net/ipv4/arp.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /* linux/net/ipv4/arp.c
0003  *
0004  * Copyright (C) 1994 by Florian  La Roche
0005  *
0006  * This module implements the Address Resolution Protocol ARP (RFC 826),
0007  * which is used to convert IP addresses (or in the future maybe other
0008  * high-level addresses) into a low-level hardware address (like an Ethernet
0009  * address).
0010  *
0011  * Fixes:
0012  *      Alan Cox    :   Removed the Ethernet assumptions in
0013  *                  Florian's code
0014  *      Alan Cox    :   Fixed some small errors in the ARP
0015  *                  logic
0016  *      Alan Cox    :   Allow >4K in /proc
0017  *      Alan Cox    :   Make ARP add its own protocol entry
0018  *      Ross Martin     :       Rewrote arp_rcv() and arp_get_info()
0019  *      Stephen Henson  :   Add AX25 support to arp_get_info()
0020  *      Alan Cox    :   Drop data when a device is downed.
0021  *      Alan Cox    :   Use init_timer().
0022  *      Alan Cox    :   Double lock fixes.
0023  *      Martin Seine    :   Move the arphdr structure
0024  *                  to if_arp.h for compatibility.
0025  *                  with BSD based programs.
0026  *      Andrew Tridgell :       Added ARP netmask code and
0027  *                  re-arranged proxy handling.
0028  *      Alan Cox    :   Changed to use notifiers.
0029  *      Niibe Yutaka    :   Reply for this device or proxies only.
0030  *      Alan Cox    :   Don't proxy across hardware types!
0031  *      Jonathan Naylor :   Added support for NET/ROM.
0032  *      Mike Shaver     :       RFC1122 checks.
0033  *      Jonathan Naylor :   Only lookup the hardware address for
0034  *                  the correct hardware type.
0035  *      Germano Caronni :   Assorted subtle races.
0036  *      Craig Schlenter :   Don't modify permanent entry
0037  *                  during arp_rcv.
0038  *      Russ Nelson :   Tidied up a few bits.
0039  *      Alexey Kuznetsov:   Major changes to caching and behaviour,
0040  *                  eg intelligent arp probing and
0041  *                  generation
0042  *                  of host down events.
0043  *      Alan Cox    :   Missing unlock in device events.
0044  *      Eckes       :   ARP ioctl control errors.
0045  *      Alexey Kuznetsov:   Arp free fix.
0046  *      Manuel Rodriguez:   Gratuitous ARP.
0047  *              Jonathan Layes  :       Added arpd support through kerneld
0048  *                                      message queue (960314)
0049  *      Mike Shaver :   /proc/sys/net/ipv4/arp_* support
0050  *      Mike McLagan    :   Routing by source
0051  *      Stuart Cheshire :   Metricom and grat arp fixes
0052  *                  *** FOR 2.1 clean this up ***
0053  *      Lawrence V. Stefani: (08/12/96) Added FDDI support.
0054  *      Alan Cox    :   Took the AP1000 nasty FDDI hack and
0055  *                  folded into the mainstream FDDI code.
0056  *                  Ack spit, Linus how did you allow that
0057  *                  one in...
0058  *      Jes Sorensen    :   Make FDDI work again in 2.1.x and
0059  *                  clean up the APFDDI & gen. FDDI bits.
0060  *      Alexey Kuznetsov:   new arp state machine;
0061  *                  now it is in net/core/neighbour.c.
0062  *      Krzysztof Halasa:   Added Frame Relay ARP support.
0063  *      Arnaldo C. Melo :   convert /proc/net/arp to seq_file
0064  *      Shmulik Hen:        Split arp_send to arp_create and
0065  *                  arp_xmit so intermediate drivers like
0066  *                  bonding can change the skb before
0067  *                  sending (e.g. insert 8021q tag).
0068  *      Harald Welte    :   convert to make use of jenkins hash
0069  *      Jesper D. Brouer:       Proxy ARP PVLAN RFC 3069 support.
0070  */
0071
0072 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
0073
0074 #include <linux/module.h>
0075 #include <linux/types.h>
0076 #include <linux/string.h>
0077 #include <linux/kernel.h>
0078 #include <linux/capability.h>
0079 #include <linux/socket.h>
0080 #include <linux/sockios.h>
0081 #include <linux/errno.h>
0082 #include <linux/in.h>
0083 #include <linux/mm.h>
0084 #include <linux/inet.h>
0085 #include <linux/inetdevice.h>
0086 #include <linux/netdevice.h>
0087 #include <linux/etherdevice.h>
0088 #include <linux/fddidevice.h>
0089 #include <linux/if_arp.h>
0090 #include <linux/skbuff.h>
0091 #include <linux/proc_fs.h>
0092 #include <linux/seq_file.h>
0093 #include <linux/stat.h>
0094 #include <linux/init.h>
0095 #include <linux/net.h>
0096 #include <linux/rcupdate.h>
0097 #include <linux/slab.h>
0098 #ifdef CONFIG_SYSCTL
0099 #include <linux/sysctl.h>
0100 #endif
0101
0102 #include <net/net_namespace.h>
0103 #include <net/ip.h>
0104 #include <net/icmp.h>
0105 #include <net/route.h>
0106 #include <net/protocol.h>
0107 #include <net/tcp.h>
0108 #include <net/sock.h>
0109 #include <net/arp.h>
0110 #include <net/ax25.h>
0111 #include <net/netrom.h>
0112 #include <net/dst_metadata.h>
0113 #include <net/ip_tunnels.h>
0114
0115 #include <linux/uaccess.h>
0116
0117 #include <linux/netfilter_arp.h>
0118
0119 /*
0120  *  Interface to generic neighbour cache.
0121  */
0122 static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd);
0123 static bool arp_key_eq(const struct neighbour *n, const void *pkey);
0124 static int arp_constructor(struct neighbour *neigh);
0125 static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
0126 static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
0127 static void parp_redo(struct sk_buff *skb);
0128 static int arp_is_multicast(const void *pkey);
0129
0130 static const struct neigh_ops arp_generic_ops = {
0131     .family =       AF_INET,
0132     .solicit =      arp_solicit,
0133     .error_report =     arp_error_report,
0134     .output =       neigh_resolve_output,
0135     .connected_output = neigh_connected_output,
0136 };
0137
0138 static const struct neigh_ops arp_hh_ops = {
0139     .family =       AF_INET,
0140     .solicit =      arp_solicit,
0141     .error_report =     arp_error_report,
0142     .output =       neigh_resolve_output,
0143     .connected_output = neigh_resolve_output,
0144 };
0145
0146 static const struct neigh_ops arp_direct_ops = {
0147     .family =       AF_INET,
0148     .output =       neigh_direct_output,
0149     .connected_output = neigh_direct_output,
0150 };
0151
0152 struct neigh_table arp_tbl = {
0153     .family     = AF_INET,
0154     .key_len    = 4,
0155     .protocol   = cpu_to_be16(ETH_P_IP),
0156     .hash       = arp_hash,
0157     .key_eq     = arp_key_eq,
0158     .constructor    = arp_constructor,
0159     .proxy_redo = parp_redo,
0160     .is_multicast   = arp_is_multicast,
0161     .id     = "arp_cache",
0162     .parms      = {
0163         .tbl            = &arp_tbl,
0164         .reachable_time     = 30 * HZ,
0165         .data   = {
0166             [NEIGH_VAR_MCAST_PROBES] = 3,
0167             [NEIGH_VAR_UCAST_PROBES] = 3,
0168             [NEIGH_VAR_RETRANS_TIME] = 1 * HZ,
0169             [NEIGH_VAR_BASE_REACHABLE_TIME] = 30 * HZ,
0170             [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
0171             [NEIGH_VAR_INTERVAL_PROBE_TIME_MS] = 5 * HZ,
0172             [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
0173             [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
0174             [NEIGH_VAR_PROXY_QLEN] = 64,
0175             [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
0176             [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
0177             [NEIGH_VAR_LOCKTIME] = 1 * HZ,
0178         },
0179     },
0180     .gc_interval    = 30 * HZ,
0181     .gc_thresh1 = 128,
0182     .gc_thresh2 = 512,
0183     .gc_thresh3 = 1024,
0184 };
0185 EXPORT_SYMBOL(arp_tbl);
0186
0187 int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
0188 {
0189     switch (dev->type) {
0190     case ARPHRD_ETHER:
0191     case ARPHRD_FDDI:
0192     case ARPHRD_IEEE802:
0193         ip_eth_mc_map(addr, haddr);
0194         return 0;
0195     case ARPHRD_INFINIBAND:
0196         ip_ib_mc_map(addr, dev->broadcast, haddr);
0197         return 0;
0198     case ARPHRD_IPGRE:
0199         ip_ipgre_mc_map(addr, dev->broadcast, haddr);
0200         return 0;
0201     default:
0202         if (dir) {
0203             memcpy(haddr, dev->broadcast, dev->addr_len);
0204             return 0;
0205         }
0206     }
0207     return -EINVAL;
0208 }
0209
0210
0211 static u32 arp_hash(const void *pkey,
0212             const struct net_device *dev,
0213             __u32 *hash_rnd)
0214 {
0215     return arp_hashfn(pkey, dev, hash_rnd);
0216 }
0217
0218 static bool arp_key_eq(const struct neighbour *neigh, const void *pkey)
0219 {
0220     return neigh_key_eq32(neigh, pkey);
0221 }
0222
0223 static int arp_constructor(struct neighbour *neigh)
0224 {
0225     __be32 addr;
0226     struct net_device *dev = neigh->dev;
0227     struct in_device *in_dev;
0228     struct neigh_parms *parms;
0229     u32 inaddr_any = INADDR_ANY;
0230
0231     if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT))
0232         memcpy(neigh->primary_key, &inaddr_any, arp_tbl.key_len);
0233
0234     addr = *(__be32 *)neigh->primary_key;
0235     rcu_read_lock();
0236     in_dev = __in_dev_get_rcu(dev);
0237     if (!in_dev) {
0238         rcu_read_unlock();
0239         return -EINVAL;
0240     }
0241
0242     neigh->type = inet_addr_type_dev_table(dev_net(dev), dev, addr);
0243
0244     parms = in_dev->arp_parms;
0245     __neigh_parms_put(neigh->parms);
0246     neigh->parms = neigh_parms_clone(parms);
0247     rcu_read_unlock();
0248
0249     if (!dev->header_ops) {
0250         neigh->nud_state = NUD_NOARP;
0251         neigh->ops = &arp_direct_ops;
0252         neigh->output = neigh_direct_output;
0253     } else {
0254         /* Good devices (checked by reading texts, but only Ethernet is
0255            tested)
0256
0257            ARPHRD_ETHER: (ethernet, apfddi)
0258            ARPHRD_FDDI: (fddi)
0259            ARPHRD_IEEE802: (tr)
0260            ARPHRD_METRICOM: (strip)
0261            ARPHRD_ARCNET:
0262            etc. etc. etc.
0263
0264            ARPHRD_IPDDP will also work, if author repairs it.
0265            I did not it, because this driver does not work even
0266            in old paradigm.
0267          */
0268
0269         if (neigh->type == RTN_MULTICAST) {
0270             neigh->nud_state = NUD_NOARP;
0271             arp_mc_map(addr, neigh->ha, dev, 1);
0272         } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
0273             neigh->nud_state = NUD_NOARP;
0274             memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
0275         } else if (neigh->type == RTN_BROADCAST ||
0276                (dev->flags & IFF_POINTOPOINT)) {
0277             neigh->nud_state = NUD_NOARP;
0278             memcpy(neigh->ha, dev->broadcast, dev->addr_len);
0279         }
0280
0281         if (dev->header_ops->cache)
0282             neigh->ops = &arp_hh_ops;
0283         else
0284             neigh->ops = &arp_generic_ops;
0285
0286         if (neigh->nud_state & NUD_VALID)
0287             neigh->output = neigh->ops->connected_output;
0288         else
0289             neigh->output = neigh->ops->output;
0290     }
0291     return 0;
0292 }
0293
0294 static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
0295 {
0296     dst_link_failure(skb);
0297     kfree_skb_reason(skb, SKB_DROP_REASON_NEIGH_FAILED);
0298 }
0299
0300 /* Create and send an arp packet. */
0301 static void arp_send_dst(int type, int ptype, __be32 dest_ip,
0302              struct net_device *dev, __be32 src_ip,
0303              const unsigned char *dest_hw,
0304              const unsigned char *src_hw,
0305              const unsigned char *target_hw,
0306              struct dst_entry *dst)
0307 {
0308     struct sk_buff *skb;
0309
0310     /* arp on this interface. */
0311     if (dev->flags & IFF_NOARP)
0312         return;
0313
0314     skb = arp_create(type, ptype, dest_ip, dev, src_ip,
0315              dest_hw, src_hw, target_hw);
0316     if (!skb)
0317         return;
0318
0319     skb_dst_set(skb, dst_clone(dst));
0320     arp_xmit(skb);
0321 }
0322
0323 void arp_send(int type, int ptype, __be32 dest_ip,
0324           struct net_device *dev, __be32 src_ip,
0325           const unsigned char *dest_hw, const unsigned char *src_hw,
0326           const unsigned char *target_hw)
0327 {
0328     arp_send_dst(type, ptype, dest_ip, dev, src_ip, dest_hw, src_hw,
0329              target_hw, NULL);
0330 }
0331 EXPORT_SYMBOL(arp_send);
0332
0333 static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
0334 {
0335     __be32 saddr = 0;
0336     u8 dst_ha[MAX_ADDR_LEN], *dst_hw = NULL;
0337     struct net_device *dev = neigh->dev;
0338     __be32 target = *(__be32 *)neigh->primary_key;
0339     int probes = atomic_read(&neigh->probes);
0340     struct in_device *in_dev;
0341     struct dst_entry *dst = NULL;
0342
0343     rcu_read_lock();
0344     in_dev = __in_dev_get_rcu(dev);
0345     if (!in_dev) {
0346         rcu_read_unlock();
0347         return;
0348     }
0349     switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
0350     default:
0351     case 0:     /* By default announce any local IP */
0352         if (skb && inet_addr_type_dev_table(dev_net(dev), dev,
0353                       ip_hdr(skb)->saddr) == RTN_LOCAL)
0354             saddr = ip_hdr(skb)->saddr;
0355         break;
0356     case 1:     /* Restrict announcements of saddr in same subnet */
0357         if (!skb)
0358             break;
0359         saddr = ip_hdr(skb)->saddr;
0360         if (inet_addr_type_dev_table(dev_net(dev), dev,
0361                          saddr) == RTN_LOCAL) {
0362             /* saddr should be known to target */
0363             if (inet_addr_onlink(in_dev, target, saddr))
0364                 break;
0365         }
0366         saddr = 0;
0367         break;
0368     case 2:     /* Avoid secondary IPs, get a primary/preferred one */
0369         break;
0370     }
0371     rcu_read_unlock();
0372
0373     if (!saddr)
0374         saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
0375
0376     probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
0377     if (probes < 0) {
0378         if (!(neigh->nud_state & NUD_VALID))
0379             pr_debug("trying to ucast probe in NUD_INVALID\n");
0380         neigh_ha_snapshot(dst_ha, neigh, dev);
0381         dst_hw = dst_ha;
0382     } else {
0383         probes -= NEIGH_VAR(neigh->parms, APP_PROBES);
0384         if (probes < 0) {
0385             neigh_app_ns(neigh);
0386             return;
0387         }
0388     }
0389
0390     if (skb && !(dev->priv_flags & IFF_XMIT_DST_RELEASE))
0391         dst = skb_dst(skb);
0392     arp_send_dst(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
0393              dst_hw, dev->dev_addr, NULL, dst);
0394 }
0395
0396 static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
0397 {
0398     struct net *net = dev_net(in_dev->dev);
0399     int scope;
0400
0401     switch (IN_DEV_ARP_IGNORE(in_dev)) {
0402     case 0: /* Reply, the tip is already validated */
0403         return 0;
0404     case 1: /* Reply only if tip is configured on the incoming interface */
0405         sip = 0;
0406         scope = RT_SCOPE_HOST;
0407         break;
0408     case 2: /*
0409          * Reply only if tip is configured on the incoming interface
0410          * and is in same subnet as sip
0411          */
0412         scope = RT_SCOPE_HOST;
0413         break;
0414     case 3: /* Do not reply for scope host addresses */
0415         sip = 0;
0416         scope = RT_SCOPE_LINK;
0417         in_dev = NULL;
0418         break;
0419     case 4: /* Reserved */
0420     case 5:
0421     case 6:
0422     case 7:
0423         return 0;
0424     case 8: /* Do not reply */
0425         return 1;
0426     default:
0427         return 0;
0428     }
0429     return !inet_confirm_addr(net, in_dev, sip, tip, scope);
0430 }
0431
0432 static int arp_accept(struct in_device *in_dev, __be32 sip)
0433 {
0434     struct net *net = dev_net(in_dev->dev);
0435     int scope = RT_SCOPE_LINK;
0436
0437     switch (IN_DEV_ARP_ACCEPT(in_dev)) {
0438     case 0: /* Don't create new entries from garp */
0439         return 0;
0440     case 1: /* Create new entries from garp */
0441         return 1;
0442     case 2: /* Create a neighbor in the arp table only if sip
0443          * is in the same subnet as an address configured
0444          * on the interface that received the garp message
0445          */
0446         return !!inet_confirm_addr(net, in_dev, sip, 0, scope);
0447     default:
0448         return 0;
0449     }
0450 }
0451
0452 static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
0453 {
0454     struct rtable *rt;
0455     int flag = 0;
0456     /*unsigned long now; */
0457     struct net *net = dev_net(dev);
0458
0459     rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev));
0460     if (IS_ERR(rt))
0461         return 1;
0462     if (rt->dst.dev != dev) {
0463         __NET_INC_STATS(net, LINUX_MIB_ARPFILTER);
0464         flag = 1;
0465     }
0466     ip_rt_put(rt);
0467     return flag;
0468 }
0469
0470 /*
0471  * Check if we can use proxy ARP for this path
0472  */
0473 static inline int arp_fwd_proxy(struct in_device *in_dev,
0474                 struct net_device *dev, struct rtable *rt)
0475 {
0476     struct in_device *out_dev;
0477     int imi, omi = -1;
0478
0479     if (rt->dst.dev == dev)
0480         return 0;
0481
0482     if (!IN_DEV_PROXY_ARP(in_dev))
0483         return 0;
0484     imi = IN_DEV_MEDIUM_ID(in_dev);
0485     if (imi == 0)
0486         return 1;
0487     if (imi == -1)
0488         return 0;
0489
0490     /* place to check for proxy_arp for routes */
0491
0492     out_dev = __in_dev_get_rcu(rt->dst.dev);
0493     if (out_dev)
0494         omi = IN_DEV_MEDIUM_ID(out_dev);
0495
0496     return omi != imi && omi != -1;
0497 }
0498
0499 /*
0500  * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
0501  *
0502  * RFC3069 supports proxy arp replies back to the same interface.  This
0503  * is done to support (ethernet) switch features, like RFC 3069, where
0504  * the individual ports are not allowed to communicate with each
0505  * other, BUT they are allowed to talk to the upstream router.  As
0506  * described in RFC 3069, it is possible to allow these hosts to
0507  * communicate through the upstream router, by proxy_arp'ing.
0508  *
0509  * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
0510  *
0511  *  This technology is known by different names:
0512  *    In RFC 3069 it is called VLAN Aggregation.
0513  *    Cisco and Allied Telesyn call it Private VLAN.
0514  *    Hewlett-Packard call it Source-Port filtering or port-isolation.
0515  *    Ericsson call it MAC-Forced Forwarding (RFC Draft).
0516  *
0517  */
0518 static inline int arp_fwd_pvlan(struct in_device *in_dev,
0519                 struct net_device *dev, struct rtable *rt,
0520                 __be32 sip, __be32 tip)
0521 {
0522     /* Private VLAN is only concerned about the same ethernet segment */
0523     if (rt->dst.dev != dev)
0524         return 0;
0525
0526     /* Don't reply on self probes (often done by windowz boxes)*/
0527     if (sip == tip)
0528         return 0;
0529
0530     if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
0531         return 1;
0532     else
0533         return 0;
0534 }
0535
0536 /*
0537  *  Interface to link layer: send routine and receive handler.
0538  */
0539
0540 /*
0541  *  Create an arp packet. If dest_hw is not set, we create a broadcast
0542  *  message.
0543  */
0544 struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
0545                struct net_device *dev, __be32 src_ip,
0546                const unsigned char *dest_hw,
0547                const unsigned char *src_hw,
0548                const unsigned char *target_hw)
0549 {
0550     struct sk_buff *skb;
0551     struct arphdr *arp;
0552     unsigned char *arp_ptr;
0553     int hlen = LL_RESERVED_SPACE(dev);
0554     int tlen = dev->needed_tailroom;
0555
0556     /*
0557      *  Allocate a buffer
0558      */
0559
0560     skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC);
0561     if (!skb)
0562         return NULL;
0563
0564     skb_reserve(skb, hlen);
0565     skb_reset_network_header(skb);
0566     arp = skb_put(skb, arp_hdr_len(dev));
0567     skb->dev = dev;
0568     skb->protocol = htons(ETH_P_ARP);
0569     if (!src_hw)
0570         src_hw = dev->dev_addr;
0571     if (!dest_hw)
0572         dest_hw = dev->broadcast;
0573
0574     /*
0575      *  Fill the device header for the ARP frame
0576      */
0577     if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
0578         goto out;
0579
0580     /*
0581      * Fill out the arp protocol part.
0582      *
0583      * The arp hardware type should match the device type, except for FDDI,
0584      * which (according to RFC 1390) should always equal 1 (Ethernet).
0585      */
0586     /*
0587      *  Exceptions everywhere. AX.25 uses the AX.25 PID value not the
0588      *  DIX code for the protocol. Make these device structure fields.
0589      */
0590     switch (dev->type) {
0591     default:
0592         arp->ar_hrd = htons(dev->type);
0593         arp->ar_pro = htons(ETH_P_IP);
0594         break;
0595
0596 #if IS_ENABLED(CONFIG_AX25)
0597     case ARPHRD_AX25:
0598         arp->ar_hrd = htons(ARPHRD_AX25);
0599         arp->ar_pro = htons(AX25_P_IP);
0600         break;
0601
0602 #if IS_ENABLED(CONFIG_NETROM)
0603     case ARPHRD_NETROM:
0604         arp->ar_hrd = htons(ARPHRD_NETROM);
0605         arp->ar_pro = htons(AX25_P_IP);
0606         break;
0607 #endif
0608 #endif
0609
0610 #if IS_ENABLED(CONFIG_FDDI)
0611     case ARPHRD_FDDI:
0612         arp->ar_hrd = htons(ARPHRD_ETHER);
0613         arp->ar_pro = htons(ETH_P_IP);
0614         break;
0615 #endif
0616     }
0617
0618     arp->ar_hln = dev->addr_len;
0619     arp->ar_pln = 4;
0620     arp->ar_op = htons(type);
0621
0622     arp_ptr = (unsigned char *)(arp + 1);
0623
0624     memcpy(arp_ptr, src_hw, dev->addr_len);
0625     arp_ptr += dev->addr_len;
0626     memcpy(arp_ptr, &src_ip, 4);
0627     arp_ptr += 4;
0628
0629     switch (dev->type) {
0630 #if IS_ENABLED(CONFIG_FIREWIRE_NET)
0631     case ARPHRD_IEEE1394:
0632         break;
0633 #endif
0634     default:
0635         if (target_hw)
0636             memcpy(arp_ptr, target_hw, dev->addr_len);
0637         else
0638             memset(arp_ptr, 0, dev->addr_len);
0639         arp_ptr += dev->addr_len;
0640     }
0641     memcpy(arp_ptr, &dest_ip, 4);
0642
0643     return skb;
0644
0645 out:
0646     kfree_skb(skb);
0647     return NULL;
0648 }
0649 EXPORT_SYMBOL(arp_create);
0650
0651 static int arp_xmit_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
0652 {
0653     return dev_queue_xmit(skb);
0654 }
0655
0656 /*
0657  *  Send an arp packet.
0658  */
0659 void arp_xmit(struct sk_buff *skb)
0660 {
0661     /* Send it off, maybe filter it using firewalling first.  */
0662     NF_HOOK(NFPROTO_ARP, NF_ARP_OUT,
0663         dev_net(skb->dev), NULL, skb, NULL, skb->dev,
0664         arp_xmit_finish);
0665 }
0666 EXPORT_SYMBOL(arp_xmit);
0667
0668 static bool arp_is_garp(struct net *net, struct net_device *dev,
0669             int *addr_type, __be16 ar_op,
0670             __be32 sip, __be32 tip,
0671             unsigned char *sha, unsigned char *tha)
0672 {
0673     bool is_garp = tip == sip;
0674
0675     /* Gratuitous ARP _replies_ also require target hwaddr to be
0676      * the same as source.
0677      */
0678     if (is_garp && ar_op == htons(ARPOP_REPLY))
0679         is_garp =
0680             /* IPv4 over IEEE 1394 doesn't provide target
0681              * hardware address field in its ARP payload.
0682              */
0683             tha &&
0684             !memcmp(tha, sha, dev->addr_len);
0685
0686     if (is_garp) {
0687         *addr_type = inet_addr_type_dev_table(net, dev, sip);
0688         if (*addr_type != RTN_UNICAST)
0689             is_garp = false;
0690     }
0691     return is_garp;
0692 }
0693
0694 /*
0695  *  Process an arp request.
0696  */
0697
0698 static int arp_process(struct net *net, struct sock *sk, struct sk_buff *skb)
0699 {
0700     struct net_device *dev = skb->dev;
0701     struct in_device *in_dev = __in_dev_get_rcu(dev);
0702     struct arphdr *arp;
0703     unsigned char *arp_ptr;
0704     struct rtable *rt;
0705     unsigned char *sha;
0706     unsigned char *tha = NULL;
0707     __be32 sip, tip;
0708     u16 dev_type = dev->type;
0709     int addr_type;
0710     struct neighbour *n;
0711     struct dst_entry *reply_dst = NULL;
0712     bool is_garp = false;
0713
0714     /* arp_rcv below verifies the ARP header and verifies the device
0715      * is ARP'able.
0716      */
0717
0718     if (!in_dev)
0719         goto out_free_skb;
0720
0721     arp = arp_hdr(skb);
0722
0723     switch (dev_type) {
0724     default:
0725         if (arp->ar_pro != htons(ETH_P_IP) ||
0726             htons(dev_type) != arp->ar_hrd)
0727             goto out_free_skb;
0728         break;
0729     case ARPHRD_ETHER:
0730     case ARPHRD_FDDI:
0731     case ARPHRD_IEEE802:
0732         /*
0733          * ETHERNET, and Fibre Channel (which are IEEE 802
0734          * devices, according to RFC 2625) devices will accept ARP
0735          * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
0736          * This is the case also of FDDI, where the RFC 1390 says that
0737          * FDDI devices should accept ARP hardware of (1) Ethernet,
0738          * however, to be more robust, we'll accept both 1 (Ethernet)
0739          * or 6 (IEEE 802.2)
0740          */
0741         if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
0742              arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
0743             arp->ar_pro != htons(ETH_P_IP))
0744             goto out_free_skb;
0745         break;
0746     case ARPHRD_AX25:
0747         if (arp->ar_pro != htons(AX25_P_IP) ||
0748             arp->ar_hrd != htons(ARPHRD_AX25))
0749             goto out_free_skb;
0750         break;
0751     case ARPHRD_NETROM:
0752         if (arp->ar_pro != htons(AX25_P_IP) ||
0753             arp->ar_hrd != htons(ARPHRD_NETROM))
0754             goto out_free_skb;
0755         break;
0756     }
0757
0758     /* Understand only these message types */
0759
0760     if (arp->ar_op != htons(ARPOP_REPLY) &&
0761         arp->ar_op != htons(ARPOP_REQUEST))
0762         goto out_free_skb;
0763
0764 /*
0765  *  Extract fields
0766  */
0767     arp_ptr = (unsigned char *)(arp + 1);
0768     sha = arp_ptr;
0769     arp_ptr += dev->addr_len;
0770     memcpy(&sip, arp_ptr, 4);
0771     arp_ptr += 4;
0772     switch (dev_type) {
0773 #if IS_ENABLED(CONFIG_FIREWIRE_NET)
0774     case ARPHRD_IEEE1394:
0775         break;
0776 #endif
0777     default:
0778         tha = arp_ptr;
0779         arp_ptr += dev->addr_len;
0780     }
0781     memcpy(&tip, arp_ptr, 4);
0782 /*
0783  *  Check for bad requests for 127.x.x.x and requests for multicast
0784  *  addresses.  If this is one such, delete it.
0785  */
0786     if (ipv4_is_multicast(tip) ||
0787         (!IN_DEV_ROUTE_LOCALNET(in_dev) && ipv4_is_loopback(tip)))
0788         goto out_free_skb;
0789
0790  /*
0791   * For some 802.11 wireless deployments (and possibly other networks),
0792   * there will be an ARP proxy and gratuitous ARP frames are attacks
0793   * and thus should not be accepted.
0794   */
0795     if (sip == tip && IN_DEV_ORCONF(in_dev, DROP_GRATUITOUS_ARP))
0796         goto out_free_skb;
0797
0798 /*
0799  *     Special case: We must set Frame Relay source Q.922 address
0800  */
0801     if (dev_type == ARPHRD_DLCI)
0802         sha = dev->broadcast;
0803
0804 /*
0805  *  Process entry.  The idea here is we want to send a reply if it is a
0806  *  request for us or if it is a request for someone else that we hold
0807  *  a proxy for.  We want to add an entry to our cache if it is a reply
0808  *  to us or if it is a request for our address.
0809  *  (The assumption for this last is that if someone is requesting our
0810  *  address, they are probably intending to talk to us, so it saves time
0811  *  if we cache their address.  Their address is also probably not in
0812  *  our cache, since ours is not in their cache.)
0813  *
0814  *  Putting this another way, we only care about replies if they are to
0815  *  us, in which case we add them to the cache.  For requests, we care
0816  *  about those for us and those for our proxies.  We reply to both,
0817  *  and in the case of requests for us we add the requester to the arp
0818  *  cache.
0819  */
0820
0821     if (arp->ar_op == htons(ARPOP_REQUEST) && skb_metadata_dst(skb))
0822         reply_dst = (struct dst_entry *)
0823                 iptunnel_metadata_reply(skb_metadata_dst(skb),
0824                             GFP_ATOMIC);
0825
0826     /* Special case: IPv4 duplicate address detection packet (RFC2131) */
0827     if (sip == 0) {
0828         if (arp->ar_op == htons(ARPOP_REQUEST) &&
0829             inet_addr_type_dev_table(net, dev, tip) == RTN_LOCAL &&
0830             !arp_ignore(in_dev, sip, tip))
0831             arp_send_dst(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip,
0832                      sha, dev->dev_addr, sha, reply_dst);
0833         goto out_consume_skb;
0834     }
0835
0836     if (arp->ar_op == htons(ARPOP_REQUEST) &&
0837         ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
0838
0839         rt = skb_rtable(skb);
0840         addr_type = rt->rt_type;
0841
0842         if (addr_type == RTN_LOCAL) {
0843             int dont_send;
0844
0845             dont_send = arp_ignore(in_dev, sip, tip);
0846             if (!dont_send && IN_DEV_ARPFILTER(in_dev))
0847                 dont_send = arp_filter(sip, tip, dev);
0848             if (!dont_send) {
0849                 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
0850                 if (n) {
0851                     arp_send_dst(ARPOP_REPLY, ETH_P_ARP,
0852                              sip, dev, tip, sha,
0853                              dev->dev_addr, sha,
0854                              reply_dst);
0855                     neigh_release(n);
0856                 }
0857             }
0858             goto out_consume_skb;
0859         } else if (IN_DEV_FORWARD(in_dev)) {
0860             if (addr_type == RTN_UNICAST  &&
0861                 (arp_fwd_proxy(in_dev, dev, rt) ||
0862                  arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
0863                  (rt->dst.dev != dev &&
0864                   pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
0865                 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
0866                 if (n)
0867                     neigh_release(n);
0868
0869                 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
0870                     skb->pkt_type == PACKET_HOST ||
0871                     NEIGH_VAR(in_dev->arp_parms, PROXY_DELAY) == 0) {
0872                     arp_send_dst(ARPOP_REPLY, ETH_P_ARP,
0873                              sip, dev, tip, sha,
0874                              dev->dev_addr, sha,
0875                              reply_dst);
0876                 } else {
0877                     pneigh_enqueue(&arp_tbl,
0878                                in_dev->arp_parms, skb);
0879                     goto out_free_dst;
0880                 }
0881                 goto out_consume_skb;
0882             }
0883         }
0884     }
0885
0886     /* Update our ARP tables */
0887
0888     n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
0889
0890     addr_type = -1;
0891     if (n || arp_accept(in_dev, sip)) {
0892         is_garp = arp_is_garp(net, dev, &addr_type, arp->ar_op,
0893                       sip, tip, sha, tha);
0894     }
0895
0896     if (arp_accept(in_dev, sip)) {
0897         /* Unsolicited ARP is not accepted by default.
0898            It is possible, that this option should be enabled for some
0899            devices (strip is candidate)
0900          */
0901         if (!n &&
0902             (is_garp ||
0903              (arp->ar_op == htons(ARPOP_REPLY) &&
0904               (addr_type == RTN_UNICAST ||
0905                (addr_type < 0 &&
0906             /* postpone calculation to as late as possible */
0907             inet_addr_type_dev_table(net, dev, sip) ==
0908                 RTN_UNICAST)))))
0909             n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
0910     }
0911
0912     if (n) {
0913         int state = NUD_REACHABLE;
0914         int override;
0915
0916         /* If several different ARP replies follows back-to-back,
0917            use the FIRST one. It is possible, if several proxy
0918            agents are active. Taking the first reply prevents
0919            arp trashing and chooses the fastest router.
0920          */
0921         override = time_after(jiffies,
0922                       n->updated +
0923                       NEIGH_VAR(n->parms, LOCKTIME)) ||
0924                is_garp;
0925
0926         /* Broadcast replies and request packets
0927            do not assert neighbour reachability.
0928          */
0929         if (arp->ar_op != htons(ARPOP_REPLY) ||
0930             skb->pkt_type != PACKET_HOST)
0931             state = NUD_STALE;
0932         neigh_update(n, sha, state,
0933                  override ? NEIGH_UPDATE_F_OVERRIDE : 0, 0);
0934         neigh_release(n);
0935     }
0936
0937 out_consume_skb:
0938     consume_skb(skb);
0939
0940 out_free_dst:
0941     dst_release(reply_dst);
0942     return NET_RX_SUCCESS;
0943
0944 out_free_skb:
0945     kfree_skb(skb);
0946     return NET_RX_DROP;
0947 }
0948
0949 static void parp_redo(struct sk_buff *skb)
0950 {
0951     arp_process(dev_net(skb->dev), NULL, skb);
0952 }
0953
0954 static int arp_is_multicast(const void *pkey)
0955 {
0956     return ipv4_is_multicast(*((__be32 *)pkey));
0957 }
0958
0959 /*
0960  *  Receive an arp request from the device layer.
0961  */
0962
0963 static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
0964            struct packet_type *pt, struct net_device *orig_dev)
0965 {
0966     const struct arphdr *arp;
0967
0968     /* do not tweak dropwatch on an ARP we will ignore */
0969     if (dev->flags & IFF_NOARP ||
0970         skb->pkt_type == PACKET_OTHERHOST ||
0971         skb->pkt_type == PACKET_LOOPBACK)
0972         goto consumeskb;
0973
0974     skb = skb_share_check(skb, GFP_ATOMIC);
0975     if (!skb)
0976         goto out_of_mem;
0977
0978     /* ARP header, plus 2 device addresses, plus 2 IP addresses.  */
0979     if (!pskb_may_pull(skb, arp_hdr_len(dev)))
0980         goto freeskb;
0981
0982     arp = arp_hdr(skb);
0983     if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4)
0984         goto freeskb;
0985
0986     memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
0987
0988     return NF_HOOK(NFPROTO_ARP, NF_ARP_IN,
0989                dev_net(dev), NULL, skb, dev, NULL,
0990                arp_process);
0991
0992 consumeskb:
0993     consume_skb(skb);
0994     return NET_RX_SUCCESS;
0995 freeskb:
0996     kfree_skb(skb);
0997 out_of_mem:
0998     return NET_RX_DROP;
0999 }
1000
1001 /*
1002  *  User level interface (ioctl)
1003  */
1004
1005 /*
1006  *  Set (create) an ARP cache entry.
1007  */
1008
1009 static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
1010 {
1011     if (!dev) {
1012         IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
1013         return 0;
1014     }
1015     if (__in_dev_get_rtnl(dev)) {
1016         IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
1017         return 0;
1018     }
1019     return -ENXIO;
1020 }
1021
1022 static int arp_req_set_public(struct net *net, struct arpreq *r,
1023         struct net_device *dev)
1024 {
1025     __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1026     __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1027
1028     if (mask && mask != htonl(0xFFFFFFFF))
1029         return -EINVAL;
1030     if (!dev && (r->arp_flags & ATF_COM)) {
1031         dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family,
1032                       r->arp_ha.sa_data);
1033         if (!dev)
1034             return -ENODEV;
1035     }
1036     if (mask) {
1037         if (!pneigh_lookup(&arp_tbl, net, &ip, dev, 1))
1038             return -ENOBUFS;
1039         return 0;
1040     }
1041
1042     return arp_req_set_proxy(net, dev, 1);
1043 }
1044
1045 static int arp_req_set(struct net *net, struct arpreq *r,
1046                struct net_device *dev)
1047 {
1048     __be32 ip;
1049     struct neighbour *neigh;
1050     int err;
1051
1052     if (r->arp_flags & ATF_PUBL)
1053         return arp_req_set_public(net, r, dev);
1054
1055     ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1056     if (r->arp_flags & ATF_PERM)
1057         r->arp_flags |= ATF_COM;
1058     if (!dev) {
1059         struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1060
1061         if (IS_ERR(rt))
1062             return PTR_ERR(rt);
1063         dev = rt->dst.dev;
1064         ip_rt_put(rt);
1065         if (!dev)
1066             return -EINVAL;
1067     }
1068     switch (dev->type) {
1069 #if IS_ENABLED(CONFIG_FDDI)
1070     case ARPHRD_FDDI:
1071         /*
1072          * According to RFC 1390, FDDI devices should accept ARP
1073          * hardware types of 1 (Ethernet).  However, to be more
1074          * robust, we'll accept hardware types of either 1 (Ethernet)
1075          * or 6 (IEEE 802.2).
1076          */
1077         if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1078             r->arp_ha.sa_family != ARPHRD_ETHER &&
1079             r->arp_ha.sa_family != ARPHRD_IEEE802)
1080             return -EINVAL;
1081         break;
1082 #endif
1083     default:
1084         if (r->arp_ha.sa_family != dev->type)
1085             return -EINVAL;
1086         break;
1087     }
1088
1089     neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1090     err = PTR_ERR(neigh);
1091     if (!IS_ERR(neigh)) {
1092         unsigned int state = NUD_STALE;
1093         if (r->arp_flags & ATF_PERM)
1094             state = NUD_PERMANENT;
1095         err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1096                    r->arp_ha.sa_data : NULL, state,
1097                    NEIGH_UPDATE_F_OVERRIDE |
1098                    NEIGH_UPDATE_F_ADMIN, 0);
1099         neigh_release(neigh);
1100     }
1101     return err;
1102 }
1103
1104 static unsigned int arp_state_to_flags(struct neighbour *neigh)
1105 {
1106     if (neigh->nud_state&NUD_PERMANENT)
1107         return ATF_PERM | ATF_COM;
1108     else if (neigh->nud_state&NUD_VALID)
1109         return ATF_COM;
1110     else
1111         return 0;
1112 }
1113
1114 /*
1115  *  Get an ARP cache entry.
1116  */
1117
1118 static int arp_req_get(struct arpreq *r, struct net_device *dev)
1119 {
1120     __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1121     struct neighbour *neigh;
1122     int err = -ENXIO;
1123
1124     neigh = neigh_lookup(&arp_tbl, &ip, dev);
1125     if (neigh) {
1126         if (!(neigh->nud_state & NUD_NOARP)) {
1127             read_lock_bh(&neigh->lock);
1128             memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len);
1129             r->arp_flags = arp_state_to_flags(neigh);
1130             read_unlock_bh(&neigh->lock);
1131             r->arp_ha.sa_family = dev->type;
1132             strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev));
1133             err = 0;
1134         }
1135         neigh_release(neigh);
1136     }
1137     return err;
1138 }
1139
1140 int arp_invalidate(struct net_device *dev, __be32 ip, bool force)
1141 {
1142     struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1143     int err = -ENXIO;
1144     struct neigh_table *tbl = &arp_tbl;
1145
1146     if (neigh) {
1147         if ((neigh->nud_state & NUD_VALID) && !force) {
1148             neigh_release(neigh);
1149             return 0;
1150         }
1151
1152         if (neigh->nud_state & ~NUD_NOARP)
1153             err = neigh_update(neigh, NULL, NUD_FAILED,
1154                        NEIGH_UPDATE_F_OVERRIDE|
1155                        NEIGH_UPDATE_F_ADMIN, 0);
1156         write_lock_bh(&tbl->lock);
1157         neigh_release(neigh);
1158         neigh_remove_one(neigh, tbl);
1159         write_unlock_bh(&tbl->lock);
1160     }
1161
1162     return err;
1163 }
1164
1165 static int arp_req_delete_public(struct net *net, struct arpreq *r,
1166         struct net_device *dev)
1167 {
1168     __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1169     __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1170
1171     if (mask == htonl(0xFFFFFFFF))
1172         return pneigh_delete(&arp_tbl, net, &ip, dev);
1173
1174     if (mask)
1175         return -EINVAL;
1176
1177     return arp_req_set_proxy(net, dev, 0);
1178 }
1179
1180 static int arp_req_delete(struct net *net, struct arpreq *r,
1181               struct net_device *dev)
1182 {
1183     __be32 ip;
1184
1185     if (r->arp_flags & ATF_PUBL)
1186         return arp_req_delete_public(net, r, dev);
1187
1188     ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1189     if (!dev) {
1190         struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1191         if (IS_ERR(rt))
1192             return PTR_ERR(rt);
1193         dev = rt->dst.dev;
1194         ip_rt_put(rt);
1195         if (!dev)
1196             return -EINVAL;
1197     }
1198     return arp_invalidate(dev, ip, true);
1199 }
1200
1201 /*
1202  *  Handle an ARP layer I/O control request.
1203  */
1204
1205 int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1206 {
1207     int err;
1208     struct arpreq r;
1209     struct net_device *dev = NULL;
1210
1211     switch (cmd) {
1212     case SIOCDARP:
1213     case SIOCSARP:
1214         if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1215             return -EPERM;
1216         fallthrough;
1217     case SIOCGARP:
1218         err = copy_from_user(&r, arg, sizeof(struct arpreq));
1219         if (err)
1220             return -EFAULT;
1221         break;
1222     default:
1223         return -EINVAL;
1224     }
1225
1226     if (r.arp_pa.sa_family != AF_INET)
1227         return -EPFNOSUPPORT;
1228
1229     if (!(r.arp_flags & ATF_PUBL) &&
1230         (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1231         return -EINVAL;
1232     if (!(r.arp_flags & ATF_NETMASK))
1233         ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr =
1234                                htonl(0xFFFFFFFFUL);
1235     rtnl_lock();
1236     if (r.arp_dev[0]) {
1237         err = -ENODEV;
1238         dev = __dev_get_by_name(net, r.arp_dev);
1239         if (!dev)
1240             goto out;
1241
1242         /* Mmmm... It is wrong... ARPHRD_NETROM==0 */
1243         if (!r.arp_ha.sa_family)
1244             r.arp_ha.sa_family = dev->type;
1245         err = -EINVAL;
1246         if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type)
1247             goto out;
1248     } else if (cmd == SIOCGARP) {
1249         err = -ENODEV;
1250         goto out;
1251     }
1252
1253     switch (cmd) {
1254     case SIOCDARP:
1255         err = arp_req_delete(net, &r, dev);
1256         break;
1257     case SIOCSARP:
1258         err = arp_req_set(net, &r, dev);
1259         break;
1260     case SIOCGARP:
1261         err = arp_req_get(&r, dev);
1262         break;
1263     }
1264 out:
1265     rtnl_unlock();
1266     if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r)))
1267         err = -EFAULT;
1268     return err;
1269 }
1270
1271 static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1272                 void *ptr)
1273 {
1274     struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1275     struct netdev_notifier_change_info *change_info;
1276     struct in_device *in_dev;
1277     bool evict_nocarrier;
1278
1279     switch (event) {
1280     case NETDEV_CHANGEADDR:
1281         neigh_changeaddr(&arp_tbl, dev);
1282         rt_cache_flush(dev_net(dev));
1283         break;
1284     case NETDEV_CHANGE:
1285         change_info = ptr;
1286         if (change_info->flags_changed & IFF_NOARP)
1287             neigh_changeaddr(&arp_tbl, dev);
1288
1289         in_dev = __in_dev_get_rtnl(dev);
1290         if (!in_dev)
1291             evict_nocarrier = true;
1292         else
1293             evict_nocarrier = IN_DEV_ARP_EVICT_NOCARRIER(in_dev);
1294
1295         if (evict_nocarrier && !netif_carrier_ok(dev))
1296             neigh_carrier_down(&arp_tbl, dev);
1297         break;
1298     default:
1299         break;
1300     }
1301
1302     return NOTIFY_DONE;
1303 }
1304
1305 static struct notifier_block arp_netdev_notifier = {
1306     .notifier_call = arp_netdev_event,
1307 };
1308
1309 /* Note, that it is not on notifier chain.
1310    It is necessary, that this routine was called after route cache will be
1311    flushed.
1312  */
1313 void arp_ifdown(struct net_device *dev)
1314 {
1315     neigh_ifdown(&arp_tbl, dev);
1316 }
1317
1318
1319 /*
1320  *  Called once on startup.
1321  */
1322
1323 static struct packet_type arp_packet_type __read_mostly = {
1324     .type = cpu_to_be16(ETH_P_ARP),
1325     .func = arp_rcv,
1326 };
1327
1328 #ifdef CONFIG_PROC_FS
1329 #if IS_ENABLED(CONFIG_AX25)
1330
1331 /*
1332  *  ax25 -> ASCII conversion
1333  */
1334 static void ax2asc2(ax25_address *a, char *buf)
1335 {
1336     char c, *s;
1337     int n;
1338
1339     for (n = 0, s = buf; n < 6; n++) {
1340         c = (a->ax25_call[n] >> 1) & 0x7F;
1341
1342         if (c != ' ')
1343             *s++ = c;
1344     }
1345
1346     *s++ = '-';
1347     n = (a->ax25_call[6] >> 1) & 0x0F;
1348     if (n > 9) {
1349         *s++ = '1';
1350         n -= 10;
1351     }
1352
1353     *s++ = n + '0';
1354     *s++ = '\0';
1355
1356     if (*buf == '\0' || *buf == '-') {
1357         buf[0] = '*';
1358         buf[1] = '\0';
1359     }
1360 }
1361 #endif /* CONFIG_AX25 */
1362
1363 #define HBUFFERLEN 30
1364
1365 static void arp_format_neigh_entry(struct seq_file *seq,
1366                    struct neighbour *n)
1367 {
1368     char hbuffer[HBUFFERLEN];
1369     int k, j;
1370     char tbuf[16];
1371     struct net_device *dev = n->dev;
1372     int hatype = dev->type;
1373
1374     read_lock(&n->lock);
1375     /* Convert hardware address to XX:XX:XX:XX ... form. */
1376 #if IS_ENABLED(CONFIG_AX25)
1377     if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1378         ax2asc2((ax25_address *)n->ha, hbuffer);
1379     else {
1380 #endif
1381     for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1382         hbuffer[k++] = hex_asc_hi(n->ha[j]);
1383         hbuffer[k++] = hex_asc_lo(n->ha[j]);
1384         hbuffer[k++] = ':';
1385     }
1386     if (k != 0)
1387         --k;
1388     hbuffer[k] = 0;
1389 #if IS_ENABLED(CONFIG_AX25)
1390     }
1391 #endif
1392     sprintf(tbuf, "%pI4", n->primary_key);
1393     seq_printf(seq, "%-16s 0x%-10x0x%-10x%-17s     *        %s\n",
1394            tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1395     read_unlock(&n->lock);
1396 }
1397
1398 static void arp_format_pneigh_entry(struct seq_file *seq,
1399                     struct pneigh_entry *n)
1400 {
1401     struct net_device *dev = n->dev;
1402     int hatype = dev ? dev->type : 0;
1403     char tbuf[16];
1404
1405     sprintf(tbuf, "%pI4", n->key);
1406     seq_printf(seq, "%-16s 0x%-10x0x%-10x%s     *        %s\n",
1407            tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1408            dev ? dev->name : "*");
1409 }
1410
1411 static int arp_seq_show(struct seq_file *seq, void *v)
1412 {
1413     if (v == SEQ_START_TOKEN) {
1414         seq_puts(seq, "IP address       HW type     Flags       "
1415                   "HW address            Mask     Device\n");
1416     } else {
1417         struct neigh_seq_state *state = seq->private;
1418
1419         if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1420             arp_format_pneigh_entry(seq, v);
1421         else
1422             arp_format_neigh_entry(seq, v);
1423     }
1424
1425     return 0;
1426 }
1427
1428 static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1429 {
1430     /* Don't want to confuse "arp -a" w/ magic entries,
1431      * so we tell the generic iterator to skip NUD_NOARP.
1432      */
1433     return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1434 }
1435
1436 static const struct seq_operations arp_seq_ops = {
1437     .start  = arp_seq_start,
1438     .next   = neigh_seq_next,
1439     .stop   = neigh_seq_stop,
1440     .show   = arp_seq_show,
1441 };
1442 #endif /* CONFIG_PROC_FS */
1443
1444 static int __net_init arp_net_init(struct net *net)
1445 {
1446     if (!proc_create_net("arp", 0444, net->proc_net, &arp_seq_ops,
1447             sizeof(struct neigh_seq_state)))
1448         return -ENOMEM;
1449     return 0;
1450 }
1451
1452 static void __net_exit arp_net_exit(struct net *net)
1453 {
1454     remove_proc_entry("arp", net->proc_net);
1455 }
1456
1457 static struct pernet_operations arp_net_ops = {
1458     .init = arp_net_init,
1459     .exit = arp_net_exit,
1460 };
1461
1462 void __init arp_init(void)
1463 {
1464     neigh_table_init(NEIGH_ARP_TABLE, &arp_tbl);
1465
1466     dev_add_pack(&arp_packet_type);
1467     register_pernet_subsys(&arp_net_ops);
1468 #ifdef CONFIG_SYSCTL
1469     neigh_sysctl_register(NULL, &arp_tbl.parms, NULL);
1470 #endif
1471     register_netdevice_notifier(&arp_netdev_notifier);
1472 }