projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso...
[deliverable/linux.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static inline int ndisc_opt_addr_space(struct net_device *dev)
147 {
148 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
149 }
150
151 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
152 unsigned short addr_type)
153 {
154 int pad = ndisc_addr_option_pad(addr_type);
155 int space = NDISC_OPT_SPACE(data_len + pad);
156
157 opt[0] = type;
158 opt[1] = space>>3;
159
160 memset(opt + 2, 0, pad);
161 opt += pad;
162 space -= pad;
163
164 memcpy(opt+2, data, data_len);
165 data_len += 2;
166 opt += data_len;
167 if ((space -= data_len) > 0)
168 memset(opt, 0, space);
169 return opt + space;
170 }
171
172 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
173 struct nd_opt_hdr *end)
174 {
175 int type;
176 if (!cur || !end || cur >= end)
177 return NULL;
178 type = cur->nd_opt_type;
179 do {
180 cur = ((void *)cur) + (cur->nd_opt_len << 3);
181 } while(cur < end && cur->nd_opt_type != type);
182 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
183 }
184
185 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
186 {
187 return opt->nd_opt_type == ND_OPT_RDNSS ||
188 opt->nd_opt_type == ND_OPT_DNSSL;
189 }
190
191 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
192 struct nd_opt_hdr *end)
193 {
194 if (!cur || !end || cur >= end)
195 return NULL;
196 do {
197 cur = ((void *)cur) + (cur->nd_opt_len << 3);
198 } while(cur < end && !ndisc_is_useropt(cur));
199 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
200 }
201
202 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
203 struct ndisc_options *ndopts)
204 {
205 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
206
207 if (!nd_opt || opt_len < 0 || !ndopts)
208 return NULL;
209 memset(ndopts, 0, sizeof(*ndopts));
210 while (opt_len) {
211 int l;
212 if (opt_len < sizeof(struct nd_opt_hdr))
213 return NULL;
214 l = nd_opt->nd_opt_len << 3;
215 if (opt_len < l || l == 0)
216 return NULL;
217 switch (nd_opt->nd_opt_type) {
218 case ND_OPT_SOURCE_LL_ADDR:
219 case ND_OPT_TARGET_LL_ADDR:
220 case ND_OPT_MTU:
221 case ND_OPT_REDIRECT_HDR:
222 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
223 ND_PRINTK(2, warn,
224 "%s: duplicated ND6 option found: type=%d\n",
225 __func__, nd_opt->nd_opt_type);
226 } else {
227 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
228 }
229 break;
230 case ND_OPT_PREFIX_INFO:
231 ndopts->nd_opts_pi_end = nd_opt;
232 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
233 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
234 break;
235 #ifdef CONFIG_IPV6_ROUTE_INFO
236 case ND_OPT_ROUTE_INFO:
237 ndopts->nd_opts_ri_end = nd_opt;
238 if (!ndopts->nd_opts_ri)
239 ndopts->nd_opts_ri = nd_opt;
240 break;
241 #endif
242 default:
243 if (ndisc_is_useropt(nd_opt)) {
244 ndopts->nd_useropts_end = nd_opt;
245 if (!ndopts->nd_useropts)
246 ndopts->nd_useropts = nd_opt;
247 } else {
248 /*
249 * Unknown options must be silently ignored,
250 * to accommodate future extension to the
251 * protocol.
252 */
253 ND_PRINTK(2, notice,
254 "%s: ignored unsupported option; type=%d, len=%d\n",
255 __func__,
256 nd_opt->nd_opt_type,
257 nd_opt->nd_opt_len);
258 }
259 }
260 opt_len -= l;
261 nd_opt = ((void *)nd_opt) + l;
262 }
263 return ndopts;
264 }
265
266 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
267 {
268 switch (dev->type) {
269 case ARPHRD_ETHER:
270 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
271 case ARPHRD_FDDI:
272 ipv6_eth_mc_map(addr, buf);
273 return 0;
274 case ARPHRD_ARCNET:
275 ipv6_arcnet_mc_map(addr, buf);
276 return 0;
277 case ARPHRD_INFINIBAND:
278 ipv6_ib_mc_map(addr, dev->broadcast, buf);
279 return 0;
280 case ARPHRD_IPGRE:
281 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
282 default:
283 if (dir) {
284 memcpy(buf, dev->broadcast, dev->addr_len);
285 return 0;
286 }
287 }
288 return -EINVAL;
289 }
290
291 EXPORT_SYMBOL(ndisc_mc_map);
292
293 static u32 ndisc_hash(const void *pkey,
294 const struct net_device *dev,
295 __u32 *hash_rnd)
296 {
297 return ndisc_hashfn(pkey, dev, hash_rnd);
298 }
299
300 static int ndisc_constructor(struct neighbour *neigh)
301 {
302 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
303 struct net_device *dev = neigh->dev;
304 struct inet6_dev *in6_dev;
305 struct neigh_parms *parms;
306 bool is_multicast = ipv6_addr_is_multicast(addr);
307
308 in6_dev = in6_dev_get(dev);
309 if (in6_dev == NULL) {
310 return -EINVAL;
311 }
312
313 parms = in6_dev->nd_parms;
314 __neigh_parms_put(neigh->parms);
315 neigh->parms = neigh_parms_clone(parms);
316
317 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
318 if (!dev->header_ops) {
319 neigh->nud_state = NUD_NOARP;
320 neigh->ops = &ndisc_direct_ops;
321 neigh->output = neigh_direct_output;
322 } else {
323 if (is_multicast) {
324 neigh->nud_state = NUD_NOARP;
325 ndisc_mc_map(addr, neigh->ha, dev, 1);
326 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
327 neigh->nud_state = NUD_NOARP;
328 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
329 if (dev->flags&IFF_LOOPBACK)
330 neigh->type = RTN_LOCAL;
331 } else if (dev->flags&IFF_POINTOPOINT) {
332 neigh->nud_state = NUD_NOARP;
333 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
334 }
335 if (dev->header_ops->cache)
336 neigh->ops = &ndisc_hh_ops;
337 else
338 neigh->ops = &ndisc_generic_ops;
339 if (neigh->nud_state&NUD_VALID)
340 neigh->output = neigh->ops->connected_output;
341 else
342 neigh->output = neigh->ops->output;
343 }
344 in6_dev_put(in6_dev);
345 return 0;
346 }
347
348 static int pndisc_constructor(struct pneigh_entry *n)
349 {
350 struct in6_addr *addr = (struct in6_addr*)&n->key;
351 struct in6_addr maddr;
352 struct net_device *dev = n->dev;
353
354 if (dev == NULL || __in6_dev_get(dev) == NULL)
355 return -EINVAL;
356 addrconf_addr_solict_mult(addr, &maddr);
357 ipv6_dev_mc_inc(dev, &maddr);
358 return 0;
359 }
360
361 static void pndisc_destructor(struct pneigh_entry *n)
362 {
363 struct in6_addr *addr = (struct in6_addr*)&n->key;
364 struct in6_addr maddr;
365 struct net_device *dev = n->dev;
366
367 if (dev == NULL || __in6_dev_get(dev) == NULL)
368 return;
369 addrconf_addr_solict_mult(addr, &maddr);
370 ipv6_dev_mc_dec(dev, &maddr);
371 }
372
373 static struct sk_buff *ndisc_build_skb(struct net_device *dev,
374 const struct in6_addr *daddr,
375 const struct in6_addr *saddr,
376 struct icmp6hdr *icmp6h,
377 const struct in6_addr *target,
378 int llinfo)
379 {
380 struct net *net = dev_net(dev);
381 struct sock *sk = net->ipv6.ndisc_sk;
382 struct sk_buff *skb;
383 struct icmp6hdr *hdr;
384 int hlen = LL_RESERVED_SPACE(dev);
385 int tlen = dev->needed_tailroom;
386 int len;
387 int err;
388 u8 *opt;
389
390 if (!dev->addr_len)
391 llinfo = 0;
392
393 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
394 if (llinfo)
395 len += ndisc_opt_addr_space(dev);
396
397 skb = sock_alloc_send_skb(sk,
398 (MAX_HEADER + sizeof(struct ipv6hdr) +
399 len + hlen + tlen),
400 1, &err);
401 if (!skb) {
402 ND_PRINTK(0, err, "ND: %s failed to allocate an skb, err=%d\n",
403 __func__, err);
404 return NULL;
405 }
406
407 skb_reserve(skb, hlen);
408 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
409
410 skb->transport_header = skb->tail;
411 skb_put(skb, len);
412
413 hdr = (struct icmp6hdr *)skb_transport_header(skb);
414 memcpy(hdr, icmp6h, sizeof(*hdr));
415
416 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
417 if (target) {
418 *(struct in6_addr *)opt = *target;
419 opt += sizeof(*target);
420 }
421
422 if (llinfo)
423 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
424 dev->addr_len, dev->type);
425
426 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
427 IPPROTO_ICMPV6,
428 csum_partial(hdr,
429 len, 0));
430
431 return skb;
432 }
433
434 static void ndisc_send_skb(struct sk_buff *skb, struct net_device *dev,
435 struct neighbour *neigh,
436 const struct in6_addr *daddr,
437 const struct in6_addr *saddr,
438 struct icmp6hdr *icmp6h)
439 {
440 struct flowi6 fl6;
441 struct dst_entry *dst;
442 struct net *net = dev_net(dev);
443 struct sock *sk = net->ipv6.ndisc_sk;
444 struct inet6_dev *idev;
445 int err;
446 u8 type;
447
448 type = icmp6h->icmp6_type;
449
450 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
451 dst = icmp6_dst_alloc(dev, neigh, &fl6);
452 if (IS_ERR(dst)) {
453 kfree_skb(skb);
454 return;
455 }
456
457 skb_dst_set(skb, dst);
458
459 rcu_read_lock();
460 idev = __in6_dev_get(dst->dev);
461 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
462
463 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
464 dst_output);
465 if (!err) {
466 ICMP6MSGOUT_INC_STATS(net, idev, type);
467 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
468 }
469
470 rcu_read_unlock();
471 }
472
473 /*
474 * Send a Neighbour Discover packet
475 */
476 static void __ndisc_send(struct net_device *dev,
477 struct neighbour *neigh,
478 const struct in6_addr *daddr,
479 const struct in6_addr *saddr,
480 struct icmp6hdr *icmp6h, const struct in6_addr *target,
481 int llinfo)
482 {
483 struct sk_buff *skb;
484
485 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
486 if (!skb)
487 return;
488
489 ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
490 }
491
492 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
493 const struct in6_addr *daddr,
494 const struct in6_addr *solicited_addr,
495 int router, int solicited, int override, int inc_opt)
496 {
497 struct in6_addr tmpaddr;
498 struct inet6_ifaddr *ifp;
499 const struct in6_addr *src_addr;
500 struct icmp6hdr icmp6h = {
501 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
502 };
503
504 /* for anycast or proxy, solicited_addr != src_addr */
505 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
506 if (ifp) {
507 src_addr = solicited_addr;
508 if (ifp->flags & IFA_F_OPTIMISTIC)
509 override = 0;
510 inc_opt |= ifp->idev->cnf.force_tllao;
511 in6_ifa_put(ifp);
512 } else {
513 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
514 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
515 &tmpaddr))
516 return;
517 src_addr = &tmpaddr;
518 }
519
520 icmp6h.icmp6_router = router;
521 icmp6h.icmp6_solicited = solicited;
522 icmp6h.icmp6_override = override;
523
524 __ndisc_send(dev, neigh, daddr, src_addr,
525 &icmp6h, solicited_addr,
526 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
527 }
528
529 static void ndisc_send_unsol_na(struct net_device *dev)
530 {
531 struct inet6_dev *idev;
532 struct inet6_ifaddr *ifa;
533
534 idev = in6_dev_get(dev);
535 if (!idev)
536 return;
537
538 read_lock_bh(&idev->lock);
539 list_for_each_entry(ifa, &idev->addr_list, if_list) {
540 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
541 /*router=*/ !!idev->cnf.forwarding,
542 /*solicited=*/ false, /*override=*/ true,
543 /*inc_opt=*/ true);
544 }
545 read_unlock_bh(&idev->lock);
546
547 in6_dev_put(idev);
548 }
549
550 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
551 const struct in6_addr *solicit,
552 const struct in6_addr *daddr, const struct in6_addr *saddr)
553 {
554 struct in6_addr addr_buf;
555 struct icmp6hdr icmp6h = {
556 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
557 };
558
559 if (saddr == NULL) {
560 if (ipv6_get_lladdr(dev, &addr_buf,
561 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
562 return;
563 saddr = &addr_buf;
564 }
565
566 __ndisc_send(dev, neigh, daddr, saddr,
567 &icmp6h, solicit,
568 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
569 }
570
571 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
572 const struct in6_addr *daddr)
573 {
574 struct icmp6hdr icmp6h = {
575 .icmp6_type = NDISC_ROUTER_SOLICITATION,
576 };
577 int send_sllao = dev->addr_len;
578
579 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
580 /*
581 * According to section 2.2 of RFC 4429, we must not
582 * send router solicitations with a sllao from
583 * optimistic addresses, but we may send the solicitation
584 * if we don't include the sllao. So here we check
585 * if our address is optimistic, and if so, we
586 * suppress the inclusion of the sllao.
587 */
588 if (send_sllao) {
589 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
590 dev, 1);
591 if (ifp) {
592 if (ifp->flags & IFA_F_OPTIMISTIC) {
593 send_sllao = 0;
594 }
595 in6_ifa_put(ifp);
596 } else {
597 send_sllao = 0;
598 }
599 }
600 #endif
601 __ndisc_send(dev, NULL, daddr, saddr,
602 &icmp6h, NULL,
603 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
604 }
605
606
607 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
608 {
609 /*
610 * "The sender MUST return an ICMP
611 * destination unreachable"
612 */
613 dst_link_failure(skb);
614 kfree_skb(skb);
615 }
616
617 /* Called with locked neigh: either read or both */
618
619 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
620 {
621 struct in6_addr *saddr = NULL;
622 struct in6_addr mcaddr;
623 struct net_device *dev = neigh->dev;
624 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
625 int probes = atomic_read(&neigh->probes);
626
627 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
628 saddr = &ipv6_hdr(skb)->saddr;
629
630 if ((probes -= neigh->parms->ucast_probes) < 0) {
631 if (!(neigh->nud_state & NUD_VALID)) {
632 ND_PRINTK(1, dbg,
633 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
634 __func__, target);
635 }
636 ndisc_send_ns(dev, neigh, target, target, saddr);
637 } else if ((probes -= neigh->parms->app_probes) < 0) {
638 #ifdef CONFIG_ARPD
639 neigh_app_ns(neigh);
640 #endif
641 } else {
642 addrconf_addr_solict_mult(target, &mcaddr);
643 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
644 }
645 }
646
647 static int pndisc_is_router(const void *pkey,
648 struct net_device *dev)
649 {
650 struct pneigh_entry *n;
651 int ret = -1;
652
653 read_lock_bh(&nd_tbl.lock);
654 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
655 if (n)
656 ret = !!(n->flags & NTF_ROUTER);
657 read_unlock_bh(&nd_tbl.lock);
658
659 return ret;
660 }
661
662 static void ndisc_recv_ns(struct sk_buff *skb)
663 {
664 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
665 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
666 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
667 u8 *lladdr = NULL;
668 u32 ndoptlen = skb->tail - (skb->transport_header +
669 offsetof(struct nd_msg, opt));
670 struct ndisc_options ndopts;
671 struct net_device *dev = skb->dev;
672 struct inet6_ifaddr *ifp;
673 struct inet6_dev *idev = NULL;
674 struct neighbour *neigh;
675 int dad = ipv6_addr_any(saddr);
676 bool inc;
677 int is_router = -1;
678
679 if (ipv6_addr_is_multicast(&msg->target)) {
680 ND_PRINTK(2, warn, "NS: multicast target address\n");
681 return;
682 }
683
684 /*
685 * RFC2461 7.1.1:
686 * DAD has to be destined for solicited node multicast address.
687 */
688 if (dad &&
689 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
690 daddr->s6_addr32[1] == htonl(0x00000000) &&
691 daddr->s6_addr32[2] == htonl(0x00000001) &&
692 daddr->s6_addr [12] == 0xff )) {
693 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
694 return;
695 }
696
697 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
698 ND_PRINTK(2, warn, "NS: invalid ND options\n");
699 return;
700 }
701
702 if (ndopts.nd_opts_src_lladdr) {
703 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
704 if (!lladdr) {
705 ND_PRINTK(2, warn,
706 "NS: invalid link-layer address length\n");
707 return;
708 }
709
710 /* RFC2461 7.1.1:
711 * If the IP source address is the unspecified address,
712 * there MUST NOT be source link-layer address option
713 * in the message.
714 */
715 if (dad) {
716 ND_PRINTK(2, warn,
717 "NS: bad DAD packet (link-layer address option)\n");
718 return;
719 }
720 }
721
722 inc = ipv6_addr_is_multicast(daddr);
723
724 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
725 if (ifp) {
726
727 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
728 if (dad) {
729 /*
730 * We are colliding with another node
731 * who is doing DAD
732 * so fail our DAD process
733 */
734 addrconf_dad_failure(ifp);
735 return;
736 } else {
737 /*
738 * This is not a dad solicitation.
739 * If we are an optimistic node,
740 * we should respond.
741 * Otherwise, we should ignore it.
742 */
743 if (!(ifp->flags & IFA_F_OPTIMISTIC))
744 goto out;
745 }
746 }
747
748 idev = ifp->idev;
749 } else {
750 struct net *net = dev_net(dev);
751
752 idev = in6_dev_get(dev);
753 if (!idev) {
754 /* XXX: count this drop? */
755 return;
756 }
757
758 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
759 (idev->cnf.forwarding &&
760 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
761 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
762 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
763 skb->pkt_type != PACKET_HOST &&
764 inc != 0 &&
765 idev->nd_parms->proxy_delay != 0) {
766 /*
767 * for anycast or proxy,
768 * sender should delay its response
769 * by a random time between 0 and
770 * MAX_ANYCAST_DELAY_TIME seconds.
771 * (RFC2461) -- yoshfuji
772 */
773 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
774 if (n)
775 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
776 goto out;
777 }
778 } else
779 goto out;
780 }
781
782 if (is_router < 0)
783 is_router = !!idev->cnf.forwarding;
784
785 if (dad) {
786 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
787 is_router, 0, (ifp != NULL), 1);
788 goto out;
789 }
790
791 if (inc)
792 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
793 else
794 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
795
796 /*
797 * update / create cache entry
798 * for the source address
799 */
800 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
801 !inc || lladdr || !dev->addr_len);
802 if (neigh)
803 neigh_update(neigh, lladdr, NUD_STALE,
804 NEIGH_UPDATE_F_WEAK_OVERRIDE|
805 NEIGH_UPDATE_F_OVERRIDE);
806 if (neigh || !dev->header_ops) {
807 ndisc_send_na(dev, neigh, saddr, &msg->target,
808 is_router,
809 1, (ifp != NULL && inc), inc);
810 if (neigh)
811 neigh_release(neigh);
812 }
813
814 out:
815 if (ifp)
816 in6_ifa_put(ifp);
817 else
818 in6_dev_put(idev);
819 }
820
821 static void ndisc_recv_na(struct sk_buff *skb)
822 {
823 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
824 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
825 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
826 u8 *lladdr = NULL;
827 u32 ndoptlen = skb->tail - (skb->transport_header +
828 offsetof(struct nd_msg, opt));
829 struct ndisc_options ndopts;
830 struct net_device *dev = skb->dev;
831 struct inet6_ifaddr *ifp;
832 struct neighbour *neigh;
833
834 if (skb->len < sizeof(struct nd_msg)) {
835 ND_PRINTK(2, warn, "NA: packet too short\n");
836 return;
837 }
838
839 if (ipv6_addr_is_multicast(&msg->target)) {
840 ND_PRINTK(2, warn, "NA: target address is multicast\n");
841 return;
842 }
843
844 if (ipv6_addr_is_multicast(daddr) &&
845 msg->icmph.icmp6_solicited) {
846 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
847 return;
848 }
849
850 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
851 ND_PRINTK(2, warn, "NS: invalid ND option\n");
852 return;
853 }
854 if (ndopts.nd_opts_tgt_lladdr) {
855 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
856 if (!lladdr) {
857 ND_PRINTK(2, warn,
858 "NA: invalid link-layer address length\n");
859 return;
860 }
861 }
862 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
863 if (ifp) {
864 if (skb->pkt_type != PACKET_LOOPBACK
865 && (ifp->flags & IFA_F_TENTATIVE)) {
866 addrconf_dad_failure(ifp);
867 return;
868 }
869 /* What should we make now? The advertisement
870 is invalid, but ndisc specs say nothing
871 about it. It could be misconfiguration, or
872 an smart proxy agent tries to help us :-)
873
874 We should not print the error if NA has been
875 received from loopback - it is just our own
876 unsolicited advertisement.
877 */
878 if (skb->pkt_type != PACKET_LOOPBACK)
879 ND_PRINTK(1, warn,
880 "NA: someone advertises our address %pI6 on %s!\n",
881 &ifp->addr, ifp->idev->dev->name);
882 in6_ifa_put(ifp);
883 return;
884 }
885 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
886
887 if (neigh) {
888 u8 old_flags = neigh->flags;
889 struct net *net = dev_net(dev);
890
891 if (neigh->nud_state & NUD_FAILED)
892 goto out;
893
894 /*
895 * Don't update the neighbor cache entry on a proxy NA from
896 * ourselves because either the proxied node is off link or it
897 * has already sent a NA to us.
898 */
899 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
900 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
901 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
902 /* XXX: idev->cnf.proxy_ndp */
903 goto out;
904 }
905
906 neigh_update(neigh, lladdr,
907 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
908 NEIGH_UPDATE_F_WEAK_OVERRIDE|
909 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
910 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
911 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
912
913 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
914 /*
915 * Change: router to host
916 */
917 struct rt6_info *rt;
918 rt = rt6_get_dflt_router(saddr, dev);
919 if (rt)
920 ip6_del_rt(rt);
921 }
922
923 out:
924 neigh_release(neigh);
925 }
926 }
927
928 static void ndisc_recv_rs(struct sk_buff *skb)
929 {
930 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
931 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
932 struct neighbour *neigh;
933 struct inet6_dev *idev;
934 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
935 struct ndisc_options ndopts;
936 u8 *lladdr = NULL;
937
938 if (skb->len < sizeof(*rs_msg))
939 return;
940
941 idev = __in6_dev_get(skb->dev);
942 if (!idev) {
943 ND_PRINTK(1, err, "RS: can't find in6 device\n");
944 return;
945 }
946
947 /* Don't accept RS if we're not in router mode */
948 if (!idev->cnf.forwarding)
949 goto out;
950
951 /*
952 * Don't update NCE if src = ::;
953 * this implies that the source node has no ip address assigned yet.
954 */
955 if (ipv6_addr_any(saddr))
956 goto out;
957
958 /* Parse ND options */
959 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
960 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
961 goto out;
962 }
963
964 if (ndopts.nd_opts_src_lladdr) {
965 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
966 skb->dev);
967 if (!lladdr)
968 goto out;
969 }
970
971 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
972 if (neigh) {
973 neigh_update(neigh, lladdr, NUD_STALE,
974 NEIGH_UPDATE_F_WEAK_OVERRIDE|
975 NEIGH_UPDATE_F_OVERRIDE|
976 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
977 neigh_release(neigh);
978 }
979 out:
980 return;
981 }
982
983 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
984 {
985 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
986 struct sk_buff *skb;
987 struct nlmsghdr *nlh;
988 struct nduseroptmsg *ndmsg;
989 struct net *net = dev_net(ra->dev);
990 int err;
991 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
992 + (opt->nd_opt_len << 3));
993 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
994
995 skb = nlmsg_new(msg_size, GFP_ATOMIC);
996 if (skb == NULL) {
997 err = -ENOBUFS;
998 goto errout;
999 }
1000
1001 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1002 if (nlh == NULL) {
1003 goto nla_put_failure;
1004 }
1005
1006 ndmsg = nlmsg_data(nlh);
1007 ndmsg->nduseropt_family = AF_INET6;
1008 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1009 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1010 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1011 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1012
1013 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1014
1015 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1016 &ipv6_hdr(ra)->saddr))
1017 goto nla_put_failure;
1018 nlmsg_end(skb, nlh);
1019
1020 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1021 return;
1022
1023 nla_put_failure:
1024 nlmsg_free(skb);
1025 err = -EMSGSIZE;
1026 errout:
1027 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1028 }
1029
1030 static void ndisc_router_discovery(struct sk_buff *skb)
1031 {
1032 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1033 struct neighbour *neigh = NULL;
1034 struct inet6_dev *in6_dev;
1035 struct rt6_info *rt = NULL;
1036 int lifetime;
1037 struct ndisc_options ndopts;
1038 int optlen;
1039 unsigned int pref = 0;
1040
1041 __u8 * opt = (__u8 *)(ra_msg + 1);
1042
1043 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1044
1045 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1046 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1047 return;
1048 }
1049 if (optlen < 0) {
1050 ND_PRINTK(2, warn, "RA: packet too short\n");
1051 return;
1052 }
1053
1054 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1055 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1056 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1057 return;
1058 }
1059 #endif
1060
1061 /*
1062 * set the RA_RECV flag in the interface
1063 */
1064
1065 in6_dev = __in6_dev_get(skb->dev);
1066 if (in6_dev == NULL) {
1067 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1068 skb->dev->name);
1069 return;
1070 }
1071
1072 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1073 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1074 return;
1075 }
1076
1077 if (!ipv6_accept_ra(in6_dev))
1078 goto skip_linkparms;
1079
1080 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1081 /* skip link-specific parameters from interior routers */
1082 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1083 goto skip_linkparms;
1084 #endif
1085
1086 if (in6_dev->if_flags & IF_RS_SENT) {
1087 /*
1088 * flag that an RA was received after an RS was sent
1089 * out on this interface.
1090 */
1091 in6_dev->if_flags |= IF_RA_RCVD;
1092 }
1093
1094 /*
1095 * Remember the managed/otherconf flags from most recently
1096 * received RA message (RFC 2462) -- yoshfuji
1097 */
1098 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1099 IF_RA_OTHERCONF)) |
1100 (ra_msg->icmph.icmp6_addrconf_managed ?
1101 IF_RA_MANAGED : 0) |
1102 (ra_msg->icmph.icmp6_addrconf_other ?
1103 IF_RA_OTHERCONF : 0);
1104
1105 if (!in6_dev->cnf.accept_ra_defrtr)
1106 goto skip_defrtr;
1107
1108 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1109 goto skip_defrtr;
1110
1111 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1112
1113 #ifdef CONFIG_IPV6_ROUTER_PREF
1114 pref = ra_msg->icmph.icmp6_router_pref;
1115 /* 10b is handled as if it were 00b (medium) */
1116 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1117 !in6_dev->cnf.accept_ra_rtr_pref)
1118 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1119 #endif
1120
1121 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1122
1123 if (rt) {
1124 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1125 if (!neigh) {
1126 ND_PRINTK(0, err,
1127 "RA: %s got default router without neighbour\n",
1128 __func__);
1129 ip6_rt_put(rt);
1130 return;
1131 }
1132 }
1133 if (rt && lifetime == 0) {
1134 ip6_del_rt(rt);
1135 rt = NULL;
1136 }
1137
1138 if (rt == NULL && lifetime) {
1139 ND_PRINTK(3, dbg, "RA: adding default router\n");
1140
1141 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1142 if (rt == NULL) {
1143 ND_PRINTK(0, err,
1144 "RA: %s failed to add default route\n",
1145 __func__);
1146 return;
1147 }
1148
1149 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1150 if (neigh == NULL) {
1151 ND_PRINTK(0, err,
1152 "RA: %s got default router without neighbour\n",
1153 __func__);
1154 ip6_rt_put(rt);
1155 return;
1156 }
1157 neigh->flags |= NTF_ROUTER;
1158 } else if (rt) {
1159 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1160 }
1161
1162 if (rt)
1163 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1164 if (ra_msg->icmph.icmp6_hop_limit) {
1165 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1166 if (rt)
1167 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1168 ra_msg->icmph.icmp6_hop_limit);
1169 }
1170
1171 skip_defrtr:
1172
1173 /*
1174 * Update Reachable Time and Retrans Timer
1175 */
1176
1177 if (in6_dev->nd_parms) {
1178 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1179
1180 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1181 rtime = (rtime*HZ)/1000;
1182 if (rtime < HZ/10)
1183 rtime = HZ/10;
1184 in6_dev->nd_parms->retrans_time = rtime;
1185 in6_dev->tstamp = jiffies;
1186 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1187 }
1188
1189 rtime = ntohl(ra_msg->reachable_time);
1190 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1191 rtime = (rtime*HZ)/1000;
1192
1193 if (rtime < HZ/10)
1194 rtime = HZ/10;
1195
1196 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1197 in6_dev->nd_parms->base_reachable_time = rtime;
1198 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1199 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1200 in6_dev->tstamp = jiffies;
1201 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1202 }
1203 }
1204 }
1205
1206 skip_linkparms:
1207
1208 /*
1209 * Process options.
1210 */
1211
1212 if (!neigh)
1213 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1214 skb->dev, 1);
1215 if (neigh) {
1216 u8 *lladdr = NULL;
1217 if (ndopts.nd_opts_src_lladdr) {
1218 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1219 skb->dev);
1220 if (!lladdr) {
1221 ND_PRINTK(2, warn,
1222 "RA: invalid link-layer address length\n");
1223 goto out;
1224 }
1225 }
1226 neigh_update(neigh, lladdr, NUD_STALE,
1227 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1228 NEIGH_UPDATE_F_OVERRIDE|
1229 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1230 NEIGH_UPDATE_F_ISROUTER);
1231 }
1232
1233 if (!ipv6_accept_ra(in6_dev))
1234 goto out;
1235
1236 #ifdef CONFIG_IPV6_ROUTE_INFO
1237 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1238 goto skip_routeinfo;
1239
1240 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1241 struct nd_opt_hdr *p;
1242 for (p = ndopts.nd_opts_ri;
1243 p;
1244 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1245 struct route_info *ri = (struct route_info *)p;
1246 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1247 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1248 ri->prefix_len == 0)
1249 continue;
1250 #endif
1251 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1252 continue;
1253 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1254 &ipv6_hdr(skb)->saddr);
1255 }
1256 }
1257
1258 skip_routeinfo:
1259 #endif
1260
1261 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1262 /* skip link-specific ndopts from interior routers */
1263 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1264 goto out;
1265 #endif
1266
1267 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1268 struct nd_opt_hdr *p;
1269 for (p = ndopts.nd_opts_pi;
1270 p;
1271 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1272 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1273 (p->nd_opt_len) << 3,
1274 ndopts.nd_opts_src_lladdr != NULL);
1275 }
1276 }
1277
1278 if (ndopts.nd_opts_mtu) {
1279 __be32 n;
1280 u32 mtu;
1281
1282 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1283 mtu = ntohl(n);
1284
1285 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1286 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1287 } else if (in6_dev->cnf.mtu6 != mtu) {
1288 in6_dev->cnf.mtu6 = mtu;
1289
1290 if (rt)
1291 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1292
1293 rt6_mtu_change(skb->dev, mtu);
1294 }
1295 }
1296
1297 if (ndopts.nd_useropts) {
1298 struct nd_opt_hdr *p;
1299 for (p = ndopts.nd_useropts;
1300 p;
1301 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1302 ndisc_ra_useropt(skb, p);
1303 }
1304 }
1305
1306 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1307 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1308 }
1309 out:
1310 ip6_rt_put(rt);
1311 if (neigh)
1312 neigh_release(neigh);
1313 }
1314
1315 static void ndisc_redirect_rcv(struct sk_buff *skb)
1316 {
1317 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1318 switch (skb->ndisc_nodetype) {
1319 case NDISC_NODETYPE_HOST:
1320 case NDISC_NODETYPE_NODEFAULT:
1321 ND_PRINTK(2, warn,
1322 "Redirect: from host or unauthorized router\n");
1323 return;
1324 }
1325 #endif
1326
1327 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1328 ND_PRINTK(2, warn,
1329 "Redirect: source address is not link-local\n");
1330 return;
1331 }
1332
1333 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1334 }
1335
1336 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1337 {
1338 struct net_device *dev = skb->dev;
1339 struct net *net = dev_net(dev);
1340 struct sock *sk = net->ipv6.ndisc_sk;
1341 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1342 struct inet_peer *peer;
1343 struct sk_buff *buff;
1344 struct icmp6hdr *icmph;
1345 struct in6_addr saddr_buf;
1346 struct in6_addr *addrp;
1347 struct rt6_info *rt;
1348 struct dst_entry *dst;
1349 struct inet6_dev *idev;
1350 struct flowi6 fl6;
1351 u8 *opt;
1352 int hlen, tlen;
1353 int rd_len;
1354 int err;
1355 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1356 bool ret;
1357
1358 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1359 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1360 dev->name);
1361 return;
1362 }
1363
1364 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1365 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1366 ND_PRINTK(2, warn,
1367 "Redirect: target address is not link-local unicast\n");
1368 return;
1369 }
1370
1371 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1372 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1373
1374 dst = ip6_route_output(net, NULL, &fl6);
1375 if (dst->error) {
1376 dst_release(dst);
1377 return;
1378 }
1379 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1380 if (IS_ERR(dst))
1381 return;
1382
1383 rt = (struct rt6_info *) dst;
1384
1385 if (rt->rt6i_flags & RTF_GATEWAY) {
1386 ND_PRINTK(2, warn,
1387 "Redirect: destination is not a neighbour\n");
1388 goto release;
1389 }
1390 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1391 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1392 if (peer)
1393 inet_putpeer(peer);
1394 if (!ret)
1395 goto release;
1396
1397 if (dev->addr_len) {
1398 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1399 if (!neigh) {
1400 ND_PRINTK(2, warn,
1401 "Redirect: no neigh for target address\n");
1402 goto release;
1403 }
1404
1405 read_lock_bh(&neigh->lock);
1406 if (neigh->nud_state & NUD_VALID) {
1407 memcpy(ha_buf, neigh->ha, dev->addr_len);
1408 read_unlock_bh(&neigh->lock);
1409 ha = ha_buf;
1410 len += ndisc_opt_addr_space(dev);
1411 } else
1412 read_unlock_bh(&neigh->lock);
1413
1414 neigh_release(neigh);
1415 }
1416
1417 rd_len = min_t(unsigned int,
1418 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1419 rd_len &= ~0x7;
1420 len += rd_len;
1421
1422 hlen = LL_RESERVED_SPACE(dev);
1423 tlen = dev->needed_tailroom;
1424 buff = sock_alloc_send_skb(sk,
1425 (MAX_HEADER + sizeof(struct ipv6hdr) +
1426 len + hlen + tlen),
1427 1, &err);
1428 if (buff == NULL) {
1429 ND_PRINTK(0, err,
1430 "Redirect: %s failed to allocate an skb, err=%d\n",
1431 __func__, err);
1432 goto release;
1433 }
1434
1435 skb_reserve(buff, hlen);
1436 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1437 IPPROTO_ICMPV6, len);
1438
1439 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1440 skb_put(buff, len);
1441 icmph = icmp6_hdr(buff);
1442
1443 memset(icmph, 0, sizeof(struct icmp6hdr));
1444 icmph->icmp6_type = NDISC_REDIRECT;
1445
1446 /*
1447 * copy target and destination addresses
1448 */
1449
1450 addrp = (struct in6_addr *)(icmph + 1);
1451 *addrp = *target;
1452 addrp++;
1453 *addrp = ipv6_hdr(skb)->daddr;
1454
1455 opt = (u8*) (addrp + 1);
1456
1457 /*
1458 * include target_address option
1459 */
1460
1461 if (ha)
1462 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1463 dev->addr_len, dev->type);
1464
1465 /*
1466 * build redirect option and copy skb over to the new packet.
1467 */
1468
1469 memset(opt, 0, 8);
1470 *(opt++) = ND_OPT_REDIRECT_HDR;
1471 *(opt++) = (rd_len >> 3);
1472 opt += 6;
1473
1474 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1475
1476 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1477 len, IPPROTO_ICMPV6,
1478 csum_partial(icmph, len, 0));
1479
1480 skb_dst_set(buff, dst);
1481 rcu_read_lock();
1482 idev = __in6_dev_get(dst->dev);
1483 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1484 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1485 dst_output);
1486 if (!err) {
1487 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1488 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1489 }
1490
1491 rcu_read_unlock();
1492 return;
1493
1494 release:
1495 dst_release(dst);
1496 }
1497
1498 static void pndisc_redo(struct sk_buff *skb)
1499 {
1500 ndisc_recv_ns(skb);
1501 kfree_skb(skb);
1502 }
1503
1504 int ndisc_rcv(struct sk_buff *skb)
1505 {
1506 struct nd_msg *msg;
1507
1508 if (!pskb_may_pull(skb, skb->len))
1509 return 0;
1510
1511 msg = (struct nd_msg *)skb_transport_header(skb);
1512
1513 __skb_push(skb, skb->data - skb_transport_header(skb));
1514
1515 if (ipv6_hdr(skb)->hop_limit != 255) {
1516 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1517 ipv6_hdr(skb)->hop_limit);
1518 return 0;
1519 }
1520
1521 if (msg->icmph.icmp6_code != 0) {
1522 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1523 msg->icmph.icmp6_code);
1524 return 0;
1525 }
1526
1527 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1528
1529 switch (msg->icmph.icmp6_type) {
1530 case NDISC_NEIGHBOUR_SOLICITATION:
1531 ndisc_recv_ns(skb);
1532 break;
1533
1534 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1535 ndisc_recv_na(skb);
1536 break;
1537
1538 case NDISC_ROUTER_SOLICITATION:
1539 ndisc_recv_rs(skb);
1540 break;
1541
1542 case NDISC_ROUTER_ADVERTISEMENT:
1543 ndisc_router_discovery(skb);
1544 break;
1545
1546 case NDISC_REDIRECT:
1547 ndisc_redirect_rcv(skb);
1548 break;
1549 }
1550
1551 return 0;
1552 }
1553
1554 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1555 {
1556 struct net_device *dev = ptr;
1557 struct net *net = dev_net(dev);
1558 struct inet6_dev *idev;
1559
1560 switch (event) {
1561 case NETDEV_CHANGEADDR:
1562 neigh_changeaddr(&nd_tbl, dev);
1563 fib6_run_gc(~0UL, net);
1564 idev = in6_dev_get(dev);
1565 if (!idev)
1566 break;
1567 if (idev->cnf.ndisc_notify)
1568 ndisc_send_unsol_na(dev);
1569 in6_dev_put(idev);
1570 break;
1571 case NETDEV_DOWN:
1572 neigh_ifdown(&nd_tbl, dev);
1573 fib6_run_gc(~0UL, net);
1574 break;
1575 case NETDEV_NOTIFY_PEERS:
1576 ndisc_send_unsol_na(dev);
1577 break;
1578 default:
1579 break;
1580 }
1581
1582 return NOTIFY_DONE;
1583 }
1584
1585 static struct notifier_block ndisc_netdev_notifier = {
1586 .notifier_call = ndisc_netdev_event,
1587 };
1588
1589 #ifdef CONFIG_SYSCTL
1590 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1591 const char *func, const char *dev_name)
1592 {
1593 static char warncomm[TASK_COMM_LEN];
1594 static int warned;
1595 if (strcmp(warncomm, current->comm) && warned < 5) {
1596 strcpy(warncomm, current->comm);
1597 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1598 warncomm, func,
1599 dev_name, ctl->procname,
1600 dev_name, ctl->procname);
1601 warned++;
1602 }
1603 }
1604
1605 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1606 {
1607 struct net_device *dev = ctl->extra1;
1608 struct inet6_dev *idev;
1609 int ret;
1610
1611 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1612 (strcmp(ctl->procname, "base_reachable_time") == 0))
1613 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1614
1615 if (strcmp(ctl->procname, "retrans_time") == 0)
1616 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1617
1618 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1619 ret = proc_dointvec_jiffies(ctl, write,
1620 buffer, lenp, ppos);
1621
1622 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1623 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1624 ret = proc_dointvec_ms_jiffies(ctl, write,
1625 buffer, lenp, ppos);
1626 else
1627 ret = -1;
1628
1629 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1630 if (ctl->data == &idev->nd_parms->base_reachable_time)
1631 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1632 idev->tstamp = jiffies;
1633 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1634 in6_dev_put(idev);
1635 }
1636 return ret;
1637 }
1638
1639
1640 #endif
1641
1642 static int __net_init ndisc_net_init(struct net *net)
1643 {
1644 struct ipv6_pinfo *np;
1645 struct sock *sk;
1646 int err;
1647
1648 err = inet_ctl_sock_create(&sk, PF_INET6,
1649 SOCK_RAW, IPPROTO_ICMPV6, net);
1650 if (err < 0) {
1651 ND_PRINTK(0, err,
1652 "NDISC: Failed to initialize the control socket (err %d)\n",
1653 err);
1654 return err;
1655 }
1656
1657 net->ipv6.ndisc_sk = sk;
1658
1659 np = inet6_sk(sk);
1660 np->hop_limit = 255;
1661 /* Do not loopback ndisc messages */
1662 np->mc_loop = 0;
1663
1664 return 0;
1665 }
1666
1667 static void __net_exit ndisc_net_exit(struct net *net)
1668 {
1669 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1670 }
1671
1672 static struct pernet_operations ndisc_net_ops = {
1673 .init = ndisc_net_init,
1674 .exit = ndisc_net_exit,
1675 };
1676
1677 int __init ndisc_init(void)
1678 {
1679 int err;
1680
1681 err = register_pernet_subsys(&ndisc_net_ops);
1682 if (err)
1683 return err;
1684 /*
1685 * Initialize the neighbour table
1686 */
1687 neigh_table_init(&nd_tbl);
1688
1689 #ifdef CONFIG_SYSCTL
1690 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1691 &ndisc_ifinfo_sysctl_change);
1692 if (err)
1693 goto out_unregister_pernet;
1694 #endif
1695 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1696 if (err)
1697 goto out_unregister_sysctl;
1698 out:
1699 return err;
1700
1701 out_unregister_sysctl:
1702 #ifdef CONFIG_SYSCTL
1703 neigh_sysctl_unregister(&nd_tbl.parms);
1704 out_unregister_pernet:
1705 #endif
1706 unregister_pernet_subsys(&ndisc_net_ops);
1707 goto out;
1708 }
1709
1710 void ndisc_cleanup(void)
1711 {
1712 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1713 #ifdef CONFIG_SYSCTL
1714 neigh_sysctl_unregister(&nd_tbl.parms);
1715 #endif
1716 neigh_table_clear(&nd_tbl);
1717 unregister_pernet_subsys(&ndisc_net_ops);
1718 }
Linux kernel - Deliverables
This page took 0.087529 seconds and 6 git commands to generate.