projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static inline int ndisc_opt_addr_space(struct net_device *dev)
147 {
148 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
149 }
150
151 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
152 unsigned short addr_type)
153 {
154 int space = NDISC_OPT_SPACE(data_len);
155 int pad = ndisc_addr_option_pad(addr_type);
156
157 opt[0] = type;
158 opt[1] = space>>3;
159
160 memset(opt + 2, 0, pad);
161 opt += pad;
162 space -= pad;
163
164 memcpy(opt+2, data, data_len);
165 data_len += 2;
166 opt += data_len;
167 if ((space -= data_len) > 0)
168 memset(opt, 0, space);
169 return opt + space;
170 }
171
172 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
173 struct nd_opt_hdr *end)
174 {
175 int type;
176 if (!cur || !end || cur >= end)
177 return NULL;
178 type = cur->nd_opt_type;
179 do {
180 cur = ((void *)cur) + (cur->nd_opt_len << 3);
181 } while(cur < end && cur->nd_opt_type != type);
182 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
183 }
184
185 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
186 {
187 return opt->nd_opt_type == ND_OPT_RDNSS ||
188 opt->nd_opt_type == ND_OPT_DNSSL;
189 }
190
191 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
192 struct nd_opt_hdr *end)
193 {
194 if (!cur || !end || cur >= end)
195 return NULL;
196 do {
197 cur = ((void *)cur) + (cur->nd_opt_len << 3);
198 } while(cur < end && !ndisc_is_useropt(cur));
199 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
200 }
201
202 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
203 struct ndisc_options *ndopts)
204 {
205 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
206
207 if (!nd_opt || opt_len < 0 || !ndopts)
208 return NULL;
209 memset(ndopts, 0, sizeof(*ndopts));
210 while (opt_len) {
211 int l;
212 if (opt_len < sizeof(struct nd_opt_hdr))
213 return NULL;
214 l = nd_opt->nd_opt_len << 3;
215 if (opt_len < l || l == 0)
216 return NULL;
217 switch (nd_opt->nd_opt_type) {
218 case ND_OPT_SOURCE_LL_ADDR:
219 case ND_OPT_TARGET_LL_ADDR:
220 case ND_OPT_MTU:
221 case ND_OPT_REDIRECT_HDR:
222 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
223 ND_PRINTK(2, warn,
224 "%s: duplicated ND6 option found: type=%d\n",
225 __func__, nd_opt->nd_opt_type);
226 } else {
227 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
228 }
229 break;
230 case ND_OPT_PREFIX_INFO:
231 ndopts->nd_opts_pi_end = nd_opt;
232 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
233 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
234 break;
235 #ifdef CONFIG_IPV6_ROUTE_INFO
236 case ND_OPT_ROUTE_INFO:
237 ndopts->nd_opts_ri_end = nd_opt;
238 if (!ndopts->nd_opts_ri)
239 ndopts->nd_opts_ri = nd_opt;
240 break;
241 #endif
242 default:
243 if (ndisc_is_useropt(nd_opt)) {
244 ndopts->nd_useropts_end = nd_opt;
245 if (!ndopts->nd_useropts)
246 ndopts->nd_useropts = nd_opt;
247 } else {
248 /*
249 * Unknown options must be silently ignored,
250 * to accommodate future extension to the
251 * protocol.
252 */
253 ND_PRINTK(2, notice,
254 "%s: ignored unsupported option; type=%d, len=%d\n",
255 __func__,
256 nd_opt->nd_opt_type,
257 nd_opt->nd_opt_len);
258 }
259 }
260 opt_len -= l;
261 nd_opt = ((void *)nd_opt) + l;
262 }
263 return ndopts;
264 }
265
266 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
267 {
268 switch (dev->type) {
269 case ARPHRD_ETHER:
270 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
271 case ARPHRD_FDDI:
272 ipv6_eth_mc_map(addr, buf);
273 return 0;
274 case ARPHRD_ARCNET:
275 ipv6_arcnet_mc_map(addr, buf);
276 return 0;
277 case ARPHRD_INFINIBAND:
278 ipv6_ib_mc_map(addr, dev->broadcast, buf);
279 return 0;
280 case ARPHRD_IPGRE:
281 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
282 default:
283 if (dir) {
284 memcpy(buf, dev->broadcast, dev->addr_len);
285 return 0;
286 }
287 }
288 return -EINVAL;
289 }
290
291 EXPORT_SYMBOL(ndisc_mc_map);
292
293 static u32 ndisc_hash(const void *pkey,
294 const struct net_device *dev,
295 __u32 *hash_rnd)
296 {
297 return ndisc_hashfn(pkey, dev, hash_rnd);
298 }
299
300 static int ndisc_constructor(struct neighbour *neigh)
301 {
302 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
303 struct net_device *dev = neigh->dev;
304 struct inet6_dev *in6_dev;
305 struct neigh_parms *parms;
306 bool is_multicast = ipv6_addr_is_multicast(addr);
307
308 in6_dev = in6_dev_get(dev);
309 if (in6_dev == NULL) {
310 return -EINVAL;
311 }
312
313 parms = in6_dev->nd_parms;
314 __neigh_parms_put(neigh->parms);
315 neigh->parms = neigh_parms_clone(parms);
316
317 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
318 if (!dev->header_ops) {
319 neigh->nud_state = NUD_NOARP;
320 neigh->ops = &ndisc_direct_ops;
321 neigh->output = neigh_direct_output;
322 } else {
323 if (is_multicast) {
324 neigh->nud_state = NUD_NOARP;
325 ndisc_mc_map(addr, neigh->ha, dev, 1);
326 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
327 neigh->nud_state = NUD_NOARP;
328 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
329 if (dev->flags&IFF_LOOPBACK)
330 neigh->type = RTN_LOCAL;
331 } else if (dev->flags&IFF_POINTOPOINT) {
332 neigh->nud_state = NUD_NOARP;
333 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
334 }
335 if (dev->header_ops->cache)
336 neigh->ops = &ndisc_hh_ops;
337 else
338 neigh->ops = &ndisc_generic_ops;
339 if (neigh->nud_state&NUD_VALID)
340 neigh->output = neigh->ops->connected_output;
341 else
342 neigh->output = neigh->ops->output;
343 }
344 in6_dev_put(in6_dev);
345 return 0;
346 }
347
348 static int pndisc_constructor(struct pneigh_entry *n)
349 {
350 struct in6_addr *addr = (struct in6_addr*)&n->key;
351 struct in6_addr maddr;
352 struct net_device *dev = n->dev;
353
354 if (dev == NULL || __in6_dev_get(dev) == NULL)
355 return -EINVAL;
356 addrconf_addr_solict_mult(addr, &maddr);
357 ipv6_dev_mc_inc(dev, &maddr);
358 return 0;
359 }
360
361 static void pndisc_destructor(struct pneigh_entry *n)
362 {
363 struct in6_addr *addr = (struct in6_addr*)&n->key;
364 struct in6_addr maddr;
365 struct net_device *dev = n->dev;
366
367 if (dev == NULL || __in6_dev_get(dev) == NULL)
368 return;
369 addrconf_addr_solict_mult(addr, &maddr);
370 ipv6_dev_mc_dec(dev, &maddr);
371 }
372
373 struct sk_buff *ndisc_build_skb(struct net_device *dev,
374 const struct in6_addr *daddr,
375 const struct in6_addr *saddr,
376 struct icmp6hdr *icmp6h,
377 const struct in6_addr *target,
378 int llinfo)
379 {
380 struct net *net = dev_net(dev);
381 struct sock *sk = net->ipv6.ndisc_sk;
382 struct sk_buff *skb;
383 struct icmp6hdr *hdr;
384 int hlen = LL_RESERVED_SPACE(dev);
385 int tlen = dev->needed_tailroom;
386 int len;
387 int err;
388 u8 *opt;
389
390 if (!dev->addr_len)
391 llinfo = 0;
392
393 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
394 if (llinfo)
395 len += ndisc_opt_addr_space(dev);
396
397 skb = sock_alloc_send_skb(sk,
398 (MAX_HEADER + sizeof(struct ipv6hdr) +
399 len + hlen + tlen),
400 1, &err);
401 if (!skb) {
402 ND_PRINTK(0, err, "ND: %s failed to allocate an skb, err=%d\n",
403 __func__, err);
404 return NULL;
405 }
406
407 skb_reserve(skb, hlen);
408 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
409
410 skb->transport_header = skb->tail;
411 skb_put(skb, len);
412
413 hdr = (struct icmp6hdr *)skb_transport_header(skb);
414 memcpy(hdr, icmp6h, sizeof(*hdr));
415
416 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
417 if (target) {
418 *(struct in6_addr *)opt = *target;
419 opt += sizeof(*target);
420 }
421
422 if (llinfo)
423 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
424 dev->addr_len, dev->type);
425
426 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
427 IPPROTO_ICMPV6,
428 csum_partial(hdr,
429 len, 0));
430
431 return skb;
432 }
433
434 EXPORT_SYMBOL(ndisc_build_skb);
435
436 void ndisc_send_skb(struct sk_buff *skb,
437 struct net_device *dev,
438 struct neighbour *neigh,
439 const struct in6_addr *daddr,
440 const struct in6_addr *saddr,
441 struct icmp6hdr *icmp6h)
442 {
443 struct flowi6 fl6;
444 struct dst_entry *dst;
445 struct net *net = dev_net(dev);
446 struct sock *sk = net->ipv6.ndisc_sk;
447 struct inet6_dev *idev;
448 int err;
449 u8 type;
450
451 type = icmp6h->icmp6_type;
452
453 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
454 dst = icmp6_dst_alloc(dev, neigh, &fl6);
455 if (IS_ERR(dst)) {
456 kfree_skb(skb);
457 return;
458 }
459
460 skb_dst_set(skb, dst);
461
462 rcu_read_lock();
463 idev = __in6_dev_get(dst->dev);
464 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
465
466 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
467 dst_output);
468 if (!err) {
469 ICMP6MSGOUT_INC_STATS(net, idev, type);
470 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
471 }
472
473 rcu_read_unlock();
474 }
475
476 EXPORT_SYMBOL(ndisc_send_skb);
477
478 /*
479 * Send a Neighbour Discover packet
480 */
481 static void __ndisc_send(struct net_device *dev,
482 struct neighbour *neigh,
483 const struct in6_addr *daddr,
484 const struct in6_addr *saddr,
485 struct icmp6hdr *icmp6h, const struct in6_addr *target,
486 int llinfo)
487 {
488 struct sk_buff *skb;
489
490 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
491 if (!skb)
492 return;
493
494 ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
495 }
496
497 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
498 const struct in6_addr *daddr,
499 const struct in6_addr *solicited_addr,
500 int router, int solicited, int override, int inc_opt)
501 {
502 struct in6_addr tmpaddr;
503 struct inet6_ifaddr *ifp;
504 const struct in6_addr *src_addr;
505 struct icmp6hdr icmp6h = {
506 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
507 };
508
509 /* for anycast or proxy, solicited_addr != src_addr */
510 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
511 if (ifp) {
512 src_addr = solicited_addr;
513 if (ifp->flags & IFA_F_OPTIMISTIC)
514 override = 0;
515 inc_opt |= ifp->idev->cnf.force_tllao;
516 in6_ifa_put(ifp);
517 } else {
518 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
519 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
520 &tmpaddr))
521 return;
522 src_addr = &tmpaddr;
523 }
524
525 icmp6h.icmp6_router = router;
526 icmp6h.icmp6_solicited = solicited;
527 icmp6h.icmp6_override = override;
528
529 __ndisc_send(dev, neigh, daddr, src_addr,
530 &icmp6h, solicited_addr,
531 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
532 }
533
534 static void ndisc_send_unsol_na(struct net_device *dev)
535 {
536 struct inet6_dev *idev;
537 struct inet6_ifaddr *ifa;
538 struct in6_addr mcaddr;
539
540 idev = in6_dev_get(dev);
541 if (!idev)
542 return;
543
544 read_lock_bh(&idev->lock);
545 list_for_each_entry(ifa, &idev->addr_list, if_list) {
546 addrconf_addr_solict_mult(&ifa->addr, &mcaddr);
547 ndisc_send_na(dev, NULL, &mcaddr, &ifa->addr,
548 /*router=*/ !!idev->cnf.forwarding,
549 /*solicited=*/ false, /*override=*/ true,
550 /*inc_opt=*/ true);
551 }
552 read_unlock_bh(&idev->lock);
553
554 in6_dev_put(idev);
555 }
556
557 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
558 const struct in6_addr *solicit,
559 const struct in6_addr *daddr, const struct in6_addr *saddr)
560 {
561 struct in6_addr addr_buf;
562 struct icmp6hdr icmp6h = {
563 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
564 };
565
566 if (saddr == NULL) {
567 if (ipv6_get_lladdr(dev, &addr_buf,
568 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
569 return;
570 saddr = &addr_buf;
571 }
572
573 __ndisc_send(dev, neigh, daddr, saddr,
574 &icmp6h, solicit,
575 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
576 }
577
578 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
579 const struct in6_addr *daddr)
580 {
581 struct icmp6hdr icmp6h = {
582 .icmp6_type = NDISC_ROUTER_SOLICITATION,
583 };
584 int send_sllao = dev->addr_len;
585
586 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
587 /*
588 * According to section 2.2 of RFC 4429, we must not
589 * send router solicitations with a sllao from
590 * optimistic addresses, but we may send the solicitation
591 * if we don't include the sllao. So here we check
592 * if our address is optimistic, and if so, we
593 * suppress the inclusion of the sllao.
594 */
595 if (send_sllao) {
596 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
597 dev, 1);
598 if (ifp) {
599 if (ifp->flags & IFA_F_OPTIMISTIC) {
600 send_sllao = 0;
601 }
602 in6_ifa_put(ifp);
603 } else {
604 send_sllao = 0;
605 }
606 }
607 #endif
608 __ndisc_send(dev, NULL, daddr, saddr,
609 &icmp6h, NULL,
610 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
611 }
612
613
614 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
615 {
616 /*
617 * "The sender MUST return an ICMP
618 * destination unreachable"
619 */
620 dst_link_failure(skb);
621 kfree_skb(skb);
622 }
623
624 /* Called with locked neigh: either read or both */
625
626 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
627 {
628 struct in6_addr *saddr = NULL;
629 struct in6_addr mcaddr;
630 struct net_device *dev = neigh->dev;
631 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
632 int probes = atomic_read(&neigh->probes);
633
634 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
635 saddr = &ipv6_hdr(skb)->saddr;
636
637 if ((probes -= neigh->parms->ucast_probes) < 0) {
638 if (!(neigh->nud_state & NUD_VALID)) {
639 ND_PRINTK(1, dbg,
640 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
641 __func__, target);
642 }
643 ndisc_send_ns(dev, neigh, target, target, saddr);
644 } else if ((probes -= neigh->parms->app_probes) < 0) {
645 #ifdef CONFIG_ARPD
646 neigh_app_ns(neigh);
647 #endif
648 } else {
649 addrconf_addr_solict_mult(target, &mcaddr);
650 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
651 }
652 }
653
654 static int pndisc_is_router(const void *pkey,
655 struct net_device *dev)
656 {
657 struct pneigh_entry *n;
658 int ret = -1;
659
660 read_lock_bh(&nd_tbl.lock);
661 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
662 if (n)
663 ret = !!(n->flags & NTF_ROUTER);
664 read_unlock_bh(&nd_tbl.lock);
665
666 return ret;
667 }
668
669 static void ndisc_recv_ns(struct sk_buff *skb)
670 {
671 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
672 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
673 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
674 u8 *lladdr = NULL;
675 u32 ndoptlen = skb->tail - (skb->transport_header +
676 offsetof(struct nd_msg, opt));
677 struct ndisc_options ndopts;
678 struct net_device *dev = skb->dev;
679 struct inet6_ifaddr *ifp;
680 struct inet6_dev *idev = NULL;
681 struct neighbour *neigh;
682 int dad = ipv6_addr_any(saddr);
683 bool inc;
684 int is_router = -1;
685
686 if (ipv6_addr_is_multicast(&msg->target)) {
687 ND_PRINTK(2, warn, "NS: multicast target address\n");
688 return;
689 }
690
691 /*
692 * RFC2461 7.1.1:
693 * DAD has to be destined for solicited node multicast address.
694 */
695 if (dad &&
696 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
697 daddr->s6_addr32[1] == htonl(0x00000000) &&
698 daddr->s6_addr32[2] == htonl(0x00000001) &&
699 daddr->s6_addr [12] == 0xff )) {
700 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
701 return;
702 }
703
704 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
705 ND_PRINTK(2, warn, "NS: invalid ND options\n");
706 return;
707 }
708
709 if (ndopts.nd_opts_src_lladdr) {
710 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
711 if (!lladdr) {
712 ND_PRINTK(2, warn,
713 "NS: invalid link-layer address length\n");
714 return;
715 }
716
717 /* RFC2461 7.1.1:
718 * If the IP source address is the unspecified address,
719 * there MUST NOT be source link-layer address option
720 * in the message.
721 */
722 if (dad) {
723 ND_PRINTK(2, warn,
724 "NS: bad DAD packet (link-layer address option)\n");
725 return;
726 }
727 }
728
729 inc = ipv6_addr_is_multicast(daddr);
730
731 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
732 if (ifp) {
733
734 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
735 if (dad) {
736 /*
737 * We are colliding with another node
738 * who is doing DAD
739 * so fail our DAD process
740 */
741 addrconf_dad_failure(ifp);
742 return;
743 } else {
744 /*
745 * This is not a dad solicitation.
746 * If we are an optimistic node,
747 * we should respond.
748 * Otherwise, we should ignore it.
749 */
750 if (!(ifp->flags & IFA_F_OPTIMISTIC))
751 goto out;
752 }
753 }
754
755 idev = ifp->idev;
756 } else {
757 struct net *net = dev_net(dev);
758
759 idev = in6_dev_get(dev);
760 if (!idev) {
761 /* XXX: count this drop? */
762 return;
763 }
764
765 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
766 (idev->cnf.forwarding &&
767 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
768 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
769 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
770 skb->pkt_type != PACKET_HOST &&
771 inc != 0 &&
772 idev->nd_parms->proxy_delay != 0) {
773 /*
774 * for anycast or proxy,
775 * sender should delay its response
776 * by a random time between 0 and
777 * MAX_ANYCAST_DELAY_TIME seconds.
778 * (RFC2461) -- yoshfuji
779 */
780 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
781 if (n)
782 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
783 goto out;
784 }
785 } else
786 goto out;
787 }
788
789 if (is_router < 0)
790 is_router = !!idev->cnf.forwarding;
791
792 if (dad) {
793 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
794 is_router, 0, (ifp != NULL), 1);
795 goto out;
796 }
797
798 if (inc)
799 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
800 else
801 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
802
803 /*
804 * update / create cache entry
805 * for the source address
806 */
807 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
808 !inc || lladdr || !dev->addr_len);
809 if (neigh)
810 neigh_update(neigh, lladdr, NUD_STALE,
811 NEIGH_UPDATE_F_WEAK_OVERRIDE|
812 NEIGH_UPDATE_F_OVERRIDE);
813 if (neigh || !dev->header_ops) {
814 ndisc_send_na(dev, neigh, saddr, &msg->target,
815 is_router,
816 1, (ifp != NULL && inc), inc);
817 if (neigh)
818 neigh_release(neigh);
819 }
820
821 out:
822 if (ifp)
823 in6_ifa_put(ifp);
824 else
825 in6_dev_put(idev);
826 }
827
828 static void ndisc_recv_na(struct sk_buff *skb)
829 {
830 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
831 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
832 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
833 u8 *lladdr = NULL;
834 u32 ndoptlen = skb->tail - (skb->transport_header +
835 offsetof(struct nd_msg, opt));
836 struct ndisc_options ndopts;
837 struct net_device *dev = skb->dev;
838 struct inet6_ifaddr *ifp;
839 struct neighbour *neigh;
840
841 if (skb->len < sizeof(struct nd_msg)) {
842 ND_PRINTK(2, warn, "NA: packet too short\n");
843 return;
844 }
845
846 if (ipv6_addr_is_multicast(&msg->target)) {
847 ND_PRINTK(2, warn, "NA: target address is multicast\n");
848 return;
849 }
850
851 if (ipv6_addr_is_multicast(daddr) &&
852 msg->icmph.icmp6_solicited) {
853 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
854 return;
855 }
856
857 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
858 ND_PRINTK(2, warn, "NS: invalid ND option\n");
859 return;
860 }
861 if (ndopts.nd_opts_tgt_lladdr) {
862 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
863 if (!lladdr) {
864 ND_PRINTK(2, warn,
865 "NA: invalid link-layer address length\n");
866 return;
867 }
868 }
869 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
870 if (ifp) {
871 if (skb->pkt_type != PACKET_LOOPBACK
872 && (ifp->flags & IFA_F_TENTATIVE)) {
873 addrconf_dad_failure(ifp);
874 return;
875 }
876 /* What should we make now? The advertisement
877 is invalid, but ndisc specs say nothing
878 about it. It could be misconfiguration, or
879 an smart proxy agent tries to help us :-)
880
881 We should not print the error if NA has been
882 received from loopback - it is just our own
883 unsolicited advertisement.
884 */
885 if (skb->pkt_type != PACKET_LOOPBACK)
886 ND_PRINTK(1, warn,
887 "NA: someone advertises our address %pI6 on %s!\n",
888 &ifp->addr, ifp->idev->dev->name);
889 in6_ifa_put(ifp);
890 return;
891 }
892 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
893
894 if (neigh) {
895 u8 old_flags = neigh->flags;
896 struct net *net = dev_net(dev);
897
898 if (neigh->nud_state & NUD_FAILED)
899 goto out;
900
901 /*
902 * Don't update the neighbor cache entry on a proxy NA from
903 * ourselves because either the proxied node is off link or it
904 * has already sent a NA to us.
905 */
906 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
907 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
908 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
909 /* XXX: idev->cnf.prixy_ndp */
910 goto out;
911 }
912
913 neigh_update(neigh, lladdr,
914 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
915 NEIGH_UPDATE_F_WEAK_OVERRIDE|
916 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
917 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
918 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
919
920 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
921 /*
922 * Change: router to host
923 */
924 struct rt6_info *rt;
925 rt = rt6_get_dflt_router(saddr, dev);
926 if (rt)
927 ip6_del_rt(rt);
928 }
929
930 out:
931 neigh_release(neigh);
932 }
933 }
934
935 static void ndisc_recv_rs(struct sk_buff *skb)
936 {
937 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
938 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
939 struct neighbour *neigh;
940 struct inet6_dev *idev;
941 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
942 struct ndisc_options ndopts;
943 u8 *lladdr = NULL;
944
945 if (skb->len < sizeof(*rs_msg))
946 return;
947
948 idev = __in6_dev_get(skb->dev);
949 if (!idev) {
950 ND_PRINTK(1, err, "RS: can't find in6 device\n");
951 return;
952 }
953
954 /* Don't accept RS if we're not in router mode */
955 if (!idev->cnf.forwarding)
956 goto out;
957
958 /*
959 * Don't update NCE if src = ::;
960 * this implies that the source node has no ip address assigned yet.
961 */
962 if (ipv6_addr_any(saddr))
963 goto out;
964
965 /* Parse ND options */
966 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
967 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
968 goto out;
969 }
970
971 if (ndopts.nd_opts_src_lladdr) {
972 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
973 skb->dev);
974 if (!lladdr)
975 goto out;
976 }
977
978 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
979 if (neigh) {
980 neigh_update(neigh, lladdr, NUD_STALE,
981 NEIGH_UPDATE_F_WEAK_OVERRIDE|
982 NEIGH_UPDATE_F_OVERRIDE|
983 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
984 neigh_release(neigh);
985 }
986 out:
987 return;
988 }
989
990 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
991 {
992 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
993 struct sk_buff *skb;
994 struct nlmsghdr *nlh;
995 struct nduseroptmsg *ndmsg;
996 struct net *net = dev_net(ra->dev);
997 int err;
998 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
999 + (opt->nd_opt_len << 3));
1000 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1001
1002 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1003 if (skb == NULL) {
1004 err = -ENOBUFS;
1005 goto errout;
1006 }
1007
1008 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1009 if (nlh == NULL) {
1010 goto nla_put_failure;
1011 }
1012
1013 ndmsg = nlmsg_data(nlh);
1014 ndmsg->nduseropt_family = AF_INET6;
1015 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1016 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1017 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1018 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1019
1020 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1021
1022 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1023 &ipv6_hdr(ra)->saddr))
1024 goto nla_put_failure;
1025 nlmsg_end(skb, nlh);
1026
1027 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1028 return;
1029
1030 nla_put_failure:
1031 nlmsg_free(skb);
1032 err = -EMSGSIZE;
1033 errout:
1034 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1035 }
1036
1037 static inline int accept_ra(struct inet6_dev *in6_dev)
1038 {
1039 /*
1040 * If forwarding is enabled, RA are not accepted unless the special
1041 * hybrid mode (accept_ra=2) is enabled.
1042 */
1043 if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
1044 return 0;
1045
1046 return in6_dev->cnf.accept_ra;
1047 }
1048
1049 static void ndisc_router_discovery(struct sk_buff *skb)
1050 {
1051 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1052 struct neighbour *neigh = NULL;
1053 struct inet6_dev *in6_dev;
1054 struct rt6_info *rt = NULL;
1055 int lifetime;
1056 struct ndisc_options ndopts;
1057 int optlen;
1058 unsigned int pref = 0;
1059
1060 __u8 * opt = (__u8 *)(ra_msg + 1);
1061
1062 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1063
1064 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1065 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1066 return;
1067 }
1068 if (optlen < 0) {
1069 ND_PRINTK(2, warn, "RA: packet too short\n");
1070 return;
1071 }
1072
1073 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1074 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1075 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1076 return;
1077 }
1078 #endif
1079
1080 /*
1081 * set the RA_RECV flag in the interface
1082 */
1083
1084 in6_dev = __in6_dev_get(skb->dev);
1085 if (in6_dev == NULL) {
1086 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1087 skb->dev->name);
1088 return;
1089 }
1090
1091 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1092 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1093 return;
1094 }
1095
1096 if (!accept_ra(in6_dev))
1097 goto skip_linkparms;
1098
1099 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1100 /* skip link-specific parameters from interior routers */
1101 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1102 goto skip_linkparms;
1103 #endif
1104
1105 if (in6_dev->if_flags & IF_RS_SENT) {
1106 /*
1107 * flag that an RA was received after an RS was sent
1108 * out on this interface.
1109 */
1110 in6_dev->if_flags |= IF_RA_RCVD;
1111 }
1112
1113 /*
1114 * Remember the managed/otherconf flags from most recently
1115 * received RA message (RFC 2462) -- yoshfuji
1116 */
1117 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1118 IF_RA_OTHERCONF)) |
1119 (ra_msg->icmph.icmp6_addrconf_managed ?
1120 IF_RA_MANAGED : 0) |
1121 (ra_msg->icmph.icmp6_addrconf_other ?
1122 IF_RA_OTHERCONF : 0);
1123
1124 if (!in6_dev->cnf.accept_ra_defrtr)
1125 goto skip_defrtr;
1126
1127 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1128 goto skip_defrtr;
1129
1130 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1131
1132 #ifdef CONFIG_IPV6_ROUTER_PREF
1133 pref = ra_msg->icmph.icmp6_router_pref;
1134 /* 10b is handled as if it were 00b (medium) */
1135 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1136 !in6_dev->cnf.accept_ra_rtr_pref)
1137 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1138 #endif
1139
1140 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1141
1142 if (rt) {
1143 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1144 if (!neigh) {
1145 ND_PRINTK(0, err,
1146 "RA: %s got default router without neighbour\n",
1147 __func__);
1148 dst_release(&rt->dst);
1149 return;
1150 }
1151 }
1152 if (rt && lifetime == 0) {
1153 ip6_del_rt(rt);
1154 rt = NULL;
1155 }
1156
1157 if (rt == NULL && lifetime) {
1158 ND_PRINTK(3, dbg, "RA: adding default router\n");
1159
1160 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1161 if (rt == NULL) {
1162 ND_PRINTK(0, err,
1163 "RA: %s failed to add default route\n",
1164 __func__);
1165 return;
1166 }
1167
1168 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1169 if (neigh == NULL) {
1170 ND_PRINTK(0, err,
1171 "RA: %s got default router without neighbour\n",
1172 __func__);
1173 dst_release(&rt->dst);
1174 return;
1175 }
1176 neigh->flags |= NTF_ROUTER;
1177 } else if (rt) {
1178 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1179 }
1180
1181 if (rt)
1182 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1183 if (ra_msg->icmph.icmp6_hop_limit) {
1184 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1185 if (rt)
1186 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1187 ra_msg->icmph.icmp6_hop_limit);
1188 }
1189
1190 skip_defrtr:
1191
1192 /*
1193 * Update Reachable Time and Retrans Timer
1194 */
1195
1196 if (in6_dev->nd_parms) {
1197 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1198
1199 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1200 rtime = (rtime*HZ)/1000;
1201 if (rtime < HZ/10)
1202 rtime = HZ/10;
1203 in6_dev->nd_parms->retrans_time = rtime;
1204 in6_dev->tstamp = jiffies;
1205 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1206 }
1207
1208 rtime = ntohl(ra_msg->reachable_time);
1209 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1210 rtime = (rtime*HZ)/1000;
1211
1212 if (rtime < HZ/10)
1213 rtime = HZ/10;
1214
1215 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1216 in6_dev->nd_parms->base_reachable_time = rtime;
1217 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1218 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1219 in6_dev->tstamp = jiffies;
1220 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1221 }
1222 }
1223 }
1224
1225 skip_linkparms:
1226
1227 /*
1228 * Process options.
1229 */
1230
1231 if (!neigh)
1232 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1233 skb->dev, 1);
1234 if (neigh) {
1235 u8 *lladdr = NULL;
1236 if (ndopts.nd_opts_src_lladdr) {
1237 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1238 skb->dev);
1239 if (!lladdr) {
1240 ND_PRINTK(2, warn,
1241 "RA: invalid link-layer address length\n");
1242 goto out;
1243 }
1244 }
1245 neigh_update(neigh, lladdr, NUD_STALE,
1246 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1247 NEIGH_UPDATE_F_OVERRIDE|
1248 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1249 NEIGH_UPDATE_F_ISROUTER);
1250 }
1251
1252 if (!accept_ra(in6_dev))
1253 goto out;
1254
1255 #ifdef CONFIG_IPV6_ROUTE_INFO
1256 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1257 goto skip_routeinfo;
1258
1259 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1260 struct nd_opt_hdr *p;
1261 for (p = ndopts.nd_opts_ri;
1262 p;
1263 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1264 struct route_info *ri = (struct route_info *)p;
1265 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1266 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1267 ri->prefix_len == 0)
1268 continue;
1269 #endif
1270 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1271 continue;
1272 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1273 &ipv6_hdr(skb)->saddr);
1274 }
1275 }
1276
1277 skip_routeinfo:
1278 #endif
1279
1280 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1281 /* skip link-specific ndopts from interior routers */
1282 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1283 goto out;
1284 #endif
1285
1286 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1287 struct nd_opt_hdr *p;
1288 for (p = ndopts.nd_opts_pi;
1289 p;
1290 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1291 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1292 (p->nd_opt_len) << 3,
1293 ndopts.nd_opts_src_lladdr != NULL);
1294 }
1295 }
1296
1297 if (ndopts.nd_opts_mtu) {
1298 __be32 n;
1299 u32 mtu;
1300
1301 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1302 mtu = ntohl(n);
1303
1304 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1305 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1306 } else if (in6_dev->cnf.mtu6 != mtu) {
1307 in6_dev->cnf.mtu6 = mtu;
1308
1309 if (rt)
1310 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1311
1312 rt6_mtu_change(skb->dev, mtu);
1313 }
1314 }
1315
1316 if (ndopts.nd_useropts) {
1317 struct nd_opt_hdr *p;
1318 for (p = ndopts.nd_useropts;
1319 p;
1320 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1321 ndisc_ra_useropt(skb, p);
1322 }
1323 }
1324
1325 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1326 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1327 }
1328 out:
1329 if (rt)
1330 dst_release(&rt->dst);
1331 if (neigh)
1332 neigh_release(neigh);
1333 }
1334
1335 static void ndisc_redirect_rcv(struct sk_buff *skb)
1336 {
1337 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1338 switch (skb->ndisc_nodetype) {
1339 case NDISC_NODETYPE_HOST:
1340 case NDISC_NODETYPE_NODEFAULT:
1341 ND_PRINTK(2, warn,
1342 "Redirect: from host or unauthorized router\n");
1343 return;
1344 }
1345 #endif
1346
1347 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1348 ND_PRINTK(2, warn,
1349 "Redirect: source address is not link-local\n");
1350 return;
1351 }
1352
1353 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1354 }
1355
1356 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1357 {
1358 struct net_device *dev = skb->dev;
1359 struct net *net = dev_net(dev);
1360 struct sock *sk = net->ipv6.ndisc_sk;
1361 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1362 struct inet_peer *peer;
1363 struct sk_buff *buff;
1364 struct icmp6hdr *icmph;
1365 struct in6_addr saddr_buf;
1366 struct in6_addr *addrp;
1367 struct rt6_info *rt;
1368 struct dst_entry *dst;
1369 struct inet6_dev *idev;
1370 struct flowi6 fl6;
1371 u8 *opt;
1372 int hlen, tlen;
1373 int rd_len;
1374 int err;
1375 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1376 bool ret;
1377
1378 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1379 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1380 dev->name);
1381 return;
1382 }
1383
1384 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1385 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1386 ND_PRINTK(2, warn,
1387 "Redirect: target address is not link-local unicast\n");
1388 return;
1389 }
1390
1391 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1392 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1393
1394 dst = ip6_route_output(net, NULL, &fl6);
1395 if (dst->error) {
1396 dst_release(dst);
1397 return;
1398 }
1399 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1400 if (IS_ERR(dst))
1401 return;
1402
1403 rt = (struct rt6_info *) dst;
1404
1405 if (rt->rt6i_flags & RTF_GATEWAY) {
1406 ND_PRINTK(2, warn,
1407 "Redirect: destination is not a neighbour\n");
1408 goto release;
1409 }
1410 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1411 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1412 if (peer)
1413 inet_putpeer(peer);
1414 if (!ret)
1415 goto release;
1416
1417 if (dev->addr_len) {
1418 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1419 if (!neigh) {
1420 ND_PRINTK(2, warn,
1421 "Redirect: no neigh for target address\n");
1422 goto release;
1423 }
1424
1425 read_lock_bh(&neigh->lock);
1426 if (neigh->nud_state & NUD_VALID) {
1427 memcpy(ha_buf, neigh->ha, dev->addr_len);
1428 read_unlock_bh(&neigh->lock);
1429 ha = ha_buf;
1430 len += ndisc_opt_addr_space(dev);
1431 } else
1432 read_unlock_bh(&neigh->lock);
1433
1434 neigh_release(neigh);
1435 }
1436
1437 rd_len = min_t(unsigned int,
1438 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1439 rd_len &= ~0x7;
1440 len += rd_len;
1441
1442 hlen = LL_RESERVED_SPACE(dev);
1443 tlen = dev->needed_tailroom;
1444 buff = sock_alloc_send_skb(sk,
1445 (MAX_HEADER + sizeof(struct ipv6hdr) +
1446 len + hlen + tlen),
1447 1, &err);
1448 if (buff == NULL) {
1449 ND_PRINTK(0, err,
1450 "Redirect: %s failed to allocate an skb, err=%d\n",
1451 __func__, err);
1452 goto release;
1453 }
1454
1455 skb_reserve(buff, hlen);
1456 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1457 IPPROTO_ICMPV6, len);
1458
1459 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1460 skb_put(buff, len);
1461 icmph = icmp6_hdr(buff);
1462
1463 memset(icmph, 0, sizeof(struct icmp6hdr));
1464 icmph->icmp6_type = NDISC_REDIRECT;
1465
1466 /*
1467 * copy target and destination addresses
1468 */
1469
1470 addrp = (struct in6_addr *)(icmph + 1);
1471 *addrp = *target;
1472 addrp++;
1473 *addrp = ipv6_hdr(skb)->daddr;
1474
1475 opt = (u8*) (addrp + 1);
1476
1477 /*
1478 * include target_address option
1479 */
1480
1481 if (ha)
1482 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1483 dev->addr_len, dev->type);
1484
1485 /*
1486 * build redirect option and copy skb over to the new packet.
1487 */
1488
1489 memset(opt, 0, 8);
1490 *(opt++) = ND_OPT_REDIRECT_HDR;
1491 *(opt++) = (rd_len >> 3);
1492 opt += 6;
1493
1494 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1495
1496 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1497 len, IPPROTO_ICMPV6,
1498 csum_partial(icmph, len, 0));
1499
1500 skb_dst_set(buff, dst);
1501 rcu_read_lock();
1502 idev = __in6_dev_get(dst->dev);
1503 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1504 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1505 dst_output);
1506 if (!err) {
1507 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1508 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1509 }
1510
1511 rcu_read_unlock();
1512 return;
1513
1514 release:
1515 dst_release(dst);
1516 }
1517
1518 static void pndisc_redo(struct sk_buff *skb)
1519 {
1520 ndisc_recv_ns(skb);
1521 kfree_skb(skb);
1522 }
1523
1524 int ndisc_rcv(struct sk_buff *skb)
1525 {
1526 struct nd_msg *msg;
1527
1528 if (!pskb_may_pull(skb, skb->len))
1529 return 0;
1530
1531 msg = (struct nd_msg *)skb_transport_header(skb);
1532
1533 __skb_push(skb, skb->data - skb_transport_header(skb));
1534
1535 if (ipv6_hdr(skb)->hop_limit != 255) {
1536 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1537 ipv6_hdr(skb)->hop_limit);
1538 return 0;
1539 }
1540
1541 if (msg->icmph.icmp6_code != 0) {
1542 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1543 msg->icmph.icmp6_code);
1544 return 0;
1545 }
1546
1547 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1548
1549 switch (msg->icmph.icmp6_type) {
1550 case NDISC_NEIGHBOUR_SOLICITATION:
1551 ndisc_recv_ns(skb);
1552 break;
1553
1554 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1555 ndisc_recv_na(skb);
1556 break;
1557
1558 case NDISC_ROUTER_SOLICITATION:
1559 ndisc_recv_rs(skb);
1560 break;
1561
1562 case NDISC_ROUTER_ADVERTISEMENT:
1563 ndisc_router_discovery(skb);
1564 break;
1565
1566 case NDISC_REDIRECT:
1567 ndisc_redirect_rcv(skb);
1568 break;
1569 }
1570
1571 return 0;
1572 }
1573
1574 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1575 {
1576 struct net_device *dev = ptr;
1577 struct net *net = dev_net(dev);
1578
1579 switch (event) {
1580 case NETDEV_CHANGEADDR:
1581 neigh_changeaddr(&nd_tbl, dev);
1582 fib6_run_gc(~0UL, net);
1583 break;
1584 case NETDEV_DOWN:
1585 neigh_ifdown(&nd_tbl, dev);
1586 fib6_run_gc(~0UL, net);
1587 break;
1588 case NETDEV_NOTIFY_PEERS:
1589 ndisc_send_unsol_na(dev);
1590 break;
1591 default:
1592 break;
1593 }
1594
1595 return NOTIFY_DONE;
1596 }
1597
1598 static struct notifier_block ndisc_netdev_notifier = {
1599 .notifier_call = ndisc_netdev_event,
1600 };
1601
1602 #ifdef CONFIG_SYSCTL
1603 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1604 const char *func, const char *dev_name)
1605 {
1606 static char warncomm[TASK_COMM_LEN];
1607 static int warned;
1608 if (strcmp(warncomm, current->comm) && warned < 5) {
1609 strcpy(warncomm, current->comm);
1610 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1611 warncomm, func,
1612 dev_name, ctl->procname,
1613 dev_name, ctl->procname);
1614 warned++;
1615 }
1616 }
1617
1618 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1619 {
1620 struct net_device *dev = ctl->extra1;
1621 struct inet6_dev *idev;
1622 int ret;
1623
1624 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1625 (strcmp(ctl->procname, "base_reachable_time") == 0))
1626 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1627
1628 if (strcmp(ctl->procname, "retrans_time") == 0)
1629 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1630
1631 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1632 ret = proc_dointvec_jiffies(ctl, write,
1633 buffer, lenp, ppos);
1634
1635 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1636 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1637 ret = proc_dointvec_ms_jiffies(ctl, write,
1638 buffer, lenp, ppos);
1639 else
1640 ret = -1;
1641
1642 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1643 if (ctl->data == &idev->nd_parms->base_reachable_time)
1644 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1645 idev->tstamp = jiffies;
1646 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1647 in6_dev_put(idev);
1648 }
1649 return ret;
1650 }
1651
1652
1653 #endif
1654
1655 static int __net_init ndisc_net_init(struct net *net)
1656 {
1657 struct ipv6_pinfo *np;
1658 struct sock *sk;
1659 int err;
1660
1661 err = inet_ctl_sock_create(&sk, PF_INET6,
1662 SOCK_RAW, IPPROTO_ICMPV6, net);
1663 if (err < 0) {
1664 ND_PRINTK(0, err,
1665 "NDISC: Failed to initialize the control socket (err %d)\n",
1666 err);
1667 return err;
1668 }
1669
1670 net->ipv6.ndisc_sk = sk;
1671
1672 np = inet6_sk(sk);
1673 np->hop_limit = 255;
1674 /* Do not loopback ndisc messages */
1675 np->mc_loop = 0;
1676
1677 return 0;
1678 }
1679
1680 static void __net_exit ndisc_net_exit(struct net *net)
1681 {
1682 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1683 }
1684
1685 static struct pernet_operations ndisc_net_ops = {
1686 .init = ndisc_net_init,
1687 .exit = ndisc_net_exit,
1688 };
1689
1690 int __init ndisc_init(void)
1691 {
1692 int err;
1693
1694 err = register_pernet_subsys(&ndisc_net_ops);
1695 if (err)
1696 return err;
1697 /*
1698 * Initialize the neighbour table
1699 */
1700 neigh_table_init(&nd_tbl);
1701
1702 #ifdef CONFIG_SYSCTL
1703 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1704 &ndisc_ifinfo_sysctl_change);
1705 if (err)
1706 goto out_unregister_pernet;
1707 #endif
1708 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1709 if (err)
1710 goto out_unregister_sysctl;
1711 out:
1712 return err;
1713
1714 out_unregister_sysctl:
1715 #ifdef CONFIG_SYSCTL
1716 neigh_sysctl_unregister(&nd_tbl.parms);
1717 out_unregister_pernet:
1718 #endif
1719 unregister_pernet_subsys(&ndisc_net_ops);
1720 goto out;
1721 }
1722
1723 void ndisc_cleanup(void)
1724 {
1725 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1726 #ifdef CONFIG_SYSCTL
1727 neigh_sysctl_unregister(&nd_tbl.parms);
1728 #endif
1729 neigh_table_clear(&nd_tbl);
1730 unregister_pernet_subsys(&ndisc_net_ops);
1731 }
kernel source for telekom puls (alcatel/mediatek)