Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * Neighbour Discovery for IPv6 | |
1ab1457c | 3 | * Linux INET6 implementation |
1da177e4 LT |
4 | * |
5 | * Authors: | |
1ab1457c | 6 | * Pedro Roque <roque@di.fc.ul.pt> |
1da177e4 LT |
7 | * Mike Shaver <shaver@ingenia.com> |
8 | * | |
9 | * This program is free software; you can redistribute it and/or | |
10 | * modify it under the terms of the GNU General Public License | |
11 | * as published by the Free Software Foundation; either version | |
12 | * 2 of the License, or (at your option) any later version. | |
13 | */ | |
14 | ||
15 | /* | |
16 | * Changes: | |
17 | * | |
e35f30c1 | 18 | * Alexey I. Froloff : RFC6106 (DNSSL) support |
31910575 PY |
19 | * Pierre Ynard : export userland ND options |
20 | * through netlink (RDNSS support) | |
1da177e4 LT |
21 | * Lars Fenneberg : fixed MTU setting on receipt |
22 | * of an RA. | |
1da177e4 LT |
23 | * Janos Farkas : kmalloc failure checks |
24 | * Alexey Kuznetsov : state machine reworked | |
25 | * and moved to net/core. | |
26 | * Pekka Savola : RFC2461 validation | |
27 | * YOSHIFUJI Hideaki @USAGI : Verify ND options properly | |
28 | */ | |
29 | ||
675418d5 | 30 | #define pr_fmt(fmt) "ICMPv6: " fmt |
1da177e4 LT |
31 | |
32 | #include <linux/module.h> | |
1da177e4 LT |
33 | #include <linux/errno.h> |
34 | #include <linux/types.h> | |
35 | #include <linux/socket.h> | |
36 | #include <linux/sockios.h> | |
37 | #include <linux/sched.h> | |
38 | #include <linux/net.h> | |
39 | #include <linux/in6.h> | |
40 | #include <linux/route.h> | |
41 | #include <linux/init.h> | |
42 | #include <linux/rcupdate.h> | |
5a0e3ad6 | 43 | #include <linux/slab.h> |
1da177e4 LT |
44 | #ifdef CONFIG_SYSCTL |
45 | #include <linux/sysctl.h> | |
46 | #endif | |
47 | ||
1823730f | 48 | #include <linux/if_addr.h> |
1da177e4 LT |
49 | #include <linux/if_arp.h> |
50 | #include <linux/ipv6.h> | |
51 | #include <linux/icmpv6.h> | |
52 | #include <linux/jhash.h> | |
53 | ||
54 | #include <net/sock.h> | |
55 | #include <net/snmp.h> | |
56 | ||
57 | #include <net/ipv6.h> | |
58 | #include <net/protocol.h> | |
59 | #include <net/ndisc.h> | |
60 | #include <net/ip6_route.h> | |
61 | #include <net/addrconf.h> | |
62 | #include <net/icmp.h> | |
63 | ||
31910575 PY |
64 | #include <net/netlink.h> |
65 | #include <linux/rtnetlink.h> | |
66 | ||
1da177e4 LT |
67 | #include <net/flow.h> |
68 | #include <net/ip6_checksum.h> | |
1ed8516f | 69 | #include <net/inet_common.h> |
1da177e4 LT |
70 | #include <linux/proc_fs.h> |
71 | ||
72 | #include <linux/netfilter.h> | |
73 | #include <linux/netfilter_ipv6.h> | |
74 | ||
d6bf7817 ED |
75 | static u32 ndisc_hash(const void *pkey, |
76 | const struct net_device *dev, | |
2c2aba6c | 77 | __u32 *hash_rnd); |
60395a20 | 78 | static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey); |
1da177e4 LT |
79 | static int ndisc_constructor(struct neighbour *neigh); |
80 | static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb); | |
81 | static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb); | |
82 | static int pndisc_constructor(struct pneigh_entry *n); | |
83 | static void pndisc_destructor(struct pneigh_entry *n); | |
84 | static void pndisc_redo(struct sk_buff *skb); | |
85 | ||
89d69d2b | 86 | static const struct neigh_ops ndisc_generic_ops = { |
1da177e4 LT |
87 | .family = AF_INET6, |
88 | .solicit = ndisc_solicit, | |
89 | .error_report = ndisc_error_report, | |
90 | .output = neigh_resolve_output, | |
91 | .connected_output = neigh_connected_output, | |
1da177e4 LT |
92 | }; |
93 | ||
89d69d2b | 94 | static const struct neigh_ops ndisc_hh_ops = { |
1da177e4 LT |
95 | .family = AF_INET6, |
96 | .solicit = ndisc_solicit, | |
97 | .error_report = ndisc_error_report, | |
98 | .output = neigh_resolve_output, | |
99 | .connected_output = neigh_resolve_output, | |
1da177e4 LT |
100 | }; |
101 | ||
102 | ||
89d69d2b | 103 | static const struct neigh_ops ndisc_direct_ops = { |
1da177e4 | 104 | .family = AF_INET6, |
8f40b161 DM |
105 | .output = neigh_direct_output, |
106 | .connected_output = neigh_direct_output, | |
1da177e4 LT |
107 | }; |
108 | ||
109 | struct neigh_table nd_tbl = { | |
110 | .family = AF_INET6, | |
1da177e4 | 111 | .key_len = sizeof(struct in6_addr), |
bdf53c58 | 112 | .protocol = cpu_to_be16(ETH_P_IPV6), |
1da177e4 | 113 | .hash = ndisc_hash, |
60395a20 | 114 | .key_eq = ndisc_key_eq, |
1da177e4 LT |
115 | .constructor = ndisc_constructor, |
116 | .pconstructor = pndisc_constructor, | |
117 | .pdestructor = pndisc_destructor, | |
118 | .proxy_redo = pndisc_redo, | |
119 | .id = "ndisc_cache", | |
120 | .parms = { | |
b672083e | 121 | .tbl = &nd_tbl, |
b672083e | 122 | .reachable_time = ND_REACHABLE_TIME, |
1f9248e5 JP |
123 | .data = { |
124 | [NEIGH_VAR_MCAST_PROBES] = 3, | |
125 | [NEIGH_VAR_UCAST_PROBES] = 3, | |
126 | [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER, | |
127 | [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME, | |
128 | [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ, | |
129 | [NEIGH_VAR_GC_STALETIME] = 60 * HZ, | |
eaa72dc4 | 130 | [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX, |
1f9248e5 JP |
131 | [NEIGH_VAR_PROXY_QLEN] = 64, |
132 | [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ, | |
133 | [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10, | |
134 | }, | |
1da177e4 LT |
135 | }, |
136 | .gc_interval = 30 * HZ, | |
137 | .gc_thresh1 = 128, | |
138 | .gc_thresh2 = 512, | |
139 | .gc_thresh3 = 1024, | |
140 | }; | |
c4850687 | 141 | EXPORT_SYMBOL_GPL(nd_tbl); |
1da177e4 | 142 | |
cc84b3c6 AA |
143 | void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data, |
144 | int data_len, int pad) | |
1da177e4 | 145 | { |
8ec5da41 | 146 | int space = __ndisc_opt_addr_space(data_len, pad); |
5f5a0115 | 147 | u8 *opt = skb_put(skb, space); |
1da177e4 LT |
148 | |
149 | opt[0] = type; | |
150 | opt[1] = space>>3; | |
151 | ||
152 | memset(opt + 2, 0, pad); | |
153 | opt += pad; | |
154 | space -= pad; | |
155 | ||
156 | memcpy(opt+2, data, data_len); | |
157 | data_len += 2; | |
158 | opt += data_len; | |
e5d08d71 IM |
159 | space -= data_len; |
160 | if (space > 0) | |
1da177e4 | 161 | memset(opt, 0, space); |
1da177e4 | 162 | } |
cc84b3c6 | 163 | EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option); |
1da177e4 | 164 | |
8ec5da41 | 165 | static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type, |
f997c55c | 166 | void *data, u8 icmp6_type) |
8ec5da41 AA |
167 | { |
168 | __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len, | |
169 | ndisc_addr_option_pad(skb->dev->type)); | |
f997c55c AA |
170 | ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type); |
171 | } | |
172 | ||
173 | static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb, | |
174 | void *ha, | |
175 | const u8 *ops_data) | |
176 | { | |
177 | ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT); | |
178 | ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data); | |
8ec5da41 AA |
179 | } |
180 | ||
1da177e4 LT |
181 | static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur, |
182 | struct nd_opt_hdr *end) | |
183 | { | |
184 | int type; | |
185 | if (!cur || !end || cur >= end) | |
186 | return NULL; | |
187 | type = cur->nd_opt_type; | |
188 | do { | |
189 | cur = ((void *)cur) + (cur->nd_opt_len << 3); | |
67ba4152 | 190 | } while (cur < end && cur->nd_opt_type != type); |
a02cec21 | 191 | return cur <= end && cur->nd_opt_type == type ? cur : NULL; |
1da177e4 LT |
192 | } |
193 | ||
f997c55c AA |
194 | static inline int ndisc_is_useropt(const struct net_device *dev, |
195 | struct nd_opt_hdr *opt) | |
31910575 | 196 | { |
e35f30c1 | 197 | return opt->nd_opt_type == ND_OPT_RDNSS || |
f997c55c AA |
198 | opt->nd_opt_type == ND_OPT_DNSSL || |
199 | ndisc_ops_is_useropt(dev, opt->nd_opt_type); | |
31910575 PY |
200 | } |
201 | ||
f997c55c AA |
202 | static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev, |
203 | struct nd_opt_hdr *cur, | |
31910575 PY |
204 | struct nd_opt_hdr *end) |
205 | { | |
206 | if (!cur || !end || cur >= end) | |
207 | return NULL; | |
208 | do { | |
209 | cur = ((void *)cur) + (cur->nd_opt_len << 3); | |
f997c55c AA |
210 | } while (cur < end && !ndisc_is_useropt(dev, cur)); |
211 | return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL; | |
31910575 PY |
212 | } |
213 | ||
f997c55c AA |
214 | struct ndisc_options *ndisc_parse_options(const struct net_device *dev, |
215 | u8 *opt, int opt_len, | |
30f2a5f3 | 216 | struct ndisc_options *ndopts) |
1da177e4 LT |
217 | { |
218 | struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt; | |
219 | ||
220 | if (!nd_opt || opt_len < 0 || !ndopts) | |
221 | return NULL; | |
222 | memset(ndopts, 0, sizeof(*ndopts)); | |
223 | while (opt_len) { | |
224 | int l; | |
225 | if (opt_len < sizeof(struct nd_opt_hdr)) | |
226 | return NULL; | |
227 | l = nd_opt->nd_opt_len << 3; | |
228 | if (opt_len < l || l == 0) | |
229 | return NULL; | |
f997c55c AA |
230 | if (ndisc_ops_parse_options(dev, nd_opt, ndopts)) |
231 | goto next_opt; | |
1da177e4 LT |
232 | switch (nd_opt->nd_opt_type) { |
233 | case ND_OPT_SOURCE_LL_ADDR: | |
234 | case ND_OPT_TARGET_LL_ADDR: | |
235 | case ND_OPT_MTU: | |
adc176c5 | 236 | case ND_OPT_NONCE: |
1da177e4 LT |
237 | case ND_OPT_REDIRECT_HDR: |
238 | if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) { | |
675418d5 JP |
239 | ND_PRINTK(2, warn, |
240 | "%s: duplicated ND6 option found: type=%d\n", | |
241 | __func__, nd_opt->nd_opt_type); | |
1da177e4 LT |
242 | } else { |
243 | ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt; | |
244 | } | |
245 | break; | |
246 | case ND_OPT_PREFIX_INFO: | |
247 | ndopts->nd_opts_pi_end = nd_opt; | |
cfcabdcc | 248 | if (!ndopts->nd_opt_array[nd_opt->nd_opt_type]) |
1da177e4 LT |
249 | ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt; |
250 | break; | |
70ceb4f5 YH |
251 | #ifdef CONFIG_IPV6_ROUTE_INFO |
252 | case ND_OPT_ROUTE_INFO: | |
253 | ndopts->nd_opts_ri_end = nd_opt; | |
254 | if (!ndopts->nd_opts_ri) | |
255 | ndopts->nd_opts_ri = nd_opt; | |
256 | break; | |
257 | #endif | |
1da177e4 | 258 | default: |
f997c55c | 259 | if (ndisc_is_useropt(dev, nd_opt)) { |
31910575 PY |
260 | ndopts->nd_useropts_end = nd_opt; |
261 | if (!ndopts->nd_useropts) | |
262 | ndopts->nd_useropts = nd_opt; | |
263 | } else { | |
264 | /* | |
265 | * Unknown options must be silently ignored, | |
266 | * to accommodate future extension to the | |
267 | * protocol. | |
268 | */ | |
675418d5 JP |
269 | ND_PRINTK(2, notice, |
270 | "%s: ignored unsupported option; type=%d, len=%d\n", | |
271 | __func__, | |
272 | nd_opt->nd_opt_type, | |
273 | nd_opt->nd_opt_len); | |
31910575 | 274 | } |
1da177e4 | 275 | } |
f997c55c | 276 | next_opt: |
1da177e4 LT |
277 | opt_len -= l; |
278 | nd_opt = ((void *)nd_opt) + l; | |
279 | } | |
280 | return ndopts; | |
281 | } | |
282 | ||
b71d1d42 | 283 | int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir) |
1da177e4 LT |
284 | { |
285 | switch (dev->type) { | |
286 | case ARPHRD_ETHER: | |
287 | case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */ | |
288 | case ARPHRD_FDDI: | |
289 | ipv6_eth_mc_map(addr, buf); | |
290 | return 0; | |
1da177e4 LT |
291 | case ARPHRD_ARCNET: |
292 | ipv6_arcnet_mc_map(addr, buf); | |
293 | return 0; | |
294 | case ARPHRD_INFINIBAND: | |
a9e527e3 | 295 | ipv6_ib_mc_map(addr, dev->broadcast, buf); |
1da177e4 | 296 | return 0; |
93ca3bb5 TT |
297 | case ARPHRD_IPGRE: |
298 | return ipv6_ipgre_mc_map(addr, dev->broadcast, buf); | |
1da177e4 LT |
299 | default: |
300 | if (dir) { | |
301 | memcpy(buf, dev->broadcast, dev->addr_len); | |
302 | return 0; | |
303 | } | |
304 | } | |
305 | return -EINVAL; | |
306 | } | |
7159039a YH |
307 | EXPORT_SYMBOL(ndisc_mc_map); |
308 | ||
d6bf7817 ED |
309 | static u32 ndisc_hash(const void *pkey, |
310 | const struct net_device *dev, | |
2c2aba6c | 311 | __u32 *hash_rnd) |
1da177e4 | 312 | { |
2c2aba6c | 313 | return ndisc_hashfn(pkey, dev, hash_rnd); |
1da177e4 LT |
314 | } |
315 | ||
60395a20 EB |
316 | static bool ndisc_key_eq(const struct neighbour *n, const void *pkey) |
317 | { | |
318 | return neigh_key_eq128(n, pkey); | |
319 | } | |
320 | ||
1da177e4 LT |
321 | static int ndisc_constructor(struct neighbour *neigh) |
322 | { | |
67ba4152 | 323 | struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key; |
1da177e4 LT |
324 | struct net_device *dev = neigh->dev; |
325 | struct inet6_dev *in6_dev; | |
326 | struct neigh_parms *parms; | |
a50feda5 | 327 | bool is_multicast = ipv6_addr_is_multicast(addr); |
1da177e4 | 328 | |
1da177e4 | 329 | in6_dev = in6_dev_get(dev); |
63159f29 | 330 | if (!in6_dev) { |
1da177e4 LT |
331 | return -EINVAL; |
332 | } | |
333 | ||
334 | parms = in6_dev->nd_parms; | |
335 | __neigh_parms_put(neigh->parms); | |
336 | neigh->parms = neigh_parms_clone(parms); | |
1da177e4 LT |
337 | |
338 | neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST; | |
3b04ddde | 339 | if (!dev->header_ops) { |
1da177e4 LT |
340 | neigh->nud_state = NUD_NOARP; |
341 | neigh->ops = &ndisc_direct_ops; | |
8f40b161 | 342 | neigh->output = neigh_direct_output; |
1da177e4 LT |
343 | } else { |
344 | if (is_multicast) { | |
345 | neigh->nud_state = NUD_NOARP; | |
346 | ndisc_mc_map(addr, neigh->ha, dev, 1); | |
347 | } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) { | |
348 | neigh->nud_state = NUD_NOARP; | |
349 | memcpy(neigh->ha, dev->dev_addr, dev->addr_len); | |
350 | if (dev->flags&IFF_LOOPBACK) | |
351 | neigh->type = RTN_LOCAL; | |
352 | } else if (dev->flags&IFF_POINTOPOINT) { | |
353 | neigh->nud_state = NUD_NOARP; | |
354 | memcpy(neigh->ha, dev->broadcast, dev->addr_len); | |
355 | } | |
3b04ddde | 356 | if (dev->header_ops->cache) |
1da177e4 LT |
357 | neigh->ops = &ndisc_hh_ops; |
358 | else | |
359 | neigh->ops = &ndisc_generic_ops; | |
360 | if (neigh->nud_state&NUD_VALID) | |
361 | neigh->output = neigh->ops->connected_output; | |
362 | else | |
363 | neigh->output = neigh->ops->output; | |
364 | } | |
365 | in6_dev_put(in6_dev); | |
366 | return 0; | |
367 | } | |
368 | ||
369 | static int pndisc_constructor(struct pneigh_entry *n) | |
370 | { | |
67ba4152 | 371 | struct in6_addr *addr = (struct in6_addr *)&n->key; |
1da177e4 LT |
372 | struct in6_addr maddr; |
373 | struct net_device *dev = n->dev; | |
374 | ||
63159f29 | 375 | if (!dev || !__in6_dev_get(dev)) |
1da177e4 LT |
376 | return -EINVAL; |
377 | addrconf_addr_solict_mult(addr, &maddr); | |
378 | ipv6_dev_mc_inc(dev, &maddr); | |
379 | return 0; | |
380 | } | |
381 | ||
382 | static void pndisc_destructor(struct pneigh_entry *n) | |
383 | { | |
67ba4152 | 384 | struct in6_addr *addr = (struct in6_addr *)&n->key; |
1da177e4 LT |
385 | struct in6_addr maddr; |
386 | struct net_device *dev = n->dev; | |
387 | ||
63159f29 | 388 | if (!dev || !__in6_dev_get(dev)) |
1da177e4 LT |
389 | return; |
390 | addrconf_addr_solict_mult(addr, &maddr); | |
391 | ipv6_dev_mc_dec(dev, &maddr); | |
392 | } | |
393 | ||
de09334b YH |
394 | static struct sk_buff *ndisc_alloc_skb(struct net_device *dev, |
395 | int len) | |
396 | { | |
397 | int hlen = LL_RESERVED_SPACE(dev); | |
398 | int tlen = dev->needed_tailroom; | |
399 | struct sock *sk = dev_net(dev)->ipv6.ndisc_sk; | |
400 | struct sk_buff *skb; | |
de09334b | 401 | |
25a6e6b8 | 402 | skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC); |
de09334b | 403 | if (!skb) { |
25a6e6b8 TG |
404 | ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n", |
405 | __func__); | |
de09334b YH |
406 | return NULL; |
407 | } | |
408 | ||
f382d03a YH |
409 | skb->protocol = htons(ETH_P_IPV6); |
410 | skb->dev = dev; | |
411 | ||
527a150f | 412 | skb_reserve(skb, hlen + sizeof(struct ipv6hdr)); |
5135e633 | 413 | skb_reset_transport_header(skb); |
de09334b | 414 | |
25a6e6b8 TG |
415 | /* Manually assign socket ownership as we avoid calling |
416 | * sock_alloc_send_pskb() to bypass wmem buffer limits | |
417 | */ | |
418 | skb_set_owner_w(skb, sk); | |
419 | ||
de09334b YH |
420 | return skb; |
421 | } | |
422 | ||
f382d03a | 423 | static void ip6_nd_hdr(struct sk_buff *skb, |
2576f17d YH |
424 | const struct in6_addr *saddr, |
425 | const struct in6_addr *daddr, | |
c8d6c380 | 426 | int hop_limit, int len) |
2576f17d YH |
427 | { |
428 | struct ipv6hdr *hdr; | |
429 | ||
527a150f | 430 | skb_push(skb, sizeof(*hdr)); |
2576f17d | 431 | skb_reset_network_header(skb); |
2576f17d YH |
432 | hdr = ipv6_hdr(skb); |
433 | ||
434 | ip6_flow_hdr(hdr, 0, 0); | |
435 | ||
436 | hdr->payload_len = htons(len); | |
c8d6c380 YH |
437 | hdr->nexthdr = IPPROTO_ICMPV6; |
438 | hdr->hop_limit = hop_limit; | |
2576f17d YH |
439 | |
440 | hdr->saddr = *saddr; | |
441 | hdr->daddr = *daddr; | |
442 | } | |
443 | ||
af9a9976 | 444 | static void ndisc_send_skb(struct sk_buff *skb, |
fd0ea7db | 445 | const struct in6_addr *daddr, |
aa4bdd4b | 446 | const struct in6_addr *saddr) |
305d552a | 447 | { |
f4de84c6 | 448 | struct dst_entry *dst = skb_dst(skb); |
af9a9976 | 449 | struct net *net = dev_net(skb->dev); |
7b3d9b06 | 450 | struct sock *sk = net->ipv6.ndisc_sk; |
305d552a BH |
451 | struct inet6_dev *idev; |
452 | int err; | |
aa4bdd4b | 453 | struct icmp6hdr *icmp6h = icmp6_hdr(skb); |
305d552a BH |
454 | u8 type; |
455 | ||
456 | type = icmp6h->icmp6_type; | |
457 | ||
f4de84c6 | 458 | if (!dst) { |
f4de84c6 | 459 | struct flowi6 fl6; |
e0d56fdd | 460 | int oif = skb->dev->ifindex; |
305d552a | 461 | |
ca254490 | 462 | icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif); |
f4de84c6 YH |
463 | dst = icmp6_dst_alloc(skb->dev, &fl6); |
464 | if (IS_ERR(dst)) { | |
465 | kfree_skb(skb); | |
466 | return; | |
467 | } | |
468 | ||
469 | skb_dst_set(skb, dst); | |
470 | } | |
e1ec7842 | 471 | |
7b3d9b06 YH |
472 | icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len, |
473 | IPPROTO_ICMPV6, | |
474 | csum_partial(icmp6h, | |
475 | skb->len, 0)); | |
476 | ||
477 | ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len); | |
478 | ||
cfdf7647 ED |
479 | rcu_read_lock(); |
480 | idev = __in6_dev_get(dst->dev); | |
edf391ff | 481 | IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len); |
e1ec7842 | 482 | |
29a26a56 EB |
483 | err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, |
484 | net, sk, skb, NULL, dst->dev, | |
13206b6b | 485 | dst_output); |
1da177e4 | 486 | if (!err) { |
5c5d244b | 487 | ICMP6MSGOUT_INC_STATS(net, idev, type); |
a862f6a6 | 488 | ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS); |
1da177e4 LT |
489 | } |
490 | ||
cfdf7647 | 491 | rcu_read_unlock(); |
1ab1457c | 492 | } |
1da177e4 | 493 | |
38cf595b | 494 | void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr, |
f564f45c CW |
495 | const struct in6_addr *solicited_addr, |
496 | bool router, bool solicited, bool override, bool inc_opt) | |
e1ec7842 | 497 | { |
b44b5f4a | 498 | struct sk_buff *skb; |
e1ec7842 YH |
499 | struct in6_addr tmpaddr; |
500 | struct inet6_ifaddr *ifp; | |
9acd9f3a | 501 | const struct in6_addr *src_addr; |
1cb3fe51 YH |
502 | struct nd_msg *msg; |
503 | int optlen = 0; | |
e1ec7842 YH |
504 | |
505 | /* for anycast or proxy, solicited_addr != src_addr */ | |
c346dca1 | 506 | ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1); |
e1ec7842 YH |
507 | if (ifp) { |
508 | src_addr = solicited_addr; | |
509 | if (ifp->flags & IFA_F_OPTIMISTIC) | |
f2f79cca | 510 | override = false; |
9f888160 | 511 | inc_opt |= ifp->idev->cnf.force_tllao; |
e1ec7842 YH |
512 | in6_ifa_put(ifp); |
513 | } else { | |
191cd582 | 514 | if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr, |
c346dca1 | 515 | inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs, |
7cbca67c | 516 | &tmpaddr)) |
e1ec7842 YH |
517 | return; |
518 | src_addr = &tmpaddr; | |
519 | } | |
520 | ||
1cb3fe51 YH |
521 | if (!dev->addr_len) |
522 | inc_opt = 0; | |
523 | if (inc_opt) | |
f997c55c AA |
524 | optlen += ndisc_opt_addr_space(dev, |
525 | NDISC_NEIGHBOUR_ADVERTISEMENT); | |
e1ec7842 | 526 | |
1cb3fe51 | 527 | skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen); |
b44b5f4a YH |
528 | if (!skb) |
529 | return; | |
530 | ||
4df864c1 | 531 | msg = skb_put(skb, sizeof(*msg)); |
1cb3fe51 YH |
532 | *msg = (struct nd_msg) { |
533 | .icmph = { | |
534 | .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT, | |
535 | .icmp6_router = router, | |
536 | .icmp6_solicited = solicited, | |
537 | .icmp6_override = override, | |
538 | }, | |
539 | .target = *solicited_addr, | |
540 | }; | |
541 | ||
542 | if (inc_opt) | |
543 | ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, | |
f997c55c AA |
544 | dev->dev_addr, |
545 | NDISC_NEIGHBOUR_ADVERTISEMENT); | |
1cb3fe51 | 546 | |
b44b5f4a | 547 | ndisc_send_skb(skb, daddr, src_addr); |
e1ec7842 YH |
548 | } |
549 | ||
f47b9464 BH |
550 | static void ndisc_send_unsol_na(struct net_device *dev) |
551 | { | |
552 | struct inet6_dev *idev; | |
553 | struct inet6_ifaddr *ifa; | |
f47b9464 BH |
554 | |
555 | idev = in6_dev_get(dev); | |
556 | if (!idev) | |
557 | return; | |
558 | ||
559 | read_lock_bh(&idev->lock); | |
560 | list_for_each_entry(ifa, &idev->addr_list, if_list) { | |
07ca93e3 DA |
561 | /* skip tentative addresses until dad completes */ |
562 | if (ifa->flags & IFA_F_TENTATIVE && | |
563 | !(ifa->flags & IFA_F_OPTIMISTIC)) | |
564 | continue; | |
565 | ||
38cf595b | 566 | ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr, |
f47b9464 BH |
567 | /*router=*/ !!idev->cnf.forwarding, |
568 | /*solicited=*/ false, /*override=*/ true, | |
569 | /*inc_opt=*/ true); | |
570 | } | |
571 | read_unlock_bh(&idev->lock); | |
572 | ||
573 | in6_dev_put(idev); | |
574 | } | |
575 | ||
38cf595b | 576 | void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit, |
adc176c5 EN |
577 | const struct in6_addr *daddr, const struct in6_addr *saddr, |
578 | u64 nonce) | |
1da177e4 | 579 | { |
b44b5f4a | 580 | struct sk_buff *skb; |
1da177e4 | 581 | struct in6_addr addr_buf; |
1cb3fe51 YH |
582 | int inc_opt = dev->addr_len; |
583 | int optlen = 0; | |
584 | struct nd_msg *msg; | |
1da177e4 | 585 | |
63159f29 | 586 | if (!saddr) { |
95c385b4 NH |
587 | if (ipv6_get_lladdr(dev, &addr_buf, |
588 | (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))) | |
1da177e4 LT |
589 | return; |
590 | saddr = &addr_buf; | |
591 | } | |
592 | ||
1cb3fe51 | 593 | if (ipv6_addr_any(saddr)) |
f2f79cca | 594 | inc_opt = false; |
1cb3fe51 | 595 | if (inc_opt) |
f997c55c AA |
596 | optlen += ndisc_opt_addr_space(dev, |
597 | NDISC_NEIGHBOUR_SOLICITATION); | |
adc176c5 EN |
598 | if (nonce != 0) |
599 | optlen += 8; | |
1cb3fe51 YH |
600 | |
601 | skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen); | |
b44b5f4a YH |
602 | if (!skb) |
603 | return; | |
604 | ||
4df864c1 | 605 | msg = skb_put(skb, sizeof(*msg)); |
1cb3fe51 YH |
606 | *msg = (struct nd_msg) { |
607 | .icmph = { | |
608 | .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION, | |
609 | }, | |
610 | .target = *solicit, | |
611 | }; | |
612 | ||
613 | if (inc_opt) | |
614 | ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR, | |
f997c55c AA |
615 | dev->dev_addr, |
616 | NDISC_NEIGHBOUR_SOLICITATION); | |
adc176c5 EN |
617 | if (nonce != 0) { |
618 | u8 *opt = skb_put(skb, 8); | |
619 | ||
620 | opt[0] = ND_OPT_NONCE; | |
621 | opt[1] = 8 >> 3; | |
622 | memcpy(opt + 2, &nonce, 6); | |
623 | } | |
1cb3fe51 | 624 | |
b44b5f4a | 625 | ndisc_send_skb(skb, daddr, saddr); |
1da177e4 LT |
626 | } |
627 | ||
9acd9f3a YH |
628 | void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr, |
629 | const struct in6_addr *daddr) | |
1da177e4 | 630 | { |
b44b5f4a | 631 | struct sk_buff *skb; |
1cb3fe51 | 632 | struct rs_msg *msg; |
95c385b4 | 633 | int send_sllao = dev->addr_len; |
1cb3fe51 | 634 | int optlen = 0; |
95c385b4 NH |
635 | |
636 | #ifdef CONFIG_IPV6_OPTIMISTIC_DAD | |
637 | /* | |
638 | * According to section 2.2 of RFC 4429, we must not | |
639 | * send router solicitations with a sllao from | |
640 | * optimistic addresses, but we may send the solicitation | |
641 | * if we don't include the sllao. So here we check | |
642 | * if our address is optimistic, and if so, we | |
bea85195 | 643 | * suppress the inclusion of the sllao. |
95c385b4 NH |
644 | */ |
645 | if (send_sllao) { | |
c346dca1 | 646 | struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr, |
1cab3da6 | 647 | dev, 1); |
95c385b4 NH |
648 | if (ifp) { |
649 | if (ifp->flags & IFA_F_OPTIMISTIC) { | |
ca043569 | 650 | send_sllao = 0; |
95c385b4 | 651 | } |
ca043569 | 652 | in6_ifa_put(ifp); |
95c385b4 NH |
653 | } else { |
654 | send_sllao = 0; | |
655 | } | |
656 | } | |
657 | #endif | |
1cb3fe51 | 658 | if (send_sllao) |
f997c55c | 659 | optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION); |
1cb3fe51 YH |
660 | |
661 | skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen); | |
b44b5f4a YH |
662 | if (!skb) |
663 | return; | |
664 | ||
4df864c1 | 665 | msg = skb_put(skb, sizeof(*msg)); |
1cb3fe51 YH |
666 | *msg = (struct rs_msg) { |
667 | .icmph = { | |
668 | .icmp6_type = NDISC_ROUTER_SOLICITATION, | |
669 | }, | |
670 | }; | |
671 | ||
672 | if (send_sllao) | |
673 | ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR, | |
f997c55c AA |
674 | dev->dev_addr, |
675 | NDISC_ROUTER_SOLICITATION); | |
1cb3fe51 | 676 | |
b44b5f4a | 677 | ndisc_send_skb(skb, daddr, saddr); |
1da177e4 | 678 | } |
1ab1457c | 679 | |
1da177e4 LT |
680 | |
681 | static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb) | |
682 | { | |
683 | /* | |
684 | * "The sender MUST return an ICMP | |
685 | * destination unreachable" | |
686 | */ | |
687 | dst_link_failure(skb); | |
688 | kfree_skb(skb); | |
689 | } | |
690 | ||
691 | /* Called with locked neigh: either read or both */ | |
692 | ||
693 | static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb) | |
694 | { | |
695 | struct in6_addr *saddr = NULL; | |
696 | struct in6_addr mcaddr; | |
697 | struct net_device *dev = neigh->dev; | |
698 | struct in6_addr *target = (struct in6_addr *)&neigh->primary_key; | |
699 | int probes = atomic_read(&neigh->probes); | |
700 | ||
c58da4c6 EK |
701 | if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr, |
702 | dev, 1, | |
703 | IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) | |
0660e03f | 704 | saddr = &ipv6_hdr(skb)->saddr; |
e5d08d71 IM |
705 | probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES); |
706 | if (probes < 0) { | |
1da177e4 | 707 | if (!(neigh->nud_state & NUD_VALID)) { |
675418d5 JP |
708 | ND_PRINTK(1, dbg, |
709 | "%s: trying to ucast probe in NUD_INVALID: %pI6\n", | |
710 | __func__, target); | |
1da177e4 | 711 | } |
adc176c5 | 712 | ndisc_send_ns(dev, target, target, saddr, 0); |
1f9248e5 | 713 | } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) { |
1da177e4 | 714 | neigh_app_ns(neigh); |
1da177e4 LT |
715 | } else { |
716 | addrconf_addr_solict_mult(target, &mcaddr); | |
adc176c5 | 717 | ndisc_send_ns(dev, target, &mcaddr, saddr, 0); |
1da177e4 LT |
718 | } |
719 | } | |
720 | ||
0736ffc0 YH |
721 | static int pndisc_is_router(const void *pkey, |
722 | struct net_device *dev) | |
fa86d322 PE |
723 | { |
724 | struct pneigh_entry *n; | |
0736ffc0 | 725 | int ret = -1; |
fa86d322 PE |
726 | |
727 | read_lock_bh(&nd_tbl.lock); | |
0736ffc0 YH |
728 | n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev); |
729 | if (n) | |
730 | ret = !!(n->flags & NTF_ROUTER); | |
fa86d322 PE |
731 | read_unlock_bh(&nd_tbl.lock); |
732 | ||
0736ffc0 | 733 | return ret; |
fa86d322 PE |
734 | } |
735 | ||
f997c55c AA |
736 | void ndisc_update(const struct net_device *dev, struct neighbour *neigh, |
737 | const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type, | |
738 | struct ndisc_options *ndopts) | |
739 | { | |
7b8f7a40 | 740 | neigh_update(neigh, lladdr, new, flags, 0); |
f997c55c AA |
741 | /* report ndisc ops about neighbour update */ |
742 | ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts); | |
743 | } | |
744 | ||
1da177e4 LT |
745 | static void ndisc_recv_ns(struct sk_buff *skb) |
746 | { | |
9c70220b | 747 | struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb); |
b71d1d42 ED |
748 | const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr; |
749 | const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr; | |
1da177e4 | 750 | u8 *lladdr = NULL; |
29a3cad5 | 751 | u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) + |
27a884dc | 752 | offsetof(struct nd_msg, opt)); |
1da177e4 LT |
753 | struct ndisc_options ndopts; |
754 | struct net_device *dev = skb->dev; | |
755 | struct inet6_ifaddr *ifp; | |
756 | struct inet6_dev *idev = NULL; | |
757 | struct neighbour *neigh; | |
758 | int dad = ipv6_addr_any(saddr); | |
a50feda5 | 759 | bool inc; |
0736ffc0 | 760 | int is_router = -1; |
adc176c5 | 761 | u64 nonce = 0; |
1da177e4 | 762 | |
115b0aa6 YH |
763 | if (skb->len < sizeof(struct nd_msg)) { |
764 | ND_PRINTK(2, warn, "NS: packet too short\n"); | |
765 | return; | |
766 | } | |
767 | ||
1da177e4 | 768 | if (ipv6_addr_is_multicast(&msg->target)) { |
675418d5 | 769 | ND_PRINTK(2, warn, "NS: multicast target address\n"); |
1da177e4 LT |
770 | return; |
771 | } | |
772 | ||
773 | /* | |
774 | * RFC2461 7.1.1: | |
775 | * DAD has to be destined for solicited node multicast address. | |
776 | */ | |
ca97a644 | 777 | if (dad && !ipv6_addr_is_solict_mult(daddr)) { |
675418d5 | 778 | ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n"); |
1da177e4 LT |
779 | return; |
780 | } | |
781 | ||
f997c55c | 782 | if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) { |
675418d5 | 783 | ND_PRINTK(2, warn, "NS: invalid ND options\n"); |
1da177e4 LT |
784 | return; |
785 | } | |
786 | ||
787 | if (ndopts.nd_opts_src_lladdr) { | |
788 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev); | |
789 | if (!lladdr) { | |
675418d5 JP |
790 | ND_PRINTK(2, warn, |
791 | "NS: invalid link-layer address length\n"); | |
1da177e4 LT |
792 | return; |
793 | } | |
794 | ||
795 | /* RFC2461 7.1.1: | |
1ab1457c YH |
796 | * If the IP source address is the unspecified address, |
797 | * there MUST NOT be source link-layer address option | |
1da177e4 LT |
798 | * in the message. |
799 | */ | |
800 | if (dad) { | |
675418d5 JP |
801 | ND_PRINTK(2, warn, |
802 | "NS: bad DAD packet (link-layer address option)\n"); | |
1da177e4 LT |
803 | return; |
804 | } | |
805 | } | |
adc176c5 EN |
806 | if (ndopts.nd_opts_nonce) |
807 | memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6); | |
1da177e4 LT |
808 | |
809 | inc = ipv6_addr_is_multicast(daddr); | |
810 | ||
c346dca1 | 811 | ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1); |
a18bc695 | 812 | if (ifp) { |
ca254490 | 813 | have_ifp: |
95c385b4 NH |
814 | if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) { |
815 | if (dad) { | |
adc176c5 EN |
816 | if (nonce != 0 && ifp->dad_nonce == nonce) { |
817 | u8 *np = (u8 *)&nonce; | |
818 | /* Matching nonce if looped back */ | |
819 | ND_PRINTK(2, notice, | |
820 | "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n", | |
821 | ifp->idev->dev->name, | |
822 | &ifp->addr, np); | |
823 | goto out; | |
824 | } | |
95c385b4 NH |
825 | /* |
826 | * We are colliding with another node | |
827 | * who is doing DAD | |
828 | * so fail our DAD process | |
829 | */ | |
830 | addrconf_dad_failure(ifp); | |
9e3be4b3 | 831 | return; |
95c385b4 NH |
832 | } else { |
833 | /* | |
834 | * This is not a dad solicitation. | |
835 | * If we are an optimistic node, | |
836 | * we should respond. | |
837 | * Otherwise, we should ignore it. | |
838 | */ | |
839 | if (!(ifp->flags & IFA_F_OPTIMISTIC)) | |
1da177e4 | 840 | goto out; |
1da177e4 | 841 | } |
1da177e4 LT |
842 | } |
843 | ||
844 | idev = ifp->idev; | |
845 | } else { | |
53b7997f YH |
846 | struct net *net = dev_net(dev); |
847 | ||
ca254490 DA |
848 | /* perhaps an address on the master device */ |
849 | if (netif_is_l3_slave(dev)) { | |
850 | struct net_device *mdev; | |
851 | ||
852 | mdev = netdev_master_upper_dev_get_rcu(dev); | |
853 | if (mdev) { | |
854 | ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1); | |
855 | if (ifp) | |
856 | goto have_ifp; | |
857 | } | |
858 | } | |
859 | ||
1da177e4 LT |
860 | idev = in6_dev_get(dev); |
861 | if (!idev) { | |
862 | /* XXX: count this drop? */ | |
863 | return; | |
864 | } | |
865 | ||
53b7997f | 866 | if (ipv6_chk_acast_addr(net, dev, &msg->target) || |
1ab1457c | 867 | (idev->cnf.forwarding && |
53b7997f | 868 | (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) && |
0736ffc0 | 869 | (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) { |
a61bbcf2 | 870 | if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) && |
1da177e4 | 871 | skb->pkt_type != PACKET_HOST && |
f2f79cca | 872 | inc && |
1f9248e5 | 873 | NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) { |
1da177e4 LT |
874 | /* |
875 | * for anycast or proxy, | |
1ab1457c YH |
876 | * sender should delay its response |
877 | * by a random time between 0 and | |
1da177e4 LT |
878 | * MAX_ANYCAST_DELAY_TIME seconds. |
879 | * (RFC2461) -- yoshfuji | |
880 | */ | |
881 | struct sk_buff *n = skb_clone(skb, GFP_ATOMIC); | |
882 | if (n) | |
883 | pneigh_enqueue(&nd_tbl, idev->nd_parms, n); | |
884 | goto out; | |
885 | } | |
886 | } else | |
887 | goto out; | |
888 | } | |
889 | ||
0736ffc0 | 890 | if (is_router < 0) |
fb568637 | 891 | is_router = idev->cnf.forwarding; |
62dd9318 | 892 | |
1da177e4 | 893 | if (dad) { |
38cf595b | 894 | ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target, |
fb568637 | 895 | !!is_router, false, (ifp != NULL), true); |
1da177e4 LT |
896 | goto out; |
897 | } | |
898 | ||
899 | if (inc) | |
900 | NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast); | |
901 | else | |
902 | NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast); | |
903 | ||
1ab1457c | 904 | /* |
1da177e4 LT |
905 | * update / create cache entry |
906 | * for the source address | |
907 | */ | |
908 | neigh = __neigh_lookup(&nd_tbl, saddr, dev, | |
909 | !inc || lladdr || !dev->addr_len); | |
910 | if (neigh) | |
f997c55c | 911 | ndisc_update(dev, neigh, lladdr, NUD_STALE, |
1da177e4 | 912 | NEIGH_UPDATE_F_WEAK_OVERRIDE| |
f997c55c AA |
913 | NEIGH_UPDATE_F_OVERRIDE, |
914 | NDISC_NEIGHBOUR_SOLICITATION, &ndopts); | |
3b04ddde | 915 | if (neigh || !dev->header_ops) { |
38cf595b | 916 | ndisc_send_na(dev, saddr, &msg->target, !!is_router, |
fb568637 | 917 | true, (ifp != NULL && inc), inc); |
1da177e4 LT |
918 | if (neigh) |
919 | neigh_release(neigh); | |
920 | } | |
921 | ||
922 | out: | |
923 | if (ifp) | |
924 | in6_ifa_put(ifp); | |
925 | else | |
926 | in6_dev_put(idev); | |
1da177e4 LT |
927 | } |
928 | ||
929 | static void ndisc_recv_na(struct sk_buff *skb) | |
930 | { | |
9c70220b | 931 | struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb); |
be7a010d | 932 | struct in6_addr *saddr = &ipv6_hdr(skb)->saddr; |
b71d1d42 | 933 | const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr; |
1da177e4 | 934 | u8 *lladdr = NULL; |
29a3cad5 | 935 | u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) + |
27a884dc | 936 | offsetof(struct nd_msg, opt)); |
1da177e4 LT |
937 | struct ndisc_options ndopts; |
938 | struct net_device *dev = skb->dev; | |
7a02bf89 | 939 | struct inet6_dev *idev = __in6_dev_get(dev); |
1da177e4 LT |
940 | struct inet6_ifaddr *ifp; |
941 | struct neighbour *neigh; | |
942 | ||
943 | if (skb->len < sizeof(struct nd_msg)) { | |
675418d5 | 944 | ND_PRINTK(2, warn, "NA: packet too short\n"); |
1da177e4 LT |
945 | return; |
946 | } | |
947 | ||
948 | if (ipv6_addr_is_multicast(&msg->target)) { | |
675418d5 | 949 | ND_PRINTK(2, warn, "NA: target address is multicast\n"); |
1da177e4 LT |
950 | return; |
951 | } | |
952 | ||
953 | if (ipv6_addr_is_multicast(daddr) && | |
954 | msg->icmph.icmp6_solicited) { | |
675418d5 | 955 | ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n"); |
1da177e4 LT |
956 | return; |
957 | } | |
1ab1457c | 958 | |
7a02bf89 JB |
959 | /* For some 802.11 wireless deployments (and possibly other networks), |
960 | * there will be a NA proxy and unsolicitd packets are attacks | |
961 | * and thus should not be accepted. | |
962 | */ | |
963 | if (!msg->icmph.icmp6_solicited && idev && | |
964 | idev->cnf.drop_unsolicited_na) | |
965 | return; | |
966 | ||
f997c55c | 967 | if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) { |
675418d5 | 968 | ND_PRINTK(2, warn, "NS: invalid ND option\n"); |
1da177e4 LT |
969 | return; |
970 | } | |
971 | if (ndopts.nd_opts_tgt_lladdr) { | |
972 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev); | |
973 | if (!lladdr) { | |
675418d5 JP |
974 | ND_PRINTK(2, warn, |
975 | "NA: invalid link-layer address length\n"); | |
1da177e4 LT |
976 | return; |
977 | } | |
978 | } | |
c346dca1 | 979 | ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1); |
a18bc695 | 980 | if (ifp) { |
bd015928 DW |
981 | if (skb->pkt_type != PACKET_LOOPBACK |
982 | && (ifp->flags & IFA_F_TENTATIVE)) { | |
983 | addrconf_dad_failure(ifp); | |
984 | return; | |
1da177e4 LT |
985 | } |
986 | /* What should we make now? The advertisement | |
987 | is invalid, but ndisc specs say nothing | |
988 | about it. It could be misconfiguration, or | |
989 | an smart proxy agent tries to help us :-) | |
24fc7b86 JS |
990 | |
991 | We should not print the error if NA has been | |
992 | received from loopback - it is just our own | |
993 | unsolicited advertisement. | |
1da177e4 | 994 | */ |
24fc7b86 | 995 | if (skb->pkt_type != PACKET_LOOPBACK) |
675418d5 JP |
996 | ND_PRINTK(1, warn, |
997 | "NA: someone advertises our address %pI6 on %s!\n", | |
998 | &ifp->addr, ifp->idev->dev->name); | |
1da177e4 LT |
999 | in6_ifa_put(ifp); |
1000 | return; | |
1001 | } | |
1002 | neigh = neigh_lookup(&nd_tbl, &msg->target, dev); | |
1003 | ||
1004 | if (neigh) { | |
1005 | u8 old_flags = neigh->flags; | |
53b7997f | 1006 | struct net *net = dev_net(dev); |
1da177e4 LT |
1007 | |
1008 | if (neigh->nud_state & NUD_FAILED) | |
1009 | goto out; | |
1010 | ||
5f3e6e9e VN |
1011 | /* |
1012 | * Don't update the neighbor cache entry on a proxy NA from | |
1013 | * ourselves because either the proxied node is off link or it | |
1014 | * has already sent a NA to us. | |
1015 | */ | |
1016 | if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) && | |
53b7997f YH |
1017 | net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp && |
1018 | pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) { | |
b20b6d97 | 1019 | /* XXX: idev->cnf.proxy_ndp */ |
5f3e6e9e | 1020 | goto out; |
fbea49e1 | 1021 | } |
5f3e6e9e | 1022 | |
f997c55c | 1023 | ndisc_update(dev, neigh, lladdr, |
1da177e4 LT |
1024 | msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE, |
1025 | NEIGH_UPDATE_F_WEAK_OVERRIDE| | |
1026 | (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)| | |
1027 | NEIGH_UPDATE_F_OVERRIDE_ISROUTER| | |
f997c55c AA |
1028 | (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0), |
1029 | NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts); | |
1da177e4 LT |
1030 | |
1031 | if ((old_flags & ~neigh->flags) & NTF_ROUTER) { | |
1032 | /* | |
1033 | * Change: router to host | |
1034 | */ | |
be7a010d | 1035 | rt6_clean_tohost(dev_net(dev), saddr); |
1da177e4 LT |
1036 | } |
1037 | ||
1038 | out: | |
1039 | neigh_release(neigh); | |
1040 | } | |
1041 | } | |
1042 | ||
1043 | static void ndisc_recv_rs(struct sk_buff *skb) | |
1044 | { | |
9c70220b | 1045 | struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb); |
1da177e4 LT |
1046 | unsigned long ndoptlen = skb->len - sizeof(*rs_msg); |
1047 | struct neighbour *neigh; | |
1048 | struct inet6_dev *idev; | |
b71d1d42 | 1049 | const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr; |
1da177e4 LT |
1050 | struct ndisc_options ndopts; |
1051 | u8 *lladdr = NULL; | |
1052 | ||
1053 | if (skb->len < sizeof(*rs_msg)) | |
1054 | return; | |
1055 | ||
cfdf7647 | 1056 | idev = __in6_dev_get(skb->dev); |
1da177e4 | 1057 | if (!idev) { |
675418d5 | 1058 | ND_PRINTK(1, err, "RS: can't find in6 device\n"); |
1da177e4 LT |
1059 | return; |
1060 | } | |
1061 | ||
1062 | /* Don't accept RS if we're not in router mode */ | |
1063 | if (!idev->cnf.forwarding) | |
1064 | goto out; | |
1065 | ||
1066 | /* | |
1067 | * Don't update NCE if src = ::; | |
1068 | * this implies that the source node has no ip address assigned yet. | |
1069 | */ | |
1070 | if (ipv6_addr_any(saddr)) | |
1071 | goto out; | |
1072 | ||
1073 | /* Parse ND options */ | |
f997c55c | 1074 | if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) { |
675418d5 | 1075 | ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n"); |
1da177e4 LT |
1076 | goto out; |
1077 | } | |
1078 | ||
1079 | if (ndopts.nd_opts_src_lladdr) { | |
1080 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, | |
1081 | skb->dev); | |
1082 | if (!lladdr) | |
1083 | goto out; | |
1084 | } | |
1085 | ||
1086 | neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1); | |
1087 | if (neigh) { | |
f997c55c | 1088 | ndisc_update(skb->dev, neigh, lladdr, NUD_STALE, |
1da177e4 LT |
1089 | NEIGH_UPDATE_F_WEAK_OVERRIDE| |
1090 | NEIGH_UPDATE_F_OVERRIDE| | |
f997c55c AA |
1091 | NEIGH_UPDATE_F_OVERRIDE_ISROUTER, |
1092 | NDISC_ROUTER_SOLICITATION, &ndopts); | |
1da177e4 LT |
1093 | neigh_release(neigh); |
1094 | } | |
1095 | out: | |
cfdf7647 | 1096 | return; |
1da177e4 LT |
1097 | } |
1098 | ||
31910575 PY |
1099 | static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt) |
1100 | { | |
1101 | struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra); | |
1102 | struct sk_buff *skb; | |
1103 | struct nlmsghdr *nlh; | |
1104 | struct nduseroptmsg *ndmsg; | |
c346dca1 | 1105 | struct net *net = dev_net(ra->dev); |
31910575 PY |
1106 | int err; |
1107 | int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg) | |
1108 | + (opt->nd_opt_len << 3)); | |
1109 | size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr)); | |
1110 | ||
1111 | skb = nlmsg_new(msg_size, GFP_ATOMIC); | |
63159f29 | 1112 | if (!skb) { |
31910575 PY |
1113 | err = -ENOBUFS; |
1114 | goto errout; | |
1115 | } | |
1116 | ||
1117 | nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0); | |
63159f29 | 1118 | if (!nlh) { |
31910575 PY |
1119 | goto nla_put_failure; |
1120 | } | |
1121 | ||
1122 | ndmsg = nlmsg_data(nlh); | |
1123 | ndmsg->nduseropt_family = AF_INET6; | |
dbb2ed24 | 1124 | ndmsg->nduseropt_ifindex = ra->dev->ifindex; |
31910575 PY |
1125 | ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type; |
1126 | ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code; | |
1127 | ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3; | |
1128 | ||
1129 | memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3); | |
1130 | ||
930345ea | 1131 | if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr)) |
c78679e8 | 1132 | goto nla_put_failure; |
31910575 PY |
1133 | nlmsg_end(skb, nlh); |
1134 | ||
1ce85fe4 | 1135 | rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC); |
31910575 PY |
1136 | return; |
1137 | ||
1138 | nla_put_failure: | |
1139 | nlmsg_free(skb); | |
1140 | err = -EMSGSIZE; | |
1141 | errout: | |
a18bc695 | 1142 | rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err); |
31910575 PY |
1143 | } |
1144 | ||
1da177e4 LT |
1145 | static void ndisc_router_discovery(struct sk_buff *skb) |
1146 | { | |
9c70220b | 1147 | struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb); |
1da177e4 LT |
1148 | struct neighbour *neigh = NULL; |
1149 | struct inet6_dev *in6_dev; | |
65f5c7c1 | 1150 | struct rt6_info *rt = NULL; |
1da177e4 LT |
1151 | int lifetime; |
1152 | struct ndisc_options ndopts; | |
1153 | int optlen; | |
ebacaaa0 | 1154 | unsigned int pref = 0; |
a394eef5 | 1155 | __u32 old_if_flags; |
2053aeb6 | 1156 | bool send_ifinfo_notify = false; |
1da177e4 | 1157 | |
67ba4152 | 1158 | __u8 *opt = (__u8 *)(ra_msg + 1); |
1da177e4 | 1159 | |
29a3cad5 SH |
1160 | optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) - |
1161 | sizeof(struct ra_msg); | |
1da177e4 | 1162 | |
f2a762d8 BG |
1163 | ND_PRINTK(2, info, |
1164 | "RA: %s, dev: %s\n", | |
1165 | __func__, skb->dev->name); | |
0660e03f | 1166 | if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) { |
675418d5 | 1167 | ND_PRINTK(2, warn, "RA: source address is not link-local\n"); |
1da177e4 LT |
1168 | return; |
1169 | } | |
1170 | if (optlen < 0) { | |
675418d5 | 1171 | ND_PRINTK(2, warn, "RA: packet too short\n"); |
1da177e4 LT |
1172 | return; |
1173 | } | |
1174 | ||
de357cc0 | 1175 | #ifdef CONFIG_IPV6_NDISC_NODETYPE |
fadf6bf0 | 1176 | if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) { |
675418d5 | 1177 | ND_PRINTK(2, warn, "RA: from host or unauthorized router\n"); |
fadf6bf0 TF |
1178 | return; |
1179 | } | |
de357cc0 | 1180 | #endif |
fadf6bf0 | 1181 | |
1da177e4 LT |
1182 | /* |
1183 | * set the RA_RECV flag in the interface | |
1184 | */ | |
1185 | ||
cfdf7647 | 1186 | in6_dev = __in6_dev_get(skb->dev); |
63159f29 | 1187 | if (!in6_dev) { |
675418d5 JP |
1188 | ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n", |
1189 | skb->dev->name); | |
1da177e4 LT |
1190 | return; |
1191 | } | |
1da177e4 | 1192 | |
f997c55c | 1193 | if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) { |
675418d5 | 1194 | ND_PRINTK(2, warn, "RA: invalid ND options\n"); |
1da177e4 LT |
1195 | return; |
1196 | } | |
1197 | ||
f2a762d8 BG |
1198 | if (!ipv6_accept_ra(in6_dev)) { |
1199 | ND_PRINTK(2, info, | |
1200 | "RA: %s, did not accept ra for dev: %s\n", | |
1201 | __func__, skb->dev->name); | |
31ce8c71 | 1202 | goto skip_linkparms; |
f2a762d8 | 1203 | } |
31ce8c71 | 1204 | |
de357cc0 | 1205 | #ifdef CONFIG_IPV6_NDISC_NODETYPE |
fadf6bf0 | 1206 | /* skip link-specific parameters from interior routers */ |
f2a762d8 BG |
1207 | if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) { |
1208 | ND_PRINTK(2, info, | |
1209 | "RA: %s, nodetype is NODEFAULT, dev: %s\n", | |
1210 | __func__, skb->dev->name); | |
fadf6bf0 | 1211 | goto skip_linkparms; |
f2a762d8 | 1212 | } |
de357cc0 | 1213 | #endif |
fadf6bf0 | 1214 | |
1da177e4 LT |
1215 | if (in6_dev->if_flags & IF_RS_SENT) { |
1216 | /* | |
1217 | * flag that an RA was received after an RS was sent | |
1218 | * out on this interface. | |
1219 | */ | |
1220 | in6_dev->if_flags |= IF_RA_RCVD; | |
1221 | } | |
1222 | ||
1223 | /* | |
1224 | * Remember the managed/otherconf flags from most recently | |
1225 | * received RA message (RFC 2462) -- yoshfuji | |
1226 | */ | |
a394eef5 | 1227 | old_if_flags = in6_dev->if_flags; |
1da177e4 LT |
1228 | in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED | |
1229 | IF_RA_OTHERCONF)) | | |
1230 | (ra_msg->icmph.icmp6_addrconf_managed ? | |
1231 | IF_RA_MANAGED : 0) | | |
1232 | (ra_msg->icmph.icmp6_addrconf_other ? | |
1233 | IF_RA_OTHERCONF : 0); | |
1234 | ||
a394eef5 | 1235 | if (old_if_flags != in6_dev->if_flags) |
2053aeb6 | 1236 | send_ifinfo_notify = true; |
a394eef5 | 1237 | |
f2a762d8 BG |
1238 | if (!in6_dev->cnf.accept_ra_defrtr) { |
1239 | ND_PRINTK(2, info, | |
1240 | "RA: %s, defrtr is false for dev: %s\n", | |
1241 | __func__, skb->dev->name); | |
65f5c7c1 | 1242 | goto skip_defrtr; |
f2a762d8 | 1243 | } |
65f5c7c1 | 1244 | |
d9333196 BG |
1245 | /* Do not accept RA with source-addr found on local machine unless |
1246 | * accept_ra_from_local is set to true. | |
1247 | */ | |
b6428817 LR |
1248 | if (!in6_dev->cnf.accept_ra_from_local && |
1249 | ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, | |
c1a9a291 | 1250 | in6_dev->dev, 0)) { |
f2a762d8 | 1251 | ND_PRINTK(2, info, |
d9333196 BG |
1252 | "RA from local address detected on dev: %s: default router ignored\n", |
1253 | skb->dev->name); | |
9f56220f | 1254 | goto skip_defrtr; |
f2a762d8 | 1255 | } |
9f56220f | 1256 | |
1da177e4 LT |
1257 | lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime); |
1258 | ||
ebacaaa0 YH |
1259 | #ifdef CONFIG_IPV6_ROUTER_PREF |
1260 | pref = ra_msg->icmph.icmp6_router_pref; | |
1261 | /* 10b is handled as if it were 00b (medium) */ | |
930d6ff2 | 1262 | if (pref == ICMPV6_ROUTER_PREF_INVALID || |
6d5b78cd | 1263 | !in6_dev->cnf.accept_ra_rtr_pref) |
ebacaaa0 YH |
1264 | pref = ICMPV6_ROUTER_PREF_MEDIUM; |
1265 | #endif | |
1266 | ||
0660e03f | 1267 | rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev); |
1da177e4 | 1268 | |
eb857186 DM |
1269 | if (rt) { |
1270 | neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr); | |
1271 | if (!neigh) { | |
675418d5 JP |
1272 | ND_PRINTK(0, err, |
1273 | "RA: %s got default router without neighbour\n", | |
1274 | __func__); | |
94e187c0 | 1275 | ip6_rt_put(rt); |
eb857186 DM |
1276 | return; |
1277 | } | |
1278 | } | |
1da177e4 | 1279 | if (rt && lifetime == 0) { |
e0a1ad73 | 1280 | ip6_del_rt(rt); |
1da177e4 LT |
1281 | rt = NULL; |
1282 | } | |
1283 | ||
f2a762d8 BG |
1284 | ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n", |
1285 | rt, lifetime, skb->dev->name); | |
63159f29 | 1286 | if (!rt && lifetime) { |
f2a762d8 | 1287 | ND_PRINTK(3, info, "RA: adding default router\n"); |
1da177e4 | 1288 | |
0660e03f | 1289 | rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref); |
63159f29 | 1290 | if (!rt) { |
675418d5 JP |
1291 | ND_PRINTK(0, err, |
1292 | "RA: %s failed to add default route\n", | |
1293 | __func__); | |
1da177e4 LT |
1294 | return; |
1295 | } | |
1296 | ||
eb857186 | 1297 | neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr); |
63159f29 | 1298 | if (!neigh) { |
675418d5 JP |
1299 | ND_PRINTK(0, err, |
1300 | "RA: %s got default router without neighbour\n", | |
1301 | __func__); | |
94e187c0 | 1302 | ip6_rt_put(rt); |
1da177e4 LT |
1303 | return; |
1304 | } | |
1305 | neigh->flags |= NTF_ROUTER; | |
ebacaaa0 | 1306 | } else if (rt) { |
22441cfa | 1307 | rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); |
1da177e4 LT |
1308 | } |
1309 | ||
1310 | if (rt) | |
1716a961 | 1311 | rt6_set_expires(rt, jiffies + (HZ * lifetime)); |
8013d1d7 HL |
1312 | if (in6_dev->cnf.accept_ra_min_hop_limit < 256 && |
1313 | ra_msg->icmph.icmp6_hop_limit) { | |
1314 | if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) { | |
6fd99094 | 1315 | in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit; |
8013d1d7 HL |
1316 | if (rt) |
1317 | dst_metric_set(&rt->dst, RTAX_HOPLIMIT, | |
1318 | ra_msg->icmph.icmp6_hop_limit); | |
6fd99094 | 1319 | } else { |
8013d1d7 | 1320 | ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n"); |
6fd99094 | 1321 | } |
1da177e4 LT |
1322 | } |
1323 | ||
65f5c7c1 YH |
1324 | skip_defrtr: |
1325 | ||
1da177e4 LT |
1326 | /* |
1327 | * Update Reachable Time and Retrans Timer | |
1328 | */ | |
1329 | ||
1330 | if (in6_dev->nd_parms) { | |
1331 | unsigned long rtime = ntohl(ra_msg->retrans_timer); | |
1332 | ||
1333 | if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) { | |
1334 | rtime = (rtime*HZ)/1000; | |
1335 | if (rtime < HZ/10) | |
1336 | rtime = HZ/10; | |
1f9248e5 | 1337 | NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime); |
1da177e4 | 1338 | in6_dev->tstamp = jiffies; |
2053aeb6 | 1339 | send_ifinfo_notify = true; |
1da177e4 LT |
1340 | } |
1341 | ||
1342 | rtime = ntohl(ra_msg->reachable_time); | |
1343 | if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) { | |
1344 | rtime = (rtime*HZ)/1000; | |
1345 | ||
1346 | if (rtime < HZ/10) | |
1347 | rtime = HZ/10; | |
1348 | ||
1f9248e5 JP |
1349 | if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) { |
1350 | NEIGH_VAR_SET(in6_dev->nd_parms, | |
1351 | BASE_REACHABLE_TIME, rtime); | |
1352 | NEIGH_VAR_SET(in6_dev->nd_parms, | |
1353 | GC_STALETIME, 3 * rtime); | |
1da177e4 LT |
1354 | in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime); |
1355 | in6_dev->tstamp = jiffies; | |
2053aeb6 | 1356 | send_ifinfo_notify = true; |
1da177e4 LT |
1357 | } |
1358 | } | |
1359 | } | |
1360 | ||
2053aeb6 MT |
1361 | /* |
1362 | * Send a notify if RA changed managed/otherconf flags or timer settings | |
1363 | */ | |
1364 | if (send_ifinfo_notify) | |
1365 | inet6_ifinfo_notify(RTM_NEWLINK, in6_dev); | |
1366 | ||
fadf6bf0 TF |
1367 | skip_linkparms: |
1368 | ||
1da177e4 LT |
1369 | /* |
1370 | * Process options. | |
1371 | */ | |
1372 | ||
1373 | if (!neigh) | |
0660e03f | 1374 | neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr, |
1da177e4 LT |
1375 | skb->dev, 1); |
1376 | if (neigh) { | |
1377 | u8 *lladdr = NULL; | |
1378 | if (ndopts.nd_opts_src_lladdr) { | |
1379 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, | |
1380 | skb->dev); | |
1381 | if (!lladdr) { | |
675418d5 JP |
1382 | ND_PRINTK(2, warn, |
1383 | "RA: invalid link-layer address length\n"); | |
1da177e4 LT |
1384 | goto out; |
1385 | } | |
1386 | } | |
f997c55c | 1387 | ndisc_update(skb->dev, neigh, lladdr, NUD_STALE, |
1da177e4 LT |
1388 | NEIGH_UPDATE_F_WEAK_OVERRIDE| |
1389 | NEIGH_UPDATE_F_OVERRIDE| | |
1390 | NEIGH_UPDATE_F_OVERRIDE_ISROUTER| | |
f997c55c AA |
1391 | NEIGH_UPDATE_F_ISROUTER, |
1392 | NDISC_ROUTER_ADVERTISEMENT, &ndopts); | |
1da177e4 LT |
1393 | } |
1394 | ||
f2a762d8 BG |
1395 | if (!ipv6_accept_ra(in6_dev)) { |
1396 | ND_PRINTK(2, info, | |
1397 | "RA: %s, accept_ra is false for dev: %s\n", | |
1398 | __func__, skb->dev->name); | |
31ce8c71 | 1399 | goto out; |
f2a762d8 | 1400 | } |
31ce8c71 | 1401 | |
70ceb4f5 | 1402 | #ifdef CONFIG_IPV6_ROUTE_INFO |
b6428817 LR |
1403 | if (!in6_dev->cnf.accept_ra_from_local && |
1404 | ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, | |
c1a9a291 | 1405 | in6_dev->dev, 0)) { |
f2a762d8 | 1406 | ND_PRINTK(2, info, |
d9333196 BG |
1407 | "RA from local address detected on dev: %s: router info ignored.\n", |
1408 | skb->dev->name); | |
9f56220f | 1409 | goto skip_routeinfo; |
f2a762d8 | 1410 | } |
9f56220f | 1411 | |
09c884d4 | 1412 | if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) { |
70ceb4f5 YH |
1413 | struct nd_opt_hdr *p; |
1414 | for (p = ndopts.nd_opts_ri; | |
1415 | p; | |
1416 | p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) { | |
6294e000 YH |
1417 | struct route_info *ri = (struct route_info *)p; |
1418 | #ifdef CONFIG_IPV6_NDISC_NODETYPE | |
1419 | if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT && | |
1420 | ri->prefix_len == 0) | |
1421 | continue; | |
1422 | #endif | |
30e56918 DJ |
1423 | if (ri->prefix_len == 0 && |
1424 | !in6_dev->cnf.accept_ra_defrtr) | |
1425 | continue; | |
bbea124b JS |
1426 | if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen) |
1427 | continue; | |
6294e000 | 1428 | if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen) |
09c884d4 | 1429 | continue; |
67ba4152 | 1430 | rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3, |
0660e03f | 1431 | &ipv6_hdr(skb)->saddr); |
70ceb4f5 YH |
1432 | } |
1433 | } | |
9f56220f AH |
1434 | |
1435 | skip_routeinfo: | |
70ceb4f5 YH |
1436 | #endif |
1437 | ||
de357cc0 | 1438 | #ifdef CONFIG_IPV6_NDISC_NODETYPE |
fadf6bf0 | 1439 | /* skip link-specific ndopts from interior routers */ |
f2a762d8 BG |
1440 | if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) { |
1441 | ND_PRINTK(2, info, | |
1442 | "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n", | |
1443 | __func__, skb->dev->name); | |
fadf6bf0 | 1444 | goto out; |
f2a762d8 | 1445 | } |
de357cc0 | 1446 | #endif |
fadf6bf0 | 1447 | |
c4fd30eb | 1448 | if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) { |
1da177e4 LT |
1449 | struct nd_opt_hdr *p; |
1450 | for (p = ndopts.nd_opts_pi; | |
1451 | p; | |
1452 | p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) { | |
e6bff995 NH |
1453 | addrconf_prefix_rcv(skb->dev, (u8 *)p, |
1454 | (p->nd_opt_len) << 3, | |
1455 | ndopts.nd_opts_src_lladdr != NULL); | |
1da177e4 LT |
1456 | } |
1457 | } | |
1458 | ||
c2943f14 | 1459 | if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) { |
e69a4adc | 1460 | __be32 n; |
1da177e4 LT |
1461 | u32 mtu; |
1462 | ||
67ba4152 | 1463 | memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu)); |
e69a4adc | 1464 | mtu = ntohl(n); |
1da177e4 LT |
1465 | |
1466 | if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) { | |
675418d5 | 1467 | ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu); |
1da177e4 LT |
1468 | } else if (in6_dev->cnf.mtu6 != mtu) { |
1469 | in6_dev->cnf.mtu6 = mtu; | |
1470 | ||
1471 | if (rt) | |
defb3519 | 1472 | dst_metric_set(&rt->dst, RTAX_MTU, mtu); |
1da177e4 LT |
1473 | |
1474 | rt6_mtu_change(skb->dev, mtu); | |
1475 | } | |
1476 | } | |
1ab1457c | 1477 | |
31910575 | 1478 | if (ndopts.nd_useropts) { |
61cf46ad YH |
1479 | struct nd_opt_hdr *p; |
1480 | for (p = ndopts.nd_useropts; | |
1481 | p; | |
f997c55c AA |
1482 | p = ndisc_next_useropt(skb->dev, p, |
1483 | ndopts.nd_useropts_end)) { | |
61cf46ad | 1484 | ndisc_ra_useropt(skb, p); |
31910575 PY |
1485 | } |
1486 | } | |
1487 | ||
1da177e4 | 1488 | if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) { |
675418d5 | 1489 | ND_PRINTK(2, warn, "RA: invalid RA options\n"); |
1da177e4 LT |
1490 | } |
1491 | out: | |
94e187c0 | 1492 | ip6_rt_put(rt); |
eb857186 | 1493 | if (neigh) |
1da177e4 | 1494 | neigh_release(neigh); |
1da177e4 LT |
1495 | } |
1496 | ||
1497 | static void ndisc_redirect_rcv(struct sk_buff *skb) | |
1498 | { | |
093d04d4 DJ |
1499 | u8 *hdr; |
1500 | struct ndisc_options ndopts; | |
1501 | struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb); | |
29a3cad5 | 1502 | u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) + |
093d04d4 DJ |
1503 | offsetof(struct rd_msg, opt)); |
1504 | ||
de357cc0 | 1505 | #ifdef CONFIG_IPV6_NDISC_NODETYPE |
fadf6bf0 TF |
1506 | switch (skb->ndisc_nodetype) { |
1507 | case NDISC_NODETYPE_HOST: | |
1508 | case NDISC_NODETYPE_NODEFAULT: | |
675418d5 JP |
1509 | ND_PRINTK(2, warn, |
1510 | "Redirect: from host or unauthorized router\n"); | |
fadf6bf0 TF |
1511 | return; |
1512 | } | |
de357cc0 | 1513 | #endif |
fadf6bf0 | 1514 | |
0660e03f | 1515 | if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) { |
675418d5 JP |
1516 | ND_PRINTK(2, warn, |
1517 | "Redirect: source address is not link-local\n"); | |
1da177e4 LT |
1518 | return; |
1519 | } | |
1520 | ||
f997c55c | 1521 | if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts)) |
093d04d4 DJ |
1522 | return; |
1523 | ||
c92a59ec | 1524 | if (!ndopts.nd_opts_rh) { |
b55b76b2 DJ |
1525 | ip6_redirect_no_header(skb, dev_net(skb->dev), |
1526 | skb->dev->ifindex, 0); | |
093d04d4 | 1527 | return; |
c92a59ec | 1528 | } |
093d04d4 DJ |
1529 | |
1530 | hdr = (u8 *)ndopts.nd_opts_rh; | |
1531 | hdr += 8; | |
1532 | if (!pskb_pull(skb, hdr - skb_transport_header(skb))) | |
1533 | return; | |
1534 | ||
b94f1c09 | 1535 | icmpv6_notify(skb, NDISC_REDIRECT, 0, 0); |
1da177e4 LT |
1536 | } |
1537 | ||
5f5a0115 YH |
1538 | static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb, |
1539 | struct sk_buff *orig_skb, | |
1540 | int rd_len) | |
9c86dafe | 1541 | { |
5f5a0115 YH |
1542 | u8 *opt = skb_put(skb, rd_len); |
1543 | ||
9c86dafe YH |
1544 | memset(opt, 0, 8); |
1545 | *(opt++) = ND_OPT_REDIRECT_HDR; | |
1546 | *(opt++) = (rd_len >> 3); | |
1547 | opt += 6; | |
1548 | ||
18c64745 LB |
1549 | skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt, |
1550 | rd_len - 8); | |
9c86dafe YH |
1551 | } |
1552 | ||
4991969a | 1553 | void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target) |
1da177e4 | 1554 | { |
1762f7e8 | 1555 | struct net_device *dev = skb->dev; |
c346dca1 | 1556 | struct net *net = dev_net(dev); |
1762f7e8 | 1557 | struct sock *sk = net->ipv6.ndisc_sk; |
2ce13576 | 1558 | int optlen = 0; |
fbfe95a4 | 1559 | struct inet_peer *peer; |
1da177e4 | 1560 | struct sk_buff *buff; |
71bcdba0 | 1561 | struct rd_msg *msg; |
1da177e4 | 1562 | struct in6_addr saddr_buf; |
1da177e4 LT |
1563 | struct rt6_info *rt; |
1564 | struct dst_entry *dst; | |
4c9483b2 | 1565 | struct flowi6 fl6; |
1da177e4 | 1566 | int rd_len; |
f997c55c AA |
1567 | u8 ha_buf[MAX_ADDR_LEN], *ha = NULL, |
1568 | ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL; | |
1d861aa4 | 1569 | bool ret; |
1da177e4 | 1570 | |
95c385b4 | 1571 | if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) { |
675418d5 JP |
1572 | ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n", |
1573 | dev->name); | |
1ab1457c YH |
1574 | return; |
1575 | } | |
1da177e4 | 1576 | |
0660e03f | 1577 | if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) && |
bf0b48df | 1578 | ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { |
675418d5 JP |
1579 | ND_PRINTK(2, warn, |
1580 | "Redirect: target address is not link-local unicast\n"); | |
29556526 LY |
1581 | return; |
1582 | } | |
1583 | ||
4c9483b2 | 1584 | icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT, |
e0d56fdd | 1585 | &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex); |
1da177e4 | 1586 | |
4c9483b2 | 1587 | dst = ip6_route_output(net, NULL, &fl6); |
5095d64d RL |
1588 | if (dst->error) { |
1589 | dst_release(dst); | |
1da177e4 | 1590 | return; |
5095d64d | 1591 | } |
4c9483b2 | 1592 | dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0); |
452edd59 | 1593 | if (IS_ERR(dst)) |
1da177e4 | 1594 | return; |
1da177e4 LT |
1595 | |
1596 | rt = (struct rt6_info *) dst; | |
1597 | ||
1598 | if (rt->rt6i_flags & RTF_GATEWAY) { | |
675418d5 JP |
1599 | ND_PRINTK(2, warn, |
1600 | "Redirect: destination is not a neighbour\n"); | |
d73f0801 | 1601 | goto release; |
1da177e4 | 1602 | } |
fd0273d7 | 1603 | peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1); |
1d861aa4 DM |
1604 | ret = inet_peer_xrlim_allow(peer, 1*HZ); |
1605 | if (peer) | |
1606 | inet_putpeer(peer); | |
1607 | if (!ret) | |
d73f0801 | 1608 | goto release; |
1da177e4 LT |
1609 | |
1610 | if (dev->addr_len) { | |
4991969a DM |
1611 | struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target); |
1612 | if (!neigh) { | |
675418d5 JP |
1613 | ND_PRINTK(2, warn, |
1614 | "Redirect: no neigh for target address\n"); | |
4991969a DM |
1615 | goto release; |
1616 | } | |
1617 | ||
1da177e4 LT |
1618 | read_lock_bh(&neigh->lock); |
1619 | if (neigh->nud_state & NUD_VALID) { | |
1620 | memcpy(ha_buf, neigh->ha, dev->addr_len); | |
1621 | read_unlock_bh(&neigh->lock); | |
1622 | ha = ha_buf; | |
f997c55c AA |
1623 | optlen += ndisc_redirect_opt_addr_space(dev, neigh, |
1624 | ops_data_buf, | |
1625 | &ops_data); | |
1da177e4 LT |
1626 | } else |
1627 | read_unlock_bh(&neigh->lock); | |
4991969a DM |
1628 | |
1629 | neigh_release(neigh); | |
1da177e4 LT |
1630 | } |
1631 | ||
1632 | rd_len = min_t(unsigned int, | |
2ce13576 YH |
1633 | IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen, |
1634 | skb->len + 8); | |
1da177e4 | 1635 | rd_len &= ~0x7; |
2ce13576 | 1636 | optlen += rd_len; |
1da177e4 | 1637 | |
2ce13576 | 1638 | buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen); |
de09334b | 1639 | if (!buff) |
d73f0801 | 1640 | goto release; |
1da177e4 | 1641 | |
4df864c1 | 1642 | msg = skb_put(buff, sizeof(*msg)); |
4d5c152e YH |
1643 | *msg = (struct rd_msg) { |
1644 | .icmph = { | |
1645 | .icmp6_type = NDISC_REDIRECT, | |
1646 | }, | |
1647 | .target = *target, | |
1648 | .dest = ipv6_hdr(skb)->daddr, | |
1649 | }; | |
1da177e4 | 1650 | |
1da177e4 LT |
1651 | /* |
1652 | * include target_address option | |
1653 | */ | |
1654 | ||
1655 | if (ha) | |
f997c55c | 1656 | ndisc_fill_redirect_addr_option(buff, ha, ops_data); |
1da177e4 LT |
1657 | |
1658 | /* | |
1659 | * build redirect option and copy skb over to the new packet. | |
1660 | */ | |
1661 | ||
9c86dafe | 1662 | if (rd_len) |
5f5a0115 | 1663 | ndisc_fill_redirect_hdr_option(buff, skb, rd_len); |
1da177e4 | 1664 | |
adf30907 | 1665 | skb_dst_set(buff, dst); |
f4de84c6 | 1666 | ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf); |
d73f0801 IJ |
1667 | return; |
1668 | ||
1669 | release: | |
1670 | dst_release(dst); | |
1da177e4 LT |
1671 | } |
1672 | ||
1673 | static void pndisc_redo(struct sk_buff *skb) | |
1674 | { | |
140e26fc | 1675 | ndisc_recv_ns(skb); |
1da177e4 LT |
1676 | kfree_skb(skb); |
1677 | } | |
1678 | ||
b800c3b9 HFS |
1679 | static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb) |
1680 | { | |
1681 | struct inet6_dev *idev = __in6_dev_get(skb->dev); | |
1682 | ||
1683 | if (!idev) | |
1684 | return true; | |
1685 | if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED && | |
1686 | idev->cnf.suppress_frag_ndisc) { | |
1687 | net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n"); | |
1688 | return true; | |
1689 | } | |
1690 | return false; | |
1691 | } | |
1692 | ||
1da177e4 LT |
1693 | int ndisc_rcv(struct sk_buff *skb) |
1694 | { | |
1695 | struct nd_msg *msg; | |
1696 | ||
b800c3b9 HFS |
1697 | if (ndisc_suppress_frag_ndisc(skb)) |
1698 | return 0; | |
1699 | ||
6bce6b4e | 1700 | if (skb_linearize(skb)) |
1da177e4 LT |
1701 | return 0; |
1702 | ||
9c70220b | 1703 | msg = (struct nd_msg *)skb_transport_header(skb); |
1da177e4 | 1704 | |
9c70220b | 1705 | __skb_push(skb, skb->data - skb_transport_header(skb)); |
1da177e4 | 1706 | |
0660e03f | 1707 | if (ipv6_hdr(skb)->hop_limit != 255) { |
675418d5 JP |
1708 | ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n", |
1709 | ipv6_hdr(skb)->hop_limit); | |
1da177e4 LT |
1710 | return 0; |
1711 | } | |
1712 | ||
1713 | if (msg->icmph.icmp6_code != 0) { | |
675418d5 JP |
1714 | ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n", |
1715 | msg->icmph.icmp6_code); | |
1da177e4 LT |
1716 | return 0; |
1717 | } | |
1718 | ||
a61bbcf2 PM |
1719 | memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb)); |
1720 | ||
1da177e4 LT |
1721 | switch (msg->icmph.icmp6_type) { |
1722 | case NDISC_NEIGHBOUR_SOLICITATION: | |
1723 | ndisc_recv_ns(skb); | |
1724 | break; | |
1725 | ||
1726 | case NDISC_NEIGHBOUR_ADVERTISEMENT: | |
1727 | ndisc_recv_na(skb); | |
1728 | break; | |
1729 | ||
1730 | case NDISC_ROUTER_SOLICITATION: | |
1731 | ndisc_recv_rs(skb); | |
1732 | break; | |
1733 | ||
1734 | case NDISC_ROUTER_ADVERTISEMENT: | |
1735 | ndisc_router_discovery(skb); | |
1736 | break; | |
1737 | ||
1738 | case NDISC_REDIRECT: | |
1739 | ndisc_redirect_rcv(skb); | |
1740 | break; | |
3ff50b79 | 1741 | } |
1da177e4 LT |
1742 | |
1743 | return 0; | |
1744 | } | |
1745 | ||
1746 | static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr) | |
1747 | { | |
351638e7 | 1748 | struct net_device *dev = netdev_notifier_info_to_dev(ptr); |
c8507fb2 | 1749 | struct netdev_notifier_change_info *change_info; |
c346dca1 | 1750 | struct net *net = dev_net(dev); |
5cb04436 | 1751 | struct inet6_dev *idev; |
1da177e4 LT |
1752 | |
1753 | switch (event) { | |
1754 | case NETDEV_CHANGEADDR: | |
1755 | neigh_changeaddr(&nd_tbl, dev); | |
2ac3ac8f | 1756 | fib6_run_gc(0, net, false); |
4a6e3c5d DA |
1757 | /* fallthrough */ |
1758 | case NETDEV_UP: | |
5cb04436 HFS |
1759 | idev = in6_dev_get(dev); |
1760 | if (!idev) | |
1761 | break; | |
fc1f8f4f DA |
1762 | if (idev->cnf.ndisc_notify || |
1763 | net->ipv6.devconf_all->ndisc_notify) | |
5cb04436 HFS |
1764 | ndisc_send_unsol_na(dev); |
1765 | in6_dev_put(idev); | |
1da177e4 | 1766 | break; |
c8507fb2 ED |
1767 | case NETDEV_CHANGE: |
1768 | change_info = ptr; | |
1769 | if (change_info->flags_changed & IFF_NOARP) | |
1770 | neigh_changeaddr(&nd_tbl, dev); | |
1771 | break; | |
1da177e4 LT |
1772 | case NETDEV_DOWN: |
1773 | neigh_ifdown(&nd_tbl, dev); | |
2ac3ac8f | 1774 | fib6_run_gc(0, net, false); |
1da177e4 | 1775 | break; |
f47b9464 BH |
1776 | case NETDEV_NOTIFY_PEERS: |
1777 | ndisc_send_unsol_na(dev); | |
1778 | break; | |
1da177e4 LT |
1779 | default: |
1780 | break; | |
1781 | } | |
1782 | ||
1783 | return NOTIFY_DONE; | |
1784 | } | |
1785 | ||
1786 | static struct notifier_block ndisc_netdev_notifier = { | |
1787 | .notifier_call = ndisc_netdev_event, | |
6eb79393 | 1788 | .priority = ADDRCONF_NOTIFY_PRIORITY - 5, |
1da177e4 LT |
1789 | }; |
1790 | ||
1791 | #ifdef CONFIG_SYSCTL | |
1792 | static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl, | |
1793 | const char *func, const char *dev_name) | |
1794 | { | |
1795 | static char warncomm[TASK_COMM_LEN]; | |
1796 | static int warned; | |
1797 | if (strcmp(warncomm, current->comm) && warned < 5) { | |
1798 | strcpy(warncomm, current->comm); | |
f3213831 | 1799 | pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n", |
1da177e4 LT |
1800 | warncomm, func, |
1801 | dev_name, ctl->procname, | |
1802 | dev_name, ctl->procname); | |
1803 | warned++; | |
1804 | } | |
1805 | } | |
1806 | ||
8d65af78 | 1807 | int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) |
1da177e4 LT |
1808 | { |
1809 | struct net_device *dev = ctl->extra1; | |
1810 | struct inet6_dev *idev; | |
1811 | int ret; | |
1812 | ||
d12af679 EB |
1813 | if ((strcmp(ctl->procname, "retrans_time") == 0) || |
1814 | (strcmp(ctl->procname, "base_reachable_time") == 0)) | |
1da177e4 LT |
1815 | ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default"); |
1816 | ||
d12af679 | 1817 | if (strcmp(ctl->procname, "retrans_time") == 0) |
cb5b09c1 | 1818 | ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos); |
d12af679 EB |
1819 | |
1820 | else if (strcmp(ctl->procname, "base_reachable_time") == 0) | |
cb5b09c1 JP |
1821 | ret = neigh_proc_dointvec_jiffies(ctl, write, |
1822 | buffer, lenp, ppos); | |
d12af679 EB |
1823 | |
1824 | else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) || | |
ad02ac14 | 1825 | (strcmp(ctl->procname, "base_reachable_time_ms") == 0)) |
cb5b09c1 JP |
1826 | ret = neigh_proc_dointvec_ms_jiffies(ctl, write, |
1827 | buffer, lenp, ppos); | |
d12af679 | 1828 | else |
1da177e4 | 1829 | ret = -1; |
1da177e4 LT |
1830 | |
1831 | if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) { | |
1f9248e5 JP |
1832 | if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME)) |
1833 | idev->nd_parms->reachable_time = | |
1834 | neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME)); | |
1da177e4 LT |
1835 | idev->tstamp = jiffies; |
1836 | inet6_ifinfo_notify(RTM_NEWLINK, idev); | |
1837 | in6_dev_put(idev); | |
1838 | } | |
1839 | return ret; | |
1840 | } | |
1841 | ||
1da177e4 LT |
1842 | |
1843 | #endif | |
1844 | ||
2c8c1e72 | 1845 | static int __net_init ndisc_net_init(struct net *net) |
1da177e4 LT |
1846 | { |
1847 | struct ipv6_pinfo *np; | |
1848 | struct sock *sk; | |
1ab1457c | 1849 | int err; |
1da177e4 | 1850 | |
1ed8516f DL |
1851 | err = inet_ctl_sock_create(&sk, PF_INET6, |
1852 | SOCK_RAW, IPPROTO_ICMPV6, net); | |
1da177e4 | 1853 | if (err < 0) { |
675418d5 JP |
1854 | ND_PRINTK(0, err, |
1855 | "NDISC: Failed to initialize the control socket (err %d)\n", | |
1856 | err); | |
1da177e4 LT |
1857 | return err; |
1858 | } | |
1859 | ||
1ed8516f | 1860 | net->ipv6.ndisc_sk = sk; |
1762f7e8 | 1861 | |
1da177e4 | 1862 | np = inet6_sk(sk); |
1da177e4 LT |
1863 | np->hop_limit = 255; |
1864 | /* Do not loopback ndisc messages */ | |
1865 | np->mc_loop = 0; | |
1da177e4 | 1866 | |
1762f7e8 DL |
1867 | return 0; |
1868 | } | |
1869 | ||
2c8c1e72 | 1870 | static void __net_exit ndisc_net_exit(struct net *net) |
1762f7e8 | 1871 | { |
1ed8516f | 1872 | inet_ctl_sock_destroy(net->ipv6.ndisc_sk); |
1762f7e8 DL |
1873 | } |
1874 | ||
1875 | static struct pernet_operations ndisc_net_ops = { | |
1876 | .init = ndisc_net_init, | |
1877 | .exit = ndisc_net_exit, | |
1878 | }; | |
1879 | ||
1880 | int __init ndisc_init(void) | |
1881 | { | |
1882 | int err; | |
1883 | ||
1884 | err = register_pernet_subsys(&ndisc_net_ops); | |
1885 | if (err) | |
1886 | return err; | |
1ab1457c YH |
1887 | /* |
1888 | * Initialize the neighbour table | |
1889 | */ | |
d7480fd3 | 1890 | neigh_table_init(NEIGH_ND_TABLE, &nd_tbl); |
1da177e4 LT |
1891 | |
1892 | #ifdef CONFIG_SYSCTL | |
73af614a | 1893 | err = neigh_sysctl_register(NULL, &nd_tbl.parms, |
56ec0fb1 | 1894 | ndisc_ifinfo_sysctl_change); |
1762f7e8 DL |
1895 | if (err) |
1896 | goto out_unregister_pernet; | |
1762f7e8 | 1897 | out: |
bcd081a3 | 1898 | #endif |
1762f7e8 | 1899 | return err; |
1da177e4 | 1900 | |
1762f7e8 | 1901 | #ifdef CONFIG_SYSCTL |
1762f7e8 | 1902 | out_unregister_pernet: |
1762f7e8 DL |
1903 | unregister_pernet_subsys(&ndisc_net_ops); |
1904 | goto out; | |
2c861cc6 | 1905 | #endif |
1da177e4 LT |
1906 | } |
1907 | ||
2c861cc6 MK |
1908 | int __init ndisc_late_init(void) |
1909 | { | |
1910 | return register_netdevice_notifier(&ndisc_netdev_notifier); | |
1911 | } | |
1912 | ||
1913 | void ndisc_late_cleanup(void) | |
1da177e4 | 1914 | { |
36f73d0c | 1915 | unregister_netdevice_notifier(&ndisc_netdev_notifier); |
2c861cc6 MK |
1916 | } |
1917 | ||
1918 | void ndisc_cleanup(void) | |
1919 | { | |
1da177e4 LT |
1920 | #ifdef CONFIG_SYSCTL |
1921 | neigh_sysctl_unregister(&nd_tbl.parms); | |
1922 | #endif | |
d7480fd3 | 1923 | neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl); |
1762f7e8 | 1924 | unregister_pernet_subsys(&ndisc_net_ops); |
1da177e4 | 1925 | } |