search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cxgbe/t4_tom: Read the chip's DDP page sizes and save them in a
[freebsd-src.git] / sys / netinet / if_ether.c
blob9f36c328d3ae07be806832b4e78f34b1330f9c8c
1 /*-
2 * Copyright (c) 1982, 1986, 1988, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * @(#)if_ether.c 8.1 (Berkeley) 6/10/93
30 */
31
32 /*
33 * Ethernet address resolution protocol.
34 * TODO:
35 * add "inuse/lock" bit (or ref. count) along with valid bit
36 */
37
38 #include <sys/cdefs.h>
39 __FBSDID("$FreeBSD$");
40
41 #include "opt_inet.h"
42
43 #include <sys/param.h>
44 #include <sys/kernel.h>
45 #include <sys/lock.h>
46 #include <sys/queue.h>
47 #include <sys/sysctl.h>
48 #include <sys/systm.h>
49 #include <sys/mbuf.h>
50 #include <sys/malloc.h>
51 #include <sys/proc.h>
52 #include <sys/rmlock.h>
53 #include <sys/socket.h>
54 #include <sys/syslog.h>
55
56 #include <net/if.h>
57 #include <net/if_var.h>
58 #include <net/if_dl.h>
59 #include <net/if_types.h>
60 #include <net/netisr.h>
61 #include <net/ethernet.h>
62 #include <net/route.h>
63 #include <net/vnet.h>
64
65 #include <netinet/in.h>
66 #include <netinet/in_fib.h>
67 #include <netinet/in_var.h>
68 #include <net/if_llatbl.h>
69 #include <netinet/if_ether.h>
70 #ifdef INET
71 #include <netinet/ip_carp.h>
72 #endif
73
74 #include <security/mac/mac_framework.h>
75
76 #define SIN(s) ((const struct sockaddr_in *)(s))
77
78 static struct timeval arp_lastlog;
79 static int arp_curpps;
80 static int arp_maxpps = 1;
81
82 /* Simple ARP state machine */
83 enum arp_llinfo_state {
84 ARP_LLINFO_INCOMPLETE = 0, /* No LLE data */
85 ARP_LLINFO_REACHABLE, /* LLE is valid */
86 ARP_LLINFO_VERIFY, /* LLE is valid, need refresh */
87 ARP_LLINFO_DELETED, /* LLE is deleted */
88 };
89
90 SYSCTL_DECL(_net_link_ether);
91 static SYSCTL_NODE(_net_link_ether, PF_INET, inet, CTLFLAG_RW, 0, "");
92 static SYSCTL_NODE(_net_link_ether, PF_ARP, arp, CTLFLAG_RW, 0, "");
93
94 /* timer values */
95 static VNET_DEFINE(int, arpt_keep) = (20*60); /* once resolved, good for 20
96 * minutes */
97 static VNET_DEFINE(int, arp_maxtries) = 5;
98 static VNET_DEFINE(int, arp_proxyall) = 0;
99 static VNET_DEFINE(int, arpt_down) = 20; /* keep incomplete entries for
100 * 20 seconds */
101 static VNET_DEFINE(int, arpt_rexmit) = 1; /* retransmit arp entries, sec*/
102 VNET_PCPUSTAT_DEFINE(struct arpstat, arpstat); /* ARP statistics, see if_arp.h */
103 VNET_PCPUSTAT_SYSINIT(arpstat);
104
105 #ifdef VIMAGE
106 VNET_PCPUSTAT_SYSUNINIT(arpstat);
107 #endif /* VIMAGE */
108
109 static VNET_DEFINE(int, arp_maxhold) = 1;
110
111 #define V_arpt_keep VNET(arpt_keep)
112 #define V_arpt_down VNET(arpt_down)
113 #define V_arpt_rexmit VNET(arpt_rexmit)
114 #define V_arp_maxtries VNET(arp_maxtries)
115 #define V_arp_proxyall VNET(arp_proxyall)
116 #define V_arp_maxhold VNET(arp_maxhold)
117
118 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, max_age, CTLFLAG_VNET | CTLFLAG_RW,
119 &VNET_NAME(arpt_keep), 0,
120 "ARP entry lifetime in seconds");
121 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_VNET | CTLFLAG_RW,
122 &VNET_NAME(arp_maxtries), 0,
123 "ARP resolution attempts before returning error");
124 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, proxyall, CTLFLAG_VNET | CTLFLAG_RW,
125 &VNET_NAME(arp_proxyall), 0,
126 "Enable proxy ARP for all suitable requests");
127 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, wait, CTLFLAG_VNET | CTLFLAG_RW,
128 &VNET_NAME(arpt_down), 0,
129 "Incomplete ARP entry lifetime in seconds");
130 SYSCTL_VNET_PCPUSTAT(_net_link_ether_arp, OID_AUTO, stats, struct arpstat,
131 arpstat, "ARP statistics (struct arpstat, net/if_arp.h)");
132 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, maxhold, CTLFLAG_VNET | CTLFLAG_RW,
133 &VNET_NAME(arp_maxhold), 0,
134 "Number of packets to hold per ARP entry");
135 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, max_log_per_second,
136 CTLFLAG_RW, &arp_maxpps, 0,
137 "Maximum number of remotely triggered ARP messages that can be "
138 "logged per second");
139
140 #define ARP_LOG(pri, ...) do { \
141 if (ppsratecheck(&arp_lastlog, &arp_curpps, arp_maxpps)) \
142 log((pri), "arp: " __VA_ARGS__); \
143 } while (0)
144
145
146 static void arpintr(struct mbuf *);
147 static void arptimer(void *);
148 #ifdef INET
149 static void in_arpinput(struct mbuf *);
150 #endif
151
152 static void arp_check_update_lle(struct arphdr *ah, struct in_addr isaddr,
153 struct ifnet *ifp, int bridged, struct llentry *la);
154 static void arp_mark_lle_reachable(struct llentry *la);
155 static void arp_iflladdr(void *arg __unused, struct ifnet *ifp);
156
157 static eventhandler_tag iflladdr_tag;
158
159 static const struct netisr_handler arp_nh = {
160 .nh_name = "arp",
161 .nh_handler = arpintr,
162 .nh_proto = NETISR_ARP,
163 .nh_policy = NETISR_POLICY_SOURCE,
164 };
165
166 /*
167 * Timeout routine. Age arp_tab entries periodically.
168 */
169 static void
170 arptimer(void *arg)
171 {
172 struct llentry *lle = (struct llentry *)arg;
173 struct ifnet *ifp;
174 int r_skip_req;
175
176 if (lle->la_flags & LLE_STATIC) {
177 return;
178 }
179 LLE_WLOCK(lle);
180 if (callout_pending(&lle->lle_timer)) {
181 /*
182 * Here we are a bit odd here in the treatment of
183 * active/pending. If the pending bit is set, it got
184 * rescheduled before I ran. The active
185 * bit we ignore, since if it was stopped
186 * in ll_tablefree() and was currently running
187 * it would have return 0 so the code would
188 * not have deleted it since the callout could
189 * not be stopped so we want to go through
190 * with the delete here now. If the callout
191 * was restarted, the pending bit will be back on and
192 * we just want to bail since the callout_reset would
193 * return 1 and our reference would have been removed
194 * by arpresolve() below.
195 */
196 LLE_WUNLOCK(lle);
197 return;
198 }
199 ifp = lle->lle_tbl->llt_ifp;
200 CURVNET_SET(ifp->if_vnet);
201
202 switch (lle->ln_state) {
203 case ARP_LLINFO_REACHABLE:
204
205 /*
206 * Expiration time is approaching.
207 * Let's try to refresh entry if it is still
208 * in use.
209 *
210 * Set r_skip_req to get feedback from
211 * fast path. Change state and re-schedule
212 * ourselves.
213 */
214 LLE_REQ_LOCK(lle);
215 lle->r_skip_req = 1;
216 LLE_REQ_UNLOCK(lle);
217 lle->ln_state = ARP_LLINFO_VERIFY;
218 callout_schedule(&lle->lle_timer, hz * V_arpt_rexmit);
219 LLE_WUNLOCK(lle);
220 CURVNET_RESTORE();
221 return;
222 case ARP_LLINFO_VERIFY:
223 LLE_REQ_LOCK(lle);
224 r_skip_req = lle->r_skip_req;
225 LLE_REQ_UNLOCK(lle);
226
227 if (r_skip_req == 0 && lle->la_preempt > 0) {
228 /* Entry was used, issue refresh request */
229 struct in_addr dst;
230 dst = lle->r_l3addr.addr4;
231 lle->la_preempt--;
232 callout_schedule(&lle->lle_timer, hz * V_arpt_rexmit);
233 LLE_WUNLOCK(lle);
234 arprequest(ifp, NULL, &dst, NULL);
235 CURVNET_RESTORE();
236 return;
237 }
238 /* Nothing happened. Reschedule if not too late */
239 if (lle->la_expire > time_uptime) {
240 callout_schedule(&lle->lle_timer, hz * V_arpt_rexmit);
241 LLE_WUNLOCK(lle);
242 CURVNET_RESTORE();
243 return;
244 }
245 break;
246 case ARP_LLINFO_INCOMPLETE:
247 case ARP_LLINFO_DELETED:
248 break;
249 }
250
251 if ((lle->la_flags & LLE_DELETED) == 0) {
252 int evt;
253
254 if (lle->la_flags & LLE_VALID)
255 evt = LLENTRY_EXPIRED;
256 else
257 evt = LLENTRY_TIMEDOUT;
258 EVENTHANDLER_INVOKE(lle_event, lle, evt);
259 }
260
261 callout_stop(&lle->lle_timer);
262
263 /* XXX: LOR avoidance. We still have ref on lle. */
264 LLE_WUNLOCK(lle);
265 IF_AFDATA_LOCK(ifp);
266 LLE_WLOCK(lle);
267
268 /* Guard against race with other llentry_free(). */
269 if (lle->la_flags & LLE_LINKED) {
270 LLE_REMREF(lle);
271 lltable_unlink_entry(lle->lle_tbl, lle);
272 }
273 IF_AFDATA_UNLOCK(ifp);
274
275 size_t pkts_dropped = llentry_free(lle);
276
277 ARPSTAT_ADD(dropped, pkts_dropped);
278 ARPSTAT_INC(timeouts);
279
280 CURVNET_RESTORE();
281 }
282
283 /*
284 * Stores link-layer header for @ifp in format suitable for if_output()
285 * into buffer @buf. Resulting header length is stored in @bufsize.
286 *
287 * Returns 0 on success.
288 */
289 static int
290 arp_fillheader(struct ifnet *ifp, struct arphdr *ah, int bcast, u_char *buf,
291 size_t *bufsize)
292 {
293 struct if_encap_req ereq;
294 int error;
295
296 bzero(buf, *bufsize);
297 bzero(&ereq, sizeof(ereq));
298 ereq.buf = buf;
299 ereq.bufsize = *bufsize;
300 ereq.rtype = IFENCAP_LL;
301 ereq.family = AF_ARP;
302 ereq.lladdr = ar_tha(ah);
303 ereq.hdata = (u_char *)ah;
304 if (bcast)
305 ereq.flags = IFENCAP_FLAG_BROADCAST;
306 error = ifp->if_requestencap(ifp, &ereq);
307 if (error == 0)
308 *bufsize = ereq.bufsize;
309
310 return (error);
311 }
312
313
314 /*
315 * Broadcast an ARP request. Caller specifies:
316 * - arp header source ip address
317 * - arp header target ip address
318 * - arp header source ethernet address
319 */
320 void
321 arprequest(struct ifnet *ifp, const struct in_addr *sip,
322 const struct in_addr *tip, u_char *enaddr)
323 {
324 struct mbuf *m;
325 struct arphdr *ah;
326 struct sockaddr sa;
327 u_char *carpaddr = NULL;
328 uint8_t linkhdr[LLE_MAX_LINKHDR];
329 size_t linkhdrsize;
330 struct route ro;
331 int error;
332
333 if (sip == NULL) {
334 /*
335 * The caller did not supply a source address, try to find
336 * a compatible one among those assigned to this interface.
337 */
338 struct ifaddr *ifa;
339
340 IF_ADDR_RLOCK(ifp);
341 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
342 if (ifa->ifa_addr->sa_family != AF_INET)
343 continue;
344
345 if (ifa->ifa_carp) {
346 if ((*carp_iamatch_p)(ifa, &carpaddr) == 0)
347 continue;
348 sip = &IA_SIN(ifa)->sin_addr;
349 } else {
350 carpaddr = NULL;
351 sip = &IA_SIN(ifa)->sin_addr;
352 }
353
354 if (0 == ((sip->s_addr ^ tip->s_addr) &
355 IA_MASKSIN(ifa)->sin_addr.s_addr))
356 break; /* found it. */
357 }
358 IF_ADDR_RUNLOCK(ifp);
359 if (sip == NULL) {
360 printf("%s: cannot find matching address\n", __func__);
361 return;
362 }
363 }
364 if (enaddr == NULL)
365 enaddr = carpaddr ? carpaddr : (u_char *)IF_LLADDR(ifp);
366
367 if ((m = m_gethdr(M_NOWAIT, MT_DATA)) == NULL)
368 return;
369 m->m_len = sizeof(*ah) + 2 * sizeof(struct in_addr) +
370 2 * ifp->if_addrlen;
371 m->m_pkthdr.len = m->m_len;
372 M_ALIGN(m, m->m_len);
373 ah = mtod(m, struct arphdr *);
374 bzero((caddr_t)ah, m->m_len);
375 #ifdef MAC
376 mac_netinet_arp_send(ifp, m);
377 #endif
378 ah->ar_pro = htons(ETHERTYPE_IP);
379 ah->ar_hln = ifp->if_addrlen; /* hardware address length */
380 ah->ar_pln = sizeof(struct in_addr); /* protocol address length */
381 ah->ar_op = htons(ARPOP_REQUEST);
382 bcopy(enaddr, ar_sha(ah), ah->ar_hln);
383 bcopy(sip, ar_spa(ah), ah->ar_pln);
384 bcopy(tip, ar_tpa(ah), ah->ar_pln);
385 sa.sa_family = AF_ARP;
386 sa.sa_len = 2;
387
388 /* Calculate link header for sending frame */
389 bzero(&ro, sizeof(ro));
390 linkhdrsize = sizeof(linkhdr);
391 error = arp_fillheader(ifp, ah, 1, linkhdr, &linkhdrsize);
392 if (error != 0 && error != EAFNOSUPPORT) {
393 ARP_LOG(LOG_ERR, "Failed to calculate ARP header on %s: %d\n",
394 if_name(ifp), error);
395 return;
396 }
397
398 ro.ro_prepend = linkhdr;
399 ro.ro_plen = linkhdrsize;
400 ro.ro_flags = 0;
401
402 m->m_flags |= M_BCAST;
403 m_clrprotoflags(m); /* Avoid confusing lower layers. */
404 (*ifp->if_output)(ifp, m, &sa, &ro);
405 ARPSTAT_INC(txrequests);
406 }
407
408
409 /*
410 * Resolve an IP address into an ethernet address - heavy version.
411 * Used internally by arpresolve().
412 * We have already checked than we can't use existing lle without
413 * modification so we have to acquire LLE_EXCLUSIVE lle lock.
414 *
415 * On success, desten and flags are filled in and the function returns 0;
416 * If the packet must be held pending resolution, we return EWOULDBLOCK
417 * On other errors, we return the corresponding error code.
418 * Note that m_freem() handles NULL.
419 */
420 static int
421 arpresolve_full(struct ifnet *ifp, int is_gw, int flags, struct mbuf *m,
422 const struct sockaddr *dst, u_char *desten, uint32_t *pflags,
423 struct llentry **plle)
424 {
425 struct llentry *la = NULL, *la_tmp;
426 struct mbuf *curr = NULL;
427 struct mbuf *next = NULL;
428 int error, renew;
429 char *lladdr;
430 int ll_len;
431
432 if (pflags != NULL)
433 *pflags = 0;
434 if (plle != NULL)
435 *plle = NULL;
436
437 if ((flags & LLE_CREATE) == 0) {
438 IF_AFDATA_RLOCK(ifp);
439 la = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst);
440 IF_AFDATA_RUNLOCK(ifp);
441 }
442 if (la == NULL && (ifp->if_flags & (IFF_NOARP | IFF_STATICARP)) == 0) {
443 la = lltable_alloc_entry(LLTABLE(ifp), 0, dst);
444 if (la == NULL) {
445 log(LOG_DEBUG,
446 "arpresolve: can't allocate llinfo for %s on %s\n",
447 inet_ntoa(SIN(dst)->sin_addr), if_name(ifp));
448 m_freem(m);
449 return (EINVAL);
450 }
451
452 IF_AFDATA_WLOCK(ifp);
453 LLE_WLOCK(la);
454 la_tmp = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst);
455 /* Prefer ANY existing lle over newly-created one */
456 if (la_tmp == NULL)
457 lltable_link_entry(LLTABLE(ifp), la);
458 IF_AFDATA_WUNLOCK(ifp);
459 if (la_tmp != NULL) {
460 lltable_free_entry(LLTABLE(ifp), la);
461 la = la_tmp;
462 }
463 }
464 if (la == NULL) {
465 m_freem(m);
466 return (EINVAL);
467 }
468
469 if ((la->la_flags & LLE_VALID) &&
470 ((la->la_flags & LLE_STATIC) || la->la_expire > time_uptime)) {
471 if (flags & LLE_ADDRONLY) {
472 lladdr = la->ll_addr;
473 ll_len = ifp->if_addrlen;
474 } else {
475 lladdr = la->r_linkdata;
476 ll_len = la->r_hdrlen;
477 }
478 bcopy(lladdr, desten, ll_len);
479
480 /* Check if we have feedback request from arptimer() */
481 if (la->r_skip_req != 0) {
482 LLE_REQ_LOCK(la);
483 la->r_skip_req = 0; /* Notify that entry was used */
484 LLE_REQ_UNLOCK(la);
485 }
486 if (pflags != NULL)
487 *pflags = la->la_flags & (LLE_VALID|LLE_IFADDR);
488 if (plle) {
489 LLE_ADDREF(la);
490 *plle = la;
491 }
492 LLE_WUNLOCK(la);
493 return (0);
494 }
495
496 renew = (la->la_asked == 0 || la->la_expire != time_uptime);
497 /*
498 * There is an arptab entry, but no ethernet address
499 * response yet. Add the mbuf to the list, dropping
500 * the oldest packet if we have exceeded the system
501 * setting.
502 */
503 if (m != NULL) {
504 if (la->la_numheld >= V_arp_maxhold) {
505 if (la->la_hold != NULL) {
506 next = la->la_hold->m_nextpkt;
507 m_freem(la->la_hold);
508 la->la_hold = next;
509 la->la_numheld--;
510 ARPSTAT_INC(dropped);
511 }
512 }
513 if (la->la_hold != NULL) {
514 curr = la->la_hold;
515 while (curr->m_nextpkt != NULL)
516 curr = curr->m_nextpkt;
517 curr->m_nextpkt = m;
518 } else
519 la->la_hold = m;
520 la->la_numheld++;
521 }
522 /*
523 * Return EWOULDBLOCK if we have tried less than arp_maxtries. It
524 * will be masked by ether_output(). Return EHOSTDOWN/EHOSTUNREACH
525 * if we have already sent arp_maxtries ARP requests. Retransmit the
526 * ARP request, but not faster than one request per second.
527 */
528 if (la->la_asked < V_arp_maxtries)
529 error = EWOULDBLOCK; /* First request. */
530 else
531 error = is_gw != 0 ? EHOSTUNREACH : EHOSTDOWN;
532
533 if (renew) {
534 int canceled;
535
536 LLE_ADDREF(la);
537 la->la_expire = time_uptime;
538 canceled = callout_reset(&la->lle_timer, hz * V_arpt_down,
539 arptimer, la);
540 if (canceled)
541 LLE_REMREF(la);
542 la->la_asked++;
543 LLE_WUNLOCK(la);
544 arprequest(ifp, NULL, &SIN(dst)->sin_addr, NULL);
545 return (error);
546 }
547
548 LLE_WUNLOCK(la);
549 return (error);
550 }
551
552 /*
553 * Resolve an IP address into an ethernet address.
554 */
555 int
556 arpresolve_addr(struct ifnet *ifp, int flags, const struct sockaddr *dst,
557 char *desten, uint32_t *pflags, struct llentry **plle)
558 {
559 int error;
560
561 flags |= LLE_ADDRONLY;
562 error = arpresolve_full(ifp, 0, flags, NULL, dst, desten, pflags, plle);
563 return (error);
564 }
565
566
567 /*
568 * Lookups link header based on an IP address.
569 * On input:
570 * ifp is the interface we use
571 * is_gw != 0 if @dst represents gateway to some destination
572 * m is the mbuf. May be NULL if we don't have a packet.
573 * dst is the next hop,
574 * desten is the storage to put LL header.
575 * flags returns subset of lle flags: LLE_VALID | LLE_IFADDR
576 *
577 * On success, full/partial link header and flags are filled in and
578 * the function returns 0.
579 * If the packet must be held pending resolution, we return EWOULDBLOCK
580 * On other errors, we return the corresponding error code.
581 * Note that m_freem() handles NULL.
582 */
583 int
584 arpresolve(struct ifnet *ifp, int is_gw, struct mbuf *m,
585 const struct sockaddr *dst, u_char *desten, uint32_t *pflags,
586 struct llentry **plle)
587 {
588 struct llentry *la = NULL;
589
590 if (pflags != NULL)
591 *pflags = 0;
592 if (plle != NULL)
593 *plle = NULL;
594
595 if (m != NULL) {
596 if (m->m_flags & M_BCAST) {
597 /* broadcast */
598 (void)memcpy(desten,
599 ifp->if_broadcastaddr, ifp->if_addrlen);
600 return (0);
601 }
602 if (m->m_flags & M_MCAST) {
603 /* multicast */
604 ETHER_MAP_IP_MULTICAST(&SIN(dst)->sin_addr, desten);
605 return (0);
606 }
607 }
608
609 IF_AFDATA_RLOCK(ifp);
610 la = lla_lookup(LLTABLE(ifp), plle ? LLE_EXCLUSIVE : LLE_UNLOCKED, dst);
611 if (la != NULL && (la->r_flags & RLLE_VALID) != 0) {
612 /* Entry found, let's copy lle info */
613 bcopy(la->r_linkdata, desten, la->r_hdrlen);
614 if (pflags != NULL)
615 *pflags = LLE_VALID | (la->r_flags & RLLE_IFADDR);
616 /* Check if we have feedback request from arptimer() */
617 if (la->r_skip_req != 0) {
618 LLE_REQ_LOCK(la);
619 la->r_skip_req = 0; /* Notify that entry was used */
620 LLE_REQ_UNLOCK(la);
621 }
622 if (plle) {
623 LLE_ADDREF(la);
624 *plle = la;
625 LLE_WUNLOCK(la);
626 }
627 IF_AFDATA_RUNLOCK(ifp);
628 return (0);
629 }
630 if (plle && la)
631 LLE_WUNLOCK(la);
632 IF_AFDATA_RUNLOCK(ifp);
633
634 return (arpresolve_full(ifp, is_gw, la == NULL ? LLE_CREATE : 0, m, dst,
635 desten, pflags, plle));
636 }
637
638 /*
639 * Common length and type checks are done here,
640 * then the protocol-specific routine is called.
641 */
642 static void
643 arpintr(struct mbuf *m)
644 {
645 struct arphdr *ar;
646 struct ifnet *ifp;
647 char *layer;
648 int hlen;
649
650 ifp = m->m_pkthdr.rcvif;
651
652 if (m->m_len < sizeof(struct arphdr) &&
653 ((m = m_pullup(m, sizeof(struct arphdr))) == NULL)) {
654 ARP_LOG(LOG_NOTICE, "packet with short header received on %s\n",
655 if_name(ifp));
656 return;
657 }
658 ar = mtod(m, struct arphdr *);
659
660 /* Check if length is sufficient */
661 if (m->m_len < arphdr_len(ar)) {
662 m = m_pullup(m, arphdr_len(ar));
663 if (m == NULL) {
664 ARP_LOG(LOG_NOTICE, "short packet received on %s\n",
665 if_name(ifp));
666 return;
667 }
668 ar = mtod(m, struct arphdr *);
669 }
670
671 hlen = 0;
672 layer = "";
673 switch (ntohs(ar->ar_hrd)) {
674 case ARPHRD_ETHER:
675 hlen = ETHER_ADDR_LEN; /* RFC 826 */
676 layer = "ethernet";
677 break;
678 case ARPHRD_IEEE802:
679 hlen = 6; /* RFC 1390, FDDI_ADDR_LEN */
680 layer = "fddi";
681 break;
682 case ARPHRD_ARCNET:
683 hlen = 1; /* RFC 1201, ARC_ADDR_LEN */
684 layer = "arcnet";
685 break;
686 case ARPHRD_INFINIBAND:
687 hlen = 20; /* RFC 4391, INFINIBAND_ALEN */
688 layer = "infiniband";
689 break;
690 case ARPHRD_IEEE1394:
691 hlen = 0; /* SHALL be 16 */ /* RFC 2734 */
692 layer = "firewire";
693
694 /*
695 * Restrict too long hardware addresses.
696 * Currently we are capable of handling 20-byte
697 * addresses ( sizeof(lle->ll_addr) )
698 */
699 if (ar->ar_hln >= 20)
700 hlen = 16;
701 break;
702 default:
703 ARP_LOG(LOG_NOTICE,
704 "packet with unknown hardware format 0x%02d received on "
705 "%s\n", ntohs(ar->ar_hrd), if_name(ifp));
706 m_freem(m);
707 return;
708 }
709
710 if (hlen != 0 && hlen != ar->ar_hln) {
711 ARP_LOG(LOG_NOTICE,
712 "packet with invalid %s address length %d received on %s\n",
713 layer, ar->ar_hln, if_name(ifp));
714 m_freem(m);
715 return;
716 }
717
718 ARPSTAT_INC(received);
719 switch (ntohs(ar->ar_pro)) {
720 #ifdef INET
721 case ETHERTYPE_IP:
722 in_arpinput(m);
723 return;
724 #endif
725 }
726 m_freem(m);
727 }
728
729 #ifdef INET
730 /*
731 * ARP for Internet protocols on 10 Mb/s Ethernet.
732 * Algorithm is that given in RFC 826.
733 * In addition, a sanity check is performed on the sender
734 * protocol address, to catch impersonators.
735 * We no longer handle negotiations for use of trailer protocol:
736 * Formerly, ARP replied for protocol type ETHERTYPE_TRAIL sent
737 * along with IP replies if we wanted trailers sent to us,
738 * and also sent them in response to IP replies.
739 * This allowed either end to announce the desire to receive
740 * trailer packets.
741 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either,
742 * but formerly didn't normally send requests.
743 */
744 static int log_arp_wrong_iface = 1;
745 static int log_arp_movements = 1;
746 static int log_arp_permanent_modify = 1;
747 static int allow_multicast = 0;
748
749 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_wrong_iface, CTLFLAG_RW,
750 &log_arp_wrong_iface, 0,
751 "log arp packets arriving on the wrong interface");
752 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_movements, CTLFLAG_RW,
753 &log_arp_movements, 0,
754 "log arp replies from MACs different than the one in the cache");
755 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_permanent_modify, CTLFLAG_RW,
756 &log_arp_permanent_modify, 0,
757 "log arp replies from MACs different than the one in the permanent arp entry");
758 SYSCTL_INT(_net_link_ether_inet, OID_AUTO, allow_multicast, CTLFLAG_RW,
759 &allow_multicast, 0, "accept multicast addresses");
760
761 static void
762 in_arpinput(struct mbuf *m)
763 {
764 struct rm_priotracker in_ifa_tracker;
765 struct arphdr *ah;
766 struct ifnet *ifp = m->m_pkthdr.rcvif;
767 struct llentry *la = NULL, *la_tmp;
768 struct ifaddr *ifa;
769 struct in_ifaddr *ia;
770 struct sockaddr sa;
771 struct in_addr isaddr, itaddr, myaddr;
772 u_int8_t *enaddr = NULL;
773 int op;
774 int bridged = 0, is_bridge = 0;
775 int carped;
776 struct sockaddr_in sin;
777 struct sockaddr *dst;
778 struct nhop4_basic nh4;
779 uint8_t linkhdr[LLE_MAX_LINKHDR];
780 struct route ro;
781 size_t linkhdrsize;
782 int lladdr_off;
783 int error;
784
785 sin.sin_len = sizeof(struct sockaddr_in);
786 sin.sin_family = AF_INET;
787 sin.sin_addr.s_addr = 0;
788
789 if (ifp->if_bridge)
790 bridged = 1;
791 if (ifp->if_type == IFT_BRIDGE)
792 is_bridge = 1;
793
794 /*
795 * We already have checked that mbuf contains enough contiguous data
796 * to hold entire arp message according to the arp header.
797 */
798 ah = mtod(m, struct arphdr *);
799
800 /*
801 * ARP is only for IPv4 so we can reject packets with
802 * a protocol length not equal to an IPv4 address.
803 */
804 if (ah->ar_pln != sizeof(struct in_addr)) {
805 ARP_LOG(LOG_NOTICE, "requested protocol length != %zu\n",
806 sizeof(struct in_addr));
807 goto drop;
808 }
809
810 if (allow_multicast == 0 && ETHER_IS_MULTICAST(ar_sha(ah))) {
811 ARP_LOG(LOG_NOTICE, "%*D is multicast\n",
812 ifp->if_addrlen, (u_char *)ar_sha(ah), ":");
813 goto drop;
814 }
815
816 op = ntohs(ah->ar_op);
817 (void)memcpy(&isaddr, ar_spa(ah), sizeof (isaddr));
818 (void)memcpy(&itaddr, ar_tpa(ah), sizeof (itaddr));
819
820 if (op == ARPOP_REPLY)
821 ARPSTAT_INC(rxreplies);
822
823 /*
824 * For a bridge, we want to check the address irrespective
825 * of the receive interface. (This will change slightly
826 * when we have clusters of interfaces).
827 */
828 IN_IFADDR_RLOCK(&in_ifa_tracker);
829 LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash) {
830 if (((bridged && ia->ia_ifp->if_bridge == ifp->if_bridge) ||
831 ia->ia_ifp == ifp) &&
832 itaddr.s_addr == ia->ia_addr.sin_addr.s_addr &&
833 (ia->ia_ifa.ifa_carp == NULL ||
834 (*carp_iamatch_p)(&ia->ia_ifa, &enaddr))) {
835 ifa_ref(&ia->ia_ifa);
836 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
837 goto match;
838 }
839 }
840 LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash)
841 if (((bridged && ia->ia_ifp->if_bridge == ifp->if_bridge) ||
842 ia->ia_ifp == ifp) &&
843 isaddr.s_addr == ia->ia_addr.sin_addr.s_addr) {
844 ifa_ref(&ia->ia_ifa);
845 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
846 goto match;
847 }
848
849 #define BDG_MEMBER_MATCHES_ARP(addr, ifp, ia) \
850 (ia->ia_ifp->if_bridge == ifp->if_softc && \
851 !bcmp(IF_LLADDR(ia->ia_ifp), IF_LLADDR(ifp), ifp->if_addrlen) && \
852 addr == ia->ia_addr.sin_addr.s_addr)
853 /*
854 * Check the case when bridge shares its MAC address with
855 * some of its children, so packets are claimed by bridge
856 * itself (bridge_input() does it first), but they are really
857 * meant to be destined to the bridge member.
858 */
859 if (is_bridge) {
860 LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash) {
861 if (BDG_MEMBER_MATCHES_ARP(itaddr.s_addr, ifp, ia)) {
862 ifa_ref(&ia->ia_ifa);
863 ifp = ia->ia_ifp;
864 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
865 goto match;
866 }
867 }
868 }
869 #undef BDG_MEMBER_MATCHES_ARP
870 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
871
872 /*
873 * No match, use the first inet address on the receive interface
874 * as a dummy address for the rest of the function.
875 */
876 IF_ADDR_RLOCK(ifp);
877 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
878 if (ifa->ifa_addr->sa_family == AF_INET &&
879 (ifa->ifa_carp == NULL ||
880 (*carp_iamatch_p)(ifa, &enaddr))) {
881 ia = ifatoia(ifa);
882 ifa_ref(ifa);
883 IF_ADDR_RUNLOCK(ifp);
884 goto match;
885 }
886 IF_ADDR_RUNLOCK(ifp);
887
888 /*
889 * If bridging, fall back to using any inet address.
890 */
891 IN_IFADDR_RLOCK(&in_ifa_tracker);
892 if (!bridged || (ia = TAILQ_FIRST(&V_in_ifaddrhead)) == NULL) {
893 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
894 goto drop;
895 }
896 ifa_ref(&ia->ia_ifa);
897 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
898 match:
899 if (!enaddr)
900 enaddr = (u_int8_t *)IF_LLADDR(ifp);
901 carped = (ia->ia_ifa.ifa_carp != NULL);
902 myaddr = ia->ia_addr.sin_addr;
903 ifa_free(&ia->ia_ifa);
904 if (!bcmp(ar_sha(ah), enaddr, ifp->if_addrlen))
905 goto drop; /* it's from me, ignore it. */
906 if (!bcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) {
907 ARP_LOG(LOG_NOTICE, "link address is broadcast for IP address "
908 "%s!\n", inet_ntoa(isaddr));
909 goto drop;
910 }
911
912 if (ifp->if_addrlen != ah->ar_hln) {
913 ARP_LOG(LOG_WARNING, "from %*D: addr len: new %d, "
914 "i/f %d (ignored)\n", ifp->if_addrlen,
915 (u_char *) ar_sha(ah), ":", ah->ar_hln,
916 ifp->if_addrlen);
917 goto drop;
918 }
919
920 /*
921 * Warn if another host is using the same IP address, but only if the
922 * IP address isn't 0.0.0.0, which is used for DHCP only, in which
923 * case we suppress the warning to avoid false positive complaints of
924 * potential misconfiguration.
925 */
926 if (!bridged && !carped && isaddr.s_addr == myaddr.s_addr &&
927 myaddr.s_addr != 0) {
928 ARP_LOG(LOG_ERR, "%*D is using my IP address %s on %s!\n",
929 ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
930 inet_ntoa(isaddr), ifp->if_xname);
931 itaddr = myaddr;
932 ARPSTAT_INC(dupips);
933 goto reply;
934 }
935 if (ifp->if_flags & IFF_STATICARP)
936 goto reply;
937
938 bzero(&sin, sizeof(sin));
939 sin.sin_len = sizeof(struct sockaddr_in);
940 sin.sin_family = AF_INET;
941 sin.sin_addr = isaddr;
942 dst = (struct sockaddr *)&sin;
943 IF_AFDATA_RLOCK(ifp);
944 la = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst);
945 IF_AFDATA_RUNLOCK(ifp);
946 if (la != NULL)
947 arp_check_update_lle(ah, isaddr, ifp, bridged, la);
948 else if (itaddr.s_addr == myaddr.s_addr) {
949 /*
950 * Request/reply to our address, but no lle exists yet.
951 * Calculate full link prepend to use in lle.
952 */
953 linkhdrsize = sizeof(linkhdr);
954 if (lltable_calc_llheader(ifp, AF_INET, ar_sha(ah), linkhdr,
955 &linkhdrsize, &lladdr_off) != 0)
956 goto reply;
957
958 /* Allocate new entry */
959 la = lltable_alloc_entry(LLTABLE(ifp), 0, dst);
960 if (la == NULL) {
961
962 /*
963 * lle creation may fail if source address belongs
964 * to non-directly connected subnet. However, we
965 * will try to answer the request instead of dropping
966 * frame.
967 */
968 goto reply;
969 }
970 lltable_set_entry_addr(ifp, la, linkhdr, linkhdrsize,
971 lladdr_off);
972
973 IF_AFDATA_WLOCK(ifp);
974 LLE_WLOCK(la);
975 la_tmp = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst);
976
977 /*
978 * Check if lle still does not exists.
979 * If it does, that means that we either
980 * 1) have configured it explicitly, via
981 * 1a) 'arp -s' static entry or
982 * 1b) interface address static record
983 * or
984 * 2) it was the result of sending first packet to-host
985 * or
986 * 3) it was another arp reply packet we handled in
987 * different thread.
988 *
989 * In all cases except 3) we definitely need to prefer
990 * existing lle. For the sake of simplicity, prefer any
991 * existing lle over newly-create one.
992 */
993 if (la_tmp == NULL)
994 lltable_link_entry(LLTABLE(ifp), la);
995 IF_AFDATA_WUNLOCK(ifp);
996
997 if (la_tmp == NULL) {
998 arp_mark_lle_reachable(la);
999 LLE_WUNLOCK(la);
1000 } else {
1001 /* Free newly-create entry and handle packet */
1002 lltable_free_entry(LLTABLE(ifp), la);
1003 la = la_tmp;
1004 la_tmp = NULL;
1005 arp_check_update_lle(ah, isaddr, ifp, bridged, la);
1006 /* arp_check_update_lle() returns @la unlocked */
1007 }
1008 la = NULL;
1009 }
1010 reply:
1011 if (op != ARPOP_REQUEST)
1012 goto drop;
1013 ARPSTAT_INC(rxrequests);
1014
1015 if (itaddr.s_addr == myaddr.s_addr) {
1016 /* Shortcut.. the receiving interface is the target. */
1017 (void)memcpy(ar_tha(ah), ar_sha(ah), ah->ar_hln);
1018 (void)memcpy(ar_sha(ah), enaddr, ah->ar_hln);
1019 } else {
1020 struct llentry *lle = NULL;
1021
1022 sin.sin_addr = itaddr;
1023 IF_AFDATA_RLOCK(ifp);
1024 lle = lla_lookup(LLTABLE(ifp), 0, (struct sockaddr *)&sin);
1025 IF_AFDATA_RUNLOCK(ifp);
1026
1027 if ((lle != NULL) && (lle->la_flags & LLE_PUB)) {
1028 (void)memcpy(ar_tha(ah), ar_sha(ah), ah->ar_hln);
1029 (void)memcpy(ar_sha(ah), lle->ll_addr, ah->ar_hln);
1030 LLE_RUNLOCK(lle);
1031 } else {
1032
1033 if (lle != NULL)
1034 LLE_RUNLOCK(lle);
1035
1036 if (!V_arp_proxyall)
1037 goto drop;
1038
1039 /* XXX MRT use table 0 for arp reply */
1040 if (fib4_lookup_nh_basic(0, itaddr, 0, 0, &nh4) != 0)
1041 goto drop;
1042
1043 /*
1044 * Don't send proxies for nodes on the same interface
1045 * as this one came out of, or we'll get into a fight
1046 * over who claims what Ether address.
1047 */
1048 if (nh4.nh_ifp == ifp)
1049 goto drop;
1050
1051 (void)memcpy(ar_tha(ah), ar_sha(ah), ah->ar_hln);
1052 (void)memcpy(ar_sha(ah), enaddr, ah->ar_hln);
1053
1054 /*
1055 * Also check that the node which sent the ARP packet
1056 * is on the interface we expect it to be on. This
1057 * avoids ARP chaos if an interface is connected to the
1058 * wrong network.
1059 */
1060
1061 /* XXX MRT use table 0 for arp checks */
1062 if (fib4_lookup_nh_basic(0, isaddr, 0, 0, &nh4) != 0)
1063 goto drop;
1064 if (nh4.nh_ifp != ifp) {
1065 ARP_LOG(LOG_INFO, "proxy: ignoring request"
1066 " from %s via %s\n",
1067 inet_ntoa(isaddr), ifp->if_xname);
1068 goto drop;
1069 }
1070
1071 #ifdef DEBUG_PROXY
1072 printf("arp: proxying for %s\n", inet_ntoa(itaddr));
1073 #endif
1074 }
1075 }
1076
1077 if (itaddr.s_addr == myaddr.s_addr &&
1078 IN_LINKLOCAL(ntohl(itaddr.s_addr))) {
1079 /* RFC 3927 link-local IPv4; always reply by broadcast. */
1080 #ifdef DEBUG_LINKLOCAL
1081 printf("arp: sending reply for link-local addr %s\n",
1082 inet_ntoa(itaddr));
1083 #endif
1084 m->m_flags |= M_BCAST;
1085 m->m_flags &= ~M_MCAST;
1086 } else {
1087 /* default behaviour; never reply by broadcast. */
1088 m->m_flags &= ~(M_BCAST|M_MCAST);
1089 }
1090 (void)memcpy(ar_tpa(ah), ar_spa(ah), ah->ar_pln);
1091 (void)memcpy(ar_spa(ah), &itaddr, ah->ar_pln);
1092 ah->ar_op = htons(ARPOP_REPLY);
1093 ah->ar_pro = htons(ETHERTYPE_IP); /* let's be sure! */
1094 m->m_len = sizeof(*ah) + (2 * ah->ar_pln) + (2 * ah->ar_hln);
1095 m->m_pkthdr.len = m->m_len;
1096 m->m_pkthdr.rcvif = NULL;
1097 sa.sa_family = AF_ARP;
1098 sa.sa_len = 2;
1099
1100 /* Calculate link header for sending frame */
1101 bzero(&ro, sizeof(ro));
1102 linkhdrsize = sizeof(linkhdr);
1103 error = arp_fillheader(ifp, ah, 0, linkhdr, &linkhdrsize);
1104
1105 /*
1106 * arp_fillheader() may fail due to lack of support inside encap request
1107 * routing. This is not necessary an error, AF_ARP can/should be handled
1108 * by if_output().
1109 */
1110 if (error != 0 && error != EAFNOSUPPORT) {
1111 ARP_LOG(LOG_ERR, "Failed to calculate ARP header on %s: %d\n",
1112 if_name(ifp), error);
1113 return;
1114 }
1115
1116 ro.ro_prepend = linkhdr;
1117 ro.ro_plen = linkhdrsize;
1118 ro.ro_flags = 0;
1119
1120 m_clrprotoflags(m); /* Avoid confusing lower layers. */
1121 (*ifp->if_output)(ifp, m, &sa, &ro);
1122 ARPSTAT_INC(txreplies);
1123 return;
1124
1125 drop:
1126 m_freem(m);
1127 }
1128 #endif
1129
1130 /*
1131 * Checks received arp data against existing @la.
1132 * Updates lle state/performs notification if necessary.
1133 */
1134 static void
1135 arp_check_update_lle(struct arphdr *ah, struct in_addr isaddr, struct ifnet *ifp,
1136 int bridged, struct llentry *la)
1137 {
1138 struct sockaddr sa;
1139 struct mbuf *m_hold, *m_hold_next;
1140 uint8_t linkhdr[LLE_MAX_LINKHDR];
1141 size_t linkhdrsize;
1142 int lladdr_off;
1143
1144 LLE_WLOCK_ASSERT(la);
1145
1146 /* the following is not an error when doing bridging */
1147 if (!bridged && la->lle_tbl->llt_ifp != ifp) {
1148 if (log_arp_wrong_iface)
1149 ARP_LOG(LOG_WARNING, "%s is on %s "
1150 "but got reply from %*D on %s\n",
1151 inet_ntoa(isaddr),
1152 la->lle_tbl->llt_ifp->if_xname,
1153 ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
1154 ifp->if_xname);
1155 LLE_WUNLOCK(la);
1156 return;
1157 }
1158 if ((la->la_flags & LLE_VALID) &&
1159 bcmp(ar_sha(ah), la->ll_addr, ifp->if_addrlen)) {
1160 if (la->la_flags & LLE_STATIC) {
1161 LLE_WUNLOCK(la);
1162 if (log_arp_permanent_modify)
1163 ARP_LOG(LOG_ERR,
1164 "%*D attempts to modify "
1165 "permanent entry for %s on %s\n",
1166 ifp->if_addrlen,
1167 (u_char *)ar_sha(ah), ":",
1168 inet_ntoa(isaddr), ifp->if_xname);
1169 return;
1170 }
1171 if (log_arp_movements) {
1172 ARP_LOG(LOG_INFO, "%s moved from %*D "
1173 "to %*D on %s\n",
1174 inet_ntoa(isaddr),
1175 ifp->if_addrlen,
1176 (u_char *)&la->ll_addr, ":",
1177 ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
1178 ifp->if_xname);
1179 }
1180 }
1181
1182 /* Calculate full link prepend to use in lle */
1183 linkhdrsize = sizeof(linkhdr);
1184 if (lltable_calc_llheader(ifp, AF_INET, ar_sha(ah), linkhdr,
1185 &linkhdrsize, &lladdr_off) != 0)
1186 return;
1187
1188 /* Check if something has changed */
1189 if (memcmp(la->r_linkdata, linkhdr, linkhdrsize) != 0 ||
1190 (la->la_flags & LLE_VALID) == 0) {
1191 /* Try to perform LLE update */
1192 if (lltable_try_set_entry_addr(ifp, la, linkhdr, linkhdrsize,
1193 lladdr_off) == 0)
1194 return;
1195
1196 /* Clear fast path feedback request if set */
1197 la->r_skip_req = 0;
1198 }
1199
1200 arp_mark_lle_reachable(la);
1201
1202 /*
1203 * The packets are all freed within the call to the output
1204 * routine.
1205 *
1206 * NB: The lock MUST be released before the call to the
1207 * output routine.
1208 */
1209 if (la->la_hold != NULL) {
1210 m_hold = la->la_hold;
1211 la->la_hold = NULL;
1212 la->la_numheld = 0;
1213 lltable_fill_sa_entry(la, &sa);
1214 LLE_WUNLOCK(la);
1215 for (; m_hold != NULL; m_hold = m_hold_next) {
1216 m_hold_next = m_hold->m_nextpkt;
1217 m_hold->m_nextpkt = NULL;
1218 /* Avoid confusing lower layers. */
1219 m_clrprotoflags(m_hold);
1220 (*ifp->if_output)(ifp, m_hold, &sa, NULL);
1221 }
1222 } else
1223 LLE_WUNLOCK(la);
1224 }
1225
1226 static void
1227 arp_mark_lle_reachable(struct llentry *la)
1228 {
1229 int canceled, wtime;
1230
1231 LLE_WLOCK_ASSERT(la);
1232
1233 la->ln_state = ARP_LLINFO_REACHABLE;
1234 EVENTHANDLER_INVOKE(lle_event, la, LLENTRY_RESOLVED);
1235
1236 if (!(la->la_flags & LLE_STATIC)) {
1237 LLE_ADDREF(la);
1238 la->la_expire = time_uptime + V_arpt_keep;
1239 wtime = V_arpt_keep - V_arp_maxtries * V_arpt_rexmit;
1240 if (wtime < 0)
1241 wtime = V_arpt_keep;
1242 canceled = callout_reset(&la->lle_timer,
1243 hz * wtime, arptimer, la);
1244 if (canceled)
1245 LLE_REMREF(la);
1246 }
1247 la->la_asked = 0;
1248 la->la_preempt = V_arp_maxtries;
1249 }
1250
1251 /*
1252 * Add pernament link-layer record for given interface address.
1253 */
1254 static __noinline void
1255 arp_add_ifa_lle(struct ifnet *ifp, const struct sockaddr *dst)
1256 {
1257 struct llentry *lle, *lle_tmp;
1258
1259 /*
1260 * Interface address LLE record is considered static
1261 * because kernel code relies on LLE_STATIC flag to check
1262 * if these entries can be rewriten by arp updates.
1263 */
1264 lle = lltable_alloc_entry(LLTABLE(ifp), LLE_IFADDR | LLE_STATIC, dst);
1265 if (lle == NULL) {
1266 log(LOG_INFO, "arp_ifinit: cannot create arp "
1267 "entry for interface address\n");
1268 return;
1269 }
1270
1271 IF_AFDATA_WLOCK(ifp);
1272 LLE_WLOCK(lle);
1273 /* Unlink any entry if exists */
1274 lle_tmp = lla_lookup(LLTABLE(ifp), LLE_EXCLUSIVE, dst);
1275 if (lle_tmp != NULL)
1276 lltable_unlink_entry(LLTABLE(ifp), lle_tmp);
1277
1278 lltable_link_entry(LLTABLE(ifp), lle);
1279 IF_AFDATA_WUNLOCK(ifp);
1280
1281 if (lle_tmp != NULL)
1282 EVENTHANDLER_INVOKE(lle_event, lle_tmp, LLENTRY_EXPIRED);
1283
1284 EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_RESOLVED);
1285 LLE_WUNLOCK(lle);
1286 if (lle_tmp != NULL)
1287 lltable_free_entry(LLTABLE(ifp), lle_tmp);
1288 }
1289
1290 void
1291 arp_ifinit(struct ifnet *ifp, struct ifaddr *ifa)
1292 {
1293 const struct sockaddr_in *dst_in;
1294 const struct sockaddr *dst;
1295
1296 if (ifa->ifa_carp != NULL)
1297 return;
1298
1299 dst = ifa->ifa_addr;
1300 dst_in = (const struct sockaddr_in *)dst;
1301
1302 if (ntohl(dst_in->sin_addr.s_addr) == INADDR_ANY)
1303 return;
1304 arp_announce_ifaddr(ifp, dst_in->sin_addr, IF_LLADDR(ifp));
1305
1306 arp_add_ifa_lle(ifp, dst);
1307 }
1308
1309 void
1310 arp_announce_ifaddr(struct ifnet *ifp, struct in_addr addr, u_char *enaddr)
1311 {
1312
1313 if (ntohl(addr.s_addr) != INADDR_ANY)
1314 arprequest(ifp, &addr, &addr, enaddr);
1315 }
1316
1317 /*
1318 * Sends gratuitous ARPs for each ifaddr to notify other
1319 * nodes about the address change.
1320 */
1321 static __noinline void
1322 arp_handle_ifllchange(struct ifnet *ifp)
1323 {
1324 struct ifaddr *ifa;
1325
1326 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1327 if (ifa->ifa_addr->sa_family == AF_INET)
1328 arp_ifinit(ifp, ifa);
1329 }
1330 }
1331
1332 /*
1333 * A handler for interface link layer address change event.
1334 */
1335 static void
1336 arp_iflladdr(void *arg __unused, struct ifnet *ifp)
1337 {
1338
1339 lltable_update_ifaddr(LLTABLE(ifp));
1340
1341 if ((ifp->if_flags & IFF_UP) != 0)
1342 arp_handle_ifllchange(ifp);
1343 }
1344
1345 static void
1346 vnet_arp_init(void)
1347 {
1348
1349 if (IS_DEFAULT_VNET(curvnet)) {
1350 netisr_register(&arp_nh);
1351 iflladdr_tag = EVENTHANDLER_REGISTER(iflladdr_event,
1352 arp_iflladdr, NULL, EVENTHANDLER_PRI_ANY);
1353 }
1354 #ifdef VIMAGE
1355 else
1356 netisr_register_vnet(&arp_nh);
1357 #endif
1358 }
1359 VNET_SYSINIT(vnet_arp_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_SECOND,
1360 vnet_arp_init, 0);
1361
1362 #ifdef VIMAGE
1363 /*
1364 * We have to unregister ARP along with IP otherwise we risk doing INADDR_HASH
1365 * lookups after destroying the hash. Ideally this would go on SI_ORDER_3.5.
1366 */
1367 static void
1368 vnet_arp_destroy(__unused void *arg)
1369 {
1370
1371 netisr_unregister_vnet(&arp_nh);
1372 }
1373 VNET_SYSUNINIT(vnet_arp_uninit, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD,
1374 vnet_arp_destroy, NULL);
1375 #endif
FreeBSD src