projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
neigh: Factor out ___neigh_lookup_noref
[deliverable/linux.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
88 static int ndisc_constructor(struct neighbour *neigh);
89 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
90 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
91 static int pndisc_constructor(struct pneigh_entry *n);
92 static void pndisc_destructor(struct pneigh_entry *n);
93 static void pndisc_redo(struct sk_buff *skb);
94
95 static const struct neigh_ops ndisc_generic_ops = {
96 .family = AF_INET6,
97 .solicit = ndisc_solicit,
98 .error_report = ndisc_error_report,
99 .output = neigh_resolve_output,
100 .connected_output = neigh_connected_output,
101 };
102
103 static const struct neigh_ops ndisc_hh_ops = {
104 .family = AF_INET6,
105 .solicit = ndisc_solicit,
106 .error_report = ndisc_error_report,
107 .output = neigh_resolve_output,
108 .connected_output = neigh_resolve_output,
109 };
110
111
112 static const struct neigh_ops ndisc_direct_ops = {
113 .family = AF_INET6,
114 .output = neigh_direct_output,
115 .connected_output = neigh_direct_output,
116 };
117
118 struct neigh_table nd_tbl = {
119 .family = AF_INET6,
120 .key_len = sizeof(struct in6_addr),
121 .protocol = cpu_to_be16(ETH_P_IPV6),
122 .hash = ndisc_hash,
123 .key_eq = ndisc_key_eq,
124 .constructor = ndisc_constructor,
125 .pconstructor = pndisc_constructor,
126 .pdestructor = pndisc_destructor,
127 .proxy_redo = pndisc_redo,
128 .id = "ndisc_cache",
129 .parms = {
130 .tbl = &nd_tbl,
131 .reachable_time = ND_REACHABLE_TIME,
132 .data = {
133 [NEIGH_VAR_MCAST_PROBES] = 3,
134 [NEIGH_VAR_UCAST_PROBES] = 3,
135 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
136 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
137 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
138 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
139 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
140 [NEIGH_VAR_PROXY_QLEN] = 64,
141 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
142 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
143 },
144 },
145 .gc_interval = 30 * HZ,
146 .gc_thresh1 = 128,
147 .gc_thresh2 = 512,
148 .gc_thresh3 = 1024,
149 };
150
151 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
152 {
153 int pad = ndisc_addr_option_pad(skb->dev->type);
154 int data_len = skb->dev->addr_len;
155 int space = ndisc_opt_addr_space(skb->dev);
156 u8 *opt = skb_put(skb, space);
157
158 opt[0] = type;
159 opt[1] = space>>3;
160
161 memset(opt + 2, 0, pad);
162 opt += pad;
163 space -= pad;
164
165 memcpy(opt+2, data, data_len);
166 data_len += 2;
167 opt += data_len;
168 space -= data_len;
169 if (space > 0)
170 memset(opt, 0, space);
171 }
172
173 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
174 struct nd_opt_hdr *end)
175 {
176 int type;
177 if (!cur || !end || cur >= end)
178 return NULL;
179 type = cur->nd_opt_type;
180 do {
181 cur = ((void *)cur) + (cur->nd_opt_len << 3);
182 } while (cur < end && cur->nd_opt_type != type);
183 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
184 }
185
186 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
187 {
188 return opt->nd_opt_type == ND_OPT_RDNSS ||
189 opt->nd_opt_type == ND_OPT_DNSSL;
190 }
191
192 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
193 struct nd_opt_hdr *end)
194 {
195 if (!cur || !end || cur >= end)
196 return NULL;
197 do {
198 cur = ((void *)cur) + (cur->nd_opt_len << 3);
199 } while (cur < end && !ndisc_is_useropt(cur));
200 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
201 }
202
203 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
204 struct ndisc_options *ndopts)
205 {
206 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
207
208 if (!nd_opt || opt_len < 0 || !ndopts)
209 return NULL;
210 memset(ndopts, 0, sizeof(*ndopts));
211 while (opt_len) {
212 int l;
213 if (opt_len < sizeof(struct nd_opt_hdr))
214 return NULL;
215 l = nd_opt->nd_opt_len << 3;
216 if (opt_len < l || l == 0)
217 return NULL;
218 switch (nd_opt->nd_opt_type) {
219 case ND_OPT_SOURCE_LL_ADDR:
220 case ND_OPT_TARGET_LL_ADDR:
221 case ND_OPT_MTU:
222 case ND_OPT_REDIRECT_HDR:
223 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
224 ND_PRINTK(2, warn,
225 "%s: duplicated ND6 option found: type=%d\n",
226 __func__, nd_opt->nd_opt_type);
227 } else {
228 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
229 }
230 break;
231 case ND_OPT_PREFIX_INFO:
232 ndopts->nd_opts_pi_end = nd_opt;
233 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
234 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
235 break;
236 #ifdef CONFIG_IPV6_ROUTE_INFO
237 case ND_OPT_ROUTE_INFO:
238 ndopts->nd_opts_ri_end = nd_opt;
239 if (!ndopts->nd_opts_ri)
240 ndopts->nd_opts_ri = nd_opt;
241 break;
242 #endif
243 default:
244 if (ndisc_is_useropt(nd_opt)) {
245 ndopts->nd_useropts_end = nd_opt;
246 if (!ndopts->nd_useropts)
247 ndopts->nd_useropts = nd_opt;
248 } else {
249 /*
250 * Unknown options must be silently ignored,
251 * to accommodate future extension to the
252 * protocol.
253 */
254 ND_PRINTK(2, notice,
255 "%s: ignored unsupported option; type=%d, len=%d\n",
256 __func__,
257 nd_opt->nd_opt_type,
258 nd_opt->nd_opt_len);
259 }
260 }
261 opt_len -= l;
262 nd_opt = ((void *)nd_opt) + l;
263 }
264 return ndopts;
265 }
266
267 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
268 {
269 switch (dev->type) {
270 case ARPHRD_ETHER:
271 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
272 case ARPHRD_FDDI:
273 ipv6_eth_mc_map(addr, buf);
274 return 0;
275 case ARPHRD_ARCNET:
276 ipv6_arcnet_mc_map(addr, buf);
277 return 0;
278 case ARPHRD_INFINIBAND:
279 ipv6_ib_mc_map(addr, dev->broadcast, buf);
280 return 0;
281 case ARPHRD_IPGRE:
282 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
283 default:
284 if (dir) {
285 memcpy(buf, dev->broadcast, dev->addr_len);
286 return 0;
287 }
288 }
289 return -EINVAL;
290 }
291 EXPORT_SYMBOL(ndisc_mc_map);
292
293 static u32 ndisc_hash(const void *pkey,
294 const struct net_device *dev,
295 __u32 *hash_rnd)
296 {
297 return ndisc_hashfn(pkey, dev, hash_rnd);
298 }
299
300 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
301 {
302 return neigh_key_eq128(n, pkey);
303 }
304
305 static int ndisc_constructor(struct neighbour *neigh)
306 {
307 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
308 struct net_device *dev = neigh->dev;
309 struct inet6_dev *in6_dev;
310 struct neigh_parms *parms;
311 bool is_multicast = ipv6_addr_is_multicast(addr);
312
313 in6_dev = in6_dev_get(dev);
314 if (in6_dev == NULL) {
315 return -EINVAL;
316 }
317
318 parms = in6_dev->nd_parms;
319 __neigh_parms_put(neigh->parms);
320 neigh->parms = neigh_parms_clone(parms);
321
322 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
323 if (!dev->header_ops) {
324 neigh->nud_state = NUD_NOARP;
325 neigh->ops = &ndisc_direct_ops;
326 neigh->output = neigh_direct_output;
327 } else {
328 if (is_multicast) {
329 neigh->nud_state = NUD_NOARP;
330 ndisc_mc_map(addr, neigh->ha, dev, 1);
331 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
332 neigh->nud_state = NUD_NOARP;
333 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
334 if (dev->flags&IFF_LOOPBACK)
335 neigh->type = RTN_LOCAL;
336 } else if (dev->flags&IFF_POINTOPOINT) {
337 neigh->nud_state = NUD_NOARP;
338 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
339 }
340 if (dev->header_ops->cache)
341 neigh->ops = &ndisc_hh_ops;
342 else
343 neigh->ops = &ndisc_generic_ops;
344 if (neigh->nud_state&NUD_VALID)
345 neigh->output = neigh->ops->connected_output;
346 else
347 neigh->output = neigh->ops->output;
348 }
349 in6_dev_put(in6_dev);
350 return 0;
351 }
352
353 static int pndisc_constructor(struct pneigh_entry *n)
354 {
355 struct in6_addr *addr = (struct in6_addr *)&n->key;
356 struct in6_addr maddr;
357 struct net_device *dev = n->dev;
358
359 if (dev == NULL || __in6_dev_get(dev) == NULL)
360 return -EINVAL;
361 addrconf_addr_solict_mult(addr, &maddr);
362 ipv6_dev_mc_inc(dev, &maddr);
363 return 0;
364 }
365
366 static void pndisc_destructor(struct pneigh_entry *n)
367 {
368 struct in6_addr *addr = (struct in6_addr *)&n->key;
369 struct in6_addr maddr;
370 struct net_device *dev = n->dev;
371
372 if (dev == NULL || __in6_dev_get(dev) == NULL)
373 return;
374 addrconf_addr_solict_mult(addr, &maddr);
375 ipv6_dev_mc_dec(dev, &maddr);
376 }
377
378 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
379 int len)
380 {
381 int hlen = LL_RESERVED_SPACE(dev);
382 int tlen = dev->needed_tailroom;
383 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
384 struct sk_buff *skb;
385
386 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
387 if (!skb) {
388 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
389 __func__);
390 return NULL;
391 }
392
393 skb->protocol = htons(ETH_P_IPV6);
394 skb->dev = dev;
395
396 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
397 skb_reset_transport_header(skb);
398
399 /* Manually assign socket ownership as we avoid calling
400 * sock_alloc_send_pskb() to bypass wmem buffer limits
401 */
402 skb_set_owner_w(skb, sk);
403
404 return skb;
405 }
406
407 static void ip6_nd_hdr(struct sk_buff *skb,
408 const struct in6_addr *saddr,
409 const struct in6_addr *daddr,
410 int hop_limit, int len)
411 {
412 struct ipv6hdr *hdr;
413
414 skb_push(skb, sizeof(*hdr));
415 skb_reset_network_header(skb);
416 hdr = ipv6_hdr(skb);
417
418 ip6_flow_hdr(hdr, 0, 0);
419
420 hdr->payload_len = htons(len);
421 hdr->nexthdr = IPPROTO_ICMPV6;
422 hdr->hop_limit = hop_limit;
423
424 hdr->saddr = *saddr;
425 hdr->daddr = *daddr;
426 }
427
428 static void ndisc_send_skb(struct sk_buff *skb,
429 const struct in6_addr *daddr,
430 const struct in6_addr *saddr)
431 {
432 struct dst_entry *dst = skb_dst(skb);
433 struct net *net = dev_net(skb->dev);
434 struct sock *sk = net->ipv6.ndisc_sk;
435 struct inet6_dev *idev;
436 int err;
437 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
438 u8 type;
439
440 type = icmp6h->icmp6_type;
441
442 if (!dst) {
443 struct flowi6 fl6;
444
445 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
446 dst = icmp6_dst_alloc(skb->dev, &fl6);
447 if (IS_ERR(dst)) {
448 kfree_skb(skb);
449 return;
450 }
451
452 skb_dst_set(skb, dst);
453 }
454
455 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
456 IPPROTO_ICMPV6,
457 csum_partial(icmp6h,
458 skb->len, 0));
459
460 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
461
462 rcu_read_lock();
463 idev = __in6_dev_get(dst->dev);
464 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
465
466 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
467 dst_output);
468 if (!err) {
469 ICMP6MSGOUT_INC_STATS(net, idev, type);
470 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
471 }
472
473 rcu_read_unlock();
474 }
475
476 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
477 const struct in6_addr *daddr,
478 const struct in6_addr *solicited_addr,
479 bool router, bool solicited, bool override, bool inc_opt)
480 {
481 struct sk_buff *skb;
482 struct in6_addr tmpaddr;
483 struct inet6_ifaddr *ifp;
484 const struct in6_addr *src_addr;
485 struct nd_msg *msg;
486 int optlen = 0;
487
488 /* for anycast or proxy, solicited_addr != src_addr */
489 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
490 if (ifp) {
491 src_addr = solicited_addr;
492 if (ifp->flags & IFA_F_OPTIMISTIC)
493 override = false;
494 inc_opt |= ifp->idev->cnf.force_tllao;
495 in6_ifa_put(ifp);
496 } else {
497 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
498 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
499 &tmpaddr))
500 return;
501 src_addr = &tmpaddr;
502 }
503
504 if (!dev->addr_len)
505 inc_opt = 0;
506 if (inc_opt)
507 optlen += ndisc_opt_addr_space(dev);
508
509 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
510 if (!skb)
511 return;
512
513 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
514 *msg = (struct nd_msg) {
515 .icmph = {
516 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
517 .icmp6_router = router,
518 .icmp6_solicited = solicited,
519 .icmp6_override = override,
520 },
521 .target = *solicited_addr,
522 };
523
524 if (inc_opt)
525 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
526 dev->dev_addr);
527
528
529 ndisc_send_skb(skb, daddr, src_addr);
530 }
531
532 static void ndisc_send_unsol_na(struct net_device *dev)
533 {
534 struct inet6_dev *idev;
535 struct inet6_ifaddr *ifa;
536
537 idev = in6_dev_get(dev);
538 if (!idev)
539 return;
540
541 read_lock_bh(&idev->lock);
542 list_for_each_entry(ifa, &idev->addr_list, if_list) {
543 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
544 /*router=*/ !!idev->cnf.forwarding,
545 /*solicited=*/ false, /*override=*/ true,
546 /*inc_opt=*/ true);
547 }
548 read_unlock_bh(&idev->lock);
549
550 in6_dev_put(idev);
551 }
552
553 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
554 const struct in6_addr *solicit,
555 const struct in6_addr *daddr, const struct in6_addr *saddr)
556 {
557 struct sk_buff *skb;
558 struct in6_addr addr_buf;
559 int inc_opt = dev->addr_len;
560 int optlen = 0;
561 struct nd_msg *msg;
562
563 if (saddr == NULL) {
564 if (ipv6_get_lladdr(dev, &addr_buf,
565 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
566 return;
567 saddr = &addr_buf;
568 }
569
570 if (ipv6_addr_any(saddr))
571 inc_opt = false;
572 if (inc_opt)
573 optlen += ndisc_opt_addr_space(dev);
574
575 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
576 if (!skb)
577 return;
578
579 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
580 *msg = (struct nd_msg) {
581 .icmph = {
582 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
583 },
584 .target = *solicit,
585 };
586
587 if (inc_opt)
588 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
589 dev->dev_addr);
590
591 ndisc_send_skb(skb, daddr, saddr);
592 }
593
594 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
595 const struct in6_addr *daddr)
596 {
597 struct sk_buff *skb;
598 struct rs_msg *msg;
599 int send_sllao = dev->addr_len;
600 int optlen = 0;
601
602 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
603 /*
604 * According to section 2.2 of RFC 4429, we must not
605 * send router solicitations with a sllao from
606 * optimistic addresses, but we may send the solicitation
607 * if we don't include the sllao. So here we check
608 * if our address is optimistic, and if so, we
609 * suppress the inclusion of the sllao.
610 */
611 if (send_sllao) {
612 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
613 dev, 1);
614 if (ifp) {
615 if (ifp->flags & IFA_F_OPTIMISTIC) {
616 send_sllao = 0;
617 }
618 in6_ifa_put(ifp);
619 } else {
620 send_sllao = 0;
621 }
622 }
623 #endif
624 if (send_sllao)
625 optlen += ndisc_opt_addr_space(dev);
626
627 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
628 if (!skb)
629 return;
630
631 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
632 *msg = (struct rs_msg) {
633 .icmph = {
634 .icmp6_type = NDISC_ROUTER_SOLICITATION,
635 },
636 };
637
638 if (send_sllao)
639 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
640 dev->dev_addr);
641
642 ndisc_send_skb(skb, daddr, saddr);
643 }
644
645
646 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
647 {
648 /*
649 * "The sender MUST return an ICMP
650 * destination unreachable"
651 */
652 dst_link_failure(skb);
653 kfree_skb(skb);
654 }
655
656 /* Called with locked neigh: either read or both */
657
658 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
659 {
660 struct in6_addr *saddr = NULL;
661 struct in6_addr mcaddr;
662 struct net_device *dev = neigh->dev;
663 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
664 int probes = atomic_read(&neigh->probes);
665
666 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
667 dev, 1,
668 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
669 saddr = &ipv6_hdr(skb)->saddr;
670 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
671 if (probes < 0) {
672 if (!(neigh->nud_state & NUD_VALID)) {
673 ND_PRINTK(1, dbg,
674 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
675 __func__, target);
676 }
677 ndisc_send_ns(dev, neigh, target, target, saddr);
678 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
679 neigh_app_ns(neigh);
680 } else {
681 addrconf_addr_solict_mult(target, &mcaddr);
682 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
683 }
684 }
685
686 static int pndisc_is_router(const void *pkey,
687 struct net_device *dev)
688 {
689 struct pneigh_entry *n;
690 int ret = -1;
691
692 read_lock_bh(&nd_tbl.lock);
693 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
694 if (n)
695 ret = !!(n->flags & NTF_ROUTER);
696 read_unlock_bh(&nd_tbl.lock);
697
698 return ret;
699 }
700
701 static void ndisc_recv_ns(struct sk_buff *skb)
702 {
703 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
704 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
705 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
706 u8 *lladdr = NULL;
707 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
708 offsetof(struct nd_msg, opt));
709 struct ndisc_options ndopts;
710 struct net_device *dev = skb->dev;
711 struct inet6_ifaddr *ifp;
712 struct inet6_dev *idev = NULL;
713 struct neighbour *neigh;
714 int dad = ipv6_addr_any(saddr);
715 bool inc;
716 int is_router = -1;
717
718 if (skb->len < sizeof(struct nd_msg)) {
719 ND_PRINTK(2, warn, "NS: packet too short\n");
720 return;
721 }
722
723 if (ipv6_addr_is_multicast(&msg->target)) {
724 ND_PRINTK(2, warn, "NS: multicast target address\n");
725 return;
726 }
727
728 /*
729 * RFC2461 7.1.1:
730 * DAD has to be destined for solicited node multicast address.
731 */
732 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
733 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
734 return;
735 }
736
737 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
738 ND_PRINTK(2, warn, "NS: invalid ND options\n");
739 return;
740 }
741
742 if (ndopts.nd_opts_src_lladdr) {
743 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
744 if (!lladdr) {
745 ND_PRINTK(2, warn,
746 "NS: invalid link-layer address length\n");
747 return;
748 }
749
750 /* RFC2461 7.1.1:
751 * If the IP source address is the unspecified address,
752 * there MUST NOT be source link-layer address option
753 * in the message.
754 */
755 if (dad) {
756 ND_PRINTK(2, warn,
757 "NS: bad DAD packet (link-layer address option)\n");
758 return;
759 }
760 }
761
762 inc = ipv6_addr_is_multicast(daddr);
763
764 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
765 if (ifp) {
766
767 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
768 if (dad) {
769 /*
770 * We are colliding with another node
771 * who is doing DAD
772 * so fail our DAD process
773 */
774 addrconf_dad_failure(ifp);
775 return;
776 } else {
777 /*
778 * This is not a dad solicitation.
779 * If we are an optimistic node,
780 * we should respond.
781 * Otherwise, we should ignore it.
782 */
783 if (!(ifp->flags & IFA_F_OPTIMISTIC))
784 goto out;
785 }
786 }
787
788 idev = ifp->idev;
789 } else {
790 struct net *net = dev_net(dev);
791
792 idev = in6_dev_get(dev);
793 if (!idev) {
794 /* XXX: count this drop? */
795 return;
796 }
797
798 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
799 (idev->cnf.forwarding &&
800 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
801 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
802 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
803 skb->pkt_type != PACKET_HOST &&
804 inc &&
805 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
806 /*
807 * for anycast or proxy,
808 * sender should delay its response
809 * by a random time between 0 and
810 * MAX_ANYCAST_DELAY_TIME seconds.
811 * (RFC2461) -- yoshfuji
812 */
813 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
814 if (n)
815 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
816 goto out;
817 }
818 } else
819 goto out;
820 }
821
822 if (is_router < 0)
823 is_router = idev->cnf.forwarding;
824
825 if (dad) {
826 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
827 !!is_router, false, (ifp != NULL), true);
828 goto out;
829 }
830
831 if (inc)
832 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
833 else
834 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
835
836 /*
837 * update / create cache entry
838 * for the source address
839 */
840 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
841 !inc || lladdr || !dev->addr_len);
842 if (neigh)
843 neigh_update(neigh, lladdr, NUD_STALE,
844 NEIGH_UPDATE_F_WEAK_OVERRIDE|
845 NEIGH_UPDATE_F_OVERRIDE);
846 if (neigh || !dev->header_ops) {
847 ndisc_send_na(dev, neigh, saddr, &msg->target,
848 !!is_router,
849 true, (ifp != NULL && inc), inc);
850 if (neigh)
851 neigh_release(neigh);
852 }
853
854 out:
855 if (ifp)
856 in6_ifa_put(ifp);
857 else
858 in6_dev_put(idev);
859 }
860
861 static void ndisc_recv_na(struct sk_buff *skb)
862 {
863 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
864 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
865 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
866 u8 *lladdr = NULL;
867 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
868 offsetof(struct nd_msg, opt));
869 struct ndisc_options ndopts;
870 struct net_device *dev = skb->dev;
871 struct inet6_ifaddr *ifp;
872 struct neighbour *neigh;
873
874 if (skb->len < sizeof(struct nd_msg)) {
875 ND_PRINTK(2, warn, "NA: packet too short\n");
876 return;
877 }
878
879 if (ipv6_addr_is_multicast(&msg->target)) {
880 ND_PRINTK(2, warn, "NA: target address is multicast\n");
881 return;
882 }
883
884 if (ipv6_addr_is_multicast(daddr) &&
885 msg->icmph.icmp6_solicited) {
886 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
887 return;
888 }
889
890 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
891 ND_PRINTK(2, warn, "NS: invalid ND option\n");
892 return;
893 }
894 if (ndopts.nd_opts_tgt_lladdr) {
895 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
896 if (!lladdr) {
897 ND_PRINTK(2, warn,
898 "NA: invalid link-layer address length\n");
899 return;
900 }
901 }
902 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
903 if (ifp) {
904 if (skb->pkt_type != PACKET_LOOPBACK
905 && (ifp->flags & IFA_F_TENTATIVE)) {
906 addrconf_dad_failure(ifp);
907 return;
908 }
909 /* What should we make now? The advertisement
910 is invalid, but ndisc specs say nothing
911 about it. It could be misconfiguration, or
912 an smart proxy agent tries to help us :-)
913
914 We should not print the error if NA has been
915 received from loopback - it is just our own
916 unsolicited advertisement.
917 */
918 if (skb->pkt_type != PACKET_LOOPBACK)
919 ND_PRINTK(1, warn,
920 "NA: someone advertises our address %pI6 on %s!\n",
921 &ifp->addr, ifp->idev->dev->name);
922 in6_ifa_put(ifp);
923 return;
924 }
925 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
926
927 if (neigh) {
928 u8 old_flags = neigh->flags;
929 struct net *net = dev_net(dev);
930
931 if (neigh->nud_state & NUD_FAILED)
932 goto out;
933
934 /*
935 * Don't update the neighbor cache entry on a proxy NA from
936 * ourselves because either the proxied node is off link or it
937 * has already sent a NA to us.
938 */
939 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
940 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
941 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
942 /* XXX: idev->cnf.proxy_ndp */
943 goto out;
944 }
945
946 neigh_update(neigh, lladdr,
947 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
948 NEIGH_UPDATE_F_WEAK_OVERRIDE|
949 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
950 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
951 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
952
953 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
954 /*
955 * Change: router to host
956 */
957 rt6_clean_tohost(dev_net(dev), saddr);
958 }
959
960 out:
961 neigh_release(neigh);
962 }
963 }
964
965 static void ndisc_recv_rs(struct sk_buff *skb)
966 {
967 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
968 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
969 struct neighbour *neigh;
970 struct inet6_dev *idev;
971 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
972 struct ndisc_options ndopts;
973 u8 *lladdr = NULL;
974
975 if (skb->len < sizeof(*rs_msg))
976 return;
977
978 idev = __in6_dev_get(skb->dev);
979 if (!idev) {
980 ND_PRINTK(1, err, "RS: can't find in6 device\n");
981 return;
982 }
983
984 /* Don't accept RS if we're not in router mode */
985 if (!idev->cnf.forwarding)
986 goto out;
987
988 /*
989 * Don't update NCE if src = ::;
990 * this implies that the source node has no ip address assigned yet.
991 */
992 if (ipv6_addr_any(saddr))
993 goto out;
994
995 /* Parse ND options */
996 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
997 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
998 goto out;
999 }
1000
1001 if (ndopts.nd_opts_src_lladdr) {
1002 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1003 skb->dev);
1004 if (!lladdr)
1005 goto out;
1006 }
1007
1008 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1009 if (neigh) {
1010 neigh_update(neigh, lladdr, NUD_STALE,
1011 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1012 NEIGH_UPDATE_F_OVERRIDE|
1013 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1014 neigh_release(neigh);
1015 }
1016 out:
1017 return;
1018 }
1019
1020 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1021 {
1022 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1023 struct sk_buff *skb;
1024 struct nlmsghdr *nlh;
1025 struct nduseroptmsg *ndmsg;
1026 struct net *net = dev_net(ra->dev);
1027 int err;
1028 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1029 + (opt->nd_opt_len << 3));
1030 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1031
1032 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1033 if (skb == NULL) {
1034 err = -ENOBUFS;
1035 goto errout;
1036 }
1037
1038 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1039 if (nlh == NULL) {
1040 goto nla_put_failure;
1041 }
1042
1043 ndmsg = nlmsg_data(nlh);
1044 ndmsg->nduseropt_family = AF_INET6;
1045 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1046 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1047 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1048 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1049
1050 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1051
1052 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1053 &ipv6_hdr(ra)->saddr))
1054 goto nla_put_failure;
1055 nlmsg_end(skb, nlh);
1056
1057 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1058 return;
1059
1060 nla_put_failure:
1061 nlmsg_free(skb);
1062 err = -EMSGSIZE;
1063 errout:
1064 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1065 }
1066
1067 static void ndisc_router_discovery(struct sk_buff *skb)
1068 {
1069 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1070 struct neighbour *neigh = NULL;
1071 struct inet6_dev *in6_dev;
1072 struct rt6_info *rt = NULL;
1073 int lifetime;
1074 struct ndisc_options ndopts;
1075 int optlen;
1076 unsigned int pref = 0;
1077
1078 __u8 *opt = (__u8 *)(ra_msg + 1);
1079
1080 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1081 sizeof(struct ra_msg);
1082
1083 ND_PRINTK(2, info,
1084 "RA: %s, dev: %s\n",
1085 __func__, skb->dev->name);
1086 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1087 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1088 return;
1089 }
1090 if (optlen < 0) {
1091 ND_PRINTK(2, warn, "RA: packet too short\n");
1092 return;
1093 }
1094
1095 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1096 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1097 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1098 return;
1099 }
1100 #endif
1101
1102 /*
1103 * set the RA_RECV flag in the interface
1104 */
1105
1106 in6_dev = __in6_dev_get(skb->dev);
1107 if (in6_dev == NULL) {
1108 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1109 skb->dev->name);
1110 return;
1111 }
1112
1113 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1114 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1115 return;
1116 }
1117
1118 if (!ipv6_accept_ra(in6_dev)) {
1119 ND_PRINTK(2, info,
1120 "RA: %s, did not accept ra for dev: %s\n",
1121 __func__, skb->dev->name);
1122 goto skip_linkparms;
1123 }
1124
1125 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1126 /* skip link-specific parameters from interior routers */
1127 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1128 ND_PRINTK(2, info,
1129 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1130 __func__, skb->dev->name);
1131 goto skip_linkparms;
1132 }
1133 #endif
1134
1135 if (in6_dev->if_flags & IF_RS_SENT) {
1136 /*
1137 * flag that an RA was received after an RS was sent
1138 * out on this interface.
1139 */
1140 in6_dev->if_flags |= IF_RA_RCVD;
1141 }
1142
1143 /*
1144 * Remember the managed/otherconf flags from most recently
1145 * received RA message (RFC 2462) -- yoshfuji
1146 */
1147 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1148 IF_RA_OTHERCONF)) |
1149 (ra_msg->icmph.icmp6_addrconf_managed ?
1150 IF_RA_MANAGED : 0) |
1151 (ra_msg->icmph.icmp6_addrconf_other ?
1152 IF_RA_OTHERCONF : 0);
1153
1154 if (!in6_dev->cnf.accept_ra_defrtr) {
1155 ND_PRINTK(2, info,
1156 "RA: %s, defrtr is false for dev: %s\n",
1157 __func__, skb->dev->name);
1158 goto skip_defrtr;
1159 }
1160
1161 /* Do not accept RA with source-addr found on local machine unless
1162 * accept_ra_from_local is set to true.
1163 */
1164 if (!in6_dev->cnf.accept_ra_from_local &&
1165 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1166 NULL, 0)) {
1167 ND_PRINTK(2, info,
1168 "RA from local address detected on dev: %s: default router ignored\n",
1169 skb->dev->name);
1170 goto skip_defrtr;
1171 }
1172
1173 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1174
1175 #ifdef CONFIG_IPV6_ROUTER_PREF
1176 pref = ra_msg->icmph.icmp6_router_pref;
1177 /* 10b is handled as if it were 00b (medium) */
1178 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1179 !in6_dev->cnf.accept_ra_rtr_pref)
1180 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1181 #endif
1182
1183 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1184
1185 if (rt) {
1186 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1187 if (!neigh) {
1188 ND_PRINTK(0, err,
1189 "RA: %s got default router without neighbour\n",
1190 __func__);
1191 ip6_rt_put(rt);
1192 return;
1193 }
1194 }
1195 if (rt && lifetime == 0) {
1196 ip6_del_rt(rt);
1197 rt = NULL;
1198 }
1199
1200 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1201 rt, lifetime, skb->dev->name);
1202 if (rt == NULL && lifetime) {
1203 ND_PRINTK(3, info, "RA: adding default router\n");
1204
1205 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1206 if (rt == NULL) {
1207 ND_PRINTK(0, err,
1208 "RA: %s failed to add default route\n",
1209 __func__);
1210 return;
1211 }
1212
1213 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1214 if (neigh == NULL) {
1215 ND_PRINTK(0, err,
1216 "RA: %s got default router without neighbour\n",
1217 __func__);
1218 ip6_rt_put(rt);
1219 return;
1220 }
1221 neigh->flags |= NTF_ROUTER;
1222 } else if (rt) {
1223 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1224 }
1225
1226 if (rt)
1227 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1228 if (ra_msg->icmph.icmp6_hop_limit) {
1229 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1230 if (rt)
1231 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1232 ra_msg->icmph.icmp6_hop_limit);
1233 }
1234
1235 skip_defrtr:
1236
1237 /*
1238 * Update Reachable Time and Retrans Timer
1239 */
1240
1241 if (in6_dev->nd_parms) {
1242 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1243
1244 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1245 rtime = (rtime*HZ)/1000;
1246 if (rtime < HZ/10)
1247 rtime = HZ/10;
1248 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1249 in6_dev->tstamp = jiffies;
1250 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1251 }
1252
1253 rtime = ntohl(ra_msg->reachable_time);
1254 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1255 rtime = (rtime*HZ)/1000;
1256
1257 if (rtime < HZ/10)
1258 rtime = HZ/10;
1259
1260 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1261 NEIGH_VAR_SET(in6_dev->nd_parms,
1262 BASE_REACHABLE_TIME, rtime);
1263 NEIGH_VAR_SET(in6_dev->nd_parms,
1264 GC_STALETIME, 3 * rtime);
1265 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1266 in6_dev->tstamp = jiffies;
1267 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1268 }
1269 }
1270 }
1271
1272 skip_linkparms:
1273
1274 /*
1275 * Process options.
1276 */
1277
1278 if (!neigh)
1279 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1280 skb->dev, 1);
1281 if (neigh) {
1282 u8 *lladdr = NULL;
1283 if (ndopts.nd_opts_src_lladdr) {
1284 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1285 skb->dev);
1286 if (!lladdr) {
1287 ND_PRINTK(2, warn,
1288 "RA: invalid link-layer address length\n");
1289 goto out;
1290 }
1291 }
1292 neigh_update(neigh, lladdr, NUD_STALE,
1293 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1294 NEIGH_UPDATE_F_OVERRIDE|
1295 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1296 NEIGH_UPDATE_F_ISROUTER);
1297 }
1298
1299 if (!ipv6_accept_ra(in6_dev)) {
1300 ND_PRINTK(2, info,
1301 "RA: %s, accept_ra is false for dev: %s\n",
1302 __func__, skb->dev->name);
1303 goto out;
1304 }
1305
1306 #ifdef CONFIG_IPV6_ROUTE_INFO
1307 if (!in6_dev->cnf.accept_ra_from_local &&
1308 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1309 NULL, 0)) {
1310 ND_PRINTK(2, info,
1311 "RA from local address detected on dev: %s: router info ignored.\n",
1312 skb->dev->name);
1313 goto skip_routeinfo;
1314 }
1315
1316 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1317 struct nd_opt_hdr *p;
1318 for (p = ndopts.nd_opts_ri;
1319 p;
1320 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1321 struct route_info *ri = (struct route_info *)p;
1322 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1323 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1324 ri->prefix_len == 0)
1325 continue;
1326 #endif
1327 if (ri->prefix_len == 0 &&
1328 !in6_dev->cnf.accept_ra_defrtr)
1329 continue;
1330 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1331 continue;
1332 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1333 &ipv6_hdr(skb)->saddr);
1334 }
1335 }
1336
1337 skip_routeinfo:
1338 #endif
1339
1340 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1341 /* skip link-specific ndopts from interior routers */
1342 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1343 ND_PRINTK(2, info,
1344 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1345 __func__, skb->dev->name);
1346 goto out;
1347 }
1348 #endif
1349
1350 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1351 struct nd_opt_hdr *p;
1352 for (p = ndopts.nd_opts_pi;
1353 p;
1354 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1355 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1356 (p->nd_opt_len) << 3,
1357 ndopts.nd_opts_src_lladdr != NULL);
1358 }
1359 }
1360
1361 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1362 __be32 n;
1363 u32 mtu;
1364
1365 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1366 mtu = ntohl(n);
1367
1368 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1369 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1370 } else if (in6_dev->cnf.mtu6 != mtu) {
1371 in6_dev->cnf.mtu6 = mtu;
1372
1373 if (rt)
1374 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1375
1376 rt6_mtu_change(skb->dev, mtu);
1377 }
1378 }
1379
1380 if (ndopts.nd_useropts) {
1381 struct nd_opt_hdr *p;
1382 for (p = ndopts.nd_useropts;
1383 p;
1384 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1385 ndisc_ra_useropt(skb, p);
1386 }
1387 }
1388
1389 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1390 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1391 }
1392 out:
1393 ip6_rt_put(rt);
1394 if (neigh)
1395 neigh_release(neigh);
1396 }
1397
1398 static void ndisc_redirect_rcv(struct sk_buff *skb)
1399 {
1400 u8 *hdr;
1401 struct ndisc_options ndopts;
1402 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1403 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1404 offsetof(struct rd_msg, opt));
1405
1406 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1407 switch (skb->ndisc_nodetype) {
1408 case NDISC_NODETYPE_HOST:
1409 case NDISC_NODETYPE_NODEFAULT:
1410 ND_PRINTK(2, warn,
1411 "Redirect: from host or unauthorized router\n");
1412 return;
1413 }
1414 #endif
1415
1416 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1417 ND_PRINTK(2, warn,
1418 "Redirect: source address is not link-local\n");
1419 return;
1420 }
1421
1422 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1423 return;
1424
1425 if (!ndopts.nd_opts_rh) {
1426 ip6_redirect_no_header(skb, dev_net(skb->dev),
1427 skb->dev->ifindex, 0);
1428 return;
1429 }
1430
1431 hdr = (u8 *)ndopts.nd_opts_rh;
1432 hdr += 8;
1433 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1434 return;
1435
1436 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1437 }
1438
1439 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1440 struct sk_buff *orig_skb,
1441 int rd_len)
1442 {
1443 u8 *opt = skb_put(skb, rd_len);
1444
1445 memset(opt, 0, 8);
1446 *(opt++) = ND_OPT_REDIRECT_HDR;
1447 *(opt++) = (rd_len >> 3);
1448 opt += 6;
1449
1450 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1451 }
1452
1453 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1454 {
1455 struct net_device *dev = skb->dev;
1456 struct net *net = dev_net(dev);
1457 struct sock *sk = net->ipv6.ndisc_sk;
1458 int optlen = 0;
1459 struct inet_peer *peer;
1460 struct sk_buff *buff;
1461 struct rd_msg *msg;
1462 struct in6_addr saddr_buf;
1463 struct rt6_info *rt;
1464 struct dst_entry *dst;
1465 struct flowi6 fl6;
1466 int rd_len;
1467 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1468 bool ret;
1469
1470 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1471 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1472 dev->name);
1473 return;
1474 }
1475
1476 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1477 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1478 ND_PRINTK(2, warn,
1479 "Redirect: target address is not link-local unicast\n");
1480 return;
1481 }
1482
1483 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1484 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1485
1486 dst = ip6_route_output(net, NULL, &fl6);
1487 if (dst->error) {
1488 dst_release(dst);
1489 return;
1490 }
1491 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1492 if (IS_ERR(dst))
1493 return;
1494
1495 rt = (struct rt6_info *) dst;
1496
1497 if (rt->rt6i_flags & RTF_GATEWAY) {
1498 ND_PRINTK(2, warn,
1499 "Redirect: destination is not a neighbour\n");
1500 goto release;
1501 }
1502 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1503 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1504 if (peer)
1505 inet_putpeer(peer);
1506 if (!ret)
1507 goto release;
1508
1509 if (dev->addr_len) {
1510 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1511 if (!neigh) {
1512 ND_PRINTK(2, warn,
1513 "Redirect: no neigh for target address\n");
1514 goto release;
1515 }
1516
1517 read_lock_bh(&neigh->lock);
1518 if (neigh->nud_state & NUD_VALID) {
1519 memcpy(ha_buf, neigh->ha, dev->addr_len);
1520 read_unlock_bh(&neigh->lock);
1521 ha = ha_buf;
1522 optlen += ndisc_opt_addr_space(dev);
1523 } else
1524 read_unlock_bh(&neigh->lock);
1525
1526 neigh_release(neigh);
1527 }
1528
1529 rd_len = min_t(unsigned int,
1530 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1531 skb->len + 8);
1532 rd_len &= ~0x7;
1533 optlen += rd_len;
1534
1535 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1536 if (!buff)
1537 goto release;
1538
1539 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1540 *msg = (struct rd_msg) {
1541 .icmph = {
1542 .icmp6_type = NDISC_REDIRECT,
1543 },
1544 .target = *target,
1545 .dest = ipv6_hdr(skb)->daddr,
1546 };
1547
1548 /*
1549 * include target_address option
1550 */
1551
1552 if (ha)
1553 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1554
1555 /*
1556 * build redirect option and copy skb over to the new packet.
1557 */
1558
1559 if (rd_len)
1560 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1561
1562 skb_dst_set(buff, dst);
1563 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1564 return;
1565
1566 release:
1567 dst_release(dst);
1568 }
1569
1570 static void pndisc_redo(struct sk_buff *skb)
1571 {
1572 ndisc_recv_ns(skb);
1573 kfree_skb(skb);
1574 }
1575
1576 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1577 {
1578 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1579
1580 if (!idev)
1581 return true;
1582 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1583 idev->cnf.suppress_frag_ndisc) {
1584 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1585 return true;
1586 }
1587 return false;
1588 }
1589
1590 int ndisc_rcv(struct sk_buff *skb)
1591 {
1592 struct nd_msg *msg;
1593
1594 if (ndisc_suppress_frag_ndisc(skb))
1595 return 0;
1596
1597 if (skb_linearize(skb))
1598 return 0;
1599
1600 msg = (struct nd_msg *)skb_transport_header(skb);
1601
1602 __skb_push(skb, skb->data - skb_transport_header(skb));
1603
1604 if (ipv6_hdr(skb)->hop_limit != 255) {
1605 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1606 ipv6_hdr(skb)->hop_limit);
1607 return 0;
1608 }
1609
1610 if (msg->icmph.icmp6_code != 0) {
1611 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1612 msg->icmph.icmp6_code);
1613 return 0;
1614 }
1615
1616 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1617
1618 switch (msg->icmph.icmp6_type) {
1619 case NDISC_NEIGHBOUR_SOLICITATION:
1620 ndisc_recv_ns(skb);
1621 break;
1622
1623 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1624 ndisc_recv_na(skb);
1625 break;
1626
1627 case NDISC_ROUTER_SOLICITATION:
1628 ndisc_recv_rs(skb);
1629 break;
1630
1631 case NDISC_ROUTER_ADVERTISEMENT:
1632 ndisc_router_discovery(skb);
1633 break;
1634
1635 case NDISC_REDIRECT:
1636 ndisc_redirect_rcv(skb);
1637 break;
1638 }
1639
1640 return 0;
1641 }
1642
1643 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1644 {
1645 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1646 struct net *net = dev_net(dev);
1647 struct inet6_dev *idev;
1648
1649 switch (event) {
1650 case NETDEV_CHANGEADDR:
1651 neigh_changeaddr(&nd_tbl, dev);
1652 fib6_run_gc(0, net, false);
1653 idev = in6_dev_get(dev);
1654 if (!idev)
1655 break;
1656 if (idev->cnf.ndisc_notify)
1657 ndisc_send_unsol_na(dev);
1658 in6_dev_put(idev);
1659 break;
1660 case NETDEV_DOWN:
1661 neigh_ifdown(&nd_tbl, dev);
1662 fib6_run_gc(0, net, false);
1663 break;
1664 case NETDEV_NOTIFY_PEERS:
1665 ndisc_send_unsol_na(dev);
1666 break;
1667 default:
1668 break;
1669 }
1670
1671 return NOTIFY_DONE;
1672 }
1673
1674 static struct notifier_block ndisc_netdev_notifier = {
1675 .notifier_call = ndisc_netdev_event,
1676 };
1677
1678 #ifdef CONFIG_SYSCTL
1679 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1680 const char *func, const char *dev_name)
1681 {
1682 static char warncomm[TASK_COMM_LEN];
1683 static int warned;
1684 if (strcmp(warncomm, current->comm) && warned < 5) {
1685 strcpy(warncomm, current->comm);
1686 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1687 warncomm, func,
1688 dev_name, ctl->procname,
1689 dev_name, ctl->procname);
1690 warned++;
1691 }
1692 }
1693
1694 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1695 {
1696 struct net_device *dev = ctl->extra1;
1697 struct inet6_dev *idev;
1698 int ret;
1699
1700 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1701 (strcmp(ctl->procname, "base_reachable_time") == 0))
1702 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1703
1704 if (strcmp(ctl->procname, "retrans_time") == 0)
1705 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1706
1707 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1708 ret = neigh_proc_dointvec_jiffies(ctl, write,
1709 buffer, lenp, ppos);
1710
1711 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1712 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1713 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1714 buffer, lenp, ppos);
1715 else
1716 ret = -1;
1717
1718 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1719 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1720 idev->nd_parms->reachable_time =
1721 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1722 idev->tstamp = jiffies;
1723 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1724 in6_dev_put(idev);
1725 }
1726 return ret;
1727 }
1728
1729
1730 #endif
1731
1732 static int __net_init ndisc_net_init(struct net *net)
1733 {
1734 struct ipv6_pinfo *np;
1735 struct sock *sk;
1736 int err;
1737
1738 err = inet_ctl_sock_create(&sk, PF_INET6,
1739 SOCK_RAW, IPPROTO_ICMPV6, net);
1740 if (err < 0) {
1741 ND_PRINTK(0, err,
1742 "NDISC: Failed to initialize the control socket (err %d)\n",
1743 err);
1744 return err;
1745 }
1746
1747 net->ipv6.ndisc_sk = sk;
1748
1749 np = inet6_sk(sk);
1750 np->hop_limit = 255;
1751 /* Do not loopback ndisc messages */
1752 np->mc_loop = 0;
1753
1754 return 0;
1755 }
1756
1757 static void __net_exit ndisc_net_exit(struct net *net)
1758 {
1759 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1760 }
1761
1762 static struct pernet_operations ndisc_net_ops = {
1763 .init = ndisc_net_init,
1764 .exit = ndisc_net_exit,
1765 };
1766
1767 int __init ndisc_init(void)
1768 {
1769 int err;
1770
1771 err = register_pernet_subsys(&ndisc_net_ops);
1772 if (err)
1773 return err;
1774 /*
1775 * Initialize the neighbour table
1776 */
1777 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1778
1779 #ifdef CONFIG_SYSCTL
1780 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1781 ndisc_ifinfo_sysctl_change);
1782 if (err)
1783 goto out_unregister_pernet;
1784 out:
1785 #endif
1786 return err;
1787
1788 #ifdef CONFIG_SYSCTL
1789 out_unregister_pernet:
1790 unregister_pernet_subsys(&ndisc_net_ops);
1791 goto out;
1792 #endif
1793 }
1794
1795 int __init ndisc_late_init(void)
1796 {
1797 return register_netdevice_notifier(&ndisc_netdev_notifier);
1798 }
1799
1800 void ndisc_late_cleanup(void)
1801 {
1802 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1803 }
1804
1805 void ndisc_cleanup(void)
1806 {
1807 #ifdef CONFIG_SYSCTL
1808 neigh_sysctl_unregister(&nd_tbl.parms);
1809 #endif
1810 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1811 unregister_pernet_subsys(&ndisc_net_ops);
1812 }
Linux kernel - Deliverables
This page took 0.094829 seconds and 5 git commands to generate.