search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dma-debug: update DMA debug API to better handle multiple mappings of a buffer
[linux-2.6/cjktty.git] / net / ipv6 / ndisc.c
blob76ef4353d51872c1688b52531eadf1f4f446a8a4
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
147 {
148 int pad = ndisc_addr_option_pad(skb->dev->type);
149 int data_len = skb->dev->addr_len;
150 int space = ndisc_opt_addr_space(skb->dev);
151 u8 *opt = skb_put(skb, space);
152
153 opt[0] = type;
154 opt[1] = space>>3;
155
156 memset(opt + 2, 0, pad);
157 opt += pad;
158 space -= pad;
159
160 memcpy(opt+2, data, data_len);
161 data_len += 2;
162 opt += data_len;
163 if ((space -= data_len) > 0)
164 memset(opt, 0, space);
165 }
166
167 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
168 struct nd_opt_hdr *end)
169 {
170 int type;
171 if (!cur || !end || cur >= end)
172 return NULL;
173 type = cur->nd_opt_type;
174 do {
175 cur = ((void *)cur) + (cur->nd_opt_len << 3);
176 } while(cur < end && cur->nd_opt_type != type);
177 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
178 }
179
180 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
181 {
182 return opt->nd_opt_type == ND_OPT_RDNSS ||
183 opt->nd_opt_type == ND_OPT_DNSSL;
184 }
185
186 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
187 struct nd_opt_hdr *end)
188 {
189 if (!cur || !end || cur >= end)
190 return NULL;
191 do {
192 cur = ((void *)cur) + (cur->nd_opt_len << 3);
193 } while(cur < end && !ndisc_is_useropt(cur));
194 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
195 }
196
197 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
198 struct ndisc_options *ndopts)
199 {
200 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
201
202 if (!nd_opt || opt_len < 0 || !ndopts)
203 return NULL;
204 memset(ndopts, 0, sizeof(*ndopts));
205 while (opt_len) {
206 int l;
207 if (opt_len < sizeof(struct nd_opt_hdr))
208 return NULL;
209 l = nd_opt->nd_opt_len << 3;
210 if (opt_len < l || l == 0)
211 return NULL;
212 switch (nd_opt->nd_opt_type) {
213 case ND_OPT_SOURCE_LL_ADDR:
214 case ND_OPT_TARGET_LL_ADDR:
215 case ND_OPT_MTU:
216 case ND_OPT_REDIRECT_HDR:
217 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
218 ND_PRINTK(2, warn,
219 "%s: duplicated ND6 option found: type=%d\n",
220 __func__, nd_opt->nd_opt_type);
221 } else {
222 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
223 }
224 break;
225 case ND_OPT_PREFIX_INFO:
226 ndopts->nd_opts_pi_end = nd_opt;
227 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
228 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
229 break;
230 #ifdef CONFIG_IPV6_ROUTE_INFO
231 case ND_OPT_ROUTE_INFO:
232 ndopts->nd_opts_ri_end = nd_opt;
233 if (!ndopts->nd_opts_ri)
234 ndopts->nd_opts_ri = nd_opt;
235 break;
236 #endif
237 default:
238 if (ndisc_is_useropt(nd_opt)) {
239 ndopts->nd_useropts_end = nd_opt;
240 if (!ndopts->nd_useropts)
241 ndopts->nd_useropts = nd_opt;
242 } else {
243 /*
244 * Unknown options must be silently ignored,
245 * to accommodate future extension to the
246 * protocol.
247 */
248 ND_PRINTK(2, notice,
249 "%s: ignored unsupported option; type=%d, len=%d\n",
250 __func__,
251 nd_opt->nd_opt_type,
252 nd_opt->nd_opt_len);
253 }
254 }
255 opt_len -= l;
256 nd_opt = ((void *)nd_opt) + l;
257 }
258 return ndopts;
259 }
260
261 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
262 {
263 switch (dev->type) {
264 case ARPHRD_ETHER:
265 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
266 case ARPHRD_FDDI:
267 ipv6_eth_mc_map(addr, buf);
268 return 0;
269 case ARPHRD_ARCNET:
270 ipv6_arcnet_mc_map(addr, buf);
271 return 0;
272 case ARPHRD_INFINIBAND:
273 ipv6_ib_mc_map(addr, dev->broadcast, buf);
274 return 0;
275 case ARPHRD_IPGRE:
276 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
277 default:
278 if (dir) {
279 memcpy(buf, dev->broadcast, dev->addr_len);
280 return 0;
281 }
282 }
283 return -EINVAL;
284 }
285
286 EXPORT_SYMBOL(ndisc_mc_map);
287
288 static u32 ndisc_hash(const void *pkey,
289 const struct net_device *dev,
290 __u32 *hash_rnd)
291 {
292 return ndisc_hashfn(pkey, dev, hash_rnd);
293 }
294
295 static int ndisc_constructor(struct neighbour *neigh)
296 {
297 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
298 struct net_device *dev = neigh->dev;
299 struct inet6_dev *in6_dev;
300 struct neigh_parms *parms;
301 bool is_multicast = ipv6_addr_is_multicast(addr);
302
303 in6_dev = in6_dev_get(dev);
304 if (in6_dev == NULL) {
305 return -EINVAL;
306 }
307
308 parms = in6_dev->nd_parms;
309 __neigh_parms_put(neigh->parms);
310 neigh->parms = neigh_parms_clone(parms);
311
312 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
313 if (!dev->header_ops) {
314 neigh->nud_state = NUD_NOARP;
315 neigh->ops = &ndisc_direct_ops;
316 neigh->output = neigh_direct_output;
317 } else {
318 if (is_multicast) {
319 neigh->nud_state = NUD_NOARP;
320 ndisc_mc_map(addr, neigh->ha, dev, 1);
321 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
322 neigh->nud_state = NUD_NOARP;
323 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
324 if (dev->flags&IFF_LOOPBACK)
325 neigh->type = RTN_LOCAL;
326 } else if (dev->flags&IFF_POINTOPOINT) {
327 neigh->nud_state = NUD_NOARP;
328 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
329 }
330 if (dev->header_ops->cache)
331 neigh->ops = &ndisc_hh_ops;
332 else
333 neigh->ops = &ndisc_generic_ops;
334 if (neigh->nud_state&NUD_VALID)
335 neigh->output = neigh->ops->connected_output;
336 else
337 neigh->output = neigh->ops->output;
338 }
339 in6_dev_put(in6_dev);
340 return 0;
341 }
342
343 static int pndisc_constructor(struct pneigh_entry *n)
344 {
345 struct in6_addr *addr = (struct in6_addr*)&n->key;
346 struct in6_addr maddr;
347 struct net_device *dev = n->dev;
348
349 if (dev == NULL || __in6_dev_get(dev) == NULL)
350 return -EINVAL;
351 addrconf_addr_solict_mult(addr, &maddr);
352 ipv6_dev_mc_inc(dev, &maddr);
353 return 0;
354 }
355
356 static void pndisc_destructor(struct pneigh_entry *n)
357 {
358 struct in6_addr *addr = (struct in6_addr*)&n->key;
359 struct in6_addr maddr;
360 struct net_device *dev = n->dev;
361
362 if (dev == NULL || __in6_dev_get(dev) == NULL)
363 return;
364 addrconf_addr_solict_mult(addr, &maddr);
365 ipv6_dev_mc_dec(dev, &maddr);
366 }
367
368 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
369 int len)
370 {
371 int hlen = LL_RESERVED_SPACE(dev);
372 int tlen = dev->needed_tailroom;
373 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
374 struct sk_buff *skb;
375 int err;
376
377 skb = sock_alloc_send_skb(sk,
378 hlen + sizeof(struct ipv6hdr) + len + tlen,
379 1, &err);
380 if (!skb) {
381 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb, err=%d\n",
382 __func__, err);
383 return NULL;
384 }
385
386 skb->protocol = htons(ETH_P_IPV6);
387 skb->dev = dev;
388
389 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
390 skb_reset_transport_header(skb);
391
392 return skb;
393 }
394
395 static void ip6_nd_hdr(struct sk_buff *skb,
396 const struct in6_addr *saddr,
397 const struct in6_addr *daddr,
398 int hop_limit, int len)
399 {
400 struct ipv6hdr *hdr;
401
402 skb_push(skb, sizeof(*hdr));
403 skb_reset_network_header(skb);
404 hdr = ipv6_hdr(skb);
405
406 ip6_flow_hdr(hdr, 0, 0);
407
408 hdr->payload_len = htons(len);
409 hdr->nexthdr = IPPROTO_ICMPV6;
410 hdr->hop_limit = hop_limit;
411
412 hdr->saddr = *saddr;
413 hdr->daddr = *daddr;
414 }
415
416 static void ndisc_send_skb(struct sk_buff *skb,
417 const struct in6_addr *daddr,
418 const struct in6_addr *saddr)
419 {
420 struct dst_entry *dst = skb_dst(skb);
421 struct net *net = dev_net(skb->dev);
422 struct sock *sk = net->ipv6.ndisc_sk;
423 struct inet6_dev *idev;
424 int err;
425 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
426 u8 type;
427
428 type = icmp6h->icmp6_type;
429
430 if (!dst) {
431 struct sock *sk = net->ipv6.ndisc_sk;
432 struct flowi6 fl6;
433
434 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
435 dst = icmp6_dst_alloc(skb->dev, &fl6);
436 if (IS_ERR(dst)) {
437 kfree_skb(skb);
438 return;
439 }
440
441 skb_dst_set(skb, dst);
442 }
443
444 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
445 IPPROTO_ICMPV6,
446 csum_partial(icmp6h,
447 skb->len, 0));
448
449 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
450
451 rcu_read_lock();
452 idev = __in6_dev_get(dst->dev);
453 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
454
455 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
456 dst_output);
457 if (!err) {
458 ICMP6MSGOUT_INC_STATS(net, idev, type);
459 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
460 }
461
462 rcu_read_unlock();
463 }
464
465 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
466 const struct in6_addr *daddr,
467 const struct in6_addr *solicited_addr,
468 bool router, bool solicited, bool override, bool inc_opt)
469 {
470 struct sk_buff *skb;
471 struct in6_addr tmpaddr;
472 struct inet6_ifaddr *ifp;
473 const struct in6_addr *src_addr;
474 struct nd_msg *msg;
475 int optlen = 0;
476
477 /* for anycast or proxy, solicited_addr != src_addr */
478 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
479 if (ifp) {
480 src_addr = solicited_addr;
481 if (ifp->flags & IFA_F_OPTIMISTIC)
482 override = 0;
483 inc_opt |= ifp->idev->cnf.force_tllao;
484 in6_ifa_put(ifp);
485 } else {
486 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
487 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
488 &tmpaddr))
489 return;
490 src_addr = &tmpaddr;
491 }
492
493 if (!dev->addr_len)
494 inc_opt = 0;
495 if (inc_opt)
496 optlen += ndisc_opt_addr_space(dev);
497
498 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
499 if (!skb)
500 return;
501
502 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
503 *msg = (struct nd_msg) {
504 .icmph = {
505 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
506 .icmp6_router = router,
507 .icmp6_solicited = solicited,
508 .icmp6_override = override,
509 },
510 .target = *solicited_addr,
511 };
512
513 if (inc_opt)
514 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
515 dev->dev_addr);
516
517
518 ndisc_send_skb(skb, daddr, src_addr);
519 }
520
521 static void ndisc_send_unsol_na(struct net_device *dev)
522 {
523 struct inet6_dev *idev;
524 struct inet6_ifaddr *ifa;
525
526 idev = in6_dev_get(dev);
527 if (!idev)
528 return;
529
530 read_lock_bh(&idev->lock);
531 list_for_each_entry(ifa, &idev->addr_list, if_list) {
532 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
533 /*router=*/ !!idev->cnf.forwarding,
534 /*solicited=*/ false, /*override=*/ true,
535 /*inc_opt=*/ true);
536 }
537 read_unlock_bh(&idev->lock);
538
539 in6_dev_put(idev);
540 }
541
542 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
543 const struct in6_addr *solicit,
544 const struct in6_addr *daddr, const struct in6_addr *saddr)
545 {
546 struct sk_buff *skb;
547 struct in6_addr addr_buf;
548 int inc_opt = dev->addr_len;
549 int optlen = 0;
550 struct nd_msg *msg;
551
552 if (saddr == NULL) {
553 if (ipv6_get_lladdr(dev, &addr_buf,
554 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
555 return;
556 saddr = &addr_buf;
557 }
558
559 if (ipv6_addr_any(saddr))
560 inc_opt = 0;
561 if (inc_opt)
562 optlen += ndisc_opt_addr_space(dev);
563
564 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
565 if (!skb)
566 return;
567
568 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
569 *msg = (struct nd_msg) {
570 .icmph = {
571 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
572 },
573 .target = *solicit,
574 };
575
576 if (inc_opt)
577 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
578 dev->dev_addr);
579
580 ndisc_send_skb(skb, daddr, saddr);
581 }
582
583 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
584 const struct in6_addr *daddr)
585 {
586 struct sk_buff *skb;
587 struct rs_msg *msg;
588 int send_sllao = dev->addr_len;
589 int optlen = 0;
590
591 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
592 /*
593 * According to section 2.2 of RFC 4429, we must not
594 * send router solicitations with a sllao from
595 * optimistic addresses, but we may send the solicitation
596 * if we don't include the sllao. So here we check
597 * if our address is optimistic, and if so, we
598 * suppress the inclusion of the sllao.
599 */
600 if (send_sllao) {
601 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
602 dev, 1);
603 if (ifp) {
604 if (ifp->flags & IFA_F_OPTIMISTIC) {
605 send_sllao = 0;
606 }
607 in6_ifa_put(ifp);
608 } else {
609 send_sllao = 0;
610 }
611 }
612 #endif
613 if (!dev->addr_len)
614 send_sllao = 0;
615 if (send_sllao)
616 optlen += ndisc_opt_addr_space(dev);
617
618 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
619 if (!skb)
620 return;
621
622 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
623 *msg = (struct rs_msg) {
624 .icmph = {
625 .icmp6_type = NDISC_ROUTER_SOLICITATION,
626 },
627 };
628
629 if (send_sllao)
630 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
631 dev->dev_addr);
632
633 ndisc_send_skb(skb, daddr, saddr);
634 }
635
636
637 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
638 {
639 /*
640 * "The sender MUST return an ICMP
641 * destination unreachable"
642 */
643 dst_link_failure(skb);
644 kfree_skb(skb);
645 }
646
647 /* Called with locked neigh: either read or both */
648
649 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
650 {
651 struct in6_addr *saddr = NULL;
652 struct in6_addr mcaddr;
653 struct net_device *dev = neigh->dev;
654 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
655 int probes = atomic_read(&neigh->probes);
656
657 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
658 saddr = &ipv6_hdr(skb)->saddr;
659
660 if ((probes -= neigh->parms->ucast_probes) < 0) {
661 if (!(neigh->nud_state & NUD_VALID)) {
662 ND_PRINTK(1, dbg,
663 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
664 __func__, target);
665 }
666 ndisc_send_ns(dev, neigh, target, target, saddr);
667 } else if ((probes -= neigh->parms->app_probes) < 0) {
668 #ifdef CONFIG_ARPD
669 neigh_app_ns(neigh);
670 #endif
671 } else {
672 addrconf_addr_solict_mult(target, &mcaddr);
673 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
674 }
675 }
676
677 static int pndisc_is_router(const void *pkey,
678 struct net_device *dev)
679 {
680 struct pneigh_entry *n;
681 int ret = -1;
682
683 read_lock_bh(&nd_tbl.lock);
684 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
685 if (n)
686 ret = !!(n->flags & NTF_ROUTER);
687 read_unlock_bh(&nd_tbl.lock);
688
689 return ret;
690 }
691
692 static void ndisc_recv_ns(struct sk_buff *skb)
693 {
694 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
695 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
696 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
697 u8 *lladdr = NULL;
698 u32 ndoptlen = skb->tail - (skb->transport_header +
699 offsetof(struct nd_msg, opt));
700 struct ndisc_options ndopts;
701 struct net_device *dev = skb->dev;
702 struct inet6_ifaddr *ifp;
703 struct inet6_dev *idev = NULL;
704 struct neighbour *neigh;
705 int dad = ipv6_addr_any(saddr);
706 bool inc;
707 int is_router = -1;
708
709 if (skb->len < sizeof(struct nd_msg)) {
710 ND_PRINTK(2, warn, "NS: packet too short\n");
711 return;
712 }
713
714 if (ipv6_addr_is_multicast(&msg->target)) {
715 ND_PRINTK(2, warn, "NS: multicast target address\n");
716 return;
717 }
718
719 /*
720 * RFC2461 7.1.1:
721 * DAD has to be destined for solicited node multicast address.
722 */
723 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
724 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
725 return;
726 }
727
728 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
729 ND_PRINTK(2, warn, "NS: invalid ND options\n");
730 return;
731 }
732
733 if (ndopts.nd_opts_src_lladdr) {
734 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
735 if (!lladdr) {
736 ND_PRINTK(2, warn,
737 "NS: invalid link-layer address length\n");
738 return;
739 }
740
741 /* RFC2461 7.1.1:
742 * If the IP source address is the unspecified address,
743 * there MUST NOT be source link-layer address option
744 * in the message.
745 */
746 if (dad) {
747 ND_PRINTK(2, warn,
748 "NS: bad DAD packet (link-layer address option)\n");
749 return;
750 }
751 }
752
753 inc = ipv6_addr_is_multicast(daddr);
754
755 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
756 if (ifp) {
757
758 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
759 if (dad) {
760 /*
761 * We are colliding with another node
762 * who is doing DAD
763 * so fail our DAD process
764 */
765 addrconf_dad_failure(ifp);
766 return;
767 } else {
768 /*
769 * This is not a dad solicitation.
770 * If we are an optimistic node,
771 * we should respond.
772 * Otherwise, we should ignore it.
773 */
774 if (!(ifp->flags & IFA_F_OPTIMISTIC))
775 goto out;
776 }
777 }
778
779 idev = ifp->idev;
780 } else {
781 struct net *net = dev_net(dev);
782
783 idev = in6_dev_get(dev);
784 if (!idev) {
785 /* XXX: count this drop? */
786 return;
787 }
788
789 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
790 (idev->cnf.forwarding &&
791 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
792 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
793 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
794 skb->pkt_type != PACKET_HOST &&
795 inc != 0 &&
796 idev->nd_parms->proxy_delay != 0) {
797 /*
798 * for anycast or proxy,
799 * sender should delay its response
800 * by a random time between 0 and
801 * MAX_ANYCAST_DELAY_TIME seconds.
802 * (RFC2461) -- yoshfuji
803 */
804 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
805 if (n)
806 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
807 goto out;
808 }
809 } else
810 goto out;
811 }
812
813 if (is_router < 0)
814 is_router = idev->cnf.forwarding;
815
816 if (dad) {
817 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
818 !!is_router, false, (ifp != NULL), true);
819 goto out;
820 }
821
822 if (inc)
823 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
824 else
825 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
826
827 /*
828 * update / create cache entry
829 * for the source address
830 */
831 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
832 !inc || lladdr || !dev->addr_len);
833 if (neigh)
834 neigh_update(neigh, lladdr, NUD_STALE,
835 NEIGH_UPDATE_F_WEAK_OVERRIDE|
836 NEIGH_UPDATE_F_OVERRIDE);
837 if (neigh || !dev->header_ops) {
838 ndisc_send_na(dev, neigh, saddr, &msg->target,
839 !!is_router,
840 true, (ifp != NULL && inc), inc);
841 if (neigh)
842 neigh_release(neigh);
843 }
844
845 out:
846 if (ifp)
847 in6_ifa_put(ifp);
848 else
849 in6_dev_put(idev);
850 }
851
852 static void ndisc_recv_na(struct sk_buff *skb)
853 {
854 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
855 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
856 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
857 u8 *lladdr = NULL;
858 u32 ndoptlen = skb->tail - (skb->transport_header +
859 offsetof(struct nd_msg, opt));
860 struct ndisc_options ndopts;
861 struct net_device *dev = skb->dev;
862 struct inet6_ifaddr *ifp;
863 struct neighbour *neigh;
864
865 if (skb->len < sizeof(struct nd_msg)) {
866 ND_PRINTK(2, warn, "NA: packet too short\n");
867 return;
868 }
869
870 if (ipv6_addr_is_multicast(&msg->target)) {
871 ND_PRINTK(2, warn, "NA: target address is multicast\n");
872 return;
873 }
874
875 if (ipv6_addr_is_multicast(daddr) &&
876 msg->icmph.icmp6_solicited) {
877 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
878 return;
879 }
880
881 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
882 ND_PRINTK(2, warn, "NS: invalid ND option\n");
883 return;
884 }
885 if (ndopts.nd_opts_tgt_lladdr) {
886 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
887 if (!lladdr) {
888 ND_PRINTK(2, warn,
889 "NA: invalid link-layer address length\n");
890 return;
891 }
892 }
893 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
894 if (ifp) {
895 if (skb->pkt_type != PACKET_LOOPBACK
896 && (ifp->flags & IFA_F_TENTATIVE)) {
897 addrconf_dad_failure(ifp);
898 return;
899 }
900 /* What should we make now? The advertisement
901 is invalid, but ndisc specs say nothing
902 about it. It could be misconfiguration, or
903 an smart proxy agent tries to help us :-)
904
905 We should not print the error if NA has been
906 received from loopback - it is just our own
907 unsolicited advertisement.
908 */
909 if (skb->pkt_type != PACKET_LOOPBACK)
910 ND_PRINTK(1, warn,
911 "NA: someone advertises our address %pI6 on %s!\n",
912 &ifp->addr, ifp->idev->dev->name);
913 in6_ifa_put(ifp);
914 return;
915 }
916 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
917
918 if (neigh) {
919 u8 old_flags = neigh->flags;
920 struct net *net = dev_net(dev);
921
922 if (neigh->nud_state & NUD_FAILED)
923 goto out;
924
925 /*
926 * Don't update the neighbor cache entry on a proxy NA from
927 * ourselves because either the proxied node is off link or it
928 * has already sent a NA to us.
929 */
930 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
931 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
932 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
933 /* XXX: idev->cnf.proxy_ndp */
934 goto out;
935 }
936
937 neigh_update(neigh, lladdr,
938 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
939 NEIGH_UPDATE_F_WEAK_OVERRIDE|
940 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
941 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
942 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
943
944 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
945 /*
946 * Change: router to host
947 */
948 struct rt6_info *rt;
949 rt = rt6_get_dflt_router(saddr, dev);
950 if (rt)
951 ip6_del_rt(rt);
952 }
953
954 out:
955 neigh_release(neigh);
956 }
957 }
958
959 static void ndisc_recv_rs(struct sk_buff *skb)
960 {
961 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
962 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
963 struct neighbour *neigh;
964 struct inet6_dev *idev;
965 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
966 struct ndisc_options ndopts;
967 u8 *lladdr = NULL;
968
969 if (skb->len < sizeof(*rs_msg))
970 return;
971
972 idev = __in6_dev_get(skb->dev);
973 if (!idev) {
974 ND_PRINTK(1, err, "RS: can't find in6 device\n");
975 return;
976 }
977
978 /* Don't accept RS if we're not in router mode */
979 if (!idev->cnf.forwarding)
980 goto out;
981
982 /*
983 * Don't update NCE if src = ::;
984 * this implies that the source node has no ip address assigned yet.
985 */
986 if (ipv6_addr_any(saddr))
987 goto out;
988
989 /* Parse ND options */
990 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
991 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
992 goto out;
993 }
994
995 if (ndopts.nd_opts_src_lladdr) {
996 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
997 skb->dev);
998 if (!lladdr)
999 goto out;
1000 }
1001
1002 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1003 if (neigh) {
1004 neigh_update(neigh, lladdr, NUD_STALE,
1005 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1006 NEIGH_UPDATE_F_OVERRIDE|
1007 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1008 neigh_release(neigh);
1009 }
1010 out:
1011 return;
1012 }
1013
1014 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1015 {
1016 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1017 struct sk_buff *skb;
1018 struct nlmsghdr *nlh;
1019 struct nduseroptmsg *ndmsg;
1020 struct net *net = dev_net(ra->dev);
1021 int err;
1022 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1023 + (opt->nd_opt_len << 3));
1024 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1025
1026 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1027 if (skb == NULL) {
1028 err = -ENOBUFS;
1029 goto errout;
1030 }
1031
1032 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1033 if (nlh == NULL) {
1034 goto nla_put_failure;
1035 }
1036
1037 ndmsg = nlmsg_data(nlh);
1038 ndmsg->nduseropt_family = AF_INET6;
1039 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1040 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1041 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1042 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1043
1044 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1045
1046 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1047 &ipv6_hdr(ra)->saddr))
1048 goto nla_put_failure;
1049 nlmsg_end(skb, nlh);
1050
1051 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1052 return;
1053
1054 nla_put_failure:
1055 nlmsg_free(skb);
1056 err = -EMSGSIZE;
1057 errout:
1058 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1059 }
1060
1061 static void ndisc_router_discovery(struct sk_buff *skb)
1062 {
1063 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1064 struct neighbour *neigh = NULL;
1065 struct inet6_dev *in6_dev;
1066 struct rt6_info *rt = NULL;
1067 int lifetime;
1068 struct ndisc_options ndopts;
1069 int optlen;
1070 unsigned int pref = 0;
1071
1072 __u8 * opt = (__u8 *)(ra_msg + 1);
1073
1074 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1075
1076 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1077 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1078 return;
1079 }
1080 if (optlen < 0) {
1081 ND_PRINTK(2, warn, "RA: packet too short\n");
1082 return;
1083 }
1084
1085 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1086 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1087 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1088 return;
1089 }
1090 #endif
1091
1092 /*
1093 * set the RA_RECV flag in the interface
1094 */
1095
1096 in6_dev = __in6_dev_get(skb->dev);
1097 if (in6_dev == NULL) {
1098 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1099 skb->dev->name);
1100 return;
1101 }
1102
1103 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1104 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1105 return;
1106 }
1107
1108 if (!ipv6_accept_ra(in6_dev))
1109 goto skip_linkparms;
1110
1111 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1112 /* skip link-specific parameters from interior routers */
1113 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1114 goto skip_linkparms;
1115 #endif
1116
1117 if (in6_dev->if_flags & IF_RS_SENT) {
1118 /*
1119 * flag that an RA was received after an RS was sent
1120 * out on this interface.
1121 */
1122 in6_dev->if_flags |= IF_RA_RCVD;
1123 }
1124
1125 /*
1126 * Remember the managed/otherconf flags from most recently
1127 * received RA message (RFC 2462) -- yoshfuji
1128 */
1129 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1130 IF_RA_OTHERCONF)) |
1131 (ra_msg->icmph.icmp6_addrconf_managed ?
1132 IF_RA_MANAGED : 0) |
1133 (ra_msg->icmph.icmp6_addrconf_other ?
1134 IF_RA_OTHERCONF : 0);
1135
1136 if (!in6_dev->cnf.accept_ra_defrtr)
1137 goto skip_defrtr;
1138
1139 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1140 goto skip_defrtr;
1141
1142 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1143
1144 #ifdef CONFIG_IPV6_ROUTER_PREF
1145 pref = ra_msg->icmph.icmp6_router_pref;
1146 /* 10b is handled as if it were 00b (medium) */
1147 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1148 !in6_dev->cnf.accept_ra_rtr_pref)
1149 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1150 #endif
1151
1152 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1153
1154 if (rt) {
1155 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1156 if (!neigh) {
1157 ND_PRINTK(0, err,
1158 "RA: %s got default router without neighbour\n",
1159 __func__);
1160 ip6_rt_put(rt);
1161 return;
1162 }
1163 }
1164 if (rt && lifetime == 0) {
1165 ip6_del_rt(rt);
1166 rt = NULL;
1167 }
1168
1169 if (rt == NULL && lifetime) {
1170 ND_PRINTK(3, dbg, "RA: adding default router\n");
1171
1172 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1173 if (rt == NULL) {
1174 ND_PRINTK(0, err,
1175 "RA: %s failed to add default route\n",
1176 __func__);
1177 return;
1178 }
1179
1180 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1181 if (neigh == NULL) {
1182 ND_PRINTK(0, err,
1183 "RA: %s got default router without neighbour\n",
1184 __func__);
1185 ip6_rt_put(rt);
1186 return;
1187 }
1188 neigh->flags |= NTF_ROUTER;
1189 } else if (rt) {
1190 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1191 }
1192
1193 if (rt)
1194 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1195 if (ra_msg->icmph.icmp6_hop_limit) {
1196 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1197 if (rt)
1198 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1199 ra_msg->icmph.icmp6_hop_limit);
1200 }
1201
1202 skip_defrtr:
1203
1204 /*
1205 * Update Reachable Time and Retrans Timer
1206 */
1207
1208 if (in6_dev->nd_parms) {
1209 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1210
1211 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1212 rtime = (rtime*HZ)/1000;
1213 if (rtime < HZ/10)
1214 rtime = HZ/10;
1215 in6_dev->nd_parms->retrans_time = rtime;
1216 in6_dev->tstamp = jiffies;
1217 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1218 }
1219
1220 rtime = ntohl(ra_msg->reachable_time);
1221 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1222 rtime = (rtime*HZ)/1000;
1223
1224 if (rtime < HZ/10)
1225 rtime = HZ/10;
1226
1227 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1228 in6_dev->nd_parms->base_reachable_time = rtime;
1229 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1230 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1231 in6_dev->tstamp = jiffies;
1232 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1233 }
1234 }
1235 }
1236
1237 skip_linkparms:
1238
1239 /*
1240 * Process options.
1241 */
1242
1243 if (!neigh)
1244 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1245 skb->dev, 1);
1246 if (neigh) {
1247 u8 *lladdr = NULL;
1248 if (ndopts.nd_opts_src_lladdr) {
1249 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1250 skb->dev);
1251 if (!lladdr) {
1252 ND_PRINTK(2, warn,
1253 "RA: invalid link-layer address length\n");
1254 goto out;
1255 }
1256 }
1257 neigh_update(neigh, lladdr, NUD_STALE,
1258 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1259 NEIGH_UPDATE_F_OVERRIDE|
1260 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1261 NEIGH_UPDATE_F_ISROUTER);
1262 }
1263
1264 if (!ipv6_accept_ra(in6_dev))
1265 goto out;
1266
1267 #ifdef CONFIG_IPV6_ROUTE_INFO
1268 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1269 goto skip_routeinfo;
1270
1271 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1272 struct nd_opt_hdr *p;
1273 for (p = ndopts.nd_opts_ri;
1274 p;
1275 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1276 struct route_info *ri = (struct route_info *)p;
1277 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1278 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1279 ri->prefix_len == 0)
1280 continue;
1281 #endif
1282 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1283 continue;
1284 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1285 &ipv6_hdr(skb)->saddr);
1286 }
1287 }
1288
1289 skip_routeinfo:
1290 #endif
1291
1292 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1293 /* skip link-specific ndopts from interior routers */
1294 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1295 goto out;
1296 #endif
1297
1298 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1299 struct nd_opt_hdr *p;
1300 for (p = ndopts.nd_opts_pi;
1301 p;
1302 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1303 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1304 (p->nd_opt_len) << 3,
1305 ndopts.nd_opts_src_lladdr != NULL);
1306 }
1307 }
1308
1309 if (ndopts.nd_opts_mtu) {
1310 __be32 n;
1311 u32 mtu;
1312
1313 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1314 mtu = ntohl(n);
1315
1316 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1317 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1318 } else if (in6_dev->cnf.mtu6 != mtu) {
1319 in6_dev->cnf.mtu6 = mtu;
1320
1321 if (rt)
1322 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1323
1324 rt6_mtu_change(skb->dev, mtu);
1325 }
1326 }
1327
1328 if (ndopts.nd_useropts) {
1329 struct nd_opt_hdr *p;
1330 for (p = ndopts.nd_useropts;
1331 p;
1332 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1333 ndisc_ra_useropt(skb, p);
1334 }
1335 }
1336
1337 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1338 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1339 }
1340 out:
1341 ip6_rt_put(rt);
1342 if (neigh)
1343 neigh_release(neigh);
1344 }
1345
1346 static void ndisc_redirect_rcv(struct sk_buff *skb)
1347 {
1348 u8 *hdr;
1349 struct ndisc_options ndopts;
1350 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1351 u32 ndoptlen = skb->tail - (skb->transport_header +
1352 offsetof(struct rd_msg, opt));
1353
1354 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1355 switch (skb->ndisc_nodetype) {
1356 case NDISC_NODETYPE_HOST:
1357 case NDISC_NODETYPE_NODEFAULT:
1358 ND_PRINTK(2, warn,
1359 "Redirect: from host or unauthorized router\n");
1360 return;
1361 }
1362 #endif
1363
1364 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1365 ND_PRINTK(2, warn,
1366 "Redirect: source address is not link-local\n");
1367 return;
1368 }
1369
1370 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1371 return;
1372
1373 if (!ndopts.nd_opts_rh)
1374 return;
1375
1376 hdr = (u8 *)ndopts.nd_opts_rh;
1377 hdr += 8;
1378 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1379 return;
1380
1381 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1382 }
1383
1384 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1385 struct sk_buff *orig_skb,
1386 int rd_len)
1387 {
1388 u8 *opt = skb_put(skb, rd_len);
1389
1390 memset(opt, 0, 8);
1391 *(opt++) = ND_OPT_REDIRECT_HDR;
1392 *(opt++) = (rd_len >> 3);
1393 opt += 6;
1394
1395 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1396 }
1397
1398 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1399 {
1400 struct net_device *dev = skb->dev;
1401 struct net *net = dev_net(dev);
1402 struct sock *sk = net->ipv6.ndisc_sk;
1403 int optlen = 0;
1404 struct inet_peer *peer;
1405 struct sk_buff *buff;
1406 struct rd_msg *msg;
1407 struct in6_addr saddr_buf;
1408 struct rt6_info *rt;
1409 struct dst_entry *dst;
1410 struct flowi6 fl6;
1411 int rd_len;
1412 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1413 bool ret;
1414
1415 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1416 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1417 dev->name);
1418 return;
1419 }
1420
1421 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1422 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1423 ND_PRINTK(2, warn,
1424 "Redirect: target address is not link-local unicast\n");
1425 return;
1426 }
1427
1428 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1429 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1430
1431 dst = ip6_route_output(net, NULL, &fl6);
1432 if (dst->error) {
1433 dst_release(dst);
1434 return;
1435 }
1436 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1437 if (IS_ERR(dst))
1438 return;
1439
1440 rt = (struct rt6_info *) dst;
1441
1442 if (rt->rt6i_flags & RTF_GATEWAY) {
1443 ND_PRINTK(2, warn,
1444 "Redirect: destination is not a neighbour\n");
1445 goto release;
1446 }
1447 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1448 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1449 if (peer)
1450 inet_putpeer(peer);
1451 if (!ret)
1452 goto release;
1453
1454 if (dev->addr_len) {
1455 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1456 if (!neigh) {
1457 ND_PRINTK(2, warn,
1458 "Redirect: no neigh for target address\n");
1459 goto release;
1460 }
1461
1462 read_lock_bh(&neigh->lock);
1463 if (neigh->nud_state & NUD_VALID) {
1464 memcpy(ha_buf, neigh->ha, dev->addr_len);
1465 read_unlock_bh(&neigh->lock);
1466 ha = ha_buf;
1467 optlen += ndisc_opt_addr_space(dev);
1468 } else
1469 read_unlock_bh(&neigh->lock);
1470
1471 neigh_release(neigh);
1472 }
1473
1474 rd_len = min_t(unsigned int,
1475 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1476 skb->len + 8);
1477 rd_len &= ~0x7;
1478 optlen += rd_len;
1479
1480 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1481 if (!buff)
1482 goto release;
1483
1484 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1485 *msg = (struct rd_msg) {
1486 .icmph = {
1487 .icmp6_type = NDISC_REDIRECT,
1488 },
1489 .target = *target,
1490 .dest = ipv6_hdr(skb)->daddr,
1491 };
1492
1493 /*
1494 * include target_address option
1495 */
1496
1497 if (ha)
1498 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha);
1499
1500 /*
1501 * build redirect option and copy skb over to the new packet.
1502 */
1503
1504 if (rd_len)
1505 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1506
1507 skb_dst_set(buff, dst);
1508 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1509 return;
1510
1511 release:
1512 dst_release(dst);
1513 }
1514
1515 static void pndisc_redo(struct sk_buff *skb)
1516 {
1517 ndisc_recv_ns(skb);
1518 kfree_skb(skb);
1519 }
1520
1521 int ndisc_rcv(struct sk_buff *skb)
1522 {
1523 struct nd_msg *msg;
1524
1525 if (skb_linearize(skb))
1526 return 0;
1527
1528 msg = (struct nd_msg *)skb_transport_header(skb);
1529
1530 __skb_push(skb, skb->data - skb_transport_header(skb));
1531
1532 if (ipv6_hdr(skb)->hop_limit != 255) {
1533 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1534 ipv6_hdr(skb)->hop_limit);
1535 return 0;
1536 }
1537
1538 if (msg->icmph.icmp6_code != 0) {
1539 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1540 msg->icmph.icmp6_code);
1541 return 0;
1542 }
1543
1544 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1545
1546 switch (msg->icmph.icmp6_type) {
1547 case NDISC_NEIGHBOUR_SOLICITATION:
1548 ndisc_recv_ns(skb);
1549 break;
1550
1551 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1552 ndisc_recv_na(skb);
1553 break;
1554
1555 case NDISC_ROUTER_SOLICITATION:
1556 ndisc_recv_rs(skb);
1557 break;
1558
1559 case NDISC_ROUTER_ADVERTISEMENT:
1560 ndisc_router_discovery(skb);
1561 break;
1562
1563 case NDISC_REDIRECT:
1564 ndisc_redirect_rcv(skb);
1565 break;
1566 }
1567
1568 return 0;
1569 }
1570
1571 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1572 {
1573 struct net_device *dev = ptr;
1574 struct net *net = dev_net(dev);
1575 struct inet6_dev *idev;
1576
1577 switch (event) {
1578 case NETDEV_CHANGEADDR:
1579 neigh_changeaddr(&nd_tbl, dev);
1580 fib6_run_gc(~0UL, net);
1581 idev = in6_dev_get(dev);
1582 if (!idev)
1583 break;
1584 if (idev->cnf.ndisc_notify)
1585 ndisc_send_unsol_na(dev);
1586 in6_dev_put(idev);
1587 break;
1588 case NETDEV_DOWN:
1589 neigh_ifdown(&nd_tbl, dev);
1590 fib6_run_gc(~0UL, net);
1591 break;
1592 case NETDEV_NOTIFY_PEERS:
1593 ndisc_send_unsol_na(dev);
1594 break;
1595 default:
1596 break;
1597 }
1598
1599 return NOTIFY_DONE;
1600 }
1601
1602 static struct notifier_block ndisc_netdev_notifier = {
1603 .notifier_call = ndisc_netdev_event,
1604 };
1605
1606 #ifdef CONFIG_SYSCTL
1607 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1608 const char *func, const char *dev_name)
1609 {
1610 static char warncomm[TASK_COMM_LEN];
1611 static int warned;
1612 if (strcmp(warncomm, current->comm) && warned < 5) {
1613 strcpy(warncomm, current->comm);
1614 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1615 warncomm, func,
1616 dev_name, ctl->procname,
1617 dev_name, ctl->procname);
1618 warned++;
1619 }
1620 }
1621
1622 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1623 {
1624 struct net_device *dev = ctl->extra1;
1625 struct inet6_dev *idev;
1626 int ret;
1627
1628 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1629 (strcmp(ctl->procname, "base_reachable_time") == 0))
1630 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1631
1632 if (strcmp(ctl->procname, "retrans_time") == 0)
1633 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1634
1635 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1636 ret = proc_dointvec_jiffies(ctl, write,
1637 buffer, lenp, ppos);
1638
1639 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1640 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1641 ret = proc_dointvec_ms_jiffies(ctl, write,
1642 buffer, lenp, ppos);
1643 else
1644 ret = -1;
1645
1646 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1647 if (ctl->data == &idev->nd_parms->base_reachable_time)
1648 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1649 idev->tstamp = jiffies;
1650 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1651 in6_dev_put(idev);
1652 }
1653 return ret;
1654 }
1655
1656
1657 #endif
1658
1659 static int __net_init ndisc_net_init(struct net *net)
1660 {
1661 struct ipv6_pinfo *np;
1662 struct sock *sk;
1663 int err;
1664
1665 err = inet_ctl_sock_create(&sk, PF_INET6,
1666 SOCK_RAW, IPPROTO_ICMPV6, net);
1667 if (err < 0) {
1668 ND_PRINTK(0, err,
1669 "NDISC: Failed to initialize the control socket (err %d)\n",
1670 err);
1671 return err;
1672 }
1673
1674 net->ipv6.ndisc_sk = sk;
1675
1676 np = inet6_sk(sk);
1677 np->hop_limit = 255;
1678 /* Do not loopback ndisc messages */
1679 np->mc_loop = 0;
1680
1681 return 0;
1682 }
1683
1684 static void __net_exit ndisc_net_exit(struct net *net)
1685 {
1686 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1687 }
1688
1689 static struct pernet_operations ndisc_net_ops = {
1690 .init = ndisc_net_init,
1691 .exit = ndisc_net_exit,
1692 };
1693
1694 int __init ndisc_init(void)
1695 {
1696 int err;
1697
1698 err = register_pernet_subsys(&ndisc_net_ops);
1699 if (err)
1700 return err;
1701 /*
1702 * Initialize the neighbour table
1703 */
1704 neigh_table_init(&nd_tbl);
1705
1706 #ifdef CONFIG_SYSCTL
1707 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1708 &ndisc_ifinfo_sysctl_change);
1709 if (err)
1710 goto out_unregister_pernet;
1711 #endif
1712 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1713 if (err)
1714 goto out_unregister_sysctl;
1715 out:
1716 return err;
1717
1718 out_unregister_sysctl:
1719 #ifdef CONFIG_SYSCTL
1720 neigh_sysctl_unregister(&nd_tbl.parms);
1721 out_unregister_pernet:
1722 #endif
1723 unregister_pernet_subsys(&ndisc_net_ops);
1724 goto out;
1725 }
1726
1727 void ndisc_cleanup(void)
1728 {
1729 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1730 #ifdef CONFIG_SYSCTL
1731 neigh_sysctl_unregister(&nd_tbl.parms);
1732 #endif
1733 neigh_table_clear(&nd_tbl);
1734 unregister_pernet_subsys(&ndisc_net_ops);
1735 }
CJK support for tty framebuffer vt