2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32
ndisc_hash(const void *pkey
,
85 const struct net_device
*dev
,
87 static int ndisc_constructor(struct neighbour
*neigh
);
88 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
89 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
90 static int pndisc_constructor(struct pneigh_entry
*n
);
91 static void pndisc_destructor(struct pneigh_entry
*n
);
92 static void pndisc_redo(struct sk_buff
*skb
);
94 static const struct neigh_ops ndisc_generic_ops
= {
96 .solicit
= ndisc_solicit
,
97 .error_report
= ndisc_error_report
,
98 .output
= neigh_resolve_output
,
99 .connected_output
= neigh_connected_output
,
102 static const struct neigh_ops ndisc_hh_ops
= {
104 .solicit
= ndisc_solicit
,
105 .error_report
= ndisc_error_report
,
106 .output
= neigh_resolve_output
,
107 .connected_output
= neigh_resolve_output
,
111 static const struct neigh_ops ndisc_direct_ops
= {
113 .output
= neigh_direct_output
,
114 .connected_output
= neigh_direct_output
,
117 struct neigh_table nd_tbl
= {
119 .key_len
= sizeof(struct in6_addr
),
121 .constructor
= ndisc_constructor
,
122 .pconstructor
= pndisc_constructor
,
123 .pdestructor
= pndisc_destructor
,
124 .proxy_redo
= pndisc_redo
,
128 .base_reachable_time
= ND_REACHABLE_TIME
,
129 .retrans_time
= ND_RETRANS_TIMER
,
130 .gc_staletime
= 60 * HZ
,
131 .reachable_time
= ND_REACHABLE_TIME
,
132 .delay_probe_time
= 5 * HZ
,
133 .queue_len_bytes
= 64*1024,
136 .anycast_delay
= 1 * HZ
,
137 .proxy_delay
= (8 * HZ
) / 10,
140 .gc_interval
= 30 * HZ
,
146 static inline int ndisc_opt_addr_space(struct net_device
*dev
)
148 return NDISC_OPT_SPACE(dev
->addr_len
+ ndisc_addr_option_pad(dev
->type
));
151 static u8
*ndisc_fill_addr_option(u8
*opt
, int type
, void *data
, int data_len
,
152 unsigned short addr_type
)
154 int pad
= ndisc_addr_option_pad(addr_type
);
155 int space
= NDISC_OPT_SPACE(data_len
+ pad
);
160 memset(opt
+ 2, 0, pad
);
164 memcpy(opt
+2, data
, data_len
);
167 if ((space
-= data_len
) > 0)
168 memset(opt
, 0, space
);
172 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
173 struct nd_opt_hdr
*end
)
176 if (!cur
|| !end
|| cur
>= end
)
178 type
= cur
->nd_opt_type
;
180 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
181 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
182 return cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
;
185 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
187 return opt
->nd_opt_type
== ND_OPT_RDNSS
||
188 opt
->nd_opt_type
== ND_OPT_DNSSL
;
191 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
192 struct nd_opt_hdr
*end
)
194 if (!cur
|| !end
|| cur
>= end
)
197 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
198 } while(cur
< end
&& !ndisc_is_useropt(cur
));
199 return cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
;
202 struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
203 struct ndisc_options
*ndopts
)
205 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
207 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
209 memset(ndopts
, 0, sizeof(*ndopts
));
212 if (opt_len
< sizeof(struct nd_opt_hdr
))
214 l
= nd_opt
->nd_opt_len
<< 3;
215 if (opt_len
< l
|| l
== 0)
217 switch (nd_opt
->nd_opt_type
) {
218 case ND_OPT_SOURCE_LL_ADDR
:
219 case ND_OPT_TARGET_LL_ADDR
:
221 case ND_OPT_REDIRECT_HDR
:
222 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
224 "%s: duplicated ND6 option found: type=%d\n",
225 __func__
, nd_opt
->nd_opt_type
);
227 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
230 case ND_OPT_PREFIX_INFO
:
231 ndopts
->nd_opts_pi_end
= nd_opt
;
232 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
233 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
235 #ifdef CONFIG_IPV6_ROUTE_INFO
236 case ND_OPT_ROUTE_INFO
:
237 ndopts
->nd_opts_ri_end
= nd_opt
;
238 if (!ndopts
->nd_opts_ri
)
239 ndopts
->nd_opts_ri
= nd_opt
;
243 if (ndisc_is_useropt(nd_opt
)) {
244 ndopts
->nd_useropts_end
= nd_opt
;
245 if (!ndopts
->nd_useropts
)
246 ndopts
->nd_useropts
= nd_opt
;
249 * Unknown options must be silently ignored,
250 * to accommodate future extension to the
254 "%s: ignored unsupported option; type=%d, len=%d\n",
261 nd_opt
= ((void *)nd_opt
) + l
;
266 int ndisc_mc_map(const struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
270 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
272 ipv6_eth_mc_map(addr
, buf
);
275 ipv6_arcnet_mc_map(addr
, buf
);
277 case ARPHRD_INFINIBAND
:
278 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
281 return ipv6_ipgre_mc_map(addr
, dev
->broadcast
, buf
);
284 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
291 EXPORT_SYMBOL(ndisc_mc_map
);
293 static u32
ndisc_hash(const void *pkey
,
294 const struct net_device
*dev
,
297 return ndisc_hashfn(pkey
, dev
, hash_rnd
);
300 static int ndisc_constructor(struct neighbour
*neigh
)
302 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
303 struct net_device
*dev
= neigh
->dev
;
304 struct inet6_dev
*in6_dev
;
305 struct neigh_parms
*parms
;
306 bool is_multicast
= ipv6_addr_is_multicast(addr
);
308 in6_dev
= in6_dev_get(dev
);
309 if (in6_dev
== NULL
) {
313 parms
= in6_dev
->nd_parms
;
314 __neigh_parms_put(neigh
->parms
);
315 neigh
->parms
= neigh_parms_clone(parms
);
317 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
318 if (!dev
->header_ops
) {
319 neigh
->nud_state
= NUD_NOARP
;
320 neigh
->ops
= &ndisc_direct_ops
;
321 neigh
->output
= neigh_direct_output
;
324 neigh
->nud_state
= NUD_NOARP
;
325 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
326 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
327 neigh
->nud_state
= NUD_NOARP
;
328 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
329 if (dev
->flags
&IFF_LOOPBACK
)
330 neigh
->type
= RTN_LOCAL
;
331 } else if (dev
->flags
&IFF_POINTOPOINT
) {
332 neigh
->nud_state
= NUD_NOARP
;
333 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
335 if (dev
->header_ops
->cache
)
336 neigh
->ops
= &ndisc_hh_ops
;
338 neigh
->ops
= &ndisc_generic_ops
;
339 if (neigh
->nud_state
&NUD_VALID
)
340 neigh
->output
= neigh
->ops
->connected_output
;
342 neigh
->output
= neigh
->ops
->output
;
344 in6_dev_put(in6_dev
);
348 static int pndisc_constructor(struct pneigh_entry
*n
)
350 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
351 struct in6_addr maddr
;
352 struct net_device
*dev
= n
->dev
;
354 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
356 addrconf_addr_solict_mult(addr
, &maddr
);
357 ipv6_dev_mc_inc(dev
, &maddr
);
361 static void pndisc_destructor(struct pneigh_entry
*n
)
363 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
364 struct in6_addr maddr
;
365 struct net_device
*dev
= n
->dev
;
367 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
369 addrconf_addr_solict_mult(addr
, &maddr
);
370 ipv6_dev_mc_dec(dev
, &maddr
);
373 static struct sk_buff
*ndisc_build_skb(struct net_device
*dev
,
374 const struct in6_addr
*daddr
,
375 const struct in6_addr
*saddr
,
376 struct icmp6hdr
*icmp6h
,
377 const struct in6_addr
*target
,
380 struct net
*net
= dev_net(dev
);
381 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
383 struct icmp6hdr
*hdr
;
384 int hlen
= LL_RESERVED_SPACE(dev
);
385 int tlen
= dev
->needed_tailroom
;
393 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
395 len
+= ndisc_opt_addr_space(dev
);
397 skb
= sock_alloc_send_skb(sk
,
398 (sizeof(struct ipv6hdr
) +
402 ND_PRINTK(0, err
, "ND: %s failed to allocate an skb, err=%d\n",
407 skb_reserve(skb
, hlen
);
408 ip6_nd_hdr(sk
, skb
, dev
, saddr
, daddr
, IPPROTO_ICMPV6
, len
);
410 skb
->transport_header
= skb
->tail
;
413 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
414 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
416 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
418 *(struct in6_addr
*)opt
= *target
;
419 opt
+= sizeof(*target
);
423 ndisc_fill_addr_option(opt
, llinfo
, dev
->dev_addr
,
424 dev
->addr_len
, dev
->type
);
426 hdr
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, len
,
434 static void ndisc_send_skb(struct sk_buff
*skb
, struct net_device
*dev
,
435 const struct in6_addr
*daddr
,
436 const struct in6_addr
*saddr
,
437 struct icmp6hdr
*icmp6h
)
440 struct dst_entry
*dst
;
441 struct net
*net
= dev_net(dev
);
442 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
443 struct inet6_dev
*idev
;
447 type
= icmp6h
->icmp6_type
;
449 icmpv6_flow_init(sk
, &fl6
, type
, saddr
, daddr
, dev
->ifindex
);
450 dst
= icmp6_dst_alloc(dev
, &fl6
);
456 skb_dst_set(skb
, dst
);
459 idev
= __in6_dev_get(dst
->dev
);
460 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
462 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
465 ICMP6MSGOUT_INC_STATS(net
, idev
, type
);
466 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
473 * Send a Neighbour Discover packet
475 static void __ndisc_send(struct net_device
*dev
,
476 const struct in6_addr
*daddr
,
477 const struct in6_addr
*saddr
,
478 struct icmp6hdr
*icmp6h
, const struct in6_addr
*target
,
483 skb
= ndisc_build_skb(dev
, daddr
, saddr
, icmp6h
, target
, llinfo
);
487 ndisc_send_skb(skb
, dev
, daddr
, saddr
, icmp6h
);
490 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
491 const struct in6_addr
*daddr
,
492 const struct in6_addr
*solicited_addr
,
493 int router
, int solicited
, int override
, int inc_opt
)
495 struct in6_addr tmpaddr
;
496 struct inet6_ifaddr
*ifp
;
497 const struct in6_addr
*src_addr
;
498 struct icmp6hdr icmp6h
= {
499 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
502 /* for anycast or proxy, solicited_addr != src_addr */
503 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
505 src_addr
= solicited_addr
;
506 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
508 inc_opt
|= ifp
->idev
->cnf
.force_tllao
;
511 if (ipv6_dev_get_saddr(dev_net(dev
), dev
, daddr
,
512 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
518 icmp6h
.icmp6_router
= router
;
519 icmp6h
.icmp6_solicited
= solicited
;
520 icmp6h
.icmp6_override
= override
;
522 __ndisc_send(dev
, daddr
, src_addr
, &icmp6h
, solicited_addr
,
523 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
526 static void ndisc_send_unsol_na(struct net_device
*dev
)
528 struct inet6_dev
*idev
;
529 struct inet6_ifaddr
*ifa
;
531 idev
= in6_dev_get(dev
);
535 read_lock_bh(&idev
->lock
);
536 list_for_each_entry(ifa
, &idev
->addr_list
, if_list
) {
537 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &ifa
->addr
,
538 /*router=*/ !!idev
->cnf
.forwarding
,
539 /*solicited=*/ false, /*override=*/ true,
542 read_unlock_bh(&idev
->lock
);
547 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
548 const struct in6_addr
*solicit
,
549 const struct in6_addr
*daddr
, const struct in6_addr
*saddr
)
551 struct in6_addr addr_buf
;
552 struct icmp6hdr icmp6h
= {
553 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
557 if (ipv6_get_lladdr(dev
, &addr_buf
,
558 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
563 __ndisc_send(dev
, daddr
, saddr
, &icmp6h
, solicit
,
564 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
567 void ndisc_send_rs(struct net_device
*dev
, const struct in6_addr
*saddr
,
568 const struct in6_addr
*daddr
)
570 struct icmp6hdr icmp6h
= {
571 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
573 int send_sllao
= dev
->addr_len
;
575 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
577 * According to section 2.2 of RFC 4429, we must not
578 * send router solicitations with a sllao from
579 * optimistic addresses, but we may send the solicitation
580 * if we don't include the sllao. So here we check
581 * if our address is optimistic, and if so, we
582 * suppress the inclusion of the sllao.
585 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
588 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
597 __ndisc_send(dev
, daddr
, saddr
, &icmp6h
, NULL
,
598 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
602 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
605 * "The sender MUST return an ICMP
606 * destination unreachable"
608 dst_link_failure(skb
);
612 /* Called with locked neigh: either read or both */
614 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
616 struct in6_addr
*saddr
= NULL
;
617 struct in6_addr mcaddr
;
618 struct net_device
*dev
= neigh
->dev
;
619 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
620 int probes
= atomic_read(&neigh
->probes
);
622 if (skb
&& ipv6_chk_addr(dev_net(dev
), &ipv6_hdr(skb
)->saddr
, dev
, 1))
623 saddr
= &ipv6_hdr(skb
)->saddr
;
625 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
626 if (!(neigh
->nud_state
& NUD_VALID
)) {
628 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
631 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
632 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
637 addrconf_addr_solict_mult(target
, &mcaddr
);
638 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
642 static int pndisc_is_router(const void *pkey
,
643 struct net_device
*dev
)
645 struct pneigh_entry
*n
;
648 read_lock_bh(&nd_tbl
.lock
);
649 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
651 ret
= !!(n
->flags
& NTF_ROUTER
);
652 read_unlock_bh(&nd_tbl
.lock
);
657 static void ndisc_recv_ns(struct sk_buff
*skb
)
659 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
660 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
661 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
663 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
664 offsetof(struct nd_msg
, opt
));
665 struct ndisc_options ndopts
;
666 struct net_device
*dev
= skb
->dev
;
667 struct inet6_ifaddr
*ifp
;
668 struct inet6_dev
*idev
= NULL
;
669 struct neighbour
*neigh
;
670 int dad
= ipv6_addr_any(saddr
);
674 if (skb
->len
< sizeof(struct nd_msg
)) {
675 ND_PRINTK(2, warn
, "NS: packet too short\n");
679 if (ipv6_addr_is_multicast(&msg
->target
)) {
680 ND_PRINTK(2, warn
, "NS: multicast target address\n");
686 * DAD has to be destined for solicited node multicast address.
688 if (dad
&& !ipv6_addr_is_solict_mult(daddr
)) {
689 ND_PRINTK(2, warn
, "NS: bad DAD packet (wrong destination)\n");
693 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
694 ND_PRINTK(2, warn
, "NS: invalid ND options\n");
698 if (ndopts
.nd_opts_src_lladdr
) {
699 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
702 "NS: invalid link-layer address length\n");
707 * If the IP source address is the unspecified address,
708 * there MUST NOT be source link-layer address option
713 "NS: bad DAD packet (link-layer address option)\n");
718 inc
= ipv6_addr_is_multicast(daddr
);
720 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
723 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
726 * We are colliding with another node
728 * so fail our DAD process
730 addrconf_dad_failure(ifp
);
734 * This is not a dad solicitation.
735 * If we are an optimistic node,
737 * Otherwise, we should ignore it.
739 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
746 struct net
*net
= dev_net(dev
);
748 idev
= in6_dev_get(dev
);
750 /* XXX: count this drop? */
754 if (ipv6_chk_acast_addr(net
, dev
, &msg
->target
) ||
755 (idev
->cnf
.forwarding
&&
756 (net
->ipv6
.devconf_all
->proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
757 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
758 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
759 skb
->pkt_type
!= PACKET_HOST
&&
761 idev
->nd_parms
->proxy_delay
!= 0) {
763 * for anycast or proxy,
764 * sender should delay its response
765 * by a random time between 0 and
766 * MAX_ANYCAST_DELAY_TIME seconds.
767 * (RFC2461) -- yoshfuji
769 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
771 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
779 is_router
= !!idev
->cnf
.forwarding
;
782 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &msg
->target
,
783 is_router
, 0, (ifp
!= NULL
), 1);
788 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
790 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
793 * update / create cache entry
794 * for the source address
796 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
797 !inc
|| lladdr
|| !dev
->addr_len
);
799 neigh_update(neigh
, lladdr
, NUD_STALE
,
800 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
801 NEIGH_UPDATE_F_OVERRIDE
);
802 if (neigh
|| !dev
->header_ops
) {
803 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
805 1, (ifp
!= NULL
&& inc
), inc
);
807 neigh_release(neigh
);
817 static void ndisc_recv_na(struct sk_buff
*skb
)
819 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
820 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
821 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
823 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
824 offsetof(struct nd_msg
, opt
));
825 struct ndisc_options ndopts
;
826 struct net_device
*dev
= skb
->dev
;
827 struct inet6_ifaddr
*ifp
;
828 struct neighbour
*neigh
;
830 if (skb
->len
< sizeof(struct nd_msg
)) {
831 ND_PRINTK(2, warn
, "NA: packet too short\n");
835 if (ipv6_addr_is_multicast(&msg
->target
)) {
836 ND_PRINTK(2, warn
, "NA: target address is multicast\n");
840 if (ipv6_addr_is_multicast(daddr
) &&
841 msg
->icmph
.icmp6_solicited
) {
842 ND_PRINTK(2, warn
, "NA: solicited NA is multicasted\n");
846 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
847 ND_PRINTK(2, warn
, "NS: invalid ND option\n");
850 if (ndopts
.nd_opts_tgt_lladdr
) {
851 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
854 "NA: invalid link-layer address length\n");
858 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
860 if (skb
->pkt_type
!= PACKET_LOOPBACK
861 && (ifp
->flags
& IFA_F_TENTATIVE
)) {
862 addrconf_dad_failure(ifp
);
865 /* What should we make now? The advertisement
866 is invalid, but ndisc specs say nothing
867 about it. It could be misconfiguration, or
868 an smart proxy agent tries to help us :-)
870 We should not print the error if NA has been
871 received from loopback - it is just our own
872 unsolicited advertisement.
874 if (skb
->pkt_type
!= PACKET_LOOPBACK
)
876 "NA: someone advertises our address %pI6 on %s!\n",
877 &ifp
->addr
, ifp
->idev
->dev
->name
);
881 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
884 u8 old_flags
= neigh
->flags
;
885 struct net
*net
= dev_net(dev
);
887 if (neigh
->nud_state
& NUD_FAILED
)
891 * Don't update the neighbor cache entry on a proxy NA from
892 * ourselves because either the proxied node is off link or it
893 * has already sent a NA to us.
895 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
896 net
->ipv6
.devconf_all
->forwarding
&& net
->ipv6
.devconf_all
->proxy_ndp
&&
897 pneigh_lookup(&nd_tbl
, net
, &msg
->target
, dev
, 0)) {
898 /* XXX: idev->cnf.proxy_ndp */
902 neigh_update(neigh
, lladdr
,
903 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
904 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
905 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
906 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
907 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
909 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
911 * Change: router to host
914 rt
= rt6_get_dflt_router(saddr
, dev
);
920 neigh_release(neigh
);
924 static void ndisc_recv_rs(struct sk_buff
*skb
)
926 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
927 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
928 struct neighbour
*neigh
;
929 struct inet6_dev
*idev
;
930 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
931 struct ndisc_options ndopts
;
934 if (skb
->len
< sizeof(*rs_msg
))
937 idev
= __in6_dev_get(skb
->dev
);
939 ND_PRINTK(1, err
, "RS: can't find in6 device\n");
943 /* Don't accept RS if we're not in router mode */
944 if (!idev
->cnf
.forwarding
)
948 * Don't update NCE if src = ::;
949 * this implies that the source node has no ip address assigned yet.
951 if (ipv6_addr_any(saddr
))
954 /* Parse ND options */
955 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
956 ND_PRINTK(2, notice
, "NS: invalid ND option, ignored\n");
960 if (ndopts
.nd_opts_src_lladdr
) {
961 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
967 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
969 neigh_update(neigh
, lladdr
, NUD_STALE
,
970 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
971 NEIGH_UPDATE_F_OVERRIDE
|
972 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
973 neigh_release(neigh
);
979 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
981 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
983 struct nlmsghdr
*nlh
;
984 struct nduseroptmsg
*ndmsg
;
985 struct net
*net
= dev_net(ra
->dev
);
987 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
988 + (opt
->nd_opt_len
<< 3));
989 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
991 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
997 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
999 goto nla_put_failure
;
1002 ndmsg
= nlmsg_data(nlh
);
1003 ndmsg
->nduseropt_family
= AF_INET6
;
1004 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1005 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1006 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1007 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1009 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1011 if (nla_put(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1012 &ipv6_hdr(ra
)->saddr
))
1013 goto nla_put_failure
;
1014 nlmsg_end(skb
, nlh
);
1016 rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
, GFP_ATOMIC
);
1023 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1026 static void ndisc_router_discovery(struct sk_buff
*skb
)
1028 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1029 struct neighbour
*neigh
= NULL
;
1030 struct inet6_dev
*in6_dev
;
1031 struct rt6_info
*rt
= NULL
;
1033 struct ndisc_options ndopts
;
1035 unsigned int pref
= 0;
1037 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1039 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1041 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1042 ND_PRINTK(2, warn
, "RA: source address is not link-local\n");
1046 ND_PRINTK(2, warn
, "RA: packet too short\n");
1050 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1051 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1052 ND_PRINTK(2, warn
, "RA: from host or unauthorized router\n");
1058 * set the RA_RECV flag in the interface
1061 in6_dev
= __in6_dev_get(skb
->dev
);
1062 if (in6_dev
== NULL
) {
1063 ND_PRINTK(0, err
, "RA: can't find inet6 device for %s\n",
1068 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1069 ND_PRINTK(2, warn
, "RA: invalid ND options\n");
1073 if (!ipv6_accept_ra(in6_dev
))
1074 goto skip_linkparms
;
1076 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1077 /* skip link-specific parameters from interior routers */
1078 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1079 goto skip_linkparms
;
1082 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1084 * flag that an RA was received after an RS was sent
1085 * out on this interface.
1087 in6_dev
->if_flags
|= IF_RA_RCVD
;
1091 * Remember the managed/otherconf flags from most recently
1092 * received RA message (RFC 2462) -- yoshfuji
1094 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1096 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1097 IF_RA_MANAGED
: 0) |
1098 (ra_msg
->icmph
.icmp6_addrconf_other
?
1099 IF_RA_OTHERCONF
: 0);
1101 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1104 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1107 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1109 #ifdef CONFIG_IPV6_ROUTER_PREF
1110 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1111 /* 10b is handled as if it were 00b (medium) */
1112 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1113 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1114 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1117 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1120 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1123 "RA: %s got default router without neighbour\n",
1129 if (rt
&& lifetime
== 0) {
1134 if (rt
== NULL
&& lifetime
) {
1135 ND_PRINTK(3, dbg
, "RA: adding default router\n");
1137 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1140 "RA: %s failed to add default route\n",
1145 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1146 if (neigh
== NULL
) {
1148 "RA: %s got default router without neighbour\n",
1153 neigh
->flags
|= NTF_ROUTER
;
1155 rt
->rt6i_flags
= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1159 rt6_set_expires(rt
, jiffies
+ (HZ
* lifetime
));
1160 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1161 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1163 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
,
1164 ra_msg
->icmph
.icmp6_hop_limit
);
1170 * Update Reachable Time and Retrans Timer
1173 if (in6_dev
->nd_parms
) {
1174 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1176 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1177 rtime
= (rtime
*HZ
)/1000;
1180 in6_dev
->nd_parms
->retrans_time
= rtime
;
1181 in6_dev
->tstamp
= jiffies
;
1182 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1185 rtime
= ntohl(ra_msg
->reachable_time
);
1186 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1187 rtime
= (rtime
*HZ
)/1000;
1192 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1193 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1194 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1195 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1196 in6_dev
->tstamp
= jiffies
;
1197 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1209 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1213 if (ndopts
.nd_opts_src_lladdr
) {
1214 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1218 "RA: invalid link-layer address length\n");
1222 neigh_update(neigh
, lladdr
, NUD_STALE
,
1223 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1224 NEIGH_UPDATE_F_OVERRIDE
|
1225 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1226 NEIGH_UPDATE_F_ISROUTER
);
1229 if (!ipv6_accept_ra(in6_dev
))
1232 #ifdef CONFIG_IPV6_ROUTE_INFO
1233 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1234 goto skip_routeinfo
;
1236 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1237 struct nd_opt_hdr
*p
;
1238 for (p
= ndopts
.nd_opts_ri
;
1240 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1241 struct route_info
*ri
= (struct route_info
*)p
;
1242 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1243 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1244 ri
->prefix_len
== 0)
1247 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1249 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1250 &ipv6_hdr(skb
)->saddr
);
1257 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1258 /* skip link-specific ndopts from interior routers */
1259 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1263 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1264 struct nd_opt_hdr
*p
;
1265 for (p
= ndopts
.nd_opts_pi
;
1267 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1268 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
,
1269 (p
->nd_opt_len
) << 3,
1270 ndopts
.nd_opts_src_lladdr
!= NULL
);
1274 if (ndopts
.nd_opts_mtu
) {
1278 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1281 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1282 ND_PRINTK(2, warn
, "RA: invalid mtu: %d\n", mtu
);
1283 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1284 in6_dev
->cnf
.mtu6
= mtu
;
1287 dst_metric_set(&rt
->dst
, RTAX_MTU
, mtu
);
1289 rt6_mtu_change(skb
->dev
, mtu
);
1293 if (ndopts
.nd_useropts
) {
1294 struct nd_opt_hdr
*p
;
1295 for (p
= ndopts
.nd_useropts
;
1297 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1298 ndisc_ra_useropt(skb
, p
);
1302 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1303 ND_PRINTK(2, warn
, "RA: invalid RA options\n");
1308 neigh_release(neigh
);
1311 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1314 struct ndisc_options ndopts
;
1315 struct rd_msg
*msg
= (struct rd_msg
*)skb_transport_header(skb
);
1316 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
1317 offsetof(struct rd_msg
, opt
));
1319 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1320 switch (skb
->ndisc_nodetype
) {
1321 case NDISC_NODETYPE_HOST
:
1322 case NDISC_NODETYPE_NODEFAULT
:
1324 "Redirect: from host or unauthorized router\n");
1329 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1331 "Redirect: source address is not link-local\n");
1335 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
))
1338 if (!ndopts
.nd_opts_rh
)
1341 hdr
= (u8
*)ndopts
.nd_opts_rh
;
1343 if (!pskb_pull(skb
, hdr
- skb_transport_header(skb
)))
1346 icmpv6_notify(skb
, NDISC_REDIRECT
, 0, 0);
1349 void ndisc_send_redirect(struct sk_buff
*skb
, const struct in6_addr
*target
)
1351 struct net_device
*dev
= skb
->dev
;
1352 struct net
*net
= dev_net(dev
);
1353 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1354 int len
= sizeof(struct rd_msg
);
1355 struct inet_peer
*peer
;
1356 struct sk_buff
*buff
;
1358 struct in6_addr saddr_buf
;
1359 struct rt6_info
*rt
;
1360 struct dst_entry
*dst
;
1361 struct inet6_dev
*idev
;
1367 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1370 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1371 ND_PRINTK(2, warn
, "Redirect: no link-local address on %s\n",
1376 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1377 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1379 "Redirect: target address is not link-local unicast\n");
1383 icmpv6_flow_init(sk
, &fl6
, NDISC_REDIRECT
,
1384 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1386 dst
= ip6_route_output(net
, NULL
, &fl6
);
1391 dst
= xfrm_lookup(net
, dst
, flowi6_to_flowi(&fl6
), NULL
, 0);
1395 rt
= (struct rt6_info
*) dst
;
1397 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1399 "Redirect: destination is not a neighbour\n");
1402 peer
= inet_getpeer_v6(net
->ipv6
.peers
, &rt
->rt6i_dst
.addr
, 1);
1403 ret
= inet_peer_xrlim_allow(peer
, 1*HZ
);
1409 if (dev
->addr_len
) {
1410 struct neighbour
*neigh
= dst_neigh_lookup(skb_dst(skb
), target
);
1413 "Redirect: no neigh for target address\n");
1417 read_lock_bh(&neigh
->lock
);
1418 if (neigh
->nud_state
& NUD_VALID
) {
1419 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1420 read_unlock_bh(&neigh
->lock
);
1422 len
+= ndisc_opt_addr_space(dev
);
1424 read_unlock_bh(&neigh
->lock
);
1426 neigh_release(neigh
);
1429 rd_len
= min_t(unsigned int,
1430 IPV6_MIN_MTU
-sizeof(struct ipv6hdr
)-len
, skb
->len
+ 8);
1434 hlen
= LL_RESERVED_SPACE(dev
);
1435 tlen
= dev
->needed_tailroom
;
1436 buff
= sock_alloc_send_skb(sk
,
1437 (sizeof(struct ipv6hdr
) +
1442 "Redirect: %s failed to allocate an skb, err=%d\n",
1447 skb_reserve(buff
, hlen
);
1448 ip6_nd_hdr(sk
, buff
, dev
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1449 IPPROTO_ICMPV6
, len
);
1451 skb_set_transport_header(buff
, skb_tail_pointer(buff
) - buff
->data
);
1453 msg
= (struct rd_msg
*)icmp6_hdr(buff
);
1455 memset(&msg
->icmph
, 0, sizeof(struct icmp6hdr
));
1456 msg
->icmph
.icmp6_type
= NDISC_REDIRECT
;
1459 * copy target and destination addresses
1462 msg
->target
= *target
;
1463 msg
->dest
= ipv6_hdr(skb
)->daddr
;
1468 * include target_address option
1472 opt
= ndisc_fill_addr_option(opt
, ND_OPT_TARGET_LL_ADDR
, ha
,
1473 dev
->addr_len
, dev
->type
);
1476 * build redirect option and copy skb over to the new packet.
1480 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1481 *(opt
++) = (rd_len
>> 3);
1484 memcpy(opt
, ipv6_hdr(skb
), rd_len
- 8);
1486 msg
->icmph
.icmp6_cksum
= csum_ipv6_magic(&saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1487 len
, IPPROTO_ICMPV6
,
1488 csum_partial(msg
, len
, 0));
1490 skb_dst_set(buff
, dst
);
1492 idev
= __in6_dev_get(dst
->dev
);
1493 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
1494 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, buff
, NULL
, dst
->dev
,
1497 ICMP6MSGOUT_INC_STATS(net
, idev
, NDISC_REDIRECT
);
1498 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
1508 static void pndisc_redo(struct sk_buff
*skb
)
1514 int ndisc_rcv(struct sk_buff
*skb
)
1518 if (!pskb_may_pull(skb
, skb
->len
))
1521 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1523 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1525 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1526 ND_PRINTK(2, warn
, "NDISC: invalid hop-limit: %d\n",
1527 ipv6_hdr(skb
)->hop_limit
);
1531 if (msg
->icmph
.icmp6_code
!= 0) {
1532 ND_PRINTK(2, warn
, "NDISC: invalid ICMPv6 code: %d\n",
1533 msg
->icmph
.icmp6_code
);
1537 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1539 switch (msg
->icmph
.icmp6_type
) {
1540 case NDISC_NEIGHBOUR_SOLICITATION
:
1544 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1548 case NDISC_ROUTER_SOLICITATION
:
1552 case NDISC_ROUTER_ADVERTISEMENT
:
1553 ndisc_router_discovery(skb
);
1556 case NDISC_REDIRECT
:
1557 ndisc_redirect_rcv(skb
);
1564 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1566 struct net_device
*dev
= ptr
;
1567 struct net
*net
= dev_net(dev
);
1568 struct inet6_dev
*idev
;
1571 case NETDEV_CHANGEADDR
:
1572 neigh_changeaddr(&nd_tbl
, dev
);
1573 fib6_run_gc(~0UL, net
);
1574 idev
= in6_dev_get(dev
);
1577 if (idev
->cnf
.ndisc_notify
)
1578 ndisc_send_unsol_na(dev
);
1582 neigh_ifdown(&nd_tbl
, dev
);
1583 fib6_run_gc(~0UL, net
);
1585 case NETDEV_NOTIFY_PEERS
:
1586 ndisc_send_unsol_na(dev
);
1595 static struct notifier_block ndisc_netdev_notifier
= {
1596 .notifier_call
= ndisc_netdev_event
,
1599 #ifdef CONFIG_SYSCTL
1600 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1601 const char *func
, const char *dev_name
)
1603 static char warncomm
[TASK_COMM_LEN
];
1605 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1606 strcpy(warncomm
, current
->comm
);
1607 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1609 dev_name
, ctl
->procname
,
1610 dev_name
, ctl
->procname
);
1615 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1617 struct net_device
*dev
= ctl
->extra1
;
1618 struct inet6_dev
*idev
;
1621 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1622 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1623 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1625 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1626 ret
= proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
1628 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1629 ret
= proc_dointvec_jiffies(ctl
, write
,
1630 buffer
, lenp
, ppos
);
1632 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1633 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1634 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1635 buffer
, lenp
, ppos
);
1639 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1640 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1641 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1642 idev
->tstamp
= jiffies
;
1643 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1652 static int __net_init
ndisc_net_init(struct net
*net
)
1654 struct ipv6_pinfo
*np
;
1658 err
= inet_ctl_sock_create(&sk
, PF_INET6
,
1659 SOCK_RAW
, IPPROTO_ICMPV6
, net
);
1662 "NDISC: Failed to initialize the control socket (err %d)\n",
1667 net
->ipv6
.ndisc_sk
= sk
;
1670 np
->hop_limit
= 255;
1671 /* Do not loopback ndisc messages */
1677 static void __net_exit
ndisc_net_exit(struct net
*net
)
1679 inet_ctl_sock_destroy(net
->ipv6
.ndisc_sk
);
1682 static struct pernet_operations ndisc_net_ops
= {
1683 .init
= ndisc_net_init
,
1684 .exit
= ndisc_net_exit
,
1687 int __init
ndisc_init(void)
1691 err
= register_pernet_subsys(&ndisc_net_ops
);
1695 * Initialize the neighbour table
1697 neigh_table_init(&nd_tbl
);
1699 #ifdef CONFIG_SYSCTL
1700 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
, "ipv6",
1701 &ndisc_ifinfo_sysctl_change
);
1703 goto out_unregister_pernet
;
1705 err
= register_netdevice_notifier(&ndisc_netdev_notifier
);
1707 goto out_unregister_sysctl
;
1711 out_unregister_sysctl
:
1712 #ifdef CONFIG_SYSCTL
1713 neigh_sysctl_unregister(&nd_tbl
.parms
);
1714 out_unregister_pernet
:
1716 unregister_pernet_subsys(&ndisc_net_ops
);
1720 void ndisc_cleanup(void)
1722 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1723 #ifdef CONFIG_SYSCTL
1724 neigh_sysctl_unregister(&nd_tbl
.parms
);
1726 neigh_table_clear(&nd_tbl
);
1727 unregister_pernet_subsys(&ndisc_net_ops
);