Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * Neighbour Discovery for IPv6 | |
1ab1457c | 3 | * Linux INET6 implementation |
1da177e4 LT |
4 | * |
5 | * Authors: | |
1ab1457c | 6 | * Pedro Roque <roque@di.fc.ul.pt> |
1da177e4 LT |
7 | * Mike Shaver <shaver@ingenia.com> |
8 | * | |
9 | * This program is free software; you can redistribute it and/or | |
10 | * modify it under the terms of the GNU General Public License | |
11 | * as published by the Free Software Foundation; either version | |
12 | * 2 of the License, or (at your option) any later version. | |
13 | */ | |
14 | ||
15 | /* | |
16 | * Changes: | |
17 | * | |
18 | * Lars Fenneberg : fixed MTU setting on receipt | |
19 | * of an RA. | |
20 | * | |
21 | * Janos Farkas : kmalloc failure checks | |
22 | * Alexey Kuznetsov : state machine reworked | |
23 | * and moved to net/core. | |
24 | * Pekka Savola : RFC2461 validation | |
25 | * YOSHIFUJI Hideaki @USAGI : Verify ND options properly | |
26 | */ | |
27 | ||
28 | /* Set to 3 to get tracing... */ | |
29 | #define ND_DEBUG 1 | |
30 | ||
31 | #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0) | |
32 | #define ND_NOPRINTK(x...) do { ; } while(0) | |
33 | #define ND_PRINTK0 ND_PRINTK | |
34 | #define ND_PRINTK1 ND_NOPRINTK | |
35 | #define ND_PRINTK2 ND_NOPRINTK | |
36 | #define ND_PRINTK3 ND_NOPRINTK | |
37 | #if ND_DEBUG >= 1 | |
38 | #undef ND_PRINTK1 | |
39 | #define ND_PRINTK1 ND_PRINTK | |
40 | #endif | |
41 | #if ND_DEBUG >= 2 | |
42 | #undef ND_PRINTK2 | |
43 | #define ND_PRINTK2 ND_PRINTK | |
44 | #endif | |
45 | #if ND_DEBUG >= 3 | |
46 | #undef ND_PRINTK3 | |
47 | #define ND_PRINTK3 ND_PRINTK | |
48 | #endif | |
49 | ||
50 | #include <linux/module.h> | |
1da177e4 LT |
51 | #include <linux/errno.h> |
52 | #include <linux/types.h> | |
53 | #include <linux/socket.h> | |
54 | #include <linux/sockios.h> | |
55 | #include <linux/sched.h> | |
56 | #include <linux/net.h> | |
57 | #include <linux/in6.h> | |
58 | #include <linux/route.h> | |
59 | #include <linux/init.h> | |
60 | #include <linux/rcupdate.h> | |
61 | #ifdef CONFIG_SYSCTL | |
62 | #include <linux/sysctl.h> | |
63 | #endif | |
64 | ||
1823730f | 65 | #include <linux/if_addr.h> |
1da177e4 LT |
66 | #include <linux/if_arp.h> |
67 | #include <linux/ipv6.h> | |
68 | #include <linux/icmpv6.h> | |
69 | #include <linux/jhash.h> | |
70 | ||
71 | #include <net/sock.h> | |
72 | #include <net/snmp.h> | |
73 | ||
74 | #include <net/ipv6.h> | |
75 | #include <net/protocol.h> | |
76 | #include <net/ndisc.h> | |
77 | #include <net/ip6_route.h> | |
78 | #include <net/addrconf.h> | |
79 | #include <net/icmp.h> | |
80 | ||
81 | #include <net/flow.h> | |
82 | #include <net/ip6_checksum.h> | |
83 | #include <linux/proc_fs.h> | |
84 | ||
85 | #include <linux/netfilter.h> | |
86 | #include <linux/netfilter_ipv6.h> | |
87 | ||
88 | static struct socket *ndisc_socket; | |
89 | ||
90 | static u32 ndisc_hash(const void *pkey, const struct net_device *dev); | |
91 | static int ndisc_constructor(struct neighbour *neigh); | |
92 | static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb); | |
93 | static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb); | |
94 | static int pndisc_constructor(struct pneigh_entry *n); | |
95 | static void pndisc_destructor(struct pneigh_entry *n); | |
96 | static void pndisc_redo(struct sk_buff *skb); | |
97 | ||
98 | static struct neigh_ops ndisc_generic_ops = { | |
99 | .family = AF_INET6, | |
100 | .solicit = ndisc_solicit, | |
101 | .error_report = ndisc_error_report, | |
102 | .output = neigh_resolve_output, | |
103 | .connected_output = neigh_connected_output, | |
104 | .hh_output = dev_queue_xmit, | |
105 | .queue_xmit = dev_queue_xmit, | |
106 | }; | |
107 | ||
108 | static struct neigh_ops ndisc_hh_ops = { | |
109 | .family = AF_INET6, | |
110 | .solicit = ndisc_solicit, | |
111 | .error_report = ndisc_error_report, | |
112 | .output = neigh_resolve_output, | |
113 | .connected_output = neigh_resolve_output, | |
114 | .hh_output = dev_queue_xmit, | |
115 | .queue_xmit = dev_queue_xmit, | |
116 | }; | |
117 | ||
118 | ||
119 | static struct neigh_ops ndisc_direct_ops = { | |
120 | .family = AF_INET6, | |
121 | .output = dev_queue_xmit, | |
122 | .connected_output = dev_queue_xmit, | |
123 | .hh_output = dev_queue_xmit, | |
124 | .queue_xmit = dev_queue_xmit, | |
125 | }; | |
126 | ||
127 | struct neigh_table nd_tbl = { | |
128 | .family = AF_INET6, | |
129 | .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr), | |
130 | .key_len = sizeof(struct in6_addr), | |
131 | .hash = ndisc_hash, | |
132 | .constructor = ndisc_constructor, | |
133 | .pconstructor = pndisc_constructor, | |
134 | .pdestructor = pndisc_destructor, | |
135 | .proxy_redo = pndisc_redo, | |
136 | .id = "ndisc_cache", | |
137 | .parms = { | |
138 | .tbl = &nd_tbl, | |
139 | .base_reachable_time = 30 * HZ, | |
140 | .retrans_time = 1 * HZ, | |
141 | .gc_staletime = 60 * HZ, | |
142 | .reachable_time = 30 * HZ, | |
143 | .delay_probe_time = 5 * HZ, | |
144 | .queue_len = 3, | |
145 | .ucast_probes = 3, | |
146 | .mcast_probes = 3, | |
147 | .anycast_delay = 1 * HZ, | |
148 | .proxy_delay = (8 * HZ) / 10, | |
149 | .proxy_qlen = 64, | |
150 | }, | |
151 | .gc_interval = 30 * HZ, | |
152 | .gc_thresh1 = 128, | |
153 | .gc_thresh2 = 512, | |
154 | .gc_thresh3 = 1024, | |
155 | }; | |
156 | ||
157 | /* ND options */ | |
158 | struct ndisc_options { | |
70ceb4f5 YH |
159 | struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX]; |
160 | #ifdef CONFIG_IPV6_ROUTE_INFO | |
161 | struct nd_opt_hdr *nd_opts_ri; | |
162 | struct nd_opt_hdr *nd_opts_ri_end; | |
163 | #endif | |
1da177e4 LT |
164 | }; |
165 | ||
166 | #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR] | |
167 | #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR] | |
168 | #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO] | |
169 | #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END] | |
170 | #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR] | |
171 | #define nd_opts_mtu nd_opt_array[ND_OPT_MTU] | |
172 | ||
173 | #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7) | |
174 | ||
175 | /* | |
176 | * Return the padding between the option length and the start of the | |
177 | * link addr. Currently only IP-over-InfiniBand needs this, although | |
178 | * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may | |
179 | * also need a pad of 2. | |
180 | */ | |
181 | static int ndisc_addr_option_pad(unsigned short type) | |
182 | { | |
183 | switch (type) { | |
184 | case ARPHRD_INFINIBAND: return 2; | |
185 | default: return 0; | |
186 | } | |
187 | } | |
188 | ||
189 | static inline int ndisc_opt_addr_space(struct net_device *dev) | |
190 | { | |
191 | return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type)); | |
192 | } | |
193 | ||
194 | static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len, | |
195 | unsigned short addr_type) | |
196 | { | |
197 | int space = NDISC_OPT_SPACE(data_len); | |
198 | int pad = ndisc_addr_option_pad(addr_type); | |
199 | ||
200 | opt[0] = type; | |
201 | opt[1] = space>>3; | |
202 | ||
203 | memset(opt + 2, 0, pad); | |
204 | opt += pad; | |
205 | space -= pad; | |
206 | ||
207 | memcpy(opt+2, data, data_len); | |
208 | data_len += 2; | |
209 | opt += data_len; | |
210 | if ((space -= data_len) > 0) | |
211 | memset(opt, 0, space); | |
212 | return opt + space; | |
213 | } | |
214 | ||
215 | static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur, | |
216 | struct nd_opt_hdr *end) | |
217 | { | |
218 | int type; | |
219 | if (!cur || !end || cur >= end) | |
220 | return NULL; | |
221 | type = cur->nd_opt_type; | |
222 | do { | |
223 | cur = ((void *)cur) + (cur->nd_opt_len << 3); | |
224 | } while(cur < end && cur->nd_opt_type != type); | |
225 | return (cur <= end && cur->nd_opt_type == type ? cur : NULL); | |
226 | } | |
227 | ||
228 | static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len, | |
229 | struct ndisc_options *ndopts) | |
230 | { | |
231 | struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt; | |
232 | ||
233 | if (!nd_opt || opt_len < 0 || !ndopts) | |
234 | return NULL; | |
235 | memset(ndopts, 0, sizeof(*ndopts)); | |
236 | while (opt_len) { | |
237 | int l; | |
238 | if (opt_len < sizeof(struct nd_opt_hdr)) | |
239 | return NULL; | |
240 | l = nd_opt->nd_opt_len << 3; | |
241 | if (opt_len < l || l == 0) | |
242 | return NULL; | |
243 | switch (nd_opt->nd_opt_type) { | |
244 | case ND_OPT_SOURCE_LL_ADDR: | |
245 | case ND_OPT_TARGET_LL_ADDR: | |
246 | case ND_OPT_MTU: | |
247 | case ND_OPT_REDIRECT_HDR: | |
248 | if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) { | |
249 | ND_PRINTK2(KERN_WARNING | |
250 | "%s(): duplicated ND6 option found: type=%d\n", | |
251 | __FUNCTION__, | |
252 | nd_opt->nd_opt_type); | |
253 | } else { | |
254 | ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt; | |
255 | } | |
256 | break; | |
257 | case ND_OPT_PREFIX_INFO: | |
258 | ndopts->nd_opts_pi_end = nd_opt; | |
259 | if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) | |
260 | ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt; | |
261 | break; | |
70ceb4f5 YH |
262 | #ifdef CONFIG_IPV6_ROUTE_INFO |
263 | case ND_OPT_ROUTE_INFO: | |
264 | ndopts->nd_opts_ri_end = nd_opt; | |
265 | if (!ndopts->nd_opts_ri) | |
266 | ndopts->nd_opts_ri = nd_opt; | |
267 | break; | |
268 | #endif | |
1da177e4 LT |
269 | default: |
270 | /* | |
271 | * Unknown options must be silently ignored, | |
272 | * to accommodate future extension to the protocol. | |
273 | */ | |
274 | ND_PRINTK2(KERN_NOTICE | |
275 | "%s(): ignored unsupported option; type=%d, len=%d\n", | |
276 | __FUNCTION__, | |
277 | nd_opt->nd_opt_type, nd_opt->nd_opt_len); | |
278 | } | |
279 | opt_len -= l; | |
280 | nd_opt = ((void *)nd_opt) + l; | |
281 | } | |
282 | return ndopts; | |
283 | } | |
284 | ||
285 | static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p, | |
286 | struct net_device *dev) | |
287 | { | |
288 | u8 *lladdr = (u8 *)(p + 1); | |
289 | int lladdrlen = p->nd_opt_len << 3; | |
290 | int prepad = ndisc_addr_option_pad(dev->type); | |
291 | if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad)) | |
292 | return NULL; | |
293 | return (lladdr + prepad); | |
294 | } | |
295 | ||
296 | int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir) | |
297 | { | |
298 | switch (dev->type) { | |
299 | case ARPHRD_ETHER: | |
300 | case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */ | |
301 | case ARPHRD_FDDI: | |
302 | ipv6_eth_mc_map(addr, buf); | |
303 | return 0; | |
304 | case ARPHRD_IEEE802_TR: | |
305 | ipv6_tr_mc_map(addr,buf); | |
306 | return 0; | |
307 | case ARPHRD_ARCNET: | |
308 | ipv6_arcnet_mc_map(addr, buf); | |
309 | return 0; | |
310 | case ARPHRD_INFINIBAND: | |
311 | ipv6_ib_mc_map(addr, buf); | |
312 | return 0; | |
313 | default: | |
314 | if (dir) { | |
315 | memcpy(buf, dev->broadcast, dev->addr_len); | |
316 | return 0; | |
317 | } | |
318 | } | |
319 | return -EINVAL; | |
320 | } | |
321 | ||
7159039a YH |
322 | EXPORT_SYMBOL(ndisc_mc_map); |
323 | ||
1da177e4 LT |
324 | static u32 ndisc_hash(const void *pkey, const struct net_device *dev) |
325 | { | |
326 | const u32 *p32 = pkey; | |
327 | u32 addr_hash, i; | |
328 | ||
329 | addr_hash = 0; | |
330 | for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++) | |
331 | addr_hash ^= *p32++; | |
332 | ||
333 | return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd); | |
334 | } | |
335 | ||
336 | static int ndisc_constructor(struct neighbour *neigh) | |
337 | { | |
338 | struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key; | |
339 | struct net_device *dev = neigh->dev; | |
340 | struct inet6_dev *in6_dev; | |
341 | struct neigh_parms *parms; | |
342 | int is_multicast = ipv6_addr_is_multicast(addr); | |
343 | ||
344 | rcu_read_lock(); | |
345 | in6_dev = in6_dev_get(dev); | |
346 | if (in6_dev == NULL) { | |
347 | rcu_read_unlock(); | |
348 | return -EINVAL; | |
349 | } | |
350 | ||
351 | parms = in6_dev->nd_parms; | |
352 | __neigh_parms_put(neigh->parms); | |
353 | neigh->parms = neigh_parms_clone(parms); | |
354 | rcu_read_unlock(); | |
355 | ||
356 | neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST; | |
357 | if (dev->hard_header == NULL) { | |
358 | neigh->nud_state = NUD_NOARP; | |
359 | neigh->ops = &ndisc_direct_ops; | |
360 | neigh->output = neigh->ops->queue_xmit; | |
361 | } else { | |
362 | if (is_multicast) { | |
363 | neigh->nud_state = NUD_NOARP; | |
364 | ndisc_mc_map(addr, neigh->ha, dev, 1); | |
365 | } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) { | |
366 | neigh->nud_state = NUD_NOARP; | |
367 | memcpy(neigh->ha, dev->dev_addr, dev->addr_len); | |
368 | if (dev->flags&IFF_LOOPBACK) | |
369 | neigh->type = RTN_LOCAL; | |
370 | } else if (dev->flags&IFF_POINTOPOINT) { | |
371 | neigh->nud_state = NUD_NOARP; | |
372 | memcpy(neigh->ha, dev->broadcast, dev->addr_len); | |
373 | } | |
374 | if (dev->hard_header_cache) | |
375 | neigh->ops = &ndisc_hh_ops; | |
376 | else | |
377 | neigh->ops = &ndisc_generic_ops; | |
378 | if (neigh->nud_state&NUD_VALID) | |
379 | neigh->output = neigh->ops->connected_output; | |
380 | else | |
381 | neigh->output = neigh->ops->output; | |
382 | } | |
383 | in6_dev_put(in6_dev); | |
384 | return 0; | |
385 | } | |
386 | ||
387 | static int pndisc_constructor(struct pneigh_entry *n) | |
388 | { | |
389 | struct in6_addr *addr = (struct in6_addr*)&n->key; | |
390 | struct in6_addr maddr; | |
391 | struct net_device *dev = n->dev; | |
392 | ||
393 | if (dev == NULL || __in6_dev_get(dev) == NULL) | |
394 | return -EINVAL; | |
395 | addrconf_addr_solict_mult(addr, &maddr); | |
396 | ipv6_dev_mc_inc(dev, &maddr); | |
397 | return 0; | |
398 | } | |
399 | ||
400 | static void pndisc_destructor(struct pneigh_entry *n) | |
401 | { | |
402 | struct in6_addr *addr = (struct in6_addr*)&n->key; | |
403 | struct in6_addr maddr; | |
404 | struct net_device *dev = n->dev; | |
405 | ||
406 | if (dev == NULL || __in6_dev_get(dev) == NULL) | |
407 | return; | |
408 | addrconf_addr_solict_mult(addr, &maddr); | |
409 | ipv6_dev_mc_dec(dev, &maddr); | |
410 | } | |
411 | ||
412 | /* | |
413 | * Send a Neighbour Advertisement | |
414 | */ | |
415 | ||
416 | static inline void ndisc_flow_init(struct flowi *fl, u8 type, | |
af184765 YH |
417 | struct in6_addr *saddr, struct in6_addr *daddr, |
418 | int oif) | |
1da177e4 LT |
419 | { |
420 | memset(fl, 0, sizeof(*fl)); | |
421 | ipv6_addr_copy(&fl->fl6_src, saddr); | |
422 | ipv6_addr_copy(&fl->fl6_dst, daddr); | |
423 | fl->proto = IPPROTO_ICMPV6; | |
424 | fl->fl_icmp_type = type; | |
425 | fl->fl_icmp_code = 0; | |
af184765 | 426 | fl->oif = oif; |
beb8d13b | 427 | security_sk_classify_flow(ndisc_socket->sk, fl); |
1da177e4 LT |
428 | } |
429 | ||
e1ec7842 YH |
430 | static void __ndisc_send(struct net_device *dev, |
431 | struct neighbour *neigh, | |
432 | struct in6_addr *daddr, struct in6_addr *saddr, | |
433 | struct icmp6hdr *icmp6h, struct in6_addr *target, | |
14878f75 | 434 | int llinfo) |
1da177e4 | 435 | { |
1da177e4 | 436 | struct flowi fl; |
e1ec7842 | 437 | struct dst_entry *dst; |
1ab1457c | 438 | struct sock *sk = ndisc_socket->sk; |
1ab1457c | 439 | struct sk_buff *skb; |
e1ec7842 YH |
440 | struct icmp6hdr *hdr; |
441 | struct inet6_dev *idev; | |
442 | int len; | |
1da177e4 | 443 | int err; |
14878f75 DS |
444 | u8 *opt, type; |
445 | ||
446 | type = icmp6h->icmp6_type; | |
1da177e4 | 447 | |
14878f75 | 448 | ndisc_flow_init(&fl, type, saddr, daddr, |
af184765 | 449 | dev->ifindex); |
1da177e4 LT |
450 | |
451 | dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output); | |
452 | if (!dst) | |
453 | return; | |
454 | ||
455 | err = xfrm_lookup(&dst, &fl, NULL, 0); | |
e104411b | 456 | if (err < 0) |
1da177e4 | 457 | return; |
1da177e4 | 458 | |
e1ec7842 YH |
459 | if (!dev->addr_len) |
460 | llinfo = 0; | |
461 | ||
462 | len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0); | |
463 | if (llinfo) | |
464 | len += ndisc_opt_addr_space(dev); | |
1da177e4 | 465 | |
d54a81d3 DM |
466 | skb = sock_alloc_send_skb(sk, |
467 | (MAX_HEADER + sizeof(struct ipv6hdr) + | |
468 | len + LL_RESERVED_SPACE(dev)), | |
1da177e4 | 469 | 1, &err); |
e1ec7842 | 470 | if (!skb) { |
1da177e4 | 471 | ND_PRINTK0(KERN_ERR |
e1ec7842 | 472 | "ICMPv6 ND: %s() failed to allocate an skb.\n", |
1da177e4 LT |
473 | __FUNCTION__); |
474 | dst_release(dst); | |
475 | return; | |
476 | } | |
477 | ||
478 | skb_reserve(skb, LL_RESERVED_SPACE(dev)); | |
e1ec7842 | 479 | ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len); |
1da177e4 | 480 | |
27a884dc | 481 | skb->transport_header = skb->tail; |
d10ba34b | 482 | skb_put(skb, len); |
1da177e4 | 483 | |
e1ec7842 YH |
484 | hdr = (struct icmp6hdr *)skb_transport_header(skb); |
485 | memcpy(hdr, icmp6h, sizeof(*hdr)); | |
1da177e4 | 486 | |
e1ec7842 YH |
487 | opt = skb_transport_header(skb) + sizeof(struct icmp6hdr); |
488 | if (target) { | |
489 | ipv6_addr_copy((struct in6_addr *)opt, target); | |
490 | opt += sizeof(*target); | |
491 | } | |
1da177e4 | 492 | |
e1ec7842 YH |
493 | if (llinfo) |
494 | ndisc_fill_addr_option(opt, llinfo, dev->dev_addr, | |
1da177e4 LT |
495 | dev->addr_len, dev->type); |
496 | ||
e1ec7842 YH |
497 | hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len, |
498 | IPPROTO_ICMPV6, | |
499 | csum_partial((__u8 *) hdr, | |
500 | len, 0)); | |
1da177e4 LT |
501 | |
502 | skb->dst = dst; | |
e1ec7842 | 503 | |
1da177e4 | 504 | idev = in6_dev_get(dst->dev); |
a11d206d | 505 | IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS); |
e1ec7842 | 506 | |
1da177e4 LT |
507 | err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output); |
508 | if (!err) { | |
14878f75 | 509 | ICMP6MSGOUT_INC_STATS(idev, type); |
1da177e4 LT |
510 | ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS); |
511 | } | |
512 | ||
513 | if (likely(idev != NULL)) | |
514 | in6_dev_put(idev); | |
1ab1457c | 515 | } |
1da177e4 | 516 | |
e1ec7842 YH |
517 | static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh, |
518 | struct in6_addr *daddr, struct in6_addr *solicited_addr, | |
519 | int router, int solicited, int override, int inc_opt) | |
520 | { | |
521 | struct in6_addr tmpaddr; | |
522 | struct inet6_ifaddr *ifp; | |
523 | struct in6_addr *src_addr; | |
524 | struct icmp6hdr icmp6h = { | |
525 | .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT, | |
526 | }; | |
527 | ||
528 | /* for anycast or proxy, solicited_addr != src_addr */ | |
529 | ifp = ipv6_get_ifaddr(solicited_addr, dev, 1); | |
530 | if (ifp) { | |
531 | src_addr = solicited_addr; | |
532 | if (ifp->flags & IFA_F_OPTIMISTIC) | |
533 | override = 0; | |
534 | in6_ifa_put(ifp); | |
535 | } else { | |
536 | if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr)) | |
537 | return; | |
538 | src_addr = &tmpaddr; | |
539 | } | |
540 | ||
541 | icmp6h.icmp6_router = router; | |
542 | icmp6h.icmp6_solicited = solicited; | |
543 | icmp6h.icmp6_override = override; | |
544 | ||
545 | __ndisc_send(dev, neigh, daddr, src_addr, | |
546 | &icmp6h, solicited_addr, | |
14878f75 | 547 | inc_opt ? ND_OPT_TARGET_LL_ADDR : 0); |
e1ec7842 YH |
548 | } |
549 | ||
1da177e4 LT |
550 | void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh, |
551 | struct in6_addr *solicit, | |
1ab1457c | 552 | struct in6_addr *daddr, struct in6_addr *saddr) |
1da177e4 | 553 | { |
1da177e4 | 554 | struct in6_addr addr_buf; |
e1ec7842 YH |
555 | struct icmp6hdr icmp6h = { |
556 | .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION, | |
557 | }; | |
1da177e4 LT |
558 | |
559 | if (saddr == NULL) { | |
95c385b4 NH |
560 | if (ipv6_get_lladdr(dev, &addr_buf, |
561 | (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))) | |
1da177e4 LT |
562 | return; |
563 | saddr = &addr_buf; | |
564 | } | |
565 | ||
e1ec7842 YH |
566 | __ndisc_send(dev, neigh, daddr, saddr, |
567 | &icmp6h, solicit, | |
14878f75 | 568 | !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0); |
1da177e4 LT |
569 | } |
570 | ||
571 | void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr, | |
572 | struct in6_addr *daddr) | |
573 | { | |
e1ec7842 YH |
574 | struct icmp6hdr icmp6h = { |
575 | .icmp6_type = NDISC_ROUTER_SOLICITATION, | |
576 | }; | |
95c385b4 | 577 | int send_sllao = dev->addr_len; |
95c385b4 NH |
578 | |
579 | #ifdef CONFIG_IPV6_OPTIMISTIC_DAD | |
580 | /* | |
581 | * According to section 2.2 of RFC 4429, we must not | |
582 | * send router solicitations with a sllao from | |
583 | * optimistic addresses, but we may send the solicitation | |
584 | * if we don't include the sllao. So here we check | |
585 | * if our address is optimistic, and if so, we | |
586 | * supress the inclusion of the sllao. | |
587 | */ | |
588 | if (send_sllao) { | |
ca043569 | 589 | struct inet6_ifaddr *ifp = ipv6_get_ifaddr(saddr, dev, 1); |
95c385b4 NH |
590 | if (ifp) { |
591 | if (ifp->flags & IFA_F_OPTIMISTIC) { | |
ca043569 | 592 | send_sllao = 0; |
95c385b4 | 593 | } |
ca043569 | 594 | in6_ifa_put(ifp); |
95c385b4 NH |
595 | } else { |
596 | send_sllao = 0; | |
597 | } | |
598 | } | |
599 | #endif | |
e1ec7842 YH |
600 | __ndisc_send(dev, NULL, daddr, saddr, |
601 | &icmp6h, NULL, | |
14878f75 | 602 | send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0); |
1da177e4 | 603 | } |
1ab1457c | 604 | |
1da177e4 LT |
605 | |
606 | static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb) | |
607 | { | |
608 | /* | |
609 | * "The sender MUST return an ICMP | |
610 | * destination unreachable" | |
611 | */ | |
612 | dst_link_failure(skb); | |
613 | kfree_skb(skb); | |
614 | } | |
615 | ||
616 | /* Called with locked neigh: either read or both */ | |
617 | ||
618 | static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb) | |
619 | { | |
620 | struct in6_addr *saddr = NULL; | |
621 | struct in6_addr mcaddr; | |
622 | struct net_device *dev = neigh->dev; | |
623 | struct in6_addr *target = (struct in6_addr *)&neigh->primary_key; | |
624 | int probes = atomic_read(&neigh->probes); | |
625 | ||
0660e03f ACM |
626 | if (skb && ipv6_chk_addr(&ipv6_hdr(skb)->saddr, dev, 1)) |
627 | saddr = &ipv6_hdr(skb)->saddr; | |
1da177e4 LT |
628 | |
629 | if ((probes -= neigh->parms->ucast_probes) < 0) { | |
630 | if (!(neigh->nud_state & NUD_VALID)) { | |
631 | ND_PRINTK1(KERN_DEBUG | |
632 | "%s(): trying to ucast probe in NUD_INVALID: " | |
46b86a2d | 633 | NIP6_FMT "\n", |
1da177e4 LT |
634 | __FUNCTION__, |
635 | NIP6(*target)); | |
636 | } | |
637 | ndisc_send_ns(dev, neigh, target, target, saddr); | |
638 | } else if ((probes -= neigh->parms->app_probes) < 0) { | |
639 | #ifdef CONFIG_ARPD | |
640 | neigh_app_ns(neigh); | |
641 | #endif | |
642 | } else { | |
643 | addrconf_addr_solict_mult(target, &mcaddr); | |
644 | ndisc_send_ns(dev, NULL, target, &mcaddr, saddr); | |
645 | } | |
646 | } | |
647 | ||
648 | static void ndisc_recv_ns(struct sk_buff *skb) | |
649 | { | |
9c70220b | 650 | struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb); |
0660e03f ACM |
651 | struct in6_addr *saddr = &ipv6_hdr(skb)->saddr; |
652 | struct in6_addr *daddr = &ipv6_hdr(skb)->daddr; | |
1da177e4 | 653 | u8 *lladdr = NULL; |
27a884dc ACM |
654 | u32 ndoptlen = skb->tail - (skb->transport_header + |
655 | offsetof(struct nd_msg, opt)); | |
1da177e4 LT |
656 | struct ndisc_options ndopts; |
657 | struct net_device *dev = skb->dev; | |
658 | struct inet6_ifaddr *ifp; | |
659 | struct inet6_dev *idev = NULL; | |
660 | struct neighbour *neigh; | |
62dd9318 | 661 | struct pneigh_entry *pneigh = NULL; |
1da177e4 LT |
662 | int dad = ipv6_addr_any(saddr); |
663 | int inc; | |
62dd9318 | 664 | int is_router; |
1da177e4 LT |
665 | |
666 | if (ipv6_addr_is_multicast(&msg->target)) { | |
1ab1457c | 667 | ND_PRINTK2(KERN_WARNING |
1da177e4 LT |
668 | "ICMPv6 NS: multicast target address"); |
669 | return; | |
670 | } | |
671 | ||
672 | /* | |
673 | * RFC2461 7.1.1: | |
674 | * DAD has to be destined for solicited node multicast address. | |
675 | */ | |
676 | if (dad && | |
677 | !(daddr->s6_addr32[0] == htonl(0xff020000) && | |
678 | daddr->s6_addr32[1] == htonl(0x00000000) && | |
679 | daddr->s6_addr32[2] == htonl(0x00000001) && | |
680 | daddr->s6_addr [12] == 0xff )) { | |
681 | ND_PRINTK2(KERN_WARNING | |
682 | "ICMPv6 NS: bad DAD packet (wrong destination)\n"); | |
683 | return; | |
684 | } | |
685 | ||
686 | if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) { | |
1ab1457c | 687 | ND_PRINTK2(KERN_WARNING |
1da177e4 LT |
688 | "ICMPv6 NS: invalid ND options\n"); |
689 | return; | |
690 | } | |
691 | ||
692 | if (ndopts.nd_opts_src_lladdr) { | |
693 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev); | |
694 | if (!lladdr) { | |
695 | ND_PRINTK2(KERN_WARNING | |
696 | "ICMPv6 NS: invalid link-layer address length\n"); | |
697 | return; | |
698 | } | |
699 | ||
700 | /* RFC2461 7.1.1: | |
1ab1457c YH |
701 | * If the IP source address is the unspecified address, |
702 | * there MUST NOT be source link-layer address option | |
1da177e4 LT |
703 | * in the message. |
704 | */ | |
705 | if (dad) { | |
1ab1457c | 706 | ND_PRINTK2(KERN_WARNING |
1da177e4 LT |
707 | "ICMPv6 NS: bad DAD packet (link-layer address option)\n"); |
708 | return; | |
709 | } | |
710 | } | |
711 | ||
712 | inc = ipv6_addr_is_multicast(daddr); | |
713 | ||
714 | if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) { | |
95c385b4 NH |
715 | |
716 | if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) { | |
717 | if (dad) { | |
718 | if (dev->type == ARPHRD_IEEE802_TR) { | |
98e399f8 ACM |
719 | const unsigned char *sadr; |
720 | sadr = skb_mac_header(skb); | |
95c385b4 NH |
721 | if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 && |
722 | sadr[9] == dev->dev_addr[1] && | |
723 | sadr[10] == dev->dev_addr[2] && | |
724 | sadr[11] == dev->dev_addr[3] && | |
725 | sadr[12] == dev->dev_addr[4] && | |
726 | sadr[13] == dev->dev_addr[5]) { | |
727 | /* looped-back to us */ | |
728 | goto out; | |
729 | } | |
730 | } | |
731 | ||
732 | /* | |
733 | * We are colliding with another node | |
734 | * who is doing DAD | |
735 | * so fail our DAD process | |
736 | */ | |
737 | addrconf_dad_failure(ifp); | |
9e3be4b3 | 738 | return; |
95c385b4 NH |
739 | } else { |
740 | /* | |
741 | * This is not a dad solicitation. | |
742 | * If we are an optimistic node, | |
743 | * we should respond. | |
744 | * Otherwise, we should ignore it. | |
745 | */ | |
746 | if (!(ifp->flags & IFA_F_OPTIMISTIC)) | |
1da177e4 | 747 | goto out; |
1da177e4 | 748 | } |
1da177e4 LT |
749 | } |
750 | ||
751 | idev = ifp->idev; | |
752 | } else { | |
753 | idev = in6_dev_get(dev); | |
754 | if (!idev) { | |
755 | /* XXX: count this drop? */ | |
756 | return; | |
757 | } | |
758 | ||
759 | if (ipv6_chk_acast_addr(dev, &msg->target) || | |
1ab1457c | 760 | (idev->cnf.forwarding && |
fbea49e1 | 761 | (ipv6_devconf.proxy_ndp || idev->cnf.proxy_ndp) && |
62dd9318 VN |
762 | (pneigh = pneigh_lookup(&nd_tbl, |
763 | &msg->target, dev, 0)) != NULL)) { | |
a61bbcf2 | 764 | if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) && |
1da177e4 LT |
765 | skb->pkt_type != PACKET_HOST && |
766 | inc != 0 && | |
767 | idev->nd_parms->proxy_delay != 0) { | |
768 | /* | |
769 | * for anycast or proxy, | |
1ab1457c YH |
770 | * sender should delay its response |
771 | * by a random time between 0 and | |
1da177e4 LT |
772 | * MAX_ANYCAST_DELAY_TIME seconds. |
773 | * (RFC2461) -- yoshfuji | |
774 | */ | |
775 | struct sk_buff *n = skb_clone(skb, GFP_ATOMIC); | |
776 | if (n) | |
777 | pneigh_enqueue(&nd_tbl, idev->nd_parms, n); | |
778 | goto out; | |
779 | } | |
780 | } else | |
781 | goto out; | |
782 | } | |
783 | ||
fc26d0ab | 784 | is_router = !!(pneigh ? pneigh->flags & NTF_ROUTER : idev->cnf.forwarding); |
62dd9318 | 785 | |
1da177e4 LT |
786 | if (dad) { |
787 | struct in6_addr maddr; | |
788 | ||
789 | ipv6_addr_all_nodes(&maddr); | |
790 | ndisc_send_na(dev, NULL, &maddr, &msg->target, | |
62dd9318 | 791 | is_router, 0, (ifp != NULL), 1); |
1da177e4 LT |
792 | goto out; |
793 | } | |
794 | ||
795 | if (inc) | |
796 | NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast); | |
797 | else | |
798 | NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast); | |
799 | ||
1ab1457c | 800 | /* |
1da177e4 LT |
801 | * update / create cache entry |
802 | * for the source address | |
803 | */ | |
804 | neigh = __neigh_lookup(&nd_tbl, saddr, dev, | |
805 | !inc || lladdr || !dev->addr_len); | |
806 | if (neigh) | |
1ab1457c | 807 | neigh_update(neigh, lladdr, NUD_STALE, |
1da177e4 LT |
808 | NEIGH_UPDATE_F_WEAK_OVERRIDE| |
809 | NEIGH_UPDATE_F_OVERRIDE); | |
810 | if (neigh || !dev->hard_header) { | |
811 | ndisc_send_na(dev, neigh, saddr, &msg->target, | |
62dd9318 | 812 | is_router, |
1da177e4 LT |
813 | 1, (ifp != NULL && inc), inc); |
814 | if (neigh) | |
815 | neigh_release(neigh); | |
816 | } | |
817 | ||
818 | out: | |
819 | if (ifp) | |
820 | in6_ifa_put(ifp); | |
821 | else | |
822 | in6_dev_put(idev); | |
823 | ||
824 | return; | |
825 | } | |
826 | ||
827 | static void ndisc_recv_na(struct sk_buff *skb) | |
828 | { | |
9c70220b | 829 | struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb); |
0660e03f ACM |
830 | struct in6_addr *saddr = &ipv6_hdr(skb)->saddr; |
831 | struct in6_addr *daddr = &ipv6_hdr(skb)->daddr; | |
1da177e4 | 832 | u8 *lladdr = NULL; |
27a884dc ACM |
833 | u32 ndoptlen = skb->tail - (skb->transport_header + |
834 | offsetof(struct nd_msg, opt)); | |
1da177e4 LT |
835 | struct ndisc_options ndopts; |
836 | struct net_device *dev = skb->dev; | |
837 | struct inet6_ifaddr *ifp; | |
838 | struct neighbour *neigh; | |
839 | ||
840 | if (skb->len < sizeof(struct nd_msg)) { | |
841 | ND_PRINTK2(KERN_WARNING | |
842 | "ICMPv6 NA: packet too short\n"); | |
843 | return; | |
844 | } | |
845 | ||
846 | if (ipv6_addr_is_multicast(&msg->target)) { | |
847 | ND_PRINTK2(KERN_WARNING | |
848 | "ICMPv6 NA: target address is multicast.\n"); | |
849 | return; | |
850 | } | |
851 | ||
852 | if (ipv6_addr_is_multicast(daddr) && | |
853 | msg->icmph.icmp6_solicited) { | |
854 | ND_PRINTK2(KERN_WARNING | |
855 | "ICMPv6 NA: solicited NA is multicasted.\n"); | |
856 | return; | |
857 | } | |
1ab1457c | 858 | |
1da177e4 LT |
859 | if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) { |
860 | ND_PRINTK2(KERN_WARNING | |
861 | "ICMPv6 NS: invalid ND option\n"); | |
862 | return; | |
863 | } | |
864 | if (ndopts.nd_opts_tgt_lladdr) { | |
865 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev); | |
866 | if (!lladdr) { | |
867 | ND_PRINTK2(KERN_WARNING | |
868 | "ICMPv6 NA: invalid link-layer address length\n"); | |
869 | return; | |
870 | } | |
871 | } | |
872 | if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1))) { | |
873 | if (ifp->flags & IFA_F_TENTATIVE) { | |
874 | addrconf_dad_failure(ifp); | |
875 | return; | |
876 | } | |
877 | /* What should we make now? The advertisement | |
878 | is invalid, but ndisc specs say nothing | |
879 | about it. It could be misconfiguration, or | |
880 | an smart proxy agent tries to help us :-) | |
881 | */ | |
882 | ND_PRINTK1(KERN_WARNING | |
883 | "ICMPv6 NA: someone advertises our address on %s!\n", | |
884 | ifp->idev->dev->name); | |
885 | in6_ifa_put(ifp); | |
886 | return; | |
887 | } | |
888 | neigh = neigh_lookup(&nd_tbl, &msg->target, dev); | |
889 | ||
890 | if (neigh) { | |
891 | u8 old_flags = neigh->flags; | |
892 | ||
893 | if (neigh->nud_state & NUD_FAILED) | |
894 | goto out; | |
895 | ||
5f3e6e9e VN |
896 | /* |
897 | * Don't update the neighbor cache entry on a proxy NA from | |
898 | * ourselves because either the proxied node is off link or it | |
899 | * has already sent a NA to us. | |
900 | */ | |
901 | if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) && | |
fbea49e1 YH |
902 | ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp && |
903 | pneigh_lookup(&nd_tbl, &msg->target, dev, 0)) { | |
904 | /* XXX: idev->cnf.prixy_ndp */ | |
5f3e6e9e | 905 | goto out; |
fbea49e1 | 906 | } |
5f3e6e9e | 907 | |
1da177e4 LT |
908 | neigh_update(neigh, lladdr, |
909 | msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE, | |
910 | NEIGH_UPDATE_F_WEAK_OVERRIDE| | |
911 | (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)| | |
912 | NEIGH_UPDATE_F_OVERRIDE_ISROUTER| | |
913 | (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0)); | |
914 | ||
915 | if ((old_flags & ~neigh->flags) & NTF_ROUTER) { | |
916 | /* | |
917 | * Change: router to host | |
918 | */ | |
919 | struct rt6_info *rt; | |
920 | rt = rt6_get_dflt_router(saddr, dev); | |
921 | if (rt) | |
e0a1ad73 | 922 | ip6_del_rt(rt); |
1da177e4 LT |
923 | } |
924 | ||
925 | out: | |
926 | neigh_release(neigh); | |
927 | } | |
928 | } | |
929 | ||
930 | static void ndisc_recv_rs(struct sk_buff *skb) | |
931 | { | |
9c70220b | 932 | struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb); |
1da177e4 LT |
933 | unsigned long ndoptlen = skb->len - sizeof(*rs_msg); |
934 | struct neighbour *neigh; | |
935 | struct inet6_dev *idev; | |
0660e03f | 936 | struct in6_addr *saddr = &ipv6_hdr(skb)->saddr; |
1da177e4 LT |
937 | struct ndisc_options ndopts; |
938 | u8 *lladdr = NULL; | |
939 | ||
940 | if (skb->len < sizeof(*rs_msg)) | |
941 | return; | |
942 | ||
943 | idev = in6_dev_get(skb->dev); | |
944 | if (!idev) { | |
945 | if (net_ratelimit()) | |
946 | ND_PRINTK1("ICMP6 RS: can't find in6 device\n"); | |
947 | return; | |
948 | } | |
949 | ||
950 | /* Don't accept RS if we're not in router mode */ | |
951 | if (!idev->cnf.forwarding) | |
952 | goto out; | |
953 | ||
954 | /* | |
955 | * Don't update NCE if src = ::; | |
956 | * this implies that the source node has no ip address assigned yet. | |
957 | */ | |
958 | if (ipv6_addr_any(saddr)) | |
959 | goto out; | |
960 | ||
961 | /* Parse ND options */ | |
962 | if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) { | |
963 | if (net_ratelimit()) | |
964 | ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n"); | |
965 | goto out; | |
966 | } | |
967 | ||
968 | if (ndopts.nd_opts_src_lladdr) { | |
969 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, | |
970 | skb->dev); | |
971 | if (!lladdr) | |
972 | goto out; | |
973 | } | |
974 | ||
975 | neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1); | |
976 | if (neigh) { | |
977 | neigh_update(neigh, lladdr, NUD_STALE, | |
978 | NEIGH_UPDATE_F_WEAK_OVERRIDE| | |
979 | NEIGH_UPDATE_F_OVERRIDE| | |
980 | NEIGH_UPDATE_F_OVERRIDE_ISROUTER); | |
981 | neigh_release(neigh); | |
982 | } | |
983 | out: | |
984 | in6_dev_put(idev); | |
985 | } | |
986 | ||
987 | static void ndisc_router_discovery(struct sk_buff *skb) | |
988 | { | |
9c70220b | 989 | struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb); |
1da177e4 LT |
990 | struct neighbour *neigh = NULL; |
991 | struct inet6_dev *in6_dev; | |
65f5c7c1 | 992 | struct rt6_info *rt = NULL; |
1da177e4 LT |
993 | int lifetime; |
994 | struct ndisc_options ndopts; | |
995 | int optlen; | |
ebacaaa0 | 996 | unsigned int pref = 0; |
1da177e4 LT |
997 | |
998 | __u8 * opt = (__u8 *)(ra_msg + 1); | |
999 | ||
27a884dc | 1000 | optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg); |
1da177e4 | 1001 | |
0660e03f | 1002 | if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) { |
1da177e4 LT |
1003 | ND_PRINTK2(KERN_WARNING |
1004 | "ICMPv6 RA: source address is not link-local.\n"); | |
1005 | return; | |
1006 | } | |
1007 | if (optlen < 0) { | |
1ab1457c | 1008 | ND_PRINTK2(KERN_WARNING |
1da177e4 LT |
1009 | "ICMPv6 RA: packet too short\n"); |
1010 | return; | |
1011 | } | |
1012 | ||
1013 | /* | |
1014 | * set the RA_RECV flag in the interface | |
1015 | */ | |
1016 | ||
1017 | in6_dev = in6_dev_get(skb->dev); | |
1018 | if (in6_dev == NULL) { | |
1019 | ND_PRINTK0(KERN_ERR | |
1020 | "ICMPv6 RA: can't find inet6 device for %s.\n", | |
1021 | skb->dev->name); | |
1022 | return; | |
1023 | } | |
1024 | if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) { | |
1025 | in6_dev_put(in6_dev); | |
1026 | return; | |
1027 | } | |
1028 | ||
1029 | if (!ndisc_parse_options(opt, optlen, &ndopts)) { | |
1030 | in6_dev_put(in6_dev); | |
1031 | ND_PRINTK2(KERN_WARNING | |
1032 | "ICMP6 RA: invalid ND options\n"); | |
1033 | return; | |
1034 | } | |
1035 | ||
1036 | if (in6_dev->if_flags & IF_RS_SENT) { | |
1037 | /* | |
1038 | * flag that an RA was received after an RS was sent | |
1039 | * out on this interface. | |
1040 | */ | |
1041 | in6_dev->if_flags |= IF_RA_RCVD; | |
1042 | } | |
1043 | ||
1044 | /* | |
1045 | * Remember the managed/otherconf flags from most recently | |
1046 | * received RA message (RFC 2462) -- yoshfuji | |
1047 | */ | |
1048 | in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED | | |
1049 | IF_RA_OTHERCONF)) | | |
1050 | (ra_msg->icmph.icmp6_addrconf_managed ? | |
1051 | IF_RA_MANAGED : 0) | | |
1052 | (ra_msg->icmph.icmp6_addrconf_other ? | |
1053 | IF_RA_OTHERCONF : 0); | |
1054 | ||
65f5c7c1 YH |
1055 | if (!in6_dev->cnf.accept_ra_defrtr) |
1056 | goto skip_defrtr; | |
1057 | ||
1da177e4 LT |
1058 | lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime); |
1059 | ||
ebacaaa0 YH |
1060 | #ifdef CONFIG_IPV6_ROUTER_PREF |
1061 | pref = ra_msg->icmph.icmp6_router_pref; | |
1062 | /* 10b is handled as if it were 00b (medium) */ | |
930d6ff2 | 1063 | if (pref == ICMPV6_ROUTER_PREF_INVALID || |
6d5b78cd | 1064 | !in6_dev->cnf.accept_ra_rtr_pref) |
ebacaaa0 YH |
1065 | pref = ICMPV6_ROUTER_PREF_MEDIUM; |
1066 | #endif | |
1067 | ||
0660e03f | 1068 | rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev); |
1da177e4 LT |
1069 | |
1070 | if (rt) | |
1071 | neigh = rt->rt6i_nexthop; | |
1072 | ||
1073 | if (rt && lifetime == 0) { | |
1074 | neigh_clone(neigh); | |
e0a1ad73 | 1075 | ip6_del_rt(rt); |
1da177e4 LT |
1076 | rt = NULL; |
1077 | } | |
1078 | ||
1079 | if (rt == NULL && lifetime) { | |
1080 | ND_PRINTK3(KERN_DEBUG | |
1081 | "ICMPv6 RA: adding default router.\n"); | |
1082 | ||
0660e03f | 1083 | rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref); |
1da177e4 LT |
1084 | if (rt == NULL) { |
1085 | ND_PRINTK0(KERN_ERR | |
1086 | "ICMPv6 RA: %s() failed to add default route.\n", | |
1087 | __FUNCTION__); | |
1088 | in6_dev_put(in6_dev); | |
1089 | return; | |
1090 | } | |
1091 | ||
1092 | neigh = rt->rt6i_nexthop; | |
1093 | if (neigh == NULL) { | |
1094 | ND_PRINTK0(KERN_ERR | |
1095 | "ICMPv6 RA: %s() got default router without neighbour.\n", | |
1096 | __FUNCTION__); | |
1097 | dst_release(&rt->u.dst); | |
1098 | in6_dev_put(in6_dev); | |
1099 | return; | |
1100 | } | |
1101 | neigh->flags |= NTF_ROUTER; | |
ebacaaa0 YH |
1102 | } else if (rt) { |
1103 | rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); | |
1da177e4 LT |
1104 | } |
1105 | ||
1106 | if (rt) | |
1107 | rt->rt6i_expires = jiffies + (HZ * lifetime); | |
1108 | ||
1109 | if (ra_msg->icmph.icmp6_hop_limit) { | |
1110 | in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit; | |
1111 | if (rt) | |
1112 | rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit; | |
1113 | } | |
1114 | ||
65f5c7c1 YH |
1115 | skip_defrtr: |
1116 | ||
1da177e4 LT |
1117 | /* |
1118 | * Update Reachable Time and Retrans Timer | |
1119 | */ | |
1120 | ||
1121 | if (in6_dev->nd_parms) { | |
1122 | unsigned long rtime = ntohl(ra_msg->retrans_timer); | |
1123 | ||
1124 | if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) { | |
1125 | rtime = (rtime*HZ)/1000; | |
1126 | if (rtime < HZ/10) | |
1127 | rtime = HZ/10; | |
1128 | in6_dev->nd_parms->retrans_time = rtime; | |
1129 | in6_dev->tstamp = jiffies; | |
1130 | inet6_ifinfo_notify(RTM_NEWLINK, in6_dev); | |
1131 | } | |
1132 | ||
1133 | rtime = ntohl(ra_msg->reachable_time); | |
1134 | if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) { | |
1135 | rtime = (rtime*HZ)/1000; | |
1136 | ||
1137 | if (rtime < HZ/10) | |
1138 | rtime = HZ/10; | |
1139 | ||
1140 | if (rtime != in6_dev->nd_parms->base_reachable_time) { | |
1141 | in6_dev->nd_parms->base_reachable_time = rtime; | |
1142 | in6_dev->nd_parms->gc_staletime = 3 * rtime; | |
1143 | in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime); | |
1144 | in6_dev->tstamp = jiffies; | |
1145 | inet6_ifinfo_notify(RTM_NEWLINK, in6_dev); | |
1146 | } | |
1147 | } | |
1148 | } | |
1149 | ||
1150 | /* | |
1151 | * Process options. | |
1152 | */ | |
1153 | ||
1154 | if (!neigh) | |
0660e03f | 1155 | neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr, |
1da177e4 LT |
1156 | skb->dev, 1); |
1157 | if (neigh) { | |
1158 | u8 *lladdr = NULL; | |
1159 | if (ndopts.nd_opts_src_lladdr) { | |
1160 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, | |
1161 | skb->dev); | |
1162 | if (!lladdr) { | |
1163 | ND_PRINTK2(KERN_WARNING | |
1164 | "ICMPv6 RA: invalid link-layer address length\n"); | |
1165 | goto out; | |
1166 | } | |
1167 | } | |
1168 | neigh_update(neigh, lladdr, NUD_STALE, | |
1169 | NEIGH_UPDATE_F_WEAK_OVERRIDE| | |
1170 | NEIGH_UPDATE_F_OVERRIDE| | |
1171 | NEIGH_UPDATE_F_OVERRIDE_ISROUTER| | |
1172 | NEIGH_UPDATE_F_ISROUTER); | |
1173 | } | |
1174 | ||
70ceb4f5 | 1175 | #ifdef CONFIG_IPV6_ROUTE_INFO |
09c884d4 | 1176 | if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) { |
70ceb4f5 YH |
1177 | struct nd_opt_hdr *p; |
1178 | for (p = ndopts.nd_opts_ri; | |
1179 | p; | |
1180 | p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) { | |
09c884d4 YH |
1181 | if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen) |
1182 | continue; | |
70ceb4f5 | 1183 | rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3, |
0660e03f | 1184 | &ipv6_hdr(skb)->saddr); |
70ceb4f5 YH |
1185 | } |
1186 | } | |
1187 | #endif | |
1188 | ||
c4fd30eb | 1189 | if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) { |
1da177e4 LT |
1190 | struct nd_opt_hdr *p; |
1191 | for (p = ndopts.nd_opts_pi; | |
1192 | p; | |
1193 | p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) { | |
1194 | addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3); | |
1195 | } | |
1196 | } | |
1197 | ||
1198 | if (ndopts.nd_opts_mtu) { | |
e69a4adc | 1199 | __be32 n; |
1da177e4 LT |
1200 | u32 mtu; |
1201 | ||
e69a4adc AV |
1202 | memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu)); |
1203 | mtu = ntohl(n); | |
1da177e4 LT |
1204 | |
1205 | if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) { | |
1206 | ND_PRINTK2(KERN_WARNING | |
1207 | "ICMPv6 RA: invalid mtu: %d\n", | |
1208 | mtu); | |
1209 | } else if (in6_dev->cnf.mtu6 != mtu) { | |
1210 | in6_dev->cnf.mtu6 = mtu; | |
1211 | ||
1212 | if (rt) | |
1213 | rt->u.dst.metrics[RTAX_MTU-1] = mtu; | |
1214 | ||
1215 | rt6_mtu_change(skb->dev, mtu); | |
1216 | } | |
1217 | } | |
1ab1457c | 1218 | |
1da177e4 LT |
1219 | if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) { |
1220 | ND_PRINTK2(KERN_WARNING | |
1221 | "ICMPv6 RA: invalid RA options"); | |
1222 | } | |
1223 | out: | |
1224 | if (rt) | |
1225 | dst_release(&rt->u.dst); | |
1226 | else if (neigh) | |
1227 | neigh_release(neigh); | |
1228 | in6_dev_put(in6_dev); | |
1229 | } | |
1230 | ||
1231 | static void ndisc_redirect_rcv(struct sk_buff *skb) | |
1232 | { | |
1233 | struct inet6_dev *in6_dev; | |
1234 | struct icmp6hdr *icmph; | |
1235 | struct in6_addr *dest; | |
1236 | struct in6_addr *target; /* new first hop to destination */ | |
1237 | struct neighbour *neigh; | |
1238 | int on_link = 0; | |
1239 | struct ndisc_options ndopts; | |
1240 | int optlen; | |
1241 | u8 *lladdr = NULL; | |
1242 | ||
0660e03f | 1243 | if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) { |
1da177e4 LT |
1244 | ND_PRINTK2(KERN_WARNING |
1245 | "ICMPv6 Redirect: source address is not link-local.\n"); | |
1246 | return; | |
1247 | } | |
1248 | ||
27a884dc | 1249 | optlen = skb->tail - skb->transport_header; |
1da177e4 LT |
1250 | optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr); |
1251 | ||
1252 | if (optlen < 0) { | |
1253 | ND_PRINTK2(KERN_WARNING | |
1254 | "ICMPv6 Redirect: packet too short\n"); | |
1255 | return; | |
1256 | } | |
1257 | ||
cc70ab26 | 1258 | icmph = icmp6_hdr(skb); |
1da177e4 LT |
1259 | target = (struct in6_addr *) (icmph + 1); |
1260 | dest = target + 1; | |
1261 | ||
1262 | if (ipv6_addr_is_multicast(dest)) { | |
1263 | ND_PRINTK2(KERN_WARNING | |
1264 | "ICMPv6 Redirect: destination address is multicast.\n"); | |
1265 | return; | |
1266 | } | |
1267 | ||
1268 | if (ipv6_addr_equal(dest, target)) { | |
1269 | on_link = 1; | |
bf0b48df BH |
1270 | } else if (ipv6_addr_type(target) != |
1271 | (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { | |
1ab1457c | 1272 | ND_PRINTK2(KERN_WARNING |
bf0b48df | 1273 | "ICMPv6 Redirect: target address is not link-local unicast.\n"); |
1da177e4 LT |
1274 | return; |
1275 | } | |
1276 | ||
1277 | in6_dev = in6_dev_get(skb->dev); | |
1278 | if (!in6_dev) | |
1279 | return; | |
1280 | if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) { | |
1281 | in6_dev_put(in6_dev); | |
1282 | return; | |
1283 | } | |
1284 | ||
1ab1457c | 1285 | /* RFC2461 8.1: |
1da177e4 LT |
1286 | * The IP source address of the Redirect MUST be the same as the current |
1287 | * first-hop router for the specified ICMP Destination Address. | |
1288 | */ | |
1ab1457c | 1289 | |
1da177e4 LT |
1290 | if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) { |
1291 | ND_PRINTK2(KERN_WARNING | |
1292 | "ICMPv6 Redirect: invalid ND options\n"); | |
1293 | in6_dev_put(in6_dev); | |
1294 | return; | |
1295 | } | |
1296 | if (ndopts.nd_opts_tgt_lladdr) { | |
1297 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, | |
1298 | skb->dev); | |
1299 | if (!lladdr) { | |
1300 | ND_PRINTK2(KERN_WARNING | |
1301 | "ICMPv6 Redirect: invalid link-layer address length\n"); | |
1302 | in6_dev_put(in6_dev); | |
1303 | return; | |
1304 | } | |
1305 | } | |
1306 | ||
1307 | neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1); | |
1308 | if (neigh) { | |
0660e03f ACM |
1309 | rt6_redirect(dest, &ipv6_hdr(skb)->daddr, |
1310 | &ipv6_hdr(skb)->saddr, neigh, lladdr, | |
1da177e4 LT |
1311 | on_link); |
1312 | neigh_release(neigh); | |
1313 | } | |
1314 | in6_dev_put(in6_dev); | |
1315 | } | |
1316 | ||
1317 | void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh, | |
1318 | struct in6_addr *target) | |
1319 | { | |
1320 | struct sock *sk = ndisc_socket->sk; | |
1321 | int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr); | |
1322 | struct sk_buff *buff; | |
1323 | struct icmp6hdr *icmph; | |
1324 | struct in6_addr saddr_buf; | |
1325 | struct in6_addr *addrp; | |
1326 | struct net_device *dev; | |
1327 | struct rt6_info *rt; | |
1328 | struct dst_entry *dst; | |
1329 | struct inet6_dev *idev; | |
1330 | struct flowi fl; | |
1331 | u8 *opt; | |
1332 | int rd_len; | |
1333 | int err; | |
1334 | int hlen; | |
1335 | u8 ha_buf[MAX_ADDR_LEN], *ha = NULL; | |
1336 | ||
1337 | dev = skb->dev; | |
1338 | ||
95c385b4 | 1339 | if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) { |
1da177e4 LT |
1340 | ND_PRINTK2(KERN_WARNING |
1341 | "ICMPv6 Redirect: no link-local address on %s\n", | |
1342 | dev->name); | |
1ab1457c YH |
1343 | return; |
1344 | } | |
1da177e4 | 1345 | |
0660e03f | 1346 | if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) && |
bf0b48df | 1347 | ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { |
29556526 | 1348 | ND_PRINTK2(KERN_WARNING |
bf0b48df | 1349 | "ICMPv6 Redirect: target address is not link-local unicast.\n"); |
29556526 LY |
1350 | return; |
1351 | } | |
1352 | ||
0660e03f | 1353 | ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &ipv6_hdr(skb)->saddr, |
af184765 | 1354 | dev->ifindex); |
1da177e4 LT |
1355 | |
1356 | dst = ip6_route_output(NULL, &fl); | |
1357 | if (dst == NULL) | |
1358 | return; | |
1359 | ||
1360 | err = xfrm_lookup(&dst, &fl, NULL, 0); | |
e104411b | 1361 | if (err) |
1da177e4 | 1362 | return; |
1da177e4 LT |
1363 | |
1364 | rt = (struct rt6_info *) dst; | |
1365 | ||
1366 | if (rt->rt6i_flags & RTF_GATEWAY) { | |
1367 | ND_PRINTK2(KERN_WARNING | |
1368 | "ICMPv6 Redirect: destination is not a neighbour.\n"); | |
1369 | dst_release(dst); | |
1370 | return; | |
1371 | } | |
1372 | if (!xrlim_allow(dst, 1*HZ)) { | |
1373 | dst_release(dst); | |
1374 | return; | |
1375 | } | |
1376 | ||
1377 | if (dev->addr_len) { | |
1378 | read_lock_bh(&neigh->lock); | |
1379 | if (neigh->nud_state & NUD_VALID) { | |
1380 | memcpy(ha_buf, neigh->ha, dev->addr_len); | |
1381 | read_unlock_bh(&neigh->lock); | |
1382 | ha = ha_buf; | |
1383 | len += ndisc_opt_addr_space(dev); | |
1384 | } else | |
1385 | read_unlock_bh(&neigh->lock); | |
1386 | } | |
1387 | ||
1388 | rd_len = min_t(unsigned int, | |
1389 | IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8); | |
1390 | rd_len &= ~0x7; | |
1391 | len += rd_len; | |
1392 | ||
d54a81d3 DM |
1393 | buff = sock_alloc_send_skb(sk, |
1394 | (MAX_HEADER + sizeof(struct ipv6hdr) + | |
1395 | len + LL_RESERVED_SPACE(dev)), | |
1da177e4 LT |
1396 | 1, &err); |
1397 | if (buff == NULL) { | |
1398 | ND_PRINTK0(KERN_ERR | |
1399 | "ICMPv6 Redirect: %s() failed to allocate an skb.\n", | |
1400 | __FUNCTION__); | |
1401 | dst_release(dst); | |
1402 | return; | |
1403 | } | |
1404 | ||
1405 | hlen = 0; | |
1406 | ||
1407 | skb_reserve(buff, LL_RESERVED_SPACE(dev)); | |
0660e03f | 1408 | ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr, |
1da177e4 LT |
1409 | IPPROTO_ICMPV6, len); |
1410 | ||
27a884dc | 1411 | skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data); |
d10ba34b ACM |
1412 | skb_put(buff, len); |
1413 | icmph = icmp6_hdr(buff); | |
1da177e4 LT |
1414 | |
1415 | memset(icmph, 0, sizeof(struct icmp6hdr)); | |
1416 | icmph->icmp6_type = NDISC_REDIRECT; | |
1417 | ||
1418 | /* | |
1419 | * copy target and destination addresses | |
1420 | */ | |
1421 | ||
1422 | addrp = (struct in6_addr *)(icmph + 1); | |
1423 | ipv6_addr_copy(addrp, target); | |
1424 | addrp++; | |
0660e03f | 1425 | ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr); |
1da177e4 LT |
1426 | |
1427 | opt = (u8*) (addrp + 1); | |
1428 | ||
1429 | /* | |
1430 | * include target_address option | |
1431 | */ | |
1432 | ||
1433 | if (ha) | |
1434 | opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha, | |
1435 | dev->addr_len, dev->type); | |
1436 | ||
1437 | /* | |
1438 | * build redirect option and copy skb over to the new packet. | |
1439 | */ | |
1440 | ||
1ab1457c | 1441 | memset(opt, 0, 8); |
1da177e4 LT |
1442 | *(opt++) = ND_OPT_REDIRECT_HDR; |
1443 | *(opt++) = (rd_len >> 3); | |
1444 | opt += 6; | |
1445 | ||
0660e03f | 1446 | memcpy(opt, ipv6_hdr(skb), rd_len - 8); |
1da177e4 | 1447 | |
0660e03f | 1448 | icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr, |
1da177e4 LT |
1449 | len, IPPROTO_ICMPV6, |
1450 | csum_partial((u8 *) icmph, len, 0)); | |
1451 | ||
1452 | buff->dst = dst; | |
1453 | idev = in6_dev_get(dst->dev); | |
a11d206d | 1454 | IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS); |
1da177e4 LT |
1455 | err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, buff, NULL, dst->dev, dst_output); |
1456 | if (!err) { | |
14878f75 | 1457 | ICMP6MSGOUT_INC_STATS(idev, NDISC_REDIRECT); |
1da177e4 LT |
1458 | ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS); |
1459 | } | |
1460 | ||
1461 | if (likely(idev != NULL)) | |
1462 | in6_dev_put(idev); | |
1463 | } | |
1464 | ||
1465 | static void pndisc_redo(struct sk_buff *skb) | |
1466 | { | |
140e26fc | 1467 | ndisc_recv_ns(skb); |
1da177e4 LT |
1468 | kfree_skb(skb); |
1469 | } | |
1470 | ||
1471 | int ndisc_rcv(struct sk_buff *skb) | |
1472 | { | |
1473 | struct nd_msg *msg; | |
1474 | ||
1475 | if (!pskb_may_pull(skb, skb->len)) | |
1476 | return 0; | |
1477 | ||
9c70220b | 1478 | msg = (struct nd_msg *)skb_transport_header(skb); |
1da177e4 | 1479 | |
9c70220b | 1480 | __skb_push(skb, skb->data - skb_transport_header(skb)); |
1da177e4 | 1481 | |
0660e03f | 1482 | if (ipv6_hdr(skb)->hop_limit != 255) { |
1da177e4 LT |
1483 | ND_PRINTK2(KERN_WARNING |
1484 | "ICMPv6 NDISC: invalid hop-limit: %d\n", | |
0660e03f | 1485 | ipv6_hdr(skb)->hop_limit); |
1da177e4 LT |
1486 | return 0; |
1487 | } | |
1488 | ||
1489 | if (msg->icmph.icmp6_code != 0) { | |
1ab1457c | 1490 | ND_PRINTK2(KERN_WARNING |
1da177e4 LT |
1491 | "ICMPv6 NDISC: invalid ICMPv6 code: %d\n", |
1492 | msg->icmph.icmp6_code); | |
1493 | return 0; | |
1494 | } | |
1495 | ||
a61bbcf2 PM |
1496 | memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb)); |
1497 | ||
1da177e4 LT |
1498 | switch (msg->icmph.icmp6_type) { |
1499 | case NDISC_NEIGHBOUR_SOLICITATION: | |
1500 | ndisc_recv_ns(skb); | |
1501 | break; | |
1502 | ||
1503 | case NDISC_NEIGHBOUR_ADVERTISEMENT: | |
1504 | ndisc_recv_na(skb); | |
1505 | break; | |
1506 | ||
1507 | case NDISC_ROUTER_SOLICITATION: | |
1508 | ndisc_recv_rs(skb); | |
1509 | break; | |
1510 | ||
1511 | case NDISC_ROUTER_ADVERTISEMENT: | |
1512 | ndisc_router_discovery(skb); | |
1513 | break; | |
1514 | ||
1515 | case NDISC_REDIRECT: | |
1516 | ndisc_redirect_rcv(skb); | |
1517 | break; | |
3ff50b79 | 1518 | } |
1da177e4 LT |
1519 | |
1520 | return 0; | |
1521 | } | |
1522 | ||
1523 | static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr) | |
1524 | { | |
1525 | struct net_device *dev = ptr; | |
1526 | ||
e9dc8653 EB |
1527 | if (dev->nd_net != &init_net) |
1528 | return NOTIFY_DONE; | |
1529 | ||
1da177e4 LT |
1530 | switch (event) { |
1531 | case NETDEV_CHANGEADDR: | |
1532 | neigh_changeaddr(&nd_tbl, dev); | |
1533 | fib6_run_gc(~0UL); | |
1534 | break; | |
1535 | case NETDEV_DOWN: | |
1536 | neigh_ifdown(&nd_tbl, dev); | |
1537 | fib6_run_gc(~0UL); | |
1538 | break; | |
1539 | default: | |
1540 | break; | |
1541 | } | |
1542 | ||
1543 | return NOTIFY_DONE; | |
1544 | } | |
1545 | ||
1546 | static struct notifier_block ndisc_netdev_notifier = { | |
1547 | .notifier_call = ndisc_netdev_event, | |
1548 | }; | |
1549 | ||
1550 | #ifdef CONFIG_SYSCTL | |
1551 | static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl, | |
1552 | const char *func, const char *dev_name) | |
1553 | { | |
1554 | static char warncomm[TASK_COMM_LEN]; | |
1555 | static int warned; | |
1556 | if (strcmp(warncomm, current->comm) && warned < 5) { | |
1557 | strcpy(warncomm, current->comm); | |
1558 | printk(KERN_WARNING | |
1559 | "process `%s' is using deprecated sysctl (%s) " | |
1560 | "net.ipv6.neigh.%s.%s; " | |
1561 | "Use net.ipv6.neigh.%s.%s_ms " | |
1562 | "instead.\n", | |
1563 | warncomm, func, | |
1564 | dev_name, ctl->procname, | |
1565 | dev_name, ctl->procname); | |
1566 | warned++; | |
1567 | } | |
1568 | } | |
1569 | ||
1570 | int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos) | |
1571 | { | |
1572 | struct net_device *dev = ctl->extra1; | |
1573 | struct inet6_dev *idev; | |
1574 | int ret; | |
1575 | ||
1576 | if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME || | |
1577 | ctl->ctl_name == NET_NEIGH_REACHABLE_TIME) | |
1578 | ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default"); | |
1579 | ||
1580 | switch (ctl->ctl_name) { | |
1581 | case NET_NEIGH_RETRANS_TIME: | |
1582 | ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos); | |
1583 | break; | |
1584 | case NET_NEIGH_REACHABLE_TIME: | |
1585 | ret = proc_dointvec_jiffies(ctl, write, | |
1586 | filp, buffer, lenp, ppos); | |
1587 | break; | |
1588 | case NET_NEIGH_RETRANS_TIME_MS: | |
1589 | case NET_NEIGH_REACHABLE_TIME_MS: | |
1590 | ret = proc_dointvec_ms_jiffies(ctl, write, | |
1591 | filp, buffer, lenp, ppos); | |
1592 | break; | |
1593 | default: | |
1594 | ret = -1; | |
1595 | } | |
1596 | ||
1597 | if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) { | |
1598 | if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME || | |
1599 | ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS) | |
1600 | idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time); | |
1601 | idev->tstamp = jiffies; | |
1602 | inet6_ifinfo_notify(RTM_NEWLINK, idev); | |
1603 | in6_dev_put(idev); | |
1604 | } | |
1605 | return ret; | |
1606 | } | |
1607 | ||
1608 | static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name, | |
1609 | int nlen, void __user *oldval, | |
1610 | size_t __user *oldlenp, | |
1f29bcd7 | 1611 | void __user *newval, size_t newlen) |
1da177e4 LT |
1612 | { |
1613 | struct net_device *dev = ctl->extra1; | |
1614 | struct inet6_dev *idev; | |
1615 | int ret; | |
1616 | ||
1617 | if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME || | |
1618 | ctl->ctl_name == NET_NEIGH_REACHABLE_TIME) | |
1619 | ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default"); | |
1620 | ||
1621 | switch (ctl->ctl_name) { | |
1622 | case NET_NEIGH_REACHABLE_TIME: | |
1623 | ret = sysctl_jiffies(ctl, name, nlen, | |
1f29bcd7 | 1624 | oldval, oldlenp, newval, newlen); |
1da177e4 LT |
1625 | break; |
1626 | case NET_NEIGH_RETRANS_TIME_MS: | |
1627 | case NET_NEIGH_REACHABLE_TIME_MS: | |
1628 | ret = sysctl_ms_jiffies(ctl, name, nlen, | |
1f29bcd7 | 1629 | oldval, oldlenp, newval, newlen); |
1da177e4 LT |
1630 | break; |
1631 | default: | |
1632 | ret = 0; | |
1633 | } | |
1634 | ||
1635 | if (newval && newlen && ret > 0 && | |
1636 | dev && (idev = in6_dev_get(dev)) != NULL) { | |
1637 | if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME || | |
1638 | ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS) | |
1639 | idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time); | |
1640 | idev->tstamp = jiffies; | |
1641 | inet6_ifinfo_notify(RTM_NEWLINK, idev); | |
1642 | in6_dev_put(idev); | |
1643 | } | |
1644 | ||
1645 | return ret; | |
1646 | } | |
1647 | ||
1648 | #endif | |
1649 | ||
1650 | int __init ndisc_init(struct net_proto_family *ops) | |
1651 | { | |
1652 | struct ipv6_pinfo *np; | |
1653 | struct sock *sk; | |
1ab1457c | 1654 | int err; |
1da177e4 LT |
1655 | |
1656 | err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket); | |
1657 | if (err < 0) { | |
1658 | ND_PRINTK0(KERN_ERR | |
1ab1457c | 1659 | "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n", |
1da177e4 LT |
1660 | err); |
1661 | ndisc_socket = NULL; /* For safety. */ | |
1662 | return err; | |
1663 | } | |
1664 | ||
1665 | sk = ndisc_socket->sk; | |
1666 | np = inet6_sk(sk); | |
1667 | sk->sk_allocation = GFP_ATOMIC; | |
1668 | np->hop_limit = 255; | |
1669 | /* Do not loopback ndisc messages */ | |
1670 | np->mc_loop = 0; | |
1671 | sk->sk_prot->unhash(sk); | |
1672 | ||
1ab1457c YH |
1673 | /* |
1674 | * Initialize the neighbour table | |
1675 | */ | |
1676 | ||
1da177e4 LT |
1677 | neigh_table_init(&nd_tbl); |
1678 | ||
1679 | #ifdef CONFIG_SYSCTL | |
1ab1457c | 1680 | neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH, |
1da177e4 LT |
1681 | "ipv6", |
1682 | &ndisc_ifinfo_sysctl_change, | |
1683 | &ndisc_ifinfo_sysctl_strategy); | |
1684 | #endif | |
1685 | ||
1686 | register_netdevice_notifier(&ndisc_netdev_notifier); | |
1687 | return 0; | |
1688 | } | |
1689 | ||
1690 | void ndisc_cleanup(void) | |
1691 | { | |
36f73d0c | 1692 | unregister_netdevice_notifier(&ndisc_netdev_notifier); |
1da177e4 LT |
1693 | #ifdef CONFIG_SYSCTL |
1694 | neigh_sysctl_unregister(&nd_tbl.parms); | |
1695 | #endif | |
1696 | neigh_table_clear(&nd_tbl); | |
1697 | sock_release(ndisc_socket); | |
1698 | ndisc_socket = NULL; /* For safety. */ | |
1699 | } |