projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
netfilter: Pass struct net into the netfilter hooks
[deliverable/linux.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
88 static int ndisc_constructor(struct neighbour *neigh);
89 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
90 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
91 static int pndisc_constructor(struct pneigh_entry *n);
92 static void pndisc_destructor(struct pneigh_entry *n);
93 static void pndisc_redo(struct sk_buff *skb);
94
95 static const struct neigh_ops ndisc_generic_ops = {
96 .family = AF_INET6,
97 .solicit = ndisc_solicit,
98 .error_report = ndisc_error_report,
99 .output = neigh_resolve_output,
100 .connected_output = neigh_connected_output,
101 };
102
103 static const struct neigh_ops ndisc_hh_ops = {
104 .family = AF_INET6,
105 .solicit = ndisc_solicit,
106 .error_report = ndisc_error_report,
107 .output = neigh_resolve_output,
108 .connected_output = neigh_resolve_output,
109 };
110
111
112 static const struct neigh_ops ndisc_direct_ops = {
113 .family = AF_INET6,
114 .output = neigh_direct_output,
115 .connected_output = neigh_direct_output,
116 };
117
118 struct neigh_table nd_tbl = {
119 .family = AF_INET6,
120 .key_len = sizeof(struct in6_addr),
121 .protocol = cpu_to_be16(ETH_P_IPV6),
122 .hash = ndisc_hash,
123 .key_eq = ndisc_key_eq,
124 .constructor = ndisc_constructor,
125 .pconstructor = pndisc_constructor,
126 .pdestructor = pndisc_destructor,
127 .proxy_redo = pndisc_redo,
128 .id = "ndisc_cache",
129 .parms = {
130 .tbl = &nd_tbl,
131 .reachable_time = ND_REACHABLE_TIME,
132 .data = {
133 [NEIGH_VAR_MCAST_PROBES] = 3,
134 [NEIGH_VAR_UCAST_PROBES] = 3,
135 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
136 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
137 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
138 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
139 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
140 [NEIGH_VAR_PROXY_QLEN] = 64,
141 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
142 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
143 },
144 },
145 .gc_interval = 30 * HZ,
146 .gc_thresh1 = 128,
147 .gc_thresh2 = 512,
148 .gc_thresh3 = 1024,
149 };
150
151 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
152 {
153 int pad = ndisc_addr_option_pad(skb->dev->type);
154 int data_len = skb->dev->addr_len;
155 int space = ndisc_opt_addr_space(skb->dev);
156 u8 *opt = skb_put(skb, space);
157
158 opt[0] = type;
159 opt[1] = space>>3;
160
161 memset(opt + 2, 0, pad);
162 opt += pad;
163 space -= pad;
164
165 memcpy(opt+2, data, data_len);
166 data_len += 2;
167 opt += data_len;
168 space -= data_len;
169 if (space > 0)
170 memset(opt, 0, space);
171 }
172
173 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
174 struct nd_opt_hdr *end)
175 {
176 int type;
177 if (!cur || !end || cur >= end)
178 return NULL;
179 type = cur->nd_opt_type;
180 do {
181 cur = ((void *)cur) + (cur->nd_opt_len << 3);
182 } while (cur < end && cur->nd_opt_type != type);
183 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
184 }
185
186 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
187 {
188 return opt->nd_opt_type == ND_OPT_RDNSS ||
189 opt->nd_opt_type == ND_OPT_DNSSL;
190 }
191
192 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
193 struct nd_opt_hdr *end)
194 {
195 if (!cur || !end || cur >= end)
196 return NULL;
197 do {
198 cur = ((void *)cur) + (cur->nd_opt_len << 3);
199 } while (cur < end && !ndisc_is_useropt(cur));
200 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
201 }
202
203 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
204 struct ndisc_options *ndopts)
205 {
206 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
207
208 if (!nd_opt || opt_len < 0 || !ndopts)
209 return NULL;
210 memset(ndopts, 0, sizeof(*ndopts));
211 while (opt_len) {
212 int l;
213 if (opt_len < sizeof(struct nd_opt_hdr))
214 return NULL;
215 l = nd_opt->nd_opt_len << 3;
216 if (opt_len < l || l == 0)
217 return NULL;
218 switch (nd_opt->nd_opt_type) {
219 case ND_OPT_SOURCE_LL_ADDR:
220 case ND_OPT_TARGET_LL_ADDR:
221 case ND_OPT_MTU:
222 case ND_OPT_REDIRECT_HDR:
223 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
224 ND_PRINTK(2, warn,
225 "%s: duplicated ND6 option found: type=%d\n",
226 __func__, nd_opt->nd_opt_type);
227 } else {
228 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
229 }
230 break;
231 case ND_OPT_PREFIX_INFO:
232 ndopts->nd_opts_pi_end = nd_opt;
233 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
234 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
235 break;
236 #ifdef CONFIG_IPV6_ROUTE_INFO
237 case ND_OPT_ROUTE_INFO:
238 ndopts->nd_opts_ri_end = nd_opt;
239 if (!ndopts->nd_opts_ri)
240 ndopts->nd_opts_ri = nd_opt;
241 break;
242 #endif
243 default:
244 if (ndisc_is_useropt(nd_opt)) {
245 ndopts->nd_useropts_end = nd_opt;
246 if (!ndopts->nd_useropts)
247 ndopts->nd_useropts = nd_opt;
248 } else {
249 /*
250 * Unknown options must be silently ignored,
251 * to accommodate future extension to the
252 * protocol.
253 */
254 ND_PRINTK(2, notice,
255 "%s: ignored unsupported option; type=%d, len=%d\n",
256 __func__,
257 nd_opt->nd_opt_type,
258 nd_opt->nd_opt_len);
259 }
260 }
261 opt_len -= l;
262 nd_opt = ((void *)nd_opt) + l;
263 }
264 return ndopts;
265 }
266
267 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
268 {
269 switch (dev->type) {
270 case ARPHRD_ETHER:
271 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
272 case ARPHRD_FDDI:
273 ipv6_eth_mc_map(addr, buf);
274 return 0;
275 case ARPHRD_ARCNET:
276 ipv6_arcnet_mc_map(addr, buf);
277 return 0;
278 case ARPHRD_INFINIBAND:
279 ipv6_ib_mc_map(addr, dev->broadcast, buf);
280 return 0;
281 case ARPHRD_IPGRE:
282 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
283 default:
284 if (dir) {
285 memcpy(buf, dev->broadcast, dev->addr_len);
286 return 0;
287 }
288 }
289 return -EINVAL;
290 }
291 EXPORT_SYMBOL(ndisc_mc_map);
292
293 static u32 ndisc_hash(const void *pkey,
294 const struct net_device *dev,
295 __u32 *hash_rnd)
296 {
297 return ndisc_hashfn(pkey, dev, hash_rnd);
298 }
299
300 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
301 {
302 return neigh_key_eq128(n, pkey);
303 }
304
305 static int ndisc_constructor(struct neighbour *neigh)
306 {
307 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
308 struct net_device *dev = neigh->dev;
309 struct inet6_dev *in6_dev;
310 struct neigh_parms *parms;
311 bool is_multicast = ipv6_addr_is_multicast(addr);
312
313 in6_dev = in6_dev_get(dev);
314 if (!in6_dev) {
315 return -EINVAL;
316 }
317
318 parms = in6_dev->nd_parms;
319 __neigh_parms_put(neigh->parms);
320 neigh->parms = neigh_parms_clone(parms);
321
322 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
323 if (!dev->header_ops) {
324 neigh->nud_state = NUD_NOARP;
325 neigh->ops = &ndisc_direct_ops;
326 neigh->output = neigh_direct_output;
327 } else {
328 if (is_multicast) {
329 neigh->nud_state = NUD_NOARP;
330 ndisc_mc_map(addr, neigh->ha, dev, 1);
331 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
332 neigh->nud_state = NUD_NOARP;
333 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
334 if (dev->flags&IFF_LOOPBACK)
335 neigh->type = RTN_LOCAL;
336 } else if (dev->flags&IFF_POINTOPOINT) {
337 neigh->nud_state = NUD_NOARP;
338 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
339 }
340 if (dev->header_ops->cache)
341 neigh->ops = &ndisc_hh_ops;
342 else
343 neigh->ops = &ndisc_generic_ops;
344 if (neigh->nud_state&NUD_VALID)
345 neigh->output = neigh->ops->connected_output;
346 else
347 neigh->output = neigh->ops->output;
348 }
349 in6_dev_put(in6_dev);
350 return 0;
351 }
352
353 static int pndisc_constructor(struct pneigh_entry *n)
354 {
355 struct in6_addr *addr = (struct in6_addr *)&n->key;
356 struct in6_addr maddr;
357 struct net_device *dev = n->dev;
358
359 if (!dev || !__in6_dev_get(dev))
360 return -EINVAL;
361 addrconf_addr_solict_mult(addr, &maddr);
362 ipv6_dev_mc_inc(dev, &maddr);
363 return 0;
364 }
365
366 static void pndisc_destructor(struct pneigh_entry *n)
367 {
368 struct in6_addr *addr = (struct in6_addr *)&n->key;
369 struct in6_addr maddr;
370 struct net_device *dev = n->dev;
371
372 if (!dev || !__in6_dev_get(dev))
373 return;
374 addrconf_addr_solict_mult(addr, &maddr);
375 ipv6_dev_mc_dec(dev, &maddr);
376 }
377
378 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
379 int len)
380 {
381 int hlen = LL_RESERVED_SPACE(dev);
382 int tlen = dev->needed_tailroom;
383 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
384 struct sk_buff *skb;
385
386 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
387 if (!skb) {
388 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
389 __func__);
390 return NULL;
391 }
392
393 skb->protocol = htons(ETH_P_IPV6);
394 skb->dev = dev;
395
396 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
397 skb_reset_transport_header(skb);
398
399 /* Manually assign socket ownership as we avoid calling
400 * sock_alloc_send_pskb() to bypass wmem buffer limits
401 */
402 skb_set_owner_w(skb, sk);
403
404 return skb;
405 }
406
407 static void ip6_nd_hdr(struct sk_buff *skb,
408 const struct in6_addr *saddr,
409 const struct in6_addr *daddr,
410 int hop_limit, int len)
411 {
412 struct ipv6hdr *hdr;
413
414 skb_push(skb, sizeof(*hdr));
415 skb_reset_network_header(skb);
416 hdr = ipv6_hdr(skb);
417
418 ip6_flow_hdr(hdr, 0, 0);
419
420 hdr->payload_len = htons(len);
421 hdr->nexthdr = IPPROTO_ICMPV6;
422 hdr->hop_limit = hop_limit;
423
424 hdr->saddr = *saddr;
425 hdr->daddr = *daddr;
426 }
427
428 static void ndisc_send_skb(struct sk_buff *skb,
429 const struct in6_addr *daddr,
430 const struct in6_addr *saddr)
431 {
432 struct dst_entry *dst = skb_dst(skb);
433 struct net *net = dev_net(skb->dev);
434 struct sock *sk = net->ipv6.ndisc_sk;
435 struct inet6_dev *idev;
436 int err;
437 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
438 u8 type;
439
440 type = icmp6h->icmp6_type;
441
442 if (!dst) {
443 struct flowi6 fl6;
444
445 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
446 dst = icmp6_dst_alloc(skb->dev, &fl6);
447 if (IS_ERR(dst)) {
448 kfree_skb(skb);
449 return;
450 }
451
452 skb_dst_set(skb, dst);
453 }
454
455 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
456 IPPROTO_ICMPV6,
457 csum_partial(icmp6h,
458 skb->len, 0));
459
460 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
461
462 rcu_read_lock();
463 idev = __in6_dev_get(dst->dev);
464 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
465
466 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
467 net, sk, skb, NULL, dst->dev,
468 dst_output);
469 if (!err) {
470 ICMP6MSGOUT_INC_STATS(net, idev, type);
471 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
472 }
473
474 rcu_read_unlock();
475 }
476
477 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
478 const struct in6_addr *daddr,
479 const struct in6_addr *solicited_addr,
480 bool router, bool solicited, bool override, bool inc_opt)
481 {
482 struct sk_buff *skb;
483 struct in6_addr tmpaddr;
484 struct inet6_ifaddr *ifp;
485 const struct in6_addr *src_addr;
486 struct nd_msg *msg;
487 int optlen = 0;
488
489 /* for anycast or proxy, solicited_addr != src_addr */
490 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
491 if (ifp) {
492 src_addr = solicited_addr;
493 if (ifp->flags & IFA_F_OPTIMISTIC)
494 override = false;
495 inc_opt |= ifp->idev->cnf.force_tllao;
496 in6_ifa_put(ifp);
497 } else {
498 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
499 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
500 &tmpaddr))
501 return;
502 src_addr = &tmpaddr;
503 }
504
505 if (!dev->addr_len)
506 inc_opt = 0;
507 if (inc_opt)
508 optlen += ndisc_opt_addr_space(dev);
509
510 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
511 if (!skb)
512 return;
513
514 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
515 *msg = (struct nd_msg) {
516 .icmph = {
517 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
518 .icmp6_router = router,
519 .icmp6_solicited = solicited,
520 .icmp6_override = override,
521 },
522 .target = *solicited_addr,
523 };
524
525 if (inc_opt)
526 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
527 dev->dev_addr);
528
529
530 ndisc_send_skb(skb, daddr, src_addr);
531 }
532
533 static void ndisc_send_unsol_na(struct net_device *dev)
534 {
535 struct inet6_dev *idev;
536 struct inet6_ifaddr *ifa;
537
538 idev = in6_dev_get(dev);
539 if (!idev)
540 return;
541
542 read_lock_bh(&idev->lock);
543 list_for_each_entry(ifa, &idev->addr_list, if_list) {
544 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
545 /*router=*/ !!idev->cnf.forwarding,
546 /*solicited=*/ false, /*override=*/ true,
547 /*inc_opt=*/ true);
548 }
549 read_unlock_bh(&idev->lock);
550
551 in6_dev_put(idev);
552 }
553
554 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
555 const struct in6_addr *solicit,
556 const struct in6_addr *daddr, const struct in6_addr *saddr,
557 struct sk_buff *oskb)
558 {
559 struct sk_buff *skb;
560 struct in6_addr addr_buf;
561 int inc_opt = dev->addr_len;
562 int optlen = 0;
563 struct nd_msg *msg;
564
565 if (!saddr) {
566 if (ipv6_get_lladdr(dev, &addr_buf,
567 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
568 return;
569 saddr = &addr_buf;
570 }
571
572 if (ipv6_addr_any(saddr))
573 inc_opt = false;
574 if (inc_opt)
575 optlen += ndisc_opt_addr_space(dev);
576
577 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
578 if (!skb)
579 return;
580
581 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
582 *msg = (struct nd_msg) {
583 .icmph = {
584 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
585 },
586 .target = *solicit,
587 };
588
589 if (inc_opt)
590 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
591 dev->dev_addr);
592
593 if (!(dev->priv_flags & IFF_XMIT_DST_RELEASE) && oskb)
594 skb_dst_copy(skb, oskb);
595
596 ndisc_send_skb(skb, daddr, saddr);
597 }
598
599 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
600 const struct in6_addr *daddr)
601 {
602 struct sk_buff *skb;
603 struct rs_msg *msg;
604 int send_sllao = dev->addr_len;
605 int optlen = 0;
606
607 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
608 /*
609 * According to section 2.2 of RFC 4429, we must not
610 * send router solicitations with a sllao from
611 * optimistic addresses, but we may send the solicitation
612 * if we don't include the sllao. So here we check
613 * if our address is optimistic, and if so, we
614 * suppress the inclusion of the sllao.
615 */
616 if (send_sllao) {
617 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
618 dev, 1);
619 if (ifp) {
620 if (ifp->flags & IFA_F_OPTIMISTIC) {
621 send_sllao = 0;
622 }
623 in6_ifa_put(ifp);
624 } else {
625 send_sllao = 0;
626 }
627 }
628 #endif
629 if (send_sllao)
630 optlen += ndisc_opt_addr_space(dev);
631
632 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
633 if (!skb)
634 return;
635
636 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
637 *msg = (struct rs_msg) {
638 .icmph = {
639 .icmp6_type = NDISC_ROUTER_SOLICITATION,
640 },
641 };
642
643 if (send_sllao)
644 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
645 dev->dev_addr);
646
647 ndisc_send_skb(skb, daddr, saddr);
648 }
649
650
651 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
652 {
653 /*
654 * "The sender MUST return an ICMP
655 * destination unreachable"
656 */
657 dst_link_failure(skb);
658 kfree_skb(skb);
659 }
660
661 /* Called with locked neigh: either read or both */
662
663 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
664 {
665 struct in6_addr *saddr = NULL;
666 struct in6_addr mcaddr;
667 struct net_device *dev = neigh->dev;
668 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
669 int probes = atomic_read(&neigh->probes);
670
671 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
672 dev, 1,
673 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
674 saddr = &ipv6_hdr(skb)->saddr;
675 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
676 if (probes < 0) {
677 if (!(neigh->nud_state & NUD_VALID)) {
678 ND_PRINTK(1, dbg,
679 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
680 __func__, target);
681 }
682 ndisc_send_ns(dev, neigh, target, target, saddr, skb);
683 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
684 neigh_app_ns(neigh);
685 } else {
686 addrconf_addr_solict_mult(target, &mcaddr);
687 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr, skb);
688 }
689 }
690
691 static int pndisc_is_router(const void *pkey,
692 struct net_device *dev)
693 {
694 struct pneigh_entry *n;
695 int ret = -1;
696
697 read_lock_bh(&nd_tbl.lock);
698 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
699 if (n)
700 ret = !!(n->flags & NTF_ROUTER);
701 read_unlock_bh(&nd_tbl.lock);
702
703 return ret;
704 }
705
706 static void ndisc_recv_ns(struct sk_buff *skb)
707 {
708 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
709 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
710 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
711 u8 *lladdr = NULL;
712 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
713 offsetof(struct nd_msg, opt));
714 struct ndisc_options ndopts;
715 struct net_device *dev = skb->dev;
716 struct inet6_ifaddr *ifp;
717 struct inet6_dev *idev = NULL;
718 struct neighbour *neigh;
719 int dad = ipv6_addr_any(saddr);
720 bool inc;
721 int is_router = -1;
722
723 if (skb->len < sizeof(struct nd_msg)) {
724 ND_PRINTK(2, warn, "NS: packet too short\n");
725 return;
726 }
727
728 if (ipv6_addr_is_multicast(&msg->target)) {
729 ND_PRINTK(2, warn, "NS: multicast target address\n");
730 return;
731 }
732
733 /*
734 * RFC2461 7.1.1:
735 * DAD has to be destined for solicited node multicast address.
736 */
737 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
738 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
739 return;
740 }
741
742 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
743 ND_PRINTK(2, warn, "NS: invalid ND options\n");
744 return;
745 }
746
747 if (ndopts.nd_opts_src_lladdr) {
748 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
749 if (!lladdr) {
750 ND_PRINTK(2, warn,
751 "NS: invalid link-layer address length\n");
752 return;
753 }
754
755 /* RFC2461 7.1.1:
756 * If the IP source address is the unspecified address,
757 * there MUST NOT be source link-layer address option
758 * in the message.
759 */
760 if (dad) {
761 ND_PRINTK(2, warn,
762 "NS: bad DAD packet (link-layer address option)\n");
763 return;
764 }
765 }
766
767 inc = ipv6_addr_is_multicast(daddr);
768
769 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
770 if (ifp) {
771
772 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
773 if (dad) {
774 /*
775 * We are colliding with another node
776 * who is doing DAD
777 * so fail our DAD process
778 */
779 addrconf_dad_failure(ifp);
780 return;
781 } else {
782 /*
783 * This is not a dad solicitation.
784 * If we are an optimistic node,
785 * we should respond.
786 * Otherwise, we should ignore it.
787 */
788 if (!(ifp->flags & IFA_F_OPTIMISTIC))
789 goto out;
790 }
791 }
792
793 idev = ifp->idev;
794 } else {
795 struct net *net = dev_net(dev);
796
797 idev = in6_dev_get(dev);
798 if (!idev) {
799 /* XXX: count this drop? */
800 return;
801 }
802
803 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
804 (idev->cnf.forwarding &&
805 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
806 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
807 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
808 skb->pkt_type != PACKET_HOST &&
809 inc &&
810 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
811 /*
812 * for anycast or proxy,
813 * sender should delay its response
814 * by a random time between 0 and
815 * MAX_ANYCAST_DELAY_TIME seconds.
816 * (RFC2461) -- yoshfuji
817 */
818 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
819 if (n)
820 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
821 goto out;
822 }
823 } else
824 goto out;
825 }
826
827 if (is_router < 0)
828 is_router = idev->cnf.forwarding;
829
830 if (dad) {
831 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
832 !!is_router, false, (ifp != NULL), true);
833 goto out;
834 }
835
836 if (inc)
837 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
838 else
839 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
840
841 /*
842 * update / create cache entry
843 * for the source address
844 */
845 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
846 !inc || lladdr || !dev->addr_len);
847 if (neigh)
848 neigh_update(neigh, lladdr, NUD_STALE,
849 NEIGH_UPDATE_F_WEAK_OVERRIDE|
850 NEIGH_UPDATE_F_OVERRIDE);
851 if (neigh || !dev->header_ops) {
852 ndisc_send_na(dev, neigh, saddr, &msg->target,
853 !!is_router,
854 true, (ifp != NULL && inc), inc);
855 if (neigh)
856 neigh_release(neigh);
857 }
858
859 out:
860 if (ifp)
861 in6_ifa_put(ifp);
862 else
863 in6_dev_put(idev);
864 }
865
866 static void ndisc_recv_na(struct sk_buff *skb)
867 {
868 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
869 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
870 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
871 u8 *lladdr = NULL;
872 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
873 offsetof(struct nd_msg, opt));
874 struct ndisc_options ndopts;
875 struct net_device *dev = skb->dev;
876 struct inet6_ifaddr *ifp;
877 struct neighbour *neigh;
878
879 if (skb->len < sizeof(struct nd_msg)) {
880 ND_PRINTK(2, warn, "NA: packet too short\n");
881 return;
882 }
883
884 if (ipv6_addr_is_multicast(&msg->target)) {
885 ND_PRINTK(2, warn, "NA: target address is multicast\n");
886 return;
887 }
888
889 if (ipv6_addr_is_multicast(daddr) &&
890 msg->icmph.icmp6_solicited) {
891 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
892 return;
893 }
894
895 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
896 ND_PRINTK(2, warn, "NS: invalid ND option\n");
897 return;
898 }
899 if (ndopts.nd_opts_tgt_lladdr) {
900 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
901 if (!lladdr) {
902 ND_PRINTK(2, warn,
903 "NA: invalid link-layer address length\n");
904 return;
905 }
906 }
907 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
908 if (ifp) {
909 if (skb->pkt_type != PACKET_LOOPBACK
910 && (ifp->flags & IFA_F_TENTATIVE)) {
911 addrconf_dad_failure(ifp);
912 return;
913 }
914 /* What should we make now? The advertisement
915 is invalid, but ndisc specs say nothing
916 about it. It could be misconfiguration, or
917 an smart proxy agent tries to help us :-)
918
919 We should not print the error if NA has been
920 received from loopback - it is just our own
921 unsolicited advertisement.
922 */
923 if (skb->pkt_type != PACKET_LOOPBACK)
924 ND_PRINTK(1, warn,
925 "NA: someone advertises our address %pI6 on %s!\n",
926 &ifp->addr, ifp->idev->dev->name);
927 in6_ifa_put(ifp);
928 return;
929 }
930 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
931
932 if (neigh) {
933 u8 old_flags = neigh->flags;
934 struct net *net = dev_net(dev);
935
936 if (neigh->nud_state & NUD_FAILED)
937 goto out;
938
939 /*
940 * Don't update the neighbor cache entry on a proxy NA from
941 * ourselves because either the proxied node is off link or it
942 * has already sent a NA to us.
943 */
944 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
945 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
946 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
947 /* XXX: idev->cnf.proxy_ndp */
948 goto out;
949 }
950
951 neigh_update(neigh, lladdr,
952 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
953 NEIGH_UPDATE_F_WEAK_OVERRIDE|
954 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
955 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
956 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
957
958 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
959 /*
960 * Change: router to host
961 */
962 rt6_clean_tohost(dev_net(dev), saddr);
963 }
964
965 out:
966 neigh_release(neigh);
967 }
968 }
969
970 static void ndisc_recv_rs(struct sk_buff *skb)
971 {
972 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
973 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
974 struct neighbour *neigh;
975 struct inet6_dev *idev;
976 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
977 struct ndisc_options ndopts;
978 u8 *lladdr = NULL;
979
980 if (skb->len < sizeof(*rs_msg))
981 return;
982
983 idev = __in6_dev_get(skb->dev);
984 if (!idev) {
985 ND_PRINTK(1, err, "RS: can't find in6 device\n");
986 return;
987 }
988
989 /* Don't accept RS if we're not in router mode */
990 if (!idev->cnf.forwarding)
991 goto out;
992
993 /*
994 * Don't update NCE if src = ::;
995 * this implies that the source node has no ip address assigned yet.
996 */
997 if (ipv6_addr_any(saddr))
998 goto out;
999
1000 /* Parse ND options */
1001 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1002 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1003 goto out;
1004 }
1005
1006 if (ndopts.nd_opts_src_lladdr) {
1007 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1008 skb->dev);
1009 if (!lladdr)
1010 goto out;
1011 }
1012
1013 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1014 if (neigh) {
1015 neigh_update(neigh, lladdr, NUD_STALE,
1016 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1017 NEIGH_UPDATE_F_OVERRIDE|
1018 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1019 neigh_release(neigh);
1020 }
1021 out:
1022 return;
1023 }
1024
1025 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1026 {
1027 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1028 struct sk_buff *skb;
1029 struct nlmsghdr *nlh;
1030 struct nduseroptmsg *ndmsg;
1031 struct net *net = dev_net(ra->dev);
1032 int err;
1033 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1034 + (opt->nd_opt_len << 3));
1035 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1036
1037 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1038 if (!skb) {
1039 err = -ENOBUFS;
1040 goto errout;
1041 }
1042
1043 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1044 if (!nlh) {
1045 goto nla_put_failure;
1046 }
1047
1048 ndmsg = nlmsg_data(nlh);
1049 ndmsg->nduseropt_family = AF_INET6;
1050 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1051 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1052 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1053 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1054
1055 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1056
1057 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1058 goto nla_put_failure;
1059 nlmsg_end(skb, nlh);
1060
1061 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1062 return;
1063
1064 nla_put_failure:
1065 nlmsg_free(skb);
1066 err = -EMSGSIZE;
1067 errout:
1068 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1069 }
1070
1071 static void ndisc_router_discovery(struct sk_buff *skb)
1072 {
1073 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1074 struct neighbour *neigh = NULL;
1075 struct inet6_dev *in6_dev;
1076 struct rt6_info *rt = NULL;
1077 int lifetime;
1078 struct ndisc_options ndopts;
1079 int optlen;
1080 unsigned int pref = 0;
1081 __u32 old_if_flags;
1082 bool send_ifinfo_notify = false;
1083
1084 __u8 *opt = (__u8 *)(ra_msg + 1);
1085
1086 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1087 sizeof(struct ra_msg);
1088
1089 ND_PRINTK(2, info,
1090 "RA: %s, dev: %s\n",
1091 __func__, skb->dev->name);
1092 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1093 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1094 return;
1095 }
1096 if (optlen < 0) {
1097 ND_PRINTK(2, warn, "RA: packet too short\n");
1098 return;
1099 }
1100
1101 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1102 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1103 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1104 return;
1105 }
1106 #endif
1107
1108 /*
1109 * set the RA_RECV flag in the interface
1110 */
1111
1112 in6_dev = __in6_dev_get(skb->dev);
1113 if (!in6_dev) {
1114 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1115 skb->dev->name);
1116 return;
1117 }
1118
1119 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1120 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1121 return;
1122 }
1123
1124 if (!ipv6_accept_ra(in6_dev)) {
1125 ND_PRINTK(2, info,
1126 "RA: %s, did not accept ra for dev: %s\n",
1127 __func__, skb->dev->name);
1128 goto skip_linkparms;
1129 }
1130
1131 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1132 /* skip link-specific parameters from interior routers */
1133 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1134 ND_PRINTK(2, info,
1135 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1136 __func__, skb->dev->name);
1137 goto skip_linkparms;
1138 }
1139 #endif
1140
1141 if (in6_dev->if_flags & IF_RS_SENT) {
1142 /*
1143 * flag that an RA was received after an RS was sent
1144 * out on this interface.
1145 */
1146 in6_dev->if_flags |= IF_RA_RCVD;
1147 }
1148
1149 /*
1150 * Remember the managed/otherconf flags from most recently
1151 * received RA message (RFC 2462) -- yoshfuji
1152 */
1153 old_if_flags = in6_dev->if_flags;
1154 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1155 IF_RA_OTHERCONF)) |
1156 (ra_msg->icmph.icmp6_addrconf_managed ?
1157 IF_RA_MANAGED : 0) |
1158 (ra_msg->icmph.icmp6_addrconf_other ?
1159 IF_RA_OTHERCONF : 0);
1160
1161 if (old_if_flags != in6_dev->if_flags)
1162 send_ifinfo_notify = true;
1163
1164 if (!in6_dev->cnf.accept_ra_defrtr) {
1165 ND_PRINTK(2, info,
1166 "RA: %s, defrtr is false for dev: %s\n",
1167 __func__, skb->dev->name);
1168 goto skip_defrtr;
1169 }
1170
1171 /* Do not accept RA with source-addr found on local machine unless
1172 * accept_ra_from_local is set to true.
1173 */
1174 if (!in6_dev->cnf.accept_ra_from_local &&
1175 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1176 NULL, 0)) {
1177 ND_PRINTK(2, info,
1178 "RA from local address detected on dev: %s: default router ignored\n",
1179 skb->dev->name);
1180 goto skip_defrtr;
1181 }
1182
1183 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1184
1185 #ifdef CONFIG_IPV6_ROUTER_PREF
1186 pref = ra_msg->icmph.icmp6_router_pref;
1187 /* 10b is handled as if it were 00b (medium) */
1188 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1189 !in6_dev->cnf.accept_ra_rtr_pref)
1190 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1191 #endif
1192
1193 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1194
1195 if (rt) {
1196 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1197 if (!neigh) {
1198 ND_PRINTK(0, err,
1199 "RA: %s got default router without neighbour\n",
1200 __func__);
1201 ip6_rt_put(rt);
1202 return;
1203 }
1204 }
1205 if (rt && lifetime == 0) {
1206 ip6_del_rt(rt);
1207 rt = NULL;
1208 }
1209
1210 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1211 rt, lifetime, skb->dev->name);
1212 if (!rt && lifetime) {
1213 ND_PRINTK(3, info, "RA: adding default router\n");
1214
1215 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1216 if (!rt) {
1217 ND_PRINTK(0, err,
1218 "RA: %s failed to add default route\n",
1219 __func__);
1220 return;
1221 }
1222
1223 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1224 if (!neigh) {
1225 ND_PRINTK(0, err,
1226 "RA: %s got default router without neighbour\n",
1227 __func__);
1228 ip6_rt_put(rt);
1229 return;
1230 }
1231 neigh->flags |= NTF_ROUTER;
1232 } else if (rt) {
1233 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1234 }
1235
1236 if (rt)
1237 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1238 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1239 ra_msg->icmph.icmp6_hop_limit) {
1240 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1241 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1242 if (rt)
1243 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1244 ra_msg->icmph.icmp6_hop_limit);
1245 } else {
1246 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1247 }
1248 }
1249
1250 skip_defrtr:
1251
1252 /*
1253 * Update Reachable Time and Retrans Timer
1254 */
1255
1256 if (in6_dev->nd_parms) {
1257 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1258
1259 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1260 rtime = (rtime*HZ)/1000;
1261 if (rtime < HZ/10)
1262 rtime = HZ/10;
1263 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1264 in6_dev->tstamp = jiffies;
1265 send_ifinfo_notify = true;
1266 }
1267
1268 rtime = ntohl(ra_msg->reachable_time);
1269 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1270 rtime = (rtime*HZ)/1000;
1271
1272 if (rtime < HZ/10)
1273 rtime = HZ/10;
1274
1275 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1276 NEIGH_VAR_SET(in6_dev->nd_parms,
1277 BASE_REACHABLE_TIME, rtime);
1278 NEIGH_VAR_SET(in6_dev->nd_parms,
1279 GC_STALETIME, 3 * rtime);
1280 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1281 in6_dev->tstamp = jiffies;
1282 send_ifinfo_notify = true;
1283 }
1284 }
1285 }
1286
1287 /*
1288 * Send a notify if RA changed managed/otherconf flags or timer settings
1289 */
1290 if (send_ifinfo_notify)
1291 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1292
1293 skip_linkparms:
1294
1295 /*
1296 * Process options.
1297 */
1298
1299 if (!neigh)
1300 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1301 skb->dev, 1);
1302 if (neigh) {
1303 u8 *lladdr = NULL;
1304 if (ndopts.nd_opts_src_lladdr) {
1305 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1306 skb->dev);
1307 if (!lladdr) {
1308 ND_PRINTK(2, warn,
1309 "RA: invalid link-layer address length\n");
1310 goto out;
1311 }
1312 }
1313 neigh_update(neigh, lladdr, NUD_STALE,
1314 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1315 NEIGH_UPDATE_F_OVERRIDE|
1316 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1317 NEIGH_UPDATE_F_ISROUTER);
1318 }
1319
1320 if (!ipv6_accept_ra(in6_dev)) {
1321 ND_PRINTK(2, info,
1322 "RA: %s, accept_ra is false for dev: %s\n",
1323 __func__, skb->dev->name);
1324 goto out;
1325 }
1326
1327 #ifdef CONFIG_IPV6_ROUTE_INFO
1328 if (!in6_dev->cnf.accept_ra_from_local &&
1329 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1330 NULL, 0)) {
1331 ND_PRINTK(2, info,
1332 "RA from local address detected on dev: %s: router info ignored.\n",
1333 skb->dev->name);
1334 goto skip_routeinfo;
1335 }
1336
1337 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1338 struct nd_opt_hdr *p;
1339 for (p = ndopts.nd_opts_ri;
1340 p;
1341 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1342 struct route_info *ri = (struct route_info *)p;
1343 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1344 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1345 ri->prefix_len == 0)
1346 continue;
1347 #endif
1348 if (ri->prefix_len == 0 &&
1349 !in6_dev->cnf.accept_ra_defrtr)
1350 continue;
1351 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1352 continue;
1353 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1354 &ipv6_hdr(skb)->saddr);
1355 }
1356 }
1357
1358 skip_routeinfo:
1359 #endif
1360
1361 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1362 /* skip link-specific ndopts from interior routers */
1363 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1364 ND_PRINTK(2, info,
1365 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1366 __func__, skb->dev->name);
1367 goto out;
1368 }
1369 #endif
1370
1371 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1372 struct nd_opt_hdr *p;
1373 for (p = ndopts.nd_opts_pi;
1374 p;
1375 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1376 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1377 (p->nd_opt_len) << 3,
1378 ndopts.nd_opts_src_lladdr != NULL);
1379 }
1380 }
1381
1382 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1383 __be32 n;
1384 u32 mtu;
1385
1386 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1387 mtu = ntohl(n);
1388
1389 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1390 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1391 } else if (in6_dev->cnf.mtu6 != mtu) {
1392 in6_dev->cnf.mtu6 = mtu;
1393
1394 if (rt)
1395 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1396
1397 rt6_mtu_change(skb->dev, mtu);
1398 }
1399 }
1400
1401 if (ndopts.nd_useropts) {
1402 struct nd_opt_hdr *p;
1403 for (p = ndopts.nd_useropts;
1404 p;
1405 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1406 ndisc_ra_useropt(skb, p);
1407 }
1408 }
1409
1410 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1411 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1412 }
1413 out:
1414 ip6_rt_put(rt);
1415 if (neigh)
1416 neigh_release(neigh);
1417 }
1418
1419 static void ndisc_redirect_rcv(struct sk_buff *skb)
1420 {
1421 u8 *hdr;
1422 struct ndisc_options ndopts;
1423 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1424 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1425 offsetof(struct rd_msg, opt));
1426
1427 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1428 switch (skb->ndisc_nodetype) {
1429 case NDISC_NODETYPE_HOST:
1430 case NDISC_NODETYPE_NODEFAULT:
1431 ND_PRINTK(2, warn,
1432 "Redirect: from host or unauthorized router\n");
1433 return;
1434 }
1435 #endif
1436
1437 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1438 ND_PRINTK(2, warn,
1439 "Redirect: source address is not link-local\n");
1440 return;
1441 }
1442
1443 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1444 return;
1445
1446 if (!ndopts.nd_opts_rh) {
1447 ip6_redirect_no_header(skb, dev_net(skb->dev),
1448 skb->dev->ifindex, 0);
1449 return;
1450 }
1451
1452 hdr = (u8 *)ndopts.nd_opts_rh;
1453 hdr += 8;
1454 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1455 return;
1456
1457 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1458 }
1459
1460 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1461 struct sk_buff *orig_skb,
1462 int rd_len)
1463 {
1464 u8 *opt = skb_put(skb, rd_len);
1465
1466 memset(opt, 0, 8);
1467 *(opt++) = ND_OPT_REDIRECT_HDR;
1468 *(opt++) = (rd_len >> 3);
1469 opt += 6;
1470
1471 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1472 }
1473
1474 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1475 {
1476 struct net_device *dev = skb->dev;
1477 struct net *net = dev_net(dev);
1478 struct sock *sk = net->ipv6.ndisc_sk;
1479 int optlen = 0;
1480 struct inet_peer *peer;
1481 struct sk_buff *buff;
1482 struct rd_msg *msg;
1483 struct in6_addr saddr_buf;
1484 struct rt6_info *rt;
1485 struct dst_entry *dst;
1486 struct flowi6 fl6;
1487 int rd_len;
1488 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1489 bool ret;
1490
1491 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1492 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1493 dev->name);
1494 return;
1495 }
1496
1497 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1498 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1499 ND_PRINTK(2, warn,
1500 "Redirect: target address is not link-local unicast\n");
1501 return;
1502 }
1503
1504 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1505 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1506
1507 dst = ip6_route_output(net, NULL, &fl6);
1508 if (dst->error) {
1509 dst_release(dst);
1510 return;
1511 }
1512 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1513 if (IS_ERR(dst))
1514 return;
1515
1516 rt = (struct rt6_info *) dst;
1517
1518 if (rt->rt6i_flags & RTF_GATEWAY) {
1519 ND_PRINTK(2, warn,
1520 "Redirect: destination is not a neighbour\n");
1521 goto release;
1522 }
1523 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1524 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1525 if (peer)
1526 inet_putpeer(peer);
1527 if (!ret)
1528 goto release;
1529
1530 if (dev->addr_len) {
1531 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1532 if (!neigh) {
1533 ND_PRINTK(2, warn,
1534 "Redirect: no neigh for target address\n");
1535 goto release;
1536 }
1537
1538 read_lock_bh(&neigh->lock);
1539 if (neigh->nud_state & NUD_VALID) {
1540 memcpy(ha_buf, neigh->ha, dev->addr_len);
1541 read_unlock_bh(&neigh->lock);
1542 ha = ha_buf;
1543 optlen += ndisc_opt_addr_space(dev);
1544 } else
1545 read_unlock_bh(&neigh->lock);
1546
1547 neigh_release(neigh);
1548 }
1549
1550 rd_len = min_t(unsigned int,
1551 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1552 skb->len + 8);
1553 rd_len &= ~0x7;
1554 optlen += rd_len;
1555
1556 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1557 if (!buff)
1558 goto release;
1559
1560 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1561 *msg = (struct rd_msg) {
1562 .icmph = {
1563 .icmp6_type = NDISC_REDIRECT,
1564 },
1565 .target = *target,
1566 .dest = ipv6_hdr(skb)->daddr,
1567 };
1568
1569 /*
1570 * include target_address option
1571 */
1572
1573 if (ha)
1574 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1575
1576 /*
1577 * build redirect option and copy skb over to the new packet.
1578 */
1579
1580 if (rd_len)
1581 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1582
1583 skb_dst_set(buff, dst);
1584 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1585 return;
1586
1587 release:
1588 dst_release(dst);
1589 }
1590
1591 static void pndisc_redo(struct sk_buff *skb)
1592 {
1593 ndisc_recv_ns(skb);
1594 kfree_skb(skb);
1595 }
1596
1597 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1598 {
1599 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1600
1601 if (!idev)
1602 return true;
1603 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1604 idev->cnf.suppress_frag_ndisc) {
1605 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1606 return true;
1607 }
1608 return false;
1609 }
1610
1611 int ndisc_rcv(struct sk_buff *skb)
1612 {
1613 struct nd_msg *msg;
1614
1615 if (ndisc_suppress_frag_ndisc(skb))
1616 return 0;
1617
1618 if (skb_linearize(skb))
1619 return 0;
1620
1621 msg = (struct nd_msg *)skb_transport_header(skb);
1622
1623 __skb_push(skb, skb->data - skb_transport_header(skb));
1624
1625 if (ipv6_hdr(skb)->hop_limit != 255) {
1626 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1627 ipv6_hdr(skb)->hop_limit);
1628 return 0;
1629 }
1630
1631 if (msg->icmph.icmp6_code != 0) {
1632 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1633 msg->icmph.icmp6_code);
1634 return 0;
1635 }
1636
1637 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1638
1639 switch (msg->icmph.icmp6_type) {
1640 case NDISC_NEIGHBOUR_SOLICITATION:
1641 ndisc_recv_ns(skb);
1642 break;
1643
1644 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1645 ndisc_recv_na(skb);
1646 break;
1647
1648 case NDISC_ROUTER_SOLICITATION:
1649 ndisc_recv_rs(skb);
1650 break;
1651
1652 case NDISC_ROUTER_ADVERTISEMENT:
1653 ndisc_router_discovery(skb);
1654 break;
1655
1656 case NDISC_REDIRECT:
1657 ndisc_redirect_rcv(skb);
1658 break;
1659 }
1660
1661 return 0;
1662 }
1663
1664 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1665 {
1666 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1667 struct netdev_notifier_change_info *change_info;
1668 struct net *net = dev_net(dev);
1669 struct inet6_dev *idev;
1670
1671 switch (event) {
1672 case NETDEV_CHANGEADDR:
1673 neigh_changeaddr(&nd_tbl, dev);
1674 fib6_run_gc(0, net, false);
1675 idev = in6_dev_get(dev);
1676 if (!idev)
1677 break;
1678 if (idev->cnf.ndisc_notify)
1679 ndisc_send_unsol_na(dev);
1680 in6_dev_put(idev);
1681 break;
1682 case NETDEV_CHANGE:
1683 change_info = ptr;
1684 if (change_info->flags_changed & IFF_NOARP)
1685 neigh_changeaddr(&nd_tbl, dev);
1686 break;
1687 case NETDEV_DOWN:
1688 neigh_ifdown(&nd_tbl, dev);
1689 fib6_run_gc(0, net, false);
1690 break;
1691 case NETDEV_NOTIFY_PEERS:
1692 ndisc_send_unsol_na(dev);
1693 break;
1694 default:
1695 break;
1696 }
1697
1698 return NOTIFY_DONE;
1699 }
1700
1701 static struct notifier_block ndisc_netdev_notifier = {
1702 .notifier_call = ndisc_netdev_event,
1703 };
1704
1705 #ifdef CONFIG_SYSCTL
1706 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1707 const char *func, const char *dev_name)
1708 {
1709 static char warncomm[TASK_COMM_LEN];
1710 static int warned;
1711 if (strcmp(warncomm, current->comm) && warned < 5) {
1712 strcpy(warncomm, current->comm);
1713 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1714 warncomm, func,
1715 dev_name, ctl->procname,
1716 dev_name, ctl->procname);
1717 warned++;
1718 }
1719 }
1720
1721 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1722 {
1723 struct net_device *dev = ctl->extra1;
1724 struct inet6_dev *idev;
1725 int ret;
1726
1727 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1728 (strcmp(ctl->procname, "base_reachable_time") == 0))
1729 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1730
1731 if (strcmp(ctl->procname, "retrans_time") == 0)
1732 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1733
1734 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1735 ret = neigh_proc_dointvec_jiffies(ctl, write,
1736 buffer, lenp, ppos);
1737
1738 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1739 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1740 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1741 buffer, lenp, ppos);
1742 else
1743 ret = -1;
1744
1745 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1746 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1747 idev->nd_parms->reachable_time =
1748 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1749 idev->tstamp = jiffies;
1750 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1751 in6_dev_put(idev);
1752 }
1753 return ret;
1754 }
1755
1756
1757 #endif
1758
1759 static int __net_init ndisc_net_init(struct net *net)
1760 {
1761 struct ipv6_pinfo *np;
1762 struct sock *sk;
1763 int err;
1764
1765 err = inet_ctl_sock_create(&sk, PF_INET6,
1766 SOCK_RAW, IPPROTO_ICMPV6, net);
1767 if (err < 0) {
1768 ND_PRINTK(0, err,
1769 "NDISC: Failed to initialize the control socket (err %d)\n",
1770 err);
1771 return err;
1772 }
1773
1774 net->ipv6.ndisc_sk = sk;
1775
1776 np = inet6_sk(sk);
1777 np->hop_limit = 255;
1778 /* Do not loopback ndisc messages */
1779 np->mc_loop = 0;
1780
1781 return 0;
1782 }
1783
1784 static void __net_exit ndisc_net_exit(struct net *net)
1785 {
1786 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1787 }
1788
1789 static struct pernet_operations ndisc_net_ops = {
1790 .init = ndisc_net_init,
1791 .exit = ndisc_net_exit,
1792 };
1793
1794 int __init ndisc_init(void)
1795 {
1796 int err;
1797
1798 err = register_pernet_subsys(&ndisc_net_ops);
1799 if (err)
1800 return err;
1801 /*
1802 * Initialize the neighbour table
1803 */
1804 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1805
1806 #ifdef CONFIG_SYSCTL
1807 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1808 ndisc_ifinfo_sysctl_change);
1809 if (err)
1810 goto out_unregister_pernet;
1811 out:
1812 #endif
1813 return err;
1814
1815 #ifdef CONFIG_SYSCTL
1816 out_unregister_pernet:
1817 unregister_pernet_subsys(&ndisc_net_ops);
1818 goto out;
1819 #endif
1820 }
1821
1822 int __init ndisc_late_init(void)
1823 {
1824 return register_netdevice_notifier(&ndisc_netdev_notifier);
1825 }
1826
1827 void ndisc_late_cleanup(void)
1828 {
1829 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1830 }
1831
1832 void ndisc_cleanup(void)
1833 {
1834 #ifdef CONFIG_SYSCTL
1835 neigh_sysctl_unregister(&nd_tbl.parms);
1836 #endif
1837 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1838 unregister_pernet_subsys(&ndisc_net_ops);
1839 }
Linux kernel - Deliverables
This page took 0.109404 seconds and 5 git commands to generate.