1 /* SPDX-License-Identifier: BSD-2-Clause */
4 * Copyright (c) 2006-2021 Roy Marples <roy@marples.name>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/socket.h>
30 #include <sys/types.h>
32 #include <arpa/inet.h>
35 #include <netinet/in.h>
36 #include <netinet/if_ether.h>
44 #define ELOOP_QUEUE ELOOP_ARP
53 #include "if-options.h"
61 sizeof(struct arphdr) + (2 * sizeof(uint32_t)) + (2 * HWADDR_LEN))
63 /* ARP debugging can be quite noisy. Enable this for more noise! */
66 /* Assert the correct structure size for on wire */
67 __CTASSERT(sizeof(struct arphdr) == 8);
70 arp_request(const struct arp_state *astate,
71 const struct in_addr *sip)
73 const struct interface *ifp = astate->iface;
74 const struct in_addr *tip = &astate->addr;
75 uint8_t arp_buffer[ARP_LEN];
80 ar.ar_hrd = htons(ifp->hwtype);
81 ar.ar_pro = htons(ETHERTYPE_IP);
82 ar.ar_hln = ifp->hwlen;
83 ar.ar_pln = sizeof(tip->s_addr);
84 ar.ar_op = htons(ARPOP_REQUEST);
89 #define CHECK(fun, b, l) \
91 if (len + (l) > sizeof(arp_buffer)) \
96 } while (/* CONSTCOND */ 0)
97 #define APPEND(b, l) CHECK(memcpy, b, l)
98 #define ZERO(l) CHECK(memset, 0, l)
100 APPEND(&ar, sizeof(ar));
101 APPEND(ifp->hwaddr, ifp->hwlen);
103 APPEND(&sip->s_addr, sizeof(sip->s_addr));
105 ZERO(sizeof(tip->s_addr));
107 APPEND(&tip->s_addr, sizeof(tip->s_addr));
110 if (ifp->ctx->options & DHCPCD_PRIVSEP)
111 return ps_bpf_sendarp(ifp, tip, arp_buffer, len);
113 /* Note that well formed ethernet will add extra padding
114 * to ensure that the packet is at least 60 bytes (64 including FCS). */
115 return bpf_send(astate->bpf, ETHERTYPE_ARP, arp_buffer, len);
123 arp_report_conflicted(const struct arp_state *astate,
124 const struct arp_msg *amsg)
126 char abuf[HWADDR_LEN * 3];
127 char fbuf[HWADDR_LEN * 3];
130 logerrx("%s: DAD detected %s",
131 astate->iface->name, inet_ntoa(astate->addr));
135 hwaddr_ntoa(amsg->sha, astate->iface->hwlen, abuf, sizeof(abuf));
136 if (bpf_frame_header_len(astate->iface) == 0) {
137 logwarnx("%s: %s claims %s",
138 astate->iface->name, abuf, inet_ntoa(astate->addr));
142 logwarnx("%s: %s(%s) claims %s",
143 astate->iface->name, abuf,
144 hwaddr_ntoa(amsg->fsha, astate->iface->hwlen, fbuf, sizeof(fbuf)),
145 inet_ntoa(astate->addr));
149 arp_found(struct arp_state *astate, const struct arp_msg *amsg)
151 struct interface *ifp;
152 struct ipv4_addr *ia;
153 #ifndef KERNEL_RFC5227
157 arp_report_conflicted(astate, amsg);
160 /* If we haven't added the address we're doing a probe. */
161 ia = ipv4_iffindaddr(ifp, &astate->addr, NULL);
163 if (astate->found_cb != NULL)
164 astate->found_cb(astate, amsg);
168 #ifndef KERNEL_RFC5227
169 /* RFC 3927 Section 2.5 says a defence should
170 * broadcast an ARP announcement.
171 * Because the kernel will also unicast a reply to the
172 * hardware address which requested the IP address
173 * the other IPv4LL client will receieve two ARP
175 * If another conflict happens within DEFEND_INTERVAL
176 * then we must drop our address and negotiate a new one. */
177 clock_gettime(CLOCK_MONOTONIC, &now);
178 if (timespecisset(&astate->defend) &&
179 eloop_timespec_diff(&now, &astate->defend, NULL) < DEFEND_INTERVAL)
180 logwarnx("%s: %d second defence failed for %s",
181 ifp->name, DEFEND_INTERVAL, inet_ntoa(astate->addr));
182 else if (arp_request(astate, &astate->addr) == -1)
185 logdebugx("%s: defended address %s",
186 ifp->name, inet_ntoa(astate->addr));
187 astate->defend = now;
192 if (astate->defend_failed_cb != NULL)
193 astate->defend_failed_cb(astate);
197 arp_validate(const struct interface *ifp, struct arphdr *arp)
200 /* Address type must match */
201 if (arp->ar_hrd != htons(ifp->hwtype))
204 /* Protocol must be IP. */
205 if (arp->ar_pro != htons(ETHERTYPE_IP))
208 /* lladdr length matches */
209 if (arp->ar_hln != ifp->hwlen)
212 /* Protocol length must match in_addr_t */
213 if (arp->ar_pln != sizeof(in_addr_t))
216 /* Only these types are recognised */
217 if (arp->ar_op != htons(ARPOP_REPLY) &&
218 arp->ar_op != htons(ARPOP_REQUEST))
225 arp_packet(struct interface *ifp, uint8_t *data, size_t len,
226 unsigned int bpf_flags)
228 size_t fl = bpf_frame_header_len(ifp), falen;
229 const struct interface *ifn;
232 const struct iarp_state *state;
233 struct arp_state *astate, *astaten;
234 uint8_t *hw_s, *hw_t;
236 /* Copy the frame header source and destination out */
237 memset(&arm, 0, sizeof(arm));
239 hw_s = bpf_frame_header_src(ifp, data, &falen);
240 if (hw_s != NULL && falen <= sizeof(arm.fsha))
241 memcpy(arm.fsha, hw_s, falen);
242 hw_t = bpf_frame_header_dst(ifp, data, &falen);
243 if (hw_t != NULL && falen <= sizeof(arm.ftha))
244 memcpy(arm.ftha, hw_t, falen);
246 /* Skip past the frame header */
251 /* We must have a full ARP header */
252 if (len < sizeof(ar))
254 memcpy(&ar, data, sizeof(ar));
256 if (!arp_validate(ifp, &ar)) {
258 logerrx("%s: ARP BPF validation failure", ifp->name);
263 /* Get pointers to the hardware addresses */
264 hw_s = data + sizeof(ar);
265 hw_t = hw_s + ar.ar_hln + ar.ar_pln;
266 /* Ensure we got all the data */
267 if ((size_t)((hw_t + ar.ar_hln + ar.ar_pln) - data) > len)
269 /* Ignore messages from ourself */
270 TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) {
271 if (ar.ar_hln == ifn->hwlen &&
272 memcmp(hw_s, ifn->hwaddr, ifn->hwlen) == 0)
277 logdebugx("%s: ignoring ARP from self", ifp->name);
281 /* Copy out the HW and IP addresses */
282 memcpy(&arm.sha, hw_s, ar.ar_hln);
283 memcpy(&arm.sip.s_addr, hw_s + ar.ar_hln, ar.ar_pln);
284 memcpy(&arm.tha, hw_t, ar.ar_hln);
285 memcpy(&arm.tip.s_addr, hw_t + ar.ar_hln, ar.ar_pln);
287 /* Match the ARP probe to our states.
288 * Ignore Unicast Poll, RFC1122. */
289 state = ARP_CSTATE(ifp);
292 TAILQ_FOREACH_SAFE(astate, &state->arp_states, next, astaten) {
293 if (IN_ARE_ADDR_EQUAL(&arm.sip, &astate->addr) ||
294 (IN_IS_ADDR_UNSPECIFIED(&arm.sip) &&
295 IN_ARE_ADDR_EQUAL(&arm.tip, &astate->addr) &&
296 bpf_flags & BPF_BCAST))
297 arp_found(astate, &arm);
304 struct arp_state *astate = arg;
305 struct bpf *bpf = astate->bpf;
306 struct interface *ifp = astate->iface;
307 uint8_t buf[ARP_LEN];
309 struct in_addr addr = astate->addr;
311 /* Some RAW mechanisms are generic file descriptors, not sockets.
312 * This means we have no kernel call to just get one packet,
313 * so we have to process the entire buffer. */
314 bpf->bpf_flags &= ~BPF_EOF;
315 while (!(bpf->bpf_flags & BPF_EOF)) {
316 bytes = bpf_read(bpf, buf, sizeof(buf));
318 logerr("%s: %s", __func__, ifp->name);
322 arp_packet(ifp, buf, (size_t)bytes, bpf->bpf_flags);
323 /* Check we still have a state after processing. */
324 if ((astate = arp_find(ifp, &addr)) == NULL)
326 if ((bpf = astate->bpf) == NULL)
332 arp_probed(void *arg)
334 struct arp_state *astate = arg;
336 timespecclear(&astate->defend);
337 astate->not_found_cb(astate);
341 arp_probe1(void *arg)
343 struct arp_state *astate = arg;
344 struct interface *ifp = astate->iface;
347 if (++astate->probes < PROBE_NUM) {
348 delay = (PROBE_MIN * MSEC_PER_SEC) +
350 (PROBE_MAX - PROBE_MIN) * MSEC_PER_SEC));
351 eloop_timeout_add_msec(ifp->ctx->eloop, delay, arp_probe1, astate);
353 delay = ANNOUNCE_WAIT * MSEC_PER_SEC;
354 eloop_timeout_add_msec(ifp->ctx->eloop, delay, arp_probed, astate);
356 logdebugx("%s: ARP probing %s (%d of %d), next in %0.1f seconds",
357 ifp->name, inet_ntoa(astate->addr),
358 astate->probes ? astate->probes : PROBE_NUM, PROBE_NUM,
359 (float)delay / MSEC_PER_SEC);
360 if (arp_request(astate, NULL) == -1)
365 arp_probe(struct arp_state *astate)
369 logdebugx("%s: probing for %s",
370 astate->iface->name, inet_ntoa(astate->addr));
376 arp_find(struct interface *ifp, const struct in_addr *addr)
378 struct iarp_state *state;
379 struct arp_state *astate;
381 if ((state = ARP_STATE(ifp)) == NULL)
383 TAILQ_FOREACH(astate, &state->arp_states, next) {
384 if (astate->addr.s_addr == addr->s_addr && astate->iface == ifp)
393 arp_announced(void *arg)
395 struct arp_state *astate = arg;
397 if (astate->announced_cb) {
398 astate->announced_cb(astate);
402 /* Keep the ARP state open to handle ongoing ACD. */
406 arp_announce1(void *arg)
408 struct arp_state *astate = arg;
409 struct interface *ifp = astate->iface;
410 struct ipv4_addr *ia;
412 if (++astate->claims < ANNOUNCE_NUM)
413 logdebugx("%s: ARP announcing %s (%d of %d), "
414 "next in %d.0 seconds",
415 ifp->name, inet_ntoa(astate->addr),
416 astate->claims, ANNOUNCE_NUM, ANNOUNCE_WAIT);
418 logdebugx("%s: ARP announcing %s (%d of %d)",
419 ifp->name, inet_ntoa(astate->addr),
420 astate->claims, ANNOUNCE_NUM);
422 /* The kernel will send a Gratuitous ARP for newly added addresses.
423 * So we can avoid sending the same.
424 * Linux is special and doesn't send one. */
425 ia = ipv4_iffindaddr(ifp, &astate->addr, NULL);
427 if (astate->claims == 1 && ia != NULL && ia->flags & IPV4_AF_NEW)
431 if (arp_request(astate, &astate->addr) == -1)
437 /* No longer a new address. */
439 ia->flags |= ~IPV4_AF_NEW;
441 eloop_timeout_add_sec(ifp->ctx->eloop, ANNOUNCE_WAIT,
442 astate->claims < ANNOUNCE_NUM ? arp_announce1 : arp_announced,
447 arp_announce(struct arp_state *astate)
449 struct iarp_state *state;
450 struct interface *ifp;
451 struct arp_state *a2;
454 /* Cancel any other ARP announcements for this address. */
455 TAILQ_FOREACH(ifp, astate->iface->ctx->ifaces, next) {
456 state = ARP_STATE(ifp);
459 TAILQ_FOREACH(a2, &state->arp_states, next) {
461 a2->addr.s_addr != astate->addr.s_addr)
463 r = eloop_timeout_delete(a2->iface->ctx->eloop,
464 a2->claims < ANNOUNCE_NUM
465 ? arp_announce1 : arp_announced,
470 logdebugx("%s: ARP announcement "
473 inet_ntoa(a2->addr));
480 arp_announce1(astate);
484 arp_ifannounceaddr(struct interface *ifp, const struct in_addr *ia)
486 struct arp_state *astate;
488 if (ifp->flags & IFF_NOARP || !(ifp->options->options & DHCPCD_ARP))
491 astate = arp_find(ifp, ia);
492 if (astate == NULL) {
493 astate = arp_new(ifp, ia);
496 astate->announced_cb = arp_free;
498 arp_announce(astate);
503 arp_announceaddr(struct dhcpcd_ctx *ctx, const struct in_addr *ia)
505 struct interface *ifp, *iff = NULL;
506 struct ipv4_addr *iap;
508 TAILQ_FOREACH(ifp, ctx->ifaces, next) {
509 if (!ifp->active || !if_is_link_up(ifp))
511 iap = ipv4_iffindaddr(ifp, ia, NULL);
514 #ifdef IN_IFF_NOTUSEABLE
515 if (iap->addr_flags & IN_IFF_NOTUSEABLE)
518 if (iff != NULL && iff->metric < ifp->metric)
525 return arp_ifannounceaddr(iff, ia);
529 arp_new(struct interface *ifp, const struct in_addr *addr)
531 struct iarp_state *state;
532 struct arp_state *astate;
534 if ((state = ARP_STATE(ifp)) == NULL) {
535 ifp->if_data[IF_DATA_ARP] = malloc(sizeof(*state));
536 state = ARP_STATE(ifp);
541 TAILQ_INIT(&state->arp_states);
543 if ((astate = arp_find(ifp, addr)) != NULL)
547 if ((astate = calloc(1, sizeof(*astate))) == NULL) {
552 astate->addr = *addr;
555 if (IN_PRIVSEP(ifp->ctx)) {
556 if (ps_bpf_openarp(ifp, addr) == -1) {
564 astate->bpf = bpf_open(ifp, bpf_arp, addr);
565 if (astate->bpf == NULL) {
570 eloop_event_add(ifp->ctx->eloop, astate->bpf->bpf_fd,
575 state = ARP_STATE(ifp);
576 TAILQ_INSERT_TAIL(&state->arp_states, astate, next);
581 arp_free(struct arp_state *astate)
583 struct interface *ifp;
584 struct dhcpcd_ctx *ctx;
585 struct iarp_state *state;
592 eloop_timeout_delete(ctx->eloop, NULL, astate);
594 state = ARP_STATE(ifp);
595 TAILQ_REMOVE(&state->arp_states, astate, next);
597 astate->free_cb(astate);
600 if (IN_PRIVSEP(ctx) && ps_bpf_closearp(ifp, &astate->addr) == -1)
603 if (astate->bpf != NULL) {
604 eloop_event_delete(ctx->eloop, astate->bpf->bpf_fd);
605 bpf_close(astate->bpf);
610 if (TAILQ_FIRST(&state->arp_states) == NULL) {
612 ifp->if_data[IF_DATA_ARP] = NULL;
617 arp_freeaddr(struct interface *ifp, const struct in_addr *ia)
619 struct arp_state *astate;
621 astate = arp_find(ifp, ia);
626 arp_drop(struct interface *ifp)
628 struct iarp_state *state;
629 struct arp_state *astate;
631 while ((state = ARP_STATE(ifp)) != NULL &&
632 (astate = TAILQ_FIRST(&state->arp_states)) != NULL)