Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/netinet/if_arp.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* $NetBSD: if_arp.c,v 1.311 2022/11/15 10:47:39 roy Exp $ */ 2 3 /* 4 * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Public Access Networks Corporation ("Panix"). It was developed under 9 * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)if_ether.c 8.2 (Berkeley) 9/26/94 62 */ 63 64 /* 65 * Ethernet address resolution protocol. 66 * TODO: 67 * add "inuse/lock" bit (or ref. count) along with valid bit 68 */ 69 70 #include <sys/cdefs.h> 71 __KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.311 2022/11/15 10:47:39 roy Exp $"); 72 73 #ifdef _KERNEL_OPT 74 #include "opt_ddb.h" 75 #include "opt_inet.h" 76 #include "opt_net_mpsafe.h" 77 #endif 78 79 #ifdef INET 80 81 #include "arp.h" 82 #include "bridge.h" 83 84 #include <sys/param.h> 85 #include <sys/systm.h> 86 #include <sys/callout.h> 87 #include <sys/kmem.h> 88 #include <sys/mbuf.h> 89 #include <sys/socket.h> 90 #include <sys/time.h> 91 #include <sys/timetc.h> 92 #include <sys/kernel.h> 93 #include <sys/errno.h> 94 #include <sys/ioctl.h> 95 #include <sys/syslog.h> 96 #include <sys/proc.h> 97 #include <sys/protosw.h> 98 #include <sys/domain.h> 99 #include <sys/sysctl.h> 100 #include <sys/socketvar.h> 101 #include <sys/percpu.h> 102 #include <sys/cprng.h> 103 #include <sys/kmem.h> 104 105 #include <net/ethertypes.h> 106 #include <net/if.h> 107 #include <net/if_dl.h> 108 #include <net/if_types.h> 109 #include <net/if_ether.h> 110 #include <net/if_llatbl.h> 111 #include <net/nd.h> 112 #include <net/route.h> 113 #include <net/net_stats.h> 114 115 #include <netinet/in.h> 116 #include <netinet/in_systm.h> 117 #include <netinet/in_var.h> 118 #include <netinet/ip.h> 119 #include <netinet/if_inarp.h> 120 121 #include "arcnet.h" 122 #if NARCNET > 0 123 #include <net/if_arc.h> 124 #endif 125 #include "carp.h" 126 #if NCARP > 0 127 #include <netinet/ip_carp.h> 128 #endif 129 130 /* 131 * ARP trailer negotiation. Trailer protocol is not IP specific, 132 * but ARP request/response use IP addresses. 133 */ 134 #define ETHERTYPE_IPTRAILERS ETHERTYPE_TRAIL 135 136 /* timers */ 137 static int arp_reachable = REACHABLE_TIME; 138 static int arp_retrans = RETRANS_TIMER; 139 static int arp_perform_nud = 1; 140 141 static bool arp_nud_enabled(struct ifnet *); 142 static unsigned int arp_llinfo_reachable(struct ifnet *); 143 static unsigned int arp_llinfo_retrans(struct ifnet *); 144 static union l3addr *arp_llinfo_holdsrc(struct llentry *, union l3addr *); 145 static void arp_llinfo_output(struct ifnet *, const union l3addr *, 146 const union l3addr *, const uint8_t *, const union l3addr *); 147 static void arp_llinfo_missed(struct ifnet *, const union l3addr *, 148 int16_t, struct mbuf *); 149 static void arp_free(struct llentry *, int); 150 151 static struct nd_domain arp_nd_domain = { 152 .nd_family = AF_INET, 153 .nd_delay = 5, /* delay first probe time 5 second */ 154 .nd_mmaxtries = 3, /* maximum broadcast query */ 155 .nd_umaxtries = 3, /* maximum unicast query */ 156 .nd_retransmultiple = BACKOFF_MULTIPLE, 157 .nd_maxretrans = MAX_RETRANS_TIMER, 158 .nd_maxnudhint = 0, /* max # of subsequent upper layer hints */ 159 .nd_maxqueuelen = 1, /* max # of packets in unresolved ND entries */ 160 .nd_nud_enabled = arp_nud_enabled, 161 .nd_reachable = arp_llinfo_reachable, 162 .nd_retrans = arp_llinfo_retrans, 163 .nd_holdsrc = arp_llinfo_holdsrc, 164 .nd_output = arp_llinfo_output, 165 .nd_missed = arp_llinfo_missed, 166 .nd_free = arp_free, 167 }; 168 169 int ip_dad_count = PROBE_NUM; 170 #ifdef ARP_DEBUG 171 int arp_debug = 1; 172 #else 173 int arp_debug = 0; 174 #endif 175 176 static void arp_init(void); 177 static void arp_dad_init(void); 178 179 static void arprequest(struct ifnet *, 180 const struct in_addr *, const struct in_addr *, 181 const uint8_t *, const uint8_t *); 182 static void arpannounce1(struct ifaddr *); 183 static struct sockaddr *arp_setgate(struct rtentry *, struct sockaddr *, 184 const struct sockaddr *); 185 static struct llentry *arpcreate(struct ifnet *, 186 const struct in_addr *, const struct sockaddr *, int); 187 static void in_arpinput(struct mbuf *); 188 static void in_revarpinput(struct mbuf *); 189 static void revarprequest(struct ifnet *); 190 191 static void arp_drainstub(void); 192 193 struct dadq; 194 static void arp_dad_timer(struct dadq *); 195 static void arp_dad_start(struct ifaddr *); 196 static void arp_dad_stop(struct ifaddr *); 197 static void arp_dad_duplicated(struct ifaddr *, const struct sockaddr_dl *); 198 199 #define ARP_MAXQLEN 50 200 pktqueue_t * arp_pktq __read_mostly; 201 202 static int useloopback = 1; /* use loopback interface for local traffic */ 203 204 static percpu_t *arpstat_percpu; 205 206 #define ARP_STAT_GETREF() _NET_STAT_GETREF(arpstat_percpu) 207 #define ARP_STAT_PUTREF() _NET_STAT_PUTREF(arpstat_percpu) 208 209 #define ARP_STATINC(x) _NET_STATINC(arpstat_percpu, x) 210 #define ARP_STATADD(x, v) _NET_STATADD(arpstat_percpu, x, v) 211 212 /* revarp state */ 213 static struct in_addr myip, srv_ip; 214 static int myip_initialized = 0; 215 static int revarp_in_progress = 0; 216 static struct ifnet *myip_ifp = NULL; 217 218 static int arp_drainwanted; 219 220 static int log_movements = 0; 221 static int log_permanent_modify = 1; 222 static int log_wrong_iface = 1; 223 224 DOMAIN_DEFINE(arpdomain); /* forward declare and add to link set */ 225 226 static void 227 arp_fasttimo(void) 228 { 229 if (arp_drainwanted) { 230 arp_drain(); 231 arp_drainwanted = 0; 232 } 233 } 234 235 static const struct protosw arpsw[] = { 236 { 237 .pr_type = 0, 238 .pr_domain = &arpdomain, 239 .pr_protocol = 0, 240 .pr_flags = 0, 241 .pr_input = 0, 242 .pr_ctlinput = 0, 243 .pr_ctloutput = 0, 244 .pr_usrreqs = 0, 245 .pr_init = arp_init, 246 .pr_fasttimo = arp_fasttimo, 247 .pr_slowtimo = 0, 248 .pr_drain = arp_drainstub, 249 } 250 }; 251 252 struct domain arpdomain = { 253 .dom_family = PF_ARP, 254 .dom_name = "arp", 255 .dom_protosw = arpsw, 256 .dom_protoswNPROTOSW = &arpsw[__arraycount(arpsw)], 257 #ifdef MBUFTRACE 258 .dom_mowner = MOWNER_INIT("internet", "arp"), 259 #endif 260 }; 261 262 static void sysctl_net_inet_arp_setup(struct sysctllog **); 263 264 void 265 arp_init(void) 266 { 267 268 arp_pktq = pktq_create(ARP_MAXQLEN, arpintr, NULL); 269 KASSERT(arp_pktq != NULL); 270 271 sysctl_net_inet_arp_setup(NULL); 272 arpstat_percpu = percpu_alloc(sizeof(uint64_t) * ARP_NSTATS); 273 274 #ifdef MBUFTRACE 275 MOWNER_ATTACH(&arpdomain.dom_mowner); 276 #endif 277 278 nd_attach_domain(&arp_nd_domain); 279 arp_dad_init(); 280 } 281 282 static void 283 arp_drainstub(void) 284 { 285 arp_drainwanted = 1; 286 } 287 288 /* 289 * ARP protocol drain routine. Called when memory is in short supply. 290 * Called at splvm(); don't acquire softnet_lock as can be called from 291 * hardware interrupt handlers. 292 */ 293 void 294 arp_drain(void) 295 { 296 297 lltable_drain(AF_INET); 298 } 299 300 /* 301 * We set the gateway for RTF_CLONING routes to a "prototype" 302 * link-layer sockaddr whose interface type (if_type) and interface 303 * index (if_index) fields are prepared. 304 */ 305 static struct sockaddr * 306 arp_setgate(struct rtentry *rt, struct sockaddr *gate, 307 const struct sockaddr *netmask) 308 { 309 const struct ifnet *ifp = rt->rt_ifp; 310 uint8_t namelen = strlen(ifp->if_xname); 311 uint8_t addrlen = ifp->if_addrlen; 312 313 /* 314 * XXX: If this is a manually added route to interface 315 * such as older version of routed or gated might provide, 316 * restore cloning bit. 317 */ 318 if ((rt->rt_flags & RTF_HOST) == 0 && netmask != NULL && 319 satocsin(netmask)->sin_addr.s_addr != 0xffffffff) 320 rt->rt_flags |= RTF_CONNECTED; 321 322 if ((rt->rt_flags & (RTF_CONNECTED | RTF_LOCAL))) { 323 union { 324 struct sockaddr sa; 325 struct sockaddr_storage ss; 326 struct sockaddr_dl sdl; 327 } u; 328 /* 329 * Case 1: This route should come from a route to iface. 330 */ 331 sockaddr_dl_init(&u.sdl, sizeof(u.ss), 332 ifp->if_index, ifp->if_type, NULL, namelen, NULL, addrlen); 333 rt_setgate(rt, &u.sa); 334 gate = rt->rt_gateway; 335 } 336 return gate; 337 } 338 339 /* 340 * Parallel to llc_rtrequest. 341 */ 342 void 343 arp_rtrequest(int req, struct rtentry *rt, const struct rt_addrinfo *info) 344 { 345 struct sockaddr *gate = rt->rt_gateway; 346 struct in_ifaddr *ia; 347 struct ifaddr *ifa; 348 struct ifnet *ifp = rt->rt_ifp; 349 int bound; 350 int s; 351 352 if (req == RTM_LLINFO_UPD) { 353 if ((ifa = info->rti_ifa) != NULL) 354 arpannounce1(ifa); 355 return; 356 } 357 358 if ((rt->rt_flags & RTF_GATEWAY) != 0) { 359 if (req != RTM_ADD) 360 return; 361 362 /* 363 * linklayers with particular link MTU limitation. 364 */ 365 switch(ifp->if_type) { 366 #if NARCNET > 0 367 case IFT_ARCNET: 368 { 369 int arcipifmtu; 370 371 if (ifp->if_flags & IFF_LINK0) 372 arcipifmtu = arc_ipmtu; 373 else 374 arcipifmtu = ARCMTU; 375 if (ifp->if_mtu > arcipifmtu) 376 rt->rt_rmx.rmx_mtu = arcipifmtu; 377 break; 378 } 379 #endif 380 } 381 return; 382 } 383 384 switch (req) { 385 case RTM_SETGATE: 386 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]); 387 break; 388 case RTM_ADD: 389 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]); 390 if (gate == NULL) { 391 log(LOG_ERR, "%s: arp_setgate failed\n", __func__); 392 break; 393 } 394 if ((rt->rt_flags & RTF_CONNECTED) || 395 (rt->rt_flags & RTF_LOCAL)) { 396 /* 397 * linklayers with particular link MTU limitation. 398 */ 399 switch (ifp->if_type) { 400 #if NARCNET > 0 401 case IFT_ARCNET: 402 { 403 int arcipifmtu; 404 if (ifp->if_flags & IFF_LINK0) 405 arcipifmtu = arc_ipmtu; 406 else 407 arcipifmtu = ARCMTU; 408 409 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 && 410 (rt->rt_rmx.rmx_mtu > arcipifmtu || 411 (rt->rt_rmx.rmx_mtu == 0 && 412 ifp->if_mtu > arcipifmtu))) 413 rt->rt_rmx.rmx_mtu = arcipifmtu; 414 break; 415 } 416 #endif 417 } 418 if (rt->rt_flags & RTF_CONNECTED) 419 break; 420 } 421 422 bound = curlwp_bind(); 423 /* Announce a new entry if requested. */ 424 if (rt->rt_flags & RTF_ANNOUNCE) { 425 struct psref psref; 426 ia = in_get_ia_on_iface_psref( 427 satocsin(rt_getkey(rt))->sin_addr, ifp, &psref); 428 if (ia != NULL) { 429 arpannounce(ifp, &ia->ia_ifa, 430 CLLADDR(satocsdl(gate))); 431 ia4_release(ia, &psref); 432 } 433 } 434 435 if (gate->sa_family != AF_LINK || 436 gate->sa_len < sockaddr_dl_measure(0, ifp->if_addrlen)) { 437 log(LOG_DEBUG, "%s: bad gateway value\n", __func__); 438 goto out; 439 } 440 441 satosdl(gate)->sdl_type = ifp->if_type; 442 satosdl(gate)->sdl_index = ifp->if_index; 443 444 /* 445 * If the route is for a broadcast address mark it as such. 446 * This way we can avoid an expensive call to in_broadcast() 447 * in ip_output() most of the time (because the route passed 448 * to ip_output() is almost always a host route). 449 */ 450 if (rt->rt_flags & RTF_HOST && 451 !(rt->rt_flags & RTF_BROADCAST) && 452 in_broadcast(satocsin(rt_getkey(rt))->sin_addr, rt->rt_ifp)) 453 rt->rt_flags |= RTF_BROADCAST; 454 /* There is little point in resolving the broadcast address */ 455 if (rt->rt_flags & RTF_BROADCAST) 456 goto out; 457 458 /* 459 * When called from rt_ifa_addlocal, we cannot depend on that 460 * the address (rt_getkey(rt)) exits in the address list of the 461 * interface. So check RTF_LOCAL instead. 462 */ 463 if (rt->rt_flags & RTF_LOCAL) { 464 if (useloopback) { 465 rt->rt_ifp = lo0ifp; 466 rt->rt_rmx.rmx_mtu = 0; 467 } 468 goto out; 469 } 470 471 s = pserialize_read_enter(); 472 ia = in_get_ia_on_iface(satocsin(rt_getkey(rt))->sin_addr, ifp); 473 if (ia == NULL) { 474 pserialize_read_exit(s); 475 goto out; 476 } 477 478 if (useloopback) { 479 rt->rt_ifp = lo0ifp; 480 rt->rt_rmx.rmx_mtu = 0; 481 } 482 rt->rt_flags |= RTF_LOCAL; 483 484 if (ISSET(info->rti_flags, RTF_DONTCHANGEIFA)) { 485 pserialize_read_exit(s); 486 goto out; 487 } 488 /* 489 * make sure to set rt->rt_ifa to the interface 490 * address we are using, otherwise we will have trouble 491 * with source address selection. 492 */ 493 ifa = &ia->ia_ifa; 494 if (ifa != rt->rt_ifa) 495 /* Assume it doesn't sleep */ 496 rt_replace_ifa(rt, ifa); 497 pserialize_read_exit(s); 498 out: 499 curlwp_bindx(bound); 500 break; 501 } 502 } 503 504 /* 505 * Broadcast an ARP request. Caller specifies: 506 * - arp header source ip address 507 * - arp header target ip address 508 * - arp header source ethernet address 509 */ 510 static void 511 arprequest(struct ifnet *ifp, 512 const struct in_addr *sip, const struct in_addr *tip, 513 const uint8_t *saddr, const uint8_t *taddr) 514 { 515 struct mbuf *m; 516 struct arphdr *ah; 517 struct sockaddr sa; 518 uint64_t *arps; 519 520 KASSERT(sip != NULL); 521 KASSERT(tip != NULL); 522 KASSERT(saddr != NULL); 523 524 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 525 return; 526 MCLAIM(m, &arpdomain.dom_mowner); 527 switch (ifp->if_type) { 528 case IFT_IEEE1394: 529 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) + 530 ifp->if_addrlen; 531 break; 532 default: 533 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) + 534 2 * ifp->if_addrlen; 535 break; 536 } 537 m->m_pkthdr.len = m->m_len; 538 m_align(m, m->m_len); 539 ah = mtod(m, struct arphdr *); 540 memset(ah, 0, m->m_len); 541 switch (ifp->if_type) { 542 case IFT_IEEE1394: /* RFC2734 */ 543 /* fill it now for ar_tpa computation */ 544 ah->ar_hrd = htons(ARPHRD_IEEE1394); 545 break; 546 default: 547 /* ifp->if_output will fill ar_hrd */ 548 break; 549 } 550 ah->ar_pro = htons(ETHERTYPE_IP); 551 ah->ar_hln = ifp->if_addrlen; /* hardware address length */ 552 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */ 553 ah->ar_op = htons(ARPOP_REQUEST); 554 memcpy(ar_sha(ah), saddr, ah->ar_hln); 555 if (taddr == NULL) 556 m->m_flags |= M_BCAST; 557 else 558 memcpy(ar_tha(ah), taddr, ah->ar_hln); 559 memcpy(ar_spa(ah), sip, ah->ar_pln); 560 memcpy(ar_tpa(ah), tip, ah->ar_pln); 561 sa.sa_family = AF_ARP; 562 sa.sa_len = 2; 563 arps = ARP_STAT_GETREF(); 564 arps[ARP_STAT_SNDTOTAL]++; 565 arps[ARP_STAT_SENDREQUEST]++; 566 ARP_STAT_PUTREF(); 567 if_output_lock(ifp, ifp, m, &sa, NULL); 568 } 569 570 void 571 arpannounce(struct ifnet *ifp, struct ifaddr *ifa, const uint8_t *enaddr) 572 { 573 struct in_ifaddr *ia = ifatoia(ifa); 574 struct in_addr *ip = &IA_SIN(ifa)->sin_addr; 575 576 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) { 577 ARPLOG(LOG_DEBUG, "%s not ready\n", ARPLOGADDR(ip)); 578 return; 579 } 580 arprequest(ifp, ip, ip, enaddr, NULL); 581 } 582 583 static void 584 arpannounce1(struct ifaddr *ifa) 585 { 586 587 arpannounce(ifa->ifa_ifp, ifa, CLLADDR(ifa->ifa_ifp->if_sadl)); 588 } 589 590 /* 591 * Resolve an IP address into an ethernet address. If success, desten is 592 * filled in. If there is no entry in arptab, set one up and broadcast a 593 * request for the IP address. Hold onto this mbuf and resend it once the 594 * address is finally resolved. 595 * 596 * A return value of 0 indicates that desten has been filled in and the packet 597 * should be sent normally; a return value of EWOULDBLOCK indicates that the 598 * packet has been held pending resolution. Any other value indicates an 599 * error. 600 */ 601 int 602 arpresolve(struct ifnet *ifp, const struct rtentry *rt, struct mbuf *m, 603 const struct sockaddr *dst, void *desten, size_t destlen) 604 { 605 struct llentry *la; 606 const char *create_lookup; 607 int error; 608 609 #if NCARP > 0 610 if (rt != NULL && rt->rt_ifp->if_type == IFT_CARP) 611 ifp = rt->rt_ifp; 612 #endif 613 614 KASSERT(m != NULL); 615 616 la = arplookup(ifp, NULL, dst, 0); 617 if (la == NULL) 618 goto notfound; 619 620 if (la->la_flags & LLE_VALID && la->ln_state == ND_LLINFO_REACHABLE) { 621 KASSERT(destlen >= ifp->if_addrlen); 622 memcpy(desten, &la->ll_addr, ifp->if_addrlen); 623 LLE_RUNLOCK(la); 624 return 0; 625 } 626 627 notfound: 628 if (ifp->if_flags & IFF_NOARP) { 629 if (la != NULL) 630 LLE_RUNLOCK(la); 631 error = ENOTSUP; 632 goto bad; 633 } 634 635 if (la == NULL) { 636 struct rtentry *_rt; 637 638 create_lookup = "create"; 639 _rt = rtalloc1(dst, 0); 640 IF_AFDATA_WLOCK(ifp); 641 la = lla_create(LLTABLE(ifp), LLE_EXCLUSIVE, dst, _rt); 642 IF_AFDATA_WUNLOCK(ifp); 643 if (_rt != NULL) 644 rt_unref(_rt); 645 if (la == NULL) 646 ARP_STATINC(ARP_STAT_ALLOCFAIL); 647 else 648 la->ln_state = ND_LLINFO_NOSTATE; 649 } else if (LLE_TRY_UPGRADE(la) == 0) { 650 create_lookup = "lookup"; 651 LLE_RUNLOCK(la); 652 IF_AFDATA_RLOCK(ifp); 653 la = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst); 654 IF_AFDATA_RUNLOCK(ifp); 655 } 656 657 error = EINVAL; 658 if (la == NULL) { 659 log(LOG_DEBUG, 660 "%s: failed to %s llentry for %s on %s\n", 661 __func__, create_lookup, inet_ntoa(satocsin(dst)->sin_addr), 662 ifp->if_xname); 663 goto bad; 664 } 665 666 error = nd_resolve(la, rt, m, desten, destlen); 667 return error; 668 669 bad: 670 m_freem(m); 671 return error; 672 } 673 674 /* 675 * Common length and type checks are done here, 676 * then the protocol-specific routine is called. 677 */ 678 void 679 arpintr(void *arg __unused) 680 { 681 struct mbuf *m; 682 struct arphdr *ar; 683 int s; 684 int arplen; 685 struct ifnet *rcvif; 686 bool badhrd; 687 688 SOFTNET_KERNEL_LOCK_UNLESS_NET_MPSAFE(); 689 while ((m = pktq_dequeue(arp_pktq)) != NULL) { 690 if ((m->m_flags & M_PKTHDR) == 0) 691 panic("arpintr"); 692 693 MCLAIM(m, &arpdomain.dom_mowner); 694 ARP_STATINC(ARP_STAT_RCVTOTAL); 695 696 if (__predict_false(m->m_len < sizeof(*ar))) { 697 if ((m = m_pullup(m, sizeof(*ar))) == NULL) 698 goto badlen; 699 } 700 ar = mtod(m, struct arphdr *); 701 KASSERT(ACCESSIBLE_POINTER(ar, struct arphdr)); 702 703 rcvif = m_get_rcvif(m, &s); 704 if (__predict_false(rcvif == NULL)) { 705 ARP_STATINC(ARP_STAT_RCVNOINT); 706 goto free; 707 } 708 709 /* 710 * We don't want non-IEEE1394 ARP packets on IEEE1394 711 * interfaces, and vice versa. Our life depends on that. 712 */ 713 if (ntohs(ar->ar_hrd) == ARPHRD_IEEE1394) 714 badhrd = rcvif->if_type != IFT_IEEE1394; 715 else 716 badhrd = rcvif->if_type == IFT_IEEE1394; 717 718 m_put_rcvif(rcvif, &s); 719 720 if (badhrd) { 721 ARP_STATINC(ARP_STAT_RCVBADPROTO); 722 goto free; 723 } 724 725 arplen = sizeof(*ar) + 2 * ar->ar_hln + 2 * ar->ar_pln; 726 if (__predict_false(m->m_len < arplen)) { 727 if ((m = m_pullup(m, arplen)) == NULL) 728 goto badlen; 729 ar = mtod(m, struct arphdr *); 730 KASSERT(ACCESSIBLE_POINTER(ar, struct arphdr)); 731 } 732 733 switch (ntohs(ar->ar_pro)) { 734 case ETHERTYPE_IP: 735 case ETHERTYPE_IPTRAILERS: 736 in_arpinput(m); 737 continue; 738 default: 739 ARP_STATINC(ARP_STAT_RCVBADPROTO); 740 goto free; 741 } 742 743 badlen: 744 ARP_STATINC(ARP_STAT_RCVBADLEN); 745 free: 746 m_freem(m); 747 } 748 SOFTNET_KERNEL_UNLOCK_UNLESS_NET_MPSAFE(); 749 return; /* XXX gcc */ 750 } 751 752 /* 753 * ARP for Internet protocols on 10 Mb/s Ethernet. Algorithm is that given in 754 * RFC 826. In addition, a sanity check is performed on the sender protocol 755 * address, to catch impersonators. 756 * 757 * We no longer handle negotiations for use of trailer protocol: formerly, ARP 758 * replied for protocol type ETHERTYPE_TRAIL sent along with IP replies if we 759 * wanted trailers sent to us, and also sent them in response to IP replies. 760 * This allowed either end to announce the desire to receive trailer packets. 761 * 762 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either, but 763 * formerly didn't normally send requests. 764 */ 765 static void 766 in_arpinput(struct mbuf *m) 767 { 768 struct arphdr *ah; 769 struct ifnet *ifp, *rcvif = NULL; 770 struct llentry *la = NULL; 771 struct in_ifaddr *ia = NULL; 772 #if NBRIDGE > 0 773 struct in_ifaddr *bridge_ia = NULL; 774 #endif 775 #if NCARP > 0 776 uint32_t count = 0, index = 0; 777 #endif 778 struct sockaddr sa; 779 struct in_addr isaddr, itaddr, myaddr; 780 int op, rt_cmd, new_state = 0; 781 void *tha; 782 uint64_t *arps; 783 struct psref psref, psref_ia; 784 int s; 785 char ipbuf[INET_ADDRSTRLEN]; 786 bool find_source, do_dad; 787 788 if (__predict_false(m_makewritable(&m, 0, m->m_pkthdr.len, M_DONTWAIT))) 789 goto out; 790 ah = mtod(m, struct arphdr *); 791 op = ntohs(ah->ar_op); 792 793 if (ah->ar_pln != sizeof(struct in_addr)) 794 goto out; 795 796 ifp = if_get_bylla(ar_sha(ah), ah->ar_hln, &psref); 797 if (ifp) { 798 /* it's from me, ignore it. */ 799 if_put(ifp, &psref); 800 ARP_STATINC(ARP_STAT_RCVLOCALSHA); 801 goto out; 802 } 803 804 rcvif = ifp = m_get_rcvif_psref(m, &psref); 805 if (__predict_false(rcvif == NULL)) 806 goto out; 807 if (rcvif->if_flags & IFF_NOARP) 808 goto out; 809 810 memcpy(&isaddr, ar_spa(ah), sizeof(isaddr)); 811 memcpy(&itaddr, ar_tpa(ah), sizeof(itaddr)); 812 813 if (m->m_flags & (M_BCAST|M_MCAST)) 814 ARP_STATINC(ARP_STAT_RCVMCAST); 815 816 /* 817 * Search for a matching interface address 818 * or any address on the interface to use 819 * as a dummy address in the rest of this function. 820 * 821 * First try and find the source address for early 822 * duplicate address detection. 823 */ 824 if (in_nullhost(isaddr)) { 825 if (in_nullhost(itaddr)) /* very bogus ARP */ 826 goto out; 827 find_source = false; 828 myaddr = itaddr; 829 } else { 830 find_source = true; 831 myaddr = isaddr; 832 } 833 s = pserialize_read_enter(); 834 again: 835 IN_ADDRHASH_READER_FOREACH(ia, myaddr.s_addr) { 836 if (!in_hosteq(ia->ia_addr.sin_addr, myaddr)) 837 continue; 838 #if NCARP > 0 839 if (ia->ia_ifp->if_type == IFT_CARP && 840 ((ia->ia_ifp->if_flags & (IFF_UP|IFF_RUNNING)) == 841 (IFF_UP|IFF_RUNNING))) { 842 index++; 843 /* XXX: ar_hln? */ 844 if (ia->ia_ifp == rcvif && (ah->ar_hln >= 6) && 845 carp_iamatch(ia, ar_sha(ah), 846 &count, index)) { 847 break; 848 } 849 } else 850 #endif 851 if (ia->ia_ifp == rcvif) 852 break; 853 #if NBRIDGE > 0 854 /* 855 * If the interface we received the packet on 856 * is part of a bridge, check to see if we need 857 * to "bridge" the packet to ourselves at this 858 * layer. Note we still prefer a perfect match, 859 * but allow this weaker match if necessary. 860 */ 861 if (rcvif->if_bridge != NULL && 862 rcvif->if_bridge == ia->ia_ifp->if_bridge) 863 bridge_ia = ia; 864 #endif 865 } 866 867 #if NBRIDGE > 0 868 if (ia == NULL && bridge_ia != NULL) { 869 ia = bridge_ia; 870 m_put_rcvif_psref(rcvif, &psref); 871 rcvif = NULL; 872 /* FIXME */ 873 ifp = bridge_ia->ia_ifp; 874 } 875 #endif 876 877 /* If we failed to find the source address then find 878 * the target address. */ 879 if (ia == NULL && find_source && !in_nullhost(itaddr)) { 880 find_source = false; 881 myaddr = itaddr; 882 goto again; 883 } 884 885 if (ia != NULL) 886 ia4_acquire(ia, &psref_ia); 887 pserialize_read_exit(s); 888 889 if (ah->ar_hln != ifp->if_addrlen) { 890 ARP_STATINC(ARP_STAT_RCVBADLEN); 891 log(LOG_WARNING, 892 "arp from %s: addr len: new %d, i/f %d (ignored)\n", 893 IN_PRINT(ipbuf, &isaddr), ah->ar_hln, ifp->if_addrlen); 894 goto out; 895 } 896 897 /* Only do DaD if we have a matching address. */ 898 do_dad = (ia != NULL); 899 900 if (ia == NULL) { 901 ia = in_get_ia_on_iface_psref(isaddr, rcvif, &psref_ia); 902 if (ia == NULL) { 903 ia = in_get_ia_from_ifp_psref(ifp, &psref_ia); 904 if (ia == NULL) { 905 ARP_STATINC(ARP_STAT_RCVNOINT); 906 goto out; 907 } 908 } 909 } 910 911 myaddr = ia->ia_addr.sin_addr; 912 913 /* XXX checks for bridge case? */ 914 if (!memcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) { 915 ARP_STATINC(ARP_STAT_RCVBCASTSHA); 916 log(LOG_ERR, 917 "%s: arp: link address is broadcast for IP address %s!\n", 918 ifp->if_xname, IN_PRINT(ipbuf, &isaddr)); 919 goto out; 920 } 921 922 /* 923 * If the source IP address is zero, this is an RFC 5227 ARP probe 924 */ 925 if (in_nullhost(isaddr)) 926 ARP_STATINC(ARP_STAT_RCVZEROSPA); 927 else if (in_hosteq(isaddr, myaddr)) 928 ARP_STATINC(ARP_STAT_RCVLOCALSPA); 929 930 if (in_nullhost(itaddr)) 931 ARP_STATINC(ARP_STAT_RCVZEROTPA); 932 933 /* 934 * DAD check, RFC 5227. 935 * ARP sender hardware address must match the interface 936 * address of the interface sending the packet. 937 * Collision on sender address is always a duplicate. 938 * Collision on target address is only a duplicate 939 * IF the sender address is the null host (ie a DAD probe) 940 * AND the message was broadcast 941 * AND our address is either tentative or duplicated 942 * If it was unicast then it's a valid Unicast Poll from RFC 1122. 943 */ 944 if (do_dad && 945 (in_hosteq(isaddr, myaddr) || 946 (in_nullhost(isaddr) && in_hosteq(itaddr, myaddr) && 947 m->m_flags & M_BCAST && 948 ia->ia4_flags & (IN_IFF_TENTATIVE | IN_IFF_DUPLICATED)))) 949 { 950 struct m_tag *mtag; 951 952 mtag = m_tag_find(m, PACKET_TAG_ETHERNET_SRC); 953 if (mtag == NULL || (ah->ar_hln == ETHER_ADDR_LEN && 954 memcmp(mtag + 1, ar_sha(ah), ah->ar_hln) == 0)) { 955 struct sockaddr_dl sdl, *sdlp; 956 957 sdlp = sockaddr_dl_init(&sdl, sizeof(sdl), 958 ifp->if_index, ifp->if_type, 959 NULL, 0, ar_sha(ah), ah->ar_hln); 960 arp_dad_duplicated((struct ifaddr *)ia, sdlp); 961 goto out; 962 } 963 } 964 965 /* 966 * If the target IP address is zero, ignore the packet. 967 * This prevents the code below from trying to answer 968 * when we are using IP address zero (booting). 969 */ 970 if (in_nullhost(itaddr)) 971 goto out; 972 973 if (in_nullhost(isaddr)) 974 goto reply; 975 976 if (in_hosteq(itaddr, myaddr)) 977 la = arpcreate(ifp, &isaddr, NULL, 1); 978 else 979 la = arplookup(ifp, &isaddr, NULL, 1); 980 if (la == NULL) 981 goto reply; 982 983 if ((la->la_flags & LLE_VALID) && 984 memcmp(ar_sha(ah), &la->ll_addr, ifp->if_addrlen)) 985 { 986 char llabuf[LLA_ADDRSTRLEN], *llastr; 987 988 llastr = lla_snprintf(llabuf, sizeof(llabuf), 989 ar_sha(ah), ah->ar_hln); 990 991 if (la->la_flags & LLE_STATIC) { 992 ARP_STATINC(ARP_STAT_RCVOVERPERM); 993 if (!log_permanent_modify) 994 goto out; 995 log(LOG_INFO, 996 "%s tried to overwrite permanent arp info" 997 " for %s\n", llastr, IN_PRINT(ipbuf, &isaddr)); 998 goto out; 999 } else if (la->lle_tbl->llt_ifp != ifp) { 1000 /* XXX should not happen? */ 1001 ARP_STATINC(ARP_STAT_RCVOVERINT); 1002 if (!log_wrong_iface) 1003 goto out; 1004 log(LOG_INFO, 1005 "%s on %s tried to overwrite " 1006 "arp info for %s on %s\n", 1007 llastr, 1008 ifp->if_xname, IN_PRINT(ipbuf, &isaddr), 1009 la->lle_tbl->llt_ifp->if_xname); 1010 goto out; 1011 } else { 1012 ARP_STATINC(ARP_STAT_RCVOVER); 1013 if (log_movements) 1014 log(LOG_INFO, "arp info overwritten " 1015 "for %s by %s\n", 1016 IN_PRINT(ipbuf, &isaddr), llastr); 1017 } 1018 rt_cmd = RTM_CHANGE; 1019 new_state = ND_LLINFO_STALE; 1020 } else { 1021 if (op == ARPOP_REPLY && in_hosteq(itaddr, myaddr)) { 1022 /* This was a solicited ARP reply. */ 1023 la->ln_byhint = 0; 1024 new_state = ND_LLINFO_REACHABLE; 1025 } 1026 rt_cmd = la->la_flags & LLE_VALID ? 0 : RTM_ADD; 1027 } 1028 1029 KASSERT(ifp->if_sadl->sdl_alen == ifp->if_addrlen); 1030 1031 KASSERT(sizeof(la->ll_addr) >= ifp->if_addrlen); 1032 memcpy(&la->ll_addr, ar_sha(ah), ifp->if_addrlen); 1033 la->la_flags |= LLE_VALID; 1034 la->ln_asked = 0; 1035 if (new_state != 0) { 1036 la->ln_state = new_state; 1037 1038 if (new_state != ND_LLINFO_REACHABLE || 1039 !(la->la_flags & LLE_STATIC)) 1040 { 1041 int timer = ND_TIMER_GC; 1042 1043 if (new_state == ND_LLINFO_REACHABLE) 1044 timer = ND_TIMER_REACHABLE; 1045 nd_set_timer(la, timer); 1046 } 1047 } 1048 1049 if (rt_cmd != 0) { 1050 struct sockaddr_in sin; 1051 1052 sockaddr_in_init(&sin, &la->r_l3addr.addr4, 0); 1053 rt_clonedmsg(rt_cmd, NULL, sintosa(&sin), ar_sha(ah), ifp); 1054 } 1055 1056 if (la->la_hold != NULL) { 1057 int n = la->la_numheld; 1058 struct mbuf *m_hold, *m_hold_next; 1059 struct sockaddr_in sin; 1060 1061 sockaddr_in_init(&sin, &la->r_l3addr.addr4, 0); 1062 1063 m_hold = la->la_hold; 1064 la->la_hold = NULL; 1065 la->la_numheld = 0; 1066 /* 1067 * We have to unlock here because if_output would call 1068 * arpresolve 1069 */ 1070 LLE_WUNLOCK(la); 1071 ARP_STATADD(ARP_STAT_DFRSENT, n); 1072 ARP_STATADD(ARP_STAT_DFRTOTAL, n); 1073 for (; m_hold != NULL; m_hold = m_hold_next) { 1074 m_hold_next = m_hold->m_nextpkt; 1075 m_hold->m_nextpkt = NULL; 1076 if_output_lock(ifp, ifp, m_hold, sintosa(&sin), NULL); 1077 } 1078 } else 1079 LLE_WUNLOCK(la); 1080 la = NULL; 1081 1082 reply: 1083 if (la != NULL) { 1084 LLE_WUNLOCK(la); 1085 la = NULL; 1086 } 1087 if (op != ARPOP_REQUEST) { 1088 if (op == ARPOP_REPLY) 1089 ARP_STATINC(ARP_STAT_RCVREPLY); 1090 goto out; 1091 } 1092 ARP_STATINC(ARP_STAT_RCVREQUEST); 1093 if (in_hosteq(itaddr, myaddr)) { 1094 /* If our address is unusable, don't reply */ 1095 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) 1096 goto out; 1097 /* I am the target */ 1098 tha = ar_tha(ah); 1099 if (tha) 1100 memcpy(tha, ar_sha(ah), ah->ar_hln); 1101 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln); 1102 } else { 1103 /* Proxy ARP */ 1104 struct llentry *lle = NULL; 1105 struct sockaddr_in sin; 1106 1107 #if NCARP > 0 1108 if (ifp->if_type == IFT_CARP) { 1109 struct ifnet *_rcvif = m_get_rcvif(m, &s); 1110 int iftype = 0; 1111 if (__predict_true(_rcvif != NULL)) 1112 iftype = _rcvif->if_type; 1113 m_put_rcvif(_rcvif, &s); 1114 if (iftype != IFT_CARP) 1115 goto out; 1116 } 1117 #endif 1118 1119 tha = ar_tha(ah); 1120 1121 sockaddr_in_init(&sin, &itaddr, 0); 1122 1123 IF_AFDATA_RLOCK(ifp); 1124 lle = lla_lookup(LLTABLE(ifp), 0, (struct sockaddr *)&sin); 1125 IF_AFDATA_RUNLOCK(ifp); 1126 1127 if ((lle != NULL) && (lle->la_flags & LLE_PUB)) { 1128 if (tha) 1129 memcpy(tha, ar_sha(ah), ah->ar_hln); 1130 memcpy(ar_sha(ah), &lle->ll_addr, ah->ar_hln); 1131 LLE_RUNLOCK(lle); 1132 } else { 1133 if (lle != NULL) 1134 LLE_RUNLOCK(lle); 1135 goto out; 1136 } 1137 } 1138 ia4_release(ia, &psref_ia); 1139 1140 /* 1141 * XXX XXX: Here we're recycling the mbuf. But the mbuf could have 1142 * other mbufs in its chain, and just overwriting m->m_pkthdr.len 1143 * would be wrong in this case (the length becomes smaller than the 1144 * real chain size). 1145 * 1146 * This can theoretically cause bugs in the lower layers (drivers, 1147 * and L2encap), in some corner cases. 1148 */ 1149 memcpy(ar_tpa(ah), ar_spa(ah), ah->ar_pln); 1150 memcpy(ar_spa(ah), &itaddr, ah->ar_pln); 1151 ah->ar_op = htons(ARPOP_REPLY); 1152 ah->ar_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 1153 switch (ifp->if_type) { 1154 case IFT_IEEE1394: 1155 /* ieee1394 arp reply is broadcast */ 1156 m->m_flags &= ~M_MCAST; 1157 m->m_flags |= M_BCAST; 1158 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + ah->ar_hln; 1159 break; 1160 default: 1161 m->m_flags &= ~(M_BCAST|M_MCAST); /* never reply by broadcast */ 1162 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + (2 * ah->ar_hln); 1163 break; 1164 } 1165 m->m_pkthdr.len = m->m_len; 1166 sa.sa_family = AF_ARP; 1167 sa.sa_len = 2; 1168 arps = ARP_STAT_GETREF(); 1169 arps[ARP_STAT_SNDTOTAL]++; 1170 arps[ARP_STAT_SNDREPLY]++; 1171 ARP_STAT_PUTREF(); 1172 if_output_lock(ifp, ifp, m, &sa, NULL); 1173 if (rcvif != NULL) 1174 m_put_rcvif_psref(rcvif, &psref); 1175 return; 1176 1177 out: 1178 if (la != NULL) 1179 LLE_WUNLOCK(la); 1180 if (ia != NULL) 1181 ia4_release(ia, &psref_ia); 1182 if (rcvif != NULL) 1183 m_put_rcvif_psref(rcvif, &psref); 1184 m_freem(m); 1185 } 1186 1187 /* 1188 * Lookup or a new address in arptab. 1189 */ 1190 struct llentry * 1191 arplookup(struct ifnet *ifp, const struct in_addr *addr, 1192 const struct sockaddr *sa, int wlock) 1193 { 1194 struct sockaddr_in sin; 1195 struct llentry *la; 1196 int flags = wlock ? LLE_EXCLUSIVE : 0; 1197 1198 if (sa == NULL) { 1199 KASSERT(addr != NULL); 1200 sockaddr_in_init(&sin, addr, 0); 1201 sa = sintocsa(&sin); 1202 } 1203 1204 IF_AFDATA_RLOCK(ifp); 1205 la = lla_lookup(LLTABLE(ifp), flags, sa); 1206 IF_AFDATA_RUNLOCK(ifp); 1207 1208 return la; 1209 } 1210 1211 static struct llentry * 1212 arpcreate(struct ifnet *ifp, const struct in_addr *addr, 1213 const struct sockaddr *sa, int wlock) 1214 { 1215 struct sockaddr_in sin; 1216 struct llentry *la; 1217 int flags = wlock ? LLE_EXCLUSIVE : 0; 1218 1219 if (sa == NULL) { 1220 KASSERT(addr != NULL); 1221 sockaddr_in_init(&sin, addr, 0); 1222 sa = sintocsa(&sin); 1223 } 1224 1225 la = arplookup(ifp, addr, sa, wlock); 1226 1227 if (la == NULL) { 1228 struct rtentry *rt; 1229 1230 rt = rtalloc1(sa, 0); 1231 IF_AFDATA_WLOCK(ifp); 1232 la = lla_create(LLTABLE(ifp), flags, sa, rt); 1233 IF_AFDATA_WUNLOCK(ifp); 1234 if (rt != NULL) 1235 rt_unref(rt); 1236 1237 if (la != NULL) 1238 la->ln_state = ND_LLINFO_NOSTATE; 1239 } 1240 1241 return la; 1242 } 1243 1244 int 1245 arpioctl(u_long cmd, void *data) 1246 { 1247 1248 return EOPNOTSUPP; 1249 } 1250 1251 void 1252 arp_ifinit(struct ifnet *ifp, struct ifaddr *ifa) 1253 { 1254 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1255 1256 ifa->ifa_rtrequest = arp_rtrequest; 1257 ifa->ifa_flags |= RTF_CONNECTED; 1258 1259 /* ARP will handle DAD for this address. */ 1260 if (in_nullhost(IA_SIN(ifa)->sin_addr)) { 1261 if (ia->ia_dad_stop != NULL) /* safety */ 1262 ia->ia_dad_stop(ifa); 1263 ia->ia_dad_start = NULL; 1264 ia->ia_dad_stop = NULL; 1265 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1266 } else { 1267 ia->ia_dad_start = arp_dad_start; 1268 ia->ia_dad_stop = arp_dad_stop; 1269 if (ia->ia4_flags & IN_IFF_TRYTENTATIVE && ip_dad_enabled()) 1270 ia->ia4_flags |= IN_IFF_TENTATIVE; 1271 else 1272 arpannounce1(ifa); 1273 } 1274 } 1275 1276 static bool 1277 arp_nud_enabled(__unused struct ifnet *ifp) 1278 { 1279 1280 return arp_perform_nud != 0; 1281 } 1282 1283 static unsigned int 1284 arp_llinfo_reachable(__unused struct ifnet *ifp) 1285 { 1286 1287 return arp_reachable; 1288 } 1289 1290 static unsigned int 1291 arp_llinfo_retrans(__unused struct ifnet *ifp) 1292 { 1293 1294 return arp_retrans; 1295 } 1296 1297 /* 1298 * Gets source address of the first packet in hold queue 1299 * and stores it in @src. 1300 * Returns pointer to @src (if hold queue is not empty) or NULL. 1301 */ 1302 static union l3addr * 1303 arp_llinfo_holdsrc(struct llentry *ln, union l3addr *src) 1304 { 1305 struct ip *ip; 1306 1307 if (ln == NULL || ln->ln_hold == NULL) 1308 return NULL; 1309 1310 /* 1311 * assuming every packet in ln_hold has the same IP header 1312 */ 1313 ip = mtod(ln->ln_hold, struct ip *); 1314 /* XXX pullup? */ 1315 if (sizeof(*ip) < ln->ln_hold->m_len) 1316 src->addr4 = ip->ip_src; 1317 else 1318 src = NULL; 1319 1320 return src; 1321 } 1322 1323 static void 1324 arp_llinfo_output(struct ifnet *ifp, __unused const union l3addr *daddr, 1325 const union l3addr *taddr, const uint8_t *tlladdr, 1326 const union l3addr *hsrc) 1327 { 1328 struct in_addr tip = taddr->addr4, sip = zeroin_addr; 1329 const uint8_t *slladdr = CLLADDR(ifp->if_sadl); 1330 1331 if (hsrc != NULL) { 1332 struct in_ifaddr *ia; 1333 struct psref psref; 1334 1335 ia = in_get_ia_on_iface_psref(hsrc->addr4, ifp, &psref); 1336 if (ia != NULL) { 1337 sip = hsrc->addr4; 1338 ia4_release(ia, &psref); 1339 } 1340 } 1341 1342 if (sip.s_addr == INADDR_ANY) { 1343 struct sockaddr_in dst; 1344 struct rtentry *rt; 1345 1346 sockaddr_in_init(&dst, &tip, 0); 1347 rt = rtalloc1(sintosa(&dst), 0); 1348 if (rt != NULL) { 1349 if (rt->rt_ifp == ifp && 1350 rt->rt_ifa != NULL && 1351 rt->rt_ifa->ifa_addr->sa_family == AF_INET) 1352 sip = satosin(rt->rt_ifa->ifa_addr)->sin_addr; 1353 rt_unref(rt); 1354 } 1355 if (sip.s_addr == INADDR_ANY) { 1356 char ipbuf[INET_ADDRSTRLEN]; 1357 1358 log(LOG_DEBUG, "source can't be " 1359 "determined: dst=%s\n", 1360 IN_PRINT(ipbuf, &tip)); 1361 return; 1362 } 1363 } 1364 1365 arprequest(ifp, &sip, &tip, slladdr, tlladdr); 1366 } 1367 1368 1369 static void 1370 arp_llinfo_missed(struct ifnet *ifp, const union l3addr *taddr, 1371 __unused int16_t type, struct mbuf *m) 1372 { 1373 struct in_addr mdaddr = zeroin_addr; 1374 struct sockaddr_in dsin, tsin; 1375 struct sockaddr *sa; 1376 1377 if (m != NULL) { 1378 struct ip *ip = mtod(m, struct ip *); 1379 1380 if (sizeof(*ip) < m->m_len) 1381 mdaddr = ip->ip_src; 1382 1383 /* ip_input() will send ICMP_UNREACH_HOST, not us. */ 1384 m_freem(m); 1385 } 1386 1387 if (mdaddr.s_addr != INADDR_ANY) { 1388 sockaddr_in_init(&dsin, &mdaddr, 0); 1389 sa = sintosa(&dsin); 1390 } else 1391 sa = NULL; 1392 1393 sockaddr_in_init(&tsin, &taddr->addr4, 0); 1394 rt_clonedmsg(RTM_MISS, sa, sintosa(&tsin), NULL, ifp); 1395 } 1396 1397 static void 1398 arp_free(struct llentry *ln, int gc) 1399 { 1400 struct ifnet *ifp; 1401 1402 KASSERT(ln != NULL); 1403 LLE_WLOCK_ASSERT(ln); 1404 1405 ifp = ln->lle_tbl->llt_ifp; 1406 1407 if (ln->la_flags & LLE_VALID || gc) { 1408 struct sockaddr_in sin; 1409 const char *lladdr; 1410 1411 sockaddr_in_init(&sin, &ln->r_l3addr.addr4, 0); 1412 lladdr = ln->la_flags & LLE_VALID ? 1413 (const char *)&ln->ll_addr : NULL; 1414 rt_clonedmsg(RTM_DELETE, NULL, sintosa(&sin), lladdr, ifp); 1415 } 1416 1417 /* 1418 * Save to unlock. We still hold an extra reference and will not 1419 * free(9) in llentry_free() if someone else holds one as well. 1420 */ 1421 LLE_WUNLOCK(ln); 1422 IF_AFDATA_LOCK(ifp); 1423 LLE_WLOCK(ln); 1424 1425 lltable_free_entry(LLTABLE(ifp), ln); 1426 1427 IF_AFDATA_UNLOCK(ifp); 1428 } 1429 1430 /* 1431 * Upper-layer reachability hint for Neighbor Unreachability Detection. 1432 * 1433 * XXX cost-effective methods? 1434 */ 1435 void 1436 arp_nud_hint(struct rtentry *rt) 1437 { 1438 struct llentry *ln; 1439 struct ifnet *ifp; 1440 1441 if (rt == NULL) 1442 return; 1443 1444 ifp = rt->rt_ifp; 1445 ln = arplookup(ifp, NULL, rt_getkey(rt), 1); 1446 nd_nud_hint(ln); 1447 } 1448 1449 TAILQ_HEAD(dadq_head, dadq); 1450 struct dadq { 1451 TAILQ_ENTRY(dadq) dad_list; 1452 struct ifaddr *dad_ifa; 1453 int dad_count; /* max ARP to send */ 1454 int dad_arp_tcount; /* # of trials to send ARP */ 1455 int dad_arp_ocount; /* ARP sent so far */ 1456 int dad_arp_announce; /* max ARP announcements */ 1457 int dad_arp_acount; /* # of announcements */ 1458 struct callout dad_timer_ch; 1459 }; 1460 1461 static struct dadq_head dadq; 1462 static int dad_maxtry = 15; /* max # of *tries* to transmit DAD packet */ 1463 static kmutex_t arp_dad_lock; 1464 1465 static void 1466 arp_dad_init(void) 1467 { 1468 1469 TAILQ_INIT(&dadq); 1470 mutex_init(&arp_dad_lock, MUTEX_DEFAULT, IPL_NONE); 1471 } 1472 1473 static struct dadq * 1474 arp_dad_find(struct ifaddr *ifa) 1475 { 1476 struct dadq *dp; 1477 1478 KASSERT(mutex_owned(&arp_dad_lock)); 1479 1480 TAILQ_FOREACH(dp, &dadq, dad_list) { 1481 if (dp->dad_ifa == ifa) 1482 return dp; 1483 } 1484 return NULL; 1485 } 1486 1487 static void 1488 arp_dad_starttimer(struct dadq *dp, int ticks) 1489 { 1490 1491 callout_reset(&dp->dad_timer_ch, ticks, 1492 (void (*)(void *))arp_dad_timer, dp); 1493 } 1494 1495 static void 1496 arp_dad_stoptimer(struct dadq *dp) 1497 { 1498 1499 KASSERT(mutex_owned(&arp_dad_lock)); 1500 1501 TAILQ_REMOVE(&dadq, dp, dad_list); 1502 /* Tell the timer that dp is being destroyed. */ 1503 dp->dad_ifa = NULL; 1504 callout_halt(&dp->dad_timer_ch, &arp_dad_lock); 1505 } 1506 1507 static void 1508 arp_dad_destroytimer(struct dadq *dp) 1509 { 1510 1511 callout_destroy(&dp->dad_timer_ch); 1512 KASSERT(dp->dad_ifa == NULL); 1513 kmem_intr_free(dp, sizeof(*dp)); 1514 } 1515 1516 static void 1517 arp_dad_output(struct dadq *dp, struct ifaddr *ifa) 1518 { 1519 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1520 struct ifnet *ifp = ifa->ifa_ifp; 1521 struct in_addr sip; 1522 1523 dp->dad_arp_tcount++; 1524 if ((ifp->if_flags & IFF_UP) == 0) 1525 return; 1526 if ((ifp->if_flags & IFF_RUNNING) == 0) 1527 return; 1528 1529 dp->dad_arp_tcount = 0; 1530 dp->dad_arp_ocount++; 1531 1532 memset(&sip, 0, sizeof(sip)); 1533 arprequest(ifa->ifa_ifp, &sip, &ia->ia_addr.sin_addr, 1534 CLLADDR(ifa->ifa_ifp->if_sadl), NULL); 1535 } 1536 1537 /* 1538 * Start Duplicate Address Detection (DAD) for specified interface address. 1539 */ 1540 static void 1541 arp_dad_start(struct ifaddr *ifa) 1542 { 1543 struct in_ifaddr *ia = (struct in_ifaddr *)ifa; 1544 struct dadq *dp; 1545 char ipbuf[INET_ADDRSTRLEN]; 1546 1547 /* 1548 * If we don't need DAD, don't do it. 1549 * - DAD is disabled 1550 */ 1551 if (!(ia->ia4_flags & IN_IFF_TENTATIVE)) { 1552 log(LOG_DEBUG, 1553 "%s: called with non-tentative address %s(%s)\n", __func__, 1554 IN_PRINT(ipbuf, &ia->ia_addr.sin_addr), 1555 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1556 return; 1557 } 1558 if (!ip_dad_enabled()) { 1559 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1560 rt_addrmsg(RTM_NEWADDR, ifa); 1561 arpannounce1(ifa); 1562 return; 1563 } 1564 KASSERT(ifa->ifa_ifp != NULL); 1565 if (!(ifa->ifa_ifp->if_flags & IFF_UP)) 1566 return; 1567 1568 dp = kmem_intr_alloc(sizeof(*dp), KM_NOSLEEP); 1569 1570 mutex_enter(&arp_dad_lock); 1571 if (arp_dad_find(ifa) != NULL) { 1572 mutex_exit(&arp_dad_lock); 1573 /* DAD already in progress */ 1574 if (dp != NULL) 1575 kmem_intr_free(dp, sizeof(*dp)); 1576 return; 1577 } 1578 1579 if (dp == NULL) { 1580 mutex_exit(&arp_dad_lock); 1581 log(LOG_ERR, "%s: memory allocation failed for %s(%s)\n", 1582 __func__, IN_PRINT(ipbuf, &ia->ia_addr.sin_addr), 1583 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1584 return; 1585 } 1586 1587 /* 1588 * Send ARP packet for DAD, ip_dad_count times. 1589 * Note that we must delay the first transmission. 1590 */ 1591 callout_init(&dp->dad_timer_ch, CALLOUT_MPSAFE); 1592 dp->dad_ifa = ifa; 1593 ifaref(ifa); /* just for safety */ 1594 dp->dad_count = ip_dad_count; 1595 dp->dad_arp_announce = 0; /* Will be set when starting to announce */ 1596 dp->dad_arp_acount = dp->dad_arp_ocount = dp->dad_arp_tcount = 0; 1597 TAILQ_INSERT_TAIL(&dadq, (struct dadq *)dp, dad_list); 1598 1599 ARPLOG(LOG_DEBUG, "%s: starting DAD for %s\n", if_name(ifa->ifa_ifp), 1600 ARPLOGADDR(&ia->ia_addr.sin_addr)); 1601 1602 arp_dad_starttimer(dp, cprng_fast32() % (PROBE_WAIT * hz)); 1603 1604 mutex_exit(&arp_dad_lock); 1605 } 1606 1607 /* 1608 * terminate DAD unconditionally. used for address removals. 1609 */ 1610 static void 1611 arp_dad_stop(struct ifaddr *ifa) 1612 { 1613 struct dadq *dp; 1614 1615 mutex_enter(&arp_dad_lock); 1616 dp = arp_dad_find(ifa); 1617 if (dp == NULL) { 1618 mutex_exit(&arp_dad_lock); 1619 /* DAD wasn't started yet */ 1620 return; 1621 } 1622 1623 arp_dad_stoptimer(dp); 1624 1625 mutex_exit(&arp_dad_lock); 1626 1627 arp_dad_destroytimer(dp); 1628 ifafree(ifa); 1629 } 1630 1631 static void 1632 arp_dad_timer(struct dadq *dp) 1633 { 1634 struct ifaddr *ifa; 1635 struct in_ifaddr *ia; 1636 char ipbuf[INET_ADDRSTRLEN]; 1637 bool need_free = false; 1638 1639 KERNEL_LOCK_UNLESS_NET_MPSAFE(); 1640 mutex_enter(&arp_dad_lock); 1641 1642 ifa = dp->dad_ifa; 1643 if (ifa == NULL) { 1644 /* dp is being destroyed by someone. Do nothing. */ 1645 goto done; 1646 } 1647 1648 ia = (struct in_ifaddr *)ifa; 1649 if (ia->ia4_flags & IN_IFF_DUPLICATED) { 1650 log(LOG_ERR, "%s: called with duplicate address %s(%s)\n", 1651 __func__, IN_PRINT(ipbuf, &ia->ia_addr.sin_addr), 1652 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1653 goto done; 1654 } 1655 if ((ia->ia4_flags & IN_IFF_TENTATIVE) == 0 && dp->dad_arp_acount == 0) 1656 { 1657 log(LOG_ERR, "%s: called with non-tentative address %s(%s)\n", 1658 __func__, IN_PRINT(ipbuf, &ia->ia_addr.sin_addr), 1659 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); 1660 goto done; 1661 } 1662 1663 /* timeouted with IFF_{RUNNING,UP} check */ 1664 if (dp->dad_arp_tcount > dad_maxtry) { 1665 ARPLOG(LOG_INFO, "%s: could not run DAD, driver problem?\n", 1666 if_name(ifa->ifa_ifp)); 1667 1668 arp_dad_stoptimer(dp); 1669 need_free = true; 1670 goto done; 1671 } 1672 1673 /* Need more checks? */ 1674 if (dp->dad_arp_ocount < dp->dad_count) { 1675 int adelay; 1676 1677 /* 1678 * We have more ARP to go. Send ARP packet for DAD. 1679 */ 1680 arp_dad_output(dp, ifa); 1681 if (dp->dad_arp_ocount < dp->dad_count) 1682 adelay = (PROBE_MIN * hz) + 1683 (cprng_fast32() % 1684 ((PROBE_MAX * hz) - (PROBE_MIN * hz))); 1685 else 1686 adelay = ANNOUNCE_WAIT * hz; 1687 arp_dad_starttimer(dp, adelay); 1688 goto done; 1689 } else if (dp->dad_arp_acount == 0) { 1690 /* 1691 * We are done with DAD. 1692 * No duplicate address found. 1693 */ 1694 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1695 rt_addrmsg(RTM_NEWADDR, ifa); 1696 ARPLOG(LOG_DEBUG, 1697 "%s: DAD complete for %s - no duplicates found\n", 1698 if_name(ifa->ifa_ifp), ARPLOGADDR(&ia->ia_addr.sin_addr)); 1699 dp->dad_arp_announce = ANNOUNCE_NUM; 1700 goto announce; 1701 } else if (dp->dad_arp_acount < dp->dad_arp_announce) { 1702 announce: 1703 /* 1704 * Announce the address. 1705 */ 1706 arpannounce1(ifa); 1707 dp->dad_arp_acount++; 1708 if (dp->dad_arp_acount < dp->dad_arp_announce) { 1709 arp_dad_starttimer(dp, ANNOUNCE_INTERVAL * hz); 1710 goto done; 1711 } 1712 ARPLOG(LOG_DEBUG, 1713 "%s: ARP announcement complete for %s\n", 1714 if_name(ifa->ifa_ifp), ARPLOGADDR(&ia->ia_addr.sin_addr)); 1715 } 1716 1717 arp_dad_stoptimer(dp); 1718 need_free = true; 1719 done: 1720 mutex_exit(&arp_dad_lock); 1721 1722 if (need_free) { 1723 arp_dad_destroytimer(dp); 1724 KASSERT(ifa != NULL); 1725 ifafree(ifa); 1726 } 1727 1728 KERNEL_UNLOCK_UNLESS_NET_MPSAFE(); 1729 } 1730 1731 static void 1732 arp_dad_duplicated(struct ifaddr *ifa, const struct sockaddr_dl *from) 1733 { 1734 struct in_ifaddr *ia = ifatoia(ifa); 1735 struct ifnet *ifp = ifa->ifa_ifp; 1736 char ipbuf[INET_ADDRSTRLEN], llabuf[LLA_ADDRSTRLEN]; 1737 const char *iastr, *llastr; 1738 1739 iastr = IN_PRINT(ipbuf, &ia->ia_addr.sin_addr); 1740 if (__predict_false(from == NULL)) 1741 llastr = NULL; 1742 else 1743 llastr = lla_snprintf(llabuf, sizeof(llabuf), 1744 CLLADDR(from), from->sdl_alen); 1745 1746 if (ia->ia4_flags & (IN_IFF_TENTATIVE|IN_IFF_DUPLICATED)) { 1747 log(LOG_ERR, 1748 "%s: DAD duplicate address %s from %s\n", 1749 if_name(ifp), iastr, llastr); 1750 } else if (ia->ia_dad_defended == 0 || 1751 ia->ia_dad_defended < time_uptime - DEFEND_INTERVAL) { 1752 ia->ia_dad_defended = time_uptime; 1753 arpannounce1(ifa); 1754 log(LOG_ERR, 1755 "%s: DAD defended address %s from %s\n", 1756 if_name(ifp), iastr, llastr); 1757 return; 1758 } else { 1759 /* If DAD is disabled, just report the duplicate. */ 1760 if (!ip_dad_enabled()) { 1761 log(LOG_ERR, 1762 "%s: DAD ignoring duplicate address %s from %s\n", 1763 if_name(ifp), iastr, llastr); 1764 return; 1765 } 1766 log(LOG_ERR, 1767 "%s: DAD defence failed for %s from %s\n", 1768 if_name(ifp), iastr, llastr); 1769 } 1770 1771 arp_dad_stop(ifa); 1772 1773 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1774 if ((ia->ia4_flags & IN_IFF_DUPLICATED) == 0) { 1775 ia->ia4_flags |= IN_IFF_DUPLICATED; 1776 /* Inform the routing socket of the duplicate address */ 1777 rt_addrmsg_src(RTM_NEWADDR, ifa, (const struct sockaddr *)from); 1778 } 1779 } 1780 1781 /* 1782 * Called from 10 Mb/s Ethernet interrupt handlers 1783 * when ether packet type ETHERTYPE_REVARP 1784 * is received. Common length and type checks are done here, 1785 * then the protocol-specific routine is called. 1786 */ 1787 void 1788 revarpinput(struct mbuf *m) 1789 { 1790 struct arphdr *ar; 1791 int arplen; 1792 1793 arplen = sizeof(struct arphdr); 1794 if (m->m_len < arplen && (m = m_pullup(m, arplen)) == NULL) 1795 return; 1796 ar = mtod(m, struct arphdr *); 1797 1798 if (ntohs(ar->ar_hrd) == ARPHRD_IEEE1394) { 1799 goto out; 1800 } 1801 1802 arplen = sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln); 1803 if (m->m_len < arplen && (m = m_pullup(m, arplen)) == NULL) 1804 return; 1805 ar = mtod(m, struct arphdr *); 1806 1807 switch (ntohs(ar->ar_pro)) { 1808 case ETHERTYPE_IP: 1809 case ETHERTYPE_IPTRAILERS: 1810 in_revarpinput(m); 1811 return; 1812 1813 default: 1814 break; 1815 } 1816 1817 out: 1818 m_freem(m); 1819 } 1820 1821 /* 1822 * RARP for Internet protocols on 10 Mb/s Ethernet. 1823 * Algorithm is that given in RFC 903. 1824 * We are only using for bootstrap purposes to get an ip address for one of 1825 * our interfaces. Thus we support no user-interface. 1826 * 1827 * Since the contents of the RARP reply are specific to the interface that 1828 * sent the request, this code must ensure that they are properly associated. 1829 * 1830 * Note: also supports ARP via RARP packets, per the RFC. 1831 */ 1832 void 1833 in_revarpinput(struct mbuf *m) 1834 { 1835 struct arphdr *ah; 1836 void *tha; 1837 int op; 1838 struct ifnet *rcvif; 1839 int s; 1840 1841 ah = mtod(m, struct arphdr *); 1842 op = ntohs(ah->ar_op); 1843 1844 rcvif = m_get_rcvif(m, &s); 1845 if (__predict_false(rcvif == NULL)) 1846 goto out; 1847 if (rcvif->if_flags & IFF_NOARP) 1848 goto out; 1849 1850 switch (rcvif->if_type) { 1851 case IFT_IEEE1394: 1852 /* ARP without target hardware address is not supported */ 1853 goto out; 1854 default: 1855 break; 1856 } 1857 1858 switch (op) { 1859 case ARPOP_REQUEST: 1860 case ARPOP_REPLY: /* per RFC */ 1861 m_put_rcvif(rcvif, &s); 1862 in_arpinput(m); 1863 return; 1864 case ARPOP_REVREPLY: 1865 break; 1866 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 1867 default: 1868 goto out; 1869 } 1870 if (!revarp_in_progress) 1871 goto out; 1872 if (rcvif != myip_ifp) /* !same interface */ 1873 goto out; 1874 if (myip_initialized) 1875 goto wake; 1876 tha = ar_tha(ah); 1877 if (tha == NULL) 1878 goto out; 1879 if (ah->ar_pln != sizeof(struct in_addr)) 1880 goto out; 1881 if (ah->ar_hln != rcvif->if_sadl->sdl_alen) 1882 goto out; 1883 if (memcmp(tha, CLLADDR(rcvif->if_sadl), rcvif->if_sadl->sdl_alen)) 1884 goto out; 1885 memcpy(&srv_ip, ar_spa(ah), sizeof(srv_ip)); 1886 memcpy(&myip, ar_tpa(ah), sizeof(myip)); 1887 myip_initialized = 1; 1888 wake: /* Do wakeup every time in case it was missed. */ 1889 wakeup((void *)&myip); 1890 1891 out: 1892 m_put_rcvif(rcvif, &s); 1893 m_freem(m); 1894 } 1895 1896 /* 1897 * Send a RARP request for the ip address of the specified interface. 1898 * The request should be RFC 903-compliant. 1899 */ 1900 static void 1901 revarprequest(struct ifnet *ifp) 1902 { 1903 struct sockaddr sa; 1904 struct mbuf *m; 1905 struct arphdr *ah; 1906 void *tha; 1907 1908 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 1909 return; 1910 MCLAIM(m, &arpdomain.dom_mowner); 1911 m->m_len = sizeof(*ah) + 2*sizeof(struct in_addr) + 1912 2*ifp->if_addrlen; 1913 m->m_pkthdr.len = m->m_len; 1914 m_align(m, m->m_len); 1915 ah = mtod(m, struct arphdr *); 1916 memset(ah, 0, m->m_len); 1917 ah->ar_pro = htons(ETHERTYPE_IP); 1918 ah->ar_hln = ifp->if_addrlen; /* hardware address length */ 1919 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */ 1920 ah->ar_op = htons(ARPOP_REVREQUEST); 1921 1922 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln); 1923 tha = ar_tha(ah); 1924 if (tha == NULL) { 1925 m_free(m); 1926 return; 1927 } 1928 memcpy(tha, CLLADDR(ifp->if_sadl), ah->ar_hln); 1929 1930 sa.sa_family = AF_ARP; 1931 sa.sa_len = 2; 1932 m->m_flags |= M_BCAST; 1933 1934 if_output_lock(ifp, ifp, m, &sa, NULL); 1935 } 1936 1937 /* 1938 * RARP for the ip address of the specified interface, but also 1939 * save the ip address of the server that sent the answer. 1940 * Timeout if no response is received. 1941 */ 1942 int 1943 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 1944 struct in_addr *clnt_in) 1945 { 1946 int result, count = 20; 1947 1948 myip_initialized = 0; 1949 myip_ifp = ifp; 1950 1951 revarp_in_progress = 1; 1952 while (count--) { 1953 revarprequest(ifp); 1954 result = tsleep((void *)&myip, PSOCK, "revarp", hz/2); 1955 if (result != EWOULDBLOCK) 1956 break; 1957 } 1958 revarp_in_progress = 0; 1959 1960 if (!myip_initialized) 1961 return ENETUNREACH; 1962 1963 memcpy(serv_in, &srv_ip, sizeof(*serv_in)); 1964 memcpy(clnt_in, &myip, sizeof(*clnt_in)); 1965 return 0; 1966 } 1967 1968 void 1969 arp_stat_add(int type, uint64_t count) 1970 { 1971 ARP_STATADD(type, count); 1972 } 1973 1974 static int 1975 sysctl_net_inet_arp_stats(SYSCTLFN_ARGS) 1976 { 1977 1978 return NETSTAT_SYSCTL(arpstat_percpu, ARP_NSTATS); 1979 } 1980 1981 static void 1982 sysctl_net_inet_arp_setup(struct sysctllog **clog) 1983 { 1984 const struct sysctlnode *node; 1985 1986 sysctl_createv(clog, 0, NULL, NULL, 1987 CTLFLAG_PERMANENT, 1988 CTLTYPE_NODE, "inet", NULL, 1989 NULL, 0, NULL, 0, 1990 CTL_NET, PF_INET, CTL_EOL); 1991 sysctl_createv(clog, 0, NULL, &node, 1992 CTLFLAG_PERMANENT, 1993 CTLTYPE_NODE, "arp", 1994 SYSCTL_DESCR("Address Resolution Protocol"), 1995 NULL, 0, NULL, 0, 1996 CTL_NET, PF_INET, CTL_CREATE, CTL_EOL); 1997 1998 sysctl_createv(clog, 0, NULL, NULL, 1999 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2000 CTLTYPE_INT, "nd_delay", 2001 SYSCTL_DESCR("First probe delay time"), 2002 NULL, 0, &arp_nd_domain.nd_delay, 0, 2003 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2004 sysctl_createv(clog, 0, NULL, NULL, 2005 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2006 CTLTYPE_INT, "nd_bmaxtries", 2007 SYSCTL_DESCR("Number of broadcast discovery attempts"), 2008 NULL, 0, &arp_nd_domain.nd_mmaxtries, 0, 2009 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2010 sysctl_createv(clog, 0, NULL, NULL, 2011 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2012 CTLTYPE_INT, "nd_umaxtries", 2013 SYSCTL_DESCR("Number of unicast discovery attempts"), 2014 NULL, 0, &arp_nd_domain.nd_umaxtries, 0, 2015 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2016 sysctl_createv(clog, 0, NULL, NULL, 2017 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2018 CTLTYPE_INT, "nd_reachable", 2019 SYSCTL_DESCR("Reachable time"), 2020 NULL, 0, &arp_reachable, 0, 2021 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2022 sysctl_createv(clog, 0, NULL, NULL, 2023 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2024 CTLTYPE_INT, "nd_retrans", 2025 SYSCTL_DESCR("Retransmission time"), 2026 NULL, 0, &arp_retrans, 0, 2027 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2028 sysctl_createv(clog, 0, NULL, NULL, 2029 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2030 CTLTYPE_INT, "nd_nud", 2031 SYSCTL_DESCR("Perform neighbour unreachability detection"), 2032 NULL, 0, &arp_perform_nud, 0, 2033 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2034 sysctl_createv(clog, 0, NULL, NULL, 2035 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2036 CTLTYPE_INT, "nd_maxnudhint", 2037 SYSCTL_DESCR("Maximum neighbor unreachable hint count"), 2038 NULL, 0, &arp_nd_domain.nd_maxnudhint, 0, 2039 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2040 sysctl_createv(clog, 0, NULL, NULL, 2041 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2042 CTLTYPE_INT, "maxqueuelen", 2043 SYSCTL_DESCR("max packet queue len for a unresolved ARP"), 2044 NULL, 1, &arp_nd_domain.nd_maxqueuelen, 0, 2045 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2046 2047 sysctl_createv(clog, 0, NULL, NULL, 2048 CTLFLAG_PERMANENT, 2049 CTLTYPE_STRUCT, "stats", 2050 SYSCTL_DESCR("ARP statistics"), 2051 sysctl_net_inet_arp_stats, 0, NULL, 0, 2052 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2053 2054 sysctl_createv(clog, 0, NULL, NULL, 2055 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2056 CTLTYPE_INT, "log_movements", 2057 SYSCTL_DESCR("log ARP replies from MACs different than" 2058 " the one in the cache"), 2059 NULL, 0, &log_movements, 0, 2060 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2061 2062 sysctl_createv(clog, 0, NULL, NULL, 2063 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2064 CTLTYPE_INT, "log_permanent_modify", 2065 SYSCTL_DESCR("log ARP replies from MACs different than" 2066 " the one in the permanent arp entry"), 2067 NULL, 0, &log_permanent_modify, 0, 2068 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2069 2070 sysctl_createv(clog, 0, NULL, NULL, 2071 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2072 CTLTYPE_INT, "log_wrong_iface", 2073 SYSCTL_DESCR("log ARP packets arriving on the wrong" 2074 " interface"), 2075 NULL, 0, &log_wrong_iface, 0, 2076 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2077 2078 sysctl_createv(clog, 0, NULL, NULL, 2079 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2080 CTLTYPE_INT, "debug", 2081 SYSCTL_DESCR("Enable ARP DAD debug output"), 2082 NULL, 0, &arp_debug, 0, 2083 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL); 2084 } 2085 2086 #endif /* INET */
Cache object: 1922a1baae87f8c6bab30852b4ae2be9
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]