projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ipv6: Remove unused neigh argument for icmp6_dst_alloc() and its callers.
[deliverable/linux.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static inline int ndisc_opt_addr_space(struct net_device *dev)
147 {
148 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
149 }
150
151 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
152 unsigned short addr_type)
153 {
154 int pad = ndisc_addr_option_pad(addr_type);
155 int space = NDISC_OPT_SPACE(data_len + pad);
156
157 opt[0] = type;
158 opt[1] = space>>3;
159
160 memset(opt + 2, 0, pad);
161 opt += pad;
162 space -= pad;
163
164 memcpy(opt+2, data, data_len);
165 data_len += 2;
166 opt += data_len;
167 if ((space -= data_len) > 0)
168 memset(opt, 0, space);
169 return opt + space;
170 }
171
172 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
173 struct nd_opt_hdr *end)
174 {
175 int type;
176 if (!cur || !end || cur >= end)
177 return NULL;
178 type = cur->nd_opt_type;
179 do {
180 cur = ((void *)cur) + (cur->nd_opt_len << 3);
181 } while(cur < end && cur->nd_opt_type != type);
182 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
183 }
184
185 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
186 {
187 return opt->nd_opt_type == ND_OPT_RDNSS ||
188 opt->nd_opt_type == ND_OPT_DNSSL;
189 }
190
191 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
192 struct nd_opt_hdr *end)
193 {
194 if (!cur || !end || cur >= end)
195 return NULL;
196 do {
197 cur = ((void *)cur) + (cur->nd_opt_len << 3);
198 } while(cur < end && !ndisc_is_useropt(cur));
199 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
200 }
201
202 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
203 struct ndisc_options *ndopts)
204 {
205 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
206
207 if (!nd_opt || opt_len < 0 || !ndopts)
208 return NULL;
209 memset(ndopts, 0, sizeof(*ndopts));
210 while (opt_len) {
211 int l;
212 if (opt_len < sizeof(struct nd_opt_hdr))
213 return NULL;
214 l = nd_opt->nd_opt_len << 3;
215 if (opt_len < l || l == 0)
216 return NULL;
217 switch (nd_opt->nd_opt_type) {
218 case ND_OPT_SOURCE_LL_ADDR:
219 case ND_OPT_TARGET_LL_ADDR:
220 case ND_OPT_MTU:
221 case ND_OPT_REDIRECT_HDR:
222 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
223 ND_PRINTK(2, warn,
224 "%s: duplicated ND6 option found: type=%d\n",
225 __func__, nd_opt->nd_opt_type);
226 } else {
227 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
228 }
229 break;
230 case ND_OPT_PREFIX_INFO:
231 ndopts->nd_opts_pi_end = nd_opt;
232 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
233 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
234 break;
235 #ifdef CONFIG_IPV6_ROUTE_INFO
236 case ND_OPT_ROUTE_INFO:
237 ndopts->nd_opts_ri_end = nd_opt;
238 if (!ndopts->nd_opts_ri)
239 ndopts->nd_opts_ri = nd_opt;
240 break;
241 #endif
242 default:
243 if (ndisc_is_useropt(nd_opt)) {
244 ndopts->nd_useropts_end = nd_opt;
245 if (!ndopts->nd_useropts)
246 ndopts->nd_useropts = nd_opt;
247 } else {
248 /*
249 * Unknown options must be silently ignored,
250 * to accommodate future extension to the
251 * protocol.
252 */
253 ND_PRINTK(2, notice,
254 "%s: ignored unsupported option; type=%d, len=%d\n",
255 __func__,
256 nd_opt->nd_opt_type,
257 nd_opt->nd_opt_len);
258 }
259 }
260 opt_len -= l;
261 nd_opt = ((void *)nd_opt) + l;
262 }
263 return ndopts;
264 }
265
266 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
267 {
268 switch (dev->type) {
269 case ARPHRD_ETHER:
270 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
271 case ARPHRD_FDDI:
272 ipv6_eth_mc_map(addr, buf);
273 return 0;
274 case ARPHRD_ARCNET:
275 ipv6_arcnet_mc_map(addr, buf);
276 return 0;
277 case ARPHRD_INFINIBAND:
278 ipv6_ib_mc_map(addr, dev->broadcast, buf);
279 return 0;
280 case ARPHRD_IPGRE:
281 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
282 default:
283 if (dir) {
284 memcpy(buf, dev->broadcast, dev->addr_len);
285 return 0;
286 }
287 }
288 return -EINVAL;
289 }
290
291 EXPORT_SYMBOL(ndisc_mc_map);
292
293 static u32 ndisc_hash(const void *pkey,
294 const struct net_device *dev,
295 __u32 *hash_rnd)
296 {
297 return ndisc_hashfn(pkey, dev, hash_rnd);
298 }
299
300 static int ndisc_constructor(struct neighbour *neigh)
301 {
302 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
303 struct net_device *dev = neigh->dev;
304 struct inet6_dev *in6_dev;
305 struct neigh_parms *parms;
306 bool is_multicast = ipv6_addr_is_multicast(addr);
307
308 in6_dev = in6_dev_get(dev);
309 if (in6_dev == NULL) {
310 return -EINVAL;
311 }
312
313 parms = in6_dev->nd_parms;
314 __neigh_parms_put(neigh->parms);
315 neigh->parms = neigh_parms_clone(parms);
316
317 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
318 if (!dev->header_ops) {
319 neigh->nud_state = NUD_NOARP;
320 neigh->ops = &ndisc_direct_ops;
321 neigh->output = neigh_direct_output;
322 } else {
323 if (is_multicast) {
324 neigh->nud_state = NUD_NOARP;
325 ndisc_mc_map(addr, neigh->ha, dev, 1);
326 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
327 neigh->nud_state = NUD_NOARP;
328 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
329 if (dev->flags&IFF_LOOPBACK)
330 neigh->type = RTN_LOCAL;
331 } else if (dev->flags&IFF_POINTOPOINT) {
332 neigh->nud_state = NUD_NOARP;
333 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
334 }
335 if (dev->header_ops->cache)
336 neigh->ops = &ndisc_hh_ops;
337 else
338 neigh->ops = &ndisc_generic_ops;
339 if (neigh->nud_state&NUD_VALID)
340 neigh->output = neigh->ops->connected_output;
341 else
342 neigh->output = neigh->ops->output;
343 }
344 in6_dev_put(in6_dev);
345 return 0;
346 }
347
348 static int pndisc_constructor(struct pneigh_entry *n)
349 {
350 struct in6_addr *addr = (struct in6_addr*)&n->key;
351 struct in6_addr maddr;
352 struct net_device *dev = n->dev;
353
354 if (dev == NULL || __in6_dev_get(dev) == NULL)
355 return -EINVAL;
356 addrconf_addr_solict_mult(addr, &maddr);
357 ipv6_dev_mc_inc(dev, &maddr);
358 return 0;
359 }
360
361 static void pndisc_destructor(struct pneigh_entry *n)
362 {
363 struct in6_addr *addr = (struct in6_addr*)&n->key;
364 struct in6_addr maddr;
365 struct net_device *dev = n->dev;
366
367 if (dev == NULL || __in6_dev_get(dev) == NULL)
368 return;
369 addrconf_addr_solict_mult(addr, &maddr);
370 ipv6_dev_mc_dec(dev, &maddr);
371 }
372
373 static struct sk_buff *ndisc_build_skb(struct net_device *dev,
374 const struct in6_addr *daddr,
375 const struct in6_addr *saddr,
376 struct icmp6hdr *icmp6h,
377 const struct in6_addr *target,
378 int llinfo)
379 {
380 struct net *net = dev_net(dev);
381 struct sock *sk = net->ipv6.ndisc_sk;
382 struct sk_buff *skb;
383 struct icmp6hdr *hdr;
384 int hlen = LL_RESERVED_SPACE(dev);
385 int tlen = dev->needed_tailroom;
386 int len;
387 int err;
388 u8 *opt;
389
390 if (!dev->addr_len)
391 llinfo = 0;
392
393 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
394 if (llinfo)
395 len += ndisc_opt_addr_space(dev);
396
397 skb = sock_alloc_send_skb(sk,
398 (sizeof(struct ipv6hdr) +
399 len + hlen + tlen),
400 1, &err);
401 if (!skb) {
402 ND_PRINTK(0, err, "ND: %s failed to allocate an skb, err=%d\n",
403 __func__, err);
404 return NULL;
405 }
406
407 skb_reserve(skb, hlen);
408 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
409
410 skb->transport_header = skb->tail;
411 skb_put(skb, len);
412
413 hdr = (struct icmp6hdr *)skb_transport_header(skb);
414 memcpy(hdr, icmp6h, sizeof(*hdr));
415
416 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
417 if (target) {
418 *(struct in6_addr *)opt = *target;
419 opt += sizeof(*target);
420 }
421
422 if (llinfo)
423 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
424 dev->addr_len, dev->type);
425
426 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
427 IPPROTO_ICMPV6,
428 csum_partial(hdr,
429 len, 0));
430
431 return skb;
432 }
433
434 static void ndisc_send_skb(struct sk_buff *skb, struct net_device *dev,
435 const struct in6_addr *daddr,
436 const struct in6_addr *saddr,
437 struct icmp6hdr *icmp6h)
438 {
439 struct flowi6 fl6;
440 struct dst_entry *dst;
441 struct net *net = dev_net(dev);
442 struct sock *sk = net->ipv6.ndisc_sk;
443 struct inet6_dev *idev;
444 int err;
445 u8 type;
446
447 type = icmp6h->icmp6_type;
448
449 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
450 dst = icmp6_dst_alloc(dev, &fl6);
451 if (IS_ERR(dst)) {
452 kfree_skb(skb);
453 return;
454 }
455
456 skb_dst_set(skb, dst);
457
458 rcu_read_lock();
459 idev = __in6_dev_get(dst->dev);
460 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
461
462 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
463 dst_output);
464 if (!err) {
465 ICMP6MSGOUT_INC_STATS(net, idev, type);
466 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
467 }
468
469 rcu_read_unlock();
470 }
471
472 /*
473 * Send a Neighbour Discover packet
474 */
475 static void __ndisc_send(struct net_device *dev,
476 const struct in6_addr *daddr,
477 const struct in6_addr *saddr,
478 struct icmp6hdr *icmp6h, const struct in6_addr *target,
479 int llinfo)
480 {
481 struct sk_buff *skb;
482
483 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
484 if (!skb)
485 return;
486
487 ndisc_send_skb(skb, dev, daddr, saddr, icmp6h);
488 }
489
490 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
491 const struct in6_addr *daddr,
492 const struct in6_addr *solicited_addr,
493 int router, int solicited, int override, int inc_opt)
494 {
495 struct in6_addr tmpaddr;
496 struct inet6_ifaddr *ifp;
497 const struct in6_addr *src_addr;
498 struct icmp6hdr icmp6h = {
499 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
500 };
501
502 /* for anycast or proxy, solicited_addr != src_addr */
503 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
504 if (ifp) {
505 src_addr = solicited_addr;
506 if (ifp->flags & IFA_F_OPTIMISTIC)
507 override = 0;
508 inc_opt |= ifp->idev->cnf.force_tllao;
509 in6_ifa_put(ifp);
510 } else {
511 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
512 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
513 &tmpaddr))
514 return;
515 src_addr = &tmpaddr;
516 }
517
518 icmp6h.icmp6_router = router;
519 icmp6h.icmp6_solicited = solicited;
520 icmp6h.icmp6_override = override;
521
522 __ndisc_send(dev, daddr, src_addr, &icmp6h, solicited_addr,
523 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
524 }
525
526 static void ndisc_send_unsol_na(struct net_device *dev)
527 {
528 struct inet6_dev *idev;
529 struct inet6_ifaddr *ifa;
530
531 idev = in6_dev_get(dev);
532 if (!idev)
533 return;
534
535 read_lock_bh(&idev->lock);
536 list_for_each_entry(ifa, &idev->addr_list, if_list) {
537 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
538 /*router=*/ !!idev->cnf.forwarding,
539 /*solicited=*/ false, /*override=*/ true,
540 /*inc_opt=*/ true);
541 }
542 read_unlock_bh(&idev->lock);
543
544 in6_dev_put(idev);
545 }
546
547 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
548 const struct in6_addr *solicit,
549 const struct in6_addr *daddr, const struct in6_addr *saddr)
550 {
551 struct in6_addr addr_buf;
552 struct icmp6hdr icmp6h = {
553 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
554 };
555
556 if (saddr == NULL) {
557 if (ipv6_get_lladdr(dev, &addr_buf,
558 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
559 return;
560 saddr = &addr_buf;
561 }
562
563 __ndisc_send(dev, daddr, saddr, &icmp6h, solicit,
564 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
565 }
566
567 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
568 const struct in6_addr *daddr)
569 {
570 struct icmp6hdr icmp6h = {
571 .icmp6_type = NDISC_ROUTER_SOLICITATION,
572 };
573 int send_sllao = dev->addr_len;
574
575 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
576 /*
577 * According to section 2.2 of RFC 4429, we must not
578 * send router solicitations with a sllao from
579 * optimistic addresses, but we may send the solicitation
580 * if we don't include the sllao. So here we check
581 * if our address is optimistic, and if so, we
582 * suppress the inclusion of the sllao.
583 */
584 if (send_sllao) {
585 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
586 dev, 1);
587 if (ifp) {
588 if (ifp->flags & IFA_F_OPTIMISTIC) {
589 send_sllao = 0;
590 }
591 in6_ifa_put(ifp);
592 } else {
593 send_sllao = 0;
594 }
595 }
596 #endif
597 __ndisc_send(dev, daddr, saddr, &icmp6h, NULL,
598 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
599 }
600
601
602 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
603 {
604 /*
605 * "The sender MUST return an ICMP
606 * destination unreachable"
607 */
608 dst_link_failure(skb);
609 kfree_skb(skb);
610 }
611
612 /* Called with locked neigh: either read or both */
613
614 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
615 {
616 struct in6_addr *saddr = NULL;
617 struct in6_addr mcaddr;
618 struct net_device *dev = neigh->dev;
619 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
620 int probes = atomic_read(&neigh->probes);
621
622 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
623 saddr = &ipv6_hdr(skb)->saddr;
624
625 if ((probes -= neigh->parms->ucast_probes) < 0) {
626 if (!(neigh->nud_state & NUD_VALID)) {
627 ND_PRINTK(1, dbg,
628 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
629 __func__, target);
630 }
631 ndisc_send_ns(dev, neigh, target, target, saddr);
632 } else if ((probes -= neigh->parms->app_probes) < 0) {
633 #ifdef CONFIG_ARPD
634 neigh_app_ns(neigh);
635 #endif
636 } else {
637 addrconf_addr_solict_mult(target, &mcaddr);
638 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
639 }
640 }
641
642 static int pndisc_is_router(const void *pkey,
643 struct net_device *dev)
644 {
645 struct pneigh_entry *n;
646 int ret = -1;
647
648 read_lock_bh(&nd_tbl.lock);
649 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
650 if (n)
651 ret = !!(n->flags & NTF_ROUTER);
652 read_unlock_bh(&nd_tbl.lock);
653
654 return ret;
655 }
656
657 static void ndisc_recv_ns(struct sk_buff *skb)
658 {
659 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
660 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
661 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
662 u8 *lladdr = NULL;
663 u32 ndoptlen = skb->tail - (skb->transport_header +
664 offsetof(struct nd_msg, opt));
665 struct ndisc_options ndopts;
666 struct net_device *dev = skb->dev;
667 struct inet6_ifaddr *ifp;
668 struct inet6_dev *idev = NULL;
669 struct neighbour *neigh;
670 int dad = ipv6_addr_any(saddr);
671 bool inc;
672 int is_router = -1;
673
674 if (ipv6_addr_is_multicast(&msg->target)) {
675 ND_PRINTK(2, warn, "NS: multicast target address\n");
676 return;
677 }
678
679 /*
680 * RFC2461 7.1.1:
681 * DAD has to be destined for solicited node multicast address.
682 */
683 if (dad &&
684 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
685 daddr->s6_addr32[1] == htonl(0x00000000) &&
686 daddr->s6_addr32[2] == htonl(0x00000001) &&
687 daddr->s6_addr [12] == 0xff )) {
688 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
689 return;
690 }
691
692 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
693 ND_PRINTK(2, warn, "NS: invalid ND options\n");
694 return;
695 }
696
697 if (ndopts.nd_opts_src_lladdr) {
698 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
699 if (!lladdr) {
700 ND_PRINTK(2, warn,
701 "NS: invalid link-layer address length\n");
702 return;
703 }
704
705 /* RFC2461 7.1.1:
706 * If the IP source address is the unspecified address,
707 * there MUST NOT be source link-layer address option
708 * in the message.
709 */
710 if (dad) {
711 ND_PRINTK(2, warn,
712 "NS: bad DAD packet (link-layer address option)\n");
713 return;
714 }
715 }
716
717 inc = ipv6_addr_is_multicast(daddr);
718
719 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
720 if (ifp) {
721
722 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
723 if (dad) {
724 /*
725 * We are colliding with another node
726 * who is doing DAD
727 * so fail our DAD process
728 */
729 addrconf_dad_failure(ifp);
730 return;
731 } else {
732 /*
733 * This is not a dad solicitation.
734 * If we are an optimistic node,
735 * we should respond.
736 * Otherwise, we should ignore it.
737 */
738 if (!(ifp->flags & IFA_F_OPTIMISTIC))
739 goto out;
740 }
741 }
742
743 idev = ifp->idev;
744 } else {
745 struct net *net = dev_net(dev);
746
747 idev = in6_dev_get(dev);
748 if (!idev) {
749 /* XXX: count this drop? */
750 return;
751 }
752
753 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
754 (idev->cnf.forwarding &&
755 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
756 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
757 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
758 skb->pkt_type != PACKET_HOST &&
759 inc != 0 &&
760 idev->nd_parms->proxy_delay != 0) {
761 /*
762 * for anycast or proxy,
763 * sender should delay its response
764 * by a random time between 0 and
765 * MAX_ANYCAST_DELAY_TIME seconds.
766 * (RFC2461) -- yoshfuji
767 */
768 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
769 if (n)
770 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
771 goto out;
772 }
773 } else
774 goto out;
775 }
776
777 if (is_router < 0)
778 is_router = !!idev->cnf.forwarding;
779
780 if (dad) {
781 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
782 is_router, 0, (ifp != NULL), 1);
783 goto out;
784 }
785
786 if (inc)
787 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
788 else
789 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
790
791 /*
792 * update / create cache entry
793 * for the source address
794 */
795 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
796 !inc || lladdr || !dev->addr_len);
797 if (neigh)
798 neigh_update(neigh, lladdr, NUD_STALE,
799 NEIGH_UPDATE_F_WEAK_OVERRIDE|
800 NEIGH_UPDATE_F_OVERRIDE);
801 if (neigh || !dev->header_ops) {
802 ndisc_send_na(dev, neigh, saddr, &msg->target,
803 is_router,
804 1, (ifp != NULL && inc), inc);
805 if (neigh)
806 neigh_release(neigh);
807 }
808
809 out:
810 if (ifp)
811 in6_ifa_put(ifp);
812 else
813 in6_dev_put(idev);
814 }
815
816 static void ndisc_recv_na(struct sk_buff *skb)
817 {
818 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
819 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
820 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
821 u8 *lladdr = NULL;
822 u32 ndoptlen = skb->tail - (skb->transport_header +
823 offsetof(struct nd_msg, opt));
824 struct ndisc_options ndopts;
825 struct net_device *dev = skb->dev;
826 struct inet6_ifaddr *ifp;
827 struct neighbour *neigh;
828
829 if (skb->len < sizeof(struct nd_msg)) {
830 ND_PRINTK(2, warn, "NA: packet too short\n");
831 return;
832 }
833
834 if (ipv6_addr_is_multicast(&msg->target)) {
835 ND_PRINTK(2, warn, "NA: target address is multicast\n");
836 return;
837 }
838
839 if (ipv6_addr_is_multicast(daddr) &&
840 msg->icmph.icmp6_solicited) {
841 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
842 return;
843 }
844
845 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
846 ND_PRINTK(2, warn, "NS: invalid ND option\n");
847 return;
848 }
849 if (ndopts.nd_opts_tgt_lladdr) {
850 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
851 if (!lladdr) {
852 ND_PRINTK(2, warn,
853 "NA: invalid link-layer address length\n");
854 return;
855 }
856 }
857 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
858 if (ifp) {
859 if (skb->pkt_type != PACKET_LOOPBACK
860 && (ifp->flags & IFA_F_TENTATIVE)) {
861 addrconf_dad_failure(ifp);
862 return;
863 }
864 /* What should we make now? The advertisement
865 is invalid, but ndisc specs say nothing
866 about it. It could be misconfiguration, or
867 an smart proxy agent tries to help us :-)
868
869 We should not print the error if NA has been
870 received from loopback - it is just our own
871 unsolicited advertisement.
872 */
873 if (skb->pkt_type != PACKET_LOOPBACK)
874 ND_PRINTK(1, warn,
875 "NA: someone advertises our address %pI6 on %s!\n",
876 &ifp->addr, ifp->idev->dev->name);
877 in6_ifa_put(ifp);
878 return;
879 }
880 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
881
882 if (neigh) {
883 u8 old_flags = neigh->flags;
884 struct net *net = dev_net(dev);
885
886 if (neigh->nud_state & NUD_FAILED)
887 goto out;
888
889 /*
890 * Don't update the neighbor cache entry on a proxy NA from
891 * ourselves because either the proxied node is off link or it
892 * has already sent a NA to us.
893 */
894 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
895 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
896 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
897 /* XXX: idev->cnf.proxy_ndp */
898 goto out;
899 }
900
901 neigh_update(neigh, lladdr,
902 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
903 NEIGH_UPDATE_F_WEAK_OVERRIDE|
904 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
905 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
906 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
907
908 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
909 /*
910 * Change: router to host
911 */
912 struct rt6_info *rt;
913 rt = rt6_get_dflt_router(saddr, dev);
914 if (rt)
915 ip6_del_rt(rt);
916 }
917
918 out:
919 neigh_release(neigh);
920 }
921 }
922
923 static void ndisc_recv_rs(struct sk_buff *skb)
924 {
925 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
926 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
927 struct neighbour *neigh;
928 struct inet6_dev *idev;
929 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
930 struct ndisc_options ndopts;
931 u8 *lladdr = NULL;
932
933 if (skb->len < sizeof(*rs_msg))
934 return;
935
936 idev = __in6_dev_get(skb->dev);
937 if (!idev) {
938 ND_PRINTK(1, err, "RS: can't find in6 device\n");
939 return;
940 }
941
942 /* Don't accept RS if we're not in router mode */
943 if (!idev->cnf.forwarding)
944 goto out;
945
946 /*
947 * Don't update NCE if src = ::;
948 * this implies that the source node has no ip address assigned yet.
949 */
950 if (ipv6_addr_any(saddr))
951 goto out;
952
953 /* Parse ND options */
954 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
955 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
956 goto out;
957 }
958
959 if (ndopts.nd_opts_src_lladdr) {
960 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
961 skb->dev);
962 if (!lladdr)
963 goto out;
964 }
965
966 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
967 if (neigh) {
968 neigh_update(neigh, lladdr, NUD_STALE,
969 NEIGH_UPDATE_F_WEAK_OVERRIDE|
970 NEIGH_UPDATE_F_OVERRIDE|
971 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
972 neigh_release(neigh);
973 }
974 out:
975 return;
976 }
977
978 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
979 {
980 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
981 struct sk_buff *skb;
982 struct nlmsghdr *nlh;
983 struct nduseroptmsg *ndmsg;
984 struct net *net = dev_net(ra->dev);
985 int err;
986 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
987 + (opt->nd_opt_len << 3));
988 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
989
990 skb = nlmsg_new(msg_size, GFP_ATOMIC);
991 if (skb == NULL) {
992 err = -ENOBUFS;
993 goto errout;
994 }
995
996 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
997 if (nlh == NULL) {
998 goto nla_put_failure;
999 }
1000
1001 ndmsg = nlmsg_data(nlh);
1002 ndmsg->nduseropt_family = AF_INET6;
1003 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1004 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1005 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1006 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1007
1008 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1009
1010 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1011 &ipv6_hdr(ra)->saddr))
1012 goto nla_put_failure;
1013 nlmsg_end(skb, nlh);
1014
1015 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1016 return;
1017
1018 nla_put_failure:
1019 nlmsg_free(skb);
1020 err = -EMSGSIZE;
1021 errout:
1022 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1023 }
1024
1025 static void ndisc_router_discovery(struct sk_buff *skb)
1026 {
1027 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1028 struct neighbour *neigh = NULL;
1029 struct inet6_dev *in6_dev;
1030 struct rt6_info *rt = NULL;
1031 int lifetime;
1032 struct ndisc_options ndopts;
1033 int optlen;
1034 unsigned int pref = 0;
1035
1036 __u8 * opt = (__u8 *)(ra_msg + 1);
1037
1038 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1039
1040 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1041 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1042 return;
1043 }
1044 if (optlen < 0) {
1045 ND_PRINTK(2, warn, "RA: packet too short\n");
1046 return;
1047 }
1048
1049 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1050 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1051 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1052 return;
1053 }
1054 #endif
1055
1056 /*
1057 * set the RA_RECV flag in the interface
1058 */
1059
1060 in6_dev = __in6_dev_get(skb->dev);
1061 if (in6_dev == NULL) {
1062 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1063 skb->dev->name);
1064 return;
1065 }
1066
1067 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1068 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1069 return;
1070 }
1071
1072 if (!ipv6_accept_ra(in6_dev))
1073 goto skip_linkparms;
1074
1075 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1076 /* skip link-specific parameters from interior routers */
1077 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1078 goto skip_linkparms;
1079 #endif
1080
1081 if (in6_dev->if_flags & IF_RS_SENT) {
1082 /*
1083 * flag that an RA was received after an RS was sent
1084 * out on this interface.
1085 */
1086 in6_dev->if_flags |= IF_RA_RCVD;
1087 }
1088
1089 /*
1090 * Remember the managed/otherconf flags from most recently
1091 * received RA message (RFC 2462) -- yoshfuji
1092 */
1093 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1094 IF_RA_OTHERCONF)) |
1095 (ra_msg->icmph.icmp6_addrconf_managed ?
1096 IF_RA_MANAGED : 0) |
1097 (ra_msg->icmph.icmp6_addrconf_other ?
1098 IF_RA_OTHERCONF : 0);
1099
1100 if (!in6_dev->cnf.accept_ra_defrtr)
1101 goto skip_defrtr;
1102
1103 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1104 goto skip_defrtr;
1105
1106 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1107
1108 #ifdef CONFIG_IPV6_ROUTER_PREF
1109 pref = ra_msg->icmph.icmp6_router_pref;
1110 /* 10b is handled as if it were 00b (medium) */
1111 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1112 !in6_dev->cnf.accept_ra_rtr_pref)
1113 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1114 #endif
1115
1116 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1117
1118 if (rt) {
1119 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1120 if (!neigh) {
1121 ND_PRINTK(0, err,
1122 "RA: %s got default router without neighbour\n",
1123 __func__);
1124 ip6_rt_put(rt);
1125 return;
1126 }
1127 }
1128 if (rt && lifetime == 0) {
1129 ip6_del_rt(rt);
1130 rt = NULL;
1131 }
1132
1133 if (rt == NULL && lifetime) {
1134 ND_PRINTK(3, dbg, "RA: adding default router\n");
1135
1136 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1137 if (rt == NULL) {
1138 ND_PRINTK(0, err,
1139 "RA: %s failed to add default route\n",
1140 __func__);
1141 return;
1142 }
1143
1144 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1145 if (neigh == NULL) {
1146 ND_PRINTK(0, err,
1147 "RA: %s got default router without neighbour\n",
1148 __func__);
1149 ip6_rt_put(rt);
1150 return;
1151 }
1152 neigh->flags |= NTF_ROUTER;
1153 } else if (rt) {
1154 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1155 }
1156
1157 if (rt)
1158 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1159 if (ra_msg->icmph.icmp6_hop_limit) {
1160 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1161 if (rt)
1162 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1163 ra_msg->icmph.icmp6_hop_limit);
1164 }
1165
1166 skip_defrtr:
1167
1168 /*
1169 * Update Reachable Time and Retrans Timer
1170 */
1171
1172 if (in6_dev->nd_parms) {
1173 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1174
1175 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1176 rtime = (rtime*HZ)/1000;
1177 if (rtime < HZ/10)
1178 rtime = HZ/10;
1179 in6_dev->nd_parms->retrans_time = rtime;
1180 in6_dev->tstamp = jiffies;
1181 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1182 }
1183
1184 rtime = ntohl(ra_msg->reachable_time);
1185 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1186 rtime = (rtime*HZ)/1000;
1187
1188 if (rtime < HZ/10)
1189 rtime = HZ/10;
1190
1191 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1192 in6_dev->nd_parms->base_reachable_time = rtime;
1193 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1194 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1195 in6_dev->tstamp = jiffies;
1196 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1197 }
1198 }
1199 }
1200
1201 skip_linkparms:
1202
1203 /*
1204 * Process options.
1205 */
1206
1207 if (!neigh)
1208 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1209 skb->dev, 1);
1210 if (neigh) {
1211 u8 *lladdr = NULL;
1212 if (ndopts.nd_opts_src_lladdr) {
1213 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1214 skb->dev);
1215 if (!lladdr) {
1216 ND_PRINTK(2, warn,
1217 "RA: invalid link-layer address length\n");
1218 goto out;
1219 }
1220 }
1221 neigh_update(neigh, lladdr, NUD_STALE,
1222 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1223 NEIGH_UPDATE_F_OVERRIDE|
1224 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1225 NEIGH_UPDATE_F_ISROUTER);
1226 }
1227
1228 if (!ipv6_accept_ra(in6_dev))
1229 goto out;
1230
1231 #ifdef CONFIG_IPV6_ROUTE_INFO
1232 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1233 goto skip_routeinfo;
1234
1235 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1236 struct nd_opt_hdr *p;
1237 for (p = ndopts.nd_opts_ri;
1238 p;
1239 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1240 struct route_info *ri = (struct route_info *)p;
1241 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1242 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1243 ri->prefix_len == 0)
1244 continue;
1245 #endif
1246 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1247 continue;
1248 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1249 &ipv6_hdr(skb)->saddr);
1250 }
1251 }
1252
1253 skip_routeinfo:
1254 #endif
1255
1256 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1257 /* skip link-specific ndopts from interior routers */
1258 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1259 goto out;
1260 #endif
1261
1262 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1263 struct nd_opt_hdr *p;
1264 for (p = ndopts.nd_opts_pi;
1265 p;
1266 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1267 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1268 (p->nd_opt_len) << 3,
1269 ndopts.nd_opts_src_lladdr != NULL);
1270 }
1271 }
1272
1273 if (ndopts.nd_opts_mtu) {
1274 __be32 n;
1275 u32 mtu;
1276
1277 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1278 mtu = ntohl(n);
1279
1280 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1281 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1282 } else if (in6_dev->cnf.mtu6 != mtu) {
1283 in6_dev->cnf.mtu6 = mtu;
1284
1285 if (rt)
1286 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1287
1288 rt6_mtu_change(skb->dev, mtu);
1289 }
1290 }
1291
1292 if (ndopts.nd_useropts) {
1293 struct nd_opt_hdr *p;
1294 for (p = ndopts.nd_useropts;
1295 p;
1296 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1297 ndisc_ra_useropt(skb, p);
1298 }
1299 }
1300
1301 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1302 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1303 }
1304 out:
1305 ip6_rt_put(rt);
1306 if (neigh)
1307 neigh_release(neigh);
1308 }
1309
1310 static void ndisc_redirect_rcv(struct sk_buff *skb)
1311 {
1312 u8 *hdr;
1313 struct ndisc_options ndopts;
1314 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1315 u32 ndoptlen = skb->tail - (skb->transport_header +
1316 offsetof(struct rd_msg, opt));
1317
1318 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1319 switch (skb->ndisc_nodetype) {
1320 case NDISC_NODETYPE_HOST:
1321 case NDISC_NODETYPE_NODEFAULT:
1322 ND_PRINTK(2, warn,
1323 "Redirect: from host or unauthorized router\n");
1324 return;
1325 }
1326 #endif
1327
1328 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1329 ND_PRINTK(2, warn,
1330 "Redirect: source address is not link-local\n");
1331 return;
1332 }
1333
1334 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1335 return;
1336
1337 if (!ndopts.nd_opts_rh)
1338 return;
1339
1340 hdr = (u8 *)ndopts.nd_opts_rh;
1341 hdr += 8;
1342 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1343 return;
1344
1345 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1346 }
1347
1348 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1349 {
1350 struct net_device *dev = skb->dev;
1351 struct net *net = dev_net(dev);
1352 struct sock *sk = net->ipv6.ndisc_sk;
1353 int len = sizeof(struct rd_msg);
1354 struct inet_peer *peer;
1355 struct sk_buff *buff;
1356 struct rd_msg *msg;
1357 struct in6_addr saddr_buf;
1358 struct rt6_info *rt;
1359 struct dst_entry *dst;
1360 struct inet6_dev *idev;
1361 struct flowi6 fl6;
1362 u8 *opt;
1363 int hlen, tlen;
1364 int rd_len;
1365 int err;
1366 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1367 bool ret;
1368
1369 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1370 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1371 dev->name);
1372 return;
1373 }
1374
1375 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1376 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1377 ND_PRINTK(2, warn,
1378 "Redirect: target address is not link-local unicast\n");
1379 return;
1380 }
1381
1382 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1383 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1384
1385 dst = ip6_route_output(net, NULL, &fl6);
1386 if (dst->error) {
1387 dst_release(dst);
1388 return;
1389 }
1390 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1391 if (IS_ERR(dst))
1392 return;
1393
1394 rt = (struct rt6_info *) dst;
1395
1396 if (rt->rt6i_flags & RTF_GATEWAY) {
1397 ND_PRINTK(2, warn,
1398 "Redirect: destination is not a neighbour\n");
1399 goto release;
1400 }
1401 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1402 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1403 if (peer)
1404 inet_putpeer(peer);
1405 if (!ret)
1406 goto release;
1407
1408 if (dev->addr_len) {
1409 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1410 if (!neigh) {
1411 ND_PRINTK(2, warn,
1412 "Redirect: no neigh for target address\n");
1413 goto release;
1414 }
1415
1416 read_lock_bh(&neigh->lock);
1417 if (neigh->nud_state & NUD_VALID) {
1418 memcpy(ha_buf, neigh->ha, dev->addr_len);
1419 read_unlock_bh(&neigh->lock);
1420 ha = ha_buf;
1421 len += ndisc_opt_addr_space(dev);
1422 } else
1423 read_unlock_bh(&neigh->lock);
1424
1425 neigh_release(neigh);
1426 }
1427
1428 rd_len = min_t(unsigned int,
1429 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1430 rd_len &= ~0x7;
1431 len += rd_len;
1432
1433 hlen = LL_RESERVED_SPACE(dev);
1434 tlen = dev->needed_tailroom;
1435 buff = sock_alloc_send_skb(sk,
1436 (sizeof(struct ipv6hdr) +
1437 len + hlen + tlen),
1438 1, &err);
1439 if (buff == NULL) {
1440 ND_PRINTK(0, err,
1441 "Redirect: %s failed to allocate an skb, err=%d\n",
1442 __func__, err);
1443 goto release;
1444 }
1445
1446 skb_reserve(buff, hlen);
1447 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1448 IPPROTO_ICMPV6, len);
1449
1450 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1451 skb_put(buff, len);
1452 msg = (struct rd_msg *)icmp6_hdr(buff);
1453
1454 memset(&msg->icmph, 0, sizeof(struct icmp6hdr));
1455 msg->icmph.icmp6_type = NDISC_REDIRECT;
1456
1457 /*
1458 * copy target and destination addresses
1459 */
1460
1461 msg->target = *target;
1462 msg->dest = ipv6_hdr(skb)->daddr;
1463
1464 opt = msg->opt;
1465
1466 /*
1467 * include target_address option
1468 */
1469
1470 if (ha)
1471 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1472 dev->addr_len, dev->type);
1473
1474 /*
1475 * build redirect option and copy skb over to the new packet.
1476 */
1477
1478 memset(opt, 0, 8);
1479 *(opt++) = ND_OPT_REDIRECT_HDR;
1480 *(opt++) = (rd_len >> 3);
1481 opt += 6;
1482
1483 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1484
1485 msg->icmph.icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1486 len, IPPROTO_ICMPV6,
1487 csum_partial(msg, len, 0));
1488
1489 skb_dst_set(buff, dst);
1490 rcu_read_lock();
1491 idev = __in6_dev_get(dst->dev);
1492 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1493 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1494 dst_output);
1495 if (!err) {
1496 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1497 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1498 }
1499
1500 rcu_read_unlock();
1501 return;
1502
1503 release:
1504 dst_release(dst);
1505 }
1506
1507 static void pndisc_redo(struct sk_buff *skb)
1508 {
1509 ndisc_recv_ns(skb);
1510 kfree_skb(skb);
1511 }
1512
1513 int ndisc_rcv(struct sk_buff *skb)
1514 {
1515 struct nd_msg *msg;
1516
1517 if (!pskb_may_pull(skb, skb->len))
1518 return 0;
1519
1520 msg = (struct nd_msg *)skb_transport_header(skb);
1521
1522 __skb_push(skb, skb->data - skb_transport_header(skb));
1523
1524 if (ipv6_hdr(skb)->hop_limit != 255) {
1525 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1526 ipv6_hdr(skb)->hop_limit);
1527 return 0;
1528 }
1529
1530 if (msg->icmph.icmp6_code != 0) {
1531 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1532 msg->icmph.icmp6_code);
1533 return 0;
1534 }
1535
1536 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1537
1538 switch (msg->icmph.icmp6_type) {
1539 case NDISC_NEIGHBOUR_SOLICITATION:
1540 ndisc_recv_ns(skb);
1541 break;
1542
1543 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1544 ndisc_recv_na(skb);
1545 break;
1546
1547 case NDISC_ROUTER_SOLICITATION:
1548 ndisc_recv_rs(skb);
1549 break;
1550
1551 case NDISC_ROUTER_ADVERTISEMENT:
1552 ndisc_router_discovery(skb);
1553 break;
1554
1555 case NDISC_REDIRECT:
1556 ndisc_redirect_rcv(skb);
1557 break;
1558 }
1559
1560 return 0;
1561 }
1562
1563 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1564 {
1565 struct net_device *dev = ptr;
1566 struct net *net = dev_net(dev);
1567 struct inet6_dev *idev;
1568
1569 switch (event) {
1570 case NETDEV_CHANGEADDR:
1571 neigh_changeaddr(&nd_tbl, dev);
1572 fib6_run_gc(~0UL, net);
1573 idev = in6_dev_get(dev);
1574 if (!idev)
1575 break;
1576 if (idev->cnf.ndisc_notify)
1577 ndisc_send_unsol_na(dev);
1578 in6_dev_put(idev);
1579 break;
1580 case NETDEV_DOWN:
1581 neigh_ifdown(&nd_tbl, dev);
1582 fib6_run_gc(~0UL, net);
1583 break;
1584 case NETDEV_NOTIFY_PEERS:
1585 ndisc_send_unsol_na(dev);
1586 break;
1587 default:
1588 break;
1589 }
1590
1591 return NOTIFY_DONE;
1592 }
1593
1594 static struct notifier_block ndisc_netdev_notifier = {
1595 .notifier_call = ndisc_netdev_event,
1596 };
1597
1598 #ifdef CONFIG_SYSCTL
1599 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1600 const char *func, const char *dev_name)
1601 {
1602 static char warncomm[TASK_COMM_LEN];
1603 static int warned;
1604 if (strcmp(warncomm, current->comm) && warned < 5) {
1605 strcpy(warncomm, current->comm);
1606 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1607 warncomm, func,
1608 dev_name, ctl->procname,
1609 dev_name, ctl->procname);
1610 warned++;
1611 }
1612 }
1613
1614 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1615 {
1616 struct net_device *dev = ctl->extra1;
1617 struct inet6_dev *idev;
1618 int ret;
1619
1620 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1621 (strcmp(ctl->procname, "base_reachable_time") == 0))
1622 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1623
1624 if (strcmp(ctl->procname, "retrans_time") == 0)
1625 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1626
1627 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1628 ret = proc_dointvec_jiffies(ctl, write,
1629 buffer, lenp, ppos);
1630
1631 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1632 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1633 ret = proc_dointvec_ms_jiffies(ctl, write,
1634 buffer, lenp, ppos);
1635 else
1636 ret = -1;
1637
1638 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1639 if (ctl->data == &idev->nd_parms->base_reachable_time)
1640 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1641 idev->tstamp = jiffies;
1642 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1643 in6_dev_put(idev);
1644 }
1645 return ret;
1646 }
1647
1648
1649 #endif
1650
1651 static int __net_init ndisc_net_init(struct net *net)
1652 {
1653 struct ipv6_pinfo *np;
1654 struct sock *sk;
1655 int err;
1656
1657 err = inet_ctl_sock_create(&sk, PF_INET6,
1658 SOCK_RAW, IPPROTO_ICMPV6, net);
1659 if (err < 0) {
1660 ND_PRINTK(0, err,
1661 "NDISC: Failed to initialize the control socket (err %d)\n",
1662 err);
1663 return err;
1664 }
1665
1666 net->ipv6.ndisc_sk = sk;
1667
1668 np = inet6_sk(sk);
1669 np->hop_limit = 255;
1670 /* Do not loopback ndisc messages */
1671 np->mc_loop = 0;
1672
1673 return 0;
1674 }
1675
1676 static void __net_exit ndisc_net_exit(struct net *net)
1677 {
1678 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1679 }
1680
1681 static struct pernet_operations ndisc_net_ops = {
1682 .init = ndisc_net_init,
1683 .exit = ndisc_net_exit,
1684 };
1685
1686 int __init ndisc_init(void)
1687 {
1688 int err;
1689
1690 err = register_pernet_subsys(&ndisc_net_ops);
1691 if (err)
1692 return err;
1693 /*
1694 * Initialize the neighbour table
1695 */
1696 neigh_table_init(&nd_tbl);
1697
1698 #ifdef CONFIG_SYSCTL
1699 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1700 &ndisc_ifinfo_sysctl_change);
1701 if (err)
1702 goto out_unregister_pernet;
1703 #endif
1704 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1705 if (err)
1706 goto out_unregister_sysctl;
1707 out:
1708 return err;
1709
1710 out_unregister_sysctl:
1711 #ifdef CONFIG_SYSCTL
1712 neigh_sysctl_unregister(&nd_tbl.parms);
1713 out_unregister_pernet:
1714 #endif
1715 unregister_pernet_subsys(&ndisc_net_ops);
1716 goto out;
1717 }
1718
1719 void ndisc_cleanup(void)
1720 {
1721 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1722 #ifdef CONFIG_SYSCTL
1723 neigh_sysctl_unregister(&nd_tbl.parms);
1724 #endif
1725 neigh_table_clear(&nd_tbl);
1726 unregister_pernet_subsys(&ndisc_net_ops);
1727 }
Linux kernel - Deliverables
This page took 0.108605 seconds and 6 git commands to generate.