projects / deliverable / linux.git / blob
? search:


7968bfec6138eface0f13427e1fc8b5897998c9a
[deliverable/linux.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
21 * of an RA.
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
27 */
28
29 /* Set to 3 to get tracing... */
30 #define ND_DEBUG 1
31
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
38 #if ND_DEBUG >= 1
39 #undef ND_PRINTK1
40 #define ND_PRINTK1 ND_PRINTK
41 #endif
42 #if ND_DEBUG >= 2
43 #undef ND_PRINTK2
44 #define ND_PRINTK2 ND_PRINTK
45 #endif
46 #if ND_DEBUG >= 3
47 #undef ND_PRINTK3
48 #define ND_PRINTK3 ND_PRINTK
49 #endif
50
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #include <linux/slab.h>
63 #ifdef CONFIG_SYSCTL
64 #include <linux/sysctl.h>
65 #endif
66
67 #include <linux/if_addr.h>
68 #include <linux/if_arp.h>
69 #include <linux/ipv6.h>
70 #include <linux/icmpv6.h>
71 #include <linux/jhash.h>
72
73 #include <net/sock.h>
74 #include <net/snmp.h>
75
76 #include <net/ipv6.h>
77 #include <net/protocol.h>
78 #include <net/ndisc.h>
79 #include <net/ip6_route.h>
80 #include <net/addrconf.h>
81 #include <net/icmp.h>
82
83 #include <net/netlink.h>
84 #include <linux/rtnetlink.h>
85
86 #include <net/flow.h>
87 #include <net/ip6_checksum.h>
88 #include <net/inet_common.h>
89 #include <linux/proc_fs.h>
90
91 #include <linux/netfilter.h>
92 #include <linux/netfilter_ipv6.h>
93
94 static u32 ndisc_hash(const void *pkey,
95 const struct net_device *dev,
96 __u32 rnd);
97 static int ndisc_constructor(struct neighbour *neigh);
98 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
99 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
100 static int pndisc_constructor(struct pneigh_entry *n);
101 static void pndisc_destructor(struct pneigh_entry *n);
102 static void pndisc_redo(struct sk_buff *skb);
103
104 static const struct neigh_ops ndisc_generic_ops = {
105 .family = AF_INET6,
106 .solicit = ndisc_solicit,
107 .error_report = ndisc_error_report,
108 .output = neigh_resolve_output,
109 .connected_output = neigh_connected_output,
110 };
111
112 static const struct neigh_ops ndisc_hh_ops = {
113 .family = AF_INET6,
114 .solicit = ndisc_solicit,
115 .error_report = ndisc_error_report,
116 .output = neigh_resolve_output,
117 .connected_output = neigh_resolve_output,
118 };
119
120
121 static const struct neigh_ops ndisc_direct_ops = {
122 .family = AF_INET6,
123 .output = neigh_direct_output,
124 .connected_output = neigh_direct_output,
125 };
126
127 struct neigh_table nd_tbl = {
128 .family = AF_INET6,
129 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
130 .key_len = sizeof(struct in6_addr),
131 .hash = ndisc_hash,
132 .constructor = ndisc_constructor,
133 .pconstructor = pndisc_constructor,
134 .pdestructor = pndisc_destructor,
135 .proxy_redo = pndisc_redo,
136 .id = "ndisc_cache",
137 .parms = {
138 .tbl = &nd_tbl,
139 .base_reachable_time = ND_REACHABLE_TIME,
140 .retrans_time = ND_RETRANS_TIMER,
141 .gc_staletime = 60 * HZ,
142 .reachable_time = ND_REACHABLE_TIME,
143 .delay_probe_time = 5 * HZ,
144 .queue_len = 3,
145 .ucast_probes = 3,
146 .mcast_probes = 3,
147 .anycast_delay = 1 * HZ,
148 .proxy_delay = (8 * HZ) / 10,
149 .proxy_qlen = 64,
150 },
151 .gc_interval = 30 * HZ,
152 .gc_thresh1 = 128,
153 .gc_thresh2 = 512,
154 .gc_thresh3 = 1024,
155 };
156
157 /* ND options */
158 struct ndisc_options {
159 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
160 #ifdef CONFIG_IPV6_ROUTE_INFO
161 struct nd_opt_hdr *nd_opts_ri;
162 struct nd_opt_hdr *nd_opts_ri_end;
163 #endif
164 struct nd_opt_hdr *nd_useropts;
165 struct nd_opt_hdr *nd_useropts_end;
166 };
167
168 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
169 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
170 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
171 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
172 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
173 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
174
175 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
176
177 /*
178 * Return the padding between the option length and the start of the
179 * link addr. Currently only IP-over-InfiniBand needs this, although
180 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
181 * also need a pad of 2.
182 */
183 static int ndisc_addr_option_pad(unsigned short type)
184 {
185 switch (type) {
186 case ARPHRD_INFINIBAND: return 2;
187 default: return 0;
188 }
189 }
190
191 static inline int ndisc_opt_addr_space(struct net_device *dev)
192 {
193 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
194 }
195
196 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
197 unsigned short addr_type)
198 {
199 int space = NDISC_OPT_SPACE(data_len);
200 int pad = ndisc_addr_option_pad(addr_type);
201
202 opt[0] = type;
203 opt[1] = space>>3;
204
205 memset(opt + 2, 0, pad);
206 opt += pad;
207 space -= pad;
208
209 memcpy(opt+2, data, data_len);
210 data_len += 2;
211 opt += data_len;
212 if ((space -= data_len) > 0)
213 memset(opt, 0, space);
214 return opt + space;
215 }
216
217 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
218 struct nd_opt_hdr *end)
219 {
220 int type;
221 if (!cur || !end || cur >= end)
222 return NULL;
223 type = cur->nd_opt_type;
224 do {
225 cur = ((void *)cur) + (cur->nd_opt_len << 3);
226 } while(cur < end && cur->nd_opt_type != type);
227 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
228 }
229
230 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
231 {
232 return opt->nd_opt_type == ND_OPT_RDNSS;
233 }
234
235 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
236 struct nd_opt_hdr *end)
237 {
238 if (!cur || !end || cur >= end)
239 return NULL;
240 do {
241 cur = ((void *)cur) + (cur->nd_opt_len << 3);
242 } while(cur < end && !ndisc_is_useropt(cur));
243 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
244 }
245
246 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
247 struct ndisc_options *ndopts)
248 {
249 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
250
251 if (!nd_opt || opt_len < 0 || !ndopts)
252 return NULL;
253 memset(ndopts, 0, sizeof(*ndopts));
254 while (opt_len) {
255 int l;
256 if (opt_len < sizeof(struct nd_opt_hdr))
257 return NULL;
258 l = nd_opt->nd_opt_len << 3;
259 if (opt_len < l || l == 0)
260 return NULL;
261 switch (nd_opt->nd_opt_type) {
262 case ND_OPT_SOURCE_LL_ADDR:
263 case ND_OPT_TARGET_LL_ADDR:
264 case ND_OPT_MTU:
265 case ND_OPT_REDIRECT_HDR:
266 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
267 ND_PRINTK2(KERN_WARNING
268 "%s(): duplicated ND6 option found: type=%d\n",
269 __func__,
270 nd_opt->nd_opt_type);
271 } else {
272 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
273 }
274 break;
275 case ND_OPT_PREFIX_INFO:
276 ndopts->nd_opts_pi_end = nd_opt;
277 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
278 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
279 break;
280 #ifdef CONFIG_IPV6_ROUTE_INFO
281 case ND_OPT_ROUTE_INFO:
282 ndopts->nd_opts_ri_end = nd_opt;
283 if (!ndopts->nd_opts_ri)
284 ndopts->nd_opts_ri = nd_opt;
285 break;
286 #endif
287 default:
288 if (ndisc_is_useropt(nd_opt)) {
289 ndopts->nd_useropts_end = nd_opt;
290 if (!ndopts->nd_useropts)
291 ndopts->nd_useropts = nd_opt;
292 } else {
293 /*
294 * Unknown options must be silently ignored,
295 * to accommodate future extension to the
296 * protocol.
297 */
298 ND_PRINTK2(KERN_NOTICE
299 "%s(): ignored unsupported option; type=%d, len=%d\n",
300 __func__,
301 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
302 }
303 }
304 opt_len -= l;
305 nd_opt = ((void *)nd_opt) + l;
306 }
307 return ndopts;
308 }
309
310 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
311 struct net_device *dev)
312 {
313 u8 *lladdr = (u8 *)(p + 1);
314 int lladdrlen = p->nd_opt_len << 3;
315 int prepad = ndisc_addr_option_pad(dev->type);
316 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
317 return NULL;
318 return lladdr + prepad;
319 }
320
321 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
322 {
323 switch (dev->type) {
324 case ARPHRD_ETHER:
325 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
326 case ARPHRD_FDDI:
327 ipv6_eth_mc_map(addr, buf);
328 return 0;
329 case ARPHRD_IEEE802_TR:
330 ipv6_tr_mc_map(addr,buf);
331 return 0;
332 case ARPHRD_ARCNET:
333 ipv6_arcnet_mc_map(addr, buf);
334 return 0;
335 case ARPHRD_INFINIBAND:
336 ipv6_ib_mc_map(addr, dev->broadcast, buf);
337 return 0;
338 case ARPHRD_IPGRE:
339 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
340 default:
341 if (dir) {
342 memcpy(buf, dev->broadcast, dev->addr_len);
343 return 0;
344 }
345 }
346 return -EINVAL;
347 }
348
349 EXPORT_SYMBOL(ndisc_mc_map);
350
351 static u32 ndisc_hash(const void *pkey,
352 const struct net_device *dev,
353 __u32 hash_rnd)
354 {
355 const u32 *p32 = pkey;
356 u32 addr_hash, i;
357
358 addr_hash = 0;
359 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
360 addr_hash ^= *p32++;
361
362 return jhash_2words(addr_hash, dev->ifindex, hash_rnd);
363 }
364
365 static int ndisc_constructor(struct neighbour *neigh)
366 {
367 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
368 struct net_device *dev = neigh->dev;
369 struct inet6_dev *in6_dev;
370 struct neigh_parms *parms;
371 int is_multicast = ipv6_addr_is_multicast(addr);
372
373 in6_dev = in6_dev_get(dev);
374 if (in6_dev == NULL) {
375 return -EINVAL;
376 }
377
378 parms = in6_dev->nd_parms;
379 __neigh_parms_put(neigh->parms);
380 neigh->parms = neigh_parms_clone(parms);
381
382 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
383 if (!dev->header_ops) {
384 neigh->nud_state = NUD_NOARP;
385 neigh->ops = &ndisc_direct_ops;
386 neigh->output = neigh_direct_output;
387 } else {
388 if (is_multicast) {
389 neigh->nud_state = NUD_NOARP;
390 ndisc_mc_map(addr, neigh->ha, dev, 1);
391 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
392 neigh->nud_state = NUD_NOARP;
393 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
394 if (dev->flags&IFF_LOOPBACK)
395 neigh->type = RTN_LOCAL;
396 } else if (dev->flags&IFF_POINTOPOINT) {
397 neigh->nud_state = NUD_NOARP;
398 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
399 }
400 if (dev->header_ops->cache)
401 neigh->ops = &ndisc_hh_ops;
402 else
403 neigh->ops = &ndisc_generic_ops;
404 if (neigh->nud_state&NUD_VALID)
405 neigh->output = neigh->ops->connected_output;
406 else
407 neigh->output = neigh->ops->output;
408 }
409 in6_dev_put(in6_dev);
410 return 0;
411 }
412
413 static int pndisc_constructor(struct pneigh_entry *n)
414 {
415 struct in6_addr *addr = (struct in6_addr*)&n->key;
416 struct in6_addr maddr;
417 struct net_device *dev = n->dev;
418
419 if (dev == NULL || __in6_dev_get(dev) == NULL)
420 return -EINVAL;
421 addrconf_addr_solict_mult(addr, &maddr);
422 ipv6_dev_mc_inc(dev, &maddr);
423 return 0;
424 }
425
426 static void pndisc_destructor(struct pneigh_entry *n)
427 {
428 struct in6_addr *addr = (struct in6_addr*)&n->key;
429 struct in6_addr maddr;
430 struct net_device *dev = n->dev;
431
432 if (dev == NULL || __in6_dev_get(dev) == NULL)
433 return;
434 addrconf_addr_solict_mult(addr, &maddr);
435 ipv6_dev_mc_dec(dev, &maddr);
436 }
437
438 struct sk_buff *ndisc_build_skb(struct net_device *dev,
439 const struct in6_addr *daddr,
440 const struct in6_addr *saddr,
441 struct icmp6hdr *icmp6h,
442 const struct in6_addr *target,
443 int llinfo)
444 {
445 struct net *net = dev_net(dev);
446 struct sock *sk = net->ipv6.ndisc_sk;
447 struct sk_buff *skb;
448 struct icmp6hdr *hdr;
449 int len;
450 int err;
451 u8 *opt;
452
453 if (!dev->addr_len)
454 llinfo = 0;
455
456 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
457 if (llinfo)
458 len += ndisc_opt_addr_space(dev);
459
460 skb = sock_alloc_send_skb(sk,
461 (MAX_HEADER + sizeof(struct ipv6hdr) +
462 len + LL_ALLOCATED_SPACE(dev)),
463 1, &err);
464 if (!skb) {
465 ND_PRINTK0(KERN_ERR
466 "ICMPv6 ND: %s() failed to allocate an skb, err=%d.\n",
467 __func__, err);
468 return NULL;
469 }
470
471 skb_reserve(skb, LL_RESERVED_SPACE(dev));
472 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
473
474 skb->transport_header = skb->tail;
475 skb_put(skb, len);
476
477 hdr = (struct icmp6hdr *)skb_transport_header(skb);
478 memcpy(hdr, icmp6h, sizeof(*hdr));
479
480 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
481 if (target) {
482 ipv6_addr_copy((struct in6_addr *)opt, target);
483 opt += sizeof(*target);
484 }
485
486 if (llinfo)
487 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
488 dev->addr_len, dev->type);
489
490 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
491 IPPROTO_ICMPV6,
492 csum_partial(hdr,
493 len, 0));
494
495 return skb;
496 }
497
498 EXPORT_SYMBOL(ndisc_build_skb);
499
500 void ndisc_send_skb(struct sk_buff *skb,
501 struct net_device *dev,
502 struct neighbour *neigh,
503 const struct in6_addr *daddr,
504 const struct in6_addr *saddr,
505 struct icmp6hdr *icmp6h)
506 {
507 struct flowi6 fl6;
508 struct dst_entry *dst;
509 struct net *net = dev_net(dev);
510 struct sock *sk = net->ipv6.ndisc_sk;
511 struct inet6_dev *idev;
512 int err;
513 u8 type;
514
515 type = icmp6h->icmp6_type;
516
517 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
518
519 dst = icmp6_dst_alloc(dev, neigh, daddr);
520 if (!dst) {
521 kfree_skb(skb);
522 return;
523 }
524
525 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
526 if (IS_ERR(dst)) {
527 kfree_skb(skb);
528 return;
529 }
530
531 skb_dst_set(skb, dst);
532
533 rcu_read_lock();
534 idev = __in6_dev_get(dst->dev);
535 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
536
537 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
538 dst_output);
539 if (!err) {
540 ICMP6MSGOUT_INC_STATS(net, idev, type);
541 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
542 }
543
544 rcu_read_unlock();
545 }
546
547 EXPORT_SYMBOL(ndisc_send_skb);
548
549 /*
550 * Send a Neighbour Discover packet
551 */
552 static void __ndisc_send(struct net_device *dev,
553 struct neighbour *neigh,
554 const struct in6_addr *daddr,
555 const struct in6_addr *saddr,
556 struct icmp6hdr *icmp6h, const struct in6_addr *target,
557 int llinfo)
558 {
559 struct sk_buff *skb;
560
561 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
562 if (!skb)
563 return;
564
565 ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
566 }
567
568 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
569 const struct in6_addr *daddr,
570 const struct in6_addr *solicited_addr,
571 int router, int solicited, int override, int inc_opt)
572 {
573 struct in6_addr tmpaddr;
574 struct inet6_ifaddr *ifp;
575 const struct in6_addr *src_addr;
576 struct icmp6hdr icmp6h = {
577 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
578 };
579
580 /* for anycast or proxy, solicited_addr != src_addr */
581 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
582 if (ifp) {
583 src_addr = solicited_addr;
584 if (ifp->flags & IFA_F_OPTIMISTIC)
585 override = 0;
586 inc_opt |= ifp->idev->cnf.force_tllao;
587 in6_ifa_put(ifp);
588 } else {
589 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
590 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
591 &tmpaddr))
592 return;
593 src_addr = &tmpaddr;
594 }
595
596 icmp6h.icmp6_router = router;
597 icmp6h.icmp6_solicited = solicited;
598 icmp6h.icmp6_override = override;
599
600 __ndisc_send(dev, neigh, daddr, src_addr,
601 &icmp6h, solicited_addr,
602 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
603 }
604
605 static void ndisc_send_unsol_na(struct net_device *dev)
606 {
607 struct inet6_dev *idev;
608 struct inet6_ifaddr *ifa;
609 struct in6_addr mcaddr;
610
611 idev = in6_dev_get(dev);
612 if (!idev)
613 return;
614
615 read_lock_bh(&idev->lock);
616 list_for_each_entry(ifa, &idev->addr_list, if_list) {
617 addrconf_addr_solict_mult(&ifa->addr, &mcaddr);
618 ndisc_send_na(dev, NULL, &mcaddr, &ifa->addr,
619 /*router=*/ !!idev->cnf.forwarding,
620 /*solicited=*/ false, /*override=*/ true,
621 /*inc_opt=*/ true);
622 }
623 read_unlock_bh(&idev->lock);
624
625 in6_dev_put(idev);
626 }
627
628 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
629 const struct in6_addr *solicit,
630 const struct in6_addr *daddr, const struct in6_addr *saddr)
631 {
632 struct in6_addr addr_buf;
633 struct icmp6hdr icmp6h = {
634 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
635 };
636
637 if (saddr == NULL) {
638 if (ipv6_get_lladdr(dev, &addr_buf,
639 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
640 return;
641 saddr = &addr_buf;
642 }
643
644 __ndisc_send(dev, neigh, daddr, saddr,
645 &icmp6h, solicit,
646 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
647 }
648
649 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
650 const struct in6_addr *daddr)
651 {
652 struct icmp6hdr icmp6h = {
653 .icmp6_type = NDISC_ROUTER_SOLICITATION,
654 };
655 int send_sllao = dev->addr_len;
656
657 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
658 /*
659 * According to section 2.2 of RFC 4429, we must not
660 * send router solicitations with a sllao from
661 * optimistic addresses, but we may send the solicitation
662 * if we don't include the sllao. So here we check
663 * if our address is optimistic, and if so, we
664 * suppress the inclusion of the sllao.
665 */
666 if (send_sllao) {
667 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
668 dev, 1);
669 if (ifp) {
670 if (ifp->flags & IFA_F_OPTIMISTIC) {
671 send_sllao = 0;
672 }
673 in6_ifa_put(ifp);
674 } else {
675 send_sllao = 0;
676 }
677 }
678 #endif
679 __ndisc_send(dev, NULL, daddr, saddr,
680 &icmp6h, NULL,
681 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
682 }
683
684
685 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
686 {
687 /*
688 * "The sender MUST return an ICMP
689 * destination unreachable"
690 */
691 dst_link_failure(skb);
692 kfree_skb(skb);
693 }
694
695 /* Called with locked neigh: either read or both */
696
697 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
698 {
699 struct in6_addr *saddr = NULL;
700 struct in6_addr mcaddr;
701 struct net_device *dev = neigh->dev;
702 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
703 int probes = atomic_read(&neigh->probes);
704
705 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
706 saddr = &ipv6_hdr(skb)->saddr;
707
708 if ((probes -= neigh->parms->ucast_probes) < 0) {
709 if (!(neigh->nud_state & NUD_VALID)) {
710 ND_PRINTK1(KERN_DEBUG "%s(): trying to ucast probe in NUD_INVALID: %pI6\n",
711 __func__, target);
712 }
713 ndisc_send_ns(dev, neigh, target, target, saddr);
714 } else if ((probes -= neigh->parms->app_probes) < 0) {
715 #ifdef CONFIG_ARPD
716 neigh_app_ns(neigh);
717 #endif
718 } else {
719 addrconf_addr_solict_mult(target, &mcaddr);
720 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
721 }
722 }
723
724 static int pndisc_is_router(const void *pkey,
725 struct net_device *dev)
726 {
727 struct pneigh_entry *n;
728 int ret = -1;
729
730 read_lock_bh(&nd_tbl.lock);
731 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
732 if (n)
733 ret = !!(n->flags & NTF_ROUTER);
734 read_unlock_bh(&nd_tbl.lock);
735
736 return ret;
737 }
738
739 static void ndisc_recv_ns(struct sk_buff *skb)
740 {
741 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
742 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
743 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
744 u8 *lladdr = NULL;
745 u32 ndoptlen = skb->tail - (skb->transport_header +
746 offsetof(struct nd_msg, opt));
747 struct ndisc_options ndopts;
748 struct net_device *dev = skb->dev;
749 struct inet6_ifaddr *ifp;
750 struct inet6_dev *idev = NULL;
751 struct neighbour *neigh;
752 int dad = ipv6_addr_any(saddr);
753 int inc;
754 int is_router = -1;
755
756 if (ipv6_addr_is_multicast(&msg->target)) {
757 ND_PRINTK2(KERN_WARNING
758 "ICMPv6 NS: multicast target address");
759 return;
760 }
761
762 /*
763 * RFC2461 7.1.1:
764 * DAD has to be destined for solicited node multicast address.
765 */
766 if (dad &&
767 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
768 daddr->s6_addr32[1] == htonl(0x00000000) &&
769 daddr->s6_addr32[2] == htonl(0x00000001) &&
770 daddr->s6_addr [12] == 0xff )) {
771 ND_PRINTK2(KERN_WARNING
772 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
773 return;
774 }
775
776 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
777 ND_PRINTK2(KERN_WARNING
778 "ICMPv6 NS: invalid ND options\n");
779 return;
780 }
781
782 if (ndopts.nd_opts_src_lladdr) {
783 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
784 if (!lladdr) {
785 ND_PRINTK2(KERN_WARNING
786 "ICMPv6 NS: invalid link-layer address length\n");
787 return;
788 }
789
790 /* RFC2461 7.1.1:
791 * If the IP source address is the unspecified address,
792 * there MUST NOT be source link-layer address option
793 * in the message.
794 */
795 if (dad) {
796 ND_PRINTK2(KERN_WARNING
797 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
798 return;
799 }
800 }
801
802 inc = ipv6_addr_is_multicast(daddr);
803
804 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
805 if (ifp) {
806
807 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
808 if (dad) {
809 if (dev->type == ARPHRD_IEEE802_TR) {
810 const unsigned char *sadr;
811 sadr = skb_mac_header(skb);
812 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
813 sadr[9] == dev->dev_addr[1] &&
814 sadr[10] == dev->dev_addr[2] &&
815 sadr[11] == dev->dev_addr[3] &&
816 sadr[12] == dev->dev_addr[4] &&
817 sadr[13] == dev->dev_addr[5]) {
818 /* looped-back to us */
819 goto out;
820 }
821 }
822
823 /*
824 * We are colliding with another node
825 * who is doing DAD
826 * so fail our DAD process
827 */
828 addrconf_dad_failure(ifp);
829 return;
830 } else {
831 /*
832 * This is not a dad solicitation.
833 * If we are an optimistic node,
834 * we should respond.
835 * Otherwise, we should ignore it.
836 */
837 if (!(ifp->flags & IFA_F_OPTIMISTIC))
838 goto out;
839 }
840 }
841
842 idev = ifp->idev;
843 } else {
844 struct net *net = dev_net(dev);
845
846 idev = in6_dev_get(dev);
847 if (!idev) {
848 /* XXX: count this drop? */
849 return;
850 }
851
852 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
853 (idev->cnf.forwarding &&
854 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
855 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
856 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
857 skb->pkt_type != PACKET_HOST &&
858 inc != 0 &&
859 idev->nd_parms->proxy_delay != 0) {
860 /*
861 * for anycast or proxy,
862 * sender should delay its response
863 * by a random time between 0 and
864 * MAX_ANYCAST_DELAY_TIME seconds.
865 * (RFC2461) -- yoshfuji
866 */
867 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
868 if (n)
869 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
870 goto out;
871 }
872 } else
873 goto out;
874 }
875
876 if (is_router < 0)
877 is_router = !!idev->cnf.forwarding;
878
879 if (dad) {
880 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
881 is_router, 0, (ifp != NULL), 1);
882 goto out;
883 }
884
885 if (inc)
886 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
887 else
888 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
889
890 /*
891 * update / create cache entry
892 * for the source address
893 */
894 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
895 !inc || lladdr || !dev->addr_len);
896 if (neigh)
897 neigh_update(neigh, lladdr, NUD_STALE,
898 NEIGH_UPDATE_F_WEAK_OVERRIDE|
899 NEIGH_UPDATE_F_OVERRIDE);
900 if (neigh || !dev->header_ops) {
901 ndisc_send_na(dev, neigh, saddr, &msg->target,
902 is_router,
903 1, (ifp != NULL && inc), inc);
904 if (neigh)
905 neigh_release(neigh);
906 }
907
908 out:
909 if (ifp)
910 in6_ifa_put(ifp);
911 else
912 in6_dev_put(idev);
913 }
914
915 static void ndisc_recv_na(struct sk_buff *skb)
916 {
917 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
918 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
919 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
920 u8 *lladdr = NULL;
921 u32 ndoptlen = skb->tail - (skb->transport_header +
922 offsetof(struct nd_msg, opt));
923 struct ndisc_options ndopts;
924 struct net_device *dev = skb->dev;
925 struct inet6_ifaddr *ifp;
926 struct neighbour *neigh;
927
928 if (skb->len < sizeof(struct nd_msg)) {
929 ND_PRINTK2(KERN_WARNING
930 "ICMPv6 NA: packet too short\n");
931 return;
932 }
933
934 if (ipv6_addr_is_multicast(&msg->target)) {
935 ND_PRINTK2(KERN_WARNING
936 "ICMPv6 NA: target address is multicast.\n");
937 return;
938 }
939
940 if (ipv6_addr_is_multicast(daddr) &&
941 msg->icmph.icmp6_solicited) {
942 ND_PRINTK2(KERN_WARNING
943 "ICMPv6 NA: solicited NA is multicasted.\n");
944 return;
945 }
946
947 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
948 ND_PRINTK2(KERN_WARNING
949 "ICMPv6 NS: invalid ND option\n");
950 return;
951 }
952 if (ndopts.nd_opts_tgt_lladdr) {
953 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
954 if (!lladdr) {
955 ND_PRINTK2(KERN_WARNING
956 "ICMPv6 NA: invalid link-layer address length\n");
957 return;
958 }
959 }
960 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
961 if (ifp) {
962 if (skb->pkt_type != PACKET_LOOPBACK
963 && (ifp->flags & IFA_F_TENTATIVE)) {
964 addrconf_dad_failure(ifp);
965 return;
966 }
967 /* What should we make now? The advertisement
968 is invalid, but ndisc specs say nothing
969 about it. It could be misconfiguration, or
970 an smart proxy agent tries to help us :-)
971
972 We should not print the error if NA has been
973 received from loopback - it is just our own
974 unsolicited advertisement.
975 */
976 if (skb->pkt_type != PACKET_LOOPBACK)
977 ND_PRINTK1(KERN_WARNING
978 "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
979 &ifp->addr, ifp->idev->dev->name);
980 in6_ifa_put(ifp);
981 return;
982 }
983 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
984
985 if (neigh) {
986 u8 old_flags = neigh->flags;
987 struct net *net = dev_net(dev);
988
989 if (neigh->nud_state & NUD_FAILED)
990 goto out;
991
992 /*
993 * Don't update the neighbor cache entry on a proxy NA from
994 * ourselves because either the proxied node is off link or it
995 * has already sent a NA to us.
996 */
997 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
998 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
999 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1000 /* XXX: idev->cnf.prixy_ndp */
1001 goto out;
1002 }
1003
1004 neigh_update(neigh, lladdr,
1005 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1006 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1007 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1008 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1009 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
1010
1011 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1012 /*
1013 * Change: router to host
1014 */
1015 struct rt6_info *rt;
1016 rt = rt6_get_dflt_router(saddr, dev);
1017 if (rt)
1018 ip6_del_rt(rt);
1019 }
1020
1021 out:
1022 neigh_release(neigh);
1023 }
1024 }
1025
1026 static void ndisc_recv_rs(struct sk_buff *skb)
1027 {
1028 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1029 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1030 struct neighbour *neigh;
1031 struct inet6_dev *idev;
1032 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1033 struct ndisc_options ndopts;
1034 u8 *lladdr = NULL;
1035
1036 if (skb->len < sizeof(*rs_msg))
1037 return;
1038
1039 idev = __in6_dev_get(skb->dev);
1040 if (!idev) {
1041 if (net_ratelimit())
1042 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1043 return;
1044 }
1045
1046 /* Don't accept RS if we're not in router mode */
1047 if (!idev->cnf.forwarding)
1048 goto out;
1049
1050 /*
1051 * Don't update NCE if src = ::;
1052 * this implies that the source node has no ip address assigned yet.
1053 */
1054 if (ipv6_addr_any(saddr))
1055 goto out;
1056
1057 /* Parse ND options */
1058 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1059 if (net_ratelimit())
1060 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1061 goto out;
1062 }
1063
1064 if (ndopts.nd_opts_src_lladdr) {
1065 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1066 skb->dev);
1067 if (!lladdr)
1068 goto out;
1069 }
1070
1071 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1072 if (neigh) {
1073 neigh_update(neigh, lladdr, NUD_STALE,
1074 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1075 NEIGH_UPDATE_F_OVERRIDE|
1076 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1077 neigh_release(neigh);
1078 }
1079 out:
1080 return;
1081 }
1082
1083 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1084 {
1085 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1086 struct sk_buff *skb;
1087 struct nlmsghdr *nlh;
1088 struct nduseroptmsg *ndmsg;
1089 struct net *net = dev_net(ra->dev);
1090 int err;
1091 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1092 + (opt->nd_opt_len << 3));
1093 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1094
1095 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1096 if (skb == NULL) {
1097 err = -ENOBUFS;
1098 goto errout;
1099 }
1100
1101 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1102 if (nlh == NULL) {
1103 goto nla_put_failure;
1104 }
1105
1106 ndmsg = nlmsg_data(nlh);
1107 ndmsg->nduseropt_family = AF_INET6;
1108 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1109 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1110 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1111 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1112
1113 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1114
1115 NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1116 &ipv6_hdr(ra)->saddr);
1117 nlmsg_end(skb, nlh);
1118
1119 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1120 return;
1121
1122 nla_put_failure:
1123 nlmsg_free(skb);
1124 err = -EMSGSIZE;
1125 errout:
1126 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1127 }
1128
1129 static inline int accept_ra(struct inet6_dev *in6_dev)
1130 {
1131 /*
1132 * If forwarding is enabled, RA are not accepted unless the special
1133 * hybrid mode (accept_ra=2) is enabled.
1134 */
1135 if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
1136 return 0;
1137
1138 return in6_dev->cnf.accept_ra;
1139 }
1140
1141 static void ndisc_router_discovery(struct sk_buff *skb)
1142 {
1143 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1144 struct neighbour *neigh = NULL;
1145 struct inet6_dev *in6_dev;
1146 struct rt6_info *rt = NULL;
1147 int lifetime;
1148 struct ndisc_options ndopts;
1149 int optlen;
1150 unsigned int pref = 0;
1151
1152 __u8 * opt = (__u8 *)(ra_msg + 1);
1153
1154 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1155
1156 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1157 ND_PRINTK2(KERN_WARNING
1158 "ICMPv6 RA: source address is not link-local.\n");
1159 return;
1160 }
1161 if (optlen < 0) {
1162 ND_PRINTK2(KERN_WARNING
1163 "ICMPv6 RA: packet too short\n");
1164 return;
1165 }
1166
1167 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1168 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1169 ND_PRINTK2(KERN_WARNING
1170 "ICMPv6 RA: from host or unauthorized router\n");
1171 return;
1172 }
1173 #endif
1174
1175 /*
1176 * set the RA_RECV flag in the interface
1177 */
1178
1179 in6_dev = __in6_dev_get(skb->dev);
1180 if (in6_dev == NULL) {
1181 ND_PRINTK0(KERN_ERR
1182 "ICMPv6 RA: can't find inet6 device for %s.\n",
1183 skb->dev->name);
1184 return;
1185 }
1186
1187 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1188 ND_PRINTK2(KERN_WARNING
1189 "ICMP6 RA: invalid ND options\n");
1190 return;
1191 }
1192
1193 if (!accept_ra(in6_dev))
1194 goto skip_linkparms;
1195
1196 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1197 /* skip link-specific parameters from interior routers */
1198 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1199 goto skip_linkparms;
1200 #endif
1201
1202 if (in6_dev->if_flags & IF_RS_SENT) {
1203 /*
1204 * flag that an RA was received after an RS was sent
1205 * out on this interface.
1206 */
1207 in6_dev->if_flags |= IF_RA_RCVD;
1208 }
1209
1210 /*
1211 * Remember the managed/otherconf flags from most recently
1212 * received RA message (RFC 2462) -- yoshfuji
1213 */
1214 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1215 IF_RA_OTHERCONF)) |
1216 (ra_msg->icmph.icmp6_addrconf_managed ?
1217 IF_RA_MANAGED : 0) |
1218 (ra_msg->icmph.icmp6_addrconf_other ?
1219 IF_RA_OTHERCONF : 0);
1220
1221 if (!in6_dev->cnf.accept_ra_defrtr)
1222 goto skip_defrtr;
1223
1224 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1225
1226 #ifdef CONFIG_IPV6_ROUTER_PREF
1227 pref = ra_msg->icmph.icmp6_router_pref;
1228 /* 10b is handled as if it were 00b (medium) */
1229 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1230 !in6_dev->cnf.accept_ra_rtr_pref)
1231 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1232 #endif
1233
1234 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1235
1236 if (rt)
1237 neigh = dst_get_neighbour(&rt->dst);
1238
1239 if (rt && lifetime == 0) {
1240 neigh_clone(neigh);
1241 ip6_del_rt(rt);
1242 rt = NULL;
1243 }
1244
1245 if (rt == NULL && lifetime) {
1246 ND_PRINTK3(KERN_DEBUG
1247 "ICMPv6 RA: adding default router.\n");
1248
1249 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1250 if (rt == NULL) {
1251 ND_PRINTK0(KERN_ERR
1252 "ICMPv6 RA: %s() failed to add default route.\n",
1253 __func__);
1254 return;
1255 }
1256
1257 neigh = dst_get_neighbour(&rt->dst);
1258 if (neigh == NULL) {
1259 ND_PRINTK0(KERN_ERR
1260 "ICMPv6 RA: %s() got default router without neighbour.\n",
1261 __func__);
1262 dst_release(&rt->dst);
1263 return;
1264 }
1265 neigh->flags |= NTF_ROUTER;
1266 } else if (rt) {
1267 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1268 }
1269
1270 if (rt)
1271 rt->rt6i_expires = jiffies + (HZ * lifetime);
1272
1273 if (ra_msg->icmph.icmp6_hop_limit) {
1274 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1275 if (rt)
1276 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1277 ra_msg->icmph.icmp6_hop_limit);
1278 }
1279
1280 skip_defrtr:
1281
1282 /*
1283 * Update Reachable Time and Retrans Timer
1284 */
1285
1286 if (in6_dev->nd_parms) {
1287 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1288
1289 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1290 rtime = (rtime*HZ)/1000;
1291 if (rtime < HZ/10)
1292 rtime = HZ/10;
1293 in6_dev->nd_parms->retrans_time = rtime;
1294 in6_dev->tstamp = jiffies;
1295 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1296 }
1297
1298 rtime = ntohl(ra_msg->reachable_time);
1299 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1300 rtime = (rtime*HZ)/1000;
1301
1302 if (rtime < HZ/10)
1303 rtime = HZ/10;
1304
1305 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1306 in6_dev->nd_parms->base_reachable_time = rtime;
1307 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1308 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1309 in6_dev->tstamp = jiffies;
1310 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1311 }
1312 }
1313 }
1314
1315 skip_linkparms:
1316
1317 /*
1318 * Process options.
1319 */
1320
1321 if (!neigh)
1322 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1323 skb->dev, 1);
1324 if (neigh) {
1325 u8 *lladdr = NULL;
1326 if (ndopts.nd_opts_src_lladdr) {
1327 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1328 skb->dev);
1329 if (!lladdr) {
1330 ND_PRINTK2(KERN_WARNING
1331 "ICMPv6 RA: invalid link-layer address length\n");
1332 goto out;
1333 }
1334 }
1335 neigh_update(neigh, lladdr, NUD_STALE,
1336 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1337 NEIGH_UPDATE_F_OVERRIDE|
1338 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1339 NEIGH_UPDATE_F_ISROUTER);
1340 }
1341
1342 if (!accept_ra(in6_dev))
1343 goto out;
1344
1345 #ifdef CONFIG_IPV6_ROUTE_INFO
1346 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1347 struct nd_opt_hdr *p;
1348 for (p = ndopts.nd_opts_ri;
1349 p;
1350 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1351 struct route_info *ri = (struct route_info *)p;
1352 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1353 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1354 ri->prefix_len == 0)
1355 continue;
1356 #endif
1357 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1358 continue;
1359 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1360 &ipv6_hdr(skb)->saddr);
1361 }
1362 }
1363 #endif
1364
1365 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1366 /* skip link-specific ndopts from interior routers */
1367 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1368 goto out;
1369 #endif
1370
1371 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1372 struct nd_opt_hdr *p;
1373 for (p = ndopts.nd_opts_pi;
1374 p;
1375 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1376 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1377 }
1378 }
1379
1380 if (ndopts.nd_opts_mtu) {
1381 __be32 n;
1382 u32 mtu;
1383
1384 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1385 mtu = ntohl(n);
1386
1387 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1388 ND_PRINTK2(KERN_WARNING
1389 "ICMPv6 RA: invalid mtu: %d\n",
1390 mtu);
1391 } else if (in6_dev->cnf.mtu6 != mtu) {
1392 in6_dev->cnf.mtu6 = mtu;
1393
1394 if (rt)
1395 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1396
1397 rt6_mtu_change(skb->dev, mtu);
1398 }
1399 }
1400
1401 if (ndopts.nd_useropts) {
1402 struct nd_opt_hdr *p;
1403 for (p = ndopts.nd_useropts;
1404 p;
1405 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1406 ndisc_ra_useropt(skb, p);
1407 }
1408 }
1409
1410 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1411 ND_PRINTK2(KERN_WARNING
1412 "ICMPv6 RA: invalid RA options");
1413 }
1414 out:
1415 if (rt)
1416 dst_release(&rt->dst);
1417 else if (neigh)
1418 neigh_release(neigh);
1419 }
1420
1421 static void ndisc_redirect_rcv(struct sk_buff *skb)
1422 {
1423 struct inet6_dev *in6_dev;
1424 struct icmp6hdr *icmph;
1425 const struct in6_addr *dest;
1426 const struct in6_addr *target; /* new first hop to destination */
1427 struct neighbour *neigh;
1428 int on_link = 0;
1429 struct ndisc_options ndopts;
1430 int optlen;
1431 u8 *lladdr = NULL;
1432
1433 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1434 switch (skb->ndisc_nodetype) {
1435 case NDISC_NODETYPE_HOST:
1436 case NDISC_NODETYPE_NODEFAULT:
1437 ND_PRINTK2(KERN_WARNING
1438 "ICMPv6 Redirect: from host or unauthorized router\n");
1439 return;
1440 }
1441 #endif
1442
1443 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1444 ND_PRINTK2(KERN_WARNING
1445 "ICMPv6 Redirect: source address is not link-local.\n");
1446 return;
1447 }
1448
1449 optlen = skb->tail - skb->transport_header;
1450 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1451
1452 if (optlen < 0) {
1453 ND_PRINTK2(KERN_WARNING
1454 "ICMPv6 Redirect: packet too short\n");
1455 return;
1456 }
1457
1458 icmph = icmp6_hdr(skb);
1459 target = (const struct in6_addr *) (icmph + 1);
1460 dest = target + 1;
1461
1462 if (ipv6_addr_is_multicast(dest)) {
1463 ND_PRINTK2(KERN_WARNING
1464 "ICMPv6 Redirect: destination address is multicast.\n");
1465 return;
1466 }
1467
1468 if (ipv6_addr_equal(dest, target)) {
1469 on_link = 1;
1470 } else if (ipv6_addr_type(target) !=
1471 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1472 ND_PRINTK2(KERN_WARNING
1473 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1474 return;
1475 }
1476
1477 in6_dev = __in6_dev_get(skb->dev);
1478 if (!in6_dev)
1479 return;
1480 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
1481 return;
1482
1483 /* RFC2461 8.1:
1484 * The IP source address of the Redirect MUST be the same as the current
1485 * first-hop router for the specified ICMP Destination Address.
1486 */
1487
1488 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1489 ND_PRINTK2(KERN_WARNING
1490 "ICMPv6 Redirect: invalid ND options\n");
1491 return;
1492 }
1493 if (ndopts.nd_opts_tgt_lladdr) {
1494 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1495 skb->dev);
1496 if (!lladdr) {
1497 ND_PRINTK2(KERN_WARNING
1498 "ICMPv6 Redirect: invalid link-layer address length\n");
1499 return;
1500 }
1501 }
1502
1503 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1504 if (neigh) {
1505 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1506 &ipv6_hdr(skb)->saddr, neigh, lladdr,
1507 on_link);
1508 neigh_release(neigh);
1509 }
1510 }
1511
1512 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1513 const struct in6_addr *target)
1514 {
1515 struct net_device *dev = skb->dev;
1516 struct net *net = dev_net(dev);
1517 struct sock *sk = net->ipv6.ndisc_sk;
1518 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1519 struct sk_buff *buff;
1520 struct icmp6hdr *icmph;
1521 struct in6_addr saddr_buf;
1522 struct in6_addr *addrp;
1523 struct rt6_info *rt;
1524 struct dst_entry *dst;
1525 struct inet6_dev *idev;
1526 struct flowi6 fl6;
1527 u8 *opt;
1528 int rd_len;
1529 int err;
1530 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1531
1532 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1533 ND_PRINTK2(KERN_WARNING
1534 "ICMPv6 Redirect: no link-local address on %s\n",
1535 dev->name);
1536 return;
1537 }
1538
1539 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1540 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1541 ND_PRINTK2(KERN_WARNING
1542 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1543 return;
1544 }
1545
1546 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1547 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1548
1549 dst = ip6_route_output(net, NULL, &fl6);
1550 if (dst == NULL)
1551 return;
1552
1553 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1554 if (IS_ERR(dst))
1555 return;
1556
1557 rt = (struct rt6_info *) dst;
1558
1559 if (rt->rt6i_flags & RTF_GATEWAY) {
1560 ND_PRINTK2(KERN_WARNING
1561 "ICMPv6 Redirect: destination is not a neighbour.\n");
1562 goto release;
1563 }
1564 if (!rt->rt6i_peer)
1565 rt6_bind_peer(rt, 1);
1566 if (inet_peer_xrlim_allow(rt->rt6i_peer, 1*HZ))
1567 goto release;
1568
1569 if (dev->addr_len) {
1570 read_lock_bh(&neigh->lock);
1571 if (neigh->nud_state & NUD_VALID) {
1572 memcpy(ha_buf, neigh->ha, dev->addr_len);
1573 read_unlock_bh(&neigh->lock);
1574 ha = ha_buf;
1575 len += ndisc_opt_addr_space(dev);
1576 } else
1577 read_unlock_bh(&neigh->lock);
1578 }
1579
1580 rd_len = min_t(unsigned int,
1581 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1582 rd_len &= ~0x7;
1583 len += rd_len;
1584
1585 buff = sock_alloc_send_skb(sk,
1586 (MAX_HEADER + sizeof(struct ipv6hdr) +
1587 len + LL_ALLOCATED_SPACE(dev)),
1588 1, &err);
1589 if (buff == NULL) {
1590 ND_PRINTK0(KERN_ERR
1591 "ICMPv6 Redirect: %s() failed to allocate an skb, err=%d.\n",
1592 __func__, err);
1593 goto release;
1594 }
1595
1596 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1597 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1598 IPPROTO_ICMPV6, len);
1599
1600 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1601 skb_put(buff, len);
1602 icmph = icmp6_hdr(buff);
1603
1604 memset(icmph, 0, sizeof(struct icmp6hdr));
1605 icmph->icmp6_type = NDISC_REDIRECT;
1606
1607 /*
1608 * copy target and destination addresses
1609 */
1610
1611 addrp = (struct in6_addr *)(icmph + 1);
1612 ipv6_addr_copy(addrp, target);
1613 addrp++;
1614 ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1615
1616 opt = (u8*) (addrp + 1);
1617
1618 /*
1619 * include target_address option
1620 */
1621
1622 if (ha)
1623 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1624 dev->addr_len, dev->type);
1625
1626 /*
1627 * build redirect option and copy skb over to the new packet.
1628 */
1629
1630 memset(opt, 0, 8);
1631 *(opt++) = ND_OPT_REDIRECT_HDR;
1632 *(opt++) = (rd_len >> 3);
1633 opt += 6;
1634
1635 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1636
1637 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1638 len, IPPROTO_ICMPV6,
1639 csum_partial(icmph, len, 0));
1640
1641 skb_dst_set(buff, dst);
1642 rcu_read_lock();
1643 idev = __in6_dev_get(dst->dev);
1644 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1645 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1646 dst_output);
1647 if (!err) {
1648 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1649 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1650 }
1651
1652 rcu_read_unlock();
1653 return;
1654
1655 release:
1656 dst_release(dst);
1657 }
1658
1659 static void pndisc_redo(struct sk_buff *skb)
1660 {
1661 ndisc_recv_ns(skb);
1662 kfree_skb(skb);
1663 }
1664
1665 int ndisc_rcv(struct sk_buff *skb)
1666 {
1667 struct nd_msg *msg;
1668
1669 if (!pskb_may_pull(skb, skb->len))
1670 return 0;
1671
1672 msg = (struct nd_msg *)skb_transport_header(skb);
1673
1674 __skb_push(skb, skb->data - skb_transport_header(skb));
1675
1676 if (ipv6_hdr(skb)->hop_limit != 255) {
1677 ND_PRINTK2(KERN_WARNING
1678 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1679 ipv6_hdr(skb)->hop_limit);
1680 return 0;
1681 }
1682
1683 if (msg->icmph.icmp6_code != 0) {
1684 ND_PRINTK2(KERN_WARNING
1685 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1686 msg->icmph.icmp6_code);
1687 return 0;
1688 }
1689
1690 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1691
1692 switch (msg->icmph.icmp6_type) {
1693 case NDISC_NEIGHBOUR_SOLICITATION:
1694 ndisc_recv_ns(skb);
1695 break;
1696
1697 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1698 ndisc_recv_na(skb);
1699 break;
1700
1701 case NDISC_ROUTER_SOLICITATION:
1702 ndisc_recv_rs(skb);
1703 break;
1704
1705 case NDISC_ROUTER_ADVERTISEMENT:
1706 ndisc_router_discovery(skb);
1707 break;
1708
1709 case NDISC_REDIRECT:
1710 ndisc_redirect_rcv(skb);
1711 break;
1712 }
1713
1714 return 0;
1715 }
1716
1717 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1718 {
1719 struct net_device *dev = ptr;
1720 struct net *net = dev_net(dev);
1721
1722 switch (event) {
1723 case NETDEV_CHANGEADDR:
1724 neigh_changeaddr(&nd_tbl, dev);
1725 fib6_run_gc(~0UL, net);
1726 break;
1727 case NETDEV_DOWN:
1728 neigh_ifdown(&nd_tbl, dev);
1729 fib6_run_gc(~0UL, net);
1730 break;
1731 case NETDEV_NOTIFY_PEERS:
1732 ndisc_send_unsol_na(dev);
1733 break;
1734 default:
1735 break;
1736 }
1737
1738 return NOTIFY_DONE;
1739 }
1740
1741 static struct notifier_block ndisc_netdev_notifier = {
1742 .notifier_call = ndisc_netdev_event,
1743 };
1744
1745 #ifdef CONFIG_SYSCTL
1746 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1747 const char *func, const char *dev_name)
1748 {
1749 static char warncomm[TASK_COMM_LEN];
1750 static int warned;
1751 if (strcmp(warncomm, current->comm) && warned < 5) {
1752 strcpy(warncomm, current->comm);
1753 printk(KERN_WARNING
1754 "process `%s' is using deprecated sysctl (%s) "
1755 "net.ipv6.neigh.%s.%s; "
1756 "Use net.ipv6.neigh.%s.%s_ms "
1757 "instead.\n",
1758 warncomm, func,
1759 dev_name, ctl->procname,
1760 dev_name, ctl->procname);
1761 warned++;
1762 }
1763 }
1764
1765 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1766 {
1767 struct net_device *dev = ctl->extra1;
1768 struct inet6_dev *idev;
1769 int ret;
1770
1771 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1772 (strcmp(ctl->procname, "base_reachable_time") == 0))
1773 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1774
1775 if (strcmp(ctl->procname, "retrans_time") == 0)
1776 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1777
1778 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1779 ret = proc_dointvec_jiffies(ctl, write,
1780 buffer, lenp, ppos);
1781
1782 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1783 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1784 ret = proc_dointvec_ms_jiffies(ctl, write,
1785 buffer, lenp, ppos);
1786 else
1787 ret = -1;
1788
1789 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1790 if (ctl->data == &idev->nd_parms->base_reachable_time)
1791 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1792 idev->tstamp = jiffies;
1793 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1794 in6_dev_put(idev);
1795 }
1796 return ret;
1797 }
1798
1799
1800 #endif
1801
1802 static int __net_init ndisc_net_init(struct net *net)
1803 {
1804 struct ipv6_pinfo *np;
1805 struct sock *sk;
1806 int err;
1807
1808 err = inet_ctl_sock_create(&sk, PF_INET6,
1809 SOCK_RAW, IPPROTO_ICMPV6, net);
1810 if (err < 0) {
1811 ND_PRINTK0(KERN_ERR
1812 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1813 err);
1814 return err;
1815 }
1816
1817 net->ipv6.ndisc_sk = sk;
1818
1819 np = inet6_sk(sk);
1820 np->hop_limit = 255;
1821 /* Do not loopback ndisc messages */
1822 np->mc_loop = 0;
1823
1824 return 0;
1825 }
1826
1827 static void __net_exit ndisc_net_exit(struct net *net)
1828 {
1829 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1830 }
1831
1832 static struct pernet_operations ndisc_net_ops = {
1833 .init = ndisc_net_init,
1834 .exit = ndisc_net_exit,
1835 };
1836
1837 int __init ndisc_init(void)
1838 {
1839 int err;
1840
1841 err = register_pernet_subsys(&ndisc_net_ops);
1842 if (err)
1843 return err;
1844 /*
1845 * Initialize the neighbour table
1846 */
1847 neigh_table_init(&nd_tbl);
1848
1849 #ifdef CONFIG_SYSCTL
1850 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1851 &ndisc_ifinfo_sysctl_change);
1852 if (err)
1853 goto out_unregister_pernet;
1854 #endif
1855 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1856 if (err)
1857 goto out_unregister_sysctl;
1858 out:
1859 return err;
1860
1861 out_unregister_sysctl:
1862 #ifdef CONFIG_SYSCTL
1863 neigh_sysctl_unregister(&nd_tbl.parms);
1864 out_unregister_pernet:
1865 #endif
1866 unregister_pernet_subsys(&ndisc_net_ops);
1867 goto out;
1868 }
1869
1870 void ndisc_cleanup(void)
1871 {
1872 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1873 #ifdef CONFIG_SYSCTL
1874 neigh_sysctl_unregister(&nd_tbl.parms);
1875 #endif
1876 neigh_table_clear(&nd_tbl);
1877 unregister_pernet_subsys(&ndisc_net_ops);
1878 }
Linux kernel - Deliverables
This page took 0.068121 seconds and 4 git commands to generate.