1/* linux/net/ipv4/arp.c 2 * 3 * Copyright (C) 1994 by Florian La Roche 4 * 5 * This module implements the Address Resolution Protocol ARP (RFC 826), 6 * which is used to convert IP addresses (or in the future maybe other 7 * high-level addresses) into a low-level hardware address (like an Ethernet 8 * address). 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 * 15 * Fixes: 16 * Alan Cox : Removed the Ethernet assumptions in 17 * Florian's code 18 * Alan Cox : Fixed some small errors in the ARP 19 * logic 20 * Alan Cox : Allow >4K in /proc 21 * Alan Cox : Make ARP add its own protocol entry 22 * Ross Martin : Rewrote arp_rcv() and arp_get_info() 23 * Stephen Henson : Add AX25 support to arp_get_info() 24 * Alan Cox : Drop data when a device is downed. 25 * Alan Cox : Use init_timer(). 26 * Alan Cox : Double lock fixes. 27 * Martin Seine : Move the arphdr structure 28 * to if_arp.h for compatibility. 29 * with BSD based programs. 30 * Andrew Tridgell : Added ARP netmask code and 31 * re-arranged proxy handling. 32 * Alan Cox : Changed to use notifiers. 33 * Niibe Yutaka : Reply for this device or proxies only. 34 * Alan Cox : Don't proxy across hardware types! 35 * Jonathan Naylor : Added support for NET/ROM. 36 * Mike Shaver : RFC1122 checks. 37 * Jonathan Naylor : Only lookup the hardware address for 38 * the correct hardware type. 39 * Germano Caronni : Assorted subtle races. 40 * Craig Schlenter : Don't modify permanent entry 41 * during arp_rcv. 42 * Russ Nelson : Tidied up a few bits. 43 * Alexey Kuznetsov: Major changes to caching and behaviour, 44 * eg intelligent arp probing and 45 * generation 46 * of host down events. 47 * Alan Cox : Missing unlock in device events. 48 * Eckes : ARP ioctl control errors. 49 * Alexey Kuznetsov: Arp free fix. 50 * Manuel Rodriguez: Gratuitous ARP. 51 * Jonathan Layes : Added arpd support through kerneld 52 * message queue (960314) 53 * Mike Shaver : /proc/sys/net/ipv4/arp_* support 54 * Mike McLagan : Routing by source 55 * Stuart Cheshire : Metricom and grat arp fixes 56 * *** FOR 2.1 clean this up *** 57 * Lawrence V. Stefani: (08/12/96) Added FDDI support. 58 * Alan Cox : Took the AP1000 nasty FDDI hack and 59 * folded into the mainstream FDDI code. 60 * Ack spit, Linus how did you allow that 61 * one in... 62 * Jes Sorensen : Make FDDI work again in 2.1.x and 63 * clean up the APFDDI & gen. FDDI bits. 64 * Alexey Kuznetsov: new arp state machine; 65 * now it is in net/core/neighbour.c. 66 * Krzysztof Halasa: Added Frame Relay ARP support. 67 * Arnaldo C. Melo : convert /proc/net/arp to seq_file 68 * Shmulik Hen: Split arp_send to arp_create and 69 * arp_xmit so intermediate drivers like 70 * bonding can change the skb before 71 * sending (e.g. insert 8021q tag). 72 * Harald Welte : convert to make use of jenkins hash 73 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support. 74 */ 75 76#include <linux/module.h> 77#include <linux/types.h> 78#include <linux/string.h> 79#include <linux/kernel.h> 80#include <linux/capability.h> 81#include <linux/socket.h> 82#include <linux/sockios.h> 83#include <linux/errno.h> 84#include <linux/in.h> 85#include <linux/mm.h> 86#include <linux/inet.h> 87#include <linux/inetdevice.h> 88#include <linux/netdevice.h> 89#include <linux/etherdevice.h> 90#include <linux/fddidevice.h> 91#include <linux/if_arp.h> 92#include <linux/trdevice.h> 93#include <linux/skbuff.h> 94#include <linux/proc_fs.h> 95#include <linux/seq_file.h> 96#include <linux/stat.h> 97#include <linux/init.h> 98#include <linux/net.h> 99#include <linux/rcupdate.h> 100#include <linux/jhash.h> 101#include <linux/slab.h> 102#ifdef CONFIG_SYSCTL 103#include <linux/sysctl.h> 104#endif 105 106#include <net/net_namespace.h> 107#include <net/ip.h> 108#include <net/icmp.h> 109#include <net/route.h> 110#include <net/protocol.h> 111#include <net/tcp.h> 112#include <net/sock.h> 113#include <net/arp.h> 114#include <net/ax25.h> 115#include <net/netrom.h> 116#if defined(CONFIG_ATM_CLIP) || defined(CONFIG_ATM_CLIP_MODULE) 117#include <net/atmclip.h> 118struct neigh_table *clip_tbl_hook; 119EXPORT_SYMBOL(clip_tbl_hook); 120#endif 121 122#include <asm/system.h> 123#include <asm/uaccess.h> 124 125#include <linux/netfilter_arp.h> 126 127#define C_MAX_TOKEN_SIZE 128 128#define C_MAX_RESERVED_IP 64 129typedef struct ArpControlProfile { 130 char enable[12]; 131 int numResrvAddr; 132 char resrvMacAddr[C_MAX_RESERVED_IP][C_MAX_TOKEN_SIZE]; 133 char resrvIpAddr[C_MAX_RESERVED_IP][C_MAX_TOKEN_SIZE]; 134}T_ArpCtlProfile; 135T_ArpCtlProfile arp_profile = {"disable", 0 ,"", ""}; 136/*foxconn add end,edward zhang, 2012/1/16 @arp protection*/ 137/* 138 * Interface to generic neighbour cache. 139 */ 140static u32 arp_hash(const void *pkey, const struct net_device *dev); 141static int arp_constructor(struct neighbour *neigh); 142static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb); 143static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb); 144static void parp_redo(struct sk_buff *skb); 145/* foxconn wklin modified start, 2010/06/15 @attach_dev */ 146static int attadev_update(u32 sip, char *sha, struct net_device *dev); 147/* foxconn wklin modified end, 2010/06/15 */ 148/*Foxconn add start by Hank 08/25/2012*/ 149static int attadev_init(struct net *net); 150/*Foxconn add end by Hank 08/25/2012*/ 151int g_pid=0; /* Foxconn tab tseng added, 2013/05/27, for xbox qos */ 152int g_updated=0; /* Foxconn tab tseng added, 2013/05/27, for xbox qos */ 153/* foxconn dennis modified start, 01/02/2013 @ap_mode detection */ 154static int wandev_update(u32 sip, char *sha, struct net_device *indev); 155static int wandev_init(struct net *net); 156/* foxconn dennis modified end, 01/02/2013 */ 157static const struct neigh_ops arp_generic_ops = { 158 .family = AF_INET, 159 .solicit = arp_solicit, 160 .error_report = arp_error_report, 161 .output = neigh_resolve_output, 162 .connected_output = neigh_connected_output, 163 .hh_output = dev_queue_xmit, 164 .queue_xmit = dev_queue_xmit, 165}; 166 167static const struct neigh_ops arp_hh_ops = { 168 .family = AF_INET, 169 .solicit = arp_solicit, 170 .error_report = arp_error_report, 171 .output = neigh_resolve_output, 172 .connected_output = neigh_resolve_output, 173 .hh_output = dev_queue_xmit, 174 .queue_xmit = dev_queue_xmit, 175}; 176 177static const struct neigh_ops arp_direct_ops = { 178 .family = AF_INET, 179 .output = dev_queue_xmit, 180 .connected_output = dev_queue_xmit, 181 .hh_output = dev_queue_xmit, 182 .queue_xmit = dev_queue_xmit, 183}; 184 185const struct neigh_ops arp_broken_ops = { 186 .family = AF_INET, 187 .solicit = arp_solicit, 188 .error_report = arp_error_report, 189 .output = neigh_compat_output, 190 .connected_output = neigh_compat_output, 191 .hh_output = dev_queue_xmit, 192 .queue_xmit = dev_queue_xmit, 193}; 194EXPORT_SYMBOL(arp_broken_ops); 195 196struct neigh_table arp_tbl = { 197 .family = AF_INET, 198 .entry_size = sizeof(struct neighbour) + 4, 199 .key_len = 4, 200 .hash = arp_hash, 201 .constructor = arp_constructor, 202 .proxy_redo = parp_redo, 203 .id = "arp_cache", 204 .parms = { 205 .tbl = &arp_tbl, 206 .base_reachable_time = 30 * HZ, 207 .retrans_time = 1 * HZ, 208 .gc_staletime = 60 * HZ, 209 .reachable_time = 30 * HZ, 210 .delay_probe_time = 5 * HZ, 211 .queue_len = 3, 212 .ucast_probes = 3, 213 .mcast_probes = 3, 214 .anycast_delay = 1 * HZ, 215 .proxy_delay = (8 * HZ) / 10, 216 .proxy_qlen = 64, 217 .locktime = 1 * HZ, 218 }, 219 .gc_interval = 30 * HZ, 220 .gc_thresh1 = 128, 221 .gc_thresh2 = 512, 222 .gc_thresh3 = 1024, 223}; 224EXPORT_SYMBOL(arp_tbl); 225 226int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir) 227{ 228 switch (dev->type) { 229 case ARPHRD_ETHER: 230 case ARPHRD_FDDI: 231 case ARPHRD_IEEE802: 232 ip_eth_mc_map(addr, haddr); 233 return 0; 234 case ARPHRD_IEEE802_TR: 235 ip_tr_mc_map(addr, haddr); 236 return 0; 237 case ARPHRD_INFINIBAND: 238 ip_ib_mc_map(addr, dev->broadcast, haddr); 239 return 0; 240 default: 241 if (dir) { 242 memcpy(haddr, dev->broadcast, dev->addr_len); 243 return 0; 244 } 245 } 246 return -EINVAL; 247} 248 249 250static u32 arp_hash(const void *pkey, const struct net_device *dev) 251{ 252 return jhash_2words(*(u32 *)pkey, dev->ifindex, arp_tbl.hash_rnd); 253} 254 255static int arp_constructor(struct neighbour *neigh) 256{ 257 __be32 addr = *(__be32*)neigh->primary_key; 258 struct net_device *dev = neigh->dev; 259 struct in_device *in_dev; 260 struct neigh_parms *parms; 261 262 rcu_read_lock(); 263 in_dev = __in_dev_get_rcu(dev); 264 if (in_dev == NULL) { 265 rcu_read_unlock(); 266 return -EINVAL; 267 } 268 269 neigh->type = inet_addr_type(dev_net(dev), addr); 270 271 parms = in_dev->arp_parms; 272 __neigh_parms_put(neigh->parms); 273 neigh->parms = neigh_parms_clone(parms); 274 rcu_read_unlock(); 275 276 if (!dev->header_ops) { 277 neigh->nud_state = NUD_NOARP; 278 neigh->ops = &arp_direct_ops; 279 neigh->output = neigh->ops->queue_xmit; 280 } else { 281 /* Good devices (checked by reading texts, but only Ethernet is 282 tested) 283 284 ARPHRD_ETHER: (ethernet, apfddi) 285 ARPHRD_FDDI: (fddi) 286 ARPHRD_IEEE802: (tr) 287 ARPHRD_METRICOM: (strip) 288 ARPHRD_ARCNET: 289 etc. etc. etc. 290 291 ARPHRD_IPDDP will also work, if author repairs it. 292 I did not it, because this driver does not work even 293 in old paradigm. 294 */ 295 296 /* So... these "amateur" devices are hopeless. 297 The only thing, that I can say now: 298 It is very sad that we need to keep ugly obsolete 299 code to make them happy. 300 301 They should be moved to more reasonable state, now 302 they use rebuild_header INSTEAD OF hard_start_xmit!!! 303 Besides that, they are sort of out of date 304 (a lot of redundant clones/copies, useless in 2.1), 305 I wonder why people believe that they work. 306 */ 307 switch (dev->type) { 308 default: 309 break; 310 case ARPHRD_ROSE: 311#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE) 312 case ARPHRD_AX25: 313#if defined(CONFIG_NETROM) || defined(CONFIG_NETROM_MODULE) 314 case ARPHRD_NETROM: 315#endif 316 neigh->ops = &arp_broken_ops; 317 neigh->output = neigh->ops->output; 318 return 0; 319#endif 320 ;} 321 if (neigh->type == RTN_MULTICAST) { 322 neigh->nud_state = NUD_NOARP; 323 arp_mc_map(addr, neigh->ha, dev, 1); 324 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) { 325 neigh->nud_state = NUD_NOARP; 326 memcpy(neigh->ha, dev->dev_addr, dev->addr_len); 327 } else if (neigh->type == RTN_BROADCAST || dev->flags&IFF_POINTOPOINT) { 328 neigh->nud_state = NUD_NOARP; 329 memcpy(neigh->ha, dev->broadcast, dev->addr_len); 330 } 331 332 if (dev->header_ops->cache) 333 neigh->ops = &arp_hh_ops; 334 else 335 neigh->ops = &arp_generic_ops; 336 337 if (neigh->nud_state&NUD_VALID) 338 neigh->output = neigh->ops->connected_output; 339 else 340 neigh->output = neigh->ops->output; 341 } 342 return 0; 343} 344 345static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb) 346{ 347 dst_link_failure(skb); 348 kfree_skb(skb); 349} 350 351static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb) 352{ 353 __be32 saddr = 0; 354 u8 *dst_ha = NULL; 355 struct net_device *dev = neigh->dev; 356 __be32 target = *(__be32*)neigh->primary_key; 357 int probes = atomic_read(&neigh->probes); 358 struct in_device *in_dev; 359 360 rcu_read_lock(); 361 in_dev = __in_dev_get_rcu(dev); 362 if (!in_dev) { 363 rcu_read_unlock(); 364 return; 365 } 366 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) { 367 default: 368 case 0: /* By default announce any local IP */ 369 if (skb && inet_addr_type(dev_net(dev), ip_hdr(skb)->saddr) == RTN_LOCAL) 370 saddr = ip_hdr(skb)->saddr; 371 break; 372 case 1: /* Restrict announcements of saddr in same subnet */ 373 if (!skb) 374 break; 375 saddr = ip_hdr(skb)->saddr; 376 if (inet_addr_type(dev_net(dev), saddr) == RTN_LOCAL) { 377 /* saddr should be known to target */ 378 if (inet_addr_onlink(in_dev, target, saddr)) 379 break; 380 } 381 saddr = 0; 382 break; 383 case 2: /* Avoid secondary IPs, get a primary/preferred one */ 384 break; 385 } 386 rcu_read_unlock(); 387 388 if (!saddr) 389 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK); 390 391 if ((probes -= neigh->parms->ucast_probes) < 0) { 392 if (!(neigh->nud_state&NUD_VALID)) 393 printk(KERN_DEBUG "trying to ucast probe in NUD_INVALID\n"); 394 dst_ha = neigh->ha; 395 read_lock_bh(&neigh->lock); 396 } else if ((probes -= neigh->parms->app_probes) < 0) { 397#ifdef CONFIG_ARPD 398 neigh_app_ns(neigh); 399#endif 400 return; 401 } 402 403 arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr, 404 dst_ha, dev->dev_addr, NULL); 405 if (dst_ha) 406 read_unlock_bh(&neigh->lock); 407} 408 409static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip) 410{ 411 int scope; 412 413 switch (IN_DEV_ARP_IGNORE(in_dev)) { 414 case 0: /* Reply, the tip is already validated */ 415 return 0; 416 case 1: /* Reply only if tip is configured on the incoming interface */ 417 sip = 0; 418 scope = RT_SCOPE_HOST; 419 break; 420 case 2: /* 421 * Reply only if tip is configured on the incoming interface 422 * and is in same subnet as sip 423 */ 424 scope = RT_SCOPE_HOST; 425 break; 426 case 3: /* Do not reply for scope host addresses */ 427 sip = 0; 428 scope = RT_SCOPE_LINK; 429 break; 430 case 4: /* Reserved */ 431 case 5: 432 case 6: 433 case 7: 434 return 0; 435 case 8: /* Do not reply */ 436 return 1; 437 default: 438 return 0; 439 } 440 return !inet_confirm_addr(in_dev, sip, tip, scope); 441} 442 443static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev) 444{ 445 struct flowi fl = { .nl_u = { .ip4_u = { .daddr = sip, 446 .saddr = tip } } }; 447 struct rtable *rt; 448 int flag = 0; 449 /*unsigned long now; */ 450 struct net *net = dev_net(dev); 451 452 if (ip_route_output_key(net, &rt, &fl) < 0) 453 return 1; 454 if (rt->dst.dev != dev) { 455 NET_INC_STATS_BH(net, LINUX_MIB_ARPFILTER); 456 flag = 1; 457 } 458 ip_rt_put(rt); 459 return flag; 460} 461 462/* OBSOLETE FUNCTIONS */ 463 464/* 465 * Find an arp mapping in the cache. If not found, post a request. 466 * 467 * It is very UGLY routine: it DOES NOT use skb->dst->neighbour, 468 * even if it exists. It is supposed that skb->dev was mangled 469 * by a virtual device (eql, shaper). Nobody but broken devices 470 * is allowed to use this function, it is scheduled to be removed. --ANK 471 */ 472 473static int arp_set_predefined(int addr_hint, unsigned char * haddr, __be32 paddr, struct net_device * dev) 474{ 475 switch (addr_hint) { 476 case RTN_LOCAL: 477 printk(KERN_DEBUG "ARP: arp called for own IP address\n"); 478 memcpy(haddr, dev->dev_addr, dev->addr_len); 479 return 1; 480 case RTN_MULTICAST: 481 arp_mc_map(paddr, haddr, dev, 1); 482 return 1; 483 case RTN_BROADCAST: 484 memcpy(haddr, dev->broadcast, dev->addr_len); 485 return 1; 486 } 487 return 0; 488} 489 490 491int arp_find(unsigned char *haddr, struct sk_buff *skb) 492{ 493 struct net_device *dev = skb->dev; 494 __be32 paddr; 495 struct neighbour *n; 496 497 if (!skb_dst(skb)) { 498 printk(KERN_DEBUG "arp_find is called with dst==NULL\n"); 499 kfree_skb(skb); 500 return 1; 501 } 502 503 paddr = skb_rtable(skb)->rt_gateway; 504 505 if (arp_set_predefined(inet_addr_type(dev_net(dev), paddr), haddr, paddr, dev)) 506 return 0; 507 508 n = __neigh_lookup(&arp_tbl, &paddr, dev, 1); 509 510 if (n) { 511 n->used = jiffies; 512 if (n->nud_state&NUD_VALID || neigh_event_send(n, skb) == 0) { 513 read_lock_bh(&n->lock); 514 memcpy(haddr, n->ha, dev->addr_len); 515 read_unlock_bh(&n->lock); 516 neigh_release(n); 517 return 0; 518 } 519 neigh_release(n); 520 } else 521 kfree_skb(skb); 522 return 1; 523} 524EXPORT_SYMBOL(arp_find); 525 526/* END OF OBSOLETE FUNCTIONS */ 527 528int arp_bind_neighbour(struct dst_entry *dst) 529{ 530 struct net_device *dev = dst->dev; 531 struct neighbour *n = dst->neighbour; 532 533 if (dev == NULL) 534 return -EINVAL; 535 if (n == NULL) { 536 __be32 nexthop = ((struct rtable *)dst)->rt_gateway; 537 if (dev->flags&(IFF_LOOPBACK|IFF_POINTOPOINT)) 538 nexthop = 0; 539 n = __neigh_lookup_errno( 540#if defined(CONFIG_ATM_CLIP) || defined(CONFIG_ATM_CLIP_MODULE) 541 dev->type == ARPHRD_ATM ? clip_tbl_hook : 542#endif 543 &arp_tbl, &nexthop, dev); 544 if (IS_ERR(n)) 545 return PTR_ERR(n); 546 dst->neighbour = n; 547 } 548 return 0; 549} 550 551/* 552 * Check if we can use proxy ARP for this path 553 */ 554static inline int arp_fwd_proxy(struct in_device *in_dev, 555 struct net_device *dev, struct rtable *rt) 556{ 557 struct in_device *out_dev; 558 int imi, omi = -1; 559 560 if (rt->dst.dev == dev) 561 return 0; 562 563 if (!IN_DEV_PROXY_ARP(in_dev)) 564 return 0; 565 566 if ((imi = IN_DEV_MEDIUM_ID(in_dev)) == 0) 567 return 1; 568 if (imi == -1) 569 return 0; 570 571 /* place to check for proxy_arp for routes */ 572 573 out_dev = __in_dev_get_rcu(rt->dst.dev); 574 if (out_dev) 575 omi = IN_DEV_MEDIUM_ID(out_dev); 576 577 return (omi != imi && omi != -1); 578} 579 580/* 581 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev) 582 * 583 * RFC3069 supports proxy arp replies back to the same interface. This 584 * is done to support (ethernet) switch features, like RFC 3069, where 585 * the individual ports are not allowed to communicate with each 586 * other, BUT they are allowed to talk to the upstream router. As 587 * described in RFC 3069, it is possible to allow these hosts to 588 * communicate through the upstream router, by proxy_arp'ing. 589 * 590 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation" 591 * 592 * This technology is known by different names: 593 * In RFC 3069 it is called VLAN Aggregation. 594 * Cisco and Allied Telesyn call it Private VLAN. 595 * Hewlett-Packard call it Source-Port filtering or port-isolation. 596 * Ericsson call it MAC-Forced Forwarding (RFC Draft). 597 * 598 */ 599static inline int arp_fwd_pvlan(struct in_device *in_dev, 600 struct net_device *dev, struct rtable *rt, 601 __be32 sip, __be32 tip) 602{ 603 /* Private VLAN is only concerned about the same ethernet segment */ 604 if (rt->dst.dev != dev) 605 return 0; 606 607 /* Don't reply on self probes (often done by windowz boxes)*/ 608 if (sip == tip) 609 return 0; 610 611 if (IN_DEV_PROXY_ARP_PVLAN(in_dev)) 612 return 1; 613 else 614 return 0; 615} 616 617/* 618 * Interface to link layer: send routine and receive handler. 619 */ 620 621/* 622 * Create an arp packet. If (dest_hw == NULL), we create a broadcast 623 * message. 624 */ 625struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip, 626 struct net_device *dev, __be32 src_ip, 627 const unsigned char *dest_hw, 628 const unsigned char *src_hw, 629 const unsigned char *target_hw) 630{ 631 struct sk_buff *skb; 632 struct arphdr *arp; 633 unsigned char *arp_ptr; 634 635 /* 636 * Allocate a buffer 637 */ 638 639 skb = alloc_skb(arp_hdr_len(dev) + LL_ALLOCATED_SPACE(dev), GFP_ATOMIC); 640 if (skb == NULL) 641 return NULL; 642 643 skb_reserve(skb, LL_RESERVED_SPACE(dev)); 644 skb_reset_network_header(skb); 645 arp = (struct arphdr *) skb_put(skb, arp_hdr_len(dev)); 646 skb->dev = dev; 647 skb->protocol = htons(ETH_P_ARP); 648 if (src_hw == NULL) 649 src_hw = dev->dev_addr; 650 if (dest_hw == NULL) 651 dest_hw = dev->broadcast; 652 653 /* 654 * Fill the device header for the ARP frame 655 */ 656 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0) 657 goto out; 658 659 /* 660 * Fill out the arp protocol part. 661 * 662 * The arp hardware type should match the device type, except for FDDI, 663 * which (according to RFC 1390) should always equal 1 (Ethernet). 664 */ 665 /* 666 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the 667 * DIX code for the protocol. Make these device structure fields. 668 */ 669 switch (dev->type) { 670 default: 671 arp->ar_hrd = htons(dev->type); 672 arp->ar_pro = htons(ETH_P_IP); 673 break; 674 675#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE) 676 case ARPHRD_AX25: 677 arp->ar_hrd = htons(ARPHRD_AX25); 678 arp->ar_pro = htons(AX25_P_IP); 679 break; 680 681#if defined(CONFIG_NETROM) || defined(CONFIG_NETROM_MODULE) 682 case ARPHRD_NETROM: 683 arp->ar_hrd = htons(ARPHRD_NETROM); 684 arp->ar_pro = htons(AX25_P_IP); 685 break; 686#endif 687#endif 688 689#if defined(CONFIG_FDDI) || defined(CONFIG_FDDI_MODULE) 690 case ARPHRD_FDDI: 691 arp->ar_hrd = htons(ARPHRD_ETHER); 692 arp->ar_pro = htons(ETH_P_IP); 693 break; 694#endif 695#if defined(CONFIG_TR) || defined(CONFIG_TR_MODULE) 696 case ARPHRD_IEEE802_TR: 697 arp->ar_hrd = htons(ARPHRD_IEEE802); 698 arp->ar_pro = htons(ETH_P_IP); 699 break; 700#endif 701 } 702 703 arp->ar_hln = dev->addr_len; 704 arp->ar_pln = 4; 705 arp->ar_op = htons(type); 706 707 arp_ptr=(unsigned char *)(arp+1); 708 709 memcpy(arp_ptr, src_hw, dev->addr_len); 710 arp_ptr += dev->addr_len; 711 memcpy(arp_ptr, &src_ip, 4); 712 arp_ptr += 4; 713 if (target_hw != NULL) 714 memcpy(arp_ptr, target_hw, dev->addr_len); 715 else 716 memset(arp_ptr, 0, dev->addr_len); 717 arp_ptr += dev->addr_len; 718 memcpy(arp_ptr, &dest_ip, 4); 719 720 return skb; 721 722out: 723 kfree_skb(skb); 724 return NULL; 725} 726EXPORT_SYMBOL(arp_create); 727 728/* 729 * Send an arp packet. 730 */ 731void arp_xmit(struct sk_buff *skb) 732{ 733 /* Send it off, maybe filter it using firewalling first. */ 734 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, skb, NULL, skb->dev, dev_queue_xmit); 735} 736EXPORT_SYMBOL(arp_xmit); 737 738/* 739 * Create and send an arp packet. 740 */ 741void arp_send(int type, int ptype, __be32 dest_ip, 742 struct net_device *dev, __be32 src_ip, 743 const unsigned char *dest_hw, const unsigned char *src_hw, 744 const unsigned char *target_hw) 745{ 746 struct sk_buff *skb; 747 748 /* 749 * No arp on this interface. 750 */ 751 752 if (dev->flags&IFF_NOARP) 753 return; 754 /* Foxconn added start pling 03/25/2011 */ 755 /* If we are using auto IP, the ARP reply should be in Broadcast */ 756 if (type == ARPOP_REPLY && 757 ((htonl(src_ip) & 0xFFFF0000) == 0xa9fe0000)) 758 skb = arp_create(type, ptype, dest_ip, dev, src_ip, 759 NULL, src_hw, target_hw); 760 else 761 /* Foxconn added end pling 03/25/2011 */ 762 763 skb = arp_create(type, ptype, dest_ip, dev, src_ip, 764 dest_hw, src_hw, target_hw); 765 if (skb == NULL) { 766 return; 767 } 768 769 arp_xmit(skb); 770} 771EXPORT_SYMBOL(arp_send); 772 773/* 774 * Process an arp request. 775 */ 776 777static int arp_process(struct sk_buff *skb) 778{ 779 struct net_device *dev = skb->dev; 780 /* foxconn wklin added, 2010/06/15 @attach_dev */ 781 struct net_device *bridge_indev = NULL; 782 struct in_device *in_dev = __in_dev_get_rcu(dev); 783 struct arphdr *arp; 784 unsigned char *arp_ptr; 785 struct rtable *rt; 786 unsigned char *sha; 787 __be32 sip, tip; 788 u16 dev_type = dev->type; 789 int addr_type; 790 struct neighbour *n; 791 struct net *net = dev_net(dev); 792 793 /* arp_rcv below verifies the ARP header and verifies the device 794 * is ARP'able. 795 */ 796 797 if (in_dev == NULL) 798 goto out; 799 800 /* foxconn wklin added, 2010/06/15 @attach_dev */ 801 bridge_indev = *(pp_bridge_indev(skb)); 802 arp = arp_hdr(skb); 803 804 switch (dev_type) { 805 default: 806 if (arp->ar_pro != htons(ETH_P_IP) || 807 htons(dev_type) != arp->ar_hrd) 808 goto out; 809 break; 810 case ARPHRD_ETHER: 811 case ARPHRD_IEEE802_TR: 812 case ARPHRD_FDDI: 813 case ARPHRD_IEEE802: 814 /* 815 * ETHERNET, Token Ring and Fibre Channel (which are IEEE 802 816 * devices, according to RFC 2625) devices will accept ARP 817 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2). 818 * This is the case also of FDDI, where the RFC 1390 says that 819 * FDDI devices should accept ARP hardware of (1) Ethernet, 820 * however, to be more robust, we'll accept both 1 (Ethernet) 821 * or 6 (IEEE 802.2) 822 */ 823 if ((arp->ar_hrd != htons(ARPHRD_ETHER) && 824 arp->ar_hrd != htons(ARPHRD_IEEE802)) || 825 arp->ar_pro != htons(ETH_P_IP)) 826 goto out; 827 break; 828 case ARPHRD_AX25: 829 if (arp->ar_pro != htons(AX25_P_IP) || 830 arp->ar_hrd != htons(ARPHRD_AX25)) 831 goto out; 832 break; 833 case ARPHRD_NETROM: 834 if (arp->ar_pro != htons(AX25_P_IP) || 835 arp->ar_hrd != htons(ARPHRD_NETROM)) 836 goto out; 837 break; 838 } 839 840 /* Understand only these message types */ 841 842 if (arp->ar_op != htons(ARPOP_REPLY) && 843 arp->ar_op != htons(ARPOP_REQUEST)) 844 goto out; 845 846/* 847 * Extract fields 848 */ 849 arp_ptr= (unsigned char *)(arp+1); 850 sha = arp_ptr; 851 arp_ptr += dev->addr_len; 852 memcpy(&sip, arp_ptr, 4); 853 arp_ptr += 4; 854 arp_ptr += dev->addr_len; 855 memcpy(&tip, arp_ptr, 4); 856/* 857 * Check for bad requests for 127.x.x.x and requests for multicast 858 * addresses. If this is one such, delete it. 859 */ 860 if (ipv4_is_loopback(tip) || ipv4_is_multicast(tip)) 861 goto out; 862 863/* 864 * Special case: We must set Frame Relay source Q.922 address 865 */ 866 if (dev_type == ARPHRD_DLCI) 867 sha = dev->broadcast; 868 869/* 870 * Process entry. The idea here is we want to send a reply if it is a 871 * request for us or if it is a request for someone else that we hold 872 * a proxy for. We want to add an entry to our cache if it is a reply 873 * to us or if it is a request for our address. 874 * (The assumption for this last is that if someone is requesting our 875 * address, they are probably intending to talk to us, so it saves time 876 * if we cache their address. Their address is also probably not in 877 * our cache, since ours is not in their cache.) 878 * 879 * Putting this another way, we only care about replies if they are to 880 * us, in which case we add them to the cache. For requests, we care 881 * about those for us and those for our proxies. We reply to both, 882 * and in the case of requests for us we add the requester to the arp 883 * cache. 884 */ 885 886 /* Special case: IPv4 duplicate address detection packet (RFC2131) */ 887 if (sip == 0) { 888 if (arp->ar_op == htons(ARPOP_REQUEST) && 889 inet_addr_type(net, tip) == RTN_LOCAL && 890 !arp_ignore(in_dev, sip, tip)) 891 arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha, 892 dev->dev_addr, sha); 893 goto out; 894 } 895 896 /* foxconn wklin modified sart, 02/02/2007 */ 897#define ATTADEV 898#ifdef ATTADEV 899 /*Foxconn modify start by Hank 08/10/2012 */ 900 /*kernel function be modified*/ 901 if ((arp->ar_op == htons(ARPOP_REQUEST) || arp->ar_op == htons(ARPOP_REPLY)) 902 && inet_addr_type(net,sip)==RTN_UNICAST && memcmp(dev->name,"br0", 3) == 0) { 903 /*Foxconn modify end by Hank 08/10/2012 */ 904 /* foxconn wklin modified start, 2010/06/15 @attach_dev */ 905 //static int attadev_update(u32 sip, char *sha, struct net_device *indev); 906 attadev_update(sip, sha, bridge_indev); 907 /* Foxconn tab tseng added, 2013/05/27, for xbox qos */ 908 g_updated = 1; 909 /* foxconn wklin modified end, 2010/06/15 */ 910 } 911#endif 912 /* foxconn wklin modified end, 02/02/2007 */ 913 /*fxcn added by dennis start,01/02/2013,@ ap mode detection*/ 914#ifdef INCLUDE_DETECT_AP_MODE 915 if ((arp->ar_op == htons(ARPOP_REQUEST) || arp->ar_op == htons(ARPOP_REPLY)) 916 && inet_addr_type(net,sip)==RTN_UNICAST && (memcmp(dev->name,"eth0", 4) == 0||memcmp(dev->name,"vlan2", 5) == 0)) { 917 wandev_update(sip, sha, bridge_indev); 918 } 919#endif 920 /* fxcn added by dennis end,01/02/2013, */ 921/*foxconn add start,edward zhang, 2012/11/16 @arp protection*/ 922#ifdef ARP_PROTECTION 923 924 if(!strcmp(skb->dev->name, "br0") && !strcmp(arp_profile.enable,"enable")) 925 { 926 unsigned char mac[64] = ""; 927 unsigned char ip[16] = ""; 928 int need_drop = 1; 929 int i; 930 sprintf(mac,"%02x:%02x:%02x:%02x:%02x:%02x",sha[0],sha[1],sha[2],sha[3],sha[4],sha[5]); 931 sprintf(ip,"%08x",ntohl(sip)); 932 //printk("ip:%s mac:%s\n",ip,mac); 933 for(i=0 ;i<arp_profile.numResrvAddr ; i++) 934 { 935 if(strcmp(arp_profile.resrvIpAddr[i],ip)) 936 continue; 937 else if(!strcmp(arp_profile.resrvMacAddr[i],mac)) 938 { 939 need_drop = 0; 940 break; 941 } 942 943 } 944 if(need_drop) 945 goto out; 946 } 947#endif 948/*foxconn add end,edward zhang, 2012/11/16 @arp protection*/ 949 950 if (arp->ar_op == htons(ARPOP_REQUEST) && 951 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) { 952 953 rt = skb_rtable(skb); 954 addr_type = rt->rt_type; 955 956 if (addr_type == RTN_LOCAL) { 957 int dont_send = 0; 958 959 if (!dont_send) 960 dont_send |= arp_ignore(in_dev,sip,tip); 961 if (!dont_send && IN_DEV_ARPFILTER(in_dev)) 962 dont_send |= arp_filter(sip,tip,dev); 963 if (!dont_send) { 964 n = neigh_event_ns(&arp_tbl, sha, &sip, dev); 965 if (n) { 966 arp_send(ARPOP_REPLY,ETH_P_ARP,sip,dev,tip,sha,dev->dev_addr,sha); 967 neigh_release(n); 968 } 969 } 970 goto out; 971 } else if (IN_DEV_FORWARD(in_dev)) { 972 if (addr_type == RTN_UNICAST && 973 (arp_fwd_proxy(in_dev, dev, rt) || 974 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) || 975 pneigh_lookup(&arp_tbl, net, &tip, dev, 0))) 976 { 977 n = neigh_event_ns(&arp_tbl, sha, &sip, dev); 978 if (n) 979 neigh_release(n); 980 981 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED || 982 skb->pkt_type == PACKET_HOST || 983 in_dev->arp_parms->proxy_delay == 0) { 984 arp_send(ARPOP_REPLY,ETH_P_ARP,sip,dev,tip,sha,dev->dev_addr,sha); 985 } else { 986 pneigh_enqueue(&arp_tbl, in_dev->arp_parms, skb); 987 return 0; 988 } 989 goto out; 990 } 991 } 992 } 993/* Foxconn add start, Edward zhang, 09/14/2012, @add ARP PROTECTION support for RU SKU*/ 994#ifdef ARP_PROTECTION 995 996 if(!strcmp(skb->dev->name, "br0") && !strcmp(arp_profile.enable,"enable")) 997 goto out; 998#endif 999/* Foxconn add end, Edward zhang, 09/14/2012, @add ARP PROTECTION support for RU SKU*/ 1000 /* Update our ARP tables */ 1001 1002 n = __neigh_lookup(&arp_tbl, &sip, dev, 0); 1003 1004 if (IPV4_DEVCONF_ALL(dev_net(dev), ARP_ACCEPT)) { 1005 /* Unsolicited ARP is not accepted by default. 1006 It is possible, that this option should be enabled for some 1007 devices (strip is candidate) 1008 */ 1009 if (n == NULL && 1010 (arp->ar_op == htons(ARPOP_REPLY) || 1011 (arp->ar_op == htons(ARPOP_REQUEST) && tip == sip)) && 1012 inet_addr_type(net, sip) == RTN_UNICAST) 1013 n = __neigh_lookup(&arp_tbl, &sip, dev, 1); 1014 } 1015 1016 if (n) { 1017 int state = NUD_REACHABLE; 1018 int override; 1019 1020 /* If several different ARP replies follows back-to-back, 1021 use the FIRST one. It is possible, if several proxy 1022 agents are active. Taking the first reply prevents 1023 arp trashing and chooses the fastest router. 1024 */ 1025 override = time_after(jiffies, n->updated + n->parms->locktime); 1026 1027 /* Broadcast replies and request packets 1028 do not assert neighbour reachability. 1029 */ 1030 if (arp->ar_op != htons(ARPOP_REPLY) || 1031 skb->pkt_type != PACKET_HOST) 1032 state = NUD_STALE; 1033 neigh_update(n, sha, state, override ? NEIGH_UPDATE_F_OVERRIDE : 0); 1034 neigh_release(n); 1035 } 1036 1037out: 1038 consume_skb(skb); 1039 return 0; 1040} 1041 1042static void parp_redo(struct sk_buff *skb) 1043{ 1044 arp_process(skb); 1045} 1046 1047 1048/* 1049 * Receive an arp request from the device layer. 1050 */ 1051 1052static int arp_rcv(struct sk_buff *skb, struct net_device *dev, 1053 struct packet_type *pt, struct net_device *orig_dev) 1054{ 1055 struct arphdr *arp; 1056 1057 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */ 1058 if (!pskb_may_pull(skb, arp_hdr_len(dev))) 1059 goto freeskb; 1060 1061 arp = arp_hdr(skb); 1062 if (arp->ar_hln != dev->addr_len || 1063 dev->flags & IFF_NOARP || 1064 skb->pkt_type == PACKET_OTHERHOST || 1065 skb->pkt_type == PACKET_LOOPBACK || 1066 arp->ar_pln != 4) 1067 goto freeskb; 1068 1069 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) 1070 goto out_of_mem; 1071 1072 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb)); 1073 1074 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, skb, dev, NULL, arp_process); 1075 1076freeskb: 1077 kfree_skb(skb); 1078out_of_mem: 1079 return 0; 1080} 1081 1082/* 1083 * User level interface (ioctl) 1084 */ 1085 1086/* 1087 * Set (create) an ARP cache entry. 1088 */ 1089 1090static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on) 1091{ 1092 if (dev == NULL) { 1093 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on; 1094 return 0; 1095 } 1096 if (__in_dev_get_rtnl(dev)) { 1097 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on); 1098 return 0; 1099 } 1100 return -ENXIO; 1101} 1102 1103static int arp_req_set_public(struct net *net, struct arpreq *r, 1104 struct net_device *dev) 1105{ 1106 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 1107 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr; 1108 1109 if (mask && mask != htonl(0xFFFFFFFF)) 1110 return -EINVAL; 1111 if (!dev && (r->arp_flags & ATF_COM)) { 1112 dev = dev_getbyhwaddr(net, r->arp_ha.sa_family, 1113 r->arp_ha.sa_data); 1114 if (!dev) 1115 return -ENODEV; 1116 } 1117 if (mask) { 1118 if (pneigh_lookup(&arp_tbl, net, &ip, dev, 1) == NULL) 1119 return -ENOBUFS; 1120 return 0; 1121 } 1122 1123 return arp_req_set_proxy(net, dev, 1); 1124} 1125 1126static int arp_req_set(struct net *net, struct arpreq *r, 1127 struct net_device * dev) 1128{ 1129 __be32 ip; 1130 struct neighbour *neigh; 1131 int err; 1132 1133 if (r->arp_flags & ATF_PUBL) 1134 return arp_req_set_public(net, r, dev); 1135 1136 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 1137 if (r->arp_flags & ATF_PERM) 1138 r->arp_flags |= ATF_COM; 1139 if (dev == NULL) { 1140 struct flowi fl = { .nl_u = { .ip4_u = { .daddr = ip, 1141 .tos = RTO_ONLINK } } }; 1142 struct rtable * rt; 1143 if ((err = ip_route_output_key(net, &rt, &fl)) != 0) 1144 return err; 1145 dev = rt->dst.dev; 1146 ip_rt_put(rt); 1147 if (!dev) 1148 return -EINVAL; 1149 } 1150 switch (dev->type) { 1151#if defined(CONFIG_FDDI) || defined(CONFIG_FDDI_MODULE) 1152 case ARPHRD_FDDI: 1153 /* 1154 * According to RFC 1390, FDDI devices should accept ARP 1155 * hardware types of 1 (Ethernet). However, to be more 1156 * robust, we'll accept hardware types of either 1 (Ethernet) 1157 * or 6 (IEEE 802.2). 1158 */ 1159 if (r->arp_ha.sa_family != ARPHRD_FDDI && 1160 r->arp_ha.sa_family != ARPHRD_ETHER && 1161 r->arp_ha.sa_family != ARPHRD_IEEE802) 1162 return -EINVAL; 1163 break; 1164#endif 1165 default: 1166 if (r->arp_ha.sa_family != dev->type) 1167 return -EINVAL; 1168 break; 1169 } 1170 1171 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev); 1172 err = PTR_ERR(neigh); 1173 if (!IS_ERR(neigh)) { 1174 unsigned state = NUD_STALE; 1175 if (r->arp_flags & ATF_PERM) 1176 state = NUD_PERMANENT; 1177 err = neigh_update(neigh, (r->arp_flags&ATF_COM) ? 1178 r->arp_ha.sa_data : NULL, state, 1179 NEIGH_UPDATE_F_OVERRIDE| 1180 NEIGH_UPDATE_F_ADMIN); 1181 neigh_release(neigh); 1182 } 1183 return err; 1184} 1185 1186static unsigned arp_state_to_flags(struct neighbour *neigh) 1187{ 1188 unsigned flags = 0; 1189 if (neigh->nud_state&NUD_PERMANENT) 1190 flags = ATF_PERM|ATF_COM; 1191 else if (neigh->nud_state&NUD_VALID) 1192 flags = ATF_COM; 1193 return flags; 1194} 1195 1196/* 1197 * Get an ARP cache entry. 1198 */ 1199 1200static int arp_req_get(struct arpreq *r, struct net_device *dev) 1201{ 1202 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr; 1203 struct neighbour *neigh; 1204 int err = -ENXIO; 1205 1206 neigh = neigh_lookup(&arp_tbl, &ip, dev); 1207 if (neigh) { 1208 read_lock_bh(&neigh->lock); 1209 memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len); 1210 r->arp_flags = arp_state_to_flags(neigh); 1211 read_unlock_bh(&neigh->lock); 1212 r->arp_ha.sa_family = dev->type; 1213 strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev)); 1214 neigh_release(neigh); 1215 err = 0; 1216 } 1217 return err; 1218} 1219 1220static int arp_req_delete_public(struct net *net, struct arpreq *r, 1221 struct net_device *dev) 1222{ 1223 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr; 1224 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr; 1225 1226 if (mask == htonl(0xFFFFFFFF)) 1227 return pneigh_delete(&arp_tbl, net, &ip, dev); 1228 1229 if (mask) 1230 return -EINVAL; 1231 1232 return arp_req_set_proxy(net, dev, 0); 1233} 1234 1235static int arp_req_delete(struct net *net, struct arpreq *r, 1236 struct net_device * dev) 1237{ 1238 int err; 1239 __be32 ip; 1240 struct neighbour *neigh; 1241 1242 if (r->arp_flags & ATF_PUBL) 1243 return arp_req_delete_public(net, r, dev); 1244 1245 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; 1246 if (dev == NULL) { 1247 struct flowi fl = { .nl_u = { .ip4_u = { .daddr = ip, 1248 .tos = RTO_ONLINK } } }; 1249 struct rtable * rt; 1250 if ((err = ip_route_output_key(net, &rt, &fl)) != 0) 1251 return err; 1252 dev = rt->dst.dev; 1253 ip_rt_put(rt); 1254 if (!dev) 1255 return -EINVAL; 1256 } 1257 err = -ENXIO; 1258 neigh = neigh_lookup(&arp_tbl, &ip, dev); 1259 if (neigh) { 1260 if (neigh->nud_state&~NUD_NOARP) 1261 err = neigh_update(neigh, NULL, NUD_FAILED, 1262 NEIGH_UPDATE_F_OVERRIDE| 1263 NEIGH_UPDATE_F_ADMIN); 1264 neigh_release(neigh); 1265 } 1266 return err; 1267} 1268 1269/* 1270 * Handle an ARP layer I/O control request. 1271 */ 1272 1273int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg) 1274{ 1275/*foxconn add start,edward zhang, 2012/11/16 @arp protection*/ 1276#ifdef ARP_PROTECTION 1277 unsigned long args[1]; 1278 int i; 1279 1280 if (copy_from_user(args, arg, sizeof(args))) 1281 return -EFAULT; 1282#endif 1283/*foxconn add start,edward zhang, 2012/11/16 @arp protection*/ 1284 int err,b_updated; 1285 struct arpreq r; 1286 struct net_device *dev = NULL; 1287 1288 switch (cmd) { 1289 case SIOCDARP: 1290 case SIOCSARP: 1291 if (!capable(CAP_NET_ADMIN)) 1292 return -EPERM; 1293 case SIOCGARP: 1294 err = copy_from_user(&r, arg, sizeof(struct arpreq)); 1295 if (err) 1296 return -EFAULT; 1297 break; 1298 /* Foxconn tab tseng added, 2013/05/27, for xbox qos */ 1299 case SIOCPIDARP: 1300 err = copy_from_user(&g_pid, arg, sizeof(int)); 1301 if (err) 1302 return -EFAULT; 1303 b_updated=g_updated; 1304 g_updated=0; 1305 return b_updated; 1306 break; 1307 /* Foxconn tab tseng added end, 2013/05/27, for xbox qos */ 1308/*foxconn add start,edward zhang, 2012/11/16 @arp protection*/ 1309#ifdef ARP_PROTECTION 1310 case SIOCREJARP: 1311 printk("<0>%s %d\n",__FUNCTION__,__LINE__); 1312 if(copy_from_user(&arp_profile, (void __user *)args[0], sizeof(T_ArpCtlProfile))) 1313 { 1314 //printk("<0>number1:%d,enable:%s\n",arp_profile.numResrvAddr,arp_profile.enable); 1315 return -EFAULT; 1316 } 1317 /*printk("<0>number:%d,enable:%s\n",arp_profile.numResrvAddr,arp_profile.enable); 1318 for(i= 0;i<arp_profile.numResrvAddr;i++) 1319 printk("<0>ip:%s mac %s\n",arp_profile.resrvIpAddr[i],arp_profile.resrvMacAddr[i]);*/ 1320 return 0; 1321#endif 1322/*foxconn add end,edward zhang, 2012/11/16 @arp protection*/ 1323 default: 1324 return -EINVAL; 1325 } 1326 1327 if (r.arp_pa.sa_family != AF_INET) 1328 return -EPFNOSUPPORT; 1329 1330 if (!(r.arp_flags & ATF_PUBL) && 1331 (r.arp_flags & (ATF_NETMASK|ATF_DONTPUB))) 1332 return -EINVAL; 1333 if (!(r.arp_flags & ATF_NETMASK)) 1334 ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr = 1335 htonl(0xFFFFFFFFUL); 1336 rtnl_lock(); 1337 if (r.arp_dev[0]) { 1338 err = -ENODEV; 1339 if ((dev = __dev_get_by_name(net, r.arp_dev)) == NULL) 1340 goto out; 1341 1342 /* Mmmm... It is wrong... ARPHRD_NETROM==0 */ 1343 if (!r.arp_ha.sa_family) 1344 r.arp_ha.sa_family = dev->type; 1345 err = -EINVAL; 1346 if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type) 1347 goto out; 1348 } else if (cmd == SIOCGARP) { 1349 err = -ENODEV; 1350 goto out; 1351 } 1352 1353 switch (cmd) { 1354 case SIOCDARP: 1355 err = arp_req_delete(net, &r, dev); 1356 break; 1357 case SIOCSARP: 1358 err = arp_req_set(net, &r, dev); 1359 break; 1360 case SIOCGARP: 1361 err = arp_req_get(&r, dev); 1362 if (!err && copy_to_user(arg, &r, sizeof(r))) 1363 err = -EFAULT; 1364 break; 1365 } 1366out: 1367 rtnl_unlock(); 1368 return err; 1369} 1370 1371static int arp_netdev_event(struct notifier_block *this, unsigned long event, void *ptr) 1372{ 1373 struct net_device *dev = ptr; 1374 1375 switch (event) { 1376 case NETDEV_CHANGEADDR: 1377 neigh_changeaddr(&arp_tbl, dev); 1378 rt_cache_flush(dev_net(dev), 0); 1379 break; 1380 default: 1381 break; 1382 } 1383 1384 return NOTIFY_DONE; 1385} 1386 1387static struct notifier_block arp_netdev_notifier = { 1388 .notifier_call = arp_netdev_event, 1389}; 1390 1391/* Note, that it is not on notifier chain. 1392 It is necessary, that this routine was called after route cache will be 1393 flushed. 1394 */ 1395void arp_ifdown(struct net_device *dev) 1396{ 1397 neigh_ifdown(&arp_tbl, dev); 1398} 1399 1400 1401/* 1402 * Called once on startup. 1403 */ 1404 1405static struct packet_type arp_packet_type __read_mostly = { 1406 .type = cpu_to_be16(ETH_P_ARP), 1407 .func = arp_rcv, 1408}; 1409 1410static int arp_proc_init(void); 1411 1412void __init arp_init(void) 1413{ 1414 neigh_table_init(&arp_tbl); 1415 1416 dev_add_pack(&arp_packet_type); 1417 arp_proc_init(); 1418 1419#ifdef CONFIG_SYSCTL 1420 neigh_sysctl_register(NULL, &arp_tbl.parms, "ipv4", NULL); 1421#endif 1422 register_netdevice_notifier(&arp_netdev_notifier); 1423} 1424 1425#ifdef CONFIG_PROC_FS 1426#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE) 1427 1428/* ------------------------------------------------------------------------ */ 1429/* 1430 * ax25 -> ASCII conversion 1431 */ 1432static char *ax2asc2(ax25_address *a, char *buf) 1433{ 1434 char c, *s; 1435 int n; 1436 1437 for (n = 0, s = buf; n < 6; n++) { 1438 c = (a->ax25_call[n] >> 1) & 0x7F; 1439 1440 if (c != ' ') *s++ = c; 1441 } 1442 1443 *s++ = '-'; 1444 1445 if ((n = ((a->ax25_call[6] >> 1) & 0x0F)) > 9) { 1446 *s++ = '1'; 1447 n -= 10; 1448 } 1449 1450 *s++ = n + '0'; 1451 *s++ = '\0'; 1452 1453 if (*buf == '\0' || *buf == '-') 1454 return "*"; 1455 1456 return buf; 1457 1458} 1459#endif /* CONFIG_AX25 */ 1460 1461#define HBUFFERLEN 30 1462 1463static void arp_format_neigh_entry(struct seq_file *seq, 1464 struct neighbour *n) 1465{ 1466 char hbuffer[HBUFFERLEN]; 1467 int k, j; 1468 char tbuf[16]; 1469 struct net_device *dev = n->dev; 1470 int hatype = dev->type; 1471 1472 read_lock(&n->lock); 1473 /* Convert hardware address to XX:XX:XX:XX ... form. */ 1474#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE) 1475 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM) 1476 ax2asc2((ax25_address *)n->ha, hbuffer); 1477 else { 1478#endif 1479 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) { 1480 hbuffer[k++] = hex_asc_hi(n->ha[j]); 1481 hbuffer[k++] = hex_asc_lo(n->ha[j]); 1482 hbuffer[k++] = ':'; 1483 } 1484 if (k != 0) 1485 --k; 1486 hbuffer[k] = 0; 1487#if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE) 1488 } 1489#endif 1490 sprintf(tbuf, "%pI4", n->primary_key); 1491 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", 1492 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); 1493 read_unlock(&n->lock); 1494} 1495 1496static void arp_format_pneigh_entry(struct seq_file *seq, 1497 struct pneigh_entry *n) 1498{ 1499 struct net_device *dev = n->dev; 1500 int hatype = dev ? dev->type : 0; 1501 char tbuf[16]; 1502 1503 sprintf(tbuf, "%pI4", n->key); 1504 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", 1505 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", 1506 dev ? dev->name : "*"); 1507} 1508 1509static int arp_seq_show(struct seq_file *seq, void *v) 1510{ 1511 if (v == SEQ_START_TOKEN) { 1512 seq_puts(seq, "IP address HW type Flags " 1513 "HW address Mask Device\n"); 1514 } else { 1515 struct neigh_seq_state *state = seq->private; 1516 1517 if (state->flags & NEIGH_SEQ_IS_PNEIGH) 1518 arp_format_pneigh_entry(seq, v); 1519 else 1520 arp_format_neigh_entry(seq, v); 1521 } 1522 1523 return 0; 1524} 1525 1526static void *arp_seq_start(struct seq_file *seq, loff_t *pos) 1527{ 1528 /* Don't want to confuse "arp -a" w/ magic entries, 1529 * so we tell the generic iterator to skip NUD_NOARP. 1530 */ 1531 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP); 1532} 1533 1534/* ------------------------------------------------------------------------ */ 1535 1536static const struct seq_operations arp_seq_ops = { 1537 .start = arp_seq_start, 1538 .next = neigh_seq_next, 1539 .stop = neigh_seq_stop, 1540 .show = arp_seq_show, 1541}; 1542 1543static int arp_seq_open(struct inode *inode, struct file *file) 1544{ 1545 return seq_open_net(inode, file, &arp_seq_ops, 1546 sizeof(struct neigh_seq_state)); 1547} 1548 1549static const struct file_operations arp_seq_fops = { 1550 .owner = THIS_MODULE, 1551 .open = arp_seq_open, 1552 .read = seq_read, 1553 .llseek = seq_lseek, 1554 .release = seq_release_net, 1555}; 1556 1557 1558static int __net_init arp_net_init(struct net *net) 1559{ 1560 if (!proc_net_fops_create(net, "arp", S_IRUGO, &arp_seq_fops)) 1561 return -ENOMEM; 1562 1563 /*Foxconn add start by Hank 08/25/2012*/ 1564 /*for attadev init*/ 1565#ifdef ATTADEV 1566 attadev_init(net); 1567#endif 1568 /*Foxconn add end by Hank 08/25/2012*/ 1569#if INCLUDE_DETECT_AP_MODE 1570 wandev_init(net); 1571#endif 1572 1573 return 0; 1574} 1575 1576static void __net_exit arp_net_exit(struct net *net) 1577{ 1578 proc_net_remove(net, "arp"); 1579} 1580 1581static struct pernet_operations arp_net_ops = { 1582 .init = arp_net_init, 1583 .exit = arp_net_exit, 1584}; 1585 1586static int __init arp_proc_init(void) 1587{ 1588 return register_pernet_subsys(&arp_net_ops); 1589} 1590 1591#else /* CONFIG_PROC_FS */ 1592 1593static int __init arp_proc_init(void) 1594{ 1595 return 0; 1596} 1597 1598#endif /* CONFIG_PROC_FS */ 1599/* foxconn wklin added start, 02/06/2007 */ 1600 1601#ifdef ATTADEV 1602#define FLAG_VALID 1 1603#define FLAG_INVALID 0 1604#define MAX_ATTADEV_ENTRY 128 1605#define ATTADEV_HASHMASK 0x7f 1606 1607typedef struct { 1608 u32 sip; 1609 unsigned char sha[6]; 1610 unsigned short flag; 1611 /* foxconn added, 2010/06/15 @attach_dev */ 1612 char ifname[IFNAMSIZ]; 1613} attadev_t; 1614 1615static rwlock_t attadev_lock = RW_LOCK_UNLOCKED; 1616static attadev_t attadevs[MAX_ATTADEV_ENTRY]; 1617/*Foxconn modify start by Hank 08/25/2012*/ 1618/*change init, create, and get information function of attadev, delatta 1619 Because the kernel function is changed in 2.6.36*/ 1620static int attadev_get_info(struct seq_file *seq, void *v) 1621{ 1622 attadev_t *p = &attadevs[0]; 1623 int i, size, len=0; 1624 1625 read_lock_bh(&attadev_lock); 1626 for (i=0; i<MAX_ATTADEV_ENTRY; i++) { 1627 if ((p+i)->flag == FLAG_VALID) { 1628 seq_printf(seq, "%08X %02X:%02X:%02X:%02X:%02X:%02X %s\n", 1629 ntohl((p+i)->sip), 1630 ((p+i)->sha)[0], ((p+i)->sha)[1], ((p+i)->sha)[2], 1631 ((p+i)->sha)[3], ((p+i)->sha)[4], ((p+i)->sha)[5], 1632 (p+i)->ifname);/*Foxconn add by Mos: 05/30/2011 : for attached devices read wifi/wireless device*/ 1633 } 1634 } 1635 read_unlock_bh(&attadev_lock); 1636 return 0; 1637} 1638 1639static int attadev_del_info(struct seq_file *seq, void *v) 1640{ 1641 attadev_t *p = &attadevs[0]; 1642 int i=0; 1643 1644 write_lock_bh(&attadev_lock); 1645 for (i=0; i<MAX_ATTADEV_ENTRY; i++) { 1646 (p+i)->sip = 0; 1647 memset((p+i)->sha,'\0', 6); 1648 (p+i)->flag = FLAG_INVALID; 1649 } 1650 write_unlock_bh(&attadev_lock); 1651 return 0; 1652} 1653 1654static int attadev_seq_open(struct inode *inode, struct file *file) 1655{ 1656 return single_open_net(inode, file, attadev_get_info); 1657} 1658 1659static int delatta_seq_open(struct inode *inode, struct file *file) 1660{ 1661 return single_open_net(inode, file, attadev_del_info); 1662} 1663 1664static const struct file_operations attadev_seq_fops = { 1665 .owner = THIS_MODULE, 1666 .open = attadev_seq_open, 1667 .read = seq_read, 1668 .llseek = seq_lseek, 1669 .release = single_release_net, 1670}; 1671 1672static const struct file_operations delatta_seq_fops = { 1673 .owner = THIS_MODULE, 1674 .open = delatta_seq_open, 1675 .read = seq_read, 1676 .llseek = seq_lseek, 1677 .release = single_release_net, 1678}; 1679 1680static int attadev_init(struct net *net) { 1681 int i; 1682 attadev_t *p = &attadevs[0]; 1683 1684 /* init data structure */ 1685 for (i=0; i<MAX_ATTADEV_ENTRY; i++) { 1686 (p+i)->sip = 0; 1687 memset((p+i)->sha,'\0', 6); 1688 (p+i)->flag = FLAG_INVALID; 1689 } 1690 1691 proc_net_fops_create(net, "attadev", S_IRUGO, &attadev_seq_fops); 1692 proc_net_fops_create(net, "delatta", S_IRUGO, &delatta_seq_fops); 1693 1694 return 0; 1695} 1696/*Foxconn modify end by Hank 08/25/2012*/ 1697 1698static u32 attadev_hash(u32 *pkey) 1699{ 1700 u32 hash_val; 1701 1702 hash_val = *(u32*)pkey; 1703 hash_val ^= (hash_val>>16); 1704 hash_val ^= hash_val>>8; 1705 hash_val ^= hash_val>>3; 1706 hash_val &= ATTADEV_HASHMASK; 1707 1708 return hash_val; 1709} 1710 1711/* foxconn wklin modified ,2010/06/15 @attach_dev */ 1712static int attadev_update(u32 sip, char *sha, struct net_device *dev) { 1713 int hash_id = attadev_hash(&sip); 1714 int i; 1715 i = hash_id; 1716 attadev_t *p = &attadevs[0]; 1717 1718 /* printk("sip=%08x, hashid = %d\n", sip, hash_id); */ 1719 write_lock_bh(&attadev_lock); 1720 for(;;) { 1721 if ((p+i)->flag == FLAG_INVALID || (p+i)->sip == sip) { 1722 (p+i)->sip = sip; 1723 (p+i)->flag = FLAG_VALID; 1724 memcpy((p+i)->sha, sha, 6); 1725 /* foxconn wklin modified start, 2010/06/15 @attach_dev */ 1726 if (dev && dev->name) { 1727 strcpy((p+i)->ifname, dev->name); 1728 } 1729 /* foxconn wklin modified end, 2010/06/15 */ 1730 break; 1731 } 1732 i++; 1733 if (i >= MAX_ATTADEV_ENTRY) /* foxconn wklin modified, 08/01/2007 */ 1734 i = 0; 1735 if (i == hash_id) { 1736 /* printk("attadev table is full\n"); */ 1737 break; 1738 } 1739 } 1740 write_unlock_bh(&attadev_lock); 1741 return 0; 1742} 1743/*added by dennis start,01/02/2013,@ ap mode detection*/ 1744#ifdef INCLUDE_DETECT_AP_MODE 1745static rwlock_t wandev_lock = RW_LOCK_UNLOCKED; 1746static attadev_t wandevs[MAX_ATTADEV_ENTRY]; 1747 1748static int wandev_del_info(struct seq_file *seq, void *v) 1749{ 1750 attadev_t *p = &wandevs[0]; 1751 int i=0; 1752 1753 write_lock_bh(&wandev_lock); 1754 for (i=0; i<MAX_ATTADEV_ENTRY; i++) { 1755 (p+i)->sip = 0; 1756 memset((p+i)->sha,'\0', 6); 1757 (p+i)->flag = FLAG_INVALID; 1758 } 1759 write_unlock_bh(&wandev_lock); 1760 return 0; 1761} 1762 1763static int wandev_get_info(struct seq_file *seq, void *v) 1764{ 1765 attadev_t *p = &wandevs[0]; 1766 int i, size, len=0; 1767 1768 read_lock_bh(&wandev_lock); 1769 for (i=0; i<MAX_ATTADEV_ENTRY; i++) { 1770 if ((p+i)->flag == FLAG_VALID) { 1771 seq_printf(seq, "%08X %02X:%02X:%02X:%02X:%02X:%02X %s\n", 1772 ntohl((p+i)->sip), 1773 ((p+i)->sha)[0], ((p+i)->sha)[1], ((p+i)->sha)[2], 1774 ((p+i)->sha)[3], ((p+i)->sha)[4], ((p+i)->sha)[5], 1775 (p+i)->ifname); 1776 } 1777 } 1778 read_unlock_bh(&wandev_lock); 1779 1780 return 0; 1781} 1782 1783static int wandev_seq_open(struct inode *inode, struct file *file) 1784{ 1785 return single_open_net(inode, file, wandev_get_info); 1786} 1787 1788static int wandel_seq_open(struct inode *inode, struct file *file) 1789{ 1790 return single_open_net(inode, file, wandev_del_info); 1791} 1792 1793static const struct file_operations wandev_seq_fops = { 1794 .owner = THIS_MODULE, 1795 .open = wandev_seq_open, 1796 .read = seq_read, 1797 .llseek = seq_lseek, 1798 .release = single_release_net, 1799}; 1800 1801static const struct file_operations wandel_seq_fops = { 1802 .owner = THIS_MODULE, 1803 .open = wandel_seq_open, 1804 .read = seq_read, 1805 .llseek = seq_lseek, 1806 .release = single_release_net, 1807}; 1808 1809static int wandev_init(struct net *net) { 1810 int i; 1811 attadev_t *p = &wandevs[0]; 1812 1813 /* init data structure */ 1814 for (i=0; i<MAX_ATTADEV_ENTRY; i++) { 1815 (p+i)->sip = 0; 1816 memset((p+i)->sha,'\0', 6); 1817 (p+i)->flag = FLAG_INVALID; 1818 } 1819 1820 /* create /proc/net/wandev for r/w */ 1821 proc_net_fops_create (net, "wandev", S_IRUGO, &wandev_seq_fops); //added by dennis,01/02/2013 1822 proc_net_fops_create (net, "delwandev", S_IRUGO, &wandel_seq_fops); //added by dennis,01/02/2013 1823 return 0; 1824} 1825 1826static int wandev_update(u32 sip, char *sha, struct net_device *dev) { 1827 int hash_id = attadev_hash(&sip); 1828 int i; 1829 i = hash_id; 1830 attadev_t *p = &wandevs[0]; 1831 1832 /* printk("sip=%08x, hashid = %d\n", sip, hash_id); */ 1833 write_lock_bh(&wandev_lock); 1834 for(;;) { 1835 if ((p+i)->flag == FLAG_INVALID || (p+i)->sip == sip) { 1836 (p+i)->sip = sip; 1837 (p+i)->flag = FLAG_VALID; 1838 memcpy((p+i)->sha, sha, 6); 1839 /* foxconn wklin modified start, 2010/06/15 @attach_dev */ 1840 if (dev && dev->name) { 1841 strcpy((p+i)->ifname, dev->name); 1842 } 1843 /* foxconn wklin modified end, 2010/06/15 */ 1844 break; 1845 } 1846 i++; 1847 if (i >= MAX_ATTADEV_ENTRY) /* foxconn wklin modified, 08/01/2007 */ 1848 i = 0; 1849 if (i == hash_id) { 1850 /* printk("attadev table is full\n"); */ 1851 break; 1852 } 1853 } 1854 write_unlock_bh(&wandev_lock); 1855 return 0; 1856} 1857#endif /*INCLUDE_DETECT_AP_MODE*/ 1858/*added by dennis end,01/02/2013,@ ap mode detection*/ 1859#endif 1860