]>
Commit | Line | Data |
---|---|---|
996d1697 TG |
1 | /*** |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright (C) 2014 Axis Communications AB. All rights reserved. | |
5 | Copyright (C) 2015 Tom Gundersen | |
6 | ||
7 | systemd is free software; you can redistribute it and/or modify it | |
8 | under the terms of the GNU Lesser General Public License as published by | |
9 | the Free Software Foundation; either version 2.1 of the License, or | |
10 | (at your option) any later version. | |
11 | ||
12 | systemd is distributed in the hope that it will be useful, but | |
13 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 | Lesser General Public License for more details. | |
16 | ||
17 | You should have received a copy of the GNU Lesser General Public License | |
18 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
19 | ***/ | |
20 | ||
21 | #include <linux/filter.h> | |
22 | #include <arpa/inet.h> | |
23 | ||
24 | #include "util.h" | |
25 | #include "arp-util.h" | |
26 | ||
27 | int arp_network_bind_raw_socket(int ifindex, be32_t address, const struct ether_addr *eth_mac) { | |
28 | struct sock_filter filter[] = { | |
29 | BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0), /* A <- packet length */ | |
30 | BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(struct ether_arp), 1, 0), /* packet >= arp packet ? */ | |
31 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
32 | BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hrd)), /* A <- header */ | |
33 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPHRD_ETHER, 1, 0), /* header == ethernet ? */ | |
34 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
35 | BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pro)), /* A <- protocol */ | |
36 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 1, 0), /* protocol == IP ? */ | |
37 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
38 | BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hln)), /* A <- hardware address length */ | |
39 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct ether_addr), 1, 0), /* length == sizeof(ether_addr)? */ | |
40 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
41 | BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pln)), /* A <- protocol address length */ | |
42 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct in_addr), 1, 0), /* length == sizeof(in_addr) ? */ | |
43 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
44 | BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_op)), /* A <- operation */ | |
45 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REQUEST, 2, 0), /* protocol == request ? */ | |
46 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REPLY, 1, 0), /* protocol == reply ? */ | |
47 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
48 | /* Sender Hardware Address must be different from our own */ | |
49 | BPF_STMT(BPF_LD + BPF_IMM, htobe32(*((uint32_t *) eth_mac))), /* A <- 4 bytes of client's MAC */ | |
50 | BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ | |
51 | BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_sha)), /* A <- 4 bytes of SHA */ | |
52 | BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */ | |
53 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 6), /* A == 0 ? */ | |
54 | BPF_STMT(BPF_LD + BPF_IMM, htobe16(*((uint16_t *) (((char *) eth_mac) + 4)))), /* A <- remainder of client's MAC */ | |
55 | BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ | |
56 | BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, arp_sha) + 4), /* A <- remainder of SHA */ | |
57 | BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */ | |
58 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */ | |
59 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
60 | /* Sender Protocol Address or Target Protocol Address must be equal to the one we care about*/ | |
61 | BPF_STMT(BPF_LD + BPF_IMM, htobe32(address)), /* A <- clients IP */ | |
62 | BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ | |
63 | BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_spa)), /* A <- SPA */ | |
64 | BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* X xor A */ | |
65 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */ | |
66 | BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */ | |
67 | BPF_STMT(BPF_LD + BPF_IMM, htobe32(address)), /* A <- clients IP */ | |
68 | BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ | |
69 | BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_tpa)), /* A <- TPA */ | |
70 | BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* X xor A */ | |
71 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 1), /* A == 0 ? */ | |
72 | BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */ | |
73 | BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ | |
74 | }; | |
75 | struct sock_fprog fprog = { | |
76 | .len = ELEMENTSOF(filter), | |
77 | .filter = (struct sock_filter*) filter | |
78 | }; | |
79 | union sockaddr_union link = { | |
80 | .ll.sll_family = AF_PACKET, | |
81 | .ll.sll_protocol = htons(ETH_P_ARP), | |
82 | .ll.sll_ifindex = ifindex, | |
83 | .ll.sll_halen = ETH_ALEN, | |
84 | .ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, | |
85 | }; | |
86 | _cleanup_close_ int s = -1; | |
87 | int r; | |
88 | ||
89 | assert(ifindex > 0); | |
90 | ||
91 | s = socket(PF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0); | |
92 | if (s < 0) | |
93 | return -errno; | |
94 | ||
95 | r = setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER, &fprog, sizeof(fprog)); | |
96 | if (r < 0) | |
97 | return -errno; | |
98 | ||
99 | r = bind(s, &link.sa, sizeof(link.ll)); | |
100 | if (r < 0) | |
101 | return -errno; | |
102 | ||
103 | r = s; | |
104 | s = -1; | |
105 | ||
106 | return r; | |
107 | } | |
108 | ||
109 | static int arp_send_packet(int fd, int ifindex, | |
110 | be32_t pa, const struct ether_addr *ha, | |
111 | bool announce) { | |
112 | union sockaddr_union link = { | |
113 | .ll.sll_family = AF_PACKET, | |
114 | .ll.sll_protocol = htons(ETH_P_ARP), | |
115 | .ll.sll_ifindex = ifindex, | |
116 | .ll.sll_halen = ETH_ALEN, | |
117 | .ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, | |
118 | }; | |
119 | struct ether_arp arp = { | |
120 | .ea_hdr.ar_hrd = htons(ARPHRD_ETHER), /* HTYPE */ | |
121 | .ea_hdr.ar_pro = htons(ETHERTYPE_IP), /* PTYPE */ | |
122 | .ea_hdr.ar_hln = ETH_ALEN, /* HLEN */ | |
123 | .ea_hdr.ar_pln = sizeof(be32_t), /* PLEN */ | |
124 | .ea_hdr.ar_op = htons(ARPOP_REQUEST), /* REQUEST */ | |
125 | }; | |
126 | int r; | |
127 | ||
128 | assert(fd >= 0); | |
129 | assert(pa != 0); | |
130 | assert(ha); | |
131 | ||
132 | memcpy(&arp.arp_sha, ha, ETH_ALEN); | |
133 | memcpy(&arp.arp_tpa, &pa, sizeof(pa)); | |
134 | ||
135 | if (announce) | |
136 | memcpy(&arp.arp_spa, &pa, sizeof(pa)); | |
137 | ||
138 | r = sendto(fd, &arp, sizeof(struct ether_arp), 0, &link.sa, sizeof(link.ll)); | |
139 | if (r < 0) | |
140 | return -errno; | |
141 | ||
142 | return 0; | |
143 | } | |
144 | ||
145 | int arp_send_probe(int fd, int ifindex, | |
146 | be32_t pa, const struct ether_addr *ha) { | |
147 | return arp_send_packet(fd, ifindex, pa, ha, false); | |
148 | } | |
149 | ||
150 | int arp_send_announcement(int fd, int ifindex, | |
151 | be32_t pa, const struct ether_addr *ha) { | |
152 | return arp_send_packet(fd, ifindex, pa, ha, true); | |
153 | } |