Loading...
1/* linux/net/ipv4/arp.c
2 *
3 * Copyright (C) 1994 by Florian La Roche
4 *
5 * This module implements the Address Resolution Protocol ARP (RFC 826),
6 * which is used to convert IP addresses (or in the future maybe other
7 * high-level addresses) into a low-level hardware address (like an Ethernet
8 * address).
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
14 *
15 * Fixes:
16 * Alan Cox : Removed the Ethernet assumptions in
17 * Florian's code
18 * Alan Cox : Fixed some small errors in the ARP
19 * logic
20 * Alan Cox : Allow >4K in /proc
21 * Alan Cox : Make ARP add its own protocol entry
22 * Ross Martin : Rewrote arp_rcv() and arp_get_info()
23 * Stephen Henson : Add AX25 support to arp_get_info()
24 * Alan Cox : Drop data when a device is downed.
25 * Alan Cox : Use init_timer().
26 * Alan Cox : Double lock fixes.
27 * Martin Seine : Move the arphdr structure
28 * to if_arp.h for compatibility.
29 * with BSD based programs.
30 * Andrew Tridgell : Added ARP netmask code and
31 * re-arranged proxy handling.
32 * Alan Cox : Changed to use notifiers.
33 * Niibe Yutaka : Reply for this device or proxies only.
34 * Alan Cox : Don't proxy across hardware types!
35 * Jonathan Naylor : Added support for NET/ROM.
36 * Mike Shaver : RFC1122 checks.
37 * Jonathan Naylor : Only lookup the hardware address for
38 * the correct hardware type.
39 * Germano Caronni : Assorted subtle races.
40 * Craig Schlenter : Don't modify permanent entry
41 * during arp_rcv.
42 * Russ Nelson : Tidied up a few bits.
43 * Alexey Kuznetsov: Major changes to caching and behaviour,
44 * eg intelligent arp probing and
45 * generation
46 * of host down events.
47 * Alan Cox : Missing unlock in device events.
48 * Eckes : ARP ioctl control errors.
49 * Alexey Kuznetsov: Arp free fix.
50 * Manuel Rodriguez: Gratuitous ARP.
51 * Jonathan Layes : Added arpd support through kerneld
52 * message queue (960314)
53 * Mike Shaver : /proc/sys/net/ipv4/arp_* support
54 * Mike McLagan : Routing by source
55 * Stuart Cheshire : Metricom and grat arp fixes
56 * *** FOR 2.1 clean this up ***
57 * Lawrence V. Stefani: (08/12/96) Added FDDI support.
58 * Alan Cox : Took the AP1000 nasty FDDI hack and
59 * folded into the mainstream FDDI code.
60 * Ack spit, Linus how did you allow that
61 * one in...
62 * Jes Sorensen : Make FDDI work again in 2.1.x and
63 * clean up the APFDDI & gen. FDDI bits.
64 * Alexey Kuznetsov: new arp state machine;
65 * now it is in net/core/neighbour.c.
66 * Krzysztof Halasa: Added Frame Relay ARP support.
67 * Arnaldo C. Melo : convert /proc/net/arp to seq_file
68 * Shmulik Hen: Split arp_send to arp_create and
69 * arp_xmit so intermediate drivers like
70 * bonding can change the skb before
71 * sending (e.g. insert 8021q tag).
72 * Harald Welte : convert to make use of jenkins hash
73 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support.
74 */
75
76#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
77
78#include <linux/module.h>
79#include <linux/types.h>
80#include <linux/string.h>
81#include <linux/kernel.h>
82#include <linux/capability.h>
83#include <linux/socket.h>
84#include <linux/sockios.h>
85#include <linux/errno.h>
86#include <linux/in.h>
87#include <linux/mm.h>
88#include <linux/inet.h>
89#include <linux/inetdevice.h>
90#include <linux/netdevice.h>
91#include <linux/etherdevice.h>
92#include <linux/fddidevice.h>
93#include <linux/if_arp.h>
94#include <linux/skbuff.h>
95#include <linux/proc_fs.h>
96#include <linux/seq_file.h>
97#include <linux/stat.h>
98#include <linux/init.h>
99#include <linux/net.h>
100#include <linux/rcupdate.h>
101#include <linux/slab.h>
102#ifdef CONFIG_SYSCTL
103#include <linux/sysctl.h>
104#endif
105
106#include <net/net_namespace.h>
107#include <net/ip.h>
108#include <net/icmp.h>
109#include <net/route.h>
110#include <net/protocol.h>
111#include <net/tcp.h>
112#include <net/sock.h>
113#include <net/arp.h>
114#include <net/ax25.h>
115#include <net/netrom.h>
116
117#include <linux/uaccess.h>
118
119#include <linux/netfilter_arp.h>
120
121/*
122 * Interface to generic neighbour cache.
123 */
124static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd);
125static int arp_constructor(struct neighbour *neigh);
126static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
127static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
128static void parp_redo(struct sk_buff *skb);
129
130static const struct neigh_ops arp_generic_ops = {
131 .family = AF_INET,
132 .solicit = arp_solicit,
133 .error_report = arp_error_report,
134 .output = neigh_resolve_output,
135 .connected_output = neigh_connected_output,
136};
137
138static const struct neigh_ops arp_hh_ops = {
139 .family = AF_INET,
140 .solicit = arp_solicit,
141 .error_report = arp_error_report,
142 .output = neigh_resolve_output,
143 .connected_output = neigh_resolve_output,
144};
145
146static const struct neigh_ops arp_direct_ops = {
147 .family = AF_INET,
148 .output = neigh_direct_output,
149 .connected_output = neigh_direct_output,
150};
151
152static const struct neigh_ops arp_broken_ops = {
153 .family = AF_INET,
154 .solicit = arp_solicit,
155 .error_report = arp_error_report,
156 .output = neigh_compat_output,
157 .connected_output = neigh_compat_output,
158};
159
160struct neigh_table arp_tbl = {
161 .family = AF_INET,
162 .key_len = 4,
163 .hash = arp_hash,
164 .constructor = arp_constructor,
165 .proxy_redo = parp_redo,
166 .id = "arp_cache",
167 .parms = {
168 .tbl = &arp_tbl,
169 .reachable_time = 30 * HZ,
170 .data = {
171 [NEIGH_VAR_MCAST_PROBES] = 3,
172 [NEIGH_VAR_UCAST_PROBES] = 3,
173 [NEIGH_VAR_RETRANS_TIME] = 1 * HZ,
174 [NEIGH_VAR_BASE_REACHABLE_TIME] = 30 * HZ,
175 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
176 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
177 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
178 [NEIGH_VAR_PROXY_QLEN] = 64,
179 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
180 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
181 [NEIGH_VAR_LOCKTIME] = 1 * HZ,
182 },
183 },
184 .gc_interval = 30 * HZ,
185 .gc_thresh1 = 128,
186 .gc_thresh2 = 512,
187 .gc_thresh3 = 1024,
188};
189EXPORT_SYMBOL(arp_tbl);
190
191int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
192{
193 switch (dev->type) {
194 case ARPHRD_ETHER:
195 case ARPHRD_FDDI:
196 case ARPHRD_IEEE802:
197 ip_eth_mc_map(addr, haddr);
198 return 0;
199 case ARPHRD_INFINIBAND:
200 ip_ib_mc_map(addr, dev->broadcast, haddr);
201 return 0;
202 case ARPHRD_IPGRE:
203 ip_ipgre_mc_map(addr, dev->broadcast, haddr);
204 return 0;
205 default:
206 if (dir) {
207 memcpy(haddr, dev->broadcast, dev->addr_len);
208 return 0;
209 }
210 }
211 return -EINVAL;
212}
213
214
215static u32 arp_hash(const void *pkey,
216 const struct net_device *dev,
217 __u32 *hash_rnd)
218{
219 return arp_hashfn(*(u32 *)pkey, dev, *hash_rnd);
220}
221
222static int arp_constructor(struct neighbour *neigh)
223{
224 __be32 addr = *(__be32 *)neigh->primary_key;
225 struct net_device *dev = neigh->dev;
226 struct in_device *in_dev;
227 struct neigh_parms *parms;
228
229 rcu_read_lock();
230 in_dev = __in_dev_get_rcu(dev);
231 if (in_dev == NULL) {
232 rcu_read_unlock();
233 return -EINVAL;
234 }
235
236 neigh->type = inet_addr_type(dev_net(dev), addr);
237
238 parms = in_dev->arp_parms;
239 __neigh_parms_put(neigh->parms);
240 neigh->parms = neigh_parms_clone(parms);
241 rcu_read_unlock();
242
243 if (!dev->header_ops) {
244 neigh->nud_state = NUD_NOARP;
245 neigh->ops = &arp_direct_ops;
246 neigh->output = neigh_direct_output;
247 } else {
248 /* Good devices (checked by reading texts, but only Ethernet is
249 tested)
250
251 ARPHRD_ETHER: (ethernet, apfddi)
252 ARPHRD_FDDI: (fddi)
253 ARPHRD_IEEE802: (tr)
254 ARPHRD_METRICOM: (strip)
255 ARPHRD_ARCNET:
256 etc. etc. etc.
257
258 ARPHRD_IPDDP will also work, if author repairs it.
259 I did not it, because this driver does not work even
260 in old paradigm.
261 */
262
263#if 1
264 /* So... these "amateur" devices are hopeless.
265 The only thing, that I can say now:
266 It is very sad that we need to keep ugly obsolete
267 code to make them happy.
268
269 They should be moved to more reasonable state, now
270 they use rebuild_header INSTEAD OF hard_start_xmit!!!
271 Besides that, they are sort of out of date
272 (a lot of redundant clones/copies, useless in 2.1),
273 I wonder why people believe that they work.
274 */
275 switch (dev->type) {
276 default:
277 break;
278 case ARPHRD_ROSE:
279#if IS_ENABLED(CONFIG_AX25)
280 case ARPHRD_AX25:
281#if IS_ENABLED(CONFIG_NETROM)
282 case ARPHRD_NETROM:
283#endif
284 neigh->ops = &arp_broken_ops;
285 neigh->output = neigh->ops->output;
286 return 0;
287#else
288 break;
289#endif
290 }
291#endif
292 if (neigh->type == RTN_MULTICAST) {
293 neigh->nud_state = NUD_NOARP;
294 arp_mc_map(addr, neigh->ha, dev, 1);
295 } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
296 neigh->nud_state = NUD_NOARP;
297 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
298 } else if (neigh->type == RTN_BROADCAST ||
299 (dev->flags & IFF_POINTOPOINT)) {
300 neigh->nud_state = NUD_NOARP;
301 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
302 }
303
304 if (dev->header_ops->cache)
305 neigh->ops = &arp_hh_ops;
306 else
307 neigh->ops = &arp_generic_ops;
308
309 if (neigh->nud_state & NUD_VALID)
310 neigh->output = neigh->ops->connected_output;
311 else
312 neigh->output = neigh->ops->output;
313 }
314 return 0;
315}
316
317static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
318{
319 dst_link_failure(skb);
320 kfree_skb(skb);
321}
322
323static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
324{
325 __be32 saddr = 0;
326 u8 dst_ha[MAX_ADDR_LEN], *dst_hw = NULL;
327 struct net_device *dev = neigh->dev;
328 __be32 target = *(__be32 *)neigh->primary_key;
329 int probes = atomic_read(&neigh->probes);
330 struct in_device *in_dev;
331
332 rcu_read_lock();
333 in_dev = __in_dev_get_rcu(dev);
334 if (!in_dev) {
335 rcu_read_unlock();
336 return;
337 }
338 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
339 default:
340 case 0: /* By default announce any local IP */
341 if (skb && inet_addr_type(dev_net(dev),
342 ip_hdr(skb)->saddr) == RTN_LOCAL)
343 saddr = ip_hdr(skb)->saddr;
344 break;
345 case 1: /* Restrict announcements of saddr in same subnet */
346 if (!skb)
347 break;
348 saddr = ip_hdr(skb)->saddr;
349 if (inet_addr_type(dev_net(dev), saddr) == RTN_LOCAL) {
350 /* saddr should be known to target */
351 if (inet_addr_onlink(in_dev, target, saddr))
352 break;
353 }
354 saddr = 0;
355 break;
356 case 2: /* Avoid secondary IPs, get a primary/preferred one */
357 break;
358 }
359 rcu_read_unlock();
360
361 if (!saddr)
362 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
363
364 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
365 if (probes < 0) {
366 if (!(neigh->nud_state & NUD_VALID))
367 pr_debug("trying to ucast probe in NUD_INVALID\n");
368 neigh_ha_snapshot(dst_ha, neigh, dev);
369 dst_hw = dst_ha;
370 } else {
371 probes -= NEIGH_VAR(neigh->parms, APP_PROBES);
372 if (probes < 0) {
373 neigh_app_ns(neigh);
374 return;
375 }
376 }
377
378 arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
379 dst_hw, dev->dev_addr, NULL);
380}
381
382static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
383{
384 struct net *net = dev_net(in_dev->dev);
385 int scope;
386
387 switch (IN_DEV_ARP_IGNORE(in_dev)) {
388 case 0: /* Reply, the tip is already validated */
389 return 0;
390 case 1: /* Reply only if tip is configured on the incoming interface */
391 sip = 0;
392 scope = RT_SCOPE_HOST;
393 break;
394 case 2: /*
395 * Reply only if tip is configured on the incoming interface
396 * and is in same subnet as sip
397 */
398 scope = RT_SCOPE_HOST;
399 break;
400 case 3: /* Do not reply for scope host addresses */
401 sip = 0;
402 scope = RT_SCOPE_LINK;
403 in_dev = NULL;
404 break;
405 case 4: /* Reserved */
406 case 5:
407 case 6:
408 case 7:
409 return 0;
410 case 8: /* Do not reply */
411 return 1;
412 default:
413 return 0;
414 }
415 return !inet_confirm_addr(net, in_dev, sip, tip, scope);
416}
417
418static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
419{
420 struct rtable *rt;
421 int flag = 0;
422 /*unsigned long now; */
423 struct net *net = dev_net(dev);
424
425 rt = ip_route_output(net, sip, tip, 0, 0);
426 if (IS_ERR(rt))
427 return 1;
428 if (rt->dst.dev != dev) {
429 NET_INC_STATS_BH(net, LINUX_MIB_ARPFILTER);
430 flag = 1;
431 }
432 ip_rt_put(rt);
433 return flag;
434}
435
436/* OBSOLETE FUNCTIONS */
437
438/*
439 * Find an arp mapping in the cache. If not found, post a request.
440 *
441 * It is very UGLY routine: it DOES NOT use skb->dst->neighbour,
442 * even if it exists. It is supposed that skb->dev was mangled
443 * by a virtual device (eql, shaper). Nobody but broken devices
444 * is allowed to use this function, it is scheduled to be removed. --ANK
445 */
446
447static int arp_set_predefined(int addr_hint, unsigned char *haddr,
448 __be32 paddr, struct net_device *dev)
449{
450 switch (addr_hint) {
451 case RTN_LOCAL:
452 pr_debug("arp called for own IP address\n");
453 memcpy(haddr, dev->dev_addr, dev->addr_len);
454 return 1;
455 case RTN_MULTICAST:
456 arp_mc_map(paddr, haddr, dev, 1);
457 return 1;
458 case RTN_BROADCAST:
459 memcpy(haddr, dev->broadcast, dev->addr_len);
460 return 1;
461 }
462 return 0;
463}
464
465
466int arp_find(unsigned char *haddr, struct sk_buff *skb)
467{
468 struct net_device *dev = skb->dev;
469 __be32 paddr;
470 struct neighbour *n;
471
472 if (!skb_dst(skb)) {
473 pr_debug("arp_find is called with dst==NULL\n");
474 kfree_skb(skb);
475 return 1;
476 }
477
478 paddr = rt_nexthop(skb_rtable(skb), ip_hdr(skb)->daddr);
479 if (arp_set_predefined(inet_addr_type(dev_net(dev), paddr), haddr,
480 paddr, dev))
481 return 0;
482
483 n = __neigh_lookup(&arp_tbl, &paddr, dev, 1);
484
485 if (n) {
486 n->used = jiffies;
487 if (n->nud_state & NUD_VALID || neigh_event_send(n, skb) == 0) {
488 neigh_ha_snapshot(haddr, n, dev);
489 neigh_release(n);
490 return 0;
491 }
492 neigh_release(n);
493 } else
494 kfree_skb(skb);
495 return 1;
496}
497EXPORT_SYMBOL(arp_find);
498
499/* END OF OBSOLETE FUNCTIONS */
500
501/*
502 * Check if we can use proxy ARP for this path
503 */
504static inline int arp_fwd_proxy(struct in_device *in_dev,
505 struct net_device *dev, struct rtable *rt)
506{
507 struct in_device *out_dev;
508 int imi, omi = -1;
509
510 if (rt->dst.dev == dev)
511 return 0;
512
513 if (!IN_DEV_PROXY_ARP(in_dev))
514 return 0;
515 imi = IN_DEV_MEDIUM_ID(in_dev);
516 if (imi == 0)
517 return 1;
518 if (imi == -1)
519 return 0;
520
521 /* place to check for proxy_arp for routes */
522
523 out_dev = __in_dev_get_rcu(rt->dst.dev);
524 if (out_dev)
525 omi = IN_DEV_MEDIUM_ID(out_dev);
526
527 return omi != imi && omi != -1;
528}
529
530/*
531 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
532 *
533 * RFC3069 supports proxy arp replies back to the same interface. This
534 * is done to support (ethernet) switch features, like RFC 3069, where
535 * the individual ports are not allowed to communicate with each
536 * other, BUT they are allowed to talk to the upstream router. As
537 * described in RFC 3069, it is possible to allow these hosts to
538 * communicate through the upstream router, by proxy_arp'ing.
539 *
540 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
541 *
542 * This technology is known by different names:
543 * In RFC 3069 it is called VLAN Aggregation.
544 * Cisco and Allied Telesyn call it Private VLAN.
545 * Hewlett-Packard call it Source-Port filtering or port-isolation.
546 * Ericsson call it MAC-Forced Forwarding (RFC Draft).
547 *
548 */
549static inline int arp_fwd_pvlan(struct in_device *in_dev,
550 struct net_device *dev, struct rtable *rt,
551 __be32 sip, __be32 tip)
552{
553 /* Private VLAN is only concerned about the same ethernet segment */
554 if (rt->dst.dev != dev)
555 return 0;
556
557 /* Don't reply on self probes (often done by windowz boxes)*/
558 if (sip == tip)
559 return 0;
560
561 if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
562 return 1;
563 else
564 return 0;
565}
566
567/*
568 * Interface to link layer: send routine and receive handler.
569 */
570
571/*
572 * Create an arp packet. If (dest_hw == NULL), we create a broadcast
573 * message.
574 */
575struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
576 struct net_device *dev, __be32 src_ip,
577 const unsigned char *dest_hw,
578 const unsigned char *src_hw,
579 const unsigned char *target_hw)
580{
581 struct sk_buff *skb;
582 struct arphdr *arp;
583 unsigned char *arp_ptr;
584 int hlen = LL_RESERVED_SPACE(dev);
585 int tlen = dev->needed_tailroom;
586
587 /*
588 * Allocate a buffer
589 */
590
591 skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC);
592 if (skb == NULL)
593 return NULL;
594
595 skb_reserve(skb, hlen);
596 skb_reset_network_header(skb);
597 arp = (struct arphdr *) skb_put(skb, arp_hdr_len(dev));
598 skb->dev = dev;
599 skb->protocol = htons(ETH_P_ARP);
600 if (src_hw == NULL)
601 src_hw = dev->dev_addr;
602 if (dest_hw == NULL)
603 dest_hw = dev->broadcast;
604
605 /*
606 * Fill the device header for the ARP frame
607 */
608 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
609 goto out;
610
611 /*
612 * Fill out the arp protocol part.
613 *
614 * The arp hardware type should match the device type, except for FDDI,
615 * which (according to RFC 1390) should always equal 1 (Ethernet).
616 */
617 /*
618 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the
619 * DIX code for the protocol. Make these device structure fields.
620 */
621 switch (dev->type) {
622 default:
623 arp->ar_hrd = htons(dev->type);
624 arp->ar_pro = htons(ETH_P_IP);
625 break;
626
627#if IS_ENABLED(CONFIG_AX25)
628 case ARPHRD_AX25:
629 arp->ar_hrd = htons(ARPHRD_AX25);
630 arp->ar_pro = htons(AX25_P_IP);
631 break;
632
633#if IS_ENABLED(CONFIG_NETROM)
634 case ARPHRD_NETROM:
635 arp->ar_hrd = htons(ARPHRD_NETROM);
636 arp->ar_pro = htons(AX25_P_IP);
637 break;
638#endif
639#endif
640
641#if IS_ENABLED(CONFIG_FDDI)
642 case ARPHRD_FDDI:
643 arp->ar_hrd = htons(ARPHRD_ETHER);
644 arp->ar_pro = htons(ETH_P_IP);
645 break;
646#endif
647 }
648
649 arp->ar_hln = dev->addr_len;
650 arp->ar_pln = 4;
651 arp->ar_op = htons(type);
652
653 arp_ptr = (unsigned char *)(arp + 1);
654
655 memcpy(arp_ptr, src_hw, dev->addr_len);
656 arp_ptr += dev->addr_len;
657 memcpy(arp_ptr, &src_ip, 4);
658 arp_ptr += 4;
659
660 switch (dev->type) {
661#if IS_ENABLED(CONFIG_FIREWIRE_NET)
662 case ARPHRD_IEEE1394:
663 break;
664#endif
665 default:
666 if (target_hw != NULL)
667 memcpy(arp_ptr, target_hw, dev->addr_len);
668 else
669 memset(arp_ptr, 0, dev->addr_len);
670 arp_ptr += dev->addr_len;
671 }
672 memcpy(arp_ptr, &dest_ip, 4);
673
674 return skb;
675
676out:
677 kfree_skb(skb);
678 return NULL;
679}
680EXPORT_SYMBOL(arp_create);
681
682/*
683 * Send an arp packet.
684 */
685void arp_xmit(struct sk_buff *skb)
686{
687 /* Send it off, maybe filter it using firewalling first. */
688 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, skb, NULL, skb->dev, dev_queue_xmit);
689}
690EXPORT_SYMBOL(arp_xmit);
691
692/*
693 * Create and send an arp packet.
694 */
695void arp_send(int type, int ptype, __be32 dest_ip,
696 struct net_device *dev, __be32 src_ip,
697 const unsigned char *dest_hw, const unsigned char *src_hw,
698 const unsigned char *target_hw)
699{
700 struct sk_buff *skb;
701
702 /*
703 * No arp on this interface.
704 */
705
706 if (dev->flags&IFF_NOARP)
707 return;
708
709 skb = arp_create(type, ptype, dest_ip, dev, src_ip,
710 dest_hw, src_hw, target_hw);
711 if (skb == NULL)
712 return;
713
714 arp_xmit(skb);
715}
716EXPORT_SYMBOL(arp_send);
717
718/*
719 * Process an arp request.
720 */
721
722static int arp_process(struct sk_buff *skb)
723{
724 struct net_device *dev = skb->dev;
725 struct in_device *in_dev = __in_dev_get_rcu(dev);
726 struct arphdr *arp;
727 unsigned char *arp_ptr;
728 struct rtable *rt;
729 unsigned char *sha;
730 __be32 sip, tip;
731 u16 dev_type = dev->type;
732 int addr_type;
733 struct neighbour *n;
734 struct net *net = dev_net(dev);
735 bool is_garp = false;
736
737 /* arp_rcv below verifies the ARP header and verifies the device
738 * is ARP'able.
739 */
740
741 if (in_dev == NULL)
742 goto out;
743
744 arp = arp_hdr(skb);
745
746 switch (dev_type) {
747 default:
748 if (arp->ar_pro != htons(ETH_P_IP) ||
749 htons(dev_type) != arp->ar_hrd)
750 goto out;
751 break;
752 case ARPHRD_ETHER:
753 case ARPHRD_FDDI:
754 case ARPHRD_IEEE802:
755 /*
756 * ETHERNET, and Fibre Channel (which are IEEE 802
757 * devices, according to RFC 2625) devices will accept ARP
758 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
759 * This is the case also of FDDI, where the RFC 1390 says that
760 * FDDI devices should accept ARP hardware of (1) Ethernet,
761 * however, to be more robust, we'll accept both 1 (Ethernet)
762 * or 6 (IEEE 802.2)
763 */
764 if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
765 arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
766 arp->ar_pro != htons(ETH_P_IP))
767 goto out;
768 break;
769 case ARPHRD_AX25:
770 if (arp->ar_pro != htons(AX25_P_IP) ||
771 arp->ar_hrd != htons(ARPHRD_AX25))
772 goto out;
773 break;
774 case ARPHRD_NETROM:
775 if (arp->ar_pro != htons(AX25_P_IP) ||
776 arp->ar_hrd != htons(ARPHRD_NETROM))
777 goto out;
778 break;
779 }
780
781 /* Understand only these message types */
782
783 if (arp->ar_op != htons(ARPOP_REPLY) &&
784 arp->ar_op != htons(ARPOP_REQUEST))
785 goto out;
786
787/*
788 * Extract fields
789 */
790 arp_ptr = (unsigned char *)(arp + 1);
791 sha = arp_ptr;
792 arp_ptr += dev->addr_len;
793 memcpy(&sip, arp_ptr, 4);
794 arp_ptr += 4;
795 switch (dev_type) {
796#if IS_ENABLED(CONFIG_FIREWIRE_NET)
797 case ARPHRD_IEEE1394:
798 break;
799#endif
800 default:
801 arp_ptr += dev->addr_len;
802 }
803 memcpy(&tip, arp_ptr, 4);
804/*
805 * Check for bad requests for 127.x.x.x and requests for multicast
806 * addresses. If this is one such, delete it.
807 */
808 if (ipv4_is_multicast(tip) ||
809 (!IN_DEV_ROUTE_LOCALNET(in_dev) && ipv4_is_loopback(tip)))
810 goto out;
811
812/*
813 * Special case: We must set Frame Relay source Q.922 address
814 */
815 if (dev_type == ARPHRD_DLCI)
816 sha = dev->broadcast;
817
818/*
819 * Process entry. The idea here is we want to send a reply if it is a
820 * request for us or if it is a request for someone else that we hold
821 * a proxy for. We want to add an entry to our cache if it is a reply
822 * to us or if it is a request for our address.
823 * (The assumption for this last is that if someone is requesting our
824 * address, they are probably intending to talk to us, so it saves time
825 * if we cache their address. Their address is also probably not in
826 * our cache, since ours is not in their cache.)
827 *
828 * Putting this another way, we only care about replies if they are to
829 * us, in which case we add them to the cache. For requests, we care
830 * about those for us and those for our proxies. We reply to both,
831 * and in the case of requests for us we add the requester to the arp
832 * cache.
833 */
834
835 /* Special case: IPv4 duplicate address detection packet (RFC2131) */
836 if (sip == 0) {
837 if (arp->ar_op == htons(ARPOP_REQUEST) &&
838 inet_addr_type(net, tip) == RTN_LOCAL &&
839 !arp_ignore(in_dev, sip, tip))
840 arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha,
841 dev->dev_addr, sha);
842 goto out;
843 }
844
845 if (arp->ar_op == htons(ARPOP_REQUEST) &&
846 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
847
848 rt = skb_rtable(skb);
849 addr_type = rt->rt_type;
850
851 if (addr_type == RTN_LOCAL) {
852 int dont_send;
853
854 dont_send = arp_ignore(in_dev, sip, tip);
855 if (!dont_send && IN_DEV_ARPFILTER(in_dev))
856 dont_send = arp_filter(sip, tip, dev);
857 if (!dont_send) {
858 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
859 if (n) {
860 arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
861 dev, tip, sha, dev->dev_addr,
862 sha);
863 neigh_release(n);
864 }
865 }
866 goto out;
867 } else if (IN_DEV_FORWARD(in_dev)) {
868 if (addr_type == RTN_UNICAST &&
869 (arp_fwd_proxy(in_dev, dev, rt) ||
870 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
871 (rt->dst.dev != dev &&
872 pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
873 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
874 if (n)
875 neigh_release(n);
876
877 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
878 skb->pkt_type == PACKET_HOST ||
879 NEIGH_VAR(in_dev->arp_parms, PROXY_DELAY) == 0) {
880 arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
881 dev, tip, sha, dev->dev_addr,
882 sha);
883 } else {
884 pneigh_enqueue(&arp_tbl,
885 in_dev->arp_parms, skb);
886 return 0;
887 }
888 goto out;
889 }
890 }
891 }
892
893 /* Update our ARP tables */
894
895 n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
896
897 if (IN_DEV_ARP_ACCEPT(in_dev)) {
898 /* Unsolicited ARP is not accepted by default.
899 It is possible, that this option should be enabled for some
900 devices (strip is candidate)
901 */
902 is_garp = arp->ar_op == htons(ARPOP_REQUEST) && tip == sip &&
903 inet_addr_type(net, sip) == RTN_UNICAST;
904
905 if (n == NULL &&
906 ((arp->ar_op == htons(ARPOP_REPLY) &&
907 inet_addr_type(net, sip) == RTN_UNICAST) || is_garp))
908 n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
909 }
910
911 if (n) {
912 int state = NUD_REACHABLE;
913 int override;
914
915 /* If several different ARP replies follows back-to-back,
916 use the FIRST one. It is possible, if several proxy
917 agents are active. Taking the first reply prevents
918 arp trashing and chooses the fastest router.
919 */
920 override = time_after(jiffies,
921 n->updated +
922 NEIGH_VAR(n->parms, LOCKTIME)) ||
923 is_garp;
924
925 /* Broadcast replies and request packets
926 do not assert neighbour reachability.
927 */
928 if (arp->ar_op != htons(ARPOP_REPLY) ||
929 skb->pkt_type != PACKET_HOST)
930 state = NUD_STALE;
931 neigh_update(n, sha, state,
932 override ? NEIGH_UPDATE_F_OVERRIDE : 0);
933 neigh_release(n);
934 }
935
936out:
937 consume_skb(skb);
938 return 0;
939}
940
941static void parp_redo(struct sk_buff *skb)
942{
943 arp_process(skb);
944}
945
946
947/*
948 * Receive an arp request from the device layer.
949 */
950
951static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
952 struct packet_type *pt, struct net_device *orig_dev)
953{
954 const struct arphdr *arp;
955
956 if (dev->flags & IFF_NOARP ||
957 skb->pkt_type == PACKET_OTHERHOST ||
958 skb->pkt_type == PACKET_LOOPBACK)
959 goto freeskb;
960
961 skb = skb_share_check(skb, GFP_ATOMIC);
962 if (!skb)
963 goto out_of_mem;
964
965 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */
966 if (!pskb_may_pull(skb, arp_hdr_len(dev)))
967 goto freeskb;
968
969 arp = arp_hdr(skb);
970 if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4)
971 goto freeskb;
972
973 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
974
975 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, skb, dev, NULL, arp_process);
976
977freeskb:
978 kfree_skb(skb);
979out_of_mem:
980 return 0;
981}
982
983/*
984 * User level interface (ioctl)
985 */
986
987/*
988 * Set (create) an ARP cache entry.
989 */
990
991static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
992{
993 if (dev == NULL) {
994 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
995 return 0;
996 }
997 if (__in_dev_get_rtnl(dev)) {
998 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
999 return 0;
1000 }
1001 return -ENXIO;
1002}
1003
1004static int arp_req_set_public(struct net *net, struct arpreq *r,
1005 struct net_device *dev)
1006{
1007 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1008 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1009
1010 if (mask && mask != htonl(0xFFFFFFFF))
1011 return -EINVAL;
1012 if (!dev && (r->arp_flags & ATF_COM)) {
1013 dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family,
1014 r->arp_ha.sa_data);
1015 if (!dev)
1016 return -ENODEV;
1017 }
1018 if (mask) {
1019 if (pneigh_lookup(&arp_tbl, net, &ip, dev, 1) == NULL)
1020 return -ENOBUFS;
1021 return 0;
1022 }
1023
1024 return arp_req_set_proxy(net, dev, 1);
1025}
1026
1027static int arp_req_set(struct net *net, struct arpreq *r,
1028 struct net_device *dev)
1029{
1030 __be32 ip;
1031 struct neighbour *neigh;
1032 int err;
1033
1034 if (r->arp_flags & ATF_PUBL)
1035 return arp_req_set_public(net, r, dev);
1036
1037 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1038 if (r->arp_flags & ATF_PERM)
1039 r->arp_flags |= ATF_COM;
1040 if (dev == NULL) {
1041 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1042
1043 if (IS_ERR(rt))
1044 return PTR_ERR(rt);
1045 dev = rt->dst.dev;
1046 ip_rt_put(rt);
1047 if (!dev)
1048 return -EINVAL;
1049 }
1050 switch (dev->type) {
1051#if IS_ENABLED(CONFIG_FDDI)
1052 case ARPHRD_FDDI:
1053 /*
1054 * According to RFC 1390, FDDI devices should accept ARP
1055 * hardware types of 1 (Ethernet). However, to be more
1056 * robust, we'll accept hardware types of either 1 (Ethernet)
1057 * or 6 (IEEE 802.2).
1058 */
1059 if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1060 r->arp_ha.sa_family != ARPHRD_ETHER &&
1061 r->arp_ha.sa_family != ARPHRD_IEEE802)
1062 return -EINVAL;
1063 break;
1064#endif
1065 default:
1066 if (r->arp_ha.sa_family != dev->type)
1067 return -EINVAL;
1068 break;
1069 }
1070
1071 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1072 err = PTR_ERR(neigh);
1073 if (!IS_ERR(neigh)) {
1074 unsigned int state = NUD_STALE;
1075 if (r->arp_flags & ATF_PERM)
1076 state = NUD_PERMANENT;
1077 err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1078 r->arp_ha.sa_data : NULL, state,
1079 NEIGH_UPDATE_F_OVERRIDE |
1080 NEIGH_UPDATE_F_ADMIN);
1081 neigh_release(neigh);
1082 }
1083 return err;
1084}
1085
1086static unsigned int arp_state_to_flags(struct neighbour *neigh)
1087{
1088 if (neigh->nud_state&NUD_PERMANENT)
1089 return ATF_PERM | ATF_COM;
1090 else if (neigh->nud_state&NUD_VALID)
1091 return ATF_COM;
1092 else
1093 return 0;
1094}
1095
1096/*
1097 * Get an ARP cache entry.
1098 */
1099
1100static int arp_req_get(struct arpreq *r, struct net_device *dev)
1101{
1102 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1103 struct neighbour *neigh;
1104 int err = -ENXIO;
1105
1106 neigh = neigh_lookup(&arp_tbl, &ip, dev);
1107 if (neigh) {
1108 read_lock_bh(&neigh->lock);
1109 memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len);
1110 r->arp_flags = arp_state_to_flags(neigh);
1111 read_unlock_bh(&neigh->lock);
1112 r->arp_ha.sa_family = dev->type;
1113 strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev));
1114 neigh_release(neigh);
1115 err = 0;
1116 }
1117 return err;
1118}
1119
1120static int arp_invalidate(struct net_device *dev, __be32 ip)
1121{
1122 struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1123 int err = -ENXIO;
1124
1125 if (neigh) {
1126 if (neigh->nud_state & ~NUD_NOARP)
1127 err = neigh_update(neigh, NULL, NUD_FAILED,
1128 NEIGH_UPDATE_F_OVERRIDE|
1129 NEIGH_UPDATE_F_ADMIN);
1130 neigh_release(neigh);
1131 }
1132
1133 return err;
1134}
1135
1136static int arp_req_delete_public(struct net *net, struct arpreq *r,
1137 struct net_device *dev)
1138{
1139 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1140 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1141
1142 if (mask == htonl(0xFFFFFFFF))
1143 return pneigh_delete(&arp_tbl, net, &ip, dev);
1144
1145 if (mask)
1146 return -EINVAL;
1147
1148 return arp_req_set_proxy(net, dev, 0);
1149}
1150
1151static int arp_req_delete(struct net *net, struct arpreq *r,
1152 struct net_device *dev)
1153{
1154 __be32 ip;
1155
1156 if (r->arp_flags & ATF_PUBL)
1157 return arp_req_delete_public(net, r, dev);
1158
1159 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1160 if (dev == NULL) {
1161 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1162 if (IS_ERR(rt))
1163 return PTR_ERR(rt);
1164 dev = rt->dst.dev;
1165 ip_rt_put(rt);
1166 if (!dev)
1167 return -EINVAL;
1168 }
1169 return arp_invalidate(dev, ip);
1170}
1171
1172/*
1173 * Handle an ARP layer I/O control request.
1174 */
1175
1176int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1177{
1178 int err;
1179 struct arpreq r;
1180 struct net_device *dev = NULL;
1181
1182 switch (cmd) {
1183 case SIOCDARP:
1184 case SIOCSARP:
1185 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1186 return -EPERM;
1187 case SIOCGARP:
1188 err = copy_from_user(&r, arg, sizeof(struct arpreq));
1189 if (err)
1190 return -EFAULT;
1191 break;
1192 default:
1193 return -EINVAL;
1194 }
1195
1196 if (r.arp_pa.sa_family != AF_INET)
1197 return -EPFNOSUPPORT;
1198
1199 if (!(r.arp_flags & ATF_PUBL) &&
1200 (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1201 return -EINVAL;
1202 if (!(r.arp_flags & ATF_NETMASK))
1203 ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr =
1204 htonl(0xFFFFFFFFUL);
1205 rtnl_lock();
1206 if (r.arp_dev[0]) {
1207 err = -ENODEV;
1208 dev = __dev_get_by_name(net, r.arp_dev);
1209 if (dev == NULL)
1210 goto out;
1211
1212 /* Mmmm... It is wrong... ARPHRD_NETROM==0 */
1213 if (!r.arp_ha.sa_family)
1214 r.arp_ha.sa_family = dev->type;
1215 err = -EINVAL;
1216 if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type)
1217 goto out;
1218 } else if (cmd == SIOCGARP) {
1219 err = -ENODEV;
1220 goto out;
1221 }
1222
1223 switch (cmd) {
1224 case SIOCDARP:
1225 err = arp_req_delete(net, &r, dev);
1226 break;
1227 case SIOCSARP:
1228 err = arp_req_set(net, &r, dev);
1229 break;
1230 case SIOCGARP:
1231 err = arp_req_get(&r, dev);
1232 break;
1233 }
1234out:
1235 rtnl_unlock();
1236 if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r)))
1237 err = -EFAULT;
1238 return err;
1239}
1240
1241static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1242 void *ptr)
1243{
1244 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1245 struct netdev_notifier_change_info *change_info;
1246
1247 switch (event) {
1248 case NETDEV_CHANGEADDR:
1249 neigh_changeaddr(&arp_tbl, dev);
1250 rt_cache_flush(dev_net(dev));
1251 break;
1252 case NETDEV_CHANGE:
1253 change_info = ptr;
1254 if (change_info->flags_changed & IFF_NOARP)
1255 neigh_changeaddr(&arp_tbl, dev);
1256 break;
1257 default:
1258 break;
1259 }
1260
1261 return NOTIFY_DONE;
1262}
1263
1264static struct notifier_block arp_netdev_notifier = {
1265 .notifier_call = arp_netdev_event,
1266};
1267
1268/* Note, that it is not on notifier chain.
1269 It is necessary, that this routine was called after route cache will be
1270 flushed.
1271 */
1272void arp_ifdown(struct net_device *dev)
1273{
1274 neigh_ifdown(&arp_tbl, dev);
1275}
1276
1277
1278/*
1279 * Called once on startup.
1280 */
1281
1282static struct packet_type arp_packet_type __read_mostly = {
1283 .type = cpu_to_be16(ETH_P_ARP),
1284 .func = arp_rcv,
1285};
1286
1287static int arp_proc_init(void);
1288
1289void __init arp_init(void)
1290{
1291 neigh_table_init(&arp_tbl);
1292
1293 dev_add_pack(&arp_packet_type);
1294 arp_proc_init();
1295#ifdef CONFIG_SYSCTL
1296 neigh_sysctl_register(NULL, &arp_tbl.parms, NULL);
1297#endif
1298 register_netdevice_notifier(&arp_netdev_notifier);
1299}
1300
1301#ifdef CONFIG_PROC_FS
1302#if IS_ENABLED(CONFIG_AX25)
1303
1304/* ------------------------------------------------------------------------ */
1305/*
1306 * ax25 -> ASCII conversion
1307 */
1308static char *ax2asc2(ax25_address *a, char *buf)
1309{
1310 char c, *s;
1311 int n;
1312
1313 for (n = 0, s = buf; n < 6; n++) {
1314 c = (a->ax25_call[n] >> 1) & 0x7F;
1315
1316 if (c != ' ')
1317 *s++ = c;
1318 }
1319
1320 *s++ = '-';
1321 n = (a->ax25_call[6] >> 1) & 0x0F;
1322 if (n > 9) {
1323 *s++ = '1';
1324 n -= 10;
1325 }
1326
1327 *s++ = n + '0';
1328 *s++ = '\0';
1329
1330 if (*buf == '\0' || *buf == '-')
1331 return "*";
1332
1333 return buf;
1334}
1335#endif /* CONFIG_AX25 */
1336
1337#define HBUFFERLEN 30
1338
1339static void arp_format_neigh_entry(struct seq_file *seq,
1340 struct neighbour *n)
1341{
1342 char hbuffer[HBUFFERLEN];
1343 int k, j;
1344 char tbuf[16];
1345 struct net_device *dev = n->dev;
1346 int hatype = dev->type;
1347
1348 read_lock(&n->lock);
1349 /* Convert hardware address to XX:XX:XX:XX ... form. */
1350#if IS_ENABLED(CONFIG_AX25)
1351 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1352 ax2asc2((ax25_address *)n->ha, hbuffer);
1353 else {
1354#endif
1355 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1356 hbuffer[k++] = hex_asc_hi(n->ha[j]);
1357 hbuffer[k++] = hex_asc_lo(n->ha[j]);
1358 hbuffer[k++] = ':';
1359 }
1360 if (k != 0)
1361 --k;
1362 hbuffer[k] = 0;
1363#if IS_ENABLED(CONFIG_AX25)
1364 }
1365#endif
1366 sprintf(tbuf, "%pI4", n->primary_key);
1367 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1368 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1369 read_unlock(&n->lock);
1370}
1371
1372static void arp_format_pneigh_entry(struct seq_file *seq,
1373 struct pneigh_entry *n)
1374{
1375 struct net_device *dev = n->dev;
1376 int hatype = dev ? dev->type : 0;
1377 char tbuf[16];
1378
1379 sprintf(tbuf, "%pI4", n->key);
1380 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1381 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1382 dev ? dev->name : "*");
1383}
1384
1385static int arp_seq_show(struct seq_file *seq, void *v)
1386{
1387 if (v == SEQ_START_TOKEN) {
1388 seq_puts(seq, "IP address HW type Flags "
1389 "HW address Mask Device\n");
1390 } else {
1391 struct neigh_seq_state *state = seq->private;
1392
1393 if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1394 arp_format_pneigh_entry(seq, v);
1395 else
1396 arp_format_neigh_entry(seq, v);
1397 }
1398
1399 return 0;
1400}
1401
1402static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1403{
1404 /* Don't want to confuse "arp -a" w/ magic entries,
1405 * so we tell the generic iterator to skip NUD_NOARP.
1406 */
1407 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1408}
1409
1410/* ------------------------------------------------------------------------ */
1411
1412static const struct seq_operations arp_seq_ops = {
1413 .start = arp_seq_start,
1414 .next = neigh_seq_next,
1415 .stop = neigh_seq_stop,
1416 .show = arp_seq_show,
1417};
1418
1419static int arp_seq_open(struct inode *inode, struct file *file)
1420{
1421 return seq_open_net(inode, file, &arp_seq_ops,
1422 sizeof(struct neigh_seq_state));
1423}
1424
1425static const struct file_operations arp_seq_fops = {
1426 .owner = THIS_MODULE,
1427 .open = arp_seq_open,
1428 .read = seq_read,
1429 .llseek = seq_lseek,
1430 .release = seq_release_net,
1431};
1432
1433
1434static int __net_init arp_net_init(struct net *net)
1435{
1436 if (!proc_create("arp", S_IRUGO, net->proc_net, &arp_seq_fops))
1437 return -ENOMEM;
1438 return 0;
1439}
1440
1441static void __net_exit arp_net_exit(struct net *net)
1442{
1443 remove_proc_entry("arp", net->proc_net);
1444}
1445
1446static struct pernet_operations arp_net_ops = {
1447 .init = arp_net_init,
1448 .exit = arp_net_exit,
1449};
1450
1451static int __init arp_proc_init(void)
1452{
1453 return register_pernet_subsys(&arp_net_ops);
1454}
1455
1456#else /* CONFIG_PROC_FS */
1457
1458static int __init arp_proc_init(void)
1459{
1460 return 0;
1461}
1462
1463#endif /* CONFIG_PROC_FS */
1/* linux/net/ipv4/arp.c
2 *
3 * Copyright (C) 1994 by Florian La Roche
4 *
5 * This module implements the Address Resolution Protocol ARP (RFC 826),
6 * which is used to convert IP addresses (or in the future maybe other
7 * high-level addresses) into a low-level hardware address (like an Ethernet
8 * address).
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
14 *
15 * Fixes:
16 * Alan Cox : Removed the Ethernet assumptions in
17 * Florian's code
18 * Alan Cox : Fixed some small errors in the ARP
19 * logic
20 * Alan Cox : Allow >4K in /proc
21 * Alan Cox : Make ARP add its own protocol entry
22 * Ross Martin : Rewrote arp_rcv() and arp_get_info()
23 * Stephen Henson : Add AX25 support to arp_get_info()
24 * Alan Cox : Drop data when a device is downed.
25 * Alan Cox : Use init_timer().
26 * Alan Cox : Double lock fixes.
27 * Martin Seine : Move the arphdr structure
28 * to if_arp.h for compatibility.
29 * with BSD based programs.
30 * Andrew Tridgell : Added ARP netmask code and
31 * re-arranged proxy handling.
32 * Alan Cox : Changed to use notifiers.
33 * Niibe Yutaka : Reply for this device or proxies only.
34 * Alan Cox : Don't proxy across hardware types!
35 * Jonathan Naylor : Added support for NET/ROM.
36 * Mike Shaver : RFC1122 checks.
37 * Jonathan Naylor : Only lookup the hardware address for
38 * the correct hardware type.
39 * Germano Caronni : Assorted subtle races.
40 * Craig Schlenter : Don't modify permanent entry
41 * during arp_rcv.
42 * Russ Nelson : Tidied up a few bits.
43 * Alexey Kuznetsov: Major changes to caching and behaviour,
44 * eg intelligent arp probing and
45 * generation
46 * of host down events.
47 * Alan Cox : Missing unlock in device events.
48 * Eckes : ARP ioctl control errors.
49 * Alexey Kuznetsov: Arp free fix.
50 * Manuel Rodriguez: Gratuitous ARP.
51 * Jonathan Layes : Added arpd support through kerneld
52 * message queue (960314)
53 * Mike Shaver : /proc/sys/net/ipv4/arp_* support
54 * Mike McLagan : Routing by source
55 * Stuart Cheshire : Metricom and grat arp fixes
56 * *** FOR 2.1 clean this up ***
57 * Lawrence V. Stefani: (08/12/96) Added FDDI support.
58 * Alan Cox : Took the AP1000 nasty FDDI hack and
59 * folded into the mainstream FDDI code.
60 * Ack spit, Linus how did you allow that
61 * one in...
62 * Jes Sorensen : Make FDDI work again in 2.1.x and
63 * clean up the APFDDI & gen. FDDI bits.
64 * Alexey Kuznetsov: new arp state machine;
65 * now it is in net/core/neighbour.c.
66 * Krzysztof Halasa: Added Frame Relay ARP support.
67 * Arnaldo C. Melo : convert /proc/net/arp to seq_file
68 * Shmulik Hen: Split arp_send to arp_create and
69 * arp_xmit so intermediate drivers like
70 * bonding can change the skb before
71 * sending (e.g. insert 8021q tag).
72 * Harald Welte : convert to make use of jenkins hash
73 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support.
74 */
75
76#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
77
78#include <linux/module.h>
79#include <linux/types.h>
80#include <linux/string.h>
81#include <linux/kernel.h>
82#include <linux/capability.h>
83#include <linux/socket.h>
84#include <linux/sockios.h>
85#include <linux/errno.h>
86#include <linux/in.h>
87#include <linux/mm.h>
88#include <linux/inet.h>
89#include <linux/inetdevice.h>
90#include <linux/netdevice.h>
91#include <linux/etherdevice.h>
92#include <linux/fddidevice.h>
93#include <linux/if_arp.h>
94#include <linux/skbuff.h>
95#include <linux/proc_fs.h>
96#include <linux/seq_file.h>
97#include <linux/stat.h>
98#include <linux/init.h>
99#include <linux/net.h>
100#include <linux/rcupdate.h>
101#include <linux/slab.h>
102#ifdef CONFIG_SYSCTL
103#include <linux/sysctl.h>
104#endif
105
106#include <net/net_namespace.h>
107#include <net/ip.h>
108#include <net/icmp.h>
109#include <net/route.h>
110#include <net/protocol.h>
111#include <net/tcp.h>
112#include <net/sock.h>
113#include <net/arp.h>
114#include <net/ax25.h>
115#include <net/netrom.h>
116#include <net/dst_metadata.h>
117#include <net/ip_tunnels.h>
118
119#include <linux/uaccess.h>
120
121#include <linux/netfilter_arp.h>
122
123/*
124 * Interface to generic neighbour cache.
125 */
126static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd);
127static bool arp_key_eq(const struct neighbour *n, const void *pkey);
128static int arp_constructor(struct neighbour *neigh);
129static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
130static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
131static void parp_redo(struct sk_buff *skb);
132
133static const struct neigh_ops arp_generic_ops = {
134 .family = AF_INET,
135 .solicit = arp_solicit,
136 .error_report = arp_error_report,
137 .output = neigh_resolve_output,
138 .connected_output = neigh_connected_output,
139};
140
141static const struct neigh_ops arp_hh_ops = {
142 .family = AF_INET,
143 .solicit = arp_solicit,
144 .error_report = arp_error_report,
145 .output = neigh_resolve_output,
146 .connected_output = neigh_resolve_output,
147};
148
149static const struct neigh_ops arp_direct_ops = {
150 .family = AF_INET,
151 .output = neigh_direct_output,
152 .connected_output = neigh_direct_output,
153};
154
155struct neigh_table arp_tbl = {
156 .family = AF_INET,
157 .key_len = 4,
158 .protocol = cpu_to_be16(ETH_P_IP),
159 .hash = arp_hash,
160 .key_eq = arp_key_eq,
161 .constructor = arp_constructor,
162 .proxy_redo = parp_redo,
163 .id = "arp_cache",
164 .parms = {
165 .tbl = &arp_tbl,
166 .reachable_time = 30 * HZ,
167 .data = {
168 [NEIGH_VAR_MCAST_PROBES] = 3,
169 [NEIGH_VAR_UCAST_PROBES] = 3,
170 [NEIGH_VAR_RETRANS_TIME] = 1 * HZ,
171 [NEIGH_VAR_BASE_REACHABLE_TIME] = 30 * HZ,
172 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
173 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
174 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
175 [NEIGH_VAR_PROXY_QLEN] = 64,
176 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
177 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
178 [NEIGH_VAR_LOCKTIME] = 1 * HZ,
179 },
180 },
181 .gc_interval = 30 * HZ,
182 .gc_thresh1 = 128,
183 .gc_thresh2 = 512,
184 .gc_thresh3 = 1024,
185};
186EXPORT_SYMBOL(arp_tbl);
187
188int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
189{
190 switch (dev->type) {
191 case ARPHRD_ETHER:
192 case ARPHRD_FDDI:
193 case ARPHRD_IEEE802:
194 ip_eth_mc_map(addr, haddr);
195 return 0;
196 case ARPHRD_INFINIBAND:
197 ip_ib_mc_map(addr, dev->broadcast, haddr);
198 return 0;
199 case ARPHRD_IPGRE:
200 ip_ipgre_mc_map(addr, dev->broadcast, haddr);
201 return 0;
202 default:
203 if (dir) {
204 memcpy(haddr, dev->broadcast, dev->addr_len);
205 return 0;
206 }
207 }
208 return -EINVAL;
209}
210
211
212static u32 arp_hash(const void *pkey,
213 const struct net_device *dev,
214 __u32 *hash_rnd)
215{
216 return arp_hashfn(pkey, dev, hash_rnd);
217}
218
219static bool arp_key_eq(const struct neighbour *neigh, const void *pkey)
220{
221 return neigh_key_eq32(neigh, pkey);
222}
223
224static int arp_constructor(struct neighbour *neigh)
225{
226 __be32 addr;
227 struct net_device *dev = neigh->dev;
228 struct in_device *in_dev;
229 struct neigh_parms *parms;
230 u32 inaddr_any = INADDR_ANY;
231
232 if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT))
233 memcpy(neigh->primary_key, &inaddr_any, arp_tbl.key_len);
234
235 addr = *(__be32 *)neigh->primary_key;
236 rcu_read_lock();
237 in_dev = __in_dev_get_rcu(dev);
238 if (!in_dev) {
239 rcu_read_unlock();
240 return -EINVAL;
241 }
242
243 neigh->type = inet_addr_type_dev_table(dev_net(dev), dev, addr);
244
245 parms = in_dev->arp_parms;
246 __neigh_parms_put(neigh->parms);
247 neigh->parms = neigh_parms_clone(parms);
248 rcu_read_unlock();
249
250 if (!dev->header_ops) {
251 neigh->nud_state = NUD_NOARP;
252 neigh->ops = &arp_direct_ops;
253 neigh->output = neigh_direct_output;
254 } else {
255 /* Good devices (checked by reading texts, but only Ethernet is
256 tested)
257
258 ARPHRD_ETHER: (ethernet, apfddi)
259 ARPHRD_FDDI: (fddi)
260 ARPHRD_IEEE802: (tr)
261 ARPHRD_METRICOM: (strip)
262 ARPHRD_ARCNET:
263 etc. etc. etc.
264
265 ARPHRD_IPDDP will also work, if author repairs it.
266 I did not it, because this driver does not work even
267 in old paradigm.
268 */
269
270 if (neigh->type == RTN_MULTICAST) {
271 neigh->nud_state = NUD_NOARP;
272 arp_mc_map(addr, neigh->ha, dev, 1);
273 } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
274 neigh->nud_state = NUD_NOARP;
275 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
276 } else if (neigh->type == RTN_BROADCAST ||
277 (dev->flags & IFF_POINTOPOINT)) {
278 neigh->nud_state = NUD_NOARP;
279 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
280 }
281
282 if (dev->header_ops->cache)
283 neigh->ops = &arp_hh_ops;
284 else
285 neigh->ops = &arp_generic_ops;
286
287 if (neigh->nud_state & NUD_VALID)
288 neigh->output = neigh->ops->connected_output;
289 else
290 neigh->output = neigh->ops->output;
291 }
292 return 0;
293}
294
295static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
296{
297 dst_link_failure(skb);
298 kfree_skb(skb);
299}
300
301/* Create and send an arp packet. */
302static void arp_send_dst(int type, int ptype, __be32 dest_ip,
303 struct net_device *dev, __be32 src_ip,
304 const unsigned char *dest_hw,
305 const unsigned char *src_hw,
306 const unsigned char *target_hw,
307 struct dst_entry *dst)
308{
309 struct sk_buff *skb;
310
311 /* arp on this interface. */
312 if (dev->flags & IFF_NOARP)
313 return;
314
315 skb = arp_create(type, ptype, dest_ip, dev, src_ip,
316 dest_hw, src_hw, target_hw);
317 if (!skb)
318 return;
319
320 skb_dst_set(skb, dst_clone(dst));
321 arp_xmit(skb);
322}
323
324void arp_send(int type, int ptype, __be32 dest_ip,
325 struct net_device *dev, __be32 src_ip,
326 const unsigned char *dest_hw, const unsigned char *src_hw,
327 const unsigned char *target_hw)
328{
329 arp_send_dst(type, ptype, dest_ip, dev, src_ip, dest_hw, src_hw,
330 target_hw, NULL);
331}
332EXPORT_SYMBOL(arp_send);
333
334static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
335{
336 __be32 saddr = 0;
337 u8 dst_ha[MAX_ADDR_LEN], *dst_hw = NULL;
338 struct net_device *dev = neigh->dev;
339 __be32 target = *(__be32 *)neigh->primary_key;
340 int probes = atomic_read(&neigh->probes);
341 struct in_device *in_dev;
342 struct dst_entry *dst = NULL;
343
344 rcu_read_lock();
345 in_dev = __in_dev_get_rcu(dev);
346 if (!in_dev) {
347 rcu_read_unlock();
348 return;
349 }
350 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
351 default:
352 case 0: /* By default announce any local IP */
353 if (skb && inet_addr_type_dev_table(dev_net(dev), dev,
354 ip_hdr(skb)->saddr) == RTN_LOCAL)
355 saddr = ip_hdr(skb)->saddr;
356 break;
357 case 1: /* Restrict announcements of saddr in same subnet */
358 if (!skb)
359 break;
360 saddr = ip_hdr(skb)->saddr;
361 if (inet_addr_type_dev_table(dev_net(dev), dev,
362 saddr) == RTN_LOCAL) {
363 /* saddr should be known to target */
364 if (inet_addr_onlink(in_dev, target, saddr))
365 break;
366 }
367 saddr = 0;
368 break;
369 case 2: /* Avoid secondary IPs, get a primary/preferred one */
370 break;
371 }
372 rcu_read_unlock();
373
374 if (!saddr)
375 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
376
377 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
378 if (probes < 0) {
379 if (!(neigh->nud_state & NUD_VALID))
380 pr_debug("trying to ucast probe in NUD_INVALID\n");
381 neigh_ha_snapshot(dst_ha, neigh, dev);
382 dst_hw = dst_ha;
383 } else {
384 probes -= NEIGH_VAR(neigh->parms, APP_PROBES);
385 if (probes < 0) {
386 neigh_app_ns(neigh);
387 return;
388 }
389 }
390
391 if (skb && !(dev->priv_flags & IFF_XMIT_DST_RELEASE))
392 dst = skb_dst(skb);
393 arp_send_dst(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
394 dst_hw, dev->dev_addr, NULL, dst);
395}
396
397static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
398{
399 struct net *net = dev_net(in_dev->dev);
400 int scope;
401
402 switch (IN_DEV_ARP_IGNORE(in_dev)) {
403 case 0: /* Reply, the tip is already validated */
404 return 0;
405 case 1: /* Reply only if tip is configured on the incoming interface */
406 sip = 0;
407 scope = RT_SCOPE_HOST;
408 break;
409 case 2: /*
410 * Reply only if tip is configured on the incoming interface
411 * and is in same subnet as sip
412 */
413 scope = RT_SCOPE_HOST;
414 break;
415 case 3: /* Do not reply for scope host addresses */
416 sip = 0;
417 scope = RT_SCOPE_LINK;
418 in_dev = NULL;
419 break;
420 case 4: /* Reserved */
421 case 5:
422 case 6:
423 case 7:
424 return 0;
425 case 8: /* Do not reply */
426 return 1;
427 default:
428 return 0;
429 }
430 return !inet_confirm_addr(net, in_dev, sip, tip, scope);
431}
432
433static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
434{
435 struct rtable *rt;
436 int flag = 0;
437 /*unsigned long now; */
438 struct net *net = dev_net(dev);
439
440 rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev));
441 if (IS_ERR(rt))
442 return 1;
443 if (rt->dst.dev != dev) {
444 __NET_INC_STATS(net, LINUX_MIB_ARPFILTER);
445 flag = 1;
446 }
447 ip_rt_put(rt);
448 return flag;
449}
450
451/*
452 * Check if we can use proxy ARP for this path
453 */
454static inline int arp_fwd_proxy(struct in_device *in_dev,
455 struct net_device *dev, struct rtable *rt)
456{
457 struct in_device *out_dev;
458 int imi, omi = -1;
459
460 if (rt->dst.dev == dev)
461 return 0;
462
463 if (!IN_DEV_PROXY_ARP(in_dev))
464 return 0;
465 imi = IN_DEV_MEDIUM_ID(in_dev);
466 if (imi == 0)
467 return 1;
468 if (imi == -1)
469 return 0;
470
471 /* place to check for proxy_arp for routes */
472
473 out_dev = __in_dev_get_rcu(rt->dst.dev);
474 if (out_dev)
475 omi = IN_DEV_MEDIUM_ID(out_dev);
476
477 return omi != imi && omi != -1;
478}
479
480/*
481 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
482 *
483 * RFC3069 supports proxy arp replies back to the same interface. This
484 * is done to support (ethernet) switch features, like RFC 3069, where
485 * the individual ports are not allowed to communicate with each
486 * other, BUT they are allowed to talk to the upstream router. As
487 * described in RFC 3069, it is possible to allow these hosts to
488 * communicate through the upstream router, by proxy_arp'ing.
489 *
490 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
491 *
492 * This technology is known by different names:
493 * In RFC 3069 it is called VLAN Aggregation.
494 * Cisco and Allied Telesyn call it Private VLAN.
495 * Hewlett-Packard call it Source-Port filtering or port-isolation.
496 * Ericsson call it MAC-Forced Forwarding (RFC Draft).
497 *
498 */
499static inline int arp_fwd_pvlan(struct in_device *in_dev,
500 struct net_device *dev, struct rtable *rt,
501 __be32 sip, __be32 tip)
502{
503 /* Private VLAN is only concerned about the same ethernet segment */
504 if (rt->dst.dev != dev)
505 return 0;
506
507 /* Don't reply on self probes (often done by windowz boxes)*/
508 if (sip == tip)
509 return 0;
510
511 if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
512 return 1;
513 else
514 return 0;
515}
516
517/*
518 * Interface to link layer: send routine and receive handler.
519 */
520
521/*
522 * Create an arp packet. If dest_hw is not set, we create a broadcast
523 * message.
524 */
525struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
526 struct net_device *dev, __be32 src_ip,
527 const unsigned char *dest_hw,
528 const unsigned char *src_hw,
529 const unsigned char *target_hw)
530{
531 struct sk_buff *skb;
532 struct arphdr *arp;
533 unsigned char *arp_ptr;
534 int hlen = LL_RESERVED_SPACE(dev);
535 int tlen = dev->needed_tailroom;
536
537 /*
538 * Allocate a buffer
539 */
540
541 skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC);
542 if (!skb)
543 return NULL;
544
545 skb_reserve(skb, hlen);
546 skb_reset_network_header(skb);
547 arp = skb_put(skb, arp_hdr_len(dev));
548 skb->dev = dev;
549 skb->protocol = htons(ETH_P_ARP);
550 if (!src_hw)
551 src_hw = dev->dev_addr;
552 if (!dest_hw)
553 dest_hw = dev->broadcast;
554
555 /*
556 * Fill the device header for the ARP frame
557 */
558 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
559 goto out;
560
561 /*
562 * Fill out the arp protocol part.
563 *
564 * The arp hardware type should match the device type, except for FDDI,
565 * which (according to RFC 1390) should always equal 1 (Ethernet).
566 */
567 /*
568 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the
569 * DIX code for the protocol. Make these device structure fields.
570 */
571 switch (dev->type) {
572 default:
573 arp->ar_hrd = htons(dev->type);
574 arp->ar_pro = htons(ETH_P_IP);
575 break;
576
577#if IS_ENABLED(CONFIG_AX25)
578 case ARPHRD_AX25:
579 arp->ar_hrd = htons(ARPHRD_AX25);
580 arp->ar_pro = htons(AX25_P_IP);
581 break;
582
583#if IS_ENABLED(CONFIG_NETROM)
584 case ARPHRD_NETROM:
585 arp->ar_hrd = htons(ARPHRD_NETROM);
586 arp->ar_pro = htons(AX25_P_IP);
587 break;
588#endif
589#endif
590
591#if IS_ENABLED(CONFIG_FDDI)
592 case ARPHRD_FDDI:
593 arp->ar_hrd = htons(ARPHRD_ETHER);
594 arp->ar_pro = htons(ETH_P_IP);
595 break;
596#endif
597 }
598
599 arp->ar_hln = dev->addr_len;
600 arp->ar_pln = 4;
601 arp->ar_op = htons(type);
602
603 arp_ptr = (unsigned char *)(arp + 1);
604
605 memcpy(arp_ptr, src_hw, dev->addr_len);
606 arp_ptr += dev->addr_len;
607 memcpy(arp_ptr, &src_ip, 4);
608 arp_ptr += 4;
609
610 switch (dev->type) {
611#if IS_ENABLED(CONFIG_FIREWIRE_NET)
612 case ARPHRD_IEEE1394:
613 break;
614#endif
615 default:
616 if (target_hw)
617 memcpy(arp_ptr, target_hw, dev->addr_len);
618 else
619 memset(arp_ptr, 0, dev->addr_len);
620 arp_ptr += dev->addr_len;
621 }
622 memcpy(arp_ptr, &dest_ip, 4);
623
624 return skb;
625
626out:
627 kfree_skb(skb);
628 return NULL;
629}
630EXPORT_SYMBOL(arp_create);
631
632static int arp_xmit_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
633{
634 return dev_queue_xmit(skb);
635}
636
637/*
638 * Send an arp packet.
639 */
640void arp_xmit(struct sk_buff *skb)
641{
642 /* Send it off, maybe filter it using firewalling first. */
643 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT,
644 dev_net(skb->dev), NULL, skb, NULL, skb->dev,
645 arp_xmit_finish);
646}
647EXPORT_SYMBOL(arp_xmit);
648
649static bool arp_is_garp(struct net *net, struct net_device *dev,
650 int *addr_type, __be16 ar_op,
651 __be32 sip, __be32 tip,
652 unsigned char *sha, unsigned char *tha)
653{
654 bool is_garp = tip == sip;
655
656 /* Gratuitous ARP _replies_ also require target hwaddr to be
657 * the same as source.
658 */
659 if (is_garp && ar_op == htons(ARPOP_REPLY))
660 is_garp =
661 /* IPv4 over IEEE 1394 doesn't provide target
662 * hardware address field in its ARP payload.
663 */
664 tha &&
665 !memcmp(tha, sha, dev->addr_len);
666
667 if (is_garp) {
668 *addr_type = inet_addr_type_dev_table(net, dev, sip);
669 if (*addr_type != RTN_UNICAST)
670 is_garp = false;
671 }
672 return is_garp;
673}
674
675/*
676 * Process an arp request.
677 */
678
679static int arp_process(struct net *net, struct sock *sk, struct sk_buff *skb)
680{
681 struct net_device *dev = skb->dev;
682 struct in_device *in_dev = __in_dev_get_rcu(dev);
683 struct arphdr *arp;
684 unsigned char *arp_ptr;
685 struct rtable *rt;
686 unsigned char *sha;
687 unsigned char *tha = NULL;
688 __be32 sip, tip;
689 u16 dev_type = dev->type;
690 int addr_type;
691 struct neighbour *n;
692 struct dst_entry *reply_dst = NULL;
693 bool is_garp = false;
694
695 /* arp_rcv below verifies the ARP header and verifies the device
696 * is ARP'able.
697 */
698
699 if (!in_dev)
700 goto out_free_skb;
701
702 arp = arp_hdr(skb);
703
704 switch (dev_type) {
705 default:
706 if (arp->ar_pro != htons(ETH_P_IP) ||
707 htons(dev_type) != arp->ar_hrd)
708 goto out_free_skb;
709 break;
710 case ARPHRD_ETHER:
711 case ARPHRD_FDDI:
712 case ARPHRD_IEEE802:
713 /*
714 * ETHERNET, and Fibre Channel (which are IEEE 802
715 * devices, according to RFC 2625) devices will accept ARP
716 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
717 * This is the case also of FDDI, where the RFC 1390 says that
718 * FDDI devices should accept ARP hardware of (1) Ethernet,
719 * however, to be more robust, we'll accept both 1 (Ethernet)
720 * or 6 (IEEE 802.2)
721 */
722 if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
723 arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
724 arp->ar_pro != htons(ETH_P_IP))
725 goto out_free_skb;
726 break;
727 case ARPHRD_AX25:
728 if (arp->ar_pro != htons(AX25_P_IP) ||
729 arp->ar_hrd != htons(ARPHRD_AX25))
730 goto out_free_skb;
731 break;
732 case ARPHRD_NETROM:
733 if (arp->ar_pro != htons(AX25_P_IP) ||
734 arp->ar_hrd != htons(ARPHRD_NETROM))
735 goto out_free_skb;
736 break;
737 }
738
739 /* Understand only these message types */
740
741 if (arp->ar_op != htons(ARPOP_REPLY) &&
742 arp->ar_op != htons(ARPOP_REQUEST))
743 goto out_free_skb;
744
745/*
746 * Extract fields
747 */
748 arp_ptr = (unsigned char *)(arp + 1);
749 sha = arp_ptr;
750 arp_ptr += dev->addr_len;
751 memcpy(&sip, arp_ptr, 4);
752 arp_ptr += 4;
753 switch (dev_type) {
754#if IS_ENABLED(CONFIG_FIREWIRE_NET)
755 case ARPHRD_IEEE1394:
756 break;
757#endif
758 default:
759 tha = arp_ptr;
760 arp_ptr += dev->addr_len;
761 }
762 memcpy(&tip, arp_ptr, 4);
763/*
764 * Check for bad requests for 127.x.x.x and requests for multicast
765 * addresses. If this is one such, delete it.
766 */
767 if (ipv4_is_multicast(tip) ||
768 (!IN_DEV_ROUTE_LOCALNET(in_dev) && ipv4_is_loopback(tip)))
769 goto out_free_skb;
770
771 /*
772 * For some 802.11 wireless deployments (and possibly other networks),
773 * there will be an ARP proxy and gratuitous ARP frames are attacks
774 * and thus should not be accepted.
775 */
776 if (sip == tip && IN_DEV_ORCONF(in_dev, DROP_GRATUITOUS_ARP))
777 goto out_free_skb;
778
779/*
780 * Special case: We must set Frame Relay source Q.922 address
781 */
782 if (dev_type == ARPHRD_DLCI)
783 sha = dev->broadcast;
784
785/*
786 * Process entry. The idea here is we want to send a reply if it is a
787 * request for us or if it is a request for someone else that we hold
788 * a proxy for. We want to add an entry to our cache if it is a reply
789 * to us or if it is a request for our address.
790 * (The assumption for this last is that if someone is requesting our
791 * address, they are probably intending to talk to us, so it saves time
792 * if we cache their address. Their address is also probably not in
793 * our cache, since ours is not in their cache.)
794 *
795 * Putting this another way, we only care about replies if they are to
796 * us, in which case we add them to the cache. For requests, we care
797 * about those for us and those for our proxies. We reply to both,
798 * and in the case of requests for us we add the requester to the arp
799 * cache.
800 */
801
802 if (arp->ar_op == htons(ARPOP_REQUEST) && skb_metadata_dst(skb))
803 reply_dst = (struct dst_entry *)
804 iptunnel_metadata_reply(skb_metadata_dst(skb),
805 GFP_ATOMIC);
806
807 /* Special case: IPv4 duplicate address detection packet (RFC2131) */
808 if (sip == 0) {
809 if (arp->ar_op == htons(ARPOP_REQUEST) &&
810 inet_addr_type_dev_table(net, dev, tip) == RTN_LOCAL &&
811 !arp_ignore(in_dev, sip, tip))
812 arp_send_dst(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip,
813 sha, dev->dev_addr, sha, reply_dst);
814 goto out_consume_skb;
815 }
816
817 if (arp->ar_op == htons(ARPOP_REQUEST) &&
818 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
819
820 rt = skb_rtable(skb);
821 addr_type = rt->rt_type;
822
823 if (addr_type == RTN_LOCAL) {
824 int dont_send;
825
826 dont_send = arp_ignore(in_dev, sip, tip);
827 if (!dont_send && IN_DEV_ARPFILTER(in_dev))
828 dont_send = arp_filter(sip, tip, dev);
829 if (!dont_send) {
830 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
831 if (n) {
832 arp_send_dst(ARPOP_REPLY, ETH_P_ARP,
833 sip, dev, tip, sha,
834 dev->dev_addr, sha,
835 reply_dst);
836 neigh_release(n);
837 }
838 }
839 goto out_consume_skb;
840 } else if (IN_DEV_FORWARD(in_dev)) {
841 if (addr_type == RTN_UNICAST &&
842 (arp_fwd_proxy(in_dev, dev, rt) ||
843 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
844 (rt->dst.dev != dev &&
845 pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
846 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
847 if (n)
848 neigh_release(n);
849
850 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
851 skb->pkt_type == PACKET_HOST ||
852 NEIGH_VAR(in_dev->arp_parms, PROXY_DELAY) == 0) {
853 arp_send_dst(ARPOP_REPLY, ETH_P_ARP,
854 sip, dev, tip, sha,
855 dev->dev_addr, sha,
856 reply_dst);
857 } else {
858 pneigh_enqueue(&arp_tbl,
859 in_dev->arp_parms, skb);
860 goto out_free_dst;
861 }
862 goto out_consume_skb;
863 }
864 }
865 }
866
867 /* Update our ARP tables */
868
869 n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
870
871 addr_type = -1;
872 if (n || IN_DEV_ARP_ACCEPT(in_dev)) {
873 is_garp = arp_is_garp(net, dev, &addr_type, arp->ar_op,
874 sip, tip, sha, tha);
875 }
876
877 if (IN_DEV_ARP_ACCEPT(in_dev)) {
878 /* Unsolicited ARP is not accepted by default.
879 It is possible, that this option should be enabled for some
880 devices (strip is candidate)
881 */
882 if (!n &&
883 (is_garp ||
884 (arp->ar_op == htons(ARPOP_REPLY) &&
885 (addr_type == RTN_UNICAST ||
886 (addr_type < 0 &&
887 /* postpone calculation to as late as possible */
888 inet_addr_type_dev_table(net, dev, sip) ==
889 RTN_UNICAST)))))
890 n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
891 }
892
893 if (n) {
894 int state = NUD_REACHABLE;
895 int override;
896
897 /* If several different ARP replies follows back-to-back,
898 use the FIRST one. It is possible, if several proxy
899 agents are active. Taking the first reply prevents
900 arp trashing and chooses the fastest router.
901 */
902 override = time_after(jiffies,
903 n->updated +
904 NEIGH_VAR(n->parms, LOCKTIME)) ||
905 is_garp;
906
907 /* Broadcast replies and request packets
908 do not assert neighbour reachability.
909 */
910 if (arp->ar_op != htons(ARPOP_REPLY) ||
911 skb->pkt_type != PACKET_HOST)
912 state = NUD_STALE;
913 neigh_update(n, sha, state,
914 override ? NEIGH_UPDATE_F_OVERRIDE : 0, 0);
915 neigh_release(n);
916 }
917
918out_consume_skb:
919 consume_skb(skb);
920
921out_free_dst:
922 dst_release(reply_dst);
923 return NET_RX_SUCCESS;
924
925out_free_skb:
926 kfree_skb(skb);
927 return NET_RX_DROP;
928}
929
930static void parp_redo(struct sk_buff *skb)
931{
932 arp_process(dev_net(skb->dev), NULL, skb);
933}
934
935
936/*
937 * Receive an arp request from the device layer.
938 */
939
940static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
941 struct packet_type *pt, struct net_device *orig_dev)
942{
943 const struct arphdr *arp;
944
945 /* do not tweak dropwatch on an ARP we will ignore */
946 if (dev->flags & IFF_NOARP ||
947 skb->pkt_type == PACKET_OTHERHOST ||
948 skb->pkt_type == PACKET_LOOPBACK)
949 goto consumeskb;
950
951 skb = skb_share_check(skb, GFP_ATOMIC);
952 if (!skb)
953 goto out_of_mem;
954
955 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */
956 if (!pskb_may_pull(skb, arp_hdr_len(dev)))
957 goto freeskb;
958
959 arp = arp_hdr(skb);
960 if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4)
961 goto freeskb;
962
963 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
964
965 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN,
966 dev_net(dev), NULL, skb, dev, NULL,
967 arp_process);
968
969consumeskb:
970 consume_skb(skb);
971 return NET_RX_SUCCESS;
972freeskb:
973 kfree_skb(skb);
974out_of_mem:
975 return NET_RX_DROP;
976}
977
978/*
979 * User level interface (ioctl)
980 */
981
982/*
983 * Set (create) an ARP cache entry.
984 */
985
986static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
987{
988 if (!dev) {
989 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
990 return 0;
991 }
992 if (__in_dev_get_rtnl(dev)) {
993 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
994 return 0;
995 }
996 return -ENXIO;
997}
998
999static int arp_req_set_public(struct net *net, struct arpreq *r,
1000 struct net_device *dev)
1001{
1002 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1003 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1004
1005 if (mask && mask != htonl(0xFFFFFFFF))
1006 return -EINVAL;
1007 if (!dev && (r->arp_flags & ATF_COM)) {
1008 dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family,
1009 r->arp_ha.sa_data);
1010 if (!dev)
1011 return -ENODEV;
1012 }
1013 if (mask) {
1014 if (!pneigh_lookup(&arp_tbl, net, &ip, dev, 1))
1015 return -ENOBUFS;
1016 return 0;
1017 }
1018
1019 return arp_req_set_proxy(net, dev, 1);
1020}
1021
1022static int arp_req_set(struct net *net, struct arpreq *r,
1023 struct net_device *dev)
1024{
1025 __be32 ip;
1026 struct neighbour *neigh;
1027 int err;
1028
1029 if (r->arp_flags & ATF_PUBL)
1030 return arp_req_set_public(net, r, dev);
1031
1032 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1033 if (r->arp_flags & ATF_PERM)
1034 r->arp_flags |= ATF_COM;
1035 if (!dev) {
1036 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1037
1038 if (IS_ERR(rt))
1039 return PTR_ERR(rt);
1040 dev = rt->dst.dev;
1041 ip_rt_put(rt);
1042 if (!dev)
1043 return -EINVAL;
1044 }
1045 switch (dev->type) {
1046#if IS_ENABLED(CONFIG_FDDI)
1047 case ARPHRD_FDDI:
1048 /*
1049 * According to RFC 1390, FDDI devices should accept ARP
1050 * hardware types of 1 (Ethernet). However, to be more
1051 * robust, we'll accept hardware types of either 1 (Ethernet)
1052 * or 6 (IEEE 802.2).
1053 */
1054 if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1055 r->arp_ha.sa_family != ARPHRD_ETHER &&
1056 r->arp_ha.sa_family != ARPHRD_IEEE802)
1057 return -EINVAL;
1058 break;
1059#endif
1060 default:
1061 if (r->arp_ha.sa_family != dev->type)
1062 return -EINVAL;
1063 break;
1064 }
1065
1066 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1067 err = PTR_ERR(neigh);
1068 if (!IS_ERR(neigh)) {
1069 unsigned int state = NUD_STALE;
1070 if (r->arp_flags & ATF_PERM)
1071 state = NUD_PERMANENT;
1072 err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1073 r->arp_ha.sa_data : NULL, state,
1074 NEIGH_UPDATE_F_OVERRIDE |
1075 NEIGH_UPDATE_F_ADMIN, 0);
1076 neigh_release(neigh);
1077 }
1078 return err;
1079}
1080
1081static unsigned int arp_state_to_flags(struct neighbour *neigh)
1082{
1083 if (neigh->nud_state&NUD_PERMANENT)
1084 return ATF_PERM | ATF_COM;
1085 else if (neigh->nud_state&NUD_VALID)
1086 return ATF_COM;
1087 else
1088 return 0;
1089}
1090
1091/*
1092 * Get an ARP cache entry.
1093 */
1094
1095static int arp_req_get(struct arpreq *r, struct net_device *dev)
1096{
1097 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1098 struct neighbour *neigh;
1099 int err = -ENXIO;
1100
1101 neigh = neigh_lookup(&arp_tbl, &ip, dev);
1102 if (neigh) {
1103 if (!(neigh->nud_state & NUD_NOARP)) {
1104 read_lock_bh(&neigh->lock);
1105 memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len);
1106 r->arp_flags = arp_state_to_flags(neigh);
1107 read_unlock_bh(&neigh->lock);
1108 r->arp_ha.sa_family = dev->type;
1109 strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev));
1110 err = 0;
1111 }
1112 neigh_release(neigh);
1113 }
1114 return err;
1115}
1116
1117static int arp_invalidate(struct net_device *dev, __be32 ip)
1118{
1119 struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1120 int err = -ENXIO;
1121 struct neigh_table *tbl = &arp_tbl;
1122
1123 if (neigh) {
1124 if (neigh->nud_state & ~NUD_NOARP)
1125 err = neigh_update(neigh, NULL, NUD_FAILED,
1126 NEIGH_UPDATE_F_OVERRIDE|
1127 NEIGH_UPDATE_F_ADMIN, 0);
1128 write_lock_bh(&tbl->lock);
1129 neigh_release(neigh);
1130 neigh_remove_one(neigh, tbl);
1131 write_unlock_bh(&tbl->lock);
1132 }
1133
1134 return err;
1135}
1136
1137static int arp_req_delete_public(struct net *net, struct arpreq *r,
1138 struct net_device *dev)
1139{
1140 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1141 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1142
1143 if (mask == htonl(0xFFFFFFFF))
1144 return pneigh_delete(&arp_tbl, net, &ip, dev);
1145
1146 if (mask)
1147 return -EINVAL;
1148
1149 return arp_req_set_proxy(net, dev, 0);
1150}
1151
1152static int arp_req_delete(struct net *net, struct arpreq *r,
1153 struct net_device *dev)
1154{
1155 __be32 ip;
1156
1157 if (r->arp_flags & ATF_PUBL)
1158 return arp_req_delete_public(net, r, dev);
1159
1160 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1161 if (!dev) {
1162 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1163 if (IS_ERR(rt))
1164 return PTR_ERR(rt);
1165 dev = rt->dst.dev;
1166 ip_rt_put(rt);
1167 if (!dev)
1168 return -EINVAL;
1169 }
1170 return arp_invalidate(dev, ip);
1171}
1172
1173/*
1174 * Handle an ARP layer I/O control request.
1175 */
1176
1177int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1178{
1179 int err;
1180 struct arpreq r;
1181 struct net_device *dev = NULL;
1182
1183 switch (cmd) {
1184 case SIOCDARP:
1185 case SIOCSARP:
1186 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1187 return -EPERM;
1188 /* fall through */
1189 case SIOCGARP:
1190 err = copy_from_user(&r, arg, sizeof(struct arpreq));
1191 if (err)
1192 return -EFAULT;
1193 break;
1194 default:
1195 return -EINVAL;
1196 }
1197
1198 if (r.arp_pa.sa_family != AF_INET)
1199 return -EPFNOSUPPORT;
1200
1201 if (!(r.arp_flags & ATF_PUBL) &&
1202 (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1203 return -EINVAL;
1204 if (!(r.arp_flags & ATF_NETMASK))
1205 ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr =
1206 htonl(0xFFFFFFFFUL);
1207 rtnl_lock();
1208 if (r.arp_dev[0]) {
1209 err = -ENODEV;
1210 dev = __dev_get_by_name(net, r.arp_dev);
1211 if (!dev)
1212 goto out;
1213
1214 /* Mmmm... It is wrong... ARPHRD_NETROM==0 */
1215 if (!r.arp_ha.sa_family)
1216 r.arp_ha.sa_family = dev->type;
1217 err = -EINVAL;
1218 if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type)
1219 goto out;
1220 } else if (cmd == SIOCGARP) {
1221 err = -ENODEV;
1222 goto out;
1223 }
1224
1225 switch (cmd) {
1226 case SIOCDARP:
1227 err = arp_req_delete(net, &r, dev);
1228 break;
1229 case SIOCSARP:
1230 err = arp_req_set(net, &r, dev);
1231 break;
1232 case SIOCGARP:
1233 err = arp_req_get(&r, dev);
1234 break;
1235 }
1236out:
1237 rtnl_unlock();
1238 if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r)))
1239 err = -EFAULT;
1240 return err;
1241}
1242
1243static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1244 void *ptr)
1245{
1246 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1247 struct netdev_notifier_change_info *change_info;
1248
1249 switch (event) {
1250 case NETDEV_CHANGEADDR:
1251 neigh_changeaddr(&arp_tbl, dev);
1252 rt_cache_flush(dev_net(dev));
1253 break;
1254 case NETDEV_CHANGE:
1255 change_info = ptr;
1256 if (change_info->flags_changed & IFF_NOARP)
1257 neigh_changeaddr(&arp_tbl, dev);
1258 break;
1259 default:
1260 break;
1261 }
1262
1263 return NOTIFY_DONE;
1264}
1265
1266static struct notifier_block arp_netdev_notifier = {
1267 .notifier_call = arp_netdev_event,
1268};
1269
1270/* Note, that it is not on notifier chain.
1271 It is necessary, that this routine was called after route cache will be
1272 flushed.
1273 */
1274void arp_ifdown(struct net_device *dev)
1275{
1276 neigh_ifdown(&arp_tbl, dev);
1277}
1278
1279
1280/*
1281 * Called once on startup.
1282 */
1283
1284static struct packet_type arp_packet_type __read_mostly = {
1285 .type = cpu_to_be16(ETH_P_ARP),
1286 .func = arp_rcv,
1287};
1288
1289static int arp_proc_init(void);
1290
1291void __init arp_init(void)
1292{
1293 neigh_table_init(NEIGH_ARP_TABLE, &arp_tbl);
1294
1295 dev_add_pack(&arp_packet_type);
1296 arp_proc_init();
1297#ifdef CONFIG_SYSCTL
1298 neigh_sysctl_register(NULL, &arp_tbl.parms, NULL);
1299#endif
1300 register_netdevice_notifier(&arp_netdev_notifier);
1301}
1302
1303#ifdef CONFIG_PROC_FS
1304#if IS_ENABLED(CONFIG_AX25)
1305
1306/* ------------------------------------------------------------------------ */
1307/*
1308 * ax25 -> ASCII conversion
1309 */
1310static void ax2asc2(ax25_address *a, char *buf)
1311{
1312 char c, *s;
1313 int n;
1314
1315 for (n = 0, s = buf; n < 6; n++) {
1316 c = (a->ax25_call[n] >> 1) & 0x7F;
1317
1318 if (c != ' ')
1319 *s++ = c;
1320 }
1321
1322 *s++ = '-';
1323 n = (a->ax25_call[6] >> 1) & 0x0F;
1324 if (n > 9) {
1325 *s++ = '1';
1326 n -= 10;
1327 }
1328
1329 *s++ = n + '0';
1330 *s++ = '\0';
1331
1332 if (*buf == '\0' || *buf == '-') {
1333 buf[0] = '*';
1334 buf[1] = '\0';
1335 }
1336}
1337#endif /* CONFIG_AX25 */
1338
1339#define HBUFFERLEN 30
1340
1341static void arp_format_neigh_entry(struct seq_file *seq,
1342 struct neighbour *n)
1343{
1344 char hbuffer[HBUFFERLEN];
1345 int k, j;
1346 char tbuf[16];
1347 struct net_device *dev = n->dev;
1348 int hatype = dev->type;
1349
1350 read_lock(&n->lock);
1351 /* Convert hardware address to XX:XX:XX:XX ... form. */
1352#if IS_ENABLED(CONFIG_AX25)
1353 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1354 ax2asc2((ax25_address *)n->ha, hbuffer);
1355 else {
1356#endif
1357 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1358 hbuffer[k++] = hex_asc_hi(n->ha[j]);
1359 hbuffer[k++] = hex_asc_lo(n->ha[j]);
1360 hbuffer[k++] = ':';
1361 }
1362 if (k != 0)
1363 --k;
1364 hbuffer[k] = 0;
1365#if IS_ENABLED(CONFIG_AX25)
1366 }
1367#endif
1368 sprintf(tbuf, "%pI4", n->primary_key);
1369 seq_printf(seq, "%-16s 0x%-10x0x%-10x%-17s * %s\n",
1370 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1371 read_unlock(&n->lock);
1372}
1373
1374static void arp_format_pneigh_entry(struct seq_file *seq,
1375 struct pneigh_entry *n)
1376{
1377 struct net_device *dev = n->dev;
1378 int hatype = dev ? dev->type : 0;
1379 char tbuf[16];
1380
1381 sprintf(tbuf, "%pI4", n->key);
1382 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1383 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1384 dev ? dev->name : "*");
1385}
1386
1387static int arp_seq_show(struct seq_file *seq, void *v)
1388{
1389 if (v == SEQ_START_TOKEN) {
1390 seq_puts(seq, "IP address HW type Flags "
1391 "HW address Mask Device\n");
1392 } else {
1393 struct neigh_seq_state *state = seq->private;
1394
1395 if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1396 arp_format_pneigh_entry(seq, v);
1397 else
1398 arp_format_neigh_entry(seq, v);
1399 }
1400
1401 return 0;
1402}
1403
1404static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1405{
1406 /* Don't want to confuse "arp -a" w/ magic entries,
1407 * so we tell the generic iterator to skip NUD_NOARP.
1408 */
1409 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1410}
1411
1412/* ------------------------------------------------------------------------ */
1413
1414static const struct seq_operations arp_seq_ops = {
1415 .start = arp_seq_start,
1416 .next = neigh_seq_next,
1417 .stop = neigh_seq_stop,
1418 .show = arp_seq_show,
1419};
1420
1421static int arp_seq_open(struct inode *inode, struct file *file)
1422{
1423 return seq_open_net(inode, file, &arp_seq_ops,
1424 sizeof(struct neigh_seq_state));
1425}
1426
1427static const struct file_operations arp_seq_fops = {
1428 .open = arp_seq_open,
1429 .read = seq_read,
1430 .llseek = seq_lseek,
1431 .release = seq_release_net,
1432};
1433
1434
1435static int __net_init arp_net_init(struct net *net)
1436{
1437 if (!proc_create("arp", 0444, net->proc_net, &arp_seq_fops))
1438 return -ENOMEM;
1439 return 0;
1440}
1441
1442static void __net_exit arp_net_exit(struct net *net)
1443{
1444 remove_proc_entry("arp", net->proc_net);
1445}
1446
1447static struct pernet_operations arp_net_ops = {
1448 .init = arp_net_init,
1449 .exit = arp_net_exit,
1450};
1451
1452static int __init arp_proc_init(void)
1453{
1454 return register_pernet_subsys(&arp_net_ops);
1455}
1456
1457#else /* CONFIG_PROC_FS */
1458
1459static int __init arp_proc_init(void)
1460{
1461 return 0;
1462}
1463
1464#endif /* CONFIG_PROC_FS */