1 /* linux/net/ipv4/arp.c
2  *
3  * Copyright (C) 1994 by Florian  La Roche
4  *
5  * This module implements the Address Resolution Protocol ARP (RFC 826),
6  * which is used to convert IP addresses (or in the future maybe other
7  * high-level addresses) into a low-level hardware address (like an Ethernet
8  * address).
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License
12  * as published by the Free Software Foundation; either version
13  * 2 of the License, or (at your option) any later version.
14  *
15  * Fixes:
16  *		Alan Cox	:	Removed the Ethernet assumptions in
17  *					Florian's code
18  *		Alan Cox	:	Fixed some small errors in the ARP
19  *					logic
20  *		Alan Cox	:	Allow >4K in /proc
21  *		Alan Cox	:	Make ARP add its own protocol entry
22  *		Ross Martin     :       Rewrote arp_rcv() and arp_get_info()
23  *		Stephen Henson	:	Add AX25 support to arp_get_info()
24  *		Alan Cox	:	Drop data when a device is downed.
25  *		Alan Cox	:	Use init_timer().
26  *		Alan Cox	:	Double lock fixes.
27  *		Martin Seine	:	Move the arphdr structure
28  *					to if_arp.h for compatibility.
29  *					with BSD based programs.
30  *		Andrew Tridgell :       Added ARP netmask code and
31  *					re-arranged proxy handling.
32  *		Alan Cox	:	Changed to use notifiers.
33  *		Niibe Yutaka	:	Reply for this device or proxies only.
34  *		Alan Cox	:	Don't proxy across hardware types!
35  *		Jonathan Naylor :	Added support for NET/ROM.
36  *		Mike Shaver     :       RFC1122 checks.
37  *		Jonathan Naylor :	Only lookup the hardware address for
38  *					the correct hardware type.
39  *		Germano Caronni	:	Assorted subtle races.
40  *		Craig Schlenter :	Don't modify permanent entry
41  *					during arp_rcv.
42  *		Russ Nelson	:	Tidied up a few bits.
43  *		Alexey Kuznetsov:	Major changes to caching and behaviour,
44  *					eg intelligent arp probing and
45  *					generation
46  *					of host down events.
47  *		Alan Cox	:	Missing unlock in device events.
48  *		Eckes		:	ARP ioctl control errors.
49  *		Alexey Kuznetsov:	Arp free fix.
50  *		Manuel Rodriguez:	Gratuitous ARP.
51  *              Jonathan Layes  :       Added arpd support through kerneld
52  *                                      message queue (960314)
53  *		Mike Shaver	:	/proc/sys/net/ipv4/arp_* support
54  *		Mike McLagan    :	Routing by source
55  *		Stuart Cheshire	:	Metricom and grat arp fixes
56  *					*** FOR 2.1 clean this up ***
57  *		Lawrence V. Stefani: (08/12/96) Added FDDI support.
58  *		Alan Cox	:	Took the AP1000 nasty FDDI hack and
59  *					folded into the mainstream FDDI code.
60  *					Ack spit, Linus how did you allow that
61  *					one in...
62  *		Jes Sorensen	:	Make FDDI work again in 2.1.x and
63  *					clean up the APFDDI & gen. FDDI bits.
64  *		Alexey Kuznetsov:	new arp state machine;
65  *					now it is in net/core/neighbour.c.
66  *		Krzysztof Halasa:	Added Frame Relay ARP support.
67  *		Arnaldo C. Melo :	convert /proc/net/arp to seq_file
68  *		Shmulik Hen:		Split arp_send to arp_create and
69  *					arp_xmit so intermediate drivers like
70  *					bonding can change the skb before
71  *					sending (e.g. insert 8021q tag).
72  *		Harald Welte	:	convert to make use of jenkins hash
73  *		Jesper D. Brouer:       Proxy ARP PVLAN RFC 3069 support.
74  */
75 
76 #include <linux/module.h>
77 #include <linux/types.h>
78 #include <linux/string.h>
79 #include <linux/kernel.h>
80 #include <linux/capability.h>
81 #include <linux/socket.h>
82 #include <linux/sockios.h>
83 #include <linux/errno.h>
84 #include <linux/in.h>
85 #include <linux/mm.h>
86 #include <linux/inet.h>
87 #include <linux/inetdevice.h>
88 #include <linux/netdevice.h>
89 #include <linux/etherdevice.h>
90 #include <linux/fddidevice.h>
91 #include <linux/if_arp.h>
92 #include <linux/trdevice.h>
93 #include <linux/skbuff.h>
94 #include <linux/proc_fs.h>
95 #include <linux/seq_file.h>
96 #include <linux/stat.h>
97 #include <linux/init.h>
98 #include <linux/net.h>
99 #include <linux/rcupdate.h>
100 #include <linux/jhash.h>
101 #include <linux/slab.h>
102 #ifdef CONFIG_SYSCTL
103 #include <linux/sysctl.h>
104 #endif
105 
106 #include <net/net_namespace.h>
107 #include <net/ip.h>
108 #include <net/icmp.h>
109 #include <net/route.h>
110 #include <net/protocol.h>
111 #include <net/tcp.h>
112 #include <net/sock.h>
113 #include <net/arp.h>
114 #include <net/ax25.h>
115 #include <net/netrom.h>
116 #if defined(CONFIG_ATM_CLIP) || defined(CONFIG_ATM_CLIP_MODULE)
117 #include <net/atmclip.h>
118 struct neigh_table *clip_tbl_hook;
119 EXPORT_SYMBOL(clip_tbl_hook);
120 #endif
121 
122 #include <asm/system.h>
123 #include <linux/uaccess.h>
124 
125 #include <linux/netfilter_arp.h>
126 
127 /*
128  *	Interface to generic neighbour cache.
129  */
130 static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 rnd);
131 static int arp_constructor(struct neighbour *neigh);
132 static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
133 static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
134 static void parp_redo(struct sk_buff *skb);
135 
136 static const struct neigh_ops arp_generic_ops = {
137 	.family =		AF_INET,
138 	.solicit =		arp_solicit,
139 	.error_report =		arp_error_report,
140 	.output =		neigh_resolve_output,
141 	.connected_output =	neigh_connected_output,
142 	.hh_output =		dev_queue_xmit,
143 	.queue_xmit =		dev_queue_xmit,
144 };
145 
146 static const struct neigh_ops arp_hh_ops = {
147 	.family =		AF_INET,
148 	.solicit =		arp_solicit,
149 	.error_report =		arp_error_report,
150 	.output =		neigh_resolve_output,
151 	.connected_output =	neigh_resolve_output,
152 	.hh_output =		dev_queue_xmit,
153 	.queue_xmit =		dev_queue_xmit,
154 };
155 
156 static const struct neigh_ops arp_direct_ops = {
157 	.family =		AF_INET,
158 	.output =		dev_queue_xmit,
159 	.connected_output =	dev_queue_xmit,
160 	.hh_output =		dev_queue_xmit,
161 	.queue_xmit =		dev_queue_xmit,
162 };
163 
164 static const struct neigh_ops arp_broken_ops = {
165 	.family =		AF_INET,
166 	.solicit =		arp_solicit,
167 	.error_report =		arp_error_report,
168 	.output =		neigh_compat_output,
169 	.connected_output =	neigh_compat_output,
170 	.hh_output =		dev_queue_xmit,
171 	.queue_xmit =		dev_queue_xmit,
172 };
173 
174 struct neigh_table arp_tbl = {
175 	.family		= AF_INET,
176 	.entry_size	= sizeof(struct neighbour) + 4,
177 	.key_len	= 4,
178 	.hash		= arp_hash,
179 	.constructor	= arp_constructor,
180 	.proxy_redo	= parp_redo,
181 	.id		= "arp_cache",
182 	.parms		= {
183 		.tbl			= &arp_tbl,
184 		.base_reachable_time	= 30 * HZ,
185 		.retrans_time		= 1 * HZ,
186 		.gc_staletime		= 60 * HZ,
187 		.reachable_time		= 30 * HZ,
188 		.delay_probe_time	= 5 * HZ,
189 		.queue_len		= 3,
190 		.ucast_probes		= 3,
191 		.mcast_probes		= 3,
192 		.anycast_delay		= 1 * HZ,
193 		.proxy_delay		= (8 * HZ) / 10,
194 		.proxy_qlen		= 64,
195 		.locktime		= 1 * HZ,
196 	},
197 	.gc_interval	= 30 * HZ,
198 	.gc_thresh1	= 128,
199 	.gc_thresh2	= 512,
200 	.gc_thresh3	= 1024,
201 };
202 EXPORT_SYMBOL(arp_tbl);
203 
arp_mc_map(__be32 addr,u8 * haddr,struct net_device * dev,int dir)204 int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
205 {
206 	switch (dev->type) {
207 	case ARPHRD_ETHER:
208 	case ARPHRD_FDDI:
209 	case ARPHRD_IEEE802:
210 		ip_eth_mc_map(addr, haddr);
211 		return 0;
212 	case ARPHRD_IEEE802_TR:
213 		ip_tr_mc_map(addr, haddr);
214 		return 0;
215 	case ARPHRD_INFINIBAND:
216 		ip_ib_mc_map(addr, dev->broadcast, haddr);
217 		return 0;
218 	case ARPHRD_IPGRE:
219 		ip_ipgre_mc_map(addr, dev->broadcast, haddr);
220 		return 0;
221 	default:
222 		if (dir) {
223 			memcpy(haddr, dev->broadcast, dev->addr_len);
224 			return 0;
225 		}
226 	}
227 	return -EINVAL;
228 }
229 
230 
arp_hash(const void * pkey,const struct net_device * dev,__u32 hash_rnd)231 static u32 arp_hash(const void *pkey,
232 		    const struct net_device *dev,
233 		    __u32 hash_rnd)
234 {
235 	return jhash_2words(*(u32 *)pkey, dev->ifindex, hash_rnd);
236 }
237 
arp_constructor(struct neighbour * neigh)238 static int arp_constructor(struct neighbour *neigh)
239 {
240 	__be32 addr = *(__be32 *)neigh->primary_key;
241 	struct net_device *dev = neigh->dev;
242 	struct in_device *in_dev;
243 	struct neigh_parms *parms;
244 
245 	rcu_read_lock();
246 	in_dev = __in_dev_get_rcu(dev);
247 	if (in_dev == NULL) {
248 		rcu_read_unlock();
249 		return -EINVAL;
250 	}
251 
252 	neigh->type = inet_addr_type(dev_net(dev), addr);
253 
254 	parms = in_dev->arp_parms;
255 	__neigh_parms_put(neigh->parms);
256 	neigh->parms = neigh_parms_clone(parms);
257 	rcu_read_unlock();
258 
259 	if (!dev->header_ops) {
260 		neigh->nud_state = NUD_NOARP;
261 		neigh->ops = &arp_direct_ops;
262 		neigh->output = neigh->ops->queue_xmit;
263 	} else {
264 		/* Good devices (checked by reading texts, but only Ethernet is
265 		   tested)
266 
267 		   ARPHRD_ETHER: (ethernet, apfddi)
268 		   ARPHRD_FDDI: (fddi)
269 		   ARPHRD_IEEE802: (tr)
270 		   ARPHRD_METRICOM: (strip)
271 		   ARPHRD_ARCNET:
272 		   etc. etc. etc.
273 
274 		   ARPHRD_IPDDP will also work, if author repairs it.
275 		   I did not it, because this driver does not work even
276 		   in old paradigm.
277 		 */
278 
279 #if 1
280 		/* So... these "amateur" devices are hopeless.
281 		   The only thing, that I can say now:
282 		   It is very sad that we need to keep ugly obsolete
283 		   code to make them happy.
284 
285 		   They should be moved to more reasonable state, now
286 		   they use rebuild_header INSTEAD OF hard_start_xmit!!!
287 		   Besides that, they are sort of out of date
288 		   (a lot of redundant clones/copies, useless in 2.1),
289 		   I wonder why people believe that they work.
290 		 */
291 		switch (dev->type) {
292 		default:
293 			break;
294 		case ARPHRD_ROSE:
295 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
296 		case ARPHRD_AX25:
297 #if defined(CONFIG_NETROM) || defined(CONFIG_NETROM_MODULE)
298 		case ARPHRD_NETROM:
299 #endif
300 			neigh->ops = &arp_broken_ops;
301 			neigh->output = neigh->ops->output;
302 			return 0;
303 #else
304 			break;
305 #endif
306 		}
307 #endif
308 		if (neigh->type == RTN_MULTICAST) {
309 			neigh->nud_state = NUD_NOARP;
310 			arp_mc_map(addr, neigh->ha, dev, 1);
311 		} else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
312 			neigh->nud_state = NUD_NOARP;
313 			memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
314 		} else if (neigh->type == RTN_BROADCAST ||
315 			   (dev->flags & IFF_POINTOPOINT)) {
316 			neigh->nud_state = NUD_NOARP;
317 			memcpy(neigh->ha, dev->broadcast, dev->addr_len);
318 		}
319 
320 		if (dev->header_ops->cache)
321 			neigh->ops = &arp_hh_ops;
322 		else
323 			neigh->ops = &arp_generic_ops;
324 
325 		if (neigh->nud_state & NUD_VALID)
326 			neigh->output = neigh->ops->connected_output;
327 		else
328 			neigh->output = neigh->ops->output;
329 	}
330 	return 0;
331 }
332 
arp_error_report(struct neighbour * neigh,struct sk_buff * skb)333 static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
334 {
335 	dst_link_failure(skb);
336 	kfree_skb(skb);
337 }
338 
arp_solicit(struct neighbour * neigh,struct sk_buff * skb)339 static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
340 {
341 	__be32 saddr = 0;
342 	u8  *dst_ha = NULL;
343 	struct net_device *dev = neigh->dev;
344 	__be32 target = *(__be32 *)neigh->primary_key;
345 	int probes = atomic_read(&neigh->probes);
346 	struct in_device *in_dev;
347 
348 	rcu_read_lock();
349 	in_dev = __in_dev_get_rcu(dev);
350 	if (!in_dev) {
351 		rcu_read_unlock();
352 		return;
353 	}
354 	switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
355 	default:
356 	case 0:		/* By default announce any local IP */
357 		if (skb && inet_addr_type(dev_net(dev),
358 					  ip_hdr(skb)->saddr) == RTN_LOCAL)
359 			saddr = ip_hdr(skb)->saddr;
360 		break;
361 	case 1:		/* Restrict announcements of saddr in same subnet */
362 		if (!skb)
363 			break;
364 		saddr = ip_hdr(skb)->saddr;
365 		if (inet_addr_type(dev_net(dev), saddr) == RTN_LOCAL) {
366 			/* saddr should be known to target */
367 			if (inet_addr_onlink(in_dev, target, saddr))
368 				break;
369 		}
370 		saddr = 0;
371 		break;
372 	case 2:		/* Avoid secondary IPs, get a primary/preferred one */
373 		break;
374 	}
375 	rcu_read_unlock();
376 
377 	if (!saddr)
378 		saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
379 
380 	probes -= neigh->parms->ucast_probes;
381 	if (probes < 0) {
382 		if (!(neigh->nud_state & NUD_VALID))
383 			printk(KERN_DEBUG
384 			       "trying to ucast probe in NUD_INVALID\n");
385 		dst_ha = neigh->ha;
386 		read_lock_bh(&neigh->lock);
387 	} else {
388 		probes -= neigh->parms->app_probes;
389 		if (probes < 0) {
390 #ifdef CONFIG_ARPD
391 			neigh_app_ns(neigh);
392 #endif
393 			return;
394 		}
395 	}
396 
397 	arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
398 		 dst_ha, dev->dev_addr, NULL);
399 	if (dst_ha)
400 		read_unlock_bh(&neigh->lock);
401 }
402 
arp_ignore(struct in_device * in_dev,__be32 sip,__be32 tip)403 static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
404 {
405 	int scope;
406 
407 	switch (IN_DEV_ARP_IGNORE(in_dev)) {
408 	case 0:	/* Reply, the tip is already validated */
409 		return 0;
410 	case 1:	/* Reply only if tip is configured on the incoming interface */
411 		sip = 0;
412 		scope = RT_SCOPE_HOST;
413 		break;
414 	case 2:	/*
415 		 * Reply only if tip is configured on the incoming interface
416 		 * and is in same subnet as sip
417 		 */
418 		scope = RT_SCOPE_HOST;
419 		break;
420 	case 3:	/* Do not reply for scope host addresses */
421 		sip = 0;
422 		scope = RT_SCOPE_LINK;
423 		break;
424 	case 4:	/* Reserved */
425 	case 5:
426 	case 6:
427 	case 7:
428 		return 0;
429 	case 8:	/* Do not reply */
430 		return 1;
431 	default:
432 		return 0;
433 	}
434 	return !inet_confirm_addr(in_dev, sip, tip, scope);
435 }
436 
arp_filter(__be32 sip,__be32 tip,struct net_device * dev)437 static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
438 {
439 	struct rtable *rt;
440 	int flag = 0;
441 	/*unsigned long now; */
442 	struct net *net = dev_net(dev);
443 
444 	rt = ip_route_output(net, sip, tip, 0, 0);
445 	if (IS_ERR(rt))
446 		return 1;
447 	if (rt->dst.dev != dev) {
448 		NET_INC_STATS_BH(net, LINUX_MIB_ARPFILTER);
449 		flag = 1;
450 	}
451 	ip_rt_put(rt);
452 	return flag;
453 }
454 
455 /* OBSOLETE FUNCTIONS */
456 
457 /*
458  *	Find an arp mapping in the cache. If not found, post a request.
459  *
460  *	It is very UGLY routine: it DOES NOT use skb->dst->neighbour,
461  *	even if it exists. It is supposed that skb->dev was mangled
462  *	by a virtual device (eql, shaper). Nobody but broken devices
463  *	is allowed to use this function, it is scheduled to be removed. --ANK
464  */
465 
arp_set_predefined(int addr_hint,unsigned char * haddr,__be32 paddr,struct net_device * dev)466 static int arp_set_predefined(int addr_hint, unsigned char *haddr,
467 			      __be32 paddr, struct net_device *dev)
468 {
469 	switch (addr_hint) {
470 	case RTN_LOCAL:
471 		printk(KERN_DEBUG "ARP: arp called for own IP address\n");
472 		memcpy(haddr, dev->dev_addr, dev->addr_len);
473 		return 1;
474 	case RTN_MULTICAST:
475 		arp_mc_map(paddr, haddr, dev, 1);
476 		return 1;
477 	case RTN_BROADCAST:
478 		memcpy(haddr, dev->broadcast, dev->addr_len);
479 		return 1;
480 	}
481 	return 0;
482 }
483 
484 
arp_find(unsigned char * haddr,struct sk_buff * skb)485 int arp_find(unsigned char *haddr, struct sk_buff *skb)
486 {
487 	struct net_device *dev = skb->dev;
488 	__be32 paddr;
489 	struct neighbour *n;
490 
491 	if (!skb_dst(skb)) {
492 		printk(KERN_DEBUG "arp_find is called with dst==NULL\n");
493 		kfree_skb(skb);
494 		return 1;
495 	}
496 
497 	paddr = skb_rtable(skb)->rt_gateway;
498 
499 	if (arp_set_predefined(inet_addr_type(dev_net(dev), paddr), haddr,
500 			       paddr, dev))
501 		return 0;
502 
503 	n = __neigh_lookup(&arp_tbl, &paddr, dev, 1);
504 
505 	if (n) {
506 		n->used = jiffies;
507 		if (n->nud_state & NUD_VALID || neigh_event_send(n, skb) == 0) {
508 			neigh_ha_snapshot(haddr, n, dev);
509 			neigh_release(n);
510 			return 0;
511 		}
512 		neigh_release(n);
513 	} else
514 		kfree_skb(skb);
515 	return 1;
516 }
517 EXPORT_SYMBOL(arp_find);
518 
519 /* END OF OBSOLETE FUNCTIONS */
520 
arp_bind_neighbour(struct dst_entry * dst)521 int arp_bind_neighbour(struct dst_entry *dst)
522 {
523 	struct net_device *dev = dst->dev;
524 	struct neighbour *n = dst->neighbour;
525 
526 	if (dev == NULL)
527 		return -EINVAL;
528 	if (n == NULL) {
529 		__be32 nexthop = ((struct rtable *)dst)->rt_gateway;
530 		if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT))
531 			nexthop = 0;
532 		n = __neigh_lookup_errno(
533 #if defined(CONFIG_ATM_CLIP) || defined(CONFIG_ATM_CLIP_MODULE)
534 					 dev->type == ARPHRD_ATM ?
535 					 clip_tbl_hook :
536 #endif
537 					 &arp_tbl, &nexthop, dev);
538 		if (IS_ERR(n))
539 			return PTR_ERR(n);
540 		dst->neighbour = n;
541 	}
542 	return 0;
543 }
544 
545 /*
546  * Check if we can use proxy ARP for this path
547  */
arp_fwd_proxy(struct in_device * in_dev,struct net_device * dev,struct rtable * rt)548 static inline int arp_fwd_proxy(struct in_device *in_dev,
549 				struct net_device *dev,	struct rtable *rt)
550 {
551 	struct in_device *out_dev;
552 	int imi, omi = -1;
553 
554 	if (rt->dst.dev == dev)
555 		return 0;
556 
557 	if (!IN_DEV_PROXY_ARP(in_dev))
558 		return 0;
559 	imi = IN_DEV_MEDIUM_ID(in_dev);
560 	if (imi == 0)
561 		return 1;
562 	if (imi == -1)
563 		return 0;
564 
565 	/* place to check for proxy_arp for routes */
566 
567 	out_dev = __in_dev_get_rcu(rt->dst.dev);
568 	if (out_dev)
569 		omi = IN_DEV_MEDIUM_ID(out_dev);
570 
571 	return omi != imi && omi != -1;
572 }
573 
574 /*
575  * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
576  *
577  * RFC3069 supports proxy arp replies back to the same interface.  This
578  * is done to support (ethernet) switch features, like RFC 3069, where
579  * the individual ports are not allowed to communicate with each
580  * other, BUT they are allowed to talk to the upstream router.  As
581  * described in RFC 3069, it is possible to allow these hosts to
582  * communicate through the upstream router, by proxy_arp'ing.
583  *
584  * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
585  *
586  *  This technology is known by different names:
587  *    In RFC 3069 it is called VLAN Aggregation.
588  *    Cisco and Allied Telesyn call it Private VLAN.
589  *    Hewlett-Packard call it Source-Port filtering or port-isolation.
590  *    Ericsson call it MAC-Forced Forwarding (RFC Draft).
591  *
592  */
arp_fwd_pvlan(struct in_device * in_dev,struct net_device * dev,struct rtable * rt,__be32 sip,__be32 tip)593 static inline int arp_fwd_pvlan(struct in_device *in_dev,
594 				struct net_device *dev,	struct rtable *rt,
595 				__be32 sip, __be32 tip)
596 {
597 	/* Private VLAN is only concerned about the same ethernet segment */
598 	if (rt->dst.dev != dev)
599 		return 0;
600 
601 	/* Don't reply on self probes (often done by windowz boxes)*/
602 	if (sip == tip)
603 		return 0;
604 
605 	if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
606 		return 1;
607 	else
608 		return 0;
609 }
610 
611 /*
612  *	Interface to link layer: send routine and receive handler.
613  */
614 
615 /*
616  *	Create an arp packet. If (dest_hw == NULL), we create a broadcast
617  *	message.
618  */
arp_create(int type,int ptype,__be32 dest_ip,struct net_device * dev,__be32 src_ip,const unsigned char * dest_hw,const unsigned char * src_hw,const unsigned char * target_hw)619 struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
620 			   struct net_device *dev, __be32 src_ip,
621 			   const unsigned char *dest_hw,
622 			   const unsigned char *src_hw,
623 			   const unsigned char *target_hw)
624 {
625 	struct sk_buff *skb;
626 	struct arphdr *arp;
627 	unsigned char *arp_ptr;
628 
629 	/*
630 	 *	Allocate a buffer
631 	 */
632 
633 	skb = alloc_skb(arp_hdr_len(dev) + LL_ALLOCATED_SPACE(dev), GFP_ATOMIC);
634 	if (skb == NULL)
635 		return NULL;
636 
637 	skb_reserve(skb, LL_RESERVED_SPACE(dev));
638 	skb_reset_network_header(skb);
639 	arp = (struct arphdr *) skb_put(skb, arp_hdr_len(dev));
640 	skb->dev = dev;
641 	skb->protocol = htons(ETH_P_ARP);
642 	if (src_hw == NULL)
643 		src_hw = dev->dev_addr;
644 	if (dest_hw == NULL)
645 		dest_hw = dev->broadcast;
646 
647 	/*
648 	 *	Fill the device header for the ARP frame
649 	 */
650 	if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
651 		goto out;
652 
653 	/*
654 	 * Fill out the arp protocol part.
655 	 *
656 	 * The arp hardware type should match the device type, except for FDDI,
657 	 * which (according to RFC 1390) should always equal 1 (Ethernet).
658 	 */
659 	/*
660 	 *	Exceptions everywhere. AX.25 uses the AX.25 PID value not the
661 	 *	DIX code for the protocol. Make these device structure fields.
662 	 */
663 	switch (dev->type) {
664 	default:
665 		arp->ar_hrd = htons(dev->type);
666 		arp->ar_pro = htons(ETH_P_IP);
667 		break;
668 
669 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
670 	case ARPHRD_AX25:
671 		arp->ar_hrd = htons(ARPHRD_AX25);
672 		arp->ar_pro = htons(AX25_P_IP);
673 		break;
674 
675 #if defined(CONFIG_NETROM) || defined(CONFIG_NETROM_MODULE)
676 	case ARPHRD_NETROM:
677 		arp->ar_hrd = htons(ARPHRD_NETROM);
678 		arp->ar_pro = htons(AX25_P_IP);
679 		break;
680 #endif
681 #endif
682 
683 #if defined(CONFIG_FDDI) || defined(CONFIG_FDDI_MODULE)
684 	case ARPHRD_FDDI:
685 		arp->ar_hrd = htons(ARPHRD_ETHER);
686 		arp->ar_pro = htons(ETH_P_IP);
687 		break;
688 #endif
689 #if defined(CONFIG_TR) || defined(CONFIG_TR_MODULE)
690 	case ARPHRD_IEEE802_TR:
691 		arp->ar_hrd = htons(ARPHRD_IEEE802);
692 		arp->ar_pro = htons(ETH_P_IP);
693 		break;
694 #endif
695 	}
696 
697 	arp->ar_hln = dev->addr_len;
698 	arp->ar_pln = 4;
699 	arp->ar_op = htons(type);
700 
701 	arp_ptr = (unsigned char *)(arp + 1);
702 
703 	memcpy(arp_ptr, src_hw, dev->addr_len);
704 	arp_ptr += dev->addr_len;
705 	memcpy(arp_ptr, &src_ip, 4);
706 	arp_ptr += 4;
707 	if (target_hw != NULL)
708 		memcpy(arp_ptr, target_hw, dev->addr_len);
709 	else
710 		memset(arp_ptr, 0, dev->addr_len);
711 	arp_ptr += dev->addr_len;
712 	memcpy(arp_ptr, &dest_ip, 4);
713 
714 	return skb;
715 
716 out:
717 	kfree_skb(skb);
718 	return NULL;
719 }
720 EXPORT_SYMBOL(arp_create);
721 
722 /*
723  *	Send an arp packet.
724  */
arp_xmit(struct sk_buff * skb)725 void arp_xmit(struct sk_buff *skb)
726 {
727 	/* Send it off, maybe filter it using firewalling first.  */
728 	NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, skb, NULL, skb->dev, dev_queue_xmit);
729 }
730 EXPORT_SYMBOL(arp_xmit);
731 
732 /*
733  *	Create and send an arp packet.
734  */
arp_send(int type,int ptype,__be32 dest_ip,struct net_device * dev,__be32 src_ip,const unsigned char * dest_hw,const unsigned char * src_hw,const unsigned char * target_hw)735 void arp_send(int type, int ptype, __be32 dest_ip,
736 	      struct net_device *dev, __be32 src_ip,
737 	      const unsigned char *dest_hw, const unsigned char *src_hw,
738 	      const unsigned char *target_hw)
739 {
740 	struct sk_buff *skb;
741 
742 	/*
743 	 *	No arp on this interface.
744 	 */
745 
746 	if (dev->flags&IFF_NOARP)
747 		return;
748 
749 	skb = arp_create(type, ptype, dest_ip, dev, src_ip,
750 			 dest_hw, src_hw, target_hw);
751 	if (skb == NULL)
752 		return;
753 
754 	arp_xmit(skb);
755 }
756 EXPORT_SYMBOL(arp_send);
757 
758 /*
759  *	Process an arp request.
760  */
761 
arp_process(struct sk_buff * skb)762 static int arp_process(struct sk_buff *skb)
763 {
764 	struct net_device *dev = skb->dev;
765 	struct in_device *in_dev = __in_dev_get_rcu(dev);
766 	struct arphdr *arp;
767 	unsigned char *arp_ptr;
768 	struct rtable *rt;
769 	unsigned char *sha;
770 	__be32 sip, tip;
771 	u16 dev_type = dev->type;
772 	int addr_type;
773 	struct neighbour *n;
774 	struct net *net = dev_net(dev);
775 
776 	/* arp_rcv below verifies the ARP header and verifies the device
777 	 * is ARP'able.
778 	 */
779 
780 	if (in_dev == NULL)
781 		goto out;
782 
783 	arp = arp_hdr(skb);
784 
785 	switch (dev_type) {
786 	default:
787 		if (arp->ar_pro != htons(ETH_P_IP) ||
788 		    htons(dev_type) != arp->ar_hrd)
789 			goto out;
790 		break;
791 	case ARPHRD_ETHER:
792 	case ARPHRD_IEEE802_TR:
793 	case ARPHRD_FDDI:
794 	case ARPHRD_IEEE802:
795 		/*
796 		 * ETHERNET, Token Ring and Fibre Channel (which are IEEE 802
797 		 * devices, according to RFC 2625) devices will accept ARP
798 		 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
799 		 * This is the case also of FDDI, where the RFC 1390 says that
800 		 * FDDI devices should accept ARP hardware of (1) Ethernet,
801 		 * however, to be more robust, we'll accept both 1 (Ethernet)
802 		 * or 6 (IEEE 802.2)
803 		 */
804 		if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
805 		     arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
806 		    arp->ar_pro != htons(ETH_P_IP))
807 			goto out;
808 		break;
809 	case ARPHRD_AX25:
810 		if (arp->ar_pro != htons(AX25_P_IP) ||
811 		    arp->ar_hrd != htons(ARPHRD_AX25))
812 			goto out;
813 		break;
814 	case ARPHRD_NETROM:
815 		if (arp->ar_pro != htons(AX25_P_IP) ||
816 		    arp->ar_hrd != htons(ARPHRD_NETROM))
817 			goto out;
818 		break;
819 	}
820 
821 	/* Understand only these message types */
822 
823 	if (arp->ar_op != htons(ARPOP_REPLY) &&
824 	    arp->ar_op != htons(ARPOP_REQUEST))
825 		goto out;
826 
827 /*
828  *	Extract fields
829  */
830 	arp_ptr = (unsigned char *)(arp + 1);
831 	sha	= arp_ptr;
832 	arp_ptr += dev->addr_len;
833 	memcpy(&sip, arp_ptr, 4);
834 	arp_ptr += 4;
835 	arp_ptr += dev->addr_len;
836 	memcpy(&tip, arp_ptr, 4);
837 /*
838  *	Check for bad requests for 127.x.x.x and requests for multicast
839  *	addresses.  If this is one such, delete it.
840  */
841 	if (ipv4_is_loopback(tip) || ipv4_is_multicast(tip))
842 		goto out;
843 
844 /*
845  *     Special case: We must set Frame Relay source Q.922 address
846  */
847 	if (dev_type == ARPHRD_DLCI)
848 		sha = dev->broadcast;
849 
850 /*
851  *  Process entry.  The idea here is we want to send a reply if it is a
852  *  request for us or if it is a request for someone else that we hold
853  *  a proxy for.  We want to add an entry to our cache if it is a reply
854  *  to us or if it is a request for our address.
855  *  (The assumption for this last is that if someone is requesting our
856  *  address, they are probably intending to talk to us, so it saves time
857  *  if we cache their address.  Their address is also probably not in
858  *  our cache, since ours is not in their cache.)
859  *
860  *  Putting this another way, we only care about replies if they are to
861  *  us, in which case we add them to the cache.  For requests, we care
862  *  about those for us and those for our proxies.  We reply to both,
863  *  and in the case of requests for us we add the requester to the arp
864  *  cache.
865  */
866 
867 	/* Special case: IPv4 duplicate address detection packet (RFC2131) */
868 	if (sip == 0) {
869 		if (arp->ar_op == htons(ARPOP_REQUEST) &&
870 		    inet_addr_type(net, tip) == RTN_LOCAL &&
871 		    !arp_ignore(in_dev, sip, tip))
872 			arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha,
873 				 dev->dev_addr, sha);
874 		goto out;
875 	}
876 
877 	if (arp->ar_op == htons(ARPOP_REQUEST) &&
878 	    ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
879 
880 		rt = skb_rtable(skb);
881 		addr_type = rt->rt_type;
882 
883 		if (addr_type == RTN_LOCAL) {
884 			int dont_send;
885 
886 			dont_send = arp_ignore(in_dev, sip, tip);
887 			if (!dont_send && IN_DEV_ARPFILTER(in_dev))
888 				dont_send = arp_filter(sip, tip, dev);
889 			if (!dont_send) {
890 				n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
891 				if (n) {
892 					arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
893 						 dev, tip, sha, dev->dev_addr,
894 						 sha);
895 					neigh_release(n);
896 				}
897 			}
898 			goto out;
899 		} else if (IN_DEV_FORWARD(in_dev)) {
900 			if (addr_type == RTN_UNICAST  &&
901 			    (arp_fwd_proxy(in_dev, dev, rt) ||
902 			     arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
903 			     pneigh_lookup(&arp_tbl, net, &tip, dev, 0))) {
904 				n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
905 				if (n)
906 					neigh_release(n);
907 
908 				if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
909 				    skb->pkt_type == PACKET_HOST ||
910 				    in_dev->arp_parms->proxy_delay == 0) {
911 					arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
912 						 dev, tip, sha, dev->dev_addr,
913 						 sha);
914 				} else {
915 					pneigh_enqueue(&arp_tbl,
916 						       in_dev->arp_parms, skb);
917 					return 0;
918 				}
919 				goto out;
920 			}
921 		}
922 	}
923 
924 	/* Update our ARP tables */
925 
926 	n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
927 
928 	if (IPV4_DEVCONF_ALL(dev_net(dev), ARP_ACCEPT)) {
929 		/* Unsolicited ARP is not accepted by default.
930 		   It is possible, that this option should be enabled for some
931 		   devices (strip is candidate)
932 		 */
933 		if (n == NULL &&
934 		    (arp->ar_op == htons(ARPOP_REPLY) ||
935 		     (arp->ar_op == htons(ARPOP_REQUEST) && tip == sip)) &&
936 		    inet_addr_type(net, sip) == RTN_UNICAST)
937 			n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
938 	}
939 
940 	if (n) {
941 		int state = NUD_REACHABLE;
942 		int override;
943 
944 		/* If several different ARP replies follows back-to-back,
945 		   use the FIRST one. It is possible, if several proxy
946 		   agents are active. Taking the first reply prevents
947 		   arp trashing and chooses the fastest router.
948 		 */
949 		override = time_after(jiffies, n->updated + n->parms->locktime);
950 
951 		/* Broadcast replies and request packets
952 		   do not assert neighbour reachability.
953 		 */
954 		if (arp->ar_op != htons(ARPOP_REPLY) ||
955 		    skb->pkt_type != PACKET_HOST)
956 			state = NUD_STALE;
957 		neigh_update(n, sha, state,
958 			     override ? NEIGH_UPDATE_F_OVERRIDE : 0);
959 		neigh_release(n);
960 	}
961 
962 out:
963 	consume_skb(skb);
964 	return 0;
965 }
966 
parp_redo(struct sk_buff * skb)967 static void parp_redo(struct sk_buff *skb)
968 {
969 	arp_process(skb);
970 }
971 
972 
973 /*
974  *	Receive an arp request from the device layer.
975  */
976 
arp_rcv(struct sk_buff * skb,struct net_device * dev,struct packet_type * pt,struct net_device * orig_dev)977 static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
978 		   struct packet_type *pt, struct net_device *orig_dev)
979 {
980 	struct arphdr *arp;
981 
982 	/* ARP header, plus 2 device addresses, plus 2 IP addresses.  */
983 	if (!pskb_may_pull(skb, arp_hdr_len(dev)))
984 		goto freeskb;
985 
986 	arp = arp_hdr(skb);
987 	if (arp->ar_hln != dev->addr_len ||
988 	    dev->flags & IFF_NOARP ||
989 	    skb->pkt_type == PACKET_OTHERHOST ||
990 	    skb->pkt_type == PACKET_LOOPBACK ||
991 	    arp->ar_pln != 4)
992 		goto freeskb;
993 
994 	skb = skb_share_check(skb, GFP_ATOMIC);
995 	if (skb == NULL)
996 		goto out_of_mem;
997 
998 	memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
999 
1000 	return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, skb, dev, NULL, arp_process);
1001 
1002 freeskb:
1003 	kfree_skb(skb);
1004 out_of_mem:
1005 	return 0;
1006 }
1007 
1008 /*
1009  *	User level interface (ioctl)
1010  */
1011 
1012 /*
1013  *	Set (create) an ARP cache entry.
1014  */
1015 
arp_req_set_proxy(struct net * net,struct net_device * dev,int on)1016 static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
1017 {
1018 	if (dev == NULL) {
1019 		IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
1020 		return 0;
1021 	}
1022 	if (__in_dev_get_rtnl(dev)) {
1023 		IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
1024 		return 0;
1025 	}
1026 	return -ENXIO;
1027 }
1028 
arp_req_set_public(struct net * net,struct arpreq * r,struct net_device * dev)1029 static int arp_req_set_public(struct net *net, struct arpreq *r,
1030 		struct net_device *dev)
1031 {
1032 	__be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1033 	__be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1034 
1035 	if (mask && mask != htonl(0xFFFFFFFF))
1036 		return -EINVAL;
1037 	if (!dev && (r->arp_flags & ATF_COM)) {
1038 		dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family,
1039 				      r->arp_ha.sa_data);
1040 		if (!dev)
1041 			return -ENODEV;
1042 	}
1043 	if (mask) {
1044 		if (pneigh_lookup(&arp_tbl, net, &ip, dev, 1) == NULL)
1045 			return -ENOBUFS;
1046 		return 0;
1047 	}
1048 
1049 	return arp_req_set_proxy(net, dev, 1);
1050 }
1051 
arp_req_set(struct net * net,struct arpreq * r,struct net_device * dev)1052 static int arp_req_set(struct net *net, struct arpreq *r,
1053 		       struct net_device *dev)
1054 {
1055 	__be32 ip;
1056 	struct neighbour *neigh;
1057 	int err;
1058 
1059 	if (r->arp_flags & ATF_PUBL)
1060 		return arp_req_set_public(net, r, dev);
1061 
1062 	ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1063 	if (r->arp_flags & ATF_PERM)
1064 		r->arp_flags |= ATF_COM;
1065 	if (dev == NULL) {
1066 		struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1067 
1068 		if (IS_ERR(rt))
1069 			return PTR_ERR(rt);
1070 		dev = rt->dst.dev;
1071 		ip_rt_put(rt);
1072 		if (!dev)
1073 			return -EINVAL;
1074 	}
1075 	switch (dev->type) {
1076 #if defined(CONFIG_FDDI) || defined(CONFIG_FDDI_MODULE)
1077 	case ARPHRD_FDDI:
1078 		/*
1079 		 * According to RFC 1390, FDDI devices should accept ARP
1080 		 * hardware types of 1 (Ethernet).  However, to be more
1081 		 * robust, we'll accept hardware types of either 1 (Ethernet)
1082 		 * or 6 (IEEE 802.2).
1083 		 */
1084 		if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1085 		    r->arp_ha.sa_family != ARPHRD_ETHER &&
1086 		    r->arp_ha.sa_family != ARPHRD_IEEE802)
1087 			return -EINVAL;
1088 		break;
1089 #endif
1090 	default:
1091 		if (r->arp_ha.sa_family != dev->type)
1092 			return -EINVAL;
1093 		break;
1094 	}
1095 
1096 	neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1097 	err = PTR_ERR(neigh);
1098 	if (!IS_ERR(neigh)) {
1099 		unsigned state = NUD_STALE;
1100 		if (r->arp_flags & ATF_PERM)
1101 			state = NUD_PERMANENT;
1102 		err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1103 				   r->arp_ha.sa_data : NULL, state,
1104 				   NEIGH_UPDATE_F_OVERRIDE |
1105 				   NEIGH_UPDATE_F_ADMIN);
1106 		neigh_release(neigh);
1107 	}
1108 	return err;
1109 }
1110 
arp_state_to_flags(struct neighbour * neigh)1111 static unsigned arp_state_to_flags(struct neighbour *neigh)
1112 {
1113 	if (neigh->nud_state&NUD_PERMANENT)
1114 		return ATF_PERM | ATF_COM;
1115 	else if (neigh->nud_state&NUD_VALID)
1116 		return ATF_COM;
1117 	else
1118 		return 0;
1119 }
1120 
1121 /*
1122  *	Get an ARP cache entry.
1123  */
1124 
arp_req_get(struct arpreq * r,struct net_device * dev)1125 static int arp_req_get(struct arpreq *r, struct net_device *dev)
1126 {
1127 	__be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1128 	struct neighbour *neigh;
1129 	int err = -ENXIO;
1130 
1131 	neigh = neigh_lookup(&arp_tbl, &ip, dev);
1132 	if (neigh) {
1133 		read_lock_bh(&neigh->lock);
1134 		memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len);
1135 		r->arp_flags = arp_state_to_flags(neigh);
1136 		read_unlock_bh(&neigh->lock);
1137 		r->arp_ha.sa_family = dev->type;
1138 		strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev));
1139 		neigh_release(neigh);
1140 		err = 0;
1141 	}
1142 	return err;
1143 }
1144 
arp_invalidate(struct net_device * dev,__be32 ip)1145 int arp_invalidate(struct net_device *dev, __be32 ip)
1146 {
1147 	struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1148 	int err = -ENXIO;
1149 
1150 	if (neigh) {
1151 		if (neigh->nud_state & ~NUD_NOARP)
1152 			err = neigh_update(neigh, NULL, NUD_FAILED,
1153 					   NEIGH_UPDATE_F_OVERRIDE|
1154 					   NEIGH_UPDATE_F_ADMIN);
1155 		neigh_release(neigh);
1156 	}
1157 
1158 	return err;
1159 }
1160 EXPORT_SYMBOL(arp_invalidate);
1161 
arp_req_delete_public(struct net * net,struct arpreq * r,struct net_device * dev)1162 static int arp_req_delete_public(struct net *net, struct arpreq *r,
1163 		struct net_device *dev)
1164 {
1165 	__be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1166 	__be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1167 
1168 	if (mask == htonl(0xFFFFFFFF))
1169 		return pneigh_delete(&arp_tbl, net, &ip, dev);
1170 
1171 	if (mask)
1172 		return -EINVAL;
1173 
1174 	return arp_req_set_proxy(net, dev, 0);
1175 }
1176 
arp_req_delete(struct net * net,struct arpreq * r,struct net_device * dev)1177 static int arp_req_delete(struct net *net, struct arpreq *r,
1178 			  struct net_device *dev)
1179 {
1180 	__be32 ip;
1181 
1182 	if (r->arp_flags & ATF_PUBL)
1183 		return arp_req_delete_public(net, r, dev);
1184 
1185 	ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1186 	if (dev == NULL) {
1187 		struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1188 		if (IS_ERR(rt))
1189 			return PTR_ERR(rt);
1190 		dev = rt->dst.dev;
1191 		ip_rt_put(rt);
1192 		if (!dev)
1193 			return -EINVAL;
1194 	}
1195 	return arp_invalidate(dev, ip);
1196 }
1197 
1198 /*
1199  *	Handle an ARP layer I/O control request.
1200  */
1201 
arp_ioctl(struct net * net,unsigned int cmd,void __user * arg)1202 int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1203 {
1204 	int err;
1205 	struct arpreq r;
1206 	struct net_device *dev = NULL;
1207 
1208 	switch (cmd) {
1209 	case SIOCDARP:
1210 	case SIOCSARP:
1211 		if (!capable(CAP_NET_ADMIN))
1212 			return -EPERM;
1213 	case SIOCGARP:
1214 		err = copy_from_user(&r, arg, sizeof(struct arpreq));
1215 		if (err)
1216 			return -EFAULT;
1217 		break;
1218 	default:
1219 		return -EINVAL;
1220 	}
1221 
1222 	if (r.arp_pa.sa_family != AF_INET)
1223 		return -EPFNOSUPPORT;
1224 
1225 	if (!(r.arp_flags & ATF_PUBL) &&
1226 	    (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1227 		return -EINVAL;
1228 	if (!(r.arp_flags & ATF_NETMASK))
1229 		((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr =
1230 							   htonl(0xFFFFFFFFUL);
1231 	rtnl_lock();
1232 	if (r.arp_dev[0]) {
1233 		err = -ENODEV;
1234 		dev = __dev_get_by_name(net, r.arp_dev);
1235 		if (dev == NULL)
1236 			goto out;
1237 
1238 		/* Mmmm... It is wrong... ARPHRD_NETROM==0 */
1239 		if (!r.arp_ha.sa_family)
1240 			r.arp_ha.sa_family = dev->type;
1241 		err = -EINVAL;
1242 		if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type)
1243 			goto out;
1244 	} else if (cmd == SIOCGARP) {
1245 		err = -ENODEV;
1246 		goto out;
1247 	}
1248 
1249 	switch (cmd) {
1250 	case SIOCDARP:
1251 		err = arp_req_delete(net, &r, dev);
1252 		break;
1253 	case SIOCSARP:
1254 		err = arp_req_set(net, &r, dev);
1255 		break;
1256 	case SIOCGARP:
1257 		err = arp_req_get(&r, dev);
1258 		break;
1259 	}
1260 out:
1261 	rtnl_unlock();
1262 	if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r)))
1263 		err = -EFAULT;
1264 	return err;
1265 }
1266 
arp_netdev_event(struct notifier_block * this,unsigned long event,void * ptr)1267 static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1268 			    void *ptr)
1269 {
1270 	struct net_device *dev = ptr;
1271 
1272 	switch (event) {
1273 	case NETDEV_CHANGEADDR:
1274 		neigh_changeaddr(&arp_tbl, dev);
1275 		rt_cache_flush(dev_net(dev), 0);
1276 		break;
1277 	default:
1278 		break;
1279 	}
1280 
1281 	return NOTIFY_DONE;
1282 }
1283 
1284 static struct notifier_block arp_netdev_notifier = {
1285 	.notifier_call = arp_netdev_event,
1286 };
1287 
1288 /* Note, that it is not on notifier chain.
1289    It is necessary, that this routine was called after route cache will be
1290    flushed.
1291  */
arp_ifdown(struct net_device * dev)1292 void arp_ifdown(struct net_device *dev)
1293 {
1294 	neigh_ifdown(&arp_tbl, dev);
1295 }
1296 
1297 
1298 /*
1299  *	Called once on startup.
1300  */
1301 
1302 static struct packet_type arp_packet_type __read_mostly = {
1303 	.type =	cpu_to_be16(ETH_P_ARP),
1304 	.func =	arp_rcv,
1305 };
1306 
1307 static int arp_proc_init(void);
1308 
arp_init(void)1309 void __init arp_init(void)
1310 {
1311 	neigh_table_init(&arp_tbl);
1312 
1313 	dev_add_pack(&arp_packet_type);
1314 	arp_proc_init();
1315 #ifdef CONFIG_SYSCTL
1316 	neigh_sysctl_register(NULL, &arp_tbl.parms, "ipv4", NULL);
1317 #endif
1318 	register_netdevice_notifier(&arp_netdev_notifier);
1319 }
1320 
1321 #ifdef CONFIG_PROC_FS
1322 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1323 
1324 /* ------------------------------------------------------------------------ */
1325 /*
1326  *	ax25 -> ASCII conversion
1327  */
ax2asc2(ax25_address * a,char * buf)1328 static char *ax2asc2(ax25_address *a, char *buf)
1329 {
1330 	char c, *s;
1331 	int n;
1332 
1333 	for (n = 0, s = buf; n < 6; n++) {
1334 		c = (a->ax25_call[n] >> 1) & 0x7F;
1335 
1336 		if (c != ' ')
1337 			*s++ = c;
1338 	}
1339 
1340 	*s++ = '-';
1341 	n = (a->ax25_call[6] >> 1) & 0x0F;
1342 	if (n > 9) {
1343 		*s++ = '1';
1344 		n -= 10;
1345 	}
1346 
1347 	*s++ = n + '0';
1348 	*s++ = '\0';
1349 
1350 	if (*buf == '\0' || *buf == '-')
1351 		return "*";
1352 
1353 	return buf;
1354 }
1355 #endif /* CONFIG_AX25 */
1356 
1357 #define HBUFFERLEN 30
1358 
arp_format_neigh_entry(struct seq_file * seq,struct neighbour * n)1359 static void arp_format_neigh_entry(struct seq_file *seq,
1360 				   struct neighbour *n)
1361 {
1362 	char hbuffer[HBUFFERLEN];
1363 	int k, j;
1364 	char tbuf[16];
1365 	struct net_device *dev = n->dev;
1366 	int hatype = dev->type;
1367 
1368 	read_lock(&n->lock);
1369 	/* Convert hardware address to XX:XX:XX:XX ... form. */
1370 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1371 	if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1372 		ax2asc2((ax25_address *)n->ha, hbuffer);
1373 	else {
1374 #endif
1375 	for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1376 		hbuffer[k++] = hex_asc_hi(n->ha[j]);
1377 		hbuffer[k++] = hex_asc_lo(n->ha[j]);
1378 		hbuffer[k++] = ':';
1379 	}
1380 	if (k != 0)
1381 		--k;
1382 	hbuffer[k] = 0;
1383 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1384 	}
1385 #endif
1386 	sprintf(tbuf, "%pI4", n->primary_key);
1387 	seq_printf(seq, "%-16s 0x%-10x0x%-10x%s     *        %s\n",
1388 		   tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1389 	read_unlock(&n->lock);
1390 }
1391 
arp_format_pneigh_entry(struct seq_file * seq,struct pneigh_entry * n)1392 static void arp_format_pneigh_entry(struct seq_file *seq,
1393 				    struct pneigh_entry *n)
1394 {
1395 	struct net_device *dev = n->dev;
1396 	int hatype = dev ? dev->type : 0;
1397 	char tbuf[16];
1398 
1399 	sprintf(tbuf, "%pI4", n->key);
1400 	seq_printf(seq, "%-16s 0x%-10x0x%-10x%s     *        %s\n",
1401 		   tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1402 		   dev ? dev->name : "*");
1403 }
1404 
arp_seq_show(struct seq_file * seq,void * v)1405 static int arp_seq_show(struct seq_file *seq, void *v)
1406 {
1407 	if (v == SEQ_START_TOKEN) {
1408 		seq_puts(seq, "IP address       HW type     Flags       "
1409 			      "HW address            Mask     Device\n");
1410 	} else {
1411 		struct neigh_seq_state *state = seq->private;
1412 
1413 		if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1414 			arp_format_pneigh_entry(seq, v);
1415 		else
1416 			arp_format_neigh_entry(seq, v);
1417 	}
1418 
1419 	return 0;
1420 }
1421 
arp_seq_start(struct seq_file * seq,loff_t * pos)1422 static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1423 {
1424 	/* Don't want to confuse "arp -a" w/ magic entries,
1425 	 * so we tell the generic iterator to skip NUD_NOARP.
1426 	 */
1427 	return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1428 }
1429 
1430 /* ------------------------------------------------------------------------ */
1431 
1432 static const struct seq_operations arp_seq_ops = {
1433 	.start	= arp_seq_start,
1434 	.next	= neigh_seq_next,
1435 	.stop	= neigh_seq_stop,
1436 	.show	= arp_seq_show,
1437 };
1438 
arp_seq_open(struct inode * inode,struct file * file)1439 static int arp_seq_open(struct inode *inode, struct file *file)
1440 {
1441 	return seq_open_net(inode, file, &arp_seq_ops,
1442 			    sizeof(struct neigh_seq_state));
1443 }
1444 
1445 static const struct file_operations arp_seq_fops = {
1446 	.owner		= THIS_MODULE,
1447 	.open           = arp_seq_open,
1448 	.read           = seq_read,
1449 	.llseek         = seq_lseek,
1450 	.release	= seq_release_net,
1451 };
1452 
1453 
arp_net_init(struct net * net)1454 static int __net_init arp_net_init(struct net *net)
1455 {
1456 	if (!proc_net_fops_create(net, "arp", S_IRUGO, &arp_seq_fops))
1457 		return -ENOMEM;
1458 	return 0;
1459 }
1460 
arp_net_exit(struct net * net)1461 static void __net_exit arp_net_exit(struct net *net)
1462 {
1463 	proc_net_remove(net, "arp");
1464 }
1465 
1466 static struct pernet_operations arp_net_ops = {
1467 	.init = arp_net_init,
1468 	.exit = arp_net_exit,
1469 };
1470 
arp_proc_init(void)1471 static int __init arp_proc_init(void)
1472 {
1473 	return register_pernet_subsys(&arp_net_ops);
1474 }
1475 
1476 #else /* CONFIG_PROC_FS */
1477 
arp_proc_init(void)1478 static int __init arp_proc_init(void)
1479 {
1480 	return 0;
1481 }
1482 
1483 #endif /* CONFIG_PROC_FS */
1484