1f30c2269SUwe Zeisberger /* linux/net/ipv4/arp.c 21da177e4SLinus Torvalds * 31da177e4SLinus Torvalds * Copyright (C) 1994 by Florian La Roche 41da177e4SLinus Torvalds * 51da177e4SLinus Torvalds * This module implements the Address Resolution Protocol ARP (RFC 826), 61da177e4SLinus Torvalds * which is used to convert IP addresses (or in the future maybe other 71da177e4SLinus Torvalds * high-level addresses) into a low-level hardware address (like an Ethernet 81da177e4SLinus Torvalds * address). 91da177e4SLinus Torvalds * 101da177e4SLinus Torvalds * This program is free software; you can redistribute it and/or 111da177e4SLinus Torvalds * modify it under the terms of the GNU General Public License 121da177e4SLinus Torvalds * as published by the Free Software Foundation; either version 131da177e4SLinus Torvalds * 2 of the License, or (at your option) any later version. 141da177e4SLinus Torvalds * 151da177e4SLinus Torvalds * Fixes: 161da177e4SLinus Torvalds * Alan Cox : Removed the Ethernet assumptions in 171da177e4SLinus Torvalds * Florian's code 181da177e4SLinus Torvalds * Alan Cox : Fixed some small errors in the ARP 191da177e4SLinus Torvalds * logic 201da177e4SLinus Torvalds * Alan Cox : Allow >4K in /proc 211da177e4SLinus Torvalds * Alan Cox : Make ARP add its own protocol entry 221da177e4SLinus Torvalds * Ross Martin : Rewrote arp_rcv() and arp_get_info() 231da177e4SLinus Torvalds * Stephen Henson : Add AX25 support to arp_get_info() 241da177e4SLinus Torvalds * Alan Cox : Drop data when a device is downed. 251da177e4SLinus Torvalds * Alan Cox : Use init_timer(). 261da177e4SLinus Torvalds * Alan Cox : Double lock fixes. 271da177e4SLinus Torvalds * Martin Seine : Move the arphdr structure 281da177e4SLinus Torvalds * to if_arp.h for compatibility. 291da177e4SLinus Torvalds * with BSD based programs. 301da177e4SLinus Torvalds * Andrew Tridgell : Added ARP netmask code and 311da177e4SLinus Torvalds * re-arranged proxy handling. 321da177e4SLinus Torvalds * Alan Cox : Changed to use notifiers. 331da177e4SLinus Torvalds * Niibe Yutaka : Reply for this device or proxies only. 341da177e4SLinus Torvalds * Alan Cox : Don't proxy across hardware types! 351da177e4SLinus Torvalds * Jonathan Naylor : Added support for NET/ROM. 361da177e4SLinus Torvalds * Mike Shaver : RFC1122 checks. 371da177e4SLinus Torvalds * Jonathan Naylor : Only lookup the hardware address for 381da177e4SLinus Torvalds * the correct hardware type. 391da177e4SLinus Torvalds * Germano Caronni : Assorted subtle races. 401da177e4SLinus Torvalds * Craig Schlenter : Don't modify permanent entry 411da177e4SLinus Torvalds * during arp_rcv. 421da177e4SLinus Torvalds * Russ Nelson : Tidied up a few bits. 431da177e4SLinus Torvalds * Alexey Kuznetsov: Major changes to caching and behaviour, 441da177e4SLinus Torvalds * eg intelligent arp probing and 451da177e4SLinus Torvalds * generation 461da177e4SLinus Torvalds * of host down events. 471da177e4SLinus Torvalds * Alan Cox : Missing unlock in device events. 481da177e4SLinus Torvalds * Eckes : ARP ioctl control errors. 491da177e4SLinus Torvalds * Alexey Kuznetsov: Arp free fix. 501da177e4SLinus Torvalds * Manuel Rodriguez: Gratuitous ARP. 511da177e4SLinus Torvalds * Jonathan Layes : Added arpd support through kerneld 521da177e4SLinus Torvalds * message queue (960314) 531da177e4SLinus Torvalds * Mike Shaver : /proc/sys/net/ipv4/arp_* support 541da177e4SLinus Torvalds * Mike McLagan : Routing by source 551da177e4SLinus Torvalds * Stuart Cheshire : Metricom and grat arp fixes 561da177e4SLinus Torvalds * *** FOR 2.1 clean this up *** 571da177e4SLinus Torvalds * Lawrence V. Stefani: (08/12/96) Added FDDI support. 581da177e4SLinus Torvalds * Alan Cox : Took the AP1000 nasty FDDI hack and 591da177e4SLinus Torvalds * folded into the mainstream FDDI code. 601da177e4SLinus Torvalds * Ack spit, Linus how did you allow that 611da177e4SLinus Torvalds * one in... 621da177e4SLinus Torvalds * Jes Sorensen : Make FDDI work again in 2.1.x and 631da177e4SLinus Torvalds * clean up the APFDDI & gen. FDDI bits. 641da177e4SLinus Torvalds * Alexey Kuznetsov: new arp state machine; 651da177e4SLinus Torvalds * now it is in net/core/neighbour.c. 661da177e4SLinus Torvalds * Krzysztof Halasa: Added Frame Relay ARP support. 671da177e4SLinus Torvalds * Arnaldo C. Melo : convert /proc/net/arp to seq_file 681da177e4SLinus Torvalds * Shmulik Hen: Split arp_send to arp_create and 691da177e4SLinus Torvalds * arp_xmit so intermediate drivers like 701da177e4SLinus Torvalds * bonding can change the skb before 711da177e4SLinus Torvalds * sending (e.g. insert 8021q tag). 721da177e4SLinus Torvalds * Harald Welte : convert to make use of jenkins hash 7365324144SJesper Dangaard Brouer * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support. 741da177e4SLinus Torvalds */ 751da177e4SLinus Torvalds 7691df42beSJoe Perches #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 7791df42beSJoe Perches 781da177e4SLinus Torvalds #include <linux/module.h> 791da177e4SLinus Torvalds #include <linux/types.h> 801da177e4SLinus Torvalds #include <linux/string.h> 811da177e4SLinus Torvalds #include <linux/kernel.h> 824fc268d2SRandy Dunlap #include <linux/capability.h> 831da177e4SLinus Torvalds #include <linux/socket.h> 841da177e4SLinus Torvalds #include <linux/sockios.h> 851da177e4SLinus Torvalds #include <linux/errno.h> 861da177e4SLinus Torvalds #include <linux/in.h> 871da177e4SLinus Torvalds #include <linux/mm.h> 881da177e4SLinus Torvalds #include <linux/inet.h> 8914c85021SArnaldo Carvalho de Melo #include <linux/inetdevice.h> 901da177e4SLinus Torvalds #include <linux/netdevice.h> 911da177e4SLinus Torvalds #include <linux/etherdevice.h> 921da177e4SLinus Torvalds #include <linux/fddidevice.h> 931da177e4SLinus Torvalds #include <linux/if_arp.h> 941da177e4SLinus Torvalds #include <linux/skbuff.h> 951da177e4SLinus Torvalds #include <linux/proc_fs.h> 961da177e4SLinus Torvalds #include <linux/seq_file.h> 971da177e4SLinus Torvalds #include <linux/stat.h> 981da177e4SLinus Torvalds #include <linux/init.h> 991da177e4SLinus Torvalds #include <linux/net.h> 1001da177e4SLinus Torvalds #include <linux/rcupdate.h> 1015a0e3ad6STejun Heo #include <linux/slab.h> 1021da177e4SLinus Torvalds #ifdef CONFIG_SYSCTL 1031da177e4SLinus Torvalds #include <linux/sysctl.h> 1041da177e4SLinus Torvalds #endif 1051da177e4SLinus Torvalds 106457c4cbcSEric W. Biederman #include <net/net_namespace.h> 1071da177e4SLinus Torvalds #include <net/ip.h> 1081da177e4SLinus Torvalds #include <net/icmp.h> 1091da177e4SLinus Torvalds #include <net/route.h> 1101da177e4SLinus Torvalds #include <net/protocol.h> 1111da177e4SLinus Torvalds #include <net/tcp.h> 1121da177e4SLinus Torvalds #include <net/sock.h> 1131da177e4SLinus Torvalds #include <net/arp.h> 1141da177e4SLinus Torvalds #include <net/ax25.h> 1151da177e4SLinus Torvalds #include <net/netrom.h> 1161da177e4SLinus Torvalds 117deffd777SChangli Gao #include <linux/uaccess.h> 1181da177e4SLinus Torvalds 1191da177e4SLinus Torvalds #include <linux/netfilter_arp.h> 1201da177e4SLinus Torvalds 1211da177e4SLinus Torvalds /* 1221da177e4SLinus Torvalds * Interface to generic neighbour cache. 1231da177e4SLinus Torvalds */ 1242c2aba6cSDavid S. Miller static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd); 12560395a20SEric W. Biederman static bool arp_key_eq(const struct neighbour *n, const void *pkey); 1261da177e4SLinus Torvalds static int arp_constructor(struct neighbour *neigh); 1271da177e4SLinus Torvalds static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb); 1281da177e4SLinus Torvalds static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb); 1291da177e4SLinus Torvalds static void parp_redo(struct sk_buff *skb); 1301da177e4SLinus Torvalds 13189d69d2bSStephen Hemminger static const struct neigh_ops arp_generic_ops = { 1321da177e4SLinus Torvalds .family = AF_INET, 1331da177e4SLinus Torvalds .solicit = arp_solicit, 1341da177e4SLinus Torvalds .error_report = arp_error_report, 1351da177e4SLinus Torvalds .output = neigh_resolve_output, 1361da177e4SLinus Torvalds .connected_output = neigh_connected_output, 1371da177e4SLinus Torvalds }; 1381da177e4SLinus Torvalds 13989d69d2bSStephen Hemminger static const struct neigh_ops arp_hh_ops = { 1401da177e4SLinus Torvalds .family = AF_INET, 1411da177e4SLinus Torvalds .solicit = arp_solicit, 1421da177e4SLinus Torvalds .error_report = arp_error_report, 1431da177e4SLinus Torvalds .output = neigh_resolve_output, 1441da177e4SLinus Torvalds .connected_output = neigh_resolve_output, 1451da177e4SLinus Torvalds }; 1461da177e4SLinus Torvalds 14789d69d2bSStephen Hemminger static const struct neigh_ops arp_direct_ops = { 1481da177e4SLinus Torvalds .family = AF_INET, 1498f40b161SDavid S. Miller .output = neigh_direct_output, 1508f40b161SDavid S. Miller .connected_output = neigh_direct_output, 1511da177e4SLinus Torvalds }; 1521da177e4SLinus Torvalds 1531da177e4SLinus Torvalds struct neigh_table arp_tbl = { 1541da177e4SLinus Torvalds .family = AF_INET, 1551da177e4SLinus Torvalds .key_len = 4, 156bdf53c58SEric W. Biederman .protocol = cpu_to_be16(ETH_P_IP), 1571da177e4SLinus Torvalds .hash = arp_hash, 15860395a20SEric W. Biederman .key_eq = arp_key_eq, 1591da177e4SLinus Torvalds .constructor = arp_constructor, 1601da177e4SLinus Torvalds .proxy_redo = parp_redo, 1611da177e4SLinus Torvalds .id = "arp_cache", 1621da177e4SLinus Torvalds .parms = { 1631da177e4SLinus Torvalds .tbl = &arp_tbl, 1641da177e4SLinus Torvalds .reachable_time = 30 * HZ, 1651f9248e5SJiri Pirko .data = { 1661f9248e5SJiri Pirko [NEIGH_VAR_MCAST_PROBES] = 3, 1671f9248e5SJiri Pirko [NEIGH_VAR_UCAST_PROBES] = 3, 1681f9248e5SJiri Pirko [NEIGH_VAR_RETRANS_TIME] = 1 * HZ, 1691f9248e5SJiri Pirko [NEIGH_VAR_BASE_REACHABLE_TIME] = 30 * HZ, 1701f9248e5SJiri Pirko [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ, 1711f9248e5SJiri Pirko [NEIGH_VAR_GC_STALETIME] = 60 * HZ, 1721f9248e5SJiri Pirko [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024, 1731f9248e5SJiri Pirko [NEIGH_VAR_PROXY_QLEN] = 64, 1741f9248e5SJiri Pirko [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ, 1751f9248e5SJiri Pirko [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10, 1761f9248e5SJiri Pirko [NEIGH_VAR_LOCKTIME] = 1 * HZ, 1771f9248e5SJiri Pirko }, 1781da177e4SLinus Torvalds }, 1791da177e4SLinus Torvalds .gc_interval = 30 * HZ, 1801da177e4SLinus Torvalds .gc_thresh1 = 128, 1811da177e4SLinus Torvalds .gc_thresh2 = 512, 1821da177e4SLinus Torvalds .gc_thresh3 = 1024, 1831da177e4SLinus Torvalds }; 1844bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_tbl); 1851da177e4SLinus Torvalds 186714e85beSAl Viro int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir) 1871da177e4SLinus Torvalds { 1881da177e4SLinus Torvalds switch (dev->type) { 1891da177e4SLinus Torvalds case ARPHRD_ETHER: 1901da177e4SLinus Torvalds case ARPHRD_FDDI: 1911da177e4SLinus Torvalds case ARPHRD_IEEE802: 1921da177e4SLinus Torvalds ip_eth_mc_map(addr, haddr); 1931da177e4SLinus Torvalds return 0; 1941da177e4SLinus Torvalds case ARPHRD_INFINIBAND: 195a9e527e3SRolf Manderscheid ip_ib_mc_map(addr, dev->broadcast, haddr); 1961da177e4SLinus Torvalds return 0; 19793ca3bb5STimo Teräs case ARPHRD_IPGRE: 19893ca3bb5STimo Teräs ip_ipgre_mc_map(addr, dev->broadcast, haddr); 19993ca3bb5STimo Teräs return 0; 2001da177e4SLinus Torvalds default: 2011da177e4SLinus Torvalds if (dir) { 2021da177e4SLinus Torvalds memcpy(haddr, dev->broadcast, dev->addr_len); 2031da177e4SLinus Torvalds return 0; 2041da177e4SLinus Torvalds } 2051da177e4SLinus Torvalds } 2061da177e4SLinus Torvalds return -EINVAL; 2071da177e4SLinus Torvalds } 2081da177e4SLinus Torvalds 2091da177e4SLinus Torvalds 210d6bf7817SEric Dumazet static u32 arp_hash(const void *pkey, 211d6bf7817SEric Dumazet const struct net_device *dev, 2122c2aba6cSDavid S. Miller __u32 *hash_rnd) 2131da177e4SLinus Torvalds { 21460395a20SEric W. Biederman return arp_hashfn(pkey, dev, hash_rnd); 21560395a20SEric W. Biederman } 21660395a20SEric W. Biederman 21760395a20SEric W. Biederman static bool arp_key_eq(const struct neighbour *neigh, const void *pkey) 21860395a20SEric W. Biederman { 21960395a20SEric W. Biederman return neigh_key_eq32(neigh, pkey); 2201da177e4SLinus Torvalds } 2211da177e4SLinus Torvalds 2221da177e4SLinus Torvalds static int arp_constructor(struct neighbour *neigh) 2231da177e4SLinus Torvalds { 224fd683222SAl Viro __be32 addr = *(__be32 *)neigh->primary_key; 2251da177e4SLinus Torvalds struct net_device *dev = neigh->dev; 2261da177e4SLinus Torvalds struct in_device *in_dev; 2271da177e4SLinus Torvalds struct neigh_parms *parms; 2281da177e4SLinus Torvalds 2291da177e4SLinus Torvalds rcu_read_lock(); 230e5ed6399SHerbert Xu in_dev = __in_dev_get_rcu(dev); 231*51456b29SIan Morris if (!in_dev) { 2321da177e4SLinus Torvalds rcu_read_unlock(); 2331da177e4SLinus Torvalds return -EINVAL; 2341da177e4SLinus Torvalds } 2351da177e4SLinus Torvalds 236c346dca1SYOSHIFUJI Hideaki neigh->type = inet_addr_type(dev_net(dev), addr); 237a79878f0SDenis V. Lunev 2381da177e4SLinus Torvalds parms = in_dev->arp_parms; 2391da177e4SLinus Torvalds __neigh_parms_put(neigh->parms); 2401da177e4SLinus Torvalds neigh->parms = neigh_parms_clone(parms); 2411da177e4SLinus Torvalds rcu_read_unlock(); 2421da177e4SLinus Torvalds 2433b04dddeSStephen Hemminger if (!dev->header_ops) { 2441da177e4SLinus Torvalds neigh->nud_state = NUD_NOARP; 2451da177e4SLinus Torvalds neigh->ops = &arp_direct_ops; 2468f40b161SDavid S. Miller neigh->output = neigh_direct_output; 2471da177e4SLinus Torvalds } else { 2481da177e4SLinus Torvalds /* Good devices (checked by reading texts, but only Ethernet is 2491da177e4SLinus Torvalds tested) 2501da177e4SLinus Torvalds 2511da177e4SLinus Torvalds ARPHRD_ETHER: (ethernet, apfddi) 2521da177e4SLinus Torvalds ARPHRD_FDDI: (fddi) 2531da177e4SLinus Torvalds ARPHRD_IEEE802: (tr) 2541da177e4SLinus Torvalds ARPHRD_METRICOM: (strip) 2551da177e4SLinus Torvalds ARPHRD_ARCNET: 2561da177e4SLinus Torvalds etc. etc. etc. 2571da177e4SLinus Torvalds 2581da177e4SLinus Torvalds ARPHRD_IPDDP will also work, if author repairs it. 2591da177e4SLinus Torvalds I did not it, because this driver does not work even 2601da177e4SLinus Torvalds in old paradigm. 2611da177e4SLinus Torvalds */ 2621da177e4SLinus Torvalds 2631da177e4SLinus Torvalds if (neigh->type == RTN_MULTICAST) { 2641da177e4SLinus Torvalds neigh->nud_state = NUD_NOARP; 2651da177e4SLinus Torvalds arp_mc_map(addr, neigh->ha, dev, 1); 2661da177e4SLinus Torvalds } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) { 2671da177e4SLinus Torvalds neigh->nud_state = NUD_NOARP; 2681da177e4SLinus Torvalds memcpy(neigh->ha, dev->dev_addr, dev->addr_len); 269deffd777SChangli Gao } else if (neigh->type == RTN_BROADCAST || 270deffd777SChangli Gao (dev->flags & IFF_POINTOPOINT)) { 2711da177e4SLinus Torvalds neigh->nud_state = NUD_NOARP; 2721da177e4SLinus Torvalds memcpy(neigh->ha, dev->broadcast, dev->addr_len); 2731da177e4SLinus Torvalds } 2743b04dddeSStephen Hemminger 2753b04dddeSStephen Hemminger if (dev->header_ops->cache) 2761da177e4SLinus Torvalds neigh->ops = &arp_hh_ops; 2771da177e4SLinus Torvalds else 2781da177e4SLinus Torvalds neigh->ops = &arp_generic_ops; 2793b04dddeSStephen Hemminger 2801da177e4SLinus Torvalds if (neigh->nud_state & NUD_VALID) 2811da177e4SLinus Torvalds neigh->output = neigh->ops->connected_output; 2821da177e4SLinus Torvalds else 2831da177e4SLinus Torvalds neigh->output = neigh->ops->output; 2841da177e4SLinus Torvalds } 2851da177e4SLinus Torvalds return 0; 2861da177e4SLinus Torvalds } 2871da177e4SLinus Torvalds 2881da177e4SLinus Torvalds static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb) 2891da177e4SLinus Torvalds { 2901da177e4SLinus Torvalds dst_link_failure(skb); 2911da177e4SLinus Torvalds kfree_skb(skb); 2921da177e4SLinus Torvalds } 2931da177e4SLinus Torvalds 2941da177e4SLinus Torvalds static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb) 2951da177e4SLinus Torvalds { 296a61ced5dSAl Viro __be32 saddr = 0; 297cf0be880SCong Wang u8 dst_ha[MAX_ADDR_LEN], *dst_hw = NULL; 2981da177e4SLinus Torvalds struct net_device *dev = neigh->dev; 299a61ced5dSAl Viro __be32 target = *(__be32 *)neigh->primary_key; 3001da177e4SLinus Torvalds int probes = atomic_read(&neigh->probes); 3014b4194c4SEric Dumazet struct in_device *in_dev; 3021da177e4SLinus Torvalds 3034b4194c4SEric Dumazet rcu_read_lock(); 3044b4194c4SEric Dumazet in_dev = __in_dev_get_rcu(dev); 3054b4194c4SEric Dumazet if (!in_dev) { 3064b4194c4SEric Dumazet rcu_read_unlock(); 3071da177e4SLinus Torvalds return; 3084b4194c4SEric Dumazet } 3091da177e4SLinus Torvalds switch (IN_DEV_ARP_ANNOUNCE(in_dev)) { 3101da177e4SLinus Torvalds default: 3111da177e4SLinus Torvalds case 0: /* By default announce any local IP */ 312deffd777SChangli Gao if (skb && inet_addr_type(dev_net(dev), 313deffd777SChangli Gao ip_hdr(skb)->saddr) == RTN_LOCAL) 314eddc9ec5SArnaldo Carvalho de Melo saddr = ip_hdr(skb)->saddr; 3151da177e4SLinus Torvalds break; 3161da177e4SLinus Torvalds case 1: /* Restrict announcements of saddr in same subnet */ 3171da177e4SLinus Torvalds if (!skb) 3181da177e4SLinus Torvalds break; 319eddc9ec5SArnaldo Carvalho de Melo saddr = ip_hdr(skb)->saddr; 320c346dca1SYOSHIFUJI Hideaki if (inet_addr_type(dev_net(dev), saddr) == RTN_LOCAL) { 3211da177e4SLinus Torvalds /* saddr should be known to target */ 3221da177e4SLinus Torvalds if (inet_addr_onlink(in_dev, target, saddr)) 3231da177e4SLinus Torvalds break; 3241da177e4SLinus Torvalds } 3251da177e4SLinus Torvalds saddr = 0; 3261da177e4SLinus Torvalds break; 3271da177e4SLinus Torvalds case 2: /* Avoid secondary IPs, get a primary/preferred one */ 3281da177e4SLinus Torvalds break; 3291da177e4SLinus Torvalds } 3304b4194c4SEric Dumazet rcu_read_unlock(); 3311da177e4SLinus Torvalds 3321da177e4SLinus Torvalds if (!saddr) 3331da177e4SLinus Torvalds saddr = inet_select_addr(dev, target, RT_SCOPE_LINK); 3341da177e4SLinus Torvalds 3351f9248e5SJiri Pirko probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES); 336deffd777SChangli Gao if (probes < 0) { 3371da177e4SLinus Torvalds if (!(neigh->nud_state & NUD_VALID)) 33891df42beSJoe Perches pr_debug("trying to ucast probe in NUD_INVALID\n"); 3399650388bSEric Dumazet neigh_ha_snapshot(dst_ha, neigh, dev); 340cf0be880SCong Wang dst_hw = dst_ha; 341deffd777SChangli Gao } else { 3421f9248e5SJiri Pirko probes -= NEIGH_VAR(neigh->parms, APP_PROBES); 343deffd777SChangli Gao if (probes < 0) { 3441da177e4SLinus Torvalds neigh_app_ns(neigh); 3451da177e4SLinus Torvalds return; 3461da177e4SLinus Torvalds } 347deffd777SChangli Gao } 3481da177e4SLinus Torvalds 3491da177e4SLinus Torvalds arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr, 350cf0be880SCong Wang dst_hw, dev->dev_addr, NULL); 3511da177e4SLinus Torvalds } 3521da177e4SLinus Torvalds 3539bd85e32SDenis V. Lunev static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip) 3541da177e4SLinus Torvalds { 355b601fa19SNicolas Dichtel struct net *net = dev_net(in_dev->dev); 3561da177e4SLinus Torvalds int scope; 3571da177e4SLinus Torvalds 3581da177e4SLinus Torvalds switch (IN_DEV_ARP_IGNORE(in_dev)) { 3591da177e4SLinus Torvalds case 0: /* Reply, the tip is already validated */ 3601da177e4SLinus Torvalds return 0; 3611da177e4SLinus Torvalds case 1: /* Reply only if tip is configured on the incoming interface */ 3621da177e4SLinus Torvalds sip = 0; 3631da177e4SLinus Torvalds scope = RT_SCOPE_HOST; 3641da177e4SLinus Torvalds break; 3651da177e4SLinus Torvalds case 2: /* 3661da177e4SLinus Torvalds * Reply only if tip is configured on the incoming interface 3671da177e4SLinus Torvalds * and is in same subnet as sip 3681da177e4SLinus Torvalds */ 3691da177e4SLinus Torvalds scope = RT_SCOPE_HOST; 3701da177e4SLinus Torvalds break; 3711da177e4SLinus Torvalds case 3: /* Do not reply for scope host addresses */ 3721da177e4SLinus Torvalds sip = 0; 3731da177e4SLinus Torvalds scope = RT_SCOPE_LINK; 374b601fa19SNicolas Dichtel in_dev = NULL; 3751da177e4SLinus Torvalds break; 3761da177e4SLinus Torvalds case 4: /* Reserved */ 3771da177e4SLinus Torvalds case 5: 3781da177e4SLinus Torvalds case 6: 3791da177e4SLinus Torvalds case 7: 3801da177e4SLinus Torvalds return 0; 3811da177e4SLinus Torvalds case 8: /* Do not reply */ 3821da177e4SLinus Torvalds return 1; 3831da177e4SLinus Torvalds default: 3841da177e4SLinus Torvalds return 0; 3851da177e4SLinus Torvalds } 386b601fa19SNicolas Dichtel return !inet_confirm_addr(net, in_dev, sip, tip, scope); 3871da177e4SLinus Torvalds } 3881da177e4SLinus Torvalds 389ed9bad06SAl Viro static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev) 3901da177e4SLinus Torvalds { 3911da177e4SLinus Torvalds struct rtable *rt; 3921da177e4SLinus Torvalds int flag = 0; 3931da177e4SLinus Torvalds /*unsigned long now; */ 394ca12a1a4SPavel Emelyanov struct net *net = dev_net(dev); 3951da177e4SLinus Torvalds 39678fbfd8aSDavid S. Miller rt = ip_route_output(net, sip, tip, 0, 0); 397b23dd4feSDavid S. Miller if (IS_ERR(rt)) 3981da177e4SLinus Torvalds return 1; 399d8d1f30bSChangli Gao if (rt->dst.dev != dev) { 400de0744afSPavel Emelyanov NET_INC_STATS_BH(net, LINUX_MIB_ARPFILTER); 4011da177e4SLinus Torvalds flag = 1; 4021da177e4SLinus Torvalds } 4031da177e4SLinus Torvalds ip_rt_put(rt); 4041da177e4SLinus Torvalds return flag; 4051da177e4SLinus Torvalds } 4061da177e4SLinus Torvalds 4071da177e4SLinus Torvalds /* 4081da177e4SLinus Torvalds * Check if we can use proxy ARP for this path 4091da177e4SLinus Torvalds */ 41065324144SJesper Dangaard Brouer static inline int arp_fwd_proxy(struct in_device *in_dev, 41165324144SJesper Dangaard Brouer struct net_device *dev, struct rtable *rt) 4121da177e4SLinus Torvalds { 4131da177e4SLinus Torvalds struct in_device *out_dev; 4141da177e4SLinus Torvalds int imi, omi = -1; 4151da177e4SLinus Torvalds 416d8d1f30bSChangli Gao if (rt->dst.dev == dev) 41765324144SJesper Dangaard Brouer return 0; 41865324144SJesper Dangaard Brouer 4191da177e4SLinus Torvalds if (!IN_DEV_PROXY_ARP(in_dev)) 4201da177e4SLinus Torvalds return 0; 421deffd777SChangli Gao imi = IN_DEV_MEDIUM_ID(in_dev); 422deffd777SChangli Gao if (imi == 0) 4231da177e4SLinus Torvalds return 1; 4241da177e4SLinus Torvalds if (imi == -1) 4251da177e4SLinus Torvalds return 0; 4261da177e4SLinus Torvalds 4271da177e4SLinus Torvalds /* place to check for proxy_arp for routes */ 4281da177e4SLinus Torvalds 429d8d1f30bSChangli Gao out_dev = __in_dev_get_rcu(rt->dst.dev); 430faa9dcf7SEric Dumazet if (out_dev) 4311da177e4SLinus Torvalds omi = IN_DEV_MEDIUM_ID(out_dev); 432faa9dcf7SEric Dumazet 433a02cec21SEric Dumazet return omi != imi && omi != -1; 4341da177e4SLinus Torvalds } 4351da177e4SLinus Torvalds 4361da177e4SLinus Torvalds /* 43765324144SJesper Dangaard Brouer * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev) 43865324144SJesper Dangaard Brouer * 43965324144SJesper Dangaard Brouer * RFC3069 supports proxy arp replies back to the same interface. This 44065324144SJesper Dangaard Brouer * is done to support (ethernet) switch features, like RFC 3069, where 44165324144SJesper Dangaard Brouer * the individual ports are not allowed to communicate with each 44265324144SJesper Dangaard Brouer * other, BUT they are allowed to talk to the upstream router. As 44365324144SJesper Dangaard Brouer * described in RFC 3069, it is possible to allow these hosts to 44465324144SJesper Dangaard Brouer * communicate through the upstream router, by proxy_arp'ing. 44565324144SJesper Dangaard Brouer * 44665324144SJesper Dangaard Brouer * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation" 44765324144SJesper Dangaard Brouer * 44865324144SJesper Dangaard Brouer * This technology is known by different names: 44965324144SJesper Dangaard Brouer * In RFC 3069 it is called VLAN Aggregation. 45065324144SJesper Dangaard Brouer * Cisco and Allied Telesyn call it Private VLAN. 45165324144SJesper Dangaard Brouer * Hewlett-Packard call it Source-Port filtering or port-isolation. 45265324144SJesper Dangaard Brouer * Ericsson call it MAC-Forced Forwarding (RFC Draft). 45365324144SJesper Dangaard Brouer * 45465324144SJesper Dangaard Brouer */ 45565324144SJesper Dangaard Brouer static inline int arp_fwd_pvlan(struct in_device *in_dev, 45665324144SJesper Dangaard Brouer struct net_device *dev, struct rtable *rt, 45765324144SJesper Dangaard Brouer __be32 sip, __be32 tip) 45865324144SJesper Dangaard Brouer { 45965324144SJesper Dangaard Brouer /* Private VLAN is only concerned about the same ethernet segment */ 460d8d1f30bSChangli Gao if (rt->dst.dev != dev) 46165324144SJesper Dangaard Brouer return 0; 46265324144SJesper Dangaard Brouer 46365324144SJesper Dangaard Brouer /* Don't reply on self probes (often done by windowz boxes)*/ 46465324144SJesper Dangaard Brouer if (sip == tip) 46565324144SJesper Dangaard Brouer return 0; 46665324144SJesper Dangaard Brouer 46765324144SJesper Dangaard Brouer if (IN_DEV_PROXY_ARP_PVLAN(in_dev)) 46865324144SJesper Dangaard Brouer return 1; 46965324144SJesper Dangaard Brouer else 47065324144SJesper Dangaard Brouer return 0; 47165324144SJesper Dangaard Brouer } 47265324144SJesper Dangaard Brouer 47365324144SJesper Dangaard Brouer /* 4741da177e4SLinus Torvalds * Interface to link layer: send routine and receive handler. 4751da177e4SLinus Torvalds */ 4761da177e4SLinus Torvalds 4771da177e4SLinus Torvalds /* 478*51456b29SIan Morris * Create an arp packet. If dest_hw is not set, we create a broadcast 4791da177e4SLinus Torvalds * message. 4801da177e4SLinus Torvalds */ 481ed9bad06SAl Viro struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip, 482ed9bad06SAl Viro struct net_device *dev, __be32 src_ip, 483abfdf1c4SJan Engelhardt const unsigned char *dest_hw, 484abfdf1c4SJan Engelhardt const unsigned char *src_hw, 485abfdf1c4SJan Engelhardt const unsigned char *target_hw) 4861da177e4SLinus Torvalds { 4871da177e4SLinus Torvalds struct sk_buff *skb; 4881da177e4SLinus Torvalds struct arphdr *arp; 4891da177e4SLinus Torvalds unsigned char *arp_ptr; 49066088243SHerbert Xu int hlen = LL_RESERVED_SPACE(dev); 49166088243SHerbert Xu int tlen = dev->needed_tailroom; 4921da177e4SLinus Torvalds 4931da177e4SLinus Torvalds /* 4941da177e4SLinus Torvalds * Allocate a buffer 4951da177e4SLinus Torvalds */ 4961da177e4SLinus Torvalds 49766088243SHerbert Xu skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC); 498*51456b29SIan Morris if (!skb) 4991da177e4SLinus Torvalds return NULL; 5001da177e4SLinus Torvalds 50166088243SHerbert Xu skb_reserve(skb, hlen); 502c1d2bbe1SArnaldo Carvalho de Melo skb_reset_network_header(skb); 503988b7050SPavel Emelyanov arp = (struct arphdr *) skb_put(skb, arp_hdr_len(dev)); 5041da177e4SLinus Torvalds skb->dev = dev; 5051da177e4SLinus Torvalds skb->protocol = htons(ETH_P_ARP); 506*51456b29SIan Morris if (!src_hw) 5071da177e4SLinus Torvalds src_hw = dev->dev_addr; 508*51456b29SIan Morris if (!dest_hw) 5091da177e4SLinus Torvalds dest_hw = dev->broadcast; 5101da177e4SLinus Torvalds 5111da177e4SLinus Torvalds /* 5121da177e4SLinus Torvalds * Fill the device header for the ARP frame 5131da177e4SLinus Torvalds */ 5140c4e8581SStephen Hemminger if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0) 5151da177e4SLinus Torvalds goto out; 5161da177e4SLinus Torvalds 5171da177e4SLinus Torvalds /* 5181da177e4SLinus Torvalds * Fill out the arp protocol part. 5191da177e4SLinus Torvalds * 5201da177e4SLinus Torvalds * The arp hardware type should match the device type, except for FDDI, 5211da177e4SLinus Torvalds * which (according to RFC 1390) should always equal 1 (Ethernet). 5221da177e4SLinus Torvalds */ 5231da177e4SLinus Torvalds /* 5241da177e4SLinus Torvalds * Exceptions everywhere. AX.25 uses the AX.25 PID value not the 5251da177e4SLinus Torvalds * DIX code for the protocol. Make these device structure fields. 5261da177e4SLinus Torvalds */ 5271da177e4SLinus Torvalds switch (dev->type) { 5281da177e4SLinus Torvalds default: 5291da177e4SLinus Torvalds arp->ar_hrd = htons(dev->type); 5301da177e4SLinus Torvalds arp->ar_pro = htons(ETH_P_IP); 5311da177e4SLinus Torvalds break; 5321da177e4SLinus Torvalds 53340e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 5341da177e4SLinus Torvalds case ARPHRD_AX25: 5351da177e4SLinus Torvalds arp->ar_hrd = htons(ARPHRD_AX25); 5361da177e4SLinus Torvalds arp->ar_pro = htons(AX25_P_IP); 5371da177e4SLinus Torvalds break; 5381da177e4SLinus Torvalds 53940e4783eSIgor Maravic #if IS_ENABLED(CONFIG_NETROM) 5401da177e4SLinus Torvalds case ARPHRD_NETROM: 5411da177e4SLinus Torvalds arp->ar_hrd = htons(ARPHRD_NETROM); 5421da177e4SLinus Torvalds arp->ar_pro = htons(AX25_P_IP); 5431da177e4SLinus Torvalds break; 5441da177e4SLinus Torvalds #endif 5451da177e4SLinus Torvalds #endif 5461da177e4SLinus Torvalds 54740e4783eSIgor Maravic #if IS_ENABLED(CONFIG_FDDI) 5481da177e4SLinus Torvalds case ARPHRD_FDDI: 5491da177e4SLinus Torvalds arp->ar_hrd = htons(ARPHRD_ETHER); 5501da177e4SLinus Torvalds arp->ar_pro = htons(ETH_P_IP); 5511da177e4SLinus Torvalds break; 5521da177e4SLinus Torvalds #endif 5531da177e4SLinus Torvalds } 5541da177e4SLinus Torvalds 5551da177e4SLinus Torvalds arp->ar_hln = dev->addr_len; 5561da177e4SLinus Torvalds arp->ar_pln = 4; 5571da177e4SLinus Torvalds arp->ar_op = htons(type); 5581da177e4SLinus Torvalds 5591da177e4SLinus Torvalds arp_ptr = (unsigned char *)(arp + 1); 5601da177e4SLinus Torvalds 5611da177e4SLinus Torvalds memcpy(arp_ptr, src_hw, dev->addr_len); 5621da177e4SLinus Torvalds arp_ptr += dev->addr_len; 5631da177e4SLinus Torvalds memcpy(arp_ptr, &src_ip, 4); 5641da177e4SLinus Torvalds arp_ptr += 4; 5656752c8dbSYOSHIFUJI Hideaki / 吉藤英明 5666752c8dbSYOSHIFUJI Hideaki / 吉藤英明 switch (dev->type) { 5676752c8dbSYOSHIFUJI Hideaki / 吉藤英明 #if IS_ENABLED(CONFIG_FIREWIRE_NET) 5686752c8dbSYOSHIFUJI Hideaki / 吉藤英明 case ARPHRD_IEEE1394: 5696752c8dbSYOSHIFUJI Hideaki / 吉藤英明 break; 5706752c8dbSYOSHIFUJI Hideaki / 吉藤英明 #endif 5716752c8dbSYOSHIFUJI Hideaki / 吉藤英明 default: 5721da177e4SLinus Torvalds if (target_hw != NULL) 5731da177e4SLinus Torvalds memcpy(arp_ptr, target_hw, dev->addr_len); 5741da177e4SLinus Torvalds else 5751da177e4SLinus Torvalds memset(arp_ptr, 0, dev->addr_len); 5761da177e4SLinus Torvalds arp_ptr += dev->addr_len; 5776752c8dbSYOSHIFUJI Hideaki / 吉藤英明 } 5781da177e4SLinus Torvalds memcpy(arp_ptr, &dest_ip, 4); 5791da177e4SLinus Torvalds 5801da177e4SLinus Torvalds return skb; 5811da177e4SLinus Torvalds 5821da177e4SLinus Torvalds out: 5831da177e4SLinus Torvalds kfree_skb(skb); 5841da177e4SLinus Torvalds return NULL; 5851da177e4SLinus Torvalds } 5864bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_create); 5871da177e4SLinus Torvalds 5881da177e4SLinus Torvalds /* 5891da177e4SLinus Torvalds * Send an arp packet. 5901da177e4SLinus Torvalds */ 5911da177e4SLinus Torvalds void arp_xmit(struct sk_buff *skb) 5921da177e4SLinus Torvalds { 5931da177e4SLinus Torvalds /* Send it off, maybe filter it using firewalling first. */ 594fdc9314cSJan Engelhardt NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, skb, NULL, skb->dev, dev_queue_xmit); 5951da177e4SLinus Torvalds } 5964bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_xmit); 5971da177e4SLinus Torvalds 5981da177e4SLinus Torvalds /* 5991da177e4SLinus Torvalds * Create and send an arp packet. 6001da177e4SLinus Torvalds */ 601ed9bad06SAl Viro void arp_send(int type, int ptype, __be32 dest_ip, 602ed9bad06SAl Viro struct net_device *dev, __be32 src_ip, 603abfdf1c4SJan Engelhardt const unsigned char *dest_hw, const unsigned char *src_hw, 604abfdf1c4SJan Engelhardt const unsigned char *target_hw) 6051da177e4SLinus Torvalds { 6061da177e4SLinus Torvalds struct sk_buff *skb; 6071da177e4SLinus Torvalds 6081da177e4SLinus Torvalds /* 6091da177e4SLinus Torvalds * No arp on this interface. 6101da177e4SLinus Torvalds */ 6111da177e4SLinus Torvalds 6121da177e4SLinus Torvalds if (dev->flags&IFF_NOARP) 6131da177e4SLinus Torvalds return; 6141da177e4SLinus Torvalds 6151da177e4SLinus Torvalds skb = arp_create(type, ptype, dest_ip, dev, src_ip, 6161da177e4SLinus Torvalds dest_hw, src_hw, target_hw); 617*51456b29SIan Morris if (!skb) 6181da177e4SLinus Torvalds return; 6191da177e4SLinus Torvalds 6201da177e4SLinus Torvalds arp_xmit(skb); 6211da177e4SLinus Torvalds } 6224bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_send); 6231da177e4SLinus Torvalds 6241da177e4SLinus Torvalds /* 6251da177e4SLinus Torvalds * Process an arp request. 6261da177e4SLinus Torvalds */ 6271da177e4SLinus Torvalds 6281da177e4SLinus Torvalds static int arp_process(struct sk_buff *skb) 6291da177e4SLinus Torvalds { 6301da177e4SLinus Torvalds struct net_device *dev = skb->dev; 631faa9dcf7SEric Dumazet struct in_device *in_dev = __in_dev_get_rcu(dev); 6321da177e4SLinus Torvalds struct arphdr *arp; 6331da177e4SLinus Torvalds unsigned char *arp_ptr; 6341da177e4SLinus Torvalds struct rtable *rt; 635e0260fedSMark Ryden unsigned char *sha; 6369e12bb22SAl Viro __be32 sip, tip; 6371da177e4SLinus Torvalds u16 dev_type = dev->type; 6381da177e4SLinus Torvalds int addr_type; 6391da177e4SLinus Torvalds struct neighbour *n; 640c346dca1SYOSHIFUJI Hideaki struct net *net = dev_net(dev); 64156022a8fSSalam Noureddine bool is_garp = false; 6421da177e4SLinus Torvalds 6431da177e4SLinus Torvalds /* arp_rcv below verifies the ARP header and verifies the device 6441da177e4SLinus Torvalds * is ARP'able. 6451da177e4SLinus Torvalds */ 6461da177e4SLinus Torvalds 647*51456b29SIan Morris if (!in_dev) 6481da177e4SLinus Torvalds goto out; 6491da177e4SLinus Torvalds 650d0a92be0SArnaldo Carvalho de Melo arp = arp_hdr(skb); 6511da177e4SLinus Torvalds 6521da177e4SLinus Torvalds switch (dev_type) { 6531da177e4SLinus Torvalds default: 6541da177e4SLinus Torvalds if (arp->ar_pro != htons(ETH_P_IP) || 6551da177e4SLinus Torvalds htons(dev_type) != arp->ar_hrd) 6561da177e4SLinus Torvalds goto out; 6571da177e4SLinus Torvalds break; 6581da177e4SLinus Torvalds case ARPHRD_ETHER: 6591da177e4SLinus Torvalds case ARPHRD_FDDI: 6601da177e4SLinus Torvalds case ARPHRD_IEEE802: 6611da177e4SLinus Torvalds /* 662211ed865SPaul Gortmaker * ETHERNET, and Fibre Channel (which are IEEE 802 6631da177e4SLinus Torvalds * devices, according to RFC 2625) devices will accept ARP 6641da177e4SLinus Torvalds * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2). 6651da177e4SLinus Torvalds * This is the case also of FDDI, where the RFC 1390 says that 6661da177e4SLinus Torvalds * FDDI devices should accept ARP hardware of (1) Ethernet, 6671da177e4SLinus Torvalds * however, to be more robust, we'll accept both 1 (Ethernet) 6681da177e4SLinus Torvalds * or 6 (IEEE 802.2) 6691da177e4SLinus Torvalds */ 6701da177e4SLinus Torvalds if ((arp->ar_hrd != htons(ARPHRD_ETHER) && 6711da177e4SLinus Torvalds arp->ar_hrd != htons(ARPHRD_IEEE802)) || 6721da177e4SLinus Torvalds arp->ar_pro != htons(ETH_P_IP)) 6731da177e4SLinus Torvalds goto out; 6741da177e4SLinus Torvalds break; 6751da177e4SLinus Torvalds case ARPHRD_AX25: 6761da177e4SLinus Torvalds if (arp->ar_pro != htons(AX25_P_IP) || 6771da177e4SLinus Torvalds arp->ar_hrd != htons(ARPHRD_AX25)) 6781da177e4SLinus Torvalds goto out; 6791da177e4SLinus Torvalds break; 6801da177e4SLinus Torvalds case ARPHRD_NETROM: 6811da177e4SLinus Torvalds if (arp->ar_pro != htons(AX25_P_IP) || 6821da177e4SLinus Torvalds arp->ar_hrd != htons(ARPHRD_NETROM)) 6831da177e4SLinus Torvalds goto out; 6841da177e4SLinus Torvalds break; 6851da177e4SLinus Torvalds } 6861da177e4SLinus Torvalds 6871da177e4SLinus Torvalds /* Understand only these message types */ 6881da177e4SLinus Torvalds 6891da177e4SLinus Torvalds if (arp->ar_op != htons(ARPOP_REPLY) && 6901da177e4SLinus Torvalds arp->ar_op != htons(ARPOP_REQUEST)) 6911da177e4SLinus Torvalds goto out; 6921da177e4SLinus Torvalds 6931da177e4SLinus Torvalds /* 6941da177e4SLinus Torvalds * Extract fields 6951da177e4SLinus Torvalds */ 6961da177e4SLinus Torvalds arp_ptr = (unsigned char *)(arp + 1); 6971da177e4SLinus Torvalds sha = arp_ptr; 6981da177e4SLinus Torvalds arp_ptr += dev->addr_len; 6991da177e4SLinus Torvalds memcpy(&sip, arp_ptr, 4); 7001da177e4SLinus Torvalds arp_ptr += 4; 7016752c8dbSYOSHIFUJI Hideaki / 吉藤英明 switch (dev_type) { 7026752c8dbSYOSHIFUJI Hideaki / 吉藤英明 #if IS_ENABLED(CONFIG_FIREWIRE_NET) 7036752c8dbSYOSHIFUJI Hideaki / 吉藤英明 case ARPHRD_IEEE1394: 7046752c8dbSYOSHIFUJI Hideaki / 吉藤英明 break; 7056752c8dbSYOSHIFUJI Hideaki / 吉藤英明 #endif 7066752c8dbSYOSHIFUJI Hideaki / 吉藤英明 default: 7071da177e4SLinus Torvalds arp_ptr += dev->addr_len; 7086752c8dbSYOSHIFUJI Hideaki / 吉藤英明 } 7091da177e4SLinus Torvalds memcpy(&tip, arp_ptr, 4); 7101da177e4SLinus Torvalds /* 7111da177e4SLinus Torvalds * Check for bad requests for 127.x.x.x and requests for multicast 7121da177e4SLinus Torvalds * addresses. If this is one such, delete it. 7131da177e4SLinus Torvalds */ 714d0daebc3SThomas Graf if (ipv4_is_multicast(tip) || 715d0daebc3SThomas Graf (!IN_DEV_ROUTE_LOCALNET(in_dev) && ipv4_is_loopback(tip))) 7161da177e4SLinus Torvalds goto out; 7171da177e4SLinus Torvalds 7181da177e4SLinus Torvalds /* 7191da177e4SLinus Torvalds * Special case: We must set Frame Relay source Q.922 address 7201da177e4SLinus Torvalds */ 7211da177e4SLinus Torvalds if (dev_type == ARPHRD_DLCI) 7221da177e4SLinus Torvalds sha = dev->broadcast; 7231da177e4SLinus Torvalds 7241da177e4SLinus Torvalds /* 7251da177e4SLinus Torvalds * Process entry. The idea here is we want to send a reply if it is a 7261da177e4SLinus Torvalds * request for us or if it is a request for someone else that we hold 7271da177e4SLinus Torvalds * a proxy for. We want to add an entry to our cache if it is a reply 7281da177e4SLinus Torvalds * to us or if it is a request for our address. 7291da177e4SLinus Torvalds * (The assumption for this last is that if someone is requesting our 7301da177e4SLinus Torvalds * address, they are probably intending to talk to us, so it saves time 7311da177e4SLinus Torvalds * if we cache their address. Their address is also probably not in 7321da177e4SLinus Torvalds * our cache, since ours is not in their cache.) 7331da177e4SLinus Torvalds * 7341da177e4SLinus Torvalds * Putting this another way, we only care about replies if they are to 7351da177e4SLinus Torvalds * us, in which case we add them to the cache. For requests, we care 7361da177e4SLinus Torvalds * about those for us and those for our proxies. We reply to both, 7371da177e4SLinus Torvalds * and in the case of requests for us we add the requester to the arp 7381da177e4SLinus Torvalds * cache. 7391da177e4SLinus Torvalds */ 7401da177e4SLinus Torvalds 741f8a68e75SEric W. Biederman /* Special case: IPv4 duplicate address detection packet (RFC2131) */ 742f8a68e75SEric W. Biederman if (sip == 0) { 7431da177e4SLinus Torvalds if (arp->ar_op == htons(ARPOP_REQUEST) && 74449e8a279SDenis V. Lunev inet_addr_type(net, tip) == RTN_LOCAL && 7459bd85e32SDenis V. Lunev !arp_ignore(in_dev, sip, tip)) 746b4a9811cSJonas Danielsson arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha, 747b4a9811cSJonas Danielsson dev->dev_addr, sha); 7481da177e4SLinus Torvalds goto out; 7491da177e4SLinus Torvalds } 7501da177e4SLinus Torvalds 7511da177e4SLinus Torvalds if (arp->ar_op == htons(ARPOP_REQUEST) && 752c6cffba4SDavid S. Miller ip_route_input_noref(skb, tip, sip, 0, dev) == 0) { 7531da177e4SLinus Torvalds 754511c3f92SEric Dumazet rt = skb_rtable(skb); 7551da177e4SLinus Torvalds addr_type = rt->rt_type; 7561da177e4SLinus Torvalds 7571da177e4SLinus Torvalds if (addr_type == RTN_LOCAL) { 758deffd777SChangli Gao int dont_send; 7591da177e4SLinus Torvalds 760deffd777SChangli Gao dont_send = arp_ignore(in_dev, sip, tip); 7611da177e4SLinus Torvalds if (!dont_send && IN_DEV_ARPFILTER(in_dev)) 762ae9c416dSChangli Gao dont_send = arp_filter(sip, tip, dev); 7638164f1b7SBen Greear if (!dont_send) { 7648164f1b7SBen Greear n = neigh_event_ns(&arp_tbl, sha, &sip, dev); 7658164f1b7SBen Greear if (n) { 766deffd777SChangli Gao arp_send(ARPOP_REPLY, ETH_P_ARP, sip, 767deffd777SChangli Gao dev, tip, sha, dev->dev_addr, 768deffd777SChangli Gao sha); 7691da177e4SLinus Torvalds neigh_release(n); 7701da177e4SLinus Torvalds } 7718164f1b7SBen Greear } 7721da177e4SLinus Torvalds goto out; 7731da177e4SLinus Torvalds } else if (IN_DEV_FORWARD(in_dev)) { 77465324144SJesper Dangaard Brouer if (addr_type == RTN_UNICAST && 77565324144SJesper Dangaard Brouer (arp_fwd_proxy(in_dev, dev, rt) || 77665324144SJesper Dangaard Brouer arp_fwd_pvlan(in_dev, dev, rt, sip, tip) || 77770620c46SThomas Graf (rt->dst.dev != dev && 77870620c46SThomas Graf pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) { 7791da177e4SLinus Torvalds n = neigh_event_ns(&arp_tbl, sha, &sip, dev); 7801da177e4SLinus Torvalds if (n) 7811da177e4SLinus Torvalds neigh_release(n); 7821da177e4SLinus Torvalds 783a61bbcf2SPatrick McHardy if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED || 7841da177e4SLinus Torvalds skb->pkt_type == PACKET_HOST || 7851f9248e5SJiri Pirko NEIGH_VAR(in_dev->arp_parms, PROXY_DELAY) == 0) { 786deffd777SChangli Gao arp_send(ARPOP_REPLY, ETH_P_ARP, sip, 787deffd777SChangli Gao dev, tip, sha, dev->dev_addr, 788deffd777SChangli Gao sha); 7891da177e4SLinus Torvalds } else { 790deffd777SChangli Gao pneigh_enqueue(&arp_tbl, 791deffd777SChangli Gao in_dev->arp_parms, skb); 7921da177e4SLinus Torvalds return 0; 7931da177e4SLinus Torvalds } 7941da177e4SLinus Torvalds goto out; 7951da177e4SLinus Torvalds } 7961da177e4SLinus Torvalds } 7971da177e4SLinus Torvalds } 7981da177e4SLinus Torvalds 7991da177e4SLinus Torvalds /* Update our ARP tables */ 8001da177e4SLinus Torvalds 8011da177e4SLinus Torvalds n = __neigh_lookup(&arp_tbl, &sip, dev, 0); 8021da177e4SLinus Torvalds 803124d37e9SNeil Horman if (IN_DEV_ARP_ACCEPT(in_dev)) { 8041da177e4SLinus Torvalds /* Unsolicited ARP is not accepted by default. 8051da177e4SLinus Torvalds It is possible, that this option should be enabled for some 8061da177e4SLinus Torvalds devices (strip is candidate) 8071da177e4SLinus Torvalds */ 80856022a8fSSalam Noureddine is_garp = arp->ar_op == htons(ARPOP_REQUEST) && tip == sip && 80956022a8fSSalam Noureddine inet_addr_type(net, sip) == RTN_UNICAST; 81056022a8fSSalam Noureddine 811*51456b29SIan Morris if (!n && 81256022a8fSSalam Noureddine ((arp->ar_op == htons(ARPOP_REPLY) && 81356022a8fSSalam Noureddine inet_addr_type(net, sip) == RTN_UNICAST) || is_garp)) 8141b1ac759SJean Delvare n = __neigh_lookup(&arp_tbl, &sip, dev, 1); 815abd596a4SNeil Horman } 8161da177e4SLinus Torvalds 8171da177e4SLinus Torvalds if (n) { 8181da177e4SLinus Torvalds int state = NUD_REACHABLE; 8191da177e4SLinus Torvalds int override; 8201da177e4SLinus Torvalds 8211da177e4SLinus Torvalds /* If several different ARP replies follows back-to-back, 8221da177e4SLinus Torvalds use the FIRST one. It is possible, if several proxy 8231da177e4SLinus Torvalds agents are active. Taking the first reply prevents 8241da177e4SLinus Torvalds arp trashing and chooses the fastest router. 8251da177e4SLinus Torvalds */ 82656022a8fSSalam Noureddine override = time_after(jiffies, 82756022a8fSSalam Noureddine n->updated + 82856022a8fSSalam Noureddine NEIGH_VAR(n->parms, LOCKTIME)) || 82956022a8fSSalam Noureddine is_garp; 8301da177e4SLinus Torvalds 8311da177e4SLinus Torvalds /* Broadcast replies and request packets 8321da177e4SLinus Torvalds do not assert neighbour reachability. 8331da177e4SLinus Torvalds */ 8341da177e4SLinus Torvalds if (arp->ar_op != htons(ARPOP_REPLY) || 8351da177e4SLinus Torvalds skb->pkt_type != PACKET_HOST) 8361da177e4SLinus Torvalds state = NUD_STALE; 837deffd777SChangli Gao neigh_update(n, sha, state, 838deffd777SChangli Gao override ? NEIGH_UPDATE_F_OVERRIDE : 0); 8391da177e4SLinus Torvalds neigh_release(n); 8401da177e4SLinus Torvalds } 8411da177e4SLinus Torvalds 8421da177e4SLinus Torvalds out: 843ead2ceb0SNeil Horman consume_skb(skb); 8441da177e4SLinus Torvalds return 0; 8451da177e4SLinus Torvalds } 8461da177e4SLinus Torvalds 847444fc8fcSHerbert Xu static void parp_redo(struct sk_buff *skb) 848444fc8fcSHerbert Xu { 849444fc8fcSHerbert Xu arp_process(skb); 850444fc8fcSHerbert Xu } 851444fc8fcSHerbert Xu 8521da177e4SLinus Torvalds 8531da177e4SLinus Torvalds /* 8541da177e4SLinus Torvalds * Receive an arp request from the device layer. 8551da177e4SLinus Torvalds */ 8561da177e4SLinus Torvalds 8576c97e72aSAdrian Bunk static int arp_rcv(struct sk_buff *skb, struct net_device *dev, 8586c97e72aSAdrian Bunk struct packet_type *pt, struct net_device *orig_dev) 8591da177e4SLinus Torvalds { 860044453b3SEric Dumazet const struct arphdr *arp; 861044453b3SEric Dumazet 862825bae5dSRick Jones /* do not tweak dropwatch on an ARP we will ignore */ 863044453b3SEric Dumazet if (dev->flags & IFF_NOARP || 864044453b3SEric Dumazet skb->pkt_type == PACKET_OTHERHOST || 865044453b3SEric Dumazet skb->pkt_type == PACKET_LOOPBACK) 866825bae5dSRick Jones goto consumeskb; 867044453b3SEric Dumazet 868044453b3SEric Dumazet skb = skb_share_check(skb, GFP_ATOMIC); 869044453b3SEric Dumazet if (!skb) 870044453b3SEric Dumazet goto out_of_mem; 8711da177e4SLinus Torvalds 8721da177e4SLinus Torvalds /* ARP header, plus 2 device addresses, plus 2 IP addresses. */ 873988b7050SPavel Emelyanov if (!pskb_may_pull(skb, arp_hdr_len(dev))) 8741da177e4SLinus Torvalds goto freeskb; 8751da177e4SLinus Torvalds 876d0a92be0SArnaldo Carvalho de Melo arp = arp_hdr(skb); 877044453b3SEric Dumazet if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4) 8781da177e4SLinus Torvalds goto freeskb; 8791da177e4SLinus Torvalds 880a61bbcf2SPatrick McHardy memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb)); 881a61bbcf2SPatrick McHardy 882fdc9314cSJan Engelhardt return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, skb, dev, NULL, arp_process); 8831da177e4SLinus Torvalds 884825bae5dSRick Jones consumeskb: 885825bae5dSRick Jones consume_skb(skb); 886825bae5dSRick Jones return 0; 8871da177e4SLinus Torvalds freeskb: 8881da177e4SLinus Torvalds kfree_skb(skb); 8891da177e4SLinus Torvalds out_of_mem: 8901da177e4SLinus Torvalds return 0; 8911da177e4SLinus Torvalds } 8921da177e4SLinus Torvalds 8931da177e4SLinus Torvalds /* 8941da177e4SLinus Torvalds * User level interface (ioctl) 8951da177e4SLinus Torvalds */ 8961da177e4SLinus Torvalds 8971da177e4SLinus Torvalds /* 8981da177e4SLinus Torvalds * Set (create) an ARP cache entry. 8991da177e4SLinus Torvalds */ 9001da177e4SLinus Torvalds 90132e569b7SPavel Emelyanov static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on) 902f8b33fdfSPavel Emelyanov { 903*51456b29SIan Morris if (!dev) { 904586f1211SPavel Emelyanov IPV4_DEVCONF_ALL(net, PROXY_ARP) = on; 905f8b33fdfSPavel Emelyanov return 0; 906f8b33fdfSPavel Emelyanov } 907c506653dSEric Dumazet if (__in_dev_get_rtnl(dev)) { 908c506653dSEric Dumazet IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on); 909f8b33fdfSPavel Emelyanov return 0; 910f8b33fdfSPavel Emelyanov } 911f8b33fdfSPavel Emelyanov return -ENXIO; 912f8b33fdfSPavel Emelyanov } 913f8b33fdfSPavel Emelyanov 91432e569b7SPavel Emelyanov static int arp_req_set_public(struct net *net, struct arpreq *r, 91532e569b7SPavel Emelyanov struct net_device *dev) 9161da177e4SLinus Torvalds { 917ed9bad06SAl Viro __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 918ed9bad06SAl Viro __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr; 91943dc1701SPavel Emelyanov 920ed9bad06SAl Viro if (mask && mask != htonl(0xFFFFFFFF)) 9211da177e4SLinus Torvalds return -EINVAL; 9221da177e4SLinus Torvalds if (!dev && (r->arp_flags & ATF_COM)) { 923941666c2SEric Dumazet dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family, 92443dc1701SPavel Emelyanov r->arp_ha.sa_data); 9251da177e4SLinus Torvalds if (!dev) 9261da177e4SLinus Torvalds return -ENODEV; 9271da177e4SLinus Torvalds } 9281da177e4SLinus Torvalds if (mask) { 929*51456b29SIan Morris if (!pneigh_lookup(&arp_tbl, net, &ip, dev, 1)) 9301da177e4SLinus Torvalds return -ENOBUFS; 9311da177e4SLinus Torvalds return 0; 9321da177e4SLinus Torvalds } 933f8b33fdfSPavel Emelyanov 93432e569b7SPavel Emelyanov return arp_req_set_proxy(net, dev, 1); 9351da177e4SLinus Torvalds } 9361da177e4SLinus Torvalds 93732e569b7SPavel Emelyanov static int arp_req_set(struct net *net, struct arpreq *r, 93832e569b7SPavel Emelyanov struct net_device *dev) 93943dc1701SPavel Emelyanov { 94043dc1701SPavel Emelyanov __be32 ip; 94143dc1701SPavel Emelyanov struct neighbour *neigh; 94243dc1701SPavel Emelyanov int err; 94343dc1701SPavel Emelyanov 94443dc1701SPavel Emelyanov if (r->arp_flags & ATF_PUBL) 94532e569b7SPavel Emelyanov return arp_req_set_public(net, r, dev); 94643dc1701SPavel Emelyanov 94743dc1701SPavel Emelyanov ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 9481da177e4SLinus Torvalds if (r->arp_flags & ATF_PERM) 9491da177e4SLinus Torvalds r->arp_flags |= ATF_COM; 950*51456b29SIan Morris if (!dev) { 95178fbfd8aSDavid S. Miller struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0); 952b23dd4feSDavid S. Miller 953b23dd4feSDavid S. Miller if (IS_ERR(rt)) 954b23dd4feSDavid S. Miller return PTR_ERR(rt); 955d8d1f30bSChangli Gao dev = rt->dst.dev; 9561da177e4SLinus Torvalds ip_rt_put(rt); 9571da177e4SLinus Torvalds if (!dev) 9581da177e4SLinus Torvalds return -EINVAL; 9591da177e4SLinus Torvalds } 9601da177e4SLinus Torvalds switch (dev->type) { 96140e4783eSIgor Maravic #if IS_ENABLED(CONFIG_FDDI) 9621da177e4SLinus Torvalds case ARPHRD_FDDI: 9631da177e4SLinus Torvalds /* 9641da177e4SLinus Torvalds * According to RFC 1390, FDDI devices should accept ARP 9651da177e4SLinus Torvalds * hardware types of 1 (Ethernet). However, to be more 9661da177e4SLinus Torvalds * robust, we'll accept hardware types of either 1 (Ethernet) 9671da177e4SLinus Torvalds * or 6 (IEEE 802.2). 9681da177e4SLinus Torvalds */ 9691da177e4SLinus Torvalds if (r->arp_ha.sa_family != ARPHRD_FDDI && 9701da177e4SLinus Torvalds r->arp_ha.sa_family != ARPHRD_ETHER && 9711da177e4SLinus Torvalds r->arp_ha.sa_family != ARPHRD_IEEE802) 9721da177e4SLinus Torvalds return -EINVAL; 9731da177e4SLinus Torvalds break; 9741da177e4SLinus Torvalds #endif 9751da177e4SLinus Torvalds default: 9761da177e4SLinus Torvalds if (r->arp_ha.sa_family != dev->type) 9771da177e4SLinus Torvalds return -EINVAL; 9781da177e4SLinus Torvalds break; 9791da177e4SLinus Torvalds } 9801da177e4SLinus Torvalds 9811da177e4SLinus Torvalds neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev); 9821da177e4SLinus Torvalds err = PTR_ERR(neigh); 9831da177e4SLinus Torvalds if (!IS_ERR(neigh)) { 98495c96174SEric Dumazet unsigned int state = NUD_STALE; 9851da177e4SLinus Torvalds if (r->arp_flags & ATF_PERM) 9861da177e4SLinus Torvalds state = NUD_PERMANENT; 9871da177e4SLinus Torvalds err = neigh_update(neigh, (r->arp_flags & ATF_COM) ? 9881da177e4SLinus Torvalds r->arp_ha.sa_data : NULL, state, 9891da177e4SLinus Torvalds NEIGH_UPDATE_F_OVERRIDE | 9901da177e4SLinus Torvalds NEIGH_UPDATE_F_ADMIN); 9911da177e4SLinus Torvalds neigh_release(neigh); 9921da177e4SLinus Torvalds } 9931da177e4SLinus Torvalds return err; 9941da177e4SLinus Torvalds } 9951da177e4SLinus Torvalds 99695c96174SEric Dumazet static unsigned int arp_state_to_flags(struct neighbour *neigh) 9971da177e4SLinus Torvalds { 9981da177e4SLinus Torvalds if (neigh->nud_state&NUD_PERMANENT) 999deffd777SChangli Gao return ATF_PERM | ATF_COM; 10001da177e4SLinus Torvalds else if (neigh->nud_state&NUD_VALID) 1001deffd777SChangli Gao return ATF_COM; 1002deffd777SChangli Gao else 1003deffd777SChangli Gao return 0; 10041da177e4SLinus Torvalds } 10051da177e4SLinus Torvalds 10061da177e4SLinus Torvalds /* 10071da177e4SLinus Torvalds * Get an ARP cache entry. 10081da177e4SLinus Torvalds */ 10091da177e4SLinus Torvalds 10101da177e4SLinus Torvalds static int arp_req_get(struct arpreq *r, struct net_device *dev) 10111da177e4SLinus Torvalds { 1012ed9bad06SAl Viro __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr; 10131da177e4SLinus Torvalds struct neighbour *neigh; 10141da177e4SLinus Torvalds int err = -ENXIO; 10151da177e4SLinus Torvalds 10161da177e4SLinus Torvalds neigh = neigh_lookup(&arp_tbl, &ip, dev); 10171da177e4SLinus Torvalds if (neigh) { 10181da177e4SLinus Torvalds read_lock_bh(&neigh->lock); 10191da177e4SLinus Torvalds memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len); 10201da177e4SLinus Torvalds r->arp_flags = arp_state_to_flags(neigh); 10211da177e4SLinus Torvalds read_unlock_bh(&neigh->lock); 10221da177e4SLinus Torvalds r->arp_ha.sa_family = dev->type; 10231da177e4SLinus Torvalds strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev)); 10241da177e4SLinus Torvalds neigh_release(neigh); 10251da177e4SLinus Torvalds err = 0; 10261da177e4SLinus Torvalds } 10271da177e4SLinus Torvalds return err; 10281da177e4SLinus Torvalds } 10291da177e4SLinus Torvalds 10307195cf72SStephen Hemminger static int arp_invalidate(struct net_device *dev, __be32 ip) 1031545ecdc3SMaxim Levitsky { 1032545ecdc3SMaxim Levitsky struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev); 1033545ecdc3SMaxim Levitsky int err = -ENXIO; 1034545ecdc3SMaxim Levitsky 1035545ecdc3SMaxim Levitsky if (neigh) { 1036545ecdc3SMaxim Levitsky if (neigh->nud_state & ~NUD_NOARP) 1037545ecdc3SMaxim Levitsky err = neigh_update(neigh, NULL, NUD_FAILED, 1038545ecdc3SMaxim Levitsky NEIGH_UPDATE_F_OVERRIDE| 1039545ecdc3SMaxim Levitsky NEIGH_UPDATE_F_ADMIN); 1040545ecdc3SMaxim Levitsky neigh_release(neigh); 1041545ecdc3SMaxim Levitsky } 1042545ecdc3SMaxim Levitsky 1043545ecdc3SMaxim Levitsky return err; 1044545ecdc3SMaxim Levitsky } 1045545ecdc3SMaxim Levitsky 104632e569b7SPavel Emelyanov static int arp_req_delete_public(struct net *net, struct arpreq *r, 104732e569b7SPavel Emelyanov struct net_device *dev) 10481da177e4SLinus Torvalds { 1049ed9bad06SAl Viro __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr; 105046479b43SPavel Emelyanov __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr; 10511da177e4SLinus Torvalds 1052ed9bad06SAl Viro if (mask == htonl(0xFFFFFFFF)) 10532db82b53SDenis V. Lunev return pneigh_delete(&arp_tbl, net, &ip, dev); 105446479b43SPavel Emelyanov 1055f8b33fdfSPavel Emelyanov if (mask) 10561da177e4SLinus Torvalds return -EINVAL; 1057f8b33fdfSPavel Emelyanov 105832e569b7SPavel Emelyanov return arp_req_set_proxy(net, dev, 0); 10591da177e4SLinus Torvalds } 10601da177e4SLinus Torvalds 106132e569b7SPavel Emelyanov static int arp_req_delete(struct net *net, struct arpreq *r, 106232e569b7SPavel Emelyanov struct net_device *dev) 106346479b43SPavel Emelyanov { 106446479b43SPavel Emelyanov __be32 ip; 106546479b43SPavel Emelyanov 106646479b43SPavel Emelyanov if (r->arp_flags & ATF_PUBL) 106732e569b7SPavel Emelyanov return arp_req_delete_public(net, r, dev); 106846479b43SPavel Emelyanov 106946479b43SPavel Emelyanov ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 1070*51456b29SIan Morris if (!dev) { 107178fbfd8aSDavid S. Miller struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0); 1072b23dd4feSDavid S. Miller if (IS_ERR(rt)) 1073b23dd4feSDavid S. Miller return PTR_ERR(rt); 1074d8d1f30bSChangli Gao dev = rt->dst.dev; 10751da177e4SLinus Torvalds ip_rt_put(rt); 10761da177e4SLinus Torvalds if (!dev) 10771da177e4SLinus Torvalds return -EINVAL; 10781da177e4SLinus Torvalds } 1079545ecdc3SMaxim Levitsky return arp_invalidate(dev, ip); 10801da177e4SLinus Torvalds } 10811da177e4SLinus Torvalds 10821da177e4SLinus Torvalds /* 10831da177e4SLinus Torvalds * Handle an ARP layer I/O control request. 10841da177e4SLinus Torvalds */ 10851da177e4SLinus Torvalds 108632e569b7SPavel Emelyanov int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg) 10871da177e4SLinus Torvalds { 10881da177e4SLinus Torvalds int err; 10891da177e4SLinus Torvalds struct arpreq r; 10901da177e4SLinus Torvalds struct net_device *dev = NULL; 10911da177e4SLinus Torvalds 10921da177e4SLinus Torvalds switch (cmd) { 10931da177e4SLinus Torvalds case SIOCDARP: 10941da177e4SLinus Torvalds case SIOCSARP: 109552e804c6SEric W. Biederman if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 10961da177e4SLinus Torvalds return -EPERM; 10971da177e4SLinus Torvalds case SIOCGARP: 10981da177e4SLinus Torvalds err = copy_from_user(&r, arg, sizeof(struct arpreq)); 10991da177e4SLinus Torvalds if (err) 11001da177e4SLinus Torvalds return -EFAULT; 11011da177e4SLinus Torvalds break; 11021da177e4SLinus Torvalds default: 11031da177e4SLinus Torvalds return -EINVAL; 11041da177e4SLinus Torvalds } 11051da177e4SLinus Torvalds 11061da177e4SLinus Torvalds if (r.arp_pa.sa_family != AF_INET) 11071da177e4SLinus Torvalds return -EPFNOSUPPORT; 11081da177e4SLinus Torvalds 11091da177e4SLinus Torvalds if (!(r.arp_flags & ATF_PUBL) && 11101da177e4SLinus Torvalds (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB))) 11111da177e4SLinus Torvalds return -EINVAL; 11121da177e4SLinus Torvalds if (!(r.arp_flags & ATF_NETMASK)) 11131da177e4SLinus Torvalds ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr = 11141da177e4SLinus Torvalds htonl(0xFFFFFFFFUL); 1115c506653dSEric Dumazet rtnl_lock(); 11161da177e4SLinus Torvalds if (r.arp_dev[0]) { 11171da177e4SLinus Torvalds err = -ENODEV; 1118c506653dSEric Dumazet dev = __dev_get_by_name(net, r.arp_dev); 1119*51456b29SIan Morris if (!dev) 11201da177e4SLinus Torvalds goto out; 11211da177e4SLinus Torvalds 11221da177e4SLinus Torvalds /* Mmmm... It is wrong... ARPHRD_NETROM==0 */ 11231da177e4SLinus Torvalds if (!r.arp_ha.sa_family) 11241da177e4SLinus Torvalds r.arp_ha.sa_family = dev->type; 11251da177e4SLinus Torvalds err = -EINVAL; 11261da177e4SLinus Torvalds if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type) 11271da177e4SLinus Torvalds goto out; 11281da177e4SLinus Torvalds } else if (cmd == SIOCGARP) { 11291da177e4SLinus Torvalds err = -ENODEV; 11301da177e4SLinus Torvalds goto out; 11311da177e4SLinus Torvalds } 11321da177e4SLinus Torvalds 11331da177e4SLinus Torvalds switch (cmd) { 11341da177e4SLinus Torvalds case SIOCDARP: 113532e569b7SPavel Emelyanov err = arp_req_delete(net, &r, dev); 11361da177e4SLinus Torvalds break; 11371da177e4SLinus Torvalds case SIOCSARP: 113832e569b7SPavel Emelyanov err = arp_req_set(net, &r, dev); 11391da177e4SLinus Torvalds break; 11401da177e4SLinus Torvalds case SIOCGARP: 11411da177e4SLinus Torvalds err = arp_req_get(&r, dev); 11421da177e4SLinus Torvalds break; 11431da177e4SLinus Torvalds } 11441da177e4SLinus Torvalds out: 1145c506653dSEric Dumazet rtnl_unlock(); 1146941666c2SEric Dumazet if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r))) 1147941666c2SEric Dumazet err = -EFAULT; 11481da177e4SLinus Torvalds return err; 11491da177e4SLinus Torvalds } 11501da177e4SLinus Torvalds 1151deffd777SChangli Gao static int arp_netdev_event(struct notifier_block *this, unsigned long event, 1152deffd777SChangli Gao void *ptr) 11531da177e4SLinus Torvalds { 1154351638e7SJiri Pirko struct net_device *dev = netdev_notifier_info_to_dev(ptr); 11556c8b4e3fSTimo Teräs struct netdev_notifier_change_info *change_info; 11561da177e4SLinus Torvalds 11571da177e4SLinus Torvalds switch (event) { 11581da177e4SLinus Torvalds case NETDEV_CHANGEADDR: 11591da177e4SLinus Torvalds neigh_changeaddr(&arp_tbl, dev); 1160bafa6d9dSNicolas Dichtel rt_cache_flush(dev_net(dev)); 11611da177e4SLinus Torvalds break; 11626c8b4e3fSTimo Teräs case NETDEV_CHANGE: 11636c8b4e3fSTimo Teräs change_info = ptr; 11646c8b4e3fSTimo Teräs if (change_info->flags_changed & IFF_NOARP) 11656c8b4e3fSTimo Teräs neigh_changeaddr(&arp_tbl, dev); 11666c8b4e3fSTimo Teräs break; 11671da177e4SLinus Torvalds default: 11681da177e4SLinus Torvalds break; 11691da177e4SLinus Torvalds } 11701da177e4SLinus Torvalds 11711da177e4SLinus Torvalds return NOTIFY_DONE; 11721da177e4SLinus Torvalds } 11731da177e4SLinus Torvalds 11741da177e4SLinus Torvalds static struct notifier_block arp_netdev_notifier = { 11751da177e4SLinus Torvalds .notifier_call = arp_netdev_event, 11761da177e4SLinus Torvalds }; 11771da177e4SLinus Torvalds 11781da177e4SLinus Torvalds /* Note, that it is not on notifier chain. 11791da177e4SLinus Torvalds It is necessary, that this routine was called after route cache will be 11801da177e4SLinus Torvalds flushed. 11811da177e4SLinus Torvalds */ 11821da177e4SLinus Torvalds void arp_ifdown(struct net_device *dev) 11831da177e4SLinus Torvalds { 11841da177e4SLinus Torvalds neigh_ifdown(&arp_tbl, dev); 11851da177e4SLinus Torvalds } 11861da177e4SLinus Torvalds 11871da177e4SLinus Torvalds 11881da177e4SLinus Torvalds /* 11891da177e4SLinus Torvalds * Called once on startup. 11901da177e4SLinus Torvalds */ 11911da177e4SLinus Torvalds 11927546dd97SStephen Hemminger static struct packet_type arp_packet_type __read_mostly = { 119309640e63SHarvey Harrison .type = cpu_to_be16(ETH_P_ARP), 11941da177e4SLinus Torvalds .func = arp_rcv, 11951da177e4SLinus Torvalds }; 11961da177e4SLinus Torvalds 11971da177e4SLinus Torvalds static int arp_proc_init(void); 11981da177e4SLinus Torvalds 11991da177e4SLinus Torvalds void __init arp_init(void) 12001da177e4SLinus Torvalds { 1201d7480fd3SWANG Cong neigh_table_init(NEIGH_ARP_TABLE, &arp_tbl); 12021da177e4SLinus Torvalds 12031da177e4SLinus Torvalds dev_add_pack(&arp_packet_type); 12041da177e4SLinus Torvalds arp_proc_init(); 12051da177e4SLinus Torvalds #ifdef CONFIG_SYSCTL 120673af614aSJiri Pirko neigh_sysctl_register(NULL, &arp_tbl.parms, NULL); 12071da177e4SLinus Torvalds #endif 12081da177e4SLinus Torvalds register_netdevice_notifier(&arp_netdev_notifier); 12091da177e4SLinus Torvalds } 12101da177e4SLinus Torvalds 12111da177e4SLinus Torvalds #ifdef CONFIG_PROC_FS 121240e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 12131da177e4SLinus Torvalds 12141da177e4SLinus Torvalds /* ------------------------------------------------------------------------ */ 12151da177e4SLinus Torvalds /* 12161da177e4SLinus Torvalds * ax25 -> ASCII conversion 12171da177e4SLinus Torvalds */ 12181da177e4SLinus Torvalds static char *ax2asc2(ax25_address *a, char *buf) 12191da177e4SLinus Torvalds { 12201da177e4SLinus Torvalds char c, *s; 12211da177e4SLinus Torvalds int n; 12221da177e4SLinus Torvalds 12231da177e4SLinus Torvalds for (n = 0, s = buf; n < 6; n++) { 12241da177e4SLinus Torvalds c = (a->ax25_call[n] >> 1) & 0x7F; 12251da177e4SLinus Torvalds 1226deffd777SChangli Gao if (c != ' ') 1227deffd777SChangli Gao *s++ = c; 12281da177e4SLinus Torvalds } 12291da177e4SLinus Torvalds 12301da177e4SLinus Torvalds *s++ = '-'; 1231deffd777SChangli Gao n = (a->ax25_call[6] >> 1) & 0x0F; 1232deffd777SChangli Gao if (n > 9) { 12331da177e4SLinus Torvalds *s++ = '1'; 12341da177e4SLinus Torvalds n -= 10; 12351da177e4SLinus Torvalds } 12361da177e4SLinus Torvalds 12371da177e4SLinus Torvalds *s++ = n + '0'; 12381da177e4SLinus Torvalds *s++ = '\0'; 12391da177e4SLinus Torvalds 12401da177e4SLinus Torvalds if (*buf == '\0' || *buf == '-') 12411da177e4SLinus Torvalds return "*"; 12421da177e4SLinus Torvalds 12431da177e4SLinus Torvalds return buf; 12441da177e4SLinus Torvalds } 12451da177e4SLinus Torvalds #endif /* CONFIG_AX25 */ 12461da177e4SLinus Torvalds 12471da177e4SLinus Torvalds #define HBUFFERLEN 30 12481da177e4SLinus Torvalds 12491da177e4SLinus Torvalds static void arp_format_neigh_entry(struct seq_file *seq, 12501da177e4SLinus Torvalds struct neighbour *n) 12511da177e4SLinus Torvalds { 12521da177e4SLinus Torvalds char hbuffer[HBUFFERLEN]; 12531da177e4SLinus Torvalds int k, j; 12541da177e4SLinus Torvalds char tbuf[16]; 12551da177e4SLinus Torvalds struct net_device *dev = n->dev; 12561da177e4SLinus Torvalds int hatype = dev->type; 12571da177e4SLinus Torvalds 12581da177e4SLinus Torvalds read_lock(&n->lock); 12591da177e4SLinus Torvalds /* Convert hardware address to XX:XX:XX:XX ... form. */ 126040e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 12611da177e4SLinus Torvalds if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM) 12621da177e4SLinus Torvalds ax2asc2((ax25_address *)n->ha, hbuffer); 12631da177e4SLinus Torvalds else { 12641da177e4SLinus Torvalds #endif 12651da177e4SLinus Torvalds for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) { 126651f82a2bSDenis Cheng hbuffer[k++] = hex_asc_hi(n->ha[j]); 126751f82a2bSDenis Cheng hbuffer[k++] = hex_asc_lo(n->ha[j]); 12681da177e4SLinus Torvalds hbuffer[k++] = ':'; 12691da177e4SLinus Torvalds } 1270a3e8ee68Sroel kluin if (k != 0) 1271a3e8ee68Sroel kluin --k; 1272a3e8ee68Sroel kluin hbuffer[k] = 0; 127340e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 12741da177e4SLinus Torvalds } 12751da177e4SLinus Torvalds #endif 1276673d57e7SHarvey Harrison sprintf(tbuf, "%pI4", n->primary_key); 12771da177e4SLinus Torvalds seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", 12781da177e4SLinus Torvalds tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); 12791da177e4SLinus Torvalds read_unlock(&n->lock); 12801da177e4SLinus Torvalds } 12811da177e4SLinus Torvalds 12821da177e4SLinus Torvalds static void arp_format_pneigh_entry(struct seq_file *seq, 12831da177e4SLinus Torvalds struct pneigh_entry *n) 12841da177e4SLinus Torvalds { 12851da177e4SLinus Torvalds struct net_device *dev = n->dev; 12861da177e4SLinus Torvalds int hatype = dev ? dev->type : 0; 12871da177e4SLinus Torvalds char tbuf[16]; 12881da177e4SLinus Torvalds 1289673d57e7SHarvey Harrison sprintf(tbuf, "%pI4", n->key); 12901da177e4SLinus Torvalds seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", 12911da177e4SLinus Torvalds tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", 12921da177e4SLinus Torvalds dev ? dev->name : "*"); 12931da177e4SLinus Torvalds } 12941da177e4SLinus Torvalds 12951da177e4SLinus Torvalds static int arp_seq_show(struct seq_file *seq, void *v) 12961da177e4SLinus Torvalds { 12971da177e4SLinus Torvalds if (v == SEQ_START_TOKEN) { 12981da177e4SLinus Torvalds seq_puts(seq, "IP address HW type Flags " 12991da177e4SLinus Torvalds "HW address Mask Device\n"); 13001da177e4SLinus Torvalds } else { 13011da177e4SLinus Torvalds struct neigh_seq_state *state = seq->private; 13021da177e4SLinus Torvalds 13031da177e4SLinus Torvalds if (state->flags & NEIGH_SEQ_IS_PNEIGH) 13041da177e4SLinus Torvalds arp_format_pneigh_entry(seq, v); 13051da177e4SLinus Torvalds else 13061da177e4SLinus Torvalds arp_format_neigh_entry(seq, v); 13071da177e4SLinus Torvalds } 13081da177e4SLinus Torvalds 13091da177e4SLinus Torvalds return 0; 13101da177e4SLinus Torvalds } 13111da177e4SLinus Torvalds 13121da177e4SLinus Torvalds static void *arp_seq_start(struct seq_file *seq, loff_t *pos) 13131da177e4SLinus Torvalds { 13141da177e4SLinus Torvalds /* Don't want to confuse "arp -a" w/ magic entries, 13151da177e4SLinus Torvalds * so we tell the generic iterator to skip NUD_NOARP. 13161da177e4SLinus Torvalds */ 13171da177e4SLinus Torvalds return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP); 13181da177e4SLinus Torvalds } 13191da177e4SLinus Torvalds 13201da177e4SLinus Torvalds /* ------------------------------------------------------------------------ */ 13211da177e4SLinus Torvalds 1322f690808eSStephen Hemminger static const struct seq_operations arp_seq_ops = { 13231da177e4SLinus Torvalds .start = arp_seq_start, 13241da177e4SLinus Torvalds .next = neigh_seq_next, 13251da177e4SLinus Torvalds .stop = neigh_seq_stop, 13261da177e4SLinus Torvalds .show = arp_seq_show, 13271da177e4SLinus Torvalds }; 13281da177e4SLinus Torvalds 13291da177e4SLinus Torvalds static int arp_seq_open(struct inode *inode, struct file *file) 13301da177e4SLinus Torvalds { 1331426b5303SEric W. Biederman return seq_open_net(inode, file, &arp_seq_ops, 1332cf7732e4SPavel Emelyanov sizeof(struct neigh_seq_state)); 13331da177e4SLinus Torvalds } 13341da177e4SLinus Torvalds 13359a32144eSArjan van de Ven static const struct file_operations arp_seq_fops = { 13361da177e4SLinus Torvalds .owner = THIS_MODULE, 13371da177e4SLinus Torvalds .open = arp_seq_open, 13381da177e4SLinus Torvalds .read = seq_read, 13391da177e4SLinus Torvalds .llseek = seq_lseek, 1340426b5303SEric W. Biederman .release = seq_release_net, 13411da177e4SLinus Torvalds }; 13421da177e4SLinus Torvalds 1343ffc31d3dSDenis V. Lunev 1344ffc31d3dSDenis V. Lunev static int __net_init arp_net_init(struct net *net) 13451da177e4SLinus Torvalds { 1346d4beaa66SGao feng if (!proc_create("arp", S_IRUGO, net->proc_net, &arp_seq_fops)) 13471da177e4SLinus Torvalds return -ENOMEM; 13481da177e4SLinus Torvalds return 0; 13491da177e4SLinus Torvalds } 13501da177e4SLinus Torvalds 1351ffc31d3dSDenis V. Lunev static void __net_exit arp_net_exit(struct net *net) 1352ffc31d3dSDenis V. Lunev { 1353ece31ffdSGao feng remove_proc_entry("arp", net->proc_net); 1354ffc31d3dSDenis V. Lunev } 1355ffc31d3dSDenis V. Lunev 1356ffc31d3dSDenis V. Lunev static struct pernet_operations arp_net_ops = { 1357ffc31d3dSDenis V. Lunev .init = arp_net_init, 1358ffc31d3dSDenis V. Lunev .exit = arp_net_exit, 1359ffc31d3dSDenis V. Lunev }; 1360ffc31d3dSDenis V. Lunev 1361ffc31d3dSDenis V. Lunev static int __init arp_proc_init(void) 1362ffc31d3dSDenis V. Lunev { 1363ffc31d3dSDenis V. Lunev return register_pernet_subsys(&arp_net_ops); 1364ffc31d3dSDenis V. Lunev } 1365ffc31d3dSDenis V. Lunev 13661da177e4SLinus Torvalds #else /* CONFIG_PROC_FS */ 13671da177e4SLinus Torvalds 13681da177e4SLinus Torvalds static int __init arp_proc_init(void) 13691da177e4SLinus Torvalds { 13701da177e4SLinus Torvalds return 0; 13711da177e4SLinus Torvalds } 13721da177e4SLinus Torvalds 13731da177e4SLinus Torvalds #endif /* CONFIG_PROC_FS */ 1374