projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
[deliverable/linux.git] / net / ipv6 / icmp.c
CommitLineData
1da177e4
LT		 1/*
2 * Internet Control Message Protocol (ICMPv6)
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * $Id: icmp.c,v 1.38 2002/02/08 03:57:19 davem Exp $
9 *
10 * Based on net/ipv4/icmp.c
11 *
12 * RFC 1885
13 *
14 * This program is free software; you can redistribute it and/or
15 * modify it under the terms of the GNU General Public License
16 * as published by the Free Software Foundation; either version
17 * 2 of the License, or (at your option) any later version.
18 */
19
20/*
21 * Changes:
22 *
23 * Andi Kleen : exception handling
24 * Andi Kleen add rate limits. never reply to a icmp.
25 * add more length checks and other fixes.
26 * yoshfuji : ensure to sent parameter problem for
27 * fragments.
28 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
29 * Randy Dunlap and
30 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
31 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
32 */
33
34#include <linux/module.h>
35#include <linux/errno.h>
36#include <linux/types.h>
37#include <linux/socket.h>
38#include <linux/in.h>
39#include <linux/kernel.h>
1da177e4
LT		 40#include <linux/sockios.h>
41#include <linux/net.h>
42#include <linux/skbuff.h>
43#include <linux/init.h>
763ecff1 44#include <linux/netfilter.h>
1da177e4
LT		 45
46#ifdef CONFIG_SYSCTL
47#include <linux/sysctl.h>
48#endif
49
50#include <linux/inet.h>
51#include <linux/netdevice.h>
52#include <linux/icmpv6.h>
53
54#include <net/ip.h>
55#include <net/sock.h>
56
57#include <net/ipv6.h>
58#include <net/ip6_checksum.h>
59#include <net/protocol.h>
60#include <net/raw.h>
61#include <net/rawv6.h>
62#include <net/transp_v6.h>
63#include <net/ip6_route.h>
64#include <net/addrconf.h>
65#include <net/icmp.h>
8b7817f3 66#include <net/xfrm.h>
1da177e4
LT		 67
68#include <asm/uaccess.h>
69#include <asm/system.h>
70
ba89966c 71DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics) __read_mostly;
7159039a 72EXPORT_SYMBOL(icmpv6_statistics);
14878f75
DS		 73DEFINE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics) __read_mostly;
74EXPORT_SYMBOL(icmpv6msg_statistics);
1da177e4
LT		 75
76/*
77 * The ICMP socket(s). This is the most convenient way to flow control
78 * our ICMP output as well as maintain a clean interface throughout
79 * all layers. All Socketless IP sends will soon be gone.
80 *
81 * On SMP we have one ICMP socket per-cpu.
82 */
98c6d1b2
DL		 83static inline struct sock *icmpv6_sk(struct net *net)
84{
85 return net->ipv6.icmp_sk[smp_processor_id()];
86}
1da177e4 87
e5bbef20 88static int icmpv6_rcv(struct sk_buff *skb);
1da177e4
LT		 89
90static struct inet6_protocol icmpv6_protocol = {
91 .handler = icmpv6_rcv,
8b7817f3 92 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1da177e4
LT		 93};
94
405666db 95static __inline__ int icmpv6_xmit_lock(struct sock *sk)
1da177e4
LT		 96{
97 local_bh_disable();
98
405666db 99 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
1da177e4
LT		 100 /* This can happen if the output path (f.e. SIT or
101 * ip6ip6 tunnel) signals dst_link_failure() for an
102 * outgoing ICMP6 packet.
103 */
104 local_bh_enable();
105 return 1;
106 }
107 return 0;
108}
109
405666db 110static __inline__ void icmpv6_xmit_unlock(struct sock *sk)
1da177e4 111{
405666db 112 spin_unlock_bh(&sk->sk_lock.slock);
1da177e4
LT		 113}
114
1ab1457c 115/*
1da177e4
LT		 116 * Slightly more convenient version of icmpv6_send.
117 */
118void icmpv6_param_prob(struct sk_buff *skb, int code, int pos)
119{
120 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos, skb->dev);
121 kfree_skb(skb);
122}
123
124/*
125 * Figure out, may we reply to this packet with icmp error.
126 *
127 * We do not reply, if:
128 * - it was icmp error message.
129 * - it is truncated, so that it is known, that protocol is ICMPV6
130 * (i.e. in the middle of some exthdr)
131 *
132 * --ANK (980726)
133 */
134
135static int is_ineligible(struct sk_buff *skb)
136{
0660e03f 137 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
1da177e4 138 int len = skb->len - ptr;
0660e03f 139 __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
1da177e4
LT		 140
141 if (len < 0)
142 return 1;
143
0d3d077c 144 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr);
1da177e4
LT		 145 if (ptr < 0)
146 return 0;
147 if (nexthdr == IPPROTO_ICMPV6) {
148 u8 _type, *tp;
149 tp = skb_header_pointer(skb,
150 ptr+offsetof(struct icmp6hdr, icmp6_type),
151 sizeof(_type), &_type);
152 if (tp == NULL ||
153 !(*tp & ICMPV6_INFOMSG_MASK))
154 return 1;
155 }
156 return 0;
157}
158
1ab1457c
YH		 159/*
160 * Check the ICMP output rate limit
1da177e4
LT		 161 */
162static inline int icmpv6_xrlim_allow(struct sock *sk, int type,
163 struct flowi *fl)
164{
165 struct dst_entry *dst;
9a43b709 166 struct net *net = sk->sk_net;
1da177e4
LT		 167 int res = 0;
168
169 /* Informational messages are not limited. */
170 if (type & ICMPV6_INFOMSG_MASK)
171 return 1;
172
173 /* Do not limit pmtu discovery, it would break it. */
174 if (type == ICMPV6_PKT_TOOBIG)
175 return 1;
176
1ab1457c 177 /*
1da177e4
LT		 178 * Look up the output route.
179 * XXX: perhaps the expire for routing entries cloned by
180 * this lookup should be more aggressive (not longer than timeout).
181 */
9a43b709 182 dst = ip6_route_output(net, sk, fl);
1da177e4 183 if (dst->error) {
a11d206d
YH		 184 IP6_INC_STATS(ip6_dst_idev(dst),
185 IPSTATS_MIB_OUTNOROUTES);
1da177e4
LT		 186 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
187 res = 1;
188 } else {
189 struct rt6_info *rt = (struct rt6_info *)dst;
9a43b709 190 int tmo = net->ipv6.sysctl.icmpv6_time;
1da177e4
LT		 191
192 /* Give more bandwidth to wider prefixes. */
193 if (rt->rt6i_dst.plen < 128)
194 tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
195
196 res = xrlim_allow(dst, tmo);
197 }
198 dst_release(dst);
199 return res;
200}
201
202/*
203 * an inline helper for the "simple" if statement below
204 * checks if parameter problem report is caused by an
1ab1457c 205 * unrecognized IPv6 option that has the Option Type
1da177e4
LT		 206 * highest-order two bits set to 10
207 */
208
209static __inline__ int opt_unrec(struct sk_buff *skb, __u32 offset)
210{
211 u8 _optval, *op;
212
bbe735e4 213 offset += skb_network_offset(skb);
1da177e4
LT		 214 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
215 if (op == NULL)
216 return 1;
217 return (*op & 0xC0) == 0x80;
218}
219
220static int icmpv6_push_pending_frames(struct sock *sk, struct flowi *fl, struct icmp6hdr *thdr, int len)
221{
222 struct sk_buff *skb;
223 struct icmp6hdr *icmp6h;
224 int err = 0;
225
226 if ((skb = skb_peek(&sk->sk_write_queue)) == NULL)
227 goto out;
228
cc70ab26 229 icmp6h = icmp6_hdr(skb);
1da177e4
LT		 230 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
231 icmp6h->icmp6_cksum = 0;
232
233 if (skb_queue_len(&sk->sk_write_queue) == 1) {
234 skb->csum = csum_partial((char *)icmp6h,
235 sizeof(struct icmp6hdr), skb->csum);
236 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src,
237 &fl->fl6_dst,
238 len, fl->proto,
239 skb->csum);
240 } else {
868c86bc 241 __wsum tmp_csum = 0;
1da177e4
LT		 242
243 skb_queue_walk(&sk->sk_write_queue, skb) {
244 tmp_csum = csum_add(tmp_csum, skb->csum);
245 }
246
247 tmp_csum = csum_partial((char *)icmp6h,
248 sizeof(struct icmp6hdr), tmp_csum);
868c86bc
AV		 249 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src,
250 &fl->fl6_dst,
251 len, fl->proto,
252 tmp_csum);
1da177e4 253 }
1da177e4
LT		 254 ip6_push_pending_frames(sk);
255out:
256 return err;
257}
258
259struct icmpv6_msg {
260 struct sk_buff *skb;
261 int offset;
763ecff1 262 uint8_t type;
1da177e4
LT		 263};
264
265static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
266{
267 struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
268 struct sk_buff *org_skb = msg->skb;
5f92a738 269 __wsum csum = 0;
1da177e4
LT		 270
271 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
272 to, len, csum);
273 skb->csum = csum_block_add(skb->csum, csum, odd);
763ecff1
YK		 274 if (!(msg->type & ICMPV6_INFOMSG_MASK))
275 nf_ct_attach(skb, org_skb);
1da177e4
LT		 276 return 0;
277}
278
59fbb3a6 279#if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
79383236
MN		 280static void mip6_addr_swap(struct sk_buff *skb)
281{
0660e03f 282 struct ipv6hdr *iph = ipv6_hdr(skb);
79383236
MN		 283 struct inet6_skb_parm *opt = IP6CB(skb);
284 struct ipv6_destopt_hao *hao;
285 struct in6_addr tmp;
286 int off;
287
288 if (opt->dsthao) {
289 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
290 if (likely(off >= 0)) {
d56f90a7
ACM		 291 hao = (struct ipv6_destopt_hao *)
292 (skb_network_header(skb) + off);
79383236
MN		 293 ipv6_addr_copy(&tmp, &iph->saddr);
294 ipv6_addr_copy(&iph->saddr, &hao->addr);
295 ipv6_addr_copy(&hao->addr, &tmp);
296 }
297 }
298}
299#else
300static inline void mip6_addr_swap(struct sk_buff *skb) {}
301#endif
302
1da177e4
LT		 303/*
304 * Send an ICMP message in response to a packet in error
305 */
1ab1457c 306void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info,
1da177e4
LT		 307 struct net_device *dev)
308{
9a43b709 309 struct net *net = skb->dev->nd_net;
1da177e4 310 struct inet6_dev *idev = NULL;
0660e03f 311 struct ipv6hdr *hdr = ipv6_hdr(skb);
84427d53
YH		 312 struct sock *sk;
313 struct ipv6_pinfo *np;
1da177e4
LT		 314 struct in6_addr *saddr = NULL;
315 struct dst_entry *dst;
8b7817f3 316 struct dst_entry *dst2;
1da177e4
LT		 317 struct icmp6hdr tmp_hdr;
318 struct flowi fl;
8b7817f3 319 struct flowi fl2;
1da177e4
LT		 320 struct icmpv6_msg msg;
321 int iif = 0;
322 int addr_type = 0;
323 int len;
41a1f8ea 324 int hlimit, tclass;
1da177e4
LT		 325 int err = 0;
326
27a884dc
ACM		 327 if ((u8 *)hdr < skb->head ||
328 (skb->network_header + sizeof(*hdr)) > skb->tail)
1da177e4
LT		 329 return;
330
331 /*
1ab1457c 332 * Make sure we respect the rules
1da177e4
LT		 333 * i.e. RFC 1885 2.4(e)
334 * Rule (e.1) is enforced by not using icmpv6_send
335 * in any code that processes icmp errors.
336 */
337 addr_type = ipv6_addr_type(&hdr->daddr);
338
9a43b709 339 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0))
1da177e4
LT		 340 saddr = &hdr->daddr;
341
342 /*
343 * Dest addr check
344 */
345
346 if ((addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST)) {
347 if (type != ICMPV6_PKT_TOOBIG &&
1ab1457c
YH		 348 !(type == ICMPV6_PARAMPROB &&
349 code == ICMPV6_UNK_OPTION &&
1da177e4
LT		 350 (opt_unrec(skb, info))))
351 return;
352
353 saddr = NULL;
354 }
355
356 addr_type = ipv6_addr_type(&hdr->saddr);
357
358 /*
359 * Source addr check
360 */
361
362 if (addr_type & IPV6_ADDR_LINKLOCAL)
363 iif = skb->dev->ifindex;
364
365 /*
8de3351e
YH		 366 * Must not send error if the source does not uniquely
367 * identify a single node (RFC2463 Section 2.4).
368 * We check unspecified / multicast addresses here,
369 * and anycast addresses will be checked later.
1da177e4
LT		 370 */
371 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
64ce2073 372 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: addr_any/mcast source\n");
1da177e4
LT		 373 return;
374 }
375
1ab1457c 376 /*
1da177e4
LT		 377 * Never answer to a ICMP packet.
378 */
379 if (is_ineligible(skb)) {
64ce2073 380 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: no reply to icmp error\n");
1da177e4
LT		 381 return;
382 }
383
79383236
MN		 384 mip6_addr_swap(skb);
385
1da177e4
LT		 386 memset(&fl, 0, sizeof(fl));
387 fl.proto = IPPROTO_ICMPV6;
388 ipv6_addr_copy(&fl.fl6_dst, &hdr->saddr);
389 if (saddr)
390 ipv6_addr_copy(&fl.fl6_src, saddr);
391 fl.oif = iif;
392 fl.fl_icmp_type = type;
393 fl.fl_icmp_code = code;
beb8d13b 394 security_skb_classify_flow(skb, &fl);
1da177e4 395
9a43b709 396 sk = icmpv6_sk(net);
84427d53
YH		 397 np = inet6_sk(sk);
398
405666db
DL		 399 if (icmpv6_xmit_lock(sk))
400 return;
401
1da177e4
LT		 402 if (!icmpv6_xrlim_allow(sk, type, &fl))
403 goto out;
404
405 tmp_hdr.icmp6_type = type;
406 tmp_hdr.icmp6_code = code;
407 tmp_hdr.icmp6_cksum = 0;
408 tmp_hdr.icmp6_pointer = htonl(info);
409
410 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst))
411 fl.oif = np->mcast_oif;
412
413 err = ip6_dst_lookup(sk, &dst, &fl);
414 if (err)
415 goto out;
8de3351e
YH		 416
417 /*
418 * We won't send icmp if the destination is known
419 * anycast.
420 */
421 if (((struct rt6_info *)dst)->rt6i_flags & RTF_ANYCAST) {
422 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: acast source\n");
423 goto out_dst_release;
424 }
425
8b7817f3
HX		 426 /* No need to clone since we're just using its address. */
427 dst2 = dst;
428
429 err = xfrm_lookup(&dst, &fl, sk, 0);
430 switch (err) {
431 case 0:
432 if (dst != dst2)
433 goto route_done;
434 break;
435 case -EPERM:
436 dst = NULL;
437 break;
438 default:
439 goto out;
440 }
441
442 if (xfrm_decode_session_reverse(skb, &fl2, AF_INET6))
443 goto out;
444
445 if (ip6_dst_lookup(sk, &dst2, &fl))
e104411b 446 goto out;
1da177e4 447
8b7817f3
HX		 448 err = xfrm_lookup(&dst2, &fl, sk, XFRM_LOOKUP_ICMP);
449 if (err == -ENOENT) {
450 if (!dst)
451 goto out;
452 goto route_done;
453 }
454
455 dst_release(dst);
456 dst = dst2;
457
458 if (err)
459 goto out;
460
461route_done:
1da177e4
LT		 462 if (ipv6_addr_is_multicast(&fl.fl6_dst))
463 hlimit = np->mcast_hops;
464 else
465 hlimit = np->hop_limit;
466 if (hlimit < 0)
467 hlimit = dst_metric(dst, RTAX_HOPLIMIT);
468 if (hlimit < 0)
469 hlimit = ipv6_get_hoplimit(dst->dev);
470
e012d51c 471 tclass = np->tclass;
41a1f8ea
YH		 472 if (tclass < 0)
473 tclass = 0;
474
1da177e4 475 msg.skb = skb;
bbe735e4 476 msg.offset = skb_network_offset(skb);
763ecff1 477 msg.type = type;
1da177e4
LT		 478
479 len = skb->len - msg.offset;
480 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr));
481 if (len < 0) {
64ce2073 482 LIMIT_NETDEBUG(KERN_DEBUG "icmp: len problem\n");
1da177e4
LT		 483 goto out_dst_release;
484 }
485
486 idev = in6_dev_get(skb->dev);
487
488 err = ip6_append_data(sk, icmpv6_getfrag, &msg,
489 len + sizeof(struct icmp6hdr),
490 sizeof(struct icmp6hdr),
41a1f8ea 491 hlimit, tclass, NULL, &fl, (struct rt6_info*)dst,
1da177e4
LT		 492 MSG_DONTWAIT);
493 if (err) {
494 ip6_flush_pending_frames(sk);
495 goto out_put;
496 }
497 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, len + sizeof(struct icmp6hdr));
498
1da177e4
LT		 499out_put:
500 if (likely(idev != NULL))
501 in6_dev_put(idev);
502out_dst_release:
503 dst_release(dst);
504out:
405666db 505 icmpv6_xmit_unlock(sk);
1da177e4
LT		 506}
507
7159039a
YH		 508EXPORT_SYMBOL(icmpv6_send);
509
1da177e4
LT		 510static void icmpv6_echo_reply(struct sk_buff *skb)
511{
9a43b709 512 struct net *net = skb->dev->nd_net;
84427d53 513 struct sock *sk;
1da177e4 514 struct inet6_dev *idev;
84427d53 515 struct ipv6_pinfo *np;
1da177e4 516 struct in6_addr *saddr = NULL;
cc70ab26 517 struct icmp6hdr *icmph = icmp6_hdr(skb);
1da177e4
LT		 518 struct icmp6hdr tmp_hdr;
519 struct flowi fl;
520 struct icmpv6_msg msg;
521 struct dst_entry *dst;
522 int err = 0;
523 int hlimit;
41a1f8ea 524 int tclass;
1da177e4 525
0660e03f 526 saddr = &ipv6_hdr(skb)->daddr;
1da177e4
LT		 527
528 if (!ipv6_unicast_destination(skb))
529 saddr = NULL;
530
531 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
532 tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY;
533
534 memset(&fl, 0, sizeof(fl));
535 fl.proto = IPPROTO_ICMPV6;
0660e03f 536 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1da177e4
LT		 537 if (saddr)
538 ipv6_addr_copy(&fl.fl6_src, saddr);
539 fl.oif = skb->dev->ifindex;
540 fl.fl_icmp_type = ICMPV6_ECHO_REPLY;
beb8d13b 541 security_skb_classify_flow(skb, &fl);
1da177e4 542
9a43b709 543 sk = icmpv6_sk(net);
84427d53
YH		 544 np = inet6_sk(sk);
545
405666db
DL		 546 if (icmpv6_xmit_lock(sk))
547 return;
548
1da177e4
LT		 549 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst))
550 fl.oif = np->mcast_oif;
551
552 err = ip6_dst_lookup(sk, &dst, &fl);
553 if (err)
554 goto out;
555 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
e104411b 556 goto out;
1da177e4
LT		 557
558 if (ipv6_addr_is_multicast(&fl.fl6_dst))
559 hlimit = np->mcast_hops;
560 else
561 hlimit = np->hop_limit;
562 if (hlimit < 0)
563 hlimit = dst_metric(dst, RTAX_HOPLIMIT);
564 if (hlimit < 0)
565 hlimit = ipv6_get_hoplimit(dst->dev);
566
e012d51c 567 tclass = np->tclass;
41a1f8ea
YH		 568 if (tclass < 0)
569 tclass = 0;
570
1da177e4
LT		 571 idev = in6_dev_get(skb->dev);
572
573 msg.skb = skb;
574 msg.offset = 0;
763ecff1 575 msg.type = ICMPV6_ECHO_REPLY;
1da177e4
LT		 576
577 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr),
41a1f8ea 578 sizeof(struct icmp6hdr), hlimit, tclass, NULL, &fl,
1da177e4
LT		 579 (struct rt6_info*)dst, MSG_DONTWAIT);
580
581 if (err) {
582 ip6_flush_pending_frames(sk);
583 goto out_put;
584 }
585 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, skb->len + sizeof(struct icmp6hdr));
586
1ab1457c 587out_put:
1da177e4
LT		 588 if (likely(idev != NULL))
589 in6_dev_put(idev);
1da177e4 590 dst_release(dst);
1ab1457c 591out:
405666db 592 icmpv6_xmit_unlock(sk);
1da177e4
LT		 593}
594
04ce6909 595static void icmpv6_notify(struct sk_buff *skb, int type, int code, __be32 info)
1da177e4 596{
1da177e4 597 struct inet6_protocol *ipprot;
1da177e4
LT		 598 int inner_offset;
599 int hash;
600 u8 nexthdr;
601
602 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
603 return;
604
605 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
606 if (ipv6_ext_hdr(nexthdr)) {
607 /* now skip over extension headers */
0d3d077c 608 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &nexthdr);
1da177e4
LT		 609 if (inner_offset<0)
610 return;
611 } else {
612 inner_offset = sizeof(struct ipv6hdr);
613 }
614
615 /* Checkin header including 8 bytes of inner protocol header. */
616 if (!pskb_may_pull(skb, inner_offset+8))
617 return;
618
1da177e4
LT		 619 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
620 Without this we will not able f.e. to make source routed
621 pmtu discovery.
622 Corresponding argument (opt) to notifiers is already added.
623 --ANK (980726)
624 */
625
626 hash = nexthdr & (MAX_INET_PROTOS - 1);
627
628 rcu_read_lock();
629 ipprot = rcu_dereference(inet6_protos[hash]);
630 if (ipprot && ipprot->err_handler)
631 ipprot->err_handler(skb, NULL, type, code, inner_offset, info);
632 rcu_read_unlock();
633
69d6da0b 634 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
1da177e4 635}
1ab1457c 636
1da177e4
LT		 637/*
638 * Handle icmp messages
639 */
640
e5bbef20 641static int icmpv6_rcv(struct sk_buff *skb)
1da177e4 642{
1da177e4
LT		 643 struct net_device *dev = skb->dev;
644 struct inet6_dev *idev = __in6_dev_get(dev);
645 struct in6_addr *saddr, *daddr;
646 struct ipv6hdr *orig_hdr;
647 struct icmp6hdr *hdr;
648 int type;
649
aebcf82c 650 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
8b7817f3
HX		 651 int nh;
652
aebcf82c
HX		 653 if (!(skb->sp && skb->sp->xvec[skb->sp->len - 1]->props.flags &
654 XFRM_STATE_ICMP))
655 goto drop_no_count;
656
8b7817f3
HX		 657 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(*orig_hdr)))
658 goto drop_no_count;
659
660 nh = skb_network_offset(skb);
661 skb_set_network_header(skb, sizeof(*hdr));
662
663 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb))
664 goto drop_no_count;
665
666 skb_set_network_header(skb, nh);
667 }
668
1da177e4
LT		 669 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_INMSGS);
670
0660e03f
ACM		 671 saddr = &ipv6_hdr(skb)->saddr;
672 daddr = &ipv6_hdr(skb)->daddr;
1da177e4
LT		 673
674 /* Perform checksum. */
fb286bb2 675 switch (skb->ip_summed) {
84fa7933 676 case CHECKSUM_COMPLETE:
fb286bb2
HX		 677 if (!csum_ipv6_magic(saddr, daddr, skb->len, IPPROTO_ICMPV6,
678 skb->csum))
679 break;
680 /* fall through */
681 case CHECKSUM_NONE:
868c86bc
AV		 682 skb->csum = ~csum_unfold(csum_ipv6_magic(saddr, daddr, skb->len,
683 IPPROTO_ICMPV6, 0));
fb286bb2 684 if (__skb_checksum_complete(skb)) {
46b86a2d 685 LIMIT_NETDEBUG(KERN_DEBUG "ICMPv6 checksum failed [" NIP6_FMT " > " NIP6_FMT "]\n",
64ce2073 686 NIP6(*saddr), NIP6(*daddr));
1da177e4
LT		 687 goto discard_it;
688 }
689 }
690
8cf22943
HX		 691 if (!pskb_pull(skb, sizeof(*hdr)))
692 goto discard_it;
1da177e4 693
cc70ab26 694 hdr = icmp6_hdr(skb);
1da177e4
LT		 695
696 type = hdr->icmp6_type;
697
14878f75 698 ICMP6MSGIN_INC_STATS_BH(idev, type);
1da177e4
LT		 699
700 switch (type) {
701 case ICMPV6_ECHO_REQUEST:
702 icmpv6_echo_reply(skb);
703 break;
704
705 case ICMPV6_ECHO_REPLY:
706 /* we couldn't care less */
707 break;
708
709 case ICMPV6_PKT_TOOBIG:
710 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
711 standard destination cache. Seems, only "advanced"
712 destination cache will allow to solve this problem
713 --ANK (980726)
714 */
715 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
716 goto discard_it;
cc70ab26 717 hdr = icmp6_hdr(skb);
1da177e4
LT		 718 orig_hdr = (struct ipv6hdr *) (hdr + 1);
719 rt6_pmtu_discovery(&orig_hdr->daddr, &orig_hdr->saddr, dev,
720 ntohl(hdr->icmp6_mtu));
721
722 /*
723 * Drop through to notify
724 */
725
726 case ICMPV6_DEST_UNREACH:
727 case ICMPV6_TIME_EXCEED:
728 case ICMPV6_PARAMPROB:
729 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
730 break;
731
732 case NDISC_ROUTER_SOLICITATION:
733 case NDISC_ROUTER_ADVERTISEMENT:
734 case NDISC_NEIGHBOUR_SOLICITATION:
735 case NDISC_NEIGHBOUR_ADVERTISEMENT:
736 case NDISC_REDIRECT:
737 ndisc_rcv(skb);
738 break;
739
740 case ICMPV6_MGM_QUERY:
741 igmp6_event_query(skb);
742 break;
743
744 case ICMPV6_MGM_REPORT:
745 igmp6_event_report(skb);
746 break;
747
748 case ICMPV6_MGM_REDUCTION:
749 case ICMPV6_NI_QUERY:
750 case ICMPV6_NI_REPLY:
751 case ICMPV6_MLD2_REPORT:
752 case ICMPV6_DHAAD_REQUEST:
753 case ICMPV6_DHAAD_REPLY:
754 case ICMPV6_MOBILE_PREFIX_SOL:
755 case ICMPV6_MOBILE_PREFIX_ADV:
756 break;
757
758 default:
64ce2073 759 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6: msg of unknown type\n");
1da177e4
LT		 760
761 /* informational */
762 if (type & ICMPV6_INFOMSG_MASK)
763 break;
764
1ab1457c
YH		 765 /*
766 * error of unknown type.
767 * must pass to upper level
1da177e4
LT		 768 */
769
770 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
3ff50b79
SH		 771 }
772
1da177e4
LT		 773 kfree_skb(skb);
774 return 0;
775
776discard_it:
777 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_INERRORS);
8b7817f3 778drop_no_count:
1da177e4
LT		 779 kfree_skb(skb);
780 return 0;
781}
782
95e41e93
YH		 783void icmpv6_flow_init(struct sock *sk, struct flowi *fl,
784 u8 type,
785 const struct in6_addr *saddr,
786 const struct in6_addr *daddr,
787 int oif)
788{
789 memset(fl, 0, sizeof(*fl));
790 ipv6_addr_copy(&fl->fl6_src, saddr);
791 ipv6_addr_copy(&fl->fl6_dst, daddr);
792 fl->proto = IPPROTO_ICMPV6;
793 fl->fl_icmp_type = type;
794 fl->fl_icmp_code = 0;
795 fl->oif = oif;
796 security_sk_classify_flow(sk, fl);
797}
798
640c41c7 799/*
b7e729c4 800 * Special lock-class for __icmpv6_sk:
640c41c7
IM		 801 */
802static struct lock_class_key icmpv6_socket_sk_dst_lock_key;
803
98c6d1b2 804static int __net_init icmpv6_sk_init(struct net *net)
1da177e4
LT		 805{
806 struct sock *sk;
807 int err, i, j;
808
98c6d1b2
DL		 809 net->ipv6.icmp_sk =
810 kzalloc(nr_cpu_ids * sizeof(struct sock *), GFP_KERNEL);
811 if (net->ipv6.icmp_sk == NULL)
79c91159
DL		 812 return -ENOMEM;
813
6f912042 814 for_each_possible_cpu(i) {
b7e729c4 815 struct socket *sock;
1da177e4 816 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6,
b7e729c4 817 &sock);
1da177e4
LT		 818 if (err < 0) {
819 printk(KERN_ERR
820 "Failed to initialize the ICMP6 control socket "
821 "(err %d).\n",
822 err);
823 goto fail;
824 }
825
98c6d1b2
DL		 826 net->ipv6.icmp_sk[i] = sk = sock->sk;
827 sk_change_net(sk, net);
5c8cafd6 828
1da177e4 829 sk->sk_allocation = GFP_ATOMIC;
640c41c7
IM		 830 /*
831 * Split off their lock-class, because sk->sk_dst_lock
832 * gets used from softirqs, which is safe for
b7e729c4 833 * __icmpv6_sk (because those never get directly used
640c41c7
IM		 834 * via userspace syscalls), but unsafe for normal sockets.
835 */
836 lockdep_set_class(&sk->sk_dst_lock,
837 &icmpv6_socket_sk_dst_lock_key);
1da177e4
LT		 838
839 /* Enough space for 2 64K ICMP packets, including
840 * sk_buff struct overhead.
841 */
842 sk->sk_sndbuf =
843 (2 * ((64 * 1024) + sizeof(struct sk_buff)));
844
845 sk->sk_prot->unhash(sk);
846 }
1da177e4
LT		 847 return 0;
848
849 fail:
5c8cafd6 850 for (j = 0; j < i; j++)
98c6d1b2
DL		 851 sk_release_kernel(net->ipv6.icmp_sk[j]);
852 kfree(net->ipv6.icmp_sk);
1da177e4
LT		 853 return err;
854}
855
98c6d1b2 856static void __net_exit icmpv6_sk_exit(struct net *net)
1da177e4
LT		 857{
858 int i;
859
6f912042 860 for_each_possible_cpu(i) {
98c6d1b2 861 sk_release_kernel(net->ipv6.icmp_sk[i]);
1da177e4 862 }
98c6d1b2
DL		 863 kfree(net->ipv6.icmp_sk);
864}
865
8ed7edce 866static struct pernet_operations icmpv6_sk_ops = {
98c6d1b2
DL		 867 .init = icmpv6_sk_init,
868 .exit = icmpv6_sk_exit,
869};
870
871int __init icmpv6_init(void)
872{
873 int err;
874
875 err = register_pernet_subsys(&icmpv6_sk_ops);
876 if (err < 0)
877 return err;
878
879 err = -EAGAIN;
880 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
881 goto fail;
882 return 0;
883
884fail:
885 printk(KERN_ERR "Failed to register ICMP6 protocol\n");
886 unregister_pernet_subsys(&icmpv6_sk_ops);
887 return err;
888}
889
8ed7edce 890void icmpv6_cleanup(void)
98c6d1b2
DL		 891{
892 unregister_pernet_subsys(&icmpv6_sk_ops);
1da177e4
LT		 893 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
894}
895
98c6d1b2 896
9b5b5cff 897static const struct icmp6_err {
1da177e4
LT		 898 int err;
899 int fatal;
900} tab_unreach[] = {
901 { /* NOROUTE */
902 .err = ENETUNREACH,
903 .fatal = 0,
904 },
905 { /* ADM_PROHIBITED */
906 .err = EACCES,
907 .fatal = 1,
908 },
909 { /* Was NOT_NEIGHBOUR, now reserved */
910 .err = EHOSTUNREACH,
911 .fatal = 0,
912 },
913 { /* ADDR_UNREACH */
914 .err = EHOSTUNREACH,
915 .fatal = 0,
916 },
917 { /* PORT_UNREACH */
918 .err = ECONNREFUSED,
919 .fatal = 1,
920 },
921};
922
923int icmpv6_err_convert(int type, int code, int *err)
924{
925 int fatal = 0;
926
927 *err = EPROTO;
928
929 switch (type) {
930 case ICMPV6_DEST_UNREACH:
931 fatal = 1;
932 if (code <= ICMPV6_PORT_UNREACH) {
933 *err = tab_unreach[code].err;
934 fatal = tab_unreach[code].fatal;
935 }
936 break;
937
938 case ICMPV6_PKT_TOOBIG:
939 *err = EMSGSIZE;
940 break;
1ab1457c 941
1da177e4
LT		 942 case ICMPV6_PARAMPROB:
943 *err = EPROTO;
944 fatal = 1;
945 break;
946
947 case ICMPV6_TIME_EXCEED:
948 *err = EHOSTUNREACH;
949 break;
3ff50b79 950 }
1da177e4
LT		 951
952 return fatal;
953}
954
7159039a
YH		 955EXPORT_SYMBOL(icmpv6_err_convert);
956
1da177e4 957#ifdef CONFIG_SYSCTL
760f2d01 958ctl_table ipv6_icmp_table_template[] = {
1da177e4
LT		 959 {
960 .ctl_name = NET_IPV6_ICMP_RATELIMIT,
961 .procname = "ratelimit",
41a76906 962 .data = &init_net.ipv6.sysctl.icmpv6_time,
1da177e4
LT		 963 .maxlen = sizeof(int),
964 .mode = 0644,
965 .proc_handler = &proc_dointvec
966 },
967 { .ctl_name = 0 },
968};
760f2d01
DL		 969
970struct ctl_table *ipv6_icmp_sysctl_init(struct net *net)
971{
972 struct ctl_table *table;
973
974 table = kmemdup(ipv6_icmp_table_template,
975 sizeof(ipv6_icmp_table_template),
976 GFP_KERNEL);
5ee09105
YH		 977
978 if (table)
979 table[0].data = &net->ipv6.sysctl.icmpv6_time;
980
760f2d01
DL		 981 return table;
982}
1da177e4
LT		 983#endif
984
Linux kernel - Deliverables
This page took 0.407318 seconds and 5 git commands to generate.