2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32
ndisc_hash(const void *pkey
,
85 const struct net_device
*dev
,
87 static int ndisc_constructor(struct neighbour
*neigh
);
88 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
89 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
90 static int pndisc_constructor(struct pneigh_entry
*n
);
91 static void pndisc_destructor(struct pneigh_entry
*n
);
92 static void pndisc_redo(struct sk_buff
*skb
);
94 static const struct neigh_ops ndisc_generic_ops
= {
96 .solicit
= ndisc_solicit
,
97 .error_report
= ndisc_error_report
,
98 .output
= neigh_resolve_output
,
99 .connected_output
= neigh_connected_output
,
102 static const struct neigh_ops ndisc_hh_ops
= {
104 .solicit
= ndisc_solicit
,
105 .error_report
= ndisc_error_report
,
106 .output
= neigh_resolve_output
,
107 .connected_output
= neigh_resolve_output
,
111 static const struct neigh_ops ndisc_direct_ops
= {
113 .output
= neigh_direct_output
,
114 .connected_output
= neigh_direct_output
,
117 struct neigh_table nd_tbl
= {
119 .key_len
= sizeof(struct in6_addr
),
121 .constructor
= ndisc_constructor
,
122 .pconstructor
= pndisc_constructor
,
123 .pdestructor
= pndisc_destructor
,
124 .proxy_redo
= pndisc_redo
,
128 .base_reachable_time
= ND_REACHABLE_TIME
,
129 .retrans_time
= ND_RETRANS_TIMER
,
130 .gc_staletime
= 60 * HZ
,
131 .reachable_time
= ND_REACHABLE_TIME
,
132 .delay_probe_time
= 5 * HZ
,
133 .queue_len_bytes
= 64*1024,
136 .anycast_delay
= 1 * HZ
,
137 .proxy_delay
= (8 * HZ
) / 10,
140 .gc_interval
= 30 * HZ
,
146 static inline int ndisc_opt_addr_space(struct net_device
*dev
)
148 return NDISC_OPT_SPACE(dev
->addr_len
+ ndisc_addr_option_pad(dev
->type
));
151 static u8
*ndisc_fill_addr_option(u8
*opt
, int type
, void *data
,
152 struct net_device
*dev
)
154 int pad
= ndisc_addr_option_pad(dev
->type
);
155 int data_len
= dev
->addr_len
;
156 int space
= NDISC_OPT_SPACE(data_len
+ pad
);
161 memset(opt
+ 2, 0, pad
);
165 memcpy(opt
+2, data
, data_len
);
168 if ((space
-= data_len
) > 0)
169 memset(opt
, 0, space
);
173 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
174 struct nd_opt_hdr
*end
)
177 if (!cur
|| !end
|| cur
>= end
)
179 type
= cur
->nd_opt_type
;
181 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
182 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
183 return cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
;
186 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
188 return opt
->nd_opt_type
== ND_OPT_RDNSS
||
189 opt
->nd_opt_type
== ND_OPT_DNSSL
;
192 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
193 struct nd_opt_hdr
*end
)
195 if (!cur
|| !end
|| cur
>= end
)
198 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
199 } while(cur
< end
&& !ndisc_is_useropt(cur
));
200 return cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
;
203 struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
204 struct ndisc_options
*ndopts
)
206 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
208 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
210 memset(ndopts
, 0, sizeof(*ndopts
));
213 if (opt_len
< sizeof(struct nd_opt_hdr
))
215 l
= nd_opt
->nd_opt_len
<< 3;
216 if (opt_len
< l
|| l
== 0)
218 switch (nd_opt
->nd_opt_type
) {
219 case ND_OPT_SOURCE_LL_ADDR
:
220 case ND_OPT_TARGET_LL_ADDR
:
222 case ND_OPT_REDIRECT_HDR
:
223 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
225 "%s: duplicated ND6 option found: type=%d\n",
226 __func__
, nd_opt
->nd_opt_type
);
228 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
231 case ND_OPT_PREFIX_INFO
:
232 ndopts
->nd_opts_pi_end
= nd_opt
;
233 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
234 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
236 #ifdef CONFIG_IPV6_ROUTE_INFO
237 case ND_OPT_ROUTE_INFO
:
238 ndopts
->nd_opts_ri_end
= nd_opt
;
239 if (!ndopts
->nd_opts_ri
)
240 ndopts
->nd_opts_ri
= nd_opt
;
244 if (ndisc_is_useropt(nd_opt
)) {
245 ndopts
->nd_useropts_end
= nd_opt
;
246 if (!ndopts
->nd_useropts
)
247 ndopts
->nd_useropts
= nd_opt
;
250 * Unknown options must be silently ignored,
251 * to accommodate future extension to the
255 "%s: ignored unsupported option; type=%d, len=%d\n",
262 nd_opt
= ((void *)nd_opt
) + l
;
267 int ndisc_mc_map(const struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
271 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
273 ipv6_eth_mc_map(addr
, buf
);
276 ipv6_arcnet_mc_map(addr
, buf
);
278 case ARPHRD_INFINIBAND
:
279 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
282 return ipv6_ipgre_mc_map(addr
, dev
->broadcast
, buf
);
285 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
292 EXPORT_SYMBOL(ndisc_mc_map
);
294 static u32
ndisc_hash(const void *pkey
,
295 const struct net_device
*dev
,
298 return ndisc_hashfn(pkey
, dev
, hash_rnd
);
301 static int ndisc_constructor(struct neighbour
*neigh
)
303 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
304 struct net_device
*dev
= neigh
->dev
;
305 struct inet6_dev
*in6_dev
;
306 struct neigh_parms
*parms
;
307 bool is_multicast
= ipv6_addr_is_multicast(addr
);
309 in6_dev
= in6_dev_get(dev
);
310 if (in6_dev
== NULL
) {
314 parms
= in6_dev
->nd_parms
;
315 __neigh_parms_put(neigh
->parms
);
316 neigh
->parms
= neigh_parms_clone(parms
);
318 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
319 if (!dev
->header_ops
) {
320 neigh
->nud_state
= NUD_NOARP
;
321 neigh
->ops
= &ndisc_direct_ops
;
322 neigh
->output
= neigh_direct_output
;
325 neigh
->nud_state
= NUD_NOARP
;
326 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
327 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
328 neigh
->nud_state
= NUD_NOARP
;
329 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
330 if (dev
->flags
&IFF_LOOPBACK
)
331 neigh
->type
= RTN_LOCAL
;
332 } else if (dev
->flags
&IFF_POINTOPOINT
) {
333 neigh
->nud_state
= NUD_NOARP
;
334 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
336 if (dev
->header_ops
->cache
)
337 neigh
->ops
= &ndisc_hh_ops
;
339 neigh
->ops
= &ndisc_generic_ops
;
340 if (neigh
->nud_state
&NUD_VALID
)
341 neigh
->output
= neigh
->ops
->connected_output
;
343 neigh
->output
= neigh
->ops
->output
;
345 in6_dev_put(in6_dev
);
349 static int pndisc_constructor(struct pneigh_entry
*n
)
351 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
352 struct in6_addr maddr
;
353 struct net_device
*dev
= n
->dev
;
355 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
357 addrconf_addr_solict_mult(addr
, &maddr
);
358 ipv6_dev_mc_inc(dev
, &maddr
);
362 static void pndisc_destructor(struct pneigh_entry
*n
)
364 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
365 struct in6_addr maddr
;
366 struct net_device
*dev
= n
->dev
;
368 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
370 addrconf_addr_solict_mult(addr
, &maddr
);
371 ipv6_dev_mc_dec(dev
, &maddr
);
374 static struct sk_buff
*ndisc_build_skb(struct net_device
*dev
,
375 const struct in6_addr
*daddr
,
376 const struct in6_addr
*saddr
,
377 struct icmp6hdr
*icmp6h
,
378 const struct in6_addr
*target
,
381 struct net
*net
= dev_net(dev
);
382 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
384 struct icmp6hdr
*hdr
;
385 int hlen
= LL_RESERVED_SPACE(dev
);
386 int tlen
= dev
->needed_tailroom
;
394 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
396 len
+= ndisc_opt_addr_space(dev
);
398 skb
= sock_alloc_send_skb(sk
,
399 (sizeof(struct ipv6hdr
) +
403 ND_PRINTK(0, err
, "ND: %s failed to allocate an skb, err=%d\n",
408 skb_reserve(skb
, hlen
);
409 ip6_nd_hdr(sk
, skb
, dev
, saddr
, daddr
, IPPROTO_ICMPV6
, len
);
411 skb
->transport_header
= skb
->tail
;
414 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
415 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
417 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
419 *(struct in6_addr
*)opt
= *target
;
420 opt
+= sizeof(*target
);
424 ndisc_fill_addr_option(opt
, llinfo
, dev
->dev_addr
, dev
);
426 hdr
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, len
,
434 static void ndisc_send_skb(struct sk_buff
*skb
, struct net_device
*dev
,
435 const struct in6_addr
*daddr
,
436 const struct in6_addr
*saddr
,
437 struct icmp6hdr
*icmp6h
)
440 struct dst_entry
*dst
;
441 struct net
*net
= dev_net(dev
);
442 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
443 struct inet6_dev
*idev
;
447 type
= icmp6h
->icmp6_type
;
449 icmpv6_flow_init(sk
, &fl6
, type
, saddr
, daddr
, dev
->ifindex
);
450 dst
= icmp6_dst_alloc(dev
, &fl6
);
456 skb_dst_set(skb
, dst
);
459 idev
= __in6_dev_get(dst
->dev
);
460 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
462 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
465 ICMP6MSGOUT_INC_STATS(net
, idev
, type
);
466 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
473 * Send a Neighbour Discover packet
475 static void __ndisc_send(struct net_device
*dev
,
476 const struct in6_addr
*daddr
,
477 const struct in6_addr
*saddr
,
478 struct icmp6hdr
*icmp6h
, const struct in6_addr
*target
,
483 skb
= ndisc_build_skb(dev
, daddr
, saddr
, icmp6h
, target
, llinfo
);
487 ndisc_send_skb(skb
, dev
, daddr
, saddr
, icmp6h
);
490 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
491 const struct in6_addr
*daddr
,
492 const struct in6_addr
*solicited_addr
,
493 bool router
, bool solicited
, bool override
, bool inc_opt
)
495 struct in6_addr tmpaddr
;
496 struct inet6_ifaddr
*ifp
;
497 const struct in6_addr
*src_addr
;
498 struct icmp6hdr icmp6h
= {
499 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
502 /* for anycast or proxy, solicited_addr != src_addr */
503 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
505 src_addr
= solicited_addr
;
506 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
508 inc_opt
|= ifp
->idev
->cnf
.force_tllao
;
511 if (ipv6_dev_get_saddr(dev_net(dev
), dev
, daddr
,
512 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
518 icmp6h
.icmp6_router
= router
;
519 icmp6h
.icmp6_solicited
= solicited
;
520 icmp6h
.icmp6_override
= override
;
522 __ndisc_send(dev
, daddr
, src_addr
, &icmp6h
, solicited_addr
,
523 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
526 static void ndisc_send_unsol_na(struct net_device
*dev
)
528 struct inet6_dev
*idev
;
529 struct inet6_ifaddr
*ifa
;
531 idev
= in6_dev_get(dev
);
535 read_lock_bh(&idev
->lock
);
536 list_for_each_entry(ifa
, &idev
->addr_list
, if_list
) {
537 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &ifa
->addr
,
538 /*router=*/ !!idev
->cnf
.forwarding
,
539 /*solicited=*/ false, /*override=*/ true,
542 read_unlock_bh(&idev
->lock
);
547 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
548 const struct in6_addr
*solicit
,
549 const struct in6_addr
*daddr
, const struct in6_addr
*saddr
)
551 struct in6_addr addr_buf
;
552 struct icmp6hdr icmp6h
= {
553 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
557 if (ipv6_get_lladdr(dev
, &addr_buf
,
558 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
563 __ndisc_send(dev
, daddr
, saddr
, &icmp6h
, solicit
,
564 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
567 void ndisc_send_rs(struct net_device
*dev
, const struct in6_addr
*saddr
,
568 const struct in6_addr
*daddr
)
570 struct icmp6hdr icmp6h
= {
571 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
573 int send_sllao
= dev
->addr_len
;
575 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
577 * According to section 2.2 of RFC 4429, we must not
578 * send router solicitations with a sllao from
579 * optimistic addresses, but we may send the solicitation
580 * if we don't include the sllao. So here we check
581 * if our address is optimistic, and if so, we
582 * suppress the inclusion of the sllao.
585 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
588 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
597 __ndisc_send(dev
, daddr
, saddr
, &icmp6h
, NULL
,
598 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
602 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
605 * "The sender MUST return an ICMP
606 * destination unreachable"
608 dst_link_failure(skb
);
612 /* Called with locked neigh: either read or both */
614 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
616 struct in6_addr
*saddr
= NULL
;
617 struct in6_addr mcaddr
;
618 struct net_device
*dev
= neigh
->dev
;
619 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
620 int probes
= atomic_read(&neigh
->probes
);
622 if (skb
&& ipv6_chk_addr(dev_net(dev
), &ipv6_hdr(skb
)->saddr
, dev
, 1))
623 saddr
= &ipv6_hdr(skb
)->saddr
;
625 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
626 if (!(neigh
->nud_state
& NUD_VALID
)) {
628 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
631 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
632 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
637 addrconf_addr_solict_mult(target
, &mcaddr
);
638 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
642 static int pndisc_is_router(const void *pkey
,
643 struct net_device
*dev
)
645 struct pneigh_entry
*n
;
648 read_lock_bh(&nd_tbl
.lock
);
649 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
651 ret
= !!(n
->flags
& NTF_ROUTER
);
652 read_unlock_bh(&nd_tbl
.lock
);
657 static void ndisc_recv_ns(struct sk_buff
*skb
)
659 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
660 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
661 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
663 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
664 offsetof(struct nd_msg
, opt
));
665 struct ndisc_options ndopts
;
666 struct net_device
*dev
= skb
->dev
;
667 struct inet6_ifaddr
*ifp
;
668 struct inet6_dev
*idev
= NULL
;
669 struct neighbour
*neigh
;
670 int dad
= ipv6_addr_any(saddr
);
674 if (skb
->len
< sizeof(struct nd_msg
)) {
675 ND_PRINTK(2, warn
, "NS: packet too short\n");
679 if (ipv6_addr_is_multicast(&msg
->target
)) {
680 ND_PRINTK(2, warn
, "NS: multicast target address\n");
686 * DAD has to be destined for solicited node multicast address.
688 if (dad
&& !ipv6_addr_is_solict_mult(daddr
)) {
689 ND_PRINTK(2, warn
, "NS: bad DAD packet (wrong destination)\n");
693 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
694 ND_PRINTK(2, warn
, "NS: invalid ND options\n");
698 if (ndopts
.nd_opts_src_lladdr
) {
699 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
702 "NS: invalid link-layer address length\n");
707 * If the IP source address is the unspecified address,
708 * there MUST NOT be source link-layer address option
713 "NS: bad DAD packet (link-layer address option)\n");
718 inc
= ipv6_addr_is_multicast(daddr
);
720 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
723 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
726 * We are colliding with another node
728 * so fail our DAD process
730 addrconf_dad_failure(ifp
);
734 * This is not a dad solicitation.
735 * If we are an optimistic node,
737 * Otherwise, we should ignore it.
739 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
746 struct net
*net
= dev_net(dev
);
748 idev
= in6_dev_get(dev
);
750 /* XXX: count this drop? */
754 if (ipv6_chk_acast_addr(net
, dev
, &msg
->target
) ||
755 (idev
->cnf
.forwarding
&&
756 (net
->ipv6
.devconf_all
->proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
757 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
758 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
759 skb
->pkt_type
!= PACKET_HOST
&&
761 idev
->nd_parms
->proxy_delay
!= 0) {
763 * for anycast or proxy,
764 * sender should delay its response
765 * by a random time between 0 and
766 * MAX_ANYCAST_DELAY_TIME seconds.
767 * (RFC2461) -- yoshfuji
769 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
771 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
779 is_router
= idev
->cnf
.forwarding
;
782 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &msg
->target
,
783 !!is_router
, false, (ifp
!= NULL
), true);
788 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
790 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
793 * update / create cache entry
794 * for the source address
796 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
797 !inc
|| lladdr
|| !dev
->addr_len
);
799 neigh_update(neigh
, lladdr
, NUD_STALE
,
800 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
801 NEIGH_UPDATE_F_OVERRIDE
);
802 if (neigh
|| !dev
->header_ops
) {
803 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
805 true, (ifp
!= NULL
&& inc
), inc
);
807 neigh_release(neigh
);
817 static void ndisc_recv_na(struct sk_buff
*skb
)
819 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
820 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
821 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
823 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
824 offsetof(struct nd_msg
, opt
));
825 struct ndisc_options ndopts
;
826 struct net_device
*dev
= skb
->dev
;
827 struct inet6_ifaddr
*ifp
;
828 struct neighbour
*neigh
;
830 if (skb
->len
< sizeof(struct nd_msg
)) {
831 ND_PRINTK(2, warn
, "NA: packet too short\n");
835 if (ipv6_addr_is_multicast(&msg
->target
)) {
836 ND_PRINTK(2, warn
, "NA: target address is multicast\n");
840 if (ipv6_addr_is_multicast(daddr
) &&
841 msg
->icmph
.icmp6_solicited
) {
842 ND_PRINTK(2, warn
, "NA: solicited NA is multicasted\n");
846 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
847 ND_PRINTK(2, warn
, "NS: invalid ND option\n");
850 if (ndopts
.nd_opts_tgt_lladdr
) {
851 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
854 "NA: invalid link-layer address length\n");
858 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
860 if (skb
->pkt_type
!= PACKET_LOOPBACK
861 && (ifp
->flags
& IFA_F_TENTATIVE
)) {
862 addrconf_dad_failure(ifp
);
865 /* What should we make now? The advertisement
866 is invalid, but ndisc specs say nothing
867 about it. It could be misconfiguration, or
868 an smart proxy agent tries to help us :-)
870 We should not print the error if NA has been
871 received from loopback - it is just our own
872 unsolicited advertisement.
874 if (skb
->pkt_type
!= PACKET_LOOPBACK
)
876 "NA: someone advertises our address %pI6 on %s!\n",
877 &ifp
->addr
, ifp
->idev
->dev
->name
);
881 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
884 u8 old_flags
= neigh
->flags
;
885 struct net
*net
= dev_net(dev
);
887 if (neigh
->nud_state
& NUD_FAILED
)
891 * Don't update the neighbor cache entry on a proxy NA from
892 * ourselves because either the proxied node is off link or it
893 * has already sent a NA to us.
895 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
896 net
->ipv6
.devconf_all
->forwarding
&& net
->ipv6
.devconf_all
->proxy_ndp
&&
897 pneigh_lookup(&nd_tbl
, net
, &msg
->target
, dev
, 0)) {
898 /* XXX: idev->cnf.proxy_ndp */
902 neigh_update(neigh
, lladdr
,
903 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
904 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
905 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
906 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
907 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
909 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
911 * Change: router to host
914 rt
= rt6_get_dflt_router(saddr
, dev
);
920 neigh_release(neigh
);
924 static void ndisc_recv_rs(struct sk_buff
*skb
)
926 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
927 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
928 struct neighbour
*neigh
;
929 struct inet6_dev
*idev
;
930 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
931 struct ndisc_options ndopts
;
934 if (skb
->len
< sizeof(*rs_msg
))
937 idev
= __in6_dev_get(skb
->dev
);
939 ND_PRINTK(1, err
, "RS: can't find in6 device\n");
943 /* Don't accept RS if we're not in router mode */
944 if (!idev
->cnf
.forwarding
)
948 * Don't update NCE if src = ::;
949 * this implies that the source node has no ip address assigned yet.
951 if (ipv6_addr_any(saddr
))
954 /* Parse ND options */
955 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
956 ND_PRINTK(2, notice
, "NS: invalid ND option, ignored\n");
960 if (ndopts
.nd_opts_src_lladdr
) {
961 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
967 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
969 neigh_update(neigh
, lladdr
, NUD_STALE
,
970 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
971 NEIGH_UPDATE_F_OVERRIDE
|
972 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
973 neigh_release(neigh
);
979 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
981 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
983 struct nlmsghdr
*nlh
;
984 struct nduseroptmsg
*ndmsg
;
985 struct net
*net
= dev_net(ra
->dev
);
987 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
988 + (opt
->nd_opt_len
<< 3));
989 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
991 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
997 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
999 goto nla_put_failure
;
1002 ndmsg
= nlmsg_data(nlh
);
1003 ndmsg
->nduseropt_family
= AF_INET6
;
1004 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1005 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1006 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1007 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1009 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1011 if (nla_put(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1012 &ipv6_hdr(ra
)->saddr
))
1013 goto nla_put_failure
;
1014 nlmsg_end(skb
, nlh
);
1016 rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
, GFP_ATOMIC
);
1023 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1026 static void ndisc_router_discovery(struct sk_buff
*skb
)
1028 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1029 struct neighbour
*neigh
= NULL
;
1030 struct inet6_dev
*in6_dev
;
1031 struct rt6_info
*rt
= NULL
;
1033 struct ndisc_options ndopts
;
1035 unsigned int pref
= 0;
1037 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1039 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1041 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1042 ND_PRINTK(2, warn
, "RA: source address is not link-local\n");
1046 ND_PRINTK(2, warn
, "RA: packet too short\n");
1050 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1051 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1052 ND_PRINTK(2, warn
, "RA: from host or unauthorized router\n");
1058 * set the RA_RECV flag in the interface
1061 in6_dev
= __in6_dev_get(skb
->dev
);
1062 if (in6_dev
== NULL
) {
1063 ND_PRINTK(0, err
, "RA: can't find inet6 device for %s\n",
1068 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1069 ND_PRINTK(2, warn
, "RA: invalid ND options\n");
1073 if (!ipv6_accept_ra(in6_dev
))
1074 goto skip_linkparms
;
1076 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1077 /* skip link-specific parameters from interior routers */
1078 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1079 goto skip_linkparms
;
1082 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1084 * flag that an RA was received after an RS was sent
1085 * out on this interface.
1087 in6_dev
->if_flags
|= IF_RA_RCVD
;
1091 * Remember the managed/otherconf flags from most recently
1092 * received RA message (RFC 2462) -- yoshfuji
1094 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1096 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1097 IF_RA_MANAGED
: 0) |
1098 (ra_msg
->icmph
.icmp6_addrconf_other
?
1099 IF_RA_OTHERCONF
: 0);
1101 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1104 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1107 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1109 #ifdef CONFIG_IPV6_ROUTER_PREF
1110 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1111 /* 10b is handled as if it were 00b (medium) */
1112 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1113 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1114 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1117 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1120 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1123 "RA: %s got default router without neighbour\n",
1129 if (rt
&& lifetime
== 0) {
1134 if (rt
== NULL
&& lifetime
) {
1135 ND_PRINTK(3, dbg
, "RA: adding default router\n");
1137 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1140 "RA: %s failed to add default route\n",
1145 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1146 if (neigh
== NULL
) {
1148 "RA: %s got default router without neighbour\n",
1153 neigh
->flags
|= NTF_ROUTER
;
1155 rt
->rt6i_flags
= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1159 rt6_set_expires(rt
, jiffies
+ (HZ
* lifetime
));
1160 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1161 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1163 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
,
1164 ra_msg
->icmph
.icmp6_hop_limit
);
1170 * Update Reachable Time and Retrans Timer
1173 if (in6_dev
->nd_parms
) {
1174 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1176 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1177 rtime
= (rtime
*HZ
)/1000;
1180 in6_dev
->nd_parms
->retrans_time
= rtime
;
1181 in6_dev
->tstamp
= jiffies
;
1182 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1185 rtime
= ntohl(ra_msg
->reachable_time
);
1186 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1187 rtime
= (rtime
*HZ
)/1000;
1192 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1193 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1194 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1195 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1196 in6_dev
->tstamp
= jiffies
;
1197 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1209 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1213 if (ndopts
.nd_opts_src_lladdr
) {
1214 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1218 "RA: invalid link-layer address length\n");
1222 neigh_update(neigh
, lladdr
, NUD_STALE
,
1223 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1224 NEIGH_UPDATE_F_OVERRIDE
|
1225 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1226 NEIGH_UPDATE_F_ISROUTER
);
1229 if (!ipv6_accept_ra(in6_dev
))
1232 #ifdef CONFIG_IPV6_ROUTE_INFO
1233 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1234 goto skip_routeinfo
;
1236 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1237 struct nd_opt_hdr
*p
;
1238 for (p
= ndopts
.nd_opts_ri
;
1240 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1241 struct route_info
*ri
= (struct route_info
*)p
;
1242 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1243 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1244 ri
->prefix_len
== 0)
1247 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1249 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1250 &ipv6_hdr(skb
)->saddr
);
1257 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1258 /* skip link-specific ndopts from interior routers */
1259 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1263 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1264 struct nd_opt_hdr
*p
;
1265 for (p
= ndopts
.nd_opts_pi
;
1267 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1268 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
,
1269 (p
->nd_opt_len
) << 3,
1270 ndopts
.nd_opts_src_lladdr
!= NULL
);
1274 if (ndopts
.nd_opts_mtu
) {
1278 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1281 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1282 ND_PRINTK(2, warn
, "RA: invalid mtu: %d\n", mtu
);
1283 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1284 in6_dev
->cnf
.mtu6
= mtu
;
1287 dst_metric_set(&rt
->dst
, RTAX_MTU
, mtu
);
1289 rt6_mtu_change(skb
->dev
, mtu
);
1293 if (ndopts
.nd_useropts
) {
1294 struct nd_opt_hdr
*p
;
1295 for (p
= ndopts
.nd_useropts
;
1297 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1298 ndisc_ra_useropt(skb
, p
);
1302 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1303 ND_PRINTK(2, warn
, "RA: invalid RA options\n");
1308 neigh_release(neigh
);
1311 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1314 struct ndisc_options ndopts
;
1315 struct rd_msg
*msg
= (struct rd_msg
*)skb_transport_header(skb
);
1316 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
1317 offsetof(struct rd_msg
, opt
));
1319 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1320 switch (skb
->ndisc_nodetype
) {
1321 case NDISC_NODETYPE_HOST
:
1322 case NDISC_NODETYPE_NODEFAULT
:
1324 "Redirect: from host or unauthorized router\n");
1329 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1331 "Redirect: source address is not link-local\n");
1335 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
))
1338 if (!ndopts
.nd_opts_rh
)
1341 hdr
= (u8
*)ndopts
.nd_opts_rh
;
1343 if (!pskb_pull(skb
, hdr
- skb_transport_header(skb
)))
1346 icmpv6_notify(skb
, NDISC_REDIRECT
, 0, 0);
1349 void ndisc_send_redirect(struct sk_buff
*skb
, const struct in6_addr
*target
)
1351 struct net_device
*dev
= skb
->dev
;
1352 struct net
*net
= dev_net(dev
);
1353 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1354 int len
= sizeof(struct rd_msg
);
1355 struct inet_peer
*peer
;
1356 struct sk_buff
*buff
;
1358 struct in6_addr saddr_buf
;
1359 struct rt6_info
*rt
;
1360 struct dst_entry
*dst
;
1361 struct inet6_dev
*idev
;
1367 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1370 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1371 ND_PRINTK(2, warn
, "Redirect: no link-local address on %s\n",
1376 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1377 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1379 "Redirect: target address is not link-local unicast\n");
1383 icmpv6_flow_init(sk
, &fl6
, NDISC_REDIRECT
,
1384 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1386 dst
= ip6_route_output(net
, NULL
, &fl6
);
1391 dst
= xfrm_lookup(net
, dst
, flowi6_to_flowi(&fl6
), NULL
, 0);
1395 rt
= (struct rt6_info
*) dst
;
1397 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1399 "Redirect: destination is not a neighbour\n");
1402 peer
= inet_getpeer_v6(net
->ipv6
.peers
, &rt
->rt6i_dst
.addr
, 1);
1403 ret
= inet_peer_xrlim_allow(peer
, 1*HZ
);
1409 if (dev
->addr_len
) {
1410 struct neighbour
*neigh
= dst_neigh_lookup(skb_dst(skb
), target
);
1413 "Redirect: no neigh for target address\n");
1417 read_lock_bh(&neigh
->lock
);
1418 if (neigh
->nud_state
& NUD_VALID
) {
1419 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1420 read_unlock_bh(&neigh
->lock
);
1422 len
+= ndisc_opt_addr_space(dev
);
1424 read_unlock_bh(&neigh
->lock
);
1426 neigh_release(neigh
);
1429 rd_len
= min_t(unsigned int,
1430 IPV6_MIN_MTU
-sizeof(struct ipv6hdr
)-len
, skb
->len
+ 8);
1434 hlen
= LL_RESERVED_SPACE(dev
);
1435 tlen
= dev
->needed_tailroom
;
1436 buff
= sock_alloc_send_skb(sk
,
1437 (sizeof(struct ipv6hdr
) +
1442 "Redirect: %s failed to allocate an skb, err=%d\n",
1447 skb_reserve(buff
, hlen
);
1448 ip6_nd_hdr(sk
, buff
, dev
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1449 IPPROTO_ICMPV6
, len
);
1451 skb_set_transport_header(buff
, skb_tail_pointer(buff
) - buff
->data
);
1453 msg
= (struct rd_msg
*)icmp6_hdr(buff
);
1455 memset(&msg
->icmph
, 0, sizeof(struct icmp6hdr
));
1456 msg
->icmph
.icmp6_type
= NDISC_REDIRECT
;
1459 * copy target and destination addresses
1462 msg
->target
= *target
;
1463 msg
->dest
= ipv6_hdr(skb
)->daddr
;
1468 * include target_address option
1472 opt
= ndisc_fill_addr_option(opt
, ND_OPT_TARGET_LL_ADDR
, ha
, dev
);
1475 * build redirect option and copy skb over to the new packet.
1479 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1480 *(opt
++) = (rd_len
>> 3);
1483 memcpy(opt
, ipv6_hdr(skb
), rd_len
- 8);
1485 msg
->icmph
.icmp6_cksum
= csum_ipv6_magic(&saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1486 len
, IPPROTO_ICMPV6
,
1487 csum_partial(msg
, len
, 0));
1489 skb_dst_set(buff
, dst
);
1491 idev
= __in6_dev_get(dst
->dev
);
1492 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
1493 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, buff
, NULL
, dst
->dev
,
1496 ICMP6MSGOUT_INC_STATS(net
, idev
, NDISC_REDIRECT
);
1497 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
1507 static void pndisc_redo(struct sk_buff
*skb
)
1513 int ndisc_rcv(struct sk_buff
*skb
)
1517 if (!pskb_may_pull(skb
, skb
->len
))
1520 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1522 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1524 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1525 ND_PRINTK(2, warn
, "NDISC: invalid hop-limit: %d\n",
1526 ipv6_hdr(skb
)->hop_limit
);
1530 if (msg
->icmph
.icmp6_code
!= 0) {
1531 ND_PRINTK(2, warn
, "NDISC: invalid ICMPv6 code: %d\n",
1532 msg
->icmph
.icmp6_code
);
1536 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1538 switch (msg
->icmph
.icmp6_type
) {
1539 case NDISC_NEIGHBOUR_SOLICITATION
:
1543 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1547 case NDISC_ROUTER_SOLICITATION
:
1551 case NDISC_ROUTER_ADVERTISEMENT
:
1552 ndisc_router_discovery(skb
);
1555 case NDISC_REDIRECT
:
1556 ndisc_redirect_rcv(skb
);
1563 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1565 struct net_device
*dev
= ptr
;
1566 struct net
*net
= dev_net(dev
);
1567 struct inet6_dev
*idev
;
1570 case NETDEV_CHANGEADDR
:
1571 neigh_changeaddr(&nd_tbl
, dev
);
1572 fib6_run_gc(~0UL, net
);
1573 idev
= in6_dev_get(dev
);
1576 if (idev
->cnf
.ndisc_notify
)
1577 ndisc_send_unsol_na(dev
);
1581 neigh_ifdown(&nd_tbl
, dev
);
1582 fib6_run_gc(~0UL, net
);
1584 case NETDEV_NOTIFY_PEERS
:
1585 ndisc_send_unsol_na(dev
);
1594 static struct notifier_block ndisc_netdev_notifier
= {
1595 .notifier_call
= ndisc_netdev_event
,
1598 #ifdef CONFIG_SYSCTL
1599 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1600 const char *func
, const char *dev_name
)
1602 static char warncomm
[TASK_COMM_LEN
];
1604 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1605 strcpy(warncomm
, current
->comm
);
1606 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1608 dev_name
, ctl
->procname
,
1609 dev_name
, ctl
->procname
);
1614 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1616 struct net_device
*dev
= ctl
->extra1
;
1617 struct inet6_dev
*idev
;
1620 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1621 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1622 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1624 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1625 ret
= proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
1627 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1628 ret
= proc_dointvec_jiffies(ctl
, write
,
1629 buffer
, lenp
, ppos
);
1631 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1632 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1633 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1634 buffer
, lenp
, ppos
);
1638 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1639 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1640 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1641 idev
->tstamp
= jiffies
;
1642 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1651 static int __net_init
ndisc_net_init(struct net
*net
)
1653 struct ipv6_pinfo
*np
;
1657 err
= inet_ctl_sock_create(&sk
, PF_INET6
,
1658 SOCK_RAW
, IPPROTO_ICMPV6
, net
);
1661 "NDISC: Failed to initialize the control socket (err %d)\n",
1666 net
->ipv6
.ndisc_sk
= sk
;
1669 np
->hop_limit
= 255;
1670 /* Do not loopback ndisc messages */
1676 static void __net_exit
ndisc_net_exit(struct net
*net
)
1678 inet_ctl_sock_destroy(net
->ipv6
.ndisc_sk
);
1681 static struct pernet_operations ndisc_net_ops
= {
1682 .init
= ndisc_net_init
,
1683 .exit
= ndisc_net_exit
,
1686 int __init
ndisc_init(void)
1690 err
= register_pernet_subsys(&ndisc_net_ops
);
1694 * Initialize the neighbour table
1696 neigh_table_init(&nd_tbl
);
1698 #ifdef CONFIG_SYSCTL
1699 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
, "ipv6",
1700 &ndisc_ifinfo_sysctl_change
);
1702 goto out_unregister_pernet
;
1704 err
= register_netdevice_notifier(&ndisc_netdev_notifier
);
1706 goto out_unregister_sysctl
;
1710 out_unregister_sysctl
:
1711 #ifdef CONFIG_SYSCTL
1712 neigh_sysctl_unregister(&nd_tbl
.parms
);
1713 out_unregister_pernet
:
1715 unregister_pernet_subsys(&ndisc_net_ops
);
1719 void ndisc_cleanup(void)
1721 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1722 #ifdef CONFIG_SYSCTL
1723 neigh_sysctl_unregister(&nd_tbl
.parms
);
1725 neigh_table_clear(&nd_tbl
);
1726 unregister_pernet_subsys(&ndisc_net_ops
);