1 /* $OpenBSD: if_ether.c,v 1.233 2018/01/16 10:33:55 mpi Exp $ */ 2 /* $NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)if_ether.c 8.1 (Berkeley) 6/10/93 33 */ 34 35 /* 36 * Ethernet address resolution protocol. 37 * TODO: 38 * add "inuse/lock" bit (or ref. count) along with valid bit 39 */ 40 41 #include "carp.h" 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/mbuf.h> 46 #include <sys/socket.h> 47 #include <sys/timeout.h> 48 #include <sys/kernel.h> 49 #include <sys/syslog.h> 50 #include <sys/queue.h> 51 #include <sys/pool.h> 52 53 #include <net/if.h> 54 #include <net/if_var.h> 55 #include <net/if_dl.h> 56 #include <net/route.h> 57 #include <net/if_types.h> 58 #include <net/netisr.h> 59 60 #include <netinet/in.h> 61 #include <netinet/in_var.h> 62 #include <netinet/if_ether.h> 63 #if NCARP > 0 64 #include <netinet/ip_carp.h> 65 #endif 66 67 struct llinfo_arp { 68 LIST_ENTRY(llinfo_arp) la_list; 69 struct rtentry *la_rt; /* backpointer to rtentry */ 70 long la_asked; /* last time we QUERIED */ 71 struct mbuf_list la_ml; /* packet hold queue */ 72 }; 73 #define LA_HOLD_QUEUE 10 74 #define LA_HOLD_TOTAL 100 75 76 /* timer values */ 77 int arpt_prune = (5 * 60); /* walk list every 5 minutes */ 78 int arpt_keep = (20 * 60); /* once resolved, cache for 20 minutes */ 79 int arpt_down = 20; /* once declared down, don't send for 20 secs */ 80 81 void arpinvalidate(struct rtentry *); 82 void arptfree(struct rtentry *); 83 void arptimer(void *); 84 struct rtentry *arplookup(struct in_addr *, int, int, unsigned int); 85 void in_arpinput(struct ifnet *, struct mbuf *); 86 void in_revarpinput(struct ifnet *, struct mbuf *); 87 int arpcache(struct ifnet *, struct ether_arp *, struct rtentry *); 88 void arpreply(struct ifnet *, struct mbuf *, struct in_addr *, uint8_t *); 89 90 struct niqueue arpinq = NIQUEUE_INITIALIZER(50, NETISR_ARP); 91 92 LIST_HEAD(, llinfo_arp) arp_list; 93 struct pool arp_pool; /* pool for llinfo_arp structures */ 94 int arp_maxtries = 5; 95 int arpinit_done; 96 int la_hold_total; 97 98 #ifdef NFSCLIENT 99 /* revarp state */ 100 struct in_addr revarp_myip, revarp_srvip; 101 int revarp_finished; 102 unsigned int revarp_ifidx; 103 #endif /* NFSCLIENT */ 104 105 /* 106 * Timeout routine. Age arp_tab entries periodically. 107 */ 108 /* ARGSUSED */ 109 void 110 arptimer(void *arg) 111 { 112 struct timeout *to = (struct timeout *)arg; 113 struct llinfo_arp *la, *nla; 114 115 NET_LOCK(); 116 timeout_add_sec(to, arpt_prune); 117 LIST_FOREACH_SAFE(la, &arp_list, la_list, nla) { 118 struct rtentry *rt = la->la_rt; 119 120 if (rt->rt_expire && rt->rt_expire <= time_uptime) 121 arptfree(rt); /* timer has expired; clear */ 122 } 123 NET_UNLOCK(); 124 } 125 126 void 127 arp_rtrequest(struct ifnet *ifp, int req, struct rtentry *rt) 128 { 129 struct sockaddr *gate = rt->rt_gateway; 130 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 131 struct ifaddr *ifa; 132 133 if (!arpinit_done) { 134 static struct timeout arptimer_to; 135 136 arpinit_done = 1; 137 pool_init(&arp_pool, sizeof(struct llinfo_arp), 0, 138 IPL_SOFTNET, 0, "arp", NULL); 139 140 timeout_set_proc(&arptimer_to, arptimer, &arptimer_to); 141 timeout_add_sec(&arptimer_to, 1); 142 } 143 144 if (ISSET(rt->rt_flags, RTF_GATEWAY|RTF_BROADCAST|RTF_MULTICAST)) 145 return; 146 147 switch (req) { 148 149 case RTM_ADD: 150 if (rt->rt_flags & RTF_CLONING || 151 ((rt->rt_flags & (RTF_LLINFO | RTF_LOCAL)) && !la)) { 152 /* 153 * Give this route an expiration time, even though 154 * it's a "permanent" route, so that routes cloned 155 * from it do not need their expiration time set. 156 */ 157 rt->rt_expire = time_uptime; 158 if ((rt->rt_flags & RTF_CLONING) != 0) 159 break; 160 } 161 /* 162 * Announce a new entry if requested or warn the user 163 * if another station has this IP address. 164 */ 165 if (rt->rt_flags & (RTF_ANNOUNCE|RTF_LOCAL)) 166 arprequest(ifp, 167 &satosin(rt_key(rt))->sin_addr.s_addr, 168 &satosin(rt_key(rt))->sin_addr.s_addr, 169 (u_char *)LLADDR(satosdl(gate))); 170 /*FALLTHROUGH*/ 171 case RTM_RESOLVE: 172 if (gate->sa_family != AF_LINK || 173 gate->sa_len < sizeof(struct sockaddr_dl)) { 174 log(LOG_DEBUG, "%s: bad gateway value: %s\n", __func__, 175 ifp->if_xname); 176 break; 177 } 178 satosdl(gate)->sdl_type = ifp->if_type; 179 satosdl(gate)->sdl_index = ifp->if_index; 180 if (la != 0) 181 break; /* This happens on a route change */ 182 /* 183 * Case 2: This route may come from cloning, or a manual route 184 * add with a LL address. 185 */ 186 la = pool_get(&arp_pool, PR_NOWAIT | PR_ZERO); 187 rt->rt_llinfo = (caddr_t)la; 188 if (la == NULL) { 189 log(LOG_DEBUG, "%s: pool get failed\n", __func__); 190 break; 191 } 192 193 ml_init(&la->la_ml); 194 la->la_rt = rt; 195 rt->rt_flags |= RTF_LLINFO; 196 LIST_INSERT_HEAD(&arp_list, la, la_list); 197 198 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 199 if ((ifa->ifa_addr->sa_family == AF_INET) && 200 ifatoia(ifa)->ia_addr.sin_addr.s_addr == 201 satosin(rt_key(rt))->sin_addr.s_addr) 202 break; 203 } 204 if (ifa) { 205 KASSERT(ifa == rt->rt_ifa); 206 rt->rt_expire = 0; 207 } 208 break; 209 210 case RTM_DELETE: 211 if (la == NULL) 212 break; 213 LIST_REMOVE(la, la_list); 214 rt->rt_llinfo = NULL; 215 rt->rt_flags &= ~RTF_LLINFO; 216 la_hold_total -= ml_purge(&la->la_ml); 217 pool_put(&arp_pool, la); 218 break; 219 220 case RTM_INVALIDATE: 221 if (!ISSET(rt->rt_flags, RTF_LOCAL)) 222 arpinvalidate(rt); 223 break; 224 } 225 } 226 227 /* 228 * Broadcast an ARP request. Caller specifies: 229 * - arp header source ip address 230 * - arp header target ip address 231 * - arp header source ethernet address 232 */ 233 void 234 arprequest(struct ifnet *ifp, u_int32_t *sip, u_int32_t *tip, u_int8_t *enaddr) 235 { 236 struct mbuf *m; 237 struct ether_header *eh; 238 struct ether_arp *ea; 239 struct sockaddr sa; 240 241 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 242 return; 243 m->m_len = sizeof(*ea); 244 m->m_pkthdr.len = sizeof(*ea); 245 m->m_pkthdr.ph_rtableid = ifp->if_rdomain; 246 m->m_pkthdr.pf.prio = ifp->if_llprio; 247 MH_ALIGN(m, sizeof(*ea)); 248 ea = mtod(m, struct ether_arp *); 249 eh = (struct ether_header *)sa.sa_data; 250 memset(ea, 0, sizeof(*ea)); 251 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 252 eh->ether_type = htons(ETHERTYPE_ARP); /* if_output will not swap */ 253 ea->arp_hrd = htons(ARPHRD_ETHER); 254 ea->arp_pro = htons(ETHERTYPE_IP); 255 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 256 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 257 ea->arp_op = htons(ARPOP_REQUEST); 258 memcpy(eh->ether_shost, enaddr, sizeof(eh->ether_shost)); 259 memcpy(ea->arp_sha, enaddr, sizeof(ea->arp_sha)); 260 memcpy(ea->arp_spa, sip, sizeof(ea->arp_spa)); 261 memcpy(ea->arp_tpa, tip, sizeof(ea->arp_tpa)); 262 sa.sa_family = pseudo_AF_HDRCMPLT; 263 sa.sa_len = sizeof(sa); 264 m->m_flags |= M_BCAST; 265 ifp->if_output(ifp, m, &sa, NULL); 266 } 267 268 void 269 arpreply(struct ifnet *ifp, struct mbuf *m, struct in_addr *sip, uint8_t *eaddr) 270 { 271 struct ether_header *eh; 272 struct ether_arp *ea; 273 struct sockaddr sa; 274 275 ea = mtod(m, struct ether_arp *); 276 ea->arp_op = htons(ARPOP_REPLY); 277 ea->arp_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 278 279 /* We're replying to a request. */ 280 memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); 281 memcpy(ea->arp_tpa, ea->arp_spa, sizeof(ea->arp_spa)); 282 283 memcpy(ea->arp_sha, eaddr, sizeof(ea->arp_sha)); 284 memcpy(ea->arp_spa, sip, sizeof(ea->arp_spa)); 285 286 eh = (struct ether_header *)sa.sa_data; 287 memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost)); 288 memcpy(eh->ether_shost, eaddr, sizeof(eh->ether_shost)); 289 eh->ether_type = htons(ETHERTYPE_ARP); 290 sa.sa_family = pseudo_AF_HDRCMPLT; 291 sa.sa_len = sizeof(sa); 292 ifp->if_output(ifp, m, &sa, NULL); 293 } 294 295 /* 296 * Resolve an IP address into an ethernet address. If success, 297 * desten is filled in. If there is no entry in arptab, 298 * set one up and broadcast a request for the IP address. 299 * Hold onto this mbuf and resend it once the address 300 * is finally resolved. A return value of 0 indicates 301 * that desten has been filled in and the packet should be sent 302 * normally; A return value of EAGAIN indicates that the packet 303 * has been taken over here, either now or for later transmission. 304 * Any other return value indicates an error. 305 */ 306 int 307 arpresolve(struct ifnet *ifp, struct rtentry *rt0, struct mbuf *m, 308 struct sockaddr *dst, u_char *desten) 309 { 310 struct arpcom *ac = (struct arpcom *)ifp; 311 struct llinfo_arp *la = NULL; 312 struct sockaddr_dl *sdl; 313 struct rtentry *rt = NULL; 314 char addr[INET_ADDRSTRLEN]; 315 316 if (m->m_flags & M_BCAST) { /* broadcast */ 317 memcpy(desten, etherbroadcastaddr, sizeof(etherbroadcastaddr)); 318 return (0); 319 } 320 if (m->m_flags & M_MCAST) { /* multicast */ 321 ETHER_MAP_IP_MULTICAST(&satosin(dst)->sin_addr, desten); 322 return (0); 323 } 324 325 rt = rt_getll(rt0); 326 327 if (ISSET(rt->rt_flags, RTF_REJECT) && 328 (rt->rt_expire == 0 || time_uptime < rt->rt_expire)) { 329 m_freem(m); 330 return (rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 331 } 332 333 if (!ISSET(rt->rt_flags, RTF_LLINFO)) { 334 log(LOG_DEBUG, "%s: %s: route contains no arp information\n", 335 __func__, inet_ntop(AF_INET, &satosin(rt_key(rt))->sin_addr, 336 addr, sizeof(addr))); 337 m_freem(m); 338 return (EINVAL); 339 } 340 341 sdl = satosdl(rt->rt_gateway); 342 if (sdl->sdl_alen > 0 && sdl->sdl_alen != ETHER_ADDR_LEN) { 343 log(LOG_DEBUG, "%s: %s: incorrect arp information\n", __func__, 344 inet_ntop(AF_INET, &satosin(dst)->sin_addr, 345 addr, sizeof(addr))); 346 goto bad; 347 } 348 349 /* 350 * Check the address family and length is valid, the address 351 * is resolved; otherwise, try to resolve. 352 */ 353 if ((rt->rt_expire == 0 || rt->rt_expire > time_uptime) && 354 sdl->sdl_family == AF_LINK && sdl->sdl_alen != 0) { 355 memcpy(desten, LLADDR(sdl), sdl->sdl_alen); 356 return (0); 357 } 358 359 if (ifp->if_flags & (IFF_NOARP|IFF_STATICARP)) 360 goto bad; 361 362 /* 363 * There is an arptab entry, but no ethernet address 364 * response yet. Insert mbuf in hold queue if below limit 365 * if above the limit free the queue without queuing the new packet. 366 */ 367 la = (struct llinfo_arp *)rt->rt_llinfo; 368 KASSERT(la != NULL); 369 if (la_hold_total < LA_HOLD_TOTAL && la_hold_total < nmbclust / 64) { 370 struct mbuf *mh; 371 372 if (ml_len(&la->la_ml) >= LA_HOLD_QUEUE) { 373 mh = ml_dequeue(&la->la_ml); 374 la_hold_total--; 375 m_freem(mh); 376 } 377 ml_enqueue(&la->la_ml, m); 378 la_hold_total++; 379 } else { 380 la_hold_total -= ml_purge(&la->la_ml); 381 m_freem(m); 382 } 383 384 /* 385 * Re-send the ARP request when appropriate. 386 */ 387 #ifdef DIAGNOSTIC 388 if (rt->rt_expire == 0) { 389 /* This should never happen. (Should it? -gwr) */ 390 printf("%s: unresolved and rt_expire == 0\n", __func__); 391 /* Set expiration time to now (expired). */ 392 rt->rt_expire = time_uptime; 393 } 394 #endif 395 if (rt->rt_expire) { 396 rt->rt_flags &= ~RTF_REJECT; 397 if (la->la_asked == 0 || rt->rt_expire != time_uptime) { 398 rt->rt_expire = time_uptime; 399 if (la->la_asked++ < arp_maxtries) 400 arprequest(ifp, 401 &satosin(rt->rt_ifa->ifa_addr)->sin_addr.s_addr, 402 &satosin(dst)->sin_addr.s_addr, 403 ac->ac_enaddr); 404 else { 405 rt->rt_flags |= RTF_REJECT; 406 rt->rt_expire += arpt_down; 407 la->la_asked = 0; 408 la_hold_total -= ml_purge(&la->la_ml); 409 } 410 } 411 } 412 413 return (EAGAIN); 414 415 bad: 416 m_freem(m); 417 return (EINVAL); 418 } 419 420 /* 421 * Common length and type checks are done here, 422 * then the protocol-specific routine is called. 423 */ 424 void 425 arpinput(struct ifnet *ifp, struct mbuf *m) 426 { 427 struct arphdr *ar; 428 int len; 429 430 #ifdef DIAGNOSTIC 431 if ((m->m_flags & M_PKTHDR) == 0) 432 panic("arpintr"); 433 #endif 434 435 len = sizeof(struct arphdr); 436 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 437 return; 438 439 ar = mtod(m, struct arphdr *); 440 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER || 441 ntohs(ar->ar_pro) != ETHERTYPE_IP) { 442 m_freem(m); 443 return; 444 } 445 446 len += 2 * (ar->ar_hln + ar->ar_pln); 447 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 448 return; 449 450 niq_enqueue(&arpinq, m); 451 } 452 453 void 454 arpintr(void) 455 { 456 struct mbuf_list ml; 457 struct mbuf *m; 458 struct ifnet *ifp; 459 460 niq_delist(&arpinq, &ml); 461 462 while ((m = ml_dequeue(&ml)) != NULL) { 463 ifp = if_get(m->m_pkthdr.ph_ifidx); 464 465 if (ifp != NULL) 466 in_arpinput(ifp, m); 467 else 468 m_freem(m); 469 470 if_put(ifp); 471 } 472 } 473 474 /* 475 * ARP for Internet protocols on Ethernet, RFC 826. 476 * In addition, a sanity check is performed on the sender 477 * protocol address, to catch impersonators. 478 */ 479 void 480 in_arpinput(struct ifnet *ifp, struct mbuf *m) 481 { 482 struct ether_arp *ea; 483 struct rtentry *rt = NULL; 484 struct sockaddr_in sin; 485 struct in_addr isaddr, itaddr; 486 char addr[INET_ADDRSTRLEN]; 487 int op, target = 0; 488 unsigned int rdomain; 489 490 rdomain = rtable_l2(m->m_pkthdr.ph_rtableid); 491 492 ea = mtod(m, struct ether_arp *); 493 op = ntohs(ea->arp_op); 494 if ((op != ARPOP_REQUEST) && (op != ARPOP_REPLY)) 495 goto out; 496 497 memcpy(&itaddr, ea->arp_tpa, sizeof(itaddr)); 498 memcpy(&isaddr, ea->arp_spa, sizeof(isaddr)); 499 memset(&sin, 0, sizeof(sin)); 500 sin.sin_len = sizeof(sin); 501 sin.sin_family = AF_INET; 502 503 if (ETHER_IS_MULTICAST(&ea->arp_sha[0]) && 504 !memcmp(ea->arp_sha, etherbroadcastaddr, sizeof(ea->arp_sha))) { 505 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 506 log(LOG_ERR, "arp: ether address is broadcast for IP address " 507 "%s!\n", addr); 508 goto out; 509 } 510 511 if (!memcmp(ea->arp_sha, LLADDR(ifp->if_sadl), sizeof(ea->arp_sha))) 512 goto out; /* it's from me, ignore it. */ 513 514 /* Check target against our interface addresses. */ 515 sin.sin_addr = itaddr; 516 rt = rtalloc(sintosa(&sin), 0, rdomain); 517 if (rtisvalid(rt) && ISSET(rt->rt_flags, RTF_LOCAL) && 518 rt->rt_ifidx == ifp->if_index) 519 target = 1; 520 rtfree(rt); 521 rt = NULL; 522 523 #if NCARP > 0 524 if (target && op == ARPOP_REQUEST && ifp->if_type == IFT_CARP && 525 !carp_iamatch(ifp)) 526 goto out; 527 #endif 528 529 /* Do we have an ARP cache for the sender? Create if we are target. */ 530 rt = arplookup(&isaddr, target, 0, rdomain); 531 532 /* Check sender against our interface addresses. */ 533 if (rtisvalid(rt) && ISSET(rt->rt_flags, RTF_LOCAL) && 534 rt->rt_ifidx == ifp->if_index && isaddr.s_addr != INADDR_ANY) { 535 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 536 log(LOG_ERR, "duplicate IP address %s sent from ethernet " 537 "address %s\n", addr, ether_sprintf(ea->arp_sha)); 538 itaddr = isaddr; 539 } else if (rt != NULL) { 540 int error; 541 542 KERNEL_LOCK(); 543 error = arpcache(ifp, ea, rt); 544 KERNEL_UNLOCK(); 545 if (error) 546 goto out; 547 } 548 549 if (op == ARPOP_REQUEST) { 550 uint8_t *eaddr; 551 552 if (target) { 553 /* We already have all info for the reply */ 554 eaddr = LLADDR(ifp->if_sadl); 555 } else { 556 rtfree(rt); 557 rt = arplookup(&itaddr, 0, SIN_PROXY, rdomain); 558 /* 559 * Protect from possible duplicates, only owner 560 * should respond 561 */ 562 if ((rt == NULL) || (rt->rt_ifidx != ifp->if_index)) 563 goto out; 564 eaddr = LLADDR(satosdl(rt->rt_gateway)); 565 } 566 arpreply(ifp, m, &itaddr, eaddr); 567 rtfree(rt); 568 return; 569 } 570 571 out: 572 rtfree(rt); 573 m_freem(m); 574 } 575 576 int 577 arpcache(struct ifnet *ifp, struct ether_arp *ea, struct rtentry *rt) 578 { 579 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 580 struct sockaddr_dl *sdl = satosdl(rt->rt_gateway); 581 struct in_addr *spa = (struct in_addr *)ea->arp_spa; 582 char addr[INET_ADDRSTRLEN]; 583 struct ifnet *rifp; 584 unsigned int len; 585 int changed = 0; 586 587 KERNEL_ASSERT_LOCKED(); 588 KASSERT(sdl != NULL); 589 590 /* 591 * This can happen if the entry has been deleted by another CPU 592 * after we found it. 593 */ 594 if (la == NULL) 595 return (0); 596 597 if (sdl->sdl_alen > 0) { 598 if (memcmp(ea->arp_sha, LLADDR(sdl), sdl->sdl_alen)) { 599 if (ISSET(rt->rt_flags, RTF_PERMANENT_ARP|RTF_LOCAL)) { 600 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 601 log(LOG_WARNING, "arp: attempt to overwrite " 602 "permanent entry for %s by %s on %s\n", addr, 603 ether_sprintf(ea->arp_sha), ifp->if_xname); 604 return (-1); 605 } else if (rt->rt_ifidx != ifp->if_index) { 606 #if NCARP > 0 607 if (ifp->if_type != IFT_CARP) 608 #endif 609 { 610 rifp = if_get(rt->rt_ifidx); 611 if (rifp == NULL) 612 return (-1); 613 inet_ntop(AF_INET, spa, addr, 614 sizeof(addr)); 615 log(LOG_WARNING, "arp: attempt to " 616 "overwrite entry for %s on %s by " 617 "%s on %s\n", addr, rifp->if_xname, 618 ether_sprintf(ea->arp_sha), 619 ifp->if_xname); 620 if_put(rifp); 621 } 622 return (-1); 623 } else { 624 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 625 log(LOG_INFO, "arp info overwritten for %s by " 626 "%s on %s\n", addr, 627 ether_sprintf(ea->arp_sha), ifp->if_xname); 628 rt->rt_expire = 1;/* no longer static */ 629 } 630 changed = 1; 631 } 632 } else if (!if_isconnected(ifp, rt->rt_ifidx)) { 633 rifp = if_get(rt->rt_ifidx); 634 if (rifp == NULL) 635 return (-1); 636 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 637 log(LOG_WARNING, "arp: attempt to add entry for %s on %s by %s" 638 " on %s\n", addr, rifp->if_xname, 639 ether_sprintf(ea->arp_sha), ifp->if_xname); 640 if_put(rifp); 641 return (-1); 642 } 643 sdl->sdl_alen = sizeof(ea->arp_sha); 644 memcpy(LLADDR(sdl), ea->arp_sha, sizeof(ea->arp_sha)); 645 if (rt->rt_expire) 646 rt->rt_expire = time_uptime + arpt_keep; 647 rt->rt_flags &= ~RTF_REJECT; 648 649 /* Notify userland that an ARP resolution has been done. */ 650 if (la->la_asked || changed) { 651 KERNEL_LOCK(); 652 rtm_send(rt, RTM_RESOLVE, 0, ifp->if_rdomain); 653 KERNEL_UNLOCK(); 654 } 655 656 la->la_asked = 0; 657 while ((len = ml_len(&la->la_ml)) != 0) { 658 struct mbuf *mh; 659 660 mh = ml_dequeue(&la->la_ml); 661 la_hold_total--; 662 663 ifp->if_output(ifp, mh, rt_key(rt), rt); 664 665 if (ml_len(&la->la_ml) == len) { 666 /* mbuf is back in queue. Discard. */ 667 while ((mh = ml_dequeue(&la->la_ml)) != NULL) { 668 la_hold_total--; 669 m_freem(mh); 670 } 671 break; 672 } 673 } 674 675 return (0); 676 } 677 678 void 679 arpinvalidate(struct rtentry *rt) 680 { 681 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 682 struct sockaddr_dl *sdl = satosdl(rt->rt_gateway); 683 684 la_hold_total -= ml_purge(&la->la_ml); 685 sdl->sdl_alen = 0; 686 la->la_asked = 0; 687 } 688 689 /* 690 * Free an arp entry. 691 */ 692 void 693 arptfree(struct rtentry *rt) 694 { 695 struct ifnet *ifp; 696 697 KASSERT(!ISSET(rt->rt_flags, RTF_LOCAL)); 698 arpinvalidate(rt); 699 700 ifp = if_get(rt->rt_ifidx); 701 KASSERT(ifp != NULL); 702 if (!ISSET(rt->rt_flags, RTF_STATIC|RTF_CACHED)) 703 rtdeletemsg(rt, ifp, ifp->if_rdomain); 704 if_put(ifp); 705 } 706 707 /* 708 * Lookup or enter a new address in arptab. 709 */ 710 struct rtentry * 711 arplookup(struct in_addr *inp, int create, int proxy, u_int tableid) 712 { 713 struct rtentry *rt; 714 struct sockaddr_inarp sin; 715 int flags; 716 717 memset(&sin, 0, sizeof(sin)); 718 sin.sin_len = sizeof(sin); 719 sin.sin_family = AF_INET; 720 sin.sin_addr.s_addr = inp->s_addr; 721 sin.sin_other = proxy ? SIN_PROXY : 0; 722 flags = (create) ? RT_RESOLVE : 0; 723 724 rt = rtalloc((struct sockaddr *)&sin, flags, tableid); 725 if (!rtisvalid(rt) || ISSET(rt->rt_flags, RTF_GATEWAY) || 726 !ISSET(rt->rt_flags, RTF_LLINFO) || 727 rt->rt_gateway->sa_family != AF_LINK) { 728 rtfree(rt); 729 return (NULL); 730 } 731 732 if (proxy && !ISSET(rt->rt_flags, RTF_ANNOUNCE)) { 733 while ((rt = rtable_iterate(rt)) != NULL) { 734 if (ISSET(rt->rt_flags, RTF_ANNOUNCE)) { 735 break; 736 } 737 } 738 } 739 740 return (rt); 741 } 742 743 /* 744 * Check whether we do proxy ARP for this address and we point to ourselves. 745 */ 746 int 747 arpproxy(struct in_addr in, unsigned int rtableid) 748 { 749 struct sockaddr_dl *sdl; 750 struct rtentry *rt; 751 struct ifnet *ifp; 752 int found = 0; 753 754 rt = arplookup(&in, 0, SIN_PROXY, rtableid); 755 if (!rtisvalid(rt)) { 756 rtfree(rt); 757 return (0); 758 } 759 760 /* Check that arp information are correct. */ 761 sdl = satosdl(rt->rt_gateway); 762 if (sdl->sdl_alen != ETHER_ADDR_LEN) { 763 rtfree(rt); 764 return (0); 765 } 766 767 ifp = if_get(rt->rt_ifidx); 768 if (ifp == NULL) { 769 rtfree(rt); 770 return (0); 771 } 772 773 if (!memcmp(LLADDR(sdl), LLADDR(ifp->if_sadl), sdl->sdl_alen)) 774 found = 1; 775 776 if_put(ifp); 777 rtfree(rt); 778 return (found); 779 } 780 781 /* 782 * Called from Ethernet interrupt handlers 783 * when ether packet type ETHERTYPE_REVARP 784 * is received. Common length and type checks are done here, 785 * then the protocol-specific routine is called. 786 */ 787 void 788 revarpinput(struct ifnet *ifp, struct mbuf *m) 789 { 790 struct arphdr *ar; 791 792 if (m->m_len < sizeof(struct arphdr)) 793 goto out; 794 ar = mtod(m, struct arphdr *); 795 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) 796 goto out; 797 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln)) 798 goto out; 799 switch (ntohs(ar->ar_pro)) { 800 801 case ETHERTYPE_IP: 802 in_revarpinput(ifp, m); 803 return; 804 805 default: 806 break; 807 } 808 out: 809 m_freem(m); 810 } 811 812 /* 813 * RARP for Internet protocols on Ethernet. 814 * Algorithm is that given in RFC 903. 815 * We are only using for bootstrap purposes to get an ip address for one of 816 * our interfaces. Thus we support no user-interface. 817 * 818 * Since the contents of the RARP reply are specific to the interface that 819 * sent the request, this code must ensure that they are properly associated. 820 * 821 * Note: also supports ARP via RARP packets, per the RFC. 822 */ 823 void 824 in_revarpinput(struct ifnet *ifp, struct mbuf *m) 825 { 826 struct ether_arp *ar; 827 int op; 828 829 ar = mtod(m, struct ether_arp *); 830 op = ntohs(ar->arp_op); 831 switch (op) { 832 case ARPOP_REQUEST: 833 case ARPOP_REPLY: /* per RFC */ 834 niq_enqueue(&arpinq, m); 835 return; 836 case ARPOP_REVREPLY: 837 break; 838 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 839 default: 840 goto out; 841 } 842 #ifdef NFSCLIENT 843 if (revarp_ifidx == 0) 844 goto out; 845 if (revarp_ifidx != m->m_pkthdr.ph_ifidx) /* !same interface */ 846 goto out; 847 if (revarp_finished) 848 goto wake; 849 if (memcmp(ar->arp_tha, LLADDR(ifp->if_sadl), sizeof(ar->arp_tha))) 850 goto out; 851 memcpy(&revarp_srvip, ar->arp_spa, sizeof(revarp_srvip)); 852 memcpy(&revarp_myip, ar->arp_tpa, sizeof(revarp_myip)); 853 revarp_finished = 1; 854 wake: /* Do wakeup every time in case it was missed. */ 855 wakeup((caddr_t)&revarp_myip); 856 #endif /* NFSCLIENT */ 857 858 out: 859 m_freem(m); 860 } 861 862 /* 863 * Send a RARP request for the ip address of the specified interface. 864 * The request should be RFC 903-compliant. 865 */ 866 void 867 revarprequest(struct ifnet *ifp) 868 { 869 struct sockaddr sa; 870 struct mbuf *m; 871 struct ether_header *eh; 872 struct ether_arp *ea; 873 struct arpcom *ac = (struct arpcom *)ifp; 874 875 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 876 return; 877 m->m_len = sizeof(*ea); 878 m->m_pkthdr.len = sizeof(*ea); 879 m->m_pkthdr.pf.prio = ifp->if_llprio; 880 MH_ALIGN(m, sizeof(*ea)); 881 ea = mtod(m, struct ether_arp *); 882 eh = (struct ether_header *)sa.sa_data; 883 memset(ea, 0, sizeof(*ea)); 884 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 885 eh->ether_type = htons(ETHERTYPE_REVARP); 886 ea->arp_hrd = htons(ARPHRD_ETHER); 887 ea->arp_pro = htons(ETHERTYPE_IP); 888 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 889 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 890 ea->arp_op = htons(ARPOP_REVREQUEST); 891 memcpy(eh->ether_shost, ac->ac_enaddr, sizeof(ea->arp_tha)); 892 memcpy(ea->arp_sha, ac->ac_enaddr, sizeof(ea->arp_sha)); 893 memcpy(ea->arp_tha, ac->ac_enaddr, sizeof(ea->arp_tha)); 894 sa.sa_family = pseudo_AF_HDRCMPLT; 895 sa.sa_len = sizeof(sa); 896 m->m_flags |= M_BCAST; 897 ifp->if_output(ifp, m, &sa, NULL); 898 } 899 900 #ifdef NFSCLIENT 901 /* 902 * RARP for the ip address of the specified interface, but also 903 * save the ip address of the server that sent the answer. 904 * Timeout if no response is received. 905 */ 906 int 907 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 908 struct in_addr *clnt_in) 909 { 910 int result, count = 20; 911 912 if (revarp_finished) 913 return EIO; 914 915 revarp_ifidx = ifp->if_index; 916 while (count--) { 917 revarprequest(ifp); 918 result = tsleep((caddr_t)&revarp_myip, PSOCK, "revarp", hz/2); 919 if (result != EWOULDBLOCK) 920 break; 921 } 922 revarp_ifidx = 0; 923 if (!revarp_finished) 924 return ENETUNREACH; 925 926 memcpy(serv_in, &revarp_srvip, sizeof(*serv_in)); 927 memcpy(clnt_in, &revarp_myip, sizeof(*clnt_in)); 928 return 0; 929 } 930 931 /* For compatibility: only saves interface address. */ 932 int 933 revarpwhoami(struct in_addr *in, struct ifnet *ifp) 934 { 935 struct in_addr server; 936 return (revarpwhoarewe(ifp, &server, in)); 937 } 938 #endif /* NFSCLIENT */ 939