From patchwork Thu Feb 14 15:51:00 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Linus_L=C3=BCssing?=
 <linus.luessing@c0d3.blue>
X-Patchwork-Id: 17827
X-Patchwork-Delegate: sw@simonwunderlich.de
Return-Path: <b.a.t.m.a.n-bounces@lists.open-mesh.org>
X-Original-To: patchwork@open-mesh.org
Delivered-To: patchwork@open-mesh.org
Received: from open-mesh.org (localhost [IPv6:::1])
	by open-mesh.org (Postfix) with ESMTP id 946F881A26;
	Thu, 14 Feb 2019 16:51:17 +0100 (CET)
Authentication-Results: open-mesh.org;
	dkim=fail reason="key not found in DNS" (0-bit key;
	unprotected) header.d=c0d3.blue header.i=@c0d3.blue
	header.b="XTs+pTPb"; dkim-atps=neutral
Received-SPF: None (mailfrom) identity=mailfrom;
	client-ip=2a01:4f8:171:314c::100:a1; helo=mail.aperture-lab.de;
	envelope-from=linus.luessing@c0d3.blue; receiver=<UNKNOWN>
Received: from mail.aperture-lab.de (mail.aperture-lab.de
	[IPv6:2a01:4f8:171:314c::100:a1])
	by open-mesh.org (Postfix) with ESMTPS id 6075380731
	for <b.a.t.m.a.n@lists.open-mesh.org>;
	Thu, 14 Feb 2019 16:51:15 +0100 (CET)
From: =?utf-8?q?Linus_L=C3=BCssing?= <linus.luessing@c0d3.blue>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=c0d3.blue; s=2018;
	t=1550159473; h=from:from:sender:reply-to:subject:subject:date:date:
	message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:in-reply-to:
	references; bh=FtQG+NSf86IfuH8evVHr9Dtvznn5dALrf6aIxMx+bCE=;
	b=XTs+pTPbZkjm+aXz9txC2caiKjF7IIZCH47o+RsCsfGxznTEnUrGfIdz4a3Rp+VndBux0Y
	M39x5oJvEvHjKl2QYKYtt/Ng+NU6kg0pP90bOOicCy1BaHosklrt+Dyh+pytUZbVcltJ/o
	9i6Oz/q6NgujNIx9QHKUfZF3zr3tNwIo73BdjQqoiHTvlib/tPX1APVXCgY1LRsC1yZukK
	3rNimzLtEXDJixr9106+t3uslyoP5C4ncHwr/rMvkmhCS5KWvWur9S2fE3Za3g9YvB+7zD
	KnrbLO8IzmB4lIJVnEKYnEHsNy08kt/vTvapa71uAN5PuuvFlss6K3lg6+AXFQ==
To: b.a.t.m.a.n@lists.open-mesh.org
Date: Thu, 14 Feb 2019 16:51:00 +0100
Message-Id: <20190214155100.10070-1-linus.luessing@c0d3.blue>
MIME-Version: 1.0
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=c0d3.blue;
	s=2018; t=1550159474;
	h=from:from:sender:reply-to:subject:subject:date:date:
	message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:in-reply-to:
	references; bh=FtQG+NSf86IfuH8evVHr9Dtvznn5dALrf6aIxMx+bCE=;
	b=lNJoVCx335wu6IjoOBXgMsAyU9VvwFPUK754iBzIC8vaJkssQPmGg/MLo+rBgUjhD682nr
	KteA+5ZMEh/z9WsW1WfMTzlPotJfAuYyRf520OA8wCZzw4DK57vZRXcK0P5K/aleYVeH9l
	Q76ky508xpSrcLcRyWe+PmaCdkBdgiJMPhN60/NLb/HuVk9GUH9Qm0zZLTyuyYeiC8Vnj3
	2jbOE/htJ9/v02fNCLP4gr537jnqpSdLVLQ/ny0fVVORss5+7Bxpe1RWSQeSORUIUPKbbE
	tBa4Dj2LlcXPspJQLEVXHBVxyU7Xz40z3whB6+MlT5UuPAse0enJd2A0Ne0+yg==
ARC-Seal: i=1; s=2018; d=c0d3.blue; t=1550159474; a=rsa-sha256; cv=none;
	b=B0L3fsKouZXeXlCpuzI3aiQpJZ76fZnuTgtLkim62sBT1Ybatxrf1KNvhR4JznVru3aSA4
	NKalZsW6AIx/Md96K9T/nu360ylpMuivURrzDX5CovmXHXFLVLMetY6+Ybak496O29FnyO
	iUKMle0Sed9rcO4hUKqEJHyPmnkPrd9rU4QJEv8sfCHr+DtTLVmu71q3vUvaFWRKqS1wdh
	8tYR1jzCRvpcIdVtaBTxM0Fcf1usoNpnSlRdFcSiAOCkrXUe5BxDLxU2S/OXjXqLTjwxE/
	JKm704Lw6Ba6WuHmIskuceeBlUas1mEBnIm4isxhQYh2/AJv2mTRql7seIDuiA==
ARC-Authentication-Results: i=1; ORIGINATING;
	auth=pass smtp.auth=linus.luessing@c0d3.blue
	smtp.mailfrom=linus.luessing@c0d3.blue
Authentication-Results: ORIGINATING;
	auth=pass smtp.auth=linus.luessing@c0d3.blue
	smtp.mailfrom=linus.luessing@c0d3.blue
Subject: [B.A.T.M.A.N.] [PATCH] batman-adv: allow snooping gratuitous ARP
	Replies
X-BeenThere: b.a.t.m.a.n@lists.open-mesh.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n.lists.open-mesh.org>
List-Unsubscribe: <https://lists.open-mesh.org/mm/options/b.a.t.m.a.n>,
	<mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=unsubscribe>
List-Archive: <http://lists.open-mesh.org/pipermail/b.a.t.m.a.n/>
List-Post: <mailto:b.a.t.m.a.n@lists.open-mesh.org>
List-Help: <mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=help>
List-Subscribe: <https://lists.open-mesh.org/mm/listinfo/b.a.t.m.a.n>,
	<mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=subscribe>
Reply-To: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n@lists.open-mesh.org>
Cc: Daniel Ehlers <sargon@toppoint.de>
Errors-To: b.a.t.m.a.n-bounces@lists.open-mesh.org
Sender: "B.A.T.M.A.N" <b.a.t.m.a.n-bounces@lists.open-mesh.org>

A gratuitous ARP Reply has the following format (example):

Sender MAC: 00:12:34:56:78:9A
Sender IP:  192.168.2.3
Target MAC: FF:FF:FF:FF:FF:FF
Target IP:  192.168.2.3

A gratuitous ARP Reply is commonly used to update an ARP table in the
network in an unsolicited way. Here, the host with the MAC address
00:12:34:56:78:9A announces that it is now the owner of 192.168.2.3.
Gratuitous ARP Replies are usually used for redundancy or for IP address
handovers between hosts.

So far, gratuitous ARP Replies were ignored for DAT processing as it
contains a broadcast MAC address. This patch changes this and allows
snooping such ARP messages, too.

Special care needs to be taken with the target MAC, to not accidentally
add this broadcast MAC to the DAT cache.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
---
Gratuitous ARP Replies were ignored since this commit:

ab361a9ccc5 ("batman-adv: filter ARP packets with invalid MAC addresses in DAT")

Daniel Ehlers is currently working on a distributed DHCP server for mesh
networks. For cases like these it would be helpful if userspace programs
were able to add entries to the DAT, too. Sending gratuitous ARP Replies
would be one easy way for userspace tools to do so.

This patch was verified in VMs with gratuitous ARP Replies generated via
"mausezahn". Sending such packets with a 00:00:00:00:00:00 ethernet
frame destination address even allows updating the DAT without actually
broadcasting the original frame into the mesh.

[0]: https://github.com/sargon/ddhcpd,
[1]: https://media.freifunk.net/search/?q=ddhcp
---
 net/batman-adv/distributed-arp-table.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/net/batman-adv/distributed-arp-table.c b/net/batman-adv/distributed-arp-table.c
index 310a4f35..c8923c7d 100644
--- a/net/batman-adv/distributed-arp-table.c
+++ b/net/batman-adv/distributed-arp-table.c
@@ -373,9 +373,12 @@ batadv_dat_entry_hash_find(struct batadv_priv *bat_priv, __be32 ip,
 static void batadv_dat_entry_add(struct batadv_priv *bat_priv, __be32 ip,
 				 u8 *mac_addr, unsigned short vid)
 {
-	struct batadv_dat_entry *dat_entry;
+	struct batadv_dat_entry *dat_entry = NULL;
 	int hash_added;
 
+	if (is_multicast_ether_addr(mac_addr))
+		goto out;
+
 	dat_entry = batadv_dat_entry_hash_find(bat_priv, ip, vid);
 	/* if this entry is already known, just update it */
 	if (dat_entry) {
@@ -1117,8 +1120,7 @@ static u16 batadv_arp_get_type(struct batadv_priv *bat_priv,
 	/* don't care about the destination MAC address in ARP requests */
 	if (arphdr->ar_op != htons(ARPOP_REQUEST)) {
 		hw_dst = batadv_arp_hw_dst(skb, hdr_size);
-		if (is_zero_ether_addr(hw_dst) ||
-		    is_multicast_ether_addr(hw_dst))
+		if (is_zero_ether_addr(hw_dst))
 			goto out;
 	}