projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Lars Fenneberg : fixed MTU setting on receipt
19 * of an RA.
20 *
21 * Janos Farkas : kmalloc failure checks
22 * Alexey Kuznetsov : state machine reworked
23 * and moved to net/core.
24 * Pekka Savola : RFC2461 validation
25 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
26 */
27
28 /* Set to 3 to get tracing... */
29 #define ND_DEBUG 1
30
31 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
32 #define ND_NOPRINTK(x...) do { ; } while(0)
33 #define ND_PRINTK0 ND_PRINTK
34 #define ND_PRINTK1 ND_NOPRINTK
35 #define ND_PRINTK2 ND_NOPRINTK
36 #define ND_PRINTK3 ND_NOPRINTK
37 #if ND_DEBUG >= 1
38 #undef ND_PRINTK1
39 #define ND_PRINTK1 ND_PRINTK
40 #endif
41 #if ND_DEBUG >= 2
42 #undef ND_PRINTK2
43 #define ND_PRINTK2 ND_PRINTK
44 #endif
45 #if ND_DEBUG >= 3
46 #undef ND_PRINTK3
47 #define ND_PRINTK3 ND_PRINTK
48 #endif
49
50 #include <linux/module.h>
51 #include <linux/errno.h>
52 #include <linux/types.h>
53 #include <linux/socket.h>
54 #include <linux/sockios.h>
55 #include <linux/sched.h>
56 #include <linux/net.h>
57 #include <linux/in6.h>
58 #include <linux/route.h>
59 #include <linux/init.h>
60 #include <linux/rcupdate.h>
61 #ifdef CONFIG_SYSCTL
62 #include <linux/sysctl.h>
63 #endif
64
65 #include <linux/if_arp.h>
66 #include <linux/ipv6.h>
67 #include <linux/icmpv6.h>
68 #include <linux/jhash.h>
69
70 #include <net/sock.h>
71 #include <net/snmp.h>
72
73 #include <net/ipv6.h>
74 #include <net/protocol.h>
75 #include <net/ndisc.h>
76 #include <net/ip6_route.h>
77 #include <net/addrconf.h>
78 #include <net/icmp.h>
79
80 #include <net/flow.h>
81 #include <net/ip6_checksum.h>
82 #include <linux/proc_fs.h>
83
84 #include <linux/netfilter.h>
85 #include <linux/netfilter_ipv6.h>
86
87 static struct socket *ndisc_socket;
88
89 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
90 static int ndisc_constructor(struct neighbour *neigh);
91 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
92 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
93 static int pndisc_constructor(struct pneigh_entry *n);
94 static void pndisc_destructor(struct pneigh_entry *n);
95 static void pndisc_redo(struct sk_buff *skb);
96
97 static struct neigh_ops ndisc_generic_ops = {
98 .family = AF_INET6,
99 .solicit = ndisc_solicit,
100 .error_report = ndisc_error_report,
101 .output = neigh_resolve_output,
102 .connected_output = neigh_connected_output,
103 .hh_output = dev_queue_xmit,
104 .queue_xmit = dev_queue_xmit,
105 };
106
107 static struct neigh_ops ndisc_hh_ops = {
108 .family = AF_INET6,
109 .solicit = ndisc_solicit,
110 .error_report = ndisc_error_report,
111 .output = neigh_resolve_output,
112 .connected_output = neigh_resolve_output,
113 .hh_output = dev_queue_xmit,
114 .queue_xmit = dev_queue_xmit,
115 };
116
117
118 static struct neigh_ops ndisc_direct_ops = {
119 .family = AF_INET6,
120 .output = dev_queue_xmit,
121 .connected_output = dev_queue_xmit,
122 .hh_output = dev_queue_xmit,
123 .queue_xmit = dev_queue_xmit,
124 };
125
126 struct neigh_table nd_tbl = {
127 .family = AF_INET6,
128 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
129 .key_len = sizeof(struct in6_addr),
130 .hash = ndisc_hash,
131 .constructor = ndisc_constructor,
132 .pconstructor = pndisc_constructor,
133 .pdestructor = pndisc_destructor,
134 .proxy_redo = pndisc_redo,
135 .id = "ndisc_cache",
136 .parms = {
137 .tbl = &nd_tbl,
138 .base_reachable_time = 30 * HZ,
139 .retrans_time = 1 * HZ,
140 .gc_staletime = 60 * HZ,
141 .reachable_time = 30 * HZ,
142 .delay_probe_time = 5 * HZ,
143 .queue_len = 3,
144 .ucast_probes = 3,
145 .mcast_probes = 3,
146 .anycast_delay = 1 * HZ,
147 .proxy_delay = (8 * HZ) / 10,
148 .proxy_qlen = 64,
149 },
150 .gc_interval = 30 * HZ,
151 .gc_thresh1 = 128,
152 .gc_thresh2 = 512,
153 .gc_thresh3 = 1024,
154 };
155
156 /* ND options */
157 struct ndisc_options {
158 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
159 #ifdef CONFIG_IPV6_ROUTE_INFO
160 struct nd_opt_hdr *nd_opts_ri;
161 struct nd_opt_hdr *nd_opts_ri_end;
162 #endif
163 };
164
165 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
166 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
167 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
168 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
169 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
170 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
171
172 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
173
174 /*
175 * Return the padding between the option length and the start of the
176 * link addr. Currently only IP-over-InfiniBand needs this, although
177 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
178 * also need a pad of 2.
179 */
180 static int ndisc_addr_option_pad(unsigned short type)
181 {
182 switch (type) {
183 case ARPHRD_INFINIBAND: return 2;
184 default: return 0;
185 }
186 }
187
188 static inline int ndisc_opt_addr_space(struct net_device *dev)
189 {
190 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
191 }
192
193 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
194 unsigned short addr_type)
195 {
196 int space = NDISC_OPT_SPACE(data_len);
197 int pad = ndisc_addr_option_pad(addr_type);
198
199 opt[0] = type;
200 opt[1] = space>>3;
201
202 memset(opt + 2, 0, pad);
203 opt += pad;
204 space -= pad;
205
206 memcpy(opt+2, data, data_len);
207 data_len += 2;
208 opt += data_len;
209 if ((space -= data_len) > 0)
210 memset(opt, 0, space);
211 return opt + space;
212 }
213
214 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
215 struct nd_opt_hdr *end)
216 {
217 int type;
218 if (!cur || !end || cur >= end)
219 return NULL;
220 type = cur->nd_opt_type;
221 do {
222 cur = ((void *)cur) + (cur->nd_opt_len << 3);
223 } while(cur < end && cur->nd_opt_type != type);
224 return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
225 }
226
227 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
228 struct ndisc_options *ndopts)
229 {
230 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
231
232 if (!nd_opt || opt_len < 0 || !ndopts)
233 return NULL;
234 memset(ndopts, 0, sizeof(*ndopts));
235 while (opt_len) {
236 int l;
237 if (opt_len < sizeof(struct nd_opt_hdr))
238 return NULL;
239 l = nd_opt->nd_opt_len << 3;
240 if (opt_len < l || l == 0)
241 return NULL;
242 switch (nd_opt->nd_opt_type) {
243 case ND_OPT_SOURCE_LL_ADDR:
244 case ND_OPT_TARGET_LL_ADDR:
245 case ND_OPT_MTU:
246 case ND_OPT_REDIRECT_HDR:
247 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
248 ND_PRINTK2(KERN_WARNING
249 "%s(): duplicated ND6 option found: type=%d\n",
250 __FUNCTION__,
251 nd_opt->nd_opt_type);
252 } else {
253 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
254 }
255 break;
256 case ND_OPT_PREFIX_INFO:
257 ndopts->nd_opts_pi_end = nd_opt;
258 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0)
259 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
260 break;
261 #ifdef CONFIG_IPV6_ROUTE_INFO
262 case ND_OPT_ROUTE_INFO:
263 ndopts->nd_opts_ri_end = nd_opt;
264 if (!ndopts->nd_opts_ri)
265 ndopts->nd_opts_ri = nd_opt;
266 break;
267 #endif
268 default:
269 /*
270 * Unknown options must be silently ignored,
271 * to accommodate future extension to the protocol.
272 */
273 ND_PRINTK2(KERN_NOTICE
274 "%s(): ignored unsupported option; type=%d, len=%d\n",
275 __FUNCTION__,
276 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
277 }
278 opt_len -= l;
279 nd_opt = ((void *)nd_opt) + l;
280 }
281 return ndopts;
282 }
283
284 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
285 struct net_device *dev)
286 {
287 u8 *lladdr = (u8 *)(p + 1);
288 int lladdrlen = p->nd_opt_len << 3;
289 int prepad = ndisc_addr_option_pad(dev->type);
290 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
291 return NULL;
292 return (lladdr + prepad);
293 }
294
295 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
296 {
297 switch (dev->type) {
298 case ARPHRD_ETHER:
299 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
300 case ARPHRD_FDDI:
301 ipv6_eth_mc_map(addr, buf);
302 return 0;
303 case ARPHRD_IEEE802_TR:
304 ipv6_tr_mc_map(addr,buf);
305 return 0;
306 case ARPHRD_ARCNET:
307 ipv6_arcnet_mc_map(addr, buf);
308 return 0;
309 case ARPHRD_INFINIBAND:
310 ipv6_ib_mc_map(addr, buf);
311 return 0;
312 default:
313 if (dir) {
314 memcpy(buf, dev->broadcast, dev->addr_len);
315 return 0;
316 }
317 }
318 return -EINVAL;
319 }
320
321 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
322 {
323 const u32 *p32 = pkey;
324 u32 addr_hash, i;
325
326 addr_hash = 0;
327 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
328 addr_hash ^= *p32++;
329
330 return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
331 }
332
333 static int ndisc_constructor(struct neighbour *neigh)
334 {
335 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
336 struct net_device *dev = neigh->dev;
337 struct inet6_dev *in6_dev;
338 struct neigh_parms *parms;
339 int is_multicast = ipv6_addr_is_multicast(addr);
340
341 rcu_read_lock();
342 in6_dev = in6_dev_get(dev);
343 if (in6_dev == NULL) {
344 rcu_read_unlock();
345 return -EINVAL;
346 }
347
348 parms = in6_dev->nd_parms;
349 __neigh_parms_put(neigh->parms);
350 neigh->parms = neigh_parms_clone(parms);
351 rcu_read_unlock();
352
353 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
354 if (dev->hard_header == NULL) {
355 neigh->nud_state = NUD_NOARP;
356 neigh->ops = &ndisc_direct_ops;
357 neigh->output = neigh->ops->queue_xmit;
358 } else {
359 if (is_multicast) {
360 neigh->nud_state = NUD_NOARP;
361 ndisc_mc_map(addr, neigh->ha, dev, 1);
362 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
363 neigh->nud_state = NUD_NOARP;
364 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
365 if (dev->flags&IFF_LOOPBACK)
366 neigh->type = RTN_LOCAL;
367 } else if (dev->flags&IFF_POINTOPOINT) {
368 neigh->nud_state = NUD_NOARP;
369 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
370 }
371 if (dev->hard_header_cache)
372 neigh->ops = &ndisc_hh_ops;
373 else
374 neigh->ops = &ndisc_generic_ops;
375 if (neigh->nud_state&NUD_VALID)
376 neigh->output = neigh->ops->connected_output;
377 else
378 neigh->output = neigh->ops->output;
379 }
380 in6_dev_put(in6_dev);
381 return 0;
382 }
383
384 static int pndisc_constructor(struct pneigh_entry *n)
385 {
386 struct in6_addr *addr = (struct in6_addr*)&n->key;
387 struct in6_addr maddr;
388 struct net_device *dev = n->dev;
389
390 if (dev == NULL || __in6_dev_get(dev) == NULL)
391 return -EINVAL;
392 addrconf_addr_solict_mult(addr, &maddr);
393 ipv6_dev_mc_inc(dev, &maddr);
394 return 0;
395 }
396
397 static void pndisc_destructor(struct pneigh_entry *n)
398 {
399 struct in6_addr *addr = (struct in6_addr*)&n->key;
400 struct in6_addr maddr;
401 struct net_device *dev = n->dev;
402
403 if (dev == NULL || __in6_dev_get(dev) == NULL)
404 return;
405 addrconf_addr_solict_mult(addr, &maddr);
406 ipv6_dev_mc_dec(dev, &maddr);
407 }
408
409 /*
410 * Send a Neighbour Advertisement
411 */
412
413 static inline void ndisc_flow_init(struct flowi *fl, u8 type,
414 struct in6_addr *saddr, struct in6_addr *daddr)
415 {
416 memset(fl, 0, sizeof(*fl));
417 ipv6_addr_copy(&fl->fl6_src, saddr);
418 ipv6_addr_copy(&fl->fl6_dst, daddr);
419 fl->proto = IPPROTO_ICMPV6;
420 fl->fl_icmp_type = type;
421 fl->fl_icmp_code = 0;
422 }
423
424 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
425 struct in6_addr *daddr, struct in6_addr *solicited_addr,
426 int router, int solicited, int override, int inc_opt)
427 {
428 struct in6_addr tmpaddr;
429 struct inet6_ifaddr *ifp;
430 struct inet6_dev *idev;
431 struct flowi fl;
432 struct dst_entry* dst;
433 struct sock *sk = ndisc_socket->sk;
434 struct in6_addr *src_addr;
435 struct nd_msg *msg;
436 int len;
437 struct sk_buff *skb;
438 int err;
439
440 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
441
442 /* for anycast or proxy, solicited_addr != src_addr */
443 ifp = ipv6_get_ifaddr(solicited_addr, dev, 1);
444 if (ifp) {
445 src_addr = solicited_addr;
446 in6_ifa_put(ifp);
447 } else {
448 if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
449 return;
450 src_addr = &tmpaddr;
451 }
452
453 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_ADVERTISEMENT, src_addr, daddr);
454
455 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
456 if (!dst)
457 return;
458
459 err = xfrm_lookup(&dst, &fl, NULL, 0);
460 if (err < 0)
461 return;
462
463 if (inc_opt) {
464 if (dev->addr_len)
465 len += ndisc_opt_addr_space(dev);
466 else
467 inc_opt = 0;
468 }
469
470 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
471 1, &err);
472
473 if (skb == NULL) {
474 ND_PRINTK0(KERN_ERR
475 "ICMPv6 NA: %s() failed to allocate an skb.\n",
476 __FUNCTION__);
477 dst_release(dst);
478 return;
479 }
480
481 skb_reserve(skb, LL_RESERVED_SPACE(dev));
482 ip6_nd_hdr(sk, skb, dev, src_addr, daddr, IPPROTO_ICMPV6, len);
483
484 msg = (struct nd_msg *)skb_put(skb, len);
485 skb->h.raw = (unsigned char*)msg;
486
487 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT;
488 msg->icmph.icmp6_code = 0;
489 msg->icmph.icmp6_cksum = 0;
490
491 msg->icmph.icmp6_unused = 0;
492 msg->icmph.icmp6_router = router;
493 msg->icmph.icmp6_solicited = solicited;
494 msg->icmph.icmp6_override = !!override;
495
496 /* Set the target address. */
497 ipv6_addr_copy(&msg->target, solicited_addr);
498
499 if (inc_opt)
500 ndisc_fill_addr_option(msg->opt, ND_OPT_TARGET_LL_ADDR, dev->dev_addr,
501 dev->addr_len, dev->type);
502
503 /* checksum */
504 msg->icmph.icmp6_cksum = csum_ipv6_magic(src_addr, daddr, len,
505 IPPROTO_ICMPV6,
506 csum_partial((__u8 *) msg,
507 len, 0));
508
509 skb->dst = dst;
510 idev = in6_dev_get(dst->dev);
511 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
512 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
513 if (!err) {
514 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORADVERTISEMENTS);
515 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
516 }
517
518 if (likely(idev != NULL))
519 in6_dev_put(idev);
520 }
521
522 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
523 struct in6_addr *solicit,
524 struct in6_addr *daddr, struct in6_addr *saddr)
525 {
526 struct flowi fl;
527 struct dst_entry* dst;
528 struct inet6_dev *idev;
529 struct sock *sk = ndisc_socket->sk;
530 struct sk_buff *skb;
531 struct nd_msg *msg;
532 struct in6_addr addr_buf;
533 int len;
534 int err;
535 int send_llinfo;
536
537 if (saddr == NULL) {
538 if (ipv6_get_lladdr(dev, &addr_buf))
539 return;
540 saddr = &addr_buf;
541 }
542
543 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_SOLICITATION, saddr, daddr);
544
545 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
546 if (!dst)
547 return;
548
549 err = xfrm_lookup(&dst, &fl, NULL, 0);
550 if (err < 0)
551 return;
552
553 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
554 send_llinfo = dev->addr_len && !ipv6_addr_any(saddr);
555 if (send_llinfo)
556 len += ndisc_opt_addr_space(dev);
557
558 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
559 1, &err);
560 if (skb == NULL) {
561 ND_PRINTK0(KERN_ERR
562 "ICMPv6 NA: %s() failed to allocate an skb.\n",
563 __FUNCTION__);
564 dst_release(dst);
565 return;
566 }
567
568 skb_reserve(skb, LL_RESERVED_SPACE(dev));
569 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
570
571 msg = (struct nd_msg *)skb_put(skb, len);
572 skb->h.raw = (unsigned char*)msg;
573 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_SOLICITATION;
574 msg->icmph.icmp6_code = 0;
575 msg->icmph.icmp6_cksum = 0;
576 msg->icmph.icmp6_unused = 0;
577
578 /* Set the target address. */
579 ipv6_addr_copy(&msg->target, solicit);
580
581 if (send_llinfo)
582 ndisc_fill_addr_option(msg->opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
583 dev->addr_len, dev->type);
584
585 /* checksum */
586 msg->icmph.icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr,
587 daddr, len,
588 IPPROTO_ICMPV6,
589 csum_partial((__u8 *) msg,
590 len, 0));
591 /* send it! */
592 skb->dst = dst;
593 idev = in6_dev_get(dst->dev);
594 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
595 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
596 if (!err) {
597 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORSOLICITS);
598 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
599 }
600
601 if (likely(idev != NULL))
602 in6_dev_put(idev);
603 }
604
605 void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
606 struct in6_addr *daddr)
607 {
608 struct flowi fl;
609 struct dst_entry* dst;
610 struct inet6_dev *idev;
611 struct sock *sk = ndisc_socket->sk;
612 struct sk_buff *skb;
613 struct icmp6hdr *hdr;
614 __u8 * opt;
615 int len;
616 int err;
617
618 ndisc_flow_init(&fl, NDISC_ROUTER_SOLICITATION, saddr, daddr);
619
620 dst = ndisc_dst_alloc(dev, NULL, daddr, ip6_output);
621 if (!dst)
622 return;
623
624 err = xfrm_lookup(&dst, &fl, NULL, 0);
625 if (err < 0)
626 return;
627
628 len = sizeof(struct icmp6hdr);
629 if (dev->addr_len)
630 len += ndisc_opt_addr_space(dev);
631
632 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
633 1, &err);
634 if (skb == NULL) {
635 ND_PRINTK0(KERN_ERR
636 "ICMPv6 RS: %s() failed to allocate an skb.\n",
637 __FUNCTION__);
638 dst_release(dst);
639 return;
640 }
641
642 skb_reserve(skb, LL_RESERVED_SPACE(dev));
643 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
644
645 hdr = (struct icmp6hdr *)skb_put(skb, len);
646 skb->h.raw = (unsigned char*)hdr;
647 hdr->icmp6_type = NDISC_ROUTER_SOLICITATION;
648 hdr->icmp6_code = 0;
649 hdr->icmp6_cksum = 0;
650 hdr->icmp6_unused = 0;
651
652 opt = (u8*) (hdr + 1);
653
654 if (dev->addr_len)
655 ndisc_fill_addr_option(opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
656 dev->addr_len, dev->type);
657
658 /* checksum */
659 hdr->icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr, daddr, len,
660 IPPROTO_ICMPV6,
661 csum_partial((__u8 *) hdr, len, 0));
662
663 /* send it! */
664 skb->dst = dst;
665 idev = in6_dev_get(dst->dev);
666 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
667 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
668 if (!err) {
669 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTROUTERSOLICITS);
670 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
671 }
672
673 if (likely(idev != NULL))
674 in6_dev_put(idev);
675 }
676
677
678 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
679 {
680 /*
681 * "The sender MUST return an ICMP
682 * destination unreachable"
683 */
684 dst_link_failure(skb);
685 kfree_skb(skb);
686 }
687
688 /* Called with locked neigh: either read or both */
689
690 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
691 {
692 struct in6_addr *saddr = NULL;
693 struct in6_addr mcaddr;
694 struct net_device *dev = neigh->dev;
695 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
696 int probes = atomic_read(&neigh->probes);
697
698 if (skb && ipv6_chk_addr(&skb->nh.ipv6h->saddr, dev, 1))
699 saddr = &skb->nh.ipv6h->saddr;
700
701 if ((probes -= neigh->parms->ucast_probes) < 0) {
702 if (!(neigh->nud_state & NUD_VALID)) {
703 ND_PRINTK1(KERN_DEBUG
704 "%s(): trying to ucast probe in NUD_INVALID: "
705 NIP6_FMT "\n",
706 __FUNCTION__,
707 NIP6(*target));
708 }
709 ndisc_send_ns(dev, neigh, target, target, saddr);
710 } else if ((probes -= neigh->parms->app_probes) < 0) {
711 #ifdef CONFIG_ARPD
712 neigh_app_ns(neigh);
713 #endif
714 } else {
715 addrconf_addr_solict_mult(target, &mcaddr);
716 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
717 }
718 }
719
720 static void ndisc_recv_ns(struct sk_buff *skb)
721 {
722 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
723 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
724 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
725 u8 *lladdr = NULL;
726 u32 ndoptlen = skb->tail - msg->opt;
727 struct ndisc_options ndopts;
728 struct net_device *dev = skb->dev;
729 struct inet6_ifaddr *ifp;
730 struct inet6_dev *idev = NULL;
731 struct neighbour *neigh;
732 int dad = ipv6_addr_any(saddr);
733 int inc;
734
735 if (ipv6_addr_is_multicast(&msg->target)) {
736 ND_PRINTK2(KERN_WARNING
737 "ICMPv6 NS: multicast target address");
738 return;
739 }
740
741 /*
742 * RFC2461 7.1.1:
743 * DAD has to be destined for solicited node multicast address.
744 */
745 if (dad &&
746 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
747 daddr->s6_addr32[1] == htonl(0x00000000) &&
748 daddr->s6_addr32[2] == htonl(0x00000001) &&
749 daddr->s6_addr [12] == 0xff )) {
750 ND_PRINTK2(KERN_WARNING
751 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
752 return;
753 }
754
755 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
756 ND_PRINTK2(KERN_WARNING
757 "ICMPv6 NS: invalid ND options\n");
758 return;
759 }
760
761 if (ndopts.nd_opts_src_lladdr) {
762 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
763 if (!lladdr) {
764 ND_PRINTK2(KERN_WARNING
765 "ICMPv6 NS: invalid link-layer address length\n");
766 return;
767 }
768
769 /* RFC2461 7.1.1:
770 * If the IP source address is the unspecified address,
771 * there MUST NOT be source link-layer address option
772 * in the message.
773 */
774 if (dad) {
775 ND_PRINTK2(KERN_WARNING
776 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
777 return;
778 }
779 }
780
781 inc = ipv6_addr_is_multicast(daddr);
782
783 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) {
784 if (ifp->flags & IFA_F_TENTATIVE) {
785 /* Address is tentative. If the source
786 is unspecified address, it is someone
787 does DAD, otherwise we ignore solicitations
788 until DAD timer expires.
789 */
790 if (!dad)
791 goto out;
792 if (dev->type == ARPHRD_IEEE802_TR) {
793 unsigned char *sadr = skb->mac.raw;
794 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
795 sadr[9] == dev->dev_addr[1] &&
796 sadr[10] == dev->dev_addr[2] &&
797 sadr[11] == dev->dev_addr[3] &&
798 sadr[12] == dev->dev_addr[4] &&
799 sadr[13] == dev->dev_addr[5]) {
800 /* looped-back to us */
801 goto out;
802 }
803 }
804 addrconf_dad_failure(ifp);
805 return;
806 }
807
808 idev = ifp->idev;
809 } else {
810 idev = in6_dev_get(dev);
811 if (!idev) {
812 /* XXX: count this drop? */
813 return;
814 }
815
816 if (ipv6_chk_acast_addr(dev, &msg->target) ||
817 (idev->cnf.forwarding &&
818 pneigh_lookup(&nd_tbl, &msg->target, dev, 0))) {
819 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
820 skb->pkt_type != PACKET_HOST &&
821 inc != 0 &&
822 idev->nd_parms->proxy_delay != 0) {
823 /*
824 * for anycast or proxy,
825 * sender should delay its response
826 * by a random time between 0 and
827 * MAX_ANYCAST_DELAY_TIME seconds.
828 * (RFC2461) -- yoshfuji
829 */
830 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
831 if (n)
832 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
833 goto out;
834 }
835 } else
836 goto out;
837 }
838
839 if (dad) {
840 struct in6_addr maddr;
841
842 ipv6_addr_all_nodes(&maddr);
843 ndisc_send_na(dev, NULL, &maddr, &msg->target,
844 idev->cnf.forwarding, 0, (ifp != NULL), 1);
845 goto out;
846 }
847
848 if (inc)
849 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
850 else
851 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
852
853 /*
854 * update / create cache entry
855 * for the source address
856 */
857 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
858 !inc || lladdr || !dev->addr_len);
859 if (neigh)
860 neigh_update(neigh, lladdr, NUD_STALE,
861 NEIGH_UPDATE_F_WEAK_OVERRIDE|
862 NEIGH_UPDATE_F_OVERRIDE);
863 if (neigh || !dev->hard_header) {
864 ndisc_send_na(dev, neigh, saddr, &msg->target,
865 idev->cnf.forwarding,
866 1, (ifp != NULL && inc), inc);
867 if (neigh)
868 neigh_release(neigh);
869 }
870
871 out:
872 if (ifp)
873 in6_ifa_put(ifp);
874 else
875 in6_dev_put(idev);
876
877 return;
878 }
879
880 static void ndisc_recv_na(struct sk_buff *skb)
881 {
882 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
883 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
884 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
885 u8 *lladdr = NULL;
886 u32 ndoptlen = skb->tail - msg->opt;
887 struct ndisc_options ndopts;
888 struct net_device *dev = skb->dev;
889 struct inet6_ifaddr *ifp;
890 struct neighbour *neigh;
891
892 if (skb->len < sizeof(struct nd_msg)) {
893 ND_PRINTK2(KERN_WARNING
894 "ICMPv6 NA: packet too short\n");
895 return;
896 }
897
898 if (ipv6_addr_is_multicast(&msg->target)) {
899 ND_PRINTK2(KERN_WARNING
900 "ICMPv6 NA: target address is multicast.\n");
901 return;
902 }
903
904 if (ipv6_addr_is_multicast(daddr) &&
905 msg->icmph.icmp6_solicited) {
906 ND_PRINTK2(KERN_WARNING
907 "ICMPv6 NA: solicited NA is multicasted.\n");
908 return;
909 }
910
911 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
912 ND_PRINTK2(KERN_WARNING
913 "ICMPv6 NS: invalid ND option\n");
914 return;
915 }
916 if (ndopts.nd_opts_tgt_lladdr) {
917 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
918 if (!lladdr) {
919 ND_PRINTK2(KERN_WARNING
920 "ICMPv6 NA: invalid link-layer address length\n");
921 return;
922 }
923 }
924 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1))) {
925 if (ifp->flags & IFA_F_TENTATIVE) {
926 addrconf_dad_failure(ifp);
927 return;
928 }
929 /* What should we make now? The advertisement
930 is invalid, but ndisc specs say nothing
931 about it. It could be misconfiguration, or
932 an smart proxy agent tries to help us :-)
933 */
934 ND_PRINTK1(KERN_WARNING
935 "ICMPv6 NA: someone advertises our address on %s!\n",
936 ifp->idev->dev->name);
937 in6_ifa_put(ifp);
938 return;
939 }
940 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
941
942 if (neigh) {
943 u8 old_flags = neigh->flags;
944
945 if (neigh->nud_state & NUD_FAILED)
946 goto out;
947
948 neigh_update(neigh, lladdr,
949 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
950 NEIGH_UPDATE_F_WEAK_OVERRIDE|
951 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
952 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
953 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
954
955 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
956 /*
957 * Change: router to host
958 */
959 struct rt6_info *rt;
960 rt = rt6_get_dflt_router(saddr, dev);
961 if (rt)
962 ip6_del_rt(rt, NULL, NULL, NULL);
963 }
964
965 out:
966 neigh_release(neigh);
967 }
968 }
969
970 static void ndisc_recv_rs(struct sk_buff *skb)
971 {
972 struct rs_msg *rs_msg = (struct rs_msg *) skb->h.raw;
973 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
974 struct neighbour *neigh;
975 struct inet6_dev *idev;
976 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
977 struct ndisc_options ndopts;
978 u8 *lladdr = NULL;
979
980 if (skb->len < sizeof(*rs_msg))
981 return;
982
983 idev = in6_dev_get(skb->dev);
984 if (!idev) {
985 if (net_ratelimit())
986 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
987 return;
988 }
989
990 /* Don't accept RS if we're not in router mode */
991 if (!idev->cnf.forwarding)
992 goto out;
993
994 /*
995 * Don't update NCE if src = ::;
996 * this implies that the source node has no ip address assigned yet.
997 */
998 if (ipv6_addr_any(saddr))
999 goto out;
1000
1001 /* Parse ND options */
1002 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1003 if (net_ratelimit())
1004 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1005 goto out;
1006 }
1007
1008 if (ndopts.nd_opts_src_lladdr) {
1009 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1010 skb->dev);
1011 if (!lladdr)
1012 goto out;
1013 }
1014
1015 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1016 if (neigh) {
1017 neigh_update(neigh, lladdr, NUD_STALE,
1018 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1019 NEIGH_UPDATE_F_OVERRIDE|
1020 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1021 neigh_release(neigh);
1022 }
1023 out:
1024 in6_dev_put(idev);
1025 }
1026
1027 static void ndisc_router_discovery(struct sk_buff *skb)
1028 {
1029 struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw;
1030 struct neighbour *neigh = NULL;
1031 struct inet6_dev *in6_dev;
1032 struct rt6_info *rt = NULL;
1033 int lifetime;
1034 struct ndisc_options ndopts;
1035 int optlen;
1036 unsigned int pref = 0;
1037
1038 __u8 * opt = (__u8 *)(ra_msg + 1);
1039
1040 optlen = (skb->tail - skb->h.raw) - sizeof(struct ra_msg);
1041
1042 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1043 ND_PRINTK2(KERN_WARNING
1044 "ICMPv6 RA: source address is not link-local.\n");
1045 return;
1046 }
1047 if (optlen < 0) {
1048 ND_PRINTK2(KERN_WARNING
1049 "ICMPv6 RA: packet too short\n");
1050 return;
1051 }
1052
1053 /*
1054 * set the RA_RECV flag in the interface
1055 */
1056
1057 in6_dev = in6_dev_get(skb->dev);
1058 if (in6_dev == NULL) {
1059 ND_PRINTK0(KERN_ERR
1060 "ICMPv6 RA: can't find inet6 device for %s.\n",
1061 skb->dev->name);
1062 return;
1063 }
1064 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1065 in6_dev_put(in6_dev);
1066 return;
1067 }
1068
1069 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1070 in6_dev_put(in6_dev);
1071 ND_PRINTK2(KERN_WARNING
1072 "ICMP6 RA: invalid ND options\n");
1073 return;
1074 }
1075
1076 if (in6_dev->if_flags & IF_RS_SENT) {
1077 /*
1078 * flag that an RA was received after an RS was sent
1079 * out on this interface.
1080 */
1081 in6_dev->if_flags |= IF_RA_RCVD;
1082 }
1083
1084 /*
1085 * Remember the managed/otherconf flags from most recently
1086 * received RA message (RFC 2462) -- yoshfuji
1087 */
1088 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1089 IF_RA_OTHERCONF)) |
1090 (ra_msg->icmph.icmp6_addrconf_managed ?
1091 IF_RA_MANAGED : 0) |
1092 (ra_msg->icmph.icmp6_addrconf_other ?
1093 IF_RA_OTHERCONF : 0);
1094
1095 if (!in6_dev->cnf.accept_ra_defrtr)
1096 goto skip_defrtr;
1097
1098 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1099
1100 #ifdef CONFIG_IPV6_ROUTER_PREF
1101 pref = ra_msg->icmph.icmp6_router_pref;
1102 /* 10b is handled as if it were 00b (medium) */
1103 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1104 in6_dev->cnf.accept_ra_rtr_pref)
1105 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1106 #endif
1107
1108 rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev);
1109
1110 if (rt)
1111 neigh = rt->rt6i_nexthop;
1112
1113 if (rt && lifetime == 0) {
1114 neigh_clone(neigh);
1115 ip6_del_rt(rt, NULL, NULL, NULL);
1116 rt = NULL;
1117 }
1118
1119 if (rt == NULL && lifetime) {
1120 ND_PRINTK3(KERN_DEBUG
1121 "ICMPv6 RA: adding default router.\n");
1122
1123 rt = rt6_add_dflt_router(&skb->nh.ipv6h->saddr, skb->dev, pref);
1124 if (rt == NULL) {
1125 ND_PRINTK0(KERN_ERR
1126 "ICMPv6 RA: %s() failed to add default route.\n",
1127 __FUNCTION__);
1128 in6_dev_put(in6_dev);
1129 return;
1130 }
1131
1132 neigh = rt->rt6i_nexthop;
1133 if (neigh == NULL) {
1134 ND_PRINTK0(KERN_ERR
1135 "ICMPv6 RA: %s() got default router without neighbour.\n",
1136 __FUNCTION__);
1137 dst_release(&rt->u.dst);
1138 in6_dev_put(in6_dev);
1139 return;
1140 }
1141 neigh->flags |= NTF_ROUTER;
1142 } else if (rt) {
1143 rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1144 }
1145
1146 if (rt)
1147 rt->rt6i_expires = jiffies + (HZ * lifetime);
1148
1149 if (ra_msg->icmph.icmp6_hop_limit) {
1150 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1151 if (rt)
1152 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1153 }
1154
1155 skip_defrtr:
1156
1157 /*
1158 * Update Reachable Time and Retrans Timer
1159 */
1160
1161 if (in6_dev->nd_parms) {
1162 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1163
1164 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1165 rtime = (rtime*HZ)/1000;
1166 if (rtime < HZ/10)
1167 rtime = HZ/10;
1168 in6_dev->nd_parms->retrans_time = rtime;
1169 in6_dev->tstamp = jiffies;
1170 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1171 }
1172
1173 rtime = ntohl(ra_msg->reachable_time);
1174 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1175 rtime = (rtime*HZ)/1000;
1176
1177 if (rtime < HZ/10)
1178 rtime = HZ/10;
1179
1180 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1181 in6_dev->nd_parms->base_reachable_time = rtime;
1182 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1183 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1184 in6_dev->tstamp = jiffies;
1185 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1186 }
1187 }
1188 }
1189
1190 /*
1191 * Process options.
1192 */
1193
1194 if (!neigh)
1195 neigh = __neigh_lookup(&nd_tbl, &skb->nh.ipv6h->saddr,
1196 skb->dev, 1);
1197 if (neigh) {
1198 u8 *lladdr = NULL;
1199 if (ndopts.nd_opts_src_lladdr) {
1200 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1201 skb->dev);
1202 if (!lladdr) {
1203 ND_PRINTK2(KERN_WARNING
1204 "ICMPv6 RA: invalid link-layer address length\n");
1205 goto out;
1206 }
1207 }
1208 neigh_update(neigh, lladdr, NUD_STALE,
1209 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1210 NEIGH_UPDATE_F_OVERRIDE|
1211 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1212 NEIGH_UPDATE_F_ISROUTER);
1213 }
1214
1215 #ifdef CONFIG_IPV6_ROUTE_INFO
1216 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1217 struct nd_opt_hdr *p;
1218 for (p = ndopts.nd_opts_ri;
1219 p;
1220 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1221 if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1222 continue;
1223 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1224 &skb->nh.ipv6h->saddr);
1225 }
1226 }
1227 #endif
1228
1229 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1230 struct nd_opt_hdr *p;
1231 for (p = ndopts.nd_opts_pi;
1232 p;
1233 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1234 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1235 }
1236 }
1237
1238 if (ndopts.nd_opts_mtu) {
1239 u32 mtu;
1240
1241 memcpy(&mtu, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1242 mtu = ntohl(mtu);
1243
1244 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1245 ND_PRINTK2(KERN_WARNING
1246 "ICMPv6 RA: invalid mtu: %d\n",
1247 mtu);
1248 } else if (in6_dev->cnf.mtu6 != mtu) {
1249 in6_dev->cnf.mtu6 = mtu;
1250
1251 if (rt)
1252 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1253
1254 rt6_mtu_change(skb->dev, mtu);
1255 }
1256 }
1257
1258 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1259 ND_PRINTK2(KERN_WARNING
1260 "ICMPv6 RA: invalid RA options");
1261 }
1262 out:
1263 if (rt)
1264 dst_release(&rt->u.dst);
1265 else if (neigh)
1266 neigh_release(neigh);
1267 in6_dev_put(in6_dev);
1268 }
1269
1270 static void ndisc_redirect_rcv(struct sk_buff *skb)
1271 {
1272 struct inet6_dev *in6_dev;
1273 struct icmp6hdr *icmph;
1274 struct in6_addr *dest;
1275 struct in6_addr *target; /* new first hop to destination */
1276 struct neighbour *neigh;
1277 int on_link = 0;
1278 struct ndisc_options ndopts;
1279 int optlen;
1280 u8 *lladdr = NULL;
1281
1282 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1283 ND_PRINTK2(KERN_WARNING
1284 "ICMPv6 Redirect: source address is not link-local.\n");
1285 return;
1286 }
1287
1288 optlen = skb->tail - skb->h.raw;
1289 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1290
1291 if (optlen < 0) {
1292 ND_PRINTK2(KERN_WARNING
1293 "ICMPv6 Redirect: packet too short\n");
1294 return;
1295 }
1296
1297 icmph = (struct icmp6hdr *) skb->h.raw;
1298 target = (struct in6_addr *) (icmph + 1);
1299 dest = target + 1;
1300
1301 if (ipv6_addr_is_multicast(dest)) {
1302 ND_PRINTK2(KERN_WARNING
1303 "ICMPv6 Redirect: destination address is multicast.\n");
1304 return;
1305 }
1306
1307 if (ipv6_addr_equal(dest, target)) {
1308 on_link = 1;
1309 } else if (!(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) {
1310 ND_PRINTK2(KERN_WARNING
1311 "ICMPv6 Redirect: target address is not link-local.\n");
1312 return;
1313 }
1314
1315 in6_dev = in6_dev_get(skb->dev);
1316 if (!in6_dev)
1317 return;
1318 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1319 in6_dev_put(in6_dev);
1320 return;
1321 }
1322
1323 /* RFC2461 8.1:
1324 * The IP source address of the Redirect MUST be the same as the current
1325 * first-hop router for the specified ICMP Destination Address.
1326 */
1327
1328 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1329 ND_PRINTK2(KERN_WARNING
1330 "ICMPv6 Redirect: invalid ND options\n");
1331 in6_dev_put(in6_dev);
1332 return;
1333 }
1334 if (ndopts.nd_opts_tgt_lladdr) {
1335 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1336 skb->dev);
1337 if (!lladdr) {
1338 ND_PRINTK2(KERN_WARNING
1339 "ICMPv6 Redirect: invalid link-layer address length\n");
1340 in6_dev_put(in6_dev);
1341 return;
1342 }
1343 }
1344
1345 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1346 if (neigh) {
1347 rt6_redirect(dest, &skb->nh.ipv6h->saddr, neigh, lladdr,
1348 on_link);
1349 neigh_release(neigh);
1350 }
1351 in6_dev_put(in6_dev);
1352 }
1353
1354 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1355 struct in6_addr *target)
1356 {
1357 struct sock *sk = ndisc_socket->sk;
1358 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1359 struct sk_buff *buff;
1360 struct icmp6hdr *icmph;
1361 struct in6_addr saddr_buf;
1362 struct in6_addr *addrp;
1363 struct net_device *dev;
1364 struct rt6_info *rt;
1365 struct dst_entry *dst;
1366 struct inet6_dev *idev;
1367 struct flowi fl;
1368 u8 *opt;
1369 int rd_len;
1370 int err;
1371 int hlen;
1372 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1373
1374 dev = skb->dev;
1375
1376 if (ipv6_get_lladdr(dev, &saddr_buf)) {
1377 ND_PRINTK2(KERN_WARNING
1378 "ICMPv6 Redirect: no link-local address on %s\n",
1379 dev->name);
1380 return;
1381 }
1382
1383 ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr);
1384
1385 dst = ip6_route_output(NULL, &fl);
1386 if (dst == NULL)
1387 return;
1388
1389 err = xfrm_lookup(&dst, &fl, NULL, 0);
1390 if (err)
1391 return;
1392
1393 rt = (struct rt6_info *) dst;
1394
1395 if (rt->rt6i_flags & RTF_GATEWAY) {
1396 ND_PRINTK2(KERN_WARNING
1397 "ICMPv6 Redirect: destination is not a neighbour.\n");
1398 dst_release(dst);
1399 return;
1400 }
1401 if (!xrlim_allow(dst, 1*HZ)) {
1402 dst_release(dst);
1403 return;
1404 }
1405
1406 if (dev->addr_len) {
1407 read_lock_bh(&neigh->lock);
1408 if (neigh->nud_state & NUD_VALID) {
1409 memcpy(ha_buf, neigh->ha, dev->addr_len);
1410 read_unlock_bh(&neigh->lock);
1411 ha = ha_buf;
1412 len += ndisc_opt_addr_space(dev);
1413 } else
1414 read_unlock_bh(&neigh->lock);
1415 }
1416
1417 rd_len = min_t(unsigned int,
1418 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1419 rd_len &= ~0x7;
1420 len += rd_len;
1421
1422 buff = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
1423 1, &err);
1424 if (buff == NULL) {
1425 ND_PRINTK0(KERN_ERR
1426 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1427 __FUNCTION__);
1428 dst_release(dst);
1429 return;
1430 }
1431
1432 hlen = 0;
1433
1434 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1435 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &skb->nh.ipv6h->saddr,
1436 IPPROTO_ICMPV6, len);
1437
1438 icmph = (struct icmp6hdr *)skb_put(buff, len);
1439 buff->h.raw = (unsigned char*)icmph;
1440
1441 memset(icmph, 0, sizeof(struct icmp6hdr));
1442 icmph->icmp6_type = NDISC_REDIRECT;
1443
1444 /*
1445 * copy target and destination addresses
1446 */
1447
1448 addrp = (struct in6_addr *)(icmph + 1);
1449 ipv6_addr_copy(addrp, target);
1450 addrp++;
1451 ipv6_addr_copy(addrp, &skb->nh.ipv6h->daddr);
1452
1453 opt = (u8*) (addrp + 1);
1454
1455 /*
1456 * include target_address option
1457 */
1458
1459 if (ha)
1460 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1461 dev->addr_len, dev->type);
1462
1463 /*
1464 * build redirect option and copy skb over to the new packet.
1465 */
1466
1467 memset(opt, 0, 8);
1468 *(opt++) = ND_OPT_REDIRECT_HDR;
1469 *(opt++) = (rd_len >> 3);
1470 opt += 6;
1471
1472 memcpy(opt, skb->nh.ipv6h, rd_len - 8);
1473
1474 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &skb->nh.ipv6h->saddr,
1475 len, IPPROTO_ICMPV6,
1476 csum_partial((u8 *) icmph, len, 0));
1477
1478 buff->dst = dst;
1479 idev = in6_dev_get(dst->dev);
1480 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
1481 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, buff, NULL, dst->dev, dst_output);
1482 if (!err) {
1483 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTREDIRECTS);
1484 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1485 }
1486
1487 if (likely(idev != NULL))
1488 in6_dev_put(idev);
1489 }
1490
1491 static void pndisc_redo(struct sk_buff *skb)
1492 {
1493 ndisc_recv_ns(skb);
1494 kfree_skb(skb);
1495 }
1496
1497 int ndisc_rcv(struct sk_buff *skb)
1498 {
1499 struct nd_msg *msg;
1500
1501 if (!pskb_may_pull(skb, skb->len))
1502 return 0;
1503
1504 msg = (struct nd_msg *) skb->h.raw;
1505
1506 __skb_push(skb, skb->data-skb->h.raw);
1507
1508 if (skb->nh.ipv6h->hop_limit != 255) {
1509 ND_PRINTK2(KERN_WARNING
1510 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1511 skb->nh.ipv6h->hop_limit);
1512 return 0;
1513 }
1514
1515 if (msg->icmph.icmp6_code != 0) {
1516 ND_PRINTK2(KERN_WARNING
1517 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1518 msg->icmph.icmp6_code);
1519 return 0;
1520 }
1521
1522 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1523
1524 switch (msg->icmph.icmp6_type) {
1525 case NDISC_NEIGHBOUR_SOLICITATION:
1526 ndisc_recv_ns(skb);
1527 break;
1528
1529 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1530 ndisc_recv_na(skb);
1531 break;
1532
1533 case NDISC_ROUTER_SOLICITATION:
1534 ndisc_recv_rs(skb);
1535 break;
1536
1537 case NDISC_ROUTER_ADVERTISEMENT:
1538 ndisc_router_discovery(skb);
1539 break;
1540
1541 case NDISC_REDIRECT:
1542 ndisc_redirect_rcv(skb);
1543 break;
1544 };
1545
1546 return 0;
1547 }
1548
1549 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1550 {
1551 struct net_device *dev = ptr;
1552
1553 switch (event) {
1554 case NETDEV_CHANGEADDR:
1555 neigh_changeaddr(&nd_tbl, dev);
1556 fib6_run_gc(~0UL);
1557 break;
1558 case NETDEV_DOWN:
1559 neigh_ifdown(&nd_tbl, dev);
1560 fib6_run_gc(~0UL);
1561 break;
1562 default:
1563 break;
1564 }
1565
1566 return NOTIFY_DONE;
1567 }
1568
1569 static struct notifier_block ndisc_netdev_notifier = {
1570 .notifier_call = ndisc_netdev_event,
1571 };
1572
1573 #ifdef CONFIG_SYSCTL
1574 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1575 const char *func, const char *dev_name)
1576 {
1577 static char warncomm[TASK_COMM_LEN];
1578 static int warned;
1579 if (strcmp(warncomm, current->comm) && warned < 5) {
1580 strcpy(warncomm, current->comm);
1581 printk(KERN_WARNING
1582 "process `%s' is using deprecated sysctl (%s) "
1583 "net.ipv6.neigh.%s.%s; "
1584 "Use net.ipv6.neigh.%s.%s_ms "
1585 "instead.\n",
1586 warncomm, func,
1587 dev_name, ctl->procname,
1588 dev_name, ctl->procname);
1589 warned++;
1590 }
1591 }
1592
1593 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1594 {
1595 struct net_device *dev = ctl->extra1;
1596 struct inet6_dev *idev;
1597 int ret;
1598
1599 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1600 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1601 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1602
1603 switch (ctl->ctl_name) {
1604 case NET_NEIGH_RETRANS_TIME:
1605 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1606 break;
1607 case NET_NEIGH_REACHABLE_TIME:
1608 ret = proc_dointvec_jiffies(ctl, write,
1609 filp, buffer, lenp, ppos);
1610 break;
1611 case NET_NEIGH_RETRANS_TIME_MS:
1612 case NET_NEIGH_REACHABLE_TIME_MS:
1613 ret = proc_dointvec_ms_jiffies(ctl, write,
1614 filp, buffer, lenp, ppos);
1615 break;
1616 default:
1617 ret = -1;
1618 }
1619
1620 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1621 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1622 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1623 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1624 idev->tstamp = jiffies;
1625 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1626 in6_dev_put(idev);
1627 }
1628 return ret;
1629 }
1630
1631 static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1632 int nlen, void __user *oldval,
1633 size_t __user *oldlenp,
1634 void __user *newval, size_t newlen,
1635 void **context)
1636 {
1637 struct net_device *dev = ctl->extra1;
1638 struct inet6_dev *idev;
1639 int ret;
1640
1641 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1642 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1643 ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1644
1645 switch (ctl->ctl_name) {
1646 case NET_NEIGH_REACHABLE_TIME:
1647 ret = sysctl_jiffies(ctl, name, nlen,
1648 oldval, oldlenp, newval, newlen,
1649 context);
1650 break;
1651 case NET_NEIGH_RETRANS_TIME_MS:
1652 case NET_NEIGH_REACHABLE_TIME_MS:
1653 ret = sysctl_ms_jiffies(ctl, name, nlen,
1654 oldval, oldlenp, newval, newlen,
1655 context);
1656 break;
1657 default:
1658 ret = 0;
1659 }
1660
1661 if (newval && newlen && ret > 0 &&
1662 dev && (idev = in6_dev_get(dev)) != NULL) {
1663 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1664 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1665 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1666 idev->tstamp = jiffies;
1667 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1668 in6_dev_put(idev);
1669 }
1670
1671 return ret;
1672 }
1673
1674 #endif
1675
1676 int __init ndisc_init(struct net_proto_family *ops)
1677 {
1678 struct ipv6_pinfo *np;
1679 struct sock *sk;
1680 int err;
1681
1682 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket);
1683 if (err < 0) {
1684 ND_PRINTK0(KERN_ERR
1685 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1686 err);
1687 ndisc_socket = NULL; /* For safety. */
1688 return err;
1689 }
1690
1691 sk = ndisc_socket->sk;
1692 np = inet6_sk(sk);
1693 sk->sk_allocation = GFP_ATOMIC;
1694 np->hop_limit = 255;
1695 /* Do not loopback ndisc messages */
1696 np->mc_loop = 0;
1697 sk->sk_prot->unhash(sk);
1698
1699 /*
1700 * Initialize the neighbour table
1701 */
1702
1703 neigh_table_init(&nd_tbl);
1704
1705 #ifdef CONFIG_SYSCTL
1706 neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH,
1707 "ipv6",
1708 &ndisc_ifinfo_sysctl_change,
1709 &ndisc_ifinfo_sysctl_strategy);
1710 #endif
1711
1712 register_netdevice_notifier(&ndisc_netdev_notifier);
1713 return 0;
1714 }
1715
1716 void ndisc_cleanup(void)
1717 {
1718 #ifdef CONFIG_SYSCTL
1719 neigh_sysctl_unregister(&nd_tbl.parms);
1720 #endif
1721 neigh_table_clear(&nd_tbl);
1722 sock_release(ndisc_socket);
1723 ndisc_socket = NULL; /* For safety. */
1724 }
kernel source for telekom puls (alcatel/mediatek)