1 /* $NetBSD: if_arp.c,v 1.220 2016/07/28 09:03:50 ozaki-r Exp $ */
2
3 /*-
4 * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Public Access Networks Corporation ("Panix"). It was developed under
9 * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 */
32
33 /*
34 * Copyright (c) 1982, 1986, 1988, 1993
35 * The Regents of the University of California. All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. Neither the name of the University nor the names of its contributors
46 * may be used to endorse or promote products derived from this software
47 * without specific prior written permission.
48 *
49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 * SUCH DAMAGE.
60 *
61 * @(#)if_ether.c 8.2 (Berkeley) 9/26/94
62 */
63
64 /*
65 * Ethernet address resolution protocol.
66 * TODO:
67 * add "inuse/lock" bit (or ref. count) along with valid bit
68 */
69
70 #include <sys/cdefs.h>
71 __KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.220 2016/07/28 09:03:50 ozaki-r Exp $");
72
73 #ifdef _KERNEL_OPT
74 #include "opt_ddb.h"
75 #include "opt_inet.h"
76 #endif
77
78 #ifdef INET
79
80 #include "bridge.h"
81
82 #include <sys/param.h>
83 #include <sys/systm.h>
84 #include <sys/callout.h>
85 #include <sys/malloc.h>
86 #include <sys/mbuf.h>
87 #include <sys/socket.h>
88 #include <sys/time.h>
89 #include <sys/timetc.h>
90 #include <sys/kernel.h>
91 #include <sys/errno.h>
92 #include <sys/ioctl.h>
93 #include <sys/syslog.h>
94 #include <sys/proc.h>
95 #include <sys/protosw.h>
96 #include <sys/domain.h>
97 #include <sys/sysctl.h>
98 #include <sys/socketvar.h>
99 #include <sys/percpu.h>
100 #include <sys/cprng.h>
101 #include <sys/kmem.h>
102
103 #include <net/ethertypes.h>
104 #include <net/if.h>
105 #include <net/if_dl.h>
106 #include <net/if_token.h>
107 #include <net/if_types.h>
108 #include <net/if_ether.h>
109 #include <net/if_llatbl.h>
110 #include <net/net_osdep.h>
111 #include <net/route.h>
112 #include <net/net_stats.h>
113
114 #include <netinet/in.h>
115 #include <netinet/in_systm.h>
116 #include <netinet/in_var.h>
117 #include <netinet/ip.h>
118 #include <netinet/if_inarp.h>
119
120 #include "arcnet.h"
121 #if NARCNET > 0
122 #include <net/if_arc.h>
123 #endif
124 #include "fddi.h"
125 #if NFDDI > 0
126 #include <net/if_fddi.h>
127 #endif
128 #include "token.h"
129 #include "carp.h"
130 #if NCARP > 0
131 #include <netinet/ip_carp.h>
132 #endif
133
134 #define SIN(s) ((struct sockaddr_in *)s)
135 #define SRP(s) ((struct sockaddr_inarp *)s)
136
137 /*
138 * ARP trailer negotiation. Trailer protocol is not IP specific,
139 * but ARP request/response use IP addresses.
140 */
141 #define ETHERTYPE_IPTRAILERS ETHERTYPE_TRAIL
142
143 /* timer values */
144 static int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */
145 static int arpt_down = 20; /* once declared down, don't send for 20 secs */
146 static int arp_maxhold = 1; /* number of packets to hold per ARP entry */
147 #define rt_expire rt_rmx.rmx_expire
148 #define rt_pksent rt_rmx.rmx_pksent
149
150 int ip_dad_count = PROBE_NUM;
151 #ifdef ARP_DEBUG
152 static int arp_debug = 1;
153 #else
154 static int arp_debug = 0;
155 #endif
156 #define arplog(x) do { if (arp_debug) log x; } while (/*CONSTCOND*/ 0)
157
158 static void arp_init(void);
159
160 static struct sockaddr *arp_setgate(struct rtentry *, struct sockaddr *,
161 const struct sockaddr *);
162 static void arptimer(void *);
163 static void arp_settimer(struct llentry *, int);
164 static struct llentry *arplookup(struct ifnet *, struct mbuf *,
165 const struct in_addr *, const struct sockaddr *, int);
166 static struct llentry *arpcreate(struct ifnet *, struct mbuf *,
167 const struct in_addr *, const struct sockaddr *, int);
168 static void in_arpinput(struct mbuf *);
169 static void in_revarpinput(struct mbuf *);
170 static void revarprequest(struct ifnet *);
171
172 static void arp_drainstub(void);
173
174 static void arp_dad_timer(struct ifaddr *);
175 static void arp_dad_start(struct ifaddr *);
176 static void arp_dad_stop(struct ifaddr *);
177 static void arp_dad_duplicated(struct ifaddr *);
178
179 static void arp_init_llentry(struct ifnet *, struct llentry *);
180 #if NTOKEN > 0
181 static void arp_free_llentry_tokenring(struct llentry *);
182 #endif
183
184 struct ifqueue arpintrq = {
185 .ifq_head = NULL,
186 .ifq_tail = NULL,
187 .ifq_len = 0,
188 .ifq_maxlen = 50,
189 .ifq_drops = 0,
190 };
191 static int arp_maxtries = 5;
192 static int useloopback = 1; /* use loopback interface for local traffic */
193
194 static percpu_t *arpstat_percpu;
195
196 #define ARP_STAT_GETREF() _NET_STAT_GETREF(arpstat_percpu)
197 #define ARP_STAT_PUTREF() _NET_STAT_PUTREF(arpstat_percpu)
198
199 #define ARP_STATINC(x) _NET_STATINC(arpstat_percpu, x)
200 #define ARP_STATADD(x, v) _NET_STATADD(arpstat_percpu, x, v)
201
202 /* revarp state */
203 static struct in_addr myip, srv_ip;
204 static int myip_initialized = 0;
205 static int revarp_in_progress = 0;
206 static struct ifnet *myip_ifp = NULL;
207
208 static int arp_drainwanted;
209
210 static int log_movements = 1;
211 static int log_permanent_modify = 1;
212 static int log_wrong_iface = 1;
213 static int log_unknown_network = 1;
214
215 /*
216 * this should be elsewhere.
217 */
218
219 static char *
220 lla_snprintf(u_int8_t *, int);
221
222 static char *
lla_snprintf(u_int8_t * adrp,int len)223 lla_snprintf(u_int8_t *adrp, int len)
224 {
225 #define NUMBUFS 3
226 static char buf[NUMBUFS][16*3];
227 static int bnum = 0;
228
229 int i;
230 char *p;
231
232 p = buf[bnum];
233
234 *p++ = hexdigits[(*adrp)>>4];
235 *p++ = hexdigits[(*adrp++)&0xf];
236
237 for (i=1; i<len && i<16; i++) {
238 *p++ = ':';
239 *p++ = hexdigits[(*adrp)>>4];
240 *p++ = hexdigits[(*adrp++)&0xf];
241 }
242
243 *p = 0;
244 p = buf[bnum];
245 bnum = (bnum + 1) % NUMBUFS;
246 return p;
247 }
248
249 DOMAIN_DEFINE(arpdomain); /* forward declare and add to link set */
250
251 static void
arp_fasttimo(void)252 arp_fasttimo(void)
253 {
254 if (arp_drainwanted) {
255 arp_drain();
256 arp_drainwanted = 0;
257 }
258 }
259
260 const struct protosw arpsw[] = {
261 { .pr_type = 0,
262 .pr_domain = &arpdomain,
263 .pr_protocol = 0,
264 .pr_flags = 0,
265 .pr_input = 0,
266 .pr_ctlinput = 0,
267 .pr_ctloutput = 0,
268 .pr_usrreqs = 0,
269 .pr_init = arp_init,
270 .pr_fasttimo = arp_fasttimo,
271 .pr_slowtimo = 0,
272 .pr_drain = arp_drainstub,
273 }
274 };
275
276 struct domain arpdomain = {
277 .dom_family = PF_ARP,
278 .dom_name = "arp",
279 .dom_protosw = arpsw,
280 .dom_protoswNPROTOSW = &arpsw[__arraycount(arpsw)],
281 };
282
283 static void sysctl_net_inet_arp_setup(struct sysctllog **);
284
285 void
arp_init(void)286 arp_init(void)
287 {
288
289 sysctl_net_inet_arp_setup(NULL);
290 arpstat_percpu = percpu_alloc(sizeof(uint64_t) * ARP_NSTATS);
291 }
292
293 static void
arp_drainstub(void)294 arp_drainstub(void)
295 {
296 arp_drainwanted = 1;
297 }
298
299 /*
300 * ARP protocol drain routine. Called when memory is in short supply.
301 * Called at splvm(); don't acquire softnet_lock as can be called from
302 * hardware interrupt handlers.
303 */
304 void
arp_drain(void)305 arp_drain(void)
306 {
307
308 lltable_drain(AF_INET);
309 }
310
311 static void
arptimer(void * arg)312 arptimer(void *arg)
313 {
314 struct llentry *lle = arg;
315 struct ifnet *ifp;
316
317 if (lle == NULL)
318 return;
319
320 if (lle->la_flags & LLE_STATIC)
321 return;
322
323 LLE_WLOCK(lle);
324 if (callout_pending(&lle->la_timer)) {
325 /*
326 * Here we are a bit odd here in the treatment of
327 * active/pending. If the pending bit is set, it got
328 * rescheduled before I ran. The active
329 * bit we ignore, since if it was stopped
330 * in ll_tablefree() and was currently running
331 * it would have return 0 so the code would
332 * not have deleted it since the callout could
333 * not be stopped so we want to go through
334 * with the delete here now. If the callout
335 * was restarted, the pending bit will be back on and
336 * we just want to bail since the callout_reset would
337 * return 1 and our reference would have been removed
338 * by arpresolve() below.
339 */
340 LLE_WUNLOCK(lle);
341 return;
342 }
343 ifp = lle->lle_tbl->llt_ifp;
344
345 callout_stop(&lle->la_timer);
346
347 /* XXX: LOR avoidance. We still have ref on lle. */
348 LLE_WUNLOCK(lle);
349
350 IF_AFDATA_LOCK(ifp);
351 LLE_WLOCK(lle);
352
353 /* Guard against race with other llentry_free(). */
354 if (lle->la_flags & LLE_LINKED) {
355 size_t pkts_dropped;
356
357 LLE_REMREF(lle);
358 pkts_dropped = llentry_free(lle);
359 ARP_STATADD(ARP_STAT_DFRDROPPED, pkts_dropped);
360 } else {
361 LLE_FREE_LOCKED(lle);
362 }
363
364 IF_AFDATA_UNLOCK(ifp);
365 }
366
367 static void
arp_settimer(struct llentry * la,int sec)368 arp_settimer(struct llentry *la, int sec)
369 {
370
371 LLE_WLOCK_ASSERT(la);
372 LLE_ADDREF(la);
373 callout_reset(&la->la_timer, hz * sec, arptimer, la);
374 }
375
376 /*
377 * We set the gateway for RTF_CLONING routes to a "prototype"
378 * link-layer sockaddr whose interface type (if_type) and interface
379 * index (if_index) fields are prepared.
380 */
381 static struct sockaddr *
arp_setgate(struct rtentry * rt,struct sockaddr * gate,const struct sockaddr * netmask)382 arp_setgate(struct rtentry *rt, struct sockaddr *gate,
383 const struct sockaddr *netmask)
384 {
385 const struct ifnet *ifp = rt->rt_ifp;
386 uint8_t namelen = strlen(ifp->if_xname);
387 uint8_t addrlen = ifp->if_addrlen;
388
389 /*
390 * XXX: If this is a manually added route to interface
391 * such as older version of routed or gated might provide,
392 * restore cloning bit.
393 */
394 if ((rt->rt_flags & RTF_HOST) == 0 && netmask != NULL &&
395 satocsin(netmask)->sin_addr.s_addr != 0xffffffff)
396 rt->rt_flags |= RTF_CONNECTED;
397
398 if ((rt->rt_flags & (RTF_CONNECTED | RTF_LOCAL))) {
399 union {
400 struct sockaddr sa;
401 struct sockaddr_storage ss;
402 struct sockaddr_dl sdl;
403 } u;
404 /*
405 * Case 1: This route should come from a route to iface.
406 */
407 sockaddr_dl_init(&u.sdl, sizeof(u.ss),
408 ifp->if_index, ifp->if_type, NULL, namelen, NULL, addrlen);
409 rt_setgate(rt, &u.sa);
410 gate = rt->rt_gateway;
411 }
412 return gate;
413 }
414
415 static void
arp_init_llentry(struct ifnet * ifp,struct llentry * lle)416 arp_init_llentry(struct ifnet *ifp, struct llentry *lle)
417 {
418
419 switch (ifp->if_type) {
420 #if NTOKEN > 0
421 case IFT_ISO88025:
422 lle->la_opaque = kmem_intr_alloc(sizeof(struct token_rif),
423 KM_NOSLEEP);
424 lle->lle_ll_free = arp_free_llentry_tokenring;
425 break;
426 #endif
427 }
428 }
429
430 #if NTOKEN > 0
431 static void
arp_free_llentry_tokenring(struct llentry * lle)432 arp_free_llentry_tokenring(struct llentry *lle)
433 {
434
435 kmem_intr_free(lle->la_opaque, sizeof(struct token_rif));
436 }
437 #endif
438
439 /*
440 * Parallel to llc_rtrequest.
441 */
442 void
arp_rtrequest(int req,struct rtentry * rt,const struct rt_addrinfo * info)443 arp_rtrequest(int req, struct rtentry *rt, const struct rt_addrinfo *info)
444 {
445 struct sockaddr *gate = rt->rt_gateway;
446 struct in_ifaddr *ia;
447 struct ifaddr *ifa;
448 struct ifnet *ifp = rt->rt_ifp;
449
450 if (req == RTM_LLINFO_UPD) {
451 struct in_addr *in;
452
453 if ((ifa = info->rti_ifa) == NULL)
454 return;
455
456 in = &ifatoia(ifa)->ia_addr.sin_addr;
457
458 if (ifatoia(ifa)->ia4_flags &
459 (IN_IFF_NOTREADY | IN_IFF_DETACHED))
460 {
461 arplog((LOG_DEBUG, "arp_request: %s not ready\n",
462 in_fmtaddr(*in)));
463 return;
464 }
465
466 arprequest(ifa->ifa_ifp, in, in,
467 CLLADDR(ifa->ifa_ifp->if_sadl));
468 return;
469 }
470
471 if ((rt->rt_flags & RTF_GATEWAY) != 0) {
472 if (req != RTM_ADD)
473 return;
474
475 /*
476 * linklayers with particular link MTU limitation.
477 */
478 switch(ifp->if_type) {
479 #if NFDDI > 0
480 case IFT_FDDI:
481 if (ifp->if_mtu > FDDIIPMTU)
482 rt->rt_rmx.rmx_mtu = FDDIIPMTU;
483 break;
484 #endif
485 #if NARCNET > 0
486 case IFT_ARCNET:
487 {
488 int arcipifmtu;
489
490 if (ifp->if_flags & IFF_LINK0)
491 arcipifmtu = arc_ipmtu;
492 else
493 arcipifmtu = ARCMTU;
494 if (ifp->if_mtu > arcipifmtu)
495 rt->rt_rmx.rmx_mtu = arcipifmtu;
496 break;
497 }
498 #endif
499 }
500 return;
501 }
502
503 switch (req) {
504 case RTM_SETGATE:
505 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]);
506 break;
507 case RTM_ADD:
508 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]);
509 if (gate == NULL) {
510 log(LOG_ERR, "%s: arp_setgate failed\n", __func__);
511 break;
512 }
513 if ((rt->rt_flags & RTF_CONNECTED) ||
514 (rt->rt_flags & RTF_LOCAL)) {
515 /*
516 * Give this route an expiration time, even though
517 * it's a "permanent" route, so that routes cloned
518 * from it do not need their expiration time set.
519 */
520 KASSERT(time_uptime != 0);
521 rt->rt_expire = time_uptime;
522 /*
523 * linklayers with particular link MTU limitation.
524 */
525 switch (ifp->if_type) {
526 #if NFDDI > 0
527 case IFT_FDDI:
528 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 &&
529 (rt->rt_rmx.rmx_mtu > FDDIIPMTU ||
530 (rt->rt_rmx.rmx_mtu == 0 &&
531 ifp->if_mtu > FDDIIPMTU)))
532 rt->rt_rmx.rmx_mtu = FDDIIPMTU;
533 break;
534 #endif
535 #if NARCNET > 0
536 case IFT_ARCNET:
537 {
538 int arcipifmtu;
539 if (ifp->if_flags & IFF_LINK0)
540 arcipifmtu = arc_ipmtu;
541 else
542 arcipifmtu = ARCMTU;
543
544 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 &&
545 (rt->rt_rmx.rmx_mtu > arcipifmtu ||
546 (rt->rt_rmx.rmx_mtu == 0 &&
547 ifp->if_mtu > arcipifmtu)))
548 rt->rt_rmx.rmx_mtu = arcipifmtu;
549 break;
550 }
551 #endif
552 }
553 if (rt->rt_flags & RTF_CONNECTED)
554 break;
555 }
556 /* Announce a new entry if requested. */
557 if (rt->rt_flags & RTF_ANNOUNCE) {
558 ia = in_get_ia_on_iface(
559 satocsin(rt_getkey(rt))->sin_addr, ifp);
560 if (ia == NULL ||
561 ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED))
562 ;
563 else
564 arprequest(ifp,
565 &satocsin(rt_getkey(rt))->sin_addr,
566 &satocsin(rt_getkey(rt))->sin_addr,
567 CLLADDR(satocsdl(gate)));
568 }
569
570 if (gate->sa_family != AF_LINK ||
571 gate->sa_len < sockaddr_dl_measure(0, ifp->if_addrlen)) {
572 log(LOG_DEBUG, "%s: bad gateway value\n", __func__);
573 break;
574 }
575
576 satosdl(gate)->sdl_type = ifp->if_type;
577 satosdl(gate)->sdl_index = ifp->if_index;
578
579 /* If the route is for a broadcast address mark it as such.
580 * This way we can avoid an expensive call to in_broadcast()
581 * in ip_output() most of the time (because the route passed
582 * to ip_output() is almost always a host route). */
583 if (rt->rt_flags & RTF_HOST &&
584 !(rt->rt_flags & RTF_BROADCAST) &&
585 in_broadcast(satocsin(rt_getkey(rt))->sin_addr, rt->rt_ifp))
586 rt->rt_flags |= RTF_BROADCAST;
587 /* There is little point in resolving the broadcast address */
588 if (rt->rt_flags & RTF_BROADCAST)
589 break;
590
591 /*
592 * When called from rt_ifa_addlocal, we cannot depend on that
593 * the address (rt_getkey(rt)) exits in the address list of the
594 * interface. So check RTF_LOCAL instead.
595 */
596 if (rt->rt_flags & RTF_LOCAL) {
597 rt->rt_expire = 0;
598 if (useloopback) {
599 rt->rt_ifp = lo0ifp;
600 rt->rt_rmx.rmx_mtu = 0;
601 }
602 break;
603 }
604
605 ia = in_get_ia_on_iface(satocsin(rt_getkey(rt))->sin_addr, ifp);
606 if (ia == NULL)
607 break;
608
609 rt->rt_expire = 0;
610 if (useloopback) {
611 rt->rt_ifp = lo0ifp;
612 rt->rt_rmx.rmx_mtu = 0;
613 }
614 rt->rt_flags |= RTF_LOCAL;
615 /*
616 * make sure to set rt->rt_ifa to the interface
617 * address we are using, otherwise we will have trouble
618 * with source address selection.
619 */
620 ifa = &ia->ia_ifa;
621 if (ifa != rt->rt_ifa)
622 rt_replace_ifa(rt, ifa);
623 break;
624 }
625 }
626
627 /*
628 * Broadcast an ARP request. Caller specifies:
629 * - arp header source ip address
630 * - arp header target ip address
631 * - arp header source ethernet address
632 */
633 void
arprequest(struct ifnet * ifp,const struct in_addr * sip,const struct in_addr * tip,const u_int8_t * enaddr)634 arprequest(struct ifnet *ifp,
635 const struct in_addr *sip, const struct in_addr *tip,
636 const u_int8_t *enaddr)
637 {
638 struct mbuf *m;
639 struct arphdr *ah;
640 struct sockaddr sa;
641 uint64_t *arps;
642
643 KASSERT(sip != NULL);
644 KASSERT(tip != NULL);
645 KASSERT(enaddr != NULL);
646
647 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL)
648 return;
649 MCLAIM(m, &arpdomain.dom_mowner);
650 switch (ifp->if_type) {
651 case IFT_IEEE1394:
652 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) +
653 ifp->if_addrlen;
654 break;
655 default:
656 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) +
657 2 * ifp->if_addrlen;
658 break;
659 }
660 m->m_pkthdr.len = m->m_len;
661 MH_ALIGN(m, m->m_len);
662 ah = mtod(m, struct arphdr *);
663 memset(ah, 0, m->m_len);
664 switch (ifp->if_type) {
665 case IFT_IEEE1394: /* RFC2734 */
666 /* fill it now for ar_tpa computation */
667 ah->ar_hrd = htons(ARPHRD_IEEE1394);
668 break;
669 default:
670 /* ifp->if_output will fill ar_hrd */
671 break;
672 }
673 ah->ar_pro = htons(ETHERTYPE_IP);
674 ah->ar_hln = ifp->if_addrlen; /* hardware address length */
675 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */
676 ah->ar_op = htons(ARPOP_REQUEST);
677 memcpy(ar_sha(ah), enaddr, ah->ar_hln);
678 memcpy(ar_spa(ah), sip, ah->ar_pln);
679 memcpy(ar_tpa(ah), tip, ah->ar_pln);
680 sa.sa_family = AF_ARP;
681 sa.sa_len = 2;
682 m->m_flags |= M_BCAST;
683 arps = ARP_STAT_GETREF();
684 arps[ARP_STAT_SNDTOTAL]++;
685 arps[ARP_STAT_SENDREQUEST]++;
686 ARP_STAT_PUTREF();
687 if_output_lock(ifp, ifp, m, &sa, NULL);
688 }
689
690 /*
691 * Resolve an IP address into an ethernet address. If success,
692 * desten is filled in. If there is no entry in arptab,
693 * set one up and broadcast a request for the IP address.
694 * Hold onto this mbuf and resend it once the address
695 * is finally resolved. A return value of 0 indicates
696 * that desten has been filled in and the packet should be sent
697 * normally; a return value of EWOULDBLOCK indicates that the packet has been
698 * held pending resolution.
699 * Any other value indicates an error.
700 */
701 int
arpresolve(struct ifnet * ifp,const struct rtentry * rt,struct mbuf * m,const struct sockaddr * dst,void * desten,size_t destlen)702 arpresolve(struct ifnet *ifp, const struct rtentry *rt, struct mbuf *m,
703 const struct sockaddr *dst, void *desten, size_t destlen)
704 {
705 struct llentry *la;
706 const char *create_lookup;
707 bool renew;
708 int error;
709
710 KASSERT(m != NULL);
711
712 la = arplookup(ifp, m, NULL, dst, 0);
713 if (la == NULL)
714 goto notfound;
715
716 if ((la->la_flags & LLE_VALID) &&
717 ((la->la_flags & LLE_STATIC) || la->la_expire > time_uptime)) {
718 KASSERT(destlen >= ifp->if_addrlen);
719 memcpy(desten, &la->ll_addr, ifp->if_addrlen);
720 LLE_RUNLOCK(la);
721 return 0;
722 }
723
724 notfound:
725 #ifdef IFF_STATICARP /* FreeBSD */
726 #define _IFF_NOARP (IFF_NOARP | IFF_STATICARP)
727 #else
728 #define _IFF_NOARP IFF_NOARP
729 #endif
730 if (ifp->if_flags & _IFF_NOARP) {
731 if (la != NULL)
732 LLE_RUNLOCK(la);
733 error = ENOTSUP;
734 goto bad;
735 }
736 #undef _IFF_NOARP
737 if (la == NULL) {
738 create_lookup = "create";
739 IF_AFDATA_WLOCK(ifp);
740 la = lla_create(LLTABLE(ifp), LLE_EXCLUSIVE, dst);
741 IF_AFDATA_WUNLOCK(ifp);
742 if (la == NULL)
743 ARP_STATINC(ARP_STAT_ALLOCFAIL);
744 else
745 arp_init_llentry(ifp, la);
746 } else if (LLE_TRY_UPGRADE(la) == 0) {
747 create_lookup = "lookup";
748 LLE_RUNLOCK(la);
749 IF_AFDATA_RLOCK(ifp);
750 la = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst);
751 IF_AFDATA_RUNLOCK(ifp);
752 }
753
754 error = EINVAL;
755 if (la == NULL) {
756 log(LOG_DEBUG,
757 "%s: failed to %s llentry for %s on %s\n",
758 __func__, create_lookup, inet_ntoa(satocsin(dst)->sin_addr),
759 ifp->if_xname);
760 goto bad;
761 }
762
763 if ((la->la_flags & LLE_VALID) &&
764 ((la->la_flags & LLE_STATIC) || la->la_expire > time_uptime))
765 {
766 KASSERT(destlen >= ifp->if_addrlen);
767 memcpy(desten, &la->ll_addr, ifp->if_addrlen);
768 renew = false;
769 /*
770 * If entry has an expiry time and it is approaching,
771 * see if we need to send an ARP request within this
772 * arpt_down interval.
773 */
774 if (!(la->la_flags & LLE_STATIC) &&
775 time_uptime + la->la_preempt > la->la_expire)
776 {
777 renew = true;
778 la->la_preempt--;
779 }
780
781 LLE_WUNLOCK(la);
782
783 if (renew) {
784 const u_int8_t *enaddr =
785 #if NCARP > 0
786 (ifp->if_type == IFT_CARP) ?
787 CLLADDR(ifp->if_sadl):
788 #endif
789 CLLADDR(ifp->if_sadl);
790 arprequest(ifp,
791 &satocsin(rt->rt_ifa->ifa_addr)->sin_addr,
792 &satocsin(dst)->sin_addr, enaddr);
793 }
794
795 return 0;
796 }
797
798 if (la->la_flags & LLE_STATIC) { /* should not happen! */
799 LLE_RUNLOCK(la);
800 log(LOG_DEBUG, "%s: ouch, empty static llinfo for %s\n",
801 __func__, inet_ntoa(satocsin(dst)->sin_addr));
802 error = EINVAL;
803 goto bad;
804 }
805
806 renew = (la->la_asked == 0 || la->la_expire != time_uptime);
807
808 /*
809 * There is an arptab entry, but no ethernet address
810 * response yet. Add the mbuf to the list, dropping
811 * the oldest packet if we have exceeded the system
812 * setting.
813 */
814 LLE_WLOCK_ASSERT(la);
815 if (la->la_numheld >= arp_maxhold) {
816 if (la->la_hold != NULL) {
817 struct mbuf *next = la->la_hold->m_nextpkt;
818 m_freem(la->la_hold);
819 la->la_hold = next;
820 la->la_numheld--;
821 ARP_STATINC(ARP_STAT_DFRDROPPED);
822 }
823 }
824 if (la->la_hold != NULL) {
825 struct mbuf *curr = la->la_hold;
826 while (curr->m_nextpkt != NULL)
827 curr = curr->m_nextpkt;
828 curr->m_nextpkt = m;
829 } else
830 la->la_hold = m;
831 la->la_numheld++;
832 if (!renew)
833 LLE_DOWNGRADE(la);
834
835 /*
836 * Return EWOULDBLOCK if we have tried less than arp_maxtries. It
837 * will be masked by ether_output(). Return EHOSTDOWN/EHOSTUNREACH
838 * if we have already sent arp_maxtries ARP requests. Retransmit the
839 * ARP request, but not faster than one request per second.
840 */
841 if (la->la_asked < arp_maxtries)
842 error = EWOULDBLOCK; /* First request. */
843 else
844 error = (rt != NULL && rt->rt_flags & RTF_GATEWAY) ?
845 EHOSTUNREACH : EHOSTDOWN;
846
847 if (renew) {
848 const u_int8_t *enaddr =
849 #if NCARP > 0
850 (rt != NULL && rt->rt_ifp->if_type == IFT_CARP) ?
851 CLLADDR(rt->rt_ifp->if_sadl):
852 #endif
853 CLLADDR(ifp->if_sadl);
854 la->la_expire = time_uptime;
855 arp_settimer(la, arpt_down);
856 la->la_asked++;
857 LLE_WUNLOCK(la);
858
859 if (rt != NULL) {
860 arprequest(ifp, &satocsin(rt->rt_ifa->ifa_addr)->sin_addr,
861 &satocsin(dst)->sin_addr, enaddr);
862 } else {
863 struct sockaddr_in sin;
864 struct rtentry *_rt;
865
866 sockaddr_in_init(&sin, &la->r_l3addr.addr4, 0);
867
868 /* XXX */
869 _rt = rtalloc1((struct sockaddr *)&sin, 0);
870 if (_rt == NULL)
871 goto bad;
872 arprequest(ifp,
873 &satocsin(_rt->rt_ifa->ifa_addr)->sin_addr,
874 &satocsin(dst)->sin_addr, enaddr);
875 rtfree(_rt);
876 }
877 return error;
878 }
879
880 LLE_RUNLOCK(la);
881 return error;
882
883 bad:
884 m_freem(m);
885 return error;
886 }
887
888 /*
889 * Common length and type checks are done here,
890 * then the protocol-specific routine is called.
891 */
892 void
arpintr(void)893 arpintr(void)
894 {
895 struct mbuf *m;
896 struct arphdr *ar;
897 int s;
898 int arplen;
899
900 mutex_enter(softnet_lock);
901 KERNEL_LOCK(1, NULL);
902 while (arpintrq.ifq_head) {
903 struct ifnet *rcvif;
904
905 s = splnet();
906 IF_DEQUEUE(&arpintrq, m);
907 splx(s);
908 if (m == NULL || (m->m_flags & M_PKTHDR) == 0)
909 panic("arpintr");
910
911 MCLAIM(m, &arpdomain.dom_mowner);
912 ARP_STATINC(ARP_STAT_RCVTOTAL);
913
914 /*
915 * First, make sure we have at least struct arphdr.
916 */
917 if (m->m_len < sizeof(struct arphdr) ||
918 (ar = mtod(m, struct arphdr *)) == NULL)
919 goto badlen;
920
921 rcvif = m_get_rcvif(m, &s);
922 switch (rcvif->if_type) {
923 case IFT_IEEE1394:
924 arplen = sizeof(struct arphdr) +
925 ar->ar_hln + 2 * ar->ar_pln;
926 break;
927 default:
928 arplen = sizeof(struct arphdr) +
929 2 * ar->ar_hln + 2 * ar->ar_pln;
930 break;
931 }
932 m_put_rcvif(rcvif, &s);
933
934 if (/* XXX ntohs(ar->ar_hrd) == ARPHRD_ETHER && */
935 m->m_len >= arplen)
936 switch (ntohs(ar->ar_pro)) {
937 case ETHERTYPE_IP:
938 case ETHERTYPE_IPTRAILERS:
939 in_arpinput(m);
940 continue;
941 default:
942 ARP_STATINC(ARP_STAT_RCVBADPROTO);
943 }
944 else {
945 badlen:
946 ARP_STATINC(ARP_STAT_RCVBADLEN);
947 }
948 m_freem(m);
949 }
950 KERNEL_UNLOCK_ONE(NULL);
951 mutex_exit(softnet_lock);
952 }
953
954 /*
955 * ARP for Internet protocols on 10 Mb/s Ethernet.
956 * Algorithm is that given in RFC 826.
957 * In addition, a sanity check is performed on the sender
958 * protocol address, to catch impersonators.
959 * We no longer handle negotiations for use of trailer protocol:
960 * Formerly, ARP replied for protocol type ETHERTYPE_TRAIL sent
961 * along with IP replies if we wanted trailers sent to us,
962 * and also sent them in response to IP replies.
963 * This allowed either end to announce the desire to receive
964 * trailer packets.
965 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either,
966 * but formerly didn't normally send requests.
967 */
968 static void
in_arpinput(struct mbuf * m)969 in_arpinput(struct mbuf *m)
970 {
971 struct arphdr *ah;
972 struct ifnet *ifp, *rcvif = NULL;
973 struct llentry *la = NULL;
974 struct in_ifaddr *ia;
975 #if NBRIDGE > 0
976 struct in_ifaddr *bridge_ia = NULL;
977 #endif
978 #if NCARP > 0
979 u_int32_t count = 0, index = 0;
980 #endif
981 struct sockaddr sa;
982 struct in_addr isaddr, itaddr, myaddr;
983 int op;
984 void *tha;
985 uint64_t *arps;
986 struct psref psref;
987
988 if (__predict_false(m_makewritable(&m, 0, m->m_pkthdr.len, M_DONTWAIT)))
989 goto out;
990 ah = mtod(m, struct arphdr *);
991 op = ntohs(ah->ar_op);
992
993 rcvif = ifp = m_get_rcvif_psref(m, &psref);
994 if (__predict_false(rcvif == NULL))
995 goto drop;
996 /*
997 * Fix up ah->ar_hrd if necessary, before using ar_tha() or
998 * ar_tpa().
999 */
1000 switch (ifp->if_type) {
1001 case IFT_IEEE1394:
1002 if (ntohs(ah->ar_hrd) == ARPHRD_IEEE1394)
1003 ;
1004 else {
1005 /* XXX this is to make sure we compute ar_tha right */
1006 /* XXX check ar_hrd more strictly? */
1007 ah->ar_hrd = htons(ARPHRD_IEEE1394);
1008 }
1009 break;
1010 default:
1011 /* XXX check ar_hrd? */
1012 break;
1013 }
1014
1015 memcpy(&isaddr, ar_spa(ah), sizeof (isaddr));
1016 memcpy(&itaddr, ar_tpa(ah), sizeof (itaddr));
1017
1018 if (m->m_flags & (M_BCAST|M_MCAST))
1019 ARP_STATINC(ARP_STAT_RCVMCAST);
1020
1021
1022 /*
1023 * Search for a matching interface address
1024 * or any address on the interface to use
1025 * as a dummy address in the rest of this function
1026 */
1027 IN_ADDRHASH_READER_FOREACH(ia, itaddr.s_addr) {
1028 if (!in_hosteq(ia->ia_addr.sin_addr, itaddr))
1029 continue;
1030 #if NCARP > 0
1031 if (ia->ia_ifp->if_type == IFT_CARP &&
1032 ((ia->ia_ifp->if_flags & (IFF_UP|IFF_RUNNING)) ==
1033 (IFF_UP|IFF_RUNNING))) {
1034 index++;
1035 if (ia->ia_ifp == rcvif &&
1036 carp_iamatch(ia, ar_sha(ah),
1037 &count, index)) {
1038 break;
1039 }
1040 } else
1041 #endif
1042 if (ia->ia_ifp == rcvif)
1043 break;
1044 #if NBRIDGE > 0
1045 /*
1046 * If the interface we received the packet on
1047 * is part of a bridge, check to see if we need
1048 * to "bridge" the packet to ourselves at this
1049 * layer. Note we still prefer a perfect match,
1050 * but allow this weaker match if necessary.
1051 */
1052 if (rcvif->if_bridge != NULL &&
1053 rcvif->if_bridge == ia->ia_ifp->if_bridge)
1054 bridge_ia = ia;
1055 #endif /* NBRIDGE > 0 */
1056 }
1057
1058 #if NBRIDGE > 0
1059 if (ia == NULL && bridge_ia != NULL) {
1060 ia = bridge_ia;
1061 m_put_rcvif_psref(rcvif, &psref);
1062 rcvif = NULL;
1063 /* FIXME */
1064 ifp = bridge_ia->ia_ifp;
1065 }
1066 #endif
1067
1068 if (ia == NULL) {
1069 ia = in_get_ia_on_iface(isaddr, rcvif);
1070 if (ia == NULL) {
1071 ia = in_get_ia_from_ifp(ifp);
1072 if (ia == NULL) {
1073 ARP_STATINC(ARP_STAT_RCVNOINT);
1074 goto out;
1075 }
1076 }
1077 }
1078
1079 myaddr = ia->ia_addr.sin_addr;
1080
1081 /* XXX checks for bridge case? */
1082 if (!memcmp(ar_sha(ah), CLLADDR(ifp->if_sadl), ifp->if_addrlen)) {
1083 ARP_STATINC(ARP_STAT_RCVLOCALSHA);
1084 goto out; /* it's from me, ignore it. */
1085 }
1086
1087 /* XXX checks for bridge case? */
1088 if (!memcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) {
1089 ARP_STATINC(ARP_STAT_RCVBCASTSHA);
1090 log(LOG_ERR,
1091 "%s: arp: link address is broadcast for IP address %s!\n",
1092 ifp->if_xname, in_fmtaddr(isaddr));
1093 goto out;
1094 }
1095
1096 /*
1097 * If the source IP address is zero, this is an RFC 5227 ARP probe
1098 */
1099 if (in_nullhost(isaddr))
1100 ARP_STATINC(ARP_STAT_RCVZEROSPA);
1101 else if (in_hosteq(isaddr, myaddr))
1102 ARP_STATINC(ARP_STAT_RCVLOCALSPA);
1103
1104 if (in_nullhost(itaddr))
1105 ARP_STATINC(ARP_STAT_RCVZEROTPA);
1106
1107 /* DAD check, RFC 5227 2.1.1, Probe Details */
1108 if (in_hosteq(isaddr, myaddr) ||
1109 (in_nullhost(isaddr) && in_hosteq(itaddr, myaddr)))
1110 {
1111 /* If our address is tentative, mark it as duplicated */
1112 if (ia->ia4_flags & IN_IFF_TENTATIVE)
1113 arp_dad_duplicated((struct ifaddr *)ia);
1114 /* If our address is unuseable, don't reply */
1115 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED))
1116 goto out;
1117 }
1118
1119 /*
1120 * If the target IP address is zero, ignore the packet.
1121 * This prevents the code below from tring to answer
1122 * when we are using IP address zero (booting).
1123 */
1124 if (in_nullhost(itaddr))
1125 goto out;
1126
1127 if (in_nullhost(isaddr))
1128 goto reply;
1129
1130 if (in_hosteq(isaddr, myaddr)) {
1131 log(LOG_ERR,
1132 "duplicate IP address %s sent from link address %s\n",
1133 in_fmtaddr(isaddr), lla_snprintf(ar_sha(ah), ah->ar_hln));
1134 itaddr = myaddr;
1135 goto reply;
1136 }
1137
1138 if (in_hosteq(itaddr, myaddr))
1139 la = arpcreate(ifp, m, &isaddr, NULL, 1);
1140 else
1141 la = arplookup(ifp, m, &isaddr, NULL, 1);
1142 if (la == NULL)
1143 goto reply;
1144
1145 if ((la->la_flags & LLE_VALID) &&
1146 memcmp(ar_sha(ah), &la->ll_addr, ifp->if_addrlen)) {
1147 if (la->la_flags & LLE_STATIC) {
1148 ARP_STATINC(ARP_STAT_RCVOVERPERM);
1149 if (!log_permanent_modify)
1150 goto out;
1151 log(LOG_INFO,
1152 "%s tried to overwrite permanent arp info"
1153 " for %s\n",
1154 lla_snprintf(ar_sha(ah), ah->ar_hln),
1155 in_fmtaddr(isaddr));
1156 goto out;
1157 } else if (la->lle_tbl->llt_ifp != ifp) {
1158 /* XXX should not happen? */
1159 ARP_STATINC(ARP_STAT_RCVOVERINT);
1160 if (!log_wrong_iface)
1161 goto out;
1162 log(LOG_INFO,
1163 "%s on %s tried to overwrite "
1164 "arp info for %s on %s\n",
1165 lla_snprintf(ar_sha(ah), ah->ar_hln),
1166 ifp->if_xname, in_fmtaddr(isaddr),
1167 la->lle_tbl->llt_ifp->if_xname);
1168 goto out;
1169 } else {
1170 ARP_STATINC(ARP_STAT_RCVOVER);
1171 if (log_movements)
1172 log(LOG_INFO, "arp info overwritten "
1173 "for %s by %s\n",
1174 in_fmtaddr(isaddr),
1175 lla_snprintf(ar_sha(ah),
1176 ah->ar_hln));
1177 }
1178 }
1179
1180 /* XXX llentry should have addrlen? */
1181 #if 0
1182 /*
1183 * sanity check for the address length.
1184 * XXX this does not work for protocols with variable address
1185 * length. -is
1186 */
1187 if (sdl->sdl_alen && sdl->sdl_alen != ah->ar_hln) {
1188 ARP_STATINC(ARP_STAT_RCVLENCHG);
1189 log(LOG_WARNING,
1190 "arp from %s: new addr len %d, was %d\n",
1191 in_fmtaddr(isaddr), ah->ar_hln, sdl->sdl_alen);
1192 }
1193 #endif
1194
1195 if (ifp->if_addrlen != ah->ar_hln) {
1196 ARP_STATINC(ARP_STAT_RCVBADLEN);
1197 log(LOG_WARNING,
1198 "arp from %s: addr len: new %d, i/f %d (ignored)\n",
1199 in_fmtaddr(isaddr), ah->ar_hln,
1200 ifp->if_addrlen);
1201 goto reply;
1202 }
1203
1204 #if NTOKEN > 0
1205 /*
1206 * XXX uses m_data and assumes the complete answer including
1207 * XXX token-ring headers is in the same buf
1208 */
1209 if (ifp->if_type == IFT_ISO88025) {
1210 struct token_header *trh;
1211
1212 trh = (struct token_header *)M_TRHSTART(m);
1213 if (trh->token_shost[0] & TOKEN_RI_PRESENT) {
1214 struct token_rif *rif;
1215 size_t riflen;
1216
1217 rif = TOKEN_RIF(trh);
1218 riflen = (ntohs(rif->tr_rcf) &
1219 TOKEN_RCF_LEN_MASK) >> 8;
1220
1221 if (riflen > 2 &&
1222 riflen < sizeof(struct token_rif) &&
1223 (riflen & 1) == 0) {
1224 rif->tr_rcf ^= htons(TOKEN_RCF_DIRECTION);
1225 rif->tr_rcf &= htons(~TOKEN_RCF_BROADCAST_MASK);
1226 memcpy(TOKEN_RIF_LLE(la), rif, riflen);
1227 }
1228 }
1229 }
1230 #endif /* NTOKEN > 0 */
1231
1232 KASSERT(sizeof(la->ll_addr) >= ifp->if_addrlen);
1233 (void)memcpy(&la->ll_addr, ar_sha(ah), ifp->if_addrlen);
1234 la->la_flags |= LLE_VALID;
1235 if ((la->la_flags & LLE_STATIC) == 0) {
1236 la->la_expire = time_uptime + arpt_keep;
1237 arp_settimer(la, arpt_keep);
1238 }
1239 la->la_asked = 0;
1240 /* rt->rt_flags &= ~RTF_REJECT; */
1241
1242 if (la->la_hold != NULL) {
1243 int n = la->la_numheld;
1244 struct mbuf *m_hold, *m_hold_next;
1245 struct sockaddr_in sin;
1246
1247 sockaddr_in_init(&sin, &la->r_l3addr.addr4, 0);
1248
1249 m_hold = la->la_hold;
1250 la->la_hold = NULL;
1251 la->la_numheld = 0;
1252 /*
1253 * We have to unlock here because if_output would call
1254 * arpresolve
1255 */
1256 LLE_WUNLOCK(la);
1257 ARP_STATADD(ARP_STAT_DFRSENT, n);
1258 for (; m_hold != NULL; m_hold = m_hold_next) {
1259 m_hold_next = m_hold->m_nextpkt;
1260 m_hold->m_nextpkt = NULL;
1261 if_output_lock(ifp, ifp, m_hold, sintosa(&sin), NULL);
1262 }
1263 } else
1264 LLE_WUNLOCK(la);
1265 la = NULL;
1266
1267 reply:
1268 if (la != NULL) {
1269 LLE_WUNLOCK(la);
1270 la = NULL;
1271 }
1272 if (op != ARPOP_REQUEST) {
1273 if (op == ARPOP_REPLY)
1274 ARP_STATINC(ARP_STAT_RCVREPLY);
1275 goto out;
1276 }
1277 ARP_STATINC(ARP_STAT_RCVREQUEST);
1278 if (in_hosteq(itaddr, myaddr)) {
1279 /* If our address is unuseable, don't reply */
1280 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED))
1281 goto out;
1282 /* I am the target */
1283 tha = ar_tha(ah);
1284 if (tha)
1285 memcpy(tha, ar_sha(ah), ah->ar_hln);
1286 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln);
1287 } else {
1288 /* Proxy ARP */
1289 struct llentry *lle = NULL;
1290 struct sockaddr_in sin;
1291 #if NCARP > 0
1292 int s;
1293 struct ifnet *_rcvif = m_get_rcvif(m, &s);
1294 if (ifp->if_type == IFT_CARP && _rcvif->if_type != IFT_CARP)
1295 goto out;
1296 m_put_rcvif(_rcvif, &s);
1297 #endif
1298
1299 tha = ar_tha(ah);
1300
1301 sockaddr_in_init(&sin, &itaddr, 0);
1302
1303 IF_AFDATA_RLOCK(ifp);
1304 lle = lla_lookup(LLTABLE(ifp), 0, (struct sockaddr *)&sin);
1305 IF_AFDATA_RUNLOCK(ifp);
1306
1307 if ((lle != NULL) && (lle->la_flags & LLE_PUB)) {
1308 (void)memcpy(tha, ar_sha(ah), ah->ar_hln);
1309 (void)memcpy(ar_sha(ah), &lle->ll_addr, ah->ar_hln);
1310 LLE_RUNLOCK(lle);
1311 } else {
1312 if (lle != NULL)
1313 LLE_RUNLOCK(lle);
1314 goto drop;
1315 }
1316 }
1317
1318 memcpy(ar_tpa(ah), ar_spa(ah), ah->ar_pln);
1319 memcpy(ar_spa(ah), &itaddr, ah->ar_pln);
1320 ah->ar_op = htons(ARPOP_REPLY);
1321 ah->ar_pro = htons(ETHERTYPE_IP); /* let's be sure! */
1322 switch (ifp->if_type) {
1323 case IFT_IEEE1394:
1324 /*
1325 * ieee1394 arp reply is broadcast
1326 */
1327 m->m_flags &= ~M_MCAST;
1328 m->m_flags |= M_BCAST;
1329 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + ah->ar_hln;
1330 break;
1331
1332 default:
1333 m->m_flags &= ~(M_BCAST|M_MCAST); /* never reply by broadcast */
1334 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + (2 * ah->ar_hln);
1335 break;
1336 }
1337 m->m_pkthdr.len = m->m_len;
1338 sa.sa_family = AF_ARP;
1339 sa.sa_len = 2;
1340 arps = ARP_STAT_GETREF();
1341 arps[ARP_STAT_SNDTOTAL]++;
1342 arps[ARP_STAT_SNDREPLY]++;
1343 ARP_STAT_PUTREF();
1344 if_output_lock(ifp, ifp, m, &sa, NULL);
1345 if (rcvif != NULL)
1346 m_put_rcvif_psref(rcvif, &psref);
1347 return;
1348
1349 out:
1350 if (la != NULL)
1351 LLE_WUNLOCK(la);
1352 drop:
1353 if (rcvif != NULL)
1354 m_put_rcvif_psref(rcvif, &psref);
1355 m_freem(m);
1356 }
1357
1358 /*
1359 * Lookup or a new address in arptab.
1360 */
1361 static struct llentry *
arplookup(struct ifnet * ifp,struct mbuf * m,const struct in_addr * addr,const struct sockaddr * sa,int wlock)1362 arplookup(struct ifnet *ifp, struct mbuf *m, const struct in_addr *addr,
1363 const struct sockaddr *sa, int wlock)
1364 {
1365 struct sockaddr_in sin;
1366 struct llentry *la;
1367 int flags = wlock ? LLE_EXCLUSIVE : 0;
1368
1369
1370 if (sa == NULL) {
1371 KASSERT(addr != NULL);
1372 sockaddr_in_init(&sin, addr, 0);
1373 sa = sintocsa(&sin);
1374 }
1375
1376 IF_AFDATA_RLOCK(ifp);
1377 la = lla_lookup(LLTABLE(ifp), flags, sa);
1378 IF_AFDATA_RUNLOCK(ifp);
1379
1380 return la;
1381 }
1382
1383 static struct llentry *
arpcreate(struct ifnet * ifp,struct mbuf * m,const struct in_addr * addr,const struct sockaddr * sa,int wlock)1384 arpcreate(struct ifnet *ifp, struct mbuf *m, const struct in_addr *addr,
1385 const struct sockaddr *sa, int wlock)
1386 {
1387 struct sockaddr_in sin;
1388 struct llentry *la;
1389 int flags = wlock ? LLE_EXCLUSIVE : 0;
1390
1391 if (sa == NULL) {
1392 KASSERT(addr != NULL);
1393 sockaddr_in_init(&sin, addr, 0);
1394 sa = sintocsa(&sin);
1395 }
1396
1397 la = arplookup(ifp, m, addr, sa, wlock);
1398
1399 if (la == NULL) {
1400 IF_AFDATA_WLOCK(ifp);
1401 la = lla_create(LLTABLE(ifp), flags, sa);
1402 IF_AFDATA_WUNLOCK(ifp);
1403
1404 if (la != NULL)
1405 arp_init_llentry(ifp, la);
1406 }
1407
1408 return la;
1409 }
1410
1411 int
arpioctl(u_long cmd,void * data)1412 arpioctl(u_long cmd, void *data)
1413 {
1414
1415 return EOPNOTSUPP;
1416 }
1417
1418 void
arp_ifinit(struct ifnet * ifp,struct ifaddr * ifa)1419 arp_ifinit(struct ifnet *ifp, struct ifaddr *ifa)
1420 {
1421 struct in_addr *ip;
1422 struct in_ifaddr *ia = (struct in_ifaddr *)ifa;
1423
1424 /*
1425 * Warn the user if another station has this IP address,
1426 * but only if the interface IP address is not zero.
1427 */
1428 ip = &IA_SIN(ifa)->sin_addr;
1429 if (!in_nullhost(*ip) &&
1430 (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) == 0) {
1431 struct llentry *lle;
1432
1433 arprequest(ifp, ip, ip, CLLADDR(ifp->if_sadl));
1434
1435 /*
1436 * interface address is considered static entry
1437 * because the output of the arp utility shows
1438 * that L2 entry as permanent
1439 */
1440 IF_AFDATA_WLOCK(ifp);
1441 lle = lla_create(LLTABLE(ifp), (LLE_IFADDR | LLE_STATIC),
1442 (struct sockaddr *)IA_SIN(ifa));
1443 IF_AFDATA_WUNLOCK(ifp);
1444 if (lle == NULL)
1445 log(LOG_INFO, "%s: cannot create arp entry for"
1446 " interface address\n", __func__);
1447 else {
1448 arp_init_llentry(ifp, lle);
1449 LLE_RUNLOCK(lle);
1450 }
1451 }
1452
1453 ifa->ifa_rtrequest = arp_rtrequest;
1454 ifa->ifa_flags |= RTF_CONNECTED;
1455
1456 /* ARP will handle DAD for this address. */
1457 if (ia->ia4_flags & IN_IFF_TRYTENTATIVE) {
1458 ia->ia4_flags |= IN_IFF_TENTATIVE;
1459 ia->ia_dad_start = arp_dad_start;
1460 ia->ia_dad_stop = arp_dad_stop;
1461 }
1462 }
1463
1464 TAILQ_HEAD(dadq_head, dadq);
1465 struct dadq {
1466 TAILQ_ENTRY(dadq) dad_list;
1467 struct ifaddr *dad_ifa;
1468 int dad_count; /* max ARP to send */
1469 int dad_arp_tcount; /* # of trials to send ARP */
1470 int dad_arp_ocount; /* ARP sent so far */
1471 int dad_arp_announce; /* max ARP announcements */
1472 int dad_arp_acount; /* # of announcements */
1473 struct callout dad_timer_ch;
1474 };
1475 MALLOC_JUSTDEFINE(M_IPARP, "ARP DAD", "ARP DAD Structure");
1476
1477 static struct dadq_head dadq;
1478 static int dad_init = 0;
1479 static int dad_maxtry = 15; /* max # of *tries* to transmit DAD packet */
1480 static kmutex_t arp_dad_lock;
1481
1482 static struct dadq *
arp_dad_find(struct ifaddr * ifa)1483 arp_dad_find(struct ifaddr *ifa)
1484 {
1485 struct dadq *dp;
1486
1487 KASSERT(mutex_owned(&arp_dad_lock));
1488
1489 TAILQ_FOREACH(dp, &dadq, dad_list) {
1490 if (dp->dad_ifa == ifa)
1491 return dp;
1492 }
1493 return NULL;
1494 }
1495
1496 static void
arp_dad_starttimer(struct dadq * dp,int ticks)1497 arp_dad_starttimer(struct dadq *dp, int ticks)
1498 {
1499
1500 callout_reset(&dp->dad_timer_ch, ticks,
1501 (void (*)(void *))arp_dad_timer, (void *)dp->dad_ifa);
1502 }
1503
1504 static void
arp_dad_stoptimer(struct dadq * dp)1505 arp_dad_stoptimer(struct dadq *dp)
1506 {
1507
1508 callout_halt(&dp->dad_timer_ch, softnet_lock);
1509 }
1510
1511 static void
arp_dad_output(struct dadq * dp,struct ifaddr * ifa)1512 arp_dad_output(struct dadq *dp, struct ifaddr *ifa)
1513 {
1514 struct in_ifaddr *ia = (struct in_ifaddr *)ifa;
1515 struct ifnet *ifp = ifa->ifa_ifp;
1516 struct in_addr sip;
1517
1518 dp->dad_arp_tcount++;
1519 if ((ifp->if_flags & IFF_UP) == 0)
1520 return;
1521 if ((ifp->if_flags & IFF_RUNNING) == 0)
1522 return;
1523
1524 dp->dad_arp_tcount = 0;
1525 dp->dad_arp_ocount++;
1526
1527 memset(&sip, 0, sizeof(sip));
1528 arprequest(ifa->ifa_ifp, &sip, &ia->ia_addr.sin_addr,
1529 CLLADDR(ifa->ifa_ifp->if_sadl));
1530 }
1531
1532 /*
1533 * Start Duplicate Address Detection (DAD) for specified interface address.
1534 */
1535 static void
arp_dad_start(struct ifaddr * ifa)1536 arp_dad_start(struct ifaddr *ifa)
1537 {
1538 struct in_ifaddr *ia = (struct in_ifaddr *)ifa;
1539 struct dadq *dp;
1540
1541 if (!dad_init) {
1542 TAILQ_INIT(&dadq);
1543 mutex_init(&arp_dad_lock, MUTEX_DEFAULT, IPL_NONE);
1544 dad_init++;
1545 }
1546
1547 /*
1548 * If we don't need DAD, don't do it.
1549 * - DAD is disabled (ip_dad_count == 0)
1550 */
1551 if (!(ia->ia4_flags & IN_IFF_TENTATIVE)) {
1552 log(LOG_DEBUG,
1553 "%s: called with non-tentative address %s(%s)\n", __func__,
1554 in_fmtaddr(ia->ia_addr.sin_addr),
1555 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1556 return;
1557 }
1558 if (!ip_dad_count) {
1559 struct in_addr *ip = &IA_SIN(ifa)->sin_addr;
1560
1561 ia->ia4_flags &= ~IN_IFF_TENTATIVE;
1562 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL);
1563 arprequest(ifa->ifa_ifp, ip, ip,
1564 CLLADDR(ifa->ifa_ifp->if_sadl));
1565 return;
1566 }
1567 KASSERT(ifa->ifa_ifp != NULL);
1568 if (!(ifa->ifa_ifp->if_flags & IFF_UP))
1569 return;
1570
1571 mutex_enter(&arp_dad_lock);
1572 if (arp_dad_find(ifa) != NULL) {
1573 mutex_exit(&arp_dad_lock);
1574 /* DAD already in progress */
1575 return;
1576 }
1577
1578 dp = malloc(sizeof(*dp), M_IPARP, M_NOWAIT);
1579 if (dp == NULL) {
1580 mutex_exit(&arp_dad_lock);
1581 log(LOG_ERR, "%s: memory allocation failed for %s(%s)\n",
1582 __func__, in_fmtaddr(ia->ia_addr.sin_addr),
1583 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1584 return;
1585 }
1586 memset(dp, 0, sizeof(*dp));
1587 callout_init(&dp->dad_timer_ch, CALLOUT_MPSAFE);
1588
1589 /*
1590 * Send ARP packet for DAD, ip_dad_count times.
1591 * Note that we must delay the first transmission.
1592 */
1593 dp->dad_ifa = ifa;
1594 ifaref(ifa); /* just for safety */
1595 dp->dad_count = ip_dad_count;
1596 dp->dad_arp_announce = 0; /* Will be set when starting to announce */
1597 dp->dad_arp_acount = dp->dad_arp_ocount = dp->dad_arp_tcount = 0;
1598 TAILQ_INSERT_TAIL(&dadq, (struct dadq *)dp, dad_list);
1599
1600 arplog((LOG_DEBUG, "%s: starting DAD for %s\n", if_name(ifa->ifa_ifp),
1601 in_fmtaddr(ia->ia_addr.sin_addr)));
1602
1603 arp_dad_starttimer(dp, cprng_fast32() % (PROBE_WAIT * hz));
1604
1605 mutex_exit(&arp_dad_lock);
1606 }
1607
1608 /*
1609 * terminate DAD unconditionally. used for address removals.
1610 */
1611 static void
arp_dad_stop(struct ifaddr * ifa)1612 arp_dad_stop(struct ifaddr *ifa)
1613 {
1614 struct dadq *dp;
1615
1616 if (!dad_init)
1617 return;
1618
1619 mutex_enter(&arp_dad_lock);
1620 dp = arp_dad_find(ifa);
1621 if (dp == NULL) {
1622 mutex_exit(&arp_dad_lock);
1623 /* DAD wasn't started yet */
1624 return;
1625 }
1626
1627 /* Prevent the timer from running anymore. */
1628 TAILQ_REMOVE(&dadq, dp, dad_list);
1629 mutex_exit(&arp_dad_lock);
1630
1631 arp_dad_stoptimer(dp);
1632
1633 free(dp, M_IPARP);
1634 dp = NULL;
1635 ifafree(ifa);
1636 }
1637
1638 static void
arp_dad_timer(struct ifaddr * ifa)1639 arp_dad_timer(struct ifaddr *ifa)
1640 {
1641 struct in_ifaddr *ia = (struct in_ifaddr *)ifa;
1642 struct dadq *dp;
1643 struct in_addr *ip;
1644
1645 mutex_enter(softnet_lock);
1646 KERNEL_LOCK(1, NULL);
1647 mutex_enter(&arp_dad_lock);
1648
1649 /* Sanity check */
1650 if (ia == NULL) {
1651 log(LOG_ERR, "%s: called with null parameter\n", __func__);
1652 goto done;
1653 }
1654 dp = arp_dad_find(ifa);
1655 if (dp == NULL) {
1656 /* DAD seems to be stopping, so do nothing. */
1657 goto done;
1658 }
1659 if (ia->ia4_flags & IN_IFF_DUPLICATED) {
1660 log(LOG_ERR, "%s: called with duplicate address %s(%s)\n",
1661 __func__, in_fmtaddr(ia->ia_addr.sin_addr),
1662 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1663 goto done;
1664 }
1665 if ((ia->ia4_flags & IN_IFF_TENTATIVE) == 0 && dp->dad_arp_acount == 0)
1666 {
1667 log(LOG_ERR, "%s: called with non-tentative address %s(%s)\n",
1668 __func__, in_fmtaddr(ia->ia_addr.sin_addr),
1669 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1670 goto done;
1671 }
1672
1673 /* timeouted with IFF_{RUNNING,UP} check */
1674 if (dp->dad_arp_tcount > dad_maxtry) {
1675 arplog((LOG_INFO, "%s: could not run DAD, driver problem?\n",
1676 if_name(ifa->ifa_ifp)));
1677
1678 TAILQ_REMOVE(&dadq, dp, dad_list);
1679 free(dp, M_IPARP);
1680 dp = NULL;
1681 ifafree(ifa);
1682 goto done;
1683 }
1684
1685 /* Need more checks? */
1686 if (dp->dad_arp_ocount < dp->dad_count) {
1687 int adelay;
1688
1689 /*
1690 * We have more ARP to go. Send ARP packet for DAD.
1691 */
1692 arp_dad_output(dp, ifa);
1693 if (dp->dad_arp_ocount < dp->dad_count)
1694 adelay = (PROBE_MIN * hz) +
1695 (cprng_fast32() %
1696 ((PROBE_MAX * hz) - (PROBE_MIN * hz)));
1697 else
1698 adelay = ANNOUNCE_WAIT * hz;
1699 arp_dad_starttimer(dp, adelay);
1700 goto done;
1701 } else if (dp->dad_arp_acount == 0) {
1702 /*
1703 * We are done with DAD.
1704 * No duplicate address found.
1705 */
1706 ia->ia4_flags &= ~IN_IFF_TENTATIVE;
1707 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL);
1708 arplog((LOG_DEBUG,
1709 "%s: DAD complete for %s - no duplicates found\n",
1710 if_name(ifa->ifa_ifp),
1711 in_fmtaddr(ia->ia_addr.sin_addr)));
1712 dp->dad_arp_announce = ANNOUNCE_NUM;
1713 goto announce;
1714 } else if (dp->dad_arp_acount < dp->dad_arp_announce) {
1715 announce:
1716 /*
1717 * Announce the address.
1718 */
1719 ip = &IA_SIN(ifa)->sin_addr;
1720 arprequest(ifa->ifa_ifp, ip, ip,
1721 CLLADDR(ifa->ifa_ifp->if_sadl));
1722 dp->dad_arp_acount++;
1723 if (dp->dad_arp_acount < dp->dad_arp_announce) {
1724 arp_dad_starttimer(dp, ANNOUNCE_INTERVAL * hz);
1725 goto done;
1726 }
1727 arplog((LOG_DEBUG,
1728 "%s: ARP announcement complete for %s\n",
1729 if_name(ifa->ifa_ifp),
1730 in_fmtaddr(ia->ia_addr.sin_addr)));
1731 }
1732
1733 TAILQ_REMOVE(&dadq, dp, dad_list);
1734 free(dp, M_IPARP);
1735 dp = NULL;
1736 ifafree(ifa);
1737
1738 done:
1739 mutex_exit(&arp_dad_lock);
1740 KERNEL_UNLOCK_ONE(NULL);
1741 mutex_exit(softnet_lock);
1742 }
1743
1744 static void
arp_dad_duplicated(struct ifaddr * ifa)1745 arp_dad_duplicated(struct ifaddr *ifa)
1746 {
1747 struct in_ifaddr *ia = (struct in_ifaddr *)ifa;
1748 struct ifnet *ifp;
1749 struct dadq *dp;
1750
1751 mutex_enter(&arp_dad_lock);
1752 dp = arp_dad_find(ifa);
1753 if (dp == NULL) {
1754 mutex_exit(&arp_dad_lock);
1755 /* DAD seems to be stopping, so do nothing. */
1756 return;
1757 }
1758
1759 ifp = ifa->ifa_ifp;
1760 log(LOG_ERR,
1761 "%s: DAD detected duplicate IPv4 address %s: ARP out=%d\n",
1762 if_name(ifp), in_fmtaddr(ia->ia_addr.sin_addr),
1763 dp->dad_arp_ocount);
1764
1765 ia->ia4_flags &= ~IN_IFF_TENTATIVE;
1766 ia->ia4_flags |= IN_IFF_DUPLICATED;
1767
1768 /* We are done with DAD, with duplicated address found. (failure) */
1769 arp_dad_stoptimer(dp);
1770
1771 /* Inform the routing socket that DAD has completed */
1772 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL);
1773
1774 TAILQ_REMOVE(&dadq, dp, dad_list);
1775 mutex_exit(&arp_dad_lock);
1776
1777 free(dp, M_IPARP);
1778 dp = NULL;
1779 ifafree(ifa);
1780 }
1781
1782 /*
1783 * Called from 10 Mb/s Ethernet interrupt handlers
1784 * when ether packet type ETHERTYPE_REVARP
1785 * is received. Common length and type checks are done here,
1786 * then the protocol-specific routine is called.
1787 */
1788 void
revarpinput(struct mbuf * m)1789 revarpinput(struct mbuf *m)
1790 {
1791 struct arphdr *ar;
1792
1793 if (m->m_len < sizeof(struct arphdr))
1794 goto out;
1795 ar = mtod(m, struct arphdr *);
1796 #if 0 /* XXX I don't think we need this... and it will prevent other LL */
1797 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER)
1798 goto out;
1799 #endif
1800 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln))
1801 goto out;
1802 switch (ntohs(ar->ar_pro)) {
1803 case ETHERTYPE_IP:
1804 case ETHERTYPE_IPTRAILERS:
1805 in_revarpinput(m);
1806 return;
1807
1808 default:
1809 break;
1810 }
1811 out:
1812 m_freem(m);
1813 }
1814
1815 /*
1816 * RARP for Internet protocols on 10 Mb/s Ethernet.
1817 * Algorithm is that given in RFC 903.
1818 * We are only using for bootstrap purposes to get an ip address for one of
1819 * our interfaces. Thus we support no user-interface.
1820 *
1821 * Since the contents of the RARP reply are specific to the interface that
1822 * sent the request, this code must ensure that they are properly associated.
1823 *
1824 * Note: also supports ARP via RARP packets, per the RFC.
1825 */
1826 void
in_revarpinput(struct mbuf * m)1827 in_revarpinput(struct mbuf *m)
1828 {
1829 struct arphdr *ah;
1830 void *tha;
1831 int op;
1832 struct ifnet *rcvif;
1833 int s;
1834
1835 ah = mtod(m, struct arphdr *);
1836 op = ntohs(ah->ar_op);
1837
1838 rcvif = m_get_rcvif(m, &s);
1839 switch (rcvif->if_type) {
1840 case IFT_IEEE1394:
1841 /* ARP without target hardware address is not supported */
1842 goto out;
1843 default:
1844 break;
1845 }
1846
1847 switch (op) {
1848 case ARPOP_REQUEST:
1849 case ARPOP_REPLY: /* per RFC */
1850 m_put_rcvif(rcvif, &s);
1851 in_arpinput(m);
1852 return;
1853 case ARPOP_REVREPLY:
1854 break;
1855 case ARPOP_REVREQUEST: /* handled by rarpd(8) */
1856 default:
1857 goto out;
1858 }
1859 if (!revarp_in_progress)
1860 goto out;
1861 if (rcvif != myip_ifp) /* !same interface */
1862 goto out;
1863 if (myip_initialized)
1864 goto wake;
1865 tha = ar_tha(ah);
1866 if (tha == NULL)
1867 goto out;
1868 if (memcmp(tha, CLLADDR(rcvif->if_sadl), rcvif->if_sadl->sdl_alen))
1869 goto out;
1870 memcpy(&srv_ip, ar_spa(ah), sizeof(srv_ip));
1871 memcpy(&myip, ar_tpa(ah), sizeof(myip));
1872 myip_initialized = 1;
1873 wake: /* Do wakeup every time in case it was missed. */
1874 wakeup((void *)&myip);
1875
1876 out:
1877 m_put_rcvif(rcvif, &s);
1878 m_freem(m);
1879 }
1880
1881 /*
1882 * Send a RARP request for the ip address of the specified interface.
1883 * The request should be RFC 903-compliant.
1884 */
1885 static void
revarprequest(struct ifnet * ifp)1886 revarprequest(struct ifnet *ifp)
1887 {
1888 struct sockaddr sa;
1889 struct mbuf *m;
1890 struct arphdr *ah;
1891 void *tha;
1892
1893 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL)
1894 return;
1895 MCLAIM(m, &arpdomain.dom_mowner);
1896 m->m_len = sizeof(*ah) + 2*sizeof(struct in_addr) +
1897 2*ifp->if_addrlen;
1898 m->m_pkthdr.len = m->m_len;
1899 MH_ALIGN(m, m->m_len);
1900 ah = mtod(m, struct arphdr *);
1901 memset(ah, 0, m->m_len);
1902 ah->ar_pro = htons(ETHERTYPE_IP);
1903 ah->ar_hln = ifp->if_addrlen; /* hardware address length */
1904 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */
1905 ah->ar_op = htons(ARPOP_REVREQUEST);
1906
1907 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln);
1908 tha = ar_tha(ah);
1909 if (tha == NULL) {
1910 m_free(m);
1911 return;
1912 }
1913 memcpy(tha, CLLADDR(ifp->if_sadl), ah->ar_hln);
1914
1915 sa.sa_family = AF_ARP;
1916 sa.sa_len = 2;
1917 m->m_flags |= M_BCAST;
1918
1919 if_output_lock(ifp, ifp, m, &sa, NULL);
1920 }
1921
1922 /*
1923 * RARP for the ip address of the specified interface, but also
1924 * save the ip address of the server that sent the answer.
1925 * Timeout if no response is received.
1926 */
1927 int
revarpwhoarewe(struct ifnet * ifp,struct in_addr * serv_in,struct in_addr * clnt_in)1928 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in,
1929 struct in_addr *clnt_in)
1930 {
1931 int result, count = 20;
1932
1933 myip_initialized = 0;
1934 myip_ifp = ifp;
1935
1936 revarp_in_progress = 1;
1937 while (count--) {
1938 revarprequest(ifp);
1939 result = tsleep((void *)&myip, PSOCK, "revarp", hz/2);
1940 if (result != EWOULDBLOCK)
1941 break;
1942 }
1943 revarp_in_progress = 0;
1944
1945 if (!myip_initialized)
1946 return ENETUNREACH;
1947
1948 memcpy(serv_in, &srv_ip, sizeof(*serv_in));
1949 memcpy(clnt_in, &myip, sizeof(*clnt_in));
1950 return 0;
1951 }
1952
1953 void
arp_stat_add(int type,uint64_t count)1954 arp_stat_add(int type, uint64_t count)
1955 {
1956 ARP_STATADD(type, count);
1957 }
1958
1959 static int
sysctl_net_inet_arp_stats(SYSCTLFN_ARGS)1960 sysctl_net_inet_arp_stats(SYSCTLFN_ARGS)
1961 {
1962
1963 return NETSTAT_SYSCTL(arpstat_percpu, ARP_NSTATS);
1964 }
1965
1966 static void
sysctl_net_inet_arp_setup(struct sysctllog ** clog)1967 sysctl_net_inet_arp_setup(struct sysctllog **clog)
1968 {
1969 const struct sysctlnode *node;
1970
1971 sysctl_createv(clog, 0, NULL, NULL,
1972 CTLFLAG_PERMANENT,
1973 CTLTYPE_NODE, "inet", NULL,
1974 NULL, 0, NULL, 0,
1975 CTL_NET, PF_INET, CTL_EOL);
1976 sysctl_createv(clog, 0, NULL, &node,
1977 CTLFLAG_PERMANENT,
1978 CTLTYPE_NODE, "arp",
1979 SYSCTL_DESCR("Address Resolution Protocol"),
1980 NULL, 0, NULL, 0,
1981 CTL_NET, PF_INET, CTL_CREATE, CTL_EOL);
1982
1983 sysctl_createv(clog, 0, NULL, NULL,
1984 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1985 CTLTYPE_INT, "keep",
1986 SYSCTL_DESCR("Valid ARP entry lifetime in seconds"),
1987 NULL, 0, &arpt_keep, 0,
1988 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
1989
1990 sysctl_createv(clog, 0, NULL, NULL,
1991 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1992 CTLTYPE_INT, "down",
1993 SYSCTL_DESCR("Failed ARP entry lifetime in seconds"),
1994 NULL, 0, &arpt_down, 0,
1995 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
1996
1997 sysctl_createv(clog, 0, NULL, NULL,
1998 CTLFLAG_PERMANENT,
1999 CTLTYPE_STRUCT, "stats",
2000 SYSCTL_DESCR("ARP statistics"),
2001 sysctl_net_inet_arp_stats, 0, NULL, 0,
2002 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2003
2004 sysctl_createv(clog, 0, NULL, NULL,
2005 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2006 CTLTYPE_INT, "log_movements",
2007 SYSCTL_DESCR("log ARP replies from MACs different than"
2008 " the one in the cache"),
2009 NULL, 0, &log_movements, 0,
2010 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2011
2012 sysctl_createv(clog, 0, NULL, NULL,
2013 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2014 CTLTYPE_INT, "log_permanent_modify",
2015 SYSCTL_DESCR("log ARP replies from MACs different than"
2016 " the one in the permanent arp entry"),
2017 NULL, 0, &log_permanent_modify, 0,
2018 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2019
2020 sysctl_createv(clog, 0, NULL, NULL,
2021 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2022 CTLTYPE_INT, "log_wrong_iface",
2023 SYSCTL_DESCR("log ARP packets arriving on the wrong"
2024 " interface"),
2025 NULL, 0, &log_wrong_iface, 0,
2026 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2027
2028 sysctl_createv(clog, 0, NULL, NULL,
2029 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2030 CTLTYPE_INT, "log_unknown_network",
2031 SYSCTL_DESCR("log ARP packets from non-local network"),
2032 NULL, 0, &log_unknown_network, 0,
2033 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2034
2035 sysctl_createv(clog, 0, NULL, NULL,
2036 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2037 CTLTYPE_INT, "debug",
2038 SYSCTL_DESCR("Enable ARP DAD debug output"),
2039 NULL, 0, &arp_debug, 0,
2040 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2041 }
2042
2043 #endif /* INET */
2044