2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
29 /* Set to 3 to get tracing... */
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
40 #define ND_PRINTK1 ND_PRINTK
44 #define ND_PRINTK2 ND_PRINTK
48 #define ND_PRINTK3 ND_PRINTK
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #include <linux/slab.h>
64 #include <linux/sysctl.h>
67 #include <linux/if_addr.h>
68 #include <linux/if_arp.h>
69 #include <linux/ipv6.h>
70 #include <linux/icmpv6.h>
71 #include <linux/jhash.h>
77 #include <net/protocol.h>
78 #include <net/ndisc.h>
79 #include <net/ip6_route.h>
80 #include <net/addrconf.h>
83 #include <net/netlink.h>
84 #include <linux/rtnetlink.h>
87 #include <net/ip6_checksum.h>
88 #include <net/inet_common.h>
89 #include <linux/proc_fs.h>
91 #include <linux/netfilter.h>
92 #include <linux/netfilter_ipv6.h>
94 static u32
ndisc_hash(const void *pkey
,
95 const struct net_device
*dev
,
97 static int ndisc_constructor(struct neighbour
*neigh
);
98 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
99 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
100 static int pndisc_constructor(struct pneigh_entry
*n
);
101 static void pndisc_destructor(struct pneigh_entry
*n
);
102 static void pndisc_redo(struct sk_buff
*skb
);
104 static const struct neigh_ops ndisc_generic_ops
= {
106 .solicit
= ndisc_solicit
,
107 .error_report
= ndisc_error_report
,
108 .output
= neigh_resolve_output
,
109 .connected_output
= neigh_connected_output
,
112 static const struct neigh_ops ndisc_hh_ops
= {
114 .solicit
= ndisc_solicit
,
115 .error_report
= ndisc_error_report
,
116 .output
= neigh_resolve_output
,
117 .connected_output
= neigh_resolve_output
,
121 static const struct neigh_ops ndisc_direct_ops
= {
123 .output
= neigh_direct_output
,
124 .connected_output
= neigh_direct_output
,
127 struct neigh_table nd_tbl
= {
129 .key_len
= sizeof(struct in6_addr
),
131 .constructor
= ndisc_constructor
,
132 .pconstructor
= pndisc_constructor
,
133 .pdestructor
= pndisc_destructor
,
134 .proxy_redo
= pndisc_redo
,
138 .base_reachable_time
= ND_REACHABLE_TIME
,
139 .retrans_time
= ND_RETRANS_TIMER
,
140 .gc_staletime
= 60 * HZ
,
141 .reachable_time
= ND_REACHABLE_TIME
,
142 .delay_probe_time
= 5 * HZ
,
143 .queue_len_bytes
= 64*1024,
146 .anycast_delay
= 1 * HZ
,
147 .proxy_delay
= (8 * HZ
) / 10,
150 .gc_interval
= 30 * HZ
,
157 struct ndisc_options
{
158 struct nd_opt_hdr
*nd_opt_array
[__ND_OPT_ARRAY_MAX
];
159 #ifdef CONFIG_IPV6_ROUTE_INFO
160 struct nd_opt_hdr
*nd_opts_ri
;
161 struct nd_opt_hdr
*nd_opts_ri_end
;
163 struct nd_opt_hdr
*nd_useropts
;
164 struct nd_opt_hdr
*nd_useropts_end
;
167 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
168 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
169 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
170 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
171 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
172 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
174 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
177 * Return the padding between the option length and the start of the
178 * link addr. Currently only IP-over-InfiniBand needs this, although
179 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
180 * also need a pad of 2.
182 static int ndisc_addr_option_pad(unsigned short type
)
185 case ARPHRD_INFINIBAND
: return 2;
190 static inline int ndisc_opt_addr_space(struct net_device
*dev
)
192 return NDISC_OPT_SPACE(dev
->addr_len
+ ndisc_addr_option_pad(dev
->type
));
195 static u8
*ndisc_fill_addr_option(u8
*opt
, int type
, void *data
, int data_len
,
196 unsigned short addr_type
)
198 int space
= NDISC_OPT_SPACE(data_len
);
199 int pad
= ndisc_addr_option_pad(addr_type
);
204 memset(opt
+ 2, 0, pad
);
208 memcpy(opt
+2, data
, data_len
);
211 if ((space
-= data_len
) > 0)
212 memset(opt
, 0, space
);
216 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
217 struct nd_opt_hdr
*end
)
220 if (!cur
|| !end
|| cur
>= end
)
222 type
= cur
->nd_opt_type
;
224 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
225 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
226 return cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
;
229 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
231 return opt
->nd_opt_type
== ND_OPT_RDNSS
;
234 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
235 struct nd_opt_hdr
*end
)
237 if (!cur
|| !end
|| cur
>= end
)
240 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
241 } while(cur
< end
&& !ndisc_is_useropt(cur
));
242 return cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
;
245 static struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
246 struct ndisc_options
*ndopts
)
248 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
250 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
252 memset(ndopts
, 0, sizeof(*ndopts
));
255 if (opt_len
< sizeof(struct nd_opt_hdr
))
257 l
= nd_opt
->nd_opt_len
<< 3;
258 if (opt_len
< l
|| l
== 0)
260 switch (nd_opt
->nd_opt_type
) {
261 case ND_OPT_SOURCE_LL_ADDR
:
262 case ND_OPT_TARGET_LL_ADDR
:
264 case ND_OPT_REDIRECT_HDR
:
265 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
266 ND_PRINTK2(KERN_WARNING
267 "%s(): duplicated ND6 option found: type=%d\n",
269 nd_opt
->nd_opt_type
);
271 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
274 case ND_OPT_PREFIX_INFO
:
275 ndopts
->nd_opts_pi_end
= nd_opt
;
276 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
277 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
279 #ifdef CONFIG_IPV6_ROUTE_INFO
280 case ND_OPT_ROUTE_INFO
:
281 ndopts
->nd_opts_ri_end
= nd_opt
;
282 if (!ndopts
->nd_opts_ri
)
283 ndopts
->nd_opts_ri
= nd_opt
;
287 if (ndisc_is_useropt(nd_opt
)) {
288 ndopts
->nd_useropts_end
= nd_opt
;
289 if (!ndopts
->nd_useropts
)
290 ndopts
->nd_useropts
= nd_opt
;
293 * Unknown options must be silently ignored,
294 * to accommodate future extension to the
297 ND_PRINTK2(KERN_NOTICE
298 "%s(): ignored unsupported option; type=%d, len=%d\n",
300 nd_opt
->nd_opt_type
, nd_opt
->nd_opt_len
);
304 nd_opt
= ((void *)nd_opt
) + l
;
309 static inline u8
*ndisc_opt_addr_data(struct nd_opt_hdr
*p
,
310 struct net_device
*dev
)
312 u8
*lladdr
= (u8
*)(p
+ 1);
313 int lladdrlen
= p
->nd_opt_len
<< 3;
314 int prepad
= ndisc_addr_option_pad(dev
->type
);
315 if (lladdrlen
!= NDISC_OPT_SPACE(dev
->addr_len
+ prepad
))
317 return lladdr
+ prepad
;
320 int ndisc_mc_map(const struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
324 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
326 ipv6_eth_mc_map(addr
, buf
);
328 case ARPHRD_IEEE802_TR
:
329 ipv6_tr_mc_map(addr
,buf
);
332 ipv6_arcnet_mc_map(addr
, buf
);
334 case ARPHRD_INFINIBAND
:
335 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
338 return ipv6_ipgre_mc_map(addr
, dev
->broadcast
, buf
);
341 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
348 EXPORT_SYMBOL(ndisc_mc_map
);
350 static u32
ndisc_hash(const void *pkey
,
351 const struct net_device
*dev
,
354 const u32
*p32
= pkey
;
358 for (i
= 0; i
< (sizeof(struct in6_addr
) / sizeof(u32
)); i
++)
361 return jhash_2words(addr_hash
, dev
->ifindex
, hash_rnd
);
364 static int ndisc_constructor(struct neighbour
*neigh
)
366 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
367 struct net_device
*dev
= neigh
->dev
;
368 struct inet6_dev
*in6_dev
;
369 struct neigh_parms
*parms
;
370 int is_multicast
= ipv6_addr_is_multicast(addr
);
372 in6_dev
= in6_dev_get(dev
);
373 if (in6_dev
== NULL
) {
377 parms
= in6_dev
->nd_parms
;
378 __neigh_parms_put(neigh
->parms
);
379 neigh
->parms
= neigh_parms_clone(parms
);
381 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
382 if (!dev
->header_ops
) {
383 neigh
->nud_state
= NUD_NOARP
;
384 neigh
->ops
= &ndisc_direct_ops
;
385 neigh
->output
= neigh_direct_output
;
388 neigh
->nud_state
= NUD_NOARP
;
389 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
390 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
391 neigh
->nud_state
= NUD_NOARP
;
392 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
393 if (dev
->flags
&IFF_LOOPBACK
)
394 neigh
->type
= RTN_LOCAL
;
395 } else if (dev
->flags
&IFF_POINTOPOINT
) {
396 neigh
->nud_state
= NUD_NOARP
;
397 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
399 if (dev
->header_ops
->cache
)
400 neigh
->ops
= &ndisc_hh_ops
;
402 neigh
->ops
= &ndisc_generic_ops
;
403 if (neigh
->nud_state
&NUD_VALID
)
404 neigh
->output
= neigh
->ops
->connected_output
;
406 neigh
->output
= neigh
->ops
->output
;
408 in6_dev_put(in6_dev
);
412 static int pndisc_constructor(struct pneigh_entry
*n
)
414 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
415 struct in6_addr maddr
;
416 struct net_device
*dev
= n
->dev
;
418 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
420 addrconf_addr_solict_mult(addr
, &maddr
);
421 ipv6_dev_mc_inc(dev
, &maddr
);
425 static void pndisc_destructor(struct pneigh_entry
*n
)
427 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
428 struct in6_addr maddr
;
429 struct net_device
*dev
= n
->dev
;
431 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
433 addrconf_addr_solict_mult(addr
, &maddr
);
434 ipv6_dev_mc_dec(dev
, &maddr
);
437 struct sk_buff
*ndisc_build_skb(struct net_device
*dev
,
438 const struct in6_addr
*daddr
,
439 const struct in6_addr
*saddr
,
440 struct icmp6hdr
*icmp6h
,
441 const struct in6_addr
*target
,
444 struct net
*net
= dev_net(dev
);
445 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
447 struct icmp6hdr
*hdr
;
448 int hlen
= LL_RESERVED_SPACE(dev
);
449 int tlen
= dev
->needed_tailroom
;
457 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
459 len
+= ndisc_opt_addr_space(dev
);
461 skb
= sock_alloc_send_skb(sk
,
462 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
467 "ICMPv6 ND: %s() failed to allocate an skb, err=%d.\n",
472 skb_reserve(skb
, hlen
);
473 ip6_nd_hdr(sk
, skb
, dev
, saddr
, daddr
, IPPROTO_ICMPV6
, len
);
475 skb
->transport_header
= skb
->tail
;
478 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
479 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
481 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
483 *(struct in6_addr
*)opt
= *target
;
484 opt
+= sizeof(*target
);
488 ndisc_fill_addr_option(opt
, llinfo
, dev
->dev_addr
,
489 dev
->addr_len
, dev
->type
);
491 hdr
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, len
,
499 EXPORT_SYMBOL(ndisc_build_skb
);
501 void ndisc_send_skb(struct sk_buff
*skb
,
502 struct net_device
*dev
,
503 struct neighbour
*neigh
,
504 const struct in6_addr
*daddr
,
505 const struct in6_addr
*saddr
,
506 struct icmp6hdr
*icmp6h
)
509 struct dst_entry
*dst
;
510 struct net
*net
= dev_net(dev
);
511 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
512 struct inet6_dev
*idev
;
516 type
= icmp6h
->icmp6_type
;
518 icmpv6_flow_init(sk
, &fl6
, type
, saddr
, daddr
, dev
->ifindex
);
520 dst
= icmp6_dst_alloc(dev
, neigh
, daddr
);
526 dst
= xfrm_lookup(net
, dst
, flowi6_to_flowi(&fl6
), NULL
, 0);
532 skb_dst_set(skb
, dst
);
535 idev
= __in6_dev_get(dst
->dev
);
536 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
538 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
541 ICMP6MSGOUT_INC_STATS(net
, idev
, type
);
542 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
548 EXPORT_SYMBOL(ndisc_send_skb
);
551 * Send a Neighbour Discover packet
553 static void __ndisc_send(struct net_device
*dev
,
554 struct neighbour
*neigh
,
555 const struct in6_addr
*daddr
,
556 const struct in6_addr
*saddr
,
557 struct icmp6hdr
*icmp6h
, const struct in6_addr
*target
,
562 skb
= ndisc_build_skb(dev
, daddr
, saddr
, icmp6h
, target
, llinfo
);
566 ndisc_send_skb(skb
, dev
, neigh
, daddr
, saddr
, icmp6h
);
569 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
570 const struct in6_addr
*daddr
,
571 const struct in6_addr
*solicited_addr
,
572 int router
, int solicited
, int override
, int inc_opt
)
574 struct in6_addr tmpaddr
;
575 struct inet6_ifaddr
*ifp
;
576 const struct in6_addr
*src_addr
;
577 struct icmp6hdr icmp6h
= {
578 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
581 /* for anycast or proxy, solicited_addr != src_addr */
582 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
584 src_addr
= solicited_addr
;
585 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
587 inc_opt
|= ifp
->idev
->cnf
.force_tllao
;
590 if (ipv6_dev_get_saddr(dev_net(dev
), dev
, daddr
,
591 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
597 icmp6h
.icmp6_router
= router
;
598 icmp6h
.icmp6_solicited
= solicited
;
599 icmp6h
.icmp6_override
= override
;
601 __ndisc_send(dev
, neigh
, daddr
, src_addr
,
602 &icmp6h
, solicited_addr
,
603 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
606 static void ndisc_send_unsol_na(struct net_device
*dev
)
608 struct inet6_dev
*idev
;
609 struct inet6_ifaddr
*ifa
;
610 struct in6_addr mcaddr
;
612 idev
= in6_dev_get(dev
);
616 read_lock_bh(&idev
->lock
);
617 list_for_each_entry(ifa
, &idev
->addr_list
, if_list
) {
618 addrconf_addr_solict_mult(&ifa
->addr
, &mcaddr
);
619 ndisc_send_na(dev
, NULL
, &mcaddr
, &ifa
->addr
,
620 /*router=*/ !!idev
->cnf
.forwarding
,
621 /*solicited=*/ false, /*override=*/ true,
624 read_unlock_bh(&idev
->lock
);
629 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
630 const struct in6_addr
*solicit
,
631 const struct in6_addr
*daddr
, const struct in6_addr
*saddr
)
633 struct in6_addr addr_buf
;
634 struct icmp6hdr icmp6h
= {
635 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
639 if (ipv6_get_lladdr(dev
, &addr_buf
,
640 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
645 __ndisc_send(dev
, neigh
, daddr
, saddr
,
647 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
650 void ndisc_send_rs(struct net_device
*dev
, const struct in6_addr
*saddr
,
651 const struct in6_addr
*daddr
)
653 struct icmp6hdr icmp6h
= {
654 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
656 int send_sllao
= dev
->addr_len
;
658 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
660 * According to section 2.2 of RFC 4429, we must not
661 * send router solicitations with a sllao from
662 * optimistic addresses, but we may send the solicitation
663 * if we don't include the sllao. So here we check
664 * if our address is optimistic, and if so, we
665 * suppress the inclusion of the sllao.
668 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
671 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
680 __ndisc_send(dev
, NULL
, daddr
, saddr
,
682 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
686 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
689 * "The sender MUST return an ICMP
690 * destination unreachable"
692 dst_link_failure(skb
);
696 /* Called with locked neigh: either read or both */
698 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
700 struct in6_addr
*saddr
= NULL
;
701 struct in6_addr mcaddr
;
702 struct net_device
*dev
= neigh
->dev
;
703 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
704 int probes
= atomic_read(&neigh
->probes
);
706 if (skb
&& ipv6_chk_addr(dev_net(dev
), &ipv6_hdr(skb
)->saddr
, dev
, 1))
707 saddr
= &ipv6_hdr(skb
)->saddr
;
709 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
710 if (!(neigh
->nud_state
& NUD_VALID
)) {
711 ND_PRINTK1(KERN_DEBUG
"%s(): trying to ucast probe in NUD_INVALID: %pI6\n",
714 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
715 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
720 addrconf_addr_solict_mult(target
, &mcaddr
);
721 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
725 static int pndisc_is_router(const void *pkey
,
726 struct net_device
*dev
)
728 struct pneigh_entry
*n
;
731 read_lock_bh(&nd_tbl
.lock
);
732 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
734 ret
= !!(n
->flags
& NTF_ROUTER
);
735 read_unlock_bh(&nd_tbl
.lock
);
740 static void ndisc_recv_ns(struct sk_buff
*skb
)
742 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
743 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
744 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
746 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
747 offsetof(struct nd_msg
, opt
));
748 struct ndisc_options ndopts
;
749 struct net_device
*dev
= skb
->dev
;
750 struct inet6_ifaddr
*ifp
;
751 struct inet6_dev
*idev
= NULL
;
752 struct neighbour
*neigh
;
753 int dad
= ipv6_addr_any(saddr
);
757 if (ipv6_addr_is_multicast(&msg
->target
)) {
758 ND_PRINTK2(KERN_WARNING
759 "ICMPv6 NS: multicast target address");
765 * DAD has to be destined for solicited node multicast address.
768 !(daddr
->s6_addr32
[0] == htonl(0xff020000) &&
769 daddr
->s6_addr32
[1] == htonl(0x00000000) &&
770 daddr
->s6_addr32
[2] == htonl(0x00000001) &&
771 daddr
->s6_addr
[12] == 0xff )) {
772 ND_PRINTK2(KERN_WARNING
773 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
777 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
778 ND_PRINTK2(KERN_WARNING
779 "ICMPv6 NS: invalid ND options\n");
783 if (ndopts
.nd_opts_src_lladdr
) {
784 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
786 ND_PRINTK2(KERN_WARNING
787 "ICMPv6 NS: invalid link-layer address length\n");
792 * If the IP source address is the unspecified address,
793 * there MUST NOT be source link-layer address option
797 ND_PRINTK2(KERN_WARNING
798 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
803 inc
= ipv6_addr_is_multicast(daddr
);
805 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
808 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
810 if (dev
->type
== ARPHRD_IEEE802_TR
) {
811 const unsigned char *sadr
;
812 sadr
= skb_mac_header(skb
);
813 if (((sadr
[8] ^ dev
->dev_addr
[0]) & 0x7f) == 0 &&
814 sadr
[9] == dev
->dev_addr
[1] &&
815 sadr
[10] == dev
->dev_addr
[2] &&
816 sadr
[11] == dev
->dev_addr
[3] &&
817 sadr
[12] == dev
->dev_addr
[4] &&
818 sadr
[13] == dev
->dev_addr
[5]) {
819 /* looped-back to us */
825 * We are colliding with another node
827 * so fail our DAD process
829 addrconf_dad_failure(ifp
);
833 * This is not a dad solicitation.
834 * If we are an optimistic node,
836 * Otherwise, we should ignore it.
838 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
845 struct net
*net
= dev_net(dev
);
847 idev
= in6_dev_get(dev
);
849 /* XXX: count this drop? */
853 if (ipv6_chk_acast_addr(net
, dev
, &msg
->target
) ||
854 (idev
->cnf
.forwarding
&&
855 (net
->ipv6
.devconf_all
->proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
856 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
857 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
858 skb
->pkt_type
!= PACKET_HOST
&&
860 idev
->nd_parms
->proxy_delay
!= 0) {
862 * for anycast or proxy,
863 * sender should delay its response
864 * by a random time between 0 and
865 * MAX_ANYCAST_DELAY_TIME seconds.
866 * (RFC2461) -- yoshfuji
868 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
870 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
878 is_router
= !!idev
->cnf
.forwarding
;
881 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &msg
->target
,
882 is_router
, 0, (ifp
!= NULL
), 1);
887 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
889 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
892 * update / create cache entry
893 * for the source address
895 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
896 !inc
|| lladdr
|| !dev
->addr_len
);
898 neigh_update(neigh
, lladdr
, NUD_STALE
,
899 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
900 NEIGH_UPDATE_F_OVERRIDE
);
901 if (neigh
|| !dev
->header_ops
) {
902 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
904 1, (ifp
!= NULL
&& inc
), inc
);
906 neigh_release(neigh
);
916 static void ndisc_recv_na(struct sk_buff
*skb
)
918 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
919 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
920 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
922 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
923 offsetof(struct nd_msg
, opt
));
924 struct ndisc_options ndopts
;
925 struct net_device
*dev
= skb
->dev
;
926 struct inet6_ifaddr
*ifp
;
927 struct neighbour
*neigh
;
929 if (skb
->len
< sizeof(struct nd_msg
)) {
930 ND_PRINTK2(KERN_WARNING
931 "ICMPv6 NA: packet too short\n");
935 if (ipv6_addr_is_multicast(&msg
->target
)) {
936 ND_PRINTK2(KERN_WARNING
937 "ICMPv6 NA: target address is multicast.\n");
941 if (ipv6_addr_is_multicast(daddr
) &&
942 msg
->icmph
.icmp6_solicited
) {
943 ND_PRINTK2(KERN_WARNING
944 "ICMPv6 NA: solicited NA is multicasted.\n");
948 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
949 ND_PRINTK2(KERN_WARNING
950 "ICMPv6 NS: invalid ND option\n");
953 if (ndopts
.nd_opts_tgt_lladdr
) {
954 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
956 ND_PRINTK2(KERN_WARNING
957 "ICMPv6 NA: invalid link-layer address length\n");
961 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
963 if (skb
->pkt_type
!= PACKET_LOOPBACK
964 && (ifp
->flags
& IFA_F_TENTATIVE
)) {
965 addrconf_dad_failure(ifp
);
968 /* What should we make now? The advertisement
969 is invalid, but ndisc specs say nothing
970 about it. It could be misconfiguration, or
971 an smart proxy agent tries to help us :-)
973 We should not print the error if NA has been
974 received from loopback - it is just our own
975 unsolicited advertisement.
977 if (skb
->pkt_type
!= PACKET_LOOPBACK
)
978 ND_PRINTK1(KERN_WARNING
979 "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
980 &ifp
->addr
, ifp
->idev
->dev
->name
);
984 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
987 u8 old_flags
= neigh
->flags
;
988 struct net
*net
= dev_net(dev
);
990 if (neigh
->nud_state
& NUD_FAILED
)
994 * Don't update the neighbor cache entry on a proxy NA from
995 * ourselves because either the proxied node is off link or it
996 * has already sent a NA to us.
998 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
999 net
->ipv6
.devconf_all
->forwarding
&& net
->ipv6
.devconf_all
->proxy_ndp
&&
1000 pneigh_lookup(&nd_tbl
, net
, &msg
->target
, dev
, 0)) {
1001 /* XXX: idev->cnf.prixy_ndp */
1005 neigh_update(neigh
, lladdr
,
1006 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
1007 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1008 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
1009 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1010 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
1012 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
1014 * Change: router to host
1016 struct rt6_info
*rt
;
1017 rt
= rt6_get_dflt_router(saddr
, dev
);
1023 neigh_release(neigh
);
1027 static void ndisc_recv_rs(struct sk_buff
*skb
)
1029 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
1030 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
1031 struct neighbour
*neigh
;
1032 struct inet6_dev
*idev
;
1033 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
1034 struct ndisc_options ndopts
;
1037 if (skb
->len
< sizeof(*rs_msg
))
1040 idev
= __in6_dev_get(skb
->dev
);
1042 if (net_ratelimit())
1043 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1047 /* Don't accept RS if we're not in router mode */
1048 if (!idev
->cnf
.forwarding
)
1052 * Don't update NCE if src = ::;
1053 * this implies that the source node has no ip address assigned yet.
1055 if (ipv6_addr_any(saddr
))
1058 /* Parse ND options */
1059 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
1060 if (net_ratelimit())
1061 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1065 if (ndopts
.nd_opts_src_lladdr
) {
1066 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1072 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
1074 neigh_update(neigh
, lladdr
, NUD_STALE
,
1075 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1076 NEIGH_UPDATE_F_OVERRIDE
|
1077 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
1078 neigh_release(neigh
);
1084 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
1086 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
1087 struct sk_buff
*skb
;
1088 struct nlmsghdr
*nlh
;
1089 struct nduseroptmsg
*ndmsg
;
1090 struct net
*net
= dev_net(ra
->dev
);
1092 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
1093 + (opt
->nd_opt_len
<< 3));
1094 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
1096 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
1102 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
1104 goto nla_put_failure
;
1107 ndmsg
= nlmsg_data(nlh
);
1108 ndmsg
->nduseropt_family
= AF_INET6
;
1109 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1110 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1111 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1112 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1114 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1116 NLA_PUT(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1117 &ipv6_hdr(ra
)->saddr
);
1118 nlmsg_end(skb
, nlh
);
1120 rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
, GFP_ATOMIC
);
1127 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1130 static inline int accept_ra(struct inet6_dev
*in6_dev
)
1133 * If forwarding is enabled, RA are not accepted unless the special
1134 * hybrid mode (accept_ra=2) is enabled.
1136 if (in6_dev
->cnf
.forwarding
&& in6_dev
->cnf
.accept_ra
< 2)
1139 return in6_dev
->cnf
.accept_ra
;
1142 static void ndisc_router_discovery(struct sk_buff
*skb
)
1144 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1145 struct neighbour
*neigh
= NULL
;
1146 struct inet6_dev
*in6_dev
;
1147 struct rt6_info
*rt
= NULL
;
1149 struct ndisc_options ndopts
;
1151 unsigned int pref
= 0;
1153 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1155 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1157 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1158 ND_PRINTK2(KERN_WARNING
1159 "ICMPv6 RA: source address is not link-local.\n");
1163 ND_PRINTK2(KERN_WARNING
1164 "ICMPv6 RA: packet too short\n");
1168 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1169 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1170 ND_PRINTK2(KERN_WARNING
1171 "ICMPv6 RA: from host or unauthorized router\n");
1177 * set the RA_RECV flag in the interface
1180 in6_dev
= __in6_dev_get(skb
->dev
);
1181 if (in6_dev
== NULL
) {
1183 "ICMPv6 RA: can't find inet6 device for %s.\n",
1188 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1189 ND_PRINTK2(KERN_WARNING
1190 "ICMP6 RA: invalid ND options\n");
1194 if (!accept_ra(in6_dev
))
1195 goto skip_linkparms
;
1197 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1198 /* skip link-specific parameters from interior routers */
1199 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1200 goto skip_linkparms
;
1203 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1205 * flag that an RA was received after an RS was sent
1206 * out on this interface.
1208 in6_dev
->if_flags
|= IF_RA_RCVD
;
1212 * Remember the managed/otherconf flags from most recently
1213 * received RA message (RFC 2462) -- yoshfuji
1215 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1217 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1218 IF_RA_MANAGED
: 0) |
1219 (ra_msg
->icmph
.icmp6_addrconf_other
?
1220 IF_RA_OTHERCONF
: 0);
1222 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1225 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1228 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1230 #ifdef CONFIG_IPV6_ROUTER_PREF
1231 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1232 /* 10b is handled as if it were 00b (medium) */
1233 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1234 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1235 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1238 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1241 neigh
= dst_get_neighbour_noref(&rt
->dst
);
1243 if (rt
&& lifetime
== 0) {
1249 if (rt
== NULL
&& lifetime
) {
1250 ND_PRINTK3(KERN_DEBUG
1251 "ICMPv6 RA: adding default router.\n");
1253 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1256 "ICMPv6 RA: %s() failed to add default route.\n",
1261 neigh
= dst_get_neighbour_noref(&rt
->dst
);
1262 if (neigh
== NULL
) {
1264 "ICMPv6 RA: %s() got default router without neighbour.\n",
1266 dst_release(&rt
->dst
);
1269 neigh
->flags
|= NTF_ROUTER
;
1271 rt
->rt6i_flags
= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1275 rt
->rt6i_expires
= jiffies
+ (HZ
* lifetime
);
1277 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1278 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1280 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
,
1281 ra_msg
->icmph
.icmp6_hop_limit
);
1287 * Update Reachable Time and Retrans Timer
1290 if (in6_dev
->nd_parms
) {
1291 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1293 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1294 rtime
= (rtime
*HZ
)/1000;
1297 in6_dev
->nd_parms
->retrans_time
= rtime
;
1298 in6_dev
->tstamp
= jiffies
;
1299 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1302 rtime
= ntohl(ra_msg
->reachable_time
);
1303 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1304 rtime
= (rtime
*HZ
)/1000;
1309 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1310 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1311 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1312 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1313 in6_dev
->tstamp
= jiffies
;
1314 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1326 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1330 if (ndopts
.nd_opts_src_lladdr
) {
1331 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1334 ND_PRINTK2(KERN_WARNING
1335 "ICMPv6 RA: invalid link-layer address length\n");
1339 neigh_update(neigh
, lladdr
, NUD_STALE
,
1340 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1341 NEIGH_UPDATE_F_OVERRIDE
|
1342 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1343 NEIGH_UPDATE_F_ISROUTER
);
1346 if (!accept_ra(in6_dev
))
1349 #ifdef CONFIG_IPV6_ROUTE_INFO
1350 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1351 goto skip_routeinfo
;
1353 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1354 struct nd_opt_hdr
*p
;
1355 for (p
= ndopts
.nd_opts_ri
;
1357 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1358 struct route_info
*ri
= (struct route_info
*)p
;
1359 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1360 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1361 ri
->prefix_len
== 0)
1364 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1366 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1367 &ipv6_hdr(skb
)->saddr
);
1374 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1375 /* skip link-specific ndopts from interior routers */
1376 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1380 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1381 struct nd_opt_hdr
*p
;
1382 for (p
= ndopts
.nd_opts_pi
;
1384 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1385 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3);
1389 if (ndopts
.nd_opts_mtu
) {
1393 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1396 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1397 ND_PRINTK2(KERN_WARNING
1398 "ICMPv6 RA: invalid mtu: %d\n",
1400 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1401 in6_dev
->cnf
.mtu6
= mtu
;
1404 dst_metric_set(&rt
->dst
, RTAX_MTU
, mtu
);
1406 rt6_mtu_change(skb
->dev
, mtu
);
1410 if (ndopts
.nd_useropts
) {
1411 struct nd_opt_hdr
*p
;
1412 for (p
= ndopts
.nd_useropts
;
1414 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1415 ndisc_ra_useropt(skb
, p
);
1419 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1420 ND_PRINTK2(KERN_WARNING
1421 "ICMPv6 RA: invalid RA options");
1425 dst_release(&rt
->dst
);
1427 neigh_release(neigh
);
1430 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1432 struct inet6_dev
*in6_dev
;
1433 struct icmp6hdr
*icmph
;
1434 const struct in6_addr
*dest
;
1435 const struct in6_addr
*target
; /* new first hop to destination */
1436 struct neighbour
*neigh
;
1438 struct ndisc_options ndopts
;
1442 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1443 switch (skb
->ndisc_nodetype
) {
1444 case NDISC_NODETYPE_HOST
:
1445 case NDISC_NODETYPE_NODEFAULT
:
1446 ND_PRINTK2(KERN_WARNING
1447 "ICMPv6 Redirect: from host or unauthorized router\n");
1452 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1453 ND_PRINTK2(KERN_WARNING
1454 "ICMPv6 Redirect: source address is not link-local.\n");
1458 optlen
= skb
->tail
- skb
->transport_header
;
1459 optlen
-= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1462 ND_PRINTK2(KERN_WARNING
1463 "ICMPv6 Redirect: packet too short\n");
1467 icmph
= icmp6_hdr(skb
);
1468 target
= (const struct in6_addr
*) (icmph
+ 1);
1471 if (ipv6_addr_is_multicast(dest
)) {
1472 ND_PRINTK2(KERN_WARNING
1473 "ICMPv6 Redirect: destination address is multicast.\n");
1477 if (ipv6_addr_equal(dest
, target
)) {
1479 } else if (ipv6_addr_type(target
) !=
1480 (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1481 ND_PRINTK2(KERN_WARNING
1482 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1486 in6_dev
= __in6_dev_get(skb
->dev
);
1489 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_redirects
)
1493 * The IP source address of the Redirect MUST be the same as the current
1494 * first-hop router for the specified ICMP Destination Address.
1497 if (!ndisc_parse_options((u8
*)(dest
+ 1), optlen
, &ndopts
)) {
1498 ND_PRINTK2(KERN_WARNING
1499 "ICMPv6 Redirect: invalid ND options\n");
1502 if (ndopts
.nd_opts_tgt_lladdr
) {
1503 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
,
1506 ND_PRINTK2(KERN_WARNING
1507 "ICMPv6 Redirect: invalid link-layer address length\n");
1512 neigh
= __neigh_lookup(&nd_tbl
, target
, skb
->dev
, 1);
1514 rt6_redirect(dest
, &ipv6_hdr(skb
)->daddr
,
1515 &ipv6_hdr(skb
)->saddr
, neigh
, lladdr
,
1517 neigh_release(neigh
);
1521 void ndisc_send_redirect(struct sk_buff
*skb
, struct neighbour
*neigh
,
1522 const struct in6_addr
*target
)
1524 struct net_device
*dev
= skb
->dev
;
1525 struct net
*net
= dev_net(dev
);
1526 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1527 int len
= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1528 struct sk_buff
*buff
;
1529 struct icmp6hdr
*icmph
;
1530 struct in6_addr saddr_buf
;
1531 struct in6_addr
*addrp
;
1532 struct rt6_info
*rt
;
1533 struct dst_entry
*dst
;
1534 struct inet6_dev
*idev
;
1540 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1542 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1543 ND_PRINTK2(KERN_WARNING
1544 "ICMPv6 Redirect: no link-local address on %s\n",
1549 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1550 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1551 ND_PRINTK2(KERN_WARNING
1552 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1556 icmpv6_flow_init(sk
, &fl6
, NDISC_REDIRECT
,
1557 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1559 dst
= ip6_route_output(net
, NULL
, &fl6
);
1563 dst
= xfrm_lookup(net
, dst
, flowi6_to_flowi(&fl6
), NULL
, 0);
1567 rt
= (struct rt6_info
*) dst
;
1569 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1570 ND_PRINTK2(KERN_WARNING
1571 "ICMPv6 Redirect: destination is not a neighbour.\n");
1575 rt6_bind_peer(rt
, 1);
1576 if (!inet_peer_xrlim_allow(rt
->rt6i_peer
, 1*HZ
))
1579 if (dev
->addr_len
) {
1580 read_lock_bh(&neigh
->lock
);
1581 if (neigh
->nud_state
& NUD_VALID
) {
1582 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1583 read_unlock_bh(&neigh
->lock
);
1585 len
+= ndisc_opt_addr_space(dev
);
1587 read_unlock_bh(&neigh
->lock
);
1590 rd_len
= min_t(unsigned int,
1591 IPV6_MIN_MTU
-sizeof(struct ipv6hdr
)-len
, skb
->len
+ 8);
1595 hlen
= LL_RESERVED_SPACE(dev
);
1596 tlen
= dev
->needed_tailroom
;
1597 buff
= sock_alloc_send_skb(sk
,
1598 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
1603 "ICMPv6 Redirect: %s() failed to allocate an skb, err=%d.\n",
1608 skb_reserve(buff
, hlen
);
1609 ip6_nd_hdr(sk
, buff
, dev
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1610 IPPROTO_ICMPV6
, len
);
1612 skb_set_transport_header(buff
, skb_tail_pointer(buff
) - buff
->data
);
1614 icmph
= icmp6_hdr(buff
);
1616 memset(icmph
, 0, sizeof(struct icmp6hdr
));
1617 icmph
->icmp6_type
= NDISC_REDIRECT
;
1620 * copy target and destination addresses
1623 addrp
= (struct in6_addr
*)(icmph
+ 1);
1626 *addrp
= ipv6_hdr(skb
)->daddr
;
1628 opt
= (u8
*) (addrp
+ 1);
1631 * include target_address option
1635 opt
= ndisc_fill_addr_option(opt
, ND_OPT_TARGET_LL_ADDR
, ha
,
1636 dev
->addr_len
, dev
->type
);
1639 * build redirect option and copy skb over to the new packet.
1643 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1644 *(opt
++) = (rd_len
>> 3);
1647 memcpy(opt
, ipv6_hdr(skb
), rd_len
- 8);
1649 icmph
->icmp6_cksum
= csum_ipv6_magic(&saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1650 len
, IPPROTO_ICMPV6
,
1651 csum_partial(icmph
, len
, 0));
1653 skb_dst_set(buff
, dst
);
1655 idev
= __in6_dev_get(dst
->dev
);
1656 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
1657 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, buff
, NULL
, dst
->dev
,
1660 ICMP6MSGOUT_INC_STATS(net
, idev
, NDISC_REDIRECT
);
1661 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
1671 static void pndisc_redo(struct sk_buff
*skb
)
1677 int ndisc_rcv(struct sk_buff
*skb
)
1681 if (!pskb_may_pull(skb
, skb
->len
))
1684 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1686 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1688 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1689 ND_PRINTK2(KERN_WARNING
1690 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1691 ipv6_hdr(skb
)->hop_limit
);
1695 if (msg
->icmph
.icmp6_code
!= 0) {
1696 ND_PRINTK2(KERN_WARNING
1697 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1698 msg
->icmph
.icmp6_code
);
1702 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1704 switch (msg
->icmph
.icmp6_type
) {
1705 case NDISC_NEIGHBOUR_SOLICITATION
:
1709 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1713 case NDISC_ROUTER_SOLICITATION
:
1717 case NDISC_ROUTER_ADVERTISEMENT
:
1718 ndisc_router_discovery(skb
);
1721 case NDISC_REDIRECT
:
1722 ndisc_redirect_rcv(skb
);
1729 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1731 struct net_device
*dev
= ptr
;
1732 struct net
*net
= dev_net(dev
);
1735 case NETDEV_CHANGEADDR
:
1736 neigh_changeaddr(&nd_tbl
, dev
);
1737 fib6_run_gc(~0UL, net
);
1740 neigh_ifdown(&nd_tbl
, dev
);
1741 fib6_run_gc(~0UL, net
);
1743 case NETDEV_NOTIFY_PEERS
:
1744 ndisc_send_unsol_na(dev
);
1753 static struct notifier_block ndisc_netdev_notifier
= {
1754 .notifier_call
= ndisc_netdev_event
,
1757 #ifdef CONFIG_SYSCTL
1758 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1759 const char *func
, const char *dev_name
)
1761 static char warncomm
[TASK_COMM_LEN
];
1763 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1764 strcpy(warncomm
, current
->comm
);
1766 "process `%s' is using deprecated sysctl (%s) "
1767 "net.ipv6.neigh.%s.%s; "
1768 "Use net.ipv6.neigh.%s.%s_ms "
1771 dev_name
, ctl
->procname
,
1772 dev_name
, ctl
->procname
);
1777 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1779 struct net_device
*dev
= ctl
->extra1
;
1780 struct inet6_dev
*idev
;
1783 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1784 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1785 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1787 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1788 ret
= proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
1790 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1791 ret
= proc_dointvec_jiffies(ctl
, write
,
1792 buffer
, lenp
, ppos
);
1794 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1795 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1796 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1797 buffer
, lenp
, ppos
);
1801 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1802 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1803 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1804 idev
->tstamp
= jiffies
;
1805 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1814 static int __net_init
ndisc_net_init(struct net
*net
)
1816 struct ipv6_pinfo
*np
;
1820 err
= inet_ctl_sock_create(&sk
, PF_INET6
,
1821 SOCK_RAW
, IPPROTO_ICMPV6
, net
);
1824 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1829 net
->ipv6
.ndisc_sk
= sk
;
1832 np
->hop_limit
= 255;
1833 /* Do not loopback ndisc messages */
1839 static void __net_exit
ndisc_net_exit(struct net
*net
)
1841 inet_ctl_sock_destroy(net
->ipv6
.ndisc_sk
);
1844 static struct pernet_operations ndisc_net_ops
= {
1845 .init
= ndisc_net_init
,
1846 .exit
= ndisc_net_exit
,
1849 int __init
ndisc_init(void)
1853 err
= register_pernet_subsys(&ndisc_net_ops
);
1857 * Initialize the neighbour table
1859 neigh_table_init(&nd_tbl
);
1861 #ifdef CONFIG_SYSCTL
1862 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
, "ipv6",
1863 &ndisc_ifinfo_sysctl_change
);
1865 goto out_unregister_pernet
;
1867 err
= register_netdevice_notifier(&ndisc_netdev_notifier
);
1869 goto out_unregister_sysctl
;
1873 out_unregister_sysctl
:
1874 #ifdef CONFIG_SYSCTL
1875 neigh_sysctl_unregister(&nd_tbl
.parms
);
1876 out_unregister_pernet
:
1878 unregister_pernet_subsys(&ndisc_net_ops
);
1882 void ndisc_cleanup(void)
1884 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1885 #ifdef CONFIG_SYSCTL
1886 neigh_sysctl_unregister(&nd_tbl
.parms
);
1888 neigh_table_clear(&nd_tbl
);
1889 unregister_pernet_subsys(&ndisc_net_ops
);
