projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
IPsec: correct semantics for SELinux policy matching
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Lars Fenneberg : fixed MTU setting on receipt
19 * of an RA.
20 *
21 * Janos Farkas : kmalloc failure checks
22 * Alexey Kuznetsov : state machine reworked
23 * and moved to net/core.
24 * Pekka Savola : RFC2461 validation
25 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
26 */
27
28 /* Set to 3 to get tracing... */
29 #define ND_DEBUG 1
30
31 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
32 #define ND_NOPRINTK(x...) do { ; } while(0)
33 #define ND_PRINTK0 ND_PRINTK
34 #define ND_PRINTK1 ND_NOPRINTK
35 #define ND_PRINTK2 ND_NOPRINTK
36 #define ND_PRINTK3 ND_NOPRINTK
37 #if ND_DEBUG >= 1
38 #undef ND_PRINTK1
39 #define ND_PRINTK1 ND_PRINTK
40 #endif
41 #if ND_DEBUG >= 2
42 #undef ND_PRINTK2
43 #define ND_PRINTK2 ND_PRINTK
44 #endif
45 #if ND_DEBUG >= 3
46 #undef ND_PRINTK3
47 #define ND_PRINTK3 ND_PRINTK
48 #endif
49
50 #include <linux/module.h>
51 #include <linux/errno.h>
52 #include <linux/types.h>
53 #include <linux/socket.h>
54 #include <linux/sockios.h>
55 #include <linux/sched.h>
56 #include <linux/net.h>
57 #include <linux/in6.h>
58 #include <linux/route.h>
59 #include <linux/init.h>
60 #include <linux/rcupdate.h>
61 #ifdef CONFIG_SYSCTL
62 #include <linux/sysctl.h>
63 #endif
64
65 #include <linux/if_addr.h>
66 #include <linux/if_arp.h>
67 #include <linux/ipv6.h>
68 #include <linux/icmpv6.h>
69 #include <linux/jhash.h>
70
71 #include <net/sock.h>
72 #include <net/snmp.h>
73
74 #include <net/ipv6.h>
75 #include <net/protocol.h>
76 #include <net/ndisc.h>
77 #include <net/ip6_route.h>
78 #include <net/addrconf.h>
79 #include <net/icmp.h>
80
81 #include <net/flow.h>
82 #include <net/ip6_checksum.h>
83 #include <linux/proc_fs.h>
84
85 #include <linux/netfilter.h>
86 #include <linux/netfilter_ipv6.h>
87
88 static struct socket *ndisc_socket;
89
90 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
91 static int ndisc_constructor(struct neighbour *neigh);
92 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
93 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
94 static int pndisc_constructor(struct pneigh_entry *n);
95 static void pndisc_destructor(struct pneigh_entry *n);
96 static void pndisc_redo(struct sk_buff *skb);
97
98 static struct neigh_ops ndisc_generic_ops = {
99 .family = AF_INET6,
100 .solicit = ndisc_solicit,
101 .error_report = ndisc_error_report,
102 .output = neigh_resolve_output,
103 .connected_output = neigh_connected_output,
104 .hh_output = dev_queue_xmit,
105 .queue_xmit = dev_queue_xmit,
106 };
107
108 static struct neigh_ops ndisc_hh_ops = {
109 .family = AF_INET6,
110 .solicit = ndisc_solicit,
111 .error_report = ndisc_error_report,
112 .output = neigh_resolve_output,
113 .connected_output = neigh_resolve_output,
114 .hh_output = dev_queue_xmit,
115 .queue_xmit = dev_queue_xmit,
116 };
117
118
119 static struct neigh_ops ndisc_direct_ops = {
120 .family = AF_INET6,
121 .output = dev_queue_xmit,
122 .connected_output = dev_queue_xmit,
123 .hh_output = dev_queue_xmit,
124 .queue_xmit = dev_queue_xmit,
125 };
126
127 struct neigh_table nd_tbl = {
128 .family = AF_INET6,
129 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
130 .key_len = sizeof(struct in6_addr),
131 .hash = ndisc_hash,
132 .constructor = ndisc_constructor,
133 .pconstructor = pndisc_constructor,
134 .pdestructor = pndisc_destructor,
135 .proxy_redo = pndisc_redo,
136 .id = "ndisc_cache",
137 .parms = {
138 .tbl = &nd_tbl,
139 .base_reachable_time = 30 * HZ,
140 .retrans_time = 1 * HZ,
141 .gc_staletime = 60 * HZ,
142 .reachable_time = 30 * HZ,
143 .delay_probe_time = 5 * HZ,
144 .queue_len = 3,
145 .ucast_probes = 3,
146 .mcast_probes = 3,
147 .anycast_delay = 1 * HZ,
148 .proxy_delay = (8 * HZ) / 10,
149 .proxy_qlen = 64,
150 },
151 .gc_interval = 30 * HZ,
152 .gc_thresh1 = 128,
153 .gc_thresh2 = 512,
154 .gc_thresh3 = 1024,
155 };
156
157 /* ND options */
158 struct ndisc_options {
159 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
160 #ifdef CONFIG_IPV6_ROUTE_INFO
161 struct nd_opt_hdr *nd_opts_ri;
162 struct nd_opt_hdr *nd_opts_ri_end;
163 #endif
164 };
165
166 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
167 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
168 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
169 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
170 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
171 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
172
173 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
174
175 /*
176 * Return the padding between the option length and the start of the
177 * link addr. Currently only IP-over-InfiniBand needs this, although
178 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
179 * also need a pad of 2.
180 */
181 static int ndisc_addr_option_pad(unsigned short type)
182 {
183 switch (type) {
184 case ARPHRD_INFINIBAND: return 2;
185 default: return 0;
186 }
187 }
188
189 static inline int ndisc_opt_addr_space(struct net_device *dev)
190 {
191 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
192 }
193
194 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
195 unsigned short addr_type)
196 {
197 int space = NDISC_OPT_SPACE(data_len);
198 int pad = ndisc_addr_option_pad(addr_type);
199
200 opt[0] = type;
201 opt[1] = space>>3;
202
203 memset(opt + 2, 0, pad);
204 opt += pad;
205 space -= pad;
206
207 memcpy(opt+2, data, data_len);
208 data_len += 2;
209 opt += data_len;
210 if ((space -= data_len) > 0)
211 memset(opt, 0, space);
212 return opt + space;
213 }
214
215 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
216 struct nd_opt_hdr *end)
217 {
218 int type;
219 if (!cur || !end || cur >= end)
220 return NULL;
221 type = cur->nd_opt_type;
222 do {
223 cur = ((void *)cur) + (cur->nd_opt_len << 3);
224 } while(cur < end && cur->nd_opt_type != type);
225 return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
226 }
227
228 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
229 struct ndisc_options *ndopts)
230 {
231 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
232
233 if (!nd_opt || opt_len < 0 || !ndopts)
234 return NULL;
235 memset(ndopts, 0, sizeof(*ndopts));
236 while (opt_len) {
237 int l;
238 if (opt_len < sizeof(struct nd_opt_hdr))
239 return NULL;
240 l = nd_opt->nd_opt_len << 3;
241 if (opt_len < l || l == 0)
242 return NULL;
243 switch (nd_opt->nd_opt_type) {
244 case ND_OPT_SOURCE_LL_ADDR:
245 case ND_OPT_TARGET_LL_ADDR:
246 case ND_OPT_MTU:
247 case ND_OPT_REDIRECT_HDR:
248 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
249 ND_PRINTK2(KERN_WARNING
250 "%s(): duplicated ND6 option found: type=%d\n",
251 __FUNCTION__,
252 nd_opt->nd_opt_type);
253 } else {
254 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
255 }
256 break;
257 case ND_OPT_PREFIX_INFO:
258 ndopts->nd_opts_pi_end = nd_opt;
259 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0)
260 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
261 break;
262 #ifdef CONFIG_IPV6_ROUTE_INFO
263 case ND_OPT_ROUTE_INFO:
264 ndopts->nd_opts_ri_end = nd_opt;
265 if (!ndopts->nd_opts_ri)
266 ndopts->nd_opts_ri = nd_opt;
267 break;
268 #endif
269 default:
270 /*
271 * Unknown options must be silently ignored,
272 * to accommodate future extension to the protocol.
273 */
274 ND_PRINTK2(KERN_NOTICE
275 "%s(): ignored unsupported option; type=%d, len=%d\n",
276 __FUNCTION__,
277 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
278 }
279 opt_len -= l;
280 nd_opt = ((void *)nd_opt) + l;
281 }
282 return ndopts;
283 }
284
285 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
286 struct net_device *dev)
287 {
288 u8 *lladdr = (u8 *)(p + 1);
289 int lladdrlen = p->nd_opt_len << 3;
290 int prepad = ndisc_addr_option_pad(dev->type);
291 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
292 return NULL;
293 return (lladdr + prepad);
294 }
295
296 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
297 {
298 switch (dev->type) {
299 case ARPHRD_ETHER:
300 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
301 case ARPHRD_FDDI:
302 ipv6_eth_mc_map(addr, buf);
303 return 0;
304 case ARPHRD_IEEE802_TR:
305 ipv6_tr_mc_map(addr,buf);
306 return 0;
307 case ARPHRD_ARCNET:
308 ipv6_arcnet_mc_map(addr, buf);
309 return 0;
310 case ARPHRD_INFINIBAND:
311 ipv6_ib_mc_map(addr, buf);
312 return 0;
313 default:
314 if (dir) {
315 memcpy(buf, dev->broadcast, dev->addr_len);
316 return 0;
317 }
318 }
319 return -EINVAL;
320 }
321
322 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
323 {
324 const u32 *p32 = pkey;
325 u32 addr_hash, i;
326
327 addr_hash = 0;
328 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
329 addr_hash ^= *p32++;
330
331 return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
332 }
333
334 static int ndisc_constructor(struct neighbour *neigh)
335 {
336 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
337 struct net_device *dev = neigh->dev;
338 struct inet6_dev *in6_dev;
339 struct neigh_parms *parms;
340 int is_multicast = ipv6_addr_is_multicast(addr);
341
342 rcu_read_lock();
343 in6_dev = in6_dev_get(dev);
344 if (in6_dev == NULL) {
345 rcu_read_unlock();
346 return -EINVAL;
347 }
348
349 parms = in6_dev->nd_parms;
350 __neigh_parms_put(neigh->parms);
351 neigh->parms = neigh_parms_clone(parms);
352 rcu_read_unlock();
353
354 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
355 if (dev->hard_header == NULL) {
356 neigh->nud_state = NUD_NOARP;
357 neigh->ops = &ndisc_direct_ops;
358 neigh->output = neigh->ops->queue_xmit;
359 } else {
360 if (is_multicast) {
361 neigh->nud_state = NUD_NOARP;
362 ndisc_mc_map(addr, neigh->ha, dev, 1);
363 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
364 neigh->nud_state = NUD_NOARP;
365 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
366 if (dev->flags&IFF_LOOPBACK)
367 neigh->type = RTN_LOCAL;
368 } else if (dev->flags&IFF_POINTOPOINT) {
369 neigh->nud_state = NUD_NOARP;
370 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
371 }
372 if (dev->hard_header_cache)
373 neigh->ops = &ndisc_hh_ops;
374 else
375 neigh->ops = &ndisc_generic_ops;
376 if (neigh->nud_state&NUD_VALID)
377 neigh->output = neigh->ops->connected_output;
378 else
379 neigh->output = neigh->ops->output;
380 }
381 in6_dev_put(in6_dev);
382 return 0;
383 }
384
385 static int pndisc_constructor(struct pneigh_entry *n)
386 {
387 struct in6_addr *addr = (struct in6_addr*)&n->key;
388 struct in6_addr maddr;
389 struct net_device *dev = n->dev;
390
391 if (dev == NULL || __in6_dev_get(dev) == NULL)
392 return -EINVAL;
393 addrconf_addr_solict_mult(addr, &maddr);
394 ipv6_dev_mc_inc(dev, &maddr);
395 return 0;
396 }
397
398 static void pndisc_destructor(struct pneigh_entry *n)
399 {
400 struct in6_addr *addr = (struct in6_addr*)&n->key;
401 struct in6_addr maddr;
402 struct net_device *dev = n->dev;
403
404 if (dev == NULL || __in6_dev_get(dev) == NULL)
405 return;
406 addrconf_addr_solict_mult(addr, &maddr);
407 ipv6_dev_mc_dec(dev, &maddr);
408 }
409
410 /*
411 * Send a Neighbour Advertisement
412 */
413
414 static inline void ndisc_flow_init(struct flowi *fl, u8 type,
415 struct in6_addr *saddr, struct in6_addr *daddr,
416 int oif)
417 {
418 memset(fl, 0, sizeof(*fl));
419 ipv6_addr_copy(&fl->fl6_src, saddr);
420 ipv6_addr_copy(&fl->fl6_dst, daddr);
421 fl->proto = IPPROTO_ICMPV6;
422 fl->fl_icmp_type = type;
423 fl->fl_icmp_code = 0;
424 fl->oif = oif;
425 security_sk_classify_flow(ndisc_socket->sk, fl);
426 }
427
428 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
429 struct in6_addr *daddr, struct in6_addr *solicited_addr,
430 int router, int solicited, int override, int inc_opt)
431 {
432 struct in6_addr tmpaddr;
433 struct inet6_ifaddr *ifp;
434 struct inet6_dev *idev;
435 struct flowi fl;
436 struct dst_entry* dst;
437 struct sock *sk = ndisc_socket->sk;
438 struct in6_addr *src_addr;
439 struct nd_msg *msg;
440 int len;
441 struct sk_buff *skb;
442 int err;
443
444 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
445
446 /* for anycast or proxy, solicited_addr != src_addr */
447 ifp = ipv6_get_ifaddr(solicited_addr, dev, 1);
448 if (ifp) {
449 src_addr = solicited_addr;
450 in6_ifa_put(ifp);
451 } else {
452 if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
453 return;
454 src_addr = &tmpaddr;
455 }
456
457 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_ADVERTISEMENT, src_addr, daddr,
458 dev->ifindex);
459
460 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
461 if (!dst)
462 return;
463
464 err = xfrm_lookup(&dst, &fl, NULL, 0);
465 if (err < 0)
466 return;
467
468 if (inc_opt) {
469 if (dev->addr_len)
470 len += ndisc_opt_addr_space(dev);
471 else
472 inc_opt = 0;
473 }
474
475 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
476 1, &err);
477
478 if (skb == NULL) {
479 ND_PRINTK0(KERN_ERR
480 "ICMPv6 NA: %s() failed to allocate an skb.\n",
481 __FUNCTION__);
482 dst_release(dst);
483 return;
484 }
485
486 skb_reserve(skb, LL_RESERVED_SPACE(dev));
487 ip6_nd_hdr(sk, skb, dev, src_addr, daddr, IPPROTO_ICMPV6, len);
488
489 msg = (struct nd_msg *)skb_put(skb, len);
490 skb->h.raw = (unsigned char*)msg;
491
492 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT;
493 msg->icmph.icmp6_code = 0;
494 msg->icmph.icmp6_cksum = 0;
495
496 msg->icmph.icmp6_unused = 0;
497 msg->icmph.icmp6_router = router;
498 msg->icmph.icmp6_solicited = solicited;
499 msg->icmph.icmp6_override = override;
500
501 /* Set the target address. */
502 ipv6_addr_copy(&msg->target, solicited_addr);
503
504 if (inc_opt)
505 ndisc_fill_addr_option(msg->opt, ND_OPT_TARGET_LL_ADDR, dev->dev_addr,
506 dev->addr_len, dev->type);
507
508 /* checksum */
509 msg->icmph.icmp6_cksum = csum_ipv6_magic(src_addr, daddr, len,
510 IPPROTO_ICMPV6,
511 csum_partial((__u8 *) msg,
512 len, 0));
513
514 skb->dst = dst;
515 idev = in6_dev_get(dst->dev);
516 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
517 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
518 if (!err) {
519 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORADVERTISEMENTS);
520 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
521 }
522
523 if (likely(idev != NULL))
524 in6_dev_put(idev);
525 }
526
527 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
528 struct in6_addr *solicit,
529 struct in6_addr *daddr, struct in6_addr *saddr)
530 {
531 struct flowi fl;
532 struct dst_entry* dst;
533 struct inet6_dev *idev;
534 struct sock *sk = ndisc_socket->sk;
535 struct sk_buff *skb;
536 struct nd_msg *msg;
537 struct in6_addr addr_buf;
538 int len;
539 int err;
540 int send_llinfo;
541
542 if (saddr == NULL) {
543 if (ipv6_get_lladdr(dev, &addr_buf))
544 return;
545 saddr = &addr_buf;
546 }
547
548 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_SOLICITATION, saddr, daddr,
549 dev->ifindex);
550
551 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
552 if (!dst)
553 return;
554
555 err = xfrm_lookup(&dst, &fl, NULL, 0);
556 if (err < 0)
557 return;
558
559 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
560 send_llinfo = dev->addr_len && !ipv6_addr_any(saddr);
561 if (send_llinfo)
562 len += ndisc_opt_addr_space(dev);
563
564 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
565 1, &err);
566 if (skb == NULL) {
567 ND_PRINTK0(KERN_ERR
568 "ICMPv6 NA: %s() failed to allocate an skb.\n",
569 __FUNCTION__);
570 dst_release(dst);
571 return;
572 }
573
574 skb_reserve(skb, LL_RESERVED_SPACE(dev));
575 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
576
577 msg = (struct nd_msg *)skb_put(skb, len);
578 skb->h.raw = (unsigned char*)msg;
579 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_SOLICITATION;
580 msg->icmph.icmp6_code = 0;
581 msg->icmph.icmp6_cksum = 0;
582 msg->icmph.icmp6_unused = 0;
583
584 /* Set the target address. */
585 ipv6_addr_copy(&msg->target, solicit);
586
587 if (send_llinfo)
588 ndisc_fill_addr_option(msg->opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
589 dev->addr_len, dev->type);
590
591 /* checksum */
592 msg->icmph.icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr,
593 daddr, len,
594 IPPROTO_ICMPV6,
595 csum_partial((__u8 *) msg,
596 len, 0));
597 /* send it! */
598 skb->dst = dst;
599 idev = in6_dev_get(dst->dev);
600 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
601 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
602 if (!err) {
603 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORSOLICITS);
604 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
605 }
606
607 if (likely(idev != NULL))
608 in6_dev_put(idev);
609 }
610
611 void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
612 struct in6_addr *daddr)
613 {
614 struct flowi fl;
615 struct dst_entry* dst;
616 struct inet6_dev *idev;
617 struct sock *sk = ndisc_socket->sk;
618 struct sk_buff *skb;
619 struct icmp6hdr *hdr;
620 __u8 * opt;
621 int len;
622 int err;
623
624 ndisc_flow_init(&fl, NDISC_ROUTER_SOLICITATION, saddr, daddr,
625 dev->ifindex);
626
627 dst = ndisc_dst_alloc(dev, NULL, daddr, ip6_output);
628 if (!dst)
629 return;
630
631 err = xfrm_lookup(&dst, &fl, NULL, 0);
632 if (err < 0)
633 return;
634
635 len = sizeof(struct icmp6hdr);
636 if (dev->addr_len)
637 len += ndisc_opt_addr_space(dev);
638
639 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
640 1, &err);
641 if (skb == NULL) {
642 ND_PRINTK0(KERN_ERR
643 "ICMPv6 RS: %s() failed to allocate an skb.\n",
644 __FUNCTION__);
645 dst_release(dst);
646 return;
647 }
648
649 skb_reserve(skb, LL_RESERVED_SPACE(dev));
650 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
651
652 hdr = (struct icmp6hdr *)skb_put(skb, len);
653 skb->h.raw = (unsigned char*)hdr;
654 hdr->icmp6_type = NDISC_ROUTER_SOLICITATION;
655 hdr->icmp6_code = 0;
656 hdr->icmp6_cksum = 0;
657 hdr->icmp6_unused = 0;
658
659 opt = (u8*) (hdr + 1);
660
661 if (dev->addr_len)
662 ndisc_fill_addr_option(opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
663 dev->addr_len, dev->type);
664
665 /* checksum */
666 hdr->icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr, daddr, len,
667 IPPROTO_ICMPV6,
668 csum_partial((__u8 *) hdr, len, 0));
669
670 /* send it! */
671 skb->dst = dst;
672 idev = in6_dev_get(dst->dev);
673 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
674 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
675 if (!err) {
676 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTROUTERSOLICITS);
677 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
678 }
679
680 if (likely(idev != NULL))
681 in6_dev_put(idev);
682 }
683
684
685 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
686 {
687 /*
688 * "The sender MUST return an ICMP
689 * destination unreachable"
690 */
691 dst_link_failure(skb);
692 kfree_skb(skb);
693 }
694
695 /* Called with locked neigh: either read or both */
696
697 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
698 {
699 struct in6_addr *saddr = NULL;
700 struct in6_addr mcaddr;
701 struct net_device *dev = neigh->dev;
702 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
703 int probes = atomic_read(&neigh->probes);
704
705 if (skb && ipv6_chk_addr(&skb->nh.ipv6h->saddr, dev, 1))
706 saddr = &skb->nh.ipv6h->saddr;
707
708 if ((probes -= neigh->parms->ucast_probes) < 0) {
709 if (!(neigh->nud_state & NUD_VALID)) {
710 ND_PRINTK1(KERN_DEBUG
711 "%s(): trying to ucast probe in NUD_INVALID: "
712 NIP6_FMT "\n",
713 __FUNCTION__,
714 NIP6(*target));
715 }
716 ndisc_send_ns(dev, neigh, target, target, saddr);
717 } else if ((probes -= neigh->parms->app_probes) < 0) {
718 #ifdef CONFIG_ARPD
719 neigh_app_ns(neigh);
720 #endif
721 } else {
722 addrconf_addr_solict_mult(target, &mcaddr);
723 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
724 }
725 }
726
727 static void ndisc_recv_ns(struct sk_buff *skb)
728 {
729 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
730 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
731 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
732 u8 *lladdr = NULL;
733 u32 ndoptlen = skb->tail - msg->opt;
734 struct ndisc_options ndopts;
735 struct net_device *dev = skb->dev;
736 struct inet6_ifaddr *ifp;
737 struct inet6_dev *idev = NULL;
738 struct neighbour *neigh;
739 struct pneigh_entry *pneigh = NULL;
740 int dad = ipv6_addr_any(saddr);
741 int inc;
742 int is_router;
743
744 if (ipv6_addr_is_multicast(&msg->target)) {
745 ND_PRINTK2(KERN_WARNING
746 "ICMPv6 NS: multicast target address");
747 return;
748 }
749
750 /*
751 * RFC2461 7.1.1:
752 * DAD has to be destined for solicited node multicast address.
753 */
754 if (dad &&
755 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
756 daddr->s6_addr32[1] == htonl(0x00000000) &&
757 daddr->s6_addr32[2] == htonl(0x00000001) &&
758 daddr->s6_addr [12] == 0xff )) {
759 ND_PRINTK2(KERN_WARNING
760 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
761 return;
762 }
763
764 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
765 ND_PRINTK2(KERN_WARNING
766 "ICMPv6 NS: invalid ND options\n");
767 return;
768 }
769
770 if (ndopts.nd_opts_src_lladdr) {
771 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
772 if (!lladdr) {
773 ND_PRINTK2(KERN_WARNING
774 "ICMPv6 NS: invalid link-layer address length\n");
775 return;
776 }
777
778 /* RFC2461 7.1.1:
779 * If the IP source address is the unspecified address,
780 * there MUST NOT be source link-layer address option
781 * in the message.
782 */
783 if (dad) {
784 ND_PRINTK2(KERN_WARNING
785 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
786 return;
787 }
788 }
789
790 inc = ipv6_addr_is_multicast(daddr);
791
792 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) {
793 if (ifp->flags & IFA_F_TENTATIVE) {
794 /* Address is tentative. If the source
795 is unspecified address, it is someone
796 does DAD, otherwise we ignore solicitations
797 until DAD timer expires.
798 */
799 if (!dad)
800 goto out;
801 if (dev->type == ARPHRD_IEEE802_TR) {
802 unsigned char *sadr = skb->mac.raw;
803 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
804 sadr[9] == dev->dev_addr[1] &&
805 sadr[10] == dev->dev_addr[2] &&
806 sadr[11] == dev->dev_addr[3] &&
807 sadr[12] == dev->dev_addr[4] &&
808 sadr[13] == dev->dev_addr[5]) {
809 /* looped-back to us */
810 goto out;
811 }
812 }
813 addrconf_dad_failure(ifp);
814 return;
815 }
816
817 idev = ifp->idev;
818 } else {
819 idev = in6_dev_get(dev);
820 if (!idev) {
821 /* XXX: count this drop? */
822 return;
823 }
824
825 if (ipv6_chk_acast_addr(dev, &msg->target) ||
826 (idev->cnf.forwarding &&
827 (ipv6_devconf.proxy_ndp || idev->cnf.proxy_ndp) &&
828 (pneigh = pneigh_lookup(&nd_tbl,
829 &msg->target, dev, 0)) != NULL)) {
830 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
831 skb->pkt_type != PACKET_HOST &&
832 inc != 0 &&
833 idev->nd_parms->proxy_delay != 0) {
834 /*
835 * for anycast or proxy,
836 * sender should delay its response
837 * by a random time between 0 and
838 * MAX_ANYCAST_DELAY_TIME seconds.
839 * (RFC2461) -- yoshfuji
840 */
841 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
842 if (n)
843 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
844 goto out;
845 }
846 } else
847 goto out;
848 }
849
850 is_router = !!(pneigh ? pneigh->flags & NTF_ROUTER : idev->cnf.forwarding);
851
852 if (dad) {
853 struct in6_addr maddr;
854
855 ipv6_addr_all_nodes(&maddr);
856 ndisc_send_na(dev, NULL, &maddr, &msg->target,
857 is_router, 0, (ifp != NULL), 1);
858 goto out;
859 }
860
861 if (inc)
862 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
863 else
864 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
865
866 /*
867 * update / create cache entry
868 * for the source address
869 */
870 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
871 !inc || lladdr || !dev->addr_len);
872 if (neigh)
873 neigh_update(neigh, lladdr, NUD_STALE,
874 NEIGH_UPDATE_F_WEAK_OVERRIDE|
875 NEIGH_UPDATE_F_OVERRIDE);
876 if (neigh || !dev->hard_header) {
877 ndisc_send_na(dev, neigh, saddr, &msg->target,
878 is_router,
879 1, (ifp != NULL && inc), inc);
880 if (neigh)
881 neigh_release(neigh);
882 }
883
884 out:
885 if (ifp)
886 in6_ifa_put(ifp);
887 else
888 in6_dev_put(idev);
889
890 return;
891 }
892
893 static void ndisc_recv_na(struct sk_buff *skb)
894 {
895 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
896 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
897 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
898 u8 *lladdr = NULL;
899 u32 ndoptlen = skb->tail - msg->opt;
900 struct ndisc_options ndopts;
901 struct net_device *dev = skb->dev;
902 struct inet6_ifaddr *ifp;
903 struct neighbour *neigh;
904
905 if (skb->len < sizeof(struct nd_msg)) {
906 ND_PRINTK2(KERN_WARNING
907 "ICMPv6 NA: packet too short\n");
908 return;
909 }
910
911 if (ipv6_addr_is_multicast(&msg->target)) {
912 ND_PRINTK2(KERN_WARNING
913 "ICMPv6 NA: target address is multicast.\n");
914 return;
915 }
916
917 if (ipv6_addr_is_multicast(daddr) &&
918 msg->icmph.icmp6_solicited) {
919 ND_PRINTK2(KERN_WARNING
920 "ICMPv6 NA: solicited NA is multicasted.\n");
921 return;
922 }
923
924 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
925 ND_PRINTK2(KERN_WARNING
926 "ICMPv6 NS: invalid ND option\n");
927 return;
928 }
929 if (ndopts.nd_opts_tgt_lladdr) {
930 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
931 if (!lladdr) {
932 ND_PRINTK2(KERN_WARNING
933 "ICMPv6 NA: invalid link-layer address length\n");
934 return;
935 }
936 }
937 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1))) {
938 if (ifp->flags & IFA_F_TENTATIVE) {
939 addrconf_dad_failure(ifp);
940 return;
941 }
942 /* What should we make now? The advertisement
943 is invalid, but ndisc specs say nothing
944 about it. It could be misconfiguration, or
945 an smart proxy agent tries to help us :-)
946 */
947 ND_PRINTK1(KERN_WARNING
948 "ICMPv6 NA: someone advertises our address on %s!\n",
949 ifp->idev->dev->name);
950 in6_ifa_put(ifp);
951 return;
952 }
953 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
954
955 if (neigh) {
956 u8 old_flags = neigh->flags;
957
958 if (neigh->nud_state & NUD_FAILED)
959 goto out;
960
961 /*
962 * Don't update the neighbor cache entry on a proxy NA from
963 * ourselves because either the proxied node is off link or it
964 * has already sent a NA to us.
965 */
966 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
967 ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp &&
968 pneigh_lookup(&nd_tbl, &msg->target, dev, 0)) {
969 /* XXX: idev->cnf.prixy_ndp */
970 WARN_ON(skb->dst != NULL &&
971 ((struct rt6_info *)skb->dst)->rt6i_idev);
972 goto out;
973 }
974
975 neigh_update(neigh, lladdr,
976 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
977 NEIGH_UPDATE_F_WEAK_OVERRIDE|
978 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
979 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
980 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
981
982 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
983 /*
984 * Change: router to host
985 */
986 struct rt6_info *rt;
987 rt = rt6_get_dflt_router(saddr, dev);
988 if (rt)
989 ip6_del_rt(rt);
990 }
991
992 out:
993 neigh_release(neigh);
994 }
995 }
996
997 static void ndisc_recv_rs(struct sk_buff *skb)
998 {
999 struct rs_msg *rs_msg = (struct rs_msg *) skb->h.raw;
1000 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1001 struct neighbour *neigh;
1002 struct inet6_dev *idev;
1003 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
1004 struct ndisc_options ndopts;
1005 u8 *lladdr = NULL;
1006
1007 if (skb->len < sizeof(*rs_msg))
1008 return;
1009
1010 idev = in6_dev_get(skb->dev);
1011 if (!idev) {
1012 if (net_ratelimit())
1013 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1014 return;
1015 }
1016
1017 /* Don't accept RS if we're not in router mode */
1018 if (!idev->cnf.forwarding)
1019 goto out;
1020
1021 /*
1022 * Don't update NCE if src = ::;
1023 * this implies that the source node has no ip address assigned yet.
1024 */
1025 if (ipv6_addr_any(saddr))
1026 goto out;
1027
1028 /* Parse ND options */
1029 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1030 if (net_ratelimit())
1031 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1032 goto out;
1033 }
1034
1035 if (ndopts.nd_opts_src_lladdr) {
1036 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1037 skb->dev);
1038 if (!lladdr)
1039 goto out;
1040 }
1041
1042 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1043 if (neigh) {
1044 neigh_update(neigh, lladdr, NUD_STALE,
1045 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1046 NEIGH_UPDATE_F_OVERRIDE|
1047 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1048 neigh_release(neigh);
1049 }
1050 out:
1051 in6_dev_put(idev);
1052 }
1053
1054 static void ndisc_router_discovery(struct sk_buff *skb)
1055 {
1056 struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw;
1057 struct neighbour *neigh = NULL;
1058 struct inet6_dev *in6_dev;
1059 struct rt6_info *rt = NULL;
1060 int lifetime;
1061 struct ndisc_options ndopts;
1062 int optlen;
1063 unsigned int pref = 0;
1064
1065 __u8 * opt = (__u8 *)(ra_msg + 1);
1066
1067 optlen = (skb->tail - skb->h.raw) - sizeof(struct ra_msg);
1068
1069 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1070 ND_PRINTK2(KERN_WARNING
1071 "ICMPv6 RA: source address is not link-local.\n");
1072 return;
1073 }
1074 if (optlen < 0) {
1075 ND_PRINTK2(KERN_WARNING
1076 "ICMPv6 RA: packet too short\n");
1077 return;
1078 }
1079
1080 /*
1081 * set the RA_RECV flag in the interface
1082 */
1083
1084 in6_dev = in6_dev_get(skb->dev);
1085 if (in6_dev == NULL) {
1086 ND_PRINTK0(KERN_ERR
1087 "ICMPv6 RA: can't find inet6 device for %s.\n",
1088 skb->dev->name);
1089 return;
1090 }
1091 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1092 in6_dev_put(in6_dev);
1093 return;
1094 }
1095
1096 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1097 in6_dev_put(in6_dev);
1098 ND_PRINTK2(KERN_WARNING
1099 "ICMP6 RA: invalid ND options\n");
1100 return;
1101 }
1102
1103 if (in6_dev->if_flags & IF_RS_SENT) {
1104 /*
1105 * flag that an RA was received after an RS was sent
1106 * out on this interface.
1107 */
1108 in6_dev->if_flags |= IF_RA_RCVD;
1109 }
1110
1111 /*
1112 * Remember the managed/otherconf flags from most recently
1113 * received RA message (RFC 2462) -- yoshfuji
1114 */
1115 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1116 IF_RA_OTHERCONF)) |
1117 (ra_msg->icmph.icmp6_addrconf_managed ?
1118 IF_RA_MANAGED : 0) |
1119 (ra_msg->icmph.icmp6_addrconf_other ?
1120 IF_RA_OTHERCONF : 0);
1121
1122 if (!in6_dev->cnf.accept_ra_defrtr)
1123 goto skip_defrtr;
1124
1125 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1126
1127 #ifdef CONFIG_IPV6_ROUTER_PREF
1128 pref = ra_msg->icmph.icmp6_router_pref;
1129 /* 10b is handled as if it were 00b (medium) */
1130 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1131 in6_dev->cnf.accept_ra_rtr_pref)
1132 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1133 #endif
1134
1135 rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev);
1136
1137 if (rt)
1138 neigh = rt->rt6i_nexthop;
1139
1140 if (rt && lifetime == 0) {
1141 neigh_clone(neigh);
1142 ip6_del_rt(rt);
1143 rt = NULL;
1144 }
1145
1146 if (rt == NULL && lifetime) {
1147 ND_PRINTK3(KERN_DEBUG
1148 "ICMPv6 RA: adding default router.\n");
1149
1150 rt = rt6_add_dflt_router(&skb->nh.ipv6h->saddr, skb->dev, pref);
1151 if (rt == NULL) {
1152 ND_PRINTK0(KERN_ERR
1153 "ICMPv6 RA: %s() failed to add default route.\n",
1154 __FUNCTION__);
1155 in6_dev_put(in6_dev);
1156 return;
1157 }
1158
1159 neigh = rt->rt6i_nexthop;
1160 if (neigh == NULL) {
1161 ND_PRINTK0(KERN_ERR
1162 "ICMPv6 RA: %s() got default router without neighbour.\n",
1163 __FUNCTION__);
1164 dst_release(&rt->u.dst);
1165 in6_dev_put(in6_dev);
1166 return;
1167 }
1168 neigh->flags |= NTF_ROUTER;
1169 } else if (rt) {
1170 rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1171 }
1172
1173 if (rt)
1174 rt->rt6i_expires = jiffies + (HZ * lifetime);
1175
1176 if (ra_msg->icmph.icmp6_hop_limit) {
1177 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1178 if (rt)
1179 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1180 }
1181
1182 skip_defrtr:
1183
1184 /*
1185 * Update Reachable Time and Retrans Timer
1186 */
1187
1188 if (in6_dev->nd_parms) {
1189 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1190
1191 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1192 rtime = (rtime*HZ)/1000;
1193 if (rtime < HZ/10)
1194 rtime = HZ/10;
1195 in6_dev->nd_parms->retrans_time = rtime;
1196 in6_dev->tstamp = jiffies;
1197 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1198 }
1199
1200 rtime = ntohl(ra_msg->reachable_time);
1201 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1202 rtime = (rtime*HZ)/1000;
1203
1204 if (rtime < HZ/10)
1205 rtime = HZ/10;
1206
1207 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1208 in6_dev->nd_parms->base_reachable_time = rtime;
1209 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1210 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1211 in6_dev->tstamp = jiffies;
1212 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1213 }
1214 }
1215 }
1216
1217 /*
1218 * Process options.
1219 */
1220
1221 if (!neigh)
1222 neigh = __neigh_lookup(&nd_tbl, &skb->nh.ipv6h->saddr,
1223 skb->dev, 1);
1224 if (neigh) {
1225 u8 *lladdr = NULL;
1226 if (ndopts.nd_opts_src_lladdr) {
1227 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1228 skb->dev);
1229 if (!lladdr) {
1230 ND_PRINTK2(KERN_WARNING
1231 "ICMPv6 RA: invalid link-layer address length\n");
1232 goto out;
1233 }
1234 }
1235 neigh_update(neigh, lladdr, NUD_STALE,
1236 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1237 NEIGH_UPDATE_F_OVERRIDE|
1238 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1239 NEIGH_UPDATE_F_ISROUTER);
1240 }
1241
1242 #ifdef CONFIG_IPV6_ROUTE_INFO
1243 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1244 struct nd_opt_hdr *p;
1245 for (p = ndopts.nd_opts_ri;
1246 p;
1247 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1248 if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1249 continue;
1250 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1251 &skb->nh.ipv6h->saddr);
1252 }
1253 }
1254 #endif
1255
1256 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1257 struct nd_opt_hdr *p;
1258 for (p = ndopts.nd_opts_pi;
1259 p;
1260 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1261 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1262 }
1263 }
1264
1265 if (ndopts.nd_opts_mtu) {
1266 u32 mtu;
1267
1268 memcpy(&mtu, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1269 mtu = ntohl(mtu);
1270
1271 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1272 ND_PRINTK2(KERN_WARNING
1273 "ICMPv6 RA: invalid mtu: %d\n",
1274 mtu);
1275 } else if (in6_dev->cnf.mtu6 != mtu) {
1276 in6_dev->cnf.mtu6 = mtu;
1277
1278 if (rt)
1279 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1280
1281 rt6_mtu_change(skb->dev, mtu);
1282 }
1283 }
1284
1285 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1286 ND_PRINTK2(KERN_WARNING
1287 "ICMPv6 RA: invalid RA options");
1288 }
1289 out:
1290 if (rt)
1291 dst_release(&rt->u.dst);
1292 else if (neigh)
1293 neigh_release(neigh);
1294 in6_dev_put(in6_dev);
1295 }
1296
1297 static void ndisc_redirect_rcv(struct sk_buff *skb)
1298 {
1299 struct inet6_dev *in6_dev;
1300 struct icmp6hdr *icmph;
1301 struct in6_addr *dest;
1302 struct in6_addr *target; /* new first hop to destination */
1303 struct neighbour *neigh;
1304 int on_link = 0;
1305 struct ndisc_options ndopts;
1306 int optlen;
1307 u8 *lladdr = NULL;
1308
1309 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1310 ND_PRINTK2(KERN_WARNING
1311 "ICMPv6 Redirect: source address is not link-local.\n");
1312 return;
1313 }
1314
1315 optlen = skb->tail - skb->h.raw;
1316 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1317
1318 if (optlen < 0) {
1319 ND_PRINTK2(KERN_WARNING
1320 "ICMPv6 Redirect: packet too short\n");
1321 return;
1322 }
1323
1324 icmph = (struct icmp6hdr *) skb->h.raw;
1325 target = (struct in6_addr *) (icmph + 1);
1326 dest = target + 1;
1327
1328 if (ipv6_addr_is_multicast(dest)) {
1329 ND_PRINTK2(KERN_WARNING
1330 "ICMPv6 Redirect: destination address is multicast.\n");
1331 return;
1332 }
1333
1334 if (ipv6_addr_equal(dest, target)) {
1335 on_link = 1;
1336 } else if (!(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) {
1337 ND_PRINTK2(KERN_WARNING
1338 "ICMPv6 Redirect: target address is not link-local.\n");
1339 return;
1340 }
1341
1342 in6_dev = in6_dev_get(skb->dev);
1343 if (!in6_dev)
1344 return;
1345 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1346 in6_dev_put(in6_dev);
1347 return;
1348 }
1349
1350 /* RFC2461 8.1:
1351 * The IP source address of the Redirect MUST be the same as the current
1352 * first-hop router for the specified ICMP Destination Address.
1353 */
1354
1355 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1356 ND_PRINTK2(KERN_WARNING
1357 "ICMPv6 Redirect: invalid ND options\n");
1358 in6_dev_put(in6_dev);
1359 return;
1360 }
1361 if (ndopts.nd_opts_tgt_lladdr) {
1362 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1363 skb->dev);
1364 if (!lladdr) {
1365 ND_PRINTK2(KERN_WARNING
1366 "ICMPv6 Redirect: invalid link-layer address length\n");
1367 in6_dev_put(in6_dev);
1368 return;
1369 }
1370 }
1371
1372 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1373 if (neigh) {
1374 rt6_redirect(dest, &skb->nh.ipv6h->daddr,
1375 &skb->nh.ipv6h->saddr, neigh, lladdr,
1376 on_link);
1377 neigh_release(neigh);
1378 }
1379 in6_dev_put(in6_dev);
1380 }
1381
1382 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1383 struct in6_addr *target)
1384 {
1385 struct sock *sk = ndisc_socket->sk;
1386 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1387 struct sk_buff *buff;
1388 struct icmp6hdr *icmph;
1389 struct in6_addr saddr_buf;
1390 struct in6_addr *addrp;
1391 struct net_device *dev;
1392 struct rt6_info *rt;
1393 struct dst_entry *dst;
1394 struct inet6_dev *idev;
1395 struct flowi fl;
1396 u8 *opt;
1397 int rd_len;
1398 int err;
1399 int hlen;
1400 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1401
1402 dev = skb->dev;
1403
1404 if (ipv6_get_lladdr(dev, &saddr_buf)) {
1405 ND_PRINTK2(KERN_WARNING
1406 "ICMPv6 Redirect: no link-local address on %s\n",
1407 dev->name);
1408 return;
1409 }
1410
1411 ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr,
1412 dev->ifindex);
1413
1414 dst = ip6_route_output(NULL, &fl);
1415 if (dst == NULL)
1416 return;
1417
1418 err = xfrm_lookup(&dst, &fl, NULL, 0);
1419 if (err)
1420 return;
1421
1422 rt = (struct rt6_info *) dst;
1423
1424 if (rt->rt6i_flags & RTF_GATEWAY) {
1425 ND_PRINTK2(KERN_WARNING
1426 "ICMPv6 Redirect: destination is not a neighbour.\n");
1427 dst_release(dst);
1428 return;
1429 }
1430 if (!xrlim_allow(dst, 1*HZ)) {
1431 dst_release(dst);
1432 return;
1433 }
1434
1435 if (dev->addr_len) {
1436 read_lock_bh(&neigh->lock);
1437 if (neigh->nud_state & NUD_VALID) {
1438 memcpy(ha_buf, neigh->ha, dev->addr_len);
1439 read_unlock_bh(&neigh->lock);
1440 ha = ha_buf;
1441 len += ndisc_opt_addr_space(dev);
1442 } else
1443 read_unlock_bh(&neigh->lock);
1444 }
1445
1446 rd_len = min_t(unsigned int,
1447 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1448 rd_len &= ~0x7;
1449 len += rd_len;
1450
1451 buff = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
1452 1, &err);
1453 if (buff == NULL) {
1454 ND_PRINTK0(KERN_ERR
1455 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1456 __FUNCTION__);
1457 dst_release(dst);
1458 return;
1459 }
1460
1461 hlen = 0;
1462
1463 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1464 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &skb->nh.ipv6h->saddr,
1465 IPPROTO_ICMPV6, len);
1466
1467 icmph = (struct icmp6hdr *)skb_put(buff, len);
1468 buff->h.raw = (unsigned char*)icmph;
1469
1470 memset(icmph, 0, sizeof(struct icmp6hdr));
1471 icmph->icmp6_type = NDISC_REDIRECT;
1472
1473 /*
1474 * copy target and destination addresses
1475 */
1476
1477 addrp = (struct in6_addr *)(icmph + 1);
1478 ipv6_addr_copy(addrp, target);
1479 addrp++;
1480 ipv6_addr_copy(addrp, &skb->nh.ipv6h->daddr);
1481
1482 opt = (u8*) (addrp + 1);
1483
1484 /*
1485 * include target_address option
1486 */
1487
1488 if (ha)
1489 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1490 dev->addr_len, dev->type);
1491
1492 /*
1493 * build redirect option and copy skb over to the new packet.
1494 */
1495
1496 memset(opt, 0, 8);
1497 *(opt++) = ND_OPT_REDIRECT_HDR;
1498 *(opt++) = (rd_len >> 3);
1499 opt += 6;
1500
1501 memcpy(opt, skb->nh.ipv6h, rd_len - 8);
1502
1503 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &skb->nh.ipv6h->saddr,
1504 len, IPPROTO_ICMPV6,
1505 csum_partial((u8 *) icmph, len, 0));
1506
1507 buff->dst = dst;
1508 idev = in6_dev_get(dst->dev);
1509 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
1510 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, buff, NULL, dst->dev, dst_output);
1511 if (!err) {
1512 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTREDIRECTS);
1513 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1514 }
1515
1516 if (likely(idev != NULL))
1517 in6_dev_put(idev);
1518 }
1519
1520 static void pndisc_redo(struct sk_buff *skb)
1521 {
1522 ndisc_recv_ns(skb);
1523 kfree_skb(skb);
1524 }
1525
1526 int ndisc_rcv(struct sk_buff *skb)
1527 {
1528 struct nd_msg *msg;
1529
1530 if (!pskb_may_pull(skb, skb->len))
1531 return 0;
1532
1533 msg = (struct nd_msg *) skb->h.raw;
1534
1535 __skb_push(skb, skb->data-skb->h.raw);
1536
1537 if (skb->nh.ipv6h->hop_limit != 255) {
1538 ND_PRINTK2(KERN_WARNING
1539 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1540 skb->nh.ipv6h->hop_limit);
1541 return 0;
1542 }
1543
1544 if (msg->icmph.icmp6_code != 0) {
1545 ND_PRINTK2(KERN_WARNING
1546 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1547 msg->icmph.icmp6_code);
1548 return 0;
1549 }
1550
1551 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1552
1553 switch (msg->icmph.icmp6_type) {
1554 case NDISC_NEIGHBOUR_SOLICITATION:
1555 ndisc_recv_ns(skb);
1556 break;
1557
1558 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1559 ndisc_recv_na(skb);
1560 break;
1561
1562 case NDISC_ROUTER_SOLICITATION:
1563 ndisc_recv_rs(skb);
1564 break;
1565
1566 case NDISC_ROUTER_ADVERTISEMENT:
1567 ndisc_router_discovery(skb);
1568 break;
1569
1570 case NDISC_REDIRECT:
1571 ndisc_redirect_rcv(skb);
1572 break;
1573 };
1574
1575 return 0;
1576 }
1577
1578 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1579 {
1580 struct net_device *dev = ptr;
1581
1582 switch (event) {
1583 case NETDEV_CHANGEADDR:
1584 neigh_changeaddr(&nd_tbl, dev);
1585 fib6_run_gc(~0UL);
1586 break;
1587 case NETDEV_DOWN:
1588 neigh_ifdown(&nd_tbl, dev);
1589 fib6_run_gc(~0UL);
1590 break;
1591 default:
1592 break;
1593 }
1594
1595 return NOTIFY_DONE;
1596 }
1597
1598 static struct notifier_block ndisc_netdev_notifier = {
1599 .notifier_call = ndisc_netdev_event,
1600 };
1601
1602 #ifdef CONFIG_SYSCTL
1603 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1604 const char *func, const char *dev_name)
1605 {
1606 static char warncomm[TASK_COMM_LEN];
1607 static int warned;
1608 if (strcmp(warncomm, current->comm) && warned < 5) {
1609 strcpy(warncomm, current->comm);
1610 printk(KERN_WARNING
1611 "process `%s' is using deprecated sysctl (%s) "
1612 "net.ipv6.neigh.%s.%s; "
1613 "Use net.ipv6.neigh.%s.%s_ms "
1614 "instead.\n",
1615 warncomm, func,
1616 dev_name, ctl->procname,
1617 dev_name, ctl->procname);
1618 warned++;
1619 }
1620 }
1621
1622 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1623 {
1624 struct net_device *dev = ctl->extra1;
1625 struct inet6_dev *idev;
1626 int ret;
1627
1628 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1629 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1630 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1631
1632 switch (ctl->ctl_name) {
1633 case NET_NEIGH_RETRANS_TIME:
1634 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1635 break;
1636 case NET_NEIGH_REACHABLE_TIME:
1637 ret = proc_dointvec_jiffies(ctl, write,
1638 filp, buffer, lenp, ppos);
1639 break;
1640 case NET_NEIGH_RETRANS_TIME_MS:
1641 case NET_NEIGH_REACHABLE_TIME_MS:
1642 ret = proc_dointvec_ms_jiffies(ctl, write,
1643 filp, buffer, lenp, ppos);
1644 break;
1645 default:
1646 ret = -1;
1647 }
1648
1649 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1650 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1651 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1652 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1653 idev->tstamp = jiffies;
1654 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1655 in6_dev_put(idev);
1656 }
1657 return ret;
1658 }
1659
1660 static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1661 int nlen, void __user *oldval,
1662 size_t __user *oldlenp,
1663 void __user *newval, size_t newlen,
1664 void **context)
1665 {
1666 struct net_device *dev = ctl->extra1;
1667 struct inet6_dev *idev;
1668 int ret;
1669
1670 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1671 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1672 ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1673
1674 switch (ctl->ctl_name) {
1675 case NET_NEIGH_REACHABLE_TIME:
1676 ret = sysctl_jiffies(ctl, name, nlen,
1677 oldval, oldlenp, newval, newlen,
1678 context);
1679 break;
1680 case NET_NEIGH_RETRANS_TIME_MS:
1681 case NET_NEIGH_REACHABLE_TIME_MS:
1682 ret = sysctl_ms_jiffies(ctl, name, nlen,
1683 oldval, oldlenp, newval, newlen,
1684 context);
1685 break;
1686 default:
1687 ret = 0;
1688 }
1689
1690 if (newval && newlen && ret > 0 &&
1691 dev && (idev = in6_dev_get(dev)) != NULL) {
1692 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1693 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1694 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1695 idev->tstamp = jiffies;
1696 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1697 in6_dev_put(idev);
1698 }
1699
1700 return ret;
1701 }
1702
1703 #endif
1704
1705 int __init ndisc_init(struct net_proto_family *ops)
1706 {
1707 struct ipv6_pinfo *np;
1708 struct sock *sk;
1709 int err;
1710
1711 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket);
1712 if (err < 0) {
1713 ND_PRINTK0(KERN_ERR
1714 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1715 err);
1716 ndisc_socket = NULL; /* For safety. */
1717 return err;
1718 }
1719
1720 sk = ndisc_socket->sk;
1721 np = inet6_sk(sk);
1722 sk->sk_allocation = GFP_ATOMIC;
1723 np->hop_limit = 255;
1724 /* Do not loopback ndisc messages */
1725 np->mc_loop = 0;
1726 sk->sk_prot->unhash(sk);
1727
1728 /*
1729 * Initialize the neighbour table
1730 */
1731
1732 neigh_table_init(&nd_tbl);
1733
1734 #ifdef CONFIG_SYSCTL
1735 neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH,
1736 "ipv6",
1737 &ndisc_ifinfo_sysctl_change,
1738 &ndisc_ifinfo_sysctl_strategy);
1739 #endif
1740
1741 register_netdevice_notifier(&ndisc_netdev_notifier);
1742 return 0;
1743 }
1744
1745 void ndisc_cleanup(void)
1746 {
1747 #ifdef CONFIG_SYSCTL
1748 neigh_sysctl_unregister(&nd_tbl.parms);
1749 #endif
1750 neigh_table_clear(&nd_tbl);
1751 sock_release(ndisc_socket);
1752 ndisc_socket = NULL; /* For safety. */
1753 }
kernel source for telekom puls (alcatel/mediatek)