1 /* $OpenBSD: if_ether.c,v 1.224 2016/09/15 02:00:18 dlg Exp $ */ 2 /* $NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)if_ether.c 8.1 (Berkeley) 6/10/93 33 */ 34 35 /* 36 * Ethernet address resolution protocol. 37 * TODO: 38 * add "inuse/lock" bit (or ref. count) along with valid bit 39 */ 40 41 #include "carp.h" 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/mbuf.h> 46 #include <sys/socket.h> 47 #include <sys/timeout.h> 48 #include <sys/kernel.h> 49 #include <sys/syslog.h> 50 #include <sys/queue.h> 51 #include <sys/pool.h> 52 53 #include <net/if.h> 54 #include <net/if_var.h> 55 #include <net/if_dl.h> 56 #include <net/route.h> 57 #include <net/if_types.h> 58 #include <net/netisr.h> 59 60 #include <netinet/in.h> 61 #include <netinet/in_var.h> 62 #include <netinet/if_ether.h> 63 #if NCARP > 0 64 #include <netinet/ip_carp.h> 65 #endif 66 67 struct llinfo_arp { 68 LIST_ENTRY(llinfo_arp) la_list; 69 struct rtentry *la_rt; /* backpointer to rtentry */ 70 long la_asked; /* last time we QUERIED */ 71 struct mbuf_list la_ml; /* packet hold queue */ 72 }; 73 #define LA_HOLD_QUEUE 10 74 #define LA_HOLD_TOTAL 100 75 76 /* timer values */ 77 int arpt_prune = (5 * 60); /* walk list every 5 minutes */ 78 int arpt_keep = (20 * 60); /* once resolved, cache for 20 minutes */ 79 int arpt_down = 20; /* once declared down, don't send for 20 secs */ 80 81 void arpinvalidate(struct rtentry *); 82 void arptfree(struct rtentry *); 83 void arptimer(void *); 84 struct rtentry *arplookup(struct in_addr *, int, int, unsigned int); 85 void in_arpinput(struct ifnet *, struct mbuf *); 86 void in_revarpinput(struct ifnet *, struct mbuf *); 87 int arpcache(struct ifnet *, struct ether_arp *, struct rtentry *); 88 void arpreply(struct ifnet *, struct mbuf *, struct in_addr *, uint8_t *); 89 90 struct niqueue arpinq = NIQUEUE_INITIALIZER(50, NETISR_ARP); 91 92 LIST_HEAD(, llinfo_arp) arp_list; 93 struct pool arp_pool; /* pool for llinfo_arp structures */ 94 int arp_maxtries = 5; 95 int arpinit_done; 96 int la_hold_total; 97 98 #ifdef NFSCLIENT 99 /* revarp state */ 100 struct in_addr revarp_myip, revarp_srvip; 101 int revarp_finished; 102 unsigned int revarp_ifidx; 103 #endif /* NFSCLIENT */ 104 105 /* 106 * Timeout routine. Age arp_tab entries periodically. 107 */ 108 /* ARGSUSED */ 109 void 110 arptimer(void *arg) 111 { 112 struct timeout *to = (struct timeout *)arg; 113 int s; 114 struct llinfo_arp *la, *nla; 115 116 s = splsoftnet(); 117 timeout_add_sec(to, arpt_prune); 118 LIST_FOREACH_SAFE(la, &arp_list, la_list, nla) { 119 struct rtentry *rt = la->la_rt; 120 121 if (rt->rt_expire && rt->rt_expire <= time_uptime) 122 arptfree(rt); /* timer has expired; clear */ 123 } 124 splx(s); 125 } 126 127 void 128 arp_rtrequest(struct ifnet *ifp, int req, struct rtentry *rt) 129 { 130 struct sockaddr *gate = rt->rt_gateway; 131 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 132 struct ifaddr *ifa; 133 134 if (!arpinit_done) { 135 static struct timeout arptimer_to; 136 137 arpinit_done = 1; 138 pool_init(&arp_pool, sizeof(struct llinfo_arp), 0, 139 IPL_SOFTNET, 0, "arp", NULL); 140 141 timeout_set(&arptimer_to, arptimer, &arptimer_to); 142 timeout_add_sec(&arptimer_to, 1); 143 } 144 145 if (ISSET(rt->rt_flags, RTF_GATEWAY|RTF_BROADCAST|RTF_MULTICAST)) 146 return; 147 148 switch (req) { 149 150 case RTM_ADD: 151 if (rt->rt_flags & RTF_CLONING || 152 ((rt->rt_flags & (RTF_LLINFO | RTF_LOCAL)) && !la)) { 153 /* 154 * Give this route an expiration time, even though 155 * it's a "permanent" route, so that routes cloned 156 * from it do not need their expiration time set. 157 */ 158 rt->rt_expire = time_uptime; 159 if ((rt->rt_flags & RTF_CLONING) != 0) 160 break; 161 } 162 /* 163 * Announce a new entry if requested or warn the user 164 * if another station has this IP address. 165 */ 166 if (rt->rt_flags & (RTF_ANNOUNCE|RTF_LOCAL)) 167 arprequest(ifp, 168 &satosin(rt_key(rt))->sin_addr.s_addr, 169 &satosin(rt_key(rt))->sin_addr.s_addr, 170 (u_char *)LLADDR(satosdl(gate))); 171 /*FALLTHROUGH*/ 172 case RTM_RESOLVE: 173 if (gate->sa_family != AF_LINK || 174 gate->sa_len < sizeof(struct sockaddr_dl)) { 175 log(LOG_DEBUG, "%s: bad gateway value: %s\n", __func__, 176 ifp->if_xname); 177 break; 178 } 179 satosdl(gate)->sdl_type = ifp->if_type; 180 satosdl(gate)->sdl_index = ifp->if_index; 181 if (la != 0) 182 break; /* This happens on a route change */ 183 /* 184 * Case 2: This route may come from cloning, or a manual route 185 * add with a LL address. 186 */ 187 la = pool_get(&arp_pool, PR_NOWAIT | PR_ZERO); 188 rt->rt_llinfo = (caddr_t)la; 189 if (la == NULL) { 190 log(LOG_DEBUG, "%s: pool get failed\n", __func__); 191 break; 192 } 193 194 ml_init(&la->la_ml); 195 la->la_rt = rt; 196 rt->rt_flags |= RTF_LLINFO; 197 LIST_INSERT_HEAD(&arp_list, la, la_list); 198 199 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 200 if ((ifa->ifa_addr->sa_family == AF_INET) && 201 ifatoia(ifa)->ia_addr.sin_addr.s_addr == 202 satosin(rt_key(rt))->sin_addr.s_addr) 203 break; 204 } 205 if (ifa) { 206 KASSERT(ifa == rt->rt_ifa); 207 rt->rt_expire = 0; 208 } 209 break; 210 211 case RTM_DELETE: 212 if (la == NULL) 213 break; 214 LIST_REMOVE(la, la_list); 215 rt->rt_llinfo = NULL; 216 rt->rt_flags &= ~RTF_LLINFO; 217 la_hold_total -= ml_purge(&la->la_ml); 218 pool_put(&arp_pool, la); 219 break; 220 221 case RTM_INVALIDATE: 222 if (!ISSET(rt->rt_flags, RTF_LOCAL)) 223 arpinvalidate(rt); 224 break; 225 } 226 } 227 228 /* 229 * Broadcast an ARP request. Caller specifies: 230 * - arp header source ip address 231 * - arp header target ip address 232 * - arp header source ethernet address 233 */ 234 void 235 arprequest(struct ifnet *ifp, u_int32_t *sip, u_int32_t *tip, u_int8_t *enaddr) 236 { 237 struct mbuf *m; 238 struct ether_header *eh; 239 struct ether_arp *ea; 240 struct sockaddr sa; 241 242 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 243 return; 244 m->m_len = sizeof(*ea); 245 m->m_pkthdr.len = sizeof(*ea); 246 m->m_pkthdr.ph_rtableid = ifp->if_rdomain; 247 m->m_pkthdr.pf.prio = ifp->if_llprio; 248 MH_ALIGN(m, sizeof(*ea)); 249 ea = mtod(m, struct ether_arp *); 250 eh = (struct ether_header *)sa.sa_data; 251 memset(ea, 0, sizeof(*ea)); 252 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 253 eh->ether_type = htons(ETHERTYPE_ARP); /* if_output will not swap */ 254 ea->arp_hrd = htons(ARPHRD_ETHER); 255 ea->arp_pro = htons(ETHERTYPE_IP); 256 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 257 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 258 ea->arp_op = htons(ARPOP_REQUEST); 259 memcpy(eh->ether_shost, enaddr, sizeof(eh->ether_shost)); 260 memcpy(ea->arp_sha, enaddr, sizeof(ea->arp_sha)); 261 memcpy(ea->arp_spa, sip, sizeof(ea->arp_spa)); 262 memcpy(ea->arp_tpa, tip, sizeof(ea->arp_tpa)); 263 sa.sa_family = pseudo_AF_HDRCMPLT; 264 sa.sa_len = sizeof(sa); 265 m->m_flags |= M_BCAST; 266 ifp->if_output(ifp, m, &sa, NULL); 267 } 268 269 void 270 arpreply(struct ifnet *ifp, struct mbuf *m, struct in_addr *sip, uint8_t *eaddr) 271 { 272 struct ether_header *eh; 273 struct ether_arp *ea; 274 struct sockaddr sa; 275 276 ea = mtod(m, struct ether_arp *); 277 ea->arp_op = htons(ARPOP_REPLY); 278 ea->arp_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 279 280 /* We're replying to a request. */ 281 memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); 282 memcpy(ea->arp_tpa, ea->arp_spa, sizeof(ea->arp_spa)); 283 284 memcpy(ea->arp_sha, eaddr, sizeof(ea->arp_sha)); 285 memcpy(ea->arp_spa, sip, sizeof(ea->arp_spa)); 286 287 eh = (struct ether_header *)sa.sa_data; 288 memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost)); 289 memcpy(eh->ether_shost, eaddr, sizeof(eh->ether_shost)); 290 eh->ether_type = htons(ETHERTYPE_ARP); 291 sa.sa_family = pseudo_AF_HDRCMPLT; 292 sa.sa_len = sizeof(sa); 293 ifp->if_output(ifp, m, &sa, NULL); 294 } 295 296 /* 297 * Resolve an IP address into an ethernet address. If success, 298 * desten is filled in. If there is no entry in arptab, 299 * set one up and broadcast a request for the IP address. 300 * Hold onto this mbuf and resend it once the address 301 * is finally resolved. A return value of 0 indicates 302 * that desten has been filled in and the packet should be sent 303 * normally; A return value of EAGAIN indicates that the packet 304 * has been taken over here, either now or for later transmission. 305 * Any other return value indicates an error. 306 */ 307 int 308 arpresolve(struct ifnet *ifp, struct rtentry *rt0, struct mbuf *m, 309 struct sockaddr *dst, u_char *desten) 310 { 311 struct arpcom *ac = (struct arpcom *)ifp; 312 struct llinfo_arp *la = NULL; 313 struct sockaddr_dl *sdl; 314 struct rtentry *rt = NULL; 315 char addr[INET_ADDRSTRLEN]; 316 317 if (m->m_flags & M_BCAST) { /* broadcast */ 318 memcpy(desten, etherbroadcastaddr, sizeof(etherbroadcastaddr)); 319 return (0); 320 } 321 if (m->m_flags & M_MCAST) { /* multicast */ 322 ETHER_MAP_IP_MULTICAST(&satosin(dst)->sin_addr, desten); 323 return (0); 324 } 325 326 rt = rt_getll(rt0); 327 328 if (ISSET(rt->rt_flags, RTF_REJECT) && 329 (rt->rt_expire == 0 || time_uptime < rt->rt_expire)) { 330 m_freem(m); 331 return (rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 332 } 333 334 if (!ISSET(rt->rt_flags, RTF_LLINFO)) { 335 log(LOG_DEBUG, "%s: %s: route contains no arp information\n", 336 __func__, inet_ntop(AF_INET, &satosin(rt_key(rt))->sin_addr, 337 addr, sizeof(addr))); 338 m_freem(m); 339 return (EINVAL); 340 } 341 342 sdl = satosdl(rt->rt_gateway); 343 if (sdl->sdl_alen > 0 && sdl->sdl_alen != ETHER_ADDR_LEN) { 344 log(LOG_DEBUG, "%s: %s: incorrect arp information\n", __func__, 345 inet_ntop(AF_INET, &satosin(dst)->sin_addr, 346 addr, sizeof(addr))); 347 goto bad; 348 } 349 350 /* 351 * Check the address family and length is valid, the address 352 * is resolved; otherwise, try to resolve. 353 */ 354 if ((rt->rt_expire == 0 || rt->rt_expire > time_uptime) && 355 sdl->sdl_family == AF_LINK && sdl->sdl_alen != 0) { 356 memcpy(desten, LLADDR(sdl), sdl->sdl_alen); 357 return (0); 358 } 359 360 if (ifp->if_flags & IFF_NOARP) 361 goto bad; 362 363 /* 364 * There is an arptab entry, but no ethernet address 365 * response yet. Insert mbuf in hold queue if below limit 366 * if above the limit free the queue without queuing the new packet. 367 */ 368 la = (struct llinfo_arp *)rt->rt_llinfo; 369 KASSERT(la != NULL); 370 if (la_hold_total < LA_HOLD_TOTAL && la_hold_total < nmbclust / 64) { 371 struct mbuf *mh; 372 373 if (ml_len(&la->la_ml) >= LA_HOLD_QUEUE) { 374 mh = ml_dequeue(&la->la_ml); 375 la_hold_total--; 376 m_freem(mh); 377 } 378 ml_enqueue(&la->la_ml, m); 379 la_hold_total++; 380 } else { 381 la_hold_total -= ml_purge(&la->la_ml); 382 m_freem(m); 383 } 384 385 /* 386 * Re-send the ARP request when appropriate. 387 */ 388 #ifdef DIAGNOSTIC 389 if (rt->rt_expire == 0) { 390 /* This should never happen. (Should it? -gwr) */ 391 printf("%s: unresolved and rt_expire == 0\n", __func__); 392 /* Set expiration time to now (expired). */ 393 rt->rt_expire = time_uptime; 394 } 395 #endif 396 if (rt->rt_expire) { 397 rt->rt_flags &= ~RTF_REJECT; 398 if (la->la_asked == 0 || rt->rt_expire != time_uptime) { 399 rt->rt_expire = time_uptime; 400 if (la->la_asked++ < arp_maxtries) 401 arprequest(ifp, 402 &satosin(rt->rt_ifa->ifa_addr)->sin_addr.s_addr, 403 &satosin(dst)->sin_addr.s_addr, 404 ac->ac_enaddr); 405 else { 406 rt->rt_flags |= RTF_REJECT; 407 rt->rt_expire += arpt_down; 408 la->la_asked = 0; 409 la_hold_total -= ml_purge(&la->la_ml); 410 } 411 } 412 } 413 414 return (EAGAIN); 415 416 bad: 417 m_freem(m); 418 return (EINVAL); 419 } 420 421 /* 422 * Common length and type checks are done here, 423 * then the protocol-specific routine is called. 424 */ 425 void 426 arpinput(struct ifnet *ifp, struct mbuf *m) 427 { 428 struct arphdr *ar; 429 int len; 430 431 #ifdef DIAGNOSTIC 432 if ((m->m_flags & M_PKTHDR) == 0) 433 panic("arpintr"); 434 #endif 435 436 len = sizeof(struct arphdr); 437 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 438 return; 439 440 ar = mtod(m, struct arphdr *); 441 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER || 442 ntohs(ar->ar_pro) != ETHERTYPE_IP) { 443 m_freem(m); 444 return; 445 } 446 447 len += 2 * (ar->ar_hln + ar->ar_pln); 448 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 449 return; 450 451 niq_enqueue(&arpinq, m); 452 } 453 454 void 455 arpintr(void) 456 { 457 struct mbuf_list ml; 458 struct mbuf *m; 459 struct ifnet *ifp; 460 461 niq_delist(&arpinq, &ml); 462 463 while ((m = ml_dequeue(&ml)) != NULL) { 464 ifp = if_get(m->m_pkthdr.ph_ifidx); 465 466 if (ifp != NULL) 467 in_arpinput(ifp, m); 468 else 469 m_freem(m); 470 471 if_put(ifp); 472 } 473 } 474 475 /* 476 * ARP for Internet protocols on Ethernet, RFC 826. 477 * In addition, a sanity check is performed on the sender 478 * protocol address, to catch impersonators. 479 */ 480 void 481 in_arpinput(struct ifnet *ifp, struct mbuf *m) 482 { 483 struct ether_arp *ea; 484 struct rtentry *rt = NULL; 485 struct sockaddr_in sin; 486 struct in_addr isaddr, itaddr; 487 char addr[INET_ADDRSTRLEN]; 488 int op, target = 0; 489 unsigned int rdomain; 490 491 rdomain = rtable_l2(m->m_pkthdr.ph_rtableid); 492 493 ea = mtod(m, struct ether_arp *); 494 op = ntohs(ea->arp_op); 495 if ((op != ARPOP_REQUEST) && (op != ARPOP_REPLY)) 496 goto out; 497 498 memcpy(&itaddr, ea->arp_tpa, sizeof(itaddr)); 499 memcpy(&isaddr, ea->arp_spa, sizeof(isaddr)); 500 memset(&sin, 0, sizeof(sin)); 501 sin.sin_len = sizeof(sin); 502 sin.sin_family = AF_INET; 503 504 if (ETHER_IS_MULTICAST(&ea->arp_sha[0]) && 505 !memcmp(ea->arp_sha, etherbroadcastaddr, sizeof(ea->arp_sha))) { 506 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 507 log(LOG_ERR, "arp: ether address is broadcast for IP address " 508 "%s!\n", addr); 509 goto out; 510 } 511 512 if (!memcmp(ea->arp_sha, LLADDR(ifp->if_sadl), sizeof(ea->arp_sha))) 513 goto out; /* it's from me, ignore it. */ 514 515 /* Check target against our interface addresses. */ 516 sin.sin_addr = itaddr; 517 rt = rtalloc(sintosa(&sin), 0, rdomain); 518 if (rtisvalid(rt) && ISSET(rt->rt_flags, RTF_LOCAL) && 519 rt->rt_ifidx == ifp->if_index) 520 target = 1; 521 rtfree(rt); 522 rt = NULL; 523 524 #if NCARP > 0 525 if (target && op == ARPOP_REQUEST && ifp->if_type == IFT_CARP && 526 !carp_iamatch(ifp)) 527 goto out; 528 #endif 529 530 /* Do we have an ARP cache for the sender? Create if we are target. */ 531 rt = arplookup(&isaddr, target, 0, rdomain); 532 533 /* Check sender against our interface addresses. */ 534 if (rtisvalid(rt) && ISSET(rt->rt_flags, RTF_LOCAL) && 535 rt->rt_ifidx == ifp->if_index && isaddr.s_addr != INADDR_ANY) { 536 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 537 log(LOG_ERR, "duplicate IP address %s sent from ethernet " 538 "address %s\n", addr, ether_sprintf(ea->arp_sha)); 539 itaddr = isaddr; 540 } else if (rt != NULL) { 541 int error; 542 543 KERNEL_LOCK(); 544 error = arpcache(ifp, ea, rt); 545 KERNEL_UNLOCK(); 546 if (error) 547 goto out; 548 } 549 550 if (op == ARPOP_REQUEST) { 551 uint8_t *eaddr; 552 553 if (target) { 554 /* We already have all info for the reply */ 555 eaddr = LLADDR(ifp->if_sadl); 556 } else { 557 rtfree(rt); 558 rt = arplookup(&itaddr, 0, SIN_PROXY, rdomain); 559 /* 560 * Protect from possible duplicates, only owner 561 * should respond 562 */ 563 if ((rt == NULL) || (rt->rt_ifidx != ifp->if_index)) 564 goto out; 565 eaddr = LLADDR(satosdl(rt->rt_gateway)); 566 } 567 arpreply(ifp, m, &itaddr, eaddr); 568 rtfree(rt); 569 return; 570 } 571 572 out: 573 rtfree(rt); 574 m_freem(m); 575 } 576 577 int 578 arpcache(struct ifnet *ifp, struct ether_arp *ea, struct rtentry *rt) 579 { 580 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 581 struct sockaddr_dl *sdl = satosdl(rt->rt_gateway); 582 struct in_addr *spa = (struct in_addr *)ea->arp_spa; 583 char addr[INET_ADDRSTRLEN]; 584 struct ifnet *rifp; 585 unsigned int len; 586 int changed = 0; 587 588 KERNEL_ASSERT_LOCKED(); 589 KASSERT(sdl != NULL); 590 591 /* 592 * This can happen if the entry has been deleted by another CPU 593 * after we found it. 594 */ 595 if (la == NULL) 596 return (0); 597 598 if (sdl->sdl_alen > 0) { 599 if (memcmp(ea->arp_sha, LLADDR(sdl), sdl->sdl_alen)) { 600 if (ISSET(rt->rt_flags, RTF_PERMANENT_ARP|RTF_LOCAL)) { 601 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 602 log(LOG_WARNING, "arp: attempt to overwrite " 603 "permanent entry for %s by %s on %s\n", addr, 604 ether_sprintf(ea->arp_sha), ifp->if_xname); 605 return (-1); 606 } else if (rt->rt_ifidx != ifp->if_index) { 607 #if NCARP > 0 608 if (ifp->if_type != IFT_CARP) 609 #endif 610 { 611 rifp = if_get(rt->rt_ifidx); 612 if (rifp == NULL) 613 return (-1); 614 inet_ntop(AF_INET, spa, addr, 615 sizeof(addr)); 616 log(LOG_WARNING, "arp: attempt to " 617 "overwrite entry for %s on %s by " 618 "%s on %s\n", addr, rifp->if_xname, 619 ether_sprintf(ea->arp_sha), 620 ifp->if_xname); 621 if_put(rifp); 622 } 623 return (-1); 624 } else { 625 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 626 log(LOG_INFO, "arp info overwritten for %s by " 627 "%s on %s\n", addr, 628 ether_sprintf(ea->arp_sha), ifp->if_xname); 629 rt->rt_expire = 1;/* no longer static */ 630 } 631 changed = 1; 632 } 633 } else if (!if_isconnected(ifp, rt->rt_ifidx)) { 634 rifp = if_get(rt->rt_ifidx); 635 if (rifp == NULL) 636 return (-1); 637 inet_ntop(AF_INET, spa, addr, sizeof(addr)); 638 log(LOG_WARNING, "arp: attempt to add entry for %s on %s by %s" 639 " on %s\n", addr, rifp->if_xname, 640 ether_sprintf(ea->arp_sha), ifp->if_xname); 641 if_put(rifp); 642 return (-1); 643 } 644 sdl->sdl_alen = sizeof(ea->arp_sha); 645 memcpy(LLADDR(sdl), ea->arp_sha, sizeof(ea->arp_sha)); 646 if (rt->rt_expire) 647 rt->rt_expire = time_uptime + arpt_keep; 648 rt->rt_flags &= ~RTF_REJECT; 649 650 /* Notify userland that an ARP resolution has been done. */ 651 if (la->la_asked || changed) { 652 KERNEL_LOCK(); 653 rt_sendmsg(rt, RTM_RESOLVE, ifp->if_rdomain); 654 KERNEL_UNLOCK(); 655 } 656 657 la->la_asked = 0; 658 while ((len = ml_len(&la->la_ml)) != 0) { 659 struct mbuf *mh; 660 661 mh = ml_dequeue(&la->la_ml); 662 la_hold_total--; 663 664 ifp->if_output(ifp, mh, rt_key(rt), rt); 665 666 if (ml_len(&la->la_ml) == len) { 667 /* mbuf is back in queue. Discard. */ 668 while ((mh = ml_dequeue(&la->la_ml)) != NULL) { 669 la_hold_total--; 670 m_freem(mh); 671 } 672 break; 673 } 674 } 675 676 return (0); 677 } 678 679 void 680 arpinvalidate(struct rtentry *rt) 681 { 682 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 683 struct sockaddr_dl *sdl = satosdl(rt->rt_gateway); 684 685 la_hold_total -= ml_purge(&la->la_ml); 686 sdl->sdl_alen = 0; 687 la->la_asked = 0; 688 } 689 690 /* 691 * Free an arp entry. 692 */ 693 void 694 arptfree(struct rtentry *rt) 695 { 696 struct ifnet *ifp; 697 698 arpinvalidate(rt); 699 700 ifp = if_get(rt->rt_ifidx); 701 KASSERT(ifp != NULL); 702 if (!ISSET(rt->rt_flags, RTF_STATIC|RTF_CACHED)) 703 rtdeletemsg(rt, ifp, ifp->if_rdomain); 704 if_put(ifp); 705 } 706 707 /* 708 * Lookup or enter a new address in arptab. 709 */ 710 struct rtentry * 711 arplookup(struct in_addr *inp, int create, int proxy, u_int tableid) 712 { 713 struct rtentry *rt; 714 struct sockaddr_inarp sin; 715 int flags; 716 717 memset(&sin, 0, sizeof(sin)); 718 sin.sin_len = sizeof(sin); 719 sin.sin_family = AF_INET; 720 sin.sin_addr.s_addr = inp->s_addr; 721 sin.sin_other = proxy ? SIN_PROXY : 0; 722 flags = (create) ? RT_RESOLVE : 0; 723 724 rt = rtalloc((struct sockaddr *)&sin, flags, tableid); 725 if (!rtisvalid(rt) || ISSET(rt->rt_flags, RTF_GATEWAY) || 726 !ISSET(rt->rt_flags, RTF_LLINFO) || 727 rt->rt_gateway->sa_family != AF_LINK) { 728 rtfree(rt); 729 return (NULL); 730 } 731 732 if (proxy && !ISSET(rt->rt_flags, RTF_ANNOUNCE)) { 733 #ifdef ART 734 KERNEL_LOCK(); 735 while ((rt = rtable_iterate(rt)) != NULL) { 736 if (ISSET(rt->rt_flags, RTF_ANNOUNCE)) { 737 break; 738 } 739 } 740 KERNEL_UNLOCK(); 741 #endif /* ART */ 742 } 743 744 return (rt); 745 } 746 747 /* 748 * Check whether we do proxy ARP for this address and we point to ourselves. 749 */ 750 int 751 arpproxy(struct in_addr in, unsigned int rtableid) 752 { 753 struct sockaddr_dl *sdl; 754 struct rtentry *rt; 755 struct ifnet *ifp; 756 int found = 0; 757 758 rt = arplookup(&in, 0, SIN_PROXY, rtableid); 759 if (!rtisvalid(rt)) { 760 rtfree(rt); 761 return (0); 762 } 763 764 /* Check that arp information are correct. */ 765 sdl = satosdl(rt->rt_gateway); 766 if (sdl->sdl_alen != ETHER_ADDR_LEN) { 767 rtfree(rt); 768 return (0); 769 } 770 771 ifp = if_get(rt->rt_ifidx); 772 if (ifp == NULL) { 773 rtfree(rt); 774 return (0); 775 } 776 777 if (!memcmp(LLADDR(sdl), LLADDR(ifp->if_sadl), sdl->sdl_alen)) 778 found = 1; 779 780 if_put(ifp); 781 rtfree(rt); 782 return (found); 783 } 784 785 /* 786 * Called from Ethernet interrupt handlers 787 * when ether packet type ETHERTYPE_REVARP 788 * is received. Common length and type checks are done here, 789 * then the protocol-specific routine is called. 790 */ 791 void 792 revarpinput(struct ifnet *ifp, struct mbuf *m) 793 { 794 struct arphdr *ar; 795 796 if (m->m_len < sizeof(struct arphdr)) 797 goto out; 798 ar = mtod(m, struct arphdr *); 799 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) 800 goto out; 801 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln)) 802 goto out; 803 switch (ntohs(ar->ar_pro)) { 804 805 case ETHERTYPE_IP: 806 in_revarpinput(ifp, m); 807 return; 808 809 default: 810 break; 811 } 812 out: 813 m_freem(m); 814 } 815 816 /* 817 * RARP for Internet protocols on Ethernet. 818 * Algorithm is that given in RFC 903. 819 * We are only using for bootstrap purposes to get an ip address for one of 820 * our interfaces. Thus we support no user-interface. 821 * 822 * Since the contents of the RARP reply are specific to the interface that 823 * sent the request, this code must ensure that they are properly associated. 824 * 825 * Note: also supports ARP via RARP packets, per the RFC. 826 */ 827 void 828 in_revarpinput(struct ifnet *ifp, struct mbuf *m) 829 { 830 struct ether_arp *ar; 831 int op; 832 833 ar = mtod(m, struct ether_arp *); 834 op = ntohs(ar->arp_op); 835 switch (op) { 836 case ARPOP_REQUEST: 837 case ARPOP_REPLY: /* per RFC */ 838 niq_enqueue(&arpinq, m); 839 return; 840 case ARPOP_REVREPLY: 841 break; 842 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 843 default: 844 goto out; 845 } 846 #ifdef NFSCLIENT 847 if (revarp_ifidx == 0) 848 goto out; 849 if (revarp_ifidx != m->m_pkthdr.ph_ifidx) /* !same interface */ 850 goto out; 851 if (revarp_finished) 852 goto wake; 853 if (memcmp(ar->arp_tha, LLADDR(ifp->if_sadl), sizeof(ar->arp_tha))) 854 goto out; 855 memcpy(&revarp_srvip, ar->arp_spa, sizeof(revarp_srvip)); 856 memcpy(&revarp_myip, ar->arp_tpa, sizeof(revarp_myip)); 857 revarp_finished = 1; 858 wake: /* Do wakeup every time in case it was missed. */ 859 wakeup((caddr_t)&revarp_myip); 860 #endif /* NFSCLIENT */ 861 862 out: 863 m_freem(m); 864 } 865 866 /* 867 * Send a RARP request for the ip address of the specified interface. 868 * The request should be RFC 903-compliant. 869 */ 870 void 871 revarprequest(struct ifnet *ifp) 872 { 873 struct sockaddr sa; 874 struct mbuf *m; 875 struct ether_header *eh; 876 struct ether_arp *ea; 877 struct arpcom *ac = (struct arpcom *)ifp; 878 879 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 880 return; 881 m->m_len = sizeof(*ea); 882 m->m_pkthdr.len = sizeof(*ea); 883 m->m_pkthdr.pf.prio = ifp->if_llprio; 884 MH_ALIGN(m, sizeof(*ea)); 885 ea = mtod(m, struct ether_arp *); 886 eh = (struct ether_header *)sa.sa_data; 887 memset(ea, 0, sizeof(*ea)); 888 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 889 eh->ether_type = htons(ETHERTYPE_REVARP); 890 ea->arp_hrd = htons(ARPHRD_ETHER); 891 ea->arp_pro = htons(ETHERTYPE_IP); 892 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 893 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 894 ea->arp_op = htons(ARPOP_REVREQUEST); 895 memcpy(eh->ether_shost, ac->ac_enaddr, sizeof(ea->arp_tha)); 896 memcpy(ea->arp_sha, ac->ac_enaddr, sizeof(ea->arp_sha)); 897 memcpy(ea->arp_tha, ac->ac_enaddr, sizeof(ea->arp_tha)); 898 sa.sa_family = pseudo_AF_HDRCMPLT; 899 sa.sa_len = sizeof(sa); 900 m->m_flags |= M_BCAST; 901 ifp->if_output(ifp, m, &sa, NULL); 902 } 903 904 #ifdef NFSCLIENT 905 /* 906 * RARP for the ip address of the specified interface, but also 907 * save the ip address of the server that sent the answer. 908 * Timeout if no response is received. 909 */ 910 int 911 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 912 struct in_addr *clnt_in) 913 { 914 int result, count = 20; 915 916 if (revarp_finished) 917 return EIO; 918 919 revarp_ifidx = ifp->if_index; 920 while (count--) { 921 revarprequest(ifp); 922 result = tsleep((caddr_t)&revarp_myip, PSOCK, "revarp", hz/2); 923 if (result != EWOULDBLOCK) 924 break; 925 } 926 revarp_ifidx = 0; 927 if (!revarp_finished) 928 return ENETUNREACH; 929 930 memcpy(serv_in, &revarp_srvip, sizeof(*serv_in)); 931 memcpy(clnt_in, &revarp_myip, sizeof(*clnt_in)); 932 return 0; 933 } 934 935 /* For compatibility: only saves interface address. */ 936 int 937 revarpwhoami(struct in_addr *in, struct ifnet *ifp) 938 { 939 struct in_addr server; 940 return (revarpwhoarewe(ifp, &server, in)); 941 } 942 #endif /* NFSCLIENT */ 943