projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
[deliverable/linux.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
147 {
148 int pad = ndisc_addr_option_pad(skb->dev->type);
149 int data_len = skb->dev->addr_len;
150 int space = ndisc_opt_addr_space(skb->dev);
151 u8 *opt = skb_put(skb, space);
152
153 opt[0] = type;
154 opt[1] = space>>3;
155
156 memset(opt + 2, 0, pad);
157 opt += pad;
158 space -= pad;
159
160 memcpy(opt+2, data, data_len);
161 data_len += 2;
162 opt += data_len;
163 if ((space -= data_len) > 0)
164 memset(opt, 0, space);
165 }
166
167 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
168 struct nd_opt_hdr *end)
169 {
170 int type;
171 if (!cur || !end || cur >= end)
172 return NULL;
173 type = cur->nd_opt_type;
174 do {
175 cur = ((void *)cur) + (cur->nd_opt_len << 3);
176 } while(cur < end && cur->nd_opt_type != type);
177 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
178 }
179
180 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
181 {
182 return opt->nd_opt_type == ND_OPT_RDNSS ||
183 opt->nd_opt_type == ND_OPT_DNSSL;
184 }
185
186 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
187 struct nd_opt_hdr *end)
188 {
189 if (!cur || !end || cur >= end)
190 return NULL;
191 do {
192 cur = ((void *)cur) + (cur->nd_opt_len << 3);
193 } while(cur < end && !ndisc_is_useropt(cur));
194 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
195 }
196
197 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
198 struct ndisc_options *ndopts)
199 {
200 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
201
202 if (!nd_opt || opt_len < 0 || !ndopts)
203 return NULL;
204 memset(ndopts, 0, sizeof(*ndopts));
205 while (opt_len) {
206 int l;
207 if (opt_len < sizeof(struct nd_opt_hdr))
208 return NULL;
209 l = nd_opt->nd_opt_len << 3;
210 if (opt_len < l || l == 0)
211 return NULL;
212 switch (nd_opt->nd_opt_type) {
213 case ND_OPT_SOURCE_LL_ADDR:
214 case ND_OPT_TARGET_LL_ADDR:
215 case ND_OPT_MTU:
216 case ND_OPT_REDIRECT_HDR:
217 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
218 ND_PRINTK(2, warn,
219 "%s: duplicated ND6 option found: type=%d\n",
220 __func__, nd_opt->nd_opt_type);
221 } else {
222 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
223 }
224 break;
225 case ND_OPT_PREFIX_INFO:
226 ndopts->nd_opts_pi_end = nd_opt;
227 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
228 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
229 break;
230 #ifdef CONFIG_IPV6_ROUTE_INFO
231 case ND_OPT_ROUTE_INFO:
232 ndopts->nd_opts_ri_end = nd_opt;
233 if (!ndopts->nd_opts_ri)
234 ndopts->nd_opts_ri = nd_opt;
235 break;
236 #endif
237 default:
238 if (ndisc_is_useropt(nd_opt)) {
239 ndopts->nd_useropts_end = nd_opt;
240 if (!ndopts->nd_useropts)
241 ndopts->nd_useropts = nd_opt;
242 } else {
243 /*
244 * Unknown options must be silently ignored,
245 * to accommodate future extension to the
246 * protocol.
247 */
248 ND_PRINTK(2, notice,
249 "%s: ignored unsupported option; type=%d, len=%d\n",
250 __func__,
251 nd_opt->nd_opt_type,
252 nd_opt->nd_opt_len);
253 }
254 }
255 opt_len -= l;
256 nd_opt = ((void *)nd_opt) + l;
257 }
258 return ndopts;
259 }
260
261 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
262 {
263 switch (dev->type) {
264 case ARPHRD_ETHER:
265 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
266 case ARPHRD_FDDI:
267 ipv6_eth_mc_map(addr, buf);
268 return 0;
269 case ARPHRD_ARCNET:
270 ipv6_arcnet_mc_map(addr, buf);
271 return 0;
272 case ARPHRD_INFINIBAND:
273 ipv6_ib_mc_map(addr, dev->broadcast, buf);
274 return 0;
275 case ARPHRD_IPGRE:
276 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
277 default:
278 if (dir) {
279 memcpy(buf, dev->broadcast, dev->addr_len);
280 return 0;
281 }
282 }
283 return -EINVAL;
284 }
285
286 EXPORT_SYMBOL(ndisc_mc_map);
287
288 static u32 ndisc_hash(const void *pkey,
289 const struct net_device *dev,
290 __u32 *hash_rnd)
291 {
292 return ndisc_hashfn(pkey, dev, hash_rnd);
293 }
294
295 static int ndisc_constructor(struct neighbour *neigh)
296 {
297 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
298 struct net_device *dev = neigh->dev;
299 struct inet6_dev *in6_dev;
300 struct neigh_parms *parms;
301 bool is_multicast = ipv6_addr_is_multicast(addr);
302
303 in6_dev = in6_dev_get(dev);
304 if (in6_dev == NULL) {
305 return -EINVAL;
306 }
307
308 parms = in6_dev->nd_parms;
309 __neigh_parms_put(neigh->parms);
310 neigh->parms = neigh_parms_clone(parms);
311
312 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
313 if (!dev->header_ops) {
314 neigh->nud_state = NUD_NOARP;
315 neigh->ops = &ndisc_direct_ops;
316 neigh->output = neigh_direct_output;
317 } else {
318 if (is_multicast) {
319 neigh->nud_state = NUD_NOARP;
320 ndisc_mc_map(addr, neigh->ha, dev, 1);
321 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
322 neigh->nud_state = NUD_NOARP;
323 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
324 if (dev->flags&IFF_LOOPBACK)
325 neigh->type = RTN_LOCAL;
326 } else if (dev->flags&IFF_POINTOPOINT) {
327 neigh->nud_state = NUD_NOARP;
328 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
329 }
330 if (dev->header_ops->cache)
331 neigh->ops = &ndisc_hh_ops;
332 else
333 neigh->ops = &ndisc_generic_ops;
334 if (neigh->nud_state&NUD_VALID)
335 neigh->output = neigh->ops->connected_output;
336 else
337 neigh->output = neigh->ops->output;
338 }
339 in6_dev_put(in6_dev);
340 return 0;
341 }
342
343 static int pndisc_constructor(struct pneigh_entry *n)
344 {
345 struct in6_addr *addr = (struct in6_addr*)&n->key;
346 struct in6_addr maddr;
347 struct net_device *dev = n->dev;
348
349 if (dev == NULL || __in6_dev_get(dev) == NULL)
350 return -EINVAL;
351 addrconf_addr_solict_mult(addr, &maddr);
352 ipv6_dev_mc_inc(dev, &maddr);
353 return 0;
354 }
355
356 static void pndisc_destructor(struct pneigh_entry *n)
357 {
358 struct in6_addr *addr = (struct in6_addr*)&n->key;
359 struct in6_addr maddr;
360 struct net_device *dev = n->dev;
361
362 if (dev == NULL || __in6_dev_get(dev) == NULL)
363 return;
364 addrconf_addr_solict_mult(addr, &maddr);
365 ipv6_dev_mc_dec(dev, &maddr);
366 }
367
368 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
369 int len)
370 {
371 int hlen = LL_RESERVED_SPACE(dev);
372 int tlen = dev->needed_tailroom;
373 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
374 struct sk_buff *skb;
375
376 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
377 if (!skb) {
378 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
379 __func__);
380 return NULL;
381 }
382
383 skb->protocol = htons(ETH_P_IPV6);
384 skb->dev = dev;
385
386 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
387 skb_reset_transport_header(skb);
388
389 /* Manually assign socket ownership as we avoid calling
390 * sock_alloc_send_pskb() to bypass wmem buffer limits
391 */
392 skb_set_owner_w(skb, sk);
393
394 return skb;
395 }
396
397 static void ip6_nd_hdr(struct sk_buff *skb,
398 const struct in6_addr *saddr,
399 const struct in6_addr *daddr,
400 int hop_limit, int len)
401 {
402 struct ipv6hdr *hdr;
403
404 skb_push(skb, sizeof(*hdr));
405 skb_reset_network_header(skb);
406 hdr = ipv6_hdr(skb);
407
408 ip6_flow_hdr(hdr, 0, 0);
409
410 hdr->payload_len = htons(len);
411 hdr->nexthdr = IPPROTO_ICMPV6;
412 hdr->hop_limit = hop_limit;
413
414 hdr->saddr = *saddr;
415 hdr->daddr = *daddr;
416 }
417
418 static void ndisc_send_skb(struct sk_buff *skb,
419 const struct in6_addr *daddr,
420 const struct in6_addr *saddr)
421 {
422 struct dst_entry *dst = skb_dst(skb);
423 struct net *net = dev_net(skb->dev);
424 struct sock *sk = net->ipv6.ndisc_sk;
425 struct inet6_dev *idev;
426 int err;
427 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
428 u8 type;
429
430 type = icmp6h->icmp6_type;
431
432 if (!dst) {
433 struct flowi6 fl6;
434
435 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
436 dst = icmp6_dst_alloc(skb->dev, &fl6);
437 if (IS_ERR(dst)) {
438 kfree_skb(skb);
439 return;
440 }
441
442 skb_dst_set(skb, dst);
443 }
444
445 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
446 IPPROTO_ICMPV6,
447 csum_partial(icmp6h,
448 skb->len, 0));
449
450 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
451
452 rcu_read_lock();
453 idev = __in6_dev_get(dst->dev);
454 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
455
456 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
457 dst_output);
458 if (!err) {
459 ICMP6MSGOUT_INC_STATS(net, idev, type);
460 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
461 }
462
463 rcu_read_unlock();
464 }
465
466 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
467 const struct in6_addr *daddr,
468 const struct in6_addr *solicited_addr,
469 bool router, bool solicited, bool override, bool inc_opt)
470 {
471 struct sk_buff *skb;
472 struct in6_addr tmpaddr;
473 struct inet6_ifaddr *ifp;
474 const struct in6_addr *src_addr;
475 struct nd_msg *msg;
476 int optlen = 0;
477
478 /* for anycast or proxy, solicited_addr != src_addr */
479 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
480 if (ifp) {
481 src_addr = solicited_addr;
482 if (ifp->flags & IFA_F_OPTIMISTIC)
483 override = false;
484 inc_opt |= ifp->idev->cnf.force_tllao;
485 in6_ifa_put(ifp);
486 } else {
487 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
488 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
489 &tmpaddr))
490 return;
491 src_addr = &tmpaddr;
492 }
493
494 if (!dev->addr_len)
495 inc_opt = 0;
496 if (inc_opt)
497 optlen += ndisc_opt_addr_space(dev);
498
499 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
500 if (!skb)
501 return;
502
503 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
504 *msg = (struct nd_msg) {
505 .icmph = {
506 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
507 .icmp6_router = router,
508 .icmp6_solicited = solicited,
509 .icmp6_override = override,
510 },
511 .target = *solicited_addr,
512 };
513
514 if (inc_opt)
515 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
516 dev->dev_addr);
517
518
519 ndisc_send_skb(skb, daddr, src_addr);
520 }
521
522 static void ndisc_send_unsol_na(struct net_device *dev)
523 {
524 struct inet6_dev *idev;
525 struct inet6_ifaddr *ifa;
526
527 idev = in6_dev_get(dev);
528 if (!idev)
529 return;
530
531 read_lock_bh(&idev->lock);
532 list_for_each_entry(ifa, &idev->addr_list, if_list) {
533 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
534 /*router=*/ !!idev->cnf.forwarding,
535 /*solicited=*/ false, /*override=*/ true,
536 /*inc_opt=*/ true);
537 }
538 read_unlock_bh(&idev->lock);
539
540 in6_dev_put(idev);
541 }
542
543 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
544 const struct in6_addr *solicit,
545 const struct in6_addr *daddr, const struct in6_addr *saddr)
546 {
547 struct sk_buff *skb;
548 struct in6_addr addr_buf;
549 int inc_opt = dev->addr_len;
550 int optlen = 0;
551 struct nd_msg *msg;
552
553 if (saddr == NULL) {
554 if (ipv6_get_lladdr(dev, &addr_buf,
555 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
556 return;
557 saddr = &addr_buf;
558 }
559
560 if (ipv6_addr_any(saddr))
561 inc_opt = false;
562 if (inc_opt)
563 optlen += ndisc_opt_addr_space(dev);
564
565 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
566 if (!skb)
567 return;
568
569 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
570 *msg = (struct nd_msg) {
571 .icmph = {
572 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
573 },
574 .target = *solicit,
575 };
576
577 if (inc_opt)
578 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
579 dev->dev_addr);
580
581 ndisc_send_skb(skb, daddr, saddr);
582 }
583
584 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
585 const struct in6_addr *daddr)
586 {
587 struct sk_buff *skb;
588 struct rs_msg *msg;
589 int send_sllao = dev->addr_len;
590 int optlen = 0;
591
592 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
593 /*
594 * According to section 2.2 of RFC 4429, we must not
595 * send router solicitations with a sllao from
596 * optimistic addresses, but we may send the solicitation
597 * if we don't include the sllao. So here we check
598 * if our address is optimistic, and if so, we
599 * suppress the inclusion of the sllao.
600 */
601 if (send_sllao) {
602 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
603 dev, 1);
604 if (ifp) {
605 if (ifp->flags & IFA_F_OPTIMISTIC) {
606 send_sllao = 0;
607 }
608 in6_ifa_put(ifp);
609 } else {
610 send_sllao = 0;
611 }
612 }
613 #endif
614 if (send_sllao)
615 optlen += ndisc_opt_addr_space(dev);
616
617 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
618 if (!skb)
619 return;
620
621 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
622 *msg = (struct rs_msg) {
623 .icmph = {
624 .icmp6_type = NDISC_ROUTER_SOLICITATION,
625 },
626 };
627
628 if (send_sllao)
629 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
630 dev->dev_addr);
631
632 ndisc_send_skb(skb, daddr, saddr);
633 }
634
635
636 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
637 {
638 /*
639 * "The sender MUST return an ICMP
640 * destination unreachable"
641 */
642 dst_link_failure(skb);
643 kfree_skb(skb);
644 }
645
646 /* Called with locked neigh: either read or both */
647
648 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
649 {
650 struct in6_addr *saddr = NULL;
651 struct in6_addr mcaddr;
652 struct net_device *dev = neigh->dev;
653 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
654 int probes = atomic_read(&neigh->probes);
655
656 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
657 saddr = &ipv6_hdr(skb)->saddr;
658
659 if ((probes -= neigh->parms->ucast_probes) < 0) {
660 if (!(neigh->nud_state & NUD_VALID)) {
661 ND_PRINTK(1, dbg,
662 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
663 __func__, target);
664 }
665 ndisc_send_ns(dev, neigh, target, target, saddr);
666 } else if ((probes -= neigh->parms->app_probes) < 0) {
667 neigh_app_ns(neigh);
668 } else {
669 addrconf_addr_solict_mult(target, &mcaddr);
670 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
671 }
672 }
673
674 static int pndisc_is_router(const void *pkey,
675 struct net_device *dev)
676 {
677 struct pneigh_entry *n;
678 int ret = -1;
679
680 read_lock_bh(&nd_tbl.lock);
681 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
682 if (n)
683 ret = !!(n->flags & NTF_ROUTER);
684 read_unlock_bh(&nd_tbl.lock);
685
686 return ret;
687 }
688
689 static void ndisc_recv_ns(struct sk_buff *skb)
690 {
691 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
692 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
693 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
694 u8 *lladdr = NULL;
695 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
696 offsetof(struct nd_msg, opt));
697 struct ndisc_options ndopts;
698 struct net_device *dev = skb->dev;
699 struct inet6_ifaddr *ifp;
700 struct inet6_dev *idev = NULL;
701 struct neighbour *neigh;
702 int dad = ipv6_addr_any(saddr);
703 bool inc;
704 int is_router = -1;
705
706 if (skb->len < sizeof(struct nd_msg)) {
707 ND_PRINTK(2, warn, "NS: packet too short\n");
708 return;
709 }
710
711 if (ipv6_addr_is_multicast(&msg->target)) {
712 ND_PRINTK(2, warn, "NS: multicast target address\n");
713 return;
714 }
715
716 /*
717 * RFC2461 7.1.1:
718 * DAD has to be destined for solicited node multicast address.
719 */
720 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
721 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
722 return;
723 }
724
725 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
726 ND_PRINTK(2, warn, "NS: invalid ND options\n");
727 return;
728 }
729
730 if (ndopts.nd_opts_src_lladdr) {
731 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
732 if (!lladdr) {
733 ND_PRINTK(2, warn,
734 "NS: invalid link-layer address length\n");
735 return;
736 }
737
738 /* RFC2461 7.1.1:
739 * If the IP source address is the unspecified address,
740 * there MUST NOT be source link-layer address option
741 * in the message.
742 */
743 if (dad) {
744 ND_PRINTK(2, warn,
745 "NS: bad DAD packet (link-layer address option)\n");
746 return;
747 }
748 }
749
750 inc = ipv6_addr_is_multicast(daddr);
751
752 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
753 if (ifp) {
754
755 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
756 if (dad) {
757 /*
758 * We are colliding with another node
759 * who is doing DAD
760 * so fail our DAD process
761 */
762 addrconf_dad_failure(ifp);
763 return;
764 } else {
765 /*
766 * This is not a dad solicitation.
767 * If we are an optimistic node,
768 * we should respond.
769 * Otherwise, we should ignore it.
770 */
771 if (!(ifp->flags & IFA_F_OPTIMISTIC))
772 goto out;
773 }
774 }
775
776 idev = ifp->idev;
777 } else {
778 struct net *net = dev_net(dev);
779
780 idev = in6_dev_get(dev);
781 if (!idev) {
782 /* XXX: count this drop? */
783 return;
784 }
785
786 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
787 (idev->cnf.forwarding &&
788 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
789 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
790 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
791 skb->pkt_type != PACKET_HOST &&
792 inc &&
793 idev->nd_parms->proxy_delay != 0) {
794 /*
795 * for anycast or proxy,
796 * sender should delay its response
797 * by a random time between 0 and
798 * MAX_ANYCAST_DELAY_TIME seconds.
799 * (RFC2461) -- yoshfuji
800 */
801 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
802 if (n)
803 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
804 goto out;
805 }
806 } else
807 goto out;
808 }
809
810 if (is_router < 0)
811 is_router = idev->cnf.forwarding;
812
813 if (dad) {
814 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
815 !!is_router, false, (ifp != NULL), true);
816 goto out;
817 }
818
819 if (inc)
820 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
821 else
822 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
823
824 /*
825 * update / create cache entry
826 * for the source address
827 */
828 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
829 !inc || lladdr || !dev->addr_len);
830 if (neigh)
831 neigh_update(neigh, lladdr, NUD_STALE,
832 NEIGH_UPDATE_F_WEAK_OVERRIDE|
833 NEIGH_UPDATE_F_OVERRIDE);
834 if (neigh || !dev->header_ops) {
835 ndisc_send_na(dev, neigh, saddr, &msg->target,
836 !!is_router,
837 true, (ifp != NULL && inc), inc);
838 if (neigh)
839 neigh_release(neigh);
840 }
841
842 out:
843 if (ifp)
844 in6_ifa_put(ifp);
845 else
846 in6_dev_put(idev);
847 }
848
849 static void ndisc_recv_na(struct sk_buff *skb)
850 {
851 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
852 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
853 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
854 u8 *lladdr = NULL;
855 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
856 offsetof(struct nd_msg, opt));
857 struct ndisc_options ndopts;
858 struct net_device *dev = skb->dev;
859 struct inet6_ifaddr *ifp;
860 struct neighbour *neigh;
861
862 if (skb->len < sizeof(struct nd_msg)) {
863 ND_PRINTK(2, warn, "NA: packet too short\n");
864 return;
865 }
866
867 if (ipv6_addr_is_multicast(&msg->target)) {
868 ND_PRINTK(2, warn, "NA: target address is multicast\n");
869 return;
870 }
871
872 if (ipv6_addr_is_multicast(daddr) &&
873 msg->icmph.icmp6_solicited) {
874 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
875 return;
876 }
877
878 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
879 ND_PRINTK(2, warn, "NS: invalid ND option\n");
880 return;
881 }
882 if (ndopts.nd_opts_tgt_lladdr) {
883 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
884 if (!lladdr) {
885 ND_PRINTK(2, warn,
886 "NA: invalid link-layer address length\n");
887 return;
888 }
889 }
890 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
891 if (ifp) {
892 if (skb->pkt_type != PACKET_LOOPBACK
893 && (ifp->flags & IFA_F_TENTATIVE)) {
894 addrconf_dad_failure(ifp);
895 return;
896 }
897 /* What should we make now? The advertisement
898 is invalid, but ndisc specs say nothing
899 about it. It could be misconfiguration, or
900 an smart proxy agent tries to help us :-)
901
902 We should not print the error if NA has been
903 received from loopback - it is just our own
904 unsolicited advertisement.
905 */
906 if (skb->pkt_type != PACKET_LOOPBACK)
907 ND_PRINTK(1, warn,
908 "NA: someone advertises our address %pI6 on %s!\n",
909 &ifp->addr, ifp->idev->dev->name);
910 in6_ifa_put(ifp);
911 return;
912 }
913 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
914
915 if (neigh) {
916 u8 old_flags = neigh->flags;
917 struct net *net = dev_net(dev);
918
919 if (neigh->nud_state & NUD_FAILED)
920 goto out;
921
922 /*
923 * Don't update the neighbor cache entry on a proxy NA from
924 * ourselves because either the proxied node is off link or it
925 * has already sent a NA to us.
926 */
927 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
928 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
929 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
930 /* XXX: idev->cnf.proxy_ndp */
931 goto out;
932 }
933
934 neigh_update(neigh, lladdr,
935 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
936 NEIGH_UPDATE_F_WEAK_OVERRIDE|
937 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
938 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
939 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
940
941 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
942 /*
943 * Change: router to host
944 */
945 struct rt6_info *rt;
946 rt = rt6_get_dflt_router(saddr, dev);
947 if (rt)
948 ip6_del_rt(rt);
949 }
950
951 out:
952 neigh_release(neigh);
953 }
954 }
955
956 static void ndisc_recv_rs(struct sk_buff *skb)
957 {
958 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
959 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
960 struct neighbour *neigh;
961 struct inet6_dev *idev;
962 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
963 struct ndisc_options ndopts;
964 u8 *lladdr = NULL;
965
966 if (skb->len < sizeof(*rs_msg))
967 return;
968
969 idev = __in6_dev_get(skb->dev);
970 if (!idev) {
971 ND_PRINTK(1, err, "RS: can't find in6 device\n");
972 return;
973 }
974
975 /* Don't accept RS if we're not in router mode */
976 if (!idev->cnf.forwarding)
977 goto out;
978
979 /*
980 * Don't update NCE if src = ::;
981 * this implies that the source node has no ip address assigned yet.
982 */
983 if (ipv6_addr_any(saddr))
984 goto out;
985
986 /* Parse ND options */
987 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
988 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
989 goto out;
990 }
991
992 if (ndopts.nd_opts_src_lladdr) {
993 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
994 skb->dev);
995 if (!lladdr)
996 goto out;
997 }
998
999 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1000 if (neigh) {
1001 neigh_update(neigh, lladdr, NUD_STALE,
1002 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1003 NEIGH_UPDATE_F_OVERRIDE|
1004 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1005 neigh_release(neigh);
1006 }
1007 out:
1008 return;
1009 }
1010
1011 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1012 {
1013 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1014 struct sk_buff *skb;
1015 struct nlmsghdr *nlh;
1016 struct nduseroptmsg *ndmsg;
1017 struct net *net = dev_net(ra->dev);
1018 int err;
1019 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1020 + (opt->nd_opt_len << 3));
1021 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1022
1023 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1024 if (skb == NULL) {
1025 err = -ENOBUFS;
1026 goto errout;
1027 }
1028
1029 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1030 if (nlh == NULL) {
1031 goto nla_put_failure;
1032 }
1033
1034 ndmsg = nlmsg_data(nlh);
1035 ndmsg->nduseropt_family = AF_INET6;
1036 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1037 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1038 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1039 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1040
1041 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1042
1043 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1044 &ipv6_hdr(ra)->saddr))
1045 goto nla_put_failure;
1046 nlmsg_end(skb, nlh);
1047
1048 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1049 return;
1050
1051 nla_put_failure:
1052 nlmsg_free(skb);
1053 err = -EMSGSIZE;
1054 errout:
1055 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1056 }
1057
1058 static void ndisc_router_discovery(struct sk_buff *skb)
1059 {
1060 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1061 struct neighbour *neigh = NULL;
1062 struct inet6_dev *in6_dev;
1063 struct rt6_info *rt = NULL;
1064 int lifetime;
1065 struct ndisc_options ndopts;
1066 int optlen;
1067 unsigned int pref = 0;
1068
1069 __u8 * opt = (__u8 *)(ra_msg + 1);
1070
1071 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1072 sizeof(struct ra_msg);
1073
1074 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1075 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1076 return;
1077 }
1078 if (optlen < 0) {
1079 ND_PRINTK(2, warn, "RA: packet too short\n");
1080 return;
1081 }
1082
1083 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1084 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1085 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1086 return;
1087 }
1088 #endif
1089
1090 /*
1091 * set the RA_RECV flag in the interface
1092 */
1093
1094 in6_dev = __in6_dev_get(skb->dev);
1095 if (in6_dev == NULL) {
1096 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1097 skb->dev->name);
1098 return;
1099 }
1100
1101 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1102 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1103 return;
1104 }
1105
1106 if (!ipv6_accept_ra(in6_dev))
1107 goto skip_linkparms;
1108
1109 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1110 /* skip link-specific parameters from interior routers */
1111 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1112 goto skip_linkparms;
1113 #endif
1114
1115 if (in6_dev->if_flags & IF_RS_SENT) {
1116 /*
1117 * flag that an RA was received after an RS was sent
1118 * out on this interface.
1119 */
1120 in6_dev->if_flags |= IF_RA_RCVD;
1121 }
1122
1123 /*
1124 * Remember the managed/otherconf flags from most recently
1125 * received RA message (RFC 2462) -- yoshfuji
1126 */
1127 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1128 IF_RA_OTHERCONF)) |
1129 (ra_msg->icmph.icmp6_addrconf_managed ?
1130 IF_RA_MANAGED : 0) |
1131 (ra_msg->icmph.icmp6_addrconf_other ?
1132 IF_RA_OTHERCONF : 0);
1133
1134 if (!in6_dev->cnf.accept_ra_defrtr)
1135 goto skip_defrtr;
1136
1137 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1138 goto skip_defrtr;
1139
1140 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1141
1142 #ifdef CONFIG_IPV6_ROUTER_PREF
1143 pref = ra_msg->icmph.icmp6_router_pref;
1144 /* 10b is handled as if it were 00b (medium) */
1145 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1146 !in6_dev->cnf.accept_ra_rtr_pref)
1147 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1148 #endif
1149
1150 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1151
1152 if (rt) {
1153 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1154 if (!neigh) {
1155 ND_PRINTK(0, err,
1156 "RA: %s got default router without neighbour\n",
1157 __func__);
1158 ip6_rt_put(rt);
1159 return;
1160 }
1161 }
1162 if (rt && lifetime == 0) {
1163 ip6_del_rt(rt);
1164 rt = NULL;
1165 }
1166
1167 if (rt == NULL && lifetime) {
1168 ND_PRINTK(3, dbg, "RA: adding default router\n");
1169
1170 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1171 if (rt == NULL) {
1172 ND_PRINTK(0, err,
1173 "RA: %s failed to add default route\n",
1174 __func__);
1175 return;
1176 }
1177
1178 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1179 if (neigh == NULL) {
1180 ND_PRINTK(0, err,
1181 "RA: %s got default router without neighbour\n",
1182 __func__);
1183 ip6_rt_put(rt);
1184 return;
1185 }
1186 neigh->flags |= NTF_ROUTER;
1187 } else if (rt) {
1188 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1189 }
1190
1191 if (rt)
1192 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1193 if (ra_msg->icmph.icmp6_hop_limit) {
1194 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1195 if (rt)
1196 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1197 ra_msg->icmph.icmp6_hop_limit);
1198 }
1199
1200 skip_defrtr:
1201
1202 /*
1203 * Update Reachable Time and Retrans Timer
1204 */
1205
1206 if (in6_dev->nd_parms) {
1207 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1208
1209 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1210 rtime = (rtime*HZ)/1000;
1211 if (rtime < HZ/10)
1212 rtime = HZ/10;
1213 in6_dev->nd_parms->retrans_time = rtime;
1214 in6_dev->tstamp = jiffies;
1215 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1216 }
1217
1218 rtime = ntohl(ra_msg->reachable_time);
1219 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1220 rtime = (rtime*HZ)/1000;
1221
1222 if (rtime < HZ/10)
1223 rtime = HZ/10;
1224
1225 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1226 in6_dev->nd_parms->base_reachable_time = rtime;
1227 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1228 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1229 in6_dev->tstamp = jiffies;
1230 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1231 }
1232 }
1233 }
1234
1235 skip_linkparms:
1236
1237 /*
1238 * Process options.
1239 */
1240
1241 if (!neigh)
1242 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1243 skb->dev, 1);
1244 if (neigh) {
1245 u8 *lladdr = NULL;
1246 if (ndopts.nd_opts_src_lladdr) {
1247 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1248 skb->dev);
1249 if (!lladdr) {
1250 ND_PRINTK(2, warn,
1251 "RA: invalid link-layer address length\n");
1252 goto out;
1253 }
1254 }
1255 neigh_update(neigh, lladdr, NUD_STALE,
1256 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1257 NEIGH_UPDATE_F_OVERRIDE|
1258 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1259 NEIGH_UPDATE_F_ISROUTER);
1260 }
1261
1262 if (!ipv6_accept_ra(in6_dev))
1263 goto out;
1264
1265 #ifdef CONFIG_IPV6_ROUTE_INFO
1266 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1267 goto skip_routeinfo;
1268
1269 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1270 struct nd_opt_hdr *p;
1271 for (p = ndopts.nd_opts_ri;
1272 p;
1273 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1274 struct route_info *ri = (struct route_info *)p;
1275 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1276 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1277 ri->prefix_len == 0)
1278 continue;
1279 #endif
1280 if (ri->prefix_len == 0 &&
1281 !in6_dev->cnf.accept_ra_defrtr)
1282 continue;
1283 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1284 continue;
1285 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1286 &ipv6_hdr(skb)->saddr);
1287 }
1288 }
1289
1290 skip_routeinfo:
1291 #endif
1292
1293 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1294 /* skip link-specific ndopts from interior routers */
1295 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1296 goto out;
1297 #endif
1298
1299 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1300 struct nd_opt_hdr *p;
1301 for (p = ndopts.nd_opts_pi;
1302 p;
1303 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1304 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1305 (p->nd_opt_len) << 3,
1306 ndopts.nd_opts_src_lladdr != NULL);
1307 }
1308 }
1309
1310 if (ndopts.nd_opts_mtu) {
1311 __be32 n;
1312 u32 mtu;
1313
1314 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1315 mtu = ntohl(n);
1316
1317 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1318 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1319 } else if (in6_dev->cnf.mtu6 != mtu) {
1320 in6_dev->cnf.mtu6 = mtu;
1321
1322 if (rt)
1323 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1324
1325 rt6_mtu_change(skb->dev, mtu);
1326 }
1327 }
1328
1329 if (ndopts.nd_useropts) {
1330 struct nd_opt_hdr *p;
1331 for (p = ndopts.nd_useropts;
1332 p;
1333 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1334 ndisc_ra_useropt(skb, p);
1335 }
1336 }
1337
1338 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1339 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1340 }
1341 out:
1342 ip6_rt_put(rt);
1343 if (neigh)
1344 neigh_release(neigh);
1345 }
1346
1347 static void ndisc_redirect_rcv(struct sk_buff *skb)
1348 {
1349 u8 *hdr;
1350 struct ndisc_options ndopts;
1351 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1352 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1353 offsetof(struct rd_msg, opt));
1354
1355 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1356 switch (skb->ndisc_nodetype) {
1357 case NDISC_NODETYPE_HOST:
1358 case NDISC_NODETYPE_NODEFAULT:
1359 ND_PRINTK(2, warn,
1360 "Redirect: from host or unauthorized router\n");
1361 return;
1362 }
1363 #endif
1364
1365 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1366 ND_PRINTK(2, warn,
1367 "Redirect: source address is not link-local\n");
1368 return;
1369 }
1370
1371 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1372 return;
1373
1374 if (!ndopts.nd_opts_rh) {
1375 ip6_redirect_no_header(skb, dev_net(skb->dev),
1376 skb->dev->ifindex, 0);
1377 return;
1378 }
1379
1380 hdr = (u8 *)ndopts.nd_opts_rh;
1381 hdr += 8;
1382 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1383 return;
1384
1385 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1386 }
1387
1388 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1389 struct sk_buff *orig_skb,
1390 int rd_len)
1391 {
1392 u8 *opt = skb_put(skb, rd_len);
1393
1394 memset(opt, 0, 8);
1395 *(opt++) = ND_OPT_REDIRECT_HDR;
1396 *(opt++) = (rd_len >> 3);
1397 opt += 6;
1398
1399 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1400 }
1401
1402 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1403 {
1404 struct net_device *dev = skb->dev;
1405 struct net *net = dev_net(dev);
1406 struct sock *sk = net->ipv6.ndisc_sk;
1407 int optlen = 0;
1408 struct inet_peer *peer;
1409 struct sk_buff *buff;
1410 struct rd_msg *msg;
1411 struct in6_addr saddr_buf;
1412 struct rt6_info *rt;
1413 struct dst_entry *dst;
1414 struct flowi6 fl6;
1415 int rd_len;
1416 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1417 bool ret;
1418
1419 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1420 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1421 dev->name);
1422 return;
1423 }
1424
1425 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1426 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1427 ND_PRINTK(2, warn,
1428 "Redirect: target address is not link-local unicast\n");
1429 return;
1430 }
1431
1432 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1433 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1434
1435 dst = ip6_route_output(net, NULL, &fl6);
1436 if (dst->error) {
1437 dst_release(dst);
1438 return;
1439 }
1440 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1441 if (IS_ERR(dst))
1442 return;
1443
1444 rt = (struct rt6_info *) dst;
1445
1446 if (rt->rt6i_flags & RTF_GATEWAY) {
1447 ND_PRINTK(2, warn,
1448 "Redirect: destination is not a neighbour\n");
1449 goto release;
1450 }
1451 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1452 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1453 if (peer)
1454 inet_putpeer(peer);
1455 if (!ret)
1456 goto release;
1457
1458 if (dev->addr_len) {
1459 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1460 if (!neigh) {
1461 ND_PRINTK(2, warn,
1462 "Redirect: no neigh for target address\n");
1463 goto release;
1464 }
1465
1466 read_lock_bh(&neigh->lock);
1467 if (neigh->nud_state & NUD_VALID) {
1468 memcpy(ha_buf, neigh->ha, dev->addr_len);
1469 read_unlock_bh(&neigh->lock);
1470 ha = ha_buf;
1471 optlen += ndisc_opt_addr_space(dev);
1472 } else
1473 read_unlock_bh(&neigh->lock);
1474
1475 neigh_release(neigh);
1476 }
1477
1478 rd_len = min_t(unsigned int,
1479 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1480 skb->len + 8);
1481 rd_len &= ~0x7;
1482 optlen += rd_len;
1483
1484 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1485 if (!buff)
1486 goto release;
1487
1488 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1489 *msg = (struct rd_msg) {
1490 .icmph = {
1491 .icmp6_type = NDISC_REDIRECT,
1492 },
1493 .target = *target,
1494 .dest = ipv6_hdr(skb)->daddr,
1495 };
1496
1497 /*
1498 * include target_address option
1499 */
1500
1501 if (ha)
1502 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1503
1504 /*
1505 * build redirect option and copy skb over to the new packet.
1506 */
1507
1508 if (rd_len)
1509 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1510
1511 skb_dst_set(buff, dst);
1512 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1513 return;
1514
1515 release:
1516 dst_release(dst);
1517 }
1518
1519 static void pndisc_redo(struct sk_buff *skb)
1520 {
1521 ndisc_recv_ns(skb);
1522 kfree_skb(skb);
1523 }
1524
1525 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1526 {
1527 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1528
1529 if (!idev)
1530 return true;
1531 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1532 idev->cnf.suppress_frag_ndisc) {
1533 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1534 return true;
1535 }
1536 return false;
1537 }
1538
1539 int ndisc_rcv(struct sk_buff *skb)
1540 {
1541 struct nd_msg *msg;
1542
1543 if (ndisc_suppress_frag_ndisc(skb))
1544 return 0;
1545
1546 if (skb_linearize(skb))
1547 return 0;
1548
1549 msg = (struct nd_msg *)skb_transport_header(skb);
1550
1551 __skb_push(skb, skb->data - skb_transport_header(skb));
1552
1553 if (ipv6_hdr(skb)->hop_limit != 255) {
1554 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1555 ipv6_hdr(skb)->hop_limit);
1556 return 0;
1557 }
1558
1559 if (msg->icmph.icmp6_code != 0) {
1560 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1561 msg->icmph.icmp6_code);
1562 return 0;
1563 }
1564
1565 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1566
1567 switch (msg->icmph.icmp6_type) {
1568 case NDISC_NEIGHBOUR_SOLICITATION:
1569 ndisc_recv_ns(skb);
1570 break;
1571
1572 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1573 ndisc_recv_na(skb);
1574 break;
1575
1576 case NDISC_ROUTER_SOLICITATION:
1577 ndisc_recv_rs(skb);
1578 break;
1579
1580 case NDISC_ROUTER_ADVERTISEMENT:
1581 ndisc_router_discovery(skb);
1582 break;
1583
1584 case NDISC_REDIRECT:
1585 ndisc_redirect_rcv(skb);
1586 break;
1587 }
1588
1589 return 0;
1590 }
1591
1592 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1593 {
1594 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1595 struct net *net = dev_net(dev);
1596 struct inet6_dev *idev;
1597
1598 switch (event) {
1599 case NETDEV_CHANGEADDR:
1600 neigh_changeaddr(&nd_tbl, dev);
1601 fib6_run_gc(0, net, false);
1602 idev = in6_dev_get(dev);
1603 if (!idev)
1604 break;
1605 if (idev->cnf.ndisc_notify)
1606 ndisc_send_unsol_na(dev);
1607 in6_dev_put(idev);
1608 break;
1609 case NETDEV_DOWN:
1610 neigh_ifdown(&nd_tbl, dev);
1611 fib6_run_gc(0, net, false);
1612 break;
1613 case NETDEV_NOTIFY_PEERS:
1614 ndisc_send_unsol_na(dev);
1615 break;
1616 default:
1617 break;
1618 }
1619
1620 return NOTIFY_DONE;
1621 }
1622
1623 static struct notifier_block ndisc_netdev_notifier = {
1624 .notifier_call = ndisc_netdev_event,
1625 };
1626
1627 #ifdef CONFIG_SYSCTL
1628 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1629 const char *func, const char *dev_name)
1630 {
1631 static char warncomm[TASK_COMM_LEN];
1632 static int warned;
1633 if (strcmp(warncomm, current->comm) && warned < 5) {
1634 strcpy(warncomm, current->comm);
1635 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1636 warncomm, func,
1637 dev_name, ctl->procname,
1638 dev_name, ctl->procname);
1639 warned++;
1640 }
1641 }
1642
1643 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1644 {
1645 struct net_device *dev = ctl->extra1;
1646 struct inet6_dev *idev;
1647 int ret;
1648
1649 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1650 (strcmp(ctl->procname, "base_reachable_time") == 0))
1651 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1652
1653 if (strcmp(ctl->procname, "retrans_time") == 0)
1654 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1655
1656 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1657 ret = proc_dointvec_jiffies(ctl, write,
1658 buffer, lenp, ppos);
1659
1660 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1661 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1662 ret = proc_dointvec_ms_jiffies(ctl, write,
1663 buffer, lenp, ppos);
1664 else
1665 ret = -1;
1666
1667 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1668 if (ctl->data == &idev->nd_parms->base_reachable_time)
1669 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1670 idev->tstamp = jiffies;
1671 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1672 in6_dev_put(idev);
1673 }
1674 return ret;
1675 }
1676
1677
1678 #endif
1679
1680 static int __net_init ndisc_net_init(struct net *net)
1681 {
1682 struct ipv6_pinfo *np;
1683 struct sock *sk;
1684 int err;
1685
1686 err = inet_ctl_sock_create(&sk, PF_INET6,
1687 SOCK_RAW, IPPROTO_ICMPV6, net);
1688 if (err < 0) {
1689 ND_PRINTK(0, err,
1690 "NDISC: Failed to initialize the control socket (err %d)\n",
1691 err);
1692 return err;
1693 }
1694
1695 net->ipv6.ndisc_sk = sk;
1696
1697 np = inet6_sk(sk);
1698 np->hop_limit = 255;
1699 /* Do not loopback ndisc messages */
1700 np->mc_loop = 0;
1701
1702 return 0;
1703 }
1704
1705 static void __net_exit ndisc_net_exit(struct net *net)
1706 {
1707 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1708 }
1709
1710 static struct pernet_operations ndisc_net_ops = {
1711 .init = ndisc_net_init,
1712 .exit = ndisc_net_exit,
1713 };
1714
1715 int __init ndisc_init(void)
1716 {
1717 int err;
1718
1719 err = register_pernet_subsys(&ndisc_net_ops);
1720 if (err)
1721 return err;
1722 /*
1723 * Initialize the neighbour table
1724 */
1725 neigh_table_init(&nd_tbl);
1726
1727 #ifdef CONFIG_SYSCTL
1728 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1729 &ndisc_ifinfo_sysctl_change);
1730 if (err)
1731 goto out_unregister_pernet;
1732 out:
1733 #endif
1734 return err;
1735
1736 #ifdef CONFIG_SYSCTL
1737 out_unregister_pernet:
1738 unregister_pernet_subsys(&ndisc_net_ops);
1739 goto out;
1740 #endif
1741 }
1742
1743 int __init ndisc_late_init(void)
1744 {
1745 return register_netdevice_notifier(&ndisc_netdev_notifier);
1746 }
1747
1748 void ndisc_late_cleanup(void)
1749 {
1750 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1751 }
1752
1753 void ndisc_cleanup(void)
1754 {
1755 #ifdef CONFIG_SYSCTL
1756 neigh_sysctl_unregister(&nd_tbl.parms);
1757 #endif
1758 neigh_table_clear(&nd_tbl);
1759 unregister_pernet_subsys(&ndisc_net_ops);
1760 }
Linux kernel - Deliverables
This page took 0.10592 seconds and 5 git commands to generate.