projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branches 'iommu/fixes', 'dma-debug', 'x86/amd', 'x86/vt-d', 'arm/tegra' and...
[deliverable/linux.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static inline int ndisc_opt_addr_space(struct net_device *dev)
147 {
148 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
149 }
150
151 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
152 unsigned short addr_type)
153 {
154 int space = NDISC_OPT_SPACE(data_len);
155 int pad = ndisc_addr_option_pad(addr_type);
156
157 opt[0] = type;
158 opt[1] = space>>3;
159
160 memset(opt + 2, 0, pad);
161 opt += pad;
162 space -= pad;
163
164 memcpy(opt+2, data, data_len);
165 data_len += 2;
166 opt += data_len;
167 if ((space -= data_len) > 0)
168 memset(opt, 0, space);
169 return opt + space;
170 }
171
172 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
173 struct nd_opt_hdr *end)
174 {
175 int type;
176 if (!cur || !end || cur >= end)
177 return NULL;
178 type = cur->nd_opt_type;
179 do {
180 cur = ((void *)cur) + (cur->nd_opt_len << 3);
181 } while(cur < end && cur->nd_opt_type != type);
182 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
183 }
184
185 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
186 {
187 return opt->nd_opt_type == ND_OPT_RDNSS ||
188 opt->nd_opt_type == ND_OPT_DNSSL;
189 }
190
191 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
192 struct nd_opt_hdr *end)
193 {
194 if (!cur || !end || cur >= end)
195 return NULL;
196 do {
197 cur = ((void *)cur) + (cur->nd_opt_len << 3);
198 } while(cur < end && !ndisc_is_useropt(cur));
199 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
200 }
201
202 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
203 struct ndisc_options *ndopts)
204 {
205 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
206
207 if (!nd_opt || opt_len < 0 || !ndopts)
208 return NULL;
209 memset(ndopts, 0, sizeof(*ndopts));
210 while (opt_len) {
211 int l;
212 if (opt_len < sizeof(struct nd_opt_hdr))
213 return NULL;
214 l = nd_opt->nd_opt_len << 3;
215 if (opt_len < l || l == 0)
216 return NULL;
217 switch (nd_opt->nd_opt_type) {
218 case ND_OPT_SOURCE_LL_ADDR:
219 case ND_OPT_TARGET_LL_ADDR:
220 case ND_OPT_MTU:
221 case ND_OPT_REDIRECT_HDR:
222 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
223 ND_PRINTK(2, warn,
224 "%s: duplicated ND6 option found: type=%d\n",
225 __func__, nd_opt->nd_opt_type);
226 } else {
227 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
228 }
229 break;
230 case ND_OPT_PREFIX_INFO:
231 ndopts->nd_opts_pi_end = nd_opt;
232 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
233 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
234 break;
235 #ifdef CONFIG_IPV6_ROUTE_INFO
236 case ND_OPT_ROUTE_INFO:
237 ndopts->nd_opts_ri_end = nd_opt;
238 if (!ndopts->nd_opts_ri)
239 ndopts->nd_opts_ri = nd_opt;
240 break;
241 #endif
242 default:
243 if (ndisc_is_useropt(nd_opt)) {
244 ndopts->nd_useropts_end = nd_opt;
245 if (!ndopts->nd_useropts)
246 ndopts->nd_useropts = nd_opt;
247 } else {
248 /*
249 * Unknown options must be silently ignored,
250 * to accommodate future extension to the
251 * protocol.
252 */
253 ND_PRINTK(2, notice,
254 "%s: ignored unsupported option; type=%d, len=%d\n",
255 __func__,
256 nd_opt->nd_opt_type,
257 nd_opt->nd_opt_len);
258 }
259 }
260 opt_len -= l;
261 nd_opt = ((void *)nd_opt) + l;
262 }
263 return ndopts;
264 }
265
266 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
267 {
268 switch (dev->type) {
269 case ARPHRD_ETHER:
270 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
271 case ARPHRD_FDDI:
272 ipv6_eth_mc_map(addr, buf);
273 return 0;
274 case ARPHRD_ARCNET:
275 ipv6_arcnet_mc_map(addr, buf);
276 return 0;
277 case ARPHRD_INFINIBAND:
278 ipv6_ib_mc_map(addr, dev->broadcast, buf);
279 return 0;
280 case ARPHRD_IPGRE:
281 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
282 default:
283 if (dir) {
284 memcpy(buf, dev->broadcast, dev->addr_len);
285 return 0;
286 }
287 }
288 return -EINVAL;
289 }
290
291 EXPORT_SYMBOL(ndisc_mc_map);
292
293 static u32 ndisc_hash(const void *pkey,
294 const struct net_device *dev,
295 __u32 *hash_rnd)
296 {
297 return ndisc_hashfn(pkey, dev, hash_rnd);
298 }
299
300 static int ndisc_constructor(struct neighbour *neigh)
301 {
302 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
303 struct net_device *dev = neigh->dev;
304 struct inet6_dev *in6_dev;
305 struct neigh_parms *parms;
306 bool is_multicast = ipv6_addr_is_multicast(addr);
307
308 in6_dev = in6_dev_get(dev);
309 if (in6_dev == NULL) {
310 return -EINVAL;
311 }
312
313 parms = in6_dev->nd_parms;
314 __neigh_parms_put(neigh->parms);
315 neigh->parms = neigh_parms_clone(parms);
316
317 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
318 if (!dev->header_ops) {
319 neigh->nud_state = NUD_NOARP;
320 neigh->ops = &ndisc_direct_ops;
321 neigh->output = neigh_direct_output;
322 } else {
323 if (is_multicast) {
324 neigh->nud_state = NUD_NOARP;
325 ndisc_mc_map(addr, neigh->ha, dev, 1);
326 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
327 neigh->nud_state = NUD_NOARP;
328 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
329 if (dev->flags&IFF_LOOPBACK)
330 neigh->type = RTN_LOCAL;
331 } else if (dev->flags&IFF_POINTOPOINT) {
332 neigh->nud_state = NUD_NOARP;
333 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
334 }
335 if (dev->header_ops->cache)
336 neigh->ops = &ndisc_hh_ops;
337 else
338 neigh->ops = &ndisc_generic_ops;
339 if (neigh->nud_state&NUD_VALID)
340 neigh->output = neigh->ops->connected_output;
341 else
342 neigh->output = neigh->ops->output;
343 }
344 in6_dev_put(in6_dev);
345 return 0;
346 }
347
348 static int pndisc_constructor(struct pneigh_entry *n)
349 {
350 struct in6_addr *addr = (struct in6_addr*)&n->key;
351 struct in6_addr maddr;
352 struct net_device *dev = n->dev;
353
354 if (dev == NULL || __in6_dev_get(dev) == NULL)
355 return -EINVAL;
356 addrconf_addr_solict_mult(addr, &maddr);
357 ipv6_dev_mc_inc(dev, &maddr);
358 return 0;
359 }
360
361 static void pndisc_destructor(struct pneigh_entry *n)
362 {
363 struct in6_addr *addr = (struct in6_addr*)&n->key;
364 struct in6_addr maddr;
365 struct net_device *dev = n->dev;
366
367 if (dev == NULL || __in6_dev_get(dev) == NULL)
368 return;
369 addrconf_addr_solict_mult(addr, &maddr);
370 ipv6_dev_mc_dec(dev, &maddr);
371 }
372
373 struct sk_buff *ndisc_build_skb(struct net_device *dev,
374 const struct in6_addr *daddr,
375 const struct in6_addr *saddr,
376 struct icmp6hdr *icmp6h,
377 const struct in6_addr *target,
378 int llinfo)
379 {
380 struct net *net = dev_net(dev);
381 struct sock *sk = net->ipv6.ndisc_sk;
382 struct sk_buff *skb;
383 struct icmp6hdr *hdr;
384 int hlen = LL_RESERVED_SPACE(dev);
385 int tlen = dev->needed_tailroom;
386 int len;
387 int err;
388 u8 *opt;
389
390 if (!dev->addr_len)
391 llinfo = 0;
392
393 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
394 if (llinfo)
395 len += ndisc_opt_addr_space(dev);
396
397 skb = sock_alloc_send_skb(sk,
398 (MAX_HEADER + sizeof(struct ipv6hdr) +
399 len + hlen + tlen),
400 1, &err);
401 if (!skb) {
402 ND_PRINTK(0, err, "ND: %s failed to allocate an skb, err=%d\n",
403 __func__, err);
404 return NULL;
405 }
406
407 skb_reserve(skb, hlen);
408 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
409
410 skb->transport_header = skb->tail;
411 skb_put(skb, len);
412
413 hdr = (struct icmp6hdr *)skb_transport_header(skb);
414 memcpy(hdr, icmp6h, sizeof(*hdr));
415
416 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
417 if (target) {
418 *(struct in6_addr *)opt = *target;
419 opt += sizeof(*target);
420 }
421
422 if (llinfo)
423 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
424 dev->addr_len, dev->type);
425
426 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
427 IPPROTO_ICMPV6,
428 csum_partial(hdr,
429 len, 0));
430
431 return skb;
432 }
433
434 EXPORT_SYMBOL(ndisc_build_skb);
435
436 void ndisc_send_skb(struct sk_buff *skb,
437 struct net_device *dev,
438 struct neighbour *neigh,
439 const struct in6_addr *daddr,
440 const struct in6_addr *saddr,
441 struct icmp6hdr *icmp6h)
442 {
443 struct flowi6 fl6;
444 struct dst_entry *dst;
445 struct net *net = dev_net(dev);
446 struct sock *sk = net->ipv6.ndisc_sk;
447 struct inet6_dev *idev;
448 int err;
449 u8 type;
450
451 type = icmp6h->icmp6_type;
452
453 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
454 dst = icmp6_dst_alloc(dev, neigh, &fl6);
455 if (IS_ERR(dst)) {
456 kfree_skb(skb);
457 return;
458 }
459
460 skb_dst_set(skb, dst);
461
462 rcu_read_lock();
463 idev = __in6_dev_get(dst->dev);
464 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
465
466 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
467 dst_output);
468 if (!err) {
469 ICMP6MSGOUT_INC_STATS(net, idev, type);
470 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
471 }
472
473 rcu_read_unlock();
474 }
475
476 EXPORT_SYMBOL(ndisc_send_skb);
477
478 /*
479 * Send a Neighbour Discover packet
480 */
481 static void __ndisc_send(struct net_device *dev,
482 struct neighbour *neigh,
483 const struct in6_addr *daddr,
484 const struct in6_addr *saddr,
485 struct icmp6hdr *icmp6h, const struct in6_addr *target,
486 int llinfo)
487 {
488 struct sk_buff *skb;
489
490 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
491 if (!skb)
492 return;
493
494 ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
495 }
496
497 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
498 const struct in6_addr *daddr,
499 const struct in6_addr *solicited_addr,
500 int router, int solicited, int override, int inc_opt)
501 {
502 struct in6_addr tmpaddr;
503 struct inet6_ifaddr *ifp;
504 const struct in6_addr *src_addr;
505 struct icmp6hdr icmp6h = {
506 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
507 };
508
509 /* for anycast or proxy, solicited_addr != src_addr */
510 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
511 if (ifp) {
512 src_addr = solicited_addr;
513 if (ifp->flags & IFA_F_OPTIMISTIC)
514 override = 0;
515 inc_opt |= ifp->idev->cnf.force_tllao;
516 in6_ifa_put(ifp);
517 } else {
518 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
519 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
520 &tmpaddr))
521 return;
522 src_addr = &tmpaddr;
523 }
524
525 icmp6h.icmp6_router = router;
526 icmp6h.icmp6_solicited = solicited;
527 icmp6h.icmp6_override = override;
528
529 __ndisc_send(dev, neigh, daddr, src_addr,
530 &icmp6h, solicited_addr,
531 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
532 }
533
534 static void ndisc_send_unsol_na(struct net_device *dev)
535 {
536 struct inet6_dev *idev;
537 struct inet6_ifaddr *ifa;
538 struct in6_addr mcaddr = IN6ADDR_LINKLOCAL_ALLNODES_INIT;
539
540 idev = in6_dev_get(dev);
541 if (!idev)
542 return;
543
544 read_lock_bh(&idev->lock);
545 list_for_each_entry(ifa, &idev->addr_list, if_list) {
546 ndisc_send_na(dev, NULL, &mcaddr, &ifa->addr,
547 /*router=*/ !!idev->cnf.forwarding,
548 /*solicited=*/ false, /*override=*/ true,
549 /*inc_opt=*/ true);
550 }
551 read_unlock_bh(&idev->lock);
552
553 in6_dev_put(idev);
554 }
555
556 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
557 const struct in6_addr *solicit,
558 const struct in6_addr *daddr, const struct in6_addr *saddr)
559 {
560 struct in6_addr addr_buf;
561 struct icmp6hdr icmp6h = {
562 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
563 };
564
565 if (saddr == NULL) {
566 if (ipv6_get_lladdr(dev, &addr_buf,
567 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
568 return;
569 saddr = &addr_buf;
570 }
571
572 __ndisc_send(dev, neigh, daddr, saddr,
573 &icmp6h, solicit,
574 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
575 }
576
577 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
578 const struct in6_addr *daddr)
579 {
580 struct icmp6hdr icmp6h = {
581 .icmp6_type = NDISC_ROUTER_SOLICITATION,
582 };
583 int send_sllao = dev->addr_len;
584
585 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
586 /*
587 * According to section 2.2 of RFC 4429, we must not
588 * send router solicitations with a sllao from
589 * optimistic addresses, but we may send the solicitation
590 * if we don't include the sllao. So here we check
591 * if our address is optimistic, and if so, we
592 * suppress the inclusion of the sllao.
593 */
594 if (send_sllao) {
595 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
596 dev, 1);
597 if (ifp) {
598 if (ifp->flags & IFA_F_OPTIMISTIC) {
599 send_sllao = 0;
600 }
601 in6_ifa_put(ifp);
602 } else {
603 send_sllao = 0;
604 }
605 }
606 #endif
607 __ndisc_send(dev, NULL, daddr, saddr,
608 &icmp6h, NULL,
609 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
610 }
611
612
613 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
614 {
615 /*
616 * "The sender MUST return an ICMP
617 * destination unreachable"
618 */
619 dst_link_failure(skb);
620 kfree_skb(skb);
621 }
622
623 /* Called with locked neigh: either read or both */
624
625 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
626 {
627 struct in6_addr *saddr = NULL;
628 struct in6_addr mcaddr;
629 struct net_device *dev = neigh->dev;
630 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
631 int probes = atomic_read(&neigh->probes);
632
633 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
634 saddr = &ipv6_hdr(skb)->saddr;
635
636 if ((probes -= neigh->parms->ucast_probes) < 0) {
637 if (!(neigh->nud_state & NUD_VALID)) {
638 ND_PRINTK(1, dbg,
639 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
640 __func__, target);
641 }
642 ndisc_send_ns(dev, neigh, target, target, saddr);
643 } else if ((probes -= neigh->parms->app_probes) < 0) {
644 #ifdef CONFIG_ARPD
645 neigh_app_ns(neigh);
646 #endif
647 } else {
648 addrconf_addr_solict_mult(target, &mcaddr);
649 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
650 }
651 }
652
653 static int pndisc_is_router(const void *pkey,
654 struct net_device *dev)
655 {
656 struct pneigh_entry *n;
657 int ret = -1;
658
659 read_lock_bh(&nd_tbl.lock);
660 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
661 if (n)
662 ret = !!(n->flags & NTF_ROUTER);
663 read_unlock_bh(&nd_tbl.lock);
664
665 return ret;
666 }
667
668 static void ndisc_recv_ns(struct sk_buff *skb)
669 {
670 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
671 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
672 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
673 u8 *lladdr = NULL;
674 u32 ndoptlen = skb->tail - (skb->transport_header +
675 offsetof(struct nd_msg, opt));
676 struct ndisc_options ndopts;
677 struct net_device *dev = skb->dev;
678 struct inet6_ifaddr *ifp;
679 struct inet6_dev *idev = NULL;
680 struct neighbour *neigh;
681 int dad = ipv6_addr_any(saddr);
682 bool inc;
683 int is_router = -1;
684
685 if (ipv6_addr_is_multicast(&msg->target)) {
686 ND_PRINTK(2, warn, "NS: multicast target address\n");
687 return;
688 }
689
690 /*
691 * RFC2461 7.1.1:
692 * DAD has to be destined for solicited node multicast address.
693 */
694 if (dad &&
695 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
696 daddr->s6_addr32[1] == htonl(0x00000000) &&
697 daddr->s6_addr32[2] == htonl(0x00000001) &&
698 daddr->s6_addr [12] == 0xff )) {
699 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
700 return;
701 }
702
703 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
704 ND_PRINTK(2, warn, "NS: invalid ND options\n");
705 return;
706 }
707
708 if (ndopts.nd_opts_src_lladdr) {
709 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
710 if (!lladdr) {
711 ND_PRINTK(2, warn,
712 "NS: invalid link-layer address length\n");
713 return;
714 }
715
716 /* RFC2461 7.1.1:
717 * If the IP source address is the unspecified address,
718 * there MUST NOT be source link-layer address option
719 * in the message.
720 */
721 if (dad) {
722 ND_PRINTK(2, warn,
723 "NS: bad DAD packet (link-layer address option)\n");
724 return;
725 }
726 }
727
728 inc = ipv6_addr_is_multicast(daddr);
729
730 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
731 if (ifp) {
732
733 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
734 if (dad) {
735 /*
736 * We are colliding with another node
737 * who is doing DAD
738 * so fail our DAD process
739 */
740 addrconf_dad_failure(ifp);
741 return;
742 } else {
743 /*
744 * This is not a dad solicitation.
745 * If we are an optimistic node,
746 * we should respond.
747 * Otherwise, we should ignore it.
748 */
749 if (!(ifp->flags & IFA_F_OPTIMISTIC))
750 goto out;
751 }
752 }
753
754 idev = ifp->idev;
755 } else {
756 struct net *net = dev_net(dev);
757
758 idev = in6_dev_get(dev);
759 if (!idev) {
760 /* XXX: count this drop? */
761 return;
762 }
763
764 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
765 (idev->cnf.forwarding &&
766 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
767 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
768 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
769 skb->pkt_type != PACKET_HOST &&
770 inc != 0 &&
771 idev->nd_parms->proxy_delay != 0) {
772 /*
773 * for anycast or proxy,
774 * sender should delay its response
775 * by a random time between 0 and
776 * MAX_ANYCAST_DELAY_TIME seconds.
777 * (RFC2461) -- yoshfuji
778 */
779 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
780 if (n)
781 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
782 goto out;
783 }
784 } else
785 goto out;
786 }
787
788 if (is_router < 0)
789 is_router = !!idev->cnf.forwarding;
790
791 if (dad) {
792 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
793 is_router, 0, (ifp != NULL), 1);
794 goto out;
795 }
796
797 if (inc)
798 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
799 else
800 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
801
802 /*
803 * update / create cache entry
804 * for the source address
805 */
806 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
807 !inc || lladdr || !dev->addr_len);
808 if (neigh)
809 neigh_update(neigh, lladdr, NUD_STALE,
810 NEIGH_UPDATE_F_WEAK_OVERRIDE|
811 NEIGH_UPDATE_F_OVERRIDE);
812 if (neigh || !dev->header_ops) {
813 ndisc_send_na(dev, neigh, saddr, &msg->target,
814 is_router,
815 1, (ifp != NULL && inc), inc);
816 if (neigh)
817 neigh_release(neigh);
818 }
819
820 out:
821 if (ifp)
822 in6_ifa_put(ifp);
823 else
824 in6_dev_put(idev);
825 }
826
827 static void ndisc_recv_na(struct sk_buff *skb)
828 {
829 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
830 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
831 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
832 u8 *lladdr = NULL;
833 u32 ndoptlen = skb->tail - (skb->transport_header +
834 offsetof(struct nd_msg, opt));
835 struct ndisc_options ndopts;
836 struct net_device *dev = skb->dev;
837 struct inet6_ifaddr *ifp;
838 struct neighbour *neigh;
839
840 if (skb->len < sizeof(struct nd_msg)) {
841 ND_PRINTK(2, warn, "NA: packet too short\n");
842 return;
843 }
844
845 if (ipv6_addr_is_multicast(&msg->target)) {
846 ND_PRINTK(2, warn, "NA: target address is multicast\n");
847 return;
848 }
849
850 if (ipv6_addr_is_multicast(daddr) &&
851 msg->icmph.icmp6_solicited) {
852 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
853 return;
854 }
855
856 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
857 ND_PRINTK(2, warn, "NS: invalid ND option\n");
858 return;
859 }
860 if (ndopts.nd_opts_tgt_lladdr) {
861 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
862 if (!lladdr) {
863 ND_PRINTK(2, warn,
864 "NA: invalid link-layer address length\n");
865 return;
866 }
867 }
868 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
869 if (ifp) {
870 if (skb->pkt_type != PACKET_LOOPBACK
871 && (ifp->flags & IFA_F_TENTATIVE)) {
872 addrconf_dad_failure(ifp);
873 return;
874 }
875 /* What should we make now? The advertisement
876 is invalid, but ndisc specs say nothing
877 about it. It could be misconfiguration, or
878 an smart proxy agent tries to help us :-)
879
880 We should not print the error if NA has been
881 received from loopback - it is just our own
882 unsolicited advertisement.
883 */
884 if (skb->pkt_type != PACKET_LOOPBACK)
885 ND_PRINTK(1, warn,
886 "NA: someone advertises our address %pI6 on %s!\n",
887 &ifp->addr, ifp->idev->dev->name);
888 in6_ifa_put(ifp);
889 return;
890 }
891 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
892
893 if (neigh) {
894 u8 old_flags = neigh->flags;
895 struct net *net = dev_net(dev);
896
897 if (neigh->nud_state & NUD_FAILED)
898 goto out;
899
900 /*
901 * Don't update the neighbor cache entry on a proxy NA from
902 * ourselves because either the proxied node is off link or it
903 * has already sent a NA to us.
904 */
905 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
906 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
907 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
908 /* XXX: idev->cnf.prixy_ndp */
909 goto out;
910 }
911
912 neigh_update(neigh, lladdr,
913 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
914 NEIGH_UPDATE_F_WEAK_OVERRIDE|
915 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
916 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
917 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
918
919 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
920 /*
921 * Change: router to host
922 */
923 struct rt6_info *rt;
924 rt = rt6_get_dflt_router(saddr, dev);
925 if (rt)
926 ip6_del_rt(rt);
927 }
928
929 out:
930 neigh_release(neigh);
931 }
932 }
933
934 static void ndisc_recv_rs(struct sk_buff *skb)
935 {
936 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
937 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
938 struct neighbour *neigh;
939 struct inet6_dev *idev;
940 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
941 struct ndisc_options ndopts;
942 u8 *lladdr = NULL;
943
944 if (skb->len < sizeof(*rs_msg))
945 return;
946
947 idev = __in6_dev_get(skb->dev);
948 if (!idev) {
949 ND_PRINTK(1, err, "RS: can't find in6 device\n");
950 return;
951 }
952
953 /* Don't accept RS if we're not in router mode */
954 if (!idev->cnf.forwarding)
955 goto out;
956
957 /*
958 * Don't update NCE if src = ::;
959 * this implies that the source node has no ip address assigned yet.
960 */
961 if (ipv6_addr_any(saddr))
962 goto out;
963
964 /* Parse ND options */
965 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
966 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
967 goto out;
968 }
969
970 if (ndopts.nd_opts_src_lladdr) {
971 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
972 skb->dev);
973 if (!lladdr)
974 goto out;
975 }
976
977 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
978 if (neigh) {
979 neigh_update(neigh, lladdr, NUD_STALE,
980 NEIGH_UPDATE_F_WEAK_OVERRIDE|
981 NEIGH_UPDATE_F_OVERRIDE|
982 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
983 neigh_release(neigh);
984 }
985 out:
986 return;
987 }
988
989 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
990 {
991 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
992 struct sk_buff *skb;
993 struct nlmsghdr *nlh;
994 struct nduseroptmsg *ndmsg;
995 struct net *net = dev_net(ra->dev);
996 int err;
997 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
998 + (opt->nd_opt_len << 3));
999 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1000
1001 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1002 if (skb == NULL) {
1003 err = -ENOBUFS;
1004 goto errout;
1005 }
1006
1007 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1008 if (nlh == NULL) {
1009 goto nla_put_failure;
1010 }
1011
1012 ndmsg = nlmsg_data(nlh);
1013 ndmsg->nduseropt_family = AF_INET6;
1014 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1015 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1016 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1017 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1018
1019 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1020
1021 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1022 &ipv6_hdr(ra)->saddr))
1023 goto nla_put_failure;
1024 nlmsg_end(skb, nlh);
1025
1026 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1027 return;
1028
1029 nla_put_failure:
1030 nlmsg_free(skb);
1031 err = -EMSGSIZE;
1032 errout:
1033 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1034 }
1035
1036 static inline int accept_ra(struct inet6_dev *in6_dev)
1037 {
1038 /*
1039 * If forwarding is enabled, RA are not accepted unless the special
1040 * hybrid mode (accept_ra=2) is enabled.
1041 */
1042 if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
1043 return 0;
1044
1045 return in6_dev->cnf.accept_ra;
1046 }
1047
1048 static void ndisc_router_discovery(struct sk_buff *skb)
1049 {
1050 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1051 struct neighbour *neigh = NULL;
1052 struct inet6_dev *in6_dev;
1053 struct rt6_info *rt = NULL;
1054 int lifetime;
1055 struct ndisc_options ndopts;
1056 int optlen;
1057 unsigned int pref = 0;
1058
1059 __u8 * opt = (__u8 *)(ra_msg + 1);
1060
1061 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1062
1063 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1064 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1065 return;
1066 }
1067 if (optlen < 0) {
1068 ND_PRINTK(2, warn, "RA: packet too short\n");
1069 return;
1070 }
1071
1072 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1073 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1074 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1075 return;
1076 }
1077 #endif
1078
1079 /*
1080 * set the RA_RECV flag in the interface
1081 */
1082
1083 in6_dev = __in6_dev_get(skb->dev);
1084 if (in6_dev == NULL) {
1085 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1086 skb->dev->name);
1087 return;
1088 }
1089
1090 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1091 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1092 return;
1093 }
1094
1095 if (!accept_ra(in6_dev))
1096 goto skip_linkparms;
1097
1098 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1099 /* skip link-specific parameters from interior routers */
1100 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1101 goto skip_linkparms;
1102 #endif
1103
1104 if (in6_dev->if_flags & IF_RS_SENT) {
1105 /*
1106 * flag that an RA was received after an RS was sent
1107 * out on this interface.
1108 */
1109 in6_dev->if_flags |= IF_RA_RCVD;
1110 }
1111
1112 /*
1113 * Remember the managed/otherconf flags from most recently
1114 * received RA message (RFC 2462) -- yoshfuji
1115 */
1116 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1117 IF_RA_OTHERCONF)) |
1118 (ra_msg->icmph.icmp6_addrconf_managed ?
1119 IF_RA_MANAGED : 0) |
1120 (ra_msg->icmph.icmp6_addrconf_other ?
1121 IF_RA_OTHERCONF : 0);
1122
1123 if (!in6_dev->cnf.accept_ra_defrtr)
1124 goto skip_defrtr;
1125
1126 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1127 goto skip_defrtr;
1128
1129 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1130
1131 #ifdef CONFIG_IPV6_ROUTER_PREF
1132 pref = ra_msg->icmph.icmp6_router_pref;
1133 /* 10b is handled as if it were 00b (medium) */
1134 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1135 !in6_dev->cnf.accept_ra_rtr_pref)
1136 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1137 #endif
1138
1139 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1140
1141 if (rt) {
1142 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1143 if (!neigh) {
1144 ND_PRINTK(0, err,
1145 "RA: %s got default router without neighbour\n",
1146 __func__);
1147 dst_release(&rt->dst);
1148 return;
1149 }
1150 }
1151 if (rt && lifetime == 0) {
1152 ip6_del_rt(rt);
1153 rt = NULL;
1154 }
1155
1156 if (rt == NULL && lifetime) {
1157 ND_PRINTK(3, dbg, "RA: adding default router\n");
1158
1159 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1160 if (rt == NULL) {
1161 ND_PRINTK(0, err,
1162 "RA: %s failed to add default route\n",
1163 __func__);
1164 return;
1165 }
1166
1167 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1168 if (neigh == NULL) {
1169 ND_PRINTK(0, err,
1170 "RA: %s got default router without neighbour\n",
1171 __func__);
1172 dst_release(&rt->dst);
1173 return;
1174 }
1175 neigh->flags |= NTF_ROUTER;
1176 } else if (rt) {
1177 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1178 }
1179
1180 if (rt)
1181 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1182 if (ra_msg->icmph.icmp6_hop_limit) {
1183 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1184 if (rt)
1185 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1186 ra_msg->icmph.icmp6_hop_limit);
1187 }
1188
1189 skip_defrtr:
1190
1191 /*
1192 * Update Reachable Time and Retrans Timer
1193 */
1194
1195 if (in6_dev->nd_parms) {
1196 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1197
1198 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1199 rtime = (rtime*HZ)/1000;
1200 if (rtime < HZ/10)
1201 rtime = HZ/10;
1202 in6_dev->nd_parms->retrans_time = rtime;
1203 in6_dev->tstamp = jiffies;
1204 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1205 }
1206
1207 rtime = ntohl(ra_msg->reachable_time);
1208 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1209 rtime = (rtime*HZ)/1000;
1210
1211 if (rtime < HZ/10)
1212 rtime = HZ/10;
1213
1214 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1215 in6_dev->nd_parms->base_reachable_time = rtime;
1216 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1217 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1218 in6_dev->tstamp = jiffies;
1219 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1220 }
1221 }
1222 }
1223
1224 skip_linkparms:
1225
1226 /*
1227 * Process options.
1228 */
1229
1230 if (!neigh)
1231 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1232 skb->dev, 1);
1233 if (neigh) {
1234 u8 *lladdr = NULL;
1235 if (ndopts.nd_opts_src_lladdr) {
1236 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1237 skb->dev);
1238 if (!lladdr) {
1239 ND_PRINTK(2, warn,
1240 "RA: invalid link-layer address length\n");
1241 goto out;
1242 }
1243 }
1244 neigh_update(neigh, lladdr, NUD_STALE,
1245 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1246 NEIGH_UPDATE_F_OVERRIDE|
1247 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1248 NEIGH_UPDATE_F_ISROUTER);
1249 }
1250
1251 if (!accept_ra(in6_dev))
1252 goto out;
1253
1254 #ifdef CONFIG_IPV6_ROUTE_INFO
1255 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1256 goto skip_routeinfo;
1257
1258 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1259 struct nd_opt_hdr *p;
1260 for (p = ndopts.nd_opts_ri;
1261 p;
1262 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1263 struct route_info *ri = (struct route_info *)p;
1264 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1265 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1266 ri->prefix_len == 0)
1267 continue;
1268 #endif
1269 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1270 continue;
1271 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1272 &ipv6_hdr(skb)->saddr);
1273 }
1274 }
1275
1276 skip_routeinfo:
1277 #endif
1278
1279 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1280 /* skip link-specific ndopts from interior routers */
1281 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1282 goto out;
1283 #endif
1284
1285 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1286 struct nd_opt_hdr *p;
1287 for (p = ndopts.nd_opts_pi;
1288 p;
1289 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1290 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1291 (p->nd_opt_len) << 3,
1292 ndopts.nd_opts_src_lladdr != NULL);
1293 }
1294 }
1295
1296 if (ndopts.nd_opts_mtu) {
1297 __be32 n;
1298 u32 mtu;
1299
1300 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1301 mtu = ntohl(n);
1302
1303 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1304 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1305 } else if (in6_dev->cnf.mtu6 != mtu) {
1306 in6_dev->cnf.mtu6 = mtu;
1307
1308 if (rt)
1309 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1310
1311 rt6_mtu_change(skb->dev, mtu);
1312 }
1313 }
1314
1315 if (ndopts.nd_useropts) {
1316 struct nd_opt_hdr *p;
1317 for (p = ndopts.nd_useropts;
1318 p;
1319 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1320 ndisc_ra_useropt(skb, p);
1321 }
1322 }
1323
1324 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1325 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1326 }
1327 out:
1328 if (rt)
1329 dst_release(&rt->dst);
1330 if (neigh)
1331 neigh_release(neigh);
1332 }
1333
1334 static void ndisc_redirect_rcv(struct sk_buff *skb)
1335 {
1336 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1337 switch (skb->ndisc_nodetype) {
1338 case NDISC_NODETYPE_HOST:
1339 case NDISC_NODETYPE_NODEFAULT:
1340 ND_PRINTK(2, warn,
1341 "Redirect: from host or unauthorized router\n");
1342 return;
1343 }
1344 #endif
1345
1346 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1347 ND_PRINTK(2, warn,
1348 "Redirect: source address is not link-local\n");
1349 return;
1350 }
1351
1352 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1353 }
1354
1355 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1356 {
1357 struct net_device *dev = skb->dev;
1358 struct net *net = dev_net(dev);
1359 struct sock *sk = net->ipv6.ndisc_sk;
1360 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1361 struct inet_peer *peer;
1362 struct sk_buff *buff;
1363 struct icmp6hdr *icmph;
1364 struct in6_addr saddr_buf;
1365 struct in6_addr *addrp;
1366 struct rt6_info *rt;
1367 struct dst_entry *dst;
1368 struct inet6_dev *idev;
1369 struct flowi6 fl6;
1370 u8 *opt;
1371 int hlen, tlen;
1372 int rd_len;
1373 int err;
1374 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1375 bool ret;
1376
1377 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1378 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1379 dev->name);
1380 return;
1381 }
1382
1383 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1384 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1385 ND_PRINTK(2, warn,
1386 "Redirect: target address is not link-local unicast\n");
1387 return;
1388 }
1389
1390 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1391 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1392
1393 dst = ip6_route_output(net, NULL, &fl6);
1394 if (dst->error) {
1395 dst_release(dst);
1396 return;
1397 }
1398 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1399 if (IS_ERR(dst))
1400 return;
1401
1402 rt = (struct rt6_info *) dst;
1403
1404 if (rt->rt6i_flags & RTF_GATEWAY) {
1405 ND_PRINTK(2, warn,
1406 "Redirect: destination is not a neighbour\n");
1407 goto release;
1408 }
1409 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1410 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1411 if (peer)
1412 inet_putpeer(peer);
1413 if (!ret)
1414 goto release;
1415
1416 if (dev->addr_len) {
1417 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1418 if (!neigh) {
1419 ND_PRINTK(2, warn,
1420 "Redirect: no neigh for target address\n");
1421 goto release;
1422 }
1423
1424 read_lock_bh(&neigh->lock);
1425 if (neigh->nud_state & NUD_VALID) {
1426 memcpy(ha_buf, neigh->ha, dev->addr_len);
1427 read_unlock_bh(&neigh->lock);
1428 ha = ha_buf;
1429 len += ndisc_opt_addr_space(dev);
1430 } else
1431 read_unlock_bh(&neigh->lock);
1432
1433 neigh_release(neigh);
1434 }
1435
1436 rd_len = min_t(unsigned int,
1437 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1438 rd_len &= ~0x7;
1439 len += rd_len;
1440
1441 hlen = LL_RESERVED_SPACE(dev);
1442 tlen = dev->needed_tailroom;
1443 buff = sock_alloc_send_skb(sk,
1444 (MAX_HEADER + sizeof(struct ipv6hdr) +
1445 len + hlen + tlen),
1446 1, &err);
1447 if (buff == NULL) {
1448 ND_PRINTK(0, err,
1449 "Redirect: %s failed to allocate an skb, err=%d\n",
1450 __func__, err);
1451 goto release;
1452 }
1453
1454 skb_reserve(buff, hlen);
1455 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1456 IPPROTO_ICMPV6, len);
1457
1458 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1459 skb_put(buff, len);
1460 icmph = icmp6_hdr(buff);
1461
1462 memset(icmph, 0, sizeof(struct icmp6hdr));
1463 icmph->icmp6_type = NDISC_REDIRECT;
1464
1465 /*
1466 * copy target and destination addresses
1467 */
1468
1469 addrp = (struct in6_addr *)(icmph + 1);
1470 *addrp = *target;
1471 addrp++;
1472 *addrp = ipv6_hdr(skb)->daddr;
1473
1474 opt = (u8*) (addrp + 1);
1475
1476 /*
1477 * include target_address option
1478 */
1479
1480 if (ha)
1481 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1482 dev->addr_len, dev->type);
1483
1484 /*
1485 * build redirect option and copy skb over to the new packet.
1486 */
1487
1488 memset(opt, 0, 8);
1489 *(opt++) = ND_OPT_REDIRECT_HDR;
1490 *(opt++) = (rd_len >> 3);
1491 opt += 6;
1492
1493 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1494
1495 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1496 len, IPPROTO_ICMPV6,
1497 csum_partial(icmph, len, 0));
1498
1499 skb_dst_set(buff, dst);
1500 rcu_read_lock();
1501 idev = __in6_dev_get(dst->dev);
1502 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1503 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1504 dst_output);
1505 if (!err) {
1506 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1507 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1508 }
1509
1510 rcu_read_unlock();
1511 return;
1512
1513 release:
1514 dst_release(dst);
1515 }
1516
1517 static void pndisc_redo(struct sk_buff *skb)
1518 {
1519 ndisc_recv_ns(skb);
1520 kfree_skb(skb);
1521 }
1522
1523 int ndisc_rcv(struct sk_buff *skb)
1524 {
1525 struct nd_msg *msg;
1526
1527 if (!pskb_may_pull(skb, skb->len))
1528 return 0;
1529
1530 msg = (struct nd_msg *)skb_transport_header(skb);
1531
1532 __skb_push(skb, skb->data - skb_transport_header(skb));
1533
1534 if (ipv6_hdr(skb)->hop_limit != 255) {
1535 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1536 ipv6_hdr(skb)->hop_limit);
1537 return 0;
1538 }
1539
1540 if (msg->icmph.icmp6_code != 0) {
1541 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1542 msg->icmph.icmp6_code);
1543 return 0;
1544 }
1545
1546 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1547
1548 switch (msg->icmph.icmp6_type) {
1549 case NDISC_NEIGHBOUR_SOLICITATION:
1550 ndisc_recv_ns(skb);
1551 break;
1552
1553 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1554 ndisc_recv_na(skb);
1555 break;
1556
1557 case NDISC_ROUTER_SOLICITATION:
1558 ndisc_recv_rs(skb);
1559 break;
1560
1561 case NDISC_ROUTER_ADVERTISEMENT:
1562 ndisc_router_discovery(skb);
1563 break;
1564
1565 case NDISC_REDIRECT:
1566 ndisc_redirect_rcv(skb);
1567 break;
1568 }
1569
1570 return 0;
1571 }
1572
1573 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1574 {
1575 struct net_device *dev = ptr;
1576 struct net *net = dev_net(dev);
1577
1578 switch (event) {
1579 case NETDEV_CHANGEADDR:
1580 neigh_changeaddr(&nd_tbl, dev);
1581 fib6_run_gc(~0UL, net);
1582 break;
1583 case NETDEV_DOWN:
1584 neigh_ifdown(&nd_tbl, dev);
1585 fib6_run_gc(~0UL, net);
1586 break;
1587 case NETDEV_NOTIFY_PEERS:
1588 ndisc_send_unsol_na(dev);
1589 break;
1590 default:
1591 break;
1592 }
1593
1594 return NOTIFY_DONE;
1595 }
1596
1597 static struct notifier_block ndisc_netdev_notifier = {
1598 .notifier_call = ndisc_netdev_event,
1599 };
1600
1601 #ifdef CONFIG_SYSCTL
1602 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1603 const char *func, const char *dev_name)
1604 {
1605 static char warncomm[TASK_COMM_LEN];
1606 static int warned;
1607 if (strcmp(warncomm, current->comm) && warned < 5) {
1608 strcpy(warncomm, current->comm);
1609 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1610 warncomm, func,
1611 dev_name, ctl->procname,
1612 dev_name, ctl->procname);
1613 warned++;
1614 }
1615 }
1616
1617 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1618 {
1619 struct net_device *dev = ctl->extra1;
1620 struct inet6_dev *idev;
1621 int ret;
1622
1623 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1624 (strcmp(ctl->procname, "base_reachable_time") == 0))
1625 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1626
1627 if (strcmp(ctl->procname, "retrans_time") == 0)
1628 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1629
1630 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1631 ret = proc_dointvec_jiffies(ctl, write,
1632 buffer, lenp, ppos);
1633
1634 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1635 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1636 ret = proc_dointvec_ms_jiffies(ctl, write,
1637 buffer, lenp, ppos);
1638 else
1639 ret = -1;
1640
1641 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1642 if (ctl->data == &idev->nd_parms->base_reachable_time)
1643 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1644 idev->tstamp = jiffies;
1645 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1646 in6_dev_put(idev);
1647 }
1648 return ret;
1649 }
1650
1651
1652 #endif
1653
1654 static int __net_init ndisc_net_init(struct net *net)
1655 {
1656 struct ipv6_pinfo *np;
1657 struct sock *sk;
1658 int err;
1659
1660 err = inet_ctl_sock_create(&sk, PF_INET6,
1661 SOCK_RAW, IPPROTO_ICMPV6, net);
1662 if (err < 0) {
1663 ND_PRINTK(0, err,
1664 "NDISC: Failed to initialize the control socket (err %d)\n",
1665 err);
1666 return err;
1667 }
1668
1669 net->ipv6.ndisc_sk = sk;
1670
1671 np = inet6_sk(sk);
1672 np->hop_limit = 255;
1673 /* Do not loopback ndisc messages */
1674 np->mc_loop = 0;
1675
1676 return 0;
1677 }
1678
1679 static void __net_exit ndisc_net_exit(struct net *net)
1680 {
1681 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1682 }
1683
1684 static struct pernet_operations ndisc_net_ops = {
1685 .init = ndisc_net_init,
1686 .exit = ndisc_net_exit,
1687 };
1688
1689 int __init ndisc_init(void)
1690 {
1691 int err;
1692
1693 err = register_pernet_subsys(&ndisc_net_ops);
1694 if (err)
1695 return err;
1696 /*
1697 * Initialize the neighbour table
1698 */
1699 neigh_table_init(&nd_tbl);
1700
1701 #ifdef CONFIG_SYSCTL
1702 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1703 &ndisc_ifinfo_sysctl_change);
1704 if (err)
1705 goto out_unregister_pernet;
1706 #endif
1707 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1708 if (err)
1709 goto out_unregister_sysctl;
1710 out:
1711 return err;
1712
1713 out_unregister_sysctl:
1714 #ifdef CONFIG_SYSCTL
1715 neigh_sysctl_unregister(&nd_tbl.parms);
1716 out_unregister_pernet:
1717 #endif
1718 unregister_pernet_subsys(&ndisc_net_ops);
1719 goto out;
1720 }
1721
1722 void ndisc_cleanup(void)
1723 {
1724 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1725 #ifdef CONFIG_SYSCTL
1726 neigh_sysctl_unregister(&nd_tbl.parms);
1727 #endif
1728 neigh_table_clear(&nd_tbl);
1729 unregister_pernet_subsys(&ndisc_net_ops);
1730 }
Linux kernel - Deliverables
This page took 0.068069 seconds and 6 git commands to generate.