arp.c (36571B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* linux/net/ipv4/arp.c 3 * 4 * Copyright (C) 1994 by Florian La Roche 5 * 6 * This module implements the Address Resolution Protocol ARP (RFC 826), 7 * which is used to convert IP addresses (or in the future maybe other 8 * high-level addresses) into a low-level hardware address (like an Ethernet 9 * address). 10 * 11 * Fixes: 12 * Alan Cox : Removed the Ethernet assumptions in 13 * Florian's code 14 * Alan Cox : Fixed some small errors in the ARP 15 * logic 16 * Alan Cox : Allow >4K in /proc 17 * Alan Cox : Make ARP add its own protocol entry 18 * Ross Martin : Rewrote arp_rcv() and arp_get_info() 19 * Stephen Henson : Add AX25 support to arp_get_info() 20 * Alan Cox : Drop data when a device is downed. 21 * Alan Cox : Use init_timer(). 22 * Alan Cox : Double lock fixes. 23 * Martin Seine : Move the arphdr structure 24 * to if_arp.h for compatibility. 25 * with BSD based programs. 26 * Andrew Tridgell : Added ARP netmask code and 27 * re-arranged proxy handling. 28 * Alan Cox : Changed to use notifiers. 29 * Niibe Yutaka : Reply for this device or proxies only. 30 * Alan Cox : Don't proxy across hardware types! 31 * Jonathan Naylor : Added support for NET/ROM. 32 * Mike Shaver : RFC1122 checks. 33 * Jonathan Naylor : Only lookup the hardware address for 34 * the correct hardware type. 35 * Germano Caronni : Assorted subtle races. 36 * Craig Schlenter : Don't modify permanent entry 37 * during arp_rcv. 38 * Russ Nelson : Tidied up a few bits. 39 * Alexey Kuznetsov: Major changes to caching and behaviour, 40 * eg intelligent arp probing and 41 * generation 42 * of host down events. 43 * Alan Cox : Missing unlock in device events. 44 * Eckes : ARP ioctl control errors. 45 * Alexey Kuznetsov: Arp free fix. 46 * Manuel Rodriguez: Gratuitous ARP. 47 * Jonathan Layes : Added arpd support through kerneld 48 * message queue (960314) 49 * Mike Shaver : /proc/sys/net/ipv4/arp_* support 50 * Mike McLagan : Routing by source 51 * Stuart Cheshire : Metricom and grat arp fixes 52 * *** FOR 2.1 clean this up *** 53 * Lawrence V. Stefani: (08/12/96) Added FDDI support. 54 * Alan Cox : Took the AP1000 nasty FDDI hack and 55 * folded into the mainstream FDDI code. 56 * Ack spit, Linus how did you allow that 57 * one in... 58 * Jes Sorensen : Make FDDI work again in 2.1.x and 59 * clean up the APFDDI & gen. FDDI bits. 60 * Alexey Kuznetsov: new arp state machine; 61 * now it is in net/core/neighbour.c. 62 * Krzysztof Halasa: Added Frame Relay ARP support. 63 * Arnaldo C. Melo : convert /proc/net/arp to seq_file 64 * Shmulik Hen: Split arp_send to arp_create and 65 * arp_xmit so intermediate drivers like 66 * bonding can change the skb before 67 * sending (e.g. insert 8021q tag). 68 * Harald Welte : convert to make use of jenkins hash 69 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support. 70 */ 71 72#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 73 74#include <linux/module.h> 75#include <linux/types.h> 76#include <linux/string.h> 77#include <linux/kernel.h> 78#include <linux/capability.h> 79#include <linux/socket.h> 80#include <linux/sockios.h> 81#include <linux/errno.h> 82#include <linux/in.h> 83#include <linux/mm.h> 84#include <linux/inet.h> 85#include <linux/inetdevice.h> 86#include <linux/netdevice.h> 87#include <linux/etherdevice.h> 88#include <linux/fddidevice.h> 89#include <linux/if_arp.h> 90#include <linux/skbuff.h> 91#include <linux/proc_fs.h> 92#include <linux/seq_file.h> 93#include <linux/stat.h> 94#include <linux/init.h> 95#include <linux/net.h> 96#include <linux/rcupdate.h> 97#include <linux/slab.h> 98#ifdef CONFIG_SYSCTL 99#include <linux/sysctl.h> 100#endif 101 102#include <net/net_namespace.h> 103#include <net/ip.h> 104#include <net/icmp.h> 105#include <net/route.h> 106#include <net/protocol.h> 107#include <net/tcp.h> 108#include <net/sock.h> 109#include <net/arp.h> 110#include <net/ax25.h> 111#include <net/netrom.h> 112#include <net/dst_metadata.h> 113#include <net/ip_tunnels.h> 114 115#include <linux/uaccess.h> 116 117#include <linux/netfilter_arp.h> 118 119/* 120 * Interface to generic neighbour cache. 121 */ 122static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd); 123static bool arp_key_eq(const struct neighbour *n, const void *pkey); 124static int arp_constructor(struct neighbour *neigh); 125static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb); 126static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb); 127static void parp_redo(struct sk_buff *skb); 128static int arp_is_multicast(const void *pkey); 129 130static const struct neigh_ops arp_generic_ops = { 131 .family = AF_INET, 132 .solicit = arp_solicit, 133 .error_report = arp_error_report, 134 .output = neigh_resolve_output, 135 .connected_output = neigh_connected_output, 136}; 137 138static const struct neigh_ops arp_hh_ops = { 139 .family = AF_INET, 140 .solicit = arp_solicit, 141 .error_report = arp_error_report, 142 .output = neigh_resolve_output, 143 .connected_output = neigh_resolve_output, 144}; 145 146static const struct neigh_ops arp_direct_ops = { 147 .family = AF_INET, 148 .output = neigh_direct_output, 149 .connected_output = neigh_direct_output, 150}; 151 152struct neigh_table arp_tbl = { 153 .family = AF_INET, 154 .key_len = 4, 155 .protocol = cpu_to_be16(ETH_P_IP), 156 .hash = arp_hash, 157 .key_eq = arp_key_eq, 158 .constructor = arp_constructor, 159 .proxy_redo = parp_redo, 160 .is_multicast = arp_is_multicast, 161 .id = "arp_cache", 162 .parms = { 163 .tbl = &arp_tbl, 164 .reachable_time = 30 * HZ, 165 .data = { 166 [NEIGH_VAR_MCAST_PROBES] = 3, 167 [NEIGH_VAR_UCAST_PROBES] = 3, 168 [NEIGH_VAR_RETRANS_TIME] = 1 * HZ, 169 [NEIGH_VAR_BASE_REACHABLE_TIME] = 30 * HZ, 170 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ, 171 [NEIGH_VAR_GC_STALETIME] = 60 * HZ, 172 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX, 173 [NEIGH_VAR_PROXY_QLEN] = 64, 174 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ, 175 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10, 176 [NEIGH_VAR_LOCKTIME] = 1 * HZ, 177 }, 178 }, 179 .gc_interval = 30 * HZ, 180 .gc_thresh1 = 128, 181 .gc_thresh2 = 512, 182 .gc_thresh3 = 1024, 183}; 184EXPORT_SYMBOL(arp_tbl); 185 186int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir) 187{ 188 switch (dev->type) { 189 case ARPHRD_ETHER: 190 case ARPHRD_FDDI: 191 case ARPHRD_IEEE802: 192 ip_eth_mc_map(addr, haddr); 193 return 0; 194 case ARPHRD_INFINIBAND: 195 ip_ib_mc_map(addr, dev->broadcast, haddr); 196 return 0; 197 case ARPHRD_IPGRE: 198 ip_ipgre_mc_map(addr, dev->broadcast, haddr); 199 return 0; 200 default: 201 if (dir) { 202 memcpy(haddr, dev->broadcast, dev->addr_len); 203 return 0; 204 } 205 } 206 return -EINVAL; 207} 208 209 210static u32 arp_hash(const void *pkey, 211 const struct net_device *dev, 212 __u32 *hash_rnd) 213{ 214 return arp_hashfn(pkey, dev, hash_rnd); 215} 216 217static bool arp_key_eq(const struct neighbour *neigh, const void *pkey) 218{ 219 return neigh_key_eq32(neigh, pkey); 220} 221 222static int arp_constructor(struct neighbour *neigh) 223{ 224 __be32 addr; 225 struct net_device *dev = neigh->dev; 226 struct in_device *in_dev; 227 struct neigh_parms *parms; 228 u32 inaddr_any = INADDR_ANY; 229 230 if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) 231 memcpy(neigh->primary_key, &inaddr_any, arp_tbl.key_len); 232 233 addr = *(__be32 *)neigh->primary_key; 234 rcu_read_lock(); 235 in_dev = __in_dev_get_rcu(dev); 236 if (!in_dev) { 237 rcu_read_unlock(); 238 return -EINVAL; 239 } 240 241 neigh->type = inet_addr_type_dev_table(dev_net(dev), dev, addr); 242 243 parms = in_dev->arp_parms; 244 __neigh_parms_put(neigh->parms); 245 neigh->parms = neigh_parms_clone(parms); 246 rcu_read_unlock(); 247 248 if (!dev->header_ops) { 249 neigh->nud_state = NUD_NOARP; 250 neigh->ops = &arp_direct_ops; 251 neigh->output = neigh_direct_output; 252 } else { 253 /* Good devices (checked by reading texts, but only Ethernet is 254 tested) 255 256 ARPHRD_ETHER: (ethernet, apfddi) 257 ARPHRD_FDDI: (fddi) 258 ARPHRD_IEEE802: (tr) 259 ARPHRD_METRICOM: (strip) 260 ARPHRD_ARCNET: 261 etc. etc. etc. 262 263 ARPHRD_IPDDP will also work, if author repairs it. 264 I did not it, because this driver does not work even 265 in old paradigm. 266 */ 267 268 if (neigh->type == RTN_MULTICAST) { 269 neigh->nud_state = NUD_NOARP; 270 arp_mc_map(addr, neigh->ha, dev, 1); 271 } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) { 272 neigh->nud_state = NUD_NOARP; 273 memcpy(neigh->ha, dev->dev_addr, dev->addr_len); 274 } else if (neigh->type == RTN_BROADCAST || 275 (dev->flags & IFF_POINTOPOINT)) { 276 neigh->nud_state = NUD_NOARP; 277 memcpy(neigh->ha, dev->broadcast, dev->addr_len); 278 } 279 280 if (dev->header_ops->cache) 281 neigh->ops = &arp_hh_ops; 282 else 283 neigh->ops = &arp_generic_ops; 284 285 if (neigh->nud_state & NUD_VALID) 286 neigh->output = neigh->ops->connected_output; 287 else 288 neigh->output = neigh->ops->output; 289 } 290 return 0; 291} 292 293static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb) 294{ 295 dst_link_failure(skb); 296 kfree_skb_reason(skb, SKB_DROP_REASON_NEIGH_FAILED); 297} 298 299/* Create and send an arp packet. */ 300static void arp_send_dst(int type, int ptype, __be32 dest_ip, 301 struct net_device *dev, __be32 src_ip, 302 const unsigned char *dest_hw, 303 const unsigned char *src_hw, 304 const unsigned char *target_hw, 305 struct dst_entry *dst) 306{ 307 struct sk_buff *skb; 308 309 /* arp on this interface. */ 310 if (dev->flags & IFF_NOARP) 311 return; 312 313 skb = arp_create(type, ptype, dest_ip, dev, src_ip, 314 dest_hw, src_hw, target_hw); 315 if (!skb) 316 return; 317 318 skb_dst_set(skb, dst_clone(dst)); 319 arp_xmit(skb); 320} 321 322void arp_send(int type, int ptype, __be32 dest_ip, 323 struct net_device *dev, __be32 src_ip, 324 const unsigned char *dest_hw, const unsigned char *src_hw, 325 const unsigned char *target_hw) 326{ 327 arp_send_dst(type, ptype, dest_ip, dev, src_ip, dest_hw, src_hw, 328 target_hw, NULL); 329} 330EXPORT_SYMBOL(arp_send); 331 332static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb) 333{ 334 __be32 saddr = 0; 335 u8 dst_ha[MAX_ADDR_LEN], *dst_hw = NULL; 336 struct net_device *dev = neigh->dev; 337 __be32 target = *(__be32 *)neigh->primary_key; 338 int probes = atomic_read(&neigh->probes); 339 struct in_device *in_dev; 340 struct dst_entry *dst = NULL; 341 342 rcu_read_lock(); 343 in_dev = __in_dev_get_rcu(dev); 344 if (!in_dev) { 345 rcu_read_unlock(); 346 return; 347 } 348 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) { 349 default: 350 case 0: /* By default announce any local IP */ 351 if (skb && inet_addr_type_dev_table(dev_net(dev), dev, 352 ip_hdr(skb)->saddr) == RTN_LOCAL) 353 saddr = ip_hdr(skb)->saddr; 354 break; 355 case 1: /* Restrict announcements of saddr in same subnet */ 356 if (!skb) 357 break; 358 saddr = ip_hdr(skb)->saddr; 359 if (inet_addr_type_dev_table(dev_net(dev), dev, 360 saddr) == RTN_LOCAL) { 361 /* saddr should be known to target */ 362 if (inet_addr_onlink(in_dev, target, saddr)) 363 break; 364 } 365 saddr = 0; 366 break; 367 case 2: /* Avoid secondary IPs, get a primary/preferred one */ 368 break; 369 } 370 rcu_read_unlock(); 371 372 if (!saddr) 373 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK); 374 375 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES); 376 if (probes < 0) { 377 if (!(neigh->nud_state & NUD_VALID)) 378 pr_debug("trying to ucast probe in NUD_INVALID\n"); 379 neigh_ha_snapshot(dst_ha, neigh, dev); 380 dst_hw = dst_ha; 381 } else { 382 probes -= NEIGH_VAR(neigh->parms, APP_PROBES); 383 if (probes < 0) { 384 neigh_app_ns(neigh); 385 return; 386 } 387 } 388 389 if (skb && !(dev->priv_flags & IFF_XMIT_DST_RELEASE)) 390 dst = skb_dst(skb); 391 arp_send_dst(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr, 392 dst_hw, dev->dev_addr, NULL, dst); 393} 394 395static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip) 396{ 397 struct net *net = dev_net(in_dev->dev); 398 int scope; 399 400 switch (IN_DEV_ARP_IGNORE(in_dev)) { 401 case 0: /* Reply, the tip is already validated */ 402 return 0; 403 case 1: /* Reply only if tip is configured on the incoming interface */ 404 sip = 0; 405 scope = RT_SCOPE_HOST; 406 break; 407 case 2: /* 408 * Reply only if tip is configured on the incoming interface 409 * and is in same subnet as sip 410 */ 411 scope = RT_SCOPE_HOST; 412 break; 413 case 3: /* Do not reply for scope host addresses */ 414 sip = 0; 415 scope = RT_SCOPE_LINK; 416 in_dev = NULL; 417 break; 418 case 4: /* Reserved */ 419 case 5: 420 case 6: 421 case 7: 422 return 0; 423 case 8: /* Do not reply */ 424 return 1; 425 default: 426 return 0; 427 } 428 return !inet_confirm_addr(net, in_dev, sip, tip, scope); 429} 430 431static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev) 432{ 433 struct rtable *rt; 434 int flag = 0; 435 /*unsigned long now; */ 436 struct net *net = dev_net(dev); 437 438 rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev)); 439 if (IS_ERR(rt)) 440 return 1; 441 if (rt->dst.dev != dev) { 442 __NET_INC_STATS(net, LINUX_MIB_ARPFILTER); 443 flag = 1; 444 } 445 ip_rt_put(rt); 446 return flag; 447} 448 449/* 450 * Check if we can use proxy ARP for this path 451 */ 452static inline int arp_fwd_proxy(struct in_device *in_dev, 453 struct net_device *dev, struct rtable *rt) 454{ 455 struct in_device *out_dev; 456 int imi, omi = -1; 457 458 if (rt->dst.dev == dev) 459 return 0; 460 461 if (!IN_DEV_PROXY_ARP(in_dev)) 462 return 0; 463 imi = IN_DEV_MEDIUM_ID(in_dev); 464 if (imi == 0) 465 return 1; 466 if (imi == -1) 467 return 0; 468 469 /* place to check for proxy_arp for routes */ 470 471 out_dev = __in_dev_get_rcu(rt->dst.dev); 472 if (out_dev) 473 omi = IN_DEV_MEDIUM_ID(out_dev); 474 475 return omi != imi && omi != -1; 476} 477 478/* 479 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev) 480 * 481 * RFC3069 supports proxy arp replies back to the same interface. This 482 * is done to support (ethernet) switch features, like RFC 3069, where 483 * the individual ports are not allowed to communicate with each 484 * other, BUT they are allowed to talk to the upstream router. As 485 * described in RFC 3069, it is possible to allow these hosts to 486 * communicate through the upstream router, by proxy_arp'ing. 487 * 488 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation" 489 * 490 * This technology is known by different names: 491 * In RFC 3069 it is called VLAN Aggregation. 492 * Cisco and Allied Telesyn call it Private VLAN. 493 * Hewlett-Packard call it Source-Port filtering or port-isolation. 494 * Ericsson call it MAC-Forced Forwarding (RFC Draft). 495 * 496 */ 497static inline int arp_fwd_pvlan(struct in_device *in_dev, 498 struct net_device *dev, struct rtable *rt, 499 __be32 sip, __be32 tip) 500{ 501 /* Private VLAN is only concerned about the same ethernet segment */ 502 if (rt->dst.dev != dev) 503 return 0; 504 505 /* Don't reply on self probes (often done by windowz boxes)*/ 506 if (sip == tip) 507 return 0; 508 509 if (IN_DEV_PROXY_ARP_PVLAN(in_dev)) 510 return 1; 511 else 512 return 0; 513} 514 515/* 516 * Interface to link layer: send routine and receive handler. 517 */ 518 519/* 520 * Create an arp packet. If dest_hw is not set, we create a broadcast 521 * message. 522 */ 523struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip, 524 struct net_device *dev, __be32 src_ip, 525 const unsigned char *dest_hw, 526 const unsigned char *src_hw, 527 const unsigned char *target_hw) 528{ 529 struct sk_buff *skb; 530 struct arphdr *arp; 531 unsigned char *arp_ptr; 532 int hlen = LL_RESERVED_SPACE(dev); 533 int tlen = dev->needed_tailroom; 534 535 /* 536 * Allocate a buffer 537 */ 538 539 skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC); 540 if (!skb) 541 return NULL; 542 543 skb_reserve(skb, hlen); 544 skb_reset_network_header(skb); 545 arp = skb_put(skb, arp_hdr_len(dev)); 546 skb->dev = dev; 547 skb->protocol = htons(ETH_P_ARP); 548 if (!src_hw) 549 src_hw = dev->dev_addr; 550 if (!dest_hw) 551 dest_hw = dev->broadcast; 552 553 /* 554 * Fill the device header for the ARP frame 555 */ 556 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0) 557 goto out; 558 559 /* 560 * Fill out the arp protocol part. 561 * 562 * The arp hardware type should match the device type, except for FDDI, 563 * which (according to RFC 1390) should always equal 1 (Ethernet). 564 */ 565 /* 566 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the 567 * DIX code for the protocol. Make these device structure fields. 568 */ 569 switch (dev->type) { 570 default: 571 arp->ar_hrd = htons(dev->type); 572 arp->ar_pro = htons(ETH_P_IP); 573 break; 574 575#if IS_ENABLED(CONFIG_AX25) 576 case ARPHRD_AX25: 577 arp->ar_hrd = htons(ARPHRD_AX25); 578 arp->ar_pro = htons(AX25_P_IP); 579 break; 580 581#if IS_ENABLED(CONFIG_NETROM) 582 case ARPHRD_NETROM: 583 arp->ar_hrd = htons(ARPHRD_NETROM); 584 arp->ar_pro = htons(AX25_P_IP); 585 break; 586#endif 587#endif 588 589#if IS_ENABLED(CONFIG_FDDI) 590 case ARPHRD_FDDI: 591 arp->ar_hrd = htons(ARPHRD_ETHER); 592 arp->ar_pro = htons(ETH_P_IP); 593 break; 594#endif 595 } 596 597 arp->ar_hln = dev->addr_len; 598 arp->ar_pln = 4; 599 arp->ar_op = htons(type); 600 601 arp_ptr = (unsigned char *)(arp + 1); 602 603 memcpy(arp_ptr, src_hw, dev->addr_len); 604 arp_ptr += dev->addr_len; 605 memcpy(arp_ptr, &src_ip, 4); 606 arp_ptr += 4; 607 608 switch (dev->type) { 609#if IS_ENABLED(CONFIG_FIREWIRE_NET) 610 case ARPHRD_IEEE1394: 611 break; 612#endif 613 default: 614 if (target_hw) 615 memcpy(arp_ptr, target_hw, dev->addr_len); 616 else 617 memset(arp_ptr, 0, dev->addr_len); 618 arp_ptr += dev->addr_len; 619 } 620 memcpy(arp_ptr, &dest_ip, 4); 621 622 return skb; 623 624out: 625 kfree_skb(skb); 626 return NULL; 627} 628EXPORT_SYMBOL(arp_create); 629 630static int arp_xmit_finish(struct net *net, struct sock *sk, struct sk_buff *skb) 631{ 632 return dev_queue_xmit(skb); 633} 634 635/* 636 * Send an arp packet. 637 */ 638void arp_xmit(struct sk_buff *skb) 639{ 640 /* Send it off, maybe filter it using firewalling first. */ 641 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, 642 dev_net(skb->dev), NULL, skb, NULL, skb->dev, 643 arp_xmit_finish); 644} 645EXPORT_SYMBOL(arp_xmit); 646 647static bool arp_is_garp(struct net *net, struct net_device *dev, 648 int *addr_type, __be16 ar_op, 649 __be32 sip, __be32 tip, 650 unsigned char *sha, unsigned char *tha) 651{ 652 bool is_garp = tip == sip; 653 654 /* Gratuitous ARP _replies_ also require target hwaddr to be 655 * the same as source. 656 */ 657 if (is_garp && ar_op == htons(ARPOP_REPLY)) 658 is_garp = 659 /* IPv4 over IEEE 1394 doesn't provide target 660 * hardware address field in its ARP payload. 661 */ 662 tha && 663 !memcmp(tha, sha, dev->addr_len); 664 665 if (is_garp) { 666 *addr_type = inet_addr_type_dev_table(net, dev, sip); 667 if (*addr_type != RTN_UNICAST) 668 is_garp = false; 669 } 670 return is_garp; 671} 672 673/* 674 * Process an arp request. 675 */ 676 677static int arp_process(struct net *net, struct sock *sk, struct sk_buff *skb) 678{ 679 struct net_device *dev = skb->dev; 680 struct in_device *in_dev = __in_dev_get_rcu(dev); 681 struct arphdr *arp; 682 unsigned char *arp_ptr; 683 struct rtable *rt; 684 unsigned char *sha; 685 unsigned char *tha = NULL; 686 __be32 sip, tip; 687 u16 dev_type = dev->type; 688 int addr_type; 689 struct neighbour *n; 690 struct dst_entry *reply_dst = NULL; 691 bool is_garp = false; 692 693 /* arp_rcv below verifies the ARP header and verifies the device 694 * is ARP'able. 695 */ 696 697 if (!in_dev) 698 goto out_free_skb; 699 700 arp = arp_hdr(skb); 701 702 switch (dev_type) { 703 default: 704 if (arp->ar_pro != htons(ETH_P_IP) || 705 htons(dev_type) != arp->ar_hrd) 706 goto out_free_skb; 707 break; 708 case ARPHRD_ETHER: 709 case ARPHRD_FDDI: 710 case ARPHRD_IEEE802: 711 /* 712 * ETHERNET, and Fibre Channel (which are IEEE 802 713 * devices, according to RFC 2625) devices will accept ARP 714 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2). 715 * This is the case also of FDDI, where the RFC 1390 says that 716 * FDDI devices should accept ARP hardware of (1) Ethernet, 717 * however, to be more robust, we'll accept both 1 (Ethernet) 718 * or 6 (IEEE 802.2) 719 */ 720 if ((arp->ar_hrd != htons(ARPHRD_ETHER) && 721 arp->ar_hrd != htons(ARPHRD_IEEE802)) || 722 arp->ar_pro != htons(ETH_P_IP)) 723 goto out_free_skb; 724 break; 725 case ARPHRD_AX25: 726 if (arp->ar_pro != htons(AX25_P_IP) || 727 arp->ar_hrd != htons(ARPHRD_AX25)) 728 goto out_free_skb; 729 break; 730 case ARPHRD_NETROM: 731 if (arp->ar_pro != htons(AX25_P_IP) || 732 arp->ar_hrd != htons(ARPHRD_NETROM)) 733 goto out_free_skb; 734 break; 735 } 736 737 /* Understand only these message types */ 738 739 if (arp->ar_op != htons(ARPOP_REPLY) && 740 arp->ar_op != htons(ARPOP_REQUEST)) 741 goto out_free_skb; 742 743/* 744 * Extract fields 745 */ 746 arp_ptr = (unsigned char *)(arp + 1); 747 sha = arp_ptr; 748 arp_ptr += dev->addr_len; 749 memcpy(&sip, arp_ptr, 4); 750 arp_ptr += 4; 751 switch (dev_type) { 752#if IS_ENABLED(CONFIG_FIREWIRE_NET) 753 case ARPHRD_IEEE1394: 754 break; 755#endif 756 default: 757 tha = arp_ptr; 758 arp_ptr += dev->addr_len; 759 } 760 memcpy(&tip, arp_ptr, 4); 761/* 762 * Check for bad requests for 127.x.x.x and requests for multicast 763 * addresses. If this is one such, delete it. 764 */ 765 if (ipv4_is_multicast(tip) || 766 (!IN_DEV_ROUTE_LOCALNET(in_dev) && ipv4_is_loopback(tip))) 767 goto out_free_skb; 768 769 /* 770 * For some 802.11 wireless deployments (and possibly other networks), 771 * there will be an ARP proxy and gratuitous ARP frames are attacks 772 * and thus should not be accepted. 773 */ 774 if (sip == tip && IN_DEV_ORCONF(in_dev, DROP_GRATUITOUS_ARP)) 775 goto out_free_skb; 776 777/* 778 * Special case: We must set Frame Relay source Q.922 address 779 */ 780 if (dev_type == ARPHRD_DLCI) 781 sha = dev->broadcast; 782 783/* 784 * Process entry. The idea here is we want to send a reply if it is a 785 * request for us or if it is a request for someone else that we hold 786 * a proxy for. We want to add an entry to our cache if it is a reply 787 * to us or if it is a request for our address. 788 * (The assumption for this last is that if someone is requesting our 789 * address, they are probably intending to talk to us, so it saves time 790 * if we cache their address. Their address is also probably not in 791 * our cache, since ours is not in their cache.) 792 * 793 * Putting this another way, we only care about replies if they are to 794 * us, in which case we add them to the cache. For requests, we care 795 * about those for us and those for our proxies. We reply to both, 796 * and in the case of requests for us we add the requester to the arp 797 * cache. 798 */ 799 800 if (arp->ar_op == htons(ARPOP_REQUEST) && skb_metadata_dst(skb)) 801 reply_dst = (struct dst_entry *) 802 iptunnel_metadata_reply(skb_metadata_dst(skb), 803 GFP_ATOMIC); 804 805 /* Special case: IPv4 duplicate address detection packet (RFC2131) */ 806 if (sip == 0) { 807 if (arp->ar_op == htons(ARPOP_REQUEST) && 808 inet_addr_type_dev_table(net, dev, tip) == RTN_LOCAL && 809 !arp_ignore(in_dev, sip, tip)) 810 arp_send_dst(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, 811 sha, dev->dev_addr, sha, reply_dst); 812 goto out_consume_skb; 813 } 814 815 if (arp->ar_op == htons(ARPOP_REQUEST) && 816 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) { 817 818 rt = skb_rtable(skb); 819 addr_type = rt->rt_type; 820 821 if (addr_type == RTN_LOCAL) { 822 int dont_send; 823 824 dont_send = arp_ignore(in_dev, sip, tip); 825 if (!dont_send && IN_DEV_ARPFILTER(in_dev)) 826 dont_send = arp_filter(sip, tip, dev); 827 if (!dont_send) { 828 n = neigh_event_ns(&arp_tbl, sha, &sip, dev); 829 if (n) { 830 arp_send_dst(ARPOP_REPLY, ETH_P_ARP, 831 sip, dev, tip, sha, 832 dev->dev_addr, sha, 833 reply_dst); 834 neigh_release(n); 835 } 836 } 837 goto out_consume_skb; 838 } else if (IN_DEV_FORWARD(in_dev)) { 839 if (addr_type == RTN_UNICAST && 840 (arp_fwd_proxy(in_dev, dev, rt) || 841 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) || 842 (rt->dst.dev != dev && 843 pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) { 844 n = neigh_event_ns(&arp_tbl, sha, &sip, dev); 845 if (n) 846 neigh_release(n); 847 848 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED || 849 skb->pkt_type == PACKET_HOST || 850 NEIGH_VAR(in_dev->arp_parms, PROXY_DELAY) == 0) { 851 arp_send_dst(ARPOP_REPLY, ETH_P_ARP, 852 sip, dev, tip, sha, 853 dev->dev_addr, sha, 854 reply_dst); 855 } else { 856 pneigh_enqueue(&arp_tbl, 857 in_dev->arp_parms, skb); 858 goto out_free_dst; 859 } 860 goto out_consume_skb; 861 } 862 } 863 } 864 865 /* Update our ARP tables */ 866 867 n = __neigh_lookup(&arp_tbl, &sip, dev, 0); 868 869 addr_type = -1; 870 if (n || IN_DEV_ARP_ACCEPT(in_dev)) { 871 is_garp = arp_is_garp(net, dev, &addr_type, arp->ar_op, 872 sip, tip, sha, tha); 873 } 874 875 if (IN_DEV_ARP_ACCEPT(in_dev)) { 876 /* Unsolicited ARP is not accepted by default. 877 It is possible, that this option should be enabled for some 878 devices (strip is candidate) 879 */ 880 if (!n && 881 (is_garp || 882 (arp->ar_op == htons(ARPOP_REPLY) && 883 (addr_type == RTN_UNICAST || 884 (addr_type < 0 && 885 /* postpone calculation to as late as possible */ 886 inet_addr_type_dev_table(net, dev, sip) == 887 RTN_UNICAST))))) 888 n = __neigh_lookup(&arp_tbl, &sip, dev, 1); 889 } 890 891 if (n) { 892 int state = NUD_REACHABLE; 893 int override; 894 895 /* If several different ARP replies follows back-to-back, 896 use the FIRST one. It is possible, if several proxy 897 agents are active. Taking the first reply prevents 898 arp trashing and chooses the fastest router. 899 */ 900 override = time_after(jiffies, 901 n->updated + 902 NEIGH_VAR(n->parms, LOCKTIME)) || 903 is_garp; 904 905 /* Broadcast replies and request packets 906 do not assert neighbour reachability. 907 */ 908 if (arp->ar_op != htons(ARPOP_REPLY) || 909 skb->pkt_type != PACKET_HOST) 910 state = NUD_STALE; 911 neigh_update(n, sha, state, 912 override ? NEIGH_UPDATE_F_OVERRIDE : 0, 0); 913 neigh_release(n); 914 } 915 916out_consume_skb: 917 consume_skb(skb); 918 919out_free_dst: 920 dst_release(reply_dst); 921 return NET_RX_SUCCESS; 922 923out_free_skb: 924 kfree_skb(skb); 925 return NET_RX_DROP; 926} 927 928static void parp_redo(struct sk_buff *skb) 929{ 930 arp_process(dev_net(skb->dev), NULL, skb); 931} 932 933static int arp_is_multicast(const void *pkey) 934{ 935 return ipv4_is_multicast(*((__be32 *)pkey)); 936} 937 938/* 939 * Receive an arp request from the device layer. 940 */ 941 942static int arp_rcv(struct sk_buff *skb, struct net_device *dev, 943 struct packet_type *pt, struct net_device *orig_dev) 944{ 945 const struct arphdr *arp; 946 947 /* do not tweak dropwatch on an ARP we will ignore */ 948 if (dev->flags & IFF_NOARP || 949 skb->pkt_type == PACKET_OTHERHOST || 950 skb->pkt_type == PACKET_LOOPBACK) 951 goto consumeskb; 952 953 skb = skb_share_check(skb, GFP_ATOMIC); 954 if (!skb) 955 goto out_of_mem; 956 957 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */ 958 if (!pskb_may_pull(skb, arp_hdr_len(dev))) 959 goto freeskb; 960 961 arp = arp_hdr(skb); 962 if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4) 963 goto freeskb; 964 965 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb)); 966 967 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, 968 dev_net(dev), NULL, skb, dev, NULL, 969 arp_process); 970 971consumeskb: 972 consume_skb(skb); 973 return NET_RX_SUCCESS; 974freeskb: 975 kfree_skb(skb); 976out_of_mem: 977 return NET_RX_DROP; 978} 979 980/* 981 * User level interface (ioctl) 982 */ 983 984/* 985 * Set (create) an ARP cache entry. 986 */ 987 988static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on) 989{ 990 if (!dev) { 991 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on; 992 return 0; 993 } 994 if (__in_dev_get_rtnl(dev)) { 995 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on); 996 return 0; 997 } 998 return -ENXIO; 999} 1000 1001static int arp_req_set_public(struct net *net, struct arpreq *r, 1002 struct net_device *dev) 1003{ 1004 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 1005 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr; 1006 1007 if (mask && mask != htonl(0xFFFFFFFF)) 1008 return -EINVAL; 1009 if (!dev && (r->arp_flags & ATF_COM)) { 1010 dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family, 1011 r->arp_ha.sa_data); 1012 if (!dev) 1013 return -ENODEV; 1014 } 1015 if (mask) { 1016 if (!pneigh_lookup(&arp_tbl, net, &ip, dev, 1)) 1017 return -ENOBUFS; 1018 return 0; 1019 } 1020 1021 return arp_req_set_proxy(net, dev, 1); 1022} 1023 1024static int arp_req_set(struct net *net, struct arpreq *r, 1025 struct net_device *dev) 1026{ 1027 __be32 ip; 1028 struct neighbour *neigh; 1029 int err; 1030 1031 if (r->arp_flags & ATF_PUBL) 1032 return arp_req_set_public(net, r, dev); 1033 1034 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 1035 if (r->arp_flags & ATF_PERM) 1036 r->arp_flags |= ATF_COM; 1037 if (!dev) { 1038 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0); 1039 1040 if (IS_ERR(rt)) 1041 return PTR_ERR(rt); 1042 dev = rt->dst.dev; 1043 ip_rt_put(rt); 1044 if (!dev) 1045 return -EINVAL; 1046 } 1047 switch (dev->type) { 1048#if IS_ENABLED(CONFIG_FDDI) 1049 case ARPHRD_FDDI: 1050 /* 1051 * According to RFC 1390, FDDI devices should accept ARP 1052 * hardware types of 1 (Ethernet). However, to be more 1053 * robust, we'll accept hardware types of either 1 (Ethernet) 1054 * or 6 (IEEE 802.2). 1055 */ 1056 if (r->arp_ha.sa_family != ARPHRD_FDDI && 1057 r->arp_ha.sa_family != ARPHRD_ETHER && 1058 r->arp_ha.sa_family != ARPHRD_IEEE802) 1059 return -EINVAL; 1060 break; 1061#endif 1062 default: 1063 if (r->arp_ha.sa_family != dev->type) 1064 return -EINVAL; 1065 break; 1066 } 1067 1068 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev); 1069 err = PTR_ERR(neigh); 1070 if (!IS_ERR(neigh)) { 1071 unsigned int state = NUD_STALE; 1072 if (r->arp_flags & ATF_PERM) 1073 state = NUD_PERMANENT; 1074 err = neigh_update(neigh, (r->arp_flags & ATF_COM) ? 1075 r->arp_ha.sa_data : NULL, state, 1076 NEIGH_UPDATE_F_OVERRIDE | 1077 NEIGH_UPDATE_F_ADMIN, 0); 1078 neigh_release(neigh); 1079 } 1080 return err; 1081} 1082 1083static unsigned int arp_state_to_flags(struct neighbour *neigh) 1084{ 1085 if (neigh->nud_state&NUD_PERMANENT) 1086 return ATF_PERM | ATF_COM; 1087 else if (neigh->nud_state&NUD_VALID) 1088 return ATF_COM; 1089 else 1090 return 0; 1091} 1092 1093/* 1094 * Get an ARP cache entry. 1095 */ 1096 1097static int arp_req_get(struct arpreq *r, struct net_device *dev) 1098{ 1099 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr; 1100 struct neighbour *neigh; 1101 int err = -ENXIO; 1102 1103 neigh = neigh_lookup(&arp_tbl, &ip, dev); 1104 if (neigh) { 1105 if (!(neigh->nud_state & NUD_NOARP)) { 1106 read_lock_bh(&neigh->lock); 1107 memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len); 1108 r->arp_flags = arp_state_to_flags(neigh); 1109 read_unlock_bh(&neigh->lock); 1110 r->arp_ha.sa_family = dev->type; 1111 strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev)); 1112 err = 0; 1113 } 1114 neigh_release(neigh); 1115 } 1116 return err; 1117} 1118 1119int arp_invalidate(struct net_device *dev, __be32 ip, bool force) 1120{ 1121 struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev); 1122 int err = -ENXIO; 1123 struct neigh_table *tbl = &arp_tbl; 1124 1125 if (neigh) { 1126 if ((neigh->nud_state & NUD_VALID) && !force) { 1127 neigh_release(neigh); 1128 return 0; 1129 } 1130 1131 if (neigh->nud_state & ~NUD_NOARP) 1132 err = neigh_update(neigh, NULL, NUD_FAILED, 1133 NEIGH_UPDATE_F_OVERRIDE| 1134 NEIGH_UPDATE_F_ADMIN, 0); 1135 write_lock_bh(&tbl->lock); 1136 neigh_release(neigh); 1137 neigh_remove_one(neigh, tbl); 1138 write_unlock_bh(&tbl->lock); 1139 } 1140 1141 return err; 1142} 1143 1144static int arp_req_delete_public(struct net *net, struct arpreq *r, 1145 struct net_device *dev) 1146{ 1147 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr; 1148 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr; 1149 1150 if (mask == htonl(0xFFFFFFFF)) 1151 return pneigh_delete(&arp_tbl, net, &ip, dev); 1152 1153 if (mask) 1154 return -EINVAL; 1155 1156 return arp_req_set_proxy(net, dev, 0); 1157} 1158 1159static int arp_req_delete(struct net *net, struct arpreq *r, 1160 struct net_device *dev) 1161{ 1162 __be32 ip; 1163 1164 if (r->arp_flags & ATF_PUBL) 1165 return arp_req_delete_public(net, r, dev); 1166 1167 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 1168 if (!dev) { 1169 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0); 1170 if (IS_ERR(rt)) 1171 return PTR_ERR(rt); 1172 dev = rt->dst.dev; 1173 ip_rt_put(rt); 1174 if (!dev) 1175 return -EINVAL; 1176 } 1177 return arp_invalidate(dev, ip, true); 1178} 1179 1180/* 1181 * Handle an ARP layer I/O control request. 1182 */ 1183 1184int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg) 1185{ 1186 int err; 1187 struct arpreq r; 1188 struct net_device *dev = NULL; 1189 1190 switch (cmd) { 1191 case SIOCDARP: 1192 case SIOCSARP: 1193 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 1194 return -EPERM; 1195 fallthrough; 1196 case SIOCGARP: 1197 err = copy_from_user(&r, arg, sizeof(struct arpreq)); 1198 if (err) 1199 return -EFAULT; 1200 break; 1201 default: 1202 return -EINVAL; 1203 } 1204 1205 if (r.arp_pa.sa_family != AF_INET) 1206 return -EPFNOSUPPORT; 1207 1208 if (!(r.arp_flags & ATF_PUBL) && 1209 (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB))) 1210 return -EINVAL; 1211 if (!(r.arp_flags & ATF_NETMASK)) 1212 ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr = 1213 htonl(0xFFFFFFFFUL); 1214 rtnl_lock(); 1215 if (r.arp_dev[0]) { 1216 err = -ENODEV; 1217 dev = __dev_get_by_name(net, r.arp_dev); 1218 if (!dev) 1219 goto out; 1220 1221 /* Mmmm... It is wrong... ARPHRD_NETROM==0 */ 1222 if (!r.arp_ha.sa_family) 1223 r.arp_ha.sa_family = dev->type; 1224 err = -EINVAL; 1225 if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type) 1226 goto out; 1227 } else if (cmd == SIOCGARP) { 1228 err = -ENODEV; 1229 goto out; 1230 } 1231 1232 switch (cmd) { 1233 case SIOCDARP: 1234 err = arp_req_delete(net, &r, dev); 1235 break; 1236 case SIOCSARP: 1237 err = arp_req_set(net, &r, dev); 1238 break; 1239 case SIOCGARP: 1240 err = arp_req_get(&r, dev); 1241 break; 1242 } 1243out: 1244 rtnl_unlock(); 1245 if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r))) 1246 err = -EFAULT; 1247 return err; 1248} 1249 1250static int arp_netdev_event(struct notifier_block *this, unsigned long event, 1251 void *ptr) 1252{ 1253 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1254 struct netdev_notifier_change_info *change_info; 1255 struct in_device *in_dev; 1256 bool evict_nocarrier; 1257 1258 switch (event) { 1259 case NETDEV_CHANGEADDR: 1260 neigh_changeaddr(&arp_tbl, dev); 1261 rt_cache_flush(dev_net(dev)); 1262 break; 1263 case NETDEV_CHANGE: 1264 change_info = ptr; 1265 if (change_info->flags_changed & IFF_NOARP) 1266 neigh_changeaddr(&arp_tbl, dev); 1267 1268 in_dev = __in_dev_get_rtnl(dev); 1269 if (!in_dev) 1270 evict_nocarrier = true; 1271 else 1272 evict_nocarrier = IN_DEV_ARP_EVICT_NOCARRIER(in_dev); 1273 1274 if (evict_nocarrier && !netif_carrier_ok(dev)) 1275 neigh_carrier_down(&arp_tbl, dev); 1276 break; 1277 default: 1278 break; 1279 } 1280 1281 return NOTIFY_DONE; 1282} 1283 1284static struct notifier_block arp_netdev_notifier = { 1285 .notifier_call = arp_netdev_event, 1286}; 1287 1288/* Note, that it is not on notifier chain. 1289 It is necessary, that this routine was called after route cache will be 1290 flushed. 1291 */ 1292void arp_ifdown(struct net_device *dev) 1293{ 1294 neigh_ifdown(&arp_tbl, dev); 1295} 1296 1297 1298/* 1299 * Called once on startup. 1300 */ 1301 1302static struct packet_type arp_packet_type __read_mostly = { 1303 .type = cpu_to_be16(ETH_P_ARP), 1304 .func = arp_rcv, 1305}; 1306 1307#ifdef CONFIG_PROC_FS 1308#if IS_ENABLED(CONFIG_AX25) 1309 1310/* 1311 * ax25 -> ASCII conversion 1312 */ 1313static void ax2asc2(ax25_address *a, char *buf) 1314{ 1315 char c, *s; 1316 int n; 1317 1318 for (n = 0, s = buf; n < 6; n++) { 1319 c = (a->ax25_call[n] >> 1) & 0x7F; 1320 1321 if (c != ' ') 1322 *s++ = c; 1323 } 1324 1325 *s++ = '-'; 1326 n = (a->ax25_call[6] >> 1) & 0x0F; 1327 if (n > 9) { 1328 *s++ = '1'; 1329 n -= 10; 1330 } 1331 1332 *s++ = n + '0'; 1333 *s++ = '\0'; 1334 1335 if (*buf == '\0' || *buf == '-') { 1336 buf[0] = '*'; 1337 buf[1] = '\0'; 1338 } 1339} 1340#endif /* CONFIG_AX25 */ 1341 1342#define HBUFFERLEN 30 1343 1344static void arp_format_neigh_entry(struct seq_file *seq, 1345 struct neighbour *n) 1346{ 1347 char hbuffer[HBUFFERLEN]; 1348 int k, j; 1349 char tbuf[16]; 1350 struct net_device *dev = n->dev; 1351 int hatype = dev->type; 1352 1353 read_lock(&n->lock); 1354 /* Convert hardware address to XX:XX:XX:XX ... form. */ 1355#if IS_ENABLED(CONFIG_AX25) 1356 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM) 1357 ax2asc2((ax25_address *)n->ha, hbuffer); 1358 else { 1359#endif 1360 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) { 1361 hbuffer[k++] = hex_asc_hi(n->ha[j]); 1362 hbuffer[k++] = hex_asc_lo(n->ha[j]); 1363 hbuffer[k++] = ':'; 1364 } 1365 if (k != 0) 1366 --k; 1367 hbuffer[k] = 0; 1368#if IS_ENABLED(CONFIG_AX25) 1369 } 1370#endif 1371 sprintf(tbuf, "%pI4", n->primary_key); 1372 seq_printf(seq, "%-16s 0x%-10x0x%-10x%-17s * %s\n", 1373 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); 1374 read_unlock(&n->lock); 1375} 1376 1377static void arp_format_pneigh_entry(struct seq_file *seq, 1378 struct pneigh_entry *n) 1379{ 1380 struct net_device *dev = n->dev; 1381 int hatype = dev ? dev->type : 0; 1382 char tbuf[16]; 1383 1384 sprintf(tbuf, "%pI4", n->key); 1385 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", 1386 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", 1387 dev ? dev->name : "*"); 1388} 1389 1390static int arp_seq_show(struct seq_file *seq, void *v) 1391{ 1392 if (v == SEQ_START_TOKEN) { 1393 seq_puts(seq, "IP address HW type Flags " 1394 "HW address Mask Device\n"); 1395 } else { 1396 struct neigh_seq_state *state = seq->private; 1397 1398 if (state->flags & NEIGH_SEQ_IS_PNEIGH) 1399 arp_format_pneigh_entry(seq, v); 1400 else 1401 arp_format_neigh_entry(seq, v); 1402 } 1403 1404 return 0; 1405} 1406 1407static void *arp_seq_start(struct seq_file *seq, loff_t *pos) 1408{ 1409 /* Don't want to confuse "arp -a" w/ magic entries, 1410 * so we tell the generic iterator to skip NUD_NOARP. 1411 */ 1412 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP); 1413} 1414 1415static const struct seq_operations arp_seq_ops = { 1416 .start = arp_seq_start, 1417 .next = neigh_seq_next, 1418 .stop = neigh_seq_stop, 1419 .show = arp_seq_show, 1420}; 1421#endif /* CONFIG_PROC_FS */ 1422 1423static int __net_init arp_net_init(struct net *net) 1424{ 1425 if (!proc_create_net("arp", 0444, net->proc_net, &arp_seq_ops, 1426 sizeof(struct neigh_seq_state))) 1427 return -ENOMEM; 1428 return 0; 1429} 1430 1431static void __net_exit arp_net_exit(struct net *net) 1432{ 1433 remove_proc_entry("arp", net->proc_net); 1434} 1435 1436static struct pernet_operations arp_net_ops = { 1437 .init = arp_net_init, 1438 .exit = arp_net_exit, 1439}; 1440 1441void __init arp_init(void) 1442{ 1443 neigh_table_init(NEIGH_ARP_TABLE, &arp_tbl); 1444 1445 dev_add_pack(&arp_packet_type); 1446 register_pernet_subsys(&arp_net_ops); 1447#ifdef CONFIG_SYSCTL 1448 neigh_sysctl_register(NULL, &arp_tbl.parms, NULL); 1449#endif 1450 register_netdevice_notifier(&arp_netdev_notifier); 1451}