Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/* linux/net/ipv4/arp.c
3 *
4 * Copyright (C) 1994 by Florian La Roche
5 *
6 * This module implements the Address Resolution Protocol ARP (RFC 826),
7 * which is used to convert IP addresses (or in the future maybe other
8 * high-level addresses) into a low-level hardware address (like an Ethernet
9 * address).
10 *
11 * Fixes:
12 * Alan Cox : Removed the Ethernet assumptions in
13 * Florian's code
14 * Alan Cox : Fixed some small errors in the ARP
15 * logic
16 * Alan Cox : Allow >4K in /proc
17 * Alan Cox : Make ARP add its own protocol entry
18 * Ross Martin : Rewrote arp_rcv() and arp_get_info()
19 * Stephen Henson : Add AX25 support to arp_get_info()
20 * Alan Cox : Drop data when a device is downed.
21 * Alan Cox : Use init_timer().
22 * Alan Cox : Double lock fixes.
23 * Martin Seine : Move the arphdr structure
24 * to if_arp.h for compatibility.
25 * with BSD based programs.
26 * Andrew Tridgell : Added ARP netmask code and
27 * re-arranged proxy handling.
28 * Alan Cox : Changed to use notifiers.
29 * Niibe Yutaka : Reply for this device or proxies only.
30 * Alan Cox : Don't proxy across hardware types!
31 * Jonathan Naylor : Added support for NET/ROM.
32 * Mike Shaver : RFC1122 checks.
33 * Jonathan Naylor : Only lookup the hardware address for
34 * the correct hardware type.
35 * Germano Caronni : Assorted subtle races.
36 * Craig Schlenter : Don't modify permanent entry
37 * during arp_rcv.
38 * Russ Nelson : Tidied up a few bits.
39 * Alexey Kuznetsov: Major changes to caching and behaviour,
40 * eg intelligent arp probing and
41 * generation
42 * of host down events.
43 * Alan Cox : Missing unlock in device events.
44 * Eckes : ARP ioctl control errors.
45 * Alexey Kuznetsov: Arp free fix.
46 * Manuel Rodriguez: Gratuitous ARP.
47 * Jonathan Layes : Added arpd support through kerneld
48 * message queue (960314)
49 * Mike Shaver : /proc/sys/net/ipv4/arp_* support
50 * Mike McLagan : Routing by source
51 * Stuart Cheshire : Metricom and grat arp fixes
52 * *** FOR 2.1 clean this up ***
53 * Lawrence V. Stefani: (08/12/96) Added FDDI support.
54 * Alan Cox : Took the AP1000 nasty FDDI hack and
55 * folded into the mainstream FDDI code.
56 * Ack spit, Linus how did you allow that
57 * one in...
58 * Jes Sorensen : Make FDDI work again in 2.1.x and
59 * clean up the APFDDI & gen. FDDI bits.
60 * Alexey Kuznetsov: new arp state machine;
61 * now it is in net/core/neighbour.c.
62 * Krzysztof Halasa: Added Frame Relay ARP support.
63 * Arnaldo C. Melo : convert /proc/net/arp to seq_file
64 * Shmulik Hen: Split arp_send to arp_create and
65 * arp_xmit so intermediate drivers like
66 * bonding can change the skb before
67 * sending (e.g. insert 8021q tag).
68 * Harald Welte : convert to make use of jenkins hash
69 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support.
70 */
71
72#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
73
74#include <linux/module.h>
75#include <linux/types.h>
76#include <linux/string.h>
77#include <linux/kernel.h>
78#include <linux/capability.h>
79#include <linux/socket.h>
80#include <linux/sockios.h>
81#include <linux/errno.h>
82#include <linux/in.h>
83#include <linux/mm.h>
84#include <linux/inet.h>
85#include <linux/inetdevice.h>
86#include <linux/netdevice.h>
87#include <linux/etherdevice.h>
88#include <linux/fddidevice.h>
89#include <linux/if_arp.h>
90#include <linux/skbuff.h>
91#include <linux/proc_fs.h>
92#include <linux/seq_file.h>
93#include <linux/stat.h>
94#include <linux/init.h>
95#include <linux/net.h>
96#include <linux/rcupdate.h>
97#include <linux/slab.h>
98#ifdef CONFIG_SYSCTL
99#include <linux/sysctl.h>
100#endif
101
102#include <net/net_namespace.h>
103#include <net/ip.h>
104#include <net/icmp.h>
105#include <net/route.h>
106#include <net/protocol.h>
107#include <net/tcp.h>
108#include <net/sock.h>
109#include <net/arp.h>
110#include <net/ax25.h>
111#include <net/netrom.h>
112#include <net/dst_metadata.h>
113#include <net/ip_tunnels.h>
114
115#include <linux/uaccess.h>
116
117#include <linux/netfilter_arp.h>
118
119/*
120 * Interface to generic neighbour cache.
121 */
122static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd);
123static bool arp_key_eq(const struct neighbour *n, const void *pkey);
124static int arp_constructor(struct neighbour *neigh);
125static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
126static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
127static void parp_redo(struct sk_buff *skb);
128static int arp_is_multicast(const void *pkey);
129
130static const struct neigh_ops arp_generic_ops = {
131 .family = AF_INET,
132 .solicit = arp_solicit,
133 .error_report = arp_error_report,
134 .output = neigh_resolve_output,
135 .connected_output = neigh_connected_output,
136};
137
138static const struct neigh_ops arp_hh_ops = {
139 .family = AF_INET,
140 .solicit = arp_solicit,
141 .error_report = arp_error_report,
142 .output = neigh_resolve_output,
143 .connected_output = neigh_resolve_output,
144};
145
146static const struct neigh_ops arp_direct_ops = {
147 .family = AF_INET,
148 .output = neigh_direct_output,
149 .connected_output = neigh_direct_output,
150};
151
152struct neigh_table arp_tbl = {
153 .family = AF_INET,
154 .key_len = 4,
155 .protocol = cpu_to_be16(ETH_P_IP),
156 .hash = arp_hash,
157 .key_eq = arp_key_eq,
158 .constructor = arp_constructor,
159 .proxy_redo = parp_redo,
160 .is_multicast = arp_is_multicast,
161 .id = "arp_cache",
162 .parms = {
163 .tbl = &arp_tbl,
164 .reachable_time = 30 * HZ,
165 .data = {
166 [NEIGH_VAR_MCAST_PROBES] = 3,
167 [NEIGH_VAR_UCAST_PROBES] = 3,
168 [NEIGH_VAR_RETRANS_TIME] = 1 * HZ,
169 [NEIGH_VAR_BASE_REACHABLE_TIME] = 30 * HZ,
170 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
171 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
172 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
173 [NEIGH_VAR_PROXY_QLEN] = 64,
174 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
175 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
176 [NEIGH_VAR_LOCKTIME] = 1 * HZ,
177 },
178 },
179 .gc_interval = 30 * HZ,
180 .gc_thresh1 = 128,
181 .gc_thresh2 = 512,
182 .gc_thresh3 = 1024,
183};
184EXPORT_SYMBOL(arp_tbl);
185
186int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
187{
188 switch (dev->type) {
189 case ARPHRD_ETHER:
190 case ARPHRD_FDDI:
191 case ARPHRD_IEEE802:
192 ip_eth_mc_map(addr, haddr);
193 return 0;
194 case ARPHRD_INFINIBAND:
195 ip_ib_mc_map(addr, dev->broadcast, haddr);
196 return 0;
197 case ARPHRD_IPGRE:
198 ip_ipgre_mc_map(addr, dev->broadcast, haddr);
199 return 0;
200 default:
201 if (dir) {
202 memcpy(haddr, dev->broadcast, dev->addr_len);
203 return 0;
204 }
205 }
206 return -EINVAL;
207}
208
209
210static u32 arp_hash(const void *pkey,
211 const struct net_device *dev,
212 __u32 *hash_rnd)
213{
214 return arp_hashfn(pkey, dev, hash_rnd);
215}
216
217static bool arp_key_eq(const struct neighbour *neigh, const void *pkey)
218{
219 return neigh_key_eq32(neigh, pkey);
220}
221
222static int arp_constructor(struct neighbour *neigh)
223{
224 __be32 addr;
225 struct net_device *dev = neigh->dev;
226 struct in_device *in_dev;
227 struct neigh_parms *parms;
228 u32 inaddr_any = INADDR_ANY;
229
230 if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT))
231 memcpy(neigh->primary_key, &inaddr_any, arp_tbl.key_len);
232
233 addr = *(__be32 *)neigh->primary_key;
234 rcu_read_lock();
235 in_dev = __in_dev_get_rcu(dev);
236 if (!in_dev) {
237 rcu_read_unlock();
238 return -EINVAL;
239 }
240
241 neigh->type = inet_addr_type_dev_table(dev_net(dev), dev, addr);
242
243 parms = in_dev->arp_parms;
244 __neigh_parms_put(neigh->parms);
245 neigh->parms = neigh_parms_clone(parms);
246 rcu_read_unlock();
247
248 if (!dev->header_ops) {
249 neigh->nud_state = NUD_NOARP;
250 neigh->ops = &arp_direct_ops;
251 neigh->output = neigh_direct_output;
252 } else {
253 /* Good devices (checked by reading texts, but only Ethernet is
254 tested)
255
256 ARPHRD_ETHER: (ethernet, apfddi)
257 ARPHRD_FDDI: (fddi)
258 ARPHRD_IEEE802: (tr)
259 ARPHRD_METRICOM: (strip)
260 ARPHRD_ARCNET:
261 etc. etc. etc.
262
263 ARPHRD_IPDDP will also work, if author repairs it.
264 I did not it, because this driver does not work even
265 in old paradigm.
266 */
267
268 if (neigh->type == RTN_MULTICAST) {
269 neigh->nud_state = NUD_NOARP;
270 arp_mc_map(addr, neigh->ha, dev, 1);
271 } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
272 neigh->nud_state = NUD_NOARP;
273 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
274 } else if (neigh->type == RTN_BROADCAST ||
275 (dev->flags & IFF_POINTOPOINT)) {
276 neigh->nud_state = NUD_NOARP;
277 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
278 }
279
280 if (dev->header_ops->cache)
281 neigh->ops = &arp_hh_ops;
282 else
283 neigh->ops = &arp_generic_ops;
284
285 if (neigh->nud_state & NUD_VALID)
286 neigh->output = neigh->ops->connected_output;
287 else
288 neigh->output = neigh->ops->output;
289 }
290 return 0;
291}
292
293static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
294{
295 dst_link_failure(skb);
296 kfree_skb(skb);
297}
298
299/* Create and send an arp packet. */
300static void arp_send_dst(int type, int ptype, __be32 dest_ip,
301 struct net_device *dev, __be32 src_ip,
302 const unsigned char *dest_hw,
303 const unsigned char *src_hw,
304 const unsigned char *target_hw,
305 struct dst_entry *dst)
306{
307 struct sk_buff *skb;
308
309 /* arp on this interface. */
310 if (dev->flags & IFF_NOARP)
311 return;
312
313 skb = arp_create(type, ptype, dest_ip, dev, src_ip,
314 dest_hw, src_hw, target_hw);
315 if (!skb)
316 return;
317
318 skb_dst_set(skb, dst_clone(dst));
319 arp_xmit(skb);
320}
321
322void arp_send(int type, int ptype, __be32 dest_ip,
323 struct net_device *dev, __be32 src_ip,
324 const unsigned char *dest_hw, const unsigned char *src_hw,
325 const unsigned char *target_hw)
326{
327 arp_send_dst(type, ptype, dest_ip, dev, src_ip, dest_hw, src_hw,
328 target_hw, NULL);
329}
330EXPORT_SYMBOL(arp_send);
331
332static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
333{
334 __be32 saddr = 0;
335 u8 dst_ha[MAX_ADDR_LEN], *dst_hw = NULL;
336 struct net_device *dev = neigh->dev;
337 __be32 target = *(__be32 *)neigh->primary_key;
338 int probes = atomic_read(&neigh->probes);
339 struct in_device *in_dev;
340 struct dst_entry *dst = NULL;
341
342 rcu_read_lock();
343 in_dev = __in_dev_get_rcu(dev);
344 if (!in_dev) {
345 rcu_read_unlock();
346 return;
347 }
348 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
349 default:
350 case 0: /* By default announce any local IP */
351 if (skb && inet_addr_type_dev_table(dev_net(dev), dev,
352 ip_hdr(skb)->saddr) == RTN_LOCAL)
353 saddr = ip_hdr(skb)->saddr;
354 break;
355 case 1: /* Restrict announcements of saddr in same subnet */
356 if (!skb)
357 break;
358 saddr = ip_hdr(skb)->saddr;
359 if (inet_addr_type_dev_table(dev_net(dev), dev,
360 saddr) == RTN_LOCAL) {
361 /* saddr should be known to target */
362 if (inet_addr_onlink(in_dev, target, saddr))
363 break;
364 }
365 saddr = 0;
366 break;
367 case 2: /* Avoid secondary IPs, get a primary/preferred one */
368 break;
369 }
370 rcu_read_unlock();
371
372 if (!saddr)
373 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
374
375 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
376 if (probes < 0) {
377 if (!(neigh->nud_state & NUD_VALID))
378 pr_debug("trying to ucast probe in NUD_INVALID\n");
379 neigh_ha_snapshot(dst_ha, neigh, dev);
380 dst_hw = dst_ha;
381 } else {
382 probes -= NEIGH_VAR(neigh->parms, APP_PROBES);
383 if (probes < 0) {
384 neigh_app_ns(neigh);
385 return;
386 }
387 }
388
389 if (skb && !(dev->priv_flags & IFF_XMIT_DST_RELEASE))
390 dst = skb_dst(skb);
391 arp_send_dst(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
392 dst_hw, dev->dev_addr, NULL, dst);
393}
394
395static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
396{
397 struct net *net = dev_net(in_dev->dev);
398 int scope;
399
400 switch (IN_DEV_ARP_IGNORE(in_dev)) {
401 case 0: /* Reply, the tip is already validated */
402 return 0;
403 case 1: /* Reply only if tip is configured on the incoming interface */
404 sip = 0;
405 scope = RT_SCOPE_HOST;
406 break;
407 case 2: /*
408 * Reply only if tip is configured on the incoming interface
409 * and is in same subnet as sip
410 */
411 scope = RT_SCOPE_HOST;
412 break;
413 case 3: /* Do not reply for scope host addresses */
414 sip = 0;
415 scope = RT_SCOPE_LINK;
416 in_dev = NULL;
417 break;
418 case 4: /* Reserved */
419 case 5:
420 case 6:
421 case 7:
422 return 0;
423 case 8: /* Do not reply */
424 return 1;
425 default:
426 return 0;
427 }
428 return !inet_confirm_addr(net, in_dev, sip, tip, scope);
429}
430
431static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
432{
433 struct rtable *rt;
434 int flag = 0;
435 /*unsigned long now; */
436 struct net *net = dev_net(dev);
437
438 rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev));
439 if (IS_ERR(rt))
440 return 1;
441 if (rt->dst.dev != dev) {
442 __NET_INC_STATS(net, LINUX_MIB_ARPFILTER);
443 flag = 1;
444 }
445 ip_rt_put(rt);
446 return flag;
447}
448
449/*
450 * Check if we can use proxy ARP for this path
451 */
452static inline int arp_fwd_proxy(struct in_device *in_dev,
453 struct net_device *dev, struct rtable *rt)
454{
455 struct in_device *out_dev;
456 int imi, omi = -1;
457
458 if (rt->dst.dev == dev)
459 return 0;
460
461 if (!IN_DEV_PROXY_ARP(in_dev))
462 return 0;
463 imi = IN_DEV_MEDIUM_ID(in_dev);
464 if (imi == 0)
465 return 1;
466 if (imi == -1)
467 return 0;
468
469 /* place to check for proxy_arp for routes */
470
471 out_dev = __in_dev_get_rcu(rt->dst.dev);
472 if (out_dev)
473 omi = IN_DEV_MEDIUM_ID(out_dev);
474
475 return omi != imi && omi != -1;
476}
477
478/*
479 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
480 *
481 * RFC3069 supports proxy arp replies back to the same interface. This
482 * is done to support (ethernet) switch features, like RFC 3069, where
483 * the individual ports are not allowed to communicate with each
484 * other, BUT they are allowed to talk to the upstream router. As
485 * described in RFC 3069, it is possible to allow these hosts to
486 * communicate through the upstream router, by proxy_arp'ing.
487 *
488 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
489 *
490 * This technology is known by different names:
491 * In RFC 3069 it is called VLAN Aggregation.
492 * Cisco and Allied Telesyn call it Private VLAN.
493 * Hewlett-Packard call it Source-Port filtering or port-isolation.
494 * Ericsson call it MAC-Forced Forwarding (RFC Draft).
495 *
496 */
497static inline int arp_fwd_pvlan(struct in_device *in_dev,
498 struct net_device *dev, struct rtable *rt,
499 __be32 sip, __be32 tip)
500{
501 /* Private VLAN is only concerned about the same ethernet segment */
502 if (rt->dst.dev != dev)
503 return 0;
504
505 /* Don't reply on self probes (often done by windowz boxes)*/
506 if (sip == tip)
507 return 0;
508
509 if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
510 return 1;
511 else
512 return 0;
513}
514
515/*
516 * Interface to link layer: send routine and receive handler.
517 */
518
519/*
520 * Create an arp packet. If dest_hw is not set, we create a broadcast
521 * message.
522 */
523struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
524 struct net_device *dev, __be32 src_ip,
525 const unsigned char *dest_hw,
526 const unsigned char *src_hw,
527 const unsigned char *target_hw)
528{
529 struct sk_buff *skb;
530 struct arphdr *arp;
531 unsigned char *arp_ptr;
532 int hlen = LL_RESERVED_SPACE(dev);
533 int tlen = dev->needed_tailroom;
534
535 /*
536 * Allocate a buffer
537 */
538
539 skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC);
540 if (!skb)
541 return NULL;
542
543 skb_reserve(skb, hlen);
544 skb_reset_network_header(skb);
545 arp = skb_put(skb, arp_hdr_len(dev));
546 skb->dev = dev;
547 skb->protocol = htons(ETH_P_ARP);
548 if (!src_hw)
549 src_hw = dev->dev_addr;
550 if (!dest_hw)
551 dest_hw = dev->broadcast;
552
553 /*
554 * Fill the device header for the ARP frame
555 */
556 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
557 goto out;
558
559 /*
560 * Fill out the arp protocol part.
561 *
562 * The arp hardware type should match the device type, except for FDDI,
563 * which (according to RFC 1390) should always equal 1 (Ethernet).
564 */
565 /*
566 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the
567 * DIX code for the protocol. Make these device structure fields.
568 */
569 switch (dev->type) {
570 default:
571 arp->ar_hrd = htons(dev->type);
572 arp->ar_pro = htons(ETH_P_IP);
573 break;
574
575#if IS_ENABLED(CONFIG_AX25)
576 case ARPHRD_AX25:
577 arp->ar_hrd = htons(ARPHRD_AX25);
578 arp->ar_pro = htons(AX25_P_IP);
579 break;
580
581#if IS_ENABLED(CONFIG_NETROM)
582 case ARPHRD_NETROM:
583 arp->ar_hrd = htons(ARPHRD_NETROM);
584 arp->ar_pro = htons(AX25_P_IP);
585 break;
586#endif
587#endif
588
589#if IS_ENABLED(CONFIG_FDDI)
590 case ARPHRD_FDDI:
591 arp->ar_hrd = htons(ARPHRD_ETHER);
592 arp->ar_pro = htons(ETH_P_IP);
593 break;
594#endif
595 }
596
597 arp->ar_hln = dev->addr_len;
598 arp->ar_pln = 4;
599 arp->ar_op = htons(type);
600
601 arp_ptr = (unsigned char *)(arp + 1);
602
603 memcpy(arp_ptr, src_hw, dev->addr_len);
604 arp_ptr += dev->addr_len;
605 memcpy(arp_ptr, &src_ip, 4);
606 arp_ptr += 4;
607
608 switch (dev->type) {
609#if IS_ENABLED(CONFIG_FIREWIRE_NET)
610 case ARPHRD_IEEE1394:
611 break;
612#endif
613 default:
614 if (target_hw)
615 memcpy(arp_ptr, target_hw, dev->addr_len);
616 else
617 memset(arp_ptr, 0, dev->addr_len);
618 arp_ptr += dev->addr_len;
619 }
620 memcpy(arp_ptr, &dest_ip, 4);
621
622 return skb;
623
624out:
625 kfree_skb(skb);
626 return NULL;
627}
628EXPORT_SYMBOL(arp_create);
629
630static int arp_xmit_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
631{
632 return dev_queue_xmit(skb);
633}
634
635/*
636 * Send an arp packet.
637 */
638void arp_xmit(struct sk_buff *skb)
639{
640 /* Send it off, maybe filter it using firewalling first. */
641 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT,
642 dev_net(skb->dev), NULL, skb, NULL, skb->dev,
643 arp_xmit_finish);
644}
645EXPORT_SYMBOL(arp_xmit);
646
647static bool arp_is_garp(struct net *net, struct net_device *dev,
648 int *addr_type, __be16 ar_op,
649 __be32 sip, __be32 tip,
650 unsigned char *sha, unsigned char *tha)
651{
652 bool is_garp = tip == sip;
653
654 /* Gratuitous ARP _replies_ also require target hwaddr to be
655 * the same as source.
656 */
657 if (is_garp && ar_op == htons(ARPOP_REPLY))
658 is_garp =
659 /* IPv4 over IEEE 1394 doesn't provide target
660 * hardware address field in its ARP payload.
661 */
662 tha &&
663 !memcmp(tha, sha, dev->addr_len);
664
665 if (is_garp) {
666 *addr_type = inet_addr_type_dev_table(net, dev, sip);
667 if (*addr_type != RTN_UNICAST)
668 is_garp = false;
669 }
670 return is_garp;
671}
672
673/*
674 * Process an arp request.
675 */
676
677static int arp_process(struct net *net, struct sock *sk, struct sk_buff *skb)
678{
679 struct net_device *dev = skb->dev;
680 struct in_device *in_dev = __in_dev_get_rcu(dev);
681 struct arphdr *arp;
682 unsigned char *arp_ptr;
683 struct rtable *rt;
684 unsigned char *sha;
685 unsigned char *tha = NULL;
686 __be32 sip, tip;
687 u16 dev_type = dev->type;
688 int addr_type;
689 struct neighbour *n;
690 struct dst_entry *reply_dst = NULL;
691 bool is_garp = false;
692
693 /* arp_rcv below verifies the ARP header and verifies the device
694 * is ARP'able.
695 */
696
697 if (!in_dev)
698 goto out_free_skb;
699
700 arp = arp_hdr(skb);
701
702 switch (dev_type) {
703 default:
704 if (arp->ar_pro != htons(ETH_P_IP) ||
705 htons(dev_type) != arp->ar_hrd)
706 goto out_free_skb;
707 break;
708 case ARPHRD_ETHER:
709 case ARPHRD_FDDI:
710 case ARPHRD_IEEE802:
711 /*
712 * ETHERNET, and Fibre Channel (which are IEEE 802
713 * devices, according to RFC 2625) devices will accept ARP
714 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
715 * This is the case also of FDDI, where the RFC 1390 says that
716 * FDDI devices should accept ARP hardware of (1) Ethernet,
717 * however, to be more robust, we'll accept both 1 (Ethernet)
718 * or 6 (IEEE 802.2)
719 */
720 if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
721 arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
722 arp->ar_pro != htons(ETH_P_IP))
723 goto out_free_skb;
724 break;
725 case ARPHRD_AX25:
726 if (arp->ar_pro != htons(AX25_P_IP) ||
727 arp->ar_hrd != htons(ARPHRD_AX25))
728 goto out_free_skb;
729 break;
730 case ARPHRD_NETROM:
731 if (arp->ar_pro != htons(AX25_P_IP) ||
732 arp->ar_hrd != htons(ARPHRD_NETROM))
733 goto out_free_skb;
734 break;
735 }
736
737 /* Understand only these message types */
738
739 if (arp->ar_op != htons(ARPOP_REPLY) &&
740 arp->ar_op != htons(ARPOP_REQUEST))
741 goto out_free_skb;
742
743/*
744 * Extract fields
745 */
746 arp_ptr = (unsigned char *)(arp + 1);
747 sha = arp_ptr;
748 arp_ptr += dev->addr_len;
749 memcpy(&sip, arp_ptr, 4);
750 arp_ptr += 4;
751 switch (dev_type) {
752#if IS_ENABLED(CONFIG_FIREWIRE_NET)
753 case ARPHRD_IEEE1394:
754 break;
755#endif
756 default:
757 tha = arp_ptr;
758 arp_ptr += dev->addr_len;
759 }
760 memcpy(&tip, arp_ptr, 4);
761/*
762 * Check for bad requests for 127.x.x.x and requests for multicast
763 * addresses. If this is one such, delete it.
764 */
765 if (ipv4_is_multicast(tip) ||
766 (!IN_DEV_ROUTE_LOCALNET(in_dev) && ipv4_is_loopback(tip)))
767 goto out_free_skb;
768
769 /*
770 * For some 802.11 wireless deployments (and possibly other networks),
771 * there will be an ARP proxy and gratuitous ARP frames are attacks
772 * and thus should not be accepted.
773 */
774 if (sip == tip && IN_DEV_ORCONF(in_dev, DROP_GRATUITOUS_ARP))
775 goto out_free_skb;
776
777/*
778 * Special case: We must set Frame Relay source Q.922 address
779 */
780 if (dev_type == ARPHRD_DLCI)
781 sha = dev->broadcast;
782
783/*
784 * Process entry. The idea here is we want to send a reply if it is a
785 * request for us or if it is a request for someone else that we hold
786 * a proxy for. We want to add an entry to our cache if it is a reply
787 * to us or if it is a request for our address.
788 * (The assumption for this last is that if someone is requesting our
789 * address, they are probably intending to talk to us, so it saves time
790 * if we cache their address. Their address is also probably not in
791 * our cache, since ours is not in their cache.)
792 *
793 * Putting this another way, we only care about replies if they are to
794 * us, in which case we add them to the cache. For requests, we care
795 * about those for us and those for our proxies. We reply to both,
796 * and in the case of requests for us we add the requester to the arp
797 * cache.
798 */
799
800 if (arp->ar_op == htons(ARPOP_REQUEST) && skb_metadata_dst(skb))
801 reply_dst = (struct dst_entry *)
802 iptunnel_metadata_reply(skb_metadata_dst(skb),
803 GFP_ATOMIC);
804
805 /* Special case: IPv4 duplicate address detection packet (RFC2131) */
806 if (sip == 0) {
807 if (arp->ar_op == htons(ARPOP_REQUEST) &&
808 inet_addr_type_dev_table(net, dev, tip) == RTN_LOCAL &&
809 !arp_ignore(in_dev, sip, tip))
810 arp_send_dst(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip,
811 sha, dev->dev_addr, sha, reply_dst);
812 goto out_consume_skb;
813 }
814
815 if (arp->ar_op == htons(ARPOP_REQUEST) &&
816 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
817
818 rt = skb_rtable(skb);
819 addr_type = rt->rt_type;
820
821 if (addr_type == RTN_LOCAL) {
822 int dont_send;
823
824 dont_send = arp_ignore(in_dev, sip, tip);
825 if (!dont_send && IN_DEV_ARPFILTER(in_dev))
826 dont_send = arp_filter(sip, tip, dev);
827 if (!dont_send) {
828 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
829 if (n) {
830 arp_send_dst(ARPOP_REPLY, ETH_P_ARP,
831 sip, dev, tip, sha,
832 dev->dev_addr, sha,
833 reply_dst);
834 neigh_release(n);
835 }
836 }
837 goto out_consume_skb;
838 } else if (IN_DEV_FORWARD(in_dev)) {
839 if (addr_type == RTN_UNICAST &&
840 (arp_fwd_proxy(in_dev, dev, rt) ||
841 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
842 (rt->dst.dev != dev &&
843 pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
844 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
845 if (n)
846 neigh_release(n);
847
848 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
849 skb->pkt_type == PACKET_HOST ||
850 NEIGH_VAR(in_dev->arp_parms, PROXY_DELAY) == 0) {
851 arp_send_dst(ARPOP_REPLY, ETH_P_ARP,
852 sip, dev, tip, sha,
853 dev->dev_addr, sha,
854 reply_dst);
855 } else {
856 pneigh_enqueue(&arp_tbl,
857 in_dev->arp_parms, skb);
858 goto out_free_dst;
859 }
860 goto out_consume_skb;
861 }
862 }
863 }
864
865 /* Update our ARP tables */
866
867 n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
868
869 addr_type = -1;
870 if (n || IN_DEV_ARP_ACCEPT(in_dev)) {
871 is_garp = arp_is_garp(net, dev, &addr_type, arp->ar_op,
872 sip, tip, sha, tha);
873 }
874
875 if (IN_DEV_ARP_ACCEPT(in_dev)) {
876 /* Unsolicited ARP is not accepted by default.
877 It is possible, that this option should be enabled for some
878 devices (strip is candidate)
879 */
880 if (!n &&
881 (is_garp ||
882 (arp->ar_op == htons(ARPOP_REPLY) &&
883 (addr_type == RTN_UNICAST ||
884 (addr_type < 0 &&
885 /* postpone calculation to as late as possible */
886 inet_addr_type_dev_table(net, dev, sip) ==
887 RTN_UNICAST)))))
888 n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
889 }
890
891 if (n) {
892 int state = NUD_REACHABLE;
893 int override;
894
895 /* If several different ARP replies follows back-to-back,
896 use the FIRST one. It is possible, if several proxy
897 agents are active. Taking the first reply prevents
898 arp trashing and chooses the fastest router.
899 */
900 override = time_after(jiffies,
901 n->updated +
902 NEIGH_VAR(n->parms, LOCKTIME)) ||
903 is_garp;
904
905 /* Broadcast replies and request packets
906 do not assert neighbour reachability.
907 */
908 if (arp->ar_op != htons(ARPOP_REPLY) ||
909 skb->pkt_type != PACKET_HOST)
910 state = NUD_STALE;
911 neigh_update(n, sha, state,
912 override ? NEIGH_UPDATE_F_OVERRIDE : 0, 0);
913 neigh_release(n);
914 }
915
916out_consume_skb:
917 consume_skb(skb);
918
919out_free_dst:
920 dst_release(reply_dst);
921 return NET_RX_SUCCESS;
922
923out_free_skb:
924 kfree_skb(skb);
925 return NET_RX_DROP;
926}
927
928static void parp_redo(struct sk_buff *skb)
929{
930 arp_process(dev_net(skb->dev), NULL, skb);
931}
932
933static int arp_is_multicast(const void *pkey)
934{
935 return ipv4_is_multicast(*((__be32 *)pkey));
936}
937
938/*
939 * Receive an arp request from the device layer.
940 */
941
942static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
943 struct packet_type *pt, struct net_device *orig_dev)
944{
945 const struct arphdr *arp;
946
947 /* do not tweak dropwatch on an ARP we will ignore */
948 if (dev->flags & IFF_NOARP ||
949 skb->pkt_type == PACKET_OTHERHOST ||
950 skb->pkt_type == PACKET_LOOPBACK)
951 goto consumeskb;
952
953 skb = skb_share_check(skb, GFP_ATOMIC);
954 if (!skb)
955 goto out_of_mem;
956
957 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */
958 if (!pskb_may_pull(skb, arp_hdr_len(dev)))
959 goto freeskb;
960
961 arp = arp_hdr(skb);
962 if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4)
963 goto freeskb;
964
965 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
966
967 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN,
968 dev_net(dev), NULL, skb, dev, NULL,
969 arp_process);
970
971consumeskb:
972 consume_skb(skb);
973 return NET_RX_SUCCESS;
974freeskb:
975 kfree_skb(skb);
976out_of_mem:
977 return NET_RX_DROP;
978}
979
980/*
981 * User level interface (ioctl)
982 */
983
984/*
985 * Set (create) an ARP cache entry.
986 */
987
988static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
989{
990 if (!dev) {
991 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
992 return 0;
993 }
994 if (__in_dev_get_rtnl(dev)) {
995 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
996 return 0;
997 }
998 return -ENXIO;
999}
1000
1001static int arp_req_set_public(struct net *net, struct arpreq *r,
1002 struct net_device *dev)
1003{
1004 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1005 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1006
1007 if (mask && mask != htonl(0xFFFFFFFF))
1008 return -EINVAL;
1009 if (!dev && (r->arp_flags & ATF_COM)) {
1010 dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family,
1011 r->arp_ha.sa_data);
1012 if (!dev)
1013 return -ENODEV;
1014 }
1015 if (mask) {
1016 if (!pneigh_lookup(&arp_tbl, net, &ip, dev, 1))
1017 return -ENOBUFS;
1018 return 0;
1019 }
1020
1021 return arp_req_set_proxy(net, dev, 1);
1022}
1023
1024static int arp_req_set(struct net *net, struct arpreq *r,
1025 struct net_device *dev)
1026{
1027 __be32 ip;
1028 struct neighbour *neigh;
1029 int err;
1030
1031 if (r->arp_flags & ATF_PUBL)
1032 return arp_req_set_public(net, r, dev);
1033
1034 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1035 if (r->arp_flags & ATF_PERM)
1036 r->arp_flags |= ATF_COM;
1037 if (!dev) {
1038 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1039
1040 if (IS_ERR(rt))
1041 return PTR_ERR(rt);
1042 dev = rt->dst.dev;
1043 ip_rt_put(rt);
1044 if (!dev)
1045 return -EINVAL;
1046 }
1047 switch (dev->type) {
1048#if IS_ENABLED(CONFIG_FDDI)
1049 case ARPHRD_FDDI:
1050 /*
1051 * According to RFC 1390, FDDI devices should accept ARP
1052 * hardware types of 1 (Ethernet). However, to be more
1053 * robust, we'll accept hardware types of either 1 (Ethernet)
1054 * or 6 (IEEE 802.2).
1055 */
1056 if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1057 r->arp_ha.sa_family != ARPHRD_ETHER &&
1058 r->arp_ha.sa_family != ARPHRD_IEEE802)
1059 return -EINVAL;
1060 break;
1061#endif
1062 default:
1063 if (r->arp_ha.sa_family != dev->type)
1064 return -EINVAL;
1065 break;
1066 }
1067
1068 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1069 err = PTR_ERR(neigh);
1070 if (!IS_ERR(neigh)) {
1071 unsigned int state = NUD_STALE;
1072 if (r->arp_flags & ATF_PERM)
1073 state = NUD_PERMANENT;
1074 err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1075 r->arp_ha.sa_data : NULL, state,
1076 NEIGH_UPDATE_F_OVERRIDE |
1077 NEIGH_UPDATE_F_ADMIN, 0);
1078 neigh_release(neigh);
1079 }
1080 return err;
1081}
1082
1083static unsigned int arp_state_to_flags(struct neighbour *neigh)
1084{
1085 if (neigh->nud_state&NUD_PERMANENT)
1086 return ATF_PERM | ATF_COM;
1087 else if (neigh->nud_state&NUD_VALID)
1088 return ATF_COM;
1089 else
1090 return 0;
1091}
1092
1093/*
1094 * Get an ARP cache entry.
1095 */
1096
1097static int arp_req_get(struct arpreq *r, struct net_device *dev)
1098{
1099 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1100 struct neighbour *neigh;
1101 int err = -ENXIO;
1102
1103 neigh = neigh_lookup(&arp_tbl, &ip, dev);
1104 if (neigh) {
1105 if (!(neigh->nud_state & NUD_NOARP)) {
1106 read_lock_bh(&neigh->lock);
1107 memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len);
1108 r->arp_flags = arp_state_to_flags(neigh);
1109 read_unlock_bh(&neigh->lock);
1110 r->arp_ha.sa_family = dev->type;
1111 strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev));
1112 err = 0;
1113 }
1114 neigh_release(neigh);
1115 }
1116 return err;
1117}
1118
1119static int arp_invalidate(struct net_device *dev, __be32 ip)
1120{
1121 struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1122 int err = -ENXIO;
1123 struct neigh_table *tbl = &arp_tbl;
1124
1125 if (neigh) {
1126 if (neigh->nud_state & ~NUD_NOARP)
1127 err = neigh_update(neigh, NULL, NUD_FAILED,
1128 NEIGH_UPDATE_F_OVERRIDE|
1129 NEIGH_UPDATE_F_ADMIN, 0);
1130 write_lock_bh(&tbl->lock);
1131 neigh_release(neigh);
1132 neigh_remove_one(neigh, tbl);
1133 write_unlock_bh(&tbl->lock);
1134 }
1135
1136 return err;
1137}
1138
1139static int arp_req_delete_public(struct net *net, struct arpreq *r,
1140 struct net_device *dev)
1141{
1142 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1143 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1144
1145 if (mask == htonl(0xFFFFFFFF))
1146 return pneigh_delete(&arp_tbl, net, &ip, dev);
1147
1148 if (mask)
1149 return -EINVAL;
1150
1151 return arp_req_set_proxy(net, dev, 0);
1152}
1153
1154static int arp_req_delete(struct net *net, struct arpreq *r,
1155 struct net_device *dev)
1156{
1157 __be32 ip;
1158
1159 if (r->arp_flags & ATF_PUBL)
1160 return arp_req_delete_public(net, r, dev);
1161
1162 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1163 if (!dev) {
1164 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1165 if (IS_ERR(rt))
1166 return PTR_ERR(rt);
1167 dev = rt->dst.dev;
1168 ip_rt_put(rt);
1169 if (!dev)
1170 return -EINVAL;
1171 }
1172 return arp_invalidate(dev, ip);
1173}
1174
1175/*
1176 * Handle an ARP layer I/O control request.
1177 */
1178
1179int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1180{
1181 int err;
1182 struct arpreq r;
1183 struct net_device *dev = NULL;
1184
1185 switch (cmd) {
1186 case SIOCDARP:
1187 case SIOCSARP:
1188 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1189 return -EPERM;
1190 fallthrough;
1191 case SIOCGARP:
1192 err = copy_from_user(&r, arg, sizeof(struct arpreq));
1193 if (err)
1194 return -EFAULT;
1195 break;
1196 default:
1197 return -EINVAL;
1198 }
1199
1200 if (r.arp_pa.sa_family != AF_INET)
1201 return -EPFNOSUPPORT;
1202
1203 if (!(r.arp_flags & ATF_PUBL) &&
1204 (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1205 return -EINVAL;
1206 if (!(r.arp_flags & ATF_NETMASK))
1207 ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr =
1208 htonl(0xFFFFFFFFUL);
1209 rtnl_lock();
1210 if (r.arp_dev[0]) {
1211 err = -ENODEV;
1212 dev = __dev_get_by_name(net, r.arp_dev);
1213 if (!dev)
1214 goto out;
1215
1216 /* Mmmm... It is wrong... ARPHRD_NETROM==0 */
1217 if (!r.arp_ha.sa_family)
1218 r.arp_ha.sa_family = dev->type;
1219 err = -EINVAL;
1220 if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type)
1221 goto out;
1222 } else if (cmd == SIOCGARP) {
1223 err = -ENODEV;
1224 goto out;
1225 }
1226
1227 switch (cmd) {
1228 case SIOCDARP:
1229 err = arp_req_delete(net, &r, dev);
1230 break;
1231 case SIOCSARP:
1232 err = arp_req_set(net, &r, dev);
1233 break;
1234 case SIOCGARP:
1235 err = arp_req_get(&r, dev);
1236 break;
1237 }
1238out:
1239 rtnl_unlock();
1240 if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r)))
1241 err = -EFAULT;
1242 return err;
1243}
1244
1245static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1246 void *ptr)
1247{
1248 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1249 struct netdev_notifier_change_info *change_info;
1250
1251 switch (event) {
1252 case NETDEV_CHANGEADDR:
1253 neigh_changeaddr(&arp_tbl, dev);
1254 rt_cache_flush(dev_net(dev));
1255 break;
1256 case NETDEV_CHANGE:
1257 change_info = ptr;
1258 if (change_info->flags_changed & IFF_NOARP)
1259 neigh_changeaddr(&arp_tbl, dev);
1260 if (!netif_carrier_ok(dev))
1261 neigh_carrier_down(&arp_tbl, dev);
1262 break;
1263 default:
1264 break;
1265 }
1266
1267 return NOTIFY_DONE;
1268}
1269
1270static struct notifier_block arp_netdev_notifier = {
1271 .notifier_call = arp_netdev_event,
1272};
1273
1274/* Note, that it is not on notifier chain.
1275 It is necessary, that this routine was called after route cache will be
1276 flushed.
1277 */
1278void arp_ifdown(struct net_device *dev)
1279{
1280 neigh_ifdown(&arp_tbl, dev);
1281}
1282
1283
1284/*
1285 * Called once on startup.
1286 */
1287
1288static struct packet_type arp_packet_type __read_mostly = {
1289 .type = cpu_to_be16(ETH_P_ARP),
1290 .func = arp_rcv,
1291};
1292
1293static int arp_proc_init(void);
1294
1295void __init arp_init(void)
1296{
1297 neigh_table_init(NEIGH_ARP_TABLE, &arp_tbl);
1298
1299 dev_add_pack(&arp_packet_type);
1300 arp_proc_init();
1301#ifdef CONFIG_SYSCTL
1302 neigh_sysctl_register(NULL, &arp_tbl.parms, NULL);
1303#endif
1304 register_netdevice_notifier(&arp_netdev_notifier);
1305}
1306
1307#ifdef CONFIG_PROC_FS
1308#if IS_ENABLED(CONFIG_AX25)
1309
1310/* ------------------------------------------------------------------------ */
1311/*
1312 * ax25 -> ASCII conversion
1313 */
1314static void ax2asc2(ax25_address *a, char *buf)
1315{
1316 char c, *s;
1317 int n;
1318
1319 for (n = 0, s = buf; n < 6; n++) {
1320 c = (a->ax25_call[n] >> 1) & 0x7F;
1321
1322 if (c != ' ')
1323 *s++ = c;
1324 }
1325
1326 *s++ = '-';
1327 n = (a->ax25_call[6] >> 1) & 0x0F;
1328 if (n > 9) {
1329 *s++ = '1';
1330 n -= 10;
1331 }
1332
1333 *s++ = n + '0';
1334 *s++ = '\0';
1335
1336 if (*buf == '\0' || *buf == '-') {
1337 buf[0] = '*';
1338 buf[1] = '\0';
1339 }
1340}
1341#endif /* CONFIG_AX25 */
1342
1343#define HBUFFERLEN 30
1344
1345static void arp_format_neigh_entry(struct seq_file *seq,
1346 struct neighbour *n)
1347{
1348 char hbuffer[HBUFFERLEN];
1349 int k, j;
1350 char tbuf[16];
1351 struct net_device *dev = n->dev;
1352 int hatype = dev->type;
1353
1354 read_lock(&n->lock);
1355 /* Convert hardware address to XX:XX:XX:XX ... form. */
1356#if IS_ENABLED(CONFIG_AX25)
1357 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1358 ax2asc2((ax25_address *)n->ha, hbuffer);
1359 else {
1360#endif
1361 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1362 hbuffer[k++] = hex_asc_hi(n->ha[j]);
1363 hbuffer[k++] = hex_asc_lo(n->ha[j]);
1364 hbuffer[k++] = ':';
1365 }
1366 if (k != 0)
1367 --k;
1368 hbuffer[k] = 0;
1369#if IS_ENABLED(CONFIG_AX25)
1370 }
1371#endif
1372 sprintf(tbuf, "%pI4", n->primary_key);
1373 seq_printf(seq, "%-16s 0x%-10x0x%-10x%-17s * %s\n",
1374 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1375 read_unlock(&n->lock);
1376}
1377
1378static void arp_format_pneigh_entry(struct seq_file *seq,
1379 struct pneigh_entry *n)
1380{
1381 struct net_device *dev = n->dev;
1382 int hatype = dev ? dev->type : 0;
1383 char tbuf[16];
1384
1385 sprintf(tbuf, "%pI4", n->key);
1386 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1387 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1388 dev ? dev->name : "*");
1389}
1390
1391static int arp_seq_show(struct seq_file *seq, void *v)
1392{
1393 if (v == SEQ_START_TOKEN) {
1394 seq_puts(seq, "IP address HW type Flags "
1395 "HW address Mask Device\n");
1396 } else {
1397 struct neigh_seq_state *state = seq->private;
1398
1399 if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1400 arp_format_pneigh_entry(seq, v);
1401 else
1402 arp_format_neigh_entry(seq, v);
1403 }
1404
1405 return 0;
1406}
1407
1408static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1409{
1410 /* Don't want to confuse "arp -a" w/ magic entries,
1411 * so we tell the generic iterator to skip NUD_NOARP.
1412 */
1413 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1414}
1415
1416/* ------------------------------------------------------------------------ */
1417
1418static const struct seq_operations arp_seq_ops = {
1419 .start = arp_seq_start,
1420 .next = neigh_seq_next,
1421 .stop = neigh_seq_stop,
1422 .show = arp_seq_show,
1423};
1424
1425/* ------------------------------------------------------------------------ */
1426
1427static int __net_init arp_net_init(struct net *net)
1428{
1429 if (!proc_create_net("arp", 0444, net->proc_net, &arp_seq_ops,
1430 sizeof(struct neigh_seq_state)))
1431 return -ENOMEM;
1432 return 0;
1433}
1434
1435static void __net_exit arp_net_exit(struct net *net)
1436{
1437 remove_proc_entry("arp", net->proc_net);
1438}
1439
1440static struct pernet_operations arp_net_ops = {
1441 .init = arp_net_init,
1442 .exit = arp_net_exit,
1443};
1444
1445static int __init arp_proc_init(void)
1446{
1447 return register_pernet_subsys(&arp_net_ops);
1448}
1449
1450#else /* CONFIG_PROC_FS */
1451
1452static int __init arp_proc_init(void)
1453{
1454 return 0;
1455}
1456
1457#endif /* CONFIG_PROC_FS */
1/* linux/net/ipv4/arp.c
2 *
3 * Copyright (C) 1994 by Florian La Roche
4 *
5 * This module implements the Address Resolution Protocol ARP (RFC 826),
6 * which is used to convert IP addresses (or in the future maybe other
7 * high-level addresses) into a low-level hardware address (like an Ethernet
8 * address).
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
14 *
15 * Fixes:
16 * Alan Cox : Removed the Ethernet assumptions in
17 * Florian's code
18 * Alan Cox : Fixed some small errors in the ARP
19 * logic
20 * Alan Cox : Allow >4K in /proc
21 * Alan Cox : Make ARP add its own protocol entry
22 * Ross Martin : Rewrote arp_rcv() and arp_get_info()
23 * Stephen Henson : Add AX25 support to arp_get_info()
24 * Alan Cox : Drop data when a device is downed.
25 * Alan Cox : Use init_timer().
26 * Alan Cox : Double lock fixes.
27 * Martin Seine : Move the arphdr structure
28 * to if_arp.h for compatibility.
29 * with BSD based programs.
30 * Andrew Tridgell : Added ARP netmask code and
31 * re-arranged proxy handling.
32 * Alan Cox : Changed to use notifiers.
33 * Niibe Yutaka : Reply for this device or proxies only.
34 * Alan Cox : Don't proxy across hardware types!
35 * Jonathan Naylor : Added support for NET/ROM.
36 * Mike Shaver : RFC1122 checks.
37 * Jonathan Naylor : Only lookup the hardware address for
38 * the correct hardware type.
39 * Germano Caronni : Assorted subtle races.
40 * Craig Schlenter : Don't modify permanent entry
41 * during arp_rcv.
42 * Russ Nelson : Tidied up a few bits.
43 * Alexey Kuznetsov: Major changes to caching and behaviour,
44 * eg intelligent arp probing and
45 * generation
46 * of host down events.
47 * Alan Cox : Missing unlock in device events.
48 * Eckes : ARP ioctl control errors.
49 * Alexey Kuznetsov: Arp free fix.
50 * Manuel Rodriguez: Gratuitous ARP.
51 * Jonathan Layes : Added arpd support through kerneld
52 * message queue (960314)
53 * Mike Shaver : /proc/sys/net/ipv4/arp_* support
54 * Mike McLagan : Routing by source
55 * Stuart Cheshire : Metricom and grat arp fixes
56 * *** FOR 2.1 clean this up ***
57 * Lawrence V. Stefani: (08/12/96) Added FDDI support.
58 * Alan Cox : Took the AP1000 nasty FDDI hack and
59 * folded into the mainstream FDDI code.
60 * Ack spit, Linus how did you allow that
61 * one in...
62 * Jes Sorensen : Make FDDI work again in 2.1.x and
63 * clean up the APFDDI & gen. FDDI bits.
64 * Alexey Kuznetsov: new arp state machine;
65 * now it is in net/core/neighbour.c.
66 * Krzysztof Halasa: Added Frame Relay ARP support.
67 * Arnaldo C. Melo : convert /proc/net/arp to seq_file
68 * Shmulik Hen: Split arp_send to arp_create and
69 * arp_xmit so intermediate drivers like
70 * bonding can change the skb before
71 * sending (e.g. insert 8021q tag).
72 * Harald Welte : convert to make use of jenkins hash
73 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support.
74 */
75
76#include <linux/module.h>
77#include <linux/types.h>
78#include <linux/string.h>
79#include <linux/kernel.h>
80#include <linux/capability.h>
81#include <linux/socket.h>
82#include <linux/sockios.h>
83#include <linux/errno.h>
84#include <linux/in.h>
85#include <linux/mm.h>
86#include <linux/inet.h>
87#include <linux/inetdevice.h>
88#include <linux/netdevice.h>
89#include <linux/etherdevice.h>
90#include <linux/fddidevice.h>
91#include <linux/if_arp.h>
92#include <linux/trdevice.h>
93#include <linux/skbuff.h>
94#include <linux/proc_fs.h>
95#include <linux/seq_file.h>
96#include <linux/stat.h>
97#include <linux/init.h>
98#include <linux/net.h>
99#include <linux/rcupdate.h>
100#include <linux/slab.h>
101#ifdef CONFIG_SYSCTL
102#include <linux/sysctl.h>
103#endif
104
105#include <net/net_namespace.h>
106#include <net/ip.h>
107#include <net/icmp.h>
108#include <net/route.h>
109#include <net/protocol.h>
110#include <net/tcp.h>
111#include <net/sock.h>
112#include <net/arp.h>
113#include <net/ax25.h>
114#include <net/netrom.h>
115#if defined(CONFIG_ATM_CLIP) || defined(CONFIG_ATM_CLIP_MODULE)
116#include <net/atmclip.h>
117struct neigh_table *clip_tbl_hook;
118EXPORT_SYMBOL(clip_tbl_hook);
119#endif
120
121#include <asm/system.h>
122#include <linux/uaccess.h>
123
124#include <linux/netfilter_arp.h>
125
126/*
127 * Interface to generic neighbour cache.
128 */
129static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 rnd);
130static int arp_constructor(struct neighbour *neigh);
131static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
132static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
133static void parp_redo(struct sk_buff *skb);
134
135static const struct neigh_ops arp_generic_ops = {
136 .family = AF_INET,
137 .solicit = arp_solicit,
138 .error_report = arp_error_report,
139 .output = neigh_resolve_output,
140 .connected_output = neigh_connected_output,
141};
142
143static const struct neigh_ops arp_hh_ops = {
144 .family = AF_INET,
145 .solicit = arp_solicit,
146 .error_report = arp_error_report,
147 .output = neigh_resolve_output,
148 .connected_output = neigh_resolve_output,
149};
150
151static const struct neigh_ops arp_direct_ops = {
152 .family = AF_INET,
153 .output = neigh_direct_output,
154 .connected_output = neigh_direct_output,
155};
156
157static const struct neigh_ops arp_broken_ops = {
158 .family = AF_INET,
159 .solicit = arp_solicit,
160 .error_report = arp_error_report,
161 .output = neigh_compat_output,
162 .connected_output = neigh_compat_output,
163};
164
165struct neigh_table arp_tbl = {
166 .family = AF_INET,
167 .entry_size = sizeof(struct neighbour) + 4,
168 .key_len = 4,
169 .hash = arp_hash,
170 .constructor = arp_constructor,
171 .proxy_redo = parp_redo,
172 .id = "arp_cache",
173 .parms = {
174 .tbl = &arp_tbl,
175 .base_reachable_time = 30 * HZ,
176 .retrans_time = 1 * HZ,
177 .gc_staletime = 60 * HZ,
178 .reachable_time = 30 * HZ,
179 .delay_probe_time = 5 * HZ,
180 .queue_len = 3,
181 .ucast_probes = 3,
182 .mcast_probes = 3,
183 .anycast_delay = 1 * HZ,
184 .proxy_delay = (8 * HZ) / 10,
185 .proxy_qlen = 64,
186 .locktime = 1 * HZ,
187 },
188 .gc_interval = 30 * HZ,
189 .gc_thresh1 = 128,
190 .gc_thresh2 = 512,
191 .gc_thresh3 = 1024,
192};
193EXPORT_SYMBOL(arp_tbl);
194
195int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
196{
197 switch (dev->type) {
198 case ARPHRD_ETHER:
199 case ARPHRD_FDDI:
200 case ARPHRD_IEEE802:
201 ip_eth_mc_map(addr, haddr);
202 return 0;
203 case ARPHRD_IEEE802_TR:
204 ip_tr_mc_map(addr, haddr);
205 return 0;
206 case ARPHRD_INFINIBAND:
207 ip_ib_mc_map(addr, dev->broadcast, haddr);
208 return 0;
209 case ARPHRD_IPGRE:
210 ip_ipgre_mc_map(addr, dev->broadcast, haddr);
211 return 0;
212 default:
213 if (dir) {
214 memcpy(haddr, dev->broadcast, dev->addr_len);
215 return 0;
216 }
217 }
218 return -EINVAL;
219}
220
221
222static u32 arp_hash(const void *pkey,
223 const struct net_device *dev,
224 __u32 hash_rnd)
225{
226 return arp_hashfn(*(u32 *)pkey, dev, hash_rnd);
227}
228
229static int arp_constructor(struct neighbour *neigh)
230{
231 __be32 addr = *(__be32 *)neigh->primary_key;
232 struct net_device *dev = neigh->dev;
233 struct in_device *in_dev;
234 struct neigh_parms *parms;
235
236 rcu_read_lock();
237 in_dev = __in_dev_get_rcu(dev);
238 if (in_dev == NULL) {
239 rcu_read_unlock();
240 return -EINVAL;
241 }
242
243 neigh->type = inet_addr_type(dev_net(dev), addr);
244
245 parms = in_dev->arp_parms;
246 __neigh_parms_put(neigh->parms);
247 neigh->parms = neigh_parms_clone(parms);
248 rcu_read_unlock();
249
250 if (!dev->header_ops) {
251 neigh->nud_state = NUD_NOARP;
252 neigh->ops = &arp_direct_ops;
253 neigh->output = neigh_direct_output;
254 } else {
255 /* Good devices (checked by reading texts, but only Ethernet is
256 tested)
257
258 ARPHRD_ETHER: (ethernet, apfddi)
259 ARPHRD_FDDI: (fddi)
260 ARPHRD_IEEE802: (tr)
261 ARPHRD_METRICOM: (strip)
262 ARPHRD_ARCNET:
263 etc. etc. etc.
264
265 ARPHRD_IPDDP will also work, if author repairs it.
266 I did not it, because this driver does not work even
267 in old paradigm.
268 */
269
270#if 1
271 /* So... these "amateur" devices are hopeless.
272 The only thing, that I can say now:
273 It is very sad that we need to keep ugly obsolete
274 code to make them happy.
275
276 They should be moved to more reasonable state, now
277 they use rebuild_header INSTEAD OF hard_start_xmit!!!
278 Besides that, they are sort of out of date
279 (a lot of redundant clones/copies, useless in 2.1),
280 I wonder why people believe that they work.
281 */
282 switch (dev->type) {
283 default:
284 break;
285 case ARPHRD_ROSE:
286#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
287 case ARPHRD_AX25:
288#if defined(CONFIG_NETROM) || defined(CONFIG_NETROM_MODULE)
289 case ARPHRD_NETROM:
290#endif
291 neigh->ops = &arp_broken_ops;
292 neigh->output = neigh->ops->output;
293 return 0;
294#else
295 break;
296#endif
297 }
298#endif
299 if (neigh->type == RTN_MULTICAST) {
300 neigh->nud_state = NUD_NOARP;
301 arp_mc_map(addr, neigh->ha, dev, 1);
302 } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
303 neigh->nud_state = NUD_NOARP;
304 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
305 } else if (neigh->type == RTN_BROADCAST ||
306 (dev->flags & IFF_POINTOPOINT)) {
307 neigh->nud_state = NUD_NOARP;
308 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
309 }
310
311 if (dev->header_ops->cache)
312 neigh->ops = &arp_hh_ops;
313 else
314 neigh->ops = &arp_generic_ops;
315
316 if (neigh->nud_state & NUD_VALID)
317 neigh->output = neigh->ops->connected_output;
318 else
319 neigh->output = neigh->ops->output;
320 }
321 return 0;
322}
323
324static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
325{
326 dst_link_failure(skb);
327 kfree_skb(skb);
328}
329
330static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
331{
332 __be32 saddr = 0;
333 u8 *dst_ha = NULL;
334 struct net_device *dev = neigh->dev;
335 __be32 target = *(__be32 *)neigh->primary_key;
336 int probes = atomic_read(&neigh->probes);
337 struct in_device *in_dev;
338
339 rcu_read_lock();
340 in_dev = __in_dev_get_rcu(dev);
341 if (!in_dev) {
342 rcu_read_unlock();
343 return;
344 }
345 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
346 default:
347 case 0: /* By default announce any local IP */
348 if (skb && inet_addr_type(dev_net(dev),
349 ip_hdr(skb)->saddr) == RTN_LOCAL)
350 saddr = ip_hdr(skb)->saddr;
351 break;
352 case 1: /* Restrict announcements of saddr in same subnet */
353 if (!skb)
354 break;
355 saddr = ip_hdr(skb)->saddr;
356 if (inet_addr_type(dev_net(dev), saddr) == RTN_LOCAL) {
357 /* saddr should be known to target */
358 if (inet_addr_onlink(in_dev, target, saddr))
359 break;
360 }
361 saddr = 0;
362 break;
363 case 2: /* Avoid secondary IPs, get a primary/preferred one */
364 break;
365 }
366 rcu_read_unlock();
367
368 if (!saddr)
369 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
370
371 probes -= neigh->parms->ucast_probes;
372 if (probes < 0) {
373 if (!(neigh->nud_state & NUD_VALID))
374 printk(KERN_DEBUG
375 "trying to ucast probe in NUD_INVALID\n");
376 dst_ha = neigh->ha;
377 read_lock_bh(&neigh->lock);
378 } else {
379 probes -= neigh->parms->app_probes;
380 if (probes < 0) {
381#ifdef CONFIG_ARPD
382 neigh_app_ns(neigh);
383#endif
384 return;
385 }
386 }
387
388 arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
389 dst_ha, dev->dev_addr, NULL);
390 if (dst_ha)
391 read_unlock_bh(&neigh->lock);
392}
393
394static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
395{
396 int scope;
397
398 switch (IN_DEV_ARP_IGNORE(in_dev)) {
399 case 0: /* Reply, the tip is already validated */
400 return 0;
401 case 1: /* Reply only if tip is configured on the incoming interface */
402 sip = 0;
403 scope = RT_SCOPE_HOST;
404 break;
405 case 2: /*
406 * Reply only if tip is configured on the incoming interface
407 * and is in same subnet as sip
408 */
409 scope = RT_SCOPE_HOST;
410 break;
411 case 3: /* Do not reply for scope host addresses */
412 sip = 0;
413 scope = RT_SCOPE_LINK;
414 break;
415 case 4: /* Reserved */
416 case 5:
417 case 6:
418 case 7:
419 return 0;
420 case 8: /* Do not reply */
421 return 1;
422 default:
423 return 0;
424 }
425 return !inet_confirm_addr(in_dev, sip, tip, scope);
426}
427
428static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
429{
430 struct rtable *rt;
431 int flag = 0;
432 /*unsigned long now; */
433 struct net *net = dev_net(dev);
434
435 rt = ip_route_output(net, sip, tip, 0, 0);
436 if (IS_ERR(rt))
437 return 1;
438 if (rt->dst.dev != dev) {
439 NET_INC_STATS_BH(net, LINUX_MIB_ARPFILTER);
440 flag = 1;
441 }
442 ip_rt_put(rt);
443 return flag;
444}
445
446/* OBSOLETE FUNCTIONS */
447
448/*
449 * Find an arp mapping in the cache. If not found, post a request.
450 *
451 * It is very UGLY routine: it DOES NOT use skb->dst->neighbour,
452 * even if it exists. It is supposed that skb->dev was mangled
453 * by a virtual device (eql, shaper). Nobody but broken devices
454 * is allowed to use this function, it is scheduled to be removed. --ANK
455 */
456
457static int arp_set_predefined(int addr_hint, unsigned char *haddr,
458 __be32 paddr, struct net_device *dev)
459{
460 switch (addr_hint) {
461 case RTN_LOCAL:
462 printk(KERN_DEBUG "ARP: arp called for own IP address\n");
463 memcpy(haddr, dev->dev_addr, dev->addr_len);
464 return 1;
465 case RTN_MULTICAST:
466 arp_mc_map(paddr, haddr, dev, 1);
467 return 1;
468 case RTN_BROADCAST:
469 memcpy(haddr, dev->broadcast, dev->addr_len);
470 return 1;
471 }
472 return 0;
473}
474
475
476int arp_find(unsigned char *haddr, struct sk_buff *skb)
477{
478 struct net_device *dev = skb->dev;
479 __be32 paddr;
480 struct neighbour *n;
481
482 if (!skb_dst(skb)) {
483 printk(KERN_DEBUG "arp_find is called with dst==NULL\n");
484 kfree_skb(skb);
485 return 1;
486 }
487
488 paddr = skb_rtable(skb)->rt_gateway;
489
490 if (arp_set_predefined(inet_addr_type(dev_net(dev), paddr), haddr,
491 paddr, dev))
492 return 0;
493
494 n = __neigh_lookup(&arp_tbl, &paddr, dev, 1);
495
496 if (n) {
497 n->used = jiffies;
498 if (n->nud_state & NUD_VALID || neigh_event_send(n, skb) == 0) {
499 neigh_ha_snapshot(haddr, n, dev);
500 neigh_release(n);
501 return 0;
502 }
503 neigh_release(n);
504 } else
505 kfree_skb(skb);
506 return 1;
507}
508EXPORT_SYMBOL(arp_find);
509
510/* END OF OBSOLETE FUNCTIONS */
511
512/*
513 * Check if we can use proxy ARP for this path
514 */
515static inline int arp_fwd_proxy(struct in_device *in_dev,
516 struct net_device *dev, struct rtable *rt)
517{
518 struct in_device *out_dev;
519 int imi, omi = -1;
520
521 if (rt->dst.dev == dev)
522 return 0;
523
524 if (!IN_DEV_PROXY_ARP(in_dev))
525 return 0;
526 imi = IN_DEV_MEDIUM_ID(in_dev);
527 if (imi == 0)
528 return 1;
529 if (imi == -1)
530 return 0;
531
532 /* place to check for proxy_arp for routes */
533
534 out_dev = __in_dev_get_rcu(rt->dst.dev);
535 if (out_dev)
536 omi = IN_DEV_MEDIUM_ID(out_dev);
537
538 return omi != imi && omi != -1;
539}
540
541/*
542 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
543 *
544 * RFC3069 supports proxy arp replies back to the same interface. This
545 * is done to support (ethernet) switch features, like RFC 3069, where
546 * the individual ports are not allowed to communicate with each
547 * other, BUT they are allowed to talk to the upstream router. As
548 * described in RFC 3069, it is possible to allow these hosts to
549 * communicate through the upstream router, by proxy_arp'ing.
550 *
551 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
552 *
553 * This technology is known by different names:
554 * In RFC 3069 it is called VLAN Aggregation.
555 * Cisco and Allied Telesyn call it Private VLAN.
556 * Hewlett-Packard call it Source-Port filtering or port-isolation.
557 * Ericsson call it MAC-Forced Forwarding (RFC Draft).
558 *
559 */
560static inline int arp_fwd_pvlan(struct in_device *in_dev,
561 struct net_device *dev, struct rtable *rt,
562 __be32 sip, __be32 tip)
563{
564 /* Private VLAN is only concerned about the same ethernet segment */
565 if (rt->dst.dev != dev)
566 return 0;
567
568 /* Don't reply on self probes (often done by windowz boxes)*/
569 if (sip == tip)
570 return 0;
571
572 if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
573 return 1;
574 else
575 return 0;
576}
577
578/*
579 * Interface to link layer: send routine and receive handler.
580 */
581
582/*
583 * Create an arp packet. If (dest_hw == NULL), we create a broadcast
584 * message.
585 */
586struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
587 struct net_device *dev, __be32 src_ip,
588 const unsigned char *dest_hw,
589 const unsigned char *src_hw,
590 const unsigned char *target_hw)
591{
592 struct sk_buff *skb;
593 struct arphdr *arp;
594 unsigned char *arp_ptr;
595
596 /*
597 * Allocate a buffer
598 */
599
600 skb = alloc_skb(arp_hdr_len(dev) + LL_ALLOCATED_SPACE(dev), GFP_ATOMIC);
601 if (skb == NULL)
602 return NULL;
603
604 skb_reserve(skb, LL_RESERVED_SPACE(dev));
605 skb_reset_network_header(skb);
606 arp = (struct arphdr *) skb_put(skb, arp_hdr_len(dev));
607 skb->dev = dev;
608 skb->protocol = htons(ETH_P_ARP);
609 if (src_hw == NULL)
610 src_hw = dev->dev_addr;
611 if (dest_hw == NULL)
612 dest_hw = dev->broadcast;
613
614 /*
615 * Fill the device header for the ARP frame
616 */
617 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
618 goto out;
619
620 /*
621 * Fill out the arp protocol part.
622 *
623 * The arp hardware type should match the device type, except for FDDI,
624 * which (according to RFC 1390) should always equal 1 (Ethernet).
625 */
626 /*
627 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the
628 * DIX code for the protocol. Make these device structure fields.
629 */
630 switch (dev->type) {
631 default:
632 arp->ar_hrd = htons(dev->type);
633 arp->ar_pro = htons(ETH_P_IP);
634 break;
635
636#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
637 case ARPHRD_AX25:
638 arp->ar_hrd = htons(ARPHRD_AX25);
639 arp->ar_pro = htons(AX25_P_IP);
640 break;
641
642#if defined(CONFIG_NETROM) || defined(CONFIG_NETROM_MODULE)
643 case ARPHRD_NETROM:
644 arp->ar_hrd = htons(ARPHRD_NETROM);
645 arp->ar_pro = htons(AX25_P_IP);
646 break;
647#endif
648#endif
649
650#if defined(CONFIG_FDDI) || defined(CONFIG_FDDI_MODULE)
651 case ARPHRD_FDDI:
652 arp->ar_hrd = htons(ARPHRD_ETHER);
653 arp->ar_pro = htons(ETH_P_IP);
654 break;
655#endif
656#if defined(CONFIG_TR) || defined(CONFIG_TR_MODULE)
657 case ARPHRD_IEEE802_TR:
658 arp->ar_hrd = htons(ARPHRD_IEEE802);
659 arp->ar_pro = htons(ETH_P_IP);
660 break;
661#endif
662 }
663
664 arp->ar_hln = dev->addr_len;
665 arp->ar_pln = 4;
666 arp->ar_op = htons(type);
667
668 arp_ptr = (unsigned char *)(arp + 1);
669
670 memcpy(arp_ptr, src_hw, dev->addr_len);
671 arp_ptr += dev->addr_len;
672 memcpy(arp_ptr, &src_ip, 4);
673 arp_ptr += 4;
674 if (target_hw != NULL)
675 memcpy(arp_ptr, target_hw, dev->addr_len);
676 else
677 memset(arp_ptr, 0, dev->addr_len);
678 arp_ptr += dev->addr_len;
679 memcpy(arp_ptr, &dest_ip, 4);
680
681 return skb;
682
683out:
684 kfree_skb(skb);
685 return NULL;
686}
687EXPORT_SYMBOL(arp_create);
688
689/*
690 * Send an arp packet.
691 */
692void arp_xmit(struct sk_buff *skb)
693{
694 /* Send it off, maybe filter it using firewalling first. */
695 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, skb, NULL, skb->dev, dev_queue_xmit);
696}
697EXPORT_SYMBOL(arp_xmit);
698
699/*
700 * Create and send an arp packet.
701 */
702void arp_send(int type, int ptype, __be32 dest_ip,
703 struct net_device *dev, __be32 src_ip,
704 const unsigned char *dest_hw, const unsigned char *src_hw,
705 const unsigned char *target_hw)
706{
707 struct sk_buff *skb;
708
709 /*
710 * No arp on this interface.
711 */
712
713 if (dev->flags&IFF_NOARP)
714 return;
715
716 skb = arp_create(type, ptype, dest_ip, dev, src_ip,
717 dest_hw, src_hw, target_hw);
718 if (skb == NULL)
719 return;
720
721 arp_xmit(skb);
722}
723EXPORT_SYMBOL(arp_send);
724
725/*
726 * Process an arp request.
727 */
728
729static int arp_process(struct sk_buff *skb)
730{
731 struct net_device *dev = skb->dev;
732 struct in_device *in_dev = __in_dev_get_rcu(dev);
733 struct arphdr *arp;
734 unsigned char *arp_ptr;
735 struct rtable *rt;
736 unsigned char *sha;
737 __be32 sip, tip;
738 u16 dev_type = dev->type;
739 int addr_type;
740 struct neighbour *n;
741 struct net *net = dev_net(dev);
742
743 /* arp_rcv below verifies the ARP header and verifies the device
744 * is ARP'able.
745 */
746
747 if (in_dev == NULL)
748 goto out;
749
750 arp = arp_hdr(skb);
751
752 switch (dev_type) {
753 default:
754 if (arp->ar_pro != htons(ETH_P_IP) ||
755 htons(dev_type) != arp->ar_hrd)
756 goto out;
757 break;
758 case ARPHRD_ETHER:
759 case ARPHRD_IEEE802_TR:
760 case ARPHRD_FDDI:
761 case ARPHRD_IEEE802:
762 /*
763 * ETHERNET, Token Ring and Fibre Channel (which are IEEE 802
764 * devices, according to RFC 2625) devices will accept ARP
765 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
766 * This is the case also of FDDI, where the RFC 1390 says that
767 * FDDI devices should accept ARP hardware of (1) Ethernet,
768 * however, to be more robust, we'll accept both 1 (Ethernet)
769 * or 6 (IEEE 802.2)
770 */
771 if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
772 arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
773 arp->ar_pro != htons(ETH_P_IP))
774 goto out;
775 break;
776 case ARPHRD_AX25:
777 if (arp->ar_pro != htons(AX25_P_IP) ||
778 arp->ar_hrd != htons(ARPHRD_AX25))
779 goto out;
780 break;
781 case ARPHRD_NETROM:
782 if (arp->ar_pro != htons(AX25_P_IP) ||
783 arp->ar_hrd != htons(ARPHRD_NETROM))
784 goto out;
785 break;
786 }
787
788 /* Understand only these message types */
789
790 if (arp->ar_op != htons(ARPOP_REPLY) &&
791 arp->ar_op != htons(ARPOP_REQUEST))
792 goto out;
793
794/*
795 * Extract fields
796 */
797 arp_ptr = (unsigned char *)(arp + 1);
798 sha = arp_ptr;
799 arp_ptr += dev->addr_len;
800 memcpy(&sip, arp_ptr, 4);
801 arp_ptr += 4;
802 arp_ptr += dev->addr_len;
803 memcpy(&tip, arp_ptr, 4);
804/*
805 * Check for bad requests for 127.x.x.x and requests for multicast
806 * addresses. If this is one such, delete it.
807 */
808 if (ipv4_is_loopback(tip) || ipv4_is_multicast(tip))
809 goto out;
810
811/*
812 * Special case: We must set Frame Relay source Q.922 address
813 */
814 if (dev_type == ARPHRD_DLCI)
815 sha = dev->broadcast;
816
817/*
818 * Process entry. The idea here is we want to send a reply if it is a
819 * request for us or if it is a request for someone else that we hold
820 * a proxy for. We want to add an entry to our cache if it is a reply
821 * to us or if it is a request for our address.
822 * (The assumption for this last is that if someone is requesting our
823 * address, they are probably intending to talk to us, so it saves time
824 * if we cache their address. Their address is also probably not in
825 * our cache, since ours is not in their cache.)
826 *
827 * Putting this another way, we only care about replies if they are to
828 * us, in which case we add them to the cache. For requests, we care
829 * about those for us and those for our proxies. We reply to both,
830 * and in the case of requests for us we add the requester to the arp
831 * cache.
832 */
833
834 /* Special case: IPv4 duplicate address detection packet (RFC2131) */
835 if (sip == 0) {
836 if (arp->ar_op == htons(ARPOP_REQUEST) &&
837 inet_addr_type(net, tip) == RTN_LOCAL &&
838 !arp_ignore(in_dev, sip, tip))
839 arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha,
840 dev->dev_addr, sha);
841 goto out;
842 }
843
844 if (arp->ar_op == htons(ARPOP_REQUEST) &&
845 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
846
847 rt = skb_rtable(skb);
848 addr_type = rt->rt_type;
849
850 if (addr_type == RTN_LOCAL) {
851 int dont_send;
852
853 dont_send = arp_ignore(in_dev, sip, tip);
854 if (!dont_send && IN_DEV_ARPFILTER(in_dev))
855 dont_send = arp_filter(sip, tip, dev);
856 if (!dont_send) {
857 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
858 if (n) {
859 arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
860 dev, tip, sha, dev->dev_addr,
861 sha);
862 neigh_release(n);
863 }
864 }
865 goto out;
866 } else if (IN_DEV_FORWARD(in_dev)) {
867 if (addr_type == RTN_UNICAST &&
868 (arp_fwd_proxy(in_dev, dev, rt) ||
869 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
870 pneigh_lookup(&arp_tbl, net, &tip, dev, 0))) {
871 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
872 if (n)
873 neigh_release(n);
874
875 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
876 skb->pkt_type == PACKET_HOST ||
877 in_dev->arp_parms->proxy_delay == 0) {
878 arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
879 dev, tip, sha, dev->dev_addr,
880 sha);
881 } else {
882 pneigh_enqueue(&arp_tbl,
883 in_dev->arp_parms, skb);
884 return 0;
885 }
886 goto out;
887 }
888 }
889 }
890
891 /* Update our ARP tables */
892
893 n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
894
895 if (IPV4_DEVCONF_ALL(dev_net(dev), ARP_ACCEPT)) {
896 /* Unsolicited ARP is not accepted by default.
897 It is possible, that this option should be enabled for some
898 devices (strip is candidate)
899 */
900 if (n == NULL &&
901 (arp->ar_op == htons(ARPOP_REPLY) ||
902 (arp->ar_op == htons(ARPOP_REQUEST) && tip == sip)) &&
903 inet_addr_type(net, sip) == RTN_UNICAST)
904 n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
905 }
906
907 if (n) {
908 int state = NUD_REACHABLE;
909 int override;
910
911 /* If several different ARP replies follows back-to-back,
912 use the FIRST one. It is possible, if several proxy
913 agents are active. Taking the first reply prevents
914 arp trashing and chooses the fastest router.
915 */
916 override = time_after(jiffies, n->updated + n->parms->locktime);
917
918 /* Broadcast replies and request packets
919 do not assert neighbour reachability.
920 */
921 if (arp->ar_op != htons(ARPOP_REPLY) ||
922 skb->pkt_type != PACKET_HOST)
923 state = NUD_STALE;
924 neigh_update(n, sha, state,
925 override ? NEIGH_UPDATE_F_OVERRIDE : 0);
926 neigh_release(n);
927 }
928
929out:
930 consume_skb(skb);
931 return 0;
932}
933
934static void parp_redo(struct sk_buff *skb)
935{
936 arp_process(skb);
937}
938
939
940/*
941 * Receive an arp request from the device layer.
942 */
943
944static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
945 struct packet_type *pt, struct net_device *orig_dev)
946{
947 struct arphdr *arp;
948
949 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */
950 if (!pskb_may_pull(skb, arp_hdr_len(dev)))
951 goto freeskb;
952
953 arp = arp_hdr(skb);
954 if (arp->ar_hln != dev->addr_len ||
955 dev->flags & IFF_NOARP ||
956 skb->pkt_type == PACKET_OTHERHOST ||
957 skb->pkt_type == PACKET_LOOPBACK ||
958 arp->ar_pln != 4)
959 goto freeskb;
960
961 skb = skb_share_check(skb, GFP_ATOMIC);
962 if (skb == NULL)
963 goto out_of_mem;
964
965 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
966
967 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, skb, dev, NULL, arp_process);
968
969freeskb:
970 kfree_skb(skb);
971out_of_mem:
972 return 0;
973}
974
975/*
976 * User level interface (ioctl)
977 */
978
979/*
980 * Set (create) an ARP cache entry.
981 */
982
983static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
984{
985 if (dev == NULL) {
986 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
987 return 0;
988 }
989 if (__in_dev_get_rtnl(dev)) {
990 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
991 return 0;
992 }
993 return -ENXIO;
994}
995
996static int arp_req_set_public(struct net *net, struct arpreq *r,
997 struct net_device *dev)
998{
999 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1000 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1001
1002 if (mask && mask != htonl(0xFFFFFFFF))
1003 return -EINVAL;
1004 if (!dev && (r->arp_flags & ATF_COM)) {
1005 dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family,
1006 r->arp_ha.sa_data);
1007 if (!dev)
1008 return -ENODEV;
1009 }
1010 if (mask) {
1011 if (pneigh_lookup(&arp_tbl, net, &ip, dev, 1) == NULL)
1012 return -ENOBUFS;
1013 return 0;
1014 }
1015
1016 return arp_req_set_proxy(net, dev, 1);
1017}
1018
1019static int arp_req_set(struct net *net, struct arpreq *r,
1020 struct net_device *dev)
1021{
1022 __be32 ip;
1023 struct neighbour *neigh;
1024 int err;
1025
1026 if (r->arp_flags & ATF_PUBL)
1027 return arp_req_set_public(net, r, dev);
1028
1029 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1030 if (r->arp_flags & ATF_PERM)
1031 r->arp_flags |= ATF_COM;
1032 if (dev == NULL) {
1033 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1034
1035 if (IS_ERR(rt))
1036 return PTR_ERR(rt);
1037 dev = rt->dst.dev;
1038 ip_rt_put(rt);
1039 if (!dev)
1040 return -EINVAL;
1041 }
1042 switch (dev->type) {
1043#if defined(CONFIG_FDDI) || defined(CONFIG_FDDI_MODULE)
1044 case ARPHRD_FDDI:
1045 /*
1046 * According to RFC 1390, FDDI devices should accept ARP
1047 * hardware types of 1 (Ethernet). However, to be more
1048 * robust, we'll accept hardware types of either 1 (Ethernet)
1049 * or 6 (IEEE 802.2).
1050 */
1051 if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1052 r->arp_ha.sa_family != ARPHRD_ETHER &&
1053 r->arp_ha.sa_family != ARPHRD_IEEE802)
1054 return -EINVAL;
1055 break;
1056#endif
1057 default:
1058 if (r->arp_ha.sa_family != dev->type)
1059 return -EINVAL;
1060 break;
1061 }
1062
1063 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1064 err = PTR_ERR(neigh);
1065 if (!IS_ERR(neigh)) {
1066 unsigned state = NUD_STALE;
1067 if (r->arp_flags & ATF_PERM)
1068 state = NUD_PERMANENT;
1069 err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1070 r->arp_ha.sa_data : NULL, state,
1071 NEIGH_UPDATE_F_OVERRIDE |
1072 NEIGH_UPDATE_F_ADMIN);
1073 neigh_release(neigh);
1074 }
1075 return err;
1076}
1077
1078static unsigned arp_state_to_flags(struct neighbour *neigh)
1079{
1080 if (neigh->nud_state&NUD_PERMANENT)
1081 return ATF_PERM | ATF_COM;
1082 else if (neigh->nud_state&NUD_VALID)
1083 return ATF_COM;
1084 else
1085 return 0;
1086}
1087
1088/*
1089 * Get an ARP cache entry.
1090 */
1091
1092static int arp_req_get(struct arpreq *r, struct net_device *dev)
1093{
1094 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1095 struct neighbour *neigh;
1096 int err = -ENXIO;
1097
1098 neigh = neigh_lookup(&arp_tbl, &ip, dev);
1099 if (neigh) {
1100 read_lock_bh(&neigh->lock);
1101 memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len);
1102 r->arp_flags = arp_state_to_flags(neigh);
1103 read_unlock_bh(&neigh->lock);
1104 r->arp_ha.sa_family = dev->type;
1105 strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev));
1106 neigh_release(neigh);
1107 err = 0;
1108 }
1109 return err;
1110}
1111
1112int arp_invalidate(struct net_device *dev, __be32 ip)
1113{
1114 struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1115 int err = -ENXIO;
1116
1117 if (neigh) {
1118 if (neigh->nud_state & ~NUD_NOARP)
1119 err = neigh_update(neigh, NULL, NUD_FAILED,
1120 NEIGH_UPDATE_F_OVERRIDE|
1121 NEIGH_UPDATE_F_ADMIN);
1122 neigh_release(neigh);
1123 }
1124
1125 return err;
1126}
1127EXPORT_SYMBOL(arp_invalidate);
1128
1129static int arp_req_delete_public(struct net *net, struct arpreq *r,
1130 struct net_device *dev)
1131{
1132 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1133 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1134
1135 if (mask == htonl(0xFFFFFFFF))
1136 return pneigh_delete(&arp_tbl, net, &ip, dev);
1137
1138 if (mask)
1139 return -EINVAL;
1140
1141 return arp_req_set_proxy(net, dev, 0);
1142}
1143
1144static int arp_req_delete(struct net *net, struct arpreq *r,
1145 struct net_device *dev)
1146{
1147 __be32 ip;
1148
1149 if (r->arp_flags & ATF_PUBL)
1150 return arp_req_delete_public(net, r, dev);
1151
1152 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1153 if (dev == NULL) {
1154 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1155 if (IS_ERR(rt))
1156 return PTR_ERR(rt);
1157 dev = rt->dst.dev;
1158 ip_rt_put(rt);
1159 if (!dev)
1160 return -EINVAL;
1161 }
1162 return arp_invalidate(dev, ip);
1163}
1164
1165/*
1166 * Handle an ARP layer I/O control request.
1167 */
1168
1169int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1170{
1171 int err;
1172 struct arpreq r;
1173 struct net_device *dev = NULL;
1174
1175 switch (cmd) {
1176 case SIOCDARP:
1177 case SIOCSARP:
1178 if (!capable(CAP_NET_ADMIN))
1179 return -EPERM;
1180 case SIOCGARP:
1181 err = copy_from_user(&r, arg, sizeof(struct arpreq));
1182 if (err)
1183 return -EFAULT;
1184 break;
1185 default:
1186 return -EINVAL;
1187 }
1188
1189 if (r.arp_pa.sa_family != AF_INET)
1190 return -EPFNOSUPPORT;
1191
1192 if (!(r.arp_flags & ATF_PUBL) &&
1193 (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1194 return -EINVAL;
1195 if (!(r.arp_flags & ATF_NETMASK))
1196 ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr =
1197 htonl(0xFFFFFFFFUL);
1198 rtnl_lock();
1199 if (r.arp_dev[0]) {
1200 err = -ENODEV;
1201 dev = __dev_get_by_name(net, r.arp_dev);
1202 if (dev == NULL)
1203 goto out;
1204
1205 /* Mmmm... It is wrong... ARPHRD_NETROM==0 */
1206 if (!r.arp_ha.sa_family)
1207 r.arp_ha.sa_family = dev->type;
1208 err = -EINVAL;
1209 if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type)
1210 goto out;
1211 } else if (cmd == SIOCGARP) {
1212 err = -ENODEV;
1213 goto out;
1214 }
1215
1216 switch (cmd) {
1217 case SIOCDARP:
1218 err = arp_req_delete(net, &r, dev);
1219 break;
1220 case SIOCSARP:
1221 err = arp_req_set(net, &r, dev);
1222 break;
1223 case SIOCGARP:
1224 err = arp_req_get(&r, dev);
1225 break;
1226 }
1227out:
1228 rtnl_unlock();
1229 if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r)))
1230 err = -EFAULT;
1231 return err;
1232}
1233
1234static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1235 void *ptr)
1236{
1237 struct net_device *dev = ptr;
1238
1239 switch (event) {
1240 case NETDEV_CHANGEADDR:
1241 neigh_changeaddr(&arp_tbl, dev);
1242 rt_cache_flush(dev_net(dev), 0);
1243 break;
1244 default:
1245 break;
1246 }
1247
1248 return NOTIFY_DONE;
1249}
1250
1251static struct notifier_block arp_netdev_notifier = {
1252 .notifier_call = arp_netdev_event,
1253};
1254
1255/* Note, that it is not on notifier chain.
1256 It is necessary, that this routine was called after route cache will be
1257 flushed.
1258 */
1259void arp_ifdown(struct net_device *dev)
1260{
1261 neigh_ifdown(&arp_tbl, dev);
1262}
1263
1264
1265/*
1266 * Called once on startup.
1267 */
1268
1269static struct packet_type arp_packet_type __read_mostly = {
1270 .type = cpu_to_be16(ETH_P_ARP),
1271 .func = arp_rcv,
1272};
1273
1274static int arp_proc_init(void);
1275
1276void __init arp_init(void)
1277{
1278 neigh_table_init(&arp_tbl);
1279
1280 dev_add_pack(&arp_packet_type);
1281 arp_proc_init();
1282#ifdef CONFIG_SYSCTL
1283 neigh_sysctl_register(NULL, &arp_tbl.parms, "ipv4", NULL);
1284#endif
1285 register_netdevice_notifier(&arp_netdev_notifier);
1286}
1287
1288#ifdef CONFIG_PROC_FS
1289#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1290
1291/* ------------------------------------------------------------------------ */
1292/*
1293 * ax25 -> ASCII conversion
1294 */
1295static char *ax2asc2(ax25_address *a, char *buf)
1296{
1297 char c, *s;
1298 int n;
1299
1300 for (n = 0, s = buf; n < 6; n++) {
1301 c = (a->ax25_call[n] >> 1) & 0x7F;
1302
1303 if (c != ' ')
1304 *s++ = c;
1305 }
1306
1307 *s++ = '-';
1308 n = (a->ax25_call[6] >> 1) & 0x0F;
1309 if (n > 9) {
1310 *s++ = '1';
1311 n -= 10;
1312 }
1313
1314 *s++ = n + '0';
1315 *s++ = '\0';
1316
1317 if (*buf == '\0' || *buf == '-')
1318 return "*";
1319
1320 return buf;
1321}
1322#endif /* CONFIG_AX25 */
1323
1324#define HBUFFERLEN 30
1325
1326static void arp_format_neigh_entry(struct seq_file *seq,
1327 struct neighbour *n)
1328{
1329 char hbuffer[HBUFFERLEN];
1330 int k, j;
1331 char tbuf[16];
1332 struct net_device *dev = n->dev;
1333 int hatype = dev->type;
1334
1335 read_lock(&n->lock);
1336 /* Convert hardware address to XX:XX:XX:XX ... form. */
1337#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1338 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1339 ax2asc2((ax25_address *)n->ha, hbuffer);
1340 else {
1341#endif
1342 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1343 hbuffer[k++] = hex_asc_hi(n->ha[j]);
1344 hbuffer[k++] = hex_asc_lo(n->ha[j]);
1345 hbuffer[k++] = ':';
1346 }
1347 if (k != 0)
1348 --k;
1349 hbuffer[k] = 0;
1350#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1351 }
1352#endif
1353 sprintf(tbuf, "%pI4", n->primary_key);
1354 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1355 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1356 read_unlock(&n->lock);
1357}
1358
1359static void arp_format_pneigh_entry(struct seq_file *seq,
1360 struct pneigh_entry *n)
1361{
1362 struct net_device *dev = n->dev;
1363 int hatype = dev ? dev->type : 0;
1364 char tbuf[16];
1365
1366 sprintf(tbuf, "%pI4", n->key);
1367 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1368 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1369 dev ? dev->name : "*");
1370}
1371
1372static int arp_seq_show(struct seq_file *seq, void *v)
1373{
1374 if (v == SEQ_START_TOKEN) {
1375 seq_puts(seq, "IP address HW type Flags "
1376 "HW address Mask Device\n");
1377 } else {
1378 struct neigh_seq_state *state = seq->private;
1379
1380 if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1381 arp_format_pneigh_entry(seq, v);
1382 else
1383 arp_format_neigh_entry(seq, v);
1384 }
1385
1386 return 0;
1387}
1388
1389static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1390{
1391 /* Don't want to confuse "arp -a" w/ magic entries,
1392 * so we tell the generic iterator to skip NUD_NOARP.
1393 */
1394 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1395}
1396
1397/* ------------------------------------------------------------------------ */
1398
1399static const struct seq_operations arp_seq_ops = {
1400 .start = arp_seq_start,
1401 .next = neigh_seq_next,
1402 .stop = neigh_seq_stop,
1403 .show = arp_seq_show,
1404};
1405
1406static int arp_seq_open(struct inode *inode, struct file *file)
1407{
1408 return seq_open_net(inode, file, &arp_seq_ops,
1409 sizeof(struct neigh_seq_state));
1410}
1411
1412static const struct file_operations arp_seq_fops = {
1413 .owner = THIS_MODULE,
1414 .open = arp_seq_open,
1415 .read = seq_read,
1416 .llseek = seq_lseek,
1417 .release = seq_release_net,
1418};
1419
1420
1421static int __net_init arp_net_init(struct net *net)
1422{
1423 if (!proc_net_fops_create(net, "arp", S_IRUGO, &arp_seq_fops))
1424 return -ENOMEM;
1425 return 0;
1426}
1427
1428static void __net_exit arp_net_exit(struct net *net)
1429{
1430 proc_net_remove(net, "arp");
1431}
1432
1433static struct pernet_operations arp_net_ops = {
1434 .init = arp_net_init,
1435 .exit = arp_net_exit,
1436};
1437
1438static int __init arp_proc_init(void)
1439{
1440 return register_pernet_subsys(&arp_net_ops);
1441}
1442
1443#else /* CONFIG_PROC_FS */
1444
1445static int __init arp_proc_init(void)
1446{
1447 return 0;
1448}
1449
1450#endif /* CONFIG_PROC_FS */