]>
Commit | Line | Data |
---|---|---|
6300502b MP |
1 | /*** |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright (C) 2014 Axis Communications AB. All rights reserved. | |
5 | Copyright (C) 2015 Tom Gundersen | |
6 | ||
7 | systemd is free software; you can redistribute it and/or modify it | |
8 | under the terms of the GNU Lesser General Public License as published by | |
9 | the Free Software Foundation; either version 2.1 of the License, or | |
10 | (at your option) any later version. | |
11 | ||
12 | systemd is distributed in the hope that it will be useful, but | |
13 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 | Lesser General Public License for more details. | |
16 | ||
17 | You should have received a copy of the GNU Lesser General Public License | |
18 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
19 | ***/ | |
20 | ||
21 | #include <linux/filter.h> | |
22 | #include <arpa/inet.h> | |
23 | ||
6300502b | 24 | #include "arp-util.h" |
db2df898 MP |
25 | #include "fd-util.h" |
26 | #include "util.h" | |
6300502b MP |
27 | |
28 | int arp_network_bind_raw_socket(int ifindex, be32_t address, const struct ether_addr *eth_mac) { | |
29 | struct sock_filter filter[] = { | |
30 | BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0), /* A <- packet length */ | |
31 | BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(struct ether_arp), 1, 0), /* packet >= arp packet ? */ | |
32 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
33 | BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hrd)), /* A <- header */ | |
34 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPHRD_ETHER, 1, 0), /* header == ethernet ? */ | |
35 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
36 | BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pro)), /* A <- protocol */ | |
37 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 1, 0), /* protocol == IP ? */ | |
38 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
39 | BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hln)), /* A <- hardware address length */ | |
40 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct ether_addr), 1, 0), /* length == sizeof(ether_addr)? */ | |
41 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
42 | BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pln)), /* A <- protocol address length */ | |
43 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct in_addr), 1, 0), /* length == sizeof(in_addr) ? */ | |
44 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
45 | BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_op)), /* A <- operation */ | |
46 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REQUEST, 2, 0), /* protocol == request ? */ | |
47 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REPLY, 1, 0), /* protocol == reply ? */ | |
48 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
49 | /* Sender Hardware Address must be different from our own */ | |
50 | BPF_STMT(BPF_LD + BPF_IMM, htobe32(*((uint32_t *) eth_mac))), /* A <- 4 bytes of client's MAC */ | |
51 | BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ | |
52 | BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_sha)), /* A <- 4 bytes of SHA */ | |
53 | BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */ | |
54 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 6), /* A == 0 ? */ | |
55 | BPF_STMT(BPF_LD + BPF_IMM, htobe16(*((uint16_t *) (((char *) eth_mac) + 4)))), /* A <- remainder of client's MAC */ | |
56 | BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ | |
57 | BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, arp_sha) + 4), /* A <- remainder of SHA */ | |
58 | BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */ | |
59 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */ | |
60 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
61 | /* Sender Protocol Address or Target Protocol Address must be equal to the one we care about*/ | |
62 | BPF_STMT(BPF_LD + BPF_IMM, htobe32(address)), /* A <- clients IP */ | |
63 | BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ | |
64 | BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_spa)), /* A <- SPA */ | |
65 | BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* X xor A */ | |
66 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */ | |
67 | BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */ | |
68 | BPF_STMT(BPF_LD + BPF_IMM, htobe32(address)), /* A <- clients IP */ | |
69 | BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ | |
70 | BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_tpa)), /* A <- TPA */ | |
71 | BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* X xor A */ | |
72 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */ | |
73 | BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */ | |
74 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
75 | }; | |
76 | struct sock_fprog fprog = { | |
77 | .len = ELEMENTSOF(filter), | |
78 | .filter = (struct sock_filter*) filter | |
79 | }; | |
80 | union sockaddr_union link = { | |
81 | .ll.sll_family = AF_PACKET, | |
5a920b42 | 82 | .ll.sll_protocol = htobe16(ETH_P_ARP), |
6300502b MP |
83 | .ll.sll_ifindex = ifindex, |
84 | .ll.sll_halen = ETH_ALEN, | |
85 | .ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, | |
86 | }; | |
87 | _cleanup_close_ int s = -1; | |
88 | int r; | |
89 | ||
90 | assert(ifindex > 0); | |
91 | ||
92 | s = socket(PF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0); | |
93 | if (s < 0) | |
94 | return -errno; | |
95 | ||
96 | r = setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER, &fprog, sizeof(fprog)); | |
97 | if (r < 0) | |
98 | return -errno; | |
99 | ||
100 | r = bind(s, &link.sa, sizeof(link.ll)); | |
101 | if (r < 0) | |
102 | return -errno; | |
103 | ||
104 | r = s; | |
105 | s = -1; | |
106 | ||
107 | return r; | |
108 | } | |
109 | ||
110 | static int arp_send_packet(int fd, int ifindex, | |
111 | be32_t pa, const struct ether_addr *ha, | |
112 | bool announce) { | |
113 | union sockaddr_union link = { | |
114 | .ll.sll_family = AF_PACKET, | |
5a920b42 | 115 | .ll.sll_protocol = htobe16(ETH_P_ARP), |
6300502b MP |
116 | .ll.sll_ifindex = ifindex, |
117 | .ll.sll_halen = ETH_ALEN, | |
118 | .ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, | |
119 | }; | |
120 | struct ether_arp arp = { | |
5a920b42 MP |
121 | .ea_hdr.ar_hrd = htobe16(ARPHRD_ETHER), /* HTYPE */ |
122 | .ea_hdr.ar_pro = htobe16(ETHERTYPE_IP), /* PTYPE */ | |
6300502b MP |
123 | .ea_hdr.ar_hln = ETH_ALEN, /* HLEN */ |
124 | .ea_hdr.ar_pln = sizeof(be32_t), /* PLEN */ | |
5a920b42 | 125 | .ea_hdr.ar_op = htobe16(ARPOP_REQUEST), /* REQUEST */ |
6300502b MP |
126 | }; |
127 | int r; | |
128 | ||
129 | assert(fd >= 0); | |
130 | assert(pa != 0); | |
131 | assert(ha); | |
132 | ||
133 | memcpy(&arp.arp_sha, ha, ETH_ALEN); | |
134 | memcpy(&arp.arp_tpa, &pa, sizeof(pa)); | |
135 | ||
136 | if (announce) | |
137 | memcpy(&arp.arp_spa, &pa, sizeof(pa)); | |
138 | ||
139 | r = sendto(fd, &arp, sizeof(struct ether_arp), 0, &link.sa, sizeof(link.ll)); | |
140 | if (r < 0) | |
141 | return -errno; | |
142 | ||
143 | return 0; | |
144 | } | |
145 | ||
146 | int arp_send_probe(int fd, int ifindex, | |
147 | be32_t pa, const struct ether_addr *ha) { | |
148 | return arp_send_packet(fd, ifindex, pa, ha, false); | |
149 | } | |
150 | ||
151 | int arp_send_announcement(int fd, int ifindex, | |
152 | be32_t pa, const struct ether_addr *ha) { | |
153 | return arp_send_packet(fd, ifindex, pa, ha, true); | |
154 | } |