[PATCH] sem2mutex: iprune
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / net / ipv6 / ndisc.c
blobdfa20d3be9b69ec23db998c2e5268e38ab60a41a
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
16 * Changes:
18 * Lars Fenneberg : fixed MTU setting on receipt
19 * of an RA.
21 * Janos Farkas : kmalloc failure checks
22 * Alexey Kuznetsov : state machine reworked
23 * and moved to net/core.
24 * Pekka Savola : RFC2461 validation
25 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 /* Set to 3 to get tracing... */
29 #define ND_DEBUG 1
31 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
32 #define ND_NOPRINTK(x...) do { ; } while(0)
33 #define ND_PRINTK0 ND_PRINTK
34 #define ND_PRINTK1 ND_NOPRINTK
35 #define ND_PRINTK2 ND_NOPRINTK
36 #define ND_PRINTK3 ND_NOPRINTK
37 #if ND_DEBUG >= 1
38 #undef ND_PRINTK1
39 #define ND_PRINTK1 ND_PRINTK
40 #endif
41 #if ND_DEBUG >= 2
42 #undef ND_PRINTK2
43 #define ND_PRINTK2 ND_PRINTK
44 #endif
45 #if ND_DEBUG >= 3
46 #undef ND_PRINTK3
47 #define ND_PRINTK3 ND_PRINTK
48 #endif
50 #include <linux/module.h>
51 #include <linux/config.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #ifdef CONFIG_SYSCTL
63 #include <linux/sysctl.h>
64 #endif
66 #include <linux/if_arp.h>
67 #include <linux/ipv6.h>
68 #include <linux/icmpv6.h>
69 #include <linux/jhash.h>
71 #include <net/sock.h>
72 #include <net/snmp.h>
74 #include <net/ipv6.h>
75 #include <net/protocol.h>
76 #include <net/ndisc.h>
77 #include <net/ip6_route.h>
78 #include <net/addrconf.h>
79 #include <net/icmp.h>
81 #include <net/flow.h>
82 #include <net/ip6_checksum.h>
83 #include <linux/proc_fs.h>
85 #include <linux/netfilter.h>
86 #include <linux/netfilter_ipv6.h>
88 static struct socket *ndisc_socket;
90 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
91 static int ndisc_constructor(struct neighbour *neigh);
92 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
93 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
94 static int pndisc_constructor(struct pneigh_entry *n);
95 static void pndisc_destructor(struct pneigh_entry *n);
96 static void pndisc_redo(struct sk_buff *skb);
98 static struct neigh_ops ndisc_generic_ops = {
99 .family = AF_INET6,
100 .solicit = ndisc_solicit,
101 .error_report = ndisc_error_report,
102 .output = neigh_resolve_output,
103 .connected_output = neigh_connected_output,
104 .hh_output = dev_queue_xmit,
105 .queue_xmit = dev_queue_xmit,
108 static struct neigh_ops ndisc_hh_ops = {
109 .family = AF_INET6,
110 .solicit = ndisc_solicit,
111 .error_report = ndisc_error_report,
112 .output = neigh_resolve_output,
113 .connected_output = neigh_resolve_output,
114 .hh_output = dev_queue_xmit,
115 .queue_xmit = dev_queue_xmit,
119 static struct neigh_ops ndisc_direct_ops = {
120 .family = AF_INET6,
121 .output = dev_queue_xmit,
122 .connected_output = dev_queue_xmit,
123 .hh_output = dev_queue_xmit,
124 .queue_xmit = dev_queue_xmit,
127 struct neigh_table nd_tbl = {
128 .family = AF_INET6,
129 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
130 .key_len = sizeof(struct in6_addr),
131 .hash = ndisc_hash,
132 .constructor = ndisc_constructor,
133 .pconstructor = pndisc_constructor,
134 .pdestructor = pndisc_destructor,
135 .proxy_redo = pndisc_redo,
136 .id = "ndisc_cache",
137 .parms = {
138 .tbl = &nd_tbl,
139 .base_reachable_time = 30 * HZ,
140 .retrans_time = 1 * HZ,
141 .gc_staletime = 60 * HZ,
142 .reachable_time = 30 * HZ,
143 .delay_probe_time = 5 * HZ,
144 .queue_len = 3,
145 .ucast_probes = 3,
146 .mcast_probes = 3,
147 .anycast_delay = 1 * HZ,
148 .proxy_delay = (8 * HZ) / 10,
149 .proxy_qlen = 64,
151 .gc_interval = 30 * HZ,
152 .gc_thresh1 = 128,
153 .gc_thresh2 = 512,
154 .gc_thresh3 = 1024,
157 /* ND options */
158 struct ndisc_options {
159 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
160 #ifdef CONFIG_IPV6_ROUTE_INFO
161 struct nd_opt_hdr *nd_opts_ri;
162 struct nd_opt_hdr *nd_opts_ri_end;
163 #endif
166 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
167 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
168 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
169 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
170 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
171 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
173 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
176 * Return the padding between the option length and the start of the
177 * link addr. Currently only IP-over-InfiniBand needs this, although
178 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
179 * also need a pad of 2.
181 static int ndisc_addr_option_pad(unsigned short type)
183 switch (type) {
184 case ARPHRD_INFINIBAND: return 2;
185 default: return 0;
189 static inline int ndisc_opt_addr_space(struct net_device *dev)
191 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
194 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
195 unsigned short addr_type)
197 int space = NDISC_OPT_SPACE(data_len);
198 int pad = ndisc_addr_option_pad(addr_type);
200 opt[0] = type;
201 opt[1] = space>>3;
203 memset(opt + 2, 0, pad);
204 opt += pad;
205 space -= pad;
207 memcpy(opt+2, data, data_len);
208 data_len += 2;
209 opt += data_len;
210 if ((space -= data_len) > 0)
211 memset(opt, 0, space);
212 return opt + space;
215 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
216 struct nd_opt_hdr *end)
218 int type;
219 if (!cur || !end || cur >= end)
220 return NULL;
221 type = cur->nd_opt_type;
222 do {
223 cur = ((void *)cur) + (cur->nd_opt_len << 3);
224 } while(cur < end && cur->nd_opt_type != type);
225 return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
228 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
229 struct ndisc_options *ndopts)
231 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
233 if (!nd_opt || opt_len < 0 || !ndopts)
234 return NULL;
235 memset(ndopts, 0, sizeof(*ndopts));
236 while (opt_len) {
237 int l;
238 if (opt_len < sizeof(struct nd_opt_hdr))
239 return NULL;
240 l = nd_opt->nd_opt_len << 3;
241 if (opt_len < l || l == 0)
242 return NULL;
243 switch (nd_opt->nd_opt_type) {
244 case ND_OPT_SOURCE_LL_ADDR:
245 case ND_OPT_TARGET_LL_ADDR:
246 case ND_OPT_MTU:
247 case ND_OPT_REDIRECT_HDR:
248 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
249 ND_PRINTK2(KERN_WARNING
250 "%s(): duplicated ND6 option found: type=%d\n",
251 __FUNCTION__,
252 nd_opt->nd_opt_type);
253 } else {
254 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
256 break;
257 case ND_OPT_PREFIX_INFO:
258 ndopts->nd_opts_pi_end = nd_opt;
259 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0)
260 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
261 break;
262 #ifdef CONFIG_IPV6_ROUTE_INFO
263 case ND_OPT_ROUTE_INFO:
264 ndopts->nd_opts_ri_end = nd_opt;
265 if (!ndopts->nd_opts_ri)
266 ndopts->nd_opts_ri = nd_opt;
267 break;
268 #endif
269 default:
271 * Unknown options must be silently ignored,
272 * to accommodate future extension to the protocol.
274 ND_PRINTK2(KERN_NOTICE
275 "%s(): ignored unsupported option; type=%d, len=%d\n",
276 __FUNCTION__,
277 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
279 opt_len -= l;
280 nd_opt = ((void *)nd_opt) + l;
282 return ndopts;
285 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
286 struct net_device *dev)
288 u8 *lladdr = (u8 *)(p + 1);
289 int lladdrlen = p->nd_opt_len << 3;
290 int prepad = ndisc_addr_option_pad(dev->type);
291 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
292 return NULL;
293 return (lladdr + prepad);
296 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
298 switch (dev->type) {
299 case ARPHRD_ETHER:
300 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
301 case ARPHRD_FDDI:
302 ipv6_eth_mc_map(addr, buf);
303 return 0;
304 case ARPHRD_IEEE802_TR:
305 ipv6_tr_mc_map(addr,buf);
306 return 0;
307 case ARPHRD_ARCNET:
308 ipv6_arcnet_mc_map(addr, buf);
309 return 0;
310 case ARPHRD_INFINIBAND:
311 ipv6_ib_mc_map(addr, buf);
312 return 0;
313 default:
314 if (dir) {
315 memcpy(buf, dev->broadcast, dev->addr_len);
316 return 0;
319 return -EINVAL;
322 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
324 const u32 *p32 = pkey;
325 u32 addr_hash, i;
327 addr_hash = 0;
328 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
329 addr_hash ^= *p32++;
331 return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
334 static int ndisc_constructor(struct neighbour *neigh)
336 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
337 struct net_device *dev = neigh->dev;
338 struct inet6_dev *in6_dev;
339 struct neigh_parms *parms;
340 int is_multicast = ipv6_addr_is_multicast(addr);
342 rcu_read_lock();
343 in6_dev = in6_dev_get(dev);
344 if (in6_dev == NULL) {
345 rcu_read_unlock();
346 return -EINVAL;
349 parms = in6_dev->nd_parms;
350 __neigh_parms_put(neigh->parms);
351 neigh->parms = neigh_parms_clone(parms);
352 rcu_read_unlock();
354 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
355 if (dev->hard_header == NULL) {
356 neigh->nud_state = NUD_NOARP;
357 neigh->ops = &ndisc_direct_ops;
358 neigh->output = neigh->ops->queue_xmit;
359 } else {
360 if (is_multicast) {
361 neigh->nud_state = NUD_NOARP;
362 ndisc_mc_map(addr, neigh->ha, dev, 1);
363 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
364 neigh->nud_state = NUD_NOARP;
365 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
366 if (dev->flags&IFF_LOOPBACK)
367 neigh->type = RTN_LOCAL;
368 } else if (dev->flags&IFF_POINTOPOINT) {
369 neigh->nud_state = NUD_NOARP;
370 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
372 if (dev->hard_header_cache)
373 neigh->ops = &ndisc_hh_ops;
374 else
375 neigh->ops = &ndisc_generic_ops;
376 if (neigh->nud_state&NUD_VALID)
377 neigh->output = neigh->ops->connected_output;
378 else
379 neigh->output = neigh->ops->output;
381 in6_dev_put(in6_dev);
382 return 0;
385 static int pndisc_constructor(struct pneigh_entry *n)
387 struct in6_addr *addr = (struct in6_addr*)&n->key;
388 struct in6_addr maddr;
389 struct net_device *dev = n->dev;
391 if (dev == NULL || __in6_dev_get(dev) == NULL)
392 return -EINVAL;
393 addrconf_addr_solict_mult(addr, &maddr);
394 ipv6_dev_mc_inc(dev, &maddr);
395 return 0;
398 static void pndisc_destructor(struct pneigh_entry *n)
400 struct in6_addr *addr = (struct in6_addr*)&n->key;
401 struct in6_addr maddr;
402 struct net_device *dev = n->dev;
404 if (dev == NULL || __in6_dev_get(dev) == NULL)
405 return;
406 addrconf_addr_solict_mult(addr, &maddr);
407 ipv6_dev_mc_dec(dev, &maddr);
411 * Send a Neighbour Advertisement
414 static inline void ndisc_flow_init(struct flowi *fl, u8 type,
415 struct in6_addr *saddr, struct in6_addr *daddr)
417 memset(fl, 0, sizeof(*fl));
418 ipv6_addr_copy(&fl->fl6_src, saddr);
419 ipv6_addr_copy(&fl->fl6_dst, daddr);
420 fl->proto = IPPROTO_ICMPV6;
421 fl->fl_icmp_type = type;
422 fl->fl_icmp_code = 0;
425 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
426 struct in6_addr *daddr, struct in6_addr *solicited_addr,
427 int router, int solicited, int override, int inc_opt)
429 struct in6_addr tmpaddr;
430 struct inet6_ifaddr *ifp;
431 struct inet6_dev *idev;
432 struct flowi fl;
433 struct dst_entry* dst;
434 struct sock *sk = ndisc_socket->sk;
435 struct in6_addr *src_addr;
436 struct nd_msg *msg;
437 int len;
438 struct sk_buff *skb;
439 int err;
441 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
443 /* for anycast or proxy, solicited_addr != src_addr */
444 ifp = ipv6_get_ifaddr(solicited_addr, dev, 1);
445 if (ifp) {
446 src_addr = solicited_addr;
447 in6_ifa_put(ifp);
448 } else {
449 if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
450 return;
451 src_addr = &tmpaddr;
454 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_ADVERTISEMENT, src_addr, daddr);
456 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
457 if (!dst)
458 return;
460 err = xfrm_lookup(&dst, &fl, NULL, 0);
461 if (err < 0)
462 return;
464 if (inc_opt) {
465 if (dev->addr_len)
466 len += ndisc_opt_addr_space(dev);
467 else
468 inc_opt = 0;
471 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
472 1, &err);
474 if (skb == NULL) {
475 ND_PRINTK0(KERN_ERR
476 "ICMPv6 NA: %s() failed to allocate an skb.\n",
477 __FUNCTION__);
478 dst_release(dst);
479 return;
482 skb_reserve(skb, LL_RESERVED_SPACE(dev));
483 ip6_nd_hdr(sk, skb, dev, src_addr, daddr, IPPROTO_ICMPV6, len);
485 msg = (struct nd_msg *)skb_put(skb, len);
486 skb->h.raw = (unsigned char*)msg;
488 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT;
489 msg->icmph.icmp6_code = 0;
490 msg->icmph.icmp6_cksum = 0;
492 msg->icmph.icmp6_unused = 0;
493 msg->icmph.icmp6_router = router;
494 msg->icmph.icmp6_solicited = solicited;
495 msg->icmph.icmp6_override = !!override;
497 /* Set the target address. */
498 ipv6_addr_copy(&msg->target, solicited_addr);
500 if (inc_opt)
501 ndisc_fill_addr_option(msg->opt, ND_OPT_TARGET_LL_ADDR, dev->dev_addr,
502 dev->addr_len, dev->type);
504 /* checksum */
505 msg->icmph.icmp6_cksum = csum_ipv6_magic(src_addr, daddr, len,
506 IPPROTO_ICMPV6,
507 csum_partial((__u8 *) msg,
508 len, 0));
510 skb->dst = dst;
511 idev = in6_dev_get(dst->dev);
512 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
513 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
514 if (!err) {
515 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORADVERTISEMENTS);
516 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
519 if (likely(idev != NULL))
520 in6_dev_put(idev);
523 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
524 struct in6_addr *solicit,
525 struct in6_addr *daddr, struct in6_addr *saddr)
527 struct flowi fl;
528 struct dst_entry* dst;
529 struct inet6_dev *idev;
530 struct sock *sk = ndisc_socket->sk;
531 struct sk_buff *skb;
532 struct nd_msg *msg;
533 struct in6_addr addr_buf;
534 int len;
535 int err;
536 int send_llinfo;
538 if (saddr == NULL) {
539 if (ipv6_get_lladdr(dev, &addr_buf))
540 return;
541 saddr = &addr_buf;
544 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_SOLICITATION, saddr, daddr);
546 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
547 if (!dst)
548 return;
550 err = xfrm_lookup(&dst, &fl, NULL, 0);
551 if (err < 0)
552 return;
554 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
555 send_llinfo = dev->addr_len && !ipv6_addr_any(saddr);
556 if (send_llinfo)
557 len += ndisc_opt_addr_space(dev);
559 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
560 1, &err);
561 if (skb == NULL) {
562 ND_PRINTK0(KERN_ERR
563 "ICMPv6 NA: %s() failed to allocate an skb.\n",
564 __FUNCTION__);
565 dst_release(dst);
566 return;
569 skb_reserve(skb, LL_RESERVED_SPACE(dev));
570 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
572 msg = (struct nd_msg *)skb_put(skb, len);
573 skb->h.raw = (unsigned char*)msg;
574 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_SOLICITATION;
575 msg->icmph.icmp6_code = 0;
576 msg->icmph.icmp6_cksum = 0;
577 msg->icmph.icmp6_unused = 0;
579 /* Set the target address. */
580 ipv6_addr_copy(&msg->target, solicit);
582 if (send_llinfo)
583 ndisc_fill_addr_option(msg->opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
584 dev->addr_len, dev->type);
586 /* checksum */
587 msg->icmph.icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr,
588 daddr, len,
589 IPPROTO_ICMPV6,
590 csum_partial((__u8 *) msg,
591 len, 0));
592 /* send it! */
593 skb->dst = dst;
594 idev = in6_dev_get(dst->dev);
595 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
596 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
597 if (!err) {
598 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORSOLICITS);
599 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
602 if (likely(idev != NULL))
603 in6_dev_put(idev);
606 void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
607 struct in6_addr *daddr)
609 struct flowi fl;
610 struct dst_entry* dst;
611 struct inet6_dev *idev;
612 struct sock *sk = ndisc_socket->sk;
613 struct sk_buff *skb;
614 struct icmp6hdr *hdr;
615 __u8 * opt;
616 int len;
617 int err;
619 ndisc_flow_init(&fl, NDISC_ROUTER_SOLICITATION, saddr, daddr);
621 dst = ndisc_dst_alloc(dev, NULL, daddr, ip6_output);
622 if (!dst)
623 return;
625 err = xfrm_lookup(&dst, &fl, NULL, 0);
626 if (err < 0)
627 return;
629 len = sizeof(struct icmp6hdr);
630 if (dev->addr_len)
631 len += ndisc_opt_addr_space(dev);
633 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
634 1, &err);
635 if (skb == NULL) {
636 ND_PRINTK0(KERN_ERR
637 "ICMPv6 RS: %s() failed to allocate an skb.\n",
638 __FUNCTION__);
639 dst_release(dst);
640 return;
643 skb_reserve(skb, LL_RESERVED_SPACE(dev));
644 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
646 hdr = (struct icmp6hdr *)skb_put(skb, len);
647 skb->h.raw = (unsigned char*)hdr;
648 hdr->icmp6_type = NDISC_ROUTER_SOLICITATION;
649 hdr->icmp6_code = 0;
650 hdr->icmp6_cksum = 0;
651 hdr->icmp6_unused = 0;
653 opt = (u8*) (hdr + 1);
655 if (dev->addr_len)
656 ndisc_fill_addr_option(opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
657 dev->addr_len, dev->type);
659 /* checksum */
660 hdr->icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr, daddr, len,
661 IPPROTO_ICMPV6,
662 csum_partial((__u8 *) hdr, len, 0));
664 /* send it! */
665 skb->dst = dst;
666 idev = in6_dev_get(dst->dev);
667 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
668 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
669 if (!err) {
670 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTROUTERSOLICITS);
671 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
674 if (likely(idev != NULL))
675 in6_dev_put(idev);
679 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
682 * "The sender MUST return an ICMP
683 * destination unreachable"
685 dst_link_failure(skb);
686 kfree_skb(skb);
689 /* Called with locked neigh: either read or both */
691 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
693 struct in6_addr *saddr = NULL;
694 struct in6_addr mcaddr;
695 struct net_device *dev = neigh->dev;
696 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
697 int probes = atomic_read(&neigh->probes);
699 if (skb && ipv6_chk_addr(&skb->nh.ipv6h->saddr, dev, 1))
700 saddr = &skb->nh.ipv6h->saddr;
702 if ((probes -= neigh->parms->ucast_probes) < 0) {
703 if (!(neigh->nud_state & NUD_VALID)) {
704 ND_PRINTK1(KERN_DEBUG
705 "%s(): trying to ucast probe in NUD_INVALID: "
706 NIP6_FMT "\n",
707 __FUNCTION__,
708 NIP6(*target));
710 ndisc_send_ns(dev, neigh, target, target, saddr);
711 } else if ((probes -= neigh->parms->app_probes) < 0) {
712 #ifdef CONFIG_ARPD
713 neigh_app_ns(neigh);
714 #endif
715 } else {
716 addrconf_addr_solict_mult(target, &mcaddr);
717 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
721 static void ndisc_recv_ns(struct sk_buff *skb)
723 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
724 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
725 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
726 u8 *lladdr = NULL;
727 u32 ndoptlen = skb->tail - msg->opt;
728 struct ndisc_options ndopts;
729 struct net_device *dev = skb->dev;
730 struct inet6_ifaddr *ifp;
731 struct inet6_dev *idev = NULL;
732 struct neighbour *neigh;
733 int dad = ipv6_addr_any(saddr);
734 int inc;
736 if (ipv6_addr_is_multicast(&msg->target)) {
737 ND_PRINTK2(KERN_WARNING
738 "ICMPv6 NS: multicast target address");
739 return;
743 * RFC2461 7.1.1:
744 * DAD has to be destined for solicited node multicast address.
746 if (dad &&
747 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
748 daddr->s6_addr32[1] == htonl(0x00000000) &&
749 daddr->s6_addr32[2] == htonl(0x00000001) &&
750 daddr->s6_addr [12] == 0xff )) {
751 ND_PRINTK2(KERN_WARNING
752 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
753 return;
756 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
757 ND_PRINTK2(KERN_WARNING
758 "ICMPv6 NS: invalid ND options\n");
759 return;
762 if (ndopts.nd_opts_src_lladdr) {
763 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
764 if (!lladdr) {
765 ND_PRINTK2(KERN_WARNING
766 "ICMPv6 NS: invalid link-layer address length\n");
767 return;
770 /* RFC2461 7.1.1:
771 * If the IP source address is the unspecified address,
772 * there MUST NOT be source link-layer address option
773 * in the message.
775 if (dad) {
776 ND_PRINTK2(KERN_WARNING
777 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
778 return;
782 inc = ipv6_addr_is_multicast(daddr);
784 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) {
785 if (ifp->flags & IFA_F_TENTATIVE) {
786 /* Address is tentative. If the source
787 is unspecified address, it is someone
788 does DAD, otherwise we ignore solicitations
789 until DAD timer expires.
791 if (!dad)
792 goto out;
793 if (dev->type == ARPHRD_IEEE802_TR) {
794 unsigned char *sadr = skb->mac.raw;
795 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
796 sadr[9] == dev->dev_addr[1] &&
797 sadr[10] == dev->dev_addr[2] &&
798 sadr[11] == dev->dev_addr[3] &&
799 sadr[12] == dev->dev_addr[4] &&
800 sadr[13] == dev->dev_addr[5]) {
801 /* looped-back to us */
802 goto out;
805 addrconf_dad_failure(ifp);
806 return;
809 idev = ifp->idev;
810 } else {
811 idev = in6_dev_get(dev);
812 if (!idev) {
813 /* XXX: count this drop? */
814 return;
817 if (ipv6_chk_acast_addr(dev, &msg->target) ||
818 (idev->cnf.forwarding &&
819 pneigh_lookup(&nd_tbl, &msg->target, dev, 0))) {
820 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
821 skb->pkt_type != PACKET_HOST &&
822 inc != 0 &&
823 idev->nd_parms->proxy_delay != 0) {
825 * for anycast or proxy,
826 * sender should delay its response
827 * by a random time between 0 and
828 * MAX_ANYCAST_DELAY_TIME seconds.
829 * (RFC2461) -- yoshfuji
831 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
832 if (n)
833 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
834 goto out;
836 } else
837 goto out;
840 if (dad) {
841 struct in6_addr maddr;
843 ipv6_addr_all_nodes(&maddr);
844 ndisc_send_na(dev, NULL, &maddr, &msg->target,
845 idev->cnf.forwarding, 0, (ifp != NULL), 1);
846 goto out;
849 if (inc)
850 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
851 else
852 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
855 * update / create cache entry
856 * for the source address
858 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
859 !inc || lladdr || !dev->addr_len);
860 if (neigh)
861 neigh_update(neigh, lladdr, NUD_STALE,
862 NEIGH_UPDATE_F_WEAK_OVERRIDE|
863 NEIGH_UPDATE_F_OVERRIDE);
864 if (neigh || !dev->hard_header) {
865 ndisc_send_na(dev, neigh, saddr, &msg->target,
866 idev->cnf.forwarding,
867 1, (ifp != NULL && inc), inc);
868 if (neigh)
869 neigh_release(neigh);
872 out:
873 if (ifp)
874 in6_ifa_put(ifp);
875 else
876 in6_dev_put(idev);
878 return;
881 static void ndisc_recv_na(struct sk_buff *skb)
883 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
884 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
885 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
886 u8 *lladdr = NULL;
887 u32 ndoptlen = skb->tail - msg->opt;
888 struct ndisc_options ndopts;
889 struct net_device *dev = skb->dev;
890 struct inet6_ifaddr *ifp;
891 struct neighbour *neigh;
893 if (skb->len < sizeof(struct nd_msg)) {
894 ND_PRINTK2(KERN_WARNING
895 "ICMPv6 NA: packet too short\n");
896 return;
899 if (ipv6_addr_is_multicast(&msg->target)) {
900 ND_PRINTK2(KERN_WARNING
901 "ICMPv6 NA: target address is multicast.\n");
902 return;
905 if (ipv6_addr_is_multicast(daddr) &&
906 msg->icmph.icmp6_solicited) {
907 ND_PRINTK2(KERN_WARNING
908 "ICMPv6 NA: solicited NA is multicasted.\n");
909 return;
912 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
913 ND_PRINTK2(KERN_WARNING
914 "ICMPv6 NS: invalid ND option\n");
915 return;
917 if (ndopts.nd_opts_tgt_lladdr) {
918 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
919 if (!lladdr) {
920 ND_PRINTK2(KERN_WARNING
921 "ICMPv6 NA: invalid link-layer address length\n");
922 return;
925 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1))) {
926 if (ifp->flags & IFA_F_TENTATIVE) {
927 addrconf_dad_failure(ifp);
928 return;
930 /* What should we make now? The advertisement
931 is invalid, but ndisc specs say nothing
932 about it. It could be misconfiguration, or
933 an smart proxy agent tries to help us :-)
935 ND_PRINTK1(KERN_WARNING
936 "ICMPv6 NA: someone advertises our address on %s!\n",
937 ifp->idev->dev->name);
938 in6_ifa_put(ifp);
939 return;
941 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
943 if (neigh) {
944 u8 old_flags = neigh->flags;
946 if (neigh->nud_state & NUD_FAILED)
947 goto out;
949 neigh_update(neigh, lladdr,
950 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
951 NEIGH_UPDATE_F_WEAK_OVERRIDE|
952 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
953 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
954 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
956 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
958 * Change: router to host
960 struct rt6_info *rt;
961 rt = rt6_get_dflt_router(saddr, dev);
962 if (rt)
963 ip6_del_rt(rt, NULL, NULL, NULL);
966 out:
967 neigh_release(neigh);
971 static void ndisc_recv_rs(struct sk_buff *skb)
973 struct rs_msg *rs_msg = (struct rs_msg *) skb->h.raw;
974 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
975 struct neighbour *neigh;
976 struct inet6_dev *idev;
977 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
978 struct ndisc_options ndopts;
979 u8 *lladdr = NULL;
981 if (skb->len < sizeof(*rs_msg))
982 return;
984 idev = in6_dev_get(skb->dev);
985 if (!idev) {
986 if (net_ratelimit())
987 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
988 return;
991 /* Don't accept RS if we're not in router mode */
992 if (!idev->cnf.forwarding)
993 goto out;
996 * Don't update NCE if src = ::;
997 * this implies that the source node has no ip address assigned yet.
999 if (ipv6_addr_any(saddr))
1000 goto out;
1002 /* Parse ND options */
1003 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1004 if (net_ratelimit())
1005 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1006 goto out;
1009 if (ndopts.nd_opts_src_lladdr) {
1010 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1011 skb->dev);
1012 if (!lladdr)
1013 goto out;
1016 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1017 if (neigh) {
1018 neigh_update(neigh, lladdr, NUD_STALE,
1019 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1020 NEIGH_UPDATE_F_OVERRIDE|
1021 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1022 neigh_release(neigh);
1024 out:
1025 in6_dev_put(idev);
1028 static void ndisc_router_discovery(struct sk_buff *skb)
1030 struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw;
1031 struct neighbour *neigh = NULL;
1032 struct inet6_dev *in6_dev;
1033 struct rt6_info *rt = NULL;
1034 int lifetime;
1035 struct ndisc_options ndopts;
1036 int optlen;
1037 unsigned int pref = 0;
1039 __u8 * opt = (__u8 *)(ra_msg + 1);
1041 optlen = (skb->tail - skb->h.raw) - sizeof(struct ra_msg);
1043 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1044 ND_PRINTK2(KERN_WARNING
1045 "ICMPv6 RA: source address is not link-local.\n");
1046 return;
1048 if (optlen < 0) {
1049 ND_PRINTK2(KERN_WARNING
1050 "ICMPv6 RA: packet too short\n");
1051 return;
1055 * set the RA_RECV flag in the interface
1058 in6_dev = in6_dev_get(skb->dev);
1059 if (in6_dev == NULL) {
1060 ND_PRINTK0(KERN_ERR
1061 "ICMPv6 RA: can't find inet6 device for %s.\n",
1062 skb->dev->name);
1063 return;
1065 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1066 in6_dev_put(in6_dev);
1067 return;
1070 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1071 in6_dev_put(in6_dev);
1072 ND_PRINTK2(KERN_WARNING
1073 "ICMP6 RA: invalid ND options\n");
1074 return;
1077 if (in6_dev->if_flags & IF_RS_SENT) {
1079 * flag that an RA was received after an RS was sent
1080 * out on this interface.
1082 in6_dev->if_flags |= IF_RA_RCVD;
1086 * Remember the managed/otherconf flags from most recently
1087 * received RA message (RFC 2462) -- yoshfuji
1089 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1090 IF_RA_OTHERCONF)) |
1091 (ra_msg->icmph.icmp6_addrconf_managed ?
1092 IF_RA_MANAGED : 0) |
1093 (ra_msg->icmph.icmp6_addrconf_other ?
1094 IF_RA_OTHERCONF : 0);
1096 if (!in6_dev->cnf.accept_ra_defrtr)
1097 goto skip_defrtr;
1099 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1101 #ifdef CONFIG_IPV6_ROUTER_PREF
1102 pref = ra_msg->icmph.icmp6_router_pref;
1103 /* 10b is handled as if it were 00b (medium) */
1104 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1105 in6_dev->cnf.accept_ra_rtr_pref)
1106 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1107 #endif
1109 rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev);
1111 if (rt)
1112 neigh = rt->rt6i_nexthop;
1114 if (rt && lifetime == 0) {
1115 neigh_clone(neigh);
1116 ip6_del_rt(rt, NULL, NULL, NULL);
1117 rt = NULL;
1120 if (rt == NULL && lifetime) {
1121 ND_PRINTK3(KERN_DEBUG
1122 "ICMPv6 RA: adding default router.\n");
1124 rt = rt6_add_dflt_router(&skb->nh.ipv6h->saddr, skb->dev, pref);
1125 if (rt == NULL) {
1126 ND_PRINTK0(KERN_ERR
1127 "ICMPv6 RA: %s() failed to add default route.\n",
1128 __FUNCTION__);
1129 in6_dev_put(in6_dev);
1130 return;
1133 neigh = rt->rt6i_nexthop;
1134 if (neigh == NULL) {
1135 ND_PRINTK0(KERN_ERR
1136 "ICMPv6 RA: %s() got default router without neighbour.\n",
1137 __FUNCTION__);
1138 dst_release(&rt->u.dst);
1139 in6_dev_put(in6_dev);
1140 return;
1142 neigh->flags |= NTF_ROUTER;
1143 } else if (rt) {
1144 rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1147 if (rt)
1148 rt->rt6i_expires = jiffies + (HZ * lifetime);
1150 if (ra_msg->icmph.icmp6_hop_limit) {
1151 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1152 if (rt)
1153 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1156 skip_defrtr:
1159 * Update Reachable Time and Retrans Timer
1162 if (in6_dev->nd_parms) {
1163 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1165 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1166 rtime = (rtime*HZ)/1000;
1167 if (rtime < HZ/10)
1168 rtime = HZ/10;
1169 in6_dev->nd_parms->retrans_time = rtime;
1170 in6_dev->tstamp = jiffies;
1171 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1174 rtime = ntohl(ra_msg->reachable_time);
1175 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1176 rtime = (rtime*HZ)/1000;
1178 if (rtime < HZ/10)
1179 rtime = HZ/10;
1181 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1182 in6_dev->nd_parms->base_reachable_time = rtime;
1183 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1184 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1185 in6_dev->tstamp = jiffies;
1186 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1192 * Process options.
1195 if (!neigh)
1196 neigh = __neigh_lookup(&nd_tbl, &skb->nh.ipv6h->saddr,
1197 skb->dev, 1);
1198 if (neigh) {
1199 u8 *lladdr = NULL;
1200 if (ndopts.nd_opts_src_lladdr) {
1201 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1202 skb->dev);
1203 if (!lladdr) {
1204 ND_PRINTK2(KERN_WARNING
1205 "ICMPv6 RA: invalid link-layer address length\n");
1206 goto out;
1209 neigh_update(neigh, lladdr, NUD_STALE,
1210 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1211 NEIGH_UPDATE_F_OVERRIDE|
1212 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1213 NEIGH_UPDATE_F_ISROUTER);
1216 #ifdef CONFIG_IPV6_ROUTE_INFO
1217 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1218 struct nd_opt_hdr *p;
1219 for (p = ndopts.nd_opts_ri;
1221 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1222 if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1223 continue;
1224 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1225 &skb->nh.ipv6h->saddr);
1228 #endif
1230 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1231 struct nd_opt_hdr *p;
1232 for (p = ndopts.nd_opts_pi;
1234 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1235 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1239 if (ndopts.nd_opts_mtu) {
1240 u32 mtu;
1242 memcpy(&mtu, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1243 mtu = ntohl(mtu);
1245 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1246 ND_PRINTK2(KERN_WARNING
1247 "ICMPv6 RA: invalid mtu: %d\n",
1248 mtu);
1249 } else if (in6_dev->cnf.mtu6 != mtu) {
1250 in6_dev->cnf.mtu6 = mtu;
1252 if (rt)
1253 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1255 rt6_mtu_change(skb->dev, mtu);
1259 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1260 ND_PRINTK2(KERN_WARNING
1261 "ICMPv6 RA: invalid RA options");
1263 out:
1264 if (rt)
1265 dst_release(&rt->u.dst);
1266 else if (neigh)
1267 neigh_release(neigh);
1268 in6_dev_put(in6_dev);
1271 static void ndisc_redirect_rcv(struct sk_buff *skb)
1273 struct inet6_dev *in6_dev;
1274 struct icmp6hdr *icmph;
1275 struct in6_addr *dest;
1276 struct in6_addr *target; /* new first hop to destination */
1277 struct neighbour *neigh;
1278 int on_link = 0;
1279 struct ndisc_options ndopts;
1280 int optlen;
1281 u8 *lladdr = NULL;
1283 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1284 ND_PRINTK2(KERN_WARNING
1285 "ICMPv6 Redirect: source address is not link-local.\n");
1286 return;
1289 optlen = skb->tail - skb->h.raw;
1290 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1292 if (optlen < 0) {
1293 ND_PRINTK2(KERN_WARNING
1294 "ICMPv6 Redirect: packet too short\n");
1295 return;
1298 icmph = (struct icmp6hdr *) skb->h.raw;
1299 target = (struct in6_addr *) (icmph + 1);
1300 dest = target + 1;
1302 if (ipv6_addr_is_multicast(dest)) {
1303 ND_PRINTK2(KERN_WARNING
1304 "ICMPv6 Redirect: destination address is multicast.\n");
1305 return;
1308 if (ipv6_addr_equal(dest, target)) {
1309 on_link = 1;
1310 } else if (!(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) {
1311 ND_PRINTK2(KERN_WARNING
1312 "ICMPv6 Redirect: target address is not link-local.\n");
1313 return;
1316 in6_dev = in6_dev_get(skb->dev);
1317 if (!in6_dev)
1318 return;
1319 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1320 in6_dev_put(in6_dev);
1321 return;
1324 /* RFC2461 8.1:
1325 * The IP source address of the Redirect MUST be the same as the current
1326 * first-hop router for the specified ICMP Destination Address.
1329 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1330 ND_PRINTK2(KERN_WARNING
1331 "ICMPv6 Redirect: invalid ND options\n");
1332 in6_dev_put(in6_dev);
1333 return;
1335 if (ndopts.nd_opts_tgt_lladdr) {
1336 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1337 skb->dev);
1338 if (!lladdr) {
1339 ND_PRINTK2(KERN_WARNING
1340 "ICMPv6 Redirect: invalid link-layer address length\n");
1341 in6_dev_put(in6_dev);
1342 return;
1346 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1347 if (neigh) {
1348 rt6_redirect(dest, &skb->nh.ipv6h->saddr, neigh, lladdr,
1349 on_link);
1350 neigh_release(neigh);
1352 in6_dev_put(in6_dev);
1355 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1356 struct in6_addr *target)
1358 struct sock *sk = ndisc_socket->sk;
1359 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1360 struct sk_buff *buff;
1361 struct icmp6hdr *icmph;
1362 struct in6_addr saddr_buf;
1363 struct in6_addr *addrp;
1364 struct net_device *dev;
1365 struct rt6_info *rt;
1366 struct dst_entry *dst;
1367 struct inet6_dev *idev;
1368 struct flowi fl;
1369 u8 *opt;
1370 int rd_len;
1371 int err;
1372 int hlen;
1373 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1375 dev = skb->dev;
1377 if (ipv6_get_lladdr(dev, &saddr_buf)) {
1378 ND_PRINTK2(KERN_WARNING
1379 "ICMPv6 Redirect: no link-local address on %s\n",
1380 dev->name);
1381 return;
1384 ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr);
1386 dst = ip6_route_output(NULL, &fl);
1387 if (dst == NULL)
1388 return;
1390 err = xfrm_lookup(&dst, &fl, NULL, 0);
1391 if (err)
1392 return;
1394 rt = (struct rt6_info *) dst;
1396 if (rt->rt6i_flags & RTF_GATEWAY) {
1397 ND_PRINTK2(KERN_WARNING
1398 "ICMPv6 Redirect: destination is not a neighbour.\n");
1399 dst_release(dst);
1400 return;
1402 if (!xrlim_allow(dst, 1*HZ)) {
1403 dst_release(dst);
1404 return;
1407 if (dev->addr_len) {
1408 read_lock_bh(&neigh->lock);
1409 if (neigh->nud_state & NUD_VALID) {
1410 memcpy(ha_buf, neigh->ha, dev->addr_len);
1411 read_unlock_bh(&neigh->lock);
1412 ha = ha_buf;
1413 len += ndisc_opt_addr_space(dev);
1414 } else
1415 read_unlock_bh(&neigh->lock);
1418 rd_len = min_t(unsigned int,
1419 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1420 rd_len &= ~0x7;
1421 len += rd_len;
1423 buff = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
1424 1, &err);
1425 if (buff == NULL) {
1426 ND_PRINTK0(KERN_ERR
1427 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1428 __FUNCTION__);
1429 dst_release(dst);
1430 return;
1433 hlen = 0;
1435 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1436 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &skb->nh.ipv6h->saddr,
1437 IPPROTO_ICMPV6, len);
1439 icmph = (struct icmp6hdr *)skb_put(buff, len);
1440 buff->h.raw = (unsigned char*)icmph;
1442 memset(icmph, 0, sizeof(struct icmp6hdr));
1443 icmph->icmp6_type = NDISC_REDIRECT;
1446 * copy target and destination addresses
1449 addrp = (struct in6_addr *)(icmph + 1);
1450 ipv6_addr_copy(addrp, target);
1451 addrp++;
1452 ipv6_addr_copy(addrp, &skb->nh.ipv6h->daddr);
1454 opt = (u8*) (addrp + 1);
1457 * include target_address option
1460 if (ha)
1461 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1462 dev->addr_len, dev->type);
1465 * build redirect option and copy skb over to the new packet.
1468 memset(opt, 0, 8);
1469 *(opt++) = ND_OPT_REDIRECT_HDR;
1470 *(opt++) = (rd_len >> 3);
1471 opt += 6;
1473 memcpy(opt, skb->nh.ipv6h, rd_len - 8);
1475 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &skb->nh.ipv6h->saddr,
1476 len, IPPROTO_ICMPV6,
1477 csum_partial((u8 *) icmph, len, 0));
1479 buff->dst = dst;
1480 idev = in6_dev_get(dst->dev);
1481 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
1482 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, buff, NULL, dst->dev, dst_output);
1483 if (!err) {
1484 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTREDIRECTS);
1485 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1488 if (likely(idev != NULL))
1489 in6_dev_put(idev);
1492 static void pndisc_redo(struct sk_buff *skb)
1494 ndisc_recv_ns(skb);
1495 kfree_skb(skb);
1498 int ndisc_rcv(struct sk_buff *skb)
1500 struct nd_msg *msg;
1502 if (!pskb_may_pull(skb, skb->len))
1503 return 0;
1505 msg = (struct nd_msg *) skb->h.raw;
1507 __skb_push(skb, skb->data-skb->h.raw);
1509 if (skb->nh.ipv6h->hop_limit != 255) {
1510 ND_PRINTK2(KERN_WARNING
1511 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1512 skb->nh.ipv6h->hop_limit);
1513 return 0;
1516 if (msg->icmph.icmp6_code != 0) {
1517 ND_PRINTK2(KERN_WARNING
1518 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1519 msg->icmph.icmp6_code);
1520 return 0;
1523 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1525 switch (msg->icmph.icmp6_type) {
1526 case NDISC_NEIGHBOUR_SOLICITATION:
1527 ndisc_recv_ns(skb);
1528 break;
1530 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1531 ndisc_recv_na(skb);
1532 break;
1534 case NDISC_ROUTER_SOLICITATION:
1535 ndisc_recv_rs(skb);
1536 break;
1538 case NDISC_ROUTER_ADVERTISEMENT:
1539 ndisc_router_discovery(skb);
1540 break;
1542 case NDISC_REDIRECT:
1543 ndisc_redirect_rcv(skb);
1544 break;
1547 return 0;
1550 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1552 struct net_device *dev = ptr;
1554 switch (event) {
1555 case NETDEV_CHANGEADDR:
1556 neigh_changeaddr(&nd_tbl, dev);
1557 fib6_run_gc(~0UL);
1558 break;
1559 case NETDEV_DOWN:
1560 neigh_ifdown(&nd_tbl, dev);
1561 fib6_run_gc(~0UL);
1562 break;
1563 default:
1564 break;
1567 return NOTIFY_DONE;
1570 static struct notifier_block ndisc_netdev_notifier = {
1571 .notifier_call = ndisc_netdev_event,
1574 #ifdef CONFIG_SYSCTL
1575 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1576 const char *func, const char *dev_name)
1578 static char warncomm[TASK_COMM_LEN];
1579 static int warned;
1580 if (strcmp(warncomm, current->comm) && warned < 5) {
1581 strcpy(warncomm, current->comm);
1582 printk(KERN_WARNING
1583 "process `%s' is using deprecated sysctl (%s) "
1584 "net.ipv6.neigh.%s.%s; "
1585 "Use net.ipv6.neigh.%s.%s_ms "
1586 "instead.\n",
1587 warncomm, func,
1588 dev_name, ctl->procname,
1589 dev_name, ctl->procname);
1590 warned++;
1594 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1596 struct net_device *dev = ctl->extra1;
1597 struct inet6_dev *idev;
1598 int ret;
1600 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1601 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1602 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1604 switch (ctl->ctl_name) {
1605 case NET_NEIGH_RETRANS_TIME:
1606 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1607 break;
1608 case NET_NEIGH_REACHABLE_TIME:
1609 ret = proc_dointvec_jiffies(ctl, write,
1610 filp, buffer, lenp, ppos);
1611 break;
1612 case NET_NEIGH_RETRANS_TIME_MS:
1613 case NET_NEIGH_REACHABLE_TIME_MS:
1614 ret = proc_dointvec_ms_jiffies(ctl, write,
1615 filp, buffer, lenp, ppos);
1616 break;
1617 default:
1618 ret = -1;
1621 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1622 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1623 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1624 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1625 idev->tstamp = jiffies;
1626 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1627 in6_dev_put(idev);
1629 return ret;
1632 static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1633 int nlen, void __user *oldval,
1634 size_t __user *oldlenp,
1635 void __user *newval, size_t newlen,
1636 void **context)
1638 struct net_device *dev = ctl->extra1;
1639 struct inet6_dev *idev;
1640 int ret;
1642 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1643 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1644 ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1646 switch (ctl->ctl_name) {
1647 case NET_NEIGH_REACHABLE_TIME:
1648 ret = sysctl_jiffies(ctl, name, nlen,
1649 oldval, oldlenp, newval, newlen,
1650 context);
1651 break;
1652 case NET_NEIGH_RETRANS_TIME_MS:
1653 case NET_NEIGH_REACHABLE_TIME_MS:
1654 ret = sysctl_ms_jiffies(ctl, name, nlen,
1655 oldval, oldlenp, newval, newlen,
1656 context);
1657 break;
1658 default:
1659 ret = 0;
1662 if (newval && newlen && ret > 0 &&
1663 dev && (idev = in6_dev_get(dev)) != NULL) {
1664 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1665 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1666 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1667 idev->tstamp = jiffies;
1668 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1669 in6_dev_put(idev);
1672 return ret;
1675 #endif
1677 int __init ndisc_init(struct net_proto_family *ops)
1679 struct ipv6_pinfo *np;
1680 struct sock *sk;
1681 int err;
1683 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket);
1684 if (err < 0) {
1685 ND_PRINTK0(KERN_ERR
1686 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1687 err);
1688 ndisc_socket = NULL; /* For safety. */
1689 return err;
1692 sk = ndisc_socket->sk;
1693 np = inet6_sk(sk);
1694 sk->sk_allocation = GFP_ATOMIC;
1695 np->hop_limit = 255;
1696 /* Do not loopback ndisc messages */
1697 np->mc_loop = 0;
1698 sk->sk_prot->unhash(sk);
1701 * Initialize the neighbour table
1704 neigh_table_init(&nd_tbl);
1706 #ifdef CONFIG_SYSCTL
1707 neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH,
1708 "ipv6",
1709 &ndisc_ifinfo_sysctl_change,
1710 &ndisc_ifinfo_sysctl_strategy);
1711 #endif
1713 register_netdevice_notifier(&ndisc_netdev_notifier);
1714 return 0;
1717 void ndisc_cleanup(void)
1719 #ifdef CONFIG_SYSCTL
1720 neigh_sysctl_unregister(&nd_tbl.parms);
1721 #endif
1722 neigh_table_clear(&nd_tbl);
1723 sock_release(ndisc_socket);
1724 ndisc_socket = NULL; /* For safety. */