projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[NET]: Wrap hard_header_parse
[linux-block.git] / net / ipv6 / ndisc.c
CommitLineData
1da177e4
LT		 1/*
2 * Neighbour Discovery for IPv6
1ab1457c 3 * Linux INET6 implementation
1da177e4
LT		 4 *
5 * Authors:
1ab1457c 6 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4
LT		 7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15/*
16 * Changes:
17 *
18 * Lars Fenneberg : fixed MTU setting on receipt
19 * of an RA.
20 *
21 * Janos Farkas : kmalloc failure checks
22 * Alexey Kuznetsov : state machine reworked
23 * and moved to net/core.
24 * Pekka Savola : RFC2461 validation
25 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
26 */
27
28/* Set to 3 to get tracing... */
29#define ND_DEBUG 1
30
31#define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
32#define ND_NOPRINTK(x...) do { ; } while(0)
33#define ND_PRINTK0 ND_PRINTK
34#define ND_PRINTK1 ND_NOPRINTK
35#define ND_PRINTK2 ND_NOPRINTK
36#define ND_PRINTK3 ND_NOPRINTK
37#if ND_DEBUG >= 1
38#undef ND_PRINTK1
39#define ND_PRINTK1 ND_PRINTK
40#endif
41#if ND_DEBUG >= 2
42#undef ND_PRINTK2
43#define ND_PRINTK2 ND_PRINTK
44#endif
45#if ND_DEBUG >= 3
46#undef ND_PRINTK3
47#define ND_PRINTK3 ND_PRINTK
48#endif
49
50#include <linux/module.h>
1da177e4
LT		 51#include <linux/errno.h>
52#include <linux/types.h>
53#include <linux/socket.h>
54#include <linux/sockios.h>
55#include <linux/sched.h>
56#include <linux/net.h>
57#include <linux/in6.h>
58#include <linux/route.h>
59#include <linux/init.h>
60#include <linux/rcupdate.h>
61#ifdef CONFIG_SYSCTL
62#include <linux/sysctl.h>
63#endif
64
1823730f 65#include <linux/if_addr.h>
1da177e4
LT		 66#include <linux/if_arp.h>
67#include <linux/ipv6.h>
68#include <linux/icmpv6.h>
69#include <linux/jhash.h>
70
71#include <net/sock.h>
72#include <net/snmp.h>
73
74#include <net/ipv6.h>
75#include <net/protocol.h>
76#include <net/ndisc.h>
77#include <net/ip6_route.h>
78#include <net/addrconf.h>
79#include <net/icmp.h>
80
81#include <net/flow.h>
82#include <net/ip6_checksum.h>
83#include <linux/proc_fs.h>
84
85#include <linux/netfilter.h>
86#include <linux/netfilter_ipv6.h>
87
88static struct socket *ndisc_socket;
89
90static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
91static int ndisc_constructor(struct neighbour *neigh);
92static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
93static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
94static int pndisc_constructor(struct pneigh_entry *n);
95static void pndisc_destructor(struct pneigh_entry *n);
96static void pndisc_redo(struct sk_buff *skb);
97
98static struct neigh_ops ndisc_generic_ops = {
99 .family = AF_INET6,
100 .solicit = ndisc_solicit,
101 .error_report = ndisc_error_report,
102 .output = neigh_resolve_output,
103 .connected_output = neigh_connected_output,
104 .hh_output = dev_queue_xmit,
105 .queue_xmit = dev_queue_xmit,
106};
107
108static struct neigh_ops ndisc_hh_ops = {
109 .family = AF_INET6,
110 .solicit = ndisc_solicit,
111 .error_report = ndisc_error_report,
112 .output = neigh_resolve_output,
113 .connected_output = neigh_resolve_output,
114 .hh_output = dev_queue_xmit,
115 .queue_xmit = dev_queue_xmit,
116};
117
118
119static struct neigh_ops ndisc_direct_ops = {
120 .family = AF_INET6,
121 .output = dev_queue_xmit,
122 .connected_output = dev_queue_xmit,
123 .hh_output = dev_queue_xmit,
124 .queue_xmit = dev_queue_xmit,
125};
126
127struct neigh_table nd_tbl = {
128 .family = AF_INET6,
129 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
130 .key_len = sizeof(struct in6_addr),
131 .hash = ndisc_hash,
132 .constructor = ndisc_constructor,
133 .pconstructor = pndisc_constructor,
134 .pdestructor = pndisc_destructor,
135 .proxy_redo = pndisc_redo,
136 .id = "ndisc_cache",
137 .parms = {
138 .tbl = &nd_tbl,
139 .base_reachable_time = 30 * HZ,
140 .retrans_time = 1 * HZ,
141 .gc_staletime = 60 * HZ,
142 .reachable_time = 30 * HZ,
143 .delay_probe_time = 5 * HZ,
144 .queue_len = 3,
145 .ucast_probes = 3,
146 .mcast_probes = 3,
147 .anycast_delay = 1 * HZ,
148 .proxy_delay = (8 * HZ) / 10,
149 .proxy_qlen = 64,
150 },
151 .gc_interval = 30 * HZ,
152 .gc_thresh1 = 128,
153 .gc_thresh2 = 512,
154 .gc_thresh3 = 1024,
155};
156
157/* ND options */
158struct ndisc_options {
70ceb4f5
YH		 159 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
160#ifdef CONFIG_IPV6_ROUTE_INFO
161 struct nd_opt_hdr *nd_opts_ri;
162 struct nd_opt_hdr *nd_opts_ri_end;
163#endif
1da177e4
LT		 164};
165
166#define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
167#define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
168#define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
169#define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
170#define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
171#define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
172
173#define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
174
175/*
176 * Return the padding between the option length and the start of the
177 * link addr. Currently only IP-over-InfiniBand needs this, although
178 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
179 * also need a pad of 2.
180 */
181static int ndisc_addr_option_pad(unsigned short type)
182{
183 switch (type) {
184 case ARPHRD_INFINIBAND: return 2;
185 default: return 0;
186 }
187}
188
189static inline int ndisc_opt_addr_space(struct net_device *dev)
190{
191 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
192}
193
194static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
195 unsigned short addr_type)
196{
197 int space = NDISC_OPT_SPACE(data_len);
198 int pad = ndisc_addr_option_pad(addr_type);
199
200 opt[0] = type;
201 opt[1] = space>>3;
202
203 memset(opt + 2, 0, pad);
204 opt += pad;
205 space -= pad;
206
207 memcpy(opt+2, data, data_len);
208 data_len += 2;
209 opt += data_len;
210 if ((space -= data_len) > 0)
211 memset(opt, 0, space);
212 return opt + space;
213}
214
215static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
216 struct nd_opt_hdr *end)
217{
218 int type;
219 if (!cur || !end || cur >= end)
220 return NULL;
221 type = cur->nd_opt_type;
222 do {
223 cur = ((void *)cur) + (cur->nd_opt_len << 3);
224 } while(cur < end && cur->nd_opt_type != type);
225 return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
226}
227
228static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
229 struct ndisc_options *ndopts)
230{
231 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
232
233 if (!nd_opt || opt_len < 0 || !ndopts)
234 return NULL;
235 memset(ndopts, 0, sizeof(*ndopts));
236 while (opt_len) {
237 int l;
238 if (opt_len < sizeof(struct nd_opt_hdr))
239 return NULL;
240 l = nd_opt->nd_opt_len << 3;
241 if (opt_len < l || l == 0)
242 return NULL;
243 switch (nd_opt->nd_opt_type) {
244 case ND_OPT_SOURCE_LL_ADDR:
245 case ND_OPT_TARGET_LL_ADDR:
246 case ND_OPT_MTU:
247 case ND_OPT_REDIRECT_HDR:
248 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
249 ND_PRINTK2(KERN_WARNING
250 "%s(): duplicated ND6 option found: type=%d\n",
251 __FUNCTION__,
252 nd_opt->nd_opt_type);
253 } else {
254 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
255 }
256 break;
257 case ND_OPT_PREFIX_INFO:
258 ndopts->nd_opts_pi_end = nd_opt;
259 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0)
260 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
261 break;
70ceb4f5
YH		 262#ifdef CONFIG_IPV6_ROUTE_INFO
263 case ND_OPT_ROUTE_INFO:
264 ndopts->nd_opts_ri_end = nd_opt;
265 if (!ndopts->nd_opts_ri)
266 ndopts->nd_opts_ri = nd_opt;
267 break;
268#endif
1da177e4
LT		 269 default:
270 /*
271 * Unknown options must be silently ignored,
272 * to accommodate future extension to the protocol.
273 */
274 ND_PRINTK2(KERN_NOTICE
275 "%s(): ignored unsupported option; type=%d, len=%d\n",
276 __FUNCTION__,
277 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
278 }
279 opt_len -= l;
280 nd_opt = ((void *)nd_opt) + l;
281 }
282 return ndopts;
283}
284
285static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
286 struct net_device *dev)
287{
288 u8 *lladdr = (u8 *)(p + 1);
289 int lladdrlen = p->nd_opt_len << 3;
290 int prepad = ndisc_addr_option_pad(dev->type);
291 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
292 return NULL;
293 return (lladdr + prepad);
294}
295
296int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
297{
298 switch (dev->type) {
299 case ARPHRD_ETHER:
300 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
301 case ARPHRD_FDDI:
302 ipv6_eth_mc_map(addr, buf);
303 return 0;
304 case ARPHRD_IEEE802_TR:
305 ipv6_tr_mc_map(addr,buf);
306 return 0;
307 case ARPHRD_ARCNET:
308 ipv6_arcnet_mc_map(addr, buf);
309 return 0;
310 case ARPHRD_INFINIBAND:
311 ipv6_ib_mc_map(addr, buf);
312 return 0;
313 default:
314 if (dir) {
315 memcpy(buf, dev->broadcast, dev->addr_len);
316 return 0;
317 }
318 }
319 return -EINVAL;
320}
321
7159039a
YH		 322EXPORT_SYMBOL(ndisc_mc_map);
323
1da177e4
LT		 324static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
325{
326 const u32 *p32 = pkey;
327 u32 addr_hash, i;
328
329 addr_hash = 0;
330 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
331 addr_hash ^= *p32++;
332
333 return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
334}
335
336static int ndisc_constructor(struct neighbour *neigh)
337{
338 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
339 struct net_device *dev = neigh->dev;
340 struct inet6_dev *in6_dev;
341 struct neigh_parms *parms;
342 int is_multicast = ipv6_addr_is_multicast(addr);
343
344 rcu_read_lock();
345 in6_dev = in6_dev_get(dev);
346 if (in6_dev == NULL) {
347 rcu_read_unlock();
348 return -EINVAL;
349 }
350
351 parms = in6_dev->nd_parms;
352 __neigh_parms_put(neigh->parms);
353 neigh->parms = neigh_parms_clone(parms);
354 rcu_read_unlock();
355
356 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
357 if (dev->hard_header == NULL) {
358 neigh->nud_state = NUD_NOARP;
359 neigh->ops = &ndisc_direct_ops;
360 neigh->output = neigh->ops->queue_xmit;
361 } else {
362 if (is_multicast) {
363 neigh->nud_state = NUD_NOARP;
364 ndisc_mc_map(addr, neigh->ha, dev, 1);
365 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
366 neigh->nud_state = NUD_NOARP;
367 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
368 if (dev->flags&IFF_LOOPBACK)
369 neigh->type = RTN_LOCAL;
370 } else if (dev->flags&IFF_POINTOPOINT) {
371 neigh->nud_state = NUD_NOARP;
372 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
373 }
374 if (dev->hard_header_cache)
375 neigh->ops = &ndisc_hh_ops;
376 else
377 neigh->ops = &ndisc_generic_ops;
378 if (neigh->nud_state&NUD_VALID)
379 neigh->output = neigh->ops->connected_output;
380 else
381 neigh->output = neigh->ops->output;
382 }
383 in6_dev_put(in6_dev);
384 return 0;
385}
386
387static int pndisc_constructor(struct pneigh_entry *n)
388{
389 struct in6_addr *addr = (struct in6_addr*)&n->key;
390 struct in6_addr maddr;
391 struct net_device *dev = n->dev;
392
393 if (dev == NULL || __in6_dev_get(dev) == NULL)
394 return -EINVAL;
395 addrconf_addr_solict_mult(addr, &maddr);
396 ipv6_dev_mc_inc(dev, &maddr);
397 return 0;
398}
399
400static void pndisc_destructor(struct pneigh_entry *n)
401{
402 struct in6_addr *addr = (struct in6_addr*)&n->key;
403 struct in6_addr maddr;
404 struct net_device *dev = n->dev;
405
406 if (dev == NULL || __in6_dev_get(dev) == NULL)
407 return;
408 addrconf_addr_solict_mult(addr, &maddr);
409 ipv6_dev_mc_dec(dev, &maddr);
410}
411
412/*
413 * Send a Neighbour Advertisement
414 */
415
416static inline void ndisc_flow_init(struct flowi *fl, u8 type,
af184765
YH		 417 struct in6_addr *saddr, struct in6_addr *daddr,
418 int oif)
1da177e4
LT		 419{
420 memset(fl, 0, sizeof(*fl));
421 ipv6_addr_copy(&fl->fl6_src, saddr);
422 ipv6_addr_copy(&fl->fl6_dst, daddr);
423 fl->proto = IPPROTO_ICMPV6;
424 fl->fl_icmp_type = type;
425 fl->fl_icmp_code = 0;
af184765 426 fl->oif = oif;
beb8d13b 427 security_sk_classify_flow(ndisc_socket->sk, fl);
1da177e4
LT		 428}
429
e1ec7842
YH		 430static void __ndisc_send(struct net_device *dev,
431 struct neighbour *neigh,
432 struct in6_addr *daddr, struct in6_addr *saddr,
433 struct icmp6hdr *icmp6h, struct in6_addr *target,
14878f75 434 int llinfo)
1da177e4 435{
1da177e4 436 struct flowi fl;
e1ec7842 437 struct dst_entry *dst;
1ab1457c 438 struct sock *sk = ndisc_socket->sk;
1ab1457c 439 struct sk_buff *skb;
e1ec7842
YH		 440 struct icmp6hdr *hdr;
441 struct inet6_dev *idev;
442 int len;
1da177e4 443 int err;
14878f75
DS		 444 u8 *opt, type;
445
446 type = icmp6h->icmp6_type;
1da177e4 447
14878f75 448 ndisc_flow_init(&fl, type, saddr, daddr,
af184765 449 dev->ifindex);
1da177e4
LT		 450
451 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
452 if (!dst)
453 return;
454
455 err = xfrm_lookup(&dst, &fl, NULL, 0);
e104411b 456 if (err < 0)
1da177e4 457 return;
1da177e4 458
e1ec7842
YH		 459 if (!dev->addr_len)
460 llinfo = 0;
461
462 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
463 if (llinfo)
464 len += ndisc_opt_addr_space(dev);
1da177e4 465
d54a81d3
DM		 466 skb = sock_alloc_send_skb(sk,
467 (MAX_HEADER + sizeof(struct ipv6hdr) +
468 len + LL_RESERVED_SPACE(dev)),
1da177e4 469 1, &err);
e1ec7842 470 if (!skb) {
1da177e4 471 ND_PRINTK0(KERN_ERR
e1ec7842 472 "ICMPv6 ND: %s() failed to allocate an skb.\n",
1da177e4
LT		 473 __FUNCTION__);
474 dst_release(dst);
475 return;
476 }
477
478 skb_reserve(skb, LL_RESERVED_SPACE(dev));
e1ec7842 479 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
1da177e4 480
27a884dc 481 skb->transport_header = skb->tail;
d10ba34b 482 skb_put(skb, len);
1da177e4 483
e1ec7842
YH		 484 hdr = (struct icmp6hdr *)skb_transport_header(skb);
485 memcpy(hdr, icmp6h, sizeof(*hdr));
1da177e4 486
e1ec7842
YH		 487 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
488 if (target) {
489 ipv6_addr_copy((struct in6_addr *)opt, target);
490 opt += sizeof(*target);
491 }
1da177e4 492
e1ec7842
YH		 493 if (llinfo)
494 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
1da177e4
LT		 495 dev->addr_len, dev->type);
496
e1ec7842
YH		 497 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
498 IPPROTO_ICMPV6,
499 csum_partial((__u8 *) hdr,
500 len, 0));
1da177e4
LT		 501
502 skb->dst = dst;
e1ec7842 503
1da177e4 504 idev = in6_dev_get(dst->dev);
a11d206d 505 IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS);
e1ec7842 506
1da177e4
LT		 507 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
508 if (!err) {
14878f75 509 ICMP6MSGOUT_INC_STATS(idev, type);
1da177e4
LT		 510 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
511 }
512
513 if (likely(idev != NULL))
514 in6_dev_put(idev);
1ab1457c 515}
1da177e4 516
e1ec7842
YH		 517static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
518 struct in6_addr *daddr, struct in6_addr *solicited_addr,
519 int router, int solicited, int override, int inc_opt)
520{
521 struct in6_addr tmpaddr;
522 struct inet6_ifaddr *ifp;
523 struct in6_addr *src_addr;
524 struct icmp6hdr icmp6h = {
525 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
526 };
527
528 /* for anycast or proxy, solicited_addr != src_addr */
529 ifp = ipv6_get_ifaddr(solicited_addr, dev, 1);
530 if (ifp) {
531 src_addr = solicited_addr;
532 if (ifp->flags & IFA_F_OPTIMISTIC)
533 override = 0;
534 in6_ifa_put(ifp);
535 } else {
536 if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
537 return;
538 src_addr = &tmpaddr;
539 }
540
541 icmp6h.icmp6_router = router;
542 icmp6h.icmp6_solicited = solicited;
543 icmp6h.icmp6_override = override;
544
545 __ndisc_send(dev, neigh, daddr, src_addr,
546 &icmp6h, solicited_addr,
14878f75 547 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
e1ec7842
YH		 548}
549
1da177e4
LT		 550void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
551 struct in6_addr *solicit,
1ab1457c 552 struct in6_addr *daddr, struct in6_addr *saddr)
1da177e4 553{
1da177e4 554 struct in6_addr addr_buf;
e1ec7842
YH		 555 struct icmp6hdr icmp6h = {
556 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
557 };
1da177e4
LT		 558
559 if (saddr == NULL) {
95c385b4
NH		 560 if (ipv6_get_lladdr(dev, &addr_buf,
561 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
1da177e4
LT		 562 return;
563 saddr = &addr_buf;
564 }
565
e1ec7842
YH		 566 __ndisc_send(dev, neigh, daddr, saddr,
567 &icmp6h, solicit,
14878f75 568 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
1da177e4
LT		 569}
570
571void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
572 struct in6_addr *daddr)
573{
e1ec7842
YH		 574 struct icmp6hdr icmp6h = {
575 .icmp6_type = NDISC_ROUTER_SOLICITATION,
576 };
95c385b4 577 int send_sllao = dev->addr_len;
95c385b4
NH		 578
579#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
580 /*
581 * According to section 2.2 of RFC 4429, we must not
582 * send router solicitations with a sllao from
583 * optimistic addresses, but we may send the solicitation
584 * if we don't include the sllao. So here we check
585 * if our address is optimistic, and if so, we
586 * supress the inclusion of the sllao.
587 */
588 if (send_sllao) {
ca043569 589 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(saddr, dev, 1);
95c385b4
NH		 590 if (ifp) {
591 if (ifp->flags & IFA_F_OPTIMISTIC) {
ca043569 592 send_sllao = 0;
95c385b4 593 }
ca043569 594 in6_ifa_put(ifp);
95c385b4
NH		 595 } else {
596 send_sllao = 0;
597 }
598 }
599#endif
e1ec7842
YH		 600 __ndisc_send(dev, NULL, daddr, saddr,
601 &icmp6h, NULL,
14878f75 602 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
1da177e4 603}
1ab1457c 604
1da177e4
LT		 605
606static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
607{
608 /*
609 * "The sender MUST return an ICMP
610 * destination unreachable"
611 */
612 dst_link_failure(skb);
613 kfree_skb(skb);
614}
615
616/* Called with locked neigh: either read or both */
617
618static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
619{
620 struct in6_addr *saddr = NULL;
621 struct in6_addr mcaddr;
622 struct net_device *dev = neigh->dev;
623 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
624 int probes = atomic_read(&neigh->probes);
625
0660e03f
ACM		 626 if (skb && ipv6_chk_addr(&ipv6_hdr(skb)->saddr, dev, 1))
627 saddr = &ipv6_hdr(skb)->saddr;
1da177e4
LT		 628
629 if ((probes -= neigh->parms->ucast_probes) < 0) {
630 if (!(neigh->nud_state & NUD_VALID)) {
631 ND_PRINTK1(KERN_DEBUG
632 "%s(): trying to ucast probe in NUD_INVALID: "
46b86a2d 633 NIP6_FMT "\n",
1da177e4
LT		 634 __FUNCTION__,
635 NIP6(*target));
636 }
637 ndisc_send_ns(dev, neigh, target, target, saddr);
638 } else if ((probes -= neigh->parms->app_probes) < 0) {
639#ifdef CONFIG_ARPD
640 neigh_app_ns(neigh);
641#endif
642 } else {
643 addrconf_addr_solict_mult(target, &mcaddr);
644 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
645 }
646}
647
648static void ndisc_recv_ns(struct sk_buff *skb)
649{
9c70220b 650 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
0660e03f
ACM		 651 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
652 struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
1da177e4 653 u8 *lladdr = NULL;
27a884dc
ACM		 654 u32 ndoptlen = skb->tail - (skb->transport_header +
655 offsetof(struct nd_msg, opt));
1da177e4
LT		 656 struct ndisc_options ndopts;
657 struct net_device *dev = skb->dev;
658 struct inet6_ifaddr *ifp;
659 struct inet6_dev *idev = NULL;
660 struct neighbour *neigh;
62dd9318 661 struct pneigh_entry *pneigh = NULL;
1da177e4
LT		 662 int dad = ipv6_addr_any(saddr);
663 int inc;
62dd9318 664 int is_router;
1da177e4
LT		 665
666 if (ipv6_addr_is_multicast(&msg->target)) {
1ab1457c 667 ND_PRINTK2(KERN_WARNING
1da177e4
LT		 668 "ICMPv6 NS: multicast target address");
669 return;
670 }
671
672 /*
673 * RFC2461 7.1.1:
674 * DAD has to be destined for solicited node multicast address.
675 */
676 if (dad &&
677 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
678 daddr->s6_addr32[1] == htonl(0x00000000) &&
679 daddr->s6_addr32[2] == htonl(0x00000001) &&
680 daddr->s6_addr [12] == 0xff )) {
681 ND_PRINTK2(KERN_WARNING
682 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
683 return;
684 }
685
686 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
1ab1457c 687 ND_PRINTK2(KERN_WARNING
1da177e4
LT		 688 "ICMPv6 NS: invalid ND options\n");
689 return;
690 }
691
692 if (ndopts.nd_opts_src_lladdr) {
693 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
694 if (!lladdr) {
695 ND_PRINTK2(KERN_WARNING
696 "ICMPv6 NS: invalid link-layer address length\n");
697 return;
698 }
699
700 /* RFC2461 7.1.1:
1ab1457c
YH		 701 * If the IP source address is the unspecified address,
702 * there MUST NOT be source link-layer address option
1da177e4
LT		 703 * in the message.
704 */
705 if (dad) {
1ab1457c 706 ND_PRINTK2(KERN_WARNING
1da177e4
LT		 707 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
708 return;
709 }
710 }
711
712 inc = ipv6_addr_is_multicast(daddr);
713
714 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) {
95c385b4
NH		 715
716 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
717 if (dad) {
718 if (dev->type == ARPHRD_IEEE802_TR) {
98e399f8
ACM		 719 const unsigned char *sadr;
720 sadr = skb_mac_header(skb);
95c385b4
NH		 721 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
722 sadr[9] == dev->dev_addr[1] &&
723 sadr[10] == dev->dev_addr[2] &&
724 sadr[11] == dev->dev_addr[3] &&
725 sadr[12] == dev->dev_addr[4] &&
726 sadr[13] == dev->dev_addr[5]) {
727 /* looped-back to us */
728 goto out;
729 }
730 }
731
732 /*
733 * We are colliding with another node
734 * who is doing DAD
735 * so fail our DAD process
736 */
737 addrconf_dad_failure(ifp);
9e3be4b3 738 return;
95c385b4
NH		 739 } else {
740 /*
741 * This is not a dad solicitation.
742 * If we are an optimistic node,
743 * we should respond.
744 * Otherwise, we should ignore it.
745 */
746 if (!(ifp->flags & IFA_F_OPTIMISTIC))
1da177e4 747 goto out;
1da177e4 748 }
1da177e4
LT		 749 }
750
751 idev = ifp->idev;
752 } else {
753 idev = in6_dev_get(dev);
754 if (!idev) {
755 /* XXX: count this drop? */
756 return;
757 }
758
759 if (ipv6_chk_acast_addr(dev, &msg->target) ||
1ab1457c 760 (idev->cnf.forwarding &&
fbea49e1 761 (ipv6_devconf.proxy_ndp || idev->cnf.proxy_ndp) &&
62dd9318
VN		 762 (pneigh = pneigh_lookup(&nd_tbl,
763 &msg->target, dev, 0)) != NULL)) {
a61bbcf2 764 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
1da177e4
LT		 765 skb->pkt_type != PACKET_HOST &&
766 inc != 0 &&
767 idev->nd_parms->proxy_delay != 0) {
768 /*
769 * for anycast or proxy,
1ab1457c
YH		 770 * sender should delay its response
771 * by a random time between 0 and
1da177e4
LT		 772 * MAX_ANYCAST_DELAY_TIME seconds.
773 * (RFC2461) -- yoshfuji
774 */
775 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
776 if (n)
777 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
778 goto out;
779 }
780 } else
781 goto out;
782 }
783
fc26d0ab 784 is_router = !!(pneigh ? pneigh->flags & NTF_ROUTER : idev->cnf.forwarding);
62dd9318 785
1da177e4
LT		 786 if (dad) {
787 struct in6_addr maddr;
788
789 ipv6_addr_all_nodes(&maddr);
790 ndisc_send_na(dev, NULL, &maddr, &msg->target,
62dd9318 791 is_router, 0, (ifp != NULL), 1);
1da177e4
LT		 792 goto out;
793 }
794
795 if (inc)
796 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
797 else
798 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
799
1ab1457c 800 /*
1da177e4
LT		 801 * update / create cache entry
802 * for the source address
803 */
804 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
805 !inc || lladdr || !dev->addr_len);
806 if (neigh)
1ab1457c 807 neigh_update(neigh, lladdr, NUD_STALE,
1da177e4
LT		 808 NEIGH_UPDATE_F_WEAK_OVERRIDE|
809 NEIGH_UPDATE_F_OVERRIDE);
810 if (neigh || !dev->hard_header) {
811 ndisc_send_na(dev, neigh, saddr, &msg->target,
62dd9318 812 is_router,
1da177e4
LT		 813 1, (ifp != NULL && inc), inc);
814 if (neigh)
815 neigh_release(neigh);
816 }
817
818out:
819 if (ifp)
820 in6_ifa_put(ifp);
821 else
822 in6_dev_put(idev);
823
824 return;
825}
826
827static void ndisc_recv_na(struct sk_buff *skb)
828{
9c70220b 829 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
0660e03f
ACM		 830 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
831 struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
1da177e4 832 u8 *lladdr = NULL;
27a884dc
ACM		 833 u32 ndoptlen = skb->tail - (skb->transport_header +
834 offsetof(struct nd_msg, opt));
1da177e4
LT		 835 struct ndisc_options ndopts;
836 struct net_device *dev = skb->dev;
837 struct inet6_ifaddr *ifp;
838 struct neighbour *neigh;
839
840 if (skb->len < sizeof(struct nd_msg)) {
841 ND_PRINTK2(KERN_WARNING
842 "ICMPv6 NA: packet too short\n");
843 return;
844 }
845
846 if (ipv6_addr_is_multicast(&msg->target)) {
847 ND_PRINTK2(KERN_WARNING
848 "ICMPv6 NA: target address is multicast.\n");
849 return;
850 }
851
852 if (ipv6_addr_is_multicast(daddr) &&
853 msg->icmph.icmp6_solicited) {
854 ND_PRINTK2(KERN_WARNING
855 "ICMPv6 NA: solicited NA is multicasted.\n");
856 return;
857 }
1ab1457c 858
1da177e4
LT		 859 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
860 ND_PRINTK2(KERN_WARNING
861 "ICMPv6 NS: invalid ND option\n");
862 return;
863 }
864 if (ndopts.nd_opts_tgt_lladdr) {
865 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
866 if (!lladdr) {
867 ND_PRINTK2(KERN_WARNING
868 "ICMPv6 NA: invalid link-layer address length\n");
869 return;
870 }
871 }
872 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1))) {
873 if (ifp->flags & IFA_F_TENTATIVE) {
874 addrconf_dad_failure(ifp);
875 return;
876 }
877 /* What should we make now? The advertisement
878 is invalid, but ndisc specs say nothing
879 about it. It could be misconfiguration, or
880 an smart proxy agent tries to help us :-)
881 */
882 ND_PRINTK1(KERN_WARNING
883 "ICMPv6 NA: someone advertises our address on %s!\n",
884 ifp->idev->dev->name);
885 in6_ifa_put(ifp);
886 return;
887 }
888 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
889
890 if (neigh) {
891 u8 old_flags = neigh->flags;
892
893 if (neigh->nud_state & NUD_FAILED)
894 goto out;
895
5f3e6e9e
VN		 896 /*
897 * Don't update the neighbor cache entry on a proxy NA from
898 * ourselves because either the proxied node is off link or it
899 * has already sent a NA to us.
900 */
901 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
fbea49e1
YH		 902 ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp &&
903 pneigh_lookup(&nd_tbl, &msg->target, dev, 0)) {
904 /* XXX: idev->cnf.prixy_ndp */
5f3e6e9e 905 goto out;
fbea49e1 906 }
5f3e6e9e 907
1da177e4
LT		 908 neigh_update(neigh, lladdr,
909 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
910 NEIGH_UPDATE_F_WEAK_OVERRIDE|
911 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
912 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
913 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
914
915 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
916 /*
917 * Change: router to host
918 */
919 struct rt6_info *rt;
920 rt = rt6_get_dflt_router(saddr, dev);
921 if (rt)
e0a1ad73 922 ip6_del_rt(rt);
1da177e4
LT		 923 }
924
925out:
926 neigh_release(neigh);
927 }
928}
929
930static void ndisc_recv_rs(struct sk_buff *skb)
931{
9c70220b 932 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1da177e4
LT		 933 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
934 struct neighbour *neigh;
935 struct inet6_dev *idev;
0660e03f 936 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1da177e4
LT		 937 struct ndisc_options ndopts;
938 u8 *lladdr = NULL;
939
940 if (skb->len < sizeof(*rs_msg))
941 return;
942
943 idev = in6_dev_get(skb->dev);
944 if (!idev) {
945 if (net_ratelimit())
946 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
947 return;
948 }
949
950 /* Don't accept RS if we're not in router mode */
951 if (!idev->cnf.forwarding)
952 goto out;
953
954 /*
955 * Don't update NCE if src = ::;
956 * this implies that the source node has no ip address assigned yet.
957 */
958 if (ipv6_addr_any(saddr))
959 goto out;
960
961 /* Parse ND options */
962 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
963 if (net_ratelimit())
964 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
965 goto out;
966 }
967
968 if (ndopts.nd_opts_src_lladdr) {
969 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
970 skb->dev);
971 if (!lladdr)
972 goto out;
973 }
974
975 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
976 if (neigh) {
977 neigh_update(neigh, lladdr, NUD_STALE,
978 NEIGH_UPDATE_F_WEAK_OVERRIDE|
979 NEIGH_UPDATE_F_OVERRIDE|
980 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
981 neigh_release(neigh);
982 }
983out:
984 in6_dev_put(idev);
985}
986
987static void ndisc_router_discovery(struct sk_buff *skb)
988{
9c70220b 989 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1da177e4
LT		 990 struct neighbour *neigh = NULL;
991 struct inet6_dev *in6_dev;
65f5c7c1 992 struct rt6_info *rt = NULL;
1da177e4
LT		 993 int lifetime;
994 struct ndisc_options ndopts;
995 int optlen;
ebacaaa0 996 unsigned int pref = 0;
1da177e4
LT		 997
998 __u8 * opt = (__u8 *)(ra_msg + 1);
999
27a884dc 1000 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1da177e4 1001
0660e03f 1002 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1da177e4
LT		 1003 ND_PRINTK2(KERN_WARNING
1004 "ICMPv6 RA: source address is not link-local.\n");
1005 return;
1006 }
1007 if (optlen < 0) {
1ab1457c 1008 ND_PRINTK2(KERN_WARNING
1da177e4
LT		 1009 "ICMPv6 RA: packet too short\n");
1010 return;
1011 }
1012
1013 /*
1014 * set the RA_RECV flag in the interface
1015 */
1016
1017 in6_dev = in6_dev_get(skb->dev);
1018 if (in6_dev == NULL) {
1019 ND_PRINTK0(KERN_ERR
1020 "ICMPv6 RA: can't find inet6 device for %s.\n",
1021 skb->dev->name);
1022 return;
1023 }
1024 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1025 in6_dev_put(in6_dev);
1026 return;
1027 }
1028
1029 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1030 in6_dev_put(in6_dev);
1031 ND_PRINTK2(KERN_WARNING
1032 "ICMP6 RA: invalid ND options\n");
1033 return;
1034 }
1035
1036 if (in6_dev->if_flags & IF_RS_SENT) {
1037 /*
1038 * flag that an RA was received after an RS was sent
1039 * out on this interface.
1040 */
1041 in6_dev->if_flags |= IF_RA_RCVD;
1042 }
1043
1044 /*
1045 * Remember the managed/otherconf flags from most recently
1046 * received RA message (RFC 2462) -- yoshfuji
1047 */
1048 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1049 IF_RA_OTHERCONF)) |
1050 (ra_msg->icmph.icmp6_addrconf_managed ?
1051 IF_RA_MANAGED : 0) |
1052 (ra_msg->icmph.icmp6_addrconf_other ?
1053 IF_RA_OTHERCONF : 0);
1054
65f5c7c1
YH		 1055 if (!in6_dev->cnf.accept_ra_defrtr)
1056 goto skip_defrtr;
1057
1da177e4
LT		 1058 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1059
ebacaaa0
YH		 1060#ifdef CONFIG_IPV6_ROUTER_PREF
1061 pref = ra_msg->icmph.icmp6_router_pref;
1062 /* 10b is handled as if it were 00b (medium) */
930d6ff2 1063 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
6d5b78cd 1064 !in6_dev->cnf.accept_ra_rtr_pref)
ebacaaa0
YH		 1065 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1066#endif
1067
0660e03f 1068 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1da177e4
LT		 1069
1070 if (rt)
1071 neigh = rt->rt6i_nexthop;
1072
1073 if (rt && lifetime == 0) {
1074 neigh_clone(neigh);
e0a1ad73 1075 ip6_del_rt(rt);
1da177e4
LT		 1076 rt = NULL;
1077 }
1078
1079 if (rt == NULL && lifetime) {
1080 ND_PRINTK3(KERN_DEBUG
1081 "ICMPv6 RA: adding default router.\n");
1082
0660e03f 1083 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1da177e4
LT		 1084 if (rt == NULL) {
1085 ND_PRINTK0(KERN_ERR
1086 "ICMPv6 RA: %s() failed to add default route.\n",
1087 __FUNCTION__);
1088 in6_dev_put(in6_dev);
1089 return;
1090 }
1091
1092 neigh = rt->rt6i_nexthop;
1093 if (neigh == NULL) {
1094 ND_PRINTK0(KERN_ERR
1095 "ICMPv6 RA: %s() got default router without neighbour.\n",
1096 __FUNCTION__);
1097 dst_release(&rt->u.dst);
1098 in6_dev_put(in6_dev);
1099 return;
1100 }
1101 neigh->flags |= NTF_ROUTER;
ebacaaa0
YH		 1102 } else if (rt) {
1103 rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1da177e4
LT		 1104 }
1105
1106 if (rt)
1107 rt->rt6i_expires = jiffies + (HZ * lifetime);
1108
1109 if (ra_msg->icmph.icmp6_hop_limit) {
1110 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1111 if (rt)
1112 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1113 }
1114
65f5c7c1
YH		 1115skip_defrtr:
1116
1da177e4
LT		 1117 /*
1118 * Update Reachable Time and Retrans Timer
1119 */
1120
1121 if (in6_dev->nd_parms) {
1122 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1123
1124 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1125 rtime = (rtime*HZ)/1000;
1126 if (rtime < HZ/10)
1127 rtime = HZ/10;
1128 in6_dev->nd_parms->retrans_time = rtime;
1129 in6_dev->tstamp = jiffies;
1130 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1131 }
1132
1133 rtime = ntohl(ra_msg->reachable_time);
1134 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1135 rtime = (rtime*HZ)/1000;
1136
1137 if (rtime < HZ/10)
1138 rtime = HZ/10;
1139
1140 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1141 in6_dev->nd_parms->base_reachable_time = rtime;
1142 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1143 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1144 in6_dev->tstamp = jiffies;
1145 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1146 }
1147 }
1148 }
1149
1150 /*
1151 * Process options.
1152 */
1153
1154 if (!neigh)
0660e03f 1155 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1da177e4
LT		 1156 skb->dev, 1);
1157 if (neigh) {
1158 u8 *lladdr = NULL;
1159 if (ndopts.nd_opts_src_lladdr) {
1160 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1161 skb->dev);
1162 if (!lladdr) {
1163 ND_PRINTK2(KERN_WARNING
1164 "ICMPv6 RA: invalid link-layer address length\n");
1165 goto out;
1166 }
1167 }
1168 neigh_update(neigh, lladdr, NUD_STALE,
1169 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1170 NEIGH_UPDATE_F_OVERRIDE|
1171 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1172 NEIGH_UPDATE_F_ISROUTER);
1173 }
1174
70ceb4f5 1175#ifdef CONFIG_IPV6_ROUTE_INFO
09c884d4 1176 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
70ceb4f5
YH		 1177 struct nd_opt_hdr *p;
1178 for (p = ndopts.nd_opts_ri;
1179 p;
1180 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
09c884d4
YH		 1181 if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1182 continue;
70ceb4f5 1183 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
0660e03f 1184 &ipv6_hdr(skb)->saddr);
70ceb4f5
YH		 1185 }
1186 }
1187#endif
1188
c4fd30eb 1189 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1da177e4
LT		 1190 struct nd_opt_hdr *p;
1191 for (p = ndopts.nd_opts_pi;
1192 p;
1193 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1194 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1195 }
1196 }
1197
1198 if (ndopts.nd_opts_mtu) {
e69a4adc 1199 __be32 n;
1da177e4
LT		 1200 u32 mtu;
1201
e69a4adc
AV		 1202 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1203 mtu = ntohl(n);
1da177e4
LT		 1204
1205 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1206 ND_PRINTK2(KERN_WARNING
1207 "ICMPv6 RA: invalid mtu: %d\n",
1208 mtu);
1209 } else if (in6_dev->cnf.mtu6 != mtu) {
1210 in6_dev->cnf.mtu6 = mtu;
1211
1212 if (rt)
1213 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1214
1215 rt6_mtu_change(skb->dev, mtu);
1216 }
1217 }
1ab1457c 1218
1da177e4
LT		 1219 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1220 ND_PRINTK2(KERN_WARNING
1221 "ICMPv6 RA: invalid RA options");
1222 }
1223out:
1224 if (rt)
1225 dst_release(&rt->u.dst);
1226 else if (neigh)
1227 neigh_release(neigh);
1228 in6_dev_put(in6_dev);
1229}
1230
1231static void ndisc_redirect_rcv(struct sk_buff *skb)
1232{
1233 struct inet6_dev *in6_dev;
1234 struct icmp6hdr *icmph;
1235 struct in6_addr *dest;
1236 struct in6_addr *target; /* new first hop to destination */
1237 struct neighbour *neigh;
1238 int on_link = 0;
1239 struct ndisc_options ndopts;
1240 int optlen;
1241 u8 *lladdr = NULL;
1242
0660e03f 1243 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1da177e4
LT		 1244 ND_PRINTK2(KERN_WARNING
1245 "ICMPv6 Redirect: source address is not link-local.\n");
1246 return;
1247 }
1248
27a884dc 1249 optlen = skb->tail - skb->transport_header;
1da177e4
LT		 1250 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1251
1252 if (optlen < 0) {
1253 ND_PRINTK2(KERN_WARNING
1254 "ICMPv6 Redirect: packet too short\n");
1255 return;
1256 }
1257
cc70ab26 1258 icmph = icmp6_hdr(skb);
1da177e4
LT		 1259 target = (struct in6_addr *) (icmph + 1);
1260 dest = target + 1;
1261
1262 if (ipv6_addr_is_multicast(dest)) {
1263 ND_PRINTK2(KERN_WARNING
1264 "ICMPv6 Redirect: destination address is multicast.\n");
1265 return;
1266 }
1267
1268 if (ipv6_addr_equal(dest, target)) {
1269 on_link = 1;
bf0b48df
BH		 1270 } else if (ipv6_addr_type(target) !=
1271 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1ab1457c 1272 ND_PRINTK2(KERN_WARNING
bf0b48df 1273 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1da177e4
LT		 1274 return;
1275 }
1276
1277 in6_dev = in6_dev_get(skb->dev);
1278 if (!in6_dev)
1279 return;
1280 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1281 in6_dev_put(in6_dev);
1282 return;
1283 }
1284
1ab1457c 1285 /* RFC2461 8.1:
1da177e4
LT		 1286 * The IP source address of the Redirect MUST be the same as the current
1287 * first-hop router for the specified ICMP Destination Address.
1288 */
1ab1457c 1289
1da177e4
LT		 1290 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1291 ND_PRINTK2(KERN_WARNING
1292 "ICMPv6 Redirect: invalid ND options\n");
1293 in6_dev_put(in6_dev);
1294 return;
1295 }
1296 if (ndopts.nd_opts_tgt_lladdr) {
1297 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1298 skb->dev);
1299 if (!lladdr) {
1300 ND_PRINTK2(KERN_WARNING
1301 "ICMPv6 Redirect: invalid link-layer address length\n");
1302 in6_dev_put(in6_dev);
1303 return;
1304 }
1305 }
1306
1307 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1308 if (neigh) {
0660e03f
ACM		 1309 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1310 &ipv6_hdr(skb)->saddr, neigh, lladdr,
1da177e4
LT		 1311 on_link);
1312 neigh_release(neigh);
1313 }
1314 in6_dev_put(in6_dev);
1315}
1316
1317void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1318 struct in6_addr *target)
1319{
1320 struct sock *sk = ndisc_socket->sk;
1321 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1322 struct sk_buff *buff;
1323 struct icmp6hdr *icmph;
1324 struct in6_addr saddr_buf;
1325 struct in6_addr *addrp;
1326 struct net_device *dev;
1327 struct rt6_info *rt;
1328 struct dst_entry *dst;
1329 struct inet6_dev *idev;
1330 struct flowi fl;
1331 u8 *opt;
1332 int rd_len;
1333 int err;
1334 int hlen;
1335 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1336
1337 dev = skb->dev;
1338
95c385b4 1339 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1da177e4
LT		 1340 ND_PRINTK2(KERN_WARNING
1341 "ICMPv6 Redirect: no link-local address on %s\n",
1342 dev->name);
1ab1457c
YH		 1343 return;
1344 }
1da177e4 1345
0660e03f 1346 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
bf0b48df 1347 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
29556526 1348 ND_PRINTK2(KERN_WARNING
bf0b48df 1349 "ICMPv6 Redirect: target address is not link-local unicast.\n");
29556526
LY		 1350 return;
1351 }
1352
0660e03f 1353 ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &ipv6_hdr(skb)->saddr,
af184765 1354 dev->ifindex);
1da177e4
LT		 1355
1356 dst = ip6_route_output(NULL, &fl);
1357 if (dst == NULL)
1358 return;
1359
1360 err = xfrm_lookup(&dst, &fl, NULL, 0);
e104411b 1361 if (err)
1da177e4 1362 return;
1da177e4
LT		 1363
1364 rt = (struct rt6_info *) dst;
1365
1366 if (rt->rt6i_flags & RTF_GATEWAY) {
1367 ND_PRINTK2(KERN_WARNING
1368 "ICMPv6 Redirect: destination is not a neighbour.\n");
1369 dst_release(dst);
1370 return;
1371 }
1372 if (!xrlim_allow(dst, 1*HZ)) {
1373 dst_release(dst);
1374 return;
1375 }
1376
1377 if (dev->addr_len) {
1378 read_lock_bh(&neigh->lock);
1379 if (neigh->nud_state & NUD_VALID) {
1380 memcpy(ha_buf, neigh->ha, dev->addr_len);
1381 read_unlock_bh(&neigh->lock);
1382 ha = ha_buf;
1383 len += ndisc_opt_addr_space(dev);
1384 } else
1385 read_unlock_bh(&neigh->lock);
1386 }
1387
1388 rd_len = min_t(unsigned int,
1389 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1390 rd_len &= ~0x7;
1391 len += rd_len;
1392
d54a81d3
DM		 1393 buff = sock_alloc_send_skb(sk,
1394 (MAX_HEADER + sizeof(struct ipv6hdr) +
1395 len + LL_RESERVED_SPACE(dev)),
1da177e4
LT		 1396 1, &err);
1397 if (buff == NULL) {
1398 ND_PRINTK0(KERN_ERR
1399 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1400 __FUNCTION__);
1401 dst_release(dst);
1402 return;
1403 }
1404
1405 hlen = 0;
1406
1407 skb_reserve(buff, LL_RESERVED_SPACE(dev));
0660e03f 1408 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1da177e4
LT		 1409 IPPROTO_ICMPV6, len);
1410
27a884dc 1411 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
d10ba34b
ACM		 1412 skb_put(buff, len);
1413 icmph = icmp6_hdr(buff);
1da177e4
LT		 1414
1415 memset(icmph, 0, sizeof(struct icmp6hdr));
1416 icmph->icmp6_type = NDISC_REDIRECT;
1417
1418 /*
1419 * copy target and destination addresses
1420 */
1421
1422 addrp = (struct in6_addr *)(icmph + 1);
1423 ipv6_addr_copy(addrp, target);
1424 addrp++;
0660e03f 1425 ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1da177e4
LT		 1426
1427 opt = (u8*) (addrp + 1);
1428
1429 /*
1430 * include target_address option
1431 */
1432
1433 if (ha)
1434 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1435 dev->addr_len, dev->type);
1436
1437 /*
1438 * build redirect option and copy skb over to the new packet.
1439 */
1440
1ab1457c 1441 memset(opt, 0, 8);
1da177e4
LT		 1442 *(opt++) = ND_OPT_REDIRECT_HDR;
1443 *(opt++) = (rd_len >> 3);
1444 opt += 6;
1445
0660e03f 1446 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1da177e4 1447
0660e03f 1448 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1da177e4
LT		 1449 len, IPPROTO_ICMPV6,
1450 csum_partial((u8 *) icmph, len, 0));
1451
1452 buff->dst = dst;
1453 idev = in6_dev_get(dst->dev);
a11d206d 1454 IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS);
1da177e4
LT		 1455 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, buff, NULL, dst->dev, dst_output);
1456 if (!err) {
14878f75 1457 ICMP6MSGOUT_INC_STATS(idev, NDISC_REDIRECT);
1da177e4
LT		 1458 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1459 }
1460
1461 if (likely(idev != NULL))
1462 in6_dev_put(idev);
1463}
1464
1465static void pndisc_redo(struct sk_buff *skb)
1466{
140e26fc 1467 ndisc_recv_ns(skb);
1da177e4
LT		 1468 kfree_skb(skb);
1469}
1470
1471int ndisc_rcv(struct sk_buff *skb)
1472{
1473 struct nd_msg *msg;
1474
1475 if (!pskb_may_pull(skb, skb->len))
1476 return 0;
1477
9c70220b 1478 msg = (struct nd_msg *)skb_transport_header(skb);
1da177e4 1479
9c70220b 1480 __skb_push(skb, skb->data - skb_transport_header(skb));
1da177e4 1481
0660e03f 1482 if (ipv6_hdr(skb)->hop_limit != 255) {
1da177e4
LT		 1483 ND_PRINTK2(KERN_WARNING
1484 "ICMPv6 NDISC: invalid hop-limit: %d\n",
0660e03f 1485 ipv6_hdr(skb)->hop_limit);
1da177e4
LT		 1486 return 0;
1487 }
1488
1489 if (msg->icmph.icmp6_code != 0) {
1ab1457c 1490 ND_PRINTK2(KERN_WARNING
1da177e4
LT		 1491 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1492 msg->icmph.icmp6_code);
1493 return 0;
1494 }
1495
a61bbcf2
PM		 1496 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1497
1da177e4
LT		 1498 switch (msg->icmph.icmp6_type) {
1499 case NDISC_NEIGHBOUR_SOLICITATION:
1500 ndisc_recv_ns(skb);
1501 break;
1502
1503 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1504 ndisc_recv_na(skb);
1505 break;
1506
1507 case NDISC_ROUTER_SOLICITATION:
1508 ndisc_recv_rs(skb);
1509 break;
1510
1511 case NDISC_ROUTER_ADVERTISEMENT:
1512 ndisc_router_discovery(skb);
1513 break;
1514
1515 case NDISC_REDIRECT:
1516 ndisc_redirect_rcv(skb);
1517 break;
3ff50b79 1518 }
1da177e4
LT		 1519
1520 return 0;
1521}
1522
1523static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1524{
1525 struct net_device *dev = ptr;
1526
e9dc8653
EB		 1527 if (dev->nd_net != &init_net)
1528 return NOTIFY_DONE;
1529
1da177e4
LT		 1530 switch (event) {
1531 case NETDEV_CHANGEADDR:
1532 neigh_changeaddr(&nd_tbl, dev);
1533 fib6_run_gc(~0UL);
1534 break;
1535 case NETDEV_DOWN:
1536 neigh_ifdown(&nd_tbl, dev);
1537 fib6_run_gc(~0UL);
1538 break;
1539 default:
1540 break;
1541 }
1542
1543 return NOTIFY_DONE;
1544}
1545
1546static struct notifier_block ndisc_netdev_notifier = {
1547 .notifier_call = ndisc_netdev_event,
1548};
1549
1550#ifdef CONFIG_SYSCTL
1551static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1552 const char *func, const char *dev_name)
1553{
1554 static char warncomm[TASK_COMM_LEN];
1555 static int warned;
1556 if (strcmp(warncomm, current->comm) && warned < 5) {
1557 strcpy(warncomm, current->comm);
1558 printk(KERN_WARNING
1559 "process `%s' is using deprecated sysctl (%s) "
1560 "net.ipv6.neigh.%s.%s; "
1561 "Use net.ipv6.neigh.%s.%s_ms "
1562 "instead.\n",
1563 warncomm, func,
1564 dev_name, ctl->procname,
1565 dev_name, ctl->procname);
1566 warned++;
1567 }
1568}
1569
1570int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1571{
1572 struct net_device *dev = ctl->extra1;
1573 struct inet6_dev *idev;
1574 int ret;
1575
1576 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1577 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1578 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1579
1580 switch (ctl->ctl_name) {
1581 case NET_NEIGH_RETRANS_TIME:
1582 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1583 break;
1584 case NET_NEIGH_REACHABLE_TIME:
1585 ret = proc_dointvec_jiffies(ctl, write,
1586 filp, buffer, lenp, ppos);
1587 break;
1588 case NET_NEIGH_RETRANS_TIME_MS:
1589 case NET_NEIGH_REACHABLE_TIME_MS:
1590 ret = proc_dointvec_ms_jiffies(ctl, write,
1591 filp, buffer, lenp, ppos);
1592 break;
1593 default:
1594 ret = -1;
1595 }
1596
1597 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1598 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1599 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1600 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1601 idev->tstamp = jiffies;
1602 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1603 in6_dev_put(idev);
1604 }
1605 return ret;
1606}
1607
1608static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1609 int nlen, void __user *oldval,
1610 size_t __user *oldlenp,
1f29bcd7 1611 void __user *newval, size_t newlen)
1da177e4
LT		 1612{
1613 struct net_device *dev = ctl->extra1;
1614 struct inet6_dev *idev;
1615 int ret;
1616
1617 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1618 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1619 ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1620
1621 switch (ctl->ctl_name) {
1622 case NET_NEIGH_REACHABLE_TIME:
1623 ret = sysctl_jiffies(ctl, name, nlen,
1f29bcd7 1624 oldval, oldlenp, newval, newlen);
1da177e4
LT		 1625 break;
1626 case NET_NEIGH_RETRANS_TIME_MS:
1627 case NET_NEIGH_REACHABLE_TIME_MS:
1628 ret = sysctl_ms_jiffies(ctl, name, nlen,
1f29bcd7 1629 oldval, oldlenp, newval, newlen);
1da177e4
LT		 1630 break;
1631 default:
1632 ret = 0;
1633 }
1634
1635 if (newval && newlen && ret > 0 &&
1636 dev && (idev = in6_dev_get(dev)) != NULL) {
1637 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1638 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1639 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1640 idev->tstamp = jiffies;
1641 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1642 in6_dev_put(idev);
1643 }
1644
1645 return ret;
1646}
1647
1648#endif
1649
1650int __init ndisc_init(struct net_proto_family *ops)
1651{
1652 struct ipv6_pinfo *np;
1653 struct sock *sk;
1ab1457c 1654 int err;
1da177e4
LT		 1655
1656 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket);
1657 if (err < 0) {
1658 ND_PRINTK0(KERN_ERR
1ab1457c 1659 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1da177e4
LT		 1660 err);
1661 ndisc_socket = NULL; /* For safety. */
1662 return err;
1663 }
1664
1665 sk = ndisc_socket->sk;
1666 np = inet6_sk(sk);
1667 sk->sk_allocation = GFP_ATOMIC;
1668 np->hop_limit = 255;
1669 /* Do not loopback ndisc messages */
1670 np->mc_loop = 0;
1671 sk->sk_prot->unhash(sk);
1672
1ab1457c
YH		 1673 /*
1674 * Initialize the neighbour table
1675 */
1676
1da177e4
LT		 1677 neigh_table_init(&nd_tbl);
1678
1679#ifdef CONFIG_SYSCTL
1ab1457c 1680 neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH,
1da177e4
LT		 1681 "ipv6",
1682 &ndisc_ifinfo_sysctl_change,
1683 &ndisc_ifinfo_sysctl_strategy);
1684#endif
1685
1686 register_netdevice_notifier(&ndisc_netdev_notifier);
1687 return 0;
1688}
1689
1690void ndisc_cleanup(void)
1691{
36f73d0c 1692 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1da177e4
LT		 1693#ifdef CONFIG_SYSCTL
1694 neigh_sysctl_unregister(&nd_tbl.parms);
1695#endif
1696 neigh_table_clear(&nd_tbl);
1697 sock_release(ndisc_socket);
1698 ndisc_socket = NULL; /* For safety. */
1699}
Linux 6.x block layer and io_uring tree(s)