1 /* $NetBSD: if_arp.c,v 1.203 2016/01/25 10:15:38 ozaki-r Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Public Access Networks Corporation ("Panix"). It was developed under 9 * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)if_ether.c 8.2 (Berkeley) 9/26/94 62 */ 63 64 /* 65 * Ethernet address resolution protocol. 66 * TODO: 67 * add "inuse/lock" bit (or ref. count) along with valid bit 68 */ 69 70 #include <sys/cdefs.h> 71 __KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.203 2016/01/25 10:15:38 ozaki-r Exp $"); 72 73 #ifdef _KERNEL_OPT 74 #include "opt_ddb.h" 75 #include "opt_inet.h" 76 #endif 77 78 #ifdef INET 79 80 #include "bridge.h" 81 82 #include <sys/param.h> 83 #include <sys/systm.h> 84 #include <sys/callout.h> 85 #include <sys/malloc.h> 86 #include <sys/mbuf.h> 87 #include <sys/socket.h> 88 #include <sys/time.h> 89 #include <sys/timetc.h> 90 #include <sys/kernel.h> 91 #include <sys/errno.h> 92 #include <sys/ioctl.h> 93 #include <sys/syslog.h> 94 #include <sys/proc.h> 95 #include <sys/protosw.h> 96 #include <sys/domain.h> 97 #include <sys/sysctl.h> 98 #include <sys/socketvar.h> 99 #include <sys/percpu.h> 100 #include <sys/cprng.h> 101 #include <sys/kmem.h> 102 103 #include <net/ethertypes.h> 104 #include <net/if.h> 105 #include <net/if_dl.h> 106 #include <net/if_token.h> 107 #include <net/if_types.h> 108 #include <net/if_ether.h> 109 #include <net/if_llatbl.h> 110 #include <net/net_osdep.h> 111 #include <net/route.h> 112 #include <net/net_stats.h> 113 114 #include <netinet/in.h> 115 #include <netinet/in_systm.h> 116 #include <netinet/in_var.h> 117 #include <netinet/ip.h> 118 #include <netinet/if_inarp.h> 119 120 #include "arcnet.h" 121 #if NARCNET > 0 122 #include <net/if_arc.h> 123 #endif 124 #include "fddi.h" 125 #if NFDDI > 0 126 #include <net/if_fddi.h> 127 #endif 128 #include "token.h" 129 #include "carp.h" 130 #if NCARP > 0 131 #include <netinet/ip_carp.h> 132 #endif 133 134 #define SIN(s) ((struct sockaddr_in *)s) 135 #define SRP(s) ((struct sockaddr_inarp *)s) 136 137 /* 138 * ARP trailer negotiation. Trailer protocol is not IP specific, 139 * but ARP request/response use IP addresses. 140 */ 141 #define ETHERTYPE_IPTRAILERS ETHERTYPE_TRAIL 142 143 /* timer values */ 144 static int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ 145 static int arpt_down = 20; /* once declared down, don't send for 20 secs */ 146 static int arp_maxhold = 1; /* number of packets to hold per ARP entry */ 147 #define rt_expire rt_rmx.rmx_expire 148 #define rt_pksent rt_rmx.rmx_pksent 149 150 int ip_dad_count = PROBE_NUM; 151 #ifdef ARP_DEBUG 152 static int arp_debug = 1; 153 #else 154 static int arp_debug = 0; 155 #endif 156 #define arplog(x) do { if (arp_debug) log x; } while (/*CONSTCOND*/ 0) 157 158 static void arp_init(void); 159 160 static struct sockaddr *arp_setgate(struct rtentry *, struct sockaddr *, 161 const struct sockaddr *); 162 static void arptfree(struct rtentry *); 163 static void arptimer(void *); 164 static void arp_settimer(struct llentry *, int); 165 static struct llentry *arplookup(struct ifnet *, struct mbuf *, 166 const struct in_addr *, int, int, int, struct rtentry *); 167 static void in_arpinput(struct mbuf *); 168 static void in_revarpinput(struct mbuf *); 169 static void revarprequest(struct ifnet *); 170 171 static void arp_drainstub(void); 172 173 static void arp_dad_timer(struct ifaddr *); 174 static void arp_dad_start(struct ifaddr *); 175 static void arp_dad_stop(struct ifaddr *); 176 static void arp_dad_duplicated(struct ifaddr *); 177 178 static void arp_init_llentry(struct ifnet *, struct llentry *); 179 #if NTOKEN > 0 180 static void arp_free_llentry_tokenring(struct llentry *); 181 #endif 182 183 struct ifqueue arpintrq = { 184 .ifq_head = NULL, 185 .ifq_tail = NULL, 186 .ifq_len = 0, 187 .ifq_maxlen = 50, 188 .ifq_drops = 0, 189 }; 190 static int arp_inuse, arp_allocated; 191 static int arp_maxtries = 5; 192 static int useloopback = 1; /* use loopback interface for local traffic */ 193 194 static percpu_t *arpstat_percpu; 195 196 #define ARP_STAT_GETREF() _NET_STAT_GETREF(arpstat_percpu) 197 #define ARP_STAT_PUTREF() _NET_STAT_PUTREF(arpstat_percpu) 198 199 #define ARP_STATINC(x) _NET_STATINC(arpstat_percpu, x) 200 #define ARP_STATADD(x, v) _NET_STATADD(arpstat_percpu, x, v) 201 202 /* revarp state */ 203 static struct in_addr myip, srv_ip; 204 static int myip_initialized = 0; 205 static int revarp_in_progress = 0; 206 static struct ifnet *myip_ifp = NULL; 207 208 #ifdef DDB 209 static void db_print_sa(const struct sockaddr *); 210 static void db_print_ifa(struct ifaddr *); 211 static void db_print_llinfo(struct llentry *); 212 static int db_show_rtentry(struct rtentry *, void *); 213 #endif 214 215 static int arp_drainwanted; 216 217 static int log_movements = 1; 218 static int log_permanent_modify = 1; 219 static int log_wrong_iface = 1; 220 static int log_unknown_network = 1; 221 222 /* 223 * this should be elsewhere. 224 */ 225 226 static char * 227 lla_snprintf(u_int8_t *, int); 228 229 static char * 230 lla_snprintf(u_int8_t *adrp, int len) 231 { 232 #define NUMBUFS 3 233 static char buf[NUMBUFS][16*3]; 234 static int bnum = 0; 235 236 int i; 237 char *p; 238 239 p = buf[bnum]; 240 241 *p++ = hexdigits[(*adrp)>>4]; 242 *p++ = hexdigits[(*adrp++)&0xf]; 243 244 for (i=1; i<len && i<16; i++) { 245 *p++ = ':'; 246 *p++ = hexdigits[(*adrp)>>4]; 247 *p++ = hexdigits[(*adrp++)&0xf]; 248 } 249 250 *p = 0; 251 p = buf[bnum]; 252 bnum = (bnum + 1) % NUMBUFS; 253 return p; 254 } 255 256 DOMAIN_DEFINE(arpdomain); /* forward declare and add to link set */ 257 258 static void 259 arp_fasttimo(void) 260 { 261 if (arp_drainwanted) { 262 arp_drain(); 263 arp_drainwanted = 0; 264 } 265 } 266 267 const struct protosw arpsw[] = { 268 { .pr_type = 0, 269 .pr_domain = &arpdomain, 270 .pr_protocol = 0, 271 .pr_flags = 0, 272 .pr_input = 0, 273 .pr_ctlinput = 0, 274 .pr_ctloutput = 0, 275 .pr_usrreqs = 0, 276 .pr_init = arp_init, 277 .pr_fasttimo = arp_fasttimo, 278 .pr_slowtimo = 0, 279 .pr_drain = arp_drainstub, 280 } 281 }; 282 283 struct domain arpdomain = { 284 .dom_family = PF_ARP, 285 .dom_name = "arp", 286 .dom_protosw = arpsw, 287 .dom_protoswNPROTOSW = &arpsw[__arraycount(arpsw)], 288 }; 289 290 static void sysctl_net_inet_arp_setup(struct sysctllog **); 291 292 void 293 arp_init(void) 294 { 295 296 sysctl_net_inet_arp_setup(NULL); 297 arpstat_percpu = percpu_alloc(sizeof(uint64_t) * ARP_NSTATS); 298 } 299 300 static void 301 arp_drainstub(void) 302 { 303 arp_drainwanted = 1; 304 } 305 306 /* 307 * ARP protocol drain routine. Called when memory is in short supply. 308 * Called at splvm(); don't acquire softnet_lock as can be called from 309 * hardware interrupt handlers. 310 */ 311 void 312 arp_drain(void) 313 { 314 315 lltable_drain(AF_INET); 316 } 317 318 static void 319 arptimer(void *arg) 320 { 321 struct llentry *lle = arg; 322 struct ifnet *ifp; 323 struct rtentry *rt; 324 325 if (lle == NULL) 326 return; 327 328 if (lle->la_flags & LLE_STATIC) 329 return; 330 331 LLE_WLOCK(lle); 332 if (callout_pending(&lle->la_timer)) { 333 /* 334 * Here we are a bit odd here in the treatment of 335 * active/pending. If the pending bit is set, it got 336 * rescheduled before I ran. The active 337 * bit we ignore, since if it was stopped 338 * in ll_tablefree() and was currently running 339 * it would have return 0 so the code would 340 * not have deleted it since the callout could 341 * not be stopped so we want to go through 342 * with the delete here now. If the callout 343 * was restarted, the pending bit will be back on and 344 * we just want to bail since the callout_reset would 345 * return 1 and our reference would have been removed 346 * by arpresolve() below. 347 */ 348 LLE_WUNLOCK(lle); 349 return; 350 } 351 ifp = lle->lle_tbl->llt_ifp; 352 rt = lle->la_rt; 353 lle->la_rt = NULL; 354 355 callout_stop(&lle->la_timer); 356 357 /* XXX: LOR avoidance. We still have ref on lle. */ 358 LLE_WUNLOCK(lle); 359 360 if (rt != NULL) { 361 /* We have to call arptfree w/o IF_AFDATA_LOCK */ 362 arptfree(rt); 363 } 364 365 IF_AFDATA_LOCK(ifp); 366 LLE_WLOCK(lle); 367 368 /* Guard against race with other llentry_free(). */ 369 if (lle->la_flags & LLE_LINKED) { 370 size_t pkts_dropped; 371 372 LLE_REMREF(lle); 373 pkts_dropped = llentry_free(lle); 374 ARP_STATADD(ARP_STAT_DFRDROPPED, pkts_dropped); 375 } else { 376 LLE_FREE_LOCKED(lle); 377 } 378 379 IF_AFDATA_UNLOCK(ifp); 380 } 381 382 static void 383 arp_settimer(struct llentry *la, int sec) 384 { 385 386 LLE_WLOCK_ASSERT(la); 387 LLE_ADDREF(la); 388 callout_reset(&la->la_timer, hz * sec, arptimer, la); 389 } 390 391 /* 392 * We set the gateway for RTF_CLONING routes to a "prototype" 393 * link-layer sockaddr whose interface type (if_type) and interface 394 * index (if_index) fields are prepared. 395 */ 396 static struct sockaddr * 397 arp_setgate(struct rtentry *rt, struct sockaddr *gate, 398 const struct sockaddr *netmask) 399 { 400 const struct ifnet *ifp = rt->rt_ifp; 401 uint8_t namelen = strlen(ifp->if_xname); 402 uint8_t addrlen = ifp->if_addrlen; 403 404 /* 405 * XXX: If this is a manually added route to interface 406 * such as older version of routed or gated might provide, 407 * restore cloning bit. 408 */ 409 if ((rt->rt_flags & RTF_HOST) == 0 && netmask != NULL && 410 satocsin(netmask)->sin_addr.s_addr != 0xffffffff) 411 rt->rt_flags |= RTF_CLONING; 412 if (rt->rt_flags & RTF_CLONING || 413 ((rt->rt_flags & (RTF_LLINFO | RTF_LOCAL)) && !rt->rt_llinfo)) 414 { 415 union { 416 struct sockaddr sa; 417 struct sockaddr_storage ss; 418 struct sockaddr_dl sdl; 419 } u; 420 /* 421 * Case 1: This route should come from a route to iface. 422 */ 423 sockaddr_dl_init(&u.sdl, sizeof(u.ss), 424 ifp->if_index, ifp->if_type, NULL, namelen, NULL, addrlen); 425 rt_setgate(rt, &u.sa); 426 gate = rt->rt_gateway; 427 } 428 return gate; 429 } 430 431 static void 432 arp_init_llentry(struct ifnet *ifp, struct llentry *lle) 433 { 434 435 switch (ifp->if_type) { 436 #if NTOKEN > 0 437 case IFT_ISO88025: 438 lle->la_opaque = kmem_intr_alloc(sizeof(struct token_rif), 439 KM_NOSLEEP); 440 lle->lle_ll_free = arp_free_llentry_tokenring; 441 break; 442 #endif 443 } 444 } 445 446 #if NTOKEN > 0 447 static void 448 arp_free_llentry_tokenring(struct llentry *lle) 449 { 450 451 kmem_intr_free(lle->la_opaque, sizeof(struct token_rif)); 452 } 453 #endif 454 455 /* 456 * Parallel to llc_rtrequest. 457 */ 458 void 459 arp_rtrequest(int req, struct rtentry *rt, const struct rt_addrinfo *info) 460 { 461 struct sockaddr *gate = rt->rt_gateway; 462 struct llentry *la = NULL; 463 struct in_ifaddr *ia; 464 struct ifaddr *ifa; 465 struct ifnet *ifp = rt->rt_ifp; 466 int flags = 0; 467 468 if (req == RTM_LLINFO_UPD) { 469 struct in_addr *in; 470 471 if ((ifa = info->rti_ifa) == NULL) 472 return; 473 474 in = &ifatoia(ifa)->ia_addr.sin_addr; 475 476 if (ifatoia(ifa)->ia4_flags & 477 (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 478 { 479 arplog((LOG_DEBUG, "arp_request: %s not ready\n", 480 in_fmtaddr(*in))); 481 return; 482 } 483 484 arprequest(ifa->ifa_ifp, in, in, 485 CLLADDR(ifa->ifa_ifp->if_sadl)); 486 return; 487 } 488 489 if ((rt->rt_flags & RTF_GATEWAY) != 0) { 490 if (req != RTM_ADD) 491 return; 492 493 /* 494 * linklayers with particular link MTU limitation. 495 */ 496 switch(ifp->if_type) { 497 #if NFDDI > 0 498 case IFT_FDDI: 499 if (ifp->if_mtu > FDDIIPMTU) 500 rt->rt_rmx.rmx_mtu = FDDIIPMTU; 501 break; 502 #endif 503 #if NARCNET > 0 504 case IFT_ARCNET: 505 { 506 int arcipifmtu; 507 508 if (ifp->if_flags & IFF_LINK0) 509 arcipifmtu = arc_ipmtu; 510 else 511 arcipifmtu = ARCMTU; 512 if (ifp->if_mtu > arcipifmtu) 513 rt->rt_rmx.rmx_mtu = arcipifmtu; 514 break; 515 } 516 #endif 517 } 518 return; 519 } 520 521 IF_AFDATA_RLOCK(ifp); 522 la = lla_lookup(LLTABLE(ifp), flags, rt_getkey(rt)); 523 IF_AFDATA_RUNLOCK(ifp); 524 525 switch (req) { 526 case RTM_SETGATE: 527 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]); 528 break; 529 case RTM_ADD: 530 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]); 531 if (rt->rt_flags & RTF_CLONING || 532 ((rt->rt_flags & (RTF_LLINFO | RTF_LOCAL)) && !la)) 533 { 534 /* 535 * Give this route an expiration time, even though 536 * it's a "permanent" route, so that routes cloned 537 * from it do not need their expiration time set. 538 */ 539 KASSERT(time_uptime != 0); 540 rt->rt_expire = time_uptime; 541 /* 542 * linklayers with particular link MTU limitation. 543 */ 544 switch (ifp->if_type) { 545 #if NFDDI > 0 546 case IFT_FDDI: 547 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 && 548 (rt->rt_rmx.rmx_mtu > FDDIIPMTU || 549 (rt->rt_rmx.rmx_mtu == 0 && 550 ifp->if_mtu > FDDIIPMTU))) 551 rt->rt_rmx.rmx_mtu = FDDIIPMTU; 552 break; 553 #endif 554 #if NARCNET > 0 555 case IFT_ARCNET: 556 { 557 int arcipifmtu; 558 if (ifp->if_flags & IFF_LINK0) 559 arcipifmtu = arc_ipmtu; 560 else 561 arcipifmtu = ARCMTU; 562 563 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 && 564 (rt->rt_rmx.rmx_mtu > arcipifmtu || 565 (rt->rt_rmx.rmx_mtu == 0 && 566 ifp->if_mtu > arcipifmtu))) 567 rt->rt_rmx.rmx_mtu = arcipifmtu; 568 break; 569 } 570 #endif 571 } 572 if (rt->rt_flags & RTF_CLONING) 573 break; 574 } 575 /* Announce a new entry if requested. */ 576 if (rt->rt_flags & RTF_ANNOUNCE) { 577 INADDR_TO_IA(satocsin(rt_getkey(rt))->sin_addr, ia); 578 while (ia && ia->ia_ifp != ifp) 579 NEXT_IA_WITH_SAME_ADDR(ia); 580 if (ia == NULL || 581 ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 582 ; 583 else 584 arprequest(ifp, 585 &satocsin(rt_getkey(rt))->sin_addr, 586 &satocsin(rt_getkey(rt))->sin_addr, 587 CLLADDR(satocsdl(gate))); 588 } 589 /*FALLTHROUGH*/ 590 case RTM_RESOLVE: 591 if (gate->sa_family != AF_LINK || 592 gate->sa_len < sockaddr_dl_measure(0, ifp->if_addrlen)) { 593 log(LOG_DEBUG, "arp_rtrequest: bad gateway value\n"); 594 break; 595 } 596 597 satosdl(gate)->sdl_type = ifp->if_type; 598 satosdl(gate)->sdl_index = ifp->if_index; 599 if (la != NULL) 600 break; /* This happens on a route change */ 601 602 /* If the route is for a broadcast address mark it as such. 603 * This way we can avoid an expensive call to in_broadcast() 604 * in ip_output() most of the time (because the route passed 605 * to ip_output() is almost always a host route). */ 606 if (rt->rt_flags & RTF_HOST && 607 !(rt->rt_flags & RTF_BROADCAST) && 608 in_broadcast(satocsin(rt_getkey(rt))->sin_addr, rt->rt_ifp)) 609 rt->rt_flags |= RTF_BROADCAST; 610 /* There is little point in resolving the broadcast address */ 611 if (rt->rt_flags & RTF_BROADCAST) 612 break; 613 614 INADDR_TO_IA(satocsin(rt_getkey(rt))->sin_addr, ia); 615 while (ia && ia->ia_ifp != ifp) 616 NEXT_IA_WITH_SAME_ADDR(ia); 617 if (ia) { 618 /* 619 * This test used to be 620 * if (lo0ifp->if_flags & IFF_UP) 621 * It allowed local traffic to be forced through 622 * the hardware by configuring the loopback down. 623 * However, it causes problems during network 624 * configuration for boards that can't receive 625 * packets they send. It is now necessary to clear 626 * "useloopback" and remove the route to force 627 * traffic out to the hardware. 628 * 629 * In 4.4BSD, the above "if" statement checked 630 * rt->rt_ifa against rt_getkey(rt). It was changed 631 * to the current form so that we can provide a 632 * better support for multiple IPv4 addresses on a 633 * interface. 634 */ 635 rt->rt_expire = 0; 636 if (sockaddr_dl_init(satosdl(gate), gate->sa_len, 637 ifp->if_index, ifp->if_type, NULL, 0, 638 CLLADDR(ifp->if_sadl), ifp->if_addrlen) == NULL) { 639 panic("%s(%s): sockaddr_dl_init cannot fail", 640 __func__, ifp->if_xname); 641 } 642 if (useloopback) { 643 ifp = rt->rt_ifp = lo0ifp; 644 rt->rt_rmx.rmx_mtu = 0; 645 } 646 rt->rt_flags |= RTF_LOCAL; 647 /* 648 * make sure to set rt->rt_ifa to the interface 649 * address we are using, otherwise we will have trouble 650 * with source address selection. 651 */ 652 ifa = &ia->ia_ifa; 653 if (ifa != rt->rt_ifa) 654 rt_replace_ifa(rt, ifa); 655 } 656 657 /* 658 * Case 2: This route may come from cloning, or a manual route 659 * add with a LL address. 660 */ 661 flags = LLE_EXCLUSIVE; 662 if ((rt->rt_flags & RTF_CLONING) != 0) 663 flags |= LLE_IFADDR; 664 665 IF_AFDATA_WLOCK(ifp); 666 la = lla_create(LLTABLE(ifp), flags, rt_getkey(rt)); 667 IF_AFDATA_WUNLOCK(ifp); 668 669 if (la == NULL) { 670 log(LOG_DEBUG, "%s: lla_create failed\n", 671 __func__); 672 rt->rt_llinfo = NULL; 673 break; 674 } 675 rt->rt_llinfo = la; 676 LLE_ADDREF(la); 677 la->la_rt = rt; 678 rt->rt_refcnt++; 679 rt->rt_flags |= RTF_LLINFO; 680 arp_inuse++, arp_allocated++; 681 arp_init_llentry(ifp, la); 682 683 LLE_WUNLOCK(la); 684 la = NULL; 685 686 break; 687 688 case RTM_DELETE: 689 if (la == NULL) 690 break; 691 arp_inuse--; 692 rt->rt_llinfo = NULL; 693 rt->rt_flags &= ~RTF_LLINFO; 694 695 /* Have to do before IF_AFDATA_WLOCK to avoid deadlock */ 696 callout_halt(&la->la_timer, &la->lle_lock); 697 /* XXX: LOR avoidance. We still have ref on lle. */ 698 LLE_RUNLOCK(la); 699 700 flags |= LLE_EXCLUSIVE; 701 IF_AFDATA_WLOCK(ifp); 702 LLE_WLOCK(la); 703 704 if (la->la_rt != NULL) { 705 /* 706 * Don't rtfree (may actually free objects) here. 707 * Leave it to rtrequest1. 708 */ 709 la->la_rt->rt_refcnt--; 710 la->la_rt = NULL; 711 } 712 713 /* Guard against race with other llentry_free(). */ 714 if (la->la_flags & LLE_LINKED) { 715 size_t pkts_dropped; 716 717 pkts_dropped = llentry_free(la); 718 ARP_STATADD(ARP_STAT_DFRDROPPED, pkts_dropped); 719 } else { 720 LLE_FREE_LOCKED(la); 721 } 722 la = NULL; 723 724 IF_AFDATA_WUNLOCK(ifp); 725 } 726 727 if (la != NULL) { 728 if (flags & LLE_EXCLUSIVE) 729 LLE_WUNLOCK(la); 730 else 731 LLE_RUNLOCK(la); 732 } 733 } 734 735 /* 736 * Broadcast an ARP request. Caller specifies: 737 * - arp header source ip address 738 * - arp header target ip address 739 * - arp header source ethernet address 740 */ 741 void 742 arprequest(struct ifnet *ifp, 743 const struct in_addr *sip, const struct in_addr *tip, 744 const u_int8_t *enaddr) 745 { 746 struct mbuf *m; 747 struct arphdr *ah; 748 struct sockaddr sa; 749 uint64_t *arps; 750 751 KASSERT(sip != NULL); 752 KASSERT(tip != NULL); 753 KASSERT(enaddr != NULL); 754 755 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 756 return; 757 MCLAIM(m, &arpdomain.dom_mowner); 758 switch (ifp->if_type) { 759 case IFT_IEEE1394: 760 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) + 761 ifp->if_addrlen; 762 break; 763 default: 764 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) + 765 2 * ifp->if_addrlen; 766 break; 767 } 768 m->m_pkthdr.len = m->m_len; 769 MH_ALIGN(m, m->m_len); 770 ah = mtod(m, struct arphdr *); 771 memset(ah, 0, m->m_len); 772 switch (ifp->if_type) { 773 case IFT_IEEE1394: /* RFC2734 */ 774 /* fill it now for ar_tpa computation */ 775 ah->ar_hrd = htons(ARPHRD_IEEE1394); 776 break; 777 default: 778 /* ifp->if_output will fill ar_hrd */ 779 break; 780 } 781 ah->ar_pro = htons(ETHERTYPE_IP); 782 ah->ar_hln = ifp->if_addrlen; /* hardware address length */ 783 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */ 784 ah->ar_op = htons(ARPOP_REQUEST); 785 memcpy(ar_sha(ah), enaddr, ah->ar_hln); 786 memcpy(ar_spa(ah), sip, ah->ar_pln); 787 memcpy(ar_tpa(ah), tip, ah->ar_pln); 788 sa.sa_family = AF_ARP; 789 sa.sa_len = 2; 790 m->m_flags |= M_BCAST; 791 arps = ARP_STAT_GETREF(); 792 arps[ARP_STAT_SNDTOTAL]++; 793 arps[ARP_STAT_SENDREQUEST]++; 794 ARP_STAT_PUTREF(); 795 (*ifp->if_output)(ifp, m, &sa, NULL); 796 } 797 798 /* 799 * Resolve an IP address into an ethernet address. If success, 800 * desten is filled in. If there is no entry in arptab, 801 * set one up and broadcast a request for the IP address. 802 * Hold onto this mbuf and resend it once the address 803 * is finally resolved. A return value of 0 indicates 804 * that desten has been filled in and the packet should be sent 805 * normally; a return value of EWOULDBLOCK indicates that the packet has been 806 * held pending resolution. 807 * Any other value indicates an error. 808 */ 809 int 810 arpresolve(struct ifnet *ifp, struct rtentry *rt, struct mbuf *m, 811 const struct sockaddr *dst, u_char *desten) 812 { 813 struct llentry *la; 814 const struct sockaddr_dl *sdl; 815 const char *create_lookup; 816 bool renew; 817 int error; 818 819 KASSERT(m != NULL); 820 821 la = arplookup(ifp, m, &satocsin(dst)->sin_addr, 0, 0, 0, rt); 822 if (la == NULL || la->la_rt == NULL) 823 goto notfound; 824 825 rt = la->la_rt; 826 sdl = satocsdl(rt->rt_gateway); 827 /* 828 * Check the address family and length is valid, the address 829 * is resolved; otherwise, try to resolve. 830 */ 831 if ((rt->rt_expire == 0 || rt->rt_expire > time_uptime) && 832 sdl->sdl_family == AF_LINK && sdl->sdl_alen != 0) { 833 memcpy(desten, CLLADDR(sdl), 834 min(sdl->sdl_alen, ifp->if_addrlen)); 835 rt->rt_pksent = time_uptime; /* Time for last pkt sent */ 836 LLE_RUNLOCK(la); 837 return 0; 838 } 839 840 /* 841 * Re-send the ARP request when appropriate. 842 */ 843 #ifdef DIAGNOSTIC 844 if (rt->rt_expire == 0) { 845 /* This should never happen. (Should it? -gwr) */ 846 printf("arpresolve: unresolved and rt_expire == 0\n"); 847 /* Set expiration time to now (expired). */ 848 rt->rt_expire = time_uptime; 849 } 850 #endif 851 852 notfound: 853 #ifdef IFF_STATICARP /* FreeBSD */ 854 #define _IFF_NOARP (IFF_NOARP | IFF_STATICARP) 855 #else 856 #define _IFF_NOARP IFF_NOARP 857 #endif 858 if (ifp->if_flags & _IFF_NOARP) { 859 if (la != NULL) 860 LLE_RUNLOCK(la); 861 error = ENOTSUP; 862 goto bad; 863 } 864 #undef _IFF_NOARP 865 if (la == NULL) { 866 create_lookup = "create"; 867 IF_AFDATA_WLOCK(ifp); 868 la = lla_create(LLTABLE(ifp), LLE_EXCLUSIVE, dst); 869 IF_AFDATA_WUNLOCK(ifp); 870 if (la == NULL) 871 ARP_STATINC(ARP_STAT_ALLOCFAIL); 872 } else if (LLE_TRY_UPGRADE(la) == 0) { 873 create_lookup = "lookup"; 874 LLE_RUNLOCK(la); 875 IF_AFDATA_RLOCK(ifp); 876 la = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst); 877 IF_AFDATA_RUNLOCK(ifp); 878 } 879 880 error = EINVAL; 881 if (la == NULL) { 882 log(LOG_DEBUG, 883 "%s: failed to %s llentry for %s on %s\n", 884 __func__, create_lookup, inet_ntoa(satocsin(dst)->sin_addr), 885 ifp->if_xname); 886 goto bad; 887 } 888 889 /* Just in case */ 890 if (la->la_rt == NULL) { 891 LLE_WUNLOCK(la); 892 log(LOG_DEBUG, 893 "%s: valid llentry has no rtentry for %s on %s\n", 894 __func__, inet_ntoa(satocsin(dst)->sin_addr), 895 ifp->if_xname); 896 goto bad; 897 } 898 rt = la->la_rt; 899 900 if ((la->la_flags & LLE_VALID) && 901 ((la->la_flags & LLE_STATIC) || la->la_expire > time_uptime)) 902 { 903 sdl = satocsdl(rt->rt_gateway); 904 memcpy(desten, CLLADDR(sdl), 905 min(sdl->sdl_alen, ifp->if_addrlen)); 906 renew = false; 907 /* 908 * If entry has an expiry time and it is approaching, 909 * see if we need to send an ARP request within this 910 * arpt_down interval. 911 */ 912 if (!(la->la_flags & LLE_STATIC) && 913 time_uptime + la->la_preempt > la->la_expire) 914 { 915 renew = true; 916 la->la_preempt--; 917 } 918 919 LLE_WUNLOCK(la); 920 921 if (renew) { 922 const u_int8_t *enaddr = 923 #if NCARP > 0 924 (rt->rt_ifp->if_type == IFT_CARP) ? 925 CLLADDR(rt->rt_ifp->if_sadl): 926 #endif 927 CLLADDR(ifp->if_sadl); 928 arprequest(ifp, 929 &satocsin(rt->rt_ifa->ifa_addr)->sin_addr, 930 &satocsin(dst)->sin_addr, enaddr); 931 } 932 933 return 0; 934 } 935 936 if (la->la_flags & LLE_STATIC) { /* should not happen! */ 937 LLE_RUNLOCK(la); 938 log(LOG_DEBUG, "arpresolve: ouch, empty static llinfo for %s\n", 939 inet_ntoa(satocsin(dst)->sin_addr)); 940 error = EINVAL; 941 goto bad; 942 } 943 944 renew = (la->la_asked == 0 || la->la_expire != time_uptime); 945 946 /* 947 * There is an arptab entry, but no ethernet address 948 * response yet. Add the mbuf to the list, dropping 949 * the oldest packet if we have exceeded the system 950 * setting. 951 */ 952 LLE_WLOCK_ASSERT(la); 953 if (la->la_numheld >= arp_maxhold) { 954 if (la->la_hold != NULL) { 955 struct mbuf *next = la->la_hold->m_nextpkt; 956 m_freem(la->la_hold); 957 la->la_hold = next; 958 la->la_numheld--; 959 ARP_STATINC(ARP_STAT_DFRDROPPED); 960 } 961 } 962 if (la->la_hold != NULL) { 963 struct mbuf *curr = la->la_hold; 964 while (curr->m_nextpkt != NULL) 965 curr = curr->m_nextpkt; 966 curr->m_nextpkt = m; 967 } else 968 la->la_hold = m; 969 la->la_numheld++; 970 if (!renew) 971 LLE_DOWNGRADE(la); 972 973 /* 974 * Return EWOULDBLOCK if we have tried less than arp_maxtries. It 975 * will be masked by ether_output(). Return EHOSTDOWN/EHOSTUNREACH 976 * if we have already sent arp_maxtries ARP requests. Retransmit the 977 * ARP request, but not faster than one request per second. 978 */ 979 if (la->la_asked < arp_maxtries) 980 error = EWOULDBLOCK; /* First request. */ 981 else 982 error = (rt->rt_flags & RTF_GATEWAY) ? 983 EHOSTUNREACH : EHOSTDOWN; 984 985 if (renew) { 986 const u_int8_t *enaddr = 987 #if NCARP > 0 988 (rt->rt_ifp->if_type == IFT_CARP) ? 989 CLLADDR(rt->rt_ifp->if_sadl): 990 #endif 991 CLLADDR(ifp->if_sadl); 992 la->la_expire = time_uptime; 993 arp_settimer(la, arpt_down); 994 la->la_asked++; 995 LLE_WUNLOCK(la); 996 997 arprequest(ifp, &satocsin(rt->rt_ifa->ifa_addr)->sin_addr, 998 &satocsin(dst)->sin_addr, enaddr); 999 return error; 1000 } 1001 1002 LLE_RUNLOCK(la); 1003 return error; 1004 1005 bad: 1006 m_freem(m); 1007 if (rt != NULL && (rt->rt_flags & RTF_CLONED) != 0) { 1008 rtrequest(RTM_DELETE, rt_getkey(rt), 1009 rt->rt_gateway, rt_mask(rt), rt->rt_flags, NULL); 1010 } 1011 return error; 1012 } 1013 1014 /* 1015 * Common length and type checks are done here, 1016 * then the protocol-specific routine is called. 1017 */ 1018 void 1019 arpintr(void) 1020 { 1021 struct mbuf *m; 1022 struct arphdr *ar; 1023 int s; 1024 int arplen; 1025 1026 mutex_enter(softnet_lock); 1027 KERNEL_LOCK(1, NULL); 1028 while (arpintrq.ifq_head) { 1029 s = splnet(); 1030 IF_DEQUEUE(&arpintrq, m); 1031 splx(s); 1032 if (m == NULL || (m->m_flags & M_PKTHDR) == 0) 1033 panic("arpintr"); 1034 1035 MCLAIM(m, &arpdomain.dom_mowner); 1036 ARP_STATINC(ARP_STAT_RCVTOTAL); 1037 1038 /* 1039 * First, make sure we have at least struct arphdr. 1040 */ 1041 if (m->m_len < sizeof(struct arphdr) || 1042 (ar = mtod(m, struct arphdr *)) == NULL) 1043 goto badlen; 1044 1045 switch (m->m_pkthdr.rcvif->if_type) { 1046 case IFT_IEEE1394: 1047 arplen = sizeof(struct arphdr) + 1048 ar->ar_hln + 2 * ar->ar_pln; 1049 break; 1050 default: 1051 arplen = sizeof(struct arphdr) + 1052 2 * ar->ar_hln + 2 * ar->ar_pln; 1053 break; 1054 } 1055 1056 if (/* XXX ntohs(ar->ar_hrd) == ARPHRD_ETHER && */ 1057 m->m_len >= arplen) 1058 switch (ntohs(ar->ar_pro)) { 1059 case ETHERTYPE_IP: 1060 case ETHERTYPE_IPTRAILERS: 1061 in_arpinput(m); 1062 continue; 1063 default: 1064 ARP_STATINC(ARP_STAT_RCVBADPROTO); 1065 } 1066 else { 1067 badlen: 1068 ARP_STATINC(ARP_STAT_RCVBADLEN); 1069 } 1070 m_freem(m); 1071 } 1072 KERNEL_UNLOCK_ONE(NULL); 1073 mutex_exit(softnet_lock); 1074 } 1075 1076 /* 1077 * ARP for Internet protocols on 10 Mb/s Ethernet. 1078 * Algorithm is that given in RFC 826. 1079 * In addition, a sanity check is performed on the sender 1080 * protocol address, to catch impersonators. 1081 * We no longer handle negotiations for use of trailer protocol: 1082 * Formerly, ARP replied for protocol type ETHERTYPE_TRAIL sent 1083 * along with IP replies if we wanted trailers sent to us, 1084 * and also sent them in response to IP replies. 1085 * This allowed either end to announce the desire to receive 1086 * trailer packets. 1087 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either, 1088 * but formerly didn't normally send requests. 1089 */ 1090 static void 1091 in_arpinput(struct mbuf *m) 1092 { 1093 struct arphdr *ah; 1094 struct ifnet *ifp = m->m_pkthdr.rcvif; 1095 struct llentry *la = NULL; 1096 struct rtentry *rt = NULL; 1097 struct in_ifaddr *ia; 1098 #if NBRIDGE > 0 1099 struct in_ifaddr *bridge_ia = NULL; 1100 #endif 1101 #if NCARP > 0 1102 u_int32_t count = 0, index = 0; 1103 #endif 1104 struct sockaddr_dl *sdl = NULL; 1105 struct sockaddr sa; 1106 struct in_addr isaddr, itaddr, myaddr; 1107 int op; 1108 void *tha; 1109 uint64_t *arps; 1110 1111 if (__predict_false(m_makewritable(&m, 0, m->m_pkthdr.len, M_DONTWAIT))) 1112 goto out; 1113 ah = mtod(m, struct arphdr *); 1114 op = ntohs(ah->ar_op); 1115 1116 /* 1117 * Fix up ah->ar_hrd if necessary, before using ar_tha() or 1118 * ar_tpa(). 1119 */ 1120 switch (ifp->if_type) { 1121 case IFT_IEEE1394: 1122 if (ntohs(ah->ar_hrd) == ARPHRD_IEEE1394) 1123 ; 1124 else { 1125 /* XXX this is to make sure we compute ar_tha right */ 1126 /* XXX check ar_hrd more strictly? */ 1127 ah->ar_hrd = htons(ARPHRD_IEEE1394); 1128 } 1129 break; 1130 default: 1131 /* XXX check ar_hrd? */ 1132 break; 1133 } 1134 1135 memcpy(&isaddr, ar_spa(ah), sizeof (isaddr)); 1136 memcpy(&itaddr, ar_tpa(ah), sizeof (itaddr)); 1137 1138 if (m->m_flags & (M_BCAST|M_MCAST)) 1139 ARP_STATINC(ARP_STAT_RCVMCAST); 1140 1141 1142 /* 1143 * Search for a matching interface address 1144 * or any address on the interface to use 1145 * as a dummy address in the rest of this function 1146 */ 1147 1148 INADDR_TO_IA(itaddr, ia); 1149 while (ia != NULL) { 1150 #if NCARP > 0 1151 if (ia->ia_ifp->if_type == IFT_CARP && 1152 ((ia->ia_ifp->if_flags & (IFF_UP|IFF_RUNNING)) == 1153 (IFF_UP|IFF_RUNNING))) { 1154 index++; 1155 if (ia->ia_ifp == m->m_pkthdr.rcvif && 1156 carp_iamatch(ia, ar_sha(ah), 1157 &count, index)) { 1158 break; 1159 } 1160 } else 1161 #endif 1162 if (ia->ia_ifp == m->m_pkthdr.rcvif) 1163 break; 1164 #if NBRIDGE > 0 1165 /* 1166 * If the interface we received the packet on 1167 * is part of a bridge, check to see if we need 1168 * to "bridge" the packet to ourselves at this 1169 * layer. Note we still prefer a perfect match, 1170 * but allow this weaker match if necessary. 1171 */ 1172 if (m->m_pkthdr.rcvif->if_bridge != NULL && 1173 m->m_pkthdr.rcvif->if_bridge == ia->ia_ifp->if_bridge) 1174 bridge_ia = ia; 1175 #endif /* NBRIDGE > 0 */ 1176 1177 NEXT_IA_WITH_SAME_ADDR(ia); 1178 } 1179 1180 #if NBRIDGE > 0 1181 if (ia == NULL && bridge_ia != NULL) { 1182 ia = bridge_ia; 1183 ifp = bridge_ia->ia_ifp; 1184 } 1185 #endif 1186 1187 if (ia == NULL) { 1188 INADDR_TO_IA(isaddr, ia); 1189 while ((ia != NULL) && ia->ia_ifp != m->m_pkthdr.rcvif) 1190 NEXT_IA_WITH_SAME_ADDR(ia); 1191 1192 if (ia == NULL) { 1193 IFP_TO_IA(ifp, ia); 1194 if (ia == NULL) { 1195 ARP_STATINC(ARP_STAT_RCVNOINT); 1196 goto out; 1197 } 1198 } 1199 } 1200 1201 myaddr = ia->ia_addr.sin_addr; 1202 1203 /* XXX checks for bridge case? */ 1204 if (!memcmp(ar_sha(ah), CLLADDR(ifp->if_sadl), ifp->if_addrlen)) { 1205 ARP_STATINC(ARP_STAT_RCVLOCALSHA); 1206 goto out; /* it's from me, ignore it. */ 1207 } 1208 1209 /* XXX checks for bridge case? */ 1210 if (!memcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) { 1211 ARP_STATINC(ARP_STAT_RCVBCASTSHA); 1212 log(LOG_ERR, 1213 "%s: arp: link address is broadcast for IP address %s!\n", 1214 ifp->if_xname, in_fmtaddr(isaddr)); 1215 goto out; 1216 } 1217 1218 /* 1219 * If the source IP address is zero, this is an RFC 5227 ARP probe 1220 */ 1221 if (in_nullhost(isaddr)) 1222 ARP_STATINC(ARP_STAT_RCVZEROSPA); 1223 else if (in_hosteq(isaddr, myaddr)) 1224 ARP_STATINC(ARP_STAT_RCVLOCALSPA); 1225 1226 if (in_nullhost(itaddr)) 1227 ARP_STATINC(ARP_STAT_RCVZEROTPA); 1228 1229 /* DAD check, RFC 5227 2.1.1, Probe Details */ 1230 if (in_hosteq(isaddr, myaddr) || 1231 (in_nullhost(isaddr) && in_hosteq(itaddr, myaddr))) 1232 { 1233 /* If our address is tentative, mark it as duplicated */ 1234 if (ia->ia4_flags & IN_IFF_TENTATIVE) 1235 arp_dad_duplicated((struct ifaddr *)ia); 1236 /* If our address is unuseable, don't reply */ 1237 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 1238 goto out; 1239 } 1240 1241 /* 1242 * If the target IP address is zero, ignore the packet. 1243 * This prevents the code below from tring to answer 1244 * when we are using IP address zero (booting). 1245 */ 1246 if (in_nullhost(itaddr)) 1247 goto out; 1248 1249 if (in_nullhost(isaddr)) 1250 goto reply; 1251 1252 if (in_hosteq(isaddr, myaddr)) { 1253 log(LOG_ERR, 1254 "duplicate IP address %s sent from link address %s\n", 1255 in_fmtaddr(isaddr), lla_snprintf(ar_sha(ah), ah->ar_hln)); 1256 itaddr = myaddr; 1257 goto reply; 1258 } 1259 1260 la = arplookup(ifp, m, &isaddr, in_hosteq(itaddr, myaddr), 0, 1, NULL); 1261 if (la != NULL) { 1262 rt = la->la_rt; 1263 if (rt != NULL) 1264 sdl = satosdl(rt->rt_gateway); 1265 } 1266 if (sdl == NULL) 1267 goto reply; 1268 1269 if (sdl->sdl_alen && memcmp(ar_sha(ah), CLLADDR(sdl), sdl->sdl_alen)) { 1270 if (rt->rt_flags & RTF_STATIC) { 1271 ARP_STATINC(ARP_STAT_RCVOVERPERM); 1272 if (!log_permanent_modify) 1273 goto out; 1274 log(LOG_INFO, 1275 "%s tried to overwrite permanent arp info" 1276 " for %s\n", 1277 lla_snprintf(ar_sha(ah), ah->ar_hln), 1278 in_fmtaddr(isaddr)); 1279 goto out; 1280 } else if (rt->rt_ifp != ifp) { 1281 ARP_STATINC(ARP_STAT_RCVOVERINT); 1282 if (!log_wrong_iface) 1283 goto out; 1284 log(LOG_INFO, 1285 "%s on %s tried to overwrite " 1286 "arp info for %s on %s\n", 1287 lla_snprintf(ar_sha(ah), ah->ar_hln), 1288 ifp->if_xname, in_fmtaddr(isaddr), 1289 rt->rt_ifp->if_xname); 1290 goto out; 1291 } else { 1292 ARP_STATINC(ARP_STAT_RCVOVER); 1293 if (log_movements) 1294 log(LOG_INFO, "arp info overwritten " 1295 "for %s by %s\n", 1296 in_fmtaddr(isaddr), 1297 lla_snprintf(ar_sha(ah), 1298 ah->ar_hln)); 1299 } 1300 } 1301 1302 /* 1303 * sanity check for the address length. 1304 * XXX this does not work for protocols with variable address 1305 * length. -is 1306 */ 1307 if (sdl->sdl_alen && sdl->sdl_alen != ah->ar_hln) { 1308 ARP_STATINC(ARP_STAT_RCVLENCHG); 1309 log(LOG_WARNING, 1310 "arp from %s: new addr len %d, was %d\n", 1311 in_fmtaddr(isaddr), ah->ar_hln, sdl->sdl_alen); 1312 } 1313 if (ifp->if_addrlen != ah->ar_hln) { 1314 ARP_STATINC(ARP_STAT_RCVBADLEN); 1315 log(LOG_WARNING, 1316 "arp from %s: addr len: new %d, i/f %d (ignored)\n", 1317 in_fmtaddr(isaddr), ah->ar_hln, 1318 ifp->if_addrlen); 1319 goto reply; 1320 } 1321 1322 #if NTOKEN > 0 1323 /* 1324 * XXX uses m_data and assumes the complete answer including 1325 * XXX token-ring headers is in the same buf 1326 */ 1327 if (ifp->if_type == IFT_ISO88025) { 1328 struct token_header *trh; 1329 1330 trh = (struct token_header *)M_TRHSTART(m); 1331 if (trh->token_shost[0] & TOKEN_RI_PRESENT) { 1332 struct token_rif *rif; 1333 size_t riflen; 1334 1335 rif = TOKEN_RIF(trh); 1336 riflen = (ntohs(rif->tr_rcf) & 1337 TOKEN_RCF_LEN_MASK) >> 8; 1338 1339 if (riflen > 2 && 1340 riflen < sizeof(struct token_rif) && 1341 (riflen & 1) == 0) { 1342 rif->tr_rcf ^= htons(TOKEN_RCF_DIRECTION); 1343 rif->tr_rcf &= htons(~TOKEN_RCF_BROADCAST_MASK); 1344 memcpy(TOKEN_RIF_LLE(la), rif, riflen); 1345 } 1346 } 1347 } 1348 #endif /* NTOKEN > 0 */ 1349 (void)sockaddr_dl_setaddr(sdl, sdl->sdl_len, ar_sha(ah), ah->ar_hln); 1350 if (rt->rt_expire) { 1351 rt->rt_expire = time_uptime + arpt_keep; 1352 1353 KASSERT((la->la_flags & LLE_STATIC) == 0); 1354 arp_settimer(la, arpt_keep); 1355 } 1356 rt->rt_flags &= ~RTF_REJECT; 1357 la->la_asked = 0; 1358 1359 if (la->la_hold != NULL) { 1360 int n = la->la_numheld; 1361 struct mbuf *m_hold, *m_hold_next; 1362 1363 m_hold = la->la_hold; 1364 la->la_hold = NULL; 1365 la->la_numheld = 0; 1366 /* 1367 * We have to unlock here because if_output would call 1368 * arpresolve 1369 */ 1370 LLE_WUNLOCK(la); 1371 ARP_STATADD(ARP_STAT_DFRSENT, n); 1372 for (; m_hold != NULL; m_hold = m_hold_next) { 1373 m_hold_next = m_hold->m_nextpkt; 1374 m_hold->m_nextpkt = NULL; 1375 (*ifp->if_output)(ifp, m_hold, rt_getkey(rt), rt); 1376 } 1377 } else 1378 LLE_WUNLOCK(la); 1379 la = NULL; 1380 1381 reply: 1382 if (la != NULL) { 1383 LLE_WUNLOCK(la); 1384 la = NULL; 1385 } 1386 if (op != ARPOP_REQUEST) { 1387 if (op == ARPOP_REPLY) 1388 ARP_STATINC(ARP_STAT_RCVREPLY); 1389 goto out; 1390 } 1391 ARP_STATINC(ARP_STAT_RCVREQUEST); 1392 if (in_hosteq(itaddr, myaddr)) { 1393 /* If our address is unuseable, don't reply */ 1394 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 1395 goto out; 1396 /* I am the target */ 1397 tha = ar_tha(ah); 1398 if (tha) 1399 memcpy(tha, ar_sha(ah), ah->ar_hln); 1400 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln); 1401 } else { 1402 la = arplookup(ifp, m, &itaddr, 0, SIN_PROXY, 0, NULL); 1403 if (la == NULL) 1404 goto out; 1405 rt = la->la_rt; 1406 LLE_RUNLOCK(la); 1407 la = NULL; 1408 if (rt->rt_ifp->if_type == IFT_CARP && 1409 m->m_pkthdr.rcvif->if_type != IFT_CARP) 1410 goto out; 1411 tha = ar_tha(ah); 1412 if (tha) 1413 memcpy(tha, ar_sha(ah), ah->ar_hln); 1414 sdl = satosdl(rt->rt_gateway); 1415 memcpy(ar_sha(ah), CLLADDR(sdl), ah->ar_hln); 1416 } 1417 1418 memcpy(ar_tpa(ah), ar_spa(ah), ah->ar_pln); 1419 memcpy(ar_spa(ah), &itaddr, ah->ar_pln); 1420 ah->ar_op = htons(ARPOP_REPLY); 1421 ah->ar_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 1422 switch (ifp->if_type) { 1423 case IFT_IEEE1394: 1424 /* 1425 * ieee1394 arp reply is broadcast 1426 */ 1427 m->m_flags &= ~M_MCAST; 1428 m->m_flags |= M_BCAST; 1429 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + ah->ar_hln; 1430 break; 1431 1432 default: 1433 m->m_flags &= ~(M_BCAST|M_MCAST); /* never reply by broadcast */ 1434 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + (2 * ah->ar_hln); 1435 break; 1436 } 1437 m->m_pkthdr.len = m->m_len; 1438 sa.sa_family = AF_ARP; 1439 sa.sa_len = 2; 1440 arps = ARP_STAT_GETREF(); 1441 arps[ARP_STAT_SNDTOTAL]++; 1442 arps[ARP_STAT_SNDREPLY]++; 1443 ARP_STAT_PUTREF(); 1444 (*ifp->if_output)(ifp, m, &sa, NULL); 1445 return; 1446 1447 out: 1448 if (la != NULL) 1449 LLE_WUNLOCK(la); 1450 m_freem(m); 1451 } 1452 1453 /* 1454 * Free an arp entry. 1455 */ 1456 static void arptfree(struct rtentry *rt) 1457 { 1458 1459 /* We still need to hold the locks */ 1460 mutex_enter(softnet_lock); 1461 KERNEL_LOCK(1, NULL); 1462 1463 rtrequest(RTM_DELETE, rt_getkey(rt), NULL, rt_mask(rt), 0, NULL); 1464 rtfree(rt); 1465 1466 KERNEL_UNLOCK_ONE(NULL); 1467 mutex_exit(softnet_lock); 1468 } 1469 1470 /* 1471 * Lookup or enter a new address in arptab. 1472 */ 1473 static struct llentry * 1474 arplookup(struct ifnet *ifp, struct mbuf *m, const struct in_addr *addr, 1475 int create, int proxy, int wlock, struct rtentry *rt0) 1476 { 1477 struct arphdr *ah; 1478 struct rtentry *rt; 1479 struct sockaddr_inarp sin; 1480 const char *why = NULL; 1481 1482 ah = mtod(m, struct arphdr *); 1483 if (rt0 == NULL) { 1484 memset(&sin, 0, sizeof(sin)); 1485 sin.sin_len = sizeof(sin); 1486 sin.sin_family = AF_INET; 1487 sin.sin_addr = *addr; 1488 sin.sin_other = proxy ? SIN_PROXY : 0; 1489 rt = rtalloc1(sintosa(&sin), create); 1490 if (rt == NULL) 1491 return NULL; 1492 rt->rt_refcnt--; 1493 } else 1494 rt = rt0; 1495 1496 #define IS_LLINFO(__rt) \ 1497 (((__rt)->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) == RTF_LLINFO && \ 1498 (__rt)->rt_gateway->sa_family == AF_LINK) 1499 1500 1501 if (IS_LLINFO(rt)) { 1502 struct llentry *la; 1503 int flags = wlock ? LLE_EXCLUSIVE : 0; 1504 1505 IF_AFDATA_RLOCK(ifp); 1506 la = lla_lookup(LLTABLE(ifp), flags, rt_getkey(rt)); 1507 IF_AFDATA_RUNLOCK(ifp); 1508 1509 if (la == NULL && create) { 1510 IF_AFDATA_WLOCK(ifp); 1511 la = lla_create(LLTABLE(ifp), flags, rt_getkey(rt)); 1512 IF_AFDATA_WUNLOCK(ifp); 1513 } 1514 1515 return la; 1516 } 1517 1518 if (create) { 1519 if (rt->rt_flags & RTF_GATEWAY) { 1520 if (log_unknown_network) 1521 why = "host is not on local network"; 1522 } else if ((rt->rt_flags & RTF_LLINFO) == 0) { 1523 ARP_STATINC(ARP_STAT_ALLOCFAIL); 1524 why = "could not allocate llinfo"; 1525 } else 1526 why = "gateway route is not ours"; 1527 if (why) { 1528 log(LOG_DEBUG, "arplookup: unable to enter address" 1529 " for %s@%s on %s (%s)\n", in_fmtaddr(*addr), 1530 lla_snprintf(ar_sha(ah), ah->ar_hln), 1531 (ifp) ? ifp->if_xname : "null", why); 1532 } 1533 if ((rt->rt_flags & RTF_CLONED) != 0) { 1534 rtrequest(RTM_DELETE, rt_getkey(rt), 1535 rt->rt_gateway, rt_mask(rt), rt->rt_flags, NULL); 1536 } 1537 } 1538 return NULL; 1539 } 1540 1541 int 1542 arpioctl(u_long cmd, void *data) 1543 { 1544 1545 return EOPNOTSUPP; 1546 } 1547 1548 void 1549 arp_ifinit(struct ifnet *ifp, struct ifaddr *ifa) 1550 { 1551 struct in_addr *ip; 1552 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1553 1554 /* 1555 * Warn the user if another station has this IP address, 1556 * but only if the interface IP address is not zero. 1557 */ 1558 ip = &IA_SIN(ifa)->sin_addr; 1559 if (!in_nullhost(*ip) && 1560 (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) == 0) 1561 arprequest(ifp, ip, ip, CLLADDR(ifp->if_sadl)); 1562 1563 ifa->ifa_rtrequest = arp_rtrequest; 1564 ifa->ifa_flags |= RTF_CLONING; 1565 1566 /* ARP will handle DAD for this address. */ 1567 if (ia->ia4_flags & IN_IFF_TRYTENTATIVE) { 1568 ia->ia4_flags |= IN_IFF_TENTATIVE; 1569 ia->ia_dad_start = arp_dad_start; 1570 ia->ia_dad_stop = arp_dad_stop; 1571 } 1572 } 1573 1574 TAILQ_HEAD(dadq_head, dadq); 1575 struct dadq { 1576 TAILQ_ENTRY(dadq) dad_list; 1577 struct ifaddr *dad_ifa; 1578 int dad_count; /* max ARP to send */ 1579 int dad_arp_tcount; /* # of trials to send ARP */ 1580 int dad_arp_ocount; /* ARP sent so far */ 1581 int dad_arp_announce; /* max ARP announcements */ 1582 int dad_arp_acount; /* # of announcements */ 1583 struct callout dad_timer_ch; 1584 }; 1585 MALLOC_JUSTDEFINE(M_IPARP, "ARP DAD", "ARP DAD Structure"); 1586 1587 static struct dadq_head dadq; 1588 static int dad_init = 0; 1589 static int dad_maxtry = 15; /* max # of *tries* to transmit DAD packet */ 1590 1591 static struct dadq * 1592 arp_dad_find(struct ifaddr *ifa) 1593 { 1594 struct dadq *dp; 1595 1596 TAILQ_FOREACH(dp, &dadq, dad_list) { 1597 if (dp->dad_ifa == ifa) 1598 return dp; 1599 } 1600 return NULL; 1601 } 1602 1603 static void 1604 arp_dad_starttimer(struct dadq *dp, int ticks) 1605 { 1606 1607 callout_reset(&dp->dad_timer_ch, ticks, 1608 (void (*)(void *))arp_dad_timer, (void *)dp->dad_ifa); 1609 } 1610 1611 static void 1612 arp_dad_stoptimer(struct dadq *dp) 1613 { 1614 1615 callout_stop(&dp->dad_timer_ch); 1616 } 1617 1618 static void 1619 arp_dad_output(struct dadq *dp, struct ifaddr *ifa) 1620 { 1621 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1622 struct ifnet *ifp = ifa->ifa_ifp; 1623 struct in_addr sip; 1624 1625 dp->dad_arp_tcount++; 1626 if ((ifp->if_flags & IFF_UP) == 0) 1627 return; 1628 if ((ifp->if_flags & IFF_RUNNING) == 0) 1629 return; 1630 1631 dp->dad_arp_tcount = 0; 1632 dp->dad_arp_ocount++; 1633 1634 memset(&sip, 0, sizeof(sip)); 1635 arprequest(ifa->ifa_ifp, &sip, &ia->ia_addr.sin_addr, 1636 CLLADDR(ifa->ifa_ifp->if_sadl)); 1637 } 1638 1639 /* 1640 * Start Duplicate Address Detection (DAD) for specified interface address. 1641 */ 1642 static void 1643 arp_dad_start(struct ifaddr *ifa) 1644 { 1645 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1646 struct dadq *dp; 1647 1648 if (!dad_init) { 1649 TAILQ_INIT(&dadq); 1650 dad_init++; 1651 } 1652 1653 /* 1654 * If we don't need DAD, don't do it. 1655 * - DAD is disabled (ip_dad_count == 0) 1656 */ 1657 if (!(ia->ia4_flags & IN_IFF_TENTATIVE)) { 1658 log(LOG_DEBUG, 1659 "arp_dad_start: called with non-tentative address " 1660 "%s(%s)\n", 1661 in_fmtaddr(ia->ia_addr.sin_addr), 1662 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1663 return; 1664 } 1665 if (!ip_dad_count) { 1666 struct in_addr *ip = &IA_SIN(ifa)->sin_addr; 1667 1668 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1669 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 1670 arprequest(ifa->ifa_ifp, ip, ip, 1671 CLLADDR(ifa->ifa_ifp->if_sadl)); 1672 return; 1673 } 1674 if (ifa->ifa_ifp == NULL) 1675 panic("arp_dad_start: ifa->ifa_ifp == NULL"); 1676 if (!(ifa->ifa_ifp->if_flags & IFF_UP)) 1677 return; 1678 if (arp_dad_find(ifa) != NULL) { 1679 /* DAD already in progress */ 1680 return; 1681 } 1682 1683 dp = malloc(sizeof(*dp), M_IPARP, M_NOWAIT); 1684 if (dp == NULL) { 1685 log(LOG_ERR, "arp_dad_start: memory allocation failed for " 1686 "%s(%s)\n", 1687 in_fmtaddr(ia->ia_addr.sin_addr), 1688 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1689 return; 1690 } 1691 memset(dp, 0, sizeof(*dp)); 1692 callout_init(&dp->dad_timer_ch, CALLOUT_MPSAFE); 1693 TAILQ_INSERT_TAIL(&dadq, (struct dadq *)dp, dad_list); 1694 1695 arplog((LOG_DEBUG, "%s: starting DAD for %s\n", if_name(ifa->ifa_ifp), 1696 in_fmtaddr(ia->ia_addr.sin_addr))); 1697 1698 /* 1699 * Send ARP packet for DAD, ip_dad_count times. 1700 * Note that we must delay the first transmission. 1701 */ 1702 dp->dad_ifa = ifa; 1703 ifaref(ifa); /* just for safety */ 1704 dp->dad_count = ip_dad_count; 1705 dp->dad_arp_announce = 0; /* Will be set when starting to announce */ 1706 dp->dad_arp_acount = dp->dad_arp_ocount = dp->dad_arp_tcount = 0; 1707 1708 arp_dad_starttimer(dp, cprng_fast32() % (PROBE_WAIT * hz)); 1709 } 1710 1711 /* 1712 * terminate DAD unconditionally. used for address removals. 1713 */ 1714 static void 1715 arp_dad_stop(struct ifaddr *ifa) 1716 { 1717 struct dadq *dp; 1718 1719 if (!dad_init) 1720 return; 1721 dp = arp_dad_find(ifa); 1722 if (dp == NULL) { 1723 /* DAD wasn't started yet */ 1724 return; 1725 } 1726 1727 arp_dad_stoptimer(dp); 1728 1729 TAILQ_REMOVE(&dadq, dp, dad_list); 1730 free(dp, M_IPARP); 1731 dp = NULL; 1732 ifafree(ifa); 1733 } 1734 1735 static void 1736 arp_dad_timer(struct ifaddr *ifa) 1737 { 1738 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1739 struct dadq *dp; 1740 struct in_addr *ip; 1741 1742 mutex_enter(softnet_lock); 1743 KERNEL_LOCK(1, NULL); 1744 1745 /* Sanity check */ 1746 if (ia == NULL) { 1747 log(LOG_ERR, "arp_dad_timer: called with null parameter\n"); 1748 goto done; 1749 } 1750 dp = arp_dad_find(ifa); 1751 if (dp == NULL) { 1752 log(LOG_ERR, "arp_dad_timer: DAD structure not found\n"); 1753 goto done; 1754 } 1755 if (ia->ia4_flags & IN_IFF_DUPLICATED) { 1756 log(LOG_ERR, "nd4_dad_timer: called with duplicate address " 1757 "%s(%s)\n", 1758 in_fmtaddr(ia->ia_addr.sin_addr), 1759 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1760 goto done; 1761 } 1762 if ((ia->ia4_flags & IN_IFF_TENTATIVE) == 0 && dp->dad_arp_acount == 0){ 1763 log(LOG_ERR, "arp_dad_timer: called with non-tentative address " 1764 "%s(%s)\n", 1765 in_fmtaddr(ia->ia_addr.sin_addr), 1766 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1767 goto done; 1768 } 1769 1770 /* timeouted with IFF_{RUNNING,UP} check */ 1771 if (dp->dad_arp_tcount > dad_maxtry) { 1772 arplog((LOG_INFO, "%s: could not run DAD, driver problem?\n", 1773 if_name(ifa->ifa_ifp))); 1774 1775 TAILQ_REMOVE(&dadq, dp, dad_list); 1776 free(dp, M_IPARP); 1777 dp = NULL; 1778 ifafree(ifa); 1779 goto done; 1780 } 1781 1782 /* Need more checks? */ 1783 if (dp->dad_arp_ocount < dp->dad_count) { 1784 int adelay; 1785 1786 /* 1787 * We have more ARP to go. Send ARP packet for DAD. 1788 */ 1789 arp_dad_output(dp, ifa); 1790 if (dp->dad_arp_ocount < dp->dad_count) 1791 adelay = (PROBE_MIN * hz) + 1792 (cprng_fast32() % 1793 ((PROBE_MAX * hz) - (PROBE_MIN * hz))); 1794 else 1795 adelay = ANNOUNCE_WAIT * hz; 1796 arp_dad_starttimer(dp, adelay); 1797 goto done; 1798 } else if (dp->dad_arp_acount == 0) { 1799 /* 1800 * We are done with DAD. 1801 * No duplicate address found. 1802 */ 1803 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1804 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 1805 arplog((LOG_DEBUG, 1806 "%s: DAD complete for %s - no duplicates found\n", 1807 if_name(ifa->ifa_ifp), 1808 in_fmtaddr(ia->ia_addr.sin_addr))); 1809 dp->dad_arp_announce = ANNOUNCE_NUM; 1810 goto announce; 1811 } else if (dp->dad_arp_acount < dp->dad_arp_announce) { 1812 announce: 1813 /* 1814 * Announce the address. 1815 */ 1816 ip = &IA_SIN(ifa)->sin_addr; 1817 arprequest(ifa->ifa_ifp, ip, ip, 1818 CLLADDR(ifa->ifa_ifp->if_sadl)); 1819 dp->dad_arp_acount++; 1820 if (dp->dad_arp_acount < dp->dad_arp_announce) { 1821 arp_dad_starttimer(dp, ANNOUNCE_INTERVAL * hz); 1822 goto done; 1823 } 1824 arplog((LOG_DEBUG, 1825 "%s: ARP announcement complete for %s\n", 1826 if_name(ifa->ifa_ifp), 1827 in_fmtaddr(ia->ia_addr.sin_addr))); 1828 } 1829 1830 TAILQ_REMOVE(&dadq, dp, dad_list); 1831 free(dp, M_IPARP); 1832 dp = NULL; 1833 ifafree(ifa); 1834 1835 done: 1836 KERNEL_UNLOCK_ONE(NULL); 1837 mutex_exit(softnet_lock); 1838 } 1839 1840 static void 1841 arp_dad_duplicated(struct ifaddr *ifa) 1842 { 1843 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1844 struct ifnet *ifp; 1845 struct dadq *dp; 1846 1847 dp = arp_dad_find(ifa); 1848 if (dp == NULL) { 1849 log(LOG_ERR, "arp_dad_duplicated: DAD structure not found\n"); 1850 return; 1851 } 1852 1853 ifp = ifa->ifa_ifp; 1854 log(LOG_ERR, "%s: DAD detected duplicate IPv4 address %s: " 1855 "ARP out=%d\n", 1856 if_name(ifp), in_fmtaddr(ia->ia_addr.sin_addr), 1857 dp->dad_arp_ocount); 1858 1859 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1860 ia->ia4_flags |= IN_IFF_DUPLICATED; 1861 1862 /* We are done with DAD, with duplicated address found. (failure) */ 1863 arp_dad_stoptimer(dp); 1864 1865 /* Inform the routing socket that DAD has completed */ 1866 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 1867 1868 TAILQ_REMOVE(&dadq, dp, dad_list); 1869 free(dp, M_IPARP); 1870 dp = NULL; 1871 ifafree(ifa); 1872 } 1873 1874 /* 1875 * Called from 10 Mb/s Ethernet interrupt handlers 1876 * when ether packet type ETHERTYPE_REVARP 1877 * is received. Common length and type checks are done here, 1878 * then the protocol-specific routine is called. 1879 */ 1880 void 1881 revarpinput(struct mbuf *m) 1882 { 1883 struct arphdr *ar; 1884 1885 if (m->m_len < sizeof(struct arphdr)) 1886 goto out; 1887 ar = mtod(m, struct arphdr *); 1888 #if 0 /* XXX I don't think we need this... and it will prevent other LL */ 1889 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) 1890 goto out; 1891 #endif 1892 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln)) 1893 goto out; 1894 switch (ntohs(ar->ar_pro)) { 1895 case ETHERTYPE_IP: 1896 case ETHERTYPE_IPTRAILERS: 1897 in_revarpinput(m); 1898 return; 1899 1900 default: 1901 break; 1902 } 1903 out: 1904 m_freem(m); 1905 } 1906 1907 /* 1908 * RARP for Internet protocols on 10 Mb/s Ethernet. 1909 * Algorithm is that given in RFC 903. 1910 * We are only using for bootstrap purposes to get an ip address for one of 1911 * our interfaces. Thus we support no user-interface. 1912 * 1913 * Since the contents of the RARP reply are specific to the interface that 1914 * sent the request, this code must ensure that they are properly associated. 1915 * 1916 * Note: also supports ARP via RARP packets, per the RFC. 1917 */ 1918 void 1919 in_revarpinput(struct mbuf *m) 1920 { 1921 struct ifnet *ifp; 1922 struct arphdr *ah; 1923 void *tha; 1924 int op; 1925 1926 ah = mtod(m, struct arphdr *); 1927 op = ntohs(ah->ar_op); 1928 1929 switch (m->m_pkthdr.rcvif->if_type) { 1930 case IFT_IEEE1394: 1931 /* ARP without target hardware address is not supported */ 1932 goto out; 1933 default: 1934 break; 1935 } 1936 1937 switch (op) { 1938 case ARPOP_REQUEST: 1939 case ARPOP_REPLY: /* per RFC */ 1940 in_arpinput(m); 1941 return; 1942 case ARPOP_REVREPLY: 1943 break; 1944 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 1945 default: 1946 goto out; 1947 } 1948 if (!revarp_in_progress) 1949 goto out; 1950 ifp = m->m_pkthdr.rcvif; 1951 if (ifp != myip_ifp) /* !same interface */ 1952 goto out; 1953 if (myip_initialized) 1954 goto wake; 1955 tha = ar_tha(ah); 1956 if (tha == NULL) 1957 goto out; 1958 if (memcmp(tha, CLLADDR(ifp->if_sadl), ifp->if_sadl->sdl_alen)) 1959 goto out; 1960 memcpy(&srv_ip, ar_spa(ah), sizeof(srv_ip)); 1961 memcpy(&myip, ar_tpa(ah), sizeof(myip)); 1962 myip_initialized = 1; 1963 wake: /* Do wakeup every time in case it was missed. */ 1964 wakeup((void *)&myip); 1965 1966 out: 1967 m_freem(m); 1968 } 1969 1970 /* 1971 * Send a RARP request for the ip address of the specified interface. 1972 * The request should be RFC 903-compliant. 1973 */ 1974 static void 1975 revarprequest(struct ifnet *ifp) 1976 { 1977 struct sockaddr sa; 1978 struct mbuf *m; 1979 struct arphdr *ah; 1980 void *tha; 1981 1982 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 1983 return; 1984 MCLAIM(m, &arpdomain.dom_mowner); 1985 m->m_len = sizeof(*ah) + 2*sizeof(struct in_addr) + 1986 2*ifp->if_addrlen; 1987 m->m_pkthdr.len = m->m_len; 1988 MH_ALIGN(m, m->m_len); 1989 ah = mtod(m, struct arphdr *); 1990 memset(ah, 0, m->m_len); 1991 ah->ar_pro = htons(ETHERTYPE_IP); 1992 ah->ar_hln = ifp->if_addrlen; /* hardware address length */ 1993 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */ 1994 ah->ar_op = htons(ARPOP_REVREQUEST); 1995 1996 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln); 1997 tha = ar_tha(ah); 1998 if (tha == NULL) { 1999 m_free(m); 2000 return; 2001 } 2002 memcpy(tha, CLLADDR(ifp->if_sadl), ah->ar_hln); 2003 2004 sa.sa_family = AF_ARP; 2005 sa.sa_len = 2; 2006 m->m_flags |= M_BCAST; 2007 2008 KERNEL_LOCK(1, NULL); 2009 (*ifp->if_output)(ifp, m, &sa, NULL); 2010 KERNEL_UNLOCK_ONE(NULL); 2011 } 2012 2013 /* 2014 * RARP for the ip address of the specified interface, but also 2015 * save the ip address of the server that sent the answer. 2016 * Timeout if no response is received. 2017 */ 2018 int 2019 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 2020 struct in_addr *clnt_in) 2021 { 2022 int result, count = 20; 2023 2024 myip_initialized = 0; 2025 myip_ifp = ifp; 2026 2027 revarp_in_progress = 1; 2028 while (count--) { 2029 revarprequest(ifp); 2030 result = tsleep((void *)&myip, PSOCK, "revarp", hz/2); 2031 if (result != EWOULDBLOCK) 2032 break; 2033 } 2034 revarp_in_progress = 0; 2035 2036 if (!myip_initialized) 2037 return ENETUNREACH; 2038 2039 memcpy(serv_in, &srv_ip, sizeof(*serv_in)); 2040 memcpy(clnt_in, &myip, sizeof(*clnt_in)); 2041 return 0; 2042 } 2043 2044 2045 2046 #ifdef DDB 2047 2048 #include <machine/db_machdep.h> 2049 #include <ddb/db_interface.h> 2050 #include <ddb/db_output.h> 2051 2052 static void 2053 db_print_sa(const struct sockaddr *sa) 2054 { 2055 int len; 2056 const u_char *p; 2057 2058 if (sa == NULL) { 2059 db_printf("[NULL]"); 2060 return; 2061 } 2062 2063 p = (const u_char *)sa; 2064 len = sa->sa_len; 2065 db_printf("["); 2066 while (len > 0) { 2067 db_printf("%d", *p); 2068 p++; len--; 2069 if (len) db_printf(","); 2070 } 2071 db_printf("]\n"); 2072 } 2073 2074 static void 2075 db_print_ifa(struct ifaddr *ifa) 2076 { 2077 if (ifa == NULL) 2078 return; 2079 db_printf(" ifa_addr="); 2080 db_print_sa(ifa->ifa_addr); 2081 db_printf(" ifa_dsta="); 2082 db_print_sa(ifa->ifa_dstaddr); 2083 db_printf(" ifa_mask="); 2084 db_print_sa(ifa->ifa_netmask); 2085 db_printf(" flags=0x%x,refcnt=%d,metric=%d\n", 2086 ifa->ifa_flags, 2087 ifa->ifa_refcnt, 2088 ifa->ifa_metric); 2089 } 2090 2091 static void 2092 db_print_llinfo(struct llentry *la) 2093 { 2094 if (la == NULL) 2095 return; 2096 db_printf(" la_rt=%p la_hold=%p, la_asked=%d\n", 2097 la->la_rt, la->la_hold, la->la_asked); 2098 db_printf(" la_flags=0x%x\n", la->la_flags); 2099 } 2100 2101 /* 2102 * Function to pass to rt_walktree(). 2103 * Return non-zero error to abort walk. 2104 */ 2105 static int 2106 db_show_rtentry(struct rtentry *rt, void *w) 2107 { 2108 db_printf("rtentry=%p", rt); 2109 2110 db_printf(" flags=0x%x refcnt=%d use=%"PRId64" expire=%"PRId64"\n", 2111 rt->rt_flags, rt->rt_refcnt, 2112 rt->rt_use, (uint64_t)rt->rt_expire); 2113 2114 db_printf(" key="); db_print_sa(rt_getkey(rt)); 2115 db_printf(" mask="); db_print_sa(rt_mask(rt)); 2116 db_printf(" gw="); db_print_sa(rt->rt_gateway); 2117 2118 db_printf(" ifp=%p ", rt->rt_ifp); 2119 if (rt->rt_ifp) 2120 db_printf("(%s)", rt->rt_ifp->if_xname); 2121 else 2122 db_printf("(NULL)"); 2123 2124 db_printf(" ifa=%p\n", rt->rt_ifa); 2125 db_print_ifa(rt->rt_ifa); 2126 2127 db_printf(" gwroute=%p llinfo=%p\n", 2128 rt->rt_gwroute, rt->rt_llinfo); 2129 db_print_llinfo(rt->rt_llinfo); 2130 2131 return 0; 2132 } 2133 2134 /* 2135 * Function to print all the route trees. 2136 * Use this from ddb: "show arptab" 2137 */ 2138 void 2139 db_show_arptab(db_expr_t addr, bool have_addr, 2140 db_expr_t count, const char *modif) 2141 { 2142 rt_walktree(AF_INET, db_show_rtentry, NULL); 2143 } 2144 #endif 2145 2146 void 2147 arp_stat_add(int type, uint64_t count) 2148 { 2149 ARP_STATADD(type, count); 2150 } 2151 2152 static int 2153 sysctl_net_inet_arp_stats(SYSCTLFN_ARGS) 2154 { 2155 2156 return NETSTAT_SYSCTL(arpstat_percpu, ARP_NSTATS); 2157 } 2158 2159 static void 2160 sysctl_net_inet_arp_setup(struct sysctllog **clog) 2161 { 2162 const struct sysctlnode *node; 2163 2164 sysctl_createv(clog, 0, NULL, NULL, 2165 CTLFLAG_PERMANENT, 2166 CTLTYPE_NODE, "inet", NULL, 2167 NULL, 0, NULL, 0, 2168 CTL_NET, PF_INET, CTL_EOL); 2169 sysctl_createv(clog, 0, NULL, &node, 2170 CTLFLAG_PERMANENT, 2171 CTLTYPE_NODE, "arp", 2172 SYSCTL_DESCR("Address Resolution Protocol"), 2173 NULL, 0, NULL, 0, 2174 CTL_NET, PF_INET, CTL_CREATE, CTL_EOL); 2175 2176 sysctl_createv(clog, 0, NULL, NULL, 2177 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2178 CTLTYPE_INT, "keep", 2179 SYSCTL_DESCR("Valid ARP entry lifetime in seconds"), 2180 NULL, 0, &arpt_keep, 0, 2181 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2182 2183 sysctl_createv(clog, 0, NULL, NULL, 2184 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2185 CTLTYPE_INT, "down", 2186 SYSCTL_DESCR("Failed ARP entry lifetime in seconds"), 2187 NULL, 0, &arpt_down, 0, 2188 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2189 2190 sysctl_createv(clog, 0, NULL, NULL, 2191 CTLFLAG_PERMANENT, 2192 CTLTYPE_STRUCT, "stats", 2193 SYSCTL_DESCR("ARP statistics"), 2194 sysctl_net_inet_arp_stats, 0, NULL, 0, 2195 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2196 2197 sysctl_createv(clog, 0, NULL, NULL, 2198 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2199 CTLTYPE_INT, "log_movements", 2200 SYSCTL_DESCR("log ARP replies from MACs different than" 2201 " the one in the cache"), 2202 NULL, 0, &log_movements, 0, 2203 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2204 2205 sysctl_createv(clog, 0, NULL, NULL, 2206 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2207 CTLTYPE_INT, "log_permanent_modify", 2208 SYSCTL_DESCR("log ARP replies from MACs different than" 2209 " the one in the permanent arp entry"), 2210 NULL, 0, &log_permanent_modify, 0, 2211 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2212 2213 sysctl_createv(clog, 0, NULL, NULL, 2214 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2215 CTLTYPE_INT, "log_wrong_iface", 2216 SYSCTL_DESCR("log ARP packets arriving on the wrong" 2217 " interface"), 2218 NULL, 0, &log_wrong_iface, 0, 2219 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2220 2221 sysctl_createv(clog, 0, NULL, NULL, 2222 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2223 CTLTYPE_INT, "log_unknown_network", 2224 SYSCTL_DESCR("log ARP packets from non-local network"), 2225 NULL, 0, &log_unknown_network, 0, 2226 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2227 2228 sysctl_createv(clog, 0, NULL, NULL, 2229 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2230 CTLTYPE_INT, "debug", 2231 SYSCTL_DESCR("Enable ARP DAD debug output"), 2232 NULL, 0, &arp_debug, 0, 2233 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2234 } 2235 2236 #endif /* INET */ 2237