1 /* $OpenBSD: if_ether.c,v 1.227 2016/12/19 08:36:49 mpi Exp $ */ 2 /* $NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)if_ether.c 8.1 (Berkeley) 6/10/93 33 */ 34 35 /* 36 * Ethernet address resolution protocol. 37 * TODO: 38 * add "inuse/lock" bit (or ref. count) along with valid bit 39 */ 40 41 #include "carp.h" 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/mbuf.h> 46 #include <sys/socket.h> 47 #include <sys/timeout.h> 48 #include <sys/kernel.h> 49 #include <sys/syslog.h> 50 #include <sys/queue.h> 51 #include <sys/pool.h> 52 53 #include <net/if.h> 54 #include <net/if_var.h> 55 #include <net/if_dl.h> 56 #include <net/route.h> 57 #include <net/if_types.h> 58 #include <net/netisr.h> 59 60 #include <netinet/in.h> 61 #include <netinet/in_var.h> 62 #include <netinet/if_ether.h> 63 #if NCARP > 0 64 #include <netinet/ip_carp.h> 65 #endif 66 67 struct llinfo_arp { 68 LIST_ENTRY(llinfo_arp) la_list; 69 struct rtentry *la_rt; /* backpointer to rtentry */ 70 long la_asked; /* last time we QUERIED */ 71 struct mbuf_list la_ml; /* packet hold queue */ 72 }; 73 #define LA_HOLD_QUEUE 10 74 #define LA_HOLD_TOTAL 100 75 76 /* timer values */ 77 int arpt_prune = (5 * 60); /* walk list every 5 minutes */ 78 int arpt_keep = (20 * 60); /* once resolved, cache for 20 minutes */ 79 int arpt_down = 20; /* once declared down, don't send for 20 secs */ 80 81 void arpinvalidate(struct rtentry *); 82 void arptfree(struct rtentry *); 83 void arptimer(void *); 84 struct rtentry *arplookup(struct in_addr *, int, int, unsigned int); 85 void in_arpinput(struct ifnet *, struct mbuf *); 86 void in_revarpinput(struct ifnet *, struct mbuf *); 87 int arpcache(struct ifnet *, struct ether_arp *, struct rtentry *); 88 void arpreply(struct ifnet *, struct mbuf *, struct in_addr *, uint8_t *); 89 90 struct niqueue arpinq = NIQUEUE_INITIALIZER(50, NETISR_ARP); 91 92 LIST_HEAD(, llinfo_arp) arp_list; 93 struct pool arp_pool; /* pool for llinfo_arp structures */ 94 int arp_maxtries = 5; 95 int arpinit_done; 96 int la_hold_total; 97 98 #ifdef NFSCLIENT 99 /* revarp state */ 100 struct in_addr revarp_myip, revarp_srvip; 101 int revarp_finished; 102 unsigned int revarp_ifidx; 103 #endif /* NFSCLIENT */ 104 105 /* 106 * Timeout routine. Age arp_tab entries periodically. 107 */ 108 /* ARGSUSED */ 109 void 110 arptimer(void *arg) 111 { 112 struct timeout *to = (struct timeout *)arg; 113 struct llinfo_arp *la, *nla; 114 int s; 115 116 NET_LOCK(s); 117 timeout_add_sec(to, arpt_prune); 118 LIST_FOREACH_SAFE(la, &arp_list, la_list, nla) { 119 struct rtentry *rt = la->la_rt; 120 121 if (rt->rt_expire && rt->rt_expire <= time_uptime) 122 arptfree(rt); /* timer has expired; clear */ 123 } 124 NET_UNLOCK(s); 125 } 126 127 void 128 arp_rtrequest(struct ifnet *ifp, int req, struct rtentry *rt) 129 { 130 struct sockaddr *gate = rt->rt_gateway; 131 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 132 struct ifaddr *ifa; 133 134 if (!arpinit_done) { 135 static struct timeout arptimer_to; 136 137 arpinit_done = 1; 138 pool_init(&arp_pool, sizeof(struct llinfo_arp), 0, 139 IPL_SOFTNET, 0, "arp", NULL); 140 141 timeout_set_proc(&arptimer_to, arptimer, &arptimer_to); 142 timeout_add_sec(&arptimer_to, 1); 143 } 144 145 if (ISSET(rt->rt_flags, RTF_GATEWAY|RTF_BROADCAST|RTF_MULTICAST)) 146 return; 147 148 switch (req) { 149 150 case RTM_ADD: 151 if (rt->rt_flags & RTF_CLONING || 152 ((rt->rt_flags & (RTF_LLINFO | RTF_LOCAL)) && !la)) { 153 /* 154 * Give this route an expiration time, even though 155 * it's a "permanent" route, so that routes cloned 156 * from it do not need their expiration time set. 157 */ 158 rt->rt_expire = time_uptime; 159 if ((rt->rt_flags & RTF_CLONING) != 0) 160 break; 161 } 162 /* 163 * Announce a new entry if requested or warn the user 164 * if another station has this IP address. 165 */ 166 if (rt->rt_flags & (RTF_ANNOUNCE|RTF_LOCAL)) 167 arprequest(ifp, 168 &satosin(rt_key(rt))->sin_addr.s_addr, 169 &satosin(rt_key(rt))->sin_addr.s_addr, 170 (u_char *)LLADDR(satosdl(gate))); 171 /*FALLTHROUGH*/ 172 case RTM_RESOLVE: 173 if (gate->sa_family != AF_LINK || 174 gate->sa_len < sizeof(struct sockaddr_dl)) { 175 log(LOG_DEBUG, "%s: bad gateway value: %s\n", __func__, 176 ifp->if_xname); 177 break; 178 } 179 satosdl(gate)->sdl_type = ifp->if_type; 180 satosdl(gate)->sdl_index = ifp->if_index; 181 if (la != 0) 182 break; /* This happens on a route change */ 183 /* 184 * Case 2: This route may come from cloning, or a manual route 185 * add with a LL address. 186 */ 187 la = pool_get(&arp_pool, PR_NOWAIT | PR_ZERO); 188 rt->rt_llinfo = (caddr_t)la; 189 if (la == NULL) { 190 log(LOG_DEBUG, "%s: pool get failed\n", __func__); 191 break; 192 } 193 194 ml_init(&la->la_ml); 195 la->la_rt = rt; 196 rt->rt_flags |= RTF_LLINFO; 197 LIST_INSERT_HEAD(&arp_list, la, la_list); 198 199 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 200 if ((ifa->ifa_addr->sa_family == AF_INET) && 201 ifatoia(ifa)->ia_addr.sin_addr.s_addr == 202 satosin(rt_key(rt))->sin_addr.s_addr) 203 break; 204 } 205 if (ifa) { 206 KASSERT(ifa == rt->rt_ifa); 207 rt->rt_expire = 0; 208 } 209 break; 210 211 case RTM_DELETE: 212 if (la == NULL) 213 break; 214 LIST_REMOVE(la, la_list); 215 rt->rt_llinfo = NULL; 216 rt->rt_flags &= ~RTF_LLINFO; 217 la_hold_total -= ml_purge(&la->la_ml); 218 pool_put(&arp_pool, la); 219 break; 220 221 case RTM_INVALIDATE: 222 if (!ISSET(rt->rt_flags, RTF_LOCAL)) 223 arpinvalidate(rt); 224 break; 225 } 226 } 227 228 /* 229 * Broadcast an ARP request. Caller specifies: 230 * - arp header source ip address 231 * - arp header target ip address 232 * - arp header source ethernet address 233 */ 234 void 235 arprequest(struct ifnet *ifp, u_int32_t *sip, u_int32_t *tip, u_int8_t *enaddr) 236 { 237 struct mbuf *m; 238 struct ether_header *eh; 239 struct ether_arp *ea; 240 struct sockaddr sa; 241 242 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 243 return; 244 m->m_len = sizeof(*ea); 245 m->m_pkthdr.len = sizeof(*ea); 246 m->m_pkthdr.ph_rtableid = ifp->if_rdomain; 247 m->m_pkthdr.pf.prio = ifp->if_llprio; 248 MH_ALIGN(m, sizeof(*ea)); 249 ea = mtod(m, struct ether_arp *); 250 eh = (struct ether_header *)sa.sa_data; 251 memset(ea, 0, sizeof(*ea)); 252 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 253 eh->ether_type = htons(ETHERTYPE_ARP); /* if_output will not swap */ 254 ea->arp_hrd = htons(ARPHRD_ETHER); 255 ea->arp_pro = htons(ETHERTYPE_IP); 256 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 257 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 258 ea->arp_op = htons(ARPOP_REQUEST); 259 memcpy(eh->ether_shost, enaddr, sizeof(eh->ether_shost)); 260 memcpy(ea->arp_sha, enaddr, sizeof(ea->arp_sha)); 261 memcpy(ea->arp_spa, sip, sizeof(ea->arp_spa)); 262 memcpy(ea->arp_tpa, tip, sizeof(ea->arp_tpa)); 263 sa.sa_family = pseudo_AF_HDRCMPLT; 264 sa.sa_len = sizeof(sa); 265 m->m_flags |= M_BCAST; 266 ifp->if_output(ifp, m, &sa, NULL); 267 } 268 269 void 270 arpreply(struct ifnet *ifp, struct mbuf *m, struct in_addr *sip, uint8_t *eaddr) 271 { 272 struct ether_header *eh; 273 struct ether_arp *ea; 274 struct sockaddr sa; 275 276 ea = mtod(m, struct ether_arp *); 277 ea->arp_op = htons(ARPOP_REPLY); 278 ea->arp_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 279 280 /* We're replying to a request. */ 281 memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); 282 memcpy(ea->arp_tpa, ea->arp_spa, sizeof(ea->arp_spa)); 283 284 memcpy(ea->arp_sha, eaddr, sizeof(ea->arp_sha)); 285 memcpy(ea->arp_spa, sip, sizeof(ea->arp_spa)); 286 287 eh = (struct ether_header *)sa.sa_data; 288 memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost)); 289 memcpy(eh->ether_shost, eaddr, sizeof(eh->ether_shost)); 290 eh->ether_type = htons(ETHERTYPE_ARP); 291 sa.sa_family = pseudo_AF_HDRCMPLT; 292 sa.sa_len = sizeof(sa); 293 ifp->if_output(ifp, m, &sa, NULL); 294 } 295 296 /* 297 * Resolve an IP address into an ethernet address. If success, 298 * desten is filled in. If there is no entry in arptab, 299 * set one up and broadcast a request for the IP address. 300 * Hold onto this mbuf and resend it once the address 301 * is finally resolved. A return value of 0 indicates 302 * that desten has been filled in and the packet should be sent 303 * normally; A return value of EAGAIN indicates that the packet 304 * has been taken over here, either now or for later transmission. 305 * Any other return value indicates an error. 306 */ 307 int 308 arpresolve(struct ifnet *ifp, struct rtentry *rt0, struct mbuf *m, 309 struct sockaddr *dst, u_char *desten) 310 { 311 struct arpcom *ac = (struct arpcom *)ifp; 312 struct llinfo_arp *la = NULL; 313 struct sockaddr_dl *sdl; 314 struct rtentry *rt = NULL; 315 char addr[INET_ADDRSTRLEN]; 316 317 if (m->m_flags & M_BCAST) { /* broadcast */ 318 memcpy(desten, etherbroadcastaddr, sizeof(etherbroadcastaddr)); 319 return (0); 320 } 321 if (m->m_flags & M_MCAST) { /* multicast */ 322 ETHER_MAP_IP_MULTICAST(&satosin(dst)->sin_addr, desten); 323 return (0); 324 } 325 326 rt = rt_getll(rt0); 327 328 if (ISSET(rt->rt_flags, RTF_REJECT) && 329 (rt->rt_expire == 0 || time_uptime < rt->rt_expire)) { 330 m_freem(m); 331 return (rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 332 } 333 334 if (!ISSET(rt->rt_flags, RTF_LLINFO)) { 335 log(LOG_DEBUG, "%s: %s: route contains no arp information\n", 336 __func__, inet_ntop(AF_INET, &satosin(rt_key(rt))->sin_addr, 337 addr, sizeof(addr))); 338 m_freem(m); 339 return (EINVAL); 340 } 341 342 sdl = satosdl(rt->rt_gateway); 343 if (sdl->sdl_alen > 0 && sdl->sdl_alen != ETHER_ADDR_LEN) { 344 log(LOG_DEBUG, "%s: %s: incorrect arp information\n", __func__, 345 inet_ntop(AF_INET, &satosin(dst)->sin_addr, 346 addr, sizeof(addr))); 347 goto bad; 348 } 349 350 /* 351 * Check the address family and length is valid, the address 352 * is resolved; otherwise, try to resolve. 353 */ 354 if ((rt->rt_expire == 0 || rt->rt_expire > time_uptime) && 355 sdl->sdl_family == AF_LINK && sdl->sdl_alen != 0) { 356 memcpy(desten, LLADDR(sdl), sdl->sdl_alen); 357 return (0); 358 } 359 360 if (ifp->if_flags & IFF_NOARP) 361 goto bad; 362 363 /* 364 * There is an arptab entry, but no ethernet address 365 * response yet. Insert mbuf in hold queue if below limit 366 * if above the limit free the queue without queuing the new packet. 367 */ 368 la = (struct llinfo_arp *)rt->rt_llinfo; 369 KASSERT(la != NULL); 370 if (la_hold_total < LA_HOLD_TOTAL && la_hold_total < nmbclust / 64) { 371 struct mbuf *mh; 372 373 if (ml_len(&la->la_ml) >= LA_HOLD_QUEUE) { 374 mh = ml_dequeue(&la->la_ml); 375 la_hold_total--; 376 m_freem(mh); 377 } 378 ml_enqueue(&la->la_ml, m); 379 la_hold_total++; 380 } else { 381 la_hold_total -= ml_purge(&la->la_ml); 382 m_freem(m); 383 } 384 385 /* 386 * Re-send the ARP request when appropriate. 387 */ 388 #ifdef DIAGNOSTIC 389 if (rt->rt_expire == 0) { 390 /* This should never happen. (Should it? -gwr) */ 391 printf("%s: unresolved and rt_expire == 0\n", __func__); 392 /* Set expiration time to now (expired). */ 393 rt->rt_expire = time_uptime; 394 } 395 #endif 396 if (rt->rt_expire) { 397 rt->rt_flags &= ~RTF_REJECT; 398 if (la->la_asked == 0 || rt->rt_expire != time_uptime) { 399 rt->rt_expire = time_uptime; 400 if (la->la_asked++ < arp_maxtries) 401 arprequest(ifp, 402 &satosin(rt->rt_ifa->ifa_addr)->sin_addr.s_addr, 403 &satosin(dst)->sin_addr.s_addr, 404 ac->ac_enaddr); 405 else { 406 rt->rt_flags |= RTF_REJECT; 407 rt->rt_expire += arpt_down; 408 la->la_asked = 0; 409 la_hold_total -= ml_purge(&la->la_ml); 410 } 411 } 412 } 413 414 return (EAGAIN); 415 416 bad: 417 m_freem(m); 418 return (EINVAL); 419 } 420 421 /* 422 * Common length and type checks are done here, 423 * then the protocol-specific routine is called. 424 */ 425 void 426 arpinput(struct ifnet *ifp, struct mbuf *m) 427 { 428 struct arphdr *ar; 429 int len; 430 431 #ifdef DIAGNOSTIC 432 if ((m->m_flags & M_PKTHDR) == 0) 433 panic("arpintr"); 434 #endif 435 436 len = sizeof(struct arphdr); 437 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 438 return; 439 440 ar = mtod(m, struct arphdr *); 441 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER || 442 ntohs(ar->ar_pro) != ETHERTYPE_IP) { 443 m_freem(m); 444 return; 445 } 446 447 len += 2 * (ar->ar_hln + ar->ar_pln); 448 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 449 return; 450 451 niq_enqueue(&arpinq, m); 452 } 453 454 void 455 arpintr(void) 456 { 457 struct mbuf_list ml; 458 struct mbuf *m; 459 struct ifnet *ifp; 460 461 niq_delist(&arpinq, &ml); 462 463 while ((m = ml_dequeue(&ml)) != NULL) { 464 ifp = if_get(m->m_pkthdr.ph_ifidx); 465 466 if (ifp != NULL) 467 in_arpinput(ifp, m); 468 else 469 m_freem(m); 470 471 if_put(ifp); 472 } 473 } 474 475 /* 476 * ARP for Internet protocols on Ethernet, RFC 826. 477 * In addition, a sanity check is performed on the sender 478 * protocol address, to catch impersonators. 479 */ 480 void 481 in_arpinput(struct ifnet *ifp, struct mbuf *m) 482 { 483 struct ether_arp *ea; 484 struct rtentry *rt = NULL; 485 struct sockaddr_in sin; 486 struct in_addr isaddr, itaddr; 487 char addr[INET_ADDRSTRLEN]; 488 int op, target = 0; 489 unsigned int rdomain; 490 491 rdomain = rtable_l2(m->m_pkthdr.ph_rtableid); 492 493 ea = mtod(m, struct ether_arp *); 494 op = ntohs(ea->arp_op); 495 if ((op != ARPOP_REQUEST) && (op != ARPOP_REPLY)) 496 goto out; 497 498 memcpy(&itaddr, ea->arp_tpa, sizeof(itaddr)); 499 memcpy(&isaddr, ea->arp_spa, sizeof(isaddr)); 500 memset(&sin, 0, sizeof(sin)); 501 sin.sin_len = sizeof(sin); 502 sin.sin_family = AF_INET; 503 504 if (ETHER_IS_MULTICAST(&ea->arp_sha[0]) && 505 !memcmp(ea->arp_sha, etherbroadcastaddr, sizeof(ea->arp_sha))) { 506 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 507 log(LOG_ERR, "arp: ether address is broadcast for IP address " 508 "%s!\n", addr); 509 goto out; 510 } 511 512 if (!memcmp(ea->arp_sha, LLADDR(ifp->if_sadl), sizeof(ea->arp_sha))) 513 goto out; /* it's from me, ignore it. */ 514 515 /* Check target against our interface addresses. */ 516 sin.sin_addr = itaddr; 517 rt = rtalloc(sintosa(&sin), 0, rdomain); 518 if (rtisvalid(rt) && ISSET(rt->rt_flags, RTF_LOCAL) && 519 rt->rt_ifidx == ifp->if_index) 520 target = 1; 521 rtfree(rt); 522 rt = NULL; 523 524 #if NCARP > 0 525 if (target && op == ARPOP_REQUEST && ifp->if_type == IFT_CARP && 526 !carp_iamatch(ifp)) 527 goto out; 528 #endif 529 530 /* Do we have an ARP cache for the sender? Create if we are target. */ 531 rt = arplookup(&isaddr, target, 0, rdomain); 532 533 /* Check sender against our interface addresses. */ 534 if (rtisvalid(rt) && ISSET(rt->rt_flags, RTF_LOCAL) && 535 rt->rt_ifidx == ifp->if_index && isaddr.s_addr != INADDR_ANY) { 536 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 537 log(LOG_ERR, "duplicate IP address %s sent from ethernet " 538 "address %s\n", addr, ether_sprintf(ea->arp_sha)); 539 itaddr = isaddr; 540 } else if (rt != NULL) { 541 int error; 542 543 KERNEL_LOCK(); 544 error = arpcache(ifp, ea, rt); 545 KERNEL_UNLOCK(); 546 if (error) 547 goto out; 548 } 549 550 if (op == ARPOP_REQUEST) { 551 uint8_t *eaddr; 552 553 if (target) { 554 /* We already have all info for the reply */ 555 eaddr = LLADDR(ifp->if_sadl); 556 } else { 557 rtfree(rt); 558 rt = arplookup(&itaddr, 0, SIN_PROXY, rdomain); 559 /* 560 * Protect from possible duplicates, only owner 561 * should respond 562 */ 563 if ((rt == NULL) || (rt->rt_ifidx != ifp->if_index)) 564 goto out; 565 eaddr = LLADDR(satosdl(rt->rt_gateway)); 566 } 567 arpreply(ifp, m, &itaddr, eaddr); 568 rtfree(rt); 569 return; 570 } 571 572 out: 573 rtfree(rt); 574 m_freem(m); 575 } 576 577 int 578 arpcache(struct ifnet *ifp, struct ether_arp *ea, struct rtentry *rt) 579 { 580 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 581 struct sockaddr_dl *sdl = satosdl(rt->rt_gateway); 582 struct in_addr *spa = (struct in_addr *)ea->arp_spa; 583 char addr[INET_ADDRSTRLEN]; 584 struct ifnet *rifp; 585 unsigned int len; 586 int changed = 0; 587 588 KERNEL_ASSERT_LOCKED(); 589 KASSERT(sdl != NULL); 590 591 /* 592 * This can happen if the entry has been deleted by another CPU 593 * after we found it. 594 */ 595 if (la == NULL) 596 return (0); 597 598 if (sdl->sdl_alen > 0) { 599 if (memcmp(ea->arp_sha, LLADDR(sdl), sdl->sdl_alen)) { 600 if (ISSET(rt->rt_flags, RTF_PERMANENT_ARP|RTF_LOCAL)) { 601 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 602 log(LOG_WARNING, "arp: attempt to overwrite " 603 "permanent entry for %s by %s on %s\n", addr, 604 ether_sprintf(ea->arp_sha), ifp->if_xname); 605 return (-1); 606 } else if (rt->rt_ifidx != ifp->if_index) { 607 #if NCARP > 0 608 if (ifp->if_type != IFT_CARP) 609 #endif 610 { 611 rifp = if_get(rt->rt_ifidx); 612 if (rifp == NULL) 613 return (-1); 614 inet_ntop(AF_INET, spa, addr, 615 sizeof(addr)); 616 log(LOG_WARNING, "arp: attempt to " 617 "overwrite entry for %s on %s by " 618 "%s on %s\n", addr, rifp->if_xname, 619 ether_sprintf(ea->arp_sha), 620 ifp->if_xname); 621 if_put(rifp); 622 } 623 return (-1); 624 } else { 625 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 626 log(LOG_INFO, "arp info overwritten for %s by " 627 "%s on %s\n", addr, 628 ether_sprintf(ea->arp_sha), ifp->if_xname); 629 rt->rt_expire = 1;/* no longer static */ 630 } 631 changed = 1; 632 } 633 } else if (!if_isconnected(ifp, rt->rt_ifidx)) { 634 rifp = if_get(rt->rt_ifidx); 635 if (rifp == NULL) 636 return (-1); 637 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 638 log(LOG_WARNING, "arp: attempt to add entry for %s on %s by %s" 639 " on %s\n", addr, rifp->if_xname, 640 ether_sprintf(ea->arp_sha), ifp->if_xname); 641 if_put(rifp); 642 return (-1); 643 } 644 sdl->sdl_alen = sizeof(ea->arp_sha); 645 memcpy(LLADDR(sdl), ea->arp_sha, sizeof(ea->arp_sha)); 646 if (rt->rt_expire) 647 rt->rt_expire = time_uptime + arpt_keep; 648 rt->rt_flags &= ~RTF_REJECT; 649 650 /* Notify userland that an ARP resolution has been done. */ 651 if (la->la_asked || changed) { 652 KERNEL_LOCK(); 653 rt_sendmsg(rt, RTM_RESOLVE, ifp->if_rdomain); 654 KERNEL_UNLOCK(); 655 } 656 657 la->la_asked = 0; 658 while ((len = ml_len(&la->la_ml)) != 0) { 659 struct mbuf *mh; 660 661 mh = ml_dequeue(&la->la_ml); 662 la_hold_total--; 663 664 ifp->if_output(ifp, mh, rt_key(rt), rt); 665 666 if (ml_len(&la->la_ml) == len) { 667 /* mbuf is back in queue. Discard. */ 668 while ((mh = ml_dequeue(&la->la_ml)) != NULL) { 669 la_hold_total--; 670 m_freem(mh); 671 } 672 break; 673 } 674 } 675 676 return (0); 677 } 678 679 void 680 arpinvalidate(struct rtentry *rt) 681 { 682 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 683 struct sockaddr_dl *sdl = satosdl(rt->rt_gateway); 684 685 la_hold_total -= ml_purge(&la->la_ml); 686 sdl->sdl_alen = 0; 687 la->la_asked = 0; 688 } 689 690 /* 691 * Free an arp entry. 692 */ 693 void 694 arptfree(struct rtentry *rt) 695 { 696 struct ifnet *ifp; 697 698 arpinvalidate(rt); 699 700 ifp = if_get(rt->rt_ifidx); 701 KASSERT(ifp != NULL); 702 if (!ISSET(rt->rt_flags, RTF_STATIC|RTF_CACHED)) 703 rtdeletemsg(rt, ifp, ifp->if_rdomain); 704 if_put(ifp); 705 } 706 707 /* 708 * Lookup or enter a new address in arptab. 709 */ 710 struct rtentry * 711 arplookup(struct in_addr *inp, int create, int proxy, u_int tableid) 712 { 713 struct rtentry *rt; 714 struct sockaddr_inarp sin; 715 int flags; 716 717 memset(&sin, 0, sizeof(sin)); 718 sin.sin_len = sizeof(sin); 719 sin.sin_family = AF_INET; 720 sin.sin_addr.s_addr = inp->s_addr; 721 sin.sin_other = proxy ? SIN_PROXY : 0; 722 flags = (create) ? RT_RESOLVE : 0; 723 724 rt = rtalloc((struct sockaddr *)&sin, flags, tableid); 725 if (!rtisvalid(rt) || ISSET(rt->rt_flags, RTF_GATEWAY) || 726 !ISSET(rt->rt_flags, RTF_LLINFO) || 727 rt->rt_gateway->sa_family != AF_LINK) { 728 rtfree(rt); 729 return (NULL); 730 } 731 732 if (proxy && !ISSET(rt->rt_flags, RTF_ANNOUNCE)) { 733 #ifdef ART 734 while ((rt = rtable_iterate(rt)) != NULL) { 735 if (ISSET(rt->rt_flags, RTF_ANNOUNCE)) { 736 break; 737 } 738 } 739 #endif /* ART */ 740 } 741 742 return (rt); 743 } 744 745 /* 746 * Check whether we do proxy ARP for this address and we point to ourselves. 747 */ 748 int 749 arpproxy(struct in_addr in, unsigned int rtableid) 750 { 751 struct sockaddr_dl *sdl; 752 struct rtentry *rt; 753 struct ifnet *ifp; 754 int found = 0; 755 756 rt = arplookup(&in, 0, SIN_PROXY, rtableid); 757 if (!rtisvalid(rt)) { 758 rtfree(rt); 759 return (0); 760 } 761 762 /* Check that arp information are correct. */ 763 sdl = satosdl(rt->rt_gateway); 764 if (sdl->sdl_alen != ETHER_ADDR_LEN) { 765 rtfree(rt); 766 return (0); 767 } 768 769 ifp = if_get(rt->rt_ifidx); 770 if (ifp == NULL) { 771 rtfree(rt); 772 return (0); 773 } 774 775 if (!memcmp(LLADDR(sdl), LLADDR(ifp->if_sadl), sdl->sdl_alen)) 776 found = 1; 777 778 if_put(ifp); 779 rtfree(rt); 780 return (found); 781 } 782 783 /* 784 * Called from Ethernet interrupt handlers 785 * when ether packet type ETHERTYPE_REVARP 786 * is received. Common length and type checks are done here, 787 * then the protocol-specific routine is called. 788 */ 789 void 790 revarpinput(struct ifnet *ifp, struct mbuf *m) 791 { 792 struct arphdr *ar; 793 794 if (m->m_len < sizeof(struct arphdr)) 795 goto out; 796 ar = mtod(m, struct arphdr *); 797 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) 798 goto out; 799 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln)) 800 goto out; 801 switch (ntohs(ar->ar_pro)) { 802 803 case ETHERTYPE_IP: 804 in_revarpinput(ifp, m); 805 return; 806 807 default: 808 break; 809 } 810 out: 811 m_freem(m); 812 } 813 814 /* 815 * RARP for Internet protocols on Ethernet. 816 * Algorithm is that given in RFC 903. 817 * We are only using for bootstrap purposes to get an ip address for one of 818 * our interfaces. Thus we support no user-interface. 819 * 820 * Since the contents of the RARP reply are specific to the interface that 821 * sent the request, this code must ensure that they are properly associated. 822 * 823 * Note: also supports ARP via RARP packets, per the RFC. 824 */ 825 void 826 in_revarpinput(struct ifnet *ifp, struct mbuf *m) 827 { 828 struct ether_arp *ar; 829 int op; 830 831 ar = mtod(m, struct ether_arp *); 832 op = ntohs(ar->arp_op); 833 switch (op) { 834 case ARPOP_REQUEST: 835 case ARPOP_REPLY: /* per RFC */ 836 niq_enqueue(&arpinq, m); 837 return; 838 case ARPOP_REVREPLY: 839 break; 840 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 841 default: 842 goto out; 843 } 844 #ifdef NFSCLIENT 845 if (revarp_ifidx == 0) 846 goto out; 847 if (revarp_ifidx != m->m_pkthdr.ph_ifidx) /* !same interface */ 848 goto out; 849 if (revarp_finished) 850 goto wake; 851 if (memcmp(ar->arp_tha, LLADDR(ifp->if_sadl), sizeof(ar->arp_tha))) 852 goto out; 853 memcpy(&revarp_srvip, ar->arp_spa, sizeof(revarp_srvip)); 854 memcpy(&revarp_myip, ar->arp_tpa, sizeof(revarp_myip)); 855 revarp_finished = 1; 856 wake: /* Do wakeup every time in case it was missed. */ 857 wakeup((caddr_t)&revarp_myip); 858 #endif /* NFSCLIENT */ 859 860 out: 861 m_freem(m); 862 } 863 864 /* 865 * Send a RARP request for the ip address of the specified interface. 866 * The request should be RFC 903-compliant. 867 */ 868 void 869 revarprequest(struct ifnet *ifp) 870 { 871 struct sockaddr sa; 872 struct mbuf *m; 873 struct ether_header *eh; 874 struct ether_arp *ea; 875 struct arpcom *ac = (struct arpcom *)ifp; 876 877 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 878 return; 879 m->m_len = sizeof(*ea); 880 m->m_pkthdr.len = sizeof(*ea); 881 m->m_pkthdr.pf.prio = ifp->if_llprio; 882 MH_ALIGN(m, sizeof(*ea)); 883 ea = mtod(m, struct ether_arp *); 884 eh = (struct ether_header *)sa.sa_data; 885 memset(ea, 0, sizeof(*ea)); 886 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 887 eh->ether_type = htons(ETHERTYPE_REVARP); 888 ea->arp_hrd = htons(ARPHRD_ETHER); 889 ea->arp_pro = htons(ETHERTYPE_IP); 890 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 891 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 892 ea->arp_op = htons(ARPOP_REVREQUEST); 893 memcpy(eh->ether_shost, ac->ac_enaddr, sizeof(ea->arp_tha)); 894 memcpy(ea->arp_sha, ac->ac_enaddr, sizeof(ea->arp_sha)); 895 memcpy(ea->arp_tha, ac->ac_enaddr, sizeof(ea->arp_tha)); 896 sa.sa_family = pseudo_AF_HDRCMPLT; 897 sa.sa_len = sizeof(sa); 898 m->m_flags |= M_BCAST; 899 ifp->if_output(ifp, m, &sa, NULL); 900 } 901 902 #ifdef NFSCLIENT 903 /* 904 * RARP for the ip address of the specified interface, but also 905 * save the ip address of the server that sent the answer. 906 * Timeout if no response is received. 907 */ 908 int 909 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 910 struct in_addr *clnt_in) 911 { 912 int result, count = 20; 913 914 if (revarp_finished) 915 return EIO; 916 917 revarp_ifidx = ifp->if_index; 918 while (count--) { 919 revarprequest(ifp); 920 result = tsleep((caddr_t)&revarp_myip, PSOCK, "revarp", hz/2); 921 if (result != EWOULDBLOCK) 922 break; 923 } 924 revarp_ifidx = 0; 925 if (!revarp_finished) 926 return ENETUNREACH; 927 928 memcpy(serv_in, &revarp_srvip, sizeof(*serv_in)); 929 memcpy(clnt_in, &revarp_myip, sizeof(*clnt_in)); 930 return 0; 931 } 932 933 /* For compatibility: only saves interface address. */ 934 int 935 revarpwhoami(struct in_addr *in, struct ifnet *ifp) 936 { 937 struct in_addr server; 938 return (revarpwhoarewe(ifp, &server, in)); 939 } 940 #endif /* NFSCLIENT */ 941