1 /* SPDX-License-Identifier: BSD-2-Clause */
4 * Copyright (c) 2006-2019 Roy Marples <roy@marples.name>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/socket.h>
30 #include <sys/types.h>
32 #include <arpa/inet.h>
35 #include <netinet/in.h>
36 #include <netinet/if_ether.h>
53 #include "if-options.h"
59 (sizeof(struct arphdr) + (2 * sizeof(uint32_t)) + (2 * HWADDR_LEN))
61 /* ARP debugging can be quite noisy. Enable this for more noise! */
64 /* Assert the correct structure size for on wire */
65 __CTASSERT(sizeof(struct arphdr) == 8);
68 arp_request(const struct interface *ifp,
69 const struct in_addr *sip, const struct in_addr *tip)
71 uint8_t arp_buffer[ARP_LEN];
75 const struct iarp_state *state;
77 ar.ar_hrd = htons(ifp->family);
78 ar.ar_pro = htons(ETHERTYPE_IP);
79 ar.ar_hln = ifp->hwlen;
80 ar.ar_pln = sizeof(tip->s_addr);
81 ar.ar_op = htons(ARPOP_REQUEST);
86 #define CHECK(fun, b, l) \
88 if (len + (l) > sizeof(arp_buffer)) \
93 } while (/* CONSTCOND */ 0)
94 #define APPEND(b, l) CHECK(memcpy, b, l)
95 #define ZERO(l) CHECK(memset, 0, l)
97 APPEND(&ar, sizeof(ar));
98 APPEND(ifp->hwaddr, ifp->hwlen);
100 APPEND(&sip->s_addr, sizeof(sip->s_addr));
102 ZERO(sizeof(tip->s_addr));
104 APPEND(&tip->s_addr, sizeof(tip->s_addr));
106 state = ARP_CSTATE(ifp);
107 return bpf_send(ifp, state->bpf_fd, ETHERTYPE_ARP, arp_buffer, len);
115 arp_report_conflicted(const struct arp_state *astate,
116 const struct arp_msg *amsg)
118 char buf[HWADDR_LEN * 3];
121 logerrx("%s: DAD detected %s",
122 astate->iface->name, inet_ntoa(astate->addr));
126 logerrx("%s: hardware address %s claims %s",
128 hwaddr_ntoa(amsg->sha, astate->iface->hwlen, buf, sizeof(buf)),
129 inet_ntoa(astate->addr));
133 arp_found(struct arp_state *astate, const struct arp_msg *amsg)
135 struct interface *ifp;
136 struct ipv4_addr *ia;
137 #ifndef KERNEL_RFC5227
138 struct timespec now, defend;
141 arp_report_conflicted(astate, amsg);
144 /* If we haven't added the address we're doing a probe. */
145 ia = ipv4_iffindaddr(ifp, &astate->addr, NULL);
147 if (astate->found_cb != NULL)
148 astate->found_cb(astate, amsg);
152 #ifndef KERNEL_RFC5227
153 /* RFC 3927 Section 2.5 says a defence should
154 * broadcast an ARP announcement.
155 * Because the kernel will also unicast a reply to the
156 * hardware address which requested the IP address
157 * the other IPv4LL client will receieve two ARP
159 * If another conflict happens within DEFEND_INTERVAL
160 * then we must drop our address and negotiate a new one. */
161 defend.tv_sec = astate->defend.tv_sec + DEFEND_INTERVAL;
162 defend.tv_nsec = astate->defend.tv_nsec;
163 clock_gettime(CLOCK_MONOTONIC, &now);
164 if (timespeccmp(&defend, &now, >))
165 logwarnx("%s: %d second defence failed for %s",
166 ifp->name, DEFEND_INTERVAL, inet_ntoa(astate->addr));
167 else if (arp_request(ifp, &astate->addr, &astate->addr) == -1)
170 logdebugx("%s: defended address %s",
171 ifp->name, inet_ntoa(astate->addr));
172 astate->defend = now;
177 if (astate->defend_failed_cb != NULL)
178 astate->defend_failed_cb(astate);
182 arp_validate(const struct interface *ifp, struct arphdr *arp)
185 /* Families must match */
186 if (arp->ar_hrd != htons(ifp->family))
189 /* Protocol must be IP. */
190 if (arp->ar_pro != htons(ETHERTYPE_IP))
193 /* lladdr length matches */
194 if (arp->ar_hln != ifp->hwlen)
197 /* Protocol length must match in_addr_t */
198 if (arp->ar_pln != sizeof(in_addr_t))
201 /* Only these types are recognised */
202 if (arp->ar_op != htons(ARPOP_REPLY) &&
203 arp->ar_op != htons(ARPOP_REQUEST))
210 arp_packet(struct interface *ifp, uint8_t *data, size_t len)
212 const struct interface *ifn;
215 const struct iarp_state *state;
216 struct arp_state *astate, *astaten;
217 uint8_t *hw_s, *hw_t;
219 /* We must have a full ARP header */
220 if (len < sizeof(ar))
222 memcpy(&ar, data, sizeof(ar));
224 if (!arp_validate(ifp, &ar)) {
226 logerrx("%s: ARP BPF validation failure", ifp->name);
231 /* Get pointers to the hardware addresses */
232 hw_s = data + sizeof(ar);
233 hw_t = hw_s + ar.ar_hln + ar.ar_pln;
234 /* Ensure we got all the data */
235 if ((size_t)((hw_t + ar.ar_hln + ar.ar_pln) - data) > len)
237 /* Ignore messages from ourself */
238 TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) {
239 if (ar.ar_hln == ifn->hwlen &&
240 memcmp(hw_s, ifn->hwaddr, ifn->hwlen) == 0)
245 logdebugx("%s: ignoring ARP from self", ifp->name);
249 /* Copy out the HW and IP addresses */
250 memcpy(&arm.sha, hw_s, ar.ar_hln);
251 memcpy(&arm.sip.s_addr, hw_s + ar.ar_hln, ar.ar_pln);
252 memcpy(&arm.tha, hw_t, ar.ar_hln);
253 memcpy(&arm.tip.s_addr, hw_t + ar.ar_hln, ar.ar_pln);
255 /* Match the ARP probe to our states.
256 * Ignore Unicast Poll, RFC1122. */
257 state = ARP_CSTATE(ifp);
258 TAILQ_FOREACH_SAFE(astate, &state->arp_states, next, astaten) {
259 if (IN_ARE_ADDR_EQUAL(&arm.sip, &astate->addr) ||
260 (IN_IS_ADDR_UNSPECIFIED(&arm.sip) &&
261 IN_ARE_ADDR_EQUAL(&arm.tip, &astate->addr) &&
262 state->bpf_flags & BPF_BCAST))
263 arp_found(astate, &arm);
268 arp_close(struct interface *ifp)
270 struct iarp_state *state;
272 if ((state = ARP_STATE(ifp)) == NULL || state->bpf_fd == -1)
275 eloop_event_delete(ifp->ctx->eloop, state->bpf_fd);
276 bpf_close(ifp, state->bpf_fd);
278 state->bpf_flags |= BPF_EOF;
282 arp_tryfree(struct iarp_state *state)
284 struct interface *ifp = state->ifp;
286 /* If there are no more ARP states, close the socket. */
287 if (TAILQ_FIRST(&state->arp_states) == NULL) {
289 if (state->bpf_flags & BPF_READING)
290 state->bpf_flags |= BPF_EOF;
293 ifp->if_data[IF_DATA_ARP] = NULL;
296 if (bpf_arp(ifp, state->bpf_fd) == -1)
304 struct iarp_state *state = arg;
305 struct interface *ifp = state->ifp;
306 uint8_t buf[ARP_LEN];
309 /* Some RAW mechanisms are generic file descriptors, not sockets.
310 * This means we have no kernel call to just get one packet,
311 * so we have to process the entire buffer. */
312 state->bpf_flags &= ~BPF_EOF;
313 state->bpf_flags |= BPF_READING;
314 while (!(state->bpf_flags & BPF_EOF)) {
315 bytes = bpf_read(ifp, state->bpf_fd, buf, sizeof(buf),
318 logerr("%s: %s", __func__, ifp->name);
322 arp_packet(ifp, buf, (size_t)bytes);
323 /* Check we still have a state after processing. */
324 if ((state = ARP_STATE(ifp)) == NULL)
328 state->bpf_flags &= ~BPF_READING;
329 /* Try and free the state if nothing left to do. */
335 arp_open(struct interface *ifp)
337 struct iarp_state *state;
339 state = ARP_STATE(ifp);
340 if (state->bpf_fd == -1) {
341 state->bpf_fd = bpf_open(ifp, bpf_arp);
342 if (state->bpf_fd == -1)
344 eloop_event_add(ifp->ctx->eloop, state->bpf_fd, arp_read, state);
346 return state->bpf_fd;
350 arp_probed(void *arg)
352 struct arp_state *astate = arg;
354 timespecclear(&astate->defend);
355 astate->not_found_cb(astate);
359 arp_probe1(void *arg)
361 struct arp_state *astate = arg;
362 struct interface *ifp = astate->iface;
365 if (++astate->probes < PROBE_NUM) {
366 tv.tv_sec = PROBE_MIN;
367 tv.tv_nsec = (suseconds_t)arc4random_uniform(
368 (PROBE_MAX - PROBE_MIN) * NSEC_PER_SEC);
370 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, arp_probe1, astate);
372 tv.tv_sec = ANNOUNCE_WAIT;
374 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, arp_probed, astate);
376 logdebugx("%s: ARP probing %s (%d of %d), next in %0.1f seconds",
377 ifp->name, inet_ntoa(astate->addr),
378 astate->probes ? astate->probes : PROBE_NUM, PROBE_NUM,
379 timespec_to_double(&tv));
380 if (arp_request(ifp, NULL, &astate->addr) == -1)
385 arp_probe(struct arp_state *astate)
388 if (arp_open(astate->iface) == -1) {
392 const struct iarp_state *state = ARP_CSTATE(astate->iface);
394 if (bpf_arp(astate->iface, state->bpf_fd) == -1)
398 logdebugx("%s: probing for %s",
399 astate->iface->name, inet_ntoa(astate->addr));
404 static struct arp_state *
405 arp_find(struct interface *ifp, const struct in_addr *addr)
407 struct iarp_state *state;
408 struct arp_state *astate;
410 if ((state = ARP_STATE(ifp)) == NULL)
412 TAILQ_FOREACH(astate, &state->arp_states, next) {
413 if (astate->addr.s_addr == addr->s_addr && astate->iface == ifp)
422 arp_announced(void *arg)
424 struct arp_state *astate = arg;
426 if (astate->announced_cb) {
427 astate->announced_cb(astate);
431 /* Keep the ARP state open to handle ongoing ACD. */
435 arp_announce1(void *arg)
437 struct arp_state *astate = arg;
438 struct interface *ifp = astate->iface;
439 struct ipv4_addr *ia;
441 if (++astate->claims < ANNOUNCE_NUM)
442 logdebugx("%s: ARP announcing %s (%d of %d), "
443 "next in %d.0 seconds",
444 ifp->name, inet_ntoa(astate->addr),
445 astate->claims, ANNOUNCE_NUM, ANNOUNCE_WAIT);
447 logdebugx("%s: ARP announcing %s (%d of %d)",
448 ifp->name, inet_ntoa(astate->addr),
449 astate->claims, ANNOUNCE_NUM);
451 /* The kernel will send a Gratuitous ARP for newly added addresses.
452 * So we can avoid sending the same.
453 * Linux is special and doesn't send one. */
454 ia = ipv4_iffindaddr(ifp, &astate->addr, NULL);
456 if (astate->claims == 1 && ia != NULL && ia->flags & IPV4_AF_NEW)
460 if (arp_request(ifp, &astate->addr, &astate->addr) == -1)
466 /* No longer a new address. */
468 ia->flags |= ~IPV4_AF_NEW;
470 eloop_timeout_add_sec(ifp->ctx->eloop, ANNOUNCE_WAIT,
471 astate->claims < ANNOUNCE_NUM ? arp_announce1 : arp_announced,
476 arp_announce(struct arp_state *astate)
478 struct iarp_state *state;
479 struct interface *ifp;
480 struct arp_state *a2;
483 if (arp_open(astate->iface) == -1) {
488 /* Cancel any other ARP announcements for this address. */
489 TAILQ_FOREACH(ifp, astate->iface->ctx->ifaces, next) {
490 state = ARP_STATE(ifp);
493 TAILQ_FOREACH(a2, &state->arp_states, next) {
495 a2->addr.s_addr != astate->addr.s_addr)
497 r = eloop_timeout_delete(a2->iface->ctx->eloop,
498 a2->claims < ANNOUNCE_NUM
499 ? arp_announce1 : arp_announced,
504 logdebugx("%s: ARP announcement "
507 inet_ntoa(a2->addr));
512 arp_announce1(astate);
516 arp_ifannounceaddr(struct interface *ifp, const struct in_addr *ia)
518 struct arp_state *astate;
520 if (ifp->flags & IFF_NOARP)
523 astate = arp_find(ifp, ia);
524 if (astate == NULL) {
525 astate = arp_new(ifp, ia);
528 astate->announced_cb = arp_free;
530 arp_announce(astate);
534 arp_announceaddr(struct dhcpcd_ctx *ctx, const struct in_addr *ia)
536 struct interface *ifp, *iff = NULL;
537 struct ipv4_addr *iap;
539 TAILQ_FOREACH(ifp, ctx->ifaces, next) {
540 if (!ifp->active || ifp->carrier <= LINK_DOWN)
542 iap = ipv4_iffindaddr(ifp, ia, NULL);
545 #ifdef IN_IFF_NOTUSEABLE
546 if (!(iap->addr_flags & IN_IFF_NOTUSEABLE))
549 if (iff != NULL && iff->metric < ifp->metric)
556 arp_ifannounceaddr(iff, ia);
560 arp_new(struct interface *ifp, const struct in_addr *addr)
562 struct iarp_state *state;
563 struct arp_state *astate;
565 if ((state = ARP_STATE(ifp)) == NULL) {
566 ifp->if_data[IF_DATA_ARP] = malloc(sizeof(*state));
567 state = ARP_STATE(ifp);
574 state->bpf_flags = 0;
575 TAILQ_INIT(&state->arp_states);
577 if (addr && (astate = arp_find(ifp, addr)))
581 if ((astate = calloc(1, sizeof(*astate))) == NULL) {
587 astate->addr = *addr;
588 state = ARP_STATE(ifp);
589 TAILQ_INSERT_TAIL(&state->arp_states, astate, next);
591 if (bpf_arp(ifp, state->bpf_fd) == -1)
592 logerr(__func__); /* try and continue */
598 arp_cancel(struct arp_state *astate)
601 eloop_timeout_delete(astate->iface->ctx->eloop, NULL, astate);
605 arp_free(struct arp_state *astate)
607 struct interface *ifp;
608 struct iarp_state *state;
614 eloop_timeout_delete(ifp->ctx->eloop, NULL, astate);
615 state = ARP_STATE(ifp);
616 TAILQ_REMOVE(&state->arp_states, astate, next);
618 astate->free_cb(astate);
624 arp_freeaddr(struct interface *ifp, const struct in_addr *ia)
626 struct arp_state *astate;
628 astate = arp_find(ifp, ia);
633 arp_drop(struct interface *ifp)
635 struct iarp_state *state;
636 struct arp_state *astate;
638 while ((state = ARP_STATE(ifp)) != NULL &&
639 (astate = TAILQ_FIRST(&state->arp_states)) != NULL)
642 /* No need to close because the last free will close */