projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'upstream-jeff' of git://git.kernel.org/pub/scm/linux/kernel/git/romieu...
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
21 * of an RA.
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
27 */
28
29 /* Set to 3 to get tracing... */
30 #define ND_DEBUG 1
31
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
38 #if ND_DEBUG >= 1
39 #undef ND_PRINTK1
40 #define ND_PRINTK1 ND_PRINTK
41 #endif
42 #if ND_DEBUG >= 2
43 #undef ND_PRINTK2
44 #define ND_PRINTK2 ND_PRINTK
45 #endif
46 #if ND_DEBUG >= 3
47 #undef ND_PRINTK3
48 #define ND_PRINTK3 ND_PRINTK
49 #endif
50
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #ifdef CONFIG_SYSCTL
63 #include <linux/sysctl.h>
64 #endif
65
66 #include <linux/if_addr.h>
67 #include <linux/if_arp.h>
68 #include <linux/ipv6.h>
69 #include <linux/icmpv6.h>
70 #include <linux/jhash.h>
71
72 #include <net/sock.h>
73 #include <net/snmp.h>
74
75 #include <net/ipv6.h>
76 #include <net/protocol.h>
77 #include <net/ndisc.h>
78 #include <net/ip6_route.h>
79 #include <net/addrconf.h>
80 #include <net/icmp.h>
81
82 #include <net/netlink.h>
83 #include <linux/rtnetlink.h>
84
85 #include <net/flow.h>
86 #include <net/ip6_checksum.h>
87 #include <linux/proc_fs.h>
88
89 #include <linux/netfilter.h>
90 #include <linux/netfilter_ipv6.h>
91
92 static struct socket *ndisc_socket;
93
94 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
95 static int ndisc_constructor(struct neighbour *neigh);
96 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
97 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
98 static int pndisc_constructor(struct pneigh_entry *n);
99 static void pndisc_destructor(struct pneigh_entry *n);
100 static void pndisc_redo(struct sk_buff *skb);
101
102 static struct neigh_ops ndisc_generic_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_connected_output,
108 .hh_output = dev_queue_xmit,
109 .queue_xmit = dev_queue_xmit,
110 };
111
112 static struct neigh_ops ndisc_hh_ops = {
113 .family = AF_INET6,
114 .solicit = ndisc_solicit,
115 .error_report = ndisc_error_report,
116 .output = neigh_resolve_output,
117 .connected_output = neigh_resolve_output,
118 .hh_output = dev_queue_xmit,
119 .queue_xmit = dev_queue_xmit,
120 };
121
122
123 static struct neigh_ops ndisc_direct_ops = {
124 .family = AF_INET6,
125 .output = dev_queue_xmit,
126 .connected_output = dev_queue_xmit,
127 .hh_output = dev_queue_xmit,
128 .queue_xmit = dev_queue_xmit,
129 };
130
131 struct neigh_table nd_tbl = {
132 .family = AF_INET6,
133 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
134 .key_len = sizeof(struct in6_addr),
135 .hash = ndisc_hash,
136 .constructor = ndisc_constructor,
137 .pconstructor = pndisc_constructor,
138 .pdestructor = pndisc_destructor,
139 .proxy_redo = pndisc_redo,
140 .id = "ndisc_cache",
141 .parms = {
142 .tbl = &nd_tbl,
143 .base_reachable_time = 30 * HZ,
144 .retrans_time = 1 * HZ,
145 .gc_staletime = 60 * HZ,
146 .reachable_time = 30 * HZ,
147 .delay_probe_time = 5 * HZ,
148 .queue_len = 3,
149 .ucast_probes = 3,
150 .mcast_probes = 3,
151 .anycast_delay = 1 * HZ,
152 .proxy_delay = (8 * HZ) / 10,
153 .proxy_qlen = 64,
154 },
155 .gc_interval = 30 * HZ,
156 .gc_thresh1 = 128,
157 .gc_thresh2 = 512,
158 .gc_thresh3 = 1024,
159 };
160
161 /* ND options */
162 struct ndisc_options {
163 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
164 #ifdef CONFIG_IPV6_ROUTE_INFO
165 struct nd_opt_hdr *nd_opts_ri;
166 struct nd_opt_hdr *nd_opts_ri_end;
167 #endif
168 struct nd_opt_hdr *nd_useropts;
169 struct nd_opt_hdr *nd_useropts_end;
170 };
171
172 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
173 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
174 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
175 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
176 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
177 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
178
179 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
180
181 /*
182 * Return the padding between the option length and the start of the
183 * link addr. Currently only IP-over-InfiniBand needs this, although
184 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
185 * also need a pad of 2.
186 */
187 static int ndisc_addr_option_pad(unsigned short type)
188 {
189 switch (type) {
190 case ARPHRD_INFINIBAND: return 2;
191 default: return 0;
192 }
193 }
194
195 static inline int ndisc_opt_addr_space(struct net_device *dev)
196 {
197 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
198 }
199
200 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
201 unsigned short addr_type)
202 {
203 int space = NDISC_OPT_SPACE(data_len);
204 int pad = ndisc_addr_option_pad(addr_type);
205
206 opt[0] = type;
207 opt[1] = space>>3;
208
209 memset(opt + 2, 0, pad);
210 opt += pad;
211 space -= pad;
212
213 memcpy(opt+2, data, data_len);
214 data_len += 2;
215 opt += data_len;
216 if ((space -= data_len) > 0)
217 memset(opt, 0, space);
218 return opt + space;
219 }
220
221 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
222 struct nd_opt_hdr *end)
223 {
224 int type;
225 if (!cur || !end || cur >= end)
226 return NULL;
227 type = cur->nd_opt_type;
228 do {
229 cur = ((void *)cur) + (cur->nd_opt_len << 3);
230 } while(cur < end && cur->nd_opt_type != type);
231 return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
232 }
233
234 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
235 {
236 return (opt->nd_opt_type == ND_OPT_RDNSS);
237 }
238
239 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
240 struct nd_opt_hdr *end)
241 {
242 if (!cur || !end || cur >= end)
243 return NULL;
244 do {
245 cur = ((void *)cur) + (cur->nd_opt_len << 3);
246 } while(cur < end && !ndisc_is_useropt(cur));
247 return (cur <= end && ndisc_is_useropt(cur) ? cur : NULL);
248 }
249
250 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
251 struct ndisc_options *ndopts)
252 {
253 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
254
255 if (!nd_opt || opt_len < 0 || !ndopts)
256 return NULL;
257 memset(ndopts, 0, sizeof(*ndopts));
258 while (opt_len) {
259 int l;
260 if (opt_len < sizeof(struct nd_opt_hdr))
261 return NULL;
262 l = nd_opt->nd_opt_len << 3;
263 if (opt_len < l || l == 0)
264 return NULL;
265 switch (nd_opt->nd_opt_type) {
266 case ND_OPT_SOURCE_LL_ADDR:
267 case ND_OPT_TARGET_LL_ADDR:
268 case ND_OPT_MTU:
269 case ND_OPT_REDIRECT_HDR:
270 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
271 ND_PRINTK2(KERN_WARNING
272 "%s(): duplicated ND6 option found: type=%d\n",
273 __FUNCTION__,
274 nd_opt->nd_opt_type);
275 } else {
276 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
277 }
278 break;
279 case ND_OPT_PREFIX_INFO:
280 ndopts->nd_opts_pi_end = nd_opt;
281 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
282 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
283 break;
284 #ifdef CONFIG_IPV6_ROUTE_INFO
285 case ND_OPT_ROUTE_INFO:
286 ndopts->nd_opts_ri_end = nd_opt;
287 if (!ndopts->nd_opts_ri)
288 ndopts->nd_opts_ri = nd_opt;
289 break;
290 #endif
291 default:
292 if (ndisc_is_useropt(nd_opt)) {
293 ndopts->nd_useropts_end = nd_opt;
294 if (!ndopts->nd_useropts)
295 ndopts->nd_useropts = nd_opt;
296 } else {
297 /*
298 * Unknown options must be silently ignored,
299 * to accommodate future extension to the
300 * protocol.
301 */
302 ND_PRINTK2(KERN_NOTICE
303 "%s(): ignored unsupported option; type=%d, len=%d\n",
304 __FUNCTION__,
305 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
306 }
307 }
308 opt_len -= l;
309 nd_opt = ((void *)nd_opt) + l;
310 }
311 return ndopts;
312 }
313
314 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
315 struct net_device *dev)
316 {
317 u8 *lladdr = (u8 *)(p + 1);
318 int lladdrlen = p->nd_opt_len << 3;
319 int prepad = ndisc_addr_option_pad(dev->type);
320 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
321 return NULL;
322 return (lladdr + prepad);
323 }
324
325 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
326 {
327 switch (dev->type) {
328 case ARPHRD_ETHER:
329 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
330 case ARPHRD_FDDI:
331 ipv6_eth_mc_map(addr, buf);
332 return 0;
333 case ARPHRD_IEEE802_TR:
334 ipv6_tr_mc_map(addr,buf);
335 return 0;
336 case ARPHRD_ARCNET:
337 ipv6_arcnet_mc_map(addr, buf);
338 return 0;
339 case ARPHRD_INFINIBAND:
340 ipv6_ib_mc_map(addr, buf);
341 return 0;
342 default:
343 if (dir) {
344 memcpy(buf, dev->broadcast, dev->addr_len);
345 return 0;
346 }
347 }
348 return -EINVAL;
349 }
350
351 EXPORT_SYMBOL(ndisc_mc_map);
352
353 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
354 {
355 const u32 *p32 = pkey;
356 u32 addr_hash, i;
357
358 addr_hash = 0;
359 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
360 addr_hash ^= *p32++;
361
362 return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
363 }
364
365 static int ndisc_constructor(struct neighbour *neigh)
366 {
367 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
368 struct net_device *dev = neigh->dev;
369 struct inet6_dev *in6_dev;
370 struct neigh_parms *parms;
371 int is_multicast = ipv6_addr_is_multicast(addr);
372
373 rcu_read_lock();
374 in6_dev = in6_dev_get(dev);
375 if (in6_dev == NULL) {
376 rcu_read_unlock();
377 return -EINVAL;
378 }
379
380 parms = in6_dev->nd_parms;
381 __neigh_parms_put(neigh->parms);
382 neigh->parms = neigh_parms_clone(parms);
383 rcu_read_unlock();
384
385 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
386 if (!dev->header_ops) {
387 neigh->nud_state = NUD_NOARP;
388 neigh->ops = &ndisc_direct_ops;
389 neigh->output = neigh->ops->queue_xmit;
390 } else {
391 if (is_multicast) {
392 neigh->nud_state = NUD_NOARP;
393 ndisc_mc_map(addr, neigh->ha, dev, 1);
394 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
395 neigh->nud_state = NUD_NOARP;
396 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
397 if (dev->flags&IFF_LOOPBACK)
398 neigh->type = RTN_LOCAL;
399 } else if (dev->flags&IFF_POINTOPOINT) {
400 neigh->nud_state = NUD_NOARP;
401 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
402 }
403 if (dev->header_ops->cache)
404 neigh->ops = &ndisc_hh_ops;
405 else
406 neigh->ops = &ndisc_generic_ops;
407 if (neigh->nud_state&NUD_VALID)
408 neigh->output = neigh->ops->connected_output;
409 else
410 neigh->output = neigh->ops->output;
411 }
412 in6_dev_put(in6_dev);
413 return 0;
414 }
415
416 static int pndisc_constructor(struct pneigh_entry *n)
417 {
418 struct in6_addr *addr = (struct in6_addr*)&n->key;
419 struct in6_addr maddr;
420 struct net_device *dev = n->dev;
421
422 if (dev == NULL || __in6_dev_get(dev) == NULL)
423 return -EINVAL;
424 addrconf_addr_solict_mult(addr, &maddr);
425 ipv6_dev_mc_inc(dev, &maddr);
426 return 0;
427 }
428
429 static void pndisc_destructor(struct pneigh_entry *n)
430 {
431 struct in6_addr *addr = (struct in6_addr*)&n->key;
432 struct in6_addr maddr;
433 struct net_device *dev = n->dev;
434
435 if (dev == NULL || __in6_dev_get(dev) == NULL)
436 return;
437 addrconf_addr_solict_mult(addr, &maddr);
438 ipv6_dev_mc_dec(dev, &maddr);
439 }
440
441 /*
442 * Send a Neighbour Advertisement
443 */
444
445 static inline void ndisc_flow_init(struct flowi *fl, u8 type,
446 struct in6_addr *saddr, struct in6_addr *daddr,
447 int oif)
448 {
449 memset(fl, 0, sizeof(*fl));
450 ipv6_addr_copy(&fl->fl6_src, saddr);
451 ipv6_addr_copy(&fl->fl6_dst, daddr);
452 fl->proto = IPPROTO_ICMPV6;
453 fl->fl_icmp_type = type;
454 fl->fl_icmp_code = 0;
455 fl->oif = oif;
456 security_sk_classify_flow(ndisc_socket->sk, fl);
457 }
458
459 static void __ndisc_send(struct net_device *dev,
460 struct neighbour *neigh,
461 struct in6_addr *daddr, struct in6_addr *saddr,
462 struct icmp6hdr *icmp6h, struct in6_addr *target,
463 int llinfo)
464 {
465 struct flowi fl;
466 struct dst_entry *dst;
467 struct sock *sk = ndisc_socket->sk;
468 struct sk_buff *skb;
469 struct icmp6hdr *hdr;
470 struct inet6_dev *idev;
471 int len;
472 int err;
473 u8 *opt, type;
474
475 type = icmp6h->icmp6_type;
476
477 ndisc_flow_init(&fl, type, saddr, daddr,
478 dev->ifindex);
479
480 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
481 if (!dst)
482 return;
483
484 err = xfrm_lookup(&dst, &fl, NULL, 0);
485 if (err < 0)
486 return;
487
488 if (!dev->addr_len)
489 llinfo = 0;
490
491 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
492 if (llinfo)
493 len += ndisc_opt_addr_space(dev);
494
495 skb = sock_alloc_send_skb(sk,
496 (MAX_HEADER + sizeof(struct ipv6hdr) +
497 len + LL_RESERVED_SPACE(dev)),
498 1, &err);
499 if (!skb) {
500 ND_PRINTK0(KERN_ERR
501 "ICMPv6 ND: %s() failed to allocate an skb.\n",
502 __FUNCTION__);
503 dst_release(dst);
504 return;
505 }
506
507 skb_reserve(skb, LL_RESERVED_SPACE(dev));
508 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
509
510 skb->transport_header = skb->tail;
511 skb_put(skb, len);
512
513 hdr = (struct icmp6hdr *)skb_transport_header(skb);
514 memcpy(hdr, icmp6h, sizeof(*hdr));
515
516 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
517 if (target) {
518 ipv6_addr_copy((struct in6_addr *)opt, target);
519 opt += sizeof(*target);
520 }
521
522 if (llinfo)
523 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
524 dev->addr_len, dev->type);
525
526 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
527 IPPROTO_ICMPV6,
528 csum_partial((__u8 *) hdr,
529 len, 0));
530
531 skb->dst = dst;
532
533 idev = in6_dev_get(dst->dev);
534 IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS);
535
536 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
537 if (!err) {
538 ICMP6MSGOUT_INC_STATS(idev, type);
539 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
540 }
541
542 if (likely(idev != NULL))
543 in6_dev_put(idev);
544 }
545
546 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
547 struct in6_addr *daddr, struct in6_addr *solicited_addr,
548 int router, int solicited, int override, int inc_opt)
549 {
550 struct in6_addr tmpaddr;
551 struct inet6_ifaddr *ifp;
552 struct in6_addr *src_addr;
553 struct icmp6hdr icmp6h = {
554 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
555 };
556
557 /* for anycast or proxy, solicited_addr != src_addr */
558 ifp = ipv6_get_ifaddr(solicited_addr, dev, 1);
559 if (ifp) {
560 src_addr = solicited_addr;
561 if (ifp->flags & IFA_F_OPTIMISTIC)
562 override = 0;
563 in6_ifa_put(ifp);
564 } else {
565 if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
566 return;
567 src_addr = &tmpaddr;
568 }
569
570 icmp6h.icmp6_router = router;
571 icmp6h.icmp6_solicited = solicited;
572 icmp6h.icmp6_override = override;
573
574 __ndisc_send(dev, neigh, daddr, src_addr,
575 &icmp6h, solicited_addr,
576 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
577 }
578
579 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
580 struct in6_addr *solicit,
581 struct in6_addr *daddr, struct in6_addr *saddr)
582 {
583 struct in6_addr addr_buf;
584 struct icmp6hdr icmp6h = {
585 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
586 };
587
588 if (saddr == NULL) {
589 if (ipv6_get_lladdr(dev, &addr_buf,
590 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
591 return;
592 saddr = &addr_buf;
593 }
594
595 __ndisc_send(dev, neigh, daddr, saddr,
596 &icmp6h, solicit,
597 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
598 }
599
600 void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
601 struct in6_addr *daddr)
602 {
603 struct icmp6hdr icmp6h = {
604 .icmp6_type = NDISC_ROUTER_SOLICITATION,
605 };
606 int send_sllao = dev->addr_len;
607
608 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
609 /*
610 * According to section 2.2 of RFC 4429, we must not
611 * send router solicitations with a sllao from
612 * optimistic addresses, but we may send the solicitation
613 * if we don't include the sllao. So here we check
614 * if our address is optimistic, and if so, we
615 * supress the inclusion of the sllao.
616 */
617 if (send_sllao) {
618 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(saddr, dev, 1);
619 if (ifp) {
620 if (ifp->flags & IFA_F_OPTIMISTIC) {
621 send_sllao = 0;
622 }
623 in6_ifa_put(ifp);
624 } else {
625 send_sllao = 0;
626 }
627 }
628 #endif
629 __ndisc_send(dev, NULL, daddr, saddr,
630 &icmp6h, NULL,
631 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
632 }
633
634
635 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
636 {
637 /*
638 * "The sender MUST return an ICMP
639 * destination unreachable"
640 */
641 dst_link_failure(skb);
642 kfree_skb(skb);
643 }
644
645 /* Called with locked neigh: either read or both */
646
647 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
648 {
649 struct in6_addr *saddr = NULL;
650 struct in6_addr mcaddr;
651 struct net_device *dev = neigh->dev;
652 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
653 int probes = atomic_read(&neigh->probes);
654
655 if (skb && ipv6_chk_addr(&ipv6_hdr(skb)->saddr, dev, 1))
656 saddr = &ipv6_hdr(skb)->saddr;
657
658 if ((probes -= neigh->parms->ucast_probes) < 0) {
659 if (!(neigh->nud_state & NUD_VALID)) {
660 ND_PRINTK1(KERN_DEBUG
661 "%s(): trying to ucast probe in NUD_INVALID: "
662 NIP6_FMT "\n",
663 __FUNCTION__,
664 NIP6(*target));
665 }
666 ndisc_send_ns(dev, neigh, target, target, saddr);
667 } else if ((probes -= neigh->parms->app_probes) < 0) {
668 #ifdef CONFIG_ARPD
669 neigh_app_ns(neigh);
670 #endif
671 } else {
672 addrconf_addr_solict_mult(target, &mcaddr);
673 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
674 }
675 }
676
677 static void ndisc_recv_ns(struct sk_buff *skb)
678 {
679 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
680 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
681 struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
682 u8 *lladdr = NULL;
683 u32 ndoptlen = skb->tail - (skb->transport_header +
684 offsetof(struct nd_msg, opt));
685 struct ndisc_options ndopts;
686 struct net_device *dev = skb->dev;
687 struct inet6_ifaddr *ifp;
688 struct inet6_dev *idev = NULL;
689 struct neighbour *neigh;
690 struct pneigh_entry *pneigh = NULL;
691 int dad = ipv6_addr_any(saddr);
692 int inc;
693 int is_router;
694
695 if (ipv6_addr_is_multicast(&msg->target)) {
696 ND_PRINTK2(KERN_WARNING
697 "ICMPv6 NS: multicast target address");
698 return;
699 }
700
701 /*
702 * RFC2461 7.1.1:
703 * DAD has to be destined for solicited node multicast address.
704 */
705 if (dad &&
706 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
707 daddr->s6_addr32[1] == htonl(0x00000000) &&
708 daddr->s6_addr32[2] == htonl(0x00000001) &&
709 daddr->s6_addr [12] == 0xff )) {
710 ND_PRINTK2(KERN_WARNING
711 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
712 return;
713 }
714
715 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
716 ND_PRINTK2(KERN_WARNING
717 "ICMPv6 NS: invalid ND options\n");
718 return;
719 }
720
721 if (ndopts.nd_opts_src_lladdr) {
722 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
723 if (!lladdr) {
724 ND_PRINTK2(KERN_WARNING
725 "ICMPv6 NS: invalid link-layer address length\n");
726 return;
727 }
728
729 /* RFC2461 7.1.1:
730 * If the IP source address is the unspecified address,
731 * there MUST NOT be source link-layer address option
732 * in the message.
733 */
734 if (dad) {
735 ND_PRINTK2(KERN_WARNING
736 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
737 return;
738 }
739 }
740
741 inc = ipv6_addr_is_multicast(daddr);
742
743 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) {
744
745 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
746 if (dad) {
747 if (dev->type == ARPHRD_IEEE802_TR) {
748 const unsigned char *sadr;
749 sadr = skb_mac_header(skb);
750 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
751 sadr[9] == dev->dev_addr[1] &&
752 sadr[10] == dev->dev_addr[2] &&
753 sadr[11] == dev->dev_addr[3] &&
754 sadr[12] == dev->dev_addr[4] &&
755 sadr[13] == dev->dev_addr[5]) {
756 /* looped-back to us */
757 goto out;
758 }
759 }
760
761 /*
762 * We are colliding with another node
763 * who is doing DAD
764 * so fail our DAD process
765 */
766 addrconf_dad_failure(ifp);
767 return;
768 } else {
769 /*
770 * This is not a dad solicitation.
771 * If we are an optimistic node,
772 * we should respond.
773 * Otherwise, we should ignore it.
774 */
775 if (!(ifp->flags & IFA_F_OPTIMISTIC))
776 goto out;
777 }
778 }
779
780 idev = ifp->idev;
781 } else {
782 idev = in6_dev_get(dev);
783 if (!idev) {
784 /* XXX: count this drop? */
785 return;
786 }
787
788 if (ipv6_chk_acast_addr(dev, &msg->target) ||
789 (idev->cnf.forwarding &&
790 (ipv6_devconf.proxy_ndp || idev->cnf.proxy_ndp) &&
791 (pneigh = pneigh_lookup(&nd_tbl,
792 &msg->target, dev, 0)) != NULL)) {
793 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
794 skb->pkt_type != PACKET_HOST &&
795 inc != 0 &&
796 idev->nd_parms->proxy_delay != 0) {
797 /*
798 * for anycast or proxy,
799 * sender should delay its response
800 * by a random time between 0 and
801 * MAX_ANYCAST_DELAY_TIME seconds.
802 * (RFC2461) -- yoshfuji
803 */
804 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
805 if (n)
806 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
807 goto out;
808 }
809 } else
810 goto out;
811 }
812
813 is_router = !!(pneigh ? pneigh->flags & NTF_ROUTER : idev->cnf.forwarding);
814
815 if (dad) {
816 struct in6_addr maddr;
817
818 ipv6_addr_all_nodes(&maddr);
819 ndisc_send_na(dev, NULL, &maddr, &msg->target,
820 is_router, 0, (ifp != NULL), 1);
821 goto out;
822 }
823
824 if (inc)
825 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
826 else
827 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
828
829 /*
830 * update / create cache entry
831 * for the source address
832 */
833 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
834 !inc || lladdr || !dev->addr_len);
835 if (neigh)
836 neigh_update(neigh, lladdr, NUD_STALE,
837 NEIGH_UPDATE_F_WEAK_OVERRIDE|
838 NEIGH_UPDATE_F_OVERRIDE);
839 if (neigh || !dev->header_ops) {
840 ndisc_send_na(dev, neigh, saddr, &msg->target,
841 is_router,
842 1, (ifp != NULL && inc), inc);
843 if (neigh)
844 neigh_release(neigh);
845 }
846
847 out:
848 if (ifp)
849 in6_ifa_put(ifp);
850 else
851 in6_dev_put(idev);
852
853 return;
854 }
855
856 static void ndisc_recv_na(struct sk_buff *skb)
857 {
858 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
859 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
860 struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
861 u8 *lladdr = NULL;
862 u32 ndoptlen = skb->tail - (skb->transport_header +
863 offsetof(struct nd_msg, opt));
864 struct ndisc_options ndopts;
865 struct net_device *dev = skb->dev;
866 struct inet6_ifaddr *ifp;
867 struct neighbour *neigh;
868
869 if (skb->len < sizeof(struct nd_msg)) {
870 ND_PRINTK2(KERN_WARNING
871 "ICMPv6 NA: packet too short\n");
872 return;
873 }
874
875 if (ipv6_addr_is_multicast(&msg->target)) {
876 ND_PRINTK2(KERN_WARNING
877 "ICMPv6 NA: target address is multicast.\n");
878 return;
879 }
880
881 if (ipv6_addr_is_multicast(daddr) &&
882 msg->icmph.icmp6_solicited) {
883 ND_PRINTK2(KERN_WARNING
884 "ICMPv6 NA: solicited NA is multicasted.\n");
885 return;
886 }
887
888 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
889 ND_PRINTK2(KERN_WARNING
890 "ICMPv6 NS: invalid ND option\n");
891 return;
892 }
893 if (ndopts.nd_opts_tgt_lladdr) {
894 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
895 if (!lladdr) {
896 ND_PRINTK2(KERN_WARNING
897 "ICMPv6 NA: invalid link-layer address length\n");
898 return;
899 }
900 }
901 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1))) {
902 if (ifp->flags & IFA_F_TENTATIVE) {
903 addrconf_dad_failure(ifp);
904 return;
905 }
906 /* What should we make now? The advertisement
907 is invalid, but ndisc specs say nothing
908 about it. It could be misconfiguration, or
909 an smart proxy agent tries to help us :-)
910 */
911 ND_PRINTK1(KERN_WARNING
912 "ICMPv6 NA: someone advertises our address on %s!\n",
913 ifp->idev->dev->name);
914 in6_ifa_put(ifp);
915 return;
916 }
917 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
918
919 if (neigh) {
920 u8 old_flags = neigh->flags;
921
922 if (neigh->nud_state & NUD_FAILED)
923 goto out;
924
925 /*
926 * Don't update the neighbor cache entry on a proxy NA from
927 * ourselves because either the proxied node is off link or it
928 * has already sent a NA to us.
929 */
930 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
931 ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp &&
932 pneigh_lookup(&nd_tbl, &msg->target, dev, 0)) {
933 /* XXX: idev->cnf.prixy_ndp */
934 goto out;
935 }
936
937 neigh_update(neigh, lladdr,
938 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
939 NEIGH_UPDATE_F_WEAK_OVERRIDE|
940 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
941 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
942 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
943
944 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
945 /*
946 * Change: router to host
947 */
948 struct rt6_info *rt;
949 rt = rt6_get_dflt_router(saddr, dev);
950 if (rt)
951 ip6_del_rt(rt);
952 }
953
954 out:
955 neigh_release(neigh);
956 }
957 }
958
959 static void ndisc_recv_rs(struct sk_buff *skb)
960 {
961 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
962 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
963 struct neighbour *neigh;
964 struct inet6_dev *idev;
965 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
966 struct ndisc_options ndopts;
967 u8 *lladdr = NULL;
968
969 if (skb->len < sizeof(*rs_msg))
970 return;
971
972 idev = in6_dev_get(skb->dev);
973 if (!idev) {
974 if (net_ratelimit())
975 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
976 return;
977 }
978
979 /* Don't accept RS if we're not in router mode */
980 if (!idev->cnf.forwarding)
981 goto out;
982
983 /*
984 * Don't update NCE if src = ::;
985 * this implies that the source node has no ip address assigned yet.
986 */
987 if (ipv6_addr_any(saddr))
988 goto out;
989
990 /* Parse ND options */
991 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
992 if (net_ratelimit())
993 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
994 goto out;
995 }
996
997 if (ndopts.nd_opts_src_lladdr) {
998 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
999 skb->dev);
1000 if (!lladdr)
1001 goto out;
1002 }
1003
1004 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1005 if (neigh) {
1006 neigh_update(neigh, lladdr, NUD_STALE,
1007 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1008 NEIGH_UPDATE_F_OVERRIDE|
1009 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1010 neigh_release(neigh);
1011 }
1012 out:
1013 in6_dev_put(idev);
1014 }
1015
1016 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1017 {
1018 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1019 struct sk_buff *skb;
1020 struct nlmsghdr *nlh;
1021 struct nduseroptmsg *ndmsg;
1022 int err;
1023 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1024 + (opt->nd_opt_len << 3));
1025 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1026
1027 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1028 if (skb == NULL) {
1029 err = -ENOBUFS;
1030 goto errout;
1031 }
1032
1033 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1034 if (nlh == NULL) {
1035 goto nla_put_failure;
1036 }
1037
1038 ndmsg = nlmsg_data(nlh);
1039 ndmsg->nduseropt_family = AF_INET6;
1040 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1041 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1042 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1043
1044 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1045
1046 NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1047 &ipv6_hdr(ra)->saddr);
1048 nlmsg_end(skb, nlh);
1049
1050 err = rtnl_notify(skb, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1051 if (err < 0)
1052 goto errout;
1053
1054 return;
1055
1056 nla_put_failure:
1057 nlmsg_free(skb);
1058 err = -EMSGSIZE;
1059 errout:
1060 rtnl_set_sk_err(RTNLGRP_ND_USEROPT, err);
1061 }
1062
1063 static void ndisc_router_discovery(struct sk_buff *skb)
1064 {
1065 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1066 struct neighbour *neigh = NULL;
1067 struct inet6_dev *in6_dev;
1068 struct rt6_info *rt = NULL;
1069 int lifetime;
1070 struct ndisc_options ndopts;
1071 int optlen;
1072 unsigned int pref = 0;
1073
1074 __u8 * opt = (__u8 *)(ra_msg + 1);
1075
1076 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1077
1078 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1079 ND_PRINTK2(KERN_WARNING
1080 "ICMPv6 RA: source address is not link-local.\n");
1081 return;
1082 }
1083 if (optlen < 0) {
1084 ND_PRINTK2(KERN_WARNING
1085 "ICMPv6 RA: packet too short\n");
1086 return;
1087 }
1088
1089 /*
1090 * set the RA_RECV flag in the interface
1091 */
1092
1093 in6_dev = in6_dev_get(skb->dev);
1094 if (in6_dev == NULL) {
1095 ND_PRINTK0(KERN_ERR
1096 "ICMPv6 RA: can't find inet6 device for %s.\n",
1097 skb->dev->name);
1098 return;
1099 }
1100 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1101 in6_dev_put(in6_dev);
1102 return;
1103 }
1104
1105 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1106 in6_dev_put(in6_dev);
1107 ND_PRINTK2(KERN_WARNING
1108 "ICMP6 RA: invalid ND options\n");
1109 return;
1110 }
1111
1112 if (in6_dev->if_flags & IF_RS_SENT) {
1113 /*
1114 * flag that an RA was received after an RS was sent
1115 * out on this interface.
1116 */
1117 in6_dev->if_flags |= IF_RA_RCVD;
1118 }
1119
1120 /*
1121 * Remember the managed/otherconf flags from most recently
1122 * received RA message (RFC 2462) -- yoshfuji
1123 */
1124 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1125 IF_RA_OTHERCONF)) |
1126 (ra_msg->icmph.icmp6_addrconf_managed ?
1127 IF_RA_MANAGED : 0) |
1128 (ra_msg->icmph.icmp6_addrconf_other ?
1129 IF_RA_OTHERCONF : 0);
1130
1131 if (!in6_dev->cnf.accept_ra_defrtr)
1132 goto skip_defrtr;
1133
1134 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1135
1136 #ifdef CONFIG_IPV6_ROUTER_PREF
1137 pref = ra_msg->icmph.icmp6_router_pref;
1138 /* 10b is handled as if it were 00b (medium) */
1139 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1140 !in6_dev->cnf.accept_ra_rtr_pref)
1141 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1142 #endif
1143
1144 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1145
1146 if (rt)
1147 neigh = rt->rt6i_nexthop;
1148
1149 if (rt && lifetime == 0) {
1150 neigh_clone(neigh);
1151 ip6_del_rt(rt);
1152 rt = NULL;
1153 }
1154
1155 if (rt == NULL && lifetime) {
1156 ND_PRINTK3(KERN_DEBUG
1157 "ICMPv6 RA: adding default router.\n");
1158
1159 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1160 if (rt == NULL) {
1161 ND_PRINTK0(KERN_ERR
1162 "ICMPv6 RA: %s() failed to add default route.\n",
1163 __FUNCTION__);
1164 in6_dev_put(in6_dev);
1165 return;
1166 }
1167
1168 neigh = rt->rt6i_nexthop;
1169 if (neigh == NULL) {
1170 ND_PRINTK0(KERN_ERR
1171 "ICMPv6 RA: %s() got default router without neighbour.\n",
1172 __FUNCTION__);
1173 dst_release(&rt->u.dst);
1174 in6_dev_put(in6_dev);
1175 return;
1176 }
1177 neigh->flags |= NTF_ROUTER;
1178 } else if (rt) {
1179 rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1180 }
1181
1182 if (rt)
1183 rt->rt6i_expires = jiffies + (HZ * lifetime);
1184
1185 if (ra_msg->icmph.icmp6_hop_limit) {
1186 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1187 if (rt)
1188 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1189 }
1190
1191 skip_defrtr:
1192
1193 /*
1194 * Update Reachable Time and Retrans Timer
1195 */
1196
1197 if (in6_dev->nd_parms) {
1198 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1199
1200 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1201 rtime = (rtime*HZ)/1000;
1202 if (rtime < HZ/10)
1203 rtime = HZ/10;
1204 in6_dev->nd_parms->retrans_time = rtime;
1205 in6_dev->tstamp = jiffies;
1206 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1207 }
1208
1209 rtime = ntohl(ra_msg->reachable_time);
1210 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1211 rtime = (rtime*HZ)/1000;
1212
1213 if (rtime < HZ/10)
1214 rtime = HZ/10;
1215
1216 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1217 in6_dev->nd_parms->base_reachable_time = rtime;
1218 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1219 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1220 in6_dev->tstamp = jiffies;
1221 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1222 }
1223 }
1224 }
1225
1226 /*
1227 * Process options.
1228 */
1229
1230 if (!neigh)
1231 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1232 skb->dev, 1);
1233 if (neigh) {
1234 u8 *lladdr = NULL;
1235 if (ndopts.nd_opts_src_lladdr) {
1236 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1237 skb->dev);
1238 if (!lladdr) {
1239 ND_PRINTK2(KERN_WARNING
1240 "ICMPv6 RA: invalid link-layer address length\n");
1241 goto out;
1242 }
1243 }
1244 neigh_update(neigh, lladdr, NUD_STALE,
1245 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1246 NEIGH_UPDATE_F_OVERRIDE|
1247 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1248 NEIGH_UPDATE_F_ISROUTER);
1249 }
1250
1251 #ifdef CONFIG_IPV6_ROUTE_INFO
1252 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1253 struct nd_opt_hdr *p;
1254 for (p = ndopts.nd_opts_ri;
1255 p;
1256 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1257 if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1258 continue;
1259 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1260 &ipv6_hdr(skb)->saddr);
1261 }
1262 }
1263 #endif
1264
1265 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1266 struct nd_opt_hdr *p;
1267 for (p = ndopts.nd_opts_pi;
1268 p;
1269 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1270 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1271 }
1272 }
1273
1274 if (ndopts.nd_opts_mtu) {
1275 __be32 n;
1276 u32 mtu;
1277
1278 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1279 mtu = ntohl(n);
1280
1281 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1282 ND_PRINTK2(KERN_WARNING
1283 "ICMPv6 RA: invalid mtu: %d\n",
1284 mtu);
1285 } else if (in6_dev->cnf.mtu6 != mtu) {
1286 in6_dev->cnf.mtu6 = mtu;
1287
1288 if (rt)
1289 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1290
1291 rt6_mtu_change(skb->dev, mtu);
1292 }
1293 }
1294
1295 if (ndopts.nd_useropts) {
1296 struct nd_opt_hdr *opt;
1297 for (opt = ndopts.nd_useropts;
1298 opt;
1299 opt = ndisc_next_useropt(opt, ndopts.nd_useropts_end)) {
1300 ndisc_ra_useropt(skb, opt);
1301 }
1302 }
1303
1304 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1305 ND_PRINTK2(KERN_WARNING
1306 "ICMPv6 RA: invalid RA options");
1307 }
1308 out:
1309 if (rt)
1310 dst_release(&rt->u.dst);
1311 else if (neigh)
1312 neigh_release(neigh);
1313 in6_dev_put(in6_dev);
1314 }
1315
1316 static void ndisc_redirect_rcv(struct sk_buff *skb)
1317 {
1318 struct inet6_dev *in6_dev;
1319 struct icmp6hdr *icmph;
1320 struct in6_addr *dest;
1321 struct in6_addr *target; /* new first hop to destination */
1322 struct neighbour *neigh;
1323 int on_link = 0;
1324 struct ndisc_options ndopts;
1325 int optlen;
1326 u8 *lladdr = NULL;
1327
1328 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1329 ND_PRINTK2(KERN_WARNING
1330 "ICMPv6 Redirect: source address is not link-local.\n");
1331 return;
1332 }
1333
1334 optlen = skb->tail - skb->transport_header;
1335 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1336
1337 if (optlen < 0) {
1338 ND_PRINTK2(KERN_WARNING
1339 "ICMPv6 Redirect: packet too short\n");
1340 return;
1341 }
1342
1343 icmph = icmp6_hdr(skb);
1344 target = (struct in6_addr *) (icmph + 1);
1345 dest = target + 1;
1346
1347 if (ipv6_addr_is_multicast(dest)) {
1348 ND_PRINTK2(KERN_WARNING
1349 "ICMPv6 Redirect: destination address is multicast.\n");
1350 return;
1351 }
1352
1353 if (ipv6_addr_equal(dest, target)) {
1354 on_link = 1;
1355 } else if (ipv6_addr_type(target) !=
1356 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1357 ND_PRINTK2(KERN_WARNING
1358 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1359 return;
1360 }
1361
1362 in6_dev = in6_dev_get(skb->dev);
1363 if (!in6_dev)
1364 return;
1365 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1366 in6_dev_put(in6_dev);
1367 return;
1368 }
1369
1370 /* RFC2461 8.1:
1371 * The IP source address of the Redirect MUST be the same as the current
1372 * first-hop router for the specified ICMP Destination Address.
1373 */
1374
1375 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1376 ND_PRINTK2(KERN_WARNING
1377 "ICMPv6 Redirect: invalid ND options\n");
1378 in6_dev_put(in6_dev);
1379 return;
1380 }
1381 if (ndopts.nd_opts_tgt_lladdr) {
1382 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1383 skb->dev);
1384 if (!lladdr) {
1385 ND_PRINTK2(KERN_WARNING
1386 "ICMPv6 Redirect: invalid link-layer address length\n");
1387 in6_dev_put(in6_dev);
1388 return;
1389 }
1390 }
1391
1392 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1393 if (neigh) {
1394 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1395 &ipv6_hdr(skb)->saddr, neigh, lladdr,
1396 on_link);
1397 neigh_release(neigh);
1398 }
1399 in6_dev_put(in6_dev);
1400 }
1401
1402 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1403 struct in6_addr *target)
1404 {
1405 struct sock *sk = ndisc_socket->sk;
1406 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1407 struct sk_buff *buff;
1408 struct icmp6hdr *icmph;
1409 struct in6_addr saddr_buf;
1410 struct in6_addr *addrp;
1411 struct net_device *dev;
1412 struct rt6_info *rt;
1413 struct dst_entry *dst;
1414 struct inet6_dev *idev;
1415 struct flowi fl;
1416 u8 *opt;
1417 int rd_len;
1418 int err;
1419 int hlen;
1420 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1421
1422 dev = skb->dev;
1423
1424 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1425 ND_PRINTK2(KERN_WARNING
1426 "ICMPv6 Redirect: no link-local address on %s\n",
1427 dev->name);
1428 return;
1429 }
1430
1431 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1432 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1433 ND_PRINTK2(KERN_WARNING
1434 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1435 return;
1436 }
1437
1438 ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &ipv6_hdr(skb)->saddr,
1439 dev->ifindex);
1440
1441 dst = ip6_route_output(NULL, &fl);
1442 if (dst == NULL)
1443 return;
1444
1445 err = xfrm_lookup(&dst, &fl, NULL, 0);
1446 if (err)
1447 return;
1448
1449 rt = (struct rt6_info *) dst;
1450
1451 if (rt->rt6i_flags & RTF_GATEWAY) {
1452 ND_PRINTK2(KERN_WARNING
1453 "ICMPv6 Redirect: destination is not a neighbour.\n");
1454 dst_release(dst);
1455 return;
1456 }
1457 if (!xrlim_allow(dst, 1*HZ)) {
1458 dst_release(dst);
1459 return;
1460 }
1461
1462 if (dev->addr_len) {
1463 read_lock_bh(&neigh->lock);
1464 if (neigh->nud_state & NUD_VALID) {
1465 memcpy(ha_buf, neigh->ha, dev->addr_len);
1466 read_unlock_bh(&neigh->lock);
1467 ha = ha_buf;
1468 len += ndisc_opt_addr_space(dev);
1469 } else
1470 read_unlock_bh(&neigh->lock);
1471 }
1472
1473 rd_len = min_t(unsigned int,
1474 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1475 rd_len &= ~0x7;
1476 len += rd_len;
1477
1478 buff = sock_alloc_send_skb(sk,
1479 (MAX_HEADER + sizeof(struct ipv6hdr) +
1480 len + LL_RESERVED_SPACE(dev)),
1481 1, &err);
1482 if (buff == NULL) {
1483 ND_PRINTK0(KERN_ERR
1484 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1485 __FUNCTION__);
1486 dst_release(dst);
1487 return;
1488 }
1489
1490 hlen = 0;
1491
1492 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1493 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1494 IPPROTO_ICMPV6, len);
1495
1496 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1497 skb_put(buff, len);
1498 icmph = icmp6_hdr(buff);
1499
1500 memset(icmph, 0, sizeof(struct icmp6hdr));
1501 icmph->icmp6_type = NDISC_REDIRECT;
1502
1503 /*
1504 * copy target and destination addresses
1505 */
1506
1507 addrp = (struct in6_addr *)(icmph + 1);
1508 ipv6_addr_copy(addrp, target);
1509 addrp++;
1510 ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1511
1512 opt = (u8*) (addrp + 1);
1513
1514 /*
1515 * include target_address option
1516 */
1517
1518 if (ha)
1519 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1520 dev->addr_len, dev->type);
1521
1522 /*
1523 * build redirect option and copy skb over to the new packet.
1524 */
1525
1526 memset(opt, 0, 8);
1527 *(opt++) = ND_OPT_REDIRECT_HDR;
1528 *(opt++) = (rd_len >> 3);
1529 opt += 6;
1530
1531 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1532
1533 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1534 len, IPPROTO_ICMPV6,
1535 csum_partial((u8 *) icmph, len, 0));
1536
1537 buff->dst = dst;
1538 idev = in6_dev_get(dst->dev);
1539 IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS);
1540 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, buff, NULL, dst->dev, dst_output);
1541 if (!err) {
1542 ICMP6MSGOUT_INC_STATS(idev, NDISC_REDIRECT);
1543 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1544 }
1545
1546 if (likely(idev != NULL))
1547 in6_dev_put(idev);
1548 }
1549
1550 static void pndisc_redo(struct sk_buff *skb)
1551 {
1552 ndisc_recv_ns(skb);
1553 kfree_skb(skb);
1554 }
1555
1556 int ndisc_rcv(struct sk_buff *skb)
1557 {
1558 struct nd_msg *msg;
1559
1560 if (!pskb_may_pull(skb, skb->len))
1561 return 0;
1562
1563 msg = (struct nd_msg *)skb_transport_header(skb);
1564
1565 __skb_push(skb, skb->data - skb_transport_header(skb));
1566
1567 if (ipv6_hdr(skb)->hop_limit != 255) {
1568 ND_PRINTK2(KERN_WARNING
1569 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1570 ipv6_hdr(skb)->hop_limit);
1571 return 0;
1572 }
1573
1574 if (msg->icmph.icmp6_code != 0) {
1575 ND_PRINTK2(KERN_WARNING
1576 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1577 msg->icmph.icmp6_code);
1578 return 0;
1579 }
1580
1581 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1582
1583 switch (msg->icmph.icmp6_type) {
1584 case NDISC_NEIGHBOUR_SOLICITATION:
1585 ndisc_recv_ns(skb);
1586 break;
1587
1588 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1589 ndisc_recv_na(skb);
1590 break;
1591
1592 case NDISC_ROUTER_SOLICITATION:
1593 ndisc_recv_rs(skb);
1594 break;
1595
1596 case NDISC_ROUTER_ADVERTISEMENT:
1597 ndisc_router_discovery(skb);
1598 break;
1599
1600 case NDISC_REDIRECT:
1601 ndisc_redirect_rcv(skb);
1602 break;
1603 }
1604
1605 return 0;
1606 }
1607
1608 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1609 {
1610 struct net_device *dev = ptr;
1611
1612 if (dev->nd_net != &init_net)
1613 return NOTIFY_DONE;
1614
1615 switch (event) {
1616 case NETDEV_CHANGEADDR:
1617 neigh_changeaddr(&nd_tbl, dev);
1618 fib6_run_gc(~0UL);
1619 break;
1620 case NETDEV_DOWN:
1621 neigh_ifdown(&nd_tbl, dev);
1622 fib6_run_gc(~0UL);
1623 break;
1624 default:
1625 break;
1626 }
1627
1628 return NOTIFY_DONE;
1629 }
1630
1631 static struct notifier_block ndisc_netdev_notifier = {
1632 .notifier_call = ndisc_netdev_event,
1633 };
1634
1635 #ifdef CONFIG_SYSCTL
1636 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1637 const char *func, const char *dev_name)
1638 {
1639 static char warncomm[TASK_COMM_LEN];
1640 static int warned;
1641 if (strcmp(warncomm, current->comm) && warned < 5) {
1642 strcpy(warncomm, current->comm);
1643 printk(KERN_WARNING
1644 "process `%s' is using deprecated sysctl (%s) "
1645 "net.ipv6.neigh.%s.%s; "
1646 "Use net.ipv6.neigh.%s.%s_ms "
1647 "instead.\n",
1648 warncomm, func,
1649 dev_name, ctl->procname,
1650 dev_name, ctl->procname);
1651 warned++;
1652 }
1653 }
1654
1655 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1656 {
1657 struct net_device *dev = ctl->extra1;
1658 struct inet6_dev *idev;
1659 int ret;
1660
1661 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1662 (strcmp(ctl->procname, "base_reachable_time") == 0))
1663 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1664
1665 if (strcmp(ctl->procname, "retrans_time") == 0)
1666 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1667
1668 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1669 ret = proc_dointvec_jiffies(ctl, write,
1670 filp, buffer, lenp, ppos);
1671
1672 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1673 (strcmp(ctl->procname, "base_reacable_time_ms") == 0))
1674 ret = proc_dointvec_ms_jiffies(ctl, write,
1675 filp, buffer, lenp, ppos);
1676 else
1677 ret = -1;
1678
1679 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1680 if (ctl->data == &idev->nd_parms->base_reachable_time)
1681 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1682 idev->tstamp = jiffies;
1683 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1684 in6_dev_put(idev);
1685 }
1686 return ret;
1687 }
1688
1689 static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1690 int nlen, void __user *oldval,
1691 size_t __user *oldlenp,
1692 void __user *newval, size_t newlen)
1693 {
1694 struct net_device *dev = ctl->extra1;
1695 struct inet6_dev *idev;
1696 int ret;
1697
1698 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1699 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1700 ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1701
1702 switch (ctl->ctl_name) {
1703 case NET_NEIGH_REACHABLE_TIME:
1704 ret = sysctl_jiffies(ctl, name, nlen,
1705 oldval, oldlenp, newval, newlen);
1706 break;
1707 case NET_NEIGH_RETRANS_TIME_MS:
1708 case NET_NEIGH_REACHABLE_TIME_MS:
1709 ret = sysctl_ms_jiffies(ctl, name, nlen,
1710 oldval, oldlenp, newval, newlen);
1711 break;
1712 default:
1713 ret = 0;
1714 }
1715
1716 if (newval && newlen && ret > 0 &&
1717 dev && (idev = in6_dev_get(dev)) != NULL) {
1718 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1719 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1720 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1721 idev->tstamp = jiffies;
1722 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1723 in6_dev_put(idev);
1724 }
1725
1726 return ret;
1727 }
1728
1729 #endif
1730
1731 int __init ndisc_init(struct net_proto_family *ops)
1732 {
1733 struct ipv6_pinfo *np;
1734 struct sock *sk;
1735 int err;
1736
1737 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket);
1738 if (err < 0) {
1739 ND_PRINTK0(KERN_ERR
1740 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1741 err);
1742 ndisc_socket = NULL; /* For safety. */
1743 return err;
1744 }
1745
1746 sk = ndisc_socket->sk;
1747 np = inet6_sk(sk);
1748 sk->sk_allocation = GFP_ATOMIC;
1749 np->hop_limit = 255;
1750 /* Do not loopback ndisc messages */
1751 np->mc_loop = 0;
1752 sk->sk_prot->unhash(sk);
1753
1754 /*
1755 * Initialize the neighbour table
1756 */
1757
1758 neigh_table_init(&nd_tbl);
1759
1760 #ifdef CONFIG_SYSCTL
1761 neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH,
1762 "ipv6",
1763 &ndisc_ifinfo_sysctl_change,
1764 &ndisc_ifinfo_sysctl_strategy);
1765 #endif
1766
1767 register_netdevice_notifier(&ndisc_netdev_notifier);
1768 return 0;
1769 }
1770
1771 void ndisc_cleanup(void)
1772 {
1773 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1774 #ifdef CONFIG_SYSCTL
1775 neigh_sysctl_unregister(&nd_tbl.parms);
1776 #endif
1777 neigh_table_clear(&nd_tbl);
1778 sock_release(ndisc_socket);
1779 ndisc_socket = NULL; /* For safety. */
1780 }
kernel source for telekom puls (alcatel/mediatek)