Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/* linux/net/ipv4/arp.c
3 *
4 * Copyright (C) 1994 by Florian La Roche
5 *
6 * This module implements the Address Resolution Protocol ARP (RFC 826),
7 * which is used to convert IP addresses (or in the future maybe other
8 * high-level addresses) into a low-level hardware address (like an Ethernet
9 * address).
10 *
11 * Fixes:
12 * Alan Cox : Removed the Ethernet assumptions in
13 * Florian's code
14 * Alan Cox : Fixed some small errors in the ARP
15 * logic
16 * Alan Cox : Allow >4K in /proc
17 * Alan Cox : Make ARP add its own protocol entry
18 * Ross Martin : Rewrote arp_rcv() and arp_get_info()
19 * Stephen Henson : Add AX25 support to arp_get_info()
20 * Alan Cox : Drop data when a device is downed.
21 * Alan Cox : Use init_timer().
22 * Alan Cox : Double lock fixes.
23 * Martin Seine : Move the arphdr structure
24 * to if_arp.h for compatibility.
25 * with BSD based programs.
26 * Andrew Tridgell : Added ARP netmask code and
27 * re-arranged proxy handling.
28 * Alan Cox : Changed to use notifiers.
29 * Niibe Yutaka : Reply for this device or proxies only.
30 * Alan Cox : Don't proxy across hardware types!
31 * Jonathan Naylor : Added support for NET/ROM.
32 * Mike Shaver : RFC1122 checks.
33 * Jonathan Naylor : Only lookup the hardware address for
34 * the correct hardware type.
35 * Germano Caronni : Assorted subtle races.
36 * Craig Schlenter : Don't modify permanent entry
37 * during arp_rcv.
38 * Russ Nelson : Tidied up a few bits.
39 * Alexey Kuznetsov: Major changes to caching and behaviour,
40 * eg intelligent arp probing and
41 * generation
42 * of host down events.
43 * Alan Cox : Missing unlock in device events.
44 * Eckes : ARP ioctl control errors.
45 * Alexey Kuznetsov: Arp free fix.
46 * Manuel Rodriguez: Gratuitous ARP.
47 * Jonathan Layes : Added arpd support through kerneld
48 * message queue (960314)
49 * Mike Shaver : /proc/sys/net/ipv4/arp_* support
50 * Mike McLagan : Routing by source
51 * Stuart Cheshire : Metricom and grat arp fixes
52 * *** FOR 2.1 clean this up ***
53 * Lawrence V. Stefani: (08/12/96) Added FDDI support.
54 * Alan Cox : Took the AP1000 nasty FDDI hack and
55 * folded into the mainstream FDDI code.
56 * Ack spit, Linus how did you allow that
57 * one in...
58 * Jes Sorensen : Make FDDI work again in 2.1.x and
59 * clean up the APFDDI & gen. FDDI bits.
60 * Alexey Kuznetsov: new arp state machine;
61 * now it is in net/core/neighbour.c.
62 * Krzysztof Halasa: Added Frame Relay ARP support.
63 * Arnaldo C. Melo : convert /proc/net/arp to seq_file
64 * Shmulik Hen: Split arp_send to arp_create and
65 * arp_xmit so intermediate drivers like
66 * bonding can change the skb before
67 * sending (e.g. insert 8021q tag).
68 * Harald Welte : convert to make use of jenkins hash
69 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support.
70 */
71
72#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
73
74#include <linux/module.h>
75#include <linux/types.h>
76#include <linux/string.h>
77#include <linux/kernel.h>
78#include <linux/capability.h>
79#include <linux/socket.h>
80#include <linux/sockios.h>
81#include <linux/errno.h>
82#include <linux/in.h>
83#include <linux/mm.h>
84#include <linux/inet.h>
85#include <linux/inetdevice.h>
86#include <linux/netdevice.h>
87#include <linux/etherdevice.h>
88#include <linux/fddidevice.h>
89#include <linux/if_arp.h>
90#include <linux/skbuff.h>
91#include <linux/proc_fs.h>
92#include <linux/seq_file.h>
93#include <linux/stat.h>
94#include <linux/init.h>
95#include <linux/net.h>
96#include <linux/rcupdate.h>
97#include <linux/slab.h>
98#ifdef CONFIG_SYSCTL
99#include <linux/sysctl.h>
100#endif
101
102#include <net/net_namespace.h>
103#include <net/ip.h>
104#include <net/icmp.h>
105#include <net/route.h>
106#include <net/protocol.h>
107#include <net/tcp.h>
108#include <net/sock.h>
109#include <net/arp.h>
110#include <net/ax25.h>
111#include <net/netrom.h>
112#include <net/dst_metadata.h>
113#include <net/ip_tunnels.h>
114
115#include <linux/uaccess.h>
116
117#include <linux/netfilter_arp.h>
118
119/*
120 * Interface to generic neighbour cache.
121 */
122static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd);
123static bool arp_key_eq(const struct neighbour *n, const void *pkey);
124static int arp_constructor(struct neighbour *neigh);
125static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
126static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
127static void parp_redo(struct sk_buff *skb);
128static int arp_is_multicast(const void *pkey);
129
130static const struct neigh_ops arp_generic_ops = {
131 .family = AF_INET,
132 .solicit = arp_solicit,
133 .error_report = arp_error_report,
134 .output = neigh_resolve_output,
135 .connected_output = neigh_connected_output,
136};
137
138static const struct neigh_ops arp_hh_ops = {
139 .family = AF_INET,
140 .solicit = arp_solicit,
141 .error_report = arp_error_report,
142 .output = neigh_resolve_output,
143 .connected_output = neigh_resolve_output,
144};
145
146static const struct neigh_ops arp_direct_ops = {
147 .family = AF_INET,
148 .output = neigh_direct_output,
149 .connected_output = neigh_direct_output,
150};
151
152struct neigh_table arp_tbl = {
153 .family = AF_INET,
154 .key_len = 4,
155 .protocol = cpu_to_be16(ETH_P_IP),
156 .hash = arp_hash,
157 .key_eq = arp_key_eq,
158 .constructor = arp_constructor,
159 .proxy_redo = parp_redo,
160 .is_multicast = arp_is_multicast,
161 .id = "arp_cache",
162 .parms = {
163 .tbl = &arp_tbl,
164 .reachable_time = 30 * HZ,
165 .data = {
166 [NEIGH_VAR_MCAST_PROBES] = 3,
167 [NEIGH_VAR_UCAST_PROBES] = 3,
168 [NEIGH_VAR_RETRANS_TIME] = 1 * HZ,
169 [NEIGH_VAR_BASE_REACHABLE_TIME] = 30 * HZ,
170 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
171 [NEIGH_VAR_INTERVAL_PROBE_TIME_MS] = 5 * HZ,
172 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
173 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
174 [NEIGH_VAR_PROXY_QLEN] = 64,
175 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
176 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
177 [NEIGH_VAR_LOCKTIME] = 1 * HZ,
178 },
179 },
180 .gc_interval = 30 * HZ,
181 .gc_thresh1 = 128,
182 .gc_thresh2 = 512,
183 .gc_thresh3 = 1024,
184};
185EXPORT_SYMBOL(arp_tbl);
186
187int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
188{
189 switch (dev->type) {
190 case ARPHRD_ETHER:
191 case ARPHRD_FDDI:
192 case ARPHRD_IEEE802:
193 ip_eth_mc_map(addr, haddr);
194 return 0;
195 case ARPHRD_INFINIBAND:
196 ip_ib_mc_map(addr, dev->broadcast, haddr);
197 return 0;
198 case ARPHRD_IPGRE:
199 ip_ipgre_mc_map(addr, dev->broadcast, haddr);
200 return 0;
201 default:
202 if (dir) {
203 memcpy(haddr, dev->broadcast, dev->addr_len);
204 return 0;
205 }
206 }
207 return -EINVAL;
208}
209
210
211static u32 arp_hash(const void *pkey,
212 const struct net_device *dev,
213 __u32 *hash_rnd)
214{
215 return arp_hashfn(pkey, dev, hash_rnd);
216}
217
218static bool arp_key_eq(const struct neighbour *neigh, const void *pkey)
219{
220 return neigh_key_eq32(neigh, pkey);
221}
222
223static int arp_constructor(struct neighbour *neigh)
224{
225 __be32 addr;
226 struct net_device *dev = neigh->dev;
227 struct in_device *in_dev;
228 struct neigh_parms *parms;
229 u32 inaddr_any = INADDR_ANY;
230
231 if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT))
232 memcpy(neigh->primary_key, &inaddr_any, arp_tbl.key_len);
233
234 addr = *(__be32 *)neigh->primary_key;
235 rcu_read_lock();
236 in_dev = __in_dev_get_rcu(dev);
237 if (!in_dev) {
238 rcu_read_unlock();
239 return -EINVAL;
240 }
241
242 neigh->type = inet_addr_type_dev_table(dev_net(dev), dev, addr);
243
244 parms = in_dev->arp_parms;
245 __neigh_parms_put(neigh->parms);
246 neigh->parms = neigh_parms_clone(parms);
247 rcu_read_unlock();
248
249 if (!dev->header_ops) {
250 neigh->nud_state = NUD_NOARP;
251 neigh->ops = &arp_direct_ops;
252 neigh->output = neigh_direct_output;
253 } else {
254 /* Good devices (checked by reading texts, but only Ethernet is
255 tested)
256
257 ARPHRD_ETHER: (ethernet, apfddi)
258 ARPHRD_FDDI: (fddi)
259 ARPHRD_IEEE802: (tr)
260 ARPHRD_METRICOM: (strip)
261 ARPHRD_ARCNET:
262 etc. etc. etc.
263
264 ARPHRD_IPDDP will also work, if author repairs it.
265 I did not it, because this driver does not work even
266 in old paradigm.
267 */
268
269 if (neigh->type == RTN_MULTICAST) {
270 neigh->nud_state = NUD_NOARP;
271 arp_mc_map(addr, neigh->ha, dev, 1);
272 } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
273 neigh->nud_state = NUD_NOARP;
274 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
275 } else if (neigh->type == RTN_BROADCAST ||
276 (dev->flags & IFF_POINTOPOINT)) {
277 neigh->nud_state = NUD_NOARP;
278 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
279 }
280
281 if (dev->header_ops->cache)
282 neigh->ops = &arp_hh_ops;
283 else
284 neigh->ops = &arp_generic_ops;
285
286 if (neigh->nud_state & NUD_VALID)
287 neigh->output = neigh->ops->connected_output;
288 else
289 neigh->output = neigh->ops->output;
290 }
291 return 0;
292}
293
294static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
295{
296 dst_link_failure(skb);
297 kfree_skb_reason(skb, SKB_DROP_REASON_NEIGH_FAILED);
298}
299
300/* Create and send an arp packet. */
301static void arp_send_dst(int type, int ptype, __be32 dest_ip,
302 struct net_device *dev, __be32 src_ip,
303 const unsigned char *dest_hw,
304 const unsigned char *src_hw,
305 const unsigned char *target_hw,
306 struct dst_entry *dst)
307{
308 struct sk_buff *skb;
309
310 /* arp on this interface. */
311 if (dev->flags & IFF_NOARP)
312 return;
313
314 skb = arp_create(type, ptype, dest_ip, dev, src_ip,
315 dest_hw, src_hw, target_hw);
316 if (!skb)
317 return;
318
319 skb_dst_set(skb, dst_clone(dst));
320 arp_xmit(skb);
321}
322
323void arp_send(int type, int ptype, __be32 dest_ip,
324 struct net_device *dev, __be32 src_ip,
325 const unsigned char *dest_hw, const unsigned char *src_hw,
326 const unsigned char *target_hw)
327{
328 arp_send_dst(type, ptype, dest_ip, dev, src_ip, dest_hw, src_hw,
329 target_hw, NULL);
330}
331EXPORT_SYMBOL(arp_send);
332
333static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
334{
335 __be32 saddr = 0;
336 u8 dst_ha[MAX_ADDR_LEN], *dst_hw = NULL;
337 struct net_device *dev = neigh->dev;
338 __be32 target = *(__be32 *)neigh->primary_key;
339 int probes = atomic_read(&neigh->probes);
340 struct in_device *in_dev;
341 struct dst_entry *dst = NULL;
342
343 rcu_read_lock();
344 in_dev = __in_dev_get_rcu(dev);
345 if (!in_dev) {
346 rcu_read_unlock();
347 return;
348 }
349 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
350 default:
351 case 0: /* By default announce any local IP */
352 if (skb && inet_addr_type_dev_table(dev_net(dev), dev,
353 ip_hdr(skb)->saddr) == RTN_LOCAL)
354 saddr = ip_hdr(skb)->saddr;
355 break;
356 case 1: /* Restrict announcements of saddr in same subnet */
357 if (!skb)
358 break;
359 saddr = ip_hdr(skb)->saddr;
360 if (inet_addr_type_dev_table(dev_net(dev), dev,
361 saddr) == RTN_LOCAL) {
362 /* saddr should be known to target */
363 if (inet_addr_onlink(in_dev, target, saddr))
364 break;
365 }
366 saddr = 0;
367 break;
368 case 2: /* Avoid secondary IPs, get a primary/preferred one */
369 break;
370 }
371 rcu_read_unlock();
372
373 if (!saddr)
374 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
375
376 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
377 if (probes < 0) {
378 if (!(READ_ONCE(neigh->nud_state) & NUD_VALID))
379 pr_debug("trying to ucast probe in NUD_INVALID\n");
380 neigh_ha_snapshot(dst_ha, neigh, dev);
381 dst_hw = dst_ha;
382 } else {
383 probes -= NEIGH_VAR(neigh->parms, APP_PROBES);
384 if (probes < 0) {
385 neigh_app_ns(neigh);
386 return;
387 }
388 }
389
390 if (skb && !(dev->priv_flags & IFF_XMIT_DST_RELEASE))
391 dst = skb_dst(skb);
392 arp_send_dst(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
393 dst_hw, dev->dev_addr, NULL, dst);
394}
395
396static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
397{
398 struct net *net = dev_net(in_dev->dev);
399 int scope;
400
401 switch (IN_DEV_ARP_IGNORE(in_dev)) {
402 case 0: /* Reply, the tip is already validated */
403 return 0;
404 case 1: /* Reply only if tip is configured on the incoming interface */
405 sip = 0;
406 scope = RT_SCOPE_HOST;
407 break;
408 case 2: /*
409 * Reply only if tip is configured on the incoming interface
410 * and is in same subnet as sip
411 */
412 scope = RT_SCOPE_HOST;
413 break;
414 case 3: /* Do not reply for scope host addresses */
415 sip = 0;
416 scope = RT_SCOPE_LINK;
417 in_dev = NULL;
418 break;
419 case 4: /* Reserved */
420 case 5:
421 case 6:
422 case 7:
423 return 0;
424 case 8: /* Do not reply */
425 return 1;
426 default:
427 return 0;
428 }
429 return !inet_confirm_addr(net, in_dev, sip, tip, scope);
430}
431
432static int arp_accept(struct in_device *in_dev, __be32 sip)
433{
434 struct net *net = dev_net(in_dev->dev);
435 int scope = RT_SCOPE_LINK;
436
437 switch (IN_DEV_ARP_ACCEPT(in_dev)) {
438 case 0: /* Don't create new entries from garp */
439 return 0;
440 case 1: /* Create new entries from garp */
441 return 1;
442 case 2: /* Create a neighbor in the arp table only if sip
443 * is in the same subnet as an address configured
444 * on the interface that received the garp message
445 */
446 return !!inet_confirm_addr(net, in_dev, sip, 0, scope);
447 default:
448 return 0;
449 }
450}
451
452static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
453{
454 struct rtable *rt;
455 int flag = 0;
456 /*unsigned long now; */
457 struct net *net = dev_net(dev);
458
459 rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev),
460 RT_SCOPE_UNIVERSE);
461 if (IS_ERR(rt))
462 return 1;
463 if (rt->dst.dev != dev) {
464 __NET_INC_STATS(net, LINUX_MIB_ARPFILTER);
465 flag = 1;
466 }
467 ip_rt_put(rt);
468 return flag;
469}
470
471/*
472 * Check if we can use proxy ARP for this path
473 */
474static inline int arp_fwd_proxy(struct in_device *in_dev,
475 struct net_device *dev, struct rtable *rt)
476{
477 struct in_device *out_dev;
478 int imi, omi = -1;
479
480 if (rt->dst.dev == dev)
481 return 0;
482
483 if (!IN_DEV_PROXY_ARP(in_dev))
484 return 0;
485 imi = IN_DEV_MEDIUM_ID(in_dev);
486 if (imi == 0)
487 return 1;
488 if (imi == -1)
489 return 0;
490
491 /* place to check for proxy_arp for routes */
492
493 out_dev = __in_dev_get_rcu(rt->dst.dev);
494 if (out_dev)
495 omi = IN_DEV_MEDIUM_ID(out_dev);
496
497 return omi != imi && omi != -1;
498}
499
500/*
501 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
502 *
503 * RFC3069 supports proxy arp replies back to the same interface. This
504 * is done to support (ethernet) switch features, like RFC 3069, where
505 * the individual ports are not allowed to communicate with each
506 * other, BUT they are allowed to talk to the upstream router. As
507 * described in RFC 3069, it is possible to allow these hosts to
508 * communicate through the upstream router, by proxy_arp'ing.
509 *
510 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
511 *
512 * This technology is known by different names:
513 * In RFC 3069 it is called VLAN Aggregation.
514 * Cisco and Allied Telesyn call it Private VLAN.
515 * Hewlett-Packard call it Source-Port filtering or port-isolation.
516 * Ericsson call it MAC-Forced Forwarding (RFC Draft).
517 *
518 */
519static inline int arp_fwd_pvlan(struct in_device *in_dev,
520 struct net_device *dev, struct rtable *rt,
521 __be32 sip, __be32 tip)
522{
523 /* Private VLAN is only concerned about the same ethernet segment */
524 if (rt->dst.dev != dev)
525 return 0;
526
527 /* Don't reply on self probes (often done by windowz boxes)*/
528 if (sip == tip)
529 return 0;
530
531 if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
532 return 1;
533 else
534 return 0;
535}
536
537/*
538 * Interface to link layer: send routine and receive handler.
539 */
540
541/*
542 * Create an arp packet. If dest_hw is not set, we create a broadcast
543 * message.
544 */
545struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
546 struct net_device *dev, __be32 src_ip,
547 const unsigned char *dest_hw,
548 const unsigned char *src_hw,
549 const unsigned char *target_hw)
550{
551 struct sk_buff *skb;
552 struct arphdr *arp;
553 unsigned char *arp_ptr;
554 int hlen = LL_RESERVED_SPACE(dev);
555 int tlen = dev->needed_tailroom;
556
557 /*
558 * Allocate a buffer
559 */
560
561 skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC);
562 if (!skb)
563 return NULL;
564
565 skb_reserve(skb, hlen);
566 skb_reset_network_header(skb);
567 arp = skb_put(skb, arp_hdr_len(dev));
568 skb->dev = dev;
569 skb->protocol = htons(ETH_P_ARP);
570 if (!src_hw)
571 src_hw = dev->dev_addr;
572 if (!dest_hw)
573 dest_hw = dev->broadcast;
574
575 /*
576 * Fill the device header for the ARP frame
577 */
578 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
579 goto out;
580
581 /*
582 * Fill out the arp protocol part.
583 *
584 * The arp hardware type should match the device type, except for FDDI,
585 * which (according to RFC 1390) should always equal 1 (Ethernet).
586 */
587 /*
588 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the
589 * DIX code for the protocol. Make these device structure fields.
590 */
591 switch (dev->type) {
592 default:
593 arp->ar_hrd = htons(dev->type);
594 arp->ar_pro = htons(ETH_P_IP);
595 break;
596
597#if IS_ENABLED(CONFIG_AX25)
598 case ARPHRD_AX25:
599 arp->ar_hrd = htons(ARPHRD_AX25);
600 arp->ar_pro = htons(AX25_P_IP);
601 break;
602
603#if IS_ENABLED(CONFIG_NETROM)
604 case ARPHRD_NETROM:
605 arp->ar_hrd = htons(ARPHRD_NETROM);
606 arp->ar_pro = htons(AX25_P_IP);
607 break;
608#endif
609#endif
610
611#if IS_ENABLED(CONFIG_FDDI)
612 case ARPHRD_FDDI:
613 arp->ar_hrd = htons(ARPHRD_ETHER);
614 arp->ar_pro = htons(ETH_P_IP);
615 break;
616#endif
617 }
618
619 arp->ar_hln = dev->addr_len;
620 arp->ar_pln = 4;
621 arp->ar_op = htons(type);
622
623 arp_ptr = (unsigned char *)(arp + 1);
624
625 memcpy(arp_ptr, src_hw, dev->addr_len);
626 arp_ptr += dev->addr_len;
627 memcpy(arp_ptr, &src_ip, 4);
628 arp_ptr += 4;
629
630 switch (dev->type) {
631#if IS_ENABLED(CONFIG_FIREWIRE_NET)
632 case ARPHRD_IEEE1394:
633 break;
634#endif
635 default:
636 if (target_hw)
637 memcpy(arp_ptr, target_hw, dev->addr_len);
638 else
639 memset(arp_ptr, 0, dev->addr_len);
640 arp_ptr += dev->addr_len;
641 }
642 memcpy(arp_ptr, &dest_ip, 4);
643
644 return skb;
645
646out:
647 kfree_skb(skb);
648 return NULL;
649}
650EXPORT_SYMBOL(arp_create);
651
652static int arp_xmit_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
653{
654 return dev_queue_xmit(skb);
655}
656
657/*
658 * Send an arp packet.
659 */
660void arp_xmit(struct sk_buff *skb)
661{
662 rcu_read_lock();
663 /* Send it off, maybe filter it using firewalling first. */
664 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT,
665 dev_net_rcu(skb->dev), NULL, skb, NULL, skb->dev,
666 arp_xmit_finish);
667 rcu_read_unlock();
668}
669EXPORT_SYMBOL(arp_xmit);
670
671static bool arp_is_garp(struct net *net, struct net_device *dev,
672 int *addr_type, __be16 ar_op,
673 __be32 sip, __be32 tip,
674 unsigned char *sha, unsigned char *tha)
675{
676 bool is_garp = tip == sip;
677
678 /* Gratuitous ARP _replies_ also require target hwaddr to be
679 * the same as source.
680 */
681 if (is_garp && ar_op == htons(ARPOP_REPLY))
682 is_garp =
683 /* IPv4 over IEEE 1394 doesn't provide target
684 * hardware address field in its ARP payload.
685 */
686 tha &&
687 !memcmp(tha, sha, dev->addr_len);
688
689 if (is_garp) {
690 *addr_type = inet_addr_type_dev_table(net, dev, sip);
691 if (*addr_type != RTN_UNICAST)
692 is_garp = false;
693 }
694 return is_garp;
695}
696
697/*
698 * Process an arp request.
699 */
700
701static int arp_process(struct net *net, struct sock *sk, struct sk_buff *skb)
702{
703 struct net_device *dev = skb->dev;
704 struct in_device *in_dev = __in_dev_get_rcu(dev);
705 struct arphdr *arp;
706 unsigned char *arp_ptr;
707 struct rtable *rt;
708 unsigned char *sha;
709 unsigned char *tha = NULL;
710 __be32 sip, tip;
711 u16 dev_type = dev->type;
712 int addr_type;
713 struct neighbour *n;
714 struct dst_entry *reply_dst = NULL;
715 bool is_garp = false;
716
717 /* arp_rcv below verifies the ARP header and verifies the device
718 * is ARP'able.
719 */
720
721 if (!in_dev)
722 goto out_free_skb;
723
724 arp = arp_hdr(skb);
725
726 switch (dev_type) {
727 default:
728 if (arp->ar_pro != htons(ETH_P_IP) ||
729 htons(dev_type) != arp->ar_hrd)
730 goto out_free_skb;
731 break;
732 case ARPHRD_ETHER:
733 case ARPHRD_FDDI:
734 case ARPHRD_IEEE802:
735 /*
736 * ETHERNET, and Fibre Channel (which are IEEE 802
737 * devices, according to RFC 2625) devices will accept ARP
738 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
739 * This is the case also of FDDI, where the RFC 1390 says that
740 * FDDI devices should accept ARP hardware of (1) Ethernet,
741 * however, to be more robust, we'll accept both 1 (Ethernet)
742 * or 6 (IEEE 802.2)
743 */
744 if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
745 arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
746 arp->ar_pro != htons(ETH_P_IP))
747 goto out_free_skb;
748 break;
749 case ARPHRD_AX25:
750 if (arp->ar_pro != htons(AX25_P_IP) ||
751 arp->ar_hrd != htons(ARPHRD_AX25))
752 goto out_free_skb;
753 break;
754 case ARPHRD_NETROM:
755 if (arp->ar_pro != htons(AX25_P_IP) ||
756 arp->ar_hrd != htons(ARPHRD_NETROM))
757 goto out_free_skb;
758 break;
759 }
760
761 /* Understand only these message types */
762
763 if (arp->ar_op != htons(ARPOP_REPLY) &&
764 arp->ar_op != htons(ARPOP_REQUEST))
765 goto out_free_skb;
766
767/*
768 * Extract fields
769 */
770 arp_ptr = (unsigned char *)(arp + 1);
771 sha = arp_ptr;
772 arp_ptr += dev->addr_len;
773 memcpy(&sip, arp_ptr, 4);
774 arp_ptr += 4;
775 switch (dev_type) {
776#if IS_ENABLED(CONFIG_FIREWIRE_NET)
777 case ARPHRD_IEEE1394:
778 break;
779#endif
780 default:
781 tha = arp_ptr;
782 arp_ptr += dev->addr_len;
783 }
784 memcpy(&tip, arp_ptr, 4);
785/*
786 * Check for bad requests for 127.x.x.x and requests for multicast
787 * addresses. If this is one such, delete it.
788 */
789 if (ipv4_is_multicast(tip) ||
790 (!IN_DEV_ROUTE_LOCALNET(in_dev) && ipv4_is_loopback(tip)))
791 goto out_free_skb;
792
793 /*
794 * For some 802.11 wireless deployments (and possibly other networks),
795 * there will be an ARP proxy and gratuitous ARP frames are attacks
796 * and thus should not be accepted.
797 */
798 if (sip == tip && IN_DEV_ORCONF(in_dev, DROP_GRATUITOUS_ARP))
799 goto out_free_skb;
800
801/*
802 * Special case: We must set Frame Relay source Q.922 address
803 */
804 if (dev_type == ARPHRD_DLCI)
805 sha = dev->broadcast;
806
807/*
808 * Process entry. The idea here is we want to send a reply if it is a
809 * request for us or if it is a request for someone else that we hold
810 * a proxy for. We want to add an entry to our cache if it is a reply
811 * to us or if it is a request for our address.
812 * (The assumption for this last is that if someone is requesting our
813 * address, they are probably intending to talk to us, so it saves time
814 * if we cache their address. Their address is also probably not in
815 * our cache, since ours is not in their cache.)
816 *
817 * Putting this another way, we only care about replies if they are to
818 * us, in which case we add them to the cache. For requests, we care
819 * about those for us and those for our proxies. We reply to both,
820 * and in the case of requests for us we add the requester to the arp
821 * cache.
822 */
823
824 if (arp->ar_op == htons(ARPOP_REQUEST) && skb_metadata_dst(skb))
825 reply_dst = (struct dst_entry *)
826 iptunnel_metadata_reply(skb_metadata_dst(skb),
827 GFP_ATOMIC);
828
829 /* Special case: IPv4 duplicate address detection packet (RFC2131) */
830 if (sip == 0) {
831 if (arp->ar_op == htons(ARPOP_REQUEST) &&
832 inet_addr_type_dev_table(net, dev, tip) == RTN_LOCAL &&
833 !arp_ignore(in_dev, sip, tip))
834 arp_send_dst(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip,
835 sha, dev->dev_addr, sha, reply_dst);
836 goto out_consume_skb;
837 }
838
839 if (arp->ar_op == htons(ARPOP_REQUEST) &&
840 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
841
842 rt = skb_rtable(skb);
843 addr_type = rt->rt_type;
844
845 if (addr_type == RTN_LOCAL) {
846 int dont_send;
847
848 dont_send = arp_ignore(in_dev, sip, tip);
849 if (!dont_send && IN_DEV_ARPFILTER(in_dev))
850 dont_send = arp_filter(sip, tip, dev);
851 if (!dont_send) {
852 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
853 if (n) {
854 arp_send_dst(ARPOP_REPLY, ETH_P_ARP,
855 sip, dev, tip, sha,
856 dev->dev_addr, sha,
857 reply_dst);
858 neigh_release(n);
859 }
860 }
861 goto out_consume_skb;
862 } else if (IN_DEV_FORWARD(in_dev)) {
863 if (addr_type == RTN_UNICAST &&
864 (arp_fwd_proxy(in_dev, dev, rt) ||
865 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
866 (rt->dst.dev != dev &&
867 pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
868 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
869 if (n)
870 neigh_release(n);
871
872 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
873 skb->pkt_type == PACKET_HOST ||
874 NEIGH_VAR(in_dev->arp_parms, PROXY_DELAY) == 0) {
875 arp_send_dst(ARPOP_REPLY, ETH_P_ARP,
876 sip, dev, tip, sha,
877 dev->dev_addr, sha,
878 reply_dst);
879 } else {
880 pneigh_enqueue(&arp_tbl,
881 in_dev->arp_parms, skb);
882 goto out_free_dst;
883 }
884 goto out_consume_skb;
885 }
886 }
887 }
888
889 /* Update our ARP tables */
890
891 n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
892
893 addr_type = -1;
894 if (n || arp_accept(in_dev, sip)) {
895 is_garp = arp_is_garp(net, dev, &addr_type, arp->ar_op,
896 sip, tip, sha, tha);
897 }
898
899 if (arp_accept(in_dev, sip)) {
900 /* Unsolicited ARP is not accepted by default.
901 It is possible, that this option should be enabled for some
902 devices (strip is candidate)
903 */
904 if (!n &&
905 (is_garp ||
906 (arp->ar_op == htons(ARPOP_REPLY) &&
907 (addr_type == RTN_UNICAST ||
908 (addr_type < 0 &&
909 /* postpone calculation to as late as possible */
910 inet_addr_type_dev_table(net, dev, sip) ==
911 RTN_UNICAST)))))
912 n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
913 }
914
915 if (n) {
916 int state = NUD_REACHABLE;
917 int override;
918
919 /* If several different ARP replies follows back-to-back,
920 use the FIRST one. It is possible, if several proxy
921 agents are active. Taking the first reply prevents
922 arp trashing and chooses the fastest router.
923 */
924 override = time_after(jiffies,
925 n->updated +
926 NEIGH_VAR(n->parms, LOCKTIME)) ||
927 is_garp;
928
929 /* Broadcast replies and request packets
930 do not assert neighbour reachability.
931 */
932 if (arp->ar_op != htons(ARPOP_REPLY) ||
933 skb->pkt_type != PACKET_HOST)
934 state = NUD_STALE;
935 neigh_update(n, sha, state,
936 override ? NEIGH_UPDATE_F_OVERRIDE : 0, 0);
937 neigh_release(n);
938 }
939
940out_consume_skb:
941 consume_skb(skb);
942
943out_free_dst:
944 dst_release(reply_dst);
945 return NET_RX_SUCCESS;
946
947out_free_skb:
948 kfree_skb(skb);
949 return NET_RX_DROP;
950}
951
952static void parp_redo(struct sk_buff *skb)
953{
954 arp_process(dev_net(skb->dev), NULL, skb);
955}
956
957static int arp_is_multicast(const void *pkey)
958{
959 return ipv4_is_multicast(*((__be32 *)pkey));
960}
961
962/*
963 * Receive an arp request from the device layer.
964 */
965
966static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
967 struct packet_type *pt, struct net_device *orig_dev)
968{
969 const struct arphdr *arp;
970
971 /* do not tweak dropwatch on an ARP we will ignore */
972 if (dev->flags & IFF_NOARP ||
973 skb->pkt_type == PACKET_OTHERHOST ||
974 skb->pkt_type == PACKET_LOOPBACK)
975 goto consumeskb;
976
977 skb = skb_share_check(skb, GFP_ATOMIC);
978 if (!skb)
979 goto out_of_mem;
980
981 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */
982 if (!pskb_may_pull(skb, arp_hdr_len(dev)))
983 goto freeskb;
984
985 arp = arp_hdr(skb);
986 if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4)
987 goto freeskb;
988
989 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
990
991 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN,
992 dev_net(dev), NULL, skb, dev, NULL,
993 arp_process);
994
995consumeskb:
996 consume_skb(skb);
997 return NET_RX_SUCCESS;
998freeskb:
999 kfree_skb(skb);
1000out_of_mem:
1001 return NET_RX_DROP;
1002}
1003
1004/*
1005 * User level interface (ioctl)
1006 */
1007
1008static struct net_device *arp_req_dev_by_name(struct net *net, struct arpreq *r,
1009 bool getarp)
1010{
1011 struct net_device *dev;
1012
1013 if (getarp)
1014 dev = dev_get_by_name_rcu(net, r->arp_dev);
1015 else
1016 dev = __dev_get_by_name(net, r->arp_dev);
1017 if (!dev)
1018 return ERR_PTR(-ENODEV);
1019
1020 /* Mmmm... It is wrong... ARPHRD_NETROM == 0 */
1021 if (!r->arp_ha.sa_family)
1022 r->arp_ha.sa_family = dev->type;
1023
1024 if ((r->arp_flags & ATF_COM) && r->arp_ha.sa_family != dev->type)
1025 return ERR_PTR(-EINVAL);
1026
1027 return dev;
1028}
1029
1030static struct net_device *arp_req_dev(struct net *net, struct arpreq *r)
1031{
1032 struct net_device *dev;
1033 struct rtable *rt;
1034 __be32 ip;
1035
1036 if (r->arp_dev[0])
1037 return arp_req_dev_by_name(net, r, false);
1038
1039 if (r->arp_flags & ATF_PUBL)
1040 return NULL;
1041
1042 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1043
1044 rt = ip_route_output(net, ip, 0, 0, 0, RT_SCOPE_LINK);
1045 if (IS_ERR(rt))
1046 return ERR_CAST(rt);
1047
1048 dev = rt->dst.dev;
1049 ip_rt_put(rt);
1050
1051 if (!dev)
1052 return ERR_PTR(-EINVAL);
1053
1054 return dev;
1055}
1056
1057/*
1058 * Set (create) an ARP cache entry.
1059 */
1060
1061static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
1062{
1063 if (!dev) {
1064 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
1065 return 0;
1066 }
1067 if (__in_dev_get_rtnl(dev)) {
1068 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
1069 return 0;
1070 }
1071 return -ENXIO;
1072}
1073
1074static int arp_req_set_public(struct net *net, struct arpreq *r,
1075 struct net_device *dev)
1076{
1077 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1078
1079 if (!dev && (r->arp_flags & ATF_COM)) {
1080 dev = dev_getbyhwaddr(net, r->arp_ha.sa_family,
1081 r->arp_ha.sa_data);
1082 if (!dev)
1083 return -ENODEV;
1084 }
1085 if (mask) {
1086 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1087
1088 if (!pneigh_lookup(&arp_tbl, net, &ip, dev, 1))
1089 return -ENOBUFS;
1090 return 0;
1091 }
1092
1093 return arp_req_set_proxy(net, dev, 1);
1094}
1095
1096static int arp_req_set(struct net *net, struct arpreq *r)
1097{
1098 struct neighbour *neigh;
1099 struct net_device *dev;
1100 __be32 ip;
1101 int err;
1102
1103 dev = arp_req_dev(net, r);
1104 if (IS_ERR(dev))
1105 return PTR_ERR(dev);
1106
1107 if (r->arp_flags & ATF_PUBL)
1108 return arp_req_set_public(net, r, dev);
1109
1110 switch (dev->type) {
1111#if IS_ENABLED(CONFIG_FDDI)
1112 case ARPHRD_FDDI:
1113 /*
1114 * According to RFC 1390, FDDI devices should accept ARP
1115 * hardware types of 1 (Ethernet). However, to be more
1116 * robust, we'll accept hardware types of either 1 (Ethernet)
1117 * or 6 (IEEE 802.2).
1118 */
1119 if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1120 r->arp_ha.sa_family != ARPHRD_ETHER &&
1121 r->arp_ha.sa_family != ARPHRD_IEEE802)
1122 return -EINVAL;
1123 break;
1124#endif
1125 default:
1126 if (r->arp_ha.sa_family != dev->type)
1127 return -EINVAL;
1128 break;
1129 }
1130
1131 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1132
1133 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1134 err = PTR_ERR(neigh);
1135 if (!IS_ERR(neigh)) {
1136 unsigned int state = NUD_STALE;
1137
1138 if (r->arp_flags & ATF_PERM) {
1139 r->arp_flags |= ATF_COM;
1140 state = NUD_PERMANENT;
1141 }
1142
1143 err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1144 r->arp_ha.sa_data : NULL, state,
1145 NEIGH_UPDATE_F_OVERRIDE |
1146 NEIGH_UPDATE_F_ADMIN, 0);
1147 neigh_release(neigh);
1148 }
1149 return err;
1150}
1151
1152static unsigned int arp_state_to_flags(struct neighbour *neigh)
1153{
1154 if (neigh->nud_state&NUD_PERMANENT)
1155 return ATF_PERM | ATF_COM;
1156 else if (neigh->nud_state&NUD_VALID)
1157 return ATF_COM;
1158 else
1159 return 0;
1160}
1161
1162/*
1163 * Get an ARP cache entry.
1164 */
1165
1166static int arp_req_get(struct net *net, struct arpreq *r)
1167{
1168 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1169 struct neighbour *neigh;
1170 struct net_device *dev;
1171
1172 if (!r->arp_dev[0])
1173 return -ENODEV;
1174
1175 dev = arp_req_dev_by_name(net, r, true);
1176 if (IS_ERR(dev))
1177 return PTR_ERR(dev);
1178
1179 neigh = neigh_lookup(&arp_tbl, &ip, dev);
1180 if (!neigh)
1181 return -ENXIO;
1182
1183 if (READ_ONCE(neigh->nud_state) & NUD_NOARP) {
1184 neigh_release(neigh);
1185 return -ENXIO;
1186 }
1187
1188 read_lock_bh(&neigh->lock);
1189 memcpy(r->arp_ha.sa_data, neigh->ha,
1190 min(dev->addr_len, sizeof(r->arp_ha.sa_data_min)));
1191 r->arp_flags = arp_state_to_flags(neigh);
1192 read_unlock_bh(&neigh->lock);
1193
1194 neigh_release(neigh);
1195
1196 r->arp_ha.sa_family = dev->type;
1197 netdev_copy_name(dev, r->arp_dev);
1198
1199 return 0;
1200}
1201
1202int arp_invalidate(struct net_device *dev, __be32 ip, bool force)
1203{
1204 struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1205 int err = -ENXIO;
1206 struct neigh_table *tbl = &arp_tbl;
1207
1208 if (neigh) {
1209 if ((READ_ONCE(neigh->nud_state) & NUD_VALID) && !force) {
1210 neigh_release(neigh);
1211 return 0;
1212 }
1213
1214 if (READ_ONCE(neigh->nud_state) & ~NUD_NOARP)
1215 err = neigh_update(neigh, NULL, NUD_FAILED,
1216 NEIGH_UPDATE_F_OVERRIDE|
1217 NEIGH_UPDATE_F_ADMIN, 0);
1218 write_lock_bh(&tbl->lock);
1219 neigh_release(neigh);
1220 neigh_remove_one(neigh);
1221 write_unlock_bh(&tbl->lock);
1222 }
1223
1224 return err;
1225}
1226
1227static int arp_req_delete_public(struct net *net, struct arpreq *r,
1228 struct net_device *dev)
1229{
1230 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1231
1232 if (mask) {
1233 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1234
1235 return pneigh_delete(&arp_tbl, net, &ip, dev);
1236 }
1237
1238 return arp_req_set_proxy(net, dev, 0);
1239}
1240
1241static int arp_req_delete(struct net *net, struct arpreq *r)
1242{
1243 struct net_device *dev;
1244 __be32 ip;
1245
1246 dev = arp_req_dev(net, r);
1247 if (IS_ERR(dev))
1248 return PTR_ERR(dev);
1249
1250 if (r->arp_flags & ATF_PUBL)
1251 return arp_req_delete_public(net, r, dev);
1252
1253 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1254
1255 return arp_invalidate(dev, ip, true);
1256}
1257
1258/*
1259 * Handle an ARP layer I/O control request.
1260 */
1261
1262int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1263{
1264 struct arpreq r;
1265 __be32 *netmask;
1266 int err;
1267
1268 switch (cmd) {
1269 case SIOCDARP:
1270 case SIOCSARP:
1271 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1272 return -EPERM;
1273 fallthrough;
1274 case SIOCGARP:
1275 err = copy_from_user(&r, arg, sizeof(struct arpreq));
1276 if (err)
1277 return -EFAULT;
1278 break;
1279 default:
1280 return -EINVAL;
1281 }
1282
1283 if (r.arp_pa.sa_family != AF_INET)
1284 return -EPFNOSUPPORT;
1285
1286 if (!(r.arp_flags & ATF_PUBL) &&
1287 (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1288 return -EINVAL;
1289
1290 netmask = &((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr;
1291 if (!(r.arp_flags & ATF_NETMASK))
1292 *netmask = htonl(0xFFFFFFFFUL);
1293 else if (*netmask && *netmask != htonl(0xFFFFFFFFUL))
1294 return -EINVAL;
1295
1296 switch (cmd) {
1297 case SIOCDARP:
1298 rtnl_lock();
1299 err = arp_req_delete(net, &r);
1300 rtnl_unlock();
1301 break;
1302 case SIOCSARP:
1303 rtnl_lock();
1304 err = arp_req_set(net, &r);
1305 rtnl_unlock();
1306 break;
1307 case SIOCGARP:
1308 rcu_read_lock();
1309 err = arp_req_get(net, &r);
1310 rcu_read_unlock();
1311
1312 if (!err && copy_to_user(arg, &r, sizeof(r)))
1313 err = -EFAULT;
1314 break;
1315 }
1316
1317 return err;
1318}
1319
1320static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1321 void *ptr)
1322{
1323 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1324 struct netdev_notifier_change_info *change_info;
1325 struct in_device *in_dev;
1326 bool evict_nocarrier;
1327
1328 switch (event) {
1329 case NETDEV_CHANGEADDR:
1330 neigh_changeaddr(&arp_tbl, dev);
1331 rt_cache_flush(dev_net(dev));
1332 break;
1333 case NETDEV_CHANGE:
1334 change_info = ptr;
1335 if (change_info->flags_changed & IFF_NOARP)
1336 neigh_changeaddr(&arp_tbl, dev);
1337
1338 in_dev = __in_dev_get_rtnl(dev);
1339 if (!in_dev)
1340 evict_nocarrier = true;
1341 else
1342 evict_nocarrier = IN_DEV_ARP_EVICT_NOCARRIER(in_dev);
1343
1344 if (evict_nocarrier && !netif_carrier_ok(dev))
1345 neigh_carrier_down(&arp_tbl, dev);
1346 break;
1347 default:
1348 break;
1349 }
1350
1351 return NOTIFY_DONE;
1352}
1353
1354static struct notifier_block arp_netdev_notifier = {
1355 .notifier_call = arp_netdev_event,
1356};
1357
1358/* Note, that it is not on notifier chain.
1359 It is necessary, that this routine was called after route cache will be
1360 flushed.
1361 */
1362void arp_ifdown(struct net_device *dev)
1363{
1364 neigh_ifdown(&arp_tbl, dev);
1365}
1366
1367
1368/*
1369 * Called once on startup.
1370 */
1371
1372static struct packet_type arp_packet_type __read_mostly = {
1373 .type = cpu_to_be16(ETH_P_ARP),
1374 .func = arp_rcv,
1375};
1376
1377#ifdef CONFIG_PROC_FS
1378#if IS_ENABLED(CONFIG_AX25)
1379
1380/*
1381 * ax25 -> ASCII conversion
1382 */
1383static void ax2asc2(ax25_address *a, char *buf)
1384{
1385 char c, *s;
1386 int n;
1387
1388 for (n = 0, s = buf; n < 6; n++) {
1389 c = (a->ax25_call[n] >> 1) & 0x7F;
1390
1391 if (c != ' ')
1392 *s++ = c;
1393 }
1394
1395 *s++ = '-';
1396 n = (a->ax25_call[6] >> 1) & 0x0F;
1397 if (n > 9) {
1398 *s++ = '1';
1399 n -= 10;
1400 }
1401
1402 *s++ = n + '0';
1403 *s++ = '\0';
1404
1405 if (*buf == '\0' || *buf == '-') {
1406 buf[0] = '*';
1407 buf[1] = '\0';
1408 }
1409}
1410#endif /* CONFIG_AX25 */
1411
1412#define HBUFFERLEN 30
1413
1414static void arp_format_neigh_entry(struct seq_file *seq,
1415 struct neighbour *n)
1416{
1417 char hbuffer[HBUFFERLEN];
1418 int k, j;
1419 char tbuf[16];
1420 struct net_device *dev = n->dev;
1421 int hatype = dev->type;
1422
1423 read_lock(&n->lock);
1424 /* Convert hardware address to XX:XX:XX:XX ... form. */
1425#if IS_ENABLED(CONFIG_AX25)
1426 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1427 ax2asc2((ax25_address *)n->ha, hbuffer);
1428 else {
1429#endif
1430 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1431 hbuffer[k++] = hex_asc_hi(n->ha[j]);
1432 hbuffer[k++] = hex_asc_lo(n->ha[j]);
1433 hbuffer[k++] = ':';
1434 }
1435 if (k != 0)
1436 --k;
1437 hbuffer[k] = 0;
1438#if IS_ENABLED(CONFIG_AX25)
1439 }
1440#endif
1441 sprintf(tbuf, "%pI4", n->primary_key);
1442 seq_printf(seq, "%-16s 0x%-10x0x%-10x%-17s * %s\n",
1443 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1444 read_unlock(&n->lock);
1445}
1446
1447static void arp_format_pneigh_entry(struct seq_file *seq,
1448 struct pneigh_entry *n)
1449{
1450 struct net_device *dev = n->dev;
1451 int hatype = dev ? dev->type : 0;
1452 char tbuf[16];
1453
1454 sprintf(tbuf, "%pI4", n->key);
1455 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1456 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1457 dev ? dev->name : "*");
1458}
1459
1460static int arp_seq_show(struct seq_file *seq, void *v)
1461{
1462 if (v == SEQ_START_TOKEN) {
1463 seq_puts(seq, "IP address HW type Flags "
1464 "HW address Mask Device\n");
1465 } else {
1466 struct neigh_seq_state *state = seq->private;
1467
1468 if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1469 arp_format_pneigh_entry(seq, v);
1470 else
1471 arp_format_neigh_entry(seq, v);
1472 }
1473
1474 return 0;
1475}
1476
1477static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1478{
1479 /* Don't want to confuse "arp -a" w/ magic entries,
1480 * so we tell the generic iterator to skip NUD_NOARP.
1481 */
1482 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1483}
1484
1485static const struct seq_operations arp_seq_ops = {
1486 .start = arp_seq_start,
1487 .next = neigh_seq_next,
1488 .stop = neigh_seq_stop,
1489 .show = arp_seq_show,
1490};
1491#endif /* CONFIG_PROC_FS */
1492
1493static int __net_init arp_net_init(struct net *net)
1494{
1495 if (!proc_create_net("arp", 0444, net->proc_net, &arp_seq_ops,
1496 sizeof(struct neigh_seq_state)))
1497 return -ENOMEM;
1498 return 0;
1499}
1500
1501static void __net_exit arp_net_exit(struct net *net)
1502{
1503 remove_proc_entry("arp", net->proc_net);
1504}
1505
1506static struct pernet_operations arp_net_ops = {
1507 .init = arp_net_init,
1508 .exit = arp_net_exit,
1509};
1510
1511void __init arp_init(void)
1512{
1513 neigh_table_init(NEIGH_ARP_TABLE, &arp_tbl);
1514
1515 dev_add_pack(&arp_packet_type);
1516 register_pernet_subsys(&arp_net_ops);
1517#ifdef CONFIG_SYSCTL
1518 neigh_sysctl_register(NULL, &arp_tbl.parms, NULL);
1519#endif
1520 register_netdevice_notifier(&arp_netdev_notifier);
1521}
1/* linux/net/ipv4/arp.c
2 *
3 * Copyright (C) 1994 by Florian La Roche
4 *
5 * This module implements the Address Resolution Protocol ARP (RFC 826),
6 * which is used to convert IP addresses (or in the future maybe other
7 * high-level addresses) into a low-level hardware address (like an Ethernet
8 * address).
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
14 *
15 * Fixes:
16 * Alan Cox : Removed the Ethernet assumptions in
17 * Florian's code
18 * Alan Cox : Fixed some small errors in the ARP
19 * logic
20 * Alan Cox : Allow >4K in /proc
21 * Alan Cox : Make ARP add its own protocol entry
22 * Ross Martin : Rewrote arp_rcv() and arp_get_info()
23 * Stephen Henson : Add AX25 support to arp_get_info()
24 * Alan Cox : Drop data when a device is downed.
25 * Alan Cox : Use init_timer().
26 * Alan Cox : Double lock fixes.
27 * Martin Seine : Move the arphdr structure
28 * to if_arp.h for compatibility.
29 * with BSD based programs.
30 * Andrew Tridgell : Added ARP netmask code and
31 * re-arranged proxy handling.
32 * Alan Cox : Changed to use notifiers.
33 * Niibe Yutaka : Reply for this device or proxies only.
34 * Alan Cox : Don't proxy across hardware types!
35 * Jonathan Naylor : Added support for NET/ROM.
36 * Mike Shaver : RFC1122 checks.
37 * Jonathan Naylor : Only lookup the hardware address for
38 * the correct hardware type.
39 * Germano Caronni : Assorted subtle races.
40 * Craig Schlenter : Don't modify permanent entry
41 * during arp_rcv.
42 * Russ Nelson : Tidied up a few bits.
43 * Alexey Kuznetsov: Major changes to caching and behaviour,
44 * eg intelligent arp probing and
45 * generation
46 * of host down events.
47 * Alan Cox : Missing unlock in device events.
48 * Eckes : ARP ioctl control errors.
49 * Alexey Kuznetsov: Arp free fix.
50 * Manuel Rodriguez: Gratuitous ARP.
51 * Jonathan Layes : Added arpd support through kerneld
52 * message queue (960314)
53 * Mike Shaver : /proc/sys/net/ipv4/arp_* support
54 * Mike McLagan : Routing by source
55 * Stuart Cheshire : Metricom and grat arp fixes
56 * *** FOR 2.1 clean this up ***
57 * Lawrence V. Stefani: (08/12/96) Added FDDI support.
58 * Alan Cox : Took the AP1000 nasty FDDI hack and
59 * folded into the mainstream FDDI code.
60 * Ack spit, Linus how did you allow that
61 * one in...
62 * Jes Sorensen : Make FDDI work again in 2.1.x and
63 * clean up the APFDDI & gen. FDDI bits.
64 * Alexey Kuznetsov: new arp state machine;
65 * now it is in net/core/neighbour.c.
66 * Krzysztof Halasa: Added Frame Relay ARP support.
67 * Arnaldo C. Melo : convert /proc/net/arp to seq_file
68 * Shmulik Hen: Split arp_send to arp_create and
69 * arp_xmit so intermediate drivers like
70 * bonding can change the skb before
71 * sending (e.g. insert 8021q tag).
72 * Harald Welte : convert to make use of jenkins hash
73 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support.
74 */
75
76#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
77
78#include <linux/module.h>
79#include <linux/types.h>
80#include <linux/string.h>
81#include <linux/kernel.h>
82#include <linux/capability.h>
83#include <linux/socket.h>
84#include <linux/sockios.h>
85#include <linux/errno.h>
86#include <linux/in.h>
87#include <linux/mm.h>
88#include <linux/inet.h>
89#include <linux/inetdevice.h>
90#include <linux/netdevice.h>
91#include <linux/etherdevice.h>
92#include <linux/fddidevice.h>
93#include <linux/if_arp.h>
94#include <linux/skbuff.h>
95#include <linux/proc_fs.h>
96#include <linux/seq_file.h>
97#include <linux/stat.h>
98#include <linux/init.h>
99#include <linux/net.h>
100#include <linux/rcupdate.h>
101#include <linux/slab.h>
102#ifdef CONFIG_SYSCTL
103#include <linux/sysctl.h>
104#endif
105
106#include <net/net_namespace.h>
107#include <net/ip.h>
108#include <net/icmp.h>
109#include <net/route.h>
110#include <net/protocol.h>
111#include <net/tcp.h>
112#include <net/sock.h>
113#include <net/arp.h>
114#include <net/ax25.h>
115#include <net/netrom.h>
116
117#include <linux/uaccess.h>
118
119#include <linux/netfilter_arp.h>
120
121/*
122 * Interface to generic neighbour cache.
123 */
124static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd);
125static int arp_constructor(struct neighbour *neigh);
126static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
127static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
128static void parp_redo(struct sk_buff *skb);
129
130static const struct neigh_ops arp_generic_ops = {
131 .family = AF_INET,
132 .solicit = arp_solicit,
133 .error_report = arp_error_report,
134 .output = neigh_resolve_output,
135 .connected_output = neigh_connected_output,
136};
137
138static const struct neigh_ops arp_hh_ops = {
139 .family = AF_INET,
140 .solicit = arp_solicit,
141 .error_report = arp_error_report,
142 .output = neigh_resolve_output,
143 .connected_output = neigh_resolve_output,
144};
145
146static const struct neigh_ops arp_direct_ops = {
147 .family = AF_INET,
148 .output = neigh_direct_output,
149 .connected_output = neigh_direct_output,
150};
151
152static const struct neigh_ops arp_broken_ops = {
153 .family = AF_INET,
154 .solicit = arp_solicit,
155 .error_report = arp_error_report,
156 .output = neigh_compat_output,
157 .connected_output = neigh_compat_output,
158};
159
160struct neigh_table arp_tbl = {
161 .family = AF_INET,
162 .key_len = 4,
163 .hash = arp_hash,
164 .constructor = arp_constructor,
165 .proxy_redo = parp_redo,
166 .id = "arp_cache",
167 .parms = {
168 .tbl = &arp_tbl,
169 .base_reachable_time = 30 * HZ,
170 .retrans_time = 1 * HZ,
171 .gc_staletime = 60 * HZ,
172 .reachable_time = 30 * HZ,
173 .delay_probe_time = 5 * HZ,
174 .queue_len_bytes = 64*1024,
175 .ucast_probes = 3,
176 .mcast_probes = 3,
177 .anycast_delay = 1 * HZ,
178 .proxy_delay = (8 * HZ) / 10,
179 .proxy_qlen = 64,
180 .locktime = 1 * HZ,
181 },
182 .gc_interval = 30 * HZ,
183 .gc_thresh1 = 128,
184 .gc_thresh2 = 512,
185 .gc_thresh3 = 1024,
186};
187EXPORT_SYMBOL(arp_tbl);
188
189int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
190{
191 switch (dev->type) {
192 case ARPHRD_ETHER:
193 case ARPHRD_FDDI:
194 case ARPHRD_IEEE802:
195 ip_eth_mc_map(addr, haddr);
196 return 0;
197 case ARPHRD_INFINIBAND:
198 ip_ib_mc_map(addr, dev->broadcast, haddr);
199 return 0;
200 case ARPHRD_IPGRE:
201 ip_ipgre_mc_map(addr, dev->broadcast, haddr);
202 return 0;
203 default:
204 if (dir) {
205 memcpy(haddr, dev->broadcast, dev->addr_len);
206 return 0;
207 }
208 }
209 return -EINVAL;
210}
211
212
213static u32 arp_hash(const void *pkey,
214 const struct net_device *dev,
215 __u32 *hash_rnd)
216{
217 return arp_hashfn(*(u32 *)pkey, dev, *hash_rnd);
218}
219
220static int arp_constructor(struct neighbour *neigh)
221{
222 __be32 addr = *(__be32 *)neigh->primary_key;
223 struct net_device *dev = neigh->dev;
224 struct in_device *in_dev;
225 struct neigh_parms *parms;
226
227 rcu_read_lock();
228 in_dev = __in_dev_get_rcu(dev);
229 if (in_dev == NULL) {
230 rcu_read_unlock();
231 return -EINVAL;
232 }
233
234 neigh->type = inet_addr_type(dev_net(dev), addr);
235
236 parms = in_dev->arp_parms;
237 __neigh_parms_put(neigh->parms);
238 neigh->parms = neigh_parms_clone(parms);
239 rcu_read_unlock();
240
241 if (!dev->header_ops) {
242 neigh->nud_state = NUD_NOARP;
243 neigh->ops = &arp_direct_ops;
244 neigh->output = neigh_direct_output;
245 } else {
246 /* Good devices (checked by reading texts, but only Ethernet is
247 tested)
248
249 ARPHRD_ETHER: (ethernet, apfddi)
250 ARPHRD_FDDI: (fddi)
251 ARPHRD_IEEE802: (tr)
252 ARPHRD_METRICOM: (strip)
253 ARPHRD_ARCNET:
254 etc. etc. etc.
255
256 ARPHRD_IPDDP will also work, if author repairs it.
257 I did not it, because this driver does not work even
258 in old paradigm.
259 */
260
261#if 1
262 /* So... these "amateur" devices are hopeless.
263 The only thing, that I can say now:
264 It is very sad that we need to keep ugly obsolete
265 code to make them happy.
266
267 They should be moved to more reasonable state, now
268 they use rebuild_header INSTEAD OF hard_start_xmit!!!
269 Besides that, they are sort of out of date
270 (a lot of redundant clones/copies, useless in 2.1),
271 I wonder why people believe that they work.
272 */
273 switch (dev->type) {
274 default:
275 break;
276 case ARPHRD_ROSE:
277#if IS_ENABLED(CONFIG_AX25)
278 case ARPHRD_AX25:
279#if IS_ENABLED(CONFIG_NETROM)
280 case ARPHRD_NETROM:
281#endif
282 neigh->ops = &arp_broken_ops;
283 neigh->output = neigh->ops->output;
284 return 0;
285#else
286 break;
287#endif
288 }
289#endif
290 if (neigh->type == RTN_MULTICAST) {
291 neigh->nud_state = NUD_NOARP;
292 arp_mc_map(addr, neigh->ha, dev, 1);
293 } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
294 neigh->nud_state = NUD_NOARP;
295 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
296 } else if (neigh->type == RTN_BROADCAST ||
297 (dev->flags & IFF_POINTOPOINT)) {
298 neigh->nud_state = NUD_NOARP;
299 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
300 }
301
302 if (dev->header_ops->cache)
303 neigh->ops = &arp_hh_ops;
304 else
305 neigh->ops = &arp_generic_ops;
306
307 if (neigh->nud_state & NUD_VALID)
308 neigh->output = neigh->ops->connected_output;
309 else
310 neigh->output = neigh->ops->output;
311 }
312 return 0;
313}
314
315static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
316{
317 dst_link_failure(skb);
318 kfree_skb(skb);
319}
320
321static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
322{
323 __be32 saddr = 0;
324 u8 *dst_ha = NULL;
325 struct net_device *dev = neigh->dev;
326 __be32 target = *(__be32 *)neigh->primary_key;
327 int probes = atomic_read(&neigh->probes);
328 struct in_device *in_dev;
329
330 rcu_read_lock();
331 in_dev = __in_dev_get_rcu(dev);
332 if (!in_dev) {
333 rcu_read_unlock();
334 return;
335 }
336 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
337 default:
338 case 0: /* By default announce any local IP */
339 if (skb && inet_addr_type(dev_net(dev),
340 ip_hdr(skb)->saddr) == RTN_LOCAL)
341 saddr = ip_hdr(skb)->saddr;
342 break;
343 case 1: /* Restrict announcements of saddr in same subnet */
344 if (!skb)
345 break;
346 saddr = ip_hdr(skb)->saddr;
347 if (inet_addr_type(dev_net(dev), saddr) == RTN_LOCAL) {
348 /* saddr should be known to target */
349 if (inet_addr_onlink(in_dev, target, saddr))
350 break;
351 }
352 saddr = 0;
353 break;
354 case 2: /* Avoid secondary IPs, get a primary/preferred one */
355 break;
356 }
357 rcu_read_unlock();
358
359 if (!saddr)
360 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
361
362 probes -= neigh->parms->ucast_probes;
363 if (probes < 0) {
364 if (!(neigh->nud_state & NUD_VALID))
365 pr_debug("trying to ucast probe in NUD_INVALID\n");
366 dst_ha = neigh->ha;
367 read_lock_bh(&neigh->lock);
368 } else {
369 probes -= neigh->parms->app_probes;
370 if (probes < 0) {
371#ifdef CONFIG_ARPD
372 neigh_app_ns(neigh);
373#endif
374 return;
375 }
376 }
377
378 arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
379 dst_ha, dev->dev_addr, NULL);
380 if (dst_ha)
381 read_unlock_bh(&neigh->lock);
382}
383
384static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
385{
386 int scope;
387
388 switch (IN_DEV_ARP_IGNORE(in_dev)) {
389 case 0: /* Reply, the tip is already validated */
390 return 0;
391 case 1: /* Reply only if tip is configured on the incoming interface */
392 sip = 0;
393 scope = RT_SCOPE_HOST;
394 break;
395 case 2: /*
396 * Reply only if tip is configured on the incoming interface
397 * and is in same subnet as sip
398 */
399 scope = RT_SCOPE_HOST;
400 break;
401 case 3: /* Do not reply for scope host addresses */
402 sip = 0;
403 scope = RT_SCOPE_LINK;
404 break;
405 case 4: /* Reserved */
406 case 5:
407 case 6:
408 case 7:
409 return 0;
410 case 8: /* Do not reply */
411 return 1;
412 default:
413 return 0;
414 }
415 return !inet_confirm_addr(in_dev, sip, tip, scope);
416}
417
418static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
419{
420 struct rtable *rt;
421 int flag = 0;
422 /*unsigned long now; */
423 struct net *net = dev_net(dev);
424
425 rt = ip_route_output(net, sip, tip, 0, 0);
426 if (IS_ERR(rt))
427 return 1;
428 if (rt->dst.dev != dev) {
429 NET_INC_STATS_BH(net, LINUX_MIB_ARPFILTER);
430 flag = 1;
431 }
432 ip_rt_put(rt);
433 return flag;
434}
435
436/* OBSOLETE FUNCTIONS */
437
438/*
439 * Find an arp mapping in the cache. If not found, post a request.
440 *
441 * It is very UGLY routine: it DOES NOT use skb->dst->neighbour,
442 * even if it exists. It is supposed that skb->dev was mangled
443 * by a virtual device (eql, shaper). Nobody but broken devices
444 * is allowed to use this function, it is scheduled to be removed. --ANK
445 */
446
447static int arp_set_predefined(int addr_hint, unsigned char *haddr,
448 __be32 paddr, struct net_device *dev)
449{
450 switch (addr_hint) {
451 case RTN_LOCAL:
452 pr_debug("arp called for own IP address\n");
453 memcpy(haddr, dev->dev_addr, dev->addr_len);
454 return 1;
455 case RTN_MULTICAST:
456 arp_mc_map(paddr, haddr, dev, 1);
457 return 1;
458 case RTN_BROADCAST:
459 memcpy(haddr, dev->broadcast, dev->addr_len);
460 return 1;
461 }
462 return 0;
463}
464
465
466int arp_find(unsigned char *haddr, struct sk_buff *skb)
467{
468 struct net_device *dev = skb->dev;
469 __be32 paddr;
470 struct neighbour *n;
471
472 if (!skb_dst(skb)) {
473 pr_debug("arp_find is called with dst==NULL\n");
474 kfree_skb(skb);
475 return 1;
476 }
477
478 paddr = skb_rtable(skb)->rt_gateway;
479
480 if (arp_set_predefined(inet_addr_type(dev_net(dev), paddr), haddr,
481 paddr, dev))
482 return 0;
483
484 n = __neigh_lookup(&arp_tbl, &paddr, dev, 1);
485
486 if (n) {
487 n->used = jiffies;
488 if (n->nud_state & NUD_VALID || neigh_event_send(n, skb) == 0) {
489 neigh_ha_snapshot(haddr, n, dev);
490 neigh_release(n);
491 return 0;
492 }
493 neigh_release(n);
494 } else
495 kfree_skb(skb);
496 return 1;
497}
498EXPORT_SYMBOL(arp_find);
499
500/* END OF OBSOLETE FUNCTIONS */
501
502/*
503 * Check if we can use proxy ARP for this path
504 */
505static inline int arp_fwd_proxy(struct in_device *in_dev,
506 struct net_device *dev, struct rtable *rt)
507{
508 struct in_device *out_dev;
509 int imi, omi = -1;
510
511 if (rt->dst.dev == dev)
512 return 0;
513
514 if (!IN_DEV_PROXY_ARP(in_dev))
515 return 0;
516 imi = IN_DEV_MEDIUM_ID(in_dev);
517 if (imi == 0)
518 return 1;
519 if (imi == -1)
520 return 0;
521
522 /* place to check for proxy_arp for routes */
523
524 out_dev = __in_dev_get_rcu(rt->dst.dev);
525 if (out_dev)
526 omi = IN_DEV_MEDIUM_ID(out_dev);
527
528 return omi != imi && omi != -1;
529}
530
531/*
532 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
533 *
534 * RFC3069 supports proxy arp replies back to the same interface. This
535 * is done to support (ethernet) switch features, like RFC 3069, where
536 * the individual ports are not allowed to communicate with each
537 * other, BUT they are allowed to talk to the upstream router. As
538 * described in RFC 3069, it is possible to allow these hosts to
539 * communicate through the upstream router, by proxy_arp'ing.
540 *
541 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
542 *
543 * This technology is known by different names:
544 * In RFC 3069 it is called VLAN Aggregation.
545 * Cisco and Allied Telesyn call it Private VLAN.
546 * Hewlett-Packard call it Source-Port filtering or port-isolation.
547 * Ericsson call it MAC-Forced Forwarding (RFC Draft).
548 *
549 */
550static inline int arp_fwd_pvlan(struct in_device *in_dev,
551 struct net_device *dev, struct rtable *rt,
552 __be32 sip, __be32 tip)
553{
554 /* Private VLAN is only concerned about the same ethernet segment */
555 if (rt->dst.dev != dev)
556 return 0;
557
558 /* Don't reply on self probes (often done by windowz boxes)*/
559 if (sip == tip)
560 return 0;
561
562 if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
563 return 1;
564 else
565 return 0;
566}
567
568/*
569 * Interface to link layer: send routine and receive handler.
570 */
571
572/*
573 * Create an arp packet. If (dest_hw == NULL), we create a broadcast
574 * message.
575 */
576struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
577 struct net_device *dev, __be32 src_ip,
578 const unsigned char *dest_hw,
579 const unsigned char *src_hw,
580 const unsigned char *target_hw)
581{
582 struct sk_buff *skb;
583 struct arphdr *arp;
584 unsigned char *arp_ptr;
585 int hlen = LL_RESERVED_SPACE(dev);
586 int tlen = dev->needed_tailroom;
587
588 /*
589 * Allocate a buffer
590 */
591
592 skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC);
593 if (skb == NULL)
594 return NULL;
595
596 skb_reserve(skb, hlen);
597 skb_reset_network_header(skb);
598 arp = (struct arphdr *) skb_put(skb, arp_hdr_len(dev));
599 skb->dev = dev;
600 skb->protocol = htons(ETH_P_ARP);
601 if (src_hw == NULL)
602 src_hw = dev->dev_addr;
603 if (dest_hw == NULL)
604 dest_hw = dev->broadcast;
605
606 /*
607 * Fill the device header for the ARP frame
608 */
609 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
610 goto out;
611
612 /*
613 * Fill out the arp protocol part.
614 *
615 * The arp hardware type should match the device type, except for FDDI,
616 * which (according to RFC 1390) should always equal 1 (Ethernet).
617 */
618 /*
619 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the
620 * DIX code for the protocol. Make these device structure fields.
621 */
622 switch (dev->type) {
623 default:
624 arp->ar_hrd = htons(dev->type);
625 arp->ar_pro = htons(ETH_P_IP);
626 break;
627
628#if IS_ENABLED(CONFIG_AX25)
629 case ARPHRD_AX25:
630 arp->ar_hrd = htons(ARPHRD_AX25);
631 arp->ar_pro = htons(AX25_P_IP);
632 break;
633
634#if IS_ENABLED(CONFIG_NETROM)
635 case ARPHRD_NETROM:
636 arp->ar_hrd = htons(ARPHRD_NETROM);
637 arp->ar_pro = htons(AX25_P_IP);
638 break;
639#endif
640#endif
641
642#if IS_ENABLED(CONFIG_FDDI)
643 case ARPHRD_FDDI:
644 arp->ar_hrd = htons(ARPHRD_ETHER);
645 arp->ar_pro = htons(ETH_P_IP);
646 break;
647#endif
648 }
649
650 arp->ar_hln = dev->addr_len;
651 arp->ar_pln = 4;
652 arp->ar_op = htons(type);
653
654 arp_ptr = (unsigned char *)(arp + 1);
655
656 memcpy(arp_ptr, src_hw, dev->addr_len);
657 arp_ptr += dev->addr_len;
658 memcpy(arp_ptr, &src_ip, 4);
659 arp_ptr += 4;
660 if (target_hw != NULL)
661 memcpy(arp_ptr, target_hw, dev->addr_len);
662 else
663 memset(arp_ptr, 0, dev->addr_len);
664 arp_ptr += dev->addr_len;
665 memcpy(arp_ptr, &dest_ip, 4);
666
667 return skb;
668
669out:
670 kfree_skb(skb);
671 return NULL;
672}
673EXPORT_SYMBOL(arp_create);
674
675/*
676 * Send an arp packet.
677 */
678void arp_xmit(struct sk_buff *skb)
679{
680 /* Send it off, maybe filter it using firewalling first. */
681 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, skb, NULL, skb->dev, dev_queue_xmit);
682}
683EXPORT_SYMBOL(arp_xmit);
684
685/*
686 * Create and send an arp packet.
687 */
688void arp_send(int type, int ptype, __be32 dest_ip,
689 struct net_device *dev, __be32 src_ip,
690 const unsigned char *dest_hw, const unsigned char *src_hw,
691 const unsigned char *target_hw)
692{
693 struct sk_buff *skb;
694
695 /*
696 * No arp on this interface.
697 */
698
699 if (dev->flags&IFF_NOARP)
700 return;
701
702 skb = arp_create(type, ptype, dest_ip, dev, src_ip,
703 dest_hw, src_hw, target_hw);
704 if (skb == NULL)
705 return;
706
707 arp_xmit(skb);
708}
709EXPORT_SYMBOL(arp_send);
710
711/*
712 * Process an arp request.
713 */
714
715static int arp_process(struct sk_buff *skb)
716{
717 struct net_device *dev = skb->dev;
718 struct in_device *in_dev = __in_dev_get_rcu(dev);
719 struct arphdr *arp;
720 unsigned char *arp_ptr;
721 struct rtable *rt;
722 unsigned char *sha;
723 __be32 sip, tip;
724 u16 dev_type = dev->type;
725 int addr_type;
726 struct neighbour *n;
727 struct net *net = dev_net(dev);
728
729 /* arp_rcv below verifies the ARP header and verifies the device
730 * is ARP'able.
731 */
732
733 if (in_dev == NULL)
734 goto out;
735
736 arp = arp_hdr(skb);
737
738 switch (dev_type) {
739 default:
740 if (arp->ar_pro != htons(ETH_P_IP) ||
741 htons(dev_type) != arp->ar_hrd)
742 goto out;
743 break;
744 case ARPHRD_ETHER:
745 case ARPHRD_FDDI:
746 case ARPHRD_IEEE802:
747 /*
748 * ETHERNET, and Fibre Channel (which are IEEE 802
749 * devices, according to RFC 2625) devices will accept ARP
750 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
751 * This is the case also of FDDI, where the RFC 1390 says that
752 * FDDI devices should accept ARP hardware of (1) Ethernet,
753 * however, to be more robust, we'll accept both 1 (Ethernet)
754 * or 6 (IEEE 802.2)
755 */
756 if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
757 arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
758 arp->ar_pro != htons(ETH_P_IP))
759 goto out;
760 break;
761 case ARPHRD_AX25:
762 if (arp->ar_pro != htons(AX25_P_IP) ||
763 arp->ar_hrd != htons(ARPHRD_AX25))
764 goto out;
765 break;
766 case ARPHRD_NETROM:
767 if (arp->ar_pro != htons(AX25_P_IP) ||
768 arp->ar_hrd != htons(ARPHRD_NETROM))
769 goto out;
770 break;
771 }
772
773 /* Understand only these message types */
774
775 if (arp->ar_op != htons(ARPOP_REPLY) &&
776 arp->ar_op != htons(ARPOP_REQUEST))
777 goto out;
778
779/*
780 * Extract fields
781 */
782 arp_ptr = (unsigned char *)(arp + 1);
783 sha = arp_ptr;
784 arp_ptr += dev->addr_len;
785 memcpy(&sip, arp_ptr, 4);
786 arp_ptr += 4;
787 arp_ptr += dev->addr_len;
788 memcpy(&tip, arp_ptr, 4);
789/*
790 * Check for bad requests for 127.x.x.x and requests for multicast
791 * addresses. If this is one such, delete it.
792 */
793 if (ipv4_is_loopback(tip) || ipv4_is_multicast(tip))
794 goto out;
795
796/*
797 * Special case: We must set Frame Relay source Q.922 address
798 */
799 if (dev_type == ARPHRD_DLCI)
800 sha = dev->broadcast;
801
802/*
803 * Process entry. The idea here is we want to send a reply if it is a
804 * request for us or if it is a request for someone else that we hold
805 * a proxy for. We want to add an entry to our cache if it is a reply
806 * to us or if it is a request for our address.
807 * (The assumption for this last is that if someone is requesting our
808 * address, they are probably intending to talk to us, so it saves time
809 * if we cache their address. Their address is also probably not in
810 * our cache, since ours is not in their cache.)
811 *
812 * Putting this another way, we only care about replies if they are to
813 * us, in which case we add them to the cache. For requests, we care
814 * about those for us and those for our proxies. We reply to both,
815 * and in the case of requests for us we add the requester to the arp
816 * cache.
817 */
818
819 /* Special case: IPv4 duplicate address detection packet (RFC2131) */
820 if (sip == 0) {
821 if (arp->ar_op == htons(ARPOP_REQUEST) &&
822 inet_addr_type(net, tip) == RTN_LOCAL &&
823 !arp_ignore(in_dev, sip, tip))
824 arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha,
825 dev->dev_addr, sha);
826 goto out;
827 }
828
829 if (arp->ar_op == htons(ARPOP_REQUEST) &&
830 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
831
832 rt = skb_rtable(skb);
833 addr_type = rt->rt_type;
834
835 if (addr_type == RTN_LOCAL) {
836 int dont_send;
837
838 dont_send = arp_ignore(in_dev, sip, tip);
839 if (!dont_send && IN_DEV_ARPFILTER(in_dev))
840 dont_send = arp_filter(sip, tip, dev);
841 if (!dont_send) {
842 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
843 if (n) {
844 arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
845 dev, tip, sha, dev->dev_addr,
846 sha);
847 neigh_release(n);
848 }
849 }
850 goto out;
851 } else if (IN_DEV_FORWARD(in_dev)) {
852 if (addr_type == RTN_UNICAST &&
853 (arp_fwd_proxy(in_dev, dev, rt) ||
854 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
855 (rt->dst.dev != dev &&
856 pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
857 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
858 if (n)
859 neigh_release(n);
860
861 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
862 skb->pkt_type == PACKET_HOST ||
863 in_dev->arp_parms->proxy_delay == 0) {
864 arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
865 dev, tip, sha, dev->dev_addr,
866 sha);
867 } else {
868 pneigh_enqueue(&arp_tbl,
869 in_dev->arp_parms, skb);
870 return 0;
871 }
872 goto out;
873 }
874 }
875 }
876
877 /* Update our ARP tables */
878
879 n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
880
881 if (IN_DEV_ARP_ACCEPT(in_dev)) {
882 /* Unsolicited ARP is not accepted by default.
883 It is possible, that this option should be enabled for some
884 devices (strip is candidate)
885 */
886 if (n == NULL &&
887 (arp->ar_op == htons(ARPOP_REPLY) ||
888 (arp->ar_op == htons(ARPOP_REQUEST) && tip == sip)) &&
889 inet_addr_type(net, sip) == RTN_UNICAST)
890 n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
891 }
892
893 if (n) {
894 int state = NUD_REACHABLE;
895 int override;
896
897 /* If several different ARP replies follows back-to-back,
898 use the FIRST one. It is possible, if several proxy
899 agents are active. Taking the first reply prevents
900 arp trashing and chooses the fastest router.
901 */
902 override = time_after(jiffies, n->updated + n->parms->locktime);
903
904 /* Broadcast replies and request packets
905 do not assert neighbour reachability.
906 */
907 if (arp->ar_op != htons(ARPOP_REPLY) ||
908 skb->pkt_type != PACKET_HOST)
909 state = NUD_STALE;
910 neigh_update(n, sha, state,
911 override ? NEIGH_UPDATE_F_OVERRIDE : 0);
912 neigh_release(n);
913 }
914
915out:
916 consume_skb(skb);
917 return 0;
918}
919
920static void parp_redo(struct sk_buff *skb)
921{
922 arp_process(skb);
923}
924
925
926/*
927 * Receive an arp request from the device layer.
928 */
929
930static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
931 struct packet_type *pt, struct net_device *orig_dev)
932{
933 struct arphdr *arp;
934
935 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */
936 if (!pskb_may_pull(skb, arp_hdr_len(dev)))
937 goto freeskb;
938
939 arp = arp_hdr(skb);
940 if (arp->ar_hln != dev->addr_len ||
941 dev->flags & IFF_NOARP ||
942 skb->pkt_type == PACKET_OTHERHOST ||
943 skb->pkt_type == PACKET_LOOPBACK ||
944 arp->ar_pln != 4)
945 goto freeskb;
946
947 skb = skb_share_check(skb, GFP_ATOMIC);
948 if (skb == NULL)
949 goto out_of_mem;
950
951 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
952
953 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, skb, dev, NULL, arp_process);
954
955freeskb:
956 kfree_skb(skb);
957out_of_mem:
958 return 0;
959}
960
961/*
962 * User level interface (ioctl)
963 */
964
965/*
966 * Set (create) an ARP cache entry.
967 */
968
969static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
970{
971 if (dev == NULL) {
972 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
973 return 0;
974 }
975 if (__in_dev_get_rtnl(dev)) {
976 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
977 return 0;
978 }
979 return -ENXIO;
980}
981
982static int arp_req_set_public(struct net *net, struct arpreq *r,
983 struct net_device *dev)
984{
985 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
986 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
987
988 if (mask && mask != htonl(0xFFFFFFFF))
989 return -EINVAL;
990 if (!dev && (r->arp_flags & ATF_COM)) {
991 dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family,
992 r->arp_ha.sa_data);
993 if (!dev)
994 return -ENODEV;
995 }
996 if (mask) {
997 if (pneigh_lookup(&arp_tbl, net, &ip, dev, 1) == NULL)
998 return -ENOBUFS;
999 return 0;
1000 }
1001
1002 return arp_req_set_proxy(net, dev, 1);
1003}
1004
1005static int arp_req_set(struct net *net, struct arpreq *r,
1006 struct net_device *dev)
1007{
1008 __be32 ip;
1009 struct neighbour *neigh;
1010 int err;
1011
1012 if (r->arp_flags & ATF_PUBL)
1013 return arp_req_set_public(net, r, dev);
1014
1015 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1016 if (r->arp_flags & ATF_PERM)
1017 r->arp_flags |= ATF_COM;
1018 if (dev == NULL) {
1019 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1020
1021 if (IS_ERR(rt))
1022 return PTR_ERR(rt);
1023 dev = rt->dst.dev;
1024 ip_rt_put(rt);
1025 if (!dev)
1026 return -EINVAL;
1027 }
1028 switch (dev->type) {
1029#if IS_ENABLED(CONFIG_FDDI)
1030 case ARPHRD_FDDI:
1031 /*
1032 * According to RFC 1390, FDDI devices should accept ARP
1033 * hardware types of 1 (Ethernet). However, to be more
1034 * robust, we'll accept hardware types of either 1 (Ethernet)
1035 * or 6 (IEEE 802.2).
1036 */
1037 if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1038 r->arp_ha.sa_family != ARPHRD_ETHER &&
1039 r->arp_ha.sa_family != ARPHRD_IEEE802)
1040 return -EINVAL;
1041 break;
1042#endif
1043 default:
1044 if (r->arp_ha.sa_family != dev->type)
1045 return -EINVAL;
1046 break;
1047 }
1048
1049 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1050 err = PTR_ERR(neigh);
1051 if (!IS_ERR(neigh)) {
1052 unsigned int state = NUD_STALE;
1053 if (r->arp_flags & ATF_PERM)
1054 state = NUD_PERMANENT;
1055 err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1056 r->arp_ha.sa_data : NULL, state,
1057 NEIGH_UPDATE_F_OVERRIDE |
1058 NEIGH_UPDATE_F_ADMIN);
1059 neigh_release(neigh);
1060 }
1061 return err;
1062}
1063
1064static unsigned int arp_state_to_flags(struct neighbour *neigh)
1065{
1066 if (neigh->nud_state&NUD_PERMANENT)
1067 return ATF_PERM | ATF_COM;
1068 else if (neigh->nud_state&NUD_VALID)
1069 return ATF_COM;
1070 else
1071 return 0;
1072}
1073
1074/*
1075 * Get an ARP cache entry.
1076 */
1077
1078static int arp_req_get(struct arpreq *r, struct net_device *dev)
1079{
1080 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1081 struct neighbour *neigh;
1082 int err = -ENXIO;
1083
1084 neigh = neigh_lookup(&arp_tbl, &ip, dev);
1085 if (neigh) {
1086 read_lock_bh(&neigh->lock);
1087 memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len);
1088 r->arp_flags = arp_state_to_flags(neigh);
1089 read_unlock_bh(&neigh->lock);
1090 r->arp_ha.sa_family = dev->type;
1091 strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev));
1092 neigh_release(neigh);
1093 err = 0;
1094 }
1095 return err;
1096}
1097
1098int arp_invalidate(struct net_device *dev, __be32 ip)
1099{
1100 struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1101 int err = -ENXIO;
1102
1103 if (neigh) {
1104 if (neigh->nud_state & ~NUD_NOARP)
1105 err = neigh_update(neigh, NULL, NUD_FAILED,
1106 NEIGH_UPDATE_F_OVERRIDE|
1107 NEIGH_UPDATE_F_ADMIN);
1108 neigh_release(neigh);
1109 }
1110
1111 return err;
1112}
1113EXPORT_SYMBOL(arp_invalidate);
1114
1115static int arp_req_delete_public(struct net *net, struct arpreq *r,
1116 struct net_device *dev)
1117{
1118 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1119 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1120
1121 if (mask == htonl(0xFFFFFFFF))
1122 return pneigh_delete(&arp_tbl, net, &ip, dev);
1123
1124 if (mask)
1125 return -EINVAL;
1126
1127 return arp_req_set_proxy(net, dev, 0);
1128}
1129
1130static int arp_req_delete(struct net *net, struct arpreq *r,
1131 struct net_device *dev)
1132{
1133 __be32 ip;
1134
1135 if (r->arp_flags & ATF_PUBL)
1136 return arp_req_delete_public(net, r, dev);
1137
1138 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1139 if (dev == NULL) {
1140 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1141 if (IS_ERR(rt))
1142 return PTR_ERR(rt);
1143 dev = rt->dst.dev;
1144 ip_rt_put(rt);
1145 if (!dev)
1146 return -EINVAL;
1147 }
1148 return arp_invalidate(dev, ip);
1149}
1150
1151/*
1152 * Handle an ARP layer I/O control request.
1153 */
1154
1155int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1156{
1157 int err;
1158 struct arpreq r;
1159 struct net_device *dev = NULL;
1160
1161 switch (cmd) {
1162 case SIOCDARP:
1163 case SIOCSARP:
1164 if (!capable(CAP_NET_ADMIN))
1165 return -EPERM;
1166 case SIOCGARP:
1167 err = copy_from_user(&r, arg, sizeof(struct arpreq));
1168 if (err)
1169 return -EFAULT;
1170 break;
1171 default:
1172 return -EINVAL;
1173 }
1174
1175 if (r.arp_pa.sa_family != AF_INET)
1176 return -EPFNOSUPPORT;
1177
1178 if (!(r.arp_flags & ATF_PUBL) &&
1179 (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1180 return -EINVAL;
1181 if (!(r.arp_flags & ATF_NETMASK))
1182 ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr =
1183 htonl(0xFFFFFFFFUL);
1184 rtnl_lock();
1185 if (r.arp_dev[0]) {
1186 err = -ENODEV;
1187 dev = __dev_get_by_name(net, r.arp_dev);
1188 if (dev == NULL)
1189 goto out;
1190
1191 /* Mmmm... It is wrong... ARPHRD_NETROM==0 */
1192 if (!r.arp_ha.sa_family)
1193 r.arp_ha.sa_family = dev->type;
1194 err = -EINVAL;
1195 if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type)
1196 goto out;
1197 } else if (cmd == SIOCGARP) {
1198 err = -ENODEV;
1199 goto out;
1200 }
1201
1202 switch (cmd) {
1203 case SIOCDARP:
1204 err = arp_req_delete(net, &r, dev);
1205 break;
1206 case SIOCSARP:
1207 err = arp_req_set(net, &r, dev);
1208 break;
1209 case SIOCGARP:
1210 err = arp_req_get(&r, dev);
1211 break;
1212 }
1213out:
1214 rtnl_unlock();
1215 if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r)))
1216 err = -EFAULT;
1217 return err;
1218}
1219
1220static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1221 void *ptr)
1222{
1223 struct net_device *dev = ptr;
1224
1225 switch (event) {
1226 case NETDEV_CHANGEADDR:
1227 neigh_changeaddr(&arp_tbl, dev);
1228 rt_cache_flush(dev_net(dev), 0);
1229 break;
1230 default:
1231 break;
1232 }
1233
1234 return NOTIFY_DONE;
1235}
1236
1237static struct notifier_block arp_netdev_notifier = {
1238 .notifier_call = arp_netdev_event,
1239};
1240
1241/* Note, that it is not on notifier chain.
1242 It is necessary, that this routine was called after route cache will be
1243 flushed.
1244 */
1245void arp_ifdown(struct net_device *dev)
1246{
1247 neigh_ifdown(&arp_tbl, dev);
1248}
1249
1250
1251/*
1252 * Called once on startup.
1253 */
1254
1255static struct packet_type arp_packet_type __read_mostly = {
1256 .type = cpu_to_be16(ETH_P_ARP),
1257 .func = arp_rcv,
1258};
1259
1260static int arp_proc_init(void);
1261
1262void __init arp_init(void)
1263{
1264 neigh_table_init(&arp_tbl);
1265
1266 dev_add_pack(&arp_packet_type);
1267 arp_proc_init();
1268#ifdef CONFIG_SYSCTL
1269 neigh_sysctl_register(NULL, &arp_tbl.parms, "ipv4", NULL);
1270#endif
1271 register_netdevice_notifier(&arp_netdev_notifier);
1272}
1273
1274#ifdef CONFIG_PROC_FS
1275#if IS_ENABLED(CONFIG_AX25)
1276
1277/* ------------------------------------------------------------------------ */
1278/*
1279 * ax25 -> ASCII conversion
1280 */
1281static char *ax2asc2(ax25_address *a, char *buf)
1282{
1283 char c, *s;
1284 int n;
1285
1286 for (n = 0, s = buf; n < 6; n++) {
1287 c = (a->ax25_call[n] >> 1) & 0x7F;
1288
1289 if (c != ' ')
1290 *s++ = c;
1291 }
1292
1293 *s++ = '-';
1294 n = (a->ax25_call[6] >> 1) & 0x0F;
1295 if (n > 9) {
1296 *s++ = '1';
1297 n -= 10;
1298 }
1299
1300 *s++ = n + '0';
1301 *s++ = '\0';
1302
1303 if (*buf == '\0' || *buf == '-')
1304 return "*";
1305
1306 return buf;
1307}
1308#endif /* CONFIG_AX25 */
1309
1310#define HBUFFERLEN 30
1311
1312static void arp_format_neigh_entry(struct seq_file *seq,
1313 struct neighbour *n)
1314{
1315 char hbuffer[HBUFFERLEN];
1316 int k, j;
1317 char tbuf[16];
1318 struct net_device *dev = n->dev;
1319 int hatype = dev->type;
1320
1321 read_lock(&n->lock);
1322 /* Convert hardware address to XX:XX:XX:XX ... form. */
1323#if IS_ENABLED(CONFIG_AX25)
1324 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1325 ax2asc2((ax25_address *)n->ha, hbuffer);
1326 else {
1327#endif
1328 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1329 hbuffer[k++] = hex_asc_hi(n->ha[j]);
1330 hbuffer[k++] = hex_asc_lo(n->ha[j]);
1331 hbuffer[k++] = ':';
1332 }
1333 if (k != 0)
1334 --k;
1335 hbuffer[k] = 0;
1336#if IS_ENABLED(CONFIG_AX25)
1337 }
1338#endif
1339 sprintf(tbuf, "%pI4", n->primary_key);
1340 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1341 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1342 read_unlock(&n->lock);
1343}
1344
1345static void arp_format_pneigh_entry(struct seq_file *seq,
1346 struct pneigh_entry *n)
1347{
1348 struct net_device *dev = n->dev;
1349 int hatype = dev ? dev->type : 0;
1350 char tbuf[16];
1351
1352 sprintf(tbuf, "%pI4", n->key);
1353 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1354 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1355 dev ? dev->name : "*");
1356}
1357
1358static int arp_seq_show(struct seq_file *seq, void *v)
1359{
1360 if (v == SEQ_START_TOKEN) {
1361 seq_puts(seq, "IP address HW type Flags "
1362 "HW address Mask Device\n");
1363 } else {
1364 struct neigh_seq_state *state = seq->private;
1365
1366 if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1367 arp_format_pneigh_entry(seq, v);
1368 else
1369 arp_format_neigh_entry(seq, v);
1370 }
1371
1372 return 0;
1373}
1374
1375static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1376{
1377 /* Don't want to confuse "arp -a" w/ magic entries,
1378 * so we tell the generic iterator to skip NUD_NOARP.
1379 */
1380 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1381}
1382
1383/* ------------------------------------------------------------------------ */
1384
1385static const struct seq_operations arp_seq_ops = {
1386 .start = arp_seq_start,
1387 .next = neigh_seq_next,
1388 .stop = neigh_seq_stop,
1389 .show = arp_seq_show,
1390};
1391
1392static int arp_seq_open(struct inode *inode, struct file *file)
1393{
1394 return seq_open_net(inode, file, &arp_seq_ops,
1395 sizeof(struct neigh_seq_state));
1396}
1397
1398static const struct file_operations arp_seq_fops = {
1399 .owner = THIS_MODULE,
1400 .open = arp_seq_open,
1401 .read = seq_read,
1402 .llseek = seq_lseek,
1403 .release = seq_release_net,
1404};
1405
1406
1407static int __net_init arp_net_init(struct net *net)
1408{
1409 if (!proc_net_fops_create(net, "arp", S_IRUGO, &arp_seq_fops))
1410 return -ENOMEM;
1411 return 0;
1412}
1413
1414static void __net_exit arp_net_exit(struct net *net)
1415{
1416 proc_net_remove(net, "arp");
1417}
1418
1419static struct pernet_operations arp_net_ops = {
1420 .init = arp_net_init,
1421 .exit = arp_net_exit,
1422};
1423
1424static int __init arp_proc_init(void)
1425{
1426 return register_pernet_subsys(&arp_net_ops);
1427}
1428
1429#else /* CONFIG_PROC_FS */
1430
1431static int __init arp_proc_init(void)
1432{
1433 return 0;
1434}
1435
1436#endif /* CONFIG_PROC_FS */