projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ipv6: ignore looped-back NA while dad is running
[deliverable/linux.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
21 * of an RA.
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
27 */
28
29 /* Set to 3 to get tracing... */
30 #define ND_DEBUG 1
31
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
38 #if ND_DEBUG >= 1
39 #undef ND_PRINTK1
40 #define ND_PRINTK1 ND_PRINTK
41 #endif
42 #if ND_DEBUG >= 2
43 #undef ND_PRINTK2
44 #define ND_PRINTK2 ND_PRINTK
45 #endif
46 #if ND_DEBUG >= 3
47 #undef ND_PRINTK3
48 #define ND_PRINTK3 ND_PRINTK
49 #endif
50
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #include <linux/slab.h>
63 #ifdef CONFIG_SYSCTL
64 #include <linux/sysctl.h>
65 #endif
66
67 #include <linux/if_addr.h>
68 #include <linux/if_arp.h>
69 #include <linux/ipv6.h>
70 #include <linux/icmpv6.h>
71 #include <linux/jhash.h>
72
73 #include <net/sock.h>
74 #include <net/snmp.h>
75
76 #include <net/ipv6.h>
77 #include <net/protocol.h>
78 #include <net/ndisc.h>
79 #include <net/ip6_route.h>
80 #include <net/addrconf.h>
81 #include <net/icmp.h>
82
83 #include <net/netlink.h>
84 #include <linux/rtnetlink.h>
85
86 #include <net/flow.h>
87 #include <net/ip6_checksum.h>
88 #include <net/inet_common.h>
89 #include <linux/proc_fs.h>
90
91 #include <linux/netfilter.h>
92 #include <linux/netfilter_ipv6.h>
93
94 static u32 ndisc_hash(const void *pkey,
95 const struct net_device *dev,
96 __u32 rnd);
97 static int ndisc_constructor(struct neighbour *neigh);
98 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
99 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
100 static int pndisc_constructor(struct pneigh_entry *n);
101 static void pndisc_destructor(struct pneigh_entry *n);
102 static void pndisc_redo(struct sk_buff *skb);
103
104 static const struct neigh_ops ndisc_generic_ops = {
105 .family = AF_INET6,
106 .solicit = ndisc_solicit,
107 .error_report = ndisc_error_report,
108 .output = neigh_resolve_output,
109 .connected_output = neigh_connected_output,
110 .hh_output = dev_queue_xmit,
111 .queue_xmit = dev_queue_xmit,
112 };
113
114 static const struct neigh_ops ndisc_hh_ops = {
115 .family = AF_INET6,
116 .solicit = ndisc_solicit,
117 .error_report = ndisc_error_report,
118 .output = neigh_resolve_output,
119 .connected_output = neigh_resolve_output,
120 .hh_output = dev_queue_xmit,
121 .queue_xmit = dev_queue_xmit,
122 };
123
124
125 static const struct neigh_ops ndisc_direct_ops = {
126 .family = AF_INET6,
127 .output = dev_queue_xmit,
128 .connected_output = dev_queue_xmit,
129 .hh_output = dev_queue_xmit,
130 .queue_xmit = dev_queue_xmit,
131 };
132
133 struct neigh_table nd_tbl = {
134 .family = AF_INET6,
135 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
136 .key_len = sizeof(struct in6_addr),
137 .hash = ndisc_hash,
138 .constructor = ndisc_constructor,
139 .pconstructor = pndisc_constructor,
140 .pdestructor = pndisc_destructor,
141 .proxy_redo = pndisc_redo,
142 .id = "ndisc_cache",
143 .parms = {
144 .tbl = &nd_tbl,
145 .base_reachable_time = ND_REACHABLE_TIME,
146 .retrans_time = ND_RETRANS_TIMER,
147 .gc_staletime = 60 * HZ,
148 .reachable_time = ND_REACHABLE_TIME,
149 .delay_probe_time = 5 * HZ,
150 .queue_len = 3,
151 .ucast_probes = 3,
152 .mcast_probes = 3,
153 .anycast_delay = 1 * HZ,
154 .proxy_delay = (8 * HZ) / 10,
155 .proxy_qlen = 64,
156 },
157 .gc_interval = 30 * HZ,
158 .gc_thresh1 = 128,
159 .gc_thresh2 = 512,
160 .gc_thresh3 = 1024,
161 };
162
163 /* ND options */
164 struct ndisc_options {
165 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
166 #ifdef CONFIG_IPV6_ROUTE_INFO
167 struct nd_opt_hdr *nd_opts_ri;
168 struct nd_opt_hdr *nd_opts_ri_end;
169 #endif
170 struct nd_opt_hdr *nd_useropts;
171 struct nd_opt_hdr *nd_useropts_end;
172 };
173
174 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
175 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
176 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
177 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
178 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
179 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
180
181 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
182
183 /*
184 * Return the padding between the option length and the start of the
185 * link addr. Currently only IP-over-InfiniBand needs this, although
186 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
187 * also need a pad of 2.
188 */
189 static int ndisc_addr_option_pad(unsigned short type)
190 {
191 switch (type) {
192 case ARPHRD_INFINIBAND: return 2;
193 default: return 0;
194 }
195 }
196
197 static inline int ndisc_opt_addr_space(struct net_device *dev)
198 {
199 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
200 }
201
202 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
203 unsigned short addr_type)
204 {
205 int space = NDISC_OPT_SPACE(data_len);
206 int pad = ndisc_addr_option_pad(addr_type);
207
208 opt[0] = type;
209 opt[1] = space>>3;
210
211 memset(opt + 2, 0, pad);
212 opt += pad;
213 space -= pad;
214
215 memcpy(opt+2, data, data_len);
216 data_len += 2;
217 opt += data_len;
218 if ((space -= data_len) > 0)
219 memset(opt, 0, space);
220 return opt + space;
221 }
222
223 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
224 struct nd_opt_hdr *end)
225 {
226 int type;
227 if (!cur || !end || cur >= end)
228 return NULL;
229 type = cur->nd_opt_type;
230 do {
231 cur = ((void *)cur) + (cur->nd_opt_len << 3);
232 } while(cur < end && cur->nd_opt_type != type);
233 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
234 }
235
236 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
237 {
238 return opt->nd_opt_type == ND_OPT_RDNSS;
239 }
240
241 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
242 struct nd_opt_hdr *end)
243 {
244 if (!cur || !end || cur >= end)
245 return NULL;
246 do {
247 cur = ((void *)cur) + (cur->nd_opt_len << 3);
248 } while(cur < end && !ndisc_is_useropt(cur));
249 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
250 }
251
252 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
253 struct ndisc_options *ndopts)
254 {
255 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
256
257 if (!nd_opt || opt_len < 0 || !ndopts)
258 return NULL;
259 memset(ndopts, 0, sizeof(*ndopts));
260 while (opt_len) {
261 int l;
262 if (opt_len < sizeof(struct nd_opt_hdr))
263 return NULL;
264 l = nd_opt->nd_opt_len << 3;
265 if (opt_len < l || l == 0)
266 return NULL;
267 switch (nd_opt->nd_opt_type) {
268 case ND_OPT_SOURCE_LL_ADDR:
269 case ND_OPT_TARGET_LL_ADDR:
270 case ND_OPT_MTU:
271 case ND_OPT_REDIRECT_HDR:
272 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
273 ND_PRINTK2(KERN_WARNING
274 "%s(): duplicated ND6 option found: type=%d\n",
275 __func__,
276 nd_opt->nd_opt_type);
277 } else {
278 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
279 }
280 break;
281 case ND_OPT_PREFIX_INFO:
282 ndopts->nd_opts_pi_end = nd_opt;
283 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
284 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
285 break;
286 #ifdef CONFIG_IPV6_ROUTE_INFO
287 case ND_OPT_ROUTE_INFO:
288 ndopts->nd_opts_ri_end = nd_opt;
289 if (!ndopts->nd_opts_ri)
290 ndopts->nd_opts_ri = nd_opt;
291 break;
292 #endif
293 default:
294 if (ndisc_is_useropt(nd_opt)) {
295 ndopts->nd_useropts_end = nd_opt;
296 if (!ndopts->nd_useropts)
297 ndopts->nd_useropts = nd_opt;
298 } else {
299 /*
300 * Unknown options must be silently ignored,
301 * to accommodate future extension to the
302 * protocol.
303 */
304 ND_PRINTK2(KERN_NOTICE
305 "%s(): ignored unsupported option; type=%d, len=%d\n",
306 __func__,
307 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
308 }
309 }
310 opt_len -= l;
311 nd_opt = ((void *)nd_opt) + l;
312 }
313 return ndopts;
314 }
315
316 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
317 struct net_device *dev)
318 {
319 u8 *lladdr = (u8 *)(p + 1);
320 int lladdrlen = p->nd_opt_len << 3;
321 int prepad = ndisc_addr_option_pad(dev->type);
322 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
323 return NULL;
324 return lladdr + prepad;
325 }
326
327 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
328 {
329 switch (dev->type) {
330 case ARPHRD_ETHER:
331 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
332 case ARPHRD_FDDI:
333 ipv6_eth_mc_map(addr, buf);
334 return 0;
335 case ARPHRD_IEEE802_TR:
336 ipv6_tr_mc_map(addr,buf);
337 return 0;
338 case ARPHRD_ARCNET:
339 ipv6_arcnet_mc_map(addr, buf);
340 return 0;
341 case ARPHRD_INFINIBAND:
342 ipv6_ib_mc_map(addr, dev->broadcast, buf);
343 return 0;
344 case ARPHRD_IPGRE:
345 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
346 default:
347 if (dir) {
348 memcpy(buf, dev->broadcast, dev->addr_len);
349 return 0;
350 }
351 }
352 return -EINVAL;
353 }
354
355 EXPORT_SYMBOL(ndisc_mc_map);
356
357 static u32 ndisc_hash(const void *pkey,
358 const struct net_device *dev,
359 __u32 hash_rnd)
360 {
361 const u32 *p32 = pkey;
362 u32 addr_hash, i;
363
364 addr_hash = 0;
365 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
366 addr_hash ^= *p32++;
367
368 return jhash_2words(addr_hash, dev->ifindex, hash_rnd);
369 }
370
371 static int ndisc_constructor(struct neighbour *neigh)
372 {
373 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
374 struct net_device *dev = neigh->dev;
375 struct inet6_dev *in6_dev;
376 struct neigh_parms *parms;
377 int is_multicast = ipv6_addr_is_multicast(addr);
378
379 rcu_read_lock();
380 in6_dev = in6_dev_get(dev);
381 if (in6_dev == NULL) {
382 rcu_read_unlock();
383 return -EINVAL;
384 }
385
386 parms = in6_dev->nd_parms;
387 __neigh_parms_put(neigh->parms);
388 neigh->parms = neigh_parms_clone(parms);
389 rcu_read_unlock();
390
391 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
392 if (!dev->header_ops) {
393 neigh->nud_state = NUD_NOARP;
394 neigh->ops = &ndisc_direct_ops;
395 neigh->output = neigh->ops->queue_xmit;
396 } else {
397 if (is_multicast) {
398 neigh->nud_state = NUD_NOARP;
399 ndisc_mc_map(addr, neigh->ha, dev, 1);
400 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
401 neigh->nud_state = NUD_NOARP;
402 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
403 if (dev->flags&IFF_LOOPBACK)
404 neigh->type = RTN_LOCAL;
405 } else if (dev->flags&IFF_POINTOPOINT) {
406 neigh->nud_state = NUD_NOARP;
407 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
408 }
409 if (dev->header_ops->cache)
410 neigh->ops = &ndisc_hh_ops;
411 else
412 neigh->ops = &ndisc_generic_ops;
413 if (neigh->nud_state&NUD_VALID)
414 neigh->output = neigh->ops->connected_output;
415 else
416 neigh->output = neigh->ops->output;
417 }
418 in6_dev_put(in6_dev);
419 return 0;
420 }
421
422 static int pndisc_constructor(struct pneigh_entry *n)
423 {
424 struct in6_addr *addr = (struct in6_addr*)&n->key;
425 struct in6_addr maddr;
426 struct net_device *dev = n->dev;
427
428 if (dev == NULL || __in6_dev_get(dev) == NULL)
429 return -EINVAL;
430 addrconf_addr_solict_mult(addr, &maddr);
431 ipv6_dev_mc_inc(dev, &maddr);
432 return 0;
433 }
434
435 static void pndisc_destructor(struct pneigh_entry *n)
436 {
437 struct in6_addr *addr = (struct in6_addr*)&n->key;
438 struct in6_addr maddr;
439 struct net_device *dev = n->dev;
440
441 if (dev == NULL || __in6_dev_get(dev) == NULL)
442 return;
443 addrconf_addr_solict_mult(addr, &maddr);
444 ipv6_dev_mc_dec(dev, &maddr);
445 }
446
447 struct sk_buff *ndisc_build_skb(struct net_device *dev,
448 const struct in6_addr *daddr,
449 const struct in6_addr *saddr,
450 struct icmp6hdr *icmp6h,
451 const struct in6_addr *target,
452 int llinfo)
453 {
454 struct net *net = dev_net(dev);
455 struct sock *sk = net->ipv6.ndisc_sk;
456 struct sk_buff *skb;
457 struct icmp6hdr *hdr;
458 int len;
459 int err;
460 u8 *opt;
461
462 if (!dev->addr_len)
463 llinfo = 0;
464
465 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
466 if (llinfo)
467 len += ndisc_opt_addr_space(dev);
468
469 skb = sock_alloc_send_skb(sk,
470 (MAX_HEADER + sizeof(struct ipv6hdr) +
471 len + LL_ALLOCATED_SPACE(dev)),
472 1, &err);
473 if (!skb) {
474 ND_PRINTK0(KERN_ERR
475 "ICMPv6 ND: %s() failed to allocate an skb, err=%d.\n",
476 __func__, err);
477 return NULL;
478 }
479
480 skb_reserve(skb, LL_RESERVED_SPACE(dev));
481 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
482
483 skb->transport_header = skb->tail;
484 skb_put(skb, len);
485
486 hdr = (struct icmp6hdr *)skb_transport_header(skb);
487 memcpy(hdr, icmp6h, sizeof(*hdr));
488
489 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
490 if (target) {
491 ipv6_addr_copy((struct in6_addr *)opt, target);
492 opt += sizeof(*target);
493 }
494
495 if (llinfo)
496 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
497 dev->addr_len, dev->type);
498
499 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
500 IPPROTO_ICMPV6,
501 csum_partial(hdr,
502 len, 0));
503
504 return skb;
505 }
506
507 EXPORT_SYMBOL(ndisc_build_skb);
508
509 void ndisc_send_skb(struct sk_buff *skb,
510 struct net_device *dev,
511 struct neighbour *neigh,
512 const struct in6_addr *daddr,
513 const struct in6_addr *saddr,
514 struct icmp6hdr *icmp6h)
515 {
516 struct flowi6 fl6;
517 struct dst_entry *dst;
518 struct net *net = dev_net(dev);
519 struct sock *sk = net->ipv6.ndisc_sk;
520 struct inet6_dev *idev;
521 int err;
522 u8 type;
523
524 type = icmp6h->icmp6_type;
525
526 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
527
528 dst = icmp6_dst_alloc(dev, neigh, daddr);
529 if (!dst) {
530 kfree_skb(skb);
531 return;
532 }
533
534 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
535 if (IS_ERR(dst)) {
536 kfree_skb(skb);
537 return;
538 }
539
540 skb_dst_set(skb, dst);
541
542 idev = in6_dev_get(dst->dev);
543 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
544
545 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
546 dst_output);
547 if (!err) {
548 ICMP6MSGOUT_INC_STATS(net, idev, type);
549 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
550 }
551
552 if (likely(idev != NULL))
553 in6_dev_put(idev);
554 }
555
556 EXPORT_SYMBOL(ndisc_send_skb);
557
558 /*
559 * Send a Neighbour Discover packet
560 */
561 static void __ndisc_send(struct net_device *dev,
562 struct neighbour *neigh,
563 const struct in6_addr *daddr,
564 const struct in6_addr *saddr,
565 struct icmp6hdr *icmp6h, const struct in6_addr *target,
566 int llinfo)
567 {
568 struct sk_buff *skb;
569
570 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
571 if (!skb)
572 return;
573
574 ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
575 }
576
577 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
578 const struct in6_addr *daddr,
579 const struct in6_addr *solicited_addr,
580 int router, int solicited, int override, int inc_opt)
581 {
582 struct in6_addr tmpaddr;
583 struct inet6_ifaddr *ifp;
584 const struct in6_addr *src_addr;
585 struct icmp6hdr icmp6h = {
586 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
587 };
588
589 /* for anycast or proxy, solicited_addr != src_addr */
590 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
591 if (ifp) {
592 src_addr = solicited_addr;
593 if (ifp->flags & IFA_F_OPTIMISTIC)
594 override = 0;
595 inc_opt |= ifp->idev->cnf.force_tllao;
596 in6_ifa_put(ifp);
597 } else {
598 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
599 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
600 &tmpaddr))
601 return;
602 src_addr = &tmpaddr;
603 }
604
605 icmp6h.icmp6_router = router;
606 icmp6h.icmp6_solicited = solicited;
607 icmp6h.icmp6_override = override;
608
609 __ndisc_send(dev, neigh, daddr, src_addr,
610 &icmp6h, solicited_addr,
611 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
612 }
613
614 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
615 const struct in6_addr *solicit,
616 const struct in6_addr *daddr, const struct in6_addr *saddr)
617 {
618 struct in6_addr addr_buf;
619 struct icmp6hdr icmp6h = {
620 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
621 };
622
623 if (saddr == NULL) {
624 if (ipv6_get_lladdr(dev, &addr_buf,
625 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
626 return;
627 saddr = &addr_buf;
628 }
629
630 __ndisc_send(dev, neigh, daddr, saddr,
631 &icmp6h, solicit,
632 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
633 }
634
635 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
636 const struct in6_addr *daddr)
637 {
638 struct icmp6hdr icmp6h = {
639 .icmp6_type = NDISC_ROUTER_SOLICITATION,
640 };
641 int send_sllao = dev->addr_len;
642
643 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
644 /*
645 * According to section 2.2 of RFC 4429, we must not
646 * send router solicitations with a sllao from
647 * optimistic addresses, but we may send the solicitation
648 * if we don't include the sllao. So here we check
649 * if our address is optimistic, and if so, we
650 * suppress the inclusion of the sllao.
651 */
652 if (send_sllao) {
653 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
654 dev, 1);
655 if (ifp) {
656 if (ifp->flags & IFA_F_OPTIMISTIC) {
657 send_sllao = 0;
658 }
659 in6_ifa_put(ifp);
660 } else {
661 send_sllao = 0;
662 }
663 }
664 #endif
665 __ndisc_send(dev, NULL, daddr, saddr,
666 &icmp6h, NULL,
667 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
668 }
669
670
671 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
672 {
673 /*
674 * "The sender MUST return an ICMP
675 * destination unreachable"
676 */
677 dst_link_failure(skb);
678 kfree_skb(skb);
679 }
680
681 /* Called with locked neigh: either read or both */
682
683 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
684 {
685 struct in6_addr *saddr = NULL;
686 struct in6_addr mcaddr;
687 struct net_device *dev = neigh->dev;
688 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
689 int probes = atomic_read(&neigh->probes);
690
691 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
692 saddr = &ipv6_hdr(skb)->saddr;
693
694 if ((probes -= neigh->parms->ucast_probes) < 0) {
695 if (!(neigh->nud_state & NUD_VALID)) {
696 ND_PRINTK1(KERN_DEBUG "%s(): trying to ucast probe in NUD_INVALID: %pI6\n",
697 __func__, target);
698 }
699 ndisc_send_ns(dev, neigh, target, target, saddr);
700 } else if ((probes -= neigh->parms->app_probes) < 0) {
701 #ifdef CONFIG_ARPD
702 neigh_app_ns(neigh);
703 #endif
704 } else {
705 addrconf_addr_solict_mult(target, &mcaddr);
706 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
707 }
708 }
709
710 static int pndisc_is_router(const void *pkey,
711 struct net_device *dev)
712 {
713 struct pneigh_entry *n;
714 int ret = -1;
715
716 read_lock_bh(&nd_tbl.lock);
717 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
718 if (n)
719 ret = !!(n->flags & NTF_ROUTER);
720 read_unlock_bh(&nd_tbl.lock);
721
722 return ret;
723 }
724
725 static void ndisc_recv_ns(struct sk_buff *skb)
726 {
727 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
728 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
729 struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
730 u8 *lladdr = NULL;
731 u32 ndoptlen = skb->tail - (skb->transport_header +
732 offsetof(struct nd_msg, opt));
733 struct ndisc_options ndopts;
734 struct net_device *dev = skb->dev;
735 struct inet6_ifaddr *ifp;
736 struct inet6_dev *idev = NULL;
737 struct neighbour *neigh;
738 int dad = ipv6_addr_any(saddr);
739 int inc;
740 int is_router = -1;
741
742 if (ipv6_addr_is_multicast(&msg->target)) {
743 ND_PRINTK2(KERN_WARNING
744 "ICMPv6 NS: multicast target address");
745 return;
746 }
747
748 /*
749 * RFC2461 7.1.1:
750 * DAD has to be destined for solicited node multicast address.
751 */
752 if (dad &&
753 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
754 daddr->s6_addr32[1] == htonl(0x00000000) &&
755 daddr->s6_addr32[2] == htonl(0x00000001) &&
756 daddr->s6_addr [12] == 0xff )) {
757 ND_PRINTK2(KERN_WARNING
758 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
759 return;
760 }
761
762 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
763 ND_PRINTK2(KERN_WARNING
764 "ICMPv6 NS: invalid ND options\n");
765 return;
766 }
767
768 if (ndopts.nd_opts_src_lladdr) {
769 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
770 if (!lladdr) {
771 ND_PRINTK2(KERN_WARNING
772 "ICMPv6 NS: invalid link-layer address length\n");
773 return;
774 }
775
776 /* RFC2461 7.1.1:
777 * If the IP source address is the unspecified address,
778 * there MUST NOT be source link-layer address option
779 * in the message.
780 */
781 if (dad) {
782 ND_PRINTK2(KERN_WARNING
783 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
784 return;
785 }
786 }
787
788 inc = ipv6_addr_is_multicast(daddr);
789
790 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
791 if (ifp) {
792
793 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
794 if (dad) {
795 if (dev->type == ARPHRD_IEEE802_TR) {
796 const unsigned char *sadr;
797 sadr = skb_mac_header(skb);
798 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
799 sadr[9] == dev->dev_addr[1] &&
800 sadr[10] == dev->dev_addr[2] &&
801 sadr[11] == dev->dev_addr[3] &&
802 sadr[12] == dev->dev_addr[4] &&
803 sadr[13] == dev->dev_addr[5]) {
804 /* looped-back to us */
805 goto out;
806 }
807 }
808
809 /*
810 * We are colliding with another node
811 * who is doing DAD
812 * so fail our DAD process
813 */
814 addrconf_dad_failure(ifp);
815 return;
816 } else {
817 /*
818 * This is not a dad solicitation.
819 * If we are an optimistic node,
820 * we should respond.
821 * Otherwise, we should ignore it.
822 */
823 if (!(ifp->flags & IFA_F_OPTIMISTIC))
824 goto out;
825 }
826 }
827
828 idev = ifp->idev;
829 } else {
830 struct net *net = dev_net(dev);
831
832 idev = in6_dev_get(dev);
833 if (!idev) {
834 /* XXX: count this drop? */
835 return;
836 }
837
838 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
839 (idev->cnf.forwarding &&
840 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
841 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
842 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
843 skb->pkt_type != PACKET_HOST &&
844 inc != 0 &&
845 idev->nd_parms->proxy_delay != 0) {
846 /*
847 * for anycast or proxy,
848 * sender should delay its response
849 * by a random time between 0 and
850 * MAX_ANYCAST_DELAY_TIME seconds.
851 * (RFC2461) -- yoshfuji
852 */
853 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
854 if (n)
855 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
856 goto out;
857 }
858 } else
859 goto out;
860 }
861
862 if (is_router < 0)
863 is_router = !!idev->cnf.forwarding;
864
865 if (dad) {
866 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
867 is_router, 0, (ifp != NULL), 1);
868 goto out;
869 }
870
871 if (inc)
872 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
873 else
874 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
875
876 /*
877 * update / create cache entry
878 * for the source address
879 */
880 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
881 !inc || lladdr || !dev->addr_len);
882 if (neigh)
883 neigh_update(neigh, lladdr, NUD_STALE,
884 NEIGH_UPDATE_F_WEAK_OVERRIDE|
885 NEIGH_UPDATE_F_OVERRIDE);
886 if (neigh || !dev->header_ops) {
887 ndisc_send_na(dev, neigh, saddr, &msg->target,
888 is_router,
889 1, (ifp != NULL && inc), inc);
890 if (neigh)
891 neigh_release(neigh);
892 }
893
894 out:
895 if (ifp)
896 in6_ifa_put(ifp);
897 else
898 in6_dev_put(idev);
899 }
900
901 static void ndisc_recv_na(struct sk_buff *skb)
902 {
903 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
904 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
905 struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
906 u8 *lladdr = NULL;
907 u32 ndoptlen = skb->tail - (skb->transport_header +
908 offsetof(struct nd_msg, opt));
909 struct ndisc_options ndopts;
910 struct net_device *dev = skb->dev;
911 struct inet6_ifaddr *ifp;
912 struct neighbour *neigh;
913
914 if (skb->len < sizeof(struct nd_msg)) {
915 ND_PRINTK2(KERN_WARNING
916 "ICMPv6 NA: packet too short\n");
917 return;
918 }
919
920 if (ipv6_addr_is_multicast(&msg->target)) {
921 ND_PRINTK2(KERN_WARNING
922 "ICMPv6 NA: target address is multicast.\n");
923 return;
924 }
925
926 if (ipv6_addr_is_multicast(daddr) &&
927 msg->icmph.icmp6_solicited) {
928 ND_PRINTK2(KERN_WARNING
929 "ICMPv6 NA: solicited NA is multicasted.\n");
930 return;
931 }
932
933 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
934 ND_PRINTK2(KERN_WARNING
935 "ICMPv6 NS: invalid ND option\n");
936 return;
937 }
938 if (ndopts.nd_opts_tgt_lladdr) {
939 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
940 if (!lladdr) {
941 ND_PRINTK2(KERN_WARNING
942 "ICMPv6 NA: invalid link-layer address length\n");
943 return;
944 }
945 }
946 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
947 if (ifp) {
948 if (skb->pkt_type != PACKET_LOOPBACK
949 && (ifp->flags & IFA_F_TENTATIVE)) {
950 addrconf_dad_failure(ifp);
951 return;
952 }
953 /* What should we make now? The advertisement
954 is invalid, but ndisc specs say nothing
955 about it. It could be misconfiguration, or
956 an smart proxy agent tries to help us :-)
957
958 We should not print the error if NA has been
959 received from loopback - it is just our own
960 unsolicited advertisement.
961 */
962 if (skb->pkt_type != PACKET_LOOPBACK)
963 ND_PRINTK1(KERN_WARNING
964 "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
965 &ifp->addr, ifp->idev->dev->name);
966 in6_ifa_put(ifp);
967 return;
968 }
969 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
970
971 if (neigh) {
972 u8 old_flags = neigh->flags;
973 struct net *net = dev_net(dev);
974
975 if (neigh->nud_state & NUD_FAILED)
976 goto out;
977
978 /*
979 * Don't update the neighbor cache entry on a proxy NA from
980 * ourselves because either the proxied node is off link or it
981 * has already sent a NA to us.
982 */
983 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
984 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
985 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
986 /* XXX: idev->cnf.prixy_ndp */
987 goto out;
988 }
989
990 neigh_update(neigh, lladdr,
991 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
992 NEIGH_UPDATE_F_WEAK_OVERRIDE|
993 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
994 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
995 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
996
997 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
998 /*
999 * Change: router to host
1000 */
1001 struct rt6_info *rt;
1002 rt = rt6_get_dflt_router(saddr, dev);
1003 if (rt)
1004 ip6_del_rt(rt);
1005 }
1006
1007 out:
1008 neigh_release(neigh);
1009 }
1010 }
1011
1012 static void ndisc_recv_rs(struct sk_buff *skb)
1013 {
1014 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1015 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1016 struct neighbour *neigh;
1017 struct inet6_dev *idev;
1018 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1019 struct ndisc_options ndopts;
1020 u8 *lladdr = NULL;
1021
1022 if (skb->len < sizeof(*rs_msg))
1023 return;
1024
1025 idev = in6_dev_get(skb->dev);
1026 if (!idev) {
1027 if (net_ratelimit())
1028 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1029 return;
1030 }
1031
1032 /* Don't accept RS if we're not in router mode */
1033 if (!idev->cnf.forwarding)
1034 goto out;
1035
1036 /*
1037 * Don't update NCE if src = ::;
1038 * this implies that the source node has no ip address assigned yet.
1039 */
1040 if (ipv6_addr_any(saddr))
1041 goto out;
1042
1043 /* Parse ND options */
1044 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1045 if (net_ratelimit())
1046 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1047 goto out;
1048 }
1049
1050 if (ndopts.nd_opts_src_lladdr) {
1051 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1052 skb->dev);
1053 if (!lladdr)
1054 goto out;
1055 }
1056
1057 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1058 if (neigh) {
1059 neigh_update(neigh, lladdr, NUD_STALE,
1060 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1061 NEIGH_UPDATE_F_OVERRIDE|
1062 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1063 neigh_release(neigh);
1064 }
1065 out:
1066 in6_dev_put(idev);
1067 }
1068
1069 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1070 {
1071 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1072 struct sk_buff *skb;
1073 struct nlmsghdr *nlh;
1074 struct nduseroptmsg *ndmsg;
1075 struct net *net = dev_net(ra->dev);
1076 int err;
1077 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1078 + (opt->nd_opt_len << 3));
1079 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1080
1081 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1082 if (skb == NULL) {
1083 err = -ENOBUFS;
1084 goto errout;
1085 }
1086
1087 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1088 if (nlh == NULL) {
1089 goto nla_put_failure;
1090 }
1091
1092 ndmsg = nlmsg_data(nlh);
1093 ndmsg->nduseropt_family = AF_INET6;
1094 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1095 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1096 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1097 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1098
1099 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1100
1101 NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1102 &ipv6_hdr(ra)->saddr);
1103 nlmsg_end(skb, nlh);
1104
1105 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1106 return;
1107
1108 nla_put_failure:
1109 nlmsg_free(skb);
1110 err = -EMSGSIZE;
1111 errout:
1112 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1113 }
1114
1115 static inline int accept_ra(struct inet6_dev *in6_dev)
1116 {
1117 /*
1118 * If forwarding is enabled, RA are not accepted unless the special
1119 * hybrid mode (accept_ra=2) is enabled.
1120 */
1121 if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
1122 return 0;
1123
1124 return in6_dev->cnf.accept_ra;
1125 }
1126
1127 static void ndisc_router_discovery(struct sk_buff *skb)
1128 {
1129 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1130 struct neighbour *neigh = NULL;
1131 struct inet6_dev *in6_dev;
1132 struct rt6_info *rt = NULL;
1133 int lifetime;
1134 struct ndisc_options ndopts;
1135 int optlen;
1136 unsigned int pref = 0;
1137
1138 __u8 * opt = (__u8 *)(ra_msg + 1);
1139
1140 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1141
1142 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1143 ND_PRINTK2(KERN_WARNING
1144 "ICMPv6 RA: source address is not link-local.\n");
1145 return;
1146 }
1147 if (optlen < 0) {
1148 ND_PRINTK2(KERN_WARNING
1149 "ICMPv6 RA: packet too short\n");
1150 return;
1151 }
1152
1153 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1154 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1155 ND_PRINTK2(KERN_WARNING
1156 "ICMPv6 RA: from host or unauthorized router\n");
1157 return;
1158 }
1159 #endif
1160
1161 /*
1162 * set the RA_RECV flag in the interface
1163 */
1164
1165 in6_dev = in6_dev_get(skb->dev);
1166 if (in6_dev == NULL) {
1167 ND_PRINTK0(KERN_ERR
1168 "ICMPv6 RA: can't find inet6 device for %s.\n",
1169 skb->dev->name);
1170 return;
1171 }
1172
1173 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1174 in6_dev_put(in6_dev);
1175 ND_PRINTK2(KERN_WARNING
1176 "ICMP6 RA: invalid ND options\n");
1177 return;
1178 }
1179
1180 if (!accept_ra(in6_dev))
1181 goto skip_linkparms;
1182
1183 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1184 /* skip link-specific parameters from interior routers */
1185 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1186 goto skip_linkparms;
1187 #endif
1188
1189 if (in6_dev->if_flags & IF_RS_SENT) {
1190 /*
1191 * flag that an RA was received after an RS was sent
1192 * out on this interface.
1193 */
1194 in6_dev->if_flags |= IF_RA_RCVD;
1195 }
1196
1197 /*
1198 * Remember the managed/otherconf flags from most recently
1199 * received RA message (RFC 2462) -- yoshfuji
1200 */
1201 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1202 IF_RA_OTHERCONF)) |
1203 (ra_msg->icmph.icmp6_addrconf_managed ?
1204 IF_RA_MANAGED : 0) |
1205 (ra_msg->icmph.icmp6_addrconf_other ?
1206 IF_RA_OTHERCONF : 0);
1207
1208 if (!in6_dev->cnf.accept_ra_defrtr)
1209 goto skip_defrtr;
1210
1211 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1212
1213 #ifdef CONFIG_IPV6_ROUTER_PREF
1214 pref = ra_msg->icmph.icmp6_router_pref;
1215 /* 10b is handled as if it were 00b (medium) */
1216 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1217 !in6_dev->cnf.accept_ra_rtr_pref)
1218 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1219 #endif
1220
1221 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1222
1223 if (rt)
1224 neigh = rt->rt6i_nexthop;
1225
1226 if (rt && lifetime == 0) {
1227 neigh_clone(neigh);
1228 ip6_del_rt(rt);
1229 rt = NULL;
1230 }
1231
1232 if (rt == NULL && lifetime) {
1233 ND_PRINTK3(KERN_DEBUG
1234 "ICMPv6 RA: adding default router.\n");
1235
1236 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1237 if (rt == NULL) {
1238 ND_PRINTK0(KERN_ERR
1239 "ICMPv6 RA: %s() failed to add default route.\n",
1240 __func__);
1241 in6_dev_put(in6_dev);
1242 return;
1243 }
1244
1245 neigh = rt->rt6i_nexthop;
1246 if (neigh == NULL) {
1247 ND_PRINTK0(KERN_ERR
1248 "ICMPv6 RA: %s() got default router without neighbour.\n",
1249 __func__);
1250 dst_release(&rt->dst);
1251 in6_dev_put(in6_dev);
1252 return;
1253 }
1254 neigh->flags |= NTF_ROUTER;
1255 } else if (rt) {
1256 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1257 }
1258
1259 if (rt)
1260 rt->rt6i_expires = jiffies + (HZ * lifetime);
1261
1262 if (ra_msg->icmph.icmp6_hop_limit) {
1263 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1264 if (rt)
1265 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1266 ra_msg->icmph.icmp6_hop_limit);
1267 }
1268
1269 skip_defrtr:
1270
1271 /*
1272 * Update Reachable Time and Retrans Timer
1273 */
1274
1275 if (in6_dev->nd_parms) {
1276 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1277
1278 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1279 rtime = (rtime*HZ)/1000;
1280 if (rtime < HZ/10)
1281 rtime = HZ/10;
1282 in6_dev->nd_parms->retrans_time = rtime;
1283 in6_dev->tstamp = jiffies;
1284 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1285 }
1286
1287 rtime = ntohl(ra_msg->reachable_time);
1288 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1289 rtime = (rtime*HZ)/1000;
1290
1291 if (rtime < HZ/10)
1292 rtime = HZ/10;
1293
1294 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1295 in6_dev->nd_parms->base_reachable_time = rtime;
1296 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1297 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1298 in6_dev->tstamp = jiffies;
1299 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1300 }
1301 }
1302 }
1303
1304 skip_linkparms:
1305
1306 /*
1307 * Process options.
1308 */
1309
1310 if (!neigh)
1311 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1312 skb->dev, 1);
1313 if (neigh) {
1314 u8 *lladdr = NULL;
1315 if (ndopts.nd_opts_src_lladdr) {
1316 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1317 skb->dev);
1318 if (!lladdr) {
1319 ND_PRINTK2(KERN_WARNING
1320 "ICMPv6 RA: invalid link-layer address length\n");
1321 goto out;
1322 }
1323 }
1324 neigh_update(neigh, lladdr, NUD_STALE,
1325 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1326 NEIGH_UPDATE_F_OVERRIDE|
1327 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1328 NEIGH_UPDATE_F_ISROUTER);
1329 }
1330
1331 if (!accept_ra(in6_dev))
1332 goto out;
1333
1334 #ifdef CONFIG_IPV6_ROUTE_INFO
1335 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1336 struct nd_opt_hdr *p;
1337 for (p = ndopts.nd_opts_ri;
1338 p;
1339 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1340 struct route_info *ri = (struct route_info *)p;
1341 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1342 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1343 ri->prefix_len == 0)
1344 continue;
1345 #endif
1346 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1347 continue;
1348 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1349 &ipv6_hdr(skb)->saddr);
1350 }
1351 }
1352 #endif
1353
1354 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1355 /* skip link-specific ndopts from interior routers */
1356 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1357 goto out;
1358 #endif
1359
1360 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1361 struct nd_opt_hdr *p;
1362 for (p = ndopts.nd_opts_pi;
1363 p;
1364 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1365 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1366 }
1367 }
1368
1369 if (ndopts.nd_opts_mtu) {
1370 __be32 n;
1371 u32 mtu;
1372
1373 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1374 mtu = ntohl(n);
1375
1376 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1377 ND_PRINTK2(KERN_WARNING
1378 "ICMPv6 RA: invalid mtu: %d\n",
1379 mtu);
1380 } else if (in6_dev->cnf.mtu6 != mtu) {
1381 in6_dev->cnf.mtu6 = mtu;
1382
1383 if (rt)
1384 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1385
1386 rt6_mtu_change(skb->dev, mtu);
1387 }
1388 }
1389
1390 if (ndopts.nd_useropts) {
1391 struct nd_opt_hdr *p;
1392 for (p = ndopts.nd_useropts;
1393 p;
1394 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1395 ndisc_ra_useropt(skb, p);
1396 }
1397 }
1398
1399 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1400 ND_PRINTK2(KERN_WARNING
1401 "ICMPv6 RA: invalid RA options");
1402 }
1403 out:
1404 if (rt)
1405 dst_release(&rt->dst);
1406 else if (neigh)
1407 neigh_release(neigh);
1408 in6_dev_put(in6_dev);
1409 }
1410
1411 static void ndisc_redirect_rcv(struct sk_buff *skb)
1412 {
1413 struct inet6_dev *in6_dev;
1414 struct icmp6hdr *icmph;
1415 struct in6_addr *dest;
1416 struct in6_addr *target; /* new first hop to destination */
1417 struct neighbour *neigh;
1418 int on_link = 0;
1419 struct ndisc_options ndopts;
1420 int optlen;
1421 u8 *lladdr = NULL;
1422
1423 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1424 switch (skb->ndisc_nodetype) {
1425 case NDISC_NODETYPE_HOST:
1426 case NDISC_NODETYPE_NODEFAULT:
1427 ND_PRINTK2(KERN_WARNING
1428 "ICMPv6 Redirect: from host or unauthorized router\n");
1429 return;
1430 }
1431 #endif
1432
1433 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1434 ND_PRINTK2(KERN_WARNING
1435 "ICMPv6 Redirect: source address is not link-local.\n");
1436 return;
1437 }
1438
1439 optlen = skb->tail - skb->transport_header;
1440 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1441
1442 if (optlen < 0) {
1443 ND_PRINTK2(KERN_WARNING
1444 "ICMPv6 Redirect: packet too short\n");
1445 return;
1446 }
1447
1448 icmph = icmp6_hdr(skb);
1449 target = (struct in6_addr *) (icmph + 1);
1450 dest = target + 1;
1451
1452 if (ipv6_addr_is_multicast(dest)) {
1453 ND_PRINTK2(KERN_WARNING
1454 "ICMPv6 Redirect: destination address is multicast.\n");
1455 return;
1456 }
1457
1458 if (ipv6_addr_equal(dest, target)) {
1459 on_link = 1;
1460 } else if (ipv6_addr_type(target) !=
1461 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1462 ND_PRINTK2(KERN_WARNING
1463 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1464 return;
1465 }
1466
1467 in6_dev = in6_dev_get(skb->dev);
1468 if (!in6_dev)
1469 return;
1470 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1471 in6_dev_put(in6_dev);
1472 return;
1473 }
1474
1475 /* RFC2461 8.1:
1476 * The IP source address of the Redirect MUST be the same as the current
1477 * first-hop router for the specified ICMP Destination Address.
1478 */
1479
1480 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1481 ND_PRINTK2(KERN_WARNING
1482 "ICMPv6 Redirect: invalid ND options\n");
1483 in6_dev_put(in6_dev);
1484 return;
1485 }
1486 if (ndopts.nd_opts_tgt_lladdr) {
1487 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1488 skb->dev);
1489 if (!lladdr) {
1490 ND_PRINTK2(KERN_WARNING
1491 "ICMPv6 Redirect: invalid link-layer address length\n");
1492 in6_dev_put(in6_dev);
1493 return;
1494 }
1495 }
1496
1497 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1498 if (neigh) {
1499 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1500 &ipv6_hdr(skb)->saddr, neigh, lladdr,
1501 on_link);
1502 neigh_release(neigh);
1503 }
1504 in6_dev_put(in6_dev);
1505 }
1506
1507 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1508 const struct in6_addr *target)
1509 {
1510 struct net_device *dev = skb->dev;
1511 struct net *net = dev_net(dev);
1512 struct sock *sk = net->ipv6.ndisc_sk;
1513 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1514 struct sk_buff *buff;
1515 struct icmp6hdr *icmph;
1516 struct in6_addr saddr_buf;
1517 struct in6_addr *addrp;
1518 struct rt6_info *rt;
1519 struct dst_entry *dst;
1520 struct inet6_dev *idev;
1521 struct flowi6 fl6;
1522 u8 *opt;
1523 int rd_len;
1524 int err;
1525 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1526
1527 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1528 ND_PRINTK2(KERN_WARNING
1529 "ICMPv6 Redirect: no link-local address on %s\n",
1530 dev->name);
1531 return;
1532 }
1533
1534 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1535 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1536 ND_PRINTK2(KERN_WARNING
1537 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1538 return;
1539 }
1540
1541 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1542 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1543
1544 dst = ip6_route_output(net, NULL, &fl6);
1545 if (dst == NULL)
1546 return;
1547
1548 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1549 if (IS_ERR(dst))
1550 return;
1551
1552 rt = (struct rt6_info *) dst;
1553
1554 if (rt->rt6i_flags & RTF_GATEWAY) {
1555 ND_PRINTK2(KERN_WARNING
1556 "ICMPv6 Redirect: destination is not a neighbour.\n");
1557 goto release;
1558 }
1559 if (!rt->rt6i_peer)
1560 rt6_bind_peer(rt, 1);
1561 if (inet_peer_xrlim_allow(rt->rt6i_peer, 1*HZ))
1562 goto release;
1563
1564 if (dev->addr_len) {
1565 read_lock_bh(&neigh->lock);
1566 if (neigh->nud_state & NUD_VALID) {
1567 memcpy(ha_buf, neigh->ha, dev->addr_len);
1568 read_unlock_bh(&neigh->lock);
1569 ha = ha_buf;
1570 len += ndisc_opt_addr_space(dev);
1571 } else
1572 read_unlock_bh(&neigh->lock);
1573 }
1574
1575 rd_len = min_t(unsigned int,
1576 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1577 rd_len &= ~0x7;
1578 len += rd_len;
1579
1580 buff = sock_alloc_send_skb(sk,
1581 (MAX_HEADER + sizeof(struct ipv6hdr) +
1582 len + LL_ALLOCATED_SPACE(dev)),
1583 1, &err);
1584 if (buff == NULL) {
1585 ND_PRINTK0(KERN_ERR
1586 "ICMPv6 Redirect: %s() failed to allocate an skb, err=%d.\n",
1587 __func__, err);
1588 goto release;
1589 }
1590
1591 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1592 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1593 IPPROTO_ICMPV6, len);
1594
1595 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1596 skb_put(buff, len);
1597 icmph = icmp6_hdr(buff);
1598
1599 memset(icmph, 0, sizeof(struct icmp6hdr));
1600 icmph->icmp6_type = NDISC_REDIRECT;
1601
1602 /*
1603 * copy target and destination addresses
1604 */
1605
1606 addrp = (struct in6_addr *)(icmph + 1);
1607 ipv6_addr_copy(addrp, target);
1608 addrp++;
1609 ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1610
1611 opt = (u8*) (addrp + 1);
1612
1613 /*
1614 * include target_address option
1615 */
1616
1617 if (ha)
1618 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1619 dev->addr_len, dev->type);
1620
1621 /*
1622 * build redirect option and copy skb over to the new packet.
1623 */
1624
1625 memset(opt, 0, 8);
1626 *(opt++) = ND_OPT_REDIRECT_HDR;
1627 *(opt++) = (rd_len >> 3);
1628 opt += 6;
1629
1630 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1631
1632 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1633 len, IPPROTO_ICMPV6,
1634 csum_partial(icmph, len, 0));
1635
1636 skb_dst_set(buff, dst);
1637 idev = in6_dev_get(dst->dev);
1638 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1639 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1640 dst_output);
1641 if (!err) {
1642 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1643 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1644 }
1645
1646 if (likely(idev != NULL))
1647 in6_dev_put(idev);
1648 return;
1649
1650 release:
1651 dst_release(dst);
1652 }
1653
1654 static void pndisc_redo(struct sk_buff *skb)
1655 {
1656 ndisc_recv_ns(skb);
1657 kfree_skb(skb);
1658 }
1659
1660 int ndisc_rcv(struct sk_buff *skb)
1661 {
1662 struct nd_msg *msg;
1663
1664 if (!pskb_may_pull(skb, skb->len))
1665 return 0;
1666
1667 msg = (struct nd_msg *)skb_transport_header(skb);
1668
1669 __skb_push(skb, skb->data - skb_transport_header(skb));
1670
1671 if (ipv6_hdr(skb)->hop_limit != 255) {
1672 ND_PRINTK2(KERN_WARNING
1673 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1674 ipv6_hdr(skb)->hop_limit);
1675 return 0;
1676 }
1677
1678 if (msg->icmph.icmp6_code != 0) {
1679 ND_PRINTK2(KERN_WARNING
1680 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1681 msg->icmph.icmp6_code);
1682 return 0;
1683 }
1684
1685 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1686
1687 switch (msg->icmph.icmp6_type) {
1688 case NDISC_NEIGHBOUR_SOLICITATION:
1689 ndisc_recv_ns(skb);
1690 break;
1691
1692 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1693 ndisc_recv_na(skb);
1694 break;
1695
1696 case NDISC_ROUTER_SOLICITATION:
1697 ndisc_recv_rs(skb);
1698 break;
1699
1700 case NDISC_ROUTER_ADVERTISEMENT:
1701 ndisc_router_discovery(skb);
1702 break;
1703
1704 case NDISC_REDIRECT:
1705 ndisc_redirect_rcv(skb);
1706 break;
1707 }
1708
1709 return 0;
1710 }
1711
1712 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1713 {
1714 struct net_device *dev = ptr;
1715 struct net *net = dev_net(dev);
1716
1717 switch (event) {
1718 case NETDEV_CHANGEADDR:
1719 neigh_changeaddr(&nd_tbl, dev);
1720 fib6_run_gc(~0UL, net);
1721 break;
1722 case NETDEV_DOWN:
1723 neigh_ifdown(&nd_tbl, dev);
1724 fib6_run_gc(~0UL, net);
1725 break;
1726 default:
1727 break;
1728 }
1729
1730 return NOTIFY_DONE;
1731 }
1732
1733 static struct notifier_block ndisc_netdev_notifier = {
1734 .notifier_call = ndisc_netdev_event,
1735 };
1736
1737 #ifdef CONFIG_SYSCTL
1738 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1739 const char *func, const char *dev_name)
1740 {
1741 static char warncomm[TASK_COMM_LEN];
1742 static int warned;
1743 if (strcmp(warncomm, current->comm) && warned < 5) {
1744 strcpy(warncomm, current->comm);
1745 printk(KERN_WARNING
1746 "process `%s' is using deprecated sysctl (%s) "
1747 "net.ipv6.neigh.%s.%s; "
1748 "Use net.ipv6.neigh.%s.%s_ms "
1749 "instead.\n",
1750 warncomm, func,
1751 dev_name, ctl->procname,
1752 dev_name, ctl->procname);
1753 warned++;
1754 }
1755 }
1756
1757 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1758 {
1759 struct net_device *dev = ctl->extra1;
1760 struct inet6_dev *idev;
1761 int ret;
1762
1763 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1764 (strcmp(ctl->procname, "base_reachable_time") == 0))
1765 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1766
1767 if (strcmp(ctl->procname, "retrans_time") == 0)
1768 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1769
1770 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1771 ret = proc_dointvec_jiffies(ctl, write,
1772 buffer, lenp, ppos);
1773
1774 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1775 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1776 ret = proc_dointvec_ms_jiffies(ctl, write,
1777 buffer, lenp, ppos);
1778 else
1779 ret = -1;
1780
1781 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1782 if (ctl->data == &idev->nd_parms->base_reachable_time)
1783 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1784 idev->tstamp = jiffies;
1785 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1786 in6_dev_put(idev);
1787 }
1788 return ret;
1789 }
1790
1791
1792 #endif
1793
1794 static int __net_init ndisc_net_init(struct net *net)
1795 {
1796 struct ipv6_pinfo *np;
1797 struct sock *sk;
1798 int err;
1799
1800 err = inet_ctl_sock_create(&sk, PF_INET6,
1801 SOCK_RAW, IPPROTO_ICMPV6, net);
1802 if (err < 0) {
1803 ND_PRINTK0(KERN_ERR
1804 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1805 err);
1806 return err;
1807 }
1808
1809 net->ipv6.ndisc_sk = sk;
1810
1811 np = inet6_sk(sk);
1812 np->hop_limit = 255;
1813 /* Do not loopback ndisc messages */
1814 np->mc_loop = 0;
1815
1816 return 0;
1817 }
1818
1819 static void __net_exit ndisc_net_exit(struct net *net)
1820 {
1821 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1822 }
1823
1824 static struct pernet_operations ndisc_net_ops = {
1825 .init = ndisc_net_init,
1826 .exit = ndisc_net_exit,
1827 };
1828
1829 int __init ndisc_init(void)
1830 {
1831 int err;
1832
1833 err = register_pernet_subsys(&ndisc_net_ops);
1834 if (err)
1835 return err;
1836 /*
1837 * Initialize the neighbour table
1838 */
1839 neigh_table_init(&nd_tbl);
1840
1841 #ifdef CONFIG_SYSCTL
1842 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1843 &ndisc_ifinfo_sysctl_change);
1844 if (err)
1845 goto out_unregister_pernet;
1846 #endif
1847 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1848 if (err)
1849 goto out_unregister_sysctl;
1850 out:
1851 return err;
1852
1853 out_unregister_sysctl:
1854 #ifdef CONFIG_SYSCTL
1855 neigh_sysctl_unregister(&nd_tbl.parms);
1856 out_unregister_pernet:
1857 #endif
1858 unregister_pernet_subsys(&ndisc_net_ops);
1859 goto out;
1860 }
1861
1862 void ndisc_cleanup(void)
1863 {
1864 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1865 #ifdef CONFIG_SYSCTL
1866 neigh_sysctl_unregister(&nd_tbl.parms);
1867 #endif
1868 neigh_table_clear(&nd_tbl);
1869 unregister_pernet_subsys(&ndisc_net_ops);
1870 }
Linux kernel - Deliverables
This page took 0.077766 seconds and 5 git commands to generate.