2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
29 /* Set to 3 to get tracing... */
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
40 #define ND_PRINTK1 ND_PRINTK
44 #define ND_PRINTK2 ND_PRINTK
48 #define ND_PRINTK3 ND_PRINTK
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #include <linux/slab.h>
64 #include <linux/sysctl.h>
67 #include <linux/if_addr.h>
68 #include <linux/if_arp.h>
69 #include <linux/ipv6.h>
70 #include <linux/icmpv6.h>
71 #include <linux/jhash.h>
77 #include <net/protocol.h>
78 #include <net/ndisc.h>
79 #include <net/ip6_route.h>
80 #include <net/addrconf.h>
83 #include <net/netlink.h>
84 #include <linux/rtnetlink.h>
87 #include <net/ip6_checksum.h>
88 #include <net/inet_common.h>
89 #include <linux/proc_fs.h>
91 #include <linux/netfilter.h>
92 #include <linux/netfilter_ipv6.h>
94 static u32
ndisc_hash(const void *pkey
, const struct net_device
*dev
);
95 static int ndisc_constructor(struct neighbour
*neigh
);
96 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
97 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
98 static int pndisc_constructor(struct pneigh_entry
*n
);
99 static void pndisc_destructor(struct pneigh_entry
*n
);
100 static void pndisc_redo(struct sk_buff
*skb
);
102 static const struct neigh_ops ndisc_generic_ops
= {
104 .solicit
= ndisc_solicit
,
105 .error_report
= ndisc_error_report
,
106 .output
= neigh_resolve_output
,
107 .connected_output
= neigh_connected_output
,
108 .hh_output
= dev_queue_xmit
,
109 .queue_xmit
= dev_queue_xmit
,
112 static const struct neigh_ops ndisc_hh_ops
= {
114 .solicit
= ndisc_solicit
,
115 .error_report
= ndisc_error_report
,
116 .output
= neigh_resolve_output
,
117 .connected_output
= neigh_resolve_output
,
118 .hh_output
= dev_queue_xmit
,
119 .queue_xmit
= dev_queue_xmit
,
123 static const struct neigh_ops ndisc_direct_ops
= {
125 .output
= dev_queue_xmit
,
126 .connected_output
= dev_queue_xmit
,
127 .hh_output
= dev_queue_xmit
,
128 .queue_xmit
= dev_queue_xmit
,
131 struct neigh_table nd_tbl
= {
133 .entry_size
= sizeof(struct neighbour
) + sizeof(struct in6_addr
),
134 .key_len
= sizeof(struct in6_addr
),
136 .constructor
= ndisc_constructor
,
137 .pconstructor
= pndisc_constructor
,
138 .pdestructor
= pndisc_destructor
,
139 .proxy_redo
= pndisc_redo
,
143 .base_reachable_time
= 30 * HZ
,
144 .retrans_time
= 1 * HZ
,
145 .gc_staletime
= 60 * HZ
,
146 .reachable_time
= 30 * HZ
,
147 .delay_probe_time
= 5 * HZ
,
151 .anycast_delay
= 1 * HZ
,
152 .proxy_delay
= (8 * HZ
) / 10,
155 .gc_interval
= 30 * HZ
,
162 struct ndisc_options
{
163 struct nd_opt_hdr
*nd_opt_array
[__ND_OPT_ARRAY_MAX
];
164 #ifdef CONFIG_IPV6_ROUTE_INFO
165 struct nd_opt_hdr
*nd_opts_ri
;
166 struct nd_opt_hdr
*nd_opts_ri_end
;
168 struct nd_opt_hdr
*nd_useropts
;
169 struct nd_opt_hdr
*nd_useropts_end
;
172 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
173 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
174 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
175 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
176 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
177 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
179 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
182 * Return the padding between the option length and the start of the
183 * link addr. Currently only IP-over-InfiniBand needs this, although
184 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
185 * also need a pad of 2.
187 static int ndisc_addr_option_pad(unsigned short type
)
190 case ARPHRD_INFINIBAND
: return 2;
195 static inline int ndisc_opt_addr_space(struct net_device
*dev
)
197 return NDISC_OPT_SPACE(dev
->addr_len
+ ndisc_addr_option_pad(dev
->type
));
200 static u8
*ndisc_fill_addr_option(u8
*opt
, int type
, void *data
, int data_len
,
201 unsigned short addr_type
)
203 int space
= NDISC_OPT_SPACE(data_len
);
204 int pad
= ndisc_addr_option_pad(addr_type
);
209 memset(opt
+ 2, 0, pad
);
213 memcpy(opt
+2, data
, data_len
);
216 if ((space
-= data_len
) > 0)
217 memset(opt
, 0, space
);
221 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
222 struct nd_opt_hdr
*end
)
225 if (!cur
|| !end
|| cur
>= end
)
227 type
= cur
->nd_opt_type
;
229 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
230 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
231 return cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
;
234 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
236 return opt
->nd_opt_type
== ND_OPT_RDNSS
;
239 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
240 struct nd_opt_hdr
*end
)
242 if (!cur
|| !end
|| cur
>= end
)
245 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
246 } while(cur
< end
&& !ndisc_is_useropt(cur
));
247 return cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
;
250 static struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
251 struct ndisc_options
*ndopts
)
253 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
255 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
257 memset(ndopts
, 0, sizeof(*ndopts
));
260 if (opt_len
< sizeof(struct nd_opt_hdr
))
262 l
= nd_opt
->nd_opt_len
<< 3;
263 if (opt_len
< l
|| l
== 0)
265 switch (nd_opt
->nd_opt_type
) {
266 case ND_OPT_SOURCE_LL_ADDR
:
267 case ND_OPT_TARGET_LL_ADDR
:
269 case ND_OPT_REDIRECT_HDR
:
270 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
271 ND_PRINTK2(KERN_WARNING
272 "%s(): duplicated ND6 option found: type=%d\n",
274 nd_opt
->nd_opt_type
);
276 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
279 case ND_OPT_PREFIX_INFO
:
280 ndopts
->nd_opts_pi_end
= nd_opt
;
281 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
282 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
284 #ifdef CONFIG_IPV6_ROUTE_INFO
285 case ND_OPT_ROUTE_INFO
:
286 ndopts
->nd_opts_ri_end
= nd_opt
;
287 if (!ndopts
->nd_opts_ri
)
288 ndopts
->nd_opts_ri
= nd_opt
;
292 if (ndisc_is_useropt(nd_opt
)) {
293 ndopts
->nd_useropts_end
= nd_opt
;
294 if (!ndopts
->nd_useropts
)
295 ndopts
->nd_useropts
= nd_opt
;
298 * Unknown options must be silently ignored,
299 * to accommodate future extension to the
302 ND_PRINTK2(KERN_NOTICE
303 "%s(): ignored unsupported option; type=%d, len=%d\n",
305 nd_opt
->nd_opt_type
, nd_opt
->nd_opt_len
);
309 nd_opt
= ((void *)nd_opt
) + l
;
314 static inline u8
*ndisc_opt_addr_data(struct nd_opt_hdr
*p
,
315 struct net_device
*dev
)
317 u8
*lladdr
= (u8
*)(p
+ 1);
318 int lladdrlen
= p
->nd_opt_len
<< 3;
319 int prepad
= ndisc_addr_option_pad(dev
->type
);
320 if (lladdrlen
!= NDISC_OPT_SPACE(dev
->addr_len
+ prepad
))
322 return lladdr
+ prepad
;
325 int ndisc_mc_map(struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
329 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
331 ipv6_eth_mc_map(addr
, buf
);
333 case ARPHRD_IEEE802_TR
:
334 ipv6_tr_mc_map(addr
,buf
);
337 ipv6_arcnet_mc_map(addr
, buf
);
339 case ARPHRD_INFINIBAND
:
340 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
344 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
351 EXPORT_SYMBOL(ndisc_mc_map
);
353 static u32
ndisc_hash(const void *pkey
, const struct net_device
*dev
)
355 const u32
*p32
= pkey
;
359 for (i
= 0; i
< (sizeof(struct in6_addr
) / sizeof(u32
)); i
++)
362 return jhash_2words(addr_hash
, dev
->ifindex
, nd_tbl
.hash_rnd
);
365 static int ndisc_constructor(struct neighbour
*neigh
)
367 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
368 struct net_device
*dev
= neigh
->dev
;
369 struct inet6_dev
*in6_dev
;
370 struct neigh_parms
*parms
;
371 int is_multicast
= ipv6_addr_is_multicast(addr
);
374 in6_dev
= in6_dev_get(dev
);
375 if (in6_dev
== NULL
) {
380 parms
= in6_dev
->nd_parms
;
381 __neigh_parms_put(neigh
->parms
);
382 neigh
->parms
= neigh_parms_clone(parms
);
385 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
386 if (!dev
->header_ops
) {
387 neigh
->nud_state
= NUD_NOARP
;
388 neigh
->ops
= &ndisc_direct_ops
;
389 neigh
->output
= neigh
->ops
->queue_xmit
;
392 neigh
->nud_state
= NUD_NOARP
;
393 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
394 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
395 neigh
->nud_state
= NUD_NOARP
;
396 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
397 if (dev
->flags
&IFF_LOOPBACK
)
398 neigh
->type
= RTN_LOCAL
;
399 } else if (dev
->flags
&IFF_POINTOPOINT
) {
400 neigh
->nud_state
= NUD_NOARP
;
401 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
403 if (dev
->header_ops
->cache
)
404 neigh
->ops
= &ndisc_hh_ops
;
406 neigh
->ops
= &ndisc_generic_ops
;
407 if (neigh
->nud_state
&NUD_VALID
)
408 neigh
->output
= neigh
->ops
->connected_output
;
410 neigh
->output
= neigh
->ops
->output
;
412 in6_dev_put(in6_dev
);
416 static int pndisc_constructor(struct pneigh_entry
*n
)
418 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
419 struct in6_addr maddr
;
420 struct net_device
*dev
= n
->dev
;
422 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
424 addrconf_addr_solict_mult(addr
, &maddr
);
425 ipv6_dev_mc_inc(dev
, &maddr
);
429 static void pndisc_destructor(struct pneigh_entry
*n
)
431 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
432 struct in6_addr maddr
;
433 struct net_device
*dev
= n
->dev
;
435 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
437 addrconf_addr_solict_mult(addr
, &maddr
);
438 ipv6_dev_mc_dec(dev
, &maddr
);
441 struct sk_buff
*ndisc_build_skb(struct net_device
*dev
,
442 const struct in6_addr
*daddr
,
443 const struct in6_addr
*saddr
,
444 struct icmp6hdr
*icmp6h
,
445 const struct in6_addr
*target
,
448 struct net
*net
= dev_net(dev
);
449 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
451 struct icmp6hdr
*hdr
;
459 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
461 len
+= ndisc_opt_addr_space(dev
);
463 skb
= sock_alloc_send_skb(sk
,
464 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
465 len
+ LL_ALLOCATED_SPACE(dev
)),
469 "ICMPv6 ND: %s() failed to allocate an skb, err=%d.\n",
474 skb_reserve(skb
, LL_RESERVED_SPACE(dev
));
475 ip6_nd_hdr(sk
, skb
, dev
, saddr
, daddr
, IPPROTO_ICMPV6
, len
);
477 skb
->transport_header
= skb
->tail
;
480 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
481 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
483 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
485 ipv6_addr_copy((struct in6_addr
*)opt
, target
);
486 opt
+= sizeof(*target
);
490 ndisc_fill_addr_option(opt
, llinfo
, dev
->dev_addr
,
491 dev
->addr_len
, dev
->type
);
493 hdr
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, len
,
501 EXPORT_SYMBOL(ndisc_build_skb
);
503 void ndisc_send_skb(struct sk_buff
*skb
,
504 struct net_device
*dev
,
505 struct neighbour
*neigh
,
506 const struct in6_addr
*daddr
,
507 const struct in6_addr
*saddr
,
508 struct icmp6hdr
*icmp6h
)
511 struct dst_entry
*dst
;
512 struct net
*net
= dev_net(dev
);
513 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
514 struct inet6_dev
*idev
;
518 type
= icmp6h
->icmp6_type
;
520 icmpv6_flow_init(sk
, &fl
, type
, saddr
, daddr
, dev
->ifindex
);
522 dst
= icmp6_dst_alloc(dev
, neigh
, daddr
);
528 err
= xfrm_lookup(net
, &dst
, &fl
, NULL
, 0);
534 skb_dst_set(skb
, dst
);
536 idev
= in6_dev_get(dst
->dev
);
537 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
539 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
542 ICMP6MSGOUT_INC_STATS(net
, idev
, type
);
543 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
546 if (likely(idev
!= NULL
))
550 EXPORT_SYMBOL(ndisc_send_skb
);
553 * Send a Neighbour Discover packet
555 static void __ndisc_send(struct net_device
*dev
,
556 struct neighbour
*neigh
,
557 const struct in6_addr
*daddr
,
558 const struct in6_addr
*saddr
,
559 struct icmp6hdr
*icmp6h
, const struct in6_addr
*target
,
564 skb
= ndisc_build_skb(dev
, daddr
, saddr
, icmp6h
, target
, llinfo
);
568 ndisc_send_skb(skb
, dev
, neigh
, daddr
, saddr
, icmp6h
);
571 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
572 const struct in6_addr
*daddr
,
573 const struct in6_addr
*solicited_addr
,
574 int router
, int solicited
, int override
, int inc_opt
)
576 struct in6_addr tmpaddr
;
577 struct inet6_ifaddr
*ifp
;
578 const struct in6_addr
*src_addr
;
579 struct icmp6hdr icmp6h
= {
580 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
583 /* for anycast or proxy, solicited_addr != src_addr */
584 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
586 src_addr
= solicited_addr
;
587 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
589 inc_opt
|= ifp
->idev
->cnf
.force_tllao
;
592 if (ipv6_dev_get_saddr(dev_net(dev
), dev
, daddr
,
593 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
599 icmp6h
.icmp6_router
= router
;
600 icmp6h
.icmp6_solicited
= solicited
;
601 icmp6h
.icmp6_override
= override
;
603 __ndisc_send(dev
, neigh
, daddr
, src_addr
,
604 &icmp6h
, solicited_addr
,
605 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
608 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
609 const struct in6_addr
*solicit
,
610 const struct in6_addr
*daddr
, const struct in6_addr
*saddr
)
612 struct in6_addr addr_buf
;
613 struct icmp6hdr icmp6h
= {
614 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
618 if (ipv6_get_lladdr(dev
, &addr_buf
,
619 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
624 __ndisc_send(dev
, neigh
, daddr
, saddr
,
626 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
629 void ndisc_send_rs(struct net_device
*dev
, const struct in6_addr
*saddr
,
630 const struct in6_addr
*daddr
)
632 struct icmp6hdr icmp6h
= {
633 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
635 int send_sllao
= dev
->addr_len
;
637 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
639 * According to section 2.2 of RFC 4429, we must not
640 * send router solicitations with a sllao from
641 * optimistic addresses, but we may send the solicitation
642 * if we don't include the sllao. So here we check
643 * if our address is optimistic, and if so, we
644 * suppress the inclusion of the sllao.
647 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
650 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
659 __ndisc_send(dev
, NULL
, daddr
, saddr
,
661 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
665 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
668 * "The sender MUST return an ICMP
669 * destination unreachable"
671 dst_link_failure(skb
);
675 /* Called with locked neigh: either read or both */
677 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
679 struct in6_addr
*saddr
= NULL
;
680 struct in6_addr mcaddr
;
681 struct net_device
*dev
= neigh
->dev
;
682 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
683 int probes
= atomic_read(&neigh
->probes
);
685 if (skb
&& ipv6_chk_addr(dev_net(dev
), &ipv6_hdr(skb
)->saddr
, dev
, 1))
686 saddr
= &ipv6_hdr(skb
)->saddr
;
688 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
689 if (!(neigh
->nud_state
& NUD_VALID
)) {
690 ND_PRINTK1(KERN_DEBUG
"%s(): trying to ucast probe in NUD_INVALID: %pI6\n",
693 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
694 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
699 addrconf_addr_solict_mult(target
, &mcaddr
);
700 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
704 static int pndisc_is_router(const void *pkey
,
705 struct net_device
*dev
)
707 struct pneigh_entry
*n
;
710 read_lock_bh(&nd_tbl
.lock
);
711 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
713 ret
= !!(n
->flags
& NTF_ROUTER
);
714 read_unlock_bh(&nd_tbl
.lock
);
719 static void ndisc_recv_ns(struct sk_buff
*skb
)
721 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
722 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
723 struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
725 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
726 offsetof(struct nd_msg
, opt
));
727 struct ndisc_options ndopts
;
728 struct net_device
*dev
= skb
->dev
;
729 struct inet6_ifaddr
*ifp
;
730 struct inet6_dev
*idev
= NULL
;
731 struct neighbour
*neigh
;
732 int dad
= ipv6_addr_any(saddr
);
736 if (ipv6_addr_is_multicast(&msg
->target
)) {
737 ND_PRINTK2(KERN_WARNING
738 "ICMPv6 NS: multicast target address");
744 * DAD has to be destined for solicited node multicast address.
747 !(daddr
->s6_addr32
[0] == htonl(0xff020000) &&
748 daddr
->s6_addr32
[1] == htonl(0x00000000) &&
749 daddr
->s6_addr32
[2] == htonl(0x00000001) &&
750 daddr
->s6_addr
[12] == 0xff )) {
751 ND_PRINTK2(KERN_WARNING
752 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
756 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
757 ND_PRINTK2(KERN_WARNING
758 "ICMPv6 NS: invalid ND options\n");
762 if (ndopts
.nd_opts_src_lladdr
) {
763 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
765 ND_PRINTK2(KERN_WARNING
766 "ICMPv6 NS: invalid link-layer address length\n");
771 * If the IP source address is the unspecified address,
772 * there MUST NOT be source link-layer address option
776 ND_PRINTK2(KERN_WARNING
777 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
782 inc
= ipv6_addr_is_multicast(daddr
);
784 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
787 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
789 if (dev
->type
== ARPHRD_IEEE802_TR
) {
790 const unsigned char *sadr
;
791 sadr
= skb_mac_header(skb
);
792 if (((sadr
[8] ^ dev
->dev_addr
[0]) & 0x7f) == 0 &&
793 sadr
[9] == dev
->dev_addr
[1] &&
794 sadr
[10] == dev
->dev_addr
[2] &&
795 sadr
[11] == dev
->dev_addr
[3] &&
796 sadr
[12] == dev
->dev_addr
[4] &&
797 sadr
[13] == dev
->dev_addr
[5]) {
798 /* looped-back to us */
804 * We are colliding with another node
806 * so fail our DAD process
808 addrconf_dad_failure(ifp
);
812 * This is not a dad solicitation.
813 * If we are an optimistic node,
815 * Otherwise, we should ignore it.
817 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
824 struct net
*net
= dev_net(dev
);
826 idev
= in6_dev_get(dev
);
828 /* XXX: count this drop? */
832 if (ipv6_chk_acast_addr(net
, dev
, &msg
->target
) ||
833 (idev
->cnf
.forwarding
&&
834 (net
->ipv6
.devconf_all
->proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
835 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
836 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
837 skb
->pkt_type
!= PACKET_HOST
&&
839 idev
->nd_parms
->proxy_delay
!= 0) {
841 * for anycast or proxy,
842 * sender should delay its response
843 * by a random time between 0 and
844 * MAX_ANYCAST_DELAY_TIME seconds.
845 * (RFC2461) -- yoshfuji
847 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
849 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
857 is_router
= !!idev
->cnf
.forwarding
;
860 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &msg
->target
,
861 is_router
, 0, (ifp
!= NULL
), 1);
866 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
868 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
871 * update / create cache entry
872 * for the source address
874 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
875 !inc
|| lladdr
|| !dev
->addr_len
);
877 neigh_update(neigh
, lladdr
, NUD_STALE
,
878 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
879 NEIGH_UPDATE_F_OVERRIDE
);
880 if (neigh
|| !dev
->header_ops
) {
881 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
883 1, (ifp
!= NULL
&& inc
), inc
);
885 neigh_release(neigh
);
895 static void ndisc_recv_na(struct sk_buff
*skb
)
897 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
898 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
899 struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
901 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
902 offsetof(struct nd_msg
, opt
));
903 struct ndisc_options ndopts
;
904 struct net_device
*dev
= skb
->dev
;
905 struct inet6_ifaddr
*ifp
;
906 struct neighbour
*neigh
;
908 if (skb
->len
< sizeof(struct nd_msg
)) {
909 ND_PRINTK2(KERN_WARNING
910 "ICMPv6 NA: packet too short\n");
914 if (ipv6_addr_is_multicast(&msg
->target
)) {
915 ND_PRINTK2(KERN_WARNING
916 "ICMPv6 NA: target address is multicast.\n");
920 if (ipv6_addr_is_multicast(daddr
) &&
921 msg
->icmph
.icmp6_solicited
) {
922 ND_PRINTK2(KERN_WARNING
923 "ICMPv6 NA: solicited NA is multicasted.\n");
927 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
928 ND_PRINTK2(KERN_WARNING
929 "ICMPv6 NS: invalid ND option\n");
932 if (ndopts
.nd_opts_tgt_lladdr
) {
933 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
935 ND_PRINTK2(KERN_WARNING
936 "ICMPv6 NA: invalid link-layer address length\n");
940 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
942 if (ifp
->flags
& IFA_F_TENTATIVE
) {
943 addrconf_dad_failure(ifp
);
946 /* What should we make now? The advertisement
947 is invalid, but ndisc specs say nothing
948 about it. It could be misconfiguration, or
949 an smart proxy agent tries to help us :-)
951 We should not print the error if NA has been
952 received from loopback - it is just our own
953 unsolicited advertisement.
955 if (skb
->pkt_type
!= PACKET_LOOPBACK
)
956 ND_PRINTK1(KERN_WARNING
957 "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
958 &ifp
->addr
, ifp
->idev
->dev
->name
);
962 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
965 u8 old_flags
= neigh
->flags
;
966 struct net
*net
= dev_net(dev
);
968 if (neigh
->nud_state
& NUD_FAILED
)
972 * Don't update the neighbor cache entry on a proxy NA from
973 * ourselves because either the proxied node is off link or it
974 * has already sent a NA to us.
976 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
977 net
->ipv6
.devconf_all
->forwarding
&& net
->ipv6
.devconf_all
->proxy_ndp
&&
978 pneigh_lookup(&nd_tbl
, net
, &msg
->target
, dev
, 0)) {
979 /* XXX: idev->cnf.prixy_ndp */
983 neigh_update(neigh
, lladdr
,
984 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
985 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
986 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
987 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
988 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
990 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
992 * Change: router to host
995 rt
= rt6_get_dflt_router(saddr
, dev
);
1001 neigh_release(neigh
);
1005 static void ndisc_recv_rs(struct sk_buff
*skb
)
1007 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
1008 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
1009 struct neighbour
*neigh
;
1010 struct inet6_dev
*idev
;
1011 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
1012 struct ndisc_options ndopts
;
1015 if (skb
->len
< sizeof(*rs_msg
))
1018 idev
= in6_dev_get(skb
->dev
);
1020 if (net_ratelimit())
1021 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1025 /* Don't accept RS if we're not in router mode */
1026 if (!idev
->cnf
.forwarding
)
1030 * Don't update NCE if src = ::;
1031 * this implies that the source node has no ip address assigned yet.
1033 if (ipv6_addr_any(saddr
))
1036 /* Parse ND options */
1037 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
1038 if (net_ratelimit())
1039 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1043 if (ndopts
.nd_opts_src_lladdr
) {
1044 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1050 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
1052 neigh_update(neigh
, lladdr
, NUD_STALE
,
1053 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1054 NEIGH_UPDATE_F_OVERRIDE
|
1055 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
1056 neigh_release(neigh
);
1062 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
1064 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
1065 struct sk_buff
*skb
;
1066 struct nlmsghdr
*nlh
;
1067 struct nduseroptmsg
*ndmsg
;
1068 struct net
*net
= dev_net(ra
->dev
);
1070 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
1071 + (opt
->nd_opt_len
<< 3));
1072 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
1074 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
1080 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
1082 goto nla_put_failure
;
1085 ndmsg
= nlmsg_data(nlh
);
1086 ndmsg
->nduseropt_family
= AF_INET6
;
1087 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1088 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1089 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1090 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1092 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1094 NLA_PUT(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1095 &ipv6_hdr(ra
)->saddr
);
1096 nlmsg_end(skb
, nlh
);
1098 rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
, GFP_ATOMIC
);
1105 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1108 static inline int accept_ra(struct inet6_dev
*in6_dev
)
1111 * If forwarding is enabled, RA are not accepted unless the special
1112 * hybrid mode (accept_ra=2) is enabled.
1114 if (in6_dev
->cnf
.forwarding
&& in6_dev
->cnf
.accept_ra
< 2)
1117 return in6_dev
->cnf
.accept_ra
;
1120 static void ndisc_router_discovery(struct sk_buff
*skb
)
1122 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1123 struct neighbour
*neigh
= NULL
;
1124 struct inet6_dev
*in6_dev
;
1125 struct rt6_info
*rt
= NULL
;
1127 struct ndisc_options ndopts
;
1129 unsigned int pref
= 0;
1131 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1133 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1135 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1136 ND_PRINTK2(KERN_WARNING
1137 "ICMPv6 RA: source address is not link-local.\n");
1141 ND_PRINTK2(KERN_WARNING
1142 "ICMPv6 RA: packet too short\n");
1146 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1147 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1148 ND_PRINTK2(KERN_WARNING
1149 "ICMPv6 RA: from host or unauthorized router\n");
1155 * set the RA_RECV flag in the interface
1158 in6_dev
= in6_dev_get(skb
->dev
);
1159 if (in6_dev
== NULL
) {
1161 "ICMPv6 RA: can't find inet6 device for %s.\n",
1166 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1167 in6_dev_put(in6_dev
);
1168 ND_PRINTK2(KERN_WARNING
1169 "ICMP6 RA: invalid ND options\n");
1173 if (!accept_ra(in6_dev
))
1174 goto skip_linkparms
;
1176 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1177 /* skip link-specific parameters from interior routers */
1178 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1179 goto skip_linkparms
;
1182 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1184 * flag that an RA was received after an RS was sent
1185 * out on this interface.
1187 in6_dev
->if_flags
|= IF_RA_RCVD
;
1191 * Remember the managed/otherconf flags from most recently
1192 * received RA message (RFC 2462) -- yoshfuji
1194 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1196 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1197 IF_RA_MANAGED
: 0) |
1198 (ra_msg
->icmph
.icmp6_addrconf_other
?
1199 IF_RA_OTHERCONF
: 0);
1201 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1204 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1206 #ifdef CONFIG_IPV6_ROUTER_PREF
1207 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1208 /* 10b is handled as if it were 00b (medium) */
1209 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1210 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1211 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1214 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1217 neigh
= rt
->rt6i_nexthop
;
1219 if (rt
&& lifetime
== 0) {
1225 if (rt
== NULL
&& lifetime
) {
1226 ND_PRINTK3(KERN_DEBUG
1227 "ICMPv6 RA: adding default router.\n");
1229 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1232 "ICMPv6 RA: %s() failed to add default route.\n",
1234 in6_dev_put(in6_dev
);
1238 neigh
= rt
->rt6i_nexthop
;
1239 if (neigh
== NULL
) {
1241 "ICMPv6 RA: %s() got default router without neighbour.\n",
1243 dst_release(&rt
->dst
);
1244 in6_dev_put(in6_dev
);
1247 neigh
->flags
|= NTF_ROUTER
;
1249 rt
->rt6i_flags
= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1253 rt
->rt6i_expires
= jiffies
+ (HZ
* lifetime
);
1255 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1256 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1258 rt
->dst
.metrics
[RTAX_HOPLIMIT
-1] = ra_msg
->icmph
.icmp6_hop_limit
;
1264 * Update Reachable Time and Retrans Timer
1267 if (in6_dev
->nd_parms
) {
1268 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1270 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1271 rtime
= (rtime
*HZ
)/1000;
1274 in6_dev
->nd_parms
->retrans_time
= rtime
;
1275 in6_dev
->tstamp
= jiffies
;
1276 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1279 rtime
= ntohl(ra_msg
->reachable_time
);
1280 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1281 rtime
= (rtime
*HZ
)/1000;
1286 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1287 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1288 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1289 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1290 in6_dev
->tstamp
= jiffies
;
1291 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1303 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1307 if (ndopts
.nd_opts_src_lladdr
) {
1308 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1311 ND_PRINTK2(KERN_WARNING
1312 "ICMPv6 RA: invalid link-layer address length\n");
1316 neigh_update(neigh
, lladdr
, NUD_STALE
,
1317 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1318 NEIGH_UPDATE_F_OVERRIDE
|
1319 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1320 NEIGH_UPDATE_F_ISROUTER
);
1323 if (!accept_ra(in6_dev
))
1326 #ifdef CONFIG_IPV6_ROUTE_INFO
1327 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1328 struct nd_opt_hdr
*p
;
1329 for (p
= ndopts
.nd_opts_ri
;
1331 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1332 struct route_info
*ri
= (struct route_info
*)p
;
1333 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1334 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1335 ri
->prefix_len
== 0)
1338 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1340 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1341 &ipv6_hdr(skb
)->saddr
);
1346 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1347 /* skip link-specific ndopts from interior routers */
1348 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1352 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1353 struct nd_opt_hdr
*p
;
1354 for (p
= ndopts
.nd_opts_pi
;
1356 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1357 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3);
1361 if (ndopts
.nd_opts_mtu
) {
1365 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1368 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1369 ND_PRINTK2(KERN_WARNING
1370 "ICMPv6 RA: invalid mtu: %d\n",
1372 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1373 in6_dev
->cnf
.mtu6
= mtu
;
1376 rt
->dst
.metrics
[RTAX_MTU
-1] = mtu
;
1378 rt6_mtu_change(skb
->dev
, mtu
);
1382 if (ndopts
.nd_useropts
) {
1383 struct nd_opt_hdr
*p
;
1384 for (p
= ndopts
.nd_useropts
;
1386 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1387 ndisc_ra_useropt(skb
, p
);
1391 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1392 ND_PRINTK2(KERN_WARNING
1393 "ICMPv6 RA: invalid RA options");
1397 dst_release(&rt
->dst
);
1399 neigh_release(neigh
);
1400 in6_dev_put(in6_dev
);
1403 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1405 struct inet6_dev
*in6_dev
;
1406 struct icmp6hdr
*icmph
;
1407 struct in6_addr
*dest
;
1408 struct in6_addr
*target
; /* new first hop to destination */
1409 struct neighbour
*neigh
;
1411 struct ndisc_options ndopts
;
1415 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1416 switch (skb
->ndisc_nodetype
) {
1417 case NDISC_NODETYPE_HOST
:
1418 case NDISC_NODETYPE_NODEFAULT
:
1419 ND_PRINTK2(KERN_WARNING
1420 "ICMPv6 Redirect: from host or unauthorized router\n");
1425 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1426 ND_PRINTK2(KERN_WARNING
1427 "ICMPv6 Redirect: source address is not link-local.\n");
1431 optlen
= skb
->tail
- skb
->transport_header
;
1432 optlen
-= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1435 ND_PRINTK2(KERN_WARNING
1436 "ICMPv6 Redirect: packet too short\n");
1440 icmph
= icmp6_hdr(skb
);
1441 target
= (struct in6_addr
*) (icmph
+ 1);
1444 if (ipv6_addr_is_multicast(dest
)) {
1445 ND_PRINTK2(KERN_WARNING
1446 "ICMPv6 Redirect: destination address is multicast.\n");
1450 if (ipv6_addr_equal(dest
, target
)) {
1452 } else if (ipv6_addr_type(target
) !=
1453 (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1454 ND_PRINTK2(KERN_WARNING
1455 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1459 in6_dev
= in6_dev_get(skb
->dev
);
1462 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_redirects
) {
1463 in6_dev_put(in6_dev
);
1468 * The IP source address of the Redirect MUST be the same as the current
1469 * first-hop router for the specified ICMP Destination Address.
1472 if (!ndisc_parse_options((u8
*)(dest
+ 1), optlen
, &ndopts
)) {
1473 ND_PRINTK2(KERN_WARNING
1474 "ICMPv6 Redirect: invalid ND options\n");
1475 in6_dev_put(in6_dev
);
1478 if (ndopts
.nd_opts_tgt_lladdr
) {
1479 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
,
1482 ND_PRINTK2(KERN_WARNING
1483 "ICMPv6 Redirect: invalid link-layer address length\n");
1484 in6_dev_put(in6_dev
);
1489 neigh
= __neigh_lookup(&nd_tbl
, target
, skb
->dev
, 1);
1491 rt6_redirect(dest
, &ipv6_hdr(skb
)->daddr
,
1492 &ipv6_hdr(skb
)->saddr
, neigh
, lladdr
,
1494 neigh_release(neigh
);
1496 in6_dev_put(in6_dev
);
1499 void ndisc_send_redirect(struct sk_buff
*skb
, struct neighbour
*neigh
,
1500 const struct in6_addr
*target
)
1502 struct net_device
*dev
= skb
->dev
;
1503 struct net
*net
= dev_net(dev
);
1504 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1505 int len
= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1506 struct sk_buff
*buff
;
1507 struct icmp6hdr
*icmph
;
1508 struct in6_addr saddr_buf
;
1509 struct in6_addr
*addrp
;
1510 struct rt6_info
*rt
;
1511 struct dst_entry
*dst
;
1512 struct inet6_dev
*idev
;
1517 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1519 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1520 ND_PRINTK2(KERN_WARNING
1521 "ICMPv6 Redirect: no link-local address on %s\n",
1526 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1527 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1528 ND_PRINTK2(KERN_WARNING
1529 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1533 icmpv6_flow_init(sk
, &fl
, NDISC_REDIRECT
,
1534 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1536 dst
= ip6_route_output(net
, NULL
, &fl
);
1540 err
= xfrm_lookup(net
, &dst
, &fl
, NULL
, 0);
1544 rt
= (struct rt6_info
*) dst
;
1546 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1547 ND_PRINTK2(KERN_WARNING
1548 "ICMPv6 Redirect: destination is not a neighbour.\n");
1551 if (!xrlim_allow(dst
, 1*HZ
))
1554 if (dev
->addr_len
) {
1555 read_lock_bh(&neigh
->lock
);
1556 if (neigh
->nud_state
& NUD_VALID
) {
1557 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1558 read_unlock_bh(&neigh
->lock
);
1560 len
+= ndisc_opt_addr_space(dev
);
1562 read_unlock_bh(&neigh
->lock
);
1565 rd_len
= min_t(unsigned int,
1566 IPV6_MIN_MTU
-sizeof(struct ipv6hdr
)-len
, skb
->len
+ 8);
1570 buff
= sock_alloc_send_skb(sk
,
1571 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
1572 len
+ LL_ALLOCATED_SPACE(dev
)),
1576 "ICMPv6 Redirect: %s() failed to allocate an skb, err=%d.\n",
1581 skb_reserve(buff
, LL_RESERVED_SPACE(dev
));
1582 ip6_nd_hdr(sk
, buff
, dev
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1583 IPPROTO_ICMPV6
, len
);
1585 skb_set_transport_header(buff
, skb_tail_pointer(buff
) - buff
->data
);
1587 icmph
= icmp6_hdr(buff
);
1589 memset(icmph
, 0, sizeof(struct icmp6hdr
));
1590 icmph
->icmp6_type
= NDISC_REDIRECT
;
1593 * copy target and destination addresses
1596 addrp
= (struct in6_addr
*)(icmph
+ 1);
1597 ipv6_addr_copy(addrp
, target
);
1599 ipv6_addr_copy(addrp
, &ipv6_hdr(skb
)->daddr
);
1601 opt
= (u8
*) (addrp
+ 1);
1604 * include target_address option
1608 opt
= ndisc_fill_addr_option(opt
, ND_OPT_TARGET_LL_ADDR
, ha
,
1609 dev
->addr_len
, dev
->type
);
1612 * build redirect option and copy skb over to the new packet.
1616 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1617 *(opt
++) = (rd_len
>> 3);
1620 memcpy(opt
, ipv6_hdr(skb
), rd_len
- 8);
1622 icmph
->icmp6_cksum
= csum_ipv6_magic(&saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1623 len
, IPPROTO_ICMPV6
,
1624 csum_partial(icmph
, len
, 0));
1626 skb_dst_set(buff
, dst
);
1627 idev
= in6_dev_get(dst
->dev
);
1628 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
1629 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, buff
, NULL
, dst
->dev
,
1632 ICMP6MSGOUT_INC_STATS(net
, idev
, NDISC_REDIRECT
);
1633 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
1636 if (likely(idev
!= NULL
))
1644 static void pndisc_redo(struct sk_buff
*skb
)
1650 int ndisc_rcv(struct sk_buff
*skb
)
1654 if (!pskb_may_pull(skb
, skb
->len
))
1657 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1659 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1661 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1662 ND_PRINTK2(KERN_WARNING
1663 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1664 ipv6_hdr(skb
)->hop_limit
);
1668 if (msg
->icmph
.icmp6_code
!= 0) {
1669 ND_PRINTK2(KERN_WARNING
1670 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1671 msg
->icmph
.icmp6_code
);
1675 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1677 switch (msg
->icmph
.icmp6_type
) {
1678 case NDISC_NEIGHBOUR_SOLICITATION
:
1682 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1686 case NDISC_ROUTER_SOLICITATION
:
1690 case NDISC_ROUTER_ADVERTISEMENT
:
1691 ndisc_router_discovery(skb
);
1694 case NDISC_REDIRECT
:
1695 ndisc_redirect_rcv(skb
);
1702 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1704 struct net_device
*dev
= ptr
;
1705 struct net
*net
= dev_net(dev
);
1708 case NETDEV_CHANGEADDR
:
1709 neigh_changeaddr(&nd_tbl
, dev
);
1710 fib6_run_gc(~0UL, net
);
1713 neigh_ifdown(&nd_tbl
, dev
);
1714 fib6_run_gc(~0UL, net
);
1723 static struct notifier_block ndisc_netdev_notifier
= {
1724 .notifier_call
= ndisc_netdev_event
,
1727 #ifdef CONFIG_SYSCTL
1728 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1729 const char *func
, const char *dev_name
)
1731 static char warncomm
[TASK_COMM_LEN
];
1733 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1734 strcpy(warncomm
, current
->comm
);
1736 "process `%s' is using deprecated sysctl (%s) "
1737 "net.ipv6.neigh.%s.%s; "
1738 "Use net.ipv6.neigh.%s.%s_ms "
1741 dev_name
, ctl
->procname
,
1742 dev_name
, ctl
->procname
);
1747 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1749 struct net_device
*dev
= ctl
->extra1
;
1750 struct inet6_dev
*idev
;
1753 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1754 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1755 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1757 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1758 ret
= proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
1760 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1761 ret
= proc_dointvec_jiffies(ctl
, write
,
1762 buffer
, lenp
, ppos
);
1764 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1765 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1766 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1767 buffer
, lenp
, ppos
);
1771 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1772 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1773 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1774 idev
->tstamp
= jiffies
;
1775 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1784 static int __net_init
ndisc_net_init(struct net
*net
)
1786 struct ipv6_pinfo
*np
;
1790 err
= inet_ctl_sock_create(&sk
, PF_INET6
,
1791 SOCK_RAW
, IPPROTO_ICMPV6
, net
);
1794 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1799 net
->ipv6
.ndisc_sk
= sk
;
1802 np
->hop_limit
= 255;
1803 /* Do not loopback ndisc messages */
1809 static void __net_exit
ndisc_net_exit(struct net
*net
)
1811 inet_ctl_sock_destroy(net
->ipv6
.ndisc_sk
);
1814 static struct pernet_operations ndisc_net_ops
= {
1815 .init
= ndisc_net_init
,
1816 .exit
= ndisc_net_exit
,
1819 int __init
ndisc_init(void)
1823 err
= register_pernet_subsys(&ndisc_net_ops
);
1827 * Initialize the neighbour table
1829 neigh_table_init(&nd_tbl
);
1831 #ifdef CONFIG_SYSCTL
1832 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
, "ipv6",
1833 &ndisc_ifinfo_sysctl_change
);
1835 goto out_unregister_pernet
;
1837 err
= register_netdevice_notifier(&ndisc_netdev_notifier
);
1839 goto out_unregister_sysctl
;
1843 out_unregister_sysctl
:
1844 #ifdef CONFIG_SYSCTL
1845 neigh_sysctl_unregister(&nd_tbl
.parms
);
1846 out_unregister_pernet
:
1848 unregister_pernet_subsys(&ndisc_net_ops
);
1852 void ndisc_cleanup(void)
1854 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1855 #ifdef CONFIG_SYSCTL
1856 neigh_sysctl_unregister(&nd_tbl
.parms
);
1858 neigh_table_clear(&nd_tbl
);
1859 unregister_pernet_subsys(&ndisc_net_ops
);