FreeBSD/Linux Kernel Cross Reference
sys/netinet/if_arp.c
1 /* $NetBSD: if_arp.c,v 1.311 2022/11/15 10:47:39 roy Exp $ */
2
3 /*
4 * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Public Access Networks Corporation ("Panix"). It was developed under
9 * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 */
32
33 /*
34 * Copyright (c) 1982, 1986, 1988, 1993
35 * The Regents of the University of California. All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. Neither the name of the University nor the names of its contributors
46 * may be used to endorse or promote products derived from this software
47 * without specific prior written permission.
48 *
49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 * SUCH DAMAGE.
60 *
61 * @(#)if_ether.c 8.2 (Berkeley) 9/26/94
62 */
63
64 /*
65 * Ethernet address resolution protocol.
66 * TODO:
67 * add "inuse/lock" bit (or ref. count) along with valid bit
68 */
69
70 #include <sys/cdefs.h>
71 __KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.311 2022/11/15 10:47:39 roy Exp $");
72
73 #ifdef _KERNEL_OPT
74 #include "opt_ddb.h"
75 #include "opt_inet.h"
76 #include "opt_net_mpsafe.h"
77 #endif
78
79 #ifdef INET
80
81 #include "arp.h"
82 #include "bridge.h"
83
84 #include <sys/param.h>
85 #include <sys/systm.h>
86 #include <sys/callout.h>
87 #include <sys/kmem.h>
88 #include <sys/mbuf.h>
89 #include <sys/socket.h>
90 #include <sys/time.h>
91 #include <sys/timetc.h>
92 #include <sys/kernel.h>
93 #include <sys/errno.h>
94 #include <sys/ioctl.h>
95 #include <sys/syslog.h>
96 #include <sys/proc.h>
97 #include <sys/protosw.h>
98 #include <sys/domain.h>
99 #include <sys/sysctl.h>
100 #include <sys/socketvar.h>
101 #include <sys/percpu.h>
102 #include <sys/cprng.h>
103 #include <sys/kmem.h>
104
105 #include <net/ethertypes.h>
106 #include <net/if.h>
107 #include <net/if_dl.h>
108 #include <net/if_types.h>
109 #include <net/if_ether.h>
110 #include <net/if_llatbl.h>
111 #include <net/nd.h>
112 #include <net/route.h>
113 #include <net/net_stats.h>
114
115 #include <netinet/in.h>
116 #include <netinet/in_systm.h>
117 #include <netinet/in_var.h>
118 #include <netinet/ip.h>
119 #include <netinet/if_inarp.h>
120
121 #include "arcnet.h"
122 #if NARCNET > 0
123 #include <net/if_arc.h>
124 #endif
125 #include "carp.h"
126 #if NCARP > 0
127 #include <netinet/ip_carp.h>
128 #endif
129
130 /*
131 * ARP trailer negotiation. Trailer protocol is not IP specific,
132 * but ARP request/response use IP addresses.
133 */
134 #define ETHERTYPE_IPTRAILERS ETHERTYPE_TRAIL
135
136 /* timers */
137 static int arp_reachable = REACHABLE_TIME;
138 static int arp_retrans = RETRANS_TIMER;
139 static int arp_perform_nud = 1;
140
141 static bool arp_nud_enabled(struct ifnet *);
142 static unsigned int arp_llinfo_reachable(struct ifnet *);
143 static unsigned int arp_llinfo_retrans(struct ifnet *);
144 static union l3addr *arp_llinfo_holdsrc(struct llentry *, union l3addr *);
145 static void arp_llinfo_output(struct ifnet *, const union l3addr *,
146 const union l3addr *, const uint8_t *, const union l3addr *);
147 static void arp_llinfo_missed(struct ifnet *, const union l3addr *,
148 int16_t, struct mbuf *);
149 static void arp_free(struct llentry *, int);
150
151 static struct nd_domain arp_nd_domain = {
152 .nd_family = AF_INET,
153 .nd_delay = 5, /* delay first probe time 5 second */
154 .nd_mmaxtries = 3, /* maximum broadcast query */
155 .nd_umaxtries = 3, /* maximum unicast query */
156 .nd_retransmultiple = BACKOFF_MULTIPLE,
157 .nd_maxretrans = MAX_RETRANS_TIMER,
158 .nd_maxnudhint = 0, /* max # of subsequent upper layer hints */
159 .nd_maxqueuelen = 1, /* max # of packets in unresolved ND entries */
160 .nd_nud_enabled = arp_nud_enabled,
161 .nd_reachable = arp_llinfo_reachable,
162 .nd_retrans = arp_llinfo_retrans,
163 .nd_holdsrc = arp_llinfo_holdsrc,
164 .nd_output = arp_llinfo_output,
165 .nd_missed = arp_llinfo_missed,
166 .nd_free = arp_free,
167 };
168
169 int ip_dad_count = PROBE_NUM;
170 #ifdef ARP_DEBUG
171 int arp_debug = 1;
172 #else
173 int arp_debug = 0;
174 #endif
175
176 static void arp_init(void);
177 static void arp_dad_init(void);
178
179 static void arprequest(struct ifnet *,
180 const struct in_addr *, const struct in_addr *,
181 const uint8_t *, const uint8_t *);
182 static void arpannounce1(struct ifaddr *);
183 static struct sockaddr *arp_setgate(struct rtentry *, struct sockaddr *,
184 const struct sockaddr *);
185 static struct llentry *arpcreate(struct ifnet *,
186 const struct in_addr *, const struct sockaddr *, int);
187 static void in_arpinput(struct mbuf *);
188 static void in_revarpinput(struct mbuf *);
189 static void revarprequest(struct ifnet *);
190
191 static void arp_drainstub(void);
192
193 struct dadq;
194 static void arp_dad_timer(struct dadq *);
195 static void arp_dad_start(struct ifaddr *);
196 static void arp_dad_stop(struct ifaddr *);
197 static void arp_dad_duplicated(struct ifaddr *, const struct sockaddr_dl *);
198
199 #define ARP_MAXQLEN 50
200 pktqueue_t * arp_pktq __read_mostly;
201
202 static int useloopback = 1; /* use loopback interface for local traffic */
203
204 static percpu_t *arpstat_percpu;
205
206 #define ARP_STAT_GETREF() _NET_STAT_GETREF(arpstat_percpu)
207 #define ARP_STAT_PUTREF() _NET_STAT_PUTREF(arpstat_percpu)
208
209 #define ARP_STATINC(x) _NET_STATINC(arpstat_percpu, x)
210 #define ARP_STATADD(x, v) _NET_STATADD(arpstat_percpu, x, v)
211
212 /* revarp state */
213 static struct in_addr myip, srv_ip;
214 static int myip_initialized = 0;
215 static int revarp_in_progress = 0;
216 static struct ifnet *myip_ifp = NULL;
217
218 static int arp_drainwanted;
219
220 static int log_movements = 0;
221 static int log_permanent_modify = 1;
222 static int log_wrong_iface = 1;
223
224 DOMAIN_DEFINE(arpdomain); /* forward declare and add to link set */
225
226 static void
227 arp_fasttimo(void)
228 {
229 if (arp_drainwanted) {
230 arp_drain();
231 arp_drainwanted = 0;
232 }
233 }
234
235 static const struct protosw arpsw[] = {
236 {
237 .pr_type = 0,
238 .pr_domain = &arpdomain,
239 .pr_protocol = 0,
240 .pr_flags = 0,
241 .pr_input = 0,
242 .pr_ctlinput = 0,
243 .pr_ctloutput = 0,
244 .pr_usrreqs = 0,
245 .pr_init = arp_init,
246 .pr_fasttimo = arp_fasttimo,
247 .pr_slowtimo = 0,
248 .pr_drain = arp_drainstub,
249 }
250 };
251
252 struct domain arpdomain = {
253 .dom_family = PF_ARP,
254 .dom_name = "arp",
255 .dom_protosw = arpsw,
256 .dom_protoswNPROTOSW = &arpsw[__arraycount(arpsw)],
257 #ifdef MBUFTRACE
258 .dom_mowner = MOWNER_INIT("internet", "arp"),
259 #endif
260 };
261
262 static void sysctl_net_inet_arp_setup(struct sysctllog **);
263
264 void
265 arp_init(void)
266 {
267
268 arp_pktq = pktq_create(ARP_MAXQLEN, arpintr, NULL);
269 KASSERT(arp_pktq != NULL);
270
271 sysctl_net_inet_arp_setup(NULL);
272 arpstat_percpu = percpu_alloc(sizeof(uint64_t) * ARP_NSTATS);
273
274 #ifdef MBUFTRACE
275 MOWNER_ATTACH(&arpdomain.dom_mowner);
276 #endif
277
278 nd_attach_domain(&arp_nd_domain);
279 arp_dad_init();
280 }
281
282 static void
283 arp_drainstub(void)
284 {
285 arp_drainwanted = 1;
286 }
287
288 /*
289 * ARP protocol drain routine. Called when memory is in short supply.
290 * Called at splvm(); don't acquire softnet_lock as can be called from
291 * hardware interrupt handlers.
292 */
293 void
294 arp_drain(void)
295 {
296
297 lltable_drain(AF_INET);
298 }
299
300 /*
301 * We set the gateway for RTF_CLONING routes to a "prototype"
302 * link-layer sockaddr whose interface type (if_type) and interface
303 * index (if_index) fields are prepared.
304 */
305 static struct sockaddr *
306 arp_setgate(struct rtentry *rt, struct sockaddr *gate,
307 const struct sockaddr *netmask)
308 {
309 const struct ifnet *ifp = rt->rt_ifp;
310 uint8_t namelen = strlen(ifp->if_xname);
311 uint8_t addrlen = ifp->if_addrlen;
312
313 /*
314 * XXX: If this is a manually added route to interface
315 * such as older version of routed or gated might provide,
316 * restore cloning bit.
317 */
318 if ((rt->rt_flags & RTF_HOST) == 0 && netmask != NULL &&
319 satocsin(netmask)->sin_addr.s_addr != 0xffffffff)
320 rt->rt_flags |= RTF_CONNECTED;
321
322 if ((rt->rt_flags & (RTF_CONNECTED | RTF_LOCAL))) {
323 union {
324 struct sockaddr sa;
325 struct sockaddr_storage ss;
326 struct sockaddr_dl sdl;
327 } u;
328 /*
329 * Case 1: This route should come from a route to iface.
330 */
331 sockaddr_dl_init(&u.sdl, sizeof(u.ss),
332 ifp->if_index, ifp->if_type, NULL, namelen, NULL, addrlen);
333 rt_setgate(rt, &u.sa);
334 gate = rt->rt_gateway;
335 }
336 return gate;
337 }
338
339 /*
340 * Parallel to llc_rtrequest.
341 */
342 void
343 arp_rtrequest(int req, struct rtentry *rt, const struct rt_addrinfo *info)
344 {
345 struct sockaddr *gate = rt->rt_gateway;
346 struct in_ifaddr *ia;
347 struct ifaddr *ifa;
348 struct ifnet *ifp = rt->rt_ifp;
349 int bound;
350 int s;
351
352 if (req == RTM_LLINFO_UPD) {
353 if ((ifa = info->rti_ifa) != NULL)
354 arpannounce1(ifa);
355 return;
356 }
357
358 if ((rt->rt_flags & RTF_GATEWAY) != 0) {
359 if (req != RTM_ADD)
360 return;
361
362 /*
363 * linklayers with particular link MTU limitation.
364 */
365 switch(ifp->if_type) {
366 #if NARCNET > 0
367 case IFT_ARCNET:
368 {
369 int arcipifmtu;
370
371 if (ifp->if_flags & IFF_LINK0)
372 arcipifmtu = arc_ipmtu;
373 else
374 arcipifmtu = ARCMTU;
375 if (ifp->if_mtu > arcipifmtu)
376 rt->rt_rmx.rmx_mtu = arcipifmtu;
377 break;
378 }
379 #endif
380 }
381 return;
382 }
383
384 switch (req) {
385 case RTM_SETGATE:
386 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]);
387 break;
388 case RTM_ADD:
389 gate = arp_setgate(rt, gate, info->rti_info[RTAX_NETMASK]);
390 if (gate == NULL) {
391 log(LOG_ERR, "%s: arp_setgate failed\n", __func__);
392 break;
393 }
394 if ((rt->rt_flags & RTF_CONNECTED) ||
395 (rt->rt_flags & RTF_LOCAL)) {
396 /*
397 * linklayers with particular link MTU limitation.
398 */
399 switch (ifp->if_type) {
400 #if NARCNET > 0
401 case IFT_ARCNET:
402 {
403 int arcipifmtu;
404 if (ifp->if_flags & IFF_LINK0)
405 arcipifmtu = arc_ipmtu;
406 else
407 arcipifmtu = ARCMTU;
408
409 if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0 &&
410 (rt->rt_rmx.rmx_mtu > arcipifmtu ||
411 (rt->rt_rmx.rmx_mtu == 0 &&
412 ifp->if_mtu > arcipifmtu)))
413 rt->rt_rmx.rmx_mtu = arcipifmtu;
414 break;
415 }
416 #endif
417 }
418 if (rt->rt_flags & RTF_CONNECTED)
419 break;
420 }
421
422 bound = curlwp_bind();
423 /* Announce a new entry if requested. */
424 if (rt->rt_flags & RTF_ANNOUNCE) {
425 struct psref psref;
426 ia = in_get_ia_on_iface_psref(
427 satocsin(rt_getkey(rt))->sin_addr, ifp, &psref);
428 if (ia != NULL) {
429 arpannounce(ifp, &ia->ia_ifa,
430 CLLADDR(satocsdl(gate)));
431 ia4_release(ia, &psref);
432 }
433 }
434
435 if (gate->sa_family != AF_LINK ||
436 gate->sa_len < sockaddr_dl_measure(0, ifp->if_addrlen)) {
437 log(LOG_DEBUG, "%s: bad gateway value\n", __func__);
438 goto out;
439 }
440
441 satosdl(gate)->sdl_type = ifp->if_type;
442 satosdl(gate)->sdl_index = ifp->if_index;
443
444 /*
445 * If the route is for a broadcast address mark it as such.
446 * This way we can avoid an expensive call to in_broadcast()
447 * in ip_output() most of the time (because the route passed
448 * to ip_output() is almost always a host route).
449 */
450 if (rt->rt_flags & RTF_HOST &&
451 !(rt->rt_flags & RTF_BROADCAST) &&
452 in_broadcast(satocsin(rt_getkey(rt))->sin_addr, rt->rt_ifp))
453 rt->rt_flags |= RTF_BROADCAST;
454 /* There is little point in resolving the broadcast address */
455 if (rt->rt_flags & RTF_BROADCAST)
456 goto out;
457
458 /*
459 * When called from rt_ifa_addlocal, we cannot depend on that
460 * the address (rt_getkey(rt)) exits in the address list of the
461 * interface. So check RTF_LOCAL instead.
462 */
463 if (rt->rt_flags & RTF_LOCAL) {
464 if (useloopback) {
465 rt->rt_ifp = lo0ifp;
466 rt->rt_rmx.rmx_mtu = 0;
467 }
468 goto out;
469 }
470
471 s = pserialize_read_enter();
472 ia = in_get_ia_on_iface(satocsin(rt_getkey(rt))->sin_addr, ifp);
473 if (ia == NULL) {
474 pserialize_read_exit(s);
475 goto out;
476 }
477
478 if (useloopback) {
479 rt->rt_ifp = lo0ifp;
480 rt->rt_rmx.rmx_mtu = 0;
481 }
482 rt->rt_flags |= RTF_LOCAL;
483
484 if (ISSET(info->rti_flags, RTF_DONTCHANGEIFA)) {
485 pserialize_read_exit(s);
486 goto out;
487 }
488 /*
489 * make sure to set rt->rt_ifa to the interface
490 * address we are using, otherwise we will have trouble
491 * with source address selection.
492 */
493 ifa = &ia->ia_ifa;
494 if (ifa != rt->rt_ifa)
495 /* Assume it doesn't sleep */
496 rt_replace_ifa(rt, ifa);
497 pserialize_read_exit(s);
498 out:
499 curlwp_bindx(bound);
500 break;
501 }
502 }
503
504 /*
505 * Broadcast an ARP request. Caller specifies:
506 * - arp header source ip address
507 * - arp header target ip address
508 * - arp header source ethernet address
509 */
510 static void
511 arprequest(struct ifnet *ifp,
512 const struct in_addr *sip, const struct in_addr *tip,
513 const uint8_t *saddr, const uint8_t *taddr)
514 {
515 struct mbuf *m;
516 struct arphdr *ah;
517 struct sockaddr sa;
518 uint64_t *arps;
519
520 KASSERT(sip != NULL);
521 KASSERT(tip != NULL);
522 KASSERT(saddr != NULL);
523
524 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL)
525 return;
526 MCLAIM(m, &arpdomain.dom_mowner);
527 switch (ifp->if_type) {
528 case IFT_IEEE1394:
529 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) +
530 ifp->if_addrlen;
531 break;
532 default:
533 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) +
534 2 * ifp->if_addrlen;
535 break;
536 }
537 m->m_pkthdr.len = m->m_len;
538 m_align(m, m->m_len);
539 ah = mtod(m, struct arphdr *);
540 memset(ah, 0, m->m_len);
541 switch (ifp->if_type) {
542 case IFT_IEEE1394: /* RFC2734 */
543 /* fill it now for ar_tpa computation */
544 ah->ar_hrd = htons(ARPHRD_IEEE1394);
545 break;
546 default:
547 /* ifp->if_output will fill ar_hrd */
548 break;
549 }
550 ah->ar_pro = htons(ETHERTYPE_IP);
551 ah->ar_hln = ifp->if_addrlen; /* hardware address length */
552 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */
553 ah->ar_op = htons(ARPOP_REQUEST);
554 memcpy(ar_sha(ah), saddr, ah->ar_hln);
555 if (taddr == NULL)
556 m->m_flags |= M_BCAST;
557 else
558 memcpy(ar_tha(ah), taddr, ah->ar_hln);
559 memcpy(ar_spa(ah), sip, ah->ar_pln);
560 memcpy(ar_tpa(ah), tip, ah->ar_pln);
561 sa.sa_family = AF_ARP;
562 sa.sa_len = 2;
563 arps = ARP_STAT_GETREF();
564 arps[ARP_STAT_SNDTOTAL]++;
565 arps[ARP_STAT_SENDREQUEST]++;
566 ARP_STAT_PUTREF();
567 if_output_lock(ifp, ifp, m, &sa, NULL);
568 }
569
570 void
571 arpannounce(struct ifnet *ifp, struct ifaddr *ifa, const uint8_t *enaddr)
572 {
573 struct in_ifaddr *ia = ifatoia(ifa);
574 struct in_addr *ip = &IA_SIN(ifa)->sin_addr;
575
576 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) {
577 ARPLOG(LOG_DEBUG, "%s not ready\n", ARPLOGADDR(ip));
578 return;
579 }
580 arprequest(ifp, ip, ip, enaddr, NULL);
581 }
582
583 static void
584 arpannounce1(struct ifaddr *ifa)
585 {
586
587 arpannounce(ifa->ifa_ifp, ifa, CLLADDR(ifa->ifa_ifp->if_sadl));
588 }
589
590 /*
591 * Resolve an IP address into an ethernet address. If success, desten is
592 * filled in. If there is no entry in arptab, set one up and broadcast a
593 * request for the IP address. Hold onto this mbuf and resend it once the
594 * address is finally resolved.
595 *
596 * A return value of 0 indicates that desten has been filled in and the packet
597 * should be sent normally; a return value of EWOULDBLOCK indicates that the
598 * packet has been held pending resolution. Any other value indicates an
599 * error.
600 */
601 int
602 arpresolve(struct ifnet *ifp, const struct rtentry *rt, struct mbuf *m,
603 const struct sockaddr *dst, void *desten, size_t destlen)
604 {
605 struct llentry *la;
606 const char *create_lookup;
607 int error;
608
609 #if NCARP > 0
610 if (rt != NULL && rt->rt_ifp->if_type == IFT_CARP)
611 ifp = rt->rt_ifp;
612 #endif
613
614 KASSERT(m != NULL);
615
616 la = arplookup(ifp, NULL, dst, 0);
617 if (la == NULL)
618 goto notfound;
619
620 if (la->la_flags & LLE_VALID && la->ln_state == ND_LLINFO_REACHABLE) {
621 KASSERT(destlen >= ifp->if_addrlen);
622 memcpy(desten, &la->ll_addr, ifp->if_addrlen);
623 LLE_RUNLOCK(la);
624 return 0;
625 }
626
627 notfound:
628 if (ifp->if_flags & IFF_NOARP) {
629 if (la != NULL)
630 LLE_RUNLOCK(la);
631 error = ENOTSUP;
632 goto bad;
633 }
634
635 if (la == NULL) {
636 struct rtentry *_rt;
637
638 create_lookup = "create";
639 _rt = rtalloc1(dst, 0);
640 IF_AFDATA_WLOCK(ifp);
641 la = lla_create(LLTABLE(ifp), LLE_EXCLUSIVE, dst, _rt);
642 IF_AFDATA_WUNLOCK(ifp);
643 if (_rt != NULL)
644 rt_unref(_rt);
645 if (la == NULL)
646 ARP_STATINC(ARP_STAT_ALLOCFAIL);
647 else
648 la->ln_state = ND_LLINFO_NOSTATE;
649 } else if (LLE_TRY_UPGRADE(la) == 0) {
650 create_lookup = "lookup";
651 LLE_RUNLOCK(la);
652 IF_AFDATA_RLOCK(ifp);
653 la = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst);
654 IF_AFDATA_RUNLOCK(ifp);
655 }
656
657 error = EINVAL;
658 if (la == NULL) {
659 log(LOG_DEBUG,
660 "%s: failed to %s llentry for %s on %s\n",
661 __func__, create_lookup, inet_ntoa(satocsin(dst)->sin_addr),
662 ifp->if_xname);
663 goto bad;
664 }
665
666 error = nd_resolve(la, rt, m, desten, destlen);
667 return error;
668
669 bad:
670 m_freem(m);
671 return error;
672 }
673
674 /*
675 * Common length and type checks are done here,
676 * then the protocol-specific routine is called.
677 */
678 void
679 arpintr(void *arg __unused)
680 {
681 struct mbuf *m;
682 struct arphdr *ar;
683 int s;
684 int arplen;
685 struct ifnet *rcvif;
686 bool badhrd;
687
688 SOFTNET_KERNEL_LOCK_UNLESS_NET_MPSAFE();
689 while ((m = pktq_dequeue(arp_pktq)) != NULL) {
690 if ((m->m_flags & M_PKTHDR) == 0)
691 panic("arpintr");
692
693 MCLAIM(m, &arpdomain.dom_mowner);
694 ARP_STATINC(ARP_STAT_RCVTOTAL);
695
696 if (__predict_false(m->m_len < sizeof(*ar))) {
697 if ((m = m_pullup(m, sizeof(*ar))) == NULL)
698 goto badlen;
699 }
700 ar = mtod(m, struct arphdr *);
701 KASSERT(ACCESSIBLE_POINTER(ar, struct arphdr));
702
703 rcvif = m_get_rcvif(m, &s);
704 if (__predict_false(rcvif == NULL)) {
705 ARP_STATINC(ARP_STAT_RCVNOINT);
706 goto free;
707 }
708
709 /*
710 * We don't want non-IEEE1394 ARP packets on IEEE1394
711 * interfaces, and vice versa. Our life depends on that.
712 */
713 if (ntohs(ar->ar_hrd) == ARPHRD_IEEE1394)
714 badhrd = rcvif->if_type != IFT_IEEE1394;
715 else
716 badhrd = rcvif->if_type == IFT_IEEE1394;
717
718 m_put_rcvif(rcvif, &s);
719
720 if (badhrd) {
721 ARP_STATINC(ARP_STAT_RCVBADPROTO);
722 goto free;
723 }
724
725 arplen = sizeof(*ar) + 2 * ar->ar_hln + 2 * ar->ar_pln;
726 if (__predict_false(m->m_len < arplen)) {
727 if ((m = m_pullup(m, arplen)) == NULL)
728 goto badlen;
729 ar = mtod(m, struct arphdr *);
730 KASSERT(ACCESSIBLE_POINTER(ar, struct arphdr));
731 }
732
733 switch (ntohs(ar->ar_pro)) {
734 case ETHERTYPE_IP:
735 case ETHERTYPE_IPTRAILERS:
736 in_arpinput(m);
737 continue;
738 default:
739 ARP_STATINC(ARP_STAT_RCVBADPROTO);
740 goto free;
741 }
742
743 badlen:
744 ARP_STATINC(ARP_STAT_RCVBADLEN);
745 free:
746 m_freem(m);
747 }
748 SOFTNET_KERNEL_UNLOCK_UNLESS_NET_MPSAFE();
749 return; /* XXX gcc */
750 }
751
752 /*
753 * ARP for Internet protocols on 10 Mb/s Ethernet. Algorithm is that given in
754 * RFC 826. In addition, a sanity check is performed on the sender protocol
755 * address, to catch impersonators.
756 *
757 * We no longer handle negotiations for use of trailer protocol: formerly, ARP
758 * replied for protocol type ETHERTYPE_TRAIL sent along with IP replies if we
759 * wanted trailers sent to us, and also sent them in response to IP replies.
760 * This allowed either end to announce the desire to receive trailer packets.
761 *
762 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either, but
763 * formerly didn't normally send requests.
764 */
765 static void
766 in_arpinput(struct mbuf *m)
767 {
768 struct arphdr *ah;
769 struct ifnet *ifp, *rcvif = NULL;
770 struct llentry *la = NULL;
771 struct in_ifaddr *ia = NULL;
772 #if NBRIDGE > 0
773 struct in_ifaddr *bridge_ia = NULL;
774 #endif
775 #if NCARP > 0
776 uint32_t count = 0, index = 0;
777 #endif
778 struct sockaddr sa;
779 struct in_addr isaddr, itaddr, myaddr;
780 int op, rt_cmd, new_state = 0;
781 void *tha;
782 uint64_t *arps;
783 struct psref psref, psref_ia;
784 int s;
785 char ipbuf[INET_ADDRSTRLEN];
786 bool find_source, do_dad;
787
788 if (__predict_false(m_makewritable(&m, 0, m->m_pkthdr.len, M_DONTWAIT)))
789 goto out;
790 ah = mtod(m, struct arphdr *);
791 op = ntohs(ah->ar_op);
792
793 if (ah->ar_pln != sizeof(struct in_addr))
794 goto out;
795
796 ifp = if_get_bylla(ar_sha(ah), ah->ar_hln, &psref);
797 if (ifp) {
798 /* it's from me, ignore it. */
799 if_put(ifp, &psref);
800 ARP_STATINC(ARP_STAT_RCVLOCALSHA);
801 goto out;
802 }
803
804 rcvif = ifp = m_get_rcvif_psref(m, &psref);
805 if (__predict_false(rcvif == NULL))
806 goto out;
807 if (rcvif->if_flags & IFF_NOARP)
808 goto out;
809
810 memcpy(&isaddr, ar_spa(ah), sizeof(isaddr));
811 memcpy(&itaddr, ar_tpa(ah), sizeof(itaddr));
812
813 if (m->m_flags & (M_BCAST|M_MCAST))
814 ARP_STATINC(ARP_STAT_RCVMCAST);
815
816 /*
817 * Search for a matching interface address
818 * or any address on the interface to use
819 * as a dummy address in the rest of this function.
820 *
821 * First try and find the source address for early
822 * duplicate address detection.
823 */
824 if (in_nullhost(isaddr)) {
825 if (in_nullhost(itaddr)) /* very bogus ARP */
826 goto out;
827 find_source = false;
828 myaddr = itaddr;
829 } else {
830 find_source = true;
831 myaddr = isaddr;
832 }
833 s = pserialize_read_enter();
834 again:
835 IN_ADDRHASH_READER_FOREACH(ia, myaddr.s_addr) {
836 if (!in_hosteq(ia->ia_addr.sin_addr, myaddr))
837 continue;
838 #if NCARP > 0
839 if (ia->ia_ifp->if_type == IFT_CARP &&
840 ((ia->ia_ifp->if_flags & (IFF_UP|IFF_RUNNING)) ==
841 (IFF_UP|IFF_RUNNING))) {
842 index++;
843 /* XXX: ar_hln? */
844 if (ia->ia_ifp == rcvif && (ah->ar_hln >= 6) &&
845 carp_iamatch(ia, ar_sha(ah),
846 &count, index)) {
847 break;
848 }
849 } else
850 #endif
851 if (ia->ia_ifp == rcvif)
852 break;
853 #if NBRIDGE > 0
854 /*
855 * If the interface we received the packet on
856 * is part of a bridge, check to see if we need
857 * to "bridge" the packet to ourselves at this
858 * layer. Note we still prefer a perfect match,
859 * but allow this weaker match if necessary.
860 */
861 if (rcvif->if_bridge != NULL &&
862 rcvif->if_bridge == ia->ia_ifp->if_bridge)
863 bridge_ia = ia;
864 #endif
865 }
866
867 #if NBRIDGE > 0
868 if (ia == NULL && bridge_ia != NULL) {
869 ia = bridge_ia;
870 m_put_rcvif_psref(rcvif, &psref);
871 rcvif = NULL;
872 /* FIXME */
873 ifp = bridge_ia->ia_ifp;
874 }
875 #endif
876
877 /* If we failed to find the source address then find
878 * the target address. */
879 if (ia == NULL && find_source && !in_nullhost(itaddr)) {
880 find_source = false;
881 myaddr = itaddr;
882 goto again;
883 }
884
885 if (ia != NULL)
886 ia4_acquire(ia, &psref_ia);
887 pserialize_read_exit(s);
888
889 if (ah->ar_hln != ifp->if_addrlen) {
890 ARP_STATINC(ARP_STAT_RCVBADLEN);
891 log(LOG_WARNING,
892 "arp from %s: addr len: new %d, i/f %d (ignored)\n",
893 IN_PRINT(ipbuf, &isaddr), ah->ar_hln, ifp->if_addrlen);
894 goto out;
895 }
896
897 /* Only do DaD if we have a matching address. */
898 do_dad = (ia != NULL);
899
900 if (ia == NULL) {
901 ia = in_get_ia_on_iface_psref(isaddr, rcvif, &psref_ia);
902 if (ia == NULL) {
903 ia = in_get_ia_from_ifp_psref(ifp, &psref_ia);
904 if (ia == NULL) {
905 ARP_STATINC(ARP_STAT_RCVNOINT);
906 goto out;
907 }
908 }
909 }
910
911 myaddr = ia->ia_addr.sin_addr;
912
913 /* XXX checks for bridge case? */
914 if (!memcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) {
915 ARP_STATINC(ARP_STAT_RCVBCASTSHA);
916 log(LOG_ERR,
917 "%s: arp: link address is broadcast for IP address %s!\n",
918 ifp->if_xname, IN_PRINT(ipbuf, &isaddr));
919 goto out;
920 }
921
922 /*
923 * If the source IP address is zero, this is an RFC 5227 ARP probe
924 */
925 if (in_nullhost(isaddr))
926 ARP_STATINC(ARP_STAT_RCVZEROSPA);
927 else if (in_hosteq(isaddr, myaddr))
928 ARP_STATINC(ARP_STAT_RCVLOCALSPA);
929
930 if (in_nullhost(itaddr))
931 ARP_STATINC(ARP_STAT_RCVZEROTPA);
932
933 /*
934 * DAD check, RFC 5227.
935 * ARP sender hardware address must match the interface
936 * address of the interface sending the packet.
937 * Collision on sender address is always a duplicate.
938 * Collision on target address is only a duplicate
939 * IF the sender address is the null host (ie a DAD probe)
940 * AND the message was broadcast
941 * AND our address is either tentative or duplicated
942 * If it was unicast then it's a valid Unicast Poll from RFC 1122.
943 */
944 if (do_dad &&
945 (in_hosteq(isaddr, myaddr) ||
946 (in_nullhost(isaddr) && in_hosteq(itaddr, myaddr) &&
947 m->m_flags & M_BCAST &&
948 ia->ia4_flags & (IN_IFF_TENTATIVE | IN_IFF_DUPLICATED))))
949 {
950 struct m_tag *mtag;
951
952 mtag = m_tag_find(m, PACKET_TAG_ETHERNET_SRC);
953 if (mtag == NULL || (ah->ar_hln == ETHER_ADDR_LEN &&
954 memcmp(mtag + 1, ar_sha(ah), ah->ar_hln) == 0)) {
955 struct sockaddr_dl sdl, *sdlp;
956
957 sdlp = sockaddr_dl_init(&sdl, sizeof(sdl),
958 ifp->if_index, ifp->if_type,
959 NULL, 0, ar_sha(ah), ah->ar_hln);
960 arp_dad_duplicated((struct ifaddr *)ia, sdlp);
961 goto out;
962 }
963 }
964
965 /*
966 * If the target IP address is zero, ignore the packet.
967 * This prevents the code below from trying to answer
968 * when we are using IP address zero (booting).
969 */
970 if (in_nullhost(itaddr))
971 goto out;
972
973 if (in_nullhost(isaddr))
974 goto reply;
975
976 if (in_hosteq(itaddr, myaddr))
977 la = arpcreate(ifp, &isaddr, NULL, 1);
978 else
979 la = arplookup(ifp, &isaddr, NULL, 1);
980 if (la == NULL)
981 goto reply;
982
983 if ((la->la_flags & LLE_VALID) &&
984 memcmp(ar_sha(ah), &la->ll_addr, ifp->if_addrlen))
985 {
986 char llabuf[LLA_ADDRSTRLEN], *llastr;
987
988 llastr = lla_snprintf(llabuf, sizeof(llabuf),
989 ar_sha(ah), ah->ar_hln);
990
991 if (la->la_flags & LLE_STATIC) {
992 ARP_STATINC(ARP_STAT_RCVOVERPERM);
993 if (!log_permanent_modify)
994 goto out;
995 log(LOG_INFO,
996 "%s tried to overwrite permanent arp info"
997 " for %s\n", llastr, IN_PRINT(ipbuf, &isaddr));
998 goto out;
999 } else if (la->lle_tbl->llt_ifp != ifp) {
1000 /* XXX should not happen? */
1001 ARP_STATINC(ARP_STAT_RCVOVERINT);
1002 if (!log_wrong_iface)
1003 goto out;
1004 log(LOG_INFO,
1005 "%s on %s tried to overwrite "
1006 "arp info for %s on %s\n",
1007 llastr,
1008 ifp->if_xname, IN_PRINT(ipbuf, &isaddr),
1009 la->lle_tbl->llt_ifp->if_xname);
1010 goto out;
1011 } else {
1012 ARP_STATINC(ARP_STAT_RCVOVER);
1013 if (log_movements)
1014 log(LOG_INFO, "arp info overwritten "
1015 "for %s by %s\n",
1016 IN_PRINT(ipbuf, &isaddr), llastr);
1017 }
1018 rt_cmd = RTM_CHANGE;
1019 new_state = ND_LLINFO_STALE;
1020 } else {
1021 if (op == ARPOP_REPLY && in_hosteq(itaddr, myaddr)) {
1022 /* This was a solicited ARP reply. */
1023 la->ln_byhint = 0;
1024 new_state = ND_LLINFO_REACHABLE;
1025 }
1026 rt_cmd = la->la_flags & LLE_VALID ? 0 : RTM_ADD;
1027 }
1028
1029 KASSERT(ifp->if_sadl->sdl_alen == ifp->if_addrlen);
1030
1031 KASSERT(sizeof(la->ll_addr) >= ifp->if_addrlen);
1032 memcpy(&la->ll_addr, ar_sha(ah), ifp->if_addrlen);
1033 la->la_flags |= LLE_VALID;
1034 la->ln_asked = 0;
1035 if (new_state != 0) {
1036 la->ln_state = new_state;
1037
1038 if (new_state != ND_LLINFO_REACHABLE ||
1039 !(la->la_flags & LLE_STATIC))
1040 {
1041 int timer = ND_TIMER_GC;
1042
1043 if (new_state == ND_LLINFO_REACHABLE)
1044 timer = ND_TIMER_REACHABLE;
1045 nd_set_timer(la, timer);
1046 }
1047 }
1048
1049 if (rt_cmd != 0) {
1050 struct sockaddr_in sin;
1051
1052 sockaddr_in_init(&sin, &la->r_l3addr.addr4, 0);
1053 rt_clonedmsg(rt_cmd, NULL, sintosa(&sin), ar_sha(ah), ifp);
1054 }
1055
1056 if (la->la_hold != NULL) {
1057 int n = la->la_numheld;
1058 struct mbuf *m_hold, *m_hold_next;
1059 struct sockaddr_in sin;
1060
1061 sockaddr_in_init(&sin, &la->r_l3addr.addr4, 0);
1062
1063 m_hold = la->la_hold;
1064 la->la_hold = NULL;
1065 la->la_numheld = 0;
1066 /*
1067 * We have to unlock here because if_output would call
1068 * arpresolve
1069 */
1070 LLE_WUNLOCK(la);
1071 ARP_STATADD(ARP_STAT_DFRSENT, n);
1072 ARP_STATADD(ARP_STAT_DFRTOTAL, n);
1073 for (; m_hold != NULL; m_hold = m_hold_next) {
1074 m_hold_next = m_hold->m_nextpkt;
1075 m_hold->m_nextpkt = NULL;
1076 if_output_lock(ifp, ifp, m_hold, sintosa(&sin), NULL);
1077 }
1078 } else
1079 LLE_WUNLOCK(la);
1080 la = NULL;
1081
1082 reply:
1083 if (la != NULL) {
1084 LLE_WUNLOCK(la);
1085 la = NULL;
1086 }
1087 if (op != ARPOP_REQUEST) {
1088 if (op == ARPOP_REPLY)
1089 ARP_STATINC(ARP_STAT_RCVREPLY);
1090 goto out;
1091 }
1092 ARP_STATINC(ARP_STAT_RCVREQUEST);
1093 if (in_hosteq(itaddr, myaddr)) {
1094 /* If our address is unusable, don't reply */
1095 if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED))
1096 goto out;
1097 /* I am the target */
1098 tha = ar_tha(ah);
1099 if (tha)
1100 memcpy(tha, ar_sha(ah), ah->ar_hln);
1101 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln);
1102 } else {
1103 /* Proxy ARP */
1104 struct llentry *lle = NULL;
1105 struct sockaddr_in sin;
1106
1107 #if NCARP > 0
1108 if (ifp->if_type == IFT_CARP) {
1109 struct ifnet *_rcvif = m_get_rcvif(m, &s);
1110 int iftype = 0;
1111 if (__predict_true(_rcvif != NULL))
1112 iftype = _rcvif->if_type;
1113 m_put_rcvif(_rcvif, &s);
1114 if (iftype != IFT_CARP)
1115 goto out;
1116 }
1117 #endif
1118
1119 tha = ar_tha(ah);
1120
1121 sockaddr_in_init(&sin, &itaddr, 0);
1122
1123 IF_AFDATA_RLOCK(ifp);
1124 lle = lla_lookup(LLTABLE(ifp), 0, (struct sockaddr *)&sin);
1125 IF_AFDATA_RUNLOCK(ifp);
1126
1127 if ((lle != NULL) && (lle->la_flags & LLE_PUB)) {
1128 if (tha)
1129 memcpy(tha, ar_sha(ah), ah->ar_hln);
1130 memcpy(ar_sha(ah), &lle->ll_addr, ah->ar_hln);
1131 LLE_RUNLOCK(lle);
1132 } else {
1133 if (lle != NULL)
1134 LLE_RUNLOCK(lle);
1135 goto out;
1136 }
1137 }
1138 ia4_release(ia, &psref_ia);
1139
1140 /*
1141 * XXX XXX: Here we're recycling the mbuf. But the mbuf could have
1142 * other mbufs in its chain, and just overwriting m->m_pkthdr.len
1143 * would be wrong in this case (the length becomes smaller than the
1144 * real chain size).
1145 *
1146 * This can theoretically cause bugs in the lower layers (drivers,
1147 * and L2encap), in some corner cases.
1148 */
1149 memcpy(ar_tpa(ah), ar_spa(ah), ah->ar_pln);
1150 memcpy(ar_spa(ah), &itaddr, ah->ar_pln);
1151 ah->ar_op = htons(ARPOP_REPLY);
1152 ah->ar_pro = htons(ETHERTYPE_IP); /* let's be sure! */
1153 switch (ifp->if_type) {
1154 case IFT_IEEE1394:
1155 /* ieee1394 arp reply is broadcast */
1156 m->m_flags &= ~M_MCAST;
1157 m->m_flags |= M_BCAST;
1158 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + ah->ar_hln;
1159 break;
1160 default:
1161 m->m_flags &= ~(M_BCAST|M_MCAST); /* never reply by broadcast */
1162 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + (2 * ah->ar_hln);
1163 break;
1164 }
1165 m->m_pkthdr.len = m->m_len;
1166 sa.sa_family = AF_ARP;
1167 sa.sa_len = 2;
1168 arps = ARP_STAT_GETREF();
1169 arps[ARP_STAT_SNDTOTAL]++;
1170 arps[ARP_STAT_SNDREPLY]++;
1171 ARP_STAT_PUTREF();
1172 if_output_lock(ifp, ifp, m, &sa, NULL);
1173 if (rcvif != NULL)
1174 m_put_rcvif_psref(rcvif, &psref);
1175 return;
1176
1177 out:
1178 if (la != NULL)
1179 LLE_WUNLOCK(la);
1180 if (ia != NULL)
1181 ia4_release(ia, &psref_ia);
1182 if (rcvif != NULL)
1183 m_put_rcvif_psref(rcvif, &psref);
1184 m_freem(m);
1185 }
1186
1187 /*
1188 * Lookup or a new address in arptab.
1189 */
1190 struct llentry *
1191 arplookup(struct ifnet *ifp, const struct in_addr *addr,
1192 const struct sockaddr *sa, int wlock)
1193 {
1194 struct sockaddr_in sin;
1195 struct llentry *la;
1196 int flags = wlock ? LLE_EXCLUSIVE : 0;
1197
1198 if (sa == NULL) {
1199 KASSERT(addr != NULL);
1200 sockaddr_in_init(&sin, addr, 0);
1201 sa = sintocsa(&sin);
1202 }
1203
1204 IF_AFDATA_RLOCK(ifp);
1205 la = lla_lookup(LLTABLE(ifp), flags, sa);
1206 IF_AFDATA_RUNLOCK(ifp);
1207
1208 return la;
1209 }
1210
1211 static struct llentry *
1212 arpcreate(struct ifnet *ifp, const struct in_addr *addr,
1213 const struct sockaddr *sa, int wlock)
1214 {
1215 struct sockaddr_in sin;
1216 struct llentry *la;
1217 int flags = wlock ? LLE_EXCLUSIVE : 0;
1218
1219 if (sa == NULL) {
1220 KASSERT(addr != NULL);
1221 sockaddr_in_init(&sin, addr, 0);
1222 sa = sintocsa(&sin);
1223 }
1224
1225 la = arplookup(ifp, addr, sa, wlock);
1226
1227 if (la == NULL) {
1228 struct rtentry *rt;
1229
1230 rt = rtalloc1(sa, 0);
1231 IF_AFDATA_WLOCK(ifp);
1232 la = lla_create(LLTABLE(ifp), flags, sa, rt);
1233 IF_AFDATA_WUNLOCK(ifp);
1234 if (rt != NULL)
1235 rt_unref(rt);
1236
1237 if (la != NULL)
1238 la->ln_state = ND_LLINFO_NOSTATE;
1239 }
1240
1241 return la;
1242 }
1243
1244 int
1245 arpioctl(u_long cmd, void *data)
1246 {
1247
1248 return EOPNOTSUPP;
1249 }
1250
1251 void
1252 arp_ifinit(struct ifnet *ifp, struct ifaddr *ifa)
1253 {
1254 struct in_ifaddr *ia = (struct in_ifaddr *)ifa;
1255
1256 ifa->ifa_rtrequest = arp_rtrequest;
1257 ifa->ifa_flags |= RTF_CONNECTED;
1258
1259 /* ARP will handle DAD for this address. */
1260 if (in_nullhost(IA_SIN(ifa)->sin_addr)) {
1261 if (ia->ia_dad_stop != NULL) /* safety */
1262 ia->ia_dad_stop(ifa);
1263 ia->ia_dad_start = NULL;
1264 ia->ia_dad_stop = NULL;
1265 ia->ia4_flags &= ~IN_IFF_TENTATIVE;
1266 } else {
1267 ia->ia_dad_start = arp_dad_start;
1268 ia->ia_dad_stop = arp_dad_stop;
1269 if (ia->ia4_flags & IN_IFF_TRYTENTATIVE && ip_dad_enabled())
1270 ia->ia4_flags |= IN_IFF_TENTATIVE;
1271 else
1272 arpannounce1(ifa);
1273 }
1274 }
1275
1276 static bool
1277 arp_nud_enabled(__unused struct ifnet *ifp)
1278 {
1279
1280 return arp_perform_nud != 0;
1281 }
1282
1283 static unsigned int
1284 arp_llinfo_reachable(__unused struct ifnet *ifp)
1285 {
1286
1287 return arp_reachable;
1288 }
1289
1290 static unsigned int
1291 arp_llinfo_retrans(__unused struct ifnet *ifp)
1292 {
1293
1294 return arp_retrans;
1295 }
1296
1297 /*
1298 * Gets source address of the first packet in hold queue
1299 * and stores it in @src.
1300 * Returns pointer to @src (if hold queue is not empty) or NULL.
1301 */
1302 static union l3addr *
1303 arp_llinfo_holdsrc(struct llentry *ln, union l3addr *src)
1304 {
1305 struct ip *ip;
1306
1307 if (ln == NULL || ln->ln_hold == NULL)
1308 return NULL;
1309
1310 /*
1311 * assuming every packet in ln_hold has the same IP header
1312 */
1313 ip = mtod(ln->ln_hold, struct ip *);
1314 /* XXX pullup? */
1315 if (sizeof(*ip) < ln->ln_hold->m_len)
1316 src->addr4 = ip->ip_src;
1317 else
1318 src = NULL;
1319
1320 return src;
1321 }
1322
1323 static void
1324 arp_llinfo_output(struct ifnet *ifp, __unused const union l3addr *daddr,
1325 const union l3addr *taddr, const uint8_t *tlladdr,
1326 const union l3addr *hsrc)
1327 {
1328 struct in_addr tip = taddr->addr4, sip = zeroin_addr;
1329 const uint8_t *slladdr = CLLADDR(ifp->if_sadl);
1330
1331 if (hsrc != NULL) {
1332 struct in_ifaddr *ia;
1333 struct psref psref;
1334
1335 ia = in_get_ia_on_iface_psref(hsrc->addr4, ifp, &psref);
1336 if (ia != NULL) {
1337 sip = hsrc->addr4;
1338 ia4_release(ia, &psref);
1339 }
1340 }
1341
1342 if (sip.s_addr == INADDR_ANY) {
1343 struct sockaddr_in dst;
1344 struct rtentry *rt;
1345
1346 sockaddr_in_init(&dst, &tip, 0);
1347 rt = rtalloc1(sintosa(&dst), 0);
1348 if (rt != NULL) {
1349 if (rt->rt_ifp == ifp &&
1350 rt->rt_ifa != NULL &&
1351 rt->rt_ifa->ifa_addr->sa_family == AF_INET)
1352 sip = satosin(rt->rt_ifa->ifa_addr)->sin_addr;
1353 rt_unref(rt);
1354 }
1355 if (sip.s_addr == INADDR_ANY) {
1356 char ipbuf[INET_ADDRSTRLEN];
1357
1358 log(LOG_DEBUG, "source can't be "
1359 "determined: dst=%s\n",
1360 IN_PRINT(ipbuf, &tip));
1361 return;
1362 }
1363 }
1364
1365 arprequest(ifp, &sip, &tip, slladdr, tlladdr);
1366 }
1367
1368
1369 static void
1370 arp_llinfo_missed(struct ifnet *ifp, const union l3addr *taddr,
1371 __unused int16_t type, struct mbuf *m)
1372 {
1373 struct in_addr mdaddr = zeroin_addr;
1374 struct sockaddr_in dsin, tsin;
1375 struct sockaddr *sa;
1376
1377 if (m != NULL) {
1378 struct ip *ip = mtod(m, struct ip *);
1379
1380 if (sizeof(*ip) < m->m_len)
1381 mdaddr = ip->ip_src;
1382
1383 /* ip_input() will send ICMP_UNREACH_HOST, not us. */
1384 m_freem(m);
1385 }
1386
1387 if (mdaddr.s_addr != INADDR_ANY) {
1388 sockaddr_in_init(&dsin, &mdaddr, 0);
1389 sa = sintosa(&dsin);
1390 } else
1391 sa = NULL;
1392
1393 sockaddr_in_init(&tsin, &taddr->addr4, 0);
1394 rt_clonedmsg(RTM_MISS, sa, sintosa(&tsin), NULL, ifp);
1395 }
1396
1397 static void
1398 arp_free(struct llentry *ln, int gc)
1399 {
1400 struct ifnet *ifp;
1401
1402 KASSERT(ln != NULL);
1403 LLE_WLOCK_ASSERT(ln);
1404
1405 ifp = ln->lle_tbl->llt_ifp;
1406
1407 if (ln->la_flags & LLE_VALID || gc) {
1408 struct sockaddr_in sin;
1409 const char *lladdr;
1410
1411 sockaddr_in_init(&sin, &ln->r_l3addr.addr4, 0);
1412 lladdr = ln->la_flags & LLE_VALID ?
1413 (const char *)&ln->ll_addr : NULL;
1414 rt_clonedmsg(RTM_DELETE, NULL, sintosa(&sin), lladdr, ifp);
1415 }
1416
1417 /*
1418 * Save to unlock. We still hold an extra reference and will not
1419 * free(9) in llentry_free() if someone else holds one as well.
1420 */
1421 LLE_WUNLOCK(ln);
1422 IF_AFDATA_LOCK(ifp);
1423 LLE_WLOCK(ln);
1424
1425 lltable_free_entry(LLTABLE(ifp), ln);
1426
1427 IF_AFDATA_UNLOCK(ifp);
1428 }
1429
1430 /*
1431 * Upper-layer reachability hint for Neighbor Unreachability Detection.
1432 *
1433 * XXX cost-effective methods?
1434 */
1435 void
1436 arp_nud_hint(struct rtentry *rt)
1437 {
1438 struct llentry *ln;
1439 struct ifnet *ifp;
1440
1441 if (rt == NULL)
1442 return;
1443
1444 ifp = rt->rt_ifp;
1445 ln = arplookup(ifp, NULL, rt_getkey(rt), 1);
1446 nd_nud_hint(ln);
1447 }
1448
1449 TAILQ_HEAD(dadq_head, dadq);
1450 struct dadq {
1451 TAILQ_ENTRY(dadq) dad_list;
1452 struct ifaddr *dad_ifa;
1453 int dad_count; /* max ARP to send */
1454 int dad_arp_tcount; /* # of trials to send ARP */
1455 int dad_arp_ocount; /* ARP sent so far */
1456 int dad_arp_announce; /* max ARP announcements */
1457 int dad_arp_acount; /* # of announcements */
1458 struct callout dad_timer_ch;
1459 };
1460
1461 static struct dadq_head dadq;
1462 static int dad_maxtry = 15; /* max # of *tries* to transmit DAD packet */
1463 static kmutex_t arp_dad_lock;
1464
1465 static void
1466 arp_dad_init(void)
1467 {
1468
1469 TAILQ_INIT(&dadq);
1470 mutex_init(&arp_dad_lock, MUTEX_DEFAULT, IPL_NONE);
1471 }
1472
1473 static struct dadq *
1474 arp_dad_find(struct ifaddr *ifa)
1475 {
1476 struct dadq *dp;
1477
1478 KASSERT(mutex_owned(&arp_dad_lock));
1479
1480 TAILQ_FOREACH(dp, &dadq, dad_list) {
1481 if (dp->dad_ifa == ifa)
1482 return dp;
1483 }
1484 return NULL;
1485 }
1486
1487 static void
1488 arp_dad_starttimer(struct dadq *dp, int ticks)
1489 {
1490
1491 callout_reset(&dp->dad_timer_ch, ticks,
1492 (void (*)(void *))arp_dad_timer, dp);
1493 }
1494
1495 static void
1496 arp_dad_stoptimer(struct dadq *dp)
1497 {
1498
1499 KASSERT(mutex_owned(&arp_dad_lock));
1500
1501 TAILQ_REMOVE(&dadq, dp, dad_list);
1502 /* Tell the timer that dp is being destroyed. */
1503 dp->dad_ifa = NULL;
1504 callout_halt(&dp->dad_timer_ch, &arp_dad_lock);
1505 }
1506
1507 static void
1508 arp_dad_destroytimer(struct dadq *dp)
1509 {
1510
1511 callout_destroy(&dp->dad_timer_ch);
1512 KASSERT(dp->dad_ifa == NULL);
1513 kmem_intr_free(dp, sizeof(*dp));
1514 }
1515
1516 static void
1517 arp_dad_output(struct dadq *dp, struct ifaddr *ifa)
1518 {
1519 struct in_ifaddr *ia = (struct in_ifaddr *)ifa;
1520 struct ifnet *ifp = ifa->ifa_ifp;
1521 struct in_addr sip;
1522
1523 dp->dad_arp_tcount++;
1524 if ((ifp->if_flags & IFF_UP) == 0)
1525 return;
1526 if ((ifp->if_flags & IFF_RUNNING) == 0)
1527 return;
1528
1529 dp->dad_arp_tcount = 0;
1530 dp->dad_arp_ocount++;
1531
1532 memset(&sip, 0, sizeof(sip));
1533 arprequest(ifa->ifa_ifp, &sip, &ia->ia_addr.sin_addr,
1534 CLLADDR(ifa->ifa_ifp->if_sadl), NULL);
1535 }
1536
1537 /*
1538 * Start Duplicate Address Detection (DAD) for specified interface address.
1539 */
1540 static void
1541 arp_dad_start(struct ifaddr *ifa)
1542 {
1543 struct in_ifaddr *ia = (struct in_ifaddr *)ifa;
1544 struct dadq *dp;
1545 char ipbuf[INET_ADDRSTRLEN];
1546
1547 /*
1548 * If we don't need DAD, don't do it.
1549 * - DAD is disabled
1550 */
1551 if (!(ia->ia4_flags & IN_IFF_TENTATIVE)) {
1552 log(LOG_DEBUG,
1553 "%s: called with non-tentative address %s(%s)\n", __func__,
1554 IN_PRINT(ipbuf, &ia->ia_addr.sin_addr),
1555 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1556 return;
1557 }
1558 if (!ip_dad_enabled()) {
1559 ia->ia4_flags &= ~IN_IFF_TENTATIVE;
1560 rt_addrmsg(RTM_NEWADDR, ifa);
1561 arpannounce1(ifa);
1562 return;
1563 }
1564 KASSERT(ifa->ifa_ifp != NULL);
1565 if (!(ifa->ifa_ifp->if_flags & IFF_UP))
1566 return;
1567
1568 dp = kmem_intr_alloc(sizeof(*dp), KM_NOSLEEP);
1569
1570 mutex_enter(&arp_dad_lock);
1571 if (arp_dad_find(ifa) != NULL) {
1572 mutex_exit(&arp_dad_lock);
1573 /* DAD already in progress */
1574 if (dp != NULL)
1575 kmem_intr_free(dp, sizeof(*dp));
1576 return;
1577 }
1578
1579 if (dp == NULL) {
1580 mutex_exit(&arp_dad_lock);
1581 log(LOG_ERR, "%s: memory allocation failed for %s(%s)\n",
1582 __func__, IN_PRINT(ipbuf, &ia->ia_addr.sin_addr),
1583 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1584 return;
1585 }
1586
1587 /*
1588 * Send ARP packet for DAD, ip_dad_count times.
1589 * Note that we must delay the first transmission.
1590 */
1591 callout_init(&dp->dad_timer_ch, CALLOUT_MPSAFE);
1592 dp->dad_ifa = ifa;
1593 ifaref(ifa); /* just for safety */
1594 dp->dad_count = ip_dad_count;
1595 dp->dad_arp_announce = 0; /* Will be set when starting to announce */
1596 dp->dad_arp_acount = dp->dad_arp_ocount = dp->dad_arp_tcount = 0;
1597 TAILQ_INSERT_TAIL(&dadq, (struct dadq *)dp, dad_list);
1598
1599 ARPLOG(LOG_DEBUG, "%s: starting DAD for %s\n", if_name(ifa->ifa_ifp),
1600 ARPLOGADDR(&ia->ia_addr.sin_addr));
1601
1602 arp_dad_starttimer(dp, cprng_fast32() % (PROBE_WAIT * hz));
1603
1604 mutex_exit(&arp_dad_lock);
1605 }
1606
1607 /*
1608 * terminate DAD unconditionally. used for address removals.
1609 */
1610 static void
1611 arp_dad_stop(struct ifaddr *ifa)
1612 {
1613 struct dadq *dp;
1614
1615 mutex_enter(&arp_dad_lock);
1616 dp = arp_dad_find(ifa);
1617 if (dp == NULL) {
1618 mutex_exit(&arp_dad_lock);
1619 /* DAD wasn't started yet */
1620 return;
1621 }
1622
1623 arp_dad_stoptimer(dp);
1624
1625 mutex_exit(&arp_dad_lock);
1626
1627 arp_dad_destroytimer(dp);
1628 ifafree(ifa);
1629 }
1630
1631 static void
1632 arp_dad_timer(struct dadq *dp)
1633 {
1634 struct ifaddr *ifa;
1635 struct in_ifaddr *ia;
1636 char ipbuf[INET_ADDRSTRLEN];
1637 bool need_free = false;
1638
1639 KERNEL_LOCK_UNLESS_NET_MPSAFE();
1640 mutex_enter(&arp_dad_lock);
1641
1642 ifa = dp->dad_ifa;
1643 if (ifa == NULL) {
1644 /* dp is being destroyed by someone. Do nothing. */
1645 goto done;
1646 }
1647
1648 ia = (struct in_ifaddr *)ifa;
1649 if (ia->ia4_flags & IN_IFF_DUPLICATED) {
1650 log(LOG_ERR, "%s: called with duplicate address %s(%s)\n",
1651 __func__, IN_PRINT(ipbuf, &ia->ia_addr.sin_addr),
1652 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1653 goto done;
1654 }
1655 if ((ia->ia4_flags & IN_IFF_TENTATIVE) == 0 && dp->dad_arp_acount == 0)
1656 {
1657 log(LOG_ERR, "%s: called with non-tentative address %s(%s)\n",
1658 __func__, IN_PRINT(ipbuf, &ia->ia_addr.sin_addr),
1659 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1660 goto done;
1661 }
1662
1663 /* timeouted with IFF_{RUNNING,UP} check */
1664 if (dp->dad_arp_tcount > dad_maxtry) {
1665 ARPLOG(LOG_INFO, "%s: could not run DAD, driver problem?\n",
1666 if_name(ifa->ifa_ifp));
1667
1668 arp_dad_stoptimer(dp);
1669 need_free = true;
1670 goto done;
1671 }
1672
1673 /* Need more checks? */
1674 if (dp->dad_arp_ocount < dp->dad_count) {
1675 int adelay;
1676
1677 /*
1678 * We have more ARP to go. Send ARP packet for DAD.
1679 */
1680 arp_dad_output(dp, ifa);
1681 if (dp->dad_arp_ocount < dp->dad_count)
1682 adelay = (PROBE_MIN * hz) +
1683 (cprng_fast32() %
1684 ((PROBE_MAX * hz) - (PROBE_MIN * hz)));
1685 else
1686 adelay = ANNOUNCE_WAIT * hz;
1687 arp_dad_starttimer(dp, adelay);
1688 goto done;
1689 } else if (dp->dad_arp_acount == 0) {
1690 /*
1691 * We are done with DAD.
1692 * No duplicate address found.
1693 */
1694 ia->ia4_flags &= ~IN_IFF_TENTATIVE;
1695 rt_addrmsg(RTM_NEWADDR, ifa);
1696 ARPLOG(LOG_DEBUG,
1697 "%s: DAD complete for %s - no duplicates found\n",
1698 if_name(ifa->ifa_ifp), ARPLOGADDR(&ia->ia_addr.sin_addr));
1699 dp->dad_arp_announce = ANNOUNCE_NUM;
1700 goto announce;
1701 } else if (dp->dad_arp_acount < dp->dad_arp_announce) {
1702 announce:
1703 /*
1704 * Announce the address.
1705 */
1706 arpannounce1(ifa);
1707 dp->dad_arp_acount++;
1708 if (dp->dad_arp_acount < dp->dad_arp_announce) {
1709 arp_dad_starttimer(dp, ANNOUNCE_INTERVAL * hz);
1710 goto done;
1711 }
1712 ARPLOG(LOG_DEBUG,
1713 "%s: ARP announcement complete for %s\n",
1714 if_name(ifa->ifa_ifp), ARPLOGADDR(&ia->ia_addr.sin_addr));
1715 }
1716
1717 arp_dad_stoptimer(dp);
1718 need_free = true;
1719 done:
1720 mutex_exit(&arp_dad_lock);
1721
1722 if (need_free) {
1723 arp_dad_destroytimer(dp);
1724 KASSERT(ifa != NULL);
1725 ifafree(ifa);
1726 }
1727
1728 KERNEL_UNLOCK_UNLESS_NET_MPSAFE();
1729 }
1730
1731 static void
1732 arp_dad_duplicated(struct ifaddr *ifa, const struct sockaddr_dl *from)
1733 {
1734 struct in_ifaddr *ia = ifatoia(ifa);
1735 struct ifnet *ifp = ifa->ifa_ifp;
1736 char ipbuf[INET_ADDRSTRLEN], llabuf[LLA_ADDRSTRLEN];
1737 const char *iastr, *llastr;
1738
1739 iastr = IN_PRINT(ipbuf, &ia->ia_addr.sin_addr);
1740 if (__predict_false(from == NULL))
1741 llastr = NULL;
1742 else
1743 llastr = lla_snprintf(llabuf, sizeof(llabuf),
1744 CLLADDR(from), from->sdl_alen);
1745
1746 if (ia->ia4_flags & (IN_IFF_TENTATIVE|IN_IFF_DUPLICATED)) {
1747 log(LOG_ERR,
1748 "%s: DAD duplicate address %s from %s\n",
1749 if_name(ifp), iastr, llastr);
1750 } else if (ia->ia_dad_defended == 0 ||
1751 ia->ia_dad_defended < time_uptime - DEFEND_INTERVAL) {
1752 ia->ia_dad_defended = time_uptime;
1753 arpannounce1(ifa);
1754 log(LOG_ERR,
1755 "%s: DAD defended address %s from %s\n",
1756 if_name(ifp), iastr, llastr);
1757 return;
1758 } else {
1759 /* If DAD is disabled, just report the duplicate. */
1760 if (!ip_dad_enabled()) {
1761 log(LOG_ERR,
1762 "%s: DAD ignoring duplicate address %s from %s\n",
1763 if_name(ifp), iastr, llastr);
1764 return;
1765 }
1766 log(LOG_ERR,
1767 "%s: DAD defence failed for %s from %s\n",
1768 if_name(ifp), iastr, llastr);
1769 }
1770
1771 arp_dad_stop(ifa);
1772
1773 ia->ia4_flags &= ~IN_IFF_TENTATIVE;
1774 if ((ia->ia4_flags & IN_IFF_DUPLICATED) == 0) {
1775 ia->ia4_flags |= IN_IFF_DUPLICATED;
1776 /* Inform the routing socket of the duplicate address */
1777 rt_addrmsg_src(RTM_NEWADDR, ifa, (const struct sockaddr *)from);
1778 }
1779 }
1780
1781 /*
1782 * Called from 10 Mb/s Ethernet interrupt handlers
1783 * when ether packet type ETHERTYPE_REVARP
1784 * is received. Common length and type checks are done here,
1785 * then the protocol-specific routine is called.
1786 */
1787 void
1788 revarpinput(struct mbuf *m)
1789 {
1790 struct arphdr *ar;
1791 int arplen;
1792
1793 arplen = sizeof(struct arphdr);
1794 if (m->m_len < arplen && (m = m_pullup(m, arplen)) == NULL)
1795 return;
1796 ar = mtod(m, struct arphdr *);
1797
1798 if (ntohs(ar->ar_hrd) == ARPHRD_IEEE1394) {
1799 goto out;
1800 }
1801
1802 arplen = sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln);
1803 if (m->m_len < arplen && (m = m_pullup(m, arplen)) == NULL)
1804 return;
1805 ar = mtod(m, struct arphdr *);
1806
1807 switch (ntohs(ar->ar_pro)) {
1808 case ETHERTYPE_IP:
1809 case ETHERTYPE_IPTRAILERS:
1810 in_revarpinput(m);
1811 return;
1812
1813 default:
1814 break;
1815 }
1816
1817 out:
1818 m_freem(m);
1819 }
1820
1821 /*
1822 * RARP for Internet protocols on 10 Mb/s Ethernet.
1823 * Algorithm is that given in RFC 903.
1824 * We are only using for bootstrap purposes to get an ip address for one of
1825 * our interfaces. Thus we support no user-interface.
1826 *
1827 * Since the contents of the RARP reply are specific to the interface that
1828 * sent the request, this code must ensure that they are properly associated.
1829 *
1830 * Note: also supports ARP via RARP packets, per the RFC.
1831 */
1832 void
1833 in_revarpinput(struct mbuf *m)
1834 {
1835 struct arphdr *ah;
1836 void *tha;
1837 int op;
1838 struct ifnet *rcvif;
1839 int s;
1840
1841 ah = mtod(m, struct arphdr *);
1842 op = ntohs(ah->ar_op);
1843
1844 rcvif = m_get_rcvif(m, &s);
1845 if (__predict_false(rcvif == NULL))
1846 goto out;
1847 if (rcvif->if_flags & IFF_NOARP)
1848 goto out;
1849
1850 switch (rcvif->if_type) {
1851 case IFT_IEEE1394:
1852 /* ARP without target hardware address is not supported */
1853 goto out;
1854 default:
1855 break;
1856 }
1857
1858 switch (op) {
1859 case ARPOP_REQUEST:
1860 case ARPOP_REPLY: /* per RFC */
1861 m_put_rcvif(rcvif, &s);
1862 in_arpinput(m);
1863 return;
1864 case ARPOP_REVREPLY:
1865 break;
1866 case ARPOP_REVREQUEST: /* handled by rarpd(8) */
1867 default:
1868 goto out;
1869 }
1870 if (!revarp_in_progress)
1871 goto out;
1872 if (rcvif != myip_ifp) /* !same interface */
1873 goto out;
1874 if (myip_initialized)
1875 goto wake;
1876 tha = ar_tha(ah);
1877 if (tha == NULL)
1878 goto out;
1879 if (ah->ar_pln != sizeof(struct in_addr))
1880 goto out;
1881 if (ah->ar_hln != rcvif->if_sadl->sdl_alen)
1882 goto out;
1883 if (memcmp(tha, CLLADDR(rcvif->if_sadl), rcvif->if_sadl->sdl_alen))
1884 goto out;
1885 memcpy(&srv_ip, ar_spa(ah), sizeof(srv_ip));
1886 memcpy(&myip, ar_tpa(ah), sizeof(myip));
1887 myip_initialized = 1;
1888 wake: /* Do wakeup every time in case it was missed. */
1889 wakeup((void *)&myip);
1890
1891 out:
1892 m_put_rcvif(rcvif, &s);
1893 m_freem(m);
1894 }
1895
1896 /*
1897 * Send a RARP request for the ip address of the specified interface.
1898 * The request should be RFC 903-compliant.
1899 */
1900 static void
1901 revarprequest(struct ifnet *ifp)
1902 {
1903 struct sockaddr sa;
1904 struct mbuf *m;
1905 struct arphdr *ah;
1906 void *tha;
1907
1908 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL)
1909 return;
1910 MCLAIM(m, &arpdomain.dom_mowner);
1911 m->m_len = sizeof(*ah) + 2*sizeof(struct in_addr) +
1912 2*ifp->if_addrlen;
1913 m->m_pkthdr.len = m->m_len;
1914 m_align(m, m->m_len);
1915 ah = mtod(m, struct arphdr *);
1916 memset(ah, 0, m->m_len);
1917 ah->ar_pro = htons(ETHERTYPE_IP);
1918 ah->ar_hln = ifp->if_addrlen; /* hardware address length */
1919 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */
1920 ah->ar_op = htons(ARPOP_REVREQUEST);
1921
1922 memcpy(ar_sha(ah), CLLADDR(ifp->if_sadl), ah->ar_hln);
1923 tha = ar_tha(ah);
1924 if (tha == NULL) {
1925 m_free(m);
1926 return;
1927 }
1928 memcpy(tha, CLLADDR(ifp->if_sadl), ah->ar_hln);
1929
1930 sa.sa_family = AF_ARP;
1931 sa.sa_len = 2;
1932 m->m_flags |= M_BCAST;
1933
1934 if_output_lock(ifp, ifp, m, &sa, NULL);
1935 }
1936
1937 /*
1938 * RARP for the ip address of the specified interface, but also
1939 * save the ip address of the server that sent the answer.
1940 * Timeout if no response is received.
1941 */
1942 int
1943 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in,
1944 struct in_addr *clnt_in)
1945 {
1946 int result, count = 20;
1947
1948 myip_initialized = 0;
1949 myip_ifp = ifp;
1950
1951 revarp_in_progress = 1;
1952 while (count--) {
1953 revarprequest(ifp);
1954 result = tsleep((void *)&myip, PSOCK, "revarp", hz/2);
1955 if (result != EWOULDBLOCK)
1956 break;
1957 }
1958 revarp_in_progress = 0;
1959
1960 if (!myip_initialized)
1961 return ENETUNREACH;
1962
1963 memcpy(serv_in, &srv_ip, sizeof(*serv_in));
1964 memcpy(clnt_in, &myip, sizeof(*clnt_in));
1965 return 0;
1966 }
1967
1968 void
1969 arp_stat_add(int type, uint64_t count)
1970 {
1971 ARP_STATADD(type, count);
1972 }
1973
1974 static int
1975 sysctl_net_inet_arp_stats(SYSCTLFN_ARGS)
1976 {
1977
1978 return NETSTAT_SYSCTL(arpstat_percpu, ARP_NSTATS);
1979 }
1980
1981 static void
1982 sysctl_net_inet_arp_setup(struct sysctllog **clog)
1983 {
1984 const struct sysctlnode *node;
1985
1986 sysctl_createv(clog, 0, NULL, NULL,
1987 CTLFLAG_PERMANENT,
1988 CTLTYPE_NODE, "inet", NULL,
1989 NULL, 0, NULL, 0,
1990 CTL_NET, PF_INET, CTL_EOL);
1991 sysctl_createv(clog, 0, NULL, &node,
1992 CTLFLAG_PERMANENT,
1993 CTLTYPE_NODE, "arp",
1994 SYSCTL_DESCR("Address Resolution Protocol"),
1995 NULL, 0, NULL, 0,
1996 CTL_NET, PF_INET, CTL_CREATE, CTL_EOL);
1997
1998 sysctl_createv(clog, 0, NULL, NULL,
1999 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2000 CTLTYPE_INT, "nd_delay",
2001 SYSCTL_DESCR("First probe delay time"),
2002 NULL, 0, &arp_nd_domain.nd_delay, 0,
2003 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2004 sysctl_createv(clog, 0, NULL, NULL,
2005 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2006 CTLTYPE_INT, "nd_bmaxtries",
2007 SYSCTL_DESCR("Number of broadcast discovery attempts"),
2008 NULL, 0, &arp_nd_domain.nd_mmaxtries, 0,
2009 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2010 sysctl_createv(clog, 0, NULL, NULL,
2011 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2012 CTLTYPE_INT, "nd_umaxtries",
2013 SYSCTL_DESCR("Number of unicast discovery attempts"),
2014 NULL, 0, &arp_nd_domain.nd_umaxtries, 0,
2015 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2016 sysctl_createv(clog, 0, NULL, NULL,
2017 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2018 CTLTYPE_INT, "nd_reachable",
2019 SYSCTL_DESCR("Reachable time"),
2020 NULL, 0, &arp_reachable, 0,
2021 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2022 sysctl_createv(clog, 0, NULL, NULL,
2023 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2024 CTLTYPE_INT, "nd_retrans",
2025 SYSCTL_DESCR("Retransmission time"),
2026 NULL, 0, &arp_retrans, 0,
2027 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2028 sysctl_createv(clog, 0, NULL, NULL,
2029 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2030 CTLTYPE_INT, "nd_nud",
2031 SYSCTL_DESCR("Perform neighbour unreachability detection"),
2032 NULL, 0, &arp_perform_nud, 0,
2033 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2034 sysctl_createv(clog, 0, NULL, NULL,
2035 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2036 CTLTYPE_INT, "nd_maxnudhint",
2037 SYSCTL_DESCR("Maximum neighbor unreachable hint count"),
2038 NULL, 0, &arp_nd_domain.nd_maxnudhint, 0,
2039 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2040 sysctl_createv(clog, 0, NULL, NULL,
2041 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2042 CTLTYPE_INT, "maxqueuelen",
2043 SYSCTL_DESCR("max packet queue len for a unresolved ARP"),
2044 NULL, 1, &arp_nd_domain.nd_maxqueuelen, 0,
2045 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2046
2047 sysctl_createv(clog, 0, NULL, NULL,
2048 CTLFLAG_PERMANENT,
2049 CTLTYPE_STRUCT, "stats",
2050 SYSCTL_DESCR("ARP statistics"),
2051 sysctl_net_inet_arp_stats, 0, NULL, 0,
2052 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2053
2054 sysctl_createv(clog, 0, NULL, NULL,
2055 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2056 CTLTYPE_INT, "log_movements",
2057 SYSCTL_DESCR("log ARP replies from MACs different than"
2058 " the one in the cache"),
2059 NULL, 0, &log_movements, 0,
2060 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2061
2062 sysctl_createv(clog, 0, NULL, NULL,
2063 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2064 CTLTYPE_INT, "log_permanent_modify",
2065 SYSCTL_DESCR("log ARP replies from MACs different than"
2066 " the one in the permanent arp entry"),
2067 NULL, 0, &log_permanent_modify, 0,
2068 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2069
2070 sysctl_createv(clog, 0, NULL, NULL,
2071 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2072 CTLTYPE_INT, "log_wrong_iface",
2073 SYSCTL_DESCR("log ARP packets arriving on the wrong"
2074 " interface"),
2075 NULL, 0, &log_wrong_iface, 0,
2076 CTL_NET,PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2077
2078 sysctl_createv(clog, 0, NULL, NULL,
2079 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
2080 CTLTYPE_INT, "debug",
2081 SYSCTL_DESCR("Enable ARP DAD debug output"),
2082 NULL, 0, &arp_debug, 0,
2083 CTL_NET, PF_INET, node->sysctl_num, CTL_CREATE, CTL_EOL);
2084 }
2085
2086 #endif /* INET */
Cache object: 1922a1baae87f8c6bab30852b4ae2be9
|