search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
net: return operator cleanup
[linux-2.6/libata-dev.git] / net / ipv6 / ndisc.c
blobb3dd844cd34fea9d53f917006b395c2e9f30e46a
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
21 * of an RA.
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
27 */
28
29 /* Set to 3 to get tracing... */
30 #define ND_DEBUG 1
31
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
38 #if ND_DEBUG >= 1
39 #undef ND_PRINTK1
40 #define ND_PRINTK1 ND_PRINTK
41 #endif
42 #if ND_DEBUG >= 2
43 #undef ND_PRINTK2
44 #define ND_PRINTK2 ND_PRINTK
45 #endif
46 #if ND_DEBUG >= 3
47 #undef ND_PRINTK3
48 #define ND_PRINTK3 ND_PRINTK
49 #endif
50
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #include <linux/slab.h>
63 #ifdef CONFIG_SYSCTL
64 #include <linux/sysctl.h>
65 #endif
66
67 #include <linux/if_addr.h>
68 #include <linux/if_arp.h>
69 #include <linux/ipv6.h>
70 #include <linux/icmpv6.h>
71 #include <linux/jhash.h>
72
73 #include <net/sock.h>
74 #include <net/snmp.h>
75
76 #include <net/ipv6.h>
77 #include <net/protocol.h>
78 #include <net/ndisc.h>
79 #include <net/ip6_route.h>
80 #include <net/addrconf.h>
81 #include <net/icmp.h>
82
83 #include <net/netlink.h>
84 #include <linux/rtnetlink.h>
85
86 #include <net/flow.h>
87 #include <net/ip6_checksum.h>
88 #include <net/inet_common.h>
89 #include <linux/proc_fs.h>
90
91 #include <linux/netfilter.h>
92 #include <linux/netfilter_ipv6.h>
93
94 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
95 static int ndisc_constructor(struct neighbour *neigh);
96 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
97 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
98 static int pndisc_constructor(struct pneigh_entry *n);
99 static void pndisc_destructor(struct pneigh_entry *n);
100 static void pndisc_redo(struct sk_buff *skb);
101
102 static const struct neigh_ops ndisc_generic_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_connected_output,
108 .hh_output = dev_queue_xmit,
109 .queue_xmit = dev_queue_xmit,
110 };
111
112 static const struct neigh_ops ndisc_hh_ops = {
113 .family = AF_INET6,
114 .solicit = ndisc_solicit,
115 .error_report = ndisc_error_report,
116 .output = neigh_resolve_output,
117 .connected_output = neigh_resolve_output,
118 .hh_output = dev_queue_xmit,
119 .queue_xmit = dev_queue_xmit,
120 };
121
122
123 static const struct neigh_ops ndisc_direct_ops = {
124 .family = AF_INET6,
125 .output = dev_queue_xmit,
126 .connected_output = dev_queue_xmit,
127 .hh_output = dev_queue_xmit,
128 .queue_xmit = dev_queue_xmit,
129 };
130
131 struct neigh_table nd_tbl = {
132 .family = AF_INET6,
133 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
134 .key_len = sizeof(struct in6_addr),
135 .hash = ndisc_hash,
136 .constructor = ndisc_constructor,
137 .pconstructor = pndisc_constructor,
138 .pdestructor = pndisc_destructor,
139 .proxy_redo = pndisc_redo,
140 .id = "ndisc_cache",
141 .parms = {
142 .tbl = &nd_tbl,
143 .base_reachable_time = 30 * HZ,
144 .retrans_time = 1 * HZ,
145 .gc_staletime = 60 * HZ,
146 .reachable_time = 30 * HZ,
147 .delay_probe_time = 5 * HZ,
148 .queue_len = 3,
149 .ucast_probes = 3,
150 .mcast_probes = 3,
151 .anycast_delay = 1 * HZ,
152 .proxy_delay = (8 * HZ) / 10,
153 .proxy_qlen = 64,
154 },
155 .gc_interval = 30 * HZ,
156 .gc_thresh1 = 128,
157 .gc_thresh2 = 512,
158 .gc_thresh3 = 1024,
159 };
160
161 /* ND options */
162 struct ndisc_options {
163 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
164 #ifdef CONFIG_IPV6_ROUTE_INFO
165 struct nd_opt_hdr *nd_opts_ri;
166 struct nd_opt_hdr *nd_opts_ri_end;
167 #endif
168 struct nd_opt_hdr *nd_useropts;
169 struct nd_opt_hdr *nd_useropts_end;
170 };
171
172 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
173 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
174 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
175 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
176 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
177 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
178
179 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
180
181 /*
182 * Return the padding between the option length and the start of the
183 * link addr. Currently only IP-over-InfiniBand needs this, although
184 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
185 * also need a pad of 2.
186 */
187 static int ndisc_addr_option_pad(unsigned short type)
188 {
189 switch (type) {
190 case ARPHRD_INFINIBAND: return 2;
191 default: return 0;
192 }
193 }
194
195 static inline int ndisc_opt_addr_space(struct net_device *dev)
196 {
197 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
198 }
199
200 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
201 unsigned short addr_type)
202 {
203 int space = NDISC_OPT_SPACE(data_len);
204 int pad = ndisc_addr_option_pad(addr_type);
205
206 opt[0] = type;
207 opt[1] = space>>3;
208
209 memset(opt + 2, 0, pad);
210 opt += pad;
211 space -= pad;
212
213 memcpy(opt+2, data, data_len);
214 data_len += 2;
215 opt += data_len;
216 if ((space -= data_len) > 0)
217 memset(opt, 0, space);
218 return opt + space;
219 }
220
221 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
222 struct nd_opt_hdr *end)
223 {
224 int type;
225 if (!cur || !end || cur >= end)
226 return NULL;
227 type = cur->nd_opt_type;
228 do {
229 cur = ((void *)cur) + (cur->nd_opt_len << 3);
230 } while(cur < end && cur->nd_opt_type != type);
231 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
232 }
233
234 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
235 {
236 return opt->nd_opt_type == ND_OPT_RDNSS;
237 }
238
239 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
240 struct nd_opt_hdr *end)
241 {
242 if (!cur || !end || cur >= end)
243 return NULL;
244 do {
245 cur = ((void *)cur) + (cur->nd_opt_len << 3);
246 } while(cur < end && !ndisc_is_useropt(cur));
247 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
248 }
249
250 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
251 struct ndisc_options *ndopts)
252 {
253 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
254
255 if (!nd_opt || opt_len < 0 || !ndopts)
256 return NULL;
257 memset(ndopts, 0, sizeof(*ndopts));
258 while (opt_len) {
259 int l;
260 if (opt_len < sizeof(struct nd_opt_hdr))
261 return NULL;
262 l = nd_opt->nd_opt_len << 3;
263 if (opt_len < l || l == 0)
264 return NULL;
265 switch (nd_opt->nd_opt_type) {
266 case ND_OPT_SOURCE_LL_ADDR:
267 case ND_OPT_TARGET_LL_ADDR:
268 case ND_OPT_MTU:
269 case ND_OPT_REDIRECT_HDR:
270 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
271 ND_PRINTK2(KERN_WARNING
272 "%s(): duplicated ND6 option found: type=%d\n",
273 __func__,
274 nd_opt->nd_opt_type);
275 } else {
276 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
277 }
278 break;
279 case ND_OPT_PREFIX_INFO:
280 ndopts->nd_opts_pi_end = nd_opt;
281 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
282 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
283 break;
284 #ifdef CONFIG_IPV6_ROUTE_INFO
285 case ND_OPT_ROUTE_INFO:
286 ndopts->nd_opts_ri_end = nd_opt;
287 if (!ndopts->nd_opts_ri)
288 ndopts->nd_opts_ri = nd_opt;
289 break;
290 #endif
291 default:
292 if (ndisc_is_useropt(nd_opt)) {
293 ndopts->nd_useropts_end = nd_opt;
294 if (!ndopts->nd_useropts)
295 ndopts->nd_useropts = nd_opt;
296 } else {
297 /*
298 * Unknown options must be silently ignored,
299 * to accommodate future extension to the
300 * protocol.
301 */
302 ND_PRINTK2(KERN_NOTICE
303 "%s(): ignored unsupported option; type=%d, len=%d\n",
304 __func__,
305 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
306 }
307 }
308 opt_len -= l;
309 nd_opt = ((void *)nd_opt) + l;
310 }
311 return ndopts;
312 }
313
314 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
315 struct net_device *dev)
316 {
317 u8 *lladdr = (u8 *)(p + 1);
318 int lladdrlen = p->nd_opt_len << 3;
319 int prepad = ndisc_addr_option_pad(dev->type);
320 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
321 return NULL;
322 return lladdr + prepad;
323 }
324
325 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
326 {
327 switch (dev->type) {
328 case ARPHRD_ETHER:
329 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
330 case ARPHRD_FDDI:
331 ipv6_eth_mc_map(addr, buf);
332 return 0;
333 case ARPHRD_IEEE802_TR:
334 ipv6_tr_mc_map(addr,buf);
335 return 0;
336 case ARPHRD_ARCNET:
337 ipv6_arcnet_mc_map(addr, buf);
338 return 0;
339 case ARPHRD_INFINIBAND:
340 ipv6_ib_mc_map(addr, dev->broadcast, buf);
341 return 0;
342 default:
343 if (dir) {
344 memcpy(buf, dev->broadcast, dev->addr_len);
345 return 0;
346 }
347 }
348 return -EINVAL;
349 }
350
351 EXPORT_SYMBOL(ndisc_mc_map);
352
353 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
354 {
355 const u32 *p32 = pkey;
356 u32 addr_hash, i;
357
358 addr_hash = 0;
359 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
360 addr_hash ^= *p32++;
361
362 return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
363 }
364
365 static int ndisc_constructor(struct neighbour *neigh)
366 {
367 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
368 struct net_device *dev = neigh->dev;
369 struct inet6_dev *in6_dev;
370 struct neigh_parms *parms;
371 int is_multicast = ipv6_addr_is_multicast(addr);
372
373 rcu_read_lock();
374 in6_dev = in6_dev_get(dev);
375 if (in6_dev == NULL) {
376 rcu_read_unlock();
377 return -EINVAL;
378 }
379
380 parms = in6_dev->nd_parms;
381 __neigh_parms_put(neigh->parms);
382 neigh->parms = neigh_parms_clone(parms);
383 rcu_read_unlock();
384
385 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
386 if (!dev->header_ops) {
387 neigh->nud_state = NUD_NOARP;
388 neigh->ops = &ndisc_direct_ops;
389 neigh->output = neigh->ops->queue_xmit;
390 } else {
391 if (is_multicast) {
392 neigh->nud_state = NUD_NOARP;
393 ndisc_mc_map(addr, neigh->ha, dev, 1);
394 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
395 neigh->nud_state = NUD_NOARP;
396 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
397 if (dev->flags&IFF_LOOPBACK)
398 neigh->type = RTN_LOCAL;
399 } else if (dev->flags&IFF_POINTOPOINT) {
400 neigh->nud_state = NUD_NOARP;
401 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
402 }
403 if (dev->header_ops->cache)
404 neigh->ops = &ndisc_hh_ops;
405 else
406 neigh->ops = &ndisc_generic_ops;
407 if (neigh->nud_state&NUD_VALID)
408 neigh->output = neigh->ops->connected_output;
409 else
410 neigh->output = neigh->ops->output;
411 }
412 in6_dev_put(in6_dev);
413 return 0;
414 }
415
416 static int pndisc_constructor(struct pneigh_entry *n)
417 {
418 struct in6_addr *addr = (struct in6_addr*)&n->key;
419 struct in6_addr maddr;
420 struct net_device *dev = n->dev;
421
422 if (dev == NULL || __in6_dev_get(dev) == NULL)
423 return -EINVAL;
424 addrconf_addr_solict_mult(addr, &maddr);
425 ipv6_dev_mc_inc(dev, &maddr);
426 return 0;
427 }
428
429 static void pndisc_destructor(struct pneigh_entry *n)
430 {
431 struct in6_addr *addr = (struct in6_addr*)&n->key;
432 struct in6_addr maddr;
433 struct net_device *dev = n->dev;
434
435 if (dev == NULL || __in6_dev_get(dev) == NULL)
436 return;
437 addrconf_addr_solict_mult(addr, &maddr);
438 ipv6_dev_mc_dec(dev, &maddr);
439 }
440
441 struct sk_buff *ndisc_build_skb(struct net_device *dev,
442 const struct in6_addr *daddr,
443 const struct in6_addr *saddr,
444 struct icmp6hdr *icmp6h,
445 const struct in6_addr *target,
446 int llinfo)
447 {
448 struct net *net = dev_net(dev);
449 struct sock *sk = net->ipv6.ndisc_sk;
450 struct sk_buff *skb;
451 struct icmp6hdr *hdr;
452 int len;
453 int err;
454 u8 *opt;
455
456 if (!dev->addr_len)
457 llinfo = 0;
458
459 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
460 if (llinfo)
461 len += ndisc_opt_addr_space(dev);
462
463 skb = sock_alloc_send_skb(sk,
464 (MAX_HEADER + sizeof(struct ipv6hdr) +
465 len + LL_ALLOCATED_SPACE(dev)),
466 1, &err);
467 if (!skb) {
468 ND_PRINTK0(KERN_ERR
469 "ICMPv6 ND: %s() failed to allocate an skb, err=%d.\n",
470 __func__, err);
471 return NULL;
472 }
473
474 skb_reserve(skb, LL_RESERVED_SPACE(dev));
475 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
476
477 skb->transport_header = skb->tail;
478 skb_put(skb, len);
479
480 hdr = (struct icmp6hdr *)skb_transport_header(skb);
481 memcpy(hdr, icmp6h, sizeof(*hdr));
482
483 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
484 if (target) {
485 ipv6_addr_copy((struct in6_addr *)opt, target);
486 opt += sizeof(*target);
487 }
488
489 if (llinfo)
490 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
491 dev->addr_len, dev->type);
492
493 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
494 IPPROTO_ICMPV6,
495 csum_partial(hdr,
496 len, 0));
497
498 return skb;
499 }
500
501 EXPORT_SYMBOL(ndisc_build_skb);
502
503 void ndisc_send_skb(struct sk_buff *skb,
504 struct net_device *dev,
505 struct neighbour *neigh,
506 const struct in6_addr *daddr,
507 const struct in6_addr *saddr,
508 struct icmp6hdr *icmp6h)
509 {
510 struct flowi fl;
511 struct dst_entry *dst;
512 struct net *net = dev_net(dev);
513 struct sock *sk = net->ipv6.ndisc_sk;
514 struct inet6_dev *idev;
515 int err;
516 u8 type;
517
518 type = icmp6h->icmp6_type;
519
520 icmpv6_flow_init(sk, &fl, type, saddr, daddr, dev->ifindex);
521
522 dst = icmp6_dst_alloc(dev, neigh, daddr);
523 if (!dst) {
524 kfree_skb(skb);
525 return;
526 }
527
528 err = xfrm_lookup(net, &dst, &fl, NULL, 0);
529 if (err < 0) {
530 kfree_skb(skb);
531 return;
532 }
533
534 skb_dst_set(skb, dst);
535
536 idev = in6_dev_get(dst->dev);
537 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
538
539 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
540 dst_output);
541 if (!err) {
542 ICMP6MSGOUT_INC_STATS(net, idev, type);
543 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
544 }
545
546 if (likely(idev != NULL))
547 in6_dev_put(idev);
548 }
549
550 EXPORT_SYMBOL(ndisc_send_skb);
551
552 /*
553 * Send a Neighbour Discover packet
554 */
555 static void __ndisc_send(struct net_device *dev,
556 struct neighbour *neigh,
557 const struct in6_addr *daddr,
558 const struct in6_addr *saddr,
559 struct icmp6hdr *icmp6h, const struct in6_addr *target,
560 int llinfo)
561 {
562 struct sk_buff *skb;
563
564 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
565 if (!skb)
566 return;
567
568 ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
569 }
570
571 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
572 const struct in6_addr *daddr,
573 const struct in6_addr *solicited_addr,
574 int router, int solicited, int override, int inc_opt)
575 {
576 struct in6_addr tmpaddr;
577 struct inet6_ifaddr *ifp;
578 const struct in6_addr *src_addr;
579 struct icmp6hdr icmp6h = {
580 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
581 };
582
583 /* for anycast or proxy, solicited_addr != src_addr */
584 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
585 if (ifp) {
586 src_addr = solicited_addr;
587 if (ifp->flags & IFA_F_OPTIMISTIC)
588 override = 0;
589 inc_opt |= ifp->idev->cnf.force_tllao;
590 in6_ifa_put(ifp);
591 } else {
592 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
593 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
594 &tmpaddr))
595 return;
596 src_addr = &tmpaddr;
597 }
598
599 icmp6h.icmp6_router = router;
600 icmp6h.icmp6_solicited = solicited;
601 icmp6h.icmp6_override = override;
602
603 __ndisc_send(dev, neigh, daddr, src_addr,
604 &icmp6h, solicited_addr,
605 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
606 }
607
608 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
609 const struct in6_addr *solicit,
610 const struct in6_addr *daddr, const struct in6_addr *saddr)
611 {
612 struct in6_addr addr_buf;
613 struct icmp6hdr icmp6h = {
614 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
615 };
616
617 if (saddr == NULL) {
618 if (ipv6_get_lladdr(dev, &addr_buf,
619 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
620 return;
621 saddr = &addr_buf;
622 }
623
624 __ndisc_send(dev, neigh, daddr, saddr,
625 &icmp6h, solicit,
626 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
627 }
628
629 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
630 const struct in6_addr *daddr)
631 {
632 struct icmp6hdr icmp6h = {
633 .icmp6_type = NDISC_ROUTER_SOLICITATION,
634 };
635 int send_sllao = dev->addr_len;
636
637 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
638 /*
639 * According to section 2.2 of RFC 4429, we must not
640 * send router solicitations with a sllao from
641 * optimistic addresses, but we may send the solicitation
642 * if we don't include the sllao. So here we check
643 * if our address is optimistic, and if so, we
644 * suppress the inclusion of the sllao.
645 */
646 if (send_sllao) {
647 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
648 dev, 1);
649 if (ifp) {
650 if (ifp->flags & IFA_F_OPTIMISTIC) {
651 send_sllao = 0;
652 }
653 in6_ifa_put(ifp);
654 } else {
655 send_sllao = 0;
656 }
657 }
658 #endif
659 __ndisc_send(dev, NULL, daddr, saddr,
660 &icmp6h, NULL,
661 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
662 }
663
664
665 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
666 {
667 /*
668 * "The sender MUST return an ICMP
669 * destination unreachable"
670 */
671 dst_link_failure(skb);
672 kfree_skb(skb);
673 }
674
675 /* Called with locked neigh: either read or both */
676
677 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
678 {
679 struct in6_addr *saddr = NULL;
680 struct in6_addr mcaddr;
681 struct net_device *dev = neigh->dev;
682 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
683 int probes = atomic_read(&neigh->probes);
684
685 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
686 saddr = &ipv6_hdr(skb)->saddr;
687
688 if ((probes -= neigh->parms->ucast_probes) < 0) {
689 if (!(neigh->nud_state & NUD_VALID)) {
690 ND_PRINTK1(KERN_DEBUG "%s(): trying to ucast probe in NUD_INVALID: %pI6\n",
691 __func__, target);
692 }
693 ndisc_send_ns(dev, neigh, target, target, saddr);
694 } else if ((probes -= neigh->parms->app_probes) < 0) {
695 #ifdef CONFIG_ARPD
696 neigh_app_ns(neigh);
697 #endif
698 } else {
699 addrconf_addr_solict_mult(target, &mcaddr);
700 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
701 }
702 }
703
704 static int pndisc_is_router(const void *pkey,
705 struct net_device *dev)
706 {
707 struct pneigh_entry *n;
708 int ret = -1;
709
710 read_lock_bh(&nd_tbl.lock);
711 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
712 if (n)
713 ret = !!(n->flags & NTF_ROUTER);
714 read_unlock_bh(&nd_tbl.lock);
715
716 return ret;
717 }
718
719 static void ndisc_recv_ns(struct sk_buff *skb)
720 {
721 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
722 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
723 struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
724 u8 *lladdr = NULL;
725 u32 ndoptlen = skb->tail - (skb->transport_header +
726 offsetof(struct nd_msg, opt));
727 struct ndisc_options ndopts;
728 struct net_device *dev = skb->dev;
729 struct inet6_ifaddr *ifp;
730 struct inet6_dev *idev = NULL;
731 struct neighbour *neigh;
732 int dad = ipv6_addr_any(saddr);
733 int inc;
734 int is_router = -1;
735
736 if (ipv6_addr_is_multicast(&msg->target)) {
737 ND_PRINTK2(KERN_WARNING
738 "ICMPv6 NS: multicast target address");
739 return;
740 }
741
742 /*
743 * RFC2461 7.1.1:
744 * DAD has to be destined for solicited node multicast address.
745 */
746 if (dad &&
747 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
748 daddr->s6_addr32[1] == htonl(0x00000000) &&
749 daddr->s6_addr32[2] == htonl(0x00000001) &&
750 daddr->s6_addr [12] == 0xff )) {
751 ND_PRINTK2(KERN_WARNING
752 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
753 return;
754 }
755
756 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
757 ND_PRINTK2(KERN_WARNING
758 "ICMPv6 NS: invalid ND options\n");
759 return;
760 }
761
762 if (ndopts.nd_opts_src_lladdr) {
763 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
764 if (!lladdr) {
765 ND_PRINTK2(KERN_WARNING
766 "ICMPv6 NS: invalid link-layer address length\n");
767 return;
768 }
769
770 /* RFC2461 7.1.1:
771 * If the IP source address is the unspecified address,
772 * there MUST NOT be source link-layer address option
773 * in the message.
774 */
775 if (dad) {
776 ND_PRINTK2(KERN_WARNING
777 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
778 return;
779 }
780 }
781
782 inc = ipv6_addr_is_multicast(daddr);
783
784 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
785 if (ifp) {
786
787 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
788 if (dad) {
789 if (dev->type == ARPHRD_IEEE802_TR) {
790 const unsigned char *sadr;
791 sadr = skb_mac_header(skb);
792 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
793 sadr[9] == dev->dev_addr[1] &&
794 sadr[10] == dev->dev_addr[2] &&
795 sadr[11] == dev->dev_addr[3] &&
796 sadr[12] == dev->dev_addr[4] &&
797 sadr[13] == dev->dev_addr[5]) {
798 /* looped-back to us */
799 goto out;
800 }
801 }
802
803 /*
804 * We are colliding with another node
805 * who is doing DAD
806 * so fail our DAD process
807 */
808 addrconf_dad_failure(ifp);
809 return;
810 } else {
811 /*
812 * This is not a dad solicitation.
813 * If we are an optimistic node,
814 * we should respond.
815 * Otherwise, we should ignore it.
816 */
817 if (!(ifp->flags & IFA_F_OPTIMISTIC))
818 goto out;
819 }
820 }
821
822 idev = ifp->idev;
823 } else {
824 struct net *net = dev_net(dev);
825
826 idev = in6_dev_get(dev);
827 if (!idev) {
828 /* XXX: count this drop? */
829 return;
830 }
831
832 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
833 (idev->cnf.forwarding &&
834 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
835 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
836 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
837 skb->pkt_type != PACKET_HOST &&
838 inc != 0 &&
839 idev->nd_parms->proxy_delay != 0) {
840 /*
841 * for anycast or proxy,
842 * sender should delay its response
843 * by a random time between 0 and
844 * MAX_ANYCAST_DELAY_TIME seconds.
845 * (RFC2461) -- yoshfuji
846 */
847 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
848 if (n)
849 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
850 goto out;
851 }
852 } else
853 goto out;
854 }
855
856 if (is_router < 0)
857 is_router = !!idev->cnf.forwarding;
858
859 if (dad) {
860 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
861 is_router, 0, (ifp != NULL), 1);
862 goto out;
863 }
864
865 if (inc)
866 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
867 else
868 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
869
870 /*
871 * update / create cache entry
872 * for the source address
873 */
874 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
875 !inc || lladdr || !dev->addr_len);
876 if (neigh)
877 neigh_update(neigh, lladdr, NUD_STALE,
878 NEIGH_UPDATE_F_WEAK_OVERRIDE|
879 NEIGH_UPDATE_F_OVERRIDE);
880 if (neigh || !dev->header_ops) {
881 ndisc_send_na(dev, neigh, saddr, &msg->target,
882 is_router,
883 1, (ifp != NULL && inc), inc);
884 if (neigh)
885 neigh_release(neigh);
886 }
887
888 out:
889 if (ifp)
890 in6_ifa_put(ifp);
891 else
892 in6_dev_put(idev);
893 }
894
895 static void ndisc_recv_na(struct sk_buff *skb)
896 {
897 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
898 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
899 struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
900 u8 *lladdr = NULL;
901 u32 ndoptlen = skb->tail - (skb->transport_header +
902 offsetof(struct nd_msg, opt));
903 struct ndisc_options ndopts;
904 struct net_device *dev = skb->dev;
905 struct inet6_ifaddr *ifp;
906 struct neighbour *neigh;
907
908 if (skb->len < sizeof(struct nd_msg)) {
909 ND_PRINTK2(KERN_WARNING
910 "ICMPv6 NA: packet too short\n");
911 return;
912 }
913
914 if (ipv6_addr_is_multicast(&msg->target)) {
915 ND_PRINTK2(KERN_WARNING
916 "ICMPv6 NA: target address is multicast.\n");
917 return;
918 }
919
920 if (ipv6_addr_is_multicast(daddr) &&
921 msg->icmph.icmp6_solicited) {
922 ND_PRINTK2(KERN_WARNING
923 "ICMPv6 NA: solicited NA is multicasted.\n");
924 return;
925 }
926
927 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
928 ND_PRINTK2(KERN_WARNING
929 "ICMPv6 NS: invalid ND option\n");
930 return;
931 }
932 if (ndopts.nd_opts_tgt_lladdr) {
933 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
934 if (!lladdr) {
935 ND_PRINTK2(KERN_WARNING
936 "ICMPv6 NA: invalid link-layer address length\n");
937 return;
938 }
939 }
940 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
941 if (ifp) {
942 if (ifp->flags & IFA_F_TENTATIVE) {
943 addrconf_dad_failure(ifp);
944 return;
945 }
946 /* What should we make now? The advertisement
947 is invalid, but ndisc specs say nothing
948 about it. It could be misconfiguration, or
949 an smart proxy agent tries to help us :-)
950
951 We should not print the error if NA has been
952 received from loopback - it is just our own
953 unsolicited advertisement.
954 */
955 if (skb->pkt_type != PACKET_LOOPBACK)
956 ND_PRINTK1(KERN_WARNING
957 "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
958 &ifp->addr, ifp->idev->dev->name);
959 in6_ifa_put(ifp);
960 return;
961 }
962 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
963
964 if (neigh) {
965 u8 old_flags = neigh->flags;
966 struct net *net = dev_net(dev);
967
968 if (neigh->nud_state & NUD_FAILED)
969 goto out;
970
971 /*
972 * Don't update the neighbor cache entry on a proxy NA from
973 * ourselves because either the proxied node is off link or it
974 * has already sent a NA to us.
975 */
976 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
977 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
978 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
979 /* XXX: idev->cnf.prixy_ndp */
980 goto out;
981 }
982
983 neigh_update(neigh, lladdr,
984 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
985 NEIGH_UPDATE_F_WEAK_OVERRIDE|
986 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
987 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
988 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
989
990 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
991 /*
992 * Change: router to host
993 */
994 struct rt6_info *rt;
995 rt = rt6_get_dflt_router(saddr, dev);
996 if (rt)
997 ip6_del_rt(rt);
998 }
999
1000 out:
1001 neigh_release(neigh);
1002 }
1003 }
1004
1005 static void ndisc_recv_rs(struct sk_buff *skb)
1006 {
1007 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1008 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1009 struct neighbour *neigh;
1010 struct inet6_dev *idev;
1011 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1012 struct ndisc_options ndopts;
1013 u8 *lladdr = NULL;
1014
1015 if (skb->len < sizeof(*rs_msg))
1016 return;
1017
1018 idev = in6_dev_get(skb->dev);
1019 if (!idev) {
1020 if (net_ratelimit())
1021 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1022 return;
1023 }
1024
1025 /* Don't accept RS if we're not in router mode */
1026 if (!idev->cnf.forwarding)
1027 goto out;
1028
1029 /*
1030 * Don't update NCE if src = ::;
1031 * this implies that the source node has no ip address assigned yet.
1032 */
1033 if (ipv6_addr_any(saddr))
1034 goto out;
1035
1036 /* Parse ND options */
1037 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1038 if (net_ratelimit())
1039 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1040 goto out;
1041 }
1042
1043 if (ndopts.nd_opts_src_lladdr) {
1044 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1045 skb->dev);
1046 if (!lladdr)
1047 goto out;
1048 }
1049
1050 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1051 if (neigh) {
1052 neigh_update(neigh, lladdr, NUD_STALE,
1053 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1054 NEIGH_UPDATE_F_OVERRIDE|
1055 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1056 neigh_release(neigh);
1057 }
1058 out:
1059 in6_dev_put(idev);
1060 }
1061
1062 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1063 {
1064 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1065 struct sk_buff *skb;
1066 struct nlmsghdr *nlh;
1067 struct nduseroptmsg *ndmsg;
1068 struct net *net = dev_net(ra->dev);
1069 int err;
1070 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1071 + (opt->nd_opt_len << 3));
1072 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1073
1074 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1075 if (skb == NULL) {
1076 err = -ENOBUFS;
1077 goto errout;
1078 }
1079
1080 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1081 if (nlh == NULL) {
1082 goto nla_put_failure;
1083 }
1084
1085 ndmsg = nlmsg_data(nlh);
1086 ndmsg->nduseropt_family = AF_INET6;
1087 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1088 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1089 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1090 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1091
1092 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1093
1094 NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1095 &ipv6_hdr(ra)->saddr);
1096 nlmsg_end(skb, nlh);
1097
1098 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1099 return;
1100
1101 nla_put_failure:
1102 nlmsg_free(skb);
1103 err = -EMSGSIZE;
1104 errout:
1105 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1106 }
1107
1108 static inline int accept_ra(struct inet6_dev *in6_dev)
1109 {
1110 /*
1111 * If forwarding is enabled, RA are not accepted unless the special
1112 * hybrid mode (accept_ra=2) is enabled.
1113 */
1114 if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
1115 return 0;
1116
1117 return in6_dev->cnf.accept_ra;
1118 }
1119
1120 static void ndisc_router_discovery(struct sk_buff *skb)
1121 {
1122 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1123 struct neighbour *neigh = NULL;
1124 struct inet6_dev *in6_dev;
1125 struct rt6_info *rt = NULL;
1126 int lifetime;
1127 struct ndisc_options ndopts;
1128 int optlen;
1129 unsigned int pref = 0;
1130
1131 __u8 * opt = (__u8 *)(ra_msg + 1);
1132
1133 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1134
1135 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1136 ND_PRINTK2(KERN_WARNING
1137 "ICMPv6 RA: source address is not link-local.\n");
1138 return;
1139 }
1140 if (optlen < 0) {
1141 ND_PRINTK2(KERN_WARNING
1142 "ICMPv6 RA: packet too short\n");
1143 return;
1144 }
1145
1146 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1147 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1148 ND_PRINTK2(KERN_WARNING
1149 "ICMPv6 RA: from host or unauthorized router\n");
1150 return;
1151 }
1152 #endif
1153
1154 /*
1155 * set the RA_RECV flag in the interface
1156 */
1157
1158 in6_dev = in6_dev_get(skb->dev);
1159 if (in6_dev == NULL) {
1160 ND_PRINTK0(KERN_ERR
1161 "ICMPv6 RA: can't find inet6 device for %s.\n",
1162 skb->dev->name);
1163 return;
1164 }
1165
1166 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1167 in6_dev_put(in6_dev);
1168 ND_PRINTK2(KERN_WARNING
1169 "ICMP6 RA: invalid ND options\n");
1170 return;
1171 }
1172
1173 if (!accept_ra(in6_dev))
1174 goto skip_linkparms;
1175
1176 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1177 /* skip link-specific parameters from interior routers */
1178 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1179 goto skip_linkparms;
1180 #endif
1181
1182 if (in6_dev->if_flags & IF_RS_SENT) {
1183 /*
1184 * flag that an RA was received after an RS was sent
1185 * out on this interface.
1186 */
1187 in6_dev->if_flags |= IF_RA_RCVD;
1188 }
1189
1190 /*
1191 * Remember the managed/otherconf flags from most recently
1192 * received RA message (RFC 2462) -- yoshfuji
1193 */
1194 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1195 IF_RA_OTHERCONF)) |
1196 (ra_msg->icmph.icmp6_addrconf_managed ?
1197 IF_RA_MANAGED : 0) |
1198 (ra_msg->icmph.icmp6_addrconf_other ?
1199 IF_RA_OTHERCONF : 0);
1200
1201 if (!in6_dev->cnf.accept_ra_defrtr)
1202 goto skip_defrtr;
1203
1204 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1205
1206 #ifdef CONFIG_IPV6_ROUTER_PREF
1207 pref = ra_msg->icmph.icmp6_router_pref;
1208 /* 10b is handled as if it were 00b (medium) */
1209 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1210 !in6_dev->cnf.accept_ra_rtr_pref)
1211 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1212 #endif
1213
1214 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1215
1216 if (rt)
1217 neigh = rt->rt6i_nexthop;
1218
1219 if (rt && lifetime == 0) {
1220 neigh_clone(neigh);
1221 ip6_del_rt(rt);
1222 rt = NULL;
1223 }
1224
1225 if (rt == NULL && lifetime) {
1226 ND_PRINTK3(KERN_DEBUG
1227 "ICMPv6 RA: adding default router.\n");
1228
1229 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1230 if (rt == NULL) {
1231 ND_PRINTK0(KERN_ERR
1232 "ICMPv6 RA: %s() failed to add default route.\n",
1233 __func__);
1234 in6_dev_put(in6_dev);
1235 return;
1236 }
1237
1238 neigh = rt->rt6i_nexthop;
1239 if (neigh == NULL) {
1240 ND_PRINTK0(KERN_ERR
1241 "ICMPv6 RA: %s() got default router without neighbour.\n",
1242 __func__);
1243 dst_release(&rt->dst);
1244 in6_dev_put(in6_dev);
1245 return;
1246 }
1247 neigh->flags |= NTF_ROUTER;
1248 } else if (rt) {
1249 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1250 }
1251
1252 if (rt)
1253 rt->rt6i_expires = jiffies + (HZ * lifetime);
1254
1255 if (ra_msg->icmph.icmp6_hop_limit) {
1256 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1257 if (rt)
1258 rt->dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1259 }
1260
1261 skip_defrtr:
1262
1263 /*
1264 * Update Reachable Time and Retrans Timer
1265 */
1266
1267 if (in6_dev->nd_parms) {
1268 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1269
1270 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1271 rtime = (rtime*HZ)/1000;
1272 if (rtime < HZ/10)
1273 rtime = HZ/10;
1274 in6_dev->nd_parms->retrans_time = rtime;
1275 in6_dev->tstamp = jiffies;
1276 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1277 }
1278
1279 rtime = ntohl(ra_msg->reachable_time);
1280 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1281 rtime = (rtime*HZ)/1000;
1282
1283 if (rtime < HZ/10)
1284 rtime = HZ/10;
1285
1286 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1287 in6_dev->nd_parms->base_reachable_time = rtime;
1288 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1289 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1290 in6_dev->tstamp = jiffies;
1291 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1292 }
1293 }
1294 }
1295
1296 skip_linkparms:
1297
1298 /*
1299 * Process options.
1300 */
1301
1302 if (!neigh)
1303 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1304 skb->dev, 1);
1305 if (neigh) {
1306 u8 *lladdr = NULL;
1307 if (ndopts.nd_opts_src_lladdr) {
1308 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1309 skb->dev);
1310 if (!lladdr) {
1311 ND_PRINTK2(KERN_WARNING
1312 "ICMPv6 RA: invalid link-layer address length\n");
1313 goto out;
1314 }
1315 }
1316 neigh_update(neigh, lladdr, NUD_STALE,
1317 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1318 NEIGH_UPDATE_F_OVERRIDE|
1319 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1320 NEIGH_UPDATE_F_ISROUTER);
1321 }
1322
1323 if (!accept_ra(in6_dev))
1324 goto out;
1325
1326 #ifdef CONFIG_IPV6_ROUTE_INFO
1327 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1328 struct nd_opt_hdr *p;
1329 for (p = ndopts.nd_opts_ri;
1330 p;
1331 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1332 struct route_info *ri = (struct route_info *)p;
1333 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1334 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1335 ri->prefix_len == 0)
1336 continue;
1337 #endif
1338 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1339 continue;
1340 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1341 &ipv6_hdr(skb)->saddr);
1342 }
1343 }
1344 #endif
1345
1346 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1347 /* skip link-specific ndopts from interior routers */
1348 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1349 goto out;
1350 #endif
1351
1352 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1353 struct nd_opt_hdr *p;
1354 for (p = ndopts.nd_opts_pi;
1355 p;
1356 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1357 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1358 }
1359 }
1360
1361 if (ndopts.nd_opts_mtu) {
1362 __be32 n;
1363 u32 mtu;
1364
1365 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1366 mtu = ntohl(n);
1367
1368 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1369 ND_PRINTK2(KERN_WARNING
1370 "ICMPv6 RA: invalid mtu: %d\n",
1371 mtu);
1372 } else if (in6_dev->cnf.mtu6 != mtu) {
1373 in6_dev->cnf.mtu6 = mtu;
1374
1375 if (rt)
1376 rt->dst.metrics[RTAX_MTU-1] = mtu;
1377
1378 rt6_mtu_change(skb->dev, mtu);
1379 }
1380 }
1381
1382 if (ndopts.nd_useropts) {
1383 struct nd_opt_hdr *p;
1384 for (p = ndopts.nd_useropts;
1385 p;
1386 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1387 ndisc_ra_useropt(skb, p);
1388 }
1389 }
1390
1391 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1392 ND_PRINTK2(KERN_WARNING
1393 "ICMPv6 RA: invalid RA options");
1394 }
1395 out:
1396 if (rt)
1397 dst_release(&rt->dst);
1398 else if (neigh)
1399 neigh_release(neigh);
1400 in6_dev_put(in6_dev);
1401 }
1402
1403 static void ndisc_redirect_rcv(struct sk_buff *skb)
1404 {
1405 struct inet6_dev *in6_dev;
1406 struct icmp6hdr *icmph;
1407 struct in6_addr *dest;
1408 struct in6_addr *target; /* new first hop to destination */
1409 struct neighbour *neigh;
1410 int on_link = 0;
1411 struct ndisc_options ndopts;
1412 int optlen;
1413 u8 *lladdr = NULL;
1414
1415 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1416 switch (skb->ndisc_nodetype) {
1417 case NDISC_NODETYPE_HOST:
1418 case NDISC_NODETYPE_NODEFAULT:
1419 ND_PRINTK2(KERN_WARNING
1420 "ICMPv6 Redirect: from host or unauthorized router\n");
1421 return;
1422 }
1423 #endif
1424
1425 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1426 ND_PRINTK2(KERN_WARNING
1427 "ICMPv6 Redirect: source address is not link-local.\n");
1428 return;
1429 }
1430
1431 optlen = skb->tail - skb->transport_header;
1432 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1433
1434 if (optlen < 0) {
1435 ND_PRINTK2(KERN_WARNING
1436 "ICMPv6 Redirect: packet too short\n");
1437 return;
1438 }
1439
1440 icmph = icmp6_hdr(skb);
1441 target = (struct in6_addr *) (icmph + 1);
1442 dest = target + 1;
1443
1444 if (ipv6_addr_is_multicast(dest)) {
1445 ND_PRINTK2(KERN_WARNING
1446 "ICMPv6 Redirect: destination address is multicast.\n");
1447 return;
1448 }
1449
1450 if (ipv6_addr_equal(dest, target)) {
1451 on_link = 1;
1452 } else if (ipv6_addr_type(target) !=
1453 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1454 ND_PRINTK2(KERN_WARNING
1455 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1456 return;
1457 }
1458
1459 in6_dev = in6_dev_get(skb->dev);
1460 if (!in6_dev)
1461 return;
1462 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1463 in6_dev_put(in6_dev);
1464 return;
1465 }
1466
1467 /* RFC2461 8.1:
1468 * The IP source address of the Redirect MUST be the same as the current
1469 * first-hop router for the specified ICMP Destination Address.
1470 */
1471
1472 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1473 ND_PRINTK2(KERN_WARNING
1474 "ICMPv6 Redirect: invalid ND options\n");
1475 in6_dev_put(in6_dev);
1476 return;
1477 }
1478 if (ndopts.nd_opts_tgt_lladdr) {
1479 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1480 skb->dev);
1481 if (!lladdr) {
1482 ND_PRINTK2(KERN_WARNING
1483 "ICMPv6 Redirect: invalid link-layer address length\n");
1484 in6_dev_put(in6_dev);
1485 return;
1486 }
1487 }
1488
1489 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1490 if (neigh) {
1491 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1492 &ipv6_hdr(skb)->saddr, neigh, lladdr,
1493 on_link);
1494 neigh_release(neigh);
1495 }
1496 in6_dev_put(in6_dev);
1497 }
1498
1499 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1500 const struct in6_addr *target)
1501 {
1502 struct net_device *dev = skb->dev;
1503 struct net *net = dev_net(dev);
1504 struct sock *sk = net->ipv6.ndisc_sk;
1505 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1506 struct sk_buff *buff;
1507 struct icmp6hdr *icmph;
1508 struct in6_addr saddr_buf;
1509 struct in6_addr *addrp;
1510 struct rt6_info *rt;
1511 struct dst_entry *dst;
1512 struct inet6_dev *idev;
1513 struct flowi fl;
1514 u8 *opt;
1515 int rd_len;
1516 int err;
1517 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1518
1519 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1520 ND_PRINTK2(KERN_WARNING
1521 "ICMPv6 Redirect: no link-local address on %s\n",
1522 dev->name);
1523 return;
1524 }
1525
1526 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1527 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1528 ND_PRINTK2(KERN_WARNING
1529 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1530 return;
1531 }
1532
1533 icmpv6_flow_init(sk, &fl, NDISC_REDIRECT,
1534 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1535
1536 dst = ip6_route_output(net, NULL, &fl);
1537 if (dst == NULL)
1538 return;
1539
1540 err = xfrm_lookup(net, &dst, &fl, NULL, 0);
1541 if (err)
1542 return;
1543
1544 rt = (struct rt6_info *) dst;
1545
1546 if (rt->rt6i_flags & RTF_GATEWAY) {
1547 ND_PRINTK2(KERN_WARNING
1548 "ICMPv6 Redirect: destination is not a neighbour.\n");
1549 goto release;
1550 }
1551 if (!xrlim_allow(dst, 1*HZ))
1552 goto release;
1553
1554 if (dev->addr_len) {
1555 read_lock_bh(&neigh->lock);
1556 if (neigh->nud_state & NUD_VALID) {
1557 memcpy(ha_buf, neigh->ha, dev->addr_len);
1558 read_unlock_bh(&neigh->lock);
1559 ha = ha_buf;
1560 len += ndisc_opt_addr_space(dev);
1561 } else
1562 read_unlock_bh(&neigh->lock);
1563 }
1564
1565 rd_len = min_t(unsigned int,
1566 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1567 rd_len &= ~0x7;
1568 len += rd_len;
1569
1570 buff = sock_alloc_send_skb(sk,
1571 (MAX_HEADER + sizeof(struct ipv6hdr) +
1572 len + LL_ALLOCATED_SPACE(dev)),
1573 1, &err);
1574 if (buff == NULL) {
1575 ND_PRINTK0(KERN_ERR
1576 "ICMPv6 Redirect: %s() failed to allocate an skb, err=%d.\n",
1577 __func__, err);
1578 goto release;
1579 }
1580
1581 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1582 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1583 IPPROTO_ICMPV6, len);
1584
1585 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1586 skb_put(buff, len);
1587 icmph = icmp6_hdr(buff);
1588
1589 memset(icmph, 0, sizeof(struct icmp6hdr));
1590 icmph->icmp6_type = NDISC_REDIRECT;
1591
1592 /*
1593 * copy target and destination addresses
1594 */
1595
1596 addrp = (struct in6_addr *)(icmph + 1);
1597 ipv6_addr_copy(addrp, target);
1598 addrp++;
1599 ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1600
1601 opt = (u8*) (addrp + 1);
1602
1603 /*
1604 * include target_address option
1605 */
1606
1607 if (ha)
1608 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1609 dev->addr_len, dev->type);
1610
1611 /*
1612 * build redirect option and copy skb over to the new packet.
1613 */
1614
1615 memset(opt, 0, 8);
1616 *(opt++) = ND_OPT_REDIRECT_HDR;
1617 *(opt++) = (rd_len >> 3);
1618 opt += 6;
1619
1620 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1621
1622 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1623 len, IPPROTO_ICMPV6,
1624 csum_partial(icmph, len, 0));
1625
1626 skb_dst_set(buff, dst);
1627 idev = in6_dev_get(dst->dev);
1628 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1629 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1630 dst_output);
1631 if (!err) {
1632 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1633 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1634 }
1635
1636 if (likely(idev != NULL))
1637 in6_dev_put(idev);
1638 return;
1639
1640 release:
1641 dst_release(dst);
1642 }
1643
1644 static void pndisc_redo(struct sk_buff *skb)
1645 {
1646 ndisc_recv_ns(skb);
1647 kfree_skb(skb);
1648 }
1649
1650 int ndisc_rcv(struct sk_buff *skb)
1651 {
1652 struct nd_msg *msg;
1653
1654 if (!pskb_may_pull(skb, skb->len))
1655 return 0;
1656
1657 msg = (struct nd_msg *)skb_transport_header(skb);
1658
1659 __skb_push(skb, skb->data - skb_transport_header(skb));
1660
1661 if (ipv6_hdr(skb)->hop_limit != 255) {
1662 ND_PRINTK2(KERN_WARNING
1663 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1664 ipv6_hdr(skb)->hop_limit);
1665 return 0;
1666 }
1667
1668 if (msg->icmph.icmp6_code != 0) {
1669 ND_PRINTK2(KERN_WARNING
1670 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1671 msg->icmph.icmp6_code);
1672 return 0;
1673 }
1674
1675 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1676
1677 switch (msg->icmph.icmp6_type) {
1678 case NDISC_NEIGHBOUR_SOLICITATION:
1679 ndisc_recv_ns(skb);
1680 break;
1681
1682 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1683 ndisc_recv_na(skb);
1684 break;
1685
1686 case NDISC_ROUTER_SOLICITATION:
1687 ndisc_recv_rs(skb);
1688 break;
1689
1690 case NDISC_ROUTER_ADVERTISEMENT:
1691 ndisc_router_discovery(skb);
1692 break;
1693
1694 case NDISC_REDIRECT:
1695 ndisc_redirect_rcv(skb);
1696 break;
1697 }
1698
1699 return 0;
1700 }
1701
1702 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1703 {
1704 struct net_device *dev = ptr;
1705 struct net *net = dev_net(dev);
1706
1707 switch (event) {
1708 case NETDEV_CHANGEADDR:
1709 neigh_changeaddr(&nd_tbl, dev);
1710 fib6_run_gc(~0UL, net);
1711 break;
1712 case NETDEV_DOWN:
1713 neigh_ifdown(&nd_tbl, dev);
1714 fib6_run_gc(~0UL, net);
1715 break;
1716 default:
1717 break;
1718 }
1719
1720 return NOTIFY_DONE;
1721 }
1722
1723 static struct notifier_block ndisc_netdev_notifier = {
1724 .notifier_call = ndisc_netdev_event,
1725 };
1726
1727 #ifdef CONFIG_SYSCTL
1728 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1729 const char *func, const char *dev_name)
1730 {
1731 static char warncomm[TASK_COMM_LEN];
1732 static int warned;
1733 if (strcmp(warncomm, current->comm) && warned < 5) {
1734 strcpy(warncomm, current->comm);
1735 printk(KERN_WARNING
1736 "process `%s' is using deprecated sysctl (%s) "
1737 "net.ipv6.neigh.%s.%s; "
1738 "Use net.ipv6.neigh.%s.%s_ms "
1739 "instead.\n",
1740 warncomm, func,
1741 dev_name, ctl->procname,
1742 dev_name, ctl->procname);
1743 warned++;
1744 }
1745 }
1746
1747 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1748 {
1749 struct net_device *dev = ctl->extra1;
1750 struct inet6_dev *idev;
1751 int ret;
1752
1753 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1754 (strcmp(ctl->procname, "base_reachable_time") == 0))
1755 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1756
1757 if (strcmp(ctl->procname, "retrans_time") == 0)
1758 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1759
1760 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1761 ret = proc_dointvec_jiffies(ctl, write,
1762 buffer, lenp, ppos);
1763
1764 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1765 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1766 ret = proc_dointvec_ms_jiffies(ctl, write,
1767 buffer, lenp, ppos);
1768 else
1769 ret = -1;
1770
1771 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1772 if (ctl->data == &idev->nd_parms->base_reachable_time)
1773 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1774 idev->tstamp = jiffies;
1775 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1776 in6_dev_put(idev);
1777 }
1778 return ret;
1779 }
1780
1781
1782 #endif
1783
1784 static int __net_init ndisc_net_init(struct net *net)
1785 {
1786 struct ipv6_pinfo *np;
1787 struct sock *sk;
1788 int err;
1789
1790 err = inet_ctl_sock_create(&sk, PF_INET6,
1791 SOCK_RAW, IPPROTO_ICMPV6, net);
1792 if (err < 0) {
1793 ND_PRINTK0(KERN_ERR
1794 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1795 err);
1796 return err;
1797 }
1798
1799 net->ipv6.ndisc_sk = sk;
1800
1801 np = inet6_sk(sk);
1802 np->hop_limit = 255;
1803 /* Do not loopback ndisc messages */
1804 np->mc_loop = 0;
1805
1806 return 0;
1807 }
1808
1809 static void __net_exit ndisc_net_exit(struct net *net)
1810 {
1811 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1812 }
1813
1814 static struct pernet_operations ndisc_net_ops = {
1815 .init = ndisc_net_init,
1816 .exit = ndisc_net_exit,
1817 };
1818
1819 int __init ndisc_init(void)
1820 {
1821 int err;
1822
1823 err = register_pernet_subsys(&ndisc_net_ops);
1824 if (err)
1825 return err;
1826 /*
1827 * Initialize the neighbour table
1828 */
1829 neigh_table_init(&nd_tbl);
1830
1831 #ifdef CONFIG_SYSCTL
1832 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1833 &ndisc_ifinfo_sysctl_change);
1834 if (err)
1835 goto out_unregister_pernet;
1836 #endif
1837 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1838 if (err)
1839 goto out_unregister_sysctl;
1840 out:
1841 return err;
1842
1843 out_unregister_sysctl:
1844 #ifdef CONFIG_SYSCTL
1845 neigh_sysctl_unregister(&nd_tbl.parms);
1846 out_unregister_pernet:
1847 #endif
1848 unregister_pernet_subsys(&ndisc_net_ops);
1849 goto out;
1850 }
1851
1852 void ndisc_cleanup(void)
1853 {
1854 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1855 #ifdef CONFIG_SYSCTL
1856 neigh_sysctl_unregister(&nd_tbl.parms);
1857 #endif
1858 neigh_table_clear(&nd_tbl);
1859 unregister_pernet_subsys(&ndisc_net_ops);
1860 }
Linux 2.6 libata-dev (mirror)