1f30c2269SUwe Zeisberger /* linux/net/ipv4/arp.c 21da177e4SLinus Torvalds * 31da177e4SLinus Torvalds * Copyright (C) 1994 by Florian La Roche 41da177e4SLinus Torvalds * 51da177e4SLinus Torvalds * This module implements the Address Resolution Protocol ARP (RFC 826), 61da177e4SLinus Torvalds * which is used to convert IP addresses (or in the future maybe other 71da177e4SLinus Torvalds * high-level addresses) into a low-level hardware address (like an Ethernet 81da177e4SLinus Torvalds * address). 91da177e4SLinus Torvalds * 101da177e4SLinus Torvalds * This program is free software; you can redistribute it and/or 111da177e4SLinus Torvalds * modify it under the terms of the GNU General Public License 121da177e4SLinus Torvalds * as published by the Free Software Foundation; either version 131da177e4SLinus Torvalds * 2 of the License, or (at your option) any later version. 141da177e4SLinus Torvalds * 151da177e4SLinus Torvalds * Fixes: 161da177e4SLinus Torvalds * Alan Cox : Removed the Ethernet assumptions in 171da177e4SLinus Torvalds * Florian's code 181da177e4SLinus Torvalds * Alan Cox : Fixed some small errors in the ARP 191da177e4SLinus Torvalds * logic 201da177e4SLinus Torvalds * Alan Cox : Allow >4K in /proc 211da177e4SLinus Torvalds * Alan Cox : Make ARP add its own protocol entry 221da177e4SLinus Torvalds * Ross Martin : Rewrote arp_rcv() and arp_get_info() 231da177e4SLinus Torvalds * Stephen Henson : Add AX25 support to arp_get_info() 241da177e4SLinus Torvalds * Alan Cox : Drop data when a device is downed. 251da177e4SLinus Torvalds * Alan Cox : Use init_timer(). 261da177e4SLinus Torvalds * Alan Cox : Double lock fixes. 271da177e4SLinus Torvalds * Martin Seine : Move the arphdr structure 281da177e4SLinus Torvalds * to if_arp.h for compatibility. 291da177e4SLinus Torvalds * with BSD based programs. 301da177e4SLinus Torvalds * Andrew Tridgell : Added ARP netmask code and 311da177e4SLinus Torvalds * re-arranged proxy handling. 321da177e4SLinus Torvalds * Alan Cox : Changed to use notifiers. 331da177e4SLinus Torvalds * Niibe Yutaka : Reply for this device or proxies only. 341da177e4SLinus Torvalds * Alan Cox : Don't proxy across hardware types! 351da177e4SLinus Torvalds * Jonathan Naylor : Added support for NET/ROM. 361da177e4SLinus Torvalds * Mike Shaver : RFC1122 checks. 371da177e4SLinus Torvalds * Jonathan Naylor : Only lookup the hardware address for 381da177e4SLinus Torvalds * the correct hardware type. 391da177e4SLinus Torvalds * Germano Caronni : Assorted subtle races. 401da177e4SLinus Torvalds * Craig Schlenter : Don't modify permanent entry 411da177e4SLinus Torvalds * during arp_rcv. 421da177e4SLinus Torvalds * Russ Nelson : Tidied up a few bits. 431da177e4SLinus Torvalds * Alexey Kuznetsov: Major changes to caching and behaviour, 441da177e4SLinus Torvalds * eg intelligent arp probing and 451da177e4SLinus Torvalds * generation 461da177e4SLinus Torvalds * of host down events. 471da177e4SLinus Torvalds * Alan Cox : Missing unlock in device events. 481da177e4SLinus Torvalds * Eckes : ARP ioctl control errors. 491da177e4SLinus Torvalds * Alexey Kuznetsov: Arp free fix. 501da177e4SLinus Torvalds * Manuel Rodriguez: Gratuitous ARP. 511da177e4SLinus Torvalds * Jonathan Layes : Added arpd support through kerneld 521da177e4SLinus Torvalds * message queue (960314) 531da177e4SLinus Torvalds * Mike Shaver : /proc/sys/net/ipv4/arp_* support 541da177e4SLinus Torvalds * Mike McLagan : Routing by source 551da177e4SLinus Torvalds * Stuart Cheshire : Metricom and grat arp fixes 561da177e4SLinus Torvalds * *** FOR 2.1 clean this up *** 571da177e4SLinus Torvalds * Lawrence V. Stefani: (08/12/96) Added FDDI support. 581da177e4SLinus Torvalds * Alan Cox : Took the AP1000 nasty FDDI hack and 591da177e4SLinus Torvalds * folded into the mainstream FDDI code. 601da177e4SLinus Torvalds * Ack spit, Linus how did you allow that 611da177e4SLinus Torvalds * one in... 621da177e4SLinus Torvalds * Jes Sorensen : Make FDDI work again in 2.1.x and 631da177e4SLinus Torvalds * clean up the APFDDI & gen. FDDI bits. 641da177e4SLinus Torvalds * Alexey Kuznetsov: new arp state machine; 651da177e4SLinus Torvalds * now it is in net/core/neighbour.c. 661da177e4SLinus Torvalds * Krzysztof Halasa: Added Frame Relay ARP support. 671da177e4SLinus Torvalds * Arnaldo C. Melo : convert /proc/net/arp to seq_file 681da177e4SLinus Torvalds * Shmulik Hen: Split arp_send to arp_create and 691da177e4SLinus Torvalds * arp_xmit so intermediate drivers like 701da177e4SLinus Torvalds * bonding can change the skb before 711da177e4SLinus Torvalds * sending (e.g. insert 8021q tag). 721da177e4SLinus Torvalds * Harald Welte : convert to make use of jenkins hash 7365324144SJesper Dangaard Brouer * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support. 741da177e4SLinus Torvalds */ 751da177e4SLinus Torvalds 7691df42beSJoe Perches #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 7791df42beSJoe Perches 781da177e4SLinus Torvalds #include <linux/module.h> 791da177e4SLinus Torvalds #include <linux/types.h> 801da177e4SLinus Torvalds #include <linux/string.h> 811da177e4SLinus Torvalds #include <linux/kernel.h> 824fc268d2SRandy Dunlap #include <linux/capability.h> 831da177e4SLinus Torvalds #include <linux/socket.h> 841da177e4SLinus Torvalds #include <linux/sockios.h> 851da177e4SLinus Torvalds #include <linux/errno.h> 861da177e4SLinus Torvalds #include <linux/in.h> 871da177e4SLinus Torvalds #include <linux/mm.h> 881da177e4SLinus Torvalds #include <linux/inet.h> 8914c85021SArnaldo Carvalho de Melo #include <linux/inetdevice.h> 901da177e4SLinus Torvalds #include <linux/netdevice.h> 911da177e4SLinus Torvalds #include <linux/etherdevice.h> 921da177e4SLinus Torvalds #include <linux/fddidevice.h> 931da177e4SLinus Torvalds #include <linux/if_arp.h> 941da177e4SLinus Torvalds #include <linux/skbuff.h> 951da177e4SLinus Torvalds #include <linux/proc_fs.h> 961da177e4SLinus Torvalds #include <linux/seq_file.h> 971da177e4SLinus Torvalds #include <linux/stat.h> 981da177e4SLinus Torvalds #include <linux/init.h> 991da177e4SLinus Torvalds #include <linux/net.h> 1001da177e4SLinus Torvalds #include <linux/rcupdate.h> 1015a0e3ad6STejun Heo #include <linux/slab.h> 1021da177e4SLinus Torvalds #ifdef CONFIG_SYSCTL 1031da177e4SLinus Torvalds #include <linux/sysctl.h> 1041da177e4SLinus Torvalds #endif 1051da177e4SLinus Torvalds 106457c4cbcSEric W. Biederman #include <net/net_namespace.h> 1071da177e4SLinus Torvalds #include <net/ip.h> 1081da177e4SLinus Torvalds #include <net/icmp.h> 1091da177e4SLinus Torvalds #include <net/route.h> 1101da177e4SLinus Torvalds #include <net/protocol.h> 1111da177e4SLinus Torvalds #include <net/tcp.h> 1121da177e4SLinus Torvalds #include <net/sock.h> 1131da177e4SLinus Torvalds #include <net/arp.h> 1141da177e4SLinus Torvalds #include <net/ax25.h> 1151da177e4SLinus Torvalds #include <net/netrom.h> 1161da177e4SLinus Torvalds 117deffd777SChangli Gao #include <linux/uaccess.h> 1181da177e4SLinus Torvalds 1191da177e4SLinus Torvalds #include <linux/netfilter_arp.h> 1201da177e4SLinus Torvalds 1211da177e4SLinus Torvalds /* 1221da177e4SLinus Torvalds * Interface to generic neighbour cache. 1231da177e4SLinus Torvalds */ 1242c2aba6cSDavid S. Miller static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd); 1251da177e4SLinus Torvalds static int arp_constructor(struct neighbour *neigh); 1261da177e4SLinus Torvalds static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb); 1271da177e4SLinus Torvalds static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb); 1281da177e4SLinus Torvalds static void parp_redo(struct sk_buff *skb); 1291da177e4SLinus Torvalds 13089d69d2bSStephen Hemminger static const struct neigh_ops arp_generic_ops = { 1311da177e4SLinus Torvalds .family = AF_INET, 1321da177e4SLinus Torvalds .solicit = arp_solicit, 1331da177e4SLinus Torvalds .error_report = arp_error_report, 1341da177e4SLinus Torvalds .output = neigh_resolve_output, 1351da177e4SLinus Torvalds .connected_output = neigh_connected_output, 1361da177e4SLinus Torvalds }; 1371da177e4SLinus Torvalds 13889d69d2bSStephen Hemminger static const struct neigh_ops arp_hh_ops = { 1391da177e4SLinus Torvalds .family = AF_INET, 1401da177e4SLinus Torvalds .solicit = arp_solicit, 1411da177e4SLinus Torvalds .error_report = arp_error_report, 1421da177e4SLinus Torvalds .output = neigh_resolve_output, 1431da177e4SLinus Torvalds .connected_output = neigh_resolve_output, 1441da177e4SLinus Torvalds }; 1451da177e4SLinus Torvalds 14689d69d2bSStephen Hemminger static const struct neigh_ops arp_direct_ops = { 1471da177e4SLinus Torvalds .family = AF_INET, 1488f40b161SDavid S. Miller .output = neigh_direct_output, 1498f40b161SDavid S. Miller .connected_output = neigh_direct_output, 1501da177e4SLinus Torvalds }; 1511da177e4SLinus Torvalds 152a64de47cSstephen hemminger static const struct neigh_ops arp_broken_ops = { 1531da177e4SLinus Torvalds .family = AF_INET, 1541da177e4SLinus Torvalds .solicit = arp_solicit, 1551da177e4SLinus Torvalds .error_report = arp_error_report, 1561da177e4SLinus Torvalds .output = neigh_compat_output, 1571da177e4SLinus Torvalds .connected_output = neigh_compat_output, 1581da177e4SLinus Torvalds }; 1591da177e4SLinus Torvalds 1601da177e4SLinus Torvalds struct neigh_table arp_tbl = { 1611da177e4SLinus Torvalds .family = AF_INET, 1621da177e4SLinus Torvalds .key_len = 4, 1631da177e4SLinus Torvalds .hash = arp_hash, 1641da177e4SLinus Torvalds .constructor = arp_constructor, 1651da177e4SLinus Torvalds .proxy_redo = parp_redo, 1661da177e4SLinus Torvalds .id = "arp_cache", 1671da177e4SLinus Torvalds .parms = { 1681da177e4SLinus Torvalds .tbl = &arp_tbl, 1691da177e4SLinus Torvalds .reachable_time = 30 * HZ, 1701f9248e5SJiri Pirko .data = { 1711f9248e5SJiri Pirko [NEIGH_VAR_MCAST_PROBES] = 3, 1721f9248e5SJiri Pirko [NEIGH_VAR_UCAST_PROBES] = 3, 1731f9248e5SJiri Pirko [NEIGH_VAR_RETRANS_TIME] = 1 * HZ, 1741f9248e5SJiri Pirko [NEIGH_VAR_BASE_REACHABLE_TIME] = 30 * HZ, 1751f9248e5SJiri Pirko [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ, 1761f9248e5SJiri Pirko [NEIGH_VAR_GC_STALETIME] = 60 * HZ, 1771f9248e5SJiri Pirko [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024, 1781f9248e5SJiri Pirko [NEIGH_VAR_PROXY_QLEN] = 64, 1791f9248e5SJiri Pirko [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ, 1801f9248e5SJiri Pirko [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10, 1811f9248e5SJiri Pirko [NEIGH_VAR_LOCKTIME] = 1 * HZ, 1821f9248e5SJiri Pirko }, 1831da177e4SLinus Torvalds }, 1841da177e4SLinus Torvalds .gc_interval = 30 * HZ, 1851da177e4SLinus Torvalds .gc_thresh1 = 128, 1861da177e4SLinus Torvalds .gc_thresh2 = 512, 1871da177e4SLinus Torvalds .gc_thresh3 = 1024, 1881da177e4SLinus Torvalds }; 1894bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_tbl); 1901da177e4SLinus Torvalds 191714e85beSAl Viro int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir) 1921da177e4SLinus Torvalds { 1931da177e4SLinus Torvalds switch (dev->type) { 1941da177e4SLinus Torvalds case ARPHRD_ETHER: 1951da177e4SLinus Torvalds case ARPHRD_FDDI: 1961da177e4SLinus Torvalds case ARPHRD_IEEE802: 1971da177e4SLinus Torvalds ip_eth_mc_map(addr, haddr); 1981da177e4SLinus Torvalds return 0; 1991da177e4SLinus Torvalds case ARPHRD_INFINIBAND: 200a9e527e3SRolf Manderscheid ip_ib_mc_map(addr, dev->broadcast, haddr); 2011da177e4SLinus Torvalds return 0; 20293ca3bb5STimo Teräs case ARPHRD_IPGRE: 20393ca3bb5STimo Teräs ip_ipgre_mc_map(addr, dev->broadcast, haddr); 20493ca3bb5STimo Teräs return 0; 2051da177e4SLinus Torvalds default: 2061da177e4SLinus Torvalds if (dir) { 2071da177e4SLinus Torvalds memcpy(haddr, dev->broadcast, dev->addr_len); 2081da177e4SLinus Torvalds return 0; 2091da177e4SLinus Torvalds } 2101da177e4SLinus Torvalds } 2111da177e4SLinus Torvalds return -EINVAL; 2121da177e4SLinus Torvalds } 2131da177e4SLinus Torvalds 2141da177e4SLinus Torvalds 215d6bf7817SEric Dumazet static u32 arp_hash(const void *pkey, 216d6bf7817SEric Dumazet const struct net_device *dev, 2172c2aba6cSDavid S. Miller __u32 *hash_rnd) 2181da177e4SLinus Torvalds { 2192c2aba6cSDavid S. Miller return arp_hashfn(*(u32 *)pkey, dev, *hash_rnd); 2201da177e4SLinus Torvalds } 2211da177e4SLinus Torvalds 2221da177e4SLinus Torvalds static int arp_constructor(struct neighbour *neigh) 2231da177e4SLinus Torvalds { 224fd683222SAl Viro __be32 addr = *(__be32 *)neigh->primary_key; 2251da177e4SLinus Torvalds struct net_device *dev = neigh->dev; 2261da177e4SLinus Torvalds struct in_device *in_dev; 2271da177e4SLinus Torvalds struct neigh_parms *parms; 2281da177e4SLinus Torvalds 2291da177e4SLinus Torvalds rcu_read_lock(); 230e5ed6399SHerbert Xu in_dev = __in_dev_get_rcu(dev); 2311da177e4SLinus Torvalds if (in_dev == NULL) { 2321da177e4SLinus Torvalds rcu_read_unlock(); 2331da177e4SLinus Torvalds return -EINVAL; 2341da177e4SLinus Torvalds } 2351da177e4SLinus Torvalds 236c346dca1SYOSHIFUJI Hideaki neigh->type = inet_addr_type(dev_net(dev), addr); 237a79878f0SDenis V. Lunev 2381da177e4SLinus Torvalds parms = in_dev->arp_parms; 2391da177e4SLinus Torvalds __neigh_parms_put(neigh->parms); 2401da177e4SLinus Torvalds neigh->parms = neigh_parms_clone(parms); 2411da177e4SLinus Torvalds rcu_read_unlock(); 2421da177e4SLinus Torvalds 2433b04dddeSStephen Hemminger if (!dev->header_ops) { 2441da177e4SLinus Torvalds neigh->nud_state = NUD_NOARP; 2451da177e4SLinus Torvalds neigh->ops = &arp_direct_ops; 2468f40b161SDavid S. Miller neigh->output = neigh_direct_output; 2471da177e4SLinus Torvalds } else { 2481da177e4SLinus Torvalds /* Good devices (checked by reading texts, but only Ethernet is 2491da177e4SLinus Torvalds tested) 2501da177e4SLinus Torvalds 2511da177e4SLinus Torvalds ARPHRD_ETHER: (ethernet, apfddi) 2521da177e4SLinus Torvalds ARPHRD_FDDI: (fddi) 2531da177e4SLinus Torvalds ARPHRD_IEEE802: (tr) 2541da177e4SLinus Torvalds ARPHRD_METRICOM: (strip) 2551da177e4SLinus Torvalds ARPHRD_ARCNET: 2561da177e4SLinus Torvalds etc. etc. etc. 2571da177e4SLinus Torvalds 2581da177e4SLinus Torvalds ARPHRD_IPDDP will also work, if author repairs it. 2591da177e4SLinus Torvalds I did not it, because this driver does not work even 2601da177e4SLinus Torvalds in old paradigm. 2611da177e4SLinus Torvalds */ 2621da177e4SLinus Torvalds 2631da177e4SLinus Torvalds #if 1 2641da177e4SLinus Torvalds /* So... these "amateur" devices are hopeless. 2651da177e4SLinus Torvalds The only thing, that I can say now: 2661da177e4SLinus Torvalds It is very sad that we need to keep ugly obsolete 2671da177e4SLinus Torvalds code to make them happy. 2681da177e4SLinus Torvalds 2691da177e4SLinus Torvalds They should be moved to more reasonable state, now 2701da177e4SLinus Torvalds they use rebuild_header INSTEAD OF hard_start_xmit!!! 2711da177e4SLinus Torvalds Besides that, they are sort of out of date 2721da177e4SLinus Torvalds (a lot of redundant clones/copies, useless in 2.1), 2731da177e4SLinus Torvalds I wonder why people believe that they work. 2741da177e4SLinus Torvalds */ 2751da177e4SLinus Torvalds switch (dev->type) { 2761da177e4SLinus Torvalds default: 2771da177e4SLinus Torvalds break; 2781da177e4SLinus Torvalds case ARPHRD_ROSE: 27940e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 2801da177e4SLinus Torvalds case ARPHRD_AX25: 28140e4783eSIgor Maravic #if IS_ENABLED(CONFIG_NETROM) 2821da177e4SLinus Torvalds case ARPHRD_NETROM: 2831da177e4SLinus Torvalds #endif 2841da177e4SLinus Torvalds neigh->ops = &arp_broken_ops; 2851da177e4SLinus Torvalds neigh->output = neigh->ops->output; 2861da177e4SLinus Torvalds return 0; 287deffd777SChangli Gao #else 288deffd777SChangli Gao break; 2891da177e4SLinus Torvalds #endif 290deffd777SChangli Gao } 2911da177e4SLinus Torvalds #endif 2921da177e4SLinus Torvalds if (neigh->type == RTN_MULTICAST) { 2931da177e4SLinus Torvalds neigh->nud_state = NUD_NOARP; 2941da177e4SLinus Torvalds arp_mc_map(addr, neigh->ha, dev, 1); 2951da177e4SLinus Torvalds } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) { 2961da177e4SLinus Torvalds neigh->nud_state = NUD_NOARP; 2971da177e4SLinus Torvalds memcpy(neigh->ha, dev->dev_addr, dev->addr_len); 298deffd777SChangli Gao } else if (neigh->type == RTN_BROADCAST || 299deffd777SChangli Gao (dev->flags & IFF_POINTOPOINT)) { 3001da177e4SLinus Torvalds neigh->nud_state = NUD_NOARP; 3011da177e4SLinus Torvalds memcpy(neigh->ha, dev->broadcast, dev->addr_len); 3021da177e4SLinus Torvalds } 3033b04dddeSStephen Hemminger 3043b04dddeSStephen Hemminger if (dev->header_ops->cache) 3051da177e4SLinus Torvalds neigh->ops = &arp_hh_ops; 3061da177e4SLinus Torvalds else 3071da177e4SLinus Torvalds neigh->ops = &arp_generic_ops; 3083b04dddeSStephen Hemminger 3091da177e4SLinus Torvalds if (neigh->nud_state & NUD_VALID) 3101da177e4SLinus Torvalds neigh->output = neigh->ops->connected_output; 3111da177e4SLinus Torvalds else 3121da177e4SLinus Torvalds neigh->output = neigh->ops->output; 3131da177e4SLinus Torvalds } 3141da177e4SLinus Torvalds return 0; 3151da177e4SLinus Torvalds } 3161da177e4SLinus Torvalds 3171da177e4SLinus Torvalds static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb) 3181da177e4SLinus Torvalds { 3191da177e4SLinus Torvalds dst_link_failure(skb); 3201da177e4SLinus Torvalds kfree_skb(skb); 3211da177e4SLinus Torvalds } 3221da177e4SLinus Torvalds 3231da177e4SLinus Torvalds static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb) 3241da177e4SLinus Torvalds { 325a61ced5dSAl Viro __be32 saddr = 0; 326cf0be880SCong Wang u8 dst_ha[MAX_ADDR_LEN], *dst_hw = NULL; 3271da177e4SLinus Torvalds struct net_device *dev = neigh->dev; 328a61ced5dSAl Viro __be32 target = *(__be32 *)neigh->primary_key; 3291da177e4SLinus Torvalds int probes = atomic_read(&neigh->probes); 3304b4194c4SEric Dumazet struct in_device *in_dev; 3311da177e4SLinus Torvalds 3324b4194c4SEric Dumazet rcu_read_lock(); 3334b4194c4SEric Dumazet in_dev = __in_dev_get_rcu(dev); 3344b4194c4SEric Dumazet if (!in_dev) { 3354b4194c4SEric Dumazet rcu_read_unlock(); 3361da177e4SLinus Torvalds return; 3374b4194c4SEric Dumazet } 3381da177e4SLinus Torvalds switch (IN_DEV_ARP_ANNOUNCE(in_dev)) { 3391da177e4SLinus Torvalds default: 3401da177e4SLinus Torvalds case 0: /* By default announce any local IP */ 341deffd777SChangli Gao if (skb && inet_addr_type(dev_net(dev), 342deffd777SChangli Gao ip_hdr(skb)->saddr) == RTN_LOCAL) 343eddc9ec5SArnaldo Carvalho de Melo saddr = ip_hdr(skb)->saddr; 3441da177e4SLinus Torvalds break; 3451da177e4SLinus Torvalds case 1: /* Restrict announcements of saddr in same subnet */ 3461da177e4SLinus Torvalds if (!skb) 3471da177e4SLinus Torvalds break; 348eddc9ec5SArnaldo Carvalho de Melo saddr = ip_hdr(skb)->saddr; 349c346dca1SYOSHIFUJI Hideaki if (inet_addr_type(dev_net(dev), saddr) == RTN_LOCAL) { 3501da177e4SLinus Torvalds /* saddr should be known to target */ 3511da177e4SLinus Torvalds if (inet_addr_onlink(in_dev, target, saddr)) 3521da177e4SLinus Torvalds break; 3531da177e4SLinus Torvalds } 3541da177e4SLinus Torvalds saddr = 0; 3551da177e4SLinus Torvalds break; 3561da177e4SLinus Torvalds case 2: /* Avoid secondary IPs, get a primary/preferred one */ 3571da177e4SLinus Torvalds break; 3581da177e4SLinus Torvalds } 3594b4194c4SEric Dumazet rcu_read_unlock(); 3601da177e4SLinus Torvalds 3611da177e4SLinus Torvalds if (!saddr) 3621da177e4SLinus Torvalds saddr = inet_select_addr(dev, target, RT_SCOPE_LINK); 3631da177e4SLinus Torvalds 3641f9248e5SJiri Pirko probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES); 365deffd777SChangli Gao if (probes < 0) { 3661da177e4SLinus Torvalds if (!(neigh->nud_state & NUD_VALID)) 36791df42beSJoe Perches pr_debug("trying to ucast probe in NUD_INVALID\n"); 3689650388bSEric Dumazet neigh_ha_snapshot(dst_ha, neigh, dev); 369cf0be880SCong Wang dst_hw = dst_ha; 370deffd777SChangli Gao } else { 3711f9248e5SJiri Pirko probes -= NEIGH_VAR(neigh->parms, APP_PROBES); 372deffd777SChangli Gao if (probes < 0) { 3731da177e4SLinus Torvalds neigh_app_ns(neigh); 3741da177e4SLinus Torvalds return; 3751da177e4SLinus Torvalds } 376deffd777SChangli Gao } 3771da177e4SLinus Torvalds 3781da177e4SLinus Torvalds arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr, 379cf0be880SCong Wang dst_hw, dev->dev_addr, NULL); 3801da177e4SLinus Torvalds } 3811da177e4SLinus Torvalds 3829bd85e32SDenis V. Lunev static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip) 3831da177e4SLinus Torvalds { 384b601fa19SNicolas Dichtel struct net *net = dev_net(in_dev->dev); 3851da177e4SLinus Torvalds int scope; 3861da177e4SLinus Torvalds 3871da177e4SLinus Torvalds switch (IN_DEV_ARP_IGNORE(in_dev)) { 3881da177e4SLinus Torvalds case 0: /* Reply, the tip is already validated */ 3891da177e4SLinus Torvalds return 0; 3901da177e4SLinus Torvalds case 1: /* Reply only if tip is configured on the incoming interface */ 3911da177e4SLinus Torvalds sip = 0; 3921da177e4SLinus Torvalds scope = RT_SCOPE_HOST; 3931da177e4SLinus Torvalds break; 3941da177e4SLinus Torvalds case 2: /* 3951da177e4SLinus Torvalds * Reply only if tip is configured on the incoming interface 3961da177e4SLinus Torvalds * and is in same subnet as sip 3971da177e4SLinus Torvalds */ 3981da177e4SLinus Torvalds scope = RT_SCOPE_HOST; 3991da177e4SLinus Torvalds break; 4001da177e4SLinus Torvalds case 3: /* Do not reply for scope host addresses */ 4011da177e4SLinus Torvalds sip = 0; 4021da177e4SLinus Torvalds scope = RT_SCOPE_LINK; 403b601fa19SNicolas Dichtel in_dev = NULL; 4041da177e4SLinus Torvalds break; 4051da177e4SLinus Torvalds case 4: /* Reserved */ 4061da177e4SLinus Torvalds case 5: 4071da177e4SLinus Torvalds case 6: 4081da177e4SLinus Torvalds case 7: 4091da177e4SLinus Torvalds return 0; 4101da177e4SLinus Torvalds case 8: /* Do not reply */ 4111da177e4SLinus Torvalds return 1; 4121da177e4SLinus Torvalds default: 4131da177e4SLinus Torvalds return 0; 4141da177e4SLinus Torvalds } 415b601fa19SNicolas Dichtel return !inet_confirm_addr(net, in_dev, sip, tip, scope); 4161da177e4SLinus Torvalds } 4171da177e4SLinus Torvalds 418ed9bad06SAl Viro static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev) 4191da177e4SLinus Torvalds { 4201da177e4SLinus Torvalds struct rtable *rt; 4211da177e4SLinus Torvalds int flag = 0; 4221da177e4SLinus Torvalds /*unsigned long now; */ 423ca12a1a4SPavel Emelyanov struct net *net = dev_net(dev); 4241da177e4SLinus Torvalds 42578fbfd8aSDavid S. Miller rt = ip_route_output(net, sip, tip, 0, 0); 426b23dd4feSDavid S. Miller if (IS_ERR(rt)) 4271da177e4SLinus Torvalds return 1; 428d8d1f30bSChangli Gao if (rt->dst.dev != dev) { 429de0744afSPavel Emelyanov NET_INC_STATS_BH(net, LINUX_MIB_ARPFILTER); 4301da177e4SLinus Torvalds flag = 1; 4311da177e4SLinus Torvalds } 4321da177e4SLinus Torvalds ip_rt_put(rt); 4331da177e4SLinus Torvalds return flag; 4341da177e4SLinus Torvalds } 4351da177e4SLinus Torvalds 4361da177e4SLinus Torvalds /* OBSOLETE FUNCTIONS */ 4371da177e4SLinus Torvalds 4381da177e4SLinus Torvalds /* 4391da177e4SLinus Torvalds * Find an arp mapping in the cache. If not found, post a request. 4401da177e4SLinus Torvalds * 4411da177e4SLinus Torvalds * It is very UGLY routine: it DOES NOT use skb->dst->neighbour, 4421da177e4SLinus Torvalds * even if it exists. It is supposed that skb->dev was mangled 4431da177e4SLinus Torvalds * by a virtual device (eql, shaper). Nobody but broken devices 4441da177e4SLinus Torvalds * is allowed to use this function, it is scheduled to be removed. --ANK 4451da177e4SLinus Torvalds */ 4461da177e4SLinus Torvalds 447deffd777SChangli Gao static int arp_set_predefined(int addr_hint, unsigned char *haddr, 448deffd777SChangli Gao __be32 paddr, struct net_device *dev) 4491da177e4SLinus Torvalds { 4501da177e4SLinus Torvalds switch (addr_hint) { 4511da177e4SLinus Torvalds case RTN_LOCAL: 45291df42beSJoe Perches pr_debug("arp called for own IP address\n"); 4531da177e4SLinus Torvalds memcpy(haddr, dev->dev_addr, dev->addr_len); 4541da177e4SLinus Torvalds return 1; 4551da177e4SLinus Torvalds case RTN_MULTICAST: 4561da177e4SLinus Torvalds arp_mc_map(paddr, haddr, dev, 1); 4571da177e4SLinus Torvalds return 1; 4581da177e4SLinus Torvalds case RTN_BROADCAST: 4591da177e4SLinus Torvalds memcpy(haddr, dev->broadcast, dev->addr_len); 4601da177e4SLinus Torvalds return 1; 4611da177e4SLinus Torvalds } 4621da177e4SLinus Torvalds return 0; 4631da177e4SLinus Torvalds } 4641da177e4SLinus Torvalds 4651da177e4SLinus Torvalds 4661da177e4SLinus Torvalds int arp_find(unsigned char *haddr, struct sk_buff *skb) 4671da177e4SLinus Torvalds { 4681da177e4SLinus Torvalds struct net_device *dev = skb->dev; 469fd683222SAl Viro __be32 paddr; 4701da177e4SLinus Torvalds struct neighbour *n; 4711da177e4SLinus Torvalds 472adf30907SEric Dumazet if (!skb_dst(skb)) { 47391df42beSJoe Perches pr_debug("arp_find is called with dst==NULL\n"); 4741da177e4SLinus Torvalds kfree_skb(skb); 4751da177e4SLinus Torvalds return 1; 4761da177e4SLinus Torvalds } 4771da177e4SLinus Torvalds 478f8126f1dSDavid S. Miller paddr = rt_nexthop(skb_rtable(skb), ip_hdr(skb)->daddr); 479deffd777SChangli Gao if (arp_set_predefined(inet_addr_type(dev_net(dev), paddr), haddr, 480deffd777SChangli Gao paddr, dev)) 4811da177e4SLinus Torvalds return 0; 4821da177e4SLinus Torvalds 4831da177e4SLinus Torvalds n = __neigh_lookup(&arp_tbl, &paddr, dev, 1); 4841da177e4SLinus Torvalds 4851da177e4SLinus Torvalds if (n) { 4861da177e4SLinus Torvalds n->used = jiffies; 4871da177e4SLinus Torvalds if (n->nud_state & NUD_VALID || neigh_event_send(n, skb) == 0) { 4880ed8ddf4SEric Dumazet neigh_ha_snapshot(haddr, n, dev); 4891da177e4SLinus Torvalds neigh_release(n); 4901da177e4SLinus Torvalds return 0; 4911da177e4SLinus Torvalds } 4921da177e4SLinus Torvalds neigh_release(n); 4931da177e4SLinus Torvalds } else 4941da177e4SLinus Torvalds kfree_skb(skb); 4951da177e4SLinus Torvalds return 1; 4961da177e4SLinus Torvalds } 4974bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_find); 4981da177e4SLinus Torvalds 4991da177e4SLinus Torvalds /* END OF OBSOLETE FUNCTIONS */ 5001da177e4SLinus Torvalds 5011da177e4SLinus Torvalds /* 5021da177e4SLinus Torvalds * Check if we can use proxy ARP for this path 5031da177e4SLinus Torvalds */ 50465324144SJesper Dangaard Brouer static inline int arp_fwd_proxy(struct in_device *in_dev, 50565324144SJesper Dangaard Brouer struct net_device *dev, struct rtable *rt) 5061da177e4SLinus Torvalds { 5071da177e4SLinus Torvalds struct in_device *out_dev; 5081da177e4SLinus Torvalds int imi, omi = -1; 5091da177e4SLinus Torvalds 510d8d1f30bSChangli Gao if (rt->dst.dev == dev) 51165324144SJesper Dangaard Brouer return 0; 51265324144SJesper Dangaard Brouer 5131da177e4SLinus Torvalds if (!IN_DEV_PROXY_ARP(in_dev)) 5141da177e4SLinus Torvalds return 0; 515deffd777SChangli Gao imi = IN_DEV_MEDIUM_ID(in_dev); 516deffd777SChangli Gao if (imi == 0) 5171da177e4SLinus Torvalds return 1; 5181da177e4SLinus Torvalds if (imi == -1) 5191da177e4SLinus Torvalds return 0; 5201da177e4SLinus Torvalds 5211da177e4SLinus Torvalds /* place to check for proxy_arp for routes */ 5221da177e4SLinus Torvalds 523d8d1f30bSChangli Gao out_dev = __in_dev_get_rcu(rt->dst.dev); 524faa9dcf7SEric Dumazet if (out_dev) 5251da177e4SLinus Torvalds omi = IN_DEV_MEDIUM_ID(out_dev); 526faa9dcf7SEric Dumazet 527a02cec21SEric Dumazet return omi != imi && omi != -1; 5281da177e4SLinus Torvalds } 5291da177e4SLinus Torvalds 5301da177e4SLinus Torvalds /* 53165324144SJesper Dangaard Brouer * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev) 53265324144SJesper Dangaard Brouer * 53365324144SJesper Dangaard Brouer * RFC3069 supports proxy arp replies back to the same interface. This 53465324144SJesper Dangaard Brouer * is done to support (ethernet) switch features, like RFC 3069, where 53565324144SJesper Dangaard Brouer * the individual ports are not allowed to communicate with each 53665324144SJesper Dangaard Brouer * other, BUT they are allowed to talk to the upstream router. As 53765324144SJesper Dangaard Brouer * described in RFC 3069, it is possible to allow these hosts to 53865324144SJesper Dangaard Brouer * communicate through the upstream router, by proxy_arp'ing. 53965324144SJesper Dangaard Brouer * 54065324144SJesper Dangaard Brouer * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation" 54165324144SJesper Dangaard Brouer * 54265324144SJesper Dangaard Brouer * This technology is known by different names: 54365324144SJesper Dangaard Brouer * In RFC 3069 it is called VLAN Aggregation. 54465324144SJesper Dangaard Brouer * Cisco and Allied Telesyn call it Private VLAN. 54565324144SJesper Dangaard Brouer * Hewlett-Packard call it Source-Port filtering or port-isolation. 54665324144SJesper Dangaard Brouer * Ericsson call it MAC-Forced Forwarding (RFC Draft). 54765324144SJesper Dangaard Brouer * 54865324144SJesper Dangaard Brouer */ 54965324144SJesper Dangaard Brouer static inline int arp_fwd_pvlan(struct in_device *in_dev, 55065324144SJesper Dangaard Brouer struct net_device *dev, struct rtable *rt, 55165324144SJesper Dangaard Brouer __be32 sip, __be32 tip) 55265324144SJesper Dangaard Brouer { 55365324144SJesper Dangaard Brouer /* Private VLAN is only concerned about the same ethernet segment */ 554d8d1f30bSChangli Gao if (rt->dst.dev != dev) 55565324144SJesper Dangaard Brouer return 0; 55665324144SJesper Dangaard Brouer 55765324144SJesper Dangaard Brouer /* Don't reply on self probes (often done by windowz boxes)*/ 55865324144SJesper Dangaard Brouer if (sip == tip) 55965324144SJesper Dangaard Brouer return 0; 56065324144SJesper Dangaard Brouer 56165324144SJesper Dangaard Brouer if (IN_DEV_PROXY_ARP_PVLAN(in_dev)) 56265324144SJesper Dangaard Brouer return 1; 56365324144SJesper Dangaard Brouer else 56465324144SJesper Dangaard Brouer return 0; 56565324144SJesper Dangaard Brouer } 56665324144SJesper Dangaard Brouer 56765324144SJesper Dangaard Brouer /* 5681da177e4SLinus Torvalds * Interface to link layer: send routine and receive handler. 5691da177e4SLinus Torvalds */ 5701da177e4SLinus Torvalds 5711da177e4SLinus Torvalds /* 5721da177e4SLinus Torvalds * Create an arp packet. If (dest_hw == NULL), we create a broadcast 5731da177e4SLinus Torvalds * message. 5741da177e4SLinus Torvalds */ 575ed9bad06SAl Viro struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip, 576ed9bad06SAl Viro struct net_device *dev, __be32 src_ip, 577abfdf1c4SJan Engelhardt const unsigned char *dest_hw, 578abfdf1c4SJan Engelhardt const unsigned char *src_hw, 579abfdf1c4SJan Engelhardt const unsigned char *target_hw) 5801da177e4SLinus Torvalds { 5811da177e4SLinus Torvalds struct sk_buff *skb; 5821da177e4SLinus Torvalds struct arphdr *arp; 5831da177e4SLinus Torvalds unsigned char *arp_ptr; 58466088243SHerbert Xu int hlen = LL_RESERVED_SPACE(dev); 58566088243SHerbert Xu int tlen = dev->needed_tailroom; 5861da177e4SLinus Torvalds 5871da177e4SLinus Torvalds /* 5881da177e4SLinus Torvalds * Allocate a buffer 5891da177e4SLinus Torvalds */ 5901da177e4SLinus Torvalds 59166088243SHerbert Xu skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC); 5921da177e4SLinus Torvalds if (skb == NULL) 5931da177e4SLinus Torvalds return NULL; 5941da177e4SLinus Torvalds 59566088243SHerbert Xu skb_reserve(skb, hlen); 596c1d2bbe1SArnaldo Carvalho de Melo skb_reset_network_header(skb); 597988b7050SPavel Emelyanov arp = (struct arphdr *) skb_put(skb, arp_hdr_len(dev)); 5981da177e4SLinus Torvalds skb->dev = dev; 5991da177e4SLinus Torvalds skb->protocol = htons(ETH_P_ARP); 6001da177e4SLinus Torvalds if (src_hw == NULL) 6011da177e4SLinus Torvalds src_hw = dev->dev_addr; 6021da177e4SLinus Torvalds if (dest_hw == NULL) 6031da177e4SLinus Torvalds dest_hw = dev->broadcast; 6041da177e4SLinus Torvalds 6051da177e4SLinus Torvalds /* 6061da177e4SLinus Torvalds * Fill the device header for the ARP frame 6071da177e4SLinus Torvalds */ 6080c4e8581SStephen Hemminger if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0) 6091da177e4SLinus Torvalds goto out; 6101da177e4SLinus Torvalds 6111da177e4SLinus Torvalds /* 6121da177e4SLinus Torvalds * Fill out the arp protocol part. 6131da177e4SLinus Torvalds * 6141da177e4SLinus Torvalds * The arp hardware type should match the device type, except for FDDI, 6151da177e4SLinus Torvalds * which (according to RFC 1390) should always equal 1 (Ethernet). 6161da177e4SLinus Torvalds */ 6171da177e4SLinus Torvalds /* 6181da177e4SLinus Torvalds * Exceptions everywhere. AX.25 uses the AX.25 PID value not the 6191da177e4SLinus Torvalds * DIX code for the protocol. Make these device structure fields. 6201da177e4SLinus Torvalds */ 6211da177e4SLinus Torvalds switch (dev->type) { 6221da177e4SLinus Torvalds default: 6231da177e4SLinus Torvalds arp->ar_hrd = htons(dev->type); 6241da177e4SLinus Torvalds arp->ar_pro = htons(ETH_P_IP); 6251da177e4SLinus Torvalds break; 6261da177e4SLinus Torvalds 62740e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 6281da177e4SLinus Torvalds case ARPHRD_AX25: 6291da177e4SLinus Torvalds arp->ar_hrd = htons(ARPHRD_AX25); 6301da177e4SLinus Torvalds arp->ar_pro = htons(AX25_P_IP); 6311da177e4SLinus Torvalds break; 6321da177e4SLinus Torvalds 63340e4783eSIgor Maravic #if IS_ENABLED(CONFIG_NETROM) 6341da177e4SLinus Torvalds case ARPHRD_NETROM: 6351da177e4SLinus Torvalds arp->ar_hrd = htons(ARPHRD_NETROM); 6361da177e4SLinus Torvalds arp->ar_pro = htons(AX25_P_IP); 6371da177e4SLinus Torvalds break; 6381da177e4SLinus Torvalds #endif 6391da177e4SLinus Torvalds #endif 6401da177e4SLinus Torvalds 64140e4783eSIgor Maravic #if IS_ENABLED(CONFIG_FDDI) 6421da177e4SLinus Torvalds case ARPHRD_FDDI: 6431da177e4SLinus Torvalds arp->ar_hrd = htons(ARPHRD_ETHER); 6441da177e4SLinus Torvalds arp->ar_pro = htons(ETH_P_IP); 6451da177e4SLinus Torvalds break; 6461da177e4SLinus Torvalds #endif 6471da177e4SLinus Torvalds } 6481da177e4SLinus Torvalds 6491da177e4SLinus Torvalds arp->ar_hln = dev->addr_len; 6501da177e4SLinus Torvalds arp->ar_pln = 4; 6511da177e4SLinus Torvalds arp->ar_op = htons(type); 6521da177e4SLinus Torvalds 6531da177e4SLinus Torvalds arp_ptr = (unsigned char *)(arp + 1); 6541da177e4SLinus Torvalds 6551da177e4SLinus Torvalds memcpy(arp_ptr, src_hw, dev->addr_len); 6561da177e4SLinus Torvalds arp_ptr += dev->addr_len; 6571da177e4SLinus Torvalds memcpy(arp_ptr, &src_ip, 4); 6581da177e4SLinus Torvalds arp_ptr += 4; 6596752c8dbSYOSHIFUJI Hideaki / 吉藤英明 6606752c8dbSYOSHIFUJI Hideaki / 吉藤英明 switch (dev->type) { 6616752c8dbSYOSHIFUJI Hideaki / 吉藤英明 #if IS_ENABLED(CONFIG_FIREWIRE_NET) 6626752c8dbSYOSHIFUJI Hideaki / 吉藤英明 case ARPHRD_IEEE1394: 6636752c8dbSYOSHIFUJI Hideaki / 吉藤英明 break; 6646752c8dbSYOSHIFUJI Hideaki / 吉藤英明 #endif 6656752c8dbSYOSHIFUJI Hideaki / 吉藤英明 default: 6661da177e4SLinus Torvalds if (target_hw != NULL) 6671da177e4SLinus Torvalds memcpy(arp_ptr, target_hw, dev->addr_len); 6681da177e4SLinus Torvalds else 6691da177e4SLinus Torvalds memset(arp_ptr, 0, dev->addr_len); 6701da177e4SLinus Torvalds arp_ptr += dev->addr_len; 6716752c8dbSYOSHIFUJI Hideaki / 吉藤英明 } 6721da177e4SLinus Torvalds memcpy(arp_ptr, &dest_ip, 4); 6731da177e4SLinus Torvalds 6741da177e4SLinus Torvalds return skb; 6751da177e4SLinus Torvalds 6761da177e4SLinus Torvalds out: 6771da177e4SLinus Torvalds kfree_skb(skb); 6781da177e4SLinus Torvalds return NULL; 6791da177e4SLinus Torvalds } 6804bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_create); 6811da177e4SLinus Torvalds 6821da177e4SLinus Torvalds /* 6831da177e4SLinus Torvalds * Send an arp packet. 6841da177e4SLinus Torvalds */ 6851da177e4SLinus Torvalds void arp_xmit(struct sk_buff *skb) 6861da177e4SLinus Torvalds { 6871da177e4SLinus Torvalds /* Send it off, maybe filter it using firewalling first. */ 688fdc9314cSJan Engelhardt NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, skb, NULL, skb->dev, dev_queue_xmit); 6891da177e4SLinus Torvalds } 6904bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_xmit); 6911da177e4SLinus Torvalds 6921da177e4SLinus Torvalds /* 6931da177e4SLinus Torvalds * Create and send an arp packet. 6941da177e4SLinus Torvalds */ 695ed9bad06SAl Viro void arp_send(int type, int ptype, __be32 dest_ip, 696ed9bad06SAl Viro struct net_device *dev, __be32 src_ip, 697abfdf1c4SJan Engelhardt const unsigned char *dest_hw, const unsigned char *src_hw, 698abfdf1c4SJan Engelhardt const unsigned char *target_hw) 6991da177e4SLinus Torvalds { 7001da177e4SLinus Torvalds struct sk_buff *skb; 7011da177e4SLinus Torvalds 7021da177e4SLinus Torvalds /* 7031da177e4SLinus Torvalds * No arp on this interface. 7041da177e4SLinus Torvalds */ 7051da177e4SLinus Torvalds 7061da177e4SLinus Torvalds if (dev->flags&IFF_NOARP) 7071da177e4SLinus Torvalds return; 7081da177e4SLinus Torvalds 7091da177e4SLinus Torvalds skb = arp_create(type, ptype, dest_ip, dev, src_ip, 7101da177e4SLinus Torvalds dest_hw, src_hw, target_hw); 711deffd777SChangli Gao if (skb == NULL) 7121da177e4SLinus Torvalds return; 7131da177e4SLinus Torvalds 7141da177e4SLinus Torvalds arp_xmit(skb); 7151da177e4SLinus Torvalds } 7164bc2f18bSEric Dumazet EXPORT_SYMBOL(arp_send); 7171da177e4SLinus Torvalds 7181da177e4SLinus Torvalds /* 7191da177e4SLinus Torvalds * Process an arp request. 7201da177e4SLinus Torvalds */ 7211da177e4SLinus Torvalds 7221da177e4SLinus Torvalds static int arp_process(struct sk_buff *skb) 7231da177e4SLinus Torvalds { 7241da177e4SLinus Torvalds struct net_device *dev = skb->dev; 725faa9dcf7SEric Dumazet struct in_device *in_dev = __in_dev_get_rcu(dev); 7261da177e4SLinus Torvalds struct arphdr *arp; 7271da177e4SLinus Torvalds unsigned char *arp_ptr; 7281da177e4SLinus Torvalds struct rtable *rt; 729e0260fedSMark Ryden unsigned char *sha; 7309e12bb22SAl Viro __be32 sip, tip; 7311da177e4SLinus Torvalds u16 dev_type = dev->type; 7321da177e4SLinus Torvalds int addr_type; 7331da177e4SLinus Torvalds struct neighbour *n; 734c346dca1SYOSHIFUJI Hideaki struct net *net = dev_net(dev); 735*56022a8fSSalam Noureddine bool is_garp = false; 7361da177e4SLinus Torvalds 7371da177e4SLinus Torvalds /* arp_rcv below verifies the ARP header and verifies the device 7381da177e4SLinus Torvalds * is ARP'able. 7391da177e4SLinus Torvalds */ 7401da177e4SLinus Torvalds 7411da177e4SLinus Torvalds if (in_dev == NULL) 7421da177e4SLinus Torvalds goto out; 7431da177e4SLinus Torvalds 744d0a92be0SArnaldo Carvalho de Melo arp = arp_hdr(skb); 7451da177e4SLinus Torvalds 7461da177e4SLinus Torvalds switch (dev_type) { 7471da177e4SLinus Torvalds default: 7481da177e4SLinus Torvalds if (arp->ar_pro != htons(ETH_P_IP) || 7491da177e4SLinus Torvalds htons(dev_type) != arp->ar_hrd) 7501da177e4SLinus Torvalds goto out; 7511da177e4SLinus Torvalds break; 7521da177e4SLinus Torvalds case ARPHRD_ETHER: 7531da177e4SLinus Torvalds case ARPHRD_FDDI: 7541da177e4SLinus Torvalds case ARPHRD_IEEE802: 7551da177e4SLinus Torvalds /* 756211ed865SPaul Gortmaker * ETHERNET, and Fibre Channel (which are IEEE 802 7571da177e4SLinus Torvalds * devices, according to RFC 2625) devices will accept ARP 7581da177e4SLinus Torvalds * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2). 7591da177e4SLinus Torvalds * This is the case also of FDDI, where the RFC 1390 says that 7601da177e4SLinus Torvalds * FDDI devices should accept ARP hardware of (1) Ethernet, 7611da177e4SLinus Torvalds * however, to be more robust, we'll accept both 1 (Ethernet) 7621da177e4SLinus Torvalds * or 6 (IEEE 802.2) 7631da177e4SLinus Torvalds */ 7641da177e4SLinus Torvalds if ((arp->ar_hrd != htons(ARPHRD_ETHER) && 7651da177e4SLinus Torvalds arp->ar_hrd != htons(ARPHRD_IEEE802)) || 7661da177e4SLinus Torvalds arp->ar_pro != htons(ETH_P_IP)) 7671da177e4SLinus Torvalds goto out; 7681da177e4SLinus Torvalds break; 7691da177e4SLinus Torvalds case ARPHRD_AX25: 7701da177e4SLinus Torvalds if (arp->ar_pro != htons(AX25_P_IP) || 7711da177e4SLinus Torvalds arp->ar_hrd != htons(ARPHRD_AX25)) 7721da177e4SLinus Torvalds goto out; 7731da177e4SLinus Torvalds break; 7741da177e4SLinus Torvalds case ARPHRD_NETROM: 7751da177e4SLinus Torvalds if (arp->ar_pro != htons(AX25_P_IP) || 7761da177e4SLinus Torvalds arp->ar_hrd != htons(ARPHRD_NETROM)) 7771da177e4SLinus Torvalds goto out; 7781da177e4SLinus Torvalds break; 7791da177e4SLinus Torvalds } 7801da177e4SLinus Torvalds 7811da177e4SLinus Torvalds /* Understand only these message types */ 7821da177e4SLinus Torvalds 7831da177e4SLinus Torvalds if (arp->ar_op != htons(ARPOP_REPLY) && 7841da177e4SLinus Torvalds arp->ar_op != htons(ARPOP_REQUEST)) 7851da177e4SLinus Torvalds goto out; 7861da177e4SLinus Torvalds 7871da177e4SLinus Torvalds /* 7881da177e4SLinus Torvalds * Extract fields 7891da177e4SLinus Torvalds */ 7901da177e4SLinus Torvalds arp_ptr = (unsigned char *)(arp + 1); 7911da177e4SLinus Torvalds sha = arp_ptr; 7921da177e4SLinus Torvalds arp_ptr += dev->addr_len; 7931da177e4SLinus Torvalds memcpy(&sip, arp_ptr, 4); 7941da177e4SLinus Torvalds arp_ptr += 4; 7956752c8dbSYOSHIFUJI Hideaki / 吉藤英明 switch (dev_type) { 7966752c8dbSYOSHIFUJI Hideaki / 吉藤英明 #if IS_ENABLED(CONFIG_FIREWIRE_NET) 7976752c8dbSYOSHIFUJI Hideaki / 吉藤英明 case ARPHRD_IEEE1394: 7986752c8dbSYOSHIFUJI Hideaki / 吉藤英明 break; 7996752c8dbSYOSHIFUJI Hideaki / 吉藤英明 #endif 8006752c8dbSYOSHIFUJI Hideaki / 吉藤英明 default: 8011da177e4SLinus Torvalds arp_ptr += dev->addr_len; 8026752c8dbSYOSHIFUJI Hideaki / 吉藤英明 } 8031da177e4SLinus Torvalds memcpy(&tip, arp_ptr, 4); 8041da177e4SLinus Torvalds /* 8051da177e4SLinus Torvalds * Check for bad requests for 127.x.x.x and requests for multicast 8061da177e4SLinus Torvalds * addresses. If this is one such, delete it. 8071da177e4SLinus Torvalds */ 808d0daebc3SThomas Graf if (ipv4_is_multicast(tip) || 809d0daebc3SThomas Graf (!IN_DEV_ROUTE_LOCALNET(in_dev) && ipv4_is_loopback(tip))) 8101da177e4SLinus Torvalds goto out; 8111da177e4SLinus Torvalds 8121da177e4SLinus Torvalds /* 8131da177e4SLinus Torvalds * Special case: We must set Frame Relay source Q.922 address 8141da177e4SLinus Torvalds */ 8151da177e4SLinus Torvalds if (dev_type == ARPHRD_DLCI) 8161da177e4SLinus Torvalds sha = dev->broadcast; 8171da177e4SLinus Torvalds 8181da177e4SLinus Torvalds /* 8191da177e4SLinus Torvalds * Process entry. The idea here is we want to send a reply if it is a 8201da177e4SLinus Torvalds * request for us or if it is a request for someone else that we hold 8211da177e4SLinus Torvalds * a proxy for. We want to add an entry to our cache if it is a reply 8221da177e4SLinus Torvalds * to us or if it is a request for our address. 8231da177e4SLinus Torvalds * (The assumption for this last is that if someone is requesting our 8241da177e4SLinus Torvalds * address, they are probably intending to talk to us, so it saves time 8251da177e4SLinus Torvalds * if we cache their address. Their address is also probably not in 8261da177e4SLinus Torvalds * our cache, since ours is not in their cache.) 8271da177e4SLinus Torvalds * 8281da177e4SLinus Torvalds * Putting this another way, we only care about replies if they are to 8291da177e4SLinus Torvalds * us, in which case we add them to the cache. For requests, we care 8301da177e4SLinus Torvalds * about those for us and those for our proxies. We reply to both, 8311da177e4SLinus Torvalds * and in the case of requests for us we add the requester to the arp 8321da177e4SLinus Torvalds * cache. 8331da177e4SLinus Torvalds */ 8341da177e4SLinus Torvalds 835f8a68e75SEric W. Biederman /* Special case: IPv4 duplicate address detection packet (RFC2131) */ 836f8a68e75SEric W. Biederman if (sip == 0) { 8371da177e4SLinus Torvalds if (arp->ar_op == htons(ARPOP_REQUEST) && 83849e8a279SDenis V. Lunev inet_addr_type(net, tip) == RTN_LOCAL && 8399bd85e32SDenis V. Lunev !arp_ignore(in_dev, sip, tip)) 840b4a9811cSJonas Danielsson arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha, 841b4a9811cSJonas Danielsson dev->dev_addr, sha); 8421da177e4SLinus Torvalds goto out; 8431da177e4SLinus Torvalds } 8441da177e4SLinus Torvalds 8451da177e4SLinus Torvalds if (arp->ar_op == htons(ARPOP_REQUEST) && 846c6cffba4SDavid S. Miller ip_route_input_noref(skb, tip, sip, 0, dev) == 0) { 8471da177e4SLinus Torvalds 848511c3f92SEric Dumazet rt = skb_rtable(skb); 8491da177e4SLinus Torvalds addr_type = rt->rt_type; 8501da177e4SLinus Torvalds 8511da177e4SLinus Torvalds if (addr_type == RTN_LOCAL) { 852deffd777SChangli Gao int dont_send; 8531da177e4SLinus Torvalds 854deffd777SChangli Gao dont_send = arp_ignore(in_dev, sip, tip); 8551da177e4SLinus Torvalds if (!dont_send && IN_DEV_ARPFILTER(in_dev)) 856ae9c416dSChangli Gao dont_send = arp_filter(sip, tip, dev); 8578164f1b7SBen Greear if (!dont_send) { 8588164f1b7SBen Greear n = neigh_event_ns(&arp_tbl, sha, &sip, dev); 8598164f1b7SBen Greear if (n) { 860deffd777SChangli Gao arp_send(ARPOP_REPLY, ETH_P_ARP, sip, 861deffd777SChangli Gao dev, tip, sha, dev->dev_addr, 862deffd777SChangli Gao sha); 8631da177e4SLinus Torvalds neigh_release(n); 8641da177e4SLinus Torvalds } 8658164f1b7SBen Greear } 8661da177e4SLinus Torvalds goto out; 8671da177e4SLinus Torvalds } else if (IN_DEV_FORWARD(in_dev)) { 86865324144SJesper Dangaard Brouer if (addr_type == RTN_UNICAST && 86965324144SJesper Dangaard Brouer (arp_fwd_proxy(in_dev, dev, rt) || 87065324144SJesper Dangaard Brouer arp_fwd_pvlan(in_dev, dev, rt, sip, tip) || 87170620c46SThomas Graf (rt->dst.dev != dev && 87270620c46SThomas Graf pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) { 8731da177e4SLinus Torvalds n = neigh_event_ns(&arp_tbl, sha, &sip, dev); 8741da177e4SLinus Torvalds if (n) 8751da177e4SLinus Torvalds neigh_release(n); 8761da177e4SLinus Torvalds 877a61bbcf2SPatrick McHardy if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED || 8781da177e4SLinus Torvalds skb->pkt_type == PACKET_HOST || 8791f9248e5SJiri Pirko NEIGH_VAR(in_dev->arp_parms, PROXY_DELAY) == 0) { 880deffd777SChangli Gao arp_send(ARPOP_REPLY, ETH_P_ARP, sip, 881deffd777SChangli Gao dev, tip, sha, dev->dev_addr, 882deffd777SChangli Gao sha); 8831da177e4SLinus Torvalds } else { 884deffd777SChangli Gao pneigh_enqueue(&arp_tbl, 885deffd777SChangli Gao in_dev->arp_parms, skb); 8861da177e4SLinus Torvalds return 0; 8871da177e4SLinus Torvalds } 8881da177e4SLinus Torvalds goto out; 8891da177e4SLinus Torvalds } 8901da177e4SLinus Torvalds } 8911da177e4SLinus Torvalds } 8921da177e4SLinus Torvalds 8931da177e4SLinus Torvalds /* Update our ARP tables */ 8941da177e4SLinus Torvalds 8951da177e4SLinus Torvalds n = __neigh_lookup(&arp_tbl, &sip, dev, 0); 8961da177e4SLinus Torvalds 897124d37e9SNeil Horman if (IN_DEV_ARP_ACCEPT(in_dev)) { 8981da177e4SLinus Torvalds /* Unsolicited ARP is not accepted by default. 8991da177e4SLinus Torvalds It is possible, that this option should be enabled for some 9001da177e4SLinus Torvalds devices (strip is candidate) 9011da177e4SLinus Torvalds */ 902*56022a8fSSalam Noureddine is_garp = arp->ar_op == htons(ARPOP_REQUEST) && tip == sip && 903*56022a8fSSalam Noureddine inet_addr_type(net, sip) == RTN_UNICAST; 904*56022a8fSSalam Noureddine 9051da177e4SLinus Torvalds if (n == NULL && 906*56022a8fSSalam Noureddine ((arp->ar_op == htons(ARPOP_REPLY) && 907*56022a8fSSalam Noureddine inet_addr_type(net, sip) == RTN_UNICAST) || is_garp)) 9081b1ac759SJean Delvare n = __neigh_lookup(&arp_tbl, &sip, dev, 1); 909abd596a4SNeil Horman } 9101da177e4SLinus Torvalds 9111da177e4SLinus Torvalds if (n) { 9121da177e4SLinus Torvalds int state = NUD_REACHABLE; 9131da177e4SLinus Torvalds int override; 9141da177e4SLinus Torvalds 9151da177e4SLinus Torvalds /* If several different ARP replies follows back-to-back, 9161da177e4SLinus Torvalds use the FIRST one. It is possible, if several proxy 9171da177e4SLinus Torvalds agents are active. Taking the first reply prevents 9181da177e4SLinus Torvalds arp trashing and chooses the fastest router. 9191da177e4SLinus Torvalds */ 920*56022a8fSSalam Noureddine override = time_after(jiffies, 921*56022a8fSSalam Noureddine n->updated + 922*56022a8fSSalam Noureddine NEIGH_VAR(n->parms, LOCKTIME)) || 923*56022a8fSSalam Noureddine is_garp; 9241da177e4SLinus Torvalds 9251da177e4SLinus Torvalds /* Broadcast replies and request packets 9261da177e4SLinus Torvalds do not assert neighbour reachability. 9271da177e4SLinus Torvalds */ 9281da177e4SLinus Torvalds if (arp->ar_op != htons(ARPOP_REPLY) || 9291da177e4SLinus Torvalds skb->pkt_type != PACKET_HOST) 9301da177e4SLinus Torvalds state = NUD_STALE; 931deffd777SChangli Gao neigh_update(n, sha, state, 932deffd777SChangli Gao override ? NEIGH_UPDATE_F_OVERRIDE : 0); 9331da177e4SLinus Torvalds neigh_release(n); 9341da177e4SLinus Torvalds } 9351da177e4SLinus Torvalds 9361da177e4SLinus Torvalds out: 937ead2ceb0SNeil Horman consume_skb(skb); 9381da177e4SLinus Torvalds return 0; 9391da177e4SLinus Torvalds } 9401da177e4SLinus Torvalds 941444fc8fcSHerbert Xu static void parp_redo(struct sk_buff *skb) 942444fc8fcSHerbert Xu { 943444fc8fcSHerbert Xu arp_process(skb); 944444fc8fcSHerbert Xu } 945444fc8fcSHerbert Xu 9461da177e4SLinus Torvalds 9471da177e4SLinus Torvalds /* 9481da177e4SLinus Torvalds * Receive an arp request from the device layer. 9491da177e4SLinus Torvalds */ 9501da177e4SLinus Torvalds 9516c97e72aSAdrian Bunk static int arp_rcv(struct sk_buff *skb, struct net_device *dev, 9526c97e72aSAdrian Bunk struct packet_type *pt, struct net_device *orig_dev) 9531da177e4SLinus Torvalds { 954044453b3SEric Dumazet const struct arphdr *arp; 955044453b3SEric Dumazet 956044453b3SEric Dumazet if (dev->flags & IFF_NOARP || 957044453b3SEric Dumazet skb->pkt_type == PACKET_OTHERHOST || 958044453b3SEric Dumazet skb->pkt_type == PACKET_LOOPBACK) 959044453b3SEric Dumazet goto freeskb; 960044453b3SEric Dumazet 961044453b3SEric Dumazet skb = skb_share_check(skb, GFP_ATOMIC); 962044453b3SEric Dumazet if (!skb) 963044453b3SEric Dumazet goto out_of_mem; 9641da177e4SLinus Torvalds 9651da177e4SLinus Torvalds /* ARP header, plus 2 device addresses, plus 2 IP addresses. */ 966988b7050SPavel Emelyanov if (!pskb_may_pull(skb, arp_hdr_len(dev))) 9671da177e4SLinus Torvalds goto freeskb; 9681da177e4SLinus Torvalds 969d0a92be0SArnaldo Carvalho de Melo arp = arp_hdr(skb); 970044453b3SEric Dumazet if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4) 9711da177e4SLinus Torvalds goto freeskb; 9721da177e4SLinus Torvalds 973a61bbcf2SPatrick McHardy memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb)); 974a61bbcf2SPatrick McHardy 975fdc9314cSJan Engelhardt return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, skb, dev, NULL, arp_process); 9761da177e4SLinus Torvalds 9771da177e4SLinus Torvalds freeskb: 9781da177e4SLinus Torvalds kfree_skb(skb); 9791da177e4SLinus Torvalds out_of_mem: 9801da177e4SLinus Torvalds return 0; 9811da177e4SLinus Torvalds } 9821da177e4SLinus Torvalds 9831da177e4SLinus Torvalds /* 9841da177e4SLinus Torvalds * User level interface (ioctl) 9851da177e4SLinus Torvalds */ 9861da177e4SLinus Torvalds 9871da177e4SLinus Torvalds /* 9881da177e4SLinus Torvalds * Set (create) an ARP cache entry. 9891da177e4SLinus Torvalds */ 9901da177e4SLinus Torvalds 99132e569b7SPavel Emelyanov static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on) 992f8b33fdfSPavel Emelyanov { 993f8b33fdfSPavel Emelyanov if (dev == NULL) { 994586f1211SPavel Emelyanov IPV4_DEVCONF_ALL(net, PROXY_ARP) = on; 995f8b33fdfSPavel Emelyanov return 0; 996f8b33fdfSPavel Emelyanov } 997c506653dSEric Dumazet if (__in_dev_get_rtnl(dev)) { 998c506653dSEric Dumazet IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on); 999f8b33fdfSPavel Emelyanov return 0; 1000f8b33fdfSPavel Emelyanov } 1001f8b33fdfSPavel Emelyanov return -ENXIO; 1002f8b33fdfSPavel Emelyanov } 1003f8b33fdfSPavel Emelyanov 100432e569b7SPavel Emelyanov static int arp_req_set_public(struct net *net, struct arpreq *r, 100532e569b7SPavel Emelyanov struct net_device *dev) 10061da177e4SLinus Torvalds { 1007ed9bad06SAl Viro __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 1008ed9bad06SAl Viro __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr; 100943dc1701SPavel Emelyanov 1010ed9bad06SAl Viro if (mask && mask != htonl(0xFFFFFFFF)) 10111da177e4SLinus Torvalds return -EINVAL; 10121da177e4SLinus Torvalds if (!dev && (r->arp_flags & ATF_COM)) { 1013941666c2SEric Dumazet dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family, 101443dc1701SPavel Emelyanov r->arp_ha.sa_data); 10151da177e4SLinus Torvalds if (!dev) 10161da177e4SLinus Torvalds return -ENODEV; 10171da177e4SLinus Torvalds } 10181da177e4SLinus Torvalds if (mask) { 10192db82b53SDenis V. Lunev if (pneigh_lookup(&arp_tbl, net, &ip, dev, 1) == NULL) 10201da177e4SLinus Torvalds return -ENOBUFS; 10211da177e4SLinus Torvalds return 0; 10221da177e4SLinus Torvalds } 1023f8b33fdfSPavel Emelyanov 102432e569b7SPavel Emelyanov return arp_req_set_proxy(net, dev, 1); 10251da177e4SLinus Torvalds } 10261da177e4SLinus Torvalds 102732e569b7SPavel Emelyanov static int arp_req_set(struct net *net, struct arpreq *r, 102832e569b7SPavel Emelyanov struct net_device *dev) 102943dc1701SPavel Emelyanov { 103043dc1701SPavel Emelyanov __be32 ip; 103143dc1701SPavel Emelyanov struct neighbour *neigh; 103243dc1701SPavel Emelyanov int err; 103343dc1701SPavel Emelyanov 103443dc1701SPavel Emelyanov if (r->arp_flags & ATF_PUBL) 103532e569b7SPavel Emelyanov return arp_req_set_public(net, r, dev); 103643dc1701SPavel Emelyanov 103743dc1701SPavel Emelyanov ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 10381da177e4SLinus Torvalds if (r->arp_flags & ATF_PERM) 10391da177e4SLinus Torvalds r->arp_flags |= ATF_COM; 10401da177e4SLinus Torvalds if (dev == NULL) { 104178fbfd8aSDavid S. Miller struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0); 1042b23dd4feSDavid S. Miller 1043b23dd4feSDavid S. Miller if (IS_ERR(rt)) 1044b23dd4feSDavid S. Miller return PTR_ERR(rt); 1045d8d1f30bSChangli Gao dev = rt->dst.dev; 10461da177e4SLinus Torvalds ip_rt_put(rt); 10471da177e4SLinus Torvalds if (!dev) 10481da177e4SLinus Torvalds return -EINVAL; 10491da177e4SLinus Torvalds } 10501da177e4SLinus Torvalds switch (dev->type) { 105140e4783eSIgor Maravic #if IS_ENABLED(CONFIG_FDDI) 10521da177e4SLinus Torvalds case ARPHRD_FDDI: 10531da177e4SLinus Torvalds /* 10541da177e4SLinus Torvalds * According to RFC 1390, FDDI devices should accept ARP 10551da177e4SLinus Torvalds * hardware types of 1 (Ethernet). However, to be more 10561da177e4SLinus Torvalds * robust, we'll accept hardware types of either 1 (Ethernet) 10571da177e4SLinus Torvalds * or 6 (IEEE 802.2). 10581da177e4SLinus Torvalds */ 10591da177e4SLinus Torvalds if (r->arp_ha.sa_family != ARPHRD_FDDI && 10601da177e4SLinus Torvalds r->arp_ha.sa_family != ARPHRD_ETHER && 10611da177e4SLinus Torvalds r->arp_ha.sa_family != ARPHRD_IEEE802) 10621da177e4SLinus Torvalds return -EINVAL; 10631da177e4SLinus Torvalds break; 10641da177e4SLinus Torvalds #endif 10651da177e4SLinus Torvalds default: 10661da177e4SLinus Torvalds if (r->arp_ha.sa_family != dev->type) 10671da177e4SLinus Torvalds return -EINVAL; 10681da177e4SLinus Torvalds break; 10691da177e4SLinus Torvalds } 10701da177e4SLinus Torvalds 10711da177e4SLinus Torvalds neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev); 10721da177e4SLinus Torvalds err = PTR_ERR(neigh); 10731da177e4SLinus Torvalds if (!IS_ERR(neigh)) { 107495c96174SEric Dumazet unsigned int state = NUD_STALE; 10751da177e4SLinus Torvalds if (r->arp_flags & ATF_PERM) 10761da177e4SLinus Torvalds state = NUD_PERMANENT; 10771da177e4SLinus Torvalds err = neigh_update(neigh, (r->arp_flags & ATF_COM) ? 10781da177e4SLinus Torvalds r->arp_ha.sa_data : NULL, state, 10791da177e4SLinus Torvalds NEIGH_UPDATE_F_OVERRIDE | 10801da177e4SLinus Torvalds NEIGH_UPDATE_F_ADMIN); 10811da177e4SLinus Torvalds neigh_release(neigh); 10821da177e4SLinus Torvalds } 10831da177e4SLinus Torvalds return err; 10841da177e4SLinus Torvalds } 10851da177e4SLinus Torvalds 108695c96174SEric Dumazet static unsigned int arp_state_to_flags(struct neighbour *neigh) 10871da177e4SLinus Torvalds { 10881da177e4SLinus Torvalds if (neigh->nud_state&NUD_PERMANENT) 1089deffd777SChangli Gao return ATF_PERM | ATF_COM; 10901da177e4SLinus Torvalds else if (neigh->nud_state&NUD_VALID) 1091deffd777SChangli Gao return ATF_COM; 1092deffd777SChangli Gao else 1093deffd777SChangli Gao return 0; 10941da177e4SLinus Torvalds } 10951da177e4SLinus Torvalds 10961da177e4SLinus Torvalds /* 10971da177e4SLinus Torvalds * Get an ARP cache entry. 10981da177e4SLinus Torvalds */ 10991da177e4SLinus Torvalds 11001da177e4SLinus Torvalds static int arp_req_get(struct arpreq *r, struct net_device *dev) 11011da177e4SLinus Torvalds { 1102ed9bad06SAl Viro __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr; 11031da177e4SLinus Torvalds struct neighbour *neigh; 11041da177e4SLinus Torvalds int err = -ENXIO; 11051da177e4SLinus Torvalds 11061da177e4SLinus Torvalds neigh = neigh_lookup(&arp_tbl, &ip, dev); 11071da177e4SLinus Torvalds if (neigh) { 11081da177e4SLinus Torvalds read_lock_bh(&neigh->lock); 11091da177e4SLinus Torvalds memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len); 11101da177e4SLinus Torvalds r->arp_flags = arp_state_to_flags(neigh); 11111da177e4SLinus Torvalds read_unlock_bh(&neigh->lock); 11121da177e4SLinus Torvalds r->arp_ha.sa_family = dev->type; 11131da177e4SLinus Torvalds strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev)); 11141da177e4SLinus Torvalds neigh_release(neigh); 11151da177e4SLinus Torvalds err = 0; 11161da177e4SLinus Torvalds } 11171da177e4SLinus Torvalds return err; 11181da177e4SLinus Torvalds } 11191da177e4SLinus Torvalds 11207195cf72SStephen Hemminger static int arp_invalidate(struct net_device *dev, __be32 ip) 1121545ecdc3SMaxim Levitsky { 1122545ecdc3SMaxim Levitsky struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev); 1123545ecdc3SMaxim Levitsky int err = -ENXIO; 1124545ecdc3SMaxim Levitsky 1125545ecdc3SMaxim Levitsky if (neigh) { 1126545ecdc3SMaxim Levitsky if (neigh->nud_state & ~NUD_NOARP) 1127545ecdc3SMaxim Levitsky err = neigh_update(neigh, NULL, NUD_FAILED, 1128545ecdc3SMaxim Levitsky NEIGH_UPDATE_F_OVERRIDE| 1129545ecdc3SMaxim Levitsky NEIGH_UPDATE_F_ADMIN); 1130545ecdc3SMaxim Levitsky neigh_release(neigh); 1131545ecdc3SMaxim Levitsky } 1132545ecdc3SMaxim Levitsky 1133545ecdc3SMaxim Levitsky return err; 1134545ecdc3SMaxim Levitsky } 1135545ecdc3SMaxim Levitsky 113632e569b7SPavel Emelyanov static int arp_req_delete_public(struct net *net, struct arpreq *r, 113732e569b7SPavel Emelyanov struct net_device *dev) 11381da177e4SLinus Torvalds { 1139ed9bad06SAl Viro __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr; 114046479b43SPavel Emelyanov __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr; 11411da177e4SLinus Torvalds 1142ed9bad06SAl Viro if (mask == htonl(0xFFFFFFFF)) 11432db82b53SDenis V. Lunev return pneigh_delete(&arp_tbl, net, &ip, dev); 114446479b43SPavel Emelyanov 1145f8b33fdfSPavel Emelyanov if (mask) 11461da177e4SLinus Torvalds return -EINVAL; 1147f8b33fdfSPavel Emelyanov 114832e569b7SPavel Emelyanov return arp_req_set_proxy(net, dev, 0); 11491da177e4SLinus Torvalds } 11501da177e4SLinus Torvalds 115132e569b7SPavel Emelyanov static int arp_req_delete(struct net *net, struct arpreq *r, 115232e569b7SPavel Emelyanov struct net_device *dev) 115346479b43SPavel Emelyanov { 115446479b43SPavel Emelyanov __be32 ip; 115546479b43SPavel Emelyanov 115646479b43SPavel Emelyanov if (r->arp_flags & ATF_PUBL) 115732e569b7SPavel Emelyanov return arp_req_delete_public(net, r, dev); 115846479b43SPavel Emelyanov 115946479b43SPavel Emelyanov ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 11601da177e4SLinus Torvalds if (dev == NULL) { 116178fbfd8aSDavid S. Miller struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0); 1162b23dd4feSDavid S. Miller if (IS_ERR(rt)) 1163b23dd4feSDavid S. Miller return PTR_ERR(rt); 1164d8d1f30bSChangli Gao dev = rt->dst.dev; 11651da177e4SLinus Torvalds ip_rt_put(rt); 11661da177e4SLinus Torvalds if (!dev) 11671da177e4SLinus Torvalds return -EINVAL; 11681da177e4SLinus Torvalds } 1169545ecdc3SMaxim Levitsky return arp_invalidate(dev, ip); 11701da177e4SLinus Torvalds } 11711da177e4SLinus Torvalds 11721da177e4SLinus Torvalds /* 11731da177e4SLinus Torvalds * Handle an ARP layer I/O control request. 11741da177e4SLinus Torvalds */ 11751da177e4SLinus Torvalds 117632e569b7SPavel Emelyanov int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg) 11771da177e4SLinus Torvalds { 11781da177e4SLinus Torvalds int err; 11791da177e4SLinus Torvalds struct arpreq r; 11801da177e4SLinus Torvalds struct net_device *dev = NULL; 11811da177e4SLinus Torvalds 11821da177e4SLinus Torvalds switch (cmd) { 11831da177e4SLinus Torvalds case SIOCDARP: 11841da177e4SLinus Torvalds case SIOCSARP: 118552e804c6SEric W. Biederman if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 11861da177e4SLinus Torvalds return -EPERM; 11871da177e4SLinus Torvalds case SIOCGARP: 11881da177e4SLinus Torvalds err = copy_from_user(&r, arg, sizeof(struct arpreq)); 11891da177e4SLinus Torvalds if (err) 11901da177e4SLinus Torvalds return -EFAULT; 11911da177e4SLinus Torvalds break; 11921da177e4SLinus Torvalds default: 11931da177e4SLinus Torvalds return -EINVAL; 11941da177e4SLinus Torvalds } 11951da177e4SLinus Torvalds 11961da177e4SLinus Torvalds if (r.arp_pa.sa_family != AF_INET) 11971da177e4SLinus Torvalds return -EPFNOSUPPORT; 11981da177e4SLinus Torvalds 11991da177e4SLinus Torvalds if (!(r.arp_flags & ATF_PUBL) && 12001da177e4SLinus Torvalds (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB))) 12011da177e4SLinus Torvalds return -EINVAL; 12021da177e4SLinus Torvalds if (!(r.arp_flags & ATF_NETMASK)) 12031da177e4SLinus Torvalds ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr = 12041da177e4SLinus Torvalds htonl(0xFFFFFFFFUL); 1205c506653dSEric Dumazet rtnl_lock(); 12061da177e4SLinus Torvalds if (r.arp_dev[0]) { 12071da177e4SLinus Torvalds err = -ENODEV; 1208c506653dSEric Dumazet dev = __dev_get_by_name(net, r.arp_dev); 1209deffd777SChangli Gao if (dev == NULL) 12101da177e4SLinus Torvalds goto out; 12111da177e4SLinus Torvalds 12121da177e4SLinus Torvalds /* Mmmm... It is wrong... ARPHRD_NETROM==0 */ 12131da177e4SLinus Torvalds if (!r.arp_ha.sa_family) 12141da177e4SLinus Torvalds r.arp_ha.sa_family = dev->type; 12151da177e4SLinus Torvalds err = -EINVAL; 12161da177e4SLinus Torvalds if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type) 12171da177e4SLinus Torvalds goto out; 12181da177e4SLinus Torvalds } else if (cmd == SIOCGARP) { 12191da177e4SLinus Torvalds err = -ENODEV; 12201da177e4SLinus Torvalds goto out; 12211da177e4SLinus Torvalds } 12221da177e4SLinus Torvalds 12231da177e4SLinus Torvalds switch (cmd) { 12241da177e4SLinus Torvalds case SIOCDARP: 122532e569b7SPavel Emelyanov err = arp_req_delete(net, &r, dev); 12261da177e4SLinus Torvalds break; 12271da177e4SLinus Torvalds case SIOCSARP: 122832e569b7SPavel Emelyanov err = arp_req_set(net, &r, dev); 12291da177e4SLinus Torvalds break; 12301da177e4SLinus Torvalds case SIOCGARP: 12311da177e4SLinus Torvalds err = arp_req_get(&r, dev); 12321da177e4SLinus Torvalds break; 12331da177e4SLinus Torvalds } 12341da177e4SLinus Torvalds out: 1235c506653dSEric Dumazet rtnl_unlock(); 1236941666c2SEric Dumazet if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r))) 1237941666c2SEric Dumazet err = -EFAULT; 12381da177e4SLinus Torvalds return err; 12391da177e4SLinus Torvalds } 12401da177e4SLinus Torvalds 1241deffd777SChangli Gao static int arp_netdev_event(struct notifier_block *this, unsigned long event, 1242deffd777SChangli Gao void *ptr) 12431da177e4SLinus Torvalds { 1244351638e7SJiri Pirko struct net_device *dev = netdev_notifier_info_to_dev(ptr); 12456c8b4e3fSTimo Teräs struct netdev_notifier_change_info *change_info; 12461da177e4SLinus Torvalds 12471da177e4SLinus Torvalds switch (event) { 12481da177e4SLinus Torvalds case NETDEV_CHANGEADDR: 12491da177e4SLinus Torvalds neigh_changeaddr(&arp_tbl, dev); 1250bafa6d9dSNicolas Dichtel rt_cache_flush(dev_net(dev)); 12511da177e4SLinus Torvalds break; 12526c8b4e3fSTimo Teräs case NETDEV_CHANGE: 12536c8b4e3fSTimo Teräs change_info = ptr; 12546c8b4e3fSTimo Teräs if (change_info->flags_changed & IFF_NOARP) 12556c8b4e3fSTimo Teräs neigh_changeaddr(&arp_tbl, dev); 12566c8b4e3fSTimo Teräs break; 12571da177e4SLinus Torvalds default: 12581da177e4SLinus Torvalds break; 12591da177e4SLinus Torvalds } 12601da177e4SLinus Torvalds 12611da177e4SLinus Torvalds return NOTIFY_DONE; 12621da177e4SLinus Torvalds } 12631da177e4SLinus Torvalds 12641da177e4SLinus Torvalds static struct notifier_block arp_netdev_notifier = { 12651da177e4SLinus Torvalds .notifier_call = arp_netdev_event, 12661da177e4SLinus Torvalds }; 12671da177e4SLinus Torvalds 12681da177e4SLinus Torvalds /* Note, that it is not on notifier chain. 12691da177e4SLinus Torvalds It is necessary, that this routine was called after route cache will be 12701da177e4SLinus Torvalds flushed. 12711da177e4SLinus Torvalds */ 12721da177e4SLinus Torvalds void arp_ifdown(struct net_device *dev) 12731da177e4SLinus Torvalds { 12741da177e4SLinus Torvalds neigh_ifdown(&arp_tbl, dev); 12751da177e4SLinus Torvalds } 12761da177e4SLinus Torvalds 12771da177e4SLinus Torvalds 12781da177e4SLinus Torvalds /* 12791da177e4SLinus Torvalds * Called once on startup. 12801da177e4SLinus Torvalds */ 12811da177e4SLinus Torvalds 12827546dd97SStephen Hemminger static struct packet_type arp_packet_type __read_mostly = { 128309640e63SHarvey Harrison .type = cpu_to_be16(ETH_P_ARP), 12841da177e4SLinus Torvalds .func = arp_rcv, 12851da177e4SLinus Torvalds }; 12861da177e4SLinus Torvalds 12871da177e4SLinus Torvalds static int arp_proc_init(void); 12881da177e4SLinus Torvalds 12891da177e4SLinus Torvalds void __init arp_init(void) 12901da177e4SLinus Torvalds { 12911da177e4SLinus Torvalds neigh_table_init(&arp_tbl); 12921da177e4SLinus Torvalds 12931da177e4SLinus Torvalds dev_add_pack(&arp_packet_type); 12941da177e4SLinus Torvalds arp_proc_init(); 12951da177e4SLinus Torvalds #ifdef CONFIG_SYSCTL 129673af614aSJiri Pirko neigh_sysctl_register(NULL, &arp_tbl.parms, NULL); 12971da177e4SLinus Torvalds #endif 12981da177e4SLinus Torvalds register_netdevice_notifier(&arp_netdev_notifier); 12991da177e4SLinus Torvalds } 13001da177e4SLinus Torvalds 13011da177e4SLinus Torvalds #ifdef CONFIG_PROC_FS 130240e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 13031da177e4SLinus Torvalds 13041da177e4SLinus Torvalds /* ------------------------------------------------------------------------ */ 13051da177e4SLinus Torvalds /* 13061da177e4SLinus Torvalds * ax25 -> ASCII conversion 13071da177e4SLinus Torvalds */ 13081da177e4SLinus Torvalds static char *ax2asc2(ax25_address *a, char *buf) 13091da177e4SLinus Torvalds { 13101da177e4SLinus Torvalds char c, *s; 13111da177e4SLinus Torvalds int n; 13121da177e4SLinus Torvalds 13131da177e4SLinus Torvalds for (n = 0, s = buf; n < 6; n++) { 13141da177e4SLinus Torvalds c = (a->ax25_call[n] >> 1) & 0x7F; 13151da177e4SLinus Torvalds 1316deffd777SChangli Gao if (c != ' ') 1317deffd777SChangli Gao *s++ = c; 13181da177e4SLinus Torvalds } 13191da177e4SLinus Torvalds 13201da177e4SLinus Torvalds *s++ = '-'; 1321deffd777SChangli Gao n = (a->ax25_call[6] >> 1) & 0x0F; 1322deffd777SChangli Gao if (n > 9) { 13231da177e4SLinus Torvalds *s++ = '1'; 13241da177e4SLinus Torvalds n -= 10; 13251da177e4SLinus Torvalds } 13261da177e4SLinus Torvalds 13271da177e4SLinus Torvalds *s++ = n + '0'; 13281da177e4SLinus Torvalds *s++ = '\0'; 13291da177e4SLinus Torvalds 13301da177e4SLinus Torvalds if (*buf == '\0' || *buf == '-') 13311da177e4SLinus Torvalds return "*"; 13321da177e4SLinus Torvalds 13331da177e4SLinus Torvalds return buf; 13341da177e4SLinus Torvalds } 13351da177e4SLinus Torvalds #endif /* CONFIG_AX25 */ 13361da177e4SLinus Torvalds 13371da177e4SLinus Torvalds #define HBUFFERLEN 30 13381da177e4SLinus Torvalds 13391da177e4SLinus Torvalds static void arp_format_neigh_entry(struct seq_file *seq, 13401da177e4SLinus Torvalds struct neighbour *n) 13411da177e4SLinus Torvalds { 13421da177e4SLinus Torvalds char hbuffer[HBUFFERLEN]; 13431da177e4SLinus Torvalds int k, j; 13441da177e4SLinus Torvalds char tbuf[16]; 13451da177e4SLinus Torvalds struct net_device *dev = n->dev; 13461da177e4SLinus Torvalds int hatype = dev->type; 13471da177e4SLinus Torvalds 13481da177e4SLinus Torvalds read_lock(&n->lock); 13491da177e4SLinus Torvalds /* Convert hardware address to XX:XX:XX:XX ... form. */ 135040e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 13511da177e4SLinus Torvalds if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM) 13521da177e4SLinus Torvalds ax2asc2((ax25_address *)n->ha, hbuffer); 13531da177e4SLinus Torvalds else { 13541da177e4SLinus Torvalds #endif 13551da177e4SLinus Torvalds for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) { 135651f82a2bSDenis Cheng hbuffer[k++] = hex_asc_hi(n->ha[j]); 135751f82a2bSDenis Cheng hbuffer[k++] = hex_asc_lo(n->ha[j]); 13581da177e4SLinus Torvalds hbuffer[k++] = ':'; 13591da177e4SLinus Torvalds } 1360a3e8ee68Sroel kluin if (k != 0) 1361a3e8ee68Sroel kluin --k; 1362a3e8ee68Sroel kluin hbuffer[k] = 0; 136340e4783eSIgor Maravic #if IS_ENABLED(CONFIG_AX25) 13641da177e4SLinus Torvalds } 13651da177e4SLinus Torvalds #endif 1366673d57e7SHarvey Harrison sprintf(tbuf, "%pI4", n->primary_key); 13671da177e4SLinus Torvalds seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", 13681da177e4SLinus Torvalds tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); 13691da177e4SLinus Torvalds read_unlock(&n->lock); 13701da177e4SLinus Torvalds } 13711da177e4SLinus Torvalds 13721da177e4SLinus Torvalds static void arp_format_pneigh_entry(struct seq_file *seq, 13731da177e4SLinus Torvalds struct pneigh_entry *n) 13741da177e4SLinus Torvalds { 13751da177e4SLinus Torvalds struct net_device *dev = n->dev; 13761da177e4SLinus Torvalds int hatype = dev ? dev->type : 0; 13771da177e4SLinus Torvalds char tbuf[16]; 13781da177e4SLinus Torvalds 1379673d57e7SHarvey Harrison sprintf(tbuf, "%pI4", n->key); 13801da177e4SLinus Torvalds seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", 13811da177e4SLinus Torvalds tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", 13821da177e4SLinus Torvalds dev ? dev->name : "*"); 13831da177e4SLinus Torvalds } 13841da177e4SLinus Torvalds 13851da177e4SLinus Torvalds static int arp_seq_show(struct seq_file *seq, void *v) 13861da177e4SLinus Torvalds { 13871da177e4SLinus Torvalds if (v == SEQ_START_TOKEN) { 13881da177e4SLinus Torvalds seq_puts(seq, "IP address HW type Flags " 13891da177e4SLinus Torvalds "HW address Mask Device\n"); 13901da177e4SLinus Torvalds } else { 13911da177e4SLinus Torvalds struct neigh_seq_state *state = seq->private; 13921da177e4SLinus Torvalds 13931da177e4SLinus Torvalds if (state->flags & NEIGH_SEQ_IS_PNEIGH) 13941da177e4SLinus Torvalds arp_format_pneigh_entry(seq, v); 13951da177e4SLinus Torvalds else 13961da177e4SLinus Torvalds arp_format_neigh_entry(seq, v); 13971da177e4SLinus Torvalds } 13981da177e4SLinus Torvalds 13991da177e4SLinus Torvalds return 0; 14001da177e4SLinus Torvalds } 14011da177e4SLinus Torvalds 14021da177e4SLinus Torvalds static void *arp_seq_start(struct seq_file *seq, loff_t *pos) 14031da177e4SLinus Torvalds { 14041da177e4SLinus Torvalds /* Don't want to confuse "arp -a" w/ magic entries, 14051da177e4SLinus Torvalds * so we tell the generic iterator to skip NUD_NOARP. 14061da177e4SLinus Torvalds */ 14071da177e4SLinus Torvalds return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP); 14081da177e4SLinus Torvalds } 14091da177e4SLinus Torvalds 14101da177e4SLinus Torvalds /* ------------------------------------------------------------------------ */ 14111da177e4SLinus Torvalds 1412f690808eSStephen Hemminger static const struct seq_operations arp_seq_ops = { 14131da177e4SLinus Torvalds .start = arp_seq_start, 14141da177e4SLinus Torvalds .next = neigh_seq_next, 14151da177e4SLinus Torvalds .stop = neigh_seq_stop, 14161da177e4SLinus Torvalds .show = arp_seq_show, 14171da177e4SLinus Torvalds }; 14181da177e4SLinus Torvalds 14191da177e4SLinus Torvalds static int arp_seq_open(struct inode *inode, struct file *file) 14201da177e4SLinus Torvalds { 1421426b5303SEric W. Biederman return seq_open_net(inode, file, &arp_seq_ops, 1422cf7732e4SPavel Emelyanov sizeof(struct neigh_seq_state)); 14231da177e4SLinus Torvalds } 14241da177e4SLinus Torvalds 14259a32144eSArjan van de Ven static const struct file_operations arp_seq_fops = { 14261da177e4SLinus Torvalds .owner = THIS_MODULE, 14271da177e4SLinus Torvalds .open = arp_seq_open, 14281da177e4SLinus Torvalds .read = seq_read, 14291da177e4SLinus Torvalds .llseek = seq_lseek, 1430426b5303SEric W. Biederman .release = seq_release_net, 14311da177e4SLinus Torvalds }; 14321da177e4SLinus Torvalds 1433ffc31d3dSDenis V. Lunev 1434ffc31d3dSDenis V. Lunev static int __net_init arp_net_init(struct net *net) 14351da177e4SLinus Torvalds { 1436d4beaa66SGao feng if (!proc_create("arp", S_IRUGO, net->proc_net, &arp_seq_fops)) 14371da177e4SLinus Torvalds return -ENOMEM; 14381da177e4SLinus Torvalds return 0; 14391da177e4SLinus Torvalds } 14401da177e4SLinus Torvalds 1441ffc31d3dSDenis V. Lunev static void __net_exit arp_net_exit(struct net *net) 1442ffc31d3dSDenis V. Lunev { 1443ece31ffdSGao feng remove_proc_entry("arp", net->proc_net); 1444ffc31d3dSDenis V. Lunev } 1445ffc31d3dSDenis V. Lunev 1446ffc31d3dSDenis V. Lunev static struct pernet_operations arp_net_ops = { 1447ffc31d3dSDenis V. Lunev .init = arp_net_init, 1448ffc31d3dSDenis V. Lunev .exit = arp_net_exit, 1449ffc31d3dSDenis V. Lunev }; 1450ffc31d3dSDenis V. Lunev 1451ffc31d3dSDenis V. Lunev static int __init arp_proc_init(void) 1452ffc31d3dSDenis V. Lunev { 1453ffc31d3dSDenis V. Lunev return register_pernet_subsys(&arp_net_ops); 1454ffc31d3dSDenis V. Lunev } 1455ffc31d3dSDenis V. Lunev 14561da177e4SLinus Torvalds #else /* CONFIG_PROC_FS */ 14571da177e4SLinus Torvalds 14581da177e4SLinus Torvalds static int __init arp_proc_init(void) 14591da177e4SLinus Torvalds { 14601da177e4SLinus Torvalds return 0; 14611da177e4SLinus Torvalds } 14621da177e4SLinus Torvalds 14631da177e4SLinus Torvalds #endif /* CONFIG_PROC_FS */ 1464