projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
CNS3xxx: Fix debug UART.
[deliverable/linux.git] / net / ipv6 / icmp.c
CommitLineData
1da177e4
LT		 1/*
2 * Internet Control Message Protocol (ICMPv6)
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
1da177e4
LT		 8 * Based on net/ipv4/icmp.c
9 *
10 * RFC 1885
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
16 */
17
18/*
19 * Changes:
20 *
21 * Andi Kleen : exception handling
22 * Andi Kleen add rate limits. never reply to a icmp.
23 * add more length checks and other fixes.
24 * yoshfuji : ensure to sent parameter problem for
25 * fragments.
26 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
27 * Randy Dunlap and
28 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
29 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
30 */
31
f3213831
JP		 32#define pr_fmt(fmt) "IPv6: " fmt
33
1da177e4
LT		 34#include <linux/module.h>
35#include <linux/errno.h>
36#include <linux/types.h>
37#include <linux/socket.h>
38#include <linux/in.h>
39#include <linux/kernel.h>
1da177e4
LT		 40#include <linux/sockios.h>
41#include <linux/net.h>
42#include <linux/skbuff.h>
43#include <linux/init.h>
763ecff1 44#include <linux/netfilter.h>
5a0e3ad6 45#include <linux/slab.h>
1da177e4
LT		 46
47#ifdef CONFIG_SYSCTL
48#include <linux/sysctl.h>
49#endif
50
51#include <linux/inet.h>
52#include <linux/netdevice.h>
53#include <linux/icmpv6.h>
54
55#include <net/ip.h>
56#include <net/sock.h>
57
58#include <net/ipv6.h>
59#include <net/ip6_checksum.h>
6d0bfe22 60#include <net/ping.h>
1da177e4
LT		 61#include <net/protocol.h>
62#include <net/raw.h>
63#include <net/rawv6.h>
64#include <net/transp_v6.h>
65#include <net/ip6_route.h>
66#include <net/addrconf.h>
67#include <net/icmp.h>
8b7817f3 68#include <net/xfrm.h>
1ed8516f 69#include <net/inet_common.h>
825edac4 70#include <net/dsfield.h>
1da177e4
LT		 71
72#include <asm/uaccess.h>
1da177e4 73
1da177e4
LT		 74/*
75 * The ICMP socket(s). This is the most convenient way to flow control
76 * our ICMP output as well as maintain a clean interface throughout
77 * all layers. All Socketless IP sends will soon be gone.
78 *
79 * On SMP we have one ICMP socket per-cpu.
80 */
98c6d1b2
DL		 81static inline struct sock *icmpv6_sk(struct net *net)
82{
83 return net->ipv6.icmp_sk[smp_processor_id()];
84}
1da177e4 85
6f809da2
SK		 86static void icmpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
87 u8 type, u8 code, int offset, __be32 info)
88{
6d0bfe22
LC		 89 /* icmpv6_notify checks 8 bytes can be pulled, icmp6hdr is 8 bytes */
90 struct icmp6hdr *icmp6 = (struct icmp6hdr *) (skb->data + offset);
6f809da2
SK		 91 struct net *net = dev_net(skb->dev);
92
93 if (type == ICMPV6_PKT_TOOBIG)
94 ip6_update_pmtu(skb, net, info, 0, 0);
95 else if (type == NDISC_REDIRECT)
b55b76b2 96 ip6_redirect(skb, net, skb->dev->ifindex, 0);
6d0bfe22
LC		 97
98 if (!(type & ICMPV6_INFOMSG_MASK))
99 if (icmp6->icmp6_type == ICMPV6_ECHO_REQUEST)
100 ping_err(skb, offset, info);
6f809da2
SK		 101}
102
e5bbef20 103static int icmpv6_rcv(struct sk_buff *skb);
1da177e4 104
41135cc8 105static const struct inet6_protocol icmpv6_protocol = {
1da177e4 106 .handler = icmpv6_rcv,
6f809da2 107 .err_handler = icmpv6_err,
8b7817f3 108 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1da177e4
LT		 109};
110
fdc0bde9 111static __inline__ struct sock *icmpv6_xmit_lock(struct net *net)
1da177e4 112{
fdc0bde9
DL		 113 struct sock *sk;
114
1da177e4
LT		 115 local_bh_disable();
116
fdc0bde9 117 sk = icmpv6_sk(net);
405666db 118 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
1da177e4
LT		 119 /* This can happen if the output path (f.e. SIT or
120 * ip6ip6 tunnel) signals dst_link_failure() for an
121 * outgoing ICMP6 packet.
122 */
123 local_bh_enable();
fdc0bde9 124 return NULL;
1da177e4 125 }
fdc0bde9 126 return sk;
1da177e4
LT		 127}
128
405666db 129static __inline__ void icmpv6_xmit_unlock(struct sock *sk)
1da177e4 130{
405666db 131 spin_unlock_bh(&sk->sk_lock.slock);
1da177e4
LT		 132}
133
1da177e4
LT		 134/*
135 * Figure out, may we reply to this packet with icmp error.
136 *
137 * We do not reply, if:
138 * - it was icmp error message.
139 * - it is truncated, so that it is known, that protocol is ICMPV6
140 * (i.e. in the middle of some exthdr)
141 *
142 * --ANK (980726)
143 */
144
a50feda5 145static bool is_ineligible(const struct sk_buff *skb)
1da177e4 146{
0660e03f 147 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
1da177e4 148 int len = skb->len - ptr;
0660e03f 149 __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
75f2811c 150 __be16 frag_off;
1da177e4
LT		 151
152 if (len < 0)
a50feda5 153 return true;
1da177e4 154
75f2811c 155 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr, &frag_off);
1da177e4 156 if (ptr < 0)
a50feda5 157 return false;
1da177e4
LT		 158 if (nexthdr == IPPROTO_ICMPV6) {
159 u8 _type, *tp;
160 tp = skb_header_pointer(skb,
161 ptr+offsetof(struct icmp6hdr, icmp6_type),
162 sizeof(_type), &_type);
163 if (tp == NULL ||
164 !(*tp & ICMPV6_INFOMSG_MASK))
a50feda5 165 return true;
1da177e4 166 }
a50feda5 167 return false;
1da177e4
LT		 168}
169
1ab1457c
YH		 170/*
171 * Check the ICMP output rate limit
1da177e4 172 */
92d86829 173static inline bool icmpv6_xrlim_allow(struct sock *sk, u8 type,
4c9483b2 174 struct flowi6 *fl6)
1da177e4
LT		 175{
176 struct dst_entry *dst;
3b1e0a65 177 struct net *net = sock_net(sk);
92d86829 178 bool res = false;
1da177e4
LT		 179
180 /* Informational messages are not limited. */
181 if (type & ICMPV6_INFOMSG_MASK)
92d86829 182 return true;
1da177e4
LT		 183
184 /* Do not limit pmtu discovery, it would break it. */
185 if (type == ICMPV6_PKT_TOOBIG)
92d86829 186 return true;
1da177e4 187
1ab1457c 188 /*
1da177e4
LT		 189 * Look up the output route.
190 * XXX: perhaps the expire for routing entries cloned by
191 * this lookup should be more aggressive (not longer than timeout).
192 */
4c9483b2 193 dst = ip6_route_output(net, sk, fl6);
1da177e4 194 if (dst->error) {
3bd653c8 195 IP6_INC_STATS(net, ip6_dst_idev(dst),
a11d206d 196 IPSTATS_MIB_OUTNOROUTES);
1da177e4 197 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
92d86829 198 res = true;
1da177e4
LT		 199 } else {
200 struct rt6_info *rt = (struct rt6_info *)dst;
9a43b709 201 int tmo = net->ipv6.sysctl.icmpv6_time;
fbfe95a4 202 struct inet_peer *peer;
1da177e4
LT		 203
204 /* Give more bandwidth to wider prefixes. */
205 if (rt->rt6i_dst.plen < 128)
206 tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
207
1d861aa4 208 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
fbfe95a4 209 res = inet_peer_xrlim_allow(peer, tmo);
1d861aa4
DM		 210 if (peer)
211 inet_putpeer(peer);
1da177e4
LT		 212 }
213 dst_release(dst);
214 return res;
215}
216
217/*
218 * an inline helper for the "simple" if statement below
219 * checks if parameter problem report is caused by an
1ab1457c 220 * unrecognized IPv6 option that has the Option Type
1da177e4
LT		 221 * highest-order two bits set to 10
222 */
223
a50feda5 224static bool opt_unrec(struct sk_buff *skb, __u32 offset)
1da177e4
LT		 225{
226 u8 _optval, *op;
227
bbe735e4 228 offset += skb_network_offset(skb);
1da177e4
LT		 229 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
230 if (op == NULL)
a50feda5 231 return true;
1da177e4
LT		 232 return (*op & 0xC0) == 0x80;
233}
234
6d0bfe22
LC		 235int icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
236 struct icmp6hdr *thdr, int len)
1da177e4
LT		 237{
238 struct sk_buff *skb;
239 struct icmp6hdr *icmp6h;
240 int err = 0;
241
242 if ((skb = skb_peek(&sk->sk_write_queue)) == NULL)
243 goto out;
244
cc70ab26 245 icmp6h = icmp6_hdr(skb);
1da177e4
LT		 246 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
247 icmp6h->icmp6_cksum = 0;
248
249 if (skb_queue_len(&sk->sk_write_queue) == 1) {
07f0757a 250 skb->csum = csum_partial(icmp6h,
1da177e4 251 sizeof(struct icmp6hdr), skb->csum);
4c9483b2
DM		 252 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
253 &fl6->daddr,
254 len, fl6->flowi6_proto,
1da177e4
LT		 255 skb->csum);
256 } else {
868c86bc 257 __wsum tmp_csum = 0;
1da177e4
LT		 258
259 skb_queue_walk(&sk->sk_write_queue, skb) {
260 tmp_csum = csum_add(tmp_csum, skb->csum);
261 }
262
07f0757a 263 tmp_csum = csum_partial(icmp6h,
1da177e4 264 sizeof(struct icmp6hdr), tmp_csum);
4c9483b2
DM		 265 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
266 &fl6->daddr,
267 len, fl6->flowi6_proto,
868c86bc 268 tmp_csum);
1da177e4 269 }
1da177e4
LT		 270 ip6_push_pending_frames(sk);
271out:
272 return err;
273}
274
275struct icmpv6_msg {
276 struct sk_buff *skb;
277 int offset;
763ecff1 278 uint8_t type;
1da177e4
LT		 279};
280
281static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
282{
283 struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
284 struct sk_buff *org_skb = msg->skb;
5f92a738 285 __wsum csum = 0;
1da177e4
LT		 286
287 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
288 to, len, csum);
289 skb->csum = csum_block_add(skb->csum, csum, odd);
763ecff1
YK		 290 if (!(msg->type & ICMPV6_INFOMSG_MASK))
291 nf_ct_attach(skb, org_skb);
1da177e4
LT		 292 return 0;
293}
294
07a93626 295#if IS_ENABLED(CONFIG_IPV6_MIP6)
79383236
MN		 296static void mip6_addr_swap(struct sk_buff *skb)
297{
0660e03f 298 struct ipv6hdr *iph = ipv6_hdr(skb);
79383236
MN		 299 struct inet6_skb_parm *opt = IP6CB(skb);
300 struct ipv6_destopt_hao *hao;
301 struct in6_addr tmp;
302 int off;
303
304 if (opt->dsthao) {
305 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
306 if (likely(off >= 0)) {
d56f90a7
ACM		 307 hao = (struct ipv6_destopt_hao *)
308 (skb_network_header(skb) + off);
4e3fd7a0
AD		 309 tmp = iph->saddr;
310 iph->saddr = hao->addr;
311 hao->addr = tmp;
79383236
MN		 312 }
313 }
314}
315#else
316static inline void mip6_addr_swap(struct sk_buff *skb) {}
317#endif
318
e8243534 319static struct dst_entry *icmpv6_route_lookup(struct net *net,
320 struct sk_buff *skb,
321 struct sock *sk,
322 struct flowi6 *fl6)
b42835db
DM		 323{
324 struct dst_entry *dst, *dst2;
4c9483b2 325 struct flowi6 fl2;
b42835db
DM		 326 int err;
327
4c9483b2 328 err = ip6_dst_lookup(sk, &dst, fl6);
b42835db
DM		 329 if (err)
330 return ERR_PTR(err);
331
332 /*
333 * We won't send icmp if the destination is known
334 * anycast.
335 */
336 if (((struct rt6_info *)dst)->rt6i_flags & RTF_ANYCAST) {
5f5624cf 337 LIMIT_NETDEBUG(KERN_DEBUG "icmp6_send: acast source\n");
b42835db
DM		 338 dst_release(dst);
339 return ERR_PTR(-EINVAL);
340 }
341
342 /* No need to clone since we're just using its address. */
343 dst2 = dst;
344
4c9483b2 345 dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), sk, 0);
452edd59 346 if (!IS_ERR(dst)) {
b42835db
DM		 347 if (dst != dst2)
348 return dst;
452edd59
DM		 349 } else {
350 if (PTR_ERR(dst) == -EPERM)
351 dst = NULL;
352 else
353 return dst;
b42835db
DM		 354 }
355
4c9483b2 356 err = xfrm_decode_session_reverse(skb, flowi6_to_flowi(&fl2), AF_INET6);
b42835db
DM		 357 if (err)
358 goto relookup_failed;
359
360 err = ip6_dst_lookup(sk, &dst2, &fl2);
361 if (err)
362 goto relookup_failed;
363
4c9483b2 364 dst2 = xfrm_lookup(net, dst2, flowi6_to_flowi(&fl2), sk, XFRM_LOOKUP_ICMP);
452edd59 365 if (!IS_ERR(dst2)) {
b42835db
DM		 366 dst_release(dst);
367 dst = dst2;
452edd59
DM		 368 } else {
369 err = PTR_ERR(dst2);
370 if (err == -EPERM) {
371 dst_release(dst);
372 return dst2;
373 } else
374 goto relookup_failed;
b42835db
DM		 375 }
376
377relookup_failed:
378 if (dst)
379 return dst;
380 return ERR_PTR(err);
381}
382
1da177e4
LT		 383/*
384 * Send an ICMP message in response to a packet in error
385 */
5f5624cf 386static void icmp6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info)
1da177e4 387{
c346dca1 388 struct net *net = dev_net(skb->dev);
1da177e4 389 struct inet6_dev *idev = NULL;
0660e03f 390 struct ipv6hdr *hdr = ipv6_hdr(skb);
84427d53
YH		 391 struct sock *sk;
392 struct ipv6_pinfo *np;
b71d1d42 393 const struct in6_addr *saddr = NULL;
1da177e4
LT		 394 struct dst_entry *dst;
395 struct icmp6hdr tmp_hdr;
4c9483b2 396 struct flowi6 fl6;
1da177e4
LT		 397 struct icmpv6_msg msg;
398 int iif = 0;
399 int addr_type = 0;
400 int len;
e651f03a 401 int hlimit;
1da177e4 402 int err = 0;
e110861f 403 u32 mark = IP6_REPLY_MARK(net, skb->mark);
1da177e4 404
27a884dc 405 if ((u8 *)hdr < skb->head ||
29a3cad5 406 (skb_network_header(skb) + sizeof(*hdr)) > skb_tail_pointer(skb))
1da177e4
LT		 407 return;
408
409 /*
1ab1457c 410 * Make sure we respect the rules
1da177e4 411 * i.e. RFC 1885 2.4(e)
5f5624cf 412 * Rule (e.1) is enforced by not using icmp6_send
1da177e4
LT		 413 * in any code that processes icmp errors.
414 */
415 addr_type = ipv6_addr_type(&hdr->daddr);
416
446fab59 417 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0) ||
d94c1f92 418 ipv6_chk_acast_addr_src(net, skb->dev, &hdr->daddr))
1da177e4
LT		 419 saddr = &hdr->daddr;
420
421 /*
422 * Dest addr check
423 */
424
425 if ((addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST)) {
426 if (type != ICMPV6_PKT_TOOBIG &&
1ab1457c
YH		 427 !(type == ICMPV6_PARAMPROB &&
428 code == ICMPV6_UNK_OPTION &&
1da177e4
LT		 429 (opt_unrec(skb, info))))
430 return;
431
432 saddr = NULL;
433 }
434
435 addr_type = ipv6_addr_type(&hdr->saddr);
436
437 /*
438 * Source addr check
439 */
440
842df073 441 if (__ipv6_addr_needs_scope_id(addr_type))
1da177e4
LT		 442 iif = skb->dev->ifindex;
443
444 /*
8de3351e
YH		 445 * Must not send error if the source does not uniquely
446 * identify a single node (RFC2463 Section 2.4).
447 * We check unspecified / multicast addresses here,
448 * and anycast addresses will be checked later.
1da177e4
LT		 449 */
450 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
5f5624cf 451 LIMIT_NETDEBUG(KERN_DEBUG "icmp6_send: addr_any/mcast source\n");
1da177e4
LT		 452 return;
453 }
454
1ab1457c 455 /*
1da177e4
LT		 456 * Never answer to a ICMP packet.
457 */
458 if (is_ineligible(skb)) {
5f5624cf 459 LIMIT_NETDEBUG(KERN_DEBUG "icmp6_send: no reply to icmp error\n");
1da177e4
LT		 460 return;
461 }
462
79383236
MN		 463 mip6_addr_swap(skb);
464
4c9483b2
DM		 465 memset(&fl6, 0, sizeof(fl6));
466 fl6.flowi6_proto = IPPROTO_ICMPV6;
4e3fd7a0 467 fl6.daddr = hdr->saddr;
1da177e4 468 if (saddr)
4e3fd7a0 469 fl6.saddr = *saddr;
e110861f 470 fl6.flowi6_mark = mark;
4c9483b2 471 fl6.flowi6_oif = iif;
1958b856
DM		 472 fl6.fl6_icmp_type = type;
473 fl6.fl6_icmp_code = code;
4c9483b2 474 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 475
fdc0bde9
DL		 476 sk = icmpv6_xmit_lock(net);
477 if (sk == NULL)
405666db 478 return;
e110861f 479 sk->sk_mark = mark;
fdc0bde9 480 np = inet6_sk(sk);
405666db 481
4c9483b2 482 if (!icmpv6_xrlim_allow(sk, type, &fl6))
1da177e4
LT		 483 goto out;
484
485 tmp_hdr.icmp6_type = type;
486 tmp_hdr.icmp6_code = code;
487 tmp_hdr.icmp6_cksum = 0;
488 tmp_hdr.icmp6_pointer = htonl(info);
489
4c9483b2
DM		 490 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
491 fl6.flowi6_oif = np->mcast_oif;
c4062dfc
EH		 492 else if (!fl6.flowi6_oif)
493 fl6.flowi6_oif = np->ucast_oif;
1da177e4 494
4c9483b2 495 dst = icmpv6_route_lookup(net, skb, sk, &fl6);
b42835db 496 if (IS_ERR(dst))
1da177e4 497 goto out;
8de3351e 498
5c98631c 499 hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
1da177e4
LT		 500
501 msg.skb = skb;
bbe735e4 502 msg.offset = skb_network_offset(skb);
763ecff1 503 msg.type = type;
1da177e4
LT		 504
505 len = skb->len - msg.offset;
506 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr));
507 if (len < 0) {
64ce2073 508 LIMIT_NETDEBUG(KERN_DEBUG "icmp: len problem\n");
1da177e4
LT		 509 goto out_dst_release;
510 }
511
cfdf7647
ED		 512 rcu_read_lock();
513 idev = __in6_dev_get(skb->dev);
1da177e4
LT		 514
515 err = ip6_append_data(sk, icmpv6_getfrag, &msg,
516 len + sizeof(struct icmp6hdr),
e651f03a 517 sizeof(struct icmp6hdr), hlimit,
a2d91a09 518 np->tclass, NULL, &fl6, (struct rt6_info *)dst,
13b52cd4 519 MSG_DONTWAIT, np->dontfrag);
1da177e4 520 if (err) {
43a43b60 521 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
1da177e4 522 ip6_flush_pending_frames(sk);
cfdf7647
ED		 523 } else {
524 err = icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
525 len + sizeof(struct icmp6hdr));
1da177e4 526 }
cfdf7647 527 rcu_read_unlock();
1da177e4
LT		 528out_dst_release:
529 dst_release(dst);
530out:
405666db 531 icmpv6_xmit_unlock(sk);
1da177e4 532}
5f5624cf
PS		 533
534/* Slightly more convenient version of icmp6_send.
535 */
536void icmpv6_param_prob(struct sk_buff *skb, u8 code, int pos)
537{
538 icmp6_send(skb, ICMPV6_PARAMPROB, code, pos);
539 kfree_skb(skb);
540}
7159039a 541
1da177e4
LT		 542static void icmpv6_echo_reply(struct sk_buff *skb)
543{
c346dca1 544 struct net *net = dev_net(skb->dev);
84427d53 545 struct sock *sk;
1da177e4 546 struct inet6_dev *idev;
84427d53 547 struct ipv6_pinfo *np;
b71d1d42 548 const struct in6_addr *saddr = NULL;
cc70ab26 549 struct icmp6hdr *icmph = icmp6_hdr(skb);
1da177e4 550 struct icmp6hdr tmp_hdr;
4c9483b2 551 struct flowi6 fl6;
1da177e4
LT		 552 struct icmpv6_msg msg;
553 struct dst_entry *dst;
554 int err = 0;
555 int hlimit;
825edac4 556 u8 tclass;
e110861f 557 u32 mark = IP6_REPLY_MARK(net, skb->mark);
1da177e4 558
0660e03f 559 saddr = &ipv6_hdr(skb)->daddr;
1da177e4 560
509aba3b 561 if (!ipv6_unicast_destination(skb) &&
ec35b61e 562 !(net->ipv6.sysctl.anycast_src_echo_reply &&
509aba3b 563 ipv6_anycast_destination(skb)))
1da177e4
LT		 564 saddr = NULL;
565
566 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
567 tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY;
568
4c9483b2
DM		 569 memset(&fl6, 0, sizeof(fl6));
570 fl6.flowi6_proto = IPPROTO_ICMPV6;
4e3fd7a0 571 fl6.daddr = ipv6_hdr(skb)->saddr;
1da177e4 572 if (saddr)
4e3fd7a0 573 fl6.saddr = *saddr;
4c9483b2 574 fl6.flowi6_oif = skb->dev->ifindex;
1958b856 575 fl6.fl6_icmp_type = ICMPV6_ECHO_REPLY;
e110861f 576 fl6.flowi6_mark = mark;
4c9483b2 577 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 578
fdc0bde9
DL		 579 sk = icmpv6_xmit_lock(net);
580 if (sk == NULL)
405666db 581 return;
e110861f 582 sk->sk_mark = mark;
fdc0bde9 583 np = inet6_sk(sk);
405666db 584
4c9483b2
DM		 585 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
586 fl6.flowi6_oif = np->mcast_oif;
c4062dfc
EH		 587 else if (!fl6.flowi6_oif)
588 fl6.flowi6_oif = np->ucast_oif;
1da177e4 589
4c9483b2 590 err = ip6_dst_lookup(sk, &dst, &fl6);
1da177e4
LT		 591 if (err)
592 goto out;
4c9483b2 593 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), sk, 0);
452edd59 594 if (IS_ERR(dst))
e104411b 595 goto out;
1da177e4 596
5c98631c 597 hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
1da177e4 598
cfdf7647 599 idev = __in6_dev_get(skb->dev);
1da177e4
LT		 600
601 msg.skb = skb;
602 msg.offset = 0;
763ecff1 603 msg.type = ICMPV6_ECHO_REPLY;
1da177e4 604
825edac4 605 tclass = ipv6_get_dsfield(ipv6_hdr(skb));
1da177e4 606 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr),
825edac4 607 sizeof(struct icmp6hdr), hlimit, tclass, NULL, &fl6,
a2d91a09 608 (struct rt6_info *)dst, MSG_DONTWAIT,
13b52cd4 609 np->dontfrag);
1da177e4
LT		 610
611 if (err) {
00d9d6a1 612 ICMP6_INC_STATS_BH(net, idev, ICMP6_MIB_OUTERRORS);
1da177e4 613 ip6_flush_pending_frames(sk);
cfdf7647
ED		 614 } else {
615 err = icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
616 skb->len + sizeof(struct icmp6hdr));
1da177e4 617 }
1da177e4 618 dst_release(dst);
1ab1457c 619out:
405666db 620 icmpv6_xmit_unlock(sk);
1da177e4
LT		 621}
622
b94f1c09 623void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
1da177e4 624{
41135cc8 625 const struct inet6_protocol *ipprot;
1da177e4 626 int inner_offset;
75f2811c 627 __be16 frag_off;
f9242b6b 628 u8 nexthdr;
7304fe46 629 struct net *net = dev_net(skb->dev);
1da177e4
LT		 630
631 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
7304fe46 632 goto out;
1da177e4
LT		 633
634 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
635 if (ipv6_ext_hdr(nexthdr)) {
636 /* now skip over extension headers */
75f2811c
JG		 637 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
638 &nexthdr, &frag_off);
1da177e4 639 if (inner_offset<0)
7304fe46 640 goto out;
1da177e4
LT		 641 } else {
642 inner_offset = sizeof(struct ipv6hdr);
643 }
644
645 /* Checkin header including 8 bytes of inner protocol header. */
646 if (!pskb_may_pull(skb, inner_offset+8))
7304fe46 647 goto out;
1da177e4 648
1da177e4
LT		 649 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
650 Without this we will not able f.e. to make source routed
651 pmtu discovery.
652 Corresponding argument (opt) to notifiers is already added.
653 --ANK (980726)
654 */
655
f9242b6b 656 ipprot = rcu_dereference(inet6_protos[nexthdr]);
1da177e4
LT		 657 if (ipprot && ipprot->err_handler)
658 ipprot->err_handler(skb, NULL, type, code, inner_offset, info);
1da177e4 659
69d6da0b 660 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
7304fe46
DJ		 661 return;
662
663out:
664 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
1da177e4 665}
1ab1457c 666
1da177e4
LT		 667/*
668 * Handle icmp messages
669 */
670
e5bbef20 671static int icmpv6_rcv(struct sk_buff *skb)
1da177e4 672{
1da177e4
LT		 673 struct net_device *dev = skb->dev;
674 struct inet6_dev *idev = __in6_dev_get(dev);
b71d1d42 675 const struct in6_addr *saddr, *daddr;
1da177e4 676 struct icmp6hdr *hdr;
d5fdd6ba 677 u8 type;
1da177e4 678
aebcf82c 679 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
def8b4fa 680 struct sec_path *sp = skb_sec_path(skb);
8b7817f3
HX		 681 int nh;
682
def8b4fa 683 if (!(sp && sp->xvec[sp->len - 1]->props.flags &
aebcf82c
HX		 684 XFRM_STATE_ICMP))
685 goto drop_no_count;
686
81aded24 687 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(struct ipv6hdr)))
8b7817f3
HX		 688 goto drop_no_count;
689
690 nh = skb_network_offset(skb);
691 skb_set_network_header(skb, sizeof(*hdr));
692
693 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb))
694 goto drop_no_count;
695
696 skb_set_network_header(skb, nh);
697 }
698
e41b5368 699 ICMP6_INC_STATS_BH(dev_net(dev), idev, ICMP6_MIB_INMSGS);
1da177e4 700
0660e03f
ACM		 701 saddr = &ipv6_hdr(skb)->saddr;
702 daddr = &ipv6_hdr(skb)->daddr;
1da177e4 703
39471ac8
TH		 704 if (skb_checksum_validate(skb, IPPROTO_ICMPV6, ip6_compute_pseudo)) {
705 LIMIT_NETDEBUG(KERN_DEBUG
706 "ICMPv6 checksum failed [%pI6c > %pI6c]\n",
707 saddr, daddr);
708 goto csum_error;
1da177e4
LT		 709 }
710
8cf22943
HX		 711 if (!pskb_pull(skb, sizeof(*hdr)))
712 goto discard_it;
1da177e4 713
cc70ab26 714 hdr = icmp6_hdr(skb);
1da177e4
LT		 715
716 type = hdr->icmp6_type;
717
55d43808 718 ICMP6MSGIN_INC_STATS_BH(dev_net(dev), idev, type);
1da177e4
LT		 719
720 switch (type) {
721 case ICMPV6_ECHO_REQUEST:
722 icmpv6_echo_reply(skb);
723 break;
724
725 case ICMPV6_ECHO_REPLY:
6d0bfe22 726 ping_rcv(skb);
1da177e4
LT		 727 break;
728
729 case ICMPV6_PKT_TOOBIG:
730 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
731 standard destination cache. Seems, only "advanced"
732 destination cache will allow to solve this problem
733 --ANK (980726)
734 */
735 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
736 goto discard_it;
cc70ab26 737 hdr = icmp6_hdr(skb);
1da177e4
LT		 738
739 /*
740 * Drop through to notify
741 */
742
743 case ICMPV6_DEST_UNREACH:
744 case ICMPV6_TIME_EXCEED:
745 case ICMPV6_PARAMPROB:
746 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
747 break;
748
749 case NDISC_ROUTER_SOLICITATION:
750 case NDISC_ROUTER_ADVERTISEMENT:
751 case NDISC_NEIGHBOUR_SOLICITATION:
752 case NDISC_NEIGHBOUR_ADVERTISEMENT:
753 case NDISC_REDIRECT:
754 ndisc_rcv(skb);
755 break;
756
757 case ICMPV6_MGM_QUERY:
758 igmp6_event_query(skb);
759 break;
760
761 case ICMPV6_MGM_REPORT:
762 igmp6_event_report(skb);
763 break;
764
765 case ICMPV6_MGM_REDUCTION:
766 case ICMPV6_NI_QUERY:
767 case ICMPV6_NI_REPLY:
768 case ICMPV6_MLD2_REPORT:
769 case ICMPV6_DHAAD_REQUEST:
770 case ICMPV6_DHAAD_REPLY:
771 case ICMPV6_MOBILE_PREFIX_SOL:
772 case ICMPV6_MOBILE_PREFIX_ADV:
773 break;
774
775 default:
64ce2073 776 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6: msg of unknown type\n");
1da177e4
LT		 777
778 /* informational */
779 if (type & ICMPV6_INFOMSG_MASK)
780 break;
781
1ab1457c
YH		 782 /*
783 * error of unknown type.
784 * must pass to upper level
1da177e4
LT		 785 */
786
787 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
3ff50b79
SH		 788 }
789
1da177e4
LT		 790 kfree_skb(skb);
791 return 0;
792
6a5dc9e5
ED		 793csum_error:
794 ICMP6_INC_STATS_BH(dev_net(dev), idev, ICMP6_MIB_CSUMERRORS);
1da177e4 795discard_it:
e41b5368 796 ICMP6_INC_STATS_BH(dev_net(dev), idev, ICMP6_MIB_INERRORS);
8b7817f3 797drop_no_count:
1da177e4
LT		 798 kfree_skb(skb);
799 return 0;
800}
801
4c9483b2 802void icmpv6_flow_init(struct sock *sk, struct flowi6 *fl6,
95e41e93
YH		 803 u8 type,
804 const struct in6_addr *saddr,
805 const struct in6_addr *daddr,
806 int oif)
807{
4c9483b2 808 memset(fl6, 0, sizeof(*fl6));
4e3fd7a0
AD		 809 fl6->saddr = *saddr;
810 fl6->daddr = *daddr;
4c9483b2 811 fl6->flowi6_proto = IPPROTO_ICMPV6;
1958b856
DM		 812 fl6->fl6_icmp_type = type;
813 fl6->fl6_icmp_code = 0;
4c9483b2
DM		 814 fl6->flowi6_oif = oif;
815 security_sk_classify_flow(sk, flowi6_to_flowi(fl6));
95e41e93
YH		 816}
817
640c41c7 818/*
b7e729c4 819 * Special lock-class for __icmpv6_sk:
640c41c7
IM		 820 */
821static struct lock_class_key icmpv6_socket_sk_dst_lock_key;
822
98c6d1b2 823static int __net_init icmpv6_sk_init(struct net *net)
1da177e4
LT		 824{
825 struct sock *sk;
826 int err, i, j;
827
98c6d1b2
DL		 828 net->ipv6.icmp_sk =
829 kzalloc(nr_cpu_ids * sizeof(struct sock *), GFP_KERNEL);
830 if (net->ipv6.icmp_sk == NULL)
79c91159
DL		 831 return -ENOMEM;
832
6f912042 833 for_each_possible_cpu(i) {
1ed8516f
DL		 834 err = inet_ctl_sock_create(&sk, PF_INET6,
835 SOCK_RAW, IPPROTO_ICMPV6, net);
1da177e4 836 if (err < 0) {
f3213831 837 pr_err("Failed to initialize the ICMP6 control socket (err %d)\n",
1da177e4
LT		 838 err);
839 goto fail;
840 }
841
1ed8516f 842 net->ipv6.icmp_sk[i] = sk;
5c8cafd6 843
640c41c7
IM		 844 /*
845 * Split off their lock-class, because sk->sk_dst_lock
846 * gets used from softirqs, which is safe for
b7e729c4 847 * __icmpv6_sk (because those never get directly used
640c41c7
IM		 848 * via userspace syscalls), but unsafe for normal sockets.
849 */
850 lockdep_set_class(&sk->sk_dst_lock,
851 &icmpv6_socket_sk_dst_lock_key);
1da177e4
LT		 852
853 /* Enough space for 2 64K ICMP packets, including
854 * sk_buff struct overhead.
855 */
87fb4b7b 856 sk->sk_sndbuf = 2 * SKB_TRUESIZE(64 * 1024);
1da177e4 857 }
1da177e4
LT		 858 return 0;
859
860 fail:
5c8cafd6 861 for (j = 0; j < i; j++)
1ed8516f 862 inet_ctl_sock_destroy(net->ipv6.icmp_sk[j]);
98c6d1b2 863 kfree(net->ipv6.icmp_sk);
1da177e4
LT		 864 return err;
865}
866
98c6d1b2 867static void __net_exit icmpv6_sk_exit(struct net *net)
1da177e4
LT		 868{
869 int i;
870
6f912042 871 for_each_possible_cpu(i) {
1ed8516f 872 inet_ctl_sock_destroy(net->ipv6.icmp_sk[i]);
1da177e4 873 }
98c6d1b2
DL		 874 kfree(net->ipv6.icmp_sk);
875}
876
8ed7edce 877static struct pernet_operations icmpv6_sk_ops = {
98c6d1b2
DL		 878 .init = icmpv6_sk_init,
879 .exit = icmpv6_sk_exit,
880};
881
882int __init icmpv6_init(void)
883{
884 int err;
885
886 err = register_pernet_subsys(&icmpv6_sk_ops);
887 if (err < 0)
888 return err;
889
890 err = -EAGAIN;
891 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
892 goto fail;
5f5624cf
PS		 893
894 err = inet6_register_icmp_sender(icmp6_send);
895 if (err)
896 goto sender_reg_err;
98c6d1b2
DL		 897 return 0;
898
5f5624cf
PS		 899sender_reg_err:
900 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
98c6d1b2 901fail:
f3213831 902 pr_err("Failed to register ICMP6 protocol\n");
98c6d1b2
DL		 903 unregister_pernet_subsys(&icmpv6_sk_ops);
904 return err;
905}
906
8ed7edce 907void icmpv6_cleanup(void)
98c6d1b2 908{
5f5624cf 909 inet6_unregister_icmp_sender(icmp6_send);
98c6d1b2 910 unregister_pernet_subsys(&icmpv6_sk_ops);
1da177e4
LT		 911 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
912}
913
98c6d1b2 914
9b5b5cff 915static const struct icmp6_err {
1da177e4
LT		 916 int err;
917 int fatal;
918} tab_unreach[] = {
919 { /* NOROUTE */
920 .err = ENETUNREACH,
921 .fatal = 0,
922 },
923 { /* ADM_PROHIBITED */
924 .err = EACCES,
925 .fatal = 1,
926 },
927 { /* Was NOT_NEIGHBOUR, now reserved */
928 .err = EHOSTUNREACH,
929 .fatal = 0,
930 },
931 { /* ADDR_UNREACH */
932 .err = EHOSTUNREACH,
933 .fatal = 0,
934 },
935 { /* PORT_UNREACH */
936 .err = ECONNREFUSED,
937 .fatal = 1,
938 },
61e76b17
JB		 939 { /* POLICY_FAIL */
940 .err = EACCES,
941 .fatal = 1,
942 },
943 { /* REJECT_ROUTE */
944 .err = EACCES,
945 .fatal = 1,
946 },
1da177e4
LT		 947};
948
d5fdd6ba 949int icmpv6_err_convert(u8 type, u8 code, int *err)
1da177e4
LT		 950{
951 int fatal = 0;
952
953 *err = EPROTO;
954
955 switch (type) {
956 case ICMPV6_DEST_UNREACH:
957 fatal = 1;
61e76b17 958 if (code < ARRAY_SIZE(tab_unreach)) {
1da177e4
LT		 959 *err = tab_unreach[code].err;
960 fatal = tab_unreach[code].fatal;
961 }
962 break;
963
964 case ICMPV6_PKT_TOOBIG:
965 *err = EMSGSIZE;
966 break;
1ab1457c 967
1da177e4
LT		 968 case ICMPV6_PARAMPROB:
969 *err = EPROTO;
970 fatal = 1;
971 break;
972
973 case ICMPV6_TIME_EXCEED:
974 *err = EHOSTUNREACH;
975 break;
3ff50b79 976 }
1da177e4
LT		 977
978 return fatal;
979}
7159039a
YH		 980EXPORT_SYMBOL(icmpv6_err_convert);
981
1da177e4 982#ifdef CONFIG_SYSCTL
e8243534 983static struct ctl_table ipv6_icmp_table_template[] = {
1da177e4 984 {
1da177e4 985 .procname = "ratelimit",
41a76906 986 .data = &init_net.ipv6.sysctl.icmpv6_time,
1da177e4
LT		 987 .maxlen = sizeof(int),
988 .mode = 0644,
6d9f239a 989 .proc_handler = proc_dointvec_ms_jiffies,
1da177e4 990 },
f8572d8f 991 { },
1da177e4 992};
760f2d01 993
2c8c1e72 994struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net)
760f2d01
DL		 995{
996 struct ctl_table *table;
997
998 table = kmemdup(ipv6_icmp_table_template,
999 sizeof(ipv6_icmp_table_template),
1000 GFP_KERNEL);
5ee09105 1001
c027aab4 1002 if (table)
5ee09105
YH		 1003 table[0].data = &net->ipv6.sysctl.icmpv6_time;
1004
760f2d01
DL		 1005 return table;
1006}
1da177e4
LT		 1007#endif
1008
Linux kernel - Deliverables
This page took 0.936383 seconds and 5 git commands to generate.