projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
import PULS_20180308
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
147 {
148 int pad = ndisc_addr_option_pad(skb->dev->type);
149 int data_len = skb->dev->addr_len;
150 int space = ndisc_opt_addr_space(skb->dev);
151 u8 *opt = skb_put(skb, space);
152
153 opt[0] = type;
154 opt[1] = space>>3;
155
156 memset(opt + 2, 0, pad);
157 opt += pad;
158 space -= pad;
159
160 memcpy(opt+2, data, data_len);
161 data_len += 2;
162 opt += data_len;
163 if ((space -= data_len) > 0)
164 memset(opt, 0, space);
165 }
166
167 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
168 struct nd_opt_hdr *end)
169 {
170 int type;
171 if (!cur || !end || cur >= end)
172 return NULL;
173 type = cur->nd_opt_type;
174 do {
175 cur = ((void *)cur) + (cur->nd_opt_len << 3);
176 } while(cur < end && cur->nd_opt_type != type);
177 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
178 }
179
180 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
181 {
182 return opt->nd_opt_type == ND_OPT_RDNSS ||
183 opt->nd_opt_type == ND_OPT_DNSSL;
184 }
185
186 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
187 struct nd_opt_hdr *end)
188 {
189 if (!cur || !end || cur >= end)
190 return NULL;
191 do {
192 cur = ((void *)cur) + (cur->nd_opt_len << 3);
193 } while(cur < end && !ndisc_is_useropt(cur));
194 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
195 }
196
197 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
198 struct ndisc_options *ndopts)
199 {
200 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
201
202 if (!nd_opt || opt_len < 0 || !ndopts)
203 return NULL;
204 memset(ndopts, 0, sizeof(*ndopts));
205 while (opt_len) {
206 int l;
207 if (opt_len < sizeof(struct nd_opt_hdr))
208 return NULL;
209 l = nd_opt->nd_opt_len << 3;
210 if (opt_len < l || l == 0)
211 return NULL;
212 switch (nd_opt->nd_opt_type) {
213 case ND_OPT_SOURCE_LL_ADDR:
214 case ND_OPT_TARGET_LL_ADDR:
215 case ND_OPT_MTU:
216 case ND_OPT_REDIRECT_HDR:
217 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
218 ND_PRINTK(2, warn,
219 "%s: duplicated ND6 option found: type=%d\n",
220 __func__, nd_opt->nd_opt_type);
221 } else {
222 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
223 }
224 break;
225 case ND_OPT_PREFIX_INFO:
226 ndopts->nd_opts_pi_end = nd_opt;
227 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
228 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
229 break;
230 #ifdef CONFIG_IPV6_ROUTE_INFO
231 case ND_OPT_ROUTE_INFO:
232 ndopts->nd_opts_ri_end = nd_opt;
233 if (!ndopts->nd_opts_ri)
234 ndopts->nd_opts_ri = nd_opt;
235 break;
236 #endif
237 default:
238 if (ndisc_is_useropt(nd_opt)) {
239 ndopts->nd_useropts_end = nd_opt;
240 if (!ndopts->nd_useropts)
241 ndopts->nd_useropts = nd_opt;
242 } else {
243 /*
244 * Unknown options must be silently ignored,
245 * to accommodate future extension to the
246 * protocol.
247 */
248 ND_PRINTK(2, notice,
249 "%s: ignored unsupported option; type=%d, len=%d\n",
250 __func__,
251 nd_opt->nd_opt_type,
252 nd_opt->nd_opt_len);
253 }
254 }
255 opt_len -= l;
256 nd_opt = ((void *)nd_opt) + l;
257 }
258 return ndopts;
259 }
260
261 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
262 {
263 switch (dev->type) {
264 case ARPHRD_ETHER:
265 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
266 case ARPHRD_FDDI:
267 ipv6_eth_mc_map(addr, buf);
268 return 0;
269 case ARPHRD_ARCNET:
270 ipv6_arcnet_mc_map(addr, buf);
271 return 0;
272 case ARPHRD_INFINIBAND:
273 ipv6_ib_mc_map(addr, dev->broadcast, buf);
274 return 0;
275 case ARPHRD_IPGRE:
276 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
277 default:
278 if (dir) {
279 memcpy(buf, dev->broadcast, dev->addr_len);
280 return 0;
281 }
282 }
283 return -EINVAL;
284 }
285
286 EXPORT_SYMBOL(ndisc_mc_map);
287
288 static u32 ndisc_hash(const void *pkey,
289 const struct net_device *dev,
290 __u32 *hash_rnd)
291 {
292 return ndisc_hashfn(pkey, dev, hash_rnd);
293 }
294
295 static int ndisc_constructor(struct neighbour *neigh)
296 {
297 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
298 struct net_device *dev = neigh->dev;
299 struct inet6_dev *in6_dev;
300 struct neigh_parms *parms;
301 bool is_multicast = ipv6_addr_is_multicast(addr);
302
303 in6_dev = in6_dev_get(dev);
304 if (in6_dev == NULL) {
305 return -EINVAL;
306 }
307
308 parms = in6_dev->nd_parms;
309 __neigh_parms_put(neigh->parms);
310 neigh->parms = neigh_parms_clone(parms);
311
312 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
313 if (!dev->header_ops) {
314 neigh->nud_state = NUD_NOARP;
315 neigh->ops = &ndisc_direct_ops;
316 neigh->output = neigh_direct_output;
317 } else {
318 if (is_multicast) {
319 neigh->nud_state = NUD_NOARP;
320 ndisc_mc_map(addr, neigh->ha, dev, 1);
321 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
322 neigh->nud_state = NUD_NOARP;
323 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
324 if (dev->flags&IFF_LOOPBACK)
325 neigh->type = RTN_LOCAL;
326 } else if (dev->flags&IFF_POINTOPOINT) {
327 neigh->nud_state = NUD_NOARP;
328 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
329 }
330 if (dev->header_ops->cache)
331 neigh->ops = &ndisc_hh_ops;
332 else
333 neigh->ops = &ndisc_generic_ops;
334 if (neigh->nud_state&NUD_VALID)
335 neigh->output = neigh->ops->connected_output;
336 else
337 neigh->output = neigh->ops->output;
338 }
339 in6_dev_put(in6_dev);
340 return 0;
341 }
342
343 static int pndisc_constructor(struct pneigh_entry *n)
344 {
345 struct in6_addr *addr = (struct in6_addr*)&n->key;
346 struct in6_addr maddr;
347 struct net_device *dev = n->dev;
348
349 if (dev == NULL || __in6_dev_get(dev) == NULL)
350 return -EINVAL;
351 addrconf_addr_solict_mult(addr, &maddr);
352 ipv6_dev_mc_inc(dev, &maddr);
353 return 0;
354 }
355
356 static void pndisc_destructor(struct pneigh_entry *n)
357 {
358 struct in6_addr *addr = (struct in6_addr*)&n->key;
359 struct in6_addr maddr;
360 struct net_device *dev = n->dev;
361
362 if (dev == NULL || __in6_dev_get(dev) == NULL)
363 return;
364 addrconf_addr_solict_mult(addr, &maddr);
365 ipv6_dev_mc_dec(dev, &maddr);
366 }
367
368 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
369 int len)
370 {
371 int hlen = LL_RESERVED_SPACE(dev);
372 int tlen = dev->needed_tailroom;
373 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
374 struct sk_buff *skb;
375
376 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
377 if (!skb) {
378 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
379 __func__);
380 return NULL;
381 }
382
383 skb->protocol = htons(ETH_P_IPV6);
384 skb->dev = dev;
385
386 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
387 skb_reset_transport_header(skb);
388
389 /* Manually assign socket ownership as we avoid calling
390 * sock_alloc_send_pskb() to bypass wmem buffer limits
391 */
392 skb_set_owner_w(skb, sk);
393
394 return skb;
395 }
396
397 static void ip6_nd_hdr(struct sk_buff *skb,
398 const struct in6_addr *saddr,
399 const struct in6_addr *daddr,
400 int hop_limit, int len)
401 {
402 struct ipv6hdr *hdr;
403
404 skb_push(skb, sizeof(*hdr));
405 skb_reset_network_header(skb);
406 hdr = ipv6_hdr(skb);
407
408 ip6_flow_hdr(hdr, 0, 0);
409
410 hdr->payload_len = htons(len);
411 hdr->nexthdr = IPPROTO_ICMPV6;
412 hdr->hop_limit = hop_limit;
413
414 hdr->saddr = *saddr;
415 hdr->daddr = *daddr;
416 }
417
418 static void ndisc_send_skb(struct sk_buff *skb,
419 const struct in6_addr *daddr,
420 const struct in6_addr *saddr)
421 {
422 struct dst_entry *dst = skb_dst(skb);
423 struct net *net = dev_net(skb->dev);
424 struct sock *sk = net->ipv6.ndisc_sk;
425 struct inet6_dev *idev;
426 int err;
427 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
428 u8 type;
429
430 type = icmp6h->icmp6_type;
431
432 if (!dst) {
433 struct sock *sk = net->ipv6.ndisc_sk;
434 struct flowi6 fl6;
435
436 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
437 dst = icmp6_dst_alloc(skb->dev, &fl6);
438 if (IS_ERR(dst)) {
439 kfree_skb(skb);
440 return;
441 }
442
443 skb_dst_set(skb, dst);
444 }
445
446 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
447 IPPROTO_ICMPV6,
448 csum_partial(icmp6h,
449 skb->len, 0));
450
451 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
452
453 rcu_read_lock();
454 idev = __in6_dev_get(dst->dev);
455 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
456
457 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
458 dst_output);
459 if (!err) {
460 ICMP6MSGOUT_INC_STATS(net, idev, type);
461 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
462 }
463
464 rcu_read_unlock();
465 }
466
467 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
468 const struct in6_addr *daddr,
469 const struct in6_addr *solicited_addr,
470 bool router, bool solicited, bool override, bool inc_opt)
471 {
472 struct sk_buff *skb;
473 struct in6_addr tmpaddr;
474 struct inet6_ifaddr *ifp;
475 const struct in6_addr *src_addr;
476 struct nd_msg *msg;
477 int optlen = 0;
478
479 /* for anycast or proxy, solicited_addr != src_addr */
480 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
481 if (ifp) {
482 src_addr = solicited_addr;
483 if (ifp->flags & IFA_F_OPTIMISTIC)
484 override = 0;
485 inc_opt |= ifp->idev->cnf.force_tllao;
486 in6_ifa_put(ifp);
487 } else {
488 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
489 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
490 &tmpaddr))
491 return;
492 src_addr = &tmpaddr;
493 }
494
495 if (!dev->addr_len)
496 inc_opt = 0;
497 if (inc_opt)
498 optlen += ndisc_opt_addr_space(dev);
499
500 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
501 if (!skb)
502 return;
503
504 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
505 *msg = (struct nd_msg) {
506 .icmph = {
507 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
508 .icmp6_router = router,
509 .icmp6_solicited = solicited,
510 .icmp6_override = override,
511 },
512 .target = *solicited_addr,
513 };
514
515 if (inc_opt)
516 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
517 dev->dev_addr);
518
519
520 ndisc_send_skb(skb, daddr, src_addr);
521 }
522
523 static void ndisc_send_unsol_na(struct net_device *dev)
524 {
525 struct inet6_dev *idev;
526 struct inet6_ifaddr *ifa;
527
528 idev = in6_dev_get(dev);
529 if (!idev)
530 return;
531
532 read_lock_bh(&idev->lock);
533 list_for_each_entry(ifa, &idev->addr_list, if_list) {
534 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
535 /*router=*/ !!idev->cnf.forwarding,
536 /*solicited=*/ false, /*override=*/ true,
537 /*inc_opt=*/ true);
538 }
539 read_unlock_bh(&idev->lock);
540
541 in6_dev_put(idev);
542 }
543
544 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
545 const struct in6_addr *solicit,
546 const struct in6_addr *daddr, const struct in6_addr *saddr)
547 {
548 struct sk_buff *skb;
549 struct in6_addr addr_buf;
550 int inc_opt = dev->addr_len;
551 int optlen = 0;
552 struct nd_msg *msg;
553
554 if (saddr == NULL) {
555 if (ipv6_get_lladdr(dev, &addr_buf,
556 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
557 return;
558 saddr = &addr_buf;
559 }
560
561 if (ipv6_addr_any(saddr))
562 inc_opt = 0;
563 if (inc_opt)
564 optlen += ndisc_opt_addr_space(dev);
565
566 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
567 if (!skb)
568 return;
569
570 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
571 *msg = (struct nd_msg) {
572 .icmph = {
573 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
574 },
575 .target = *solicit,
576 };
577
578 if (inc_opt)
579 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
580 dev->dev_addr);
581
582 ndisc_send_skb(skb, daddr, saddr);
583 }
584
585 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
586 const struct in6_addr *daddr)
587 {
588 struct sk_buff *skb;
589 struct rs_msg *msg;
590 int send_sllao = dev->addr_len;
591 int optlen = 0;
592
593 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
594 /*
595 * According to section 2.2 of RFC 4429, we must not
596 * send router solicitations with a sllao from
597 * optimistic addresses, but we may send the solicitation
598 * if we don't include the sllao. So here we check
599 * if our address is optimistic, and if so, we
600 * suppress the inclusion of the sllao.
601 */
602 if (send_sllao) {
603 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
604 dev, 1);
605 if (ifp) {
606 if (ifp->flags & IFA_F_OPTIMISTIC) {
607 send_sllao = 0;
608 }
609 in6_ifa_put(ifp);
610 } else {
611 send_sllao = 0;
612 }
613 }
614 #endif
615 if (send_sllao)
616 optlen += ndisc_opt_addr_space(dev);
617
618 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
619 if (!skb)
620 return;
621
622 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
623 *msg = (struct rs_msg) {
624 .icmph = {
625 .icmp6_type = NDISC_ROUTER_SOLICITATION,
626 },
627 };
628
629 if (send_sllao)
630 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
631 dev->dev_addr);
632
633 ndisc_send_skb(skb, daddr, saddr);
634 }
635
636
637 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
638 {
639 /*
640 * "The sender MUST return an ICMP
641 * destination unreachable"
642 */
643 dst_link_failure(skb);
644 kfree_skb(skb);
645 }
646
647 /* Called with locked neigh: either read or both */
648
649 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
650 {
651 struct in6_addr *saddr = NULL;
652 struct in6_addr mcaddr;
653 struct net_device *dev = neigh->dev;
654 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
655 int probes = atomic_read(&neigh->probes);
656
657 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
658 saddr = &ipv6_hdr(skb)->saddr;
659
660 if ((probes -= neigh->parms->ucast_probes) < 0) {
661 if (!(neigh->nud_state & NUD_VALID)) {
662 ND_PRINTK(1, dbg,
663 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
664 __func__, target);
665 }
666 ndisc_send_ns(dev, neigh, target, target, saddr);
667 } else if ((probes -= neigh->parms->app_probes) < 0) {
668 #ifdef CONFIG_ARPD
669 neigh_app_ns(neigh);
670 #endif
671 } else {
672 addrconf_addr_solict_mult(target, &mcaddr);
673 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
674 }
675 }
676
677 static int pndisc_is_router(const void *pkey,
678 struct net_device *dev)
679 {
680 struct pneigh_entry *n;
681 int ret = -1;
682
683 read_lock_bh(&nd_tbl.lock);
684 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
685 if (n)
686 ret = !!(n->flags & NTF_ROUTER);
687 read_unlock_bh(&nd_tbl.lock);
688
689 return ret;
690 }
691
692 static void ndisc_recv_ns(struct sk_buff *skb)
693 {
694 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
695 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
696 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
697 u8 *lladdr = NULL;
698 u32 ndoptlen = skb->tail - (skb->transport_header +
699 offsetof(struct nd_msg, opt));
700 struct ndisc_options ndopts;
701 struct net_device *dev = skb->dev;
702 struct inet6_ifaddr *ifp;
703 struct inet6_dev *idev = NULL;
704 struct neighbour *neigh;
705 int dad = ipv6_addr_any(saddr);
706 bool inc;
707 int is_router = -1;
708
709 if (skb->len < sizeof(struct nd_msg)) {
710 ND_PRINTK(2, warn, "NS: packet too short\n");
711 return;
712 }
713
714 if (ipv6_addr_is_multicast(&msg->target)) {
715 ND_PRINTK(2, warn, "NS: multicast target address\n");
716 return;
717 }
718
719 /*
720 * RFC2461 7.1.1:
721 * DAD has to be destined for solicited node multicast address.
722 */
723 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
724 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
725 return;
726 }
727
728 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
729 ND_PRINTK(2, warn, "NS: invalid ND options\n");
730 return;
731 }
732
733 if (ndopts.nd_opts_src_lladdr) {
734 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
735 if (!lladdr) {
736 ND_PRINTK(2, warn,
737 "NS: invalid link-layer address length\n");
738 return;
739 }
740
741 /* RFC2461 7.1.1:
742 * If the IP source address is the unspecified address,
743 * there MUST NOT be source link-layer address option
744 * in the message.
745 */
746 if (dad) {
747 ND_PRINTK(2, warn,
748 "NS: bad DAD packet (link-layer address option)\n");
749 return;
750 }
751 }
752
753 inc = ipv6_addr_is_multicast(daddr);
754
755 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
756 if (ifp) {
757
758 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
759 if (dad) {
760 /*
761 * We are colliding with another node
762 * who is doing DAD
763 * so fail our DAD process
764 */
765 addrconf_dad_failure(ifp);
766 return;
767 } else {
768 /*
769 * This is not a dad solicitation.
770 * If we are an optimistic node,
771 * we should respond.
772 * Otherwise, we should ignore it.
773 */
774 if (!(ifp->flags & IFA_F_OPTIMISTIC))
775 goto out;
776 }
777 }
778
779 idev = ifp->idev;
780 } else {
781 struct net *net = dev_net(dev);
782
783 idev = in6_dev_get(dev);
784 if (!idev) {
785 /* XXX: count this drop? */
786 return;
787 }
788
789 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
790 (idev->cnf.forwarding &&
791 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
792 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
793 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
794 skb->pkt_type != PACKET_HOST &&
795 inc != 0 &&
796 idev->nd_parms->proxy_delay != 0) {
797 /*
798 * for anycast or proxy,
799 * sender should delay its response
800 * by a random time between 0 and
801 * MAX_ANYCAST_DELAY_TIME seconds.
802 * (RFC2461) -- yoshfuji
803 */
804 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
805 if (n)
806 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
807 goto out;
808 }
809 } else
810 goto out;
811 }
812
813 if (is_router < 0)
814 is_router = idev->cnf.forwarding;
815
816 if (dad) {
817 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
818 !!is_router, false, (ifp != NULL), true);
819 goto out;
820 }
821
822 if (inc)
823 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
824 else
825 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
826
827 /*
828 * update / create cache entry
829 * for the source address
830 */
831 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
832 !inc || lladdr || !dev->addr_len);
833 if (neigh)
834 neigh_update(neigh, lladdr, NUD_STALE,
835 NEIGH_UPDATE_F_WEAK_OVERRIDE|
836 NEIGH_UPDATE_F_OVERRIDE);
837 if (neigh || !dev->header_ops) {
838 ndisc_send_na(dev, neigh, saddr, &msg->target,
839 !!is_router,
840 true, (ifp != NULL && inc), inc);
841 if (neigh)
842 neigh_release(neigh);
843 }
844
845 out:
846 if (ifp)
847 in6_ifa_put(ifp);
848 else
849 in6_dev_put(idev);
850 }
851
852 static void ndisc_recv_na(struct sk_buff *skb)
853 {
854 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
855 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
856 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
857 u8 *lladdr = NULL;
858 u32 ndoptlen = skb->tail - (skb->transport_header +
859 offsetof(struct nd_msg, opt));
860 struct ndisc_options ndopts;
861 struct net_device *dev = skb->dev;
862 struct inet6_ifaddr *ifp;
863 struct neighbour *neigh;
864
865 if (skb->len < sizeof(struct nd_msg)) {
866 ND_PRINTK(2, warn, "NA: packet too short\n");
867 return;
868 }
869
870 if (ipv6_addr_is_multicast(&msg->target)) {
871 ND_PRINTK(2, warn, "NA: target address is multicast\n");
872 return;
873 }
874
875 if (ipv6_addr_is_multicast(daddr) &&
876 msg->icmph.icmp6_solicited) {
877 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
878 return;
879 }
880
881 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
882 ND_PRINTK(2, warn, "NS: invalid ND option\n");
883 return;
884 }
885 if (ndopts.nd_opts_tgt_lladdr) {
886 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
887 if (!lladdr) {
888 ND_PRINTK(2, warn,
889 "NA: invalid link-layer address length\n");
890 return;
891 }
892 }
893 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
894 if (ifp) {
895 if (skb->pkt_type != PACKET_LOOPBACK
896 && (ifp->flags & IFA_F_TENTATIVE)) {
897 addrconf_dad_failure(ifp);
898 return;
899 }
900 /* What should we make now? The advertisement
901 is invalid, but ndisc specs say nothing
902 about it. It could be misconfiguration, or
903 an smart proxy agent tries to help us :-)
904
905 We should not print the error if NA has been
906 received from loopback - it is just our own
907 unsolicited advertisement.
908 */
909 if (skb->pkt_type != PACKET_LOOPBACK)
910 ND_PRINTK(1, warn,
911 "NA: someone advertises our address %pI6 on %s!\n",
912 &ifp->addr, ifp->idev->dev->name);
913 in6_ifa_put(ifp);
914 return;
915 }
916 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
917
918 if (neigh) {
919 u8 old_flags = neigh->flags;
920 struct net *net = dev_net(dev);
921
922 if (neigh->nud_state & NUD_FAILED)
923 goto out;
924
925 /*
926 * Don't update the neighbor cache entry on a proxy NA from
927 * ourselves because either the proxied node is off link or it
928 * has already sent a NA to us.
929 */
930 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
931 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
932 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
933 /* XXX: idev->cnf.proxy_ndp */
934 goto out;
935 }
936
937 neigh_update(neigh, lladdr,
938 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
939 NEIGH_UPDATE_F_WEAK_OVERRIDE|
940 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
941 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
942 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
943
944 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
945 /*
946 * Change: router to host
947 */
948 struct rt6_info *rt;
949 rt = rt6_get_dflt_router(saddr, dev);
950 if (rt)
951 ip6_del_rt(rt);
952 }
953
954 out:
955 neigh_release(neigh);
956 }
957 }
958
959 static void ndisc_recv_rs(struct sk_buff *skb)
960 {
961 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
962 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
963 struct neighbour *neigh;
964 struct inet6_dev *idev;
965 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
966 struct ndisc_options ndopts;
967 u8 *lladdr = NULL;
968
969 if (skb->len < sizeof(*rs_msg))
970 return;
971
972 idev = __in6_dev_get(skb->dev);
973 if (!idev) {
974 ND_PRINTK(1, err, "RS: can't find in6 device\n");
975 return;
976 }
977
978 /* Don't accept RS if we're not in router mode */
979 if (!idev->cnf.forwarding)
980 goto out;
981
982 /*
983 * Don't update NCE if src = ::;
984 * this implies that the source node has no ip address assigned yet.
985 */
986 if (ipv6_addr_any(saddr))
987 goto out;
988
989 /* Parse ND options */
990 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
991 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
992 goto out;
993 }
994
995 if (ndopts.nd_opts_src_lladdr) {
996 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
997 skb->dev);
998 if (!lladdr)
999 goto out;
1000 }
1001
1002 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1003 if (neigh) {
1004 neigh_update(neigh, lladdr, NUD_STALE,
1005 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1006 NEIGH_UPDATE_F_OVERRIDE|
1007 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1008 neigh_release(neigh);
1009 }
1010 out:
1011 return;
1012 }
1013
1014 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1015 {
1016 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1017 struct sk_buff *skb;
1018 struct nlmsghdr *nlh;
1019 struct nduseroptmsg *ndmsg;
1020 struct net *net = dev_net(ra->dev);
1021 int err;
1022 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1023 + (opt->nd_opt_len << 3));
1024 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1025
1026 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1027 if (skb == NULL) {
1028 err = -ENOBUFS;
1029 goto errout;
1030 }
1031
1032 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1033 if (nlh == NULL) {
1034 goto nla_put_failure;
1035 }
1036
1037 ndmsg = nlmsg_data(nlh);
1038 ndmsg->nduseropt_family = AF_INET6;
1039 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1040 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1041 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1042 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1043
1044 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1045
1046 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1047 &ipv6_hdr(ra)->saddr))
1048 goto nla_put_failure;
1049 nlmsg_end(skb, nlh);
1050
1051 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1052 return;
1053
1054 nla_put_failure:
1055 nlmsg_free(skb);
1056 err = -EMSGSIZE;
1057 errout:
1058 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1059 }
1060
1061 static void ndisc_router_discovery(struct sk_buff *skb)
1062 {
1063 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1064 struct neighbour *neigh = NULL;
1065 struct inet6_dev *in6_dev;
1066 struct rt6_info *rt = NULL;
1067 int lifetime;
1068 struct ndisc_options ndopts;
1069 int optlen;
1070 unsigned int pref = 0;
1071
1072 __u8 * opt = (__u8 *)(ra_msg + 1);
1073
1074 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1075
1076 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1077 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1078 return;
1079 }
1080 if (optlen < 0) {
1081 ND_PRINTK(2, warn, "RA: packet too short\n");
1082 return;
1083 }
1084
1085 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1086 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1087 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1088 return;
1089 }
1090 #endif
1091
1092 /*
1093 * set the RA_RECV flag in the interface
1094 */
1095
1096 in6_dev = __in6_dev_get(skb->dev);
1097 if (in6_dev == NULL) {
1098 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1099 skb->dev->name);
1100 return;
1101 }
1102
1103 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1104 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1105 return;
1106 }
1107
1108 if (!ipv6_accept_ra(in6_dev))
1109 goto skip_linkparms;
1110
1111 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1112 /* skip link-specific parameters from interior routers */
1113 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1114 goto skip_linkparms;
1115 #endif
1116
1117 if (in6_dev->if_flags & IF_RS_SENT) {
1118 /*
1119 * flag that an RA was received after an RS was sent
1120 * out on this interface.
1121 */
1122 in6_dev->if_flags |= IF_RA_RCVD;
1123 }
1124
1125 /*
1126 * Remember the managed/otherconf flags from most recently
1127 * received RA message (RFC 2462) -- yoshfuji
1128 */
1129 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1130 IF_RA_OTHERCONF)) |
1131 (ra_msg->icmph.icmp6_addrconf_managed ?
1132 IF_RA_MANAGED : 0) |
1133 (ra_msg->icmph.icmp6_addrconf_other ?
1134 IF_RA_OTHERCONF : 0);
1135
1136 if (!in6_dev->cnf.accept_ra_defrtr)
1137 goto skip_defrtr;
1138
1139 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1140 goto skip_defrtr;
1141
1142 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1143
1144 #ifdef CONFIG_IPV6_ROUTER_PREF
1145 pref = ra_msg->icmph.icmp6_router_pref;
1146 /* 10b is handled as if it were 00b (medium) */
1147 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1148 !in6_dev->cnf.accept_ra_rtr_pref)
1149 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1150 #endif
1151
1152 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1153
1154 if (rt) {
1155 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1156 if (!neigh) {
1157 ND_PRINTK(0, err,
1158 "RA: %s got default router without neighbour\n",
1159 __func__);
1160 ip6_rt_put(rt);
1161 return;
1162 }
1163 }
1164 if (rt && lifetime == 0) {
1165 ip6_del_rt(rt);
1166 rt = NULL;
1167 }
1168
1169 if (rt == NULL && lifetime) {
1170 ND_PRINTK(3, dbg, "RA: adding default router\n");
1171
1172 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1173 if (rt == NULL) {
1174 ND_PRINTK(0, err,
1175 "RA: %s failed to add default route\n",
1176 __func__);
1177 return;
1178 }
1179
1180 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1181 if (neigh == NULL) {
1182 ND_PRINTK(0, err,
1183 "RA: %s got default router without neighbour\n",
1184 __func__);
1185 ip6_rt_put(rt);
1186 return;
1187 }
1188 neigh->flags |= NTF_ROUTER;
1189 } else if (rt) {
1190 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1191 }
1192
1193 if (rt)
1194 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1195 if (ra_msg->icmph.icmp6_hop_limit) {
1196 /* Only set hop_limit on the interface if it is higher than
1197 * the current hop_limit.
1198 */
1199 if (in6_dev->cnf.hop_limit < ra_msg->icmph.icmp6_hop_limit)
1200 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1201 else
1202 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than current\n");
1203 if (rt)
1204 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1205 ra_msg->icmph.icmp6_hop_limit);
1206 }
1207
1208 skip_defrtr:
1209
1210 /*
1211 * Update Reachable Time and Retrans Timer
1212 */
1213
1214 if (in6_dev->nd_parms) {
1215 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1216
1217 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1218 rtime = (rtime*HZ)/1000;
1219 if (rtime < HZ/10)
1220 rtime = HZ/10;
1221 in6_dev->nd_parms->retrans_time = rtime;
1222 in6_dev->tstamp = jiffies;
1223 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1224 }
1225
1226 rtime = ntohl(ra_msg->reachable_time);
1227 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1228 rtime = (rtime*HZ)/1000;
1229
1230 if (rtime < HZ/10)
1231 rtime = HZ/10;
1232
1233 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1234 in6_dev->nd_parms->base_reachable_time = rtime;
1235 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1236 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1237 in6_dev->tstamp = jiffies;
1238 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1239 }
1240 }
1241 }
1242
1243 skip_linkparms:
1244
1245 /*
1246 * Process options.
1247 */
1248
1249 if (!neigh)
1250 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1251 skb->dev, 1);
1252 if (neigh) {
1253 u8 *lladdr = NULL;
1254 if (ndopts.nd_opts_src_lladdr) {
1255 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1256 skb->dev);
1257 if (!lladdr) {
1258 ND_PRINTK(2, warn,
1259 "RA: invalid link-layer address length\n");
1260 goto out;
1261 }
1262 }
1263 neigh_update(neigh, lladdr, NUD_STALE,
1264 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1265 NEIGH_UPDATE_F_OVERRIDE|
1266 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1267 NEIGH_UPDATE_F_ISROUTER);
1268 }
1269
1270 if (!ipv6_accept_ra(in6_dev))
1271 goto out;
1272
1273 #ifdef CONFIG_IPV6_ROUTE_INFO
1274 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1275 goto skip_routeinfo;
1276
1277 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1278 struct nd_opt_hdr *p;
1279 for (p = ndopts.nd_opts_ri;
1280 p;
1281 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1282 struct route_info *ri = (struct route_info *)p;
1283 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1284 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1285 ri->prefix_len == 0)
1286 continue;
1287 #endif
1288 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1289 continue;
1290 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1291 &ipv6_hdr(skb)->saddr);
1292 }
1293 }
1294
1295 skip_routeinfo:
1296 #endif
1297
1298 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1299 /* skip link-specific ndopts from interior routers */
1300 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1301 goto out;
1302 #endif
1303
1304 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1305 struct nd_opt_hdr *p;
1306 for (p = ndopts.nd_opts_pi;
1307 p;
1308 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1309 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1310 (p->nd_opt_len) << 3,
1311 ndopts.nd_opts_src_lladdr != NULL);
1312 }
1313 }
1314
1315 if (ndopts.nd_opts_mtu) {
1316 __be32 n;
1317 u32 mtu;
1318
1319 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1320 mtu = ntohl(n);
1321
1322 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1323 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1324 } else if (in6_dev->cnf.mtu6 != mtu) {
1325 in6_dev->cnf.mtu6 = mtu;
1326
1327 if (rt)
1328 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1329
1330 rt6_mtu_change(skb->dev, mtu);
1331 }
1332 }
1333
1334 #ifdef CONFIG_MTK_DHCPV6C_WIFI
1335 if (in6_dev->if_flags & IF_RA_OTHERCONF){
1336 printk(KERN_INFO "[mtk_net][ipv6]receive RA with o bit!\n");
1337 in6_dev->cnf.ra_info_flag = 1;
1338 }
1339 if(in6_dev->if_flags & IF_RA_MANAGED){
1340 printk(KERN_INFO "[mtk_net][ipv6]receive RA with m bit!\n");
1341 in6_dev->cnf.ra_info_flag = 2;
1342 }
1343 if(in6_dev->cnf.ra_info_flag == 0){
1344 printk(KERN_INFO "[mtk_net][ipv6]receive RA neither O nor M bit is set!\n");
1345 in6_dev->cnf.ra_info_flag = 4;
1346 }
1347 #endif
1348
1349 if (ndopts.nd_useropts) {
1350 struct nd_opt_hdr *p;
1351 for (p = ndopts.nd_useropts;
1352 p;
1353 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1354 ndisc_ra_useropt(skb, p);
1355 #ifdef CONFIG_MTK_DHCPV6C_WIFI
1356 /* only clear ra_info_flag when O bit is set */
1357 if (p->nd_opt_type == ND_OPT_RDNSS &&
1358 in6_dev->if_flags & IF_RA_OTHERCONF) {
1359 printk(KERN_INFO "[mtk_net][ipv6]RDNSS, ignore RA with o bit!\n");
1360 in6_dev->cnf.ra_info_flag = 0;
1361 }
1362 #endif
1363 }
1364 }
1365
1366 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1367 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1368 }
1369 out:
1370 ip6_rt_put(rt);
1371 if (neigh)
1372 neigh_release(neigh);
1373 }
1374
1375 static void ndisc_redirect_rcv(struct sk_buff *skb)
1376 {
1377 u8 *hdr;
1378 struct ndisc_options ndopts;
1379 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1380 u32 ndoptlen = skb->tail - (skb->transport_header +
1381 offsetof(struct rd_msg, opt));
1382
1383 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1384 switch (skb->ndisc_nodetype) {
1385 case NDISC_NODETYPE_HOST:
1386 case NDISC_NODETYPE_NODEFAULT:
1387 ND_PRINTK(2, warn,
1388 "Redirect: from host or unauthorized router\n");
1389 return;
1390 }
1391 #endif
1392
1393 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1394 ND_PRINTK(2, warn,
1395 "Redirect: source address is not link-local\n");
1396 return;
1397 }
1398
1399 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1400 return;
1401
1402 if (!ndopts.nd_opts_rh)
1403 return;
1404
1405 hdr = (u8 *)ndopts.nd_opts_rh;
1406 hdr += 8;
1407 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1408 return;
1409
1410 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1411 }
1412
1413 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1414 struct sk_buff *orig_skb,
1415 int rd_len)
1416 {
1417 u8 *opt = skb_put(skb, rd_len);
1418
1419 memset(opt, 0, 8);
1420 *(opt++) = ND_OPT_REDIRECT_HDR;
1421 *(opt++) = (rd_len >> 3);
1422 opt += 6;
1423
1424 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1425 }
1426
1427 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1428 {
1429 struct net_device *dev = skb->dev;
1430 struct net *net = dev_net(dev);
1431 struct sock *sk = net->ipv6.ndisc_sk;
1432 int optlen = 0;
1433 struct inet_peer *peer;
1434 struct sk_buff *buff;
1435 struct rd_msg *msg;
1436 struct in6_addr saddr_buf;
1437 struct rt6_info *rt;
1438 struct dst_entry *dst;
1439 struct flowi6 fl6;
1440 int rd_len;
1441 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1442 bool ret;
1443
1444 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1445 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1446 dev->name);
1447 return;
1448 }
1449
1450 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1451 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1452 ND_PRINTK(2, warn,
1453 "Redirect: target address is not link-local unicast\n");
1454 return;
1455 }
1456
1457 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1458 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1459
1460 dst = ip6_route_output(net, NULL, &fl6);
1461 if (dst->error) {
1462 dst_release(dst);
1463 return;
1464 }
1465 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1466 if (IS_ERR(dst))
1467 return;
1468
1469 rt = (struct rt6_info *) dst;
1470
1471 if (rt->rt6i_flags & RTF_GATEWAY) {
1472 ND_PRINTK(2, warn,
1473 "Redirect: destination is not a neighbour\n");
1474 goto release;
1475 }
1476 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1477 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1478 if (peer)
1479 inet_putpeer(peer);
1480 if (!ret)
1481 goto release;
1482
1483 if (dev->addr_len) {
1484 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1485 if (!neigh) {
1486 ND_PRINTK(2, warn,
1487 "Redirect: no neigh for target address\n");
1488 goto release;
1489 }
1490
1491 read_lock_bh(&neigh->lock);
1492 if (neigh->nud_state & NUD_VALID) {
1493 memcpy(ha_buf, neigh->ha, dev->addr_len);
1494 read_unlock_bh(&neigh->lock);
1495 ha = ha_buf;
1496 optlen += ndisc_opt_addr_space(dev);
1497 } else
1498 read_unlock_bh(&neigh->lock);
1499
1500 neigh_release(neigh);
1501 }
1502
1503 rd_len = min_t(unsigned int,
1504 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1505 skb->len + 8);
1506 rd_len &= ~0x7;
1507 optlen += rd_len;
1508
1509 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1510 if (!buff)
1511 goto release;
1512
1513 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1514 *msg = (struct rd_msg) {
1515 .icmph = {
1516 .icmp6_type = NDISC_REDIRECT,
1517 },
1518 .target = *target,
1519 .dest = ipv6_hdr(skb)->daddr,
1520 };
1521
1522 /*
1523 * include target_address option
1524 */
1525
1526 if (ha)
1527 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1528
1529 /*
1530 * build redirect option and copy skb over to the new packet.
1531 */
1532
1533 if (rd_len)
1534 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1535
1536 skb_dst_set(buff, dst);
1537 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1538 return;
1539
1540 release:
1541 dst_release(dst);
1542 }
1543
1544 static void pndisc_redo(struct sk_buff *skb)
1545 {
1546 ndisc_recv_ns(skb);
1547 kfree_skb(skb);
1548 }
1549
1550 int ndisc_rcv(struct sk_buff *skb)
1551 {
1552 struct nd_msg *msg;
1553
1554 if (skb_linearize(skb))
1555 return 0;
1556
1557 msg = (struct nd_msg *)skb_transport_header(skb);
1558
1559 __skb_push(skb, skb->data - skb_transport_header(skb));
1560
1561 if (ipv6_hdr(skb)->hop_limit != 255) {
1562 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1563 ipv6_hdr(skb)->hop_limit);
1564 return 0;
1565 }
1566
1567 if (msg->icmph.icmp6_code != 0) {
1568 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1569 msg->icmph.icmp6_code);
1570 return 0;
1571 }
1572
1573 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1574
1575 switch (msg->icmph.icmp6_type) {
1576 case NDISC_NEIGHBOUR_SOLICITATION:
1577 ndisc_recv_ns(skb);
1578 break;
1579
1580 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1581 ndisc_recv_na(skb);
1582 break;
1583
1584 case NDISC_ROUTER_SOLICITATION:
1585 ndisc_recv_rs(skb);
1586 break;
1587
1588 case NDISC_ROUTER_ADVERTISEMENT:
1589 ndisc_router_discovery(skb);
1590 break;
1591
1592 case NDISC_REDIRECT:
1593 ndisc_redirect_rcv(skb);
1594 break;
1595 }
1596
1597 return 0;
1598 }
1599
1600 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1601 {
1602 struct net_device *dev = ptr;
1603 struct net *net = dev_net(dev);
1604 struct inet6_dev *idev;
1605
1606 switch (event) {
1607 case NETDEV_CHANGEADDR:
1608 neigh_changeaddr(&nd_tbl, dev);
1609 fib6_run_gc(~0UL, net);
1610 idev = in6_dev_get(dev);
1611 if (!idev)
1612 break;
1613 if (idev->cnf.ndisc_notify)
1614 ndisc_send_unsol_na(dev);
1615 in6_dev_put(idev);
1616 break;
1617 case NETDEV_DOWN:
1618 neigh_ifdown(&nd_tbl, dev);
1619 fib6_run_gc(~0UL, net);
1620 break;
1621 case NETDEV_NOTIFY_PEERS:
1622 ndisc_send_unsol_na(dev);
1623 break;
1624 default:
1625 break;
1626 }
1627
1628 return NOTIFY_DONE;
1629 }
1630
1631 static struct notifier_block ndisc_netdev_notifier = {
1632 .notifier_call = ndisc_netdev_event,
1633 };
1634
1635 #ifdef CONFIG_SYSCTL
1636 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1637 const char *func, const char *dev_name)
1638 {
1639 static char warncomm[TASK_COMM_LEN];
1640 static int warned;
1641 if (strcmp(warncomm, current->comm) && warned < 5) {
1642 strcpy(warncomm, current->comm);
1643 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1644 warncomm, func,
1645 dev_name, ctl->procname,
1646 dev_name, ctl->procname);
1647 warned++;
1648 }
1649 }
1650
1651 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1652 {
1653 struct net_device *dev = ctl->extra1;
1654 struct inet6_dev *idev;
1655 int ret;
1656
1657 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1658 (strcmp(ctl->procname, "base_reachable_time") == 0))
1659 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1660
1661 if (strcmp(ctl->procname, "retrans_time") == 0)
1662 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1663
1664 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1665 ret = proc_dointvec_jiffies(ctl, write,
1666 buffer, lenp, ppos);
1667
1668 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1669 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1670 ret = proc_dointvec_ms_jiffies(ctl, write,
1671 buffer, lenp, ppos);
1672 else
1673 ret = -1;
1674
1675 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1676 if (ctl->data == &idev->nd_parms->base_reachable_time)
1677 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1678 idev->tstamp = jiffies;
1679 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1680 in6_dev_put(idev);
1681 }
1682 return ret;
1683 }
1684
1685
1686 #endif
1687
1688 static int __net_init ndisc_net_init(struct net *net)
1689 {
1690 struct ipv6_pinfo *np;
1691 struct sock *sk;
1692 int err;
1693
1694 err = inet_ctl_sock_create(&sk, PF_INET6,
1695 SOCK_RAW, IPPROTO_ICMPV6, net);
1696 if (err < 0) {
1697 ND_PRINTK(0, err,
1698 "NDISC: Failed to initialize the control socket (err %d)\n",
1699 err);
1700 return err;
1701 }
1702
1703 net->ipv6.ndisc_sk = sk;
1704
1705 np = inet6_sk(sk);
1706 np->hop_limit = 255;
1707 /* Do not loopback ndisc messages */
1708 np->mc_loop = 0;
1709
1710 return 0;
1711 }
1712
1713 static void __net_exit ndisc_net_exit(struct net *net)
1714 {
1715 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1716 }
1717
1718 static struct pernet_operations ndisc_net_ops = {
1719 .init = ndisc_net_init,
1720 .exit = ndisc_net_exit,
1721 };
1722
1723 int __init ndisc_init(void)
1724 {
1725 int err;
1726
1727 err = register_pernet_subsys(&ndisc_net_ops);
1728 if (err)
1729 return err;
1730 /*
1731 * Initialize the neighbour table
1732 */
1733 neigh_table_init(&nd_tbl);
1734
1735 #ifdef CONFIG_SYSCTL
1736 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1737 &ndisc_ifinfo_sysctl_change);
1738 if (err)
1739 goto out_unregister_pernet;
1740 #endif
1741 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1742 if (err)
1743 goto out_unregister_sysctl;
1744 out:
1745 return err;
1746
1747 out_unregister_sysctl:
1748 #ifdef CONFIG_SYSCTL
1749 neigh_sysctl_unregister(&nd_tbl.parms);
1750 out_unregister_pernet:
1751 #endif
1752 unregister_pernet_subsys(&ndisc_net_ops);
1753 goto out;
1754 }
1755
1756 void ndisc_cleanup(void)
1757 {
1758 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1759 #ifdef CONFIG_SYSCTL
1760 neigh_sysctl_unregister(&nd_tbl.parms);
1761 #endif
1762 neigh_table_clear(&nd_tbl);
1763 unregister_pernet_subsys(&ndisc_net_ops);
1764 }
kernel source for telekom puls (alcatel/mediatek)