2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32
ndisc_hash(const void *pkey
,
85 const struct net_device
*dev
,
87 static int ndisc_constructor(struct neighbour
*neigh
);
88 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
89 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
90 static int pndisc_constructor(struct pneigh_entry
*n
);
91 static void pndisc_destructor(struct pneigh_entry
*n
);
92 static void pndisc_redo(struct sk_buff
*skb
);
94 static const struct neigh_ops ndisc_generic_ops
= {
96 .solicit
= ndisc_solicit
,
97 .error_report
= ndisc_error_report
,
98 .output
= neigh_resolve_output
,
99 .connected_output
= neigh_connected_output
,
102 static const struct neigh_ops ndisc_hh_ops
= {
104 .solicit
= ndisc_solicit
,
105 .error_report
= ndisc_error_report
,
106 .output
= neigh_resolve_output
,
107 .connected_output
= neigh_resolve_output
,
111 static const struct neigh_ops ndisc_direct_ops
= {
113 .output
= neigh_direct_output
,
114 .connected_output
= neigh_direct_output
,
117 struct neigh_table nd_tbl
= {
119 .key_len
= sizeof(struct in6_addr
),
121 .constructor
= ndisc_constructor
,
122 .pconstructor
= pndisc_constructor
,
123 .pdestructor
= pndisc_destructor
,
124 .proxy_redo
= pndisc_redo
,
128 .base_reachable_time
= ND_REACHABLE_TIME
,
129 .retrans_time
= ND_RETRANS_TIMER
,
130 .gc_staletime
= 60 * HZ
,
131 .reachable_time
= ND_REACHABLE_TIME
,
132 .delay_probe_time
= 5 * HZ
,
133 .queue_len_bytes
= 64*1024,
136 .anycast_delay
= 1 * HZ
,
137 .proxy_delay
= (8 * HZ
) / 10,
140 .gc_interval
= 30 * HZ
,
146 static void ndisc_fill_addr_option(struct sk_buff
*skb
, int type
, void *data
)
148 int pad
= ndisc_addr_option_pad(skb
->dev
->type
);
149 int data_len
= skb
->dev
->addr_len
;
150 int space
= ndisc_opt_addr_space(skb
->dev
);
151 u8
*opt
= skb_put(skb
, space
);
156 memset(opt
+ 2, 0, pad
);
160 memcpy(opt
+2, data
, data_len
);
163 if ((space
-= data_len
) > 0)
164 memset(opt
, 0, space
);
167 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
168 struct nd_opt_hdr
*end
)
171 if (!cur
|| !end
|| cur
>= end
)
173 type
= cur
->nd_opt_type
;
175 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
176 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
177 return cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
;
180 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
182 return opt
->nd_opt_type
== ND_OPT_RDNSS
||
183 opt
->nd_opt_type
== ND_OPT_DNSSL
;
186 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
187 struct nd_opt_hdr
*end
)
189 if (!cur
|| !end
|| cur
>= end
)
192 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
193 } while(cur
< end
&& !ndisc_is_useropt(cur
));
194 return cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
;
197 struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
198 struct ndisc_options
*ndopts
)
200 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
202 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
204 memset(ndopts
, 0, sizeof(*ndopts
));
207 if (opt_len
< sizeof(struct nd_opt_hdr
))
209 l
= nd_opt
->nd_opt_len
<< 3;
210 if (opt_len
< l
|| l
== 0)
212 switch (nd_opt
->nd_opt_type
) {
213 case ND_OPT_SOURCE_LL_ADDR
:
214 case ND_OPT_TARGET_LL_ADDR
:
216 case ND_OPT_REDIRECT_HDR
:
217 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
219 "%s: duplicated ND6 option found: type=%d\n",
220 __func__
, nd_opt
->nd_opt_type
);
222 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
225 case ND_OPT_PREFIX_INFO
:
226 ndopts
->nd_opts_pi_end
= nd_opt
;
227 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
228 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
230 #ifdef CONFIG_IPV6_ROUTE_INFO
231 case ND_OPT_ROUTE_INFO
:
232 ndopts
->nd_opts_ri_end
= nd_opt
;
233 if (!ndopts
->nd_opts_ri
)
234 ndopts
->nd_opts_ri
= nd_opt
;
238 if (ndisc_is_useropt(nd_opt
)) {
239 ndopts
->nd_useropts_end
= nd_opt
;
240 if (!ndopts
->nd_useropts
)
241 ndopts
->nd_useropts
= nd_opt
;
244 * Unknown options must be silently ignored,
245 * to accommodate future extension to the
249 "%s: ignored unsupported option; type=%d, len=%d\n",
256 nd_opt
= ((void *)nd_opt
) + l
;
261 int ndisc_mc_map(const struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
265 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
267 ipv6_eth_mc_map(addr
, buf
);
270 ipv6_arcnet_mc_map(addr
, buf
);
272 case ARPHRD_INFINIBAND
:
273 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
276 return ipv6_ipgre_mc_map(addr
, dev
->broadcast
, buf
);
279 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
286 EXPORT_SYMBOL(ndisc_mc_map
);
288 static u32
ndisc_hash(const void *pkey
,
289 const struct net_device
*dev
,
292 return ndisc_hashfn(pkey
, dev
, hash_rnd
);
295 static int ndisc_constructor(struct neighbour
*neigh
)
297 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
298 struct net_device
*dev
= neigh
->dev
;
299 struct inet6_dev
*in6_dev
;
300 struct neigh_parms
*parms
;
301 bool is_multicast
= ipv6_addr_is_multicast(addr
);
303 in6_dev
= in6_dev_get(dev
);
304 if (in6_dev
== NULL
) {
308 parms
= in6_dev
->nd_parms
;
309 __neigh_parms_put(neigh
->parms
);
310 neigh
->parms
= neigh_parms_clone(parms
);
312 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
313 if (!dev
->header_ops
) {
314 neigh
->nud_state
= NUD_NOARP
;
315 neigh
->ops
= &ndisc_direct_ops
;
316 neigh
->output
= neigh_direct_output
;
319 neigh
->nud_state
= NUD_NOARP
;
320 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
321 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
322 neigh
->nud_state
= NUD_NOARP
;
323 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
324 if (dev
->flags
&IFF_LOOPBACK
)
325 neigh
->type
= RTN_LOCAL
;
326 } else if (dev
->flags
&IFF_POINTOPOINT
) {
327 neigh
->nud_state
= NUD_NOARP
;
328 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
330 if (dev
->header_ops
->cache
)
331 neigh
->ops
= &ndisc_hh_ops
;
333 neigh
->ops
= &ndisc_generic_ops
;
334 if (neigh
->nud_state
&NUD_VALID
)
335 neigh
->output
= neigh
->ops
->connected_output
;
337 neigh
->output
= neigh
->ops
->output
;
339 in6_dev_put(in6_dev
);
343 static int pndisc_constructor(struct pneigh_entry
*n
)
345 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
346 struct in6_addr maddr
;
347 struct net_device
*dev
= n
->dev
;
349 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
351 addrconf_addr_solict_mult(addr
, &maddr
);
352 ipv6_dev_mc_inc(dev
, &maddr
);
356 static void pndisc_destructor(struct pneigh_entry
*n
)
358 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
359 struct in6_addr maddr
;
360 struct net_device
*dev
= n
->dev
;
362 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
364 addrconf_addr_solict_mult(addr
, &maddr
);
365 ipv6_dev_mc_dec(dev
, &maddr
);
368 static struct sk_buff
*ndisc_alloc_skb(struct net_device
*dev
,
371 int hlen
= LL_RESERVED_SPACE(dev
);
372 int tlen
= dev
->needed_tailroom
;
373 struct sock
*sk
= dev_net(dev
)->ipv6
.ndisc_sk
;
377 skb
= sock_alloc_send_skb(sk
,
378 hlen
+ sizeof(struct ipv6hdr
) + len
+ tlen
,
381 ND_PRINTK(0, err
, "ndisc: %s failed to allocate an skb, err=%d\n",
386 skb
->protocol
= htons(ETH_P_IPV6
);
389 skb_reserve(skb
, hlen
+ sizeof(struct ipv6hdr
));
390 skb_reset_transport_header(skb
);
395 static void ip6_nd_hdr(struct sk_buff
*skb
,
396 const struct in6_addr
*saddr
,
397 const struct in6_addr
*daddr
,
398 int hop_limit
, int len
)
402 skb_push(skb
, sizeof(*hdr
));
403 skb_reset_network_header(skb
);
406 ip6_flow_hdr(hdr
, 0, 0);
408 hdr
->payload_len
= htons(len
);
409 hdr
->nexthdr
= IPPROTO_ICMPV6
;
410 hdr
->hop_limit
= hop_limit
;
416 static struct sk_buff
*ndisc_build_skb(struct net_device
*dev
,
417 const struct in6_addr
*daddr
,
418 const struct in6_addr
*saddr
,
419 struct icmp6hdr
*icmp6h
,
420 const struct in6_addr
*target
,
424 struct icmp6hdr
*hdr
;
432 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
434 optlen
+= ndisc_opt_addr_space(dev
);
436 skb
= ndisc_alloc_skb(dev
, len
+ optlen
);
442 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
443 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
445 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
447 *(struct in6_addr
*)opt
= *target
;
448 opt
+= sizeof(*target
);
452 ndisc_fill_addr_option(skb
, llinfo
, dev
->dev_addr
);
457 static void ndisc_send_skb(struct sk_buff
*skb
,
458 const struct in6_addr
*daddr
,
459 const struct in6_addr
*saddr
)
461 struct dst_entry
*dst
= skb_dst(skb
);
462 struct net
*net
= dev_net(skb
->dev
);
463 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
464 struct inet6_dev
*idev
;
466 struct icmp6hdr
*icmp6h
= icmp6_hdr(skb
);
469 type
= icmp6h
->icmp6_type
;
472 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
475 icmpv6_flow_init(sk
, &fl6
, type
, saddr
, daddr
, skb
->dev
->ifindex
);
476 dst
= icmp6_dst_alloc(skb
->dev
, &fl6
);
482 skb_dst_set(skb
, dst
);
485 icmp6h
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, skb
->len
,
490 ip6_nd_hdr(skb
, saddr
, daddr
, inet6_sk(sk
)->hop_limit
, skb
->len
);
493 idev
= __in6_dev_get(dst
->dev
);
494 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
496 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
499 ICMP6MSGOUT_INC_STATS(net
, idev
, type
);
500 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
507 * Send a Neighbour Discover packet
509 static void __ndisc_send(struct net_device
*dev
,
510 const struct in6_addr
*daddr
,
511 const struct in6_addr
*saddr
,
512 struct icmp6hdr
*icmp6h
, const struct in6_addr
*target
,
517 skb
= ndisc_build_skb(dev
, daddr
, saddr
, icmp6h
, target
, llinfo
);
521 ndisc_send_skb(skb
, daddr
, saddr
);
524 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
525 const struct in6_addr
*daddr
,
526 const struct in6_addr
*solicited_addr
,
527 bool router
, bool solicited
, bool override
, bool inc_opt
)
529 struct in6_addr tmpaddr
;
530 struct inet6_ifaddr
*ifp
;
531 const struct in6_addr
*src_addr
;
532 struct icmp6hdr icmp6h
= {
533 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
536 /* for anycast or proxy, solicited_addr != src_addr */
537 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
539 src_addr
= solicited_addr
;
540 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
542 inc_opt
|= ifp
->idev
->cnf
.force_tllao
;
545 if (ipv6_dev_get_saddr(dev_net(dev
), dev
, daddr
,
546 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
552 icmp6h
.icmp6_router
= router
;
553 icmp6h
.icmp6_solicited
= solicited
;
554 icmp6h
.icmp6_override
= override
;
556 __ndisc_send(dev
, daddr
, src_addr
, &icmp6h
, solicited_addr
,
557 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
560 static void ndisc_send_unsol_na(struct net_device
*dev
)
562 struct inet6_dev
*idev
;
563 struct inet6_ifaddr
*ifa
;
565 idev
= in6_dev_get(dev
);
569 read_lock_bh(&idev
->lock
);
570 list_for_each_entry(ifa
, &idev
->addr_list
, if_list
) {
571 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &ifa
->addr
,
572 /*router=*/ !!idev
->cnf
.forwarding
,
573 /*solicited=*/ false, /*override=*/ true,
576 read_unlock_bh(&idev
->lock
);
581 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
582 const struct in6_addr
*solicit
,
583 const struct in6_addr
*daddr
, const struct in6_addr
*saddr
)
585 struct in6_addr addr_buf
;
586 struct icmp6hdr icmp6h
= {
587 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
591 if (ipv6_get_lladdr(dev
, &addr_buf
,
592 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
597 __ndisc_send(dev
, daddr
, saddr
, &icmp6h
, solicit
,
598 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
601 void ndisc_send_rs(struct net_device
*dev
, const struct in6_addr
*saddr
,
602 const struct in6_addr
*daddr
)
604 struct icmp6hdr icmp6h
= {
605 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
607 int send_sllao
= dev
->addr_len
;
609 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
611 * According to section 2.2 of RFC 4429, we must not
612 * send router solicitations with a sllao from
613 * optimistic addresses, but we may send the solicitation
614 * if we don't include the sllao. So here we check
615 * if our address is optimistic, and if so, we
616 * suppress the inclusion of the sllao.
619 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
622 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
631 __ndisc_send(dev
, daddr
, saddr
, &icmp6h
, NULL
,
632 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
636 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
639 * "The sender MUST return an ICMP
640 * destination unreachable"
642 dst_link_failure(skb
);
646 /* Called with locked neigh: either read or both */
648 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
650 struct in6_addr
*saddr
= NULL
;
651 struct in6_addr mcaddr
;
652 struct net_device
*dev
= neigh
->dev
;
653 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
654 int probes
= atomic_read(&neigh
->probes
);
656 if (skb
&& ipv6_chk_addr(dev_net(dev
), &ipv6_hdr(skb
)->saddr
, dev
, 1))
657 saddr
= &ipv6_hdr(skb
)->saddr
;
659 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
660 if (!(neigh
->nud_state
& NUD_VALID
)) {
662 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
665 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
666 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
671 addrconf_addr_solict_mult(target
, &mcaddr
);
672 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
676 static int pndisc_is_router(const void *pkey
,
677 struct net_device
*dev
)
679 struct pneigh_entry
*n
;
682 read_lock_bh(&nd_tbl
.lock
);
683 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
685 ret
= !!(n
->flags
& NTF_ROUTER
);
686 read_unlock_bh(&nd_tbl
.lock
);
691 static void ndisc_recv_ns(struct sk_buff
*skb
)
693 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
694 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
695 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
697 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
698 offsetof(struct nd_msg
, opt
));
699 struct ndisc_options ndopts
;
700 struct net_device
*dev
= skb
->dev
;
701 struct inet6_ifaddr
*ifp
;
702 struct inet6_dev
*idev
= NULL
;
703 struct neighbour
*neigh
;
704 int dad
= ipv6_addr_any(saddr
);
708 if (skb
->len
< sizeof(struct nd_msg
)) {
709 ND_PRINTK(2, warn
, "NS: packet too short\n");
713 if (ipv6_addr_is_multicast(&msg
->target
)) {
714 ND_PRINTK(2, warn
, "NS: multicast target address\n");
720 * DAD has to be destined for solicited node multicast address.
722 if (dad
&& !ipv6_addr_is_solict_mult(daddr
)) {
723 ND_PRINTK(2, warn
, "NS: bad DAD packet (wrong destination)\n");
727 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
728 ND_PRINTK(2, warn
, "NS: invalid ND options\n");
732 if (ndopts
.nd_opts_src_lladdr
) {
733 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
736 "NS: invalid link-layer address length\n");
741 * If the IP source address is the unspecified address,
742 * there MUST NOT be source link-layer address option
747 "NS: bad DAD packet (link-layer address option)\n");
752 inc
= ipv6_addr_is_multicast(daddr
);
754 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
757 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
760 * We are colliding with another node
762 * so fail our DAD process
764 addrconf_dad_failure(ifp
);
768 * This is not a dad solicitation.
769 * If we are an optimistic node,
771 * Otherwise, we should ignore it.
773 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
780 struct net
*net
= dev_net(dev
);
782 idev
= in6_dev_get(dev
);
784 /* XXX: count this drop? */
788 if (ipv6_chk_acast_addr(net
, dev
, &msg
->target
) ||
789 (idev
->cnf
.forwarding
&&
790 (net
->ipv6
.devconf_all
->proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
791 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
792 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
793 skb
->pkt_type
!= PACKET_HOST
&&
795 idev
->nd_parms
->proxy_delay
!= 0) {
797 * for anycast or proxy,
798 * sender should delay its response
799 * by a random time between 0 and
800 * MAX_ANYCAST_DELAY_TIME seconds.
801 * (RFC2461) -- yoshfuji
803 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
805 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
813 is_router
= idev
->cnf
.forwarding
;
816 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &msg
->target
,
817 !!is_router
, false, (ifp
!= NULL
), true);
822 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
824 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
827 * update / create cache entry
828 * for the source address
830 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
831 !inc
|| lladdr
|| !dev
->addr_len
);
833 neigh_update(neigh
, lladdr
, NUD_STALE
,
834 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
835 NEIGH_UPDATE_F_OVERRIDE
);
836 if (neigh
|| !dev
->header_ops
) {
837 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
839 true, (ifp
!= NULL
&& inc
), inc
);
841 neigh_release(neigh
);
851 static void ndisc_recv_na(struct sk_buff
*skb
)
853 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
854 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
855 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
857 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
858 offsetof(struct nd_msg
, opt
));
859 struct ndisc_options ndopts
;
860 struct net_device
*dev
= skb
->dev
;
861 struct inet6_ifaddr
*ifp
;
862 struct neighbour
*neigh
;
864 if (skb
->len
< sizeof(struct nd_msg
)) {
865 ND_PRINTK(2, warn
, "NA: packet too short\n");
869 if (ipv6_addr_is_multicast(&msg
->target
)) {
870 ND_PRINTK(2, warn
, "NA: target address is multicast\n");
874 if (ipv6_addr_is_multicast(daddr
) &&
875 msg
->icmph
.icmp6_solicited
) {
876 ND_PRINTK(2, warn
, "NA: solicited NA is multicasted\n");
880 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
881 ND_PRINTK(2, warn
, "NS: invalid ND option\n");
884 if (ndopts
.nd_opts_tgt_lladdr
) {
885 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
888 "NA: invalid link-layer address length\n");
892 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
894 if (skb
->pkt_type
!= PACKET_LOOPBACK
895 && (ifp
->flags
& IFA_F_TENTATIVE
)) {
896 addrconf_dad_failure(ifp
);
899 /* What should we make now? The advertisement
900 is invalid, but ndisc specs say nothing
901 about it. It could be misconfiguration, or
902 an smart proxy agent tries to help us :-)
904 We should not print the error if NA has been
905 received from loopback - it is just our own
906 unsolicited advertisement.
908 if (skb
->pkt_type
!= PACKET_LOOPBACK
)
910 "NA: someone advertises our address %pI6 on %s!\n",
911 &ifp
->addr
, ifp
->idev
->dev
->name
);
915 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
918 u8 old_flags
= neigh
->flags
;
919 struct net
*net
= dev_net(dev
);
921 if (neigh
->nud_state
& NUD_FAILED
)
925 * Don't update the neighbor cache entry on a proxy NA from
926 * ourselves because either the proxied node is off link or it
927 * has already sent a NA to us.
929 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
930 net
->ipv6
.devconf_all
->forwarding
&& net
->ipv6
.devconf_all
->proxy_ndp
&&
931 pneigh_lookup(&nd_tbl
, net
, &msg
->target
, dev
, 0)) {
932 /* XXX: idev->cnf.proxy_ndp */
936 neigh_update(neigh
, lladdr
,
937 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
938 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
939 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
940 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
941 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
943 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
945 * Change: router to host
948 rt
= rt6_get_dflt_router(saddr
, dev
);
954 neigh_release(neigh
);
958 static void ndisc_recv_rs(struct sk_buff
*skb
)
960 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
961 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
962 struct neighbour
*neigh
;
963 struct inet6_dev
*idev
;
964 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
965 struct ndisc_options ndopts
;
968 if (skb
->len
< sizeof(*rs_msg
))
971 idev
= __in6_dev_get(skb
->dev
);
973 ND_PRINTK(1, err
, "RS: can't find in6 device\n");
977 /* Don't accept RS if we're not in router mode */
978 if (!idev
->cnf
.forwarding
)
982 * Don't update NCE if src = ::;
983 * this implies that the source node has no ip address assigned yet.
985 if (ipv6_addr_any(saddr
))
988 /* Parse ND options */
989 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
990 ND_PRINTK(2, notice
, "NS: invalid ND option, ignored\n");
994 if (ndopts
.nd_opts_src_lladdr
) {
995 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1001 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
1003 neigh_update(neigh
, lladdr
, NUD_STALE
,
1004 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1005 NEIGH_UPDATE_F_OVERRIDE
|
1006 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
1007 neigh_release(neigh
);
1013 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
1015 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
1016 struct sk_buff
*skb
;
1017 struct nlmsghdr
*nlh
;
1018 struct nduseroptmsg
*ndmsg
;
1019 struct net
*net
= dev_net(ra
->dev
);
1021 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
1022 + (opt
->nd_opt_len
<< 3));
1023 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
1025 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
1031 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
1033 goto nla_put_failure
;
1036 ndmsg
= nlmsg_data(nlh
);
1037 ndmsg
->nduseropt_family
= AF_INET6
;
1038 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1039 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1040 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1041 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1043 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1045 if (nla_put(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1046 &ipv6_hdr(ra
)->saddr
))
1047 goto nla_put_failure
;
1048 nlmsg_end(skb
, nlh
);
1050 rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
, GFP_ATOMIC
);
1057 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1060 static void ndisc_router_discovery(struct sk_buff
*skb
)
1062 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1063 struct neighbour
*neigh
= NULL
;
1064 struct inet6_dev
*in6_dev
;
1065 struct rt6_info
*rt
= NULL
;
1067 struct ndisc_options ndopts
;
1069 unsigned int pref
= 0;
1071 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1073 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1075 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1076 ND_PRINTK(2, warn
, "RA: source address is not link-local\n");
1080 ND_PRINTK(2, warn
, "RA: packet too short\n");
1084 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1085 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1086 ND_PRINTK(2, warn
, "RA: from host or unauthorized router\n");
1092 * set the RA_RECV flag in the interface
1095 in6_dev
= __in6_dev_get(skb
->dev
);
1096 if (in6_dev
== NULL
) {
1097 ND_PRINTK(0, err
, "RA: can't find inet6 device for %s\n",
1102 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1103 ND_PRINTK(2, warn
, "RA: invalid ND options\n");
1107 if (!ipv6_accept_ra(in6_dev
))
1108 goto skip_linkparms
;
1110 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1111 /* skip link-specific parameters from interior routers */
1112 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1113 goto skip_linkparms
;
1116 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1118 * flag that an RA was received after an RS was sent
1119 * out on this interface.
1121 in6_dev
->if_flags
|= IF_RA_RCVD
;
1125 * Remember the managed/otherconf flags from most recently
1126 * received RA message (RFC 2462) -- yoshfuji
1128 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1130 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1131 IF_RA_MANAGED
: 0) |
1132 (ra_msg
->icmph
.icmp6_addrconf_other
?
1133 IF_RA_OTHERCONF
: 0);
1135 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1138 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1141 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1143 #ifdef CONFIG_IPV6_ROUTER_PREF
1144 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1145 /* 10b is handled as if it were 00b (medium) */
1146 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1147 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1148 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1151 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1154 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1157 "RA: %s got default router without neighbour\n",
1163 if (rt
&& lifetime
== 0) {
1168 if (rt
== NULL
&& lifetime
) {
1169 ND_PRINTK(3, dbg
, "RA: adding default router\n");
1171 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1174 "RA: %s failed to add default route\n",
1179 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1180 if (neigh
== NULL
) {
1182 "RA: %s got default router without neighbour\n",
1187 neigh
->flags
|= NTF_ROUTER
;
1189 rt
->rt6i_flags
= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1193 rt6_set_expires(rt
, jiffies
+ (HZ
* lifetime
));
1194 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1195 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1197 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
,
1198 ra_msg
->icmph
.icmp6_hop_limit
);
1204 * Update Reachable Time and Retrans Timer
1207 if (in6_dev
->nd_parms
) {
1208 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1210 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1211 rtime
= (rtime
*HZ
)/1000;
1214 in6_dev
->nd_parms
->retrans_time
= rtime
;
1215 in6_dev
->tstamp
= jiffies
;
1216 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1219 rtime
= ntohl(ra_msg
->reachable_time
);
1220 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1221 rtime
= (rtime
*HZ
)/1000;
1226 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1227 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1228 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1229 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1230 in6_dev
->tstamp
= jiffies
;
1231 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1243 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1247 if (ndopts
.nd_opts_src_lladdr
) {
1248 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1252 "RA: invalid link-layer address length\n");
1256 neigh_update(neigh
, lladdr
, NUD_STALE
,
1257 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1258 NEIGH_UPDATE_F_OVERRIDE
|
1259 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1260 NEIGH_UPDATE_F_ISROUTER
);
1263 if (!ipv6_accept_ra(in6_dev
))
1266 #ifdef CONFIG_IPV6_ROUTE_INFO
1267 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1268 goto skip_routeinfo
;
1270 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1271 struct nd_opt_hdr
*p
;
1272 for (p
= ndopts
.nd_opts_ri
;
1274 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1275 struct route_info
*ri
= (struct route_info
*)p
;
1276 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1277 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1278 ri
->prefix_len
== 0)
1281 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1283 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1284 &ipv6_hdr(skb
)->saddr
);
1291 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1292 /* skip link-specific ndopts from interior routers */
1293 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1297 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1298 struct nd_opt_hdr
*p
;
1299 for (p
= ndopts
.nd_opts_pi
;
1301 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1302 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
,
1303 (p
->nd_opt_len
) << 3,
1304 ndopts
.nd_opts_src_lladdr
!= NULL
);
1308 if (ndopts
.nd_opts_mtu
) {
1312 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1315 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1316 ND_PRINTK(2, warn
, "RA: invalid mtu: %d\n", mtu
);
1317 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1318 in6_dev
->cnf
.mtu6
= mtu
;
1321 dst_metric_set(&rt
->dst
, RTAX_MTU
, mtu
);
1323 rt6_mtu_change(skb
->dev
, mtu
);
1327 if (ndopts
.nd_useropts
) {
1328 struct nd_opt_hdr
*p
;
1329 for (p
= ndopts
.nd_useropts
;
1331 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1332 ndisc_ra_useropt(skb
, p
);
1336 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1337 ND_PRINTK(2, warn
, "RA: invalid RA options\n");
1342 neigh_release(neigh
);
1345 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1348 struct ndisc_options ndopts
;
1349 struct rd_msg
*msg
= (struct rd_msg
*)skb_transport_header(skb
);
1350 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
1351 offsetof(struct rd_msg
, opt
));
1353 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1354 switch (skb
->ndisc_nodetype
) {
1355 case NDISC_NODETYPE_HOST
:
1356 case NDISC_NODETYPE_NODEFAULT
:
1358 "Redirect: from host or unauthorized router\n");
1363 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1365 "Redirect: source address is not link-local\n");
1369 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
))
1372 if (!ndopts
.nd_opts_rh
)
1375 hdr
= (u8
*)ndopts
.nd_opts_rh
;
1377 if (!pskb_pull(skb
, hdr
- skb_transport_header(skb
)))
1380 icmpv6_notify(skb
, NDISC_REDIRECT
, 0, 0);
1383 static void ndisc_fill_redirect_hdr_option(struct sk_buff
*skb
,
1384 struct sk_buff
*orig_skb
,
1387 u8
*opt
= skb_put(skb
, rd_len
);
1390 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1391 *(opt
++) = (rd_len
>> 3);
1394 memcpy(opt
, ipv6_hdr(orig_skb
), rd_len
- 8);
1397 void ndisc_send_redirect(struct sk_buff
*skb
, const struct in6_addr
*target
)
1399 struct net_device
*dev
= skb
->dev
;
1400 struct net
*net
= dev_net(dev
);
1401 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1403 struct inet_peer
*peer
;
1404 struct sk_buff
*buff
;
1406 struct in6_addr saddr_buf
;
1407 struct rt6_info
*rt
;
1408 struct dst_entry
*dst
;
1411 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1414 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1415 ND_PRINTK(2, warn
, "Redirect: no link-local address on %s\n",
1420 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1421 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1423 "Redirect: target address is not link-local unicast\n");
1427 icmpv6_flow_init(sk
, &fl6
, NDISC_REDIRECT
,
1428 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1430 dst
= ip6_route_output(net
, NULL
, &fl6
);
1435 dst
= xfrm_lookup(net
, dst
, flowi6_to_flowi(&fl6
), NULL
, 0);
1439 rt
= (struct rt6_info
*) dst
;
1441 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1443 "Redirect: destination is not a neighbour\n");
1446 peer
= inet_getpeer_v6(net
->ipv6
.peers
, &rt
->rt6i_dst
.addr
, 1);
1447 ret
= inet_peer_xrlim_allow(peer
, 1*HZ
);
1453 if (dev
->addr_len
) {
1454 struct neighbour
*neigh
= dst_neigh_lookup(skb_dst(skb
), target
);
1457 "Redirect: no neigh for target address\n");
1461 read_lock_bh(&neigh
->lock
);
1462 if (neigh
->nud_state
& NUD_VALID
) {
1463 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1464 read_unlock_bh(&neigh
->lock
);
1466 optlen
+= ndisc_opt_addr_space(dev
);
1468 read_unlock_bh(&neigh
->lock
);
1470 neigh_release(neigh
);
1473 rd_len
= min_t(unsigned int,
1474 IPV6_MIN_MTU
- sizeof(struct ipv6hdr
) - sizeof(*msg
) - optlen
,
1479 buff
= ndisc_alloc_skb(dev
, sizeof(*msg
) + optlen
);
1483 skb_put(buff
, sizeof(*msg
));
1484 msg
= (struct rd_msg
*)icmp6_hdr(buff
);
1486 memset(&msg
->icmph
, 0, sizeof(struct icmp6hdr
));
1487 msg
->icmph
.icmp6_type
= NDISC_REDIRECT
;
1490 * copy target and destination addresses
1493 msg
->target
= *target
;
1494 msg
->dest
= ipv6_hdr(skb
)->daddr
;
1497 * include target_address option
1501 ndisc_fill_addr_option(skb
, ND_OPT_TARGET_LL_ADDR
, ha
);
1504 * build redirect option and copy skb over to the new packet.
1508 ndisc_fill_redirect_hdr_option(buff
, skb
, rd_len
);
1510 skb_dst_set(buff
, dst
);
1511 ndisc_send_skb(buff
, &ipv6_hdr(skb
)->saddr
, &saddr_buf
);
1518 static void pndisc_redo(struct sk_buff
*skb
)
1524 int ndisc_rcv(struct sk_buff
*skb
)
1528 if (skb_linearize(skb
))
1531 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1533 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1535 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1536 ND_PRINTK(2, warn
, "NDISC: invalid hop-limit: %d\n",
1537 ipv6_hdr(skb
)->hop_limit
);
1541 if (msg
->icmph
.icmp6_code
!= 0) {
1542 ND_PRINTK(2, warn
, "NDISC: invalid ICMPv6 code: %d\n",
1543 msg
->icmph
.icmp6_code
);
1547 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1549 switch (msg
->icmph
.icmp6_type
) {
1550 case NDISC_NEIGHBOUR_SOLICITATION
:
1554 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1558 case NDISC_ROUTER_SOLICITATION
:
1562 case NDISC_ROUTER_ADVERTISEMENT
:
1563 ndisc_router_discovery(skb
);
1566 case NDISC_REDIRECT
:
1567 ndisc_redirect_rcv(skb
);
1574 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1576 struct net_device
*dev
= ptr
;
1577 struct net
*net
= dev_net(dev
);
1578 struct inet6_dev
*idev
;
1581 case NETDEV_CHANGEADDR
:
1582 neigh_changeaddr(&nd_tbl
, dev
);
1583 fib6_run_gc(~0UL, net
);
1584 idev
= in6_dev_get(dev
);
1587 if (idev
->cnf
.ndisc_notify
)
1588 ndisc_send_unsol_na(dev
);
1592 neigh_ifdown(&nd_tbl
, dev
);
1593 fib6_run_gc(~0UL, net
);
1595 case NETDEV_NOTIFY_PEERS
:
1596 ndisc_send_unsol_na(dev
);
1605 static struct notifier_block ndisc_netdev_notifier
= {
1606 .notifier_call
= ndisc_netdev_event
,
1609 #ifdef CONFIG_SYSCTL
1610 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1611 const char *func
, const char *dev_name
)
1613 static char warncomm
[TASK_COMM_LEN
];
1615 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1616 strcpy(warncomm
, current
->comm
);
1617 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1619 dev_name
, ctl
->procname
,
1620 dev_name
, ctl
->procname
);
1625 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1627 struct net_device
*dev
= ctl
->extra1
;
1628 struct inet6_dev
*idev
;
1631 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1632 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1633 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1635 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1636 ret
= proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
1638 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1639 ret
= proc_dointvec_jiffies(ctl
, write
,
1640 buffer
, lenp
, ppos
);
1642 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1643 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1644 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1645 buffer
, lenp
, ppos
);
1649 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1650 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1651 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1652 idev
->tstamp
= jiffies
;
1653 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1662 static int __net_init
ndisc_net_init(struct net
*net
)
1664 struct ipv6_pinfo
*np
;
1668 err
= inet_ctl_sock_create(&sk
, PF_INET6
,
1669 SOCK_RAW
, IPPROTO_ICMPV6
, net
);
1672 "NDISC: Failed to initialize the control socket (err %d)\n",
1677 net
->ipv6
.ndisc_sk
= sk
;
1680 np
->hop_limit
= 255;
1681 /* Do not loopback ndisc messages */
1687 static void __net_exit
ndisc_net_exit(struct net
*net
)
1689 inet_ctl_sock_destroy(net
->ipv6
.ndisc_sk
);
1692 static struct pernet_operations ndisc_net_ops
= {
1693 .init
= ndisc_net_init
,
1694 .exit
= ndisc_net_exit
,
1697 int __init
ndisc_init(void)
1701 err
= register_pernet_subsys(&ndisc_net_ops
);
1705 * Initialize the neighbour table
1707 neigh_table_init(&nd_tbl
);
1709 #ifdef CONFIG_SYSCTL
1710 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
, "ipv6",
1711 &ndisc_ifinfo_sysctl_change
);
1713 goto out_unregister_pernet
;
1715 err
= register_netdevice_notifier(&ndisc_netdev_notifier
);
1717 goto out_unregister_sysctl
;
1721 out_unregister_sysctl
:
1722 #ifdef CONFIG_SYSCTL
1723 neigh_sysctl_unregister(&nd_tbl
.parms
);
1724 out_unregister_pernet
:
1726 unregister_pernet_subsys(&ndisc_net_ops
);
1730 void ndisc_cleanup(void)
1732 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1733 #ifdef CONFIG_SYSCTL
1734 neigh_sysctl_unregister(&nd_tbl
.parms
);
1736 neigh_table_clear(&nd_tbl
);
1737 unregister_pernet_subsys(&ndisc_net_ops
);