (rt->rt_expire == 0) 431 continue; 432 if ((rt->rt_expire - time_second) < arpt_refresh && 433 rt->rt_pksent > (time_second - arpt_keep)) { 434 /* 435 * If the entry has been used during since last 436 * refresh, try to renew it before deleting. 437 */ 438 arprequest(rt->rt_ifp, 439 &satocsin(rt->rt_ifa->ifa_addr)->sin_addr, 440 &satocsin(rt_getkey(rt))->sin_addr, 441 CLLADDR(rt->rt_ifp->if_sadl)); 442 } else if (rt->rt_expire <= time_second) 443 arptfree(la); /* timer has expired; clear */ 444 } 445 446 ARP_UNLOCK(); 447 448 KERNEL_UNLOCK_ONE(NULL); 449 mutex_exit(softnet_lock); 450 } 451 452 /* 453 * We set the gateway for RTF_CLONING routes to a "prototype" 454 * link-layer sockaddr whose interface type (if_type) and interface 455 * index (if_index) fields are prepared. 456 */ 457 static struct sockaddr * 458 arp_setgate(struct rtentry *rt, struct sockaddr *gate, 459 const struct sockaddr *netmask) 460 { 461 const struct ifnet *ifp = rt->rt_ifp; 462 uint8_t namelen = strlen(ifp->if_xname); 463 uint8_t addrlen = ifp->if_addrlen; 464 465 /* 466 * XXX: If this is a manually added route to interface 467 * such as older version of routed or gated might provide, 468 * restore cloning bit. 469 */ 470 if ((rt->rt_flags & RTF_HOST) == 0 && netmask != NULL && 471 satocsin(netmask)->sin_addr.s_addr != 0xffffffff) 472 rt->rt_flags |= RTF_CLONING; 473 if (rt->rt_flags & RTF_CLONING || 474 ((rt->rt_flags & (RTF_LLINFO | RTF_LOCAL)) && !rt->rt_llinfo)) 475 { 476 union { 477 struct sockaddr sa; 478 struct sockaddr_storage ss; 479 struct sockaddr_dl sdl; 480 } u; 481 /* 482 * Case 1: This route should come from a route to iface. 483 */ 484 sockaddr_dl_init(&u.sdl, sizeof(u.ss), 485 ifp->if_index, ifp->if_type, NULL, namelen, NULL, addrlen); 486 rt_setgate(rt, &u.sa); 487 gate = rt->rt_gateway; 488 } 489 return gate; 490 } 491 492 /* 493 * Parallel to llc_rtrequest. 494 */ 495 void 496 arp_rtrequest(int req, struct rtentry *rt, const struct rt_addrinfo *info) 497 { 498 struct sockaddr *gate = rt->rt_gateway; 499 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 500 size_t allocsize; 501 struct mbuf *mold; 502 int s; 503 struct in_ifaddr *ia; 504 struct ifaddr *ifa; 505 struct ifnet *ifp = rt->rt_ifp; 506 507 if (!arpinit_done) { 508 arpinit_done = 1; 509 /* 510 * We generate expiration times from time_second 511 * so avoid accidentally creating permanent routes. 512 */ 513 if (time_second == 0) { 514 struct timespec ts; 515 ts.tv_sec = 1; 516 ts.tv_nsec = 0; 517 tc_setclock(&ts); 518 } 519 callout_init(&arptimer_ch, CALLOUT_MPSAFE); 520 callout_reset(&arptimer_ch, hz, arptimer, NULL); 521 } 522 523 if (req == RTM_LLINFO_UPD) { 524 struct in_addr *in; 525 526 if ((ifa = info->rti_ifa) == NULL) 527 return; 528 529 in = &ifatoia(ifa)->ia_addr.sin_addr; 530 531 if (ifatoia(ifa)->ia4_flags & 532 (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 533 { 534 arplog((LOG_DEBUG, "arp_request: %s not ready\n", 535 in_fmtaddr(*in))); 536 return; 537 } 538 539 arprequest(ifa->ifa_ifp, in, in, 540 CLLADDR(ifa->ifa_ifp->if_sadl)); 541 return; 542 } 543 544 if ((rt->rt_flags & RTF_GATEWAY) != 0) { 545 if (req != RTM_ADD) 546 return; 547 548 /* 549 * linklayers with particular link MTU limitation. 550 */ 551 switch(ifp->if_type) { 552 #if NFDDI > 0 553 case IFT_FDDI: 554 if (ifp->if_mtu > FDDIIPMTU) 555 rt->rt_rmx.rmx_mtu = FDDIIPMTU; 556 break; 557 #endif 558 #if NARCNET > 0 559 case IFT_ARCNET: 560 { 561 int arcipifmtu; 562 563 if (ifp->if_flags & IFF_LINK0) 564 arcipifmtu = arc_ipmtu; 565 else 566 arcipifmtu = ARCMTU; 567 if (ifp->if_mtu > arcipifmtu) 568 rt->rt_rmx.rmx_mtu = arcipifmtu; 569 break; 570 } 571 #endif 572 } 573 return; 574 } 575 576 ARP_LOCK(1); /* we may already be locked here. */ 577 578 switch (req) { 579 case RTM_SETGATE: 580 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]); 581 break; 582 case RTM_ADD: 583 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]); 584 if (rt->rt_flags & RTF_CLONING || 585 ((rt->rt_flags & (RTF_LLINFO | RTF_LOCAL)) && !la)) 586 { 587 /* 588 * Give this route an expiration time, even though 589 * it's a "permanent" route, so that routes cloned 590 * from it do not need their expiration time set. 591 */ 592 rt->rt_expire = time_second; 593 /* 594 * linklayers with particular link MTU limitation. 595 */ 596 switch (ifp->if_type) { 597 #if NFDDI > 0 598 case IFT_FDDI: 599 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 && 600 (rt->rt_rmx.rmx_mtu > FDDIIPMTU || 601 (rt->rt_rmx.rmx_mtu == 0 && 602 ifp->if_mtu > FDDIIPMTU))) 603 rt->rt_rmx.rmx_mtu = FDDIIPMTU; 604 break; 605 #endif 606 #if NARCNET > 0 607 case IFT_ARCNET: 608 { 609 int arcipifmtu; 610 if (ifp->if_flags & IFF_LINK0) 611 arcipifmtu = arc_ipmtu; 612 else 613 arcipifmtu = ARCMTU; 614 615 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 && 616 (rt->rt_rmx.rmx_mtu > arcipifmtu || 617 (rt->rt_rmx.rmx_mtu == 0 && 618 ifp->if_mtu > arcipifmtu))) 619 rt->rt_rmx.rmx_mtu = arcipifmtu; 620 break; 621 } 622 #endif 623 } 624 if (rt->rt_flags & RTF_CLONING) 625 break; 626 } 627 /* Announce a new entry if requested. */ 628 if (rt->rt_flags & RTF_ANNOUNCE) { 629 INADDR_TO_IA(satocsin(rt_getkey(rt))->sin_addr, ia); 630 while (ia && ia->ia_ifp != ifp) 631 NEXT_IA_WITH_SAME_ADDR(ia); 632 if (ia == NULL || 633 ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 634 ; 635 else 636 arprequest(ifp, 637 &satocsin(rt_getkey(rt))->sin_addr, 638 &satocsin(rt_getkey(rt))->sin_addr, 639 CLLADDR(satocsdl(gate))); 640 } 641 /*FALLTHROUGH*/ 642 case RTM_RESOLVE: 643 if (gate->sa_family != AF_LINK || 644 gate->sa_len < sockaddr_dl_measure(0, ifp->if_addrlen)) { 645 log(LOG_DEBUG, "arp_rtrequest: bad gateway value\n"); 646 break; 647 } 648 649 satosdl(gate)->sdl_type = ifp->if_type; 650 satosdl(gate)->sdl_index = ifp->if_index; 651 if (la != NULL) 652 break; /* This happens on a route change */ 653 654 /* If the route is for a broadcast address mark it as such. 655 * This way we can avoid an expensive call to in_broadcast() 656 * in ip_output() most of the time (because the route passed 657 * to ip_output() is almost always a host route). */ 658 if (rt->rt_flags & RTF_HOST && 659 !(rt->rt_flags & RTF_BROADCAST) && 660 in_broadcast(satocsin(rt_getkey(rt))->sin_addr, rt->rt_ifp)) 661 rt->rt_flags |= RTF_BROADCAST; 662 /* There is little point in resolving the broadcast address */ 663 if (rt->rt_flags & RTF_BROADCAST) 664 break; 665 666 /* 667 * Case 2: This route may come from cloning, or a manual route 668 * add with a LL address. 669 */ 670 switch (ifp->if_type) { 671 #if NTOKEN > 0 672 case IFT_ISO88025: 673 allocsize = sizeof(*la) + sizeof(struct token_rif); 674 break; 675 #endif /* NTOKEN > 0 */ 676 default: 677 allocsize = sizeof(*la); 678 } 679 R_Malloc(la, struct llinfo_arp *, allocsize); 680 rt->rt_llinfo = (void *)la; 681 if (la == NULL) { 682 log(LOG_DEBUG, "arp_rtrequest: malloc failed\n"); 683 break; 684 } 685 arp_inuse++, arp_allocated++; 686 memset(la, 0, allocsize); 687 la->la_rt = rt; 688 rt->rt_flags |= RTF_LLINFO; 689 LIST_INSERT_HEAD(&llinfo_arp, la, la_list); 690 691 INADDR_TO_IA(satocsin(rt_getkey(rt))->sin_addr, ia); 692 while (ia && ia->ia_ifp != ifp) 693 NEXT_IA_WITH_SAME_ADDR(ia); 694 if (ia) { 695 /* 696 * This test used to be 697 * if (lo0ifp->if_flags & IFF_UP) 698 * It allowed local traffic to be forced through 699 * the hardware by configuring the loopback down. 700 * However, it causes problems during network 701 * configuration for boards that can't receive 702 * packets they send. It is now necessary to clear 703 * "useloopback" and remove the route to force 704 * traffic out to the hardware. 705 * 706 * In 4.4BSD, the above "if" statement checked 707 * rt->rt_ifa against rt_getkey(rt). It was changed 708 * to the current form so that we can provide a 709 * better support for multiple IPv4 addresses on a 710 * interface. 711 */ 712 rt->rt_expire = 0; 713 if (sockaddr_dl_init(satosdl(gate), gate->sa_len, 714 ifp->if_index, ifp->if_type, NULL, 0, 715 CLLADDR(ifp->if_sadl), ifp->if_addrlen) == NULL) { 716 panic("%s(%s): sockaddr_dl_init cannot fail", 717 __func__, ifp->if_xname); 718 } 719 if (useloopback) 720 ifp = rt->rt_ifp = lo0ifp; 721 /* 722 * make sure to set rt->rt_ifa to the interface 723 * address we are using, otherwise we will have trouble 724 * with source address selection. 725 */ 726 ifa = &ia->ia_ifa; 727 if (ifa != rt->rt_ifa) 728 rt_replace_ifa(rt, ifa); 729 } 730 break; 731 732 case RTM_DELETE: 733 if (la == NULL) 734 break; 735 arp_inuse--; 736 LIST_REMOVE(la, la_list); 737 rt->rt_llinfo = NULL; 738 rt->rt_flags &= ~RTF_LLINFO; 739 740 s = splnet(); 741 mold = la->la_hold; 742 la->la_hold = NULL; 743 splx(s); 744 745 if (mold) 746 m_freem(mold); 747 748 Free((void *)la); 749 } 750 ARP_UNLOCK(); 751 } 752 753 /* 754 * Broadcast an ARP request. Caller specifies: 755 * - arp header source ip address 756 * - arp header target ip address 757 * - arp header source ethernet address 758 */ 759 void 760 arprequest(struct ifnet *ifp, 761 const struct in_addr *sip, const struct in_addr *tip, 762 const u_int8_t *enaddr) 763 { 764 struct mbuf *m; 765 struct arphdr *ah; 766 struct sockaddr sa; 767 uint64_t *arps; 768 769 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 770 return; 771 MCLAIM(m, &arpdomain.dom_mowner); 772 switch (ifp->if_type) { 773 case IFT_IEEE1394: 774 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) + 775 ifp->if_addrlen; 776 break; 777 default: 778 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) + 779 2 * ifp->if_addrlen; 780 break; 781 } 782 m->m_pkthdr.len = m->m_len; 783 MH_ALIGN(m, m->m_len); 784 ah = mtod(m, struct arphdr *); 785 memset(ah, 0, m->m_len); 786 switch (ifp->if_type) { 787 case IFT_IEEE1394: /* RFC2734 */ 788 /* fill it now for ar_tpa computation */ 789 ah->ar_hrd = htons(ARPHRD_IEEE1394); 790 break; 791 default: 792 /* ifp->if_output will fill ar_hrd */ 793 break; 794 } 795 ah->ar_pro = htons(ETHERTYPE_IP); 796 ah->ar_hln = ifp->if_addrlen; /* hardware address length */ 797 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */ 798 ah->ar_op = htons(ARPOP_REQUEST); 799 memcpy(ar_sha(ah), enaddr, ah->ar_hln); 800 memcpy(ar_spa(ah), sip, ah->ar_pln); 801 memcpy(ar_tpa(ah), tip, ah->ar_pln); 802 sa.sa_family = AF_ARP; 803 sa.sa_len = 2; 804 m->m_flags |= M_BCAST; 805 arps = ARP_STAT_GETREF(); 806 arps[ARP_STAT_SNDTOTAL]++; 807 arps[ARP_STAT_SENDREQUEST]++; 808 ARP_STAT_PUTREF(); 809 (*ifp->if_output)(ifp, m, &sa, NULL); 810 } 811 812 /* 813 * Resolve an IP address into an ethernet address. If success, 814 * desten is filled in. If there is no entry in arptab, 815 * set one up and broadcast a request for the IP address. 816 * Hold onto this mbuf and resend it once the address 817 * is finally resolved. A return value of 1 indicates 818 * that desten has been filled in and the packet should be sent 819 * normally; a 0 return indicates that the packet has been 820 * taken over here, either now or for later transmission. 821 */ 822 int 823 arpresolve(struct ifnet *ifp, struct rtentry *rt, struct mbuf *m, 824 const struct sockaddr *dst, u_char *desten) 825 { 826 struct llinfo_arp *la; 827 const struct sockaddr_dl *sdl; 828 struct mbuf *mold; 829 int s; 830 831 if ((la = arplookup1(m, &satocsin(dst)->sin_addr, 1, 0, rt)) != NULL) 832 rt = la->la_rt; 833 834 if (la == NULL || rt == NULL) { 835 ARP_STATINC(ARP_STAT_ALLOCFAIL); 836 log(LOG_DEBUG, 837 "arpresolve: can't allocate llinfo on %s for %s\n", 838 ifp->if_xname, in_fmtaddr(satocsin(dst)->sin_addr)); 839 m_freem(m); 840 return 0; 841 } 842 sdl = satocsdl(rt->rt_gateway); 843 /* 844 * Check the address family and length is valid, the address 845 * is resolved; otherwise, try to resolve. 846 */ 847 if ((rt->rt_expire == 0 || rt->rt_expire > time_second) && 848 sdl->sdl_family == AF_LINK && sdl->sdl_alen != 0) { 849 memcpy(desten, CLLADDR(sdl), 850 min(sdl->sdl_alen, ifp->if_addrlen)); 851 rt->rt_pksent = time_second; /* Time for last pkt sent */ 852 return 1; 853 } 854 /* 855 * There is an arptab entry, but no ethernet address 856 * response yet. Replace the held mbuf with this 857 * latest one. 858 */ 859 860 ARP_STATINC(ARP_STAT_DFRTOTAL); 861 s = splnet(); 862 mold = la->la_hold; 863 la->la_hold = m; 864 splx(s); 865 866 if (mold) { 867 ARP_STATINC(ARP_STAT_DFRDROPPED); 868 m_freem(mold); 869 } 870 871 /* 872 * Re-send the ARP request when appropriate. 873 */ 874 #ifdef DIAGNOSTIC 875 if (rt->rt_expire == 0) { 876 /* This should never happen. (Should it? -gwr) */ 877 printf("arpresolve: unresolved and rt_expire == 0\n"); 878 /* Set expiration time to now (expired). */ 879 rt->rt_expire = time_second; 880 } 881 #endif 882 if (rt->rt_expire) { 883 rt->rt_flags &= ~RTF_REJECT; 884 if (la->la_asked == 0 || rt->rt_expire != time_second) { 885 rt->rt_expire = time_second; 886 if (la->la_asked++ < arp_maxtries) { 887 arprequest(ifp, 888 &satocsin(rt->rt_ifa->ifa_addr)->sin_addr, 889 &satocsin(dst)->sin_addr, 890 #if NCARP > 0 891 (rt->rt_ifp->if_type == IFT_CARP) ? 892 CLLADDR(rt->rt_ifp->if_sadl): 893 #endif 894 CLLADDR(ifp->if_sadl)); 895 } else { 896 rt->rt_flags |= RTF_REJECT; 897 rt->rt_expire += arpt_down; 898 la->la_asked = 0; 899 } 900 } 901 } 902 return 0; 903 } 904 905 /* 906 * Common length and type checks are done here, 907 * then the protocol-specific routine is called. 908 */ 909 void 910 arpintr(void) 911 { 912 struct mbuf *m; 913 struct arphdr *ar; 914 int s; 915 int arplen; 916 917 mutex_enter(softnet_lock); 918 KERNEL_LOCK(1, NULL); 919 while (arpintrq.ifq_head) { 920 s = splnet(); 921 IF_DEQUEUE(&arpintrq, m); 922 splx(s); 923 if (m == NULL || (m->m_flags & M_PKTHDR) == 0) 924 panic("arpintr"); 925 926 MCLAIM(m, &arpdomain.dom_mowner); 927 ARP_STATINC(ARP_STAT_RCVTOTAL); 928 929 /* 930 * First, make sure we have at least struct arphdr. 931 */ 932 if (m->m_len < sizeof(struct arphdr) || 933 (ar = mtod(m, struct arphdr *)) == NULL) 934 goto badlen; 935 936 switch (m->m_pkthdr.rcvif->if_type) { 937 case IFT_IEEE1394: 938 arplen = sizeof(struct arphdr) + 939 ar->ar_hln + 2 * ar->ar_pln; 940 break; 941 default: 942 arplen = sizeof(struct arphdr) + 943 2 * ar->ar_hln + 2 * ar->ar_pln; 944 break; 945 } 946 947 if (/* XXX ntohs(ar->ar_hrd) == ARPHRD_ETHER && */ 948 m->m_len >= arplen) 949 switch (ntohs(ar->ar_pro)) { 950 case ETHERTYPE_IP: 951 case ETHERTYPE_IPTRAILERS: 952 in_arpinput(m); 953 continue; 954 default: 955 ARP_STATINC(ARP_STAT_RCVBADPROTO); 956 } 957 else { 958 badlen: 959 ARP_STATINC(ARP_STAT_RCVBADLEN); 960 } 961 m_freem(m); 962 } 963 KERNEL_UNLOCK_ONE(NULL); 964 mutex_exit(softnet_lock); 965 } 966 967 /* 968 * ARP for Internet protocols on 10 Mb/s Ethernet. 969 * Algorithm is that given in RFC 826. 970 * In addition, a sanity check is performed on the sender 971 * protocol address, to catch impersonators. 972 * We no longer handle negotiations for use of trailer protocol: 973 * Formerly, ARP replied for protocol type ETHERTYPE_TRAIL sent 974 * along with IP replies if we wanted trailers sent to us, 975 * and also sent them in response to IP replies. 976 * This allowed either end to announce the desire to receive 977 * trailer packets. 978 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either, 979 * but formerly didn't normally send requests. 980 */ 981 static void 982 in_arpinput(struct mbuf *m) 983 { 984 struct arphdr *ah; 985 struct ifnet *ifp = m->m_pkthdr.rcvif; 986 struct llinfo_arp *la = NULL; 987 struct rtentry *rt; 988 struct in_ifaddr *ia; 989 #if NBRIDGE > 0 990 struct in_ifaddr *bridge_ia = NULL; 991 #endif 992 #if NCARP > 0 993 u_int32_t count = 0, index = 0; 994 #endif 995 struct sockaddr_dl *sdl; 996 struct sockaddr sa; 997 struct in_addr isaddr, itaddr, myaddr; 998 int op; 999 struct mbuf *mold; 1000 void *tha; 1001 int s; 1002 uint64_t *arps; 1003 1004 if (__predict_false(m_makewritable(&m, 0, m->m_pkthdr.len, M_DONTWAIT))) 1005 goto out; 1006 ah = mtod(m, struct arphdr *); 1007 op = ntohs(ah->ar_op); 1008 1009 /* 1010 * Fix up ah->ar_hrd if necessary, before using ar_tha() or 1011 * ar_tpa(). 1012 */ 1013 switch (ifp->if_type) { 1014 case IFT_IEEE1394: 1015 if (ntohs(ah->ar_hrd) == ARPHRD_IEEE1394) 1016 ; 1017 else { 1018 /* XXX this is to make sure we compute ar_tha right */ 1019 /* XXX check ar_hrd more strictly? */ 1020 ah->ar_hrd = htons(ARPHRD_IEEE1394); 1021 } 1022 break; 1023 default: 1024 /* XXX check ar_hrd? */ 1025 break; 1026 } 1027 1028 memcpy(&isaddr, ar_spa(ah), sizeof (isaddr)); 1029 memcpy(&itaddr, ar_tpa(ah), sizeof (itaddr)); 1030 1031 if (m->m_flags & (M_BCAST|M_MCAST)) 1032 ARP_STATINC(ARP_STAT_RCVMCAST); 1033 1034 1035 /* 1036 * Search for a matching interface address 1037 * or any address on the interface to use 1038 * as a dummy address in the rest of this function 1039 */ 1040 1041 INADDR_TO_IA(itaddr, ia); 1042 while (ia != NULL) { 1043 #if NCARP > 0 1044 if (ia->ia_ifp->if_type == IFT_CARP && 1045 ((ia->ia_ifp->if_flags & (IFF_UP|IFF_RUNNING)) == 1046 (IFF_UP|IFF_RUNNING))) { 1047 index++; 1048 if (ia->ia_ifp == m->m_pkthdr.rcvif && 1049 carp_iamatch(ia, ar_sha(ah), 1050 &count, index)) { 1051 break; 1052 } 1053 } else 1054 #endif 1055 if (ia->ia_ifp == m->m_pkthdr.rcvif) 1056 break; 1057 #if NBRIDGE > 0 1058 /* 1059 * If the interface we received the packet on 1060 * is part of a bridge, check to see if we need 1061 * to "bridge" the packet to ourselves at this 1062 * layer. Note we still prefer a perfect match, 1063 * but allow this weaker match if necessary. 1064 */ 1065 if (m->m_pkthdr.rcvif->if_bridge != NULL && 1066 m->m_pkthdr.rcvif->if_bridge == ia->ia_ifp->if_bridge) 1067 bridge_ia = ia; 1068 #endif /* NBRIDGE > 0 */ 1069 1070 NEXT_IA_WITH_SAME_ADDR(ia); 1071 } 1072 1073 #if NBRIDGE > 0 1074 if (ia == NULL && bridge_ia != NULL) { 1075 ia = bridge_ia; 1076 ifp = bridge_ia->ia_ifp; 1077 } 1078 #endif 1079 1080 if (ia == NULL) { 1081 INADDR_TO_IA(isaddr, ia); 1082 while ((ia != NULL) && ia->ia_ifp != m->m_pkthdr.rcvif) 1083 NEXT_IA_WITH_SAME_ADDR(ia); 1084 1085 if (ia == NULL) { 1086 IFP_TO_IA(ifp, ia); 1087 if (ia == NULL) { 1088 ARP_STATINC(ARP_STAT_RCVNOINT); 1089 goto out; 1090 } 1091 } 1092 } 1093 1094 myaddr = ia->ia_addr.sin_addr; 1095 1096 /* XXX checks for bridge case? */ 1097 if (!memcmp(ar_sha(ah), CLLADDR(ifp->if_sadl), ifp->if_addrlen)) { 1098 ARP_STATINC(ARP_STAT_RCVLOCALSHA); 1099 goto out; /* it's from me, ignore it. */ 1100 } 1101 1102 /* XXX checks for bridge case? */ 1103 if (!memcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) { 1104 ARP_STATINC(ARP_STAT_RCVBCASTSHA); 1105 log(LOG_ERR, 1106 "%s: arp: link address is broadcast for IP address %s!\n", 1107 ifp->if_xname, in_fmtaddr(isaddr)); 1108 goto out; 1109 } 1110 1111 /* 1112 * If the source IP address is zero, this is an RFC 5227 ARP probe 1113 */ 1114 if (in_nullhost(isaddr)) 1115 ARP_STATINC(ARP_STAT_RCVZEROSPA); 1116 else if (in_hosteq(isaddr, myaddr)) 1117 ARP_STATINC(ARP_STAT_RCVLOCALSPA); 1118 1119 if (in_nullhost(itaddr)) 1120 ARP_STATINC(ARP_STAT_RCVZEROTPA); 1121 1122 /* DAD check, RFC 5227 2.1.1, Probe Details */ 1123 if (in_hosteq(isaddr, myaddr) || 1124 (in_nullhost(isaddr) && in_hosteq(itaddr, myaddr))) 1125 { 1126 /* If our address is tentative, mark it as duplicated */ 1127 if (ia->ia4_flags & IN_IFF_TENTATIVE) 1128 arp_dad_duplicated((struct ifaddr *)ia); 1129 /* If our address is unuseable, don't reply */ 1130 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 1131 goto out; 1132 } 1133 1134 /* 1135 * If the target IP address is zero, ignore the packet. 1136 * This prevents the code below from tring to answer 1137 * when we are using IP address zero (booting). 1138 */ 1139 if (in_nullhost(itaddr)) 1140 goto out; 1141 1142 if (in_nullhost(isaddr)) 1143 goto reply; 1144 1145 if (in_hosteq(isaddr, myaddr)) { 1146 log(LOG_ERR, 1147 "duplicate IP address %s sent from link address %s\n", 1148 in_fmtaddr(isaddr), lla_snprintf(ar_sha(ah), ah->ar_hln)); 1149 itaddr = myaddr; 1150 goto reply; 1151 } 1152 la = arplookup(m, &isaddr, in_hosteq(itaddr, myaddr), 0); 1153 if (la != NULL && (rt = la->la_rt) && (sdl = satosdl(rt->rt_gateway))) { 1154 if (sdl->sdl_alen && 1155 memcmp(ar_sha(ah), CLLADDR(sdl), sdl->sdl_alen)) { 1156 if (rt->rt_flags & RTF_STATIC) { 1157 ARP_STATINC(ARP_STAT_RCVOVERPERM); 1158 if (!log_permanent_modify) 1159 goto out; 1160 log(LOG_INFO, 1161 "%s tried to overwrite permanent arp info" 1162 " for %s\n", 1163 lla_snprintf(ar_sha(ah), ah->ar_hln), 1164 in_fmtaddr(isaddr)); 1165 goto out; 1166 } else if (rt->rt_ifp != ifp) { 1167 ARP_STATINC(ARP_STAT_RCVOVERINT); 1168 if (!log_wrong_iface) 1169 goto out; 1170 log(LOG_INFO, 1171 "%s on %s tried to overwrite " 1172 "arp info for %s on %s\n", 1173 lla_snprintf(ar_sha(ah), ah->ar_hln), 1174 ifp->if_xname, in_fmtaddr(isaddr), 1175 rt->rt_ifp->if_xname); 1176 goto out; 1177 } else { 1178 ARP_STATINC(ARP_STAT_RCVOVER); 1179 if (log_movements) 1180 log(LOG_INFO, "arp info overwritten " 1181 "for %s by %s\n", 1182 in_fmtaddr(isaddr), 1183 lla_snprintf(ar_sha(ah), 1184 ah->ar_hln)); 1185 } 1186 } 1187 /* 1188 * sanity check for the address length. 1189 * XXX this does not work for protocols with variable address 1190 * length. -is 1191 */ 1192 if (sdl->sdl_alen && 1193 sdl->sdl_alen != ah->ar_hln) { 1194 ARP_STATINC(ARP_STAT_RCVLENCHG); 1195 log(LOG_WARNING, 1196 "arp from %s: new addr len %d, was %d\n", 1197 in_fmtaddr(isaddr), ah->ar_hln, sdl->sdl_alen); 1198 } 1199 if (ifp->if_addrlen != ah->ar_hln) { 1200 ARP_STATINC(ARP_STAT_RCVBADLEN); 1201 log(LOG_WARNING, 1202 "arp from %s: addr len: new %d, i/f %d (ignored)\n", 1203 in_fmtaddr(isaddr), ah->ar_hln, 1204 ifp->if_addrlen); 1205 goto reply; 1206 } 1207 #if NTOKEN > 0 1208 /* 1209 * XXX uses m_data and assumes the complete answer including 1210 * XXX token-ring headers is in the same buf 1211 */ 1212 if (ifp->if_type == IFT_ISO88025) { 1213 struct token_header *trh; 1214 1215 trh = (struct token_header *)M_TRHSTART(m); 1216 if (trh->token_shost[0] & TOKEN_RI_PRESENT) { 1217 struct token_rif *rif; 1218 size_t riflen; 1219 1220 rif = TOKEN_RIF(trh); 1221 riflen = (ntohs(rif->tr_rcf) & 1222 TOKEN_RCF_LEN_MASK) >> 8; 1223 1224 if (riflen > 2 && 1225 riflen < sizeof(struct token_rif) && 1226 (riflen & 1) == 0) { 1227 rif->tr_rcf ^= htons(TOKEN_RCF_DIRECTION); 1228 rif->tr_rcf &= htons(~TOKEN_RCF_BROADCAST_MASK); 1229 memcpy(TOKEN_RIF(la), rif, riflen); 1230 } 1231 } 1232 } 1233 #endif /* NTOKEN > 0 */ 1234 (void)sockaddr_dl_setaddr(sdl, sdl->sdl_len, ar_sha(ah), 1235 ah->ar_hln); 1236 if (rt->rt_expire) 1237 rt->rt_expire = time_second + arpt_keep; 1238 rt->rt_flags &= ~RTF_REJECT; 1239 la->la_asked = 0; 1240 1241 s = splnet(); 1242 mold = la->la_hold; 1243 la->la_hold = NULL; 1244 splx(s); 1245 1246 if (mold) { 1247 ARP_STATINC(ARP_STAT_DFRSENT); 1248 (*ifp->if_output)(ifp, mold, rt_getkey(rt), rt); 1249 } 1250 } 1251 reply: 1252 if (op != ARPOP_REQUEST) { 1253 if (op == ARPOP_REPLY) 1254 ARP_STATINC(ARP_STAT_RCVREPLY); 1255 out: 1256 m_freem(m); 1257 return; 1258 } 1259 ARP_STATINC(ARP_STAT_RCVREQUEST); 1260 if (in_hosteq(itaddr, myaddr)) { 1261 /* If our address is unuseable, don't reply */ 1262 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 1263 goto out; 1264 /* I am the target */ 1265 tha = ar_tha(ah); 1266 if (tha) 1267 memcpy(tha, ar_sha(ah), ah->ar_hln); 1268 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln); 1269 } else { 1270 la = arplookup(m, &itaddr, 0, SIN_PROXY); 1271 if (la == NULL) 1272 goto out; 1273 rt = la->la_rt; 1274 if (rt->rt_ifp->if_type == IFT_CARP && 1275 m->m_pkthdr.rcvif->if_type != IFT_CARP) 1276 goto out; 1277 tha = ar_tha(ah); 1278 if (tha) 1279 memcpy(tha, ar_sha(ah), ah->ar_hln); 1280 sdl = satosdl(rt->rt_gateway); 1281 memcpy(ar_sha(ah), CLLADDR(sdl), ah->ar_hln); 1282 } 1283 1284 memcpy(ar_tpa(ah), ar_spa(ah), ah->ar_pln); 1285 memcpy(ar_spa(ah), &itaddr, ah->ar_pln); 1286 ah->ar_op = htons(ARPOP_REPLY); 1287 ah->ar_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 1288 switch (ifp->if_type) { 1289 case IFT_IEEE1394: 1290 /* 1291 * ieee1394 arp reply is broadcast 1292 */ 1293 m->m_flags &= ~M_MCAST; 1294 m->m_flags |= M_BCAST; 1295 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + ah->ar_hln; 1296 break; 1297 1298 default: 1299 m->m_flags &= ~(M_BCAST|M_MCAST); /* never reply by broadcast */ 1300 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + (2 * ah->ar_hln); 1301 break; 1302 } 1303 m->m_pkthdr.len = m->m_len; 1304 sa.sa_family = AF_ARP; 1305 sa.sa_len = 2; 1306 arps = ARP_STAT_GETREF(); 1307 arps[ARP_STAT_SNDTOTAL]++; 1308 arps[ARP_STAT_SNDREPLY]++; 1309 ARP_STAT_PUTREF(); 1310 (*ifp->if_output)(ifp, m, &sa, NULL); 1311 return; 1312 } 1313 1314 /* 1315 * Free an arp entry. 1316 */ 1317 static void arptfree(struct llinfo_arp *la) 1318 { 1319 struct rtentry *rt = la->la_rt; 1320 struct sockaddr_dl *sdl; 1321 1322 ARP_LOCK_CHECK(); 1323 1324 if (rt == NULL) 1325 panic("arptfree"); 1326 if (rt->rt_refcnt > 0 && (sdl = satosdl(rt->rt_gateway)) && 1327 sdl->sdl_family == AF_LINK) { 1328 sdl->sdl_alen = 0; 1329 la->la_asked = 0; 1330 rt->rt_flags &= ~RTF_REJECT; 1331 return; 1332 } 1333 rtrequest(RTM_DELETE, rt_getkey(rt), NULL, rt_mask(rt), 0, NULL); 1334 } 1335 1336 static struct llinfo_arp * 1337 arplookup(struct mbuf *m, const struct in_addr *addr, int create, int proxy) 1338 { 1339 return arplookup1(m, addr, create, proxy, NULL); 1340 } 1341 1342 /* 1343 * Lookup or enter a new address in arptab. 1344 */ 1345 static struct llinfo_arp * 1346 arplookup1(struct mbuf *m, const struct in_addr *addr, int create, int proxy, 1347 struct rtentry *rt0) 1348 { 1349 struct arphdr *ah; 1350 struct ifnet *ifp = m->m_pkthdr.rcvif; 1351 struct rtentry *rt; 1352 struct sockaddr_inarp sin; 1353 const char *why = NULL; 1354 1355 ah = mtod(m, struct arphdr *); 1356 if (rt0 == NULL) { 1357 memset(&sin, 0, sizeof(sin)); 1358 sin.sin_len = sizeof(sin); 1359 sin.sin_family = AF_INET; 1360 sin.sin_addr = *addr; 1361 sin.sin_other = proxy ? SIN_PROXY : 0; 1362 rt = rtalloc1(sintosa(&sin), create); 1363 if (rt == NULL) 1364 return NULL; 1365 rt->rt_refcnt--; 1366 } else 1367 rt = rt0; 1368 1369 #define IS_LLINFO(__rt) \ 1370 (((__rt)->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) == RTF_LLINFO && \ 1371 (__rt)->rt_gateway->sa_family == AF_LINK) 1372 1373 1374 if (IS_LLINFO(rt)) 1375 return (struct llinfo_arp *)rt->rt_llinfo; 1376 1377 if (create) { 1378 if (rt->rt_flags & RTF_GATEWAY) { 1379 if (log_unknown_network) 1380 why = "host is not on local network"; 1381 } else if ((rt->rt_flags & RTF_LLINFO) == 0) { 1382 ARP_STATINC(ARP_STAT_ALLOCFAIL); 1383 why = "could not allocate llinfo"; 1384 } else 1385 why = "gateway route is not ours"; 1386 if (why) { 1387 log(LOG_DEBUG, "arplookup: unable to enter address" 1388 " for %s@%s on %s (%s)\n", in_fmtaddr(*addr), 1389 lla_snprintf(ar_sha(ah), ah->ar_hln), 1390 (ifp) ? ifp->if_xname : "null", why); 1391 } 1392 if (rt->rt_refcnt <= 0 && (rt->rt_flags & RTF_CLONED) != 0) { 1393 rtrequest(RTM_DELETE, rt_getkey(rt), 1394 rt->rt_gateway, rt_mask(rt), rt->rt_flags, NULL); 1395 } 1396 } 1397 return NULL; 1398 } 1399 1400 int 1401 arpioctl(u_long cmd, void *data) 1402 { 1403 1404 return EOPNOTSUPP; 1405 } 1406 1407 void 1408 arp_ifinit(struct ifnet *ifp, struct ifaddr *ifa) 1409 { 1410 struct in_addr *ip; 1411 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1412 1413 /* 1414 * Warn the user if another station has this IP address, 1415 * but only if the interface IP address is not zero. 1416 */ 1417 ip = &IA_SIN(ifa)->sin_addr; 1418 if (!in_nullhost(*ip) && 1419 (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) == 0) 1420 arprequest(ifp, ip, ip, CLLADDR(ifp->if_sadl)); 1421 1422 ifa->ifa_rtrequest = arp_rtrequest; 1423 ifa->ifa_flags |= RTF_CLONING; 1424 1425 /* ARP will handle DAD for this address. */ 1426 if (ia->ia4_flags & IN_IFF_TRYTENTATIVE) { 1427 ia->ia4_flags |= IN_IFF_TENTATIVE; 1428 ia->ia_dad_start = arp_dad_start; 1429 ia->ia_dad_stop = arp_dad_stop; 1430 } 1431 } 1432 1433 TAILQ_HEAD(dadq_head, dadq); 1434 struct dadq { 1435 TAILQ_ENTRY(dadq) dad_list; 1436 struct ifaddr *dad_ifa; 1437 int dad_count; /* max ARP to send */ 1438 int dad_arp_tcount; /* # of trials to send ARP */ 1439 int dad_arp_ocount; /* ARP sent so far */ 1440 int dad_arp_announce; /* max ARP announcements */ 1441 int dad_arp_acount; /* # of announcements */ 1442 struct callout dad_timer_ch; 1443 }; 1444 MALLOC_JUSTDEFINE(M_IPARP, "ARP DAD", "ARP DAD Structure"); 1445 1446 static struct dadq_head dadq; 1447 static int dad_init = 0; 1448 static int dad_maxtry = 15; /* max # of *tries* to transmit DAD packet */ 1449 1450 static struct dadq * 1451 arp_dad_find(struct ifaddr *ifa) 1452 { 1453 struct dadq *dp; 1454 1455 TAILQ_FOREACH(dp, &dadq, dad_list) { 1456 if (dp->dad_ifa == ifa) 1457 return dp; 1458 } 1459 return NULL; 1460 } 1461 1462 static void 1463 arp_dad_starttimer(struct dadq *dp, int ticks) 1464 { 1465 1466 callout_reset(&dp->dad_timer_ch, ticks, 1467 (void (*)(void *))arp_dad_timer, (void *)dp->dad_ifa); 1468 } 1469 1470 static void 1471 arp_dad_stoptimer(struct dadq *dp) 1472 { 1473 1474 callout_stop(&dp->dad_timer_ch); 1475 } 1476 1477 static void 1478 arp_dad_output(struct dadq *dp, struct ifaddr *ifa) 1479 { 1480 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1481 struct ifnet *ifp = ifa->ifa_ifp; 1482 struct in_addr sip; 1483 1484 dp->dad_arp_tcount++; 1485 if ((ifp->if_flags & IFF_UP) == 0) 1486 return; 1487 if ((ifp->if_flags & IFF_RUNNING) == 0) 1488 return; 1489 1490 dp->dad_arp_tcount = 0; 1491 dp->dad_arp_ocount++; 1492 1493 memset(&sip, 0, sizeof(sip)); 1494 arprequest(ifa->ifa_ifp, &sip, &ia->ia_addr.sin_addr, 1495 CLLADDR(ifa->ifa_ifp->if_sadl)); 1496 } 1497 1498 /* 1499 * Start Duplicate Address Detection (DAD) for specified interface address. 1500 */ 1501 static void 1502 arp_dad_start(struct ifaddr *ifa) 1503 { 1504 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1505 struct dadq *dp; 1506 1507 if (!dad_init) { 1508 TAILQ_INIT(&dadq); 1509 dad_init++; 1510 } 1511 1512 /* 1513 * If we don't need DAD, don't do it. 1514 * - DAD is disabled (ip_dad_count == 0) 1515 */ 1516 if (!(ia->ia4_flags & IN_IFF_TENTATIVE)) { 1517 log(LOG_DEBUG, 1518 "arp_dad_start: called with non-tentative address " 1519 "%s(%s)\n", 1520 in_fmtaddr(ia->ia_addr.sin_addr), 1521 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1522 return; 1523 } 1524 if (!ip_dad_count) { 1525 struct in_addr *ip = &IA_SIN(ifa)->sin_addr; 1526 1527 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1528 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 1529 arprequest(ifa->ifa_ifp, ip, ip, 1530 CLLADDR(ifa->ifa_ifp->if_sadl)); 1531 return; 1532 } 1533 if (ifa->ifa_ifp == NULL) 1534 panic("arp_dad_start: ifa->ifa_ifp == NULL"); 1535 if (!(ifa->ifa_ifp->if_flags & IFF_UP)) 1536 return; 1537 if (arp_dad_find(ifa) != NULL) { 1538 /* DAD already in progress */ 1539 return; 1540 } 1541 1542 dp = malloc(sizeof(*dp), M_IPARP, M_NOWAIT); 1543 if (dp == NULL) { 1544 log(LOG_ERR, "arp_dad_start: memory allocation failed for " 1545 "%s(%s)\n", 1546 in_fmtaddr(ia->ia_addr.sin_addr), 1547 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1548 return; 1549 } 1550 memset(dp, 0, sizeof(*dp)); 1551 callout_init(&dp->dad_timer_ch, CALLOUT_MPSAFE); 1552 TAILQ_INSERT_TAIL(&dadq, (struct dadq *)dp, dad_list); 1553 1554 arplog((LOG_DEBUG, "%s: starting DAD for %s\n", if_name(ifa->ifa_ifp), 1555 in_fmtaddr(ia->ia_addr.sin_addr))); 1556 1557 /* 1558 * Send ARP packet for DAD, ip_dad_count times. 1559 * Note that we must delay the first transmission. 1560 */ 1561 dp->dad_ifa = ifa; 1562 ifaref(ifa); /* just for safety */ 1563 dp->dad_count = ip_dad_count; 1564 dp->dad_arp_announce = 0; /* Will be set when starting to announce */ 1565 dp->dad_arp_acount = dp->dad_arp_ocount = dp->dad_arp_tcount = 0; 1566 1567 arp_dad_starttimer(dp, cprng_fast32() % (PROBE_WAIT * hz)); 1568 } 1569 1570 /* 1571 * terminate DAD unconditionally. used for address removals. 1572 */ 1573 static void 1574 arp_dad_stop(struct ifaddr *ifa) 1575 { 1576 struct dadq *dp; 1577 1578 if (!dad_init) 1579 return; 1580 dp = arp_dad_find(ifa); 1581 if (dp == NULL) { 1582 /* DAD wasn't started yet */ 1583 return; 1584 } 1585 1586 arp_dad_stoptimer(dp); 1587 1588 TAILQ_REMOVE(&dadq, dp, dad_list); 1589 free(dp, M_IPARP); 1590 dp = NULL; 1591 ifafree(ifa); 1592 } 1593 1594 static void 1595 arp_dad_timer(struct ifaddr *ifa) 1596 { 1597 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1598 struct dadq *dp; 1599 struct in_addr *ip; 1600 1601 mutex_enter(softnet_lock); 1602 KERNEL_LOCK(1, NULL); 1603 1604 /* Sanity check */ 1605 if (ia == NULL) { 1606 log(LOG_ERR, "arp_dad_timer: called with null parameter\n"); 1607 goto done; 1608 } 1609 dp = arp_dad_find(ifa); 1610 if (dp == NULL) { 1611 log(LOG_ERR, "arp_dad_timer: DAD structure not found\n"); 1612 goto done; 1613 } 1614 if (ia->ia4_flags & IN_IFF_DUPLICATED) { 1615 log(LOG_ERR, "nd4_dad_timer: called with duplicate address " 1616 "%s(%s)\n", 1617 in_fmtaddr(ia->ia_addr.sin_addr), 1618 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1619 goto done; 1620 } 1621 if ((ia->ia4_flags & IN_IFF_TENTATIVE) == 0 && dp->dad_arp_acount == 0){ 1622 log(LOG_ERR, "arp_dad_timer: called with non-tentative address " 1623 "%s(%s)\n", 1624 in_fmtaddr(ia->ia_addr.sin_addr), 1625 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1626 goto done; 1627 } 1628 1629 /* timeouted with IFF_{RUNNING,UP} check */ 1630 if (dp->dad_arp_tcount > dad_maxtry) { 1631 arplog((LOG_INFO, "%s: could not run DAD, driver problem?\n", 1632 if_name(ifa->ifa_ifp))); 1633 1634 TAILQ_REMOVE(&dadq, dp, dad_list); 1635 free(dp, M_IPARP); 1636 dp = NULL; 1637 ifafree(ifa); 1638 goto done; 1639 } 1640 1641 /* Need more checks? */ 1642 if (dp->dad_arp_ocount < dp->dad_count) { 1643 int adelay; 1644 1645 /* 1646 * We have more ARP to go. Send ARP packet for DAD. 1647 */ 1648 arp_dad_output(dp, ifa); 1649 if (dp->dad_arp_ocount < dp->dad_count) 1650 adelay = (PROBE_MIN * hz) + 1651 (cprng_fast32() % 1652 ((PROBE_MAX * hz) - (PROBE_MIN * hz))); 1653 else 1654 adelay = ANNOUNCE_WAIT * hz; 1655 arp_dad_starttimer(dp, adelay); 1656 goto done; 1657 } else if (dp->dad_arp_acount == 0) { 1658 /* 1659 * We are done with DAD. 1660 * No duplicate address found. 1661 */ 1662 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1663 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 1664 arplog((LOG_DEBUG, 1665 "%s: DAD complete for %s - no duplicates found\n", 1666 if_name(ifa->ifa_ifp), 1667 in_fmtaddr(ia->ia_addr.sin_addr))); 1668 dp->dad_arp_announce = ANNOUNCE_NUM; 1669 goto announce; 1670 } else if (dp->dad_arp_acount < dp->dad_arp_announce) { 1671 announce: 1672 /* 1673 * Announce the address. 1674 */ 1675 ip = &IA_SIN(ifa)->sin_addr; 1676 arprequest(ifa->ifa_ifp, ip, ip, 1677 CLLADDR(ifa->ifa_ifp->if_sadl)); 1678 dp->dad_arp_acount++; 1679 if (dp->dad_arp_acount < dp->dad_arp_announce) { 1680 arp_dad_starttimer(dp, ANNOUNCE_INTERVAL * hz); 1681 goto done; 1682 } 1683 arplog((LOG_DEBUG, 1684 "%s: ARP announcement complete for %s\n", 1685 if_name(ifa->ifa_ifp), 1686 in_fmtaddr(ia->ia_addr.sin_addr))); 1687 } 1688 1689 TAILQ_REMOVE(&dadq, dp, dad_list); 1690 free(dp, M_IPARP); 1691 dp = NULL; 1692 ifafree(ifa); 1693 1694 done: 1695 KERNEL_UNLOCK_ONE(NULL); 1696 mutex_exit(softnet_lock); 1697 } 1698 1699 static void 1700 arp_dad_duplicated(struct ifaddr *ifa) 1701 { 1702 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1703 struct ifnet *ifp; 1704 struct dadq *dp; 1705 1706 dp = arp_dad_find(ifa); 1707 if (dp == NULL) { 1708 log(LOG_ERR, "arp_dad_duplicated: DAD structure not found\n"); 1709 return; 1710 } 1711 1712 ifp = ifa->ifa_ifp; 1713 log(LOG_ERR, "%s: DAD detected duplicate IPv4 address %s: " 1714 "ARP out=%d\n", 1715 if_name(ifp), in_fmtaddr(ia->ia_addr.sin_addr), 1716 dp->dad_arp_ocount); 1717 1718 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1719 ia->ia4_flags |= IN_IFF_DUPLICATED; 1720 1721 /* We are done with DAD, with duplicated address found. (failure) */ 1722 arp_dad_stoptimer(dp); 1723 1724 /* Inform the routing socket that DAD has completed */ 1725 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 1726 1727 TAILQ_REMOVE(&dadq, dp, dad_list); 1728 free(dp, M_IPARP); 1729 dp = NULL; 1730 ifafree(ifa); 1731 } 1732 1733 /* 1734 * Called from 10 Mb/s Ethernet interrupt handlers 1735 * when ether packet type ETHERTYPE_REVARP 1736 * is received. Common length and type checks are done here, 1737 * then the protocol-specific routine is called. 1738 */ 1739 void 1740 revarpinput(struct mbuf *m) 1741 { 1742 struct arphdr *ar; 1743 1744 if (m->m_len < sizeof(struct arphdr)) 1745 goto out; 1746 ar = mtod(m, struct arphdr *); 1747 #if 0 /* XXX I don't think we need this... and it will prevent other LL */ 1748 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) 1749 goto out; 1750 #endif 1751 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln)) 1752 goto out; 1753 switch (ntohs(ar->ar_pro)) { 1754 case ETHERTYPE_IP: 1755 case ETHERTYPE_IPTRAILERS: 1756 in_revarpinput(m); 1757 return; 1758 1759 default: 1760 break; 1761 } 1762 out: 1763 m_freem(m); 1764 } 1765 1766 /* 1767 * RARP for Internet protocols on 10 Mb/s Ethernet. 1768 * Algorithm is that given in RFC 903. 1769 * We are only using for bootstrap purposes to get an ip address for one of 1770 * our interfaces. Thus we support no user-interface. 1771 * 1772 * Since the contents of the RARP reply are specific to the interface that 1773 * sent the request, this code must ensure that they are properly associated. 1774 * 1775 * Note: also supports ARP via RARP packets, per the RFC. 1776 */ 1777 void 1778 in_revarpinput(struct mbuf *m) 1779 { 1780 struct ifnet *ifp; 1781 struct arphdr *ah; 1782 void *tha; 1783 int op; 1784 1785 ah = mtod(m, struct arphdr *); 1786 op = ntohs(ah->ar_op); 1787 1788 switch (m->m_pkthdr.rcvif->if_type) { 1789 case IFT_IEEE1394: 1790 /* ARP without target hardware address is not supported */ 1791 goto out; 1792 default: 1793 break; 1794 } 1795 1796 switch (op) { 1797 case ARPOP_REQUEST: 1798 case ARPOP_REPLY: /* per RFC */ 1799 in_arpinput(m); 1800 return; 1801 case ARPOP_REVREPLY: 1802 break; 1803 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 1804 default: 1805 goto out; 1806 } 1807 if (!revarp_in_progress) 1808 goto out; 1809 ifp = m->m_pkthdr.rcvif; 1810 if (ifp != myip_ifp) /* !same interface */ 1811 goto out; 1812 if (myip_initialized) 1813 goto wake; 1814 tha = ar_tha(ah); 1815 if (tha == NULL) 1816 goto out; 1817 if (memcmp(tha, CLLADDR(ifp->if_sadl), ifp->if_sadl->sdl_alen)) 1818 goto out; 1819 memcpy(&srv_ip, ar_spa(ah), sizeof(srv_ip)); 1820 memcpy(&myip, ar_tpa(ah), sizeof(myip)); 1821 myip_initialized = 1; 1822 wake: /* Do wakeup every time in case it was missed. */ 1823 wakeup((void *)&myip); 1824 1825 out: 1826 m_freem(m); 1827 } 1828 1829 /* 1830 * Send a RARP request for the ip address of the specified interface. 1831 * The request should be RFC 903-compliant. 1832 */ 1833 void 1834 revarprequest(struct ifnet *ifp) 1835 { 1836 struct sockaddr sa; 1837 struct mbuf *m; 1838 struct arphdr *ah; 1839 void *tha; 1840 1841 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 1842 return; 1843 MCLAIM(m, &arpdomain.dom_mowner); 1844 m->m_len = sizeof(*ah) + 2*sizeof(struct in_addr) + 1845 2*ifp->if_addrlen; 1846 m->m_pkthdr.len = m->m_len; 1847 MH_ALIGN(m, m->m_len); 1848 ah = mtod(m, struct arphdr *); 1849 memset(ah, 0, m->m_len); 1850 ah->ar_pro = htons(ETHERTYPE_IP); 1851 ah->ar_hln = ifp->if_addrlen; /* hardware address length */ 1852 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */ 1853 ah->ar_op = htons(ARPOP_REVREQUEST); 1854 1855 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln); 1856 tha = ar_tha(ah); 1857 if (tha == NULL) { 1858 m_free(m); 1859 return; 1860 } 1861 memcpy(tha, CLLADDR(ifp->if_sadl), ah->ar_hln); 1862 1863 sa.sa_family = AF_ARP; 1864 sa.sa_len = 2; 1865 m->m_flags |= M_BCAST; 1866 1867 KERNEL_LOCK(1, NULL); 1868 (*ifp->if_output)(ifp, m, &sa, NULL); 1869 KERNEL_UNLOCK_ONE(NULL); 1870 } 1871 1872 /* 1873 * RARP for the ip address of the specified interface, but also 1874 * save the ip address of the server that sent the answer. 1875 * Timeout if no response is received. 1876 */ 1877 int 1878 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 1879 struct in_addr *clnt_in) 1880 { 1881 int result, count = 20; 1882 1883 myip_initialized = 0; 1884 myip_ifp = ifp; 1885 1886 revarp_in_progress = 1; 1887 while (count--) { 1888 revarprequest(ifp); 1889 result = tsleep((void *)&myip, PSOCK, "revarp", hz/2); 1890 if (result != EWOULDBLOCK) 1891 break; 1892 } 1893 revarp_in_progress = 0; 1894 1895 if (!myip_initialized) 1896 return ENETUNREACH; 1897 1898 memcpy(serv_in, &srv_ip, sizeof(*serv_in)); 1899 memcpy(clnt_in, &myip, sizeof(*clnt_in)); 1900 return 0; 1901 } 1902 1903 1904 1905 #ifdef DDB 1906 1907 #include <machine/db_machdep.h> 1908 #include <ddb/db_interface.h> 1909 #include <ddb/db_output.h> 1910 1911 static void 1912 db_print_sa(const struct sockaddr *sa) 1913 { 1914 int len; 1915 const u_char *p; 1916 1917 if (sa == NULL) { 1918 db_printf("[NULL]"); 1919 return; 1920 } 1921 1922 p = (const u_char *)sa; 1923 len = sa->sa_len; 1924 db_printf("["); 1925 while (len > 0) { 1926 db_printf("%d", *p); 1927 p++; len--; 1928 if (len) db_printf(","); 1929 } 1930 db_printf("]\n"); 1931 } 1932 1933 static void 1934 db_print_ifa(struct ifaddr *ifa) 1935 { 1936 if (ifa == NULL) 1937 return; 1938 db_printf(" ifa_addr="); 1939 db_print_sa(ifa->ifa_addr); 1940 db_printf(" ifa_dsta="); 1941 db_print_sa(ifa->ifa_dstaddr); 1942 db_printf(" ifa_mask="); 1943 db_print_sa(ifa->ifa_netmask); 1944 db_printf(" flags=0x%x,refcnt=%d,metric=%d\n", 1945 ifa->ifa_flags, 1946 ifa->ifa_refcnt, 1947 ifa->ifa_metric); 1948 } 1949 1950 static void 1951 db_print_llinfo(void *li) 1952 { 1953 struct llinfo_arp *la; 1954 1955 if (li == NULL) 1956 return; 1957 la = (struct llinfo_arp *)li; 1958 db_printf(" la_rt=%p la_hold=%p, la_asked=0x%lx\n", 1959 la->la_rt, la->la_hold, la->la_asked); 1960 } 1961 1962 /* 1963 * Function to pass to rt_walktree(). 1964 * Return non-zero error to abort walk. 1965 */ 1966 static int 1967 db_show_rtentry(struct rtentry *rt, void *w) 1968 { 1969 db_printf("rtentry=%p", rt); 1970 1971 db_printf(" flags=0x%x refcnt=%d use=%"PRId64" expire=%"PRId64"\n", 1972 rt->rt_flags, rt->rt_refcnt, 1973 rt->rt_use, (uint64_t)rt->rt_expire); 1974 1975 db_printf(" key="); db_print_sa(rt_getkey(rt)); 1976 db_printf(" mask="); db_print_sa(rt_mask(rt)); 1977 db_printf(" gw="); db_print_sa(rt->rt_gateway); 1978 1979 db_printf(" ifp=%p ", rt->rt_ifp); 1980 if (rt->rt_ifp) 1981 db_printf("(%s)", rt->rt_ifp->if_xname); 1982 else 1983 db_printf("(NULL)"); 1984 1985 db_printf(" ifa=%p\n", rt->rt_ifa); 1986 db_print_ifa(rt->rt_ifa); 1987 1988 db_printf(" gwroute=%p llinfo=%p\n", 1989 rt->rt_gwroute, rt->rt_llinfo); 1990 db_print_llinfo(rt->rt_llinfo); 1991 1992 return 0; 1993 } 1994 1995 /* 1996 * Function to print all the route trees. 1997 * Use this from ddb: "show arptab" 1998 */ 1999 void 2000 db_show_arptab(db_expr_t addr, bool have_addr, 2001 db_expr_t count, const char *modif) 2002 { 2003 rt_walktree(AF_INET, db_show_rtentry, NULL); 2004 } 2005 #endif 2006 2007 static int 2008 sysctl_net_inet_arp_stats(SYSCTLFN_ARGS) 2009 { 2010 2011 return NETSTAT_SYSCTL(arpstat_percpu, ARP_NSTATS); 2012 } 2013 2014 static void 2015 sysctl_net_inet_arp_setup(struct sysctllog **clog) 2016 { 2017 const struct sysctlnode *node; 2018 2019 sysctl_createv(clog, 0, NULL, NULL, 2020 CTLFLAG_PERMANENT, 2021 CTLTYPE_NODE, "inet", NULL, 2022 NULL, 0, NULL, 0, 2023 CTL_NET, PF_INET, CTL_EOL); 2024 sysctl_createv(clog, 0, NULL, &node, 2025 CTLFLAG_PERMANENT, 2026 CTLTYPE_NODE, "arp", 2027 SYSCTL_DESCR("Address Resolution Protocol"), 2028 NULL, 0, NULL, 0, 2029 CTL_NET, PF_INET, CTL_CREATE, CTL_EOL); 2030 2031 sysctl_createv(clog, 0, NULL, NULL, 2032 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2033 CTLTYPE_INT, "prune", 2034 SYSCTL_DESCR("ARP cache pruning interval in seconds"), 2035 NULL, 0, &arpt_prune, 0, 2036 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2037 2038 sysctl_createv(clog, 0, NULL, NULL, 2039 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2040 CTLTYPE_INT, "keep", 2041 SYSCTL_DESCR("Valid ARP entry lifetime in seconds"), 2042 NULL, 0, &arpt_keep, 0, 2043 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2044 2045 sysctl_createv(clog, 0, NULL, NULL, 2046 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2047 CTLTYPE_INT, "down", 2048 SYSCTL_DESCR("Failed ARP entry lifetime in seconds"), 2049 NULL, 0, &arpt_down, 0, 2050 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2051 2052 sysctl_createv(clog, 0, NULL, NULL, 2053 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2054 CTLTYPE_INT, "refresh", 2055 SYSCTL_DESCR("ARP entry refresh interval"), 2056 NULL, 0, &arpt_refresh, 0, 2057 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2058 2059 sysctl_createv(clog, 0, NULL, NULL, 2060 CTLFLAG_PERMANENT, 2061 CTLTYPE_STRUCT, "stats", 2062 SYSCTL_DESCR("ARP statistics"), 2063 sysctl_net_inet_arp_stats, 0, NULL, 0, 2064 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2065 2066 sysctl_createv(clog, 0, NULL, NULL, 2067 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2068 CTLTYPE_INT, "log_movements", 2069 SYSCTL_DESCR("log ARP replies from MACs different than" 2070 " the one in the cache"), 2071 NULL, 0, &log_movements, 0, 2072 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2073 2074 sysctl_createv(clog, 0, NULL, NULL, 2075 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2076 CTLTYPE_INT, "log_permanent_modify", 2077 SYSCTL_DESCR("log ARP replies from MACs different than" 2078 " the one in the permanent arp entry"), 2079 NULL, 0, &log_permanent_modify, 0, 2080 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2081 2082 sysctl_createv(clog, 0, NULL, NULL, 2083 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2084 CTLTYPE_INT, "log_wrong_iface", 2085 SYSCTL_DESCR("log ARP packets arriving on the wrong" 2086 " interface"), 2087 NULL, 0, &log_wrong_iface, 0, 2088 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2089 2090 sysctl_createv(clog, 0, NULL, NULL, 2091 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2092 CTLTYPE_INT, "log_unknown_network", 2093 SYSCTL_DESCR("log ARP packets from non-local network"), 2094 NULL, 0, &log_unknown_network, 0, 2095 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2096 2097 sysctl_createv(clog, 0, NULL, NULL, 2098 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2099 CTLTYPE_INT, "debug", 2100 SYSCTL_DESCR("Enable ARP DAD debug output"), 2101 NULL, 0, &arp_debug, 0, 2102 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2103 } 2104 2105 #endif /* INET */ 2106