[thirdparty/systemd.git] / src / libsystemd-network / arp-util.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  Copyright © 2014 Axis Communications AB. All rights reserved.
***/

#include <linux/filter.h>
#include <arpa/inet.h>

#include "arp-util.h"
#include "fd-util.h"
#include "unaligned.h"
#include "util.h"

int arp_network_bind_raw_socket(int ifindex, be32_t address, const struct ether_addr *eth_mac) {
        struct sock_filter filter[] = {
                BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0),                                         /* A <- packet length */
                BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(struct ether_arp), 1, 0),           /* packet >= arp packet ? */
                BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
                BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hrd)), /* A <- header */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPHRD_ETHER, 1, 0),                       /* header == ethernet ? */
                BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
                BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pro)), /* A <- protocol */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 1, 0),                       /* protocol == IP ? */
                BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
                BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hln)), /* A <- hardware address length */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct ether_addr), 1, 0),          /* length == sizeof(ether_addr)? */
                BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
                BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pln)), /* A <- protocol address length */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct in_addr), 1, 0),             /* length == sizeof(in_addr) ? */
                BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
                BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_op)),  /* A <- operation */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REQUEST, 2, 0),                      /* protocol == request ? */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REPLY, 1, 0),                        /* protocol == reply ? */
                BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
                /* Sender Hardware Address must be different from our own */
                BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_be32(&eth_mac->ether_addr_octet[0])),/* A <- 4 bytes of client's MAC */
                BPF_STMT(BPF_MISC + BPF_TAX, 0),                                               /* X <- A */
                BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_sha)),       /* A <- 4 bytes of SHA */
                BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0),                                        /* A xor X */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 6),                                  /* A == 0 ? */
                BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_be16(&eth_mac->ether_addr_octet[4])),/* A <- remainder of client's MAC */
                BPF_STMT(BPF_MISC + BPF_TAX, 0),                                               /* X <- A */
                BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, arp_sha) + 4),   /* A <- remainder of SHA */
                BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0),                                        /* A xor X */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1),                                  /* A == 0 ? */
                BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
                /* Sender Protocol Address or Target Protocol Address must be equal to the one we care about */
                BPF_STMT(BPF_LD + BPF_IMM, htobe32(address)),                                  /* A <- clients IP */
                BPF_STMT(BPF_MISC + BPF_TAX, 0),                                               /* X <- A */
                BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_spa)),       /* A <- SPA */
                BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0),                                        /* X xor A */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1),                                  /* A == 0 ? */
                BPF_STMT(BPF_RET + BPF_K, 65535),                                              /* return all */
                BPF_STMT(BPF_LD + BPF_IMM, htobe32(address)),                                  /* A <- clients IP */
                BPF_STMT(BPF_MISC + BPF_TAX, 0),                                               /* X <- A */
                BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_tpa)),       /* A <- TPA */
                BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0),                                        /* X xor A */
                BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1),                                  /* A == 0 ? */
                BPF_STMT(BPF_RET + BPF_K, 65535),                                              /* return all */
                BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
        };
        struct sock_fprog fprog = {
                .len = ELEMENTSOF(filter),
                .filter = (struct sock_filter*) filter
        };
        union sockaddr_union link = {
                .ll.sll_family = AF_PACKET,
                .ll.sll_protocol = htobe16(ETH_P_ARP),
                .ll.sll_ifindex = ifindex,
                .ll.sll_halen = ETH_ALEN,
                .ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
        };
        _cleanup_close_ int s = -1;
        int r;

        assert(ifindex > 0);

        s = socket(PF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0);
        if (s < 0)
                return -errno;

        r = setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER, &fprog, sizeof(fprog));
        if (r < 0)
                return -errno;

        r = bind(s, &link.sa, sizeof(link.ll));
        if (r < 0)
                return -errno;

        return TAKE_FD(s);
}

static int arp_send_packet(int fd, int ifindex,
                           be32_t pa, const struct ether_addr *ha,
                           bool announce) {
        union sockaddr_union link = {
                .ll.sll_family = AF_PACKET,
                .ll.sll_protocol = htobe16(ETH_P_ARP),
                .ll.sll_ifindex = ifindex,
                .ll.sll_halen = ETH_ALEN,
                .ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
        };
        struct ether_arp arp = {
                .ea_hdr.ar_hrd = htobe16(ARPHRD_ETHER), /* HTYPE */
                .ea_hdr.ar_pro = htobe16(ETHERTYPE_IP), /* PTYPE */
                .ea_hdr.ar_hln = ETH_ALEN, /* HLEN */
                .ea_hdr.ar_pln = sizeof(be32_t), /* PLEN */
                .ea_hdr.ar_op = htobe16(ARPOP_REQUEST), /* REQUEST */
        };
        int r;

        assert(fd >= 0);
        assert(pa != 0);
        assert(ha);

        memcpy(&arp.arp_sha, ha, ETH_ALEN);
        memcpy(&arp.arp_tpa, &pa, sizeof(pa));

        if (announce)
                memcpy(&arp.arp_spa, &pa, sizeof(pa));

        r = sendto(fd, &arp, sizeof(struct ether_arp), 0, &link.sa, sizeof(link.ll));
        if (r < 0)
                return -errno;

        return 0;
}

int arp_send_probe(int fd, int ifindex,
                    be32_t pa, const struct ether_addr *ha) {
        return arp_send_packet(fd, ifindex, pa, ha, false);
}

int arp_send_announcement(int fd, int ifindex,
                          be32_t pa, const struct ether_addr *ha) {
        return arp_send_packet(fd, ifindex, pa, ha, true);
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
996d1697	2	/***
810adae9	3	Copyright © 2014 Axis Communications AB. All rights reserved.
996d1697 TG	4	***/
	5
	6	#include <linux/filter.h>
	7	#include <arpa/inet.h>
	8
996d1697	9	#include "arp-util.h"
3ffd4af2	10	#include "fd-util.h"
f11cba74	11	#include "unaligned.h"
3ffd4af2	12	#include "util.h"
996d1697 TG	13
	14	int arp_network_bind_raw_socket(int ifindex, be32_t address, const struct ether_addr *eth_mac) {
	15	struct sock_filter filter[] = {
	16	BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0), /* A <- packet length */
	17	BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(struct ether_arp), 1, 0), /* packet >= arp packet ? */
	18	BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
	19	BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hrd)), /* A <- header */
	20	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPHRD_ETHER, 1, 0), /* header == ethernet ? */
	21	BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
	22	BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pro)), /* A <- protocol */
	23	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 1, 0), /* protocol == IP ? */
	24	BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
	25	BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hln)), /* A <- hardware address length */
	26	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct ether_addr), 1, 0), /* length == sizeof(ether_addr)? */
	27	BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
	28	BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pln)), /* A <- protocol address length */
	29	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct in_addr), 1, 0), /* length == sizeof(in_addr) ? */
	30	BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
	31	BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_op)), /* A <- operation */
	32	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REQUEST, 2, 0), /* protocol == request ? */
	33	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REPLY, 1, 0), /* protocol == reply ? */
	34	BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
	35	/* Sender Hardware Address must be different from our own */
6afe9046	36	BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_be32(&eth_mac->ether_addr_octet[0])),/* A <- 4 bytes of client's MAC */
996d1697 TG	37	BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */
	38	BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_sha)), /* A <- 4 bytes of SHA */
	39	BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */
	40	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 6), /* A == 0 ? */
6afe9046	41	BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_be16(&eth_mac->ether_addr_octet[4])),/* A <- remainder of client's MAC */
996d1697 TG	42	BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */
	43	BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, arp_sha) + 4), /* A <- remainder of SHA */
	44	BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */
	45	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */
	46	BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
13e785f7	47	/* Sender Protocol Address or Target Protocol Address must be equal to the one we care about */
996d1697 TG	48	BPF_STMT(BPF_LD + BPF_IMM, htobe32(address)), /* A <- clients IP */
	49	BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */
	50	BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_spa)), /* A <- SPA */
	51	BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* X xor A */
	52	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */
	53	BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */
	54	BPF_STMT(BPF_LD + BPF_IMM, htobe32(address)), /* A <- clients IP */
	55	BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */
	56	BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_tpa)), /* A <- TPA */
	57	BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* X xor A */
	58	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */
	59	BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */
	60	BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
	61	};
	62	struct sock_fprog fprog = {
	63	.len = ELEMENTSOF(filter),
	64	.filter = (struct sock_filter*) filter
	65	};
	66	union sockaddr_union link = {
	67	.ll.sll_family = AF_PACKET,
8e38570e	68	.ll.sll_protocol = htobe16(ETH_P_ARP),
996d1697 TG	69	.ll.sll_ifindex = ifindex,
	70	.ll.sll_halen = ETH_ALEN,
	71	.ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
	72	};
	73	_cleanup_close_ int s = -1;
	74	int r;
	75
	76	assert(ifindex > 0);
	77
	78	s = socket(PF_PACKET, SOCK_DGRAM \| SOCK_CLOEXEC \| SOCK_NONBLOCK, 0);
	79	if (s < 0)
	80	return -errno;
	81
	82	r = setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER, &fprog, sizeof(fprog));
	83	if (r < 0)
	84	return -errno;
	85
	86	r = bind(s, &link.sa, sizeof(link.ll));
	87	if (r < 0)
	88	return -errno;
	89
c10d6bdb	90	return TAKE_FD(s);
996d1697 TG	91	}
	92
	93	static int arp_send_packet(int fd, int ifindex,
	94	be32_t pa, const struct ether_addr *ha,
	95	bool announce) {
	96	union sockaddr_union link = {
	97	.ll.sll_family = AF_PACKET,
8e38570e	98	.ll.sll_protocol = htobe16(ETH_P_ARP),
996d1697 TG	99	.ll.sll_ifindex = ifindex,
	100	.ll.sll_halen = ETH_ALEN,
	101	.ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
	102	};
	103	struct ether_arp arp = {
8e38570e LP	104	.ea_hdr.ar_hrd = htobe16(ARPHRD_ETHER), /* HTYPE */
8e38570e LP	105	.ea_hdr.ar_pro = htobe16(ETHERTYPE_IP), /* PTYPE */
996d1697 TG	106	.ea_hdr.ar_hln = ETH_ALEN, /* HLEN */
996d1697 TG	107	.ea_hdr.ar_pln = sizeof(be32_t), /* PLEN */
8e38570e	108	.ea_hdr.ar_op = htobe16(ARPOP_REQUEST), /* REQUEST */
996d1697 TG	109	};
	110	int r;
	111
	112	assert(fd >= 0);
	113	assert(pa != 0);
	114	assert(ha);
	115
	116	memcpy(&arp.arp_sha, ha, ETH_ALEN);
	117	memcpy(&arp.arp_tpa, &pa, sizeof(pa));
	118
	119	if (announce)
	120	memcpy(&arp.arp_spa, &pa, sizeof(pa));
	121
	122	r = sendto(fd, &arp, sizeof(struct ether_arp), 0, &link.sa, sizeof(link.ll));
	123	if (r < 0)
	124	return -errno;
	125
	126	return 0;
	127	}
	128
	129	int arp_send_probe(int fd, int ifindex,
	130	be32_t pa, const struct ether_addr *ha) {
	131	return arp_send_packet(fd, ifindex, pa, ha, false);
	132	}
	133
	134	int arp_send_announcement(int fd, int ifindex,
	135	be32_t pa, const struct ether_addr *ha) {
	136	return arp_send_packet(fd, ifindex, pa, ha, true);
	137	}